diff --git a/msys2/clang32/etc/config.site b/msys2/clang32/etc/config.site
new file mode 100644
index 000000000..bb39cb81f
--- /dev/null
+++ b/msys2/clang32/etc/config.site
@@ -0,0 +1,21 @@
+# This file is in public domain.
+# Original author: Karlson2k (Evgeny Grin)
+# Written for MSys2/MinGW64 to help running 'configure' scripts
+
+# Defaults for MinGW64-targeted programs
+
+# Set proper selfname on bash and fallback to default name on other shells
+test -n "${BASH_SOURCE}" 2>/dev/null && config_site_me="${BASH_SOURCE[0]##*/}" || config_site_me=config.site
+
+# Set default 'host' to speedup configure
+if test -z "$build_alias"; then
+  build_alias="${MSYSTEM_CHOST-i686-w64-mingw32}"  && \
+    ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default build_alias set to $build_alias" >&5
+fi
+
+# Set default 'prefix' to "/clang32"
+if ( test -z "$prefix" || test "x$prefix" = "xNONE" ) && \
+   ( test -z "$exec_prefix" || test "x$exec_prefix" = "xNONE" ); then
+  prefix="${MSYSTEM_PREFIX-/clang32}" && \
+    ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default prefix set to $prefix" >&5
+fi
diff --git a/msys2/clang64/etc/config.site b/msys2/clang64/etc/config.site
new file mode 100644
index 000000000..8aa08088c
--- /dev/null
+++ b/msys2/clang64/etc/config.site
@@ -0,0 +1,21 @@
+# This file is in public domain.
+# Original author: Karlson2k (Evgeny Grin)
+# Written for MSys2/MinGW64 to help running 'configure' scripts
+
+# Defaults for MinGW64-targeted programs
+
+# Set proper selfname on bash and fallback to default name on other shells
+test -n "${BASH_SOURCE}" 2>/dev/null && config_site_me="${BASH_SOURCE[0]##*/}" || config_site_me=config.site
+
+# Set default 'host' to speedup configure
+if test -z "$build_alias"; then
+  build_alias="${MSYSTEM_CHOST-x86_64-w64-mingw32}" && \
+    ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default build_alias set to $build_alias" >&5
+fi
+
+# Set default 'prefix' to "/clang64"
+if ( test -z "$prefix" || test "x$prefix" = "xNONE" ) && \
+   ( test -z "$exec_prefix" || test "x$exec_prefix" = "xNONE" ); then
+  prefix="${MSYSTEM_PREFIX-/clang64}" && \
+    ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default prefix set to $prefix" >&5
+fi
diff --git a/msys2/etc/DIR_COLORS b/msys2/etc/DIR_COLORS
index 3c00faf5d..3aa445bfa 100644
--- a/msys2/etc/DIR_COLORS
+++ b/msys2/etc/DIR_COLORS
@@ -1,7 +1,7 @@
 # Configuration file for dircolors, a utility to help you set the
 # LS_COLORS environment variable used by GNU ls with the --color option.
 
-# Copyright (C) 1996-2016 Free Software Foundation, Inc.
+# Copyright (C) 1996-2019 Free Software Foundation, Inc.
 # Copying and distribution of this file, with or without modification,
 # are permitted provided the copyright notice and this notice are preserved.
 
@@ -35,8 +35,10 @@ TERM tmux*
 TERM vt100
 TERM xterm*
 
-# Below are the color init strings for the basic file types. A color init
-# string consists of one or more of the following numeric codes:
+# Below are the color init strings for the basic file types.
+# One can use codes for 256 or more colors supported by modern terminals.
+# The default color codes use the capabilities of an 8 color terminal
+# with some additional attributes as per the following codes:
 # Attribute codes:
 # 00=none 01=bold 04=underscore 05=blink 07=reverse 08=concealed
 # Text color codes:
@@ -98,7 +100,6 @@ EXEC 01;32
 .t7z 01;31
 .zip 01;31
 .z   01;31
-.Z   01;31
 .dz  01;31
 .gz  01;31
 .lrz 01;31
@@ -126,6 +127,10 @@ EXEC 01;32
 .7z  01;31
 .rz  01;31
 .cab 01;31
+.wim 01;31
+.swm 01;31
+.dwm 01;31
+.esd 01;31
 
 # image formats
 .jpg 01;35
@@ -176,7 +181,7 @@ EXEC 01;32
 .cgm 01;35
 .emf 01;35
 
-# http://wiki.xiph.org/index.php/MIME_Types_and_File_Extensions
+# https://wiki.xiph.org/MIME_Types_and_File_Extensions
 .ogv 01;35
 .ogx 01;35
 
@@ -194,7 +199,7 @@ EXEC 01;32
 .ra 00;36
 .wav 00;36
 
-# http://wiki.xiph.org/index.php/MIME_Types_and_File_Extensions
+# https://wiki.xiph.org/MIME_Types_and_File_Extensions
 .oga 00;36
 .opus 00;36
 .spx 00;36
diff --git a/msys2/etc/bash.bashrc b/msys2/etc/bash.bashrc
index 44f26001b..f20f28288 100644
--- a/msys2/etc/bash.bashrc
+++ b/msys2/etc/bash.bashrc
@@ -15,6 +15,11 @@
 # If not running interactively, don't do anything
 [[ "$-" != *i* ]] && return
 
+# If started from sshd, make sure profile is sourced
+if [[ -n "$SSH_CONNECTION" ]] && [[ "$PATH" != *:/usr/bin* ]]; then
+    source /etc/profile
+fi
+
 # Warnings
 unset _warning_found
 for _warning_prefix in '' ${MINGW_PREFIX}; do
diff --git a/msys2/etc/config.site b/msys2/etc/config.site
index 13200b32f..fcc3b4f72 100644
--- a/msys2/etc/config.site
+++ b/msys2/etc/config.site
@@ -11,6 +11,14 @@ elif test "x$MSYSTEM" = "xMINGW32"; then
   if test -r "${MINGW_PREFIX-/mingw32}/etc/config.site"; then
     . "${MINGW_PREFIX-/mingw32}/etc/config.site"
   fi
+elif test "x$MSYSTEM" = "xCLANG64"; then
+  if test -r "${MINGW_PREFIX-/clang64}/etc/config.site"; then
+    . "${MINGW_PREFIX-/clang64}/etc/config.site"
+  fi
+elif test "x$MSYSTEM" = "xCLANG32"; then
+  if test -r "${MINGW_PREFIX-/clang32}/etc/config.site"; then
+    . "${MINGW_PREFIX-/clang32}/etc/config.site"
+  fi
 else
   # Defaults for MSys2-targeted programs
 
@@ -20,14 +28,14 @@ else
   # Set default 'host' to speedup configure
   if test -z "$build_alias"; then
     build_alias="${MSYSTEM_CARCH-x86_64}-pc-msys"  && \
-      $as_echo "$config_site_me:${as_lineno-$LINENO}: default build_alias set to $build_alias" >&5 
+      ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default build_alias set to $build_alias" >&5
   fi
 
   # Set default 'prefix' to "/usr"
   if ( test -z "$prefix" || test "x$prefix" = "xNONE" ) && \
      ( test -z "$exec_prefix" || test "x$exec_prefix" = "xNONE" ); then
     prefix="${MSYSTEM_PREFIX-/usr}" && \
-      $as_echo "$config_site_me:${as_lineno-$LINENO}: default prefix set to $prefix" >&5
+      ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default prefix set to $prefix" >&5
   fi
 
 fi
diff --git a/msys2/etc/localtime b/msys2/etc/localtime
index b4f2a2af6..7ddd510ec 100644
Binary files a/msys2/etc/localtime and b/msys2/etc/localtime differ
diff --git a/msys2/etc/makepkg_clang32.conf b/msys2/etc/makepkg_clang32.conf
new file mode 100644
index 000000000..a7683b0f2
--- /dev/null
+++ b/msys2/etc/makepkg_clang32.conf
@@ -0,0 +1,171 @@
+#
+# /etc/makepkg.conf
+#
+
+#########################################################################
+# SOURCE ACQUISITION
+#########################################################################
+#
+#-- The download utilities that makepkg should use to acquire sources
+#  Format: 'protocol::agent'
+DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u'
+          'http::/usr/bin/curl -qb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'https::/usr/bin/curl -qb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'rsync::/usr/bin/rsync --no-motd -z %u %o'
+          'scp::/usr/bin/scp -C %u %o')
+
+# Other common tools:
+# /usr/bin/snarf
+# /usr/bin/lftpget -c
+# /usr/bin/wget
+
+#-- The package required by makepkg to download VCS sources
+#  Format: 'protocol::package'
+VCSCLIENTS=('bzr::bzr'
+            'git::git'
+            'hg::mercurial'
+            'svn::subversion')
+
+#-- Using git am to apply patches has benefits, but also downsides
+#   one being that people without their .gitconfig set get prompts
+#   and the other being that the sha1s vary each time, so fix them
+GIT_COMMITTER_NAME="makepkg"
+GIT_COMMITTER_EMAIL="makepkg@msys2.org"
+function gitam_mkpkg() {
+  git am --committer-date-is-author-date "$@"
+}
+
+#########################################################################
+# ARCHITECTURE, COMPILE FLAGS
+#########################################################################
+#
+CARCH="i686"
+CHOST="i686-w64-mingw32"
+
+#########################################################################
+# Mingw toolchains stuff
+#########################################################################
+#
+MINGW_CHOST="i686-w64-mingw32"
+MINGW_PREFIX="/clang32"
+MINGW_PACKAGE_PREFIX="clang-mingw-w64-i686"
+
+# DirectX compatibility environment variable
+DXSDK_DIR=${MINGW_PREFIX}/${MINGW_CHOST}
+
+#-- Compiler and Linker Flags
+# -march (or -mcpu) builds exclusively for an architecture
+# -mtune optimizes for an architecture, but builds for whole processor family
+CPPFLAGS="-D_FORTIFY_SOURCE=2 -D__USE_MINGW_ANSI_STDIO=1"
+CFLAGS="-march=i686 -mtune=generic -O2 -pipe"
+CXXFLAGS="-march=i686 -mtune=generic -O2 -pipe"
+LDFLAGS="-pipe"
+# Uncomment to enable hardening (ASLR, DEP)
+#LDFLAGS="-pipe -Wl,--dynamicbase,--nxcompat"
+#-- Make Flags: change this for DistCC/SMP systems
+MAKEFLAGS="-j$(($(nproc)+1))"
+#-- Debugging flags
+DEBUG_CFLAGS="-ggdb -Og"
+DEBUG_CXXFLAGS="-ggdb -Og"
+
+ACLOCAL_PATH="${MINGW_PREFIX}/share/aclocal:/usr/share/aclocal"
+PKG_CONFIG_PATH="${MINGW_PREFIX}/lib/pkgconfig:${MINGW_PREFIX}/share/pkgconfig"
+
+#########################################################################
+# BUILD ENVIRONMENT
+#########################################################################
+#
+# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign)
+#  A negated environment option will do the opposite of the comments below.
+#
+#-- distcc:   Use the Distributed C/C++/ObjC compiler
+#-- color:    Colorize output messages
+#-- ccache:   Use ccache to cache compilation
+#-- check:    Run the check() function if present in the PKGBUILD
+#-- sign:     Generate PGP signature file
+#
+BUILDENV=(!distcc color !ccache check !sign)
+#
+#-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
+#-- specify a space-delimited list of hosts running in the DistCC cluster.
+#DISTCC_HOSTS=""
+#
+#-- Specify a directory for package building.
+#BUILDDIR=/tmp/makepkg
+
+#########################################################################
+# GLOBAL PACKAGE OPTIONS
+#   These are default values for the options=() settings
+#########################################################################
+#
+# Default: OPTIONS=(strip docs !libtool staticlibs emptydirs zipman purge !upx !debug)
+#  A negated option will do the opposite of the comments below.
+#
+#-- strip:      Strip symbols from binaries/libraries
+#-- docs:       Save doc directories specified by DOC_DIRS
+#-- libtool:    Leave libtool (.la) files in packages
+#-- staticlibs: Leave static library (.a) files in packages
+#-- emptydirs:  Leave empty directories in packages
+#-- zipman:     Compress manual (man and info) pages in MAN_DIRS with gzip
+#-- purge:      Remove files specified by PURGE_TARGETS
+#-- upx:        Compress binary executable files using UPX
+#-- debug:      Add debugging flags as specified in DEBUG_* variables
+#
+OPTIONS=(strip docs !libtool staticlibs emptydirs zipman purge !upx !debug)
+
+#-- File integrity checks to use. Valid: md5, sha1, sha256, sha384, sha512
+INTEGRITY_CHECK=(md5)
+#-- Options to be used when stripping binaries. See `man strip' for details.
+STRIP_BINARIES="--strip-all"
+#-- Options to be used when stripping shared libraries. See `man strip' for details.
+STRIP_SHARED="--strip-unneeded"
+#-- Options to be used when stripping static libraries. See `man strip' for details.
+STRIP_STATIC="--strip-debug"
+#-- Manual (man and info) directories to compress (if zipman is specified)
+MAN_DIRS=(clang32{{,/local}{,/share},/opt/*}/{man,info})
+#-- Doc directories to remove (if !docs is specified)
+DOC_DIRS=(clang32/{,local/}{,share/}{doc,gtk-doc})
+#-- Files to be removed from all packages (if purge is specified)
+PURGE_TARGETS=(clang32/{,share}/info/dir .packlist *.pod)
+
+#########################################################################
+# PACKAGE OUTPUT
+#########################################################################
+#
+# Default: put built package and cached source in build directory
+#
+#-- Destination: specify a fixed directory where all packages will be placed
+#PKGDEST=/var/packages-clang32
+#-- Source cache: specify a fixed directory where source files will be cached
+#SRCDEST=/var/sources
+#-- Source packages: specify a fixed directory where all src packages will be placed
+#SRCPKGDEST=/var/srcpackages-clang32
+#-- Log files: specify a fixed directory where all log files will be placed
+#LOGDEST=/var/makepkglogs
+#-- Packager: name/email of the person or organization building packages
+#PACKAGER="John Doe <john@doe.com>"
+#-- Specify a key to use for package signing
+#GPGKEY=""
+
+#########################################################################
+# COMPRESSION DEFAULTS
+#########################################################################
+#
+COMPRESSGZ=(gzip -c -f -n)
+COMPRESSBZ2=(bzip2 -c -f)
+COMPRESSXZ=(xz -c -z -T0 -)
+COMPRESSLRZ=(lrzip -q)
+COMPRESSLZO=(lzop -q)
+COMPRESSZ=(compress -c -f)
+
+#########################################################################
+# EXTENSION DEFAULTS
+#########################################################################
+#
+# WARNING: Do NOT modify these variables unless you know what you are
+#          doing.
+#
+PKGEXT='.pkg.tar.xz'
+SRCEXT='.src.tar.gz'
+
+# vim: set ft=sh ts=2 sw=2 et:
diff --git a/msys2/etc/makepkg_clang64.conf b/msys2/etc/makepkg_clang64.conf
new file mode 100644
index 000000000..a08cc51a2
--- /dev/null
+++ b/msys2/etc/makepkg_clang64.conf
@@ -0,0 +1,171 @@
+#
+# /etc/makepkg_mingw64.conf
+#
+
+#########################################################################
+# SOURCE ACQUISITION
+#########################################################################
+#
+#-- The download utilities that makepkg should use to acquire sources
+#  Format: 'protocol::agent'
+DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u'
+          'http::/usr/bin/curl -qb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'https::/usr/bin/curl -qb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
+          'rsync::/usr/bin/rsync --no-motd -z %u %o'
+          'scp::/usr/bin/scp -C %u %o')
+
+# Other common tools:
+# /usr/bin/snarf
+# /usr/bin/lftpget -c
+# /usr/bin/wget
+
+#-- The package required by makepkg to download VCS sources
+#  Format: 'protocol::package'
+VCSCLIENTS=('bzr::bzr'
+            'git::git'
+            'hg::mercurial'
+            'svn::subversion')
+
+#-- Using git am to apply patches has benefits, but also downsides
+#   one being that people without their .gitconfig set get prompts
+#   and the other being that the sha1s vary each time, so fix them
+GIT_COMMITTER_NAME="makepkg"
+GIT_COMMITTER_EMAIL="makepkg@msys2.org"
+function gitam_mkpkg() {
+  git am --committer-date-is-author-date "$@"
+}
+
+#########################################################################
+# ARCHITECTURE, COMPILE FLAGS
+#########################################################################
+#
+CARCH="x86_64"
+CHOST="x86_64-w64-mingw32"
+
+#########################################################################
+# Mingw toolchains stuff
+#########################################################################
+#
+MINGW_CHOST="x86_64-w64-mingw32"
+MINGW_PREFIX="/clang64"
+MINGW_PACKAGE_PREFIX="clang-mingw-w64-x86_64"
+
+# DirectX compatibility environment variable
+DXSDK_DIR=${MINGW_PREFIX}/${MINGW_CHOST}
+
+#-- Compiler and Linker Flags
+# -march (or -mcpu) builds exclusively for an architecture
+# -mtune optimizes for an architecture, but builds for whole processor family
+CPPFLAGS="-D_FORTIFY_SOURCE=2 -D__USE_MINGW_ANSI_STDIO=1"
+CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe"
+CXXFLAGS="-march=x86-64 -mtune=generic -O2 -pipe"
+LDFLAGS="-pipe"
+# Uncomment to enable hardening (ASLR, High entropy ASLR, DEP)
+#LDFLAGS="-pipe -Wl,--dynamicbase,--high-entropy-va,--nxcompat"
+#-- Make Flags: change this for DistCC/SMP systems
+MAKEFLAGS="-j$(($(nproc)+1))"
+#-- Debugging flags
+DEBUG_CFLAGS="-ggdb -Og"
+DEBUG_CXXFLAGS="-ggdb -Og"
+
+ACLOCAL_PATH="${MINGW_PREFIX}/share/aclocal:/usr/share/aclocal"
+PKG_CONFIG_PATH="${MINGW_PREFIX}/lib/pkgconfig:${MINGW_PREFIX}/share/pkgconfig"
+
+#########################################################################
+# BUILD ENVIRONMENT
+#########################################################################
+#
+# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign)
+#  A negated environment option will do the opposite of the comments below.
+#
+#-- distcc:   Use the Distributed C/C++/ObjC compiler
+#-- color:    Colorize output messages
+#-- ccache:   Use ccache to cache compilation
+#-- check:    Run the check() function if present in the PKGBUILD
+#-- sign:     Generate PGP signature file
+#
+BUILDENV=(!distcc color !ccache check !sign)
+#
+#-- If using DistCC, your MAKEFLAGS will also need modification. In addition,
+#-- specify a space-delimited list of hosts running in the DistCC cluster.
+#DISTCC_HOSTS=""
+#
+#-- Specify a directory for package building.
+#BUILDDIR=/tmp/makepkg
+
+#########################################################################
+# GLOBAL PACKAGE OPTIONS
+#   These are default values for the options=() settings
+#########################################################################
+#
+# Default: OPTIONS=(strip docs !libtool staticlibs emptydirs zipman purge !upx !debug)
+#  A negated option will do the opposite of the comments below.
+#
+#-- strip:      Strip symbols from binaries/libraries
+#-- docs:       Save doc directories specified by DOC_DIRS
+#-- libtool:    Leave libtool (.la) files in packages
+#-- staticlibs: Leave static library (.a) files in packages
+#-- emptydirs:  Leave empty directories in packages
+#-- zipman:     Compress manual (man and info) pages in MAN_DIRS with gzip
+#-- purge:      Remove files specified by PURGE_TARGETS
+#-- upx:        Compress binary executable files using UPX
+#-- debug:      Add debugging flags as specified in DEBUG_* variables
+#
+OPTIONS=(strip docs !libtool staticlibs emptydirs zipman purge !upx !debug)
+
+#-- File integrity checks to use. Valid: md5, sha1, sha256, sha384, sha512
+INTEGRITY_CHECK=(md5)
+#-- Options to be used when stripping binaries. See `man strip' for details.
+STRIP_BINARIES="--strip-all"
+#-- Options to be used when stripping shared libraries. See `man strip' for details.
+STRIP_SHARED="--strip-unneeded"
+#-- Options to be used when stripping static libraries. See `man strip' for details.
+STRIP_STATIC="--strip-debug"
+#-- Manual (man and info) directories to compress (if zipman is specified)
+MAN_DIRS=(clang64{{,/local}{,/share},/opt/*}/{man,info})
+#-- Doc directories to remove (if !docs is specified)
+DOC_DIRS=(clang64/{,local/}{,share/}{doc,gtk-doc})
+#-- Files to be removed from all packages (if purge is specified)
+PURGE_TARGETS=(clang64/{,share}/info/dir .packlist *.pod)
+
+#########################################################################
+# PACKAGE OUTPUT
+#########################################################################
+#
+# Default: put built package and cached source in build directory
+#
+#-- Destination: specify a fixed directory where all packages will be placed
+#PKGDEST=/var/packages-clang64
+#-- Source cache: specify a fixed directory where source files will be cached
+#SRCDEST=/var/sources
+#-- Source packages: specify a fixed directory where all src packages will be placed
+#SRCPKGDEST=/var/srcpackages-clang64
+#-- Log files: specify a fixed directory where all log files will be placed
+#LOGDEST=/var/makepkglogs
+#-- Packager: name/email of the person or organization building packages
+#PACKAGER="John Doe <john@doe.com>"
+#-- Specify a key to use for package signing
+#GPGKEY=""
+
+#########################################################################
+# COMPRESSION DEFAULTS
+#########################################################################
+#
+COMPRESSGZ=(gzip -c -f -n)
+COMPRESSBZ2=(bzip2 -c -f)
+COMPRESSXZ=(xz -c -z -T0 -)
+COMPRESSLRZ=(lrzip -q)
+COMPRESSLZO=(lzop -q)
+COMPRESSZ=(compress -c -f)
+
+#########################################################################
+# EXTENSION DEFAULTS
+#########################################################################
+#
+# WARNING: Do NOT modify these variables unless you know what you are
+#          doing.
+#
+PKGEXT='.pkg.tar.xz'
+SRCEXT='.src.tar.gz'
+
+# vim: set ft=sh ts=2 sw=2 et:
diff --git a/msys2/etc/pacman.d/mirrorlist.mingw32 b/msys2/etc/pacman.d/mirrorlist.mingw32
index c1fa204bd..dc4e840e4 100644
--- a/msys2/etc/pacman.d/mirrorlist.mingw32
+++ b/msys2/etc/pacman.d/mirrorlist.mingw32
@@ -4,6 +4,7 @@
 
 ## Primary
 ## msys2.org
-Server = http://repo.msys2.org/mingw/i686
-Server = https://downloads.sourceforge.net/project/msys2/REPOS/MINGW/i686
-Server = http://www2.futureware.at/~nickoe/msys2-mirror/mingw/i686
+Server = http://repo.msys2.org/mingw/i686/
+Server = https://sourceforge.net/projects/msys2/files/REPOS/MINGW/i686/
+Server = http://www2.futureware.at/~nickoe/msys2-mirror/mingw/i686/
+Server = https://mirror.yandex.ru/mirrors/msys2/mingw/i686/
diff --git a/msys2/etc/pacman.d/mirrorlist.mingw64 b/msys2/etc/pacman.d/mirrorlist.mingw64
index 56a046640..f73e4d33f 100644
--- a/msys2/etc/pacman.d/mirrorlist.mingw64
+++ b/msys2/etc/pacman.d/mirrorlist.mingw64
@@ -4,6 +4,7 @@
 
 ## Primary
 ## msys2.org
-Server = http://repo.msys2.org/mingw/x86_64
-Server = https://downloads.sourceforge.net/project/msys2/REPOS/MINGW/x86_64
-Server = http://www2.futureware.at/~nickoe/msys2-mirror/mingw/x86_64
+Server = http://repo.msys2.org/mingw/x86_64/
+Server = https://sourceforge.net/projects/msys2/files/REPOS/MINGW/x86_64/
+Server = http://www2.futureware.at/~nickoe/msys2-mirror/mingw/x86_64/
+Server = https://mirror.yandex.ru/mirrors/msys2/mingw/x86_64/
diff --git a/msys2/etc/pacman.d/mirrorlist.msys b/msys2/etc/pacman.d/mirrorlist.msys
index d7581a854..5995c35dc 100644
--- a/msys2/etc/pacman.d/mirrorlist.msys
+++ b/msys2/etc/pacman.d/mirrorlist.msys
@@ -4,6 +4,7 @@
 
 ## Primary
 ## msys2.org
-Server = http://repo.msys2.org/msys/$arch
-Server = https://downloads.sourceforge.net/project/msys2/REPOS/MSYS2/$arch
+Server = http://repo.msys2.org/msys/$arch/
+Server = https://sourceforge.net/projects/msys2/files/REPOS/MSYS2/$arch/
 Server = http://www2.futureware.at/~nickoe/msys2-mirror/msys/$arch/
+Server = https://mirror.yandex.ru/mirrors/msys2/msys/$arch/
diff --git a/msys2/etc/pki/ca-trust/extracted/java/cacerts b/msys2/etc/pki/ca-trust/extracted/java/cacerts
index 1caba8d44..80c7cabf9 100644
Binary files a/msys2/etc/pki/ca-trust/extracted/java/cacerts and b/msys2/etc/pki/ca-trust/extracted/java/cacerts differ
diff --git a/msys2/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt b/msys2/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
index 236ab1dc8..17e51afa5 100644
--- a/msys2/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
+++ b/msys2/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
@@ -1,3 +1,4 @@
+# ACCVRAIZ1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
 AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
@@ -40,43 +41,11 @@ tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH
 I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA
 h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
 d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
-pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7MCswHgYIKwYB
-BQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwJQUNDVlJBSVox
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
-AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
-CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
-MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
-RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
-AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
-09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
-XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
-Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
-t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
-X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
-MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
-fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
-2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
-K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
-ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
-BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
-MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
-RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
-fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
-gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
-I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
-5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
-ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
-MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
-o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
-zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
-GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
-r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
-Z05phkOTOPu220+DkdRgfks+KzgHVZhepDAvMB4GCCsGAQUFBwMEBggrBgEFBQcD
-AQYIKwYBBQUHAwMMDUFDRURJQ09NIFJvb3Q=
+pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7MCEwFAYIKwYB
+BQUHAwQGCCsGAQUFBwMBDAlBQ0NWUkFJWjE=
 -----END TRUSTED CERTIFICATE-----
+
+# AC RAIZ FNMT-RCM
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx
 CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ
@@ -110,6 +79,8 @@ RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv
 uu8wd+RU4riEmViAqhOLUTpPSPaLtrMwHjAKBggrBgEFBQcDAQwQQUMgUkFJWiBG
 Tk1ULVJDTQ==
 -----END TRUSTED CERTIFICATE-----
+
+# AC Ra\xC3\xADz Certic\xC3\xA1mara S.A.
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx
 CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp
@@ -145,9 +116,11 @@ XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD
 W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/
 RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r
 MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk
-BYn8eNZcLCZDqTA+MBQGCCsGAQUFBwMEBggrBgEFBQcDAwwmQUMgUmFceEMzXHhB
-RHogQ2VydGljXHhDM1x4QTFtYXJhIFMuQS4=
+BYn8eNZcLCZDqTA0MAoGCCsGAQUFBwMEDCZBQyBSYVx4QzNceEFEeiBDZXJ0aWNc
+eEMzXHhBMW1hcmEgUy5BLg==
 -----END TRUSTED CERTIFICATE-----
+
+# Actalis Authentication Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
 BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
@@ -179,10 +152,11 @@ fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R
 K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU
 ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
 LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
-LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhljBAMB4GCCsGAQUFBwMEBggr
-BgEFBQcDAQYIKwYBBQUHAwMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBD
-QQ==
+LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhljA2MBQGCCsGAQUFBwMEBggr
+BgEFBQcDAQweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# AddTrust External Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
@@ -206,9 +180,11 @@ YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
 6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
 Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
 c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
-mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQwODAeBggrBgEFBQcDBAYIKwYBBQUH
-AwEGCCsGAQUFBwMDDBZBZGRUcnVzdCBFeHRlcm5hbCBSb290
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQwLjAUBggrBgEFBQcDBAYIKwYBBQUH
+AwEMFkFkZFRydXN0IEV4dGVybmFsIFJvb3Q=
 -----END TRUSTED CERTIFICATE-----
+
+# AddTrust Low-Value Services Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
@@ -231,62 +207,11 @@ IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
 43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
 eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
 pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
-WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47WcdkwODAU
-BggrBgEFBQcDBAYIKwYBBQUHAwEMIEFkZFRydXN0IExvdy1WYWx1ZSBTZXJ2aWNl
-cyBSb290
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAYwPzAeBggr
-BgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDB1BZGRUcnVzdCBQdWJsaWMgU2Vy
-dmljZXMgUm9vdA==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqEwRjAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDCRBZGRUcnVzdCBR
-dWFsaWZpZWQgQ2VydGlmaWNhdGVzIFJvb3Q=
+WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47WcdkwLjAK
+BggrBgEFBQcDBAwgQWRkVHJ1c3QgTG93LVZhbHVlIFNlcnZpY2VzIFJvb3Q=
 -----END TRUSTED CERTIFICATE-----
+
+# AffirmTrust Commercial
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -308,6 +233,8 @@ N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC
 nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8wJDAKBggrBgEFBQcDAQwW
 QWZmaXJtVHJ1c3QgQ29tbWVyY2lhbA==
 -----END TRUSTED CERTIFICATE-----
+
+# AffirmTrust Networking
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -329,6 +256,8 @@ olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48
 x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9swJDAKBggrBgEFBQcDAQwW
 QWZmaXJtVHJ1c3QgTmV0d29ya2luZw==
 -----END TRUSTED CERTIFICATE-----
+
+# AffirmTrust Premium
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
@@ -360,6 +289,8 @@ GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO
 RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e
 KeC2uAloGRwYQzAhMAoGCCsGAQUFBwMBDBNBZmZpcm1UcnVzdCBQcmVtaXVt
 -----END TRUSTED CERTIFICATE-----
+
+# AffirmTrust Premium ECC
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
 VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
@@ -374,6 +305,8 @@ aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I
 flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeTAlMAoGCCsGAQUFBwMB
 DBdBZmZpcm1UcnVzdCBQcmVtaXVtIEVDQw==
 -----END TRUSTED CERTIFICATE-----
+
+# Amazon Root CA 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -395,6 +328,8 @@ o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
 rqXRfboQnoZsG4q5WTP468SQvvG5MCgwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBBB
 bWF6b24gUm9vdCBDQSAx
 -----END TRUSTED CERTIFICATE-----
+
+# Amazon Root CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -426,6 +361,8 @@ n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE
 9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT
 4PsJYGwwKDAUBggrBgEFBQcDBAYIKwYBBQUHAwEMEEFtYXpvbiBSb290IENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# Amazon Root CA 3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -439,6 +376,8 @@ BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM
 YyRIHN8wfdVoOzAoMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwQQW1hem9uIFJvb3Qg
 Q0EgMw==
 -----END TRUSTED CERTIFICATE-----
+
+# Amazon Root CA 4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -453,6 +392,8 @@ CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW
 1KyLa2tJElMzrdfkviT8tQp21KW8EDAoMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwQ
 QW1hem9uIFJvb3QgQ0EgNA==
 -----END TRUSTED CERTIFICATE-----
+
+# Atos TrustedRoot 2011
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
 AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
@@ -472,9 +413,11 @@ vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP
 DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc
 maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
 lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
-KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6edMDcwHgYIKwYBBQUHAwQGCCsGAQUF
-BwMBBggrBgEFBQcDAwwVQXRvcyBUcnVzdGVkUm9vdCAyMDEx
+KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6edMC0wFAYIKwYBBQUHAwQGCCsGAQUF
+BwMBDBVBdG9zIFRydXN0ZWRSb290IDIwMTE=
 -----END TRUSTED CERTIFICATE-----
+
+# Autoridad de Certificacion Firmaprofesional CIF A62634068
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
 BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
@@ -508,10 +451,12 @@ SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF
 ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g
 StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
 Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
-jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2VMFswHgYIKwYBBQUHAwQGCCsGAQUFBwMB
-BggrBgEFBQcDAww5QXV0b3JpZGFkIGRlIENlcnRpZmljYWNpb24gRmlybWFwcm9m
-ZXNpb25hbCBDSUYgQTYyNjM0MDY4
+jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2VMFEwFAYIKwYBBQUHAwQGCCsGAQUFBwMB
+DDlBdXRvcmlkYWQgZGUgQ2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJ
+RiBBNjI2MzQwNjg=
 -----END TRUSTED CERTIFICATE-----
+
+# Baltimore CyberTrust Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
 RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
@@ -534,342 +479,8 @@ ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
 R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmpMDEwFAYIKwYBBQUHAwQGCCsGAQUF
 BwMBDBlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF7jCCBNagAwIBAgIQBH7L6fylX3vQnq424QyuHjANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9tYWlsLmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCwc/DyBO7CokbKNCqqu2Aj0RF2Hx860GWDTppFqENwhXbwH4cA
-Ah9uOxcXxLXpGUaikiWNYiq0YzAfuYX4NeEWWnZJzFBIUzlZidaEAvua7BvHUdV2
-lZDUOiq4pt4CTQb7ze2lRkFfVXTl7H5A3FCcteQ1XR5oIPjp3qNqKL9B0qGz4iWN
-DBvKPZMMGK7fxbz9vIK6aADXFjJxn2W1EdpoWdCmV2Qbyf6Y5fWlZerh2+70s52z
-juqHrhbSHqB8fGk/KRaFAVOnbPFgq92i/CVH1DLREt33SBLg/Jyid5jpiZm4+Djx
-jAbCeiM2bZudzTDIxzQXHrt9Qsir5xUW9nO1AgMBAAGjggHqMIIB5jAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUGCqiyNR6P3utBIu9
-b54QRhN4cZ0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMC8G
-A1UdEQQoMCaCD21haWwuZ29vZ2xlLmNvbYITd3d3Lm1haWwuZ29vZ2xlLmNvbTAN
-BgkqhkiG9w0BAQUFAAOCAQEAZwYICifFk24C8t4XP9DTG3z/tc16x3fHvt8Syhne
-sBNXDAORxHlSz3+3XlUghEnd9dApLw4E2lmeDhOf9MAym/+hESQql6PyPz0qa6it
-jBl1lQ4dJf1PxHoVwx3HE0DIDb6XYHKm/iW+j+zVpobDIVxZUtlqC1yfS961+ezi
-9MXMYlN2iWXkKdq3v5bgYI0NtwlV1kBVHcHyliF1r4mGH12BlykoHinXlsEgAzJ7
-ADtqNxdao7MabzI7bvGjXaurzCrLMAwfNSOLaURc6qwoYO2ra2Oe9pK8vZpaJkzF
-mLgOGT78BTHjFtn9kAUDhsZXAR9/eKDPM2qqZmsi0KdJIzB9oG4GCCsGAQUFBwME
-BggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUH
-AwMGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEF
-BQcDCAwLQm9ndXMgR01haWw=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIG3TCCBcWgAwIBAgIRANjzX063hystqwaS4xU4L7AwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgeMxCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEOMAwG
-A1UEBxMFVGFtcGExFzAVBgNVBAkTDlNlYSBWaWxsYWdlIDEwMRcwFQYDVQQKEw5H
-bG9iYWwgVHJ1c3RlZTEXMBUGA1UECxMOR2xvYmFsIFRydXN0ZWUxKDAmBgNVBAsT
-H0hvc3RlZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRp
-bnVtU1NMMRcwFQYDVQQDEw5nbG9iYWwgdHJ1c3RlZTCCAiIwDQYJKoZIhvcNAQEB
-BQADggIPADCCAgoCggIBANl08qpBHd/1whZDSVwpv7aJdCm8nI0MRk9ZfrJBF2Y0
-DGWJ4Wwl44YKniJFIozdneajld7ciAJVXONbkXXrJmljuS7Gyi4n34i6AiBu/rkL
-Kden1tdIGhzO3R+pJw5iT6GWHt1UOjRjSnb1d31ZZ9gQ1LUPOkMimNv0CcQKcM7d
-kNQv73QTw83CiTliFZ3mdKjom/BjbpyJtg6tm/fMgujoLbgL2iLsSYUHiJmYP/R0
-qQn3gXyXC1mZGHKL25SCK6foqmuXv4h+dbCLRUUMx6gJ6htBWDA7X3hlFTTS5Dw0
-DR3YZDyKpVZJmSgtS/LPzdluSWSbqXmQd1WpCButGnSe4AOTCgm3rae0XO+DbLea
-tMZoQIAdQtFueZupGSGanPmGLQDRNP7gtvlVtvUmxZUWpXxznwopiaw6mPebdGe3
-kLddCSNqau0sEO5TChDwFh9Xs7ENeZEZsOvNMD+gFF+zxv1cM6ew/5iwVYy5pfJv
-RyRJIWnMQqJRAECFjIKCqzKly5rc0NkYDd8Z9K+DDcE+MdskSLZ1gKHhyXdkHqfl
-i38VTUunwtDteZVekTHsGP9On0gU6nW6Ic4pdukfTlGHLrPMBGC6Ix8fZbIKuNVu
-j0tCiUepgZBbK7K2ruagcHt4kAp6xeXnxfsK9i9pjIwfV+AGmf8R1VIyIJcnmO5l
-AgMBAAGjggHUMIIB0DAfBgNVHSMEGDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAd
-BgNVHQ4EFgQUt8PeGkPtQZepjyl4nAO5rEBCAKwwDgYDVR0PAQH/BAQDAgWgMAwG
-A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1Ud
-IAQ/MD0wOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2Vj
-dXJlLmNvbW9kby5jb20vQ1BTMHsGA1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwu
-Y29tb2RvY2EuY29tL1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmww
-cQYIKwYBBQUHAQEEZTBjMDsGCCsGAQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2Nh
-LmNvbS9VVE5BZGRUcnVzdFNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDov
-L29jc3AuY29tb2RvY2EuY29tMBkGA1UdEQQSMBCCDmdsb2JhbCB0cnVzdGVlMA0G
-CSqGSIb3DQEBBQUAA4IBAQCPunW6OdQm03APxLMCp8USI3HJ/mPpo2J4JERP1LkR
-Ph/HKOdVa+704QCRhorJCWufLqRFOdFhYl6TpQVFeJ9gEiz0bGVlDcxGNIsouqDG
-9JlxZPMidqxP82LJpzNaBx89yYaA3NsEL4cn6L9IRIHA8Ekjbh/l5AOGJBOihWJ8
-WATK5o0Tcgq6VkSiD7z7oD0NKn/7nqkJPbda1IqN4SXopAmEcK0SRLnPuTN6ulzm
-S6a7BQaY//KYUnt3gCdK2eL6uVLU+/vm1i2ej8EVRI2bdC/ulFpO08SLiqxDnXP2
-rgyHia2HycnH3boUYHr4tTWdwo3GloENqVKKKUAE6Rm0MIGGoG4GCCsGAQUFBwME
-BggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUH
-AwMGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEF
-BQcDCAwUQm9ndXMgR2xvYmFsIFRydXN0ZWU=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF5DCCBMygAwIBAgIRAPXIavNhYvE6ZPVPbclYfAYwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd4xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEXMBUGA1UEAxMOd3d3Lmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCwc/DyBO7CokbKNCqqu2Aj0RF2Hx860GWDTppFqENwhXbwH4cA
-Ah9uOxcXxLXpGUaikiWNYiq0YzAfuYX4NeEWWnZJzFBIUzlZidaEAvua7BvHUdV2
-lZDUOiq4pt4CTQb7ze2lRkFfVXTl7H5A3FCcteQ1XR5oIPjp3qNqKL9B0qGz4iWN
-DBvKPZMMGK7fxbz9vIK6aADXFjJxn2W1EdpoWdCmV2Qbyf6Y5fWlZerh2+70s52z
-juqHrhbSHqB8fGk/KRaFAVOnbPFgq92i/CVH1DLREt33SBLg/Jyid5jpiZm4+Djx
-jAbCeiM2bZudzTDIxzQXHrt9Qsir5xUW9nO1AgMBAAGjggHgMIIB3DAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUGCqiyNR6P3utBIu9
-b54QRhN4cZ0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMCUG
-A1UdEQQeMByCDnd3dy5nb29nbGUuY29tggpnb29nbGUuY29tMA0GCSqGSIb3DQEB
-BQUAA4IBAQBxwJk/Xva9M/+eFsuov91w+dJTOzauyRfIrl5N3WL3t9M+d6P+wHsy
-tcmUBVJQ8l89eYRJT11ssNdZvdRsiPr8xWWG6yhSokL2fLxqxwcuJdGQYiDGjVHC
-LEU5TgPa9xjozAo62UXYbG40i2KcThX5Q+7ll8A/rTUTxSsGx0H94vd+Ra2b0eFm
-7fh6S5Q5ei/r6D9D2DXWVvp0523m7axlhP7QTQYS3tpZADwJXM+IS+g9tBUhksxt
-plHijpfx9IJGy8RTXtpcnWWSAWWJAOW2mf8mQPEvGTEIGrFnVYYNrjUzhryXSJLX
-lmD4zvyW64fEc8yUm1hb83qkJxPWT/RpMH6gbgYIKwYBBQUHAwQGCCsGAQUFBwMB
-BggrBgEFBQcDAwYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUH
-AwQGCCsGAQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUFBwMIDAxCb2d1
-cyBHb29nbGU=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF+DCCBOCgAwIBAgIRAJI51TSPQNFpWnRUcOHyP0MwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgeIxCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEbMBkGA1UEAxMSYWRkb25zLm1vemlsbGEub3JnMIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEAq8ZtNvMVc3iDc850hdWu7LLw4CQfE4O4IKy7mv6Iu6uh
-HQsfRQCqSbc1Nwxq70dMudG+41cSBI2Sx7bsAby22seBOCCtcoXmDvyBbAetaHY4
-xUTXzMZKxZc+ZPRR5vB+suxW9yWCTUmYyxaY3SPxiZHRF5dAmSbW4qIrXt+9ifIb
-GlMtzFBBetA9KgxVcBQB6VhJEHoLk4KL4R7tOoAQgs6WijTwzNfTubRQh1VUCbid
-QihVAOWMNVS/3SWRRrcN5V2DqOWL+4TkPK522sRDK1t0C/i+XWjxeFu1zn3xXZlA
-2sruOIFQvpihbLgkrfOvjA/XESgshBhMfbXZjzC1GwIDAQABo4IB8DCCAewwHwYD
-VR0jBBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFN2A0lQ990xw
-yqOw3TR6MuToO1o7MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
-JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEB
-AgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQ
-UzB7BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4t
-VVNFUkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8u
-bmV0L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7
-BggrBgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RT
-ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv
-bTA1BgNVHREELjAsghJhZGRvbnMubW96aWxsYS5vcmeCFnd3dy5hZGRvbnMubW96
-aWxsYS5vcmcwDQYJKoZIhvcNAQEFBQADggEBADM7YxX8sewULJPddZTegVrZTpm+
-+0qkOVVNoUB63hMqh6k3z+jV+63Re21vjCCHglTmV0m8ICiEzdYB2ZOLF24jZuWE
-yIA/xqFwgOTsTR35/JFac2IpmvcgHGHgizmfyrx+jd282bHjn57fFVORIVIL2Roj
-D2Y226yTlkqjpSLPKfeimaj2ttlArtl+tvZYLpusNspkj2VS3IacgqtuUEvaX/oF
-AIgwDt6NVr+BR409BuKyYpJnj57ImrLlBrhwJLh3fCMKOMN5CNixUZ2slRHHQBee
-oxyP8hGnaCfaSQWEGHxYLQFnXOWfoSm7SjlFL78Rqnmi7bTUtWVDt5NGitMwgYag
-bgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwYIKwYBBQUHAwEGCCsGAQUF
-BwMCBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMFBggrBgEFBQcDBgYIKwYB
-BQUHAwcGCCsGAQUFBwMIDBRCb2d1cyBNb3ppbGxhIEFkZG9ucw==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF7zCCBNegAwIBAgIRAOkCi5V45BXcGnEKK4gVREcwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd8xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEYMBYGA1UEAxMPbG9naW4uc2t5cGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAsHiZhg6icyPUWsNJ67E2jHzKhK48rziIKJmNLVgTsZd4PlIg
-Z6xbc5hsMlXJcNHZqhXoLiaFgbxW5LyAY9tO1/UCvlFjHjzb39cAXVq55Xtq6jgg
-sju27nVUhPmmyjhw3b+w/6WFXbRB/t092SrhMEMamHmToF/gZ2yV+j56rnF7422I
-Qj8l1O6+aGisraxg4CCjOYO5Wyijk22hvXYK4+uuhycOVI+0SAyaVPRdjjdQ3F6k
-i2tL3KbzNL53WSKI/xkrbXZkc9oMhwcrmjc60OKM9jYya5p5zNI7k28aTWzmwZ1A
-rC10w77qXHNlASmxKr9wWcHOxsOiyEVfumc9DwIDAQABo4IB6jCCAeYwHwYDVR0j
-BBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFNWOWlETtCkNMbYc
-jT5RUTEKM6qBMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
-MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgED
-BDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzB7
-BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4tVVNF
-UkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0
-L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7Bggr
-BgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RTZXJ2
-ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAv
-BgNVHREEKDAmgg9sb2dpbi5za3lwZS5jb22CE3d3dy5sb2dpbi5za3lwZS5jb20w
-DQYJKoZIhvcNAQEFBQADggEBAAjygXWRu84SBBjCTVr7RpAKVET08t0HgfAfpnpv
-n8+4DixPnMSa9aj2uqTJel2x4lrKPPpgqGg+y7ot4s3WtuSSPGmtV+qoLzgQhHLl
-aHHtvutuGO9jer7nJP/AY/1YO0yBktgpq441XdfTCWuF09VzBUTi5buDUxDL8s+3
-buFpt6GSZMXPzYK7NqA4rdck31P8P2K3t9XHV+OTMXCOJImGymMrObpd2Wpg7KFO
-iv5T+F6S3y9cJhdtA30CDw+qQ2dtsGK/flPdzOx4c5XlpfYAowT9PwQqs5jFtwMc
-28lQq7AFHR6+VrTPPkITlJ755wGBpXhvDHp2rAWG7KzCEawwfaBuBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUF
-BwMDBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYB
-BQUHAwgMC0JvZ3VzIFNreXBl
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF7zCCBNegAwIBAgIRANdVj9r18RBbshMoK3B3KaMwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd8xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEYMBYGA1UEAxMPbG9naW4ueWFob28uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX4kB38Bzr0BnfIl0If9EHPEGJRhej
-Cfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5iPrw/bCHuk43LDaAfmpbQj631k5OC
-7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/N1LQ8XxvkNhFCqw5cmph1bvDjPnC
-zN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8/eIxxd/KwdiPLL/wDltx4DRxw8VN
-fXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2eYQajmwCtoblv1FqZvjznNNZDHul
-mXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRbVQIDAQABo4IB6jCCAeYwHwYDVR0j
-BBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFIZJRfwzGTPUBO0n
-Ye7oAckMfy9+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
-MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgED
-BDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzB7
-BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4tVVNF
-UkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0
-L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7Bggr
-BgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RTZXJ2
-ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAv
-BgNVHREEKDAmgg9sb2dpbi55YWhvby5jb22CE3d3dy5sb2dpbi55YWhvby5jb20w
-DQYJKoZIhvcNAQEFBQADggEBAD1XyUgkXO5kgfWuvlUpFv8qL4Tt2fijA8gwZrvI
-1IEtIfcI96yWQppBdXq6XRAjy5JCYfqK2m1lNBnlqdYtE3jXgUSSqW6AYxXL/jUf
-AtGKFLCozJQgO6ga8F02UNsNrulk5PaNaX0wyBQXAErlpjX7fQ0inXl2Uiy8lwaI
-mhX0c+bx9ZilzQdEkbinaGdF0nIRYOJxt1BV4oqpDdaS7gQqizCgogVGNG2Sxjuq
-TaDQqwEZCjK36OPP8dKXSXuspJf38FeuY3eaf5baTf2+3Ac24yW9iXmOKRITi4gH
-+2vbpM2zLSfp1Mpg14VT+3TGXDWMcB/5sreSJyDHlNVnFDAwf6BuBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUF
-BwMDBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYB
-BQUHAwgMDUJvZ3VzIFlhaG9vIDE=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF2TCCBMGgAwIBAgIQOSpDTw4H3x+KowXeNODCKTANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQChpAU97YVFk4oYTcYDAFfiQHfwHOvQGd8iXQh/0Qc8QYlGF6MJ
-+vz4qQTRlo+r1088+a0YqXSBxFcKOiYWzmI+vD9sIe6TjcsNoB+altCPrfWTk4Lu
-cgyhdRWje4RWuK3/UhFxhLw6MAt+mKjhqD83UtDxfG+Q2EUKrDlyamHVu8OM+cLM
-3/06cbmvvNw63Ay2sdLRibtBtvLeV9UV3/z94jHF38rB2I8sv/AOW3HgNHHDxU19
-etT67TBLL+q2Lp6TPOI6+EKiGu7c380PqfZ5hBqObAK2huW/UWpm+POc01kMe6WZ
-eM18mfrGlkfYMtR0dg53SyB0pLeJdZJKtFtVAgMBAAGjggHVMIIB0TAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUhklF/DMZM9QE7Sdh
-7ugByQx/L34wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBoG
-A1UdEQQTMBGCD2xvZ2luLnlhaG9vLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAV2Lh
-d+v8H7+IU69Y09TWbWcwF0C+4B9k3ocVzOCkVqnRn/kB/gKxseriX+5xFjH5CNXC
-15qbslo416l/6YdrMfkLrNn9UHHg24KSD4GcjXfp6y7q1CNBh+wtsnizjrFn0u5x
-AwgSmbMCKW/ei97BqQMKWjMcPREDxkgMmJwVLtmmhVLnBYquMCPr7ShsYOktf49H
-iy/Q3Oa7D35f8kiBjlAEY7FRgHWaqbYQHBBfbxhv4A6WRc7u8bUg2+/absiV4/ZF
-/cr8pV9JbQYe0t5hPRV9N+UcNY4Gwmv3tKgoLDHLqrSnl0+divavfje5ez3fkmaL
-j06dxjbnXKarEg/WzzB/oG4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMG
-CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcD
-BQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwNQm9ndXMgWWFob28gMg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF2TCCBMGgAwIBAgIQPnXO1GtpMCEhiDCuhqgqcTANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQChpAU97YVFk4oYTcYDAFfiQHfwHOvQGd8iXQh/0Qc8QYlGF6MJ
-+vz4qQTRlo+r1088+a0YqXSBxFcKOiYWzmI+vD9sIe6TjcsNoB+altCPrfWTk4Lu
-cgyhdRWje4RWuK3/UhFxhLw6MAt+mKjhqD83UtDxfG+Q2EUKrDlyamHVu8OM+cLM
-3/06cbmvvNw63Ay2sdLRibtBtvLeV9UV3/z94jHF38rB2I8sv/AOW3HgNHHDxU19
-etT67TBLL+q2Lp6TPOI6+EKiGu7c380PqfZ5hBqObAK2huW/UWpm+POc01kMe6WZ
-eM18mfrGlkfYMtR0dg53SyB0pLeJdZJKtFtVAgMBAAGjggHVMIIB0TAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUhklF/DMZM9QE7Sdh
-7ugByQx/L34wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBoG
-A1UdEQQTMBGCD2xvZ2luLnlhaG9vLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAU2mY
-jihOnCtbHcxrdyg9u/qlTn5WKaTqEOL05i0G0YTbI86X82i2DzreFQskHZHjbC4w
-t+lwsMNGgPDTsVG/T9Z4oPysxs8xBGPiNFUFSj32MLrzM+W60pbz1bG2k4kapGi+
-fu1jtBpIwFPko/A5DDKSx0MNGnHt0EaTv5NibDNLzTYNaV67bJaZIWnES2dy22xq
-uPdo7cWPrWNllQpM4PkPfjc9qtSTumcJw6WkDQNabdUL/vBAFLT2uGl8bcIyS5+1
-GudGrkxaK6p6XpBXlfrbZgIgHmppZhWcwrb1vFC1/UXHH2i0R1msxBsok05SUxID
-WEtxg59m5qx5SP7+RzB/oG4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMG
-CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcD
-BQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwNQm9ndXMgWWFob28gMw==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF7DCCBNSgAwIBAgIRALC3Ez7Qlvm1b66RyHS9OsAwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd4xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEXMBUGA1UEAxMObG9naW4ubGl2ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDz/Csv7+GtWfBCPMLxgr8sQZPR9pgzlUy8YvGVWAi26Xt3SLDT
-3Bc/vG7m7B7sjRf+HCTGPmc9kpWiMMCnVyDPcIiXSgWTeZNCly8+/8QUFCiiEza0
-+O6+Hbx4XWGTX+uI19HkK5rNWOIHRZ9PuLlAajMsWyEDWkqU8nqXWRuotULYgwCq
-NMyndtBHA18FrzvhuaE0JbdsX5owhJjCwtfyuEJKEFW9+lOBXY1oZkUsUn7lxATD
-VOfDOdp6SsW5mIIg4SxgV7+68kYAvF863OMzl/hKmLnsM08tYGwVkqaBSgvp7HZw
-NDEXcOZwS46L03XLeEmrZpuGn4+pxAHoyhvnAgMBAAGjggHoMIIB5DAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQU1GT2qeilfte/Y1ID
-g1PbxUGN6oAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMC0G
-A1UdEQQmMCSCDmxvZ2luLmxpdmUuY29tghJ3d3cubG9naW4ubGl2ZS5jb20wDQYJ
-KoZIhvcNAQEFBQADggEBAFTjpJok0vMdQq0b8B6r+9rVqunPWrMeV3sx8m5XSzGv
-M7u2DRXHXlkBzkS1t78JydXcaYTpxRq38D7UwCS9KV+06dZY60URiTQ00xHrNM4q
-TwA99nLvaWbAn5qsfnBQrFVH2r5DW+yLyMUjhMmftlIIz5EbL4Bp5jQz5rOfpOUN
-mhX5V/wLqUEL9f9YQZIiJ2YSBscq2Fmnxt9EEk/AqH+nQcjIaf+6BS6XrTvQ6/MV
-bX4b5brdNL4iEexomDOBAmoLE1V5MXVOOsi2E72XbzcKCy2IDt5nkMKzyiDKmlH0
-ZD7b9C5F8sdHF6j0+pBaf4CmgqzkbIFGu1KFICT4gOowgYCgbgYIKwYBBQUHAwQG
-CCsGAQUFBwMBBggrBgEFBQcDAwYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcD
-AwYIKwYBBQUHAwQGCCsGAQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUF
-BwMIDA5Cb2d1cyBsaXZlLmNvbQ==
------END TRUSTED CERTIFICATE-----
+
+# Buypass Class 2 Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -902,6 +513,8 @@ I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7
 Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqAwJTAKBggrBgEFBQcDAQwXQnV5
 cGFzcyBDbGFzcyAyIFJvb3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Buypass Class 3 Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -934,39 +547,8 @@ u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq
 4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZcwJTAKBggrBgEFBQcDAQwXQnV5
 cGFzcyBDbGFzcyAzIFJvb3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
-MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
-D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
-OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
-fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
-IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
-oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
-/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
-rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
-3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
-7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
-yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
-qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
-hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
-SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
-HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
-emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
-AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
-7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
-DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
-F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
-a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
-Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOLMDIw
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwQQ0EgRGlzaWcgUm9vdCBS
-MQ==
------END TRUSTED CERTIFICATE-----
+
+# CA Disig Root R2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
 BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
@@ -996,25 +578,11 @@ nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3
 gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr
 G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
 zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
-L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcLMDIw
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwQQ0EgRGlzaWcgUm9vdCBS
-Mg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
-CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
-EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
-NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
-MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
-KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
-1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
-1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
-aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5KMDQw
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwSQ0EgV29TaWduIEVDQyBS
-b290
+L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcLMCgw
+FAYIKwYBBQUHAwQGCCsGAQUFBwMBDBBDQSBEaXNpZyBSb290IFIy
 -----END TRUSTED CERTIFICATE-----
+
+# CFCA EV ROOT
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD
 TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
@@ -1048,27 +616,8 @@ AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
 5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63suMBowCgYIKwYBBQUHAwEM
 DENGQ0EgRVYgUk9PVA==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2
-MDcwOTE0WhcNMjcwNDE2MDcwOTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMF
-Q05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzDo+/hn7E7SIX1mlwh
-IhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tizVHa6
-dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZO
-V/kbZKKTVrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrC
-GHn2emU1z5DrvTOTn1OrczvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gN
-v7Sg2Ca+I19zN38m5pIEo3/PIKe38zrKy5nLAgMBAAGjczBxMBEGCWCGSAGG+EIB
-AQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscCwQ7vptU7ETAPBgNVHRMB
-Af8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991SlgrHAsEO
-76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnK
-OOK5Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvH
-ugDnuL8BV8F3RTIMO/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7Hgvi
-yJA/qIYM/PmLXoXLT1tLYhFHxUV8BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fL
-buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
-2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxEwGDAKBggr
-BgEFBQcDAQwKQ05OSUMgUk9PVA==
------END TRUSTED CERTIFICATE-----
+
+# COMODO Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
 gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -1092,9 +641,11 @@ IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/
 RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4
 zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
 BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
-ZTBAMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMHkNPTU9ETyBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eQ==
+ZTA2MBQGCCsGAQUFBwMEBggrBgEFBQcDAQweQ09NT0RPIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# COMODO ECC Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
 MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
@@ -1109,10 +660,11 @@ cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW
 BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
 BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
 fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
-GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdYwRDAeBggrBgEFBQcDBAYIKwYB
-BQUHAwEGCCsGAQUFBwMDDCJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9y
-aXR5
+GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdYwOjAUBggrBgEFBQcDBAYIKwYB
+BQUHAwEMIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHk=
 -----END TRUSTED CERTIFICATE-----
+
+# COMODO RSA Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
 hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -1145,9 +697,11 @@ jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL
 S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb
 QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
 0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
-NVOFBkpdn627G190MEQwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwi
-Q09NT0RPIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
+NVOFBkpdn627G190MDowFAYIKwYBBQUHAwQGCCsGAQUFBwMBDCJDT01PRE8gUlNB
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# Camerfirma Chambers of Commerce Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
 MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
@@ -1174,9 +728,11 @@ p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
 1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
 XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
 eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
-tGWaIZDgqtCYvDi1czyL+NwwRjAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUF
-BwMDDCRDYW1lcmZpcm1hIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3Q=
+tGWaIZDgqtCYvDi1czyL+NwwMjAKBggrBgEFBQcDBAwkQ2FtZXJmaXJtYSBDaGFt
+YmVycyBvZiBDb21tZXJjZSBSb290
 -----END TRUSTED CERTIFICATE-----
+
+# Camerfirma Global Chambersign Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
 MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
@@ -1203,32 +759,11 @@ bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
 ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
 VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
 ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
-AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8DBEMB4GCCsGAQUFBwMEBggrBgEFBQcD
-AQYIKwYBBQUHAwMMIkNhbWVyZmlybWEgR2xvYmFsIENoYW1iZXJzaWduIFJvb3Q=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
-BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
-MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
-JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
-gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
-5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
-fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
-2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
-KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
-fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
-3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
-SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
-LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
-XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRgwRjAeBggrBgEFBQcDBAYI
-KwYBBQUHAwEGCCsGAQUFBwMDDCRDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBvZiBX
-b1NpZ24gRzI=
+AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8DAwMAoGCCsGAQUFBwMEDCJDYW1lcmZp
+cm1hIEdsb2JhbCBDaGFtYmVyc2lnbiBSb290
 -----END TRUSTED CERTIFICATE-----
+
+# Certigna
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV
 BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X
@@ -1252,39 +787,8 @@ t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
 WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLjAgMBQGCCsGAQUFBwMEBggrBgEF
 BQcDAQwIQ2VydGlnbmE=
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjET
-MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAk
-BgNVBAMMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4
-Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNl
-cnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYwJAYDVQQDDB1DZXJ0
-aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jY
-F1AMnmHawE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N
-8y4oH3DfVS9O7cdxbwlyLu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWe
-rP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K
-/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92NjMD2AR5vpTESOH2VwnHu
-7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9qc1pkIuVC
-28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6
-lSTClrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1E
-nn1So2+WLhl+HPNbxxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB
-0iSVL1N6aaLwD4ZFjliCK0wi1F6g530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql09
-5gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna4NH4+ej9Uji29YnfAgMBAAGj
-WzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQN
-jLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
-KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9s
-ov3/4gbIOZ/xWqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZM
-OH8oMDX/nyNTt7buFHAAQCvaR6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q
-619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40nJ+U8/aGH88bc62UeYdocMMzpXDn
-2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1BCxMjidPJC+iKunqj
-o3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjvJL1v
-nxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG
-5ERQL1TEqkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWq
-pdEdnV1j6CTmNhTih60bWfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZb
-dsLLO7XSAPCjDuGtbkD326C00EauFddEwk01+dIL8hf2rGbVJLJP0RyZwG71fet0
-BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/vgt2Fl43N+bYdJeimUV5
-MCswCgYIKwYBBQUHAwEMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5l
------END TRUSTED CERTIFICATE-----
+
+# Certinomis - Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
 MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
@@ -1318,6 +822,8 @@ Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ
 gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUEwIjAKBggrBgEF
 BQcDAQwUQ2VydGlub21pcyAtIFJvb3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Certplus Class 2 Primary CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
 PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
@@ -1341,6 +847,8 @@ kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
 l7+ijrRUMDMwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBtDZXJ0cGx1cyBDbGFzcyAy
 IFByaW1hcnkgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Certplus Root CA G1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA
 MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy
@@ -1373,6 +881,8 @@ g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl
 ++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvow
 KzAUBggrBgEFBQcDBAYIKwYBBQUHAwEME0NlcnRwbHVzIFJvb3QgQ0EgRzE=
 -----END TRUSTED CERTIFICATE-----
+
+# Certplus Root CA G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x
 CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs
@@ -1388,6 +898,8 @@ p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal
 U5ORGpOucGpnutee5WEaXzArMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwTQ2VydHBs
 dXMgUm9vdCBDQSBHMg==
 -----END TRUSTED CERTIFICATE-----
+
+# Certum Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
 MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
@@ -1405,9 +917,10 @@ TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
 xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
 CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
 O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
-6GAqm4VKQPNriiTsBhYsczAwMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUH
-AwMMDkNlcnR1bSBSb290IENB
+6GAqm4VKQPNriiTsBhYsczAcMAoGCCsGAQUFBwMEDA5DZXJ0dW0gUm9vdCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# Certum Trusted Network CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
 MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
@@ -1429,9 +942,11 @@ I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8
 J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
 VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
 03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyww
-OzAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBlDZXJ0dW0gVHJ1c3Rl
-ZCBOZXR3b3JrIENB
+MTAUBggrBgEFBQcDBAYIKwYBBQUHAwEMGUNlcnR1bSBUcnVzdGVkIE5ldHdvcmsg
+Q0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Certum Trusted Network CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB
 gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
@@ -1467,6 +982,8 @@ XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P
 DrW5viSPMDMwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBtDZXJ0dW0gVHJ1c3RlZCBO
 ZXR3b3JrIENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# Chambers of Commerce Root - 2008
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1507,34 +1024,11 @@ tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq
 jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De
 fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
 OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
-d0jQMEIwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwgQ2hhbWJlcnMg
-b2YgQ29tbWVyY2UgUm9vdCAtIDIwMDg=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
-Q04xMjAwBgNVBAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24g
-Q2VudGVyMUcwRQYDVQQDDD5DaGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0
-aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMgUm9vdDAeFw0xMDA4MzEwNzExMjVa
-Fw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAGA1UECgwpQ2hpbmEg
-SW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMMPkNo
-aW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRp
-ZmljYXRlcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z
-7r07eKpkQ0H1UN+U8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//
-DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1Vx
-zUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8
-hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs
-4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54u
-gQEC7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oY
-NJKiyoOCWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
-FgQUfHJLOcfA22KlT5uqGDSSosqDglkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3
-j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd50XPFtQO3WKwMVC/GVhMPMdoG
-52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM7+czV0I664zB
-echNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
-ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrI
-zo9uoV1/A3U05K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATy
-wy39FCqQmbkHzJ8wTDAKBggrBgEFBQcDAQw+Q2hpbmEgSW50ZXJuZXQgTmV0d29y
-ayBJbmZvcm1hdGlvbiBDZW50ZXIgRVYgQ2VydGlmaWNhdGVzIFJvb3Q=
+d0jQMDgwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDCBDaGFtYmVycyBvZiBDb21tZXJj
+ZSBSb290IC0gMjAwOA==
 -----END TRUSTED CERTIFICATE-----
+
+# ComSign CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0
 MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG
@@ -1557,29 +1051,8 @@ hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk
 Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U
 AGegcQCCSDAYMAoGCCsGAQUFBwMEDApDb21TaWduIENB
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDqzCCApOgAwIBAgIRAMcoRwmzuGxFjB36JPU2TukwDQYJKoZIhvcNAQEFBQAw
-PDEbMBkGA1UEAxMSQ29tU2lnbiBTZWN1cmVkIENBMRAwDgYDVQQKEwdDb21TaWdu
-MQswCQYDVQQGEwJJTDAeFw0wNDAzMjQxMTM3MjBaFw0yOTAzMTYxNTA0NTZaMDwx
-GzAZBgNVBAMTEkNvbVNpZ24gU2VjdXJlZCBDQTEQMA4GA1UEChMHQ29tU2lnbjEL
-MAkGA1UEBhMCSUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGtWhf
-HZQVw6QIVS3joFd67+l0Kru5fFdJGhFeTymHDEjWaueP1H5XJLkGieQcPOqs49oh
-gHMhCu95mGwfCP+hUH3ymBvJVG8+pSjsIQQPRbsHPaHA+iqYHU4Gk/v1iDurX8sW
-v+bznkqH7Rnqwp9D5PGBpX8QTz7RSmKtUxvLg/8HZaWSLWapW7ha9B20IZFKF3ue
-Mv5WJDmyVIRD9YTC2LxBkMyd1mja6YJQqTtoz7VdApRgFrFD2UNd3V2Hbuq7s8lr
-9gOUCXDeFhF6K+h2j0kQmHe5Y1yLM5d19guMsqtb3nQgJT/j8xH5h2iGNXHDHYwt
-6+UarA9z1YJZQIDTAgMBAAGjgacwgaQwDAYDVR0TBAUwAwEB/zBEBgNVHR8EPTA7
-MDmgN6A1hjNodHRwOi8vZmVkaXIuY29tc2lnbi5jby5pbC9jcmwvQ29tU2lnblNl
-Y3VyZWRDQS5jcmwwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFMFL7XC29z58
-ADsAj8c+DkWfHl3sMB0GA1UdDgQWBBTBS+1wtvc+fAA7AI/HPg5Fnx5d7DANBgkq
-hkiG9w0BAQUFAAOCAQEAFs/ukhNQq3sUnjO2QiBq1BW9Cav8cujvR3qQrFHBZE7p
-iL1DRYHjZiM/EoZNGeQFsOY3wo3aBijJD4mkU6l1P7CW+6tMM1X5eCZGbxs2mPtC
-dsGCuY7e+0X5YxtiOzkGynd6qDwJz2w2PQ8KRUtpFhpFfTMDZflScZAmlaxMDPWL
-kz/MdXSFmLr/YnpNH4n+rr2UAJm/EaXc4HnFFgt9AmEd6oX5AhVP51qJThRv4zdL
-hfXBPGHg/QVBspJ/wx2g0K5SZGBrGMYmnNj1ZOQ2GmKfig8+/21OGVZOIJFsnzQz
-OjRXUDpvgV4GxvU+fE6OK85lBi5d0ipTdF7TbieejzAgMAoGCCsGAQUFBwMDDBJD
-b21TaWduIFNlY3VyZWQgQ0E=
------END TRUSTED CERTIFICATE-----
+
+# Comodo AAA Services root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
 MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
@@ -1603,63 +1076,11 @@ GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
 Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
 G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
 l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
-smPi9WIsgtRqAEFQ8TmDn5XpNpaYbjA6MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYI
-KwYBBQUHAwMMGENvbW9kbyBBQUEgU2VydmljZXMgcm9vdA==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/SkwPTAeBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDDBtDb21vZG8gU2VjdXJlIFNlcnZpY2VzIHJv
-b3Q=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBiMD4wHgYIKwYB
-BQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwcQ29tb2RvIFRydXN0ZWQgU2Vydmlj
-ZXMgcm9vdA==
+smPi9WIsgtRqAEFQ8TmDn5XpNpaYbjAwMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwY
+Q29tb2RvIEFBQSBTZXJ2aWNlcyByb290
 -----END TRUSTED CERTIFICATE-----
+
+# Cybertrust Global Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG
 A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
@@ -1683,6 +1104,8 @@ A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW
 WL1WMRJOEcgh4LMRkWXbtKaIOM5VMCQwCgYIKwYBBQUHAwEMFkN5YmVydHJ1c3Qg
 R2xvYmFsIFJvb3Q=
 -----END TRUSTED CERTIFICATE-----
+
+# D-TRUST Root CA 3 2013
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD
@@ -1708,6 +1131,8 @@ h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln
 tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXDAkMAoGCCsGAQUFBwME
 DBZELVRSVVNUIFJvb3QgQ0EgMyAyMDEz
 -----END TRUSTED CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 2009
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD
@@ -1734,6 +1159,8 @@ PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y
 Johw1+qRzT65ysCQblrGXnRl11z+o+IwLDAKBggrBgEFBQcDAQweRC1UUlVTVCBS
 b290IENsYXNzIDMgQ0EgMiAyMDA5
 -----END TRUSTED CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 EV 2009
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
@@ -1760,31 +1187,8 @@ xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX
 KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1MC8wCgYIKwYB
 BQUHAwEMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOQ==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
-ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
-MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
-VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
-FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
-ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
-gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
-fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
-ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
-ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
-c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
-dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
-aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
-hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
-QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
-h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
-nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
-rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
-9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6miswHDAKBggrBgEFBQcDAQwORFNU
-IEFDRVMgQ0EgWDY=
------END TRUSTED CERTIFICATE-----
+
+# DST Root CA X3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
 MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
@@ -1806,6 +1210,8 @@ JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
 Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQMBwwCgYIKwYBBQUHAwEMDkRT
 VCBSb290IENBIFgz
 -----END TRUSTED CERTIFICATE-----
+
+# Deutsche Telekom Root CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
 MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
@@ -1826,9 +1232,11 @@ tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
 IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
 6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
 xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
-Cm26OWMohpLzGITY+9HPBVZkVzA8MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYB
-BQUHAwMMGkRldXRzY2hlIFRlbGVrb20gUm9vdCBDQSAy
+Cm26OWMohpLzGITY+9HPBVZkVzAyMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwaRGV1
+dHNjaGUgVGVsZWtvbSBSb290IENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Assured ID Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1849,10 +1257,11 @@ dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf
 fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm
 NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
 H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
-+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8jA9MB4G
-CCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMG0RpZ2lDZXJ0IEFzc3VyZWQg
-SUQgUm9vdCBDQQ==
++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8jAzMBQG
+CCsGAQUFBwMEBggrBgEFBQcDAQwbRGlnaUNlcnQgQXNzdXJlZCBJRCBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Assured ID Root G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1873,9 +1282,11 @@ QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I
 lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9
 B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
 ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
-IhNzbM8m9Yop5zA9MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMG0Rp
-Z2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBHMg==
+IhNzbM8m9Yop5zAzMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwbRGlnaUNlcnQgQXNz
+dXJlZCBJRCBSb290IEcy
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Assured ID Root G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1889,9 +1300,11 @@ RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
 BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD
 AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
 JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
-6pZjamVFkpUBtDA9MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMG0Rp
-Z2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBHMw==
+6pZjamVFkpUBtDAzMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwbRGlnaUNlcnQgQXNz
+dXJlZCBJRCBSb290IEcz
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Global Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1912,9 +1325,11 @@ hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
 06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
 PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
 YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
-CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4wOTAeBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDDBdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQQ==
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4wLzAUBggrBgEFBQcD
+BAYIKwYBBQUHAwEMF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Global Root G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1935,9 +1350,11 @@ NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
 Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
 8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
 pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
-MrYwOTAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBdEaWdpQ2VydCBH
-bG9iYWwgUm9vdCBHMg==
+MrYwLzAUBggrBgEFBQcDBAYIKwYBBQUHAwEMF0RpZ2lDZXJ0IEdsb2JhbCBSb290
+IEcy
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Global Root G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1951,9 +1368,11 @@ Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd
 BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx
 AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
 oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
-sycXMDkwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwXRGlnaUNlcnQg
-R2xvYmFsIFJvb3QgRzM=
+sycXMC8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBdEaWdpQ2VydCBHbG9iYWwgUm9v
+dCBHMw==
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert High Assurance EV Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1975,9 +1394,11 @@ eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
 hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
 Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
 vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
-+OkuE6N36B9KMEQwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwiRGln
-aUNlcnQgSGlnaCBBc3N1cmFuY2UgRVYgUm9vdCBDQQ==
++OkuE6N36B9KMDowFAYIKwYBBQUHAwQGCCsGAQUFBwMBDCJEaWdpQ2VydCBIaWdo
+IEFzc3VyYW5jZSBFViBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Trusted Root G4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -2008,9 +1429,11 @@ cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N
 4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI
 r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
 /YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
-gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+MDowHgYIKwYBBQUH
-AwQGCCsGAQUFBwMBBggrBgEFBQcDAwwYRGlnaUNlcnQgVHJ1c3RlZCBSb290IEc0
+gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+MDAwFAYIKwYBBQUH
+AwQGCCsGAQUFBwMBDBhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQ=
 -----END TRUSTED CERTIFICATE-----
+
+# E-Tugra Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
 BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
@@ -2045,9 +1468,11 @@ FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl
 yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P
 AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
 y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
-NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJDA3MBQGCCsGAQUFBwMBBggr
-BgEFBQcDAwwfRS1UdWdyYSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
+NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJDAtMAoGCCsGAQUFBwMBDB9F
+LVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# EC-ACC
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB
 8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
@@ -2079,6 +1504,8 @@ Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS
 Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl
 nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EIwFDAKBggrBgEFBQcDAQwGRUMtQUND
 -----END TRUSTED CERTIFICATE-----
+
+# EE Certification Centre Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1
 MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
@@ -2101,9 +1528,11 @@ v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG
 E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u
 uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW
 iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v
-GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0wNzAUBggrBgEFBQcDAQYIKwYBBQUHAwMM
-H0VFIENlcnRpZmljYXRpb24gQ2VudHJlIFJvb3QgQ0E=
+GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0wLTAKBggrBgEFBQcDAQwfRUUgQ2VydGlm
+aWNhdGlvbiBDZW50cmUgUm9vdCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# Entrust.net Premium 2048 Secure Server CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
 RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
@@ -2127,9 +1556,11 @@ U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf
 zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b
 u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
 bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
-fF6adulZkMV8gzURZVEwSzAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMD
-DClFbnRydXN0Lm5ldCBQcmVtaXVtIDIwNDggU2VjdXJlIFNlcnZlciBDQQ==
+fF6adulZkMV8gzURZVEwQTAUBggrBgEFBQcDBAYIKwYBBQUHAwEMKUVudHJ1c3Qu
+bmV0IFByZW1pdW0gMjA0OCBTZWN1cmUgU2VydmVyIENB
 -----END TRUSTED CERTIFICATE-----
+
+# Entrust Root Certification Authority - EC1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
 A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
@@ -2146,10 +1577,12 @@ ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH
 Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
 BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
 R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
-hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4GMEww
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwqRW50cnVzdCBSb290IENl
-cnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMx
+hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4GMEIw
+FAYIKwYBBQUHAwQGCCsGAQUFBwMBDCpFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkgLSBFQzE=
 -----END TRUSTED CERTIFICATE-----
+
+# Entrust Root Certification Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
@@ -2173,10 +1606,12 @@ jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ
 Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
 1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R
 nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
-VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9jBLMB4GCCsGAQUFBwME
-BggrBgEFBQcDAQYIKwYBBQUHAwMMKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eSAtIEcy
+VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9jBBMBQGCCsGAQUFBwME
+BggrBgEFBQcDAQwpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# Entrust Root Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
@@ -2205,73 +1640,8 @@ eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
 0vdXcDazv/wor3ElhVsT/h5/WrQ8MDIwCgYIKwYBBQUHAwEMJEVudHJ1c3QgUm9v
 dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFRTCCBK6gAwIBAgIED////zANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0ExIDAeBgkqhkiG9w0BCQEWEWluZm9AZGlnaW5vdGFyLm5sMB4XDTA2MTAwNDEw
-NTQxMloXDTExMTAwNDEwNTMxMlowYDELMAkGA1UEBhMCTkwxEjAQBgNVBAoTCURp
-Z2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFyIEN5YmVyIENBMSAwHgYJKoZIhvcN
-AQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
-AgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P89DS5+SxD52ATPXrjss87Z2yQrcC5
-P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXyXUte0dmHutZ9fPXOMp8QM8WxSrte
-kTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCIA6U/i5kTYUO1m4Kz7iBvz6FEouov
-a0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpcSQhdvd5wQbEPyWNr0380dAIvNFp4
-dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtBpcmM5r3qSLYFFgizNxJa92E89zhv
-Lpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2VVgIKgmCyc0XgMyZRdJq51FAc9k1b
-W1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJNEH3gW8/nsl8dVWw58Gzd+jDxAA1
-lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6uc8kpmp/3mQiRFhogmoQ+T3lPhu5
-vfwi9GAEibtVbShV+t6OjRshFNc3izR7TfayshDPM7F9HGKZSMsrbHaWVb8ZDR0f
-u2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0fc1zvrPtTsHR7VJej/e4142HrbLZ
-G1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kUxbHuWUOV36toKDA/AgMBAAGjggGG
-MIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMGA1UdIARMMEowSAYJKwYBBAGxPgEA
-MDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cucHVibGljLXRydXN0LmNvbS9DUFMv
-T21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMCAQYwgaAGA1UdIwSBmDCBlYAUpgwd
-n2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9H
-VEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNvbHV0aW9u
-cywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJvb3SCAgGl
-MEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0LmNvbS9j
-Z2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFKv5aN/PSjfXe0WMX3Le
-QETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9oa6VbB7pEZg4cqFwwezPkCiYE/O+e
-GjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4BJ98UAHV42mv7xXSRZskCSpmBU8l
-gcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE9r1TgSOWPbT6MopTZkQloiXGpjwl
-jPDgKAYityZBMIGYoG4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsG
-AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDBQYI
-KwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwmRXhwbGljaXRseSBEaXN0cnVz
-dCBEaWdpTm90YXIgQ3liZXIgQ0E=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFATCCBGqgAwIBAgIED////zANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0EwHhcNMDYwOTI3MTA1MzUzWhcNMTMwOTIwMDk0NDA3WjA+MQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDSzhUKLahehGet/b7v
-RsfIuc9z/PQ0ufksQ+dgEz1647LPO2dskK3AuT+EUvA1Qtx03Cg7vVK0p6xyRRfG
-8InrtKol8l1LXtHZh7rWfXz1zjKfEDPFsUq7XpExwtDpQcKRZH4JQTvbiwg3aqrK
-Ut61OR7AiAOlP4uZE2FDtZuCs+4gb8+hRKLqL2tAn48rV62hU8KFImmdoD9R3wtB
-kQ2l4aiqXEkIXb3ecEGxD8lja9N/NHQCLzRaeHUcaHqBZ4rz2kDwYGP0kiDXA6Y9
-ox5nxIQbQaXJjOa96ki2BRYIszcSWvdhPPc4by6X4G9WOFTTKLWtFG4uS2S1J2W3
-dSUJtgc9lVYCCoJgsnNF4DMmUXSaudRQHPZNW1tSUhNapn+nDuHoQVRnmIyH1cnT
-bMvTVJIGCTRB94FvP57JfHVVsOfBs3fow8QANZVAcBBKBd4lu59ZpWS8R2C/YON2
-ixNV3eF0ernPJKZqf95kIkRYaIJqEPk95T4bub38IvRgBIm7VW0oVfrejo0bIRTX
-N4s0e032srIQzzOxfRximUjLK2x2llW/GQ0dH7tlqhuOmbXGKJDlgi14UCCa/Xkv
-JH/wiSlp9H3Nc76z7U7B0e1SXo/3uNeNh62y2RtREv9Ws+GvNH1cpHiIEJ6dA8al
-qqIkUfdJFMWx7llDld+raCgwPwIDAQABo4IBhjCCAYIwEgYDVR0TAQH/BAgwBgEB
-/wIBATBTBgNVHSAETDBKMEgGCSsGAQQBsT4BADA7MDkGCCsGAQUFBwIBFi1odHRw
-Oi8vd3d3LnB1YmxpYy10cnVzdC5jb20vQ1BTL09tbmlSb290Lmh0bWwwDgYDVR0P
-AQH/BAQDAgEGMIGgBgNVHSMEgZgwgZWAFKYMHZ9h/wcXtb84RttDMNWOsFIGoXmk
-dzB1MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYD
-VQQLEx5HVEUgQ3liZXJUcnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdU
-RSBDeWJlclRydXN0IEdsb2JhbCBSb290ggIBpTBFBgNVHR8EPjA8MDqgOKA2hjRo
-dHRwOi8vd3d3LnB1YmxpYy10cnVzdC5jb20vY2dpLWJpbi9DUkwvMjAxOC9jZHAu
-Y3JsMB0GA1UdDgQWBBSr+Wjfz0o313tFjF9y3kBEw2W7wjANBgkqhkiG9w0BAQUF
-AAOBgQAJymIPjbtK4NR6NSsGLdEoYbasAfuDSbyu1C8thq4Zg6XWHRPiF77+MnTp
-ehQ4ypRe9ykBaXEbkRr9o7uqHcp74hb9oaMO8wxfsuEgMZQrXpJ27frptSOmvwo7
-A6lvUmBUzV/pty98oif9QYN1tg37eCbzsUXpMpUqGjUhlcWidTCBnKBuBggrBgEF
-BQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsG
-AQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYI
-KwYBBQUHAwgMKkV4cGxpY2l0bHkgRGlzdHJ1c3QgRGlnaU5vdGFyIEN5YmVyIENB
-IDJuZA==
------END TRUSTED CERTIFICATE-----
+
+# Explicitly Distrust DigiNotar Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFijCCA3KgAwIBAgIQD////////////////////zANBgkqhkiG9w0BAQUFADBf
 MQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdp
@@ -2307,60 +1677,8 @@ BgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMG
 CCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcD
 CAwlRXhwbGljaXRseSBEaXN0cnVzdCBEaWdpTm90YXIgUm9vdCBDQQ==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDcTCCAtqgAwIBAgIED////zANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMSMwIQYDVQQDExpEaWdpTm90YXIgU2Vydmlj
-ZXMgMTAyNCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwHhcN
-MDcwNzI2MTU1OTAxWhcNMTMwODI2MTYyOTAxWjBoMQswCQYDVQQGEwJOTDESMBAG
-A1UEChMJRGlnaU5vdGFyMSMwIQYDVQQDExpEaWdpTm90YXIgU2VydmljZXMgMTAy
-NCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwgZ8wDQYJKoZI
-hvcNAQEBBQADgY0AMIGJAoGBANqbTV08+dHii8bGCCDF2R5I7GZYZ3liK0Fj9ImN
-aNqvuJQ2ixkkpKCT0pkPsq0tNU3NL2rh+ZsZK7wEGn4tPVJkzfE+Zw+JLujyT66m
-CKGF/qGpCebGqz5D/K96A5HapjmmYe6YTxio07OvZoLpn7zdcvkGBL0S2Rgk56uT
-U4tZAgMBAAGjggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4G
-CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAA
-MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
-dC5uZXQwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9z
-ZXJ2ZXIxLmNybDAdBgNVHQ4EFgQU/tyUSQxv71x/xvESmU8WSa37gmUwCwYDVR0P
-BAQDAgEGMB8GA1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2
-fQdBAAQMMAobBFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAGN0ajepP5acZshY
-rAnJ7/VllH+jAsQ4Mb1dI4fs1FayybJu5AUG/Oz1+ohwWdTu5t21eqCjYC8CDKve
-El2v8DVLqopHkRr1hSxCxx3vlUOzXriVk6XaxSiqrXItMa2Za2z/jCEnr62akSvH
-3VjDbgfFn3nSx4xVv0zHJ15RFis+MIGgoG4GCCsGAQUFBwMEBggrBgEFBQcDAQYI
-KwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwME
-BggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwuRXhwbGlj
-aXRseSBEaXN0cnVzdCBEaWdpTm90YXIgU2VydmljZXMgMTAyNCBDQQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEjjCCA3agAwIBAgIED////zANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJO
-TDEXMBUGA1UEChMORGlnaU5vdGFyIEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQ
-S0lvdmVyaGVpZCBDQSBPdmVyaGVpZCBlbiBCZWRyaWp2ZW4wHhcNMDcwNzA1MDg0
-MjA4WhcNMTUwNzI3MDgzOTQ3WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGln
-aU5vdGFyIEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBP
-dmVyaGVpZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQDcvdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6H
-Vcg+uwQ5AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalk
-LU3DL7nnUNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rm
-MgeUVAVTQ+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ
-/aB2jKx+ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC
-36esgl3HaLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0G
-BFUdIAAwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3Bz
-L3BraW92ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGA
-BgNVHSMEeTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMC
-TkwxHjAcBgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3Rh
-YXQgZGVyIE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCg
-LoYsaHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmww
-HQYDVR0OBBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IB
-AQAMlIcav03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+m
-riXiRWsiD7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X
-5HNhIxMmcUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZ
-hzizDXMU5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro
-5Ij76eUvBjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkeg
-llYOQJBRRKwa/fHuhR/3QlplMIGdoG4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYB
-BQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggr
-BgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwrRXhwbGljaXRs
-eSBEaXN0cnVzdGVkIERpZ2lOb3RhciBQS0lvdmVyaGVpZA==
------END TRUSTED CERTIFICATE-----
+
+# Explicitly Distrusted DigiNotar PKIoverheid G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGlTCCBH2gAwIBAgIED////zANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEXMBUGA1UECgwORGlnaU5vdGFyIEIuVi4xMjAwBgNVBAMMKURpZ2lOb3RhciBQ
@@ -2402,94 +1720,43 @@ AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDBQYI
 KwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwuRXhwbGljaXRseSBEaXN0cnVz
 dGVkIERpZ2lOb3RhciBQS0lvdmVyaGVpZCBHMg==
 -----END TRUSTED CERTIFICATE-----
+
+# GDCA TrustAUTH R5 ROOT
 -----BEGIN TRUSTED CERTIFICATE-----
-MIIEkjCCA3qgAwIBAgIESTMAjjANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMTUwMzE5
-MDYyMDA5WhcNMTUwNDAzMDYyMDA5WjA8MQswCQYDVQQGEwJFRzETMBEGA1UECgwK
-TUNTSE9MRElORzEYMBYGA1UEAwwPTUNTSE9MRElORyBURVNUMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfl1DAau7gwRzZYzTWvOwEoMPV3r0ksJf+dH
-LKxxAPkIrzTxo2rH/OarztC+ys0qmJi50I4zSQdhINFaNM6DFAZ5jhq/2+SgODru
-lLmjoFg6iRSsYD4D1MfNOxywmogaSRCpsLL95ejhBOLqgm3+DFFFka11Iq7/T5AL
-wFNldz4ewla1NsbWhcwOgxozH3aZWyuXK4vX0RQVTJ1Z14AvpKKF1Yg2AmBVyljf
-k/xKYgeW08T6v40BJ5cvplx08TpCbl15FDAxGjzZsldN4Lg/D2kxop1lmdnWMYe1
-mCbf8Mu7FcAkE2JSGmvLRQeX48SUXskNRyzpz+n0j/414TLnMQIDAQABo4IBpDCC
-AaAwdgYIKwYBBQUHAQEEajBoMCkGCCsGAQUFBzABhh1odHRwOi8vb2NzcGNubmlj
-cm9vdC5jbm5pYy5jbjA7BggrBgEFBQcwAoYvaHR0cDovL3d3dy5jbm5pYy5jbi9k
-b3dubG9hZC9jZXJ0L0NOTklDUk9PVC5jZXIwHwYDVR0jBBgwFoAUZfIxrSr3991S
-lgrHAsEO76bVOxEwDwYDVR0TAQH/BAUwAwEB/zA/BgNVHSAEODA2MDQGCisGAQQB
-gekMAQYwJjAkBggrBgEFBQcCARYYaHR0cDovL3d3dy5jbm5pYy5jbi9jcHMvMIGG
-BgNVHR8EfzB9MEKgQKA+pDwwOjELMAkGA1UEBhMCQ04xDjAMBgNVBAoMBUNOTklD
-MQwwCgYDVQQLDANjcmwxDTALBgNVBAMMBGNybDEwN6A1oDOGMWh0dHA6Ly9jcmwu
-Y25uaWMuY24vZG93bmxvYWQvcm9vdHNoYTJjcmwvQ1JMMS5jcmwwCwYDVR0PBAQD
-AgEGMB0GA1UdDgQWBBREpImrFF89byA8qnz6Ga70SGAFtTANBgkqhkiG9w0BAQsF
-AAOCAQEAXLT1U5tPueCEiTG+ni7qniFLpY9toabzL0jr6dutHjGA0Hk7EO+aJPeT
-GzXzGsLHwiwKf29b8V9zkQT7DXkN6RoG1oP9TmCdbJJDTOpkmESr1/tH0K8fZEzi
-3XdoFsIsoaCBlwBCH34geOjGUB0LfxWTWVhAFITwp5BrNgVn6n8ibbvRpSZNszCk
-WNRbtRqMUIy4DeGgB7MPWM7XBbV9NXlvotsMACpoJIx+nMF2Sbp8ZhHe8kfO/tDO
-Vb4I2vJ5JioVOc5rGKbf2IcomZQOLWihms5SNpwr7LRos2wVrMtwQvLEQaXI/CF4
-U3cyIKkhTHLi07LJdhsYWEILQpKz5DCBlaBuBggrBgEFBQcDBAYIKwYBBQUHAwEG
-CCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcD
-BAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwgMI0V4cGxp
-Y2l0bHkgRGlzdHJ1c3RlZCBNQ1NIT0xESU5HIENB
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDzTCCAzagAwIBAgIGB///////MA0GCSqGSIb3DQEBBQUAMHUxCzAJBgNVBAYT
-AlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJl
-clRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3Qg
-R2xvYmFsIFJvb3QwHhcNMDcwNzE3MTUxNzQ5WhcNMTIwNzE3MTUxNjU1WjBjMQsw
-CQYDVQQGEwJNWTEbMBkGA1UEChMSRGlnaWNlcnQgU2RuLiBCaGQuMREwDwYDVQQL
-Ewg0NTc2MDgtSzEkMCIGA1UEAxMbRGlnaXNpZ24gU2VydmVyIElEIChFbnJpY2gp
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtqGRLTYfHhFm5+5BGoKaJwPH+
-1dpUgjcNmStFJgroVrB/yqj0jkeEAYIp47NqtZHz+5WFvHKoZOgKQJzF9HGue3tq
-B+qQFE+Nia+Uq7IG1AJqe5gfWbk6zVT6IN+yKgrpuN1pkMAp007Ql+1mzMUZSQZ/
-+l4sfHuFGzJC33uVJQIDAQABo4IBeDCCAXQwEgYDVR0TAQH/BAgwBgEB/wIBADBc
-BgNVHSAEVTBTMEgGCSsGAQQBsT4BADA7MDkGCCsGAQUFBwIBFi1odHRwOi8vY3li
-ZXJ0cnVzdC5vbW5pcm9vdC5jb20vcmVwb3NpdG9yeS5jZm0wBwYFYINKAQEwDgYD
-VR0PAQH/BAQDAgHmMIGJBgNVHSMEgYEwf6F5pHcwdTELMAkGA1UEBhMCVVMxGDAW
-BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
-U29sdXRpb25zLCBJbmMuMSMwIQYDVQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwg
-Um9vdIICAaUwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1
-c3QuY29tL2NnaS1iaW4vQ1JMLzIwMTgvY2RwLmNybDAdBgNVHQ4EFgQUxhaTThYX
-7BaujJR284ZtxXRuhHcwDQYJKoZIhvcNAQEFBQADgYEAdgB7pngrZh2OXjbGpI4F
-8iOSfJNn0/TACn2LLdnq1W8a8+FKKVoihE1QL0sM8v+FwntV1ESCvm2sZ468tB+S
-nFGAGhT2bqthiAutHH/3S1BR1mUbpkdxFV6wcfM1FPI3vWPI1fCTWjRf2D3oXffF
-HsDlzx+GJKk8B2bNwdI2Y1kwgaqgbgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsG
-AQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUFBwMIDDhFeHBsaWNpdGx5
-IERpc3RydXN0ZWQgTWFsYXlzaWFuIERpZ2ljZXJ0IFNkbi4gQmhkLiAoY3liKQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIE0DCCA7igAwIBAgIGB///////MA0GCSqGSIb3DQEBBQUAMIG0MRQwEgYDVQQK
-EwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4
-IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5
-OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2Vy
-dGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMB4XDTEwMDcxNjE3MjMzOFoXDTE1
-MDcxNjE3NTMzOFowZTELMAkGA1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNk
-bi4gQmhkLjERMA8GA1UECxMINDU3NjA4LUsxJjAkBgNVBAMTHURpZ2lzaWduIFNl
-cnZlciBJRCAtIChFbnJpY2gpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAxYnk9A0GQJJZxxqzNdEOTCoz+fivyp5/7rmnbWD0VOhv1ZvzG2MxBGhy0TQW
-jLQXLJfec8XYkBWgGiv1y7NIhkTwHYhMzkFCGu/1DN7+QNo5IPcGVTpqnUbB0m+l
-sshXPimjnODphXdm6JinJH6+wFkg5URvtlfYvs7CZXdYxmFB0XQEyH9JQsVyqXIW
-7ozdEl20StTRr1C32Kp1dmitPl2qMG1hqKsQWz4TvzPgr0SdOCJb70wvpnEmFSbK
-KIzZ+o6OqaIUNeKbJIi09H+FnYNPB6G2FJA2xDQcjSZhbRNveL7ojyfHS4SWo4Zo
-DCO+C+yMlACpBIoTkPffhWwMsQIDAQABo4IBNDCCATAwDgYDVR0PAQH/BAQDAgEG
-MBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUF
-BwMCBggrBgEFBQcDBDAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6
-Ly9vY3NwLmVudHJ1c3QubmV0MEQGA1UdIAQ9MDswOQYFYINKAQEwMDAuBggrBgEF
-BQcCARYiaHR0cDovL3d3dy5kaWdpY2VydC5jb20ubXkvY3BzLmh0bTAyBgNVHR8E
-KzApMCegJaAjhiFodHRwOi8vY3JsLmVudHJ1c3QubmV0LzIwNDhjYS5jcmwwEQYD
-VR0OBAoECExOzCUoAymBMB8GA1UdIwQYMBaAFFXkgdERgL7YibkIozH5oSQJFrlw
-MA0GCSqGSIb3DQEBBQUAA4IBAQCXTO9KOkmscvwwIGu0KVunxZUEkPky1cKFat4D
-oTf5iQCwWqxVfttDNf/JAfhRvswmyshqpMRUPiYe5wyjzZdnlN2mQutczY85eWsz
-eSEGefqCRBWZzMG3OdNGYnyycOtvziCqPhm36XSCnLSlS01hADfkh9LyFDpkfLip
-e2HgkyLn1Z8+R+Y2dqBT2AADOg+1M/6WytPSgjou3ddI4eSnacwc6ZlK58pwRdcL
-Bw6adRvQL5Jv9qQHw70cS6aEtn2omqnSpynxC1dpHpdXJuwrQ6zURYMFAOnj8EZA
-B/rqsVFzkxyl3VMRN8gqpxUnHbSqzH+qMTD8uEWfSAntEOLFMIGpoG4GCCsGAQUF
-BwMEBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB
-BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggr
-BgEFBQcDCAw3RXhwbGljaXRseSBEaXN0cnVzdGVkIE1hbGF5c2lhbiBEaWdpY2Vy
-dCBTZG4uIEJoZC4gKGVuKQ==
+MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w
+HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj
+Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj
+TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u
+KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj
+qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm
+MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12
+ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP
+zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk
+L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC
+jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA
+HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC
+AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg
+p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm
+DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5
+COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry
+L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf
+JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg
+IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io
+2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV
+09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ
+XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq
+T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe
+MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0jAkMAoGCCsGAQUFBwMBDBZHRENB
+IFRydXN0QVVUSCBSNSBST09U
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Global CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
 MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
@@ -2508,31 +1775,11 @@ Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
 tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
 PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
 hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
-5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMzA0MB4GCCsG
-AQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMEkdlb1RydXN0IEdsb2JhbCBDQQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bDA2MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMFEdl
-b1RydXN0IEdsb2JhbCBDQSAy
+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMzAqMBQGCCsG
+AQUFBwMEBggrBgEFBQcDAQwSR2VvVHJ1c3QgR2xvYmFsIENB
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
 MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
@@ -2548,10 +1795,11 @@ tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO
 BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG
 CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
 qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
-rD6ogRLQy7rQkgu2npaqBA+KME8wHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
-IEcy
+rD6ogRLQy7rQkgu2npaqBA+KMEUwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDC1HZW9U
+cnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
 mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
@@ -2574,10 +1822,11 @@ zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN
 kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD
 AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
 SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
-spki4cErx5z481+oghLrGREtME8wHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
-IEcz
+spki4cErx5z481+oghLrGREtMEUwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDC1HZW9U
+cnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
 MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
@@ -2600,6 +1849,8 @@ UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
 AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6VkwNjAKBggrBgEFBQcDAQwo
 R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Universal CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
@@ -2629,10 +1880,11 @@ QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW
 koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9
 ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
 DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
-bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iwwNzAe
-BggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBVHZW9UcnVzdCBVbml2ZXJz
-YWwgQ0E=
+bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iwwLTAU
+BggrBgEFBQcDBAYIKwYBBQUHAwEMFUdlb1RydXN0IFVuaXZlcnNhbCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Universal CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
@@ -2663,9 +1915,11 @@ GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m
 OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
 6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
 QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
-MDkwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwXR2VvVHJ1c3QgVW5p
-dmVyc2FsIENBIDI=
+MC8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBdHZW9UcnVzdCBVbml2ZXJzYWwgQ0Eg
+Mg==
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
@@ -2677,9 +1931,11 @@ FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw
 DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F
 uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
 kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
-ewv4n4QwPTAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBtHbG9iYWxT
-aWduIEVDQyBSb290IENBIC0gUjQ=
+ewv4n4QwMzAUBggrBgEFBQcDBAYIKwYBBQUHAwEMG0dsb2JhbFNpZ24gRUNDIFJv
+b3QgQ0EgLSBSNA==
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R5
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
@@ -2692,9 +1948,11 @@ hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
 VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI
 KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
 515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
-xwy8p2Fp8fc74SrL+SvzZpA3MD0wHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1
+xwy8p2Fp8fc74SrL+SvzZpA3MDMwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBtHbG9i
+YWxTaWduIEVDQyBSb290IENBIC0gUjU=
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign Root CA - R2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
@@ -2715,10 +1973,11 @@ J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
 291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
 ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
 AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLjA5
-MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMF0dsb2JhbFNpZ24gUm9v
-dCBDQSAtIFIy
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLjAv
+MBQGCCsGAQUFBwMEBggrBgEFBQcDAQwXR2xvYmFsU2lnbiBSb290IENBIC0gUjI=
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign Root CA - R3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
@@ -2738,9 +1997,11 @@ jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK
 6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX
 mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
 Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
-WD9fMDkwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwXR2xvYmFsU2ln
-biBSb290IENBIC0gUjM=
+WD9fMC8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBdHbG9iYWxTaWduIFJvb3QgQ0Eg
+LSBSMw==
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
 A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
@@ -2760,9 +2021,11 @@ yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
 38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
 AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
 DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
-HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4DA0MB4GCCsGAQUFBwMEBggrBgEFBQcD
-AQYIKwYBBQUHAwMMEkdsb2JhbFNpZ24gUm9vdCBDQQ==
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4DAqMBQGCCsGAQUFBwMEBggrBgEFBQcD
+AQwSR2xvYmFsU2lnbiBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# Global Chambersign Root - 2008
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -2802,10 +2065,12 @@ SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O
 AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso
 M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
 v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
-09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/BMEAw
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwweR2xvYmFsIENoYW1iZXJz
-aWduIFJvb3QgLSAyMDA4
+09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/BMDYw
+FAYIKwYBBQUHAwQGCCsGAQUFBwMBDB5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAt
+IDIwMDg=
 -----END TRUSTED CERTIFICATE-----
+
+# Go Daddy Class 2 CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
 MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
@@ -2828,9 +2093,11 @@ OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
 TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
 HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
 dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
-ReYNnyicsbkqWletNw+vHX/bvZ8wNTAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsG
-AQUFBwMDDBNHbyBEYWRkeSBDbGFzcyAyIENB
+ReYNnyicsbkqWletNw+vHX/bvZ8wKzAUBggrBgEFBQcDBAYIKwYBBQUHAwEME0dv
+IERhZGR5IENsYXNzIDIgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Go Daddy Root Certificate Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
@@ -2852,9 +2119,11 @@ WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu
 gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo
 2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO
 LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI
-4uJEvlz36hz1MEAwFAYIKwYBBQUHAwEGCCsGAQUFBwMDDChHbyBEYWRkeSBSb290
-IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
+4uJEvlz36hz1MDYwCgYIKwYBBQUHAwEMKEdvIERhZGR5IFJvb3QgQ2VydGlmaWNh
+dGUgQXV0aG9yaXR5IC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions ECC RootCA 2015
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN
 BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
@@ -2874,6 +2143,8 @@ TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKRMFMwFAYIKwYB
 BQUHAwQGCCsGAQUFBwMBDDtIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2gg
 SW5zdGl0dXRpb25zIEVDQyBSb290Q0EgMjAxNQ==
 -----END TRUSTED CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2011
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
 RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
@@ -2897,10 +2168,12 @@ A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p
 TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7
 dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
 Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
-l7WdmplNsDz4SgCbZN2fOUvRJ9e4MFkwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggr
-BgEFBQcDAww3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0
-aW9ucyBSb290Q0EgMjAxMQ==
+l7WdmplNsDz4SgCbZN2fOUvRJ9e4ME8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDDdI
+ZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RD
+QSAyMDEx
 -----END TRUSTED CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2015
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix
 DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k
@@ -2937,6 +2210,8 @@ e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0
 vm9qp/UsQu0yrbYhnr68ME8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDDdIZWxsZW5p
 YyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDE1
 -----END TRUSTED CERTIFICATE-----
+
+# Hongkong Post Root CA 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx
 FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
@@ -2957,6 +2232,8 @@ EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
 fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
 AmvZWjAlMAoGCCsGAQUFBwMBDBdIb25na29uZyBQb3N0IFJvb3QgQ0EgMQ==
 -----END TRUSTED CERTIFICATE-----
+
+# ISRG Root X1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
 TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
@@ -2989,6 +2266,8 @@ mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
 emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCcw
 GjAKBggrBgEFBQcDAQwMSVNSRyBSb290IFgx
 -----END TRUSTED CERTIFICATE-----
+
+# IdenTrust Commercial Root CA 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
@@ -3021,6 +2300,8 @@ mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
 7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6HMDYwFAYIKwYBBQUH
 AwQGCCsGAQUFBwMBDB5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDE=
 -----END TRUSTED CERTIFICATE-----
+
+# IdenTrust Public Sector Root CA 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
@@ -3054,6 +2335,8 @@ GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
 KwYBBQUHAwQGCCsGAQUFBwMBDCFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290
 IENBIDE=
 -----END TRUSTED CERTIFICATE-----
+
+# Izenpe.com
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4
 MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
@@ -3086,9 +2369,11 @@ LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb
 UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/
 QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+
 naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
-QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxzAiMBQGCCsGAQUF
-BwMBBggrBgEFBQcDAwwKSXplbnBlLmNvbQ==
+QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxzAYMAoGCCsGAQUF
+BwMBDApJemVucGUuY29t
 -----END TRUSTED CERTIFICATE-----
+
+# LuxTrust Global Root 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL
 BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV
@@ -3123,34 +2408,8 @@ x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6
 oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrrMCQwCgYIKwYB
 BQUHAwEMFkx1eFRydXN0IEdsb2JhbCBSb290IDI=
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEMjCCA5ugAwIBAgIBQjANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEc
-MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBT
-ZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTA0MDczMTAwMDAwMVoXDTA0
-MDkwMjAwMDAwMVowPDE6MDgGA1UEAxMxTUQ1IENvbGxpc2lvbnMgSW5jLiAoaHR0
-cDovL3d3dy5waHJlZWRvbS5vcmcvbWQ1KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
-gYkCgYEAuqZZySwo1iqw+O2fRqSkN+4OGWhZ0bMDmVHWFppeN2sV4A5L9YRk+KPb
-QW811ZsVH9vEOFJwgZdej6C193458DKsHq1E0rP6SMPOkZvs9Jx84Vr1yDdrmoPe
-58oglzFCcxWRaPSIr/koKMXpD3OwF0sTTJl10ETmfghsGvJPG0ECAwEAAaOCAiQw
-ggIgMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSnBGAf
-q3JDCMV/CJBVVhzWzuY46zAfBgNVHSMEGDAWgBS+qKB0clBrRLfJI9j7qP+zV2to
-bDCCAb4GCWCGSAGG+EIBDQSCAa8WggGrMwAAACdeOeCJYQ9Oo8VFCza7AdFTqsMI
-j2/4Tz6Hh0QR3GDg35JV+bhzG1STxZ/QRsRgtjVizbmvHKhpGslbPJY3wO1n77v+
-wIucUC8pvYMino4I+qwTcKJYf2JiihH3ifbftmdZcxb7YxaKtJE4zi71tr5MpJRJ
-5GURCkIVycEw4mnVRX2lJru5YexiZPA54ee8aNhQUZ4dYNPRo6cK+AMgoXABF5E2
-TwJwMYaD3fcP2AcdEbMTBKXc8K5QsSgOY2kqDIJvj0cz32yiBpLxT0W+2TA2oyuM
-1neuNWN/Tkyak0g22Z8CAwEAAaOBvTCBujAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0O
-BBYEFM2mg/qlYDf3ljcXKd5BePGHiVXnMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6
-Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybHMvZ2xvYmFsY2ExLmNybDAfBgNVHSMEGDAW
-gBS+qKB0clBrRLfJI9j7qP+zV2tobDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
-BQUHAwIwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQCnIQKN0Q6igHcl
-/UNgFY/s75BH1IRCFSYRHM3CPBApqbbfq1d1kdrlK7OQRRwwY1Y/itlQ+u1YbMBl
-rGZX3hzGdjv1AA6ORc5/TJDsK8bNs7SPYtD+t8UmckTt9phbrsvRlfXaCL5oRrF1
-yOwdjx56lPGqU3iiRa5U6tGedMh2ZzCBlaBuBggrBgEFBQcDBAYIKwYBBQUHAwEG
-CCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcD
-BAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwgMI01ENSBD
-b2xsaXNpb25zIEZvcmdlZCBSb2d1ZSBDQSAyNWMz
------END TRUSTED CERTIFICATE-----
+
+# Microsec e-Szigno Root CA 2009
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
 VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
@@ -3173,9 +2432,11 @@ mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk
 ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775
 tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
 2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
-HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCWMEAwHgYIKwYBBQUHAwQGCCsG
-AQUFBwMBBggrBgEFBQcDAwweTWljcm9zZWMgZS1Temlnbm8gUm9vdCBDQSAyMDA5
+HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCWMDYwFAYIKwYBBQUHAwQGCCsG
+AQUFBwMBDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDk=
 -----END TRUSTED CERTIFICATE-----
+
+# NetLock Arany (Class Gold) Főtanúsítvány
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
 EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
@@ -3198,10 +2459,12 @@ bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C
 +C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC
 bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
 uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
-XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7EwTjAeBggr
-BgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDCxOZXRMb2NrIEFyYW55IChDbGFz
-cyBHb2xkKSBGxZF0YW7DunPDrXR2w6FueQ==
+XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7EwRDAUBggr
+BgEFBQcDBAYIKwYBBQUHAwEMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbF
+kXRhbsO6c8OtdHbDoW55
 -----END TRUSTED CERTIFICATE-----
+
+# Network Solutions Certificate Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
 MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
@@ -3227,6 +2490,8 @@ pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1eyMDUwCgYI
 KwYBBQUHAwEMJ05ldHdvcmsgU29sdXRpb25zIENlcnRpZmljYXRlIEF1dGhvcml0
 eQ==
 -----END TRUSTED CERTIFICATE-----
+
+# OISTE WISeKey Global Root GA CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB
 ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly
@@ -3252,6 +2517,8 @@ Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
 /L7fCg0wNzAUBggrBgEFBQcDBAYIKwYBBQUHAwEMH09JU1RFIFdJU2VLZXkgR2xv
 YmFsIFJvb3QgR0EgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# OISTE WISeKey Global Root GB CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
 MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
@@ -3272,10 +2539,12 @@ cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5
 gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO
 ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
 aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
-Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBMwQTAeBggr
-BgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDB9PSVNURSBXSVNlS2V5IEdsb2Jh
-bCBSb290IEdCIENB
+Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBMwNzAUBggr
+BgEFBQcDBAYIKwYBBQUHAwEMH09JU1RFIFdJU2VLZXkgR2xvYmFsIFJvb3QgR0Ig
+Q0E=
 -----END TRUSTED CERTIFICATE-----
+
+# OpenTrust Root CA G1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -3309,6 +2578,8 @@ AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj
 1oxxMCwwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBRPcGVuVHJ1c3QgUm9vdCBDQSBH
 MQ==
 -----END TRUSTED CERTIFICATE-----
+
+# OpenTrust Root CA G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -3342,6 +2613,8 @@ WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM
 S1IKMCwwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBRPcGVuVHJ1c3QgUm9vdCBDQSBH
 Mg==
 -----END TRUSTED CERTIFICATE-----
+
+# OpenTrust Root CA G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx
 CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U
@@ -3357,60 +2630,8 @@ j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx
 4nxp5V2a+EEfOzmTk51V6s2N8fvBMCwwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBRP
 cGVuVHJ1c3QgUm9vdCBDQSBHMw==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
-YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
-dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
-aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
-IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
-KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
-MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
-b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
-KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
-A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
-aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
-7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
-BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
-ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
-JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
-PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
-0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
-6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
-v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
-K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
-bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
-MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
-MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
-gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
-b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
-bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
-cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
-ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
-ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
-hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
-AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
-MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
-RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
-UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
-cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
-AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
-AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
-1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
-3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
-Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
-HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
-pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
-sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
-qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
-mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
-opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
-YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2KmMCwwHgYI
-KwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwKUFNDUHJvY2VydA==
------END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 1 G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -3440,9 +2661,11 @@ b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2
 NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj
 ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
 q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
-nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXDMDcwHgYIKwYBBQUH
-AwQGCCsGAQUFBwMBBggrBgEFBQcDAwwVUXVvVmFkaXMgUm9vdCBDQSAxIEcz
+nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXDMC0wFAYIKwYBBQUH
+AwQGCCsGAQUFBwMBDBVRdW9WYWRpcyBSb290IENBIDEgRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
 TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
@@ -3475,9 +2698,10 @@ fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
 cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
 mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
 xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
-SnQ2+TAyMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMEFF1b1ZhZGlz
-IFJvb3QgQ0E=
+SnQ2+TAoMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwQUXVvVmFkaXMgUm9vdCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -3509,9 +2733,11 @@ TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD
 mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z
 ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
 4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
-8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0uMDQwHgYIKwYBBQUHAwQGCCsGAQUF
-BwMBBggrBgEFBQcDAwwSUXVvVmFkaXMgUm9vdCBDQSAy
+8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0uMCowFAYIKwYBBQUHAwQGCCsGAQUF
+BwMBDBJRdW9WYWRpcyBSb290IENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 2 G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -3541,9 +2767,11 @@ csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd
 dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg
 KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM
 HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4
-WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+MMC0wFAYIKwYBBQUH
-AwEGCCsGAQUFBwMDDBVRdW9WYWRpcyBSb290IENBIDIgRzM=
+WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+MMCMwCgYIKwYBBQUH
+AwEMFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMw==
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -3580,9 +2808,11 @@ k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s
 zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j
 Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
 mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
-4SVhM7JZG+Ju1zdXtg2pEtowNDAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUF
-BwMDDBJRdW9WYWRpcyBSb290IENBIDM=
+4SVhM7JZG+Ju1zdXtg2pEtowKjAUBggrBgEFBQcDBAYIKwYBBQUHAwEMElF1b1Zh
+ZGlzIFJvb3QgQ0EgMw==
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 3 G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -3612,9 +2842,11 @@ u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP
 8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+
 DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
 PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
-ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0MDcwHgYIKwYBBQUH
-AwQGCCsGAQUFBwMBBggrBgEFBQcDAwwVUXVvVmFkaXMgUm9vdCBDQSAzIEcz
+ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0MC0wFAYIKwYBBQUH
+AwQGCCsGAQUFBwMBDBVRdW9WYWRpcyBSb290IENBIDMgRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# S-TRUST Universal Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB
 hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl
@@ -3639,6 +2871,122 @@ UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq
 KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHjAnMAoGCCsGAQUFBwMEDBlTLVRS
 VVNUIFVuaXZlcnNhbCBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority ECC
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx
+NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv
+bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA
+VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku
+WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX
+5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ
+ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg
+h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSjA5MAoGCCsG
+AQUFBwMBDCtTU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+RUND
+-----END TRUSTED CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority RSA R2
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy
+MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD
+DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4
+9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW
+s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5
+Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg
+cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM
+79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz
+/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt
+ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm
+Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK
+QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ
+w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi
+S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07
+mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+zA8MAoGCCsGAQUFBwMBDC5T
+U0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+-----END TRUSTED CERTIFICATE-----
+
+# SSL.com Root Certification Authority ECC
+-----BEGIN TRUSTED CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz
+WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0
+b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI
+7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg
+CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud
+EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD
+VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T
+kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+
+gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5WplMEAwFAYIKwYBBQUHAwQG
+CCsGAQUFBwMBDChTU0wuY29tIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+RUND
+-----END TRUSTED CERTIFICATE-----
+
+# SSL.com Root Certification Authority RSA
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz
+OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R
+xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX
+qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC
+C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3
+6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh
+/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF
+YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E
+JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc
+US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8
+ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm
++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi
+M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV
+cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc
+Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs
+PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/
+q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0
+cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr
+a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I
+H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y
+K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu
+nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf
+oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY
+Ic2wBlX7Jz9TkHCpBB5XJ7kwQDAUBggrBgEFBQcDBAYIKwYBBQUHAwEMKFNTTC5j
+b20gUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0E=
+-----END TRUSTED CERTIFICATE-----
+
+# SZAFIR ROOT CA2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL
 BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6
@@ -3661,6 +3009,8 @@ d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg
 LvWpCz/UXeHPhJ/iGcJfitYgHuNztzAnMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwP
 U1pBRklSIFJPT1QgQ0Ey
 -----END TRUSTED CERTIFICATE-----
+
+# SecureSign RootCA11
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr
 MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG
@@ -3683,6 +3033,8 @@ pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN
 QSdJQO7e5iNEOdyhIta6A/IwITAKBggrBgEFBQcDAQwTU2VjdXJlU2lnbiBSb290
 Q0ExMQ==
 -----END TRUSTED CERTIFICATE-----
+
+# SecureTrust CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -3703,9 +3055,11 @@ NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3
 3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm
 D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
 CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
-3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jEwJjAU
-BggrBgEFBQcDAQYIKwYBBQUHAwMMDlNlY3VyZVRydXN0IENB
+3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jEwHDAK
+BggrBgEFBQcDAQwOU2VjdXJlVHJ1c3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Secure Global CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -3727,31 +3081,10 @@ H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm
 I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
 iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
 f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
-MDIwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwQU2VjdXJlIEdsb2Jh
-bCBDQQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDEl
-MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMh
-U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIz
-MloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09N
-IFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNlY3VyaXR5IENvbW11
-bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSE
-RMqm4miO/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gO
-zXppFodEtZDkBp2uoQSXWHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5
-bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4zZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDF
-MxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4bepJz11sS6/vmsJWXMY1
-VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK9U2vP9eC
-OKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HW
-tWS3irO4G8za+6xmiEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZ
-q51ihPZRwSzJIxXYKLerJRO1RuGGAv8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDb
-EJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnWmHyojf6GPgcWkuF75x3sM3Z+
-Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEWT1MKZPlO9L9O
-VL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490MC8wCgYIKwYBBQUHAwEM
-IVNlY3VyaXR5IENvbW11bmljYXRpb24gRVYgUm9vdENBMQ==
+MCgwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBBTZWN1cmUgR2xvYmFsIENB
 -----END TRUSTED CERTIFICATE-----
+
+# Security Communication RootCA2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
 MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
@@ -3771,9 +3104,11 @@ coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc
 okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8
 t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
 1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
-SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03MEAwHgYIKwYBBQUHAwQGCCsGAQUF
-BwMBBggrBgEFBQcDAwweU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0Ey
+SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03MDYwFAYIKwYBBQUHAwQGCCsGAQUF
+BwMBDB5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTI=
 -----END TRUSTED CERTIFICATE-----
+
+# Security Communication Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
 MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
@@ -3792,10 +3127,12 @@ kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr
 Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5
 Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
 JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
-RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAzBA
-MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMHlNlY3VyaXR5IENvbW11
-bmljYXRpb24gUm9vdCBDQQ==
+RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAzA2
+MBQGCCsGAQUFBwMEBggrBgEFBQcDAQweU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBS
+b290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# Sonera Class 2 Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
 MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
@@ -3816,6 +3153,8 @@ Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
 ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9MMC4wFAYIKwYBBQUH
 AwQGCCsGAQUFBwMBDBZTb25lcmEgQ2xhc3MgMiBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# Staat der Nederlanden EV Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh
@@ -3849,6 +3188,8 @@ FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
 7uzXLjAuMAoGCCsGAQUFBwMBDCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9v
 dCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -3880,10 +3221,12 @@ vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm
 bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk
 N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
 Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
-ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KATBE
-MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMIlN0YWF0IGRlciBOZWRl
-cmxhbmRlbiBSb290IENBIC0gRzI=
+ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KATA6
+MBQGCCsGAQUFBwMEBggrBgEFBQcDAQwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv
+b3QgQ0EgLSBHMg==
 -----END TRUSTED CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -3917,6 +3260,8 @@ QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
 94B7IWcnMFkwOjAUBggrBgEFBQcDBAYIKwYBBQUHAwEMIlN0YWF0IGRlciBOZWRl
 cmxhbmRlbiBSb290IENBIC0gRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# Starfield Class 2 CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
 MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
@@ -3939,9 +3284,11 @@ L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
 eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
 xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
 VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
-WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5QwNjAeBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDDBRTdGFyZmllbGQgQ2xhc3MgMiBDQQ==
+WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5QwLDAUBggrBgEFBQcD
+BAYIKwYBBQUHAwEMFFN0YXJmaWVsZCBDbGFzcyAyIENB
 -----END TRUSTED CERTIFICATE-----
+
+# Starfield Root Certificate Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3963,10 +3310,11 @@ sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3
 4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg
 8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K
 pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1
-mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0MEEwFAYIKwYBBQUHAwEG
-CCsGAQUFBwMDDClTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkg
-LSBHMg==
+mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0MDcwCgYIKwYBBQUHAwEM
+KVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
 -----END TRUSTED CERTIFICATE-----
+
+# Starfield Services Root Certificate Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3989,132 +3337,11 @@ ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z
 qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd
 iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn
 0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN
-sSi6MEowFAYIKwYBBQUHAwEGCCsGAQUFBwMDDDJTdGFyZmllbGQgU2VydmljZXMg
-Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14wQjAeBggrBgEFBQcDBAYIKwYB
-BQUHAwEGCCsGAQUFBwMDDCBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
-eQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
-F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
-ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
-ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
-aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
-YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
-c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
-d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
-CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
-dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
-wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
-Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
-0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
-pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
-CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
-P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
-1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
-KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
-8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
-fyWl8kgAwKQB2j8wQjAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDCBT
-dGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
-OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
-A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
-JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
-vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
-D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
-Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
-RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
-HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
-nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
-0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
-UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
-Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
-TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
-BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
-UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
-6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
-9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
-HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
-wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
-XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
-IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
-hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
-so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddIMEUwHgYIKwYB
-BQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwjU3RhcnRDb20gQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkgRzI=
+sSi6MEAwCgYIKwYBBQUHAwEMMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRp
+ZmljYXRlIEF1dGhvcml0eSAtIEcy
 -----END TRUSTED CERTIFICATE-----
+
+# SwissSign Gold CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
@@ -4146,9 +3373,11 @@ hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3
 92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp
 Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
 ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
-Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJMDgwHgYIKwYBBQUHAwQGCCsG
-AQUFBwMBBggrBgEFBQcDAwwWU3dpc3NTaWduIEdvbGQgQ0EgLSBHMg==
+Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJMC4wFAYIKwYBBQUHAwQGCCsG
+AQUFBwMBDBZTd2lzc1NpZ24gR29sZCBDQSAtIEcy
 -----END TRUSTED CERTIFICATE-----
+
+# SwissSign Platinum CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu
@@ -4180,9 +3409,11 @@ puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa
 icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG
 DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x
 kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z
-Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0jAyMBQGCCsGAQUF
-BwMEBggrBgEFBQcDAwwaU3dpc3NTaWduIFBsYXRpbnVtIENBIC0gRzI=
+Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0jAoMAoGCCsGAQUF
+BwMEDBpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMg==
 -----END TRUSTED CERTIFICATE-----
+
+# SwissSign Silver CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
@@ -4214,44 +3445,11 @@ em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR
 dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/
 OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
 hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
-tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5uMDowHgYIKwYBBQUHAwQG
-CCsGAQUFBwMBBggrBgEFBQcDAwwYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcy
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHDA0MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMM
-ElN3aXNzY29tIFJvb3QgQ0EgMQ==
+tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5uMDAwFAYIKwYBBQUHAwQG
+CCsGAQUFBwMBDBhTd2lzc1NpZ24gU2lsdmVyIENBIC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# Swisscom Root CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
 MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
@@ -4284,44 +3482,10 @@ Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W
 t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
 8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2
 9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
-wSsSnqaeG8XmDtkx2TA0MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMM
-ElN3aXNzY29tIFJvb3QgQ0EgMg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
-ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
-dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
-IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
-VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
-dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
-MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
-UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
-1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
-oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
-HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
-5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
-idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
-OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
-NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
-46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
-UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
-7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
-A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
-MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
-bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
-XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
-PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
-Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
-WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
-Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
-7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
-nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
-vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
-WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
-fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
-I+2ksx0WckNLIOFZfsLorSa/ovcwLTAUBggrBgEFBQcDAQYIKwYBBQUHAwMMFVN3
-aXNzY29tIFJvb3QgRVYgQ0EgMg==
+wSsSnqaeG8XmDtkx2TAgMAoGCCsGAQUFBwMEDBJTd2lzc2NvbSBSb290IENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# Symantec Class 1 Public Primary Certification Authority - G4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL
 MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
@@ -4340,6 +3504,8 @@ axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No
 8gxFSTm/mQQc0xCgMEowCgYIKwYBBQUHAwQMPFN5bWFudGVjIENsYXNzIDEgUHVi
 bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNA==
 -----END TRUSTED CERTIFICATE-----
+
+# Symantec Class 1 Public Primary Certification Authority - G6
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB
 lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
@@ -4365,6 +3531,8 @@ DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0
 0jPg/73RVDkpDzBKMAoGCCsGAQUFBwMEDDxTeW1hbnRlYyBDbGFzcyAxIFB1Ymxp
 YyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzY=
 -----END TRUSTED CERTIFICATE-----
+
+# Symantec Class 2 Public Primary Certification Authority - G4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL
 MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
@@ -4383,6 +3551,8 @@ S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9//
 KabYR9mglhjb8kWzMEowCgYIKwYBBQUHAwQMPFN5bWFudGVjIENsYXNzIDIgUHVi
 bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNA==
 -----END TRUSTED CERTIFICATE-----
+
+# Symantec Class 2 Public Primary Certification Authority - G6
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB
 lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
@@ -4408,6 +3578,8 @@ KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+
 b/xa5IJVWa8xqTBKMAoGCCsGAQUFBwMEDDxTeW1hbnRlYyBDbGFzcyAyIFB1Ymxp
 YyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzY=
 -----END TRUSTED CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -4432,6 +3604,8 @@ g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
 BSeOE6FuwjA0MBQGCCsGAQUFBwMEBggrBgEFBQcDAQwcVC1UZWxlU2VjIEdsb2Jh
 bFJvb3QgQ2xhc3MgMg==
 -----END TRUSTED CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -4456,6 +3630,8 @@ e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p
 TpPDpFQUWzAqMAoGCCsGAQUFBwMBDBxULVRlbGVTZWMgR2xvYmFsUm9vdCBDbGFz
 cyAz
 -----END TRUSTED CERTIFICATE-----
+
+# TC TrustCenter Class 3 CA II
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL
 MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV
@@ -4484,6 +3660,8 @@ g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB
 S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5DAq
 MAoGCCsGAQUFBwMEDBxUQyBUcnVzdENlbnRlciBDbGFzcyAzIENBIElJ
 -----END TRUSTED CERTIFICATE-----
+
+# TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx
 GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp
@@ -4511,33 +3689,8 @@ lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c
 lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeMwOzAKBggrBgEFBQcDAQwtVFVCSVRBSyBL
 YW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kgLSBTdXJ1bSAx
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
-S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
-SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
-OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
-b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
-VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
-sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
-ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
-KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
-+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
-HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
-IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
-733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
-Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
-AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
-aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
-mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
-XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
-qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9MEkwFAYIKwYBBQUHAwEG
-CCsGAQUFBwMDDDFUVVJLVFJVU1QgQ2VydGlmaWNhdGUgU2VydmljZXMgUHJvdmlk
-ZXIgUm9vdCAyMDA3
------END TRUSTED CERTIFICATE-----
+
+# TWCA Global Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
 EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
@@ -4567,9 +3720,11 @@ nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh
 nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j
 wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
 aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
-KwbQBM0wNTAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBNUV0NBIEds
-b2JhbCBSb290IENB
+KwbQBM0wKzAUBggrBgEFBQcDBAYIKwYBBQUHAwEME1RXQ0EgR2xvYmFsIFJvb3Qg
+Q0E=
 -----END TRUSTED CERTIFICATE-----
+
+# TWCA Root Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
 MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
@@ -4589,10 +3744,11 @@ MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls
 XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D
 lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
 aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
-YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8HrzBDMB4GCCsGAQUFBwMEBggr
-BgEFBQcDAQYIKwYBBQUHAwMMIVRXQ0EgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhv
-cml0eQ==
+YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8HrzA5MBQGCCsGAQUFBwMEBggr
+BgEFBQcDAQwhVFdDQSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# Taiwan GRCA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
 MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
@@ -4623,9 +3779,10 @@ nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX
 udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz
 ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
 LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
-pYYsfPQSMC0wHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwLVGFpd2Fu
-IEdSQ0E=
+pYYsfPQSMCMwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDAtUYWl3YW4gR1JDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# TeliaSonera Root CA v1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw
 NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
@@ -4657,6 +3814,102 @@ HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx
 SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVYwLjAU
 BggrBgEFBQcDBAYIKwYBBQUHAwEMFlRlbGlhU29uZXJhIFJvb3QgQ0EgdjE=
 -----END TRUSTED CERTIFICATE-----
+
+# TrustCor ECA-1
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig
+RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb
+3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA
+BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5
+3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou
+owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/
+wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF
+ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf
+BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv
+civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2
+AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50
+soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI
+WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi
+tJ/X5jAmMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwOVHJ1c3RDb3IgRUNBLTE=
+-----END TRUSTED CERTIFICATE-----
+
+# TrustCor RootCert CA-1
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB
+pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h
+IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG
+A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU
+cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid
+RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V
+seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme
+9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV
+EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW
+hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I
+/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ
+yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts
+L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN
+zl/HHk484IkzlQsPpTLWPFp5LBkwLjAUBggrBgEFBQcDBAYIKwYBBQUHAwEMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTE=
+-----END TRUSTED CERTIFICATE-----
+
+# TrustCor RootCert CA-2
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg
+Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD
+VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+
+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq
+1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp
+2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK
+DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape
+az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF
+3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88
+oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM
+g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3
+mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd
+BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U
+nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
+dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+
+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL
+/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX
+CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa
+ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW
+2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7
+N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3
+Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB
+As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp
+5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu
+1uwJMC4wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBZUcnVzdENvciBSb290Q2VydCBD
+QS0y
+-----END TRUSTED CERTIFICATE-----
+
+# Trustis FPS Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
 MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
@@ -4679,39 +3932,8 @@ jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
 ZetX2fNXlrtIzYEwKzAUBggrBgEFBQcDBAYIKwYBBQUHAwEME1RydXN0aXMgRlBT
 IFJvb3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
-MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
-bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
-VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
-YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
-dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
-ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
-Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
-GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
-aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
-QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
-xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
-aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
-IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
-gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
-O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
-fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
-lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
-hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
-AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
-NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
-wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
-7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
-gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
-oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
-yZyQ2uypQjyttgIwgZUwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDH1UXHhjM1x4OWNc
-eDQyXHhDNFx4QjBUQUsgVUVLQUUgS1x4QzNceEI2ayBTZXJ0aWZpa2EgSGl6bWV0
-IFNhXHhDNFx4OUZsYXlceGM0XHhiMVx4NjNceGM0XHhiMXNceGM0XHhiMSAtIFNc
-eEMzXHhCQ3JceEMzXHhCQ20gMw==
------END TRUSTED CERTIFICATE-----
+
+# TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE
 BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn
@@ -4735,9 +3957,11 @@ VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq
 URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf
 peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF
 Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
-+qtB4Uu2NQvAmxUwUTAUBggrBgEFBQcDAQYIKwYBBQUHAwMMOVTDnFJLVFJVU1Qg
-RWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINQ==
++qtB4Uu2NQvAmxUwRzAKBggrBgEFBQcDAQw5VMOcUktUUlVTVCBFbGVrdHJvbmlr
+IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1
 -----END TRUSTED CERTIFICATE-----
+
+# USERTrust ECC Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
 MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
@@ -4752,10 +3976,12 @@ o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G
 A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD
 VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
 zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
-RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1XahgwRzAeBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDDCVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRp
-b24gQXV0aG9yaXR5
+RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1XahgwPTAUBggrBgEFBQcD
+BAYIKwYBBQUHAwEMJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHk=
 -----END TRUSTED CERTIFICATE-----
+
+# USERTrust RSA Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
@@ -4788,9 +4014,11 @@ XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/
 qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB
 VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
 L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
-jjxDah2nGN59PRbxYvnKkKj9MEcwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
+jjxDah2nGN59PRbxYvnKkKj9MD0wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDCVVU0VS
+VHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# UTN USERFirst Email Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB
 rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
@@ -4819,92 +4047,8 @@ eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk
 USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQwKTAKBggrBgEF
 BQcDBAwbVVROIFVTRVJGaXJzdCBFbWFpbCBSb290IENB
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
-A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
-MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
-d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
-cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
-0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
-M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
-MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
-oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
-DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
-oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
-dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
-bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
-BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
-CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
-CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
-3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
-KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqDAsMAoGCCsG
-AQUFBwMBDB5VVE4gVVNFUkZpcnN0IEhhcmR3YXJlIFJvb3QgQ0E=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEZjCCA06gAwIBAgIQRL4Mi1AAJLQR0zYt4LNfGzANBgkqhkiG9w0BAQUFADCB
-lTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3Qt
-T2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAzNlowgZUxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAc
-BgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3
-dy51c2VydHJ1c3QuY29tMR0wGwYDVQQDExRVVE4tVVNFUkZpcnN0LU9iamVjdDCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6qgT+jo2F4qjEAVZURnicP
-HxzfOpuCaDDASmEd8S8O+r5596Uj71VRloTN2+O5bj4x2AogZ8f02b+U60cEPgLO
-KqJdhwQJ9jCdGIqXsqoc/EHSoTbL+z2RuufZcDX65OeQw5ujm9M89RKZd7G3CeBo
-5hy485RjiGpq/gt2yb70IuRnuasaXnfBhQfdDWy/7gbHd2pBnqcP1/vulBe3/IW+
-pKvEHDHd17bR5PDv3xaPslKT16HUiaEHLr/hARJCHhrh2JU022R5KP+6LhHC5ehb
-kkj7RwvCbNqtMoNB86XlQXD9ZZBt+vpRxPm9lisZBCzTbafc8H9vg2XiaquHhnUC
-AwEAAaOBrzCBrDALBgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQU2u1kdBScFDyr3ZmpvVsoTYs8ydgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
-L2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VSRmlyc3QtT2JqZWN0LmNybDApBgNV
-HSUEIjAgBggrBgEFBQcDAwYIKwYBBQUHAwgGCisGAQQBgjcKAwQwDQYJKoZIhvcN
-AQEFBQADggEBAAgfUrE3RHjb/c652pWWmKpVZIC1WkDdIaXFwfNfLEzIR1pp6ujw
-NTX00CXzyKakh0q9G7FzCL3Uw8q2NbtZhncxzaeAFK4T7/yxSPlrJSUtUbYsbUXB
-mMiKVl0+7kNOPmsnjtA6S4ULX9Ptaqd1y9Fahy85dRNacrACgZ++8A+EVCBibGnU
-4U3GDZlDAQ0Slox4nb9QorFEqmrPF3rPbw/U+CRVX/A0FklmPlBGyWNxODFiuGK5
-81OtbLUrohKqGU8J2l7nk8aOFAj+8DCAGKCGhU3IfdeLA/5u1fedFqySLKAj5ZyR
-Uh+U3xeUc8OzwcFxBSAAeL0TUh2oPs0AH8gwKjAKBggrBgEFBQcDAwwcVVROIFVT
-RVJGaXJzdCBPYmplY3QgUm9vdCBDQQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFOTCCBCGgAwIBAgIQLwBuzRdwZudfo4IKeR8FrjANBgkqhkiG9w0BAQUFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMDkwMzI2MDAwMDAwWhcNMTkwMzI0MjM1OTU5WjCBtTEL
-MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
-ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg
-aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwOTEvMC0GA1UEAxMmVmVy
-aVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzIwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQDUVo9XOzcopkBj0pXVBXTatRlqltZxVy/iwDSM
-oJWzjOE3JPMu7UNFBY6J1/raSrX4Po1Ox/lJUEU3QJ90qqBRVWHxYISJpZ6AjS+w
-IapFgsTPtBR/RxUgKIKwaBLArlwH1/ZZzMtiVlxNSf8miKtUUTovStoOmOKJcrn8
-92g8xB85essXgfMMrQ/cYWIbEAsEHikYcV5iy0PevjG6cQIZTiapUdqMZGkD3pz9
-ff17Ybz8hHyIXLTDe+1fK0YS8f0AAZqLW+mjBS6PLlve8xt4+GaRCMBeztWwNsrU
-qHugffkwer/43RlRKyC6/qfPoU6wZ/WAqiuDLtKOVImOHikLAgMBAAGjggEsMIIB
-KDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjApBgNVHREEIjAg
-pB4wHDEaMBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNTIwHQYDVR0OBBYEFKXvCxHO
-wEEDo0plkEiyHOBXLX1HMGYGA1UdIARfMF0wWwYLYIZIAYb4RQEHFwMwTDAjBggr
-BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
-aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDov
-L3Muc3ltY2IuY29tL3BjYTMtZzUuY3JsMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ
-80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQArjhTM7IYIYDeLbGWJJSHeL1Ki
-B55Y07MWeAGZUZW0E3fMd90LXIE31r72YtYENwsYc5rT9sGiHm2cu4wR5j4SXgdf
-C4NcdALgUPSxJhttxujpv025ARUZ7FCa+RHwgVhDLE0RQLNaRgimXnOhiBI1jP8D
-Or3Wnfrn3Ja5GmQ+xP3ZCrZlnrqlqFj8OyLwolfuildHnHfHJeGsNAVN84J+QSO6
-tFfz58YBZddNiZkcaU1eePbrcnE9ssSVAZ9dDLcvJaZceUHvnsRnPKGdf3E60JWX
-7HhCdJhuvj5oTFc8qJNBhwvkua+R+1BMDLrAJCfRFdtlSCEKL9fcfqDMZX55MEIw
-AAw+VmVyaVNpZ24tQzNTU0EtRzItdGVtcG9yYXJ5LWludGVybWVkaWF0ZS1hZnRl
-ci0xMDI0Yml0LXJlbW92YWw=
------END TRUSTED CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
 MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
@@ -4924,10 +4068,12 @@ aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj
 aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW
 kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
 4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
-FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEDBeMB4GCCsG
-AQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMPFZlcmlTaWduIENsYXNzIDMgUHVi
-bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNA==
+FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEDBUMBQGCCsG
+AQUFBwMEBggrBgEFBQcDAQw8VmVyaVNpZ24gQ2xhc3MgMyBQdWJsaWMgUHJpbWFy
+eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0
 -----END TRUSTED CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G5
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
 yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -4954,10 +4100,12 @@ p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
 5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
 WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
-hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNqMF4wHgYIKwYB
-BQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAww8VmVyaVNpZ24gQ2xhc3MgMyBQdWJs
-aWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc1
+hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNqMFQwFAYIKwYB
+BQUHAwQGCCsGAQUFBwMBDDxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzU=
 -----END TRUSTED CERTIFICATE-----
+
+# VeriSign Universal Root Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
 vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -4984,9 +4132,11 @@ seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz
 4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+
 BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
 lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
-7M2CYfE45k+XmCpajTBRMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMM
-L1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+7M2CYfE45k+XmCpajTBHMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwvVmVyaVNpZ24g
+VW5pdmVyc2FsIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHk=
 -----END TRUSTED CERTIFICATE-----
+
+# Verisign Class 1 Public Primary Certification Authority - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -5013,6 +4163,8 @@ E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7jBK
 MAoGCCsGAQUFBwMEDDxWZXJpc2lnbiBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENl
 cnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# Verisign Class 2 Public Primary Certification Authority - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ
 BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
@@ -5039,6 +4191,8 @@ cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98qMEow
 CgYIKwYBBQUHAwQMPFZlcmlzaWduIENsYXNzIDIgUHVibGljIFByaW1hcnkgQ2Vy
 dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMw==
 -----END TRUSTED CERTIFICATE-----
+
+# Verisign Class 3 Public Primary Certification Authority - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -5061,10 +4215,12 @@ imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
 DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
 /Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
 F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
-TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dETBe
-MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMPFZlcmlzaWduIENsYXNz
-IDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMw==
+TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dETBU
+MBQGCCsGAQUFBwMEBggrBgEFBQcDAQw8VmVyaXNpZ24gQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcz
 -----END TRUSTED CERTIFICATE-----
+
+# Visa eCommerce Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
 MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
@@ -5085,74 +4241,11 @@ zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3
 LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
 7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw
 ++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
-398znM/jra6O1I7mT1GvFpLgXPYHDzA1MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYI
-KwYBBQUHAwMME1Zpc2EgZUNvbW1lcmNlIFJvb3Q=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
-BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
-MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
-b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
-rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
-fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
-f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
-ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
-x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
-aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
-zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
-uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
-mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
-Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
-HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
-EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
-MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
-JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
-g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
-dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
-R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
-PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
-xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
-J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
-OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
-ee5Ehr7XHuQe+zAoMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMBldv
-U2lnbg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
-BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
-MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
-ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
-D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
-9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
-v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
-UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
-NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
-+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
-qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
-yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
-AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
-J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
-WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
-/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
-jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
-ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
-X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
-FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
-u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
-O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
-ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
-2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oTAuMB4GCCsGAQUFBwMEBggrBgEF
-BQcDAQYIKwYBBQUHAwMMDFdvU2lnbiBDaGluYQ==
+398znM/jra6O1I7mT1GvFpLgXPYHDzArMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwT
+VmlzYSBlQ29tbWVyY2UgUm9vdA==
 -----END TRUSTED CERTIFICATE-----
+
+# XRamp Global CA Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
 gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
@@ -5176,9 +4269,11 @@ vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt
 qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa
 IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
 i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
-O+7ETPTsJ3xCwnR8gooJybQDJbwwNjAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsG
-AQUFBwMDDBRYUmFtcCBHbG9iYWwgQ0EgUm9vdA==
+O+7ETPTsJ3xCwnR8gooJybQDJbwwLDAUBggrBgEFBQcDBAYIKwYBBQUHAwEMFFhS
+YW1wIEdsb2JhbCBDQSBSb290
 -----END TRUSTED CERTIFICATE-----
+
+# certSIGN ROOT CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
 AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
@@ -5197,9 +4292,11 @@ MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ
 44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I
 Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
 i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
-9u6wWk5JRFRYX0KDMDIwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwQ
-Y2VydFNJR04gUk9PVCBDQQ==
+9u6wWk5JRFRYX0KDMCgwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBBjZXJ0U0lHTiBS
+T09UIENB
 -----END TRUSTED CERTIFICATE-----
+
+# ePKI Root Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
 MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
@@ -5231,9 +4328,11 @@ o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS
 /jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z
 Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE
 W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
-hNQ+IIX3Sj0rnP0qCglN6oH4EZwwQzAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsG
-AQUFBwMDDCFlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHk=
+hNQ+IIX3Sj0rnP0qCglN6oH4EZwwOTAUBggrBgEFBQcDBAYIKwYBBQUHAwEMIWVQ
+S0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
 -----END TRUSTED CERTIFICATE-----
+
+# thawte Primary Root CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL
 MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp
@@ -5248,9 +4347,11 @@ papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E
 BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K
 DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3
 KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox
-XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULjAzMBQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcy
+XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULjApMAoGCCsGAQUFBwMBDBt0aGF3
+dGUgUHJpbWFyeSBSb290IENBIC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# thawte Primary Root CA - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
 rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
@@ -5274,9 +4375,11 @@ oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu
 t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c
 KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
 m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
-MdRAGmI0Nj81Aa6sY6AwMzAUBggrBgEFBQcDAQYIKwYBBQUHAwMMG3RoYXd0ZSBQ
-cmltYXJ5IFJvb3QgQ0EgLSBHMw==
+MdRAGmI0Nj81Aa6sY6AwKTAKBggrBgEFBQcDAQwbdGhhd3RlIFByaW1hcnkgUm9v
+dCBDQSAtIEcz
 -----END TRUSTED CERTIFICATE-----
+
+# thawte Primary Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
 qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
@@ -5300,6 +4403,5 @@ YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX
 xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2
 /qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/
 LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7
-jVaMaDAuMBQGCCsGAQUFBwMBBggrBgEFBQcDAwwWdGhhd3RlIFByaW1hcnkgUm9v
-dCBDQQ==
+jVaMaDAkMAoGCCsGAQUFBwMBDBZ0aGF3dGUgUHJpbWFyeSBSb290IENB
 -----END TRUSTED CERTIFICATE-----
diff --git a/msys2/etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem b/msys2/etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem
index 5fbe65466..54d0f9474 100644
--- a/msys2/etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem
+++ b/msys2/etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem
@@ -1,3 +1,4 @@
+# ACCVRAIZ1
 -----BEGIN CERTIFICATE-----
 MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
 AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
@@ -42,39 +43,8 @@ h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
 d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
 pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
-AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
-CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
-MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
-RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
-AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
-09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
-XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
-Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
-t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
-X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
-MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
-fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
-2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
-K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
-ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
-BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
-MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
-RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
-fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
-gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
-I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
-5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
-ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
-MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
-o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
-zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
-GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
-r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
-Z05phkOTOPu220+DkdRgfks+KzgHVZhepA==
------END CERTIFICATE-----
+
+# AC Ra\xC3\xADz Certic\xC3\xA1mara S.A.
 -----BEGIN CERTIFICATE-----
 MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx
 CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp
@@ -112,6 +82,8 @@ RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r
 MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk
 BYn8eNZcLCZDqQ==
 -----END CERTIFICATE-----
+
+# Actalis Authentication Root CA
 -----BEGIN CERTIFICATE-----
 MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
 BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
@@ -145,6 +117,8 @@ ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
 LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
 LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
 -----END CERTIFICATE-----
+
+# AddTrust External Root
 -----BEGIN CERTIFICATE-----
 MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
@@ -170,6 +144,8 @@ Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
 c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
 mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
 -----END CERTIFICATE-----
+
+# AddTrust Low-Value Services Root
 -----BEGIN CERTIFICATE-----
 MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
@@ -194,55 +170,8 @@ eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
 pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
 WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqE=
------END CERTIFICATE-----
+
+# Amazon Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -263,6 +192,8 @@ o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
 5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
 rqXRfboQnoZsG4q5WTP468SQvvG5
 -----END CERTIFICATE-----
+
+# Amazon Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -294,6 +225,8 @@ n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE
 9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT
 4PsJYGw=
 -----END CERTIFICATE-----
+
+# Amazon Root CA 3
 -----BEGIN CERTIFICATE-----
 MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -306,6 +239,8 @@ ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr
 BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM
 YyRIHN8wfdVoOw==
 -----END CERTIFICATE-----
+
+# Amazon Root CA 4
 -----BEGIN CERTIFICATE-----
 MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -319,6 +254,8 @@ MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw
 CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW
 1KyLa2tJElMzrdfkviT8tQp21KW8EA==
 -----END CERTIFICATE-----
+
+# Atos TrustedRoot 2011
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
 AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
@@ -340,6 +277,8 @@ maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
 lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
 KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed
 -----END CERTIFICATE-----
+
+# Autoridad de Certificacion Firmaprofesional CIF A62634068
 -----BEGIN CERTIFICATE-----
 MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
 BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
@@ -375,6 +314,8 @@ StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
 Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
 jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V
 -----END CERTIFICATE-----
+
+# Baltimore CyberTrust Root
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
 RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
@@ -396,37 +337,8 @@ Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
 ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
 R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
-MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
-D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
-OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
-fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
-IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
-oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
-/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
-rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
-3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
-7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
-yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
-qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
-hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
-SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
-HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
-emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
-AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
-7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
-DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
-F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
-a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
-Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOL
------END CERTIFICATE-----
+
+# CA Disig Root R2
 -----BEGIN CERTIFICATE-----
 MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
 BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
@@ -458,19 +370,8 @@ G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
 zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
 L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
-CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
-EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
-NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
-MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
-KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
-1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
-1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
-aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
------END CERTIFICATE-----
+
+# COMODO Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
 gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -496,6 +397,8 @@ zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
 BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
 ZQ==
 -----END CERTIFICATE-----
+
+# COMODO ECC Certification Authority
 -----BEGIN CERTIFICATE-----
 MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
 MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
@@ -512,6 +415,8 @@ BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
 fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
 GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
 -----END CERTIFICATE-----
+
+# COMODO RSA Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
 hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -546,6 +451,8 @@ QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
 0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
 NVOFBkpdn627G190
 -----END CERTIFICATE-----
+
+# Camerfirma Chambers of Commerce Root
 -----BEGIN CERTIFICATE-----
 MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
 MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
@@ -574,6 +481,8 @@ XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
 eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
 tGWaIZDgqtCYvDi1czyL+Nw=
 -----END CERTIFICATE-----
+
+# Camerfirma Global Chambersign Root
 -----BEGIN CERTIFICATE-----
 MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
 MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
@@ -602,27 +511,8 @@ VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
 ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
 AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
-BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
-MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
-JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
-gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
-5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
-fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
-2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
-KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
-fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
-3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
-SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
-LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
-XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
------END CERTIFICATE-----
+
+# Certigna
 -----BEGIN CERTIFICATE-----
 MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV
 BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X
@@ -645,6 +535,8 @@ HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w
 t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
 WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg==
 -----END CERTIFICATE-----
+
+# Certplus Class 2 Primary CA
 -----BEGIN CERTIFICATE-----
 MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
 PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
@@ -667,6 +559,8 @@ ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
 kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
 l7+ijrRU
 -----END CERTIFICATE-----
+
+# Certplus Root CA G1
 -----BEGIN CERTIFICATE-----
 MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA
 MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy
@@ -698,6 +592,8 @@ V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5
 g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl
 ++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo=
 -----END CERTIFICATE-----
+
+# Certplus Root CA G2
 -----BEGIN CERTIFICATE-----
 MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x
 CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs
@@ -712,6 +608,8 @@ SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch
 p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal
 U5ORGpOucGpnutee5WEaXw==
 -----END CERTIFICATE-----
+
+# Certum Root CA
 -----BEGIN CERTIFICATE-----
 MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
 MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
@@ -731,6 +629,8 @@ CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
 O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
 6GAqm4VKQPNriiTsBhYscw==
 -----END CERTIFICATE-----
+
+# Certum Trusted Network CA
 -----BEGIN CERTIFICATE-----
 MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
 MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
@@ -753,6 +653,8 @@ J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
 VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
 03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw=
 -----END CERTIFICATE-----
+
+# Certum Trusted Network CA 2
 -----BEGIN CERTIFICATE-----
 MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB
 gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
@@ -787,6 +689,8 @@ XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P
 5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi
 DrW5viSP
 -----END CERTIFICATE-----
+
+# Chambers of Commerce Root - 2008
 -----BEGIN CERTIFICATE-----
 MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -829,6 +733,8 @@ fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
 OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
 d0jQ
 -----END CERTIFICATE-----
+
+# ComSign CA
 -----BEGIN CERTIFICATE-----
 MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0
 MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG
@@ -851,6 +757,8 @@ hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk
 Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U
 AGegcQCCSA==
 -----END CERTIFICATE-----
+
+# Comodo AAA Services root
 -----BEGIN CERTIFICATE-----
 MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
 MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
@@ -876,56 +784,8 @@ G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
 l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
 smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
------END CERTIFICATE-----
+
+# D-TRUST Root CA 3 2013
 -----BEGIN CERTIFICATE-----
 MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD
@@ -950,6 +810,8 @@ m2chlTWL+BD8cRu3SzdppjvW7IvuwbDzJcmPkn2h6sPKRL8mpXSSnON065102ctN
 h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln
 tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXA==
 -----END CERTIFICATE-----
+
+# Deutsche Telekom Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
 MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
@@ -972,6 +834,8 @@ IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
 xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
 Cm26OWMohpLzGITY+9HPBVZkVw==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root CA
 -----BEGIN CERTIFICATE-----
 MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -994,6 +858,8 @@ NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
 H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
 +o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root G2
 -----BEGIN CERTIFICATE-----
 MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1016,6 +882,8 @@ B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
 ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
 IhNzbM8m9Yop5w==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root G3
 -----BEGIN CERTIFICATE-----
 MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1031,6 +899,8 @@ AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
 JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
 6pZjamVFkpUBtA==
 -----END CERTIFICATE-----
+
+# DigiCert Global Root CA
 -----BEGIN CERTIFICATE-----
 MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1053,6 +923,8 @@ PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
 YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
 CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 -----END CERTIFICATE-----
+
+# DigiCert Global Root G2
 -----BEGIN CERTIFICATE-----
 MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1075,6 +947,8 @@ Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
 pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
 MrY=
 -----END CERTIFICATE-----
+
+# DigiCert Global Root G3
 -----BEGIN CERTIFICATE-----
 MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1090,6 +964,8 @@ AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
 oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
 sycX
 -----END CERTIFICATE-----
+
+# DigiCert High Assurance EV Root CA
 -----BEGIN CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1113,6 +989,8 @@ Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
 vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
 +OkuE6N36B9K
 -----END CERTIFICATE-----
+
+# DigiCert Trusted Root G4
 -----BEGIN CERTIFICATE-----
 MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1145,6 +1023,8 @@ r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
 /YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
 gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
 -----END CERTIFICATE-----
+
+# Entrust.net Premium 2048 Secure Server CA
 -----BEGIN CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
 RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
@@ -1170,6 +1050,8 @@ u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
 bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
 fF6adulZkMV8gzURZVE=
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority - EC1
 -----BEGIN CERTIFICATE-----
 MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
 A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
@@ -1188,6 +1070,8 @@ BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
 R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
 hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority - G2
 -----BEGIN CERTIFICATE-----
 MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
@@ -1213,6 +1097,8 @@ Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
 nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
 VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g==
 -----END CERTIFICATE-----
+
+# GeoTrust Global CA
 -----BEGIN CERTIFICATE-----
 MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
 MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
@@ -1233,27 +1119,8 @@ PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
 hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
 5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bA==
------END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G2
 -----BEGIN CERTIFICATE-----
 MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
 MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
@@ -1271,6 +1138,8 @@ CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
 qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
 rD6ogRLQy7rQkgu2npaqBA+K
 -----END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
 mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
@@ -1295,6 +1164,8 @@ AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
 SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
 spki4cErx5z481+oghLrGREt
 -----END CERTIFICATE-----
+
+# GeoTrust Universal CA
 -----BEGIN CERTIFICATE-----
 MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
@@ -1326,6 +1197,8 @@ ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
 DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
 bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
 -----END CERTIFICATE-----
+
+# GeoTrust Universal CA 2
 -----BEGIN CERTIFICATE-----
 MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
@@ -1357,6 +1230,8 @@ OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
 6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
 QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
 -----END CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R4
 -----BEGIN CERTIFICATE-----
 MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
@@ -1370,6 +1245,8 @@ uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
 kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
 ewv4n4Q=
 -----END CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R5
 -----BEGIN CERTIFICATE-----
 MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
@@ -1384,6 +1261,8 @@ KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
 515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
 xwy8p2Fp8fc74SrL+SvzZpA3
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA - R2
 -----BEGIN CERTIFICATE-----
 MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
@@ -1406,6 +1285,8 @@ ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
 AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
 TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA - R3
 -----BEGIN CERTIFICATE-----
 MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
@@ -1427,6 +1308,8 @@ mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
 Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
 WD9f
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA
 -----BEGIN CERTIFICATE-----
 MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
 A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
@@ -1448,6 +1331,8 @@ AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
 DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
 HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
 -----END CERTIFICATE-----
+
+# Global Chambersign Root - 2008
 -----BEGIN CERTIFICATE-----
 MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1489,6 +1374,8 @@ M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
 v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
 09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B
 -----END CERTIFICATE-----
+
+# Go Daddy Class 2 CA
 -----BEGIN CERTIFICATE-----
 MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
 MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
@@ -1513,6 +1400,8 @@ HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
 dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
 ReYNnyicsbkqWletNw+vHX/bvZ8=
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions ECC RootCA 2015
 -----BEGIN CERTIFICATE-----
 MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN
 BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
@@ -1530,6 +1419,8 @@ C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep
 lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof
 TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2011
 -----BEGIN CERTIFICATE-----
 MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
 RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
@@ -1555,6 +1446,8 @@ dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
 Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
 l7WdmplNsDz4SgCbZN2fOUvRJ9e4
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2015
 -----BEGIN CERTIFICATE-----
 MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix
 DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k
@@ -1590,6 +1483,8 @@ pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK
 e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0
 vm9qp/UsQu0yrbYhnr68
 -----END CERTIFICATE-----
+
+# IdenTrust Commercial Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
@@ -1621,6 +1516,8 @@ l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG
 mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
 7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H
 -----END CERTIFICATE-----
+
+# IdenTrust Public Sector Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
@@ -1652,6 +1549,8 @@ tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA
 GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
 8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c
 -----END CERTIFICATE-----
+
+# Microsec e-Szigno Root CA 2009
 -----BEGIN CERTIFICATE-----
 MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
 VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
@@ -1676,6 +1575,8 @@ tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
 2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
 HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
 -----END CERTIFICATE-----
+
+# NetLock Arany (Class Gold) Főtanúsítvány
 -----BEGIN CERTIFICATE-----
 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
 EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
@@ -1700,6 +1601,8 @@ bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
 uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
 XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
 -----END CERTIFICATE-----
+
+# OISTE WISeKey Global Root GA CA
 -----BEGIN CERTIFICATE-----
 MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB
 ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly
@@ -1724,6 +1627,8 @@ hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi
 Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
 /L7fCg0=
 -----END CERTIFICATE-----
+
+# OISTE WISeKey Global Root GB CA
 -----BEGIN CERTIFICATE-----
 MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
 MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
@@ -1746,6 +1651,8 @@ ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
 aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
 Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G1
 -----BEGIN CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -1778,6 +1685,8 @@ Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ
 AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj
 1oxx
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G2
 -----BEGIN CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -1810,6 +1719,8 @@ iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f
 WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM
 S1IK
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G3
 -----BEGIN CERTIFICATE-----
 MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx
 CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U
@@ -1824,59 +1735,8 @@ BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q
 j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx
 4nxp5V2a+EEfOzmTk51V6s2N8fvB
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
-YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
-dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
-aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
-IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
-KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
-MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
-b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
-KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
-A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
-aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
-7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
-BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
-ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
-JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
-PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
-0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
-6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
-v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
-K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
-bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
-MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
-MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
-gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
-b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
-bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
-cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
-ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
-ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
-hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
-AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
-MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
-RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
-UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
-cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
-AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
-AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
-1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
-3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
-Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
-HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
-pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
-sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
-qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
-mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
-opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
-YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
------END CERTIFICATE-----
+
+# QuoVadis Root CA 1 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -1908,6 +1768,8 @@ ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
 q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
 nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA
 -----BEGIN CERTIFICATE-----
 MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
 TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
@@ -1942,6 +1804,8 @@ mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
 xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
 SnQ2+Q==
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -1975,6 +1839,8 @@ ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
 4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
 8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 3
 -----BEGIN CERTIFICATE-----
 MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -2013,6 +1879,8 @@ Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
 mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
 4SVhM7JZG+Ju1zdXtg2pEto=
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 3 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2044,6 +1912,8 @@ DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
 PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
 ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0
 -----END CERTIFICATE-----
+
+# S-TRUST Universal Root CA
 -----BEGIN CERTIFICATE-----
 MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB
 hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl
@@ -2067,6 +1937,62 @@ UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq
 9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO
 KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg==
 -----END CERTIFICATE-----
+
+# SSL.com Root Certification Authority ECC
+-----BEGIN CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz
+WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0
+b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI
+7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg
+CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud
+EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD
+VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T
+kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+
+gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl
+-----END CERTIFICATE-----
+
+# SSL.com Root Certification Authority RSA
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz
+OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R
+xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX
+qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC
+C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3
+6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh
+/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF
+YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E
+JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc
+US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8
+ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm
++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi
+M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV
+cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc
+Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs
+PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/
+q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0
+cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr
+a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I
+H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y
+K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu
+nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf
+oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY
+Ic2wBlX7Jz9TkHCpBB5XJ7k=
+-----END CERTIFICATE-----
+
+# SZAFIR ROOT CA2
 -----BEGIN CERTIFICATE-----
 MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL
 BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6
@@ -2088,6 +2014,8 @@ oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy
 d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg
 LvWpCz/UXeHPhJ/iGcJfitYgHuNztw==
 -----END CERTIFICATE-----
+
+# Secure Global CA
 -----BEGIN CERTIFICATE-----
 MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -2110,6 +2038,8 @@ I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
 iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
 f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
 -----END CERTIFICATE-----
+
+# Security Communication RootCA2
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
 MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
@@ -2131,6 +2061,8 @@ t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
 1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
 SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03
 -----END CERTIFICATE-----
+
+# Security Communication Root CA
 -----BEGIN CERTIFICATE-----
 MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
 MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
@@ -2151,6 +2083,8 @@ Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
 JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
 RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
 -----END CERTIFICATE-----
+
+# Sonera Class 2 Root CA
 -----BEGIN CERTIFICATE-----
 MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
 MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
@@ -2170,6 +2104,8 @@ FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
 Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
 ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -2203,6 +2139,8 @@ N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
 Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
 ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ==
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G3
 -----BEGIN CERTIFICATE-----
 MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -2235,6 +2173,8 @@ fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq
 QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
 94B7IWcnMFk=
 -----END CERTIFICATE-----
+
+# Starfield Class 2 CA
 -----BEGIN CERTIFICATE-----
 MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
 MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
@@ -2259,124 +2199,8 @@ xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
 VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
 WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
-F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
-ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
-ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
-aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
-YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
-c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
-d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
-CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
-dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
-wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
-Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
-0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
-pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
-CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
-P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
-1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
-KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
-8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
-fyWl8kgAwKQB2j8=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
-OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
-A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
-JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
-vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
-D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
-Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
-RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
-HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
-nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
-0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
-UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
-Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
-TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
-BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
-UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
-6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
-9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
-HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
-wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
-XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
-IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
-hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
-so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddI
------END CERTIFICATE-----
+
+# SwissSign Gold CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
@@ -2410,6 +2234,8 @@ Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
 ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
 Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
 -----END CERTIFICATE-----
+
+# SwissSign Platinum CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu
@@ -2443,6 +2269,8 @@ DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x
 kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z
 Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g==
 -----END CERTIFICATE-----
+
+# SwissSign Silver CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
@@ -2476,40 +2304,8 @@ OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
 hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
 tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHA==
------END CERTIFICATE-----
+
+# Swisscom Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
 MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
@@ -2544,6 +2340,8 @@ t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
 9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
 wSsSnqaeG8XmDtkx2Q==
 -----END CERTIFICATE-----
+
+# Symantec Class 1 Public Primary Certification Authority - G4
 -----BEGIN CERTIFICATE-----
 MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL
 MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
@@ -2561,6 +2359,8 @@ AwNpADBmAjEApa7jRlP4mDbjIvouKEkN7jB+M/PsP3FezFWJeJmssv3cHFwzjim5
 axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No
 8gxFSTm/mQQc0xCg
 -----END CERTIFICATE-----
+
+# Symantec Class 1 Public Primary Certification Authority - G6
 -----BEGIN CERTIFICATE-----
 MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB
 lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
@@ -2585,6 +2385,8 @@ dPTXvQbKqDqNVkL6jXI+dPEDct+HG14OelWWLDi3mIXNTTNEyZSPWjEwN0ujOhKz
 DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0
 0jPg/73RVDkpDw==
 -----END CERTIFICATE-----
+
+# Symantec Class 2 Public Primary Certification Authority - G4
 -----BEGIN CERTIFICATE-----
 MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL
 MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
@@ -2602,6 +2404,8 @@ AwNpADBmAjEAyKapr0F/tckRQhZoaUxcuCcYtpjxwH+QbYfTjEYX8D5P/OqwCMR6
 S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9//
 KabYR9mglhjb8kWz
 -----END CERTIFICATE-----
+
+# Symantec Class 2 Public Primary Certification Authority - G6
 -----BEGIN CERTIFICATE-----
 MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB
 lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
@@ -2626,6 +2430,8 @@ Sc2lo4xpeSWuuExsi0BmSxY/zwIa3eFsawdhanYVKZl/G92IgMG/tY9zxaaWI4Sm
 KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+
 b/xa5IJVWa8xqQ==
 -----END CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 2
 -----BEGIN CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -2649,6 +2455,8 @@ g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
 9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP
 BSeOE6Fuwg==
 -----END CERTIFICATE-----
+
+# TC TrustCenter Class 3 CA II
 -----BEGIN CERTIFICATE-----
 MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL
 MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV
@@ -2676,6 +2484,8 @@ g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB
 95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj
 S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A==
 -----END CERTIFICATE-----
+
+# TWCA Global Root CA
 -----BEGIN CERTIFICATE-----
 MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
 EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
@@ -2707,6 +2517,8 @@ wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
 aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
 KwbQBM0=
 -----END CERTIFICATE-----
+
+# TWCA Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
 MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
@@ -2728,6 +2540,8 @@ lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
 aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
 YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw==
 -----END CERTIFICATE-----
+
+# Taiwan GRCA
 -----BEGIN CERTIFICATE-----
 MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
 MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
@@ -2760,6 +2574,8 @@ ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
 LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
 pYYsfPQS
 -----END CERTIFICATE-----
+
+# TeliaSonera Root CA v1
 -----BEGIN CERTIFICATE-----
 MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw
 NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
@@ -2790,6 +2606,100 @@ t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn
 HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx
 SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY=
 -----END CERTIFICATE-----
+
+# TrustCor ECA-1
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig
+RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb
+3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA
+BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5
+3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou
+owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/
+wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF
+ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf
+BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv
+civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2
+AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50
+soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI
+WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi
+tJ/X5g==
+-----END CERTIFICATE-----
+
+# TrustCor RootCert CA-1
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB
+pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h
+IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG
+A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU
+cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid
+RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V
+seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme
+9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV
+EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW
+hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I
+/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ
+yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts
+L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN
+zl/HHk484IkzlQsPpTLWPFp5LBk=
+-----END CERTIFICATE-----
+
+# TrustCor RootCert CA-2
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg
+Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD
+VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+
+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq
+1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp
+2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK
+DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape
+az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF
+3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88
+oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM
+g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3
+mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd
+BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U
+nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
+dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+
+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL
+/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX
+CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa
+ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW
+2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7
+N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3
+Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB
+As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp
+5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu
+1uwJ
+-----END CERTIFICATE-----
+
+# Trustis FPS Root CA
 -----BEGIN CERTIFICATE-----
 MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
 MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
@@ -2811,36 +2721,8 @@ f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F
 jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
 ZetX2fNXlrtIzYE=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
-MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
-bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
-VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
-YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
-dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
-ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
-Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
-GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
-aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
-QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
-xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
-aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
-IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
-gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
-O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
-fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
-lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
-hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
-AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
-NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
-wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
-7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
-gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
-oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
-yZyQ2uypQjyttgI=
------END CERTIFICATE-----
+
+# USERTrust ECC Certification Authority
 -----BEGIN CERTIFICATE-----
 MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
 MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
@@ -2857,6 +2739,8 @@ VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
 zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
 RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg=
 -----END CERTIFICATE-----
+
+# USERTrust RSA Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
@@ -2891,6 +2775,8 @@ VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
 L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
 jjxDah2nGN59PRbxYvnKkKj9
 -----END CERTIFICATE-----
+
+# UTN USERFirst Email Root CA
 -----BEGIN CERTIFICATE-----
 MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB
 rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
@@ -2918,6 +2804,8 @@ rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim
 eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk
 USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ=
 -----END CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G4
 -----BEGIN CERTIFICATE-----
 MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
 MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
@@ -2939,6 +2827,8 @@ kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
 4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
 FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
 -----END CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G5
 -----BEGIN CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
 yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -2967,6 +2857,8 @@ WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
 hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
 -----END CERTIFICATE-----
+
+# VeriSign Universal Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
 vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -2995,6 +2887,8 @@ BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
 lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
 7M2CYfE45k+XmCpajQ==
 -----END CERTIFICATE-----
+
+# Verisign Class 1 Public Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -3019,6 +2913,8 @@ ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs
 pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4
 E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g==
 -----END CERTIFICATE-----
+
+# Verisign Class 2 Public Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ
 BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
@@ -3043,6 +2939,8 @@ sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI
 sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP
 cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q
 -----END CERTIFICATE-----
+
+# Verisign Class 3 Public Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -3067,6 +2965,8 @@ DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
 F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
 TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
 -----END CERTIFICATE-----
+
+# Visa eCommerce Root
 -----BEGIN CERTIFICATE-----
 MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
 MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
@@ -3089,69 +2989,8 @@ LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
 ++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
 398znM/jra6O1I7mT1GvFpLgXPYHDw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
-BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
-MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
-b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
-rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
-fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
-f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
-ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
-x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
-aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
-zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
-uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
-mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
-Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
-HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
-EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
-MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
-JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
-g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
-dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
-R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
-PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
-xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
-J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
-OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
-ee5Ehr7XHuQe+w==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
-BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
-MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
-ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
-D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
-9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
-v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
-UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
-NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
-+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
-qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
-yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
-AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
-J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
-WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
-/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
-jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
-ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
-X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
-FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
-u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
-O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
-ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
-2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ==
------END CERTIFICATE-----
+
+# XRamp Global CA Root
 -----BEGIN CERTIFICATE-----
 MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
 gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
@@ -3177,6 +3016,8 @@ IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
 i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
 O+7ETPTsJ3xCwnR8gooJybQDJbw=
 -----END CERTIFICATE-----
+
+# certSIGN ROOT CA
 -----BEGIN CERTIFICATE-----
 MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
 AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
@@ -3197,6 +3038,8 @@ Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
 i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
 9u6wWk5JRFRYX0KD
 -----END CERTIFICATE-----
+
+# ePKI Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
 MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
diff --git a/msys2/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem b/msys2/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem
index 26113145a..e69de29bb 100644
--- a/msys2/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem
+++ b/msys2/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem
@@ -1,2758 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
-AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
-CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ
-BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND
-VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb
-qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY
-HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo
-G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA
-lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr
-IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/
-0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH
-k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47
-4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO
-m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa
-cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl
-uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI
-KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls
-ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG
-AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2
-VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT
-VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG
-CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA
-cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA
-QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA
-7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA
-cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA
-QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA
-czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu
-aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt
-aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud
-DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF
-BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp
-D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU
-JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m
-AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD
-vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms
-tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH
-7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h
-I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA
-h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
-d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
-pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
-AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
-CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
-MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
-RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
-AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
-09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
-XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
-Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
-t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
-X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
-MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
-fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
-2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
-K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
-ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
-BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
-MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
-RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
-fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
-gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
-I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
-5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
-ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
-MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
-o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
-zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
-GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
-r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
-Z05phkOTOPu220+DkdRgfks+KzgHVZhepA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx
-CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp
-ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa
-QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw
-NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft
-ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu
-QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq
-hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG
-qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL
-fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ
-Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4
-Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ
-54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b
-MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j
-ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej
-YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt
-A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF
-rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ
-pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB
-lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy
-YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50
-7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs
-YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6
-xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc
-unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/
-Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp
-ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42
-gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0
-jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+
-XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD
-W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/
-RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r
-MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk
-BYn8eNZcLCZDqQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
-BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
-MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290
-IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC
-SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1
-ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv
-UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX
-4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9
-KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/
-gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb
-rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ
-51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F
-be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe
-KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F
-v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn
-fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7
-jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz
-ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt
-ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL
-e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70
-jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz
-WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V
-SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j
-pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX
-X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok
-fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R
-K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU
-ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
-LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
-LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
-IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
-MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
-FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
-bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
-dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
-H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
-uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
-mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
-a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
-E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
-WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
-VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
-Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
-cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
-IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
-AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
-YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
-6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
-Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
-c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
-mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
-AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
-EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM
-FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC
-REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp
-Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM
-VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+
-SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ
-4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L
-cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi
-eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV
-HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG
-A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3
-DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j
-vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP
-DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc
-maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
-lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
-KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
-BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
-cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy
-MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg
-Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi
-MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9
-thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM
-cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG
-L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i
-NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h
-X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b
-m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy
-Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja
-EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T
-KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF
-6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh
-OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD
-VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD
-VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp
-cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv
-ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl
-AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF
-661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9
-am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1
-ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481
-PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS
-3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k
-SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF
-3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM
-ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g
-StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
-Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
-jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
-MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
-D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
-OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
-fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
-IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
-oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
-/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
-rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
-3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
-7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
-yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
-qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
-hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
-SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
-HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
-emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
-AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
-7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
-DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
-F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
-a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
-Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOL
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy
-MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe
-NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH
-PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I
-x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe
-QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR
-yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO
-QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912
-H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ
-QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD
-i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs
-nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1
-rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI
-hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM
-tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf
-GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb
-lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka
-+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal
-TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i
-nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3
-gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr
-G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
-zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
-L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
-CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
-EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
-NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
-MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
-KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
-1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
-1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
-aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
-gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
-BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw
-MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
-YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
-RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3
-UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
-2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
-Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
-+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
-DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
-nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW
-/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g
-PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u
-QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY
-SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv
-IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/
-RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4
-zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
-BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
-ZQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
-MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
-BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
-IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw
-MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
-ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
-T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR
-FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J
-cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW
-BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
-BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
-fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
-GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
-hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
-BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5
-MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
-EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
-Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR
-6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X
-pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC
-9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV
-/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf
-Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z
-+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w
-qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah
-SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC
-u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf
-Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq
-crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E
-FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB
-/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl
-wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM
-4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV
-2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna
-FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ
-CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK
-boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke
-jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL
-S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb
-QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
-0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
-NVOFBkpdn627G190
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
-b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa
-MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB
-ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw
-IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B
-AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb
-unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d
-BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq
-7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3
-0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX
-roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG
-A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j
-aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p
-26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA
-BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud
-EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN
-BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
-aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB
-AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd
-p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
-1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
-XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
-eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
-tGWaIZDgqtCYvDi1czyL+Nw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
-YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9
-MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy
-NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G
-A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA
-A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0
-Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s
-QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV
-eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795
-B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh
-z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T
-AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i
-ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w
-TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH
-MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD
-VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE
-VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
-bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B
-AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM
-bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
-ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
-VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
-ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
-AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
-BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
-MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
-JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
-gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
-5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
-fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
-2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
-KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
-fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
-3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
-SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
-LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
-XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E
-jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo
-ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI
-ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu
-Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg
-AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7
-HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
-uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa
-TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
-xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
-CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
-O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
-6GAqm4VKQPNriiTsBhYscw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
-MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
-ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU
-cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3
-WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg
-Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw
-IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH
-UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM
-TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU
-BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM
-kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x
-AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV
-HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV
-HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y
-sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL
-I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8
-J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
-VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
-03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
-VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
-IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
-MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz
-IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz
-MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj
-dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw
-EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp
-MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9
-28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq
-VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q
-DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR
-5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL
-ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a
-Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl
-UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s
-+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5
-Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj
-ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx
-hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV
-HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1
-+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN
-YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t
-L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy
-ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt
-IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV
-HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w
-DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW
-PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF
-5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1
-glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH
-FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2
-pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD
-xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG
-tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq
-jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De
-fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
-OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
-d0jQ
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDqzCCApOgAwIBAgIRAMcoRwmzuGxFjB36JPU2TukwDQYJKoZIhvcNAQEFBQAw
-PDEbMBkGA1UEAxMSQ29tU2lnbiBTZWN1cmVkIENBMRAwDgYDVQQKEwdDb21TaWdu
-MQswCQYDVQQGEwJJTDAeFw0wNDAzMjQxMTM3MjBaFw0yOTAzMTYxNTA0NTZaMDwx
-GzAZBgNVBAMTEkNvbVNpZ24gU2VjdXJlZCBDQTEQMA4GA1UEChMHQ29tU2lnbjEL
-MAkGA1UEBhMCSUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGtWhf
-HZQVw6QIVS3joFd67+l0Kru5fFdJGhFeTymHDEjWaueP1H5XJLkGieQcPOqs49oh
-gHMhCu95mGwfCP+hUH3ymBvJVG8+pSjsIQQPRbsHPaHA+iqYHU4Gk/v1iDurX8sW
-v+bznkqH7Rnqwp9D5PGBpX8QTz7RSmKtUxvLg/8HZaWSLWapW7ha9B20IZFKF3ue
-Mv5WJDmyVIRD9YTC2LxBkMyd1mja6YJQqTtoz7VdApRgFrFD2UNd3V2Hbuq7s8lr
-9gOUCXDeFhF6K+h2j0kQmHe5Y1yLM5d19guMsqtb3nQgJT/j8xH5h2iGNXHDHYwt
-6+UarA9z1YJZQIDTAgMBAAGjgacwgaQwDAYDVR0TBAUwAwEB/zBEBgNVHR8EPTA7
-MDmgN6A1hjNodHRwOi8vZmVkaXIuY29tc2lnbi5jby5pbC9jcmwvQ29tU2lnblNl
-Y3VyZWRDQS5jcmwwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFMFL7XC29z58
-ADsAj8c+DkWfHl3sMB0GA1UdDgQWBBTBS+1wtvc+fAA7AI/HPg5Fnx5d7DANBgkq
-hkiG9w0BAQUFAAOCAQEAFs/ukhNQq3sUnjO2QiBq1BW9Cav8cujvR3qQrFHBZE7p
-iL1DRYHjZiM/EoZNGeQFsOY3wo3aBijJD4mkU6l1P7CW+6tMM1X5eCZGbxs2mPtC
-dsGCuY7e+0X5YxtiOzkGynd6qDwJz2w2PQ8KRUtpFhpFfTMDZflScZAmlaxMDPWL
-kz/MdXSFmLr/YnpNH4n+rr2UAJm/EaXc4HnFFgt9AmEd6oX5AhVP51qJThRv4zdL
-hfXBPGHg/QVBspJ/wx2g0K5SZGBrGMYmnNj1ZOQ2GmKfig8+/21OGVZOIJFsnzQz
-OjRXUDpvgV4GxvU+fE6OK85lBi5d0ipTdF7Tbieejw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
-YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL
-MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
-BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM
-GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua
-BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe
-3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4
-YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR
-rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm
-ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU
-oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
-MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
-QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t
-b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF
-AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q
-GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
-Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
-G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
-l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
-smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
-MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
-IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB
-IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE
-RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl
-U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290
-IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU
-ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC
-QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr
-rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S
-NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc
-QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH
-txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP
-BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp
-tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
-IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
-6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
-xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
-Cm26OWMohpLzGITY+9HPBVZkVw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
-b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG
-EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
-cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c
-JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP
-mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+
-wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4
-VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/
-AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB
-AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW
-BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun
-pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC
-dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf
-fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm
-NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
-H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
-+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
-b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG
-EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
-cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA
-n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc
-biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp
-EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA
-bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu
-YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB
-AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW
-BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI
-QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I
-0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni
-lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9
-B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
-ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
-IhNzbM8m9Yop5w==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
-CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
-ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg
-RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV
-UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
-Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq
-hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf
-Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q
-RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD
-AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
-JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
-6pZjamVFkpUBtA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
-QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
-b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
-CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
-nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
-43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
-T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
-gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
-BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
-TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
-DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
-hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
-06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
-PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
-YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
-CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
-MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
-b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
-2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
-1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
-q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
-tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
-vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
-BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
-5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
-1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
-NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
-Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
-8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
-pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
-MrY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
-CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
-ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
-Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw
-EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x
-IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF
-K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG
-fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO
-Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd
-BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx
-AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
-oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
-sycX
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
-ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
-MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
-LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
-RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
-+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
-PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
-xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
-Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
-hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
-EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
-FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
-nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
-eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
-hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
-Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
-vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
-+OkuE6N36B9K
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
-RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV
-UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
-Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG
-SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y
-ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If
-xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV
-ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO
-DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ
-jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/
-CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi
-EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM
-fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY
-uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK
-chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t
-9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
-hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD
-ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2
-SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd
-+SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc
-fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa
-sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N
-cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N
-0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie
-4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI
-r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
-/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
-gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
-BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
-aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV
-BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1
-Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz
-MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+
-BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp
-em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN
-ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY
-B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH
-D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF
-Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo
-q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D
-k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH
-fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut
-dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM
-ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8
-zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn
-rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX
-U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6
-Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5
-XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF
-Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR
-HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY
-GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c
-77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3
-+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK
-vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6
-FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl
-yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P
-AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
-y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
-NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1
-MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
-czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG
-CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy
-MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl
-ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS
-b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy
-euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO
-bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw
-WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d
-MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE
-1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD
-VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/
-zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB
-BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF
-BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV
-v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG
-E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u
-uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW
-iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v
-GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
-RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
-IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3
-MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
-LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
-YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
-A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq
-K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe
-sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX
-MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT
-XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/
-HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH
-4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
-HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub
-j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo
-U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf
-zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b
-u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
-bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
-fF6adulZkMV8gzURZVE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
-A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
-d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu
-dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq
-RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy
-MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD
-VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0
-L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g
-Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD
-ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt
-ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH
-Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
-R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
-hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
-VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
-cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs
-IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz
-dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy
-NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu
-dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt
-dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0
-aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T
-RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN
-cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW
-wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1
-U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0
-jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP
-BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN
-BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/
-jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ
-Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
-1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R
-nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
-VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
-R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
-9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
-fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
-iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
-1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
-bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
-MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
-ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
-uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
-Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
-tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
-PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
-hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
-5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
-MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
-KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2
-MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
-eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV
-BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw
-NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV
-BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
-MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL
-So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal
-tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO
-BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG
-CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
-qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
-rD6ogRLQy7rQkgu2npaqBA+K
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
-mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
-MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
-eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv
-cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ
-BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg
-MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0
-BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
-LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz
-+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm
-hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn
-5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W
-JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL
-DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC
-huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
-HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB
-AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB
-zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN
-kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD
-AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
-SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
-spki4cErx5z481+oghLrGREt
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
-c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE
-BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0
-IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV
-VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8
-cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT
-QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh
-F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v
-c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w
-mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd
-VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX
-teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ
-f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe
-Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+
-nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY
-MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG
-9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc
-aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX
-IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn
-ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z
-uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN
-Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja
-QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW
-koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9
-ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
-DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
-bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
-c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD
-VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1
-c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
-AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81
-WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG
-FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq
-XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL
-se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb
-KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd
-IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73
-y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt
-hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc
-QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4
-Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV
-HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV
-HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ
-KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z
-dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ
-L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr
-Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo
-ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY
-T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz
-GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m
-1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV
-OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
-6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
-QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
-MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
-bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX
-DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD
-QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ
-FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw
-DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F
-uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
-kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
-ewv4n4Q=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
-MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
-bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX
-DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD
-QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc
-8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke
-hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI
-KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
-515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
-xwy8p2Fp8fc74SrL+SvzZpA3
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4
-MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8
-RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT
-gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm
-KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd
-QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ
-XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw
-DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o
-LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU
-RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp
-jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK
-6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX
-mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
-Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
-WD9f
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
-MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
-aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
-jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
-xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
-1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
-snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
-U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
-9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
-AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
-yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
-38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
-AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
-DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
-HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
-VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
-IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
-MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD
-aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx
-MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy
-cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG
-A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl
-BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed
-KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7
-G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2
-zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4
-ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG
-HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2
-Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V
-yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e
-beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r
-6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh
-wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog
-zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW
-BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr
-ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp
-ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk
-cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt
-YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC
-CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow
-KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI
-hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ
-UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz
-X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x
-fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz
-a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd
-Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd
-SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O
-AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso
-M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
-v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
-09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
-MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
-YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3
-MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo
-ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg
-MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN
-ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA
-PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w
-wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi
-EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY
-avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+
-YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE
-sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h
-/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5
-IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
-ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy
-OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
-TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
-HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
-dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
-ReYNnyicsbkqWletNw+vHX/bvZ8=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
-EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
-EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp
-ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz
-NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH
-EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE
-AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD
-E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH
-/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy
-DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh
-GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR
-tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA
-AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE
-FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX
-WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu
-9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr
-gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo
-2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO
-LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI
-4uJEvlz36hz1
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
-RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
-dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p
-YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw
-NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK
-EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl
-cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
-c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz
-dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ
-fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns
-bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD
-75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP
-FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV
-HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp
-5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu
-b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA
-A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p
-6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8
-TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7
-dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
-Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
-l7WdmplNsDz4SgCbZN2fOUvRJ9e4
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4
-MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
-ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD
-VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j
-b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq
-scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO
-xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H
-LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX
-uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD
-yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+
-JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q
-rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN
-BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L
-hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB
-QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+
-HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu
-Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg
-QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB
-BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx
-MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
-AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA
-A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb
-laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56
-awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo
-JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw
-LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT
-VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk
-LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb
-UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/
-QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+
-naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
-QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
-VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
-ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G
-CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y
-OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx
-FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp
-Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o
-dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP
-kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc
-cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U
-fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7
-N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC
-xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1
-+rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G
-A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM
-Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG
-SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h
-mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk
-ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775
-tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
-2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
-HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
-EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
-MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
-dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB
-pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
-b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
-aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz
-IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT
-lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz
-AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5
-VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG
-ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2
-BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG
-AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M
-U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh
-bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C
-+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC
-bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
-uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
-XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
-MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
-Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i
-YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x
-CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG
-b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh
-bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3
-HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx
-WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX
-1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk
-u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P
-99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r
-M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw
-AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB
-BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh
-cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5
-gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO
-ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
-aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
-Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
-YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
-dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
-aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
-IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
-KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
-MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
-b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
-KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
-A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
-aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
-7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
-BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
-ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
-JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
-PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
-0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
-6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
-v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
-K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
-bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
-MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
-MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
-gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
-b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
-bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
-cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
-ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
-ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
-hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
-AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
-MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
-RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
-UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
-cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
-AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
-AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
-1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
-3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
-Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
-HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
-pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
-sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
-qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
-mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
-opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
-YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
-BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
-BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00
-MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
-aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG
-SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV
-wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe
-rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341
-68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh
-4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp
-UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o
-abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc
-3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G
-KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt
-hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO
-Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt
-zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
-BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD
-ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC
-MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2
-cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN
-qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5
-YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv
-b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2
-8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k
-NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj
-ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
-q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
-nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
-TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz
-MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw
-IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR
-dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp
-li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D
-rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ
-WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug
-F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU
-xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC
-Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv
-dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw
-ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl
-IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh
-c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy
-ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
-Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI
-KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T
-KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq
-y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
-dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD
-VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL
-MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk
-fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
-7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R
-cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
-mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
-xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
-SnQ2+Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
-GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
-b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV
-BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
-YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa
-GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg
-Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J
-WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB
-rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp
-+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1
-ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i
-Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz
-PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og
-/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH
-oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI
-yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud
-EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2
-A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL
-MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT
-ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f
-BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn
-g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl
-fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K
-WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha
-B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc
-hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR
-TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD
-mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z
-ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
-4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
-8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL
-BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
-BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00
-MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
-aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG
-SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf
-qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW
-n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym
-c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+
-O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1
-o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j
-IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq
-IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz
-8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh
-vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l
-7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG
-cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
-BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD
-ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66
-AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC
-roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga
-W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n
-lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE
-+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV
-csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd
-dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg
-KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM
-HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4
-WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
-GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
-b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV
-BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
-YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM
-V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB
-4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr
-H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd
-8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv
-vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT
-mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe
-btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc
-T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt
-WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ
-c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A
-4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD
-VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG
-CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0
-aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0
-aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu
-dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw
-czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G
-A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC
-TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg
-Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0
-7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem
-d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd
-+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B
-4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN
-t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x
-DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57
-k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s
-zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j
-Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
-mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
-4SVhM7JZG+Ju1zdXtg2pEto=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
-BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
-BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00
-MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
-aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG
-SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR
-/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu
-FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR
-U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c
-ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR
-FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k
-A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw
-eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl
-sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp
-VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q
-A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+
-ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
-BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD
-ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px
-KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI
-FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv
-oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg
-u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP
-0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf
-3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl
-8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+
-DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
-PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
-ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
-FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz
-MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv
-cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz
-Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO
-0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao
-wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj
-7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS
-8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT
-BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB
-/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg
-JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC
-NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3
-6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/
-3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm
-D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
-CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
-3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
-GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx
-MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg
-Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ
-iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa
-/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ
-jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI
-HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7
-sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w
-gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw
-KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG
-AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L
-URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO
-H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm
-I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
-iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
-f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
-MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
-U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX
-DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy
-dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj
-YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV
-OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr
-zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM
-VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ
-hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO
-ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw
-awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs
-OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
-DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF
-coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc
-okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8
-t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
-1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
-SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
-MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
-dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5
-WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD
-VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8
-9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ
-DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9
-Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N
-QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ
-xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G
-A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG
-kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr
-Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5
-Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
-JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
-RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
-TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX
-DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl
-ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv
-b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291
-qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp
-uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU
-Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE
-pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp
-5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M
-UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN
-GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy
-5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv
-6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK
-eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6
-B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/
-BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov
-L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV
-HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG
-SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS
-CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen
-5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897
-IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK
-gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL
-+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL
-vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm
-bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk
-N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
-Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
-ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
-MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
-U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw
-NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE
-ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp
-ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3
-DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf
-8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN
-+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0
-X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa
-K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA
-1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G
-A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR
-zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0
-YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD
-bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w
-DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3
-L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
-eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
-xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
-VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
-WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
-EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
-HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs
-ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw
-MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6
-b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj
-aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp
-Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg
-nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1
-HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N
-Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN
-dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0
-HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO
-BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G
-CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU
-sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3
-4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg
-8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K
-pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1
-mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
-EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
-HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs
-ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5
-MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD
-VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy
-ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy
-dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p
-OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2
-8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K
-Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe
-hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk
-6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw
-DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q
-AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI
-bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB
-ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z
-qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd
-iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn
-0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN
-sSi6
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
-F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
-ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
-ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
-aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
-YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
-c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
-d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
-CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
-dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
-wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
-Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
-0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
-pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
-CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
-P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
-1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
-KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
-8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
-fyWl8kgAwKQB2j8=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
-OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
-A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
-JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
-vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
-D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
-Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
-RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
-HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
-nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
-0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
-UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
-Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
-TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
-BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
-UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
-6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
-9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
-HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
-wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
-XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
-IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
-hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
-so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddI
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
-BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
-biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF
-MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT
-d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
-CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8
-76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+
-bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c
-6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE
-emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd
-MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt
-MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y
-MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y
-FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi
-aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM
-gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB
-qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7
-lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn
-8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov
-L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6
-45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO
-UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5
-O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC
-bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv
-GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a
-77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC
-hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3
-92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp
-Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
-ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
-Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
-BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu
-IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw
-WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD
-ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD
-ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y
-IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn
-IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+
-6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob
-jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw
-izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl
-+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY
-zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP
-pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF
-KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW
-ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB
-AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0
-ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW
-IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA
-A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0
-uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+
-FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7
-jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/
-u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D
-YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1
-puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa
-icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG
-DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x
-kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z
-Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
-BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
-IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow
-RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY
-U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
-MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv
-Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br
-YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF
-nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH
-6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt
-eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/
-c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ
-MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH
-HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf
-jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6
-5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB
-rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU
-F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c
-wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0
-cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB
-AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp
-WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9
-xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ
-2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ
-IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8
-aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X
-em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR
-dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/
-OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
-hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
-tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr
-jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r
-0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f
-2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP
-ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF
-y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA
-tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL
-6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0
-uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL
-acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh
-k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q
-VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O
-BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh
-b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R
-fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv
-/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI
-REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx
-srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv
-aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT
-woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n
-Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W
-t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
-8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2
-9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
-wSsSnqaeG8XmDtkx2Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
-ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
-dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
-IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
-VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
-dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
-MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
-UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
-1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
-oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
-HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
-5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
-idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
-OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
-NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
-46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
-UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
-7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
-A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
-MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
-bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
-XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
-PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
-Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
-WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
-Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
-7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
-nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
-vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
-WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
-fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
-I+2ksx0WckNLIOFZfsLorSa/ovc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
-S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
-SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
-OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
-b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
-VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
-sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
-ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
-KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
-+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
-HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
-IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
-733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
-Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
-AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
-aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
-mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
-XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
-qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
-EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
-VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5
-NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT
-B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG
-SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF
-10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz
-0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh
-MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH
-zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc
-46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2
-yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi
-laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP
-oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA
-BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE
-qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm
-4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
-/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL
-1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn
-LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF
-H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo
-RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+
-nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh
-15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW
-6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW
-nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j
-wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
-aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
-KwbQBM0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
-MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
-V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz
-WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO
-LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE
-AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH
-K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX
-RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z
-rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx
-3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
-HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq
-hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC
-MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls
-XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D
-lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
-aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
-YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
-MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow
-PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
-AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR
-IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q
-gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy
-yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts
-F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2
-jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx
-ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC
-VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK
-YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH
-EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN
-Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud
-DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE
-MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK
-UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ
-TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf
-qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK
-ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE
-JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7
-hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1
-EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm
-nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX
-udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz
-ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
-LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
-pYYsfPQS
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE
-BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn
-aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg
-QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg
-SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0
-MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD
-VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8
-dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF
-bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom
-/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR
-Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3
-4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z
-5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0
-hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID
-AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX
-SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l
-VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq
-URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf
-peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF
-Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
-+qtB4Uu2NQvAmxU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
-MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
-eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
-JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx
-MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg
-VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo
-I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng
-o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G
-A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
-zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
-RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
-iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
-cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
-BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw
-MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV
-BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU
-aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy
-dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
-AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B
-3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY
-tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/
-Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2
-VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT
-79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6
-c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT
-Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l
-c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee
-UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE
-Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd
-BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF
-Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO
-VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3
-ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs
-8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR
-iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze
-Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ
-XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/
-qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB
-VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
-L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
-jjxDah2nGN59PRbxYvnKkKj9
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEZjCCA06gAwIBAgIQRL4Mi1AAJLQR0zYt4LNfGzANBgkqhkiG9w0BAQUFADCB
-lTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3Qt
-T2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAzNlowgZUxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAc
-BgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3
-dy51c2VydHJ1c3QuY29tMR0wGwYDVQQDExRVVE4tVVNFUkZpcnN0LU9iamVjdDCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6qgT+jo2F4qjEAVZURnicP
-HxzfOpuCaDDASmEd8S8O+r5596Uj71VRloTN2+O5bj4x2AogZ8f02b+U60cEPgLO
-KqJdhwQJ9jCdGIqXsqoc/EHSoTbL+z2RuufZcDX65OeQw5ujm9M89RKZd7G3CeBo
-5hy485RjiGpq/gt2yb70IuRnuasaXnfBhQfdDWy/7gbHd2pBnqcP1/vulBe3/IW+
-pKvEHDHd17bR5PDv3xaPslKT16HUiaEHLr/hARJCHhrh2JU022R5KP+6LhHC5ehb
-kkj7RwvCbNqtMoNB86XlQXD9ZZBt+vpRxPm9lisZBCzTbafc8H9vg2XiaquHhnUC
-AwEAAaOBrzCBrDALBgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQU2u1kdBScFDyr3ZmpvVsoTYs8ydgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
-L2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VSRmlyc3QtT2JqZWN0LmNybDApBgNV
-HSUEIjAgBggrBgEFBQcDAwYIKwYBBQUHAwgGCisGAQQBgjcKAwQwDQYJKoZIhvcN
-AQEFBQADggEBAAgfUrE3RHjb/c652pWWmKpVZIC1WkDdIaXFwfNfLEzIR1pp6ujw
-NTX00CXzyKakh0q9G7FzCL3Uw8q2NbtZhncxzaeAFK4T7/yxSPlrJSUtUbYsbUXB
-mMiKVl0+7kNOPmsnjtA6S4ULX9Ptaqd1y9Fahy85dRNacrACgZ++8A+EVCBibGnU
-4U3GDZlDAQ0Slox4nb9QorFEqmrPF3rPbw/U+CRVX/A0FklmPlBGyWNxODFiuGK5
-81OtbLUrohKqGU8J2l7nk8aOFAj+8DCAGKCGhU3IfdeLA/5u1fedFqySLKAj5ZyR
-Uh+U3xeUc8OzwcFxBSAAeL0TUh2oPs0AH8g=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
-MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
-ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln
-biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
-U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
-aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG
-A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp
-U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg
-SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln
-biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
-IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm
-GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve
-fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw
-AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ
-aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj
-aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW
-kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
-4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
-FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
-MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
-ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
-biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
-U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
-aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
-nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
-t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
-SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
-BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
-rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
-NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
-BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
-BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
-aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
-MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
-p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
-5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
-WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
-4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
-hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
-vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W
-ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
-Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX
-MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0
-IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y
-IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh
-bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF
-9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH
-H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H
-LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN
-/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT
-rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud
-EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw
-WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs
-exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud
-DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4
-sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+
-seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz
-4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+
-BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
-lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
-7M2CYfE45k+XmCpajQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
-CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
-cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
-LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
-aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
-VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
-bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
-IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
-LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b
-N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t
-KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu
-kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm
-CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ
-Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu
-imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
-2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe
-DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
-/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
-F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
-TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
-MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
-cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv
-bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw
-CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h
-dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l
-cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h
-2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E
-lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV
-ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq
-299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t
-vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL
-dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
-AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF
-AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR
-zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3
-LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
-7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw
-++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
-398znM/jra6O1I7mT1GvFpLgXPYHDw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
-BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
-MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
-b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
-rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
-fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
-f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
-ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
-x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
-aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
-zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
-uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
-mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
-Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
-HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
-EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
-MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
-JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
-g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
-dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
-R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
-PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
-xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
-J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
-OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
-ee5Ehr7XHuQe+w==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
-BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
-MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
-ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
-D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
-9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
-v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
-UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
-NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
-+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
-qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
-yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
-AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
-J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
-WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
-/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
-jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
-ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
-X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
-FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
-u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
-O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
-ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
-2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
-gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
-MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY
-UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx
-NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3
-dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy
-dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB
-dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6
-38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP
-KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q
-DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4
-qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa
-JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi
-PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P
-BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs
-jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0
-eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD
-ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR
-vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt
-qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa
-IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
-i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
-O+7ETPTsJ3xCwnR8gooJybQDJbw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
-AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
-QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP
-MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do
-0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ
-UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d
-RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ
-OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv
-JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C
-AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O
-BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ
-LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY
-MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ
-44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I
-Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
-i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
-9u6wWk5JRFRYX0KD
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
-MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
-ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
-Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw
-IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL
-SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH
-SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh
-ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X
-DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1
-TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ
-fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA
-sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU
-WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS
-nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH
-dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip
-NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC
-AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF
-MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH
-ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB
-uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl
-PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP
-JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/
-gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2
-j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6
-5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB
-o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS
-/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z
-Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE
-W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
-hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL
-MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp
-IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi
-BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw
-MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh
-d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig
-YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v
-dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/
-BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6
-papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E
-BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K
-DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3
-KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox
-XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
-rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV
-BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa
-Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl
-LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u
-MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl
-ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm
-gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8
-YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf
-b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9
-9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S
-zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk
-OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
-HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA
-2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW
-oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu
-t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c
-KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
-m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
-MdRAGmI0Nj81Aa6sY6A=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
-qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
-BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw
-NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j
-LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG
-A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl
-IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs
-W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta
-3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk
-6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6
-Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J
-NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA
-MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP
-r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU
-DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz
-YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX
-xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2
-/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/
-LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7
-jVaMaA==
------END CERTIFICATE-----
diff --git a/msys2/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem b/msys2/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
index 22e00d221..b832ef518 100644
--- a/msys2/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
+++ b/msys2/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
@@ -1,3 +1,4 @@
+# ACCVRAIZ1
 -----BEGIN CERTIFICATE-----
 MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
 AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
@@ -42,39 +43,8 @@ h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
 d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
 pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
-AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
-CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
-MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
-RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
-AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
-09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
-XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
-Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
-t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
-X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
-MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
-fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
-2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
-K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
-ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
-BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
-MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
-RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
-fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
-gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
-I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
-5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
-ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
-MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
-o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
-zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
-GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
-r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
-Z05phkOTOPu220+DkdRgfks+KzgHVZhepA==
------END CERTIFICATE-----
+
+# AC RAIZ FNMT-RCM
 -----BEGIN CERTIFICATE-----
 MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx
 CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ
@@ -107,6 +77,8 @@ fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp
 RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv
 uu8wd+RU4riEmViAqhOLUTpPSPaLtrM=
 -----END CERTIFICATE-----
+
+# Actalis Authentication Root CA
 -----BEGIN CERTIFICATE-----
 MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
 BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
@@ -140,6 +112,8 @@ ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
 LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
 LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
 -----END CERTIFICATE-----
+
+# AddTrust External Root
 -----BEGIN CERTIFICATE-----
 MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
@@ -165,79 +139,8 @@ Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
 c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
 mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw
-MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
-QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD
-VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul
-CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n
-tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl
-dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch
-PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC
-+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O
-BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
-BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl
-MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk
-ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB
-IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
-7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz
-43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
-eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
-pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
-WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqE=
------END CERTIFICATE-----
+
+# AffirmTrust Commercial
 -----BEGIN CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -258,6 +161,8 @@ Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g
 N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC
 nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8=
 -----END CERTIFICATE-----
+
+# AffirmTrust Networking
 -----BEGIN CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -278,6 +183,8 @@ Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u
 olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48
 x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s=
 -----END CERTIFICATE-----
+
+# AffirmTrust Premium
 -----BEGIN CERTIFICATE-----
 MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
@@ -309,6 +216,8 @@ GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO
 RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e
 KeC2uAloGRwYQw==
 -----END CERTIFICATE-----
+
+# AffirmTrust Premium ECC
 -----BEGIN CERTIFICATE-----
 MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
 VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
@@ -322,6 +231,8 @@ A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs
 aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I
 flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ==
 -----END CERTIFICATE-----
+
+# Amazon Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -342,6 +253,8 @@ o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
 5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
 rqXRfboQnoZsG4q5WTP468SQvvG5
 -----END CERTIFICATE-----
+
+# Amazon Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -373,6 +286,8 @@ n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE
 9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT
 4PsJYGw=
 -----END CERTIFICATE-----
+
+# Amazon Root CA 3
 -----BEGIN CERTIFICATE-----
 MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -385,6 +300,8 @@ ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr
 BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM
 YyRIHN8wfdVoOw==
 -----END CERTIFICATE-----
+
+# Amazon Root CA 4
 -----BEGIN CERTIFICATE-----
 MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -398,6 +315,8 @@ MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw
 CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW
 1KyLa2tJElMzrdfkviT8tQp21KW8EA==
 -----END CERTIFICATE-----
+
+# Atos TrustedRoot 2011
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
 AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
@@ -419,6 +338,8 @@ maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
 lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
 KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed
 -----END CERTIFICATE-----
+
+# Autoridad de Certificacion Firmaprofesional CIF A62634068
 -----BEGIN CERTIFICATE-----
 MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
 BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
@@ -454,6 +375,8 @@ StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
 Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
 jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V
 -----END CERTIFICATE-----
+
+# Baltimore CyberTrust Root
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
 RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
@@ -475,6 +398,8 @@ Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
 ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
 R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
 -----END CERTIFICATE-----
+
+# Buypass Class 2 Root CA
 -----BEGIN CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -506,6 +431,8 @@ I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7
 3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz
 Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA=
 -----END CERTIFICATE-----
+
+# Buypass Class 3 Root CA
 -----BEGIN CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -537,37 +464,8 @@ kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41
 u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq
 4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
-MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
-D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
-OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
-fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
-IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
-oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
-/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
-rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
-3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
-7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
-yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
-qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
-hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
-SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
-HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
-emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
-AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
-7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
-DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
-F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
-a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
-Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOL
------END CERTIFICATE-----
+
+# CA Disig Root R2
 -----BEGIN CERTIFICATE-----
 MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
 BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
@@ -599,19 +497,8 @@ G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
 zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
 L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
-CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
-EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
-NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
-MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
-KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
-1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
-1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
-aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
------END CERTIFICATE-----
+
+# CFCA EV ROOT
 -----BEGIN CERTIFICATE-----
 MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD
 TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
@@ -644,26 +531,8 @@ Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN
 AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
 5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2
-MDcwOTE0WhcNMjcwNDE2MDcwOTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMF
-Q05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzDo+/hn7E7SIX1mlwh
-IhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tizVHa6
-dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZO
-V/kbZKKTVrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrC
-GHn2emU1z5DrvTOTn1OrczvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gN
-v7Sg2Ca+I19zN38m5pIEo3/PIKe38zrKy5nLAgMBAAGjczBxMBEGCWCGSAGG+EIB
-AQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscCwQ7vptU7ETAPBgNVHRMB
-Af8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991SlgrHAsEO
-76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnK
-OOK5Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvH
-ugDnuL8BV8F3RTIMO/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7Hgvi
-yJA/qIYM/PmLXoXLT1tLYhFHxUV8BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fL
-buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
-2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxE=
------END CERTIFICATE-----
+
+# COMODO Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
 gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -689,6 +558,8 @@ zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
 BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
 ZQ==
 -----END CERTIFICATE-----
+
+# COMODO ECC Certification Authority
 -----BEGIN CERTIFICATE-----
 MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
 MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
@@ -705,6 +576,8 @@ BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
 fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
 GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
 -----END CERTIFICATE-----
+
+# COMODO RSA Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
 hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -739,83 +612,8 @@ QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
 0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
 NVOFBkpdn627G190
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
-b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa
-MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB
-ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw
-IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B
-AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb
-unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d
-BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq
-7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3
-0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX
-roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG
-A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j
-aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p
-26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA
-BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud
-EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN
-BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
-aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB
-AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd
-p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
-1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
-XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
-eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
-tGWaIZDgqtCYvDi1czyL+Nw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
-YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9
-MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy
-NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G
-A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA
-A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0
-Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s
-QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV
-eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795
-B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh
-z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T
-AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i
-ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w
-TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH
-MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD
-VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE
-VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
-bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B
-AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM
-bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
-ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
-VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
-ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
-AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
-BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
-MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
-JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
-gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
-5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
-fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
-2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
-KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
-fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
-3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
-SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
-LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
-XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
------END CERTIFICATE-----
+
+# Certigna
 -----BEGIN CERTIFICATE-----
 MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV
 BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X
@@ -838,38 +636,8 @@ HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w
 t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
 WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjET
-MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAk
-BgNVBAMMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4
-Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNl
-cnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYwJAYDVQQDDB1DZXJ0
-aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jY
-F1AMnmHawE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N
-8y4oH3DfVS9O7cdxbwlyLu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWe
-rP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K
-/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92NjMD2AR5vpTESOH2VwnHu
-7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9qc1pkIuVC
-28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6
-lSTClrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1E
-nn1So2+WLhl+HPNbxxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB
-0iSVL1N6aaLwD4ZFjliCK0wi1F6g530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql09
-5gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna4NH4+ej9Uji29YnfAgMBAAGj
-WzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQN
-jLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
-KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9s
-ov3/4gbIOZ/xWqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZM
-OH8oMDX/nyNTt7buFHAAQCvaR6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q
-619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40nJ+U8/aGH88bc62UeYdocMMzpXDn
-2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1BCxMjidPJC+iKunqj
-o3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjvJL1v
-nxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG
-5ERQL1TEqkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWq
-pdEdnV1j6CTmNhTih60bWfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZb
-dsLLO7XSAPCjDuGtbkD326C00EauFddEwk01+dIL8hf2rGbVJLJP0RyZwG71fet0
-BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/vgt2Fl43N+bYdJeimUV5
------END CERTIFICATE-----
+
+# Certinomis - Root CA
 -----BEGIN CERTIFICATE-----
 MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
 MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
@@ -902,6 +670,8 @@ Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ
 8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW
 gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE=
 -----END CERTIFICATE-----
+
+# Certplus Class 2 Primary CA
 -----BEGIN CERTIFICATE-----
 MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
 PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
@@ -924,6 +694,8 @@ ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
 kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
 l7+ijrRU
 -----END CERTIFICATE-----
+
+# Certplus Root CA G1
 -----BEGIN CERTIFICATE-----
 MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA
 MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy
@@ -955,6 +727,8 @@ V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5
 g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl
 ++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo=
 -----END CERTIFICATE-----
+
+# Certplus Root CA G2
 -----BEGIN CERTIFICATE-----
 MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x
 CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs
@@ -969,25 +743,8 @@ SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch
 p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal
 U5ORGpOucGpnutee5WEaXw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E
-jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo
-ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI
-ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu
-Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg
-AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7
-HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
-uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa
-TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
-xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
-CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
-O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
-6GAqm4VKQPNriiTsBhYscw==
------END CERTIFICATE-----
+
+# Certum Trusted Network CA
 -----BEGIN CERTIFICATE-----
 MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
 MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
@@ -1010,6 +767,8 @@ J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
 VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
 03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw=
 -----END CERTIFICATE-----
+
+# Certum Trusted Network CA 2
 -----BEGIN CERTIFICATE-----
 MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB
 gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
@@ -1044,6 +803,8 @@ XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P
 5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi
 DrW5viSP
 -----END CERTIFICATE-----
+
+# Chambers of Commerce Root - 2008
 -----BEGIN CERTIFICATE-----
 MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1086,30 +847,8 @@ fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
 OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
 d0jQ
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
-Q04xMjAwBgNVBAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24g
-Q2VudGVyMUcwRQYDVQQDDD5DaGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0
-aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMgUm9vdDAeFw0xMDA4MzEwNzExMjVa
-Fw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAGA1UECgwpQ2hpbmEg
-SW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMMPkNo
-aW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRp
-ZmljYXRlcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z
-7r07eKpkQ0H1UN+U8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//
-DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1Vx
-zUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8
-hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs
-4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54u
-gQEC7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oY
-NJKiyoOCWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
-FgQUfHJLOcfA22KlT5uqGDSSosqDglkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3
-j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd50XPFtQO3WKwMVC/GVhMPMdoG
-52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM7+czV0I664zB
-echNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
-ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrI
-zo9uoV1/A3U05K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATy
-wy39FCqQmbkHzJ8=
------END CERTIFICATE-----
+
+# Comodo AAA Services root
 -----BEGIN CERTIFICATE-----
 MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
 MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
@@ -1135,56 +874,8 @@ G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
 l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
 smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
------END CERTIFICATE-----
+
+# Cybertrust Global Root
 -----BEGIN CERTIFICATE-----
 MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG
 A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
@@ -1207,6 +898,8 @@ omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc
 A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW
 WL1WMRJOEcgh4LMRkWXbtKaIOM5V
 -----END CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 2009
 -----BEGIN CERTIFICATE-----
 MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD
@@ -1232,6 +925,8 @@ zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8
 PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y
 Johw1+qRzT65ysCQblrGXnRl11z+o+I=
 -----END CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 EV 2009
 -----BEGIN CERTIFICATE-----
 MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
@@ -1257,30 +952,8 @@ CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na
 xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX
 KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
-ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
-MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
-VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
-FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
-ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
-gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
-fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
-ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
-ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
-c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
-dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
-aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
-hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
-QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
-h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
-nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
-rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
-9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6mis=
------END CERTIFICATE-----
+
+# DST Root CA X3
 -----BEGIN CERTIFICATE-----
 MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
 MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
@@ -1301,6 +974,8 @@ R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
 Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
 -----END CERTIFICATE-----
+
+# Deutsche Telekom Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
 MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
@@ -1323,6 +998,8 @@ IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
 xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
 Cm26OWMohpLzGITY+9HPBVZkVw==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root CA
 -----BEGIN CERTIFICATE-----
 MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1345,6 +1022,8 @@ NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
 H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
 +o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root G2
 -----BEGIN CERTIFICATE-----
 MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1367,6 +1046,8 @@ B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
 ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
 IhNzbM8m9Yop5w==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root G3
 -----BEGIN CERTIFICATE-----
 MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1382,6 +1063,8 @@ AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
 JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
 6pZjamVFkpUBtA==
 -----END CERTIFICATE-----
+
+# DigiCert Global Root CA
 -----BEGIN CERTIFICATE-----
 MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1404,6 +1087,8 @@ PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
 YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
 CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 -----END CERTIFICATE-----
+
+# DigiCert Global Root G2
 -----BEGIN CERTIFICATE-----
 MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1426,6 +1111,8 @@ Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
 pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
 MrY=
 -----END CERTIFICATE-----
+
+# DigiCert Global Root G3
 -----BEGIN CERTIFICATE-----
 MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1441,6 +1128,8 @@ AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
 oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
 sycX
 -----END CERTIFICATE-----
+
+# DigiCert High Assurance EV Root CA
 -----BEGIN CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1464,6 +1153,8 @@ Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
 vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
 +OkuE6N36B9K
 -----END CERTIFICATE-----
+
+# DigiCert Trusted Root G4
 -----BEGIN CERTIFICATE-----
 MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1496,6 +1187,8 @@ r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
 /YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
 gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
 -----END CERTIFICATE-----
+
+# E-Tugra Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
 BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
@@ -1532,6 +1225,8 @@ AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
 y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
 NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA==
 -----END CERTIFICATE-----
+
+# EC-ACC
 -----BEGIN CERTIFICATE-----
 MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB
 8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
@@ -1563,6 +1258,8 @@ Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS
 Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl
 nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI=
 -----END CERTIFICATE-----
+
+# EE Certification Centre Root CA
 -----BEGIN CERTIFICATE-----
 MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1
 MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
@@ -1587,6 +1284,8 @@ uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW
 iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v
 GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0=
 -----END CERTIFICATE-----
+
+# Entrust.net Premium 2048 Secure Server CA
 -----BEGIN CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
 RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
@@ -1612,6 +1311,8 @@ u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
 bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
 fF6adulZkMV8gzURZVE=
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority - EC1
 -----BEGIN CERTIFICATE-----
 MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
 A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
@@ -1630,6 +1331,8 @@ BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
 R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
 hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority - G2
 -----BEGIN CERTIFICATE-----
 MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
@@ -1655,6 +1358,8 @@ Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
 nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
 VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g==
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
@@ -1682,6 +1387,42 @@ AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP
 eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
 0vdXcDazv/wor3ElhVsT/h5/WrQ8
 -----END CERTIFICATE-----
+
+# GDCA TrustAUTH R5 ROOT
+-----BEGIN CERTIFICATE-----
+MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w
+HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj
+Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj
+TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u
+KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj
+qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm
+MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12
+ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP
+zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk
+L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC
+jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA
+HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC
+AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg
+p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm
+DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5
+COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry
+L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf
+JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg
+IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io
+2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV
+09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ
+XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq
+T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe
+MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g==
+-----END CERTIFICATE-----
+
+# GeoTrust Global CA
 -----BEGIN CERTIFICATE-----
 MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
 MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
@@ -1702,27 +1443,8 @@ PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
 hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
 5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bA==
------END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G2
 -----BEGIN CERTIFICATE-----
 MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
 MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
@@ -1740,6 +1462,8 @@ CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
 qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
 rD6ogRLQy7rQkgu2npaqBA+K
 -----END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
 mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
@@ -1764,6 +1488,8 @@ AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
 SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
 spki4cErx5z481+oghLrGREt
 -----END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
 MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
@@ -1785,6 +1511,8 @@ oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj
 UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
 AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk=
 -----END CERTIFICATE-----
+
+# GeoTrust Universal CA
 -----BEGIN CERTIFICATE-----
 MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
@@ -1816,6 +1544,8 @@ ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
 DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
 bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
 -----END CERTIFICATE-----
+
+# GeoTrust Universal CA 2
 -----BEGIN CERTIFICATE-----
 MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
@@ -1847,6 +1577,8 @@ OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
 6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
 QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
 -----END CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R4
 -----BEGIN CERTIFICATE-----
 MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
@@ -1860,6 +1592,8 @@ uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
 kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
 ewv4n4Q=
 -----END CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R5
 -----BEGIN CERTIFICATE-----
 MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
@@ -1874,6 +1608,8 @@ KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
 515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
 xwy8p2Fp8fc74SrL+SvzZpA3
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA - R2
 -----BEGIN CERTIFICATE-----
 MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
@@ -1896,6 +1632,8 @@ ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
 AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
 TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA - R3
 -----BEGIN CERTIFICATE-----
 MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
@@ -1917,6 +1655,8 @@ mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
 Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
 WD9f
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA
 -----BEGIN CERTIFICATE-----
 MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
 A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
@@ -1938,6 +1678,8 @@ AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
 DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
 HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
 -----END CERTIFICATE-----
+
+# Global Chambersign Root - 2008
 -----BEGIN CERTIFICATE-----
 MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1979,6 +1721,8 @@ M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
 v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
 09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B
 -----END CERTIFICATE-----
+
+# Go Daddy Class 2 CA
 -----BEGIN CERTIFICATE-----
 MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
 MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
@@ -2003,6 +1747,8 @@ HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
 dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
 ReYNnyicsbkqWletNw+vHX/bvZ8=
 -----END CERTIFICATE-----
+
+# Go Daddy Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
@@ -2026,6 +1772,8 @@ gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo
 LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI
 4uJEvlz36hz1
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions ECC RootCA 2015
 -----BEGIN CERTIFICATE-----
 MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN
 BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
@@ -2043,6 +1791,8 @@ C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep
 lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof
 TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2011
 -----BEGIN CERTIFICATE-----
 MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
 RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
@@ -2068,6 +1818,8 @@ dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
 Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
 l7WdmplNsDz4SgCbZN2fOUvRJ9e4
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2015
 -----BEGIN CERTIFICATE-----
 MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix
 DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k
@@ -2103,6 +1855,8 @@ pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK
 e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0
 vm9qp/UsQu0yrbYhnr68
 -----END CERTIFICATE-----
+
+# Hongkong Post Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx
 FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
@@ -2123,6 +1877,8 @@ EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
 fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
 AmvZWg==
 -----END CERTIFICATE-----
+
+# ISRG Root X1
 -----BEGIN CERTIFICATE-----
 MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
 TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
@@ -2154,6 +1910,8 @@ oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
 mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
 emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
 -----END CERTIFICATE-----
+
+# IdenTrust Commercial Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
@@ -2185,6 +1943,8 @@ l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG
 mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
 7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H
 -----END CERTIFICATE-----
+
+# IdenTrust Public Sector Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
@@ -2216,6 +1976,8 @@ tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA
 GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
 8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c
 -----END CERTIFICATE-----
+
+# Izenpe.com
 -----BEGIN CERTIFICATE-----
 MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4
 MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
@@ -2250,6 +2012,8 @@ QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+
 naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
 QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw==
 -----END CERTIFICATE-----
+
+# LuxTrust Global Root 2
 -----BEGIN CERTIFICATE-----
 MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL
 BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV
@@ -2283,6 +2047,8 @@ LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+
 x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6
 oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr
 -----END CERTIFICATE-----
+
+# Microsec e-Szigno Root CA 2009
 -----BEGIN CERTIFICATE-----
 MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
 VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
@@ -2307,6 +2073,8 @@ tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
 2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
 HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
 -----END CERTIFICATE-----
+
+# NetLock Arany (Class Gold) Főtanúsítvány
 -----BEGIN CERTIFICATE-----
 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
 EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
@@ -2331,6 +2099,8 @@ bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
 uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
 XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
 -----END CERTIFICATE-----
+
+# Network Solutions Certificate Authority
 -----BEGIN CERTIFICATE-----
 MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
 MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
@@ -2354,6 +2124,8 @@ h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH
 wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
 pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
 -----END CERTIFICATE-----
+
+# OISTE WISeKey Global Root GA CA
 -----BEGIN CERTIFICATE-----
 MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB
 ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly
@@ -2378,6 +2150,8 @@ hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi
 Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
 /L7fCg0=
 -----END CERTIFICATE-----
+
+# OISTE WISeKey Global Root GB CA
 -----BEGIN CERTIFICATE-----
 MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
 MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
@@ -2400,6 +2174,8 @@ ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
 aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
 Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G1
 -----BEGIN CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -2432,6 +2208,8 @@ Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ
 AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj
 1oxx
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G2
 -----BEGIN CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -2464,6 +2242,8 @@ iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f
 WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM
 S1IK
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G3
 -----BEGIN CERTIFICATE-----
 MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx
 CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U
@@ -2478,59 +2258,8 @@ BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q
 j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx
 4nxp5V2a+EEfOzmTk51V6s2N8fvB
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
-YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
-dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
-aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
-IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
-KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
-MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
-b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
-KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
-A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
-aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
-7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
-BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
-ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
-JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
-PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
-0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
-6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
-v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
-K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
-bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
-MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
-MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
-gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
-b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
-bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
-cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
-ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
-ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
-hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
-AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
-MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
-RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
-UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
-cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
-AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
-AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
-1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
-3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
-Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
-HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
-pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
-sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
-qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
-mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
-opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
-YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
------END CERTIFICATE-----
+
+# QuoVadis Root CA 1 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2562,6 +2291,8 @@ ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
 q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
 nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA
 -----BEGIN CERTIFICATE-----
 MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
 TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
@@ -2596,6 +2327,8 @@ mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
 xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
 SnQ2+Q==
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -2629,6 +2362,8 @@ ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
 4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
 8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 2 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2660,6 +2395,8 @@ KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM
 HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4
 WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 3
 -----BEGIN CERTIFICATE-----
 MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -2698,6 +2435,8 @@ Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
 mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
 4SVhM7JZG+Ju1zdXtg2pEto=
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 3 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2729,6 +2468,116 @@ DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
 PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
 ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0
 -----END CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority ECC
+-----BEGIN CERTIFICATE-----
+MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx
+NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv
+bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA
+VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku
+WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX
+5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ
+ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg
+h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg==
+-----END CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority RSA R2
+-----BEGIN CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy
+MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD
+DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4
+9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW
+s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5
+Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg
+cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM
+79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz
+/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt
+ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm
+Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK
+QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ
+w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi
+S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07
+mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w==
+-----END CERTIFICATE-----
+
+# SSL.com Root Certification Authority ECC
+-----BEGIN CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz
+WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0
+b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI
+7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg
+CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud
+EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD
+VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T
+kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+
+gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl
+-----END CERTIFICATE-----
+
+# SSL.com Root Certification Authority RSA
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz
+OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R
+xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX
+qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC
+C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3
+6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh
+/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF
+YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E
+JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc
+US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8
+ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm
++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi
+M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV
+cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc
+Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs
+PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/
+q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0
+cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr
+a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I
+H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y
+K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu
+nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf
+oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY
+Ic2wBlX7Jz9TkHCpBB5XJ7k=
+-----END CERTIFICATE-----
+
+# SZAFIR ROOT CA2
 -----BEGIN CERTIFICATE-----
 MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL
 BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6
@@ -2750,6 +2599,8 @@ oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy
 d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg
 LvWpCz/UXeHPhJ/iGcJfitYgHuNztw==
 -----END CERTIFICATE-----
+
+# SecureSign RootCA11
 -----BEGIN CERTIFICATE-----
 MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr
 MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG
@@ -2771,6 +2622,8 @@ QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5
 pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN
 QSdJQO7e5iNEOdyhIta6A/I=
 -----END CERTIFICATE-----
+
+# SecureTrust CA
 -----BEGIN CERTIFICATE-----
 MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -2793,6 +2646,8 @@ D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
 CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
 3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE=
 -----END CERTIFICATE-----
+
+# Secure Global CA
 -----BEGIN CERTIFICATE-----
 MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -2815,27 +2670,8 @@ I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
 iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
 f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDEl
-MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMh
-U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIz
-MloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09N
-IFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNlY3VyaXR5IENvbW11
-bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSE
-RMqm4miO/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gO
-zXppFodEtZDkBp2uoQSXWHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5
-bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4zZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDF
-MxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4bepJz11sS6/vmsJWXMY1
-VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK9U2vP9eC
-OKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HW
-tWS3irO4G8za+6xmiEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZ
-q51ihPZRwSzJIxXYKLerJRO1RuGGAv8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDb
-EJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnWmHyojf6GPgcWkuF75x3sM3Z+
-Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEWT1MKZPlO9L9O
-VL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490
------END CERTIFICATE-----
+
+# Security Communication RootCA2
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
 MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
@@ -2857,6 +2693,8 @@ t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
 1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
 SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03
 -----END CERTIFICATE-----
+
+# Security Communication Root CA
 -----BEGIN CERTIFICATE-----
 MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
 MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
@@ -2877,6 +2715,8 @@ Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
 JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
 RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
 -----END CERTIFICATE-----
+
+# Sonera Class 2 Root CA
 -----BEGIN CERTIFICATE-----
 MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
 MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
@@ -2896,6 +2736,8 @@ FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
 Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
 ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden EV Root CA
 -----BEGIN CERTIFICATE-----
 MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh
@@ -2928,6 +2770,8 @@ eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8
 FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
 7uzXLg==
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -2961,6 +2805,8 @@ N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
 Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
 ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ==
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G3
 -----BEGIN CERTIFICATE-----
 MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -2993,6 +2839,8 @@ fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq
 QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
 94B7IWcnMFk=
 -----END CERTIFICATE-----
+
+# Starfield Class 2 CA
 -----BEGIN CERTIFICATE-----
 MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
 MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
@@ -3017,6 +2865,8 @@ xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
 VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
 WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
 -----END CERTIFICATE-----
+
+# Starfield Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3040,6 +2890,8 @@ sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3
 pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1
 mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0
 -----END CERTIFICATE-----
+
+# Starfield Services Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3064,124 +2916,8 @@ iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn
 0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN
 sSi6
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
-F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
-ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
-ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
-aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
-YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
-c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
-d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
-CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
-dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
-wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
-Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
-0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
-pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
-CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
-P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
-1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
-KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
-8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
-fyWl8kgAwKQB2j8=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
-OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
-A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
-JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
-vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
-D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
-Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
-RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
-HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
-nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
-0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
-UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
-Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
-TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
-BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
-UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
-6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
-9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
-HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
-wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
-XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
-IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
-hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
-so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddI
------END CERTIFICATE-----
+
+# SwissSign Gold CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
@@ -3215,6 +2951,8 @@ Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
 ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
 Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
 -----END CERTIFICATE-----
+
+# SwissSign Silver CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
@@ -3248,108 +2986,8 @@ OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
 hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
 tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr
-jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r
-0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f
-2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP
-ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF
-y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA
-tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL
-6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0
-uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL
-acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh
-k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q
-VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O
-BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh
-b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R
-fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv
-/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI
-REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx
-srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv
-aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT
-woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n
-Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W
-t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
-8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2
-9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
-wSsSnqaeG8XmDtkx2Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
-ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
-dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
-IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
-VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
-dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
-MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
-UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
-1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
-oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
-HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
-5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
-idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
-OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
-NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
-46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
-UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
-7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
-A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
-MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
-bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
-XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
-PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
-Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
-WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
-Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
-7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
-nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
-vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
-WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
-fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
-I+2ksx0WckNLIOFZfsLorSa/ovc=
------END CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 2
 -----BEGIN CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -3373,6 +3011,8 @@ g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
 9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP
 BSeOE6Fuwg==
 -----END CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 3
 -----BEGIN CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -3396,6 +3036,8 @@ WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ
 e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p
 TpPDpFQUWw==
 -----END CERTIFICATE-----
+
+# TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
 -----BEGIN CERTIFICATE-----
 MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx
 GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp
@@ -3422,31 +3064,8 @@ lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c
 8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf
 lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
-S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
-SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
-OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
-b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
-VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
-sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
-ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
-KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
-+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
-HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
-IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
-733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
-Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
-AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
-aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
-mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
-XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
-qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9
------END CERTIFICATE-----
+
+# TWCA Global Root CA
 -----BEGIN CERTIFICATE-----
 MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
 EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
@@ -3478,6 +3097,8 @@ wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
 aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
 KwbQBM0=
 -----END CERTIFICATE-----
+
+# TWCA Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
 MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
@@ -3499,6 +3120,8 @@ lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
 aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
 YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw==
 -----END CERTIFICATE-----
+
+# Taiwan GRCA
 -----BEGIN CERTIFICATE-----
 MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
 MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
@@ -3531,6 +3154,8 @@ ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
 LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
 pYYsfPQS
 -----END CERTIFICATE-----
+
+# TeliaSonera Root CA v1
 -----BEGIN CERTIFICATE-----
 MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw
 NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
@@ -3561,6 +3186,100 @@ t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn
 HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx
 SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY=
 -----END CERTIFICATE-----
+
+# TrustCor ECA-1
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig
+RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb
+3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA
+BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5
+3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou
+owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/
+wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF
+ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf
+BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv
+civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2
+AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50
+soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI
+WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi
+tJ/X5g==
+-----END CERTIFICATE-----
+
+# TrustCor RootCert CA-1
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB
+pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h
+IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG
+A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU
+cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid
+RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V
+seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme
+9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV
+EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW
+hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I
+/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ
+yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts
+L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN
+zl/HHk484IkzlQsPpTLWPFp5LBk=
+-----END CERTIFICATE-----
+
+# TrustCor RootCert CA-2
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg
+Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD
+VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+
+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq
+1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp
+2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK
+DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape
+az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF
+3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88
+oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM
+g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3
+mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd
+BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U
+nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
+dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+
+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL
+/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX
+CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa
+ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW
+2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7
+N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3
+Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB
+As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp
+5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu
+1uwJ
+-----END CERTIFICATE-----
+
+# Trustis FPS Root CA
 -----BEGIN CERTIFICATE-----
 MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
 MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
@@ -3582,36 +3301,8 @@ f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F
 jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
 ZetX2fNXlrtIzYE=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
-MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
-bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
-VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
-YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
-dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
-ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
-Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
-GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
-aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
-QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
-xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
-aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
-IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
-gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
-O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
-fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
-lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
-hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
-AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
-NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
-wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
-7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
-gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
-oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
-yZyQ2uypQjyttgI=
------END CERTIFICATE-----
+
+# TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
 -----BEGIN CERTIFICATE-----
 MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE
 BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn
@@ -3637,6 +3328,8 @@ peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF
 Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
 +qtB4Uu2NQvAmxU=
 -----END CERTIFICATE-----
+
+# USERTrust ECC Certification Authority
 -----BEGIN CERTIFICATE-----
 MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
 MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
@@ -3653,6 +3346,8 @@ VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
 zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
 RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg=
 -----END CERTIFICATE-----
+
+# USERTrust RSA Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
@@ -3687,32 +3382,8 @@ VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
 L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
 jjxDah2nGN59PRbxYvnKkKj9
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
-A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
-MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
-d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
-cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
-0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
-M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
-MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
-oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
-DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
-oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
-dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
-bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
-BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
-CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
-CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
-3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
-KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
------END CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G4
 -----BEGIN CERTIFICATE-----
 MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
 MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
@@ -3734,6 +3405,8 @@ kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
 4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
 FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
 -----END CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G5
 -----BEGIN CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
 yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -3762,6 +3435,8 @@ WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
 hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
 -----END CERTIFICATE-----
+
+# VeriSign Universal Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
 vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -3790,6 +3465,8 @@ BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
 lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
 7M2CYfE45k+XmCpajQ==
 -----END CERTIFICATE-----
+
+# Verisign Class 3 Public Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -3814,6 +3491,8 @@ DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
 F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
 TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
 -----END CERTIFICATE-----
+
+# Visa eCommerce Root
 -----BEGIN CERTIFICATE-----
 MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
 MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
@@ -3836,69 +3515,8 @@ LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
 ++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
 398znM/jra6O1I7mT1GvFpLgXPYHDw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
-BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
-MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
-b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
-rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
-fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
-f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
-ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
-x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
-aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
-zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
-uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
-mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
-Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
-HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
-EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
-MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
-JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
-g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
-dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
-R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
-PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
-xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
-J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
-OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
-ee5Ehr7XHuQe+w==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
-BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
-MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
-ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
-D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
-9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
-v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
-UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
-NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
-+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
-qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
-yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
-AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
-J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
-WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
-/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
-jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
-ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
-X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
-FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
-u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
-O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
-ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
-2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ==
------END CERTIFICATE-----
+
+# XRamp Global CA Root
 -----BEGIN CERTIFICATE-----
 MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
 gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
@@ -3924,6 +3542,8 @@ IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
 i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
 O+7ETPTsJ3xCwnR8gooJybQDJbw=
 -----END CERTIFICATE-----
+
+# certSIGN ROOT CA
 -----BEGIN CERTIFICATE-----
 MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
 AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
@@ -3944,6 +3564,8 @@ Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
 i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
 9u6wWk5JRFRYX0KD
 -----END CERTIFICATE-----
+
+# ePKI Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
 MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
@@ -3977,6 +3599,8 @@ Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE
 W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
 hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA - G2
 -----BEGIN CERTIFICATE-----
 MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL
 MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp
@@ -3993,6 +3617,8 @@ DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3
 KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox
 XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg==
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA - G3
 -----BEGIN CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
 rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
@@ -4018,6 +3644,8 @@ KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
 m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
 MdRAGmI0Nj81Aa6sY6A=
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA
 -----BEGIN CERTIFICATE-----
 MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
 qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
diff --git a/msys2/etc/post-install/05-home-dir.post b/msys2/etc/post-install/05-home-dir.post
index 5d0bcab3a..1ea964781 100644
--- a/msys2/etc/post-install/05-home-dir.post
+++ b/msys2/etc/post-install/05-home-dir.post
@@ -253,6 +253,7 @@ maybe_create_home ()
   # 
   # Make sure we start in home if invoked without -here option and not in a nested shell
   if [ ! -z "${CHERE_INVOKING}" ]; then
+    CHERE_INVOKING_VISIBLE_FOR_USER=CHERE_INVOKING
     unset CHERE_INVOKING
   elif [ ${SHLVL:-0} -le 1 ]; then
     cd "${HOME}" || echo "WARNING: Failed attempt to cd into ${HOME}!"
diff --git a/msys2/etc/post-install/09-proxspace.post b/msys2/etc/post-install/09-proxspace.post
index 4e9876b95..976dc48df 100644
--- a/msys2/etc/post-install/09-proxspace.post
+++ b/msys2/etc/post-install/09-proxspace.post
@@ -2,7 +2,6 @@ check_install () {
 	pacman -Q $1 > /dev/null
 	if [ $? == 1 ]; then
 		pacman --noconfirm --force -S $1
-		pacman --noconfirm --force -Scc
 	fi
 }
 
@@ -10,16 +9,17 @@ check_install_web () {
 	pacman -Q $1 | grep $2 > /dev/null
 	if [ $? == 1 ]; then
 		pacman --noconfirm --force -U $3
-		pacman --noconfirm --force -Scc
 	fi
 }
 
-clean_qt5_86 () { 
+clean_86 () { 
 	rm -rf /mingw32/share/qt5/examples
+	pacman --noconfirm --force -Scc
 }
 
-clean_qt5_64 () { 
+clean_64 () { 
 	rm -rf /mingw64/share/qt5/examples
+	pacman --noconfirm --force -Scc
 }
 
 
@@ -27,25 +27,30 @@ clean_qt5_64 () {
 setup_proxspace ()
 { 
   if [ "$MSYSTEM" == "MINGW64" ]; then
-	check_install_web mingw-w64-x86_64-gcc-libs 8.2.0-3 http://repo.msys2.org/mingw/x86_64/mingw-w64-x86_64-gcc-libs-8.2.0-3-any.pkg.tar.xz
-	check_install_web mingw-w64-x86_64-gcc 8.2.0-3 http://repo.msys2.org/mingw/x86_64/mingw-w64-x86_64-gcc-8.2.0-3-any.pkg.tar.xz
-	check_install_web mingw-w64-x86_64-readline 6.3 http://repo.msys2.org/mingw/x86_64/mingw-w64-x86_64-readline-6.3.008-1-any.pkg.tar.xz
+	check_install mingw-w64-x86_64-gcc
+	check_install mingw-w64-x86_64-readline
 	check_install git
 	check_install make
 	check_install pkg-config
 	check_install mingw-w64-x86_64-qt5
-	clean_qt5_64
+	clean_64
   fi
   
   if [ "$MSYSTEM" == "MINGW32" ]; then
-	check_install_web mingw-w64-i686-readline 6.3 http://repo.msys2.org/mingw/i686/mingw-w64-i686-readline-6.3.008-1-any.pkg.tar.xz
+	check_install mingw-w64-i686-readline
 	check_install mingw-w64-i686-gcc
 	check_install git
 	check_install make
 	check_install pkg-config
 	check_install mingw-w64-i686-qt5
-	clean_qt5_86	
+	clean_86	
   fi
 }
 
-setup_proxspace
\ No newline at end of file
+export LANG=en_US.UTF-8
+	
+if [ "$MAYBE_FIRST_START" = "false" ]; then
+	yes | pacman -Syuu
+	setup_proxspace
+fi
+
diff --git a/msys2/etc/wgetrc b/msys2/etc/wgetrc
index cb5f00285..d339e2b34 100644
--- a/msys2/etc/wgetrc
+++ b/msys2/etc/wgetrc
@@ -10,7 +10,7 @@
 ## Or online here:
 ##   https://www.gnu.org/software/wget/manual/wget.html#Startup-File
 ##
-## Wget initialization file can reside in /etc/wgetrc
+## Wget initialization file can reside in /usr/local/etc/wgetrc
 ## (global, for all users) or $HOME/.wgetrc (for a single user).
 ##
 ## To use the settings in this file, you will have to uncomment them,
@@ -22,7 +22,7 @@
 
 
 ##
-## Global settings (useful for setting up in /etc/wgetrc).
+## Global settings (useful for setting up in /usr/local/etc/wgetrc).
 ## Think well before you change them, since they may reduce wget's
 ## functionality, and make it behave contrary to the documentation:
 ##
diff --git a/msys2/mingw32/etc/config.site b/msys2/mingw32/etc/config.site
index a31ef0828..0df27312e 100644
--- a/msys2/mingw32/etc/config.site
+++ b/msys2/mingw32/etc/config.site
@@ -10,12 +10,12 @@ test -n "${BASH_SOURCE}" 2>/dev/null && config_site_me="${BASH_SOURCE[0]##*/}" |
 # Set default 'host' to speedup configure
 if test -z "$build_alias"; then
   build_alias="${MSYSTEM_CHOST-i686-w64-mingw32}"  && \
-    $as_echo "$config_site_me:${as_lineno-$LINENO}: default build_alias set to $build_alias" >&5 
+    ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default build_alias set to $build_alias" >&5
 fi
 
 # Set default 'prefix' to "/mingw32"
 if ( test -z "$prefix" || test "x$prefix" = "xNONE" ) && \
    ( test -z "$exec_prefix" || test "x$exec_prefix" = "xNONE" ); then
   prefix="${MSYSTEM_PREFIX-/mingw32}" && \
-    $as_echo "$config_site_me:${as_lineno-$LINENO}: default prefix set to $prefix" >&5
+    ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default prefix set to $prefix" >&5
 fi
diff --git a/msys2/mingw64/etc/config.site b/msys2/mingw64/etc/config.site
index 3c217dd44..47193a7e0 100644
--- a/msys2/mingw64/etc/config.site
+++ b/msys2/mingw64/etc/config.site
@@ -10,12 +10,12 @@ test -n "${BASH_SOURCE}" 2>/dev/null && config_site_me="${BASH_SOURCE[0]##*/}" |
 # Set default 'host' to speedup configure
 if test -z "$build_alias"; then
   build_alias="${MSYSTEM_CHOST-x86_64-w64-mingw32}" && \
-    $as_echo "$config_site_me:${as_lineno-$LINENO}: default build_alias set to $build_alias" >&5 
+    ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default build_alias set to $build_alias" >&5
 fi
 
 # Set default 'prefix' to "/mingw64"
 if ( test -z "$prefix" || test "x$prefix" = "xNONE" ) && \
    ( test -z "$exec_prefix" || test "x$exec_prefix" = "xNONE" ); then
   prefix="${MSYSTEM_PREFIX-/mingw64}" && \
-    $as_echo "$config_site_me:${as_lineno-$LINENO}: default prefix set to $prefix" >&5
+    ${as_echo-echo} "$config_site_me:${as_lineno-$LINENO}: default prefix set to $prefix" >&5
 fi
diff --git a/msys2/msys2_shell.cmd b/msys2/msys2_shell.cmd
index 067a28fff..d269ccfc2 100644
--- a/msys2/msys2_shell.cmd
+++ b/msys2/msys2_shell.cmd
@@ -14,9 +14,8 @@ rem set MSYS=error_start:%WD%../../mingw64/bin/qtcreator.exe^|-debug^|^<process-
 rem To export full current PATH from environment into MSYS2 use '-use-full-path' parameter
 rem or uncomment next line
 rem set MSYS2_PATH_TYPE=inherit
-
-
 SET PATH=%WD%;%PATH%
+%~dp0\usr\bin\dash /usr/bin/rebaseall -p 2> nul
 rem /tmp is required for bash to work
 mkdir %WD%..\..\tmp 2> nul
 del %WD%..\..\etc\passwd 2> nul
@@ -77,6 +76,11 @@ if "x%~1" == "x-shell" (
   set LOGINSHELL="%~2"
 )& shift& shift& goto :checkparams
 
+rem Collect remaining command line arguments to be passed to shell
+set SHELL_ARGS=
+:collectparams
+if not "x%~1" == "x" set SHELL_ARGS=%SHELL_ARGS% %1& shift& goto :collectparams
+
 rem Setup proper title
 if "%MSYSTEM%" == "MINGW32" (
   set "CONTITLE=MinGW x32"
@@ -94,9 +98,9 @@ if NOT EXIST "%WD%mintty.exe" goto startsh
 set MSYSCON=mintty.exe
 :startmintty
 if not defined MSYS2_NOSTART (
-  start "%CONTITLE%" "%WD%mintty" -i /msys2.ico -t "%CONTITLE%" "/usr/bin/%LOGINSHELL%" --login %1 %2 %3 %4 %5 %6 %7 %8 %9
+  start "%CONTITLE%" "%WD%mintty" -i /msys2.ico -t "%CONTITLE%" "/usr/bin/%LOGINSHELL%" --login %SHELL_ARGS%
 ) else (
-  "%WD%mintty" -i /msys2.ico -t "%CONTITLE%" "/usr/bin/%LOGINSHELL%" --login %1 %2 %3 %4 %5 %6 %7 %8 %9
+  "%WD%mintty" -i /msys2.ico -t "%CONTITLE%" "/usr/bin/%LOGINSHELL%" --login %SHELL_ARGS%
 )
 exit /b %ERRORLEVEL%
 
@@ -106,18 +110,18 @@ call :conemudetect || (
   exit /b 1
 )
 if not defined MSYS2_NOSTART (
-  start "%CONTITLE%" "%ComEmuCommand%" /Here /Icon "%WD%..\..\msys2.ico" /cmd "%WD%\%LOGINSHELL%" --login %1 %2 %3 %4 %5 %6 %7 %8 %9
+  start "%CONTITLE%" "%ComEmuCommand%" /Here /Icon "%WD%..\..\msys2.ico" /cmd "%WD%\%LOGINSHELL%" --login %SHELL_ARGS%
 ) else (
-  "%ComEmuCommand%" /Here /Icon "%WD%..\..\msys2.ico" /cmd "%WD%\%LOGINSHELL%" --login %1 %2 %3 %4 %5 %6 %7 %8 %9
+  "%ComEmuCommand%" /Here /Icon "%WD%..\..\msys2.ico" /cmd "%WD%\%LOGINSHELL%" --login %SHELL_ARGS%
 )
 exit /b %ERRORLEVEL%
 
 :startsh
 set MSYSCON=
 if not defined MSYS2_NOSTART (
-  start "%CONTITLE%" "%WD%\%LOGINSHELL%" --login %1 %2 %3 %4 %5 %6 %7 %8 %9
+  start "%CONTITLE%" "%WD%\%LOGINSHELL%" --login %SHELL_ARGS%
 ) else (
-  "%WD%\%LOGINSHELL%" --login %1 %2 %3 %4 %5 %6 %7 %8 %9
+  "%WD%\%LOGINSHELL%" --login %SHELL_ARGS%
 )
 exit /b %ERRORLEVEL%
 
diff --git a/msys2/usr/bin/[.exe b/msys2/usr/bin/[.exe
index ce5ff2d56..443da8032 100644
Binary files a/msys2/usr/bin/[.exe and b/msys2/usr/bin/[.exe differ
diff --git a/msys2/usr/bin/addgnupghome b/msys2/usr/bin/addgnupghome
new file mode 100644
index 000000000..718b2226c
--- /dev/null
+++ b/msys2/usr/bin/addgnupghome
@@ -0,0 +1,122 @@
+#!/bin/sh
+# Add a new .gnupg home directory for a list of users         -*- sh -*-
+#
+# Copyright 2004 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+PGM=addgnupghome
+any_error=0
+
+
+error () {
+  echo "$PGM: $*" >&2
+  any_error=1
+}
+
+info () {
+  echo "$PGM: $*" >&2
+}
+
+# Do it for one user
+one_user () {
+    user="$1"
+    home=$(${cat_passwd} | awk -F: -v n="$user" '$1 == n {print $6}')
+    if [ -z "$home" ]; then
+        if ${cat_passwd} | awk -F: -v n="$user" '$1 == n {exit 1}'; then
+            error "no such user \`$user'"
+        else
+            error "no home directory for user \`$user'"
+        fi
+        return
+    fi
+    if [ ! -d "$home" ]; then
+        error "home directory \`$home' of user \`$user' does not exist"
+        return
+    fi
+    if [ -d "$home/.gnupg" ]; then
+        info "skipping user \`$user': \`.gnupg' already exists"
+        return
+    fi
+    info "creating home directory \`$home/.gnupg' for \`$user'"
+    if ! mkdir "$home/.gnupg" ; then
+        error "error creating \`$home/.gnupg'"
+        return
+    fi
+
+    if ! chown $user "$home/.gnupg" ; then
+        error "error changing ownership of \`$home/.gnupg'"
+        return
+    fi
+
+    group=$(id -g "$user")
+    [ -z "$group" ] && group="0"
+
+    if [ "$group" -gt 0 ]; then
+        if ! chgrp $group "$home/.gnupg" ; then
+            error "error changing group of \`$home/.gnupg'"
+            return
+        fi
+    fi
+
+    if ! cd "$home/.gnupg" ; then
+        error "error cd-ing to \`$home/.gnupg'"
+        return
+    fi
+    for f in $filelist; do
+        if [ -d /etc/skel/.gnupg/$f ]; then
+            mkdir $f
+        else
+            cp /etc/skel/.gnupg/$f $f
+        fi
+        if ! chown $user $f ; then
+            error "error changing ownership of \`$f'"
+            return
+        fi
+        if [ "$group" -gt 0 ]; then
+            if ! chgrp $group "$f" ; then
+                error "error changing group of \`$f'"
+                return
+            fi
+        fi
+    done
+
+}
+
+if [ -z "$1" ]; then
+    echo "usage: $PGM userids"
+    exit 1
+fi
+
+# Check whether we can use getent
+if getent --help </dev/null >/dev/null 2>&1 ; then
+    cat_passwd='getent passwd'
+else
+    cat_passwd='cat /etc/passwd'
+    info "please note that only users from /etc/passwd are checked"
+fi
+
+if [ ! -d /etc/skel/.gnupg ]; then
+    error "skeleton directory \`/etc/skel/.gnupg' does not exist"
+    exit 1
+fi
+cd "/etc/skel/.gnupg" || (error "error cd-ing to \`/etc/skel/.gnupg'"; exit 1)
+filelist=$(find . \( -type f -o -type d \) '!' -name '*~' '!' -name . -print)
+
+
+if ! umask 0077 ; then
+    error "error setting umask"
+    exit 1
+fi
+
+for name in $*; do
+    one_user $name
+done
+
+exit $any_error
diff --git a/msys2/usr/bin/agetty.exe b/msys2/usr/bin/agetty.exe
index 94c3173b1..6c2987297 100644
Binary files a/msys2/usr/bin/agetty.exe and b/msys2/usr/bin/agetty.exe differ
diff --git a/msys2/usr/bin/applygnupgdefaults b/msys2/usr/bin/applygnupgdefaults
new file mode 100644
index 000000000..316509faf
--- /dev/null
+++ b/msys2/usr/bin/applygnupgdefaults
@@ -0,0 +1,81 @@
+#!/bin/sh
+# Apply defaults from /etc/gnupg/gpgconf.conf to all users       -*- sh -*-
+#
+# Copyright 2007 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+PGM=applygnupgdefaults
+errorfile=
+
+error () {
+  echo "$PGM: $*" >&2
+  [ -n "$errorfile" ] && echo "$PGM: $*" >>$errorfile
+}
+
+info () {
+  echo "$PGM: $*" >&2
+}
+
+if [ -n "$1" ]; then
+    echo "usage: $PGM" >&2
+    exit 1
+fi
+
+# Cleanup on exit
+cleanup ()
+{
+    [ -n "$errorfile" -a -f "$errorfile" ] && rm "$errorfile"
+}
+trap cleanup EXIT SIGINT SIGHUP SIGPIPE
+errorfile=$(mktemp "/tmp/$PGM.log.XXXXXX")
+[ -n "$errorfile" -a -f "$errorfile" ] || exit 2
+
+# Check whether we can use getent
+if getent --help </dev/null >/dev/null 2>&1 ; then
+    cat_passwd='getent passwd'
+else
+    cat_passwd='cat /etc/passwd'
+    info "please note that only users from /etc/passwd are processed"
+fi
+
+if [ ! -f /etc/gnupg/gpgconf.conf ]; then
+    error "global configuration file \`/etc/gnupg/gpgconf.conf' does not exist"
+    exit 1
+fi
+if [ ! -f /etc/shells ]; then
+    error "missing file \`/etc/shells'"
+    exit 1
+fi
+
+if [ $(id -u) -ne 0 ]; then
+    error "needs to be run as root"
+    exit 1
+fi
+
+${cat_passwd} \
+  | while IFS=: read -r user dmy_a uid dmy_c dmy_d home shell dmy_rest; do
+    # Process only entries with a valid login shell
+    grep </etc/shells "^$shell" 2>/dev/null >/dev/null || continue
+    # and with an pre-existing gnupg home directory
+    [ -d "$home/.gnupg" ] || continue
+    # but not root
+    [ "${uid:-0}" -eq 0 ] && continue
+    info "running \"gpgconf --apply-defaults\" for $user"
+    if su -l -s /bin/sh \
+       -c 'gpgconf --apply-defaults && echo SUCCESS' $user \
+       | tail -1 | grep ^SUCCESS >/dev/null ; then
+      :
+    else
+      error "failed to update gnupg defaults for $user"
+    fi
+done
+
+[ "$(wc -c <$errorfile)" -gt 0 ] && exit 1
+exit 0
diff --git a/msys2/usr/bin/arch.exe b/msys2/usr/bin/arch.exe
index 08cc591f5..bafa3c852 100644
Binary files a/msys2/usr/bin/arch.exe and b/msys2/usr/bin/arch.exe differ
diff --git a/msys2/usr/bin/ash.exe b/msys2/usr/bin/ash.exe
index 0438a0a55..65791ce2c 100644
Binary files a/msys2/usr/bin/ash.exe and b/msys2/usr/bin/ash.exe differ
diff --git a/msys2/usr/bin/awk.exe b/msys2/usr/bin/awk.exe
index 5c904f04b..145b46af9 100644
Binary files a/msys2/usr/bin/awk.exe and b/msys2/usr/bin/awk.exe differ
diff --git a/msys2/usr/bin/b2sum.exe b/msys2/usr/bin/b2sum.exe
index b9c2b241d..caf82f109 100644
Binary files a/msys2/usr/bin/b2sum.exe and b/msys2/usr/bin/b2sum.exe differ
diff --git a/msys2/usr/bin/bacman b/msys2/usr/bin/bacman
deleted file mode 100644
index 6e0cf4cd5..000000000
--- a/msys2/usr/bin/bacman
+++ /dev/null
@@ -1,393 +0,0 @@
-#!/usr/bin/bash
-#
-#   bacman: recreate a package from a running system
-#   This script rebuilds an already installed package using metadata
-#   stored into the pacman database and system files
-#
-#   Copyright (c) 2008 locci <carlocci_at_gmail_dot_com>
-#   Copyright (c) 2008-2016 Pacman Development Team <pacman-dev@archlinux.org>
-#
-#   This program is free software; you can redistribute it and/or modify
-#   it under the terms of the GNU General Public License as published by
-#   the Free Software Foundation; either version 2 of the License, or
-#   (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be useful,
-#   but WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#   GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-shopt -s extglob
-shopt -s nullglob
-
-declare -r myname='bacman'
-declare -r myver='5.0.1'
-USE_COLOR='y'
-INCLUDE_PACNEW='n'
-# Required for fakeroot because options are shifted off the array.
-ARGS=("$@")
-
-plain() {
-	(( QUIET )) && return
-	local mesg=$1; shift
-	printf "${BOLD}    ${mesg}${ALL_OFF}\n" "$@" >&1
-}
-
-msg() {
-	(( QUIET )) && return
-	local mesg=$1; shift
-	printf "${GREEN}==>${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&1
-}
-
-msg2() {
-	(( QUIET )) && return
-	local mesg=$1; shift
-	printf "${BLUE}  ->${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&1
-}
-
-ask() {
-	local mesg=$1; shift
-	printf "${BLUE}::${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}" "$@" >&1
-}
-
-warning() {
-	local mesg=$1; shift
-	printf "${YELLOW}==> $(gettext "WARNING:")${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
-}
-
-error() {
-	local mesg=$1; shift
-	printf "${RED}==> $(gettext "ERROR:")${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
-}
-
-
-#
-# User Friendliness
-#
-usage() {
-	echo "${myname} (pacman) v${myver}"
-	echo
-	echo "Recreate a package using pacman's database and system files"
-	echo
-	echo "Usage: ${myname} [--nocolor] [--pacnew] <installed package name>"
-	echo
-	echo "Example: ${myname} linux-headers"
-}
-
-version() {
-	printf "%s %s\n" "$myname" "$myver"
-	echo 'Copyright (C) 2008 locci <carlocci_at_gmail_dot_com>'
-	echo 'Copyright (C) 2008-2016 Pacman Development Team <pacman-dev@archlinux.org>'
-}
-
-while [[ ! -z $1 ]]; do
-	if [[ $1 == "--nocolor" ]]; then
-		USE_COLOR='n'
-		shift
-	elif [[ $1 == "--pacnew" ]]; then
-		INCLUDE_PACNEW='y'
-		shift
-	else
-		break
-	fi
-done
-
-# check if messages are to be printed using color
-unset ALL_OFF BOLD BLUE GREEN RED YELLOW
-if [[ -t 2 && ! $USE_COLOR = "n" ]]; then
-	# prefer terminal safe colored and bold text when tput is supported
-	if tput setaf 0 &>/dev/null; then
-		ALL_OFF="$(tput sgr0)"
-		BOLD="$(tput bold)"
-		BLUE="${BOLD}$(tput setaf 4)"
-		GREEN="${BOLD}$(tput setaf 2)"
-		RED="${BOLD}$(tput setaf 1)"
-		YELLOW="${BOLD}$(tput setaf 3)"
-	else
-		ALL_OFF="\e[1;0m"
-		BOLD="\e[1;1m"
-		BLUE="${BOLD}\e[1;34m"
-		GREEN="${BOLD}\e[1;32m"
-		RED="${BOLD}\e[1;31m"
-		YELLOW="${BOLD}\e[1;33m"
-	fi
-fi
-readonly ALL_OFF BOLD BLUE GREEN RED YELLOW
-
-
-if (( $# != 1 )); then
-	usage
-	exit 1
-fi
-
-if [[ $1 = -@(h|-help) ]]; then
-	usage
-	exit 0
-elif [[ $1 = -@(V|-version) ]]; then
-	version
-	exit 0
-fi
-
-#
-# Setting environmental variables
-#
-if [[ ! -r /etc/pacman.conf ]]; then
-	error "unable to read /etc/pacman.conf"
-	exit 1
-fi
-
-eval $(awk '/DBPath/ {print $1$2$3}' /etc/pacman.conf)
-pac_db="${DBPath:-/var/lib/pacman/}/local"
-
-if [[ ! -r /etc/makepkg.conf ]]; then
-	error "unable to read /etc/makepkg.conf"
-	exit 1
-fi
-
-source "/etc/makepkg.conf"
-if [[ -r ~/.makepkg.conf ]]; then
-	source ~/.makepkg.conf
-fi
-
-pkg_dest="${PKGDEST:-$PWD}"
-pkg_pkger=${PACKAGER:-'Unknown Packager'}
-
-pkg_name="$1"
-pkg_dir=("$pac_db/$pkg_name"-+([^-])-+([^-]))
-pkg_namver=("${pkg_dir[@]##*/}")
-
-#
-# Checks everything is in place
-#
-if [[ ! -d $pac_db ]]; then
-	error "pacman database directory ${pac_db} not found"
-	exit 1
-fi
-
-if (( ${#pkg_dir[@]} != 1 )); then
-	error "%d entries for package %s found in pacman database" \
-		${#pkg_dir[@]} "${pkg_name}"
-	msg2 "%s" "${pkg_dir[@]}"
-	exit 1
-fi
-
-if [[ ! -d $pkg_dir ]]; then
-	error "package %s is found in pacman database," "${pkg_name}"
-	plain "       but '%s' is not a directory" "${pkg_dir}"
-	exit 1
-fi
-
-#
-# Begin
-#
-msg "Package: ${pkg_namver}"
-work_dir=$(mktemp -d "${TMPDIR:-/tmp}/bacman.XXXXXXXXXX")
-cd "$work_dir" || exit 1
-
-#
-# File copying
-#
-msg2 "Copying package files..."
-
-while read i; do
-	if [[ -z $i ]]; then
-		continue
-	fi
-
-	if [[ $i == %+([A-Z])% ]]; then
-		current=$i
-		continue
-	fi
-
-	case "$current" in
-		%FILES%)
-			local_file="/$i"
-			package_file="$work_dir/$i"
-
-			if [[ ! -e $local_file ]]; then
-				warning "package file $local_file is missing"
-				continue
-			fi
-			;;
-
-		%BACKUP%)
-			# Get the MD5 checksum.
-			original_md5="${i##*$'\t'}"
-			# Strip the md5sum after the tab.
-			i="${i%$'\t'*}"
-			local_file="/$i.pacnew"
-			package_file="$work_dir/$i"
-
-			# Include unmodified .pacnew files.
-			local_md5="$(md5sum "$local_file" | cut -d' ' -f1)"
-			if [[ $INCLUDE_PACNEW == 'n' ]] \
-			|| [[ ! -e $local_file ]] \
-			|| [[ $local_md5 != $original_md5 ]]; then
-				# Warn about modified files.
-				local_md5="$(md5sum "/$i" | cut -d' ' -f1)"
-				if [[ $local_md5 != $original_md5 ]]; then
-					warning "package file /$i has been modified"
-				fi
-				# Let the normal file be included in the %FILES% list.
-				continue
-			fi
-			;;
-
-		*)
-			continue
-			;;
-	esac
-
-	ret=0
-	/usr/bin/bsdtar -cnf - -s'/.pacnew$//' "$local_file" 2> /dev/null | /bin/bsdtar -xpf - 2> /dev/null
-
-	# Workaround to bsdtar not reporting a missing file as an error
-	if ! [[ -e $package_file || -L $package_file ]]; then
-		error "unable to add $local_file to the package"
-		plain "       If your user does not have permission to read this file, then"
-		plain "       you will need to run $myname as root."
-		rm -rf "$work_dir"
-		exit 1
-	fi
-done < "$pkg_dir"/files
-
-ret=$?
-if (( ret )); then
-	rm -rf "$work_dir"
-	exit 1
-fi
-
-pkg_size=$(du -sk | awk '{print $1 * 1024}')
-
-#
-# .PKGINFO stuff
-# TODO adopt makepkg's write_pkginfo() into this or scripts/library
-#
-msg2 "Generating .PKGINFO metadata..."
-echo "# Generated by $myname $myver"    > .PKGINFO
-echo "# $(LC_ALL=C date)"            >> .PKGINFO
-echo "#"                    >> .PKGINFO
-
-while read i; do
-	if [[ -z $i ]]; then
-		continue;
-	fi
-
-	if [[ $i == %+([A-Z])% ]]; then
-		current=$i
-		continue
-	fi
-
-	case "$current" in
-		# desc
-		%NAME%)
-			echo "pkgname = $i"    >> .PKGINFO
-			;;
-		%VERSION%)
-			echo "pkgver = $i"    >> .PKGINFO
-			;;
-		%DESC%)
-			echo "pkgdesc = $i"    >> .PKGINFO
-			;;
-		%URL%)
-			echo "url = $i"    >> .PKGINFO
-			;;
-		%LICENSE%)
-			echo "license = $i"    >> .PKGINFO
-			;;
-		%ARCH%)
-			echo "arch = $i"    >> .PKGINFO
-			pkg_arch="$i"
-			;;
-		%BUILDDATE%)
-			echo "builddate = $(date -u "+%s")"    >> .PKGINFO
-			;;
-		%PACKAGER%)
-			echo "packager = $pkg_pkger"        >> .PKGINFO
-			;;
-		%SIZE%)
-			echo "size = $pkg_size"        >> .PKGINFO
-			;;
-		%GROUPS%)
-			echo "group = $i"    >> .PKGINFO
-			;;
-		%REPLACES%)
-			echo "replaces = $i"    >> .PKGINFO
-			;;
-		%DEPENDS%)
-			echo "depend = $i"   >> .PKGINFO
-			;;
-		%OPTDEPENDS%)
-			echo "optdepend = $i" >> .PKGINFO
-			;;
-		%CONFLICTS%)
-			echo "conflict = $i" >> .PKGINFO
-			;;
-		%PROVIDES%)
-			echo "provides = $i"  >> .PKGINFO
-			;;
-
-		# files
-		%BACKUP%)
-			# Strip the md5sum after the tab
-			echo "backup = ${i%%$'\t'*}"   >> .PKGINFO
-			;;
-	esac
-done < <(cat "$pkg_dir"/{desc,files})
-
-comp_files=".PKGINFO"
-
-if [[ -f $pkg_dir/install ]]; then
-	cp "$pkg_dir/install" "$work_dir/.INSTALL"
-	comp_files+=" .INSTALL"
-fi
-if [[ -f $pkg_dir/changelog ]]; then
-	cp "$pkg_dir/changelog" "$work_dir/.CHANGELOG"
-	comp_files+=" .CHANGELOG"
-fi
-
-#
-# Fixes owner:group and permissions for .PKGINFO, .CHANGELOG, .INSTALL
-#
-chown root:root "$work_dir"/{.PKGINFO,.CHANGELOG,.INSTALL} 2> /dev/null
-chmod 644 "$work_dir"/{.PKGINFO,.CHANGELOG,.INSTALL} 2> /dev/null
-
-#
-# Generate the package
-#
-msg2 "Generating the package..."
-
-pkg_file="$pkg_dest/$pkg_namver-$pkg_arch${PKGEXT}"
-ret=0
-
-# TODO: Maybe this can be set globally for robustness
-shopt -s -o pipefail
-/usr/bin/bsdtar -cf - $comp_files * |
-case "$PKGEXT" in
-	*tar.gz)  /bin/gzip -c -f -n ;;
-	*tar.bz2) /bin/bzip2 -c -f ;;
-	*tar.xz)  /bin/xz -c -z - ;;
-	*tar.Z)   compress -c -f ;;
-	*tar)     cat ;;
-	*) warning "'%s' is not a valid archive extension." \
-	"$PKGEXT"; cat ;;
-esac > "${pkg_file}"; ret=$?
-
-if (( ret )); then
-	error "Unable to write package to $pkg_dest"
-	plain "       Maybe the disk is full or you do not have write access"
-	rm -rf "$work_dir"
-	exit 1
-fi
-
-rm -rf "$work_dir"
-
-msg "Done."
-
-exit 0
-
-# vim: set noet:
diff --git a/msys2/usr/bin/base32.exe b/msys2/usr/bin/base32.exe
index 01f89b8c7..b6a8313ee 100644
Binary files a/msys2/usr/bin/base32.exe and b/msys2/usr/bin/base32.exe differ
diff --git a/msys2/usr/bin/base64.exe b/msys2/usr/bin/base64.exe
index 9448fb275..2736b32d8 100644
Binary files a/msys2/usr/bin/base64.exe and b/msys2/usr/bin/base64.exe differ
diff --git a/msys2/usr/bin/basename.exe b/msys2/usr/bin/basename.exe
index 706618427..2640e55a3 100644
Binary files a/msys2/usr/bin/basename.exe and b/msys2/usr/bin/basename.exe differ
diff --git a/msys2/usr/bin/basenc.exe b/msys2/usr/bin/basenc.exe
new file mode 100644
index 000000000..607ed2a26
Binary files /dev/null and b/msys2/usr/bin/basenc.exe differ
diff --git a/msys2/usr/bin/bash.exe b/msys2/usr/bin/bash.exe
index faeaa9d1b..98906a71b 100644
Binary files a/msys2/usr/bin/bash.exe and b/msys2/usr/bin/bash.exe differ
diff --git a/msys2/usr/bin/bashbug b/msys2/usr/bin/bashbug
index e37996b33..0761a22f5 100644
--- a/msys2/usr/bin/bashbug
+++ b/msys2/usr/bin/bashbug
@@ -31,7 +31,7 @@ OS="msys"
 CC="gcc"
 CFLAGS=" -DPROGRAM='bash.exe' -DCONF_HOSTTYPE='i686' -DCONF_OSTYPE='msys' -DCONF_MACHTYPE='i686-pc-msys' -DCONF_VENDOR='pc' -DLOCALEDIR='/usr/share/locale' -DPACKAGE='bash' -DSHELL -DHAVE_CONFIG_H -DRECYCLES_PIDS   -I.  -I. -I./include -I./lib  -DWORDEXP_OPTION -march=i686 -mtune=generic -O2 -pipe -Wno-parentheses -Wno-format-security -D_STATIC_BUILD"
 RELEASE="4.4"
-PATCHLEVEL="19"
+PATCHLEVEL="23"
 RELSTATUS="release"
 MACHTYPE="i686-pc-msys"
 
diff --git a/msys2/usr/bin/blkid.exe b/msys2/usr/bin/blkid.exe
index d535470c7..1fe05bfc7 100644
Binary files a/msys2/usr/bin/blkid.exe and b/msys2/usr/bin/blkid.exe differ
diff --git a/msys2/usr/bin/brotli.exe b/msys2/usr/bin/brotli.exe
new file mode 100644
index 000000000..5605cd71a
Binary files /dev/null and b/msys2/usr/bin/brotli.exe differ
diff --git a/msys2/usr/bin/bsdcpio.exe b/msys2/usr/bin/bsdcpio.exe
index f7c331abe..c9cd8a8a3 100644
Binary files a/msys2/usr/bin/bsdcpio.exe and b/msys2/usr/bin/bsdcpio.exe differ
diff --git a/msys2/usr/bin/bsdtar.exe b/msys2/usr/bin/bsdtar.exe
index 9fdb46cde..89e1a56e0 100644
Binary files a/msys2/usr/bin/bsdtar.exe and b/msys2/usr/bin/bsdtar.exe differ
diff --git a/msys2/usr/bin/c_rehash b/msys2/usr/bin/c_rehash
index ca38358c1..c88f05699 100644
--- a/msys2/usr/bin/c_rehash
+++ b/msys2/usr/bin/c_rehash
@@ -1,4 +1,13 @@
-#!/usr/bin/perl.exe
+#!/usr/bin/env perl
+
+# WARNING: do not edit!
+# Generated by Makefile from tools/c_rehash.in
+# Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
 
 # Perl c_rehash script, scan all files in a directory
 # and add symbolic links to their hash values.
@@ -6,12 +15,14 @@
 my $dir = "/usr/ssl";
 my $prefix = "/usr";
 
+my $errorcount = 0;
 my $openssl = $ENV{OPENSSL} || "openssl";
 my $pwd;
 my $x509hash = "-subject_hash";
 my $crlhash = "-hash";
 my $verbose = 0;
 my $symlink_exists=eval {symlink("",""); 1};
+if ($^O eq "msys") { $symlink_exists=0 };
 my $removelinks = 1;
 
 ##  Parse flags.
@@ -21,7 +32,7 @@ while ( $ARGV[0] =~ /^-/ ) {
     if ( $flag eq '-old') {
 	    $x509hash = "-subject_hash_old";
 	    $crlhash = "-hash_old";
-    } elsif ( $flag eq '-h') {
+    } elsif ( $flag eq '-h' || $flag eq '-help' ) {
 	    help();
     } elsif ( $flag eq '-n' ) {
 	    $removelinks = 0;
@@ -29,15 +40,15 @@ while ( $ARGV[0] =~ /^-/ ) {
 	    $verbose++;
     }
     else {
-	    print STDERR "Usage error; try -help.\n";
+	    print STDERR "Usage error; try -h.\n";
 	    exit 1;
     }
 }
 
 sub help {
-	print "Usage: c_rehash [-old] [-h] [-v] [dirs...]\n";
+	print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n";
 	print "   -old use old-style digest\n";
-	print "   -h print this help text\n";
+	print "   -h or -help print this help text\n";
 	print "   -v print files removed and linked\n";
 	exit 0;
 }
@@ -54,24 +65,24 @@ if (defined(&Cwd::getcwd)) {
 my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
 $ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
 
-if(! -x $openssl) {
+if (! -x $openssl) {
 	my $found = 0;
 	foreach (split /$path_delim/, $ENV{PATH}) {
-		if(-x "$_/$openssl") {
+		if (-x "$_/$openssl") {
 			$found = 1;
 			$openssl = "$_/$openssl";
 			last;
 		}	
 	}
-	if($found == 0) {
+	if ($found == 0) {
 		print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
 		exit 0;
 	}
 }
 
-if(@ARGV) {
+if (@ARGV) {
 	@dirlist = @ARGV;
-} elsif($ENV{SSL_CERT_DIR}) {
+} elsif ($ENV{SSL_CERT_DIR}) {
 	@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
 } else {
 	$dirlist[0] = "$dir/certs";
@@ -84,36 +95,42 @@ if (-d $dirlist[0]) {
 }
 
 foreach (@dirlist) {
-	if(-d $_ and -w $_) {
+	if (-d $_ ) {
+            if ( -w $_) {
 		hash_dir($_);
+            } else {
+                print "Skipping $_, can't write\n";
+                $errorcount++;
+            }
 	}
 }
+exit($errorcount);
 
 sub hash_dir {
 	my %hashlist;
 	print "Doing $_[0]\n";
 	chdir $_[0];
 	opendir(DIR, ".");
-	my @flist = readdir(DIR);
+	my @flist = sort readdir(DIR);
 	closedir DIR;
 	if ( $removelinks ) {
 		# Delete any existing symbolic links
 		foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
-			if(-l $_) {
-				unlink $_;
+			if (-l $_) {
 				print "unlink $_" if $verbose;
+				unlink $_ || warn "Can't unlink $_, $!\n";
 			}
 		}
 	}
 	FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
 		# Check to see if certificates and/or CRLs present.
 		my ($cert, $crl) = check_file($fname);
-		if(!$cert && !$crl) {
+		if (!$cert && !$crl) {
 			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
 			next;
 		}
-		link_hash_cert($fname) if($cert);
-		link_hash_crl($fname) if($crl);
+		link_hash_cert($fname) if ($cert);
+		link_hash_crl($fname) if ($crl);
 	}
 }
 
@@ -122,14 +139,14 @@ sub check_file {
 	my $fname = $_[0];
 	open IN, $fname;
 	while(<IN>) {
-		if(/^-----BEGIN (.*)-----/) {
+		if (/^-----BEGIN (.*)-----/) {
 			my $hdr = $1;
-			if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
+			if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
 				$is_cert = 1;
-				last if($is_crl);
-			} elsif($hdr eq "X509 CRL") {
+				last if ($is_crl);
+			} elsif ($hdr eq "X509 CRL") {
 				$is_crl = 1;
-				last if($is_cert);
+				last if ($is_cert);
 			}
 		}
 	}
@@ -156,7 +173,7 @@ sub link_hash_cert {
 		# Search for an unused hash filename
 		while(exists $hashlist{"$hash.$suffix"}) {
 			# Hash matches: if fingerprint matches its a duplicate cert
-			if($hashlist{"$hash.$suffix"} eq $fprint) {
+			if ($hashlist{"$hash.$suffix"} eq $fprint) {
 				print STDERR "WARNING: Skipping duplicate certificate $fname\n";
 				return;
 			}
@@ -164,15 +181,21 @@ sub link_hash_cert {
 		}
 		$hash .= ".$suffix";
 		if ($symlink_exists) {
-			symlink $fname, $hash;
 			print "link $fname -> $hash\n" if $verbose;
+			symlink $fname, $hash || warn "Can't symlink, $!";
 		} else {
-			open IN,"<$fname" or die "can't open $fname for read";
-			open OUT,">$hash" or die "can't open $hash for write";
-			print OUT <IN>;	# does the job for small text files
-			close OUT;
-			close IN;
 			print "copy $fname -> $hash\n" if $verbose;
+                        if (open($in, "<", $fname)) {
+                            if (open($out,">", $hash)) {
+                                print $out $_ while (<$in>);
+                                close $out;
+                            } else {
+                                warn "can't open $hash for write, $!";
+                            }
+                            close $in;
+                        } else {
+                            warn "can't open $fname for read, $!";
+                        }
 		}
 		$hashlist{$hash} = $fprint;
 }
@@ -191,7 +214,7 @@ sub link_hash_crl {
 		# Search for an unused hash filename
 		while(exists $hashlist{"$hash.r$suffix"}) {
 			# Hash matches: if fingerprint matches its a duplicate cert
-			if($hashlist{"$hash.r$suffix"} eq $fprint) {
+			if ($hashlist{"$hash.r$suffix"} eq $fprint) {
 				print STDERR "WARNING: Skipping duplicate CRL $fname\n";
 				return;
 			}
@@ -199,12 +222,12 @@ sub link_hash_crl {
 		}
 		$hash .= ".r$suffix";
 		if ($symlink_exists) {
-			symlink $fname, $hash;
 			print "link $fname -> $hash\n" if $verbose;
+			symlink $fname, $hash || warn "Can't symlink, $!";
 		} else {
-			system ("cp", $fname, $hash);
 			print "cp $fname -> $hash\n" if $verbose;
+			system ("cp", $fname, $hash);
+                        warn "Can't copy, $!" if ($? >> 8) != 0;
 		}
 		$hashlist{$hash} = $fprint;
 }
-
diff --git a/msys2/usr/bin/cal.exe b/msys2/usr/bin/cal.exe
index 273b905c5..33061bcd3 100644
Binary files a/msys2/usr/bin/cal.exe and b/msys2/usr/bin/cal.exe differ
diff --git a/msys2/usr/bin/captoinfo.exe b/msys2/usr/bin/captoinfo.exe
index a982a3dc6..8a0fe9b56 100644
Binary files a/msys2/usr/bin/captoinfo.exe and b/msys2/usr/bin/captoinfo.exe differ
diff --git a/msys2/usr/bin/cat.exe b/msys2/usr/bin/cat.exe
index 4e6d09353..c566fec33 100644
Binary files a/msys2/usr/bin/cat.exe and b/msys2/usr/bin/cat.exe differ
diff --git a/msys2/usr/bin/cfdisk.exe b/msys2/usr/bin/cfdisk.exe
index 70e5bb07b..491f2140b 100644
Binary files a/msys2/usr/bin/cfdisk.exe and b/msys2/usr/bin/cfdisk.exe differ
diff --git a/msys2/usr/bin/chattr.exe b/msys2/usr/bin/chattr.exe
new file mode 100644
index 000000000..48f5fbffa
Binary files /dev/null and b/msys2/usr/bin/chattr.exe differ
diff --git a/msys2/usr/bin/chcon.exe b/msys2/usr/bin/chcon.exe
index 0deb58e8c..989dcf502 100644
Binary files a/msys2/usr/bin/chcon.exe and b/msys2/usr/bin/chcon.exe differ
diff --git a/msys2/usr/bin/checkupdates b/msys2/usr/bin/checkupdates
index a6f51a905..a9e4f7834 100644
--- a/msys2/usr/bin/checkupdates
+++ b/msys2/usr/bin/checkupdates
@@ -19,7 +19,7 @@
 #
 
 declare -r myname='checkupdates'
-declare -r myver='5.0.1'
+declare -r myver='1.0.0'
 
 plain() {
 	(( QUIET )) && return
@@ -78,7 +78,7 @@ readonly ALL_OFF BOLD BLUE GREEN RED YELLOW
 
 
 if (( $# > 0 )); then
-	echo "${myname} (pacman) v${myver}"
+	echo "${myname} v${myver}"
 	echo
 	echo "Safely print a list of pending updates"
 	echo
@@ -94,12 +94,17 @@ fi
 
 trap 'rm -f $CHECKUPDATES_DB/db.lck' INT TERM EXIT
 
-DBPath="${DBPath:-/var/lib/pacman/}"
-eval $(awk -F' *= *' '$1 ~ /DBPath/ { print $1 "=" $2 }' /etc/pacman.conf)
+DBPath="$(pacman-conf DBPath)"
+if [[ -z "$DBPath" ]] || [[ ! -d "$DBPath" ]]; then
+	DBPath="/var/lib/pacman/"
+fi
 
 mkdir -p "$CHECKUPDATES_DB"
 ln -s "${DBPath}/local" "$CHECKUPDATES_DB" &> /dev/null
-pacman -Sy --dbpath "$CHECKUPDATES_DB" --logfile /dev/null &> /dev/null
+if ! pacman -Sy --dbpath "$CHECKUPDATES_DB" --logfile /dev/null &> /dev/null; then
+       error 'Cannot fetch updates'
+       exit 1
+fi
 pacman -Qu --dbpath "$CHECKUPDATES_DB" 2> /dev/null | grep -v '\[.*\]'
 
 exit 0
diff --git a/msys2/usr/bin/chgrp.exe b/msys2/usr/bin/chgrp.exe
index 38eeb65d3..a034eed22 100644
Binary files a/msys2/usr/bin/chgrp.exe and b/msys2/usr/bin/chgrp.exe differ
diff --git a/msys2/usr/bin/chmod.exe b/msys2/usr/bin/chmod.exe
index 1487f2ec1..2c5a4b987 100644
Binary files a/msys2/usr/bin/chmod.exe and b/msys2/usr/bin/chmod.exe differ
diff --git a/msys2/usr/bin/chown.exe b/msys2/usr/bin/chown.exe
index b07bd48c6..4d0b994d1 100644
Binary files a/msys2/usr/bin/chown.exe and b/msys2/usr/bin/chown.exe differ
diff --git a/msys2/usr/bin/chroot.exe b/msys2/usr/bin/chroot.exe
index fcbc8aa5a..a29363616 100644
Binary files a/msys2/usr/bin/chroot.exe and b/msys2/usr/bin/chroot.exe differ
diff --git a/msys2/usr/bin/cksum.exe b/msys2/usr/bin/cksum.exe
index 5c6fd82c8..8e545d53e 100644
Binary files a/msys2/usr/bin/cksum.exe and b/msys2/usr/bin/cksum.exe differ
diff --git a/msys2/usr/bin/cleanupdelta.exe b/msys2/usr/bin/cleanupdelta.exe
index 6c90d2ba3..7818eac29 100644
Binary files a/msys2/usr/bin/cleanupdelta.exe and b/msys2/usr/bin/cleanupdelta.exe differ
diff --git a/msys2/usr/bin/clear.exe b/msys2/usr/bin/clear.exe
index 781083e95..8f6966f4b 100644
Binary files a/msys2/usr/bin/clear.exe and b/msys2/usr/bin/clear.exe differ
diff --git a/msys2/usr/bin/col.exe b/msys2/usr/bin/col.exe
index 0b91ed1b0..806090856 100644
Binary files a/msys2/usr/bin/col.exe and b/msys2/usr/bin/col.exe differ
diff --git a/msys2/usr/bin/colcrt.exe b/msys2/usr/bin/colcrt.exe
index bac8c0f67..f96766bd4 100644
Binary files a/msys2/usr/bin/colcrt.exe and b/msys2/usr/bin/colcrt.exe differ
diff --git a/msys2/usr/bin/colrm.exe b/msys2/usr/bin/colrm.exe
index 6d57520a4..b80bf3138 100644
Binary files a/msys2/usr/bin/colrm.exe and b/msys2/usr/bin/colrm.exe differ
diff --git a/msys2/usr/bin/column.exe b/msys2/usr/bin/column.exe
index 750937bce..e3303f4e4 100644
Binary files a/msys2/usr/bin/column.exe and b/msys2/usr/bin/column.exe differ
diff --git a/msys2/usr/bin/comm.exe b/msys2/usr/bin/comm.exe
index 96cc4d6f9..10d76fa80 100644
Binary files a/msys2/usr/bin/comm.exe and b/msys2/usr/bin/comm.exe differ
diff --git a/msys2/usr/bin/convert-dtsv0.exe b/msys2/usr/bin/convert-dtsv0.exe
index 42a5a8fef..3c405c40c 100644
Binary files a/msys2/usr/bin/convert-dtsv0.exe and b/msys2/usr/bin/convert-dtsv0.exe differ
diff --git a/msys2/usr/bin/cp.exe b/msys2/usr/bin/cp.exe
index d70783ae9..c4d2dec21 100644
Binary files a/msys2/usr/bin/cp.exe and b/msys2/usr/bin/cp.exe differ
diff --git a/msys2/usr/bin/csplit.exe b/msys2/usr/bin/csplit.exe
index 40a5e52a7..01523e60f 100644
Binary files a/msys2/usr/bin/csplit.exe and b/msys2/usr/bin/csplit.exe differ
diff --git a/msys2/usr/bin/curl.exe b/msys2/usr/bin/curl.exe
index 8423f55d2..5f315738c 100644
Binary files a/msys2/usr/bin/curl.exe and b/msys2/usr/bin/curl.exe differ
diff --git a/msys2/usr/bin/cut.exe b/msys2/usr/bin/cut.exe
index 320c3afb2..39f4595b5 100644
Binary files a/msys2/usr/bin/cut.exe and b/msys2/usr/bin/cut.exe differ
diff --git a/msys2/usr/bin/cygcheck.exe b/msys2/usr/bin/cygcheck.exe
index 1bb5f9a45..e9f7c977e 100644
Binary files a/msys2/usr/bin/cygcheck.exe and b/msys2/usr/bin/cygcheck.exe differ
diff --git a/msys2/usr/bin/cygpath.exe b/msys2/usr/bin/cygpath.exe
index b286b6bd3..42ea48b35 100644
Binary files a/msys2/usr/bin/cygpath.exe and b/msys2/usr/bin/cygpath.exe differ
diff --git a/msys2/usr/bin/cygwin-console-helper.exe b/msys2/usr/bin/cygwin-console-helper.exe
index e0b6923ea..5e67eca3a 100644
Binary files a/msys2/usr/bin/cygwin-console-helper.exe and b/msys2/usr/bin/cygwin-console-helper.exe differ
diff --git a/msys2/usr/bin/dash.exe b/msys2/usr/bin/dash.exe
index 0438a0a55..65791ce2c 100644
Binary files a/msys2/usr/bin/dash.exe and b/msys2/usr/bin/dash.exe differ
diff --git a/msys2/usr/bin/date.exe b/msys2/usr/bin/date.exe
index a24e19cf6..2d1d11b6f 100644
Binary files a/msys2/usr/bin/date.exe and b/msys2/usr/bin/date.exe differ
diff --git a/msys2/usr/bin/dd.exe b/msys2/usr/bin/dd.exe
index 18b0991be..ee8633ac2 100644
Binary files a/msys2/usr/bin/dd.exe and b/msys2/usr/bin/dd.exe differ
diff --git a/msys2/usr/bin/df.exe b/msys2/usr/bin/df.exe
index 0ea2854dd..36f370e0c 100644
Binary files a/msys2/usr/bin/df.exe and b/msys2/usr/bin/df.exe differ
diff --git a/msys2/usr/bin/dir.exe b/msys2/usr/bin/dir.exe
index 1f7899a89..cb7f2a33f 100644
Binary files a/msys2/usr/bin/dir.exe and b/msys2/usr/bin/dir.exe differ
diff --git a/msys2/usr/bin/dircolors.exe b/msys2/usr/bin/dircolors.exe
index 9f683ae21..f97d0500d 100644
Binary files a/msys2/usr/bin/dircolors.exe and b/msys2/usr/bin/dircolors.exe differ
diff --git a/msys2/usr/bin/dirmngr-client.exe b/msys2/usr/bin/dirmngr-client.exe
new file mode 100644
index 000000000..3787e7bb2
Binary files /dev/null and b/msys2/usr/bin/dirmngr-client.exe differ
diff --git a/msys2/usr/bin/dirmngr.exe b/msys2/usr/bin/dirmngr.exe
new file mode 100644
index 000000000..6e1143f91
Binary files /dev/null and b/msys2/usr/bin/dirmngr.exe differ
diff --git a/msys2/usr/bin/dirname.exe b/msys2/usr/bin/dirname.exe
index 587ceeec7..9f72490d8 100644
Binary files a/msys2/usr/bin/dirname.exe and b/msys2/usr/bin/dirname.exe differ
diff --git a/msys2/usr/bin/dnsdomainname.exe b/msys2/usr/bin/dnsdomainname.exe
index 735467c7d..d8669707d 100644
Binary files a/msys2/usr/bin/dnsdomainname.exe and b/msys2/usr/bin/dnsdomainname.exe differ
diff --git a/msys2/usr/bin/dtc.exe b/msys2/usr/bin/dtc.exe
index e50bd70cc..19baa4f2d 100644
Binary files a/msys2/usr/bin/dtc.exe and b/msys2/usr/bin/dtc.exe differ
diff --git a/msys2/usr/bin/du.exe b/msys2/usr/bin/du.exe
index 76693bf7f..c1d7d9d92 100644
Binary files a/msys2/usr/bin/du.exe and b/msys2/usr/bin/du.exe differ
diff --git a/msys2/usr/bin/dumper.exe b/msys2/usr/bin/dumper.exe
index 3494134fa..723a1b1ba 100644
Binary files a/msys2/usr/bin/dumper.exe and b/msys2/usr/bin/dumper.exe differ
diff --git a/msys2/usr/bin/dumpsexp.exe b/msys2/usr/bin/dumpsexp.exe
index 0cff3ea8f..bbbd2de92 100644
Binary files a/msys2/usr/bin/dumpsexp.exe and b/msys2/usr/bin/dumpsexp.exe differ
diff --git a/msys2/usr/bin/echo.exe b/msys2/usr/bin/echo.exe
index a3e3da074..cf51292f6 100644
Binary files a/msys2/usr/bin/echo.exe and b/msys2/usr/bin/echo.exe differ
diff --git a/msys2/usr/bin/env.exe b/msys2/usr/bin/env.exe
index e3f7e38de..855227797 100644
Binary files a/msys2/usr/bin/env.exe and b/msys2/usr/bin/env.exe differ
diff --git a/msys2/usr/bin/expand.exe b/msys2/usr/bin/expand.exe
index b153b5a41..8c2ed361d 100644
Binary files a/msys2/usr/bin/expand.exe and b/msys2/usr/bin/expand.exe differ
diff --git a/msys2/usr/bin/expr.exe b/msys2/usr/bin/expr.exe
index a8618565f..e048459af 100644
Binary files a/msys2/usr/bin/expr.exe and b/msys2/usr/bin/expr.exe differ
diff --git a/msys2/usr/bin/factor.exe b/msys2/usr/bin/factor.exe
index a794f31f6..d3f601255 100644
Binary files a/msys2/usr/bin/factor.exe and b/msys2/usr/bin/factor.exe differ
diff --git a/msys2/usr/bin/false.exe b/msys2/usr/bin/false.exe
index 47ef4d438..7e9449331 100644
Binary files a/msys2/usr/bin/false.exe and b/msys2/usr/bin/false.exe differ
diff --git a/msys2/usr/bin/fdisk.exe b/msys2/usr/bin/fdisk.exe
index ea8d6a4af..0457f1fab 100644
Binary files a/msys2/usr/bin/fdisk.exe and b/msys2/usr/bin/fdisk.exe differ
diff --git a/msys2/usr/bin/fdtdump.exe b/msys2/usr/bin/fdtdump.exe
index 86d98b6b8..aeb59c573 100644
Binary files a/msys2/usr/bin/fdtdump.exe and b/msys2/usr/bin/fdtdump.exe differ
diff --git a/msys2/usr/bin/fdtget.exe b/msys2/usr/bin/fdtget.exe
index bc628dd12..0c748d7ef 100644
Binary files a/msys2/usr/bin/fdtget.exe and b/msys2/usr/bin/fdtget.exe differ
diff --git a/msys2/usr/bin/fdtoverlay.exe b/msys2/usr/bin/fdtoverlay.exe
new file mode 100644
index 000000000..480da9b28
Binary files /dev/null and b/msys2/usr/bin/fdtoverlay.exe differ
diff --git a/msys2/usr/bin/fdtput.exe b/msys2/usr/bin/fdtput.exe
index e53d2f89a..f49be3e67 100644
Binary files a/msys2/usr/bin/fdtput.exe and b/msys2/usr/bin/fdtput.exe differ
diff --git a/msys2/usr/bin/file.exe b/msys2/usr/bin/file.exe
index ff1e23605..d7c51a883 100644
Binary files a/msys2/usr/bin/file.exe and b/msys2/usr/bin/file.exe differ
diff --git a/msys2/usr/bin/findfs.exe b/msys2/usr/bin/findfs.exe
index de313461e..5f9d59341 100644
Binary files a/msys2/usr/bin/findfs.exe and b/msys2/usr/bin/findfs.exe differ
diff --git a/msys2/usr/bin/flock.exe b/msys2/usr/bin/flock.exe
index e65ece577..7ffd008e0 100644
Binary files a/msys2/usr/bin/flock.exe and b/msys2/usr/bin/flock.exe differ
diff --git a/msys2/usr/bin/fmt.exe b/msys2/usr/bin/fmt.exe
index b51b72447..1999036fc 100644
Binary files a/msys2/usr/bin/fmt.exe and b/msys2/usr/bin/fmt.exe differ
diff --git a/msys2/usr/bin/fold.exe b/msys2/usr/bin/fold.exe
index 76c8064d5..b2b53cfd7 100644
Binary files a/msys2/usr/bin/fold.exe and b/msys2/usr/bin/fold.exe differ
diff --git a/msys2/usr/bin/fsck.cramfs.exe b/msys2/usr/bin/fsck.cramfs.exe
index bb436b390..bc48280f9 100644
Binary files a/msys2/usr/bin/fsck.cramfs.exe and b/msys2/usr/bin/fsck.cramfs.exe differ
diff --git a/msys2/usr/bin/fsck.minix.exe b/msys2/usr/bin/fsck.minix.exe
index 98b136c37..15804cb6e 100644
Binary files a/msys2/usr/bin/fsck.minix.exe and b/msys2/usr/bin/fsck.minix.exe differ
diff --git a/msys2/usr/bin/ftp.exe b/msys2/usr/bin/ftp.exe
index b581e4528..db6dd3fa2 100644
Binary files a/msys2/usr/bin/ftp.exe and b/msys2/usr/bin/ftp.exe differ
diff --git a/msys2/usr/bin/gapplication.exe b/msys2/usr/bin/gapplication.exe
index 37631748b..74a061c50 100644
Binary files a/msys2/usr/bin/gapplication.exe and b/msys2/usr/bin/gapplication.exe differ
diff --git a/msys2/usr/bin/gawk-4.2.0.exe b/msys2/usr/bin/gawk-4.2.0.exe
deleted file mode 100644
index 5c904f04b..000000000
Binary files a/msys2/usr/bin/gawk-4.2.0.exe and /dev/null differ
diff --git a/msys2/usr/bin/gawk-5.0.0.exe b/msys2/usr/bin/gawk-5.0.0.exe
new file mode 100644
index 000000000..145b46af9
Binary files /dev/null and b/msys2/usr/bin/gawk-5.0.0.exe differ
diff --git a/msys2/usr/bin/gawk.exe b/msys2/usr/bin/gawk.exe
index 5c904f04b..145b46af9 100644
Binary files a/msys2/usr/bin/gawk.exe and b/msys2/usr/bin/gawk.exe differ
diff --git a/msys2/usr/bin/gdbus.exe b/msys2/usr/bin/gdbus.exe
index cf4d47d1b..f0a6c90c1 100644
Binary files a/msys2/usr/bin/gdbus.exe and b/msys2/usr/bin/gdbus.exe differ
diff --git a/msys2/usr/bin/gencat.exe b/msys2/usr/bin/gencat.exe
index 7c2f7efc1..c13038cd7 100644
Binary files a/msys2/usr/bin/gencat.exe and b/msys2/usr/bin/gencat.exe differ
diff --git a/msys2/usr/bin/getconf.exe b/msys2/usr/bin/getconf.exe
index 650ab82c7..76843e259 100644
Binary files a/msys2/usr/bin/getconf.exe and b/msys2/usr/bin/getconf.exe differ
diff --git a/msys2/usr/bin/getfacl.exe b/msys2/usr/bin/getfacl.exe
index 21830925c..1543513cb 100644
Binary files a/msys2/usr/bin/getfacl.exe and b/msys2/usr/bin/getfacl.exe differ
diff --git a/msys2/usr/bin/getopt.exe b/msys2/usr/bin/getopt.exe
index c1af17c18..bcfe9c07b 100644
Binary files a/msys2/usr/bin/getopt.exe and b/msys2/usr/bin/getopt.exe differ
diff --git a/msys2/usr/bin/gio-querymodules.exe b/msys2/usr/bin/gio-querymodules.exe
index ea0e5d2aa..928926dc6 100644
Binary files a/msys2/usr/bin/gio-querymodules.exe and b/msys2/usr/bin/gio-querymodules.exe differ
diff --git a/msys2/usr/bin/gkill.exe b/msys2/usr/bin/gkill.exe
index 3d0584fe7..4d92c7d20 100644
Binary files a/msys2/usr/bin/gkill.exe and b/msys2/usr/bin/gkill.exe differ
diff --git a/msys2/usr/bin/glib-compile-schemas.exe b/msys2/usr/bin/glib-compile-schemas.exe
index 9a4b649a5..ef6bbb930 100644
Binary files a/msys2/usr/bin/glib-compile-schemas.exe and b/msys2/usr/bin/glib-compile-schemas.exe differ
diff --git a/msys2/usr/bin/gobject-query.exe b/msys2/usr/bin/gobject-query.exe
index d120208c4..dc07a2b41 100644
Binary files a/msys2/usr/bin/gobject-query.exe and b/msys2/usr/bin/gobject-query.exe differ
diff --git a/msys2/usr/bin/gpg-agent.exe b/msys2/usr/bin/gpg-agent.exe
new file mode 100644
index 000000000..382cd4a2f
Binary files /dev/null and b/msys2/usr/bin/gpg-agent.exe differ
diff --git a/msys2/usr/bin/gpg-connect-agent.exe b/msys2/usr/bin/gpg-connect-agent.exe
new file mode 100644
index 000000000..c2165aa05
Binary files /dev/null and b/msys2/usr/bin/gpg-connect-agent.exe differ
diff --git a/msys2/usr/bin/gpg-error.exe b/msys2/usr/bin/gpg-error.exe
index feefe694f..265dd54ff 100644
Binary files a/msys2/usr/bin/gpg-error.exe and b/msys2/usr/bin/gpg-error.exe differ
diff --git a/msys2/usr/bin/gpg-wks-server.exe b/msys2/usr/bin/gpg-wks-server.exe
new file mode 100644
index 000000000..bf9c69c9e
Binary files /dev/null and b/msys2/usr/bin/gpg-wks-server.exe differ
diff --git a/msys2/usr/bin/gpg-zip b/msys2/usr/bin/gpg-zip
deleted file mode 100644
index 38dece599..000000000
--- a/msys2/usr/bin/gpg-zip
+++ /dev/null
@@ -1,142 +0,0 @@
-#!/bin/sh
-
-# gpg-archive - gpg-ized tar using the same format as PGP's PGP Zip.
-# Copyright (C) 2005 Free Software Foundation, Inc.
-#
-# This file is part of GnuPG.
-#
-# GnuPG is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-#
-# GnuPG is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, see <http://www.gnu.org/licenses/>.
-# Despite the name, PGP Zip format is actually an OpenPGP-wrapped tar
-# file.  To be compatible with PGP itself, this must be a USTAR format
-# tar file.  Unclear on whether there is a distinction here between
-# the GNU or POSIX variant of USTAR.
-
-VERSION=1.4.22
-TAR=/usr/bin/tar
-GPG=gpg
-
-usage="\
-Usage: gpg-zip [--help] [--version] [--encrypt] [--decrypt] [--symmetric]
-       [--list-archive] [--output FILE] [--gpg GPG] [--gpg-args ARGS]
-       [--tar TAR] [--tar-args ARGS] filename1 [filename2, ...]
-       directory1 [directory2, ...]
-
-Encrypt or sign files into an archive."
-
-while test $# -gt 0 ; do
-  case $1 in
-    -h | --help | --h*)
-      echo "$usage"
-      exit 0
-      ;;
-    --list-archive)
-      list=yes
-      create=no
-      unpack=no
-      shift
-      ;;
-    --encrypt | -e)
-      gpg_args="$gpg_args --encrypt"
-      list=no
-      create=yes
-      unpack=no
-      shift
-      ;;
-    --decrypt | -d)
-      gpg_args="$gpg_args --decrypt"
-      list=no
-      create=no
-      unpack=yes
-      shift
-      ;;
-    --symmetric | -c)
-      gpg_args="$gpg_args --symmetric"
-      list=no
-      create=yes
-      unpack=no
-      shift
-      ;;
-    --sign | -s)
-      gpg_args="$gpg_args --sign"
-      list=no
-      create=yes
-      unpack=no
-      shift
-      ;;
-    --recipient | -r)
-      gpg_args="$gpg_args --recipient $2"
-      shift
-      shift
-      ;;
-    --local-user | -u)
-      gpg_args="$gpg_args --local-user $2"
-      shift
-      shift
-      ;;
-    --output | -o)
-      gpg_args="$gpg_args --output $2"
-      shift
-      shift
-      ;;
-    --version)
-      echo "gpg-zip (GnuPG) $VERSION"
-      exit 0
-      ;;
-    --gpg)
-      GPG=$2
-      shift
-      shift
-      ;;
-    --gpg-args)
-      gpg_args="$gpg_args $2"
-      shift
-      shift
-      ;;
-    --tar)
-      TAR=$2
-      shift
-      shift
-      ;;
-    --tar-args)
-      tar_args="$tar_args $2"
-      shift
-      shift
-      ;;
-    --)
-      shift
-      break
-      ;;
-    -*)
-      echo "$usage" 1>&2
-      exit 1
-      ;;
-    *)
-      break
-      ;;
-  esac
-done
-
-if test x$create = xyes ; then
-#   echo "$TAR $tar_args -cf - "$@" | $GPG --set-filename x.tar $gpg_args" 1>&2
-   $TAR $tar_args -cf - "$@" | $GPG --set-filename x.tar $gpg_args
-elif test x$list = xyes ; then
-#   echo "cat \"$1\" | $GPG $gpg_args | $TAR $tar_args -tf -" 1>&2
-   cat "$1" | $GPG $gpg_args | $TAR $tar_args -tf -
-elif test x$unpack = xyes ; then
-#   echo "cat \"$1\" | $GPG $gpg_args | $TAR $tar_args -xvf -" 1>&2
-   cat "$1" | $GPG $gpg_args | $TAR $tar_args -xvf -
-else
-   echo "$usage" 1>&2
-   exit 1
-fi
diff --git a/msys2/usr/bin/gpg.exe b/msys2/usr/bin/gpg.exe
index 5dd586d39..e93eb02e9 100644
Binary files a/msys2/usr/bin/gpg.exe and b/msys2/usr/bin/gpg.exe differ
diff --git a/msys2/usr/bin/gpgconf.exe b/msys2/usr/bin/gpgconf.exe
new file mode 100644
index 000000000..06dff2580
Binary files /dev/null and b/msys2/usr/bin/gpgconf.exe differ
diff --git a/msys2/usr/bin/gpgme-json.exe b/msys2/usr/bin/gpgme-json.exe
new file mode 100644
index 000000000..44442e0d2
Binary files /dev/null and b/msys2/usr/bin/gpgme-json.exe differ
diff --git a/msys2/usr/bin/gpgme-tool.exe b/msys2/usr/bin/gpgme-tool.exe
new file mode 100644
index 000000000..e1c98ba78
Binary files /dev/null and b/msys2/usr/bin/gpgme-tool.exe differ
diff --git a/msys2/usr/bin/gpgparsemail.exe b/msys2/usr/bin/gpgparsemail.exe
new file mode 100644
index 000000000..2842a42b9
Binary files /dev/null and b/msys2/usr/bin/gpgparsemail.exe differ
diff --git a/msys2/usr/bin/gpgscm.exe b/msys2/usr/bin/gpgscm.exe
new file mode 100644
index 000000000..5fb526356
Binary files /dev/null and b/msys2/usr/bin/gpgscm.exe differ
diff --git a/msys2/usr/bin/gpgsm.exe b/msys2/usr/bin/gpgsm.exe
new file mode 100644
index 000000000..94a9cd878
Binary files /dev/null and b/msys2/usr/bin/gpgsm.exe differ
diff --git a/msys2/usr/bin/gpgsplit.exe b/msys2/usr/bin/gpgsplit.exe
deleted file mode 100644
index 1e1ad141c..000000000
Binary files a/msys2/usr/bin/gpgsplit.exe and /dev/null differ
diff --git a/msys2/usr/bin/gpgtar.exe b/msys2/usr/bin/gpgtar.exe
new file mode 100644
index 000000000..1f0791940
Binary files /dev/null and b/msys2/usr/bin/gpgtar.exe differ
diff --git a/msys2/usr/bin/gpgv.exe b/msys2/usr/bin/gpgv.exe
index 336c184a3..f72039285 100644
Binary files a/msys2/usr/bin/gpgv.exe and b/msys2/usr/bin/gpgv.exe differ
diff --git a/msys2/usr/bin/grep.exe b/msys2/usr/bin/grep.exe
index 78985bf5a..20fa9bb84 100644
Binary files a/msys2/usr/bin/grep.exe and b/msys2/usr/bin/grep.exe differ
diff --git a/msys2/usr/bin/groups.exe b/msys2/usr/bin/groups.exe
index a263b59e2..ee395cb99 100644
Binary files a/msys2/usr/bin/groups.exe and b/msys2/usr/bin/groups.exe differ
diff --git a/msys2/usr/bin/gsettings.exe b/msys2/usr/bin/gsettings.exe
index d5a0edb83..f5e6dec16 100644
Binary files a/msys2/usr/bin/gsettings.exe and b/msys2/usr/bin/gsettings.exe differ
diff --git a/msys2/usr/bin/gunzip b/msys2/usr/bin/gunzip
index 8f0c24fcf..0708807f0 100644
--- a/msys2/usr/bin/gunzip
+++ b/msys2/usr/bin/gunzip
@@ -17,8 +17,8 @@
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
-version="gunzip (gzip) 1.9
-Copyright (C) 2007, 2011-2017 Free Software Foundation, Inc.
+version="gunzip (gzip) 1.10
+Copyright (C) 2007, 2011-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/gzexe b/msys2/usr/bin/gzexe
index 8e27da7fc..a2f15bf3b 100644
--- a/msys2/usr/bin/gzexe
+++ b/msys2/usr/bin/gzexe
@@ -36,8 +36,8 @@ nl='
 '
 IFS=" $tab$nl"
 
-version='gzexe (gzip) 1.9
-Copyright (C) 2007, 2011-2017 Free Software Foundation, Inc.
+version='gzexe (gzip) 1.10
+Copyright (C) 2007, 2011-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/gzip.exe b/msys2/usr/bin/gzip.exe
index 19e2b4e1f..a9886ebd8 100644
Binary files a/msys2/usr/bin/gzip.exe and b/msys2/usr/bin/gzip.exe differ
diff --git a/msys2/usr/bin/head.exe b/msys2/usr/bin/head.exe
index 52a551123..4dd048707 100644
Binary files a/msys2/usr/bin/head.exe and b/msys2/usr/bin/head.exe differ
diff --git a/msys2/usr/bin/hexdump.exe b/msys2/usr/bin/hexdump.exe
index cba323c0b..d6fc68f05 100644
Binary files a/msys2/usr/bin/hexdump.exe and b/msys2/usr/bin/hexdump.exe differ
diff --git a/msys2/usr/bin/hmac256.exe b/msys2/usr/bin/hmac256.exe
index a57c52ef6..3769f4286 100644
Binary files a/msys2/usr/bin/hmac256.exe and b/msys2/usr/bin/hmac256.exe differ
diff --git a/msys2/usr/bin/hostid.exe b/msys2/usr/bin/hostid.exe
index 0c1a70d4a..d93d36201 100644
Binary files a/msys2/usr/bin/hostid.exe and b/msys2/usr/bin/hostid.exe differ
diff --git a/msys2/usr/bin/hostname.exe b/msys2/usr/bin/hostname.exe
index ddf0b1f33..7151e520e 100644
Binary files a/msys2/usr/bin/hostname.exe and b/msys2/usr/bin/hostname.exe differ
diff --git a/msys2/usr/bin/id.exe b/msys2/usr/bin/id.exe
index fc9009614..f8a154a3e 100644
Binary files a/msys2/usr/bin/id.exe and b/msys2/usr/bin/id.exe differ
diff --git a/msys2/usr/bin/info.exe b/msys2/usr/bin/info.exe
index c936d9b27..2465c03a7 100644
Binary files a/msys2/usr/bin/info.exe and b/msys2/usr/bin/info.exe differ
diff --git a/msys2/usr/bin/infocmp.exe b/msys2/usr/bin/infocmp.exe
index 4dbb7ec03..33a77a370 100644
Binary files a/msys2/usr/bin/infocmp.exe and b/msys2/usr/bin/infocmp.exe differ
diff --git a/msys2/usr/bin/infotocap.exe b/msys2/usr/bin/infotocap.exe
index a982a3dc6..8a0fe9b56 100644
Binary files a/msys2/usr/bin/infotocap.exe and b/msys2/usr/bin/infotocap.exe differ
diff --git a/msys2/usr/bin/install-info.exe b/msys2/usr/bin/install-info.exe
index b84873136..bb26322c9 100644
Binary files a/msys2/usr/bin/install-info.exe and b/msys2/usr/bin/install-info.exe differ
diff --git a/msys2/usr/bin/install.exe b/msys2/usr/bin/install.exe
index 22a731157..baf044e3e 100644
Binary files a/msys2/usr/bin/install.exe and b/msys2/usr/bin/install.exe differ
diff --git a/msys2/usr/bin/ipcmk.exe b/msys2/usr/bin/ipcmk.exe
index abae0fe1f..23a542367 100644
Binary files a/msys2/usr/bin/ipcmk.exe and b/msys2/usr/bin/ipcmk.exe differ
diff --git a/msys2/usr/bin/isosize.exe b/msys2/usr/bin/isosize.exe
index 8dd3a0677..6f8e6253e 100644
Binary files a/msys2/usr/bin/isosize.exe and b/msys2/usr/bin/isosize.exe differ
diff --git a/msys2/usr/bin/join.exe b/msys2/usr/bin/join.exe
index ecb47d1e7..34f6c5c63 100644
Binary files a/msys2/usr/bin/join.exe and b/msys2/usr/bin/join.exe differ
diff --git a/msys2/usr/bin/kbxutil.exe b/msys2/usr/bin/kbxutil.exe
new file mode 100644
index 000000000..4888ce02b
Binary files /dev/null and b/msys2/usr/bin/kbxutil.exe differ
diff --git a/msys2/usr/bin/kill.exe b/msys2/usr/bin/kill.exe
index abecbd574..d5a44f351 100644
Binary files a/msys2/usr/bin/kill.exe and b/msys2/usr/bin/kill.exe differ
diff --git a/msys2/usr/bin/ldd.exe b/msys2/usr/bin/ldd.exe
index f6489890d..a6be6a8b8 100644
Binary files a/msys2/usr/bin/ldd.exe and b/msys2/usr/bin/ldd.exe differ
diff --git a/msys2/usr/bin/ldh.exe b/msys2/usr/bin/ldh.exe
index 7d363441e..603eb03c4 100644
Binary files a/msys2/usr/bin/ldh.exe and b/msys2/usr/bin/ldh.exe differ
diff --git a/msys2/usr/bin/less.exe b/msys2/usr/bin/less.exe
index fb2912cb9..3c520237c 100644
Binary files a/msys2/usr/bin/less.exe and b/msys2/usr/bin/less.exe differ
diff --git a/msys2/usr/bin/lessecho.exe b/msys2/usr/bin/lessecho.exe
index 62aa3d9a7..3bbdbb4f2 100644
Binary files a/msys2/usr/bin/lessecho.exe and b/msys2/usr/bin/lessecho.exe differ
diff --git a/msys2/usr/bin/lesskey.exe b/msys2/usr/bin/lesskey.exe
index fbc3e253a..16dcb41ea 100644
Binary files a/msys2/usr/bin/lesskey.exe and b/msys2/usr/bin/lesskey.exe differ
diff --git a/msys2/usr/bin/libfdt.dll b/msys2/usr/bin/libfdt.dll
new file mode 100644
index 000000000..0eb7955a8
Binary files /dev/null and b/msys2/usr/bin/libfdt.dll differ
diff --git a/msys2/usr/bin/link.exe b/msys2/usr/bin/link.exe
index 9d0ff88a0..51d85bba5 100644
Binary files a/msys2/usr/bin/link.exe and b/msys2/usr/bin/link.exe differ
diff --git a/msys2/usr/bin/ln.exe b/msys2/usr/bin/ln.exe
index f879e6d28..999d2e366 100644
Binary files a/msys2/usr/bin/ln.exe and b/msys2/usr/bin/ln.exe differ
diff --git a/msys2/usr/bin/locale.exe b/msys2/usr/bin/locale.exe
index cd7e13ee4..561d265f3 100644
Binary files a/msys2/usr/bin/locale.exe and b/msys2/usr/bin/locale.exe differ
diff --git a/msys2/usr/bin/logger.exe b/msys2/usr/bin/logger.exe
index e56b662f1..c2ab0bb46 100644
Binary files a/msys2/usr/bin/logger.exe and b/msys2/usr/bin/logger.exe differ
diff --git a/msys2/usr/bin/logname.exe b/msys2/usr/bin/logname.exe
index a0da19eae..bf5f32d59 100644
Binary files a/msys2/usr/bin/logname.exe and b/msys2/usr/bin/logname.exe differ
diff --git a/msys2/usr/bin/look.exe b/msys2/usr/bin/look.exe
index c635795aa..2120f681d 100644
Binary files a/msys2/usr/bin/look.exe and b/msys2/usr/bin/look.exe differ
diff --git a/msys2/usr/bin/ls.exe b/msys2/usr/bin/ls.exe
index 63478e4f8..d620c0b44 100644
Binary files a/msys2/usr/bin/ls.exe and b/msys2/usr/bin/ls.exe differ
diff --git a/msys2/usr/bin/lsattr.exe b/msys2/usr/bin/lsattr.exe
new file mode 100644
index 000000000..1eae599b9
Binary files /dev/null and b/msys2/usr/bin/lsattr.exe differ
diff --git a/msys2/usr/bin/lzcat.exe b/msys2/usr/bin/lzcat.exe
index d0ae520e1..6b754aa48 100644
Binary files a/msys2/usr/bin/lzcat.exe and b/msys2/usr/bin/lzcat.exe differ
diff --git a/msys2/usr/bin/lzcmp b/msys2/usr/bin/lzcmp
index bc665f527..bbf57d24d 100644
--- a/msys2/usr/bin/lzcmp
+++ b/msys2/usr/bin/lzcmp
@@ -29,7 +29,7 @@ case ${0##*/} in
   *)     prog=xzdiff; cmp=${DIFF:-diff};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... FILE1 [FILE2]
 Compare FILE1 to FILE2, using their uncompressed contents if they are
diff --git a/msys2/usr/bin/lzdiff b/msys2/usr/bin/lzdiff
index bc665f527..bbf57d24d 100644
--- a/msys2/usr/bin/lzdiff
+++ b/msys2/usr/bin/lzdiff
@@ -29,7 +29,7 @@ case ${0##*/} in
   *)     prog=xzdiff; cmp=${DIFF:-diff};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... FILE1 [FILE2]
 Compare FILE1 to FILE2, using their uncompressed contents if they are
diff --git a/msys2/usr/bin/lzegrep b/msys2/usr/bin/lzegrep
index 4fdb5335d..904888d27 100644
--- a/msys2/usr/bin/lzegrep
+++ b/msys2/usr/bin/lzegrep
@@ -33,7 +33,7 @@ case ${0##*/} in
   *)       prog=xzgrep; grep=${GREP:-grep};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... [-e] PATTERN [FILE]...
 Look for instances of PATTERN in the input FILEs, using their
diff --git a/msys2/usr/bin/lzfgrep b/msys2/usr/bin/lzfgrep
index 4fdb5335d..904888d27 100644
--- a/msys2/usr/bin/lzfgrep
+++ b/msys2/usr/bin/lzfgrep
@@ -33,7 +33,7 @@ case ${0##*/} in
   *)       prog=xzgrep; grep=${GREP:-grep};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... [-e] PATTERN [FILE]...
 Look for instances of PATTERN in the input FILEs, using their
diff --git a/msys2/usr/bin/lzgrep b/msys2/usr/bin/lzgrep
index 4fdb5335d..904888d27 100644
--- a/msys2/usr/bin/lzgrep
+++ b/msys2/usr/bin/lzgrep
@@ -33,7 +33,7 @@ case ${0##*/} in
   *)       prog=xzgrep; grep=${GREP:-grep};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... [-e] PATTERN [FILE]...
 Look for instances of PATTERN in the input FILEs, using their
diff --git a/msys2/usr/bin/lzless b/msys2/usr/bin/lzless
index 0425cc112..33a1ec86c 100644
--- a/msys2/usr/bin/lzless
+++ b/msys2/usr/bin/lzless
@@ -22,7 +22,7 @@
 # specified via XZ_OPT.
 xz='xz --format=auto'
 
-version='xzless (XZ Utils) 5.2.3'
+version='xzless (XZ Utils) 5.2.4'
 
 usage="Usage: ${0##*/} [OPTION]... [FILE]...
 Like 'less', but operate on the uncompressed contents of xz compressed FILEs.
diff --git a/msys2/usr/bin/lzma.exe b/msys2/usr/bin/lzma.exe
index d0ae520e1..6b754aa48 100644
Binary files a/msys2/usr/bin/lzma.exe and b/msys2/usr/bin/lzma.exe differ
diff --git a/msys2/usr/bin/lzmadec.exe b/msys2/usr/bin/lzmadec.exe
index 4cfa9062e..0d0c8a4e5 100644
Binary files a/msys2/usr/bin/lzmadec.exe and b/msys2/usr/bin/lzmadec.exe differ
diff --git a/msys2/usr/bin/lzmainfo.exe b/msys2/usr/bin/lzmainfo.exe
index 0bd4dd502..4155798c1 100644
Binary files a/msys2/usr/bin/lzmainfo.exe and b/msys2/usr/bin/lzmainfo.exe differ
diff --git a/msys2/usr/bin/lzmore b/msys2/usr/bin/lzmore
index bed3d2489..a1f6befc5 100644
--- a/msys2/usr/bin/lzmore
+++ b/msys2/usr/bin/lzmore
@@ -22,7 +22,7 @@
 # specified via XZ_OPT.
 xz='xz --format=auto'
 
-version='xzmore (XZ Utils) 5.2.3'
+version='xzmore (XZ Utils) 5.2.4'
 
 usage="Usage: ${0##*/} [OPTION]... [FILE]...
 Like 'more', but operate on the uncompressed contents of xz compressed FILEs.
diff --git a/msys2/usr/bin/m4.exe b/msys2/usr/bin/m4.exe
index a7ba76e33..3e90179e7 100644
Binary files a/msys2/usr/bin/m4.exe and b/msys2/usr/bin/m4.exe differ
diff --git a/msys2/usr/bin/makepkg b/msys2/usr/bin/makepkg
index 8b0cc9f1a..33c8cc478 100644
--- a/msys2/usr/bin/makepkg
+++ b/msys2/usr/bin/makepkg
@@ -3,7 +3,7 @@
 #   makepkg - make packages compatible for use with pacman
 #   Generated from makepkg.sh.in; do not edit by hand.
 #
-#   Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #   Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
 #   Copyright (c) 2005 by Aurelien Foret <orelien@chez.com>
 #   Copyright (c) 2006 by Miklos Vajna <vmiklos@frugalware.org>
@@ -28,7 +28,7 @@
 # makepkg uses quite a few external programs during its execution. You
 # need to have at least the following installed for makepkg to function:
 #   awk, bsdtar (libarchive), bzip2, coreutils, file, find (findutils),
-#   gettext, gpg, grep, gzip, openssl, sed, tput (ncurses), xz
+#   gettext, gpg, grep, gzip, sed, tput (ncurses), xz
 
 # gettext initialization
 export TEXTDOMAIN='pacman-scripts'
@@ -41,10 +41,10 @@ unset CDPATH
 # Ensure GREP_OPTIONS doesn't screw with our grep calls
 unset GREP_OPTIONS
 
-declare -r makepkg_version='5.0.1'
+declare -r makepkg_version='5.1.3'
 declare -r confdir='/etc'
 declare -r BUILDSCRIPT='PKGBUILD'
-declare -r startdir="$PWD"
+declare -r startdir="$(pwd -P)"
 
 LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
 
@@ -78,6 +78,7 @@ PKGFUNC=0
 PKGVERFUNC=0
 PREPAREFUNC=0
 REPKG=0
+REPRODUCIBLE=0
 RMDEPS=0
 SKIPCHECKSUMS=0
 SKIPPGPCHECK=0
@@ -86,7 +87,14 @@ SPLITPKG=0
 SOURCEONLY=0
 VERIFYSOURCE=0
 
-PACMAN_OPTS=
+if [[ -n $SOURCE_DATE_EPOCH ]]; then
+	REPRODUCIBLE=1
+else
+	SOURCE_DATE_EPOCH=$(date +%s)
+fi
+export SOURCE_DATE_EPOCH
+
+PACMAN_OPTS=()
 
 shopt -s extglob
 
@@ -157,7 +165,7 @@ trap_exit() {
 clean_up() {
 	local EXIT_CODE=$?
 
-	if (( ! EXIT_CODE && CLEANUP )); then
+	if (( (EXIT_CODE == E_OK || EXIT_CODE == E_INSTALL_FAILED) && CLEANUP )); then
 		local pkg file
 
 		# If it's a clean exit and -c/--clean has been passed...
@@ -166,6 +174,12 @@ clean_up() {
 		if [[ -n $pkgbase ]]; then
 			local fullver=$(get_full_version)
 			# Can't do this unless the BUILDSCRIPT has been sourced.
+			if (( PKGVERFUNC )); then
+				rm -f "${pkgbase}-${fullver}-${CARCH}-pkgver.log"*
+			fi
+			if (( PREPAREFUNC )); then
+				rm -f "${pkgbase}-${fullver}-${CARCH}-prepare.log"*
+			fi
 			if (( BUILDFUNC )); then
 				rm -f "${pkgbase}-${fullver}-${CARCH}-build.log"*
 			fi
@@ -194,28 +208,23 @@ clean_up() {
 	remove_deps
 }
 
-enter_fakeroot() {
-	msg "$(gettext "Entering %s environment...")" "fakeroot"
-	fakeroot -- $0 -F "${ARGLIST[@]}" || exit $?
-}
-
 # Automatically update pkgver variable if a pkgver() function is provided
 # Re-sources the PKGBUILD afterwards to allow for other variables that use $pkgver
 update_pkgver() {
 	newpkgver=$(run_function_safe pkgver)
 	if ! check_pkgver "$newpkgver"; then
 		error "$(gettext "pkgver() generated an invalid version: %s")" "$newpkgver"
-		exit 1
+		exit $E_PKGBUILD_ERROR
 	fi
 
 	if [[ -n $newpkgver && $newpkgver != "$pkgver" ]]; then
 		if [[ -f $BUILDFILE && -w $BUILDFILE ]]; then
-			if ! sed --follow-symlinks -i "s:^pkgver=[^ ]*:pkgver=$newpkgver:" "$BUILDFILE"; then
+			if ! /usr/bin/sed --follow-symlinks -i "s:^pkgver=[^ ]*:pkgver=$newpkgver:" "$BUILDFILE"; then
 				error "$(gettext "Failed to update %s from %s to %s")" \
 						"pkgver" "$pkgver" "$newpkgver"
-				exit 1
+				exit $E_PKGBUILD_ERROR
 			fi
-			sed --follow-symlinks -i "s:^pkgrel=[^ ]*:pkgrel=1:" "$BUILDFILE"
+			/usr/bin/sed --follow-symlinks -i "s:^pkgrel=[^ ]*:pkgrel=1:" "$BUILDFILE"
 			source_safe "$BUILDFILE"
 			local fullver=$(get_full_version)
 			msg "$(gettext "Updated version: %s")" "$pkgbase $fullver"
@@ -230,29 +239,16 @@ update_pkgver() {
 missing_source_file() {
 	error "$(gettext "Unable to find source file %s.")" "$(get_filename "$1")"
 	plain "$(gettext "Aborting...")"
-	exit 1 # $E_MISSING_FILE
-}
-
-source_has_signatures() {
-	local file all_sources
-
-	get_all_sources_for_arch 'all_sources'
-	for file in "${all_sources[@]}"; do
-		if [[ ${file%%::*} = *.@(sig?(n)|asc) ]]; then
-			return 0
-		fi
-	done
-	return 1
+	exit $E_MISSING_FILE
 }
 
 run_pacman() {
 	local cmd
-	if [[ $1 != -@(T|Qq) ]]; then
-		cmd=("$PACMAN_PATH" $PACMAN_OPTS "$@")
+	if [[ $1 != -@(T|Q)*([[:alpha:]]) ]]; then
+		cmd=("$PACMAN_PATH" "${PACMAN_OPTS[@]}" "$@")
 	else
 		cmd=("$PACMAN_PATH" "$@")
 	fi
-
 	"${cmd[@]}"
 }
 
@@ -278,7 +274,7 @@ handle_deps() {
 
 	(( $# == 0 )) && return $R_DEPS_SATISFIED
 
-	local deplist="$*"
+	local deplist=("$@")
 
 	if (( ! DEP_BIN )); then
 		return $R_DEPS_MISSING
@@ -288,19 +284,23 @@ handle_deps() {
 		# install missing deps from binary packages (using pacman -S)
 		msg "$(gettext "Installing missing dependencies...")"
 
-		if ! run_pacman -S --asdeps $deplist; then
+		if ! run_pacman -S --asdeps "${deplist[@]}"; then
 			error "$(gettext "'%s' failed to install missing dependencies.")" "$PACMAN"
-			exit 1 # TODO: error code
+			exit $E_INSTALL_DEPS_FAILED
 		fi
 	fi
 
 	# we might need the new system environment
 	# save our shell options and turn off extglob
-	local shellopts=$(shopt -p)
+	local shellopts=$(shopt -p extglob)
 	shopt -u extglob
 	source /etc/profile &>/dev/null
 	eval "$shellopts"
 
+	# umask might have been changed in /etc/profile
+	# ensure that sane default is set again
+	umask 0022
+
 	return $R_DEPS_SATISFIED
 }
 
@@ -311,18 +311,18 @@ resolve_deps() {
 	# deplist cannot be declared like this: local deplist=$(foo)
 	# Otherwise, the return value will depend on the assignment.
 	local deplist
-	deplist="$(set +E; check_deps $*)" || exit 1
+	deplist=($(check_deps "$@")) || exit $E_INSTALL_DEPS_FAILED
 	[[ -z $deplist ]] && return $R_DEPS_SATISFIED
 
-	if handle_deps $deplist; then
+	if handle_deps "${deplist[@]}"; then
 		# check deps again to make sure they were resolved
-		deplist="$(set +E; check_deps $*)" || exit 1
+		deplist=$(check_deps "$@") || exit $E_INSTALL_DEPS_FAILED
 		[[ -z $deplist ]] && return $R_DEPS_SATISFIED
 	fi
 
 	msg "$(gettext "Missing dependencies:")"
 	local dep
-	for dep in $deplist; do
+	for dep in ${deplist[@]}; do
 		msg2 "$dep"
 	done
 
@@ -330,14 +330,14 @@ resolve_deps() {
 }
 
 remove_deps() {
-	(( ! RMDEPS )) && return
+	(( ! RMDEPS )) && return 0
 
 	# check for packages removed during dependency install (e.g. due to conflicts)
 	# removing all installed packages is risky in this case
 	if [[ -n $(grep -xvFf <(printf '%s\n' "${current_pkglist[@]}") \
 			<(printf '%s\n' "${original_pkglist[@]}")) ]]; then
 		warning "$(gettext "Failed to remove installed dependencies.")"
-		return 0
+		return $E_REMOVE_DEPS_FAILED
 	fi
 
 	local deplist
@@ -351,400 +351,7 @@ remove_deps() {
 	# exit cleanly on failure to remove deps as package has been built successfully
 	if ! run_pacman -Rn ${deplist[@]}; then
 		warning "$(gettext "Failed to remove installed dependencies.")"
-		return 0
-	fi
-}
-
-get_integlist() {
-	local integ
-	local integlist=()
-
-	for integ in "${known_hash_algos[@]}"; do
-		local sumname="${integ}sums[@]"
-		if [[ -n ${!sumname} ]]; then
-			integlist+=("$integ")
-		fi
-	done
-
-	if (( ${#integlist[@]} > 0 )); then
-		printf "%s\n" "${integlist[@]}"
-	else
-		printf "%s\n" "${INTEGRITY_CHECK[@]}"
-	fi
-}
-
-generate_one_checksum() {
-	local integ=$1 arch=$2 sources numsrc indentsz idx
-
-	if [[ $arch ]]; then
-		array_build sources "source_$arch"
-	else
-		array_build sources 'source'
-	fi
-
-	numsrc=${#sources[*]}
-	if (( numsrc == 0 )); then
-		return
-	fi
-
-	if [[ $arch ]]; then
-		printf "%ssums_%s=(%n" "$integ" "$arch" indentsz
-	else
-		printf "%ssums=(%n" "$integ" indentsz
-	fi
-
-	for (( idx = 0; idx < numsrc; ++idx )); do
-		local netfile=${sources[idx]}
-		local proto sum
-		proto="$(get_protocol "$netfile")"
-
-		case $proto in
-			bzr*|git*|hg*|svn*)
-				sum="SKIP"
-				;;
-			*)
-				if [[ $netfile != *.@(sig?(n)|asc) ]]; then
-					local file
-					file="$(get_filepath "$netfile")" || missing_source_file "$netfile"
-					sum="$(openssl dgst -${integ} "$file")"
-					sum=${sum##* }
-				else
-					sum="SKIP"
-				fi
-				;;
-		esac
-
-		# indent checksum on lines after the first
-		printf "%*s%s" $(( idx ? indentsz : 0 )) '' "'$sum'"
-
-		# print a newline on lines before the last
-		(( idx < (numsrc - 1) )) && echo
-	done
-
-	echo ")"
-}
-
-generate_checksums() {
-	msg "$(gettext "Generating checksums for source files...")"
-
-	if ! type -p openssl >/dev/null; then
-		error "$(gettext "Cannot find the %s binary required for generating sourcefile checksums.")" "openssl"
-		exit 1 # $E_MISSING_PROGRAM
-	fi
-
-	local integlist
-	if (( $# == 0 )); then
-		IFS=$'\n' read -rd '' -a integlist < <(get_integlist)
-	else
-		integlist=("$@")
-	fi
-
-	local integ
-	for integ in "${integlist[@]}"; do
-		if ! in_array "$integ" "${known_hash_algos[@]}"; then
-			error "$(gettext "Invalid integrity algorithm '%s' specified.")" "$integ"
-			exit 1 # $E_CONFIG_ERROR
-		fi
-
-		generate_one_checksum "$integ"
-		for a in "${arch[@]}"; do
-			generate_one_checksum "$integ" "$a"
-		done
-	done
-}
-
-verify_integrity_one() {
-	local source_name=$1 integ=$2 expectedsum=$3
-
-	local file="$(get_filename "$source_name")"
-	printf '    %s ... ' "$file" >&2
-
-	if [[ $expectedsum = 'SKIP' ]]; then
-		printf '%s\n' "$(gettext "Skipped")" >&2
-		return
-	fi
-
-	if ! file="$(get_filepath "$file")"; then
-		printf '%s\n' "$(gettext "NOT FOUND")" >&2
-		return 1
-	fi
-
-	local realsum="$(openssl dgst -${integ} "$file")"
-	realsum="${realsum##* }"
-	if [[ ${expectedsum,,} = "$realsum" ]]; then
-		printf '%s\n' "$(gettext "Passed")" >&2
-	else
-		printf '%s\n' "$(gettext "FAILED")" >&2
-		return 1
-	fi
-
-	return 0
-}
-
-verify_integrity_sums() {
-	local integ=$1 arch=$2 integrity_sums=() sources=() srcname
-
-	if [[ $arch ]]; then
-		array_build integrity_sums "${integ}sums_$arch"
-		srcname=source_$arch
-	else
-		array_build integrity_sums "${integ}sums"
-		srcname=source
-	fi
-
-	array_build sources "$srcname"
-	if (( ${#integrity_sums[@]} == 0 && ${#sources[@]} == 0 )); then
-		return 1
-	fi
-
-	if (( ${#integrity_sums[@]} == ${#sources[@]} )); then
-		msg "$(gettext "Validating %s files with %s...")" "$srcname" "${integ}sums"
-		local idx errors=0
-		for (( idx = 0; idx < ${#sources[*]}; idx++ )); do
-			verify_integrity_one "${sources[idx]}" "$integ" "${integrity_sums[idx]}" || errors=1
-		done
-
-		if (( errors )); then
-			error "$(gettext "One or more files did not pass the validity check!")"
-			exit 1 # TODO: error code
-		fi
-	elif (( ${#integrity_sums[@]} )); then
-		error "$(gettext "Integrity checks (%s) differ in size from the source array.")" "$integ"
-		exit 1 # TODO: error code
-	else
-		return 1
-	fi
-}
-
-check_checksums() {
-	local integ a
-	declare -A correlation
-	(( SKIPCHECKSUMS )) && return 0
-
-	# Initialize a map which we'll use to verify that every source array has at
-	# least some kind of checksum array associated with it.
-	(( ${#source[*]} )) && correlation['source']=1
-	case $1 in
-		all)
-			for a in "${arch[@]}"; do
-				array_build _ source_"$a" && correlation["source_$a"]=1
-			done
-			;;
-		*)
-			array_build _ source_"$CARCH" && correlation["source_$CARCH"]=1
-			;;
-	esac
-
-	for integ in "${known_hash_algos[@]}"; do
-		verify_integrity_sums "$integ" && unset "correlation[source]"
-
-		case $1 in
-			all)
-				for a in "${arch[@]}"; do
-					verify_integrity_sums "$integ" "$a" && unset "correlation[source_$a]"
-				done
-				;;
-			*)
-				verify_integrity_sums "$integ" "$CARCH" && unset "correlation[source_$CARCH]"
-				;;
-		esac
-	done
-
-	if (( ${#correlation[*]} )); then
-		error "$(gettext "Integrity checks are missing for: %s")" "${!correlation[*]}"
-		exit 1 # TODO: error code
-	fi
-}
-
-parse_gpg_statusfile() {
-	local type arg1 arg6 arg10
-
-	while read -r _ type arg1 _ _ _ _ arg6 _ _ _ arg10 _; do
-		case "$type" in
-			GOODSIG)
-				pubkey=$arg1
-				success=1
-				status="good"
-				;;
-			EXPSIG)
-				pubkey=$arg1
-				success=1
-				status="expired"
-				;;
-			EXPKEYSIG)
-				pubkey=$arg1
-				success=1
-				status="expiredkey"
-				;;
-			REVKEYSIG)
-				pubkey=$arg1
-				success=0
-				status="revokedkey"
-				;;
-			BADSIG)
-				pubkey=$arg1
-				success=0
-				status="bad"
-				;;
-			ERRSIG)
-				pubkey=$arg1
-				success=0
-				if [[ $arg6 == 9 ]]; then
-					status="missingkey"
-				else
-					status="error"
-				fi
-				;;
-			VALIDSIG)
-				if [[ $arg10 ]]; then
-					# If the file was signed with a subkey, arg10 contains
-					# the fingerprint of the primary key
-					fingerprint=$arg10
-				else
-					fingerprint=$arg1
-				fi
-				;;
-			TRUST_UNDEFINED|TRUST_NEVER)
-				trusted=0
-				;;
-			TRUST_MARGINAL|TRUST_FULLY|TRUST_ULTIMATE)
-				trusted=1
-				;;
-		esac
-	done < "$1"
-}
-
-check_pgpsigs() {
-	(( SKIPPGPCHECK )) && return 0
-	! source_has_signatures && return 0
-
-	msg "$(gettext "Verifying source file signatures with %s...")" "gpg"
-
-	local file ext decompress found pubkey success status fingerprint trusted
-	local warning=0
-	local errors=0
-	local statusfile=$(mktemp)
-	local all_sources
-
-	case $1 in
-		all)
-			get_all_sources 'all_sources'
-			;;
-		*)
-			get_all_sources_for_arch 'all_sources'
-			;;
-	esac
-	for file in "${all_sources[@]}"; do
-		file="$(get_filename "$file")"
-		if [[ $file != *.@(sig?(n)|asc) ]]; then
-			continue
-		fi
-
-		printf "    %s ... " "${file%.*}" >&2
-
-		if ! file="$(get_filepath "$file")"; then
-			printf '%s\n' "$(gettext "SIGNATURE NOT FOUND")" >&2
-			errors=1
-			continue
-		fi
-
-		found=0
-		for ext in "" gz bz2 xz lrz lzo Z; do
-			if sourcefile="$(get_filepath "${file%.*}${ext:+.$ext}")"; then
-				found=1
-				break;
-			fi
-		done
-		if (( ! found )); then
-			printf '%s\n' "$(gettext "SOURCE FILE NOT FOUND")" >&2
-			errors=1
-			continue
-		fi
-
-		case "$ext" in
-			gz)  decompress="gzip -c -d -f" ;;
-			bz2) decompress="bzip2 -c -d -f" ;;
-			xz)  decompress="xz -c -d" ;;
-			lrz) decompress="lrzip -q -d" ;;
-			lzo) decompress="lzop -c -d -q" ;;
-			Z)   decompress="uncompress -c -f" ;;
-			"")  decompress="cat" ;;
-		esac
-
-		$decompress < "$sourcefile" | gpg --quiet --batch --status-file "$statusfile" --verify "$file" - 2> /dev/null
-		# these variables are assigned values in parse_gpg_statusfile
-		success=0
-		status=
-		pubkey=
-		fingerprint=
-		trusted=
-		parse_gpg_statusfile "$statusfile"
-		if (( ! $success )); then
-			printf '%s' "$(gettext "FAILED")" >&2
-			case "$status" in
-				"missingkey")
-					printf ' (%s)' "$(gettext "unknown public key") $pubkey" >&2
-					;;
-				"revokedkey")
-					printf " ($(gettext "public key %s has been revoked"))" "$pubkey" >&2
-					;;
-				"bad")
-					printf ' (%s)' "$(gettext "bad signature from public key") $pubkey" >&2
-					;;
-				"error")
-					printf ' (%s)' "$(gettext "error during signature verification")" >&2
-					;;
-			esac
-			errors=1
-		else
-			if (( ${#validpgpkeys[@]} == 0 && !trusted )); then
-				printf "%s ($(gettext "the public key %s is not trusted"))" $(gettext "FAILED") "$fingerprint" >&2
-				errors=1
-			elif (( ${#validpgpkeys[@]} > 0 )) && ! in_array "$fingerprint" "${validpgpkeys[@]}"; then
-				printf "%s (%s %s)" "$(gettext "FAILED")" "$(gettext "invalid public key")" "$fingerprint"
-				errors=1
-			else
-				printf '%s' "$(gettext "Passed")" >&2
-				case "$status" in
-					"expired")
-						printf ' (%s)' "$(gettext "WARNING:") $(gettext "the signature has expired.")" >&2
-						warnings=1
-						;;
-					"expiredkey")
-						printf ' (%s)' "$(gettext "WARNING:") $(gettext "the key has expired.")" >&2
-						warnings=1
-						;;
-				esac
-			fi
-		fi
-		printf '\n' >&2
-	done
-
-	rm -f "$statusfile"
-
-	if (( errors )); then
-		error "$(gettext "One or more PGP signatures could not be verified!")"
-		exit 1
-	fi
-
-	if (( warnings )); then
-		warning "$(gettext "Warnings have occurred while verifying the signatures.")"
-		plain "$(gettext "Please make sure you really trust them.")"
-	fi
-}
-
-check_source_integrity() {
-	if (( SKIPCHECKSUMS && SKIPPGPCHECK )); then
-		warning "$(gettext "Skipping all source file integrity checks.")"
-	elif (( SKIPCHECKSUMS )); then
-		warning "$(gettext "Skipping verification of source file checksums.")"
-		check_pgpsigs "$@"
-	elif (( SKIPPGPCHECK )); then
-		warning "$(gettext "Skipping verification of source file PGP signatures.")"
-		check_checksums "$@"
-	else
-		check_checksums "$@"
-		check_pgpsigs "$@"
+		return $E_REMOVE_DEPS_FAILED
 	fi
 }
 
@@ -757,14 +364,14 @@ error_function() {
 		error "$(gettext "A failure occurred in %s().")" "$1"
 		plain "$(gettext "Aborting...")"
 	fi
-	exit 2 # $E_BUILD_FAILED
+	exit $E_USER_FUNCTION_FAILED
 }
 
 source_safe() {
 	shopt -u extglob
 	if ! source "$@"; then
 		error "$(gettext "Failed to source %s")" "$1"
-		exit 1
+		exit $E_MISSING_FILE
 	fi
 	shopt -s extglob
 }
@@ -786,35 +393,15 @@ source_buildfile() {
 	source_safe "$@"
 }
 
-run_function_safe() {
-	local restoretrap
-
-	set -e
-	set -E
-
-	restoretrap=$(trap -p ERR)
-	trap 'error_function $pkgfunc' ERR
-
-	run_function "$1"
-
-	eval $restoretrap
-
-	set +E
-	set +e
-}
-
-run_function() {
-	if [[ -z $1 ]]; then
-		return 1
-	fi
-	local pkgfunc="$1"
-
+prepare_buildenv() {
 	# clear user-specified buildflags if requested
 	if check_option "buildflags" "n"; then
 		unset CPPFLAGS CFLAGS CXXFLAGS LDFLAGS
 	fi
 
 	if check_option "debug" "y"; then
+		DEBUG_CFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}"
+		DEBUG_CXXFLAGS+=" -fdebug-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}"
 		CFLAGS+=" $DEBUG_CFLAGS"
 		CXXFLAGS+=" $DEBUG_CXXFLAGS"
 	fi
@@ -824,13 +411,59 @@ run_function() {
 		unset MAKEFLAGS
 	fi
 
+	# ensure all necessary build variables are exported
+	export CPPFLAGS CFLAGS CXXFLAGS LDFLAGS MAKEFLAGS CHOST
+
+	local ccache=0
+
+	# use ccache if it is requested (check buildenv and PKGBUILD opts)
+	if check_buildoption "ccache" "y" && [[ -d /usr/lib/ccache/bin ]]; then
+		export PATH="/usr/lib/ccache/bin:$PATH"
+		ccache=1
+	fi
+
+	# use distcc if it is requested (check buildenv and PKGBUILD opts)
+	if check_buildoption "distcc" "y"; then
+		if (( ccache )); then
+			export CCACHE_PREFIX="${CCACHE_PREFIX:+$CCACHE_PREFIX }distcc"
+			export CCACHE_BASEDIR="$srcdir"
+		elif [[ -d /usr/lib/distcc/bin ]]; then
+			export PATH="/usr/lib/distcc/bin:$PATH"
+		fi
+		export DISTCC_HOSTS
+	fi
+}
+
+run_function_safe() {
+	local restoretrap restoreset restoreshopt
+
+	# we don't set any special shopts of our own, but we don't want the user to
+	# muck with our environment.
+	restoreshopt=$(shopt -p)
+
+	restoreset=$(shopt -o -p)
+	shopt -o -s errexit errtrace
+
+	restoretrap=$(trap -p ERR)
+	trap "error_function '$1'" ERR
+
+	run_function "$1"
+
+	trap - ERR
+	eval "$restoretrap"
+	eval "$restoreset"
+	eval "$restoreshopt"
+}
+
+run_function() {
+	if [[ -z $1 ]]; then
+		return 1
+	fi
+	local pkgfunc="$1"
+
 	msg "$(gettext "Starting %s()...")" "$pkgfunc"
 	cd_safe "$srcdir"
 
-	# ensure all necessary build variables are exported
-	export CPPFLAGS CFLAGS CXXFLAGS LDFLAGS MAKEFLAGS CHOST
-	export MINGW_CHOST MINGW_PREFIX MINGW_PACKAGE_PREFIX
-	export DXSDK_DIR ACLOCAL_PATH PKG_CONFIG_PATH
 	# save our shell options so pkgfunc() can't override what we need
 	local shellopts=$(shopt -p)
 
@@ -872,25 +505,6 @@ run_prepare() {
 }
 
 run_build() {
-	local ccache=0
-
-	# use ccache if it is requested (check buildenv and PKGBUILD opts)
-	if check_buildoption "ccache" "y" && [[ -d /usr/lib/ccache/bin ]]; then
-		export PATH="/usr/lib/ccache/bin:$PATH"
-		ccache=1
-	fi
-
-	# use distcc if it is requested (check buildenv and PKGBUILD opts)
-	if check_buildoption "distcc" "y"; then
-		if (( ccache )); then
-			export CCACHE_PREFIX="${CCACHE_PREFIX:+$CCACHE_PREFIX }distcc"
-			export CCACHE_BASEDIR="$srcdir"
-		elif [[ -d /usr/lib/distcc/bin ]]; then
-			export PATH="/usr/lib/distcc/bin:$PATH"
-		fi
-		export DISTCC_HOSTS
-	fi
-
 	run_function_safe "build"
 }
 
@@ -921,8 +535,8 @@ find_libdepends() {
 	done
 
 	if (( sodepends == 0 )); then
-		printf '%s\n' "${depends[@]}"
-		return;
+		(( ${#depends[@]} )) && printf '%s\n' "${depends[@]}"
+		return 0
 	fi
 
 	local libdeps filename soarch sofile soname;
@@ -975,7 +589,7 @@ find_libdepends() {
 		esac
 	done
 
-	printf '%s\n' "${libdepends[@]}"
+	(( ${#libdepends[@]} )) && printf '%s\n' "${libdepends[@]}"
 }
 
 
@@ -1017,118 +631,23 @@ find_libprovides() {
 		fi
 	done
 
-	printf '%s\n' "${libprovides[@]}"
+	(( ${#libprovides[@]} )) && printf '%s\n' "${libprovides[@]}"
 }
 
-srcinfo_open_section() {
-	printf '%s = %s\n' "$1" "$2"
-}
+write_kv_pair() {
+	local key="$1"
+	shift
 
-srcinfo_close_section() {
-	echo
-}
-
-srcinfo_write_attr() {
-	# $1: attr name
-	# $2: attr values
-
-	local attrname=$1 attrvalues=("${@:2}")
-
-	# normalize whitespace, strip leading and trailing
-	attrvalues=("${attrvalues[@]//+([[:space:]])/ }")
-	attrvalues=("${attrvalues[@]#[[:space:]]}")
-	attrvalues=("${attrvalues[@]%[[:space:]]}")
-
-	printf "\t$attrname = %s\n" "${attrvalues[@]}"
-}
-
-pkgbuild_extract_to_srcinfo() {
-	# $1: pkgname
-	# $2: attr name
-	# $3: multivalued
-
-	local pkgname=$1 attrname=$2 isarray=$3 outvalue=
-
-	if get_pkgbuild_attribute "$pkgname" "$attrname" "$isarray" 'outvalue'; then
-		srcinfo_write_attr "$attrname" "${outvalue[@]}"
-	fi
-}
-
-srcinfo_write_section_details() {
-	local attr package_arch a
-	local multivalued_arch_attrs=(source provides conflicts depends replaces
-	                              optdepends makedepends checkdepends
-	                              {md5,sha{1,224,256,384,512}}sums)
-
-	for attr in "${singlevalued[@]}"; do
-		pkgbuild_extract_to_srcinfo "$1" "$attr" 0
+	for val in "$@"; do
+		if [[ $val = *$'\n'* ]]; then
+			error "$(gettext "Invalid value for %s: %s")" "$key" "$val"
+			exit $E_PKGBUILD_ERROR
+		fi
+		printf "%s = %s\n" "$key" "$val"
 	done
-
-	for attr in "${multivalued[@]}"; do
-		pkgbuild_extract_to_srcinfo "$1" "$attr" 1
-	done
-
-	get_pkgbuild_attribute "$1" 'arch' 1 'package_arch'
-	for a in "${package_arch[@]}"; do
-		# 'any' is special. there's no support for, e.g. depends_any.
-		[[ $a = any ]] && continue
-
-		for attr in "${multivalued_arch_attrs[@]}"; do
-			pkgbuild_extract_to_srcinfo "$1" "${attr}_$a" 1
-		done
-	done
-}
-
-srcinfo_write_global() {
-	local singlevalued=(pkgdesc pkgver pkgrel epoch url install changelog)
-	local multivalued=(arch groups license checkdepends makedepends
-	                   depends optdepends provides conflicts replaces
-	                   noextract options backup
-	                   source validpgpkeys {md5,sha{1,224,256,384,512}}sums)
-
-	srcinfo_open_section 'pkgbase' "${pkgbase:-$pkgname}"
-	srcinfo_write_section_details ''
-	srcinfo_close_section
-}
-
-srcinfo_write_package() {
-	local singlevalued=(pkgdesc url install changelog)
-	local multivalued=(arch groups license checkdepends depends optdepends
-	                   provides conflicts replaces options backup)
-
-	srcinfo_open_section 'pkgname' "$1"
-	srcinfo_write_section_details "$1"
-	srcinfo_close_section
-}
-
-write_srcinfo_header() {
-	printf "# Generated by makepkg %s\n" "$makepkg_version"
-	printf "# %s\n" "$(LC_ALL=C date -u)"
-}
-
-write_srcinfo_content() {
-	local pkg
-
-	srcinfo_write_global
-
-	for pkg in "${pkgname[@]}"; do
-		srcinfo_write_package "$pkg"
-	done
-}
-
-write_srcinfo() {
-	write_srcinfo_header
-	write_srcinfo_content
 }
 
 write_pkginfo() {
-	local builddate=$(date -u "+%s")
-	if [[ -n $PACKAGER ]]; then
-		local packager="$PACKAGER"
-	else
-		local packager="Unknown Packager"
-	fi
-
 	local size="$(/usr/bin/du -sk --apparent-size)"
 	size="$(( ${size%%[^0-9]*} * 1024 ))"
 
@@ -1136,70 +655,88 @@ write_pkginfo() {
 
 	msg2 "$(gettext "Generating %s file...")" ".PKGINFO"
 	printf "# Generated by makepkg %s\n" "$makepkg_version"
-	printf "# %s\n" "$(LC_ALL=C date -u)"
 
-	printf "pkgname = %s\n" "$pkgname"
-	if (( SPLITPKG )) || [[ "$pkgbase" != "$pkgname" ]]; then
-		printf "pkgbase = %s\n" "$pkgbase"
-	fi
+	write_kv_pair "pkgname" "$pkgname"
+	write_kv_pair "pkgbase" "$pkgbase"
 
 	local fullver=$(get_full_version)
-	printf "pkgver = %s\n" "$fullver"
-	if [[ "$fullver" != "$basever" ]]; then
-		printf "basever = %s\n" "$basever"
-	fi
+	write_kv_pair "pkgver" "$fullver"
 
 	# TODO: all fields should have this treatment
 	local spd="${pkgdesc//+([[:space:]])/ }"
 	spd=("${spd[@]#[[:space:]]}")
 	spd=("${spd[@]%[[:space:]]}")
 
-	printf "pkgdesc = %s\n" "$spd"
-	printf "url = %s\n" "$url"
-	printf "builddate = %s\n" "$builddate"
-	printf "packager = %s\n" "$packager"
-	printf "size = %s\n" "$size"
-	printf "arch = %s\n" "$pkgarch"
+	write_kv_pair "pkgdesc" "$spd"
+	write_kv_pair "url" "$url"
+	write_kv_pair "builddate" "$SOURCE_DATE_EPOCH"
+	write_kv_pair "packager" "$PACKAGER"
+	write_kv_pair "size" "$size"
+	write_kv_pair "arch" "$pkgarch"
 
 	mapfile -t provides < <(find_libprovides)
 	mapfile -t depends < <(find_libdepends)
 
-	[[ $license ]]      && printf "license = %s\n"     "${license[@]}"
-	[[ $replaces ]]     && printf "replaces = %s\n"    "${replaces[@]}"
-	[[ $groups ]]       && printf "group = %s\n"       "${groups[@]}"
-	[[ $conflicts ]]    && printf "conflict = %s\n"    "${conflicts[@]}"
-	[[ $provides ]]     && printf "provides = %s\n"    "${provides[@]}"
-	[[ $backup ]]       && printf "backup = %s\n"      "${backup[@]}"
-	[[ $depends ]]      && printf "depend = %s\n"      "${depends[@]}"
-	[[ $optdepends ]]   && printf "optdepend = %s\n"   "${optdepends[@]//+([[:space:]])/ }"
-	[[ $makedepends ]]  && printf "makedepend = %s\n"  "${makedepends[@]}"
-	[[ $checkdepends ]] && printf "checkdepend = %s\n" "${checkdepends[@]}"
+	write_kv_pair "license"     "${license[@]}"
+	write_kv_pair "replaces"    "${replaces[@]}"
+	write_kv_pair "group"       "${groups[@]}"
+	write_kv_pair "conflict"    "${conflicts[@]}"
+	write_kv_pair "provides"    "${provides[@]}"
+	write_kv_pair "backup"      "${backup[@]}"
+	write_kv_pair "depend"      "${depends[@]}"
+	write_kv_pair "optdepend"   "${optdepends[@]//+([[:space:]])/ }"
+	write_kv_pair "makedepend"  "${makedepends[@]}"
+	write_kv_pair "checkdepend" "${checkdepends[@]}"
 }
 
 write_buildinfo() {
 	msg2 "$(gettext "Generating %s file...")" ".BUILDINFO"
 
-	printf "builddir = %s\n"  "${BUILDDIR}"
+	write_kv_pair "format" "1"
 
-	local sum="$(openssl dgst -sha256 "${BUILDFILE}")"
-	sum=${sum##* }
+	write_kv_pair "pkgname" "$pkgname"
+	write_kv_pair "pkgbase" "$pkgbase"
 
-	printf "pkgbuild_sha256sum = %s\n" $sum
+	local fullver=$(get_full_version)
+	write_kv_pair "pkgver" "$fullver"
 
-	printf "buildenv = %s\n" "${BUILDENV[@]}"
-	printf "options = %s\n" "${OPTIONS[@]}"
+	write_kv_pair "pkgarch" "$pkgarch"
 
-	local pkglist=($(run_pacman -Q | sed "s# #-#"))
-	printf "installed = %s\n" "${pkglist[@]}"
+	local sum="$(sha256sum "${BUILDFILE}")"
+	sum=${sum%% *}
+	write_kv_pair "pkgbuild_sha256sum" $sum
+
+	write_kv_pair "packager" "${PACKAGER}"
+	write_kv_pair "builddate" "${SOURCE_DATE_EPOCH}"
+	write_kv_pair "builddir"  "${BUILDDIR}"
+	write_kv_pair "buildenv" "${BUILDENV[@]}"
+	write_kv_pair "options" "${OPTIONS[@]}"
+
+	local pkginfos_parsed=($(LC_ALL=C run_pacman -Qi | awk -F': ' '\
+		/^Name .*/ {printf "%s", $2} \
+		/^Version .*/ {printf "-%s", $2} \
+		/^Architecture .*/ {print "-"$2} \
+		'))
+
+	write_kv_pair "installed" "${pkginfos_parsed[@]}"
+}
+
+# build a sorted NUL-separated list of the full contents of the current
+# directory suitable for passing to `bsdtar --files-from`
+# database files are placed at the beginning of the package regardless of
+# sorting
+list_package_files() {
+	(find . -path './.*' \! -name '.'; find . \! -path './.*' \! -name '.' | LC_ALL=C sort) |
+	sed -e 's|^\./||' | tr '\n' '\0'
 }
 
 create_package() {
-	(( NOARCHIVE )) && return
+	(( NOARCHIVE )) && return 0
 
 	if [[ ! -d $pkgdir ]]; then
 		error "$(gettext "Missing %s directory.")" "\$pkgdir/"
 		plain "$(gettext "Aborting...")"
-		exit 1 # $E_MISSING_PKGDIR
+		exit $E_MISSING_PKGDIR
 	fi
 
 	cd_safe "$pkgdir"
@@ -1209,8 +746,6 @@ create_package() {
 	write_pkginfo > .PKGINFO
 	write_buildinfo > .BUILDINFO
 
-	local comp_files=('.PKGINFO' '.BUILDINFO')
-
 	# check for changelog/install files
 	for i in 'changelog/.CHANGELOG' 'install/.INSTALL'; do
 		IFS='/' read -r orig dest < <(printf '%s\n' "$i")
@@ -1219,10 +754,9 @@ create_package() {
 			msg2 "$(gettext "Adding %s file...")" "$orig"
 			if ! cp "$startdir/${!orig}" "$dest"; then
 				error "$(gettext "Failed to add %s file to package.")" "$orig"
-				exit 1
+				exit $E_MISSING_FILE
 			fi
 			chmod 644 "$dest"
-			comp_files+=("$dest")
 		fi
 	done
 
@@ -1234,104 +768,57 @@ create_package() {
 	[[ -f $pkg_file ]] && rm -f "$pkg_file"
 	[[ -f $pkg_file.sig ]] && rm -f "$pkg_file.sig"
 
-	# when fileglobbing, we want * in an empty directory to expand to
-	# the null string rather than itself
-	shopt -s nullglob
+	# ensure all elements of the package have the same mtime
+	find . -exec touch -h -d @$SOURCE_DATE_EPOCH {} +
 
 	msg2 "$(gettext "Generating .MTREE file...")"
-	LANG=C bsdtar -czf .MTREE --format=mtree \
+	list_package_files | LANG=C bsdtar -cnf - --format=mtree \
 		--options='!all,use-set,type,uid,gid,mode,time,size,md5,sha256,link' \
-		"${comp_files[@]}" *
-	comp_files+=(".MTREE")
+		--null --files-from - --exclude .MTREE | gzip -c -f -n > .MTREE
+	touch -d @$SOURCE_DATE_EPOCH .MTREE
 
 	msg2 "$(gettext "Compressing package...")"
 	# TODO: Maybe this can be set globally for robustness
 	shopt -s -o pipefail
-	# bsdtar's gzip compression always saves the time stamp, making one
-	# archive created using the same command line distinct from another.
-	# Disable bsdtar compression and use gzip -n for now.
-	LANG=C bsdtar --no-xattrs -cf - "${comp_files[@]}" * |
-	case "$PKGEXT" in
-		*tar.gz)  ${COMPRESSGZ[@]:-gzip -c -f -n} ;;
-		*tar.bz2) ${COMPRESSBZ2[@]:-bzip2 -c -f} ;;
-		*tar.xz)  ${COMPRESSXZ[@]:-xz -c -z -T0 -} ;;
-		*tar.lrz) ${COMPRESSLRZ[@]:-lrzip -q} ;;
-		*tar.lzo) ${COMPRESSLZO[@]:-lzop -q} ;;
-		*tar.Z)   ${COMPRESSZ[@]:-compress -c -f} ;;
-		*tar)     cat ;;
-		*) warning "$(gettext "'%s' is not a valid archive extension.")" \
-			"$PKGEXT"; cat ;;
-	esac > "${pkg_file}" || ret=$?
+	list_package_files | LANG=C bsdtar --no-xattrs -cnf - --null --files-from - |
+		compress_as "$PKGEXT" > "${pkg_file}" || ret=$?
 
-	shopt -u nullglob
 	shopt -u -o pipefail
 
 	if (( ret )); then
 		error "$(gettext "Failed to create package file.")"
-		exit 1 # TODO: error code
-	fi
-
-	create_signature "$pkg_file"
-
-	if (( ! ret )) && [[ ! "$PKGDEST" -ef "${startdir}" ]]; then
-		rm -f "${pkg_file/$PKGDEST/$startdir}"
-		ln -s "${pkg_file}" "${pkg_file/$PKGDEST/$startdir}"
-		ret=$?
-		if [[ -f $pkg_file.sig ]]; then
-			rm -f "${pkg_file/$PKGDEST/$startdir}.sig"
-			ln -s "$pkg_file.sig" "${pkg_file/$PKGDEST/$startdir}.sig"
-		fi
-	fi
-
-	if (( ret )); then
-		warning "$(gettext "Failed to create symlink to package file.")"
+		exit $E_PACKAGE_FAILED
 	fi
 }
 
 create_debug_package() {
 	# check if a debug package was requested
 	if ! check_option "debug" "y" || ! check_option "strip" "y"; then
-		return
+		return 0
 	fi
 
-	pkgdir="${pkgdir}-debug"
+	pkgdir="$pkgdirbase/$pkgbase-debug"
+
 	# check if we have any debug symbols to package
 	if dir_is_empty "$pkgdir"; then
-		return
+		return 0
 	fi
 
-	depends=("$pkgname=$(get_full_version)")
-	pkgdesc="Detached debugging symbols for $pkgname"
-	pkgname=$pkgname-debug
+	unset groups depends optdepends provides conflicts replaces backup install changelog
 
-	unset groups optdepends provides conflicts replaces backup install changelog
+	local pkg
+	for pkg in ${pkgname[@]}; do
+		if [[ $pkg != $pkgbase ]]; then
+			provides+=("$pkg-debug")
+		fi
+	done
+
+	pkgdesc="Detached debugging symbols for $pkgname"
+	pkgname=$pkgbase-debug
 
 	create_package
 }
 
-create_signature() {
-	if [[ $SIGNPKG != 'y' ]]; then
-		return
-	fi
-	local ret=0
-	local filename="$1"
-	msg "$(gettext "Signing package...")"
-
-	local SIGNWITHKEY=""
-	if [[ -n $GPGKEY ]]; then
-		SIGNWITHKEY="-u ${GPGKEY}"
-	fi
-
-	gpg --detach-sign --use-agent ${SIGNWITHKEY} --no-armor "$filename" &>/dev/null || ret=$?
-
-
-	if (( ! ret )); then
-		msg2 "$(gettext "Created signature file %s.")" "$filename.sig"
-	else
-		warning "$(gettext "Failed to sign package file.")"
-	fi
-}
-
 create_srcpackage() {
 	local ret=0
 	msg "$(gettext "Creating source package...")"
@@ -1375,53 +862,30 @@ create_srcpackage() {
 		done
 	done
 
-	local TAR_OPT
-	case "$SRCEXT" in
-		*tar.gz)  TAR_OPT="-z" ;;
-		*tar.bz2) TAR_OPT="-j" ;;
-		*tar.xz)  TAR_OPT="-J" ;;
-		*tar.lrz) TAR_OPT="--lrzip" ;;
-		*tar.lzo) TAR_OPT="--lzop" ;;
-		*tar.Z)   TAR_OPT="-Z" ;;
-		*tar)     TAR_OPT=""  ;;
-		*) warning "$(gettext "'%s' is not a valid archive extension.")" \
-		"$SRCEXT" ;;
-	esac
-
 	local fullver=$(get_full_version)
 	local pkg_file="$SRCPKGDEST/${pkgbase}-${fullver}${SRCEXT}"
 
 	# tar it up
 	msg2 "$(gettext "Compressing source package...")"
 	cd_safe "${srclinks}"
-	if ! LANG=C bsdtar -cL ${TAR_OPT} -f "$pkg_file" ${pkgbase}; then
-		error "$(gettext "Failed to create source package file.")"
-		exit 1 # TODO: error code
-	fi
 
-	create_signature "$pkg_file"
+	# TODO: Maybe this can be set globally for robustness
+	shopt -s -o pipefail
+	LANG=C bsdtar -cLf - ${pkgbase} | compress_as "$SRCEXT" > "${pkg_file}" || ret=$?
 
-	if [[ ! "$SRCPKGDEST" -ef "${startdir}" ]]; then
-		rm -f "${pkg_file/$SRCPKGDEST/$startdir}"
-		ln -s "${pkg_file}" "${pkg_file/$SRCPKGDEST/$startdir}"
-		ret=$?
-		if [[ -f $pkg_file.sig ]]; then
-			rm -f "${pkg_file/$SRCPKGDEST/$startdir}.sig"
-			ln -s "$pkg_file.sig" "${pkg_file/$SRCPKGDEST/$startdir}.sig"
-		fi
-	fi
+	shopt -u -o pipefail
 
 	if (( ret )); then
-		warning "$(gettext "Failed to create symlink to source package file.")"
+		error "$(gettext "Failed to create source package file.")"
+		exit $E_PACKAGE_FAILED
 	fi
 
 	cd_safe "${startdir}"
 	rm -rf "${srclinks}"
 }
 
-# this function always returns 0 to make sure clean-up will still occur
 install_package() {
-	(( ! INSTALL )) && return
+	(( ! INSTALL )) && return 0
 
 	if (( ! SPLITPKG )); then
 		msg "$(gettext "Installing package %s with %s...")" "$pkgname" "$PACMAN -U"
@@ -1445,7 +909,7 @@ install_package() {
 
 	if ! run_pacman -U "${pkglist[@]}"; then
 		warning "$(gettext "Failed to install built package(s).")"
-		return 0
+		return $E_INSTALL_FAILED
 	fi
 }
 
@@ -1465,14 +929,14 @@ get_vcsclient() {
 	if [[ -z $client ]]; then
 		error "$(gettext "Unknown download protocol: %s")" "$proto"
 		plain "$(gettext "Aborting...")"
-		exit 1 # $E_CONFIG_ERROR
+		exit $E_CONFIG_ERROR
 	fi
 
 	printf "%s\n" "$client"
 }
 
 check_vcs_software() {
-	local all_sources all_deps deps ret=0
+	local netfile all_sources all_deps deps ret=0
 
 	if (( SOURCEONLY == 1 )); then
 		# we will not download VCS sources
@@ -1504,7 +968,7 @@ check_vcs_software() {
 					client=$(get_vcsclient "$proto") || exit $?
 					# ensure specified program is installed
 					local uninstalled
-					uninstalled="$(set +E; check_deps $client)" || exit 1
+					uninstalled=$(check_deps "$client") || exit $E_INSTALL_DEPS_FAILED
 					# if not installed, check presence in depends or makedepends
 					if [[ -n "$uninstalled" ]] && (( ! NODEPS || ( VERIFYSOURCE && !DEP_BIN ) )); then
 						if ! in_array "$client" ${all_deps[@]}; then
@@ -1552,28 +1016,18 @@ check_software() {
 		fi
 	fi
 
-	# openssl - checksum operations
-	if (( ! SKIPCHECKSUMS )); then
-		if ! type -p openssl >/dev/null; then
-			error "$(gettext "Cannot find the %s binary required for validating source file checksums.")" "openssl"
-			ret=1
-		fi
-	fi
+	# checksum operations
+	if (( GENINTEG || ! SKIPCHECKSUMS )); then
+		local integlist
+		IFS=$'\n' read -rd '' -a integlist < <(get_integlist)
 
-	# upx - binary compression
-	if check_option "upx" "y"; then
-		if ! type -p upx >/dev/null; then
-			error "$(gettext "Cannot find the %s binary required for compressing binaries.")" "upx"
-			ret=1
-		fi
-	fi
-
-	# optipng - PNG image optimization
-	if check_option "optipng" "y"; then
-		if ! type -p optipng >/dev/null; then
-			error "$(gettext "Cannot find the %s binary required for optimizing PNG images.")" "optipng"
-			ret=1
-		fi
+		local integ
+		for integ in "${integlist[@]}"; do
+			if ! type -p "${integ}sum" >/dev/null; then
+				error "$(gettext "Cannot find the %s binary required for source file checksums operations.")" "${integ}sum"
+				ret=1
+			fi
+		done
 	fi
 
 	# distcc - compilation with distcc
@@ -1625,10 +1079,10 @@ check_build_status() {
 			if (( INSTALL )); then
 				warning "$(gettext "A package has already been built, installing existing package...")"
 				install_package
-				exit 0
+				exit $?
 			else
 				error "$(gettext "A package has already been built. (use %s to overwrite)")" "-f"
-				exit 1
+				exit $E_ALREADY_BUILT
 			fi
 		fi
 	else
@@ -1648,15 +1102,15 @@ check_build_status() {
 				if (( INSTALL )); then
 					warning "$(gettext "The package group has already been built, installing existing packages...")"
 					install_package
-					exit 0
+					exit $?
 				else
 					error "$(gettext "The package group has already been built. (use %s to overwrite)")" "-f"
-					exit 1
+					exit $E_ALREADY_BUILT
 				fi
 			fi
 			if (( somepkgbuilt && ! PKGVERFUNC )); then
 				error "$(gettext "Part of the package group has already been built. (use %s to overwrite)")" "-f"
-				exit 1
+				exit $E_ALREADY_BUILT
 			fi
 		fi
 		unset allpkgbuilt somepkgbuilt
@@ -1696,153 +1150,14 @@ run_split_packaging() {
 		backup_package_variables
 		run_package $pkgname
 		tidy_install
-		lint_package
+		lint_package || exit $E_PACKAGE_FAILED
 		create_package
-		create_debug_package
 		restore_package_variables
 	done
 	pkgname=("${pkgname_backup[@]}")
+	create_debug_package
 }
 
-# getopt-like parser
-parseopts() {
-	local opt= optarg= i= shortopts=$1
-	local -a longopts=() unused_argv=()
-
-	shift
-	while [[ $1 && $1 != '--' ]]; do
-		longopts+=("$1")
-		shift
-	done
-	shift
-
-	longoptmatch() {
-		local o longmatch=()
-		for o in "${longopts[@]}"; do
-			if [[ ${o%:} = "$1" ]]; then
-				longmatch=("$o")
-				break
-			fi
-			[[ ${o%:} = "$1"* ]] && longmatch+=("$o")
-		done
-
-		case ${#longmatch[*]} in
-			1)
-				# success, override with opt and return arg req (0 == none, 1 == required)
-				opt=${longmatch%:}
-				if [[ $longmatch = *: ]]; then
-					return 1
-				else
-					return 0
-				fi ;;
-			0)
-				# fail, no match found
-				return 255 ;;
-			*)
-				# fail, ambiguous match
-				printf "makepkg: $(gettext "option '%s' is ambiguous; possibilities:")" "--$1"
-				printf " '%s'" "${longmatch[@]%:}"
-				printf '\n'
-				return 254 ;;
-		esac >&2
-	}
-
-	while (( $# )); do
-		case $1 in
-			--) # explicit end of options
-				shift
-				break
-				;;
-			-[!-]*) # short option
-				for (( i = 1; i < ${#1}; i++ )); do
-					opt=${1:i:1}
-
-					# option doesn't exist
-					if [[ $shortopts != *$opt* ]]; then
-						printf "makepkg: $(gettext "invalid option") -- '%s'\n" "$opt" >&2
-						OPTRET=(--)
-						return 1
-					fi
-
-					OPTRET+=("-$opt")
-					# option requires optarg
-					if [[ $shortopts = *$opt:* ]]; then
-						# if we're not at the end of the option chunk, the rest is the optarg
-						if (( i < ${#1} - 1 )); then
-							OPTRET+=("${1:i+1}")
-							break
-						# if we're at the end, grab the the next positional, if it exists
-						elif (( i == ${#1} - 1 )) && [[ $2 ]]; then
-							OPTRET+=("$2")
-							shift
-							break
-						# parse failure
-						else
-							printf "makepkg: $(gettext "option requires an argument") -- '%s'\n" "$opt" >&2
-							OPTRET=(--)
-							return 1
-						fi
-					fi
-				done
-				;;
-			--?*=*|--?*) # long option
-				IFS='=' read -r opt optarg <<< "${1#--}"
-				longoptmatch "$opt"
-				case $? in
-					0)
-						# parse failure
-						if [[ $optarg ]]; then
-							printf "makepkg: $(gettext "option '%s' does not allow an argument")\n" "--$opt" >&2
-							OPTRET=(--)
-							return 1
-						# --longopt
-						else
-							OPTRET+=("--$opt")
-						fi
-						;;
-					1)
-						# --longopt=optarg
-						if [[ $optarg ]]; then
-							OPTRET+=("--$opt" "$optarg")
-						# --longopt optarg
-						elif [[ $2 ]]; then
-							OPTRET+=("--$opt" "$2" )
-							shift
-						# parse failure
-						else
-							printf "makepkg: $(gettext "option '%s' requires an argument")\n" "--$opt" >&2
-							OPTRET=(--)
-							return 1
-						fi
-						;;
-					254)
-						# ambiguous option -- error was reported for us by longoptmatch()
-						OPTRET=(--)
-						return 1
-						;;
-					255)
-						# parse failure
-						printf "makepkg: $(gettext "invalid option") '--%s'\n" "$opt" >&2
-						OPTRET=(--)
-						return 1
-						;;
-				esac
-				;;
-			*) # non-option arg encountered, add it as a parameter
-				unused_argv+=("$1")
-				;;
-		esac
-		shift
-	done
-
-	# add end-of-opt terminator and any leftover positional parameters
-	OPTRET+=('--' "${unused_argv[@]}" "$@")
-	unset longoptmatch
-
-	return 0
-}
-
-
 usage() {
 	printf "makepkg (pacman) %s\n" "$makepkg_version"
 	echo
@@ -1878,7 +1193,7 @@ usage() {
 	printf -- "$(gettext "  --nocheck        Do not run the %s function in the %s")\n" "check()" "$BUILDSCRIPT"
 	printf -- "$(gettext "  --noprepare      Do not run the %s function in the %s")\n" "prepare()" "$BUILDSCRIPT"
 	printf -- "$(gettext "  --nosign         Do not create a signature for the package")\n"
-	printf -- "$(gettext "  --packagelist    Only list packages that would be produced, without PKGEXT")\n"
+	printf -- "$(gettext "  --packagelist    Only list package filepaths that would be produced")\n"
 	printf -- "$(gettext "  --printsrcinfo   Print the generated SRCINFO and exit")\n"
 	printf -- "$(gettext "  --sign           Sign the resulting package with %s")\n" "gpg"
 	printf -- "$(gettext "  --skipchecksums  Do not verify checksums of the source files")\n"
@@ -1900,7 +1215,7 @@ usage() {
 version() {
 	printf "makepkg (pacman) %s\n" "$makepkg_version"
 	printf -- "$(gettext "\
-Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>.\n\
+Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>.\n\
 Copyright (C) 2002-2006 Judd Vinet <jvinet@zeroflux.org>.\n\n\
 This is free software; see the source for copying conditions.\n\
 There is NO WARRANTY, to the extent permitted by law.\n")"
@@ -1936,7 +1251,7 @@ OPT_LONG=('allsource' 'check' 'clean' 'cleanbuild' 'config:' 'force' 'geninteg'
 OPT_LONG+=('asdeps' 'noconfirm' 'needed' 'noprogressbar')
 
 if ! parseopts "$OPT_SHORT" "${OPT_LONG[@]}" -- "$@"; then
-	exit 1 # E_INVALID_OPTION;
+	exit $E_INVALID_OPTION;
 fi
 set -- "${OPTRET[@]}"
 unset OPT_SHORT OPT_LONG OPTRET
@@ -1946,8 +1261,8 @@ while true; do
 		# Pacman Options
 		--asdeps)         ASDEPS=1;;
 		--needed)         NEEDED=1;;
-		--noconfirm)      PACMAN_OPTS+=" --noconfirm" ;;
-		--noprogressbar)  PACMAN_OPTS+=" --noprogressbar" ;;
+		--noconfirm)      PACMAN_OPTS+=("--noconfirm") ;;
+		--noprogressbar)  PACMAN_OPTS+=("--noprogressbar") ;;
 
 		# Makepkg Options
 		--allsource)      SOURCEONLY=2 ;;
@@ -1965,7 +1280,7 @@ while true; do
 		-i|--install)     INSTALL=1 ;;
 		--key)            shift; GPGKEY=$1 ;;
 		-L|--log)         LOGGING=1 ;;
-		-m|--nocolor)     USE_COLOR='n'; PACMAN_OPTS+=" --color never" ;;
+		-m|--nocolor)     USE_COLOR='n'; PACMAN_OPTS+=("--color" "never") ;;
 		--noarchive)      NOARCHIVE=1 ;;
 		--nocheck)        RUN_CHECK='n' ;;
 		--noprepare)      RUN_PREPARE='n' ;;
@@ -1973,7 +1288,7 @@ while true; do
 		-o|--nobuild)     NOBUILD=1 ;;
 		-p)               shift; BUILDFILE=$1 ;;
 		--packagelist)    PACKAGELIST=1 IGNOREARCH=1;;
-		--printsrcinfo)   PRINTSRCINFO=1 ;;
+		--printsrcinfo)   PRINTSRCINFO=1 IGNOREARCH=1;;
 		-r|--rmdeps)      RMDEPS=1 ;;
 		-R|--repackage)   REPKG=1 ;;
 		--sign)           SIGNPKG='y' ;;
@@ -1984,10 +1299,10 @@ while true; do
 		-S|--source)      SOURCEONLY=1 ;;
 		--verifysource)   VERIFYSOURCE=1 ;;
 
-		-h|--help)        usage; exit 0 ;; # E_OK
-		-V|--version)     version; exit 0 ;; # E_OK
+		-h|--help)        usage; exit $E_OK ;;
+		-V|--version)     version; exit $E_OK ;;
 
-		--)               OPT_IND=0; shift; break 2;;
+		--)               shift; break ;;
 	esac
 	shift
 done
@@ -2010,17 +1325,8 @@ done
 trap 'trap_exit INT "$(gettext "Aborted by user! Exiting...")"' INT
 trap 'trap_exit USR1 "$(gettext "An unknown error has occurred. Exiting...")"' ERR
 
-# preserve environment variables and canonicalize path
-[[ -n ${PKGDEST} ]] && _PKGDEST=$(canonicalize_path ${PKGDEST})
-[[ -n ${SRCDEST} ]] && _SRCDEST=$(canonicalize_path ${SRCDEST})
-[[ -n ${SRCPKGDEST} ]] && _SRCPKGDEST=$(canonicalize_path ${SRCPKGDEST})
-[[ -n ${LOGDEST} ]] && _LOGDEST=$(canonicalize_path ${LOGDEST})
-[[ -n ${BUILDDIR} ]] && _BUILDDIR=$(canonicalize_path ${BUILDDIR})
-[[ -n ${PKGEXT} ]] && _PKGEXT=${PKGEXT}
-[[ -n ${SRCEXT} ]] && _SRCEXT=${SRCEXT}
-[[ -n ${GPGKEY} ]] && _GPGKEY=${GPGKEY}
-[[ -n ${PACKAGER} ]] && _PACKAGER=${PACKAGER}
-[[ -n ${CARCH} ]] && _CARCH=${CARCH}
+# preserve environment variables to override makepkg.conf
+restore_envvars=$(declare -p PKGDEST SRCDEST SRCPKGDEST LOGDEST BUILDDIR PKGEXT SRCEXT GPGKEY PACKAGER CARCH 2>/dev/null || true)
 
 # default config is makepkg.conf
 MAKEPKG_CONF=${MAKEPKG_CONF:-$confdir/makepkg.conf}
@@ -2031,7 +1337,7 @@ if [[ -r $MAKEPKG_CONF ]]; then
 else
 	error "$(gettext "%s not found.")" "$MAKEPKG_CONF"
 	plain "$(gettext "Aborting...")"
-	exit 1 # $E_CONFIG_ERROR
+	exit $E_CONFIG_ERROR
 fi
 
 # Source user-specific makepkg.conf overrides, but only if no override config
@@ -2045,6 +1351,20 @@ if [[ "$MAKEPKG_CONF" = "$confdir/makepkg.conf" ]]; then
 	fi
 fi
 
+eval "$restore_envvars"
+
+# override settings from extra variables on commandline, if any
+if (( ${#extra_environment[*]} )); then
+	export "${extra_environment[@]}"
+fi
+
+# canonicalize paths and provide defaults if anything is still undefined
+for var in PKGDEST SRCDEST SRCPKGDEST LOGDEST BUILDDIR; do
+	printf -v "$var" "$(canonicalize_path "${!var:-$startdir}")"
+done
+unset var
+PACKAGER=${PACKAGER:-"Unknown Packager"}
+
 # set pacman command if not already defined
 PACMAN=${PACMAN:-pacman}
 # save full path to command as PATH may change when sourcing /etc/profile
@@ -2058,51 +1378,30 @@ else
 fi
 
 
-# override settings with an environment variable for batch processing
-BUILDDIR=${_BUILDDIR:-$BUILDDIR}
-BUILDDIR=${BUILDDIR:-$startdir} #default to $startdir if undefined
-if [[ ! -d $BUILDDIR ]]; then
-	if ! mkdir -p "$BUILDDIR"; then
-		error "$(gettext "You do not have write permission to create packages in %s.")" "$BUILDDIR"
-		plain "$(gettext "Aborting...")"
-		exit 1
-	fi
-	chmod a-s "$BUILDDIR"
-fi
-if [[ ! -w $BUILDDIR ]]; then
-	error "$(gettext "You do not have write permission to create packages in %s.")" "$BUILDDIR"
+# check makepkg.conf for some basic requirements
+lint_config || exit $E_CONFIG_ERROR
+
+
+# check that all settings directories are user-writable
+if ! ensure_writable_dir "BUILDDIR" "$BUILDDIR"; then
 	plain "$(gettext "Aborting...")"
-	exit 1
+	exit $E_FS_PERMISSIONS
 fi
 
-# override settings from extra variables on commandline, if any
-if (( ${#extra_environment[*]} )); then
-	export "${extra_environment[@]}"
-fi
-
-PKGDEST=${_PKGDEST:-$PKGDEST}
-PKGDEST=${PKGDEST:-$startdir} #default to $startdir if undefined
-if (( ! (NOBUILD || GENINTEG) )) && [[ ! -w $PKGDEST ]]; then
-	error "$(gettext "You do not have write permission to store packages in %s.")" "$PKGDEST"
+if (( ! (NOBUILD || GENINTEG) )) && ! ensure_writable_dir "PKGDEST" "$PKGDEST"; then
 	plain "$(gettext "Aborting...")"
-	exit 1
+	exit $E_FS_PERMISSIONS
 fi
 
-SRCDEST=${_SRCDEST:-$SRCDEST}
-SRCDEST=${SRCDEST:-$startdir} #default to $startdir if undefined
-if [[ ! -w $SRCDEST ]] ; then
-	error "$(gettext "You do not have write permission to store downloads in %s.")" "$SRCDEST"
+if ! ensure_writable_dir "SRCDEST" "$SRCDEST" ; then
 	plain "$(gettext "Aborting...")"
-	exit 1
+	exit $E_FS_PERMISSIONS
 fi
 
-SRCPKGDEST=${_SRCPKGDEST:-$SRCPKGDEST}
-SRCPKGDEST=${SRCPKGDEST:-$startdir} #default to $startdir if undefined
 if (( SOURCEONLY )); then
-	if [[ ! -w $SRCPKGDEST ]]; then
-		error "$(gettext "You do not have write permission to store source tarballs in %s.")" "$SRCPKGDEST"
+	if ! ensure_writable_dir "SRCPKGDEST" "$SRCPKGDEST"; then
 		plain "$(gettext "Aborting...")"
-		exit 1
+		exit $E_FS_PERMISSIONS
 	fi
 
 	# If we're only making a source tarball, then we need to ignore architecture-
@@ -2110,37 +1409,33 @@ if (( SOURCEONLY )); then
 	IGNOREARCH=1
 fi
 
-LOGDEST=${_LOGDEST:-$LOGDEST}
-LOGDEST=${LOGDEST:-$startdir} #default to $startdir if undefined
-if (( LOGGING )) && [[ ! -w $LOGDEST ]]; then
-	error "$(gettext "You do not have write permission to store logs in %s.")" "$LOGDEST"
+if (( LOGGING )) && ! ensure_writable_dir "LOGDEST" "$LOGDEST"; then
 	plain "$(gettext "Aborting...")"
-	exit 1
+	exit $E_FS_PERMISSIONS
 fi
 
-PKGEXT=${_PKGEXT:-$PKGEXT}
-SRCEXT=${_SRCEXT:-$SRCEXT}
-GPGKEY=${_GPGKEY:-$GPGKEY}
-PACKAGER=${_PACKAGER:-$PACKAGER}
-CARCH=${_CARCH:-$CARCH}
-
 unset pkgname pkgbase pkgver pkgrel epoch pkgdesc url license groups provides
 unset md5sums replaces depends conflicts backup source install changelog build
-unset makedepends optdepends options noextract validpgpkeys
+unset sha{1,224,256,384,512}sums makedepends optdepends options noextract validpgpkeys
+unset "${!makedepends_@}" "${!depends_@}" "${!source_@}" "${!checkdepends_@}"
+unset "${!optdepends_@}" "${!conflicts_@}" "${!provides_@}" "${!replaces_@}"
+unset "${!md5sums_@}" "${!sha1sums_@}" "${!sha224sums_@}" "${!sha256sums_@}"
+unset "${!sha384sums_@}" "${!sha512sums_@}"
 
 BUILDFILE=${BUILDFILE:-$BUILDSCRIPT}
 if [[ ! -f $BUILDFILE ]]; then
 	error "$(gettext "%s does not exist.")" "$BUILDFILE"
-	exit 1
+	exit $E_USER_FUNCTION_FAILED
+
 else
 	if [[ $(<"$BUILDFILE") = *$'\r'* ]]; then
 		error "$(gettext "%s contains %s characters and cannot be sourced.")" "$BUILDFILE" "CRLF"
-		exit 1
+		exit $E_PKGBUILD_ERROR
 	fi
 
 	if [[ ! $BUILDFILE -ef $PWD/${BUILDFILE##*/} ]]; then
 		error "$(gettext "%s must be in the current working directory.")" "$BUILDFILE"
-		exit 1
+		exit $E_PKGBUILD_ERROR
 	fi
 
 	if [[ ${BUILDFILE:0:1} != "/" ]]; then
@@ -2152,15 +1447,15 @@ fi
 pkgbase=${pkgbase:-${pkgname[0]}}
 
 # check the PKGBUILD for some basic requirements
-lint_pkgbuild || exit 1
+lint_pkgbuild || exit $E_PKGBUILD_ERROR
 
-if (( !SOURCEONLY )); then
+if (( !SOURCEONLY && !PRINTSRCINFO )); then
 	merge_arch_attrs
 fi
 
 basever=$(get_full_version)
 
-if [[ $BUILDDIR = "$startdir" ]]; then
+if [[ $BUILDDIR -ef "$startdir" ]]; then
 	srcdir="$BUILDDIR/src"
 	pkgdirbase="$BUILDDIR/pkg"
 else
@@ -2178,7 +1473,7 @@ if (( GENINTEG )); then
 	cd_safe "$srcdir"
 	download_sources novcs allarch
 	generate_checksums
-	exit 0 # $E_OK
+	exit $E_OK
 fi
 
 if have_function pkgver; then
@@ -2186,7 +1481,7 @@ if have_function pkgver; then
 fi
 
 # check we have the software required to process the PKGBUILD
-check_software || exit 1
+check_software || exit $E_MISSING_MAKEPKG_DEPS
 
 if (( ${#pkgname[@]} > 1 )); then
 	SPLITPKG=1
@@ -2223,32 +1518,32 @@ if { [[ -z $SIGNPKG ]] && check_buildenv "sign" "y"; } || [[ $SIGNPKG == 'y' ]];
 		else
 			error "$(gettext "There is no key in your keyring.")"
 		fi
-		exit 1
+		exit $E_PRETTY_BAD_PRIVACY
 	fi
 fi
 
 if (( PACKAGELIST )); then
 	print_all_package_names
-	exit 0
+	exit $E_OK
 fi
 
 if (( PRINTSRCINFO )); then
 	write_srcinfo_content
-	exit 0
+	exit $E_OK
 fi
 
 if (( ! PKGVERFUNC )); then
 	check_build_status
 fi
 
-msg "$(gettext "Making package: %s")" "$pkgbase $basever ($(date))"
+msg "$(gettext "Making package: %s")" "$pkgbase $basever ($(date +%c))"
 
 # if we are creating a source-only package, go no further
 if (( SOURCEONLY )); then
 	if [[ -f $SRCPKGDEST/${pkgbase}-${basever}${SRCEXT} ]] \
 			&& (( ! FORCE )); then
 		error "$(gettext "A source package has already been built. (use %s to overwrite)")" "-f"
-		exit 1
+		exit $E_ALREADY_BUILT
 	fi
 
 	# Get back to our src directory so we can begin with sources.
@@ -2266,8 +1561,13 @@ if (( SOURCEONLY )); then
 
 	create_srcpackage
 
-	msg "$(gettext "Source package created: %s")" "$pkgbase ($(date))"
-	exit 0
+	if [[ $SIGNPKG = 'y' ]]; then
+		msg "$(gettext "Signing package...")"
+		create_signature "$SRCPKGDEST/${pkgbase}-${fullver}${SRCEXT}"
+	fi
+
+	msg "$(gettext "Source package created: %s")" "$pkgbase ($(date +%c))"
+	exit $E_OK
 fi
 
 if (( NODEPS || ( VERIFYSOURCE && !DEP_BIN ) )); then
@@ -2300,7 +1600,7 @@ else
 
 	if (( deperr )); then
 		error "$(gettext "Could not resolve all dependencies.")"
-		exit 1
+		exit $E_INSTALL_DEPS_FAILED
 	fi
 fi
 
@@ -2309,13 +1609,16 @@ mkdir -p "$srcdir"
 chmod a-s "$srcdir"
 cd_safe "$srcdir"
 
+	export MINGW_CHOST MINGW_PREFIX MINGW_PACKAGE_PREFIX
+	export DXSDK_DIR ACLOCAL_PATH PKG_CONFIG_PATH
+
 if (( !REPKG )); then
 	if (( NOEXTRACT && ! VERIFYSOURCE )); then
 		warning "$(gettext "Using existing %s tree")" "\$srcdir/"
 	else
 		download_sources
 		check_source_integrity
-		(( VERIFYSOURCE )) && exit 0 # $E_OK
+		(( VERIFYSOURCE )) && exit $E_OK
 
 		if (( CLEANBUILD )); then
 			msg "$(gettext "Removing existing %s directory...")" "\$srcdir/"
@@ -2326,6 +1629,11 @@ if (( !REPKG )); then
 		if (( PREPAREFUNC )); then
 			run_prepare
 		fi
+		if (( REPRODUCIBLE )); then
+			# We have activated reproducible builds, so unify source times before
+			# building
+			find "$srcdir" -exec touch -h -d @$SOURCE_DATE_EPOCH {} +
+		fi
 	fi
 
 	if (( PKGVERFUNC )); then
@@ -2337,7 +1645,7 @@ fi
 
 if (( NOBUILD )); then
 	msg "$(gettext "Sources are ready.")"
-	exit 0 #E_OK
+	exit $E_OK
 else
 	# clean existing pkg directory
 	if [[ -d $pkgdirbase ]]; then
@@ -2348,6 +1656,8 @@ else
 	chmod a-srw "$pkgdirbase"
 	cd_safe "$startdir"
 
+	prepare_buildenv
+
 	if (( ! REPKG )); then
 		(( BUILDFUNC )) && run_build
 		(( CHECKFUNC )) && run_check
@@ -2357,7 +1667,7 @@ else
 	# if inhibiting archive creation, go no further
 	if (( NOARCHIVE )); then
 		msg "$(gettext "Package directory is ready.")"
-		exit 0
+		exit $E_OK
 	fi
 	mkdir -p "$pkgdirbase"
 	chmod a-srwx "$pkgdirbase"
@@ -2374,18 +1684,16 @@ else
 			run_package
 		fi
 		tidy_install
-		lint_package
+		lint_package || exit $E_PACKAGE_FAILED
 		create_package
 		create_debug_package
 	else
 		run_split_packaging
 	fi
+
+	create_package_signatures
 fi
 
-msg "$(gettext "Finished making: %s")" "$pkgbase $basever ($(date))"
+msg "$(gettext "Finished making: %s")" "$pkgbase $basever ($(date +%c))"
 
-install_package
-
-exit 0 #E_OK
-
-# vim: set noet:
+install_package && exit $E_OK || exit $E_INSTALL_FAILED
diff --git a/msys2/usr/bin/makepkg-clang b/msys2/usr/bin/makepkg-clang
new file mode 100644
index 000000000..3ef581dd6
--- /dev/null
+++ b/msys2/usr/bin/makepkg-clang
@@ -0,0 +1,100 @@
+#!/usr/bin/env bash
+#   makepkg-mingw - wrapper for makepkg to build mingw-w64 packages under  MSYS2
+#
+#   Copyright (c) 2018 Alexey Pavlov <alexpux@gmail.com>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+plain() {
+  local mesg=$1; shift
+  printf "${BOLD}    ${mesg}${ALL_OFF}\n" "$@" >&2
+}
+
+print_warning() {
+  local mesg=$1; shift
+  printf "${YELLOW}=> WARNING:${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
+}
+
+print_msg1() {
+  local mesg=$1; shift
+  printf "${GREEN}==> ${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
+}
+
+print_msg2() {
+  local mesg=$1; shift
+  printf "${BLUE}  ->${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
+}
+
+print_error() {
+  local mesg=$1; shift
+  printf "${RED}==> ERROR:${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
+}
+
+if /usr/bin/tput setaf 0 &>/dev/null; then
+  ALL_OFF="$(/usr/bin/tput sgr0)"
+  BOLD="$(/usr/bin/tput bold)"
+  BLUE="${BOLD}$(/usr/bin/tput setaf 4)"
+  GREEN="${BOLD}$(/usr/bin/tput setaf 2)"
+  RED="${BOLD}$(/usr/bin/tput setaf 1)"
+  YELLOW="${BOLD}$(/usr/bin/tput setaf 3)"
+else
+  ALL_OFF="\e[1;0m"
+  BOLD="\e[1;1m"
+  BLUE="${BOLD}\e[1;34m"
+  GREEN="${BOLD}\e[1;32m"
+  RED="${BOLD}\e[1;31m"
+  YELLOW="${BOLD}\e[1;33m"
+fi
+
+readonly ALL_OFF BOLD BLUE GREEN RED YELLOW
+MINGW_INSTALLS="${MINGW_INSTALLS:-clang64 clang32}"
+
+for _mingw in ${MINGW_INSTALLS}; do
+  if [ ! "${_mingw}" = 'clang32' -a ! "${_mingw}" = 'clang64' ]; then
+    print_error "Requested mingw installation '${_mingw}', but only 'clang32' and 'clang64' are allowed."
+    exit 1
+  fi
+done
+
+for _arg in "$@"; do
+  if [ ${_arg} = "--help" -o ${_arg} = "-h" -o ${_arg} = "--version" -o ${_arg} = "-V" ]; then
+    /usr/bin/makepkg $@
+    exit 0
+  fi
+done
+
+for _mingw in ${MINGW_INSTALLS}; do
+  case ${_mingw} in
+    clang32)
+      _arch=i686
+      _msystem=MINGW32
+    ;;
+    clang64)
+      _arch=x86_64
+      _msystem=MINGW64
+    ;;
+  esac
+
+  if [ -f "/${_mingw}/bin/clang.exe" ]; then
+    MSYSTEM=${_msystem} \
+    PATH=/${_mingw}/bin:$(echo $PATH | tr ':' '\n' | awk '$0 != "/opt/bin"' | paste -sd:) \
+    /usr/bin/makepkg --config /etc/makepkg_${_mingw}.conf $@ || exit 1
+  else
+    print_warning "You don't have installed mingw-w64 toolchain for architecture ${_arch}."
+    print_warning "To install it run: 'pacman -S mingw-w64-${_arch}-toolchain'"
+  fi
+done
+
+exit 0
diff --git a/msys2/usr/bin/makepkg-template b/msys2/usr/bin/makepkg-template
index 98b4d7bea..c7f512316 100644
--- a/msys2/usr/bin/makepkg-template
+++ b/msys2/usr/bin/makepkg-template
@@ -2,7 +2,7 @@
 #   makepkg-template - template system for makepkg
 #   Generated from makepkg-template.sh.in; do not edit by hand.
 #
-#   Copyright (c) 2013-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2013-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -189,9 +189,9 @@ sub usage {
 
 sub version {
 	my ($exitstatus) = @_;
-	printf "makepkg-template (pacman) %s\n", '5.0.1';
+	printf "makepkg-template (pacman) %s\n", '5.1.3';
 	print gettext(
-		'Copyright (c) 2013-2016 Pacman Development Team <pacman-dev@archlinux.org>.'."\n".
+		'Copyright (c) 2013-2018 Pacman Development Team <pacman-dev@archlinux.org>.'."\n".
 		'This is free software; see the source for copying conditions.'."\n".
 		'There is NO WARRANTY, to the extent permitted by law.'."\n");
 	exit($exitstatus);
@@ -213,5 +213,3 @@ $opts{input} = "/dev/stdin" if $opts{input} eq "-";
 $opts{output} = "/dev/stdout" if $opts{output} eq "-";
 
 burp($opts{output}, process_file($opts{input}));
-
-# vim: set noet:
diff --git a/msys2/usr/bin/mcookie.exe b/msys2/usr/bin/mcookie.exe
index d6e49baee..caaf3e323 100644
Binary files a/msys2/usr/bin/mcookie.exe and b/msys2/usr/bin/mcookie.exe differ
diff --git a/msys2/usr/bin/md5sum.exe b/msys2/usr/bin/md5sum.exe
index a40eca826..74323b01c 100644
Binary files a/msys2/usr/bin/md5sum.exe and b/msys2/usr/bin/md5sum.exe differ
diff --git a/msys2/usr/bin/minidumper.exe b/msys2/usr/bin/minidumper.exe
index ce3d51401..353042606 100644
Binary files a/msys2/usr/bin/minidumper.exe and b/msys2/usr/bin/minidumper.exe differ
diff --git a/msys2/usr/bin/mintheme b/msys2/usr/bin/mintheme
index 103c6642a..5230fe491 100644
--- a/msys2/usr/bin/mintheme
+++ b/msys2/usr/bin/mintheme
@@ -14,17 +14,30 @@
 
 help() {
 	echo "Usage:"
-	echo "  `basename $0` [-h|-f|-l|-q] [theme|themefile]"
-	echo "  `basename $0` -q > themefile"
+	echo "  `basename $0` [-h|-l]"
+	echo "  `basename $0` THEME"
+	echo "  `basename $0` -f THEMEFILE"
+	echo "  `basename $0` --save [THEME|THEMEFILE]"
+	echo "  `basename $0` [-t|-p|-%] IMAGE"
+	echo "  `basename $0` [-s|-S] [PATTERNS]"
+	echo "  `basename $0` [-d] -q > THEMEFILE"
 	echo "List/set/query mintty themes in current mintty window."
 	echo "A theme is a colour scheme to configure the 8 ANSI colours, their "
 	echo "bright versions, and optionally the foreground/background/cursor colours."
 	echo
 	echo "Arguments:"
-	echo "  -f, --file    set theme from given themefile"
-	echo "  -q, --query   query current colour configuration as theme
-	echo "  -l, --list    list available themes"
-	echo "  -h, --help    show this"
+	echo "  THEME                     set theme from config resources"
+	echo "  -f, --file THEMEFILE      set theme from themefile"
+	echo "  --save [THEME|THEMEFILE]  save theme also in config file"
+	echo "  -t, --texture FILE[,DIM]  set background texture (dim 1..255)"
+	echo "  -p, --picture FILE[,DIM]  set background picture (dim 1..255)"
+	echo "  -%, --picscale FILE[,DIM] like -p and scale window"
+	echo "  -q, --query               query current colour configuration as theme"
+	echo "  -d, --decimal             decimal query output"
+	echo "  -l, --list                list available themes"
+	echo "  -s, --show [PATTERN...]   show (visualize) themes [matching PATTERNs]"
+	echo "  -S, --Show [PATTERN...]   show themes double-lined [matching PATTERNs]"
+	echo "  -h, --help                show this"
 	echo
 	echo "The following directories are considered for locating configured themes:"
 	echo '  ~/.mintty'
@@ -34,6 +47,152 @@ help() {
 	echo "Note that the command-line option --configdir cannot be considered."
 }
 
+showtheme() {
+	theme="$1"
+	export theme
+	sed \
+	    -e 's/^\(ForegroundColour\)[ 	]*=/\1=/' \
+	    -e 's/^\(BackgroundColour\)[ 	]*=/\1=/' \
+	    -e 's/^\(CursorColour\)[ 	]*=/\1=/' \
+	    -e 's/^\(Black\)[ 	]*=/\1=/' \
+	    -e 's/^\(Red\)[ 	]*=/\1=/' \
+	    -e 's/^\(Green\)[ 	]*=/\1=/' \
+	    -e 's/^\(Yellow\)[ 	]*=/\1=/' \
+	    -e 's/^\(Blue\)[ 	]*=/\1=/' \
+	    -e 's/^\(Magenta\)[ 	]*=/\1=/' \
+	    -e 's/^\(Cyan\)[ 	]*=/\1=/' \
+	    -e 's/^\(White\)[ 	]*=/\1=/' \
+	    -e 's/^\(BoldBlack\)[ 	]*=/\1=/' \
+	    -e 's/^\(BoldRed\)[ 	]*=/\1=/' \
+	    -e 's/^\(BoldGreen\)[ 	]*=/\1=/' \
+	    -e 's/^\(BoldYellow\)[ 	]*=/\1=/' \
+	    -e 's/^\(BoldBlue\)[ 	]*=/\1=/' \
+	    -e 's/^\(BoldMagenta\)[ 	]*=/\1=/' \
+	    -e 's/^\(BoldCyan\)[ 	]*=/\1=/' \
+	    -e 's/^\(BoldWhite\)[ 	]*=/\1=/' \
+	    -e 't ok' -e d -e ': ok' -e 's/[ 	]//g' \
+	    "$1" |
+	(
+cat <<\/EOS
+xrgb() {
+	sed -e "s,	, ,g" /usr/share/X11/rgb.txt |
+	sed -e "s/ *\([0-9][0-9]*\) *\([0-9][0-9]*\) *\([0-9][0-9]*\) *$1 *$/\1;\2;\3/" -e t -e d
+}
+ForegroundColour=39
+BackgroundColour=49
+CursorColour=49
+Black=40
+Red=41
+Green=42
+Yellow=43
+Blue=44
+Magenta=45
+Cyan=46
+White=47
+BoldBlack=100
+BoldRed=101
+BoldGreen=102
+BoldYellow=103
+BoldBlue=104
+BoldMagenta=105
+BoldCyan=106
+BoldWhite=107
+/EOS
+	# transform colour specs:
+	# d,d,d
+	#	d;d;d
+	# #RRGGBB
+	#	0xRR
+	# rgb:RR/GG/BB
+	#	0xRR
+	# rgb:RRRR/GGGG/BBBB
+	#	0xRR
+	# cmy:C.C/M.M/Y.Y
+	#	r = (1 - c) * 255;
+	#	g = (1 - m) * 255;
+	#	b = (1 - y) * 255;
+	# cmyk:C.C/M.M/Y.Y/K.K
+	#	r = (1 - c) * (1 - k) * 255;
+	#	g = (1 - m) * (1 - k) * 255;
+	#	b = (1 - y) * (1 - k) * 255;
+	# X11 color names
+	sed -e 's%=\([0-9]*\),\([0-9]*\),\([0-9]*\)%="\1;\2;\3"%' \
+	    -e 's%=#\([0-9A-Fa-f][0-9A-Fa-f]\)\([0-9A-Fa-f][0-9A-Fa-f]\)\([0-9A-Fa-f][0-9A-Fa-f]\)%="$((0x\1));$((0x\2));$((0x\3))"%' \
+	    -e 's%=rgb:\([0-9A-Fa-f][0-9A-Fa-f]\)/\([0-9A-Fa-f][0-9A-Fa-f]\)/\([0-9A-Fa-f][0-9A-Fa-f]\)%="$((0x\1));$((0x\2));$((0x\3))"%' \
+	    -e 's%=rgb:\([0-9A-Fa-f][0-9A-Fa-f]\)[0-9A-Fa-f][0-9A-Fa-f]/\([0-9A-Fa-f][0-9A-Fa-f]\)[0-9A-Fa-f][0-9A-Fa-f]/\([0-9A-Fa-f][0-9A-Fa-f]\)[0-9A-Fa-f][0-9A-Fa-f]%="$((0x\1));$((0x\2));$((0x\3))"%' \
+	    -e '/=cmy/ s%\([01]\)\.\([0-9]*\)%\1.\2000%g' \
+	    -e '/=cmy/ s%\([01]\)\.\([0-9][0-9][0-9]\)[0-9]*%\1\2%g' \
+	    -e '/=cmy:/ s%cmy:\([0-9/]*\)%cmyk:\1/0000%' \
+	    -e 's%=cmyk:\([01][0-9][0-9][0-9]\)/\([01][0-9][0-9][0-9]\)/\([01][0-9][0-9][0-9]\)/\([01][0-9][0-9][0-9]\)%=cmyk:"$(( (1000 - \1) * (1000 - \4) * 255 / 1000000 ));$(( (1000 - \2) * (1000 - \4) * 255 / 1000000 ));$(( (1000 - \3) * (1000 - \4) * 255 / 1000000 ))"%' \
+	    -e '/=cmyk:/ s%\([^0-9]\)0*\([0-9]\)%\1\2%g' -e 's%=cmyk:%=%' \
+	    -e 's%=\([a-zA-Z][a-zA-Z ]*\)%=`xrgb "\1"`%' \
+	    -e 't ok' -e d -e ': ok' -e 's%="%="48;2;%'
+if $show2
+then cat <<\/EOS
+	echo -en "\e[37;${Black}mblk"
+	echo -en "\e[30;${Red}mred"
+	echo -en "\e[30;${Green}mgrn"
+	echo -en "\e[30;${Yellow}mylw"
+	echo -en "\e[30;${Blue}mblu"
+	echo -en "\e[30;${Magenta}mmag"
+	echo -en "\e[30;${Cyan}mcyn"
+	echo -en "\e[30;${White}mwht"
+	echo -en "\e[39;${CursorColour}m "
+	echo -e "\e[m${theme}"
+	echo -en "\e[37;${BoldBlack}mBLK"
+	echo -en "\e[30;${BoldRed}mRED"
+	echo -en "\e[30;${BoldGreen}mGRN"
+	echo -en "\e[30;${BoldYellow}mYLW"
+	echo -en "\e[30;${BoldBlue}mBLU"
+	echo -en "\e[30;${BoldMagenta}mMAG"
+	echo -en "\e[30;${BoldCyan}mCYN"
+	echo -en "\e[30;${BoldWhite}mWHT"
+	echo -en "\e[39;${CursorColour}m "
+	echo -e "\e[${ForegroundColour};${BackgroundColour}m${theme}\e[m"
+/EOS
+else cat <<\/EOS
+	echo -en "\e[${ForegroundColour};${BackgroundColour}mfgbg"
+	echo -en "\e[39;${CursorColour}mC"
+	echo -en "\e[37;${Black}mbk"
+	echo -en "\e[30;${Red}mrd"
+	echo -en "\e[30;${Green}mgn"
+	echo -en "\e[30;${Yellow}myl"
+	echo -en "\e[30;${Blue}mbl"
+	echo -en "\e[30;${Magenta}mmg"
+	echo -en "\e[30;${Cyan}mcy"
+	echo -en "\e[30;${White}mwh"
+	echo -en "\e[37;${BoldBlack}mBK"
+	echo -en "\e[30;${BoldRed}mRD"
+	echo -en "\e[30;${BoldGreen}mGN"
+	echo -en "\e[30;${BoldYellow}mYL"
+	echo -en "\e[30;${BoldBlue}mBL"
+	echo -en "\e[30;${BoldMagenta}mMG"
+	echo -en "\e[30;${BoldCyan}mCY"
+	echo -en "\e[30;${BoldWhite}mWH"
+	echo -e "\e[m $theme"
+/EOS
+fi
+	) | sh
+}
+
+showthemes() {
+	for confdir in ~/.mintty ~/.config/mintty "$APPDATA"/mintty /usr/share/mintty
+	do	if [ -d "$confdir/themes" -a -x "$confdir/themes"  -a -r "$confdir/themes" ]
+		then	echo "themes in '$confdir':"
+			(
+				cd "$confdir/themes"
+				for th in *[!~]
+				do	for pat in "${@-}"
+					do	case "$th" in
+						*$pat*)	showtheme "$th";;
+						esac
+					done
+				done
+			)
+		fi
+	done
+}
+
 settheme() {
 	sed \
 	    -e 's/^\(ForegroundColour\)[ 	]*=/10;/' \
@@ -76,10 +235,56 @@ query() {
 	read -s -n$len -t 2 esc < /dev/tty # read ESC ] prefix and colour index
 	read -s -n18 colour < /dev/tty	 # read rgb:colour spec
 	read -s -n1 -t 2 esc < /dev/tty # read ^G suffix
-	#eval $3=$colour
-	echo $3=$colour
+
+	if $decimal
+	then
+		eval $( echo $colour | sed -e "s@rgb:\(..\)../\(..\)../\(..\)..@printf '$3=%d,%d,%d' 0x\1 0x\2 0x\3@" -e t -e "s,^,printf $3=," )
+		echo
+	else
+		# 4-digit hex
+		echo $3=$colour
+		# 2-digit hex
+		#echo $3=$colour | sed -e "s,rgb:\(..\)../\(..\)../\(..\)..,rgb:\1/\2/\3,"
+	fi
 }
 
+conftheme() {
+	themefile=`cygpath -wa "$1"`
+	for conffile in ~/.minttyrc ~/.config/mintty/config "$APPDATA/mintty/config" /etc/minttyrc
+	do	if [ -w "$conffile" ]
+		then
+			newconf=/tmp/minttyrc.$$
+			# create new config file with modified entry
+			sed -n -e "/^ThemeFile[	 ]*=/ q" -e p "$conffile" > "$newconf"
+			echo "ThemeFile=$themefile" >> "$newconf"
+			sed -e "1,/^ThemeFile[	 ]*=/ d" "$conffile" >> "$newconf"
+			# copy new config file back
+			/bin/cp "$newconf" "$conffile"
+			/bin/rm "$newconf"
+			# feedback
+			echo "saved theme '$themefile'"
+			echo "in config file '$conffile'"
+			return
+		fi
+	done
+}
+
+decimal=false
+show2=false
+case "$1" in
+-d|--decimal)
+	decimal=true
+	shift;;
+esac
+
+case `uname` in
+Linux)	if [ -n "$APPDATA" ]
+	then	APPDATA=`wslpath "$APPDATA"`
+	else	echo APPDATA not set >&2
+		exit
+	fi;;
+esac
+
 case "$1" in
 -h|--help|'')
 	help
@@ -87,10 +292,18 @@ case "$1" in
 -l|--list)
 	for confdir in ~/.mintty ~/.config/mintty "$APPDATA"/mintty /usr/share/mintty
 	do	if [ -d "$confdir/themes" -a -x "$confdir/themes"  -a -r "$confdir/themes" ]
-		then	echo "themes in '$confdir':"
+		then	echo "themes in '$confdir':"
 			(cd "$confdir/themes"; ls *[!~])
 		fi
 	done;;
+-s|--show)
+	shift
+	showthemes "$@";;
+-S|--Show|--SHOW)
+	shift
+	show2=true
+	export show2
+	showthemes "$@";;
 -f|--file)
 	if [ -z "$2" ]
 	then	help
@@ -98,6 +311,46 @@ case "$1" in
 	then	settheme "$2"
 	else	echo cannot read theme file
 	fi;;
+--save)
+	if [ -z "$2" ]
+	then	help
+	elif [ -r "$2" ]
+	then
+		settheme "$2"
+		conftheme "$2"
+	else
+		for confdir in ~/.mintty ~/.config/mintty "$APPDATA"/mintty /usr/share/mintty
+		do	if [ -r "$confdir/themes/$2" ]
+			then
+				echo setting theme from config dir "$confdir"
+				settheme "$confdir/themes/$2"
+				conftheme "$confdir/themes/$2"
+				exit
+			fi
+		done
+		echo theme not found
+	fi;;
+-p|--picture)
+	if [ -z "$2" ]
+	then	help
+	elif [ -r "${2/,*/}" ]
+	then	echo "]11;_$2"
+	else	echo cannot read picture file
+	fi;;
+-%|--picscale)
+	if [ -z "$2" ]
+	then	help
+	elif [ -r "${2/,*/}" ]
+	then	echo "]11;%$2"
+	else	echo cannot read picture file
+	fi;;
+-t|--texture)
+	if [ -z "$2" ]
+	then	help
+	elif [ -r "${2/,*/}" ]
+	then	echo "]11;*$2"
+	else	echo cannot read texture file
+	fi;;
 -q|--query)
 #	echo "]10;?]11;?]12;?"
 	test -t 0 && stty=`stty -g`
diff --git a/msys2/usr/bin/mintty.exe b/msys2/usr/bin/mintty.exe
index 5acfc7539..4709f1e51 100644
Binary files a/msys2/usr/bin/mintty.exe and b/msys2/usr/bin/mintty.exe differ
diff --git a/msys2/usr/bin/mkdir.exe b/msys2/usr/bin/mkdir.exe
index ed843bf9e..1afdbff56 100644
Binary files a/msys2/usr/bin/mkdir.exe and b/msys2/usr/bin/mkdir.exe differ
diff --git a/msys2/usr/bin/mkfifo.exe b/msys2/usr/bin/mkfifo.exe
index 86cec45ff..40c15baf2 100644
Binary files a/msys2/usr/bin/mkfifo.exe and b/msys2/usr/bin/mkfifo.exe differ
diff --git a/msys2/usr/bin/mkfs.bfs.exe b/msys2/usr/bin/mkfs.bfs.exe
index ed18ce465..788dda488 100644
Binary files a/msys2/usr/bin/mkfs.bfs.exe and b/msys2/usr/bin/mkfs.bfs.exe differ
diff --git a/msys2/usr/bin/mkfs.cramfs.exe b/msys2/usr/bin/mkfs.cramfs.exe
index 24b94b5f9..784146c17 100644
Binary files a/msys2/usr/bin/mkfs.cramfs.exe and b/msys2/usr/bin/mkfs.cramfs.exe differ
diff --git a/msys2/usr/bin/mkfs.exe b/msys2/usr/bin/mkfs.exe
index 7cafb8322..15360ff36 100644
Binary files a/msys2/usr/bin/mkfs.exe and b/msys2/usr/bin/mkfs.exe differ
diff --git a/msys2/usr/bin/mkfs.minix.exe b/msys2/usr/bin/mkfs.minix.exe
index fc7f70ac5..6d4df3216 100644
Binary files a/msys2/usr/bin/mkfs.minix.exe and b/msys2/usr/bin/mkfs.minix.exe differ
diff --git a/msys2/usr/bin/mkgroup.exe b/msys2/usr/bin/mkgroup.exe
index 8d4500b7c..153292909 100644
Binary files a/msys2/usr/bin/mkgroup.exe and b/msys2/usr/bin/mkgroup.exe differ
diff --git a/msys2/usr/bin/mknod.exe b/msys2/usr/bin/mknod.exe
index 45e432ba1..74c622b78 100644
Binary files a/msys2/usr/bin/mknod.exe and b/msys2/usr/bin/mknod.exe differ
diff --git a/msys2/usr/bin/mkpasswd.exe b/msys2/usr/bin/mkpasswd.exe
index 77d82883e..ceac529ef 100644
Binary files a/msys2/usr/bin/mkpasswd.exe and b/msys2/usr/bin/mkpasswd.exe differ
diff --git a/msys2/usr/bin/mkswap.exe b/msys2/usr/bin/mkswap.exe
index f81eef0d9..80250900b 100644
Binary files a/msys2/usr/bin/mkswap.exe and b/msys2/usr/bin/mkswap.exe differ
diff --git a/msys2/usr/bin/mktemp.exe b/msys2/usr/bin/mktemp.exe
index c0c231fe0..c4d70efe4 100644
Binary files a/msys2/usr/bin/mktemp.exe and b/msys2/usr/bin/mktemp.exe differ
diff --git a/msys2/usr/bin/more.exe b/msys2/usr/bin/more.exe
index fdc50092e..a703f236c 100644
Binary files a/msys2/usr/bin/more.exe and b/msys2/usr/bin/more.exe differ
diff --git a/msys2/usr/bin/mount.exe b/msys2/usr/bin/mount.exe
index 38fe29726..7c519e1bf 100644
Binary files a/msys2/usr/bin/mount.exe and b/msys2/usr/bin/mount.exe differ
diff --git a/msys2/usr/bin/mpicalc.exe b/msys2/usr/bin/mpicalc.exe
index 9ffdc66ff..1f1121f4e 100644
Binary files a/msys2/usr/bin/mpicalc.exe and b/msys2/usr/bin/mpicalc.exe differ
diff --git a/msys2/usr/bin/msys-2.0.dll b/msys2/usr/bin/msys-2.0.dll
index eeb74cb00..2810c8cba 100644
Binary files a/msys2/usr/bin/msys-2.0.dll and b/msys2/usr/bin/msys-2.0.dll differ
diff --git a/msys2/usr/bin/msys-archive-13.dll b/msys2/usr/bin/msys-archive-13.dll
index e376721fc..e07a1fd7d 100644
Binary files a/msys2/usr/bin/msys-archive-13.dll and b/msys2/usr/bin/msys-archive-13.dll differ
diff --git a/msys2/usr/bin/msys-argp-0.dll b/msys2/usr/bin/msys-argp-0.dll
index cb4ecab7d..2679134e1 100644
Binary files a/msys2/usr/bin/msys-argp-0.dll and b/msys2/usr/bin/msys-argp-0.dll differ
diff --git a/msys2/usr/bin/msys-asn1-8.dll b/msys2/usr/bin/msys-asn1-8.dll
index cc9e584ef..781de8598 100644
Binary files a/msys2/usr/bin/msys-asn1-8.dll and b/msys2/usr/bin/msys-asn1-8.dll differ
diff --git a/msys2/usr/bin/msys-assuan-0.dll b/msys2/usr/bin/msys-assuan-0.dll
index 099f6610d..c55027661 100644
Binary files a/msys2/usr/bin/msys-assuan-0.dll and b/msys2/usr/bin/msys-assuan-0.dll differ
diff --git a/msys2/usr/bin/msys-atomic-1.dll b/msys2/usr/bin/msys-atomic-1.dll
index b0ac7e2bb..f9667c240 100644
Binary files a/msys2/usr/bin/msys-atomic-1.dll and b/msys2/usr/bin/msys-atomic-1.dll differ
diff --git a/msys2/usr/bin/msys-blkid-1.dll b/msys2/usr/bin/msys-blkid-1.dll
index 733ab8356..d9a2db73f 100644
Binary files a/msys2/usr/bin/msys-blkid-1.dll and b/msys2/usr/bin/msys-blkid-1.dll differ
diff --git a/msys2/usr/bin/msys-brotlicommon-1.dll b/msys2/usr/bin/msys-brotlicommon-1.dll
new file mode 100644
index 000000000..d1e13d8c5
Binary files /dev/null and b/msys2/usr/bin/msys-brotlicommon-1.dll differ
diff --git a/msys2/usr/bin/msys-brotlidec-1.dll b/msys2/usr/bin/msys-brotlidec-1.dll
new file mode 100644
index 000000000..99c4d5a10
Binary files /dev/null and b/msys2/usr/bin/msys-brotlidec-1.dll differ
diff --git a/msys2/usr/bin/msys-brotlienc-1.dll b/msys2/usr/bin/msys-brotlienc-1.dll
new file mode 100644
index 000000000..eb155d4f2
Binary files /dev/null and b/msys2/usr/bin/msys-brotlienc-1.dll differ
diff --git a/msys2/usr/bin/msys-cilkrts-5.dll b/msys2/usr/bin/msys-cilkrts-5.dll
index c166a5756..a071a4da5 100644
Binary files a/msys2/usr/bin/msys-cilkrts-5.dll and b/msys2/usr/bin/msys-cilkrts-5.dll differ
diff --git a/msys2/usr/bin/msys-com_err-1.dll b/msys2/usr/bin/msys-com_err-1.dll
index 4030a1d26..1234ca8e7 100644
Binary files a/msys2/usr/bin/msys-com_err-1.dll and b/msys2/usr/bin/msys-com_err-1.dll differ
diff --git a/msys2/usr/bin/msys-crypt-0.dll b/msys2/usr/bin/msys-crypt-0.dll
index 7042b6543..aa82d138f 100644
Binary files a/msys2/usr/bin/msys-crypt-0.dll and b/msys2/usr/bin/msys-crypt-0.dll differ
diff --git a/msys2/usr/bin/msys-crypto-1.0.0.dll b/msys2/usr/bin/msys-crypto-1.0.0.dll
deleted file mode 100644
index 9d618e3ad..000000000
Binary files a/msys2/usr/bin/msys-crypto-1.0.0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-crypto-1.1.dll b/msys2/usr/bin/msys-crypto-1.1.dll
new file mode 100644
index 000000000..9760afe17
Binary files /dev/null and b/msys2/usr/bin/msys-crypto-1.1.dll differ
diff --git a/msys2/usr/bin/msys-curl-4.dll b/msys2/usr/bin/msys-curl-4.dll
index 1103af321..90651bc32 100644
Binary files a/msys2/usr/bin/msys-curl-4.dll and b/msys2/usr/bin/msys-curl-4.dll differ
diff --git a/msys2/usr/bin/msys-expat-1.dll b/msys2/usr/bin/msys-expat-1.dll
index 63e1b61ac..a7acf5756 100644
Binary files a/msys2/usr/bin/msys-expat-1.dll and b/msys2/usr/bin/msys-expat-1.dll differ
diff --git a/msys2/usr/bin/msys-exslt-0.dll b/msys2/usr/bin/msys-exslt-0.dll
index be9379909..02afcb6c9 100644
Binary files a/msys2/usr/bin/msys-exslt-0.dll and b/msys2/usr/bin/msys-exslt-0.dll differ
diff --git a/msys2/usr/bin/msys-fdisk-1.dll b/msys2/usr/bin/msys-fdisk-1.dll
index 16980bfbc..26d354623 100644
Binary files a/msys2/usr/bin/msys-fdisk-1.dll and b/msys2/usr/bin/msys-fdisk-1.dll differ
diff --git a/msys2/usr/bin/msys-ffi-6.dll b/msys2/usr/bin/msys-ffi-6.dll
index 352cd02ea..35fc1c1f6 100644
Binary files a/msys2/usr/bin/msys-ffi-6.dll and b/msys2/usr/bin/msys-ffi-6.dll differ
diff --git a/msys2/usr/bin/msys-formw6.dll b/msys2/usr/bin/msys-formw6.dll
index 116b06841..836bf8c16 100644
Binary files a/msys2/usr/bin/msys-formw6.dll and b/msys2/usr/bin/msys-formw6.dll differ
diff --git a/msys2/usr/bin/msys-gcc_s-1.dll b/msys2/usr/bin/msys-gcc_s-1.dll
index dc81dae0a..544455393 100644
Binary files a/msys2/usr/bin/msys-gcc_s-1.dll and b/msys2/usr/bin/msys-gcc_s-1.dll differ
diff --git a/msys2/usr/bin/msys-gcrypt-20.dll b/msys2/usr/bin/msys-gcrypt-20.dll
index 5115c9c3d..dc4cda02b 100644
Binary files a/msys2/usr/bin/msys-gcrypt-20.dll and b/msys2/usr/bin/msys-gcrypt-20.dll differ
diff --git a/msys2/usr/bin/msys-gfortran-4.dll b/msys2/usr/bin/msys-gfortran-4.dll
index 8a7e80533..e4a357f95 100644
Binary files a/msys2/usr/bin/msys-gfortran-4.dll and b/msys2/usr/bin/msys-gfortran-4.dll differ
diff --git a/msys2/usr/bin/msys-gio-2.0-0.dll b/msys2/usr/bin/msys-gio-2.0-0.dll
index 6b59850ef..b500d61ec 100644
Binary files a/msys2/usr/bin/msys-gio-2.0-0.dll and b/msys2/usr/bin/msys-gio-2.0-0.dll differ
diff --git a/msys2/usr/bin/msys-glib-2.0-0.dll b/msys2/usr/bin/msys-glib-2.0-0.dll
index 500873b84..1f4b5aa9f 100644
Binary files a/msys2/usr/bin/msys-glib-2.0-0.dll and b/msys2/usr/bin/msys-glib-2.0-0.dll differ
diff --git a/msys2/usr/bin/msys-gmodule-2.0-0.dll b/msys2/usr/bin/msys-gmodule-2.0-0.dll
index fabf3a344..e9a45803e 100644
Binary files a/msys2/usr/bin/msys-gmodule-2.0-0.dll and b/msys2/usr/bin/msys-gmodule-2.0-0.dll differ
diff --git a/msys2/usr/bin/msys-gnutls-30.dll b/msys2/usr/bin/msys-gnutls-30.dll
new file mode 100644
index 000000000..9219d4f09
Binary files /dev/null and b/msys2/usr/bin/msys-gnutls-30.dll differ
diff --git a/msys2/usr/bin/msys-gnutlsxx-28.dll b/msys2/usr/bin/msys-gnutlsxx-28.dll
new file mode 100644
index 000000000..08ec5134d
Binary files /dev/null and b/msys2/usr/bin/msys-gnutlsxx-28.dll differ
diff --git a/msys2/usr/bin/msys-gobject-2.0-0.dll b/msys2/usr/bin/msys-gobject-2.0-0.dll
index 4b9674352..044a0185b 100644
Binary files a/msys2/usr/bin/msys-gobject-2.0-0.dll and b/msys2/usr/bin/msys-gobject-2.0-0.dll differ
diff --git a/msys2/usr/bin/msys-gomp-1.dll b/msys2/usr/bin/msys-gomp-1.dll
index 06d25c184..81a0b225c 100644
Binary files a/msys2/usr/bin/msys-gomp-1.dll and b/msys2/usr/bin/msys-gomp-1.dll differ
diff --git a/msys2/usr/bin/msys-gpg-error-0.dll b/msys2/usr/bin/msys-gpg-error-0.dll
index 30b17ea3f..9cfe03f7e 100644
Binary files a/msys2/usr/bin/msys-gpg-error-0.dll and b/msys2/usr/bin/msys-gpg-error-0.dll differ
diff --git a/msys2/usr/bin/msys-gpgme-11.dll b/msys2/usr/bin/msys-gpgme-11.dll
index 19bf495b3..ef11b66ee 100644
Binary files a/msys2/usr/bin/msys-gpgme-11.dll and b/msys2/usr/bin/msys-gpgme-11.dll differ
diff --git a/msys2/usr/bin/msys-gpgme-pthread-11.dll b/msys2/usr/bin/msys-gpgme-pthread-11.dll
deleted file mode 100644
index e85260145..000000000
Binary files a/msys2/usr/bin/msys-gpgme-pthread-11.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-gpgmepp-6.dll b/msys2/usr/bin/msys-gpgmepp-6.dll
new file mode 100644
index 000000000..366263026
Binary files /dev/null and b/msys2/usr/bin/msys-gpgmepp-6.dll differ
diff --git a/msys2/usr/bin/msys-gssapi-3.dll b/msys2/usr/bin/msys-gssapi-3.dll
index bb5ad6b37..1bb48fb38 100644
Binary files a/msys2/usr/bin/msys-gssapi-3.dll and b/msys2/usr/bin/msys-gssapi-3.dll differ
diff --git a/msys2/usr/bin/msys-gthread-2.0-0.dll b/msys2/usr/bin/msys-gthread-2.0-0.dll
index b64f32970..14ef86edf 100644
Binary files a/msys2/usr/bin/msys-gthread-2.0-0.dll and b/msys2/usr/bin/msys-gthread-2.0-0.dll differ
diff --git a/msys2/usr/bin/msys-hcrypto-4.dll b/msys2/usr/bin/msys-hcrypto-4.dll
new file mode 100644
index 000000000..786b546b2
Binary files /dev/null and b/msys2/usr/bin/msys-hcrypto-4.dll differ
diff --git a/msys2/usr/bin/msys-hdb-9.dll b/msys2/usr/bin/msys-hdb-9.dll
index e08000100..53ac3319c 100644
Binary files a/msys2/usr/bin/msys-hdb-9.dll and b/msys2/usr/bin/msys-hdb-9.dll differ
diff --git a/msys2/usr/bin/msys-heimbase-1.dll b/msys2/usr/bin/msys-heimbase-1.dll
index d9c265de2..23e7b8d32 100644
Binary files a/msys2/usr/bin/msys-heimbase-1.dll and b/msys2/usr/bin/msys-heimbase-1.dll differ
diff --git a/msys2/usr/bin/msys-heimntlm-0.dll b/msys2/usr/bin/msys-heimntlm-0.dll
index ad130d767..e2d403967 100644
Binary files a/msys2/usr/bin/msys-heimntlm-0.dll and b/msys2/usr/bin/msys-heimntlm-0.dll differ
diff --git a/msys2/usr/bin/msys-history7.dll b/msys2/usr/bin/msys-history7.dll
deleted file mode 100644
index c91bcfcd8..000000000
Binary files a/msys2/usr/bin/msys-history7.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-history8.dll b/msys2/usr/bin/msys-history8.dll
new file mode 100644
index 000000000..923a93a0a
Binary files /dev/null and b/msys2/usr/bin/msys-history8.dll differ
diff --git a/msys2/usr/bin/msys-hogweed-4.dll b/msys2/usr/bin/msys-hogweed-4.dll
new file mode 100644
index 000000000..dea8d340d
Binary files /dev/null and b/msys2/usr/bin/msys-hogweed-4.dll differ
diff --git a/msys2/usr/bin/msys-hx509-5.dll b/msys2/usr/bin/msys-hx509-5.dll
index 592b15649..418e6a64f 100644
Binary files a/msys2/usr/bin/msys-hx509-5.dll and b/msys2/usr/bin/msys-hx509-5.dll differ
diff --git a/msys2/usr/bin/msys-icudata60.dll b/msys2/usr/bin/msys-icudata60.dll
deleted file mode 100644
index fc181ed62..000000000
Binary files a/msys2/usr/bin/msys-icudata60.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-icudata64.dll b/msys2/usr/bin/msys-icudata64.dll
new file mode 100644
index 000000000..0a6181ea8
Binary files /dev/null and b/msys2/usr/bin/msys-icudata64.dll differ
diff --git a/msys2/usr/bin/msys-icui18n60.dll b/msys2/usr/bin/msys-icui18n60.dll
deleted file mode 100644
index 92ee65ca9..000000000
Binary files a/msys2/usr/bin/msys-icui18n60.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-icui18n64.dll b/msys2/usr/bin/msys-icui18n64.dll
new file mode 100644
index 000000000..93360f2c4
Binary files /dev/null and b/msys2/usr/bin/msys-icui18n64.dll differ
diff --git a/msys2/usr/bin/msys-icuio60.dll b/msys2/usr/bin/msys-icuio60.dll
deleted file mode 100644
index 8ff7319a3..000000000
Binary files a/msys2/usr/bin/msys-icuio60.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-icuio64.dll b/msys2/usr/bin/msys-icuio64.dll
new file mode 100644
index 000000000..f57e9ddd1
Binary files /dev/null and b/msys2/usr/bin/msys-icuio64.dll differ
diff --git a/msys2/usr/bin/msys-icutest60.dll b/msys2/usr/bin/msys-icutest60.dll
deleted file mode 100644
index 103599d5c..000000000
Binary files a/msys2/usr/bin/msys-icutest60.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-icutest64.dll b/msys2/usr/bin/msys-icutest64.dll
new file mode 100644
index 000000000..ad2eeaed8
Binary files /dev/null and b/msys2/usr/bin/msys-icutest64.dll differ
diff --git a/msys2/usr/bin/msys-icutu60.dll b/msys2/usr/bin/msys-icutu60.dll
deleted file mode 100644
index fd80e3c2a..000000000
Binary files a/msys2/usr/bin/msys-icutu60.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-icutu64.dll b/msys2/usr/bin/msys-icutu64.dll
new file mode 100644
index 000000000..b91489075
Binary files /dev/null and b/msys2/usr/bin/msys-icutu64.dll differ
diff --git a/msys2/usr/bin/msys-icuuc60.dll b/msys2/usr/bin/msys-icuuc60.dll
deleted file mode 100644
index 5ce854993..000000000
Binary files a/msys2/usr/bin/msys-icuuc60.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-icuuc64.dll b/msys2/usr/bin/msys-icuuc64.dll
new file mode 100644
index 000000000..0b542b020
Binary files /dev/null and b/msys2/usr/bin/msys-icuuc64.dll differ
diff --git a/msys2/usr/bin/msys-idn2-0.dll b/msys2/usr/bin/msys-idn2-0.dll
index f52583a33..31f33dbed 100644
Binary files a/msys2/usr/bin/msys-idn2-0.dll and b/msys2/usr/bin/msys-idn2-0.dll differ
diff --git a/msys2/usr/bin/msys-kadm5clnt-7.dll b/msys2/usr/bin/msys-kadm5clnt-7.dll
index 9d580bb58..63474ecee 100644
Binary files a/msys2/usr/bin/msys-kadm5clnt-7.dll and b/msys2/usr/bin/msys-kadm5clnt-7.dll differ
diff --git a/msys2/usr/bin/msys-kadm5srv-8.dll b/msys2/usr/bin/msys-kadm5srv-8.dll
index 6d0881fc8..c3c43e46b 100644
Binary files a/msys2/usr/bin/msys-kadm5srv-8.dll and b/msys2/usr/bin/msys-kadm5srv-8.dll differ
diff --git a/msys2/usr/bin/msys-kafs-0.dll b/msys2/usr/bin/msys-kafs-0.dll
index 671d32840..4221441bc 100644
Binary files a/msys2/usr/bin/msys-kafs-0.dll and b/msys2/usr/bin/msys-kafs-0.dll differ
diff --git a/msys2/usr/bin/msys-kdc-2.dll b/msys2/usr/bin/msys-kdc-2.dll
index ae5277c6e..fda67645e 100644
Binary files a/msys2/usr/bin/msys-kdc-2.dll and b/msys2/usr/bin/msys-kdc-2.dll differ
diff --git a/msys2/usr/bin/msys-krb5-26.dll b/msys2/usr/bin/msys-krb5-26.dll
index 2a57a2c1a..aab7f6e36 100644
Binary files a/msys2/usr/bin/msys-krb5-26.dll and b/msys2/usr/bin/msys-krb5-26.dll differ
diff --git a/msys2/usr/bin/msys-ksba-8.dll b/msys2/usr/bin/msys-ksba-8.dll
new file mode 100644
index 000000000..43df2d48c
Binary files /dev/null and b/msys2/usr/bin/msys-ksba-8.dll differ
diff --git a/msys2/usr/bin/msys-lz4-1.dll b/msys2/usr/bin/msys-lz4-1.dll
new file mode 100644
index 000000000..f37a601e8
Binary files /dev/null and b/msys2/usr/bin/msys-lz4-1.dll differ
diff --git a/msys2/usr/bin/msys-lzma-5.dll b/msys2/usr/bin/msys-lzma-5.dll
index db73c39e2..978731d92 100644
Binary files a/msys2/usr/bin/msys-lzma-5.dll and b/msys2/usr/bin/msys-lzma-5.dll differ
diff --git a/msys2/usr/bin/msys-lzo2-2.dll b/msys2/usr/bin/msys-lzo2-2.dll
index e49f196b5..4eb98b742 100644
Binary files a/msys2/usr/bin/msys-lzo2-2.dll and b/msys2/usr/bin/msys-lzo2-2.dll differ
diff --git a/msys2/usr/bin/msys-magic-1.dll b/msys2/usr/bin/msys-magic-1.dll
index 6c1ecd90a..24c374526 100644
Binary files a/msys2/usr/bin/msys-magic-1.dll and b/msys2/usr/bin/msys-magic-1.dll differ
diff --git a/msys2/usr/bin/msys-menuw6.dll b/msys2/usr/bin/msys-menuw6.dll
index 4492ed2b2..0932a16b2 100644
Binary files a/msys2/usr/bin/msys-menuw6.dll and b/msys2/usr/bin/msys-menuw6.dll differ
diff --git a/msys2/usr/bin/msys-mpfr-6.dll b/msys2/usr/bin/msys-mpfr-6.dll
index 4706c41fd..66d2a3c4f 100644
Binary files a/msys2/usr/bin/msys-mpfr-6.dll and b/msys2/usr/bin/msys-mpfr-6.dll differ
diff --git a/msys2/usr/bin/msys-ncurses++w6.dll b/msys2/usr/bin/msys-ncurses++w6.dll
index d53e31965..b86ceee72 100644
Binary files a/msys2/usr/bin/msys-ncurses++w6.dll and b/msys2/usr/bin/msys-ncurses++w6.dll differ
diff --git a/msys2/usr/bin/msys-ncursesw6.dll b/msys2/usr/bin/msys-ncursesw6.dll
index 91c0b4256..28915b44f 100644
Binary files a/msys2/usr/bin/msys-ncursesw6.dll and b/msys2/usr/bin/msys-ncursesw6.dll differ
diff --git a/msys2/usr/bin/msys-nettle-6.dll b/msys2/usr/bin/msys-nettle-6.dll
index 0e6c5fb73..77ac57f79 100644
Binary files a/msys2/usr/bin/msys-nettle-6.dll and b/msys2/usr/bin/msys-nettle-6.dll differ
diff --git a/msys2/usr/bin/msys-nghttp2-14.dll b/msys2/usr/bin/msys-nghttp2-14.dll
index 8979b63e7..119ad7b11 100644
Binary files a/msys2/usr/bin/msys-nghttp2-14.dll and b/msys2/usr/bin/msys-nghttp2-14.dll differ
diff --git a/msys2/usr/bin/msys-npth-0.dll b/msys2/usr/bin/msys-npth-0.dll
new file mode 100644
index 000000000..720962752
Binary files /dev/null and b/msys2/usr/bin/msys-npth-0.dll differ
diff --git a/msys2/usr/bin/msys-otp-0.dll b/msys2/usr/bin/msys-otp-0.dll
index 32cba5694..3239eb3dd 100644
Binary files a/msys2/usr/bin/msys-otp-0.dll and b/msys2/usr/bin/msys-otp-0.dll differ
diff --git a/msys2/usr/bin/msys-p11-kit-0.dll b/msys2/usr/bin/msys-p11-kit-0.dll
index 8e1a53b09..e48996985 100644
Binary files a/msys2/usr/bin/msys-p11-kit-0.dll and b/msys2/usr/bin/msys-p11-kit-0.dll differ
diff --git a/msys2/usr/bin/msys-panelw6.dll b/msys2/usr/bin/msys-panelw6.dll
index d16a9fa61..c9cfa67a4 100644
Binary files a/msys2/usr/bin/msys-panelw6.dll and b/msys2/usr/bin/msys-panelw6.dll differ
diff --git a/msys2/usr/bin/msys-pcre-1.dll b/msys2/usr/bin/msys-pcre-1.dll
index 4d9b28e63..af1e0fa46 100644
Binary files a/msys2/usr/bin/msys-pcre-1.dll and b/msys2/usr/bin/msys-pcre-1.dll differ
diff --git a/msys2/usr/bin/msys-pcre16-0.dll b/msys2/usr/bin/msys-pcre16-0.dll
index 21ffa4d45..a377effde 100644
Binary files a/msys2/usr/bin/msys-pcre16-0.dll and b/msys2/usr/bin/msys-pcre16-0.dll differ
diff --git a/msys2/usr/bin/msys-pcre2-8-0.dll b/msys2/usr/bin/msys-pcre2-8-0.dll
new file mode 100644
index 000000000..2dc1c1d83
Binary files /dev/null and b/msys2/usr/bin/msys-pcre2-8-0.dll differ
diff --git a/msys2/usr/bin/msys-pcre32-0.dll b/msys2/usr/bin/msys-pcre32-0.dll
index dee458900..b945df80e 100644
Binary files a/msys2/usr/bin/msys-pcre32-0.dll and b/msys2/usr/bin/msys-pcre32-0.dll differ
diff --git a/msys2/usr/bin/msys-pcrecpp-0.dll b/msys2/usr/bin/msys-pcrecpp-0.dll
index ebe2af4da..b935370a8 100644
Binary files a/msys2/usr/bin/msys-pcrecpp-0.dll and b/msys2/usr/bin/msys-pcrecpp-0.dll differ
diff --git a/msys2/usr/bin/msys-pcreposix-0.dll b/msys2/usr/bin/msys-pcreposix-0.dll
index 941b1e842..3d8b10765 100644
Binary files a/msys2/usr/bin/msys-pcreposix-0.dll and b/msys2/usr/bin/msys-pcreposix-0.dll differ
diff --git a/msys2/usr/bin/msys-psl-5.dll b/msys2/usr/bin/msys-psl-5.dll
index 6824b047f..f45288dfc 100644
Binary files a/msys2/usr/bin/msys-psl-5.dll and b/msys2/usr/bin/msys-psl-5.dll differ
diff --git a/msys2/usr/bin/msys-quadmath-0.dll b/msys2/usr/bin/msys-quadmath-0.dll
index 845b88bd1..96ba9dd96 100644
Binary files a/msys2/usr/bin/msys-quadmath-0.dll and b/msys2/usr/bin/msys-quadmath-0.dll differ
diff --git a/msys2/usr/bin/msys-readline7.dll b/msys2/usr/bin/msys-readline7.dll
deleted file mode 100644
index 838028aff..000000000
Binary files a/msys2/usr/bin/msys-readline7.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-readline8.dll b/msys2/usr/bin/msys-readline8.dll
new file mode 100644
index 000000000..383ee607e
Binary files /dev/null and b/msys2/usr/bin/msys-readline8.dll differ
diff --git a/msys2/usr/bin/msys-roken-18.dll b/msys2/usr/bin/msys-roken-18.dll
index c0598894d..a542e6212 100644
Binary files a/msys2/usr/bin/msys-roken-18.dll and b/msys2/usr/bin/msys-roken-18.dll differ
diff --git a/msys2/usr/bin/msys-sl-0.dll b/msys2/usr/bin/msys-sl-0.dll
index bba2a37e6..9e960ece6 100644
Binary files a/msys2/usr/bin/msys-sl-0.dll and b/msys2/usr/bin/msys-sl-0.dll differ
diff --git a/msys2/usr/bin/msys-smartcols-1.dll b/msys2/usr/bin/msys-smartcols-1.dll
index 8de1dc735..11bf82e65 100644
Binary files a/msys2/usr/bin/msys-smartcols-1.dll and b/msys2/usr/bin/msys-smartcols-1.dll differ
diff --git a/msys2/usr/bin/msys-sqlite3-0.dll b/msys2/usr/bin/msys-sqlite3-0.dll
index 71442db9c..78978a6a6 100644
Binary files a/msys2/usr/bin/msys-sqlite3-0.dll and b/msys2/usr/bin/msys-sqlite3-0.dll differ
diff --git a/msys2/usr/bin/msys-sqlite3amatch-0.dll b/msys2/usr/bin/msys-sqlite3amatch-0.dll
deleted file mode 100644
index acbde884f..000000000
Binary files a/msys2/usr/bin/msys-sqlite3amatch-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3anycollseq-0.dll b/msys2/usr/bin/msys-sqlite3anycollseq-0.dll
deleted file mode 100644
index a7e9d3822..000000000
Binary files a/msys2/usr/bin/msys-sqlite3anycollseq-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3carray-0.dll b/msys2/usr/bin/msys-sqlite3carray-0.dll
deleted file mode 100644
index ac98ed9c6..000000000
Binary files a/msys2/usr/bin/msys-sqlite3carray-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3closure-0.dll b/msys2/usr/bin/msys-sqlite3closure-0.dll
deleted file mode 100644
index f23fe9d64..000000000
Binary files a/msys2/usr/bin/msys-sqlite3closure-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3completion-0.dll b/msys2/usr/bin/msys-sqlite3completion-0.dll
deleted file mode 100644
index 090cf270b..000000000
Binary files a/msys2/usr/bin/msys-sqlite3completion-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3compress-0.dll b/msys2/usr/bin/msys-sqlite3compress-0.dll
deleted file mode 100644
index 411ef8889..000000000
Binary files a/msys2/usr/bin/msys-sqlite3compress-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3csv-0.dll b/msys2/usr/bin/msys-sqlite3csv-0.dll
deleted file mode 100644
index fdb0b44d7..000000000
Binary files a/msys2/usr/bin/msys-sqlite3csv-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3eval-0.dll b/msys2/usr/bin/msys-sqlite3eval-0.dll
deleted file mode 100644
index 74f5700f7..000000000
Binary files a/msys2/usr/bin/msys-sqlite3eval-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3fileio-0.dll b/msys2/usr/bin/msys-sqlite3fileio-0.dll
deleted file mode 100644
index d6eb3c5bc..000000000
Binary files a/msys2/usr/bin/msys-sqlite3fileio-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3fuzzer-0.dll b/msys2/usr/bin/msys-sqlite3fuzzer-0.dll
deleted file mode 100644
index 344a957a4..000000000
Binary files a/msys2/usr/bin/msys-sqlite3fuzzer-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3icu-0.dll b/msys2/usr/bin/msys-sqlite3icu-0.dll
deleted file mode 100644
index a659987e4..000000000
Binary files a/msys2/usr/bin/msys-sqlite3icu-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3ieee754-0.dll b/msys2/usr/bin/msys-sqlite3ieee754-0.dll
deleted file mode 100644
index ac603d2b4..000000000
Binary files a/msys2/usr/bin/msys-sqlite3ieee754-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3memvfs-0.dll b/msys2/usr/bin/msys-sqlite3memvfs-0.dll
deleted file mode 100644
index 2fad617f8..000000000
Binary files a/msys2/usr/bin/msys-sqlite3memvfs-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3nextchar-0.dll b/msys2/usr/bin/msys-sqlite3nextchar-0.dll
deleted file mode 100644
index 29fe40e49..000000000
Binary files a/msys2/usr/bin/msys-sqlite3nextchar-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3percentile-0.dll b/msys2/usr/bin/msys-sqlite3percentile-0.dll
deleted file mode 100644
index b10b87b3f..000000000
Binary files a/msys2/usr/bin/msys-sqlite3percentile-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3rbu-0.dll b/msys2/usr/bin/msys-sqlite3rbu-0.dll
deleted file mode 100644
index 0210e69c0..000000000
Binary files a/msys2/usr/bin/msys-sqlite3rbu-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3regexp-0.dll b/msys2/usr/bin/msys-sqlite3regexp-0.dll
deleted file mode 100644
index 42dc2fe2c..000000000
Binary files a/msys2/usr/bin/msys-sqlite3regexp-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3remember-0.dll b/msys2/usr/bin/msys-sqlite3remember-0.dll
deleted file mode 100644
index e8b16d039..000000000
Binary files a/msys2/usr/bin/msys-sqlite3remember-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3rot13-0.dll b/msys2/usr/bin/msys-sqlite3rot13-0.dll
deleted file mode 100644
index 9d650e181..000000000
Binary files a/msys2/usr/bin/msys-sqlite3rot13-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3series-0.dll b/msys2/usr/bin/msys-sqlite3series-0.dll
deleted file mode 100644
index 7897b1c1e..000000000
Binary files a/msys2/usr/bin/msys-sqlite3series-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3sha1-0.dll b/msys2/usr/bin/msys-sqlite3sha1-0.dll
deleted file mode 100644
index 516eb51f8..000000000
Binary files a/msys2/usr/bin/msys-sqlite3sha1-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3shathree-0.dll b/msys2/usr/bin/msys-sqlite3shathree-0.dll
deleted file mode 100644
index 039b7ccce..000000000
Binary files a/msys2/usr/bin/msys-sqlite3shathree-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3showauth-0.dll b/msys2/usr/bin/msys-sqlite3showauth-0.dll
deleted file mode 100644
index 0fe40c705..000000000
Binary files a/msys2/usr/bin/msys-sqlite3showauth-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3spellfix-0.dll b/msys2/usr/bin/msys-sqlite3spellfix-0.dll
deleted file mode 100644
index f6fc47853..000000000
Binary files a/msys2/usr/bin/msys-sqlite3spellfix-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3stmt-0.dll b/msys2/usr/bin/msys-sqlite3stmt-0.dll
deleted file mode 100644
index aa97eae03..000000000
Binary files a/msys2/usr/bin/msys-sqlite3stmt-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3totype-0.dll b/msys2/usr/bin/msys-sqlite3totype-0.dll
deleted file mode 100644
index 2c3b26377..000000000
Binary files a/msys2/usr/bin/msys-sqlite3totype-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3unionvtab-0.dll b/msys2/usr/bin/msys-sqlite3unionvtab-0.dll
deleted file mode 100644
index d52692f3b..000000000
Binary files a/msys2/usr/bin/msys-sqlite3unionvtab-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3vfslog-0.dll b/msys2/usr/bin/msys-sqlite3vfslog-0.dll
deleted file mode 100644
index 47fea6e46..000000000
Binary files a/msys2/usr/bin/msys-sqlite3vfslog-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3vfsstat-0.dll b/msys2/usr/bin/msys-sqlite3vfsstat-0.dll
deleted file mode 100644
index 5d2144589..000000000
Binary files a/msys2/usr/bin/msys-sqlite3vfsstat-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3vtshim-0.dll b/msys2/usr/bin/msys-sqlite3vtshim-0.dll
deleted file mode 100644
index f703bf47b..000000000
Binary files a/msys2/usr/bin/msys-sqlite3vtshim-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-sqlite3wholenumber-0.dll b/msys2/usr/bin/msys-sqlite3wholenumber-0.dll
deleted file mode 100644
index 3e82ecebd..000000000
Binary files a/msys2/usr/bin/msys-sqlite3wholenumber-0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-ssh2-1.dll b/msys2/usr/bin/msys-ssh2-1.dll
index c6028de4c..169aa1e54 100644
Binary files a/msys2/usr/bin/msys-ssh2-1.dll and b/msys2/usr/bin/msys-ssh2-1.dll differ
diff --git a/msys2/usr/bin/msys-ssl-1.0.0.dll b/msys2/usr/bin/msys-ssl-1.0.0.dll
deleted file mode 100644
index 7bd8589d4..000000000
Binary files a/msys2/usr/bin/msys-ssl-1.0.0.dll and /dev/null differ
diff --git a/msys2/usr/bin/msys-ssl-1.1.dll b/msys2/usr/bin/msys-ssl-1.1.dll
new file mode 100644
index 000000000..b93281e99
Binary files /dev/null and b/msys2/usr/bin/msys-ssl-1.1.dll differ
diff --git a/msys2/usr/bin/msys-stdc++-6.dll b/msys2/usr/bin/msys-stdc++-6.dll
index bc63f2b9c..4cd29afed 100644
Binary files a/msys2/usr/bin/msys-stdc++-6.dll and b/msys2/usr/bin/msys-stdc++-6.dll differ
diff --git a/msys2/usr/bin/msys-ticw6.dll b/msys2/usr/bin/msys-ticw6.dll
index d67bb379c..1486bf0a3 100644
Binary files a/msys2/usr/bin/msys-ticw6.dll and b/msys2/usr/bin/msys-ticw6.dll differ
diff --git a/msys2/usr/bin/msys-unistring-2.dll b/msys2/usr/bin/msys-unistring-2.dll
index f82e5c083..47f92348c 100644
Binary files a/msys2/usr/bin/msys-unistring-2.dll and b/msys2/usr/bin/msys-unistring-2.dll differ
diff --git a/msys2/usr/bin/msys-uuid-1.dll b/msys2/usr/bin/msys-uuid-1.dll
index 74a873ecf..927568822 100644
Binary files a/msys2/usr/bin/msys-uuid-1.dll and b/msys2/usr/bin/msys-uuid-1.dll differ
diff --git a/msys2/usr/bin/msys-wind-0.dll b/msys2/usr/bin/msys-wind-0.dll
index fc9682e9a..fc56185fc 100644
Binary files a/msys2/usr/bin/msys-wind-0.dll and b/msys2/usr/bin/msys-wind-0.dll differ
diff --git a/msys2/usr/bin/msys-xml2-2.dll b/msys2/usr/bin/msys-xml2-2.dll
index 5cd7061f3..6590ca966 100644
Binary files a/msys2/usr/bin/msys-xml2-2.dll and b/msys2/usr/bin/msys-xml2-2.dll differ
diff --git a/msys2/usr/bin/msys-xslt-1.dll b/msys2/usr/bin/msys-xslt-1.dll
index cfa7f3250..8a8e071d5 100644
Binary files a/msys2/usr/bin/msys-xslt-1.dll and b/msys2/usr/bin/msys-xslt-1.dll differ
diff --git a/msys2/usr/bin/mv.exe b/msys2/usr/bin/mv.exe
index e207616e0..f869f4de2 100644
Binary files a/msys2/usr/bin/mv.exe and b/msys2/usr/bin/mv.exe differ
diff --git a/msys2/usr/bin/namei.exe b/msys2/usr/bin/namei.exe
index 5378540eb..603d5d070 100644
Binary files a/msys2/usr/bin/namei.exe and b/msys2/usr/bin/namei.exe differ
diff --git a/msys2/usr/bin/nettle-hash.exe b/msys2/usr/bin/nettle-hash.exe
new file mode 100644
index 000000000..f035d74c7
Binary files /dev/null and b/msys2/usr/bin/nettle-hash.exe differ
diff --git a/msys2/usr/bin/nettle-lfib-stream.exe b/msys2/usr/bin/nettle-lfib-stream.exe
new file mode 100644
index 000000000..38e36d3a3
Binary files /dev/null and b/msys2/usr/bin/nettle-lfib-stream.exe differ
diff --git a/msys2/usr/bin/nettle-pbkdf2.exe b/msys2/usr/bin/nettle-pbkdf2.exe
new file mode 100644
index 000000000..fd60d1339
Binary files /dev/null and b/msys2/usr/bin/nettle-pbkdf2.exe differ
diff --git a/msys2/usr/bin/nice.exe b/msys2/usr/bin/nice.exe
index 2e5090582..d24a54125 100644
Binary files a/msys2/usr/bin/nice.exe and b/msys2/usr/bin/nice.exe differ
diff --git a/msys2/usr/bin/nl.exe b/msys2/usr/bin/nl.exe
index 6700095d3..67cbca745 100644
Binary files a/msys2/usr/bin/nl.exe and b/msys2/usr/bin/nl.exe differ
diff --git a/msys2/usr/bin/nohup.exe b/msys2/usr/bin/nohup.exe
index 9a88195ee..6a1a19ee6 100644
Binary files a/msys2/usr/bin/nohup.exe and b/msys2/usr/bin/nohup.exe differ
diff --git a/msys2/usr/bin/nproc.exe b/msys2/usr/bin/nproc.exe
index 90fe25f92..f21e4c3ae 100644
Binary files a/msys2/usr/bin/nproc.exe and b/msys2/usr/bin/nproc.exe differ
diff --git a/msys2/usr/bin/numfmt.exe b/msys2/usr/bin/numfmt.exe
index a4a2af754..519871fe4 100644
Binary files a/msys2/usr/bin/numfmt.exe and b/msys2/usr/bin/numfmt.exe differ
diff --git a/msys2/usr/bin/od.exe b/msys2/usr/bin/od.exe
index 3b9c04b1e..d98c0bd3e 100644
Binary files a/msys2/usr/bin/od.exe and b/msys2/usr/bin/od.exe differ
diff --git a/msys2/usr/bin/openssl.exe b/msys2/usr/bin/openssl.exe
index f1e33747f..3f49cec75 100644
Binary files a/msys2/usr/bin/openssl.exe and b/msys2/usr/bin/openssl.exe differ
diff --git a/msys2/usr/bin/p11-kit.exe b/msys2/usr/bin/p11-kit.exe
index 725d9cbf3..445fb1d92 100644
Binary files a/msys2/usr/bin/p11-kit.exe and b/msys2/usr/bin/p11-kit.exe differ
diff --git a/msys2/usr/bin/paccache b/msys2/usr/bin/paccache
index 886479f3b..aad9665b1 100644
--- a/msys2/usr/bin/paccache
+++ b/msys2/usr/bin/paccache
@@ -18,10 +18,12 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 
+# Expand to nothing if there are no matches
+shopt -s nullglob
 shopt -s extglob
 
 declare -r myname='paccache'
-declare -r myver='5.0.1'
+declare -r myver='1.0.0'
 
 declare -a cachedirs=() candidates=() cmdopts=() whitelist=() blacklist=()
 declare -i delete=0 dryrun=0 filecount=0 move=0 totalsaved=0 verbose=0
@@ -207,19 +209,6 @@ die() {
 	exit 1
 }
 
-get_cachedir_from_config() {
-	local key value
-
-	while IFS=$'= \t' read -r key value _; do
-		if [[ $key = CacheDir ]]; then
-			echo "$value"
-			return 0
-		fi
-	done <"$1"
-
-	return 1
-}
-
 # reads a list of files on stdin and prints out deletion candidates
 pkgfilter() {
 	# there's whitelist and blacklist parameters passed to this
@@ -355,7 +344,7 @@ summarize() {
 
 usage() {
 	cat <<EOF
-${myname} (pacman) v${myver}
+${myname} v${myver}
 
 A flexible pacman cache cleaning utility.
 
@@ -485,13 +474,9 @@ fi
 readonly ALL_OFF BOLD BLUE GREEN RED YELLOW
 
 
-# setting default cachedir
+# setting default cachedirs
 if [[ -z $cachedirs ]]; then
-	if cachedir=$(get_cachedir_from_config "/etc/pacman.conf"); then
-		cachedirs=("$cachedir")
-	else
-		cachedirs=("${cachedirs[@]:-/var/cache/pacman/pkg}")
-	fi
+	cachedirs=($(pacman-conf CacheDir))
 fi
 
 # remaining args are a whitelist
@@ -521,7 +506,7 @@ for cachedir in "${cachedirs[@]}"; do
 	# note that these results are returned in an arbitrary order from awk, but
 	# they'll be resorted (in summarize) iff we have a verbosity level set.
 	IFS=$'\n' read -r -d '' -a cand < \
-		<(printf '%s\n' "$PWD"/*.pkg.tar?(.+([^.])) | pacsort --files |
+		<(printf '%s\n' "$PWD"/*.pkg.tar!(*.sig) | pacsort --files |
 			pkgfilter "$keep" "$scanarch" \
 				"${#whitelist[*]}" "${whitelist[@]}" \
 				"${#blacklist[*]}" "${blacklist[@]}")
@@ -551,6 +536,9 @@ unset candtemp
 # do this before we destroy anything
 totalsaved=$(stat -c %s "${candidates[@]}" | awk '{ sum += $1 } END { print sum }')
 
+# Exit immediately if a pipeline returns non-zero.
+set -o errexit
+
 # crush. kill. destroy.
 (( verbose )) && cmdopts+=(-v)
 if (( delete )); then
diff --git a/msys2/usr/bin/pacdiff b/msys2/usr/bin/pacdiff
index b8768fa94..dfb67ec03 100644
--- a/msys2/usr/bin/pacdiff
+++ b/msys2/usr/bin/pacdiff
@@ -21,7 +21,7 @@
 shopt -s extglob
 
 declare -r myname='pacdiff'
-declare -r myver='5.0.1'
+declare -r myver='1.0.0'
 
 diffprog=${DIFFPROG:-'vim -d'}
 diffsearchpath=${DIFFSEARCHPATH:-/etc}
@@ -65,7 +65,7 @@ error() {
 
 usage() {
 	cat <<EOF
-${myname} (pacman) v${myver}
+${myname} v${myver}
 
 A simple program to merge or remove pacnew/pacsave files.
 
@@ -183,12 +183,10 @@ case $(( USE_FIND + USE_LOCATE + USE_PACDB )) in
 esac
 
 if (( USE_PACDB )); then
-	if [[ ! -r /etc/pacman.conf ]]; then
+	if ! DBPath="$(pacman-conf DBPath)"; then
 		error "unable to read /etc/pacman.conf"
 		usage; exit 1
 	fi
-
-	eval $(awk '/DBPath/ {print $1$2$3}' /etc/pacman.conf)
 	pac_db="${DBPath:-/var/lib/pacman/}local"
 	if [[ ! -d "${pac_db}" ]]; then
 		error "unable to read pacman database %s". "${pac_db}"
diff --git a/msys2/usr/bin/paclist b/msys2/usr/bin/paclist
index 7dfc10d3d..0ceeaf372 100644
--- a/msys2/usr/bin/paclist
+++ b/msys2/usr/bin/paclist
@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 declare -r myname='paclist'
-declare -r myver='5.0.1'
+declare -r myver='1.0.0'
 
 export TEXTDOMAIN='pacman'
 export TEXTDOMAINDIR='/usr/share/locale'
@@ -31,7 +31,7 @@ if ! type gettext &>/dev/null; then
 fi
 
 usage() {
-	printf "%s (pacman) v%s\n" "${myname}" "${myver}"
+	printf "%s v%s\n" "${myname}" "${myver}"
 	echo
 	printf "List all packages installed from a given repository\n" "${myname}"
 	echo
diff --git a/msys2/usr/bin/paclog-pkglist b/msys2/usr/bin/paclog-pkglist
index a08b109e4..5244ea0ef 100644
--- a/msys2/usr/bin/paclog-pkglist
+++ b/msys2/usr/bin/paclog-pkglist
@@ -18,14 +18,14 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 declare -r myname='paclog-pkglist'
-declare -r myver='5.0.1'
+declare -r myver='1.0.0'
 
 export TEXTDOMAIN='pacman'
 export TEXTDOMAINDIR='/usr/share/locale'
 declare logfile=${1:-/var/log/pacman.log}
 
 usage() {
-	printf "%s (pacman) v%s\n" "${myname}" "${myver}"
+	printf "%s v%s\n" "${myname}" "${myver}"
 	echo
 	echo "Parse a log file into a list of currently installed packages"
 	echo
@@ -33,7 +33,7 @@ usage() {
 	echo
 	printf "Example: %s /var/log/pacman.log\n" "${myname}"
 	echo
-	printf 'Defaults to: /var/log/pacman.log'
+	echo 'Defaults to: /var/log/pacman.log'
 }
 
 version() {
diff --git a/msys2/usr/bin/pacman-conf.exe b/msys2/usr/bin/pacman-conf.exe
new file mode 100644
index 000000000..b76cfe893
Binary files /dev/null and b/msys2/usr/bin/pacman-conf.exe differ
diff --git a/msys2/usr/bin/pacman-db-upgrade b/msys2/usr/bin/pacman-db-upgrade
index 9f139d974..d1e21897b 100644
--- a/msys2/usr/bin/pacman-db-upgrade
+++ b/msys2/usr/bin/pacman-db-upgrade
@@ -3,7 +3,7 @@
 #   pacman-db-upgrade - upgrade the local pacman db to a newer format
 #   Generated from pacman-db-upgrade.sh.in; do not edit by hand.
 #
-#   Copyright (c) 2010-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2010-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -26,7 +26,7 @@ umask 022
 export TEXTDOMAIN='pacman-scripts'
 export TEXTDOMAINDIR='/usr/share/locale'
 
-declare -r myver='5.0.1'
+declare -r myver='5.1.3'
 
 plain() {
 	(( QUIET )) && return
@@ -62,144 +62,10 @@ error() {
 }
 
 
-# getopt-like parser
-parseopts() {
-	local opt= optarg= i= shortopts=$1
-	local -a longopts=() unused_argv=()
-
-	shift
-	while [[ $1 && $1 != '--' ]]; do
-		longopts+=("$1")
-		shift
-	done
-	shift
-
-	longoptmatch() {
-		local o longmatch=()
-		for o in "${longopts[@]}"; do
-			if [[ ${o%:} = "$1" ]]; then
-				longmatch=("$o")
-				break
-			fi
-			[[ ${o%:} = "$1"* ]] && longmatch+=("$o")
-		done
-
-		case ${#longmatch[*]} in
-			1)
-				# success, override with opt and return arg req (0 == none, 1 == required)
-				opt=${longmatch%:}
-				if [[ $longmatch = *: ]]; then
-					return 1
-				else
-					return 0
-				fi ;;
-			0)
-				# fail, no match found
-				return 255 ;;
-			*)
-				# fail, ambiguous match
-				printf "pacman-db-upgrade: $(gettext "option '%s' is ambiguous; possibilities:")" "--$1"
-				printf " '%s'" "${longmatch[@]%:}"
-				printf '\n'
-				return 254 ;;
-		esac >&2
-	}
-
-	while (( $# )); do
-		case $1 in
-			--) # explicit end of options
-				shift
-				break
-				;;
-			-[!-]*) # short option
-				for (( i = 1; i < ${#1}; i++ )); do
-					opt=${1:i:1}
-
-					# option doesn't exist
-					if [[ $shortopts != *$opt* ]]; then
-						printf "pacman-db-upgrade: $(gettext "invalid option") -- '%s'\n" "$opt" >&2
-						OPTRET=(--)
-						return 1
-					fi
-
-					OPTRET+=("-$opt")
-					# option requires optarg
-					if [[ $shortopts = *$opt:* ]]; then
-						# if we're not at the end of the option chunk, the rest is the optarg
-						if (( i < ${#1} - 1 )); then
-							OPTRET+=("${1:i+1}")
-							break
-						# if we're at the end, grab the the next positional, if it exists
-						elif (( i == ${#1} - 1 )) && [[ $2 ]]; then
-							OPTRET+=("$2")
-							shift
-							break
-						# parse failure
-						else
-							printf "pacman-db-upgrade: $(gettext "option requires an argument") -- '%s'\n" "$opt" >&2
-							OPTRET=(--)
-							return 1
-						fi
-					fi
-				done
-				;;
-			--?*=*|--?*) # long option
-				IFS='=' read -r opt optarg <<< "${1#--}"
-				longoptmatch "$opt"
-				case $? in
-					0)
-						# parse failure
-						if [[ $optarg ]]; then
-							printf "pacman-db-upgrade: $(gettext "option '%s' does not allow an argument")\n" "--$opt" >&2
-							OPTRET=(--)
-							return 1
-						# --longopt
-						else
-							OPTRET+=("--$opt")
-						fi
-						;;
-					1)
-						# --longopt=optarg
-						if [[ $optarg ]]; then
-							OPTRET+=("--$opt" "$optarg")
-						# --longopt optarg
-						elif [[ $2 ]]; then
-							OPTRET+=("--$opt" "$2" )
-							shift
-						# parse failure
-						else
-							printf "pacman-db-upgrade: $(gettext "option '%s' requires an argument")\n" "--$opt" >&2
-							OPTRET=(--)
-							return 1
-						fi
-						;;
-					254)
-						# ambiguous option -- error was reported for us by longoptmatch()
-						OPTRET=(--)
-						return 1
-						;;
-					255)
-						# parse failure
-						printf "pacman-db-upgrade: $(gettext "invalid option") '--%s'\n" "$opt" >&2
-						OPTRET=(--)
-						return 1
-						;;
-				esac
-				;;
-			*) # non-option arg encountered, add it as a parameter
-				unused_argv+=("$1")
-				;;
-		esac
-		shift
-	done
-
-	# add end-of-opt terminator and any leftover positional parameters
-	OPTRET+=('--' "${unused_argv[@]}" "$@")
-	unset longoptmatch
-
-	return 0
-}
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
 
+# Import parseopts.sh
+source "$LIBRARY"/util/parseopts.sh
 
 usage() {
 	printf "pacman-db-upgrade (pacman) %s\n" "${myver}"
@@ -209,7 +75,7 @@ usage() {
 	printf -- "$(gettext "Usage: %s [options]")\n" "$0"
 	echo
 	printf -- "$(gettext "options:")\n"
-	printf -- "$(gettext "  -b, --dbpath <path>  set an alternate database location")\n"
+	printf -- "$(gettext "  -d, --dbpath <path>  set an alternate database location")\n"
 	printf -- "$(gettext "  -h, --help           show this help message and exit")\n"
 	printf -- "$(gettext "  -r, --root <path>    set an alternate installation root")\n"
 	printf -- "$(gettext "  -V, --version        show version information and exit")\n"
@@ -221,7 +87,7 @@ usage() {
 version() {
 	printf "pacman-db-upgrade (pacman) %s\n" "$myver"
 	printf -- "$(gettext "\
-Copyright (c) 2010-2016 Pacman Development Team <pacman-dev@archlinux.org>.\n\
+Copyright (c) 2010-2018 Pacman Development Team <pacman-dev@archlinux.org>.\n\
 This is free software; see the source for copying conditions.\n\
 There is NO WARRANTY, to the extent permitted by law.\n")"
 }
@@ -236,18 +102,6 @@ die_r() {
 	die "$@"
 }
 
-get_opt_from_config() {
-	local keyname="$1" conffile="$2"
-	local key value
-
-	while IFS=$'= \t' read -r key value _; do
-		if [[ $key = $keyname ]]; then
-			echo "$value"
-			return
-		fi
-	done <"$conffile"
-}
-
 resolve_dir() {
 	local d="$(cd "$1"; pwd -P)"
 	[[ $d == */ ]] || d+=/
@@ -285,19 +139,14 @@ while true; do
 		-h|--help)    usage; exit 0 ;;
 		--nocolor)    USE_COLOR='n' ;;
 		-V|--version) version; exit 0 ;;
-		-- )          shift; break 2 ;;
+		--)           shift; break ;;
 	esac
 	shift
 done
 
 conffile=${conffile:-/etc/pacman.conf}
-[[ -z $pacroot ]] && pacroot="$(get_opt_from_config "RootDir" "$conffile")"
-[[ -z $dbroot ]] && dbroot="$(get_opt_from_config "DBPath" "$conffile")"
-
-[[ -z $dbroot && -n $pacroot ]] && dbroot="$pacroot//var/lib/pacman"
-
-[[ -z $pacroot ]] && pacroot="/"
-[[ -z $dbroot ]] && dbroot="/var/lib/pacman/"
+[[ -z $pacroot ]] && pacroot=$(pacman-conf --config="$conffile" rootdir)
+[[ -z $dbroot ]] && dbroot=$(pacman-conf --config="$conffile" --rootdir="$pacroot" dbpath)
 
 # check if messages are to be printed using color
 unset ALL_OFF BOLD BLUE GREEN RED YELLOW
@@ -448,5 +297,3 @@ echo "9" > "$dbroot"/local/ALPM_DB_VERSION
 
 # remove the lock file
 rm -f "$lockfile"
-
-# vim: set noet:
diff --git a/msys2/usr/bin/pacman-key b/msys2/usr/bin/pacman-key
index 6c4449d41..6847a136e 100644
--- a/msys2/usr/bin/pacman-key
+++ b/msys2/usr/bin/pacman-key
@@ -4,7 +4,7 @@
 #                Based on apt-key, from Debian
 #   Generated from pacman-key.sh.in; do not edit by hand.
 #
-#   Copyright (c) 2010-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2010-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -24,7 +24,12 @@
 export TEXTDOMAIN='pacman-scripts'
 export TEXTDOMAINDIR='/usr/share/locale'
 
-declare -r myver="5.0.1"
+declare -r myver="5.1.3"
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+# Import parseopts.sh
+source "$LIBRARY"/util/parseopts.sh
 
 # Options
 ADD=0
@@ -46,8 +51,6 @@ UPDATEDB=0
 USE_COLOR='y'
 VERIFY=0
 
-DEFAULT_KEYSERVER='hkp://pool.sks-keyservers.net'
-
 plain() {
 	(( QUIET )) && return
 	local mesg=$1; shift
@@ -82,145 +85,6 @@ error() {
 }
 
 
-# getopt-like parser
-parseopts() {
-	local opt= optarg= i= shortopts=$1
-	local -a longopts=() unused_argv=()
-
-	shift
-	while [[ $1 && $1 != '--' ]]; do
-		longopts+=("$1")
-		shift
-	done
-	shift
-
-	longoptmatch() {
-		local o longmatch=()
-		for o in "${longopts[@]}"; do
-			if [[ ${o%:} = "$1" ]]; then
-				longmatch=("$o")
-				break
-			fi
-			[[ ${o%:} = "$1"* ]] && longmatch+=("$o")
-		done
-
-		case ${#longmatch[*]} in
-			1)
-				# success, override with opt and return arg req (0 == none, 1 == required)
-				opt=${longmatch%:}
-				if [[ $longmatch = *: ]]; then
-					return 1
-				else
-					return 0
-				fi ;;
-			0)
-				# fail, no match found
-				return 255 ;;
-			*)
-				# fail, ambiguous match
-				printf "pacman-key: $(gettext "option '%s' is ambiguous; possibilities:")" "--$1"
-				printf " '%s'" "${longmatch[@]%:}"
-				printf '\n'
-				return 254 ;;
-		esac >&2
-	}
-
-	while (( $# )); do
-		case $1 in
-			--) # explicit end of options
-				shift
-				break
-				;;
-			-[!-]*) # short option
-				for (( i = 1; i < ${#1}; i++ )); do
-					opt=${1:i:1}
-
-					# option doesn't exist
-					if [[ $shortopts != *$opt* ]]; then
-						printf "pacman-key: $(gettext "invalid option") -- '%s'\n" "$opt" >&2
-						OPTRET=(--)
-						return 1
-					fi
-
-					OPTRET+=("-$opt")
-					# option requires optarg
-					if [[ $shortopts = *$opt:* ]]; then
-						# if we're not at the end of the option chunk, the rest is the optarg
-						if (( i < ${#1} - 1 )); then
-							OPTRET+=("${1:i+1}")
-							break
-						# if we're at the end, grab the the next positional, if it exists
-						elif (( i == ${#1} - 1 )) && [[ $2 ]]; then
-							OPTRET+=("$2")
-							shift
-							break
-						# parse failure
-						else
-							printf "pacman-key: $(gettext "option requires an argument") -- '%s'\n" "$opt" >&2
-							OPTRET=(--)
-							return 1
-						fi
-					fi
-				done
-				;;
-			--?*=*|--?*) # long option
-				IFS='=' read -r opt optarg <<< "${1#--}"
-				longoptmatch "$opt"
-				case $? in
-					0)
-						# parse failure
-						if [[ $optarg ]]; then
-							printf "pacman-key: $(gettext "option '%s' does not allow an argument")\n" "--$opt" >&2
-							OPTRET=(--)
-							return 1
-						# --longopt
-						else
-							OPTRET+=("--$opt")
-						fi
-						;;
-					1)
-						# --longopt=optarg
-						if [[ $optarg ]]; then
-							OPTRET+=("--$opt" "$optarg")
-						# --longopt optarg
-						elif [[ $2 ]]; then
-							OPTRET+=("--$opt" "$2" )
-							shift
-						# parse failure
-						else
-							printf "pacman-key: $(gettext "option '%s' requires an argument")\n" "--$opt" >&2
-							OPTRET=(--)
-							return 1
-						fi
-						;;
-					254)
-						# ambiguous option -- error was reported for us by longoptmatch()
-						OPTRET=(--)
-						return 1
-						;;
-					255)
-						# parse failure
-						printf "pacman-key: $(gettext "invalid option") '--%s'\n" "$opt" >&2
-						OPTRET=(--)
-						return 1
-						;;
-				esac
-				;;
-			*) # non-option arg encountered, add it as a parameter
-				unused_argv+=("$1")
-				;;
-		esac
-		shift
-	done
-
-	# add end-of-opt terminator and any leftover positional parameters
-	OPTRET+=('--' "${unused_argv[@]}" "$@")
-	unset longoptmatch
-
-	return 0
-}
-
-
 if [[ -n "$MSYSTEM" ]]; then
   readonly -a UTILS_NAME=('bsdtar'
                           'bzip2'
@@ -297,7 +161,7 @@ usage() {
 version() {
 	printf "pacman-key (pacman) %s\n" "${myver}"
 	printf -- "$(gettext "\
-Copyright (c) 2010-2016 Pacman Development Team <pacman-dev@archlinux.org>.\n\
+Copyright (c) 2010-2018 Pacman Development Team <pacman-dev@archlinux.org>.\n\
 This is free software; see the source for copying conditions.\n\
 There is NO WARRANTY, to the extent permitted by law.\n")"
 }
@@ -412,10 +276,14 @@ initialize() {
 	add_gpg_conf_option "$conffile" 'no-greeting'
 	add_gpg_conf_option "$conffile" 'no-permission-warning'
 	add_gpg_conf_option "$conffile" 'lock-never'
-	keyserv=${KEYSERVER:-$DEFAULT_KEYSERVER}
-	add_gpg_conf_option "$conffile" 'keyserver' "$keyserv"
 	add_gpg_conf_option "$conffile" 'keyserver-options' 'timeout=10'
 
+	# gpg-agent.conf
+	agent_conffile="${PACMAN_KEYRING_DIR}/gpg-agent.conf"
+	[[ -f $agent_conffile ]] || touch "$agent_conffile"
+	chmod 644 "$agent_conffile"
+	add_gpg_conf_option "$agent_conffile" 'disable-scdaemon'
+
 	# set up a private signing key (if none available)
 	if [[ $(secret_keys_available) -lt 1 ]]; then
 		generate_master_key
@@ -688,7 +556,11 @@ verify_sig() {
 	local ret=0
 	for sig; do
 		msg "Checking %s..." "$sig"
-		if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE)$'; then
+		if grep -q 'BEGIN PGP SIGNATURE' "$sig"; then
+			error "$(gettext "Cannot use armored signatures for packages: %s")" "$sig"
+			return 1
+		fi
+		if ! "${GPG_PACMAN[@]}" --status-fd 1 --verify "$sig" | grep -qE '^\[GNUPG:\] TRUST_(FULLY|ULTIMATE).*$'; then
 			error "$(gettext "The signature identified by %s could not be verified.")" "$sig"
 			ret=1
 		fi
@@ -757,7 +629,7 @@ while (( $# )); do
 		-h|--help)        usage; exit 0 ;;
 		-V|--version)     version; exit 0 ;;
 
-		--)               shift; break 2 ;;
+		--)               shift; break ;;
 	esac
 	shift
 done
@@ -798,7 +670,7 @@ fi
 
 # if PACMAN_KEYRING_DIR isn't assigned, try to get it from the config
 # file, falling back on a hard default
-PACMAN_KEYRING_DIR=${PACMAN_KEYRING_DIR:-$(get_from "$CONFIG" "GPGDir" "/etc/pacman.d/gnupg")}
+PACMAN_KEYRING_DIR=${PACMAN_KEYRING_DIR:-$(pacman-conf --config="$CONFIG" gpgdir)}
 
 GPG_PACMAN=(gpg --homedir "${PACMAN_KEYRING_DIR}" --no-permission-warning)
 if [[ -n ${KEYSERVER} ]]; then
@@ -852,5 +724,3 @@ fi
 (( UPDATEDB )) && updatedb
 
 exit 0
-
-# vim: set noet:
diff --git a/msys2/usr/bin/pacman-optimize b/msys2/usr/bin/pacman-optimize
deleted file mode 100644
index 44fa50af4..000000000
--- a/msys2/usr/bin/pacman-optimize
+++ /dev/null
@@ -1,282 +0,0 @@
-#!/usr/bin/env bash
-#
-#   pacman-optimize
-#   Generated from pacman-optimize.sh.in; do not edit by hand.
-#
-#   Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
-#   Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
-#
-#   This program is free software; you can redistribute it and/or modify
-#   it under the terms of the GNU General Public License as published by
-#   the Free Software Foundation; either version 2 of the License, or
-#   (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be useful,
-#   but WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#   GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-# gettext initialization
-export TEXTDOMAIN='pacman-scripts'
-export TEXTDOMAINDIR='/usr/share/locale'
-
-USE_COLOR='y'
-
-declare -r myver='5.0.1'
-
-eval $(awk '/DBPath/ {print $1$2$3}' /etc/pacman.conf)
-dbroot="${DBPath:-/var/lib/pacman/}"
-
-plain() {
-	(( QUIET )) && return
-	local mesg=$1; shift
-	printf "${BOLD}    ${mesg}${ALL_OFF}\n" "$@" >&1
-}
-
-msg() {
-	(( QUIET )) && return
-	local mesg=$1; shift
-	printf "${GREEN}==>${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&1
-}
-
-msg2() {
-	(( QUIET )) && return
-	local mesg=$1; shift
-	printf "${BLUE}  ->${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&1
-}
-
-ask() {
-	local mesg=$1; shift
-	printf "${BLUE}::${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}" "$@" >&1
-}
-
-warning() {
-	local mesg=$1; shift
-	printf "${YELLOW}==> $(gettext "WARNING:")${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
-}
-
-error() {
-	local mesg=$1; shift
-	printf "${RED}==> $(gettext "ERROR:")${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
-}
-
-
-if [[ -n "$MSYSTEM" ]]; then
-  readonly -a UTILS_NAME=('bsdtar'
-                          'bzip2'
-                          'bzr'
-                          'cat'
-                          'ccache'
-                          'distcc'
-                          'git'
-                          'gpg'
-                          'gzip'
-                          'hg'
-                          'lzip'
-                          'lzop'
-                          'openssl'
-                          'svn'
-                          'tput'
-                          'uncompress'
-                          'upx'
-                          'xargs'
-                          'xz'
-                         )
-
-  for wrapper in ${UTILS_NAME[@]}; do
-    eval "
-    ${wrapper}"'() {
-      local UTILS_PATH="/usr/bin/"
-      if ! type -p ${UTILS_PATH}${FUNCNAME[0]} >/dev/null; then
-        error "$(gettext "Cannot find the %s binary required for makepkg.")" "${UTILS_PATH}${FUNCNAME[0]}"
-        exit 1
-      fi
-      ${UTILS_PATH}${FUNCNAME[0]} "$@"
-    }'
-  done
-fi
-
-
-usage() {
-	printf "pacman-optimize (pacman) %s\n\n" "$myver"
-	printf -- "$(gettext "Usage: %s [--nocolor] [pacman_db_root]")\n\n" "$0"
-	printf -- "$(gettext "\
-pacman-optimize is a little hack that should improve the performance\n\
-of pacman when reading/writing to its filesystem-based database.\n\n")"
-	printf -- "$(gettext "\
-Because pacman uses many small files to keep track of packages,\n\
-there is a tendency for these files to become fragmented over time.\n\
-This script attempts to relocate these small files into one\n\
-continuous location on your hard drive. The result is that the hard\n\
-drive should be able to read them faster, since the hard drive head\n\
-does not have to move around the disk as much.\n")"
-}
-
-version() {
-	printf "pacman-optimize (pacman) %s\n" "$myver"
-	printf -- "$(gettext "\
-Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>.\n\
-Copyright (C) 2002-2006 Judd Vinet <jvinet@zeroflux.org>.\n\n\
-This is free software; see the source for copying conditions.\n\
-There is NO WARRANTY, to the extent permitted by law.\n")"
-}
-
-die() {
-	error "$@"
-	exit 1
-}
-
-die_r() {
-	rm -f "$lockfile"
-	die "$@"
-}
-
-# PROGRAM START
-
-# determine whether we have gettext; make it a no-op if we do not
-if ! type -p gettext >/dev/null; then
-	gettext() {
-		printf "%s\n" "$@"
-	}
-else
-	gettext() {
-		/usr/bin/gettext "$@"
-	}
-fi
-
-if [[ $1 = "-h" || $1 = "--help" ]]; then
-	usage
-	exit 0
-fi
-
-if [[ $1 = "-V" || $1 = "--version" ]]; then
-	version
-	exit 0
-fi
-
-if [[ $1 = "--nocolor" ]]; then
-	USE_COLOR='n'
-	shift
-fi
-
-# check if messages are to be printed using color
-unset ALL_OFF BOLD BLUE GREEN RED YELLOW
-if [[ -t 2 && ! $USE_COLOR = "n" ]]; then
-	# prefer terminal safe colored and bold text when tput is supported
-	if tput setaf 0 &>/dev/null; then
-		ALL_OFF="$(tput sgr0)"
-		BOLD="$(tput bold)"
-		BLUE="${BOLD}$(tput setaf 4)"
-		GREEN="${BOLD}$(tput setaf 2)"
-		RED="${BOLD}$(tput setaf 1)"
-		YELLOW="${BOLD}$(tput setaf 3)"
-	else
-		ALL_OFF="\e[1;0m"
-		BOLD="\e[1;1m"
-		BLUE="${BOLD}\e[1;34m"
-		GREEN="${BOLD}\e[1;32m"
-		RED="${BOLD}\e[1;31m"
-		YELLOW="${BOLD}\e[1;33m"
-	fi
-fi
-readonly ALL_OFF BOLD BLUE GREEN RED YELLOW
-
-
-if [[ -n $1 ]]; then
-	dbroot="$1"
-fi
-
-if ! type -p openssl >/dev/null; then
-	die "$(gettext "Cannot find the %s binary required for verifying integrity.")" "openssl"
-fi
-
-if [[ ! -d $dbroot || ! -d $dbroot/local ]]; then
-	die "$(gettext "%s does not exist or is not a directory.")" "$dbroot"
-fi
-
-if [[ ! -w $dbroot ]]; then
-	die "$(gettext "You must have correct permissions to optimize the database.")"
-fi
-
-# strip any trailing slash from our dbroot
-dbroot="${dbroot%/}"
-lockfile="${dbroot}/db.lck"
-localdb="${dbroot}/local"
-
-# make sure pacman isn't running
-if [[ -f $lockfile ]]; then
-	die "$(gettext "Pacman lock file was found. Cannot run while pacman is running.")"
-fi
-# do not let pacman run while we do this
-touch "$lockfile"
-
-workdir=$(mktemp -d "${TMPDIR:-/tmp}/pacman-optimize.XXXXXXXXXX") ||
-	die_r "$(gettext "Cannot create temporary directory for database building.")\n" >&2
-
-# step 1: sum the old db
-msg "$(gettext "MD5sum'ing the old database...")"
-(cd "$localdb" && find . -type f -print0 | \
-	xargs -0 openssl dgst -md5 | sort > "$workdir/pacsums.old")
-
-# step 2: tar it up
-msg "$(gettext "Tar'ing up %s...")" "$localdb"
-bsdtar -czf "$workdir/pacman-db.tar.gz" -C "$localdb" ./
-if (( $? )); then
-	rm -rf "$workdir"
-	die_r "$(gettext "Tar'ing up %s failed.")" "$localdb"
-fi
-
-# step 3: make and sum the new db side-by-side with the old
-msg "$(gettext "Making and MD5sum'ing the new database...")"
-mkdir "$localdb.new"
-bsdtar -xpf "$workdir/pacman-db.tar.gz" -C "$localdb.new"
-if (( $? )); then
-	rm -rf "$workdir"
-	die_r "$(gettext "Untar'ing %s failed.")" "$localdb"
-fi
-# immediate sync following extraction should get it written continuously on HDD
-msg "$(gettext "Syncing database to disk...")"
-sync
-(cd "$localdb.new" && find . -type f -print0 | \
-	xargs -0 openssl dgst -md5 | sort > "$workdir/pacsums.new")
-
-# step 4: compare the sums
-msg "$(gettext "Checking integrity...")"
-read -ra old_dgst < <(openssl dgst -md5 < "$workdir/pacsums.old")
-read -ra new_dgst < <(openssl dgst -md5 < "$workdir/pacsums.new")
-if [[ ${old_dgst[@]:(-1)} != ${new_dgst[@]:(-1)} ]]; then
-	# failed
-	# leave our pacman-optimize tmpdir for checking to see what doesn't match up
-	rm -rf "$localdb.new"
-	die_r "$(gettext "Integrity check FAILED, reverting to old database.")"
-fi
-
-# step 5: shuffle the newly extracted DB into the proper location
-msg "$(gettext "Rotating database into place...")"
-
-fail=0
-mv "$localdb" "$localdb.old" || fail=1
-mv "$localdb.new" "$localdb" || fail=1
-chmod $(stat -c '%a' "$localdb.old") "$localdb" || fail=1
-chown $(stat -c '%u:%g' "$localdb.old") "$localdb" || fail=1
-if (( fail )); then
-	# failure with our directory shuffle
-	die_r "$(gettext "New database substitution failed. Check for %s, %s, and %s directories.")" "$localdb" "$localdb.old" "$localdb.new"
-fi
-rm -rf "$localdb.old"
-
-# remove the lock file and our working directory with sums and tarfile
-rm -f "$lockfile"
-rm -rf "$workdir"
-
-echo
-msg "$(gettext "Finished. Your pacman database has been optimized.")"
-echo
-
-exit 0
-
-# vim: set noet:
diff --git a/msys2/usr/bin/pacman.exe b/msys2/usr/bin/pacman.exe
index 157bd0ed1..f17f1d679 100644
Binary files a/msys2/usr/bin/pacman.exe and b/msys2/usr/bin/pacman.exe differ
diff --git a/msys2/usr/bin/pacscripts b/msys2/usr/bin/pacscripts
index 7ffcb33c4..daa2b2517 100644
--- a/msys2/usr/bin/pacscripts
+++ b/msys2/usr/bin/pacscripts
@@ -3,7 +3,6 @@
 #   pacscripts : tries to print out the {pre,post}_{install,remove,upgrade}
 #   scripts of a given package
 #
-#   Copyright (c) 2009 Giulio "giulivo" Fidente <giulivo.navigante@gmail.com>
 #   Copyright (c) 2009 Xavier Chantry <shiningxc@gmail.com>
 #   Copyright (c) 2009-2016 Pacman Development Team <pacman-dev@archlinux.org>
 #
@@ -26,19 +25,7 @@ set -o nounset
 set -o errexit
 
 declare -r myname='pacscripts'
-declare -r myver='5.0.1'
-
-conf="/etc/pacman.conf"
-
-if [ ! -r "$conf" ]; then
-	echo "ERROR: unable to read $conf"
-	exit 1
-fi
-
-eval $(awk '/DBPath/ {print $1$2$3}' "$conf")
-eval $(awk '/CacheDir/ {print $1$2$3}' "$conf")
-pac_db="${DBPath:-/var/lib/pacman}/local"
-pac_cache="${CacheDir:-/var/cache/pacman/pkg}"
+declare -r myver='1.0.0'
 
 error() {
 	local mesg=$1; shift
@@ -46,7 +33,7 @@ error() {
 }
 
 usage() {
-	echo "${myname} (pacman) v${myver}"
+	echo "${myname} v${myver}"
 	echo
 	echo "Prints the {pre,post}_{install,remove,upgrade} scripts of a given package."
 	echo
@@ -60,6 +47,15 @@ usage() {
 	echo "Example: ${myname} gconf-editor-3.0.1-3-x86_64.pkg.tar.xz"
 }
 
+
+if ! DBPath="$(pacman-conf DBPath)"; then
+	error "unable to read /etc/pacman.conf"
+	exit 1
+fi
+CacheDir="$(pacman-conf CacheDir)"
+pac_db="${DBPath:-/var/lib/pacman}/local"
+pac_cache="${CacheDir:-/var/cache/pacman/pkg}"
+
 version() {
 	printf "%s %s\n" "$myname" "$myver"
 	echo 'Copyright (c) 2009 Giulio "giulivo" Fidente <giulivo.navigante@gmail.com>'
@@ -126,6 +122,6 @@ fi
 
 case "$1" in
 	--help|-h) usage; exit 0 ;;
-	--version|-V) version; exit 0 ;;
+	--version|-v) version; exit 0 ;;
 	*) print_scriptlet $1 ;;
 esac
diff --git a/msys2/usr/bin/pacsearch b/msys2/usr/bin/pacsearch
index a9b953465..5be91ca46 100644
--- a/msys2/usr/bin/pacsearch
+++ b/msys2/usr/bin/pacsearch
@@ -24,10 +24,10 @@ use warnings;
 use Term::ANSIColor;
 
 my $myname = 'pacsearch';
-my $myver = '5.0.1';
+my $myver = '1.0.0';
 
 sub usage {
-	print "$myname (pacman) v$myver\n\n";
+	print "$myname v$myver\n\n";
 	print "Perform a pacman search using both the local and the sync databases.\n\n";
 	print "Usage: $myname [-n] <pattern>\n\n";
 	print "Options:\n";
diff --git a/msys2/usr/bin/pacsort.exe b/msys2/usr/bin/pacsort.exe
index d22cec96a..e37828fd0 100644
Binary files a/msys2/usr/bin/pacsort.exe and b/msys2/usr/bin/pacsort.exe differ
diff --git a/msys2/usr/bin/pactree.exe b/msys2/usr/bin/pactree.exe
index a25a389ec..5860c8aee 100644
Binary files a/msys2/usr/bin/pactree.exe and b/msys2/usr/bin/pactree.exe differ
diff --git a/msys2/usr/bin/passwd.exe b/msys2/usr/bin/passwd.exe
index b8951779d..ba60b5f57 100644
Binary files a/msys2/usr/bin/passwd.exe and b/msys2/usr/bin/passwd.exe differ
diff --git a/msys2/usr/bin/paste.exe b/msys2/usr/bin/paste.exe
index 68ce59453..cb05fa3cd 100644
Binary files a/msys2/usr/bin/paste.exe and b/msys2/usr/bin/paste.exe differ
diff --git a/msys2/usr/bin/pathchk.exe b/msys2/usr/bin/pathchk.exe
index cc899be21..dc1bb4532 100644
Binary files a/msys2/usr/bin/pathchk.exe and b/msys2/usr/bin/pathchk.exe differ
diff --git a/msys2/usr/bin/pcregrep.exe b/msys2/usr/bin/pcregrep.exe
index 537eb581d..7058e6f67 100644
Binary files a/msys2/usr/bin/pcregrep.exe and b/msys2/usr/bin/pcregrep.exe differ
diff --git a/msys2/usr/bin/pcretest.exe b/msys2/usr/bin/pcretest.exe
index 9e5f9ad0c..cf7596b76 100644
Binary files a/msys2/usr/bin/pcretest.exe and b/msys2/usr/bin/pcretest.exe differ
diff --git a/msys2/usr/bin/peflags.exe b/msys2/usr/bin/peflags.exe
index 537f4fa38..77e061ce1 100644
Binary files a/msys2/usr/bin/peflags.exe and b/msys2/usr/bin/peflags.exe differ
diff --git a/msys2/usr/bin/pg.exe b/msys2/usr/bin/pg.exe
index e45856ccc..a7bbd1c0e 100644
Binary files a/msys2/usr/bin/pg.exe and b/msys2/usr/bin/pg.exe differ
diff --git a/msys2/usr/bin/pinentry-w32.exe b/msys2/usr/bin/pinentry-w32.exe
new file mode 100644
index 000000000..55ac4b254
Binary files /dev/null and b/msys2/usr/bin/pinentry-w32.exe differ
diff --git a/msys2/usr/bin/pinentry.exe b/msys2/usr/bin/pinentry.exe
new file mode 100644
index 000000000..55ac4b254
Binary files /dev/null and b/msys2/usr/bin/pinentry.exe differ
diff --git a/msys2/usr/bin/pinky.exe b/msys2/usr/bin/pinky.exe
index 5dff2b5d1..e7941d52c 100644
Binary files a/msys2/usr/bin/pinky.exe and b/msys2/usr/bin/pinky.exe differ
diff --git a/msys2/usr/bin/pkcs1-conv.exe b/msys2/usr/bin/pkcs1-conv.exe
new file mode 100644
index 000000000..30e66327c
Binary files /dev/null and b/msys2/usr/bin/pkcs1-conv.exe differ
diff --git a/msys2/usr/bin/pkgdelta b/msys2/usr/bin/pkgdelta
index d04a8c8d4..d93780b50 100644
--- a/msys2/usr/bin/pkgdelta
+++ b/msys2/usr/bin/pkgdelta
@@ -26,8 +26,14 @@ set -o errexit
 export TEXTDOMAIN='pacman-scripts'
 export TEXTDOMAINDIR='/usr/share/locale'
 
-declare -r myver='5.0.1'
+declare -r myver='5.1.3'
 
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+# Import parseopts.sh
+source "$LIBRARY"/util/parseopts.sh
+
+# Options
 QUIET=0
 USE_COLOR='y'
 
@@ -41,144 +47,6 @@ max_delta_size=70
 # ensure we have a sane umask set
 umask 0022
 
-# getopt-like parser
-parseopts() {
-	local opt= optarg= i= shortopts=$1
-	local -a longopts=() unused_argv=()
-
-	shift
-	while [[ $1 && $1 != '--' ]]; do
-		longopts+=("$1")
-		shift
-	done
-	shift
-
-	longoptmatch() {
-		local o longmatch=()
-		for o in "${longopts[@]}"; do
-			if [[ ${o%:} = "$1" ]]; then
-				longmatch=("$o")
-				break
-			fi
-			[[ ${o%:} = "$1"* ]] && longmatch+=("$o")
-		done
-
-		case ${#longmatch[*]} in
-			1)
-				# success, override with opt and return arg req (0 == none, 1 == required)
-				opt=${longmatch%:}
-				if [[ $longmatch = *: ]]; then
-					return 1
-				else
-					return 0
-				fi ;;
-			0)
-				# fail, no match found
-				return 255 ;;
-			*)
-				# fail, ambiguous match
-				printf "pkgdelta: $(gettext "option '%s' is ambiguous; possibilities:")" "--$1"
-				printf " '%s'" "${longmatch[@]%:}"
-				printf '\n'
-				return 254 ;;
-		esac >&2
-	}
-
-	while (( $# )); do
-		case $1 in
-			--) # explicit end of options
-				shift
-				break
-				;;
-			-[!-]*) # short option
-				for (( i = 1; i < ${#1}; i++ )); do
-					opt=${1:i:1}
-
-					# option doesn't exist
-					if [[ $shortopts != *$opt* ]]; then
-						printf "pkgdelta: $(gettext "invalid option") -- '%s'\n" "$opt" >&2
-						OPTRET=(--)
-						return 1
-					fi
-
-					OPTRET+=("-$opt")
-					# option requires optarg
-					if [[ $shortopts = *$opt:* ]]; then
-						# if we're not at the end of the option chunk, the rest is the optarg
-						if (( i < ${#1} - 1 )); then
-							OPTRET+=("${1:i+1}")
-							break
-						# if we're at the end, grab the the next positional, if it exists
-						elif (( i == ${#1} - 1 )) && [[ $2 ]]; then
-							OPTRET+=("$2")
-							shift
-							break
-						# parse failure
-						else
-							printf "pkgdelta: $(gettext "option requires an argument") -- '%s'\n" "$opt" >&2
-							OPTRET=(--)
-							return 1
-						fi
-					fi
-				done
-				;;
-			--?*=*|--?*) # long option
-				IFS='=' read -r opt optarg <<< "${1#--}"
-				longoptmatch "$opt"
-				case $? in
-					0)
-						# parse failure
-						if [[ $optarg ]]; then
-							printf "pkgdelta: $(gettext "option '%s' does not allow an argument")\n" "--$opt" >&2
-							OPTRET=(--)
-							return 1
-						# --longopt
-						else
-							OPTRET+=("--$opt")
-						fi
-						;;
-					1)
-						# --longopt=optarg
-						if [[ $optarg ]]; then
-							OPTRET+=("--$opt" "$optarg")
-						# --longopt optarg
-						elif [[ $2 ]]; then
-							OPTRET+=("--$opt" "$2" )
-							shift
-						# parse failure
-						else
-							printf "pkgdelta: $(gettext "option '%s' requires an argument")\n" "--$opt" >&2
-							OPTRET=(--)
-							return 1
-						fi
-						;;
-					254)
-						# ambiguous option -- error was reported for us by longoptmatch()
-						OPTRET=(--)
-						return 1
-						;;
-					255)
-						# parse failure
-						printf "pkgdelta: $(gettext "invalid option") '--%s'\n" "$opt" >&2
-						OPTRET=(--)
-						return 1
-						;;
-				esac
-				;;
-			*) # non-option arg encountered, add it as a parameter
-				unused_argv+=("$1")
-				;;
-		esac
-		shift
-	done
-
-	# add end-of-opt terminator and any leftover positional parameters
-	OPTRET+=('--' "${unused_argv[@]}" "$@")
-	unset longoptmatch
-
-	return 0
-}
-
 plain() {
 	(( QUIET )) && return
 	local mesg=$1; shift
@@ -369,7 +237,7 @@ create_xdelta()
 	newver="$pkgver"
 	newarch="$arch"
 
-	pkgsize="$(stat -c %s -L "$newfile")"
+	pkgsize="$(wc -c "$newfile" | cut -d' ' -f1)"
 
 	if ((pkgsize < min_pkg_size)); then
 		msg "$(gettext "Skipping delta creation for small package: %s - size %s")" "$newname" "$pkgsize"
@@ -401,7 +269,7 @@ create_xdelta()
 		return 1
 	fi
 
-	deltasize="$(stat -c %s -L "$deltafile")"
+	deltasize="$(wc -c "$deltafile" | cut -d' ' -f1)"
 
 	if ((max_delta_size * pkgsize / 100 < deltasize)); then
 		msg "$(gettext "Delta package larger than maximum size. Removing.")"
@@ -463,7 +331,7 @@ while :; do
 			shift ;;
 		--)
 			shift
-			break 2 ;;
+			break ;;
 	esac
 	shift
 done
@@ -509,5 +377,3 @@ if ! type xdelta3 &>/dev/null; then
 fi
 
 create_xdelta "$@"
-
-# vim: set noet:
diff --git a/msys2/usr/bin/pkgfile.exe b/msys2/usr/bin/pkgfile.exe
index b012c3ff3..0126720ad 100644
Binary files a/msys2/usr/bin/pkgfile.exe and b/msys2/usr/bin/pkgfile.exe differ
diff --git a/msys2/usr/bin/pldd.exe b/msys2/usr/bin/pldd.exe
index 3ff5d2da3..f3e5fc951 100644
Binary files a/msys2/usr/bin/pldd.exe and b/msys2/usr/bin/pldd.exe differ
diff --git a/msys2/usr/bin/pr.exe b/msys2/usr/bin/pr.exe
index a6f37cb32..33ba5bdc5 100644
Binary files a/msys2/usr/bin/pr.exe and b/msys2/usr/bin/pr.exe differ
diff --git a/msys2/usr/bin/printenv.exe b/msys2/usr/bin/printenv.exe
index f2d5cb6d1..9da49ab35 100644
Binary files a/msys2/usr/bin/printenv.exe and b/msys2/usr/bin/printenv.exe differ
diff --git a/msys2/usr/bin/printf.exe b/msys2/usr/bin/printf.exe
index d4e1767a2..53eaaad9f 100644
Binary files a/msys2/usr/bin/printf.exe and b/msys2/usr/bin/printf.exe differ
diff --git a/msys2/usr/bin/ps.exe b/msys2/usr/bin/ps.exe
index 2e6bcb1c2..81347cc4d 100644
Binary files a/msys2/usr/bin/ps.exe and b/msys2/usr/bin/ps.exe differ
diff --git a/msys2/usr/bin/psl-make-dafsa b/msys2/usr/bin/psl-make-dafsa
index 44d1a8378..6112299e1 100644
--- a/msys2/usr/bin/psl-make-dafsa
+++ b/msys2/usr/bin/psl-make-dafsa
@@ -449,7 +449,7 @@ def encode_prefix(label):
   """Encodes a node label as a list of bytes without a trailing high byte.
 
   This method encodes a node if there is exactly one child  and the
-  child follows immidiately after so that no jump is needed. This label
+  child follows immediately after so that no jump is needed. This label
   will then be a prefix to the label in the child node.
   """
   assert label
@@ -587,8 +587,6 @@ def parse_psl(infile, utf_mode, codecs):
       flags = PSL_FLAG_WILDCARD | PSL_FLAG_PLAIN | section
       line = line[2:]
     else:
-      if not b'.' in line:
-        continue # we do not need an explicit plain TLD rule, already covered by implicit '*' rule
       psl_nsuffixes += 1
       flags = PSL_FLAG_PLAIN | section
 
diff --git a/msys2/usr/bin/psl.exe b/msys2/usr/bin/psl.exe
index a962ac2fc..70821617e 100644
Binary files a/msys2/usr/bin/psl.exe and b/msys2/usr/bin/psl.exe differ
diff --git a/msys2/usr/bin/ptx.exe b/msys2/usr/bin/ptx.exe
index a90e20927..0e8c01ff0 100644
Binary files a/msys2/usr/bin/ptx.exe and b/msys2/usr/bin/ptx.exe differ
diff --git a/msys2/usr/bin/pwd.exe b/msys2/usr/bin/pwd.exe
index 225344300..51630512e 100644
Binary files a/msys2/usr/bin/pwd.exe and b/msys2/usr/bin/pwd.exe differ
diff --git a/msys2/usr/bin/rankmirrors b/msys2/usr/bin/rankmirrors
index a3e7ccd0b..d0b216fa8 100644
--- a/msys2/usr/bin/rankmirrors
+++ b/msys2/usr/bin/rankmirrors
@@ -1,7 +1,7 @@
 #!/usr/bin/bash
 #
 #   rankmirrors - read a list of mirrors from a file and rank them by speed
-#   @configure_input@
+#   Generated from rankmirrors.sh.in; do not edit by hand.
 #
 #   Copyright (c) 2009 Matthew Bruenig <matthewbruenig@gmail.com>
 #
@@ -22,10 +22,10 @@
 trap finaloutput INT
 
 declare -r myname='rankmirrors'
-declare -r myver='5.0.1'
+declare -r myver='1.0.0'
 
 usage() {
-	echo "${myname} (pacman) v${myver}"
+	echo "${myname} v${myver}"
 	echo
 	echo "Ranks pacman mirrors by their connection and opening speed. Pacman mirror"
 	echo "files are located in /etc/pacman.d/. It can also rank one mirror if the URL is"
@@ -39,7 +39,7 @@ usage() {
 	echo "  -n NUM         number of servers to output, 0 for all"
 	echo "  -t, --times    only output mirrors and their response times"
 	echo "  -u, --url      test a specific URL"
-	echo "  -v, --verbose  be verbose in ouptut"
+	echo "  -v, --verbose  be verbose in output"
 	echo "  -r, --repo     specify a repository name instead of guessing"
 	exit 0
 }
diff --git a/msys2/usr/bin/rcp.exe b/msys2/usr/bin/rcp.exe
index 23f536235..d5898d34d 100644
Binary files a/msys2/usr/bin/rcp.exe and b/msys2/usr/bin/rcp.exe differ
diff --git a/msys2/usr/bin/readlink.exe b/msys2/usr/bin/readlink.exe
index 3a2a9ecf4..3d4abf66a 100644
Binary files a/msys2/usr/bin/readlink.exe and b/msys2/usr/bin/readlink.exe differ
diff --git a/msys2/usr/bin/realpath.exe b/msys2/usr/bin/realpath.exe
index d3cb1fd40..8fd1281ae 100644
Binary files a/msys2/usr/bin/realpath.exe and b/msys2/usr/bin/realpath.exe differ
diff --git a/msys2/usr/bin/rebase.exe b/msys2/usr/bin/rebase.exe
index f5c99d36e..8bc221071 100644
Binary files a/msys2/usr/bin/rebase.exe and b/msys2/usr/bin/rebase.exe differ
diff --git a/msys2/usr/bin/regtool.exe b/msys2/usr/bin/regtool.exe
index 495f582e4..9e1b2b8a1 100644
Binary files a/msys2/usr/bin/regtool.exe and b/msys2/usr/bin/regtool.exe differ
diff --git a/msys2/usr/bin/rename.exe b/msys2/usr/bin/rename.exe
index 34d15ea4c..4ddb53cc3 100644
Binary files a/msys2/usr/bin/rename.exe and b/msys2/usr/bin/rename.exe differ
diff --git a/msys2/usr/bin/renice.exe b/msys2/usr/bin/renice.exe
index eba05ab4b..51d3057aa 100644
Binary files a/msys2/usr/bin/renice.exe and b/msys2/usr/bin/renice.exe differ
diff --git a/msys2/usr/bin/repo-add b/msys2/usr/bin/repo-add
index 390157806..e2bd1cf05 100644
--- a/msys2/usr/bin/repo-add
+++ b/msys2/usr/bin/repo-add
@@ -4,7 +4,7 @@
 #   repo-remove - remove a package entry from a given repo database file
 #   Generated from repo-add.sh.in; do not edit by hand.
 #
-#   Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -25,7 +25,7 @@ shopt -s extglob
 export TEXTDOMAIN='pacman-scripts'
 export TEXTDOMAINDIR='/usr/share/locale'
 
-declare -r myver='5.0.1'
+declare -r myver='5.1.3'
 declare -r confdir='/etc'
 
 QUIET=0
@@ -161,7 +161,7 @@ version() {
 	cmd=${0##*/}
 	printf "%s (pacman) %s\n\n" "$cmd" "$myver"
 	printf -- "$(gettext "\
-Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>\n\n\
+Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>\n\n\
 This is free software; see the source for copying conditions.\n\
 There is NO WARRANTY, to the extent permitted by law.\n")"
 }
@@ -218,9 +218,9 @@ db_write_delta() {
 		echo -e "%DELTAS%" >"$deltas"
 	fi
 	# get md5sum and compressed size of package
-	md5sum=$(openssl dgst -md5 "$deltafile")
-	md5sum=${md5sum##* }
-	csize=$(stat -c %s -L "$deltafile")
+	md5sum=$(md5sum "$deltafile")
+	md5sum=${md5sum%% *}
+	csize=$(wc -c "$deltafile" | cut -d' ' -f1)
 
 	oldfile=$(xdelta3 printhdr "$deltafile" | grep "XDELTA filename (source)" | sed 's/.*: *//')
 	newfile=$(xdelta3 printhdr "$deltafile" | grep "XDELTA filename (output)" | sed 's/.*: *//')
@@ -435,23 +435,23 @@ db_write_entry() {
 			error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
 			return 1
 		fi
-		pgpsigsize=$(stat -c %s -L "$pkgfile.sig")
+		pgpsigsize=$(wc -c "$pkgfile.sig" | cut -d' ' -f1)
 		if (( pgpsigsize > 16384 )); then
 			error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
 			return 1
 		fi
 		msg2 "$(gettext "Adding package signature...")"
-		pgpsig=$(openssl base64 -in "$pkgfile.sig" | tr -d '\n')
+		pgpsig=$(base64 "$pkgfile.sig" | tr -d '\n')
 	fi
 
-	csize=$(stat -c %s -L "$pkgfile")
+	csize=$(wc -c "$pkgfile" | cut -d' ' -f1)
 
 	# compute checksums
 	msg2 "$(gettext "Computing checksums...")"
-	md5sum=$(openssl dgst -md5 "$pkgfile")
-	md5sum=${md5sum##* }
-	sha256sum=$(openssl dgst -sha256 "$pkgfile")
-	sha256sum=${sha256sum##* }
+	md5sum=$(md5sum "$pkgfile")
+	md5sum=${md5sum%% *}
+	sha256sum=$(sha256sum "$pkgfile")
+	sha256sum=${sha256sum%% *}
 
 	# remove an existing entry if it exists, ignore failures
 	db_remove_entry "$pkgname"
@@ -522,7 +522,7 @@ db_write_entry() {
 	msg2 "$(gettext "Creating '%s' db entry...")" 'files'
 	local files_path="$tmpdir/files/$pkgname-$pkgver/files"
 	echo "%FILES%" >"$files_path"
-	bsdtar --exclude='^.*' -tf "$pkgfile" >>"$files_path"
+	bsdtar --exclude='^.*' -tf "$pkgfile" | LC_ALL=C sort -u >>"$files_path"
 
 	if (( RMEXISTING )); then
 		msg2 "$(gettext "Removing old package file '%s'")" "$oldfilename"
@@ -568,7 +568,7 @@ elephant() {
 		                 "ZL9JFFZeAa0a2+lKjL2anpYfV+0Zx9LJ+/MC8nRayuDlSNy2rfAPibOzsiWHL0jL" \
 		                 "SsjFAQAA"
 		;;
-	esac | openssl base64 -d | gzip -d
+	esac | base64 -d | gzip -d
 }
 
 prepare_repo_db() {
@@ -684,7 +684,7 @@ remove() {
 rotate_db() {
 	dirname=${LOCKFILE%/*}
 
-	pushd $dirname >/dev/null
+	pushd "$dirname" >/dev/null
 
 	for repo in "db" "files"; do
 		filename=${REPO_DB_PREFIX}.${repo}.${REPO_DB_SUFFIX}
@@ -890,13 +890,25 @@ fi
 
 check_xdelta
 
+if (( VERIFY && ${#args[@]} == 1 )); then
+	for repo in "db" "files"; do
+		dbfile=${repodir}/$REPO_DB_PREFIX.$repo.$REPO_DB_SUFFIX
+
+		if [[ -f $dbfile ]]; then
+			verify_signature "$dbfile"
+		fi
+	done
+	exit 0
+fi
+
 prepare_repo_db
 
+fail=0
 for arg in "${args[@]:1}"; do
 	case $cmd in
 		repo-add) add "$arg" ;;
 		repo-remove) remove "$arg" ;;
-	esac && success=1
+	esac || fail=1
 done
 
 # if the whole operation was a success, re-zip and rotate databases
@@ -910,4 +922,3 @@ else
 fi
 
 exit 0
-# vim: set noet:
diff --git a/msys2/usr/bin/repo-elephant b/msys2/usr/bin/repo-elephant
index 390157806..e2bd1cf05 100644
--- a/msys2/usr/bin/repo-elephant
+++ b/msys2/usr/bin/repo-elephant
@@ -4,7 +4,7 @@
 #   repo-remove - remove a package entry from a given repo database file
 #   Generated from repo-add.sh.in; do not edit by hand.
 #
-#   Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -25,7 +25,7 @@ shopt -s extglob
 export TEXTDOMAIN='pacman-scripts'
 export TEXTDOMAINDIR='/usr/share/locale'
 
-declare -r myver='5.0.1'
+declare -r myver='5.1.3'
 declare -r confdir='/etc'
 
 QUIET=0
@@ -161,7 +161,7 @@ version() {
 	cmd=${0##*/}
 	printf "%s (pacman) %s\n\n" "$cmd" "$myver"
 	printf -- "$(gettext "\
-Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>\n\n\
+Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>\n\n\
 This is free software; see the source for copying conditions.\n\
 There is NO WARRANTY, to the extent permitted by law.\n")"
 }
@@ -218,9 +218,9 @@ db_write_delta() {
 		echo -e "%DELTAS%" >"$deltas"
 	fi
 	# get md5sum and compressed size of package
-	md5sum=$(openssl dgst -md5 "$deltafile")
-	md5sum=${md5sum##* }
-	csize=$(stat -c %s -L "$deltafile")
+	md5sum=$(md5sum "$deltafile")
+	md5sum=${md5sum%% *}
+	csize=$(wc -c "$deltafile" | cut -d' ' -f1)
 
 	oldfile=$(xdelta3 printhdr "$deltafile" | grep "XDELTA filename (source)" | sed 's/.*: *//')
 	newfile=$(xdelta3 printhdr "$deltafile" | grep "XDELTA filename (output)" | sed 's/.*: *//')
@@ -435,23 +435,23 @@ db_write_entry() {
 			error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
 			return 1
 		fi
-		pgpsigsize=$(stat -c %s -L "$pkgfile.sig")
+		pgpsigsize=$(wc -c "$pkgfile.sig" | cut -d' ' -f1)
 		if (( pgpsigsize > 16384 )); then
 			error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
 			return 1
 		fi
 		msg2 "$(gettext "Adding package signature...")"
-		pgpsig=$(openssl base64 -in "$pkgfile.sig" | tr -d '\n')
+		pgpsig=$(base64 "$pkgfile.sig" | tr -d '\n')
 	fi
 
-	csize=$(stat -c %s -L "$pkgfile")
+	csize=$(wc -c "$pkgfile" | cut -d' ' -f1)
 
 	# compute checksums
 	msg2 "$(gettext "Computing checksums...")"
-	md5sum=$(openssl dgst -md5 "$pkgfile")
-	md5sum=${md5sum##* }
-	sha256sum=$(openssl dgst -sha256 "$pkgfile")
-	sha256sum=${sha256sum##* }
+	md5sum=$(md5sum "$pkgfile")
+	md5sum=${md5sum%% *}
+	sha256sum=$(sha256sum "$pkgfile")
+	sha256sum=${sha256sum%% *}
 
 	# remove an existing entry if it exists, ignore failures
 	db_remove_entry "$pkgname"
@@ -522,7 +522,7 @@ db_write_entry() {
 	msg2 "$(gettext "Creating '%s' db entry...")" 'files'
 	local files_path="$tmpdir/files/$pkgname-$pkgver/files"
 	echo "%FILES%" >"$files_path"
-	bsdtar --exclude='^.*' -tf "$pkgfile" >>"$files_path"
+	bsdtar --exclude='^.*' -tf "$pkgfile" | LC_ALL=C sort -u >>"$files_path"
 
 	if (( RMEXISTING )); then
 		msg2 "$(gettext "Removing old package file '%s'")" "$oldfilename"
@@ -568,7 +568,7 @@ elephant() {
 		                 "ZL9JFFZeAa0a2+lKjL2anpYfV+0Zx9LJ+/MC8nRayuDlSNy2rfAPibOzsiWHL0jL" \
 		                 "SsjFAQAA"
 		;;
-	esac | openssl base64 -d | gzip -d
+	esac | base64 -d | gzip -d
 }
 
 prepare_repo_db() {
@@ -684,7 +684,7 @@ remove() {
 rotate_db() {
 	dirname=${LOCKFILE%/*}
 
-	pushd $dirname >/dev/null
+	pushd "$dirname" >/dev/null
 
 	for repo in "db" "files"; do
 		filename=${REPO_DB_PREFIX}.${repo}.${REPO_DB_SUFFIX}
@@ -890,13 +890,25 @@ fi
 
 check_xdelta
 
+if (( VERIFY && ${#args[@]} == 1 )); then
+	for repo in "db" "files"; do
+		dbfile=${repodir}/$REPO_DB_PREFIX.$repo.$REPO_DB_SUFFIX
+
+		if [[ -f $dbfile ]]; then
+			verify_signature "$dbfile"
+		fi
+	done
+	exit 0
+fi
+
 prepare_repo_db
 
+fail=0
 for arg in "${args[@]:1}"; do
 	case $cmd in
 		repo-add) add "$arg" ;;
 		repo-remove) remove "$arg" ;;
-	esac && success=1
+	esac || fail=1
 done
 
 # if the whole operation was a success, re-zip and rotate databases
@@ -910,4 +922,3 @@ else
 fi
 
 exit 0
-# vim: set noet:
diff --git a/msys2/usr/bin/repo-remove b/msys2/usr/bin/repo-remove
index 390157806..e2bd1cf05 100644
--- a/msys2/usr/bin/repo-remove
+++ b/msys2/usr/bin/repo-remove
@@ -4,7 +4,7 @@
 #   repo-remove - remove a package entry from a given repo database file
 #   Generated from repo-add.sh.in; do not edit by hand.
 #
-#   Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -25,7 +25,7 @@ shopt -s extglob
 export TEXTDOMAIN='pacman-scripts'
 export TEXTDOMAINDIR='/usr/share/locale'
 
-declare -r myver='5.0.1'
+declare -r myver='5.1.3'
 declare -r confdir='/etc'
 
 QUIET=0
@@ -161,7 +161,7 @@ version() {
 	cmd=${0##*/}
 	printf "%s (pacman) %s\n\n" "$cmd" "$myver"
 	printf -- "$(gettext "\
-Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>\n\n\
+Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>\n\n\
 This is free software; see the source for copying conditions.\n\
 There is NO WARRANTY, to the extent permitted by law.\n")"
 }
@@ -218,9 +218,9 @@ db_write_delta() {
 		echo -e "%DELTAS%" >"$deltas"
 	fi
 	# get md5sum and compressed size of package
-	md5sum=$(openssl dgst -md5 "$deltafile")
-	md5sum=${md5sum##* }
-	csize=$(stat -c %s -L "$deltafile")
+	md5sum=$(md5sum "$deltafile")
+	md5sum=${md5sum%% *}
+	csize=$(wc -c "$deltafile" | cut -d' ' -f1)
 
 	oldfile=$(xdelta3 printhdr "$deltafile" | grep "XDELTA filename (source)" | sed 's/.*: *//')
 	newfile=$(xdelta3 printhdr "$deltafile" | grep "XDELTA filename (output)" | sed 's/.*: *//')
@@ -435,23 +435,23 @@ db_write_entry() {
 			error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
 			return 1
 		fi
-		pgpsigsize=$(stat -c %s -L "$pkgfile.sig")
+		pgpsigsize=$(wc -c "$pkgfile.sig" | cut -d' ' -f1)
 		if (( pgpsigsize > 16384 )); then
 			error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
 			return 1
 		fi
 		msg2 "$(gettext "Adding package signature...")"
-		pgpsig=$(openssl base64 -in "$pkgfile.sig" | tr -d '\n')
+		pgpsig=$(base64 "$pkgfile.sig" | tr -d '\n')
 	fi
 
-	csize=$(stat -c %s -L "$pkgfile")
+	csize=$(wc -c "$pkgfile" | cut -d' ' -f1)
 
 	# compute checksums
 	msg2 "$(gettext "Computing checksums...")"
-	md5sum=$(openssl dgst -md5 "$pkgfile")
-	md5sum=${md5sum##* }
-	sha256sum=$(openssl dgst -sha256 "$pkgfile")
-	sha256sum=${sha256sum##* }
+	md5sum=$(md5sum "$pkgfile")
+	md5sum=${md5sum%% *}
+	sha256sum=$(sha256sum "$pkgfile")
+	sha256sum=${sha256sum%% *}
 
 	# remove an existing entry if it exists, ignore failures
 	db_remove_entry "$pkgname"
@@ -522,7 +522,7 @@ db_write_entry() {
 	msg2 "$(gettext "Creating '%s' db entry...")" 'files'
 	local files_path="$tmpdir/files/$pkgname-$pkgver/files"
 	echo "%FILES%" >"$files_path"
-	bsdtar --exclude='^.*' -tf "$pkgfile" >>"$files_path"
+	bsdtar --exclude='^.*' -tf "$pkgfile" | LC_ALL=C sort -u >>"$files_path"
 
 	if (( RMEXISTING )); then
 		msg2 "$(gettext "Removing old package file '%s'")" "$oldfilename"
@@ -568,7 +568,7 @@ elephant() {
 		                 "ZL9JFFZeAa0a2+lKjL2anpYfV+0Zx9LJ+/MC8nRayuDlSNy2rfAPibOzsiWHL0jL" \
 		                 "SsjFAQAA"
 		;;
-	esac | openssl base64 -d | gzip -d
+	esac | base64 -d | gzip -d
 }
 
 prepare_repo_db() {
@@ -684,7 +684,7 @@ remove() {
 rotate_db() {
 	dirname=${LOCKFILE%/*}
 
-	pushd $dirname >/dev/null
+	pushd "$dirname" >/dev/null
 
 	for repo in "db" "files"; do
 		filename=${REPO_DB_PREFIX}.${repo}.${REPO_DB_SUFFIX}
@@ -890,13 +890,25 @@ fi
 
 check_xdelta
 
+if (( VERIFY && ${#args[@]} == 1 )); then
+	for repo in "db" "files"; do
+		dbfile=${repodir}/$REPO_DB_PREFIX.$repo.$REPO_DB_SUFFIX
+
+		if [[ -f $dbfile ]]; then
+			verify_signature "$dbfile"
+		fi
+	done
+	exit 0
+fi
+
 prepare_repo_db
 
+fail=0
 for arg in "${args[@]:1}"; do
 	case $cmd in
 		repo-add) add "$arg" ;;
 		repo-remove) remove "$arg" ;;
-	esac && success=1
+	esac || fail=1
 done
 
 # if the whole operation was a success, re-zip and rotate databases
@@ -910,4 +922,3 @@ else
 fi
 
 exit 0
-# vim: set noet:
diff --git a/msys2/usr/bin/reset.exe b/msys2/usr/bin/reset.exe
index af601c833..098e270e0 100644
Binary files a/msys2/usr/bin/reset.exe and b/msys2/usr/bin/reset.exe differ
diff --git a/msys2/usr/bin/rev.exe b/msys2/usr/bin/rev.exe
index a6f85f459..a6a3a400a 100644
Binary files a/msys2/usr/bin/rev.exe and b/msys2/usr/bin/rev.exe differ
diff --git a/msys2/usr/bin/rlogin.exe b/msys2/usr/bin/rlogin.exe
index cf8e67241..895fc61e6 100644
Binary files a/msys2/usr/bin/rlogin.exe and b/msys2/usr/bin/rlogin.exe differ
diff --git a/msys2/usr/bin/rm.exe b/msys2/usr/bin/rm.exe
index fa528e1d6..5529331b2 100644
Binary files a/msys2/usr/bin/rm.exe and b/msys2/usr/bin/rm.exe differ
diff --git a/msys2/usr/bin/rmdir.exe b/msys2/usr/bin/rmdir.exe
index 14280d774..70b1ab938 100644
Binary files a/msys2/usr/bin/rmdir.exe and b/msys2/usr/bin/rmdir.exe differ
diff --git a/msys2/usr/bin/rsh.exe b/msys2/usr/bin/rsh.exe
index 55e126cc0..9871f9efd 100644
Binary files a/msys2/usr/bin/rsh.exe and b/msys2/usr/bin/rsh.exe differ
diff --git a/msys2/usr/bin/runcon.exe b/msys2/usr/bin/runcon.exe
index 9a8bc4902..9f31d3f05 100644
Binary files a/msys2/usr/bin/runcon.exe and b/msys2/usr/bin/runcon.exe differ
diff --git a/msys2/usr/bin/script.exe b/msys2/usr/bin/script.exe
index 588e93fb4..0934c6f69 100644
Binary files a/msys2/usr/bin/script.exe and b/msys2/usr/bin/script.exe differ
diff --git a/msys2/usr/bin/scriptreplay.exe b/msys2/usr/bin/scriptreplay.exe
index e6182d0c9..d42d4b310 100644
Binary files a/msys2/usr/bin/scriptreplay.exe and b/msys2/usr/bin/scriptreplay.exe differ
diff --git a/msys2/usr/bin/sed.exe b/msys2/usr/bin/sed.exe
index 9c6ec21af..1cbcd2d3d 100644
Binary files a/msys2/usr/bin/sed.exe and b/msys2/usr/bin/sed.exe differ
diff --git a/msys2/usr/bin/seq.exe b/msys2/usr/bin/seq.exe
index 2014d80b5..b616fdcf4 100644
Binary files a/msys2/usr/bin/seq.exe and b/msys2/usr/bin/seq.exe differ
diff --git a/msys2/usr/bin/setfacl.exe b/msys2/usr/bin/setfacl.exe
index c9ccdce37..ffc0a9c17 100644
Binary files a/msys2/usr/bin/setfacl.exe and b/msys2/usr/bin/setfacl.exe differ
diff --git a/msys2/usr/bin/setmetamode.exe b/msys2/usr/bin/setmetamode.exe
index f1d778085..b3b5ce8e2 100644
Binary files a/msys2/usr/bin/setmetamode.exe and b/msys2/usr/bin/setmetamode.exe differ
diff --git a/msys2/usr/bin/setsid.exe b/msys2/usr/bin/setsid.exe
index 1d4c604e0..5321c138b 100644
Binary files a/msys2/usr/bin/setsid.exe and b/msys2/usr/bin/setsid.exe differ
diff --git a/msys2/usr/bin/sexp-conv.exe b/msys2/usr/bin/sexp-conv.exe
new file mode 100644
index 000000000..3136a70b4
Binary files /dev/null and b/msys2/usr/bin/sexp-conv.exe differ
diff --git a/msys2/usr/bin/sfdisk.exe b/msys2/usr/bin/sfdisk.exe
index cd0befc0a..52cd8d9e3 100644
Binary files a/msys2/usr/bin/sfdisk.exe and b/msys2/usr/bin/sfdisk.exe differ
diff --git a/msys2/usr/bin/sh.exe b/msys2/usr/bin/sh.exe
index faeaa9d1b..98906a71b 100644
Binary files a/msys2/usr/bin/sh.exe and b/msys2/usr/bin/sh.exe differ
diff --git a/msys2/usr/bin/sha1sum.exe b/msys2/usr/bin/sha1sum.exe
index e00b65083..04040bd20 100644
Binary files a/msys2/usr/bin/sha1sum.exe and b/msys2/usr/bin/sha1sum.exe differ
diff --git a/msys2/usr/bin/sha224sum.exe b/msys2/usr/bin/sha224sum.exe
index e6f4fcbd9..e638bf552 100644
Binary files a/msys2/usr/bin/sha224sum.exe and b/msys2/usr/bin/sha224sum.exe differ
diff --git a/msys2/usr/bin/sha256sum.exe b/msys2/usr/bin/sha256sum.exe
index 2531eb686..2b8cadee5 100644
Binary files a/msys2/usr/bin/sha256sum.exe and b/msys2/usr/bin/sha256sum.exe differ
diff --git a/msys2/usr/bin/sha384sum.exe b/msys2/usr/bin/sha384sum.exe
index b932311c3..ea1a53b48 100644
Binary files a/msys2/usr/bin/sha384sum.exe and b/msys2/usr/bin/sha384sum.exe differ
diff --git a/msys2/usr/bin/sha512sum.exe b/msys2/usr/bin/sha512sum.exe
index f74e5f13a..ca1324f41 100644
Binary files a/msys2/usr/bin/sha512sum.exe and b/msys2/usr/bin/sha512sum.exe differ
diff --git a/msys2/usr/bin/shred.exe b/msys2/usr/bin/shred.exe
index 18de857ee..ea4a97893 100644
Binary files a/msys2/usr/bin/shred.exe and b/msys2/usr/bin/shred.exe differ
diff --git a/msys2/usr/bin/shuf.exe b/msys2/usr/bin/shuf.exe
index 1e8a6a6c5..0c0661813 100644
Binary files a/msys2/usr/bin/shuf.exe and b/msys2/usr/bin/shuf.exe differ
diff --git a/msys2/usr/bin/sleep.exe b/msys2/usr/bin/sleep.exe
index 2a91d8b2e..12f4a6ae3 100644
Binary files a/msys2/usr/bin/sleep.exe and b/msys2/usr/bin/sleep.exe differ
diff --git a/msys2/usr/bin/sort.exe b/msys2/usr/bin/sort.exe
index 2bd7ac157..1434b34a0 100644
Binary files a/msys2/usr/bin/sort.exe and b/msys2/usr/bin/sort.exe differ
diff --git a/msys2/usr/bin/split.exe b/msys2/usr/bin/split.exe
index f21a4a7a1..3c431135c 100644
Binary files a/msys2/usr/bin/split.exe and b/msys2/usr/bin/split.exe differ
diff --git a/msys2/usr/bin/ssp.exe b/msys2/usr/bin/ssp.exe
index 94bfd45db..fdcbbabe9 100644
Binary files a/msys2/usr/bin/ssp.exe and b/msys2/usr/bin/ssp.exe differ
diff --git a/msys2/usr/bin/stat.exe b/msys2/usr/bin/stat.exe
index 29fb4125e..1a92c990a 100644
Binary files a/msys2/usr/bin/stat.exe and b/msys2/usr/bin/stat.exe differ
diff --git a/msys2/usr/bin/stdbuf.exe b/msys2/usr/bin/stdbuf.exe
deleted file mode 100644
index 83fc6e602..000000000
Binary files a/msys2/usr/bin/stdbuf.exe and /dev/null differ
diff --git a/msys2/usr/bin/strace.exe b/msys2/usr/bin/strace.exe
index e8f145955..c7967f7f6 100644
Binary files a/msys2/usr/bin/strace.exe and b/msys2/usr/bin/strace.exe differ
diff --git a/msys2/usr/bin/stty.exe b/msys2/usr/bin/stty.exe
index 4d6381026..0defe0d4b 100644
Binary files a/msys2/usr/bin/stty.exe and b/msys2/usr/bin/stty.exe differ
diff --git a/msys2/usr/bin/sum.exe b/msys2/usr/bin/sum.exe
index c72cfbd22..94176f908 100644
Binary files a/msys2/usr/bin/sum.exe and b/msys2/usr/bin/sum.exe differ
diff --git a/msys2/usr/bin/swaplabel.exe b/msys2/usr/bin/swaplabel.exe
index c4e701e11..95de9bb9f 100644
Binary files a/msys2/usr/bin/swaplabel.exe and b/msys2/usr/bin/swaplabel.exe differ
diff --git a/msys2/usr/bin/sync.exe b/msys2/usr/bin/sync.exe
index fc9094463..ac772c9d0 100644
Binary files a/msys2/usr/bin/sync.exe and b/msys2/usr/bin/sync.exe differ
diff --git a/msys2/usr/bin/tabs.exe b/msys2/usr/bin/tabs.exe
index 764005e82..a567fd7cc 100644
Binary files a/msys2/usr/bin/tabs.exe and b/msys2/usr/bin/tabs.exe differ
diff --git a/msys2/usr/bin/tac.exe b/msys2/usr/bin/tac.exe
index 23e01cbe4..128bcd584 100644
Binary files a/msys2/usr/bin/tac.exe and b/msys2/usr/bin/tac.exe differ
diff --git a/msys2/usr/bin/tail.exe b/msys2/usr/bin/tail.exe
index 4c37e9ffe..ab6a4dd3e 100644
Binary files a/msys2/usr/bin/tail.exe and b/msys2/usr/bin/tail.exe differ
diff --git a/msys2/usr/bin/tailf.exe b/msys2/usr/bin/tailf.exe
deleted file mode 100644
index 1506e52bf..000000000
Binary files a/msys2/usr/bin/tailf.exe and /dev/null differ
diff --git a/msys2/usr/bin/talk.exe b/msys2/usr/bin/talk.exe
index b053f6d27..eaa6c77b6 100644
Binary files a/msys2/usr/bin/talk.exe and b/msys2/usr/bin/talk.exe differ
diff --git a/msys2/usr/bin/tee.exe b/msys2/usr/bin/tee.exe
index 81ae830fb..356066358 100644
Binary files a/msys2/usr/bin/tee.exe and b/msys2/usr/bin/tee.exe differ
diff --git a/msys2/usr/bin/telnet.exe b/msys2/usr/bin/telnet.exe
index 3901f5f41..e0876f951 100644
Binary files a/msys2/usr/bin/telnet.exe and b/msys2/usr/bin/telnet.exe differ
diff --git a/msys2/usr/bin/test.exe b/msys2/usr/bin/test.exe
index 5b7ea4c43..34e36e177 100644
Binary files a/msys2/usr/bin/test.exe and b/msys2/usr/bin/test.exe differ
diff --git a/msys2/usr/bin/testpkg.exe b/msys2/usr/bin/testpkg.exe
index 90017c8c0..a400f0012 100644
Binary files a/msys2/usr/bin/testpkg.exe and b/msys2/usr/bin/testpkg.exe differ
diff --git a/msys2/usr/bin/tftp.exe b/msys2/usr/bin/tftp.exe
index 205c67ad3..d20426a08 100644
Binary files a/msys2/usr/bin/tftp.exe and b/msys2/usr/bin/tftp.exe differ
diff --git a/msys2/usr/bin/tic.exe b/msys2/usr/bin/tic.exe
index a982a3dc6..8a0fe9b56 100644
Binary files a/msys2/usr/bin/tic.exe and b/msys2/usr/bin/tic.exe differ
diff --git a/msys2/usr/bin/time.exe b/msys2/usr/bin/time.exe
index 7bd373be4..e8b545c2c 100644
Binary files a/msys2/usr/bin/time.exe and b/msys2/usr/bin/time.exe differ
diff --git a/msys2/usr/bin/timeout.exe b/msys2/usr/bin/timeout.exe
index 7fe91570a..2a17e63f7 100644
Binary files a/msys2/usr/bin/timeout.exe and b/msys2/usr/bin/timeout.exe differ
diff --git a/msys2/usr/bin/toe.exe b/msys2/usr/bin/toe.exe
index a78b1635b..dbc8538d1 100644
Binary files a/msys2/usr/bin/toe.exe and b/msys2/usr/bin/toe.exe differ
diff --git a/msys2/usr/bin/touch.exe b/msys2/usr/bin/touch.exe
index 3cc623a00..075b2d5e5 100644
Binary files a/msys2/usr/bin/touch.exe and b/msys2/usr/bin/touch.exe differ
diff --git a/msys2/usr/bin/tput.exe b/msys2/usr/bin/tput.exe
index c6aae0d41..4587ee1a2 100644
Binary files a/msys2/usr/bin/tput.exe and b/msys2/usr/bin/tput.exe differ
diff --git a/msys2/usr/bin/tr.exe b/msys2/usr/bin/tr.exe
index 153ce722f..b55335126 100644
Binary files a/msys2/usr/bin/tr.exe and b/msys2/usr/bin/tr.exe differ
diff --git a/msys2/usr/bin/true.exe b/msys2/usr/bin/true.exe
index fcbe7e36c..7dec1a7c9 100644
Binary files a/msys2/usr/bin/true.exe and b/msys2/usr/bin/true.exe differ
diff --git a/msys2/usr/bin/truncate.exe b/msys2/usr/bin/truncate.exe
index 6d9c71128..df2ffb109 100644
Binary files a/msys2/usr/bin/truncate.exe and b/msys2/usr/bin/truncate.exe differ
diff --git a/msys2/usr/bin/trust.exe b/msys2/usr/bin/trust.exe
index 4841a68ee..de425546d 100644
Binary files a/msys2/usr/bin/trust.exe and b/msys2/usr/bin/trust.exe differ
diff --git a/msys2/usr/bin/tset.exe b/msys2/usr/bin/tset.exe
index af601c833..098e270e0 100644
Binary files a/msys2/usr/bin/tset.exe and b/msys2/usr/bin/tset.exe differ
diff --git a/msys2/usr/bin/tsort.exe b/msys2/usr/bin/tsort.exe
index 65fcbd6c0..5b1a9ca02 100644
Binary files a/msys2/usr/bin/tsort.exe and b/msys2/usr/bin/tsort.exe differ
diff --git a/msys2/usr/bin/tty.exe b/msys2/usr/bin/tty.exe
index acb9e0110..3984f6871 100644
Binary files a/msys2/usr/bin/tty.exe and b/msys2/usr/bin/tty.exe differ
diff --git a/msys2/usr/bin/ttyplay.exe b/msys2/usr/bin/ttyplay.exe
index 961f138d2..9c0ea2b2c 100644
Binary files a/msys2/usr/bin/ttyplay.exe and b/msys2/usr/bin/ttyplay.exe differ
diff --git a/msys2/usr/bin/ttyrec.exe b/msys2/usr/bin/ttyrec.exe
index 3069d21da..2791ae37b 100644
Binary files a/msys2/usr/bin/ttyrec.exe and b/msys2/usr/bin/ttyrec.exe differ
diff --git a/msys2/usr/bin/ttytime.exe b/msys2/usr/bin/ttytime.exe
index eb71fadbf..3d49b675c 100644
Binary files a/msys2/usr/bin/ttytime.exe and b/msys2/usr/bin/ttytime.exe differ
diff --git a/msys2/usr/bin/tzselect b/msys2/usr/bin/tzselect
index 0f20faf6a..07c583591 100644
--- a/msys2/usr/bin/tzselect
+++ b/msys2/usr/bin/tzselect
@@ -1,12 +1,11 @@
 #!/bin/bash
+# Ask the user about the time zone, and output the resulting TZ value to stdout.
+# Interact with the user via stderr and stdin.
 
 PKGVERSION='(tzcode) '
 TZVERSION=unknown
 REPORT_BUGS_TO=tz@iana.org
 
-# Ask the user about the time zone, and output the resulting TZ value to stdout.
-# Interact with the user via stderr and stdin.
-
 # Contributed by Paul Eggert.  This file is in the public domain.
 
 # Porting notes:
@@ -55,7 +54,7 @@ location_limit=10
 zonetabtype=zone1970
 
 usage="Usage: tzselect [--version] [--help] [-c COORD] [-n LIMIT]
-Select a time zone interactively.
+Select a timezone interactively.
 
 Options:
 
@@ -327,7 +326,7 @@ while
 	eval '
 	    doselect '"$quoted_continents"' \
 		"coord - I want to use geographical coordinates." \
-		"TZ - I want to specify the time zone using the Posix TZ format."
+		"TZ - I want to specify the timezone using the Posix TZ format."
 	    continent=$select_result
 	    case $continent in
 	    Americas) continent=America;;
@@ -342,8 +341,8 @@ while
 		while
 			echo >&2 'Please enter the desired value' \
 				'of the TZ environment variable.'
-			echo >&2 'For example, AEST-10 is a zone named AEST' \
-				'that is 10 hours'
+			echo >&2 'For example, AEST-10 is abbreviated' \
+				'AEST and is 10 hours'
 			echo >&2 'ahead (east) of Greenwich,' \
 				'with no daylight saving time.'
 			read TZ
@@ -362,7 +361,7 @@ while
 				exit 0
 			}'
 		do
-		    say >&2 "'$TZ' is not a conforming Posix time zone string."
+		    say >&2 "'$TZ' is not a conforming Posix timezone string."
 		done
 		TZ_for_date=$TZ;;
 	*)
@@ -388,8 +387,7 @@ while
 		      BEGIN { FS = "\t" }
 		      { print $NF }
 		    '`
-		    echo >&2 'Please select one of the following' \
-			    'time zone regions,'
+		    echo >&2 'Please select one of the following timezones,' \
 		    echo >&2 'listed roughly in increasing order' \
 			    "of distance from $coord".
 		    doselect $regions
@@ -439,7 +437,7 @@ while
 		esac
 
 
-		# Get list of names of time zone rule regions in the country.
+		# Get list of timezones in the country.
 		regions=`$AWK \
 			-v country="$country" \
 			-v TZ_COUNTRY_TABLE="$TZ_COUNTRY_TABLE" \
@@ -462,8 +460,7 @@ while
 		# If there's more than one region, ask the user which one.
 		case $regions in
 		*"$newline"*)
-			echo >&2 'Please select one of the following' \
-				'time zone regions.'
+			echo >&2 'Please select one of the following timezones.'
 			doselect $regions
 			region=$select_result;;
 		*)
diff --git a/msys2/usr/bin/tzset.exe b/msys2/usr/bin/tzset.exe
index 91c79129d..7b0165e33 100644
Binary files a/msys2/usr/bin/tzset.exe and b/msys2/usr/bin/tzset.exe differ
diff --git a/msys2/usr/bin/ul.exe b/msys2/usr/bin/ul.exe
index 91d3e34f5..c433bbb2a 100644
Binary files a/msys2/usr/bin/ul.exe and b/msys2/usr/bin/ul.exe differ
diff --git a/msys2/usr/bin/umount.exe b/msys2/usr/bin/umount.exe
index 3f6ec96b5..6557e443f 100644
Binary files a/msys2/usr/bin/umount.exe and b/msys2/usr/bin/umount.exe differ
diff --git a/msys2/usr/bin/uname.exe b/msys2/usr/bin/uname.exe
index cc691f100..b1923b975 100644
Binary files a/msys2/usr/bin/uname.exe and b/msys2/usr/bin/uname.exe differ
diff --git a/msys2/usr/bin/uncompress b/msys2/usr/bin/uncompress
index 8f0c24fcf..0708807f0 100644
--- a/msys2/usr/bin/uncompress
+++ b/msys2/usr/bin/uncompress
@@ -17,8 +17,8 @@
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
-version="gunzip (gzip) 1.9
-Copyright (C) 2007, 2011-2017 Free Software Foundation, Inc.
+version="gunzip (gzip) 1.10
+Copyright (C) 2007, 2011-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/unexpand.exe b/msys2/usr/bin/unexpand.exe
index 97d45320b..ad1c6c09f 100644
Binary files a/msys2/usr/bin/unexpand.exe and b/msys2/usr/bin/unexpand.exe differ
diff --git a/msys2/usr/bin/uniq.exe b/msys2/usr/bin/uniq.exe
index c680d1ed3..0bf329d42 100644
Binary files a/msys2/usr/bin/uniq.exe and b/msys2/usr/bin/uniq.exe differ
diff --git a/msys2/usr/bin/unlink.exe b/msys2/usr/bin/unlink.exe
index 2ba752c84..f3000c1f5 100644
Binary files a/msys2/usr/bin/unlink.exe and b/msys2/usr/bin/unlink.exe differ
diff --git a/msys2/usr/bin/unlzma.exe b/msys2/usr/bin/unlzma.exe
index d0ae520e1..6b754aa48 100644
Binary files a/msys2/usr/bin/unlzma.exe and b/msys2/usr/bin/unlzma.exe differ
diff --git a/msys2/usr/bin/unxz.exe b/msys2/usr/bin/unxz.exe
index d0ae520e1..6b754aa48 100644
Binary files a/msys2/usr/bin/unxz.exe and b/msys2/usr/bin/unxz.exe differ
diff --git a/msys2/usr/bin/updpkgsums b/msys2/usr/bin/updpkgsums
index 6df4b901c..effc105d2 100644
--- a/msys2/usr/bin/updpkgsums
+++ b/msys2/usr/bin/updpkgsums
@@ -20,19 +20,22 @@
 shopt -s extglob
 
 declare -r myname='updpkgsums'
-declare -r myver='5.0.1'
+declare -r myver='1.0.0'
 
 usage() {
-	printf "%s (pacman) v%s\n" "${myname}" "${myver}"
+	printf "%s v%s\n" "${myname}" "${myver}"
 	echo
 	printf "%s will perform an in place update of the checksums in the\n" "${myname}"
 	echo "path specified by [build file], defaulting to PKGBUILD in the current"
 	echo "working directory."
 	echo
-	printf "Usage: %s [build file]\n" "${myname}"
+	printf "Usage: %s [options] [build file]\n" "${myname}"
 	echo
 	echo "    -h, --help        display this help message and exit"
 	echo "    -V, --version     display version information and exit"
+	echo
+	echo "These options can be passed to makepkg:"
+	echo "    -m, --nocolor     disable colorized output messages"
 }
 
 version() {
@@ -45,12 +48,18 @@ die() {
 	exit 1
 }
 
-case $1 in
-	-h|--help) usage; exit ;;
-	-V|--version) version; exit ;;
-esac
+MAKEPKG_OPTS=()
+buildfile='PKGBUILD'
+
+while (( "$#" )); do
+	case "$1" in
+		-h|--help) usage; exit ;;
+		-m|--nocolor) MAKEPKG_OPTS+=("$1"); shift ;;
+		-V|--version) version; exit ;;
+		*) buildfile="$1"; break 2 ;;
+	esac
+done
 
-buildfile=${1:-PKGBUILD}
 if [[ ! -f $buildfile ]]; then
 	die "%s not found or is not a file" "$buildfile"
 fi
@@ -83,7 +92,7 @@ export BUILDDIR=$(mktemp -d  "${TMPDIR:-/tmp}/updpkgsums.XXXXXX")
 newbuildfile=$(mktemp "${TMPDIR:-/tmp}/updpkgsums.XXXXXX")
 
 trap "rm -rf '$BUILDDIR' '$newbuildfile'" EXIT
-newsums=$(MINGW_PACKAGE_PREFIX=mingw-w64-i686 makepkg -g -p "$buildfile") || die 'Failed to generate new checksums'
+newsums=$(MINGW_PACKAGE_PREFIX=mingw-w64-i686 makepkg -g -p "$buildfile" "${MAKEPKG_OPTS[@]}") || die 'Failed to generate new checksums'
 awk -v newsums="$newsums" '
 	/^[[:blank:]]*(md|sha)[[:digit:]]+sums(_[^=]+)?=/,/\)[[:blank:]]*(#.*)?$/ {
 		if (!w) {
diff --git a/msys2/usr/bin/users.exe b/msys2/usr/bin/users.exe
index 7482f2004..2f26ea59f 100644
Binary files a/msys2/usr/bin/users.exe and b/msys2/usr/bin/users.exe differ
diff --git a/msys2/usr/bin/uuidd.exe b/msys2/usr/bin/uuidd.exe
deleted file mode 100644
index a7fc28855..000000000
Binary files a/msys2/usr/bin/uuidd.exe and /dev/null differ
diff --git a/msys2/usr/bin/uuidgen.exe b/msys2/usr/bin/uuidgen.exe
index 4774dae70..8b40ea231 100644
Binary files a/msys2/usr/bin/uuidgen.exe and b/msys2/usr/bin/uuidgen.exe differ
diff --git a/msys2/usr/bin/uuidparse.exe b/msys2/usr/bin/uuidparse.exe
new file mode 100644
index 000000000..a84a31578
Binary files /dev/null and b/msys2/usr/bin/uuidparse.exe differ
diff --git a/msys2/usr/bin/vdir.exe b/msys2/usr/bin/vdir.exe
index bcd5003aa..dfdce6cac 100644
Binary files a/msys2/usr/bin/vdir.exe and b/msys2/usr/bin/vdir.exe differ
diff --git a/msys2/usr/bin/vercmp.exe b/msys2/usr/bin/vercmp.exe
index 7fba83b35..d4fa0e37b 100644
Binary files a/msys2/usr/bin/vercmp.exe and b/msys2/usr/bin/vercmp.exe differ
diff --git a/msys2/usr/bin/watchgnupg.exe b/msys2/usr/bin/watchgnupg.exe
new file mode 100644
index 000000000..d2058674d
Binary files /dev/null and b/msys2/usr/bin/watchgnupg.exe differ
diff --git a/msys2/usr/bin/wc.exe b/msys2/usr/bin/wc.exe
index d82721889..de2d94126 100644
Binary files a/msys2/usr/bin/wc.exe and b/msys2/usr/bin/wc.exe differ
diff --git a/msys2/usr/bin/wget.exe b/msys2/usr/bin/wget.exe
index 9ea7f2dd8..7ecb96876 100644
Binary files a/msys2/usr/bin/wget.exe and b/msys2/usr/bin/wget.exe differ
diff --git a/msys2/usr/bin/whereis.exe b/msys2/usr/bin/whereis.exe
index 1f7805dd0..97b0107a7 100644
Binary files a/msys2/usr/bin/whereis.exe and b/msys2/usr/bin/whereis.exe differ
diff --git a/msys2/usr/bin/who.exe b/msys2/usr/bin/who.exe
index b51985b64..323418a02 100644
Binary files a/msys2/usr/bin/who.exe and b/msys2/usr/bin/who.exe differ
diff --git a/msys2/usr/bin/whoami.exe b/msys2/usr/bin/whoami.exe
index df8170311..df33dffbf 100644
Binary files a/msys2/usr/bin/whoami.exe and b/msys2/usr/bin/whoami.exe differ
diff --git a/msys2/usr/bin/wipefs.exe b/msys2/usr/bin/wipefs.exe
index d6b998d0f..de57d9ae0 100644
Binary files a/msys2/usr/bin/wipefs.exe and b/msys2/usr/bin/wipefs.exe differ
diff --git a/msys2/usr/bin/xmlcatalog.exe b/msys2/usr/bin/xmlcatalog.exe
index 65ea1f710..c3ea7fd79 100644
Binary files a/msys2/usr/bin/xmlcatalog.exe and b/msys2/usr/bin/xmlcatalog.exe differ
diff --git a/msys2/usr/bin/xmllint.exe b/msys2/usr/bin/xmllint.exe
index 7b1f6398a..120d8cc62 100644
Binary files a/msys2/usr/bin/xmllint.exe and b/msys2/usr/bin/xmllint.exe differ
diff --git a/msys2/usr/bin/xsltproc.exe b/msys2/usr/bin/xsltproc.exe
index 5180e9a07..8da2ccf6f 100644
Binary files a/msys2/usr/bin/xsltproc.exe and b/msys2/usr/bin/xsltproc.exe differ
diff --git a/msys2/usr/bin/xz.exe b/msys2/usr/bin/xz.exe
index d0ae520e1..6b754aa48 100644
Binary files a/msys2/usr/bin/xz.exe and b/msys2/usr/bin/xz.exe differ
diff --git a/msys2/usr/bin/xzcat.exe b/msys2/usr/bin/xzcat.exe
index d0ae520e1..6b754aa48 100644
Binary files a/msys2/usr/bin/xzcat.exe and b/msys2/usr/bin/xzcat.exe differ
diff --git a/msys2/usr/bin/xzcmp b/msys2/usr/bin/xzcmp
index bc665f527..bbf57d24d 100644
--- a/msys2/usr/bin/xzcmp
+++ b/msys2/usr/bin/xzcmp
@@ -29,7 +29,7 @@ case ${0##*/} in
   *)     prog=xzdiff; cmp=${DIFF:-diff};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... FILE1 [FILE2]
 Compare FILE1 to FILE2, using their uncompressed contents if they are
diff --git a/msys2/usr/bin/xzdec.exe b/msys2/usr/bin/xzdec.exe
index 6290a384d..d7c17c8cc 100644
Binary files a/msys2/usr/bin/xzdec.exe and b/msys2/usr/bin/xzdec.exe differ
diff --git a/msys2/usr/bin/xzdiff b/msys2/usr/bin/xzdiff
index bc665f527..bbf57d24d 100644
--- a/msys2/usr/bin/xzdiff
+++ b/msys2/usr/bin/xzdiff
@@ -29,7 +29,7 @@ case ${0##*/} in
   *)     prog=xzdiff; cmp=${DIFF:-diff};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... FILE1 [FILE2]
 Compare FILE1 to FILE2, using their uncompressed contents if they are
diff --git a/msys2/usr/bin/xzegrep b/msys2/usr/bin/xzegrep
index 4fdb5335d..904888d27 100644
--- a/msys2/usr/bin/xzegrep
+++ b/msys2/usr/bin/xzegrep
@@ -33,7 +33,7 @@ case ${0##*/} in
   *)       prog=xzgrep; grep=${GREP:-grep};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... [-e] PATTERN [FILE]...
 Look for instances of PATTERN in the input FILEs, using their
diff --git a/msys2/usr/bin/xzfgrep b/msys2/usr/bin/xzfgrep
index 4fdb5335d..904888d27 100644
--- a/msys2/usr/bin/xzfgrep
+++ b/msys2/usr/bin/xzfgrep
@@ -33,7 +33,7 @@ case ${0##*/} in
   *)       prog=xzgrep; grep=${GREP:-grep};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... [-e] PATTERN [FILE]...
 Look for instances of PATTERN in the input FILEs, using their
diff --git a/msys2/usr/bin/xzgrep b/msys2/usr/bin/xzgrep
index 4fdb5335d..904888d27 100644
--- a/msys2/usr/bin/xzgrep
+++ b/msys2/usr/bin/xzgrep
@@ -33,7 +33,7 @@ case ${0##*/} in
   *)       prog=xzgrep; grep=${GREP:-grep};;
 esac
 
-version="$prog (XZ Utils) 5.2.3"
+version="$prog (XZ Utils) 5.2.4"
 
 usage="Usage: ${0##*/} [OPTION]... [-e] PATTERN [FILE]...
 Look for instances of PATTERN in the input FILEs, using their
diff --git a/msys2/usr/bin/xzless b/msys2/usr/bin/xzless
index 0425cc112..33a1ec86c 100644
--- a/msys2/usr/bin/xzless
+++ b/msys2/usr/bin/xzless
@@ -22,7 +22,7 @@
 # specified via XZ_OPT.
 xz='xz --format=auto'
 
-version='xzless (XZ Utils) 5.2.3'
+version='xzless (XZ Utils) 5.2.4'
 
 usage="Usage: ${0##*/} [OPTION]... [FILE]...
 Like 'less', but operate on the uncompressed contents of xz compressed FILEs.
diff --git a/msys2/usr/bin/xzmore b/msys2/usr/bin/xzmore
index bed3d2489..a1f6befc5 100644
--- a/msys2/usr/bin/xzmore
+++ b/msys2/usr/bin/xzmore
@@ -22,7 +22,7 @@
 # specified via XZ_OPT.
 xz='xz --format=auto'
 
-version='xzmore (XZ Utils) 5.2.3'
+version='xzmore (XZ Utils) 5.2.4'
 
 usage="Usage: ${0##*/} [OPTION]... [FILE]...
 Like 'more', but operate on the uncompressed contents of xz compressed FILEs.
diff --git a/msys2/usr/bin/yat2m.exe b/msys2/usr/bin/yat2m.exe
new file mode 100644
index 000000000..435f5877f
Binary files /dev/null and b/msys2/usr/bin/yat2m.exe differ
diff --git a/msys2/usr/bin/yes.exe b/msys2/usr/bin/yes.exe
index 156e2c5ae..af1f30522 100644
Binary files a/msys2/usr/bin/yes.exe and b/msys2/usr/bin/yes.exe differ
diff --git a/msys2/usr/bin/zcat b/msys2/usr/bin/zcat
index 6cf75b64e..765b89d66 100644
--- a/msys2/usr/bin/zcat
+++ b/msys2/usr/bin/zcat
@@ -17,8 +17,8 @@
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
-version="zcat (gzip) 1.9
-Copyright (C) 2007, 2011-2017 Free Software Foundation, Inc.
+version="zcat (gzip) 1.10
+Copyright (C) 2007, 2011-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/zcmp b/msys2/usr/bin/zcmp
index ad2cf56ba..f3cf74e93 100644
--- a/msys2/usr/bin/zcmp
+++ b/msys2/usr/bin/zcmp
@@ -17,7 +17,7 @@
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
-version="zcmp (gzip) 1.9
+version="zcmp (gzip) 1.10
 Copyright (C) 2010 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
diff --git a/msys2/usr/bin/zdiff b/msys2/usr/bin/zdiff
index a4c7dfdb5..209315db5 100644
--- a/msys2/usr/bin/zdiff
+++ b/msys2/usr/bin/zdiff
@@ -24,8 +24,8 @@ case $1 in
   *)    prog=diff; cmp='${DIFF-diff}';;
 esac
 
-version="z$prog (gzip) 1.9
-Copyright (C) 2009, 2011-2017 Free Software Foundation, Inc.
+version="z$prog (gzip) 1.10
+Copyright (C) 2009, 2011-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/zdump.exe b/msys2/usr/bin/zdump.exe
index 6d2a1f763..db2f776e1 100644
Binary files a/msys2/usr/bin/zdump.exe and b/msys2/usr/bin/zdump.exe differ
diff --git a/msys2/usr/bin/zforce b/msys2/usr/bin/zforce
index fd9cd177a..7262f0e3c 100644
--- a/msys2/usr/bin/zforce
+++ b/msys2/usr/bin/zforce
@@ -23,8 +23,8 @@
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
-version="zforce (gzip) 1.9
-Copyright (C) 2010-2017 Free Software Foundation, Inc.
+version="zforce (gzip) 1.10
+Copyright (C) 2010-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/zgrep b/msys2/usr/bin/zgrep
index 661ea5a59..af87437b8 100644
--- a/msys2/usr/bin/zgrep
+++ b/msys2/usr/bin/zgrep
@@ -24,8 +24,8 @@
 
 grep='${GREP-'\''/usr/bin/grep'\''}'
 
-version='zgrep (gzip) 1.9
-Copyright (C) 2010-2017 Free Software Foundation, Inc.
+version='zgrep (gzip) 1.10
+Copyright (C) 2010-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/zic.exe b/msys2/usr/bin/zic.exe
index 7a4ecd4f4..8f0e23b32 100644
Binary files a/msys2/usr/bin/zic.exe and b/msys2/usr/bin/zic.exe differ
diff --git a/msys2/usr/bin/zless b/msys2/usr/bin/zless
index a0670ecaa..041551500 100644
--- a/msys2/usr/bin/zless
+++ b/msys2/usr/bin/zless
@@ -16,8 +16,8 @@
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
-version="zless (gzip) 1.9
-Copyright (C) 2007, 2011-2017 Free Software Foundation, Inc.
+version="zless (gzip) 1.10
+Copyright (C) 2007, 2011-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/zmore b/msys2/usr/bin/zmore
index 2d23f4162..d9d0bb34c 100644
--- a/msys2/usr/bin/zmore
+++ b/msys2/usr/bin/zmore
@@ -17,8 +17,8 @@
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
-version="zmore (gzip) 1.9
-Copyright (C) 2010-2017 Free Software Foundation, Inc.
+version="zmore (gzip) 1.10
+Copyright (C) 2010-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/bin/znew b/msys2/usr/bin/znew
index fbebf4365..bb60b6f76 100644
--- a/msys2/usr/bin/znew
+++ b/msys2/usr/bin/znew
@@ -18,8 +18,8 @@
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
-version="znew (gzip) 1.9
-Copyright (C) 2010-2017 Free Software Foundation, Inc.
+version="znew (gzip) 1.10
+Copyright (C) 2010-2018 Free Software Foundation, Inc.
 This is free software.  You may redistribute copies of it under the terms of
 the GNU General Public License <https://www.gnu.org/licenses/gpl.html>.
 There is NO WARRANTY, to the extent permitted by law.
diff --git a/msys2/usr/include/alpm.h b/msys2/usr/include/alpm.h
index 52bf0cf05..5da02ebd8 100644
--- a/msys2/usr/include/alpm.h
+++ b/msys2/usr/include/alpm.h
@@ -1,7 +1,7 @@
 /*
  * alpm.h
  *
- *  Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
+ *  Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
  *  Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
  *  Copyright (c) 2005 by Aurelien Foret <orelien@chez.com>
  *  Copyright (c) 2005 by Christian Hamar <krics@linuxforum.hu>
@@ -20,8 +20,8 @@
  *  You should have received a copy of the GNU General Public License
  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-#ifndef _ALPM_H
-#define _ALPM_H
+#ifndef ALPM_H
+#define ALPM_H
 
 #ifdef __cplusplus
 extern "C" {
@@ -53,7 +53,8 @@ typedef struct __alpm_trans_t alpm_trans_t;
  * @{
  */
 typedef enum _alpm_errno_t {
-	ALPM_ERR_MEMORY = 1,
+	ALPM_ERR_OK = 0,
+	ALPM_ERR_MEMORY,
 	ALPM_ERR_SYSTEM,
 	ALPM_ERR_BADPERMS,
 	ALPM_ERR_NOT_A_FILE,
@@ -203,7 +204,7 @@ typedef enum _alpm_siglevel_t {
 	ALPM_SIG_DATABASE_MARGINAL_OK = (1 << 12),
 	ALPM_SIG_DATABASE_UNKNOWN_OK = (1 << 13),
 
-	ALPM_SIG_USE_DEFAULT = (1 << 31)
+	ALPM_SIG_USE_DEFAULT = (1 << 30)
 } alpm_siglevel_t;
 
 /** PGP signature verification status return codes */
@@ -464,7 +465,7 @@ typedef enum _alpm_event_type_t {
 	ALPM_EVENT_HOOK_DONE,
 	/** A hook is starting */
 	ALPM_EVENT_HOOK_RUN_START,
-	/** A hook has finnished runnning */
+	/** A hook has finished running */
 	ALPM_EVENT_HOOK_RUN_DONE
 } alpm_event_type_t;
 
@@ -829,6 +830,11 @@ int alpm_option_add_hookdir(alpm_handle_t *handle, const char *hookdir);
 int alpm_option_remove_hookdir(alpm_handle_t *handle, const char *hookdir);
 /** @} */
 
+alpm_list_t *alpm_option_get_overwrite_files(alpm_handle_t *handle);
+int alpm_option_set_overwrite_files(alpm_handle_t *handle, alpm_list_t *globs);
+int alpm_option_add_overwrite_file(alpm_handle_t *handle, const char *glob);
+int alpm_option_remove_overwrite_file(alpm_handle_t *handle, const char *glob);
+
 /** Returns the logfile name. */
 const char *alpm_option_get_logfile(alpm_handle_t *handle);
 /** Sets the logfile name. */
@@ -916,14 +922,16 @@ int alpm_option_set_checkspace(alpm_handle_t *handle, int checkspace);
 const char *alpm_option_get_dbext(alpm_handle_t *handle);
 int alpm_option_set_dbext(alpm_handle_t *handle, const char *dbext);
 
-alpm_siglevel_t alpm_option_get_default_siglevel(alpm_handle_t *handle);
-int alpm_option_set_default_siglevel(alpm_handle_t *handle, alpm_siglevel_t level);
+int alpm_option_get_default_siglevel(alpm_handle_t *handle);
+int alpm_option_set_default_siglevel(alpm_handle_t *handle, int level);
 
-alpm_siglevel_t alpm_option_get_local_file_siglevel(alpm_handle_t *handle);
-int alpm_option_set_local_file_siglevel(alpm_handle_t *handle, alpm_siglevel_t level);
+int alpm_option_get_local_file_siglevel(alpm_handle_t *handle);
+int alpm_option_set_local_file_siglevel(alpm_handle_t *handle, int level);
 
-alpm_siglevel_t alpm_option_get_remote_file_siglevel(alpm_handle_t *handle);
-int alpm_option_set_remote_file_siglevel(alpm_handle_t *handle, alpm_siglevel_t level);
+int alpm_option_get_remote_file_siglevel(alpm_handle_t *handle);
+int alpm_option_set_remote_file_siglevel(alpm_handle_t *handle, int level);
+
+int alpm_option_set_disable_dl_timeout(alpm_handle_t *handle, unsigned short disable_dl_timeout);
 
 /** @} */
 
@@ -956,7 +964,7 @@ alpm_list_t *alpm_get_syncdbs(alpm_handle_t *handle);
  * @return an alpm_db_t* on success (the value), NULL on error
  */
 alpm_db_t *alpm_register_syncdb(alpm_handle_t *handle, const char *treename,
-		alpm_siglevel_t level);
+		int level);
 
 /** Unregister all package databases.
  * @param handle the context handle
@@ -982,7 +990,7 @@ const char *alpm_db_get_name(const alpm_db_t *db);
  * @param db pointer to the package database
  * @return the signature verification level
  */
-alpm_siglevel_t alpm_db_get_siglevel(alpm_db_t *db);
+int alpm_db_get_siglevel(alpm_db_t *db);
 
 /** Check the validity of a database.
  * This is most useful for sync databases and verifying signature status.
@@ -1049,14 +1057,14 @@ typedef enum _alpm_db_usage_ {
  * @param usage a bitmask of alpm_db_usage_t values
  * @return 0 on success, or -1 on error
  */
-int alpm_db_set_usage(alpm_db_t *db, alpm_db_usage_t usage);
+int alpm_db_set_usage(alpm_db_t *db, int usage);
 
 /** Gets the usage of a database.
  * @param db pointer to the package database to get the status of
  * @param usage pointer to an alpm_db_usage_t to store db's status
  * @return 0 on success, or -1 on error
  */
-int alpm_db_get_usage(alpm_db_t *db, alpm_db_usage_t *usage);
+int alpm_db_get_usage(alpm_db_t *db, int *usage);
 
 /** @} */
 
@@ -1080,7 +1088,7 @@ int alpm_db_get_usage(alpm_db_t *db, alpm_db_usage_t *usage);
  * @return 0 on success, -1 on error (pm_errno is set accordingly)
  */
 int alpm_pkg_load(alpm_handle_t *handle, const char *filename, int full,
-		alpm_siglevel_t level, alpm_pkg_t **pkg);
+		int level, alpm_pkg_t **pkg);
 
 /** Find a package in a list by name.
  * @param haystack a list of alpm_pkg_t
@@ -1260,6 +1268,18 @@ alpm_list_t *alpm_pkg_get_depends(alpm_pkg_t *pkg);
  */
 alpm_list_t *alpm_pkg_get_optdepends(alpm_pkg_t *pkg);
 
+/** Returns a list of package check dependencies
+ * @param pkg a pointer to package
+ * @return a reference to an internal list of alpm_depend_t structures.
+ */
+alpm_list_t *alpm_pkg_get_checkdepends(alpm_pkg_t *pkg);
+
+/** Returns a list of package make dependencies
+ * @param pkg a pointer to package
+ * @return a reference to an internal list of alpm_depend_t structures.
+ */
+alpm_list_t *alpm_pkg_get_makedepends(alpm_pkg_t *pkg);
+
 /** Returns the list of packages conflicting with pkg.
  * @param pkg a pointer to package
  * @return a reference to an internal list of alpm_depend_t structures.
@@ -1317,7 +1337,7 @@ const char *alpm_pkg_get_base64_sig(alpm_pkg_t *pkg);
  * @param pkg a pointer to package
  * @return an enum member giving the validation method
  */
-alpm_pkgvalidation_t alpm_pkg_get_validation(alpm_pkg_t *pkg);
+int alpm_pkg_get_validation(alpm_pkg_t *pkg);
 
 /* End of alpm_pkg_t accessors */
 /* @} */
@@ -1479,7 +1499,7 @@ typedef enum _alpm_transflag_t {
  * @param handle the context handle
  * @return the bitfield of transaction flags
  */
-alpm_transflag_t alpm_trans_get_flags(alpm_handle_t *handle);
+int alpm_trans_get_flags(alpm_handle_t *handle);
 
 /** Returns a list of packages added by the transaction.
  * @param handle the context handle
@@ -1495,10 +1515,10 @@ alpm_list_t *alpm_trans_get_remove(alpm_handle_t *handle);
 
 /** Initialize the transaction.
  * @param handle the context handle
- * @param flags flags of the transaction (like nodeps, etc)
+ * @param flags flags of the transaction (like nodeps, etc; see alpm_transflag_t)
  * @return 0 on success, -1 on error (pm_errno is set accordingly)
  */
-int alpm_trans_init(alpm_handle_t *handle, alpm_transflag_t flags);
+int alpm_trans_init(alpm_handle_t *handle, int flags);
 
 /** Prepare a transaction.
  * @param handle the context handle
@@ -1621,7 +1641,8 @@ enum alpm_caps {
 };
 
 const char *alpm_version(void);
-enum alpm_caps alpm_capabilities(void);
+/* Return a bitfield of capabilities using values from 'enum alpm_caps' */
+int alpm_capabilities(void);
 
 void alpm_fileconflict_free(alpm_fileconflict_t *conflict);
 void alpm_depmissing_free(alpm_depmissing_t *miss);
@@ -1633,6 +1654,4 @@ void alpm_conflict_free(alpm_conflict_t *conflict);
 #ifdef __cplusplus
 }
 #endif
-#endif /* _ALPM_H */
-
-/* vim: set noet: */
+#endif /* ALPM_H */
diff --git a/msys2/usr/include/alpm_list.h b/msys2/usr/include/alpm_list.h
index 5af84e1af..8a2c5b2bb 100644
--- a/msys2/usr/include/alpm_list.h
+++ b/msys2/usr/include/alpm_list.h
@@ -1,7 +1,7 @@
 /*
  *  alpm_list.h
  *
- *  Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
+ *  Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
  *  Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
  *
  *  This program is free software; you can redistribute it and/or modify
@@ -17,8 +17,8 @@
  *  You should have received a copy of the GNU General Public License
  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-#ifndef _ALPM_LIST_H
-#define _ALPM_LIST_H
+#ifndef ALPM_LIST_H
+#define ALPM_LIST_H
 
 #include <stdlib.h> /* size_t */
 
@@ -58,6 +58,7 @@ void alpm_list_free_inner(alpm_list_t *list, alpm_list_fn_free fn);
 /* item mutators */
 alpm_list_t *alpm_list_add(alpm_list_t *list, void *data);
 alpm_list_t *alpm_list_append(alpm_list_t **list, void *data);
+alpm_list_t *alpm_list_append_strdup(alpm_list_t **list, const char *data);
 alpm_list_t *alpm_list_add_sorted(alpm_list_t *list, void *data, alpm_list_fn_cmp fn);
 alpm_list_t *alpm_list_join(alpm_list_t *first, alpm_list_t *second);
 alpm_list_t *alpm_list_mmerge(alpm_list_t *left, alpm_list_t *right, alpm_list_fn_cmp fn);
@@ -90,6 +91,4 @@ void *alpm_list_to_array(const alpm_list_t *list, size_t n, size_t size);
 #ifdef __cplusplus
 }
 #endif
-#endif /* _ALPM_LIST_H */
-
-/* vim: set noet: */
+#endif /* ALPM_LIST_H */
diff --git a/msys2/usr/include/fdt.h b/msys2/usr/include/fdt.h
index 526aedb51..74961f902 100644
--- a/msys2/usr/include/fdt.h
+++ b/msys2/usr/include/fdt.h
@@ -1,5 +1,5 @@
-#ifndef _FDT_H
-#define _FDT_H
+#ifndef FDT_H
+#define FDT_H
 /*
  * libfdt - Flat Device Tree manipulation
  * Copyright (C) 2006 David Gibson, IBM Corporation.
@@ -108,4 +108,4 @@ struct fdt_property {
 #define FDT_V16_SIZE	FDT_V3_SIZE
 #define FDT_V17_SIZE	(FDT_V16_SIZE + sizeof(fdt32_t))
 
-#endif /* _FDT_H */
+#endif /* FDT_H */
diff --git a/msys2/usr/include/gawkapi.h b/msys2/usr/include/gawkapi.h
index 93ec5c1f2..3db8990a4 100644
--- a/msys2/usr/include/gawkapi.h
+++ b/msys2/usr/include/gawkapi.h
@@ -3,7 +3,7 @@
  */
 
 /*
- * Copyright (C) 2012-2017 the Free Software Foundation, Inc.
+ * Copyright (C) 2012-2018 the Free Software Foundation, Inc.
  *
  * This file is part of GAWK, the GNU implementation of the
  * AWK Programming Language.
@@ -323,13 +323,15 @@ typedef struct awk_string {
 	size_t len;	/* length thereof, in chars */
 } awk_string_t;
 
+enum AWK_NUMBER_TYPE {
+	AWK_NUMBER_TYPE_DOUBLE,
+	AWK_NUMBER_TYPE_MPFR,
+	AWK_NUMBER_TYPE_MPZ
+};
+
 typedef struct awk_number {
 	double d;	/* always populated in data received from gawk */
-	enum AWK_NUMBER_TYPE {
-		AWK_NUMBER_TYPE_DOUBLE,
-		AWK_NUMBER_TYPE_MPFR,
-		AWK_NUMBER_TYPE_MPZ
-	} type;
+	enum AWK_NUMBER_TYPE type;
 	void *ptr;	/* either NULL or mpfr_ptr or mpz_ptr */
 } awk_number_t;
 
@@ -621,6 +623,7 @@ typedef struct gawk_api {
 	 *	}
 	 */
 	awk_bool_t (*api_sym_lookup)(awk_ext_id_t id,
+				const char *name_space,
 				const char *name,
 				awk_valtype_t wanted,
 				awk_value_t *result);
@@ -632,6 +635,7 @@ typedef struct gawk_api {
 	 * Such an attempt returns false.
 	 */
 	awk_bool_t (*api_sym_update)(awk_ext_id_t id,
+				const char *name_space,
 				const char *name,
 				awk_value_t *value);
 
@@ -865,11 +869,17 @@ typedef struct gawk_api {
 #define awk_atexit(funcp, arg0)	(api->api_awk_atexit(ext_id, funcp, arg0))
 
 #define sym_lookup(name, wanted, result) \
-	(api->api_sym_lookup(ext_id, name, wanted, result))
+	sym_lookup_ns("", name, wanted, result)
+#define sym_update(name, value) \
+	sym_update_ns("", name, value)
+
+#define sym_lookup_ns(name_space, name, wanted, result) \
+	(api->api_sym_lookup(ext_id, name_space, name, wanted, result))
+#define sym_update_ns(name_space, name, value) \
+	(api->api_sym_update(ext_id, name_space, name, value))
+
 #define sym_lookup_scalar(scalar_cookie, wanted, result) \
 	(api->api_sym_lookup_scalar(ext_id, scalar_cookie, wanted, result))
-#define sym_update(name, value) \
-	(api->api_sym_update(ext_id, name, value))
 #define sym_update_scalar(scalar_cookie, value) \
 	(api->api_sym_update_scalar)(ext_id, scalar_cookie, value)
 
@@ -924,19 +934,19 @@ typedef struct gawk_api {
 #define emalloc(pointer, type, size, message) \
 	do { \
 		if ((pointer = (type) gawk_malloc(size)) == 0) \
-			fatal(ext_id, "%s: malloc of %d bytes failed\n", message, size); \
+			fatal(ext_id, "%s: malloc of %d bytes failed", message, size); \
 	} while(0)
 
 #define ezalloc(pointer, type, size, message) \
 	do { \
 		if ((pointer = (type) gawk_calloc(1, size)) == 0) \
-			fatal(ext_id, "%s: calloc of %d bytes failed\n", message, size); \
+			fatal(ext_id, "%s: calloc of %d bytes failed", message, size); \
 	} while(0)
 
 #define erealloc(pointer, type, size, message) \
 	do { \
 		if ((pointer = (type) gawk_realloc(pointer, size)) == 0) \
-			fatal(ext_id, "%s: realloc of %d bytes failed\n", message, size); \
+			fatal(ext_id, "%s: realloc of %d bytes failed", message, size); \
 	} while(0)
 
 /* Constructor functions */
@@ -945,7 +955,7 @@ typedef struct gawk_api {
 
 static inline awk_value_t *
 r_make_string_type(const gawk_api_t *api,	/* needed for emalloc */
-		   awk_ext_id_t *ext_id,	/* ditto */
+		   awk_ext_id_t ext_id,		/* ditto */
 		   const char *string,
 		   size_t length,
 		   awk_bool_t duplicate,
@@ -975,7 +985,7 @@ r_make_string_type(const gawk_api_t *api,	/* needed for emalloc */
 
 static inline awk_value_t *
 r_make_string(const gawk_api_t *api,	/* needed for emalloc */
-	      awk_ext_id_t *ext_id,	/* ditto */
+	      awk_ext_id_t ext_id,	/* ditto */
 	      const char *string,
 	      size_t length,
 	      awk_bool_t duplicate,
@@ -1109,7 +1119,7 @@ int dl_load(const gawk_api_t *const api_p, awk_ext_id_t id)  \
 	if (api->major_version != GAWK_API_MAJOR_VERSION \
 	    || api->minor_version < GAWK_API_MINOR_VERSION) { \
 		fprintf(stderr, #extension ": version mismatch with gawk!\n"); \
-		fprintf(stderr, "\tmy version (%d, %d), gawk version (%d, %d)\n", \
+		fprintf(stderr, "\tmy version (API %d.%d), gawk version (API %d.%d)\n", \
 			GAWK_API_MAJOR_VERSION, GAWK_API_MINOR_VERSION, \
 			api->major_version, api->minor_version); \
 		exit(1); \
@@ -1122,7 +1132,7 @@ int dl_load(const gawk_api_t *const api_p, awk_ext_id_t id)  \
 		if (func_table[i].name == NULL) \
 			break; \
 		if (! add_ext_func(name_space, & func_table[i])) { \
-			warning(ext_id, #extension ": could not add %s\n", \
+			warning(ext_id, #extension ": could not add %s", \
 					func_table[i].name); \
 			errors++; \
 		} \
@@ -1130,7 +1140,7 @@ int dl_load(const gawk_api_t *const api_p, awk_ext_id_t id)  \
 \
 	if (init_func != NULL) { \
 		if (! init_func()) { \
-			warning(ext_id, #extension ": initialization function failed\n"); \
+			warning(ext_id, #extension ": initialization function failed"); \
 			errors++; \
 		} \
 	} \
diff --git a/msys2/usr/include/libfdt.h b/msys2/usr/include/libfdt.h
index ac42e0459..a470d1df6 100644
--- a/msys2/usr/include/libfdt.h
+++ b/msys2/usr/include/libfdt.h
@@ -1,5 +1,5 @@
-#ifndef _LIBFDT_H
-#define _LIBFDT_H
+#ifndef LIBFDT_H
+#define LIBFDT_H
 /*
  * libfdt - Flat Device Tree manipulation
  * Copyright (C) 2006 David Gibson, IBM Corporation.
@@ -54,7 +54,7 @@
 #include <libfdt_env.h>
 #include <fdt.h>
 
-#define FDT_FIRST_SUPPORTED_VERSION	0x10
+#define FDT_FIRST_SUPPORTED_VERSION	0x02
 #define FDT_LAST_SUPPORTED_VERSION	0x11
 
 /* Error codes: informative error codes */
@@ -90,8 +90,9 @@
 
 /* Error codes: codes for bad device tree blobs */
 #define FDT_ERR_TRUNCATED	8
-	/* FDT_ERR_TRUNCATED: Structure block of the given device tree
-	 * ends without an FDT_END tag. */
+	/* FDT_ERR_TRUNCATED: FDT or a sub-block is improperly
+	 * terminated (overflows, goes outside allowed bounds, or
+	 * isn't properly terminated).  */
 #define FDT_ERR_BADMAGIC	9
 	/* FDT_ERR_BADMAGIC: Given "device tree" appears not to be a
 	 * device tree at all - it is missing the flattened device
@@ -143,7 +144,9 @@
 /* Low-level functions (you probably don't need these)                */
 /**********************************************************************/
 
+#ifndef SWIG /* This function is not useful in Python */
 const void *fdt_offset_ptr(const void *fdt, int offset, unsigned int checklen);
+#endif
 static inline void *fdt_offset_ptr_w(void *fdt, int offset, int checklen)
 {
 	return (void *)(uintptr_t)fdt_offset_ptr(fdt, offset, checklen);
@@ -151,6 +154,37 @@ static inline void *fdt_offset_ptr_w(void *fdt, int offset, int checklen)
 
 uint32_t fdt_next_tag(const void *fdt, int offset, int *nextoffset);
 
+/*
+ * Alignment helpers:
+ *     These helpers access words from a device tree blob.  They're
+ *     built to work even with unaligned pointers on platforms (ike
+ *     ARM) that don't like unaligned loads and stores
+ */
+
+static inline uint32_t fdt32_ld(const fdt32_t *p)
+{
+	const uint8_t *bp = (const uint8_t *)p;
+
+	return ((uint32_t)bp[0] << 24)
+		| ((uint32_t)bp[1] << 16)
+		| ((uint32_t)bp[2] << 8)
+		| bp[3];
+}
+
+static inline uint64_t fdt64_ld(const fdt64_t *p)
+{
+	const uint8_t *bp = (const uint8_t *)p;
+
+	return ((uint64_t)bp[0] << 56)
+		| ((uint64_t)bp[1] << 48)
+		| ((uint64_t)bp[2] << 40)
+		| ((uint64_t)bp[3] << 32)
+		| ((uint64_t)bp[4] << 24)
+		| ((uint64_t)bp[5] << 16)
+		| ((uint64_t)bp[6] << 8)
+		| bp[7];
+}
+
 /**********************************************************************/
 /* Traversal functions                                                */
 /**********************************************************************/
@@ -193,7 +227,7 @@ int fdt_next_subnode(const void *fdt, int offset);
  *		...
  *	}
  *
- *	if ((node < 0) && (node != -FDT_ERR_NOT_FOUND)) {
+ *	if ((node < 0) && (node != -FDT_ERR_NOTFOUND)) {
  *		Error handling
  *	}
  *
@@ -210,9 +244,8 @@ int fdt_next_subnode(const void *fdt, int offset);
 /**********************************************************************/
 /* General functions                                                  */
 /**********************************************************************/
-
 #define fdt_get_header(fdt, field) \
-	(fdt32_to_cpu(((const struct fdt_header *)(fdt))->field))
+	(fdt32_ld(&((const struct fdt_header *)(fdt))->field))
 #define fdt_magic(fdt)			(fdt_get_header(fdt, magic))
 #define fdt_totalsize(fdt)		(fdt_get_header(fdt, totalsize))
 #define fdt_off_dt_struct(fdt)		(fdt_get_header(fdt, off_dt_struct))
@@ -224,37 +257,50 @@ int fdt_next_subnode(const void *fdt, int offset);
 #define fdt_size_dt_strings(fdt)	(fdt_get_header(fdt, size_dt_strings))
 #define fdt_size_dt_struct(fdt)		(fdt_get_header(fdt, size_dt_struct))
 
-#define __fdt_set_hdr(name) \
+#define fdt_set_hdr_(name) \
 	static inline void fdt_set_##name(void *fdt, uint32_t val) \
 	{ \
 		struct fdt_header *fdth = (struct fdt_header *)fdt; \
 		fdth->name = cpu_to_fdt32(val); \
 	}
-__fdt_set_hdr(magic);
-__fdt_set_hdr(totalsize);
-__fdt_set_hdr(off_dt_struct);
-__fdt_set_hdr(off_dt_strings);
-__fdt_set_hdr(off_mem_rsvmap);
-__fdt_set_hdr(version);
-__fdt_set_hdr(last_comp_version);
-__fdt_set_hdr(boot_cpuid_phys);
-__fdt_set_hdr(size_dt_strings);
-__fdt_set_hdr(size_dt_struct);
-#undef __fdt_set_hdr
+fdt_set_hdr_(magic);
+fdt_set_hdr_(totalsize);
+fdt_set_hdr_(off_dt_struct);
+fdt_set_hdr_(off_dt_strings);
+fdt_set_hdr_(off_mem_rsvmap);
+fdt_set_hdr_(version);
+fdt_set_hdr_(last_comp_version);
+fdt_set_hdr_(boot_cpuid_phys);
+fdt_set_hdr_(size_dt_strings);
+fdt_set_hdr_(size_dt_struct);
+#undef fdt_set_hdr_
 
 /**
- * fdt_check_header - sanity check a device tree or possible device tree
+ * fdt_header_size - return the size of the tree's header
+ * @fdt: pointer to a flattened device tree
+ */
+size_t fdt_header_size_(uint32_t version);
+static inline size_t fdt_header_size(const void *fdt)
+{
+	return fdt_header_size_(fdt_version(fdt));
+}
+
+/**
+ * fdt_check_header - sanity check a device tree header
+
  * @fdt: pointer to data which might be a flattened device tree
  *
  * fdt_check_header() checks that the given buffer contains what
- * appears to be a flattened device tree with sane information in its
- * header.
+ * appears to be a flattened device tree, and that the header contains
+ * valid information (to the extent that can be determined from the
+ * header alone).
  *
  * returns:
  *     0, if the buffer appears to contain a valid device tree
  *     -FDT_ERR_BADMAGIC,
  *     -FDT_ERR_BADVERSION,
- *     -FDT_ERR_BADSTATE, standard meanings, as above
+ *     -FDT_ERR_BADSTATE,
+ *     -FDT_ERR_TRUNCATED, standard meanings, as above
  */
 int fdt_check_header(const void *fdt);
 
@@ -283,6 +329,24 @@ int fdt_move(const void *fdt, void *buf, int bufsize);
 /* Read-only functions                                                */
 /**********************************************************************/
 
+int fdt_check_full(const void *fdt, size_t bufsize);
+
+/**
+ * fdt_get_string - retrieve a string from the strings block of a device tree
+ * @fdt: pointer to the device tree blob
+ * @stroffset: offset of the string within the strings block (native endian)
+ * @lenp: optional pointer to return the string's length
+ *
+ * fdt_get_string() retrieves a pointer to a single string from the
+ * strings block of the device tree blob at fdt, and optionally also
+ * returns the string's length in *lenp.
+ *
+ * returns:
+ *     a pointer to the string, on success
+ *     NULL, if stroffset is out of bounds, or doesn't point to a valid string
+ */
+const char *fdt_get_string(const void *fdt, int stroffset, int *lenp);
+
 /**
  * fdt_string - retrieve a string from the strings block of a device tree
  * @fdt: pointer to the device tree blob
@@ -293,7 +357,7 @@ int fdt_move(const void *fdt, void *buf, int bufsize);
  *
  * returns:
  *     a pointer to the string, on success
- *     NULL, if stroffset is out of bounds
+ *     NULL, if stroffset is out of bounds, or doesn't point to a valid string
  */
 const char *fdt_string(const void *fdt, int stroffset);
 
@@ -354,8 +418,10 @@ int fdt_get_mem_rsv(const void *fdt, int n, uint64_t *address, uint64_t *size);
  * useful for finding subnodes based on a portion of a larger string,
  * such as a full path.
  */
+#ifndef SWIG /* Not available in Python */
 int fdt_subnode_offset_namelen(const void *fdt, int parentoffset,
 			       const char *name, int namelen);
+#endif
 /**
  * fdt_subnode_offset - find a subnode of a given node
  * @fdt: pointer to the device tree blob
@@ -391,7 +457,9 @@ int fdt_subnode_offset(const void *fdt, int parentoffset, const char *name);
  * Identical to fdt_path_offset(), but only consider the first namelen
  * characters of path as the path name.
  */
+#ifndef SWIG /* Not available in Python */
 int fdt_path_offset_namelen(const void *fdt, const char *path, int namelen);
+#endif
 
 /**
  * fdt_path_offset - find a tree node by its full path
@@ -498,7 +566,7 @@ int fdt_next_property_offset(const void *fdt, int offset);
  *		...
  *	}
  *
- *	if ((property < 0) && (property != -FDT_ERR_NOT_FOUND)) {
+ *	if ((property < 0) && (property != -FDT_ERR_NOTFOUND)) {
  *		Error handling
  *	}
  *
@@ -522,6 +590,9 @@ int fdt_next_property_offset(const void *fdt, int offset);
  * offset.  If lenp is non-NULL, the length of the property value is
  * also returned, in the integer pointed to by lenp.
  *
+ * Note that this code only works on device tree versions >= 16. fdt_getprop()
+ * works on all versions.
+ *
  * returns:
  *	pointer to the structure representing the property
  *		if lenp is non-NULL, *lenp contains the length of the property
@@ -550,10 +621,12 @@ const struct fdt_property *fdt_get_property_by_offset(const void *fdt,
  * Identical to fdt_get_property(), but only examine the first namelen
  * characters of name for matching the property name.
  */
+#ifndef SWIG /* Not available in Python */
 const struct fdt_property *fdt_get_property_namelen(const void *fdt,
 						    int nodeoffset,
 						    const char *name,
 						    int namelen, int *lenp);
+#endif
 
 /**
  * fdt_get_property - find a given property in a given node
@@ -596,7 +669,7 @@ static inline struct fdt_property *fdt_get_property_w(void *fdt, int nodeoffset,
 /**
  * fdt_getprop_by_offset - retrieve the value of a property at a given offset
  * @fdt: pointer to the device tree blob
- * @ffset: offset of the property to read
+ * @offset: offset of the property to read
  * @namep: pointer to a string variable (will be overwritten) or NULL
  * @lenp: pointer to an integer variable (will be overwritten) or NULL
  *
@@ -624,8 +697,10 @@ static inline struct fdt_property *fdt_get_property_w(void *fdt, int nodeoffset,
  *		-FDT_ERR_BADSTRUCTURE,
  *		-FDT_ERR_TRUNCATED, standard meanings
  */
+#ifndef SWIG /* This function is not useful in Python */
 const void *fdt_getprop_by_offset(const void *fdt, int offset,
 				  const char **namep, int *lenp);
+#endif
 
 /**
  * fdt_getprop_namelen - get property value based on substring
@@ -638,6 +713,7 @@ const void *fdt_getprop_by_offset(const void *fdt, int offset,
  * Identical to fdt_getprop(), but only examine the first namelen
  * characters of name for matching the property name.
  */
+#ifndef SWIG /* Not available in Python */
 const void *fdt_getprop_namelen(const void *fdt, int nodeoffset,
 				const char *name, int namelen, int *lenp);
 static inline void *fdt_getprop_namelen_w(void *fdt, int nodeoffset,
@@ -647,6 +723,7 @@ static inline void *fdt_getprop_namelen_w(void *fdt, int nodeoffset,
 	return (void *)(uintptr_t)fdt_getprop_namelen(fdt, nodeoffset, name,
 						      namelen, lenp);
 }
+#endif
 
 /**
  * fdt_getprop - retrieve the value of a given property
@@ -707,8 +784,10 @@ uint32_t fdt_get_phandle(const void *fdt, int nodeoffset);
  * Identical to fdt_get_alias(), but only examine the first namelen
  * characters of name for matching the alias name.
  */
+#ifndef SWIG /* Not available in Python */
 const char *fdt_get_alias_namelen(const void *fdt,
 				  const char *name, int namelen);
+#endif
 
 /**
  * fdt_get_alias - retrieve the path referenced by a given alias
@@ -1074,7 +1153,7 @@ int fdt_address_cells(const void *fdt, int nodeoffset);
  *
  * returns:
  *	0 <= n < FDT_MAX_NCELLS, on success
- *      2, if the node has no #address-cells property
+ *      1, if the node has no #size-cells property
  *      -FDT_ERR_BADNCELLS, if the node has a badly formatted or invalid
  *		#size-cells property
  *	-FDT_ERR_BADMAGIC,
@@ -1106,10 +1185,12 @@ int fdt_size_cells(const void *fdt, int nodeoffset);
  * of the name. It is useful when you want to manipulate only one value of
  * an array and you have a string that doesn't end with \0.
  */
+#ifndef SWIG /* Not available in Python */
 int fdt_setprop_inplace_namelen_partial(void *fdt, int nodeoffset,
 					const char *name, int namelen,
 					uint32_t idx, const void *val,
 					int len);
+#endif
 
 /**
  * fdt_setprop_inplace - change a property's value, but not its size
@@ -1139,8 +1220,10 @@ int fdt_setprop_inplace_namelen_partial(void *fdt, int nodeoffset,
  *	-FDT_ERR_BADSTRUCTURE,
  *	-FDT_ERR_TRUNCATED, standard meanings
  */
+#ifndef SWIG /* Not available in Python */
 int fdt_setprop_inplace(void *fdt, int nodeoffset, const char *name,
 			const void *val, int len);
+#endif
 
 /**
  * fdt_setprop_inplace_u32 - change the value of a 32-bit integer property
@@ -1293,10 +1376,29 @@ static inline int fdt_property_u64(void *fdt, const char *name, uint64_t val)
 	fdt64_t tmp = cpu_to_fdt64(val);
 	return fdt_property(fdt, name, &tmp, sizeof(tmp));
 }
+
+#ifndef SWIG /* Not available in Python */
 static inline int fdt_property_cell(void *fdt, const char *name, uint32_t val)
 {
 	return fdt_property_u32(fdt, name, val);
 }
+#endif
+
+/**
+ * fdt_property_placeholder - add a new property and return a ptr to its value
+ *
+ * @fdt: pointer to the device tree blob
+ * @name: name of property to add
+ * @len: length of property value in bytes
+ * @valp: returns a pointer to where where the value should be placed
+ *
+ * returns:
+ *	0, on success
+ *	-FDT_ERR_BADMAGIC,
+ *	-FDT_ERR_NOSPACE, standard meanings
+ */
+int fdt_property_placeholder(void *fdt, const char *name, int len, void **valp);
+
 #define fdt_property_string(fdt, name, str) \
 	fdt_property(fdt, name, str, strlen(str)+1)
 int fdt_end_node(void *fdt);
@@ -1415,6 +1517,37 @@ int fdt_set_name(void *fdt, int nodeoffset, const char *name);
 int fdt_setprop(void *fdt, int nodeoffset, const char *name,
 		const void *val, int len);
 
+/**
+ * fdt_setprop_placeholder - allocate space for a property
+ * @fdt: pointer to the device tree blob
+ * @nodeoffset: offset of the node whose property to change
+ * @name: name of the property to change
+ * @len: length of the property value
+ * @prop_data: return pointer to property data
+ *
+ * fdt_setprop_placeholer() allocates the named property in the given node.
+ * If the property exists it is resized. In either case a pointer to the
+ * property data is returned.
+ *
+ * This function may insert or delete data from the blob, and will
+ * therefore change the offsets of some existing nodes.
+ *
+ * returns:
+ *	0, on success
+ *	-FDT_ERR_NOSPACE, there is insufficient free space in the blob to
+ *		contain the new property value
+ *	-FDT_ERR_BADOFFSET, nodeoffset did not point to FDT_BEGIN_NODE tag
+ *	-FDT_ERR_BADLAYOUT,
+ *	-FDT_ERR_BADMAGIC,
+ *	-FDT_ERR_BADVERSION,
+ *	-FDT_ERR_BADSTATE,
+ *	-FDT_ERR_BADSTRUCTURE,
+ *	-FDT_ERR_BADLAYOUT,
+ *	-FDT_ERR_TRUNCATED, standard meanings
+ */
+int fdt_setprop_placeholder(void *fdt, int nodeoffset, const char *name,
+			    int len, void **prop_data);
+
 /**
  * fdt_setprop_u32 - set a property to a 32-bit integer
  * @fdt: pointer to the device tree blob
@@ -1734,8 +1867,10 @@ int fdt_delprop(void *fdt, int nodeoffset, const char *name);
  * creating subnodes based on a portion of a larger string, such as a
  * full path.
  */
+#ifndef SWIG /* Not available in Python */
 int fdt_add_subnode_namelen(void *fdt, int parentoffset,
 			    const char *name, int namelen);
+#endif
 
 /**
  * fdt_add_subnode - creates a new node
@@ -1830,4 +1965,4 @@ int fdt_overlay_apply(void *fdt, void *fdto);
 
 const char *fdt_strerror(int errval);
 
-#endif /* _LIBFDT_H */
+#endif /* LIBFDT_H */
diff --git a/msys2/usr/include/libfdt_env.h b/msys2/usr/include/libfdt_env.h
index 952056cdd..eb2053845 100644
--- a/msys2/usr/include/libfdt_env.h
+++ b/msys2/usr/include/libfdt_env.h
@@ -1,5 +1,5 @@
-#ifndef _LIBFDT_ENV_H
-#define _LIBFDT_ENV_H
+#ifndef LIBFDT_ENV_H
+#define LIBFDT_ENV_H
 /*
  * libfdt - Flat Device Tree manipulation
  * Copyright (C) 2006 David Gibson, IBM Corporation.
@@ -56,6 +56,7 @@
 #include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 
 #ifdef __CHECKER__
 #define FDT_FORCE __attribute__((force))
@@ -109,4 +110,31 @@ static inline fdt64_t cpu_to_fdt64(uint64_t x)
 #undef CPU_TO_FDT16
 #undef EXTRACT_BYTE
 
-#endif /* _LIBFDT_ENV_H */
+#ifdef __APPLE__
+#include <AvailabilityMacros.h>
+
+/* strnlen() is not available on Mac OS < 10.7 */
+# if !defined(MAC_OS_X_VERSION_10_7) || (MAC_OS_X_VERSION_MAX_ALLOWED < \
+                                         MAC_OS_X_VERSION_10_7)
+
+#define strnlen fdt_strnlen
+
+/*
+ * fdt_strnlen: returns the length of a string or max_count - which ever is
+ * smallest.
+ * Input 1 string: the string whose size is to be determined
+ * Input 2 max_count: the maximum value returned by this function
+ * Output: length of the string or max_count (the smallest of the two)
+ */
+static inline size_t fdt_strnlen(const char *string, size_t max_count)
+{
+    const char *p = memchr(string, 0, max_count);
+    return p ? p - string : max_count;
+}
+
+#endif /* !defined(MAC_OS_X_VERSION_10_7) || (MAC_OS_X_VERSION_MAX_ALLOWED <
+          MAC_OS_X_VERSION_10_7) */
+
+#endif /* __APPLE__ */
+
+#endif /* LIBFDT_ENV_H */
diff --git a/msys2/usr/include/magic.h b/msys2/usr/include/magic.h
index fa607ae64..4590498b4 100644
--- a/msys2/usr/include/magic.h
+++ b/msys2/usr/include/magic.h
@@ -58,6 +58,7 @@
 #define	MAGIC_NO_CHECK_CDF	0x0040000 /* Don't check for cdf files */
 #define	MAGIC_NO_CHECK_TOKENS	0x0100000 /* Don't check tokens */
 #define MAGIC_NO_CHECK_ENCODING 0x0200000 /* Don't check text encodings */
+#define MAGIC_NO_CHECK_JSON	0x0400000 /* Don't check for JSON files */
 
 /* No built-in tests; only consult the magic file */
 #define MAGIC_NO_CHECK_BUILTIN	( \
@@ -70,6 +71,7 @@
 	MAGIC_NO_CHECK_CDF	| \
 	MAGIC_NO_CHECK_TOKENS	| \
 	MAGIC_NO_CHECK_ENCODING	| \
+	MAGIC_NO_CHECK_JSON	| \
 	0			  \
 )
 
@@ -96,7 +98,7 @@ b\22no_check_cdf\0\
 b\23no_check_reserved0\0\
 b\24no_check_tokens\0\
 b\25no_check_encoding\0\
-b\26no_check_reserved1\0\
+b\26no_check_json\0\
 b\27no_check_reserved2\0\
 b\30extension\0\
 b\31transp_compression\0\
@@ -109,7 +111,7 @@ b\31transp_compression\0\
 #define	MAGIC_NO_CHECK_FORTRAN	0x000000 /* Don't check ascii/fortran */
 #define	MAGIC_NO_CHECK_TROFF	0x000000 /* Don't check ascii/troff */
 
-#define MAGIC_VERSION		533	/* This implementation */
+#define MAGIC_VERSION		537	/* This implementation */
 
 
 #ifdef __cplusplus
diff --git a/msys2/usr/lib/awk/grcat.exe b/msys2/usr/lib/awk/grcat.exe
index a6142edda..40f47a4c2 100644
Binary files a/msys2/usr/lib/awk/grcat.exe and b/msys2/usr/lib/awk/grcat.exe differ
diff --git a/msys2/usr/lib/awk/pwcat.exe b/msys2/usr/lib/awk/pwcat.exe
index 544ebe805..831e67046 100644
Binary files a/msys2/usr/lib/awk/pwcat.exe and b/msys2/usr/lib/awk/pwcat.exe differ
diff --git a/msys2/usr/lib/coreutils/libstdbuf.so b/msys2/usr/lib/coreutils/libstdbuf.so
deleted file mode 100644
index b7ce66574..000000000
Binary files a/msys2/usr/lib/coreutils/libstdbuf.so and /dev/null differ
diff --git a/msys2/usr/lib/gawk/filefuncs.dll b/msys2/usr/lib/gawk/filefuncs.dll
new file mode 100644
index 000000000..5afca3830
Binary files /dev/null and b/msys2/usr/lib/gawk/filefuncs.dll differ
diff --git a/msys2/usr/lib/gawk/filefuncs.dll.a b/msys2/usr/lib/gawk/filefuncs.dll.a
new file mode 100644
index 000000000..8ee05e376
Binary files /dev/null and b/msys2/usr/lib/gawk/filefuncs.dll.a differ
diff --git a/msys2/usr/lib/gawk/fnmatch.dll b/msys2/usr/lib/gawk/fnmatch.dll
new file mode 100644
index 000000000..89b8d0604
Binary files /dev/null and b/msys2/usr/lib/gawk/fnmatch.dll differ
diff --git a/msys2/usr/lib/gawk/fnmatch.dll.a b/msys2/usr/lib/gawk/fnmatch.dll.a
new file mode 100644
index 000000000..8bb5179e3
Binary files /dev/null and b/msys2/usr/lib/gawk/fnmatch.dll.a differ
diff --git a/msys2/usr/lib/gawk/fork.dll b/msys2/usr/lib/gawk/fork.dll
new file mode 100644
index 000000000..fb9bef698
Binary files /dev/null and b/msys2/usr/lib/gawk/fork.dll differ
diff --git a/msys2/usr/lib/gawk/fork.dll.a b/msys2/usr/lib/gawk/fork.dll.a
new file mode 100644
index 000000000..4cb7bc144
Binary files /dev/null and b/msys2/usr/lib/gawk/fork.dll.a differ
diff --git a/msys2/usr/lib/gawk/inplace.dll b/msys2/usr/lib/gawk/inplace.dll
new file mode 100644
index 000000000..d75c2b69d
Binary files /dev/null and b/msys2/usr/lib/gawk/inplace.dll differ
diff --git a/msys2/usr/lib/gawk/inplace.dll.a b/msys2/usr/lib/gawk/inplace.dll.a
new file mode 100644
index 000000000..bbc5369f6
Binary files /dev/null and b/msys2/usr/lib/gawk/inplace.dll.a differ
diff --git a/msys2/usr/lib/gawk/intdiv.dll b/msys2/usr/lib/gawk/intdiv.dll
new file mode 100644
index 000000000..2af186bed
Binary files /dev/null and b/msys2/usr/lib/gawk/intdiv.dll differ
diff --git a/msys2/usr/lib/gawk/intdiv.dll.a b/msys2/usr/lib/gawk/intdiv.dll.a
new file mode 100644
index 000000000..ceee5be85
Binary files /dev/null and b/msys2/usr/lib/gawk/intdiv.dll.a differ
diff --git a/msys2/usr/lib/gawk/libfilefuncs.a b/msys2/usr/lib/gawk/libfilefuncs.a
deleted file mode 100644
index 52e9c7ba7..000000000
Binary files a/msys2/usr/lib/gawk/libfilefuncs.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/libfnmatch.a b/msys2/usr/lib/gawk/libfnmatch.a
deleted file mode 100644
index 19bdd8cb8..000000000
Binary files a/msys2/usr/lib/gawk/libfnmatch.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/libfork.a b/msys2/usr/lib/gawk/libfork.a
deleted file mode 100644
index 34cdd8e8e..000000000
Binary files a/msys2/usr/lib/gawk/libfork.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/libinplace.a b/msys2/usr/lib/gawk/libinplace.a
deleted file mode 100644
index e933cc417..000000000
Binary files a/msys2/usr/lib/gawk/libinplace.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/libintdiv.a b/msys2/usr/lib/gawk/libintdiv.a
deleted file mode 100644
index 5271187c2..000000000
Binary files a/msys2/usr/lib/gawk/libintdiv.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/libordchr.a b/msys2/usr/lib/gawk/libordchr.a
deleted file mode 100644
index 5cd6f5218..000000000
Binary files a/msys2/usr/lib/gawk/libordchr.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/libreaddir.a b/msys2/usr/lib/gawk/libreaddir.a
deleted file mode 100644
index 298f83571..000000000
Binary files a/msys2/usr/lib/gawk/libreaddir.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/libreadfile.a b/msys2/usr/lib/gawk/libreadfile.a
deleted file mode 100644
index d14d325ed..000000000
Binary files a/msys2/usr/lib/gawk/libreadfile.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/librevoutput.a b/msys2/usr/lib/gawk/librevoutput.a
deleted file mode 100644
index f05aff80f..000000000
Binary files a/msys2/usr/lib/gawk/librevoutput.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/librevtwoway.a b/msys2/usr/lib/gawk/librevtwoway.a
deleted file mode 100644
index 6896537ec..000000000
Binary files a/msys2/usr/lib/gawk/librevtwoway.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/librwarray.a b/msys2/usr/lib/gawk/librwarray.a
deleted file mode 100644
index 39a8e2f27..000000000
Binary files a/msys2/usr/lib/gawk/librwarray.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/libtime.a b/msys2/usr/lib/gawk/libtime.a
deleted file mode 100644
index 44bb36ad1..000000000
Binary files a/msys2/usr/lib/gawk/libtime.a and /dev/null differ
diff --git a/msys2/usr/lib/gawk/ordchr.dll b/msys2/usr/lib/gawk/ordchr.dll
new file mode 100644
index 000000000..2ac406348
Binary files /dev/null and b/msys2/usr/lib/gawk/ordchr.dll differ
diff --git a/msys2/usr/lib/gawk/ordchr.dll.a b/msys2/usr/lib/gawk/ordchr.dll.a
new file mode 100644
index 000000000..8c08a6fe9
Binary files /dev/null and b/msys2/usr/lib/gawk/ordchr.dll.a differ
diff --git a/msys2/usr/lib/gawk/readdir.dll b/msys2/usr/lib/gawk/readdir.dll
new file mode 100644
index 000000000..9b9c412b2
Binary files /dev/null and b/msys2/usr/lib/gawk/readdir.dll differ
diff --git a/msys2/usr/lib/gawk/readdir.dll.a b/msys2/usr/lib/gawk/readdir.dll.a
new file mode 100644
index 000000000..cd9900b61
Binary files /dev/null and b/msys2/usr/lib/gawk/readdir.dll.a differ
diff --git a/msys2/usr/lib/gawk/readfile.dll b/msys2/usr/lib/gawk/readfile.dll
new file mode 100644
index 000000000..e94a6b67e
Binary files /dev/null and b/msys2/usr/lib/gawk/readfile.dll differ
diff --git a/msys2/usr/lib/gawk/readfile.dll.a b/msys2/usr/lib/gawk/readfile.dll.a
new file mode 100644
index 000000000..67273fc74
Binary files /dev/null and b/msys2/usr/lib/gawk/readfile.dll.a differ
diff --git a/msys2/usr/lib/gawk/revoutput.dll b/msys2/usr/lib/gawk/revoutput.dll
new file mode 100644
index 000000000..d488c10cf
Binary files /dev/null and b/msys2/usr/lib/gawk/revoutput.dll differ
diff --git a/msys2/usr/lib/gawk/revoutput.dll.a b/msys2/usr/lib/gawk/revoutput.dll.a
new file mode 100644
index 000000000..98d36be62
Binary files /dev/null and b/msys2/usr/lib/gawk/revoutput.dll.a differ
diff --git a/msys2/usr/lib/gawk/revtwoway.dll b/msys2/usr/lib/gawk/revtwoway.dll
new file mode 100644
index 000000000..6e81c6a0e
Binary files /dev/null and b/msys2/usr/lib/gawk/revtwoway.dll differ
diff --git a/msys2/usr/lib/gawk/revtwoway.dll.a b/msys2/usr/lib/gawk/revtwoway.dll.a
new file mode 100644
index 000000000..83bf5048e
Binary files /dev/null and b/msys2/usr/lib/gawk/revtwoway.dll.a differ
diff --git a/msys2/usr/lib/gawk/rwarray.dll b/msys2/usr/lib/gawk/rwarray.dll
new file mode 100644
index 000000000..14093f7aa
Binary files /dev/null and b/msys2/usr/lib/gawk/rwarray.dll differ
diff --git a/msys2/usr/lib/gawk/rwarray.dll.a b/msys2/usr/lib/gawk/rwarray.dll.a
new file mode 100644
index 000000000..aad0bf1a8
Binary files /dev/null and b/msys2/usr/lib/gawk/rwarray.dll.a differ
diff --git a/msys2/usr/lib/gawk/time.dll b/msys2/usr/lib/gawk/time.dll
new file mode 100644
index 000000000..ebf237e02
Binary files /dev/null and b/msys2/usr/lib/gawk/time.dll differ
diff --git a/msys2/usr/lib/gawk/time.dll.a b/msys2/usr/lib/gawk/time.dll.a
new file mode 100644
index 000000000..47009f0ae
Binary files /dev/null and b/msys2/usr/lib/gawk/time.dll.a differ
diff --git a/msys2/usr/lib/gio/modules/libgiofam.dll.a b/msys2/usr/lib/gio/modules/libgiofam.dll.a
index 90ea922dc..cb458f574 100644
Binary files a/msys2/usr/lib/gio/modules/libgiofam.dll.a and b/msys2/usr/lib/gio/modules/libgiofam.dll.a differ
diff --git a/msys2/usr/lib/gio/modules/msys-giofam.dll b/msys2/usr/lib/gio/modules/msys-giofam.dll
index 565fa4357..f657e9653 100644
Binary files a/msys2/usr/lib/gio/modules/msys-giofam.dll and b/msys2/usr/lib/gio/modules/msys-giofam.dll differ
diff --git a/msys2/usr/lib/gnupg/gnupg/gpgkeys_curl.exe b/msys2/usr/lib/gnupg/gnupg/gpgkeys_curl.exe
deleted file mode 100644
index 2b4aa7db8..000000000
Binary files a/msys2/usr/lib/gnupg/gnupg/gpgkeys_curl.exe and /dev/null differ
diff --git a/msys2/usr/lib/gnupg/gnupg/gpgkeys_finger.exe b/msys2/usr/lib/gnupg/gnupg/gpgkeys_finger.exe
deleted file mode 100644
index 8a09695c9..000000000
Binary files a/msys2/usr/lib/gnupg/gnupg/gpgkeys_finger.exe and /dev/null differ
diff --git a/msys2/usr/lib/gnupg/gnupg/gpgkeys_hkp.exe b/msys2/usr/lib/gnupg/gnupg/gpgkeys_hkp.exe
deleted file mode 100644
index 6747b19d7..000000000
Binary files a/msys2/usr/lib/gnupg/gnupg/gpgkeys_hkp.exe and /dev/null differ
diff --git a/msys2/usr/lib/gnupg/gpg-check-pattern.exe b/msys2/usr/lib/gnupg/gpg-check-pattern.exe
new file mode 100644
index 000000000..23287a80f
Binary files /dev/null and b/msys2/usr/lib/gnupg/gpg-check-pattern.exe differ
diff --git a/msys2/usr/lib/gnupg/gpg-preset-passphrase.exe b/msys2/usr/lib/gnupg/gpg-preset-passphrase.exe
new file mode 100644
index 000000000..24b24fe54
Binary files /dev/null and b/msys2/usr/lib/gnupg/gpg-preset-passphrase.exe differ
diff --git a/msys2/usr/lib/gnupg/gpg-protect-tool.exe b/msys2/usr/lib/gnupg/gpg-protect-tool.exe
new file mode 100644
index 000000000..c5ee6c6eb
Binary files /dev/null and b/msys2/usr/lib/gnupg/gpg-protect-tool.exe differ
diff --git a/msys2/usr/lib/gnupg/gpg-wks-client.exe b/msys2/usr/lib/gnupg/gpg-wks-client.exe
new file mode 100644
index 000000000..4f3262bea
Binary files /dev/null and b/msys2/usr/lib/gnupg/gpg-wks-client.exe differ
diff --git a/msys2/usr/lib/gnupg/scdaemon.exe b/msys2/usr/lib/gnupg/scdaemon.exe
new file mode 100644
index 000000000..5bd479c2f
Binary files /dev/null and b/msys2/usr/lib/gnupg/scdaemon.exe differ
diff --git a/msys2/usr/lib/libalpm.a b/msys2/usr/lib/libalpm.a
index 02e1fc998..3cf37ed27 100644
Binary files a/msys2/usr/lib/libalpm.a and b/msys2/usr/lib/libalpm.a differ
diff --git a/msys2/usr/lib/libfdt-1.4.4.so b/msys2/usr/lib/libfdt-1.4.4.so
deleted file mode 100644
index 191cbcc42..000000000
Binary files a/msys2/usr/lib/libfdt-1.4.4.so and /dev/null differ
diff --git a/msys2/usr/lib/libfdt.a b/msys2/usr/lib/libfdt.a
index 9d571a4a2..014bccacb 100644
Binary files a/msys2/usr/lib/libfdt.a and b/msys2/usr/lib/libfdt.a differ
diff --git a/msys2/usr/lib/libfdt.so b/msys2/usr/lib/libfdt.so
deleted file mode 100644
index 191cbcc42..000000000
Binary files a/msys2/usr/lib/libfdt.so and /dev/null differ
diff --git a/msys2/usr/lib/libfdt.so.1 b/msys2/usr/lib/libfdt.so.1
deleted file mode 100644
index 191cbcc42..000000000
Binary files a/msys2/usr/lib/libfdt.so.1 and /dev/null differ
diff --git a/msys2/usr/lib/libmagic.dll.a b/msys2/usr/lib/libmagic.dll.a
index 5fa007fdb..bafce6038 100644
Binary files a/msys2/usr/lib/libmagic.dll.a and b/msys2/usr/lib/libmagic.dll.a differ
diff --git a/msys2/usr/lib/libtz.a b/msys2/usr/lib/libtz.a
index 72088593e..2945c096f 100644
Binary files a/msys2/usr/lib/libtz.a and b/msys2/usr/lib/libtz.a differ
diff --git a/msys2/usr/lib/openssl/engines-1.1/capi.dll b/msys2/usr/lib/openssl/engines-1.1/capi.dll
new file mode 100644
index 000000000..357e896f3
Binary files /dev/null and b/msys2/usr/lib/openssl/engines-1.1/capi.dll differ
diff --git a/msys2/usr/lib/openssl/engines-1.1/padlock.dll b/msys2/usr/lib/openssl/engines-1.1/padlock.dll
new file mode 100644
index 000000000..4305d74a6
Binary files /dev/null and b/msys2/usr/lib/openssl/engines-1.1/padlock.dll differ
diff --git a/msys2/usr/lib/openssl/engines/lib4758cca.so b/msys2/usr/lib/openssl/engines/lib4758cca.so
deleted file mode 100644
index 66a925918..000000000
Binary files a/msys2/usr/lib/openssl/engines/lib4758cca.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libaep.so b/msys2/usr/lib/openssl/engines/libaep.so
deleted file mode 100644
index 92265da11..000000000
Binary files a/msys2/usr/lib/openssl/engines/libaep.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libatalla.so b/msys2/usr/lib/openssl/engines/libatalla.so
deleted file mode 100644
index 99f9243f9..000000000
Binary files a/msys2/usr/lib/openssl/engines/libatalla.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libcapi.so b/msys2/usr/lib/openssl/engines/libcapi.so
deleted file mode 100644
index 19f116b0c..000000000
Binary files a/msys2/usr/lib/openssl/engines/libcapi.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libchil.so b/msys2/usr/lib/openssl/engines/libchil.so
deleted file mode 100644
index 162a9117d..000000000
Binary files a/msys2/usr/lib/openssl/engines/libchil.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libcswift.so b/msys2/usr/lib/openssl/engines/libcswift.so
deleted file mode 100644
index ce1a3a9a4..000000000
Binary files a/msys2/usr/lib/openssl/engines/libcswift.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libgmp.so b/msys2/usr/lib/openssl/engines/libgmp.so
deleted file mode 100644
index 6d00c0b20..000000000
Binary files a/msys2/usr/lib/openssl/engines/libgmp.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libgost.so b/msys2/usr/lib/openssl/engines/libgost.so
deleted file mode 100644
index ff83e11ff..000000000
Binary files a/msys2/usr/lib/openssl/engines/libgost.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libnuron.so b/msys2/usr/lib/openssl/engines/libnuron.so
deleted file mode 100644
index 170e979b5..000000000
Binary files a/msys2/usr/lib/openssl/engines/libnuron.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libpadlock.so b/msys2/usr/lib/openssl/engines/libpadlock.so
deleted file mode 100644
index ac66a6e53..000000000
Binary files a/msys2/usr/lib/openssl/engines/libpadlock.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libsureware.so b/msys2/usr/lib/openssl/engines/libsureware.so
deleted file mode 100644
index 42ea53bae..000000000
Binary files a/msys2/usr/lib/openssl/engines/libsureware.so and /dev/null differ
diff --git a/msys2/usr/lib/openssl/engines/libubsec.so b/msys2/usr/lib/openssl/engines/libubsec.so
deleted file mode 100644
index ba5dee9aa..000000000
Binary files a/msys2/usr/lib/openssl/engines/libubsec.so and /dev/null differ
diff --git a/msys2/usr/lib/pkcs11/p11-kit-client.dll b/msys2/usr/lib/pkcs11/p11-kit-client.dll
index c9cfeb2f2..44529d218 100644
Binary files a/msys2/usr/lib/pkcs11/p11-kit-client.dll and b/msys2/usr/lib/pkcs11/p11-kit-client.dll differ
diff --git a/msys2/usr/lib/pkcs11/p11-kit-trust.dll b/msys2/usr/lib/pkcs11/p11-kit-trust.dll
index 64d2cc354..3d7e0d1e4 100644
Binary files a/msys2/usr/lib/pkcs11/p11-kit-trust.dll and b/msys2/usr/lib/pkcs11/p11-kit-trust.dll differ
diff --git a/msys2/usr/lib/pkgconfig/libalpm.pc b/msys2/usr/lib/pkgconfig/libalpm.pc
index e14f8f0b9..c72108cde 100644
--- a/msys2/usr/lib/pkgconfig/libalpm.pc
+++ b/msys2/usr/lib/pkgconfig/libalpm.pc
@@ -6,7 +6,8 @@ includedir=${prefix}/include
 Name: libalpm
 Description: Arch Linux package management library
 URL: http://www.archlinux.org/pacman/
-Version: 10.0.1
+Version: 11.0.3
+Requires.private: libarchive libcrypto libcurl
 Cflags: -I${includedir} 
 Libs: -L${libdir} -lalpm
-Libs.private: -lm  -larchive -lcrypto -lnettle -lacl -lexpat -llzma -lbz2 -lz -lbcrypt -lcrypto -lz -lcurl -lnghttp2 -lidn2 -liconv -lunistring -lssh2 -lssl -lz -lcrypto -lz -lpsl -lidn2 -liconv -lunistring -lssl -lcrypto -lssl -lz -lcrypto -lz -lgdi32 -lgssapi -lheimntlm -lkrb5 -lhx509 -lcom_err -lcrypto -lasn1 -lwind -lheimbase -lroken -lsqlite3 -lcrypt -lz -lgpgme -lassuan -lgpg-error -lintl -liconv
+Libs.private: -lm  -lgpgme -lassuan -lgpg-error -lintl -liconv
diff --git a/msys2/usr/lib/python2.7/site-packages/magic.py b/msys2/usr/lib/python2.7/site-packages/magic.py
index 662569e88..4c1ff7a7d 100644
--- a/msys2/usr/lib/python2.7/site-packages/magic.py
+++ b/msys2/usr/lib/python2.7/site-packages/magic.py
@@ -248,7 +248,10 @@ none_magic.load()
 
 
 def _create_filemagic(mime_detected, type_detected):
-    mime_type, mime_encoding = mime_detected.split('; ')
+    try:
+        mime_type, mime_encoding = mime_detected.split('; ')
+    except ValueError:
+        raise ValueError(mime_detected)
 
     return FileMagic(name=type_detected, mime_type=mime_type,
                      encoding=mime_encoding.replace('charset=', ''))
diff --git a/msys2/usr/lib/python3.6/site-packages/magic.py b/msys2/usr/lib/python3.7/site-packages/magic.py
similarity index 98%
rename from msys2/usr/lib/python3.6/site-packages/magic.py
rename to msys2/usr/lib/python3.7/site-packages/magic.py
index 662569e88..4c1ff7a7d 100644
--- a/msys2/usr/lib/python3.6/site-packages/magic.py
+++ b/msys2/usr/lib/python3.7/site-packages/magic.py
@@ -248,7 +248,10 @@ none_magic.load()
 
 
 def _create_filemagic(mime_detected, type_detected):
-    mime_type, mime_encoding = mime_detected.split('; ')
+    try:
+        mime_type, mime_encoding = mime_detected.split('; ')
+    except ValueError:
+        raise ValueError(mime_detected)
 
     return FileMagic(name=type_detected, mime_type=mime_type,
                      encoding=mime_encoding.replace('charset=', ''))
diff --git a/msys2/usr/lib/systemd/system/paccache.service b/msys2/usr/lib/systemd/system/paccache.service
new file mode 100644
index 000000000..bd86faf28
--- /dev/null
+++ b/msys2/usr/lib/systemd/system/paccache.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Discard unused packages
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/paccache -r
diff --git a/msys2/usr/lib/systemd/system/paccache.timer b/msys2/usr/lib/systemd/system/paccache.timer
new file mode 100644
index 000000000..cd46bcb8c
--- /dev/null
+++ b/msys2/usr/lib/systemd/system/paccache.timer
@@ -0,0 +1,10 @@
+[Unit]
+Description=Discard unused packages weekly
+
+[Timer]
+OnCalendar=weekly
+AccuracySec=1h
+Persistent=true
+
+[Install]
+WantedBy=timers.target
diff --git a/msys2/usr/lib/terminfo/61/alt4 b/msys2/usr/lib/terminfo/61/alt4
index 6ec5bb481..5071cf44b 100644
Binary files a/msys2/usr/lib/terminfo/61/alt4 and b/msys2/usr/lib/terminfo/61/alt4 differ
diff --git a/msys2/usr/lib/terminfo/61/altos-4 b/msys2/usr/lib/terminfo/61/altos-4
index 6ec5bb481..5071cf44b 100644
Binary files a/msys2/usr/lib/terminfo/61/altos-4 and b/msys2/usr/lib/terminfo/61/altos-4 differ
diff --git a/msys2/usr/lib/terminfo/61/altos4 b/msys2/usr/lib/terminfo/61/altos4
index 6ec5bb481..5071cf44b 100644
Binary files a/msys2/usr/lib/terminfo/61/altos4 and b/msys2/usr/lib/terminfo/61/altos4 differ
diff --git a/msys2/usr/lib/terminfo/69/interix b/msys2/usr/lib/terminfo/69/interix
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/lib/terminfo/69/interix and b/msys2/usr/lib/terminfo/69/interix differ
diff --git a/msys2/usr/lib/terminfo/69/interix-nti b/msys2/usr/lib/terminfo/69/interix-nti
index 98afea791..a9c1fbe9c 100644
Binary files a/msys2/usr/lib/terminfo/69/interix-nti and b/msys2/usr/lib/terminfo/69/interix-nti differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole b/msys2/usr/lib/terminfo/6e/ntconsole
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole and b/msys2/usr/lib/terminfo/6e/ntconsole differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-100 b/msys2/usr/lib/terminfo/6e/ntconsole-100
index 4ebcea10b..b2d88c541 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-100 and b/msys2/usr/lib/terminfo/6e/ntconsole-100 differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-100-nti b/msys2/usr/lib/terminfo/6e/ntconsole-100-nti
index 5791cf881..eeb8897f8 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-100-nti and b/msys2/usr/lib/terminfo/6e/ntconsole-100-nti differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-25 b/msys2/usr/lib/terminfo/6e/ntconsole-25
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-25 and b/msys2/usr/lib/terminfo/6e/ntconsole-25 differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-25-nti b/msys2/usr/lib/terminfo/6e/ntconsole-25-nti
index 98afea791..a9c1fbe9c 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-25-nti and b/msys2/usr/lib/terminfo/6e/ntconsole-25-nti differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-25-w b/msys2/usr/lib/terminfo/6e/ntconsole-25-w
index b58d7ea10..740ed010d 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-25-w and b/msys2/usr/lib/terminfo/6e/ntconsole-25-w differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-25-w-vt b/msys2/usr/lib/terminfo/6e/ntconsole-25-w-vt
index 4b694571e..c65a8188e 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-25-w-vt and b/msys2/usr/lib/terminfo/6e/ntconsole-25-w-vt differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-35 b/msys2/usr/lib/terminfo/6e/ntconsole-35
index cdcbfa131..2332b3ab8 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-35 and b/msys2/usr/lib/terminfo/6e/ntconsole-35 differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-35-nti b/msys2/usr/lib/terminfo/6e/ntconsole-35-nti
index dcd4c37b2..1544b68f3 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-35-nti and b/msys2/usr/lib/terminfo/6e/ntconsole-35-nti differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-35-w b/msys2/usr/lib/terminfo/6e/ntconsole-35-w
index 2d34f3a7f..de7086a86 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-35-w and b/msys2/usr/lib/terminfo/6e/ntconsole-35-w differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-50 b/msys2/usr/lib/terminfo/6e/ntconsole-50
index 54e344af8..696833c54 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-50 and b/msys2/usr/lib/terminfo/6e/ntconsole-50 differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-50-nti b/msys2/usr/lib/terminfo/6e/ntconsole-50-nti
index c6388bf3a..b9f8ed758 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-50-nti and b/msys2/usr/lib/terminfo/6e/ntconsole-50-nti differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-50-w b/msys2/usr/lib/terminfo/6e/ntconsole-50-w
index 8d7d8b974..d46c9741d 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-50-w and b/msys2/usr/lib/terminfo/6e/ntconsole-50-w differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-60 b/msys2/usr/lib/terminfo/6e/ntconsole-60
index 758921475..9f6d4f8ee 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-60 and b/msys2/usr/lib/terminfo/6e/ntconsole-60 differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-60-nti b/msys2/usr/lib/terminfo/6e/ntconsole-60-nti
index 801fcc4ae..ea50793cc 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-60-nti and b/msys2/usr/lib/terminfo/6e/ntconsole-60-nti differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-60-w b/msys2/usr/lib/terminfo/6e/ntconsole-60-w
index 08d54c19a..5e1297b04 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-60-w and b/msys2/usr/lib/terminfo/6e/ntconsole-60-w differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-w b/msys2/usr/lib/terminfo/6e/ntconsole-w
index b58d7ea10..740ed010d 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-w and b/msys2/usr/lib/terminfo/6e/ntconsole-w differ
diff --git a/msys2/usr/lib/terminfo/6e/ntconsole-w-vt b/msys2/usr/lib/terminfo/6e/ntconsole-w-vt
index 4b694571e..c65a8188e 100644
Binary files a/msys2/usr/lib/terminfo/6e/ntconsole-w-vt and b/msys2/usr/lib/terminfo/6e/ntconsole-w-vt differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt b/msys2/usr/lib/terminfo/6f/opennt
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt and b/msys2/usr/lib/terminfo/6f/opennt differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-100 b/msys2/usr/lib/terminfo/6f/opennt-100
index 4ebcea10b..b2d88c541 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-100 and b/msys2/usr/lib/terminfo/6f/opennt-100 differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-100-nti b/msys2/usr/lib/terminfo/6f/opennt-100-nti
index 5791cf881..eeb8897f8 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-100-nti and b/msys2/usr/lib/terminfo/6f/opennt-100-nti differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-25 b/msys2/usr/lib/terminfo/6f/opennt-25
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-25 and b/msys2/usr/lib/terminfo/6f/opennt-25 differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-25-nti b/msys2/usr/lib/terminfo/6f/opennt-25-nti
index 98afea791..a9c1fbe9c 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-25-nti and b/msys2/usr/lib/terminfo/6f/opennt-25-nti differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-25-w b/msys2/usr/lib/terminfo/6f/opennt-25-w
index b58d7ea10..740ed010d 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-25-w and b/msys2/usr/lib/terminfo/6f/opennt-25-w differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-25-w-vt b/msys2/usr/lib/terminfo/6f/opennt-25-w-vt
index 4b694571e..c65a8188e 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-25-w-vt and b/msys2/usr/lib/terminfo/6f/opennt-25-w-vt differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-35 b/msys2/usr/lib/terminfo/6f/opennt-35
index cdcbfa131..2332b3ab8 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-35 and b/msys2/usr/lib/terminfo/6f/opennt-35 differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-35-nti b/msys2/usr/lib/terminfo/6f/opennt-35-nti
index dcd4c37b2..1544b68f3 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-35-nti and b/msys2/usr/lib/terminfo/6f/opennt-35-nti differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-35-w b/msys2/usr/lib/terminfo/6f/opennt-35-w
index 2d34f3a7f..de7086a86 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-35-w and b/msys2/usr/lib/terminfo/6f/opennt-35-w differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-50 b/msys2/usr/lib/terminfo/6f/opennt-50
index 54e344af8..696833c54 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-50 and b/msys2/usr/lib/terminfo/6f/opennt-50 differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-50-nti b/msys2/usr/lib/terminfo/6f/opennt-50-nti
index c6388bf3a..b9f8ed758 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-50-nti and b/msys2/usr/lib/terminfo/6f/opennt-50-nti differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-50-w b/msys2/usr/lib/terminfo/6f/opennt-50-w
index 8d7d8b974..d46c9741d 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-50-w and b/msys2/usr/lib/terminfo/6f/opennt-50-w differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-60 b/msys2/usr/lib/terminfo/6f/opennt-60
index 758921475..9f6d4f8ee 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-60 and b/msys2/usr/lib/terminfo/6f/opennt-60 differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-60-nti b/msys2/usr/lib/terminfo/6f/opennt-60-nti
index 801fcc4ae..ea50793cc 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-60-nti and b/msys2/usr/lib/terminfo/6f/opennt-60-nti differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-60-w b/msys2/usr/lib/terminfo/6f/opennt-60-w
index 08d54c19a..5e1297b04 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-60-w and b/msys2/usr/lib/terminfo/6f/opennt-60-w differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-nti b/msys2/usr/lib/terminfo/6f/opennt-nti
index 98afea791..a9c1fbe9c 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-nti and b/msys2/usr/lib/terminfo/6f/opennt-nti differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-w b/msys2/usr/lib/terminfo/6f/opennt-w
index b58d7ea10..740ed010d 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-w and b/msys2/usr/lib/terminfo/6f/opennt-w differ
diff --git a/msys2/usr/lib/terminfo/6f/opennt-w-vt b/msys2/usr/lib/terminfo/6f/opennt-w-vt
index 4b694571e..c65a8188e 100644
Binary files a/msys2/usr/lib/terminfo/6f/opennt-w-vt and b/msys2/usr/lib/terminfo/6f/opennt-w-vt differ
diff --git a/msys2/usr/lib/terminfo/76/vi200 b/msys2/usr/lib/terminfo/76/vi200
index 18952138e..cd853af8a 100644
Binary files a/msys2/usr/lib/terminfo/76/vi200 and b/msys2/usr/lib/terminfo/76/vi200 differ
diff --git a/msys2/usr/lib/terminfo/76/vi200-f b/msys2/usr/lib/terminfo/76/vi200-f
index bda3aa6b4..18de6cf0b 100644
Binary files a/msys2/usr/lib/terminfo/76/vi200-f and b/msys2/usr/lib/terminfo/76/vi200-f differ
diff --git a/msys2/usr/lib/terminfo/76/vi200-rv b/msys2/usr/lib/terminfo/76/vi200-rv
index 95fe92244..b6be96150 100644
Binary files a/msys2/usr/lib/terminfo/76/vi200-rv and b/msys2/usr/lib/terminfo/76/vi200-rv differ
diff --git a/msys2/usr/lib/terminfo/77/wy50 b/msys2/usr/lib/terminfo/77/wy50
index afd1bd784..7c72366d8 100644
Binary files a/msys2/usr/lib/terminfo/77/wy50 and b/msys2/usr/lib/terminfo/77/wy50 differ
diff --git a/msys2/usr/lib/terminfo/77/wy50-mc b/msys2/usr/lib/terminfo/77/wy50-mc
index dbdc54caa..affa0c957 100644
Binary files a/msys2/usr/lib/terminfo/77/wy50-mc and b/msys2/usr/lib/terminfo/77/wy50-mc differ
diff --git a/msys2/usr/lib/terminfo/77/wy50-vb b/msys2/usr/lib/terminfo/77/wy50-vb
index ba38e0b8f..951721ae6 100644
Binary files a/msys2/usr/lib/terminfo/77/wy50-vb and b/msys2/usr/lib/terminfo/77/wy50-vb differ
diff --git a/msys2/usr/lib/terminfo/77/wy50-w b/msys2/usr/lib/terminfo/77/wy50-w
index 4f959119a..9cf4630b6 100644
Binary files a/msys2/usr/lib/terminfo/77/wy50-w and b/msys2/usr/lib/terminfo/77/wy50-w differ
diff --git a/msys2/usr/lib/terminfo/77/wy50-wvb b/msys2/usr/lib/terminfo/77/wy50-wvb
index ebcdc9bf4..37113c340 100644
Binary files a/msys2/usr/lib/terminfo/77/wy50-wvb and b/msys2/usr/lib/terminfo/77/wy50-wvb differ
diff --git a/msys2/usr/lib/terminfo/77/wy60 b/msys2/usr/lib/terminfo/77/wy60
index ea2501c27..7f0b76100 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60 and b/msys2/usr/lib/terminfo/77/wy60 differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-25 b/msys2/usr/lib/terminfo/77/wy60-25
index d5578c45d..76922e1ae 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-25 and b/msys2/usr/lib/terminfo/77/wy60-25 differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-25-w b/msys2/usr/lib/terminfo/77/wy60-25-w
index de4a38278..d15a5622e 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-25-w and b/msys2/usr/lib/terminfo/77/wy60-25-w differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-42 b/msys2/usr/lib/terminfo/77/wy60-42
index 69f5679e1..71e30f87f 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-42 and b/msys2/usr/lib/terminfo/77/wy60-42 differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-42-w b/msys2/usr/lib/terminfo/77/wy60-42-w
index a63a00516..fc8da2389 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-42-w and b/msys2/usr/lib/terminfo/77/wy60-42-w differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-43 b/msys2/usr/lib/terminfo/77/wy60-43
index 149a5fb29..219047cb7 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-43 and b/msys2/usr/lib/terminfo/77/wy60-43 differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-43-w b/msys2/usr/lib/terminfo/77/wy60-43-w
index c2bd2b871..c1cfac7eb 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-43-w and b/msys2/usr/lib/terminfo/77/wy60-43-w differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-vb b/msys2/usr/lib/terminfo/77/wy60-vb
index 3d221968b..cb70b612b 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-vb and b/msys2/usr/lib/terminfo/77/wy60-vb differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-w b/msys2/usr/lib/terminfo/77/wy60-w
index 06b86ba63..82c951b3e 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-w and b/msys2/usr/lib/terminfo/77/wy60-w differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-w-vb b/msys2/usr/lib/terminfo/77/wy60-w-vb
index 92450a2d4..b8632fddb 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-w-vb and b/msys2/usr/lib/terminfo/77/wy60-w-vb differ
diff --git a/msys2/usr/lib/terminfo/77/wy60-wvb b/msys2/usr/lib/terminfo/77/wy60-wvb
index 92450a2d4..b8632fddb 100644
Binary files a/msys2/usr/lib/terminfo/77/wy60-wvb and b/msys2/usr/lib/terminfo/77/wy60-wvb differ
diff --git a/msys2/usr/lib/terminfo/77/wy99gt b/msys2/usr/lib/terminfo/77/wy99gt
index 50f485531..5bcb66079 100644
Binary files a/msys2/usr/lib/terminfo/77/wy99gt and b/msys2/usr/lib/terminfo/77/wy99gt differ
diff --git a/msys2/usr/lib/terminfo/77/wy99gt-25 b/msys2/usr/lib/terminfo/77/wy99gt-25
index 514632fd5..e9c98d4e3 100644
Binary files a/msys2/usr/lib/terminfo/77/wy99gt-25 and b/msys2/usr/lib/terminfo/77/wy99gt-25 differ
diff --git a/msys2/usr/lib/terminfo/77/wy99gt-25-w b/msys2/usr/lib/terminfo/77/wy99gt-25-w
index 60b133bbd..7d5e4f6f8 100644
Binary files a/msys2/usr/lib/terminfo/77/wy99gt-25-w and b/msys2/usr/lib/terminfo/77/wy99gt-25-w differ
diff --git a/msys2/usr/lib/terminfo/77/wy99gt-vb b/msys2/usr/lib/terminfo/77/wy99gt-vb
index 824372f9b..8ce9af008 100644
Binary files a/msys2/usr/lib/terminfo/77/wy99gt-vb and b/msys2/usr/lib/terminfo/77/wy99gt-vb differ
diff --git a/msys2/usr/lib/terminfo/77/wy99gt-w b/msys2/usr/lib/terminfo/77/wy99gt-w
index e4d889849..b173bd0c6 100644
Binary files a/msys2/usr/lib/terminfo/77/wy99gt-w and b/msys2/usr/lib/terminfo/77/wy99gt-w differ
diff --git a/msys2/usr/lib/terminfo/77/wy99gt-w-vb b/msys2/usr/lib/terminfo/77/wy99gt-w-vb
index 77733a7e1..17c79a35c 100644
Binary files a/msys2/usr/lib/terminfo/77/wy99gt-w-vb and b/msys2/usr/lib/terminfo/77/wy99gt-w-vb differ
diff --git a/msys2/usr/lib/terminfo/77/wy99gt-wvb b/msys2/usr/lib/terminfo/77/wy99gt-wvb
index 77733a7e1..17c79a35c 100644
Binary files a/msys2/usr/lib/terminfo/77/wy99gt-wvb and b/msys2/usr/lib/terminfo/77/wy99gt-wvb differ
diff --git a/msys2/usr/lib/terminfo/77/wyse50 b/msys2/usr/lib/terminfo/77/wyse50
index afd1bd784..7c72366d8 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse50 and b/msys2/usr/lib/terminfo/77/wyse50 differ
diff --git a/msys2/usr/lib/terminfo/77/wyse50-mc b/msys2/usr/lib/terminfo/77/wyse50-mc
index dbdc54caa..affa0c957 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse50-mc and b/msys2/usr/lib/terminfo/77/wyse50-mc differ
diff --git a/msys2/usr/lib/terminfo/77/wyse50-vb b/msys2/usr/lib/terminfo/77/wyse50-vb
index ba38e0b8f..951721ae6 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse50-vb and b/msys2/usr/lib/terminfo/77/wyse50-vb differ
diff --git a/msys2/usr/lib/terminfo/77/wyse50-w b/msys2/usr/lib/terminfo/77/wyse50-w
index 4f959119a..9cf4630b6 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse50-w and b/msys2/usr/lib/terminfo/77/wyse50-w differ
diff --git a/msys2/usr/lib/terminfo/77/wyse50-wvb b/msys2/usr/lib/terminfo/77/wyse50-wvb
index ebcdc9bf4..37113c340 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse50-wvb and b/msys2/usr/lib/terminfo/77/wyse50-wvb differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60 b/msys2/usr/lib/terminfo/77/wyse60
index ea2501c27..7f0b76100 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60 and b/msys2/usr/lib/terminfo/77/wyse60 differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-25 b/msys2/usr/lib/terminfo/77/wyse60-25
index d5578c45d..76922e1ae 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-25 and b/msys2/usr/lib/terminfo/77/wyse60-25 differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-25-w b/msys2/usr/lib/terminfo/77/wyse60-25-w
index de4a38278..d15a5622e 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-25-w and b/msys2/usr/lib/terminfo/77/wyse60-25-w differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-42 b/msys2/usr/lib/terminfo/77/wyse60-42
index 69f5679e1..71e30f87f 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-42 and b/msys2/usr/lib/terminfo/77/wyse60-42 differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-42-w b/msys2/usr/lib/terminfo/77/wyse60-42-w
index a63a00516..fc8da2389 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-42-w and b/msys2/usr/lib/terminfo/77/wyse60-42-w differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-43 b/msys2/usr/lib/terminfo/77/wyse60-43
index 149a5fb29..219047cb7 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-43 and b/msys2/usr/lib/terminfo/77/wyse60-43 differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-43-w b/msys2/usr/lib/terminfo/77/wyse60-43-w
index c2bd2b871..c1cfac7eb 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-43-w and b/msys2/usr/lib/terminfo/77/wyse60-43-w differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-vb b/msys2/usr/lib/terminfo/77/wyse60-vb
index 3d221968b..cb70b612b 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-vb and b/msys2/usr/lib/terminfo/77/wyse60-vb differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-w b/msys2/usr/lib/terminfo/77/wyse60-w
index 06b86ba63..82c951b3e 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-w and b/msys2/usr/lib/terminfo/77/wyse60-w differ
diff --git a/msys2/usr/lib/terminfo/77/wyse60-wvb b/msys2/usr/lib/terminfo/77/wyse60-wvb
index 92450a2d4..b8632fddb 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse60-wvb and b/msys2/usr/lib/terminfo/77/wyse60-wvb differ
diff --git a/msys2/usr/lib/terminfo/77/wyse99gt b/msys2/usr/lib/terminfo/77/wyse99gt
index 50f485531..5bcb66079 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse99gt and b/msys2/usr/lib/terminfo/77/wyse99gt differ
diff --git a/msys2/usr/lib/terminfo/77/wyse99gt-25 b/msys2/usr/lib/terminfo/77/wyse99gt-25
index 514632fd5..e9c98d4e3 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse99gt-25 and b/msys2/usr/lib/terminfo/77/wyse99gt-25 differ
diff --git a/msys2/usr/lib/terminfo/77/wyse99gt-25-w b/msys2/usr/lib/terminfo/77/wyse99gt-25-w
index 60b133bbd..7d5e4f6f8 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse99gt-25-w and b/msys2/usr/lib/terminfo/77/wyse99gt-25-w differ
diff --git a/msys2/usr/lib/terminfo/77/wyse99gt-vb b/msys2/usr/lib/terminfo/77/wyse99gt-vb
index 824372f9b..8ce9af008 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse99gt-vb and b/msys2/usr/lib/terminfo/77/wyse99gt-vb differ
diff --git a/msys2/usr/lib/terminfo/77/wyse99gt-w b/msys2/usr/lib/terminfo/77/wyse99gt-w
index e4d889849..b173bd0c6 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse99gt-w and b/msys2/usr/lib/terminfo/77/wyse99gt-w differ
diff --git a/msys2/usr/lib/terminfo/77/wyse99gt-wvb b/msys2/usr/lib/terminfo/77/wyse99gt-wvb
index 77733a7e1..17c79a35c 100644
Binary files a/msys2/usr/lib/terminfo/77/wyse99gt-wvb and b/msys2/usr/lib/terminfo/77/wyse99gt-wvb differ
diff --git a/msys2/usr/libexec/p11-kit/p11-kit-remote.exe b/msys2/usr/libexec/p11-kit/p11-kit-remote.exe
index 92e5f9ba4..b05095d5c 100644
Binary files a/msys2/usr/libexec/p11-kit/p11-kit-remote.exe and b/msys2/usr/libexec/p11-kit/p11-kit-remote.exe differ
diff --git a/msys2/usr/libexec/p11-kit/p11-kit-server.exe b/msys2/usr/libexec/p11-kit/p11-kit-server.exe
index d49e59cc0..a6a1b6934 100644
Binary files a/msys2/usr/libexec/p11-kit/p11-kit-server.exe and b/msys2/usr/libexec/p11-kit/p11-kit-server.exe differ
diff --git a/msys2/usr/libexec/p11-kit/trust-extract-compat b/msys2/usr/libexec/p11-kit/trust-extract-compat
index 9b4605524..b1b7a08c3 100644
--- a/msys2/usr/libexec/p11-kit/trust-extract-compat
+++ b/msys2/usr/libexec/p11-kit/trust-extract-compat
@@ -4,7 +4,7 @@
 # has been customized for distribution. It should be symlinked linked to the
 # distribution's update-ca-certificates or update-ca-trust command as
 # appropriate. In the future this script will be called when the PKCS#11
-# trust module is used to modifiy trust anchors and related data.
+# trust module is used to modify trust anchors and related data.
 
 if [ $# -ne 0 ]; then
 	echo "usage: trust extract-compat" >&2
diff --git a/msys2/usr/share/aclocal/ksba.m4 b/msys2/usr/share/aclocal/ksba.m4
new file mode 100644
index 000000000..73b2e26d1
--- /dev/null
+++ b/msys2/usr/share/aclocal/ksba.m4
@@ -0,0 +1,123 @@
+# ksba.m4 - autoconf macro to detect ksba
+#       Copyright (C) 2002 g10 Code GmbH
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
+dnl AM_PATH_KSBA([MINIMUM-VERSION,
+dnl              [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libksba and define KSBA_CFLAGS and KSBA_LIBS
+dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed
+dnl with the API version to also check the API compatibility. Example:
+dnl a MINIMUN-VERSION of 1:1.0.7 won't pass the test unless the installed
+dnl version of libksba is at least 1.0.7 *and* the API number is 1.  Using
+dnl this features allows to prevent build against newer versions of libksba
+dnl with a changed API.
+dnl
+AC_DEFUN([AM_PATH_KSBA],
+[AC_REQUIRE([AC_CANONICAL_HOST])
+ AC_ARG_WITH(ksba-prefix,
+            AC_HELP_STRING([--with-ksba-prefix=PFX],
+                           [prefix where KSBA is installed (optional)]),
+     ksba_config_prefix="$withval", ksba_config_prefix="")
+  if test x$ksba_config_prefix != x ; then
+     ksba_config_args="$ksba_config_args --prefix=$ksba_config_prefix"
+     if test x${KSBA_CONFIG+set} != xset ; then
+        KSBA_CONFIG=$ksba_config_prefix/bin/ksba-config
+     fi
+  fi
+
+  AC_PATH_PROG(KSBA_CONFIG, ksba-config, no)
+  tmp=ifelse([$1], ,1:1.0.0,$1)
+  if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
+     req_ksba_api=`echo "$tmp"     | sed 's/\(.*\):\(.*\)/\1/'`
+     min_ksba_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
+  else
+     req_ksba_api=0
+     min_ksba_version="$tmp"
+  fi
+
+  AC_MSG_CHECKING(for KSBA - version >= $min_ksba_version)
+  ok=no
+  if test "$KSBA_CONFIG" != "no" ; then
+    req_major=`echo $min_ksba_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'`
+    req_minor=`echo $min_ksba_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'`
+    req_micro=`echo $min_ksba_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'`
+    ksba_config_version=`$KSBA_CONFIG $ksba_config_args --version`
+    major=`echo $ksba_config_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
+    minor=`echo $ksba_config_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
+    micro=`echo $ksba_config_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'`
+    if test "$major" -gt "$req_major"; then
+        ok=yes
+    else
+        if test "$major" -eq "$req_major"; then
+            if test "$minor" -gt "$req_minor"; then
+               ok=yes
+            else
+               if test "$minor" -eq "$req_minor"; then
+                   if test "$micro" -ge "$req_micro"; then
+                     ok=yes
+                   fi
+               fi
+            fi
+        fi
+    fi
+  fi
+  if test $ok = yes; then
+    AC_MSG_RESULT([yes ($ksba_config_version)])
+  else
+    AC_MSG_RESULT(no)
+  fi
+  if test $ok = yes; then
+     # Even if we have a recent libksba, we should check that the
+     # API is compatible.
+     if test "$req_ksba_api" -gt 0 ; then
+        tmp=`$KSBA_CONFIG --api-version 2>/dev/null || echo 0`
+        if test "$tmp" -gt 0 ; then
+           AC_MSG_CHECKING([KSBA API version])
+           if test "$req_ksba_api" -eq "$tmp" ; then
+             AC_MSG_RESULT(okay)
+           else
+             ok=no
+             AC_MSG_RESULT([does not match.  want=$req_ksba_api got=$tmp.])
+           fi
+        fi
+     fi
+  fi
+  if test $ok = yes; then
+    KSBA_CFLAGS=`$KSBA_CONFIG $ksba_config_args --cflags`
+    KSBA_LIBS=`$KSBA_CONFIG $ksba_config_args --libs`
+    ifelse([$2], , :, [$2])
+    libksba_config_host=`$LIBKSBA_CONFIG $ksba_config_args --host 2>/dev/null || echo none`
+    if test x"$libksba_config_host" != xnone ; then
+      if test x"$libksba_config_host" != x"$host" ; then
+  AC_MSG_WARN([[
+***
+*** The config script $LIBKSBA_CONFIG was
+*** built for $libksba_config_host and thus may not match the
+*** used host $host.
+*** You may want to use the configure option --with-libksba-prefix
+*** to specify a matching config script.
+***]])
+      fi
+    fi
+  else
+    KSBA_CFLAGS=""
+    KSBA_LIBS=""
+    ifelse([$3], , :, [$3])
+  fi
+  AC_SUBST(KSBA_CFLAGS)
+  AC_SUBST(KSBA_LIBS)
+])
diff --git a/msys2/usr/share/awk/bits2str.awk b/msys2/usr/share/awk/bits2str.awk
index a10ffad18..5dddc1ced 100644
--- a/msys2/usr/share/awk/bits2str.awk
+++ b/msys2/usr/share/awk/bits2str.awk
@@ -1,4 +1,4 @@
-# bits2str --- turn a byte into readable ones and zeros
+# bits2str --- turn an integer into readable ones and zeros
 
 function bits2str(bits,        data, mask)
 {
diff --git a/msys2/usr/share/awk/inplace.awk b/msys2/usr/share/awk/inplace.awk
index 6771bc459..68dad92ef 100644
--- a/msys2/usr/share/awk/inplace.awk
+++ b/msys2/usr/share/awk/inplace.awk
@@ -21,11 +21,15 @@
 #
 # Andrew J. Schorr, aschorr@telemetry-investments.com
 # January 2013
+#
+# Revised for namespaces
+# Arnold Robbins, arnold@skeeve.com
+# July 2017
 
 @load "inplace"
 
-# Please set INPLACE_SUFFIX to make a backup copy.  For example, you may
-# want to set INPLACE_SUFFIX to .bak on the command line or in a BEGIN rule.
+# Please set inplace::suffix to make a backup copy.  For example, you may
+# want to set inplace::suffix to .bak on the command line or in a BEGIN rule.
 
 # By default, each filename on the command line will be edited inplace.
 # But you can selectively disable this by adding an inplace=0 argument
@@ -33,23 +37,25 @@
 # reenable it later on the commandline by putting inplace=1 before files
 # that you wish to be subject to inplace editing.
 
-# N.B. We call inplace_end() in the BEGINFILE and END rules so that any
+# N.B. We call inplace::end() in the BEGINFILE and END rules so that any
 # actions in an ENDFILE rule will be redirected as expected.
 
+@namespace "inplace"
+
 BEGIN {
-    inplace = 1         # enabled by default
+    enable = 1         # enabled by default
 }
 
 BEGINFILE {
-    if (_inplace_filename != "")
-        inplace_end(_inplace_filename, INPLACE_SUFFIX)
-    if (inplace)
-        inplace_begin(_inplace_filename = FILENAME, INPLACE_SUFFIX)
+    if (filename != "")
+        end(filename, suffix)
+    if (enable)
+        begin(filename = FILENAME, suffix)
     else
-        _inplace_filename = ""
+        filename = ""
 }
 
 END {
-    if (_inplace_filename != "")
-        inplace_end(_inplace_filename, INPLACE_SUFFIX)
+    if (filename != "")
+        end(filename, suffix)
 }
diff --git a/msys2/usr/share/awk/ns_passwd.awk b/msys2/usr/share/awk/ns_passwd.awk
new file mode 100644
index 000000000..b9b6bce57
--- /dev/null
+++ b/msys2/usr/share/awk/ns_passwd.awk
@@ -0,0 +1,72 @@
+# ns_passwd.awk --- access password file information
+#
+# Arnold Robbins, arnold@skeeve.com, Public Domain
+# May 1993
+# Revised October 2000
+# Revised December 2010
+#
+# Reworked for namespaces June 2017, with help from
+# Andrew J.: Schorr, aschorr@telemetry-investments.com
+
+@namespace "passwd"
+
+BEGIN {
+    # tailor this to suit your system
+    Awklib = "/usr/local/libexec/awk/"
+}
+
+function Init(    oldfs, oldrs, olddol0, pwcat, using_fw, using_fpat)
+{
+    if (Inited)
+        return
+
+    oldfs = FS
+    oldrs = RS
+    olddol0 = $0
+    using_fw = (PROCINFO["FS"] == "FIELDWIDTHS")
+    using_fpat = (PROCINFO["FS"] == "FPAT")
+    FS = ":"
+    RS = "\n"
+
+    pwcat = Awklib "pwcat"
+    while ((pwcat | getline) > 0) {
+        Byname[$1] = $0
+        Byuid[$3] = $0
+        Bycount[++Total] = $0
+    }
+    close(pwcat)
+    Count = 0
+    Inited = 1
+    FS = oldfs
+    if (using_fw)
+        FIELDWIDTHS = FIELDWIDTHS
+    else if (using_fpat)
+        FPAT = FPAT
+    RS = oldrs
+    $0 = olddol0
+}
+
+function awk::getpwnam(name)
+{
+    Init()
+    return Byname[name]
+}
+
+function awk::getpwuid(uid)
+{
+    Init()
+    return Byuid[uid]
+}
+
+function awk::getpwent()
+{
+    Init()
+    if (Count < Total)
+        return Bycount[++Count]
+    return ""
+}
+
+function awk::endpwent()
+{
+    Count = 0
+}
diff --git a/msys2/usr/share/bash-completion/bash_completion b/msys2/usr/share/bash-completion/bash_completion
index 90508e39a..68648cb7d 100644
--- a/msys2/usr/share/bash-completion/bash_completion
+++ b/msys2/usr/share/bash-completion/bash_completion
@@ -1358,14 +1358,17 @@ _get_first_arg()
 # This function counts the number of args, excluding options
 # @param $1 chars  Characters out of $COMP_WORDBREAKS which should
 #     NOT be considered word breaks. See __reassemble_comp_words_by_ref.
+# @param $2 glob   Options whose following argument should not be counted
 _count_args()
 {
     local i cword words
     __reassemble_comp_words_by_ref "$1" words cword
 
     args=1
-    for i in "${words[@]:1:cword-1}"; do
-        [[ "$i" != -* ]] && args=$(($args+1))
+    for (( i=1; i < cword; i++ )); do
+        if [[ ${words[i]} != -* && ${words[i-1]} != $2 ]]; then
+           args=$(($args+1))
+        fi
     done
 }
 
@@ -1900,7 +1903,13 @@ complete -F _longopt a2ps awk base64 bash bc bison cat chroot colordiff cp \
     sed seq sha{,1,224,256,384,512}sum shar sort split strip sum tac tail tee \
     texindex touch tr uname unexpand uniq units vdir wc who
 
-declare -A _xspecs
+# declare only knows -g in bash >= 4.2.
+if [[ ${BASH_VERSINFO[0]} -gt 4 ||
+      ${BASH_VERSINFO[0]} -eq 4 && ${BASH_VERSINFO[1]} -ge 2 ]]; then
+    declare -Ag _xspecs
+else
+    declare -A _xspecs
+fi
 _filedir_xspec()
 {
     local cur prev words cword
@@ -2028,6 +2037,7 @@ __load_completion()
 {
     local -a dirs=( ${BASH_COMPLETION_USER_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/bash-completion}/completions )
     local OIFS=$IFS IFS=: dir cmd="${1##*/}" compfile
+    [[ -n $cmd ]] || return 1
     for dir in ${XDG_DATA_DIRS:-/usr/local/share:/usr/share}; do
         dirs+=( $dir/bash-completion/completions )
     done
diff --git a/msys2/usr/share/bash-completion/completions/blkid b/msys2/usr/share/bash-completion/completions/blkid
index 26e414a5e..57b34c3f4 100644
--- a/msys2/usr/share/bash-completion/completions/blkid
+++ b/msys2/usr/share/bash-completion/completions/blkid
@@ -1,59 +1,93 @@
 _blkid_module()
 {
-	local cur prev OPTS
+	local cur prev OPTS OUTPUT_ALL
+	OUTPUT_ALL=''
 	COMPREPLY=()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
-		'-c')
+		'-c'|'--cache-file')
 			local IFS=$'\n'
 			compopt -o filenames
 			COMPREPLY=( $(compgen -f -- $cur) )
 			return 0
 			;;
-		'-o')
+		'-o'|'--output')
 			COMPREPLY=( $(compgen -W "value device export full" -- $cur) )
 			return 0
 			;;
-		'-s')
+		'-s'|'--match-tag')
 			COMPREPLY=( $(compgen -W "tag" -- $cur) )
 			return 0
 			;;
-		'-t')
-			COMPREPLY=( $(compgen -W "token" -- $cur) )
+		'-t'|'--match-token')
+			COMPREPLY=( $(compgen -W "TYPE= LABEL= UUID=" -- $cur) )
 			return 0
 			;;
-		'-L')
+		'-L'|'--label')
 			COMPREPLY=( $(compgen -W "$(cd /dev/disk/by-label/ 2>/dev/null && echo *)" -- $cur) )
 			return 0
 			;;
-		'-U')
+		'-U'|'--uuid')
 			COMPREPLY=( $(compgen -W "$(cd /dev/disk/by-uuid/ 2>/dev/null && echo *)" -- $cur) )
 			return 0
 			;;
-		'-s')
+		'-S'|'--size')
 			COMPREPLY=( $(compgen -W "size" -- $cur) )
 			return 0
 			;;
-		'-O')
+		'-O'|'--offset')
 			COMPREPLY=( $(compgen -W "offset" -- $cur) )
 			return 0
 			;;
-		'-u')
-			COMPREPLY=( $(compgen -W "filesystem raid crypto other nofilesystem noraid nocrypto noother" -- $cur) )
-			return 0
+		'-u'|'--usages')
+			OUTPUT_ALL={,no}{filesystem,raid,crypto,other}
 			;;
-		'-n')
-			COMPREPLY=( $(compgen -W "$(awk '{print $NF}' /proc/filesystems)" -- $cur) )
-			return 0
+		'-n'|'--match-types')
+			OUTPUT_ALL="
+				$(awk '{print $NF}' /proc/filesystems)
+				$(\ls /lib/modules/$(uname -r)/kernel/fs)
+			"
 			;;
-		'-h'|'-V')
+		'-h'|'--help'|'-V'|'--version')
 			return 0
 			;;
 	esac
+	if [ -n "$OUTPUT_ALL" ]; then
+		local prefix realcur OUTPUT_ALL OUTPUT
+		realcur="${cur##*,}"
+		prefix="${cur%$realcur}"
+		for WORD in $OUTPUT_ALL; do
+			if ! [[ $prefix == *"$WORD"* ]]; then
+				OUTPUT="$WORD ${OUTPUT:-""}"
+			fi
+		done
+		compopt -o nospace
+		COMPREPLY=( $(compgen -P "$prefix" -W "$OUTPUT" -S ',' -- "$realcur") )
+		return 0
+	fi
 	case $cur in
 		-*)
-			OPTS="-c -d -h -g -o -k -s -t -l -L -U -V -p -i -S -O -u -n"
+			OPTS="
+				--cache-file
+				--no-encoding
+				--garbage-collect
+				--output
+				--list-filesystems
+				--match-tag
+				--match-token
+				--list-one
+				--label
+				--uuid
+				--probe
+				--info
+				--size
+				--offset
+				--usages
+				--match-types
+				--help
+				--version
+			"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/cal b/msys2/usr/share/bash-completion/completions/cal
index 1510eb1fa..e627bdb90 100644
--- a/msys2/usr/share/bash-completion/completions/cal
+++ b/msys2/usr/share/bash-completion/completions/cal
@@ -3,15 +3,23 @@ _cal_module()
 	local cur prev OPTS
 	COMPREPLY=()
 	cur="${COMP_WORDS[COMP_CWORD]}"
-	prev="${COMP_WORDS[COMP_CWORD-1]}"
-	case $prev in
-		'-h'|'--help'|'-V'|'--version')
-			return 0
-			;;
-	esac
 	case $cur in
 		-*)
-			OPTS="--one --three --sunday --monday --julian --year --week --version --help"
+			OPTS="	--one
+				--three
+				--months
+				--sunday
+				--span
+				--monday
+				--julian
+				--year
+				--twelve
+				--week
+				--color=auto
+				--color=always
+				--color=never
+				--version
+				--help"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/column b/msys2/usr/share/bash-completion/completions/column
index 3af8e736a..c5a998b6e 100644
--- a/msys2/usr/share/bash-completion/completions/column
+++ b/msys2/usr/share/bash-completion/completions/column
@@ -5,11 +5,19 @@ _column_module()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
-		'-c'|'--columns')
+		'-c'|'--output-width')
 			COMPREPLY=( $(compgen -W "number" -- $cur) )
 			return 0
 			;;
-		'-s'|'--separator'|'-o'|'--output-separator')
+		'-s'|'--separator'|'-o'|'--output-separator'|'-n'|'--table-name'|'-O')
+			COMPREPLY=( $(compgen -W "string" -- $cur) )
+			return 0
+			;;
+		'-O'|'--table-order'|'-N'|'--table-columns'|'-E'|'--table-noextreme'|'-H'|'--table-hide'|'-R'|'--table-right'|'-T'|'--table-truncate'|'-W'|'--table-wrap')
+			COMPREPLY=( $(compgen -W "string" -- $cur) )
+			return 0
+			;;
+		'-r'|'--tree'|'-i'|'--tree-id'|'-p'|'--tree-parent')
 			COMPREPLY=( $(compgen -W "string" -- $cur) )
 			return 0
 			;;
@@ -21,6 +29,22 @@ _column_module()
 		-*)
 			OPTS="--columns
 				--table
+				--table-name
+				--table-order
+				--table-columns
+				--table-noextreme
+				--table-noheadings
+				--table-header-repeat
+				--table-hide
+				--table-right
+				--table-truncate
+				--table-wrap
+				--table-empty-lines
+				--json
+				--tree
+				--tree-id
+				--tree-parent
+				--output-width
 				--separator
 				--output-separator
 				--fillrows
diff --git a/msys2/usr/share/bash-completion/completions/fdisk b/msys2/usr/share/bash-completion/completions/fdisk
index 72a2b4236..855de1468 100644
--- a/msys2/usr/share/bash-completion/completions/fdisk
+++ b/msys2/usr/share/bash-completion/completions/fdisk
@@ -21,11 +21,46 @@ _fdisk_module()
 			COMPREPLY=( $(compgen -W "auto never always" -- $cur) )
 			return 0
 			;;
+		'--output')
+			local prefix realcur OUTPUT_ALL OUTPUT
+			realcur="${cur##*,}"
+			prefix="${cur%$realcur}"
+			OUTPUT_ALL="
+				Attrs
+				Boot
+				Bsize
+				Cpg
+				Cylinders
+				Device
+				End
+				End-C/H/S
+				Flags
+				Fsize
+				Id
+				Name
+				Sectors
+				Size
+				Slice
+				Start
+				Start-C/H/S
+				Type
+				Type-UUID
+				UUID
+			"
+			for WORD in $OUTPUT_ALL; do
+				if ! [[ $prefix == *"$WORD"* ]]; then
+					OUTPUT="$WORD ${OUTPUT:-""}"
+				fi
+			done
+			compopt -o nospace
+			COMPREPLY=( $(compgen -P "$prefix" -W "$OUTPUT" -S ',' -- "$realcur") )
+			return 0
+			;;
 		'-u'|'--units')
 			COMPREPLY=( $(compgen -W "cylinders sectors" -- $cur) )
 			return 0
 			;;
-		'-C'|'--geom-cylinders'|'-H'|'--geom-heads'|'-S'|'--geom-sectors')
+		'-C'|'--cylinders'|'-H'|'--heads'|'-S'|'--sectors')
 			COMPREPLY=( $(compgen -W "number" -- $cur) )
 			return 0
 			;;
@@ -36,15 +71,20 @@ _fdisk_module()
 	case $cur in
 		-*)
 			OPTS="--sector-size
+				--protect-boot
 				--compatibility
 				--color
 				--list
+				--output
 				--type
 				--units
 				--getsz
-				--geom-cylinders
-				--geom-heads
-				--geom-sectors
+				--bytes
+				--wipe
+				--wipe-partitions
+				--cylinders
+				--heads
+				--sectors
 				--help
 				--version"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
diff --git a/msys2/usr/share/bash-completion/completions/findfs b/msys2/usr/share/bash-completion/completions/findfs
new file mode 100644
index 000000000..5297b863f
--- /dev/null
+++ b/msys2/usr/share/bash-completion/completions/findfs
@@ -0,0 +1,34 @@
+_findfs_module()
+{
+	local cur prev OPTS findable
+	COMPREPLY=()
+	cur="${COMP_WORDS[COMP_CWORD]}"
+	prev="${COMP_WORDS[COMP_CWORD-1]}"
+	case $prev in
+		'-h'|'--help'|'-V'|'--version')
+			return 0
+			;;
+	esac
+	case $cur in
+		-*)
+			OPTS="--version --help"
+			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
+			return 0
+			;;
+	esac
+	for i in $(lsblk -rpno label); do
+		findable+=" LABEL=$i"
+	done
+	for i in $(lsblk -rpno uuid); do
+		findable+=" UUID=$i"
+	done
+	for i in $(lsblk -rpno partlabel); do
+		findable+=" PARTLABEL=$i"
+	done
+	for i in $(lsblk -rpno partuuid); do
+		findable+=" PARTUUID=$i"
+	done
+	COMPREPLY=( $(compgen -W "$findable" -- $cur) )
+	return 0
+}
+complete -F _findfs_module findfs
diff --git a/msys2/usr/share/bash-completion/completions/flock b/msys2/usr/share/bash-completion/completions/flock
index 8e7f8b859..cb68245c8 100644
--- a/msys2/usr/share/bash-completion/completions/flock
+++ b/msys2/usr/share/bash-completion/completions/flock
@@ -32,6 +32,7 @@ _flock_module()
 				--conflict-exit-code
 				--close
 				--command
+				--no-fork
 				--help
 				--version"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
diff --git a/msys2/usr/share/bash-completion/completions/fsck.cramfs b/msys2/usr/share/bash-completion/completions/fsck.cramfs
index acf656411..d17d2fea7 100644
--- a/msys2/usr/share/bash-completion/completions/fsck.cramfs
+++ b/msys2/usr/share/bash-completion/completions/fsck.cramfs
@@ -5,7 +5,11 @@ _fsck.cramfs_module()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
-		'-x'|'--destination')
+		'-b'|'--blocksize')
+			COMPREPLY=( $(compgen -W "size" -- $cur) )
+			return 0
+			;;
+		'--extract')
 			local IFS=$'\n'
 			compopt -o filenames
 			COMPREPLY=( $(compgen -o dirnames -- ${cur:-"/"}) )
@@ -15,8 +19,15 @@ _fsck.cramfs_module()
 			return 0
 			;;
 	esac
-	OPTS='--verbose --destination --help --version file'
-	COMPREPLY=( $(compgen -W "${OPTS[*]}" -S ' ' -- $cur) )
+	case $cur in
+		-*)
+			COMPREPLY=( $(compgen -W "--verbose --blocksize --extract --help --version" -- $cur) )
+			return 0
+			;;
+	esac
+	local IFS=$'\n'
+	compopt -o filenames
+	COMPREPLY=( $(compgen -f -- $cur) )
 	return 0
 }
 complete -F _fsck.cramfs_module fsck.cramfs
diff --git a/msys2/usr/share/bash-completion/completions/fsck.minix b/msys2/usr/share/bash-completion/completions/fsck.minix
index 4ed511011..ac4571e71 100644
--- a/msys2/usr/share/bash-completion/completions/fsck.minix
+++ b/msys2/usr/share/bash-completion/completions/fsck.minix
@@ -1,16 +1,16 @@
 _fsck.minix_module()
 {
-	local cur prev OPTS DEVS
+	local cur OPTS
 	COMPREPLY=()
 	cur="${COMP_WORDS[COMP_CWORD]}"
-	prev="${COMP_WORDS[COMP_CWORD-1]}"
-	case $prev in
-		'-V'|'--version')
+	case $cur in
+		-*)
+			OPTS="--list --auto --repair --verbose --super --uncleared --force --help --version"
+			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
 	esac
-	OPTS="-l -a -r -v -s -m -f --version"
-	COMPREPLY=( $(compgen -W "${OPTS[*]} $(lsblk -pnro name)" -- $cur) )
+	COMPREPLY=( $(compgen -W "$(lsblk -pnro name)" -- $cur) )
 	return 0
 }
 complete -F _fsck.minix_module fsck.minix
diff --git a/msys2/usr/share/bash-completion/completions/gsettings b/msys2/usr/share/bash-completion/completions/gsettings
index 21f5c6d03..0316e299f 100644
--- a/msys2/usr/share/bash-completion/completions/gsettings
+++ b/msys2/usr/share/bash-completion/completions/gsettings
@@ -21,7 +21,7 @@ __gsettings() {
 
   case "$((${COMP_CWORD}-$coffset))" in
     1)
-      choices=$'--schemadir\n--version\nhelp \nlist-schemas\nlist-relocatable-schemas\nlist-keys \nlist-children \nlist-recursively \nget \nrange \nset \nreset \nreset-recursively \nwritable \nmonitor'
+      choices=$'--schemadir\n--version\nhelp \nlist-schemas\nlist-relocatable-schemas\nlist-keys \nlist-children \nlist-recursively \nget \nrange \nset \nreset \nreset-recursively \nwritable \nmonitor \ndescribe '
       ;;
 
     2)
@@ -38,7 +38,7 @@ __gsettings() {
           choices="$(gsettings $schemadir list-schemas)"$'\n'"$(gsettings $schemadir list-relocatable-schemas | sed -e 's.$.:/.')"
           ;;
 
-        get|range|set|reset|writable|monitor)
+        get|range|set|reset|writable|monitor|describe)
           choices="$(gsettings $schemadir list-schemas | sed -e 's.$. .')"$'\n'"$(gsettings $schemadir list-relocatable-schemas | sed -e 's.$.:/.')"
           ;;
       esac
@@ -50,7 +50,7 @@ __gsettings() {
           choices="$(gsettings $schemadir list-keys ${COMP_WORDS[$(($coffset+2))]} 2> /dev/null | sed -e 's.$. .')"
           ;;
 
-        get|range|reset|writable|monitor)
+        get|range|reset|writable|monitor|describe)
           choices="$(gsettings $schemadir list-keys ${COMP_WORDS[$(($coffset+2))]} 2> /dev/null)"
           ;;
       esac
diff --git a/msys2/usr/share/bash-completion/completions/hexdump b/msys2/usr/share/bash-completion/completions/hexdump
index 9dc274076..80b1ab628 100644
--- a/msys2/usr/share/bash-completion/completions/hexdump
+++ b/msys2/usr/share/bash-completion/completions/hexdump
@@ -5,6 +5,10 @@ _hexdump_module()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
+		'-L'|'--color')
+			COMPREPLY=( $(compgen -W "auto never always" -- $cur) )
+			return 0
+			;;
 		'-e'|'--format')
 			COMPREPLY=( $(compgen -W "format" -- $cur) )
 			return 0
@@ -29,6 +33,7 @@ _hexdump_module()
 				--two-bytes-decimal
 				--two-bytes-octal
 				--two-bytes-hex
+				--color=
 				--format
 				--format-file
 				--length
diff --git a/msys2/usr/share/bash-completion/completions/ipcmk b/msys2/usr/share/bash-completion/completions/ipcmk
new file mode 100644
index 000000000..696266cee
--- /dev/null
+++ b/msys2/usr/share/bash-completion/completions/ipcmk
@@ -0,0 +1,27 @@
+_ipcmk_module()
+{
+	local cur prev
+	COMPREPLY=()
+	cur="${COMP_WORDS[COMP_CWORD]}"
+	prev="${COMP_WORDS[COMP_CWORD-1]}"
+	case $prev in
+		'-M'|'--shmem')
+			COMPREPLY=( $(compgen -W "size" -- $cur) )
+			return 0
+			;;
+		'-S'|'--semaphore')
+			COMPREPLY=( $(compgen -W "number" -- $cur) )
+			return 0
+			;;
+		'-p'|'--mode')
+			COMPREPLY=( $(compgen -W "mode" -- $cur) )
+			return 0
+			;;
+		'-h'|'--help'|'-V'|'--version')
+			return 0
+			;;
+	esac
+	COMPREPLY=( $(compgen -W "--shmem --semaphore --queue --mode --help --version" -- $cur) )
+	return 0
+}
+complete -F _ipcmk_module ipcmk
diff --git a/msys2/usr/share/bash-completion/completions/isosize b/msys2/usr/share/bash-completion/completions/isosize
index 13d4d298a..fec2f8b8f 100644
--- a/msys2/usr/share/bash-completion/completions/isosize
+++ b/msys2/usr/share/bash-completion/completions/isosize
@@ -13,8 +13,15 @@ _isosize_module()
 			return 0
 			;;
 	esac
-	OPTS='--divisor --sectors --help --version'
-	COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
+	case $cur in
+		-*)
+			COMPREPLY=( $(compgen -W "--divisor --sectors --help --version" -- $cur) )
+			return 0
+			;;
+	esac
+	local IFS=$'\n'
+	compopt -o filenames
+	COMPREPLY=( $(compgen -f -- $cur) )
 	return 0
 }
 complete -F _isosize_module isosize
diff --git a/msys2/usr/share/bash-completion/completions/logger b/msys2/usr/share/bash-completion/completions/logger
index dcbfa9b62..7fb95652f 100644
--- a/msys2/usr/share/bash-completion/completions/logger
+++ b/msys2/usr/share/bash-completion/completions/logger
@@ -31,13 +31,44 @@ _logger_module()
 			COMPREPLY=( $(compgen -W "$(awk '$NF ~ /^\// {print $NF}' /proc/net/unix)" -- $cur) )
 			return 0
 			;;
+		'--socket-errors')
+			COMPREPLY=( $(compgen -W "on off auto" -- $cur) )
+			return 0
+			;;
+		'--msgid')
+			COMPREPLY=( $(compgen -W "msgid" -- $cur) )
+			return 0
+			;;
 		'-h'|'--help'|'-V'|'--version')
 			return 0
 			;;
 	esac
 	case $cur in
 		-*)
-			OPTS="--journald --udp --id --file --help --server --skip-empty --port --priority --rfc3164 --rfc5424 --stderr --tag --size --socket --version"
+			OPTS="
+				--file
+				--help
+				--id
+				--journald
+				--msgid
+				--no-act
+				--octet-count
+				--port
+				--prio-prefix
+				--priority
+				--rfc3164
+				--rfc5424
+				--server
+				--size
+				--skip-empty
+				--socket
+				--socket-errors
+				--stderr
+				--tag
+				--tcp
+				--udp
+				--version
+			"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/look b/msys2/usr/share/bash-completion/completions/look
index 303a7565a..feafe2379 100644
--- a/msys2/usr/share/bash-completion/completions/look
+++ b/msys2/usr/share/bash-completion/completions/look
@@ -20,9 +20,16 @@ _look_module()
 			return 0
 			;;
 	esac
-	local IFS=$'\n'
-	compopt -o filenames
-	COMPREPLY=( $(compgen -f -- $cur) )
+	case $COMP_CWORD in
+		1)
+			COMPREPLY=( $(compgen -W "$(look "$cur")" -- $cur) )
+			;;
+		2)
+			local IFS=$'\n'
+			compopt -o filenames
+			COMPREPLY=( $(compgen -f -- $cur) )
+			;;
+	esac
 	return 0
 }
 complete -F _look_module look
diff --git a/msys2/usr/share/bash-completion/completions/makepkg b/msys2/usr/share/bash-completion/completions/makepkg
index 6f99681d4..a2d39a566 100644
--- a/msys2/usr/share/bash-completion/completions/makepkg
+++ b/msys2/usr/share/bash-completion/completions/makepkg
@@ -24,7 +24,7 @@ _arch_ptr2comp() {
 }
 
 _arch_incomp() {
-  local r="\s-(-${1#* }\s|\w*${1% *})"; [[ $COMP_LINE =~ $r ]]
+  local r="[[:space:]]-(-${1#* }[[:space:]]|[[:alnum:]_]*${1% *})"; [[ $COMP_LINE =~ $r ]]
 }
 
 _pacman_keyids() {
@@ -74,7 +74,7 @@ _makepkg() {
   local cur opts prev
   COMPREPLY=()
   _get_comp_words_by_ref cur prev
-  if [[ $cur = -* && ! $prev =~ ^-(-(config|help|key|version)$|\w*[Vhp]) ]]; then
+  if [[ $cur = -* && ! $prev =~ ^-(-(config|help|key|version)$|[[:alnum:]_]*[Vhp]) ]]; then
     opts=('allsource asdeps check clean cleanbuild config force geninteg help
            holdver ignorearch install key log needed noarchive nobuild nocheck
            nocolor noconfirm nodeps noextract noprepare noprogressbar nosign
@@ -96,14 +96,18 @@ _pacman_pkg() {
   )"
 }
 
+_pacman_repo_list() {
+  _arch_compgen "$(pacman-conf --repo-list)"
+}
+
 _pacman() {
-  local common core cur database prev query remove sync upgrade o
+  local common core cur database files prev query remove sync upgrade o
   COMPREPLY=()
   _get_comp_words_by_ref cur prev
   database=('asdeps asexplicit')
   files=('list machinereadable owns search refresh regex' 'l o s x y')
-  query=('changelog check deps explicit file foreign groups info list owns
-          search unrequired upgrades' 'c e g i k l m o p s t u')
+  query=('changelog check deps explicit file foreign groups info list native owns
+          search unrequired upgrades' 'c e g i k l m n o p s t u')
   remove=('cascade dbonly nodeps assume-installed nosave print recursive unneeded' 'c n p s u')
   sync=('asdeps asexplicit clean dbonly downloadonly force groups ignore ignoregroup
          info list needed nodeps assume-installed print refresh recursive search sysupgrade'
@@ -119,7 +123,7 @@ _pacman() {
 
   if [[ $? != 0 ]]; then
     _arch_ptr2comp core
-  elif [[ ! $prev =~ ^-\w*[Vbhr] &&
+  elif [[ ! $prev =~ ^-[[:alnum:]_]*[Vbhr] &&
     ! $prev = --@(cachedir|color|config|dbpath|help|hookdir|gpgdir|logfile|root|version) ]]
   then
     [[ $cur = -* ]] && _arch_ptr2comp ${o#* } common ||
@@ -136,7 +140,7 @@ _pacman() {
           _pacman_pkg Qq;;
       S)
         { _arch_incomp 'g groups' && _pacman_pkg Sg; }      ||
-        { _arch_incomp 'l list'   && _pacman_pkg Sl sort; } ||
+        { _arch_incomp 'l list'   && _pacman_repo_list; } ||
           _pacman_pkg Slq;;
       U)
           _pacman_file;;
diff --git a/msys2/usr/share/bash-completion/completions/mcookie b/msys2/usr/share/bash-completion/completions/mcookie
index 4345b6e6c..041582ffc 100644
--- a/msys2/usr/share/bash-completion/completions/mcookie
+++ b/msys2/usr/share/bash-completion/completions/mcookie
@@ -11,13 +11,17 @@ _mcookie_module()
 			COMPREPLY=( $(compgen -f -- $cur) )
 			return 0
 			;;
+		'-m'|'--max-size')
+			COMPREPLY=( $(compgen -W "bytes" -- $cur) )
+			return 0
+			;;
 		'-h'|'--help'|'-V'|'--version')
 			return 0
 			;;
 	esac
 	case $cur in
 		-*)
-			OPTS="--file --verbose --version --help"
+			OPTS="--file --max-size --verbose --version --help"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/mkfs b/msys2/usr/share/bash-completion/completions/mkfs
index 2938a30e2..3d91a86e9 100644
--- a/msys2/usr/share/bash-completion/completions/mkfs
+++ b/msys2/usr/share/bash-completion/completions/mkfs
@@ -1,6 +1,6 @@
 _mkfs_module()
 {
-	local cur prev OPTS DEVS
+	local cur prev OPTS
 	COMPREPLY=()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
diff --git a/msys2/usr/share/bash-completion/completions/mkfs.bfs b/msys2/usr/share/bash-completion/completions/mkfs.bfs
index 1bd67a068..75458bb09 100644
--- a/msys2/usr/share/bash-completion/completions/mkfs.bfs
+++ b/msys2/usr/share/bash-completion/completions/mkfs.bfs
@@ -1,6 +1,6 @@
 _mkfs.bfs_module()
 {
-	local cur prev OPTS DEVS
+	local cur prev OPTS
 	COMPREPLY=()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
diff --git a/msys2/usr/share/bash-completion/completions/mkfs.minix b/msys2/usr/share/bash-completion/completions/mkfs.minix
index c84a23761..e725fd6df 100644
--- a/msys2/usr/share/bash-completion/completions/mkfs.minix
+++ b/msys2/usr/share/bash-completion/completions/mkfs.minix
@@ -5,30 +5,27 @@ _mkfs.minix_module()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
-		'-i')
+		'-i'|'--inodes')
 			COMPREPLY=( $(compgen -W "inodes" -- $cur) )
 			return 0
 			;;
-		'-l')
-			COMPREPLY=( $(compgen -W "badblocks-file" -- $cur) )
+		'-l'|'--badblocks')
+			compopt -o filenames
+			COMPREPLY=( $(compgen -f -- $cur) )
 			return 0
 			;;
-		'-n')
-			COMPREPLY=( $(compgen -W "14 30" -- $cur) )
-			return 0
-			;;
-		'-V'|'--version')
+		'-n'|'--namelength')
+			COMPREPLY=( $(compgen -W "14 30 60" -- $cur) )
 			return 0
 			;;
 	esac
 	case $cur in
 		-*)
-			OPTS="-c -i -l -n -1 -2 -3"
+			OPTS="--namelength --inodes --check --badblocks --help --version -1 -2 -3"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
 	esac
-	local DEVS
 	COMPREPLY=( $(compgen -W "$(lsblk -pnro name)" -- $cur) )
 	return 0
 }
diff --git a/msys2/usr/share/bash-completion/completions/mkswap b/msys2/usr/share/bash-completion/completions/mkswap
index b72efafd9..6ccc21421 100644
--- a/msys2/usr/share/bash-completion/completions/mkswap
+++ b/msys2/usr/share/bash-completion/completions/mkswap
@@ -17,7 +17,11 @@ _mkswap_module()
 			COMPREPLY=( $(compgen -W "1" -- $cur) )
 			return 0
 			;;
-		'-U'|'--uuid'|'-h'|'--help'|'-V'|'--version')
+		'-U'|'--uuid')
+			COMPREPLY=( $(compgen -W "$(uuidgen -r)" -- $cur) )
+			return 0
+			;;
+		'-h'|'--help'|'-V'|'--version')
 			return 0
 			;;
 	esac
diff --git a/msys2/usr/share/bash-completion/completions/pacman b/msys2/usr/share/bash-completion/completions/pacman
index 6f99681d4..a2d39a566 100644
--- a/msys2/usr/share/bash-completion/completions/pacman
+++ b/msys2/usr/share/bash-completion/completions/pacman
@@ -24,7 +24,7 @@ _arch_ptr2comp() {
 }
 
 _arch_incomp() {
-  local r="\s-(-${1#* }\s|\w*${1% *})"; [[ $COMP_LINE =~ $r ]]
+  local r="[[:space:]]-(-${1#* }[[:space:]]|[[:alnum:]_]*${1% *})"; [[ $COMP_LINE =~ $r ]]
 }
 
 _pacman_keyids() {
@@ -74,7 +74,7 @@ _makepkg() {
   local cur opts prev
   COMPREPLY=()
   _get_comp_words_by_ref cur prev
-  if [[ $cur = -* && ! $prev =~ ^-(-(config|help|key|version)$|\w*[Vhp]) ]]; then
+  if [[ $cur = -* && ! $prev =~ ^-(-(config|help|key|version)$|[[:alnum:]_]*[Vhp]) ]]; then
     opts=('allsource asdeps check clean cleanbuild config force geninteg help
            holdver ignorearch install key log needed noarchive nobuild nocheck
            nocolor noconfirm nodeps noextract noprepare noprogressbar nosign
@@ -96,14 +96,18 @@ _pacman_pkg() {
   )"
 }
 
+_pacman_repo_list() {
+  _arch_compgen "$(pacman-conf --repo-list)"
+}
+
 _pacman() {
-  local common core cur database prev query remove sync upgrade o
+  local common core cur database files prev query remove sync upgrade o
   COMPREPLY=()
   _get_comp_words_by_ref cur prev
   database=('asdeps asexplicit')
   files=('list machinereadable owns search refresh regex' 'l o s x y')
-  query=('changelog check deps explicit file foreign groups info list owns
-          search unrequired upgrades' 'c e g i k l m o p s t u')
+  query=('changelog check deps explicit file foreign groups info list native owns
+          search unrequired upgrades' 'c e g i k l m n o p s t u')
   remove=('cascade dbonly nodeps assume-installed nosave print recursive unneeded' 'c n p s u')
   sync=('asdeps asexplicit clean dbonly downloadonly force groups ignore ignoregroup
          info list needed nodeps assume-installed print refresh recursive search sysupgrade'
@@ -119,7 +123,7 @@ _pacman() {
 
   if [[ $? != 0 ]]; then
     _arch_ptr2comp core
-  elif [[ ! $prev =~ ^-\w*[Vbhr] &&
+  elif [[ ! $prev =~ ^-[[:alnum:]_]*[Vbhr] &&
     ! $prev = --@(cachedir|color|config|dbpath|help|hookdir|gpgdir|logfile|root|version) ]]
   then
     [[ $cur = -* ]] && _arch_ptr2comp ${o#* } common ||
@@ -136,7 +140,7 @@ _pacman() {
           _pacman_pkg Qq;;
       S)
         { _arch_incomp 'g groups' && _pacman_pkg Sg; }      ||
-        { _arch_incomp 'l list'   && _pacman_pkg Sl sort; } ||
+        { _arch_incomp 'l list'   && _pacman_repo_list; } ||
           _pacman_pkg Slq;;
       U)
           _pacman_file;;
diff --git a/msys2/usr/share/bash-completion/completions/pacman-key b/msys2/usr/share/bash-completion/completions/pacman-key
index 6f99681d4..a2d39a566 100644
--- a/msys2/usr/share/bash-completion/completions/pacman-key
+++ b/msys2/usr/share/bash-completion/completions/pacman-key
@@ -24,7 +24,7 @@ _arch_ptr2comp() {
 }
 
 _arch_incomp() {
-  local r="\s-(-${1#* }\s|\w*${1% *})"; [[ $COMP_LINE =~ $r ]]
+  local r="[[:space:]]-(-${1#* }[[:space:]]|[[:alnum:]_]*${1% *})"; [[ $COMP_LINE =~ $r ]]
 }
 
 _pacman_keyids() {
@@ -74,7 +74,7 @@ _makepkg() {
   local cur opts prev
   COMPREPLY=()
   _get_comp_words_by_ref cur prev
-  if [[ $cur = -* && ! $prev =~ ^-(-(config|help|key|version)$|\w*[Vhp]) ]]; then
+  if [[ $cur = -* && ! $prev =~ ^-(-(config|help|key|version)$|[[:alnum:]_]*[Vhp]) ]]; then
     opts=('allsource asdeps check clean cleanbuild config force geninteg help
            holdver ignorearch install key log needed noarchive nobuild nocheck
            nocolor noconfirm nodeps noextract noprepare noprogressbar nosign
@@ -96,14 +96,18 @@ _pacman_pkg() {
   )"
 }
 
+_pacman_repo_list() {
+  _arch_compgen "$(pacman-conf --repo-list)"
+}
+
 _pacman() {
-  local common core cur database prev query remove sync upgrade o
+  local common core cur database files prev query remove sync upgrade o
   COMPREPLY=()
   _get_comp_words_by_ref cur prev
   database=('asdeps asexplicit')
   files=('list machinereadable owns search refresh regex' 'l o s x y')
-  query=('changelog check deps explicit file foreign groups info list owns
-          search unrequired upgrades' 'c e g i k l m o p s t u')
+  query=('changelog check deps explicit file foreign groups info list native owns
+          search unrequired upgrades' 'c e g i k l m n o p s t u')
   remove=('cascade dbonly nodeps assume-installed nosave print recursive unneeded' 'c n p s u')
   sync=('asdeps asexplicit clean dbonly downloadonly force groups ignore ignoregroup
          info list needed nodeps assume-installed print refresh recursive search sysupgrade'
@@ -119,7 +123,7 @@ _pacman() {
 
   if [[ $? != 0 ]]; then
     _arch_ptr2comp core
-  elif [[ ! $prev =~ ^-\w*[Vbhr] &&
+  elif [[ ! $prev =~ ^-[[:alnum:]_]*[Vbhr] &&
     ! $prev = --@(cachedir|color|config|dbpath|help|hookdir|gpgdir|logfile|root|version) ]]
   then
     [[ $cur = -* ]] && _arch_ptr2comp ${o#* } common ||
@@ -136,7 +140,7 @@ _pacman() {
           _pacman_pkg Qq;;
       S)
         { _arch_incomp 'g groups' && _pacman_pkg Sg; }      ||
-        { _arch_incomp 'l list'   && _pacman_pkg Sl sort; } ||
+        { _arch_incomp 'l list'   && _pacman_repo_list; } ||
           _pacman_pkg Slq;;
       U)
           _pacman_file;;
diff --git a/msys2/usr/share/bash-completion/completions/pkgfile b/msys2/usr/share/bash-completion/completions/pkgfile
index 700c17fa8..4de46aa9a 100644
--- a/msys2/usr/share/bash-completion/completions/pkgfile
+++ b/msys2/usr/share/bash-completion/completions/pkgfile
@@ -17,13 +17,13 @@ __hasprefix() {
 _pkgfile() {
   local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD - 1]} prevprev=${COMP_WORDS[COMP_CWORD - 2]}
 
-  local shortopts=(-l -s -u -b -C -g -i -q -R -r -h -V -v -w -z -0)
+  local shortopts=(-l -s -u -b -C -D -g -i -q -R -r -h -V -v -w -z -0)
   local longopts=(--list --search --update --binaries --glob --ignorecase
                   --quiet --regex --help --version --verbose --raw --null)
-  local longoptsarg=(--compress --config --repo)
+  local longoptsarg=(--compress --config --cachedir --repo)
   local allopts=("${shortopts[@]}" "${longopts[@]}" "${longoptsarg[@]}")
 
-  local compressopts=(none gzip bzip2 lzma lzop xz)
+  local compressopts=(none gzip bzip2 lz4 lzma lzop xz)
 
   # maybe mangle the arguments in case we're looking at a --longopt=$val
   [[ $cur = '=' ]] && cur=
@@ -37,6 +37,11 @@ _pkgfile() {
       compopt -o filenames
       return 0
       ;;
+    -D|--cachedir)
+      COMPREPLY=($(compgen -d -- "$cur"))
+      compopt -o filenames
+      return 0
+      ;;
     -z|--compress)
       COMPREPLY=($(compgen -W '${compressopts[*]}' -- "$cur"))
       return 0
diff --git a/msys2/usr/share/bash-completion/completions/rename b/msys2/usr/share/bash-completion/completions/rename
index 81365a5b2..9fc1ceca3 100644
--- a/msys2/usr/share/bash-completion/completions/rename
+++ b/msys2/usr/share/bash-completion/completions/rename
@@ -11,7 +11,7 @@ _rename_module()
 	esac
 	case $cur in
 		-*)
-			OPTS="--verbose --symlink --help --version"
+			OPTS="--verbose --symlink --help --version --no-act --no-override --interactive"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/renice b/msys2/usr/share/bash-completion/completions/renice
index c3e9331b0..2495f3785 100644
--- a/msys2/usr/share/bash-completion/completions/renice
+++ b/msys2/usr/share/bash-completion/completions/renice
@@ -17,7 +17,7 @@ _renice_module()
 			;;
 		'-p'|'--pid')
 			local PIDS
-			PIDS=$(for I in /proc/[0-9]*; do echo ${I##"/proc/"}; done)
+			PIDS=$(cd /proc && echo [0-9]*)
 			COMPREPLY=( $(compgen -W "$PIDS" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/script b/msys2/usr/share/bash-completion/completions/script
index d7efd7e7c..ef8afc69e 100644
--- a/msys2/usr/share/bash-completion/completions/script
+++ b/msys2/usr/share/bash-completion/completions/script
@@ -10,6 +10,10 @@ _script_module()
 			COMPREPLY=( $(compgen -c -- $cur) )
 			return 0
 			;;
+		'-o'|'--output-limit')
+			COMPREPLY=( $(compgen -W "size" -- $cur) )
+			return 0
+			;;
 		'-h'|'--help'|'-V'|'--version')
 			return 0
 			;;
@@ -25,6 +29,7 @@ _script_module()
 				--flush
 				--force
 				--quiet
+				--output-limit
 				--timing=
 				--version
 				--help"
diff --git a/msys2/usr/share/bash-completion/completions/scriptreplay b/msys2/usr/share/bash-completion/completions/scriptreplay
index a4aa8a08d..9e1a79023 100644
--- a/msys2/usr/share/bash-completion/completions/scriptreplay
+++ b/msys2/usr/share/bash-completion/completions/scriptreplay
@@ -5,7 +5,7 @@ _scriptreplay_module()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
-		'-d'|'--divisor')
+		'-d'|'--divisor'|'-m'|'--maxdelay')
 			COMPREPLY=( $(compgen -W "digit" -- $cur) )
 			return 0
 			;;
@@ -18,6 +18,7 @@ _scriptreplay_module()
 			OPTS="--timing
 				--typescript
 				--divisor
+				--maxdelay
 				--version
 				--help"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
diff --git a/msys2/usr/share/bash-completion/completions/setsid b/msys2/usr/share/bash-completion/completions/setsid
index 568159bda..955ec27c0 100644
--- a/msys2/usr/share/bash-completion/completions/setsid
+++ b/msys2/usr/share/bash-completion/completions/setsid
@@ -11,7 +11,7 @@ _setsid_module()
 	esac
 	case $cur in
 		-*)
-			OPTS="--ctty --help --version"
+			OPTS="--ctty --wait --help --version"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/sfdisk b/msys2/usr/share/bash-completion/completions/sfdisk
index 16ada3f19..9401f89ac 100644
--- a/msys2/usr/share/bash-completion/completions/sfdisk
+++ b/msys2/usr/share/bash-completion/completions/sfdisk
@@ -5,15 +5,37 @@ _sfdisk_module()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
-		'-u'|'--unit')
-			COMPREPLY=( $(compgen -W "S C B M" -- $cur) )
+		'-d'|'--dump'|'-J'|'--json'|'-l'|'--list'|'-F'|'--list-free'|'-r'|'--reorder'|'-s'|'--show-size'|'-V'|'--verify'|'-A'|'--activate'|'--delete')
+			COMPREPLY=( $(compgen -W "$(lsblk -dpnro name)" -- $cur) )
 			return 0
 			;;
-		'-n'|'-C'|'--cylinders'|'-H'|'--heads'|'-S'|'--sectors')
+		'-N'|'--partno')
 			COMPREPLY=( $(compgen -W "number" -- $cur) )
 			return 0
 			;;
-		'-O'|'-I')
+		'--color'|'-w'|'--wipe'|'-W'|'--wipe-partitions')
+			COMPREPLY=( $(compgen -W "auto never always" -- $cur) )
+			return 0
+			;;
+		'-o'|'--output')
+			local prefix realcur OUTPUT_ALL OUTPUT
+			realcur="${cur##*,}"
+			prefix="${cur%$realcur}"
+			OUTPUT_ALL="
+				Attrs Boot Bsize Cpg Cylinders Device End
+				End-C/H/S Flags Fsize Id Name Sectors Size
+				Slice Start Start-C/H/S Type Type-UUID UUID
+			"
+			for WORD in $OUTPUT_ALL; do
+				if ! [[ $prefix == *"$WORD"* ]]; then
+					OUTPUT="$WORD ${OUTPUT:-""}"
+				fi
+			done
+			compopt -o nospace
+			COMPREPLY=( $(compgen -P "$prefix" -W "$OUTPUT" -S ',' -- "$realcur") )
+			return 0
+			;;
+		'-O'|'--backup-file')
 			local IFS=$'\n'
 			compopt -o filenames
 			COMPREPLY=( $(compgen -f -- $cur) )
@@ -28,47 +50,42 @@ _sfdisk_module()
 			cur=${cur#=}
 			;;
 		-*)
-			OPTS="--show-size
-				--id
-				--change-id
-				--print-id
-				--list
+			OPTS="
+				--activate
 				--dump
-				--increment
-				--unit
-				--one-only
-				--list-types
-				--DOS
-				--DOS-extended
-				--re-read
-				-N
-				-n
-				-O
-				-I
-				--verify
-				--version
-				--help
-				--force
-				--no-reread
-				--quiet
-				--Linux
+				--json
 				--show-geometry
-				--show-pt-geometry
-				--activate=
-				--unhide=
-				--show-extended
-				--leave-last
-				--IBM
-				--in-order
-				--not-in-order
-				--inside-outer
-				--not-inside-outer
-				--nested
-				--chained
-				--onesector
-				--cylinders
-				--heads
-				--sectors"
+				--list
+				--list-free
+				--reorder
+				--show-size
+				--list-types
+				--verify
+				--delete
+				--part-label
+				--part-type
+				--part-uuid
+				--part-attrs
+				--append
+				--backup
+				--bytes
+				--move-data
+				--force
+				--color
+				--partno
+				--no-act
+				--no-reread
+				--no-tell-kernel
+				--backup-file
+				--output
+				--quiet
+				--wipe
+				--wipe-partitions
+				--label
+				--label-nested
+				--help
+				--version
+			"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/tailf b/msys2/usr/share/bash-completion/completions/tailf
deleted file mode 100644
index 0d4c869c0..000000000
--- a/msys2/usr/share/bash-completion/completions/tailf
+++ /dev/null
@@ -1,28 +0,0 @@
-_tailf_module()
-{
-	local cur prev OPTS
-	COMPREPLY=()
-	cur="${COMP_WORDS[COMP_CWORD]}"
-	prev="${COMP_WORDS[COMP_CWORD-1]}"
-	case $prev in
-		'-n'|'--lines')
-			COMPREPLY=( $(compgen -W "number" -- $cur) )
-			return 0
-			;;
-		'-h'|'--help'|'-V'|'--version')
-			return 0
-			;;
-	esac
-	case $cur in
-		-*)
-			OPTS="--lines --version --help"
-			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
-			return 0
-			;;
-	esac
-	local IFS=$'\n'
-	compopt -o filenames
-	COMPREPLY=( $(compgen -f -- $cur) )
-	return 0
-}
-complete -F _tailf_module tailf
diff --git a/msys2/usr/share/bash-completion/completions/uuidd b/msys2/usr/share/bash-completion/completions/uuidd
deleted file mode 100644
index c8f6697c9..000000000
--- a/msys2/usr/share/bash-completion/completions/uuidd
+++ /dev/null
@@ -1,39 +0,0 @@
-_uuidd_module()
-{
-	local cur prev OPTS
-	COMPREPLY=()
-	cur="${COMP_WORDS[COMP_CWORD]}"
-	prev="${COMP_WORDS[COMP_CWORD-1]}"
-	case $prev in
-		'-p'|'--pid'|'-s'|'--socket')
-			local IFS=$'\n'
-			compopt -o filenames
-			COMPREPLY=( $(compgen -f -- $cur) )
-			return 0
-			;;
-		'-T'|'--timeout')
-			local IFS=$'\n'
-			compopt -o filenames
-			COMPREPLY=( $(compgen -W "timeout" -- $cur) )
-			return 0
-			;;
-		'-n'|'--uuids')
-			local IFS=$'\n'
-			compopt -o filenames
-			COMPREPLY=( $(compgen -W "number" -- $cur) )
-			return 0
-			;;
-		'-h'|'--help'|'-V'|'--version')
-			return 0
-			;;
-	esac
-	case $cur in
-		-*)
-			OPTS="--pid --socket --timeout --kill --random --time --uuids --no-pid --no-fork --socket-activation --debug --quiet --version --help"
-			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
-			return 0
-			;;
-	esac
-	return 0
-}
-complete -F _uuidd_module uuidd
diff --git a/msys2/usr/share/bash-completion/completions/uuidgen b/msys2/usr/share/bash-completion/completions/uuidgen
index 42d95d42f..8e64015c0 100644
--- a/msys2/usr/share/bash-completion/completions/uuidgen
+++ b/msys2/usr/share/bash-completion/completions/uuidgen
@@ -5,13 +5,31 @@ _uuidgen_module()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
+		'-n'|'--namespace')
+			COMPREPLY=( $(compgen -W "@dns @url @oid @x500 @x.500" -- "$cur") )
+			return 0
+			;;
+		'-N'|'--name')
+			COMPREPLY=( $(compgen -W "name" -- "$cur") )
+			return 0
+			;;
 		'-h'|'--help'|'-V'|'--version')
 			return 0
 			;;
 	esac
 	case $cur in
 		-*)
-			OPTS="--random --time --version --help"
+			OPTS="
+				--random
+				--time
+				--namespace
+				--name
+				--md5
+				--sha1
+				--hex
+				--help
+				--version
+			"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/bash-completion/completions/uuidparse b/msys2/usr/share/bash-completion/completions/uuidparse
new file mode 100644
index 000000000..a646844f2
--- /dev/null
+++ b/msys2/usr/share/bash-completion/completions/uuidparse
@@ -0,0 +1,37 @@
+_uuidparse_module()
+{
+	local cur prev OPTS
+	COMPREPLY=()
+	cur="${COMP_WORDS[COMP_CWORD]}"
+	prev="${COMP_WORDS[COMP_CWORD-1]}"
+	case $prev in
+		'-o'|'--output')
+			local prefix realcur OUTPUT
+			realcur="${cur##*,}"
+			prefix="${cur%$realcur}"
+			for WORD in "UUID VARIANT TYPE TIME"; do
+				if ! [[ $prefix == *"$WORD"* ]]; then
+					OUTPUT="$WORD ${OUTPUT:-""}"
+				fi
+			done
+			compopt -o nospace
+			COMPREPLY=( $(compgen -P "$prefix" -W "$OUTPUT" -S ',' -- $realcur) )
+			return 0
+			;;
+		'-h'|'--help'|'-V'|'--version')
+			return 0
+			;;
+	esac
+	OPTS="
+		--json
+		--noheadings
+		--output
+		--raw
+		--help
+		--version
+	"
+	COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
+	return 0
+
+}
+complete -F _uuidparse_module uuidparse
diff --git a/msys2/usr/share/bash-completion/completions/wipefs b/msys2/usr/share/bash-completion/completions/wipefs
index d735b5ac7..13568ca32 100644
--- a/msys2/usr/share/bash-completion/completions/wipefs
+++ b/msys2/usr/share/bash-completion/completions/wipefs
@@ -5,6 +5,20 @@ _wipefs_module()
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	case $prev in
+		'-O'|'--output')
+			local prefix realcur OUTPUT_ALL OUTPUT
+			realcur="${cur##*,}"
+			prefix="${cur%$realcur}"
+			OUTPUT_ALL="UUID LABEL LENGTH TYPE OFFSET USAGE DEVICE"
+			for WORD in $OUTPUT_ALL; do
+				if ! [[ $prefix == *"$WORD"* ]]; then
+					OUTPUT="$WORD ${OUTPUT:-""}"
+				fi
+			done
+			compopt -o nospace
+			COMPREPLY=( $(compgen -P "$prefix" -W "$OUTPUT" -S ',' -- $realcur) )
+			return 0
+			;;
 		'-o'|'--offset')
 			COMPREPLY=( $(compgen -W "offset" -- $cur) )
 			return 0
@@ -21,7 +35,21 @@ _wipefs_module()
 	esac
 	case $cur in
 		-*)
-			OPTS="--all --force --help --no-act --offset --parsable --quiet --types --version"
+			OPTS="
+				--all
+				--backup
+				--force
+				--noheadings
+				--json
+				--no-act
+				--offset
+				--output
+				--parsable
+				--quiet
+				--types
+				--help
+				--version
+			"
 			COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
 			return 0
 			;;
diff --git a/msys2/usr/share/doc/gnupg/DCO b/msys2/usr/share/doc/gnupg/DCO
new file mode 100644
index 000000000..bae7bffd2
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/DCO
@@ -0,0 +1,29 @@
+GnuPG Developer's Certificate of Origin.  Version 1.0
+=====================================================
+
+By making a contribution to the GnuPG project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the free software license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the
+    best of my knowledge, is covered under an appropriate free
+    software license and I have the right under that license to
+    submit that work with modifications, whether created in whole
+    or in part by me, under the same free software license
+    (unless I am permitted to submit under a different license),
+    as indicated in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including
+    all personal information I submit with it, including my
+    sign-off) is maintained indefinitely and may be redistributed
+    consistent with this project or the free software license(s)
+    involved.
+
+Signed-off-by: [Your name and mail address]
diff --git a/msys2/usr/share/doc/gnupg/DETAILS b/msys2/usr/share/doc/gnupg/DETAILS
new file mode 100644
index 000000000..dea9d4263
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/DETAILS
@@ -0,0 +1,1574 @@
+# doc/DETAILS                                                -*- org -*-
+#+TITLE: GnuPG Details
+# Globally disable superscripts and subscripts:
+#+OPTIONS: ^:{}
+#
+
+# Note: This file uses org-mode; it should be easy to read as plain
+# text but be aware of some markup peculiarities: Verbatim code is
+# enclosed in #+begin-example, #+end-example blocks or marked by a
+# colon as the first non-white-space character, words bracketed with
+# equal signs indicate a monospace font, and the usual /italics/,
+# *bold*, and _underline_ conventions are recognized.
+
+This is the DETAILS file for GnuPG which specifies some internals and
+parts of the external API for GPG and GPGSM.
+
+* Format of the colon listings
+
+  The format is a based on colon separated record, each recods starts
+  with a tag string and extends to the end of the line.  Here is an
+  example:
+#+begin_example
+$ gpg --with-colons --list-keys \
+      --with-fingerprint --with-fingerprint wk@gnupg.org
+pub:f:1024:17:6C7EE1B8621CC013:899817715:1055898235::m:::scESC:
+fpr:::::::::ECAF7590EB3443B5C7CF3ACB6C7EE1B8621CC013:
+uid:f::::::::Werner Koch <wk@g10code.com>:
+uid:f::::::::Werner Koch <wk@gnupg.org>:
+sub:f:1536:16:06AD222CADF6A6E1:919537416:1036177416:::::e:
+fpr:::::::::CF8BCC4B18DE08FCD8A1615906AD222CADF6A6E1:
+sub:r:1536:20:5CE086B5B5A18FF4:899817788:1025961788:::::esc:
+fpr:::::::::AB059359A3B81F410FCFF97F5CE086B5B5A18FF4:
+#+end_example
+
+Note that new version of GnuPG or the use of certain options may add
+new fields to the output.  Parsers should not assume a limit on the
+number of fields per line.  Some fields are not yet used or only used
+with certain record types; parsers should ignore fields they are not
+aware of.  New versions of GnuPG or the use of certain options may add
+new types of records as well.  Parsers should ignore any record whose
+type they do not recognize for forward-compatibility.
+
+The double =--with-fingerprint= prints the fingerprint for the subkeys
+too.  Old versions of gpg used a slightly different format and required
+the use of the option =--fixed-list-mode= to conform to the format
+described here.
+
+
+** Description of the fields
+*** Field 1 - Type of record
+
+    - pub :: Public key
+    - crt :: X.509 certificate
+    - crs :: X.509 certificate and private key available
+    - sub :: Subkey (secondary key)
+    - sec :: Secret key
+    - ssb :: Secret subkey (secondary key)
+    - uid :: User id
+    - uat :: User attribute (same as user id except for field 10).
+    - sig :: Signature
+    - rev :: Revocation signature
+    - rvs :: Recocation signature (standalone) [since 2.2.9]
+    - fpr :: Fingerprint (fingerprint is in field 10)
+    - pkd :: Public key data [*]
+    - grp :: Keygrip
+    - rvk :: Revocation key
+    - tfs :: TOFU statistics [*]
+    - tru :: Trust database information [*]
+    - spk :: Signature subpacket [*]
+    - cfg :: Configuration data [*]
+
+    Records marked with an asterisk are described at [[*Special%20field%20formats][*Special fields]].
+
+*** Field 2 - Validity
+
+    This is a letter describing the computed validity of a key.
+    Currently this is a single letter, but be prepared that additional
+    information may follow in some future versions. Note that GnuPG <
+    2.1 does not set this field for secret key listings.
+
+    - o :: Unknown (this key is new to the system)
+    - i :: The key is invalid (e.g. due to a missing self-signature)
+    - d :: The key has been disabled
+	   (deprecated - use the 'D' in field 12 instead)
+    - r :: The key has been revoked
+    - e :: The key has expired
+    - - :: Unknown validity (i.e. no value assigned)
+    - q :: Undefined validity.  '-' and 'q' may safely be treated as
+           the same value for most purposes
+    - n :: The key is not valid
+    - m :: The key is marginal valid.
+    - f :: The key is fully valid
+    - u :: The key is ultimately valid.  This often means that the
+           secret key is available, but any key may be marked as
+           ultimately valid.
+    - w :: The key has a well known private part.
+    - s :: The key has special validity.  This means that it might be
+           self-signed and expected to be used in the STEED system.
+
+    If the validity information is given for a UID or UAT record, it
+    describes the validity calculated based on this user ID.  If given
+    for a key record it describes the validity taken from the best
+    rated user ID.
+
+    For X.509 certificates a 'u' is used for a trusted root
+    certificate (i.e. for the trust anchor) and an 'f' for all other
+    valid certificates.
+
+    In "sig" records, this field may have one of these values as first
+    character:
+
+    - ! :: Signature is good.
+    - - :: Signature is bad.
+    - ? :: No public key to verify signature or public key is not usable.
+    - % :: Other error verifying a signature
+
+    More values may be added later.  The field may also be empty if
+    gpg has been invoked in a non-checking mode (--list-sigs) or in a
+    fast checking mode.  Since 2.2.7 '?' will also be printed by the
+    command --list-sigs if the key is not in the local keyring.
+
+*** Field 3 - Key length
+
+    The length of key in bits.
+
+*** Field 4 - Public key algorithm
+
+    The values here are those from the OpenPGP specs or if they are
+    greather than 255 the algorithm ids as used by Libgcrypt.
+
+*** Field 5 - KeyID
+
+    This is the 64 bit keyid as specified by OpenPGP and the last 64
+    bit of the SHA-1 fingerprint of an X.509 certifciate.
+
+*** Field 6 - Creation date
+
+    The creation date of the key is given in UTC.  For UID and UAT
+    records, this is used for the self-signature date.  Note that the
+    date is usually printed in seconds since epoch, however, we are
+    migrating to an ISO 8601 format (e.g. "19660205T091500").  This is
+    currently only relevant for X.509.  A simple way to detect the new
+    format is to scan for the 'T'.  Note that old versions of gpg
+    without using the =--fixed-list-mode= option used a "yyyy-mm-tt"
+    format.
+
+*** Field 7 - Expiration date
+
+    Key or UID/UAT expiration date or empty if it does not expire.
+
+*** Field 8 - Certificate S/N, UID hash, trust signature info
+
+    Used for serial number in crt records.  For UID and UAT records,
+    this is a hash of the user ID contents used to represent that
+    exact user ID.  For trust signatures, this is the trust depth
+    separated by the trust value by a space.
+
+*** Field 9 -  Ownertrust
+
+    This is only used on primary keys.  This is a single letter, but
+    be prepared that additional information may follow in future
+    versions.  For trust signatures with a regular expression, this is
+    the regular expression value, quoted as in field 10.
+
+*** Field 10 - User-ID
+
+    The value is quoted like a C string to avoid control characters
+    (the colon is quoted =\x3a=).  For a "pub" record this field is
+    not used on --fixed-list-mode.  A UAT record puts the attribute
+    subpacket count here, a space, and then the total attribute
+    subpacket size.  In gpgsm the issuer name comes here.  A FPR
+    record stores the fingerprint here.  The fingerprint of a
+    revocation key is stored here.
+
+*** Field 11 - Signature class
+
+    Signature class as per RFC-4880.  This is a 2 digit hexnumber
+    followed by either the letter 'x' for an exportable signature or
+    the letter 'l' for a local-only signature.  The class byte of an
+    revocation key is also given here, 'x' and 'l' is used the same
+    way.  This field if not used for X.509.
+
+    "rev" and "rvs" may be followed by a comma and a 2 digit hexnumber
+    with the revocation reason.
+
+*** Field 12 - Key capabilities
+
+    The defined capabilities are:
+
+    - e :: Encrypt
+    - s :: Sign
+    - c :: Certify
+    - a :: Authentication
+    - ? :: Unknown capability
+
+    A key may have any combination of them in any order.  In addition
+    to these letters, the primary key has uppercase versions of the
+    letters to denote the _usable_ capabilities of the entire key, and
+    a potential letter 'D' to indicate a disabled key.
+
+*** Field 13 - Issuer certificate fingerprint or other info
+
+    Used in FPR records for S/MIME keys to store the fingerprint of
+    the issuer certificate.  This is useful to build the certificate
+    path based on certificates stored in the local key database it is
+    only filled if the issuer certificate is available. The root has
+    been reached if this is the same string as the fingerprint. The
+    advantage of using this value is that it is guaranteed to have
+    been built by the same lookup algorithm as gpgsm uses.
+
+    For "uid" records this field lists the preferences in the same way
+    gpg's --edit-key menu does.
+
+    For "sig", "rev" and "rvs" records, this is the fingerprint of the
+    key that issued the signature.  Note that this may only be filled
+    if the signature verified correctly.  Note also that for various
+    technical reasons, this fingerprint is only available if
+    --no-sig-cache is used.  Since 2.2.7 this field will also be set
+    if the key is missing but the signature carries an issuer
+    fingerprint as meta data.
+
+*** Field 14 - Flag field
+
+    Flag field used in the --edit menu output
+
+*** Field 15 - S/N of a token
+
+    Used in sec/ssb to print the serial number of a token (internal
+    protect mode 1002) or a '#' if that key is a simple stub (internal
+    protect mode 1001).  If the option --with-secret is used and a
+    secret key is available for the public key, a '+' indicates this.
+
+*** Field 16 - Hash algorithm
+
+    For sig records, this is the used hash algorithm.  For example:
+    2 = SHA-1, 8 = SHA-256.
+
+*** Field 17 - Curve name
+
+    For pub, sub, sec, and ssb records this field is used for the ECC
+    curve name.
+
+*** Field 18 - Compliance flags
+
+    Space separated list of asserted compliance modes for this key.
+
+    Valid values are:
+
+    - 8  :: The key is compliant with RFC4880bis
+    - 23 :: The key is compliant with compliance mode "de-vs".
+
+*** Field 19 - Last update
+
+    The timestamp of the last update of a key or user ID.  The update
+    time of a key is defined a lookup of the key via its unique
+    identifier (fingerprint); the field is empty if not known.  The
+    update time of a user ID is defined by a lookup of the key using a
+    trusted mapping from mail address to key.
+
+*** Field 20 - Origin
+
+    The origin of the key or the user ID.  This is an integer
+    optionally followed by a space and an URL.  This goes along with
+    the previous field.  The URL is quoted in C style.
+
+*** Field 21 - Comment
+
+    This is currently only used in "rev" and "rvs" records to carry
+    the the comment field of the recocation reason.  The value is
+    quoted in C style.
+
+** Special fields
+
+*** PKD - Public key data
+
+    If field 1 has the tag "pkd", a listing looks like this:
+#+begin_example
+pkd:0:1024:B665B1435F4C2 .... FF26ABB:
+    !  !   !-- the value
+    !  !------ for information number of bits in the value
+    !--------- index (eg. DSA goes from 0 to 3: p,q,g,y)
+#+end_example
+
+*** TFS - TOFU statistics
+
+    This field may follows a UID record to convey information about
+    the TOFU database.  The information is similar to a TOFU_STATS
+    status line.
+
+    - Field 2 :: tfs record version (must be 1)
+    - Field 3 :: validity -  A number with validity code.
+    - Field 4 :: signcount - The number of signatures seen.
+    - Field 5 :: encrcount - The number of encryptions done.
+    - Field 6 :: policy - A string with the policy
+    - Field 7 :: signture-first-seen - a timestamp or 0 if not known.
+    - Field 8 :: signature-most-recent-seen - a timestamp or 0 if not known.
+    - Field 9 :: encryption-first-done - a timestamp or 0 if not known.
+    - Field 10 :: encryption-most-recent-done - a timestamp or 0 if not known.
+
+*** TRU - Trust database information
+    Example for a "tru" trust base record:
+#+begin_example
+    tru:o:0:1166697654:1:3:1:5
+#+end_example
+
+    - Field 2 :: Reason for staleness of trust.  If this field is
+                 empty, then the trustdb is not stale.  This field may
+                 have multiple flags in it:
+
+                 - o :: Trustdb is old
+                 - t :: Trustdb was built with a different trust model
+                        than the one we are using now.
+
+    - Field 3 :: Trust model
+
+                 - 0 :: Classic trust model, as used in PGP 2.x.
+                 - 1 :: PGP trust model, as used in PGP 6 and later.
+                        This is the same as the classic trust model,
+                        except for the addition of trust signatures.
+
+                 GnuPG before version 1.4 used the classic trust model
+                 by default. GnuPG 1.4 and later uses the PGP trust
+                 model by default.
+
+    - Field 4 :: Date trustdb was created in seconds since Epoch.
+    - Field 5 :: Date trustdb will expire in seconds since Epoch.
+    - Field 6 :: Number of marginally trusted users to introduce a new
+                 key signer (gpg's option --marginals-needed).
+    - Field 7 :: Number of completely trusted users to introduce a new
+                 key signer.  (gpg's option --completes-needed)
+
+    - Field 8 :: Maximum depth of a certification chain. (gpg's option
+                 --max-cert-depth)
+
+*** SPK - Signature subpacket records
+
+    - Field 2 :: Subpacket number as per RFC-4880 and later.
+    - Field 3 :: Flags in hex.  Currently the only two bits assigned
+                 are 1, to indicate that the subpacket came from the
+                 hashed part of the signature, and 2, to indicate the
+                 subpacket was marked critical.
+    - Field 4 :: Length of the subpacket.  Note that this is the
+                 length of the subpacket, and not the length of field
+                 5 below.  Due to the need for %-encoding, the length
+                 of field 5 may be up to 3x this value.
+    - Field 5 :: The subpacket data.  Printable ASCII is shown as
+                 ASCII, but other values are rendered as %XX where XX
+                 is the hex value for the byte.
+
+*** CFG - Configuration data
+
+    --list-config outputs information about the GnuPG configuration
+    for the benefit of frontends or other programs that call GnuPG.
+    There are several list-config items, all colon delimited like the
+    rest of the --with-colons output.  The first field is always "cfg"
+    to indicate configuration information.  The second field is one of
+    (with examples):
+
+    - version :: The third field contains the version of GnuPG.
+
+                 : cfg:version:1.3.5
+
+    - pubkey :: The third field contains the public key algorithms
+                this version of GnuPG supports, separated by
+                semicolons.  The algorithm numbers are as specified in
+                RFC-4880.  Note that in contrast to the --status-fd
+                interface these are _not_ the Libgcrypt identifiers.
+                Using =pubkeyname= prints names instead of numbers.
+
+                 : cfg:pubkey:1;2;3;16;17
+
+    - cipher :: The third field contains the symmetric ciphers this
+                version of GnuPG supports, separated by semicolons.
+                The cipher numbers are as specified in RFC-4880.
+                Using =ciphername= prints names instead of numbers.
+
+                 : cfg:cipher:2;3;4;7;8;9;10
+
+    - digest :: The third field contains the digest (hash) algorithms
+                this version of GnuPG supports, separated by
+                semicolons.  The digest numbers are as specified in
+                RFC-4880.  Using =digestname= prints names instead of
+                numbers.
+
+                 : cfg:digest:1;2;3;8;9;10
+
+    - compress :: The third field contains the compression algorithms
+                  this version of GnuPG supports, separated by
+                  semicolons.  The algorithm numbers are as specified
+                  in RFC-4880.
+
+                 : cfg:compress:0;1;2;3
+
+    - group :: The third field contains the name of the group, and the
+               fourth field contains the values that the group expands
+               to, separated by semicolons.
+
+               For example, a group of:
+                 : group mynames = paige 0x12345678 joe patti
+               would result in:
+                 : cfg:group:mynames:patti;joe;0x12345678;paige
+
+    - curve :: The third field contains the curve names this version
+               of GnuPG supports, separated by semicolons. Using
+               =curveoid= prints OIDs instead of numbers.
+
+                 : cfg:curve:ed25519;nistp256;nistp384;nistp521
+
+
+* Format of the --status-fd output
+
+  Every line is prefixed with "[GNUPG:] ", followed by a keyword with
+  the type of the status line and some arguments depending on the type
+  (maybe none); an application should always be willing to ignore
+  unknown keywords that may be emitted by future versions of GnuPG.
+  Also, new versions of GnuPG may add arguments to existing keywords.
+  Any additional arguments should be ignored for forward-compatibility.
+
+** General status codes
+*** NEWSIG [<signers_uid>]
+    Is issued right before a signature verification starts.  This is
+    useful to define a context for parsing ERROR status messages.
+    If SIGNERS_UID is given and is not "-" this is the percent-escaped
+    value of the OpenPGP Signer's User ID signature sub-packet.
+
+*** GOODSIG  <long_keyid_or_fpr>  <username>
+    The signature with the keyid is good.  For each signature only one
+    of the codes GOODSIG, BADSIG, EXPSIG, EXPKEYSIG, REVKEYSIG or
+    ERRSIG will be emitted.  In the past they were used as a marker
+    for a new signature; new code should use the NEWSIG status
+    instead.  The username is the primary one encoded in UTF-8 and %XX
+    escaped. The fingerprint may be used instead of the long keyid if
+    it is available.  This is the case with CMS and might eventually
+    also be available for OpenPGP.
+
+*** EXPSIG  <long_keyid_or_fpr>  <username>
+    The signature with the keyid is good, but the signature is
+    expired. The username is the primary one encoded in UTF-8 and %XX
+    escaped. The fingerprint may be used instead of the long keyid if
+    it is available.  This is the case with CMS and might eventually
+    also be available for OpenPGP.
+
+*** EXPKEYSIG  <long_keyid_or_fpr> <username>
+    The signature with the keyid is good, but the signature was made
+    by an expired key. The username is the primary one encoded in
+    UTF-8 and %XX escaped.  The fingerprint may be used instead of the
+    long keyid if it is available.  This is the case with CMS and
+    might eventually also be available for OpenPGP.
+
+*** REVKEYSIG  <long_keyid_or_fpr>  <username>
+    The signature with the keyid is good, but the signature was made
+    by a revoked key. The username is the primary one encoded in UTF-8
+    and %XX escaped. The fingerprint may be used instead of the long
+    keyid if it is available.  This is the case with CMS and might
+    eventually also beñ available for OpenPGP.
+
+*** BADSIG  <long_keyid_or_fpr>  <username>
+    The signature with the keyid has not been verified okay.  The
+    username is the primary one encoded in UTF-8 and %XX escaped. The
+    fingerprint may be used instead of the long keyid if it is
+    available.  This is the case with CMS and might eventually also be
+    available for OpenPGP.
+
+*** ERRSIG  <keyid>  <pkalgo> <hashalgo> <sig_class> <time> <rc> <fpr>
+    It was not possible to check the signature.  This may be caused by
+    a missing public key or an unsupported algorithm.  A RC of 4
+    indicates unknown algorithm, a 9 indicates a missing public
+    key. The other fields give more information about this signature.
+    sig_class is a 2 byte hex-value.  The fingerprint may be used
+    instead of the long_keyid_or_fpr if it is available.  This is the
+    case with gpgsm and might eventually also be available for
+    OpenPGP.  The ERRSIG line has FPR filed which is only available
+    since 2.2.7; that FPR may either be missing or - if the signature
+    has no fingerprint as meta data.
+
+    Note, that TIME may either be the number of seconds since Epoch or
+    an ISO 8601 string.  The latter can be detected by the presence of
+    the letter 'T'.
+
+*** VALIDSIG <args>
+
+    The args are:
+
+    - <fingerprint_in_hex>
+    - <sig_creation_date>
+    - <sig-timestamp>
+    - <expire-timestamp>
+    - <sig-version>
+    - <reserved>
+    - <pubkey-algo>
+    - <hash-algo>
+    - <sig-class>
+    - [ <primary-key-fpr> ]
+
+    This status indicates that the signature is cryptographically
+    valid. This is similar to GOODSIG, EXPSIG, EXPKEYSIG, or REVKEYSIG
+    (depending on the date and the state of the signature and signing
+    key) but has the fingerprint as the argument. Multiple status
+    lines (VALIDSIG and the other appropriate *SIG status) are emitted
+    for a valid signature.  All arguments here are on one long line.
+    sig-timestamp is the signature creation time in seconds after the
+    epoch. expire-timestamp is the signature expiration time in
+    seconds after the epoch (zero means "does not
+    expire"). sig-version, pubkey-algo, hash-algo, and sig-class (a
+    2-byte hex value) are all straight from the signature packet.
+    PRIMARY-KEY-FPR is the fingerprint of the primary key or identical
+    to the first argument.  This is useful to get back to the primary
+    key without running gpg again for this purpose.
+
+    The primary-key-fpr parameter is used for OpenPGP and not
+    available for CMS signatures.  The sig-version as well as the sig
+    class is not defined for CMS and currently set to 0 and 00.
+
+    Note, that *-TIMESTAMP may either be a number of seconds since
+    Epoch or an ISO 8601 string which can be detected by the presence
+    of the letter 'T'.
+
+*** SIG_ID  <radix64_string>  <sig_creation_date>  <sig-timestamp>
+    This is emitted only for signatures of class 0 or 1 which have
+    been verified okay.  The string is a signature id and may be used
+    in applications to detect replay attacks of signed messages.  Note
+    that only DLP algorithms give unique ids - others may yield
+    duplicated ones when they have been created in the same second.
+
+    Note, that SIG-TIMESTAMP may either be a number of seconds since
+    Epoch or an ISO 8601 string which can be detected by the presence
+    of the letter 'T'.
+
+*** ENC_TO  <long_keyid>  <keytype>  <keylength>
+    The message is encrypted to this LONG_KEYID.  KEYTYPE is the
+    numerical value of the public key algorithm or 0 if it is not
+    known, KEYLENGTH is the length of the key or 0 if it is not known
+    (which is currently always the case).  Gpg prints this line
+    always; Gpgsm only if it knows the certificate.
+
+*** BEGIN_DECRYPTION
+    Mark the start of the actual decryption process.  This is also
+    emitted when in --list-only mode.
+*** END_DECRYPTION
+    Mark the end of the actual decryption process.  This are also
+    emitted when in --list-only mode.
+*** DECRYPTION_KEY <fpr> <fpr2> <otrust>
+    This line is emitted when a public key decryption succeeded in
+    providing a session key.  <fpr> is the hexified fingerprint of the
+    actual key used for descryption.  <fpr2> is the fingerprint of the
+    primary key.  <otrust> is the letter with the ownertrust; this is
+    in general a 'u' which stands for ultimately trusted.
+*** DECRYPTION_INFO <mdc_method> <sym_algo>
+    Print information about the symmetric encryption algorithm and the
+    MDC method.  This will be emitted even if the decryption fails.
+
+*** DECRYPTION_FAILED
+    The symmetric decryption failed - one reason could be a wrong
+    passphrase for a symmetrical encrypted message.
+
+*** DECRYPTION_OKAY
+    The decryption process succeeded.  This means, that either the
+    correct secret key has been used or the correct passphrase for a
+    symmetric encrypted message was given.  The program itself may
+    return an errorcode because it may not be possible to verify a
+    signature for some reasons.
+
+*** SESSION_KEY <algo>:<hexdigits>
+    The session key used to decrypt the message.  This message will
+    only be emitted if the option --show-session-key is used.  The
+    format is suitable to be passed as value for the option
+    --override-session-key.  It is not an indication that the
+    decryption will or has succeeded.
+
+*** BEGIN_ENCRYPTION  <mdc_method> <sym_algo>
+    Mark the start of the actual encryption process.
+
+*** END_ENCRYPTION
+    Mark the end of the actual encryption process.
+
+*** FILE_START <what> <filename>
+    Start processing a file <filename>.  <what> indicates the performed
+    operation:
+    - 1 :: verify
+    - 2 :: encrypt
+    - 3 :: decrypt
+
+*** FILE_DONE
+    Marks the end of a file processing which has been started
+    by FILE_START.
+
+*** BEGIN_SIGNING
+    Mark the start of the actual signing process. This may be used as
+    an indication that all requested secret keys are ready for use.
+
+*** ALREADY_SIGNED <long-keyid>
+    Warning: This is experimental and might be removed at any time.
+
+*** SIG_CREATED <type> <pk_algo> <hash_algo> <class> <timestamp> <keyfpr>
+    A signature has been created using these parameters.
+    Values for type <type> are:
+      - D :: detached
+      - C :: cleartext
+      - S :: standard
+    (only the first character should be checked)
+
+    <class> are 2 hex digits with the OpenPGP signature class.
+
+    Note, that TIMESTAMP may either be a number of seconds since Epoch
+    or an ISO 8601 string which can be detected by the presence of the
+    letter 'T'.
+
+*** NOTATION_
+    There are actually three related status codes to convey notation
+    data:
+
+    - NOTATION_NAME <name>
+    - NOTATION_FLAGS <critical> <human_readable>
+    - NOTATION_DATA <string>
+
+    <name> and <string> are %XX escaped.  The data may be split among
+    several NOTATION_DATA lines.  NOTATION_FLAGS is emitted after
+    NOTATION_NAME and gives the critical and human readable flags;
+    the flag values are either 0 or 1.
+
+*** POLICY_URL <string>
+    Note that URL in <string> is %XX escaped.
+
+*** PLAINTEXT <format> <timestamp> <filename>
+    This indicates the format of the plaintext that is about to be
+    written.  The format is a 1 byte hex code that shows the format of
+    the plaintext: 62 ('b') is binary data, 74 ('t') is text data with
+    no character set specified, and 75 ('u') is text data encoded in
+    the UTF-8 character set.  The timestamp is in seconds since the
+    epoch.  If a filename is available it gets printed as the third
+    argument, percent-escaped as usual.
+
+*** PLAINTEXT_LENGTH <length>
+    This indicates the length of the plaintext that is about to be
+    written.  Note that if the plaintext packet has partial length
+    encoding it is not possible to know the length ahead of time.  In
+    that case, this status tag does not appear.
+
+*** ATTRIBUTE <arguments>
+    The list or arguments are:
+    - <fpr>
+    - <octets>
+    - <type>
+    - <index>
+    - <count>
+    - <timestamp>
+    - <expiredate>
+    - <flags>
+
+    This is one long line issued for each attribute subpacket when an
+    attribute packet is seen during key listing.  <fpr> is the
+    fingerprint of the key.  <octets> is the length of the attribute
+    subpacket.  <type> is the attribute type (e.g. 1 for an image).
+    <index> and <count> indicate that this is the N-th indexed
+    subpacket of count total subpackets in this attribute packet.
+    <timestamp> and <expiredate> are from the self-signature on the
+    attribute packet.  If the attribute packet does not have a valid
+    self-signature, then the timestamp is 0.  <flags> are a bitwise OR
+    of:
+    - 0x01 :: this attribute packet is a primary uid
+    - 0x02 :: this attribute packet is revoked
+    - 0x04 :: this attribute packet is expired
+
+*** SIG_SUBPACKET <type> <flags> <len> <data>
+    This indicates that a signature subpacket was seen.  The format is
+    the same as the "spk" record above.
+
+*** ENCRYPTION_COMPLIANCE_MODE <flags>
+    Indicates that the current encryption operation was in compliance
+    with the given set of modes for all recipients.  "flags" is a
+    space separated list of numerical flags, see "Field 18 -
+    Compliance flags" above.
+
+*** DECRYPTION_COMPLIANCE_MODE <flags>
+    Indicates that the current decryption operation is in compliance
+    with the given set of modes.  "flags" is a space separated list of
+    numerical flags, see "Field 18 - Compliance flags" above.
+
+*** VERIFICATION_COMPLIANCE_MODE <flags>
+    Indicates that the current signature verification operation is in
+    compliance with the given set of modes.  "flags" is a space
+    separated list of numerical flags, see "Field 18 - Compliance
+    flags" above.
+
+** Key related
+*** INV_RECP, INV_SGNR
+    The two similar status codes:
+
+    - INV_RECP <reason> <requested_recipient>
+    - INV_SGNR <reason> <requested_sender>
+
+    are issued for each unusable recipient/sender. The reasons codes
+    currently in use are:
+
+       -  0 :: No specific reason given
+       -  1 :: Not Found
+       -  2 :: Ambigious specification
+       -  3 :: Wrong key usage
+       -  4 :: Key revoked
+       -  5 :: Key expired
+       -  6 :: No CRL known
+       -  7 :: CRL too old
+       -  8 :: Policy mismatch
+       -  9 :: Not a secret key
+       - 10 :: Key not trusted
+       - 11 :: Missing certificate
+       - 12 :: Missing issuer certificate
+       - 13 :: Key disabled
+       - 14 :: Syntax error in specification
+
+    If no specific reason was given a previously emitted status code
+    KEY_CONSIDERED may be used to analyzed the problem.
+
+    Note that for historical reasons the INV_RECP status is also used
+    for gpgsm's SIGNER command where it relates to signer's of course.
+    Newer GnuPG versions are using INV_SGNR; applications should
+    ignore the INV_RECP during the sender's command processing once
+    they have seen an INV_SGNR.  Different codes are used so that they
+    can be distinguish while doing an encrypt+sign operation.
+
+*** NO_RECP <reserved>
+    Issued if no recipients are usable.
+
+*** NO_SGNR <reserved>
+    Issued if no senders are usable.
+
+*** KEY_CONSIDERED <fpr> <flags>
+    Issued to explian the lookup of a key.  FPR is the hexified
+    fingerprint of the primary key.  The bit values for FLAGS are:
+
+    - 1 :: The key has not been selected.
+    - 2 :: All subkeys of the key are expired or have been revoked.
+
+*** KEYEXPIRED <expire-timestamp>
+    The key has expired.  expire-timestamp is the expiration time in
+    seconds since Epoch.  This status line is not very useful because
+    it will also be emitted for expired subkeys even if this subkey is
+    not used.  To check whether a key used to sign a message has
+    expired, the EXPKEYSIG status line is to be used.
+
+    Note, that the TIMESTAMP may either be a number of seconds since
+    Epoch or an ISO 8601 string which can be detected by the presence
+    of the letter 'T'.
+
+*** KEYREVOKED
+    The used key has been revoked by its owner.  No arguments yet.
+
+*** NO_PUBKEY  <long keyid>
+    The public key is not available.  Note the arg should in general
+    not be used because it is better to take it from the ERRSIG
+    status line which is printed right before this one.
+
+*** NO_SECKEY  <long keyid>
+    The secret key is not available
+
+*** KEY_CREATED <type> <fingerprint> [<handle>]
+    A key has been created.  Values for <type> are:
+      - B :: primary and subkey
+      - P :: primary
+      - S :: subkey
+    The fingerprint is one of the primary key for type B and P and the
+    one of the subkey for S.  Handle is an arbitrary non-whitespace
+    string used to match key parameters from batch key creation run.
+
+*** KEY_NOT_CREATED [<handle>]
+    The key from batch run has not been created due to errors.
+
+*** TRUST_
+    These are several similar status codes:
+
+    - TRUST_UNDEFINED <error_token>
+    - TRUST_NEVER     <error_token>
+    - TRUST_MARGINAL  [0  [<validation_model>]]
+    - TRUST_FULLY     [0  [<validation_model>]]
+    - TRUST_ULTIMATE  [0  [<validation_model>]]
+
+    For good signatures one of these status lines are emitted to
+    indicate the validity of the key used to create the signature.
+    The error token values are currently only emitted by gpgsm.
+
+    VALIDATION_MODEL describes the algorithm used to check the
+    validity of the key.  The defaults are the standard Web of Trust
+    model for gpg and the standard X.509 model for gpgsm.  The
+    defined values are
+
+       - pgp   :: The standard PGP WoT.
+       - shell :: The standard X.509 model.
+       - chain :: The chain model.
+       - steed :: The STEED model.
+       - tofu  :: The TOFU model
+
+    Note that the term =TRUST_= in the status names is used for
+    historic reasons; we now speak of validity.
+
+*** TOFU_USER <fingerprint_in_hex> <mbox>
+
+    This status identifies the key and the userid for all following
+    Tofu information.  The fingerprint is the fingerprint of the
+    primary key and the mbox is in general the addr-spec part of the
+    userid encoded in UTF-8 and percent escaped.  The fingerprint is
+    identical for all TOFU_USER lines up to a NEWSIG line.
+
+*** TOFU_STATS <MANY_ARGS>
+
+    Statistics for the current user id.
+
+    The <MANY_ARGS> are the usual space delimited arguments.  Here we
+    have too many of them to fit on one printed line and thus they are
+    given on 3 printed lines:
+
+    : <summary> <sign-count> <encryption-count>
+    : [<policy> [<tm1> <tm2> <tm3> <tm4>
+    : [<validity> [<sign-days> <encrypt-days>]]]]
+
+    Values for SUMMARY are:
+    - 0 :: attention, an interaction with the user is required (conflict)
+    - 1 :: key with no verification/encryption history
+    - 2 :: key with little history
+    - 3 :: key with enough history for basic trust
+    - 4 :: key with a lot of history
+
+    Values for POLICY are:
+    - none    :: No Policy set
+    - auto    :: Policy is "auto"
+    - good    :: Policy is "good"
+    - bad     :: Policy is "bad"
+    - ask     :: Policy is "ask"
+    - unknown :: Policy is "unknown" (TOFU information does not
+                 contribute to the key's validity)
+
+    TM1 is the time the first message was verified.  TM2 is the time
+    the most recent message was verified.  TM3 is the time the first
+    message was encrypted.  TM4 is the most recent encryption. All may
+    either be seconds since Epoch or an ISO time string
+    (yyyymmddThhmmss).
+
+    VALIDITY is the same as SUMMARY with the exception that VALIDITY
+    doesn't reflect whether the key needs attention.  That is it never
+    takes on value 0.  Instead, if there is a conflict, VALIDITY still
+    reflects the key's validity (values: 1-4).
+
+    SUMMARY values use the euclidean distance (m = sqrt(a² + b²)) rather
+    then the sum of the magnitudes (m = a + b) to ensure a balance between
+    verified signatures and encrypted messages.
+
+    Values are calculated based on the number of days where a key was used
+    for verifying a signature or to encrypt to it.
+    The ranges for the values are:
+
+    - 1 :: signature_days + encryption_days == 0
+    - 2 :: 1 <= sqrt(signature_days² + encryption_days²) < 8
+    - 3 :: 8 <= sqrt(signature_days² + encryption_days²) < 42
+    - 4 :: sqrt(signature_days² + encryption_days²) >= 42
+
+    SIGN-COUNT and ENCRYPTION-COUNT are the number of messages that we
+    have seen that have been signed by this key / encryption to this
+    key.
+
+    SIGN-DAYS and ENCRYPTION-DAYS are similar, but the number of days
+    (in UTC) on which we have seen messages signed by this key /
+    encrypted to this key.
+
+*** TOFU_STATS_SHORT <long_string>
+
+    Information about the TOFU binding for the signature.
+    Example: "15 signatures verified. 10 messages encrypted"
+
+*** TOFU_STATS_LONG <long_string>
+
+    Information about the TOFU binding for the signature in verbose
+    format.  The LONG_STRING is percent escaped.
+    Example: 'Verified 9 messages signed by "Werner Koch
+    (dist sig)" in the past 3 minutes, 40 seconds.  The most
+    recent message was verified 4 seconds ago.'
+
+*** PKA_TRUST_
+    This is one of:
+
+    - PKA_TRUST_GOOD <addr-spec>
+    - PKA_TRUST_BAD  <addr-spec>
+
+    Depending on the outcome of the PKA check one of the above status
+    codes is emitted in addition to a =TRUST_*= status.
+
+** Remote control
+*** GET_BOOL, GET_LINE, GET_HIDDEN, GOT_IT
+
+    These status line are used with --command-fd for interactive
+    control of the process.
+
+*** USERID_HINT <long main keyid> <string>
+    Give a hint about the user ID for a certain keyID.
+
+*** NEED_PASSPHRASE <long keyid> <long main keyid> <keytype> <keylength>
+    Issued whenever a passphrase is needed.  KEYTYPE is the numerical
+    value of the public key algorithm or 0 if this is not applicable,
+    KEYLENGTH is the length of the key or 0 if it is not known (this
+    is currently always the case).
+
+*** NEED_PASSPHRASE_SYM <cipher_algo> <s2k_mode> <s2k_hash>
+    Issued whenever a passphrase for symmetric encryption is needed.
+
+*** NEED_PASSPHRASE_PIN <card_type> <chvno> [<serialno>]
+    Issued whenever a PIN is requested to unlock a card.
+
+*** MISSING_PASSPHRASE
+    No passphrase was supplied.  An application which encounters this
+    message may want to stop parsing immediately because the next
+    message will probably be a BAD_PASSPHRASE.  However, if the
+    application is a wrapper around the key edit menu functionality it
+    might not make sense to stop parsing but simply ignoring the
+    following BAD_PASSPHRASE.
+
+*** BAD_PASSPHRASE <long keyid>
+    The supplied passphrase was wrong or not given.  In the latter
+    case you may have seen a MISSING_PASSPHRASE.
+
+*** GOOD_PASSPHRASE
+    The supplied passphrase was good and the secret key material
+    is therefore usable.
+
+** Import/Export
+*** IMPORT_CHECK <long keyid> <fingerprint> <user ID>
+    This status is emitted in interactive mode right before
+    the "import.okay" prompt.
+
+*** IMPORTED   <long keyid>  <username>
+    The keyid and name of the signature just imported
+
+*** IMPORT_OK  <reason> [<fingerprint>]
+    The key with the primary key's FINGERPRINT has been imported.
+    REASON flags are:
+
+    - 0 :: Not actually changed
+    - 1 :: Entirely new key.
+    - 2 :: New user IDs
+    - 4 :: New signatures
+    - 8 :: New subkeys
+    - 16 :: Contains private key.
+
+    The flags may be ORed.
+
+*** IMPORT_PROBLEM <reason> [<fingerprint>]
+    Issued for each import failure.  Reason codes are:
+
+    - 0 :: No specific reason given.
+    - 1 :: Invalid Certificate.
+    - 2 :: Issuer Certificate missing.
+    - 3 :: Certificate Chain too long.
+    - 4 :: Error storing certificate.
+
+*** IMPORT_RES <args>
+    Final statistics on import process (this is one long line). The
+    args are a list of unsigned numbers separated by white space:
+
+    - <count>
+    - <no_user_id>
+    - <imported>
+    - always 0 (formerly used for the number of RSA keys)
+    - <unchanged>
+    - <n_uids>
+    - <n_subk>
+    - <n_sigs>
+    - <n_revoc>
+    - <sec_read>
+    - <sec_imported>
+    - <sec_dups>
+    - <skipped_new_keys>
+    - <not_imported>
+    - <skipped_v3_keys>
+
+*** EXPORTED  <fingerprint>
+    The key with <fingerprint> has been exported.  The fingerprint is
+    the fingerprint of the primary key even if the primary key has
+    been replaced by a stub key during secret key export.
+
+*** EXPORT_RES <args>
+
+    Final statistics on export process (this is one long line). The
+    args are a list of unsigned numbers separated by white space:
+
+    - <count>
+    - <secret_count>
+    - <exported>
+
+
+** Smartcard related
+*** CARDCTRL <what> [<serialno>]
+    This is used to control smartcard operations.  Defined values for
+    WHAT are:
+
+      - 1 :: Request insertion of a card.  Serialnumber may be given
+             to request a specific card.  Used by gpg 1.4 w/o
+             scdaemon
+      - 2 :: Request removal of a card.  Used by gpg 1.4 w/o scdaemon.
+      - 3 :: Card with serialnumber detected
+      - 4 :: No card available
+      - 5 :: No card reader available
+      - 6 :: No card support available
+      - 7 :: Card is in termination state
+
+*** SC_OP_FAILURE [<code>]
+    An operation on a smartcard definitely failed.  Currently there is
+    no indication of the actual error code, but application should be
+    prepared to later accept more arguments.  Defined values for
+    <code> are:
+
+      - 0 :: unspecified error (identically to a missing CODE)
+      - 1 :: canceled
+      - 2 :: bad PIN
+
+*** SC_OP_SUCCESS
+    A smart card operaion succeeded.  This status is only printed for
+    certain operation and is mostly useful to check whether a PIN
+    change really worked.
+
+** Miscellaneous status codes
+*** NODATA  <what>
+    No data has been found.  Codes for WHAT are:
+
+    - 1 :: No armored data.
+    - 2 :: Expected a packet but did not found one.
+    - 3 :: Invalid packet found, this may indicate a non OpenPGP
+           message.
+    - 4 :: Signature expected but not found
+
+    You may see more than one of these status lines.
+
+*** UNEXPECTED <what>
+    Unexpected data has been encountered.  Codes for WHAT are:
+    - 0 :: Not further specified
+    - 1 :: Corrupted message structure
+
+*** TRUNCATED <maxno>
+    The output was truncated to MAXNO items.  This status code is
+    issued for certain external requests.
+
+*** ERROR <error location> <error code> [<more>]
+    This is a generic error status message, it might be followed by
+    error location specific data. <error code> and <error_location>
+    should not contain spaces.  The error code is a either a string
+    commencing with a letter or such a string prefixed with a
+    numerical error code and an underscore; e.g.: "151011327_EOF".
+*** WARNING <location> <error code> [<text>]
+    This is a generic warning status message, it might be followed by
+    error location specific data. <error code> and <location>
+    should not contain spaces.  The error code is a either a string
+    commencing with a letter or such a string prefixed with a
+    numerical error code and an underscore; e.g.: "151011327_EOF".
+*** SUCCESS [<location>]
+    Positive confirmation that an operation succeeded.  It is used
+    similar to ISO-C's EXIT_SUCCESS.  <location> is optional but if
+    given should not contain spaces.  Used only with a few commands.
+
+*** FAILURE <location> <error_code>
+    This is the counterpart to SUCCESS and used to indicate a program
+    failure.  It is used similar to ISO-C's EXIT_FAILURE but allows
+    conveying more information, in particular a gpg-error error code.
+    That numerical error code may optionally have a suffix made of an
+    underscore and a string with an error symbol like "151011327_EOF".
+    A dash may be used instead of <location>.
+
+*** BADARMOR
+    The ASCII armor is corrupted.  No arguments yet.
+
+*** DELETE_PROBLEM <reason_code>
+    Deleting a key failed.  Reason codes are:
+    - 1 :: No such key
+    - 2 :: Must delete secret key first
+    - 3 :: Ambigious specification
+    - 4 :: Key is stored on a smartcard.
+
+*** PROGRESS <what> <char> <cur> <total> [<units>]
+    Used by the primegen and public key functions to indicate
+    progress.  <char> is the character displayed with no --status-fd
+    enabled, with the linefeed replaced by an 'X'.  <cur> is the
+    current amount done and <total> is amount to be done; a <total> of
+    0 indicates that the total amount is not known. Both are
+    non-negative integers.  The condition
+      :       TOTAL && CUR == TOTAL
+    may be used to detect the end of an operation.
+
+    Well known values for <what> are:
+
+           - pk_dsa   :: DSA key generation
+           - pk_elg   :: Elgamal key generation
+           - primegen :: Prime generation
+           - need_entropy :: Waiting for new entropy in the RNG
+           - tick :: Generic tick without any special meaning - useful
+                     for letting clients know that the server is still
+                     working.
+           - starting_agent :: A gpg-agent was started because it is not
+                                running as a daemon.
+           - learncard :: Send by the agent and gpgsm while learing
+                          the data of a smartcard.
+           - card_busy :: A smartcard is still working
+
+    When <what> refers to a file path, it may be truncated.
+
+    <units> is sometimes used to describe the units for <current> and
+    <total>.  For example "B", "KiB", or "MiB".
+
+*** BACKUP_KEY_CREATED <fingerprint> <fname>
+    A backup of a key identified by <fingerprint> has been writte to
+    the file <fname>; <fname> is percent-escaped.
+
+*** MOUNTPOINT <name>
+    <name> is a percent-plus escaped filename describing the
+    mountpoint for the current operation (e.g. used by "g13 --mount").
+    This may either be the specified mountpoint or one randomly
+    chosen by g13.
+
+*** PINENTRY_LAUNCHED <pid>[:<extra>]
+    This status line is emitted by gpg to notify a client that a
+    Pinentry has been launched.  <pid> is the PID of the Pinentry.  It
+    may be used to display a hint to the user but can't be used to
+    synchronize with Pinentry.  Note that there is also an Assuan
+    inquiry line with the same name used internally or, if enabled,
+    send to the client instead of this status line.  Such an inquiry
+    may be used to sync with Pinentry
+
+** Obsolete status codes
+*** SIGEXPIRED
+    Removed on 2011-02-04.  This is deprecated in favor of KEYEXPIRED.
+*** RSA_OR_IDEA
+    Obsolete.  This status message used to be emitted for requests to
+    use the IDEA or RSA algorithms.  It has been dropped from GnuPG
+    2.1 after the respective patents expired.
+*** SHM_INFO, SHM_GET, SHM_GET_BOOL, SHM_GET_HIDDEN
+    These were used for the ancient shared memory based co-processing.
+*** BEGIN_STREAM, END_STREAM
+    Used to issued by the experimental pipemode.
+
+
+* Format of the --attribute-fd output
+
+  When --attribute-fd is set, during key listings (--list-keys,
+  --list-secret-keys) GnuPG dumps each attribute packet to the file
+  descriptor specified.  --attribute-fd is intended for use with
+  --status-fd as part of the required information is carried on the
+  ATTRIBUTE status tag (see above).
+
+  The contents of the attribute data is specified by RFC 4880.  For
+  convenience, here is the Photo ID format, as it is currently the
+  only attribute defined:
+
+  - Byte 0-1 :: The length of the image header.  Due to a historical
+                accident (i.e. oops!) back in the NAI PGP days, this
+                is a little-endian number.  Currently 16 (0x10 0x00).
+
+  - Byte 2 :: The image header version.  Currently 0x01.
+
+  - Byte 3 :: Encoding format.  0x01 == JPEG.
+
+  - Byte 4-15 :: Reserved, and currently unused.
+
+  All other data after this header is raw image (JPEG) data.
+
+
+* Layout of the TrustDB
+
+  The TrustDB is built from fixed length records, where the first byte
+  describes the record type.  All numeric values are stored in network
+  byte order.  The length of each record is 40 bytes.  The first
+  record of the DB is always of type 1 and this is the only record of
+  this type.
+
+  The record types: directory(2), key(3), uid(4), pref(5), sigrec(6),
+  and shadow directory(8) are not anymore used by version 2 of the
+  TrustDB.
+
+** Record type 0
+
+   Unused record or deleted, can be reused for any purpose.  Such
+   records should in general not exist because deleted records are of
+   type 254 and kept in a linked list.
+
+** Version info (RECTYPE_VER, 1)
+
+   Version information for this TrustDB.  This is always the first
+   record of the DB and the only one of this type.
+
+   - 1 u8 :: Record type (value: 1).
+   - 3 byte :: Magic value ("gpg")
+   - 1 u8 :: TrustDB version (value: 2).
+   - 1 u8 :: =marginals=. How many marginal trusted keys are required.
+   - 1 u8 :: =completes=. How many completely trusted keys are
+             required.
+   - 1 u8 :: =max_cert_depth=.  How deep is the WoT evaluated.  Along
+             with =marginals= and =completes=, this value is used to
+             check whether the cached validity value from a [FIXME
+             dir] record can be used.
+   - 1 u8 :: =trust_model=
+   - 1 u8 :: =min_cert_level=
+   - 2 byte :: Not used
+   - 1 u32 :: =created=. Timestamp of trustdb creation.
+   - 1 u32 :: =nextcheck=. Timestamp of last modification which may
+              affect the validity of keys in the trustdb.  This value
+              is checked against the validity timestamp in the dir
+              records.
+   - 1 u32 :: =reserved=.  Not used.
+   - 1 u32 :: =reserved2=. Not used.
+   - 1 u32 :: =firstfree=. Number of the record with the head record
+              of the RECTYPE_FREE linked list.
+   - 1 u32 :: =reserved3=. Not used.
+   - 1 u32 :: =trusthashtbl=. Record number of the trusthashtable.
+
+
+** Hash table (RECTYPE_HTBL, 10)
+
+   Due to the fact that we use fingerprints to lookup keys, we can
+   implement quick access by some simple hash methods, and avoid the
+   overhead of gdbm.  A property of fingerprints is that they can be
+   used directly as hash values.  What we use is a dynamic multilevel
+   architecture, which combines hash tables, record lists, and linked
+   lists.
+
+   This record is a hash table of 256 entries with the property that
+   all these records are stored consecutively to make one big
+   table. The hash value is simple the 1st, 2nd, ... byte of the
+   fingerprint (depending on the indirection level).
+
+   - 1 u8 :: Record type (value: 10).
+   - 1 u8 :: Reserved
+   - n u32 :: =recnum=.  A table with the hash table items fitting into
+              this record.  =n= depends on the record length:
+              $n=(reclen-2)/4$ which yields 9 for oure current record
+              length of 40 bytes.
+
+   The total number of hash table records to form the table is:
+   $m=(256+n-1)/n$.  This is 29 for our record length of 40.
+
+   To look up a key we use the first byte of the fingerprint to get
+   the recnum from this hash table and then look up the addressed
+   record:
+
+   - If that record is another hash table, we use 2nd byte to index
+     that hash table and so on;
+   - if that record is a hash list, we walk all entries until we find
+     a matching one; or
+   - if that record is a key record, we compare the fingerprint to
+     decide whether it is the requested key;
+
+
+** Hash list (RECTYPE_HLST, 11)
+
+   See hash table above on how it is used.  It may also be used for
+   other purposes.
+
+   - 1 u8 :: Record type (value: 11).
+   - 1 u8 :: Reserved.
+   - 1 u32 :: =next=.  Record number of the next hash list record or 0
+              if none.
+   - n u32 :: =rnum=.  Array with record numbers to values.  With
+              $n=(reclen-5)/5$ and our record length of 40, n is 7.
+
+** Trust record (RECTYPE_TRUST, 12)
+
+   - 1 u8 :: Record type (value: 12).
+   - 1 u8 :: Reserved.
+   - 20 byte :: =fingerprint=.
+   - 1 u8 :: =ownertrust=.
+   - 1 u8 :: =depth=.
+   - 1 u8 :: =min_ownertrust=.
+   - 1 byte :: Not used.
+   - 1 u32 :: =validlist=.
+   - 10 byte :: Not used.
+
+** Validity record (RECTYPE_VALID, 13)
+
+   - 1 u8 :: Record type (value: 13).
+   - 1 u8 :: Reserved.
+   - 20 byte :: =namehash=.
+   - 1 u8 :: =validity=
+   - 1 u32 :: =next=.
+   - 1 u8 :: =full_count=.
+   - 1 u8 :: =marginal_count=.
+   - 11 byte :: Not used.
+
+** Free record (RECTYPE_FREE, 254)
+
+   All these records form a linked list of unused records in the TrustDB.
+
+   - 1 u8 :: Record type (value: 254)
+   - 1 u8 :: Reserved.
+   - 1 u32 :: =next=.  Record number of the next rcord of this type.
+              The record number to the head of this linked list is
+              stored in the version info record.
+
+
+* Database scheme for the TOFU info
+
+#+begin_src sql
+--
+-- The VERSION table holds the version of our TOFU data structures.
+--
+CREATE TABLE version (
+  version integer -- As of now this is always 1
+);
+
+--
+-- The BINDINGS table associates mail addresses with keys.
+--
+CREATE TABLE bindings (
+  oid integer primary key autoincrement,
+  fingerprint text, -- The key's fingerprint in hex
+  email text,       -- The normalized mail address destilled from user_id
+  user_id text,     -- The unmodified user id
+  time integer,     -- The time this binding was first observed.
+  policy boolean check
+       (policy in (1, 2, 3, 4, 5)), -- The trust policy with the values:
+                                    --   1 := Auto
+                                    --   2 := Good
+                                    --   3 := Unknown
+                                    --   4 := Bad
+                                    --   5 := Ask
+  conflict string,  -- NULL or a hex formatted fingerprint.
+  unique (fingerprint, email)
+);
+
+CREATE INDEX bindings_fingerprint_email on bindings (fingerprint, email);
+CREATE INDEX bindings_email on bindings (email);
+
+--
+-- The SIGNATURES table records all data signatures we verified
+--
+CREATE TABLE signatures (
+  binding integer not null, -- Link to bindings table,
+                            -- references bindings.oid.
+  sig_digest text,          -- The digest of the signed message.
+  origin text,              -- String describing who initially fed
+                            -- the signature to gpg (e.g. "email:claws").
+  sig_time integer,         -- Timestamp from the signature.
+  time integer,             -- Time this record was created.
+  primary key (binding, sig_digest, origin)
+);
+#+end_src
+
+
+* GNU extensions to the S2K algorithm
+
+  1 octet  - S2K Usage: either 254 or 255.
+  1 octet  - S2K Cipher Algo: 0
+  1 octet  - S2K Specifier: 101
+  3 octets - "GNU"
+  1 octet  - GNU S2K Extension Number.
+
+  If such a GNU extension is used neither an IV nor any kind of
+  checksum is used.  The defined GNU S2K Extension Numbers are:
+
+  - 1 :: Do not store the secret part at all.  No specific data
+         follows.
+
+  - 2 :: A stub to access smartcards.  This data follows:
+         - One octet with the length of the following serial number.
+         - The serial number. Regardless of what the length octet
+           indicates no more than 16 octets are stored.
+
+  Note that gpg stores the GNU S2K Extension Number internally as an
+  S2K Specifier with an offset of 1000.
+
+
+* Format of the OpenPGP TRUST packet
+
+  According to RFC4880 (5.10), the trust packet (aka ring trust) is
+  only used within keyrings and contains data that records the user's
+  specifications of which key holds trusted introducers.  The RFC also
+  states that the format of this packet is implementation defined and
+  SHOULD NOT be emitted to output streams or should be ignored on
+  import.  GnuPG uses this packet in several additional ways:
+
+  - 1 octet :: Trust-Value (only used by Subtype SIG)
+  - 1 octet :: Signature-Cache (only used by Subtype SIG; value must
+               be less than 128)
+  - 3 octets :: Fixed value: "gpg"
+  - 1 octet  :: Subtype
+               - 0 :: Signature cache (SIG)
+               - 1 :: Key source on the primary key (KEY)
+               - 2 :: Key source on a user id (UID)
+  - 1 octet :: Key Source; i.e. the origin of the key:
+               - 0 :: Unknown source.
+               - 1 :: Public keyserver.
+               - 2 :: Preferred keyserver.
+               - 3 :: OpenPGP DANE.
+               - 4 :: Web Key Directory.
+               - 5 :: Import from a trusted URL.
+               - 6 :: Import from a trusted file.
+               - 7 :: Self generated.
+  - 4 octets :: Time of last update.  This is a a four-octet scalar
+                with the seconds since Epoch.
+  - 1 octet  :: Scalar with the length of the following field.
+  - N octets :: String with the URL of the source.  This may be a
+                zero-length string.
+
+  If the packets contains only two octets a Subtype of 0 is assumed;
+  this is the only format recognized by GnuPG versions < 2.1.18.
+  Trust-Value and Signature-Cache must be zero for all subtypes other
+  than SIG.
+
+
+* Keyserver helper message format
+
+  *This information is obsolete*
+  (Keyserver helpers have been replaced by dirmngr)
+
+  The keyserver may be contacted by a Unix Domain socket or via TCP.
+
+  The format of a request is:
+#+begin_example
+  command-tag
+  "Content-length:" digits
+  CRLF
+#+end_example
+
+  Where command-tag is
+
+#+begin_example
+  NOOP
+  GET <user-name>
+  PUT
+  DELETE <user-name>
+#+end_example
+
+The format of a response is:
+
+#+begin_example
+  "GNUPG/1.0" status-code status-text
+  "Content-length:" digits
+  CRLF
+#+end_example
+followed by <digits> bytes of data
+
+Status codes are:
+
+  - 1xx :: Informational - Request received, continuing process
+
+  - 2xx :: Success - The action was successfully received, understood,
+           and accepted
+
+  - 4xx :: Client Error - The request contains bad syntax or cannot be
+           fulfilled
+
+  - 5xx :: Server Error - The server failed to fulfill an apparently
+           valid request
+
+
+* Object identifiers
+
+  OIDs below the GnuPG arc:
+
+#+begin_example
+  1.3.6.1.4.1.11591.2          GnuPG
+  1.3.6.1.4.1.11591.2.1          notation
+  1.3.6.1.4.1.11591.2.1.1          pkaAddress
+  1.3.6.1.4.1.11591.2.2          X.509 extensions
+  1.3.6.1.4.1.11591.2.2.1          standaloneCertificate
+  1.3.6.1.4.1.11591.2.2.2          wellKnownPrivateKey
+  1.3.6.1.4.1.11591.2.12242973   invalid encoded OID
+#+end_example
+
+
+
+* Debug flags
+
+This tables gives the flag values for the --debug option along with
+the alternative names used by the components.
+
+|       | gpg     | gpgsm   | agent   | scd     | dirmngr | g13     | wks     |
+|-------+---------+---------+---------+---------+---------+---------+---------|
+|     1 | packet  | x509    |         |         | x509    | mount   | mime    |
+|     2 | mpi     | mpi     | mpi     | mpi     |         |         | parser  |
+|     4 | crypto  | crypto  | crypto  | crypto  | crypto  | crypto  | crypto  |
+|     8 | filter  |         |         |         |         |         |         |
+|    16 | iobuf   |         |         |         | dns     |         |         |
+|    32 | memory  | memory  | memory  | memory  | memory  | memory  | memory  |
+|    64 | cache   | cache   | cache   | cache   | cache   |         |         |
+|   128 | memstat | memstat | memstat | memstat | memstat | memstat | memstat |
+|   256 | trust   |         |         |         |         |         |         |
+|   512 | hashing | hashing | hashing | hashing | hashing |         |         |
+|  1024 | ipc     | ipc     | ipc     | ipc     | ipc     | ipc     | ipc     |
+|  2048 |         |         |         | cardio  | network |         |         |
+|  4096 | clock   |         |         | reader  |         |         |         |
+|  8192 | lookup  |         |         |         | lookup  |         |         |
+| 16384 | extprog |         |         |         |         |         | extprog |
+
+Description of some debug flags:
+
+  - cardio :: Used by scdaemon to trace the APDUs exchange with the
+              card.
+  - clock  :: Show execution times of certain functions.
+  - crypto :: Trace crypto operations.
+  - hashing :: Create files with the hashed data.
+  - ipc :: Trace the Assuan commands.
+  - mpi :: Show the values of the MPIs.
+  - reader :: Used by scdaemon to trace card reader related code.  For
+              example: Open and close reader.
+
+
+
+* Miscellaneous notes
+
+** v3 fingerprints
+   For packet version 3 we calculate the keyids this way:
+    - RSA :: Low 64 bits of n
+    - ELGAMAL :: Build a v3 pubkey packet (with CTB 0x99) and
+                 calculate a RMD160 hash value from it. This is used
+                 as the fingerprint and the low 64 bits are the keyid.
+
+** Simplified revocation certificates
+  Revocation certificates consist only of the signature packet;
+  "--import" knows how to handle this.  The rationale behind it is to
+  keep them small.
+
+** Documentation on HKP (the http keyserver protocol):
+
+   A minimalistic HTTP server on port 11371 recognizes a GET for
+   /pks/lookup.  The standard http URL encoded query parameters are
+   this (always key=value):
+
+   - op=index (like pgp -kv), op=vindex (like pgp -kvv) and op=get (like
+     pgp -kxa)
+
+   - search=<stringlist>. This is a list of words that must occur in the key.
+     The words are delimited with space, points, @ and so on. The delimiters
+     are not searched for and the order of the words doesn't matter (but see
+     next option).
+
+   - exact=on. This switch tells the hkp server to only report exact matching
+     keys back. In this case the order and the "delimiters" are important.
+
+   - fingerprint=on. Also reports the fingerprints when used with 'index' or
+     'vindex'
+
+   The keyserver also recognizes http-POSTs to /pks/add. Use this to upload
+   keys.
+
+
+   A better way to do this would be a request like:
+
+      /pks/lookup/<gnupg_formatierte_user_id>?op=<operation>
+
+   This can be implemented using Hurd's translator mechanism.
+   However, I think the whole keyserver stuff has to be re-thought;
+   I have some ideas and probably create a white paper.
+** Algorithm names for the "keygen.algo" prompt
+
+  When using a --command-fd controlled key generation or "addkey"
+  there is way to know the number to enter on the "keygen.algo"
+  prompt.  The displayed numbers are for human reception and may
+  change with releases.  To provide a stable way to enter a desired
+  algorithm choice the prompt also accepts predefined names for the
+  algorithms, which will not change.
+
+   | Name    | No | Description                     |
+   |---------+----+---------------------------------|
+   | rsa+rsa |  1 | RSA and RSA (default)           |
+   | dsa+elg |  2 | DSA and Elgamal                 |
+   | dsa     |  3 | DSA (sign only)                 |
+   | rsa/s   |  4 | RSA (sign only)                 |
+   | elg     |  5 | Elgamal (encrypt only)          |
+   | rsa/e   |  6 | RSA (encrypt only)              |
+   | dsa/*   |  7 | DSA (set your own capabilities) |
+   | rsa/*   |  8 | RSA (set your own capabilities) |
+   | ecc+ecc |  9 | ECC and ECC                     |
+   | ecc/s   | 10 | ECC (sign only)                 |
+   | ecc/*   | 11 | ECC (set your own capabilities) |
+   | ecc/e   | 12 | ECC (encrypt only)              |
+   | keygrip | 13 | Existing key                    |
+
+   If one of the "foo/*" names are used a "keygen.flags" prompt needs
+   to be answered as well.  Instead of toggling the predefined flags,
+   it is also possible to set them direct: Use a "=" character
+   directly followed by a combination of "a" (for authentication), "s"
+   (for signing), or "c" (for certification).
diff --git a/msys2/usr/share/doc/gnupg/FAQ b/msys2/usr/share/doc/gnupg/FAQ
new file mode 100644
index 000000000..309788c1f
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/FAQ
@@ -0,0 +1,13 @@
+GnuPG Frequently Asked Questions
+
+A FAQ is a fast moving target and thus we don't distribute it anymore
+with GnuPG.  You may retrieve the current FAQ in HTML format at
+
+  https://gnupg.org/faq/gnupg-faq.html
+
+or in plain text format at
+
+  https://gnupg.org/faq/gnupg-faq.txt
+
+
+
diff --git a/msys2/usr/share/doc/gnupg/HACKING b/msys2/usr/share/doc/gnupg/HACKING
new file mode 100644
index 000000000..bd1685678
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/HACKING
@@ -0,0 +1,433 @@
+# HACKING                                                       -*- org -*-
+#+TITLE: A Hacker's Guide to GnuPG
+#+TEXT: Some notes on GnuPG internals
+#+STARTUP: showall
+#+OPTIONS: ^:{}
+
+* How to contribute
+
+  The following stuff explains some basic procedures you need to
+  follow if you want to contribute code or documentation.
+
+** No more ChangeLog files
+
+Do not modify any of the ChangeLog files in GnuPG.  Starting on
+December 1st, 2011 we put change information only in the GIT commit
+log, and generate a top-level ChangeLog file from logs at "make dist"
+time.  As such, there are strict requirements on the form of the
+commit log messages.  The old ChangeLog files have all be renamed to
+ChangeLog-2011
+
+** Commit log requirements
+
+Your commit log should always start with a one-line summary, the
+second line should be blank, and the remaining lines are usually
+ChangeLog-style entries for all affected files.  However, it's fine
+--- even recommended --- to write a few lines of prose describing the
+change, when the summary and ChangeLog entries don't give enough of
+the big picture.  Omit the leading TABs that you are seeing in a
+"real" ChangeLog file, but keep the maximum line length at 72 or
+smaller, so that the generated ChangeLog lines, each with its leading
+TAB, will not exceed 80 columns.  If you want to add text which shall
+not be copied to the ChangeLog, separate it by a line consisting of
+two dashes at the begin of a line.
+
+The one-line summary usually starts with a keyword to identify the
+mainly affected subsystem.  If more than one keyword is required the
+are delimited by a comma (e.g. =scd,w32:=). Commonly found keywords
+are
+
+ - agent   :: The gpg-agent component
+ - build   :: Changes to the build system
+ - ccid    :: The CCID driver in scdaemon
+ - common  :: Code in common
+ - dirmngr :: The dirmngr component
+ - doc     :: Documentation changes
+ - gpg     :: The gpg or gpgv components
+ - sm      :: The gpgsm component (also "gpgsm")
+ - gpgscm  :: The regression test driver
+ - indent  :: Indentation and similar changes
+ - iobuf   :: The IOBUF system in common
+ - po      :: Translations
+ - scd     :: The scdaemon component
+ - speedo  :: Speedo build system specific changes
+ - ssh     :: The ssh-agent part of the agent
+ - tests   :: The regressions tests
+ - tools   :: Other code in tools
+ - w32     :: Windows related code
+ - wks     :: The web key service tools
+ - yat2m   :: The yat2m tool.
+
+Typo fixes and documentation updates don't need a ChangeLog entry;
+thus you would use a commit message like
+
+#+begin_example
+doc: Fix typo in a comment
+
+--
+#+end_example
+
+The marker line here is important; without it the first line would
+appear in the ChangeLog.
+
+If you exceptionally need to have longer lines in a commit log you may
+do this after this scissor line:
+#+begin_example
+# ------------------------ >8 ------------------------
+#+end_example
+(hash, blank, 24 dashes, blank, scissor, blank, 24 dashes).
+Note that such a comment will be removed if the git commit option
+=--cleanup=scissor= is used.
+
+** License policy
+
+  GnuPG is licensed under the GPLv3+ with some files under a mixed
+  LGPLv3+/GPLv2+ license.  It is thus important, that all contributed
+  code allows for an update of the license; for example we can't
+  accept code under the GPLv2(only).
+
+  GnuPG used to have a strict policy of requiring copyright
+  assignments to the FSF.  To avoid this major organizational overhead
+  and to allow inclusion of code, not copyrighted by the FSF, this
+  policy has been relaxed on 2013-03-29.  It is now also possible to
+  contribute code by asserting that the contribution is in accordance
+  to the "Libgcrypt Developer's Certificate of Origin" as found in the
+  file "DCO".  (Except for a slight wording change, this DCO is
+  identical to the one used by the Linux kernel.)
+
+  If you want to contribute code or documentation to GnuPG and you
+  didn't sign a copyright assignment with the FSF in the past, you
+  need to take these simple steps:
+
+  - Decide which mail address you want to use.  Please have your real
+    name in the address and not a pseudonym.  Anonymous contributions
+    can only be done if you find a proxy who certifies for you.
+
+  - If your employer or school might claim ownership of code written
+    by you; you need to talk to them to make sure that you have the
+    right to contribute under the DCO.
+
+  - Send an OpenPGP signed mail to the gnupg-devel@gnupg.org mailing
+    list from your mail address.  Include a copy of the DCO as found
+    in the official master branch.  Insert your name and email address
+    into the DCO in the same way you want to use it later.  Example:
+
+      Signed-off-by: Joe R. Hacker <joe@example.org>
+
+    (If you really need it, you may perform simple transformations of
+    the mail address: Replacing "@" by " at " or "." by " dot ".)
+
+  - That's it.  From now on you only need to add a "Signed-off-by:"
+    line with your name and mail address to the commit message.  It is
+    recommended to send the patches using a PGP/MIME signed mail.
+
+** Coding standards
+
+  Please follow the GNU coding standards.  If you are in doubt consult
+  the existing code as an example.  Do no re-indent code without a
+  need.  If you really need to do it, use a separate commit for such a
+  change.
+
+  - Only certain C99 features may be used (see below); in general
+    stick to C90.
+  - Please do not use C++ =//= style comments.
+  - Do not use comments like:
+#+begin_src
+      if (foo)
+        /* Now that we know that foo is true we can call bar.  */
+        bar ();
+#+end_src
+    instead write the comment on the if line or before it.  You may
+    also use a block and put the comment inside.
+  - Please use asterisks on the left of longer comments.  This makes
+    it easier to read without syntax highlighting, on printouts, and
+    for blind people.
+  - Try to fit lines into 80 columns.
+  - Ignore signed/unsigned pointer mismatches
+  - No arithmetic on void pointers; cast to char* first.
+  - Do not use
+#+begin_src
+      if ( 42 == foo )
+#+end_src
+    this is harder to read and modern compilers are pretty good in
+    detecing accidential assignments.  It is also suggested not to
+    compare to 0 or NULL but to test the value direct or with a '!';
+    this makes it easier to see that a boolean test is done.
+  - We use our own printf style functions like =es_printf=, and
+    =gpgrt_asprintf= (or the =es_asprintf= macro) which implement most
+    C99 features with the exception of =wchar_t= (which should anyway
+    not be used).  Please use them always and do not resort to those
+    provided by libc.  The rationale for using them is that we know
+    that the format specifiers work on all platforms and that we do
+    not need to chase platform dependent bugs.  Note also that in
+    gnupg asprintf is a macro already evaluating to gpgrt_asprintf.
+  - It is common to have a label named "leave" for a function's
+    cleanup and return code.  This helps with freeing memory and is a
+    convenient location to set a breakpoint for debugging.
+  - Always use xfree() instead of free().  If it is not easy to see
+    that the freed variable is not anymore used, explicitly set the
+    variable to NULL.
+  - New code shall in general use xtrymalloc or xtrycalloc and check
+    for an error (use gpg_error_from_syserror()).
+  - Init function local variables only if needed so that the compiler
+    can do a better job in detecting uninitialized variables which may
+    indicate a problem with the code.
+  - Never init static or file local variables to 0 to make sure they
+    end up in BSS.
+  - Put extra parenthesis around terms with binary operators to make
+    it clear that the binary operator was indeed intended.
+  - Use --enable-maintainer-mode with configure so that all suitable
+    warnings are enabled.
+
+** Variable names
+
+  Follow the GNU standards.  Here are some conventions you may want to
+  stick to (do not rename existing "wrong" uses without a goog
+  reason).
+
+  - err :: This conveys an error code of type =gpg_error_t= which is
+           compatible to an =int=.  To compare such a variable to a
+           GPG_ERR_ constant, it is necessary to map the value like
+           this: =gpg_err_code(err)=.
+  - ec  :: This is used for a gpg-error code which has no source part
+           (=gpg_err_code_t=) and will eventually be used as input to
+           =gpg_err_make=.
+  - rc  :: Used for all kind of other errors; for example system
+           calls.  The value is not compatible with gpg-error.
+
+
+*** C99 language features
+
+  In GnuPG 2.x, but *not in 1.4* and not in most libraries, a limited
+  set of C99 features may be used:
+
+  - Variadic macros:
+    : #define foo(a,...)  bar(a, __VA_ARGS__)
+
+  - The predefined macro =__func__=:
+    : log_debug ("%s: Problem with foo\n", __func__);
+
+  - Variable declaration inside a for():
+    : for (int i = 0; i < 5; ++)
+    :   bar (i);
+
+  Although we usually make use of the =u16=, =u32=, and =u64= types,
+  it is also possible to include =<stdint.h>= and use =int16_t=,
+  =int32_t=, =int64_t=, =uint16_t=, =uint32_t=, and =uint64_t=.  But do
+  not use =int8_t= or =uint8_t=.
+
+** Commit log keywords
+
+  - GnuPG-bug-id :: Values are comma or space delimited bug numbers
+                    from bug.gnupg.org pertaining to this commit.
+  - Debian-bug-id :: Same as above but from the Debian bug tracker.
+  - CVE-id :: CVE id number pertaining to this commit.
+  - Regression-due-to :: Commit id of the regression fixed by this commit.
+  - Fixes-commit :: Commit id this commit fixes.
+  - Updates-commit :: Commit id this commit updates.
+  - Reported-by :: Value is a name or mail address of a bug reporte.
+  - Suggested-by :: Value is a name or mail address of someone how
+                    suggested this change.
+  - Co-authored-by :: Name or mail address of a co-author
+  - Some-comments-by :: Name or mail address of the author of
+                        additional comments (commit log or code).
+  - Proofread-by :: Sometimes used by translation commits.
+  - Signed-off-by :: Name or mail address of the developer
+
+* Windows
+** How to build an installer for Windows
+
+   Your best bet is to use a decent Debian System for development.
+   You need to install a long list of tools for building.  This list
+   still needs to be compiled.  However, the build process will stop
+   if a tool is missing.  GNU make is required (on non GNU systems
+   often installed as "gmake").  The installer requires a couple of
+   extra software to be available either as tarballs or as local git
+   repositories.  In case this file here is part of a gnupg-w32-2.*.xz
+   complete tarball as distributed from the same place as a binary
+   installer, all such tarballs are already included.
+
+   Cd to the GnuPG source directory and use one of one of these
+   command:
+
+   - If sources are included (gnupg-w32-*.tar.xz)
+
+     make -f build-aux/speedo.mk WHAT=this installer
+
+   - To build from tarballs
+
+     make -f build-aux/speedo.mk WHAT=release TARBALLS=TARDIR installer
+
+   - To build from local GIT repos
+
+     make -f build-aux/speedo.mk WHAT=git TARBALLS=TARDIR installer
+
+   Note that also you need to supply tarballs with supporting
+   libraries even if you build from git.  The makefile expects only
+   the core GnuPG software to be available as local GIT repositories.
+   speedo.mk has the versions of the tarballs and the branch names of
+   the git repositories.  In case of problems, don't hesitate to ask
+   on the gnupg-devel mailing for help.
+
+* Debug hints
+
+  See the manual for some hints.
+
+* Standards
+** RFCs
+
+1423  Privacy Enhancement for Internet Electronic Mail:
+      Part III: Algorithms, Modes, and Identifiers.
+
+1489  Registration of a Cyrillic Character Set.
+
+1750  Randomness Recommendations for Security.
+
+1991  PGP Message Exchange Formats (obsolete)
+
+2144  The CAST-128 Encryption Algorithm.
+
+2279  UTF-8, a transformation format of ISO 10646.
+
+2440  OpenPGP (obsolete).
+
+3156  MIME Security with Pretty Good Privacy (PGP).
+
+4880  Current OpenPGP specification.
+
+6337  Elliptic Curve Cryptography (ECC) in OpenPGP
+
+* Various information
+
+** Directory Layout
+
+  - ./	      :: Readme, configure
+  - ./agent   :: Gpg-agent and related tools
+  - ./doc     :: Documentation
+  - ./g10     :: Gpg program here called gpg2
+  - ./sm      :: Gpgsm program
+  - ./jnlib   :: Not used (formerly used utility functions)
+  - ./common  :: Utility functions
+  - ./kbx     :: Keybox library
+  - ./scd     :: Smartcard daemon
+  - ./scripts :: Scripts needed by configure and others
+  - ./dirmngr :: The directory manager
+
+** Detailed Roadmap
+
+  This list of files is not up to date!
+
+  - g10/gpg.c :: Main module with option parsing and all the stuff you
+                 have to do on startup.  Also has the exit handler and
+                 some helper functions.
+
+  - g10/parse-packet.c ::
+  - g10/build-packet.c ::
+  - g10/free-packet.c :: Parsing and creating of OpenPGP message packets.
+
+  - g10/getkey.c   :: Key selection code
+  - g10/pkclist.c  :: Build a list of public keys
+  - g10/skclist.c  :: Build a list of secret keys
+  - g10/keyring.c  :: Keyring access functions
+  - g10/keydb.h    ::
+
+  - g10/keyid.c	  :: Helper functions to get the keyid, fingerprint etc.
+
+  - g10/trustdb.c :: Web-of-Trust computations
+  - g10/trustdb.h ::
+  - g10/tdbdump.c :: Export/import/list the trustdb.gpg
+  - g10/tdbio.c   :: I/O handling for the trustdb.gpg
+  - g10/tdbio.h   ::
+
+  - g10/compress.c :: Filter to handle compression
+  - g10/filter.h   :: Declarations for all filter functions
+  - g10/delkey.c   :: Delete a key
+  - g10/kbnode.c   :: Helper for the kbnode_t linked list
+  - g10/main.h     :: Prototypes and some constants
+  - g10/mainproc.c :: Message processing
+  - g10/armor.c    :: Ascii armor filter
+  - g10/mdfilter.c :: Filter to calculate hashs
+  - g10/textfilter.c :: Filter to handle CR/LF and trailing white space
+  - g10/cipher.c   :: En-/Decryption filter
+  - g10/misc.c     :: Utility functions
+  - g10/options.h  :: Structure with all the command line options
+                      and related constants
+  - g10/openfile.c :: Create/Open Files
+  - g10/keyserver.h :: Keyserver access dispatcher.
+  - g10/packet.h   :: Definition of OpenPGP structures.
+  - g10/passphrase.c :: Passphrase handling code
+
+  - g10/pubkey-enc.c :: Process a public key encoded packet.
+  - g10/seckey-cert.c :: Not anymore used
+  - g10/seskey.c     :: Make session keys etc.
+  - g10/import.c     :: Import keys into our key storage.
+  - g10/export.c     :: Export keys to the OpenPGP format.
+  - g10/sign.c       :: Create signature and optionally encrypt.
+  - g10/plaintext.c  :: Process plaintext packets.
+  - g10/decrypt-data.c :: Decrypt an encrypted data packet
+  - g10/encrypt.c    :: Main encryption driver
+  - g10/revoke.c     :: Create recovation certificates.
+  - g10/keylist.c    :: Print information about OpenPGP keys
+  - g10/sig-check.c  :: Check a signature
+  - g10/helptext.c   :: Show online help texts
+  - g10/verify.c     :: Verify signed data.
+  - g10/decrypt.c    :: Decrypt and verify data.
+  - g10/keyedit.c    :: Edit properties of a key.
+  - g10/dearmor.c    :: Armor utility.
+  - g10/keygen.c     :: Generate a key pair
+
+** Memory allocation
+
+Use only the functions:
+
+ - xmalloc
+ - xmalloc_secure
+ - xtrymalloc
+ - xtrymalloc_secure
+ - xcalloc
+ - xcalloc_secure
+ - xtrycalloc
+ - xtrycalloc_secure
+ - xrealloc
+ - xtryrealloc
+ - xstrdup
+ - xtrystrdup
+ - xfree
+
+
+The *secure versions allocate memory in the secure memory.  That is,
+swapping out of this memory is avoided and is gets overwritten on
+free.  Use this for passphrases, session keys and other sensitive
+material.  This memory set aside for secure memory is linited to a few
+k.  In general the function don't print a memeory message and
+terminate the process if there is not enough memory available.  The
+"try" versions of the functions return NULL instead.
+
+** Logging
+
+ TODO
+
+** Option parsing
+
+GnuPG does not use getopt or GNU getopt but functions of it's own.
+See util/argparse.c for details.  The advantage of these functions is
+that it is more easy to display and maintain the help texts for the
+options.  The same option table is also used to parse resource files.
+
+** What is an IOBUF
+
+This is the data structure used for most I/O of gnupg. It is similar
+to System V Streams but much simpler.  Because OpenPGP messages are
+nested in different ways; the use of such a system has big advantages.
+Here is an example, how it works: If the parser sees a packet header
+with a partial length, it pushes the block_filter onto the IOBUF to
+handle these partial length packets: from now on you don't have to
+worry about this.  When it sees a compressed packet it pushes the
+uncompress filter and the next read byte is one which has already been
+uncompressed by this filter. Same goes for enciphered packet,
+plaintext packets and so on.  The file g10/encode.c might be a good
+starting point to see how it is used - actually this is the other way:
+constructing messages using pushed filters but it may be easier to
+understand.
+
+
diff --git a/msys2/usr/share/doc/gnupg/KEYSERVER b/msys2/usr/share/doc/gnupg/KEYSERVER
new file mode 100644
index 000000000..f63200a6b
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/KEYSERVER
@@ -0,0 +1,83 @@
+Format of keyserver colon listings
+==================================
+
+David Shaw <dshaw@jabberwocky.com>
+
+The machine readable response begins with an optional information
+line:
+
+info:<version>:<count>
+
+<version> = this is the version of this protocol.  Currently, this is
+	    the number 1.
+
+<count> = the number of keys returned in this response.  Note this is
+	  the number of keys, and not the number of lines returned.
+	  It should match the number of "pub:" lines returned.
+
+If this optional line is not included, or the version information is
+not supplied, the version number is assumed to be 1.
+
+The key listings are made up of several lines per key.  The first line
+is for the primary key:
+
+pub:<fingerprint>:<algo>:<keylen>:<creationdate>:<expirationdate>:<flags>
+
+<fingerprint> = this is either the fingerprint or the keyid of the
+                key.  Either the 16-digit or 8-digit keyids are
+                acceptable, but obviously the fingerprint is best.
+                Since it is not possible to calculate the keyid from a
+                V3 key fingerprint, for V3 keys this should be either
+                the 16-digit or 8-digit keyid only.
+
+<algo> = the algorithm number from RFC-2440.  (i.e. 1==RSA, 17==DSA,
+         etc).
+
+<keylen> = the key length (i.e. 1024, 2048, 4096, etc.)
+
+<creationdate> = creation date of the key in standard RFC-2440 form
+	         (i.e. number of seconds since 1/1/1970 UTC time)
+
+<expirationdate> = expiration date of the key in standard RFC-2440
+	         form (i.e. number of seconds since 1/1/1970 UTC time)
+
+<flags> = letter codes to indicate details of the key, if any.  Flags
+	  may be in any order.
+
+	  r == revoked
+	  d == disabled
+	  e == expired
+
+Following the "pub" line are one or more "uid" lines to indicate user
+IDs on the key:
+
+uid:<escaped uid string>:<creationdate>:<expirationdate>:<flags>
+
+<escaped uid string> == the user ID string, with HTTP %-escaping for
+			anything that isn't 7-bit safe as well as for
+			the ":" character.  Any other characters may
+			be escaped, as desired.
+
+creationdate, expirationdate, and flags mean the same here as before.
+The information is taken from the self-sig, if any, and applies to the
+user ID in question, and not to the key as a whole.
+
+Details:
+
+* All characters except for the <escaped uid string> are
+  case-insensitive.
+
+* Obviously, on a keyserver without integrated crypto, many of the
+  items given here are not fully trustworthy until the key is
+  downloaded and signatures checked.  For example, the information
+  that a key is flagged "r" for revoked should be treated as
+  untrustworthy information until the key is checked on the client
+  side.
+
+* Empty fields are allowed.  For example, a key with no expiration
+  date would have the <expirationdate> field empty.  Also, a keyserver
+  that does not track a particular piece of information may leave that
+  field empty as well.  I expect that the creation and expiration
+  dates for user IDs will be left empty in current keyservers.  Colons
+  for empty fields on the end of each line may be left off, if
+  desired.
diff --git a/msys2/usr/share/doc/gnupg/OpenPGP b/msys2/usr/share/doc/gnupg/OpenPGP
new file mode 100644
index 000000000..794f6694e
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/OpenPGP
@@ -0,0 +1,116 @@
+		    GnuPG and OpenPGP
+		    =================
+
+   See RFC-4880 for a description of OpenPGP.  These notes are older
+   than RFC-4880 and refer to the predecessor of the specs (RFC-2440).
+
+
+  Compatibility Notes
+  ===================
+   GnuPG (>=1.0.3) is in compliance with RFC2440 despite these exceptions:
+
+    * With GnuPG >= 2.1.0 all support for version 3 keys has been
+      removed.  Thus there is no more compatibility with PGP-2.  Users
+      who need to be able to decrypt old PGP 2 messages should use
+      GnuPG 1.4.x along with the option --allow-weak-digest-algos.
+
+    * With GnuPG >= 2.1.0 all signatures (on messages and keys) are
+      created using version 4 signatures.  Support for verifying
+      version 3 signature is still available.
+
+    * (9.2) states that IDEA SHOULD be implemented.  This is not done
+      due to patent problems.
+      UPDATE: Since version 1.4.13 (or GnuPG 2.x with Libgcrypt 1.6)
+              IDEA support has been added to allow decryption of old
+              PGP-2 encrypted material.
+
+   All MAY features are implemented with this exception:
+
+    * multi-part armored messages are not supported.
+      MIME (rfc2015) should be used instead.
+
+   Most of the OPTIONAL stuff is implemented.
+
+   There are a couple of options which can be used to override some
+   RFC requirements.  This is always mentioned with the description
+   of that options.
+
+   A special format of partial packet length exists for v3 packets
+   which can be considered to be in compliance with RFC1991;  this
+   format is only created if a special option is active.
+   UPDATE: This support has been removed with version 1.3.6.
+
+   GnuPG uses a S2K mode of 101 for GNU extensions to the secret key
+   protection algorithms.  This number is not defined in OpenPGP, but
+   given that this number is in a range which is used at many other
+   places in OpenPGP for private/experimental algorithm identifiers,
+   this should be not a too bad choice.  The 3 bytes "GNU" are used to
+   identify this as a GNU extension - see the file DETAILS for a
+   definition of the used data formats.
+
+
+  Some Notes on OpenPGP / PGP Compatibility:
+  ==========================================
+
+     * PGP 5.x does not accept V4 signatures for anything other than
+       key material.  The GnuPG option --force-v3-sigs mimics this
+       behavior.
+
+     * PGP 5.x does not recognize the "five-octet" lengths in
+       new-format headers or in signature subpacket lengths.
+
+     * PGP 5.0 rejects an encrypted session key if the keylength
+       differs from the S2K symmetric algorithm. This is a bug in its
+       validation function.
+
+     * PGP 5.0 does not handle multiple one-pass signature headers and
+       trailers. Signing one will compress the one-pass signed literal
+       and prefix a V3 signature instead of doing a nested one-pass
+       signature.
+
+     * When exporting a private key, PGP 2.x generates the header
+       "BEGIN PGP SECRET KEY BLOCK" instead of "BEGIN PGP PRIVATE KEY
+       BLOCK". All previous versions ignore the implied data type, and
+       look directly at the packet data type.
+
+     * In a clear-signed signature, PGP 5.0 will figure out the correct
+       hash algorithm if there is no "Hash:" header, but it will reject
+       a mismatch between the header and the actual algorithm used. The
+       "standard" (i.e. Zimmermann/Finney/et al.) version of PGP 2.x
+       rejects the "Hash:" header and assumes MD5. There are a number
+       of enhanced variants of PGP 2.6.x that have been modified for
+       SHA-1 signatures.
+
+     * PGP 5.0 can read an RSA key in V4 format, but can only recognize
+       it with a V3 keyid, and can properly use only a V3 format RSA
+       key.
+
+     * Neither PGP 5.x nor PGP 6.0 recognize ElGamal Encrypt and Sign
+       keys. They only handle ElGamal Encrypt-only keys.
+
+
+  Parts of this document are taken from:
+  ======================================
+
+			 OpenPGP Message Format
+		   draft-ietf-openpgp-formats-07.txt
+
+
+   Copyright 1998 by The Internet Society. All Rights Reserved.
+
+   This document and translations of it may be copied and furnished to
+   others, and derivative works that comment on or otherwise explain it
+   or assist in its implementation may be prepared, copied, published
+   and distributed, in whole or in part, without restriction of any
+   kind, provided that the above copyright notice and this paragraph
+   are included on all such copies and derivative works.  However, this
+   document itself may not be modified in any way, such as by removing
+   the copyright notice or references to the Internet Society or other
+   Internet organizations, except as needed for the purpose of
+   developing Internet standards in which case the procedures for
+   copyrights defined in the Internet Standards process must be
+   followed, or as required to translate it into languages other than
+   English.
+
+   The limited permissions granted above are perpetual and will not be
+   revoked by the Internet Society or its successors or assigns.
diff --git a/msys2/usr/share/doc/gnupg/README b/msys2/usr/share/doc/gnupg/README
new file mode 100644
index 000000000..85639a4b1
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/README
@@ -0,0 +1,258 @@
+                       The GNU Privacy Guard 2
+                      =========================
+                             Version 2.2
+
+          Copyright 1997-2019 Werner Koch
+          Copyright 1998-2019 Free Software Foundation, Inc.
+
+
+* INTRODUCTION
+
+  GnuPG is a complete and free implementation of the OpenPGP standard
+  as defined by RFC4880 (also known as PGP).  GnuPG enables encryption
+  and signing of data and communication, and features a versatile key
+  management system as well as access modules for public key
+  directories.
+
+  GnuPG, also known as GPG, is a command line tool with features for
+  easy integration with other applications.  A wealth of frontend
+  applications and libraries are available that make use of GnuPG.
+  Starting with version 2 GnuPG provides support for S/MIME and Secure
+  Shell in addition to OpenPGP.
+
+  GnuPG is Free Software (meaning that it respects your freedom). It
+  can be freely used, modified and distributed under the terms of the
+  GNU General Public License.
+
+  Note that the 2.0 series of GnuPG reached end-of-life on 2017-12-31.
+  It is not possible to install a 2.2.x version along with any 2.0.x
+  version.
+
+* BUILD INSTRUCTIONS
+
+  GnuPG 2.2 depends on the following GnuPG related packages:
+
+    npth         (https://gnupg.org/ftp/gcrypt/npth/)
+    libgpg-error (https://gnupg.org/ftp/gcrypt/libgpg-error/)
+    libgcrypt    (https://gnupg.org/ftp/gcrypt/libgcrypt/)
+    libksba      (https://gnupg.org/ftp/gcrypt/libksba/)
+    libassuan    (https://gnupg.org/ftp/gcrypt/libassuan/)
+
+  You should get the latest versions of course, the GnuPG configure
+  script complains if a version is not sufficient.
+
+  For some advanced features several other libraries are required.
+  The configure script prints diagnostic messages if one of these
+  libraries is not available and a feature will not be available..
+
+  You also need the Pinentry package for most functions of GnuPG;
+  however it is not a build requirement.  Pinentry is available at
+  https://gnupg.org/ftp/gcrypt/pinentry/ .
+
+  After building and installing the above packages in the order as
+  given above, you may continue with GnuPG installation (you may also
+  just try to build GnuPG to see whether your already installed
+  versions are sufficient).
+
+  As with all packages, you just have to do
+
+    ./configure
+    make
+    make check
+    make install
+
+  The "make check" is optional but highly recommended.  To run even
+  more tests you may add "--enable-all-tests" to the configure run.
+  Before running the "make install" you might need to become root.
+
+  If everything succeeds, you have a working GnuPG with support for
+  OpenPGP, S/MIME, ssh-agent, and smartcards.  Note that there is no
+  binary gpg but a gpg2 so that this package won't conflict with a
+  GnuPG 1.4 installation.  gpg2 behaves just like gpg.
+
+  In case of problem please ask on the gnupg-users@gnupg.org mailing
+  list for advise.
+
+  Instruction on how to build for Windows can be found in the file
+  doc/HACKING in the section "How to build an installer for Windows".
+  This requires some experience as developer.
+
+  Note that the PKITS tests are always skipped unless you copy the
+  PKITS test data file into the tests/pkits directory.  There is no
+  need to run these test and some of them may even fail because the
+  test scripts are not yet complete.
+
+  You may run
+
+    gpgconf --list-dirs
+
+  to view the default directories used by GnuPG.
+
+  To quickly build all required software without installing it, the
+  Speedo method may be used:
+
+    make -f build-aux/speedo.mk  native
+
+  This method downloads all required libraries and does a native build
+  of GnuPG to PLAY/inst/.  GNU make is required and you need to set
+  LD_LIBRARY_PATH to $(pwd)/PLAY/inst/lib to test the binaries.
+
+** Specific build problems on some machines:
+
+*** Apple OSX 10.x using XCode
+
+  On some versions the correct location of a header file can't be
+  detected by configure.  To fix that you should run configure like
+  this
+
+    ./configure  gl_cv_absolute_stdint_h=/usr/include/stdint.h
+
+  Add other options as needed.
+
+
+*** Systems without a full C99 compiler
+
+  If you run into problems with your compiler complaining about dns.c
+  you may use
+
+    ./configure --disable-libdns
+
+  Add other options as needed.
+
+* MIGRATION from 1.4 or 2.0 to 2.2
+
+  The major change in 2.2 is gpg-agent taking care of the OpenPGP
+  secret keys (those managed by GPG).  The former file "secring.gpg"
+  will not be used anymore.  Newly generated keys are stored in the
+  agent's key store directory "~/.gnupg/private-keys-v1.d/".  The
+  first time gpg needs a secret key it checks whether a "secring.gpg"
+  exists and copies them to the new store.  The old secring.gpg is
+  kept for use by older versions of gpg.
+
+  Note that gpg-agent now uses a fixed socket.  All tools will start
+  the gpg-agent as needed.  The formerly used environment variable
+  GPG_AGENT_INFO is ignored by 2.2.  The SSH_AUTH_SOCK environment
+  variable should be set to a fixed value.
+
+  The Dirmngr is now part of GnuPG proper and also used to access
+  OpenPGP keyservers.  The directory layout of Dirmngr changed to make
+  use of the GnuPG directories.  Dirmngr is started by gpg or gpgsm as
+  needed. There is no more need to install a separate Dirmngr package.
+
+  All changes introduced with GnuPG 2.2 have been developed in the 2.1
+  series of releases.  See the respective entries in the file NEWS.
+
+* RECOMMENDATIONS
+
+** Socket directory
+
+  GnuPG uses Unix domain sockets to connect its components (on Windows
+  an emulation of these sockets is used).  Depending on the type of
+  the file system, it is sometimes not possible to use the GnuPG home
+  directory (i.e. ~/.gnupg) as the location for the sockets.  To solve
+  this problem GnuPG prefers the use of a per-user directory below the
+  the /run (or /var/run) hierarchy for the the sockets.  It is thus
+  suggested to create per-user directories on system or session
+  startup.  For example the following snippet can be used in
+  /etc/rc.local to create these directories:
+
+      [ ! -d /run/user ] && mkdir /run/user
+      awk -F: </etc/passwd '$3 >= 1000 && $3 < 65000 {print $3}' \
+        | ( while read uid rest; do
+              if [ ! -d "/run/user/$uid" ]; then
+                mkdir /run/user/$uid
+                chown $uid /run/user/$uid
+                chmod 700 /run/user/$uid
+              fi
+            done )
+
+* DOCUMENTATION
+
+  The complete documentation is in the texinfo manual named
+  `gnupg.info'.  Run "info gnupg" to read it.  If you want a a
+  printable copy of the manual, change to the "doc" directory and
+  enter "make pdf" For a HTML version enter "make html" and point your
+  browser to gnupg.html/index.html.  Standard man pages for all
+  components are provided as well.  An online version of the manual is
+  available at [[https://gnupg.org/documentation/manuals/gnupg/]] .  A
+  version of the manual pertaining to the current development snapshot
+  is at [[https://gnupg.org/documentation/manuals/gnupg-devel/]] .
+
+* Installing GnuPG 2.2. and GnuPG 1.4
+
+  GnuPG 2.2 is a current version of GnuPG with state of the art
+  security design and many more features.  To install both versions
+  alongside, it is suggested to rename the 1.4 version of "gpg" to
+  "gpg1" as well as the corresponding man page.  Newer releases of the
+  1.4 branch will likely do this by default.  In case this is not
+  possible, the 2.2 version can be installed under the name "gpg2"
+  using the configure option --enable-gpg-is-gpg2.
+
+* HOW TO GET MORE INFORMATION
+
+  A description of new features and changes since version 2.1 can be
+  found in the file "doc/whats-new-in-2.1.txt" and online at
+  "https://gnupg.org/faq/whats-new-in-2.1.html" .
+
+  The primary WWW page is "https://gnupg.org"
+             or using Tor "http://ic6au7wa3f6naxjq.onion"
+  The primary FTP site is "https://gnupg.org/ftp/gcrypt/"
+
+  See [[https://gnupg.org/download/mirrors.html]] for a list of
+  mirrors and use them if possible.  You may also find GnuPG mirrored
+  on some of the regular GNU mirrors.
+
+  We have some mailing lists dedicated to GnuPG:
+
+     gnupg-announce@gnupg.org   For important announcements like new
+                                versions and such stuff.  This is a
+                                moderated list and has very low traffic.
+                                Do not post to this list.
+
+     gnupg-users@gnupg.org      For general user discussion and
+                                help (English).
+
+     gnupg-de@gnupg.org         German speaking counterpart of
+                                gnupg-users.
+
+     gnupg-ru@gnupg.org         Russian speaking counterpart of
+                                gnupg-users.
+
+     gnupg-devel@gnupg.org      GnuPG developers main forum.
+
+  You subscribe to one of the list by sending mail with a subject of
+  "subscribe" to x-request@gnupg.org, where x is the name of the
+  mailing list (gnupg-announce, gnupg-users, etc.). See
+  https://gnupg.org/documentation/mailing-lists.html for archives
+  of the mailing lists.
+
+  Please direct bug reports to [[https://bugs.gnupg.org]] or post them
+  direct to the mailing list <gnupg-devel@gnupg.org>.
+
+  Please direct questions about GnuPG to the users mailing list or one
+  of the PGP newsgroups; please do not direct questions to one of the
+  authors directly as we are busy working on improvements and bug
+  fixes.  The English and German mailing lists are watched by the
+  authors and we try to answer questions when time allows us.
+
+  Commercial grade support for GnuPG is available; for a listing of
+  offers see https://gnupg.org/service.html .  Maintaining and
+  improving GnuPG requires a lot of time.  Since 2001, g10 Code GmbH,
+  a German company owned and headed by GnuPG's principal author Werner
+  Koch, is bearing the majority of these costs.  To keep GnuPG in a
+  healthy state, they need your support.
+
+  Please consider to donate at https://gnupg.org/donate/ .
+
+
+# This file is Free Software; as a special exception the authors gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved. For conditions
+# of the whole package, please see the file COPYING.  This file is
+# distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY, to the extent permitted by law; without even the implied
+# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+#
+# Local Variables:
+# mode:org
+# End:
diff --git a/msys2/usr/share/doc/gnupg/TRANSLATE b/msys2/usr/share/doc/gnupg/TRANSLATE
new file mode 100644
index 000000000..9bd9b089c
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/TRANSLATE
@@ -0,0 +1,61 @@
+$Id$
+
+Note for translators
+--------------------
+
+Some strings in GnuPG are for matching user input against.  These
+strings can accept multiple values that mean essentially the same
+thing.
+
+For example, the string "yes" in English is "sí" in Spanish.  However,
+some users will type "si" (without the accent).  To accommodate both
+users, you can translate the string "yes" as "sí|si".  You can have
+any number of alternate matches separated by the | character like
+"sí|si|seguro".
+
+The strings that can be handled in this way are of the form "yes|yes",
+(or "no|no", etc.) There should also be a comment in the .po file
+directing you to this file.
+
+
+Help files
+----------
+
+GnuPG provides a little help feature (entering a ? on a prompt).  This
+help used to be translated the usual way with gettext but it turned
+out that this is too inflexible and does for example not allow
+correcting little mistakes in the English text.  For some newer features
+we require editable help files anyway and thus the existing help
+strings have been moved to plain text files names "help.LL.txt".  We
+distribute these files and allow overriding them by files of that name
+in /etc/gnupg.  The syntax of these files is documented in
+doc/help.txt.  This is also the original we use to describe new
+possible online help keys.  The source files are located in doc/ and
+need to be in encoded in UTF-8.  Strings which require a translation
+are disabled like this
+
+   .#gpgsm.some.help-item
+   This string is not translated.
+
+After translation you should remove the hash mark so that the
+entry looks like.
+
+   .gpgsm.some.help-item
+   This string has been translated.
+
+The percent sign is not a special character and if there is something
+to watch out there will be a remark.
+
+
+
+Sending new or updated translations
+-----------------------------------
+
+Please note that we do not use the TP Robot but require that
+translations are to be send by mail to translations@gnupg.org.  We
+also strongly advise to get subscribed to i18n@gnupg.org and request
+assistance if it is not clear on how to translate certain strings.  A
+wrongly translated string may lead to a security problem.
+
+A copyright disclaimer to the FSF is not anymore required since
+December 2012.
diff --git a/msys2/usr/share/doc/gnupg/examples/README b/msys2/usr/share/doc/gnupg/examples/README
new file mode 100644
index 000000000..77ee80741
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/README
@@ -0,0 +1,11 @@
+Files in this directory:
+
+
+scd-event       A handler script used with scdaemon
+
+trustlist.txt   A list of trustworthy root certificates
+                (Please check yourself whether you actually trust them)
+
+gpgconf.conf    A sample configuration file for gpgconf.
+
+systemd-user    Sample files for a Linux-only init system.
diff --git a/msys2/usr/share/doc/gnupg/examples/debug.prf b/msys2/usr/share/doc/gnupg/examples/debug.prf
new file mode 100644
index 000000000..f635fc88e
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/debug.prf
@@ -0,0 +1,29 @@
+# debug.prf - Configure options for easier debugging       -*- conf -*-
+#
+# Note that the actual debug options for each component need to be set
+# manually.  Running the component with "--debug help" shows a list of
+# supported values.  To watch the logs this command can be used:
+#
+#   watchgnupg --time-only --force $(gpgconf --list-dirs socketdir)/S.log
+#
+
+[gpg]
+log-file socket://
+verbose
+#debug ipc
+
+[gpgsm]
+log-file socket://
+verbose
+#debug ipc
+
+[gpg-agent]
+log-file socket://
+verbose
+#debug ipc
+#debug-pinentry
+
+[dirmngr]
+log-file socket://
+verbose
+#debug ipc,dns
diff --git a/msys2/usr/share/doc/gnupg/examples/gpgconf.conf b/msys2/usr/share/doc/gnupg/examples/gpgconf.conf
new file mode 100644
index 000000000..95e463b6e
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/gpgconf.conf
@@ -0,0 +1,62 @@
+# gpgconf.conf - configuration for gpgconf
+#----------------------------------------------------------------------
+# This file is read by gpgconf(1) to setup defaults for all or
+# specified users and groups.  It may be used to change the hardwired
+# defaults in gpgconf and to enforce certain values for the various
+# GnuPG related configuration files.
+#
+# Empty lines and comment lines, indicated by a hash mark as first non
+# white space character, are ignored.  The line is separated by white
+# space into fields. The first field is used to match the user or
+# group and must start at the first column, the file is processed
+# sequential until a matching rule is found.  A rule may contain
+# several lines; continuation lines are indicated by a indenting them.
+#
+# Syntax of a line:
+# <key>|WS  <component> <option> ["["<flag>"]"] [<value>]
+#
+# Examples for the <key> field:
+#   foo         - Matches the user "foo".
+#   foo:        - Matches the user "foo".
+#   foo:staff   - Matches the user "foo" or the group "staff".
+#   :staff      - Matches the group "staff".
+#   *           - Matches any user.
+# All other variants are not defined and reserved for future use.
+#
+# <component> and <option> are as specified by gpgconf.
+# <flag> may be one of:
+#   default     - Delete the option so that the default is used.
+#   no-change   - Mark the field as non changeable by gpgconf.
+#   change      - Mark the field as changeable by gpgconf.
+#
+# Example file:
+#==========
+# :staff  gpg-agent min-passphrase-len 6 [change]
+#
+# *       gpg-agent min-passphrase-len [no-change] 8
+#         gpg-agent min-passphrase-nonalpha [no-change] 1
+#         gpg-agent max-passphrase-days [no-change] 700
+#         gpg-agent enable-passphrase-history [no-change]
+#         gpg-agent enforce-passphrase-constraints [default]
+#         gpg-agent enforce-passphrase-constraints [no-change]
+#         gpg-agent max-cache-ttl [no-change] 10800
+#         gpg-agent max-cache-ttl-ssh [no-change] 10800
+#         gpgsm     enable-ocsp
+#         gpg       compliance [no-change]
+#         gpgsm     compliance [no-change]
+#===========
+# All users in the group "staff" are allowed to change the value for
+# --allow-mark-trusted; gpgconf's default is not to allow a change
+# through its interface.  When "gpgconf --apply-defaults" is used,
+# "allow-mark-trusted" will get enabled and "min-passphrase-len" set
+# to 6.  All other users are not allowed to change
+# "min-passphrase-len" and "allow-mark-trusted".  When "gpgconf
+# --apply-defaults" is used for them, "min-passphrase-len" is set to
+# 8, "allow-mark-trusted" deleted from the config file and
+# "enable-ocsp" is put into the config file of gpgsm.  The latter may
+# be changed by any user.
+#-------------------------------------------------------------------
+
+
+
+
diff --git a/msys2/usr/share/doc/gnupg/examples/pwpattern.list b/msys2/usr/share/doc/gnupg/examples/pwpattern.list
new file mode 100644
index 000000000..251c2d40b
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/pwpattern.list
@@ -0,0 +1,48 @@
+# pwpattern.list                                   -*- default-generic -*-
+#
+# This is an example for a pattern file as used by gpg-check-pattern.
+# The file is line based with comment lines beginning on the *first*
+# position with a '#'.  Empty lines and lines with just spaces are
+# ignored.  The other lines may be verbatim patterns and match as they
+# are (trailing spaces are ignored) or extended regular expressions
+# indicated by a / in the first column and terminated by another / or
+# end of line.  All comparisons are case insensitive.
+ 
+# Reject the usual metavariables.  Usual not required because
+# gpg-agent can be used to reject all passphrases shorter than 8
+# charactes.
+foo
+bar
+baz
+
+# As well as very common passwords.  Note that gpg-agent can be used
+# to reject them due to missing non-alpha characters.
+password
+passwort
+passphrase
+mantra
+test
+abc
+egal
+
+# German number plates.
+/^[A-Z]{1,3}[ ]*-[ ]*[A-Z]{1,2}[ ]*[0-9]+/
+
+# Dates (very limited, only ISO dates). */
+/^[012][0-9][0-9][0-9]-[012][0-9]-[0123][0-9]$/
+
+# Arbitrary strings
+the quick brown fox jumps over the lazy dogs back
+no-password
+no password
+
+12345678
+123456789
+1234567890
+87654321
+987654321
+0987654321
+qwertyuiop
+qwertzuiop
+asdfghjkl
+zxcvbnm
diff --git a/msys2/usr/share/doc/gnupg/examples/scd-event b/msys2/usr/share/doc/gnupg/examples/scd-event
new file mode 100644
index 000000000..938465ffb
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/scd-event
@@ -0,0 +1,102 @@
+#!/bin/sh
+# Sample script for scdaemon event mechanism.
+
+#exec >>/tmp/scd-event.log
+
+PGM=scd-event
+
+reader_port=
+old_code=0x0000
+new_code=0x0000
+status=
+
+tick='`'
+prev=
+while [ $# -gt 0 ]; do
+  arg="$1"
+  case $arg in
+      -*=*) optarg=$(echo "X$arg" | sed -e '1s/^X//' -e 's/[-_a-zA-Z0-9]*=//')
+            ;;
+         *) optarg=
+            ;;
+  esac
+  if [ -n "$prev" ]; then
+    eval "$prev=\$arg"
+    prev=
+    shift
+    continue
+  fi
+  case $arg in
+      --help|-h)
+          cat <<EOF
+Usage: $PGM [options]
+$PGM is called by scdaemon on card reader status changes
+
+Options:
+  --reader-port N        Reports change for port N
+  --old-code 0xNNNN      Previous status code
+  --old-code 0xNNNN      Current status code
+  --status USABLE|ACTIVE|PRESENT|NOCARD 
+                         Human readable status code
+
+Environment:
+
+GNUPGHOME=DIR            Set to the active homedir
+
+EOF
+          exit 0
+          ;;
+    
+      --reader-port)  
+          prev=reader_port
+          ;;
+      --reader-port=*)
+          reader_port="$optarg"
+          ;;
+      --old-code)  
+          prev=old_code
+          ;;
+      --old-code=*)
+          old_code="$optarg"
+          ;;
+      --new-code)  
+          prev=new_code
+          ;;
+      --new-code=*)
+          new_code="$optarg"
+          ;;
+      --status)  
+          prev=status
+          ;;
+      --new-code=*)
+          status="$optarg"
+          ;;
+
+      -*)
+          echo "$PGM: invalid option $tick$arg'" >&2
+          exit 1
+          ;;
+
+      *)
+          break
+          ;;
+  esac
+  shift
+done
+if [ -n "$prev" ]; then
+  echo "$PGM: argument missing for option $tick$prev'" >&2
+  exit 1
+fi
+
+cat <<EOF
+========================
+port:     $reader_port
+old-code: $old_code
+new-code: $new_code
+status:   $status
+EOF
+
+if [ x$status = xUSABLE ]; then
+    gpg --batch --card-status 2>&1
+fi
+
diff --git a/msys2/usr/share/doc/gnupg/examples/systemd-user/README b/msys2/usr/share/doc/gnupg/examples/systemd-user/README
new file mode 100644
index 000000000..43122f568
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/systemd-user/README
@@ -0,0 +1,66 @@
+Socket-activated dirmngr and gpg-agent with systemd
+===================================================
+
+When used on a GNU/Linux system supervised by systemd, you can ensure
+that the GnuPG daemons dirmngr and gpg-agent are launched
+automatically the first time they're needed, and shut down cleanly at
+session logout.  This is done by enabling user services via
+socket-activation.
+
+System distributors
+-------------------
+
+The *.service and *.socket files (from this directory) should be
+placed in /usr/lib/systemd/user/ alongside other user-session services
+and sockets.
+
+To enable socket-activated dirmngr for all accounts on the system,
+use:
+
+    systemctl --user --global enable dirmngr.socket
+
+To enable socket-activated gpg-agent for all accounts on the system,
+use:
+
+    systemctl --user --global enable gpg-agent.socket
+
+Additionally, you can enable socket-activated gpg-agent ssh-agent
+emulation for all accounts on the system with:
+
+    systemctl --user --global enable gpg-agent-ssh.socket
+
+You can also enable restricted ("--extra-socket"-style) gpg-agent
+sockets for all accounts on the system with:
+
+    systemctl --user --global enable gpg-agent-extra.socket
+
+Individual users
+----------------
+
+A user on a system with systemd where this has not been installed
+system-wide can place these files in ~/.config/systemd/user/ to make
+them available.
+
+If a given service isn't installed system-wide, or if it's installed
+system-wide but not globally enabled, individual users will still need
+to enable them.  For example, to enable socket-activated dirmngr for
+all future sessions:
+
+    systemctl --user enable dirmngr.socket
+
+To enable socket-activated gpg-agent with ssh support, do:
+
+    systemctl --user enable gpg-agent.socket gpg-agent-ssh.socket
+
+These changes won't take effect until your next login after you've
+fully logged out (be sure to terminate any running daemons before
+logging out).
+
+If you'd rather try a socket-activated GnuPG daemon in an
+already-running session without logging out (with or without enabling
+it for all future sessions), kill any existing daemon and start the
+user socket directly.  For example, to set up socket-activated dirmgnr
+in the current session:
+
+    gpgconf --kill dirmngr
+    systemctl --user start dirmngr.socket
diff --git a/msys2/usr/share/doc/gnupg/examples/systemd-user/dirmngr.service b/msys2/usr/share/doc/gnupg/examples/systemd-user/dirmngr.service
new file mode 100644
index 000000000..3c060cde5
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/systemd-user/dirmngr.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=GnuPG network certificate management daemon
+Documentation=man:dirmngr(8)
+Requires=dirmngr.socket
+
+[Service]
+ExecStart=/usr/bin/dirmngr --supervised
+ExecReload=/usr/bin/gpgconf --reload dirmngr
diff --git a/msys2/usr/share/doc/gnupg/examples/systemd-user/dirmngr.socket b/msys2/usr/share/doc/gnupg/examples/systemd-user/dirmngr.socket
new file mode 100644
index 000000000..ebabf896a
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/systemd-user/dirmngr.socket
@@ -0,0 +1,11 @@
+[Unit]
+Description=GnuPG network certificate management daemon
+Documentation=man:dirmngr(8)
+
+[Socket]
+ListenStream=%t/gnupg/S.dirmngr
+SocketMode=0600
+DirectoryMode=0700
+
+[Install]
+WantedBy=sockets.target
diff --git a/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-browser.socket b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-browser.socket
new file mode 100644
index 000000000..bc8d344e1
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-browser.socket
@@ -0,0 +1,13 @@
+[Unit]
+Description=GnuPG cryptographic agent and passphrase cache (access for web browsers)
+Documentation=man:gpg-agent(1)
+
+[Socket]
+ListenStream=%t/gnupg/S.gpg-agent.browser
+FileDescriptorName=browser
+Service=gpg-agent.service
+SocketMode=0600
+DirectoryMode=0700
+
+[Install]
+WantedBy=sockets.target
diff --git a/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-extra.socket b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-extra.socket
new file mode 100644
index 000000000..5b87d09df
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-extra.socket
@@ -0,0 +1,13 @@
+[Unit]
+Description=GnuPG cryptographic agent and passphrase cache (restricted)
+Documentation=man:gpg-agent(1)
+
+[Socket]
+ListenStream=%t/gnupg/S.gpg-agent.extra
+FileDescriptorName=extra
+Service=gpg-agent.service
+SocketMode=0600
+DirectoryMode=0700
+
+[Install]
+WantedBy=sockets.target
diff --git a/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-ssh.socket b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-ssh.socket
new file mode 100644
index 000000000..798c1d967
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent-ssh.socket
@@ -0,0 +1,13 @@
+[Unit]
+Description=GnuPG cryptographic agent (ssh-agent emulation)
+Documentation=man:gpg-agent(1) man:ssh-add(1) man:ssh-agent(1) man:ssh(1)
+
+[Socket]
+ListenStream=%t/gnupg/S.gpg-agent.ssh
+FileDescriptorName=ssh
+Service=gpg-agent.service
+SocketMode=0600
+DirectoryMode=0700
+
+[Install]
+WantedBy=sockets.target
diff --git a/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent.service b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent.service
new file mode 100644
index 000000000..a050fccdc
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=GnuPG cryptographic agent and passphrase cache
+Documentation=man:gpg-agent(1)
+Requires=gpg-agent.socket
+
+[Service]
+ExecStart=/usr/bin/gpg-agent --supervised
+ExecReload=/usr/bin/gpgconf --reload gpg-agent
diff --git a/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent.socket b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent.socket
new file mode 100644
index 000000000..4257c2c80
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/systemd-user/gpg-agent.socket
@@ -0,0 +1,12 @@
+[Unit]
+Description=GnuPG cryptographic agent and passphrase cache
+Documentation=man:gpg-agent(1)
+
+[Socket]
+ListenStream=%t/gnupg/S.gpg-agent
+FileDescriptorName=std
+SocketMode=0600
+DirectoryMode=0700
+
+[Install]
+WantedBy=sockets.target
diff --git a/msys2/usr/share/doc/gnupg/examples/trustlist.txt b/msys2/usr/share/doc/gnupg/examples/trustlist.txt
new file mode 100644
index 000000000..4d5724275
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/trustlist.txt
@@ -0,0 +1,66 @@
+# This is the global list of trusted keys.  Comment lines, like this
+# one, as well as empty lines are ignored.  Lines have a length limit
+# but this is not serious limitation as the format of the entries is
+# fixed and checked by gpg-agent.  A non-comment line starts with
+# optional white space, followed by the SHA-1 fingerpint in hex,
+# optionally followed by a flag character which my either be 'P', 'S'
+# or '*'.  This file will be read by gpg-agent if no local trustlist
+# is available or if the statement "include-default" is used in the
+# local list. You should give the gpg-agent(s) a HUP after editing
+# this file.
+
+
+#Serial number: 32D18D
+#       Issuer: /CN=6R-Ca 1:PN/NameDistinguisher=1/O=RegulierungsbehÈorde
+#               fÈur Telekommunikation und Post/C=DE
+EA:8D:99:DD:36:AA:2D:07:1A:3C:7B:69:00:9E:51:B9:4A:2E:E7:60  S
+
+#Serial number: 00C48C8D
+#       Issuer: /CN=7R-CA 1:PN/NameDistinguisher=1/O=RegulierungsbehÈorde
+#               fÈur Telekommunikation und Post/C=DE
+DB:45:3D:1B:B0:1A:F3:23:10:6B:DE:D0:09:61:57:AA:F4:25:E0:5B  S
+
+#Serial number: 01
+#       Issuer: /CN=8R-CA 1:PN/O=Regulierungsbehörde für
+#               Telekommunikation und Post/C=DE
+42:6A:F6:78:30:E9:CE:24:5B:EF:41:A2:C1:A8:51:DA:C5:0A:6D:F5  S
+
+#Serial number: 02
+#       Issuer: /CN=9R-CA 1:PN/O=Regulierungsbehörde für
+#               Telekommunikation und Post/C=DE
+75:9A:4A:CE:7C:DA:7E:89:1B:B2:72:4B:E3:76:EA:47:3A:96:97:24  S
+
+#Serial number: 2A
+#       Issuer: /CN=10R-CA 1:PN/O=Bundesnetzagentur/C=DE
+31:C9:D2:E6:31:4D:0B:CC:2C:1A:45:00:A6:6B:97:98:27:18:8E:CD  S
+
+#Serial number: 2D
+#       Issuer: /CN=11R-CA 1:PN/O=Bundesnetzagentur/C=DE
+A0:8B:DF:3B:AA:EE:3F:9D:64:6C:47:81:23:21:D4:A6:18:81:67:1D  S
+
+#          S/N: 0139
+#       Issuer: /CN=12R-CA 1:PN/O=Bundesnetzagentur/C=DE
+44:7E:D4:E3:9A:D7:92:E2:07:FA:53:1A:2E:F5:B8:02:5B:47:57:B0  de
+
+#          S/N: 013C
+#       Issuer: /CN=13R-CA 1:PN/O=Bundesnetzagentur/C=DE
+AC:A7:BE:45:1F:A6:BF:09:F2:D1:3F:08:7B:BC:EB:7F:46:A2:CC:8A  de
+
+
+#          S/N: 00B3963E0E6C2D65125853E970665402E5
+#       Issuer: /CN=S-TRUST Qualified Root CA 2008-001:PN
+#               /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
+C9:2F:E6:50:DB:32:59:E0:CE:65:55:F3:8C:76:E0:B8:A8:FE:A3:CA  S
+
+#          S/N: 00C4216083F35C54F67B09A80C3C55FE7D
+#       Issuer: /CN=S-TRUST Qualified Root CA 2008-002:PN
+#               /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
+D5:C7:50:F2:FE:4E:EE:D7:C7:B1:E4:13:7B:FB:54:84:3A:7D:97:9B  S
+
+
+#Serial number: 00
+#       Issuer: /CN=CA Cert Signing Authority/OU=http:\x2f\x2fwww.
+#               cacert.org/O=Root CA/EMail=support@cacert.org
+13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33  S
+
+
diff --git a/msys2/usr/share/doc/gnupg/examples/vsnfd.prf b/msys2/usr/share/doc/gnupg/examples/vsnfd.prf
new file mode 100644
index 000000000..2884fe71e
--- /dev/null
+++ b/msys2/usr/share/doc/gnupg/examples/vsnfd.prf
@@ -0,0 +1,26 @@
+# vsnfd.prf - Configure options for the VS-NfD mode           -*- conf -*-
+#
+# The options for each tool are configured in a section ("[TOOL]");
+# see the respective man page for a description of these options and
+# the gpgconf manpage for a description of this file's syntax.
+
+[gpg]
+compliance de-vs
+default-new-key-algo rsa3072/cert,sign+rsa3072/encr
+
+[gpgsm]
+compliance de-vs
+enable-crl-checks
+
+[gpg-agent]
+enable-extended-key-format
+default-cache-ttl 900
+max-cache-ttl 3600
+no-allow-mark-trusted
+no-allow-external-cache
+enforce-passphrase-constraints
+min-passphrase-len 9
+min-passphrase-nonalpha 0
+
+[dirmngr]
+allow-ocsp
diff --git a/msys2/usr/share/doc/libunistring/libunistring_1.html b/msys2/usr/share/doc/libunistring/libunistring_1.html
index 8ba5ef5ba..02bf2672c 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_1.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_1.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -43,7 +43,7 @@ ul.toc {list-style: none}
 
 <table cellpadding="1" cellspacing="1" border="0">
 <tr><td valign="middle" align="left">[ &lt;&lt; ]</td>
-<td valign="middle" align="left">[<a href="libunistring_2.html#SEC9" title="Next chapter"> &gt;&gt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_2.html#SEC8" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,7 +51,7 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
@@ -113,8 +113,8 @@ in general, contain characters of all kinds of scripts.  The text processing
 functions provided by this library handle all scripts and all languages.
 </p>
 <p>libunistring is for you if your application already uses the ISO C / POSIX
-<code>&lt;ctype.h&gt;</code>, <code>&lt;wctype.h&gt;</code> functions and the text it operates on is
-provided by the user and can be in any language.
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/ctype.h.html"><code>&lt;ctype.h&gt;</code></a>, <a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/wctype.h.html"><code>&lt;wctype.h&gt;</code></a> functions and the text it
+operates on is provided by the user and can be in any language.
 </p>
 <p>libunistring is also for you if your application uses Unicode strings as
 internal in-memory representation.
@@ -195,7 +195,7 @@ in multiple languages present in the same document or even in the same line
 of text.
 </p>
 <p>But use of Unicode is not everything.  Internationalization usually consists
-of three features:
+of four features:
 </p><ul>
 <li>
 Use of Unicode where needed for text processing.  This is what this library
@@ -207,6 +207,10 @@ GNU gettext is about.
 Use of locale specific conventions for date and time formats, for numeric
 formatting, or for sorting of text.  This can be done adequately with the
 POSIX APIs and the implementation of locales in the GNU C library.
+</li><li>
+In graphical user interfaces, adapting the GUI to the default text direction
+of the current locale (see
+<a href="https://en.wikipedia.org/wiki/Right-to-left">right-to-left languages</a>).
 </li></ul>
 
 <hr size="6">
@@ -221,7 +225,7 @@ yet universally implemented and not widely used.)
 <a name="IDX7"></a>
 The locale is partitioned into several aspects, called the &ldquo;categories&rdquo;
 of the locale.  The main various aspects are:
-</p><ul class="toc">
+</p><ul>
 <li>
 The character encoding and the character properties.  This is the
 <code>LC_CTYPE</code> category.
@@ -259,7 +263,7 @@ this country earlier.
 </p>
 <p>The legacy locale encodings, ISO-8859-15 (which supplanted ISO-8859-1 in
 most of Europe), ISO-8859-2, KOI8-R, EUC-JP, etc., are still in use in
-many places, though.
+some places, though.
 </p>
 <p>UTF-16 and UTF-32 are not used as locale encodings, because they are not
 ASCII compatible.
@@ -271,7 +275,7 @@ ASCII compatible.
 
 <p>There are three ways of representing strings in memory of a running
 program.
-</p><ul class="toc">
+</p><ul>
 <li>
 As &lsquo;<samp>char *</samp>&rsquo; strings.  Such strings are represented in locale encoding.
 This approach is employed when not much text processing is done by the
@@ -285,9 +289,24 @@ a significant amount of text processing, or when the program has multiple
 threads operating on the same data but in different locales.
 </li><li>
 As &lsquo;<samp>wchar_t *</samp>&rsquo;, a.k.a. &ldquo;wide strings&rdquo;.  This approach is misguided,
-see <a href="#SEC7">The <code>wchar_t</code> mess</a>.
+see <a href="libunistring_18.html#SEC81">The <code>wchar_t</code> mess</a>.
 </li></ul>
 
+<p>Of course, a &lsquo;<samp>char *</samp>&rsquo; string can, in some cases, be encoded in UTF-8.
+You will use the data type depending on what you can guarantee about how
+it's encoded: If a string is encoded in the locale encoding, or if you
+don't know how it's encoded, use &lsquo;<samp>char *</samp>&rsquo;.  If, on the other hand,
+you can <em>guarantee</em> that it is UTF-8 encoded, then you can use the
+UTF-8 string type, <code>uint8_t *</code>, for it.
+</p>
+<p>The five types <code>char *</code>, <code>uint8_t *</code>, <code>uint16_t *</code>,
+<code>uint32_t *</code>, and <code>wchar_t *</code> are incompatible types at the C
+level.  Therefore, &lsquo;<samp>gcc -Wall</samp>&rsquo; will produce a warning if, by mistake,
+your code contains a mismatch between these types.  In the context of
+using GNU libunistring, even a warning about a mismatch between
+<code>char *</code> and <code>uint8_t *</code> is a sign of a bug in your code
+that you should not try to silence through a cast.
+</p>
 <hr size="6">
 <a name="char-_002a-strings"></a>
 <a name="SEC6"></a>
@@ -318,75 +337,75 @@ using multibyte locales.
 </p></td></tr></table>
 
 <p>As a consequence:
-</p><ul class="toc">
+</p><ul>
 <li>
-The <code>&lt;ctype.h&gt;</code> API is useless in this context; it does not work in
+The <a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/ctype.h.html"><code>&lt;ctype.h&gt;</code></a> API is useless in this context; it does not work in
 multibyte locales.
 </li><li>
-The <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strlen.html"><code>strlen</code></a> function does not return the number of characters
+The <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strlen.html"><code>strlen</code></a> function does not return the number of characters
 in a string.  Nor does it return the number of screen columns occupied
 by a string after it is output.  It merely returns the number of
 <em>bytes</em> occupied by a string.
 </li><li>
-Truncating a string, for example, with <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strncpy.html"><code>strncpy</code></a>, can have the
+Truncating a string, for example, with <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strncpy.html"><code>strncpy</code></a>, can have the
 effect of truncating it in the middle of a multibyte character.  Such
 a string will, when output, have a garbled character at its end, often
 represented by a hollow box.
 </li><li>
-<a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strchr.html"><code>strchr</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strrchr.html"><code>strrchr</code></a> do not work with multibyte strings
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strchr.html"><code>strchr</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strrchr.html"><code>strrchr</code></a> do not work with multibyte strings
 if the locale encoding is GB18030 and the character to be searched is
 a digit.
 </li><li>
-<a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strstr.html"><code>strstr</code></a> does not work with multibyte strings if the locale encoding
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strstr.html"><code>strstr</code></a> does not work with multibyte strings if the locale encoding
 is different from UTF-8.
 </li><li>
-<a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcspn.html"><code>strcspn</code></a>, <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strpbrk.html"><code>strpbrk</code></a>, <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strspn.html"><code>strspn</code></a> cannot work
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcspn.html"><code>strcspn</code></a>, <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strpbrk.html"><code>strpbrk</code></a>, <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strspn.html"><code>strspn</code></a> cannot work
 correctly in multibyte locales: they assume the second argument is a list of
 single-byte characters.  Even in this simple case, they do not work with
 multibyte strings if the locale encoding is GB18030 and one of the
 characters to be searched is a digit.
 </li><li>
-<a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strsep.html"><code>strsep</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strtok_r.html"><code>strtok_r</code></a> do not work with multibyte strings
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strsep.html"><code>strsep</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strtok_r.html"><code>strtok_r</code></a> do not work with multibyte strings
 unless all of the delimiter characters are ASCII characters &lt; 0x30.
 </li><li>
-The <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcasecmp.html"><code>strcasecmp</code></a>, <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strncasecmp.html"><code>strncasecmp</code></a>, and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcasestr.html"><code>strcasestr</code></a>
+The <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcasecmp.html"><code>strcasecmp</code></a>, <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strncasecmp.html"><code>strncasecmp</code></a>, and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcasestr.html"><code>strcasestr</code></a>
 functions do not work with multibyte strings.
 </li></ul>
 
 <p>The workarounds can be found in GNU gnulib
 <a href="http://www.gnu.org/software/gnulib/">http://www.gnu.org/software/gnulib/</a>.
-</p><ul class="toc">
+</p><ul>
 <li>
 gnulib has modules &lsquo;<samp>mbchar</samp>&rsquo;, &lsquo;<samp>mbiter</samp>&rsquo;, &lsquo;<samp>mbuiter</samp>&rsquo; that
 represent multibyte characters and allow to iterate across a multibyte
 string with the same ease as through a unibyte string.
 </li><li>
 gnulib has functions <code>mbslen</code> and <code>mbswidth</code> that can be
-used instead of <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strlen.html"><code>strlen</code></a> when the number of characters or the
+used instead of <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strlen.html"><code>strlen</code></a> when the number of characters or the
 number of screen columns of a string is requested.
 </li><li>
 gnulib has functions <code>mbschr</code> and <code>mbsrrchr</code> that are
-like <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strchr.html"><code>strchr</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strrchr.html"><code>strrchr</code></a>, but work in multibyte locales.
+like <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strchr.html"><code>strchr</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strrchr.html"><code>strrchr</code></a>, but work in multibyte locales.
 </li><li>
-gnulib has a function <code>mbsstr</code>, like <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strstr.html"><code>strstr</code></a>, but works
+gnulib has a function <code>mbsstr</code>, like <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strstr.html"><code>strstr</code></a>, but works
 in multibyte locales.
 </li><li>
 gnulib has functions <code>mbscspn</code>, <code>mbspbrk</code>, <code>mbsspn</code>
-that are like <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcspn.html"><code>strcspn</code></a>, <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strpbrk.html"><code>strpbrk</code></a>, <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strspn.html"><code>strspn</code></a>, but
+that are like <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcspn.html"><code>strcspn</code></a>, <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strpbrk.html"><code>strpbrk</code></a>, <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strspn.html"><code>strspn</code></a>, but
 work in multibyte locales.
 </li><li>
 gnulib has functions <code>mbssep</code> and <code>mbstok_r</code> that are
-like <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strsep.html"><code>strsep</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strtok_r.html"><code>strtok_r</code></a> but work in multibyte locales.
+like <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strsep.html"><code>strsep</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strtok_r.html"><code>strtok_r</code></a> but work in multibyte locales.
 </li><li>
 gnulib has functions <code>mbscasecmp</code>, <code>mbsncasecmp</code>,
-<code>mbspcasecmp</code>, and <code>mbscasestr</code> that are like <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcasecmp.html"><code>strcasecmp</code></a>,
-<a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strncasecmp.html"><code>strncasecmp</code></a>, and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcasestr.html"><code>strcasestr</code></a>, but
+<code>mbspcasecmp</code>, and <code>mbscasestr</code> that are like <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcasecmp.html"><code>strcasecmp</code></a>,
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strncasecmp.html"><code>strncasecmp</code></a>, and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcasestr.html"><code>strcasestr</code></a>, but
 work in multibyte locales.  Still, the function <code>ulc_casecmp</code> is
 preferable to these functions; see below.
 </li></ul>
 
 <p>The second problem with the C library API is that it has some assumptions built-in that are not valid in some languages:
-</p><ul class="toc">
+</p><ul>
 <li>
 It assumes that there are only two forms of every character: uppercase
 and lowercase.  This is not true for Croatian, where the character
@@ -418,71 +437,18 @@ to view case transformations as functions that operates on strings,
 rather than on characters.
 </li></ol>
 
-<p>This is implemented in this library, through the functions declared in <code>&lt;unicase.h&gt;</code>, see <a href="libunistring_14.html#SEC54">Case mappings <code>&lt;unicase.h&gt;</code></a>.
-</p>
-<hr size="6">
-<a name="The-wchar_005ft-mess"></a>
-<a name="SEC7"></a>
-<h2 class="section"> <a href="libunistring.html#TOC7">1.6 The <code>wchar_t</code> mess</a> </h2>
-
-<p>The ISO C and POSIX standard creators made an attempt to fix the first
-problem mentioned in the previous section.  They introduced
-</p><ul class="toc">
-<li>
-a type &lsquo;<samp>wchar_t</samp>&rsquo;, designed to encapsulate an entire character,
-</li><li>
-a &ldquo;wide string&rdquo; type &lsquo;<samp>wchar_t *</samp>&rsquo;, and
-</li><li>
-functions declared in <code>&lt;wctype.h&gt;</code> that were meant to supplant the
-ones in <code>&lt;ctype.h&gt;</code>.
-</li></ul>
-
-<p>Unfortunately, this API and its implementation has numerous problems:
-</p>
-<ul class="toc">
-<li>
-On AIX and Windows platforms, <code>wchar_t</code> is a 16-bit type.  This
-means that it can never accommodate an entire Unicode character.  Either
-the <code>wchar_t *</code> strings are limited to characters in UCS-2 (the
-&ldquo;Basic Multilingual Plane&rdquo; of Unicode), or &mdash; if <code>wchar_t *</code>
-strings are encoded in UTF-16 &mdash; a <code>wchar_t</code> represents only half
-of a character in the worst case, making the <code>&lt;wctype.h&gt;</code> functions
-pointless.
-
-</li><li>
-On Solaris and FreeBSD, the <code>wchar_t</code> encoding is locale dependent
-and undocumented.  This means, if you want to know any property of a
-<code>wchar_t</code> character, other than the properties defined by
-<code>&lt;wctype.h&gt;</code> &mdash; such as whether it's a dash, currency symbol,
-paragraph separator, or similar &mdash;, you have to convert it to
-<code>char *</code> encoding first, by use of the function <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wctomb.html"><code>wctomb</code></a>.
-
-</li><li>
-When you read a stream of wide characters, through the functions
-<a href="http://www.opengroup.org/onlinepubs/9699919799/functions/fgetwc.html"><code>fgetwc</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/fgetws.html"><code>fgetws</code></a>, and when the input stream/file is
-not in the expected encoding, you have no way to determine the invalid
-byte sequence and do some corrective action.  If you use these
-functions, your program becomes &ldquo;garbage in - more garbage out&rdquo; or
-&ldquo;garbage in - abort&rdquo;.
-</li></ul>
-
-<p>As a consequence, it is better to use multibyte strings, as explained in
-the previous section.  Such multibyte strings can bypass limitations
-of the <code>wchar_t</code> type, if you use functions defined in gnulib and
-libunistring for text processing.  They can also faithfully transport
-malformed characters that were present in the input, without requiring
-the program to produce garbage or abort.
+<p>This is implemented in this library, through the functions declared in <code>&lt;unicase.h&gt;</code>, see <a href="libunistring_14.html#SEC67">Case mappings <code>&lt;unicase.h&gt;</code></a>.
 </p>
 <hr size="6">
 <a name="Unicode-strings"></a>
-<a name="SEC8"></a>
-<h2 class="section"> <a href="libunistring.html#TOC8">1.7 Unicode strings</a> </h2>
+<a name="SEC7"></a>
+<h2 class="section"> <a href="libunistring.html#TOC7">1.6 Unicode strings</a> </h2>
 
 <p>libunistring supports Unicode strings in three representations:
 <a name="IDX11"></a>
 <a name="IDX12"></a>
 <a name="IDX13"></a>
-</p><ul class="toc">
+</p><ul>
 <li>
 UTF-8 strings, through the type &lsquo;<samp>uint8_t *</samp>&rsquo;.  The units are bytes
 (<code>uint8_t</code>).
@@ -495,7 +461,7 @@ memory words (<code>uint32_t</code>).
 </li></ul>
 
 <p>As with C strings, there are two variants:
-</p><ul class="toc">
+</p><ul>
 <li>
 Unicode strings with a terminating NUL character are represented as
 a pointer to the first unit of the string.  There is a unit containing
@@ -512,7 +478,7 @@ zero-valued unit used as &ldquo;end marker&rdquo;.
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
 <tr><td valign="middle" align="left">[<a href="#SEC1" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_2.html#SEC9" title="Next chapter"> &gt;&gt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_2.html#SEC8" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -520,12 +486,12 @@ zero-valued unit used as &ldquo;end marker&rdquo;.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_10.html b/msys2/usr/share/doc/libunistring/libunistring_10.html
index 394ea19ee..68448fb51 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_10.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_10.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_9.html#SEC40" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_11.html#SEC44" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_9.html#SEC53" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_11.html#SEC57" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="unigbrk_002eh"></a>
-<a name="SEC41"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC41">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a> </h1>
+<a name="SEC54"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC54">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a> </h1>
 
 <p>This include file declares functions for determining where in a string
 &ldquo;grapheme clusters&rdquo; start and end.  A &ldquo;grapheme cluster&rdquo; is an
@@ -85,40 +85,50 @@ clusters.
 
 <hr size="6">
 <a name="Grapheme-cluster-breaks-in-a-string"></a>
-<a name="SEC42"></a>
-<h2 class="section"> <a href="libunistring.html#TOC42">10.1 Grapheme cluster breaks in a string</a> </h2>
+<a name="SEC55"></a>
+<h2 class="section"> <a href="libunistring.html#TOC55">10.1 Grapheme cluster breaks in a string</a> </h2>
 
 <p>The following functions find a single boundary between grapheme
 clusters in a string.
 </p>
 <dl>
 <dt><u>Function:</u> void <b>u8_grapheme_next</b><i> (const uint8_t *<var>s</var>, const uint8_t *<var>end</var>)</i>
-<a name="IDX712"></a>
+<a name="IDX703"></a>
 </dt>
 <dt><u>Function:</u> void <b>u16_grapheme_next</b><i> (const uint16_t *<var>s</var>, const uint16_t *<var>end</var>)</i>
-<a name="IDX713"></a>
+<a name="IDX704"></a>
 </dt>
 <dt><u>Function:</u> void <b>u32_grapheme_next</b><i> (const uint32_t *<var>s</var>, const uint32_t *<var>end</var>)</i>
-<a name="IDX714"></a>
+<a name="IDX705"></a>
 </dt>
 <dd><p>Returns the start of the next grapheme cluster following <var>s</var>,
 or <var>end</var> if no grapheme cluster break is encountered before it.
 Returns NULL if and only if <code><var>s</var> == <var>end</var></code>.
+</p>
+<p>Note that these functions do not handle the case when a character
+outside of the range between <var>s</var> and <var>end</var> is needed to
+determine the boundary.  Use <code>_grapheme_breaks</code> functions for such
+cases.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> void <b>u8_grapheme_prev</b><i> (const uint8_t *<var>s</var>, const uint8_t *<var>start</var>)</i>
-<a name="IDX715"></a>
+<a name="IDX706"></a>
 </dt>
 <dt><u>Function:</u> void <b>u16_grapheme_prev</b><i> (const uint16_t *<var>s</var>, const uint16_t *<var>start</var>)</i>
-<a name="IDX716"></a>
+<a name="IDX707"></a>
 </dt>
 <dt><u>Function:</u> void <b>u32_grapheme_prev</b><i> (const uint32_t *<var>s</var>, const uint32_t *<var>start</var>)</i>
-<a name="IDX717"></a>
+<a name="IDX708"></a>
 </dt>
 <dd><p>Returns the start of the grapheme cluster preceding <var>s</var>, or
 <var>start</var> if no grapheme cluster break is encountered before it.
 Returns NULL if and only if <code><var>s</var> == <var>start</var></code>.
+</p>
+<p>Note that these functions do not handle the case when a character
+outside of the range between <var>start</var> and <var>s</var> is needed to
+determine the boundary.  Use <code>_grapheme_breaks</code> functions for such
+cases.
 </p></dd></dl>
 
 <p>The following functions determine all of the grapheme cluster
@@ -126,19 +136,22 @@ boundaries in a string.
 </p>
 <dl>
 <dt><u>Function:</u> void <b>u8_grapheme_breaks</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
-<a name="IDX718"></a>
+<a name="IDX709"></a>
 </dt>
 <dt><u>Function:</u> void <b>u16_grapheme_breaks</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
-<a name="IDX719"></a>
+<a name="IDX710"></a>
 </dt>
 <dt><u>Function:</u> void <b>u32_grapheme_breaks</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
-<a name="IDX720"></a>
+<a name="IDX711"></a>
 </dt>
 <dt><u>Function:</u> void <b>ulc_grapheme_breaks</b><i> (const char *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
-<a name="IDX721"></a>
+<a name="IDX712"></a>
+</dt>
+<dt><u>Function:</u> void <b>uc_grapheme_breaks</b><i> (const ucs_t *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
+<a name="IDX713"></a>
 </dt>
 <dd><p>Determines the grapheme cluster break points in <var>s</var>, an array of
-<var>n</var> units, and stores the result at <code><var>p</var>[0..<var>n</var>-1]</code>.
+<var>n</var> units, and stores the result at <code><var>p</var>[0..<var>nx</var>-1]</code>.
 </p><dl compact="compact">
 <dt> <code><var>p</var>[i] = 1</code></dt>
 <dd><p>means that there is a grapheme cluster boundary between
@@ -151,12 +164,19 @@ same grapheme cluster.
 </dl>
 <p><code><var>p</var>[0]</code> is always set to 1, because there is always a
 grapheme cluster break at start of text.
+</p>
+<p>In addition to the above variants for UTF-8, UTF-16, and UTF-32 strings,
+<code>&lt;unigbrk.h&gt;</code> provides another variant: <code>uc_grapheme_breaks</code>.
+</p>
+<p>This is similar to <code>u32_grapheme_breaks</code>, but it accepts any
+characters which may not be represented in UTF-32, such as control
+characters.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Grapheme-cluster-break-property"></a>
-<a name="SEC43"></a>
-<h2 class="section"> <a href="libunistring.html#TOC43">10.2 Grapheme cluster break property</a> </h2>
+<a name="SEC56"></a>
+<h2 class="section"> <a href="libunistring.html#TOC56">10.2 Grapheme cluster break property</a> </h2>
 
 <p>This is a more low-level API.  The grapheme cluster break property is a
 property defined in Unicode Standard Annex #29, section &ldquo;Grapheme Cluster
@@ -169,40 +189,58 @@ property.  More values may be added in the future.
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>GBP_OTHER</b>
-<a name="IDX722"></a>
+<a name="IDX714"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_CR</b>
-<a name="IDX723"></a>
+<a name="IDX715"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_LF</b>
-<a name="IDX724"></a>
+<a name="IDX716"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_CONTROL</b>
-<a name="IDX725"></a>
+<a name="IDX717"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_EXTEND</b>
-<a name="IDX726"></a>
+<a name="IDX718"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_PREPEND</b>
-<a name="IDX727"></a>
+<a name="IDX719"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_SPACINGMARK</b>
-<a name="IDX728"></a>
+<a name="IDX720"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_L</b>
-<a name="IDX729"></a>
+<a name="IDX721"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_V</b>
-<a name="IDX730"></a>
+<a name="IDX722"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_T</b>
-<a name="IDX731"></a>
+<a name="IDX723"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_LV</b>
-<a name="IDX732"></a>
+<a name="IDX724"></a>
 </dt>
 <dt><u>Constant:</u> int <b>GBP_LVT</b>
-<a name="IDX733"></a>
+<a name="IDX725"></a>
+</dt>
+<dt><u>Constant:</u> int <b>GBP_RI</b>
+<a name="IDX726"></a>
+</dt>
+<dt><u>Constant:</u> int <b>GBP_ZWJ</b>
+<a name="IDX727"></a>
+</dt>
+<dt><u>Constant:</u> int <b>GBP_EB</b>
+<a name="IDX728"></a>
+</dt>
+<dt><u>Constant:</u> int <b>GBP_EM</b>
+<a name="IDX729"></a>
+</dt>
+<dt><u>Constant:</u> int <b>GBP_GAZ</b>
+<a name="IDX730"></a>
+</dt>
+<dt><u>Constant:</u> int <b>GBP_EBG</b>
+<a name="IDX731"></a>
 </dt>
 </dl>
 
@@ -211,7 +249,7 @@ character.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_graphemeclusterbreak_property</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX734"></a>
+<a name="IDX732"></a>
 </dt>
 <dd><p>Returns the Grapheme_Cluster_Break property of a Unicode character.
 </p></dd></dl>
@@ -222,7 +260,7 @@ the higher-level functions in the previous section are directly based.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_grapheme_break</b><i> (ucs4_t <var>a</var>, ucs4_t <var>b</var>)</i>
-<a name="IDX735"></a>
+<a name="IDX733"></a>
 </dt>
 <dd><p>Returns true if there is an grapheme cluster boundary between Unicode
 characters <var>a</var> and <var>b</var>.
@@ -234,11 +272,15 @@ of text, respectively.
 <p>This implements the extended (not legacy) grapheme cluster rules
 described in the Unicode standard, because the standard says that they
 are preferred.
+</p>
+<p>Note that this function does not handle the case when three or more
+consecutive characters are needed to determine the boundary.  Use
+<code>uc_grapheme_breaks</code> for such cases.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="#SEC41" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_11.html#SEC44" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="#SEC54" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_11.html#SEC57" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -246,12 +288,12 @@ are preferred.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_11.html b/msys2/usr/share/doc/libunistring/libunistring_11.html
index 40d64c9ff..c2d55d600 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_11.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_11.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_10.html#SEC41" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_12.html#SEC47" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_10.html#SEC54" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_12.html#SEC60" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="uniwbrk_002eh"></a>
-<a name="SEC44"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC44">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a> </h1>
+<a name="SEC57"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC57">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a> </h1>
 
 <p>This include file declares functions for determining where in a string
 &ldquo;words&rdquo; start and end.  Here &ldquo;words&rdquo; are not necessarily the same as
@@ -69,23 +69,23 @@ operations.
 
 <hr size="6">
 <a name="Word-breaks-in-a-string"></a>
-<a name="SEC45"></a>
-<h2 class="section"> <a href="libunistring.html#TOC45">11.1 Word breaks in a string</a> </h2>
+<a name="SEC58"></a>
+<h2 class="section"> <a href="libunistring.html#TOC58">11.1 Word breaks in a string</a> </h2>
 
 <p>The following functions determine the word breaks in a string.
 </p>
 <dl>
 <dt><u>Function:</u> void <b>u8_wordbreaks</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
-<a name="IDX736"></a>
+<a name="IDX734"></a>
 </dt>
 <dt><u>Function:</u> void <b>u16_wordbreaks</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
-<a name="IDX737"></a>
+<a name="IDX735"></a>
 </dt>
 <dt><u>Function:</u> void <b>u32_wordbreaks</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
-<a name="IDX738"></a>
+<a name="IDX736"></a>
 </dt>
 <dt><u>Function:</u> void <b>ulc_wordbreaks</b><i> (const char *<var>s</var>, size_t <var>n</var>, char *<var>p</var>)</i>
-<a name="IDX739"></a>
+<a name="IDX737"></a>
 </dt>
 <dd><p>Determines the word break points in <var>s</var>, an array of <var>n</var> units, and
 stores the result at <code><var>p</var>[0..<var>n</var>-1]</code>.
@@ -106,8 +106,8 @@ word break to be present at the beginning of the string (before
 
 <hr size="6">
 <a name="Word-break-property"></a>
-<a name="SEC46"></a>
-<h2 class="section"> <a href="libunistring.html#TOC46">11.2 Word break property</a> </h2>
+<a name="SEC59"></a>
+<h2 class="section"> <a href="libunistring.html#TOC59">11.2 Word break property</a> </h2>
 
 <p>This is a more low-level API.  The word break property is a property defined
 in Unicode Standard Annex #29, section &ldquo;Word Boundaries&rdquo;, see
@@ -119,58 +119,85 @@ may be added in the future.
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>WBP_OTHER</b>
-<a name="IDX740"></a>
+<a name="IDX738"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_CR</b>
-<a name="IDX741"></a>
+<a name="IDX739"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_LF</b>
-<a name="IDX742"></a>
+<a name="IDX740"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_NEWLINE</b>
-<a name="IDX743"></a>
+<a name="IDX741"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_EXTEND</b>
-<a name="IDX744"></a>
+<a name="IDX742"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_FORMAT</b>
-<a name="IDX745"></a>
+<a name="IDX743"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_KATAKANA</b>
-<a name="IDX746"></a>
+<a name="IDX744"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_ALETTER</b>
-<a name="IDX747"></a>
+<a name="IDX745"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_MIDNUMLET</b>
-<a name="IDX748"></a>
+<a name="IDX746"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_MIDLETTER</b>
-<a name="IDX749"></a>
+<a name="IDX747"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_MIDNUM</b>
-<a name="IDX750"></a>
+<a name="IDX748"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_NUMERIC</b>
-<a name="IDX751"></a>
+<a name="IDX749"></a>
 </dt>
 <dt><u>Constant:</u> int <b>WBP_EXTENDNUMLET</b>
+<a name="IDX750"></a>
+</dt>
+<dt><u>Constant:</u> int <b>WBP_RI</b>
+<a name="IDX751"></a>
+</dt>
+<dt><u>Constant:</u> int <b>WBP_DQ</b>
 <a name="IDX752"></a>
 </dt>
+<dt><u>Constant:</u> int <b>WBP_SQ</b>
+<a name="IDX753"></a>
+</dt>
+<dt><u>Constant:</u> int <b>WBP_HL</b>
+<a name="IDX754"></a>
+</dt>
+<dt><u>Constant:</u> int <b>WBP_ZWJ</b>
+<a name="IDX755"></a>
+</dt>
+<dt><u>Constant:</u> int <b>WBP_EB</b>
+<a name="IDX756"></a>
+</dt>
+<dt><u>Constant:</u> int <b>WBP_EM</b>
+<a name="IDX757"></a>
+</dt>
+<dt><u>Constant:</u> int <b>WBP_GAZ</b>
+<a name="IDX758"></a>
+</dt>
+<dt><u>Constant:</u> int <b>WBP_EBG</b>
+<a name="IDX759"></a>
+</dt>
 </dl>
 
 <p>The following function looks up the word break property of a character.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_wordbreak_property</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX753"></a>
+<a name="IDX760"></a>
 </dt>
 <dd><p>Returns the Word_Break property of a Unicode character.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="#SEC44" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_12.html#SEC47" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="#SEC57" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_12.html#SEC60" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -178,12 +205,12 @@ may be added in the future.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_12.html b/msys2/usr/share/doc/libunistring/libunistring_12.html
index 65665dd73..3af8c37fe 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_12.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_12.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_11.html#SEC44" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_13.html#SEC48" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_11.html#SEC57" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_13.html#SEC61" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="unilbrk_002eh"></a>
-<a name="SEC47"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a> </h1>
+<a name="SEC60"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a> </h1>
 
 <p>This include file declares functions for determining where in a string
 line breaks could or should be introduced, in order to make the displayed
@@ -74,14 +74,14 @@ following meanings:
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>UC_BREAK_MANDATORY</b>
-<a name="IDX754"></a>
+<a name="IDX761"></a>
 </dt>
 <dd><p>This value indicates that <code><var>s</var>[<var>i</var>]</code> is a line break character.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BREAK_POSSIBLE</b>
-<a name="IDX755"></a>
+<a name="IDX762"></a>
 </dt>
 <dd><p>This value indicates that a line break may be inserted between
 <code><var>s</var>[<var>i</var>-1]</code> and <code><var>s</var>[<var>i</var>]</code>.
@@ -89,7 +89,7 @@ following meanings:
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BREAK_HYPHENATION</b>
-<a name="IDX756"></a>
+<a name="IDX763"></a>
 </dt>
 <dd><p>This value indicates that a hyphen and a line break may be inserted between
 <code><var>s</var>[<var>i</var>-1]</code> and <code><var>s</var>[<var>i</var>]</code>.  But beware of language
@@ -98,7 +98,7 @@ dependent hyphenation rules.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BREAK_PROHIBITED</b>
-<a name="IDX757"></a>
+<a name="IDX764"></a>
 </dt>
 <dd><p>This value indicates that <code><var>s</var>[<var>i</var>-1]</code> and <code><var>s</var>[<var>i</var>]</code>
 must not be separated.
@@ -106,7 +106,7 @@ must not be separated.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BREAK_UNDEFINED</b>
-<a name="IDX758"></a>
+<a name="IDX765"></a>
 </dt>
 <dd><p>This value is not used as a return value; rather, in the overriding argument of
 the <code>u*_width_linebreaks</code> functions, it indicates the absence of an
@@ -118,16 +118,16 @@ possible.
 </p>
 <dl>
 <dt><u>Function:</u> void <b>u8_possible_linebreaks</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>encoding</var>, char *<var>p</var>)</i>
-<a name="IDX759"></a>
+<a name="IDX766"></a>
 </dt>
 <dt><u>Function:</u> void <b>u16_possible_linebreaks</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>encoding</var>, char *<var>p</var>)</i>
-<a name="IDX760"></a>
+<a name="IDX767"></a>
 </dt>
 <dt><u>Function:</u> void <b>u32_possible_linebreaks</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>encoding</var>, char *<var>p</var>)</i>
-<a name="IDX761"></a>
+<a name="IDX768"></a>
 </dt>
 <dt><u>Function:</u> void <b>ulc_possible_linebreaks</b><i> (const char *<var>s</var>, size_t <var>n</var>, const char *<var>encoding</var>, char *<var>p</var>)</i>
-<a name="IDX762"></a>
+<a name="IDX769"></a>
 </dt>
 <dd><p>Determines the line break points in <var>s</var>, and stores the result at
 <code><var>p</var>[0..<var>n</var>-1]</code>.  Every <code><var>p</var>[<var>i</var>]</code> is assigned one of
@@ -141,19 +141,19 @@ non-proportional fonts.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_width_linebreaks</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, int <var>width</var>, int <var>start_column</var>, int <var>at_end_columns</var>, const char *<var>override</var>, const char *<var>encoding</var>, char *<var>p</var>)</i>
-<a name="IDX763"></a>
+<a name="IDX770"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_width_linebreaks</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, int <var>width</var>, int <var>start_column</var>, int <var>at_end_columns</var>, const char *<var>override</var>, const char *<var>encoding</var>, char *<var>p</var>)</i>
-<a name="IDX764"></a>
+<a name="IDX771"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_width_linebreaks</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, int <var>width</var>, int <var>start_column</var>, int <var>at_end_columns</var>, const char *<var>override</var>, const char *<var>encoding</var>, char *<var>p</var>)</i>
-<a name="IDX765"></a>
+<a name="IDX772"></a>
 </dt>
 <dt><u>Function:</u> int <b>ulc_width_linebreaks</b><i> (const char *<var>s</var>, size_t <var>n</var>, int <var>width</var>, int <var>start_column</var>, int <var>at_end_columns</var>, const char *<var>override</var>, const char *<var>encoding</var>, char *<var>p</var>)</i>
-<a name="IDX766"></a>
+<a name="IDX773"></a>
 </dt>
 <dd><p>Chooses the best line breaks, assuming that every character occupies a width
-given by the <code>uc_width</code> function (see <a href="libunistring_9.html#SEC40">Display width <code>&lt;uniwidth.h&gt;</code></a>).
+given by the <code>uc_width</code> function (see <a href="libunistring_9.html#SEC53">Display width <code>&lt;uniwidth.h&gt;</code></a>).
 </p>
 <p>The string is <code><var>s</var>[0..<var>n</var>-1]</code>.
 </p>
@@ -177,8 +177,8 @@ the values <code>UC_BREAK_MANDATORY</code>, <code>UC_BREAK_POSSIBLE</code>,
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_11.html#SEC44" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_13.html#SEC48" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_11.html#SEC57" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_13.html#SEC61" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -186,12 +186,12 @@ the values <code>UC_BREAK_MANDATORY</code>, <code>UC_BREAK_POSSIBLE</code>,
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_13.html b/msys2/usr/share/doc/libunistring/libunistring_13.html
index 5dc6f8540..96a9f1448 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_13.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_13.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_12.html#SEC47" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_14.html#SEC54" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_12.html#SEC60" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_14.html#SEC67" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="uninorm_002eh"></a>
-<a name="SEC48"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC48">13. Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a> </h1>
+<a name="SEC61"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC61">13. Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a> </h1>
 
 <p>This include file defines functions for transforming Unicode strings to one
 of the four normal forms, known as NFC, NFD, NKFC, NFKD.  These
@@ -68,29 +68,29 @@ of Unicode characters.
 
 <hr size="6">
 <a name="Decomposition-of-characters"></a>
-<a name="SEC49"></a>
-<h2 class="section"> <a href="libunistring.html#TOC49">13.1 Decomposition of Unicode characters</a> </h2>
+<a name="SEC62"></a>
+<h2 class="section"> <a href="libunistring.html#TOC62">13.1 Decomposition of Unicode characters</a> </h2>
 
 <p>The following enumerated values are the possible types of decomposition of a
 Unicode character.
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_CANONICAL</b>
-<a name="IDX767"></a>
+<a name="IDX774"></a>
 </dt>
 <dd><p>Denotes canonical decomposition.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_FONT</b>
-<a name="IDX768"></a>
+<a name="IDX775"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;font&gt;</code>.  Denotes a font variant (e.g. a blackletter form).
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_NOBREAK</b>
-<a name="IDX769"></a>
+<a name="IDX776"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;noBreak&gt;</code>.
 Denotes a no-break version of a space or hyphen.
@@ -98,7 +98,7 @@ Denotes a no-break version of a space or hyphen.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_INITIAL</b>
-<a name="IDX770"></a>
+<a name="IDX777"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;initial&gt;</code>.
 Denotes an initial presentation form (Arabic).
@@ -106,7 +106,7 @@ Denotes an initial presentation form (Arabic).
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_MEDIAL</b>
-<a name="IDX771"></a>
+<a name="IDX778"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;medial&gt;</code>.
 Denotes a medial presentation form (Arabic).
@@ -114,7 +114,7 @@ Denotes a medial presentation form (Arabic).
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_FINAL</b>
-<a name="IDX772"></a>
+<a name="IDX779"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;final&gt;</code>.
 Denotes a final presentation form (Arabic).
@@ -122,7 +122,7 @@ Denotes a final presentation form (Arabic).
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_ISOLATED</b>
-<a name="IDX773"></a>
+<a name="IDX780"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;isolated&gt;</code>.
 Denotes an isolated presentation form (Arabic).
@@ -130,7 +130,7 @@ Denotes an isolated presentation form (Arabic).
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_CIRCLE</b>
-<a name="IDX774"></a>
+<a name="IDX781"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;circle&gt;</code>.
 Denotes an encircled form.
@@ -138,7 +138,7 @@ Denotes an encircled form.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_SUPER</b>
-<a name="IDX775"></a>
+<a name="IDX782"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;super&gt;</code>.
 Denotes a superscript form.
@@ -146,7 +146,7 @@ Denotes a superscript form.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_SUB</b>
-<a name="IDX776"></a>
+<a name="IDX783"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;sub&gt;</code>.
 Denotes a subscript form.
@@ -154,7 +154,7 @@ Denotes a subscript form.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_VERTICAL</b>
-<a name="IDX777"></a>
+<a name="IDX784"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;vertical&gt;</code>.
 Denotes a vertical layout presentation form.
@@ -162,7 +162,7 @@ Denotes a vertical layout presentation form.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_WIDE</b>
-<a name="IDX778"></a>
+<a name="IDX785"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;wide&gt;</code>.
 Denotes a wide (or zenkaku) compatibility character.
@@ -170,7 +170,7 @@ Denotes a wide (or zenkaku) compatibility character.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_NARROW</b>
-<a name="IDX779"></a>
+<a name="IDX786"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;narrow&gt;</code>.
 Denotes a narrow (or hankaku) compatibility character.
@@ -178,7 +178,7 @@ Denotes a narrow (or hankaku) compatibility character.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_SMALL</b>
-<a name="IDX780"></a>
+<a name="IDX787"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;small&gt;</code>.
 Denotes a small variant form (CNS compatibility).
@@ -186,7 +186,7 @@ Denotes a small variant form (CNS compatibility).
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_SQUARE</b>
-<a name="IDX781"></a>
+<a name="IDX788"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;square&gt;</code>.
 Denotes a CJK squared font variant.
@@ -194,7 +194,7 @@ Denotes a CJK squared font variant.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_FRACTION</b>
-<a name="IDX782"></a>
+<a name="IDX789"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;fraction&gt;</code>.
 Denotes a vulgar fraction form.
@@ -202,7 +202,7 @@ Denotes a vulgar fraction form.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_DECOMP_COMPAT</b>
-<a name="IDX783"></a>
+<a name="IDX790"></a>
 </dt>
 <dd><p>UCD marker: <code>&lt;compat&gt;</code>.
 Denotes an otherwise unspecified compatibility character.
@@ -213,7 +213,7 @@ Unicode character.
 </p>
 <dl>
 <dt><u>Macro:</u> unsigned int <b>UC_DECOMPOSITION_MAX_LENGTH</b>
-<a name="IDX784"></a>
+<a name="IDX791"></a>
 </dt>
 <dd><p>This macro expands to a constant that is the required size of buffer passed to
 the <code>uc_decomposition</code> and <code>uc_canonical_decomposition</code> functions.
@@ -223,7 +223,7 @@ the <code>uc_decomposition</code> and <code>uc_canonical_decomposition</code> fu
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_decomposition</b><i> (ucs4_t <var>uc</var>, int *<var>decomp_tag</var>, ucs4_t *<var>decomposition</var>)</i>
-<a name="IDX785"></a>
+<a name="IDX792"></a>
 </dt>
 <dd><p>Returns the character decomposition mapping of the Unicode character <var>uc</var>.
 <var>decomposition</var> must point to an array of at least
@@ -236,7 +236,7 @@ returned.
 
 <dl>
 <dt><u>Function:</u> int <b>uc_canonical_decomposition</b><i> (ucs4_t <var>uc</var>, ucs4_t *<var>decomposition</var>)</i>
-<a name="IDX786"></a>
+<a name="IDX793"></a>
 </dt>
 <dd><p>Returns the canonical character decomposition mapping of the Unicode character
 <var>uc</var>.  <var>decomposition</var> must point to an array of at least
@@ -244,19 +244,24 @@ returned.
 </p>
 <p>When a decomposition exists, <code><var>decomposition</var>[0..<var>n</var>-1]</code> is filled
 and <var>n</var> is returned.  Otherwise -1 is returned.
+</p>
+<p>Note: This function returns the (simple) &ldquo;canonical decomposition&rdquo; of
+<var>uc</var>.  If you want the &ldquo;full canonical decomposition&rdquo; of <var>uc</var>,
+that is, the recursive application of &ldquo;canonical decomposition&rdquo;, use the
+function <code>u*_normalize</code> with argument <code>UNINORM_NFD</code> instead.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Composition-of-characters"></a>
-<a name="SEC50"></a>
-<h2 class="section"> <a href="libunistring.html#TOC50">13.2 Composition of Unicode characters</a> </h2>
+<a name="SEC63"></a>
+<h2 class="section"> <a href="libunistring.html#TOC63">13.2 Composition of Unicode characters</a> </h2>
 
 <p>The following function composes a Unicode character from two Unicode
 characters.
 </p>
 <dl>
 <dt><u>Function:</u> ucs4_t <b>uc_composition</b><i> (ucs4_t <var>uc1</var>, ucs4_t <var>uc2</var>)</i>
-<a name="IDX787"></a>
+<a name="IDX794"></a>
 </dt>
 <dd><p>Attempts to combine the Unicode characters <var>uc1</var>, <var>uc2</var>.
 <var>uc1</var> is known to have canonical combining class 0.
@@ -270,15 +275,15 @@ file &lsquo;<tt>CompositionExclusions.txt</tt>&rsquo; for details.
 
 <hr size="6">
 <a name="Normalization-of-strings"></a>
-<a name="SEC51"></a>
-<h2 class="section"> <a href="libunistring.html#TOC51">13.3 Normalization of strings</a> </h2>
+<a name="SEC64"></a>
+<h2 class="section"> <a href="libunistring.html#TOC64">13.3 Normalization of strings</a> </h2>
 
 <p>The Unicode standard defines four normalization forms for Unicode strings.
 The following type is used to denote a normalization form.
 </p>
 <dl>
 <dt><u>Type:</u> <b>uninorm_t</b>
-<a name="IDX788"></a>
+<a name="IDX795"></a>
 </dt>
 <dd><p>An object of type <code>uninorm_t</code> denotes a Unicode normalization form.
 This is a scalar type; its values can be compared with <code>==</code>.
@@ -288,28 +293,28 @@ This is a scalar type; its values can be compared with <code>==</code>.
 </p>
 <dl>
 <dt><u>Macro:</u> uninorm_t <b>UNINORM_NFD</b>
-<a name="IDX789"></a>
+<a name="IDX796"></a>
 </dt>
 <dd><p>Denotes Normalization form D: canonical decomposition.
 </p></dd></dl>
 
 <dl>
 <dt><u>Macro:</u> uninorm_t <b>UNINORM_NFC</b>
-<a name="IDX790"></a>
+<a name="IDX797"></a>
 </dt>
 <dd><p>Normalization form C: canonical decomposition, then canonical composition.
 </p></dd></dl>
 
 <dl>
 <dt><u>Macro:</u> uninorm_t <b>UNINORM_NFKD</b>
-<a name="IDX791"></a>
+<a name="IDX798"></a>
 </dt>
 <dd><p>Normalization form KD: compatibility decomposition.
 </p></dd></dl>
 
 <dl>
 <dt><u>Macro:</u> uninorm_t <b>UNINORM_NFKC</b>
-<a name="IDX792"></a>
+<a name="IDX799"></a>
 </dt>
 <dd><p>Normalization form KC: compatibility decomposition, then canonical composition.
 </p></dd></dl>
@@ -318,21 +323,21 @@ This is a scalar type; its values can be compared with <code>==</code>.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uninorm_is_compat_decomposing</b><i> (uninorm_t <var>nf</var>)</i>
-<a name="IDX793"></a>
+<a name="IDX800"></a>
 </dt>
 <dd><p>Tests whether the normalization form <var>nf</var> does compatibility decomposition.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>uninorm_is_composing</b><i> (uninorm_t <var>nf</var>)</i>
-<a name="IDX794"></a>
+<a name="IDX801"></a>
 </dt>
 <dd><p>Tests whether the normalization form <var>nf</var> includes canonical composition.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uninorm_t <b>uninorm_decomposing_form</b><i> (uninorm_t <var>nf</var>)</i>
-<a name="IDX795"></a>
+<a name="IDX802"></a>
 </dt>
 <dd><p>Returns the decomposing variant of the normalization form <var>nf</var>.
 This maps NFC,NFD → NFD and NFKC,NFKD → NFKD.
@@ -342,34 +347,37 @@ This maps NFC,NFD → NFD and NFKC,NFKD → NFKD.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_normalize</b><i> (uninorm_t <var>nf</var>, const uint8_t *<var>s</var>, size_t <var>n</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX796"></a>
+<a name="IDX803"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_normalize</b><i> (uninorm_t <var>nf</var>, const uint16_t *<var>s</var>, size_t <var>n</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX797"></a>
+<a name="IDX804"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_normalize</b><i> (uninorm_t <var>nf</var>, const uint32_t *<var>s</var>, size_t <var>n</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX798"></a>
+<a name="IDX805"></a>
 </dt>
 <dd><p>Returns the specified normalization form of a string.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Normalizing-comparisons"></a>
-<a name="SEC52"></a>
-<h2 class="section"> <a href="libunistring.html#TOC52">13.4 Normalizing comparisons</a> </h2>
+<a name="SEC65"></a>
+<h2 class="section"> <a href="libunistring.html#TOC65">13.4 Normalizing comparisons</a> </h2>
 
 <p>The following functions compare Unicode string, ignoring differences in
 normalization.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_normcmp</b><i> (const uint8_t *<var>s1</var>, size_t <var>n1</var>, const uint8_t *<var>s2</var>, size_t <var>n2</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX799"></a>
+<a name="IDX806"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_normcmp</b><i> (const uint16_t *<var>s1</var>, size_t <var>n1</var>, const uint16_t *<var>s2</var>, size_t <var>n2</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX800"></a>
+<a name="IDX807"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_normcmp</b><i> (const uint32_t *<var>s1</var>, size_t <var>n1</var>, const uint32_t *<var>s2</var>, size_t <var>n2</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX801"></a>
+<a name="IDX808"></a>
 </dt>
 <dd><p>Compares <var>s1</var> and <var>s2</var>, ignoring differences in normalization.
 </p>
@@ -380,17 +388,17 @@ normalization.
 Upon failure, returns -1 with <code>errno</code> set.
 </p></dd></dl>
 
-<a name="IDX802"></a>
-<a name="IDX803"></a>
+<a name="IDX809"></a>
+<a name="IDX810"></a>
 <dl>
 <dt><u>Function:</u> char * <b>u8_normxfrm</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, uninorm_t <var>nf</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX804"></a>
+<a name="IDX811"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u16_normxfrm</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, uninorm_t <var>nf</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX805"></a>
+<a name="IDX812"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u32_normxfrm</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, uninorm_t <var>nf</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX806"></a>
+<a name="IDX813"></a>
 </dt>
 <dd><p>Converts the string <var>s</var> of length <var>n</var> to a NUL-terminated byte
 sequence, in such a way that comparing <code>u8_normxfrm (<var>s1</var>)</code> and
@@ -398,17 +406,20 @@ sequence, in such a way that comparing <code>u8_normxfrm (<var>s1</var>)</code>
 comparing <var>s1</var> and <var>s2</var> with the <code>u8_normcoll</code> function.
 </p>
 <p><var>nf</var> must be either <code>UNINORM_NFC</code> or <code>UNINORM_NFKC</code>.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> int <b>u8_normcoll</b><i> (const uint8_t *<var>s1</var>, size_t <var>n1</var>, const uint8_t *<var>s2</var>, size_t <var>n2</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX807"></a>
+<a name="IDX814"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_normcoll</b><i> (const uint16_t *<var>s1</var>, size_t <var>n1</var>, const uint16_t *<var>s2</var>, size_t <var>n2</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX808"></a>
+<a name="IDX815"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_normcoll</b><i> (const uint32_t *<var>s1</var>, size_t <var>n1</var>, const uint32_t *<var>s2</var>, size_t <var>n2</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX809"></a>
+<a name="IDX816"></a>
 </dt>
 <dd><p>Compares <var>s1</var> and <var>s2</var>, ignoring differences in normalization, using
 the collation rules of the current locale.
@@ -422,8 +433,8 @@ Upon failure, returns -1 with <code>errno</code> set.
 
 <hr size="6">
 <a name="Normalization-of-streams"></a>
-<a name="SEC53"></a>
-<h2 class="section"> <a href="libunistring.html#TOC53">13.5 Normalization of streams of Unicode characters</a> </h2>
+<a name="SEC66"></a>
+<h2 class="section"> <a href="libunistring.html#TOC66">13.5 Normalization of streams of Unicode characters</a> </h2>
 
 <p>A &ldquo;stream of Unicode characters&rdquo; is essentially a function that accepts an
 <code>ucs4_t</code> argument repeatedly, optionally combined with a function that
@@ -431,7 +442,7 @@ Upon failure, returns -1 with <code>errno</code> set.
 </p>
 <dl>
 <dt><u>Type:</u> <b>struct uninorm_filter</b>
-<a name="IDX810"></a>
+<a name="IDX817"></a>
 </dt>
 <dd><p>This is the data type of a stream of Unicode characters that normalizes its
 input according to a given normalization form and passes the normalized
@@ -440,7 +451,7 @@ character sequence to the encapsulated stream of Unicode characters.
 
 <dl>
 <dt><u>Function:</u> struct uninorm_filter * <b>uninorm_filter_create</b><i> (uninorm_t <var>nf</var>, int (*<var>stream_func</var>) (void *<var>stream_data</var>, ucs4_t <var>uc</var>), void *<var>stream_data</var>)</i>
-<a name="IDX811"></a>
+<a name="IDX818"></a>
 </dt>
 <dd><p>Creates and returns a normalization filter for Unicode characters.
 </p>
@@ -454,7 +465,7 @@ upon failure.
 
 <dl>
 <dt><u>Function:</u> int <b>uninorm_filter_write</b><i> (struct uninorm_filter *<var>filter</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX812"></a>
+<a name="IDX819"></a>
 </dt>
 <dd><p>Stuffs a Unicode character into a normalizing filter.
 Returns 0 if successful, or -1 with <code>errno</code> set upon failure.
@@ -462,7 +473,7 @@ Returns 0 if successful, or -1 with <code>errno</code> set upon failure.
 
 <dl>
 <dt><u>Function:</u> int <b>uninorm_filter_flush</b><i> (struct uninorm_filter *<var>filter</var>)</i>
-<a name="IDX813"></a>
+<a name="IDX820"></a>
 </dt>
 <dd><p>Brings data buffered in the filter to its destination, the encapsulated stream.
 </p>
@@ -475,7 +486,7 @@ will not necessarily be normalized.
 
 <dl>
 <dt><u>Function:</u> int <b>uninorm_filter_free</b><i> (struct uninorm_filter *<var>filter</var>)</i>
-<a name="IDX814"></a>
+<a name="IDX821"></a>
 </dt>
 <dd><p>Brings data buffered in the filter to its destination, the encapsulated stream,
 then closes and frees the filter.
@@ -484,8 +495,8 @@ then closes and frees the filter.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="#SEC48" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_14.html#SEC54" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="#SEC61" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_14.html#SEC67" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -493,12 +504,12 @@ then closes and frees the filter.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_14.html b/msys2/usr/share/doc/libunistring/libunistring_14.html
index 96fe38e8a..aa326f686 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_14.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_14.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_13.html#SEC48" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_15.html#SEC60" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_13.html#SEC61" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_15.html#SEC73" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="unicase_002eh"></a>
-<a name="SEC54"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC54">14. Case mappings <code>&lt;unicase.h&gt;</code></a> </h1>
+<a name="SEC67"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC67">14. Case mappings <code>&lt;unicase.h&gt;</code></a> </h1>
 
 <p>This include file defines functions for case mapping for Unicode strings and
 case insensitive comparison of Unicode strings and C strings.
@@ -71,8 +71,8 @@ Greek sigma and the Lithuanian i correctly.
 
 <hr size="6">
 <a name="Case-mappings-of-characters"></a>
-<a name="SEC55"></a>
-<h2 class="section"> <a href="libunistring.html#TOC55">14.1 Case mappings of characters</a> </h2>
+<a name="SEC68"></a>
+<h2 class="section"> <a href="libunistring.html#TOC68">14.1 Case mappings of characters</a> </h2>
 
 <p>The following functions implement case mappings on Unicode characters &mdash;
 for those cases only where the result of the mapping is a again a single
@@ -88,21 +88,21 @@ entire string at once and are language aware.
 
 <dl>
 <dt><u>Function:</u> ucs4_t <b>uc_toupper</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX815"></a>
+<a name="IDX822"></a>
 </dt>
 <dd><p>Returns the uppercase mapping of the Unicode character <var>uc</var>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> ucs4_t <b>uc_tolower</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX816"></a>
+<a name="IDX823"></a>
 </dt>
 <dd><p>Returns the lowercase mapping of the Unicode character <var>uc</var>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> ucs4_t <b>uc_totitle</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX817"></a>
+<a name="IDX824"></a>
 </dt>
 <dd><p>Returns the titlecase mapping of the Unicode character <var>uc</var>.
 </p>
@@ -138,8 +138,8 @@ Bosnian, and Serbian languages.
 
 <hr size="6">
 <a name="Case-mappings-of-strings"></a>
-<a name="SEC56"></a>
-<h2 class="section"> <a href="libunistring.html#TOC56">14.2 Case mappings of strings</a> </h2>
+<a name="SEC69"></a>
+<h2 class="section"> <a href="libunistring.html#TOC69">14.2 Case mappings of strings</a> </h2>
 
 <p>Case mapping should always be performed on entire strings, not on individual
 characters.  The functions in this sections do so.
@@ -151,14 +151,14 @@ a character, U+00C4 <small>LATIN CAPITAL LETTER A WITH DIAERESIS</small> and
 U+0041 <small>LATIN CAPITAL LETTER A</small> U+0308 <small>COMBINING DIAERESIS</small> the same.
 The <var>nf</var> argument designates the normalization.
 </p>
-<a name="IDX818"></a>
+<a name="IDX825"></a>
 <p>These functions are locale dependent.  The <var>iso639_language</var> argument
 identifies the language (e.g. <code>&quot;tr&quot;</code> for Turkish).  NULL means to use
 locale independent case mappings.
 </p>
 <dl>
 <dt><u>Function:</u> const char * <b>uc_locale_language</b><i> ()</i>
-<a name="IDX819"></a>
+<a name="IDX826"></a>
 </dt>
 <dd><p>Returns the ISO 639 language code of the current locale.
 Returns <code>&quot;&quot;</code> if it is unknown, or in the &quot;C&quot; locale.
@@ -166,45 +166,51 @@ Returns <code>&quot;&quot;</code> if it is unknown, or in the &quot;C&quot; loca
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_toupper</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX820"></a>
+<a name="IDX827"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_toupper</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX821"></a>
+<a name="IDX828"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_toupper</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX822"></a>
+<a name="IDX829"></a>
 </dt>
 <dd><p>Returns the uppercase mapping of a string.
 </p>
 <p>The <var>nf</var> argument identifies the normalization form to apply after the
 case-mapping.  It can also be NULL, for no normalization.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_tolower</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX823"></a>
+<a name="IDX830"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_tolower</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX824"></a>
+<a name="IDX831"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_tolower</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX825"></a>
+<a name="IDX832"></a>
 </dt>
 <dd><p>Returns the lowercase mapping of a string.
 </p>
 <p>The <var>nf</var> argument identifies the normalization form to apply after the
 case-mapping.  It can also be NULL, for no normalization.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_totitle</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX826"></a>
+<a name="IDX833"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_totitle</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX827"></a>
+<a name="IDX834"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_totitle</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX828"></a>
+<a name="IDX835"></a>
 </dt>
 <dd><p>Returns the titlecase mapping of a string.
 </p>
@@ -214,12 +220,15 @@ are being mapped to lower case.
 </p>
 <p>The <var>nf</var> argument identifies the normalization form to apply after the
 case-mapping.  It can also be NULL, for no normalization.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Case-mappings-of-substrings"></a>
-<a name="SEC57"></a>
-<h2 class="section"> <a href="libunistring.html#TOC57">14.3 Case mappings of substrings</a> </h2>
+<a name="SEC70"></a>
+<h2 class="section"> <a href="libunistring.html#TOC70">14.3 Case mappings of substrings</a> </h2>
 
 <p>Case mapping of a substring cannot simply be performed by extracting the
 substring and then applying the case mapping function to it.  This does not
@@ -230,7 +239,7 @@ precede it (the &ldquo;prefix&rdquo;) and the characters that follow it (the &ld
 </p>
 <dl>
 <dt><u>Type:</u> <b>casing_prefix_context_t</b>
-<a name="IDX829"></a>
+<a name="IDX836"></a>
 </dt>
 <dd><p>This data type denotes the case-mapping context that is given by a prefix
 string.  It is an immediate type that can be copied by simple assignment,
@@ -239,7 +248,7 @@ without involving memory allocation.  It is not an array type.
 
 <dl>
 <dt><u>Constant:</u> casing_prefix_context_t <b>unicase_empty_prefix_context</b>
-<a name="IDX830"></a>
+<a name="IDX837"></a>
 </dt>
 <dd><p>This constant is the case-mapping context that corresponds to an empty prefix
 string.
@@ -249,26 +258,26 @@ string.
 </p>
 <dl>
 <dt><u>Function:</u> casing_prefix_context_t <b>u8_casing_prefix_context</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX831"></a>
+<a name="IDX838"></a>
 </dt>
 <dt><u>Function:</u> casing_prefix_context_t <b>u16_casing_prefix_context</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX832"></a>
+<a name="IDX839"></a>
 </dt>
 <dt><u>Function:</u> casing_prefix_context_t <b>u32_casing_prefix_context</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX833"></a>
+<a name="IDX840"></a>
 </dt>
 <dd><p>Returns the case-mapping context of a given prefix string.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> casing_prefix_context_t <b>u8_casing_prefixes_context</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>a_context</var>)</i>
-<a name="IDX834"></a>
+<a name="IDX841"></a>
 </dt>
 <dt><u>Function:</u> casing_prefix_context_t <b>u16_casing_prefixes_context</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>a_context</var>)</i>
-<a name="IDX835"></a>
+<a name="IDX842"></a>
 </dt>
 <dt><u>Function:</u> casing_prefix_context_t <b>u32_casing_prefixes_context</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>a_context</var>)</i>
-<a name="IDX836"></a>
+<a name="IDX843"></a>
 </dt>
 <dd><p>Returns the case-mapping context of the prefix concat(<var>a</var>, <var>s</var>),
 given the case-mapping context of the prefix <var>a</var>.
@@ -276,7 +285,7 @@ given the case-mapping context of the prefix <var>a</var>.
 
 <dl>
 <dt><u>Type:</u> <b>casing_suffix_context_t</b>
-<a name="IDX837"></a>
+<a name="IDX844"></a>
 </dt>
 <dd><p>This data type denotes the case-mapping context that is given by a suffix
 string.  It is an immediate type that can be copied by simple assignment,
@@ -285,7 +294,7 @@ without involving memory allocation.  It is not an array type.
 
 <dl>
 <dt><u>Constant:</u> casing_suffix_context_t <b>unicase_empty_suffix_context</b>
-<a name="IDX838"></a>
+<a name="IDX845"></a>
 </dt>
 <dd><p>This constant is the case-mapping context that corresponds to an empty suffix
 string.
@@ -295,26 +304,26 @@ string.
 </p>
 <dl>
 <dt><u>Function:</u> casing_suffix_context_t <b>u8_casing_suffix_context</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX839"></a>
+<a name="IDX846"></a>
 </dt>
 <dt><u>Function:</u> casing_suffix_context_t <b>u16_casing_suffix_context</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX840"></a>
+<a name="IDX847"></a>
 </dt>
 <dt><u>Function:</u> casing_suffix_context_t <b>u32_casing_suffix_context</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX841"></a>
+<a name="IDX848"></a>
 </dt>
 <dd><p>Returns the case-mapping context of a given suffix string.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> casing_suffix_context_t <b>u8_casing_suffixes_context</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, casing_suffix_context_t <var>a_context</var>)</i>
-<a name="IDX842"></a>
+<a name="IDX849"></a>
 </dt>
 <dt><u>Function:</u> casing_suffix_context_t <b>u16_casing_suffixes_context</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, casing_suffix_context_t <var>a_context</var>)</i>
-<a name="IDX843"></a>
+<a name="IDX850"></a>
 </dt>
 <dt><u>Function:</u> casing_suffix_context_t <b>u32_casing_suffixes_context</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, casing_suffix_context_t <var>a_context</var>)</i>
-<a name="IDX844"></a>
+<a name="IDX851"></a>
 </dt>
 <dd><p>Returns the case-mapping context of the suffix concat(<var>s</var>, <var>a</var>),
 given the case-mapping context of the suffix <var>a</var>.
@@ -325,44 +334,53 @@ prefix context and the suffix context.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_ct_toupper</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX845"></a>
+<a name="IDX852"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_ct_toupper</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX846"></a>
+<a name="IDX853"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_ct_toupper</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX847"></a>
+<a name="IDX854"></a>
 </dt>
 <dd><p>Returns the uppercase mapping of a string that is surrounded by a prefix
 and a suffix.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_ct_tolower</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX848"></a>
+<a name="IDX855"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_ct_tolower</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX849"></a>
+<a name="IDX856"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_ct_tolower</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX850"></a>
+<a name="IDX857"></a>
 </dt>
 <dd><p>Returns the lowercase mapping of a string that is surrounded by a prefix
 and a suffix.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_ct_totitle</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX851"></a>
+<a name="IDX858"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_ct_totitle</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX852"></a>
+<a name="IDX859"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_ct_totitle</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX853"></a>
+<a name="IDX860"></a>
 </dt>
 <dd><p>Returns the titlecase mapping of a string that is surrounded by a prefix
 and a suffix.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <p>For example, to uppercase the UTF-8 substring between <code>s + start_index</code>
@@ -380,21 +398,21 @@ uint8_t result =
 
 <hr size="6">
 <a name="Case-insensitive-comparison"></a>
-<a name="SEC58"></a>
-<h2 class="section"> <a href="libunistring.html#TOC58">14.4 Case insensitive comparison</a> </h2>
+<a name="SEC71"></a>
+<h2 class="section"> <a href="libunistring.html#TOC71">14.4 Case insensitive comparison</a> </h2>
 
 <p>The following functions implement comparison that ignores differences in case
 and normalization.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_casefold</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX854"></a>
+<a name="IDX861"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_casefold</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX855"></a>
+<a name="IDX862"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_casefold</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX856"></a>
+<a name="IDX863"></a>
 </dt>
 <dd><p>Returns the case folded string.
 </p>
@@ -404,34 +422,40 @@ with the <code>u8_cmp2</code> function is equivalent to comparing <var>s1</var>
 </p>
 <p>The <var>nf</var> argument identifies the normalization form to apply after the
 case-mapping.  It can also be NULL, for no normalization.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_ct_casefold</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX857"></a>
+<a name="IDX864"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_ct_casefold</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX858"></a>
+<a name="IDX865"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_ct_casefold</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, casing_prefix_context_t <var>prefix_context</var>, casing_suffix_context_t <var>suffix_context</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX859"></a>
+<a name="IDX866"></a>
 </dt>
 <dd><p>Returns the case folded string.  The case folding takes into account the
 case mapping contexts of the prefix and suffix strings.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> int <b>u8_casecmp</b><i> (const uint8_t *<var>s1</var>, size_t <var>n1</var>, const uint8_t *<var>s2</var>, size_t <var>n2</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX860"></a>
+<a name="IDX867"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_casecmp</b><i> (const uint16_t *<var>s1</var>, size_t <var>n1</var>, const uint16_t *<var>s2</var>, size_t <var>n2</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX861"></a>
+<a name="IDX868"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_casecmp</b><i> (const uint32_t *<var>s1</var>, size_t <var>n1</var>, const uint32_t *<var>s2</var>, size_t <var>n2</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX862"></a>
+<a name="IDX869"></a>
 </dt>
 <dt><u>Function:</u> int <b>ulc_casecmp</b><i> (const char *<var>s1</var>, size_t <var>n1</var>, const char *<var>s2</var>, size_t <var>n2</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX863"></a>
+<a name="IDX870"></a>
 </dt>
 <dd><p>Compares <var>s1</var> and <var>s2</var>, ignoring differences in case and normalization.
 </p>
@@ -443,25 +467,25 @@ case-mapping.  It can also be NULL, for no normalization.
 Upon failure, returns -1 with <code>errno</code> set.
 </p></dd></dl>
 
-<a name="IDX864"></a>
-<a name="IDX865"></a>
-<a name="IDX866"></a>
-<a name="IDX867"></a>
+<a name="IDX871"></a>
+<a name="IDX872"></a>
+<a name="IDX873"></a>
+<a name="IDX874"></a>
 <p>The following functions additionally take into account the sorting rules of the
 current locale.
 </p>
 <dl>
 <dt><u>Function:</u> char * <b>u8_casexfrm</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX868"></a>
+<a name="IDX875"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u16_casexfrm</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX869"></a>
+<a name="IDX876"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u32_casexfrm</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX870"></a>
+<a name="IDX877"></a>
 </dt>
 <dt><u>Function:</u> char * <b>ulc_casexfrm</b><i> (const char *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX871"></a>
+<a name="IDX878"></a>
 </dt>
 <dd><p>Converts the string <var>s</var> of length <var>n</var> to a NUL-terminated byte
 sequence, in such a way that comparing <code>u8_casexfrm (<var>s1</var>)</code> and
@@ -470,20 +494,23 @@ equivalent to comparing <var>s1</var> and <var>s2</var> with <code>u8_casecoll</
 </p>
 <p><var>nf</var> must be either <code>UNINORM_NFC</code>, <code>UNINORM_NFKC</code>, or NULL for
 no normalization.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> int <b>u8_casecoll</b><i> (const uint8_t *<var>s1</var>, size_t <var>n1</var>, const uint8_t *<var>s2</var>, size_t <var>n2</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX872"></a>
+<a name="IDX879"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_casecoll</b><i> (const uint16_t *<var>s1</var>, size_t <var>n1</var>, const uint16_t *<var>s2</var>, size_t <var>n2</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX873"></a>
+<a name="IDX880"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_casecoll</b><i> (const uint32_t *<var>s1</var>, size_t <var>n1</var>, const uint32_t *<var>s2</var>, size_t <var>n2</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX874"></a>
+<a name="IDX881"></a>
 </dt>
 <dt><u>Function:</u> int <b>ulc_casecoll</b><i> (const char *<var>s1</var>, size_t <var>n1</var>, const char *<var>s2</var>, size_t <var>n2</var>, const char *<var>iso639_language</var>, uninorm_t <var>nf</var>, int *<var>resultp</var>)</i>
-<a name="IDX875"></a>
+<a name="IDX882"></a>
 </dt>
 <dd><p>Compares <var>s1</var> and <var>s2</var>, ignoring differences in case and normalization,
 using the collation rules of the current locale.
@@ -499,8 +526,8 @@ Upon failure, returns -1 with <code>errno</code> set.
 
 <hr size="6">
 <a name="Case-detection"></a>
-<a name="SEC59"></a>
-<h2 class="section"> <a href="libunistring.html#TOC59">14.5 Case detection</a> </h2>
+<a name="SEC72"></a>
+<h2 class="section"> <a href="libunistring.html#TOC72">14.5 Case detection</a> </h2>
 
 <p>The following functions determine whether a Unicode string is entirely in
 upper case. or entirely in lower case, or entirely in title case, or already
@@ -508,13 +535,13 @@ case-folded.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_is_uppercase</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX876"></a>
+<a name="IDX883"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_is_uppercase</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX877"></a>
+<a name="IDX884"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_is_uppercase</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX878"></a>
+<a name="IDX885"></a>
 </dt>
 <dd><p>Sets <code>*<var>resultp</var></code> to true if mapping NFD(<var>s</var>) to upper case is
 a no-op, or to false otherwise, and returns 0.  Upon failure, returns -1 with
@@ -523,13 +550,13 @@ a no-op, or to false otherwise, and returns 0.  Upon failure, returns -1 with
 
 <dl>
 <dt><u>Function:</u> int <b>u8_is_lowercase</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX879"></a>
+<a name="IDX886"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_is_lowercase</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX880"></a>
+<a name="IDX887"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_is_lowercase</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX881"></a>
+<a name="IDX888"></a>
 </dt>
 <dd><p>Sets <code>*<var>resultp</var></code> to true if mapping NFD(<var>s</var>) to lower case is
 a no-op, or to false otherwise, and returns 0.  Upon failure, returns -1 with
@@ -538,13 +565,13 @@ a no-op, or to false otherwise, and returns 0.  Upon failure, returns -1 with
 
 <dl>
 <dt><u>Function:</u> int <b>u8_is_titlecase</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX882"></a>
+<a name="IDX889"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_is_titlecase</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX883"></a>
+<a name="IDX890"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_is_titlecase</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX884"></a>
+<a name="IDX891"></a>
 </dt>
 <dd><p>Sets <code>*<var>resultp</var></code> to true if mapping NFD(<var>s</var>) to title case is
 a no-op, or to false otherwise, and returns 0.  Upon failure, returns -1 with
@@ -553,13 +580,13 @@ a no-op, or to false otherwise, and returns 0.  Upon failure, returns -1 with
 
 <dl>
 <dt><u>Function:</u> int <b>u8_is_casefolded</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX885"></a>
+<a name="IDX892"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_is_casefolded</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX886"></a>
+<a name="IDX893"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_is_casefolded</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX887"></a>
+<a name="IDX894"></a>
 </dt>
 <dd><p>Sets <code>*<var>resultp</var></code> to true if applying case folding to NFD(<var>S</var>) is
 a no-op, or to false otherwise, and returns 0.  Upon failure, returns -1 with
@@ -571,13 +598,13 @@ Unicode string.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_is_cased</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX888"></a>
+<a name="IDX895"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_is_cased</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX889"></a>
+<a name="IDX896"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_is_cased</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>iso639_language</var>, bool *<var>resultp</var>)</i>
-<a name="IDX890"></a>
+<a name="IDX897"></a>
 </dt>
 <dd><p>Sets <code>*<var>resultp</var></code> to true if case matters for <var>s</var>, that is, if
 mapping NFD(<var>s</var>) to either upper case or lower case or title case is not
@@ -588,8 +615,8 @@ characters. Upon failure, returns -1 with <code>errno</code> set.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="#SEC54" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_15.html#SEC60" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="#SEC67" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_15.html#SEC73" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -597,12 +624,12 @@ characters. Upon failure, returns -1 with <code>errno</code> set.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_15.html b/msys2/usr/share/doc/libunistring/libunistring_15.html
index 99a6547ec..90fe8782f 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_15.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_15.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_14.html#SEC54" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_16.html#SEC61" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_14.html#SEC67" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_16.html#SEC74" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,21 +51,21 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="uniregex_002eh"></a>
-<a name="SEC60"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC60">15. Regular expressions <code>&lt;uniregex.h&gt;</code></a> </h1>
+<a name="SEC73"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC73">15. Regular expressions <code>&lt;uniregex.h&gt;</code></a> </h1>
 
 <p>This include file is not yet implemented.
 </p>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_14.html#SEC54" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_16.html#SEC61" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_14.html#SEC67" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_16.html#SEC74" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -73,12 +73,12 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_16.html b/msys2/usr/share/doc/libunistring/libunistring_16.html
index ecd69b68e..fc623c820 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_16.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_16.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_15.html#SEC60" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_17.html#SEC67" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_15.html#SEC73" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_17.html#SEC80" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="Using-the-library"></a>
-<a name="SEC61"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC61">16. Using the library</a> </h1>
+<a name="SEC74"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC74">16. Using the library</a> </h1>
 
 <p>This chapter explains some practical considerations, regarding the
 installation and compiler options that are needed in order to use this
@@ -67,22 +67,22 @@ library.
 
 <hr size="6">
 <a name="Installation"></a>
-<a name="SEC62"></a>
-<h2 class="section"> <a href="libunistring.html#TOC62">16.1 Installation</a> </h2>
+<a name="SEC75"></a>
+<h2 class="section"> <a href="libunistring.html#TOC75">16.1 Installation</a> </h2>
 
 <p>Before you can use the library, it must be installed.  First, you have to
 make sure all dependencies are installed.  They are listed in the file
 &lsquo;<tt>DEPENDENCIES</tt>&rsquo;.
 </p>
-<a name="IDX891"></a>
+<a name="IDX898"></a>
 <p>Then you can proceed to build and install the library, as described in the
 file &lsquo;<tt>INSTALL</tt>&rsquo;.  For installation on Windows systems, please refer to
-the file &lsquo;<tt>README.windows</tt>&rsquo;.
+the file &lsquo;<tt>INSTALL.windows</tt>&rsquo;.
 </p>
 <hr size="6">
 <a name="Compiler-options"></a>
-<a name="SEC63"></a>
-<h2 class="section"> <a href="libunistring.html#TOC63">16.2 Compiler options</a> </h2>
+<a name="SEC76"></a>
+<h2 class="section"> <a href="libunistring.html#TOC76">16.2 Compiler options</a> </h2>
 
 <p>Let's denote as <code>LIBUNISTRING_PREFIX</code> the value of the &lsquo;<samp>--prefix</samp>&rsquo;
 option that you passed to <code>configure</code> while installing this package.
@@ -103,7 +103,7 @@ in 64-bit mode on a 64-bit GNU/Linux system that supports executables
 in either 64-bit mode or 32-bit mode, you should have used the option
 <code>--libdir=${LIBUNISTRING_PREFIX}/lib64</code>.
 </p>
-<a name="IDX892"></a>
+<a name="IDX899"></a>
 <p>So that the compiler finds the include files, you have to pass it the
 option <code>-I${LIBUNISTRING_INCLUDEDIR}</code>.
 </p>
@@ -111,13 +111,13 @@ option <code>-I${LIBUNISTRING_INCLUDEDIR}</code>.
 to pass it the options <code>-L${LIBUNISTRING_LIBDIR} -lunistring</code>.
 On some systems, in some configurations, you also have to pass options
 needed for linking with <code>libiconv</code>.  The autoconf macro
-<code>gl_LIBUNISTRING</code> (see <a href="#SEC65">Autoconf macro</a>) deals with this
+<code>gl_LIBUNISTRING</code> (see <a href="#SEC78">Autoconf macro</a>) deals with this
 particularity.
 </p>
 <hr size="6">
 <a name="Include-files"></a>
-<a name="SEC64"></a>
-<h2 class="section"> <a href="libunistring.html#TOC64">16.3 Include files</a> </h2>
+<a name="SEC77"></a>
+<h2 class="section"> <a href="libunistring.html#TOC77">16.3 Include files</a> </h2>
 
 <p>Most of the include files have been presented in the introduction, see
 <a href="libunistring_1.html#SEC1">Introduction</a>, and subsequent detailed chapters.
@@ -127,7 +127,7 @@ version number of the libunistring library.
 </p>
 <dl>
 <dt><u>Macro:</u> int <b>_LIBUNISTRING_VERSION</b>
-<a name="IDX893"></a>
+<a name="IDX900"></a>
 </dt>
 <dd><p>This constant contains the version of libunistring that is being used
 at compile time.  It encodes the major and minor parts of the version
@@ -136,7 +136,7 @@ number only.  These parts are encoded in the form <code>(major&lt;&lt;8) + minor
 
 <dl>
 <dt><u>Constant:</u> int <b>_libunistring_version</b>
-<a name="IDX894"></a>
+<a name="IDX901"></a>
 </dt>
 <dd><p>This constant contains the version of libunistring that is being used
 at run time.  It encodes the major and minor parts of the version
@@ -151,15 +151,15 @@ that uses <code>libunistring</code> was installed.
 </p>
 <hr size="6">
 <a name="Autoconf-macro"></a>
-<a name="SEC65"></a>
-<h2 class="section"> <a href="libunistring.html#TOC65">16.4 Autoconf macro</a> </h2>
+<a name="SEC78"></a>
+<h2 class="section"> <a href="libunistring.html#TOC78">16.4 Autoconf macro</a> </h2>
 
 <p>GNU Gnulib provides an autoconf macro that tests for the availability
 of <code>libunistring</code>.  It is contained in the Gnulib module
 &lsquo;<samp>libunistring</samp>&rsquo;, see
 <a href="http://www.gnu.org/software/gnulib/MODULES.html#module=libunistring">http://www.gnu.org/software/gnulib/MODULES.html#module=libunistring</a>.
 </p>
-<a name="IDX895"></a>
+<a name="IDX902"></a>
 <p>The macro is called <code>gl_LIBUNISTRING</code>.  It searches for an installed
 libunistring.  If found, it sets and AC_SUBSTs <code>HAVE_LIBUNISTRING=yes</code>
 and the <code>LIBUNISTRING</code> and <code>LTLIBUNISTRING</code> variables and augments
@@ -191,8 +191,8 @@ on most systems.
 
 <hr size="6">
 <a name="Reporting-problems"></a>
-<a name="SEC66"></a>
-<h2 class="section"> <a href="libunistring.html#TOC66">16.5 Reporting problems</a> </h2>
+<a name="SEC79"></a>
+<h2 class="section"> <a href="libunistring.html#TOC79">16.5 Reporting problems</a> </h2>
 
 <p>If you encounter any problem, please don't hesitate to send a detailed
 bug report to the <code>bug-libunistring@gnu.org</code> mailing list.  You can
@@ -209,8 +209,8 @@ a description of the options that you passed to the &lsquo;<samp>configure</samp
 </p>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="#SEC61" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_17.html#SEC67" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="#SEC74" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_17.html#SEC80" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -218,12 +218,12 @@ a description of the options that you passed to the &lsquo;<samp>configure</samp
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_17.html b/msys2/usr/share/doc/libunistring/libunistring_17.html
index c84ca9ef5..e055097e0 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_17.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_17.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_16.html#SEC61" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_18.html#SEC68" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_16.html#SEC74" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_18.html#SEC81" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,27 +51,27 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="More-functionality"></a>
-<a name="SEC67"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC67">17. More advanced functionality</a> </h1>
+<a name="SEC80"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC80">17. More advanced functionality</a> </h1>
 
 <p>For bidirectional reordering of strings, we recommend the GNU FriBidi library:
 <a href="http://www.fribidi.org/">http://www.fribidi.org/</a>.
 </p>
-<a name="IDX896"></a>
+<a name="IDX903"></a>
 <p>For the rendering of Unicode strings outside of the context of a given toolkit
 (KDE/Qt or GNOME/Gtk), we recommend the Pango library:
 <a href="http://www.pango.org/">http://www.pango.org/</a>.
 </p>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_16.html#SEC61" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_18.html#SEC68" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_16.html#SEC74" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_18.html#SEC81" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -79,12 +79,12 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_18.html b/msys2/usr/share/doc/libunistring/libunistring_18.html
index eaaeeb99f..06e2e2a91 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_18.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_18.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -11,10 +11,10 @@ Send bugs and suggestions to <texi2html-bug@nongnu.org>
 
 -->
 <head>
-<title>GNU libunistring: A. Licenses</title>
+<title>GNU libunistring: A. The wchar_t mess</title>
 
-<meta name="description" content="GNU libunistring: A. Licenses">
-<meta name="keywords" content="GNU libunistring: A. Licenses">
+<meta name="description" content="GNU libunistring: A. The wchar_t mess">
+<meta name="keywords" content="GNU libunistring: A. The wchar_t mess">
 <meta name="resource-type" content="document">
 <meta name="distribution" content="global">
 <meta name="Generator" content="texi2html 1.78a">
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_17.html#SEC67" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_17.html#SEC80" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_19.html#SEC82" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,1478 +51,67 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
-<a name="Licenses"></a>
-<a name="SEC68"></a>
-<h1 class="appendix"> <a href="libunistring.html#TOC68">A. Licenses</a> </h1>
+<a name="The-wchar_005ft-mess"></a>
+<a name="SEC81"></a>
+<h1 class="appendix"> <a href="libunistring.html#TOC81">A. The <code>wchar_t</code> mess</a> </h1>
 
-<p>The files of this package are covered by the licenses indicated in each
-particular file or directory.  Here is a summary:
+<p>The ISO C and POSIX standard creators made an attempt to fix the first
+problem mentioned in the section <a href="libunistring_1.html#SEC6">&lsquo;<samp>char *</samp>&rsquo; strings</a>.  They introduced
+</p><ul>
+<li>
+a type &lsquo;<samp>wchar_t</samp>&rsquo;, designed to encapsulate an entire character,
+</li><li>
+a &ldquo;wide string&rdquo; type &lsquo;<samp>wchar_t *</samp>&rsquo;, and
+</li><li>
+functions declared in <a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/wctype.h.html"><code>&lt;wctype.h&gt;</code></a> that were meant to supplant the
+ones in <a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/ctype.h.html"><code>&lt;ctype.h&gt;</code></a>.
+</li></ul>
+
+<p>Unfortunately, this API and its implementation has numerous problems:
 </p>
 <ul>
 <li>
-The <code>libunistring</code> library and its header files are dual-licensed under
-&quot;the GNU LGPLv3+ or the GNU GPLv2&quot;. This means, you can use it under either
-<ul class="toc">
-<li> -
-the terms of the GNU Lesser General Public License (LGPL) version 3 or
-(at your option) any later version, or
-</li><li> -
-the terms of the GNU General Public License (GPL) version 2, or
-</li><li> -
-the same dual license &quot;the GNU LGPLv3+ or the GNU GPLv2&quot;.
-</li></ul>
-<p>You find the GNU LGPL version 3 in <a href="#SEC74">GNU LESSER GENERAL PUBLIC LICENSE</a>.  This license is
-based on the GNU GPL version 3, see <a href="#SEC69">GNU GENERAL PUBLIC LICENSE</a>.
-<br>
-You can find the GNU GPL version 2 at
-<a href="https://www.gnu.org/licenses/old-licenses/gpl-2.0.html">https://www.gnu.org/licenses/old-licenses/gpl-2.0.html</a>.
-<br>
-Note: This dual license makes it possible for the <code>libunistring</code> library
-to be used by packages under GPLv2 or GPLv2+ licenses, in particular. See
-the table in <a href="https://www.gnu.org/licenses/gpl-faq.html#AllCompatibility">https://www.gnu.org/licenses/gpl-faq.html#AllCompatibility</a>.
-</p>
+On AIX and Windows platforms, <code>wchar_t</code> is a 16-bit type.  This
+means that it can never accommodate an entire Unicode character.  Either
+the <code>wchar_t *</code> strings are limited to characters in UCS-2 (the
+&ldquo;Basic Multilingual Plane&rdquo; of Unicode), or &mdash; if <code>wchar_t *</code>
+strings are encoded in UTF-16 &mdash; a <code>wchar_t</code> represents only half
+of a character in the worst case, making the <a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/wctype.h.html"><code>&lt;wctype.h&gt;</code></a> functions
+pointless.
 
 </li><li>
-This manual is free documentation.  It is dually licensed under the
-GNU FDL and the GNU GPL.  This means that you can redistribute this
-manual under either of these two licenses, at your choice.
-<br>
-This manual is covered by the GNU FDL.  Permission is granted to copy,
-distribute and/or modify this document under the terms of the
-GNU Free Documentation License (FDL), either version 1.2 of the
-License, or (at your option) any later version published by the
-Free Software Foundation (FSF); with no Invariant Sections, with no
-Front-Cover Text, and with no Back-Cover Texts.
-A copy of the license is included in <a href="#SEC75">GNU Free Documentation License</a>.
-<br>
-This manual is covered by the GNU GPL.  You can redistribute it and/or
-modify it under the terms of the GNU General Public License (GPL), either
-version 3 of the License, or (at your option) any later version published
-by the Free Software Foundation (FSF).
-A copy of the license is included in <a href="#SEC69">GNU GENERAL PUBLIC LICENSE</a>.
+On Solaris and FreeBSD, the <code>wchar_t</code> encoding is locale dependent
+and undocumented.  This means, if you want to know any property of a
+<code>wchar_t</code> character, other than the properties defined by
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/wctype.h.html"><code>&lt;wctype.h&gt;</code></a> &mdash; such as whether it's a dash, currency symbol,
+paragraph separator, or similar &mdash;, you have to convert it to
+<code>char *</code> encoding first, by use of the function <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wctomb.html"><code>wctomb</code></a>.
+
+</li><li>
+When you read a stream of wide characters, through the functions
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/fgetwc.html"><code>fgetwc</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/fgetws.html"><code>fgetws</code></a>, and when the input stream/file is
+not in the expected encoding, you have no way to determine the invalid
+byte sequence and do some corrective action.  If you use these
+functions, your program becomes &ldquo;garbage in - more garbage out&rdquo; or
+&ldquo;garbage in - abort&rdquo;.
 </li></ul>
 
-
-
-<hr size="6">
-<a name="GNU-GPL"></a>
-<a name="SEC69"></a>
-<h2 class="appendixsec"> <a href="libunistring.html#TOC69">A.1 GNU GENERAL PUBLIC LICENSE</a> </h2>
-<p align="center"> Version 3, 29 June 2007
+<p>As a consequence, it is better to use multibyte strings, as explained in
+the section <a href="libunistring_1.html#SEC6">&lsquo;<samp>char *</samp>&rsquo; strings</a>.  Such multibyte strings can bypass
+limitations of the <code>wchar_t</code> type, if you use functions defined in gnulib
+and libunistring for text processing.  They can also faithfully transport
+malformed characters that were present in the input, without requiring
+the program to produce garbage or abort.
 </p>
-
-<table><tr><td>&nbsp;</td><td><pre class="display">Copyright &copy; 2007 Free Software Foundation, Inc. <a href="http://fsf.org/">http://fsf.org/</a>
-
-Everyone is permitted to copy and distribute verbatim copies of this
-license document, but changing it is not allowed.
-</pre></td></tr></table>
-
-<a name="SEC70"></a>
-<h2 class="heading"> Preamble </h2>
-
-<p>The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-</p>
-<p>The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works.  By contrast,
-the GNU General Public License is intended to guarantee your freedom
-to share and change all versions of a program&mdash;to make sure it remains
-free software for all its users.  We, the Free Software Foundation,
-use the GNU General Public License for most of our software; it
-applies also to any other work released this way by its authors.  You
-can apply it to your programs, too.
-</p>
-<p>When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-</p>
-<p>To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights.  Therefore, you
-have certain responsibilities if you distribute copies of the
-software, or if you modify it: responsibilities to respect the freedom
-of others.
-</p>
-<p>For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received.  You must make sure that they, too,
-receive or can get the source code.  And you must show them these
-terms so they know their rights.
-</p>
-<p>Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-</p>
-<p>For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software.  For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-</p>
-<p>Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the
-manufacturer can do so.  This is fundamentally incompatible with the
-aim of protecting users' freedom to change the software.  The
-systematic pattern of such abuse occurs in the area of products for
-individuals to use, which is precisely where it is most unacceptable.
-Therefore, we have designed this version of the GPL to prohibit the
-practice for those products.  If such problems arise substantially in
-other domains, we stand ready to extend this provision to those
-domains in future versions of the GPL, as needed to protect the
-freedom of users.
-</p>
-<p>Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish
-to avoid the special danger that patents applied to a free program
-could make it effectively proprietary.  To prevent this, the GPL
-assures that patents cannot be used to render the program non-free.
-</p>
-<p>The precise terms and conditions for copying, distribution and
-modification follow.
-</p>
-<a name="SEC71"></a>
-<h2 class="heading"> TERMS AND CONDITIONS </h2>
-
-<ol>
-<li> Definitions.
-
-<p>&ldquo;This License&rdquo; refers to version 3 of the GNU General Public License.
-</p>
-<p>&ldquo;Copyright&rdquo; also means copyright-like laws that apply to other kinds
-of works, such as semiconductor masks.
-</p>
-<p>&ldquo;The Program&rdquo; refers to any copyrightable work licensed under this
-License.  Each licensee is addressed as &ldquo;you&rdquo;.  &ldquo;Licensees&rdquo; and
-&ldquo;recipients&rdquo; may be individuals or organizations.
-</p>
-<p>To &ldquo;modify&rdquo; a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of
-an exact copy.  The resulting work is called a &ldquo;modified version&rdquo; of
-the earlier work or a work &ldquo;based on&rdquo; the earlier work.
-</p>
-<p>A &ldquo;covered work&rdquo; means either the unmodified Program or a work based
-on the Program.
-</p>
-<p>To &ldquo;propagate&rdquo; a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy.  Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-</p>
-<p>To &ldquo;convey&rdquo; a work means any kind of propagation that enables other
-parties to make or receive copies.  Mere interaction with a user
-through a computer network, with no transfer of a copy, is not
-conveying.
-</p>
-<p>An interactive user interface displays &ldquo;Appropriate Legal Notices&rdquo; to
-the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License.  If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-</p>
-</li><li> Source Code.
-
-<p>The &ldquo;source code&rdquo; for a work means the preferred form of the work for
-making modifications to it.  &ldquo;Object code&rdquo; means any non-source form
-of a work.
-</p>
-<p>A &ldquo;Standard Interface&rdquo; means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-</p>
-<p>The &ldquo;System Libraries&rdquo; of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form.  A
-&ldquo;Major Component&rdquo;, in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-</p>
-<p>The &ldquo;Corresponding Source&rdquo; for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities.  However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work.  For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-</p>
-<p>The Corresponding Source need not include anything that users can
-regenerate automatically from other parts of the Corresponding Source.
-</p>
-<p>The Corresponding Source for a work in source code form is that same
-work.
-</p>
-</li><li> Basic Permissions.
-
-<p>All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work.  This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-</p>
-<p>You may make, run and propagate covered works that you do not convey,
-without conditions so long as your license otherwise remains in force.
-You may convey covered works to others for the sole purpose of having
-them make modifications exclusively for you, or provide you with
-facilities for running those works, provided that you comply with the
-terms of this License in conveying all material for which you do not
-control copyright.  Those thus making or running the covered works for
-you must do so exclusively on your behalf, under your direction and
-control, on terms that prohibit them from making any copies of your
-copyrighted material outside their relationship with you.
-</p>
-<p>Conveying under any other circumstances is permitted solely under the
-conditions stated below.  Sublicensing is not allowed; section 10
-makes it unnecessary.
-</p>
-</li><li> Protecting Users' Legal Rights From Anti-Circumvention Law.
-
-<p>No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-</p>
-<p>When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such
-circumvention is effected by exercising rights under this License with
-respect to the covered work, and you disclaim any intention to limit
-operation or modification of the work as a means of enforcing, against
-the work's users, your or third parties' legal rights to forbid
-circumvention of technological measures.
-</p>
-</li><li> Conveying Verbatim Copies.
-
-<p>You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-</p>
-<p>You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-</p>
-</li><li> Conveying Modified Source Versions.
-
-<p>You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these
-conditions:
-</p>
-<ol>
-<li>
-The work must carry prominent notices stating that you modified it,
-and giving a relevant date.
-
-</li><li>
-The work must carry prominent notices stating that it is released
-under this License and any conditions added under section 7.  This
-requirement modifies the requirement in section 4 to &ldquo;keep intact all
-notices&rdquo;.
-
-</li><li>
-You must license the entire work, as a whole, under this License to
-anyone who comes into possession of a copy.  This License will
-therefore apply, along with any applicable section 7 additional terms,
-to the whole of the work, and all its parts, regardless of how they
-are packaged.  This License gives no permission to license the work in
-any other way, but it does not invalidate such permission if you have
-separately received it.
-
-</li><li>
-If the work has interactive user interfaces, each must display
-Appropriate Legal Notices; however, if the Program has interactive
-interfaces that do not display Appropriate Legal Notices, your work
-need not make them do so.
-</li></ol>
-
-<p>A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-&ldquo;aggregate&rdquo; if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit.  Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-</p>
-</li><li>  Conveying Non-Source Forms.
-
-<p>You may convey a covered work in object code form under the terms of
-sections 4 and 5, provided that you also convey the machine-readable
-Corresponding Source under the terms of this License, in one of these
-ways:
-</p>
-<ol>
-<li>
-Convey the object code in, or embodied in, a physical product
-(including a physical distribution medium), accompanied by the
-Corresponding Source fixed on a durable physical medium customarily
-used for software interchange.
-
-</li><li>
-Convey the object code in, or embodied in, a physical product
-(including a physical distribution medium), accompanied by a written
-offer, valid for at least three years and valid for as long as you
-offer spare parts or customer support for that product model, to give
-anyone who possesses the object code either (1) a copy of the
-Corresponding Source for all the software in the product that is
-covered by this License, on a durable physical medium customarily used
-for software interchange, for a price no more than your reasonable
-cost of physically performing this conveying of source, or (2) access
-to copy the Corresponding Source from a network server at no charge.
-
-</li><li>
-Convey individual copies of the object code with a copy of the written
-offer to provide the Corresponding Source.  This alternative is
-allowed only occasionally and noncommercially, and only if you
-received the object code with such an offer, in accord with subsection
-6b.
-
-</li><li>
-Convey the object code by offering access from a designated place
-(gratis or for a charge), and offer equivalent access to the
-Corresponding Source in the same way through the same place at no
-further charge.  You need not require recipients to copy the
-Corresponding Source along with the object code.  If the place to copy
-the object code is a network server, the Corresponding Source may be
-on a different server (operated by you or a third party) that supports
-equivalent copying facilities, provided you maintain clear directions
-next to the object code saying where to find the Corresponding Source.
-Regardless of what server hosts the Corresponding Source, you remain
-obligated to ensure that it is available for as long as needed to
-satisfy these requirements.
-
-</li><li>
-Convey the object code using peer-to-peer transmission, provided you
-inform other peers where the object code and Corresponding Source of
-the work are being offered to the general public at no charge under
-subsection 6d.
-
-</li></ol>
-
-<p>A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-</p>
-<p>A &ldquo;User Product&rdquo; is either (1) a &ldquo;consumer product&rdquo;, which means any
-tangible personal property which is normally used for personal,
-family, or household purposes, or (2) anything designed or sold for
-incorporation into a dwelling.  In determining whether a product is a
-consumer product, doubtful cases shall be resolved in favor of
-coverage.  For a particular product received by a particular user,
-&ldquo;normally used&rdquo; refers to a typical or common use of that class of
-product, regardless of the status of the particular user or of the way
-in which the particular user actually uses, or expects or is expected
-to use, the product.  A product is a consumer product regardless of
-whether the product has substantial commercial, industrial or
-non-consumer uses, unless such uses represent the only significant
-mode of use of the product.
-</p>
-<p>&ldquo;Installation Information&rdquo; for a User Product means any methods,
-procedures, authorization keys, or other information required to
-install and execute modified versions of a covered work in that User
-Product from a modified version of its Corresponding Source.  The
-information must suffice to ensure that the continued functioning of
-the modified object code is in no case prevented or interfered with
-solely because modification has been made.
-</p>
-<p>If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information.  But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-</p>
-<p>The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or
-updates for a work that has been modified or installed by the
-recipient, or for the User Product in which it has been modified or
-installed.  Access to a network may be denied when the modification
-itself materially and adversely affects the operation of the network
-or violates the rules and protocols for communication across the
-network.
-</p>
-<p>Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-</p>
-</li><li> Additional Terms.
-
-<p>&ldquo;Additional permissions&rdquo; are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law.  If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-</p>
-<p>When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it.  (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.)  You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-</p>
-<p>Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders
-of that material) supplement the terms of this License with terms:
-</p>
-<ol>
-<li>
-Disclaiming warranty or limiting liability differently from the terms
-of sections 15 and 16 of this License; or
-
-</li><li>
-Requiring preservation of specified reasonable legal notices or author
-attributions in that material or in the Appropriate Legal Notices
-displayed by works containing it; or
-
-</li><li>
-Prohibiting misrepresentation of the origin of that material, or
-requiring that modified versions of such material be marked in
-reasonable ways as different from the original version; or
-
-</li><li>
-Limiting the use for publicity purposes of names of licensors or
-authors of the material; or
-
-</li><li>
-Declining to grant rights under trademark law for use of some trade
-names, trademarks, or service marks; or
-
-</li><li>
-Requiring indemnification of licensors and authors of that material by
-anyone who conveys the material (or modified versions of it) with
-contractual assumptions of liability to the recipient, for any
-liability that these contractual assumptions directly impose on those
-licensors and authors.
-</li></ol>
-
-<p>All other non-permissive additional terms are considered &ldquo;further
-restrictions&rdquo; within the meaning of section 10.  If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term.  If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-</p>
-<p>If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-</p>
-<p>Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions; the
-above requirements apply either way.
-</p>
-</li><li> Termination.
-
-<p>You may not propagate or modify a covered work except as expressly
-provided under this License.  Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-</p>
-<p>However, if you cease all violation of this License, then your license
-from a particular copyright holder is reinstated (a) provisionally,
-unless and until the copyright holder explicitly and finally
-terminates your license, and (b) permanently, if the copyright holder
-fails to notify you of the violation by some reasonable means prior to
-60 days after the cessation.
-</p>
-<p>Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-</p>
-<p>Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-</p>
-</li><li> Acceptance Not Required for Having Copies.
-
-<p>You are not required to accept this License in order to receive or run
-a copy of the Program.  Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance.  However,
-nothing other than this License grants you permission to propagate or
-modify any covered work.  These actions infringe copyright if you do
-not accept this License.  Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-</p>
-</li><li> Automatic Licensing of Downstream Recipients.
-
-<p>Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License.  You are not responsible
-for enforcing compliance by third parties with this License.
-</p>
-<p>An &ldquo;entity transaction&rdquo; is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations.  If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-</p>
-<p>You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License.  For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-</p>
-</li><li> Patents.
-
-<p>A &ldquo;contributor&rdquo; is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based.  The
-work thus licensed is called the contributor's &ldquo;contributor version&rdquo;.
-</p>
-<p>A contributor's &ldquo;essential patent claims&rdquo; are all patent claims owned
-or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version.  For
-purposes of this definition, &ldquo;control&rdquo; includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-</p>
-<p>Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-</p>
-<p>In the following three paragraphs, a &ldquo;patent license&rdquo; is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement).  To &ldquo;grant&rdquo; such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-</p>
-<p>If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients.  &ldquo;Knowingly relying&rdquo; means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-</p>
-<p>If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-</p>
-<p>A patent license is &ldquo;discriminatory&rdquo; if it does not include within the
-scope of its coverage, prohibits the exercise of, or is conditioned on
-the non-exercise of one or more of the rights that are specifically
-granted under this License.  You may not convey a covered work if you
-are a party to an arrangement with a third party that is in the
-business of distributing software, under which you make payment to the
-third party based on the extent of your activity of conveying the
-work, and under which the third party grants, to any of the parties
-who would receive the covered work from you, a discriminatory patent
-license (a) in connection with copies of the covered work conveyed by
-you (or copies made from those copies), or (b) primarily for and in
-connection with specific products or compilations that contain the
-covered work, unless you entered into that arrangement, or that patent
-license was granted, prior to 28 March 2007.
-</p>
-<p>Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-</p>
-</li><li> No Surrender of Others' Freedom.
-
-<p>If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot convey
-a covered work so as to satisfy simultaneously your obligations under
-this License and any other pertinent obligations, then as a
-consequence you may not convey it at all.  For example, if you agree
-to terms that obligate you to collect a royalty for further conveying
-from those to whom you convey the Program, the only way you could
-satisfy both those terms and this License would be to refrain entirely
-from conveying the Program.
-</p>
-</li><li> Use with the GNU Affero General Public License.
-
-<p>Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work.  The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-</p>
-</li><li> Revised Versions of this License.
-
-<p>The Free Software Foundation may publish revised and/or new versions
-of the GNU General Public License from time to time.  Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-</p>
-<p>Each version is given a distinguishing version number.  If the Program
-specifies that a certain numbered version of the GNU General Public
-License &ldquo;or any later version&rdquo; applies to it, you have the option of
-following the terms and conditions either of that numbered version or
-of any later version published by the Free Software Foundation.  If
-the Program does not specify a version number of the GNU General
-Public License, you may choose any version ever published by the Free
-Software Foundation.
-</p>
-<p>If the Program specifies that a proxy can decide which future versions
-of the GNU General Public License can be used, that proxy's public
-statement of acceptance of a version permanently authorizes you to
-choose that version for the Program.
-</p>
-<p>Later license versions may give you additional or different
-permissions.  However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-</p>
-</li><li> Disclaimer of Warranty.
-
-<p>THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM &ldquo;AS IS&rdquo; WITHOUT
-WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND
-PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE PROGRAM PROVE
-DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR
-CORRECTION.
-</p>
-</li><li> Limitation of Liability.
-
-<p>IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR
-CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
-ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT
-NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
-LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
-TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER
-PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
-</p>
-</li><li> Interpretation of Sections 15 and 16.
-
-<p>If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-</p>
-</li></ol>
-
-<a name="SEC72"></a>
-<h2 class="heading"> END OF TERMS AND CONDITIONS </h2>
-
-<a name="SEC73"></a>
-<h2 class="heading"> How to Apply These Terms to Your New Programs </h2>
-
-<p>If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these
-terms.
-</p>
-<p>To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the &ldquo;copyright&rdquo; line and a pointer to where the full notice is found.
-</p>
-<table><tr><td>&nbsp;</td><td><pre class="smallexample"><var>one line to give the program's name and a brief idea of what it does.</var>
-Copyright (C) <var>year</var> <var>name of author</var>
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or (at
-your option) any later version.
-
-This program is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program.  If not, see <a href="http://www.gnu.org/licenses/">http://www.gnu.org/licenses/</a>.
-</pre></td></tr></table>
-
-<p>Also add information on how to contact you by electronic and paper mail.
-</p>
-<p>If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-</p>
-<table><tr><td>&nbsp;</td><td><pre class="smallexample"><var>program</var> Copyright (C) <var>year</var> <var>name of author</var>
-This program comes with ABSOLUTELY NO WARRANTY; for details type &lsquo;<samp>show w</samp>&rsquo;.
-This is free software, and you are welcome to redistribute it
-under certain conditions; type &lsquo;<samp>show c</samp>&rsquo; for details.
-</pre></td></tr></table>
-
-<p>The hypothetical commands &lsquo;<samp>show w</samp>&rsquo; and &lsquo;<samp>show c</samp>&rsquo; should show
-the appropriate parts of the General Public License.  Of course, your
-program's commands might be different; for a GUI interface, you would
-use an &ldquo;about box&rdquo;.
-</p>
-<p>You should also get your employer (if you work as a programmer) or school,
-if any, to sign a &ldquo;copyright disclaimer&rdquo; for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-<a href="http://www.gnu.org/licenses/">http://www.gnu.org/licenses/</a>.
-</p>
-<p>The GNU General Public License does not permit incorporating your
-program into proprietary programs.  If your program is a subroutine
-library, you may consider it more useful to permit linking proprietary
-applications with the library.  If this is what you want to do, use
-the GNU Lesser General Public License instead of this License.  But
-first, please read <a href="http://www.gnu.org/philosophy/why-not-lgpl.html">http://www.gnu.org/philosophy/why-not-lgpl.html</a>.
-
-</p><hr size="6">
-<a name="GNU-LGPL"></a>
-<a name="SEC74"></a>
-<h2 class="appendixsec"> <a href="libunistring.html#TOC70">A.2 GNU LESSER GENERAL PUBLIC LICENSE</a> </h2>
-<p align="center"> Version 3, 29 June 2007
-</p>
-
-<table><tr><td>&nbsp;</td><td><pre class="display">Copyright &copy; 2007 Free Software Foundation, Inc. <a href="http://fsf.org/">http://fsf.org/</a>
-
-Everyone is permitted to copy and distribute verbatim copies of this
-license document, but changing it is not allowed.
-</pre></td></tr></table>
-
-<p>This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-</p>
-<ol>
-<li> Additional Definitions.
-
-<p>As used herein, &ldquo;this License&rdquo; refers to version 3 of the GNU Lesser
-General Public License, and the &ldquo;GNU GPL&rdquo; refers to version 3 of the GNU
-General Public License.
-</p>
-<p>&ldquo;The Library&rdquo; refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-</p>
-<p>An &ldquo;Application&rdquo; is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-</p>
-<p>A &ldquo;Combined Work&rdquo; is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the &ldquo;Linked
-Version&rdquo;.
-</p>
-<p>The &ldquo;Minimal Corresponding Source&rdquo; for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-</p>
-<p>The &ldquo;Corresponding Application Code&rdquo; for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-</p>
-</li><li> Exception to Section 3 of the GNU GPL.
-
-<p>You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-</p>
-</li><li> Conveying Modified Versions.
-
-<p>If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-</p>
-<ol>
-<li>
-under this License, provided that you make a good faith effort to
-ensure that, in the event an Application does not supply the
-function or data, the facility still operates, and performs
-whatever part of its purpose remains meaningful, or
-
-</li><li>
-under the GNU GPL, with none of the additional permissions of
-this License applicable to that copy.
-</li></ol>
-
-</li><li> Object Code Incorporating Material from Library Header Files.
-
-<p>The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-</p>
-<ol>
-<li>
-Give prominent notice with each copy of the object code that the
-Library is used in it and that the Library and its use are
-covered by this License.
-</li><li>
-Accompany the object code with a copy of the GNU GPL and this license
-document.
-</li></ol>
-
-</li><li> Combined Works.
-
-<p>You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-</p>
-<ol>
-<li>
-Give prominent notice with each copy of the Combined Work that
-the Library is used in it and that the Library and its use are
-covered by this License.
-</li><li>
-Accompany the Combined Work with a copy of the GNU GPL and this license
-document.
-</li><li>
-For a Combined Work that displays copyright notices during
-execution, include the copyright notice for the Library among
-these notices, as well as a reference directing the user to the
-copies of the GNU GPL and this license document.
-</li><li>
-Do one of the following:
-
-<ol>
-<li>
-Convey the Minimal Corresponding Source under the terms of this
-License, and the Corresponding Application Code in a form
-suitable for, and under terms that permit, the user to
-recombine or relink the Application with a modified version of
-the Linked Version to produce a modified Combined Work, in the
-manner specified by section 6 of the GNU GPL for conveying
-Corresponding Source.
-</li><li>
-Use a suitable shared library mechanism for linking with the
-Library.  A suitable mechanism is one that (a) uses at run time
-a copy of the Library already present on the user's computer
-system, and (b) will operate properly with a modified version
-of the Library that is interface-compatible with the Linked
-Version.
-</li></ol>
-
-</li><li>
-Provide Installation Information, but only if you would otherwise
-be required to provide such information under section 6 of the
-GNU GPL, and only to the extent that such information is
-necessary to install and execute a modified version of the
-Combined Work produced by recombining or relinking the
-Application with a modified version of the Linked Version. (If
-you use option 4d0, the Installation Information must accompany
-the Minimal Corresponding Source and Corresponding Application
-Code. If you use option 4d1, you must provide the Installation
-Information in the manner specified by section 6 of the GNU GPL
-for conveying Corresponding Source.)
-</li></ol>
-
-</li><li> Combined Libraries.
-
-<p>You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-</p>
-<ol>
-<li>
-Accompany the combined library with a copy of the same work based
-on the Library, uncombined with any other library facilities,
-conveyed under the terms of this License.
-</li><li>
-Give prominent notice with the combined library that part of it
-is a work based on the Library, and explaining where to find the
-accompanying uncombined form of the same work.
-</li></ol>
-
-</li><li> Revised Versions of the GNU Lesser General Public License.
-
-<p>The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-</p>
-<p>Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License &ldquo;or any later version&rdquo;
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-</p>
-<p>If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
-</p>
-</li></ol>
-
-<hr size="6">
-<a name="GNU-FDL"></a>
-<a name="SEC75"></a>
-<h2 class="appendixsec"> <a href="libunistring.html#TOC71">A.3 GNU Free Documentation License</a> </h2>
-<p align="center"> Version 1.3, 3 November 2008
-</p>
-
-<table><tr><td>&nbsp;</td><td><pre class="display">Copyright &copy; 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc.
-<a href="http://fsf.org/">http://fsf.org/</a>
-
-Everyone is permitted to copy and distribute verbatim copies
-of this license document, but changing it is not allowed.
-</pre></td></tr></table>
-
-<ol>
-<li>
-PREAMBLE
-
-<p>The purpose of this License is to make a manual, textbook, or other
-functional and useful document <em>free</em> in the sense of freedom: to
-assure everyone the effective freedom to copy and redistribute it,
-with or without modifying it, either commercially or noncommercially.
-Secondarily, this License preserves for the author and publisher a way
-to get credit for their work, while not being considered responsible
-for modifications made by others.
-</p>
-<p>This License is a kind of &ldquo;copyleft&rdquo;, which means that derivative
-works of the document must themselves be free in the same sense.  It
-complements the GNU General Public License, which is a copyleft
-license designed for free software.
-</p>
-<p>We have designed this License in order to use it for manuals for free
-software, because free software needs free documentation: a free
-program should come with manuals providing the same freedoms that the
-software does.  But this License is not limited to software manuals;
-it can be used for any textual work, regardless of subject matter or
-whether it is published as a printed book.  We recommend this License
-principally for works whose purpose is instruction or reference.
-</p>
-</li><li>
-APPLICABILITY AND DEFINITIONS
-
-<p>This License applies to any manual or other work, in any medium, that
-contains a notice placed by the copyright holder saying it can be
-distributed under the terms of this License.  Such a notice grants a
-world-wide, royalty-free license, unlimited in duration, to use that
-work under the conditions stated herein.  The &ldquo;Document&rdquo;, below,
-refers to any such manual or work.  Any member of the public is a
-licensee, and is addressed as &ldquo;you&rdquo;.  You accept the license if you
-copy, modify or distribute the work in a way requiring permission
-under copyright law.
-</p>
-<p>A &ldquo;Modified Version&rdquo; of the Document means any work containing the
-Document or a portion of it, either copied verbatim, or with
-modifications and/or translated into another language.
-</p>
-<p>A &ldquo;Secondary Section&rdquo; is a named appendix or a front-matter section
-of the Document that deals exclusively with the relationship of the
-publishers or authors of the Document to the Document's overall
-subject (or to related matters) and contains nothing that could fall
-directly within that overall subject.  (Thus, if the Document is in
-part a textbook of mathematics, a Secondary Section may not explain
-any mathematics.)  The relationship could be a matter of historical
-connection with the subject or with related matters, or of legal,
-commercial, philosophical, ethical or political position regarding
-them.
-</p>
-<p>The &ldquo;Invariant Sections&rdquo; are certain Secondary Sections whose titles
-are designated, as being those of Invariant Sections, in the notice
-that says that the Document is released under this License.  If a
-section does not fit the above definition of Secondary then it is not
-allowed to be designated as Invariant.  The Document may contain zero
-Invariant Sections.  If the Document does not identify any Invariant
-Sections then there are none.
-</p>
-<p>The &ldquo;Cover Texts&rdquo; are certain short passages of text that are listed,
-as Front-Cover Texts or Back-Cover Texts, in the notice that says that
-the Document is released under this License.  A Front-Cover Text may
-be at most 5 words, and a Back-Cover Text may be at most 25 words.
-</p>
-<p>A &ldquo;Transparent&rdquo; copy of the Document means a machine-readable copy,
-represented in a format whose specification is available to the
-general public, that is suitable for revising the document
-straightforwardly with generic text editors or (for images composed of
-pixels) generic paint programs or (for drawings) some widely available
-drawing editor, and that is suitable for input to text formatters or
-for automatic translation to a variety of formats suitable for input
-to text formatters.  A copy made in an otherwise Transparent file
-format whose markup, or absence of markup, has been arranged to thwart
-or discourage subsequent modification by readers is not Transparent.
-An image format is not Transparent if used for any substantial amount
-of text.  A copy that is not &ldquo;Transparent&rdquo; is called &ldquo;Opaque&rdquo;.
-</p>
-<p>Examples of suitable formats for Transparent copies include plain
-<small>ASCII</small> without markup, Texinfo input format, LaTeX input
-format, <acronym>SGML</acronym> or <acronym>XML</acronym> using a publicly available
-<acronym>DTD</acronym>, and standard-conforming simple <acronym>HTML</acronym>,
-PostScript or <acronym>PDF</acronym> designed for human modification.  Examples
-of transparent image formats include <acronym>PNG</acronym>, <acronym>XCF</acronym> and
-<acronym>JPG</acronym>.  Opaque formats include proprietary formats that can be
-read and edited only by proprietary word processors, <acronym>SGML</acronym> or
-<acronym>XML</acronym> for which the <acronym>DTD</acronym> and/or processing tools are
-not generally available, and the machine-generated <acronym>HTML</acronym>,
-PostScript or <acronym>PDF</acronym> produced by some word processors for
-output purposes only.
-</p>
-<p>The &ldquo;Title Page&rdquo; means, for a printed book, the title page itself,
-plus such following pages as are needed to hold, legibly, the material
-this License requires to appear in the title page.  For works in
-formats which do not have any title page as such, &ldquo;Title Page&rdquo; means
-the text near the most prominent appearance of the work's title,
-preceding the beginning of the body of the text.
-</p>
-<p>The &ldquo;publisher&rdquo; means any person or entity that distributes copies
-of the Document to the public.
-</p>
-<p>A section &ldquo;Entitled XYZ&rdquo; means a named subunit of the Document whose
-title either is precisely XYZ or contains XYZ in parentheses following
-text that translates XYZ in another language.  (Here XYZ stands for a
-specific section name mentioned below, such as &ldquo;Acknowledgements&rdquo;,
-&ldquo;Dedications&rdquo;, &ldquo;Endorsements&rdquo;, or &ldquo;History&rdquo;.)  To &ldquo;Preserve the Title&rdquo;
-of such a section when you modify the Document means that it remains a
-section &ldquo;Entitled XYZ&rdquo; according to this definition.
-</p>
-<p>The Document may include Warranty Disclaimers next to the notice which
-states that this License applies to the Document.  These Warranty
-Disclaimers are considered to be included by reference in this
-License, but only as regards disclaiming warranties: any other
-implication that these Warranty Disclaimers may have is void and has
-no effect on the meaning of this License.
-</p>
-</li><li>
-VERBATIM COPYING
-
-<p>You may copy and distribute the Document in any medium, either
-commercially or noncommercially, provided that this License, the
-copyright notices, and the license notice saying this License applies
-to the Document are reproduced in all copies, and that you add no other
-conditions whatsoever to those of this License.  You may not use
-technical measures to obstruct or control the reading or further
-copying of the copies you make or distribute.  However, you may accept
-compensation in exchange for copies.  If you distribute a large enough
-number of copies you must also follow the conditions in section 3.
-</p>
-<p>You may also lend copies, under the same conditions stated above, and
-you may publicly display copies.
-</p>
-</li><li>
-COPYING IN QUANTITY
-
-<p>If you publish printed copies (or copies in media that commonly have
-printed covers) of the Document, numbering more than 100, and the
-Document's license notice requires Cover Texts, you must enclose the
-copies in covers that carry, clearly and legibly, all these Cover
-Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on
-the back cover.  Both covers must also clearly and legibly identify
-you as the publisher of these copies.  The front cover must present
-the full title with all words of the title equally prominent and
-visible.  You may add other material on the covers in addition.
-Copying with changes limited to the covers, as long as they preserve
-the title of the Document and satisfy these conditions, can be treated
-as verbatim copying in other respects.
-</p>
-<p>If the required texts for either cover are too voluminous to fit
-legibly, you should put the first ones listed (as many as fit
-reasonably) on the actual cover, and continue the rest onto adjacent
-pages.
-</p>
-<p>If you publish or distribute Opaque copies of the Document numbering
-more than 100, you must either include a machine-readable Transparent
-copy along with each Opaque copy, or state in or with each Opaque copy
-a computer-network location from which the general network-using
-public has access to download using public-standard network protocols
-a complete Transparent copy of the Document, free of added material.
-If you use the latter option, you must take reasonably prudent steps,
-when you begin distribution of Opaque copies in quantity, to ensure
-that this Transparent copy will remain thus accessible at the stated
-location until at least one year after the last time you distribute an
-Opaque copy (directly or through your agents or retailers) of that
-edition to the public.
-</p>
-<p>It is requested, but not required, that you contact the authors of the
-Document well before redistributing any large number of copies, to give
-them a chance to provide you with an updated version of the Document.
-</p>
-</li><li>
-MODIFICATIONS
-
-<p>You may copy and distribute a Modified Version of the Document under
-the conditions of sections 2 and 3 above, provided that you release
-the Modified Version under precisely this License, with the Modified
-Version filling the role of the Document, thus licensing distribution
-and modification of the Modified Version to whoever possesses a copy
-of it.  In addition, you must do these things in the Modified Version:
-</p>
-<ol>
-<li>
-Use in the Title Page (and on the covers, if any) a title distinct
-from that of the Document, and from those of previous versions
-(which should, if there were any, be listed in the History section
-of the Document).  You may use the same title as a previous version
-if the original publisher of that version gives permission.
-
-</li><li>
-List on the Title Page, as authors, one or more persons or entities
-responsible for authorship of the modifications in the Modified
-Version, together with at least five of the principal authors of the
-Document (all of its principal authors, if it has fewer than five),
-unless they release you from this requirement.
-
-</li><li>
-State on the Title page the name of the publisher of the
-Modified Version, as the publisher.
-
-</li><li>
-Preserve all the copyright notices of the Document.
-
-</li><li>
-Add an appropriate copyright notice for your modifications
-adjacent to the other copyright notices.
-
-</li><li>
-Include, immediately after the copyright notices, a license notice
-giving the public permission to use the Modified Version under the
-terms of this License, in the form shown in the Addendum below.
-
-</li><li>
-Preserve in that license notice the full lists of Invariant Sections
-and required Cover Texts given in the Document's license notice.
-
-</li><li>
-Include an unaltered copy of this License.
-
-</li><li>
-Preserve the section Entitled &ldquo;History&rdquo;, Preserve its Title, and add
-to it an item stating at least the title, year, new authors, and
-publisher of the Modified Version as given on the Title Page.  If
-there is no section Entitled &ldquo;History&rdquo; in the Document, create one
-stating the title, year, authors, and publisher of the Document as
-given on its Title Page, then add an item describing the Modified
-Version as stated in the previous sentence.
-
-</li><li>
-Preserve the network location, if any, given in the Document for
-public access to a Transparent copy of the Document, and likewise
-the network locations given in the Document for previous versions
-it was based on.  These may be placed in the &ldquo;History&rdquo; section.
-You may omit a network location for a work that was published at
-least four years before the Document itself, or if the original
-publisher of the version it refers to gives permission.
-
-</li><li>
-For any section Entitled &ldquo;Acknowledgements&rdquo; or &ldquo;Dedications&rdquo;, Preserve
-the Title of the section, and preserve in the section all the
-substance and tone of each of the contributor acknowledgements and/or
-dedications given therein.
-
-</li><li>
-Preserve all the Invariant Sections of the Document,
-unaltered in their text and in their titles.  Section numbers
-or the equivalent are not considered part of the section titles.
-
-</li><li>
-Delete any section Entitled &ldquo;Endorsements&rdquo;.  Such a section
-may not be included in the Modified Version.
-
-</li><li>
-Do not retitle any existing section to be Entitled &ldquo;Endorsements&rdquo; or
-to conflict in title with any Invariant Section.
-
-</li><li>
-Preserve any Warranty Disclaimers.
-</li></ol>
-
-<p>If the Modified Version includes new front-matter sections or
-appendices that qualify as Secondary Sections and contain no material
-copied from the Document, you may at your option designate some or all
-of these sections as invariant.  To do this, add their titles to the
-list of Invariant Sections in the Modified Version's license notice.
-These titles must be distinct from any other section titles.
-</p>
-<p>You may add a section Entitled &ldquo;Endorsements&rdquo;, provided it contains
-nothing but endorsements of your Modified Version by various
-parties&mdash;for example, statements of peer review or that the text has
-been approved by an organization as the authoritative definition of a
-standard.
-</p>
-<p>You may add a passage of up to five words as a Front-Cover Text, and a
-passage of up to 25 words as a Back-Cover Text, to the end of the list
-of Cover Texts in the Modified Version.  Only one passage of
-Front-Cover Text and one of Back-Cover Text may be added by (or
-through arrangements made by) any one entity.  If the Document already
-includes a cover text for the same cover, previously added by you or
-by arrangement made by the same entity you are acting on behalf of,
-you may not add another; but you may replace the old one, on explicit
-permission from the previous publisher that added the old one.
-</p>
-<p>The author(s) and publisher(s) of the Document do not by this License
-give permission to use their names for publicity for or to assert or
-imply endorsement of any Modified Version.
-</p>
-</li><li>
-COMBINING DOCUMENTS
-
-<p>You may combine the Document with other documents released under this
-License, under the terms defined in section 4 above for modified
-versions, provided that you include in the combination all of the
-Invariant Sections of all of the original documents, unmodified, and
-list them all as Invariant Sections of your combined work in its
-license notice, and that you preserve all their Warranty Disclaimers.
-</p>
-<p>The combined work need only contain one copy of this License, and
-multiple identical Invariant Sections may be replaced with a single
-copy.  If there are multiple Invariant Sections with the same name but
-different contents, make the title of each such section unique by
-adding at the end of it, in parentheses, the name of the original
-author or publisher of that section if known, or else a unique number.
-Make the same adjustment to the section titles in the list of
-Invariant Sections in the license notice of the combined work.
-</p>
-<p>In the combination, you must combine any sections Entitled &ldquo;History&rdquo;
-in the various original documents, forming one section Entitled
-&ldquo;History&rdquo;; likewise combine any sections Entitled &ldquo;Acknowledgements&rdquo;,
-and any sections Entitled &ldquo;Dedications&rdquo;.  You must delete all
-sections Entitled &ldquo;Endorsements.&rdquo;
-</p>
-</li><li>
-COLLECTIONS OF DOCUMENTS
-
-<p>You may make a collection consisting of the Document and other documents
-released under this License, and replace the individual copies of this
-License in the various documents with a single copy that is included in
-the collection, provided that you follow the rules of this License for
-verbatim copying of each of the documents in all other respects.
-</p>
-<p>You may extract a single document from such a collection, and distribute
-it individually under this License, provided you insert a copy of this
-License into the extracted document, and follow this License in all
-other respects regarding verbatim copying of that document.
-</p>
-</li><li>
-AGGREGATION WITH INDEPENDENT WORKS
-
-<p>A compilation of the Document or its derivatives with other separate
-and independent documents or works, in or on a volume of a storage or
-distribution medium, is called an &ldquo;aggregate&rdquo; if the copyright
-resulting from the compilation is not used to limit the legal rights
-of the compilation's users beyond what the individual works permit.
-When the Document is included in an aggregate, this License does not
-apply to the other works in the aggregate which are not themselves
-derivative works of the Document.
-</p>
-<p>If the Cover Text requirement of section 3 is applicable to these
-copies of the Document, then if the Document is less than one half of
-the entire aggregate, the Document's Cover Texts may be placed on
-covers that bracket the Document within the aggregate, or the
-electronic equivalent of covers if the Document is in electronic form.
-Otherwise they must appear on printed covers that bracket the whole
-aggregate.
-</p>
-</li><li>
-TRANSLATION
-
-<p>Translation is considered a kind of modification, so you may
-distribute translations of the Document under the terms of section 4.
-Replacing Invariant Sections with translations requires special
-permission from their copyright holders, but you may include
-translations of some or all Invariant Sections in addition to the
-original versions of these Invariant Sections.  You may include a
-translation of this License, and all the license notices in the
-Document, and any Warranty Disclaimers, provided that you also include
-the original English version of this License and the original versions
-of those notices and disclaimers.  In case of a disagreement between
-the translation and the original version of this License or a notice
-or disclaimer, the original version will prevail.
-</p>
-<p>If a section in the Document is Entitled &ldquo;Acknowledgements&rdquo;,
-&ldquo;Dedications&rdquo;, or &ldquo;History&rdquo;, the requirement (section 4) to Preserve
-its Title (section 1) will typically require changing the actual
-title.
-</p>
-</li><li>
-TERMINATION
-
-<p>You may not copy, modify, sublicense, or distribute the Document
-except as expressly provided under this License.  Any attempt
-otherwise to copy, modify, sublicense, or distribute it is void, and
-will automatically terminate your rights under this License.
-</p>
-<p>However, if you cease all violation of this License, then your license
-from a particular copyright holder is reinstated (a) provisionally,
-unless and until the copyright holder explicitly and finally
-terminates your license, and (b) permanently, if the copyright holder
-fails to notify you of the violation by some reasonable means prior to
-60 days after the cessation.
-</p>
-<p>Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-</p>
-<p>Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, receipt of a copy of some or all of the same material does
-not give you any rights to use it.
-</p>
-</li><li>
-FUTURE REVISIONS OF THIS LICENSE
-
-<p>The Free Software Foundation may publish new, revised versions
-of the GNU Free Documentation License from time to time.  Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.  See
-<a href="http://www.gnu.org/copyleft/">http://www.gnu.org/copyleft/</a>.
-</p>
-<p>Each version of the License is given a distinguishing version number.
-If the Document specifies that a particular numbered version of this
-License &ldquo;or any later version&rdquo; applies to it, you have the option of
-following the terms and conditions either of that specified version or
-of any later version that has been published (not as a draft) by the
-Free Software Foundation.  If the Document does not specify a version
-number of this License, you may choose any version ever published (not
-as a draft) by the Free Software Foundation.  If the Document
-specifies that a proxy can decide which future versions of this
-License can be used, that proxy's public statement of acceptance of a
-version permanently authorizes you to choose that version for the
-Document.
-</p>
-</li><li>
-RELICENSING
-
-<p>&ldquo;Massive Multiauthor Collaboration Site&rdquo; (or &ldquo;MMC Site&rdquo;) means any
-World Wide Web server that publishes copyrightable works and also
-provides prominent facilities for anybody to edit those works.  A
-public wiki that anybody can edit is an example of such a server.  A
-&ldquo;Massive Multiauthor Collaboration&rdquo; (or &ldquo;MMC&rdquo;) contained in the
-site means any set of copyrightable works thus published on the MMC
-site.
-</p>
-<p>&ldquo;CC-BY-SA&rdquo; means the Creative Commons Attribution-Share Alike 3.0
-license published by Creative Commons Corporation, a not-for-profit
-corporation with a principal place of business in San Francisco,
-California, as well as future copyleft versions of that license
-published by that same organization.
-</p>
-<p>&ldquo;Incorporate&rdquo; means to publish or republish a Document, in whole or
-in part, as part of another Document.
-</p>
-<p>An MMC is &ldquo;eligible for relicensing&rdquo; if it is licensed under this
-License, and if all works that were first published under this License
-somewhere other than this MMC, and subsequently incorporated in whole
-or in part into the MMC, (1) had no cover texts or invariant sections,
-and (2) were thus incorporated prior to November 1, 2008.
-</p>
-<p>The operator of an MMC Site may republish an MMC contained in the site
-under CC-BY-SA on the same site at any time before August 1, 2009,
-provided the MMC is eligible for relicensing.
-</p>
-</li></ol>
-
-
-<a name="SEC76"></a>
-<h2 class="heading"> ADDENDUM: How to use this License for your documents </h2>
-
-<p>To use this License in a document you have written, include a copy of
-the License in the document and put the following copyright and
-license notices just after the title page:
-</p>
-<table><tr><td>&nbsp;</td><td><pre class="smallexample">  Copyright (C)  <var>year</var>  <var>your name</var>.
-  Permission is granted to copy, distribute and/or modify this document
-  under the terms of the GNU Free Documentation License, Version 1.3
-  or any later version published by the Free Software Foundation;
-  with no Invariant Sections, no Front-Cover Texts, and no Back-Cover
-  Texts.  A copy of the license is included in the section entitled ``GNU
-  Free Documentation License''.
-</pre></td></tr></table>
-
-<p>If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts,
-replace the &ldquo;with&hellip;Texts.&rdquo; line with this:
-</p>
-<table><tr><td>&nbsp;</td><td><pre class="smallexample">    with the Invariant Sections being <var>list their titles</var>, with
-    the Front-Cover Texts being <var>list</var>, and with the Back-Cover Texts
-    being <var>list</var>.
-</pre></td></tr></table>
-
-<p>If you have Invariant Sections without Cover Texts, or some other
-combination of the three, merge those two alternatives to suit the
-situation.
-</p>
-<p>If your document contains nontrivial examples of program code, we
-recommend releasing these examples in parallel under your choice of
-free software license, such as the GNU General Public License,
-to permit their use in free software.
-</p>
-
-
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="#SEC68" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_17.html#SEC80" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_19.html#SEC82" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -1530,12 +119,12 @@ to permit their use in free software.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_19.html b/msys2/usr/share/doc/libunistring/libunistring_19.html
index 30df3863b..e0eee13b8 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_19.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_19.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -11,10 +11,10 @@ Send bugs and suggestions to <texi2html-bug@nongnu.org>
 
 -->
 <head>
-<title>GNU libunistring: Index</title>
+<title>GNU libunistring: B. Licenses</title>
 
-<meta name="description" content="GNU libunistring: Index">
-<meta name="keywords" content="GNU libunistring: Index">
+<meta name="description" content="GNU libunistring: B. Licenses">
+<meta name="keywords" content="GNU libunistring: B. Licenses">
 <meta name="resource-type" content="document">
 <meta name="distribution" content="global">
 <meta name="Generator" content="texi2html 1.78a">
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_18.html#SEC68" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_20.html#INDEX0" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_18.html#SEC81" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,750 +51,1478 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
-<a name="Index"></a>
-<a name="SEC77"></a>
-<h1 class="unnumbered"> <a href="libunistring.html#TOC72">Index</a> </h1>
+<a name="Licenses"></a>
+<a name="SEC82"></a>
+<h1 class="appendix"> <a href="libunistring.html#TOC82">B. Licenses</a> </h1>
+
+<p>The files of this package are covered by the licenses indicated in each
+particular file or directory.  Here is a summary:
+</p>
+<ul>
+<li>
+The <code>libunistring</code> library and its header files are dual-licensed under
+&quot;the GNU LGPLv3+ or the GNU GPLv2&quot;. This means, you can use it under either
+<ul>
+<li> -
+the terms of the GNU Lesser General Public License (LGPL) version 3 or
+(at your option) any later version, or
+</li><li> -
+the terms of the GNU General Public License (GPL) version 2, or
+</li><li> -
+the same dual license &quot;the GNU LGPLv3+ or the GNU GPLv2&quot;.
+</li></ul>
+<p>You find the GNU LGPL version 3 in <a href="#SEC88">GNU LESSER GENERAL PUBLIC LICENSE</a>.  This license is
+based on the GNU GPL version 3, see <a href="#SEC83">GNU GENERAL PUBLIC LICENSE</a>.
+<br>
+You can find the GNU GPL version 2 at
+<a href="https://www.gnu.org/licenses/old-licenses/gpl-2.0.html">https://www.gnu.org/licenses/old-licenses/gpl-2.0.html</a>.
+<br>
+Note: This dual license makes it possible for the <code>libunistring</code> library
+to be used by packages under GPLv2 or GPLv2+ licenses, in particular. See
+the table in <a href="https://www.gnu.org/licenses/gpl-faq.html#AllCompatibility">https://www.gnu.org/licenses/gpl-faq.html#AllCompatibility</a>.
+</p>
+
+</li><li>
+This manual is free documentation.  It is dually licensed under the
+GNU FDL and the GNU GPL.  This means that you can redistribute this
+manual under either of these two licenses, at your choice.
+<br>
+This manual is covered by the GNU FDL.  Permission is granted to copy,
+distribute and/or modify this document under the terms of the
+GNU Free Documentation License (FDL), either version 1.2 of the
+License, or (at your option) any later version published by the
+Free Software Foundation (FSF); with no Invariant Sections, with no
+Front-Cover Text, and with no Back-Cover Texts.
+A copy of the license is included in <a href="#SEC89">GNU Free Documentation License</a>.
+<br>
+This manual is covered by the GNU GPL.  You can redistribute it and/or
+modify it under the terms of the GNU General Public License (GPL), either
+version 3 of the License, or (at your option) any later version published
+by the Free Software Foundation (FSF).
+A copy of the license is included in <a href="#SEC83">GNU GENERAL PUBLIC LICENSE</a>.
+</li></ul>
+
+
+
+<hr size="6">
+<a name="GNU-GPL"></a>
+<a name="SEC83"></a>
+<h2 class="appendixsec"> <a href="libunistring.html#TOC83">B.1 GNU GENERAL PUBLIC LICENSE</a> </h2>
+<p align="center"> Version 3, 29 June 2007
+</p>
+
+<table><tr><td>&nbsp;</td><td><pre class="display">Copyright &copy; 2007 Free Software Foundation, Inc. <a href="http://fsf.org/">http://fsf.org/</a>
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+</pre></td></tr></table>
+
+<a name="SEC84"></a>
+<h2 class="heading"> Preamble </h2>
+
+<p>The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+</p>
+<p>The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works.  By contrast,
+the GNU General Public License is intended to guarantee your freedom
+to share and change all versions of a program&mdash;to make sure it remains
+free software for all its users.  We, the Free Software Foundation,
+use the GNU General Public License for most of our software; it
+applies also to any other work released this way by its authors.  You
+can apply it to your programs, too.
+</p>
+<p>When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+</p>
+<p>To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights.  Therefore, you
+have certain responsibilities if you distribute copies of the
+software, or if you modify it: responsibilities to respect the freedom
+of others.
+</p>
+<p>For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received.  You must make sure that they, too,
+receive or can get the source code.  And you must show them these
+terms so they know their rights.
+</p>
+<p>Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+</p>
+<p>For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software.  For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+</p>
+<p>Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the
+manufacturer can do so.  This is fundamentally incompatible with the
+aim of protecting users' freedom to change the software.  The
+systematic pattern of such abuse occurs in the area of products for
+individuals to use, which is precisely where it is most unacceptable.
+Therefore, we have designed this version of the GPL to prohibit the
+practice for those products.  If such problems arise substantially in
+other domains, we stand ready to extend this provision to those
+domains in future versions of the GPL, as needed to protect the
+freedom of users.
+</p>
+<p>Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish
+to avoid the special danger that patents applied to a free program
+could make it effectively proprietary.  To prevent this, the GPL
+assures that patents cannot be used to render the program non-free.
+</p>
+<p>The precise terms and conditions for copying, distribution and
+modification follow.
+</p>
+<a name="SEC85"></a>
+<h2 class="heading"> TERMS AND CONDITIONS </h2>
+
+<ol>
+<li> Definitions.
+
+<p>&ldquo;This License&rdquo; refers to version 3 of the GNU General Public License.
+</p>
+<p>&ldquo;Copyright&rdquo; also means copyright-like laws that apply to other kinds
+of works, such as semiconductor masks.
+</p>
+<p>&ldquo;The Program&rdquo; refers to any copyrightable work licensed under this
+License.  Each licensee is addressed as &ldquo;you&rdquo;.  &ldquo;Licensees&rdquo; and
+&ldquo;recipients&rdquo; may be individuals or organizations.
+</p>
+<p>To &ldquo;modify&rdquo; a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of
+an exact copy.  The resulting work is called a &ldquo;modified version&rdquo; of
+the earlier work or a work &ldquo;based on&rdquo; the earlier work.
+</p>
+<p>A &ldquo;covered work&rdquo; means either the unmodified Program or a work based
+on the Program.
+</p>
+<p>To &ldquo;propagate&rdquo; a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy.  Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+</p>
+<p>To &ldquo;convey&rdquo; a work means any kind of propagation that enables other
+parties to make or receive copies.  Mere interaction with a user
+through a computer network, with no transfer of a copy, is not
+conveying.
+</p>
+<p>An interactive user interface displays &ldquo;Appropriate Legal Notices&rdquo; to
+the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License.  If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+</p>
+</li><li> Source Code.
+
+<p>The &ldquo;source code&rdquo; for a work means the preferred form of the work for
+making modifications to it.  &ldquo;Object code&rdquo; means any non-source form
+of a work.
+</p>
+<p>A &ldquo;Standard Interface&rdquo; means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+</p>
+<p>The &ldquo;System Libraries&rdquo; of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form.  A
+&ldquo;Major Component&rdquo;, in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+</p>
+<p>The &ldquo;Corresponding Source&rdquo; for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities.  However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work.  For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+</p>
+<p>The Corresponding Source need not include anything that users can
+regenerate automatically from other parts of the Corresponding Source.
+</p>
+<p>The Corresponding Source for a work in source code form is that same
+work.
+</p>
+</li><li> Basic Permissions.
+
+<p>All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met.  This License explicitly affirms your unlimited
+permission to run the unmodified Program.  The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work.  This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+</p>
+<p>You may make, run and propagate covered works that you do not convey,
+without conditions so long as your license otherwise remains in force.
+You may convey covered works to others for the sole purpose of having
+them make modifications exclusively for you, or provide you with
+facilities for running those works, provided that you comply with the
+terms of this License in conveying all material for which you do not
+control copyright.  Those thus making or running the covered works for
+you must do so exclusively on your behalf, under your direction and
+control, on terms that prohibit them from making any copies of your
+copyrighted material outside their relationship with you.
+</p>
+<p>Conveying under any other circumstances is permitted solely under the
+conditions stated below.  Sublicensing is not allowed; section 10
+makes it unnecessary.
+</p>
+</li><li> Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+<p>No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+</p>
+<p>When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such
+circumvention is effected by exercising rights under this License with
+respect to the covered work, and you disclaim any intention to limit
+operation or modification of the work as a means of enforcing, against
+the work's users, your or third parties' legal rights to forbid
+circumvention of technological measures.
+</p>
+</li><li> Conveying Verbatim Copies.
+
+<p>You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+</p>
+<p>You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+</p>
+</li><li> Conveying Modified Source Versions.
+
+<p>You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these
+conditions:
+</p>
+<ol>
+<li>
+The work must carry prominent notices stating that you modified it,
+and giving a relevant date.
+
+</li><li>
+The work must carry prominent notices stating that it is released
+under this License and any conditions added under section 7.  This
+requirement modifies the requirement in section 4 to &ldquo;keep intact all
+notices&rdquo;.
+
+</li><li>
+You must license the entire work, as a whole, under this License to
+anyone who comes into possession of a copy.  This License will
+therefore apply, along with any applicable section 7 additional terms,
+to the whole of the work, and all its parts, regardless of how they
+are packaged.  This License gives no permission to license the work in
+any other way, but it does not invalidate such permission if you have
+separately received it.
+
+</li><li>
+If the work has interactive user interfaces, each must display
+Appropriate Legal Notices; however, if the Program has interactive
+interfaces that do not display Appropriate Legal Notices, your work
+need not make them do so.
+</li></ol>
+
+<p>A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+&ldquo;aggregate&rdquo; if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit.  Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+</p>
+</li><li>  Conveying Non-Source Forms.
+
+<p>You may convey a covered work in object code form under the terms of
+sections 4 and 5, provided that you also convey the machine-readable
+Corresponding Source under the terms of this License, in one of these
+ways:
+</p>
+<ol>
+<li>
+Convey the object code in, or embodied in, a physical product
+(including a physical distribution medium), accompanied by the
+Corresponding Source fixed on a durable physical medium customarily
+used for software interchange.
+
+</li><li>
+Convey the object code in, or embodied in, a physical product
+(including a physical distribution medium), accompanied by a written
+offer, valid for at least three years and valid for as long as you
+offer spare parts or customer support for that product model, to give
+anyone who possesses the object code either (1) a copy of the
+Corresponding Source for all the software in the product that is
+covered by this License, on a durable physical medium customarily used
+for software interchange, for a price no more than your reasonable
+cost of physically performing this conveying of source, or (2) access
+to copy the Corresponding Source from a network server at no charge.
+
+</li><li>
+Convey individual copies of the object code with a copy of the written
+offer to provide the Corresponding Source.  This alternative is
+allowed only occasionally and noncommercially, and only if you
+received the object code with such an offer, in accord with subsection
+6b.
+
+</li><li>
+Convey the object code by offering access from a designated place
+(gratis or for a charge), and offer equivalent access to the
+Corresponding Source in the same way through the same place at no
+further charge.  You need not require recipients to copy the
+Corresponding Source along with the object code.  If the place to copy
+the object code is a network server, the Corresponding Source may be
+on a different server (operated by you or a third party) that supports
+equivalent copying facilities, provided you maintain clear directions
+next to the object code saying where to find the Corresponding Source.
+Regardless of what server hosts the Corresponding Source, you remain
+obligated to ensure that it is available for as long as needed to
+satisfy these requirements.
+
+</li><li>
+Convey the object code using peer-to-peer transmission, provided you
+inform other peers where the object code and Corresponding Source of
+the work are being offered to the general public at no charge under
+subsection 6d.
+
+</li></ol>
+
+<p>A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+</p>
+<p>A &ldquo;User Product&rdquo; is either (1) a &ldquo;consumer product&rdquo;, which means any
+tangible personal property which is normally used for personal,
+family, or household purposes, or (2) anything designed or sold for
+incorporation into a dwelling.  In determining whether a product is a
+consumer product, doubtful cases shall be resolved in favor of
+coverage.  For a particular product received by a particular user,
+&ldquo;normally used&rdquo; refers to a typical or common use of that class of
+product, regardless of the status of the particular user or of the way
+in which the particular user actually uses, or expects or is expected
+to use, the product.  A product is a consumer product regardless of
+whether the product has substantial commercial, industrial or
+non-consumer uses, unless such uses represent the only significant
+mode of use of the product.
+</p>
+<p>&ldquo;Installation Information&rdquo; for a User Product means any methods,
+procedures, authorization keys, or other information required to
+install and execute modified versions of a covered work in that User
+Product from a modified version of its Corresponding Source.  The
+information must suffice to ensure that the continued functioning of
+the modified object code is in no case prevented or interfered with
+solely because modification has been made.
+</p>
+<p>If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information.  But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+</p>
+<p>The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or
+updates for a work that has been modified or installed by the
+recipient, or for the User Product in which it has been modified or
+installed.  Access to a network may be denied when the modification
+itself materially and adversely affects the operation of the network
+or violates the rules and protocols for communication across the
+network.
+</p>
+<p>Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+</p>
+</li><li> Additional Terms.
+
+<p>&ldquo;Additional permissions&rdquo; are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law.  If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+</p>
+<p>When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it.  (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.)  You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+</p>
+<p>Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders
+of that material) supplement the terms of this License with terms:
+</p>
+<ol>
+<li>
+Disclaiming warranty or limiting liability differently from the terms
+of sections 15 and 16 of this License; or
+
+</li><li>
+Requiring preservation of specified reasonable legal notices or author
+attributions in that material or in the Appropriate Legal Notices
+displayed by works containing it; or
+
+</li><li>
+Prohibiting misrepresentation of the origin of that material, or
+requiring that modified versions of such material be marked in
+reasonable ways as different from the original version; or
+
+</li><li>
+Limiting the use for publicity purposes of names of licensors or
+authors of the material; or
+
+</li><li>
+Declining to grant rights under trademark law for use of some trade
+names, trademarks, or service marks; or
+
+</li><li>
+Requiring indemnification of licensors and authors of that material by
+anyone who conveys the material (or modified versions of it) with
+contractual assumptions of liability to the recipient, for any
+liability that these contractual assumptions directly impose on those
+licensors and authors.
+</li></ol>
+
+<p>All other non-permissive additional terms are considered &ldquo;further
+restrictions&rdquo; within the meaning of section 10.  If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term.  If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+</p>
+<p>If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+</p>
+<p>Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions; the
+above requirements apply either way.
+</p>
+</li><li> Termination.
+
+<p>You may not propagate or modify a covered work except as expressly
+provided under this License.  Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+</p>
+<p>However, if you cease all violation of this License, then your license
+from a particular copyright holder is reinstated (a) provisionally,
+unless and until the copyright holder explicitly and finally
+terminates your license, and (b) permanently, if the copyright holder
+fails to notify you of the violation by some reasonable means prior to
+60 days after the cessation.
+</p>
+<p>Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+</p>
+<p>Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+</p>
+</li><li> Acceptance Not Required for Having Copies.
+
+<p>You are not required to accept this License in order to receive or run
+a copy of the Program.  Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance.  However,
+nothing other than this License grants you permission to propagate or
+modify any covered work.  These actions infringe copyright if you do
+not accept this License.  Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+</p>
+</li><li> Automatic Licensing of Downstream Recipients.
+
+<p>Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License.  You are not responsible
+for enforcing compliance by third parties with this License.
+</p>
+<p>An &ldquo;entity transaction&rdquo; is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations.  If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+</p>
+<p>You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License.  For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+</p>
+</li><li> Patents.
+
+<p>A &ldquo;contributor&rdquo; is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based.  The
+work thus licensed is called the contributor's &ldquo;contributor version&rdquo;.
+</p>
+<p>A contributor's &ldquo;essential patent claims&rdquo; are all patent claims owned
+or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version.  For
+purposes of this definition, &ldquo;control&rdquo; includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+</p>
+<p>Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+</p>
+<p>In the following three paragraphs, a &ldquo;patent license&rdquo; is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement).  To &ldquo;grant&rdquo; such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+</p>
+<p>If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  &ldquo;Knowingly relying&rdquo; means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+</p>
+<p>If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+</p>
+<p>A patent license is &ldquo;discriminatory&rdquo; if it does not include within the
+scope of its coverage, prohibits the exercise of, or is conditioned on
+the non-exercise of one or more of the rights that are specifically
+granted under this License.  You may not convey a covered work if you
+are a party to an arrangement with a third party that is in the
+business of distributing software, under which you make payment to the
+third party based on the extent of your activity of conveying the
+work, and under which the third party grants, to any of the parties
+who would receive the covered work from you, a discriminatory patent
+license (a) in connection with copies of the covered work conveyed by
+you (or copies made from those copies), or (b) primarily for and in
+connection with specific products or compilations that contain the
+covered work, unless you entered into that arrangement, or that patent
+license was granted, prior to 28 March 2007.
+</p>
+<p>Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+</p>
+</li><li> No Surrender of Others' Freedom.
+
+<p>If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot convey
+a covered work so as to satisfy simultaneously your obligations under
+this License and any other pertinent obligations, then as a
+consequence you may not convey it at all.  For example, if you agree
+to terms that obligate you to collect a royalty for further conveying
+from those to whom you convey the Program, the only way you could
+satisfy both those terms and this License would be to refrain entirely
+from conveying the Program.
+</p>
+</li><li> Use with the GNU Affero General Public License.
+
+<p>Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work.  The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+</p>
+</li><li> Revised Versions of this License.
+
+<p>The Free Software Foundation may publish revised and/or new versions
+of the GNU General Public License from time to time.  Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+</p>
+<p>Each version is given a distinguishing version number.  If the Program
+specifies that a certain numbered version of the GNU General Public
+License &ldquo;or any later version&rdquo; applies to it, you have the option of
+following the terms and conditions either of that numbered version or
+of any later version published by the Free Software Foundation.  If
+the Program does not specify a version number of the GNU General
+Public License, you may choose any version ever published by the Free
+Software Foundation.
+</p>
+<p>If the Program specifies that a proxy can decide which future versions
+of the GNU General Public License can be used, that proxy's public
+statement of acceptance of a version permanently authorizes you to
+choose that version for the Program.
+</p>
+<p>Later license versions may give you additional or different
+permissions.  However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+</p>
+</li><li> Disclaimer of Warranty.
+
+<p>THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM &ldquo;AS IS&rdquo; WITHOUT
+WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND
+PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE PROGRAM PROVE
+DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR
+CORRECTION.
+</p>
+</li><li> Limitation of Liability.
+
+<p>IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR
+CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
+ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT
+NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
+LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
+TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER
+PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+</p>
+</li><li> Interpretation of Sections 15 and 16.
+
+<p>If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+</p>
+</li></ol>
+
+<a name="SEC86"></a>
+<h2 class="heading"> END OF TERMS AND CONDITIONS </h2>
+
+<a name="SEC87"></a>
+<h2 class="heading"> How to Apply These Terms to Your New Programs </h2>
+
+<p>If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these
+terms.
+</p>
+<p>To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the &ldquo;copyright&rdquo; line and a pointer to where the full notice is found.
+</p>
+<table><tr><td>&nbsp;</td><td><pre class="smallexample"><var>one line to give the program's name and a brief idea of what it does.</var>
+Copyright (C) <var>year</var> <var>name of author</var>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or (at
+your option) any later version.
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <a href="http://www.gnu.org/licenses/">http://www.gnu.org/licenses/</a>.
+</pre></td></tr></table>
+
+<p>Also add information on how to contact you by electronic and paper mail.
+</p>
+<p>If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+</p>
+<table><tr><td>&nbsp;</td><td><pre class="smallexample"><var>program</var> Copyright (C) <var>year</var> <var>name of author</var>
+This program comes with ABSOLUTELY NO WARRANTY; for details type &lsquo;<samp>show w</samp>&rsquo;.
+This is free software, and you are welcome to redistribute it
+under certain conditions; type &lsquo;<samp>show c</samp>&rsquo; for details.
+</pre></td></tr></table>
+
+<p>The hypothetical commands &lsquo;<samp>show w</samp>&rsquo; and &lsquo;<samp>show c</samp>&rsquo; should show
+the appropriate parts of the General Public License.  Of course, your
+program's commands might be different; for a GUI interface, you would
+use an &ldquo;about box&rdquo;.
+</p>
+<p>You should also get your employer (if you work as a programmer) or school,
+if any, to sign a &ldquo;copyright disclaimer&rdquo; for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+<a href="http://www.gnu.org/licenses/">http://www.gnu.org/licenses/</a>.
+</p>
+<p>The GNU General Public License does not permit incorporating your
+program into proprietary programs.  If your program is a subroutine
+library, you may consider it more useful to permit linking proprietary
+applications with the library.  If this is what you want to do, use
+the GNU Lesser General Public License instead of this License.  But
+first, please read <a href="http://www.gnu.org/philosophy/why-not-lgpl.html">http://www.gnu.org/philosophy/why-not-lgpl.html</a>.
+
+</p><hr size="6">
+<a name="GNU-LGPL"></a>
+<a name="SEC88"></a>
+<h2 class="appendixsec"> <a href="libunistring.html#TOC84">B.2 GNU LESSER GENERAL PUBLIC LICENSE</a> </h2>
+<p align="center"> Version 3, 29 June 2007
+</p>
+
+<table><tr><td>&nbsp;</td><td><pre class="display">Copyright &copy; 2007 Free Software Foundation, Inc. <a href="http://fsf.org/">http://fsf.org/</a>
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+</pre></td></tr></table>
+
+<p>This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+</p>
+<ol>
+<li> Additional Definitions.
+
+<p>As used herein, &ldquo;this License&rdquo; refers to version 3 of the GNU Lesser
+General Public License, and the &ldquo;GNU GPL&rdquo; refers to version 3 of the GNU
+General Public License.
+</p>
+<p>&ldquo;The Library&rdquo; refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+</p>
+<p>An &ldquo;Application&rdquo; is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+</p>
+<p>A &ldquo;Combined Work&rdquo; is a work produced by combining or linking an
+Application with the Library.  The particular version of the Library
+with which the Combined Work was made is also called the &ldquo;Linked
+Version&rdquo;.
+</p>
+<p>The &ldquo;Minimal Corresponding Source&rdquo; for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+</p>
+<p>The &ldquo;Corresponding Application Code&rdquo; for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+</p>
+</li><li> Exception to Section 3 of the GNU GPL.
+
+<p>You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+</p>
+</li><li> Conveying Modified Versions.
+
+<p>If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+</p>
+<ol>
+<li>
+under this License, provided that you make a good faith effort to
+ensure that, in the event an Application does not supply the
+function or data, the facility still operates, and performs
+whatever part of its purpose remains meaningful, or
+
+</li><li>
+under the GNU GPL, with none of the additional permissions of
+this License applicable to that copy.
+</li></ol>
+
+</li><li> Object Code Incorporating Material from Library Header Files.
+
+<p>The object code form of an Application may incorporate material from
+a header file that is part of the Library.  You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+</p>
+<ol>
+<li>
+Give prominent notice with each copy of the object code that the
+Library is used in it and that the Library and its use are
+covered by this License.
+</li><li>
+Accompany the object code with a copy of the GNU GPL and this license
+document.
+</li></ol>
+
+</li><li> Combined Works.
+
+<p>You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+</p>
+<ol>
+<li>
+Give prominent notice with each copy of the Combined Work that
+the Library is used in it and that the Library and its use are
+covered by this License.
+</li><li>
+Accompany the Combined Work with a copy of the GNU GPL and this license
+document.
+</li><li>
+For a Combined Work that displays copyright notices during
+execution, include the copyright notice for the Library among
+these notices, as well as a reference directing the user to the
+copies of the GNU GPL and this license document.
+</li><li>
+Do one of the following:
+
+<ol>
+<li>
+Convey the Minimal Corresponding Source under the terms of this
+License, and the Corresponding Application Code in a form
+suitable for, and under terms that permit, the user to
+recombine or relink the Application with a modified version of
+the Linked Version to produce a modified Combined Work, in the
+manner specified by section 6 of the GNU GPL for conveying
+Corresponding Source.
+</li><li>
+Use a suitable shared library mechanism for linking with the
+Library.  A suitable mechanism is one that (a) uses at run time
+a copy of the Library already present on the user's computer
+system, and (b) will operate properly with a modified version
+of the Library that is interface-compatible with the Linked
+Version.
+</li></ol>
+
+</li><li>
+Provide Installation Information, but only if you would otherwise
+be required to provide such information under section 6 of the
+GNU GPL, and only to the extent that such information is
+necessary to install and execute a modified version of the
+Combined Work produced by recombining or relinking the
+Application with a modified version of the Linked Version. (If
+you use option 4d0, the Installation Information must accompany
+the Minimal Corresponding Source and Corresponding Application
+Code. If you use option 4d1, you must provide the Installation
+Information in the manner specified by section 6 of the GNU GPL
+for conveying Corresponding Source.)
+</li></ol>
+
+</li><li> Combined Libraries.
+
+<p>You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+</p>
+<ol>
+<li>
+Accompany the combined library with a copy of the same work based
+on the Library, uncombined with any other library facilities,
+conveyed under the terms of this License.
+</li><li>
+Give prominent notice with the combined library that part of it
+is a work based on the Library, and explaining where to find the
+accompanying uncombined form of the same work.
+</li></ol>
+
+</li><li> Revised Versions of the GNU Lesser General Public License.
+
+<p>The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+</p>
+<p>Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License &ldquo;or any later version&rdquo;
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+</p>
+<p>If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.
+</p>
+</li></ol>
+
+<hr size="6">
+<a name="GNU-FDL"></a>
+<a name="SEC89"></a>
+<h2 class="appendixsec"> <a href="libunistring.html#TOC85">B.3 GNU Free Documentation License</a> </h2>
+<p align="center"> Version 1.3, 3 November 2008
+</p>
+
+<table><tr><td>&nbsp;</td><td><pre class="display">Copyright &copy; 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc.
+<a href="http://fsf.org/">http://fsf.org/</a>
+
+Everyone is permitted to copy and distribute verbatim copies
+of this license document, but changing it is not allowed.
+</pre></td></tr></table>
+
+<ol>
+<li>
+PREAMBLE
+
+<p>The purpose of this License is to make a manual, textbook, or other
+functional and useful document <em>free</em> in the sense of freedom: to
+assure everyone the effective freedom to copy and redistribute it,
+with or without modifying it, either commercially or noncommercially.
+Secondarily, this License preserves for the author and publisher a way
+to get credit for their work, while not being considered responsible
+for modifications made by others.
+</p>
+<p>This License is a kind of &ldquo;copyleft&rdquo;, which means that derivative
+works of the document must themselves be free in the same sense.  It
+complements the GNU General Public License, which is a copyleft
+license designed for free software.
+</p>
+<p>We have designed this License in order to use it for manuals for free
+software, because free software needs free documentation: a free
+program should come with manuals providing the same freedoms that the
+software does.  But this License is not limited to software manuals;
+it can be used for any textual work, regardless of subject matter or
+whether it is published as a printed book.  We recommend this License
+principally for works whose purpose is instruction or reference.
+</p>
+</li><li>
+APPLICABILITY AND DEFINITIONS
+
+<p>This License applies to any manual or other work, in any medium, that
+contains a notice placed by the copyright holder saying it can be
+distributed under the terms of this License.  Such a notice grants a
+world-wide, royalty-free license, unlimited in duration, to use that
+work under the conditions stated herein.  The &ldquo;Document&rdquo;, below,
+refers to any such manual or work.  Any member of the public is a
+licensee, and is addressed as &ldquo;you&rdquo;.  You accept the license if you
+copy, modify or distribute the work in a way requiring permission
+under copyright law.
+</p>
+<p>A &ldquo;Modified Version&rdquo; of the Document means any work containing the
+Document or a portion of it, either copied verbatim, or with
+modifications and/or translated into another language.
+</p>
+<p>A &ldquo;Secondary Section&rdquo; is a named appendix or a front-matter section
+of the Document that deals exclusively with the relationship of the
+publishers or authors of the Document to the Document's overall
+subject (or to related matters) and contains nothing that could fall
+directly within that overall subject.  (Thus, if the Document is in
+part a textbook of mathematics, a Secondary Section may not explain
+any mathematics.)  The relationship could be a matter of historical
+connection with the subject or with related matters, or of legal,
+commercial, philosophical, ethical or political position regarding
+them.
+</p>
+<p>The &ldquo;Invariant Sections&rdquo; are certain Secondary Sections whose titles
+are designated, as being those of Invariant Sections, in the notice
+that says that the Document is released under this License.  If a
+section does not fit the above definition of Secondary then it is not
+allowed to be designated as Invariant.  The Document may contain zero
+Invariant Sections.  If the Document does not identify any Invariant
+Sections then there are none.
+</p>
+<p>The &ldquo;Cover Texts&rdquo; are certain short passages of text that are listed,
+as Front-Cover Texts or Back-Cover Texts, in the notice that says that
+the Document is released under this License.  A Front-Cover Text may
+be at most 5 words, and a Back-Cover Text may be at most 25 words.
+</p>
+<p>A &ldquo;Transparent&rdquo; copy of the Document means a machine-readable copy,
+represented in a format whose specification is available to the
+general public, that is suitable for revising the document
+straightforwardly with generic text editors or (for images composed of
+pixels) generic paint programs or (for drawings) some widely available
+drawing editor, and that is suitable for input to text formatters or
+for automatic translation to a variety of formats suitable for input
+to text formatters.  A copy made in an otherwise Transparent file
+format whose markup, or absence of markup, has been arranged to thwart
+or discourage subsequent modification by readers is not Transparent.
+An image format is not Transparent if used for any substantial amount
+of text.  A copy that is not &ldquo;Transparent&rdquo; is called &ldquo;Opaque&rdquo;.
+</p>
+<p>Examples of suitable formats for Transparent copies include plain
+<small>ASCII</small> without markup, Texinfo input format, LaTeX input
+format, <acronym>SGML</acronym> or <acronym>XML</acronym> using a publicly available
+<acronym>DTD</acronym>, and standard-conforming simple <acronym>HTML</acronym>,
+PostScript or <acronym>PDF</acronym> designed for human modification.  Examples
+of transparent image formats include <acronym>PNG</acronym>, <acronym>XCF</acronym> and
+<acronym>JPG</acronym>.  Opaque formats include proprietary formats that can be
+read and edited only by proprietary word processors, <acronym>SGML</acronym> or
+<acronym>XML</acronym> for which the <acronym>DTD</acronym> and/or processing tools are
+not generally available, and the machine-generated <acronym>HTML</acronym>,
+PostScript or <acronym>PDF</acronym> produced by some word processors for
+output purposes only.
+</p>
+<p>The &ldquo;Title Page&rdquo; means, for a printed book, the title page itself,
+plus such following pages as are needed to hold, legibly, the material
+this License requires to appear in the title page.  For works in
+formats which do not have any title page as such, &ldquo;Title Page&rdquo; means
+the text near the most prominent appearance of the work's title,
+preceding the beginning of the body of the text.
+</p>
+<p>The &ldquo;publisher&rdquo; means any person or entity that distributes copies
+of the Document to the public.
+</p>
+<p>A section &ldquo;Entitled XYZ&rdquo; means a named subunit of the Document whose
+title either is precisely XYZ or contains XYZ in parentheses following
+text that translates XYZ in another language.  (Here XYZ stands for a
+specific section name mentioned below, such as &ldquo;Acknowledgements&rdquo;,
+&ldquo;Dedications&rdquo;, &ldquo;Endorsements&rdquo;, or &ldquo;History&rdquo;.)  To &ldquo;Preserve the Title&rdquo;
+of such a section when you modify the Document means that it remains a
+section &ldquo;Entitled XYZ&rdquo; according to this definition.
+</p>
+<p>The Document may include Warranty Disclaimers next to the notice which
+states that this License applies to the Document.  These Warranty
+Disclaimers are considered to be included by reference in this
+License, but only as regards disclaiming warranties: any other
+implication that these Warranty Disclaimers may have is void and has
+no effect on the meaning of this License.
+</p>
+</li><li>
+VERBATIM COPYING
+
+<p>You may copy and distribute the Document in any medium, either
+commercially or noncommercially, provided that this License, the
+copyright notices, and the license notice saying this License applies
+to the Document are reproduced in all copies, and that you add no other
+conditions whatsoever to those of this License.  You may not use
+technical measures to obstruct or control the reading or further
+copying of the copies you make or distribute.  However, you may accept
+compensation in exchange for copies.  If you distribute a large enough
+number of copies you must also follow the conditions in section 3.
+</p>
+<p>You may also lend copies, under the same conditions stated above, and
+you may publicly display copies.
+</p>
+</li><li>
+COPYING IN QUANTITY
+
+<p>If you publish printed copies (or copies in media that commonly have
+printed covers) of the Document, numbering more than 100, and the
+Document's license notice requires Cover Texts, you must enclose the
+copies in covers that carry, clearly and legibly, all these Cover
+Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on
+the back cover.  Both covers must also clearly and legibly identify
+you as the publisher of these copies.  The front cover must present
+the full title with all words of the title equally prominent and
+visible.  You may add other material on the covers in addition.
+Copying with changes limited to the covers, as long as they preserve
+the title of the Document and satisfy these conditions, can be treated
+as verbatim copying in other respects.
+</p>
+<p>If the required texts for either cover are too voluminous to fit
+legibly, you should put the first ones listed (as many as fit
+reasonably) on the actual cover, and continue the rest onto adjacent
+pages.
+</p>
+<p>If you publish or distribute Opaque copies of the Document numbering
+more than 100, you must either include a machine-readable Transparent
+copy along with each Opaque copy, or state in or with each Opaque copy
+a computer-network location from which the general network-using
+public has access to download using public-standard network protocols
+a complete Transparent copy of the Document, free of added material.
+If you use the latter option, you must take reasonably prudent steps,
+when you begin distribution of Opaque copies in quantity, to ensure
+that this Transparent copy will remain thus accessible at the stated
+location until at least one year after the last time you distribute an
+Opaque copy (directly or through your agents or retailers) of that
+edition to the public.
+</p>
+<p>It is requested, but not required, that you contact the authors of the
+Document well before redistributing any large number of copies, to give
+them a chance to provide you with an updated version of the Document.
+</p>
+</li><li>
+MODIFICATIONS
+
+<p>You may copy and distribute a Modified Version of the Document under
+the conditions of sections 2 and 3 above, provided that you release
+the Modified Version under precisely this License, with the Modified
+Version filling the role of the Document, thus licensing distribution
+and modification of the Modified Version to whoever possesses a copy
+of it.  In addition, you must do these things in the Modified Version:
+</p>
+<ol>
+<li>
+Use in the Title Page (and on the covers, if any) a title distinct
+from that of the Document, and from those of previous versions
+(which should, if there were any, be listed in the History section
+of the Document).  You may use the same title as a previous version
+if the original publisher of that version gives permission.
+
+</li><li>
+List on the Title Page, as authors, one or more persons or entities
+responsible for authorship of the modifications in the Modified
+Version, together with at least five of the principal authors of the
+Document (all of its principal authors, if it has fewer than five),
+unless they release you from this requirement.
+
+</li><li>
+State on the Title page the name of the publisher of the
+Modified Version, as the publisher.
+
+</li><li>
+Preserve all the copyright notices of the Document.
+
+</li><li>
+Add an appropriate copyright notice for your modifications
+adjacent to the other copyright notices.
+
+</li><li>
+Include, immediately after the copyright notices, a license notice
+giving the public permission to use the Modified Version under the
+terms of this License, in the form shown in the Addendum below.
+
+</li><li>
+Preserve in that license notice the full lists of Invariant Sections
+and required Cover Texts given in the Document's license notice.
+
+</li><li>
+Include an unaltered copy of this License.
+
+</li><li>
+Preserve the section Entitled &ldquo;History&rdquo;, Preserve its Title, and add
+to it an item stating at least the title, year, new authors, and
+publisher of the Modified Version as given on the Title Page.  If
+there is no section Entitled &ldquo;History&rdquo; in the Document, create one
+stating the title, year, authors, and publisher of the Document as
+given on its Title Page, then add an item describing the Modified
+Version as stated in the previous sentence.
+
+</li><li>
+Preserve the network location, if any, given in the Document for
+public access to a Transparent copy of the Document, and likewise
+the network locations given in the Document for previous versions
+it was based on.  These may be placed in the &ldquo;History&rdquo; section.
+You may omit a network location for a work that was published at
+least four years before the Document itself, or if the original
+publisher of the version it refers to gives permission.
+
+</li><li>
+For any section Entitled &ldquo;Acknowledgements&rdquo; or &ldquo;Dedications&rdquo;, Preserve
+the Title of the section, and preserve in the section all the
+substance and tone of each of the contributor acknowledgements and/or
+dedications given therein.
+
+</li><li>
+Preserve all the Invariant Sections of the Document,
+unaltered in their text and in their titles.  Section numbers
+or the equivalent are not considered part of the section titles.
+
+</li><li>
+Delete any section Entitled &ldquo;Endorsements&rdquo;.  Such a section
+may not be included in the Modified Version.
+
+</li><li>
+Do not retitle any existing section to be Entitled &ldquo;Endorsements&rdquo; or
+to conflict in title with any Invariant Section.
+
+</li><li>
+Preserve any Warranty Disclaimers.
+</li></ol>
+
+<p>If the Modified Version includes new front-matter sections or
+appendices that qualify as Secondary Sections and contain no material
+copied from the Document, you may at your option designate some or all
+of these sections as invariant.  To do this, add their titles to the
+list of Invariant Sections in the Modified Version's license notice.
+These titles must be distinct from any other section titles.
+</p>
+<p>You may add a section Entitled &ldquo;Endorsements&rdquo;, provided it contains
+nothing but endorsements of your Modified Version by various
+parties&mdash;for example, statements of peer review or that the text has
+been approved by an organization as the authoritative definition of a
+standard.
+</p>
+<p>You may add a passage of up to five words as a Front-Cover Text, and a
+passage of up to 25 words as a Back-Cover Text, to the end of the list
+of Cover Texts in the Modified Version.  Only one passage of
+Front-Cover Text and one of Back-Cover Text may be added by (or
+through arrangements made by) any one entity.  If the Document already
+includes a cover text for the same cover, previously added by you or
+by arrangement made by the same entity you are acting on behalf of,
+you may not add another; but you may replace the old one, on explicit
+permission from the previous publisher that added the old one.
+</p>
+<p>The author(s) and publisher(s) of the Document do not by this License
+give permission to use their names for publicity for or to assert or
+imply endorsement of any Modified Version.
+</p>
+</li><li>
+COMBINING DOCUMENTS
+
+<p>You may combine the Document with other documents released under this
+License, under the terms defined in section 4 above for modified
+versions, provided that you include in the combination all of the
+Invariant Sections of all of the original documents, unmodified, and
+list them all as Invariant Sections of your combined work in its
+license notice, and that you preserve all their Warranty Disclaimers.
+</p>
+<p>The combined work need only contain one copy of this License, and
+multiple identical Invariant Sections may be replaced with a single
+copy.  If there are multiple Invariant Sections with the same name but
+different contents, make the title of each such section unique by
+adding at the end of it, in parentheses, the name of the original
+author or publisher of that section if known, or else a unique number.
+Make the same adjustment to the section titles in the list of
+Invariant Sections in the license notice of the combined work.
+</p>
+<p>In the combination, you must combine any sections Entitled &ldquo;History&rdquo;
+in the various original documents, forming one section Entitled
+&ldquo;History&rdquo;; likewise combine any sections Entitled &ldquo;Acknowledgements&rdquo;,
+and any sections Entitled &ldquo;Dedications&rdquo;.  You must delete all
+sections Entitled &ldquo;Endorsements.&rdquo;
+</p>
+</li><li>
+COLLECTIONS OF DOCUMENTS
+
+<p>You may make a collection consisting of the Document and other documents
+released under this License, and replace the individual copies of this
+License in the various documents with a single copy that is included in
+the collection, provided that you follow the rules of this License for
+verbatim copying of each of the documents in all other respects.
+</p>
+<p>You may extract a single document from such a collection, and distribute
+it individually under this License, provided you insert a copy of this
+License into the extracted document, and follow this License in all
+other respects regarding verbatim copying of that document.
+</p>
+</li><li>
+AGGREGATION WITH INDEPENDENT WORKS
+
+<p>A compilation of the Document or its derivatives with other separate
+and independent documents or works, in or on a volume of a storage or
+distribution medium, is called an &ldquo;aggregate&rdquo; if the copyright
+resulting from the compilation is not used to limit the legal rights
+of the compilation's users beyond what the individual works permit.
+When the Document is included in an aggregate, this License does not
+apply to the other works in the aggregate which are not themselves
+derivative works of the Document.
+</p>
+<p>If the Cover Text requirement of section 3 is applicable to these
+copies of the Document, then if the Document is less than one half of
+the entire aggregate, the Document's Cover Texts may be placed on
+covers that bracket the Document within the aggregate, or the
+electronic equivalent of covers if the Document is in electronic form.
+Otherwise they must appear on printed covers that bracket the whole
+aggregate.
+</p>
+</li><li>
+TRANSLATION
+
+<p>Translation is considered a kind of modification, so you may
+distribute translations of the Document under the terms of section 4.
+Replacing Invariant Sections with translations requires special
+permission from their copyright holders, but you may include
+translations of some or all Invariant Sections in addition to the
+original versions of these Invariant Sections.  You may include a
+translation of this License, and all the license notices in the
+Document, and any Warranty Disclaimers, provided that you also include
+the original English version of this License and the original versions
+of those notices and disclaimers.  In case of a disagreement between
+the translation and the original version of this License or a notice
+or disclaimer, the original version will prevail.
+</p>
+<p>If a section in the Document is Entitled &ldquo;Acknowledgements&rdquo;,
+&ldquo;Dedications&rdquo;, or &ldquo;History&rdquo;, the requirement (section 4) to Preserve
+its Title (section 1) will typically require changing the actual
+title.
+</p>
+</li><li>
+TERMINATION
+
+<p>You may not copy, modify, sublicense, or distribute the Document
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense, or distribute it is void, and
+will automatically terminate your rights under this License.
+</p>
+<p>However, if you cease all violation of this License, then your license
+from a particular copyright holder is reinstated (a) provisionally,
+unless and until the copyright holder explicitly and finally
+terminates your license, and (b) permanently, if the copyright holder
+fails to notify you of the violation by some reasonable means prior to
+60 days after the cessation.
+</p>
+<p>Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+</p>
+<p>Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, receipt of a copy of some or all of the same material does
+not give you any rights to use it.
+</p>
+</li><li>
+FUTURE REVISIONS OF THIS LICENSE
+
+<p>The Free Software Foundation may publish new, revised versions
+of the GNU Free Documentation License from time to time.  Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.  See
+<a href="http://www.gnu.org/copyleft/">http://www.gnu.org/copyleft/</a>.
+</p>
+<p>Each version of the License is given a distinguishing version number.
+If the Document specifies that a particular numbered version of this
+License &ldquo;or any later version&rdquo; applies to it, you have the option of
+following the terms and conditions either of that specified version or
+of any later version that has been published (not as a draft) by the
+Free Software Foundation.  If the Document does not specify a version
+number of this License, you may choose any version ever published (not
+as a draft) by the Free Software Foundation.  If the Document
+specifies that a proxy can decide which future versions of this
+License can be used, that proxy's public statement of acceptance of a
+version permanently authorizes you to choose that version for the
+Document.
+</p>
+</li><li>
+RELICENSING
+
+<p>&ldquo;Massive Multiauthor Collaboration Site&rdquo; (or &ldquo;MMC Site&rdquo;) means any
+World Wide Web server that publishes copyrightable works and also
+provides prominent facilities for anybody to edit those works.  A
+public wiki that anybody can edit is an example of such a server.  A
+&ldquo;Massive Multiauthor Collaboration&rdquo; (or &ldquo;MMC&rdquo;) contained in the
+site means any set of copyrightable works thus published on the MMC
+site.
+</p>
+<p>&ldquo;CC-BY-SA&rdquo; means the Creative Commons Attribution-Share Alike 3.0
+license published by Creative Commons Corporation, a not-for-profit
+corporation with a principal place of business in San Francisco,
+California, as well as future copyleft versions of that license
+published by that same organization.
+</p>
+<p>&ldquo;Incorporate&rdquo; means to publish or republish a Document, in whole or
+in part, as part of another Document.
+</p>
+<p>An MMC is &ldquo;eligible for relicensing&rdquo; if it is licensed under this
+License, and if all works that were first published under this License
+somewhere other than this MMC, and subsequently incorporated in whole
+or in part into the MMC, (1) had no cover texts or invariant sections,
+and (2) were thus incorporated prior to November 1, 2008.
+</p>
+<p>The operator of an MMC Site may republish an MMC contained in the site
+under CC-BY-SA on the same site at any time before August 1, 2009,
+provided the MMC is eligible for relicensing.
+</p>
+</li></ol>
+
+
+<a name="SEC90"></a>
+<h2 class="heading"> ADDENDUM: How to use this License for your documents </h2>
+
+<p>To use this License in a document you have written, include a copy of
+the License in the document and put the following copyright and
+license notices just after the title page:
+</p>
+<table><tr><td>&nbsp;</td><td><pre class="smallexample">  Copyright (C)  <var>year</var>  <var>your name</var>.
+  Permission is granted to copy, distribute and/or modify this document
+  under the terms of the GNU Free Documentation License, Version 1.3
+  or any later version published by the Free Software Foundation;
+  with no Invariant Sections, no Front-Cover Texts, and no Back-Cover
+  Texts.  A copy of the license is included in the section entitled ``GNU
+  Free Documentation License''.
+</pre></td></tr></table>
+
+<p>If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts,
+replace the &ldquo;with&hellip;Texts.&rdquo; line with this:
+</p>
+<table><tr><td>&nbsp;</td><td><pre class="smallexample">    with the Invariant Sections being <var>list their titles</var>, with
+    the Front-Cover Texts being <var>list</var>, and with the Back-Cover Texts
+    being <var>list</var>.
+</pre></td></tr></table>
+
+<p>If you have Invariant Sections without Cover Texts, or some other
+combination of the three, merge those two alternatives to suit the
+situation.
+</p>
+<p>If your document contains nontrivial examples of program code, we
+recommend releasing these examples in parallel under your choice of
+free software license, such as the GNU General Public License,
+to permit their use in free software.
+</p>
+
 
-<table><tr><th valign="top">Jump to: &nbsp; </th><td><a href="#SEC77_0" class="summary-letter"><b>A</b></a>
- &nbsp; 
-<a href="#SEC77_1" class="summary-letter"><b>B</b></a>
- &nbsp; 
-<a href="#SEC77_2" class="summary-letter"><b>C</b></a>
- &nbsp; 
-<a href="#SEC77_3" class="summary-letter"><b>D</b></a>
- &nbsp; 
-<a href="#SEC77_4" class="summary-letter"><b>E</b></a>
- &nbsp; 
-<a href="#SEC77_5" class="summary-letter"><b>F</b></a>
- &nbsp; 
-<a href="#SEC77_6" class="summary-letter"><b>G</b></a>
- &nbsp; 
-<a href="#SEC77_7" class="summary-letter"><b>H</b></a>
- &nbsp; 
-<a href="#SEC77_8" class="summary-letter"><b>I</b></a>
- &nbsp; 
-<a href="#SEC77_9" class="summary-letter"><b>J</b></a>
- &nbsp; 
-<a href="#SEC77_10" class="summary-letter"><b>L</b></a>
- &nbsp; 
-<a href="#SEC77_11" class="summary-letter"><b>M</b></a>
- &nbsp; 
-<a href="#SEC77_12" class="summary-letter"><b>N</b></a>
- &nbsp; 
-<a href="#SEC77_13" class="summary-letter"><b>O</b></a>
- &nbsp; 
-<a href="#SEC77_14" class="summary-letter"><b>P</b></a>
- &nbsp; 
-<a href="#SEC77_15" class="summary-letter"><b>R</b></a>
- &nbsp; 
-<a href="#SEC77_16" class="summary-letter"><b>S</b></a>
- &nbsp; 
-<a href="#SEC77_17" class="summary-letter"><b>T</b></a>
- &nbsp; 
-<a href="#SEC77_18" class="summary-letter"><b>U</b></a>
- &nbsp; 
-<a href="libunistring_20.html#INDEX0_0" class="summary-letter"><b>V</b></a>
- &nbsp; 
-<a href="libunistring_20.html#INDEX0_1" class="summary-letter"><b>W</b></a>
- &nbsp; 
-</td></tr></table>
-<table border="0" class="index-cp">
-<tr><td></td><th align="left">Index Entry</th><th align="left"> Section</th></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_0">A</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX701">ambiguous width</a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC30">Arabic shaping</a></td><td valign="top"><a href="libunistring_8.html#SEC30">8.8 Arabic shaping</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_2.html#IDX14">argument conventions</a></td><td valign="top"><a href="libunistring_2.html#SEC9">2. Conventions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC65">autoconf macro</a></td><td valign="top"><a href="libunistring_16.html#SEC65">16.4 Autoconf macro</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_1">B</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC25">bidi class</a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC25">bidirectional category</a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_17.html#SEC67">bidirectional reordering</a></td><td valign="top"><a href="libunistring_17.html#SEC67">17. More advanced functionality</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC37">block</a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.11 Blocks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#SEC41">boundaries, between grapheme clusters</a></td><td valign="top"><a href="libunistring_10.html#SEC41">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#SEC44">boundaries, between words</a></td><td valign="top"><a href="libunistring_11.html#SEC44">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#SEC41">breaks, grapheme cluster</a></td><td valign="top"><a href="libunistring_10.html#SEC41">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#SEC47">breaks, line</a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#SEC44">breaks, word</a></td><td valign="top"><a href="libunistring_11.html#SEC44">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC66">bug reports</a></td><td valign="top"><a href="libunistring_16.html#SEC66">16.5 Reporting problems</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC66">bug tracker</a></td><td valign="top"><a href="libunistring_16.html#SEC66">16.5 Reporting problems</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_2">C</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC6">C string functions</a></td><td valign="top"><a href="libunistring_1.html#SEC6">1.5 &lsquo;<samp>char *</samp>&rsquo; strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC38">C, programming language</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC39">C-like API</a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC24">canonical combining class</a></td><td valign="top"><a href="libunistring_8.html#SEC24">8.2 Canonical combining class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC59">case detection</a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC56">case mappings</a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX829"><code>casing_prefix_context_t</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX837"><code>casing_suffix_context_t</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX10">char, type</a></td><td valign="top"><a href="libunistring_1.html#SEC6">1.5 &lsquo;<samp>char *</samp>&rsquo; strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC50">combining, Unicode characters</a></td><td valign="top"><a href="libunistring_13.html#SEC50">13.2 Composition of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX54">comparing</a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX110">comparing</a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC58">comparing, ignoring case</a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX864">comparing, ignoring case, with collation rules</a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC52">comparing, ignoring normalization</a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC58">comparing, ignoring normalization and case</a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX866">comparing, ignoring normalization and case, with collation rules</a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX802">comparing, ignoring normalization, with collation rules</a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX114">comparing, with collation rules</a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX865">comparing, with collation rules, ignoring case</a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX803">comparing, with collation rules, ignoring normalization</a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX867">comparing, with collation rules, ignoring normalization and case</a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_16.html#IDX892">compiler options</a></td><td valign="top"><a href="libunistring_16.html#SEC63">16.2 Compiler options</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC50">composing, Unicode characters</a></td><td valign="top"><a href="libunistring_13.html#SEC50">13.2 Composition of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC13">converting</a></td><td valign="top"><a href="libunistring_4.html#SEC13">4.2 Elementary string conversions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX160">converting</a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX44">copying</a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX91">copying</a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX65">counting</a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_3">D</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC49">decomposing</a></td><td valign="top"><a href="libunistring_13.html#SEC49">13.1 Decomposition of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC62">dependencies</a></td><td valign="top"><a href="libunistring_16.html#SEC62">16.1 Installation</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC59">detecting case</a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC15">duplicating</a></td><td valign="top"><a href="libunistring_4.html#SEC15">4.4 Elementary string functions with memory allocation</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX121">duplicating</a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_4">E</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX156"><code>enum iconv_ilseq_handler</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_5">F</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_18.html#SEC75">FDL, GNU Free Documentation License</a></td><td valign="top"><a href="libunistring_18.html#SEC75">A.3 GNU Free Documentation License</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#SEC18">formatted output</a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX704">fullwidth</a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_6">G</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC21">general category</a></td><td valign="top"><a href="libunistring_8.html#SEC21">8.1 General category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_16.html#IDX895"><code>gl_LIBUNISTRING</code></a></td><td valign="top"><a href="libunistring_16.html#SEC65">16.4 Autoconf macro</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_18.html#SEC69">GPL, GNU General Public License</a></td><td valign="top"><a href="libunistring_18.html#SEC69">A.1 GNU GENERAL PUBLIC LICENSE</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#SEC41">grapheme cluster boundaries</a></td><td valign="top"><a href="libunistring_10.html#SEC41">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#SEC41">grapheme cluster breaks</a></td><td valign="top"><a href="libunistring_10.html#SEC41">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_7">H</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX703">halfwidth</a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_8">I</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC38">identifiers</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_16.html#IDX891">installation</a></td><td valign="top"><a href="libunistring_16.html#SEC62">16.1 Installation</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC3">internationalization</a></td><td valign="top"><a href="libunistring_1.html#SEC3">1.2 Unicode and Internationalization</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC14">iterating</a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX75">iterating</a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_9">J</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC38">Java, programming language</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC32">joining group</a></td><td valign="top"><a href="libunistring_8.html#SEC32">8.8.2 Joining group of Arabic characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC30">joining of Arabic characters</a></td><td valign="top"><a href="libunistring_8.html#SEC30">8.8 Arabic shaping</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC31">joining type</a></td><td valign="top"><a href="libunistring_8.html#SEC31">8.8.1 Joining type of Arabic characters</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_10">L</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_18.html#SEC74">LGPL, GNU Lesser General Public License</a></td><td valign="top"><a href="libunistring_18.html#SEC74">A.2 GNU LESSER GENERAL PUBLIC LICENSE</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_18.html#SEC75">License, GNU FDL</a></td><td valign="top"><a href="libunistring_18.html#SEC75">A.3 GNU Free Documentation License</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_18.html#SEC69">License, GNU GPL</a></td><td valign="top"><a href="libunistring_18.html#SEC69">A.1 GNU GENERAL PUBLIC LICENSE</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_18.html#SEC74">License, GNU LGPL</a></td><td valign="top"><a href="libunistring_18.html#SEC74">A.2 GNU LESSER GENERAL PUBLIC LICENSE</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_18.html#SEC68">Licenses</a></td><td valign="top"><a href="libunistring_18.html#SEC68">A. Licenses</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#SEC47">line breaks</a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC4">locale</a></td><td valign="top"><a href="libunistring_1.html#SEC4">1.3 Locale encodings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX7">locale categories</a></td><td valign="top"><a href="libunistring_1.html#SEC4">1.3 Locale encodings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX8">locale encoding</a></td><td valign="top"><a href="libunistring_1.html#SEC4">1.3 Locale encodings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX154">locale encoding</a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX818">locale language</a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX9">locale, multibyte</a></td><td valign="top"><a href="libunistring_1.html#SEC6">1.5 &lsquo;<samp>char *</samp>&rsquo; strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX155"><code>locale_charset</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC56">lowercasing</a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_11">M</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC66">mailing list</a></td><td valign="top"><a href="libunistring_16.html#SEC66">16.5 Reporting problems</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC29">mirroring, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC29">8.7 Mirrored character</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_12">N</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC48">normal forms</a></td><td valign="top"><a href="libunistring_13.html#SEC48">13. Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC48">normalizing</a></td><td valign="top"><a href="libunistring_13.html#SEC48">13. Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_13">O</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#SEC18">output, formatted</a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_14">P</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC33">properties, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC33">8.9 Properties</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_15">R</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_15.html#SEC60">regular expression</a></td><td valign="top"><a href="libunistring_15.html#SEC60">15. Regular expressions <code>&lt;uniregex.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_17.html#IDX896">rendering</a></td><td valign="top"><a href="libunistring_17.html#SEC67">17. More advanced functionality</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_2.html#IDX15">return value conventions</a></td><td valign="top"><a href="libunistring_2.html#SEC9">2. Conventions</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_16">S</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC36">scripts</a></td><td valign="top"><a href="libunistring_8.html#SEC36">8.10 Scripts</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX61">searching, for a character</a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX125">searching, for a character</a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX141">searching, for a substring</a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC53">stream, normalizing a</a></td><td valign="top"><a href="libunistring_13.html#SEC53">13.5 Normalization of streams of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX810"><code>struct uninorm_filter</code></a></td><td valign="top"><a href="libunistring_13.html#SEC53">13.5 Normalization of streams of Unicode characters</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_17">T</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC56">titlecasing</a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="SEC77_18">U</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX206"><code>u16_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX205"><code>u16_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX861"><code>u16_casecmp</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX873"><code>u16_casecoll</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX855"><code>u16_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX869"><code>u16_casexfrm</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX832"><code>u16_casing_prefix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX835"><code>u16_casing_prefixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX840"><code>u16_casing_suffix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX843"><code>u16_casing_suffixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX21"><code>u16_check</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.1 Elementary string checks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX63"><code>u16_chr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX56"><code>u16_cmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX59"><code>u16_cmp2</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX162"><code>u16_conv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX165"><code>u16_conv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX46"><code>u16_cpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX70"><code>u16_cpy_alloc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC15">4.4 Elementary string functions with memory allocation</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX858"><code>u16_ct_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX849"><code>u16_ct_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX852"><code>u16_ct_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX846"><code>u16_ct_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX149"><code>u16_endswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX719"><code>u16_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX713"><code>u16_grapheme_next</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX716"><code>u16_grapheme_prev</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX889"><code>u16_is_cased</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX886"><code>u16_is_casefolded</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX880"><code>u16_is_lowercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX883"><code>u16_is_titlecase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX877"><code>u16_is_uppercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX30"><code>u16_mblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX67"><code>u16_mbsnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX36"><code>u16_mbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX33"><code>u16_mbtouc_unsafe</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX39"><code>u16_mbtoucr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX49"><code>u16_move</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX80"><code>u16_next</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX797"><code>u16_normalize</code></a></td><td valign="top"><a href="libunistring_13.html#SEC51">13.3 Normalization of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX800"><code>u16_normcmp</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX808"><code>u16_normcoll</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX805"><code>u16_normxfrm</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX760"><code>u16_possible_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX83"><code>u16_prev</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX52"><code>u16_set</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX204"><code>u16_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX203"><code>u16_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX146"><code>u16_startswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX96"><code>u16_stpcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX102"><code>u16_stpncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX105"><code>u16_strcat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX127"><code>u16_strchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX112"><code>u16_strcmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX116"><code>u16_strcoll</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX168"><code>u16_strconv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX174"><code>u16_strconv_from_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX171"><code>u16_strconv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX177"><code>u16_strconv_to_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX93"><code>u16_strcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX133"><code>u16_strcspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX123"><code>u16_strdup</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX86"><code>u16_strlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX73"><code>u16_strmblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX77"><code>u16_strmbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX108"><code>u16_strncat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX119"><code>u16_strncmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX99"><code>u16_strncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX89"><code>u16_strnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX139"><code>u16_strpbrk</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX130"><code>u16_strrchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX136"><code>u16_strspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX143"><code>u16_strstr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX152"><code>u16_strtok</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX710"><code>u16_strwidth</code></a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX26"><code>u16_to_u32</code></a></td><td valign="top"><a href="libunistring_4.html#SEC13">4.2 Elementary string conversions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX25"><code>u16_to_u8</code></a></td><td valign="top"><a href="libunistring_4.html#SEC13">4.2 Elementary string conversions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX824"><code>u16_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX827"><code>u16_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX821"><code>u16_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX214"><code>u16_u16_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX213"><code>u16_u16_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX212"><code>u16_u16_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX211"><code>u16_u16_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX218"><code>u16_u16_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX217"><code>u16_u16_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX216"><code>u16_u16_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX215"><code>u16_u16_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX42"><code>u16_uctomb</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX210"><code>u16_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX209"><code>u16_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX208"><code>u16_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX207"><code>u16_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX707"><code>u16_width</code></a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX764"><code>u16_width_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX737"><code>u16_wordbreaks</code></a></td><td valign="top"><a href="libunistring_11.html#SEC45">11.1 Word breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX222"><code>u32_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX221"><code>u32_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX862"><code>u32_casecmp</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX874"><code>u32_casecoll</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX856"><code>u32_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX870"><code>u32_casexfrm</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX833"><code>u32_casing_prefix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX836"><code>u32_casing_prefixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX841"><code>u32_casing_suffix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX844"><code>u32_casing_suffixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX22"><code>u32_check</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.1 Elementary string checks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX64"><code>u32_chr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX57"><code>u32_cmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX60"><code>u32_cmp2</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX163"><code>u32_conv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX166"><code>u32_conv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX47"><code>u32_cpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX71"><code>u32_cpy_alloc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC15">4.4 Elementary string functions with memory allocation</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX859"><code>u32_ct_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX850"><code>u32_ct_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX853"><code>u32_ct_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX847"><code>u32_ct_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX150"><code>u32_endswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX720"><code>u32_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX714"><code>u32_grapheme_next</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX717"><code>u32_grapheme_prev</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX890"><code>u32_is_cased</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX887"><code>u32_is_casefolded</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX881"><code>u32_is_lowercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX884"><code>u32_is_titlecase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX878"><code>u32_is_uppercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX31"><code>u32_mblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX68"><code>u32_mbsnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX37"><code>u32_mbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX34"><code>u32_mbtouc_unsafe</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX40"><code>u32_mbtoucr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX50"><code>u32_move</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX81"><code>u32_next</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX798"><code>u32_normalize</code></a></td><td valign="top"><a href="libunistring_13.html#SEC51">13.3 Normalization of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX801"><code>u32_normcmp</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX809"><code>u32_normcoll</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX806"><code>u32_normxfrm</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX761"><code>u32_possible_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX84"><code>u32_prev</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX53"><code>u32_set</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX220"><code>u32_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX219"><code>u32_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX147"><code>u32_startswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX97"><code>u32_stpcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX103"><code>u32_stpncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX106"><code>u32_strcat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX128"><code>u32_strchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX113"><code>u32_strcmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX117"><code>u32_strcoll</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX169"><code>u32_strconv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX175"><code>u32_strconv_from_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX172"><code>u32_strconv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX178"><code>u32_strconv_to_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX94"><code>u32_strcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX134"><code>u32_strcspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX124"><code>u32_strdup</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX87"><code>u32_strlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX74"><code>u32_strmblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX78"><code>u32_strmbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX109"><code>u32_strncat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX120"><code>u32_strncmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX100"><code>u32_strncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX90"><code>u32_strnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX140"><code>u32_strpbrk</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX131"><code>u32_strrchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX137"><code>u32_strspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX144"><code>u32_strstr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX153"><code>u32_strtok</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX711"><code>u32_strwidth</code></a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX28"><code>u32_to_u16</code></a></td><td valign="top"><a href="libunistring_4.html#SEC13">4.2 Elementary string conversions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX27"><code>u32_to_u8</code></a></td><td valign="top"><a href="libunistring_4.html#SEC13">4.2 Elementary string conversions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX825"><code>u32_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX828"><code>u32_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX822"><code>u32_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX230"><code>u32_u32_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX229"><code>u32_u32_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX228"><code>u32_u32_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX227"><code>u32_u32_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX234"><code>u32_u32_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX233"><code>u32_u32_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX232"><code>u32_u32_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX231"><code>u32_u32_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX43"><code>u32_uctomb</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX226"><code>u32_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX225"><code>u32_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX224"><code>u32_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX223"><code>u32_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX708"><code>u32_width</code></a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX765"><code>u32_width_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX738"><code>u32_wordbreaks</code></a></td><td valign="top"><a href="libunistring_11.html#SEC45">11.1 Word breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX190"><code>u8_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX189"><code>u8_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX860"><code>u8_casecmp</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX872"><code>u8_casecoll</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX854"><code>u8_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX868"><code>u8_casexfrm</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX831"><code>u8_casing_prefix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX834"><code>u8_casing_prefixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX839"><code>u8_casing_suffix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX842"><code>u8_casing_suffixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX20"><code>u8_check</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.1 Elementary string checks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX62"><code>u8_chr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX55"><code>u8_cmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX58"><code>u8_cmp2</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX161"><code>u8_conv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX164"><code>u8_conv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX45"><code>u8_cpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX69"><code>u8_cpy_alloc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC15">4.4 Elementary string functions with memory allocation</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX857"><code>u8_ct_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX848"><code>u8_ct_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX851"><code>u8_ct_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX845"><code>u8_ct_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX148"><code>u8_endswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX718"><code>u8_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX712"><code>u8_grapheme_next</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX715"><code>u8_grapheme_prev</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX888"><code>u8_is_cased</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX885"><code>u8_is_casefolded</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX879"><code>u8_is_lowercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX882"><code>u8_is_titlecase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX876"><code>u8_is_uppercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC59">14.5 Case detection</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX29"><code>u8_mblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX66"><code>u8_mbsnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX35"><code>u8_mbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX32"><code>u8_mbtouc_unsafe</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX38"><code>u8_mbtoucr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX48"><code>u8_move</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX79"><code>u8_next</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX796"><code>u8_normalize</code></a></td><td valign="top"><a href="libunistring_13.html#SEC51">13.3 Normalization of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX799"><code>u8_normcmp</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX807"><code>u8_normcoll</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX804"><code>u8_normxfrm</code></a></td><td valign="top"><a href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX759"><code>u8_possible_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX82"><code>u8_prev</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX51"><code>u8_set</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX188"><code>u8_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX187"><code>u8_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX145"><code>u8_startswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX95"><code>u8_stpcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX101"><code>u8_stpncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX104"><code>u8_strcat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX126"><code>u8_strchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX111"><code>u8_strcmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX115"><code>u8_strcoll</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX167"><code>u8_strconv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX173"><code>u8_strconv_from_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX170"><code>u8_strconv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX176"><code>u8_strconv_to_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX92"><code>u8_strcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX132"><code>u8_strcspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX122"><code>u8_strdup</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX85"><code>u8_strlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX72"><code>u8_strmblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX76"><code>u8_strmbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX107"><code>u8_strncat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX118"><code>u8_strncmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX98"><code>u8_strncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX88"><code>u8_strnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX138"><code>u8_strpbrk</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX129"><code>u8_strrchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX135"><code>u8_strspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX142"><code>u8_strstr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX151"><code>u8_strtok</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX709"><code>u8_strwidth</code></a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX23"><code>u8_to_u16</code></a></td><td valign="top"><a href="libunistring_4.html#SEC13">4.2 Elementary string conversions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX24"><code>u8_to_u32</code></a></td><td valign="top"><a href="libunistring_4.html#SEC13">4.2 Elementary string conversions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX823"><code>u8_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX826"><code>u8_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX820"><code>u8_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX198"><code>u8_u8_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX197"><code>u8_u8_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX196"><code>u8_u8_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX195"><code>u8_u8_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX202"><code>u8_u8_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX201"><code>u8_u8_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX200"><code>u8_u8_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX199"><code>u8_u8_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX41"><code>u8_uctomb</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX194"><code>u8_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX193"><code>u8_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX192"><code>u8_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX191"><code>u8_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX706"><code>u8_width</code></a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX763"><code>u8_width_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX736"><code>u8_wordbreaks</code></a></td><td valign="top"><a href="libunistring_11.html#SEC45">11.1 Word breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX678"><code>uc_all_blocks</code></a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.11 Blocks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX673"><code>uc_all_scripts</code></a></td><td valign="top"><a href="libunistring_8.html#SEC36">8.10 Scripts</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX414"><code>uc_bidi_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX412"><code>uc_bidi_category_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX409"><code>uc_bidi_category_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX413"><code>uc_bidi_class</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX411"><code>uc_bidi_class_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX410"><code>uc_bidi_class_long_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX408"><code>uc_bidi_class_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX676"><code>uc_block</code></a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.11 Blocks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX674"><code>uc_block_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.11 Blocks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX686"><code>uc_c_ident_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX786"><code>uc_canonical_decomposition</code></a></td><td valign="top"><a href="libunistring_13.html#SEC49">13.1 Decomposition of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX388"><code>uc_combining_class</code></a></td><td valign="top"><a href="libunistring_8.html#SEC24">8.2 Canonical combining class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX387"><code>uc_combining_class_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC24">8.2 Canonical combining class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX386"><code>uc_combining_class_long_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC24">8.2 Canonical combining class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX385"><code>uc_combining_class_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC24">8.2 Canonical combining class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX787"><code>uc_composition</code></a></td><td valign="top"><a href="libunistring_13.html#SEC50">13.2 Composition of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX417"><code>uc_decimal_value</code></a></td><td valign="top"><a href="libunistring_8.html#SEC26">8.4 Decimal digit value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX785"><code>uc_decomposition</code></a></td><td valign="top"><a href="libunistring_13.html#SEC49">13.1 Decomposition of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX418"><code>uc_digit_value</code></a></td><td valign="top"><a href="libunistring_8.html#SEC27">8.5 Digit value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX419"><code>uc_fraction_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC28">8.6 Numeric value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX324"><code>uc_general_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX319"><code>uc_general_category_and</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX320"><code>uc_general_category_and_not</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX323"><code>uc_general_category_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX322"><code>uc_general_category_long_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX321"><code>uc_general_category_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX318"><code>uc_general_category_or</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX241"><code>uc_general_category_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX734"><code>uc_graphemeclusterbreak_property</code></a></td><td valign="top"><a href="libunistring_10.html#SEC43">10.2 Grapheme cluster break property</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX689"><code>uc_is_alnum</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX690"><code>uc_is_alpha</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX416"><code>uc_is_bidi_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX415"><code>uc_is_bidi_class</code></a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX700"><code>uc_is_blank</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX677"><code>uc_is_block</code></a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.11 Blocks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX679"><code>uc_is_c_whitespace</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX691"><code>uc_is_cntrl</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX692"><code>uc_is_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX325"><code>uc_is_general_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX364"><code>uc_is_general_category_withtable</code></a></td><td valign="top"><a href="libunistring_8.html#SEC23">8.1.2 The bit mask API for general category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX693"><code>uc_is_graph</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX735"><code>uc_is_grapheme_break</code></a></td><td valign="top"><a href="libunistring_10.html#SEC43">10.2 Grapheme cluster break property</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX680"><code>uc_is_java_whitespace</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX694"><code>uc_is_lower</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX695"><code>uc_is_print</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX581"><code>uc_is_property</code></a></td><td valign="top"><a href="libunistring_8.html#SEC34">8.9.1 Properties as objects &ndash; the object oriented API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX583"><code>uc_is_property_alphabetic</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX637"><code>uc_is_property_ascii_hex_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX626"><code>uc_is_property_bidi_arabic_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX622"><code>uc_is_property_bidi_arabic_right_to_left</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX628"><code>uc_is_property_bidi_block_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX632"><code>uc_is_property_bidi_boundary_neutral</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX627"><code>uc_is_property_bidi_common_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX619"><code>uc_is_property_bidi_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX634"><code>uc_is_property_bidi_embedding_or_override</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX624"><code>uc_is_property_bidi_eur_num_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX625"><code>uc_is_property_bidi_eur_num_terminator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX623"><code>uc_is_property_bidi_european_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX621"><code>uc_is_property_bidi_hebrew_right_to_left</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX620"><code>uc_is_property_bidi_left_to_right</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX631"><code>uc_is_property_bidi_non_spacing_mark</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX635"><code>uc_is_property_bidi_other_neutral</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX633"><code>uc_is_property_bidi_pdf</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX629"><code>uc_is_property_bidi_segment_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX630"><code>uc_is_property_bidi_whitespace</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX599"><code>uc_is_property_case_ignorable</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX598"><code>uc_is_property_cased</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX603"><code>uc_is_property_changes_when_casefolded</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX604"><code>uc_is_property_changes_when_casemapped</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX600"><code>uc_is_property_changes_when_lowercased</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX602"><code>uc_is_property_changes_when_titlecased</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX601"><code>uc_is_property_changes_when_uppercased</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX661"><code>uc_is_property_combining</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX662"><code>uc_is_property_composite</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX656"><code>uc_is_property_currency_symbol</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX648"><code>uc_is_property_dash</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX663"><code>uc_is_property_decimal_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX586"><code>uc_is_property_default_ignorable_code_point</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX588"><code>uc_is_property_deprecated</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX665"><code>uc_is_property_diacritic</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX666"><code>uc_is_property_extender</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX647"><code>uc_is_property_format_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX615"><code>uc_is_property_grapheme_base</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX616"><code>uc_is_property_grapheme_extend</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX618"><code>uc_is_property_grapheme_link</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX636"><code>uc_is_property_hex_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX649"><code>uc_is_property_hyphen</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX608"><code>uc_is_property_id_continue</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX606"><code>uc_is_property_id_start</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX638"><code>uc_is_property_ideographic</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX641"><code>uc_is_property_ids_binary_operator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX642"><code>uc_is_property_ids_trinary_operator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX667"><code>uc_is_property_ignorable_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX646"><code>uc_is_property_iso_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX614"><code>uc_is_property_join_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX660"><code>uc_is_property_left_of_pair</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX651"><code>uc_is_property_line_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX589"><code>uc_is_property_logical_order_exception</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX595"><code>uc_is_property_lowercase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX657"><code>uc_is_property_math</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX645"><code>uc_is_property_non_break</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX585"><code>uc_is_property_not_a_character</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX664"><code>uc_is_property_numeric</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX584"><code>uc_is_property_other_alphabetic</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX587"><code>uc_is_property_other_default_ignorable_code_point</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX617"><code>uc_is_property_other_grapheme_extend</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX609"><code>uc_is_property_other_id_continue</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX607"><code>uc_is_property_other_id_start</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX596"><code>uc_is_property_other_lowercase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX658"><code>uc_is_property_other_math</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX594"><code>uc_is_property_other_uppercase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX659"><code>uc_is_property_paired_punctuation</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX652"><code>uc_is_property_paragraph_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX613"><code>uc_is_property_pattern_syntax</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX612"><code>uc_is_property_pattern_white_space</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX591"><code>uc_is_property_private_use</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX650"><code>uc_is_property_punctuation</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX653"><code>uc_is_property_quotation_mark</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX640"><code>uc_is_property_radical</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX654"><code>uc_is_property_sentence_terminal</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX605"><code>uc_is_property_soft_dotted</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX644"><code>uc_is_property_space</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX655"><code>uc_is_property_terminal_punctuation</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX597"><code>uc_is_property_titlecase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX592"><code>uc_is_property_unassigned_code_value</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX639"><code>uc_is_property_unified_ideograph</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX593"><code>uc_is_property_uppercase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX590"><code>uc_is_property_variation_selector</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX582"><code>uc_is_property_white_space</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX611"><code>uc_is_property_xid_continue</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX610"><code>uc_is_property_xid_start</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX643"><code>uc_is_property_zero_width</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX696"><code>uc_is_punct</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX672"><code>uc_is_script</code></a></td><td valign="top"><a href="libunistring_8.html#SEC36">8.10 Scripts</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX697"><code>uc_is_space</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX698"><code>uc_is_upper</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX699"><code>uc_is_xdigit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX688"><code>uc_java_ident_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX491"><code>uc_joining_group</code></a></td><td valign="top"><a href="libunistring_8.html#SEC32">8.8.2 Joining group of Arabic characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX490"><code>uc_joining_group_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC32">8.8.2 Joining group of Arabic characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX489"><code>uc_joining_group_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC32">8.8.2 Joining group of Arabic characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX431"><code>uc_joining_type</code></a></td><td valign="top"><a href="libunistring_8.html#SEC31">8.8.1 Joining type of Arabic characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX430"><code>uc_joining_type_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC31">8.8.1 Joining type of Arabic characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX429"><code>uc_joining_type_long_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC31">8.8.1 Joining type of Arabic characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX428"><code>uc_joining_type_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC31">8.8.1 Joining type of Arabic characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX819"><code>uc_locale_language</code></a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX421"><code>uc_mirror_char</code></a></td><td valign="top"><a href="libunistring_8.html#SEC29">8.7 Mirrored character</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX420"><code>uc_numeric_value</code></a></td><td valign="top"><a href="libunistring_8.html#SEC28">8.6 Numeric value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX579"><code>uc_property_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC34">8.9.1 Properties as objects &ndash; the object oriented API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX580"><code>uc_property_is_valid</code></a></td><td valign="top"><a href="libunistring_8.html#SEC34">8.9.1 Properties as objects &ndash; the object oriented API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX492"><code>uc_property_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC34">8.9.1 Properties as objects &ndash; the object oriented API</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX670"><code>uc_script</code></a></td><td valign="top"><a href="libunistring_8.html#SEC36">8.10 Scripts</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX671"><code>uc_script_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC36">8.10 Scripts</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX668"><code>uc_script_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC36">8.10 Scripts</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX816"><code>uc_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC55">14.1 Case mappings of characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX817"><code>uc_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC55">14.1 Case mappings of characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX815"><code>uc_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC55">14.1 Case mappings of characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX705"><code>uc_width</code></a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX753"><code>uc_wordbreak_property</code></a></td><td valign="top"><a href="libunistring_11.html#SEC46">11.2 Word break property</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX6">UCS-4</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_3.html#IDX19"><code>ucs4_t</code></a></td><td valign="top"><a href="libunistring_3.html#SEC10">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_3.html#IDX17"><code>uint16_t</code></a></td><td valign="top"><a href="libunistring_3.html#SEC10">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_3.html#IDX18"><code>uint32_t</code></a></td><td valign="top"><a href="libunistring_3.html#SEC10">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_3.html#IDX16"><code>uint8_t</code></a></td><td valign="top"><a href="libunistring_3.html#SEC10">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX182"><code>ulc_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX181"><code>ulc_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX863"><code>ulc_casecmp</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX875"><code>ulc_casecoll</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX871"><code>ulc_casexfrm</code></a></td><td valign="top"><a href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX235"><code>ulc_fprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX721"><code>ulc_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX762"><code>ulc_possible_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX180"><code>ulc_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX179"><code>ulc_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX186"><code>ulc_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX185"><code>ulc_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX236"><code>ulc_vfprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX184"><code>ulc_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX183"><code>ulc_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX766"><code>ulc_width_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX739"><code>ulc_wordbreaks</code></a></td><td valign="top"><a href="libunistring_11.html#SEC45">11.1 Word breaks in a string</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC2">Unicode</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC25">Unicode character, bidi class</a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC25">Unicode character, bidirectional category</a></td><td valign="top"><a href="libunistring_8.html#SEC25">8.3 Bidi class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX675">Unicode character, block</a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.11 Blocks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC24">Unicode character, canonical combining class</a></td><td valign="top"><a href="libunistring_8.html#SEC24">8.2 Canonical combining class</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC55">Unicode character, case mappings</a></td><td valign="top"><a href="libunistring_14.html#SEC55">14.1 Case mappings of characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC21">Unicode character, classification</a></td><td valign="top"><a href="libunistring_8.html#SEC21">8.1 General category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC39">Unicode character, classification like in C</a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC21">Unicode character, general category</a></td><td valign="top"><a href="libunistring_8.html#SEC21">8.1 General category</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC29">Unicode character, mirroring</a></td><td valign="top"><a href="libunistring_8.html#SEC29">8.7 Mirrored character</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_7.html#SEC19">Unicode character, name</a></td><td valign="top"><a href="libunistring_7.html#SEC19">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC33">Unicode character, properties</a></td><td valign="top"><a href="libunistring_8.html#SEC33">8.9 Properties</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX669">Unicode character, script</a></td><td valign="top"><a href="libunistring_8.html#SEC36">8.10 Scripts</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX685">Unicode character, validity in C identifiers</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX687">Unicode character, validity in Java identifiers</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC26">Unicode character, value</a></td><td valign="top"><a href="libunistring_8.html#SEC26">8.4 Decimal digit value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC27">Unicode character, value</a></td><td valign="top"><a href="libunistring_8.html#SEC27">8.5 Digit value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC28">Unicode character, value</a></td><td valign="top"><a href="libunistring_8.html#SEC28">8.6 Numeric value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX702">Unicode character, width</a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_7.html#IDX238"><code>unicode_character_name</code></a></td><td valign="top"><a href="libunistring_7.html#SEC19">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_7.html#IDX239"><code>unicode_name_character</code></a></td><td valign="top"><a href="libunistring_7.html#SEC19">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX795"><code>uninorm_decomposing_form</code></a></td><td valign="top"><a href="libunistring_13.html#SEC51">13.3 Normalization of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX811"><code>uninorm_filter_create</code></a></td><td valign="top"><a href="libunistring_13.html#SEC53">13.5 Normalization of streams of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX813"><code>uninorm_filter_flush</code></a></td><td valign="top"><a href="libunistring_13.html#SEC53">13.5 Normalization of streams of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX814"><code>uninorm_filter_free</code></a></td><td valign="top"><a href="libunistring_13.html#SEC53">13.5 Normalization of streams of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX812"><code>uninorm_filter_write</code></a></td><td valign="top"><a href="libunistring_13.html#SEC53">13.5 Normalization of streams of Unicode characters</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX793"><code>uninorm_is_compat_decomposing</code></a></td><td valign="top"><a href="libunistring_13.html#SEC51">13.3 Normalization of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX794"><code>uninorm_is_composing</code></a></td><td valign="top"><a href="libunistring_13.html#SEC51">13.3 Normalization of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX788"><code>uninorm_t</code></a></td><td valign="top"><a href="libunistring_13.html#SEC51">13.3 Normalization of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC56">uppercasing</a></td><td valign="top"><a href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX1">use cases</a></td><td valign="top"><a href="libunistring_1.html#SEC1">1. Introduction</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX4">UTF-16</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX12">UTF-16, strings</a></td><td valign="top"><a href="libunistring_1.html#SEC8">1.7 Unicode strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX5">UTF-32</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX13">UTF-32, strings</a></td><td valign="top"><a href="libunistring_1.html#SEC8">1.7 Unicode strings</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX3">UTF-8</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX11">UTF-8, strings</a></td><td valign="top"><a href="libunistring_1.html#SEC8">1.7 Unicode strings</a></td></tr>
-<tr><td colspan="3"> <hr></td></tr>
-</table>
-<table><tr><th valign="top">Jump to: &nbsp; </th><td><a href="#SEC77_0" class="summary-letter"><b>A</b></a>
- &nbsp; 
-<a href="#SEC77_1" class="summary-letter"><b>B</b></a>
- &nbsp; 
-<a href="#SEC77_2" class="summary-letter"><b>C</b></a>
- &nbsp; 
-<a href="#SEC77_3" class="summary-letter"><b>D</b></a>
- &nbsp; 
-<a href="#SEC77_4" class="summary-letter"><b>E</b></a>
- &nbsp; 
-<a href="#SEC77_5" class="summary-letter"><b>F</b></a>
- &nbsp; 
-<a href="#SEC77_6" class="summary-letter"><b>G</b></a>
- &nbsp; 
-<a href="#SEC77_7" class="summary-letter"><b>H</b></a>
- &nbsp; 
-<a href="#SEC77_8" class="summary-letter"><b>I</b></a>
- &nbsp; 
-<a href="#SEC77_9" class="summary-letter"><b>J</b></a>
- &nbsp; 
-<a href="#SEC77_10" class="summary-letter"><b>L</b></a>
- &nbsp; 
-<a href="#SEC77_11" class="summary-letter"><b>M</b></a>
- &nbsp; 
-<a href="#SEC77_12" class="summary-letter"><b>N</b></a>
- &nbsp; 
-<a href="#SEC77_13" class="summary-letter"><b>O</b></a>
- &nbsp; 
-<a href="#SEC77_14" class="summary-letter"><b>P</b></a>
- &nbsp; 
-<a href="#SEC77_15" class="summary-letter"><b>R</b></a>
- &nbsp; 
-<a href="#SEC77_16" class="summary-letter"><b>S</b></a>
- &nbsp; 
-<a href="#SEC77_17" class="summary-letter"><b>T</b></a>
- &nbsp; 
-<a href="#SEC77_18" class="summary-letter"><b>U</b></a>
- &nbsp; 
-<a href="libunistring_20.html#INDEX0_0" class="summary-letter"><b>V</b></a>
- &nbsp; 
-<a href="libunistring_20.html#INDEX0_1" class="summary-letter"><b>W</b></a>
- &nbsp; 
-</td></tr></table>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_18.html#SEC68" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_20.html#INDEX0" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="#SEC82" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -802,12 +1530,12 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_2.html b/msys2/usr/share/doc/libunistring/libunistring_2.html
index dea76d2a2..46c162ddc 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_2.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_2.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -43,7 +43,7 @@ ul.toc {list-style: none}
 
 <table cellpadding="1" cellspacing="1" border="0">
 <tr><td valign="middle" align="left">[<a href="libunistring_1.html#SEC1" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_3.html#SEC10" title="Next chapter"> &gt;&gt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_3.html#SEC9" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="Conventions"></a>
-<a name="SEC9"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC9">2. Conventions</a> </h1>
+<a name="SEC8"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC8">2. Conventions</a> </h1>
 
 <p>This chapter explains conventions valid throughout the libunistring library.
 </p>
@@ -119,7 +119,7 @@ NULL is returned and <code>errno</code> is set.
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
 <tr><td valign="middle" align="left">[<a href="libunistring_1.html#SEC1" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_3.html#SEC10" title="Next chapter"> &gt;&gt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_3.html#SEC9" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -127,12 +127,12 @@ NULL is returned and <code>errno</code> is set.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_20.html b/msys2/usr/share/doc/libunistring/libunistring_20.html
index 7bfe9d18f..6c8122725 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_20.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_20.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -11,10 +11,10 @@ Send bugs and suggestions to <texi2html-bug@nongnu.org>
 
 -->
 <head>
-<title>GNU libunistring: Index: V &ndash; W</title>
+<title>GNU libunistring: Index</title>
 
-<meta name="description" content="GNU libunistring: Index: V &ndash; W">
-<meta name="keywords" content="GNU libunistring: Index: V &ndash; W">
+<meta name="description" content="GNU libunistring: Index">
+<meta name="keywords" content="GNU libunistring: Index">
 <meta name="resource-type" content="document">
 <meta name="distribution" content="global">
 <meta name="Generator" content="texi2html 1.78a">
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[ &gt;&gt; ]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_19.html#SEC82" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_21.html#INDEX0" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,124 +51,751 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
-<a name="INDEX0"></a>
-<h1 class="unnumbered"> Index: V &ndash; W </h1>
-<table><tr><th valign="top">Jump to: &nbsp; </th><td><a href="libunistring_19.html#SEC77_0" class="summary-letter"><b>A</b></a>
+<a name="Index"></a>
+<a name="SEC91"></a>
+<h1 class="unnumbered"> <a href="libunistring.html#TOC86">Index</a> </h1>
+
+<table><tr><th valign="top">Jump to: &nbsp; </th><td><a href="#SEC91_0" class="summary-letter"><b>A</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_1" class="summary-letter"><b>B</b></a>
+<a href="#SEC91_1" class="summary-letter"><b>B</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_2" class="summary-letter"><b>C</b></a>
+<a href="#SEC91_2" class="summary-letter"><b>C</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_3" class="summary-letter"><b>D</b></a>
+<a href="#SEC91_3" class="summary-letter"><b>D</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_4" class="summary-letter"><b>E</b></a>
+<a href="#SEC91_4" class="summary-letter"><b>E</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_5" class="summary-letter"><b>F</b></a>
+<a href="#SEC91_5" class="summary-letter"><b>F</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_6" class="summary-letter"><b>G</b></a>
+<a href="#SEC91_6" class="summary-letter"><b>G</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_7" class="summary-letter"><b>H</b></a>
+<a href="#SEC91_7" class="summary-letter"><b>H</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_8" class="summary-letter"><b>I</b></a>
+<a href="#SEC91_8" class="summary-letter"><b>I</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_9" class="summary-letter"><b>J</b></a>
+<a href="#SEC91_9" class="summary-letter"><b>J</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_10" class="summary-letter"><b>L</b></a>
+<a href="#SEC91_10" class="summary-letter"><b>L</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_11" class="summary-letter"><b>M</b></a>
+<a href="#SEC91_11" class="summary-letter"><b>M</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_12" class="summary-letter"><b>N</b></a>
+<a href="#SEC91_12" class="summary-letter"><b>N</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_13" class="summary-letter"><b>O</b></a>
+<a href="#SEC91_13" class="summary-letter"><b>O</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_14" class="summary-letter"><b>P</b></a>
+<a href="#SEC91_14" class="summary-letter"><b>P</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_15" class="summary-letter"><b>R</b></a>
+<a href="#SEC91_15" class="summary-letter"><b>R</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_16" class="summary-letter"><b>S</b></a>
+<a href="#SEC91_16" class="summary-letter"><b>S</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_17" class="summary-letter"><b>T</b></a>
+<a href="#SEC91_17" class="summary-letter"><b>T</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_18" class="summary-letter"><b>U</b></a>
+<a href="#SEC91_18" class="summary-letter"><b>U</b></a>
  &nbsp; 
-<a href="#INDEX0_0" class="summary-letter"><b>V</b></a>
+<a href="libunistring_21.html#INDEX0_0" class="summary-letter"><b>V</b></a>
  &nbsp; 
-<a href="#INDEX0_1" class="summary-letter"><b>W</b></a>
+<a href="libunistring_21.html#INDEX0_1" class="summary-letter"><b>W</b></a>
  &nbsp; 
 </td></tr></table>
 <table border="0" class="index-cp">
 <tr><td></td><th align="left">Index Entry</th><th align="left"> Section</th></tr>
 <tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="INDEX0_0">V</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC12">validity</a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.1 Elementary string checks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX2">value, of libunistring</a></td><td valign="top"><a href="libunistring_1.html#SEC1">1. Introduction</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC26">value, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC26">8.4 Decimal digit value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC27">value, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC27">8.5 Digit value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC28">value, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC28">8.6 Numeric value</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC12">verification</a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.1 Elementary string checks</a></td></tr>
+<tr><th><a name="SEC91_0">A</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX692">ambiguous width</a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC43">Arabic shaping</a></td><td valign="top"><a href="libunistring_8.html#SEC43">8.8 Arabic shaping</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_2.html#IDX14">argument conventions</a></td><td valign="top"><a href="libunistring_2.html#SEC8">2. Conventions</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC78">autoconf macro</a></td><td valign="top"><a href="libunistring_16.html#SEC78">16.4 Autoconf macro</a></td></tr>
 <tr><td colspan="3"> <hr></td></tr>
-<tr><th><a name="INDEX0_1">W</a></th><td></td><td></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC7">wchar_t, type</a></td><td valign="top"><a href="libunistring_1.html#SEC7">1.6 The <code>wchar_t</code> mess</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC12">well-formed</a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.1 Elementary string checks</a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_9.html#SEC40">width</a></td><td valign="top"><a href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#SEC44">word boundaries</a></td><td valign="top"><a href="libunistring_11.html#SEC44">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_11.html#SEC44">word breaks</a></td><td valign="top"><a href="libunistring_11.html#SEC44">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a></td></tr>
-<tr><td></td><td valign="top"><a href="libunistring_12.html#SEC47">wrapping</a></td><td valign="top"><a href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><th><a name="SEC91_1">B</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC38">bidi class</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC38">bidirectional category</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_17.html#SEC80">bidirectional reordering</a></td><td valign="top"><a href="libunistring_17.html#SEC80">17. More advanced functionality</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC50">block</a></td><td valign="top"><a href="libunistring_8.html#SEC50">8.11 Blocks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#SEC54">boundaries, between grapheme clusters</a></td><td valign="top"><a href="libunistring_10.html#SEC54">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#SEC57">boundaries, between words</a></td><td valign="top"><a href="libunistring_11.html#SEC57">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#SEC54">breaks, grapheme cluster</a></td><td valign="top"><a href="libunistring_10.html#SEC54">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#SEC60">breaks, line</a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#SEC57">breaks, word</a></td><td valign="top"><a href="libunistring_11.html#SEC57">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC79">bug reports</a></td><td valign="top"><a href="libunistring_16.html#SEC79">16.5 Reporting problems</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC79">bug tracker</a></td><td valign="top"><a href="libunistring_16.html#SEC79">16.5 Reporting problems</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_2">C</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC6">C string functions</a></td><td valign="top"><a href="libunistring_1.html#SEC6">1.5 &lsquo;<samp>char *</samp>&rsquo; strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC51">C, programming language</a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC52">C-like API</a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC37">canonical combining class</a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.2 Canonical combining class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC72">case detection</a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC69">case mappings</a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX836"><code>casing_prefix_context_t</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX844"><code>casing_suffix_context_t</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX10">char, type</a></td><td valign="top"><a href="libunistring_1.html#SEC6">1.5 &lsquo;<samp>char *</samp>&rsquo; strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC63">combining, Unicode characters</a></td><td valign="top"><a href="libunistring_13.html#SEC63">13.2 Composition of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC17">comparing</a></td><td valign="top"><a href="libunistring_4.html#SEC17">4.3.4 Comparing Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC25">comparing</a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC71">comparing, ignoring case</a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX871">comparing, ignoring case, with collation rules</a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC65">comparing, ignoring normalization</a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC71">comparing, ignoring normalization and case</a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX873">comparing, ignoring normalization and case, with collation rules</a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX809">comparing, ignoring normalization, with collation rules</a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX108">comparing, with collation rules</a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX872">comparing, with collation rules, ignoring case</a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX810">comparing, with collation rules, ignoring normalization</a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX874">comparing, with collation rules, ignoring normalization and case</a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_16.html#IDX899">compiler options</a></td><td valign="top"><a href="libunistring_16.html#SEC76">16.2 Compiler options</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC63">composing, Unicode characters</a></td><td valign="top"><a href="libunistring_13.html#SEC63">13.2 Composition of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC12">converting</a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.2 Elementary string conversions</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX151">converting</a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC16">copying</a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC24">copying</a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC19">counting</a></td><td valign="top"><a href="libunistring_4.html#SEC19">4.3.6 Counting the characters in a Unicode string</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_3">D</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC62">decomposing</a></td><td valign="top"><a href="libunistring_13.html#SEC62">13.1 Decomposition of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC75">dependencies</a></td><td valign="top"><a href="libunistring_16.html#SEC75">16.1 Installation</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC72">detecting case</a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC20">duplicating</a></td><td valign="top"><a href="libunistring_4.html#SEC20">4.4 Elementary string functions with memory allocation</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC26">duplicating</a></td><td valign="top"><a href="libunistring_4.html#SEC26">4.5.5 Duplicating a NUL terminated Unicode string</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_4">E</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX147"><code>enum iconv_ilseq_handler</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_5">F</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_19.html#SEC89">FDL, GNU Free Documentation License</a></td><td valign="top"><a href="libunistring_19.html#SEC89">B.3 GNU Free Documentation License</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#SEC31">formatted output</a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX695">fullwidth</a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_6">G</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC34">general category</a></td><td valign="top"><a href="libunistring_8.html#SEC34">8.1 General category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_16.html#IDX902"><code>gl_LIBUNISTRING</code></a></td><td valign="top"><a href="libunistring_16.html#SEC78">16.4 Autoconf macro</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_19.html#SEC83">GPL, GNU General Public License</a></td><td valign="top"><a href="libunistring_19.html#SEC83">B.1 GNU GENERAL PUBLIC LICENSE</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#SEC54">grapheme cluster boundaries</a></td><td valign="top"><a href="libunistring_10.html#SEC54">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#SEC54">grapheme cluster breaks</a></td><td valign="top"><a href="libunistring_10.html#SEC54">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_7">H</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX694">halfwidth</a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_8">I</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC51">identifiers</a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_16.html#IDX898">installation</a></td><td valign="top"><a href="libunistring_16.html#SEC75">16.1 Installation</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC3">internationalization</a></td><td valign="top"><a href="libunistring_1.html#SEC3">1.2 Unicode and Internationalization</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC14">iterating</a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX71">iterating</a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_9">J</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC51">Java, programming language</a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC45">joining group</a></td><td valign="top"><a href="libunistring_8.html#SEC45">8.8.2 Joining group of Arabic characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC43">joining of Arabic characters</a></td><td valign="top"><a href="libunistring_8.html#SEC43">8.8 Arabic shaping</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC44">joining type</a></td><td valign="top"><a href="libunistring_8.html#SEC44">8.8.1 Joining type of Arabic characters</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_10">L</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_19.html#SEC88">LGPL, GNU Lesser General Public License</a></td><td valign="top"><a href="libunistring_19.html#SEC88">B.2 GNU LESSER GENERAL PUBLIC LICENSE</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_19.html#SEC89">License, GNU FDL</a></td><td valign="top"><a href="libunistring_19.html#SEC89">B.3 GNU Free Documentation License</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_19.html#SEC83">License, GNU GPL</a></td><td valign="top"><a href="libunistring_19.html#SEC83">B.1 GNU GENERAL PUBLIC LICENSE</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_19.html#SEC88">License, GNU LGPL</a></td><td valign="top"><a href="libunistring_19.html#SEC88">B.2 GNU LESSER GENERAL PUBLIC LICENSE</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_19.html#SEC82">Licenses</a></td><td valign="top"><a href="libunistring_19.html#SEC82">B. Licenses</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#SEC60">line breaks</a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC4">locale</a></td><td valign="top"><a href="libunistring_1.html#SEC4">1.3 Locale encodings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX7">locale categories</a></td><td valign="top"><a href="libunistring_1.html#SEC4">1.3 Locale encodings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX8">locale encoding</a></td><td valign="top"><a href="libunistring_1.html#SEC4">1.3 Locale encodings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX145">locale encoding</a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX825">locale language</a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX9">locale, multibyte</a></td><td valign="top"><a href="libunistring_1.html#SEC6">1.5 &lsquo;<samp>char *</samp>&rsquo; strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX146"><code>locale_charset</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC69">lowercasing</a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_11">M</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_16.html#SEC79">mailing list</a></td><td valign="top"><a href="libunistring_16.html#SEC79">16.5 Reporting problems</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC42">mirroring, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC42">8.7 Mirrored character</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_12">N</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC61">normal forms</a></td><td valign="top"><a href="libunistring_13.html#SEC61">13. Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC61">normalizing</a></td><td valign="top"><a href="libunistring_13.html#SEC61">13. Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_13">O</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#SEC31">output, formatted</a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_14">P</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC46">properties, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC46">8.9 Properties</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_15">R</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_15.html#SEC73">regular expression</a></td><td valign="top"><a href="libunistring_15.html#SEC73">15. Regular expressions <code>&lt;uniregex.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_17.html#IDX903">rendering</a></td><td valign="top"><a href="libunistring_17.html#SEC80">17. More advanced functionality</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_2.html#IDX15">return value conventions</a></td><td valign="top"><a href="libunistring_2.html#SEC8">2. Conventions</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_16">S</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC49">scripts</a></td><td valign="top"><a href="libunistring_8.html#SEC49">8.10 Scripts</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC18">searching, for a character</a></td><td valign="top"><a href="libunistring_4.html#SEC18">4.3.5 Searching for a character in a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC27">searching, for a character</a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC28">searching, for a substring</a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#SEC66">stream, normalizing a</a></td><td valign="top"><a href="libunistring_13.html#SEC66">13.5 Normalization of streams of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX817"><code>struct uninorm_filter</code></a></td><td valign="top"><a href="libunistring_13.html#SEC66">13.5 Normalization of streams of Unicode characters</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_17">T</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC69">titlecasing</a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="SEC91_18">U</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX197"><code>u16_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX196"><code>u16_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX868"><code>u16_casecmp</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX880"><code>u16_casecoll</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX862"><code>u16_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX876"><code>u16_casexfrm</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX839"><code>u16_casing_prefix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX842"><code>u16_casing_prefixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX847"><code>u16_casing_suffix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX850"><code>u16_casing_suffixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX21"><code>u16_check</code></a></td><td valign="top"><a href="libunistring_4.html#SEC11">4.1 Elementary string checks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX60"><code>u16_chr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC18">4.3.5 Searching for a character in a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX54"><code>u16_cmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC17">4.3.4 Comparing Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX57"><code>u16_cmp2</code></a></td><td valign="top"><a href="libunistring_4.html#SEC17">4.3.4 Comparing Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX153"><code>u16_conv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX156"><code>u16_conv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX45"><code>u16_cpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX66"><code>u16_cpy_alloc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC20">4.4 Elementary string functions with memory allocation</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX865"><code>u16_ct_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX856"><code>u16_ct_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX859"><code>u16_ct_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX853"><code>u16_ct_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX140"><code>u16_endswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX710"><code>u16_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX704"><code>u16_grapheme_next</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX707"><code>u16_grapheme_prev</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX896"><code>u16_is_cased</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX893"><code>u16_is_casefolded</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX887"><code>u16_is_lowercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX890"><code>u16_is_titlecase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX884"><code>u16_is_uppercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX30"><code>u16_mblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX63"><code>u16_mbsnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC19">4.3.6 Counting the characters in a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX33"><code>u16_mbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX36"><code>u16_mbtouc_unsafe</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX39"><code>u16_mbtoucr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX48"><code>u16_move</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX76"><code>u16_next</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX804"><code>u16_normalize</code></a></td><td valign="top"><a href="libunistring_13.html#SEC64">13.3 Normalization of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX807"><code>u16_normcmp</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX815"><code>u16_normcoll</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX812"><code>u16_normxfrm</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX767"><code>u16_possible_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX79"><code>u16_prev</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX51"><code>u16_set</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX195"><code>u16_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX194"><code>u16_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX137"><code>u16_startswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX91"><code>u16_stpcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX97"><code>u16_stpncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX100"><code>u16_strcat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX119"><code>u16_strchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX106"><code>u16_strcmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX110"><code>u16_strcoll</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX159"><code>u16_strconv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX165"><code>u16_strconv_from_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX162"><code>u16_strconv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX168"><code>u16_strconv_to_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX88"><code>u16_strcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX125"><code>u16_strcspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX116"><code>u16_strdup</code></a></td><td valign="top"><a href="libunistring_4.html#SEC26">4.5.5 Duplicating a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX82"><code>u16_strlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC23">4.5.2 Length of a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX69"><code>u16_strmblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX73"><code>u16_strmbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX103"><code>u16_strncat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX113"><code>u16_strncmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX94"><code>u16_strncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX85"><code>u16_strnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC23">4.5.2 Length of a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX131"><code>u16_strpbrk</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX122"><code>u16_strrchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX128"><code>u16_strspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX134"><code>u16_strstr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX143"><code>u16_strtok</code></a></td><td valign="top"><a href="libunistring_4.html#SEC29">4.5.8 Tokenizing a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX701"><code>u16_strwidth</code></a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX26"><code>u16_to_u32</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.2 Elementary string conversions</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX25"><code>u16_to_u8</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.2 Elementary string conversions</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX831"><code>u16_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX834"><code>u16_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX828"><code>u16_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX205"><code>u16_u16_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX204"><code>u16_u16_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX203"><code>u16_u16_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX202"><code>u16_u16_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX209"><code>u16_u16_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX208"><code>u16_u16_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX207"><code>u16_u16_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX206"><code>u16_u16_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX42"><code>u16_uctomb</code></a></td><td valign="top"><a href="libunistring_4.html#SEC15">4.3.2 Creating Unicode strings one character at a time</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX201"><code>u16_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX200"><code>u16_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX199"><code>u16_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX198"><code>u16_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX698"><code>u16_width</code></a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX771"><code>u16_width_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX735"><code>u16_wordbreaks</code></a></td><td valign="top"><a href="libunistring_11.html#SEC58">11.1 Word breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX213"><code>u32_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX212"><code>u32_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX869"><code>u32_casecmp</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX881"><code>u32_casecoll</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX863"><code>u32_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX877"><code>u32_casexfrm</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX840"><code>u32_casing_prefix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX843"><code>u32_casing_prefixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX848"><code>u32_casing_suffix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX851"><code>u32_casing_suffixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX22"><code>u32_check</code></a></td><td valign="top"><a href="libunistring_4.html#SEC11">4.1 Elementary string checks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX61"><code>u32_chr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC18">4.3.5 Searching for a character in a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX55"><code>u32_cmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC17">4.3.4 Comparing Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX58"><code>u32_cmp2</code></a></td><td valign="top"><a href="libunistring_4.html#SEC17">4.3.4 Comparing Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX154"><code>u32_conv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX157"><code>u32_conv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX46"><code>u32_cpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX67"><code>u32_cpy_alloc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC20">4.4 Elementary string functions with memory allocation</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX866"><code>u32_ct_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX857"><code>u32_ct_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX860"><code>u32_ct_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX854"><code>u32_ct_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX141"><code>u32_endswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX711"><code>u32_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX705"><code>u32_grapheme_next</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX708"><code>u32_grapheme_prev</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX897"><code>u32_is_cased</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX894"><code>u32_is_casefolded</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX888"><code>u32_is_lowercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX891"><code>u32_is_titlecase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX885"><code>u32_is_uppercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX31"><code>u32_mblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX64"><code>u32_mbsnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC19">4.3.6 Counting the characters in a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX34"><code>u32_mbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX37"><code>u32_mbtouc_unsafe</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX40"><code>u32_mbtoucr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX49"><code>u32_move</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX77"><code>u32_next</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX805"><code>u32_normalize</code></a></td><td valign="top"><a href="libunistring_13.html#SEC64">13.3 Normalization of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX808"><code>u32_normcmp</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX816"><code>u32_normcoll</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX813"><code>u32_normxfrm</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX768"><code>u32_possible_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX80"><code>u32_prev</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX52"><code>u32_set</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX211"><code>u32_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX210"><code>u32_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX138"><code>u32_startswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX92"><code>u32_stpcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX98"><code>u32_stpncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX101"><code>u32_strcat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX120"><code>u32_strchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX107"><code>u32_strcmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX111"><code>u32_strcoll</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX160"><code>u32_strconv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX166"><code>u32_strconv_from_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX163"><code>u32_strconv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX169"><code>u32_strconv_to_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX89"><code>u32_strcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX126"><code>u32_strcspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX117"><code>u32_strdup</code></a></td><td valign="top"><a href="libunistring_4.html#SEC26">4.5.5 Duplicating a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX83"><code>u32_strlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC23">4.5.2 Length of a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX70"><code>u32_strmblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX74"><code>u32_strmbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX104"><code>u32_strncat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX114"><code>u32_strncmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX95"><code>u32_strncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX86"><code>u32_strnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC23">4.5.2 Length of a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX132"><code>u32_strpbrk</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX123"><code>u32_strrchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX129"><code>u32_strspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX135"><code>u32_strstr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX144"><code>u32_strtok</code></a></td><td valign="top"><a href="libunistring_4.html#SEC29">4.5.8 Tokenizing a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX702"><code>u32_strwidth</code></a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX28"><code>u32_to_u16</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.2 Elementary string conversions</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX27"><code>u32_to_u8</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.2 Elementary string conversions</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX832"><code>u32_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX835"><code>u32_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX829"><code>u32_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX221"><code>u32_u32_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX220"><code>u32_u32_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX219"><code>u32_u32_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX218"><code>u32_u32_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX225"><code>u32_u32_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX224"><code>u32_u32_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX223"><code>u32_u32_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX222"><code>u32_u32_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX43"><code>u32_uctomb</code></a></td><td valign="top"><a href="libunistring_4.html#SEC15">4.3.2 Creating Unicode strings one character at a time</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX217"><code>u32_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX216"><code>u32_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX215"><code>u32_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX214"><code>u32_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX699"><code>u32_width</code></a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX772"><code>u32_width_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX736"><code>u32_wordbreaks</code></a></td><td valign="top"><a href="libunistring_11.html#SEC58">11.1 Word breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX181"><code>u8_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX180"><code>u8_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX867"><code>u8_casecmp</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX879"><code>u8_casecoll</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX861"><code>u8_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX875"><code>u8_casexfrm</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX838"><code>u8_casing_prefix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX841"><code>u8_casing_prefixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX846"><code>u8_casing_suffix_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX849"><code>u8_casing_suffixes_context</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX20"><code>u8_check</code></a></td><td valign="top"><a href="libunistring_4.html#SEC11">4.1 Elementary string checks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX59"><code>u8_chr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC18">4.3.5 Searching for a character in a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX53"><code>u8_cmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC17">4.3.4 Comparing Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX56"><code>u8_cmp2</code></a></td><td valign="top"><a href="libunistring_4.html#SEC17">4.3.4 Comparing Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX152"><code>u8_conv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX155"><code>u8_conv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX44"><code>u8_cpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX65"><code>u8_cpy_alloc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC20">4.4 Elementary string functions with memory allocation</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX864"><code>u8_ct_casefold</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX855"><code>u8_ct_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX858"><code>u8_ct_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX852"><code>u8_ct_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX139"><code>u8_endswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX709"><code>u8_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX703"><code>u8_grapheme_next</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX706"><code>u8_grapheme_prev</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX895"><code>u8_is_cased</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX892"><code>u8_is_casefolded</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX886"><code>u8_is_lowercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX889"><code>u8_is_titlecase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX883"><code>u8_is_uppercase</code></a></td><td valign="top"><a href="libunistring_14.html#SEC72">14.5 Case detection</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX29"><code>u8_mblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX62"><code>u8_mbsnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC19">4.3.6 Counting the characters in a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX32"><code>u8_mbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX35"><code>u8_mbtouc_unsafe</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX38"><code>u8_mbtoucr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX47"><code>u8_move</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX75"><code>u8_next</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX803"><code>u8_normalize</code></a></td><td valign="top"><a href="libunistring_13.html#SEC64">13.3 Normalization of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX806"><code>u8_normcmp</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX814"><code>u8_normcoll</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX811"><code>u8_normxfrm</code></a></td><td valign="top"><a href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX766"><code>u8_possible_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX78"><code>u8_prev</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX50"><code>u8_set</code></a></td><td valign="top"><a href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX179"><code>u8_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX178"><code>u8_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX136"><code>u8_startswith</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX90"><code>u8_stpcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX96"><code>u8_stpncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX99"><code>u8_strcat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX118"><code>u8_strchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX105"><code>u8_strcmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX109"><code>u8_strcoll</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX158"><code>u8_strconv_from_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX164"><code>u8_strconv_from_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX161"><code>u8_strconv_to_encoding</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_5.html#IDX167"><code>u8_strconv_to_locale</code></a></td><td valign="top"><a href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX87"><code>u8_strcpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX124"><code>u8_strcspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX115"><code>u8_strdup</code></a></td><td valign="top"><a href="libunistring_4.html#SEC26">4.5.5 Duplicating a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX81"><code>u8_strlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC23">4.5.2 Length of a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX68"><code>u8_strmblen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX72"><code>u8_strmbtouc</code></a></td><td valign="top"><a href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX102"><code>u8_strncat</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX112"><code>u8_strncmp</code></a></td><td valign="top"><a href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX93"><code>u8_strncpy</code></a></td><td valign="top"><a href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX84"><code>u8_strnlen</code></a></td><td valign="top"><a href="libunistring_4.html#SEC23">4.5.2 Length of a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX130"><code>u8_strpbrk</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX121"><code>u8_strrchr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX127"><code>u8_strspn</code></a></td><td valign="top"><a href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX133"><code>u8_strstr</code></a></td><td valign="top"><a href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX142"><code>u8_strtok</code></a></td><td valign="top"><a href="libunistring_4.html#SEC29">4.5.8 Tokenizing a NUL terminated Unicode string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX700"><code>u8_strwidth</code></a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX23"><code>u8_to_u16</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.2 Elementary string conversions</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX24"><code>u8_to_u32</code></a></td><td valign="top"><a href="libunistring_4.html#SEC12">4.2 Elementary string conversions</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX830"><code>u8_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX833"><code>u8_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX827"><code>u8_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX189"><code>u8_u8_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX188"><code>u8_u8_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX187"><code>u8_u8_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX186"><code>u8_u8_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX193"><code>u8_u8_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX192"><code>u8_u8_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX191"><code>u8_u8_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX190"><code>u8_u8_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#IDX41"><code>u8_uctomb</code></a></td><td valign="top"><a href="libunistring_4.html#SEC15">4.3.2 Creating Unicode strings one character at a time</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX185"><code>u8_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX184"><code>u8_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX183"><code>u8_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX182"><code>u8_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX697"><code>u8_width</code></a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX770"><code>u8_width_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX734"><code>u8_wordbreaks</code></a></td><td valign="top"><a href="libunistring_11.html#SEC58">11.1 Word breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX669"><code>uc_all_blocks</code></a></td><td valign="top"><a href="libunistring_8.html#SEC50">8.11 Blocks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX664"><code>uc_all_scripts</code></a></td><td valign="top"><a href="libunistring_8.html#SEC49">8.10 Scripts</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX405"><code>uc_bidi_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX403"><code>uc_bidi_category_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX400"><code>uc_bidi_category_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX404"><code>uc_bidi_class</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX402"><code>uc_bidi_class_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX401"><code>uc_bidi_class_long_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX399"><code>uc_bidi_class_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX667"><code>uc_block</code></a></td><td valign="top"><a href="libunistring_8.html#SEC50">8.11 Blocks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX665"><code>uc_block_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC50">8.11 Blocks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX677"><code>uc_c_ident_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX793"><code>uc_canonical_decomposition</code></a></td><td valign="top"><a href="libunistring_13.html#SEC62">13.1 Decomposition of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX379"><code>uc_combining_class</code></a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.2 Canonical combining class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX378"><code>uc_combining_class_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.2 Canonical combining class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX377"><code>uc_combining_class_long_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.2 Canonical combining class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX376"><code>uc_combining_class_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.2 Canonical combining class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX794"><code>uc_composition</code></a></td><td valign="top"><a href="libunistring_13.html#SEC63">13.2 Composition of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX408"><code>uc_decimal_value</code></a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.4 Decimal digit value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX792"><code>uc_decomposition</code></a></td><td valign="top"><a href="libunistring_13.html#SEC62">13.1 Decomposition of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX409"><code>uc_digit_value</code></a></td><td valign="top"><a href="libunistring_8.html#SEC40">8.5 Digit value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX410"><code>uc_fraction_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC41">8.6 Numeric value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX315"><code>uc_general_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX310"><code>uc_general_category_and</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX311"><code>uc_general_category_and_not</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX314"><code>uc_general_category_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX313"><code>uc_general_category_long_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX312"><code>uc_general_category_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX309"><code>uc_general_category_or</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX232"><code>uc_general_category_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX713"><code>uc_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX732"><code>uc_graphemeclusterbreak_property</code></a></td><td valign="top"><a href="libunistring_10.html#SEC56">10.2 Grapheme cluster break property</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX680"><code>uc_is_alnum</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX681"><code>uc_is_alpha</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX407"><code>uc_is_bidi_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX406"><code>uc_is_bidi_class</code></a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX691"><code>uc_is_blank</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX668"><code>uc_is_block</code></a></td><td valign="top"><a href="libunistring_8.html#SEC50">8.11 Blocks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX670"><code>uc_is_c_whitespace</code></a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX682"><code>uc_is_cntrl</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX683"><code>uc_is_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX316"><code>uc_is_general_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX355"><code>uc_is_general_category_withtable</code></a></td><td valign="top"><a href="libunistring_8.html#SEC36">8.1.2 The bit mask API for general category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX684"><code>uc_is_graph</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX733"><code>uc_is_grapheme_break</code></a></td><td valign="top"><a href="libunistring_10.html#SEC56">10.2 Grapheme cluster break property</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX671"><code>uc_is_java_whitespace</code></a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX685"><code>uc_is_lower</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX686"><code>uc_is_print</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX572"><code>uc_is_property</code></a></td><td valign="top"><a href="libunistring_8.html#SEC47">8.9.1 Properties as objects &ndash; the object oriented API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX574"><code>uc_is_property_alphabetic</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX628"><code>uc_is_property_ascii_hex_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX617"><code>uc_is_property_bidi_arabic_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX613"><code>uc_is_property_bidi_arabic_right_to_left</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX619"><code>uc_is_property_bidi_block_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX623"><code>uc_is_property_bidi_boundary_neutral</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX618"><code>uc_is_property_bidi_common_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX610"><code>uc_is_property_bidi_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX625"><code>uc_is_property_bidi_embedding_or_override</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX615"><code>uc_is_property_bidi_eur_num_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX616"><code>uc_is_property_bidi_eur_num_terminator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX614"><code>uc_is_property_bidi_european_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX612"><code>uc_is_property_bidi_hebrew_right_to_left</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX611"><code>uc_is_property_bidi_left_to_right</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX622"><code>uc_is_property_bidi_non_spacing_mark</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX626"><code>uc_is_property_bidi_other_neutral</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX624"><code>uc_is_property_bidi_pdf</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX620"><code>uc_is_property_bidi_segment_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX621"><code>uc_is_property_bidi_whitespace</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX590"><code>uc_is_property_case_ignorable</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX589"><code>uc_is_property_cased</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX594"><code>uc_is_property_changes_when_casefolded</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX595"><code>uc_is_property_changes_when_casemapped</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX591"><code>uc_is_property_changes_when_lowercased</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX593"><code>uc_is_property_changes_when_titlecased</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX592"><code>uc_is_property_changes_when_uppercased</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX652"><code>uc_is_property_combining</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX653"><code>uc_is_property_composite</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX647"><code>uc_is_property_currency_symbol</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX639"><code>uc_is_property_dash</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX654"><code>uc_is_property_decimal_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX577"><code>uc_is_property_default_ignorable_code_point</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX579"><code>uc_is_property_deprecated</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX656"><code>uc_is_property_diacritic</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX657"><code>uc_is_property_extender</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX638"><code>uc_is_property_format_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX606"><code>uc_is_property_grapheme_base</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX607"><code>uc_is_property_grapheme_extend</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX609"><code>uc_is_property_grapheme_link</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX627"><code>uc_is_property_hex_digit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX640"><code>uc_is_property_hyphen</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX599"><code>uc_is_property_id_continue</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX597"><code>uc_is_property_id_start</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX629"><code>uc_is_property_ideographic</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX632"><code>uc_is_property_ids_binary_operator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX633"><code>uc_is_property_ids_trinary_operator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX658"><code>uc_is_property_ignorable_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX637"><code>uc_is_property_iso_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX605"><code>uc_is_property_join_control</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX651"><code>uc_is_property_left_of_pair</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX642"><code>uc_is_property_line_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX580"><code>uc_is_property_logical_order_exception</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX586"><code>uc_is_property_lowercase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX648"><code>uc_is_property_math</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX636"><code>uc_is_property_non_break</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX576"><code>uc_is_property_not_a_character</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX655"><code>uc_is_property_numeric</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX575"><code>uc_is_property_other_alphabetic</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX578"><code>uc_is_property_other_default_ignorable_code_point</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX608"><code>uc_is_property_other_grapheme_extend</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX600"><code>uc_is_property_other_id_continue</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX598"><code>uc_is_property_other_id_start</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX587"><code>uc_is_property_other_lowercase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX649"><code>uc_is_property_other_math</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX585"><code>uc_is_property_other_uppercase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX650"><code>uc_is_property_paired_punctuation</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX643"><code>uc_is_property_paragraph_separator</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX604"><code>uc_is_property_pattern_syntax</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX603"><code>uc_is_property_pattern_white_space</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX582"><code>uc_is_property_private_use</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX641"><code>uc_is_property_punctuation</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX644"><code>uc_is_property_quotation_mark</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX631"><code>uc_is_property_radical</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX645"><code>uc_is_property_sentence_terminal</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX596"><code>uc_is_property_soft_dotted</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX635"><code>uc_is_property_space</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX646"><code>uc_is_property_terminal_punctuation</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX588"><code>uc_is_property_titlecase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX583"><code>uc_is_property_unassigned_code_value</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX630"><code>uc_is_property_unified_ideograph</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX584"><code>uc_is_property_uppercase</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX581"><code>uc_is_property_variation_selector</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX573"><code>uc_is_property_white_space</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX602"><code>uc_is_property_xid_continue</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX601"><code>uc_is_property_xid_start</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX634"><code>uc_is_property_zero_width</code></a></td><td valign="top"><a href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX687"><code>uc_is_punct</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX663"><code>uc_is_script</code></a></td><td valign="top"><a href="libunistring_8.html#SEC49">8.10 Scripts</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX688"><code>uc_is_space</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX689"><code>uc_is_upper</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX690"><code>uc_is_xdigit</code></a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX679"><code>uc_java_ident_category</code></a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX482"><code>uc_joining_group</code></a></td><td valign="top"><a href="libunistring_8.html#SEC45">8.8.2 Joining group of Arabic characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX481"><code>uc_joining_group_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC45">8.8.2 Joining group of Arabic characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX480"><code>uc_joining_group_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC45">8.8.2 Joining group of Arabic characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX422"><code>uc_joining_type</code></a></td><td valign="top"><a href="libunistring_8.html#SEC44">8.8.1 Joining type of Arabic characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX421"><code>uc_joining_type_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC44">8.8.1 Joining type of Arabic characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX420"><code>uc_joining_type_long_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC44">8.8.1 Joining type of Arabic characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX419"><code>uc_joining_type_name</code></a></td><td valign="top"><a href="libunistring_8.html#SEC44">8.8.1 Joining type of Arabic characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX826"><code>uc_locale_language</code></a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX412"><code>uc_mirror_char</code></a></td><td valign="top"><a href="libunistring_8.html#SEC42">8.7 Mirrored character</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX411"><code>uc_numeric_value</code></a></td><td valign="top"><a href="libunistring_8.html#SEC41">8.6 Numeric value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX570"><code>uc_property_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC47">8.9.1 Properties as objects &ndash; the object oriented API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX571"><code>uc_property_is_valid</code></a></td><td valign="top"><a href="libunistring_8.html#SEC47">8.9.1 Properties as objects &ndash; the object oriented API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX483"><code>uc_property_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC47">8.9.1 Properties as objects &ndash; the object oriented API</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX661"><code>uc_script</code></a></td><td valign="top"><a href="libunistring_8.html#SEC49">8.10 Scripts</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX662"><code>uc_script_byname</code></a></td><td valign="top"><a href="libunistring_8.html#SEC49">8.10 Scripts</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX659"><code>uc_script_t</code></a></td><td valign="top"><a href="libunistring_8.html#SEC49">8.10 Scripts</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX823"><code>uc_tolower</code></a></td><td valign="top"><a href="libunistring_14.html#SEC68">14.1 Case mappings of characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX824"><code>uc_totitle</code></a></td><td valign="top"><a href="libunistring_14.html#SEC68">14.1 Case mappings of characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX822"><code>uc_toupper</code></a></td><td valign="top"><a href="libunistring_14.html#SEC68">14.1 Case mappings of characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX696"><code>uc_width</code></a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX760"><code>uc_wordbreak_property</code></a></td><td valign="top"><a href="libunistring_11.html#SEC59">11.2 Word break property</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX6">UCS-4</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_3.html#IDX19"><code>ucs4_t</code></a></td><td valign="top"><a href="libunistring_3.html#SEC9">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_3.html#IDX17"><code>uint16_t</code></a></td><td valign="top"><a href="libunistring_3.html#SEC9">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_3.html#IDX18"><code>uint32_t</code></a></td><td valign="top"><a href="libunistring_3.html#SEC9">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_3.html#IDX16"><code>uint8_t</code></a></td><td valign="top"><a href="libunistring_3.html#SEC9">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX173"><code>ulc_asnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX172"><code>ulc_asprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX870"><code>ulc_casecmp</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX882"><code>ulc_casecoll</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#IDX878"><code>ulc_casexfrm</code></a></td><td valign="top"><a href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX226"><code>ulc_fprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_10.html#IDX712"><code>ulc_grapheme_breaks</code></a></td><td valign="top"><a href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX769"><code>ulc_possible_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX171"><code>ulc_snprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX170"><code>ulc_sprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX177"><code>ulc_vasnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX176"><code>ulc_vasprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX227"><code>ulc_vfprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX175"><code>ulc_vsnprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_6.html#IDX174"><code>ulc_vsprintf</code></a></td><td valign="top"><a href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#IDX773"><code>ulc_width_linebreaks</code></a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#IDX737"><code>ulc_wordbreaks</code></a></td><td valign="top"><a href="libunistring_11.html#SEC58">11.1 Word breaks in a string</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#SEC2">Unicode</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC38">Unicode character, bidi class</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC38">Unicode character, bidirectional category</a></td><td valign="top"><a href="libunistring_8.html#SEC38">8.3 Bidi class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX666">Unicode character, block</a></td><td valign="top"><a href="libunistring_8.html#SEC50">8.11 Blocks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC37">Unicode character, canonical combining class</a></td><td valign="top"><a href="libunistring_8.html#SEC37">8.2 Canonical combining class</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC68">Unicode character, case mappings</a></td><td valign="top"><a href="libunistring_14.html#SEC68">14.1 Case mappings of characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC34">Unicode character, classification</a></td><td valign="top"><a href="libunistring_8.html#SEC34">8.1 General category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC52">Unicode character, classification like in C</a></td><td valign="top"><a href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC34">Unicode character, general category</a></td><td valign="top"><a href="libunistring_8.html#SEC34">8.1 General category</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC42">Unicode character, mirroring</a></td><td valign="top"><a href="libunistring_8.html#SEC42">8.7 Mirrored character</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_7.html#SEC32">Unicode character, name</a></td><td valign="top"><a href="libunistring_7.html#SEC32">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC46">Unicode character, properties</a></td><td valign="top"><a href="libunistring_8.html#SEC46">8.9 Properties</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX660">Unicode character, script</a></td><td valign="top"><a href="libunistring_8.html#SEC49">8.10 Scripts</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX676">Unicode character, validity in C identifiers</a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#IDX678">Unicode character, validity in Java identifiers</a></td><td valign="top"><a href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC39">Unicode character, value</a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.4 Decimal digit value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC40">Unicode character, value</a></td><td valign="top"><a href="libunistring_8.html#SEC40">8.5 Digit value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC41">Unicode character, value</a></td><td valign="top"><a href="libunistring_8.html#SEC41">8.6 Numeric value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#IDX693">Unicode character, width</a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_7.html#IDX229"><code>unicode_character_name</code></a></td><td valign="top"><a href="libunistring_7.html#SEC32">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_7.html#IDX230"><code>unicode_name_character</code></a></td><td valign="top"><a href="libunistring_7.html#SEC32">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX802"><code>uninorm_decomposing_form</code></a></td><td valign="top"><a href="libunistring_13.html#SEC64">13.3 Normalization of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX818"><code>uninorm_filter_create</code></a></td><td valign="top"><a href="libunistring_13.html#SEC66">13.5 Normalization of streams of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX820"><code>uninorm_filter_flush</code></a></td><td valign="top"><a href="libunistring_13.html#SEC66">13.5 Normalization of streams of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX821"><code>uninorm_filter_free</code></a></td><td valign="top"><a href="libunistring_13.html#SEC66">13.5 Normalization of streams of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX819"><code>uninorm_filter_write</code></a></td><td valign="top"><a href="libunistring_13.html#SEC66">13.5 Normalization of streams of Unicode characters</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX800"><code>uninorm_is_compat_decomposing</code></a></td><td valign="top"><a href="libunistring_13.html#SEC64">13.3 Normalization of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX801"><code>uninorm_is_composing</code></a></td><td valign="top"><a href="libunistring_13.html#SEC64">13.3 Normalization of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_13.html#IDX795"><code>uninorm_t</code></a></td><td valign="top"><a href="libunistring_13.html#SEC64">13.3 Normalization of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_14.html#SEC69">uppercasing</a></td><td valign="top"><a href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX1">use cases</a></td><td valign="top"><a href="libunistring_1.html#SEC1">1. Introduction</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX4">UTF-16</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX12">UTF-16, strings</a></td><td valign="top"><a href="libunistring_1.html#SEC7">1.6 Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX5">UTF-32</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX13">UTF-32, strings</a></td><td valign="top"><a href="libunistring_1.html#SEC7">1.6 Unicode strings</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX3">UTF-8</a></td><td valign="top"><a href="libunistring_1.html#SEC2">1.1 Unicode</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX11">UTF-8, strings</a></td><td valign="top"><a href="libunistring_1.html#SEC7">1.6 Unicode strings</a></td></tr>
 <tr><td colspan="3"> <hr></td></tr>
 </table>
-<table><tr><th valign="top">Jump to: &nbsp; </th><td><a href="libunistring_19.html#SEC77_0" class="summary-letter"><b>A</b></a>
+<table><tr><th valign="top">Jump to: &nbsp; </th><td><a href="#SEC91_0" class="summary-letter"><b>A</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_1" class="summary-letter"><b>B</b></a>
+<a href="#SEC91_1" class="summary-letter"><b>B</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_2" class="summary-letter"><b>C</b></a>
+<a href="#SEC91_2" class="summary-letter"><b>C</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_3" class="summary-letter"><b>D</b></a>
+<a href="#SEC91_3" class="summary-letter"><b>D</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_4" class="summary-letter"><b>E</b></a>
+<a href="#SEC91_4" class="summary-letter"><b>E</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_5" class="summary-letter"><b>F</b></a>
+<a href="#SEC91_5" class="summary-letter"><b>F</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_6" class="summary-letter"><b>G</b></a>
+<a href="#SEC91_6" class="summary-letter"><b>G</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_7" class="summary-letter"><b>H</b></a>
+<a href="#SEC91_7" class="summary-letter"><b>H</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_8" class="summary-letter"><b>I</b></a>
+<a href="#SEC91_8" class="summary-letter"><b>I</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_9" class="summary-letter"><b>J</b></a>
+<a href="#SEC91_9" class="summary-letter"><b>J</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_10" class="summary-letter"><b>L</b></a>
+<a href="#SEC91_10" class="summary-letter"><b>L</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_11" class="summary-letter"><b>M</b></a>
+<a href="#SEC91_11" class="summary-letter"><b>M</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_12" class="summary-letter"><b>N</b></a>
+<a href="#SEC91_12" class="summary-letter"><b>N</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_13" class="summary-letter"><b>O</b></a>
+<a href="#SEC91_13" class="summary-letter"><b>O</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_14" class="summary-letter"><b>P</b></a>
+<a href="#SEC91_14" class="summary-letter"><b>P</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_15" class="summary-letter"><b>R</b></a>
+<a href="#SEC91_15" class="summary-letter"><b>R</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_16" class="summary-letter"><b>S</b></a>
+<a href="#SEC91_16" class="summary-letter"><b>S</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_17" class="summary-letter"><b>T</b></a>
+<a href="#SEC91_17" class="summary-letter"><b>T</b></a>
  &nbsp; 
-<a href="libunistring_19.html#SEC77_18" class="summary-letter"><b>U</b></a>
+<a href="#SEC91_18" class="summary-letter"><b>U</b></a>
  &nbsp; 
-<a href="#INDEX0_0" class="summary-letter"><b>V</b></a>
+<a href="libunistring_21.html#INDEX0_0" class="summary-letter"><b>V</b></a>
  &nbsp; 
-<a href="#INDEX0_1" class="summary-letter"><b>W</b></a>
+<a href="libunistring_21.html#INDEX0_1" class="summary-letter"><b>W</b></a>
  &nbsp; 
 </td></tr></table>
-
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[ &gt;&gt; ]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_19.html#SEC82" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_21.html#INDEX0" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -176,12 +803,12 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_21.html b/msys2/usr/share/doc/libunistring/libunistring_21.html
new file mode 100644
index 000000000..cdca4695f
--- /dev/null
+++ b/msys2/usr/share/doc/libunistring/libunistring_21.html
@@ -0,0 +1,190 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
+<html>
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
+<!--
+Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
+            Karl Berry  <karl@freefriends.org>
+            Olaf Bachmann <obachman@mathematik.uni-kl.de>
+            and many others.
+Maintained by: Many creative people.
+Send bugs and suggestions to <texi2html-bug@nongnu.org>
+
+-->
+<head>
+<title>GNU libunistring: Index: V &ndash; W</title>
+
+<meta name="description" content="GNU libunistring: Index: V &ndash; W">
+<meta name="keywords" content="GNU libunistring: Index: V &ndash; W">
+<meta name="resource-type" content="document">
+<meta name="distribution" content="global">
+<meta name="Generator" content="texi2html 1.78a">
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<style type="text/css">
+<!--
+a.summary-letter {text-decoration: none}
+pre.display {font-family: serif}
+pre.format {font-family: serif}
+pre.menu-comment {font-family: serif}
+pre.menu-preformatted {font-family: serif}
+pre.smalldisplay {font-family: serif; font-size: smaller}
+pre.smallexample {font-size: smaller}
+pre.smallformat {font-family: serif; font-size: smaller}
+pre.smalllisp {font-size: smaller}
+span.roman {font-family:serif; font-weight:normal;}
+span.sansserif {font-family:sans-serif; font-weight:normal;}
+ul.toc {list-style: none}
+-->
+</style>
+
+
+</head>
+
+<body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
+
+<table cellpadding="1" cellspacing="1" border="0">
+<tr><td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[ &gt;&gt; ]</td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
+</tr></table>
+
+<hr size="2">
+<a name="INDEX0"></a>
+<h1 class="unnumbered"> Index: V &ndash; W </h1>
+<table><tr><th valign="top">Jump to: &nbsp; </th><td><a href="libunistring_20.html#SEC91_0" class="summary-letter"><b>A</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_1" class="summary-letter"><b>B</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_2" class="summary-letter"><b>C</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_3" class="summary-letter"><b>D</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_4" class="summary-letter"><b>E</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_5" class="summary-letter"><b>F</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_6" class="summary-letter"><b>G</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_7" class="summary-letter"><b>H</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_8" class="summary-letter"><b>I</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_9" class="summary-letter"><b>J</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_10" class="summary-letter"><b>L</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_11" class="summary-letter"><b>M</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_12" class="summary-letter"><b>N</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_13" class="summary-letter"><b>O</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_14" class="summary-letter"><b>P</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_15" class="summary-letter"><b>R</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_16" class="summary-letter"><b>S</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_17" class="summary-letter"><b>T</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_18" class="summary-letter"><b>U</b></a>
+ &nbsp; 
+<a href="#INDEX0_0" class="summary-letter"><b>V</b></a>
+ &nbsp; 
+<a href="#INDEX0_1" class="summary-letter"><b>W</b></a>
+ &nbsp; 
+</td></tr></table>
+<table border="0" class="index-cp">
+<tr><td></td><th align="left">Index Entry</th><th align="left"> Section</th></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="INDEX0_0">V</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC11">validity</a></td><td valign="top"><a href="libunistring_4.html#SEC11">4.1 Elementary string checks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_1.html#IDX2">value, of libunistring</a></td><td valign="top"><a href="libunistring_1.html#SEC1">1. Introduction</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC39">value, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC39">8.4 Decimal digit value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC40">value, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC40">8.5 Digit value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_8.html#SEC41">value, of Unicode character</a></td><td valign="top"><a href="libunistring_8.html#SEC41">8.6 Numeric value</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC11">verification</a></td><td valign="top"><a href="libunistring_4.html#SEC11">4.1 Elementary string checks</a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+<tr><th><a name="INDEX0_1">W</a></th><td></td><td></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_18.html#SEC81">wchar_t, type</a></td><td valign="top"><a href="libunistring_18.html#SEC81">A. The <code>wchar_t</code> mess</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_4.html#SEC11">well-formed</a></td><td valign="top"><a href="libunistring_4.html#SEC11">4.1 Elementary string checks</a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_9.html#SEC53">width</a></td><td valign="top"><a href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#SEC57">word boundaries</a></td><td valign="top"><a href="libunistring_11.html#SEC57">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_11.html#SEC57">word breaks</a></td><td valign="top"><a href="libunistring_11.html#SEC57">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a></td></tr>
+<tr><td></td><td valign="top"><a href="libunistring_12.html#SEC60">wrapping</a></td><td valign="top"><a href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></td></tr>
+<tr><td colspan="3"> <hr></td></tr>
+</table>
+<table><tr><th valign="top">Jump to: &nbsp; </th><td><a href="libunistring_20.html#SEC91_0" class="summary-letter"><b>A</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_1" class="summary-letter"><b>B</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_2" class="summary-letter"><b>C</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_3" class="summary-letter"><b>D</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_4" class="summary-letter"><b>E</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_5" class="summary-letter"><b>F</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_6" class="summary-letter"><b>G</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_7" class="summary-letter"><b>H</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_8" class="summary-letter"><b>I</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_9" class="summary-letter"><b>J</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_10" class="summary-letter"><b>L</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_11" class="summary-letter"><b>M</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_12" class="summary-letter"><b>N</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_13" class="summary-letter"><b>O</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_14" class="summary-letter"><b>P</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_15" class="summary-letter"><b>R</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_16" class="summary-letter"><b>S</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_17" class="summary-letter"><b>T</b></a>
+ &nbsp; 
+<a href="libunistring_20.html#SEC91_18" class="summary-letter"><b>U</b></a>
+ &nbsp; 
+<a href="#INDEX0_0" class="summary-letter"><b>V</b></a>
+ &nbsp; 
+<a href="#INDEX0_1" class="summary-letter"><b>W</b></a>
+ &nbsp; 
+</td></tr></table>
+
+<hr size="6">
+<table cellpadding="1" cellspacing="1" border="0">
+<tr><td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[ &gt;&gt; ]</td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left"> &nbsp; </td>
+<td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
+</tr></table>
+<p>
+ <font size="-1">
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+ </font>
+ <br>
+
+</p>
+</body>
+</html>
diff --git a/msys2/usr/share/doc/libunistring/libunistring_3.html b/msys2/usr/share/doc/libunistring/libunistring_3.html
index 3255a2d1a..cf73702ed 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_3.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_3.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_2.html#SEC9" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_4.html#SEC11" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_2.html#SEC8" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_4.html#SEC10" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="unitypes_002eh"></a>
-<a name="SEC10"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC10">3. Elementary types <code>&lt;unitypes.h&gt;</code></a> </h1>
+<a name="SEC9"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC9">3. Elementary types <code>&lt;unitypes.h&gt;</code></a> </h1>
 
 <p>The include file <code>&lt;unitypes.h&gt;</code> provides the following basic types.
 </p>
@@ -82,10 +82,22 @@ taken from <code>&lt;stdint.h&gt;</code>, on platforms where this include file i
 </dt>
 <dd><p>This type represents a single Unicode character, outside of an UTF-32 string.
 </p></dd></dl>
+
+<p>The types <code>ucs4_t</code> and <code>uint32_t</code> happen to be identical.  They differ
+in use and intent, however:
+</p><ul>
+<li>
+Use <code>uint32_t *</code> to designate an UTF-32 string.  Use <code>ucs4_t</code> to
+designate a single Unicode character, outside of an UTF-32 string.
+</li><li>
+Conversions functions that take an UTF-32 string as input will usually perform
+a range-check on the <code>uint32_t</code> values.  Whereas functions that are
+declared to take <code>ucs4_t</code> arguments will not perform such a range-check.
+</li></ul>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_2.html#SEC9" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_4.html#SEC11" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_2.html#SEC8" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_4.html#SEC10" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -93,12 +105,12 @@ taken from <code>&lt;stdint.h&gt;</code>, on platforms where this include file i
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_4.html b/msys2/usr/share/doc/libunistring/libunistring_4.html
index 3419e8a9c..f54eec521 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_4.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_4.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_3.html#SEC10" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_5.html#SEC17" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_3.html#SEC9" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_5.html#SEC30" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="unistr_002eh"></a>
-<a name="SEC11"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC11">4. Elementary Unicode string functions <code>&lt;unistr.h&gt;</code></a> </h1>
+<a name="SEC10"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC10">4. Elementary Unicode string functions <code>&lt;unistr.h&gt;</code></a> </h1>
 
 <p>This include file declares elementary functions for Unicode strings.  It is
 essentially the equivalent of what <code>&lt;string.h&gt;</code> is for C strings.
@@ -66,8 +66,8 @@ essentially the equivalent of what <code>&lt;string.h&gt;</code> is for C string
 
 <hr size="6">
 <a name="Elementary-string-checks"></a>
-<a name="SEC12"></a>
-<h2 class="section"> <a href="libunistring.html#TOC12">4.1 Elementary string checks</a> </h2>
+<a name="SEC11"></a>
+<h2 class="section"> <a href="libunistring.html#TOC11">4.1 Elementary string checks</a> </h2>
 
 <p>The following function is available to verify the integrity of a Unicode string.
 </p>
@@ -87,8 +87,8 @@ It returns NULL if valid, or a pointer to the first invalid unit otherwise.
 
 <hr size="6">
 <a name="Elementary-string-conversions"></a>
-<a name="SEC13"></a>
-<h2 class="section"> <a href="libunistring.html#TOC13">4.2 Elementary string conversions</a> </h2>
+<a name="SEC12"></a>
+<h2 class="section"> <a href="libunistring.html#TOC12">4.2 Elementary string conversions</a> </h2>
 
 <p>The following functions perform conversions between the different forms of Unicode strings.
 </p>
@@ -97,6 +97,9 @@ It returns NULL if valid, or a pointer to the first invalid unit otherwise.
 <a name="IDX23"></a>
 </dt>
 <dd><p>Converts an UTF-8 string to an UTF-16 string.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
@@ -104,6 +107,9 @@ It returns NULL if valid, or a pointer to the first invalid unit otherwise.
 <a name="IDX24"></a>
 </dt>
 <dd><p>Converts an UTF-8 string to an UTF-32 string.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
@@ -111,6 +117,9 @@ It returns NULL if valid, or a pointer to the first invalid unit otherwise.
 <a name="IDX25"></a>
 </dt>
 <dd><p>Converts an UTF-16 string to an UTF-8 string.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
@@ -118,6 +127,9 @@ It returns NULL if valid, or a pointer to the first invalid unit otherwise.
 <a name="IDX26"></a>
 </dt>
 <dd><p>Converts an UTF-16 string to an UTF-32 string.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
@@ -125,6 +137,9 @@ It returns NULL if valid, or a pointer to the first invalid unit otherwise.
 <a name="IDX27"></a>
 </dt>
 <dd><p>Converts an UTF-32 string to an UTF-8 string.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <dl>
@@ -132,12 +147,21 @@ It returns NULL if valid, or a pointer to the first invalid unit otherwise.
 <a name="IDX28"></a>
 </dt>
 <dd><p>Converts an UTF-32 string to an UTF-16 string.
+</p>
+<p>The <var>resultbuf</var> and <var>lengthp</var> arguments are as described in
+chapter <a href="libunistring_2.html#SEC8">Conventions</a>.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Elementary-string-functions"></a>
+<a name="SEC13"></a>
+<h2 class="section"> <a href="libunistring.html#TOC13">4.3 Elementary string functions</a> </h2>
+
+
+<hr size="6">
+<a name="Iterating"></a>
 <a name="SEC14"></a>
-<h2 class="section"> <a href="libunistring.html#TOC14">4.3 Elementary string functions</a> </h2>
+<h3 class="subsection"> <a href="libunistring.html#TOC14">4.3.1 Iterating over a Unicode string</a> </h3>
 
 <p>The following functions inspect and return details about the first character
 in a Unicode string.
@@ -156,18 +180,18 @@ in a Unicode string.
 is no longer than <var>n</var>.  Returns 0 if it is the NUL character.  Returns -1
 upon failure.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/mblen.html"><code>mblen</code></a>, except that it operates on a
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/mblen.html"><code>mblen</code></a>, except that it operates on a
 Unicode string and that <var>s</var> must not be NULL.
 </p></dd></dl>
 
 <dl>
-<dt><u>Function:</u> int <b>u8_mbtouc_unsafe</b><i> (ucs4_t *<var>puc</var>, const uint8_t *<var>s</var>, size_t <var>n</var>)</i>
+<dt><u>Function:</u> int <b>u8_mbtouc</b><i> (ucs4_t *<var>puc</var>, const uint8_t *<var>s</var>, size_t <var>n</var>)</i>
 <a name="IDX32"></a>
 </dt>
-<dt><u>Function:</u> int <b>u16_mbtouc_unsafe</b><i> (ucs4_t *<var>puc</var>, const uint16_t *<var>s</var>, size_t <var>n</var>)</i>
+<dt><u>Function:</u> int <b>u16_mbtouc</b><i> (ucs4_t *<var>puc</var>, const uint16_t *<var>s</var>, size_t <var>n</var>)</i>
 <a name="IDX33"></a>
 </dt>
-<dt><u>Function:</u> int <b>u32_mbtouc_unsafe</b><i> (ucs4_t *<var>puc</var>, const uint32_t *<var>s</var>, size_t <var>n</var>)</i>
+<dt><u>Function:</u> int <b>u32_mbtouc</b><i> (ucs4_t *<var>puc</var>, const uint32_t *<var>s</var>, size_t <var>n</var>)</i>
 <a name="IDX34"></a>
 </dt>
 <dd><p>Returns the length (number of units) of the first character in <var>s</var>,
@@ -177,24 +201,28 @@ is returned.
 </p>
 <p>The number of available units, <var>n</var>, must be &gt; 0.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/mbtowc.html"><code>mbtowc</code></a>, except that it operates on a
+<p>This function fails if an invalid sequence of units is encountered at the
+beginning of <var>s</var>, or if additional units (after the <var>n</var> provided units)
+would be needed to form a character.
+</p>
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/mbtowc.html"><code>mbtowc</code></a>, except that it operates on a
 Unicode string, <var>puc</var> and <var>s</var> must not be NULL, <var>n</var> must be &gt; 0,
 and the NUL character is not treated specially.
 </p></dd></dl>
 
 <dl>
-<dt><u>Function:</u> int <b>u8_mbtouc</b><i> (ucs4_t *<var>puc</var>, const uint8_t *<var>s</var>, size_t <var>n</var>)</i>
+<dt><u>Function:</u> int <b>u8_mbtouc_unsafe</b><i> (ucs4_t *<var>puc</var>, const uint8_t *<var>s</var>, size_t <var>n</var>)</i>
 <a name="IDX35"></a>
 </dt>
-<dt><u>Function:</u> int <b>u16_mbtouc</b><i> (ucs4_t *<var>puc</var>, const uint16_t *<var>s</var>, size_t <var>n</var>)</i>
+<dt><u>Function:</u> int <b>u16_mbtouc_unsafe</b><i> (ucs4_t *<var>puc</var>, const uint16_t *<var>s</var>, size_t <var>n</var>)</i>
 <a name="IDX36"></a>
 </dt>
-<dt><u>Function:</u> int <b>u32_mbtouc</b><i> (ucs4_t *<var>puc</var>, const uint32_t *<var>s</var>, size_t <var>n</var>)</i>
+<dt><u>Function:</u> int <b>u32_mbtouc_unsafe</b><i> (ucs4_t *<var>puc</var>, const uint32_t *<var>s</var>, size_t <var>n</var>)</i>
 <a name="IDX37"></a>
 </dt>
-<dd><p>This function is like <code>u8_mbtouc_unsafe</code>, except that it will detect an
-invalid UTF-8 character, even if the library is compiled without
-&lsquo;<samp>--enable-safety</samp>&rsquo;.
+<dd><p>This function is identical to <code>u8_mbtouc</code>/<code>u16_mbtouc</code>/<code>u32_mbtouc</code>.
+Earlier versions of this function performed fewer range-checks on the sequence
+of units.
 </p></dd></dl>
 
 <dl>
@@ -215,9 +243,14 @@ sequence of units, -2 is returned for an incomplete sequence of units.
 <p>The number of available units, <var>n</var>, must be &gt; 0.
 </p>
 <p>This function is similar to <code>u8_mbtouc</code>, except that the return value
-gives more details about the failure, similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/mbrtowc.html"><code>mbrtowc</code></a>.
+gives more details about the failure, similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/mbrtowc.html"><code>mbrtowc</code></a>.
 </p></dd></dl>
 
+<hr size="6">
+<a name="Creating-Unicode-strings"></a>
+<a name="SEC15"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC15">4.3.2 Creating Unicode strings one character at a time</a> </h3>
+
 <p>The following function stores a Unicode character as a Unicode string in
 memory.
 </p>
@@ -235,44 +268,48 @@ memory.
 length.  Returns -1 upon failure, -2 if the number of available units, <var>n</var>,
 is too small.  The latter case cannot occur if <var>n</var> &gt;= 6/2/1, respectively.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wctomb.html"><code>wctomb</code></a>, except that it operates on a
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wctomb.html"><code>wctomb</code></a>, except that it operates on a
 Unicode strings, <var>s</var> must not be NULL, and the argument <var>n</var> must be
 specified.
 </p></dd></dl>
 
-<a name="IDX44"></a>
+<hr size="6">
+<a name="Copying-Unicode-strings"></a>
+<a name="SEC16"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC16">4.3.3 Copying Unicode strings</a> </h3>
+
 <p>The following functions copy Unicode strings in memory.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_cpy</b><i> (uint8_t *<var>dest</var>, const uint8_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX45"></a>
+<a name="IDX44"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_cpy</b><i> (uint16_t *<var>dest</var>, const uint16_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX46"></a>
+<a name="IDX45"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_cpy</b><i> (uint32_t *<var>dest</var>, const uint32_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX47"></a>
+<a name="IDX46"></a>
 </dt>
 <dd><p>Copies <var>n</var> units from <var>src</var> to <var>dest</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/memcpy.html"><code>memcpy</code></a>, except that it operates on
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/memcpy.html"><code>memcpy</code></a>, except that it operates on
 Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_move</b><i> (uint8_t *<var>dest</var>, const uint8_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX48"></a>
+<a name="IDX47"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_move</b><i> (uint16_t *<var>dest</var>, const uint16_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX49"></a>
+<a name="IDX48"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_move</b><i> (uint32_t *<var>dest</var>, const uint32_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX50"></a>
+<a name="IDX49"></a>
 </dt>
 <dd><p>Copies <var>n</var> units from <var>src</var> to <var>dest</var>, guaranteeing correct
 behavior for overlapping memory areas.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/memmove.html"><code>memmove</code></a>, except that it operates on
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/memmove.html"><code>memmove</code></a>, except that it operates on
 Unicode strings.
 </p></dd></dl>
 
@@ -280,40 +317,44 @@ Unicode strings.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_set</b><i> (uint8_t *<var>s</var>, ucs4_t <var>uc</var>, size_t <var>n</var>)</i>
-<a name="IDX51"></a>
+<a name="IDX50"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_set</b><i> (uint16_t *<var>s</var>, ucs4_t <var>uc</var>, size_t <var>n</var>)</i>
-<a name="IDX52"></a>
+<a name="IDX51"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_set</b><i> (uint32_t *<var>s</var>, ucs4_t <var>uc</var>, size_t <var>n</var>)</i>
-<a name="IDX53"></a>
+<a name="IDX52"></a>
 </dt>
 <dd><p>Sets the first <var>n</var> characters of <var>s</var> to <var>uc</var>.  <var>uc</var> should be
 a character that occupies only 1 unit.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/memset.html"><code>memset</code></a>, except that it operates on
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/memset.html"><code>memset</code></a>, except that it operates on
 Unicode strings.
 </p></dd></dl>
 
-<a name="IDX54"></a>
+<hr size="6">
+<a name="Comparing-Unicode-strings"></a>
+<a name="SEC17"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC17">4.3.4 Comparing Unicode strings</a> </h3>
+
 <p>The following function compares two Unicode strings of the same length.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_cmp</b><i> (const uint8_t *<var>s1</var>, const uint8_t *<var>s2</var>, size_t <var>n</var>)</i>
-<a name="IDX55"></a>
+<a name="IDX53"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_cmp</b><i> (const uint16_t *<var>s1</var>, const uint16_t *<var>s2</var>, size_t <var>n</var>)</i>
-<a name="IDX56"></a>
+<a name="IDX54"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_cmp</b><i> (const uint32_t *<var>s1</var>, const uint32_t *<var>s2</var>, size_t <var>n</var>)</i>
-<a name="IDX57"></a>
+<a name="IDX55"></a>
 </dt>
 <dd><p>Compares <var>s1</var> and <var>s2</var>, each of length <var>n</var>, lexicographically.
 Returns a negative value if <var>s1</var> compares smaller than <var>s2</var>,
 a positive value if <var>s1</var> compares larger than <var>s2</var>, or 0 if
 they compare equal.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/memcmp.html"><code>memcmp</code></a>, except that it operates on
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/memcmp.html"><code>memcmp</code></a>, except that it operates on
 Unicode strings.
 </p></dd></dl>
 
@@ -322,13 +363,13 @@ lengths.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_cmp2</b><i> (const uint8_t *<var>s1</var>, size_t <var>n1</var>, const uint8_t *<var>s2</var>, size_t <var>n2</var>)</i>
-<a name="IDX58"></a>
+<a name="IDX56"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_cmp2</b><i> (const uint16_t *<var>s1</var>, size_t <var>n1</var>, const uint16_t *<var>s2</var>, size_t <var>n2</var>)</i>
-<a name="IDX59"></a>
+<a name="IDX57"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_cmp2</b><i> (const uint32_t *<var>s1</var>, size_t <var>n1</var>, const uint32_t *<var>s2</var>, size_t <var>n2</var>)</i>
-<a name="IDX60"></a>
+<a name="IDX58"></a>
 </dt>
 <dd><p>Compares <var>s1</var> and <var>s2</var>, lexicographically.
 Returns a negative value if <var>s1</var> compares smaller than <var>s2</var>,
@@ -339,39 +380,47 @@ they compare equal.
 operates on Unicode strings.
 </p></dd></dl>
 
-<a name="IDX61"></a>
+<hr size="6">
+<a name="Searching-for-a-character"></a>
+<a name="SEC18"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC18">4.3.5 Searching for a character in a Unicode string</a> </h3>
+
 <p>The following function searches for a given Unicode character.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_chr</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX62"></a>
+<a name="IDX59"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_chr</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX63"></a>
+<a name="IDX60"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_chr</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX64"></a>
+<a name="IDX61"></a>
 </dt>
 <dd><p>Searches the string at <var>s</var> for <var>uc</var>.  Returns a pointer to the first
 occurrence of <var>uc</var> in <var>s</var>, or NULL if <var>uc</var> does not occur in
 <var>s</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/memchr.html"><code>memchr</code></a>, except that it operates on
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/memchr.html"><code>memchr</code></a>, except that it operates on
 Unicode strings.
 </p></dd></dl>
 
-<a name="IDX65"></a>
+<hr size="6">
+<a name="Counting-characters"></a>
+<a name="SEC19"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC19">4.3.6 Counting the characters in a Unicode string</a> </h3>
+
 <p>The following function counts the number of Unicode characters.
 </p>
 <dl>
 <dt><u>Function:</u> size_t <b>u8_mbsnlen</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX66"></a>
+<a name="IDX62"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u16_mbsnlen</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX67"></a>
+<a name="IDX63"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u32_mbsnlen</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX68"></a>
+<a name="IDX64"></a>
 </dt>
 <dd><p>Counts and returns the number of Unicode characters in the <var>n</var> units
 from <var>s</var>.
@@ -382,56 +431,62 @@ it operates on Unicode strings.
 
 <hr size="6">
 <a name="Elementary-string-functions-with-memory-allocation"></a>
-<a name="SEC15"></a>
-<h2 class="section"> <a href="libunistring.html#TOC15">4.4 Elementary string functions with memory allocation</a> </h2>
+<a name="SEC20"></a>
+<h2 class="section"> <a href="libunistring.html#TOC20">4.4 Elementary string functions with memory allocation</a> </h2>
 
 <p>The following function copies a Unicode string.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_cpy_alloc</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX69"></a>
+<a name="IDX65"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_cpy_alloc</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX70"></a>
+<a name="IDX66"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_cpy_alloc</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>)</i>
-<a name="IDX71"></a>
+<a name="IDX67"></a>
 </dt>
 <dd><p>Makes a freshly allocated copy of <var>s</var>, of length <var>n</var>.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Elementary-string-functions-on-NUL-terminated-strings"></a>
-<a name="SEC16"></a>
-<h2 class="section"> <a href="libunistring.html#TOC16">4.5 Elementary string functions on NUL terminated strings</a> </h2>
+<a name="SEC21"></a>
+<h2 class="section"> <a href="libunistring.html#TOC21">4.5 Elementary string functions on NUL terminated strings</a> </h2>
+
+
+<hr size="6">
+<a name="Iterating-over-a-NUL-terminated-Unicode-string"></a>
+<a name="SEC22"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC22">4.5.1 Iterating over a NUL terminated Unicode string</a> </h3>
 
 <p>The following functions inspect and return details about the first character
 in a Unicode string.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_strmblen</b><i> (const uint8_t *<var>s</var>)</i>
-<a name="IDX72"></a>
+<a name="IDX68"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_strmblen</b><i> (const uint16_t *<var>s</var>)</i>
-<a name="IDX73"></a>
+<a name="IDX69"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_strmblen</b><i> (const uint32_t *<var>s</var>)</i>
-<a name="IDX74"></a>
+<a name="IDX70"></a>
 </dt>
 <dd><p>Returns the length (number of units) of the first character in <var>s</var>.
 Returns 0 if it is the NUL character.  Returns -1 upon failure.
 </p></dd></dl>
 
-<a name="IDX75"></a>
+<a name="IDX71"></a>
 <dl>
 <dt><u>Function:</u> int <b>u8_strmbtouc</b><i> (ucs4_t *<var>puc</var>, const uint8_t *<var>s</var>)</i>
-<a name="IDX76"></a>
+<a name="IDX72"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_strmbtouc</b><i> (ucs4_t *<var>puc</var>, const uint16_t *<var>s</var>)</i>
-<a name="IDX77"></a>
+<a name="IDX73"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_strmbtouc</b><i> (ucs4_t *<var>puc</var>, const uint32_t *<var>s</var>)</i>
-<a name="IDX78"></a>
+<a name="IDX74"></a>
 </dt>
 <dd><p>Returns the length (number of units) of the first character in <var>s</var>,
 putting its <code>ucs4_t</code> representation in <code>*<var>puc</var></code>.  Returns 0
@@ -440,13 +495,13 @@ if it is the NUL character.  Returns -1 upon failure.
 
 <dl>
 <dt><u>Function:</u> const uint8_t * <b>u8_next</b><i> (ucs4_t *<var>puc</var>, const uint8_t *<var>s</var>)</i>
-<a name="IDX79"></a>
+<a name="IDX75"></a>
 </dt>
 <dt><u>Function:</u> const uint16_t * <b>u16_next</b><i> (ucs4_t *<var>puc</var>, const uint16_t *<var>s</var>)</i>
-<a name="IDX80"></a>
+<a name="IDX76"></a>
 </dt>
 <dt><u>Function:</u> const uint32_t * <b>u32_next</b><i> (ucs4_t *<var>puc</var>, const uint32_t *<var>s</var>)</i>
-<a name="IDX81"></a>
+<a name="IDX77"></a>
 </dt>
 <dd><p>Forward iteration step.  Advances the pointer past the next character,
 or returns NULL if the end of the string has been reached.  Puts the
@@ -458,13 +513,13 @@ character in a Unicode string.
 </p>
 <dl>
 <dt><u>Function:</u> const uint8_t * <b>u8_prev</b><i> (ucs4_t *<var>puc</var>, const uint8_t *<var>s</var>, const uint8_t *<var>start</var>)</i>
-<a name="IDX82"></a>
+<a name="IDX78"></a>
 </dt>
 <dt><u>Function:</u> const uint16_t * <b>u16_prev</b><i> (ucs4_t *<var>puc</var>, const uint16_t *<var>s</var>, const uint16_t *<var>start</var>)</i>
-<a name="IDX83"></a>
+<a name="IDX79"></a>
 </dt>
 <dt><u>Function:</u> const uint32_t * <b>u32_prev</b><i> (ucs4_t *<var>puc</var>, const uint32_t *<var>s</var>, const uint32_t *<var>start</var>)</i>
-<a name="IDX84"></a>
+<a name="IDX80"></a>
 </dt>
 <dd><p>Backward iteration step.  Advances the pointer to point to the previous
 character (the one that ends at <code><var>s</var></code>), or returns NULL if the
@@ -473,101 +528,110 @@ Puts the character's <code>ucs4_t</code> representation in <code>*<var>puc</var>
 Note that this function works only on well-formed Unicode strings.
 </p></dd></dl>
 
+<hr size="6">
+<a name="Length"></a>
+<a name="SEC23"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC23">4.5.2 Length of a NUL terminated Unicode string</a> </h3>
+
 <p>The following functions determine the length of a Unicode string.
 </p>
 <dl>
 <dt><u>Function:</u> size_t <b>u8_strlen</b><i> (const uint8_t *<var>s</var>)</i>
-<a name="IDX85"></a>
+<a name="IDX81"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u16_strlen</b><i> (const uint16_t *<var>s</var>)</i>
-<a name="IDX86"></a>
+<a name="IDX82"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u32_strlen</b><i> (const uint32_t *<var>s</var>)</i>
-<a name="IDX87"></a>
+<a name="IDX83"></a>
 </dt>
 <dd><p>Returns the number of units in <var>s</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strlen.html"><code>strlen</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcslen.html"><code>wcslen</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strlen.html"><code>strlen</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcslen.html"><code>wcslen</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> size_t <b>u8_strnlen</b><i> (const uint8_t *<var>s</var>, size_t <var>maxlen</var>)</i>
-<a name="IDX88"></a>
+<a name="IDX84"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u16_strnlen</b><i> (const uint16_t *<var>s</var>, size_t <var>maxlen</var>)</i>
-<a name="IDX89"></a>
+<a name="IDX85"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u32_strnlen</b><i> (const uint32_t *<var>s</var>, size_t <var>maxlen</var>)</i>
-<a name="IDX90"></a>
+<a name="IDX86"></a>
 </dt>
 <dd><p>Returns the number of units in <var>s</var>, but at most <var>maxlen</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strnlen.html"><code>strnlen</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcsnlen.html"><code>wcsnlen</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strnlen.html"><code>strnlen</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcsnlen.html"><code>wcsnlen</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
-<a name="IDX91"></a>
+<hr size="6">
+<a name="Copying-a-NUL-terminated-Unicode-string"></a>
+<a name="SEC24"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC24">4.5.3 Copying a NUL terminated Unicode string</a> </h3>
+
 <p>The following functions copy portions of Unicode strings in memory.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strcpy</b><i> (uint8_t *<var>dest</var>, const uint8_t *<var>src</var>)</i>
-<a name="IDX92"></a>
+<a name="IDX87"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strcpy</b><i> (uint16_t *<var>dest</var>, const uint16_t *<var>src</var>)</i>
-<a name="IDX93"></a>
+<a name="IDX88"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strcpy</b><i> (uint32_t *<var>dest</var>, const uint32_t *<var>src</var>)</i>
-<a name="IDX94"></a>
+<a name="IDX89"></a>
 </dt>
 <dd><p>Copies <var>src</var> to <var>dest</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcpy.html"><code>strcpy</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcscpy.html"><code>wcscpy</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcpy.html"><code>strcpy</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcscpy.html"><code>wcscpy</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_stpcpy</b><i> (uint8_t *<var>dest</var>, const uint8_t *<var>src</var>)</i>
-<a name="IDX95"></a>
+<a name="IDX90"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_stpcpy</b><i> (uint16_t *<var>dest</var>, const uint16_t *<var>src</var>)</i>
-<a name="IDX96"></a>
+<a name="IDX91"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_stpcpy</b><i> (uint32_t *<var>dest</var>, const uint32_t *<var>src</var>)</i>
-<a name="IDX97"></a>
+<a name="IDX92"></a>
 </dt>
 <dd><p>Copies <var>src</var> to <var>dest</var>, returning the address of the terminating NUL
 in <var>dest</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/stpcpy.html"><code>stpcpy</code></a>, except that it operates on
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/stpcpy.html"><code>stpcpy</code></a>, except that it operates on
 Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strncpy</b><i> (uint8_t *<var>dest</var>, const uint8_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX98"></a>
+<a name="IDX93"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strncpy</b><i> (uint16_t *<var>dest</var>, const uint16_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX99"></a>
+<a name="IDX94"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strncpy</b><i> (uint32_t *<var>dest</var>, const uint32_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX100"></a>
+<a name="IDX95"></a>
 </dt>
 <dd><p>Copies no more than <var>n</var> units of <var>src</var> to <var>dest</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strncpy.html"><code>strncpy</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcsncpy.html"><code>wcsncpy</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strncpy.html"><code>strncpy</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcsncpy.html"><code>wcsncpy</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_stpncpy</b><i> (uint8_t *<var>dest</var>, const uint8_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX101"></a>
+<a name="IDX96"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_stpncpy</b><i> (uint16_t *<var>dest</var>, const uint16_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX102"></a>
+<a name="IDX97"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_stpncpy</b><i> (uint32_t *<var>dest</var>, const uint32_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX103"></a>
+<a name="IDX98"></a>
 </dt>
 <dd><p>Copies no more than <var>n</var> units of <var>src</var> to <var>dest</var>.  Returns a
 pointer past the last non-NUL unit written into <var>dest</var>.  In other words,
@@ -575,155 +639,167 @@ if the units written into <var>dest</var> include a NUL, the return value is the
 address of the first such NUL unit, otherwise it is
 <code><var>dest</var> + <var>n</var></code>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/stpncpy.html"><code>stpncpy</code></a>, except that it operates on
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/stpncpy.html"><code>stpncpy</code></a>, except that it operates on
 Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strcat</b><i> (uint8_t *<var>dest</var>, const uint8_t *<var>src</var>)</i>
-<a name="IDX104"></a>
+<a name="IDX99"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strcat</b><i> (uint16_t *<var>dest</var>, const uint16_t *<var>src</var>)</i>
-<a name="IDX105"></a>
+<a name="IDX100"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strcat</b><i> (uint32_t *<var>dest</var>, const uint32_t *<var>src</var>)</i>
-<a name="IDX106"></a>
+<a name="IDX101"></a>
 </dt>
 <dd><p>Appends <var>src</var> onto <var>dest</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcat.html"><code>strcat</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcscat.html"><code>wcscat</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcat.html"><code>strcat</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcscat.html"><code>wcscat</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strncat</b><i> (uint8_t *<var>dest</var>, const uint8_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX107"></a>
+<a name="IDX102"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strncat</b><i> (uint16_t *<var>dest</var>, const uint16_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX108"></a>
+<a name="IDX103"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strncat</b><i> (uint32_t *<var>dest</var>, const uint32_t *<var>src</var>, size_t <var>n</var>)</i>
-<a name="IDX109"></a>
+<a name="IDX104"></a>
 </dt>
 <dd><p>Appends no more than <var>n</var> units of <var>src</var> onto <var>dest</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strncat.html"><code>strncat</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcsncat.html"><code>wcsncat</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strncat.html"><code>strncat</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcsncat.html"><code>wcsncat</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
-<a name="IDX110"></a>
+<hr size="6">
+<a name="Comparing-NUL-terminated-Unicode-strings"></a>
+<a name="SEC25"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC25">4.5.4 Comparing NUL terminated Unicode strings</a> </h3>
+
 <p>The following functions compare two Unicode strings.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_strcmp</b><i> (const uint8_t *<var>s1</var>, const uint8_t *<var>s2</var>)</i>
-<a name="IDX111"></a>
+<a name="IDX105"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_strcmp</b><i> (const uint16_t *<var>s1</var>, const uint16_t *<var>s2</var>)</i>
-<a name="IDX112"></a>
+<a name="IDX106"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_strcmp</b><i> (const uint32_t *<var>s1</var>, const uint32_t *<var>s2</var>)</i>
-<a name="IDX113"></a>
+<a name="IDX107"></a>
 </dt>
 <dd><p>Compares <var>s1</var> and <var>s2</var>, lexicographically.
 Returns a negative value if <var>s1</var> compares smaller than <var>s2</var>,
 a positive value if <var>s1</var> compares larger than <var>s2</var>, or 0 if
 they compare equal.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcmp.html"><code>strcmp</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcscmp.html"><code>wcscmp</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcmp.html"><code>strcmp</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcscmp.html"><code>wcscmp</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
-<a name="IDX114"></a>
+<a name="IDX108"></a>
 <dl>
 <dt><u>Function:</u> int <b>u8_strcoll</b><i> (const uint8_t *<var>s1</var>, const uint8_t *<var>s2</var>)</i>
-<a name="IDX115"></a>
+<a name="IDX109"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_strcoll</b><i> (const uint16_t *<var>s1</var>, const uint16_t *<var>s2</var>)</i>
-<a name="IDX116"></a>
+<a name="IDX110"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_strcoll</b><i> (const uint32_t *<var>s1</var>, const uint32_t *<var>s2</var>)</i>
-<a name="IDX117"></a>
+<a name="IDX111"></a>
 </dt>
 <dd><p>Compares <var>s1</var> and <var>s2</var> using the collation rules of the current
 locale.
 Returns -1 if <var>s1</var> &lt; <var>s2</var>, 0 if <var>s1</var> = <var>s2</var>, 1 if
 <var>s1</var> &gt; <var>s2</var>.  Upon failure, sets <code>errno</code> and returns any value.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcoll.html"><code>strcoll</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcscoll.html"><code>wcscoll</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcoll.html"><code>strcoll</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcscoll.html"><code>wcscoll</code></a>, except
 that it operates on Unicode strings.
 </p>
 <p>Note that this function may consider different canonical normalizations
 of the same string as having a large distance.  It is therefore better to
-use the function <code>u8_normcoll</code> instead of this one; see <a href="libunistring_13.html#SEC48">Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a>.
+use the function <code>u8_normcoll</code> instead of this one; see <a href="libunistring_13.html#SEC61">Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> int <b>u8_strncmp</b><i> (const uint8_t *<var>s1</var>, const uint8_t *<var>s2</var>, size_t <var>n</var>)</i>
-<a name="IDX118"></a>
+<a name="IDX112"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_strncmp</b><i> (const uint16_t *<var>s1</var>, const uint16_t *<var>s2</var>, size_t <var>n</var>)</i>
-<a name="IDX119"></a>
+<a name="IDX113"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_strncmp</b><i> (const uint32_t *<var>s1</var>, const uint32_t *<var>s2</var>, size_t <var>n</var>)</i>
-<a name="IDX120"></a>
+<a name="IDX114"></a>
 </dt>
 <dd><p>Compares no more than <var>n</var> units of <var>s1</var> and <var>s2</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strncmp.html"><code>strncmp</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcsncmp.html"><code>wcsncmp</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strncmp.html"><code>strncmp</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcsncmp.html"><code>wcsncmp</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
-<a name="IDX121"></a>
+<hr size="6">
+<a name="Duplicating-a-NUL-terminated-Unicode-string"></a>
+<a name="SEC26"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC26">4.5.5 Duplicating a NUL terminated Unicode string</a> </h3>
+
 <p>The following function allocates a duplicate of a Unicode string.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strdup</b><i> (const uint8_t *<var>s</var>)</i>
-<a name="IDX122"></a>
+<a name="IDX115"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strdup</b><i> (const uint16_t *<var>s</var>)</i>
-<a name="IDX123"></a>
+<a name="IDX116"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strdup</b><i> (const uint32_t *<var>s</var>)</i>
-<a name="IDX124"></a>
+<a name="IDX117"></a>
 </dt>
 <dd><p>Duplicates <var>s</var>, returning an identical malloc'd string.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strdup.html"><code>strdup</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcsdup.html"><code>wcsdup</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strdup.html"><code>strdup</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcsdup.html"><code>wcsdup</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
-<a name="IDX125"></a>
+<hr size="6">
+<a name="Searching-for-a-character-in-a-NUL-terminated-Unicode-string"></a>
+<a name="SEC27"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a> </h3>
+
 <p>The following functions search for a given Unicode character.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strchr</b><i> (const uint8_t *<var>str</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX126"></a>
+<a name="IDX118"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strchr</b><i> (const uint16_t *<var>str</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX127"></a>
+<a name="IDX119"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strchr</b><i> (const uint32_t *<var>str</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX128"></a>
+<a name="IDX120"></a>
 </dt>
 <dd><p>Finds the first occurrence of <var>uc</var> in <var>str</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strchr.html"><code>strchr</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcschr.html"><code>wcschr</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strchr.html"><code>strchr</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcschr.html"><code>wcschr</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strrchr</b><i> (const uint8_t *<var>str</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX129"></a>
+<a name="IDX121"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strrchr</b><i> (const uint16_t *<var>str</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX130"></a>
+<a name="IDX122"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strrchr</b><i> (const uint32_t *<var>str</var>, ucs4_t <var>uc</var>)</i>
-<a name="IDX131"></a>
+<a name="IDX123"></a>
 </dt>
 <dd><p>Finds the last occurrence of <var>uc</var> in <var>str</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strrchr.html"><code>strrchr</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcsrchr.html"><code>wcsrchr</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strrchr.html"><code>strrchr</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcsrchr.html"><code>wcsrchr</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
@@ -732,122 +808,131 @@ character in or outside a given set of Unicode characters.
 </p>
 <dl>
 <dt><u>Function:</u> size_t <b>u8_strcspn</b><i> (const uint8_t *<var>str</var>, const uint8_t *<var>reject</var>)</i>
-<a name="IDX132"></a>
+<a name="IDX124"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u16_strcspn</b><i> (const uint16_t *<var>str</var>, const uint16_t *<var>reject</var>)</i>
-<a name="IDX133"></a>
+<a name="IDX125"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u32_strcspn</b><i> (const uint32_t *<var>str</var>, const uint32_t *<var>reject</var>)</i>
-<a name="IDX134"></a>
+<a name="IDX126"></a>
 </dt>
 <dd><p>Returns the length of the initial segment of <var>str</var> which consists entirely
 of Unicode characters not in <var>reject</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strcspn.html"><code>strcspn</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcscspn.html"><code>wcscspn</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strcspn.html"><code>strcspn</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcscspn.html"><code>wcscspn</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> size_t <b>u8_strspn</b><i> (const uint8_t *<var>str</var>, const uint8_t *<var>accept</var>)</i>
-<a name="IDX135"></a>
+<a name="IDX127"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u16_strspn</b><i> (const uint16_t *<var>str</var>, const uint16_t *<var>accept</var>)</i>
-<a name="IDX136"></a>
+<a name="IDX128"></a>
 </dt>
 <dt><u>Function:</u> size_t <b>u32_strspn</b><i> (const uint32_t *<var>str</var>, const uint32_t *<var>accept</var>)</i>
-<a name="IDX137"></a>
+<a name="IDX129"></a>
 </dt>
 <dd><p>Returns the length of the initial segment of <var>str</var> which consists entirely
 of Unicode characters in <var>accept</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strspn.html"><code>strspn</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcsspn.html"><code>wcsspn</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strspn.html"><code>strspn</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcsspn.html"><code>wcsspn</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strpbrk</b><i> (const uint8_t *<var>str</var>, const uint8_t *<var>accept</var>)</i>
-<a name="IDX138"></a>
+<a name="IDX130"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strpbrk</b><i> (const uint16_t *<var>str</var>, const uint16_t *<var>accept</var>)</i>
-<a name="IDX139"></a>
+<a name="IDX131"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strpbrk</b><i> (const uint32_t *<var>str</var>, const uint32_t *<var>accept</var>)</i>
-<a name="IDX140"></a>
+<a name="IDX132"></a>
 </dt>
 <dd><p>Finds the first occurrence in <var>str</var> of any character in <var>accept</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strpbrk.html"><code>strpbrk</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcspbrk.html"><code>wcspbrk</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strpbrk.html"><code>strpbrk</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcspbrk.html"><code>wcspbrk</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
-<a name="IDX141"></a>
+<hr size="6">
+<a name="Searching-for-a-substring"></a>
+<a name="SEC28"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a> </h3>
+
 <p>The following functions search whether a given Unicode string is a substring
 of another Unicode string.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strstr</b><i> (const uint8_t *<var>haystack</var>, const uint8_t *<var>needle</var>)</i>
-<a name="IDX142"></a>
+<a name="IDX133"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strstr</b><i> (const uint16_t *<var>haystack</var>, const uint16_t *<var>needle</var>)</i>
-<a name="IDX143"></a>
+<a name="IDX134"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strstr</b><i> (const uint32_t *<var>haystack</var>, const uint32_t *<var>needle</var>)</i>
-<a name="IDX144"></a>
+<a name="IDX135"></a>
 </dt>
 <dd><p>Finds the first occurrence of <var>needle</var> in <var>haystack</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strstr.html"><code>strstr</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcsstr.html"><code>wcsstr</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strstr.html"><code>strstr</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcsstr.html"><code>wcsstr</code></a>, except
 that it operates on Unicode strings.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>u8_startswith</b><i> (const uint8_t *<var>str</var>, const uint8_t *<var>prefix</var>)</i>
-<a name="IDX145"></a>
+<a name="IDX136"></a>
 </dt>
 <dt><u>Function:</u> bool <b>u16_startswith</b><i> (const uint16_t *<var>str</var>, const uint16_t *<var>prefix</var>)</i>
-<a name="IDX146"></a>
+<a name="IDX137"></a>
 </dt>
 <dt><u>Function:</u> bool <b>u32_startswith</b><i> (const uint32_t *<var>str</var>, const uint32_t *<var>prefix</var>)</i>
-<a name="IDX147"></a>
+<a name="IDX138"></a>
 </dt>
 <dd><p>Tests whether <var>str</var> starts with <var>prefix</var>.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>u8_endswith</b><i> (const uint8_t *<var>str</var>, const uint8_t *<var>suffix</var>)</i>
-<a name="IDX148"></a>
+<a name="IDX139"></a>
 </dt>
 <dt><u>Function:</u> bool <b>u16_endswith</b><i> (const uint16_t *<var>str</var>, const uint16_t *<var>suffix</var>)</i>
-<a name="IDX149"></a>
+<a name="IDX140"></a>
 </dt>
 <dt><u>Function:</u> bool <b>u32_endswith</b><i> (const uint32_t *<var>str</var>, const uint32_t *<var>suffix</var>)</i>
-<a name="IDX150"></a>
+<a name="IDX141"></a>
 </dt>
 <dd><p>Tests whether <var>str</var> ends with <var>suffix</var>.
 </p></dd></dl>
 
+<hr size="6">
+<a name="Tokenizing"></a>
+<a name="SEC29"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC29">4.5.8 Tokenizing a NUL terminated Unicode string</a> </h3>
+
 <p>The following function does one step in tokenizing a Unicode string.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strtok</b><i> (uint8_t *<var>str</var>, const uint8_t *<var>delim</var>, uint8_t **<var>ptr</var>)</i>
-<a name="IDX151"></a>
+<a name="IDX142"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strtok</b><i> (uint16_t *<var>str</var>, const uint16_t *<var>delim</var>, uint16_t **<var>ptr</var>)</i>
-<a name="IDX152"></a>
+<a name="IDX143"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strtok</b><i> (uint32_t *<var>str</var>, const uint32_t *<var>delim</var>, uint32_t **<var>ptr</var>)</i>
-<a name="IDX153"></a>
+<a name="IDX144"></a>
 </dt>
 <dd><p>Divides <var>str</var> into tokens separated by characters in <var>delim</var>.
 </p>
-<p>This function is similar to <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/strtok_r.html"><code>strtok_r</code></a> and <a href="http://www.opengroup.org/onlinepubs/9699919799/functions/wcstok.html"><code>wcstok</code></a>, except
+<p>This function is similar to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/strtok_r.html"><code>strtok_r</code></a> and <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wcstok.html"><code>wcstok</code></a>, except
 that it operates on Unicode strings.  Its interface is actually more similar to
 <code>wcstok</code> than to <code>strtok</code>.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="#SEC11" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_5.html#SEC17" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="#SEC10" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_5.html#SEC30" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -855,12 +940,12 @@ that it operates on Unicode strings.  Its interface is actually more similar to
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_5.html b/msys2/usr/share/doc/libunistring/libunistring_5.html
index 932b57db5..ef65c7e66 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_5.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_5.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_4.html#SEC11" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_6.html#SEC18" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_4.html#SEC10" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_6.html#SEC31" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,24 +51,24 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="uniconv_002eh"></a>
-<a name="SEC17"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a> </h1>
+<a name="SEC30"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a> </h1>
 
 <p>This include file declares functions for converting between Unicode strings
 and <code>char *</code> strings in locale encoding or in other specified encodings.
 </p>
-<a name="IDX154"></a>
+<a name="IDX145"></a>
 <p>The following function returns the locale encoding.
 </p>
 <dl>
 <dt><u>Function:</u> const char * <b>locale_charset</b><i> ()</i>
-<a name="IDX155"></a>
+<a name="IDX146"></a>
 </dt>
 <dd><p>Determines the current locale's character encoding, and canonicalizes it
 into one of the canonical names listed in &lsquo;<tt>config.charset</tt>&rsquo;.
@@ -88,14 +88,14 @@ parametrized through the following enumeration type:
 </p>
 <dl>
 <dt><u>Type:</u> <b>enum iconv_ilseq_handler</b>
-<a name="IDX156"></a>
+<a name="IDX147"></a>
 </dt>
 <dd><p>This type specifies how unconvertible characters in the input are handled.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> enum iconv_ilseq_handler <b>iconveh_error</b>
-<a name="IDX157"></a>
+<a name="IDX148"></a>
 </dt>
 <dd><p>This handler causes the function to return with <code>errno</code> set to
 <code>EILSEQ</code>.
@@ -103,32 +103,32 @@ parametrized through the following enumeration type:
 
 <dl>
 <dt><u>Constant:</u> enum iconv_ilseq_handler <b>iconveh_question_mark</b>
-<a name="IDX158"></a>
+<a name="IDX149"></a>
 </dt>
 <dd><p>This handler produces one question mark &lsquo;<samp>?</samp>&rsquo; per unconvertible character.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> enum iconv_ilseq_handler <b>iconveh_escape_sequence</b>
-<a name="IDX159"></a>
+<a name="IDX150"></a>
 </dt>
 <dd><p>This handler produces an escape sequence <code>\u<var>xxxx</var></code> or
 <code>\U<var>xxxxxxxx</var></code> for each unconvertible character.
 </p></dd></dl>
 
-<a name="IDX160"></a>
+<a name="IDX151"></a>
 <p>The following functions convert between strings in a specified encoding and
 Unicode strings.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_conv_from_encoding</b><i> (const char *<var>fromcode</var>, enum iconv_ilseq_handler <var>handler</var>, const char *<var>src</var>, size_t <var>srclen</var>, size_t *<var>offsets</var>, uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX161"></a>
+<a name="IDX152"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_conv_from_encoding</b><i> (const char *<var>fromcode</var>, enum iconv_ilseq_handler <var>handler</var>, const char *<var>src</var>, size_t <var>srclen</var>, size_t *<var>offsets</var>, uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX162"></a>
+<a name="IDX153"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_conv_from_encoding</b><i> (const char *<var>fromcode</var>, enum iconv_ilseq_handler <var>handler</var>, const char *<var>src</var>, size_t <var>srclen</var>, size_t *<var>offsets</var>, uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX163"></a>
+<a name="IDX154"></a>
 </dt>
 <dd><p>Converts an entire string, possibly including NUL bytes, from one encoding
 to UTF-8 encoding.
@@ -161,13 +161,13 @@ Particular <code>errno</code> values: <code>EINVAL</code>, <code>EILSEQ</code>,
 
 <dl>
 <dt><u>Function:</u> char * <b>u8_conv_to_encoding</b><i> (const char *<var>tocode</var>, enum iconv_ilseq_handler <var>handler</var>, const uint8_t *<var>src</var>, size_t <var>srclen</var>, size_t *<var>offsets</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX164"></a>
+<a name="IDX155"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u16_conv_to_encoding</b><i> (const char *<var>tocode</var>, enum iconv_ilseq_handler <var>handler</var>, const uint16_t *<var>src</var>, size_t <var>srclen</var>, size_t *<var>offsets</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX165"></a>
+<a name="IDX156"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u32_conv_to_encoding</b><i> (const char *<var>tocode</var>, enum iconv_ilseq_handler <var>handler</var>, const uint32_t *<var>src</var>, size_t <var>srclen</var>, size_t *<var>offsets</var>, char *<var>resultbuf</var>, size_t *<var>lengthp</var>)</i>
-<a name="IDX166"></a>
+<a name="IDX157"></a>
 </dt>
 <dd><p>Converts an entire Unicode string, possibly including NUL units, from UTF-8
 encoding to a given encoding.
@@ -203,13 +203,13 @@ encoding and NUL terminated Unicode strings.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strconv_from_encoding</b><i> (const char *<var>string</var>, const char *<var>fromcode</var>, enum iconv_ilseq_handler <var>handler</var>)</i>
-<a name="IDX167"></a>
+<a name="IDX158"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strconv_from_encoding</b><i> (const char *<var>string</var>, const char *<var>fromcode</var>, enum iconv_ilseq_handler <var>handler</var>)</i>
-<a name="IDX168"></a>
+<a name="IDX159"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strconv_from_encoding</b><i> (const char *<var>string</var>, const char *<var>fromcode</var>, enum iconv_ilseq_handler <var>handler</var>)</i>
-<a name="IDX169"></a>
+<a name="IDX160"></a>
 </dt>
 <dd><p>Converts a NUL terminated string from a given encoding.
 </p>
@@ -220,13 +220,13 @@ encoding and NUL terminated Unicode strings.
 
 <dl>
 <dt><u>Function:</u> char * <b>u8_strconv_to_encoding</b><i> (const uint8_t *<var>string</var>, const char *<var>tocode</var>, enum iconv_ilseq_handler <var>handler</var>)</i>
-<a name="IDX170"></a>
+<a name="IDX161"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u16_strconv_to_encoding</b><i> (const uint16_t *<var>string</var>, const char *<var>tocode</var>, enum iconv_ilseq_handler <var>handler</var>)</i>
-<a name="IDX171"></a>
+<a name="IDX162"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u32_strconv_to_encoding</b><i> (const uint32_t *<var>string</var>, const char *<var>tocode</var>, enum iconv_ilseq_handler <var>handler</var>)</i>
-<a name="IDX172"></a>
+<a name="IDX163"></a>
 </dt>
 <dd><p>Converts a NUL terminated string to a given encoding.
 </p>
@@ -240,13 +240,13 @@ strings in locale encoding and NUL terminated Unicode strings.
 </p>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_strconv_from_locale</b><i> (const char *<var>string</var>)</i>
-<a name="IDX173"></a>
+<a name="IDX164"></a>
 </dt>
 <dt><u>Function:</u> uint16_t * <b>u16_strconv_from_locale</b><i> (const char *<var>string</var>)</i>
-<a name="IDX174"></a>
+<a name="IDX165"></a>
 </dt>
 <dt><u>Function:</u> uint32_t * <b>u32_strconv_from_locale</b><i> (const char *<var>string</var>)</i>
-<a name="IDX175"></a>
+<a name="IDX166"></a>
 </dt>
 <dd><p>Converts a NUL terminated string from the locale encoding.
 </p>
@@ -257,13 +257,13 @@ strings in locale encoding and NUL terminated Unicode strings.
 
 <dl>
 <dt><u>Function:</u> char * <b>u8_strconv_to_locale</b><i> (const uint8_t *<var>string</var>)</i>
-<a name="IDX176"></a>
+<a name="IDX167"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u16_strconv_to_locale</b><i> (const uint16_t *<var>string</var>)</i>
-<a name="IDX177"></a>
+<a name="IDX168"></a>
 </dt>
 <dt><u>Function:</u> char * <b>u32_strconv_to_locale</b><i> (const uint32_t *<var>string</var>)</i>
-<a name="IDX178"></a>
+<a name="IDX169"></a>
 </dt>
 <dd><p>Converts a NUL terminated string to the locale encoding.
 </p>
@@ -273,8 +273,8 @@ strings in locale encoding and NUL terminated Unicode strings.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_4.html#SEC11" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_6.html#SEC18" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_4.html#SEC10" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_6.html#SEC31" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -282,12 +282,12 @@ strings in locale encoding and NUL terminated Unicode strings.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_6.html b/msys2/usr/share/doc/libunistring/libunistring_6.html
index f4ed70a89..2868ca4ed 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_6.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_6.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_5.html#SEC17" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_7.html#SEC19" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_5.html#SEC30" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_7.html#SEC32" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="unistdio_002eh"></a>
-<a name="SEC18"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a> </h1>
+<a name="SEC31"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a> </h1>
 
 <p>This include file declares functions for doing formatted output with Unicode
 strings.  It defines a set of functions similar to <code>fprintf</code> and
@@ -66,7 +66,7 @@ strings.  It defines a set of functions similar to <code>fprintf</code> and
 </p>
 <p>These functions work like the <code>printf</code> function family.
 In the format string:
-</p><ul class="toc">
+</p><ul>
 <li>
 The format directive &lsquo;<samp>U</samp>&rsquo; takes an UTF-8 string (<code>const uint8_t *</code>).
 </li><li>
@@ -103,49 +103,49 @@ is a <code>char *</code> string in locale encoding.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>ulc_sprintf</b><i> (char *<var>buf</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX179"></a>
+<a name="IDX170"></a>
 </dt>
 </dl>
 
 <dl>
 <dt><u>Function:</u> int <b>ulc_snprintf</b><i> (char *<var>buf</var>, size_t size, const char *<var>format</var>, ...)</i>
-<a name="IDX180"></a>
+<a name="IDX171"></a>
 </dt>
 </dl>
 
 <dl>
 <dt><u>Function:</u> int <b>ulc_asprintf</b><i> (char **<var>resultp</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX181"></a>
+<a name="IDX172"></a>
 </dt>
 </dl>
 
 <dl>
 <dt><u>Function:</u> char * <b>ulc_asnprintf</b><i> (char *<var>resultbuf</var>, size_t *<var>lengthp</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX182"></a>
+<a name="IDX173"></a>
 </dt>
 </dl>
 
 <dl>
 <dt><u>Function:</u> int <b>ulc_vsprintf</b><i> (char *<var>buf</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX183"></a>
+<a name="IDX174"></a>
 </dt>
 </dl>
 
 <dl>
 <dt><u>Function:</u> int <b>ulc_vsnprintf</b><i> (char *<var>buf</var>, size_t size, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX184"></a>
+<a name="IDX175"></a>
 </dt>
 </dl>
 
 <dl>
 <dt><u>Function:</u> int <b>ulc_vasprintf</b><i> (char **<var>resultp</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX185"></a>
+<a name="IDX176"></a>
 </dt>
 </dl>
 
 <dl>
 <dt><u>Function:</u> char * <b>ulc_vasnprintf</b><i> (char *<var>resultbuf</var>, size_t *<var>lengthp</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX186"></a>
+<a name="IDX177"></a>
 </dt>
 </dl>
 
@@ -154,42 +154,42 @@ UTF-8 format.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_sprintf</b><i> (uint8_t *<var>buf</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX187"></a>
+<a name="IDX178"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_snprintf</b><i> (uint8_t *<var>buf</var>, size_t <var>size</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX188"></a>
+<a name="IDX179"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_asprintf</b><i> (uint8_t **<var>resultp</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX189"></a>
+<a name="IDX180"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_asnprintf</b><i> (uint8_t *<var>resultbuf</var>, size_t *<var>lengthp</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX190"></a>
+<a name="IDX181"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_vsprintf</b><i> (uint8_t *<var>buf</var>, const char *<var>format</var>, va_list ap)</i>
-<a name="IDX191"></a>
+<a name="IDX182"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_vsnprintf</b><i> (uint8_t *<var>buf</var>, size_t <var>size</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX192"></a>
+<a name="IDX183"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_vasprintf</b><i> (uint8_t **<var>resultp</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX193"></a>
+<a name="IDX184"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_vasnprintf</b><i> (uint8_t *resultbuf, size_t *<var>lengthp</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX194"></a>
+<a name="IDX185"></a>
 </dt>
 </dl>
 
@@ -198,42 +198,42 @@ UTF-8 format.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u8_u8_sprintf</b><i> (uint8_t *<var>buf</var>, const uint8_t *<var>format</var>, ...)</i>
-<a name="IDX195"></a>
+<a name="IDX186"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_u8_snprintf</b><i> (uint8_t *<var>buf</var>, size_t <var>size</var>, const uint8_t *<var>format</var>, ...)</i>
-<a name="IDX196"></a>
+<a name="IDX187"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_u8_asprintf</b><i> (uint8_t **<var>resultp</var>, const uint8_t *<var>format</var>, ...)</i>
-<a name="IDX197"></a>
+<a name="IDX188"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_u8_asnprintf</b><i> (uint8_t *resultbuf, size_t *<var>lengthp</var>, const uint8_t *<var>format</var>, ...)</i>
-<a name="IDX198"></a>
+<a name="IDX189"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_u8_vsprintf</b><i> (uint8_t *<var>buf</var>, const uint8_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX199"></a>
+<a name="IDX190"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_u8_vsnprintf</b><i> (uint8_t *<var>buf</var>, size_t <var>size</var>, const uint8_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX200"></a>
+<a name="IDX191"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u8_u8_vasprintf</b><i> (uint8_t **<var>resultp</var>, const uint8_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX201"></a>
+<a name="IDX192"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint8_t * <b>u8_u8_vasnprintf</b><i> (uint8_t *resultbuf, size_t *<var>lengthp</var>, const uint8_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX202"></a>
+<a name="IDX193"></a>
 </dt>
 </dl>
 
@@ -242,42 +242,42 @@ UTF-16 format.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u16_sprintf</b><i> (uint16_t *<var>buf</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX203"></a>
+<a name="IDX194"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_snprintf</b><i> (uint16_t *<var>buf</var>, size_t <var>size</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX204"></a>
+<a name="IDX195"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_asprintf</b><i> (uint16_t **<var>resultp</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX205"></a>
+<a name="IDX196"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint16_t * <b>u16_asnprintf</b><i> (uint16_t *<var>resultbuf</var>, size_t *<var>lengthp</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX206"></a>
+<a name="IDX197"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_vsprintf</b><i> (uint16_t *<var>buf</var>, const char *<var>format</var>, va_list ap)</i>
-<a name="IDX207"></a>
+<a name="IDX198"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_vsnprintf</b><i> (uint16_t *<var>buf</var>, size_t <var>size</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX208"></a>
+<a name="IDX199"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_vasprintf</b><i> (uint16_t **<var>resultp</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX209"></a>
+<a name="IDX200"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint16_t * <b>u16_vasnprintf</b><i> (uint16_t *resultbuf, size_t *<var>lengthp</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX210"></a>
+<a name="IDX201"></a>
 </dt>
 </dl>
 
@@ -286,42 +286,42 @@ UTF-16 format.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u16_u16_sprintf</b><i> (uint16_t *<var>buf</var>, const uint16_t *<var>format</var>, ...)</i>
-<a name="IDX211"></a>
+<a name="IDX202"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_u16_snprintf</b><i> (uint16_t *<var>buf</var>, size_t <var>size</var>, const uint16_t *<var>format</var>, ...)</i>
-<a name="IDX212"></a>
+<a name="IDX203"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_u16_asprintf</b><i> (uint16_t **<var>resultp</var>, const uint16_t *<var>format</var>, ...)</i>
-<a name="IDX213"></a>
+<a name="IDX204"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint16_t * <b>u16_u16_asnprintf</b><i> (uint16_t *resultbuf, size_t *<var>lengthp</var>, const uint16_t *<var>format</var>, ...)</i>
-<a name="IDX214"></a>
+<a name="IDX205"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_u16_vsprintf</b><i> (uint16_t *<var>buf</var>, const uint16_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX215"></a>
+<a name="IDX206"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_u16_vsnprintf</b><i> (uint16_t *<var>buf</var>, size_t <var>size</var>, const uint16_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX216"></a>
+<a name="IDX207"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u16_u16_vasprintf</b><i> (uint16_t **<var>resultp</var>, const uint16_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX217"></a>
+<a name="IDX208"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint16_t * <b>u16_u16_vasnprintf</b><i> (uint16_t *resultbuf, size_t *<var>lengthp</var>, const uint16_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX218"></a>
+<a name="IDX209"></a>
 </dt>
 </dl>
 
@@ -330,42 +330,42 @@ UTF-32 format.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u32_sprintf</b><i> (uint32_t *<var>buf</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX219"></a>
+<a name="IDX210"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_snprintf</b><i> (uint32_t *<var>buf</var>, size_t <var>size</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX220"></a>
+<a name="IDX211"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_asprintf</b><i> (uint32_t **<var>resultp</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX221"></a>
+<a name="IDX212"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint32_t * <b>u32_asnprintf</b><i> (uint32_t *<var>resultbuf</var>, size_t *<var>lengthp</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX222"></a>
+<a name="IDX213"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_vsprintf</b><i> (uint32_t *<var>buf</var>, const char *<var>format</var>, va_list ap)</i>
-<a name="IDX223"></a>
+<a name="IDX214"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_vsnprintf</b><i> (uint32_t *<var>buf</var>, size_t <var>size</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX224"></a>
+<a name="IDX215"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_vasprintf</b><i> (uint32_t **<var>resultp</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX225"></a>
+<a name="IDX216"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint32_t * <b>u32_vasnprintf</b><i> (uint32_t *resultbuf, size_t *<var>lengthp</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX226"></a>
+<a name="IDX217"></a>
 </dt>
 </dl>
 
@@ -374,42 +374,42 @@ UTF-32 format.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>u32_u32_sprintf</b><i> (uint32_t *<var>buf</var>, const uint32_t *<var>format</var>, ...)</i>
-<a name="IDX227"></a>
+<a name="IDX218"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_u32_snprintf</b><i> (uint32_t *<var>buf</var>, size_t <var>size</var>, const uint32_t *<var>format</var>, ...)</i>
-<a name="IDX228"></a>
+<a name="IDX219"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_u32_asprintf</b><i> (uint32_t **<var>resultp</var>, const uint32_t *<var>format</var>, ...)</i>
-<a name="IDX229"></a>
+<a name="IDX220"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint32_t * <b>u32_u32_asnprintf</b><i> (uint32_t *resultbuf, size_t *<var>lengthp</var>, const uint32_t *<var>format</var>, ...)</i>
-<a name="IDX230"></a>
+<a name="IDX221"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_u32_vsprintf</b><i> (uint32_t *<var>buf</var>, const uint32_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX231"></a>
+<a name="IDX222"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_u32_vsnprintf</b><i> (uint32_t *<var>buf</var>, size_t <var>size</var>, const uint32_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX232"></a>
+<a name="IDX223"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>u32_u32_vasprintf</b><i> (uint32_t **<var>resultp</var>, const uint32_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX233"></a>
+<a name="IDX224"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> uint32_t * <b>u32_u32_vasnprintf</b><i> (uint32_t *resultbuf, size_t *<var>lengthp</var>, const uint32_t *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX234"></a>
+<a name="IDX225"></a>
 </dt>
 </dl>
 
@@ -418,18 +418,18 @@ locale encoding to a <code>FILE</code> stream.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>ulc_fprintf</b><i> (FILE *<var>stream</var>, const char *<var>format</var>, ...)</i>
-<a name="IDX235"></a>
+<a name="IDX226"></a>
 </dt>
 </dl>
 <dl>
 <dt><u>Function:</u> int <b>ulc_vfprintf</b><i> (FILE *<var>stream</var>, const char *<var>format</var>, va_list <var>ap</var>)</i>
-<a name="IDX236"></a>
+<a name="IDX227"></a>
 </dt>
 </dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_5.html#SEC17" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_7.html#SEC19" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_5.html#SEC30" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_7.html#SEC32" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -437,12 +437,12 @@ locale encoding to a <code>FILE</code> stream.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_7.html b/msys2/usr/share/doc/libunistring/libunistring_7.html
index 318fb192d..7fa99b364 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_7.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_7.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_6.html#SEC18" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_8.html#SEC20" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_6.html#SEC31" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_8.html#SEC33" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="uniname_002eh"></a>
-<a name="SEC19"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC19">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a> </h1>
+<a name="SEC32"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC32">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a> </h1>
 
 <p>This include file implements the association between a Unicode character and
 its name.
@@ -70,7 +70,7 @@ named <code>&quot;MULTIPLICATION SIGN&quot;</code>.
 </p>
 <dl>
 <dt><u>Macro:</u> unsigned int <b>UNINAME_MAX</b>
-<a name="IDX237"></a>
+<a name="IDX228"></a>
 </dt>
 <dd><p>This macro expands to a constant that is the required size of buffer for a
 Unicode character name.
@@ -78,7 +78,7 @@ Unicode character name.
 
 <dl>
 <dt><u>Function:</u> char * <b>unicode_character_name</b><i> (ucs4_t <var>uc</var>, char *<var>buf</var>)</i>
-<a name="IDX238"></a>
+<a name="IDX229"></a>
 </dt>
 <dd><p>Looks up the name of a Unicode character, in uppercase ASCII.
 <var>buf</var> must point to a buffer, at least <code>UNINAME_MAX</code> bytes in size.
@@ -87,7 +87,7 @@ Returns the filled <var>buf</var>, or NULL if the character does not have a name
 
 <dl>
 <dt><u>Function:</u> ucs4_t <b>unicode_name_character</b><i> (const char *<var>name</var>)</i>
-<a name="IDX239"></a>
+<a name="IDX230"></a>
 </dt>
 <dd><p>Looks up the Unicode character with a given name, in upper- or lowercase
 ASCII.  <var>NAME</var> can also be an alias name of a character.
@@ -96,15 +96,15 @@ Returns the character if found, or <code>UNINAME_INVALID</code> if not found.
 
 <dl>
 <dt><u>Macro:</u> ucs4_t <b>UNINAME_INVALID</b>
-<a name="IDX240"></a>
+<a name="IDX231"></a>
 </dt>
 <dd><p>This macro expands to a constant that is a special return value of the
 <code>unicode_name_character</code> function.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_6.html#SEC18" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_8.html#SEC20" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_6.html#SEC31" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_8.html#SEC33" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -112,12 +112,12 @@ Returns the character if found, or <code>UNINAME_INVALID</code> if not found.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_8.html b/msys2/usr/share/doc/libunistring/libunistring_8.html
index dddf449f3..1af96f554 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_8.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_8.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_7.html#SEC19" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_9.html#SEC40" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_7.html#SEC32" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_9.html#SEC53" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,14 +51,14 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="unictype_002eh"></a>
-<a name="SEC20"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC20">8. Unicode character classification and properties <code>&lt;unictype.h&gt;</code></a> </h1>
+<a name="SEC33"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC33">8. Unicode character classification and properties <code>&lt;unictype.h&gt;</code></a> </h1>
 
 <p>This include file declares functions that classify Unicode characters
 and that test whether Unicode characters have specific properties.
@@ -73,8 +73,8 @@ in the presence of specific Unicode characters.
 
 <hr size="6">
 <a name="General-category"></a>
-<a name="SEC21"></a>
-<h2 class="section"> <a href="libunistring.html#TOC21">8.1 General category</a> </h2>
+<a name="SEC34"></a>
+<h2 class="section"> <a href="libunistring.html#TOC34">8.1 General category</a> </h2>
 
 <p>Every Unicode character or code point has a <em>general category</em> assigned
 to it.  This classification is important for most algorithms that work on
@@ -94,12 +94,12 @@ information for all Unicode characters.
 
 <hr size="6">
 <a name="Object-oriented-API"></a>
-<a name="SEC22"></a>
-<h3 class="subsection"> <a href="libunistring.html#TOC22">8.1.1 The object oriented API for general category</a> </h3>
+<a name="SEC35"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC35">8.1.1 The object oriented API for general category</a> </h3>
 
 <dl>
 <dt><u>Type:</u> <b>uc_general_category_t</b>
-<a name="IDX241"></a>
+<a name="IDX232"></a>
 </dt>
 <dd><p>This data type denotes a general category value.  It is an immediate type that
 can be copied by simple assignment, without involving memory allocation.  It is
@@ -109,391 +109,389 @@ not an array type.
 <p>The following are the predefined general category value.  Additional general
 categories may be added in the future.
 </p>
+<p>The <code>UC_CATEGORY_*</code> constants reflect the systematic general category
+values assigned by the Unicode Consortium.  Whereas the other <code>UC_*</code>
+macros are aliases, for use when readable code is preferred.
+</p>
 <dl>
 <dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_L</b>
-<a name="IDX242"></a>
+<a name="IDX233"></a>
 </dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_LETTER</b>
+<a name="IDX234"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Letter&rdquo;.
+</p></dd></dl>
+
+<dl>
 <dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_LC</b>
-<a name="IDX243"></a>
+<a name="IDX235"></a>
 </dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Lu</b>
-<a name="IDX244"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Ll</b>
-<a name="IDX245"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Lt</b>
-<a name="IDX246"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Lm</b>
-<a name="IDX247"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Lo</b>
-<a name="IDX248"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_M</b>
-<a name="IDX249"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Mn</b>
-<a name="IDX250"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Mc</b>
-<a name="IDX251"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Me</b>
-<a name="IDX252"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_N</b>
-<a name="IDX253"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Nd</b>
-<a name="IDX254"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Nl</b>
-<a name="IDX255"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_No</b>
-<a name="IDX256"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_P</b>
-<a name="IDX257"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pc</b>
-<a name="IDX258"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pd</b>
-<a name="IDX259"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Ps</b>
-<a name="IDX260"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pe</b>
-<a name="IDX261"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pi</b>
-<a name="IDX262"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pf</b>
-<a name="IDX263"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Po</b>
-<a name="IDX264"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_S</b>
-<a name="IDX265"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Sm</b>
-<a name="IDX266"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Sc</b>
-<a name="IDX267"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Sk</b>
-<a name="IDX268"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_So</b>
-<a name="IDX269"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Z</b>
-<a name="IDX270"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Zs</b>
-<a name="IDX271"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Zl</b>
-<a name="IDX272"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Zp</b>
-<a name="IDX273"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_C</b>
-<a name="IDX274"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Cc</b>
-<a name="IDX275"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Cf</b>
-<a name="IDX276"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Cs</b>
-<a name="IDX277"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Co</b>
-<a name="IDX278"></a>
-</dt>
-<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Cn</b>
-<a name="IDX279"></a>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_CASED_LETTER</b>
+<a name="IDX236"></a>
 </dt>
 </dl>
 
-<p>The following are alias names for predefined General category values.
-</p>
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_LETTER</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Lu</b>
+<a name="IDX237"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_UPPERCASE_LETTER</b>
+<a name="IDX238"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Letter, uppercase&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Ll</b>
+<a name="IDX239"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_LOWERCASE_LETTER</b>
+<a name="IDX240"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Letter, lowercase&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Lt</b>
+<a name="IDX241"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_TITLECASE_LETTER</b>
+<a name="IDX242"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Letter, titlecase&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Lm</b>
+<a name="IDX243"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_MODIFIER_LETTER</b>
+<a name="IDX244"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Letter, modifier&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Lo</b>
+<a name="IDX245"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER_LETTER</b>
+<a name="IDX246"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Letter, other&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_M</b>
+<a name="IDX247"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_MARK</b>
+<a name="IDX248"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Marker&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Mn</b>
+<a name="IDX249"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_NON_SPACING_MARK</b>
+<a name="IDX250"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Marker, nonspacing&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Mc</b>
+<a name="IDX251"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_COMBINING_SPACING_MARK</b>
+<a name="IDX252"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Marker, spacing combining&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Me</b>
+<a name="IDX253"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_ENCLOSING_MARK</b>
+<a name="IDX254"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Marker, enclosing&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_N</b>
+<a name="IDX255"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_NUMBER</b>
+<a name="IDX256"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Number&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Nd</b>
+<a name="IDX257"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_DECIMAL_DIGIT_NUMBER</b>
+<a name="IDX258"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Number, decimal digit&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Nl</b>
+<a name="IDX259"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_LETTER_NUMBER</b>
+<a name="IDX260"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Number, letter&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_No</b>
+<a name="IDX261"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER_NUMBER</b>
+<a name="IDX262"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Number, other&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_P</b>
+<a name="IDX263"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_PUNCTUATION</b>
+<a name="IDX264"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Punctuation&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pc</b>
+<a name="IDX265"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_CONNECTOR_PUNCTUATION</b>
+<a name="IDX266"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Punctuation, connector&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pd</b>
+<a name="IDX267"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_DASH_PUNCTUATION</b>
+<a name="IDX268"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Punctuation, dash&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Ps</b>
+<a name="IDX269"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_OPEN_PUNCTUATION</b>
+<a name="IDX270"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Punctuation, open&rdquo;, a.k.a. &ldquo;start punctuation&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pe</b>
+<a name="IDX271"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_CLOSE_PUNCTUATION</b>
+<a name="IDX272"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Punctuation, close&rdquo;, a.k.a. &ldquo;end punctuation&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pi</b>
+<a name="IDX273"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_INITIAL_QUOTE_PUNCTUATION</b>
+<a name="IDX274"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Punctuation, initial quote&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Pf</b>
+<a name="IDX275"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_FINAL_QUOTE_PUNCTUATION</b>
+<a name="IDX276"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Punctuation, final quote&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Po</b>
+<a name="IDX277"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER_PUNCTUATION</b>
+<a name="IDX278"></a>
+</dt>
+<dd><p>This represents the general category &ldquo;Punctuation, other&rdquo;.
+</p></dd></dl>
+
+<dl>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_S</b>
+<a name="IDX279"></a>
+</dt>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_SYMBOL</b>
 <a name="IDX280"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_L</code>.
+<dd><p>This represents the general category &ldquo;Symbol&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_CASED_LETTER</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Sm</b>
 <a name="IDX281"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_LC</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_UPPERCASE_LETTER</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_MATH_SYMBOL</b>
 <a name="IDX282"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Lu</code>.
+<dd><p>This represents the general category &ldquo;Symbol, math&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_LOWERCASE_LETTER</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Sc</b>
 <a name="IDX283"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Ll</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_TITLECASE_LETTER</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_CURRENCY_SYMBOL</b>
 <a name="IDX284"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Lt</code>.
+<dd><p>This represents the general category &ldquo;Symbol, currency&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_MODIFIER_LETTER</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Sk</b>
 <a name="IDX285"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Lm</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER_LETTER</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_MODIFIER_SYMBOL</b>
 <a name="IDX286"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Lo</code>.
+<dd><p>This represents the general category &ldquo;Symbol, modifier&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_MARK</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_So</b>
 <a name="IDX287"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_M</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_NON_SPACING_MARK</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER_SYMBOL</b>
 <a name="IDX288"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Mn</code>.
+<dd><p>This represents the general category &ldquo;Symbol, other&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_COMBINING_SPACING_MARK</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Z</b>
 <a name="IDX289"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Mc</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_ENCLOSING_MARK</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_SEPARATOR</b>
 <a name="IDX290"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Me</code>.
+<dd><p>This represents the general category &ldquo;Separator&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_NUMBER</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Zs</b>
 <a name="IDX291"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_N</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_DECIMAL_DIGIT_NUMBER</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_SPACE_SEPARATOR</b>
 <a name="IDX292"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Nd</code>.
+<dd><p>This represents the general category &ldquo;Separator, space&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_LETTER_NUMBER</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Zl</b>
 <a name="IDX293"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Nl</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER_NUMBER</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_LINE_SEPARATOR</b>
 <a name="IDX294"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_No</code>.
+<dd><p>This represents the general category &ldquo;Separator, line&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_PUNCTUATION</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Zp</b>
 <a name="IDX295"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_P</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_CONNECTOR_PUNCTUATION</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_PARAGRAPH_SEPARATOR</b>
 <a name="IDX296"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Pc</code>.
+<dd><p>This represents the general category &ldquo;Separator, paragraph&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_DASH_PUNCTUATION</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_C</b>
 <a name="IDX297"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Pd</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_OPEN_PUNCTUATION</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER</b>
 <a name="IDX298"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Ps</code> (&ldquo;start punctuation&rdquo;).
+<dd><p>This represents the general category &ldquo;Other&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_CLOSE_PUNCTUATION</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Cc</b>
 <a name="IDX299"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Pe</code> (&ldquo;end punctuation&rdquo;).
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_INITIAL_QUOTE_PUNCTUATION</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_CONTROL</b>
 <a name="IDX300"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Pi</code>.
+<dd><p>This represents the general category &ldquo;Other, control&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_FINAL_QUOTE_PUNCTUATION</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Cf</b>
 <a name="IDX301"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Pf</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER_PUNCTUATION</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_FORMAT</b>
 <a name="IDX302"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Po</code>.
+<dd><p>This represents the general category &ldquo;Other, format&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_SYMBOL</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Cs</b>
 <a name="IDX303"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_S</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_MATH_SYMBOL</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_SURROGATE</b>
 <a name="IDX304"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Sm</code>.
+<dd><p>This represents the general category &ldquo;Other, surrogate&rdquo;.
+All code points in this category are invalid characters.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_CURRENCY_SYMBOL</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Co</b>
 <a name="IDX305"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Sc</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_MODIFIER_SYMBOL</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_PRIVATE_USE</b>
 <a name="IDX306"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Sk</code>.
+<dd><p>This represents the general category &ldquo;Other, private use&rdquo;.
 </p></dd></dl>
 
 <dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER_SYMBOL</b>
+<dt><u>Constant:</u> uc_general_category_t <b>UC_CATEGORY_Cn</b>
 <a name="IDX307"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_So</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_SEPARATOR</b>
+<dt><u>Macro:</u> uc_general_category_t <b>UC_UNASSIGNED</b>
 <a name="IDX308"></a>
 </dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Z</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_SPACE_SEPARATOR</b>
-<a name="IDX309"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Zs</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_LINE_SEPARATOR</b>
-<a name="IDX310"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Zl</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_PARAGRAPH_SEPARATOR</b>
-<a name="IDX311"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Zp</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_OTHER</b>
-<a name="IDX312"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_C</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_CONTROL</b>
-<a name="IDX313"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Cc</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_FORMAT</b>
-<a name="IDX314"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Cf</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_SURROGATE</b>
-<a name="IDX315"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Cs</code>.  All code points in this
-category are invalid characters.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_PRIVATE_USE</b>
-<a name="IDX316"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Co</code>.
-</p></dd></dl>
-
-<dl>
-<dt><u>Macro:</u> uc_general_category_t <b>UC_UNASSIGNED</b>
-<a name="IDX317"></a>
-</dt>
-<dd><p>This is another name for <code>UC_CATEGORY_Cn</code>.  Some code points in this
-category are invalid characters.
+<dd><p>This represents the general category &ldquo;Other, not assigned&rdquo;.
+Some code points in this category are invalid characters.
 </p></dd></dl>
 
 <p>The following functions combine general categories, like in a boolean algebra,
@@ -501,7 +499,7 @@ except that there is no &lsquo;<samp>not</samp>&rsquo; operation.
 </p>
 <dl>
 <dt><u>Function:</u> uc_general_category_t <b>uc_general_category_or</b><i> (uc_general_category_t <var>category1</var>, uc_general_category_t <var>category2</var>)</i>
-<a name="IDX318"></a>
+<a name="IDX309"></a>
 </dt>
 <dd><p>Returns the union of two general categories.
 This corresponds to the unions of the two sets of characters.
@@ -509,7 +507,7 @@ This corresponds to the unions of the two sets of characters.
 
 <dl>
 <dt><u>Function:</u> uc_general_category_t <b>uc_general_category_and</b><i> (uc_general_category_t <var>category1</var>, uc_general_category_t <var>category2</var>)</i>
-<a name="IDX319"></a>
+<a name="IDX310"></a>
 </dt>
 <dd><p>Returns the intersection of two general categories as bit masks.
 This <em>does not</em> correspond to the intersection of the two sets of
@@ -518,7 +516,7 @@ characters.
 
 <dl>
 <dt><u>Function:</u> uc_general_category_t <b>uc_general_category_and_not</b><i> (uc_general_category_t <var>category1</var>, uc_general_category_t <var>category2</var>)</i>
-<a name="IDX320"></a>
+<a name="IDX311"></a>
 </dt>
 <dd><p>Returns the intersection of a general category with the complement of a
 second general category, as bit masks.
@@ -530,7 +528,7 @@ viewing the categories as sets of characters.
 </p>
 <dl>
 <dt><u>Function:</u> const char * <b>uc_general_category_name</b><i> (uc_general_category_t <var>category</var>)</i>
-<a name="IDX321"></a>
+<a name="IDX312"></a>
 </dt>
 <dd><p>Returns the name of a general category, more precisely, the abbreviated name.
 Returns NULL if the general category corresponds to a bit mask that does not
@@ -539,7 +537,7 @@ have a name.
 
 <dl>
 <dt><u>Function:</u> const char * <b>uc_general_category_long_name</b><i> (uc_general_category_t <var>category</var>)</i>
-<a name="IDX322"></a>
+<a name="IDX313"></a>
 </dt>
 <dd><p>Returns the long name of a general category.
 Returns NULL if the general category corresponds to a bit mask that does not
@@ -548,7 +546,7 @@ have a name.
 
 <dl>
 <dt><u>Function:</u> uc_general_category_t <b>uc_general_category_byname</b><i> (const char *<var>category_name</var>)</i>
-<a name="IDX323"></a>
+<a name="IDX314"></a>
 </dt>
 <dd><p>Returns the general category given by name, e.g. <code>&quot;Lu&quot;</code>, or by long
 name, e.g. <code>&quot;Uppercase Letter&quot;</code>.
@@ -560,7 +558,7 @@ case-insignificant.
 </p>
 <dl>
 <dt><u>Function:</u> uc_general_category_t <b>uc_general_category</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX324"></a>
+<a name="IDX315"></a>
 </dt>
 <dd><p>Returns the general category of a Unicode character.
 </p>
@@ -569,7 +567,7 @@ case-insignificant.
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_general_category</b><i> (ucs4_t <var>uc</var>, uc_general_category_t <var>category</var>)</i>
-<a name="IDX325"></a>
+<a name="IDX316"></a>
 </dt>
 <dd><p>Tests whether a Unicode character belongs to a given category.
 The <var>category</var> argument can be a predefined general category or the
@@ -578,126 +576,126 @@ combination of several predefined general categories.
 
 <hr size="6">
 <a name="Bit-mask-API"></a>
-<a name="SEC23"></a>
-<h3 class="subsection"> <a href="libunistring.html#TOC23">8.1.2 The bit mask API for general category</a> </h3>
+<a name="SEC36"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC36">8.1.2 The bit mask API for general category</a> </h3>
 
 <p>The following are the predefined general category value as bit masks.
 Additional general categories may be added in the future.
 </p>
 <dl>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_L</b>
-<a name="IDX326"></a>
+<a name="IDX317"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_LC</b>
-<a name="IDX327"></a>
+<a name="IDX318"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Lu</b>
-<a name="IDX328"></a>
+<a name="IDX319"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Ll</b>
-<a name="IDX329"></a>
+<a name="IDX320"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Lt</b>
-<a name="IDX330"></a>
+<a name="IDX321"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Lm</b>
-<a name="IDX331"></a>
+<a name="IDX322"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Lo</b>
-<a name="IDX332"></a>
+<a name="IDX323"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_M</b>
-<a name="IDX333"></a>
+<a name="IDX324"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Mn</b>
-<a name="IDX334"></a>
+<a name="IDX325"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Mc</b>
-<a name="IDX335"></a>
+<a name="IDX326"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Me</b>
-<a name="IDX336"></a>
+<a name="IDX327"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_N</b>
-<a name="IDX337"></a>
+<a name="IDX328"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Nd</b>
-<a name="IDX338"></a>
+<a name="IDX329"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Nl</b>
-<a name="IDX339"></a>
+<a name="IDX330"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_No</b>
-<a name="IDX340"></a>
+<a name="IDX331"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_P</b>
-<a name="IDX341"></a>
+<a name="IDX332"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Pc</b>
-<a name="IDX342"></a>
+<a name="IDX333"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Pd</b>
-<a name="IDX343"></a>
+<a name="IDX334"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Ps</b>
-<a name="IDX344"></a>
+<a name="IDX335"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Pe</b>
-<a name="IDX345"></a>
+<a name="IDX336"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Pi</b>
-<a name="IDX346"></a>
+<a name="IDX337"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Pf</b>
-<a name="IDX347"></a>
+<a name="IDX338"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Po</b>
-<a name="IDX348"></a>
+<a name="IDX339"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_S</b>
-<a name="IDX349"></a>
+<a name="IDX340"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Sm</b>
-<a name="IDX350"></a>
+<a name="IDX341"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Sc</b>
-<a name="IDX351"></a>
+<a name="IDX342"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Sk</b>
-<a name="IDX352"></a>
+<a name="IDX343"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_So</b>
-<a name="IDX353"></a>
+<a name="IDX344"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Z</b>
-<a name="IDX354"></a>
+<a name="IDX345"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Zs</b>
-<a name="IDX355"></a>
+<a name="IDX346"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Zl</b>
-<a name="IDX356"></a>
+<a name="IDX347"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Zp</b>
-<a name="IDX357"></a>
+<a name="IDX348"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_C</b>
-<a name="IDX358"></a>
+<a name="IDX349"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Cc</b>
-<a name="IDX359"></a>
+<a name="IDX350"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Cf</b>
-<a name="IDX360"></a>
+<a name="IDX351"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Cs</b>
-<a name="IDX361"></a>
+<a name="IDX352"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Co</b>
-<a name="IDX362"></a>
+<a name="IDX353"></a>
 </dt>
 <dt><u>Macro:</u> uint32_t <b>UC_CATEGORY_MASK_Cn</b>
-<a name="IDX363"></a>
+<a name="IDX354"></a>
 </dt>
 </dl>
 
@@ -705,7 +703,7 @@ Additional general categories may be added in the future.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_general_category_withtable</b><i> (ucs4_t <var>uc</var>, uint32_t <var>bitmask</var>)</i>
-<a name="IDX364"></a>
+<a name="IDX355"></a>
 </dt>
 <dd><p>Tests whether a Unicode character belongs to a given category.
 The <var>bitmask</var> argument can be a predefined general category bitmask or the
@@ -716,8 +714,8 @@ combination of several predefined general category bitmasks.
 
 <hr size="6">
 <a name="Canonical-combining-class"></a>
-<a name="SEC24"></a>
-<h2 class="section"> <a href="libunistring.html#TOC24">8.2 Canonical combining class</a> </h2>
+<a name="SEC37"></a>
+<h2 class="section"> <a href="libunistring.html#TOC37">8.2 Canonical combining class</a> </h2>
 
 <p>Every Unicode character or code point has a <em>canonical combining class</em>
 assigned to it.
@@ -737,7 +735,7 @@ not definitive; more values can be added in future versions.
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_NR</b>
-<a name="IDX365"></a>
+<a name="IDX356"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Not Reordered&rdquo; characters.
 The value is 0.
@@ -745,133 +743,133 @@ The value is 0.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_OV</b>
-<a name="IDX366"></a>
+<a name="IDX357"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Overlay&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_NK</b>
-<a name="IDX367"></a>
+<a name="IDX358"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Nukta&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_KV</b>
-<a name="IDX368"></a>
+<a name="IDX359"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Kana Voicing&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_VR</b>
-<a name="IDX369"></a>
+<a name="IDX360"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Virama&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_ATBL</b>
-<a name="IDX370"></a>
+<a name="IDX361"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Attached Below Left&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_ATB</b>
-<a name="IDX371"></a>
+<a name="IDX362"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Attached Below&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_ATA</b>
-<a name="IDX372"></a>
+<a name="IDX363"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Attached Above&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_ATAR</b>
-<a name="IDX373"></a>
+<a name="IDX364"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Attached Above Right&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_BL</b>
-<a name="IDX374"></a>
+<a name="IDX365"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Below Left&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_B</b>
-<a name="IDX375"></a>
+<a name="IDX366"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Below&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_BR</b>
-<a name="IDX376"></a>
+<a name="IDX367"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Below Right&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_L</b>
-<a name="IDX377"></a>
+<a name="IDX368"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Left&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_R</b>
-<a name="IDX378"></a>
+<a name="IDX369"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Right&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_AL</b>
-<a name="IDX379"></a>
+<a name="IDX370"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Above Left&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_A</b>
-<a name="IDX380"></a>
+<a name="IDX371"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Above&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_AR</b>
-<a name="IDX381"></a>
+<a name="IDX372"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Above Right&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_DB</b>
-<a name="IDX382"></a>
+<a name="IDX373"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Double Below&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_DA</b>
-<a name="IDX383"></a>
+<a name="IDX374"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Double Above&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_CCC_IS</b>
-<a name="IDX384"></a>
+<a name="IDX375"></a>
 </dt>
 <dd><p>The canonical combining class value for &ldquo;Iota Subscript&rdquo; characters.
 </p></dd></dl>
@@ -880,7 +878,7 @@ The value is 0.
 </p>
 <dl>
 <dt><u>Function:</u> const char * <b>uc_combining_class_name</b><i> (int <var>ccc</var>)</i>
-<a name="IDX385"></a>
+<a name="IDX376"></a>
 </dt>
 <dd><p>Returns the name of a canonical combining class, more precisely, the
 abbreviated name.
@@ -890,7 +888,7 @@ name.
 
 <dl>
 <dt><u>Function:</u> const char * <b>uc_combining_class_long_name</b><i> (int <var>ccc</var>)</i>
-<a name="IDX386"></a>
+<a name="IDX377"></a>
 </dt>
 <dd><p>Returns the long name of a canonical combining class.
 Returns NULL if the canonical combining class is a numeric value without a
@@ -899,7 +897,7 @@ name.
 
 <dl>
 <dt><u>Function:</u> int <b>uc_combining_class_byname</b><i> (const char *<var>ccc_name</var>)</i>
-<a name="IDX387"></a>
+<a name="IDX378"></a>
 </dt>
 <dd><p>Returns the canonical combining class given by name, e.g. <code>&quot;BL&quot;</code>, or by
 long name, e.g. <code>&quot;Below Left&quot;</code>.
@@ -911,15 +909,15 @@ case-insignificant.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_combining_class</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX388"></a>
+<a name="IDX379"></a>
 </dt>
 <dd><p>Returns the canonical combining class of a Unicode character.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Bidi-class"></a>
-<a name="SEC25"></a>
-<h2 class="section"> <a href="libunistring.html#TOC25">8.3 Bidi class</a> </h2>
+<a name="SEC38"></a>
+<h2 class="section"> <a href="libunistring.html#TOC38">8.3 Bidi class</a> </h2>
 
 <p>Every Unicode character or code point has a <em>bidi class</em> assigned to it.
 Before Unicode 4.0, this concept was known as <em>bidirectional category</em>.
@@ -930,133 +928,133 @@ the following.
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_L</b>
-<a name="IDX389"></a>
+<a name="IDX380"></a>
 </dt>
 <dd><p>The bidi class for `Left-to-Right`&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_LRE</b>
-<a name="IDX390"></a>
+<a name="IDX381"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Left-to-Right Embedding&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_LRO</b>
-<a name="IDX391"></a>
+<a name="IDX382"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Left-to-Right Override&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_R</b>
-<a name="IDX392"></a>
+<a name="IDX383"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Right-to-Left&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_AL</b>
-<a name="IDX393"></a>
+<a name="IDX384"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Right-to-Left Arabic&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_RLE</b>
-<a name="IDX394"></a>
+<a name="IDX385"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Right-to-Left Embedding&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_RLO</b>
-<a name="IDX395"></a>
+<a name="IDX386"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Right-to-Left Override&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_PDF</b>
-<a name="IDX396"></a>
+<a name="IDX387"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Pop Directional Format&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_EN</b>
-<a name="IDX397"></a>
+<a name="IDX388"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;European Number&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_ES</b>
-<a name="IDX398"></a>
+<a name="IDX389"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;European Number Separator&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_ET</b>
-<a name="IDX399"></a>
+<a name="IDX390"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;European Number Terminator&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_AN</b>
-<a name="IDX400"></a>
+<a name="IDX391"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Arabic Number&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_CS</b>
-<a name="IDX401"></a>
+<a name="IDX392"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Common Number Separator&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_NSM</b>
-<a name="IDX402"></a>
+<a name="IDX393"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Non-Spacing Mark&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_BN</b>
-<a name="IDX403"></a>
+<a name="IDX394"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Boundary Neutral&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_B</b>
-<a name="IDX404"></a>
+<a name="IDX395"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Paragraph Separator&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_S</b>
-<a name="IDX405"></a>
+<a name="IDX396"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Segment Separator&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_WS</b>
-<a name="IDX406"></a>
+<a name="IDX397"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Whitespace&rdquo; characters.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_BIDI_ON</b>
-<a name="IDX407"></a>
+<a name="IDX398"></a>
 </dt>
 <dd><p>The bidi class for &ldquo;Other Neutral&rdquo; characters.
 </p></dd></dl>
@@ -1066,27 +1064,27 @@ category and its name.
 </p>
 <dl>
 <dt><u>Function:</u> const char * <b>uc_bidi_class_name</b><i> (int <var>bidi_class</var>)</i>
-<a name="IDX408"></a>
+<a name="IDX399"></a>
 </dt>
 <dt><u>Function:</u> const char * <b>uc_bidi_category_name</b><i> (int <var>category</var>)</i>
-<a name="IDX409"></a>
+<a name="IDX400"></a>
 </dt>
 <dd><p>Returns the name of a bidi class, more precisely, the abbreviated name.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> const char * <b>uc_bidi_class_long_name</b><i> (int <var>bidi_class</var>)</i>
-<a name="IDX410"></a>
+<a name="IDX401"></a>
 </dt>
 <dd><p>Returns the long name of a bidi class.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> int <b>uc_bidi_class_byname</b><i> (const char *<var>bidi_class_name</var>)</i>
-<a name="IDX411"></a>
+<a name="IDX402"></a>
 </dt>
 <dt><u>Function:</u> int <b>uc_bidi_category_byname</b><i> (const char *<var>category_name</var>)</i>
-<a name="IDX412"></a>
+<a name="IDX403"></a>
 </dt>
 <dd><p>Returns the bidi class given by name, e.g. <code>&quot;LRE&quot;</code>, or by long name,
 e.g. <code>&quot;Left-to-Right Embedding&quot;</code>.
@@ -1099,28 +1097,28 @@ characters.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_bidi_class</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX413"></a>
+<a name="IDX404"></a>
 </dt>
 <dt><u>Function:</u> int <b>uc_bidi_category</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX414"></a>
+<a name="IDX405"></a>
 </dt>
 <dd><p>Returns the bidi class of a Unicode character.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_bidi_class</b><i> (ucs4_t <var>uc</var>, int <var>bidi_class</var>)</i>
-<a name="IDX415"></a>
+<a name="IDX406"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_bidi_category</b><i> (ucs4_t <var>uc</var>, int <var>category</var>)</i>
-<a name="IDX416"></a>
+<a name="IDX407"></a>
 </dt>
 <dd><p>Tests whether a Unicode character belongs to a given bidi class.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Decimal-digit-value"></a>
-<a name="SEC26"></a>
-<h2 class="section"> <a href="libunistring.html#TOC26">8.4 Decimal digit value</a> </h2>
+<a name="SEC39"></a>
+<h2 class="section"> <a href="libunistring.html#TOC39">8.4 Decimal digit value</a> </h2>
 
 <p>Decimal digits (like the digits from &lsquo;<samp>0</samp>&rsquo; to &lsquo;<samp>9</samp>&rsquo;) exist in many
 scripts.  The following function converts a decimal digit character to its
@@ -1128,7 +1126,7 @@ numerical value.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_decimal_value</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX417"></a>
+<a name="IDX408"></a>
 </dt>
 <dd><p>Returns the decimal digit value of a Unicode character.
 The return value is an integer in the range 0..9, or -1 for characters that
@@ -1137,8 +1135,8 @@ do not represent a decimal digit.
 
 <hr size="6">
 <a name="Digit-value"></a>
-<a name="SEC27"></a>
-<h2 class="section"> <a href="libunistring.html#TOC27">8.5 Digit value</a> </h2>
+<a name="SEC40"></a>
+<h2 class="section"> <a href="libunistring.html#TOC40">8.5 Digit value</a> </h2>
 
 <p>Digit characters are like decimal digit characters, possibly in special forms,
 like as superscript, subscript, or circled.  The following function converts a
@@ -1146,7 +1144,7 @@ digit character to its numerical value.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_digit_value</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX418"></a>
+<a name="IDX409"></a>
 </dt>
 <dd><p>Returns the digit value of a Unicode character.
 The return value is an integer in the range 0..9, or -1 for characters that
@@ -1155,8 +1153,8 @@ do not represent a digit.
 
 <hr size="6">
 <a name="Numeric-value"></a>
-<a name="SEC28"></a>
-<h2 class="section"> <a href="libunistring.html#TOC28">8.6 Numeric value</a> </h2>
+<a name="SEC41"></a>
+<h2 class="section"> <a href="libunistring.html#TOC41">8.6 Numeric value</a> </h2>
 
 <p>There are also characters that represent numbers without a digit system, like
 the Roman numerals, and fractional numbers, like 1/4 or 3/4.
@@ -1164,7 +1162,7 @@ the Roman numerals, and fractional numbers, like 1/4 or 3/4.
 <p>The following type represents the numeric value of a Unicode character.
 </p><dl>
 <dt><u>Type:</u> <b>uc_fraction_t</b>
-<a name="IDX419"></a>
+<a name="IDX410"></a>
 </dt>
 <dd><p>This is a structure type with the following fields:
 </p><table><tr><td>&nbsp;</td><td><pre class="smallexample">int numerator;
@@ -1178,7 +1176,7 @@ int denominator;
 </p>
 <dl>
 <dt><u>Function:</u> uc_fraction_t <b>uc_numeric_value</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX420"></a>
+<a name="IDX411"></a>
 </dt>
 <dd><p>Returns the numeric value of a Unicode character.
 The return value is a fraction, or the pseudo-fraction <code>{ 0, 0 }</code> for
@@ -1187,8 +1185,8 @@ characters that do not represent a number.
 
 <hr size="6">
 <a name="Mirrored-character"></a>
-<a name="SEC29"></a>
-<h2 class="section"> <a href="libunistring.html#TOC29">8.7 Mirrored character</a> </h2>
+<a name="SEC42"></a>
+<h2 class="section"> <a href="libunistring.html#TOC42">8.7 Mirrored character</a> </h2>
 
 <p>Character mirroring is used to associate the closing parenthesis character
 to the opening parenthesis character, the closing brace character with the
@@ -1198,7 +1196,7 @@ opening brace character, and so on.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_mirror_char</b><i> (ucs4_t <var>uc</var>, ucs4_t *<var>puc</var>)</i>
-<a name="IDX421"></a>
+<a name="IDX412"></a>
 </dt>
 <dd><p>Stores the mirrored character of a Unicode character <var>uc</var> in
 <code>*<var>puc</var></code> and returns <code>true</code>, if it exists.  Otherwise it
@@ -1207,8 +1205,8 @@ stores <var>uc</var> unmodified in <code>*<var>puc</var></code> and returns <cod
 
 <hr size="6">
 <a name="Arabic-shaping"></a>
-<a name="SEC30"></a>
-<h2 class="section"> <a href="libunistring.html#TOC30">8.8 Arabic shaping</a> </h2>
+<a name="SEC43"></a>
+<h2 class="section"> <a href="libunistring.html#TOC43">8.8 Arabic shaping</a> </h2>
 
 <p>When Arabic characters are rendered, after bidi reordering has taken
 place, the shape of the glyphs are modified so that many adjacent glyphs
@@ -1218,8 +1216,8 @@ takes place: the joining type and the joining group.
 
 <hr size="6">
 <a name="Joining-type"></a>
-<a name="SEC31"></a>
-<h3 class="subsection"> <a href="libunistring.html#TOC31">8.8.1 Joining type of Arabic characters</a> </h3>
+<a name="SEC44"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC44">8.8.1 Joining type of Arabic characters</a> </h3>
 
 <p>The joining type of a character describes on which of the left and right
 neighbour characters the character's shape depends, and which of the two
@@ -1229,14 +1227,14 @@ neighbour characters are rendered depending on this character.
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>UC_JOINING_TYPE_U</b>
-<a name="IDX422"></a>
+<a name="IDX413"></a>
 </dt>
 <dd><p>&ldquo;Non joining&rdquo;: Characters of this joining type prohibit joining.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_JOINING_TYPE_T</b>
-<a name="IDX423"></a>
+<a name="IDX414"></a>
 </dt>
 <dd><p>&ldquo;Transparent&rdquo;: Characters of this joining type are skipped when
 considering joining.
@@ -1244,7 +1242,7 @@ considering joining.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_JOINING_TYPE_C</b>
-<a name="IDX424"></a>
+<a name="IDX415"></a>
 </dt>
 <dd><p>&ldquo;Join causing&rdquo;: Characters of this joining type cause their neighbour
 characters to change their shapes but don't change their own shape.
@@ -1252,7 +1250,7 @@ characters to change their shapes but don't change their own shape.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_JOINING_TYPE_L</b>
-<a name="IDX425"></a>
+<a name="IDX416"></a>
 </dt>
 <dd><p>&ldquo;Left joining&rdquo;: Characters of this joining type have two shapes,
 isolated and initial.  Such characters currently don't exist.
@@ -1260,7 +1258,7 @@ isolated and initial.  Such characters currently don't exist.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_JOINING_TYPE_R</b>
-<a name="IDX426"></a>
+<a name="IDX417"></a>
 </dt>
 <dd><p>&ldquo;Right joining&rdquo;: Characters of this joining type have two shapes,
 isolated and final.
@@ -1268,7 +1266,7 @@ isolated and final.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_JOINING_TYPE_D</b>
-<a name="IDX427"></a>
+<a name="IDX418"></a>
 </dt>
 <dd><p>&ldquo;Dual joining&rdquo;: Characters of this joining type have four shapes,
 initial, medial, final, and isolated.
@@ -1279,21 +1277,21 @@ and its name.
 </p>
 <dl>
 <dt><u>Function:</u> const char * <b>uc_joining_type_name</b><i> (int <var>joining_type</var>)</i>
-<a name="IDX428"></a>
+<a name="IDX419"></a>
 </dt>
 <dd><p>Returns the name of a joining type.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> const char * <b>uc_joining_type_long_name</b><i> (int <var>joining_type</var>)</i>
-<a name="IDX429"></a>
+<a name="IDX420"></a>
 </dt>
 <dd><p>Returns the long name of a joining type.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> int <b>uc_joining_type_byname</b><i> (const char *<var>joining_type_name</var>)</i>
-<a name="IDX430"></a>
+<a name="IDX421"></a>
 </dt>
 <dd><p>Returns the joining type given by name, e.g. <code>&quot;D&quot;</code>, or by long name,
 e.g. <code>&quot;Dual Joining</code>.
@@ -1305,15 +1303,15 @@ case-insignificant.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_joining_type</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX431"></a>
+<a name="IDX422"></a>
 </dt>
 <dd><p>Returns the joining type of a Unicode character.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Joining-group"></a>
-<a name="SEC32"></a>
-<h3 class="subsection"> <a href="libunistring.html#TOC32">8.8.2 Joining group of Arabic characters</a> </h3>
+<a name="SEC45"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC45">8.8.2 Joining group of Arabic characters</a> </h3>
 
 <p>The joining group of a character describes how the character's shape
 is modified in the four contexts of dual-joining characters or in the
@@ -1323,175 +1321,175 @@ two contexts of right-joining characters.
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_NONE</b>
-<a name="IDX432"></a>
+<a name="IDX423"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_AIN</b>
-<a name="IDX433"></a>
+<a name="IDX424"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_ALAPH</b>
-<a name="IDX434"></a>
+<a name="IDX425"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_ALEF</b>
-<a name="IDX435"></a>
+<a name="IDX426"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_BEH</b>
-<a name="IDX436"></a>
+<a name="IDX427"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_BETH</b>
-<a name="IDX437"></a>
+<a name="IDX428"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_BURUSHASKI_YEH_BARREE</b>
-<a name="IDX438"></a>
+<a name="IDX429"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_DAL</b>
-<a name="IDX439"></a>
+<a name="IDX430"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_DALATH_RISH</b>
-<a name="IDX440"></a>
+<a name="IDX431"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_E</b>
-<a name="IDX441"></a>
+<a name="IDX432"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_FARSI_YEH</b>
-<a name="IDX442"></a>
+<a name="IDX433"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_FE</b>
-<a name="IDX443"></a>
+<a name="IDX434"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_FEH</b>
-<a name="IDX444"></a>
+<a name="IDX435"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_FINAL_SEMKATH</b>
-<a name="IDX445"></a>
+<a name="IDX436"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_GAF</b>
-<a name="IDX446"></a>
+<a name="IDX437"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_GAMAL</b>
-<a name="IDX447"></a>
+<a name="IDX438"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_HAH</b>
-<a name="IDX448"></a>
+<a name="IDX439"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_HE</b>
-<a name="IDX449"></a>
+<a name="IDX440"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_HEH</b>
-<a name="IDX450"></a>
+<a name="IDX441"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_HEH_GOAL</b>
-<a name="IDX451"></a>
+<a name="IDX442"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_HETH</b>
-<a name="IDX452"></a>
+<a name="IDX443"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_KAF</b>
-<a name="IDX453"></a>
+<a name="IDX444"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_KAPH</b>
-<a name="IDX454"></a>
+<a name="IDX445"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_KHAPH</b>
-<a name="IDX455"></a>
+<a name="IDX446"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_KNOTTED_HEH</b>
-<a name="IDX456"></a>
+<a name="IDX447"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_LAM</b>
-<a name="IDX457"></a>
+<a name="IDX448"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_LAMADH</b>
-<a name="IDX458"></a>
+<a name="IDX449"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_MEEM</b>
-<a name="IDX459"></a>
+<a name="IDX450"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_MIM</b>
-<a name="IDX460"></a>
+<a name="IDX451"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_NOON</b>
-<a name="IDX461"></a>
+<a name="IDX452"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_NUN</b>
-<a name="IDX462"></a>
+<a name="IDX453"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_NYA</b>
-<a name="IDX463"></a>
+<a name="IDX454"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_PE</b>
-<a name="IDX464"></a>
+<a name="IDX455"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_QAF</b>
-<a name="IDX465"></a>
+<a name="IDX456"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_QAPH</b>
-<a name="IDX466"></a>
+<a name="IDX457"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_REH</b>
-<a name="IDX467"></a>
+<a name="IDX458"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_REVERSED_PE</b>
-<a name="IDX468"></a>
+<a name="IDX459"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_SAD</b>
-<a name="IDX469"></a>
+<a name="IDX460"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_SADHE</b>
-<a name="IDX470"></a>
+<a name="IDX461"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_SEEN</b>
-<a name="IDX471"></a>
+<a name="IDX462"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_SEMKATH</b>
-<a name="IDX472"></a>
+<a name="IDX463"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_SHIN</b>
-<a name="IDX473"></a>
+<a name="IDX464"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_SWASH_KAF</b>
-<a name="IDX474"></a>
+<a name="IDX465"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_SYRIAC_WAW</b>
-<a name="IDX475"></a>
+<a name="IDX466"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_TAH</b>
-<a name="IDX476"></a>
+<a name="IDX467"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_TAW</b>
-<a name="IDX477"></a>
+<a name="IDX468"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_TEH_MARBUTA</b>
-<a name="IDX478"></a>
+<a name="IDX469"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_TEH_MARBUTA_GOAL</b>
-<a name="IDX479"></a>
+<a name="IDX470"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_TETH</b>
-<a name="IDX480"></a>
+<a name="IDX471"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_WAW</b>
-<a name="IDX481"></a>
+<a name="IDX472"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_YEH</b>
-<a name="IDX482"></a>
+<a name="IDX473"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_YEH_BARREE</b>
-<a name="IDX483"></a>
+<a name="IDX474"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_YEH_WITH_TAIL</b>
-<a name="IDX484"></a>
+<a name="IDX475"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_YUDH</b>
-<a name="IDX485"></a>
+<a name="IDX476"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_YUDH_HE</b>
-<a name="IDX486"></a>
+<a name="IDX477"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_ZAIN</b>
-<a name="IDX487"></a>
+<a name="IDX478"></a>
 </dt>
 <dt><u>Constant:</u> int <b>UC_JOINING_GROUP_ZHAIN</b>
-<a name="IDX488"></a>
+<a name="IDX479"></a>
 </dt>
 </dl>
 
@@ -1500,14 +1498,14 @@ and its name.
 </p>
 <dl>
 <dt><u>Function:</u> const char * <b>uc_joining_group_name</b><i> (int <var>joining_group</var>)</i>
-<a name="IDX489"></a>
+<a name="IDX480"></a>
 </dt>
 <dd><p>Returns the name of a joining group.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> int <b>uc_joining_group_byname</b><i> (const char *<var>joining_group_name</var>)</i>
-<a name="IDX490"></a>
+<a name="IDX481"></a>
 </dt>
 <dd><p>Returns the joining group given by name, e.g. <code>&quot;Teh_Marbuta&quot;</code>.
 This lookup ignores spaces, underscores, or hyphens as word separators and is
@@ -1518,15 +1516,15 @@ case-insignificant.
 </p>
 <dl>
 <dt><u>Function:</u> int <b>uc_joining_group</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX491"></a>
+<a name="IDX482"></a>
 </dt>
 <dd><p>Returns the joining group of a Unicode character.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Properties"></a>
-<a name="SEC33"></a>
-<h2 class="section"> <a href="libunistring.html#TOC33">8.9 Properties</a> </h2>
+<a name="SEC46"></a>
+<h2 class="section"> <a href="libunistring.html#TOC46">8.9 Properties</a> </h2>
 
 <p>This section defines boolean properties of Unicode characters.  This
 means, a character either has the given property or does not have it.
@@ -1541,14 +1539,14 @@ low level, a property is merely a function.
 
 <hr size="6">
 <a name="Properties-as-objects"></a>
-<a name="SEC34"></a>
-<h3 class="subsection"> <a href="libunistring.html#TOC34">8.9.1 Properties as objects &ndash; the object oriented API</a> </h3>
+<a name="SEC47"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC47">8.9.1 Properties as objects &ndash; the object oriented API</a> </h3>
 
 <p>The following type designates a property on Unicode characters.
 </p>
 <dl>
 <dt><u>Type:</u> <b>uc_property_t</b>
-<a name="IDX492"></a>
+<a name="IDX483"></a>
 </dt>
 <dd><p>This data type denotes a boolean property on Unicode characters. It is an
 immediate type that can be copied by simple assignment, without involving
@@ -1561,37 +1559,37 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_WHITE_SPACE</b>
-<a name="IDX493"></a>
+<a name="IDX484"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_ALPHABETIC</b>
-<a name="IDX494"></a>
+<a name="IDX485"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_OTHER_ALPHABETIC</b>
-<a name="IDX495"></a>
+<a name="IDX486"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_NOT_A_CHARACTER</b>
-<a name="IDX496"></a>
+<a name="IDX487"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_DEFAULT_IGNORABLE_CODE_POINT</b>
-<a name="IDX497"></a>
+<a name="IDX488"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_OTHER_DEFAULT_IGNORABLE_CODE_POINT</b>
-<a name="IDX498"></a>
+<a name="IDX489"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_DEPRECATED</b>
-<a name="IDX499"></a>
+<a name="IDX490"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_LOGICAL_ORDER_EXCEPTION</b>
-<a name="IDX500"></a>
+<a name="IDX491"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_VARIATION_SELECTOR</b>
-<a name="IDX501"></a>
+<a name="IDX492"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_PRIVATE_USE</b>
-<a name="IDX502"></a>
+<a name="IDX493"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_UNASSIGNED_CODE_VALUE</b>
-<a name="IDX503"></a>
+<a name="IDX494"></a>
 </dt>
 </dl>
 
@@ -1599,43 +1597,43 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_UPPERCASE</b>
-<a name="IDX504"></a>
+<a name="IDX495"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_OTHER_UPPERCASE</b>
-<a name="IDX505"></a>
+<a name="IDX496"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_LOWERCASE</b>
-<a name="IDX506"></a>
+<a name="IDX497"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_OTHER_LOWERCASE</b>
-<a name="IDX507"></a>
+<a name="IDX498"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_TITLECASE</b>
-<a name="IDX508"></a>
+<a name="IDX499"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_CASED</b>
-<a name="IDX509"></a>
+<a name="IDX500"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_CASE_IGNORABLE</b>
-<a name="IDX510"></a>
+<a name="IDX501"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_CHANGES_WHEN_LOWERCASED</b>
-<a name="IDX511"></a>
+<a name="IDX502"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_CHANGES_WHEN_UPPERCASED</b>
-<a name="IDX512"></a>
+<a name="IDX503"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_CHANGES_WHEN_TITLECASED</b>
-<a name="IDX513"></a>
+<a name="IDX504"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_CHANGES_WHEN_CASEFOLDED</b>
-<a name="IDX514"></a>
+<a name="IDX505"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_CHANGES_WHEN_CASEMAPPED</b>
-<a name="IDX515"></a>
+<a name="IDX506"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_SOFT_DOTTED</b>
-<a name="IDX516"></a>
+<a name="IDX507"></a>
 </dt>
 </dl>
 
@@ -1643,28 +1641,28 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_ID_START</b>
-<a name="IDX517"></a>
+<a name="IDX508"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_OTHER_ID_START</b>
-<a name="IDX518"></a>
+<a name="IDX509"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_ID_CONTINUE</b>
-<a name="IDX519"></a>
+<a name="IDX510"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_OTHER_ID_CONTINUE</b>
-<a name="IDX520"></a>
+<a name="IDX511"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_XID_START</b>
-<a name="IDX521"></a>
+<a name="IDX512"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_XID_CONTINUE</b>
-<a name="IDX522"></a>
+<a name="IDX513"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_PATTERN_WHITE_SPACE</b>
-<a name="IDX523"></a>
+<a name="IDX514"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_PATTERN_SYNTAX</b>
-<a name="IDX524"></a>
+<a name="IDX515"></a>
 </dt>
 </dl>
 
@@ -1672,19 +1670,19 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_JOIN_CONTROL</b>
-<a name="IDX525"></a>
+<a name="IDX516"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_GRAPHEME_BASE</b>
-<a name="IDX526"></a>
+<a name="IDX517"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_GRAPHEME_EXTEND</b>
-<a name="IDX527"></a>
+<a name="IDX518"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_OTHER_GRAPHEME_EXTEND</b>
-<a name="IDX528"></a>
+<a name="IDX519"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_GRAPHEME_LINK</b>
-<a name="IDX529"></a>
+<a name="IDX520"></a>
 </dt>
 </dl>
 
@@ -1692,55 +1690,55 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_CONTROL</b>
-<a name="IDX530"></a>
+<a name="IDX521"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_LEFT_TO_RIGHT</b>
-<a name="IDX531"></a>
+<a name="IDX522"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_HEBREW_RIGHT_TO_LEFT</b>
-<a name="IDX532"></a>
+<a name="IDX523"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_ARABIC_RIGHT_TO_LEFT</b>
-<a name="IDX533"></a>
+<a name="IDX524"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_EUROPEAN_DIGIT</b>
-<a name="IDX534"></a>
+<a name="IDX525"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_EUR_NUM_SEPARATOR</b>
-<a name="IDX535"></a>
+<a name="IDX526"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_EUR_NUM_TERMINATOR</b>
-<a name="IDX536"></a>
+<a name="IDX527"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_ARABIC_DIGIT</b>
-<a name="IDX537"></a>
+<a name="IDX528"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_COMMON_SEPARATOR</b>
-<a name="IDX538"></a>
+<a name="IDX529"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_BLOCK_SEPARATOR</b>
-<a name="IDX539"></a>
+<a name="IDX530"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_SEGMENT_SEPARATOR</b>
-<a name="IDX540"></a>
+<a name="IDX531"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_WHITESPACE</b>
-<a name="IDX541"></a>
+<a name="IDX532"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_NON_SPACING_MARK</b>
-<a name="IDX542"></a>
+<a name="IDX533"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_BOUNDARY_NEUTRAL</b>
-<a name="IDX543"></a>
+<a name="IDX534"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_PDF</b>
-<a name="IDX544"></a>
+<a name="IDX535"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_EMBEDDING_OR_OVERRIDE</b>
-<a name="IDX545"></a>
+<a name="IDX536"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_BIDI_OTHER_NEUTRAL</b>
-<a name="IDX546"></a>
+<a name="IDX537"></a>
 </dt>
 </dl>
 
@@ -1748,10 +1746,10 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_HEX_DIGIT</b>
-<a name="IDX547"></a>
+<a name="IDX538"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_ASCII_HEX_DIGIT</b>
-<a name="IDX548"></a>
+<a name="IDX539"></a>
 </dt>
 </dl>
 
@@ -1759,19 +1757,19 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_IDEOGRAPHIC</b>
-<a name="IDX549"></a>
+<a name="IDX540"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_UNIFIED_IDEOGRAPH</b>
-<a name="IDX550"></a>
+<a name="IDX541"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_RADICAL</b>
-<a name="IDX551"></a>
+<a name="IDX542"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_IDS_BINARY_OPERATOR</b>
-<a name="IDX552"></a>
+<a name="IDX543"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_IDS_TRINARY_OPERATOR</b>
-<a name="IDX553"></a>
+<a name="IDX544"></a>
 </dt>
 </dl>
 
@@ -1779,79 +1777,79 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_ZERO_WIDTH</b>
-<a name="IDX554"></a>
+<a name="IDX545"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_SPACE</b>
-<a name="IDX555"></a>
+<a name="IDX546"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_NON_BREAK</b>
-<a name="IDX556"></a>
+<a name="IDX547"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_ISO_CONTROL</b>
-<a name="IDX557"></a>
+<a name="IDX548"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_FORMAT_CONTROL</b>
-<a name="IDX558"></a>
+<a name="IDX549"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_DASH</b>
-<a name="IDX559"></a>
+<a name="IDX550"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_HYPHEN</b>
-<a name="IDX560"></a>
+<a name="IDX551"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_PUNCTUATION</b>
-<a name="IDX561"></a>
+<a name="IDX552"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_LINE_SEPARATOR</b>
-<a name="IDX562"></a>
+<a name="IDX553"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_PARAGRAPH_SEPARATOR</b>
-<a name="IDX563"></a>
+<a name="IDX554"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_QUOTATION_MARK</b>
-<a name="IDX564"></a>
+<a name="IDX555"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_SENTENCE_TERMINAL</b>
-<a name="IDX565"></a>
+<a name="IDX556"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_TERMINAL_PUNCTUATION</b>
-<a name="IDX566"></a>
+<a name="IDX557"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_CURRENCY_SYMBOL</b>
-<a name="IDX567"></a>
+<a name="IDX558"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_MATH</b>
-<a name="IDX568"></a>
+<a name="IDX559"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_OTHER_MATH</b>
-<a name="IDX569"></a>
+<a name="IDX560"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_PAIRED_PUNCTUATION</b>
-<a name="IDX570"></a>
+<a name="IDX561"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_LEFT_OF_PAIR</b>
-<a name="IDX571"></a>
+<a name="IDX562"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_COMBINING</b>
-<a name="IDX572"></a>
+<a name="IDX563"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_COMPOSITE</b>
-<a name="IDX573"></a>
+<a name="IDX564"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_DECIMAL_DIGIT</b>
-<a name="IDX574"></a>
+<a name="IDX565"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_NUMERIC</b>
-<a name="IDX575"></a>
+<a name="IDX566"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_DIACRITIC</b>
-<a name="IDX576"></a>
+<a name="IDX567"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_EXTENDER</b>
-<a name="IDX577"></a>
+<a name="IDX568"></a>
 </dt>
 <dt><u>Constant:</u> uc_property_t <b>UC_PROPERTY_IGNORABLE_CONTROL</b>
-<a name="IDX578"></a>
+<a name="IDX569"></a>
 </dt>
 </dl>
 
@@ -1859,7 +1857,7 @@ memory allocation.  It is not an array type.
 </p>
 <dl>
 <dt><u>Function:</u> uc_property_t <b>uc_property_byname</b><i> (const char *<var>property_name</var>)</i>
-<a name="IDX579"></a>
+<a name="IDX570"></a>
 </dt>
 <dd><p>Returns the property given by name, e.g. <code>&quot;White space&quot;</code>.  If a property
 with the given name exists, the result will satisfy the
@@ -1877,7 +1875,7 @@ can significantly increase the size of your application.
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_property_is_valid</b><i> (uc_property_t property)</i>
-<a name="IDX580"></a>
+<a name="IDX571"></a>
 </dt>
 <dd><p>Returns <code>true</code> when the given property is valid, or <code>false</code>
 otherwise.
@@ -1887,51 +1885,51 @@ otherwise.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property</b><i> (ucs4_t <var>uc</var>, uc_property_t <var>property</var>)</i>
-<a name="IDX581"></a>
+<a name="IDX572"></a>
 </dt>
 <dd><p>Tests whether the Unicode character <var>uc</var> has the given property.
 </p></dd></dl>
 
 <hr size="6">
 <a name="Properties-as-functions"></a>
-<a name="SEC35"></a>
-<h3 class="subsection"> <a href="libunistring.html#TOC35">8.9.2 Properties as functions &ndash; the functional API</a> </h3>
+<a name="SEC48"></a>
+<h3 class="subsection"> <a href="libunistring.html#TOC48">8.9.2 Properties as functions &ndash; the functional API</a> </h3>
 
 <p>The following are general properties.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property_white_space</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX582"></a>
+<a name="IDX573"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_alphabetic</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX583"></a>
+<a name="IDX574"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_other_alphabetic</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX584"></a>
+<a name="IDX575"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_not_a_character</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX585"></a>
+<a name="IDX576"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_default_ignorable_code_point</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX586"></a>
+<a name="IDX577"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_other_default_ignorable_code_point</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX587"></a>
+<a name="IDX578"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_deprecated</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX588"></a>
+<a name="IDX579"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_logical_order_exception</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX589"></a>
+<a name="IDX580"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_variation_selector</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX590"></a>
+<a name="IDX581"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_private_use</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX591"></a>
+<a name="IDX582"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_unassigned_code_value</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX592"></a>
+<a name="IDX583"></a>
 </dt>
 </dl>
 
@@ -1939,43 +1937,43 @@ otherwise.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property_uppercase</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX593"></a>
+<a name="IDX584"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_other_uppercase</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX594"></a>
+<a name="IDX585"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_lowercase</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX595"></a>
+<a name="IDX586"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_other_lowercase</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX596"></a>
+<a name="IDX587"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_titlecase</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX597"></a>
+<a name="IDX588"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_cased</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX598"></a>
+<a name="IDX589"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_case_ignorable</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX599"></a>
+<a name="IDX590"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_changes_when_lowercased</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX600"></a>
+<a name="IDX591"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_changes_when_uppercased</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX601"></a>
+<a name="IDX592"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_changes_when_titlecased</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX602"></a>
+<a name="IDX593"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_changes_when_casefolded</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX603"></a>
+<a name="IDX594"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_changes_when_casemapped</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX604"></a>
+<a name="IDX595"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_soft_dotted</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX605"></a>
+<a name="IDX596"></a>
 </dt>
 </dl>
 
@@ -1983,28 +1981,28 @@ otherwise.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property_id_start</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX606"></a>
+<a name="IDX597"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_other_id_start</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX607"></a>
+<a name="IDX598"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_id_continue</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX608"></a>
+<a name="IDX599"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_other_id_continue</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX609"></a>
+<a name="IDX600"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_xid_start</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX610"></a>
+<a name="IDX601"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_xid_continue</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX611"></a>
+<a name="IDX602"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_pattern_white_space</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX612"></a>
+<a name="IDX603"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_pattern_syntax</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX613"></a>
+<a name="IDX604"></a>
 </dt>
 </dl>
 
@@ -2012,19 +2010,19 @@ otherwise.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property_join_control</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX614"></a>
+<a name="IDX605"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_grapheme_base</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX615"></a>
+<a name="IDX606"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_grapheme_extend</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX616"></a>
+<a name="IDX607"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_other_grapheme_extend</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX617"></a>
+<a name="IDX608"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_grapheme_link</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX618"></a>
+<a name="IDX609"></a>
 </dt>
 </dl>
 
@@ -2032,55 +2030,55 @@ otherwise.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_control</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX619"></a>
+<a name="IDX610"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_left_to_right</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX620"></a>
+<a name="IDX611"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_hebrew_right_to_left</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX621"></a>
+<a name="IDX612"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_arabic_right_to_left</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX622"></a>
+<a name="IDX613"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_european_digit</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX623"></a>
+<a name="IDX614"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_eur_num_separator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX624"></a>
+<a name="IDX615"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_eur_num_terminator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX625"></a>
+<a name="IDX616"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_arabic_digit</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX626"></a>
+<a name="IDX617"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_common_separator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX627"></a>
+<a name="IDX618"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_block_separator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX628"></a>
+<a name="IDX619"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_segment_separator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX629"></a>
+<a name="IDX620"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_whitespace</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX630"></a>
+<a name="IDX621"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_non_spacing_mark</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX631"></a>
+<a name="IDX622"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_boundary_neutral</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX632"></a>
+<a name="IDX623"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_pdf</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX633"></a>
+<a name="IDX624"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_embedding_or_override</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX634"></a>
+<a name="IDX625"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_bidi_other_neutral</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX635"></a>
+<a name="IDX626"></a>
 </dt>
 </dl>
 
@@ -2088,10 +2086,10 @@ otherwise.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property_hex_digit</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX636"></a>
+<a name="IDX627"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_ascii_hex_digit</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX637"></a>
+<a name="IDX628"></a>
 </dt>
 </dl>
 
@@ -2099,19 +2097,19 @@ otherwise.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property_ideographic</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX638"></a>
+<a name="IDX629"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_unified_ideograph</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX639"></a>
+<a name="IDX630"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_radical</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX640"></a>
+<a name="IDX631"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_ids_binary_operator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX641"></a>
+<a name="IDX632"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_ids_trinary_operator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX642"></a>
+<a name="IDX633"></a>
 </dt>
 </dl>
 
@@ -2119,86 +2117,86 @@ otherwise.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_property_zero_width</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX643"></a>
+<a name="IDX634"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_space</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX644"></a>
+<a name="IDX635"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_non_break</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX645"></a>
+<a name="IDX636"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_iso_control</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX646"></a>
+<a name="IDX637"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_format_control</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX647"></a>
+<a name="IDX638"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_dash</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX648"></a>
+<a name="IDX639"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_hyphen</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX649"></a>
+<a name="IDX640"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_punctuation</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX650"></a>
+<a name="IDX641"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_line_separator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX651"></a>
+<a name="IDX642"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_paragraph_separator</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX652"></a>
+<a name="IDX643"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_quotation_mark</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX653"></a>
+<a name="IDX644"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_sentence_terminal</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX654"></a>
+<a name="IDX645"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_terminal_punctuation</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX655"></a>
+<a name="IDX646"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_currency_symbol</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX656"></a>
+<a name="IDX647"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_math</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX657"></a>
+<a name="IDX648"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_other_math</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX658"></a>
+<a name="IDX649"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_paired_punctuation</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX659"></a>
+<a name="IDX650"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_left_of_pair</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX660"></a>
+<a name="IDX651"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_combining</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX661"></a>
+<a name="IDX652"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_composite</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX662"></a>
+<a name="IDX653"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_decimal_digit</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX663"></a>
+<a name="IDX654"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_numeric</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX664"></a>
+<a name="IDX655"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_diacritic</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX665"></a>
+<a name="IDX656"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_extender</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX666"></a>
+<a name="IDX657"></a>
 </dt>
 <dt><u>Function:</u> bool <b>uc_is_property_ignorable_control</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX667"></a>
+<a name="IDX658"></a>
 </dt>
 </dl>
 
 <hr size="6">
 <a name="Scripts"></a>
-<a name="SEC36"></a>
-<h2 class="section"> <a href="libunistring.html#TOC36">8.10 Scripts</a> </h2>
+<a name="SEC49"></a>
+<h2 class="section"> <a href="libunistring.html#TOC49">8.10 Scripts</a> </h2>
 
 <p>The Unicode characters are subdivided into scripts.
 </p>
@@ -2206,7 +2204,7 @@ otherwise.
 </p>
 <dl>
 <dt><u>Type:</u> <b>uc_script_t</b>
-<a name="IDX668"></a>
+<a name="IDX659"></a>
 </dt>
 <dd><p>This data type is a structure type that refers to statically allocated
 read-only data.  It contains the following fields:
@@ -2216,12 +2214,12 @@ read-only data.  It contains the following fields:
 <p>The <code>name</code> field contains the name of the script.
 </p></dd></dl>
 
-<a name="IDX669"></a>
+<a name="IDX660"></a>
 <p>The following functions look up a script.
 </p>
 <dl>
 <dt><u>Function:</u> const uc_script_t * <b>uc_script</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX670"></a>
+<a name="IDX661"></a>
 </dt>
 <dd><p>Returns the script of a Unicode character.  Returns NULL if <var>uc</var> does not
 belong to any script.
@@ -2229,7 +2227,7 @@ belong to any script.
 
 <dl>
 <dt><u>Function:</u> const uc_script_t * <b>uc_script_byname</b><i> (const char *<var>script_name</var>)</i>
-<a name="IDX671"></a>
+<a name="IDX662"></a>
 </dt>
 <dd><p>Returns the script given by its name, e.g. <code>&quot;HAN&quot;</code>.  Returns NULL if a
 script with the given name does not exist.
@@ -2239,7 +2237,7 @@ script with the given name does not exist.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_script</b><i> (ucs4_t <var>uc</var>, const uc_script_t *<var>script</var>)</i>
-<a name="IDX672"></a>
+<a name="IDX663"></a>
 </dt>
 <dd><p>Tests whether a Unicode character belongs to a given script.
 </p></dd></dl>
@@ -2248,7 +2246,7 @@ script with the given name does not exist.
 </p>
 <dl>
 <dt><u>Function:</u> void <b>uc_all_scripts</b><i> (const uc_script_t **<var>scripts</var>, size_t *<var>count</var>)</i>
-<a name="IDX673"></a>
+<a name="IDX664"></a>
 </dt>
 <dd><p>Get the list of all scripts.  Stores a pointer to an array of all scripts in
 <code>*<var>scripts</var></code> and the length of this array in <code>*<var>count</var></code>.
@@ -2256,8 +2254,8 @@ script with the given name does not exist.
 
 <hr size="6">
 <a name="Blocks"></a>
-<a name="SEC37"></a>
-<h2 class="section"> <a href="libunistring.html#TOC37">8.11 Blocks</a> </h2>
+<a name="SEC50"></a>
+<h2 class="section"> <a href="libunistring.html#TOC50">8.11 Blocks</a> </h2>
 
 <p>The Unicode characters are subdivided into blocks.  A block is an interval of
 Unicode code points.
@@ -2266,7 +2264,7 @@ Unicode code points.
 </p>
 <dl>
 <dt><u>Type:</u> <b>uc_block_t</b>
-<a name="IDX674"></a>
+<a name="IDX665"></a>
 </dt>
 <dd><p>This data type is a structure type that refers to statically allocated data.
 It contains the following fields:
@@ -2282,12 +2280,12 @@ const char *name;
 <p>The <code>name</code> field is the name of the block.
 </p></dd></dl>
 
-<a name="IDX675"></a>
+<a name="IDX666"></a>
 <p>The following function looks up a block.
 </p>
 <dl>
 <dt><u>Function:</u> const uc_block_t * <b>uc_block</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX676"></a>
+<a name="IDX667"></a>
 </dt>
 <dd><p>Returns the block a character belongs to.
 </p></dd></dl>
@@ -2296,7 +2294,7 @@ const char *name;
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_block</b><i> (ucs4_t <var>uc</var>, const uc_block_t *<var>block</var>)</i>
-<a name="IDX677"></a>
+<a name="IDX668"></a>
 </dt>
 <dd><p>Tests whether a Unicode character belongs to a given block.
 </p></dd></dl>
@@ -2305,7 +2303,7 @@ const char *name;
 </p>
 <dl>
 <dt><u>Function:</u> void <b>uc_all_blocks</b><i> (const uc_block_t **<var>blocks</var>, size_t *<var>count</var>)</i>
-<a name="IDX678"></a>
+<a name="IDX669"></a>
 </dt>
 <dd><p>Get the list of all blocks.  Stores a pointer to an array of all blocks in
 <code>*<var>blocks</var></code> and the length of this array in <code>*<var>count</var></code>.
@@ -2313,22 +2311,22 @@ const char *name;
 
 <hr size="6">
 <a name="ISO-C-and-Java-syntax"></a>
-<a name="SEC38"></a>
-<h2 class="section"> <a href="libunistring.html#TOC38">8.12 ISO C and Java syntax</a> </h2>
+<a name="SEC51"></a>
+<h2 class="section"> <a href="libunistring.html#TOC51">8.12 ISO C and Java syntax</a> </h2>
 
 <p>The following properties are taken from language standards.  The supported
 language standards are ISO C 99 and Java.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_c_whitespace</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX679"></a>
+<a name="IDX670"></a>
 </dt>
 <dd><p>Tests whether a Unicode character is considered whitespace in ISO C 99.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_java_whitespace</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX680"></a>
+<a name="IDX671"></a>
 </dt>
 <dd><p>Tests whether a Unicode character is considered whitespace in Java.
 </p></dd></dl>
@@ -2338,7 +2336,7 @@ language standards are ISO C 99 and Java.
 </p>
 <dl>
 <dt><u>Constant:</u> int <b>UC_IDENTIFIER_START</b>
-<a name="IDX681"></a>
+<a name="IDX672"></a>
 </dt>
 <dd><p>This return value means that the given character is valid as first or
 subsequent character in an identifier.
@@ -2346,7 +2344,7 @@ subsequent character in an identifier.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_IDENTIFIER_VALID</b>
-<a name="IDX682"></a>
+<a name="IDX673"></a>
 </dt>
 <dd><p>This return value means that the given character is valid as subsequent
 character only.
@@ -2354,14 +2352,14 @@ character only.
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_IDENTIFIER_INVALID</b>
-<a name="IDX683"></a>
+<a name="IDX674"></a>
 </dt>
 <dd><p>This return value means that the given character is not valid in an identifier.
 </p></dd></dl>
 
 <dl>
 <dt><u>Constant:</u> int <b>UC_IDENTIFIER_IGNORABLE</b>
-<a name="IDX684"></a>
+<a name="IDX675"></a>
 </dt>
 <dd><p>This return value (only for Java) means that the given character is ignorable.
 </p></dd></dl>
@@ -2369,19 +2367,19 @@ character only.
 <p>The following function determine whether a given character can be a constituent
 of an identifier in the given programming language.
 </p>
-<a name="IDX685"></a>
+<a name="IDX676"></a>
 <dl>
 <dt><u>Function:</u> int <b>uc_c_ident_category</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX686"></a>
+<a name="IDX677"></a>
 </dt>
 <dd><p>Returns the categorization of a Unicode character with respect to the ISO C 99
 identifier syntax.
 </p></dd></dl>
 
-<a name="IDX687"></a>
+<a name="IDX678"></a>
 <dl>
 <dt><u>Function:</u> int <b>uc_java_ident_category</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX688"></a>
+<a name="IDX679"></a>
 </dt>
 <dd><p>Returns the categorization of a Unicode character with respect to the Java
 identifier syntax.
@@ -2389,8 +2387,8 @@ identifier syntax.
 
 <hr size="6">
 <a name="Classifications-like-in-ISO-C"></a>
-<a name="SEC39"></a>
-<h2 class="section"> <a href="libunistring.html#TOC39">8.13 Classifications like in ISO C</a> </h2>
+<a name="SEC52"></a>
+<h2 class="section"> <a href="libunistring.html#TOC52">8.13 Classifications like in ISO C</a> </h2>
 
 <p>The following character classifications mimic those declared in the ISO C
 header files <code>&lt;ctype.h&gt;</code> and <code>&lt;wctype.h&gt;</code>.  These functions are
@@ -2401,7 +2399,7 @@ APIs to Unicode strings.
 </p>
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_alnum</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX689"></a>
+<a name="IDX680"></a>
 </dt>
 <dd><p>Tests for any character for which <code>uc_is_alpha</code> or <code>uc_is_digit</code> is
 true.
@@ -2409,7 +2407,7 @@ true.
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_alpha</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX690"></a>
+<a name="IDX681"></a>
 </dt>
 <dd><p>Tests for any character for which <code>uc_is_upper</code> or <code>uc_is_lower</code> is
 true, or any character that is one of a locale-specific set of characters for
@@ -2419,21 +2417,21 @@ which none of <code>uc_is_cntrl</code>, <code>uc_is_digit</code>, <code>uc_is_pu
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_cntrl</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX691"></a>
+<a name="IDX682"></a>
 </dt>
 <dd><p>Tests for any control character.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_digit</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX692"></a>
+<a name="IDX683"></a>
 </dt>
 <dd><p>Tests for any character that corresponds to a decimal-digit character.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_graph</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX693"></a>
+<a name="IDX684"></a>
 </dt>
 <dd><p>Tests for any character for which <code>uc_is_print</code> is true and
 <code>uc_is_space</code> is false.
@@ -2441,7 +2439,7 @@ which none of <code>uc_is_cntrl</code>, <code>uc_is_digit</code>, <code>uc_is_pu
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_lower</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX694"></a>
+<a name="IDX685"></a>
 </dt>
 <dd><p>Tests for any character that corresponds to a lowercase letter or is one
 of a locale-specific set of characters for which none of <code>uc_is_cntrl</code>,
@@ -2450,14 +2448,14 @@ of a locale-specific set of characters for which none of <code>uc_is_cntrl</code
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_print</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX695"></a>
+<a name="IDX686"></a>
 </dt>
 <dd><p>Tests for any printing character.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_punct</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX696"></a>
+<a name="IDX687"></a>
 </dt>
 <dd><p>Tests for any printing character that is one of a locale-specific set of
 characters for which neither <code>uc_is_space</code> nor <code>uc_is_alnum</code> is true.
@@ -2465,7 +2463,7 @@ characters for which neither <code>uc_is_space</code> nor <code>uc_is_alnum</cod
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_space</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX697"></a>
+<a name="IDX688"></a>
 </dt>
 <dd><p>Test for any character that corresponds to a locale-specific set of characters
 for which none of <code>uc_is_alnum</code>, <code>uc_is_graph</code>, or <code>uc_is_punct</code>
@@ -2474,7 +2472,7 @@ is true.
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_upper</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX698"></a>
+<a name="IDX689"></a>
 </dt>
 <dd><p>Tests for any character that corresponds to an uppercase letter or is one
 of a locale-specific set of characters for which none of <code>uc_is_cntrl</code>,
@@ -2483,22 +2481,22 @@ of a locale-specific set of characters for which none of <code>uc_is_cntrl</code
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_xdigit</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX699"></a>
+<a name="IDX690"></a>
 </dt>
 <dd><p>Tests for any character that corresponds to a hexadecimal-digit character.
 </p></dd></dl>
 
 <dl>
 <dt><u>Function:</u> bool <b>uc_is_blank</b><i> (ucs4_t <var>uc</var>)</i>
-<a name="IDX700"></a>
+<a name="IDX691"></a>
 </dt>
 <dd><p>Tests for any character that corresponds to a standard blank character or
 a locale-specific set of characters for which <code>uc_is_alnum</code> is false.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="#SEC20" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_9.html#SEC40" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="#SEC33" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_9.html#SEC53" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -2506,12 +2504,12 @@ a locale-specific set of characters for which <code>uc_is_alnum</code> is false.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_9.html b/msys2/usr/share/doc/libunistring/libunistring_9.html
index a4a607a47..ac653db61 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_9.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_9.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -42,8 +42,8 @@ ul.toc {list-style: none}
 <body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
 
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_8.html#SEC20" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_10.html#SEC41" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_8.html#SEC33" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_10.html#SEC54" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -51,20 +51,20 @@ ul.toc {list-style: none}
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 
 <hr size="2">
 <a name="uniwidth_002eh"></a>
-<a name="SEC40"></a>
-<h1 class="chapter"> <a href="libunistring.html#TOC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a> </h1>
+<a name="SEC53"></a>
+<h1 class="chapter"> <a href="libunistring.html#TOC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a> </h1>
 
 <p>This include file declares functions that return the display width, measured
 in columns, of characters or strings, when output to a device that uses
 non-proportional fonts.
 </p>
-<a name="IDX701"></a>
+<a name="IDX692"></a>
 <p>Note that for some rarely used characters the actual fonts or terminal
 emulators can use a different width.  There is no mechanism for communicating
 the display width of characters across a Unix pseudo-terminal (tty).  Also,
@@ -76,12 +76,12 @@ most characters but can fail to represent the actual display width.
 <p>These functions are locale dependent.  The <var>encoding</var> argument identifies
 the encoding (e.g. <code>&quot;ISO-8859-2&quot;</code> for Polish).
 </p>
-<a name="IDX702"></a>
-<a name="IDX703"></a>
-<a name="IDX704"></a>
+<a name="IDX693"></a>
+<a name="IDX694"></a>
+<a name="IDX695"></a>
 <dl>
 <dt><u>Function:</u> int <b>uc_width</b><i> (ucs4_t <var>uc</var>, const char *<var>encoding</var>)</i>
-<a name="IDX705"></a>
+<a name="IDX696"></a>
 </dt>
 <dd><p>Determines and returns the number of column positions required for <var>uc</var>.
 Returns -1 if <var>uc</var> is a control character that has an influence on the
@@ -90,13 +90,13 @@ column position when output.
 
 <dl>
 <dt><u>Function:</u> int <b>u8_width</b><i> (const uint8_t *<var>s</var>, size_t <var>n</var>, const char *<var>encoding</var>)</i>
-<a name="IDX706"></a>
+<a name="IDX697"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_width</b><i> (const uint16_t *<var>s</var>, size_t <var>n</var>, const char *<var>encoding</var>)</i>
-<a name="IDX707"></a>
+<a name="IDX698"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_width</b><i> (const uint32_t *<var>s</var>, size_t <var>n</var>, const char *<var>encoding</var>)</i>
-<a name="IDX708"></a>
+<a name="IDX699"></a>
 </dt>
 <dd><p>Determines and returns the number of column positions required for first
 <var>n</var> units (or fewer if <var>s</var> ends before this) in <var>s</var>.  This
@@ -105,21 +105,21 @@ function ignores control characters in the string.
 
 <dl>
 <dt><u>Function:</u> int <b>u8_strwidth</b><i> (const uint8_t *<var>s</var>, const char *<var>encoding</var>)</i>
-<a name="IDX709"></a>
+<a name="IDX700"></a>
 </dt>
 <dt><u>Function:</u> int <b>u16_strwidth</b><i> (const uint16_t *<var>s</var>, const char *<var>encoding</var>)</i>
-<a name="IDX710"></a>
+<a name="IDX701"></a>
 </dt>
 <dt><u>Function:</u> int <b>u32_strwidth</b><i> (const uint32_t *<var>s</var>, const char *<var>encoding</var>)</i>
-<a name="IDX711"></a>
+<a name="IDX702"></a>
 </dt>
 <dd><p>Determines and returns the number of column positions required for <var>s</var>.
 This function ignores control characters in the string.
 </p></dd></dl>
 <hr size="6">
 <table cellpadding="1" cellspacing="1" border="0">
-<tr><td valign="middle" align="left">[<a href="libunistring_8.html#SEC20" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_10.html#SEC41" title="Next chapter"> &gt;&gt; </a>]</td>
+<tr><td valign="middle" align="left">[<a href="libunistring_8.html#SEC33" title="Beginning of this chapter or previous chapter"> &lt;&lt; </a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_10.html#SEC54" title="Next chapter"> &gt;&gt; </a>]</td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left"> &nbsp; </td>
@@ -127,12 +127,12 @@ This function ignores control characters in the string.
 <td valign="middle" align="left"> &nbsp; </td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_abt.html b/msys2/usr/share/doc/libunistring/libunistring_abt.html
index febf71980..924f37c9c 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_abt.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_abt.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -45,12 +45,12 @@ ul.toc {list-style: none}
 <table cellpadding="1" cellspacing="1" border="0">
 <tr><td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <h1>About This Document</h1>
 <p>
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
 </p>
 <p>
   The buttons in the navigation panels have the following meaning:
@@ -153,12 +153,12 @@ ul.toc {list-style: none}
 <table cellpadding="1" cellspacing="1" border="0">
 <tr><td valign="middle" align="left">[<a href="libunistring.html#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring.html#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/libunistring/libunistring_toc.html b/msys2/usr/share/doc/libunistring/libunistring_toc.html
index 54e23b565..7b007395f 100644
--- a/msys2/usr/share/doc/libunistring/libunistring_toc.html
+++ b/msys2/usr/share/doc/libunistring/libunistring_toc.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
 <html>
-<!-- Created on December, 2 2016 by texi2html 1.78a -->
+<!-- Created on May, 25 2018 by texi2html 1.78a -->
 <!--
 Written by: Lionel Cons <Lionel.Cons@cern.ch> (original author)
             Karl Berry  <karl@freefriends.org>
@@ -44,7 +44,7 @@ ul.toc {list-style: none}
 <table cellpadding="1" cellspacing="1" border="0">
 <tr><td valign="middle" align="left">[<a href="#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <h1 class="settitle">GNU libunistring</h1>
@@ -60,95 +60,114 @@ ul.toc {list-style: none}
     <li><a name="TOC4" href="libunistring_1.html#SEC4">1.3 Locale encodings</a></li>
     <li><a name="TOC5" href="libunistring_1.html#SEC5">1.4 Choice of in-memory representation of strings</a></li>
     <li><a name="TOC6" href="libunistring_1.html#SEC6">1.5 &lsquo;<samp>char *</samp>&rsquo; strings</a></li>
-    <li><a name="TOC7" href="libunistring_1.html#SEC7">1.6 The <code>wchar_t</code> mess</a></li>
-    <li><a name="TOC8" href="libunistring_1.html#SEC8">1.7 Unicode strings</a></li>
+    <li><a name="TOC7" href="libunistring_1.html#SEC7">1.6 Unicode strings</a></li>
   </ul></li>
-  <li><a name="TOC9" href="libunistring_2.html#SEC9">2. Conventions</a></li>
-  <li><a name="TOC10" href="libunistring_3.html#SEC10">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></li>
-  <li><a name="TOC11" href="libunistring_4.html#SEC11">4. Elementary Unicode string functions <code>&lt;unistr.h&gt;</code></a>
+  <li><a name="TOC8" href="libunistring_2.html#SEC8">2. Conventions</a></li>
+  <li><a name="TOC9" href="libunistring_3.html#SEC9">3. Elementary types <code>&lt;unitypes.h&gt;</code></a></li>
+  <li><a name="TOC10" href="libunistring_4.html#SEC10">4. Elementary Unicode string functions <code>&lt;unistr.h&gt;</code></a>
   <ul class="toc">
-    <li><a name="TOC12" href="libunistring_4.html#SEC12">4.1 Elementary string checks</a></li>
-    <li><a name="TOC13" href="libunistring_4.html#SEC13">4.2 Elementary string conversions</a></li>
-    <li><a name="TOC14" href="libunistring_4.html#SEC14">4.3 Elementary string functions</a></li>
-    <li><a name="TOC15" href="libunistring_4.html#SEC15">4.4 Elementary string functions with memory allocation</a></li>
-    <li><a name="TOC16" href="libunistring_4.html#SEC16">4.5 Elementary string functions on NUL terminated strings</a></li>
-  </ul></li>
-  <li><a name="TOC17" href="libunistring_5.html#SEC17">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></li>
-  <li><a name="TOC18" href="libunistring_6.html#SEC18">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></li>
-  <li><a name="TOC19" href="libunistring_7.html#SEC19">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a></li>
-  <li><a name="TOC20" href="libunistring_8.html#SEC20">8. Unicode character classification and properties <code>&lt;unictype.h&gt;</code></a>
-  <ul class="toc">
-    <li><a name="TOC21" href="libunistring_8.html#SEC21">8.1 General category</a>
+    <li><a name="TOC11" href="libunistring_4.html#SEC11">4.1 Elementary string checks</a></li>
+    <li><a name="TOC12" href="libunistring_4.html#SEC12">4.2 Elementary string conversions</a></li>
+    <li><a name="TOC13" href="libunistring_4.html#SEC13">4.3 Elementary string functions</a>
     <ul class="toc">
-      <li><a name="TOC22" href="libunistring_8.html#SEC22">8.1.1 The object oriented API for general category</a></li>
-      <li><a name="TOC23" href="libunistring_8.html#SEC23">8.1.2 The bit mask API for general category</a></li>
+      <li><a name="TOC14" href="libunistring_4.html#SEC14">4.3.1 Iterating over a Unicode string</a></li>
+      <li><a name="TOC15" href="libunistring_4.html#SEC15">4.3.2 Creating Unicode strings one character at a time</a></li>
+      <li><a name="TOC16" href="libunistring_4.html#SEC16">4.3.3 Copying Unicode strings</a></li>
+      <li><a name="TOC17" href="libunistring_4.html#SEC17">4.3.4 Comparing Unicode strings</a></li>
+      <li><a name="TOC18" href="libunistring_4.html#SEC18">4.3.5 Searching for a character in a Unicode string</a></li>
+      <li><a name="TOC19" href="libunistring_4.html#SEC19">4.3.6 Counting the characters in a Unicode string</a></li>
     </ul></li>
-    <li><a name="TOC24" href="libunistring_8.html#SEC24">8.2 Canonical combining class</a></li>
-    <li><a name="TOC25" href="libunistring_8.html#SEC25">8.3 Bidi class</a></li>
-    <li><a name="TOC26" href="libunistring_8.html#SEC26">8.4 Decimal digit value</a></li>
-    <li><a name="TOC27" href="libunistring_8.html#SEC27">8.5 Digit value</a></li>
-    <li><a name="TOC28" href="libunistring_8.html#SEC28">8.6 Numeric value</a></li>
-    <li><a name="TOC29" href="libunistring_8.html#SEC29">8.7 Mirrored character</a></li>
-    <li><a name="TOC30" href="libunistring_8.html#SEC30">8.8 Arabic shaping</a>
+    <li><a name="TOC20" href="libunistring_4.html#SEC20">4.4 Elementary string functions with memory allocation</a></li>
+    <li><a name="TOC21" href="libunistring_4.html#SEC21">4.5 Elementary string functions on NUL terminated strings</a>
     <ul class="toc">
-      <li><a name="TOC31" href="libunistring_8.html#SEC31">8.8.1 Joining type of Arabic characters</a></li>
-      <li><a name="TOC32" href="libunistring_8.html#SEC32">8.8.2 Joining group of Arabic characters</a></li>
-    </ul></li>
-    <li><a name="TOC33" href="libunistring_8.html#SEC33">8.9 Properties</a>
+      <li><a name="TOC22" href="libunistring_4.html#SEC22">4.5.1 Iterating over a NUL terminated Unicode string</a></li>
+      <li><a name="TOC23" href="libunistring_4.html#SEC23">4.5.2 Length of a NUL terminated Unicode string</a></li>
+      <li><a name="TOC24" href="libunistring_4.html#SEC24">4.5.3 Copying a NUL terminated Unicode string</a></li>
+      <li><a name="TOC25" href="libunistring_4.html#SEC25">4.5.4 Comparing NUL terminated Unicode strings</a></li>
+      <li><a name="TOC26" href="libunistring_4.html#SEC26">4.5.5 Duplicating a NUL terminated Unicode string</a></li>
+      <li><a name="TOC27" href="libunistring_4.html#SEC27">4.5.6 Searching for a character in a NUL terminated Unicode string</a></li>
+      <li><a name="TOC28" href="libunistring_4.html#SEC28">4.5.7 Searching for a substring in a NUL terminated Unicode string</a></li>
+      <li><a name="TOC29" href="libunistring_4.html#SEC29">4.5.8 Tokenizing a NUL terminated Unicode string</a></li>
+    </ul>
+</li>
+  </ul></li>
+  <li><a name="TOC30" href="libunistring_5.html#SEC30">5. Conversions between Unicode and encodings <code>&lt;uniconv.h&gt;</code></a></li>
+  <li><a name="TOC31" href="libunistring_6.html#SEC31">6. Output with Unicode strings <code>&lt;unistdio.h&gt;</code></a></li>
+  <li><a name="TOC32" href="libunistring_7.html#SEC32">7. Names of Unicode characters <code>&lt;uniname.h&gt;</code></a></li>
+  <li><a name="TOC33" href="libunistring_8.html#SEC33">8. Unicode character classification and properties <code>&lt;unictype.h&gt;</code></a>
+  <ul class="toc">
+    <li><a name="TOC34" href="libunistring_8.html#SEC34">8.1 General category</a>
     <ul class="toc">
-      <li><a name="TOC34" href="libunistring_8.html#SEC34">8.9.1 Properties as objects &ndash; the object oriented API</a></li>
-      <li><a name="TOC35" href="libunistring_8.html#SEC35">8.9.2 Properties as functions &ndash; the functional API</a></li>
+      <li><a name="TOC35" href="libunistring_8.html#SEC35">8.1.1 The object oriented API for general category</a></li>
+      <li><a name="TOC36" href="libunistring_8.html#SEC36">8.1.2 The bit mask API for general category</a></li>
     </ul></li>
-    <li><a name="TOC36" href="libunistring_8.html#SEC36">8.10 Scripts</a></li>
-    <li><a name="TOC37" href="libunistring_8.html#SEC37">8.11 Blocks</a></li>
-    <li><a name="TOC38" href="libunistring_8.html#SEC38">8.12 ISO C and Java syntax</a></li>
-    <li><a name="TOC39" href="libunistring_8.html#SEC39">8.13 Classifications like in ISO C</a></li>
+    <li><a name="TOC37" href="libunistring_8.html#SEC37">8.2 Canonical combining class</a></li>
+    <li><a name="TOC38" href="libunistring_8.html#SEC38">8.3 Bidi class</a></li>
+    <li><a name="TOC39" href="libunistring_8.html#SEC39">8.4 Decimal digit value</a></li>
+    <li><a name="TOC40" href="libunistring_8.html#SEC40">8.5 Digit value</a></li>
+    <li><a name="TOC41" href="libunistring_8.html#SEC41">8.6 Numeric value</a></li>
+    <li><a name="TOC42" href="libunistring_8.html#SEC42">8.7 Mirrored character</a></li>
+    <li><a name="TOC43" href="libunistring_8.html#SEC43">8.8 Arabic shaping</a>
+    <ul class="toc">
+      <li><a name="TOC44" href="libunistring_8.html#SEC44">8.8.1 Joining type of Arabic characters</a></li>
+      <li><a name="TOC45" href="libunistring_8.html#SEC45">8.8.2 Joining group of Arabic characters</a></li>
+    </ul></li>
+    <li><a name="TOC46" href="libunistring_8.html#SEC46">8.9 Properties</a>
+    <ul class="toc">
+      <li><a name="TOC47" href="libunistring_8.html#SEC47">8.9.1 Properties as objects &ndash; the object oriented API</a></li>
+      <li><a name="TOC48" href="libunistring_8.html#SEC48">8.9.2 Properties as functions &ndash; the functional API</a></li>
+    </ul></li>
+    <li><a name="TOC49" href="libunistring_8.html#SEC49">8.10 Scripts</a></li>
+    <li><a name="TOC50" href="libunistring_8.html#SEC50">8.11 Blocks</a></li>
+    <li><a name="TOC51" href="libunistring_8.html#SEC51">8.12 ISO C and Java syntax</a></li>
+    <li><a name="TOC52" href="libunistring_8.html#SEC52">8.13 Classifications like in ISO C</a></li>
   </ul></li>
-  <li><a name="TOC40" href="libunistring_9.html#SEC40">9. Display width <code>&lt;uniwidth.h&gt;</code></a></li>
-  <li><a name="TOC41" href="libunistring_10.html#SEC41">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a>
+  <li><a name="TOC53" href="libunistring_9.html#SEC53">9. Display width <code>&lt;uniwidth.h&gt;</code></a></li>
+  <li><a name="TOC54" href="libunistring_10.html#SEC54">10. Grapheme cluster breaks in strings <code>&lt;unigbrk.h&gt;</code></a>
   <ul class="toc">
-    <li><a name="TOC42" href="libunistring_10.html#SEC42">10.1 Grapheme cluster breaks in a string</a></li>
-    <li><a name="TOC43" href="libunistring_10.html#SEC43">10.2 Grapheme cluster break property</a></li>
+    <li><a name="TOC55" href="libunistring_10.html#SEC55">10.1 Grapheme cluster breaks in a string</a></li>
+    <li><a name="TOC56" href="libunistring_10.html#SEC56">10.2 Grapheme cluster break property</a></li>
   </ul></li>
-  <li><a name="TOC44" href="libunistring_11.html#SEC44">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a>
+  <li><a name="TOC57" href="libunistring_11.html#SEC57">11. Word breaks in strings <code>&lt;uniwbrk.h&gt;</code></a>
   <ul class="toc">
-    <li><a name="TOC45" href="libunistring_11.html#SEC45">11.1 Word breaks in a string</a></li>
-    <li><a name="TOC46" href="libunistring_11.html#SEC46">11.2 Word break property</a></li>
+    <li><a name="TOC58" href="libunistring_11.html#SEC58">11.1 Word breaks in a string</a></li>
+    <li><a name="TOC59" href="libunistring_11.html#SEC59">11.2 Word break property</a></li>
   </ul></li>
-  <li><a name="TOC47" href="libunistring_12.html#SEC47">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></li>
-  <li><a name="TOC48" href="libunistring_13.html#SEC48">13. Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a>
+  <li><a name="TOC60" href="libunistring_12.html#SEC60">12. Line breaking <code>&lt;unilbrk.h&gt;</code></a></li>
+  <li><a name="TOC61" href="libunistring_13.html#SEC61">13. Normalization forms (composition and decomposition) <code>&lt;uninorm.h&gt;</code></a>
   <ul class="toc">
-    <li><a name="TOC49" href="libunistring_13.html#SEC49">13.1 Decomposition of Unicode characters</a></li>
-    <li><a name="TOC50" href="libunistring_13.html#SEC50">13.2 Composition of Unicode characters</a></li>
-    <li><a name="TOC51" href="libunistring_13.html#SEC51">13.3 Normalization of strings</a></li>
-    <li><a name="TOC52" href="libunistring_13.html#SEC52">13.4 Normalizing comparisons</a></li>
-    <li><a name="TOC53" href="libunistring_13.html#SEC53">13.5 Normalization of streams of Unicode characters</a></li>
+    <li><a name="TOC62" href="libunistring_13.html#SEC62">13.1 Decomposition of Unicode characters</a></li>
+    <li><a name="TOC63" href="libunistring_13.html#SEC63">13.2 Composition of Unicode characters</a></li>
+    <li><a name="TOC64" href="libunistring_13.html#SEC64">13.3 Normalization of strings</a></li>
+    <li><a name="TOC65" href="libunistring_13.html#SEC65">13.4 Normalizing comparisons</a></li>
+    <li><a name="TOC66" href="libunistring_13.html#SEC66">13.5 Normalization of streams of Unicode characters</a></li>
   </ul></li>
-  <li><a name="TOC54" href="libunistring_14.html#SEC54">14. Case mappings <code>&lt;unicase.h&gt;</code></a>
+  <li><a name="TOC67" href="libunistring_14.html#SEC67">14. Case mappings <code>&lt;unicase.h&gt;</code></a>
   <ul class="toc">
-    <li><a name="TOC55" href="libunistring_14.html#SEC55">14.1 Case mappings of characters</a></li>
-    <li><a name="TOC56" href="libunistring_14.html#SEC56">14.2 Case mappings of strings</a></li>
-    <li><a name="TOC57" href="libunistring_14.html#SEC57">14.3 Case mappings of substrings</a></li>
-    <li><a name="TOC58" href="libunistring_14.html#SEC58">14.4 Case insensitive comparison</a></li>
-    <li><a name="TOC59" href="libunistring_14.html#SEC59">14.5 Case detection</a></li>
+    <li><a name="TOC68" href="libunistring_14.html#SEC68">14.1 Case mappings of characters</a></li>
+    <li><a name="TOC69" href="libunistring_14.html#SEC69">14.2 Case mappings of strings</a></li>
+    <li><a name="TOC70" href="libunistring_14.html#SEC70">14.3 Case mappings of substrings</a></li>
+    <li><a name="TOC71" href="libunistring_14.html#SEC71">14.4 Case insensitive comparison</a></li>
+    <li><a name="TOC72" href="libunistring_14.html#SEC72">14.5 Case detection</a></li>
   </ul></li>
-  <li><a name="TOC60" href="libunistring_15.html#SEC60">15. Regular expressions <code>&lt;uniregex.h&gt;</code></a></li>
-  <li><a name="TOC61" href="libunistring_16.html#SEC61">16. Using the library</a>
+  <li><a name="TOC73" href="libunistring_15.html#SEC73">15. Regular expressions <code>&lt;uniregex.h&gt;</code></a></li>
+  <li><a name="TOC74" href="libunistring_16.html#SEC74">16. Using the library</a>
   <ul class="toc">
-    <li><a name="TOC62" href="libunistring_16.html#SEC62">16.1 Installation</a></li>
-    <li><a name="TOC63" href="libunistring_16.html#SEC63">16.2 Compiler options</a></li>
-    <li><a name="TOC64" href="libunistring_16.html#SEC64">16.3 Include files</a></li>
-    <li><a name="TOC65" href="libunistring_16.html#SEC65">16.4 Autoconf macro</a></li>
-    <li><a name="TOC66" href="libunistring_16.html#SEC66">16.5 Reporting problems</a></li>
+    <li><a name="TOC75" href="libunistring_16.html#SEC75">16.1 Installation</a></li>
+    <li><a name="TOC76" href="libunistring_16.html#SEC76">16.2 Compiler options</a></li>
+    <li><a name="TOC77" href="libunistring_16.html#SEC77">16.3 Include files</a></li>
+    <li><a name="TOC78" href="libunistring_16.html#SEC78">16.4 Autoconf macro</a></li>
+    <li><a name="TOC79" href="libunistring_16.html#SEC79">16.5 Reporting problems</a></li>
   </ul></li>
-  <li><a name="TOC67" href="libunistring_17.html#SEC67">17. More advanced functionality</a></li>
-  <li><a name="TOC68" href="libunistring_18.html#SEC68">A. Licenses</a>
+  <li><a name="TOC80" href="libunistring_17.html#SEC80">17. More advanced functionality</a></li>
+  <li><a name="TOC81" href="libunistring_18.html#SEC81">A. The <code>wchar_t</code> mess</a></li>
+  <li><a name="TOC82" href="libunistring_19.html#SEC82">B. Licenses</a>
   <ul class="toc">
-    <li><a name="TOC69" href="libunistring_18.html#SEC69">A.1 GNU GENERAL PUBLIC LICENSE</a></li>
-    <li><a name="TOC70" href="libunistring_18.html#SEC74">A.2 GNU LESSER GENERAL PUBLIC LICENSE</a></li>
-    <li><a name="TOC71" href="libunistring_18.html#SEC75">A.3 GNU Free Documentation License</a></li>
+    <li><a name="TOC83" href="libunistring_19.html#SEC83">B.1 GNU GENERAL PUBLIC LICENSE</a></li>
+    <li><a name="TOC84" href="libunistring_19.html#SEC88">B.2 GNU LESSER GENERAL PUBLIC LICENSE</a></li>
+    <li><a name="TOC85" href="libunistring_19.html#SEC89">B.3 GNU Free Documentation License</a></li>
   </ul></li>
-  <li><a name="TOC72" href="libunistring_19.html#SEC77">Index</a></li>
+  <li><a name="TOC86" href="libunistring_20.html#SEC91">Index</a></li>
 </ul>
 </div>
 
@@ -160,12 +179,12 @@ ul.toc {list-style: none}
 <table cellpadding="1" cellspacing="1" border="0">
 <tr><td valign="middle" align="left">[<a href="#SEC_Top" title="Cover (top) of document">Top</a>]</td>
 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
-<td valign="middle" align="left">[<a href="libunistring_19.html#SEC77" title="Index">Index</a>]</td>
+<td valign="middle" align="left">[<a href="libunistring_20.html#SEC91" title="Index">Index</a>]</td>
 <td valign="middle" align="left">[<a href="libunistring_abt.html#SEC_About" title="About (help)"> ? </a>]</td>
 </tr></table>
 <p>
  <font size="-1">
-  This document was generated by <em>Daiki Ueno</em> on <em>December, 2 2016</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
+  This document was generated by <em>Daiki Ueno</em> on <em>May, 25 2018</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.78a</em></a>.
  </font>
  <br>
 
diff --git a/msys2/usr/share/doc/mpfr/AUTHORS b/msys2/usr/share/doc/mpfr/AUTHORS
index 57fc9554d..519853701 100644
--- a/msys2/usr/share/doc/mpfr/AUTHORS
+++ b/msys2/usr/share/doc/mpfr/AUTHORS
@@ -18,9 +18,9 @@ Damien Stehlé           Function mpfr_get_ld_2exp
 Philippe Théveny        Main author
 Sylvain Chevillard      Original version of ai.c
 Charles Karney          mpfr_nrandom and mpfr_erandom functions
-Fredrik Johannsson      New version of mpfr_const_euler
+Fredrik Johansson       New version of mpfr_const_euler
 Mickaël Gastineau       MPFRbench program
 
 The main authors are included in the MPFR mailing-list <mpfr@inria.fr>.
 This is the preferred way to contact us. For further information, please
-look at the MPFR web page <http://www.mpfr.org/>.
+look at the MPFR web page <https://www.mpfr.org/>.
diff --git a/msys2/usr/share/doc/mpfr/BUGS b/msys2/usr/share/doc/mpfr/BUGS
index 10358870c..a30dcb968 100644
--- a/msys2/usr/share/doc/mpfr/BUGS
+++ b/msys2/usr/share/doc/mpfr/BUGS
@@ -1,4 +1,4 @@
-Copyright 1999, 2001-2018 Free Software Foundation, Inc.
+Copyright 1999, 2001-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -15,7 +15,7 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 
 ##############################################################################
diff --git a/msys2/usr/share/doc/mpfr/COPYING b/msys2/usr/share/doc/mpfr/COPYING
index 94a9ed024..f288702d2 100644
--- a/msys2/usr/share/doc/mpfr/COPYING
+++ b/msys2/usr/share/doc/mpfr/COPYING
@@ -1,7 +1,7 @@
                     GNU GENERAL PUBLIC LICENSE
                        Version 3, 29 June 2007
 
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
 
@@ -645,7 +645,7 @@ the "copyright" line and a pointer to where the full notice is found.
     GNU General Public License for more details.
 
     You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 Also add information on how to contact you by electronic and paper mail.
 
@@ -664,11 +664,11 @@ might be different; for a GUI interface, you would use an "about box".
   You should also get your employer (if you work as a programmer) or school,
 if any, to sign a "copyright disclaimer" for the program, if necessary.
 For more information on this, and how to apply and follow the GNU GPL, see
-<http://www.gnu.org/licenses/>.
+<https://www.gnu.org/licenses/>.
 
   The GNU General Public License does not permit incorporating your program
 into proprietary programs.  If your program is a subroutine library, you
 may consider it more useful to permit linking proprietary applications with
 the library.  If this is what you want to do, use the GNU Lesser General
 Public License instead of this License.  But first, please read
-<http://www.gnu.org/philosophy/why-not-lgpl.html>.
+<https://www.gnu.org/licenses/why-not-lgpl.html>.
diff --git a/msys2/usr/share/doc/mpfr/COPYING.LESSER b/msys2/usr/share/doc/mpfr/COPYING.LESSER
index fc8a5de7e..0a041280b 100644
--- a/msys2/usr/share/doc/mpfr/COPYING.LESSER
+++ b/msys2/usr/share/doc/mpfr/COPYING.LESSER
@@ -1,7 +1,7 @@
-		   GNU LESSER GENERAL PUBLIC LICENSE
+                   GNU LESSER GENERAL PUBLIC LICENSE
                        Version 3, 29 June 2007
 
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
 
@@ -10,7 +10,7 @@
 the terms and conditions of version 3 of the GNU General Public
 License, supplemented by the additional permissions listed below.
 
-  0. Additional Definitions. 
+  0. Additional Definitions.
 
   As used herein, "this License" refers to version 3 of the GNU Lesser
 General Public License, and the "GNU GPL" refers to version 3 of the GNU
@@ -111,7 +111,7 @@ the following:
        a copy of the Library already present on the user's computer
        system, and (b) will operate properly with a modified version
        of the Library that is interface-compatible with the Linked
-       Version. 
+       Version.
 
    e) Provide Installation Information, but only if you would otherwise
    be required to provide such information under section 6 of the
diff --git a/msys2/usr/share/doc/mpfr/FAQ.html b/msys2/usr/share/doc/mpfr/FAQ.html
index 5932503fa..464058c66 100644
--- a/msys2/usr/share/doc/mpfr/FAQ.html
+++ b/msys2/usr/share/doc/mpfr/FAQ.html
@@ -2,7 +2,7 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 <!--
-Copyright 2000-2018 Free Software Foundation, Inc.
+Copyright 2000-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -19,7 +19,7 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 -->
 
@@ -78,6 +78,8 @@ li > p, dd > p
   margin-left: 2em;
 }
 
+.highlight { background: #dddddd }
+
 .nowrap { white-space: nowrap }
 
 /*
@@ -118,7 +120,7 @@ var.env { font-style: normal }
 bugs page.</strong></p>
 
 <p>The latest version of this <acronym>FAQ</acronym> is available at
-<a href="http://www.mpfr.org/faq.html">http://www.mpfr.org/faq.html</a>.
+<a href="https://www.mpfr.org/faq.html">https://www.mpfr.org/faq.html</a>.
 Please look at this version if possible.</p>
 
 <ol>
@@ -351,7 +353,7 @@ publication, please cite the
 <acronym title="Transactions on Mathematical Software">TOMS</acronym>
 paper</a>
 and/or the library web page
-<a href="http://www.mpfr.org/">http://www.mpfr.org</a>. If your publication
+<a href="https://www.mpfr.org/">https://www.mpfr.org</a>. If your publication
 is related to a particular release of <cite><acronym>MPFR</acronym></cite>,
 for example if you report timings, please also indicate the release number
 for future reference.</p></dd>
diff --git a/msys2/usr/share/doc/mpfr/NEWS b/msys2/usr/share/doc/mpfr/NEWS
index 154ed6a1e..7dcf5996d 100644
--- a/msys2/usr/share/doc/mpfr/NEWS
+++ b/msys2/usr/share/doc/mpfr/NEWS
@@ -1,4 +1,4 @@
-Copyright 2000-2018 Free Software Foundation, Inc.
+Copyright 2000-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -15,11 +15,20 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 
 ##############################################################################
 
+Changes from version 4.0.1 to version 4.0.2:
+- Corrected minimal GMP version in the INSTALL file and the MPFR manual.
+- Option -pedantic is now always removed from __GMP_CFLAGS (see INSTALL).
+- Shared caches: cleanup; really detect lock failures (abort in this case).
+- Improved MPFR manual. In particular, corrected/completed the
+  mpfr_get_str description in order to follow the historical behavior
+  and GMP's mpf_get_str function.
+- Bug fixes (see ChangeLog file).
+
 Changes from version 4.0.0 to version 4.0.1:
 - Improved MPFR manual.
 - Improved __GMP_CC and __GMP_CFLAGS retrieval (in particular for MS Windows).
diff --git a/msys2/usr/share/doc/mpfr/TODO b/msys2/usr/share/doc/mpfr/TODO
index 3379a9a2c..9896c1fc6 100644
--- a/msys2/usr/share/doc/mpfr/TODO
+++ b/msys2/usr/share/doc/mpfr/TODO
@@ -1,4 +1,4 @@
-Copyright 1999-2018 Free Software Foundation, Inc.
+Copyright 1999-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -15,7 +15,7 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 
 Table of contents:
@@ -59,7 +59,7 @@ Table of contents:
 - export mpfr_overflow and mpfr_underflow as public functions
 
 - many functions currently taking into account the precision of the *input*
-  variable to set the initial working precison (acosh, asinh, cosh, ...).
+  variable to set the initial working precision (acosh, asinh, cosh, ...).
   This is nonsense since the "average" working precision should only depend
   on the precision of the *output* variable (and maybe on the *value* of
   the input in case of cancellation).
@@ -188,7 +188,7 @@ Table of contents:
   + arcu (5.3.10.15): arctan2(y,x) u / (2 pi);
   + rad_to_cycle, cycle_to_rad, cycle_to_cycle (5.3.11.{1..3}).
 - From GSL, missing special functions (if useful in MPFR):
-  (cf http://www.gnu.org/software/gsl/manual/gsl-ref.html#Special-Functions)
+  (cf https://www.gnu.org/software/gsl/manual/gsl-ref.html#Special-Functions)
   + The Airy functions Ai(x) and Bi(x) defined by the integral representations:
    * Ai(x) = (1/\pi) \int_0^\infty \cos((1/3) t^3 + xt) dt
    * Bi(x) = (1/\pi) \int_0^\infty (e^(-(1/3) t^3) + \sin((1/3) t^3 + xt)) dt
diff --git a/msys2/usr/share/doc/mpfr/examples/can_round.c b/msys2/usr/share/doc/mpfr/examples/can_round.c
index bc998e93e..e9265e384 100644
--- a/msys2/usr/share/doc/mpfr/examples/can_round.c
+++ b/msys2/usr/share/doc/mpfr/examples/can_round.c
@@ -1,7 +1,7 @@
 /* Example illustrating how to use mpfr_can_round. */
 
 /*
-Copyright 2016-2018 Free Software Foundation, Inc.
+Copyright 2016-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -18,7 +18,7 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 */
 
diff --git a/msys2/usr/share/doc/mpfr/examples/divworst.c b/msys2/usr/share/doc/mpfr/examples/divworst.c
index fe3a184ee..decb02124 100644
--- a/msys2/usr/share/doc/mpfr/examples/divworst.c
+++ b/msys2/usr/share/doc/mpfr/examples/divworst.c
@@ -13,7 +13,7 @@
  */
 
 /*
-Copyright 2009-2018 Free Software Foundation, Inc.
+Copyright 2009-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -30,7 +30,7 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 */
 
diff --git a/msys2/usr/share/doc/mpfr/examples/rndo-add.c b/msys2/usr/share/doc/mpfr/examples/rndo-add.c
index 8731ec757..ad4e5cc8d 100644
--- a/msys2/usr/share/doc/mpfr/examples/rndo-add.c
+++ b/msys2/usr/share/doc/mpfr/examples/rndo-add.c
@@ -8,7 +8,7 @@
  */
 
 /*
-Copyright 2009-2018 Free Software Foundation, Inc.
+Copyright 2009-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -25,7 +25,7 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 */
 
diff --git a/msys2/usr/share/doc/mpfr/examples/sample.c b/msys2/usr/share/doc/mpfr/examples/sample.c
index 2797d37c4..b5c559348 100644
--- a/msys2/usr/share/doc/mpfr/examples/sample.c
+++ b/msys2/usr/share/doc/mpfr/examples/sample.c
@@ -1,9 +1,9 @@
 /* This is the example given and commented on the MPFR web site:
- *   http://www.mpfr.org/sample.html
+ *   https://www.mpfr.org/sample.html
  */
 
 /*
-Copyright 1999-2004, 2006-2018 Free Software Foundation, Inc.
+Copyright 1999-2004, 2006-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -20,7 +20,7 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 */
 
diff --git a/msys2/usr/share/doc/mpfr/examples/version.c b/msys2/usr/share/doc/mpfr/examples/version.c
index 5a2935353..1f1f2e00c 100644
--- a/msys2/usr/share/doc/mpfr/examples/version.c
+++ b/msys2/usr/share/doc/mpfr/examples/version.c
@@ -3,7 +3,7 @@
  */
 
 /*
-Copyright 2010-2018 Free Software Foundation, Inc.
+Copyright 2010-2019 Free Software Foundation, Inc.
 Contributed by the AriC and Caramba projects, INRIA.
 
 This file is part of the GNU MPFR Library.
@@ -20,7 +20,7 @@ License for more details.
 
 You should have received a copy of the GNU Lesser General Public License
 along with the GNU MPFR Library; see the file COPYING.LESSER.  If not, see
-http://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
+https://www.gnu.org/licenses/ or write to the Free Software Foundation, Inc.,
 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
 */
 
diff --git a/msys2/usr/share/doc/openssl/html/man1/CA.pl.html b/msys2/usr/share/doc/openssl/html/man1/CA.pl.html
new file mode 100644
index 000000000..4237d4e12
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/CA.pl.html
@@ -0,0 +1,198 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CA.pl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#DSA-CERTIFICATES">DSA CERTIFICATES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CA.pl - friendlier interface for OpenSSL certificate programs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>CA.pl</b> <b>-?</b> | <b>-h</b> | <b>-help</b></p>
+
+<p><b>CA.pl</b> <b>-newcert</b> | <b>-newreq</b> | <b>-newreq-nodes</b> | <b>-xsign</b> | <b>-sign</b> | <b>-signCA</b> | <b>-signcert</b> | <b>-crl</b> | <b>-newca</b> [<b>-extra-cmd</b> extra-params]</p>
+
+<p><b>CA.pl</b> <b>-pkcs12</b> [<b>-extra-pkcs12</b> extra-params] [<b>certname</b>]</p>
+
+<p><b>CA.pl</b> <b>-verify</b> [<b>-extra-verify</b> extra-params] <b>certfile</b>...</p>
+
+<p><b>CA.pl</b> <b>-revoke</b> [<b>-extra-ca</b> extra-params] <b>certfile</b> [<b>reason</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>CA.pl</b> script is a perl script that supplies the relevant command line arguments to the <b>openssl</b> command for some common certificate operations. It is intended to simplify the process of certificate creation and management by the use of some simple options.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="h--help"><b>?</b>, <b>-h</b>, <b>-help</b></dt>
+<dd>
+
+<p>Prints a usage message.</p>
+
+</dd>
+<dt id="newcert"><b>-newcert</b></dt>
+<dd>
+
+<p>Creates a new self signed certificate. The private key is written to the file &quot;newkey.pem&quot; and the request written to the file &quot;newreq.pem&quot;. This argument invokes <b>openssl req</b> command.</p>
+
+</dd>
+<dt id="newreq"><b>-newreq</b></dt>
+<dd>
+
+<p>Creates a new certificate request. The private key is written to the file &quot;newkey.pem&quot; and the request written to the file &quot;newreq.pem&quot;. Executes <b>openssl req</b> command below the hood.</p>
+
+</dd>
+<dt id="newreq-nodes"><b>-newreq-nodes</b></dt>
+<dd>
+
+<p>Is like <b>-newreq</b> except that the private key will not be encrypted. Uses <b>openssl req</b> command.</p>
+
+</dd>
+<dt id="newca"><b>-newca</b></dt>
+<dd>
+
+<p>Creates a new CA hierarchy for use with the <b>ca</b> program (or the <b>-signcert</b> and <b>-xsign</b> options). The user is prompted to enter the filename of the CA certificates (which should also contain the private key) or by hitting ENTER details of the CA will be prompted for. The relevant files and directories are created in a directory called &quot;demoCA&quot; in the current directory. <b>openssl req</b> and <b>openssl ca</b> commands are get invoked.</p>
+
+</dd>
+<dt id="pkcs12"><b>-pkcs12</b></dt>
+<dd>
+
+<p>Create a PKCS#12 file containing the user certificate, private key and CA certificate. It expects the user certificate and private key to be in the file &quot;newcert.pem&quot; and the CA certificate to be in the file demoCA/cacert.pem, it creates a file &quot;newcert.p12&quot;. This command can thus be called after the <b>-sign</b> option. The PKCS#12 file can be imported directly into a browser. If there is an additional argument on the command line it will be used as the &quot;friendly name&quot; for the certificate (which is typically displayed in the browser list box), otherwise the name &quot;My Certificate&quot; is used. Delegates work to <b>openssl pkcs12</b> command.</p>
+
+</dd>
+<dt id="sign--signcert--xsign"><b>-sign</b>, <b>-signcert</b>, <b>-xsign</b></dt>
+<dd>
+
+<p>Calls the <b>ca</b> program to sign a certificate request. It expects the request to be in the file &quot;newreq.pem&quot;. The new certificate is written to the file &quot;newcert.pem&quot; except in the case of the <b>-xsign</b> option when it is written to standard output. Leverages <b>openssl ca</b> command.</p>
+
+</dd>
+<dt id="signCA"><b>-signCA</b></dt>
+<dd>
+
+<p>This option is the same as the <b>-signreq</b> option except it uses the configuration file section <b>v3_ca</b> and so makes the signed request a valid CA certificate. This is useful when creating intermediate CA from a root CA. Extra params are passed on to <b>openssl ca</b> command.</p>
+
+</dd>
+<dt id="signcert"><b>-signcert</b></dt>
+<dd>
+
+<p>This option is the same as <b>-sign</b> except it expects a self signed certificate to be present in the file &quot;newreq.pem&quot;. Extra params are passed on to <b>openssl x509</b> and <b>openssl ca</b> commands.</p>
+
+</dd>
+<dt id="crl"><b>-crl</b></dt>
+<dd>
+
+<p>Generate a CRL. Executes <b>openssl ca</b> command.</p>
+
+</dd>
+<dt id="revoke-certfile-reason"><b>-revoke certfile [reason]</b></dt>
+<dd>
+
+<p>Revoke the certificate contained in the specified <b>certfile</b>. An optional reason may be specified, and must be one of: <b>unspecified</b>, <b>keyCompromise</b>, <b>CACompromise</b>, <b>affiliationChanged</b>, <b>superseded</b>, <b>cessationOfOperation</b>, <b>certificateHold</b>, or <b>removeFromCRL</b>. Leverages <b>openssl ca</b> command.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verifies certificates against the CA certificate for &quot;demoCA&quot;. If no certificates are specified on the command line it tries to verify the file &quot;newcert.pem&quot;. Invokes <b>openssl verify</b> command.</p>
+
+</dd>
+<dt id="extra-req--extra-ca--extra-pkcs12--extra-x509--extra-verify-extra-params"><b>-extra-req</b> | <b>-extra-ca</b> | <b>-extra-pkcs12</b> | <b>-extra-x509</b> | <b>-extra-verify</b> &lt;extra-params&gt;</dt>
+<dd>
+
+<p>The purpose of these parameters is to allow optional parameters to be supplied to <b>openssl</b> that this command executes. The <b>-extra-cmd</b> are specific to the option being used and the <b>openssl</b> command getting invoked. For example when this command invokes <b>openssl req</b> extra parameters can be passed on with the <b>-extra-req</b> parameter. The <b>openssl</b> commands being invoked per option are documented below. Users should consult <b>openssl</b> command documentation for more information.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create a CA hierarchy:</p>
+
+<pre><code> CA.pl -newca</code></pre>
+
+<p>Complete certificate creation example: create a CA, create a request, sign the request and finally create a PKCS#12 file containing it.</p>
+
+<pre><code> CA.pl -newca
+ CA.pl -newreq
+ CA.pl -signreq
+ CA.pl -pkcs12 &quot;My Test Certificate&quot;</code></pre>
+
+<h1 id="DSA-CERTIFICATES">DSA CERTIFICATES</h1>
+
+<p>Although the <b>CA.pl</b> creates RSA CAs and requests it is still possible to use it with DSA certificates and requests using the <a href="../man1/req.html">req(1)</a> command directly. The following example shows the steps that would typically be taken.</p>
+
+<p>Create some DSA parameters:</p>
+
+<pre><code> openssl dsaparam -out dsap.pem 1024</code></pre>
+
+<p>Create a DSA CA certificate and private key:</p>
+
+<pre><code> openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem</code></pre>
+
+<p>Create the CA directories and files:</p>
+
+<pre><code> CA.pl -newca</code></pre>
+
+<p>enter cacert.pem when prompted for the CA file name.</p>
+
+<p>Create a DSA certificate request and private key (a different set of parameters can optionally be created first):</p>
+
+<pre><code> openssl req -out newreq.pem -newkey dsa:dsap.pem</code></pre>
+
+<p>Sign the request:</p>
+
+<pre><code> CA.pl -signreq</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Most of the filenames mentioned can be modified by editing the <b>CA.pl</b> script.</p>
+
+<p>If the demoCA directory already exists then the <b>-newca</b> command will not overwrite it and will do nothing. This can happen if a previous call using the <b>-newca</b> option terminated abnormally. To get the correct behaviour delete the demoCA directory if it already exists.</p>
+
+<p>Under some environments it may not be possible to run the <b>CA.pl</b> script directly (for example Win32) and the default configuration file location may be wrong. In this case the command:</p>
+
+<pre><code> perl -S CA.pl</code></pre>
+
+<p>can be used and the <b>OPENSSL_CONF</b> environment variable changed to point to the correct path of the configuration file.</p>
+
+<p>The script is intended as a simple front end for the <b>openssl</b> program for use by a beginner. Its behaviour isn&#39;t always what is wanted. For more control over the behaviour of the certificate commands call the <b>openssl</b> command directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/x509.html">x509(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/req.html">req(1)</a>, <a href="../man1/pkcs12.html">pkcs12(1)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/asn1parse.html b/msys2/usr/share/doc/openssl/html/man1/asn1parse.html
new file mode 100644
index 000000000..decd86de8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/asn1parse.html
@@ -0,0 +1,227 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>asn1parse</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#Output">Output</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-asn1parse, asn1parse - ASN.1 parsing tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>asn1parse</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-offset number</b>] [<b>-length number</b>] [<b>-i</b>] [<b>-oid filename</b>] [<b>-dump</b>] [<b>-dlimit num</b>] [<b>-strparse offset</b>] [<b>-genstr string</b>] [<b>-genconf file</b>] [<b>-strictpem</b>] [<b>-item name</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>asn1parse</b> command is a diagnostic utility that can parse ASN.1 structures. It can also be used to extract data from ASN.1 formatted data.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform</b> <b>DER|PEM</b></dt>
+<dd>
+
+<p>The input format. <b>DER</b> is binary format and <b>PEM</b> (the default) is base64 encoded.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>The input file, default is standard input.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Output file to place the DER encoded data into. If this option is not present then no data will be output. This is most useful when combined with the <b>-strparse</b> option.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Don&#39;t output the parsed version of the input file.</p>
+
+</dd>
+<dt id="offset-number"><b>-offset number</b></dt>
+<dd>
+
+<p>Starting offset to begin parsing, default is start of file.</p>
+
+</dd>
+<dt id="length-number"><b>-length number</b></dt>
+<dd>
+
+<p>Number of bytes to parse, default is until end of file.</p>
+
+</dd>
+<dt id="i"><b>-i</b></dt>
+<dd>
+
+<p>Indents the output according to the &quot;depth&quot; of the structures.</p>
+
+</dd>
+<dt id="oid-filename"><b>-oid filename</b></dt>
+<dd>
+
+<p>A file containing additional OBJECT IDENTIFIERs (OIDs). The format of this file is described in the NOTES section below.</p>
+
+</dd>
+<dt id="dump"><b>-dump</b></dt>
+<dd>
+
+<p>Dump unknown data in hex format.</p>
+
+</dd>
+<dt id="dlimit-num"><b>-dlimit num</b></dt>
+<dd>
+
+<p>Like <b>-dump</b>, but only the first <b>num</b> bytes are output.</p>
+
+</dd>
+<dt id="strparse-offset"><b>-strparse offset</b></dt>
+<dd>
+
+<p>Parse the contents octets of the ASN.1 object starting at <b>offset</b>. This option can be used multiple times to &quot;drill down&quot; into a nested structure.</p>
+
+</dd>
+<dt id="genstr-string--genconf-file"><b>-genstr string</b>, <b>-genconf file</b></dt>
+<dd>
+
+<p>Generate encoded data based on <b>string</b>, <b>file</b> or both using <a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a> format. If <b>file</b> only is present then the string is obtained from the default section using the name <b>asn1</b>. The encoded data is passed through the ASN1 parser and printed out as though it came from a file, the contents can thus be examined and written to a file using the <b>out</b> option.</p>
+
+</dd>
+<dt id="strictpem"><b>-strictpem</b></dt>
+<dd>
+
+<p>If this option is used then <b>-inform</b> will be ignored. Without this option any data in a PEM format input file will be treated as being base64 encoded and processed whether it has the normal PEM BEGIN and END markers or not. This option will ignore any data prior to the start of the BEGIN marker, or after an END marker in a PEM file.</p>
+
+</dd>
+<dt id="item-name"><b>-item name</b></dt>
+<dd>
+
+<p>Attempt to decode and print the data as <b>ASN1_ITEM name</b>. This can be used to print out the fields of any supported ASN.1 structure if the type is known.</p>
+
+</dd>
+</dl>
+
+<h2 id="Output">Output</h2>
+
+<p>The output will typically contain lines like this:</p>
+
+<pre><code>  0:d=0  hl=4 l= 681 cons: SEQUENCE</code></pre>
+
+<p>.....</p>
+
+<pre><code>  229:d=3  hl=3 l= 141 prim: BIT STRING
+  373:d=2  hl=3 l= 162 cons: cont [ 3 ]
+  376:d=3  hl=3 l= 159 cons: SEQUENCE
+  379:d=4  hl=2 l=  29 cons: SEQUENCE
+  381:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Key Identifier
+  386:d=5  hl=2 l=  22 prim: OCTET STRING
+  410:d=4  hl=2 l= 112 cons: SEQUENCE
+  412:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key Identifier
+  417:d=5  hl=2 l= 105 prim: OCTET STRING
+  524:d=4  hl=2 l=  12 cons: SEQUENCE</code></pre>
+
+<p>.....</p>
+
+<p>This example is part of a self-signed certificate. Each line starts with the offset in decimal. <b>d=XX</b> specifies the current depth. The depth is increased within the scope of any SET or SEQUENCE. <b>hl=XX</b> gives the header length (tag and length octets) of the current type. <b>l=XX</b> gives the length of the contents octets.</p>
+
+<p>The <b>-i</b> option can be used to make the output more readable.</p>
+
+<p>Some knowledge of the ASN.1 structure is needed to interpret the output.</p>
+
+<p>In this example the BIT STRING at offset 229 is the certificate public key. The contents octets of this will contain the public key information. This can be examined using the option <b>-strparse 229</b> to yield:</p>
+
+<pre><code>    0:d=0  hl=3 l= 137 cons: SEQUENCE
+    3:d=1  hl=3 l= 129 prim: INTEGER           :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897
+  135:d=1  hl=2 l=   3 prim: INTEGER           :010001</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an OID is not part of OpenSSL&#39;s internal table it will be represented in numerical form (for example 1.2.3.4). The file passed to the <b>-oid</b> option allows additional OIDs to be included. Each line consists of three columns, the first column is the OID in numerical format and should be followed by white space. The second column is the &quot;short name&quot; which is a single word followed by white space. The final column is the rest of the line and is the &quot;long name&quot;. <b>asn1parse</b> displays the long name. Example:</p>
+
+<p><code>1.2.3.4 shortName A long name</code></p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Parse a file:</p>
+
+<pre><code> openssl asn1parse -in file.pem</code></pre>
+
+<p>Parse a DER file:</p>
+
+<pre><code> openssl asn1parse -inform DER -in file.der</code></pre>
+
+<p>Generate a simple UTF8String:</p>
+
+<pre><code> openssl asn1parse -genstr &#39;UTF8:Hello World&#39;</code></pre>
+
+<p>Generate and write out a UTF8String, don&#39;t print parsed output:</p>
+
+<pre><code> openssl asn1parse -genstr &#39;UTF8:Hello World&#39; -noout -out utf8.der</code></pre>
+
+<p>Generate using a config file:</p>
+
+<pre><code> openssl asn1parse -genconf asn1.cnf -noout -out asn1.der</code></pre>
+
+<p>Example config file:</p>
+
+<pre><code> asn1=SEQUENCE:seq_sect
+
+ [seq_sect]
+
+ field1=BOOL:TRUE
+ field2=EXP:0, UTF8:some random string</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be options to change the format of output lines. The output of some ASN.1 types is not well handled (if at all).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/c_rehash.html b/msys2/usr/share/doc/openssl/html/man1/c_rehash.html
new file mode 100644
index 000000000..5b31c5996
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/c_rehash.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rehash</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Script-Configuration">Script Configuration</a></li>
+    </ul>
+  </li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-c_rehash, openssl-rehash, c_rehash, rehash - Create symbolic links to files named by the hash values</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>rehash</b> <b>[-h]</b> <b>[-help]</b> <b>[-old]</b> <b>[-n]</b> <b>[-v]</b> [ <i>directory</i>...]</p>
+
+<p><b>c_rehash</b> <i>flags...</i></p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>On some platforms, the OpenSSL <b>rehash</b> command is available as an external script called <b>c_rehash</b>. They are functionally equivalent, except for minor differences noted below.</p>
+
+<p><b>rehash</b> scans directories and calculates a hash value of each <code>.pem</code>, <code>.crt</code>, <code>.cer</code>, or <code>.crl</code> file in the specified directory list and creates symbolic links for each file, where the name of the link is the hash value. (If the platform does not support symbolic links, a copy is made.) This utility is useful as many programs that use OpenSSL require directories to be set up like this in order to find certificates.</p>
+
+<p>If any directories are named on the command line, then those are processed in turn. If not, then the <b>SSL_CERT_DIR</b> environment variable is consulted; this should be a colon-separated list of directories, like the Unix <b>PATH</b> variable. If that is not set then the default directory (installation-specific but often <b>/usr/local/ssl/certs</b>) is processed.</p>
+
+<p>In order for a directory to be processed, the user must have write permissions on that directory, otherwise an error will be generated.</p>
+
+<p>The links created are of the form <code>HHHHHHHH.D</code>, where each <b>H</b> is a hexadecimal character and <b>D</b> is a single decimal digit. When processing a directory, <b>rehash</b> will first remove all links that have a name in that syntax, even if they are being used for some other purpose. To skip the removal step, use the <b>-n</b> flag. Hashes for CRL&#39;s look similar except the letter <b>r</b> appears after the period, like this: <code>HHHHHHHH.rD</code>.</p>
+
+<p>Multiple objects may have the same hash; they will be indicated by incrementing the <b>D</b> value. Duplicates are found by comparing the full SHA-1 fingerprint. A warning will be displayed if a duplicate is found.</p>
+
+<p>A warning will also be displayed if there are files that cannot be parsed as either a certificate or a CRL or if more than one such object appears in the file.</p>
+
+<h2 id="Script-Configuration">Script Configuration</h2>
+
+<p>The <b>c_rehash</b> script uses the <b>openssl</b> program to compute the hashes and fingerprints. If not found in the user&#39;s <b>PATH</b>, then set the <b>OPENSSL</b> environment variable to the full pathname. Any program can be used, it will be invoked as follows for either a certificate or CRL:</p>
+
+<pre><code>  $OPENSSL x509 -hash -fingerprint -noout -in FILENAME
+  $OPENSSL crl -hash -fingerprint -noout -in FILENAME</code></pre>
+
+<p>where <b>FILENAME</b> is the filename. It must output the hash of the file on the first line, and the fingerprint on the second, optionally prefixed with some text and an equals sign.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help--h"><b>-help</b> <b>-h</b></dt>
+<dd>
+
+<p>Display a brief usage message.</p>
+
+</dd>
+<dt id="old"><b>-old</b></dt>
+<dd>
+
+<p>Use old-style hashing (MD5, as opposed to SHA-1) for generating links to be used for releases before 1.0.0. Note that current versions will not use the old style.</p>
+
+</dd>
+<dt id="n"><b>-n</b></dt>
+<dd>
+
+<p>Do not remove existing links. This is needed when keeping new and old-style links in the same directory.</p>
+
+</dd>
+<dt id="compat"><b>-compat</b></dt>
+<dd>
+
+<p>Generate links for both old-style (MD5) and new-style (SHA1) hashing. This allows releases before 1.0.0 to use these links along-side newer releases.</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>Print messages about old links removed and new links created. By default, <b>rehash</b> only lists each directory as it is processed.</p>
+
+</dd>
+</dl>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL"><b>OPENSSL</b></dt>
+<dd>
+
+<p>The path to an executable to use to generate hashes and fingerprints (see above).</p>
+
+</dd>
+<dt id="SSL_CERT_DIR"><b>SSL_CERT_DIR</b></dt>
+<dd>
+
+<p>Colon separated list of directories to operate on. Ignored if directories are listed on the command line.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man1/crl.html">crl(1)</a>. <a href="../man1/x509.html">x509(1)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/ca.html b/msys2/usr/share/doc/openssl/html/man1/ca.html
new file mode 100644
index 000000000..900f10667
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/ca.html
@@ -0,0 +1,665 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ca</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CRL-OPTIONS">CRL OPTIONS</a></li>
+  <li><a href="#CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</a></li>
+  <li><a href="#POLICY-FORMAT">POLICY FORMAT</a></li>
+  <li><a href="#SPKAC-FORMAT">SPKAC FORMAT</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#FILES">FILES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ca, ca - sample minimal CA application</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ca</b> [<b>-help</b>] [<b>-verbose</b>] [<b>-config filename</b>] [<b>-name section</b>] [<b>-gencrl</b>] [<b>-revoke file</b>] [<b>-valid file</b>] [<b>-status serial</b>] [<b>-updatedb</b>] [<b>-crl_reason reason</b>] [<b>-crl_hold instruction</b>] [<b>-crl_compromise time</b>] [<b>-crl_CA_compromise time</b>] [<b>-crldays days</b>] [<b>-crlhours hours</b>] [<b>-crlexts section</b>] [<b>-startdate date</b>] [<b>-enddate date</b>] [<b>-days arg</b>] [<b>-md arg</b>] [<b>-policy arg</b>] [<b>-keyfile arg</b>] [<b>-keyform PEM|DER</b>] [<b>-key arg</b>] [<b>-passin arg</b>] [<b>-cert file</b>] [<b>-selfsign</b>] [<b>-in file</b>] [<b>-out file</b>] [<b>-notext</b>] [<b>-outdir dir</b>] [<b>-infiles</b>] [<b>-spkac file</b>] [<b>-ss_cert file</b>] [<b>-preserveDN</b>] [<b>-noemailDN</b>] [<b>-batch</b>] [<b>-msie_hack</b>] [<b>-extensions section</b>] [<b>-extfile section</b>] [<b>-engine id</b>] [<b>-subj arg</b>] [<b>-utf8</b>] [<b>-create_serial</b>] [<b>-rand_serial</b>] [<b>-multivalue-rdn</b>] [<b>-rand file...</b>] [<b>-writerand file</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>ca</b> command is a minimal CA application. It can be used to sign certificate requests in a variety of forms and generate CRLs it also maintains a text database of issued certificates and their status.</p>
+
+<p>The options descriptions will be divided into each purpose.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="verbose"><b>-verbose</b></dt>
+<dd>
+
+<p>This prints extra details about the operations being performed.</p>
+
+</dd>
+<dt id="config-filename"><b>-config filename</b></dt>
+<dd>
+
+<p>Specifies the configuration file to use. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>.</p>
+
+</dd>
+<dt id="name-section"><b>-name section</b></dt>
+<dd>
+
+<p>Specifies the configuration file section to use (overrides <b>default_ca</b> in the <b>ca</b> section).</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>An input filename containing a single certificate request to be signed by the CA.</p>
+
+</dd>
+<dt id="ss_cert-filename"><b>-ss_cert filename</b></dt>
+<dd>
+
+<p>A single self-signed certificate to be signed by the CA.</p>
+
+</dd>
+<dt id="spkac-filename"><b>-spkac filename</b></dt>
+<dd>
+
+<p>A file containing a single Netscape signed public key and challenge and additional field values to be signed by the CA. See the <b>SPKAC FORMAT</b> section for information on the required input and output format.</p>
+
+</dd>
+<dt id="infiles"><b>-infiles</b></dt>
+<dd>
+
+<p>If present this should be the last option, all subsequent arguments are taken as the names of files containing certificate requests.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The output file to output certificates to. The default is standard output. The certificate details will also be printed out to this file in PEM format (except that <b>-spkac</b> outputs DER format).</p>
+
+</dd>
+<dt id="outdir-directory"><b>-outdir directory</b></dt>
+<dd>
+
+<p>The directory to output certificates to. The certificate will be written to a filename consisting of the serial number in hex with &quot;.pem&quot; appended.</p>
+
+</dd>
+<dt id="cert"><b>-cert</b></dt>
+<dd>
+
+<p>The CA certificate file.</p>
+
+</dd>
+<dt id="keyfile-filename"><b>-keyfile filename</b></dt>
+<dd>
+
+<p>The private key to sign requests with.</p>
+
+</dd>
+<dt id="keyform-PEM-DER"><b>-keyform PEM|DER</b></dt>
+<dd>
+
+<p>The format of the data in the private key file. The default is PEM.</p>
+
+</dd>
+<dt id="key-password"><b>-key password</b></dt>
+<dd>
+
+<p>The password used to encrypt the private key. Since on some systems the command line arguments are visible (e.g. Unix with the &#39;ps&#39; utility) this option should be used with caution.</p>
+
+</dd>
+<dt id="selfsign"><b>-selfsign</b></dt>
+<dd>
+
+<p>Indicates the issued certificates are to be signed with the key the certificate requests were signed with (given with <b>-keyfile</b>). Certificate requests signed with a different key are ignored. If <b>-spkac</b>, <b>-ss_cert</b> or <b>-gencrl</b> are given, <b>-selfsign</b> is ignored.</p>
+
+<p>A consequence of using <b>-selfsign</b> is that the self-signed certificate appears among the entries in the certificate database (see the configuration option <b>database</b>), and uses the same serial number counter as all other certificates sign with the self-signed certificate.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="notext"><b>-notext</b></dt>
+<dd>
+
+<p>Don&#39;t output the text form of a certificate to the output file.</p>
+
+</dd>
+<dt id="startdate-date"><b>-startdate date</b></dt>
+<dd>
+
+<p>This allows the start date to be explicitly set. The format of the date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure), or YYYYMMDDHHMMSSZ (the same as an ASN1 GeneralizedTime structure). In both formats, seconds SS and timezone Z must be present.</p>
+
+</dd>
+<dt id="enddate-date"><b>-enddate date</b></dt>
+<dd>
+
+<p>This allows the expiry date to be explicitly set. The format of the date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure), or YYYYMMDDHHMMSSZ (the same as an ASN1 GeneralizedTime structure). In both formats, seconds SS and timezone Z must be present.</p>
+
+</dd>
+<dt id="days-arg"><b>-days arg</b></dt>
+<dd>
+
+<p>The number of days to certify the certificate for.</p>
+
+</dd>
+<dt id="md-alg"><b>-md alg</b></dt>
+<dd>
+
+<p>The message digest to use. Any digest supported by the OpenSSL <b>dgst</b> command can be used. For signing algorithms that do not support a digest (i.e. Ed25519 and Ed448) any message digest that is set is ignored. This option also applies to CRLs.</p>
+
+</dd>
+<dt id="policy-arg"><b>-policy arg</b></dt>
+<dd>
+
+<p>This option defines the CA &quot;policy&quot; to use. This is a section in the configuration file which decides which fields should be mandatory or match the CA certificate. Check out the <b>POLICY FORMAT</b> section for more information.</p>
+
+</dd>
+<dt id="msie_hack"><b>-msie_hack</b></dt>
+<dd>
+
+<p>This is a deprecated option to make <b>ca</b> work with very old versions of the IE certificate enrollment control &quot;certenr3&quot;. It used UniversalStrings for almost everything. Since the old control has various security bugs its use is strongly discouraged.</p>
+
+</dd>
+<dt id="preserveDN"><b>-preserveDN</b></dt>
+<dd>
+
+<p>Normally the DN order of a certificate is the same as the order of the fields in the relevant policy section. When this option is set the order is the same as the request. This is largely for compatibility with the older IE enrollment control which would only accept certificates if their DNs match the order of the request. This is not needed for Xenroll.</p>
+
+</dd>
+<dt id="noemailDN"><b>-noemailDN</b></dt>
+<dd>
+
+<p>The DN of a certificate can contain the EMAIL field if present in the request DN, however it is good policy just having the e-mail set into the altName extension of the certificate. When this option is set the EMAIL field is removed from the certificate&#39; subject and set only in the, eventually present, extensions. The <b>email_in_dn</b> keyword can be used in the configuration file to enable this behaviour.</p>
+
+</dd>
+<dt id="batch"><b>-batch</b></dt>
+<dd>
+
+<p>This sets the batch mode. In this mode no questions will be asked and all certificates will be certified automatically.</p>
+
+</dd>
+<dt id="extensions-section"><b>-extensions section</b></dt>
+<dd>
+
+<p>The section of the configuration file containing certificate extensions to be added when a certificate is issued (defaults to <b>x509_extensions</b> unless the <b>-extfile</b> option is used). If no extension section is present then, a V1 certificate is created. If the extension section is present (even if it is empty), then a V3 certificate is created. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
+
+</dd>
+<dt id="extfile-file"><b>-extfile file</b></dt>
+<dd>
+
+<p>An additional configuration file to read certificate extensions from (using the default section unless the <b>-extensions</b> option is also used).</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ca</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="subj-arg"><b>-subj arg</b></dt>
+<dd>
+
+<p>Supersedes subject name given in the request. The arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>. Keyword characters may be escaped by \ (backslash), and whitespace is retained. Empty values are permitted, but the corresponding type will not be included in the resulting certificate.</p>
+
+</dd>
+<dt id="utf8"><b>-utf8</b></dt>
+<dd>
+
+<p>This option causes field values to be interpreted as UTF8 strings, by default they are interpreted as ASCII. This means that the field values, whether prompted from a terminal or obtained from a configuration file, must be valid UTF8 strings.</p>
+
+</dd>
+<dt id="create_serial"><b>-create_serial</b></dt>
+<dd>
+
+<p>If reading serial from the text file as specified in the configuration fails, specifying this option creates a new random serial to be used as next serial number. To get random serial numbers, use the <b>-rand_serial</b> flag instead; this should only be used for simple error-recovery.</p>
+
+</dd>
+<dt id="rand_serial"><b>-rand_serial</b></dt>
+<dd>
+
+<p>Generate a large random number to use as the serial number. This overrides any option or configuration to use a serial number file.</p>
+
+</dd>
+<dt id="multivalue-rdn"><b>-multivalue-rdn</b></dt>
+<dd>
+
+<p>This option causes the -subj argument to be interpreted with full support for multivalued RDNs. Example:</p>
+
+<p><i>/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe</i></p>
+
+<p>If -multi-rdn is not used then the UID value is <i>123456+CN=John Doe</i>.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="CRL-OPTIONS">CRL OPTIONS</h1>
+
+<dl>
+
+<dt id="gencrl"><b>-gencrl</b></dt>
+<dd>
+
+<p>This option generates a CRL based on information in the index file.</p>
+
+</dd>
+<dt id="crldays-num"><b>-crldays num</b></dt>
+<dd>
+
+<p>The number of days before the next CRL is due. That is the days from now to place in the CRL nextUpdate field.</p>
+
+</dd>
+<dt id="crlhours-num"><b>-crlhours num</b></dt>
+<dd>
+
+<p>The number of hours before the next CRL is due.</p>
+
+</dd>
+<dt id="revoke-filename"><b>-revoke filename</b></dt>
+<dd>
+
+<p>A filename containing a certificate to revoke.</p>
+
+</dd>
+<dt id="valid-filename"><b>-valid filename</b></dt>
+<dd>
+
+<p>A filename containing a certificate to add a Valid certificate entry.</p>
+
+</dd>
+<dt id="status-serial"><b>-status serial</b></dt>
+<dd>
+
+<p>Displays the revocation status of the certificate with the specified serial number and exits.</p>
+
+</dd>
+<dt id="updatedb"><b>-updatedb</b></dt>
+<dd>
+
+<p>Updates the database index to purge expired certificates.</p>
+
+</dd>
+<dt id="crl_reason-reason"><b>-crl_reason reason</b></dt>
+<dd>
+
+<p>Revocation reason, where <b>reason</b> is one of: <b>unspecified</b>, <b>keyCompromise</b>, <b>CACompromise</b>, <b>affiliationChanged</b>, <b>superseded</b>, <b>cessationOfOperation</b>, <b>certificateHold</b> or <b>removeFromCRL</b>. The matching of <b>reason</b> is case insensitive. Setting any revocation reason will make the CRL v2.</p>
+
+<p>In practice <b>removeFromCRL</b> is not particularly useful because it is only used in delta CRLs which are not currently implemented.</p>
+
+</dd>
+<dt id="crl_hold-instruction"><b>-crl_hold instruction</b></dt>
+<dd>
+
+<p>This sets the CRL revocation reason code to <b>certificateHold</b> and the hold instruction to <b>instruction</b> which must be an OID. Although any OID can be used only <b>holdInstructionNone</b> (the use of which is discouraged by RFC2459) <b>holdInstructionCallIssuer</b> or <b>holdInstructionReject</b> will normally be used.</p>
+
+</dd>
+<dt id="crl_compromise-time"><b>-crl_compromise time</b></dt>
+<dd>
+
+<p>This sets the revocation reason to <b>keyCompromise</b> and the compromise time to <b>time</b>. <b>time</b> should be in GeneralizedTime format that is <b>YYYYMMDDHHMMSSZ</b>.</p>
+
+</dd>
+<dt id="crl_CA_compromise-time"><b>-crl_CA_compromise time</b></dt>
+<dd>
+
+<p>This is the same as <b>crl_compromise</b> except the revocation reason is set to <b>CACompromise</b>.</p>
+
+</dd>
+<dt id="crlexts-section"><b>-crlexts section</b></dt>
+<dd>
+
+<p>The section of the configuration file containing CRL extensions to include. If no CRL extension section is present then a V1 CRL is created, if the CRL extension section is present (even if it is empty) then a V2 CRL is created. The CRL extensions specified are CRL extensions and <b>not</b> CRL entry extensions. It should be noted that some software (for example Netscape) can&#39;t handle V2 CRLs. See <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</h1>
+
+<p>The section of the configuration file containing options for <b>ca</b> is found as follows: If the <b>-name</b> command line option is used, then it names the section to be used. Otherwise the section to be used must be named in the <b>default_ca</b> option of the <b>ca</b> section of the configuration file (or in the default section of the configuration file). Besides <b>default_ca</b>, the following options are read directly from the <b>ca</b> section: RANDFILE preserve msie_hack With the exception of <b>RANDFILE</b>, this is probably a bug and may change in future releases.</p>
+
+<p>Many of the configuration file options are identical to command line options. Where the option is present in the configuration file and the command line the command line value is used. Where an option is described as mandatory then it must be present in the configuration file or the command line equivalent (if any) used.</p>
+
+<dl>
+
+<dt id="oid_file"><b>oid_file</b></dt>
+<dd>
+
+<p>This specifies a file containing additional <b>OBJECT IDENTIFIERS</b>. Each line of the file should consist of the numerical form of the object identifier followed by white space then the short name followed by white space and finally the long name.</p>
+
+</dd>
+<dt id="oid_section"><b>oid_section</b></dt>
+<dd>
+
+<p>This specifies a section in the configuration file containing extra object identifiers. Each line should consist of the short name of the object identifier followed by <b>=</b> and the numerical form. The short and long names are the same when this option is used.</p>
+
+</dd>
+<dt id="new_certs_dir"><b>new_certs_dir</b></dt>
+<dd>
+
+<p>The same as the <b>-outdir</b> command line option. It specifies the directory where new certificates will be placed. Mandatory.</p>
+
+</dd>
+<dt id="certificate"><b>certificate</b></dt>
+<dd>
+
+<p>The same as <b>-cert</b>. It gives the file containing the CA certificate. Mandatory.</p>
+
+</dd>
+<dt id="private_key"><b>private_key</b></dt>
+<dd>
+
+<p>Same as the <b>-keyfile</b> option. The file containing the CA private key. Mandatory.</p>
+
+</dd>
+<dt id="RANDFILE"><b>RANDFILE</b></dt>
+<dd>
+
+<p>At startup the specified file is loaded into the random number generator, and at exit 256 bytes will be written to it.</p>
+
+</dd>
+<dt id="default_days"><b>default_days</b></dt>
+<dd>
+
+<p>The same as the <b>-days</b> option. The number of days to certify a certificate for.</p>
+
+</dd>
+<dt id="default_startdate"><b>default_startdate</b></dt>
+<dd>
+
+<p>The same as the <b>-startdate</b> option. The start date to certify a certificate for. If not set the current time is used.</p>
+
+</dd>
+<dt id="default_enddate"><b>default_enddate</b></dt>
+<dd>
+
+<p>The same as the <b>-enddate</b> option. Either this option or <b>default_days</b> (or the command line equivalents) must be present.</p>
+
+</dd>
+<dt id="default_crl_hours-default_crl_days"><b>default_crl_hours default_crl_days</b></dt>
+<dd>
+
+<p>The same as the <b>-crlhours</b> and the <b>-crldays</b> options. These will only be used if neither command line option is present. At least one of these must be present to generate a CRL.</p>
+
+</dd>
+<dt id="default_md"><b>default_md</b></dt>
+<dd>
+
+<p>The same as the <b>-md</b> option. Mandatory except where the signing algorithm does not require a digest (i.e. Ed25519 and Ed448).</p>
+
+</dd>
+<dt id="database"><b>database</b></dt>
+<dd>
+
+<p>The text database file to use. Mandatory. This file must be present though initially it will be empty.</p>
+
+</dd>
+<dt id="unique_subject"><b>unique_subject</b></dt>
+<dd>
+
+<p>If the value <b>yes</b> is given, the valid certificate entries in the database must have unique subjects. if the value <b>no</b> is given, several valid certificate entries may have the exact same subject. The default value is <b>yes</b>, to be compatible with older (pre 0.9.8) versions of OpenSSL. However, to make CA certificate roll-over easier, it&#39;s recommended to use the value <b>no</b>, especially if combined with the <b>-selfsign</b> command line option.</p>
+
+<p>Note that it is valid in some circumstances for certificates to be created without any subject. In the case where there are multiple certificates without subjects this does not count as a duplicate.</p>
+
+</dd>
+<dt id="serial"><b>serial</b></dt>
+<dd>
+
+<p>A text file containing the next serial number to use in hex. Mandatory. This file must be present and contain a valid serial number.</p>
+
+</dd>
+<dt id="crlnumber"><b>crlnumber</b></dt>
+<dd>
+
+<p>A text file containing the next CRL number to use in hex. The crl number will be inserted in the CRLs only if this file exists. If this file is present, it must contain a valid CRL number.</p>
+
+</dd>
+<dt id="x509_extensions"><b>x509_extensions</b></dt>
+<dd>
+
+<p>The same as <b>-extensions</b>.</p>
+
+</dd>
+<dt id="crl_extensions"><b>crl_extensions</b></dt>
+<dd>
+
+<p>The same as <b>-crlexts</b>.</p>
+
+</dd>
+<dt id="preserve"><b>preserve</b></dt>
+<dd>
+
+<p>The same as <b>-preserveDN</b></p>
+
+</dd>
+<dt id="email_in_dn"><b>email_in_dn</b></dt>
+<dd>
+
+<p>The same as <b>-noemailDN</b>. If you want the EMAIL field to be removed from the DN of the certificate simply set this to &#39;no&#39;. If not present the default is to allow for the EMAIL filed in the certificate&#39;s DN.</p>
+
+</dd>
+<dt id="msie_hack1"><b>msie_hack</b></dt>
+<dd>
+
+<p>The same as <b>-msie_hack</b></p>
+
+</dd>
+<dt id="policy"><b>policy</b></dt>
+<dd>
+
+<p>The same as <b>-policy</b>. Mandatory. See the <b>POLICY FORMAT</b> section for more information.</p>
+
+</dd>
+<dt id="name_opt-cert_opt"><b>name_opt</b>, <b>cert_opt</b></dt>
+<dd>
+
+<p>These options allow the format used to display the certificate details when asking the user to confirm signing. All the options supported by the <b>x509</b> utilities <b>-nameopt</b> and <b>-certopt</b> switches can be used here, except the <b>no_signame</b> and <b>no_sigdump</b> are permanently set and cannot be disabled (this is because the certificate signature cannot be displayed because the certificate has not been signed at this point).</p>
+
+<p>For convenience the values <b>ca_default</b> are accepted by both to produce a reasonable output.</p>
+
+<p>If neither option is present the format used in earlier versions of OpenSSL is used. Use of the old format is <b>strongly</b> discouraged because it only displays fields mentioned in the <b>policy</b> section, mishandles multicharacter string types and does not display extensions.</p>
+
+</dd>
+<dt id="copy_extensions"><b>copy_extensions</b></dt>
+<dd>
+
+<p>Determines how extensions in certificate requests should be handled. If set to <b>none</b> or this option is not present then extensions are ignored and not copied to the certificate. If set to <b>copy</b> then any extensions present in the request that are not already present are copied to the certificate. If set to <b>copyall</b> then all extensions in the request are copied to the certificate: if the extension is already present in the certificate it is deleted first. See the <b>WARNINGS</b> section before using this option.</p>
+
+<p>The main use of this option is to allow a certificate request to supply values for certain extensions such as subjectAltName.</p>
+
+</dd>
+</dl>
+
+<h1 id="POLICY-FORMAT">POLICY FORMAT</h1>
+
+<p>The policy section consists of a set of variables corresponding to certificate DN fields. If the value is &quot;match&quot; then the field value must match the same field in the CA certificate. If the value is &quot;supplied&quot; then it must be present. If the value is &quot;optional&quot; then it may be present. Any fields not mentioned in the policy section are silently deleted, unless the <b>-preserveDN</b> option is set but this can be regarded more of a quirk than intended behaviour.</p>
+
+<h1 id="SPKAC-FORMAT">SPKAC FORMAT</h1>
+
+<p>The input to the <b>-spkac</b> command line option is a Netscape signed public key and challenge. This will usually come from the <b>KEYGEN</b> tag in an HTML form to create a new private key. It is however possible to create SPKACs using the <b>spkac</b> utility.</p>
+
+<p>The file should contain the variable SPKAC set to the value of the SPKAC and also the required DN components as name value pairs. If you need to include the same component twice then it can be preceded by a number and a &#39;.&#39;.</p>
+
+<p>When processing SPKAC format, the output is DER if the <b>-out</b> flag is used, but PEM format if sending to stdout or the <b>-outdir</b> flag is used.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Note: these examples assume that the <b>ca</b> directory structure is already set up and the relevant files already exist. This usually involves creating a CA certificate and private key with <b>req</b>, a serial number file and an empty index file and placing them in the relevant directories.</p>
+
+<p>To use the sample configuration file below the directories demoCA, demoCA/private and demoCA/newcerts would be created. The CA certificate would be copied to demoCA/cacert.pem and its private key to demoCA/private/cakey.pem. A file demoCA/serial would be created containing for example &quot;01&quot; and the empty index file demoCA/index.txt.</p>
+
+<p>Sign a certificate request:</p>
+
+<pre><code> openssl ca -in req.pem -out newcert.pem</code></pre>
+
+<p>Sign a certificate request, using CA extensions:</p>
+
+<pre><code> openssl ca -in req.pem -extensions v3_ca -out newcert.pem</code></pre>
+
+<p>Generate a CRL</p>
+
+<pre><code> openssl ca -gencrl -out crl.pem</code></pre>
+
+<p>Sign several requests:</p>
+
+<pre><code> openssl ca -infiles req1.pem req2.pem req3.pem</code></pre>
+
+<p>Certify a Netscape SPKAC:</p>
+
+<pre><code> openssl ca -spkac spkac.txt</code></pre>
+
+<p>A sample SPKAC file (the SPKAC line has been truncated for clarity):</p>
+
+<pre><code> SPKAC=MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PDhCeV/xIxUg8V70YRxK2A5
+ CN=Steve Test
+ emailAddress=steve@openssl.org
+ 0.OU=OpenSSL Group
+ 1.OU=Another Group</code></pre>
+
+<p>A sample configuration file with the relevant sections for <b>ca</b>:</p>
+
+<pre><code> [ ca ]
+ default_ca      = CA_default            # The default ca section
+
+ [ CA_default ]
+
+ dir            = ./demoCA              # top dir
+ database       = $dir/index.txt        # index file.
+ new_certs_dir  = $dir/newcerts         # new certs dir
+
+ certificate    = $dir/cacert.pem       # The CA cert
+ serial         = $dir/serial           # serial no file
+ #rand_serial    = yes                  # for random serial#&#39;s
+ private_key    = $dir/private/cakey.pem# CA private key
+ RANDFILE       = $dir/private/.rand    # random number file
+
+ default_days   = 365                   # how long to certify for
+ default_crl_days= 30                   # how long before next CRL
+ default_md     = md5                   # md to use
+
+ policy         = policy_any            # default policy
+ email_in_dn    = no                    # Don&#39;t add the email into cert DN
+
+ name_opt       = ca_default            # Subject name display option
+ cert_opt       = ca_default            # Certificate display option
+ copy_extensions = none                 # Don&#39;t copy extensions from request
+
+ [ policy_any ]
+ countryName            = supplied
+ stateOrProvinceName    = optional
+ organizationName       = optional
+ organizationalUnitName = optional
+ commonName             = supplied
+ emailAddress           = optional</code></pre>
+
+<h1 id="FILES">FILES</h1>
+
+<p>Note: the location of all files can change either by compile time options, configuration file entries, environment variables or command line options. The values below reflect the default values.</p>
+
+<pre><code> /usr/local/ssl/lib/openssl.cnf - master configuration file
+ ./demoCA                       - main CA directory
+ ./demoCA/cacert.pem            - CA certificate
+ ./demoCA/private/cakey.pem     - CA private key
+ ./demoCA/serial                - CA serial number file
+ ./demoCA/serial.old            - CA serial number backup file
+ ./demoCA/index.txt             - CA text database file
+ ./demoCA/index.txt.old         - CA text database backup file
+ ./demoCA/certs                 - certificate output file
+ ./demoCA/.rnd                  - CA random seed information</code></pre>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>The text database index file is a critical part of the process and if corrupted it can be difficult to fix. It is theoretically possible to rebuild the index file from all the issued certificates and a current CRL: however there is no option to do this.</p>
+
+<p>V2 CRL features like delta CRLs are not currently supported.</p>
+
+<p>Although several requests can be input and handled at once it is only possible to include one SPKAC or self-signed certificate.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The use of an in-memory text database can cause problems when large numbers of certificates are present because, as the name implies the database has to be kept in memory.</p>
+
+<p>The <b>ca</b> command really needs rewriting or the required functionality exposed at either a command or interface level so a more friendly utility (perl script or GUI) can handle things properly. The script <b>CA.pl</b> helps a little but not very much.</p>
+
+<p>Any fields in a request that are not present in a policy are silently deleted. This does not happen if the <b>-preserveDN</b> option is used. To enforce the absence of the EMAIL field within the DN, as suggested by RFCs, regardless the contents of the request&#39; subject the <b>-noemailDN</b> option can be used. The behaviour should be more friendly and configurable.</p>
+
+<p>Canceling some commands by refusing to certify a certificate can create an empty file.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>The <b>ca</b> command is quirky and at times downright unfriendly.</p>
+
+<p>The <b>ca</b> utility was originally meant as an example of how to do things in a CA. It was not supposed to be used as a full blown CA itself: nevertheless some people are using it for this purpose.</p>
+
+<p>The <b>ca</b> command is effectively a single user command: no locking is done on the various files and attempts to run more than one <b>ca</b> command on the same database can have unpredictable results.</p>
+
+<p>The <b>copy_extensions</b> option should be used with caution. If care is not taken then it can be a security risk. For example if a certificate request contains a basicConstraints extension with CA:TRUE and the <b>copy_extensions</b> value is set to <b>copyall</b> and the user does not spot this when the certificate is displayed then this will hand the requester a valid CA certificate.</p>
+
+<p>This situation can be avoided by setting <b>copy_extensions</b> to <b>copy</b> and including basicConstraints with CA:FALSE in the configuration file. Then if the request contains a basicConstraints extension it will be ignored.</p>
+
+<p>It is advisable to also include values for other extensions such as <b>keyUsage</b> to prevent a request supplying its own values.</p>
+
+<p>Additional restrictions can be placed on the CA certificate itself. For example if the CA certificate has:</p>
+
+<pre><code> basicConstraints = CA:TRUE, pathlen:0</code></pre>
+
+<p>then even if a certificate is issued with CA:TRUE it will not be valid.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Since OpenSSL 1.1.1, the program follows RFC5280. Specifically, certificate validity period (specified by any of <b>-startdate</b>, <b>-enddate</b> and <b>-days</b>) will be encoded as UTCTime if the dates are earlier than year 2049 (included), and as GeneralizedTime if the dates are in year 2050 or later.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/req.html">req(1)</a>, <a href="../man1/spkac.html">spkac(1)</a>, <a href="../man1/x509.html">x509(1)</a>, <a href="../man1/CA.pl.html">CA.pl(1)</a>, <a href="../man5/config.html">config(5)</a>, <a href="../man5/x509v3_config.html">x509v3_config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/ciphers.html b/msys2/usr/share/doc/openssl/html/man1/ciphers.html
new file mode 100644
index 000000000..1ad915efb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/ciphers.html
@@ -0,0 +1,811 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CIPHER-LIST-FORMAT">CIPHER LIST FORMAT</a></li>
+  <li><a href="#CIPHER-STRINGS">CIPHER STRINGS</a></li>
+  <li><a href="#CIPHER-SUITE-NAMES">CIPHER SUITE NAMES</a>
+    <ul>
+      <li><a href="#SSL-v3.0-cipher-suites">SSL v3.0 cipher suites</a></li>
+      <li><a href="#TLS-v1.0-cipher-suites">TLS v1.0 cipher suites</a></li>
+      <li><a href="#AES-cipher-suites-from-RFC3268-extending-TLS-v1.0">AES cipher suites from RFC3268, extending TLS v1.0</a></li>
+      <li><a href="#Camellia-cipher-suites-from-RFC4132-extending-TLS-v1.0">Camellia cipher suites from RFC4132, extending TLS v1.0</a></li>
+      <li><a href="#SEED-cipher-suites-from-RFC4162-extending-TLS-v1.0">SEED cipher suites from RFC4162, extending TLS v1.0</a></li>
+      <li><a href="#GOST-cipher-suites-from-draft-chudov-cryptopro-cptls-extending-TLS-v1.0">GOST cipher suites from draft-chudov-cryptopro-cptls, extending TLS v1.0</a></li>
+      <li><a href="#Additional-Export-1024-and-other-cipher-suites">Additional Export 1024 and other cipher suites</a></li>
+      <li><a href="#Elliptic-curve-cipher-suites">Elliptic curve cipher suites.</a></li>
+      <li><a href="#TLS-v1.2-cipher-suites">TLS v1.2 cipher suites</a></li>
+      <li><a href="#ARIA-cipher-suites-from-RFC6209-extending-TLS-v1.2">ARIA cipher suites from RFC6209, extending TLS v1.2</a></li>
+      <li><a href="#Camellia-HMAC-Based-cipher-suites-from-RFC6367-extending-TLS-v1.2">Camellia HMAC-Based cipher suites from RFC6367, extending TLS v1.2</a></li>
+      <li><a href="#Pre-shared-keying-PSK-cipher-suites">Pre-shared keying (PSK) cipher suites</a></li>
+      <li><a href="#ChaCha20-Poly1305-cipher-suites-extending-TLS-v1.2">ChaCha20-Poly1305 cipher suites, extending TLS v1.2</a></li>
+      <li><a href="#TLS-v1.3-cipher-suites">TLS v1.3 cipher suites</a></li>
+      <li><a href="#Older-names-used-by-OpenSSL">Older names used by OpenSSL</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ciphers, ciphers - SSL cipher display and cipher list tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ciphers</b> [<b>-help</b>] [<b>-s</b>] [<b>-v</b>] [<b>-V</b>] [<b>-ssl3</b>] [<b>-tls1</b>] [<b>-tls1_1</b>] [<b>-tls1_2</b>] [<b>-tls1_3</b>] [<b>-s</b>] [<b>-psk</b>] [<b>-srp</b>] [<b>-stdname</b>] [<b>-convert name</b>] [<b>-ciphersuites val</b>] [<b>cipherlist</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>ciphers</b> command converts textual OpenSSL cipher lists into ordered SSL cipher preference lists. It can be used as a test tool to determine the appropriate cipherlist.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print a usage message.</p>
+
+</dd>
+<dt id="s"><b>-s</b></dt>
+<dd>
+
+<p>Only list supported ciphers: those consistent with the security level, and minimum and maximum protocol version. This is closer to the actual cipher list an application will support.</p>
+
+<p>PSK and SRP ciphers are not enabled by default: they require <b>-psk</b> or <b>-srp</b> to enable them.</p>
+
+<p>It also does not change the default list of supported signature algorithms.</p>
+
+<p>On a server the list of supported ciphers might also exclude other ciphers depending on the configured certificates and presence of DH parameters.</p>
+
+<p>If this option is not used then all ciphers that match the cipherlist will be listed.</p>
+
+</dd>
+<dt id="psk"><b>-psk</b></dt>
+<dd>
+
+<p>When combined with <b>-s</b> includes cipher suites which require PSK.</p>
+
+</dd>
+<dt id="srp"><b>-srp</b></dt>
+<dd>
+
+<p>When combined with <b>-s</b> includes cipher suites which require SRP.</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>Verbose output: For each cipher suite, list details as provided by <a href="../man3/SSL_CIPHER_description.html">SSL_CIPHER_description(3)</a>.</p>
+
+</dd>
+<dt id="V"><b>-V</b></dt>
+<dd>
+
+<p>Like <b>-v</b>, but include the official cipher suite values in hex.</p>
+
+</dd>
+<dt id="tls1_3--tls1_2--tls1_1--tls1--ssl3"><b>-tls1_3</b>, <b>-tls1_2</b>, <b>-tls1_1</b>, <b>-tls1</b>, <b>-ssl3</b></dt>
+<dd>
+
+<p>In combination with the <b>-s</b> option, list the ciphers which could be used if the specified protocol were negotiated. Note that not all protocols and flags may be available, depending on how OpenSSL was built.</p>
+
+</dd>
+<dt id="stdname"><b>-stdname</b></dt>
+<dd>
+
+<p>Precede each cipher suite by its standard name.</p>
+
+</dd>
+<dt id="convert-name"><b>-convert name</b></dt>
+<dd>
+
+<p>Convert a standard cipher <b>name</b> to its OpenSSL name.</p>
+
+</dd>
+<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
+<dd>
+
+<p>Sets the list of TLSv1.3 ciphersuites. This list will be combined with any TLSv1.2 and below ciphersuites that have been configured. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names. By default this value is:</p>
+
+<pre><code> TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256</code></pre>
+
+</dd>
+<dt id="cipherlist"><b>cipherlist</b></dt>
+<dd>
+
+<p>A cipher list of TLSv1.2 and below ciphersuites to convert to a cipher preference list. This list will be combined with any TLSv1.3 ciphersuites that have been configured. If it is not included then the default cipher list will be used. The format is described below.</p>
+
+</dd>
+</dl>
+
+<h1 id="CIPHER-LIST-FORMAT">CIPHER LIST FORMAT</h1>
+
+<p>The cipher list consists of one or more <i>cipher strings</i> separated by colons. Commas or spaces are also acceptable separators but colons are normally used.</p>
+
+<p>The actual cipher string can take several different forms.</p>
+
+<p>It can consist of a single cipher suite such as <b>RC4-SHA</b>.</p>
+
+<p>It can represent a list of cipher suites containing a certain algorithm, or cipher suites of a certain type. For example <b>SHA1</b> represents all ciphers suites using the digest algorithm SHA1 and <b>SSLv3</b> represents all SSL v3 algorithms.</p>
+
+<p>Lists of cipher suites can be combined in a single cipher string using the <b>+</b> character. This is used as a logical <b>and</b> operation. For example <b>SHA1+DES</b> represents all cipher suites containing the SHA1 <b>and</b> the DES algorithms.</p>
+
+<p>Each cipher string can be optionally preceded by the characters <b>!</b>, <b>-</b> or <b>+</b>.</p>
+
+<p>If <b>!</b> is used then the ciphers are permanently deleted from the list. The ciphers deleted can never reappear in the list even if they are explicitly stated.</p>
+
+<p>If <b>-</b> is used then the ciphers are deleted from the list, but some or all of the ciphers can be added again by later options.</p>
+
+<p>If <b>+</b> is used then the ciphers are moved to the end of the list. This option doesn&#39;t add any new ciphers it just moves matching existing ones.</p>
+
+<p>If none of these characters is present then the string is just interpreted as a list of ciphers to be appended to the current preference list. If the list includes any ciphers already present they will be ignored: that is they will not moved to the end of the list.</p>
+
+<p>The cipher string <b>@STRENGTH</b> can be used at any point to sort the current cipher list in order of encryption algorithm key length.</p>
+
+<p>The cipher string <b>@SECLEVEL=n</b> can be used at any point to set the security level to <b>n</b>, which should be a number between zero and five, inclusive. See <a href="/../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level</a> for a description of what each level means.</p>
+
+<p>The cipher list can be prefixed with the <b>DEFAULT</b> keyword, which enables the default cipher list as defined below. Unlike cipher strings, this prefix may not be combined with other strings using <b>+</b> character. For example, <b>DEFAULT+DES</b> is not valid.</p>
+
+<p>The content of the default list is determined at compile time and normally corresponds to <b>ALL:!COMPLEMENTOFDEFAULT:!eNULL</b>.</p>
+
+<h1 id="CIPHER-STRINGS">CIPHER STRINGS</h1>
+
+<p>The following is a list of all permitted cipher strings and their meanings.</p>
+
+<dl>
+
+<dt id="COMPLEMENTOFDEFAULT"><b>COMPLEMENTOFDEFAULT</b></dt>
+<dd>
+
+<p>The ciphers included in <b>ALL</b>, but not enabled by default. Currently this includes all RC4 and anonymous ciphers. Note that this rule does not cover <b>eNULL</b>, which is not included by <b>ALL</b> (use <b>COMPLEMENTOFALL</b> if necessary). Note that RC4 based cipher suites are not built into OpenSSL by default (see the enable-weak-ssl-ciphers option to Configure).</p>
+
+</dd>
+<dt id="ALL"><b>ALL</b></dt>
+<dd>
+
+<p>All cipher suites except the <b>eNULL</b> ciphers (which must be explicitly enabled if needed). As of OpenSSL 1.0.0, the <b>ALL</b> cipher suites are sensibly ordered by default.</p>
+
+</dd>
+<dt id="COMPLEMENTOFALL"><b>COMPLEMENTOFALL</b></dt>
+<dd>
+
+<p>The cipher suites not enabled by <b>ALL</b>, currently <b>eNULL</b>.</p>
+
+</dd>
+<dt id="HIGH"><b>HIGH</b></dt>
+<dd>
+
+<p>&quot;High&quot; encryption cipher suites. This currently means those with key lengths larger than 128 bits, and some cipher suites with 128-bit keys.</p>
+
+</dd>
+<dt id="MEDIUM"><b>MEDIUM</b></dt>
+<dd>
+
+<p>&quot;Medium&quot; encryption cipher suites, currently some of those using 128 bit encryption.</p>
+
+</dd>
+<dt id="LOW"><b>LOW</b></dt>
+<dd>
+
+<p>&quot;Low&quot; encryption cipher suites, currently those using 64 or 56 bit encryption algorithms but excluding export cipher suites. All these cipher suites have been removed as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="eNULL-NULL"><b>eNULL</b>, <b>NULL</b></dt>
+<dd>
+
+<p>The &quot;NULL&quot; ciphers that is those offering no encryption. Because these offer no encryption at all and are a security risk they are not enabled via either the <b>DEFAULT</b> or <b>ALL</b> cipher strings. Be careful when building cipherlists out of lower-level primitives such as <b>kRSA</b> or <b>aECDSA</b> as these do overlap with the <b>eNULL</b> ciphers. When in doubt, include <b>!eNULL</b> in your cipherlist.</p>
+
+</dd>
+<dt id="aNULL"><b>aNULL</b></dt>
+<dd>
+
+<p>The cipher suites offering no authentication. This is currently the anonymous DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable to &quot;man in the middle&quot; attacks and so their use is discouraged. These are excluded from the <b>DEFAULT</b> ciphers, but included in the <b>ALL</b> ciphers. Be careful when building cipherlists out of lower-level primitives such as <b>kDHE</b> or <b>AES</b> as these do overlap with the <b>aNULL</b> ciphers. When in doubt, include <b>!aNULL</b> in your cipherlist.</p>
+
+</dd>
+<dt id="kRSA-aRSA-RSA"><b>kRSA</b>, <b>aRSA</b>, <b>RSA</b></dt>
+<dd>
+
+<p>Cipher suites using RSA key exchange or authentication. <b>RSA</b> is an alias for <b>kRSA</b>.</p>
+
+</dd>
+<dt id="kDHr-kDHd-kDH"><b>kDHr</b>, <b>kDHd</b>, <b>kDH</b></dt>
+<dd>
+
+<p>Cipher suites using static DH key agreement and DH certificates signed by CAs with RSA and DSS keys or either respectively. All these cipher suites have been removed in OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="kDHE-kEDH-DH"><b>kDHE</b>, <b>kEDH</b>, <b>DH</b></dt>
+<dd>
+
+<p>Cipher suites using ephemeral DH key agreement, including anonymous cipher suites.</p>
+
+</dd>
+<dt id="DHE-EDH"><b>DHE</b>, <b>EDH</b></dt>
+<dd>
+
+<p>Cipher suites using authenticated ephemeral DH key agreement.</p>
+
+</dd>
+<dt id="ADH"><b>ADH</b></dt>
+<dd>
+
+<p>Anonymous DH cipher suites, note that this does not include anonymous Elliptic Curve DH (ECDH) cipher suites.</p>
+
+</dd>
+<dt id="kEECDH-kECDHE-ECDH"><b>kEECDH</b>, <b>kECDHE</b>, <b>ECDH</b></dt>
+<dd>
+
+<p>Cipher suites using ephemeral ECDH key agreement, including anonymous cipher suites.</p>
+
+</dd>
+<dt id="ECDHE-EECDH"><b>ECDHE</b>, <b>EECDH</b></dt>
+<dd>
+
+<p>Cipher suites using authenticated ephemeral ECDH key agreement.</p>
+
+</dd>
+<dt id="AECDH"><b>AECDH</b></dt>
+<dd>
+
+<p>Anonymous Elliptic Curve Diffie-Hellman cipher suites.</p>
+
+</dd>
+<dt id="aDSS-DSS"><b>aDSS</b>, <b>DSS</b></dt>
+<dd>
+
+<p>Cipher suites using DSS authentication, i.e. the certificates carry DSS keys.</p>
+
+</dd>
+<dt id="aDH"><b>aDH</b></dt>
+<dd>
+
+<p>Cipher suites effectively using DH authentication, i.e. the certificates carry DH keys. All these cipher suites have been removed in OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="aECDSA-ECDSA"><b>aECDSA</b>, <b>ECDSA</b></dt>
+<dd>
+
+<p>Cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA keys.</p>
+
+</dd>
+<dt id="TLSv1.2-TLSv1.0-SSLv3"><b>TLSv1.2</b>, <b>TLSv1.0</b>, <b>SSLv3</b></dt>
+<dd>
+
+<p>Lists cipher suites which are only supported in at least TLS v1.2, TLS v1.0 or SSL v3.0 respectively. Note: there are no cipher suites specific to TLS v1.1. Since this is only the minimum version, if, for example, TLSv1.0 is negotiated then both TLSv1.0 and SSLv3.0 cipher suites are available.</p>
+
+<p>Note: these cipher strings <b>do not</b> change the negotiated version of SSL or TLS, they only affect the list of available cipher suites.</p>
+
+</dd>
+<dt id="AES128-AES256-AES"><b>AES128</b>, <b>AES256</b>, <b>AES</b></dt>
+<dd>
+
+<p>cipher suites using 128 bit AES, 256 bit AES or either 128 or 256 bit AES.</p>
+
+</dd>
+<dt id="AESGCM"><b>AESGCM</b></dt>
+<dd>
+
+<p>AES in Galois Counter Mode (GCM): these cipher suites are only supported in TLS v1.2.</p>
+
+</dd>
+<dt id="AESCCM-AESCCM8"><b>AESCCM</b>, <b>AESCCM8</b></dt>
+<dd>
+
+<p>AES in Cipher Block Chaining - Message Authentication Mode (CCM): these cipher suites are only supported in TLS v1.2. <b>AESCCM</b> references CCM cipher suites using both 16 and 8 octet Integrity Check Value (ICV) while <b>AESCCM8</b> only references 8 octet ICV.</p>
+
+</dd>
+<dt id="ARIA128-ARIA256-ARIA"><b>ARIA128</b>, <b>ARIA256</b>, <b>ARIA</b></dt>
+<dd>
+
+<p>Cipher suites using 128 bit ARIA, 256 bit ARIA or either 128 or 256 bit ARIA.</p>
+
+</dd>
+<dt id="CAMELLIA128-CAMELLIA256-CAMELLIA"><b>CAMELLIA128</b>, <b>CAMELLIA256</b>, <b>CAMELLIA</b></dt>
+<dd>
+
+<p>Cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit CAMELLIA.</p>
+
+</dd>
+<dt id="CHACHA20"><b>CHACHA20</b></dt>
+<dd>
+
+<p>Cipher suites using ChaCha20.</p>
+
+</dd>
+<dt id="DES"><b>3DES</b></dt>
+<dd>
+
+<p>Cipher suites using triple DES.</p>
+
+</dd>
+<dt id="DES1"><b>DES</b></dt>
+<dd>
+
+<p>Cipher suites using DES (not triple DES). All these cipher suites have been removed in OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="RC4"><b>RC4</b></dt>
+<dd>
+
+<p>Cipher suites using RC4.</p>
+
+</dd>
+<dt id="RC2"><b>RC2</b></dt>
+<dd>
+
+<p>Cipher suites using RC2.</p>
+
+</dd>
+<dt id="IDEA"><b>IDEA</b></dt>
+<dd>
+
+<p>Cipher suites using IDEA.</p>
+
+</dd>
+<dt id="SEED"><b>SEED</b></dt>
+<dd>
+
+<p>Cipher suites using SEED.</p>
+
+</dd>
+<dt id="MD5"><b>MD5</b></dt>
+<dd>
+
+<p>Cipher suites using MD5.</p>
+
+</dd>
+<dt id="SHA1-SHA"><b>SHA1</b>, <b>SHA</b></dt>
+<dd>
+
+<p>Cipher suites using SHA1.</p>
+
+</dd>
+<dt id="SHA256-SHA384"><b>SHA256</b>, <b>SHA384</b></dt>
+<dd>
+
+<p>Cipher suites using SHA256 or SHA384.</p>
+
+</dd>
+<dt id="aGOST"><b>aGOST</b></dt>
+<dd>
+
+<p>Cipher suites using GOST R 34.10 (either 2001 or 94) for authentication (needs an engine supporting GOST algorithms).</p>
+
+</dd>
+<dt id="aGOST01"><b>aGOST01</b></dt>
+<dd>
+
+<p>Cipher suites using GOST R 34.10-2001 authentication.</p>
+
+</dd>
+<dt id="kGOST"><b>kGOST</b></dt>
+<dd>
+
+<p>Cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.</p>
+
+</dd>
+<dt id="GOST94"><b>GOST94</b></dt>
+<dd>
+
+<p>Cipher suites, using HMAC based on GOST R 34.11-94.</p>
+
+</dd>
+<dt id="GOST89MAC"><b>GOST89MAC</b></dt>
+<dd>
+
+<p>Cipher suites using GOST 28147-89 MAC <b>instead of</b> HMAC.</p>
+
+</dd>
+<dt id="PSK"><b>PSK</b></dt>
+<dd>
+
+<p>All cipher suites using pre-shared keys (PSK).</p>
+
+</dd>
+<dt id="kPSK-kECDHEPSK-kDHEPSK-kRSAPSK"><b>kPSK</b>, <b>kECDHEPSK</b>, <b>kDHEPSK</b>, <b>kRSAPSK</b></dt>
+<dd>
+
+<p>Cipher suites using PSK key exchange, ECDHE_PSK, DHE_PSK or RSA_PSK.</p>
+
+</dd>
+<dt id="aPSK"><b>aPSK</b></dt>
+<dd>
+
+<p>Cipher suites using PSK authentication (currently all PSK modes apart from RSA_PSK).</p>
+
+</dd>
+<dt id="SUITEB128-SUITEB128ONLY-SUITEB192"><b>SUITEB128</b>, <b>SUITEB128ONLY</b>, <b>SUITEB192</b></dt>
+<dd>
+
+<p>Enables suite B mode of operation using 128 (permitting 192 bit mode by peer) 128 bit (not permitting 192 bit by peer) or 192 bit level of security respectively. If used these cipherstrings should appear first in the cipher list and anything after them is ignored. Setting Suite B mode has additional consequences required to comply with RFC6460. In particular the supported signature algorithms is reduced to support only ECDSA and SHA256 or SHA384, only the elliptic curves P-256 and P-384 can be used and only the two suite B compliant cipher suites (ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-ECDSA-AES256-GCM-SHA384) are permissible.</p>
+
+</dd>
+</dl>
+
+<h1 id="CIPHER-SUITE-NAMES">CIPHER SUITE NAMES</h1>
+
+<p>The following lists give the SSL or TLS cipher suites names from the relevant specification and their OpenSSL equivalents. It should be noted, that several cipher suite names do not include the authentication used, e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.</p>
+
+<h2 id="SSL-v3.0-cipher-suites">SSL v3.0 cipher suites</h2>
+
+<pre><code> SSL_RSA_WITH_NULL_MD5                   NULL-MD5
+ SSL_RSA_WITH_NULL_SHA                   NULL-SHA
+ SSL_RSA_WITH_RC4_128_MD5                RC4-MD5
+ SSL_RSA_WITH_RC4_128_SHA                RC4-SHA
+ SSL_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
+ SSL_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
+
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA        DH-DSS-DES-CBC3-SHA
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA        DH-RSA-DES-CBC3-SHA
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA       DHE-DSS-DES-CBC3-SHA
+ SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA       DHE-RSA-DES-CBC3-SHA
+
+ SSL_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
+ SSL_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
+
+ SSL_FORTEZZA_KEA_WITH_NULL_SHA          Not implemented.
+ SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA  Not implemented.
+ SSL_FORTEZZA_KEA_WITH_RC4_128_SHA       Not implemented.</code></pre>
+
+<h2 id="TLS-v1.0-cipher-suites">TLS v1.0 cipher suites</h2>
+
+<pre><code> TLS_RSA_WITH_NULL_MD5                   NULL-MD5
+ TLS_RSA_WITH_NULL_SHA                   NULL-SHA
+ TLS_RSA_WITH_RC4_128_MD5                RC4-MD5
+ TLS_RSA_WITH_RC4_128_SHA                RC4-SHA
+ TLS_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
+
+ TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
+ TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
+ TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA       DHE-DSS-DES-CBC3-SHA
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       DHE-RSA-DES-CBC3-SHA
+
+ TLS_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
+ TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA</code></pre>
+
+<h2 id="AES-cipher-suites-from-RFC3268-extending-TLS-v1.0">AES cipher suites from RFC3268, extending TLS v1.0</h2>
+
+<pre><code> TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
+ TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA         DH-DSS-AES128-SHA
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA         DH-DSS-AES256-SHA
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA         DH-RSA-AES128-SHA
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA         DH-RSA-AES256-SHA
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA        DHE-RSA-AES128-SHA
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA        DHE-RSA-AES256-SHA
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA        ADH-AES128-SHA
+ TLS_DH_anon_WITH_AES_256_CBC_SHA        ADH-AES256-SHA</code></pre>
+
+<h2 id="Camellia-cipher-suites-from-RFC4132-extending-TLS-v1.0">Camellia cipher suites from RFC4132, extending TLS v1.0</h2>
+
+<pre><code> TLS_RSA_WITH_CAMELLIA_128_CBC_SHA      CAMELLIA128-SHA
+ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA      CAMELLIA256-SHA
+
+ TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA   DH-DSS-CAMELLIA128-SHA
+ TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA   DH-DSS-CAMELLIA256-SHA
+ TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA   DH-RSA-CAMELLIA128-SHA
+ TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA   DH-RSA-CAMELLIA256-SHA
+
+ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA  DHE-DSS-CAMELLIA128-SHA
+ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA  DHE-DSS-CAMELLIA256-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA  DHE-RSA-CAMELLIA128-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA  DHE-RSA-CAMELLIA256-SHA
+
+ TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA  ADH-CAMELLIA128-SHA
+ TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA  ADH-CAMELLIA256-SHA</code></pre>
+
+<h2 id="SEED-cipher-suites-from-RFC4162-extending-TLS-v1.0">SEED cipher suites from RFC4162, extending TLS v1.0</h2>
+
+<pre><code> TLS_RSA_WITH_SEED_CBC_SHA              SEED-SHA
+
+ TLS_DH_DSS_WITH_SEED_CBC_SHA           DH-DSS-SEED-SHA
+ TLS_DH_RSA_WITH_SEED_CBC_SHA           DH-RSA-SEED-SHA
+
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA          DHE-DSS-SEED-SHA
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA          DHE-RSA-SEED-SHA
+
+ TLS_DH_anon_WITH_SEED_CBC_SHA          ADH-SEED-SHA</code></pre>
+
+<h2 id="GOST-cipher-suites-from-draft-chudov-cryptopro-cptls-extending-TLS-v1.0">GOST cipher suites from draft-chudov-cryptopro-cptls, extending TLS v1.0</h2>
+
+<p>Note: these ciphers require an engine which including GOST cryptographic algorithms, such as the <b>ccgost</b> engine, included in the OpenSSL distribution.</p>
+
+<pre><code> TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
+ TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
+ TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
+ TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94</code></pre>
+
+<h2 id="Additional-Export-1024-and-other-cipher-suites">Additional Export 1024 and other cipher suites</h2>
+
+<p>Note: these ciphers can also be used in SSL v3.</p>
+
+<pre><code> TLS_DHE_DSS_WITH_RC4_128_SHA            DHE-DSS-RC4-SHA</code></pre>
+
+<h2 id="Elliptic-curve-cipher-suites">Elliptic curve cipher suites.</h2>
+
+<pre><code> TLS_ECDHE_RSA_WITH_NULL_SHA             ECDHE-RSA-NULL-SHA
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA          ECDHE-RSA-RC4-SHA
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA     ECDHE-RSA-DES-CBC3-SHA
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA      ECDHE-RSA-AES128-SHA
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA      ECDHE-RSA-AES256-SHA
+
+ TLS_ECDHE_ECDSA_WITH_NULL_SHA           ECDHE-ECDSA-NULL-SHA
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA        ECDHE-ECDSA-RC4-SHA
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA   ECDHE-ECDSA-DES-CBC3-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA    ECDHE-ECDSA-AES128-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA    ECDHE-ECDSA-AES256-SHA
+
+ TLS_ECDH_anon_WITH_NULL_SHA             AECDH-NULL-SHA
+ TLS_ECDH_anon_WITH_RC4_128_SHA          AECDH-RC4-SHA
+ TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA     AECDH-DES-CBC3-SHA
+ TLS_ECDH_anon_WITH_AES_128_CBC_SHA      AECDH-AES128-SHA
+ TLS_ECDH_anon_WITH_AES_256_CBC_SHA      AECDH-AES256-SHA</code></pre>
+
+<h2 id="TLS-v1.2-cipher-suites">TLS v1.2 cipher suites</h2>
+
+<pre><code> TLS_RSA_WITH_NULL_SHA256                  NULL-SHA256
+
+ TLS_RSA_WITH_AES_128_CBC_SHA256           AES128-SHA256
+ TLS_RSA_WITH_AES_256_CBC_SHA256           AES256-SHA256
+ TLS_RSA_WITH_AES_128_GCM_SHA256           AES128-GCM-SHA256
+ TLS_RSA_WITH_AES_256_GCM_SHA384           AES256-GCM-SHA384
+
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA256        DH-RSA-AES128-SHA256
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA256        DH-RSA-AES256-SHA256
+ TLS_DH_RSA_WITH_AES_128_GCM_SHA256        DH-RSA-AES128-GCM-SHA256
+ TLS_DH_RSA_WITH_AES_256_GCM_SHA384        DH-RSA-AES256-GCM-SHA384
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA256        DH-DSS-AES128-SHA256
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA256        DH-DSS-AES256-SHA256
+ TLS_DH_DSS_WITH_AES_128_GCM_SHA256        DH-DSS-AES128-GCM-SHA256
+ TLS_DH_DSS_WITH_AES_256_GCM_SHA384        DH-DSS-AES256-GCM-SHA384
+
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256       DHE-RSA-AES128-SHA256
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256       DHE-RSA-AES256-SHA256
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256       DHE-RSA-AES128-GCM-SHA256
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384       DHE-RSA-AES256-GCM-SHA384
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256       DHE-DSS-AES128-SHA256
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256       DHE-DSS-AES256-SHA256
+ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256       DHE-DSS-AES128-GCM-SHA256
+ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384       DHE-DSS-AES256-GCM-SHA384
+
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256     ECDHE-RSA-AES128-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384     ECDHE-RSA-AES256-SHA384
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256     ECDHE-RSA-AES128-GCM-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384     ECDHE-RSA-AES256-GCM-SHA384
+
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   ECDHE-ECDSA-AES128-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384   ECDHE-ECDSA-AES256-SHA384
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256   ECDHE-ECDSA-AES128-GCM-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384   ECDHE-ECDSA-AES256-GCM-SHA384
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA256       ADH-AES128-SHA256
+ TLS_DH_anon_WITH_AES_256_CBC_SHA256       ADH-AES256-SHA256
+ TLS_DH_anon_WITH_AES_128_GCM_SHA256       ADH-AES128-GCM-SHA256
+ TLS_DH_anon_WITH_AES_256_GCM_SHA384       ADH-AES256-GCM-SHA384
+
+ RSA_WITH_AES_128_CCM                      AES128-CCM
+ RSA_WITH_AES_256_CCM                      AES256-CCM
+ DHE_RSA_WITH_AES_128_CCM                  DHE-RSA-AES128-CCM
+ DHE_RSA_WITH_AES_256_CCM                  DHE-RSA-AES256-CCM
+ RSA_WITH_AES_128_CCM_8                    AES128-CCM8
+ RSA_WITH_AES_256_CCM_8                    AES256-CCM8
+ DHE_RSA_WITH_AES_128_CCM_8                DHE-RSA-AES128-CCM8
+ DHE_RSA_WITH_AES_256_CCM_8                DHE-RSA-AES256-CCM8
+ ECDHE_ECDSA_WITH_AES_128_CCM              ECDHE-ECDSA-AES128-CCM
+ ECDHE_ECDSA_WITH_AES_256_CCM              ECDHE-ECDSA-AES256-CCM
+ ECDHE_ECDSA_WITH_AES_128_CCM_8            ECDHE-ECDSA-AES128-CCM8
+ ECDHE_ECDSA_WITH_AES_256_CCM_8            ECDHE-ECDSA-AES256-CCM8</code></pre>
+
+<h2 id="ARIA-cipher-suites-from-RFC6209-extending-TLS-v1.2">ARIA cipher suites from RFC6209, extending TLS v1.2</h2>
+
+<p>Note: the CBC modes mentioned in this RFC are not supported.</p>
+
+<pre><code> TLS_RSA_WITH_ARIA_128_GCM_SHA256          ARIA128-GCM-SHA256
+ TLS_RSA_WITH_ARIA_256_GCM_SHA384          ARIA256-GCM-SHA384
+ TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256      DHE-RSA-ARIA128-GCM-SHA256
+ TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384      DHE-RSA-ARIA256-GCM-SHA384
+ TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256      DHE-DSS-ARIA128-GCM-SHA256
+ TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384      DHE-DSS-ARIA256-GCM-SHA384
+ TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256  ECDHE-ECDSA-ARIA128-GCM-SHA256
+ TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384  ECDHE-ECDSA-ARIA256-GCM-SHA384
+ TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256    ECDHE-ARIA128-GCM-SHA256
+ TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384    ECDHE-ARIA256-GCM-SHA384
+ TLS_PSK_WITH_ARIA_128_GCM_SHA256          PSK-ARIA128-GCM-SHA256
+ TLS_PSK_WITH_ARIA_256_GCM_SHA384          PSK-ARIA256-GCM-SHA384
+ TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256      DHE-PSK-ARIA128-GCM-SHA256
+ TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384      DHE-PSK-ARIA256-GCM-SHA384
+ TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256      RSA-PSK-ARIA128-GCM-SHA256
+ TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384      RSA-PSK-ARIA256-GCM-SHA384</code></pre>
+
+<h2 id="Camellia-HMAC-Based-cipher-suites-from-RFC6367-extending-TLS-v1.2">Camellia HMAC-Based cipher suites from RFC6367, extending TLS v1.2</h2>
+
+<pre><code> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-ECDSA-CAMELLIA128-SHA256
+ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-ECDSA-CAMELLIA256-SHA384
+ TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   ECDHE-RSA-CAMELLIA128-SHA256
+ TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   ECDHE-RSA-CAMELLIA256-SHA384</code></pre>
+
+<h2 id="Pre-shared-keying-PSK-cipher-suites">Pre-shared keying (PSK) cipher suites</h2>
+
+<pre><code> PSK_WITH_NULL_SHA                         PSK-NULL-SHA
+ DHE_PSK_WITH_NULL_SHA                     DHE-PSK-NULL-SHA
+ RSA_PSK_WITH_NULL_SHA                     RSA-PSK-NULL-SHA
+
+ PSK_WITH_RC4_128_SHA                      PSK-RC4-SHA
+ PSK_WITH_3DES_EDE_CBC_SHA                 PSK-3DES-EDE-CBC-SHA
+ PSK_WITH_AES_128_CBC_SHA                  PSK-AES128-CBC-SHA
+ PSK_WITH_AES_256_CBC_SHA                  PSK-AES256-CBC-SHA
+
+ DHE_PSK_WITH_RC4_128_SHA                  DHE-PSK-RC4-SHA
+ DHE_PSK_WITH_3DES_EDE_CBC_SHA             DHE-PSK-3DES-EDE-CBC-SHA
+ DHE_PSK_WITH_AES_128_CBC_SHA              DHE-PSK-AES128-CBC-SHA
+ DHE_PSK_WITH_AES_256_CBC_SHA              DHE-PSK-AES256-CBC-SHA
+
+ RSA_PSK_WITH_RC4_128_SHA                  RSA-PSK-RC4-SHA
+ RSA_PSK_WITH_3DES_EDE_CBC_SHA             RSA-PSK-3DES-EDE-CBC-SHA
+ RSA_PSK_WITH_AES_128_CBC_SHA              RSA-PSK-AES128-CBC-SHA
+ RSA_PSK_WITH_AES_256_CBC_SHA              RSA-PSK-AES256-CBC-SHA
+
+ PSK_WITH_AES_128_GCM_SHA256               PSK-AES128-GCM-SHA256
+ PSK_WITH_AES_256_GCM_SHA384               PSK-AES256-GCM-SHA384
+ DHE_PSK_WITH_AES_128_GCM_SHA256           DHE-PSK-AES128-GCM-SHA256
+ DHE_PSK_WITH_AES_256_GCM_SHA384           DHE-PSK-AES256-GCM-SHA384
+ RSA_PSK_WITH_AES_128_GCM_SHA256           RSA-PSK-AES128-GCM-SHA256
+ RSA_PSK_WITH_AES_256_GCM_SHA384           RSA-PSK-AES256-GCM-SHA384
+
+ PSK_WITH_AES_128_CBC_SHA256               PSK-AES128-CBC-SHA256
+ PSK_WITH_AES_256_CBC_SHA384               PSK-AES256-CBC-SHA384
+ PSK_WITH_NULL_SHA256                      PSK-NULL-SHA256
+ PSK_WITH_NULL_SHA384                      PSK-NULL-SHA384
+ DHE_PSK_WITH_AES_128_CBC_SHA256           DHE-PSK-AES128-CBC-SHA256
+ DHE_PSK_WITH_AES_256_CBC_SHA384           DHE-PSK-AES256-CBC-SHA384
+ DHE_PSK_WITH_NULL_SHA256                  DHE-PSK-NULL-SHA256
+ DHE_PSK_WITH_NULL_SHA384                  DHE-PSK-NULL-SHA384
+ RSA_PSK_WITH_AES_128_CBC_SHA256           RSA-PSK-AES128-CBC-SHA256
+ RSA_PSK_WITH_AES_256_CBC_SHA384           RSA-PSK-AES256-CBC-SHA384
+ RSA_PSK_WITH_NULL_SHA256                  RSA-PSK-NULL-SHA256
+ RSA_PSK_WITH_NULL_SHA384                  RSA-PSK-NULL-SHA384
+ PSK_WITH_AES_128_GCM_SHA256               PSK-AES128-GCM-SHA256
+ PSK_WITH_AES_256_GCM_SHA384               PSK-AES256-GCM-SHA384
+
+ ECDHE_PSK_WITH_RC4_128_SHA                ECDHE-PSK-RC4-SHA
+ ECDHE_PSK_WITH_3DES_EDE_CBC_SHA           ECDHE-PSK-3DES-EDE-CBC-SHA
+ ECDHE_PSK_WITH_AES_128_CBC_SHA            ECDHE-PSK-AES128-CBC-SHA
+ ECDHE_PSK_WITH_AES_256_CBC_SHA            ECDHE-PSK-AES256-CBC-SHA
+ ECDHE_PSK_WITH_AES_128_CBC_SHA256         ECDHE-PSK-AES128-CBC-SHA256
+ ECDHE_PSK_WITH_AES_256_CBC_SHA384         ECDHE-PSK-AES256-CBC-SHA384
+ ECDHE_PSK_WITH_NULL_SHA                   ECDHE-PSK-NULL-SHA
+ ECDHE_PSK_WITH_NULL_SHA256                ECDHE-PSK-NULL-SHA256
+ ECDHE_PSK_WITH_NULL_SHA384                ECDHE-PSK-NULL-SHA384
+
+ PSK_WITH_CAMELLIA_128_CBC_SHA256          PSK-CAMELLIA128-SHA256
+ PSK_WITH_CAMELLIA_256_CBC_SHA384          PSK-CAMELLIA256-SHA384
+
+ DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256      DHE-PSK-CAMELLIA128-SHA256
+ DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384      DHE-PSK-CAMELLIA256-SHA384
+
+ RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256      RSA-PSK-CAMELLIA128-SHA256
+ RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384      RSA-PSK-CAMELLIA256-SHA384
+
+ ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256    ECDHE-PSK-CAMELLIA128-SHA256
+ ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384    ECDHE-PSK-CAMELLIA256-SHA384
+
+ PSK_WITH_AES_128_CCM                      PSK-AES128-CCM
+ PSK_WITH_AES_256_CCM                      PSK-AES256-CCM
+ DHE_PSK_WITH_AES_128_CCM                  DHE-PSK-AES128-CCM
+ DHE_PSK_WITH_AES_256_CCM                  DHE-PSK-AES256-CCM
+ PSK_WITH_AES_128_CCM_8                    PSK-AES128-CCM8
+ PSK_WITH_AES_256_CCM_8                    PSK-AES256-CCM8
+ DHE_PSK_WITH_AES_128_CCM_8                DHE-PSK-AES128-CCM8
+ DHE_PSK_WITH_AES_256_CCM_8                DHE-PSK-AES256-CCM8</code></pre>
+
+<h2 id="ChaCha20-Poly1305-cipher-suites-extending-TLS-v1.2">ChaCha20-Poly1305 cipher suites, extending TLS v1.2</h2>
+
+<pre><code> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256      ECDHE-RSA-CHACHA20-POLY1305
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256    ECDHE-ECDSA-CHACHA20-POLY1305
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256        DHE-RSA-CHACHA20-POLY1305
+ TLS_PSK_WITH_CHACHA20_POLY1305_SHA256            PSK-CHACHA20-POLY1305
+ TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256      ECDHE-PSK-CHACHA20-POLY1305
+ TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256        DHE-PSK-CHACHA20-POLY1305
+ TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256        RSA-PSK-CHACHA20-POLY1305</code></pre>
+
+<h2 id="TLS-v1.3-cipher-suites">TLS v1.3 cipher suites</h2>
+
+<pre><code> TLS_AES_128_GCM_SHA256                     TLS_AES_128_GCM_SHA256
+ TLS_AES_256_GCM_SHA384                     TLS_AES_256_GCM_SHA384
+ TLS_CHACHA20_POLY1305_SHA256               TLS_CHACHA20_POLY1305_SHA256
+ TLS_AES_128_CCM_SHA256                     TLS_AES_128_CCM_SHA256
+ TLS_AES_128_CCM_8_SHA256                   TLS_AES_128_CCM_8_SHA256</code></pre>
+
+<h2 id="Older-names-used-by-OpenSSL">Older names used by OpenSSL</h2>
+
+<p>The following names are accepted by older releases:</p>
+
+<pre><code> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA    EDH-RSA-DES-CBC3-SHA (DHE-RSA-DES-CBC3-SHA)
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA    EDH-DSS-DES-CBC3-SHA (DHE-DSS-DES-CBC3-SHA)</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some compiled versions of OpenSSL may not include all the ciphers listed here because some ciphers were excluded at compile time.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Verbose listing of all OpenSSL ciphers including NULL ciphers:</p>
+
+<pre><code> openssl ciphers -v &#39;ALL:eNULL&#39;</code></pre>
+
+<p>Include all ciphers except NULL and anonymous DH then sort by strength:</p>
+
+<pre><code> openssl ciphers -v &#39;ALL:!ADH:@STRENGTH&#39;</code></pre>
+
+<p>Include all ciphers except ones with no encryption (eNULL) or no authentication (aNULL):</p>
+
+<pre><code> openssl ciphers -v &#39;ALL:!aNULL&#39;</code></pre>
+
+<p>Include only 3DES ciphers and then place RSA ciphers last:</p>
+
+<pre><code> openssl ciphers -v &#39;3DES:+RSA&#39;</code></pre>
+
+<p>Include all RC4 ciphers but leave out those without authentication:</p>
+
+<pre><code> openssl ciphers -v &#39;RC4:!COMPLEMENTOFDEFAULT&#39;</code></pre>
+
+<p>Include all ciphers with RSA authentication but leave out ciphers without encryption.</p>
+
+<pre><code> openssl ciphers -v &#39;RSA:!COMPLEMENTOFALL&#39;</code></pre>
+
+<p>Set security level to 2 and display all ciphers consistent with level 2:</p>
+
+<pre><code> openssl ciphers -s -v &#39;ALL:@SECLEVEL=2&#39;</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/s_client.html">s_client(1)</a>, <a href="../man1/s_server.html">s_server(1)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>-V</b> option for the <b>ciphers</b> command was added in OpenSSL 1.0.0.</p>
+
+<p>The <b>-stdname</b> is only available if OpenSSL is built with tracing enabled (<b>enable-ssl-trace</b> argument to Configure) before OpenSSL 1.1.1.</p>
+
+<p>The <b>-convert</b> option was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/cms.html b/msys2/usr/share/doc/openssl/html/man1/cms.html
new file mode 100644
index 000000000..c5a1de59a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/cms.html
@@ -0,0 +1,636 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>cms</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXIT-CODES">EXIT CODES</a></li>
+  <li><a href="#COMPATIBILITY-WITH-PKCS-7-format">COMPATIBILITY WITH PKCS#7 format.</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-cms, cms - CMS utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>cms</b> [<b>-help</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-sign</b>] [<b>-verify</b>] [<b>-cmsout</b>] [<b>-resign</b>] [<b>-data_create</b>] [<b>-data_out</b>] [<b>-digest_create</b>] [<b>-digest_verify</b>] [<b>-compress</b>] [<b>-uncompress</b>] [<b>-EncryptedData_encrypt</b>] [<b>-sign_receipt</b>] [<b>-verify_receipt receipt</b>] [<b>-in filename</b>] [<b>-inform SMIME|PEM|DER</b>] [<b>-rctform SMIME|PEM|DER</b>] [<b>-out filename</b>] [<b>-outform SMIME|PEM|DER</b>] [<b>-stream -indef -noindef</b>] [<b>-noindef</b>] [<b>-content filename</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-print</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-md digest</b>] [<b>-<i>cipher</i></b>] [<b>-nointern</b>] [<b>-noverify</b>] [<b>-nocerts</b>] [<b>-noattr</b>] [<b>-nosmimecap</b>] [<b>-binary</b>] [<b>-crlfeol</b>] [<b>-asciicrlf</b>] [<b>-nodetach</b>] [<b>-certfile file</b>] [<b>-certsout file</b>] [<b>-signer file</b>] [<b>-recip file</b>] [<b>-keyid</b>] [<b>-receipt_request_all</b>] [<b>-receipt_request_first</b>] [<b>-receipt_request_from emailaddress</b>] [<b>-receipt_request_to emailaddress</b>] [<b>-receipt_request_print</b>] [<b>-secretkey key</b>] [<b>-secretkeyid id</b>] [<b>-econtent_type type</b>] [<b>-inkey file</b>] [<b>-keyopt name:parameter</b>] [<b>-passin arg</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>cert.pem...</b>] [<b>-to addr</b>] [<b>-from addr</b>] [<b>-subject subj</b>] [cert.pem]...</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>cms</b> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and verify, compress and uncompress S/MIME messages.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>There are fourteen operation options that set the type of operation to be performed. The meaning of the other options varies according to the operation type.</p>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="encrypt"><b>-encrypt</b></dt>
+<dd>
+
+<p>Encrypt mail for the given recipient certificates. Input file is the message to be encrypted. The output file is the encrypted mail in MIME format. The actual CMS type is &lt;B&gt;EnvelopedData&lt;B&gt;.</p>
+
+<p>Note that no revocation check is done for the recipient cert, so if that key has been compromised, others may be able to decrypt the text.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Decrypt mail using the supplied certificate and private key. Expects an encrypted mail message in MIME format for the input file. The decrypted mail is written to the output file.</p>
+
+</dd>
+<dt id="debug_decrypt"><b>-debug_decrypt</b></dt>
+<dd>
+
+<p>This option sets the <b>CMS_DEBUG_DECRYPT</b> flag. This option should be used with caution: see the notes section below.</p>
+
+</dd>
+<dt id="sign"><b>-sign</b></dt>
+<dd>
+
+<p>Sign mail using the supplied certificate and private key. Input file is the message to be signed. The signed message in MIME format is written to the output file.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verify signed mail. Expects a signed mail message on input and outputs the signed data. Both clear text and opaque signing is supported.</p>
+
+</dd>
+<dt id="cmsout"><b>-cmsout</b></dt>
+<dd>
+
+<p>Takes an input message and writes out a PEM encoded CMS structure.</p>
+
+</dd>
+<dt id="resign"><b>-resign</b></dt>
+<dd>
+
+<p>Resign a message: take an existing message and one or more new signers.</p>
+
+</dd>
+<dt id="data_create"><b>-data_create</b></dt>
+<dd>
+
+<p>Create a CMS <b>Data</b> type.</p>
+
+</dd>
+<dt id="data_out"><b>-data_out</b></dt>
+<dd>
+
+<p><b>Data</b> type and output the content.</p>
+
+</dd>
+<dt id="digest_create"><b>-digest_create</b></dt>
+<dd>
+
+<p>Create a CMS <b>DigestedData</b> type.</p>
+
+</dd>
+<dt id="digest_verify"><b>-digest_verify</b></dt>
+<dd>
+
+<p>Verify a CMS <b>DigestedData</b> type and output the content.</p>
+
+</dd>
+<dt id="compress"><b>-compress</b></dt>
+<dd>
+
+<p>Create a CMS <b>CompressedData</b> type. OpenSSL must be compiled with <b>zlib</b> support for this option to work, otherwise it will output an error.</p>
+
+</dd>
+<dt id="uncompress"><b>-uncompress</b></dt>
+<dd>
+
+<p>Uncompress a CMS <b>CompressedData</b> type and output the content. OpenSSL must be compiled with <b>zlib</b> support for this option to work, otherwise it will output an error.</p>
+
+</dd>
+<dt id="EncryptedData_encrypt"><b>-EncryptedData_encrypt</b></dt>
+<dd>
+
+<p>Encrypt content using supplied symmetric key and algorithm using a CMS <b>EncryptedData</b> type and output the content.</p>
+
+</dd>
+<dt id="sign_receipt"><b>-sign_receipt</b></dt>
+<dd>
+
+<p>Generate and output a signed receipt for the supplied message. The input message <b>must</b> contain a signed receipt request. Functionality is otherwise similar to the <b>-sign</b> operation.</p>
+
+</dd>
+<dt id="verify_receipt-receipt"><b>-verify_receipt receipt</b></dt>
+<dd>
+
+<p>Verify a signed receipt in filename <b>receipt</b>. The input message <b>must</b> contain the original receipt request. Functionality is otherwise similar to the <b>-verify</b> operation.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>The input message to be encrypted or signed or the message to be decrypted or verified.</p>
+
+</dd>
+<dt id="inform-SMIME-PEM-DER"><b>-inform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>This specifies the input format for the CMS structure. The default is <b>SMIME</b> which reads an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to expect PEM and DER format CMS structures instead. This currently only affects the input format of the CMS structure, if no CMS structure is being input (for example with <b>-encrypt</b> or <b>-sign</b>) this option has no effect.</p>
+
+</dd>
+<dt id="rctform-SMIME-PEM-DER"><b>-rctform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>Specify the format for a signed receipt for use with the <b>-receipt_verify</b> operation.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The message text that has been decrypted or verified or the output MIME format message that has been signed or verified.</p>
+
+</dd>
+<dt id="outform-SMIME-PEM-DER"><b>-outform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>This specifies the output format for the CMS structure. The default is <b>SMIME</b> which writes an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to write PEM and DER format CMS structures instead. This currently only affects the output format of the CMS structure, if no CMS structure is being output (for example with <b>-verify</b> or <b>-decrypt</b>) this option has no effect.</p>
+
+</dd>
+<dt id="stream--indef--noindef"><b>-stream -indef -noindef</b></dt>
+<dd>
+
+<p>The <b>-stream</b> and <b>-indef</b> options are equivalent and enable streaming I/O for encoding operations. This permits single pass processing of data without the need to hold the entire contents in memory, potentially supporting very large files. Streaming is automatically set for S/MIME signing with detached data if the output format is <b>SMIME</b> it is currently off by default for all other operations.</p>
+
+</dd>
+<dt id="noindef"><b>-noindef</b></dt>
+<dd>
+
+<p>Disable streaming I/O where it would produce and indefinite length constructed encoding. This option currently has no effect. In future streaming will be enabled by default on all relevant operations and this option will disable it.</p>
+
+</dd>
+<dt id="content-filename"><b>-content filename</b></dt>
+<dd>
+
+<p>This specifies a file containing the detached content, this is only useful with the <b>-verify</b> command. This is only usable if the CMS structure is using the detached signature form where the content is not included. This option will override any content if the input format is S/MIME and it uses the multipart/signed MIME content type.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option adds plain text (text/plain) MIME headers to the supplied message if encrypting or signing. If decrypting or verifying it strips off text headers: if the decrypted or verified message is not of MIME type text/plain then an error occurs.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>For the <b>-cmsout</b> operation do not output the parsed CMS structure. This is useful when combined with the <b>-print</b> option or if the syntax of the CMS structure is being checked.</p>
+
+</dd>
+<dt id="print"><b>-print</b></dt>
+<dd>
+
+<p>For the <b>-cmsout</b> operation print out all fields of the CMS structure. This is mainly useful for testing purposes.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted CA certificates, only used with <b>-verify</b>.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>A directory containing trusted CA certificates, only used with <b>-verify</b>. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location</p>
+
+</dd>
+<dt id="md-digest"><b>-md digest</b></dt>
+<dd>
+
+<p>Digest algorithm to use when signing or resigning. If not present then the default digest algorithm for the signing key will be used (usually SHA1).</p>
+
+</dd>
+<dt id="cipher"><b>-<i>cipher</i></b></dt>
+<dd>
+
+<p>The encryption algorithm to use. For example triple DES (168 bits) - <b>-des3</b> or 256 bit AES - <b>-aes256</b>. Any standard algorithm name (as used by the EVP_get_cipherbyname() function) can also be used preceded by a dash, for example <b>-aes-128-cbc</b>. See <a href="../man1/enc.html">enc(1)</a> for a list of ciphers supported by your version of OpenSSL.</p>
+
+<p>If not specified triple DES is used. Only used with <b>-encrypt</b> and <b>-EncryptedData_create</b> commands.</p>
+
+</dd>
+<dt id="nointern"><b>-nointern</b></dt>
+<dd>
+
+<p>When verifying a message normally certificates (if any) included in the message are searched for the signing certificate. With this option only the certificates specified in the <b>-certfile</b> option are used. The supplied certificates can still be used as untrusted CAs however.</p>
+
+</dd>
+<dt id="noverify"><b>-noverify</b></dt>
+<dd>
+
+<p>Do not verify the signers certificate of a signed message.</p>
+
+</dd>
+<dt id="nocerts"><b>-nocerts</b></dt>
+<dd>
+
+<p>When signing a message the signer&#39;s certificate is normally included with this option it is excluded. This will reduce the size of the signed message but the verifier must have a copy of the signers certificate available locally (passed using the <b>-certfile</b> option for example).</p>
+
+</dd>
+<dt id="noattr"><b>-noattr</b></dt>
+<dd>
+
+<p>Normally when a message is signed a set of attributes are included which include the signing time and supported symmetric algorithms. With this option they are not included.</p>
+
+</dd>
+<dt id="nosmimecap"><b>-nosmimecap</b></dt>
+<dd>
+
+<p>Exclude the list of supported algorithms from signed attributes, other options such as signing time and content type are still included.</p>
+
+</dd>
+<dt id="binary"><b>-binary</b></dt>
+<dd>
+
+<p>Normally the input message is converted to &quot;canonical&quot; format which is effectively using CR and LF as end of line: as required by the S/MIME specification. When this option is present no translation occurs. This is useful when handling binary data which may not be in MIME format.</p>
+
+</dd>
+<dt id="crlfeol"><b>-crlfeol</b></dt>
+<dd>
+
+<p>Normally the output file uses a single <b>LF</b> as end of line. When this option is present <b>CRLF</b> is used instead.</p>
+
+</dd>
+<dt id="asciicrlf"><b>-asciicrlf</b></dt>
+<dd>
+
+<p>When signing use ASCII CRLF format canonicalisation. This strips trailing whitespace from all lines, deletes trailing blank lines at EOF and sets the encapsulated content type. This option is normally used with detached content and an output signature format of DER. This option is not normally needed when verifying as it is enabled automatically if the encapsulated content format is detected.</p>
+
+</dd>
+<dt id="nodetach"><b>-nodetach</b></dt>
+<dd>
+
+<p>When signing a message use opaque signing: this form is more resistant to translation by mail relays but it cannot be read by mail agents that do not support S/MIME. Without this option cleartext signing with the MIME type multipart/signed is used.</p>
+
+</dd>
+<dt id="certfile-file"><b>-certfile file</b></dt>
+<dd>
+
+<p>Allows additional certificates to be specified. When signing these will be included with the message. When verifying these will be searched for the signers certificates. The certificates should be in PEM format.</p>
+
+</dd>
+<dt id="certsout-file"><b>-certsout file</b></dt>
+<dd>
+
+<p>Any certificates contained in the message are written to <b>file</b>.</p>
+
+</dd>
+<dt id="signer-file"><b>-signer file</b></dt>
+<dd>
+
+<p>A signing certificate when signing or resigning a message, this option can be used multiple times if more than one signer is required. If a message is being verified then the signers certificates will be written to this file if the verification was successful.</p>
+
+</dd>
+<dt id="recip-file"><b>-recip file</b></dt>
+<dd>
+
+<p>When decrypting a message this specifies the recipients certificate. The certificate must match one of the recipients of the message or an error occurs.</p>
+
+<p>When encrypting a message this option may be used multiple times to specify each recipient. This form <b>must</b> be used if customised parameters are required (for example to specify RSA-OAEP).</p>
+
+<p>Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this option.</p>
+
+</dd>
+<dt id="keyid"><b>-keyid</b></dt>
+<dd>
+
+<p>Use subject key identifier to identify certificates instead of issuer name and serial number. The supplied certificate <b>must</b> include a subject key identifier extension. Supported by <b>-sign</b> and <b>-encrypt</b> options.</p>
+
+</dd>
+<dt id="receipt_request_all--receipt_request_first"><b>-receipt_request_all</b>, <b>-receipt_request_first</b></dt>
+<dd>
+
+<p>For <b>-sign</b> option include a signed receipt request. Indicate requests should be provided by all recipient or first tier recipients (those mailed directly and not from a mailing list). Ignored it <b>-receipt_request_from</b> is included.</p>
+
+</dd>
+<dt id="receipt_request_from-emailaddress"><b>-receipt_request_from emailaddress</b></dt>
+<dd>
+
+<p>For <b>-sign</b> option include a signed receipt request. Add an explicit email address where receipts should be supplied.</p>
+
+</dd>
+<dt id="receipt_request_to-emailaddress"><b>-receipt_request_to emailaddress</b></dt>
+<dd>
+
+<p>Add an explicit email address where signed receipts should be sent to. This option <b>must</b> but supplied if a signed receipt it requested.</p>
+
+</dd>
+<dt id="receipt_request_print"><b>-receipt_request_print</b></dt>
+<dd>
+
+<p>For the <b>-verify</b> operation print out the contents of any signed receipt requests.</p>
+
+</dd>
+<dt id="secretkey-key"><b>-secretkey key</b></dt>
+<dd>
+
+<p>Specify symmetric key to use. The key must be supplied in hex format and be consistent with the algorithm used. Supported by the <b>-EncryptedData_encrypt</b> <b>-EncryptedData_decrypt</b>, <b>-encrypt</b> and <b>-decrypt</b> options. When used with <b>-encrypt</b> or <b>-decrypt</b> the supplied key is used to wrap or unwrap the content encryption key using an AES key in the <b>KEKRecipientInfo</b> type.</p>
+
+</dd>
+<dt id="secretkeyid-id"><b>-secretkeyid id</b></dt>
+<dd>
+
+<p>The key identifier for the supplied symmetric key for <b>KEKRecipientInfo</b> type. This option <b>must</b> be present if the <b>-secretkey</b> option is used with <b>-encrypt</b>. With <b>-decrypt</b> operations the <b>id</b> is used to locate the relevant key if it is not supplied then an attempt is used to decrypt any <b>KEKRecipientInfo</b> structures.</p>
+
+</dd>
+<dt id="econtent_type-type"><b>-econtent_type type</b></dt>
+<dd>
+
+<p>Set the encapsulated content type to <b>type</b> if not supplied the <b>Data</b> type is used. The <b>type</b> argument can be any valid OID name in either text or numerical format.</p>
+
+</dd>
+<dt id="inkey-file"><b>-inkey file</b></dt>
+<dd>
+
+<p>The private key to use when signing or decrypting. This must match the corresponding certificate. If this option is not specified then the private key must be included in the certificate file specified with the <b>-recip</b> or <b>-signer</b> file. When signing this option can be used multiple times to specify successive keys.</p>
+
+</dd>
+<dt id="keyopt-name:opt"><b>-keyopt name:opt</b></dt>
+<dd>
+
+<p>For signing and encryption this option can be used multiple times to set customised parameters for the preceding key or certificate. It can currently be used to set RSA-PSS for signing, RSA-OAEP for encryption or to modify default parameters for ECDH.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The private key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="cert.pem"><b>cert.pem...</b></dt>
+<dd>
+
+<p>One or more certificates of message recipients: used when encrypting a message.</p>
+
+</dd>
+<dt id="to--from--subject"><b>-to, -from, -subject</b></dt>
+<dd>
+
+<p>The relevant mail headers. These are included outside the signed portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate&#39;s email address matches that specified in the From: address.</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set various certificate chain validation options. See the <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The MIME message must be sent without any blank lines between the headers and the output. Some mail programs will automatically add a blank line. Piping the mail directly to sendmail is one way to achieve the correct format.</p>
+
+<p>The supplied message to be signed or encrypted must include the necessary MIME headers or many S/MIME clients won&#39;t display it properly (if at all). You can use the <b>-text</b> option to automatically add plain text headers.</p>
+
+<p>A &quot;signed and encrypted&quot; message is one where a signed message is then encrypted. This can be produced by encrypting an already signed message: see the examples section.</p>
+
+<p>This version of the program only allows one signer per message but it will verify multiple signers on received messages. Some S/MIME clients choke if a message contains multiple signers. It is possible to sign messages &quot;in parallel&quot; by signing an already signed message.</p>
+
+<p>The options <b>-encrypt</b> and <b>-decrypt</b> reflect common usage in S/MIME clients. Strictly speaking these process CMS enveloped data: CMS encrypted data is used for other purposes.</p>
+
+<p>The <b>-resign</b> option uses an existing message digest when adding a new signer. This means that attributes must be present in at least one existing signer using the same message digest or this operation will fail.</p>
+
+<p>The <b>-stream</b> and <b>-indef</b> options enable streaming I/O support. As a result the encoding is BER using indefinite length constructed encoding and no longer DER. Streaming is supported for the <b>-encrypt</b> operation and the <b>-sign</b> operation if the content is not detached.</p>
+
+<p>Streaming is always used for the <b>-sign</b> operation with detached data but since the content is no longer part of the CMS structure the encoding remains DER.</p>
+
+<p>If the <b>-decrypt</b> option is used without a recipient certificate then an attempt is made to locate the recipient by trying each potential recipient in turn using the supplied private key. To thwart the MMA attack (Bleichenbacher&#39;s attack on PKCS #1 v1.5 RSA padding) all recipients are tried whether they succeed or not and if no recipients match the message is &quot;decrypted&quot; using a random key which will typically output garbage. The <b>-debug_decrypt</b> option can be used to disable the MMA attack protection and return an error if no recipient can be found: this option should be used with caution. For a fuller description see <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>).</p>
+
+<h1 id="EXIT-CODES">EXIT CODES</h1>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation was completely successfully.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>An error occurred parsing the command options.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>One of the input files could not be read.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>An error occurred creating the CMS file or when reading the MIME message.</p>
+
+</dd>
+<dt id="pod4">4</dt>
+<dd>
+
+<p>An error occurred decrypting or verifying the message.</p>
+
+</dd>
+<dt id="pod5">5</dt>
+<dd>
+
+<p>The message was verified correctly but an error occurred writing out the signers certificates.</p>
+
+</dd>
+</dl>
+
+<h1 id="COMPATIBILITY-WITH-PKCS-7-format">COMPATIBILITY WITH PKCS#7 format.</h1>
+
+<p>The <b>smime</b> utility can only process the older <b>PKCS#7</b> format. The <b>cms</b> utility supports Cryptographic Message Syntax format. Use of some features will result in messages which cannot be processed by applications which only support the older format. These are detailed below.</p>
+
+<p>The use of the <b>-keyid</b> option with <b>-sign</b> or <b>-encrypt</b>.</p>
+
+<p>The <b>-outform PEM</b> option uses different headers.</p>
+
+<p>The <b>-compress</b> option.</p>
+
+<p>The <b>-secretkey</b> option when used with <b>-encrypt</b>.</p>
+
+<p>The use of PSS with <b>-sign</b>.</p>
+
+<p>The use of OAEP or non-RSA keys with <b>-encrypt</b>.</p>
+
+<p>Additionally the <b>-EncryptedData_create</b> and <b>-data_create</b> type cannot be processed by the older <b>smime</b> command.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create a cleartext signed message:</p>
+
+<pre><code> openssl cms -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem</code></pre>
+
+<p>Create an opaque signed message</p>
+
+<pre><code> openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
+        -signer mycert.pem</code></pre>
+
+<p>Create a signed message, include some additional certificates and read the private key from another file:</p>
+
+<pre><code> openssl cms -sign -in in.txt -text -out mail.msg \
+        -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem</code></pre>
+
+<p>Create a signed message with two signers, use key identifier:</p>
+
+<pre><code> openssl cms -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem -signer othercert.pem -keyid</code></pre>
+
+<p>Send a signed message under Unix directly to sendmail, including headers:</p>
+
+<pre><code> openssl cms -sign -in in.txt -text -signer mycert.pem \
+        -from steve@openssl.org -to someone@somewhere \
+        -subject &quot;Signed message&quot; | sendmail someone@somewhere</code></pre>
+
+<p>Verify a message and extract the signer&#39;s certificate if successful:</p>
+
+<pre><code> openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt</code></pre>
+
+<p>Send encrypted mail using triple DES:</p>
+
+<pre><code> openssl cms -encrypt -in in.txt -from steve@openssl.org \
+        -to someone@somewhere -subject &quot;Encrypted message&quot; \
+        -des3 user.pem -out mail.msg</code></pre>
+
+<p>Sign and encrypt mail:</p>
+
+<pre><code> openssl cms -sign -in ml.txt -signer my.pem -text \
+        | openssl cms -encrypt -out mail.msg \
+        -from steve@openssl.org -to someone@somewhere \
+        -subject &quot;Signed and Encrypted message&quot; -des3 user.pem</code></pre>
+
+<p>Note: the encryption command does not include the <b>-text</b> option because the message being encrypted already has MIME headers.</p>
+
+<p>Decrypt mail:</p>
+
+<pre><code> openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem</code></pre>
+
+<p>The output from Netscape form signing is a PKCS#7 structure with the detached signature format. You can use this program to verify the signature by line wrapping the base64 encoded structure and surrounding it with:</p>
+
+<pre><code> -----BEGIN PKCS7-----
+ -----END PKCS7-----</code></pre>
+
+<p>and using the command,</p>
+
+<pre><code> openssl cms -verify -inform PEM -in signature.pem -content content.txt</code></pre>
+
+<p>alternatively you can base64 decode the signature and use</p>
+
+<pre><code> openssl cms -verify -inform DER -in signature.der -content content.txt</code></pre>
+
+<p>Create an encrypted message using 128 bit Camellia:</p>
+
+<pre><code> openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem</code></pre>
+
+<p>Add a signer to an existing message:</p>
+
+<pre><code> openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg</code></pre>
+
+<p>Sign mail using RSA-PSS:</p>
+
+<pre><code> openssl cms -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem -keyopt rsa_padding_mode:pss</code></pre>
+
+<p>Create encrypted mail using RSA-OAEP:</p>
+
+<pre><code> openssl cms -encrypt -in plain.txt -out mail.msg \
+        -recip cert.pem -keyopt rsa_padding_mode:oaep</code></pre>
+
+<p>Use SHA256 KDF with an ECDH certificate:</p>
+
+<pre><code> openssl cms -encrypt -in plain.txt -out mail.msg \
+        -recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The MIME parser isn&#39;t very clever: it seems to handle most messages that I&#39;ve thrown at it but it may choke on others.</p>
+
+<p>The code currently will only write out the signer&#39;s certificate to a file: if the signer has a separate encryption certificate this must be manually extracted. There should be some heuristic that determines the correct encryption certificate.</p>
+
+<p>Ideally a database should be maintained of a certificates for each email address.</p>
+
+<p>The code doesn&#39;t currently take note of the permitted symmetric encryption algorithms as supplied in the SMIMECapabilities signed attribute. this means the user has to manually include the correct encryption algorithm. It should store the list of permitted ciphers in a database and only use those.</p>
+
+<p>No revocation checking is done on the signer&#39;s certificate.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The use of multiple <b>-signer</b> options and the <b>-resign</b> command were first added in OpenSSL 1.0.0.</p>
+
+<p>The <b>keyopt</b> option was added in OpenSSL 1.0.2.</p>
+
+<p>Support for RSA-OAEP and RSA-PSS was added in OpenSSL 1.0.2.</p>
+
+<p>The use of non-RSA keys with <b>-encrypt</b> and <b>-decrypt</b> was added in OpenSSL 1.0.2.</p>
+
+<p>The -no_alt_chains option was added in OpenSSL 1.0.2b.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/crl.html b/msys2/usr/share/doc/openssl/html/man1/crl.html
new file mode 100644
index 000000000..6f612d727
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/crl.html
@@ -0,0 +1,170 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>crl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-crl, crl - CRL utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>crl</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-text</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-nameopt option</b>] [<b>-noout</b>] [<b>-hash</b>] [<b>-issuer</b>] [<b>-lastupdate</b>] [<b>-nextupdate</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>crl</b> command processes CRL files in DER or PEM format.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. <b>DER</b> format is DER encoded CRL structure. <b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Print out the CRL in text form.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. See the description of <b>-nameopt</b> in <a href="../man1/x509.html">x509(1)</a>.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Don&#39;t output the encoded version of the CRL.</p>
+
+</dd>
+<dt id="hash"><b>-hash</b></dt>
+<dd>
+
+<p>Output a hash of the issuer name. This can be use to lookup CRLs in a directory by issuer name.</p>
+
+</dd>
+<dt id="hash_old"><b>-hash_old</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the CRL issuer name using the older algorithm as used by OpenSSL before version 1.0.0.</p>
+
+</dd>
+<dt id="issuer"><b>-issuer</b></dt>
+<dd>
+
+<p>Output the issuer name.</p>
+
+</dd>
+<dt id="lastupdate"><b>-lastupdate</b></dt>
+<dd>
+
+<p>Output the lastUpdate field.</p>
+
+</dd>
+<dt id="nextupdate"><b>-nextupdate</b></dt>
+<dd>
+
+<p>Output the nextUpdate field.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>Verify the signature on a CRL by looking up the issuing certificate in <b>file</b>.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>Verify the signature on a CRL by looking up the issuing certificate in <b>dir</b>. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM CRL format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN X509 CRL-----
+ -----END X509 CRL-----</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Convert a CRL file from PEM to DER:</p>
+
+<pre><code> openssl crl -in crl.pem -outform DER -out crl.der</code></pre>
+
+<p>Output the text form of a DER encoded certificate:</p>
+
+<pre><code> openssl crl -in crl.der -inform DER -text -noout</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Ideally it should be possible to create a CRL using appropriate options and files too.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/crl2pkcs7.html">crl2pkcs7(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/crl2pkcs7.html b/msys2/usr/share/doc/openssl/html/man1/crl2pkcs7.html
new file mode 100644
index 000000000..045f293d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/crl2pkcs7.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>crl2pkcs7</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-crl2pkcs7, crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>crl2pkcs7</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-certfile filename</b>] [<b>-nocrl</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>crl2pkcs7</b> command takes an optional CRL and one or more certificates and converts them into a PKCS#7 degenerate &quot;certificates only&quot; structure.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the CRL input format. <b>DER</b> format is DER encoded CRL structure.<b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines. The default format is PEM.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the PKCS#7 structure output format. <b>DER</b> format is DER encoded PKCS#7 structure.<b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines. The default format is PEM.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a CRL from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write the PKCS#7 structure to or standard output by default.</p>
+
+</dd>
+<dt id="certfile-filename"><b>-certfile filename</b></dt>
+<dd>
+
+<p>Specifies a filename containing one or more certificates in <b>PEM</b> format. All certificates in the file will be added to the PKCS#7 structure. This option can be used more than once to read certificates form multiple files.</p>
+
+</dd>
+<dt id="nocrl"><b>-nocrl</b></dt>
+<dd>
+
+<p>Normally a CRL is included in the output file. With this option no CRL is included in the output file and a CRL is not read from the input file.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create a PKCS#7 structure from a certificate and CRL:</p>
+
+<pre><code> openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem</code></pre>
+
+<p>Creates a PKCS#7 structure in DER format with no CRL from several different certificates:</p>
+
+<pre><code> openssl crl2pkcs7 -nocrl -certfile newcert.pem
+        -certfile demoCA/cacert.pem -outform DER -out p7.der</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The output file is a PKCS#7 signed data structure containing no signers and just certificates and an optional CRL.</p>
+
+<p>This utility can be used to send certificates and CAs to Netscape as part of the certificate enrollment process. This involves sending the DER encoded output as MIME type application/x-x509-user-cert.</p>
+
+<p>The <b>PEM</b> encoded form with the header and footer lines removed can be used to install user certificates and CAs in MSIE using the Xenroll control.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/pkcs7.html">pkcs7(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/dgst.html b/msys2/usr/share/doc/openssl/html/man1/dgst.html
new file mode 100644
index 000000000..af5c516b4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/dgst.html
@@ -0,0 +1,244 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>dgst</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-dgst, dgst - perform digest operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl dgst</b> [<b>-<i>digest</i></b>] [<b>-help</b>] [<b>-c</b>] [<b>-d</b>] [<b>-hex</b>] [<b>-binary</b>] [<b>-r</b>] [<b>-out filename</b>] [<b>-sign filename</b>] [<b>-keyform arg</b>] [<b>-passin arg</b>] [<b>-verify filename</b>] [<b>-prverify filename</b>] [<b>-signature filename</b>] [<b>-hmac key</b>] [<b>-fips-fingerprint</b>] [<b>-rand file...</b>] [<b>-engine id</b>] [<b>-engine_impl</b>] [<b>file...</b>]</p>
+
+<p><b>openssl</b> <i>digest</i> [<b>...</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The digest functions output the message digest of a supplied file or files in hexadecimal. The digest functions also generate and verify digital signatures using message digests.</p>
+
+<p>The generic name, <b>dgst</b>, may be used with an option specifying the algorithm to be used. The default digest is <i>sha256</i>. A supported <i>digest</i> name may also be used as the command name. To see the list of supported algorithms, use the <i>list --digest-commands</i> command.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>Specifies name of a supported digest to be used. To see the list of supported digests, use the command <i>list --digest-commands</i>.</p>
+
+</dd>
+<dt id="c"><b>-c</b></dt>
+<dd>
+
+<p>Print out the digest in two digit groups separated by colons, only relevant if <b>hex</b> format output is used.</p>
+
+</dd>
+<dt id="d"><b>-d</b></dt>
+<dd>
+
+<p>Print out BIO debugging information.</p>
+
+</dd>
+<dt id="hex"><b>-hex</b></dt>
+<dd>
+
+<p>Digest is to be output as a hex dump. This is the default case for a &quot;normal&quot; digest as opposed to a digital signature. See NOTES below for digital signatures using <b>-hex</b>.</p>
+
+</dd>
+<dt id="binary"><b>-binary</b></dt>
+<dd>
+
+<p>Output the digest or signature in binary form.</p>
+
+</dd>
+<dt id="r"><b>-r</b></dt>
+<dd>
+
+<p>Output the digest in the &quot;coreutils&quot; format used by programs like <b>sha1sum</b>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Filename to output to, or standard output by default.</p>
+
+</dd>
+<dt id="sign-filename"><b>-sign filename</b></dt>
+<dd>
+
+<p>Digitally sign the digest using the private key in &quot;filename&quot;. Note this option does not support Ed25519 or Ed448 private keys. Use the <b>pkeyutl</b> command instead for this.</p>
+
+</dd>
+<dt id="keyform-arg"><b>-keyform arg</b></dt>
+<dd>
+
+<p>Specifies the key format to sign digest with. The DER, PEM, P12, and ENGINE formats are supported.</p>
+
+</dd>
+<dt id="sigopt-nm:v"><b>-sigopt nm:v</b></dt>
+<dd>
+
+<p>Pass options to the signature algorithm during sign or verify operations. Names and values of these options are algorithm-specific.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The private key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="verify-filename"><b>-verify filename</b></dt>
+<dd>
+
+<p>Verify the signature using the public key in &quot;filename&quot;. The output is either &quot;Verification OK&quot; or &quot;Verification Failure&quot;.</p>
+
+</dd>
+<dt id="prverify-filename"><b>-prverify filename</b></dt>
+<dd>
+
+<p>Verify the signature using the private key in &quot;filename&quot;.</p>
+
+</dd>
+<dt id="signature-filename"><b>-signature filename</b></dt>
+<dd>
+
+<p>The actual signature to verify.</p>
+
+</dd>
+<dt id="hmac-key"><b>-hmac key</b></dt>
+<dd>
+
+<p>Create a hashed MAC using &quot;key&quot;.</p>
+
+</dd>
+<dt id="mac-alg"><b>-mac alg</b></dt>
+<dd>
+
+<p>Create MAC (keyed Message Authentication Code). The most popular MAC algorithm is HMAC (hash-based MAC), but there are other MAC algorithms which are not based on hash, for instance <b>gost-mac</b> algorithm, supported by <b>ccgost</b> engine. MAC keys and other options should be set via <b>-macopt</b> parameter.</p>
+
+</dd>
+<dt id="macopt-nm:v"><b>-macopt nm:v</b></dt>
+<dd>
+
+<p>Passes options to MAC algorithm, specified by <b>-mac</b> key. Following options are supported by both by <b>HMAC</b> and <b>gost-mac</b>:</p>
+
+<dl>
+
+<dt id="key:string"><b>key:string</b></dt>
+<dd>
+
+<p>Specifies MAC key as alphanumeric string (use if key contain printable characters only). String length must conform to any restrictions of the MAC algorithm for example exactly 32 chars for gost-mac.</p>
+
+</dd>
+<dt id="hexkey:string"><b>hexkey:string</b></dt>
+<dd>
+
+<p>Specifies MAC key in hexadecimal form (two hex digits per byte). Key length must conform to any restrictions of the MAC algorithm for example exactly 32 chars for gost-mac.</p>
+
+</dd>
+</dl>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="fips-fingerprint"><b>-fips-fingerprint</b></dt>
+<dd>
+
+<p>Compute HMAC using a specific key for certain OpenSSL-FIPS operations.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Use engine <b>id</b> for operations (including private key storage). This engine is not used as source for digest algorithms, unless it is also specified in the configuration file or <b>-engine_impl</b> is also specified.</p>
+
+</dd>
+<dt id="engine_impl"><b>-engine_impl</b></dt>
+<dd>
+
+<p>When used with the <b>-engine</b> option, it specifies to also use engine <b>id</b> for digest operations.</p>
+
+</dd>
+<dt id="file"><b>file...</b></dt>
+<dd>
+
+<p>File or files to digest. If no files are specified then standard input is used.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To create a hex-encoded message digest of a file: openssl dgst -md5 -hex file.txt</p>
+
+<p>To sign a file using SHA-256 with binary file output: openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt</p>
+
+<p>To verify a signature: openssl dgst -sha256 -verify publickey.pem \ -signature signature.sign \ file.txt</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The digest mechanisms that are available will depend on the options used when building OpenSSL. The <b>list digest-commands</b> command can be used to list them.</p>
+
+<p>New or agile applications should use probably use SHA-256. Other digests, particularly SHA-1 and MD5, are still widely used for interoperating with existing formats and protocols.</p>
+
+<p>When signing a file, <b>dgst</b> will automatically determine the algorithm (RSA, ECC, etc) to use for signing based on the private key&#39;s ASN.1 info. When verifying signatures, it only handles the RSA, DSA, or ECDSA signature itself, not the related data to identify the signer and algorithm used in formats such as x.509, CMS, and S/MIME.</p>
+
+<p>A source of random numbers is required for certain signing algorithms, in particular ECDSA and DSA.</p>
+
+<p>The signing and verify options should only be used if a single file is being signed or verified.</p>
+
+<p>Hex signatures cannot be verified using <b>openssl</b>. Instead, use &quot;xxd -r&quot; or similar program to transform the hex signature into a binary signature prior to verification.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0. The FIPS-related options were removed in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/dhparam.html b/msys2/usr/share/doc/openssl/html/man1/dhparam.html
new file mode 100644
index 000000000..66121b75e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/dhparam.html
@@ -0,0 +1,170 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>dhparam</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-dhparam, dhparam - DH parameter manipulation and generation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl dhparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in</b> <i>filename</i>] [<b>-out</b> <i>filename</i>] [<b>-dsaparam</b>] [<b>-check</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-2</b>] [<b>-5</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<i>numbits</i>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to manipulate DH parameter files.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with the PKCS#3 DHparameter structure. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in</b> <i>filename</i></dt>
+<dd>
+
+<p>This specifies the input filename to read parameters from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out</b> <i>filename</i></dt>
+<dd>
+
+<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="dsaparam"><b>-dsaparam</b></dt>
+<dd>
+
+<p>If this option is used, DSA rather than DH parameters are read or created; they are converted to DH format. Otherwise, &quot;strong&quot; primes (such that (p-1)/2 is also prime) will be used for DH parameter generation.</p>
+
+<p>DH parameter generation with the <b>-dsaparam</b> option is much faster, and the recommended exponent length is shorter, which makes DH key exchange more efficient. Beware that with such DSA-style DH parameters, a fresh DH key should be created for each use to avoid small-subgroup attacks that may be possible otherwise.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>Performs numerous checks to see if the supplied parameters are valid and displays a warning if not.</p>
+
+</dd>
+<dt id="pod-2--5"><b>-2</b>, <b>-5</b></dt>
+<dd>
+
+<p>The generator to use, either 2 or 5. If present then the input file is ignored and parameters are generated instead. If not present but <b>numbits</b> is present, parameters are generated with the default generator 2.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="numbits"><i>numbits</i></dt>
+<dd>
+
+<p>This option specifies that a parameter set should be generated of size <i>numbits</i>. It must be the last option. If this option is present then the input file is ignored and parameters are generated instead. If this option is not present but a generator (<b>-2</b> or <b>-5</b>) is present, parameters are generated with a default length of 2048 bits.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option inhibits the output of the encoded version of the parameters.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option prints out the DH parameters in human readable form.</p>
+
+</dd>
+<dt id="C"><b>-C</b></dt>
+<dd>
+
+<p>This option converts the parameters into C code. The parameters can then be loaded by calling the get_dhNNNN() function.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dhparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>The program <b>dhparam</b> combines the functionality of the programs <b>dh</b> and <b>gendh</b> in previous versions of OpenSSL. The <b>dh</b> and <b>gendh</b> programs are retained for now but may have different purposes in future versions of OpenSSL.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>PEM format DH parameters use the header and footer lines:</p>
+
+<pre><code> -----BEGIN DH PARAMETERS-----
+ -----END DH PARAMETERS-----</code></pre>
+
+<p>OpenSSL currently only supports the older PKCS#3 DH, not the newer X9.42 DH.</p>
+
+<p>This program manipulates DH parameters not keys.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be a way to generate and manipulate DH keys.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dsaparam.html">dsaparam(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/dsa.html b/msys2/usr/share/doc/openssl/html/man1/dsa.html
new file mode 100644
index 000000000..e5cfb05f2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/dsa.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>dsa</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-dsa, dsa - DSA key processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>dsa</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-modulus</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>dsa</b> command processes DSA keys. They can be converted between various forms and their components printed out. <b>Note</b> This command uses the traditional SSLeay compatible format for private key encryption: newer applications should use the more secure PKCS#8 format using the <b>pkcs8</b></p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option with a private key uses an ASN1 DER encoded form of an ASN.1 SEQUENCE consisting of the values of version (currently zero), p, q, g, the public and private key components respectively as ASN.1 INTEGERs. When used with a public key it uses a SubjectPublicKeyInfo structure: it is an error if the key is not DSA.</p>
+
+<p>The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines. In the case of a private key PKCS#8 format is also accepted.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output by is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with the specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the <b>dsa</b> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the public, private key components and parameters.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the key.</p>
+
+</dd>
+<dt id="modulus"><b>-modulus</b></dt>
+<dd>
+
+<p>This option prints out the value of the public key component of the key.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>By default, a private key is read from the input file. With this option a public key is read instead.</p>
+
+</dd>
+<dt id="pubout"><b>-pubout</b></dt>
+<dd>
+
+<p>By default, a private key is output. With this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM private key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN DSA PRIVATE KEY-----
+ -----END DSA PRIVATE KEY-----</code></pre>
+
+<p>The PEM public key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To remove the pass phrase on a DSA private key:</p>
+
+<pre><code> openssl dsa -in key.pem -out keyout.pem</code></pre>
+
+<p>To encrypt a private key using triple DES:</p>
+
+<pre><code> openssl dsa -in key.pem -des3 -out keyout.pem</code></pre>
+
+<p>To convert a private key from PEM to DER format:</p>
+
+<pre><code> openssl dsa -in key.pem -outform DER -out keyout.der</code></pre>
+
+<p>To print out the components of a private key to standard output:</p>
+
+<pre><code> openssl dsa -in key.pem -text -noout</code></pre>
+
+<p>To just output the public part of a private key:</p>
+
+<pre><code> openssl dsa -in key.pem -pubout -out pubkey.pem</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dsaparam.html">dsaparam(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/dsaparam.html b/msys2/usr/share/doc/openssl/html/man1/dsaparam.html
new file mode 100644
index 000000000..6b21a22e6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/dsaparam.html
@@ -0,0 +1,144 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>dsaparam</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-dsaparam, dsaparam - DSA parameter manipulation and generation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl dsaparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-genkey</b>] [<b>-engine id</b>] [<b>numbits</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to manipulate or generate DSA parameter files.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting of p, q and g respectively. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read parameters from or standard input if this option is not specified. If the <b>numbits</b> parameter is included then this option will be ignored.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option inhibits the output of the encoded version of the parameters.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option prints out the DSA parameters in human readable form.</p>
+
+</dd>
+<dt id="C"><b>-C</b></dt>
+<dd>
+
+<p>This option converts the parameters into C code. The parameters can then be loaded by calling the get_dsaXXX() function.</p>
+
+</dd>
+<dt id="genkey"><b>-genkey</b></dt>
+<dd>
+
+<p>This option will generate a DSA either using the specified or generated parameters.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="numbits"><b>numbits</b></dt>
+<dd>
+
+<p>This option specifies that a parameter set should be generated of size <b>numbits</b>. It must be the last option. If this option is included then the input file (if any) is ignored.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dsaparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>PEM format DSA parameters use the header and footer lines:</p>
+
+<pre><code> -----BEGIN DSA PARAMETERS-----
+ -----END DSA PARAMETERS-----</code></pre>
+
+<p>DSA parameter generation is a slow process and as a result the same set of DSA parameters is often used to generate several distinct keys.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/ec.html b/msys2/usr/share/doc/openssl/html/man1/ec.html
new file mode 100644
index 000000000..93e2531bf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/ec.html
@@ -0,0 +1,198 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ec</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ec, ec - EC key processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ec</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-param_out</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-conv_form arg</b>] [<b>-param_enc arg</b>] [<b>-no_public</b>] [<b>-check</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>ec</b> command processes EC keys. They can be converted between various forms and their components printed out. <b>Note</b> OpenSSL uses the private key format specified in &#39;SEC 1: Elliptic Curve Cryptography&#39; (http://www.secg.org/). To convert an OpenSSL EC private key into the PKCS#8 private key format use the <b>pkcs8</b> command.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option with a private key uses an ASN.1 DER encoded SEC1 private key. When used with a public key it uses the SubjectPublicKeyInfo structure as specified in RFC 3280. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines. In the case of a private key PKCS#8 format is also accepted.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output by is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="des--des3--idea"><b>-des|-des3|-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with the DES, triple DES, IDEA or any other cipher supported by OpenSSL before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the <b>ec</b> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the public, private key components and parameters.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the key.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>By default, a private key is read from the input file. With this option a public key is read instead.</p>
+
+</dd>
+<dt id="pubout"><b>-pubout</b></dt>
+<dd>
+
+<p>By default a private key is output. With this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
+
+</dd>
+<dt id="conv_form"><b>-conv_form</b></dt>
+<dd>
+
+<p>This specifies how the points on the elliptic curve are converted into octet strings. Possible values are: <b>compressed</b> (the default value), <b>uncompressed</b> and <b>hybrid</b>. For more information regarding the point conversion forms please read the X9.62 standard. <b>Note</b> Due to patent issues the <b>compressed</b> option is disabled by default for binary curves and can be enabled by defining the preprocessor macro <b>OPENSSL_EC_BIN_PT_COMP</b> at compile time.</p>
+
+</dd>
+<dt id="param_enc-arg"><b>-param_enc arg</b></dt>
+<dd>
+
+<p>This specifies how the elliptic curve parameters are encoded. Possible value are: <b>named_curve</b>, i.e. the ec parameters are specified by an OID, or <b>explicit</b> where the ec parameters are explicitly given (see RFC 3279 for the definition of the EC parameters structures). The default value is <b>named_curve</b>. <b>Note</b> the <b>implicitlyCA</b> alternative, as specified in RFC 3279, is currently not implemented in OpenSSL.</p>
+
+</dd>
+<dt id="no_public"><b>-no_public</b></dt>
+<dd>
+
+<p>This option omits the public key components from the private key output.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>This option checks the consistency of an EC private or public key.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ec</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM private key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN EC PRIVATE KEY-----
+ -----END EC PRIVATE KEY-----</code></pre>
+
+<p>The PEM public key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To encrypt a private key using triple DES:</p>
+
+<pre><code> openssl ec -in key.pem -des3 -out keyout.pem</code></pre>
+
+<p>To convert a private key from PEM to DER format:</p>
+
+<pre><code> openssl ec -in key.pem -outform DER -out keyout.der</code></pre>
+
+<p>To print out the components of a private key to standard output:</p>
+
+<pre><code> openssl ec -in key.pem -text -noout</code></pre>
+
+<p>To just output the public part of a private key:</p>
+
+<pre><code> openssl ec -in key.pem -pubout -out pubkey.pem</code></pre>
+
+<p>To change the parameters encoding to <b>explicit</b>:</p>
+
+<pre><code> openssl ec -in key.pem -param_enc explicit -out keyout.pem</code></pre>
+
+<p>To change the point conversion form to <b>compressed</b>:</p>
+
+<pre><code> openssl ec -in key.pem -conv_form compressed -out keyout.pem</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/ecparam.html">ecparam(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2003-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/ecparam.html b/msys2/usr/share/doc/openssl/html/man1/ecparam.html
new file mode 100644
index 000000000..05a89a7cd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/ecparam.html
@@ -0,0 +1,201 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ecparam</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ecparam, ecparam - EC parameter manipulation and generation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl ecparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-check</b>] [<b>-name arg</b>] [<b>-list_curves</b>] [<b>-conv_form arg</b>] [<b>-param_enc arg</b>] [<b>-no_seed</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-genkey</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to manipulate or generate EC parameter files.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN.1 DER encoded form compatible with RFC 3279 EcpkParameters. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read parameters from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option inhibits the output of the encoded version of the parameters.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option prints out the EC parameters in human readable form.</p>
+
+</dd>
+<dt id="C"><b>-C</b></dt>
+<dd>
+
+<p>This option converts the EC parameters into C code. The parameters can then be loaded by calling the get_ec_group_XXX() function.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>Validate the elliptic curve parameters.</p>
+
+</dd>
+<dt id="name-arg"><b>-name arg</b></dt>
+<dd>
+
+<p>Use the EC parameters with the specified &#39;short&#39; name. Use <b>-list_curves</b> to get a list of all currently implemented EC parameters.</p>
+
+</dd>
+<dt id="list_curves"><b>-list_curves</b></dt>
+<dd>
+
+<p>If this options is specified <b>ecparam</b> will print out a list of all currently implemented EC parameters names and exit.</p>
+
+</dd>
+<dt id="conv_form"><b>-conv_form</b></dt>
+<dd>
+
+<p>This specifies how the points on the elliptic curve are converted into octet strings. Possible values are: <b>compressed</b>, <b>uncompressed</b> (the default value) and <b>hybrid</b>. For more information regarding the point conversion forms please read the X9.62 standard. <b>Note</b> Due to patent issues the <b>compressed</b> option is disabled by default for binary curves and can be enabled by defining the preprocessor macro <b>OPENSSL_EC_BIN_PT_COMP</b> at compile time.</p>
+
+</dd>
+<dt id="param_enc-arg"><b>-param_enc arg</b></dt>
+<dd>
+
+<p>This specifies how the elliptic curve parameters are encoded. Possible value are: <b>named_curve</b>, i.e. the ec parameters are specified by an OID, or <b>explicit</b> where the ec parameters are explicitly given (see RFC 3279 for the definition of the EC parameters structures). The default value is <b>named_curve</b>. <b>Note</b> the <b>implicitlyCA</b> alternative, as specified in RFC 3279, is currently not implemented in OpenSSL.</p>
+
+</dd>
+<dt id="no_seed"><b>-no_seed</b></dt>
+<dd>
+
+<p>This option inhibits that the &#39;seed&#39; for the parameter generation is included in the ECParameters structure (see RFC 3279).</p>
+
+</dd>
+<dt id="genkey"><b>-genkey</b></dt>
+<dd>
+
+<p>This option will generate an EC private key using the specified parameters.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ecparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>PEM format EC parameters use the header and footer lines:</p>
+
+<pre><code> -----BEGIN EC PARAMETERS-----
+ -----END EC PARAMETERS-----</code></pre>
+
+<p>OpenSSL is currently not able to generate new groups and therefore <b>ecparam</b> can only create EC parameters from known (named) curves.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To create EC parameters with the group &#39;prime192v1&#39;:</p>
+
+<pre><code>  openssl ecparam -out ec_param.pem -name prime192v1</code></pre>
+
+<p>To create EC parameters with explicit parameters:</p>
+
+<pre><code>  openssl ecparam -out ec_param.pem -name prime192v1 -param_enc explicit</code></pre>
+
+<p>To validate given EC parameters:</p>
+
+<pre><code>  openssl ecparam -in ec_param.pem -check</code></pre>
+
+<p>To create EC parameters and a private key:</p>
+
+<pre><code>  openssl ecparam -out ec_key.pem -name prime192v1 -genkey</code></pre>
+
+<p>To change the point encoding to &#39;compressed&#39;:</p>
+
+<pre><code>  openssl ecparam -in ec_in.pem -out ec_out.pem -conv_form compressed</code></pre>
+
+<p>To print out the EC parameters to standard output:</p>
+
+<pre><code>  openssl ecparam -in ec_param.pem -noout -text</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/ec.html">ec(1)</a>, <a href="../man1/dsaparam.html">dsaparam(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2003-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/enc.html b/msys2/usr/share/doc/openssl/html/man1/enc.html
new file mode 100644
index 000000000..7ac8dc078
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/enc.html
@@ -0,0 +1,404 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>enc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-CIPHERS">SUPPORTED CIPHERS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-enc, enc - symmetric cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl enc -<i>cipher</i></b> [<b>-help</b>] [<b>-ciphers</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-pass arg</b>] [<b>-e</b>] [<b>-d</b>] [<b>-a</b>] [<b>-base64</b>] [<b>-A</b>] [<b>-k password</b>] [<b>-kfile filename</b>] [<b>-K key</b>] [<b>-iv IV</b>] [<b>-S salt</b>] [<b>-salt</b>] [<b>-nosalt</b>] [<b>-z</b>] [<b>-md digest</b>] [<b>-iter count</b>] [<b>-pbkdf2</b>] [<b>-p</b>] [<b>-P</b>] [<b>-bufsize number</b>] [<b>-nopad</b>] [<b>-debug</b>] [<b>-none</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>]</p>
+
+<p><b>openssl</b> <i>[cipher]</i> [<b>...</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The symmetric cipher commands allow data to be encrypted or decrypted using various block and stream ciphers using keys based on passwords or explicitly provided. Base64 encoding or decoding can also be performed either by itself or in addition to the encryption or decryption.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="ciphers"><b>-ciphers</b></dt>
+<dd>
+
+<p>List all supported ciphers.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>The input filename, standard input by default.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The output filename, standard output by default.</p>
+
+</dd>
+<dt id="pass-arg"><b>-pass arg</b></dt>
+<dd>
+
+<p>The password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="e"><b>-e</b></dt>
+<dd>
+
+<p>Encrypt the input data: this is the default.</p>
+
+</dd>
+<dt id="d"><b>-d</b></dt>
+<dd>
+
+<p>Decrypt the input data.</p>
+
+</dd>
+<dt id="a"><b>-a</b></dt>
+<dd>
+
+<p>Base64 process the data. This means that if encryption is taking place the data is base64 encoded after encryption. If decryption is set then the input data is base64 decoded before being decrypted.</p>
+
+</dd>
+<dt id="base64"><b>-base64</b></dt>
+<dd>
+
+<p>Same as <b>-a</b></p>
+
+</dd>
+<dt id="A"><b>-A</b></dt>
+<dd>
+
+<p>If the <b>-a</b> option is set then base64 process the data on one line.</p>
+
+</dd>
+<dt id="k-password"><b>-k password</b></dt>
+<dd>
+
+<p>The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the <b>-pass</b> argument.</p>
+
+</dd>
+<dt id="kfile-filename"><b>-kfile filename</b></dt>
+<dd>
+
+<p>Read the password to derive the key from the first line of <b>filename</b>. This is for compatibility with previous versions of OpenSSL. Superseded by the <b>-pass</b> argument.</p>
+
+</dd>
+<dt id="md-digest"><b>-md digest</b></dt>
+<dd>
+
+<p>Use the specified digest to create the key from the passphrase. The default algorithm is sha-256.</p>
+
+</dd>
+<dt id="iter-count"><b>-iter count</b></dt>
+<dd>
+
+<p>Use a given number of iterations on the password in deriving the encryption key. High values increase the time required to brute-force the resulting file. This option enables the use of PBKDF2 algorithm to derive the key.</p>
+
+</dd>
+<dt id="pbkdf2"><b>-pbkdf2</b></dt>
+<dd>
+
+<p>Use PBKDF2 algorithm with default iteration count unless otherwise specified.</p>
+
+</dd>
+<dt id="nosalt"><b>-nosalt</b></dt>
+<dd>
+
+<p>Don&#39;t use a salt in the key derivation routines. This option <b>SHOULD NOT</b> be used except for test purposes or compatibility with ancient versions of OpenSSL.</p>
+
+</dd>
+<dt id="salt"><b>-salt</b></dt>
+<dd>
+
+<p>Use salt (randomly generated or provide with <b>-S</b> option) when encrypting, this is the default.</p>
+
+</dd>
+<dt id="S-salt"><b>-S salt</b></dt>
+<dd>
+
+<p>The actual salt to use: this must be represented as a string of hex digits.</p>
+
+</dd>
+<dt id="K-key"><b>-K key</b></dt>
+<dd>
+
+<p>The actual key to use: this must be represented as a string comprised only of hex digits. If only the key is specified, the IV must additionally specified using the <b>-iv</b> option. When both a key and a password are specified, the key given with the <b>-K</b> option will be used and the IV generated from the password will be taken. It does not make much sense to specify both key and password.</p>
+
+</dd>
+<dt id="iv-IV"><b>-iv IV</b></dt>
+<dd>
+
+<p>The actual IV to use: this must be represented as a string comprised only of hex digits. When only the key is specified using the <b>-K</b> option, the IV must explicitly be defined. When a password is being specified using one of the other options, the IV is generated from this password.</p>
+
+</dd>
+<dt id="p"><b>-p</b></dt>
+<dd>
+
+<p>Print out the key and IV used.</p>
+
+</dd>
+<dt id="P"><b>-P</b></dt>
+<dd>
+
+<p>Print out the key and IV used then immediately exit: don&#39;t do any encryption or decryption.</p>
+
+</dd>
+<dt id="bufsize-number"><b>-bufsize number</b></dt>
+<dd>
+
+<p>Set the buffer size for I/O.</p>
+
+</dd>
+<dt id="nopad"><b>-nopad</b></dt>
+<dd>
+
+<p>Disable standard block padding.</p>
+
+</dd>
+<dt id="debug"><b>-debug</b></dt>
+<dd>
+
+<p>Debug the BIOs used for I/O.</p>
+
+</dd>
+<dt id="z"><b>-z</b></dt>
+<dd>
+
+<p>Compress or decompress clear text using zlib before encryption or after decryption. This option exists only if OpenSSL with compiled with zlib or zlib-dynamic option.</p>
+
+</dd>
+<dt id="none"><b>-none</b></dt>
+<dd>
+
+<p>Use NULL cipher (no encryption or decryption of input).</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The program can be called either as <b>openssl cipher</b> or <b>openssl enc -cipher</b>. The first form doesn&#39;t work with engine-provided ciphers, because this form is processed before the configuration file is read and any ENGINEs loaded. Use the <b>list</b> command to get a list of supported ciphers.</p>
+
+<p>Engines which provide entirely new encryption algorithms (such as the ccgost engine which provides gost89 algorithm) should be configured in the configuration file. Engines specified on the command line using -engine options can only be used for hardware-assisted implementations of ciphers which are supported by the OpenSSL core or another engine specified in the configuration file.</p>
+
+<p>When the enc command lists supported ciphers, ciphers provided by engines, specified in the configuration files are listed too.</p>
+
+<p>A password will be prompted for to derive the key and IV if necessary.</p>
+
+<p>The <b>-salt</b> option should <b>ALWAYS</b> be used if the key is being derived from a password unless you want compatibility with previous versions of OpenSSL.</p>
+
+<p>Without the <b>-salt</b> option it is possible to perform efficient dictionary attacks on the password and to attack stream cipher encrypted data. The reason for this is that without the salt the same password always generates the same encryption key. When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is generated at random when encrypting a file and read from the encrypted file when it is decrypted.</p>
+
+<p>Some of the ciphers do not have large keys and others have security implications if not used correctly. A beginner is advised to just use a strong block cipher, such as AES, in CBC mode.</p>
+
+<p>All the block ciphers normally use PKCS#5 padding, also known as standard block padding. This allows a rudimentary integrity or password check to be performed. However since the chance of random data passing the test is better than 1 in 256 it isn&#39;t a very good test.</p>
+
+<p>If padding is disabled then the input data must be a multiple of the cipher block length.</p>
+
+<p>All RC2 ciphers have the same key and effective key length.</p>
+
+<p>Blowfish and RC5 algorithms use a 128 bit key.</p>
+
+<h1 id="SUPPORTED-CIPHERS">SUPPORTED CIPHERS</h1>
+
+<p>Note that some of these ciphers can be disabled at compile time and some are available only if an appropriate engine is configured in the configuration file. The output of the <b>enc</b> command run with the <b>-ciphers</b> option (that is <b>openssl enc -ciphers</b>) produces a list of ciphers, supported by your version of OpenSSL, including ones provided by configured engines.</p>
+
+<p>The <b>enc</b> program does not support authenticated encryption modes like CCM and GCM, and will not support such modes in the future. The <b>enc</b> interface by necessity must begin streaming output (e.g., to standard output when <b>-out</b> is not used) before the authentication tag could be validated, leading to the usage of <b>enc</b> in pipelines that begin processing untrusted data and are not capable of rolling back upon authentication failure. The AEAD modes currently in common use also suffer from catastrophic failure of confidentiality and/or integrity upon reuse of key/iv/nonce, and since <b>enc</b> places the entire burden of key/iv/nonce management upon the user, the risk of exposing AEAD modes is too great to allow. These key/iv/nonce management issues also affect other modes currently exposed in <b>enc</b>, but the failure modes are less extreme in these cases, and the functionality cannot be removed with a stable release branch. For bulk encryption of data, whether using authenticated encryption modes or other modes, <a href="../man1/cms.html">cms(1)</a> is recommended, as it provides a standard data format and performs the needed key/iv/nonce management.</p>
+
+<pre><code> base64             Base 64
+
+ bf-cbc             Blowfish in CBC mode
+ bf                 Alias for bf-cbc
+ blowfish           Alias for bf-cbc
+ bf-cfb             Blowfish in CFB mode
+ bf-ecb             Blowfish in ECB mode
+ bf-ofb             Blowfish in OFB mode
+
+ cast-cbc           CAST in CBC mode
+ cast               Alias for cast-cbc
+ cast5-cbc          CAST5 in CBC mode
+ cast5-cfb          CAST5 in CFB mode
+ cast5-ecb          CAST5 in ECB mode
+ cast5-ofb          CAST5 in OFB mode
+
+ chacha20           ChaCha20 algorithm
+
+ des-cbc            DES in CBC mode
+ des                Alias for des-cbc
+ des-cfb            DES in CFB mode
+ des-ofb            DES in OFB mode
+ des-ecb            DES in ECB mode
+
+ des-ede-cbc        Two key triple DES EDE in CBC mode
+ des-ede            Two key triple DES EDE in ECB mode
+ des-ede-cfb        Two key triple DES EDE in CFB mode
+ des-ede-ofb        Two key triple DES EDE in OFB mode
+
+ des-ede3-cbc       Three key triple DES EDE in CBC mode
+ des-ede3           Three key triple DES EDE in ECB mode
+ des3               Alias for des-ede3-cbc
+ des-ede3-cfb       Three key triple DES EDE CFB mode
+ des-ede3-ofb       Three key triple DES EDE in OFB mode
+
+ desx               DESX algorithm.
+
+ gost89             GOST 28147-89 in CFB mode (provided by ccgost engine)
+ gost89-cnt        `GOST 28147-89 in CNT mode (provided by ccgost engine)
+
+ idea-cbc           IDEA algorithm in CBC mode
+ idea               same as idea-cbc
+ idea-cfb           IDEA in CFB mode
+ idea-ecb           IDEA in ECB mode
+ idea-ofb           IDEA in OFB mode
+
+ rc2-cbc            128 bit RC2 in CBC mode
+ rc2                Alias for rc2-cbc
+ rc2-cfb            128 bit RC2 in CFB mode
+ rc2-ecb            128 bit RC2 in ECB mode
+ rc2-ofb            128 bit RC2 in OFB mode
+ rc2-64-cbc         64 bit RC2 in CBC mode
+ rc2-40-cbc         40 bit RC2 in CBC mode
+
+ rc4                128 bit RC4
+ rc4-64             64 bit RC4
+ rc4-40             40 bit RC4
+
+ rc5-cbc            RC5 cipher in CBC mode
+ rc5                Alias for rc5-cbc
+ rc5-cfb            RC5 cipher in CFB mode
+ rc5-ecb            RC5 cipher in ECB mode
+ rc5-ofb            RC5 cipher in OFB mode
+
+ seed-cbc           SEED cipher in CBC mode
+ seed               Alias for seed-cbc
+ seed-cfb           SEED cipher in CFB mode
+ seed-ecb           SEED cipher in ECB mode
+ seed-ofb           SEED cipher in OFB mode
+
+ sm4-cbc            SM4 cipher in CBC mode
+ sm4                Alias for sm4-cbc
+ sm4-cfb            SM4 cipher in CFB mode
+ sm4-ctr            SM4 cipher in CTR mode
+ sm4-ecb            SM4 cipher in ECB mode
+ sm4-ofb            SM4 cipher in OFB mode
+
+ aes-[128|192|256]-cbc  128/192/256 bit AES in CBC mode
+ aes[128|192|256]       Alias for aes-[128|192|256]-cbc
+ aes-[128|192|256]-cfb  128/192/256 bit AES in 128 bit CFB mode
+ aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode
+ aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode
+ aes-[128|192|256]-ctr  128/192/256 bit AES in CTR mode
+ aes-[128|192|256]-ecb  128/192/256 bit AES in ECB mode
+ aes-[128|192|256]-ofb  128/192/256 bit AES in OFB mode
+
+ aria-[128|192|256]-cbc  128/192/256 bit ARIA in CBC mode
+ aria[128|192|256]       Alias for aria-[128|192|256]-cbc
+ aria-[128|192|256]-cfb  128/192/256 bit ARIA in 128 bit CFB mode
+ aria-[128|192|256]-cfb1 128/192/256 bit ARIA in 1 bit CFB mode
+ aria-[128|192|256]-cfb8 128/192/256 bit ARIA in 8 bit CFB mode
+ aria-[128|192|256]-ctr  128/192/256 bit ARIA in CTR mode
+ aria-[128|192|256]-ecb  128/192/256 bit ARIA in ECB mode
+ aria-[128|192|256]-ofb  128/192/256 bit ARIA in OFB mode
+
+ camellia-[128|192|256]-cbc  128/192/256 bit Camellia in CBC mode
+ camellia[128|192|256]       Alias for camellia-[128|192|256]-cbc
+ camellia-[128|192|256]-cfb  128/192/256 bit Camellia in 128 bit CFB mode
+ camellia-[128|192|256]-cfb1 128/192/256 bit Camellia in 1 bit CFB mode
+ camellia-[128|192|256]-cfb8 128/192/256 bit Camellia in 8 bit CFB mode
+ camellia-[128|192|256]-ctr  128/192/256 bit Camellia in CTR mode
+ camellia-[128|192|256]-ecb  128/192/256 bit Camellia in ECB mode
+ camellia-[128|192|256]-ofb  128/192/256 bit Camellia in OFB mode</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Just base64 encode a binary file:</p>
+
+<pre><code> openssl base64 -in file.bin -out file.b64</code></pre>
+
+<p>Decode the same file</p>
+
+<pre><code> openssl base64 -d -in file.b64 -out file.bin</code></pre>
+
+<p>Encrypt a file using AES-128 using a prompted password and PBKDF2 key derivation:</p>
+
+<pre><code> openssl enc -aes128 -pbkdf2 -in file.txt -out file.aes128</code></pre>
+
+<p>Decrypt a file using a supplied password:</p>
+
+<pre><code> openssl enc -aes128 -pbkdf2 -d -in file.aes128 -out file.txt \
+    -pass pass:&lt;password&gt;</code></pre>
+
+<p>Encrypt a file then base64 encode it (so it can be sent via mail for example) using AES-256 in CTR mode and PBKDF2 key derivation:</p>
+
+<pre><code> openssl enc -aes-256-ctr -pbkdf2 -a -in file.txt -out file.aes256</code></pre>
+
+<p>Base64 decode a file then decrypt it using a password supplied in a file:</p>
+
+<pre><code> openssl enc -aes-256-ctr -pbkdf2 -d -a -in file.aes256 -out file.txt \
+    -pass file:&lt;passfile&gt;</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The <b>-A</b> option when used with large files doesn&#39;t work properly.</p>
+
+<p>The <b>enc</b> program only supports a fixed number of algorithms with certain parameters. So if, for example, you want to use RC2 with a 76 bit key or RC4 with an 84 bit key you can&#39;t use this program.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/engine.html b/msys2/usr/share/doc/openssl/html/man1/engine.html
new file mode 100644
index 000000000..a6e14eb34
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/engine.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>engine</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-engine, engine - load and query engines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl engine</b> [ <i>engine...</i> ] [<b>-v</b>] [<b>-vv</b>] [<b>-vvv</b>] [<b>-vvv</b>] [<b>-vvv</b>] [<b>-c</b>] [<b>-t</b>] [<b>-tt</b>] [<b>-pre</b> <i>command</i>] [<b>-post</b> <i>command</i>] [ <i>engine...</i> ]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>engine</b> command is used to query the status and capabilities of the specified <b>engine</b>&#39;s. Engines may be specified before and after all other command-line flags. Only those specified are queried.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="v--vv--vvv--vvvv"><b>-v</b> <b>-vv</b> <b>-vvv</b> <b>-vvvv</b></dt>
+<dd>
+
+<p>Provides information about each specified engine. The first flag lists all the possible run-time control commands; the second adds a description of each command; the third adds the input flags, and the final option adds the internal input flags.</p>
+
+</dd>
+<dt id="c"><b>-c</b></dt>
+<dd>
+
+<p>Lists the capabilities of each engine.</p>
+
+</dd>
+<dt id="t"><b>-t</b></dt>
+<dd>
+
+<p>Tests if each specified engine is available, and displays the answer.</p>
+
+</dd>
+<dt id="tt"><b>-tt</b></dt>
+<dd>
+
+<p>Displays an error trace for any unavailable engine.</p>
+
+</dd>
+<dt id="pre-command"><b>-pre</b> <i>command</i></dt>
+<dd>
+
+</dd>
+<dt id="post-command"><b>-post</b> <i>command</i></dt>
+<dd>
+
+<p>Command-line configuration of engines. The <b>-pre</b> command is given to the engine before it is loaded and the <b>-post</b> command is given after the engine is loaded. The <i>command</i> is of the form <i>cmd:val</i> where <i>cmd</i> is the command, and <i>val</i> is the value for the command. See the example below.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>To list all the commands available to a dynamic engine:</p>
+
+<pre><code> $ openssl engine -t -tt -vvvv dynamic
+ (dynamic) Dynamic engine loading support
+      [ unavailable ]
+      SO_PATH: Specifies the path to the new ENGINE shared library
+           (input flags): STRING
+      NO_VCHECK: Specifies to continue even if version checking fails (boolean)
+           (input flags): NUMERIC
+      ID: Specifies an ENGINE id name for loading
+           (input flags): STRING
+      LIST_ADD: Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)
+           (input flags): NUMERIC
+      DIR_LOAD: Specifies whether to load from &#39;DIR_ADD&#39; directories (0=no,1=yes,2=mandatory)
+           (input flags): NUMERIC
+      DIR_ADD: Adds a directory from which ENGINEs can be loaded
+           (input flags): STRING
+      LOAD: Load up the ENGINE specified by other settings
+           (input flags): NO_INPUT</code></pre>
+
+<p>To list the capabilities of the <i>rsax</i> engine:</p>
+
+<pre><code> $ openssl engine -c
+ (rsax) RSAX engine support
+  [RSA]
+ (dynamic) Dynamic engine loading support</code></pre>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/errstr.html b/msys2/usr/share/doc/openssl/html/man1/errstr.html
new file mode 100644
index 000000000..fc865f63b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/errstr.html
@@ -0,0 +1,64 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>errstr</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-errstr, errstr - lookup error codes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl errstr error_code</b></p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Sometimes an application will not load error message and only numerical forms will be available. The <b>errstr</b> utility can be used to display the meaning of the hex code. The hex code is the hex digits after the second colon.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>None.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The error code:</p>
+
+<pre><code> 27594:error:2006D080:lib(32):func(109):reason(128):bss_file.c:107:</code></pre>
+
+<p>can be displayed with:</p>
+
+<pre><code> openssl errstr 2006D080</code></pre>
+
+<p>to produce the error message:</p>
+
+<pre><code> error:2006D080:BIO routines:BIO_new_file:no such file</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/gendsa.html b/msys2/usr/share/doc/openssl/html/man1/gendsa.html
new file mode 100644
index 000000000..ddab04d01
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/gendsa.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>gendsa</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-gendsa, gendsa - generate a DSA private key from a set of parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>gendsa</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>paramfile</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>gendsa</b> command generates a DSA private key from a DSA parameter file (which will be typically generated by the <b>openssl dsaparam</b> command).</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified no encryption is used.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>gendsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="paramfile"><b>paramfile</b></dt>
+<dd>
+
+<p>This option specifies the DSA parameter file to use. The parameters in this file determine the size of the private key. DSA parameters can be generated and examined using the <b>openssl dsaparam</b> command.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>DSA key generation is little more than random number generation so it is much quicker that RSA key generation for example.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dsaparam.html">dsaparam(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/genpkey.html b/msys2/usr/share/doc/openssl/html/man1/genpkey.html
new file mode 100644
index 000000000..562cb7ca2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/genpkey.html
@@ -0,0 +1,363 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>genpkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#KEY-GENERATION-OPTIONS">KEY GENERATION OPTIONS</a>
+    <ul>
+      <li><a href="#RSA-Key-Generation-Options">RSA Key Generation Options</a></li>
+      <li><a href="#RSA-PSS-Key-Generation-Options">RSA-PSS Key Generation Options</a></li>
+      <li><a href="#EC-Key-Generation-Options">EC Key Generation Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#PARAMETER-GENERATION-OPTIONS">PARAMETER GENERATION OPTIONS</a>
+    <ul>
+      <li><a href="#DSA-Parameter-Generation-Options">DSA Parameter Generation Options</a></li>
+      <li><a href="#DH-Parameter-Generation-Options">DH Parameter Generation Options</a></li>
+      <li><a href="#EC-Parameter-Generation-Options">EC Parameter Generation Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-genpkey, genpkey - generate a private key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>genpkey</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-outform PEM|DER</b>] [<b>-pass arg</b>] [<b>-<i>cipher</i></b>] [<b>-engine id</b>] [<b>-paramfile file</b>] [<b>-algorithm alg</b>] [<b>-pkeyopt opt:value</b>] [<b>-genparam</b>] [<b>-text</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>genpkey</b> command generates a private key.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format DER or PEM. The default format is PEM.</p>
+
+</dd>
+<dt id="pass-arg"><b>-pass arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="cipher"><b>-<i>cipher</i></b></dt>
+<dd>
+
+<p>This option encrypts the private key with the supplied cipher. Any algorithm name accepted by EVP_get_cipherbyname() is acceptable such as <b>des3</b>.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>genpkey</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. If used this option should precede all other options.</p>
+
+</dd>
+<dt id="algorithm-alg"><b>-algorithm alg</b></dt>
+<dd>
+
+<p>Public key algorithm to use such as RSA, DSA or DH. If used this option must precede any <b>-pkeyopt</b> options. The options <b>-paramfile</b> and <b>-algorithm</b> are mutually exclusive. Engines may add algorithms in addition to the standard built-in ones.</p>
+
+<p>Valid built-in algorithm names for private key generation are RSA, RSA-PSS, EC, X25519, X448, ED25519 and ED448.</p>
+
+<p>Valid built-in algorithm names for parameter generation (see the <b>-genparam</b> option) are DH, DSA and EC.</p>
+
+<p>Note that the algorithm name X9.42 DH may be used as a synonym for the DH algorithm. These are identical and do not indicate the type of parameters that will be generated. Use the <b>dh_paramgen_type</b> option to indicate whether PKCS#3 or X9.42 DH parameters are required. See <a href="#DH-Parameter-Generation-Options">&quot;DH Parameter Generation Options&quot;</a> below for more details.</p>
+
+</dd>
+<dt id="pkeyopt-opt:value"><b>-pkeyopt opt:value</b></dt>
+<dd>
+
+<p>Set the public key algorithm option <b>opt</b> to <b>value</b>. The precise set of options supported depends on the public key algorithm used and its implementation. See <a href="#KEY-GENERATION-OPTIONS">&quot;KEY GENERATION OPTIONS&quot;</a> and <a href="#PARAMETER-GENERATION-OPTIONS">&quot;PARAMETER GENERATION OPTIONS&quot;</a> below for more details.</p>
+
+</dd>
+<dt id="genparam"><b>-genparam</b></dt>
+<dd>
+
+<p>Generate a set of parameters instead of a private key. If used this option must precede any <b>-algorithm</b>, <b>-paramfile</b> or <b>-pkeyopt</b> options.</p>
+
+</dd>
+<dt id="paramfile-filename"><b>-paramfile filename</b></dt>
+<dd>
+
+<p>Some public key algorithms generate a private key based on a set of parameters. They can be supplied using this option. If this option is used the public key algorithm used is determined by the parameters. If used this option must precede any <b>-pkeyopt</b> options. The options <b>-paramfile</b> and <b>-algorithm</b> are mutually exclusive.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Print an (unencrypted) text representation of private and public keys and parameters along with the PEM or DER structure.</p>
+
+</dd>
+</dl>
+
+<h1 id="KEY-GENERATION-OPTIONS">KEY GENERATION OPTIONS</h1>
+
+<p>The options supported by each algorithm and indeed each implementation of an algorithm can vary. The options for the OpenSSL implementations are detailed below. There are no key generation options defined for the X25519, X448, ED25519 or ED448 algorithms.</p>
+
+<h2 id="RSA-Key-Generation-Options">RSA Key Generation Options</h2>
+
+<dl>
+
+<dt id="rsa_keygen_bits:numbits"><b>rsa_keygen_bits:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the generated key. If not specified 1024 is used.</p>
+
+</dd>
+<dt id="rsa_keygen_primes:numprimes"><b>rsa_keygen_primes:numprimes</b></dt>
+<dd>
+
+<p>The number of primes in the generated key. If not specified 2 is used.</p>
+
+</dd>
+<dt id="rsa_keygen_pubexp:value"><b>rsa_keygen_pubexp:value</b></dt>
+<dd>
+
+<p>The RSA public exponent value. This can be a large decimal or hexadecimal value if preceded by <b>0x</b>. Default value is 65537.</p>
+
+</dd>
+</dl>
+
+<h2 id="RSA-PSS-Key-Generation-Options">RSA-PSS Key Generation Options</h2>
+
+<p>Note: by default an <b>RSA-PSS</b> key has no parameter restrictions.</p>
+
+<dl>
+
+<dt id="rsa_keygen_bits:numbits-rsa_keygen_primes:numprimes-rsa_keygen_pubexp:value"><b>rsa_keygen_bits:numbits</b>, <b>rsa_keygen_primes:numprimes</b>, <b>rsa_keygen_pubexp:value</b></dt>
+<dd>
+
+<p>These options have the same meaning as the <b>RSA</b> algorithm.</p>
+
+</dd>
+<dt id="rsa_pss_keygen_md:digest"><b>rsa_pss_keygen_md:digest</b></dt>
+<dd>
+
+<p>If set the key is restricted and can only use <b>digest</b> for signing.</p>
+
+</dd>
+<dt id="rsa_pss_keygen_mgf1_md:digest"><b>rsa_pss_keygen_mgf1_md:digest</b></dt>
+<dd>
+
+<p>If set the key is restricted and can only use <b>digest</b> as it&#39;s MGF1 parameter.</p>
+
+</dd>
+<dt id="rsa_pss_keygen_saltlen:len"><b>rsa_pss_keygen_saltlen:len</b></dt>
+<dd>
+
+<p>If set the key is restricted and <b>len</b> specifies the minimum salt length.</p>
+
+</dd>
+</dl>
+
+<h2 id="EC-Key-Generation-Options">EC Key Generation Options</h2>
+
+<p>The EC key generation options can also be used for parameter generation.</p>
+
+<dl>
+
+<dt id="ec_paramgen_curve:curve"><b>ec_paramgen_curve:curve</b></dt>
+<dd>
+
+<p>The EC curve to use. OpenSSL supports NIST curve names such as &quot;P-256&quot;.</p>
+
+</dd>
+<dt id="ec_param_enc:encoding"><b>ec_param_enc:encoding</b></dt>
+<dd>
+
+<p>The encoding to use for parameters. The &quot;encoding&quot; parameter must be either &quot;named_curve&quot; or &quot;explicit&quot;. The default value is &quot;named_curve&quot;.</p>
+
+</dd>
+</dl>
+
+<h1 id="PARAMETER-GENERATION-OPTIONS">PARAMETER GENERATION OPTIONS</h1>
+
+<p>The options supported by each algorithm and indeed each implementation of an algorithm can vary. The options for the OpenSSL implementations are detailed below.</p>
+
+<h2 id="DSA-Parameter-Generation-Options">DSA Parameter Generation Options</h2>
+
+<dl>
+
+<dt id="dsa_paramgen_bits:numbits"><b>dsa_paramgen_bits:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the generated prime. If not specified 1024 is used.</p>
+
+</dd>
+<dt id="dsa_paramgen_q_bits:numbits"><b>dsa_paramgen_q_bits:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the q parameter. Must be one of 160, 224 or 256. If not specified 160 is used.</p>
+
+</dd>
+<dt id="dsa_paramgen_md:digest"><b>dsa_paramgen_md:digest</b></dt>
+<dd>
+
+<p>The digest to use during parameter generation. Must be one of <b>sha1</b>, <b>sha224</b> or <b>sha256</b>. If set, then the number of bits in <b>q</b> will match the output size of the specified digest and the <b>dsa_paramgen_q_bits</b> parameter will be ignored. If not set, then a digest will be used that gives an output matching the number of bits in <b>q</b>, i.e. <b>sha1</b> if q length is 160, <b>sha224</b> if it 224 or <b>sha256</b> if it is 256.</p>
+
+</dd>
+</dl>
+
+<h2 id="DH-Parameter-Generation-Options">DH Parameter Generation Options</h2>
+
+<dl>
+
+<dt id="dh_paramgen_prime_len:numbits"><b>dh_paramgen_prime_len:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the prime parameter <b>p</b>. The default is 1024.</p>
+
+</dd>
+<dt id="dh_paramgen_subprime_len:numbits"><b>dh_paramgen_subprime_len:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the sub prime parameter <b>q</b>. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. Only relevant if used in conjunction with the <b>dh_paramgen_type</b> option to generate X9.42 DH parameters.</p>
+
+</dd>
+<dt id="dh_paramgen_generator:value"><b>dh_paramgen_generator:value</b></dt>
+<dd>
+
+<p>The value to use for the generator <b>g</b>. The default is 2.</p>
+
+</dd>
+<dt id="dh_paramgen_type:value"><b>dh_paramgen_type:value</b></dt>
+<dd>
+
+<p>The type of DH parameters to generate. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+</dd>
+<dt id="dh_rfc5114:num"><b>dh_rfc5114:num</b></dt>
+<dd>
+
+<p>If this option is set, then the appropriate RFC5114 parameters are used instead of generating new parameters. The value <b>num</b> can take the values 1, 2 or 3 corresponding to RFC5114 DH parameters consisting of 1024 bit group with 160 bit subgroup, 2048 bit group with 224 bit subgroup and 2048 bit group with 256 bit subgroup as mentioned in RFC5114 sections 2.1, 2.2 and 2.3 respectively. If present this overrides all other DH parameter options.</p>
+
+</dd>
+</dl>
+
+<h2 id="EC-Parameter-Generation-Options">EC Parameter Generation Options</h2>
+
+<p>The EC parameter generation options are the same as for key generation. See <a href="#EC-Key-Generation-Options">&quot;EC Key Generation Options&quot;</a> above.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The use of the genpkey program is encouraged over the algorithm specific utilities because additional algorithm options and ENGINE provided algorithms can be used.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate an RSA private key using default parameters:</p>
+
+<pre><code> openssl genpkey -algorithm RSA -out key.pem</code></pre>
+
+<p>Encrypt output private key using 128 bit AES and the passphrase &quot;hello&quot;:</p>
+
+<pre><code> openssl genpkey -algorithm RSA -out key.pem -aes-128-cbc -pass pass:hello</code></pre>
+
+<p>Generate a 2048 bit RSA key using 3 as the public exponent:</p>
+
+<pre><code> openssl genpkey -algorithm RSA -out key.pem \
+     -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:3</code></pre>
+
+<p>Generate 2048 bit DSA parameters:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm DSA -out dsap.pem \
+     -pkeyopt dsa_paramgen_bits:2048</code></pre>
+
+<p>Generate DSA key from parameters:</p>
+
+<pre><code> openssl genpkey -paramfile dsap.pem -out dsakey.pem</code></pre>
+
+<p>Generate 2048 bit DH parameters:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm DH -out dhp.pem \
+     -pkeyopt dh_paramgen_prime_len:2048</code></pre>
+
+<p>Generate 2048 bit X9.42 DH parameters:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm DH -out dhpx.pem \
+     -pkeyopt dh_paramgen_prime_len:2048 \
+     -pkeyopt dh_paramgen_type:1</code></pre>
+
+<p>Output RFC5114 2048 bit DH parameters with 224 bit subgroup:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm DH -out dhp.pem -pkeyopt dh_rfc5114:2</code></pre>
+
+<p>Generate DH key from parameters:</p>
+
+<pre><code> openssl genpkey -paramfile dhp.pem -out dhkey.pem</code></pre>
+
+<p>Generate EC parameters:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm EC -out ecp.pem \
+        -pkeyopt ec_paramgen_curve:secp384r1 \
+        -pkeyopt ec_param_enc:named_curve</code></pre>
+
+<p>Generate EC key from parameters:</p>
+
+<pre><code> openssl genpkey -paramfile ecp.pem -out eckey.pem</code></pre>
+
+<p>Generate EC key directly:</p>
+
+<pre><code> openssl genpkey -algorithm EC -out eckey.pem \
+        -pkeyopt ec_paramgen_curve:P-384 \
+        -pkeyopt ec_param_enc:named_curve</code></pre>
+
+<p>Generate an X25519 private key:</p>
+
+<pre><code> openssl genpkey -algorithm X25519 -out xkey.pem</code></pre>
+
+<p>Generate an ED448 private key:</p>
+
+<pre><code> openssl genpkey -algorithm ED448 -out xkey.pem</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ability to use NIST curve names, and to generate an EC key directly, were added in OpenSSL 1.0.2. The ability to generate X25519 keys was added in OpenSSL 1.1.0. The ability to generate X448, ED25519 and ED448 keys was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/genrsa.html b/msys2/usr/share/doc/openssl/html/man1/genrsa.html
new file mode 100644
index 000000000..95bce0778
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/genrsa.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>genrsa</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-genrsa, genrsa - generate an RSA private key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>genrsa</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-f4</b>] [<b>-3</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>-primes num</b>] [<b>numbits</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>genrsa</b> command generates an RSA private key.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with specified cipher before outputting it. If none of these options is specified no encryption is used. If encryption is used a pass phrase is prompted for if it is not supplied via the <b>-passout</b> argument.</p>
+
+</dd>
+<dt id="F4--3"><b>-F4|-3</b></dt>
+<dd>
+
+<p>The public exponent to use, either 65537 or 3. The default is 65537.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>genrsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="primes-num"><b>-primes num</b></dt>
+<dd>
+
+<p>Specify the number of primes to use while generating the RSA key. The <b>num</b> parameter must be a positive integer that is greater than 1 and less than 16. If <b>num</b> is greater than 2, then the generated key is called a &#39;multi-prime&#39; RSA key, which is defined in RFC 8017.</p>
+
+</dd>
+<dt id="numbits"><b>numbits</b></dt>
+<dd>
+
+<p>The size of the private key to generate in bits. This must be the last option specified. The default is 2048 and values less than 512 are not allowed.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>RSA private key generation essentially involves the generation of two or more prime numbers. When generating a private key various symbols will be output to indicate the progress of the generation. A <b>.</b> represents each number which has passed an initial sieve test, <b>+</b> means a number has passed a single round of the Miller-Rabin primality test, <b>*</b> means the current prime starts a regenerating progress due to some failed tests. A newline means that the number has passed all the prime tests (the actual number depends on the key size).</p>
+
+<p>Because key generation is a random process the time taken to generate a key may vary somewhat. But in general, more primes lead to less generation time of a key.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/list.html b/msys2/usr/share/doc/openssl/html/man1/list.html
new file mode 100644
index 000000000..6185c6c15
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/list.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-list, list - list algorithms and features</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl list</b> [<b>-help</b>] [<b>-1</b>] [<b>-commands</b>] [<b>-digest-commands</b>] [<b>-digest-algorithms</b>] [<b>-cipher-commands</b>] [<b>-cipher-algorithms</b>] [<b>-public-key-algorithms</b>] [<b>-public-key-methods</b>] [<b>-disabled</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to generate list of algorithms or disabled features.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Display a usage message.</p>
+
+</dd>
+<dt id="pod-1"><b>-1</b></dt>
+<dd>
+
+<p>List the commands, digest-commands, or cipher-commands in a single column. If used, this option must be given first.</p>
+
+</dd>
+<dt id="commands"><b>-commands</b></dt>
+<dd>
+
+<p>Display a list of standard commands.</p>
+
+</dd>
+<dt id="digest-commands"><b>-digest-commands</b></dt>
+<dd>
+
+<p>Display a list of message digest commands, which are typically used as input to the <a href="../man1/dgst.html">dgst(1)</a> or <a href="../man1/speed.html">speed(1)</a> commands.</p>
+
+</dd>
+<dt id="digest-algorithms"><b>-digest-algorithms</b></dt>
+<dd>
+
+<p>Display a list of message digest algorithms. If a line is of the form foo =&gt; bar then <b>foo</b> is an alias for the official algorithm name, <b>bar</b>.</p>
+
+</dd>
+<dt id="cipher-commands"><b>-cipher-commands</b></dt>
+<dd>
+
+<p>Display a list of cipher commands, which are typically used as input to the <a href="../man1/dgst.html">dgst(1)</a> or <a href="../man1/speed.html">speed(1)</a> commands.</p>
+
+</dd>
+<dt id="cipher-algorithms"><b>-cipher-algorithms</b></dt>
+<dd>
+
+<p>Display a list of cipher algorithms. If a line is of the form foo =&gt; bar then <b>foo</b> is an alias for the official algorithm name, <b>bar</b>.</p>
+
+</dd>
+<dt id="public-key-algorithms"><b>-public-key-algorithms</b></dt>
+<dd>
+
+<p>Display a list of public key algorithms, with each algorithm as a block of multiple lines, all but the first are indented.</p>
+
+</dd>
+<dt id="public-key-methods"><b>-public-key-methods</b></dt>
+<dd>
+
+<p>Display a list of public key method OIDs: this also includes public key methods without an associated ASN.1 method, for example, KDF algorithms.</p>
+
+</dd>
+<dt id="disabled"><b>-disabled</b></dt>
+<dd>
+
+<p>Display a list of disabled features, those that were compiled out of the installation.</p>
+
+</dd>
+</dl>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/nseq.html b/msys2/usr/share/doc/openssl/html/man1/nseq.html
new file mode 100644
index 000000000..2faa19129
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/nseq.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>nseq</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-nseq, nseq - create or examine a Netscape certificate sequence</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>nseq</b> [<b>-help</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-toseq</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>nseq</b> command takes a file containing a Netscape certificate sequence and prints out the certificates contained in it or takes a file of certificates and converts it into a Netscape certificate sequence.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename or standard output by default.</p>
+
+</dd>
+<dt id="toseq"><b>-toseq</b></dt>
+<dd>
+
+<p>Normally a Netscape certificate sequence will be input and the output is the certificates contained in it. With the <b>-toseq</b> option the situation is reversed: a Netscape certificate sequence is created from a file of certificates.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Output the certificates in a Netscape certificate sequence</p>
+
+<pre><code> openssl nseq -in nseq.pem -out certs.pem</code></pre>
+
+<p>Create a Netscape certificate sequence</p>
+
+<pre><code> openssl nseq -in certs.pem -toseq -out nseq.pem</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>PEM</b> encoded form uses the same headers and footers as a certificate:</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----</code></pre>
+
+<p>A Netscape certificate sequence is a Netscape specific format that can be sent to browsers as an alternative to the standard PKCS#7 format when several certificates are sent to the browser: for example during certificate enrollment. It is used by Netscape certificate server for example.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>This program needs a few more options: like allowing DER or PEM input and output files and allowing multiple certificate files to be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/ocsp.html b/msys2/usr/share/doc/openssl/html/man1/ocsp.html
new file mode 100644
index 000000000..3e7304f07
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/ocsp.html
@@ -0,0 +1,415 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ocsp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#OCSP-Client-Options">OCSP Client Options</a></li>
+      <li><a href="#OCSP-Server-Options">OCSP Server Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#OCSP-Response-verification">OCSP Response verification.</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ocsp, ocsp - Online Certificate Status Protocol utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ocsp</b> [<b>-help</b>] [<b>-out file</b>] [<b>-issuer file</b>] [<b>-cert file</b>] [<b>-serial n</b>] [<b>-signer file</b>] [<b>-signkey file</b>] [<b>-sign_other file</b>] [<b>-no_certs</b>] [<b>-req_text</b>] [<b>-resp_text</b>] [<b>-text</b>] [<b>-reqout file</b>] [<b>-respout file</b>] [<b>-reqin file</b>] [<b>-respin file</b>] [<b>-nonce</b>] [<b>-no_nonce</b>] [<b>-url URL</b>] [<b>-host host:port</b>] [<b>-multi process-count</b>] [<b>-header</b>] [<b>-path</b>] [<b>-CApath dir</b>] [<b>-CAfile file</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-VAfile file</b>] [<b>-validity_period n</b>] [<b>-status_age n</b>] [<b>-noverify</b>] [<b>-verify_other file</b>] [<b>-trust_other</b>] [<b>-no_intern</b>] [<b>-no_signature_verify</b>] [<b>-no_cert_verify</b>] [<b>-no_chain</b>] [<b>-no_cert_checks</b>] [<b>-no_explicit</b>] [<b>-port num</b>] [<b>-ignore_err</b>] [<b>-index file</b>] [<b>-CA file</b>] [<b>-rsigner file</b>] [<b>-rkey file</b>] [<b>-rother file</b>] [<b>-rsigopt nm:v</b>] [<b>-resp_no_certs</b>] [<b>-nmin n</b>] [<b>-ndays n</b>] [<b>-resp_key_id</b>] [<b>-nrequest n</b>] [<b>-<i>digest</i></b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Online Certificate Status Protocol (OCSP) enables applications to determine the (revocation) state of an identified certificate (RFC 2560).</p>
+
+<p>The <b>ocsp</b> command performs many common OCSP tasks. It can be used to print out requests and responses, create requests and send queries to an OCSP responder and behave like a mini OCSP server itself.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>This command operates as either a client or a server. The options are described below, divided into those two modes.</p>
+
+<h2 id="OCSP-Client-Options">OCSP Client Options</h2>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>specify output filename, default is standard output.</p>
+
+</dd>
+<dt id="issuer-filename"><b>-issuer filename</b></dt>
+<dd>
+
+<p>This specifies the current issuer certificate. This option can be used multiple times. The certificate specified in <b>filename</b> must be in PEM format. This option <b>MUST</b> come before any <b>-cert</b> options.</p>
+
+</dd>
+<dt id="cert-filename"><b>-cert filename</b></dt>
+<dd>
+
+<p>Add the certificate <b>filename</b> to the request. The issuer certificate is taken from the previous <b>issuer</b> option, or an error occurs if no issuer certificate is specified.</p>
+
+</dd>
+<dt id="serial-num"><b>-serial num</b></dt>
+<dd>
+
+<p>Same as the <b>cert</b> option except the certificate with serial number <b>num</b> is added to the request. The serial number is interpreted as a decimal integer unless preceded by <b>0x</b>. Negative integers can also be specified by preceding the value by a <b>-</b> sign.</p>
+
+</dd>
+<dt id="signer-filename--signkey-filename"><b>-signer filename</b>, <b>-signkey filename</b></dt>
+<dd>
+
+<p>Sign the OCSP request using the certificate specified in the <b>signer</b> option and the private key specified by the <b>signkey</b> option. If the <b>signkey</b> option is not present then the private key is read from the same file as the certificate. If neither option is specified then the OCSP request is not signed.</p>
+
+</dd>
+<dt id="sign_other-filename"><b>-sign_other filename</b></dt>
+<dd>
+
+<p>Additional certificates to include in the signed request.</p>
+
+</dd>
+<dt id="nonce--no_nonce"><b>-nonce</b>, <b>-no_nonce</b></dt>
+<dd>
+
+<p>Add an OCSP nonce extension to a request or disable OCSP nonce addition. Normally if an OCSP request is input using the <b>reqin</b> option no nonce is added: using the <b>nonce</b> option will force addition of a nonce. If an OCSP request is being created (using <b>cert</b> and <b>serial</b> options) a nonce is automatically added specifying <b>no_nonce</b> overrides this.</p>
+
+</dd>
+<dt id="req_text--resp_text--text"><b>-req_text</b>, <b>-resp_text</b>, <b>-text</b></dt>
+<dd>
+
+<p>Print out the text form of the OCSP request, response or both respectively.</p>
+
+</dd>
+<dt id="reqout-file--respout-file"><b>-reqout file</b>, <b>-respout file</b></dt>
+<dd>
+
+<p>Write out the DER encoded certificate request or response to <b>file</b>.</p>
+
+</dd>
+<dt id="reqin-file--respin-file"><b>-reqin file</b>, <b>-respin file</b></dt>
+<dd>
+
+<p>Read OCSP request or response file from <b>file</b>. These option are ignored if OCSP request or response creation is implied by other options (for example with <b>serial</b>, <b>cert</b> and <b>host</b> options).</p>
+
+</dd>
+<dt id="url-responder_url"><b>-url responder_url</b></dt>
+<dd>
+
+<p>Specify the responder URL. Both HTTP and HTTPS (SSL/TLS) URLs can be specified.</p>
+
+</dd>
+<dt id="host-hostname:port--path-pathname"><b>-host hostname:port</b>, <b>-path pathname</b></dt>
+<dd>
+
+<p>If the <b>host</b> option is present then the OCSP request is sent to the host <b>hostname</b> on port <b>port</b>. <b>path</b> specifies the HTTP path name to use or &quot;/&quot; by default. This is equivalent to specifying <b>-url</b> with scheme http:// and the given hostname, port, and pathname.</p>
+
+</dd>
+<dt id="header-name-value"><b>-header name=value</b></dt>
+<dd>
+
+<p>Adds the header <b>name</b> with the specified <b>value</b> to the OCSP request that is sent to the responder. This may be repeated.</p>
+
+</dd>
+<dt id="timeout-seconds"><b>-timeout seconds</b></dt>
+<dd>
+
+<p>Connection timeout to the OCSP responder in seconds. On POSIX systems, when running as an OCSP responder, this option also limits the time that the responder is willing to wait for the client request. This time is measured from the time the responder accepts the connection until the complete request is received.</p>
+
+</dd>
+<dt id="multi-process-count"><b>-multi process-count</b></dt>
+<dd>
+
+<p>Run the specified number of OCSP responder child processes, with the parent process respawning child processes as needed. Child processes will detect changes in the CA index file and automatically reload it. When running as a responder <b>-timeout</b> option is recommended to limit the time each child is willing to wait for the client&#39;s OCSP response. This option is available on POSIX systems (that support the fork() and other required unix system-calls).</p>
+
+</dd>
+<dt id="CAfile-file--CApath-pathname"><b>-CAfile file</b>, <b>-CApath pathname</b></dt>
+<dd>
+
+<p>File or pathname containing trusted CA certificates. These are used to verify the signature on the OCSP response.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set different certificate verification options. See <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="verify_other-file"><b>-verify_other file</b></dt>
+<dd>
+
+<p>File containing additional certificates to search when attempting to locate the OCSP response signing certificate. Some responders omit the actual signer&#39;s certificate from the response: this option can be used to supply the necessary certificate in such cases.</p>
+
+</dd>
+<dt id="trust_other"><b>-trust_other</b></dt>
+<dd>
+
+<p>The certificates specified by the <b>-verify_other</b> option should be explicitly trusted and no additional checks will be performed on them. This is useful when the complete responder certificate chain is not available or trusting a root CA is not appropriate.</p>
+
+</dd>
+<dt id="VAfile-file"><b>-VAfile file</b></dt>
+<dd>
+
+<p>File containing explicitly trusted responder certificates. Equivalent to the <b>-verify_other</b> and <b>-trust_other</b> options.</p>
+
+</dd>
+<dt id="noverify"><b>-noverify</b></dt>
+<dd>
+
+<p>Don&#39;t attempt to verify the OCSP response signature or the nonce values. This option will normally only be used for debugging since it disables all verification of the responders certificate.</p>
+
+</dd>
+<dt id="no_intern"><b>-no_intern</b></dt>
+<dd>
+
+<p>Ignore certificates contained in the OCSP response when searching for the signers certificate. With this option the signers certificate must be specified with either the <b>-verify_other</b> or <b>-VAfile</b> options.</p>
+
+</dd>
+<dt id="no_signature_verify"><b>-no_signature_verify</b></dt>
+<dd>
+
+<p>Don&#39;t check the signature on the OCSP response. Since this option tolerates invalid signatures on OCSP responses it will normally only be used for testing purposes.</p>
+
+</dd>
+<dt id="no_cert_verify"><b>-no_cert_verify</b></dt>
+<dd>
+
+<p>Don&#39;t verify the OCSP response signers certificate at all. Since this option allows the OCSP response to be signed by any certificate it should only be used for testing purposes.</p>
+
+</dd>
+<dt id="no_chain"><b>-no_chain</b></dt>
+<dd>
+
+<p>Do not use certificates in the response as additional untrusted CA certificates.</p>
+
+</dd>
+<dt id="no_explicit"><b>-no_explicit</b></dt>
+<dd>
+
+<p>Do not explicitly trust the root CA if it is set to be trusted for OCSP signing.</p>
+
+</dd>
+<dt id="no_cert_checks"><b>-no_cert_checks</b></dt>
+<dd>
+
+<p>Don&#39;t perform any additional checks on the OCSP response signers certificate. That is do not make any checks to see if the signers certificate is authorised to provide the necessary status information: as a result this option should only be used for testing purposes.</p>
+
+</dd>
+<dt id="validity_period-nsec--status_age-age"><b>-validity_period nsec</b>, <b>-status_age age</b></dt>
+<dd>
+
+<p>These options specify the range of times, in seconds, which will be tolerated in an OCSP response. Each certificate status response includes a <b>notBefore</b> time and an optional <b>notAfter</b> time. The current time should fall between these two values, but the interval between the two times may be only a few seconds. In practice the OCSP responder and clients clocks may not be precisely synchronised and so such a check may fail. To avoid this the <b>-validity_period</b> option can be used to specify an acceptable error range in seconds, the default value is 5 minutes.</p>
+
+<p>If the <b>notAfter</b> time is omitted from a response then this means that new status information is immediately available. In this case the age of the <b>notBefore</b> field is checked to see it is not older than <b>age</b> seconds old. By default this additional check is not performed.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>This option sets digest algorithm to use for certificate identification in the OCSP request. Any digest supported by the OpenSSL <b>dgst</b> command can be used. The default is SHA-1. This option may be used multiple times to specify the digest used by subsequent certificate identifiers.</p>
+
+</dd>
+</dl>
+
+<h2 id="OCSP-Server-Options">OCSP Server Options</h2>
+
+<dl>
+
+<dt id="index-indexfile"><b>-index indexfile</b></dt>
+<dd>
+
+<p>The <b>indexfile</b> parameter is the name of a text index file in <b>ca</b> format containing certificate revocation information.</p>
+
+<p>If the <b>index</b> option is specified the <b>ocsp</b> utility is in responder mode, otherwise it is in client mode. The request(s) the responder processes can be either specified on the command line (using <b>issuer</b> and <b>serial</b> options), supplied in a file (using the <b>reqin</b> option) or via external OCSP clients (if <b>port</b> or <b>url</b> is specified).</p>
+
+<p>If the <b>index</b> option is present then the <b>CA</b> and <b>rsigner</b> options must also be present.</p>
+
+</dd>
+<dt id="CA-file"><b>-CA file</b></dt>
+<dd>
+
+<p>CA certificate corresponding to the revocation information in <b>indexfile</b>.</p>
+
+</dd>
+<dt id="rsigner-file"><b>-rsigner file</b></dt>
+<dd>
+
+<p>The certificate to sign OCSP responses with.</p>
+
+</dd>
+<dt id="rother-file"><b>-rother file</b></dt>
+<dd>
+
+<p>Additional certificates to include in the OCSP response.</p>
+
+</dd>
+<dt id="resp_no_certs"><b>-resp_no_certs</b></dt>
+<dd>
+
+<p>Don&#39;t include any certificates in the OCSP response.</p>
+
+</dd>
+<dt id="resp_key_id"><b>-resp_key_id</b></dt>
+<dd>
+
+<p>Identify the signer certificate using the key ID, default is to use the subject name.</p>
+
+</dd>
+<dt id="rkey-file"><b>-rkey file</b></dt>
+<dd>
+
+<p>The private key to sign OCSP responses with: if not present the file specified in the <b>rsigner</b> option is used.</p>
+
+</dd>
+<dt id="rsigopt-nm:v"><b>-rsigopt nm:v</b></dt>
+<dd>
+
+<p>Pass options to the signature algorithm when signing OCSP responses. Names and values of these options are algorithm-specific.</p>
+
+</dd>
+<dt id="port-portnum"><b>-port portnum</b></dt>
+<dd>
+
+<p>Port to listen for OCSP requests on. The port may also be specified using the <b>url</b> option.</p>
+
+</dd>
+<dt id="ignore_err"><b>-ignore_err</b></dt>
+<dd>
+
+<p>Ignore malformed requests or responses: When acting as an OCSP client, retry if a malformed response is received. When acting as an OCSP responder, continue running instead of terminating upon receiving a malformed request.</p>
+
+</dd>
+<dt id="nrequest-number"><b>-nrequest number</b></dt>
+<dd>
+
+<p>The OCSP server will exit after receiving <b>number</b> requests, default unlimited.</p>
+
+</dd>
+<dt id="nmin-minutes--ndays-days"><b>-nmin minutes</b>, <b>-ndays days</b></dt>
+<dd>
+
+<p>Number of minutes or days when fresh revocation information is available: used in the <b>nextUpdate</b> field. If neither option is present then the <b>nextUpdate</b> field is omitted meaning fresh revocation information is immediately available.</p>
+
+</dd>
+</dl>
+
+<h1 id="OCSP-Response-verification">OCSP Response verification.</h1>
+
+<p>OCSP Response follows the rules specified in RFC2560.</p>
+
+<p>Initially the OCSP responder certificate is located and the signature on the OCSP request checked using the responder certificate&#39;s public key.</p>
+
+<p>Then a normal certificate verify is performed on the OCSP responder certificate building up a certificate chain in the process. The locations of the trusted certificates used to build the chain can be specified by the <b>CAfile</b> and <b>CApath</b> options or they will be looked for in the standard OpenSSL certificates directory.</p>
+
+<p>If the initial verify fails then the OCSP verify process halts with an error.</p>
+
+<p>Otherwise the issuing CA certificate in the request is compared to the OCSP responder certificate: if there is a match then the OCSP verify succeeds.</p>
+
+<p>Otherwise the OCSP responder certificate&#39;s CA is checked against the issuing CA certificate in the request. If there is a match and the OCSPSigning extended key usage is present in the OCSP responder certificate then the OCSP verify succeeds.</p>
+
+<p>Otherwise, if <b>-no_explicit</b> is <b>not</b> set the root CA of the OCSP responders CA is checked to see if it is trusted for OCSP signing. If it is the OCSP verify succeeds.</p>
+
+<p>If none of these checks is successful then the OCSP verify fails.</p>
+
+<p>What this effectively means if that if the OCSP responder certificate is authorised directly by the CA it is issuing revocation information about (and it is correctly configured) then verification will succeed.</p>
+
+<p>If the OCSP responder is a &quot;global responder&quot; which can give details about multiple CAs and has its own separate certificate chain then its root CA can be trusted for OCSP signing. For example:</p>
+
+<pre><code> openssl x509 -in ocspCA.pem -addtrust OCSPSigning -out trustedCA.pem</code></pre>
+
+<p>Alternatively the responder certificate itself can be explicitly trusted with the <b>-VAfile</b> option.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>As noted, most of the verify options are for testing or debugging purposes. Normally only the <b>-CApath</b>, <b>-CAfile</b> and (if the responder is a &#39;global VA&#39;) <b>-VAfile</b> options need to be used.</p>
+
+<p>The OCSP server is only useful for test and demonstration purposes: it is not really usable as a full OCSP responder. It contains only a very simple HTTP request handling and can only handle the POST form of OCSP queries. It also handles requests serially meaning it cannot respond to new requests until it has processed the current one. The text index file format of revocation is also inefficient for large quantities of revocation data.</p>
+
+<p>It is possible to run the <b>ocsp</b> application in responder mode via a CGI script using the <b>reqin</b> and <b>respout</b> options.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an OCSP request and write it to a file:</p>
+
+<pre><code> openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der</code></pre>
+
+<p>Send a query to an OCSP responder with URL http://ocsp.myhost.com/ save the response to a file, print it out in text form, and verify the response:</p>
+
+<pre><code> openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem \
+     -url http://ocsp.myhost.com/ -resp_text -respout resp.der</code></pre>
+
+<p>Read in an OCSP response and print out text form:</p>
+
+<pre><code> openssl ocsp -respin resp.der -text -noverify</code></pre>
+
+<p>OCSP server on port 8888 using a standard <b>ca</b> configuration, and a separate responder certificate. All requests and responses are printed to a file.</p>
+
+<pre><code> openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
+        -text -out log.txt</code></pre>
+
+<p>As above but exit after processing one request:</p>
+
+<pre><code> openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
+     -nrequest 1</code></pre>
+
+<p>Query status information using an internally generated request:</p>
+
+<pre><code> openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
+     -issuer demoCA/cacert.pem -serial 1</code></pre>
+
+<p>Query status information using request read from a file, and write the response to a second file.</p>
+
+<pre><code> openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
+     -reqin req.der -respout resp.der</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The -no_alt_chains option was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-asn1parse.html b/msys2/usr/share/doc/openssl/html/man1/openssl-asn1parse.html
new file mode 100644
index 000000000..decd86de8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-asn1parse.html
@@ -0,0 +1,227 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>asn1parse</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#Output">Output</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-asn1parse, asn1parse - ASN.1 parsing tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>asn1parse</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-offset number</b>] [<b>-length number</b>] [<b>-i</b>] [<b>-oid filename</b>] [<b>-dump</b>] [<b>-dlimit num</b>] [<b>-strparse offset</b>] [<b>-genstr string</b>] [<b>-genconf file</b>] [<b>-strictpem</b>] [<b>-item name</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>asn1parse</b> command is a diagnostic utility that can parse ASN.1 structures. It can also be used to extract data from ASN.1 formatted data.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform</b> <b>DER|PEM</b></dt>
+<dd>
+
+<p>The input format. <b>DER</b> is binary format and <b>PEM</b> (the default) is base64 encoded.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>The input file, default is standard input.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Output file to place the DER encoded data into. If this option is not present then no data will be output. This is most useful when combined with the <b>-strparse</b> option.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Don&#39;t output the parsed version of the input file.</p>
+
+</dd>
+<dt id="offset-number"><b>-offset number</b></dt>
+<dd>
+
+<p>Starting offset to begin parsing, default is start of file.</p>
+
+</dd>
+<dt id="length-number"><b>-length number</b></dt>
+<dd>
+
+<p>Number of bytes to parse, default is until end of file.</p>
+
+</dd>
+<dt id="i"><b>-i</b></dt>
+<dd>
+
+<p>Indents the output according to the &quot;depth&quot; of the structures.</p>
+
+</dd>
+<dt id="oid-filename"><b>-oid filename</b></dt>
+<dd>
+
+<p>A file containing additional OBJECT IDENTIFIERs (OIDs). The format of this file is described in the NOTES section below.</p>
+
+</dd>
+<dt id="dump"><b>-dump</b></dt>
+<dd>
+
+<p>Dump unknown data in hex format.</p>
+
+</dd>
+<dt id="dlimit-num"><b>-dlimit num</b></dt>
+<dd>
+
+<p>Like <b>-dump</b>, but only the first <b>num</b> bytes are output.</p>
+
+</dd>
+<dt id="strparse-offset"><b>-strparse offset</b></dt>
+<dd>
+
+<p>Parse the contents octets of the ASN.1 object starting at <b>offset</b>. This option can be used multiple times to &quot;drill down&quot; into a nested structure.</p>
+
+</dd>
+<dt id="genstr-string--genconf-file"><b>-genstr string</b>, <b>-genconf file</b></dt>
+<dd>
+
+<p>Generate encoded data based on <b>string</b>, <b>file</b> or both using <a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a> format. If <b>file</b> only is present then the string is obtained from the default section using the name <b>asn1</b>. The encoded data is passed through the ASN1 parser and printed out as though it came from a file, the contents can thus be examined and written to a file using the <b>out</b> option.</p>
+
+</dd>
+<dt id="strictpem"><b>-strictpem</b></dt>
+<dd>
+
+<p>If this option is used then <b>-inform</b> will be ignored. Without this option any data in a PEM format input file will be treated as being base64 encoded and processed whether it has the normal PEM BEGIN and END markers or not. This option will ignore any data prior to the start of the BEGIN marker, or after an END marker in a PEM file.</p>
+
+</dd>
+<dt id="item-name"><b>-item name</b></dt>
+<dd>
+
+<p>Attempt to decode and print the data as <b>ASN1_ITEM name</b>. This can be used to print out the fields of any supported ASN.1 structure if the type is known.</p>
+
+</dd>
+</dl>
+
+<h2 id="Output">Output</h2>
+
+<p>The output will typically contain lines like this:</p>
+
+<pre><code>  0:d=0  hl=4 l= 681 cons: SEQUENCE</code></pre>
+
+<p>.....</p>
+
+<pre><code>  229:d=3  hl=3 l= 141 prim: BIT STRING
+  373:d=2  hl=3 l= 162 cons: cont [ 3 ]
+  376:d=3  hl=3 l= 159 cons: SEQUENCE
+  379:d=4  hl=2 l=  29 cons: SEQUENCE
+  381:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Key Identifier
+  386:d=5  hl=2 l=  22 prim: OCTET STRING
+  410:d=4  hl=2 l= 112 cons: SEQUENCE
+  412:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key Identifier
+  417:d=5  hl=2 l= 105 prim: OCTET STRING
+  524:d=4  hl=2 l=  12 cons: SEQUENCE</code></pre>
+
+<p>.....</p>
+
+<p>This example is part of a self-signed certificate. Each line starts with the offset in decimal. <b>d=XX</b> specifies the current depth. The depth is increased within the scope of any SET or SEQUENCE. <b>hl=XX</b> gives the header length (tag and length octets) of the current type. <b>l=XX</b> gives the length of the contents octets.</p>
+
+<p>The <b>-i</b> option can be used to make the output more readable.</p>
+
+<p>Some knowledge of the ASN.1 structure is needed to interpret the output.</p>
+
+<p>In this example the BIT STRING at offset 229 is the certificate public key. The contents octets of this will contain the public key information. This can be examined using the option <b>-strparse 229</b> to yield:</p>
+
+<pre><code>    0:d=0  hl=3 l= 137 cons: SEQUENCE
+    3:d=1  hl=3 l= 129 prim: INTEGER           :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897
+  135:d=1  hl=2 l=   3 prim: INTEGER           :010001</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an OID is not part of OpenSSL&#39;s internal table it will be represented in numerical form (for example 1.2.3.4). The file passed to the <b>-oid</b> option allows additional OIDs to be included. Each line consists of three columns, the first column is the OID in numerical format and should be followed by white space. The second column is the &quot;short name&quot; which is a single word followed by white space. The final column is the rest of the line and is the &quot;long name&quot;. <b>asn1parse</b> displays the long name. Example:</p>
+
+<p><code>1.2.3.4 shortName A long name</code></p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Parse a file:</p>
+
+<pre><code> openssl asn1parse -in file.pem</code></pre>
+
+<p>Parse a DER file:</p>
+
+<pre><code> openssl asn1parse -inform DER -in file.der</code></pre>
+
+<p>Generate a simple UTF8String:</p>
+
+<pre><code> openssl asn1parse -genstr &#39;UTF8:Hello World&#39;</code></pre>
+
+<p>Generate and write out a UTF8String, don&#39;t print parsed output:</p>
+
+<pre><code> openssl asn1parse -genstr &#39;UTF8:Hello World&#39; -noout -out utf8.der</code></pre>
+
+<p>Generate using a config file:</p>
+
+<pre><code> openssl asn1parse -genconf asn1.cnf -noout -out asn1.der</code></pre>
+
+<p>Example config file:</p>
+
+<pre><code> asn1=SEQUENCE:seq_sect
+
+ [seq_sect]
+
+ field1=BOOL:TRUE
+ field2=EXP:0, UTF8:some random string</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be options to change the format of output lines. The output of some ASN.1 types is not well handled (if at all).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-c_rehash.html b/msys2/usr/share/doc/openssl/html/man1/openssl-c_rehash.html
new file mode 100644
index 000000000..5b31c5996
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-c_rehash.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rehash</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Script-Configuration">Script Configuration</a></li>
+    </ul>
+  </li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-c_rehash, openssl-rehash, c_rehash, rehash - Create symbolic links to files named by the hash values</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>rehash</b> <b>[-h]</b> <b>[-help]</b> <b>[-old]</b> <b>[-n]</b> <b>[-v]</b> [ <i>directory</i>...]</p>
+
+<p><b>c_rehash</b> <i>flags...</i></p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>On some platforms, the OpenSSL <b>rehash</b> command is available as an external script called <b>c_rehash</b>. They are functionally equivalent, except for minor differences noted below.</p>
+
+<p><b>rehash</b> scans directories and calculates a hash value of each <code>.pem</code>, <code>.crt</code>, <code>.cer</code>, or <code>.crl</code> file in the specified directory list and creates symbolic links for each file, where the name of the link is the hash value. (If the platform does not support symbolic links, a copy is made.) This utility is useful as many programs that use OpenSSL require directories to be set up like this in order to find certificates.</p>
+
+<p>If any directories are named on the command line, then those are processed in turn. If not, then the <b>SSL_CERT_DIR</b> environment variable is consulted; this should be a colon-separated list of directories, like the Unix <b>PATH</b> variable. If that is not set then the default directory (installation-specific but often <b>/usr/local/ssl/certs</b>) is processed.</p>
+
+<p>In order for a directory to be processed, the user must have write permissions on that directory, otherwise an error will be generated.</p>
+
+<p>The links created are of the form <code>HHHHHHHH.D</code>, where each <b>H</b> is a hexadecimal character and <b>D</b> is a single decimal digit. When processing a directory, <b>rehash</b> will first remove all links that have a name in that syntax, even if they are being used for some other purpose. To skip the removal step, use the <b>-n</b> flag. Hashes for CRL&#39;s look similar except the letter <b>r</b> appears after the period, like this: <code>HHHHHHHH.rD</code>.</p>
+
+<p>Multiple objects may have the same hash; they will be indicated by incrementing the <b>D</b> value. Duplicates are found by comparing the full SHA-1 fingerprint. A warning will be displayed if a duplicate is found.</p>
+
+<p>A warning will also be displayed if there are files that cannot be parsed as either a certificate or a CRL or if more than one such object appears in the file.</p>
+
+<h2 id="Script-Configuration">Script Configuration</h2>
+
+<p>The <b>c_rehash</b> script uses the <b>openssl</b> program to compute the hashes and fingerprints. If not found in the user&#39;s <b>PATH</b>, then set the <b>OPENSSL</b> environment variable to the full pathname. Any program can be used, it will be invoked as follows for either a certificate or CRL:</p>
+
+<pre><code>  $OPENSSL x509 -hash -fingerprint -noout -in FILENAME
+  $OPENSSL crl -hash -fingerprint -noout -in FILENAME</code></pre>
+
+<p>where <b>FILENAME</b> is the filename. It must output the hash of the file on the first line, and the fingerprint on the second, optionally prefixed with some text and an equals sign.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help--h"><b>-help</b> <b>-h</b></dt>
+<dd>
+
+<p>Display a brief usage message.</p>
+
+</dd>
+<dt id="old"><b>-old</b></dt>
+<dd>
+
+<p>Use old-style hashing (MD5, as opposed to SHA-1) for generating links to be used for releases before 1.0.0. Note that current versions will not use the old style.</p>
+
+</dd>
+<dt id="n"><b>-n</b></dt>
+<dd>
+
+<p>Do not remove existing links. This is needed when keeping new and old-style links in the same directory.</p>
+
+</dd>
+<dt id="compat"><b>-compat</b></dt>
+<dd>
+
+<p>Generate links for both old-style (MD5) and new-style (SHA1) hashing. This allows releases before 1.0.0 to use these links along-side newer releases.</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>Print messages about old links removed and new links created. By default, <b>rehash</b> only lists each directory as it is processed.</p>
+
+</dd>
+</dl>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL"><b>OPENSSL</b></dt>
+<dd>
+
+<p>The path to an executable to use to generate hashes and fingerprints (see above).</p>
+
+</dd>
+<dt id="SSL_CERT_DIR"><b>SSL_CERT_DIR</b></dt>
+<dd>
+
+<p>Colon separated list of directories to operate on. Ignored if directories are listed on the command line.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man1/crl.html">crl(1)</a>. <a href="../man1/x509.html">x509(1)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-ca.html b/msys2/usr/share/doc/openssl/html/man1/openssl-ca.html
new file mode 100644
index 000000000..900f10667
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-ca.html
@@ -0,0 +1,665 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ca</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CRL-OPTIONS">CRL OPTIONS</a></li>
+  <li><a href="#CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</a></li>
+  <li><a href="#POLICY-FORMAT">POLICY FORMAT</a></li>
+  <li><a href="#SPKAC-FORMAT">SPKAC FORMAT</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#FILES">FILES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ca, ca - sample minimal CA application</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ca</b> [<b>-help</b>] [<b>-verbose</b>] [<b>-config filename</b>] [<b>-name section</b>] [<b>-gencrl</b>] [<b>-revoke file</b>] [<b>-valid file</b>] [<b>-status serial</b>] [<b>-updatedb</b>] [<b>-crl_reason reason</b>] [<b>-crl_hold instruction</b>] [<b>-crl_compromise time</b>] [<b>-crl_CA_compromise time</b>] [<b>-crldays days</b>] [<b>-crlhours hours</b>] [<b>-crlexts section</b>] [<b>-startdate date</b>] [<b>-enddate date</b>] [<b>-days arg</b>] [<b>-md arg</b>] [<b>-policy arg</b>] [<b>-keyfile arg</b>] [<b>-keyform PEM|DER</b>] [<b>-key arg</b>] [<b>-passin arg</b>] [<b>-cert file</b>] [<b>-selfsign</b>] [<b>-in file</b>] [<b>-out file</b>] [<b>-notext</b>] [<b>-outdir dir</b>] [<b>-infiles</b>] [<b>-spkac file</b>] [<b>-ss_cert file</b>] [<b>-preserveDN</b>] [<b>-noemailDN</b>] [<b>-batch</b>] [<b>-msie_hack</b>] [<b>-extensions section</b>] [<b>-extfile section</b>] [<b>-engine id</b>] [<b>-subj arg</b>] [<b>-utf8</b>] [<b>-create_serial</b>] [<b>-rand_serial</b>] [<b>-multivalue-rdn</b>] [<b>-rand file...</b>] [<b>-writerand file</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>ca</b> command is a minimal CA application. It can be used to sign certificate requests in a variety of forms and generate CRLs it also maintains a text database of issued certificates and their status.</p>
+
+<p>The options descriptions will be divided into each purpose.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="verbose"><b>-verbose</b></dt>
+<dd>
+
+<p>This prints extra details about the operations being performed.</p>
+
+</dd>
+<dt id="config-filename"><b>-config filename</b></dt>
+<dd>
+
+<p>Specifies the configuration file to use. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>.</p>
+
+</dd>
+<dt id="name-section"><b>-name section</b></dt>
+<dd>
+
+<p>Specifies the configuration file section to use (overrides <b>default_ca</b> in the <b>ca</b> section).</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>An input filename containing a single certificate request to be signed by the CA.</p>
+
+</dd>
+<dt id="ss_cert-filename"><b>-ss_cert filename</b></dt>
+<dd>
+
+<p>A single self-signed certificate to be signed by the CA.</p>
+
+</dd>
+<dt id="spkac-filename"><b>-spkac filename</b></dt>
+<dd>
+
+<p>A file containing a single Netscape signed public key and challenge and additional field values to be signed by the CA. See the <b>SPKAC FORMAT</b> section for information on the required input and output format.</p>
+
+</dd>
+<dt id="infiles"><b>-infiles</b></dt>
+<dd>
+
+<p>If present this should be the last option, all subsequent arguments are taken as the names of files containing certificate requests.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The output file to output certificates to. The default is standard output. The certificate details will also be printed out to this file in PEM format (except that <b>-spkac</b> outputs DER format).</p>
+
+</dd>
+<dt id="outdir-directory"><b>-outdir directory</b></dt>
+<dd>
+
+<p>The directory to output certificates to. The certificate will be written to a filename consisting of the serial number in hex with &quot;.pem&quot; appended.</p>
+
+</dd>
+<dt id="cert"><b>-cert</b></dt>
+<dd>
+
+<p>The CA certificate file.</p>
+
+</dd>
+<dt id="keyfile-filename"><b>-keyfile filename</b></dt>
+<dd>
+
+<p>The private key to sign requests with.</p>
+
+</dd>
+<dt id="keyform-PEM-DER"><b>-keyform PEM|DER</b></dt>
+<dd>
+
+<p>The format of the data in the private key file. The default is PEM.</p>
+
+</dd>
+<dt id="key-password"><b>-key password</b></dt>
+<dd>
+
+<p>The password used to encrypt the private key. Since on some systems the command line arguments are visible (e.g. Unix with the &#39;ps&#39; utility) this option should be used with caution.</p>
+
+</dd>
+<dt id="selfsign"><b>-selfsign</b></dt>
+<dd>
+
+<p>Indicates the issued certificates are to be signed with the key the certificate requests were signed with (given with <b>-keyfile</b>). Certificate requests signed with a different key are ignored. If <b>-spkac</b>, <b>-ss_cert</b> or <b>-gencrl</b> are given, <b>-selfsign</b> is ignored.</p>
+
+<p>A consequence of using <b>-selfsign</b> is that the self-signed certificate appears among the entries in the certificate database (see the configuration option <b>database</b>), and uses the same serial number counter as all other certificates sign with the self-signed certificate.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="notext"><b>-notext</b></dt>
+<dd>
+
+<p>Don&#39;t output the text form of a certificate to the output file.</p>
+
+</dd>
+<dt id="startdate-date"><b>-startdate date</b></dt>
+<dd>
+
+<p>This allows the start date to be explicitly set. The format of the date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure), or YYYYMMDDHHMMSSZ (the same as an ASN1 GeneralizedTime structure). In both formats, seconds SS and timezone Z must be present.</p>
+
+</dd>
+<dt id="enddate-date"><b>-enddate date</b></dt>
+<dd>
+
+<p>This allows the expiry date to be explicitly set. The format of the date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure), or YYYYMMDDHHMMSSZ (the same as an ASN1 GeneralizedTime structure). In both formats, seconds SS and timezone Z must be present.</p>
+
+</dd>
+<dt id="days-arg"><b>-days arg</b></dt>
+<dd>
+
+<p>The number of days to certify the certificate for.</p>
+
+</dd>
+<dt id="md-alg"><b>-md alg</b></dt>
+<dd>
+
+<p>The message digest to use. Any digest supported by the OpenSSL <b>dgst</b> command can be used. For signing algorithms that do not support a digest (i.e. Ed25519 and Ed448) any message digest that is set is ignored. This option also applies to CRLs.</p>
+
+</dd>
+<dt id="policy-arg"><b>-policy arg</b></dt>
+<dd>
+
+<p>This option defines the CA &quot;policy&quot; to use. This is a section in the configuration file which decides which fields should be mandatory or match the CA certificate. Check out the <b>POLICY FORMAT</b> section for more information.</p>
+
+</dd>
+<dt id="msie_hack"><b>-msie_hack</b></dt>
+<dd>
+
+<p>This is a deprecated option to make <b>ca</b> work with very old versions of the IE certificate enrollment control &quot;certenr3&quot;. It used UniversalStrings for almost everything. Since the old control has various security bugs its use is strongly discouraged.</p>
+
+</dd>
+<dt id="preserveDN"><b>-preserveDN</b></dt>
+<dd>
+
+<p>Normally the DN order of a certificate is the same as the order of the fields in the relevant policy section. When this option is set the order is the same as the request. This is largely for compatibility with the older IE enrollment control which would only accept certificates if their DNs match the order of the request. This is not needed for Xenroll.</p>
+
+</dd>
+<dt id="noemailDN"><b>-noemailDN</b></dt>
+<dd>
+
+<p>The DN of a certificate can contain the EMAIL field if present in the request DN, however it is good policy just having the e-mail set into the altName extension of the certificate. When this option is set the EMAIL field is removed from the certificate&#39; subject and set only in the, eventually present, extensions. The <b>email_in_dn</b> keyword can be used in the configuration file to enable this behaviour.</p>
+
+</dd>
+<dt id="batch"><b>-batch</b></dt>
+<dd>
+
+<p>This sets the batch mode. In this mode no questions will be asked and all certificates will be certified automatically.</p>
+
+</dd>
+<dt id="extensions-section"><b>-extensions section</b></dt>
+<dd>
+
+<p>The section of the configuration file containing certificate extensions to be added when a certificate is issued (defaults to <b>x509_extensions</b> unless the <b>-extfile</b> option is used). If no extension section is present then, a V1 certificate is created. If the extension section is present (even if it is empty), then a V3 certificate is created. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
+
+</dd>
+<dt id="extfile-file"><b>-extfile file</b></dt>
+<dd>
+
+<p>An additional configuration file to read certificate extensions from (using the default section unless the <b>-extensions</b> option is also used).</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ca</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="subj-arg"><b>-subj arg</b></dt>
+<dd>
+
+<p>Supersedes subject name given in the request. The arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>. Keyword characters may be escaped by \ (backslash), and whitespace is retained. Empty values are permitted, but the corresponding type will not be included in the resulting certificate.</p>
+
+</dd>
+<dt id="utf8"><b>-utf8</b></dt>
+<dd>
+
+<p>This option causes field values to be interpreted as UTF8 strings, by default they are interpreted as ASCII. This means that the field values, whether prompted from a terminal or obtained from a configuration file, must be valid UTF8 strings.</p>
+
+</dd>
+<dt id="create_serial"><b>-create_serial</b></dt>
+<dd>
+
+<p>If reading serial from the text file as specified in the configuration fails, specifying this option creates a new random serial to be used as next serial number. To get random serial numbers, use the <b>-rand_serial</b> flag instead; this should only be used for simple error-recovery.</p>
+
+</dd>
+<dt id="rand_serial"><b>-rand_serial</b></dt>
+<dd>
+
+<p>Generate a large random number to use as the serial number. This overrides any option or configuration to use a serial number file.</p>
+
+</dd>
+<dt id="multivalue-rdn"><b>-multivalue-rdn</b></dt>
+<dd>
+
+<p>This option causes the -subj argument to be interpreted with full support for multivalued RDNs. Example:</p>
+
+<p><i>/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe</i></p>
+
+<p>If -multi-rdn is not used then the UID value is <i>123456+CN=John Doe</i>.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="CRL-OPTIONS">CRL OPTIONS</h1>
+
+<dl>
+
+<dt id="gencrl"><b>-gencrl</b></dt>
+<dd>
+
+<p>This option generates a CRL based on information in the index file.</p>
+
+</dd>
+<dt id="crldays-num"><b>-crldays num</b></dt>
+<dd>
+
+<p>The number of days before the next CRL is due. That is the days from now to place in the CRL nextUpdate field.</p>
+
+</dd>
+<dt id="crlhours-num"><b>-crlhours num</b></dt>
+<dd>
+
+<p>The number of hours before the next CRL is due.</p>
+
+</dd>
+<dt id="revoke-filename"><b>-revoke filename</b></dt>
+<dd>
+
+<p>A filename containing a certificate to revoke.</p>
+
+</dd>
+<dt id="valid-filename"><b>-valid filename</b></dt>
+<dd>
+
+<p>A filename containing a certificate to add a Valid certificate entry.</p>
+
+</dd>
+<dt id="status-serial"><b>-status serial</b></dt>
+<dd>
+
+<p>Displays the revocation status of the certificate with the specified serial number and exits.</p>
+
+</dd>
+<dt id="updatedb"><b>-updatedb</b></dt>
+<dd>
+
+<p>Updates the database index to purge expired certificates.</p>
+
+</dd>
+<dt id="crl_reason-reason"><b>-crl_reason reason</b></dt>
+<dd>
+
+<p>Revocation reason, where <b>reason</b> is one of: <b>unspecified</b>, <b>keyCompromise</b>, <b>CACompromise</b>, <b>affiliationChanged</b>, <b>superseded</b>, <b>cessationOfOperation</b>, <b>certificateHold</b> or <b>removeFromCRL</b>. The matching of <b>reason</b> is case insensitive. Setting any revocation reason will make the CRL v2.</p>
+
+<p>In practice <b>removeFromCRL</b> is not particularly useful because it is only used in delta CRLs which are not currently implemented.</p>
+
+</dd>
+<dt id="crl_hold-instruction"><b>-crl_hold instruction</b></dt>
+<dd>
+
+<p>This sets the CRL revocation reason code to <b>certificateHold</b> and the hold instruction to <b>instruction</b> which must be an OID. Although any OID can be used only <b>holdInstructionNone</b> (the use of which is discouraged by RFC2459) <b>holdInstructionCallIssuer</b> or <b>holdInstructionReject</b> will normally be used.</p>
+
+</dd>
+<dt id="crl_compromise-time"><b>-crl_compromise time</b></dt>
+<dd>
+
+<p>This sets the revocation reason to <b>keyCompromise</b> and the compromise time to <b>time</b>. <b>time</b> should be in GeneralizedTime format that is <b>YYYYMMDDHHMMSSZ</b>.</p>
+
+</dd>
+<dt id="crl_CA_compromise-time"><b>-crl_CA_compromise time</b></dt>
+<dd>
+
+<p>This is the same as <b>crl_compromise</b> except the revocation reason is set to <b>CACompromise</b>.</p>
+
+</dd>
+<dt id="crlexts-section"><b>-crlexts section</b></dt>
+<dd>
+
+<p>The section of the configuration file containing CRL extensions to include. If no CRL extension section is present then a V1 CRL is created, if the CRL extension section is present (even if it is empty) then a V2 CRL is created. The CRL extensions specified are CRL extensions and <b>not</b> CRL entry extensions. It should be noted that some software (for example Netscape) can&#39;t handle V2 CRLs. See <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</h1>
+
+<p>The section of the configuration file containing options for <b>ca</b> is found as follows: If the <b>-name</b> command line option is used, then it names the section to be used. Otherwise the section to be used must be named in the <b>default_ca</b> option of the <b>ca</b> section of the configuration file (or in the default section of the configuration file). Besides <b>default_ca</b>, the following options are read directly from the <b>ca</b> section: RANDFILE preserve msie_hack With the exception of <b>RANDFILE</b>, this is probably a bug and may change in future releases.</p>
+
+<p>Many of the configuration file options are identical to command line options. Where the option is present in the configuration file and the command line the command line value is used. Where an option is described as mandatory then it must be present in the configuration file or the command line equivalent (if any) used.</p>
+
+<dl>
+
+<dt id="oid_file"><b>oid_file</b></dt>
+<dd>
+
+<p>This specifies a file containing additional <b>OBJECT IDENTIFIERS</b>. Each line of the file should consist of the numerical form of the object identifier followed by white space then the short name followed by white space and finally the long name.</p>
+
+</dd>
+<dt id="oid_section"><b>oid_section</b></dt>
+<dd>
+
+<p>This specifies a section in the configuration file containing extra object identifiers. Each line should consist of the short name of the object identifier followed by <b>=</b> and the numerical form. The short and long names are the same when this option is used.</p>
+
+</dd>
+<dt id="new_certs_dir"><b>new_certs_dir</b></dt>
+<dd>
+
+<p>The same as the <b>-outdir</b> command line option. It specifies the directory where new certificates will be placed. Mandatory.</p>
+
+</dd>
+<dt id="certificate"><b>certificate</b></dt>
+<dd>
+
+<p>The same as <b>-cert</b>. It gives the file containing the CA certificate. Mandatory.</p>
+
+</dd>
+<dt id="private_key"><b>private_key</b></dt>
+<dd>
+
+<p>Same as the <b>-keyfile</b> option. The file containing the CA private key. Mandatory.</p>
+
+</dd>
+<dt id="RANDFILE"><b>RANDFILE</b></dt>
+<dd>
+
+<p>At startup the specified file is loaded into the random number generator, and at exit 256 bytes will be written to it.</p>
+
+</dd>
+<dt id="default_days"><b>default_days</b></dt>
+<dd>
+
+<p>The same as the <b>-days</b> option. The number of days to certify a certificate for.</p>
+
+</dd>
+<dt id="default_startdate"><b>default_startdate</b></dt>
+<dd>
+
+<p>The same as the <b>-startdate</b> option. The start date to certify a certificate for. If not set the current time is used.</p>
+
+</dd>
+<dt id="default_enddate"><b>default_enddate</b></dt>
+<dd>
+
+<p>The same as the <b>-enddate</b> option. Either this option or <b>default_days</b> (or the command line equivalents) must be present.</p>
+
+</dd>
+<dt id="default_crl_hours-default_crl_days"><b>default_crl_hours default_crl_days</b></dt>
+<dd>
+
+<p>The same as the <b>-crlhours</b> and the <b>-crldays</b> options. These will only be used if neither command line option is present. At least one of these must be present to generate a CRL.</p>
+
+</dd>
+<dt id="default_md"><b>default_md</b></dt>
+<dd>
+
+<p>The same as the <b>-md</b> option. Mandatory except where the signing algorithm does not require a digest (i.e. Ed25519 and Ed448).</p>
+
+</dd>
+<dt id="database"><b>database</b></dt>
+<dd>
+
+<p>The text database file to use. Mandatory. This file must be present though initially it will be empty.</p>
+
+</dd>
+<dt id="unique_subject"><b>unique_subject</b></dt>
+<dd>
+
+<p>If the value <b>yes</b> is given, the valid certificate entries in the database must have unique subjects. if the value <b>no</b> is given, several valid certificate entries may have the exact same subject. The default value is <b>yes</b>, to be compatible with older (pre 0.9.8) versions of OpenSSL. However, to make CA certificate roll-over easier, it&#39;s recommended to use the value <b>no</b>, especially if combined with the <b>-selfsign</b> command line option.</p>
+
+<p>Note that it is valid in some circumstances for certificates to be created without any subject. In the case where there are multiple certificates without subjects this does not count as a duplicate.</p>
+
+</dd>
+<dt id="serial"><b>serial</b></dt>
+<dd>
+
+<p>A text file containing the next serial number to use in hex. Mandatory. This file must be present and contain a valid serial number.</p>
+
+</dd>
+<dt id="crlnumber"><b>crlnumber</b></dt>
+<dd>
+
+<p>A text file containing the next CRL number to use in hex. The crl number will be inserted in the CRLs only if this file exists. If this file is present, it must contain a valid CRL number.</p>
+
+</dd>
+<dt id="x509_extensions"><b>x509_extensions</b></dt>
+<dd>
+
+<p>The same as <b>-extensions</b>.</p>
+
+</dd>
+<dt id="crl_extensions"><b>crl_extensions</b></dt>
+<dd>
+
+<p>The same as <b>-crlexts</b>.</p>
+
+</dd>
+<dt id="preserve"><b>preserve</b></dt>
+<dd>
+
+<p>The same as <b>-preserveDN</b></p>
+
+</dd>
+<dt id="email_in_dn"><b>email_in_dn</b></dt>
+<dd>
+
+<p>The same as <b>-noemailDN</b>. If you want the EMAIL field to be removed from the DN of the certificate simply set this to &#39;no&#39;. If not present the default is to allow for the EMAIL filed in the certificate&#39;s DN.</p>
+
+</dd>
+<dt id="msie_hack1"><b>msie_hack</b></dt>
+<dd>
+
+<p>The same as <b>-msie_hack</b></p>
+
+</dd>
+<dt id="policy"><b>policy</b></dt>
+<dd>
+
+<p>The same as <b>-policy</b>. Mandatory. See the <b>POLICY FORMAT</b> section for more information.</p>
+
+</dd>
+<dt id="name_opt-cert_opt"><b>name_opt</b>, <b>cert_opt</b></dt>
+<dd>
+
+<p>These options allow the format used to display the certificate details when asking the user to confirm signing. All the options supported by the <b>x509</b> utilities <b>-nameopt</b> and <b>-certopt</b> switches can be used here, except the <b>no_signame</b> and <b>no_sigdump</b> are permanently set and cannot be disabled (this is because the certificate signature cannot be displayed because the certificate has not been signed at this point).</p>
+
+<p>For convenience the values <b>ca_default</b> are accepted by both to produce a reasonable output.</p>
+
+<p>If neither option is present the format used in earlier versions of OpenSSL is used. Use of the old format is <b>strongly</b> discouraged because it only displays fields mentioned in the <b>policy</b> section, mishandles multicharacter string types and does not display extensions.</p>
+
+</dd>
+<dt id="copy_extensions"><b>copy_extensions</b></dt>
+<dd>
+
+<p>Determines how extensions in certificate requests should be handled. If set to <b>none</b> or this option is not present then extensions are ignored and not copied to the certificate. If set to <b>copy</b> then any extensions present in the request that are not already present are copied to the certificate. If set to <b>copyall</b> then all extensions in the request are copied to the certificate: if the extension is already present in the certificate it is deleted first. See the <b>WARNINGS</b> section before using this option.</p>
+
+<p>The main use of this option is to allow a certificate request to supply values for certain extensions such as subjectAltName.</p>
+
+</dd>
+</dl>
+
+<h1 id="POLICY-FORMAT">POLICY FORMAT</h1>
+
+<p>The policy section consists of a set of variables corresponding to certificate DN fields. If the value is &quot;match&quot; then the field value must match the same field in the CA certificate. If the value is &quot;supplied&quot; then it must be present. If the value is &quot;optional&quot; then it may be present. Any fields not mentioned in the policy section are silently deleted, unless the <b>-preserveDN</b> option is set but this can be regarded more of a quirk than intended behaviour.</p>
+
+<h1 id="SPKAC-FORMAT">SPKAC FORMAT</h1>
+
+<p>The input to the <b>-spkac</b> command line option is a Netscape signed public key and challenge. This will usually come from the <b>KEYGEN</b> tag in an HTML form to create a new private key. It is however possible to create SPKACs using the <b>spkac</b> utility.</p>
+
+<p>The file should contain the variable SPKAC set to the value of the SPKAC and also the required DN components as name value pairs. If you need to include the same component twice then it can be preceded by a number and a &#39;.&#39;.</p>
+
+<p>When processing SPKAC format, the output is DER if the <b>-out</b> flag is used, but PEM format if sending to stdout or the <b>-outdir</b> flag is used.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Note: these examples assume that the <b>ca</b> directory structure is already set up and the relevant files already exist. This usually involves creating a CA certificate and private key with <b>req</b>, a serial number file and an empty index file and placing them in the relevant directories.</p>
+
+<p>To use the sample configuration file below the directories demoCA, demoCA/private and demoCA/newcerts would be created. The CA certificate would be copied to demoCA/cacert.pem and its private key to demoCA/private/cakey.pem. A file demoCA/serial would be created containing for example &quot;01&quot; and the empty index file demoCA/index.txt.</p>
+
+<p>Sign a certificate request:</p>
+
+<pre><code> openssl ca -in req.pem -out newcert.pem</code></pre>
+
+<p>Sign a certificate request, using CA extensions:</p>
+
+<pre><code> openssl ca -in req.pem -extensions v3_ca -out newcert.pem</code></pre>
+
+<p>Generate a CRL</p>
+
+<pre><code> openssl ca -gencrl -out crl.pem</code></pre>
+
+<p>Sign several requests:</p>
+
+<pre><code> openssl ca -infiles req1.pem req2.pem req3.pem</code></pre>
+
+<p>Certify a Netscape SPKAC:</p>
+
+<pre><code> openssl ca -spkac spkac.txt</code></pre>
+
+<p>A sample SPKAC file (the SPKAC line has been truncated for clarity):</p>
+
+<pre><code> SPKAC=MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PDhCeV/xIxUg8V70YRxK2A5
+ CN=Steve Test
+ emailAddress=steve@openssl.org
+ 0.OU=OpenSSL Group
+ 1.OU=Another Group</code></pre>
+
+<p>A sample configuration file with the relevant sections for <b>ca</b>:</p>
+
+<pre><code> [ ca ]
+ default_ca      = CA_default            # The default ca section
+
+ [ CA_default ]
+
+ dir            = ./demoCA              # top dir
+ database       = $dir/index.txt        # index file.
+ new_certs_dir  = $dir/newcerts         # new certs dir
+
+ certificate    = $dir/cacert.pem       # The CA cert
+ serial         = $dir/serial           # serial no file
+ #rand_serial    = yes                  # for random serial#&#39;s
+ private_key    = $dir/private/cakey.pem# CA private key
+ RANDFILE       = $dir/private/.rand    # random number file
+
+ default_days   = 365                   # how long to certify for
+ default_crl_days= 30                   # how long before next CRL
+ default_md     = md5                   # md to use
+
+ policy         = policy_any            # default policy
+ email_in_dn    = no                    # Don&#39;t add the email into cert DN
+
+ name_opt       = ca_default            # Subject name display option
+ cert_opt       = ca_default            # Certificate display option
+ copy_extensions = none                 # Don&#39;t copy extensions from request
+
+ [ policy_any ]
+ countryName            = supplied
+ stateOrProvinceName    = optional
+ organizationName       = optional
+ organizationalUnitName = optional
+ commonName             = supplied
+ emailAddress           = optional</code></pre>
+
+<h1 id="FILES">FILES</h1>
+
+<p>Note: the location of all files can change either by compile time options, configuration file entries, environment variables or command line options. The values below reflect the default values.</p>
+
+<pre><code> /usr/local/ssl/lib/openssl.cnf - master configuration file
+ ./demoCA                       - main CA directory
+ ./demoCA/cacert.pem            - CA certificate
+ ./demoCA/private/cakey.pem     - CA private key
+ ./demoCA/serial                - CA serial number file
+ ./demoCA/serial.old            - CA serial number backup file
+ ./demoCA/index.txt             - CA text database file
+ ./demoCA/index.txt.old         - CA text database backup file
+ ./demoCA/certs                 - certificate output file
+ ./demoCA/.rnd                  - CA random seed information</code></pre>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>The text database index file is a critical part of the process and if corrupted it can be difficult to fix. It is theoretically possible to rebuild the index file from all the issued certificates and a current CRL: however there is no option to do this.</p>
+
+<p>V2 CRL features like delta CRLs are not currently supported.</p>
+
+<p>Although several requests can be input and handled at once it is only possible to include one SPKAC or self-signed certificate.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The use of an in-memory text database can cause problems when large numbers of certificates are present because, as the name implies the database has to be kept in memory.</p>
+
+<p>The <b>ca</b> command really needs rewriting or the required functionality exposed at either a command or interface level so a more friendly utility (perl script or GUI) can handle things properly. The script <b>CA.pl</b> helps a little but not very much.</p>
+
+<p>Any fields in a request that are not present in a policy are silently deleted. This does not happen if the <b>-preserveDN</b> option is used. To enforce the absence of the EMAIL field within the DN, as suggested by RFCs, regardless the contents of the request&#39; subject the <b>-noemailDN</b> option can be used. The behaviour should be more friendly and configurable.</p>
+
+<p>Canceling some commands by refusing to certify a certificate can create an empty file.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>The <b>ca</b> command is quirky and at times downright unfriendly.</p>
+
+<p>The <b>ca</b> utility was originally meant as an example of how to do things in a CA. It was not supposed to be used as a full blown CA itself: nevertheless some people are using it for this purpose.</p>
+
+<p>The <b>ca</b> command is effectively a single user command: no locking is done on the various files and attempts to run more than one <b>ca</b> command on the same database can have unpredictable results.</p>
+
+<p>The <b>copy_extensions</b> option should be used with caution. If care is not taken then it can be a security risk. For example if a certificate request contains a basicConstraints extension with CA:TRUE and the <b>copy_extensions</b> value is set to <b>copyall</b> and the user does not spot this when the certificate is displayed then this will hand the requester a valid CA certificate.</p>
+
+<p>This situation can be avoided by setting <b>copy_extensions</b> to <b>copy</b> and including basicConstraints with CA:FALSE in the configuration file. Then if the request contains a basicConstraints extension it will be ignored.</p>
+
+<p>It is advisable to also include values for other extensions such as <b>keyUsage</b> to prevent a request supplying its own values.</p>
+
+<p>Additional restrictions can be placed on the CA certificate itself. For example if the CA certificate has:</p>
+
+<pre><code> basicConstraints = CA:TRUE, pathlen:0</code></pre>
+
+<p>then even if a certificate is issued with CA:TRUE it will not be valid.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Since OpenSSL 1.1.1, the program follows RFC5280. Specifically, certificate validity period (specified by any of <b>-startdate</b>, <b>-enddate</b> and <b>-days</b>) will be encoded as UTCTime if the dates are earlier than year 2049 (included), and as GeneralizedTime if the dates are in year 2050 or later.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/req.html">req(1)</a>, <a href="../man1/spkac.html">spkac(1)</a>, <a href="../man1/x509.html">x509(1)</a>, <a href="../man1/CA.pl.html">CA.pl(1)</a>, <a href="../man5/config.html">config(5)</a>, <a href="../man5/x509v3_config.html">x509v3_config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-ciphers.html b/msys2/usr/share/doc/openssl/html/man1/openssl-ciphers.html
new file mode 100644
index 000000000..1ad915efb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-ciphers.html
@@ -0,0 +1,811 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CIPHER-LIST-FORMAT">CIPHER LIST FORMAT</a></li>
+  <li><a href="#CIPHER-STRINGS">CIPHER STRINGS</a></li>
+  <li><a href="#CIPHER-SUITE-NAMES">CIPHER SUITE NAMES</a>
+    <ul>
+      <li><a href="#SSL-v3.0-cipher-suites">SSL v3.0 cipher suites</a></li>
+      <li><a href="#TLS-v1.0-cipher-suites">TLS v1.0 cipher suites</a></li>
+      <li><a href="#AES-cipher-suites-from-RFC3268-extending-TLS-v1.0">AES cipher suites from RFC3268, extending TLS v1.0</a></li>
+      <li><a href="#Camellia-cipher-suites-from-RFC4132-extending-TLS-v1.0">Camellia cipher suites from RFC4132, extending TLS v1.0</a></li>
+      <li><a href="#SEED-cipher-suites-from-RFC4162-extending-TLS-v1.0">SEED cipher suites from RFC4162, extending TLS v1.0</a></li>
+      <li><a href="#GOST-cipher-suites-from-draft-chudov-cryptopro-cptls-extending-TLS-v1.0">GOST cipher suites from draft-chudov-cryptopro-cptls, extending TLS v1.0</a></li>
+      <li><a href="#Additional-Export-1024-and-other-cipher-suites">Additional Export 1024 and other cipher suites</a></li>
+      <li><a href="#Elliptic-curve-cipher-suites">Elliptic curve cipher suites.</a></li>
+      <li><a href="#TLS-v1.2-cipher-suites">TLS v1.2 cipher suites</a></li>
+      <li><a href="#ARIA-cipher-suites-from-RFC6209-extending-TLS-v1.2">ARIA cipher suites from RFC6209, extending TLS v1.2</a></li>
+      <li><a href="#Camellia-HMAC-Based-cipher-suites-from-RFC6367-extending-TLS-v1.2">Camellia HMAC-Based cipher suites from RFC6367, extending TLS v1.2</a></li>
+      <li><a href="#Pre-shared-keying-PSK-cipher-suites">Pre-shared keying (PSK) cipher suites</a></li>
+      <li><a href="#ChaCha20-Poly1305-cipher-suites-extending-TLS-v1.2">ChaCha20-Poly1305 cipher suites, extending TLS v1.2</a></li>
+      <li><a href="#TLS-v1.3-cipher-suites">TLS v1.3 cipher suites</a></li>
+      <li><a href="#Older-names-used-by-OpenSSL">Older names used by OpenSSL</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ciphers, ciphers - SSL cipher display and cipher list tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ciphers</b> [<b>-help</b>] [<b>-s</b>] [<b>-v</b>] [<b>-V</b>] [<b>-ssl3</b>] [<b>-tls1</b>] [<b>-tls1_1</b>] [<b>-tls1_2</b>] [<b>-tls1_3</b>] [<b>-s</b>] [<b>-psk</b>] [<b>-srp</b>] [<b>-stdname</b>] [<b>-convert name</b>] [<b>-ciphersuites val</b>] [<b>cipherlist</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>ciphers</b> command converts textual OpenSSL cipher lists into ordered SSL cipher preference lists. It can be used as a test tool to determine the appropriate cipherlist.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print a usage message.</p>
+
+</dd>
+<dt id="s"><b>-s</b></dt>
+<dd>
+
+<p>Only list supported ciphers: those consistent with the security level, and minimum and maximum protocol version. This is closer to the actual cipher list an application will support.</p>
+
+<p>PSK and SRP ciphers are not enabled by default: they require <b>-psk</b> or <b>-srp</b> to enable them.</p>
+
+<p>It also does not change the default list of supported signature algorithms.</p>
+
+<p>On a server the list of supported ciphers might also exclude other ciphers depending on the configured certificates and presence of DH parameters.</p>
+
+<p>If this option is not used then all ciphers that match the cipherlist will be listed.</p>
+
+</dd>
+<dt id="psk"><b>-psk</b></dt>
+<dd>
+
+<p>When combined with <b>-s</b> includes cipher suites which require PSK.</p>
+
+</dd>
+<dt id="srp"><b>-srp</b></dt>
+<dd>
+
+<p>When combined with <b>-s</b> includes cipher suites which require SRP.</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>Verbose output: For each cipher suite, list details as provided by <a href="../man3/SSL_CIPHER_description.html">SSL_CIPHER_description(3)</a>.</p>
+
+</dd>
+<dt id="V"><b>-V</b></dt>
+<dd>
+
+<p>Like <b>-v</b>, but include the official cipher suite values in hex.</p>
+
+</dd>
+<dt id="tls1_3--tls1_2--tls1_1--tls1--ssl3"><b>-tls1_3</b>, <b>-tls1_2</b>, <b>-tls1_1</b>, <b>-tls1</b>, <b>-ssl3</b></dt>
+<dd>
+
+<p>In combination with the <b>-s</b> option, list the ciphers which could be used if the specified protocol were negotiated. Note that not all protocols and flags may be available, depending on how OpenSSL was built.</p>
+
+</dd>
+<dt id="stdname"><b>-stdname</b></dt>
+<dd>
+
+<p>Precede each cipher suite by its standard name.</p>
+
+</dd>
+<dt id="convert-name"><b>-convert name</b></dt>
+<dd>
+
+<p>Convert a standard cipher <b>name</b> to its OpenSSL name.</p>
+
+</dd>
+<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
+<dd>
+
+<p>Sets the list of TLSv1.3 ciphersuites. This list will be combined with any TLSv1.2 and below ciphersuites that have been configured. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names. By default this value is:</p>
+
+<pre><code> TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256</code></pre>
+
+</dd>
+<dt id="cipherlist"><b>cipherlist</b></dt>
+<dd>
+
+<p>A cipher list of TLSv1.2 and below ciphersuites to convert to a cipher preference list. This list will be combined with any TLSv1.3 ciphersuites that have been configured. If it is not included then the default cipher list will be used. The format is described below.</p>
+
+</dd>
+</dl>
+
+<h1 id="CIPHER-LIST-FORMAT">CIPHER LIST FORMAT</h1>
+
+<p>The cipher list consists of one or more <i>cipher strings</i> separated by colons. Commas or spaces are also acceptable separators but colons are normally used.</p>
+
+<p>The actual cipher string can take several different forms.</p>
+
+<p>It can consist of a single cipher suite such as <b>RC4-SHA</b>.</p>
+
+<p>It can represent a list of cipher suites containing a certain algorithm, or cipher suites of a certain type. For example <b>SHA1</b> represents all ciphers suites using the digest algorithm SHA1 and <b>SSLv3</b> represents all SSL v3 algorithms.</p>
+
+<p>Lists of cipher suites can be combined in a single cipher string using the <b>+</b> character. This is used as a logical <b>and</b> operation. For example <b>SHA1+DES</b> represents all cipher suites containing the SHA1 <b>and</b> the DES algorithms.</p>
+
+<p>Each cipher string can be optionally preceded by the characters <b>!</b>, <b>-</b> or <b>+</b>.</p>
+
+<p>If <b>!</b> is used then the ciphers are permanently deleted from the list. The ciphers deleted can never reappear in the list even if they are explicitly stated.</p>
+
+<p>If <b>-</b> is used then the ciphers are deleted from the list, but some or all of the ciphers can be added again by later options.</p>
+
+<p>If <b>+</b> is used then the ciphers are moved to the end of the list. This option doesn&#39;t add any new ciphers it just moves matching existing ones.</p>
+
+<p>If none of these characters is present then the string is just interpreted as a list of ciphers to be appended to the current preference list. If the list includes any ciphers already present they will be ignored: that is they will not moved to the end of the list.</p>
+
+<p>The cipher string <b>@STRENGTH</b> can be used at any point to sort the current cipher list in order of encryption algorithm key length.</p>
+
+<p>The cipher string <b>@SECLEVEL=n</b> can be used at any point to set the security level to <b>n</b>, which should be a number between zero and five, inclusive. See <a href="/../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level</a> for a description of what each level means.</p>
+
+<p>The cipher list can be prefixed with the <b>DEFAULT</b> keyword, which enables the default cipher list as defined below. Unlike cipher strings, this prefix may not be combined with other strings using <b>+</b> character. For example, <b>DEFAULT+DES</b> is not valid.</p>
+
+<p>The content of the default list is determined at compile time and normally corresponds to <b>ALL:!COMPLEMENTOFDEFAULT:!eNULL</b>.</p>
+
+<h1 id="CIPHER-STRINGS">CIPHER STRINGS</h1>
+
+<p>The following is a list of all permitted cipher strings and their meanings.</p>
+
+<dl>
+
+<dt id="COMPLEMENTOFDEFAULT"><b>COMPLEMENTOFDEFAULT</b></dt>
+<dd>
+
+<p>The ciphers included in <b>ALL</b>, but not enabled by default. Currently this includes all RC4 and anonymous ciphers. Note that this rule does not cover <b>eNULL</b>, which is not included by <b>ALL</b> (use <b>COMPLEMENTOFALL</b> if necessary). Note that RC4 based cipher suites are not built into OpenSSL by default (see the enable-weak-ssl-ciphers option to Configure).</p>
+
+</dd>
+<dt id="ALL"><b>ALL</b></dt>
+<dd>
+
+<p>All cipher suites except the <b>eNULL</b> ciphers (which must be explicitly enabled if needed). As of OpenSSL 1.0.0, the <b>ALL</b> cipher suites are sensibly ordered by default.</p>
+
+</dd>
+<dt id="COMPLEMENTOFALL"><b>COMPLEMENTOFALL</b></dt>
+<dd>
+
+<p>The cipher suites not enabled by <b>ALL</b>, currently <b>eNULL</b>.</p>
+
+</dd>
+<dt id="HIGH"><b>HIGH</b></dt>
+<dd>
+
+<p>&quot;High&quot; encryption cipher suites. This currently means those with key lengths larger than 128 bits, and some cipher suites with 128-bit keys.</p>
+
+</dd>
+<dt id="MEDIUM"><b>MEDIUM</b></dt>
+<dd>
+
+<p>&quot;Medium&quot; encryption cipher suites, currently some of those using 128 bit encryption.</p>
+
+</dd>
+<dt id="LOW"><b>LOW</b></dt>
+<dd>
+
+<p>&quot;Low&quot; encryption cipher suites, currently those using 64 or 56 bit encryption algorithms but excluding export cipher suites. All these cipher suites have been removed as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="eNULL-NULL"><b>eNULL</b>, <b>NULL</b></dt>
+<dd>
+
+<p>The &quot;NULL&quot; ciphers that is those offering no encryption. Because these offer no encryption at all and are a security risk they are not enabled via either the <b>DEFAULT</b> or <b>ALL</b> cipher strings. Be careful when building cipherlists out of lower-level primitives such as <b>kRSA</b> or <b>aECDSA</b> as these do overlap with the <b>eNULL</b> ciphers. When in doubt, include <b>!eNULL</b> in your cipherlist.</p>
+
+</dd>
+<dt id="aNULL"><b>aNULL</b></dt>
+<dd>
+
+<p>The cipher suites offering no authentication. This is currently the anonymous DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable to &quot;man in the middle&quot; attacks and so their use is discouraged. These are excluded from the <b>DEFAULT</b> ciphers, but included in the <b>ALL</b> ciphers. Be careful when building cipherlists out of lower-level primitives such as <b>kDHE</b> or <b>AES</b> as these do overlap with the <b>aNULL</b> ciphers. When in doubt, include <b>!aNULL</b> in your cipherlist.</p>
+
+</dd>
+<dt id="kRSA-aRSA-RSA"><b>kRSA</b>, <b>aRSA</b>, <b>RSA</b></dt>
+<dd>
+
+<p>Cipher suites using RSA key exchange or authentication. <b>RSA</b> is an alias for <b>kRSA</b>.</p>
+
+</dd>
+<dt id="kDHr-kDHd-kDH"><b>kDHr</b>, <b>kDHd</b>, <b>kDH</b></dt>
+<dd>
+
+<p>Cipher suites using static DH key agreement and DH certificates signed by CAs with RSA and DSS keys or either respectively. All these cipher suites have been removed in OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="kDHE-kEDH-DH"><b>kDHE</b>, <b>kEDH</b>, <b>DH</b></dt>
+<dd>
+
+<p>Cipher suites using ephemeral DH key agreement, including anonymous cipher suites.</p>
+
+</dd>
+<dt id="DHE-EDH"><b>DHE</b>, <b>EDH</b></dt>
+<dd>
+
+<p>Cipher suites using authenticated ephemeral DH key agreement.</p>
+
+</dd>
+<dt id="ADH"><b>ADH</b></dt>
+<dd>
+
+<p>Anonymous DH cipher suites, note that this does not include anonymous Elliptic Curve DH (ECDH) cipher suites.</p>
+
+</dd>
+<dt id="kEECDH-kECDHE-ECDH"><b>kEECDH</b>, <b>kECDHE</b>, <b>ECDH</b></dt>
+<dd>
+
+<p>Cipher suites using ephemeral ECDH key agreement, including anonymous cipher suites.</p>
+
+</dd>
+<dt id="ECDHE-EECDH"><b>ECDHE</b>, <b>EECDH</b></dt>
+<dd>
+
+<p>Cipher suites using authenticated ephemeral ECDH key agreement.</p>
+
+</dd>
+<dt id="AECDH"><b>AECDH</b></dt>
+<dd>
+
+<p>Anonymous Elliptic Curve Diffie-Hellman cipher suites.</p>
+
+</dd>
+<dt id="aDSS-DSS"><b>aDSS</b>, <b>DSS</b></dt>
+<dd>
+
+<p>Cipher suites using DSS authentication, i.e. the certificates carry DSS keys.</p>
+
+</dd>
+<dt id="aDH"><b>aDH</b></dt>
+<dd>
+
+<p>Cipher suites effectively using DH authentication, i.e. the certificates carry DH keys. All these cipher suites have been removed in OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="aECDSA-ECDSA"><b>aECDSA</b>, <b>ECDSA</b></dt>
+<dd>
+
+<p>Cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA keys.</p>
+
+</dd>
+<dt id="TLSv1.2-TLSv1.0-SSLv3"><b>TLSv1.2</b>, <b>TLSv1.0</b>, <b>SSLv3</b></dt>
+<dd>
+
+<p>Lists cipher suites which are only supported in at least TLS v1.2, TLS v1.0 or SSL v3.0 respectively. Note: there are no cipher suites specific to TLS v1.1. Since this is only the minimum version, if, for example, TLSv1.0 is negotiated then both TLSv1.0 and SSLv3.0 cipher suites are available.</p>
+
+<p>Note: these cipher strings <b>do not</b> change the negotiated version of SSL or TLS, they only affect the list of available cipher suites.</p>
+
+</dd>
+<dt id="AES128-AES256-AES"><b>AES128</b>, <b>AES256</b>, <b>AES</b></dt>
+<dd>
+
+<p>cipher suites using 128 bit AES, 256 bit AES or either 128 or 256 bit AES.</p>
+
+</dd>
+<dt id="AESGCM"><b>AESGCM</b></dt>
+<dd>
+
+<p>AES in Galois Counter Mode (GCM): these cipher suites are only supported in TLS v1.2.</p>
+
+</dd>
+<dt id="AESCCM-AESCCM8"><b>AESCCM</b>, <b>AESCCM8</b></dt>
+<dd>
+
+<p>AES in Cipher Block Chaining - Message Authentication Mode (CCM): these cipher suites are only supported in TLS v1.2. <b>AESCCM</b> references CCM cipher suites using both 16 and 8 octet Integrity Check Value (ICV) while <b>AESCCM8</b> only references 8 octet ICV.</p>
+
+</dd>
+<dt id="ARIA128-ARIA256-ARIA"><b>ARIA128</b>, <b>ARIA256</b>, <b>ARIA</b></dt>
+<dd>
+
+<p>Cipher suites using 128 bit ARIA, 256 bit ARIA or either 128 or 256 bit ARIA.</p>
+
+</dd>
+<dt id="CAMELLIA128-CAMELLIA256-CAMELLIA"><b>CAMELLIA128</b>, <b>CAMELLIA256</b>, <b>CAMELLIA</b></dt>
+<dd>
+
+<p>Cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit CAMELLIA.</p>
+
+</dd>
+<dt id="CHACHA20"><b>CHACHA20</b></dt>
+<dd>
+
+<p>Cipher suites using ChaCha20.</p>
+
+</dd>
+<dt id="DES"><b>3DES</b></dt>
+<dd>
+
+<p>Cipher suites using triple DES.</p>
+
+</dd>
+<dt id="DES1"><b>DES</b></dt>
+<dd>
+
+<p>Cipher suites using DES (not triple DES). All these cipher suites have been removed in OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="RC4"><b>RC4</b></dt>
+<dd>
+
+<p>Cipher suites using RC4.</p>
+
+</dd>
+<dt id="RC2"><b>RC2</b></dt>
+<dd>
+
+<p>Cipher suites using RC2.</p>
+
+</dd>
+<dt id="IDEA"><b>IDEA</b></dt>
+<dd>
+
+<p>Cipher suites using IDEA.</p>
+
+</dd>
+<dt id="SEED"><b>SEED</b></dt>
+<dd>
+
+<p>Cipher suites using SEED.</p>
+
+</dd>
+<dt id="MD5"><b>MD5</b></dt>
+<dd>
+
+<p>Cipher suites using MD5.</p>
+
+</dd>
+<dt id="SHA1-SHA"><b>SHA1</b>, <b>SHA</b></dt>
+<dd>
+
+<p>Cipher suites using SHA1.</p>
+
+</dd>
+<dt id="SHA256-SHA384"><b>SHA256</b>, <b>SHA384</b></dt>
+<dd>
+
+<p>Cipher suites using SHA256 or SHA384.</p>
+
+</dd>
+<dt id="aGOST"><b>aGOST</b></dt>
+<dd>
+
+<p>Cipher suites using GOST R 34.10 (either 2001 or 94) for authentication (needs an engine supporting GOST algorithms).</p>
+
+</dd>
+<dt id="aGOST01"><b>aGOST01</b></dt>
+<dd>
+
+<p>Cipher suites using GOST R 34.10-2001 authentication.</p>
+
+</dd>
+<dt id="kGOST"><b>kGOST</b></dt>
+<dd>
+
+<p>Cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.</p>
+
+</dd>
+<dt id="GOST94"><b>GOST94</b></dt>
+<dd>
+
+<p>Cipher suites, using HMAC based on GOST R 34.11-94.</p>
+
+</dd>
+<dt id="GOST89MAC"><b>GOST89MAC</b></dt>
+<dd>
+
+<p>Cipher suites using GOST 28147-89 MAC <b>instead of</b> HMAC.</p>
+
+</dd>
+<dt id="PSK"><b>PSK</b></dt>
+<dd>
+
+<p>All cipher suites using pre-shared keys (PSK).</p>
+
+</dd>
+<dt id="kPSK-kECDHEPSK-kDHEPSK-kRSAPSK"><b>kPSK</b>, <b>kECDHEPSK</b>, <b>kDHEPSK</b>, <b>kRSAPSK</b></dt>
+<dd>
+
+<p>Cipher suites using PSK key exchange, ECDHE_PSK, DHE_PSK or RSA_PSK.</p>
+
+</dd>
+<dt id="aPSK"><b>aPSK</b></dt>
+<dd>
+
+<p>Cipher suites using PSK authentication (currently all PSK modes apart from RSA_PSK).</p>
+
+</dd>
+<dt id="SUITEB128-SUITEB128ONLY-SUITEB192"><b>SUITEB128</b>, <b>SUITEB128ONLY</b>, <b>SUITEB192</b></dt>
+<dd>
+
+<p>Enables suite B mode of operation using 128 (permitting 192 bit mode by peer) 128 bit (not permitting 192 bit by peer) or 192 bit level of security respectively. If used these cipherstrings should appear first in the cipher list and anything after them is ignored. Setting Suite B mode has additional consequences required to comply with RFC6460. In particular the supported signature algorithms is reduced to support only ECDSA and SHA256 or SHA384, only the elliptic curves P-256 and P-384 can be used and only the two suite B compliant cipher suites (ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-ECDSA-AES256-GCM-SHA384) are permissible.</p>
+
+</dd>
+</dl>
+
+<h1 id="CIPHER-SUITE-NAMES">CIPHER SUITE NAMES</h1>
+
+<p>The following lists give the SSL or TLS cipher suites names from the relevant specification and their OpenSSL equivalents. It should be noted, that several cipher suite names do not include the authentication used, e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.</p>
+
+<h2 id="SSL-v3.0-cipher-suites">SSL v3.0 cipher suites</h2>
+
+<pre><code> SSL_RSA_WITH_NULL_MD5                   NULL-MD5
+ SSL_RSA_WITH_NULL_SHA                   NULL-SHA
+ SSL_RSA_WITH_RC4_128_MD5                RC4-MD5
+ SSL_RSA_WITH_RC4_128_SHA                RC4-SHA
+ SSL_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
+ SSL_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
+
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA        DH-DSS-DES-CBC3-SHA
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA        DH-RSA-DES-CBC3-SHA
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA       DHE-DSS-DES-CBC3-SHA
+ SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA       DHE-RSA-DES-CBC3-SHA
+
+ SSL_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
+ SSL_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
+
+ SSL_FORTEZZA_KEA_WITH_NULL_SHA          Not implemented.
+ SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA  Not implemented.
+ SSL_FORTEZZA_KEA_WITH_RC4_128_SHA       Not implemented.</code></pre>
+
+<h2 id="TLS-v1.0-cipher-suites">TLS v1.0 cipher suites</h2>
+
+<pre><code> TLS_RSA_WITH_NULL_MD5                   NULL-MD5
+ TLS_RSA_WITH_NULL_SHA                   NULL-SHA
+ TLS_RSA_WITH_RC4_128_MD5                RC4-MD5
+ TLS_RSA_WITH_RC4_128_SHA                RC4-SHA
+ TLS_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
+
+ TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
+ TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
+ TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA       DHE-DSS-DES-CBC3-SHA
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       DHE-RSA-DES-CBC3-SHA
+
+ TLS_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
+ TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA</code></pre>
+
+<h2 id="AES-cipher-suites-from-RFC3268-extending-TLS-v1.0">AES cipher suites from RFC3268, extending TLS v1.0</h2>
+
+<pre><code> TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
+ TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA         DH-DSS-AES128-SHA
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA         DH-DSS-AES256-SHA
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA         DH-RSA-AES128-SHA
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA         DH-RSA-AES256-SHA
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA        DHE-RSA-AES128-SHA
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA        DHE-RSA-AES256-SHA
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA        ADH-AES128-SHA
+ TLS_DH_anon_WITH_AES_256_CBC_SHA        ADH-AES256-SHA</code></pre>
+
+<h2 id="Camellia-cipher-suites-from-RFC4132-extending-TLS-v1.0">Camellia cipher suites from RFC4132, extending TLS v1.0</h2>
+
+<pre><code> TLS_RSA_WITH_CAMELLIA_128_CBC_SHA      CAMELLIA128-SHA
+ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA      CAMELLIA256-SHA
+
+ TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA   DH-DSS-CAMELLIA128-SHA
+ TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA   DH-DSS-CAMELLIA256-SHA
+ TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA   DH-RSA-CAMELLIA128-SHA
+ TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA   DH-RSA-CAMELLIA256-SHA
+
+ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA  DHE-DSS-CAMELLIA128-SHA
+ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA  DHE-DSS-CAMELLIA256-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA  DHE-RSA-CAMELLIA128-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA  DHE-RSA-CAMELLIA256-SHA
+
+ TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA  ADH-CAMELLIA128-SHA
+ TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA  ADH-CAMELLIA256-SHA</code></pre>
+
+<h2 id="SEED-cipher-suites-from-RFC4162-extending-TLS-v1.0">SEED cipher suites from RFC4162, extending TLS v1.0</h2>
+
+<pre><code> TLS_RSA_WITH_SEED_CBC_SHA              SEED-SHA
+
+ TLS_DH_DSS_WITH_SEED_CBC_SHA           DH-DSS-SEED-SHA
+ TLS_DH_RSA_WITH_SEED_CBC_SHA           DH-RSA-SEED-SHA
+
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA          DHE-DSS-SEED-SHA
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA          DHE-RSA-SEED-SHA
+
+ TLS_DH_anon_WITH_SEED_CBC_SHA          ADH-SEED-SHA</code></pre>
+
+<h2 id="GOST-cipher-suites-from-draft-chudov-cryptopro-cptls-extending-TLS-v1.0">GOST cipher suites from draft-chudov-cryptopro-cptls, extending TLS v1.0</h2>
+
+<p>Note: these ciphers require an engine which including GOST cryptographic algorithms, such as the <b>ccgost</b> engine, included in the OpenSSL distribution.</p>
+
+<pre><code> TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
+ TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
+ TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
+ TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94</code></pre>
+
+<h2 id="Additional-Export-1024-and-other-cipher-suites">Additional Export 1024 and other cipher suites</h2>
+
+<p>Note: these ciphers can also be used in SSL v3.</p>
+
+<pre><code> TLS_DHE_DSS_WITH_RC4_128_SHA            DHE-DSS-RC4-SHA</code></pre>
+
+<h2 id="Elliptic-curve-cipher-suites">Elliptic curve cipher suites.</h2>
+
+<pre><code> TLS_ECDHE_RSA_WITH_NULL_SHA             ECDHE-RSA-NULL-SHA
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA          ECDHE-RSA-RC4-SHA
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA     ECDHE-RSA-DES-CBC3-SHA
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA      ECDHE-RSA-AES128-SHA
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA      ECDHE-RSA-AES256-SHA
+
+ TLS_ECDHE_ECDSA_WITH_NULL_SHA           ECDHE-ECDSA-NULL-SHA
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA        ECDHE-ECDSA-RC4-SHA
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA   ECDHE-ECDSA-DES-CBC3-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA    ECDHE-ECDSA-AES128-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA    ECDHE-ECDSA-AES256-SHA
+
+ TLS_ECDH_anon_WITH_NULL_SHA             AECDH-NULL-SHA
+ TLS_ECDH_anon_WITH_RC4_128_SHA          AECDH-RC4-SHA
+ TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA     AECDH-DES-CBC3-SHA
+ TLS_ECDH_anon_WITH_AES_128_CBC_SHA      AECDH-AES128-SHA
+ TLS_ECDH_anon_WITH_AES_256_CBC_SHA      AECDH-AES256-SHA</code></pre>
+
+<h2 id="TLS-v1.2-cipher-suites">TLS v1.2 cipher suites</h2>
+
+<pre><code> TLS_RSA_WITH_NULL_SHA256                  NULL-SHA256
+
+ TLS_RSA_WITH_AES_128_CBC_SHA256           AES128-SHA256
+ TLS_RSA_WITH_AES_256_CBC_SHA256           AES256-SHA256
+ TLS_RSA_WITH_AES_128_GCM_SHA256           AES128-GCM-SHA256
+ TLS_RSA_WITH_AES_256_GCM_SHA384           AES256-GCM-SHA384
+
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA256        DH-RSA-AES128-SHA256
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA256        DH-RSA-AES256-SHA256
+ TLS_DH_RSA_WITH_AES_128_GCM_SHA256        DH-RSA-AES128-GCM-SHA256
+ TLS_DH_RSA_WITH_AES_256_GCM_SHA384        DH-RSA-AES256-GCM-SHA384
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA256        DH-DSS-AES128-SHA256
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA256        DH-DSS-AES256-SHA256
+ TLS_DH_DSS_WITH_AES_128_GCM_SHA256        DH-DSS-AES128-GCM-SHA256
+ TLS_DH_DSS_WITH_AES_256_GCM_SHA384        DH-DSS-AES256-GCM-SHA384
+
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256       DHE-RSA-AES128-SHA256
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256       DHE-RSA-AES256-SHA256
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256       DHE-RSA-AES128-GCM-SHA256
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384       DHE-RSA-AES256-GCM-SHA384
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256       DHE-DSS-AES128-SHA256
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256       DHE-DSS-AES256-SHA256
+ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256       DHE-DSS-AES128-GCM-SHA256
+ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384       DHE-DSS-AES256-GCM-SHA384
+
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256     ECDHE-RSA-AES128-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384     ECDHE-RSA-AES256-SHA384
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256     ECDHE-RSA-AES128-GCM-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384     ECDHE-RSA-AES256-GCM-SHA384
+
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   ECDHE-ECDSA-AES128-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384   ECDHE-ECDSA-AES256-SHA384
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256   ECDHE-ECDSA-AES128-GCM-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384   ECDHE-ECDSA-AES256-GCM-SHA384
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA256       ADH-AES128-SHA256
+ TLS_DH_anon_WITH_AES_256_CBC_SHA256       ADH-AES256-SHA256
+ TLS_DH_anon_WITH_AES_128_GCM_SHA256       ADH-AES128-GCM-SHA256
+ TLS_DH_anon_WITH_AES_256_GCM_SHA384       ADH-AES256-GCM-SHA384
+
+ RSA_WITH_AES_128_CCM                      AES128-CCM
+ RSA_WITH_AES_256_CCM                      AES256-CCM
+ DHE_RSA_WITH_AES_128_CCM                  DHE-RSA-AES128-CCM
+ DHE_RSA_WITH_AES_256_CCM                  DHE-RSA-AES256-CCM
+ RSA_WITH_AES_128_CCM_8                    AES128-CCM8
+ RSA_WITH_AES_256_CCM_8                    AES256-CCM8
+ DHE_RSA_WITH_AES_128_CCM_8                DHE-RSA-AES128-CCM8
+ DHE_RSA_WITH_AES_256_CCM_8                DHE-RSA-AES256-CCM8
+ ECDHE_ECDSA_WITH_AES_128_CCM              ECDHE-ECDSA-AES128-CCM
+ ECDHE_ECDSA_WITH_AES_256_CCM              ECDHE-ECDSA-AES256-CCM
+ ECDHE_ECDSA_WITH_AES_128_CCM_8            ECDHE-ECDSA-AES128-CCM8
+ ECDHE_ECDSA_WITH_AES_256_CCM_8            ECDHE-ECDSA-AES256-CCM8</code></pre>
+
+<h2 id="ARIA-cipher-suites-from-RFC6209-extending-TLS-v1.2">ARIA cipher suites from RFC6209, extending TLS v1.2</h2>
+
+<p>Note: the CBC modes mentioned in this RFC are not supported.</p>
+
+<pre><code> TLS_RSA_WITH_ARIA_128_GCM_SHA256          ARIA128-GCM-SHA256
+ TLS_RSA_WITH_ARIA_256_GCM_SHA384          ARIA256-GCM-SHA384
+ TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256      DHE-RSA-ARIA128-GCM-SHA256
+ TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384      DHE-RSA-ARIA256-GCM-SHA384
+ TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256      DHE-DSS-ARIA128-GCM-SHA256
+ TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384      DHE-DSS-ARIA256-GCM-SHA384
+ TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256  ECDHE-ECDSA-ARIA128-GCM-SHA256
+ TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384  ECDHE-ECDSA-ARIA256-GCM-SHA384
+ TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256    ECDHE-ARIA128-GCM-SHA256
+ TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384    ECDHE-ARIA256-GCM-SHA384
+ TLS_PSK_WITH_ARIA_128_GCM_SHA256          PSK-ARIA128-GCM-SHA256
+ TLS_PSK_WITH_ARIA_256_GCM_SHA384          PSK-ARIA256-GCM-SHA384
+ TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256      DHE-PSK-ARIA128-GCM-SHA256
+ TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384      DHE-PSK-ARIA256-GCM-SHA384
+ TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256      RSA-PSK-ARIA128-GCM-SHA256
+ TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384      RSA-PSK-ARIA256-GCM-SHA384</code></pre>
+
+<h2 id="Camellia-HMAC-Based-cipher-suites-from-RFC6367-extending-TLS-v1.2">Camellia HMAC-Based cipher suites from RFC6367, extending TLS v1.2</h2>
+
+<pre><code> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-ECDSA-CAMELLIA128-SHA256
+ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-ECDSA-CAMELLIA256-SHA384
+ TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   ECDHE-RSA-CAMELLIA128-SHA256
+ TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   ECDHE-RSA-CAMELLIA256-SHA384</code></pre>
+
+<h2 id="Pre-shared-keying-PSK-cipher-suites">Pre-shared keying (PSK) cipher suites</h2>
+
+<pre><code> PSK_WITH_NULL_SHA                         PSK-NULL-SHA
+ DHE_PSK_WITH_NULL_SHA                     DHE-PSK-NULL-SHA
+ RSA_PSK_WITH_NULL_SHA                     RSA-PSK-NULL-SHA
+
+ PSK_WITH_RC4_128_SHA                      PSK-RC4-SHA
+ PSK_WITH_3DES_EDE_CBC_SHA                 PSK-3DES-EDE-CBC-SHA
+ PSK_WITH_AES_128_CBC_SHA                  PSK-AES128-CBC-SHA
+ PSK_WITH_AES_256_CBC_SHA                  PSK-AES256-CBC-SHA
+
+ DHE_PSK_WITH_RC4_128_SHA                  DHE-PSK-RC4-SHA
+ DHE_PSK_WITH_3DES_EDE_CBC_SHA             DHE-PSK-3DES-EDE-CBC-SHA
+ DHE_PSK_WITH_AES_128_CBC_SHA              DHE-PSK-AES128-CBC-SHA
+ DHE_PSK_WITH_AES_256_CBC_SHA              DHE-PSK-AES256-CBC-SHA
+
+ RSA_PSK_WITH_RC4_128_SHA                  RSA-PSK-RC4-SHA
+ RSA_PSK_WITH_3DES_EDE_CBC_SHA             RSA-PSK-3DES-EDE-CBC-SHA
+ RSA_PSK_WITH_AES_128_CBC_SHA              RSA-PSK-AES128-CBC-SHA
+ RSA_PSK_WITH_AES_256_CBC_SHA              RSA-PSK-AES256-CBC-SHA
+
+ PSK_WITH_AES_128_GCM_SHA256               PSK-AES128-GCM-SHA256
+ PSK_WITH_AES_256_GCM_SHA384               PSK-AES256-GCM-SHA384
+ DHE_PSK_WITH_AES_128_GCM_SHA256           DHE-PSK-AES128-GCM-SHA256
+ DHE_PSK_WITH_AES_256_GCM_SHA384           DHE-PSK-AES256-GCM-SHA384
+ RSA_PSK_WITH_AES_128_GCM_SHA256           RSA-PSK-AES128-GCM-SHA256
+ RSA_PSK_WITH_AES_256_GCM_SHA384           RSA-PSK-AES256-GCM-SHA384
+
+ PSK_WITH_AES_128_CBC_SHA256               PSK-AES128-CBC-SHA256
+ PSK_WITH_AES_256_CBC_SHA384               PSK-AES256-CBC-SHA384
+ PSK_WITH_NULL_SHA256                      PSK-NULL-SHA256
+ PSK_WITH_NULL_SHA384                      PSK-NULL-SHA384
+ DHE_PSK_WITH_AES_128_CBC_SHA256           DHE-PSK-AES128-CBC-SHA256
+ DHE_PSK_WITH_AES_256_CBC_SHA384           DHE-PSK-AES256-CBC-SHA384
+ DHE_PSK_WITH_NULL_SHA256                  DHE-PSK-NULL-SHA256
+ DHE_PSK_WITH_NULL_SHA384                  DHE-PSK-NULL-SHA384
+ RSA_PSK_WITH_AES_128_CBC_SHA256           RSA-PSK-AES128-CBC-SHA256
+ RSA_PSK_WITH_AES_256_CBC_SHA384           RSA-PSK-AES256-CBC-SHA384
+ RSA_PSK_WITH_NULL_SHA256                  RSA-PSK-NULL-SHA256
+ RSA_PSK_WITH_NULL_SHA384                  RSA-PSK-NULL-SHA384
+ PSK_WITH_AES_128_GCM_SHA256               PSK-AES128-GCM-SHA256
+ PSK_WITH_AES_256_GCM_SHA384               PSK-AES256-GCM-SHA384
+
+ ECDHE_PSK_WITH_RC4_128_SHA                ECDHE-PSK-RC4-SHA
+ ECDHE_PSK_WITH_3DES_EDE_CBC_SHA           ECDHE-PSK-3DES-EDE-CBC-SHA
+ ECDHE_PSK_WITH_AES_128_CBC_SHA            ECDHE-PSK-AES128-CBC-SHA
+ ECDHE_PSK_WITH_AES_256_CBC_SHA            ECDHE-PSK-AES256-CBC-SHA
+ ECDHE_PSK_WITH_AES_128_CBC_SHA256         ECDHE-PSK-AES128-CBC-SHA256
+ ECDHE_PSK_WITH_AES_256_CBC_SHA384         ECDHE-PSK-AES256-CBC-SHA384
+ ECDHE_PSK_WITH_NULL_SHA                   ECDHE-PSK-NULL-SHA
+ ECDHE_PSK_WITH_NULL_SHA256                ECDHE-PSK-NULL-SHA256
+ ECDHE_PSK_WITH_NULL_SHA384                ECDHE-PSK-NULL-SHA384
+
+ PSK_WITH_CAMELLIA_128_CBC_SHA256          PSK-CAMELLIA128-SHA256
+ PSK_WITH_CAMELLIA_256_CBC_SHA384          PSK-CAMELLIA256-SHA384
+
+ DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256      DHE-PSK-CAMELLIA128-SHA256
+ DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384      DHE-PSK-CAMELLIA256-SHA384
+
+ RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256      RSA-PSK-CAMELLIA128-SHA256
+ RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384      RSA-PSK-CAMELLIA256-SHA384
+
+ ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256    ECDHE-PSK-CAMELLIA128-SHA256
+ ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384    ECDHE-PSK-CAMELLIA256-SHA384
+
+ PSK_WITH_AES_128_CCM                      PSK-AES128-CCM
+ PSK_WITH_AES_256_CCM                      PSK-AES256-CCM
+ DHE_PSK_WITH_AES_128_CCM                  DHE-PSK-AES128-CCM
+ DHE_PSK_WITH_AES_256_CCM                  DHE-PSK-AES256-CCM
+ PSK_WITH_AES_128_CCM_8                    PSK-AES128-CCM8
+ PSK_WITH_AES_256_CCM_8                    PSK-AES256-CCM8
+ DHE_PSK_WITH_AES_128_CCM_8                DHE-PSK-AES128-CCM8
+ DHE_PSK_WITH_AES_256_CCM_8                DHE-PSK-AES256-CCM8</code></pre>
+
+<h2 id="ChaCha20-Poly1305-cipher-suites-extending-TLS-v1.2">ChaCha20-Poly1305 cipher suites, extending TLS v1.2</h2>
+
+<pre><code> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256      ECDHE-RSA-CHACHA20-POLY1305
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256    ECDHE-ECDSA-CHACHA20-POLY1305
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256        DHE-RSA-CHACHA20-POLY1305
+ TLS_PSK_WITH_CHACHA20_POLY1305_SHA256            PSK-CHACHA20-POLY1305
+ TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256      ECDHE-PSK-CHACHA20-POLY1305
+ TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256        DHE-PSK-CHACHA20-POLY1305
+ TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256        RSA-PSK-CHACHA20-POLY1305</code></pre>
+
+<h2 id="TLS-v1.3-cipher-suites">TLS v1.3 cipher suites</h2>
+
+<pre><code> TLS_AES_128_GCM_SHA256                     TLS_AES_128_GCM_SHA256
+ TLS_AES_256_GCM_SHA384                     TLS_AES_256_GCM_SHA384
+ TLS_CHACHA20_POLY1305_SHA256               TLS_CHACHA20_POLY1305_SHA256
+ TLS_AES_128_CCM_SHA256                     TLS_AES_128_CCM_SHA256
+ TLS_AES_128_CCM_8_SHA256                   TLS_AES_128_CCM_8_SHA256</code></pre>
+
+<h2 id="Older-names-used-by-OpenSSL">Older names used by OpenSSL</h2>
+
+<p>The following names are accepted by older releases:</p>
+
+<pre><code> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA    EDH-RSA-DES-CBC3-SHA (DHE-RSA-DES-CBC3-SHA)
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA    EDH-DSS-DES-CBC3-SHA (DHE-DSS-DES-CBC3-SHA)</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some compiled versions of OpenSSL may not include all the ciphers listed here because some ciphers were excluded at compile time.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Verbose listing of all OpenSSL ciphers including NULL ciphers:</p>
+
+<pre><code> openssl ciphers -v &#39;ALL:eNULL&#39;</code></pre>
+
+<p>Include all ciphers except NULL and anonymous DH then sort by strength:</p>
+
+<pre><code> openssl ciphers -v &#39;ALL:!ADH:@STRENGTH&#39;</code></pre>
+
+<p>Include all ciphers except ones with no encryption (eNULL) or no authentication (aNULL):</p>
+
+<pre><code> openssl ciphers -v &#39;ALL:!aNULL&#39;</code></pre>
+
+<p>Include only 3DES ciphers and then place RSA ciphers last:</p>
+
+<pre><code> openssl ciphers -v &#39;3DES:+RSA&#39;</code></pre>
+
+<p>Include all RC4 ciphers but leave out those without authentication:</p>
+
+<pre><code> openssl ciphers -v &#39;RC4:!COMPLEMENTOFDEFAULT&#39;</code></pre>
+
+<p>Include all ciphers with RSA authentication but leave out ciphers without encryption.</p>
+
+<pre><code> openssl ciphers -v &#39;RSA:!COMPLEMENTOFALL&#39;</code></pre>
+
+<p>Set security level to 2 and display all ciphers consistent with level 2:</p>
+
+<pre><code> openssl ciphers -s -v &#39;ALL:@SECLEVEL=2&#39;</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/s_client.html">s_client(1)</a>, <a href="../man1/s_server.html">s_server(1)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>-V</b> option for the <b>ciphers</b> command was added in OpenSSL 1.0.0.</p>
+
+<p>The <b>-stdname</b> is only available if OpenSSL is built with tracing enabled (<b>enable-ssl-trace</b> argument to Configure) before OpenSSL 1.1.1.</p>
+
+<p>The <b>-convert</b> option was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-cms.html b/msys2/usr/share/doc/openssl/html/man1/openssl-cms.html
new file mode 100644
index 000000000..c5a1de59a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-cms.html
@@ -0,0 +1,636 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>cms</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXIT-CODES">EXIT CODES</a></li>
+  <li><a href="#COMPATIBILITY-WITH-PKCS-7-format">COMPATIBILITY WITH PKCS#7 format.</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-cms, cms - CMS utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>cms</b> [<b>-help</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-sign</b>] [<b>-verify</b>] [<b>-cmsout</b>] [<b>-resign</b>] [<b>-data_create</b>] [<b>-data_out</b>] [<b>-digest_create</b>] [<b>-digest_verify</b>] [<b>-compress</b>] [<b>-uncompress</b>] [<b>-EncryptedData_encrypt</b>] [<b>-sign_receipt</b>] [<b>-verify_receipt receipt</b>] [<b>-in filename</b>] [<b>-inform SMIME|PEM|DER</b>] [<b>-rctform SMIME|PEM|DER</b>] [<b>-out filename</b>] [<b>-outform SMIME|PEM|DER</b>] [<b>-stream -indef -noindef</b>] [<b>-noindef</b>] [<b>-content filename</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-print</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-md digest</b>] [<b>-<i>cipher</i></b>] [<b>-nointern</b>] [<b>-noverify</b>] [<b>-nocerts</b>] [<b>-noattr</b>] [<b>-nosmimecap</b>] [<b>-binary</b>] [<b>-crlfeol</b>] [<b>-asciicrlf</b>] [<b>-nodetach</b>] [<b>-certfile file</b>] [<b>-certsout file</b>] [<b>-signer file</b>] [<b>-recip file</b>] [<b>-keyid</b>] [<b>-receipt_request_all</b>] [<b>-receipt_request_first</b>] [<b>-receipt_request_from emailaddress</b>] [<b>-receipt_request_to emailaddress</b>] [<b>-receipt_request_print</b>] [<b>-secretkey key</b>] [<b>-secretkeyid id</b>] [<b>-econtent_type type</b>] [<b>-inkey file</b>] [<b>-keyopt name:parameter</b>] [<b>-passin arg</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>cert.pem...</b>] [<b>-to addr</b>] [<b>-from addr</b>] [<b>-subject subj</b>] [cert.pem]...</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>cms</b> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and verify, compress and uncompress S/MIME messages.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>There are fourteen operation options that set the type of operation to be performed. The meaning of the other options varies according to the operation type.</p>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="encrypt"><b>-encrypt</b></dt>
+<dd>
+
+<p>Encrypt mail for the given recipient certificates. Input file is the message to be encrypted. The output file is the encrypted mail in MIME format. The actual CMS type is &lt;B&gt;EnvelopedData&lt;B&gt;.</p>
+
+<p>Note that no revocation check is done for the recipient cert, so if that key has been compromised, others may be able to decrypt the text.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Decrypt mail using the supplied certificate and private key. Expects an encrypted mail message in MIME format for the input file. The decrypted mail is written to the output file.</p>
+
+</dd>
+<dt id="debug_decrypt"><b>-debug_decrypt</b></dt>
+<dd>
+
+<p>This option sets the <b>CMS_DEBUG_DECRYPT</b> flag. This option should be used with caution: see the notes section below.</p>
+
+</dd>
+<dt id="sign"><b>-sign</b></dt>
+<dd>
+
+<p>Sign mail using the supplied certificate and private key. Input file is the message to be signed. The signed message in MIME format is written to the output file.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verify signed mail. Expects a signed mail message on input and outputs the signed data. Both clear text and opaque signing is supported.</p>
+
+</dd>
+<dt id="cmsout"><b>-cmsout</b></dt>
+<dd>
+
+<p>Takes an input message and writes out a PEM encoded CMS structure.</p>
+
+</dd>
+<dt id="resign"><b>-resign</b></dt>
+<dd>
+
+<p>Resign a message: take an existing message and one or more new signers.</p>
+
+</dd>
+<dt id="data_create"><b>-data_create</b></dt>
+<dd>
+
+<p>Create a CMS <b>Data</b> type.</p>
+
+</dd>
+<dt id="data_out"><b>-data_out</b></dt>
+<dd>
+
+<p><b>Data</b> type and output the content.</p>
+
+</dd>
+<dt id="digest_create"><b>-digest_create</b></dt>
+<dd>
+
+<p>Create a CMS <b>DigestedData</b> type.</p>
+
+</dd>
+<dt id="digest_verify"><b>-digest_verify</b></dt>
+<dd>
+
+<p>Verify a CMS <b>DigestedData</b> type and output the content.</p>
+
+</dd>
+<dt id="compress"><b>-compress</b></dt>
+<dd>
+
+<p>Create a CMS <b>CompressedData</b> type. OpenSSL must be compiled with <b>zlib</b> support for this option to work, otherwise it will output an error.</p>
+
+</dd>
+<dt id="uncompress"><b>-uncompress</b></dt>
+<dd>
+
+<p>Uncompress a CMS <b>CompressedData</b> type and output the content. OpenSSL must be compiled with <b>zlib</b> support for this option to work, otherwise it will output an error.</p>
+
+</dd>
+<dt id="EncryptedData_encrypt"><b>-EncryptedData_encrypt</b></dt>
+<dd>
+
+<p>Encrypt content using supplied symmetric key and algorithm using a CMS <b>EncryptedData</b> type and output the content.</p>
+
+</dd>
+<dt id="sign_receipt"><b>-sign_receipt</b></dt>
+<dd>
+
+<p>Generate and output a signed receipt for the supplied message. The input message <b>must</b> contain a signed receipt request. Functionality is otherwise similar to the <b>-sign</b> operation.</p>
+
+</dd>
+<dt id="verify_receipt-receipt"><b>-verify_receipt receipt</b></dt>
+<dd>
+
+<p>Verify a signed receipt in filename <b>receipt</b>. The input message <b>must</b> contain the original receipt request. Functionality is otherwise similar to the <b>-verify</b> operation.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>The input message to be encrypted or signed or the message to be decrypted or verified.</p>
+
+</dd>
+<dt id="inform-SMIME-PEM-DER"><b>-inform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>This specifies the input format for the CMS structure. The default is <b>SMIME</b> which reads an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to expect PEM and DER format CMS structures instead. This currently only affects the input format of the CMS structure, if no CMS structure is being input (for example with <b>-encrypt</b> or <b>-sign</b>) this option has no effect.</p>
+
+</dd>
+<dt id="rctform-SMIME-PEM-DER"><b>-rctform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>Specify the format for a signed receipt for use with the <b>-receipt_verify</b> operation.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The message text that has been decrypted or verified or the output MIME format message that has been signed or verified.</p>
+
+</dd>
+<dt id="outform-SMIME-PEM-DER"><b>-outform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>This specifies the output format for the CMS structure. The default is <b>SMIME</b> which writes an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to write PEM and DER format CMS structures instead. This currently only affects the output format of the CMS structure, if no CMS structure is being output (for example with <b>-verify</b> or <b>-decrypt</b>) this option has no effect.</p>
+
+</dd>
+<dt id="stream--indef--noindef"><b>-stream -indef -noindef</b></dt>
+<dd>
+
+<p>The <b>-stream</b> and <b>-indef</b> options are equivalent and enable streaming I/O for encoding operations. This permits single pass processing of data without the need to hold the entire contents in memory, potentially supporting very large files. Streaming is automatically set for S/MIME signing with detached data if the output format is <b>SMIME</b> it is currently off by default for all other operations.</p>
+
+</dd>
+<dt id="noindef"><b>-noindef</b></dt>
+<dd>
+
+<p>Disable streaming I/O where it would produce and indefinite length constructed encoding. This option currently has no effect. In future streaming will be enabled by default on all relevant operations and this option will disable it.</p>
+
+</dd>
+<dt id="content-filename"><b>-content filename</b></dt>
+<dd>
+
+<p>This specifies a file containing the detached content, this is only useful with the <b>-verify</b> command. This is only usable if the CMS structure is using the detached signature form where the content is not included. This option will override any content if the input format is S/MIME and it uses the multipart/signed MIME content type.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option adds plain text (text/plain) MIME headers to the supplied message if encrypting or signing. If decrypting or verifying it strips off text headers: if the decrypted or verified message is not of MIME type text/plain then an error occurs.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>For the <b>-cmsout</b> operation do not output the parsed CMS structure. This is useful when combined with the <b>-print</b> option or if the syntax of the CMS structure is being checked.</p>
+
+</dd>
+<dt id="print"><b>-print</b></dt>
+<dd>
+
+<p>For the <b>-cmsout</b> operation print out all fields of the CMS structure. This is mainly useful for testing purposes.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted CA certificates, only used with <b>-verify</b>.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>A directory containing trusted CA certificates, only used with <b>-verify</b>. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location</p>
+
+</dd>
+<dt id="md-digest"><b>-md digest</b></dt>
+<dd>
+
+<p>Digest algorithm to use when signing or resigning. If not present then the default digest algorithm for the signing key will be used (usually SHA1).</p>
+
+</dd>
+<dt id="cipher"><b>-<i>cipher</i></b></dt>
+<dd>
+
+<p>The encryption algorithm to use. For example triple DES (168 bits) - <b>-des3</b> or 256 bit AES - <b>-aes256</b>. Any standard algorithm name (as used by the EVP_get_cipherbyname() function) can also be used preceded by a dash, for example <b>-aes-128-cbc</b>. See <a href="../man1/enc.html">enc(1)</a> for a list of ciphers supported by your version of OpenSSL.</p>
+
+<p>If not specified triple DES is used. Only used with <b>-encrypt</b> and <b>-EncryptedData_create</b> commands.</p>
+
+</dd>
+<dt id="nointern"><b>-nointern</b></dt>
+<dd>
+
+<p>When verifying a message normally certificates (if any) included in the message are searched for the signing certificate. With this option only the certificates specified in the <b>-certfile</b> option are used. The supplied certificates can still be used as untrusted CAs however.</p>
+
+</dd>
+<dt id="noverify"><b>-noverify</b></dt>
+<dd>
+
+<p>Do not verify the signers certificate of a signed message.</p>
+
+</dd>
+<dt id="nocerts"><b>-nocerts</b></dt>
+<dd>
+
+<p>When signing a message the signer&#39;s certificate is normally included with this option it is excluded. This will reduce the size of the signed message but the verifier must have a copy of the signers certificate available locally (passed using the <b>-certfile</b> option for example).</p>
+
+</dd>
+<dt id="noattr"><b>-noattr</b></dt>
+<dd>
+
+<p>Normally when a message is signed a set of attributes are included which include the signing time and supported symmetric algorithms. With this option they are not included.</p>
+
+</dd>
+<dt id="nosmimecap"><b>-nosmimecap</b></dt>
+<dd>
+
+<p>Exclude the list of supported algorithms from signed attributes, other options such as signing time and content type are still included.</p>
+
+</dd>
+<dt id="binary"><b>-binary</b></dt>
+<dd>
+
+<p>Normally the input message is converted to &quot;canonical&quot; format which is effectively using CR and LF as end of line: as required by the S/MIME specification. When this option is present no translation occurs. This is useful when handling binary data which may not be in MIME format.</p>
+
+</dd>
+<dt id="crlfeol"><b>-crlfeol</b></dt>
+<dd>
+
+<p>Normally the output file uses a single <b>LF</b> as end of line. When this option is present <b>CRLF</b> is used instead.</p>
+
+</dd>
+<dt id="asciicrlf"><b>-asciicrlf</b></dt>
+<dd>
+
+<p>When signing use ASCII CRLF format canonicalisation. This strips trailing whitespace from all lines, deletes trailing blank lines at EOF and sets the encapsulated content type. This option is normally used with detached content and an output signature format of DER. This option is not normally needed when verifying as it is enabled automatically if the encapsulated content format is detected.</p>
+
+</dd>
+<dt id="nodetach"><b>-nodetach</b></dt>
+<dd>
+
+<p>When signing a message use opaque signing: this form is more resistant to translation by mail relays but it cannot be read by mail agents that do not support S/MIME. Without this option cleartext signing with the MIME type multipart/signed is used.</p>
+
+</dd>
+<dt id="certfile-file"><b>-certfile file</b></dt>
+<dd>
+
+<p>Allows additional certificates to be specified. When signing these will be included with the message. When verifying these will be searched for the signers certificates. The certificates should be in PEM format.</p>
+
+</dd>
+<dt id="certsout-file"><b>-certsout file</b></dt>
+<dd>
+
+<p>Any certificates contained in the message are written to <b>file</b>.</p>
+
+</dd>
+<dt id="signer-file"><b>-signer file</b></dt>
+<dd>
+
+<p>A signing certificate when signing or resigning a message, this option can be used multiple times if more than one signer is required. If a message is being verified then the signers certificates will be written to this file if the verification was successful.</p>
+
+</dd>
+<dt id="recip-file"><b>-recip file</b></dt>
+<dd>
+
+<p>When decrypting a message this specifies the recipients certificate. The certificate must match one of the recipients of the message or an error occurs.</p>
+
+<p>When encrypting a message this option may be used multiple times to specify each recipient. This form <b>must</b> be used if customised parameters are required (for example to specify RSA-OAEP).</p>
+
+<p>Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this option.</p>
+
+</dd>
+<dt id="keyid"><b>-keyid</b></dt>
+<dd>
+
+<p>Use subject key identifier to identify certificates instead of issuer name and serial number. The supplied certificate <b>must</b> include a subject key identifier extension. Supported by <b>-sign</b> and <b>-encrypt</b> options.</p>
+
+</dd>
+<dt id="receipt_request_all--receipt_request_first"><b>-receipt_request_all</b>, <b>-receipt_request_first</b></dt>
+<dd>
+
+<p>For <b>-sign</b> option include a signed receipt request. Indicate requests should be provided by all recipient or first tier recipients (those mailed directly and not from a mailing list). Ignored it <b>-receipt_request_from</b> is included.</p>
+
+</dd>
+<dt id="receipt_request_from-emailaddress"><b>-receipt_request_from emailaddress</b></dt>
+<dd>
+
+<p>For <b>-sign</b> option include a signed receipt request. Add an explicit email address where receipts should be supplied.</p>
+
+</dd>
+<dt id="receipt_request_to-emailaddress"><b>-receipt_request_to emailaddress</b></dt>
+<dd>
+
+<p>Add an explicit email address where signed receipts should be sent to. This option <b>must</b> but supplied if a signed receipt it requested.</p>
+
+</dd>
+<dt id="receipt_request_print"><b>-receipt_request_print</b></dt>
+<dd>
+
+<p>For the <b>-verify</b> operation print out the contents of any signed receipt requests.</p>
+
+</dd>
+<dt id="secretkey-key"><b>-secretkey key</b></dt>
+<dd>
+
+<p>Specify symmetric key to use. The key must be supplied in hex format and be consistent with the algorithm used. Supported by the <b>-EncryptedData_encrypt</b> <b>-EncryptedData_decrypt</b>, <b>-encrypt</b> and <b>-decrypt</b> options. When used with <b>-encrypt</b> or <b>-decrypt</b> the supplied key is used to wrap or unwrap the content encryption key using an AES key in the <b>KEKRecipientInfo</b> type.</p>
+
+</dd>
+<dt id="secretkeyid-id"><b>-secretkeyid id</b></dt>
+<dd>
+
+<p>The key identifier for the supplied symmetric key for <b>KEKRecipientInfo</b> type. This option <b>must</b> be present if the <b>-secretkey</b> option is used with <b>-encrypt</b>. With <b>-decrypt</b> operations the <b>id</b> is used to locate the relevant key if it is not supplied then an attempt is used to decrypt any <b>KEKRecipientInfo</b> structures.</p>
+
+</dd>
+<dt id="econtent_type-type"><b>-econtent_type type</b></dt>
+<dd>
+
+<p>Set the encapsulated content type to <b>type</b> if not supplied the <b>Data</b> type is used. The <b>type</b> argument can be any valid OID name in either text or numerical format.</p>
+
+</dd>
+<dt id="inkey-file"><b>-inkey file</b></dt>
+<dd>
+
+<p>The private key to use when signing or decrypting. This must match the corresponding certificate. If this option is not specified then the private key must be included in the certificate file specified with the <b>-recip</b> or <b>-signer</b> file. When signing this option can be used multiple times to specify successive keys.</p>
+
+</dd>
+<dt id="keyopt-name:opt"><b>-keyopt name:opt</b></dt>
+<dd>
+
+<p>For signing and encryption this option can be used multiple times to set customised parameters for the preceding key or certificate. It can currently be used to set RSA-PSS for signing, RSA-OAEP for encryption or to modify default parameters for ECDH.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The private key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="cert.pem"><b>cert.pem...</b></dt>
+<dd>
+
+<p>One or more certificates of message recipients: used when encrypting a message.</p>
+
+</dd>
+<dt id="to--from--subject"><b>-to, -from, -subject</b></dt>
+<dd>
+
+<p>The relevant mail headers. These are included outside the signed portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate&#39;s email address matches that specified in the From: address.</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set various certificate chain validation options. See the <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The MIME message must be sent without any blank lines between the headers and the output. Some mail programs will automatically add a blank line. Piping the mail directly to sendmail is one way to achieve the correct format.</p>
+
+<p>The supplied message to be signed or encrypted must include the necessary MIME headers or many S/MIME clients won&#39;t display it properly (if at all). You can use the <b>-text</b> option to automatically add plain text headers.</p>
+
+<p>A &quot;signed and encrypted&quot; message is one where a signed message is then encrypted. This can be produced by encrypting an already signed message: see the examples section.</p>
+
+<p>This version of the program only allows one signer per message but it will verify multiple signers on received messages. Some S/MIME clients choke if a message contains multiple signers. It is possible to sign messages &quot;in parallel&quot; by signing an already signed message.</p>
+
+<p>The options <b>-encrypt</b> and <b>-decrypt</b> reflect common usage in S/MIME clients. Strictly speaking these process CMS enveloped data: CMS encrypted data is used for other purposes.</p>
+
+<p>The <b>-resign</b> option uses an existing message digest when adding a new signer. This means that attributes must be present in at least one existing signer using the same message digest or this operation will fail.</p>
+
+<p>The <b>-stream</b> and <b>-indef</b> options enable streaming I/O support. As a result the encoding is BER using indefinite length constructed encoding and no longer DER. Streaming is supported for the <b>-encrypt</b> operation and the <b>-sign</b> operation if the content is not detached.</p>
+
+<p>Streaming is always used for the <b>-sign</b> operation with detached data but since the content is no longer part of the CMS structure the encoding remains DER.</p>
+
+<p>If the <b>-decrypt</b> option is used without a recipient certificate then an attempt is made to locate the recipient by trying each potential recipient in turn using the supplied private key. To thwart the MMA attack (Bleichenbacher&#39;s attack on PKCS #1 v1.5 RSA padding) all recipients are tried whether they succeed or not and if no recipients match the message is &quot;decrypted&quot; using a random key which will typically output garbage. The <b>-debug_decrypt</b> option can be used to disable the MMA attack protection and return an error if no recipient can be found: this option should be used with caution. For a fuller description see <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>).</p>
+
+<h1 id="EXIT-CODES">EXIT CODES</h1>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation was completely successfully.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>An error occurred parsing the command options.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>One of the input files could not be read.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>An error occurred creating the CMS file or when reading the MIME message.</p>
+
+</dd>
+<dt id="pod4">4</dt>
+<dd>
+
+<p>An error occurred decrypting or verifying the message.</p>
+
+</dd>
+<dt id="pod5">5</dt>
+<dd>
+
+<p>The message was verified correctly but an error occurred writing out the signers certificates.</p>
+
+</dd>
+</dl>
+
+<h1 id="COMPATIBILITY-WITH-PKCS-7-format">COMPATIBILITY WITH PKCS#7 format.</h1>
+
+<p>The <b>smime</b> utility can only process the older <b>PKCS#7</b> format. The <b>cms</b> utility supports Cryptographic Message Syntax format. Use of some features will result in messages which cannot be processed by applications which only support the older format. These are detailed below.</p>
+
+<p>The use of the <b>-keyid</b> option with <b>-sign</b> or <b>-encrypt</b>.</p>
+
+<p>The <b>-outform PEM</b> option uses different headers.</p>
+
+<p>The <b>-compress</b> option.</p>
+
+<p>The <b>-secretkey</b> option when used with <b>-encrypt</b>.</p>
+
+<p>The use of PSS with <b>-sign</b>.</p>
+
+<p>The use of OAEP or non-RSA keys with <b>-encrypt</b>.</p>
+
+<p>Additionally the <b>-EncryptedData_create</b> and <b>-data_create</b> type cannot be processed by the older <b>smime</b> command.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create a cleartext signed message:</p>
+
+<pre><code> openssl cms -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem</code></pre>
+
+<p>Create an opaque signed message</p>
+
+<pre><code> openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
+        -signer mycert.pem</code></pre>
+
+<p>Create a signed message, include some additional certificates and read the private key from another file:</p>
+
+<pre><code> openssl cms -sign -in in.txt -text -out mail.msg \
+        -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem</code></pre>
+
+<p>Create a signed message with two signers, use key identifier:</p>
+
+<pre><code> openssl cms -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem -signer othercert.pem -keyid</code></pre>
+
+<p>Send a signed message under Unix directly to sendmail, including headers:</p>
+
+<pre><code> openssl cms -sign -in in.txt -text -signer mycert.pem \
+        -from steve@openssl.org -to someone@somewhere \
+        -subject &quot;Signed message&quot; | sendmail someone@somewhere</code></pre>
+
+<p>Verify a message and extract the signer&#39;s certificate if successful:</p>
+
+<pre><code> openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt</code></pre>
+
+<p>Send encrypted mail using triple DES:</p>
+
+<pre><code> openssl cms -encrypt -in in.txt -from steve@openssl.org \
+        -to someone@somewhere -subject &quot;Encrypted message&quot; \
+        -des3 user.pem -out mail.msg</code></pre>
+
+<p>Sign and encrypt mail:</p>
+
+<pre><code> openssl cms -sign -in ml.txt -signer my.pem -text \
+        | openssl cms -encrypt -out mail.msg \
+        -from steve@openssl.org -to someone@somewhere \
+        -subject &quot;Signed and Encrypted message&quot; -des3 user.pem</code></pre>
+
+<p>Note: the encryption command does not include the <b>-text</b> option because the message being encrypted already has MIME headers.</p>
+
+<p>Decrypt mail:</p>
+
+<pre><code> openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem</code></pre>
+
+<p>The output from Netscape form signing is a PKCS#7 structure with the detached signature format. You can use this program to verify the signature by line wrapping the base64 encoded structure and surrounding it with:</p>
+
+<pre><code> -----BEGIN PKCS7-----
+ -----END PKCS7-----</code></pre>
+
+<p>and using the command,</p>
+
+<pre><code> openssl cms -verify -inform PEM -in signature.pem -content content.txt</code></pre>
+
+<p>alternatively you can base64 decode the signature and use</p>
+
+<pre><code> openssl cms -verify -inform DER -in signature.der -content content.txt</code></pre>
+
+<p>Create an encrypted message using 128 bit Camellia:</p>
+
+<pre><code> openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem</code></pre>
+
+<p>Add a signer to an existing message:</p>
+
+<pre><code> openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg</code></pre>
+
+<p>Sign mail using RSA-PSS:</p>
+
+<pre><code> openssl cms -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem -keyopt rsa_padding_mode:pss</code></pre>
+
+<p>Create encrypted mail using RSA-OAEP:</p>
+
+<pre><code> openssl cms -encrypt -in plain.txt -out mail.msg \
+        -recip cert.pem -keyopt rsa_padding_mode:oaep</code></pre>
+
+<p>Use SHA256 KDF with an ECDH certificate:</p>
+
+<pre><code> openssl cms -encrypt -in plain.txt -out mail.msg \
+        -recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The MIME parser isn&#39;t very clever: it seems to handle most messages that I&#39;ve thrown at it but it may choke on others.</p>
+
+<p>The code currently will only write out the signer&#39;s certificate to a file: if the signer has a separate encryption certificate this must be manually extracted. There should be some heuristic that determines the correct encryption certificate.</p>
+
+<p>Ideally a database should be maintained of a certificates for each email address.</p>
+
+<p>The code doesn&#39;t currently take note of the permitted symmetric encryption algorithms as supplied in the SMIMECapabilities signed attribute. this means the user has to manually include the correct encryption algorithm. It should store the list of permitted ciphers in a database and only use those.</p>
+
+<p>No revocation checking is done on the signer&#39;s certificate.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The use of multiple <b>-signer</b> options and the <b>-resign</b> command were first added in OpenSSL 1.0.0.</p>
+
+<p>The <b>keyopt</b> option was added in OpenSSL 1.0.2.</p>
+
+<p>Support for RSA-OAEP and RSA-PSS was added in OpenSSL 1.0.2.</p>
+
+<p>The use of non-RSA keys with <b>-encrypt</b> and <b>-decrypt</b> was added in OpenSSL 1.0.2.</p>
+
+<p>The -no_alt_chains option was added in OpenSSL 1.0.2b.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-crl.html b/msys2/usr/share/doc/openssl/html/man1/openssl-crl.html
new file mode 100644
index 000000000..6f612d727
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-crl.html
@@ -0,0 +1,170 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>crl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-crl, crl - CRL utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>crl</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-text</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-nameopt option</b>] [<b>-noout</b>] [<b>-hash</b>] [<b>-issuer</b>] [<b>-lastupdate</b>] [<b>-nextupdate</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>crl</b> command processes CRL files in DER or PEM format.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. <b>DER</b> format is DER encoded CRL structure. <b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Print out the CRL in text form.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. See the description of <b>-nameopt</b> in <a href="../man1/x509.html">x509(1)</a>.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Don&#39;t output the encoded version of the CRL.</p>
+
+</dd>
+<dt id="hash"><b>-hash</b></dt>
+<dd>
+
+<p>Output a hash of the issuer name. This can be use to lookup CRLs in a directory by issuer name.</p>
+
+</dd>
+<dt id="hash_old"><b>-hash_old</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the CRL issuer name using the older algorithm as used by OpenSSL before version 1.0.0.</p>
+
+</dd>
+<dt id="issuer"><b>-issuer</b></dt>
+<dd>
+
+<p>Output the issuer name.</p>
+
+</dd>
+<dt id="lastupdate"><b>-lastupdate</b></dt>
+<dd>
+
+<p>Output the lastUpdate field.</p>
+
+</dd>
+<dt id="nextupdate"><b>-nextupdate</b></dt>
+<dd>
+
+<p>Output the nextUpdate field.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>Verify the signature on a CRL by looking up the issuing certificate in <b>file</b>.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>Verify the signature on a CRL by looking up the issuing certificate in <b>dir</b>. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM CRL format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN X509 CRL-----
+ -----END X509 CRL-----</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Convert a CRL file from PEM to DER:</p>
+
+<pre><code> openssl crl -in crl.pem -outform DER -out crl.der</code></pre>
+
+<p>Output the text form of a DER encoded certificate:</p>
+
+<pre><code> openssl crl -in crl.der -inform DER -text -noout</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Ideally it should be possible to create a CRL using appropriate options and files too.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/crl2pkcs7.html">crl2pkcs7(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-crl2pkcs7.html b/msys2/usr/share/doc/openssl/html/man1/openssl-crl2pkcs7.html
new file mode 100644
index 000000000..045f293d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-crl2pkcs7.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>crl2pkcs7</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-crl2pkcs7, crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>crl2pkcs7</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-certfile filename</b>] [<b>-nocrl</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>crl2pkcs7</b> command takes an optional CRL and one or more certificates and converts them into a PKCS#7 degenerate &quot;certificates only&quot; structure.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the CRL input format. <b>DER</b> format is DER encoded CRL structure.<b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines. The default format is PEM.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the PKCS#7 structure output format. <b>DER</b> format is DER encoded PKCS#7 structure.<b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines. The default format is PEM.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a CRL from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write the PKCS#7 structure to or standard output by default.</p>
+
+</dd>
+<dt id="certfile-filename"><b>-certfile filename</b></dt>
+<dd>
+
+<p>Specifies a filename containing one or more certificates in <b>PEM</b> format. All certificates in the file will be added to the PKCS#7 structure. This option can be used more than once to read certificates form multiple files.</p>
+
+</dd>
+<dt id="nocrl"><b>-nocrl</b></dt>
+<dd>
+
+<p>Normally a CRL is included in the output file. With this option no CRL is included in the output file and a CRL is not read from the input file.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create a PKCS#7 structure from a certificate and CRL:</p>
+
+<pre><code> openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem</code></pre>
+
+<p>Creates a PKCS#7 structure in DER format with no CRL from several different certificates:</p>
+
+<pre><code> openssl crl2pkcs7 -nocrl -certfile newcert.pem
+        -certfile demoCA/cacert.pem -outform DER -out p7.der</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The output file is a PKCS#7 signed data structure containing no signers and just certificates and an optional CRL.</p>
+
+<p>This utility can be used to send certificates and CAs to Netscape as part of the certificate enrollment process. This involves sending the DER encoded output as MIME type application/x-x509-user-cert.</p>
+
+<p>The <b>PEM</b> encoded form with the header and footer lines removed can be used to install user certificates and CAs in MSIE using the Xenroll control.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/pkcs7.html">pkcs7(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-dgst.html b/msys2/usr/share/doc/openssl/html/man1/openssl-dgst.html
new file mode 100644
index 000000000..af5c516b4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-dgst.html
@@ -0,0 +1,244 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>dgst</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-dgst, dgst - perform digest operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl dgst</b> [<b>-<i>digest</i></b>] [<b>-help</b>] [<b>-c</b>] [<b>-d</b>] [<b>-hex</b>] [<b>-binary</b>] [<b>-r</b>] [<b>-out filename</b>] [<b>-sign filename</b>] [<b>-keyform arg</b>] [<b>-passin arg</b>] [<b>-verify filename</b>] [<b>-prverify filename</b>] [<b>-signature filename</b>] [<b>-hmac key</b>] [<b>-fips-fingerprint</b>] [<b>-rand file...</b>] [<b>-engine id</b>] [<b>-engine_impl</b>] [<b>file...</b>]</p>
+
+<p><b>openssl</b> <i>digest</i> [<b>...</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The digest functions output the message digest of a supplied file or files in hexadecimal. The digest functions also generate and verify digital signatures using message digests.</p>
+
+<p>The generic name, <b>dgst</b>, may be used with an option specifying the algorithm to be used. The default digest is <i>sha256</i>. A supported <i>digest</i> name may also be used as the command name. To see the list of supported algorithms, use the <i>list --digest-commands</i> command.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>Specifies name of a supported digest to be used. To see the list of supported digests, use the command <i>list --digest-commands</i>.</p>
+
+</dd>
+<dt id="c"><b>-c</b></dt>
+<dd>
+
+<p>Print out the digest in two digit groups separated by colons, only relevant if <b>hex</b> format output is used.</p>
+
+</dd>
+<dt id="d"><b>-d</b></dt>
+<dd>
+
+<p>Print out BIO debugging information.</p>
+
+</dd>
+<dt id="hex"><b>-hex</b></dt>
+<dd>
+
+<p>Digest is to be output as a hex dump. This is the default case for a &quot;normal&quot; digest as opposed to a digital signature. See NOTES below for digital signatures using <b>-hex</b>.</p>
+
+</dd>
+<dt id="binary"><b>-binary</b></dt>
+<dd>
+
+<p>Output the digest or signature in binary form.</p>
+
+</dd>
+<dt id="r"><b>-r</b></dt>
+<dd>
+
+<p>Output the digest in the &quot;coreutils&quot; format used by programs like <b>sha1sum</b>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Filename to output to, or standard output by default.</p>
+
+</dd>
+<dt id="sign-filename"><b>-sign filename</b></dt>
+<dd>
+
+<p>Digitally sign the digest using the private key in &quot;filename&quot;. Note this option does not support Ed25519 or Ed448 private keys. Use the <b>pkeyutl</b> command instead for this.</p>
+
+</dd>
+<dt id="keyform-arg"><b>-keyform arg</b></dt>
+<dd>
+
+<p>Specifies the key format to sign digest with. The DER, PEM, P12, and ENGINE formats are supported.</p>
+
+</dd>
+<dt id="sigopt-nm:v"><b>-sigopt nm:v</b></dt>
+<dd>
+
+<p>Pass options to the signature algorithm during sign or verify operations. Names and values of these options are algorithm-specific.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The private key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="verify-filename"><b>-verify filename</b></dt>
+<dd>
+
+<p>Verify the signature using the public key in &quot;filename&quot;. The output is either &quot;Verification OK&quot; or &quot;Verification Failure&quot;.</p>
+
+</dd>
+<dt id="prverify-filename"><b>-prverify filename</b></dt>
+<dd>
+
+<p>Verify the signature using the private key in &quot;filename&quot;.</p>
+
+</dd>
+<dt id="signature-filename"><b>-signature filename</b></dt>
+<dd>
+
+<p>The actual signature to verify.</p>
+
+</dd>
+<dt id="hmac-key"><b>-hmac key</b></dt>
+<dd>
+
+<p>Create a hashed MAC using &quot;key&quot;.</p>
+
+</dd>
+<dt id="mac-alg"><b>-mac alg</b></dt>
+<dd>
+
+<p>Create MAC (keyed Message Authentication Code). The most popular MAC algorithm is HMAC (hash-based MAC), but there are other MAC algorithms which are not based on hash, for instance <b>gost-mac</b> algorithm, supported by <b>ccgost</b> engine. MAC keys and other options should be set via <b>-macopt</b> parameter.</p>
+
+</dd>
+<dt id="macopt-nm:v"><b>-macopt nm:v</b></dt>
+<dd>
+
+<p>Passes options to MAC algorithm, specified by <b>-mac</b> key. Following options are supported by both by <b>HMAC</b> and <b>gost-mac</b>:</p>
+
+<dl>
+
+<dt id="key:string"><b>key:string</b></dt>
+<dd>
+
+<p>Specifies MAC key as alphanumeric string (use if key contain printable characters only). String length must conform to any restrictions of the MAC algorithm for example exactly 32 chars for gost-mac.</p>
+
+</dd>
+<dt id="hexkey:string"><b>hexkey:string</b></dt>
+<dd>
+
+<p>Specifies MAC key in hexadecimal form (two hex digits per byte). Key length must conform to any restrictions of the MAC algorithm for example exactly 32 chars for gost-mac.</p>
+
+</dd>
+</dl>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="fips-fingerprint"><b>-fips-fingerprint</b></dt>
+<dd>
+
+<p>Compute HMAC using a specific key for certain OpenSSL-FIPS operations.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Use engine <b>id</b> for operations (including private key storage). This engine is not used as source for digest algorithms, unless it is also specified in the configuration file or <b>-engine_impl</b> is also specified.</p>
+
+</dd>
+<dt id="engine_impl"><b>-engine_impl</b></dt>
+<dd>
+
+<p>When used with the <b>-engine</b> option, it specifies to also use engine <b>id</b> for digest operations.</p>
+
+</dd>
+<dt id="file"><b>file...</b></dt>
+<dd>
+
+<p>File or files to digest. If no files are specified then standard input is used.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To create a hex-encoded message digest of a file: openssl dgst -md5 -hex file.txt</p>
+
+<p>To sign a file using SHA-256 with binary file output: openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt</p>
+
+<p>To verify a signature: openssl dgst -sha256 -verify publickey.pem \ -signature signature.sign \ file.txt</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The digest mechanisms that are available will depend on the options used when building OpenSSL. The <b>list digest-commands</b> command can be used to list them.</p>
+
+<p>New or agile applications should use probably use SHA-256. Other digests, particularly SHA-1 and MD5, are still widely used for interoperating with existing formats and protocols.</p>
+
+<p>When signing a file, <b>dgst</b> will automatically determine the algorithm (RSA, ECC, etc) to use for signing based on the private key&#39;s ASN.1 info. When verifying signatures, it only handles the RSA, DSA, or ECDSA signature itself, not the related data to identify the signer and algorithm used in formats such as x.509, CMS, and S/MIME.</p>
+
+<p>A source of random numbers is required for certain signing algorithms, in particular ECDSA and DSA.</p>
+
+<p>The signing and verify options should only be used if a single file is being signed or verified.</p>
+
+<p>Hex signatures cannot be verified using <b>openssl</b>. Instead, use &quot;xxd -r&quot; or similar program to transform the hex signature into a binary signature prior to verification.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0. The FIPS-related options were removed in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-dhparam.html b/msys2/usr/share/doc/openssl/html/man1/openssl-dhparam.html
new file mode 100644
index 000000000..66121b75e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-dhparam.html
@@ -0,0 +1,170 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>dhparam</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-dhparam, dhparam - DH parameter manipulation and generation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl dhparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in</b> <i>filename</i>] [<b>-out</b> <i>filename</i>] [<b>-dsaparam</b>] [<b>-check</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-2</b>] [<b>-5</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<i>numbits</i>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to manipulate DH parameter files.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with the PKCS#3 DHparameter structure. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in</b> <i>filename</i></dt>
+<dd>
+
+<p>This specifies the input filename to read parameters from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out</b> <i>filename</i></dt>
+<dd>
+
+<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="dsaparam"><b>-dsaparam</b></dt>
+<dd>
+
+<p>If this option is used, DSA rather than DH parameters are read or created; they are converted to DH format. Otherwise, &quot;strong&quot; primes (such that (p-1)/2 is also prime) will be used for DH parameter generation.</p>
+
+<p>DH parameter generation with the <b>-dsaparam</b> option is much faster, and the recommended exponent length is shorter, which makes DH key exchange more efficient. Beware that with such DSA-style DH parameters, a fresh DH key should be created for each use to avoid small-subgroup attacks that may be possible otherwise.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>Performs numerous checks to see if the supplied parameters are valid and displays a warning if not.</p>
+
+</dd>
+<dt id="pod-2--5"><b>-2</b>, <b>-5</b></dt>
+<dd>
+
+<p>The generator to use, either 2 or 5. If present then the input file is ignored and parameters are generated instead. If not present but <b>numbits</b> is present, parameters are generated with the default generator 2.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="numbits"><i>numbits</i></dt>
+<dd>
+
+<p>This option specifies that a parameter set should be generated of size <i>numbits</i>. It must be the last option. If this option is present then the input file is ignored and parameters are generated instead. If this option is not present but a generator (<b>-2</b> or <b>-5</b>) is present, parameters are generated with a default length of 2048 bits.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option inhibits the output of the encoded version of the parameters.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option prints out the DH parameters in human readable form.</p>
+
+</dd>
+<dt id="C"><b>-C</b></dt>
+<dd>
+
+<p>This option converts the parameters into C code. The parameters can then be loaded by calling the get_dhNNNN() function.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dhparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>The program <b>dhparam</b> combines the functionality of the programs <b>dh</b> and <b>gendh</b> in previous versions of OpenSSL. The <b>dh</b> and <b>gendh</b> programs are retained for now but may have different purposes in future versions of OpenSSL.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>PEM format DH parameters use the header and footer lines:</p>
+
+<pre><code> -----BEGIN DH PARAMETERS-----
+ -----END DH PARAMETERS-----</code></pre>
+
+<p>OpenSSL currently only supports the older PKCS#3 DH, not the newer X9.42 DH.</p>
+
+<p>This program manipulates DH parameters not keys.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be a way to generate and manipulate DH keys.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dsaparam.html">dsaparam(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-dsa.html b/msys2/usr/share/doc/openssl/html/man1/openssl-dsa.html
new file mode 100644
index 000000000..e5cfb05f2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-dsa.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>dsa</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-dsa, dsa - DSA key processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>dsa</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-modulus</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>dsa</b> command processes DSA keys. They can be converted between various forms and their components printed out. <b>Note</b> This command uses the traditional SSLeay compatible format for private key encryption: newer applications should use the more secure PKCS#8 format using the <b>pkcs8</b></p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option with a private key uses an ASN1 DER encoded form of an ASN.1 SEQUENCE consisting of the values of version (currently zero), p, q, g, the public and private key components respectively as ASN.1 INTEGERs. When used with a public key it uses a SubjectPublicKeyInfo structure: it is an error if the key is not DSA.</p>
+
+<p>The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines. In the case of a private key PKCS#8 format is also accepted.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output by is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with the specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the <b>dsa</b> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the public, private key components and parameters.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the key.</p>
+
+</dd>
+<dt id="modulus"><b>-modulus</b></dt>
+<dd>
+
+<p>This option prints out the value of the public key component of the key.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>By default, a private key is read from the input file. With this option a public key is read instead.</p>
+
+</dd>
+<dt id="pubout"><b>-pubout</b></dt>
+<dd>
+
+<p>By default, a private key is output. With this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM private key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN DSA PRIVATE KEY-----
+ -----END DSA PRIVATE KEY-----</code></pre>
+
+<p>The PEM public key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To remove the pass phrase on a DSA private key:</p>
+
+<pre><code> openssl dsa -in key.pem -out keyout.pem</code></pre>
+
+<p>To encrypt a private key using triple DES:</p>
+
+<pre><code> openssl dsa -in key.pem -des3 -out keyout.pem</code></pre>
+
+<p>To convert a private key from PEM to DER format:</p>
+
+<pre><code> openssl dsa -in key.pem -outform DER -out keyout.der</code></pre>
+
+<p>To print out the components of a private key to standard output:</p>
+
+<pre><code> openssl dsa -in key.pem -text -noout</code></pre>
+
+<p>To just output the public part of a private key:</p>
+
+<pre><code> openssl dsa -in key.pem -pubout -out pubkey.pem</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dsaparam.html">dsaparam(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-dsaparam.html b/msys2/usr/share/doc/openssl/html/man1/openssl-dsaparam.html
new file mode 100644
index 000000000..6b21a22e6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-dsaparam.html
@@ -0,0 +1,144 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>dsaparam</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-dsaparam, dsaparam - DSA parameter manipulation and generation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl dsaparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-genkey</b>] [<b>-engine id</b>] [<b>numbits</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to manipulate or generate DSA parameter files.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting of p, q and g respectively. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read parameters from or standard input if this option is not specified. If the <b>numbits</b> parameter is included then this option will be ignored.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option inhibits the output of the encoded version of the parameters.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option prints out the DSA parameters in human readable form.</p>
+
+</dd>
+<dt id="C"><b>-C</b></dt>
+<dd>
+
+<p>This option converts the parameters into C code. The parameters can then be loaded by calling the get_dsaXXX() function.</p>
+
+</dd>
+<dt id="genkey"><b>-genkey</b></dt>
+<dd>
+
+<p>This option will generate a DSA either using the specified or generated parameters.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="numbits"><b>numbits</b></dt>
+<dd>
+
+<p>This option specifies that a parameter set should be generated of size <b>numbits</b>. It must be the last option. If this option is included then the input file (if any) is ignored.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dsaparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>PEM format DSA parameters use the header and footer lines:</p>
+
+<pre><code> -----BEGIN DSA PARAMETERS-----
+ -----END DSA PARAMETERS-----</code></pre>
+
+<p>DSA parameter generation is a slow process and as a result the same set of DSA parameters is often used to generate several distinct keys.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-ec.html b/msys2/usr/share/doc/openssl/html/man1/openssl-ec.html
new file mode 100644
index 000000000..93e2531bf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-ec.html
@@ -0,0 +1,198 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ec</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ec, ec - EC key processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ec</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-param_out</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-conv_form arg</b>] [<b>-param_enc arg</b>] [<b>-no_public</b>] [<b>-check</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>ec</b> command processes EC keys. They can be converted between various forms and their components printed out. <b>Note</b> OpenSSL uses the private key format specified in &#39;SEC 1: Elliptic Curve Cryptography&#39; (http://www.secg.org/). To convert an OpenSSL EC private key into the PKCS#8 private key format use the <b>pkcs8</b> command.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option with a private key uses an ASN.1 DER encoded SEC1 private key. When used with a public key it uses the SubjectPublicKeyInfo structure as specified in RFC 3280. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines. In the case of a private key PKCS#8 format is also accepted.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output by is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="des--des3--idea"><b>-des|-des3|-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with the DES, triple DES, IDEA or any other cipher supported by OpenSSL before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the <b>ec</b> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the public, private key components and parameters.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the key.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>By default, a private key is read from the input file. With this option a public key is read instead.</p>
+
+</dd>
+<dt id="pubout"><b>-pubout</b></dt>
+<dd>
+
+<p>By default a private key is output. With this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
+
+</dd>
+<dt id="conv_form"><b>-conv_form</b></dt>
+<dd>
+
+<p>This specifies how the points on the elliptic curve are converted into octet strings. Possible values are: <b>compressed</b> (the default value), <b>uncompressed</b> and <b>hybrid</b>. For more information regarding the point conversion forms please read the X9.62 standard. <b>Note</b> Due to patent issues the <b>compressed</b> option is disabled by default for binary curves and can be enabled by defining the preprocessor macro <b>OPENSSL_EC_BIN_PT_COMP</b> at compile time.</p>
+
+</dd>
+<dt id="param_enc-arg"><b>-param_enc arg</b></dt>
+<dd>
+
+<p>This specifies how the elliptic curve parameters are encoded. Possible value are: <b>named_curve</b>, i.e. the ec parameters are specified by an OID, or <b>explicit</b> where the ec parameters are explicitly given (see RFC 3279 for the definition of the EC parameters structures). The default value is <b>named_curve</b>. <b>Note</b> the <b>implicitlyCA</b> alternative, as specified in RFC 3279, is currently not implemented in OpenSSL.</p>
+
+</dd>
+<dt id="no_public"><b>-no_public</b></dt>
+<dd>
+
+<p>This option omits the public key components from the private key output.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>This option checks the consistency of an EC private or public key.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ec</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM private key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN EC PRIVATE KEY-----
+ -----END EC PRIVATE KEY-----</code></pre>
+
+<p>The PEM public key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To encrypt a private key using triple DES:</p>
+
+<pre><code> openssl ec -in key.pem -des3 -out keyout.pem</code></pre>
+
+<p>To convert a private key from PEM to DER format:</p>
+
+<pre><code> openssl ec -in key.pem -outform DER -out keyout.der</code></pre>
+
+<p>To print out the components of a private key to standard output:</p>
+
+<pre><code> openssl ec -in key.pem -text -noout</code></pre>
+
+<p>To just output the public part of a private key:</p>
+
+<pre><code> openssl ec -in key.pem -pubout -out pubkey.pem</code></pre>
+
+<p>To change the parameters encoding to <b>explicit</b>:</p>
+
+<pre><code> openssl ec -in key.pem -param_enc explicit -out keyout.pem</code></pre>
+
+<p>To change the point conversion form to <b>compressed</b>:</p>
+
+<pre><code> openssl ec -in key.pem -conv_form compressed -out keyout.pem</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/ecparam.html">ecparam(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2003-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-ecparam.html b/msys2/usr/share/doc/openssl/html/man1/openssl-ecparam.html
new file mode 100644
index 000000000..05a89a7cd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-ecparam.html
@@ -0,0 +1,201 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ecparam</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ecparam, ecparam - EC parameter manipulation and generation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl ecparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-check</b>] [<b>-name arg</b>] [<b>-list_curves</b>] [<b>-conv_form arg</b>] [<b>-param_enc arg</b>] [<b>-no_seed</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-genkey</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to manipulate or generate EC parameter files.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN.1 DER encoded form compatible with RFC 3279 EcpkParameters. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read parameters from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option inhibits the output of the encoded version of the parameters.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option prints out the EC parameters in human readable form.</p>
+
+</dd>
+<dt id="C"><b>-C</b></dt>
+<dd>
+
+<p>This option converts the EC parameters into C code. The parameters can then be loaded by calling the get_ec_group_XXX() function.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>Validate the elliptic curve parameters.</p>
+
+</dd>
+<dt id="name-arg"><b>-name arg</b></dt>
+<dd>
+
+<p>Use the EC parameters with the specified &#39;short&#39; name. Use <b>-list_curves</b> to get a list of all currently implemented EC parameters.</p>
+
+</dd>
+<dt id="list_curves"><b>-list_curves</b></dt>
+<dd>
+
+<p>If this options is specified <b>ecparam</b> will print out a list of all currently implemented EC parameters names and exit.</p>
+
+</dd>
+<dt id="conv_form"><b>-conv_form</b></dt>
+<dd>
+
+<p>This specifies how the points on the elliptic curve are converted into octet strings. Possible values are: <b>compressed</b>, <b>uncompressed</b> (the default value) and <b>hybrid</b>. For more information regarding the point conversion forms please read the X9.62 standard. <b>Note</b> Due to patent issues the <b>compressed</b> option is disabled by default for binary curves and can be enabled by defining the preprocessor macro <b>OPENSSL_EC_BIN_PT_COMP</b> at compile time.</p>
+
+</dd>
+<dt id="param_enc-arg"><b>-param_enc arg</b></dt>
+<dd>
+
+<p>This specifies how the elliptic curve parameters are encoded. Possible value are: <b>named_curve</b>, i.e. the ec parameters are specified by an OID, or <b>explicit</b> where the ec parameters are explicitly given (see RFC 3279 for the definition of the EC parameters structures). The default value is <b>named_curve</b>. <b>Note</b> the <b>implicitlyCA</b> alternative, as specified in RFC 3279, is currently not implemented in OpenSSL.</p>
+
+</dd>
+<dt id="no_seed"><b>-no_seed</b></dt>
+<dd>
+
+<p>This option inhibits that the &#39;seed&#39; for the parameter generation is included in the ECParameters structure (see RFC 3279).</p>
+
+</dd>
+<dt id="genkey"><b>-genkey</b></dt>
+<dd>
+
+<p>This option will generate an EC private key using the specified parameters.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ecparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>PEM format EC parameters use the header and footer lines:</p>
+
+<pre><code> -----BEGIN EC PARAMETERS-----
+ -----END EC PARAMETERS-----</code></pre>
+
+<p>OpenSSL is currently not able to generate new groups and therefore <b>ecparam</b> can only create EC parameters from known (named) curves.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To create EC parameters with the group &#39;prime192v1&#39;:</p>
+
+<pre><code>  openssl ecparam -out ec_param.pem -name prime192v1</code></pre>
+
+<p>To create EC parameters with explicit parameters:</p>
+
+<pre><code>  openssl ecparam -out ec_param.pem -name prime192v1 -param_enc explicit</code></pre>
+
+<p>To validate given EC parameters:</p>
+
+<pre><code>  openssl ecparam -in ec_param.pem -check</code></pre>
+
+<p>To create EC parameters and a private key:</p>
+
+<pre><code>  openssl ecparam -out ec_key.pem -name prime192v1 -genkey</code></pre>
+
+<p>To change the point encoding to &#39;compressed&#39;:</p>
+
+<pre><code>  openssl ecparam -in ec_in.pem -out ec_out.pem -conv_form compressed</code></pre>
+
+<p>To print out the EC parameters to standard output:</p>
+
+<pre><code>  openssl ecparam -in ec_param.pem -noout -text</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/ec.html">ec(1)</a>, <a href="../man1/dsaparam.html">dsaparam(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2003-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-enc.html b/msys2/usr/share/doc/openssl/html/man1/openssl-enc.html
new file mode 100644
index 000000000..7ac8dc078
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-enc.html
@@ -0,0 +1,404 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>enc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-CIPHERS">SUPPORTED CIPHERS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-enc, enc - symmetric cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl enc -<i>cipher</i></b> [<b>-help</b>] [<b>-ciphers</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-pass arg</b>] [<b>-e</b>] [<b>-d</b>] [<b>-a</b>] [<b>-base64</b>] [<b>-A</b>] [<b>-k password</b>] [<b>-kfile filename</b>] [<b>-K key</b>] [<b>-iv IV</b>] [<b>-S salt</b>] [<b>-salt</b>] [<b>-nosalt</b>] [<b>-z</b>] [<b>-md digest</b>] [<b>-iter count</b>] [<b>-pbkdf2</b>] [<b>-p</b>] [<b>-P</b>] [<b>-bufsize number</b>] [<b>-nopad</b>] [<b>-debug</b>] [<b>-none</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>]</p>
+
+<p><b>openssl</b> <i>[cipher]</i> [<b>...</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The symmetric cipher commands allow data to be encrypted or decrypted using various block and stream ciphers using keys based on passwords or explicitly provided. Base64 encoding or decoding can also be performed either by itself or in addition to the encryption or decryption.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="ciphers"><b>-ciphers</b></dt>
+<dd>
+
+<p>List all supported ciphers.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>The input filename, standard input by default.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The output filename, standard output by default.</p>
+
+</dd>
+<dt id="pass-arg"><b>-pass arg</b></dt>
+<dd>
+
+<p>The password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="e"><b>-e</b></dt>
+<dd>
+
+<p>Encrypt the input data: this is the default.</p>
+
+</dd>
+<dt id="d"><b>-d</b></dt>
+<dd>
+
+<p>Decrypt the input data.</p>
+
+</dd>
+<dt id="a"><b>-a</b></dt>
+<dd>
+
+<p>Base64 process the data. This means that if encryption is taking place the data is base64 encoded after encryption. If decryption is set then the input data is base64 decoded before being decrypted.</p>
+
+</dd>
+<dt id="base64"><b>-base64</b></dt>
+<dd>
+
+<p>Same as <b>-a</b></p>
+
+</dd>
+<dt id="A"><b>-A</b></dt>
+<dd>
+
+<p>If the <b>-a</b> option is set then base64 process the data on one line.</p>
+
+</dd>
+<dt id="k-password"><b>-k password</b></dt>
+<dd>
+
+<p>The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the <b>-pass</b> argument.</p>
+
+</dd>
+<dt id="kfile-filename"><b>-kfile filename</b></dt>
+<dd>
+
+<p>Read the password to derive the key from the first line of <b>filename</b>. This is for compatibility with previous versions of OpenSSL. Superseded by the <b>-pass</b> argument.</p>
+
+</dd>
+<dt id="md-digest"><b>-md digest</b></dt>
+<dd>
+
+<p>Use the specified digest to create the key from the passphrase. The default algorithm is sha-256.</p>
+
+</dd>
+<dt id="iter-count"><b>-iter count</b></dt>
+<dd>
+
+<p>Use a given number of iterations on the password in deriving the encryption key. High values increase the time required to brute-force the resulting file. This option enables the use of PBKDF2 algorithm to derive the key.</p>
+
+</dd>
+<dt id="pbkdf2"><b>-pbkdf2</b></dt>
+<dd>
+
+<p>Use PBKDF2 algorithm with default iteration count unless otherwise specified.</p>
+
+</dd>
+<dt id="nosalt"><b>-nosalt</b></dt>
+<dd>
+
+<p>Don&#39;t use a salt in the key derivation routines. This option <b>SHOULD NOT</b> be used except for test purposes or compatibility with ancient versions of OpenSSL.</p>
+
+</dd>
+<dt id="salt"><b>-salt</b></dt>
+<dd>
+
+<p>Use salt (randomly generated or provide with <b>-S</b> option) when encrypting, this is the default.</p>
+
+</dd>
+<dt id="S-salt"><b>-S salt</b></dt>
+<dd>
+
+<p>The actual salt to use: this must be represented as a string of hex digits.</p>
+
+</dd>
+<dt id="K-key"><b>-K key</b></dt>
+<dd>
+
+<p>The actual key to use: this must be represented as a string comprised only of hex digits. If only the key is specified, the IV must additionally specified using the <b>-iv</b> option. When both a key and a password are specified, the key given with the <b>-K</b> option will be used and the IV generated from the password will be taken. It does not make much sense to specify both key and password.</p>
+
+</dd>
+<dt id="iv-IV"><b>-iv IV</b></dt>
+<dd>
+
+<p>The actual IV to use: this must be represented as a string comprised only of hex digits. When only the key is specified using the <b>-K</b> option, the IV must explicitly be defined. When a password is being specified using one of the other options, the IV is generated from this password.</p>
+
+</dd>
+<dt id="p"><b>-p</b></dt>
+<dd>
+
+<p>Print out the key and IV used.</p>
+
+</dd>
+<dt id="P"><b>-P</b></dt>
+<dd>
+
+<p>Print out the key and IV used then immediately exit: don&#39;t do any encryption or decryption.</p>
+
+</dd>
+<dt id="bufsize-number"><b>-bufsize number</b></dt>
+<dd>
+
+<p>Set the buffer size for I/O.</p>
+
+</dd>
+<dt id="nopad"><b>-nopad</b></dt>
+<dd>
+
+<p>Disable standard block padding.</p>
+
+</dd>
+<dt id="debug"><b>-debug</b></dt>
+<dd>
+
+<p>Debug the BIOs used for I/O.</p>
+
+</dd>
+<dt id="z"><b>-z</b></dt>
+<dd>
+
+<p>Compress or decompress clear text using zlib before encryption or after decryption. This option exists only if OpenSSL with compiled with zlib or zlib-dynamic option.</p>
+
+</dd>
+<dt id="none"><b>-none</b></dt>
+<dd>
+
+<p>Use NULL cipher (no encryption or decryption of input).</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The program can be called either as <b>openssl cipher</b> or <b>openssl enc -cipher</b>. The first form doesn&#39;t work with engine-provided ciphers, because this form is processed before the configuration file is read and any ENGINEs loaded. Use the <b>list</b> command to get a list of supported ciphers.</p>
+
+<p>Engines which provide entirely new encryption algorithms (such as the ccgost engine which provides gost89 algorithm) should be configured in the configuration file. Engines specified on the command line using -engine options can only be used for hardware-assisted implementations of ciphers which are supported by the OpenSSL core or another engine specified in the configuration file.</p>
+
+<p>When the enc command lists supported ciphers, ciphers provided by engines, specified in the configuration files are listed too.</p>
+
+<p>A password will be prompted for to derive the key and IV if necessary.</p>
+
+<p>The <b>-salt</b> option should <b>ALWAYS</b> be used if the key is being derived from a password unless you want compatibility with previous versions of OpenSSL.</p>
+
+<p>Without the <b>-salt</b> option it is possible to perform efficient dictionary attacks on the password and to attack stream cipher encrypted data. The reason for this is that without the salt the same password always generates the same encryption key. When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is generated at random when encrypting a file and read from the encrypted file when it is decrypted.</p>
+
+<p>Some of the ciphers do not have large keys and others have security implications if not used correctly. A beginner is advised to just use a strong block cipher, such as AES, in CBC mode.</p>
+
+<p>All the block ciphers normally use PKCS#5 padding, also known as standard block padding. This allows a rudimentary integrity or password check to be performed. However since the chance of random data passing the test is better than 1 in 256 it isn&#39;t a very good test.</p>
+
+<p>If padding is disabled then the input data must be a multiple of the cipher block length.</p>
+
+<p>All RC2 ciphers have the same key and effective key length.</p>
+
+<p>Blowfish and RC5 algorithms use a 128 bit key.</p>
+
+<h1 id="SUPPORTED-CIPHERS">SUPPORTED CIPHERS</h1>
+
+<p>Note that some of these ciphers can be disabled at compile time and some are available only if an appropriate engine is configured in the configuration file. The output of the <b>enc</b> command run with the <b>-ciphers</b> option (that is <b>openssl enc -ciphers</b>) produces a list of ciphers, supported by your version of OpenSSL, including ones provided by configured engines.</p>
+
+<p>The <b>enc</b> program does not support authenticated encryption modes like CCM and GCM, and will not support such modes in the future. The <b>enc</b> interface by necessity must begin streaming output (e.g., to standard output when <b>-out</b> is not used) before the authentication tag could be validated, leading to the usage of <b>enc</b> in pipelines that begin processing untrusted data and are not capable of rolling back upon authentication failure. The AEAD modes currently in common use also suffer from catastrophic failure of confidentiality and/or integrity upon reuse of key/iv/nonce, and since <b>enc</b> places the entire burden of key/iv/nonce management upon the user, the risk of exposing AEAD modes is too great to allow. These key/iv/nonce management issues also affect other modes currently exposed in <b>enc</b>, but the failure modes are less extreme in these cases, and the functionality cannot be removed with a stable release branch. For bulk encryption of data, whether using authenticated encryption modes or other modes, <a href="../man1/cms.html">cms(1)</a> is recommended, as it provides a standard data format and performs the needed key/iv/nonce management.</p>
+
+<pre><code> base64             Base 64
+
+ bf-cbc             Blowfish in CBC mode
+ bf                 Alias for bf-cbc
+ blowfish           Alias for bf-cbc
+ bf-cfb             Blowfish in CFB mode
+ bf-ecb             Blowfish in ECB mode
+ bf-ofb             Blowfish in OFB mode
+
+ cast-cbc           CAST in CBC mode
+ cast               Alias for cast-cbc
+ cast5-cbc          CAST5 in CBC mode
+ cast5-cfb          CAST5 in CFB mode
+ cast5-ecb          CAST5 in ECB mode
+ cast5-ofb          CAST5 in OFB mode
+
+ chacha20           ChaCha20 algorithm
+
+ des-cbc            DES in CBC mode
+ des                Alias for des-cbc
+ des-cfb            DES in CFB mode
+ des-ofb            DES in OFB mode
+ des-ecb            DES in ECB mode
+
+ des-ede-cbc        Two key triple DES EDE in CBC mode
+ des-ede            Two key triple DES EDE in ECB mode
+ des-ede-cfb        Two key triple DES EDE in CFB mode
+ des-ede-ofb        Two key triple DES EDE in OFB mode
+
+ des-ede3-cbc       Three key triple DES EDE in CBC mode
+ des-ede3           Three key triple DES EDE in ECB mode
+ des3               Alias for des-ede3-cbc
+ des-ede3-cfb       Three key triple DES EDE CFB mode
+ des-ede3-ofb       Three key triple DES EDE in OFB mode
+
+ desx               DESX algorithm.
+
+ gost89             GOST 28147-89 in CFB mode (provided by ccgost engine)
+ gost89-cnt        `GOST 28147-89 in CNT mode (provided by ccgost engine)
+
+ idea-cbc           IDEA algorithm in CBC mode
+ idea               same as idea-cbc
+ idea-cfb           IDEA in CFB mode
+ idea-ecb           IDEA in ECB mode
+ idea-ofb           IDEA in OFB mode
+
+ rc2-cbc            128 bit RC2 in CBC mode
+ rc2                Alias for rc2-cbc
+ rc2-cfb            128 bit RC2 in CFB mode
+ rc2-ecb            128 bit RC2 in ECB mode
+ rc2-ofb            128 bit RC2 in OFB mode
+ rc2-64-cbc         64 bit RC2 in CBC mode
+ rc2-40-cbc         40 bit RC2 in CBC mode
+
+ rc4                128 bit RC4
+ rc4-64             64 bit RC4
+ rc4-40             40 bit RC4
+
+ rc5-cbc            RC5 cipher in CBC mode
+ rc5                Alias for rc5-cbc
+ rc5-cfb            RC5 cipher in CFB mode
+ rc5-ecb            RC5 cipher in ECB mode
+ rc5-ofb            RC5 cipher in OFB mode
+
+ seed-cbc           SEED cipher in CBC mode
+ seed               Alias for seed-cbc
+ seed-cfb           SEED cipher in CFB mode
+ seed-ecb           SEED cipher in ECB mode
+ seed-ofb           SEED cipher in OFB mode
+
+ sm4-cbc            SM4 cipher in CBC mode
+ sm4                Alias for sm4-cbc
+ sm4-cfb            SM4 cipher in CFB mode
+ sm4-ctr            SM4 cipher in CTR mode
+ sm4-ecb            SM4 cipher in ECB mode
+ sm4-ofb            SM4 cipher in OFB mode
+
+ aes-[128|192|256]-cbc  128/192/256 bit AES in CBC mode
+ aes[128|192|256]       Alias for aes-[128|192|256]-cbc
+ aes-[128|192|256]-cfb  128/192/256 bit AES in 128 bit CFB mode
+ aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode
+ aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode
+ aes-[128|192|256]-ctr  128/192/256 bit AES in CTR mode
+ aes-[128|192|256]-ecb  128/192/256 bit AES in ECB mode
+ aes-[128|192|256]-ofb  128/192/256 bit AES in OFB mode
+
+ aria-[128|192|256]-cbc  128/192/256 bit ARIA in CBC mode
+ aria[128|192|256]       Alias for aria-[128|192|256]-cbc
+ aria-[128|192|256]-cfb  128/192/256 bit ARIA in 128 bit CFB mode
+ aria-[128|192|256]-cfb1 128/192/256 bit ARIA in 1 bit CFB mode
+ aria-[128|192|256]-cfb8 128/192/256 bit ARIA in 8 bit CFB mode
+ aria-[128|192|256]-ctr  128/192/256 bit ARIA in CTR mode
+ aria-[128|192|256]-ecb  128/192/256 bit ARIA in ECB mode
+ aria-[128|192|256]-ofb  128/192/256 bit ARIA in OFB mode
+
+ camellia-[128|192|256]-cbc  128/192/256 bit Camellia in CBC mode
+ camellia[128|192|256]       Alias for camellia-[128|192|256]-cbc
+ camellia-[128|192|256]-cfb  128/192/256 bit Camellia in 128 bit CFB mode
+ camellia-[128|192|256]-cfb1 128/192/256 bit Camellia in 1 bit CFB mode
+ camellia-[128|192|256]-cfb8 128/192/256 bit Camellia in 8 bit CFB mode
+ camellia-[128|192|256]-ctr  128/192/256 bit Camellia in CTR mode
+ camellia-[128|192|256]-ecb  128/192/256 bit Camellia in ECB mode
+ camellia-[128|192|256]-ofb  128/192/256 bit Camellia in OFB mode</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Just base64 encode a binary file:</p>
+
+<pre><code> openssl base64 -in file.bin -out file.b64</code></pre>
+
+<p>Decode the same file</p>
+
+<pre><code> openssl base64 -d -in file.b64 -out file.bin</code></pre>
+
+<p>Encrypt a file using AES-128 using a prompted password and PBKDF2 key derivation:</p>
+
+<pre><code> openssl enc -aes128 -pbkdf2 -in file.txt -out file.aes128</code></pre>
+
+<p>Decrypt a file using a supplied password:</p>
+
+<pre><code> openssl enc -aes128 -pbkdf2 -d -in file.aes128 -out file.txt \
+    -pass pass:&lt;password&gt;</code></pre>
+
+<p>Encrypt a file then base64 encode it (so it can be sent via mail for example) using AES-256 in CTR mode and PBKDF2 key derivation:</p>
+
+<pre><code> openssl enc -aes-256-ctr -pbkdf2 -a -in file.txt -out file.aes256</code></pre>
+
+<p>Base64 decode a file then decrypt it using a password supplied in a file:</p>
+
+<pre><code> openssl enc -aes-256-ctr -pbkdf2 -d -a -in file.aes256 -out file.txt \
+    -pass file:&lt;passfile&gt;</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The <b>-A</b> option when used with large files doesn&#39;t work properly.</p>
+
+<p>The <b>enc</b> program only supports a fixed number of algorithms with certain parameters. So if, for example, you want to use RC2 with a 76 bit key or RC4 with an 84 bit key you can&#39;t use this program.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-engine.html b/msys2/usr/share/doc/openssl/html/man1/openssl-engine.html
new file mode 100644
index 000000000..a6e14eb34
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-engine.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>engine</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-engine, engine - load and query engines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl engine</b> [ <i>engine...</i> ] [<b>-v</b>] [<b>-vv</b>] [<b>-vvv</b>] [<b>-vvv</b>] [<b>-vvv</b>] [<b>-c</b>] [<b>-t</b>] [<b>-tt</b>] [<b>-pre</b> <i>command</i>] [<b>-post</b> <i>command</i>] [ <i>engine...</i> ]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>engine</b> command is used to query the status and capabilities of the specified <b>engine</b>&#39;s. Engines may be specified before and after all other command-line flags. Only those specified are queried.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="v--vv--vvv--vvvv"><b>-v</b> <b>-vv</b> <b>-vvv</b> <b>-vvvv</b></dt>
+<dd>
+
+<p>Provides information about each specified engine. The first flag lists all the possible run-time control commands; the second adds a description of each command; the third adds the input flags, and the final option adds the internal input flags.</p>
+
+</dd>
+<dt id="c"><b>-c</b></dt>
+<dd>
+
+<p>Lists the capabilities of each engine.</p>
+
+</dd>
+<dt id="t"><b>-t</b></dt>
+<dd>
+
+<p>Tests if each specified engine is available, and displays the answer.</p>
+
+</dd>
+<dt id="tt"><b>-tt</b></dt>
+<dd>
+
+<p>Displays an error trace for any unavailable engine.</p>
+
+</dd>
+<dt id="pre-command"><b>-pre</b> <i>command</i></dt>
+<dd>
+
+</dd>
+<dt id="post-command"><b>-post</b> <i>command</i></dt>
+<dd>
+
+<p>Command-line configuration of engines. The <b>-pre</b> command is given to the engine before it is loaded and the <b>-post</b> command is given after the engine is loaded. The <i>command</i> is of the form <i>cmd:val</i> where <i>cmd</i> is the command, and <i>val</i> is the value for the command. See the example below.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>To list all the commands available to a dynamic engine:</p>
+
+<pre><code> $ openssl engine -t -tt -vvvv dynamic
+ (dynamic) Dynamic engine loading support
+      [ unavailable ]
+      SO_PATH: Specifies the path to the new ENGINE shared library
+           (input flags): STRING
+      NO_VCHECK: Specifies to continue even if version checking fails (boolean)
+           (input flags): NUMERIC
+      ID: Specifies an ENGINE id name for loading
+           (input flags): STRING
+      LIST_ADD: Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)
+           (input flags): NUMERIC
+      DIR_LOAD: Specifies whether to load from &#39;DIR_ADD&#39; directories (0=no,1=yes,2=mandatory)
+           (input flags): NUMERIC
+      DIR_ADD: Adds a directory from which ENGINEs can be loaded
+           (input flags): STRING
+      LOAD: Load up the ENGINE specified by other settings
+           (input flags): NO_INPUT</code></pre>
+
+<p>To list the capabilities of the <i>rsax</i> engine:</p>
+
+<pre><code> $ openssl engine -c
+ (rsax) RSAX engine support
+  [RSA]
+ (dynamic) Dynamic engine loading support</code></pre>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-errstr.html b/msys2/usr/share/doc/openssl/html/man1/openssl-errstr.html
new file mode 100644
index 000000000..fc865f63b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-errstr.html
@@ -0,0 +1,64 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>errstr</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-errstr, errstr - lookup error codes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl errstr error_code</b></p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Sometimes an application will not load error message and only numerical forms will be available. The <b>errstr</b> utility can be used to display the meaning of the hex code. The hex code is the hex digits after the second colon.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>None.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The error code:</p>
+
+<pre><code> 27594:error:2006D080:lib(32):func(109):reason(128):bss_file.c:107:</code></pre>
+
+<p>can be displayed with:</p>
+
+<pre><code> openssl errstr 2006D080</code></pre>
+
+<p>to produce the error message:</p>
+
+<pre><code> error:2006D080:BIO routines:BIO_new_file:no such file</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-gendsa.html b/msys2/usr/share/doc/openssl/html/man1/openssl-gendsa.html
new file mode 100644
index 000000000..ddab04d01
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-gendsa.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>gendsa</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-gendsa, gendsa - generate a DSA private key from a set of parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>gendsa</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>paramfile</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>gendsa</b> command generates a DSA private key from a DSA parameter file (which will be typically generated by the <b>openssl dsaparam</b> command).</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified no encryption is used.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>gendsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="paramfile"><b>paramfile</b></dt>
+<dd>
+
+<p>This option specifies the DSA parameter file to use. The parameters in this file determine the size of the private key. DSA parameters can be generated and examined using the <b>openssl dsaparam</b> command.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>DSA key generation is little more than random number generation so it is much quicker that RSA key generation for example.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dsaparam.html">dsaparam(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-genpkey.html b/msys2/usr/share/doc/openssl/html/man1/openssl-genpkey.html
new file mode 100644
index 000000000..562cb7ca2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-genpkey.html
@@ -0,0 +1,363 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>genpkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#KEY-GENERATION-OPTIONS">KEY GENERATION OPTIONS</a>
+    <ul>
+      <li><a href="#RSA-Key-Generation-Options">RSA Key Generation Options</a></li>
+      <li><a href="#RSA-PSS-Key-Generation-Options">RSA-PSS Key Generation Options</a></li>
+      <li><a href="#EC-Key-Generation-Options">EC Key Generation Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#PARAMETER-GENERATION-OPTIONS">PARAMETER GENERATION OPTIONS</a>
+    <ul>
+      <li><a href="#DSA-Parameter-Generation-Options">DSA Parameter Generation Options</a></li>
+      <li><a href="#DH-Parameter-Generation-Options">DH Parameter Generation Options</a></li>
+      <li><a href="#EC-Parameter-Generation-Options">EC Parameter Generation Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-genpkey, genpkey - generate a private key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>genpkey</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-outform PEM|DER</b>] [<b>-pass arg</b>] [<b>-<i>cipher</i></b>] [<b>-engine id</b>] [<b>-paramfile file</b>] [<b>-algorithm alg</b>] [<b>-pkeyopt opt:value</b>] [<b>-genparam</b>] [<b>-text</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>genpkey</b> command generates a private key.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format DER or PEM. The default format is PEM.</p>
+
+</dd>
+<dt id="pass-arg"><b>-pass arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="cipher"><b>-<i>cipher</i></b></dt>
+<dd>
+
+<p>This option encrypts the private key with the supplied cipher. Any algorithm name accepted by EVP_get_cipherbyname() is acceptable such as <b>des3</b>.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>genpkey</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. If used this option should precede all other options.</p>
+
+</dd>
+<dt id="algorithm-alg"><b>-algorithm alg</b></dt>
+<dd>
+
+<p>Public key algorithm to use such as RSA, DSA or DH. If used this option must precede any <b>-pkeyopt</b> options. The options <b>-paramfile</b> and <b>-algorithm</b> are mutually exclusive. Engines may add algorithms in addition to the standard built-in ones.</p>
+
+<p>Valid built-in algorithm names for private key generation are RSA, RSA-PSS, EC, X25519, X448, ED25519 and ED448.</p>
+
+<p>Valid built-in algorithm names for parameter generation (see the <b>-genparam</b> option) are DH, DSA and EC.</p>
+
+<p>Note that the algorithm name X9.42 DH may be used as a synonym for the DH algorithm. These are identical and do not indicate the type of parameters that will be generated. Use the <b>dh_paramgen_type</b> option to indicate whether PKCS#3 or X9.42 DH parameters are required. See <a href="#DH-Parameter-Generation-Options">&quot;DH Parameter Generation Options&quot;</a> below for more details.</p>
+
+</dd>
+<dt id="pkeyopt-opt:value"><b>-pkeyopt opt:value</b></dt>
+<dd>
+
+<p>Set the public key algorithm option <b>opt</b> to <b>value</b>. The precise set of options supported depends on the public key algorithm used and its implementation. See <a href="#KEY-GENERATION-OPTIONS">&quot;KEY GENERATION OPTIONS&quot;</a> and <a href="#PARAMETER-GENERATION-OPTIONS">&quot;PARAMETER GENERATION OPTIONS&quot;</a> below for more details.</p>
+
+</dd>
+<dt id="genparam"><b>-genparam</b></dt>
+<dd>
+
+<p>Generate a set of parameters instead of a private key. If used this option must precede any <b>-algorithm</b>, <b>-paramfile</b> or <b>-pkeyopt</b> options.</p>
+
+</dd>
+<dt id="paramfile-filename"><b>-paramfile filename</b></dt>
+<dd>
+
+<p>Some public key algorithms generate a private key based on a set of parameters. They can be supplied using this option. If this option is used the public key algorithm used is determined by the parameters. If used this option must precede any <b>-pkeyopt</b> options. The options <b>-paramfile</b> and <b>-algorithm</b> are mutually exclusive.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Print an (unencrypted) text representation of private and public keys and parameters along with the PEM or DER structure.</p>
+
+</dd>
+</dl>
+
+<h1 id="KEY-GENERATION-OPTIONS">KEY GENERATION OPTIONS</h1>
+
+<p>The options supported by each algorithm and indeed each implementation of an algorithm can vary. The options for the OpenSSL implementations are detailed below. There are no key generation options defined for the X25519, X448, ED25519 or ED448 algorithms.</p>
+
+<h2 id="RSA-Key-Generation-Options">RSA Key Generation Options</h2>
+
+<dl>
+
+<dt id="rsa_keygen_bits:numbits"><b>rsa_keygen_bits:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the generated key. If not specified 1024 is used.</p>
+
+</dd>
+<dt id="rsa_keygen_primes:numprimes"><b>rsa_keygen_primes:numprimes</b></dt>
+<dd>
+
+<p>The number of primes in the generated key. If not specified 2 is used.</p>
+
+</dd>
+<dt id="rsa_keygen_pubexp:value"><b>rsa_keygen_pubexp:value</b></dt>
+<dd>
+
+<p>The RSA public exponent value. This can be a large decimal or hexadecimal value if preceded by <b>0x</b>. Default value is 65537.</p>
+
+</dd>
+</dl>
+
+<h2 id="RSA-PSS-Key-Generation-Options">RSA-PSS Key Generation Options</h2>
+
+<p>Note: by default an <b>RSA-PSS</b> key has no parameter restrictions.</p>
+
+<dl>
+
+<dt id="rsa_keygen_bits:numbits-rsa_keygen_primes:numprimes-rsa_keygen_pubexp:value"><b>rsa_keygen_bits:numbits</b>, <b>rsa_keygen_primes:numprimes</b>, <b>rsa_keygen_pubexp:value</b></dt>
+<dd>
+
+<p>These options have the same meaning as the <b>RSA</b> algorithm.</p>
+
+</dd>
+<dt id="rsa_pss_keygen_md:digest"><b>rsa_pss_keygen_md:digest</b></dt>
+<dd>
+
+<p>If set the key is restricted and can only use <b>digest</b> for signing.</p>
+
+</dd>
+<dt id="rsa_pss_keygen_mgf1_md:digest"><b>rsa_pss_keygen_mgf1_md:digest</b></dt>
+<dd>
+
+<p>If set the key is restricted and can only use <b>digest</b> as it&#39;s MGF1 parameter.</p>
+
+</dd>
+<dt id="rsa_pss_keygen_saltlen:len"><b>rsa_pss_keygen_saltlen:len</b></dt>
+<dd>
+
+<p>If set the key is restricted and <b>len</b> specifies the minimum salt length.</p>
+
+</dd>
+</dl>
+
+<h2 id="EC-Key-Generation-Options">EC Key Generation Options</h2>
+
+<p>The EC key generation options can also be used for parameter generation.</p>
+
+<dl>
+
+<dt id="ec_paramgen_curve:curve"><b>ec_paramgen_curve:curve</b></dt>
+<dd>
+
+<p>The EC curve to use. OpenSSL supports NIST curve names such as &quot;P-256&quot;.</p>
+
+</dd>
+<dt id="ec_param_enc:encoding"><b>ec_param_enc:encoding</b></dt>
+<dd>
+
+<p>The encoding to use for parameters. The &quot;encoding&quot; parameter must be either &quot;named_curve&quot; or &quot;explicit&quot;. The default value is &quot;named_curve&quot;.</p>
+
+</dd>
+</dl>
+
+<h1 id="PARAMETER-GENERATION-OPTIONS">PARAMETER GENERATION OPTIONS</h1>
+
+<p>The options supported by each algorithm and indeed each implementation of an algorithm can vary. The options for the OpenSSL implementations are detailed below.</p>
+
+<h2 id="DSA-Parameter-Generation-Options">DSA Parameter Generation Options</h2>
+
+<dl>
+
+<dt id="dsa_paramgen_bits:numbits"><b>dsa_paramgen_bits:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the generated prime. If not specified 1024 is used.</p>
+
+</dd>
+<dt id="dsa_paramgen_q_bits:numbits"><b>dsa_paramgen_q_bits:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the q parameter. Must be one of 160, 224 or 256. If not specified 160 is used.</p>
+
+</dd>
+<dt id="dsa_paramgen_md:digest"><b>dsa_paramgen_md:digest</b></dt>
+<dd>
+
+<p>The digest to use during parameter generation. Must be one of <b>sha1</b>, <b>sha224</b> or <b>sha256</b>. If set, then the number of bits in <b>q</b> will match the output size of the specified digest and the <b>dsa_paramgen_q_bits</b> parameter will be ignored. If not set, then a digest will be used that gives an output matching the number of bits in <b>q</b>, i.e. <b>sha1</b> if q length is 160, <b>sha224</b> if it 224 or <b>sha256</b> if it is 256.</p>
+
+</dd>
+</dl>
+
+<h2 id="DH-Parameter-Generation-Options">DH Parameter Generation Options</h2>
+
+<dl>
+
+<dt id="dh_paramgen_prime_len:numbits"><b>dh_paramgen_prime_len:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the prime parameter <b>p</b>. The default is 1024.</p>
+
+</dd>
+<dt id="dh_paramgen_subprime_len:numbits"><b>dh_paramgen_subprime_len:numbits</b></dt>
+<dd>
+
+<p>The number of bits in the sub prime parameter <b>q</b>. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. Only relevant if used in conjunction with the <b>dh_paramgen_type</b> option to generate X9.42 DH parameters.</p>
+
+</dd>
+<dt id="dh_paramgen_generator:value"><b>dh_paramgen_generator:value</b></dt>
+<dd>
+
+<p>The value to use for the generator <b>g</b>. The default is 2.</p>
+
+</dd>
+<dt id="dh_paramgen_type:value"><b>dh_paramgen_type:value</b></dt>
+<dd>
+
+<p>The type of DH parameters to generate. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+</dd>
+<dt id="dh_rfc5114:num"><b>dh_rfc5114:num</b></dt>
+<dd>
+
+<p>If this option is set, then the appropriate RFC5114 parameters are used instead of generating new parameters. The value <b>num</b> can take the values 1, 2 or 3 corresponding to RFC5114 DH parameters consisting of 1024 bit group with 160 bit subgroup, 2048 bit group with 224 bit subgroup and 2048 bit group with 256 bit subgroup as mentioned in RFC5114 sections 2.1, 2.2 and 2.3 respectively. If present this overrides all other DH parameter options.</p>
+
+</dd>
+</dl>
+
+<h2 id="EC-Parameter-Generation-Options">EC Parameter Generation Options</h2>
+
+<p>The EC parameter generation options are the same as for key generation. See <a href="#EC-Key-Generation-Options">&quot;EC Key Generation Options&quot;</a> above.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The use of the genpkey program is encouraged over the algorithm specific utilities because additional algorithm options and ENGINE provided algorithms can be used.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate an RSA private key using default parameters:</p>
+
+<pre><code> openssl genpkey -algorithm RSA -out key.pem</code></pre>
+
+<p>Encrypt output private key using 128 bit AES and the passphrase &quot;hello&quot;:</p>
+
+<pre><code> openssl genpkey -algorithm RSA -out key.pem -aes-128-cbc -pass pass:hello</code></pre>
+
+<p>Generate a 2048 bit RSA key using 3 as the public exponent:</p>
+
+<pre><code> openssl genpkey -algorithm RSA -out key.pem \
+     -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:3</code></pre>
+
+<p>Generate 2048 bit DSA parameters:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm DSA -out dsap.pem \
+     -pkeyopt dsa_paramgen_bits:2048</code></pre>
+
+<p>Generate DSA key from parameters:</p>
+
+<pre><code> openssl genpkey -paramfile dsap.pem -out dsakey.pem</code></pre>
+
+<p>Generate 2048 bit DH parameters:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm DH -out dhp.pem \
+     -pkeyopt dh_paramgen_prime_len:2048</code></pre>
+
+<p>Generate 2048 bit X9.42 DH parameters:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm DH -out dhpx.pem \
+     -pkeyopt dh_paramgen_prime_len:2048 \
+     -pkeyopt dh_paramgen_type:1</code></pre>
+
+<p>Output RFC5114 2048 bit DH parameters with 224 bit subgroup:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm DH -out dhp.pem -pkeyopt dh_rfc5114:2</code></pre>
+
+<p>Generate DH key from parameters:</p>
+
+<pre><code> openssl genpkey -paramfile dhp.pem -out dhkey.pem</code></pre>
+
+<p>Generate EC parameters:</p>
+
+<pre><code> openssl genpkey -genparam -algorithm EC -out ecp.pem \
+        -pkeyopt ec_paramgen_curve:secp384r1 \
+        -pkeyopt ec_param_enc:named_curve</code></pre>
+
+<p>Generate EC key from parameters:</p>
+
+<pre><code> openssl genpkey -paramfile ecp.pem -out eckey.pem</code></pre>
+
+<p>Generate EC key directly:</p>
+
+<pre><code> openssl genpkey -algorithm EC -out eckey.pem \
+        -pkeyopt ec_paramgen_curve:P-384 \
+        -pkeyopt ec_param_enc:named_curve</code></pre>
+
+<p>Generate an X25519 private key:</p>
+
+<pre><code> openssl genpkey -algorithm X25519 -out xkey.pem</code></pre>
+
+<p>Generate an ED448 private key:</p>
+
+<pre><code> openssl genpkey -algorithm ED448 -out xkey.pem</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ability to use NIST curve names, and to generate an EC key directly, were added in OpenSSL 1.0.2. The ability to generate X25519 keys was added in OpenSSL 1.1.0. The ability to generate X448, ED25519 and ED448 keys was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-genrsa.html b/msys2/usr/share/doc/openssl/html/man1/openssl-genrsa.html
new file mode 100644
index 000000000..95bce0778
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-genrsa.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>genrsa</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-genrsa, genrsa - generate an RSA private key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>genrsa</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-f4</b>] [<b>-3</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>-primes num</b>] [<b>numbits</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>genrsa</b> command generates an RSA private key.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with specified cipher before outputting it. If none of these options is specified no encryption is used. If encryption is used a pass phrase is prompted for if it is not supplied via the <b>-passout</b> argument.</p>
+
+</dd>
+<dt id="F4--3"><b>-F4|-3</b></dt>
+<dd>
+
+<p>The public exponent to use, either 65537 or 3. The default is 65537.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>genrsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="primes-num"><b>-primes num</b></dt>
+<dd>
+
+<p>Specify the number of primes to use while generating the RSA key. The <b>num</b> parameter must be a positive integer that is greater than 1 and less than 16. If <b>num</b> is greater than 2, then the generated key is called a &#39;multi-prime&#39; RSA key, which is defined in RFC 8017.</p>
+
+</dd>
+<dt id="numbits"><b>numbits</b></dt>
+<dd>
+
+<p>The size of the private key to generate in bits. This must be the last option specified. The default is 2048 and values less than 512 are not allowed.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>RSA private key generation essentially involves the generation of two or more prime numbers. When generating a private key various symbols will be output to indicate the progress of the generation. A <b>.</b> represents each number which has passed an initial sieve test, <b>+</b> means a number has passed a single round of the Miller-Rabin primality test, <b>*</b> means the current prime starts a regenerating progress due to some failed tests. A newline means that the number has passed all the prime tests (the actual number depends on the key size).</p>
+
+<p>Because key generation is a random process the time taken to generate a key may vary somewhat. But in general, more primes lead to less generation time of a key.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-list.html b/msys2/usr/share/doc/openssl/html/man1/openssl-list.html
new file mode 100644
index 000000000..6185c6c15
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-list.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-list, list - list algorithms and features</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl list</b> [<b>-help</b>] [<b>-1</b>] [<b>-commands</b>] [<b>-digest-commands</b>] [<b>-digest-algorithms</b>] [<b>-cipher-commands</b>] [<b>-cipher-algorithms</b>] [<b>-public-key-algorithms</b>] [<b>-public-key-methods</b>] [<b>-disabled</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to generate list of algorithms or disabled features.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Display a usage message.</p>
+
+</dd>
+<dt id="pod-1"><b>-1</b></dt>
+<dd>
+
+<p>List the commands, digest-commands, or cipher-commands in a single column. If used, this option must be given first.</p>
+
+</dd>
+<dt id="commands"><b>-commands</b></dt>
+<dd>
+
+<p>Display a list of standard commands.</p>
+
+</dd>
+<dt id="digest-commands"><b>-digest-commands</b></dt>
+<dd>
+
+<p>Display a list of message digest commands, which are typically used as input to the <a href="../man1/dgst.html">dgst(1)</a> or <a href="../man1/speed.html">speed(1)</a> commands.</p>
+
+</dd>
+<dt id="digest-algorithms"><b>-digest-algorithms</b></dt>
+<dd>
+
+<p>Display a list of message digest algorithms. If a line is of the form foo =&gt; bar then <b>foo</b> is an alias for the official algorithm name, <b>bar</b>.</p>
+
+</dd>
+<dt id="cipher-commands"><b>-cipher-commands</b></dt>
+<dd>
+
+<p>Display a list of cipher commands, which are typically used as input to the <a href="../man1/dgst.html">dgst(1)</a> or <a href="../man1/speed.html">speed(1)</a> commands.</p>
+
+</dd>
+<dt id="cipher-algorithms"><b>-cipher-algorithms</b></dt>
+<dd>
+
+<p>Display a list of cipher algorithms. If a line is of the form foo =&gt; bar then <b>foo</b> is an alias for the official algorithm name, <b>bar</b>.</p>
+
+</dd>
+<dt id="public-key-algorithms"><b>-public-key-algorithms</b></dt>
+<dd>
+
+<p>Display a list of public key algorithms, with each algorithm as a block of multiple lines, all but the first are indented.</p>
+
+</dd>
+<dt id="public-key-methods"><b>-public-key-methods</b></dt>
+<dd>
+
+<p>Display a list of public key method OIDs: this also includes public key methods without an associated ASN.1 method, for example, KDF algorithms.</p>
+
+</dd>
+<dt id="disabled"><b>-disabled</b></dt>
+<dd>
+
+<p>Display a list of disabled features, those that were compiled out of the installation.</p>
+
+</dd>
+</dl>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-nseq.html b/msys2/usr/share/doc/openssl/html/man1/openssl-nseq.html
new file mode 100644
index 000000000..2faa19129
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-nseq.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>nseq</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-nseq, nseq - create or examine a Netscape certificate sequence</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>nseq</b> [<b>-help</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-toseq</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>nseq</b> command takes a file containing a Netscape certificate sequence and prints out the certificates contained in it or takes a file of certificates and converts it into a Netscape certificate sequence.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename or standard output by default.</p>
+
+</dd>
+<dt id="toseq"><b>-toseq</b></dt>
+<dd>
+
+<p>Normally a Netscape certificate sequence will be input and the output is the certificates contained in it. With the <b>-toseq</b> option the situation is reversed: a Netscape certificate sequence is created from a file of certificates.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Output the certificates in a Netscape certificate sequence</p>
+
+<pre><code> openssl nseq -in nseq.pem -out certs.pem</code></pre>
+
+<p>Create a Netscape certificate sequence</p>
+
+<pre><code> openssl nseq -in certs.pem -toseq -out nseq.pem</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>PEM</b> encoded form uses the same headers and footers as a certificate:</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----</code></pre>
+
+<p>A Netscape certificate sequence is a Netscape specific format that can be sent to browsers as an alternative to the standard PKCS#7 format when several certificates are sent to the browser: for example during certificate enrollment. It is used by Netscape certificate server for example.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>This program needs a few more options: like allowing DER or PEM input and output files and allowing multiple certificate files to be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-ocsp.html b/msys2/usr/share/doc/openssl/html/man1/openssl-ocsp.html
new file mode 100644
index 000000000..3e7304f07
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-ocsp.html
@@ -0,0 +1,415 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ocsp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#OCSP-Client-Options">OCSP Client Options</a></li>
+      <li><a href="#OCSP-Server-Options">OCSP Server Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#OCSP-Response-verification">OCSP Response verification.</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ocsp, ocsp - Online Certificate Status Protocol utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ocsp</b> [<b>-help</b>] [<b>-out file</b>] [<b>-issuer file</b>] [<b>-cert file</b>] [<b>-serial n</b>] [<b>-signer file</b>] [<b>-signkey file</b>] [<b>-sign_other file</b>] [<b>-no_certs</b>] [<b>-req_text</b>] [<b>-resp_text</b>] [<b>-text</b>] [<b>-reqout file</b>] [<b>-respout file</b>] [<b>-reqin file</b>] [<b>-respin file</b>] [<b>-nonce</b>] [<b>-no_nonce</b>] [<b>-url URL</b>] [<b>-host host:port</b>] [<b>-multi process-count</b>] [<b>-header</b>] [<b>-path</b>] [<b>-CApath dir</b>] [<b>-CAfile file</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-VAfile file</b>] [<b>-validity_period n</b>] [<b>-status_age n</b>] [<b>-noverify</b>] [<b>-verify_other file</b>] [<b>-trust_other</b>] [<b>-no_intern</b>] [<b>-no_signature_verify</b>] [<b>-no_cert_verify</b>] [<b>-no_chain</b>] [<b>-no_cert_checks</b>] [<b>-no_explicit</b>] [<b>-port num</b>] [<b>-ignore_err</b>] [<b>-index file</b>] [<b>-CA file</b>] [<b>-rsigner file</b>] [<b>-rkey file</b>] [<b>-rother file</b>] [<b>-rsigopt nm:v</b>] [<b>-resp_no_certs</b>] [<b>-nmin n</b>] [<b>-ndays n</b>] [<b>-resp_key_id</b>] [<b>-nrequest n</b>] [<b>-<i>digest</i></b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Online Certificate Status Protocol (OCSP) enables applications to determine the (revocation) state of an identified certificate (RFC 2560).</p>
+
+<p>The <b>ocsp</b> command performs many common OCSP tasks. It can be used to print out requests and responses, create requests and send queries to an OCSP responder and behave like a mini OCSP server itself.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>This command operates as either a client or a server. The options are described below, divided into those two modes.</p>
+
+<h2 id="OCSP-Client-Options">OCSP Client Options</h2>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>specify output filename, default is standard output.</p>
+
+</dd>
+<dt id="issuer-filename"><b>-issuer filename</b></dt>
+<dd>
+
+<p>This specifies the current issuer certificate. This option can be used multiple times. The certificate specified in <b>filename</b> must be in PEM format. This option <b>MUST</b> come before any <b>-cert</b> options.</p>
+
+</dd>
+<dt id="cert-filename"><b>-cert filename</b></dt>
+<dd>
+
+<p>Add the certificate <b>filename</b> to the request. The issuer certificate is taken from the previous <b>issuer</b> option, or an error occurs if no issuer certificate is specified.</p>
+
+</dd>
+<dt id="serial-num"><b>-serial num</b></dt>
+<dd>
+
+<p>Same as the <b>cert</b> option except the certificate with serial number <b>num</b> is added to the request. The serial number is interpreted as a decimal integer unless preceded by <b>0x</b>. Negative integers can also be specified by preceding the value by a <b>-</b> sign.</p>
+
+</dd>
+<dt id="signer-filename--signkey-filename"><b>-signer filename</b>, <b>-signkey filename</b></dt>
+<dd>
+
+<p>Sign the OCSP request using the certificate specified in the <b>signer</b> option and the private key specified by the <b>signkey</b> option. If the <b>signkey</b> option is not present then the private key is read from the same file as the certificate. If neither option is specified then the OCSP request is not signed.</p>
+
+</dd>
+<dt id="sign_other-filename"><b>-sign_other filename</b></dt>
+<dd>
+
+<p>Additional certificates to include in the signed request.</p>
+
+</dd>
+<dt id="nonce--no_nonce"><b>-nonce</b>, <b>-no_nonce</b></dt>
+<dd>
+
+<p>Add an OCSP nonce extension to a request or disable OCSP nonce addition. Normally if an OCSP request is input using the <b>reqin</b> option no nonce is added: using the <b>nonce</b> option will force addition of a nonce. If an OCSP request is being created (using <b>cert</b> and <b>serial</b> options) a nonce is automatically added specifying <b>no_nonce</b> overrides this.</p>
+
+</dd>
+<dt id="req_text--resp_text--text"><b>-req_text</b>, <b>-resp_text</b>, <b>-text</b></dt>
+<dd>
+
+<p>Print out the text form of the OCSP request, response or both respectively.</p>
+
+</dd>
+<dt id="reqout-file--respout-file"><b>-reqout file</b>, <b>-respout file</b></dt>
+<dd>
+
+<p>Write out the DER encoded certificate request or response to <b>file</b>.</p>
+
+</dd>
+<dt id="reqin-file--respin-file"><b>-reqin file</b>, <b>-respin file</b></dt>
+<dd>
+
+<p>Read OCSP request or response file from <b>file</b>. These option are ignored if OCSP request or response creation is implied by other options (for example with <b>serial</b>, <b>cert</b> and <b>host</b> options).</p>
+
+</dd>
+<dt id="url-responder_url"><b>-url responder_url</b></dt>
+<dd>
+
+<p>Specify the responder URL. Both HTTP and HTTPS (SSL/TLS) URLs can be specified.</p>
+
+</dd>
+<dt id="host-hostname:port--path-pathname"><b>-host hostname:port</b>, <b>-path pathname</b></dt>
+<dd>
+
+<p>If the <b>host</b> option is present then the OCSP request is sent to the host <b>hostname</b> on port <b>port</b>. <b>path</b> specifies the HTTP path name to use or &quot;/&quot; by default. This is equivalent to specifying <b>-url</b> with scheme http:// and the given hostname, port, and pathname.</p>
+
+</dd>
+<dt id="header-name-value"><b>-header name=value</b></dt>
+<dd>
+
+<p>Adds the header <b>name</b> with the specified <b>value</b> to the OCSP request that is sent to the responder. This may be repeated.</p>
+
+</dd>
+<dt id="timeout-seconds"><b>-timeout seconds</b></dt>
+<dd>
+
+<p>Connection timeout to the OCSP responder in seconds. On POSIX systems, when running as an OCSP responder, this option also limits the time that the responder is willing to wait for the client request. This time is measured from the time the responder accepts the connection until the complete request is received.</p>
+
+</dd>
+<dt id="multi-process-count"><b>-multi process-count</b></dt>
+<dd>
+
+<p>Run the specified number of OCSP responder child processes, with the parent process respawning child processes as needed. Child processes will detect changes in the CA index file and automatically reload it. When running as a responder <b>-timeout</b> option is recommended to limit the time each child is willing to wait for the client&#39;s OCSP response. This option is available on POSIX systems (that support the fork() and other required unix system-calls).</p>
+
+</dd>
+<dt id="CAfile-file--CApath-pathname"><b>-CAfile file</b>, <b>-CApath pathname</b></dt>
+<dd>
+
+<p>File or pathname containing trusted CA certificates. These are used to verify the signature on the OCSP response.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set different certificate verification options. See <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="verify_other-file"><b>-verify_other file</b></dt>
+<dd>
+
+<p>File containing additional certificates to search when attempting to locate the OCSP response signing certificate. Some responders omit the actual signer&#39;s certificate from the response: this option can be used to supply the necessary certificate in such cases.</p>
+
+</dd>
+<dt id="trust_other"><b>-trust_other</b></dt>
+<dd>
+
+<p>The certificates specified by the <b>-verify_other</b> option should be explicitly trusted and no additional checks will be performed on them. This is useful when the complete responder certificate chain is not available or trusting a root CA is not appropriate.</p>
+
+</dd>
+<dt id="VAfile-file"><b>-VAfile file</b></dt>
+<dd>
+
+<p>File containing explicitly trusted responder certificates. Equivalent to the <b>-verify_other</b> and <b>-trust_other</b> options.</p>
+
+</dd>
+<dt id="noverify"><b>-noverify</b></dt>
+<dd>
+
+<p>Don&#39;t attempt to verify the OCSP response signature or the nonce values. This option will normally only be used for debugging since it disables all verification of the responders certificate.</p>
+
+</dd>
+<dt id="no_intern"><b>-no_intern</b></dt>
+<dd>
+
+<p>Ignore certificates contained in the OCSP response when searching for the signers certificate. With this option the signers certificate must be specified with either the <b>-verify_other</b> or <b>-VAfile</b> options.</p>
+
+</dd>
+<dt id="no_signature_verify"><b>-no_signature_verify</b></dt>
+<dd>
+
+<p>Don&#39;t check the signature on the OCSP response. Since this option tolerates invalid signatures on OCSP responses it will normally only be used for testing purposes.</p>
+
+</dd>
+<dt id="no_cert_verify"><b>-no_cert_verify</b></dt>
+<dd>
+
+<p>Don&#39;t verify the OCSP response signers certificate at all. Since this option allows the OCSP response to be signed by any certificate it should only be used for testing purposes.</p>
+
+</dd>
+<dt id="no_chain"><b>-no_chain</b></dt>
+<dd>
+
+<p>Do not use certificates in the response as additional untrusted CA certificates.</p>
+
+</dd>
+<dt id="no_explicit"><b>-no_explicit</b></dt>
+<dd>
+
+<p>Do not explicitly trust the root CA if it is set to be trusted for OCSP signing.</p>
+
+</dd>
+<dt id="no_cert_checks"><b>-no_cert_checks</b></dt>
+<dd>
+
+<p>Don&#39;t perform any additional checks on the OCSP response signers certificate. That is do not make any checks to see if the signers certificate is authorised to provide the necessary status information: as a result this option should only be used for testing purposes.</p>
+
+</dd>
+<dt id="validity_period-nsec--status_age-age"><b>-validity_period nsec</b>, <b>-status_age age</b></dt>
+<dd>
+
+<p>These options specify the range of times, in seconds, which will be tolerated in an OCSP response. Each certificate status response includes a <b>notBefore</b> time and an optional <b>notAfter</b> time. The current time should fall between these two values, but the interval between the two times may be only a few seconds. In practice the OCSP responder and clients clocks may not be precisely synchronised and so such a check may fail. To avoid this the <b>-validity_period</b> option can be used to specify an acceptable error range in seconds, the default value is 5 minutes.</p>
+
+<p>If the <b>notAfter</b> time is omitted from a response then this means that new status information is immediately available. In this case the age of the <b>notBefore</b> field is checked to see it is not older than <b>age</b> seconds old. By default this additional check is not performed.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>This option sets digest algorithm to use for certificate identification in the OCSP request. Any digest supported by the OpenSSL <b>dgst</b> command can be used. The default is SHA-1. This option may be used multiple times to specify the digest used by subsequent certificate identifiers.</p>
+
+</dd>
+</dl>
+
+<h2 id="OCSP-Server-Options">OCSP Server Options</h2>
+
+<dl>
+
+<dt id="index-indexfile"><b>-index indexfile</b></dt>
+<dd>
+
+<p>The <b>indexfile</b> parameter is the name of a text index file in <b>ca</b> format containing certificate revocation information.</p>
+
+<p>If the <b>index</b> option is specified the <b>ocsp</b> utility is in responder mode, otherwise it is in client mode. The request(s) the responder processes can be either specified on the command line (using <b>issuer</b> and <b>serial</b> options), supplied in a file (using the <b>reqin</b> option) or via external OCSP clients (if <b>port</b> or <b>url</b> is specified).</p>
+
+<p>If the <b>index</b> option is present then the <b>CA</b> and <b>rsigner</b> options must also be present.</p>
+
+</dd>
+<dt id="CA-file"><b>-CA file</b></dt>
+<dd>
+
+<p>CA certificate corresponding to the revocation information in <b>indexfile</b>.</p>
+
+</dd>
+<dt id="rsigner-file"><b>-rsigner file</b></dt>
+<dd>
+
+<p>The certificate to sign OCSP responses with.</p>
+
+</dd>
+<dt id="rother-file"><b>-rother file</b></dt>
+<dd>
+
+<p>Additional certificates to include in the OCSP response.</p>
+
+</dd>
+<dt id="resp_no_certs"><b>-resp_no_certs</b></dt>
+<dd>
+
+<p>Don&#39;t include any certificates in the OCSP response.</p>
+
+</dd>
+<dt id="resp_key_id"><b>-resp_key_id</b></dt>
+<dd>
+
+<p>Identify the signer certificate using the key ID, default is to use the subject name.</p>
+
+</dd>
+<dt id="rkey-file"><b>-rkey file</b></dt>
+<dd>
+
+<p>The private key to sign OCSP responses with: if not present the file specified in the <b>rsigner</b> option is used.</p>
+
+</dd>
+<dt id="rsigopt-nm:v"><b>-rsigopt nm:v</b></dt>
+<dd>
+
+<p>Pass options to the signature algorithm when signing OCSP responses. Names and values of these options are algorithm-specific.</p>
+
+</dd>
+<dt id="port-portnum"><b>-port portnum</b></dt>
+<dd>
+
+<p>Port to listen for OCSP requests on. The port may also be specified using the <b>url</b> option.</p>
+
+</dd>
+<dt id="ignore_err"><b>-ignore_err</b></dt>
+<dd>
+
+<p>Ignore malformed requests or responses: When acting as an OCSP client, retry if a malformed response is received. When acting as an OCSP responder, continue running instead of terminating upon receiving a malformed request.</p>
+
+</dd>
+<dt id="nrequest-number"><b>-nrequest number</b></dt>
+<dd>
+
+<p>The OCSP server will exit after receiving <b>number</b> requests, default unlimited.</p>
+
+</dd>
+<dt id="nmin-minutes--ndays-days"><b>-nmin minutes</b>, <b>-ndays days</b></dt>
+<dd>
+
+<p>Number of minutes or days when fresh revocation information is available: used in the <b>nextUpdate</b> field. If neither option is present then the <b>nextUpdate</b> field is omitted meaning fresh revocation information is immediately available.</p>
+
+</dd>
+</dl>
+
+<h1 id="OCSP-Response-verification">OCSP Response verification.</h1>
+
+<p>OCSP Response follows the rules specified in RFC2560.</p>
+
+<p>Initially the OCSP responder certificate is located and the signature on the OCSP request checked using the responder certificate&#39;s public key.</p>
+
+<p>Then a normal certificate verify is performed on the OCSP responder certificate building up a certificate chain in the process. The locations of the trusted certificates used to build the chain can be specified by the <b>CAfile</b> and <b>CApath</b> options or they will be looked for in the standard OpenSSL certificates directory.</p>
+
+<p>If the initial verify fails then the OCSP verify process halts with an error.</p>
+
+<p>Otherwise the issuing CA certificate in the request is compared to the OCSP responder certificate: if there is a match then the OCSP verify succeeds.</p>
+
+<p>Otherwise the OCSP responder certificate&#39;s CA is checked against the issuing CA certificate in the request. If there is a match and the OCSPSigning extended key usage is present in the OCSP responder certificate then the OCSP verify succeeds.</p>
+
+<p>Otherwise, if <b>-no_explicit</b> is <b>not</b> set the root CA of the OCSP responders CA is checked to see if it is trusted for OCSP signing. If it is the OCSP verify succeeds.</p>
+
+<p>If none of these checks is successful then the OCSP verify fails.</p>
+
+<p>What this effectively means if that if the OCSP responder certificate is authorised directly by the CA it is issuing revocation information about (and it is correctly configured) then verification will succeed.</p>
+
+<p>If the OCSP responder is a &quot;global responder&quot; which can give details about multiple CAs and has its own separate certificate chain then its root CA can be trusted for OCSP signing. For example:</p>
+
+<pre><code> openssl x509 -in ocspCA.pem -addtrust OCSPSigning -out trustedCA.pem</code></pre>
+
+<p>Alternatively the responder certificate itself can be explicitly trusted with the <b>-VAfile</b> option.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>As noted, most of the verify options are for testing or debugging purposes. Normally only the <b>-CApath</b>, <b>-CAfile</b> and (if the responder is a &#39;global VA&#39;) <b>-VAfile</b> options need to be used.</p>
+
+<p>The OCSP server is only useful for test and demonstration purposes: it is not really usable as a full OCSP responder. It contains only a very simple HTTP request handling and can only handle the POST form of OCSP queries. It also handles requests serially meaning it cannot respond to new requests until it has processed the current one. The text index file format of revocation is also inefficient for large quantities of revocation data.</p>
+
+<p>It is possible to run the <b>ocsp</b> application in responder mode via a CGI script using the <b>reqin</b> and <b>respout</b> options.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an OCSP request and write it to a file:</p>
+
+<pre><code> openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der</code></pre>
+
+<p>Send a query to an OCSP responder with URL http://ocsp.myhost.com/ save the response to a file, print it out in text form, and verify the response:</p>
+
+<pre><code> openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem \
+     -url http://ocsp.myhost.com/ -resp_text -respout resp.der</code></pre>
+
+<p>Read in an OCSP response and print out text form:</p>
+
+<pre><code> openssl ocsp -respin resp.der -text -noverify</code></pre>
+
+<p>OCSP server on port 8888 using a standard <b>ca</b> configuration, and a separate responder certificate. All requests and responses are printed to a file.</p>
+
+<pre><code> openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
+        -text -out log.txt</code></pre>
+
+<p>As above but exit after processing one request:</p>
+
+<pre><code> openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
+     -nrequest 1</code></pre>
+
+<p>Query status information using an internally generated request:</p>
+
+<pre><code> openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
+     -issuer demoCA/cacert.pem -serial 1</code></pre>
+
+<p>Query status information using request read from a file, and write the response to a second file.</p>
+
+<pre><code> openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
+     -reqin req.der -respout resp.der</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The -no_alt_chains option was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-passwd.html b/msys2/usr/share/doc/openssl/html/man1/openssl-passwd.html
new file mode 100644
index 000000000..fe4f40a9e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-passwd.html
@@ -0,0 +1,154 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>passwd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-passwd, passwd - compute password hashes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl passwd</b> [<b>-help</b>] [<b>-crypt</b>] [<b>-1</b>] [<b>-apr1</b>] [<b>-aixmd5</b>] [<b>-5</b>] [<b>-6</b>] [<b>-salt</b> <i>string</i>] [<b>-in</b> <i>file</i>] [<b>-stdin</b>] [<b>-noverify</b>] [<b>-quiet</b>] [<b>-table</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] {<i>password</i>}</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>passwd</b> command computes the hash of a password typed at run-time or the hash of each password in a list. The password list is taken from the named file for option <b>-in file</b>, from stdin for option <b>-stdin</b>, or from the command line, or from the terminal otherwise. The Unix standard algorithm <b>crypt</b> and the MD5-based BSD password algorithm <b>1</b>, its Apache variant <b>apr1</b>, and its AIX variant are available.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="crypt"><b>-crypt</b></dt>
+<dd>
+
+<p>Use the <b>crypt</b> algorithm (default).</p>
+
+</dd>
+<dt id="pod-1"><b>-1</b></dt>
+<dd>
+
+<p>Use the MD5 based BSD password algorithm <b>1</b>.</p>
+
+</dd>
+<dt id="apr1"><b>-apr1</b></dt>
+<dd>
+
+<p>Use the <b>apr1</b> algorithm (Apache variant of the BSD algorithm).</p>
+
+</dd>
+<dt id="aixmd5"><b>-aixmd5</b></dt>
+<dd>
+
+<p>Use the <b>AIX MD5</b> algorithm (AIX variant of the BSD algorithm).</p>
+
+</dd>
+<dt id="pod-5"><b>-5</b></dt>
+<dd>
+
+</dd>
+<dt id="pod-6"><b>-6</b></dt>
+<dd>
+
+<p>Use the <b>SHA256</b> / <b>SHA512</b> based algorithms defined by Ulrich Drepper. See <a href="https://www.akkadia.org/drepper/SHA-crypt.txt">https://www.akkadia.org/drepper/SHA-crypt.txt</a>.</p>
+
+</dd>
+<dt id="salt-string"><b>-salt</b> <i>string</i></dt>
+<dd>
+
+<p>Use the specified salt. When reading a password from the terminal, this implies <b>-noverify</b>.</p>
+
+</dd>
+<dt id="in-file"><b>-in</b> <i>file</i></dt>
+<dd>
+
+<p>Read passwords from <i>file</i>.</p>
+
+</dd>
+<dt id="stdin"><b>-stdin</b></dt>
+<dd>
+
+<p>Read passwords from <b>stdin</b>.</p>
+
+</dd>
+<dt id="noverify"><b>-noverify</b></dt>
+<dd>
+
+<p>Don&#39;t verify when reading a password from the terminal.</p>
+
+</dd>
+<dt id="quiet"><b>-quiet</b></dt>
+<dd>
+
+<p>Don&#39;t output warnings when passwords given at the command line are truncated.</p>
+
+</dd>
+<dt id="table"><b>-table</b></dt>
+<dd>
+
+<p>In the output list, prepend the cleartext password and a TAB character to each password hash.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<pre><code>  % openssl passwd -crypt -salt xx password
+  xxj31ZMTZzkVA
+
+  % openssl passwd -1 -salt xxxxxxxx password
+  $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.
+
+  % openssl passwd -apr1 -salt xxxxxxxx password
+  $apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0
+
+  % openssl passwd -aixmd5 -salt xxxxxxxx password
+  xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs12.html b/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs12.html
new file mode 100644
index 000000000..be1721ecc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs12.html
@@ -0,0 +1,379 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkcs12</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#PARSING-OPTIONS">PARSING OPTIONS</a></li>
+  <li><a href="#FILE-CREATION-OPTIONS">FILE CREATION OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkcs12, pkcs12 - PKCS#12 file utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkcs12</b> [<b>-help</b>] [<b>-export</b>] [<b>-chain</b>] [<b>-inkey file_or_id</b>] [<b>-certfile filename</b>] [<b>-name name</b>] [<b>-caname name</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-nomacver</b>] [<b>-nocerts</b>] [<b>-clcerts</b>] [<b>-cacerts</b>] [<b>-nokeys</b>] [<b>-info</b>] [<b>-des | -des3 | -idea | -aes128 | -aes192 | -aes256 | -aria128 | -aria192 | -aria256 | -camellia128 | -camellia192 | -camellia256 | -nodes</b>] [<b>-noiter</b>] [<b>-maciter | -nomaciter | -nomac</b>] [<b>-twopass</b>] [<b>-descert</b>] [<b>-certpbe cipher</b>] [<b>-keypbe cipher</b>] [<b>-macalg digest</b>] [<b>-keyex</b>] [<b>-keysig</b>] [<b>-password arg</b>] [<b>-passin arg</b>] [<b>-passout arg</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-CSP name</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkcs12</b> command allows PKCS#12 files (sometimes referred to as PFX files) to be created and parsed. PKCS#12 files are used by several programs including Netscape, MSIE and MS Outlook.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>There are a lot of options the meaning of some depends of whether a PKCS#12 file is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12 file can be created by using the <b>-export</b> option (see below).</p>
+
+<h1 id="PARSING-OPTIONS">PARSING OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies filename of the PKCS#12 file to be parsed. Standard input is used by default.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The filename to write certificates and private keys to, standard output by default. They are all written in PEM format.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The PKCS#12 file (i.e. input file) password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>Pass phrase source to encrypt any outputted private keys with. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="password-arg"><b>-password arg</b></dt>
+<dd>
+
+<p>With -export, -password is equivalent to -passout. Otherwise, -password is equivalent to -passin.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option inhibits output of the keys and certificates to the output file version of the PKCS#12 file.</p>
+
+</dd>
+<dt id="clcerts"><b>-clcerts</b></dt>
+<dd>
+
+<p>Only output client certificates (not CA certificates).</p>
+
+</dd>
+<dt id="cacerts"><b>-cacerts</b></dt>
+<dd>
+
+<p>Only output CA certificates (not client certificates).</p>
+
+</dd>
+<dt id="nocerts"><b>-nocerts</b></dt>
+<dd>
+
+<p>No certificates at all will be output.</p>
+
+</dd>
+<dt id="nokeys"><b>-nokeys</b></dt>
+<dd>
+
+<p>No private keys will be output.</p>
+
+</dd>
+<dt id="info"><b>-info</b></dt>
+<dd>
+
+<p>Output additional information about the PKCS#12 file structure, algorithms used and iteration counts.</p>
+
+</dd>
+<dt id="des"><b>-des</b></dt>
+<dd>
+
+<p>Use DES to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="des3"><b>-des3</b></dt>
+<dd>
+
+<p>Use triple DES to encrypt private keys before outputting, this is the default.</p>
+
+</dd>
+<dt id="idea"><b>-idea</b></dt>
+<dd>
+
+<p>Use IDEA to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b></dt>
+<dd>
+
+<p>Use AES to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="aria128--aria192--aria256"><b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b></dt>
+<dd>
+
+<p>Use ARIA to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="camellia128--camellia192--camellia256"><b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b></dt>
+<dd>
+
+<p>Use Camellia to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="nodes"><b>-nodes</b></dt>
+<dd>
+
+<p>Don&#39;t encrypt the private keys at all.</p>
+
+</dd>
+<dt id="nomacver"><b>-nomacver</b></dt>
+<dd>
+
+<p>Don&#39;t attempt to verify the integrity MAC before reading the file.</p>
+
+</dd>
+<dt id="twopass"><b>-twopass</b></dt>
+<dd>
+
+<p>Prompt for separate integrity and encryption passwords: most software always assumes these are the same so this option will render such PKCS#12 files unreadable. Cannot be used in combination with the options -password, -passin (if importing) or -passout (if exporting).</p>
+
+</dd>
+</dl>
+
+<h1 id="FILE-CREATION-OPTIONS">FILE CREATION OPTIONS</h1>
+
+<dl>
+
+<dt id="export"><b>-export</b></dt>
+<dd>
+
+<p>This option specifies that a PKCS#12 file will be created rather than parsed.</p>
+
+</dd>
+<dt id="out-filename1"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies filename to write the PKCS#12 file to. Standard output is used by default.</p>
+
+</dd>
+<dt id="in-filename1"><b>-in filename</b></dt>
+<dd>
+
+<p>The filename to read certificates and private keys from, standard input by default. They must all be in PEM format. The order doesn&#39;t matter but one private key and its corresponding certificate should be present. If additional certificates are present they will also be included in the PKCS#12 file.</p>
+
+</dd>
+<dt id="inkey-file_or_id"><b>-inkey file_or_id</b></dt>
+<dd>
+
+<p>File to read private key from. If not present then a private key must be present in the input file. If no engine is used, the argument is taken as a file; if an engine is specified, the argument is given to the engine as a key identifier.</p>
+
+</dd>
+<dt id="name-friendlyname"><b>-name friendlyname</b></dt>
+<dd>
+
+<p>This specifies the &quot;friendly name&quot; for the certificate and private key. This name is typically displayed in list boxes by software importing the file.</p>
+
+</dd>
+<dt id="certfile-filename"><b>-certfile filename</b></dt>
+<dd>
+
+<p>A filename to read additional certificates from.</p>
+
+</dd>
+<dt id="caname-friendlyname"><b>-caname friendlyname</b></dt>
+<dd>
+
+<p>This specifies the &quot;friendly name&quot; for other certificates. This option may be used multiple times to specify names for all certificates in the order they appear. Netscape ignores friendly names on other certificates whereas MSIE displays them.</p>
+
+</dd>
+<dt id="pass-arg--passout-arg"><b>-pass arg</b>, <b>-passout arg</b></dt>
+<dd>
+
+<p>The PKCS#12 file (i.e. output file) password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="passin-password"><b>-passin password</b></dt>
+<dd>
+
+<p>Pass phrase source to decrypt any input private keys with. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="chain"><b>-chain</b></dt>
+<dd>
+
+<p>If this option is present then an attempt is made to include the entire certificate chain of the user certificate. The standard CA store is used for this search. If the search fails it is considered a fatal error.</p>
+
+</dd>
+<dt id="descert"><b>-descert</b></dt>
+<dd>
+
+<p>Encrypt the certificate using triple DES, this may render the PKCS#12 file unreadable by some &quot;export grade&quot; software. By default the private key is encrypted using triple DES and the certificate using 40 bit RC2.</p>
+
+</dd>
+<dt id="keypbe-alg--certpbe-alg"><b>-keypbe alg</b>, <b>-certpbe alg</b></dt>
+<dd>
+
+<p>These options allow the algorithm used to encrypt the private key and certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name can be used (see <b>NOTES</b> section for more information). If a cipher name (as output by the <b>list-cipher-algorithms</b> command is specified then it is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only use PKCS#12 algorithms.</p>
+
+</dd>
+<dt id="keyex--keysig"><b>-keyex|-keysig</b></dt>
+<dd>
+
+<p>Specifies that the private key is to be used for key exchange or just signing. This option is only interpreted by MSIE and similar MS software. Normally &quot;export grade&quot; software will only allow 512 bit RSA keys to be used for encryption purposes but arbitrary length keys for signing. The <b>-keysig</b> option marks the key for signing only. Signing only keys can be used for S/MIME signing, authenticode (ActiveX control signing) and SSL client authentication, however due to a bug only MSIE 5.0 and later support the use of signing only keys for SSL client authentication.</p>
+
+</dd>
+<dt id="macalg-digest"><b>-macalg digest</b></dt>
+<dd>
+
+<p>Specify the MAC digest algorithm. If not included them SHA1 will be used.</p>
+
+</dd>
+<dt id="nomaciter--noiter"><b>-nomaciter</b>, <b>-noiter</b></dt>
+<dd>
+
+<p>These options affect the iteration counts on the MAC and key algorithms. Unless you wish to produce files compatible with MSIE 4.0 you should leave these options alone.</p>
+
+<p>To discourage attacks by using large dictionaries of common passwords the algorithm that derives keys from passwords can have an iteration count applied to it: this causes a certain part of the algorithm to be repeated and slows it down. The MAC is used to check the file integrity but since it will normally have the same password as the keys and certificates it could also be attacked. By default both MAC and encryption iteration counts are set to 2048, using these options the MAC and encryption iteration counts can be set to 1, since this reduces the file security you should not use these options unless you really have to. Most software supports both MAC and key iteration counts. MSIE 4.0 doesn&#39;t support MAC iteration counts so it needs the <b>-nomaciter</b> option.</p>
+
+</dd>
+<dt id="maciter"><b>-maciter</b></dt>
+<dd>
+
+<p>This option is included for compatibility with previous versions, it used to be needed to use MAC iterations counts but they are now used by default.</p>
+
+</dd>
+<dt id="nomac"><b>-nomac</b></dt>
+<dd>
+
+<p>Don&#39;t attempt to provide the MAC integrity.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>CA storage as a file.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>CA storage as a directory. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location.</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location.</p>
+
+</dd>
+<dt id="CSP-name"><b>-CSP name</b></dt>
+<dd>
+
+<p>Write <b>name</b> as a Microsoft CSP name.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Although there are a large number of options most of them are very rarely used. For PKCS#12 file parsing only <b>-in</b> and <b>-out</b> need to be used for PKCS#12 file creation <b>-export</b> and <b>-name</b> are also used.</p>
+
+<p>If none of the <b>-clcerts</b>, <b>-cacerts</b> or <b>-nocerts</b> options are present then all certificates will be output in the order they appear in the input PKCS#12 files. There is no guarantee that the first certificate present is the one corresponding to the private key. Certain software which requires a private key and certificate and assumes the first certificate in the file is the one corresponding to the private key: this may not always be the case. Using the <b>-clcerts</b> option will solve this problem by only outputting the certificate corresponding to the private key. If the CA certificates are required then they can be output to a separate file using the <b>-nokeys -cacerts</b> options to just output CA certificates.</p>
+
+<p>The <b>-keypbe</b> and <b>-certpbe</b> algorithms allow the precise encryption algorithms for private keys and certificates to be specified. Normally the defaults are fine but occasionally software can&#39;t handle triple DES encrypted private keys, then the option <b>-keypbe PBE-SHA1-RC2-40</b> can be used to reduce the private key encryption to 40 bit RC2. A complete description of all algorithms is contained in the <b>pkcs8</b> manual page.</p>
+
+<p>Prior 1.1 release passwords containing non-ASCII characters were encoded in non-compliant manner, which limited interoperability, in first hand with Windows. But switching to standard-compliant password encoding poses problem accessing old data protected with broken encoding. For this reason even legacy encodings is attempted when reading the data. If you use PKCS#12 files in production application you are advised to convert the data, because implemented heuristic approach is not MT-safe, its sole goal is to facilitate the data upgrade with this utility.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Parse a PKCS#12 file and output it to a file:</p>
+
+<pre><code> openssl pkcs12 -in file.p12 -out file.pem</code></pre>
+
+<p>Output only client certificates to a file:</p>
+
+<pre><code> openssl pkcs12 -in file.p12 -clcerts -out file.pem</code></pre>
+
+<p>Don&#39;t encrypt the private key:</p>
+
+<pre><code> openssl pkcs12 -in file.p12 -out file.pem -nodes</code></pre>
+
+<p>Print some info about a PKCS#12 file:</p>
+
+<pre><code> openssl pkcs12 -in file.p12 -info -noout</code></pre>
+
+<p>Create a PKCS#12 file:</p>
+
+<pre><code> openssl pkcs12 -export -in file.pem -out file.p12 -name &quot;My Certificate&quot;</code></pre>
+
+<p>Include some extra certificates:</p>
+
+<pre><code> openssl pkcs12 -export -in file.pem -out file.p12 -name &quot;My Certificate&quot; \
+  -certfile othercerts.pem</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/pkcs8.html">pkcs8(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs7.html b/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs7.html
new file mode 100644
index 000000000..4051327b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs7.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkcs7</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkcs7, pkcs7 - PKCS#7 utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkcs7</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-print_certs</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkcs7</b> command processes PKCS#7 files in DER or PEM format.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. <b>DER</b> format is DER encoded PKCS#7 v1.5 structure.<b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="print_certs"><b>-print_certs</b></dt>
+<dd>
+
+<p>Prints out any certificates or CRLs contained in the file. They are preceded by their subject and issuer names in one line format.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out certificates details in full rather than just subject and issuer names.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Don&#39;t output the encoded version of the PKCS#7 structure (or certificates is <b>-print_certs</b> is set).</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkcs7</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Convert a PKCS#7 file from PEM to DER:</p>
+
+<pre><code> openssl pkcs7 -in file.pem -outform DER -out file.der</code></pre>
+
+<p>Output all certificates in a file:</p>
+
+<pre><code> openssl pkcs7 -in file.pem -print_certs -out certs.pem</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM PKCS#7 format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN PKCS7-----
+ -----END PKCS7-----</code></pre>
+
+<p>For compatibility with some CAs it will also accept:</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----</code></pre>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>There is no option to print out all the fields of a PKCS#7 file.</p>
+
+<p>This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they cannot currently parse, for example, the new CMS as described in RFC2630.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/crl2pkcs7.html">crl2pkcs7(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs8.html b/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs8.html
new file mode 100644
index 000000000..eb2f3f7a8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-pkcs8.html
@@ -0,0 +1,291 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkcs8</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#KEY-FORMATS">KEY FORMATS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PKCS-5-v1.5-and-PKCS-12-algorithms">PKCS#5 v1.5 and PKCS#12 algorithms.</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#STANDARDS">STANDARDS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkcs8, pkcs8 - PKCS#8 format private key conversion tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkcs8</b> [<b>-help</b>] [<b>-topk8</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-iter count</b>] [<b>-noiter</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-nocrypt</b>] [<b>-traditional</b>] [<b>-v2 alg</b>] [<b>-v2prf alg</b>] [<b>-v1 alg</b>] [<b>-engine id</b>] [<b>-scrypt</b>] [<b>-scrypt_N N</b>] [<b>-scrypt_r r</b>] [<b>-scrypt_p p</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkcs8</b> command processes private keys in PKCS#8 format. It can handle both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo format with a variety of PKCS#5 (v1.5 and v2.0) and PKCS#12 algorithms.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="topk8"><b>-topk8</b></dt>
+<dd>
+
+<p>Normally a PKCS#8 private key is expected on input and a private key will be written to the output file. With the <b>-topk8</b> option the situation is reversed: it reads a private key and writes a PKCS#8 format key.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format: see <a href="#KEY-FORMATS">&quot;KEY FORMATS&quot;</a> for more details. The default format is PEM.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format: see <a href="#KEY-FORMATS">&quot;KEY FORMATS&quot;</a> for more details. The default format is PEM.</p>
+
+</dd>
+<dt id="traditional"><b>-traditional</b></dt>
+<dd>
+
+<p>When this option is present and <b>-topk8</b> is not a traditional format private key is written.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output by default. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="iter-count"><b>-iter count</b></dt>
+<dd>
+
+<p>When creating new PKCS#8 containers, use a given number of iterations on the password in deriving the encryption key for the PKCS#8 output. High values increase the time required to brute-force a PKCS#8 container.</p>
+
+</dd>
+<dt id="nocrypt"><b>-nocrypt</b></dt>
+<dd>
+
+<p>PKCS#8 keys generated or input are normally PKCS#8 EncryptedPrivateKeyInfo structures using an appropriate password based encryption algorithm. With this option an unencrypted PrivateKeyInfo structure is expected or output. This option does not encrypt private keys at all and should only be used when absolutely necessary. Certain software such as some versions of Java code signing software used unencrypted private keys.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="v2-alg"><b>-v2 alg</b></dt>
+<dd>
+
+<p>This option sets the PKCS#5 v2.0 algorithm.</p>
+
+<p>The <b>alg</b> argument is the encryption algorithm to use, valid values include <b>aes128</b>, <b>aes256</b> and <b>des3</b>. If this option isn&#39;t specified then <b>aes256</b> is used.</p>
+
+</dd>
+<dt id="v2prf-alg"><b>-v2prf alg</b></dt>
+<dd>
+
+<p>This option sets the PRF algorithm to use with PKCS#5 v2.0. A typical value value would be <b>hmacWithSHA256</b>. If this option isn&#39;t set then the default for the cipher is used or <b>hmacWithSHA256</b> if there is no default.</p>
+
+<p>Some implementations may not support custom PRF algorithms and may require the <b>hmacWithSHA1</b> option to work.</p>
+
+</dd>
+<dt id="v1-alg"><b>-v1 alg</b></dt>
+<dd>
+
+<p>This option indicates a PKCS#5 v1.5 or PKCS#12 algorithm should be used. Some older implementations may not support PKCS#5 v2.0 and may require this option. If not specified PKCS#5 v2.0 form is used.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkcs8</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="scrypt"><b>-scrypt</b></dt>
+<dd>
+
+<p>Uses the <b>scrypt</b> algorithm for private key encryption using default parameters: currently N=16384, r=8 and p=1 and AES in CBC mode with a 256 bit key. These parameters can be modified using the <b>-scrypt_N</b>, <b>-scrypt_r</b>, <b>-scrypt_p</b> and <b>-v2</b> options.</p>
+
+</dd>
+<dt id="scrypt_N-N--scrypt_r-r--scrypt_p-p"><b>-scrypt_N N</b> <b>-scrypt_r r</b> <b>-scrypt_p p</b></dt>
+<dd>
+
+<p>Sets the scrypt <b>N</b>, <b>r</b> or <b>p</b> parameters.</p>
+
+</dd>
+</dl>
+
+<h1 id="KEY-FORMATS">KEY FORMATS</h1>
+
+<p>Various different formats are used by the pkcs8 utility. These are detailed below.</p>
+
+<p>If a key is being converted from PKCS#8 form (i.e. the <b>-topk8</b> option is not used) then the input file must be in PKCS#8 format. An encrypted key is expected unless <b>-nocrypt</b> is included.</p>
+
+<p>If <b>-topk8</b> is not used and <b>PEM</b> mode is set the output file will be an unencrypted private key in PKCS#8 format. If the <b>-traditional</b> option is used then a traditional format private key is written instead.</p>
+
+<p>If <b>-topk8</b> is not used and <b>DER</b> mode is set the output file will be an unencrypted private key in traditional DER format.</p>
+
+<p>If <b>-topk8</b> is used then any supported private key can be used for the input file in a format specified by <b>-inform</b>. The output file will be encrypted PKCS#8 format using the specified encryption parameters unless <b>-nocrypt</b> is included.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>By default, when converting a key to PKCS#8 format, PKCS#5 v2.0 using 256 bit AES with HMAC and SHA256 is used.</p>
+
+<p>Some older implementations do not support PKCS#5 v2.0 format and require the older PKCS#5 v1.5 form instead, possibly also requiring insecure weak encryption algorithms such as 56 bit DES.</p>
+
+<p>The encrypted form of a PEM encode PKCS#8 files uses the following headers and footers:</p>
+
+<pre><code> -----BEGIN ENCRYPTED PRIVATE KEY-----
+ -----END ENCRYPTED PRIVATE KEY-----</code></pre>
+
+<p>The unencrypted form uses:</p>
+
+<pre><code> -----BEGIN PRIVATE KEY-----
+ -----END PRIVATE KEY-----</code></pre>
+
+<p>Private keys encrypted using PKCS#5 v2.0 algorithms and high iteration counts are more secure that those encrypted using the traditional SSLeay compatible formats. So if additional security is considered important the keys should be converted.</p>
+
+<p>It is possible to write out DER encoded encrypted private keys in PKCS#8 format because the encryption details are included at an ASN1 level whereas the traditional format includes them at a PEM level.</p>
+
+<h1 id="PKCS-5-v1.5-and-PKCS-12-algorithms">PKCS#5 v1.5 and PKCS#12 algorithms.</h1>
+
+<p>Various algorithms can be used with the <b>-v1</b> command line option, including PKCS#5 v1.5 and PKCS#12. These are described in more detail below.</p>
+
+<dl>
+
+<dt id="PBE-MD2-DES-PBE-MD5-DES"><b>PBE-MD2-DES PBE-MD5-DES</b></dt>
+<dd>
+
+<p>These algorithms were included in the original PKCS#5 v1.5 specification. They only offer 56 bits of protection since they both use DES.</p>
+
+</dd>
+<dt id="PBE-SHA1-RC2-64-PBE-MD2-RC2-64-PBE-MD5-RC2-64-PBE-SHA1-DES"><b>PBE-SHA1-RC2-64</b>, <b>PBE-MD2-RC2-64</b>, <b>PBE-MD5-RC2-64</b>, <b>PBE-SHA1-DES</b></dt>
+<dd>
+
+<p>These algorithms are not mentioned in the original PKCS#5 v1.5 specification but they use the same key derivation algorithm and are supported by some software. They are mentioned in PKCS#5 v2.0. They use either 64 bit RC2 or 56 bit DES.</p>
+
+</dd>
+<dt id="PBE-SHA1-RC4-128-PBE-SHA1-RC4-40-PBE-SHA1-3DES-PBE-SHA1-2DES-PBE-SHA1-RC2-128-PBE-SHA1-RC2-40"><b>PBE-SHA1-RC4-128</b>, <b>PBE-SHA1-RC4-40</b>, <b>PBE-SHA1-3DES</b>, <b>PBE-SHA1-2DES</b>, <b>PBE-SHA1-RC2-128</b>, <b>PBE-SHA1-RC2-40</b></dt>
+<dd>
+
+<p>These algorithms use the PKCS#12 password based encryption algorithm and allow strong encryption algorithms like triple DES or 128 bit RC2 to be used.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Convert a private key to PKCS#8 format using default parameters (AES with 256 bit key and <b>hmacWithSHA256</b>):</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#8 unencrypted format:</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -nocrypt -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#5 v2.0 format using triple DES:</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -v2 des3 -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#5 v2.0 format using AES with 256 bits in CBC mode and <b>hmacWithSHA512</b> PRF:</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA512 -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#8 using a PKCS#5 1.5 compatible algorithm (DES):</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -v1 PBE-MD5-DES -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#8 using a PKCS#12 compatible algorithm (3DES):</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -out enckey.pem -v1 PBE-SHA1-3DES</code></pre>
+
+<p>Read a DER unencrypted PKCS#8 format private key:</p>
+
+<pre><code> openssl pkcs8 -inform DER -nocrypt -in key.der -out key.pem</code></pre>
+
+<p>Convert a private key from any PKCS#8 encrypted format to traditional format:</p>
+
+<pre><code> openssl pkcs8 -in pk8.pem -traditional -out key.pem</code></pre>
+
+<p>Convert a private key to PKCS#8 format, encrypting with AES-256 and with one million iterations of the password:</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -iter 1000000 -out pk8.pem</code></pre>
+
+<h1 id="STANDARDS">STANDARDS</h1>
+
+<p>Test vectors from this PKCS#5 v2.0 implementation were posted to the pkcs-tng mailing list using triple DES, DES and RC2 with high iteration counts, several people confirmed that they could decrypt the private keys produced and Therefore it can be assumed that the PKCS#5 v2.0 implementation is reasonably accurate at least as far as these algorithms are concerned.</p>
+
+<p>The format of PKCS#8 DSA (and other) private keys is not well documented: it is hidden away in PKCS#11 v2.01, section 11.9. OpenSSL&#39;s default DSA PKCS#8 private key format complies with this standard.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option that prints out the encryption algorithm in use and other details such as the iteration count.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>-iter</b> option was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-pkey.html b/msys2/usr/share/doc/openssl/html/man1/openssl-pkey.html
new file mode 100644
index 000000000..50c30993b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-pkey.html
@@ -0,0 +1,185 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkey, pkey - public or private key processing tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkey</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-traditional</b>] [<b>-<i>cipher</i></b>] [<b>-text</b>] [<b>-text_pub</b>] [<b>-noout</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-engine id</b>] [<b>-check</b>] [<b>-pubcheck</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkey</b> command processes public or private keys. They can be converted between various forms and their components printed out.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format DER or PEM. The default format is PEM.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output if this option is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-password"><b>-passout password</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="traditional"><b>-traditional</b></dt>
+<dd>
+
+<p>Normally a private key is written using standard format: this is PKCS#8 form with the appropriate encryption algorithm (if any). If the <b>-traditional</b> option is specified then the older &quot;traditional&quot; format is used instead.</p>
+
+</dd>
+<dt id="cipher"><b>-<i>cipher</i></b></dt>
+<dd>
+
+<p>These options encrypt the private key with the supplied cipher. Any algorithm name accepted by EVP_get_cipherbyname() is acceptable such as <b>des3</b>.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the various public or private key components in plain text in addition to the encoded version.</p>
+
+</dd>
+<dt id="text_pub"><b>-text_pub</b></dt>
+<dd>
+
+<p>Print out only public key components even if a private key is being processed.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Do not output the encoded version of the key.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>By default a private key is read from the input file: with this option a public key is read instead.</p>
+
+</dd>
+<dt id="pubout"><b>-pubout</b></dt>
+<dd>
+
+<p>By default a private key is output: with this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkey</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>This option checks the consistency of a key pair for both public and private components.</p>
+
+</dd>
+<dt id="pubcheck"><b>-pubcheck</b></dt>
+<dd>
+
+<p>This option checks the correctness of either a public key or the public component of a key pair.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To remove the pass phrase on an RSA private key:</p>
+
+<pre><code> openssl pkey -in key.pem -out keyout.pem</code></pre>
+
+<p>To encrypt a private key using triple DES:</p>
+
+<pre><code> openssl pkey -in key.pem -des3 -out keyout.pem</code></pre>
+
+<p>To convert a private key from PEM to DER format:</p>
+
+<pre><code> openssl pkey -in key.pem -outform DER -out keyout.der</code></pre>
+
+<p>To print out the components of a private key to standard output:</p>
+
+<pre><code> openssl pkey -in key.pem -text -noout</code></pre>
+
+<p>To print out the public components of a private key to standard output:</p>
+
+<pre><code> openssl pkey -in key.pem -text_pub -noout</code></pre>
+
+<p>To just output the public part of a private key:</p>
+
+<pre><code> openssl pkey -in key.pem -pubout -out pubkey.pem</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/genpkey.html">genpkey(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/pkcs8.html">pkcs8(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-pkeyparam.html b/msys2/usr/share/doc/openssl/html/man1/openssl-pkeyparam.html
new file mode 100644
index 000000000..fe5659ebc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-pkeyparam.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkeyparam</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkeyparam, pkeyparam - public key algorithm parameter processing tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkeyparam</b> [<b>-help</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-engine id</b>] [<b>-check</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkeyparam</b> command processes public key algorithm parameters. They can be checked for correctness and their components printed out.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read parameters from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write parameters to or standard output if this option is not specified.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the parameters in plain text in addition to the encoded version.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Do not output the encoded version of the parameters.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkeyparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>This option checks the correctness of parameters.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Print out text version of parameters:</p>
+
+<pre><code> openssl pkeyparam -in param.pem -text</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>There are no <b>-inform</b> or <b>-outform</b> options for this command because only PEM format is supported because the key type is determined by the PEM headers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/genpkey.html">genpkey(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/pkcs8.html">pkcs8(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-pkeyutl.html b/msys2/usr/share/doc/openssl/html/man1/openssl-pkeyutl.html
new file mode 100644
index 000000000..0ba70762e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-pkeyutl.html
@@ -0,0 +1,331 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkeyutl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RSA-ALGORITHM">RSA ALGORITHM</a></li>
+  <li><a href="#RSA-PSS-ALGORITHM">RSA-PSS ALGORITHM</a></li>
+  <li><a href="#DSA-ALGORITHM">DSA ALGORITHM</a></li>
+  <li><a href="#DH-ALGORITHM">DH ALGORITHM</a></li>
+  <li><a href="#EC-ALGORITHM">EC ALGORITHM</a></li>
+  <li><a href="#X25519-and-X448-ALGORITHMS">X25519 and X448 ALGORITHMS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkeyutl, pkeyutl - public key algorithm utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkeyutl</b> [<b>-help</b>] [<b>-in file</b>] [<b>-out file</b>] [<b>-sigfile file</b>] [<b>-inkey file</b>] [<b>-keyform PEM|DER|ENGINE</b>] [<b>-passin arg</b>] [<b>-peerkey file</b>] [<b>-peerform PEM|DER|ENGINE</b>] [<b>-pubin</b>] [<b>-certin</b>] [<b>-rev</b>] [<b>-sign</b>] [<b>-verify</b>] [<b>-verifyrecover</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-derive</b>] [<b>-kdf algorithm</b>] [<b>-kdflen length</b>] [<b>-pkeyopt opt:value</b>] [<b>-hexdump</b>] [<b>-asn1parse</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>-engine_impl</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkeyutl</b> command can be used to perform low level public key operations using any supported algorithm.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read data from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="sigfile-file"><b>-sigfile file</b></dt>
+<dd>
+
+<p>Signature file, required for <b>verify</b> operations only</p>
+
+</dd>
+<dt id="inkey-file"><b>-inkey file</b></dt>
+<dd>
+
+<p>The input key file, by default it should be a private key.</p>
+
+</dd>
+<dt id="keyform-PEM-DER-ENGINE"><b>-keyform PEM|DER|ENGINE</b></dt>
+<dd>
+
+<p>The key format PEM, DER or ENGINE. Default is PEM.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="peerkey-file"><b>-peerkey file</b></dt>
+<dd>
+
+<p>The peer key file, used by key derivation (agreement) operations.</p>
+
+</dd>
+<dt id="peerform-PEM-DER-ENGINE"><b>-peerform PEM|DER|ENGINE</b></dt>
+<dd>
+
+<p>The peer key format PEM, DER or ENGINE. Default is PEM.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>The input file is a public key.</p>
+
+</dd>
+<dt id="certin"><b>-certin</b></dt>
+<dd>
+
+<p>The input is a certificate containing a public key.</p>
+
+</dd>
+<dt id="rev"><b>-rev</b></dt>
+<dd>
+
+<p>Reverse the order of the input buffer. This is useful for some libraries (such as CryptoAPI) which represent the buffer in little endian format.</p>
+
+</dd>
+<dt id="sign"><b>-sign</b></dt>
+<dd>
+
+<p>Sign the input data (which must be a hash) and output the signed result. This requires a private key.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verify the input data (which must be a hash) against the signature file and indicate if the verification succeeded or failed.</p>
+
+</dd>
+<dt id="verifyrecover"><b>-verifyrecover</b></dt>
+<dd>
+
+<p>Verify the input data (which must be a hash) and output the recovered data.</p>
+
+</dd>
+<dt id="encrypt"><b>-encrypt</b></dt>
+<dd>
+
+<p>Encrypt the input data using a public key.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Decrypt the input data using a private key.</p>
+
+</dd>
+<dt id="derive"><b>-derive</b></dt>
+<dd>
+
+<p>Derive a shared secret using the peer key.</p>
+
+</dd>
+<dt id="kdf-algorithm"><b>-kdf algorithm</b></dt>
+<dd>
+
+<p>Use key derivation function <b>algorithm</b>. The supported algorithms are at present <b>TLS1-PRF</b> and <b>HKDF</b>. Note: additional parameters and the KDF output length will normally have to be set for this to work. See <a href="../man3/EVP_PKEY_CTX_set_hkdf_md.html">EVP_PKEY_CTX_set_hkdf_md(3)</a> and <a href="../man3/EVP_PKEY_CTX_set_tls1_prf_md.html">EVP_PKEY_CTX_set_tls1_prf_md(3)</a> for the supported string parameters of each algorithm.</p>
+
+</dd>
+<dt id="kdflen-length"><b>-kdflen length</b></dt>
+<dd>
+
+<p>Set the output length for KDF.</p>
+
+</dd>
+<dt id="pkeyopt-opt:value"><b>-pkeyopt opt:value</b></dt>
+<dd>
+
+<p>Public key options specified as opt:value. See NOTES below for more details.</p>
+
+</dd>
+<dt id="hexdump"><b>-hexdump</b></dt>
+<dd>
+
+<p>hex dump the output data.</p>
+
+</dd>
+<dt id="asn1parse"><b>-asn1parse</b></dt>
+<dd>
+
+<p>Parse the ASN.1 output data, this is useful when combined with the <b>-verifyrecover</b> option when an ASN1 structure is signed.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkeyutl</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="engine_impl"><b>-engine_impl</b></dt>
+<dd>
+
+<p>When used with the <b>-engine</b> option, it specifies to also use engine <b>id</b> for crypto operations.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The operations and options supported vary according to the key algorithm and its implementation. The OpenSSL operations and options are indicated below.</p>
+
+<p>Unless otherwise mentioned all algorithms support the <b>digest:alg</b> option which specifies the digest in use for sign, verify and verifyrecover operations. The value <b>alg</b> should represent a digest name as used in the EVP_get_digestbyname() function for example <b>sha1</b>. This value is not used to hash the input data. It is used (by some algorithms) for sanity-checking the lengths of data passed in to the <b>pkeyutl</b> and for creating the structures that make up the signature (e.g. <b>DigestInfo</b> in RSASSA PKCS#1 v1.5 signatures).</p>
+
+<p>This utility does not hash the input data but rather it will use the data directly as input to the signature algorithm. Depending on the key type, signature type, and mode of padding, the maximum acceptable lengths of input data differ. The signed data can&#39;t be longer than the key modulus with RSA. In case of ECDSA and DSA the data shouldn&#39;t be longer than the field size, otherwise it will be silently truncated to the field size. In any event the input size must not be larger than the largest supported digest size.</p>
+
+<p>In other words, if the value of digest is <b>sha1</b> the input should be the 20 bytes long binary encoding of the SHA-1 hash function output.</p>
+
+<p>The Ed25519 and Ed448 signature algorithms are not supported by this utility. They accept non-hashed input, but this utility can only be used to sign hashed input.</p>
+
+<h1 id="RSA-ALGORITHM">RSA ALGORITHM</h1>
+
+<p>The RSA algorithm generally supports the encrypt, decrypt, sign, verify and verifyrecover operations. However, some padding modes support only a subset of these operations. The following additional <b>pkeyopt</b> values are supported:</p>
+
+<dl>
+
+<dt id="rsa_padding_mode:mode"><b>rsa_padding_mode:mode</b></dt>
+<dd>
+
+<p>This sets the RSA padding mode. Acceptable values for <b>mode</b> are <b>pkcs1</b> for PKCS#1 padding, <b>sslv23</b> for SSLv23 padding, <b>none</b> for no padding, <b>oaep</b> for <b>OAEP</b> mode, <b>x931</b> for X9.31 mode and <b>pss</b> for PSS.</p>
+
+<p>In PKCS#1 padding if the message digest is not set then the supplied data is signed or verified directly instead of using a <b>DigestInfo</b> structure. If a digest is set then the a <b>DigestInfo</b> structure is used and its the length must correspond to the digest type.</p>
+
+<p>For <b>oaep</b> mode only encryption and decryption is supported.</p>
+
+<p>For <b>x931</b> if the digest type is set it is used to format the block data otherwise the first byte is used to specify the X9.31 digest ID. Sign, verify and verifyrecover are can be performed in this mode.</p>
+
+<p>For <b>pss</b> mode only sign and verify are supported and the digest type must be specified.</p>
+
+</dd>
+<dt id="rsa_pss_saltlen:len"><b>rsa_pss_saltlen:len</b></dt>
+<dd>
+
+<p>For <b>pss</b> mode only this option specifies the salt length. Three special values are supported: &quot;digest&quot; sets the salt length to the digest length, &quot;max&quot; sets the salt length to the maximum permissible value. When verifying &quot;auto&quot; causes the salt length to be automatically determined based on the <b>PSS</b> block structure.</p>
+
+</dd>
+<dt id="rsa_mgf1_md:digest"><b>rsa_mgf1_md:digest</b></dt>
+<dd>
+
+<p>For PSS and OAEP padding sets the MGF1 digest. If the MGF1 digest is not explicitly set in PSS mode then the signing digest is used.</p>
+
+</dd>
+</dl>
+
+<h1 id="RSA-PSS-ALGORITHM">RSA-PSS ALGORITHM</h1>
+
+<p>The RSA-PSS algorithm is a restricted version of the RSA algorithm which only supports the sign and verify operations with PSS padding. The following additional <b>pkeyopt</b> values are supported:</p>
+
+<dl>
+
+<dt id="rsa_padding_mode:mode-rsa_pss_saltlen:len-rsa_mgf1_md:digest"><b>rsa_padding_mode:mode</b>, <b>rsa_pss_saltlen:len</b>, <b>rsa_mgf1_md:digest</b></dt>
+<dd>
+
+<p>These have the same meaning as the <b>RSA</b> algorithm with some additional restrictions. The padding mode can only be set to <b>pss</b> which is the default value.</p>
+
+<p>If the key has parameter restrictions than the digest, MGF1 digest and salt length are set to the values specified in the parameters. The digest and MG cannot be changed and the salt length cannot be set to a value less than the minimum restriction.</p>
+
+</dd>
+</dl>
+
+<h1 id="DSA-ALGORITHM">DSA ALGORITHM</h1>
+
+<p>The DSA algorithm supports signing and verification operations only. Currently there are no additional options other than <b>digest</b>. Only the SHA1 digest can be used and this digest is assumed by default.</p>
+
+<h1 id="DH-ALGORITHM">DH ALGORITHM</h1>
+
+<p>The DH algorithm only supports the derivation operation and no additional options.</p>
+
+<h1 id="EC-ALGORITHM">EC ALGORITHM</h1>
+
+<p>The EC algorithm supports sign, verify and derive operations. The sign and verify operations use ECDSA and derive uses ECDH. Currently there are no additional options other than <b>digest</b>. Only the SHA1 digest can be used and this digest is assumed by default.</p>
+
+<h1 id="X25519-and-X448-ALGORITHMS">X25519 and X448 ALGORITHMS</h1>
+
+<p>The X25519 and X448 algorithms support key derivation only. Currently there are no additional options.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Sign some data using a private key:</p>
+
+<pre><code> openssl pkeyutl -sign -in file -inkey key.pem -out sig</code></pre>
+
+<p>Recover the signed data (e.g. if an RSA key is used):</p>
+
+<pre><code> openssl pkeyutl -verifyrecover -in sig -inkey key.pem</code></pre>
+
+<p>Verify the signature (e.g. a DSA key):</p>
+
+<pre><code> openssl pkeyutl -verify -in file -sigfile sig -inkey key.pem</code></pre>
+
+<p>Sign data using a message digest value (this is currently only valid for RSA):</p>
+
+<pre><code> openssl pkeyutl -sign -in file -inkey key.pem -out sig -pkeyopt digest:sha256</code></pre>
+
+<p>Derive a shared secret value:</p>
+
+<pre><code> openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret</code></pre>
+
+<p>Hexdump 48 bytes of TLS1 PRF using digest <b>SHA256</b> and shared secret and seed consisting of the single byte 0xFF:</p>
+
+<pre><code> openssl pkeyutl -kdf TLS1-PRF -kdflen 48 -pkeyopt md:SHA256 \
+    -pkeyopt hexsecret:ff -pkeyopt hexseed:ff -hexdump</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/genpkey.html">genpkey(1)</a>, <a href="../man1/pkey.html">pkey(1)</a>, <a href="../man1/rsautl.html">rsautl(1)</a> <a href="../man1/dgst.html">dgst(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man3/EVP_PKEY_CTX_set_hkdf_md.html">EVP_PKEY_CTX_set_hkdf_md(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_tls1_prf_md.html">EVP_PKEY_CTX_set_tls1_prf_md(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-prime.html b/msys2/usr/share/doc/openssl/html/man1/openssl-prime.html
new file mode 100644
index 000000000..37e03e9b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-prime.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-prime, prime - compute prime numbers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl prime</b> [<b>-help</b>] [<b>-hex</b>] [<b>-generate</b>] [<b>-bits</b>] [<b>-safe</b>] [<b>-checks</b>] [<i>number...</i>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>prime</b> command checks if the specified numbers are prime.</p>
+
+<p>If no numbers are given on the command line, the <b>-generate</b> flag should be used to generate primes according to the requirements specified by the rest of the flags.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help">[<b>-help</b>]</dt>
+<dd>
+
+<p>Display an option summary.</p>
+
+</dd>
+<dt id="hex">[<b>-hex</b>]</dt>
+<dd>
+
+<p>Generate hex output.</p>
+
+</dd>
+<dt id="generate">[<b>-generate</b>]</dt>
+<dd>
+
+<p>Generate a prime number.</p>
+
+</dd>
+<dt id="bits-num">[<b>-bits num</b>]</dt>
+<dd>
+
+<p>Generate a prime with <b>num</b> bits.</p>
+
+</dd>
+<dt id="safe">[<b>-safe</b>]</dt>
+<dd>
+
+<p>When used with <b>-generate</b>, generates a &quot;safe&quot; prime. If the number generated is <b>n</b>, then check that <b>(n-1)/2</b> is also prime.</p>
+
+</dd>
+<dt id="checks-num">[<b>-checks num</b>]</dt>
+<dd>
+
+<p>Perform the checks <b>num</b> times to see that the generated number is prime. The default is 20.</p>
+
+</dd>
+</dl>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-rand.html b/msys2/usr/share/doc/openssl/html/man1/openssl-rand.html
new file mode 100644
index 000000000..6a57eadc7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-rand.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rand</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-rand, rand - generate pseudo-random bytes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl rand</b> [<b>-help</b>] [<b>-out</b> <i>file</i>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-base64</b>] [<b>-hex</b>] <i>num</i></p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>rand</b> command outputs <i>num</i> pseudo-random bytes after seeding the random number generator once. As in other <b>openssl</b> command line tools, PRNG seeding uses the file <i>$HOME/</i><b>.rnd</b> or <b>.rnd</b> in addition to the files given in the <b>-rand</b> option. A new <i>$HOME</i>/<b>.rnd</b> or <b>.rnd</b> file will be written back if enough seeding was obtained from these sources.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-file"><b>-out file</b></dt>
+<dd>
+
+<p>Write to <i>file</i> instead of standard output.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="base64"><b>-base64</b></dt>
+<dd>
+
+<p>Perform base64 encoding on the output.</p>
+
+</dd>
+<dt id="hex"><b>-hex</b></dt>
+<dd>
+
+<p>Show the output as a hex string.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-rehash.html b/msys2/usr/share/doc/openssl/html/man1/openssl-rehash.html
new file mode 100644
index 000000000..5b31c5996
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-rehash.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rehash</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Script-Configuration">Script Configuration</a></li>
+    </ul>
+  </li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-c_rehash, openssl-rehash, c_rehash, rehash - Create symbolic links to files named by the hash values</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>rehash</b> <b>[-h]</b> <b>[-help]</b> <b>[-old]</b> <b>[-n]</b> <b>[-v]</b> [ <i>directory</i>...]</p>
+
+<p><b>c_rehash</b> <i>flags...</i></p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>On some platforms, the OpenSSL <b>rehash</b> command is available as an external script called <b>c_rehash</b>. They are functionally equivalent, except for minor differences noted below.</p>
+
+<p><b>rehash</b> scans directories and calculates a hash value of each <code>.pem</code>, <code>.crt</code>, <code>.cer</code>, or <code>.crl</code> file in the specified directory list and creates symbolic links for each file, where the name of the link is the hash value. (If the platform does not support symbolic links, a copy is made.) This utility is useful as many programs that use OpenSSL require directories to be set up like this in order to find certificates.</p>
+
+<p>If any directories are named on the command line, then those are processed in turn. If not, then the <b>SSL_CERT_DIR</b> environment variable is consulted; this should be a colon-separated list of directories, like the Unix <b>PATH</b> variable. If that is not set then the default directory (installation-specific but often <b>/usr/local/ssl/certs</b>) is processed.</p>
+
+<p>In order for a directory to be processed, the user must have write permissions on that directory, otherwise an error will be generated.</p>
+
+<p>The links created are of the form <code>HHHHHHHH.D</code>, where each <b>H</b> is a hexadecimal character and <b>D</b> is a single decimal digit. When processing a directory, <b>rehash</b> will first remove all links that have a name in that syntax, even if they are being used for some other purpose. To skip the removal step, use the <b>-n</b> flag. Hashes for CRL&#39;s look similar except the letter <b>r</b> appears after the period, like this: <code>HHHHHHHH.rD</code>.</p>
+
+<p>Multiple objects may have the same hash; they will be indicated by incrementing the <b>D</b> value. Duplicates are found by comparing the full SHA-1 fingerprint. A warning will be displayed if a duplicate is found.</p>
+
+<p>A warning will also be displayed if there are files that cannot be parsed as either a certificate or a CRL or if more than one such object appears in the file.</p>
+
+<h2 id="Script-Configuration">Script Configuration</h2>
+
+<p>The <b>c_rehash</b> script uses the <b>openssl</b> program to compute the hashes and fingerprints. If not found in the user&#39;s <b>PATH</b>, then set the <b>OPENSSL</b> environment variable to the full pathname. Any program can be used, it will be invoked as follows for either a certificate or CRL:</p>
+
+<pre><code>  $OPENSSL x509 -hash -fingerprint -noout -in FILENAME
+  $OPENSSL crl -hash -fingerprint -noout -in FILENAME</code></pre>
+
+<p>where <b>FILENAME</b> is the filename. It must output the hash of the file on the first line, and the fingerprint on the second, optionally prefixed with some text and an equals sign.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help--h"><b>-help</b> <b>-h</b></dt>
+<dd>
+
+<p>Display a brief usage message.</p>
+
+</dd>
+<dt id="old"><b>-old</b></dt>
+<dd>
+
+<p>Use old-style hashing (MD5, as opposed to SHA-1) for generating links to be used for releases before 1.0.0. Note that current versions will not use the old style.</p>
+
+</dd>
+<dt id="n"><b>-n</b></dt>
+<dd>
+
+<p>Do not remove existing links. This is needed when keeping new and old-style links in the same directory.</p>
+
+</dd>
+<dt id="compat"><b>-compat</b></dt>
+<dd>
+
+<p>Generate links for both old-style (MD5) and new-style (SHA1) hashing. This allows releases before 1.0.0 to use these links along-side newer releases.</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>Print messages about old links removed and new links created. By default, <b>rehash</b> only lists each directory as it is processed.</p>
+
+</dd>
+</dl>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL"><b>OPENSSL</b></dt>
+<dd>
+
+<p>The path to an executable to use to generate hashes and fingerprints (see above).</p>
+
+</dd>
+<dt id="SSL_CERT_DIR"><b>SSL_CERT_DIR</b></dt>
+<dd>
+
+<p>Colon separated list of directories to operate on. Ignored if directories are listed on the command line.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man1/crl.html">crl(1)</a>. <a href="../man1/x509.html">x509(1)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-req.html b/msys2/usr/share/doc/openssl/html/man1/openssl-req.html
new file mode 100644
index 000000000..aaa3f33e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-req.html
@@ -0,0 +1,606 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>req</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CONFIGURATION-FILE-FORMAT">CONFIGURATION FILE FORMAT</a></li>
+  <li><a href="#DISTINGUISHED-NAME-AND-ATTRIBUTE-SECTION-FORMAT">DISTINGUISHED NAME AND ATTRIBUTE SECTION FORMAT</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#DIAGNOSTICS">DIAGNOSTICS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-req, req - PKCS#10 certificate request and certificate generating utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>req</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-text</b>] [<b>-pubkey</b>] [<b>-noout</b>] [<b>-verify</b>] [<b>-modulus</b>] [<b>-new</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-newkey rsa:bits</b>] [<b>-newkey alg:file</b>] [<b>-nodes</b>] [<b>-key filename</b>] [<b>-keyform PEM|DER</b>] [<b>-keyout filename</b>] [<b>-keygen_engine id</b>] [<b>-<i>digest</i></b>] [<b>-config filename</b>] [<b>-multivalue-rdn</b>] [<b>-x509</b>] [<b>-days n</b>] [<b>-set_serial n</b>] [<b>-newhdr</b>] [<b>-addext ext</b>] [<b>-extensions section</b>] [<b>-reqexts section</b>] [<b>-precert</b>] [<b>-utf8</b>] [<b>-nameopt</b>] [<b>-reqopt</b>] [<b>-subject</b>] [<b>-subj arg</b>] [<b>-batch</b>] [<b>-verbose</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>req</b> command primarily creates and processes certificate requests in PKCS#10 format. It can additionally create self signed certificates for use as root CAs for example.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with the PKCS#10. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a request from or standard input if this option is not specified. A request is only read if the creation options (<b>-new</b> and <b>-newkey</b>) are not specified.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the certificate request in text form.</p>
+
+</dd>
+<dt id="subject"><b>-subject</b></dt>
+<dd>
+
+<p>Prints out the request subject (or certificate subject if <b>-x509</b> is specified)</p>
+
+</dd>
+<dt id="pubkey"><b>-pubkey</b></dt>
+<dd>
+
+<p>Outputs the public key.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the request.</p>
+
+</dd>
+<dt id="modulus"><b>-modulus</b></dt>
+<dd>
+
+<p>This option prints out the value of the modulus of the public key contained in the request.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verifies the signature on the request.</p>
+
+</dd>
+<dt id="new"><b>-new</b></dt>
+<dd>
+
+<p>This option generates a new certificate request. It will prompt the user for the relevant field values. The actual fields prompted for and their maximum and minimum sizes are specified in the configuration file and any requested extensions.</p>
+
+<p>If the <b>-key</b> option is not used it will generate a new RSA private key using information specified in the configuration file.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="newkey-arg"><b>-newkey arg</b></dt>
+<dd>
+
+<p>This option creates a new certificate request and a new private key. The argument takes one of several forms. <b>rsa:nbits</b>, where <b>nbits</b> is the number of bits, generates an RSA key <b>nbits</b> in size. If <b>nbits</b> is omitted, i.e. <b>-newkey rsa</b> specified, the default key size, specified in the configuration file is used.</p>
+
+<p>All other algorithms support the <b>-newkey alg:file</b> form, where file may be an algorithm parameter file, created by the <b>genpkey -genparam</b> command or and X.509 certificate for a key with appropriate algorithm.</p>
+
+<p><b>param:file</b> generates a key using the parameter file or certificate <b>file</b>, the algorithm is determined by the parameters. <b>algname:file</b> use algorithm <b>algname</b> and parameter file <b>file</b>: the two algorithms must match or an error occurs. <b>algname</b> just uses algorithm <b>algname</b>, and parameters, if necessary should be specified via <b>-pkeyopt</b> parameter.</p>
+
+<p><b>dsa:filename</b> generates a DSA key using the parameters in the file <b>filename</b>. <b>ec:filename</b> generates EC key (usable both with ECDSA or ECDH algorithms), <b>gost2001:filename</b> generates GOST R 34.10-2001 key (requires <b>ccgost</b> engine configured in the configuration file). If just <b>gost2001</b> is specified a parameter set should be specified by <b>-pkeyopt paramset:X</b></p>
+
+</dd>
+<dt id="pkeyopt-opt:value"><b>-pkeyopt opt:value</b></dt>
+<dd>
+
+<p>Set the public key algorithm option <b>opt</b> to <b>value</b>. The precise set of options supported depends on the public key algorithm used and its implementation. See <b>KEY GENERATION OPTIONS</b> in the <b>genpkey</b> manual page for more details.</p>
+
+</dd>
+<dt id="key-filename"><b>-key filename</b></dt>
+<dd>
+
+<p>This specifies the file to read the private key from. It also accepts PKCS#8 format private keys for PEM format files.</p>
+
+</dd>
+<dt id="keyform-PEM-DER"><b>-keyform PEM|DER</b></dt>
+<dd>
+
+<p>The format of the private key file specified in the <b>-key</b> argument. PEM is the default.</p>
+
+</dd>
+<dt id="keyout-filename"><b>-keyout filename</b></dt>
+<dd>
+
+<p>This gives the filename to write the newly created private key to. If this option is not specified then the filename present in the configuration file is used.</p>
+
+</dd>
+<dt id="nodes"><b>-nodes</b></dt>
+<dd>
+
+<p>If this option is specified then if a private key is created it will not be encrypted.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>This specifies the message digest to sign the request. Any digest supported by the OpenSSL <b>dgst</b> command can be used. This overrides the digest algorithm specified in the configuration file.</p>
+
+<p>Some public key algorithms may override this choice. For instance, DSA signatures always use SHA1, GOST R 34.10 signatures always use GOST R 34.11-94 (<b>-md_gost94</b>), Ed25519 and Ed448 never use any digest.</p>
+
+</dd>
+<dt id="config-filename"><b>-config filename</b></dt>
+<dd>
+
+<p>This allows an alternative configuration file to be specified. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>.</p>
+
+</dd>
+<dt id="subj-arg"><b>-subj arg</b></dt>
+<dd>
+
+<p>Sets subject name for new request or supersedes the subject name when processing a request. The arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>. Keyword characters may be escaped by \ (backslash), and whitespace is retained. Empty values are permitted, but the corresponding type will not be included in the request.</p>
+
+</dd>
+<dt id="multivalue-rdn"><b>-multivalue-rdn</b></dt>
+<dd>
+
+<p>This option causes the -subj argument to be interpreted with full support for multivalued RDNs. Example:</p>
+
+<p><i>/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe</i></p>
+
+<p>If -multi-rdn is not used then the UID value is <i>123456+CN=John Doe</i>.</p>
+
+</dd>
+<dt id="x509"><b>-x509</b></dt>
+<dd>
+
+<p>This option outputs a self signed certificate instead of a certificate request. This is typically used to generate a test certificate or a self signed root CA. The extensions added to the certificate (if any) are specified in the configuration file. Unless specified using the <b>set_serial</b> option, a large random number will be used for the serial number.</p>
+
+<p>If existing request is specified with the <b>-in</b> option, it is converted to the self signed certificate otherwise new request is created.</p>
+
+</dd>
+<dt id="days-n"><b>-days n</b></dt>
+<dd>
+
+<p>When the <b>-x509</b> option is being used this specifies the number of days to certify the certificate for, otherwise it is ignored. <b>n</b> should be a positive integer. The default is 30 days.</p>
+
+</dd>
+<dt id="set_serial-n"><b>-set_serial n</b></dt>
+<dd>
+
+<p>Serial number to use when outputting a self signed certificate. This may be specified as a decimal value or a hex value if preceded by <b>0x</b>.</p>
+
+</dd>
+<dt id="addext-ext"><b>-addext ext</b></dt>
+<dd>
+
+<p>Add a specific extension to the certificate (if the <b>-x509</b> option is present) or certificate request. The argument must have the form of a key=value pair as it would appear in a config file.</p>
+
+<p>This option can be given multiple times.</p>
+
+</dd>
+<dt id="extensions-section"><b>-extensions section</b></dt>
+<dd>
+
+</dd>
+<dt id="reqexts-section"><b>-reqexts section</b></dt>
+<dd>
+
+<p>These options specify alternative sections to include certificate extensions (if the <b>-x509</b> option is present) or certificate request extensions. This allows several different sections to be used in the same configuration file to specify requests for a variety of purposes.</p>
+
+</dd>
+<dt id="precert"><b>-precert</b></dt>
+<dd>
+
+<p>A poison extension will be added to the certificate, making it a &quot;pre-certificate&quot; (see RFC6962). This can be submitted to Certificate Transparency logs in order to obtain signed certificate timestamps (SCTs). These SCTs can then be embedded into the pre-certificate as an extension, before removing the poison and signing the certificate.</p>
+
+<p>This implies the <b>-new</b> flag.</p>
+
+</dd>
+<dt id="utf8"><b>-utf8</b></dt>
+<dd>
+
+<p>This option causes field values to be interpreted as UTF8 strings, by default they are interpreted as ASCII. This means that the field values, whether prompted from a terminal or obtained from a configuration file, must be valid UTF8 strings.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="reqopt"><b>-reqopt</b></dt>
+<dd>
+
+<p>Customise the output format used with <b>-text</b>. The <b>option</b> argument can be a single option or multiple options separated by commas.</p>
+
+<p>See discussion of the <b>-certopt</b> parameter in the <a href="../man1/x509.html">x509(1)</a> command.</p>
+
+</dd>
+<dt id="newhdr"><b>-newhdr</b></dt>
+<dd>
+
+<p>Adds the word <b>NEW</b> to the PEM file header and footer lines on the outputted request. Some software (Netscape certificate server) and some CAs need this.</p>
+
+</dd>
+<dt id="batch"><b>-batch</b></dt>
+<dd>
+
+<p>Non-interactive mode.</p>
+
+</dd>
+<dt id="verbose"><b>-verbose</b></dt>
+<dd>
+
+<p>Print extra details about the operations being performed.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>req</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="keygen_engine-id"><b>-keygen_engine id</b></dt>
+<dd>
+
+<p>Specifies an engine (by its unique <b>id</b> string) which would be used for key generation operations.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONFIGURATION-FILE-FORMAT">CONFIGURATION FILE FORMAT</h1>
+
+<p>The configuration options are specified in the <b>req</b> section of the configuration file. As with all configuration files if no value is specified in the specific section (i.e. <b>req</b>) then the initial unnamed or <b>default</b> section is searched too.</p>
+
+<p>The options available are described in detail below.</p>
+
+<dl>
+
+<dt id="input_password-output_password"><b>input_password output_password</b></dt>
+<dd>
+
+<p>The passwords for the input private key file (if present) and the output private key file (if one will be created). The command line options <b>passin</b> and <b>passout</b> override the configuration file values.</p>
+
+</dd>
+<dt id="default_bits"><b>default_bits</b></dt>
+<dd>
+
+<p>Specifies the default key size in bits.</p>
+
+<p>This option is used in conjunction with the <b>-new</b> option to generate a new key. It can be overridden by specifying an explicit key size in the <b>-newkey</b> option. The smallest accepted key size is 512 bits. If no key size is specified then 2048 bits is used.</p>
+
+</dd>
+<dt id="default_keyfile"><b>default_keyfile</b></dt>
+<dd>
+
+<p>This is the default filename to write a private key to. If not specified the key is written to standard output. This can be overridden by the <b>-keyout</b> option.</p>
+
+</dd>
+<dt id="oid_file"><b>oid_file</b></dt>
+<dd>
+
+<p>This specifies a file containing additional <b>OBJECT IDENTIFIERS</b>. Each line of the file should consist of the numerical form of the object identifier followed by white space then the short name followed by white space and finally the long name.</p>
+
+</dd>
+<dt id="oid_section"><b>oid_section</b></dt>
+<dd>
+
+<p>This specifies a section in the configuration file containing extra object identifiers. Each line should consist of the short name of the object identifier followed by <b>=</b> and the numerical form. The short and long names are the same when this option is used.</p>
+
+</dd>
+<dt id="RANDFILE"><b>RANDFILE</b></dt>
+<dd>
+
+<p>At startup the specified file is loaded into the random number generator, and at exit 256 bytes will be written to it. It is used for private key generation.</p>
+
+</dd>
+<dt id="encrypt_key"><b>encrypt_key</b></dt>
+<dd>
+
+<p>If this is set to <b>no</b> then if a private key is generated it is <b>not</b> encrypted. This is equivalent to the <b>-nodes</b> command line option. For compatibility <b>encrypt_rsa_key</b> is an equivalent option.</p>
+
+</dd>
+<dt id="default_md"><b>default_md</b></dt>
+<dd>
+
+<p>This option specifies the digest algorithm to use. Any digest supported by the OpenSSL <b>dgst</b> command can be used. This option can be overridden on the command line. Certain signing algorithms (i.e. Ed25519 and Ed448) will ignore any digest that has been set.</p>
+
+</dd>
+<dt id="string_mask"><b>string_mask</b></dt>
+<dd>
+
+<p>This option masks out the use of certain string types in certain fields. Most users will not need to change this option.</p>
+
+<p>It can be set to several values <b>default</b> which is also the default option uses PrintableStrings, T61Strings and BMPStrings if the <b>pkix</b> value is used then only PrintableStrings and BMPStrings will be used. This follows the PKIX recommendation in RFC2459. If the <b>utf8only</b> option is used then only UTF8Strings will be used: this is the PKIX recommendation in RFC2459 after 2003. Finally the <b>nombstr</b> option just uses PrintableStrings and T61Strings: certain software has problems with BMPStrings and UTF8Strings: in particular Netscape.</p>
+
+</dd>
+<dt id="req_extensions"><b>req_extensions</b></dt>
+<dd>
+
+<p>This specifies the configuration file section containing a list of extensions to add to the certificate request. It can be overridden by the <b>-reqexts</b> command line switch. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
+
+</dd>
+<dt id="x509_extensions"><b>x509_extensions</b></dt>
+<dd>
+
+<p>This specifies the configuration file section containing a list of extensions to add to certificate generated when the <b>-x509</b> switch is used. It can be overridden by the <b>-extensions</b> command line switch.</p>
+
+</dd>
+<dt id="prompt"><b>prompt</b></dt>
+<dd>
+
+<p>If set to the value <b>no</b> this disables prompting of certificate fields and just takes values from the config file directly. It also changes the expected format of the <b>distinguished_name</b> and <b>attributes</b> sections.</p>
+
+</dd>
+<dt id="utf81"><b>utf8</b></dt>
+<dd>
+
+<p>If set to the value <b>yes</b> then field values to be interpreted as UTF8 strings, by default they are interpreted as ASCII. This means that the field values, whether prompted from a terminal or obtained from a configuration file, must be valid UTF8 strings.</p>
+
+</dd>
+<dt id="attributes"><b>attributes</b></dt>
+<dd>
+
+<p>This specifies the section containing any request attributes: its format is the same as <b>distinguished_name</b>. Typically these may contain the challengePassword or unstructuredName types. They are currently ignored by OpenSSL&#39;s request signing utilities but some CAs might want them.</p>
+
+</dd>
+<dt id="distinguished_name"><b>distinguished_name</b></dt>
+<dd>
+
+<p>This specifies the section containing the distinguished name fields to prompt for when generating a certificate or certificate request. The format is described in the next section.</p>
+
+</dd>
+</dl>
+
+<h1 id="DISTINGUISHED-NAME-AND-ATTRIBUTE-SECTION-FORMAT">DISTINGUISHED NAME AND ATTRIBUTE SECTION FORMAT</h1>
+
+<p>There are two separate formats for the distinguished name and attribute sections. If the <b>prompt</b> option is set to <b>no</b> then these sections just consist of field names and values: for example,</p>
+
+<pre><code> CN=My Name
+ OU=My Organization
+ emailAddress=someone@somewhere.org</code></pre>
+
+<p>This allows external programs (e.g. GUI based) to generate a template file with all the field names and values and just pass it to <b>req</b>. An example of this kind of configuration file is contained in the <b>EXAMPLES</b> section.</p>
+
+<p>Alternatively if the <b>prompt</b> option is absent or not set to <b>no</b> then the file contains field prompting information. It consists of lines of the form:</p>
+
+<pre><code> fieldName=&quot;prompt&quot;
+ fieldName_default=&quot;default field value&quot;
+ fieldName_min= 2
+ fieldName_max= 4</code></pre>
+
+<p>&quot;fieldName&quot; is the field name being used, for example commonName (or CN). The &quot;prompt&quot; string is used to ask the user to enter the relevant details. If the user enters nothing then the default value is used if no default value is present then the field is omitted. A field can still be omitted if a default value is present if the user just enters the &#39;.&#39; character.</p>
+
+<p>The number of characters entered must be between the fieldName_min and fieldName_max limits: there may be additional restrictions based on the field being used (for example countryName can only ever be two characters long and must fit in a PrintableString).</p>
+
+<p>Some fields (such as organizationName) can be used more than once in a DN. This presents a problem because configuration files will not recognize the same name occurring twice. To avoid this problem if the fieldName contains some characters followed by a full stop they will be ignored. So for example a second organizationName can be input by calling it &quot;1.organizationName&quot;.</p>
+
+<p>The actual permitted field names are any object identifier short or long names. These are compiled into OpenSSL and include the usual values such as commonName, countryName, localityName, organizationName, organizationalUnitName, stateOrProvinceName. Additionally emailAddress is included as well as name, surname, givenName, initials, and dnQualifier.</p>
+
+<p>Additional object identifiers can be defined with the <b>oid_file</b> or <b>oid_section</b> options in the configuration file. Any additional fields will be treated as though they were a DirectoryString.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Examine and verify certificate request:</p>
+
+<pre><code> openssl req -in req.pem -text -verify -noout</code></pre>
+
+<p>Create a private key and then generate a certificate request from it:</p>
+
+<pre><code> openssl genrsa -out key.pem 2048
+ openssl req -new -key key.pem -out req.pem</code></pre>
+
+<p>The same but just using req:</p>
+
+<pre><code> openssl req -newkey rsa:2048 -keyout key.pem -out req.pem</code></pre>
+
+<p>Generate a self signed root certificate:</p>
+
+<pre><code> openssl req -x509 -newkey rsa:2048 -keyout key.pem -out req.pem</code></pre>
+
+<p>Example of a file pointed to by the <b>oid_file</b> option:</p>
+
+<pre><code> 1.2.3.4        shortName       A longer Name
+ 1.2.3.6        otherName       Other longer Name</code></pre>
+
+<p>Example of a section pointed to by <b>oid_section</b> making use of variable expansion:</p>
+
+<pre><code> testoid1=1.2.3.5
+ testoid2=${testoid1}.6</code></pre>
+
+<p>Sample configuration file prompting for field values:</p>
+
+<pre><code> [ req ]
+ default_bits           = 2048
+ default_keyfile        = privkey.pem
+ distinguished_name     = req_distinguished_name
+ attributes             = req_attributes
+ req_extensions         = v3_ca
+
+ dirstring_type = nobmp
+
+ [ req_distinguished_name ]
+ countryName                    = Country Name (2 letter code)
+ countryName_default            = AU
+ countryName_min                = 2
+ countryName_max                = 2
+
+ localityName                   = Locality Name (eg, city)
+
+ organizationalUnitName         = Organizational Unit Name (eg, section)
+
+ commonName                     = Common Name (eg, YOUR name)
+ commonName_max                 = 64
+
+ emailAddress                   = Email Address
+ emailAddress_max               = 40
+
+ [ req_attributes ]
+ challengePassword              = A challenge password
+ challengePassword_min          = 4
+ challengePassword_max          = 20
+
+ [ v3_ca ]
+
+ subjectKeyIdentifier=hash
+ authorityKeyIdentifier=keyid:always,issuer:always
+ basicConstraints = critical, CA:true</code></pre>
+
+<p>Sample configuration containing all field values:</p>
+
+<pre><code> RANDFILE               = $ENV::HOME/.rnd
+
+ [ req ]
+ default_bits           = 2048
+ default_keyfile        = keyfile.pem
+ distinguished_name     = req_distinguished_name
+ attributes             = req_attributes
+ prompt                 = no
+ output_password        = mypass
+
+ [ req_distinguished_name ]
+ C                      = GB
+ ST                     = Test State or Province
+ L                      = Test Locality
+ O                      = Organization Name
+ OU                     = Organizational Unit Name
+ CN                     = Common Name
+ emailAddress           = test@email.address
+
+ [ req_attributes ]
+ challengePassword              = A challenge password</code></pre>
+
+<p>Example of giving the most common attributes (subject and extensions) on the command line:</p>
+
+<pre><code> openssl req -new -subj &quot;/C=GB/CN=foo&quot; \
+                  -addext &quot;subjectAltName = DNS:foo.co.uk&quot; \
+                  -addext &quot;certificatePolicies = 1.2.3.4&quot; \
+                  -newkey rsa:2048 -keyout key.pem -out req.pem</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The header and footer lines in the <b>PEM</b> format are normally:</p>
+
+<pre><code> -----BEGIN CERTIFICATE REQUEST-----
+ -----END CERTIFICATE REQUEST-----</code></pre>
+
+<p>some software (some versions of Netscape certificate server) instead needs:</p>
+
+<pre><code> -----BEGIN NEW CERTIFICATE REQUEST-----
+ -----END NEW CERTIFICATE REQUEST-----</code></pre>
+
+<p>which is produced with the <b>-newhdr</b> option but is otherwise compatible. Either form is accepted transparently on input.</p>
+
+<p>The certificate requests generated by <b>Xenroll</b> with MSIE have extensions added. It includes the <b>keyUsage</b> extension which determines the type of key (signature only or general purpose) and any additional OIDs entered by the script in an extendedKeyUsage extension.</p>
+
+<h1 id="DIAGNOSTICS">DIAGNOSTICS</h1>
+
+<p>The following messages are frequently asked about:</p>
+
+<pre><code>        Using configuration from /some/path/openssl.cnf
+        Unable to load config info</code></pre>
+
+<p>This is followed some time later by...</p>
+
+<pre><code>        unable to find &#39;distinguished_name&#39; in config
+        problems making Certificate Request</code></pre>
+
+<p>The first error message is the clue: it can&#39;t find the configuration file! Certain operations (like examining a certificate request) don&#39;t need a configuration file so its use isn&#39;t enforced. Generation of certificates or requests however does need a configuration file. This could be regarded as a bug.</p>
+
+<p>Another puzzling message is this:</p>
+
+<pre><code>        Attributes:
+            a0:00</code></pre>
+
+<p>this is displayed when no attributes are present and the request includes the correct empty <b>SET OF</b> structure (the DER encoding of which is 0xa0 0x00). If you just see:</p>
+
+<pre><code>        Attributes:</code></pre>
+
+<p>then the <b>SET OF</b> is missing and the encoding is technically invalid (but it is tolerated). See the description of the command line option <b>-asn1-kludge</b> for more information.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OpenSSL&#39;s handling of T61Strings (aka TeletexStrings) is broken: it effectively treats them as ISO-8859-1 (Latin 1), Netscape and MSIE have similar behaviour. This can cause problems if you need characters that aren&#39;t available in PrintableStrings and you don&#39;t want to or can&#39;t use BMPStrings.</p>
+
+<p>As a consequence of the T61String handling the only correct way to represent accented characters in OpenSSL is to use a BMPString: unfortunately Netscape currently chokes on these. If you have to use accented characters with Netscape and MSIE then you currently need to use the invalid T61String form.</p>
+
+<p>The current prompting is not very friendly. It doesn&#39;t allow you to confirm what you&#39;ve just entered. Other things like extensions in certificate requests are statically defined in the configuration file. Some of these: like an email address in subjectAltName should be input by the user.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/x509.html">x509(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man5/config.html">config(5)</a>, <a href="../man5/x509v3_config.html">x509v3_config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-rsa.html b/msys2/usr/share/doc/openssl/html/man1/openssl-rsa.html
new file mode 100644
index 000000000..7320ee62d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-rsa.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rsa</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-rsa, rsa - RSA key processing tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>rsa</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-modulus</b>] [<b>-check</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-RSAPublicKey_in</b>] [<b>-RSAPublicKey_out</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>rsa</b> command processes RSA keys. They can be converted between various forms and their components printed out. <b>Note</b> this command uses the traditional SSLeay compatible format for private key encryption: newer applications should use the more secure PKCS#8 format using the <b>pkcs8</b> utility.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with the PKCS#1 RSAPrivateKey or SubjectPublicKeyInfo format. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines. On input PKCS#8 format private keys are also accepted.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output if this option is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-password"><b>-passout password</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with the specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the <b>rsa</b> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the various public or private key components in plain text in addition to the encoded version.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the key.</p>
+
+</dd>
+<dt id="modulus"><b>-modulus</b></dt>
+<dd>
+
+<p>This option prints out the value of the modulus of the key.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>This option checks the consistency of an RSA private key.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>By default a private key is read from the input file: with this option a public key is read instead.</p>
+
+</dd>
+<dt id="pubout"><b>-pubout</b></dt>
+<dd>
+
+<p>By default a private key is output: with this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
+
+</dd>
+<dt id="RSAPublicKey_in--RSAPublicKey_out"><b>-RSAPublicKey_in</b>, <b>-RSAPublicKey_out</b></dt>
+<dd>
+
+<p>Like <b>-pubin</b> and <b>-pubout</b> except <b>RSAPublicKey</b> format is used instead.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>rsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM private key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The PEM public key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----</code></pre>
+
+<p>The PEM <b>RSAPublicKey</b> format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN RSA PUBLIC KEY-----
+ -----END RSA PUBLIC KEY-----</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To remove the pass phrase on an RSA private key:</p>
+
+<pre><code> openssl rsa -in key.pem -out keyout.pem</code></pre>
+
+<p>To encrypt a private key using triple DES:</p>
+
+<pre><code> openssl rsa -in key.pem -des3 -out keyout.pem</code></pre>
+
+<p>To convert a private key from PEM to DER format:</p>
+
+<pre><code> openssl rsa -in key.pem -outform DER -out keyout.der</code></pre>
+
+<p>To print out the components of a private key to standard output:</p>
+
+<pre><code> openssl rsa -in key.pem -text -noout</code></pre>
+
+<p>To just output the public part of a private key:</p>
+
+<pre><code> openssl rsa -in key.pem -pubout -out pubkey.pem</code></pre>
+
+<p>Output the public part of a private key in <b>RSAPublicKey</b> format:</p>
+
+<pre><code> openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option that automatically handles .key files, without having to manually edit them.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/pkcs8.html">pkcs8(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-rsautl.html b/msys2/usr/share/doc/openssl/html/man1/openssl-rsautl.html
new file mode 100644
index 000000000..68b6efdbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-rsautl.html
@@ -0,0 +1,236 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rsautl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-rsautl, rsautl - RSA utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>rsautl</b> [<b>-help</b>] [<b>-in file</b>] [<b>-out file</b>] [<b>-inkey file</b>] [<b>-keyform PEM|DER|ENGINE</b>] [<b>-pubin</b>] [<b>-certin</b>] [<b>-sign</b>] [<b>-verify</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-pkcs</b>] [<b>-ssl</b>] [<b>-raw</b>] [<b>-hexdump</b>] [<b>-asn1parse</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>rsautl</b> command can be used to sign, verify, encrypt and decrypt data using the RSA algorithm.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read data from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="inkey-file"><b>-inkey file</b></dt>
+<dd>
+
+<p>The input key file, by default it should be an RSA private key.</p>
+
+</dd>
+<dt id="keyform-PEM-DER-ENGINE"><b>-keyform PEM|DER|ENGINE</b></dt>
+<dd>
+
+<p>The key format PEM, DER or ENGINE.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>The input file is an RSA public key.</p>
+
+</dd>
+<dt id="certin"><b>-certin</b></dt>
+<dd>
+
+<p>The input is a certificate containing an RSA public key.</p>
+
+</dd>
+<dt id="sign"><b>-sign</b></dt>
+<dd>
+
+<p>Sign the input data and output the signed result. This requires an RSA private key.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verify the input data and output the recovered data.</p>
+
+</dd>
+<dt id="encrypt"><b>-encrypt</b></dt>
+<dd>
+
+<p>Encrypt the input data using an RSA public key.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Decrypt the input data using an RSA private key.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="pkcs--oaep--ssl--raw"><b>-pkcs, -oaep, -ssl, -raw</b></dt>
+<dd>
+
+<p>The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP, special padding used in SSL v2 backwards compatible handshakes, or no padding, respectively. For signatures, only <b>-pkcs</b> and <b>-raw</b> can be used.</p>
+
+</dd>
+<dt id="hexdump"><b>-hexdump</b></dt>
+<dd>
+
+<p>Hex dump the output data.</p>
+
+</dd>
+<dt id="asn1parse"><b>-asn1parse</b></dt>
+<dd>
+
+<p>Parse the ASN.1 output data, this is useful when combined with the <b>-verify</b> option.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>rsautl</b> because it uses the RSA algorithm directly can only be used to sign or verify small pieces of data.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Sign some data using a private key:</p>
+
+<pre><code> openssl rsautl -sign -in file -inkey key.pem -out sig</code></pre>
+
+<p>Recover the signed data</p>
+
+<pre><code> openssl rsautl -verify -in sig -inkey key.pem</code></pre>
+
+<p>Examine the raw signed data:</p>
+
+<pre><code> openssl rsautl -verify -in sig -inkey key.pem -raw -hexdump
+
+ 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64   .....hello world</code></pre>
+
+<p>The PKCS#1 block formatting is evident from this. If this was done using encrypt and decrypt the block would have been of type 2 (the second byte) and random padding data visible instead of the 0xff bytes.</p>
+
+<p>It is possible to analyse the signature of certificates using this utility in conjunction with <b>asn1parse</b>. Consider the self signed example in certs/pca-cert.pem . Running <b>asn1parse</b> as follows yields:</p>
+
+<pre><code> openssl asn1parse -in pca-cert.pem
+
+    0:d=0  hl=4 l= 742 cons: SEQUENCE
+    4:d=1  hl=4 l= 591 cons:  SEQUENCE
+    8:d=2  hl=2 l=   3 cons:   cont [ 0 ]
+   10:d=3  hl=2 l=   1 prim:    INTEGER           :02
+   13:d=2  hl=2 l=   1 prim:   INTEGER           :00
+   16:d=2  hl=2 l=  13 cons:   SEQUENCE
+   18:d=3  hl=2 l=   9 prim:    OBJECT            :md5WithRSAEncryption
+   29:d=3  hl=2 l=   0 prim:    NULL
+   31:d=2  hl=2 l=  92 cons:   SEQUENCE
+   33:d=3  hl=2 l=  11 cons:    SET
+   35:d=4  hl=2 l=   9 cons:     SEQUENCE
+   37:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
+   42:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :AU
+  ....
+  599:d=1  hl=2 l=  13 cons:  SEQUENCE
+  601:d=2  hl=2 l=   9 prim:   OBJECT            :md5WithRSAEncryption
+  612:d=2  hl=2 l=   0 prim:   NULL
+  614:d=1  hl=3 l= 129 prim:  BIT STRING</code></pre>
+
+<p>The final BIT STRING contains the actual signature. It can be extracted with:</p>
+
+<pre><code> openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614</code></pre>
+
+<p>The certificate public key can be extracted with:</p>
+
+<pre><code> openssl x509 -in test/testx509.pem -pubkey -noout &gt;pubkey.pem</code></pre>
+
+<p>The signature can be analysed with:</p>
+
+<pre><code> openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
+
+    0:d=0  hl=2 l=  32 cons: SEQUENCE
+    2:d=1  hl=2 l=  12 cons:  SEQUENCE
+    4:d=2  hl=2 l=   8 prim:   OBJECT            :md5
+   14:d=2  hl=2 l=   0 prim:   NULL
+   16:d=1  hl=2 l=  16 prim:  OCTET STRING
+      0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5   .F...Js.7...H%..</code></pre>
+
+<p>This is the parsed version of an ASN1 DigestInfo structure. It can be seen that the digest used was md5. The actual part of the certificate that was signed can be extracted with:</p>
+
+<pre><code> openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4</code></pre>
+
+<p>and its digest computed with:</p>
+
+<pre><code> openssl md5 -c tbs
+ MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5</code></pre>
+
+<p>which it can be seen agrees with the recovered value above.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-s_client.html b/msys2/usr/share/doc/openssl/html/man1/openssl-s_client.html
new file mode 100644
index 000000000..f1be44f0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-s_client.html
@@ -0,0 +1,681 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>s_client</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CONNECTED-COMMANDS">CONNECTED COMMANDS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-s_client, s_client - SSL/TLS client program</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>s_client</b> [<b>-help</b>] [<b>-connect host:port</b>] [<b>-bind host:port</b>] [<b>-proxy host:port</b>] [<b>-unix path</b>] [<b>-4</b>] [<b>-6</b>] [<b>-servername name</b>] [<b>-noservername</b>] [<b>-verify depth</b>] [<b>-verify_return_error</b>] [<b>-cert filename</b>] [<b>-certform DER|PEM</b>] [<b>-key filename</b>] [<b>-keyform DER|PEM</b>] [<b>-cert_chain filename</b>] [<b>-build_chain</b>] [<b>-xkey</b>] [<b>-xcert</b>] [<b>-xchain</b>] [<b>-xchain_build</b>] [<b>-xcertform PEM|DER</b>] [<b>-xkeyform PEM|DER</b>] [<b>-pass arg</b>] [<b>-CApath directory</b>] [<b>-CAfile filename</b>] [<b>-chainCApath directory</b>] [<b>-chainCAfile filename</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-requestCAfile filename</b>] [<b>-dane_tlsa_domain domain</b>] [<b>-dane_tlsa_rrdata rrdata</b>] [<b>-dane_ee_no_namechecks</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-nameopt option</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-build_chain</b>] [<b>-x509_strict</b>] [<b>-reconnect</b>] [<b>-showcerts</b>] [<b>-debug</b>] [<b>-msg</b>] [<b>-nbio_test</b>] [<b>-state</b>] [<b>-nbio</b>] [<b>-crlf</b>] [<b>-ign_eof</b>] [<b>-no_ign_eof</b>] [<b>-psk_identity identity</b>] [<b>-psk key</b>] [<b>-psk_session file</b>] [<b>-quiet</b>] [<b>-ssl3</b>] [<b>-tls1</b>] [<b>-tls1_1</b>] [<b>-tls1_2</b>] [<b>-tls1_3</b>] [<b>-no_ssl3</b>] [<b>-no_tls1</b>] [<b>-no_tls1_1</b>] [<b>-no_tls1_2</b>] [<b>-no_tls1_3</b>] [<b>-dtls</b>] [<b>-dtls1</b>] [<b>-dtls1_2</b>] [<b>-sctp</b>] [<b>-sctp_label_bug</b>] [<b>-fallback_scsv</b>] [<b>-async</b>] [<b>-max_send_frag</b>] [<b>-split_send_frag</b>] [<b>-max_pipelines</b>] [<b>-read_buf</b>] [<b>-bugs</b>] [<b>-comp</b>] [<b>-no_comp</b>] [<b>-allow_no_dhe_kex</b>] [<b>-sigalgs sigalglist</b>] [<b>-curves curvelist</b>] [<b>-cipher cipherlist</b>] [<b>-ciphersuites val</b>] [<b>-serverpref</b>] [<b>-starttls protocol</b>] [<b>-xmpphost hostname</b>] [<b>-name hostname</b>] [<b>-engine id</b>] [<b>-tlsextdebug</b>] [<b>-no_ticket</b>] [<b>-sess_out filename</b>] [<b>-sess_in filename</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-serverinfo types</b>] [<b>-status</b>] [<b>-alpn protocols</b>] [<b>-nextprotoneg protocols</b>] [<b>-ct</b>] [<b>-noct</b>] [<b>-ctlogfile</b>] [<b>-keylogfile file</b>] [<b>-early_data file</b>] [<b>-enable_pha</b>] [<b>target</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>s_client</b> command implements a generic SSL/TLS client which connects to a remote host using SSL/TLS. It is a <i>very</i> useful diagnostic tool for SSL servers.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>In addition to the options below the <b>s_client</b> utility also supports the common and client only options documented in the in the &quot;Supported Command Line Commands&quot; section of the <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a> manual page.</p>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="connect-host:port"><b>-connect host:port</b></dt>
+<dd>
+
+<p>This specifies the host and optional port to connect to. It is possible to select the host and port using the optional target positional argument instead. If neither this nor the target positional argument are specified then an attempt is made to connect to the local host on port 4433.</p>
+
+</dd>
+<dt id="bind-host:port"><b>-bind host:port</b>]</dt>
+<dd>
+
+<p>This specifies the host address and or port to bind as the source for the connection. For Unix-domain sockets the port is ignored and the host is used as the source socket address.</p>
+
+</dd>
+<dt id="proxy-host:port"><b>-proxy host:port</b></dt>
+<dd>
+
+<p>When used with the <b>-connect</b> flag, the program uses the host and port specified with this flag and issues an HTTP CONNECT command to connect to the desired server.</p>
+
+</dd>
+<dt id="unix-path"><b>-unix path</b></dt>
+<dd>
+
+<p>Connect over the specified Unix-domain socket.</p>
+
+</dd>
+<dt id="pod-4"><b>-4</b></dt>
+<dd>
+
+<p>Use IPv4 only.</p>
+
+</dd>
+<dt id="pod-6"><b>-6</b></dt>
+<dd>
+
+<p>Use IPv6 only.</p>
+
+</dd>
+<dt id="servername-name"><b>-servername name</b></dt>
+<dd>
+
+<p>Set the TLS SNI (Server Name Indication) extension in the ClientHello message to the given value. If <b>-servername</b> is not provided, the TLS SNI extension will be populated with the name given to <b>-connect</b> if it follows a DNS name format. If <b>-connect</b> is not provided either, the SNI is set to &quot;localhost&quot;. This is the default since OpenSSL 1.1.1.</p>
+
+<p>Even though SNI should normally be a DNS name and not an IP address, if <b>-servername</b> is provided then that name will be sent, regardless of whether it is a DNS name or not.</p>
+
+<p>This option cannot be used in conjuction with <b>-noservername</b>.</p>
+
+</dd>
+<dt id="noservername"><b>-noservername</b></dt>
+<dd>
+
+<p>Suppresses sending of the SNI (Server Name Indication) extension in the ClientHello message. Cannot be used in conjunction with the <b>-servername</b> or &lt;-dane_tlsa_domain&gt; options.</p>
+
+</dd>
+<dt id="cert-certname"><b>-cert certname</b></dt>
+<dd>
+
+<p>The certificate to use, if one is requested by the server. The default is not to use a certificate.</p>
+
+</dd>
+<dt id="certform-format"><b>-certform format</b></dt>
+<dd>
+
+<p>The certificate format to use: DER or PEM. PEM is the default.</p>
+
+</dd>
+<dt id="key-keyfile"><b>-key keyfile</b></dt>
+<dd>
+
+<p>The private key to use. If not specified then the certificate file will be used.</p>
+
+</dd>
+<dt id="keyform-format"><b>-keyform format</b></dt>
+<dd>
+
+<p>The private format to use: DER or PEM. PEM is the default.</p>
+
+</dd>
+<dt id="cert_chain"><b>-cert_chain</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the client/server certificate chain related to the certificate specified via the <b>-cert</b> option.</p>
+
+</dd>
+<dt id="build_chain"><b>-build_chain</b></dt>
+<dd>
+
+<p>Specify whether the application should build the certificate chain to be provided to the server.</p>
+
+</dd>
+<dt id="xkey-infile--xcert-infile--xchain"><b>-xkey infile</b>, <b>-xcert infile</b>, <b>-xchain</b></dt>
+<dd>
+
+<p>Specify an extra certificate, private key and certificate chain. These behave in the same manner as the <b>-cert</b>, <b>-key</b> and <b>-cert_chain</b> options. When specified, the callback returning the first valid chain will be in use by the client.</p>
+
+</dd>
+<dt id="xchain_build"><b>-xchain_build</b></dt>
+<dd>
+
+<p>Specify whether the application should build the certificate chain to be provided to the server for the extra certificates provided via <b>-xkey infile</b>, <b>-xcert infile</b>, <b>-xchain</b> options.</p>
+
+</dd>
+<dt id="xcertform-PEM-DER--xkeyform-PEM-DER"><b>-xcertform PEM|DER</b>, <b>-xkeyform PEM|DER</b></dt>
+<dd>
+
+<p>Extra certificate and private key format respectively.</p>
+
+</dd>
+<dt id="pass-arg"><b>-pass arg</b></dt>
+<dd>
+
+<p>the private key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="verify-depth"><b>-verify depth</b></dt>
+<dd>
+
+<p>The verify depth to use. This specifies the maximum length of the server certificate chain and turns on server certificate verification. Currently the verify operation continues after errors so all the problems with a certificate chain can be seen. As a side effect the connection will never fail due to a server certificate verify failure.</p>
+
+</dd>
+<dt id="verify_return_error"><b>-verify_return_error</b></dt>
+<dd>
+
+<p>Return verification errors instead of continuing. This will typically abort the handshake with a fatal error.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="CApath-directory"><b>-CApath directory</b></dt>
+<dd>
+
+<p>The directory to use for server certificate verification. This directory must be in &quot;hash format&quot;, see <a href="../man1/verify.html">verify(1)</a> for more information. These are also used when building the client certificate chain.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use during server authentication and to use when attempting to build the client certificate chain.</p>
+
+</dd>
+<dt id="chainCApath-directory"><b>-chainCApath directory</b></dt>
+<dd>
+
+<p>The directory to use for building the chain provided to the server. This directory must be in &quot;hash format&quot;, see <a href="../man1/verify.html">verify(1)</a> for more information.</p>
+
+</dd>
+<dt id="chainCAfile-file"><b>-chainCAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the client certificate chain.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location</p>
+
+</dd>
+<dt id="requestCAfile-file"><b>-requestCAfile file</b></dt>
+<dd>
+
+<p>A file containing a list of certificates whose subject names will be sent to the server in the <b>certificate_authorities</b> extension. Only supported for TLS 1.3</p>
+
+</dd>
+<dt id="dane_tlsa_domain-domain"><b>-dane_tlsa_domain domain</b></dt>
+<dd>
+
+<p>Enable RFC6698/RFC7671 DANE TLSA authentication and specify the TLSA base domain which becomes the default SNI hint and the primary reference identifier for hostname checks. This must be used in combination with at least one instance of the <b>-dane_tlsa_rrdata</b> option below.</p>
+
+<p>When DANE authentication succeeds, the diagnostic output will include the lowest (closest to 0) depth at which a TLSA record authenticated a chain certificate. When that TLSA record is a &quot;2 1 0&quot; trust anchor public key that signed (rather than matched) the top-most certificate of the chain, the result is reported as &quot;TA public key verified&quot;. Otherwise, either the TLSA record &quot;matched TA certificate&quot; at a positive depth or else &quot;matched EE certificate&quot; at depth 0.</p>
+
+</dd>
+<dt id="dane_tlsa_rrdata-rrdata"><b>-dane_tlsa_rrdata rrdata</b></dt>
+<dd>
+
+<p>Use one or more times to specify the RRDATA fields of the DANE TLSA RRset associated with the target service. The <b>rrdata</b> value is specied in &quot;presentation form&quot;, that is four whitespace separated fields that specify the usage, selector, matching type and associated data, with the last of these encoded in hexadecimal. Optional whitespace is ignored in the associated data field. For example:</p>
+
+<pre><code>  $ openssl s_client -brief -starttls smtp \
+    -connect smtp.example.com:25 \
+    -dane_tlsa_domain smtp.example.com \
+    -dane_tlsa_rrdata &quot;2 1 1
+      B111DD8A1C2091A89BD4FD60C57F0716CCE50FEEFF8137CDBEE0326E 02CF362B&quot; \
+    -dane_tlsa_rrdata &quot;2 1 1
+      60B87575447DCBA2A36B7D11AC09FB24A9DB406FEE12D2CC90180517 616E8A18&quot;
+  ...
+  Verification: OK
+  Verified peername: smtp.example.com
+  DANE TLSA 2 1 1 ...ee12d2cc90180517616e8a18 matched TA certificate at depth 1
+  ...</code></pre>
+
+</dd>
+<dt id="dane_ee_no_namechecks"><b>-dane_ee_no_namechecks</b></dt>
+<dd>
+
+<p>This disables server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set various certificate chain validation options. See the <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="reconnect"><b>-reconnect</b></dt>
+<dd>
+
+<p>Reconnects to the same server 5 times using the same session ID, this can be used as a test that session caching is working.</p>
+
+</dd>
+<dt id="showcerts"><b>-showcerts</b></dt>
+<dd>
+
+<p>Displays the server certificate list as sent by the server: it only consists of certificates the server has sent (in the order the server has sent them). It is <b>not</b> a verified chain.</p>
+
+</dd>
+<dt id="prexit"><b>-prexit</b></dt>
+<dd>
+
+<p>Print session information when the program exits. This will always attempt to print out information even if the connection fails. Normally information will only be printed out once if the connection succeeds. This option is useful because the cipher in use may be renegotiated or the connection may fail because a client certificate is required or is requested only after an attempt is made to access a certain URL. Note: the output produced by this option is not always accurate because a connection might never have been established.</p>
+
+</dd>
+<dt id="state"><b>-state</b></dt>
+<dd>
+
+<p>Prints out the SSL session states.</p>
+
+</dd>
+<dt id="debug"><b>-debug</b></dt>
+<dd>
+
+<p>Print extensive debugging information including a hex dump of all traffic.</p>
+
+</dd>
+<dt id="msg"><b>-msg</b></dt>
+<dd>
+
+<p>Show all protocol messages with hex dump.</p>
+
+</dd>
+<dt id="trace"><b>-trace</b></dt>
+<dd>
+
+<p>Show verbose trace output of protocol messages. OpenSSL needs to be compiled with <b>enable-ssl-trace</b> for this option to work.</p>
+
+</dd>
+<dt id="msgfile"><b>-msgfile</b></dt>
+<dd>
+
+<p>File to send output of <b>-msg</b> or <b>-trace</b> to, default standard output.</p>
+
+</dd>
+<dt id="nbio_test"><b>-nbio_test</b></dt>
+<dd>
+
+<p>Tests non-blocking I/O</p>
+
+</dd>
+<dt id="nbio"><b>-nbio</b></dt>
+<dd>
+
+<p>Turns on non-blocking I/O</p>
+
+</dd>
+<dt id="crlf"><b>-crlf</b></dt>
+<dd>
+
+<p>This option translated a line feed from the terminal into CR+LF as required by some servers.</p>
+
+</dd>
+<dt id="ign_eof"><b>-ign_eof</b></dt>
+<dd>
+
+<p>Inhibit shutting down the connection when end of file is reached in the input.</p>
+
+</dd>
+<dt id="quiet"><b>-quiet</b></dt>
+<dd>
+
+<p>Inhibit printing of session and certificate information. This implicitly turns on <b>-ign_eof</b> as well.</p>
+
+</dd>
+<dt id="no_ign_eof"><b>-no_ign_eof</b></dt>
+<dd>
+
+<p>Shut down the connection when end of file is reached in the input. Can be used to override the implicit <b>-ign_eof</b> after <b>-quiet</b>.</p>
+
+</dd>
+<dt id="psk_identity-identity"><b>-psk_identity identity</b></dt>
+<dd>
+
+<p>Use the PSK identity <b>identity</b> when using a PSK cipher suite. The default value is &quot;Client_identity&quot; (without the quotes).</p>
+
+</dd>
+<dt id="psk-key"><b>-psk key</b></dt>
+<dd>
+
+<p>Use the PSK key <b>key</b> when using a PSK cipher suite. The key is given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. This option must be provided in order to use a PSK cipher.</p>
+
+</dd>
+<dt id="psk_session-file"><b>-psk_session file</b></dt>
+<dd>
+
+<p>Use the pem encoded SSL_SESSION data stored in <b>file</b> as the basis of a PSK. Note that this will only work if TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="ssl3--tls1--tls1_1--tls1_2--tls1_3--no_ssl3--no_tls1--no_tls1_1--no_tls1_2--no_tls1_3"><b>-ssl3</b>, <b>-tls1</b>, <b>-tls1_1</b>, <b>-tls1_2</b>, <b>-tls1_3</b>, <b>-no_ssl3</b>, <b>-no_tls1</b>, <b>-no_tls1_1</b>, <b>-no_tls1_2</b>, <b>-no_tls1_3</b></dt>
+<dd>
+
+<p>These options require or disable the use of the specified SSL or TLS protocols. By default <b>s_client</b> will negotiate the highest mutually supported protocol version. When a specific TLS version is required, only that version will be offered to and accepted from the server. Note that not all protocols and flags may be available, depending on how OpenSSL was built.</p>
+
+</dd>
+<dt id="dtls--dtls1--dtls1_2"><b>-dtls</b>, <b>-dtls1</b>, <b>-dtls1_2</b></dt>
+<dd>
+
+<p>These options make <b>s_client</b> use DTLS protocols instead of TLS. With <b>-dtls</b>, <b>s_client</b> will negotiate any supported DTLS protocol version, whilst <b>-dtls1</b> and <b>-dtls1_2</b> will only support DTLS1.0 and DTLS1.2 respectively.</p>
+
+</dd>
+<dt id="sctp"><b>-sctp</b></dt>
+<dd>
+
+<p>Use SCTP for the transport protocol instead of UDP in DTLS. Must be used in conjunction with <b>-dtls</b>, <b>-dtls1</b> or <b>-dtls1_2</b>. This option is only available where OpenSSL has support for SCTP enabled.</p>
+
+</dd>
+<dt id="sctp_label_bug"><b>-sctp_label_bug</b></dt>
+<dd>
+
+<p>Use the incorrect behaviour of older OpenSSL implementations when computing endpoint-pair shared secrets for DTLS/SCTP. This allows communication with older broken implementations but breaks interoperability with correct implementations. Must be used in conjunction with <b>-sctp</b>. This option is only available where OpenSSL has support for SCTP enabled.</p>
+
+</dd>
+<dt id="fallback_scsv"><b>-fallback_scsv</b></dt>
+<dd>
+
+<p>Send TLS_FALLBACK_SCSV in the ClientHello.</p>
+
+</dd>
+<dt id="async"><b>-async</b></dt>
+<dd>
+
+<p>Switch on asynchronous mode. Cryptographic operations will be performed asynchronously. This will only have an effect if an asynchronous capable engine is also used via the <b>-engine</b> option. For test purposes the dummy async engine (dasync) can be used (if available).</p>
+
+</dd>
+<dt id="max_send_frag-int"><b>-max_send_frag int</b></dt>
+<dd>
+
+<p>The maximum size of data fragment to send. See <a href="../man3/SSL_CTX_set_max_send_fragment.html">SSL_CTX_set_max_send_fragment(3)</a> for further information.</p>
+
+</dd>
+<dt id="split_send_frag-int"><b>-split_send_frag int</b></dt>
+<dd>
+
+<p>The size used to split data for encrypt pipelines. If more data is written in one go than this value then it will be split into multiple pipelines, up to the maximum number of pipelines defined by max_pipelines. This only has an effect if a suitable cipher suite has been negotiated, an engine that supports pipelining has been loaded, and max_pipelines is greater than 1. See <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a> for further information.</p>
+
+</dd>
+<dt id="max_pipelines-int"><b>-max_pipelines int</b></dt>
+<dd>
+
+<p>The maximum number of encrypt/decrypt pipelines to be used. This will only have an effect if an engine has been loaded that supports pipelining (e.g. the dasync engine) and a suitable cipher suite has been negotiated. The default value is 1. See <a href="../man3/SSL_CTX_set_max_pipelines.html">SSL_CTX_set_max_pipelines(3)</a> for further information.</p>
+
+</dd>
+<dt id="read_buf-int"><b>-read_buf int</b></dt>
+<dd>
+
+<p>The default read buffer size to be used for connections. This will only have an effect if the buffer size is larger than the size that would otherwise be used and pipelining is in use (see <a href="../man3/SSL_CTX_set_default_read_buffer_len.html">SSL_CTX_set_default_read_buffer_len(3)</a> for further information).</p>
+
+</dd>
+<dt id="bugs"><b>-bugs</b></dt>
+<dd>
+
+<p>There are several known bug in SSL and TLS implementations. Adding this option enables various workarounds.</p>
+
+</dd>
+<dt id="comp"><b>-comp</b></dt>
+<dd>
+
+<p>Enables support for SSL/TLS compression. This option was introduced in OpenSSL 1.1.0. TLS compression is not recommended and is off by default as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="no_comp"><b>-no_comp</b></dt>
+<dd>
+
+<p>Disables support for SSL/TLS compression. TLS compression is not recommended and is off by default as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="brief"><b>-brief</b></dt>
+<dd>
+
+<p>Only provide a brief summary of connection parameters instead of the normal verbose output.</p>
+
+</dd>
+<dt id="sigalgs-sigalglist"><b>-sigalgs sigalglist</b></dt>
+<dd>
+
+<p>Specifies the list of signature algorithms that are sent by the client. The server selects one entry in the list based on its preferences. For example strings, see <a href="../man3/SSL_CTX_set1_sigalgs.html">SSL_CTX_set1_sigalgs(3)</a></p>
+
+</dd>
+<dt id="curves-curvelist"><b>-curves curvelist</b></dt>
+<dd>
+
+<p>Specifies the list of supported curves to be sent by the client. The curve is ultimately selected by the server. For a list of all curves, use:</p>
+
+<pre><code>    $ openssl ecparam -list_curves</code></pre>
+
+</dd>
+<dt id="cipher-cipherlist"><b>-cipher cipherlist</b></dt>
+<dd>
+
+<p>This allows the TLSv1.2 and below cipher list sent by the client to be modified. This list will be combined with any TLSv1.3 ciphersuites that have been configured. Although the server determines which ciphersuite is used it should take the first supported cipher in the list sent by the client. See the <b>ciphers</b> command for more information.</p>
+
+</dd>
+<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
+<dd>
+
+<p>This allows the TLSv1.3 ciphersuites sent by the client to be modified. This list will be combined with any TLSv1.2 and below ciphersuites that have been configured. Although the server determines which cipher suite is used it should take the first supported cipher in the list sent by the client. See the <b>ciphers</b> command for more information. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names.</p>
+
+</dd>
+<dt id="starttls-protocol"><b>-starttls protocol</b></dt>
+<dd>
+
+<p>Send the protocol-specific message(s) to switch to TLS for communication. <b>protocol</b> is a keyword for the intended protocol. Currently, the only supported keywords are &quot;smtp&quot;, &quot;pop3&quot;, &quot;imap&quot;, &quot;ftp&quot;, &quot;xmpp&quot;, &quot;xmpp-server&quot;, &quot;irc&quot;, &quot;postgres&quot;, &quot;mysql&quot;, &quot;lmtp&quot;, &quot;nntp&quot;, &quot;sieve&quot; and &quot;ldap&quot;.</p>
+
+</dd>
+<dt id="xmpphost-hostname"><b>-xmpphost hostname</b></dt>
+<dd>
+
+<p>This option, when used with &quot;-starttls xmpp&quot; or &quot;-starttls xmpp-server&quot;, specifies the host for the &quot;to&quot; attribute of the stream element. If this option is not specified, then the host specified with &quot;-connect&quot; will be used.</p>
+
+<p>This option is an alias of the <b>-name</b> option for &quot;xmpp&quot; and &quot;xmpp-server&quot;.</p>
+
+</dd>
+<dt id="name-hostname"><b>-name hostname</b></dt>
+<dd>
+
+<p>This option is used to specify hostname information for various protocols used with <b>-starttls</b> option. Currently only &quot;xmpp&quot;, &quot;xmpp-server&quot;, &quot;smtp&quot; and &quot;lmtp&quot; can utilize this <b>-name</b> option.</p>
+
+<p>If this option is used with &quot;-starttls xmpp&quot; or &quot;-starttls xmpp-server&quot;, if specifies the host for the &quot;to&quot; attribute of the stream element. If this option is not specified, then the host specified with &quot;-connect&quot; will be used.</p>
+
+<p>If this option is used with &quot;-starttls lmtp&quot; or &quot;-starttls smtp&quot;, it specifies the name to use in the &quot;LMTP LHLO&quot; or &quot;SMTP EHLO&quot; message, respectively. If this option is not specified, then &quot;mail.example.com&quot; will be used.</p>
+
+</dd>
+<dt id="tlsextdebug"><b>-tlsextdebug</b></dt>
+<dd>
+
+<p>Print out a hex dump of any TLS extensions received from the server.</p>
+
+</dd>
+<dt id="no_ticket"><b>-no_ticket</b></dt>
+<dd>
+
+<p>Disable RFC4507bis session ticket support.</p>
+
+</dd>
+<dt id="sess_out-filename"><b>-sess_out filename</b></dt>
+<dd>
+
+<p>Output SSL session to <b>filename</b>.</p>
+
+</dd>
+<dt id="sess_in-sess.pem"><b>-sess_in sess.pem</b></dt>
+<dd>
+
+<p>Load SSL session from <b>filename</b>. The client will attempt to resume a connection from this session.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>s_client</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="serverinfo-types"><b>-serverinfo types</b></dt>
+<dd>
+
+<p>A list of comma-separated TLS Extension Types (numbers between 0 and 65535). Each type will be sent as an empty ClientHello TLS Extension. The server&#39;s response (if any) will be encoded and displayed as a PEM file.</p>
+
+</dd>
+<dt id="status"><b>-status</b></dt>
+<dd>
+
+<p>Sends a certificate status request to the server (OCSP stapling). The server response (if any) is printed out.</p>
+
+</dd>
+<dt id="alpn-protocols--nextprotoneg-protocols"><b>-alpn protocols</b>, <b>-nextprotoneg protocols</b></dt>
+<dd>
+
+<p>These flags enable the Enable the Application-Layer Protocol Negotiation or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the IETF standard and replaces NPN. The <b>protocols</b> list is a comma-separated list of protocol names that the client should advertise support for. The list should contain the most desirable protocols first. Protocol names are printable ASCII strings, for example &quot;http/1.1&quot; or &quot;spdy/3&quot;. An empty list of protocols is treated specially and will cause the client to advertise support for the TLS extension but disconnect just after receiving ServerHello with a list of server supported protocols. The flag <b>-nextprotoneg</b> cannot be specified if <b>-tls1_3</b> is used.</p>
+
+</dd>
+<dt id="ct--noct"><b>-ct</b>, <b>-noct</b></dt>
+<dd>
+
+<p>Use one of these two options to control whether Certificate Transparency (CT) is enabled (<b>-ct</b>) or disabled (<b>-noct</b>). If CT is enabled, signed certificate timestamps (SCTs) will be requested from the server and reported at handshake completion.</p>
+
+<p>Enabling CT also enables OCSP stapling, as this is one possible delivery method for SCTs.</p>
+
+</dd>
+<dt id="ctlogfile"><b>-ctlogfile</b></dt>
+<dd>
+
+<p>A file containing a list of known Certificate Transparency logs. See <a href="../man3/SSL_CTX_set_ctlog_list_file.html">SSL_CTX_set_ctlog_list_file(3)</a> for the expected file format.</p>
+
+</dd>
+<dt id="keylogfile-file"><b>-keylogfile file</b></dt>
+<dd>
+
+<p>Appends TLS secrets to the specified keylog file such that external programs (like Wireshark) can decrypt TLS connections.</p>
+
+</dd>
+<dt id="early_data-file"><b>-early_data file</b></dt>
+<dd>
+
+<p>Reads the contents of the specified file and attempts to send it as early data to the server. This will only work with resumed sessions that support early data and when the server accepts the early data.</p>
+
+</dd>
+<dt id="enable_pha"><b>-enable_pha</b></dt>
+<dd>
+
+<p>For TLSv1.3 only, send the Post-Handshake Authentication extension. This will happen whether or not a certificate has been provided via <b>-cert</b>.</p>
+
+</dd>
+<dt id="target"><b>[target]</b></dt>
+<dd>
+
+<p>Rather than providing <b>-connect</b>, the target hostname and optional port may be provided as a single positional argument after all options. If neither this nor <b>-connect</b> are provided, falls back to attempting to connect to localhost on port 4433.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONNECTED-COMMANDS">CONNECTED COMMANDS</h1>
+
+<p>If a connection is established with an SSL server then any data received from the server is displayed and any key presses will be sent to the server. If end of file is reached then the connection will be closed down. When used interactively (which means neither <b>-quiet</b> nor <b>-ign_eof</b> have been given), then certain commands are also recognized which perform special operations. These commands are a letter which must appear at the start of a line. They are listed below.</p>
+
+<dl>
+
+<dt id="Q"><b>Q</b></dt>
+<dd>
+
+<p>End the current SSL connection and exit.</p>
+
+</dd>
+<dt id="R"><b>R</b></dt>
+<dd>
+
+<p>Renegotiate the SSL session (TLSv1.2 and below only).</p>
+
+</dd>
+<dt id="B"><b>B</b></dt>
+<dd>
+
+<p>Send a heartbeat message to the server (DTLS only)</p>
+
+</dd>
+<dt id="k"><b>k</b></dt>
+<dd>
+
+<p>Send a key update message to the server (TLSv1.3 only)</p>
+
+</dd>
+<dt id="K"><b>K</b></dt>
+<dd>
+
+<p>Send a key update message to the server and request one back (TLSv1.3 only)</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>s_client</b> can be used to debug SSL servers. To connect to an SSL HTTP server the command:</p>
+
+<pre><code> openssl s_client -connect servername:443</code></pre>
+
+<p>would typically be used (https uses port 443). If the connection succeeds then an HTTP command can be given such as &quot;GET /&quot; to retrieve a web page.</p>
+
+<p>If the handshake fails then there are several possible causes, if it is nothing obvious like no client certificate then the <b>-bugs</b>, <b>-ssl3</b>, <b>-tls1</b>, <b>-no_ssl3</b>, <b>-no_tls1</b> options can be tried in case it is a buggy server. In particular you should play with these options <b>before</b> submitting a bug report to an OpenSSL mailing list.</p>
+
+<p>A frequent problem when attempting to get client certificates working is that a web client complains it has no certificates or gives an empty list to choose from. This is normally because the server is not sending the clients certificate authority in its &quot;acceptable CA list&quot; when it requests a certificate. By using <b>s_client</b> the CA list can be viewed and checked. However some servers only request client authentication after a specific URL is requested. To obtain the list in this case it is necessary to use the <b>-prexit</b> option and send an HTTP request for an appropriate page.</p>
+
+<p>If a certificate is specified on the command line using the <b>-cert</b> option it will not be used unless the server specifically requests a client certificate. Therefor merely including a client certificate on the command line is no guarantee that the certificate works.</p>
+
+<p>If there are problems verifying a server certificate then the <b>-showcerts</b> option can be used to show all the certificates sent by the server.</p>
+
+<p>The <b>s_client</b> utility is a test tool and is designed to continue the handshake after any certificate verification errors. As a result it will accept any certificate chain (trusted or not) sent by the peer. None test applications should <b>not</b> do this as it makes them vulnerable to a MITM attack. This behaviour can be changed by with the <b>-verify_return_error</b> option: any verify errors are then returned aborting the handshake.</p>
+
+<p>The <b>-bind</b> option may be useful if the server or a firewall requires connections to come from some particular address and or port.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Because this program has a lot of options and also because some of the techniques used are rather old, the C source of <b>s_client</b> is rather hard to read and not a model of how things should be done. A typical SSL client program would be much simpler.</p>
+
+<p>The <b>-prexit</b> option is a bit of a hack. We should really report information whenever a session is renegotiated.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man1/sess_id.html">sess_id(1)</a>, <a href="../man1/s_server.html">s_server(1)</a>, <a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man3/SSL_CTX_set_max_send_fragment.html">SSL_CTX_set_max_send_fragment(3)</a>, <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a>, <a href="../man3/SSL_CTX_set_max_pipelines.html">SSL_CTX_set_max_pipelines(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>-no_alt_chains</b> option was added in OpenSSL 1.1.0. The <b>-name</b> option was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-s_server.html b/msys2/usr/share/doc/openssl/html/man1/openssl-s_server.html
new file mode 100644
index 000000000..9f707fc94
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-s_server.html
@@ -0,0 +1,714 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>s_server</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CONNECTED-COMMANDS">CONNECTED COMMANDS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-s_server, s_server - SSL/TLS server program</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>s_server</b> [<b>-help</b>] [<b>-port +int</b>] [<b>-accept val</b>] [<b>-unix val</b>] [<b>-4</b>] [<b>-6</b>] [<b>-unlink</b>] [<b>-context val</b>] [<b>-verify int</b>] [<b>-Verify int</b>] [<b>-cert infile</b>] [<b>-nameopt val</b>] [<b>-naccept +int</b>] [<b>-serverinfo val</b>] [<b>-certform PEM|DER</b>] [<b>-key infile</b>] [<b>-keyform format</b>] [<b>-pass val</b>] [<b>-dcert infile</b>] [<b>-dcertform PEM|DER</b>] [<b>-dkey infile</b>] [<b>-dkeyform PEM|DER</b>] [<b>-dpass val</b>] [<b>-nbio_test</b>] [<b>-crlf</b>] [<b>-debug</b>] [<b>-msg</b>] [<b>-msgfile outfile</b>] [<b>-state</b>] [<b>-CAfile infile</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-nocert</b>] [<b>-quiet</b>] [<b>-no_resume_ephemeral</b>] [<b>-www</b>] [<b>-WWW</b>] [<b>-servername</b>] [<b>-servername_fatal</b>] [<b>-cert2 infile</b>] [<b>-key2 infile</b>] [<b>-tlsextdebug</b>] [<b>-HTTP</b>] [<b>-id_prefix val</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-keymatexport val</b>] [<b>-keymatexportlen +int</b>] [<b>-CRL infile</b>] [<b>-crl_download</b>] [<b>-cert_chain infile</b>] [<b>-dcert_chain infile</b>] [<b>-chainCApath dir</b>] [<b>-verifyCApath dir</b>] [<b>-no_cache</b>] [<b>-ext_cache</b>] [<b>-CRLform PEM|DER</b>] [<b>-verify_return_error</b>] [<b>-verify_quiet</b>] [<b>-build_chain</b>] [<b>-chainCAfile infile</b>] [<b>-verifyCAfile infile</b>] [<b>-ign_eof</b>] [<b>-no_ign_eof</b>] [<b>-status</b>] [<b>-status_verbose</b>] [<b>-status_timeout int</b>] [<b>-status_url val</b>] [<b>-status_file infile</b>] [<b>-trace</b>] [<b>-security_debug</b>] [<b>-security_debug_verbose</b>] [<b>-brief</b>] [<b>-rev</b>] [<b>-async</b>] [<b>-ssl_config val</b>] [<b>-max_send_frag +int</b>] [<b>-split_send_frag +int</b>] [<b>-max_pipelines +int</b>] [<b>-read_buf +int</b>] [<b>-no_ssl3</b>] [<b>-no_tls1</b>] [<b>-no_tls1_1</b>] [<b>-no_tls1_2</b>] [<b>-no_tls1_3</b>] [<b>-bugs</b>] [<b>-no_comp</b>] [<b>-comp</b>] [<b>-no_ticket</b>] [<b>-num_tickets</b>] [<b>-serverpref</b>] [<b>-legacy_renegotiation</b>] [<b>-no_renegotiation</b>] [<b>-legacy_server_connect</b>] [<b>-no_resumption_on_reneg</b>] [<b>-no_legacy_server_connect</b>] [<b>-allow_no_dhe_kex</b>] [<b>-prioritize_chacha</b>] [<b>-strict</b>] [<b>-sigalgs val</b>] [<b>-client_sigalgs val</b>] [<b>-groups val</b>] [<b>-curves val</b>] [<b>-named_curve val</b>] [<b>-cipher val</b>] [<b>-ciphersuites val</b>] [<b>-dhparam infile</b>] [<b>-record_padding val</b>] [<b>-debug_broken_protocol</b>] [<b>-policy val</b>] [<b>-purpose val</b>] [<b>-verify_name val</b>] [<b>-verify_depth int</b>] [<b>-auth_level int</b>] [<b>-attime intmax</b>] [<b>-verify_hostname val</b>] [<b>-verify_email val</b>] [<b>-verify_ip</b>] [<b>-ignore_critical</b>] [<b>-issuer_checks</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-policy_check</b>] [<b>-explicit_policy</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-x509_strict</b>] [<b>-extended_crl</b>] [<b>-use_deltas</b>] [<b>-policy_print</b>] [<b>-check_ss_sig</b>] [<b>-trusted_first</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_128</b>] [<b>-suiteB_192</b>] [<b>-partial_chain</b>] [<b>-no_alt_chains</b>] [<b>-no_check_time</b>] [<b>-allow_proxy_certs</b>] [<b>-xkey</b>] [<b>-xcert</b>] [<b>-xchain</b>] [<b>-xchain_build</b>] [<b>-xcertform PEM|DER</b>] [<b>-xkeyform PEM|DER</b>] [<b>-nbio</b>] [<b>-psk_identity val</b>] [<b>-psk_hint val</b>] [<b>-psk val</b>] [<b>-psk_session file</b>] [<b>-srpvfile infile</b>] [<b>-srpuserseed val</b>] [<b>-ssl3</b>] [<b>-tls1</b>] [<b>-tls1_1</b>] [<b>-tls1_2</b>] [<b>-tls1_3</b>] [<b>-dtls</b>] [<b>-timeout</b>] [<b>-mtu +int</b>] [<b>-listen</b>] [<b>-dtls1</b>] [<b>-dtls1_2</b>] [<b>-sctp</b>] [<b>-sctp_label_bug</b>] [<b>-no_dhe</b>] [<b>-nextprotoneg val</b>] [<b>-use_srtp val</b>] [<b>-alpn val</b>] [<b>-engine val</b>] [<b>-keylogfile outfile</b>] [<b>-max_early_data int</b>] [<b>-early_data</b>] [<b>-anti_replay</b>] [<b>-no_anti_replay</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>s_server</b> command implements a generic SSL/TLS server which listens for connections on a given port using SSL/TLS.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>In addition to the options below the <b>s_server</b> utility also supports the common and server only options documented in the in the &quot;Supported Command Line Commands&quot; section of the <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a> manual page.</p>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="port-int"><b>-port +int</b></dt>
+<dd>
+
+<p>The TCP port to listen on for connections. If not specified 4433 is used.</p>
+
+</dd>
+<dt id="accept-val"><b>-accept val</b></dt>
+<dd>
+
+<p>The optional TCP host and port to listen on for connections. If not specified, *:4433 is used.</p>
+
+</dd>
+<dt id="unix-val"><b>-unix val</b></dt>
+<dd>
+
+<p>Unix domain socket to accept on.</p>
+
+</dd>
+<dt id="pod-4"><b>-4</b></dt>
+<dd>
+
+<p>Use IPv4 only.</p>
+
+</dd>
+<dt id="pod-6"><b>-6</b></dt>
+<dd>
+
+<p>Use IPv6 only.</p>
+
+</dd>
+<dt id="unlink"><b>-unlink</b></dt>
+<dd>
+
+<p>For -unix, unlink any existing socket first.</p>
+
+</dd>
+<dt id="context-val"><b>-context val</b></dt>
+<dd>
+
+<p>Sets the SSL context id. It can be given any string value. If this option is not present a default value will be used.</p>
+
+</dd>
+<dt id="verify-int--Verify-int"><b>-verify int</b>, <b>-Verify int</b></dt>
+<dd>
+
+<p>The verify depth to use. This specifies the maximum length of the client certificate chain and makes the server request a certificate from the client. With the <b>-verify</b> option a certificate is requested but the client does not have to send one, with the <b>-Verify</b> option the client must supply a certificate or an error occurs.</p>
+
+<p>If the cipher suite cannot request a client certificate (for example an anonymous cipher suite or PSK) this option has no effect.</p>
+
+</dd>
+<dt id="cert-infile"><b>-cert infile</b></dt>
+<dd>
+
+<p>The certificate to use, most servers cipher suites require the use of a certificate and some require a certificate with a certain public key type: for example the DSS cipher suites require a certificate containing a DSS (DSA) key. If not specified then the filename &quot;server.pem&quot; will be used.</p>
+
+</dd>
+<dt id="cert_chain"><b>-cert_chain</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the client/server certificate chain related to the certificate specified via the <b>-cert</b> option.</p>
+
+</dd>
+<dt id="build_chain"><b>-build_chain</b></dt>
+<dd>
+
+<p>Specify whether the application should build the certificate chain to be provided to the client.</p>
+
+</dd>
+<dt id="nameopt-val"><b>-nameopt val</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>val</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="naccept-int"><b>-naccept +int</b></dt>
+<dd>
+
+<p>The server will exit after receiving the specified number of connections, default unlimited.</p>
+
+</dd>
+<dt id="serverinfo-val"><b>-serverinfo val</b></dt>
+<dd>
+
+<p>A file containing one or more blocks of PEM data. Each PEM block must encode a TLS ServerHello extension (2 bytes type, 2 bytes length, followed by &quot;length&quot; bytes of extension data). If the client sends an empty TLS ClientHello extension matching the type, the corresponding ServerHello extension will be returned.</p>
+
+</dd>
+<dt id="certform-PEM-DER"><b>-certform PEM|DER</b></dt>
+<dd>
+
+<p>The certificate format to use: DER or PEM. PEM is the default.</p>
+
+</dd>
+<dt id="key-infile"><b>-key infile</b></dt>
+<dd>
+
+<p>The private key to use. If not specified then the certificate file will be used.</p>
+
+</dd>
+<dt id="keyform-format"><b>-keyform format</b></dt>
+<dd>
+
+<p>The private format to use: DER or PEM. PEM is the default.</p>
+
+</dd>
+<dt id="pass-val"><b>-pass val</b></dt>
+<dd>
+
+<p>The private key password source. For more information about the format of <b>val</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="dcert-infile--dkey-infile"><b>-dcert infile</b>, <b>-dkey infile</b></dt>
+<dd>
+
+<p>Specify an additional certificate and private key, these behave in the same manner as the <b>-cert</b> and <b>-key</b> options except there is no default if they are not specified (no additional certificate and key is used). As noted above some cipher suites require a certificate containing a key of a certain type. Some cipher suites need a certificate carrying an RSA key and some a DSS (DSA) key. By using RSA and DSS certificates and keys a server can support clients which only support RSA or DSS cipher suites by using an appropriate certificate.</p>
+
+</dd>
+<dt id="dcert_chain"><b>-dcert_chain</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the server certificate chain when a certificate specified via the <b>-dcert</b> option is in use.</p>
+
+</dd>
+<dt id="dcertform-PEM-DER--dkeyform-PEM-DER--dpass-val"><b>-dcertform PEM|DER</b>, <b>-dkeyform PEM|DER</b>, <b>-dpass val</b></dt>
+<dd>
+
+<p>Additional certificate and private key format and passphrase respectively.</p>
+
+</dd>
+<dt id="xkey-infile--xcert-infile--xchain"><b>-xkey infile</b>, <b>-xcert infile</b>, <b>-xchain</b></dt>
+<dd>
+
+<p>Specify an extra certificate, private key and certificate chain. These behave in the same manner as the <b>-cert</b>, <b>-key</b> and <b>-cert_chain</b> options. When specified, the callback returning the first valid chain will be in use by the server.</p>
+
+</dd>
+<dt id="xchain_build"><b>-xchain_build</b></dt>
+<dd>
+
+<p>Specify whether the application should build the certificate chain to be provided to the client for the extra certificates provided via <b>-xkey infile</b>, <b>-xcert infile</b>, <b>-xchain</b> options.</p>
+
+</dd>
+<dt id="xcertform-PEM-DER--xkeyform-PEM-DER"><b>-xcertform PEM|DER</b>, <b>-xkeyform PEM|DER</b></dt>
+<dd>
+
+<p>Extra certificate and private key format respectively.</p>
+
+</dd>
+<dt id="nbio_test"><b>-nbio_test</b></dt>
+<dd>
+
+<p>Tests non blocking I/O.</p>
+
+</dd>
+<dt id="crlf"><b>-crlf</b></dt>
+<dd>
+
+<p>This option translated a line feed from the terminal into CR+LF.</p>
+
+</dd>
+<dt id="debug"><b>-debug</b></dt>
+<dd>
+
+<p>Print extensive debugging information including a hex dump of all traffic.</p>
+
+</dd>
+<dt id="msg"><b>-msg</b></dt>
+<dd>
+
+<p>Show all protocol messages with hex dump.</p>
+
+</dd>
+<dt id="msgfile-outfile"><b>-msgfile outfile</b></dt>
+<dd>
+
+<p>File to send output of <b>-msg</b> or <b>-trace</b> to, default standard output.</p>
+
+</dd>
+<dt id="state"><b>-state</b></dt>
+<dd>
+
+<p>Prints the SSL session states.</p>
+
+</dd>
+<dt id="CAfile-infile"><b>-CAfile infile</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use during client authentication and to use when attempting to build the server certificate chain. The list is also used in the list of acceptable client CAs passed to the client when a certificate is requested.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>The directory to use for client certificate verification. This directory must be in &quot;hash format&quot;, see <a href="../man1/verify.html">verify(1)</a> for more information. These are also used when building the server certificate chain.</p>
+
+</dd>
+<dt id="chainCApath-dir"><b>-chainCApath dir</b></dt>
+<dd>
+
+<p>The directory to use for building the chain provided to the client. This directory must be in &quot;hash format&quot;, see <a href="../man1/verify.html">verify(1)</a> for more information.</p>
+
+</dd>
+<dt id="chainCAfile-file"><b>-chainCAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the server certificate chain.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location.</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location.</p>
+
+</dd>
+<dt id="nocert"><b>-nocert</b></dt>
+<dd>
+
+<p>If this option is set then no certificate is used. This restricts the cipher suites available to the anonymous ones (currently just anonymous DH).</p>
+
+</dd>
+<dt id="quiet"><b>-quiet</b></dt>
+<dd>
+
+<p>Inhibit printing of session and certificate information.</p>
+
+</dd>
+<dt id="www"><b>-www</b></dt>
+<dd>
+
+<p>Sends a status message back to the client when it connects. This includes information about the ciphers used and various session parameters. The output is in HTML format so this option will normally be used with a web browser. Cannot be used in conjunction with <b>-early_data</b>.</p>
+
+</dd>
+<dt id="WWW"><b>-WWW</b></dt>
+<dd>
+
+<p>Emulates a simple web server. Pages will be resolved relative to the current directory, for example if the URL https://myhost/page.html is requested the file ./page.html will be loaded. Cannot be used in conjunction with <b>-early_data</b>.</p>
+
+</dd>
+<dt id="tlsextdebug"><b>-tlsextdebug</b></dt>
+<dd>
+
+<p>Print a hex dump of any TLS extensions received from the server.</p>
+
+</dd>
+<dt id="HTTP"><b>-HTTP</b></dt>
+<dd>
+
+<p>Emulates a simple web server. Pages will be resolved relative to the current directory, for example if the URL https://myhost/page.html is requested the file ./page.html will be loaded. The files loaded are assumed to contain a complete and correct HTTP response (lines that are part of the HTTP response line and headers must end with CRLF). Cannot be used in conjunction with <b>-early_data</b>.</p>
+
+</dd>
+<dt id="id_prefix-val"><b>-id_prefix val</b></dt>
+<dd>
+
+<p>Generate SSL/TLS session IDs prefixed by <b>val</b>. This is mostly useful for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple servers, when each of which might be generating a unique range of session IDs (eg. with a certain prefix).</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="verify_return_error"><b>-verify_return_error</b></dt>
+<dd>
+
+<p>Verification errors normally just print a message but allow the connection to continue, for debugging purposes. If this option is used, then verification errors close the connection.</p>
+
+</dd>
+<dt id="status"><b>-status</b></dt>
+<dd>
+
+<p>Enables certificate status request support (aka OCSP stapling).</p>
+
+</dd>
+<dt id="status_verbose"><b>-status_verbose</b></dt>
+<dd>
+
+<p>Enables certificate status request support (aka OCSP stapling) and gives a verbose printout of the OCSP response.</p>
+
+</dd>
+<dt id="status_timeout-int"><b>-status_timeout int</b></dt>
+<dd>
+
+<p>Sets the timeout for OCSP response to <b>int</b> seconds.</p>
+
+</dd>
+<dt id="status_url-val"><b>-status_url val</b></dt>
+<dd>
+
+<p>Sets a fallback responder URL to use if no responder URL is present in the server certificate. Without this option an error is returned if the server certificate does not contain a responder address.</p>
+
+</dd>
+<dt id="status_file-infile"><b>-status_file infile</b></dt>
+<dd>
+
+<p>Overrides any OCSP responder URLs from the certificate and always provides the OCSP Response stored in the file. The file must be in DER format.</p>
+
+</dd>
+<dt id="trace"><b>-trace</b></dt>
+<dd>
+
+<p>Show verbose trace output of protocol messages. OpenSSL needs to be compiled with <b>enable-ssl-trace</b> for this option to work.</p>
+
+</dd>
+<dt id="brief"><b>-brief</b></dt>
+<dd>
+
+<p>Provide a brief summary of connection parameters instead of the normal verbose output.</p>
+
+</dd>
+<dt id="rev"><b>-rev</b></dt>
+<dd>
+
+<p>Simple test server which just reverses the text received from the client and sends it back to the server. Also sets <b>-brief</b>. Cannot be used in conjunction with <b>-early_data</b>.</p>
+
+</dd>
+<dt id="async"><b>-async</b></dt>
+<dd>
+
+<p>Switch on asynchronous mode. Cryptographic operations will be performed asynchronously. This will only have an effect if an asynchronous capable engine is also used via the <b>-engine</b> option. For test purposes the dummy async engine (dasync) can be used (if available).</p>
+
+</dd>
+<dt id="max_send_frag-int"><b>-max_send_frag +int</b></dt>
+<dd>
+
+<p>The maximum size of data fragment to send. See <a href="../man3/SSL_CTX_set_max_send_fragment.html">SSL_CTX_set_max_send_fragment(3)</a> for further information.</p>
+
+</dd>
+<dt id="split_send_frag-int"><b>-split_send_frag +int</b></dt>
+<dd>
+
+<p>The size used to split data for encrypt pipelines. If more data is written in one go than this value then it will be split into multiple pipelines, up to the maximum number of pipelines defined by max_pipelines. This only has an effect if a suitable cipher suite has been negotiated, an engine that supports pipelining has been loaded, and max_pipelines is greater than 1. See <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a> for further information.</p>
+
+</dd>
+<dt id="max_pipelines-int"><b>-max_pipelines +int</b></dt>
+<dd>
+
+<p>The maximum number of encrypt/decrypt pipelines to be used. This will only have an effect if an engine has been loaded that supports pipelining (e.g. the dasync engine) and a suitable cipher suite has been negotiated. The default value is 1. See <a href="../man3/SSL_CTX_set_max_pipelines.html">SSL_CTX_set_max_pipelines(3)</a> for further information.</p>
+
+</dd>
+<dt id="read_buf-int"><b>-read_buf +int</b></dt>
+<dd>
+
+<p>The default read buffer size to be used for connections. This will only have an effect if the buffer size is larger than the size that would otherwise be used and pipelining is in use (see <a href="../man3/SSL_CTX_set_default_read_buffer_len.html">SSL_CTX_set_default_read_buffer_len(3)</a> for further information).</p>
+
+</dd>
+<dt id="ssl2--ssl3--tls1--tls1_1--tls1_2--tls1_3--no_ssl2--no_ssl3--no_tls1--no_tls1_1--no_tls1_2--no_tls1_3"><b>-ssl2</b>, <b>-ssl3</b>, <b>-tls1</b>, <b>-tls1_1</b>, <b>-tls1_2</b>, <b>-tls1_3</b>, <b>-no_ssl2</b>, <b>-no_ssl3</b>, <b>-no_tls1</b>, <b>-no_tls1_1</b>, <b>-no_tls1_2</b>, <b>-no_tls1_3</b></dt>
+<dd>
+
+<p>These options require or disable the use of the specified SSL or TLS protocols. By default <b>s_server</b> will negotiate the highest mutually supported protocol version. When a specific TLS version is required, only that version will be accepted from the client. Note that not all protocols and flags may be available, depending on how OpenSSL was built.</p>
+
+</dd>
+<dt id="bugs"><b>-bugs</b></dt>
+<dd>
+
+<p>There are several known bug in SSL and TLS implementations. Adding this option enables various workarounds.</p>
+
+</dd>
+<dt id="no_comp"><b>-no_comp</b></dt>
+<dd>
+
+<p>Disable negotiation of TLS compression. TLS compression is not recommended and is off by default as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="comp"><b>-comp</b></dt>
+<dd>
+
+<p>Enable negotiation of TLS compression. This option was introduced in OpenSSL 1.1.0. TLS compression is not recommended and is off by default as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="no_ticket"><b>-no_ticket</b></dt>
+<dd>
+
+<p>Disable RFC4507bis session ticket support. This option has no effect if TLSv1.3 is negotiated. See <b>-num_tickets</b>.</p>
+
+</dd>
+<dt id="num_tickets"><b>-num_tickets</b></dt>
+<dd>
+
+<p>Control the number of tickets that will be sent to the client after a full handshake in TLSv1.3. The default number of tickets is 2. This option does not affect the number of tickets sent after a resumption handshake.</p>
+
+</dd>
+<dt id="serverpref"><b>-serverpref</b></dt>
+<dd>
+
+<p>Use the server&#39;s cipher preferences, rather than the client&#39;s preferences.</p>
+
+</dd>
+<dt id="prioritize_chacha"><b>-prioritize_chacha</b></dt>
+<dd>
+
+<p>Prioritize ChaCha ciphers when preferred by clients. Requires <b>-serverpref</b>.</p>
+
+</dd>
+<dt id="no_resumption_on_reneg"><b>-no_resumption_on_reneg</b></dt>
+<dd>
+
+<p>Set the <b>SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</b> option.</p>
+
+</dd>
+<dt id="client_sigalgs-val"><b>-client_sigalgs val</b></dt>
+<dd>
+
+<p>Signature algorithms to support for client certificate authentication (colon-separated list).</p>
+
+</dd>
+<dt id="named_curve-val"><b>-named_curve val</b></dt>
+<dd>
+
+<p>Specifies the elliptic curve to use. NOTE: this is single curve, not a list. For a list of all possible curves, use:</p>
+
+<pre><code>    $ openssl ecparam -list_curves</code></pre>
+
+</dd>
+<dt id="cipher-val"><b>-cipher val</b></dt>
+<dd>
+
+<p>This allows the list of TLSv1.2 and below ciphersuites used by the server to be modified. This list is combined with any TLSv1.3 ciphersuites that have been configured. When the client sends a list of supported ciphers the first client cipher also included in the server list is used. Because the client specifies the preference order, the order of the server cipherlist is irrelevant. See the <b>ciphers</b> command for more information.</p>
+
+</dd>
+<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
+<dd>
+
+<p>This allows the list of TLSv1.3 ciphersuites used by the server to be modified. This list is combined with any TLSv1.2 and below ciphersuites that have been configured. When the client sends a list of supported ciphers the first client cipher also included in the server list is used. Because the client specifies the preference order, the order of the server cipherlist is irrelevant. See the <b>ciphers</b> command for more information. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names.</p>
+
+</dd>
+<dt id="dhparam-infile"><b>-dhparam infile</b></dt>
+<dd>
+
+<p>The DH parameter file to use. The ephemeral DH cipher suites generate keys using a set of DH parameters. If not specified then an attempt is made to load the parameters from the server certificate file. If this fails then a static set of parameters hard coded into the <b>s_server</b> program will be used.</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set different peer certificate verification options. See the <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="crl_check--crl_check_all"><b>-crl_check</b>, <b>-crl_check_all</b></dt>
+<dd>
+
+<p>Check the peer certificate has not been revoked by its CA. The CRL(s) are appended to the certificate file. With the <b>-crl_check_all</b> option all CRLs of all CAs in the chain are checked.</p>
+
+</dd>
+<dt id="nbio"><b>-nbio</b></dt>
+<dd>
+
+<p>Turns on non blocking I/O.</p>
+
+</dd>
+<dt id="psk_identity-val"><b>-psk_identity val</b></dt>
+<dd>
+
+<p>Expect the client to send PSK identity <b>val</b> when using a PSK cipher suite, and warn if they do not. By default, the expected PSK identity is the string &quot;Client_identity&quot;.</p>
+
+</dd>
+<dt id="psk_hint-val"><b>-psk_hint val</b></dt>
+<dd>
+
+<p>Use the PSK identity hint <b>val</b> when using a PSK cipher suite.</p>
+
+</dd>
+<dt id="psk-val"><b>-psk val</b></dt>
+<dd>
+
+<p>Use the PSK key <b>val</b> when using a PSK cipher suite. The key is given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. This option must be provided in order to use a PSK cipher.</p>
+
+</dd>
+<dt id="psk_session-file"><b>-psk_session file</b></dt>
+<dd>
+
+<p>Use the pem encoded SSL_SESSION data stored in <b>file</b> as the basis of a PSK. Note that this will only work if TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="listen"><b>-listen</b></dt>
+<dd>
+
+<p>This option can only be used in conjunction with one of the DTLS options above. With this option <b>s_server</b> will listen on a UDP port for incoming connections. Any ClientHellos that arrive will be checked to see if they have a cookie in them or not. Any without a cookie will be responded to with a HelloVerifyRequest. If a ClientHello with a cookie is received then <b>s_server</b> will connect to that peer and complete the handshake.</p>
+
+</dd>
+<dt id="dtls--dtls1--dtls1_2"><b>-dtls</b>, <b>-dtls1</b>, <b>-dtls1_2</b></dt>
+<dd>
+
+<p>These options make <b>s_server</b> use DTLS protocols instead of TLS. With <b>-dtls</b>, <b>s_server</b> will negotiate any supported DTLS protocol version, whilst <b>-dtls1</b> and <b>-dtls1_2</b> will only support DTLSv1.0 and DTLSv1.2 respectively.</p>
+
+</dd>
+<dt id="sctp"><b>-sctp</b></dt>
+<dd>
+
+<p>Use SCTP for the transport protocol instead of UDP in DTLS. Must be used in conjunction with <b>-dtls</b>, <b>-dtls1</b> or <b>-dtls1_2</b>. This option is only available where OpenSSL has support for SCTP enabled.</p>
+
+</dd>
+<dt id="sctp_label_bug"><b>-sctp_label_bug</b></dt>
+<dd>
+
+<p>Use the incorrect behaviour of older OpenSSL implementations when computing endpoint-pair shared secrets for DTLS/SCTP. This allows communication with older broken implementations but breaks interoperability with correct implementations. Must be used in conjunction with <b>-sctp</b>. This option is only available where OpenSSL has support for SCTP enabled.</p>
+
+</dd>
+<dt id="no_dhe"><b>-no_dhe</b></dt>
+<dd>
+
+<p>If this option is set then no DH parameters will be loaded effectively disabling the ephemeral DH cipher suites.</p>
+
+</dd>
+<dt id="alpn-val--nextprotoneg-val"><b>-alpn val</b>, <b>-nextprotoneg val</b></dt>
+<dd>
+
+<p>These flags enable the Enable the Application-Layer Protocol Negotiation or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the IETF standard and replaces NPN. The <b>val</b> list is a comma-separated list of supported protocol names. The list should contain the most desirable protocols first. Protocol names are printable ASCII strings, for example &quot;http/1.1&quot; or &quot;spdy/3&quot;. The flag <b>-nextprotoneg</b> cannot be specified if <b>-tls1_3</b> is used.</p>
+
+</dd>
+<dt id="engine-val"><b>-engine val</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique id string in <b>val</b>) will cause <b>s_server</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="keylogfile-outfile"><b>-keylogfile outfile</b></dt>
+<dd>
+
+<p>Appends TLS secrets to the specified keylog file such that external programs (like Wireshark) can decrypt TLS connections.</p>
+
+</dd>
+<dt id="max_early_data-int"><b>-max_early_data int</b></dt>
+<dd>
+
+<p>Change the default maximum early data bytes that are specified for new sessions and any incoming early data (when used in conjunction with the <b>-early_data</b> flag). The default value is approximately 16k. The argument must be an integer greater than or equal to 0.</p>
+
+</dd>
+<dt id="early_data"><b>-early_data</b></dt>
+<dd>
+
+<p>Accept early data where possible. Cannot be used in conjunction with <b>-www</b>, <b>-WWW</b>, <b>-HTTP</b> or <b>-rev</b>.</p>
+
+</dd>
+<dt id="anti_replay--no_anti_replay"><b>-anti_replay</b>, <b>-no_anti_replay</b></dt>
+<dd>
+
+<p>Switches replay protection on or off, respectively. Replay protection is on by default unless overridden by a configuration file. When it is on, OpenSSL will automatically detect if a session ticket has been used more than once, TLSv1.3 has been negotiated, and early data is enabled on the server. A full handshake is forced if a session ticket is used a second or subsequent time. Any early data that was sent will be rejected.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONNECTED-COMMANDS">CONNECTED COMMANDS</h1>
+
+<p>If a connection request is established with an SSL client and neither the <b>-www</b> nor the <b>-WWW</b> option has been used then normally any data received from the client is displayed and any key presses will be sent to the client.</p>
+
+<p>Certain commands are also recognized which perform special operations. These commands are a letter which must appear at the start of a line. They are listed below.</p>
+
+<dl>
+
+<dt id="q"><b>q</b></dt>
+<dd>
+
+<p>End the current SSL connection but still accept new connections.</p>
+
+</dd>
+<dt id="Q"><b>Q</b></dt>
+<dd>
+
+<p>End the current SSL connection and exit.</p>
+
+</dd>
+<dt id="r"><b>r</b></dt>
+<dd>
+
+<p>Renegotiate the SSL session (TLSv1.2 and below only).</p>
+
+</dd>
+<dt id="R"><b>R</b></dt>
+<dd>
+
+<p>Renegotiate the SSL session and request a client certificate (TLSv1.2 and below only).</p>
+
+</dd>
+<dt id="P"><b>P</b></dt>
+<dd>
+
+<p>Send some plain text down the underlying TCP connection: this should cause the client to disconnect due to a protocol violation.</p>
+
+</dd>
+<dt id="S"><b>S</b></dt>
+<dd>
+
+<p>Print out some session cache status information.</p>
+
+</dd>
+<dt id="B"><b>B</b></dt>
+<dd>
+
+<p>Send a heartbeat message to the client (DTLS only)</p>
+
+</dd>
+<dt id="k"><b>k</b></dt>
+<dd>
+
+<p>Send a key update message to the client (TLSv1.3 only)</p>
+
+</dd>
+<dt id="K"><b>K</b></dt>
+<dd>
+
+<p>Send a key update message to the client and request one back (TLSv1.3 only)</p>
+
+</dd>
+<dt id="c"><b>c</b></dt>
+<dd>
+
+<p>Send a certificate request to the client (TLSv1.3 only)</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>s_server</b> can be used to debug SSL clients. To accept connections from a web browser the command:</p>
+
+<pre><code> openssl s_server -accept 443 -www</code></pre>
+
+<p>can be used for example.</p>
+
+<p>Although specifying an empty list of CAs when requesting a client certificate is strictly speaking a protocol violation, some SSL clients interpret this to mean any CA is acceptable. This is useful for debugging purposes.</p>
+
+<p>The session parameters can printed out using the <b>sess_id</b> program.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Because this program has a lot of options and also because some of the techniques used are rather old, the C source of <b>s_server</b> is rather hard to read and not a model of how things should be done. A typical SSL server program would be much simpler.</p>
+
+<p>The output of common ciphers is wrong: it just gives the list of ciphers that OpenSSL recognizes and the client supports.</p>
+
+<p>There should be a way for the <b>s_server</b> program to print out details of any unknown cipher suites a client says it supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man1/sess_id.html">sess_id(1)</a>, <a href="../man1/s_client.html">s_client(1)</a>, <a href="../man1/ciphers.html">ciphers(1)</a> <a href="../man3/SSL_CTX_set_max_send_fragment.html">SSL_CTX_set_max_send_fragment(3)</a>, <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a>, <a href="../man3/SSL_CTX_set_max_pipelines.html">SSL_CTX_set_max_pipelines(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The -no_alt_chains option was added in OpenSSL 1.1.0.</p>
+
+<p>The -allow-no-dhe-kex and -prioritize_chacha options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-s_time.html b/msys2/usr/share/doc/openssl/html/man1/openssl-s_time.html
new file mode 100644
index 000000000..22b349b98
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-s_time.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>s_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-s_time, s_time - SSL/TLS performance timing program</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>s_time</b> [<b>-help</b>] [<b>-connect host:port</b>] [<b>-www page</b>] [<b>-cert filename</b>] [<b>-key filename</b>] [<b>-CApath directory</b>] [<b>-cafile filename</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-reuse</b>] [<b>-new</b>] [<b>-verify depth</b>] [<b>-nameopt option</b>] [<b>-time seconds</b>] [<b>-ssl3</b>] [<b>-bugs</b>] [<b>-cipher cipherlist</b>] [<b>-ciphersuites val</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>s_time</b> command implements a generic SSL/TLS client which connects to a remote host using SSL/TLS. It can request a page from the server and includes the time to transfer the payload data in its timing measurements. It measures the number of connections within a given timeframe, the amount of data transferred (if any), and calculates the average time spent for one connection.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="connect-host:port"><b>-connect host:port</b></dt>
+<dd>
+
+<p>This specifies the host and optional port to connect to.</p>
+
+</dd>
+<dt id="www-page"><b>-www page</b></dt>
+<dd>
+
+<p>This specifies the page to GET from the server. A value of &#39;/&#39; gets the index.htm[l] page. If this parameter is not specified, then <b>s_time</b> will only perform the handshake to establish SSL connections but not transfer any payload data.</p>
+
+</dd>
+<dt id="cert-certname"><b>-cert certname</b></dt>
+<dd>
+
+<p>The certificate to use, if one is requested by the server. The default is not to use a certificate. The file is in PEM format.</p>
+
+</dd>
+<dt id="key-keyfile"><b>-key keyfile</b></dt>
+<dd>
+
+<p>The private key to use. If not specified then the certificate file will be used. The file is in PEM format.</p>
+
+</dd>
+<dt id="verify-depth"><b>-verify depth</b></dt>
+<dd>
+
+<p>The verify depth to use. This specifies the maximum length of the server certificate chain and turns on server certificate verification. Currently the verify operation continues after errors so all the problems with a certificate chain can be seen. As a side effect the connection will never fail due to a server certificate verify failure.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="CApath-directory"><b>-CApath directory</b></dt>
+<dd>
+
+<p>The directory to use for server certificate verification. This directory must be in &quot;hash format&quot;, see <b>verify</b> for more information. These are also used when building the client certificate chain.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use during server authentication and to use when attempting to build the client certificate chain.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location</p>
+
+</dd>
+<dt id="new"><b>-new</b></dt>
+<dd>
+
+<p>Performs the timing test using a new session ID for each connection. If neither <b>-new</b> nor <b>-reuse</b> are specified, they are both on by default and executed in sequence.</p>
+
+</dd>
+<dt id="reuse"><b>-reuse</b></dt>
+<dd>
+
+<p>Performs the timing test using the same session ID; this can be used as a test that session caching is working. If neither <b>-new</b> nor <b>-reuse</b> are specified, they are both on by default and executed in sequence.</p>
+
+</dd>
+<dt id="ssl3"><b>-ssl3</b></dt>
+<dd>
+
+<p>This option disables the use of SSL version 3. By default the initial handshake uses a method which should be compatible with all servers and permit them to use SSL v3 or TLS as appropriate.</p>
+
+<p>The timing program is not as rich in options to turn protocols on and off as the <a href="../man1/s_client.html">s_client(1)</a> program and may not connect to all servers. Unfortunately there are a lot of ancient and broken servers in use which cannot handle this technique and will fail to connect. Some servers only work if TLS is turned off with the <b>-ssl3</b> option.</p>
+
+<p>Note that this option may not be available, depending on how OpenSSL was built.</p>
+
+</dd>
+<dt id="bugs"><b>-bugs</b></dt>
+<dd>
+
+<p>There are several known bug in SSL and TLS implementations. Adding this option enables various workarounds.</p>
+
+</dd>
+<dt id="cipher-cipherlist"><b>-cipher cipherlist</b></dt>
+<dd>
+
+<p>This allows the TLSv1.2 and below cipher list sent by the client to be modified. This list will be combined with any TLSv1.3 ciphersuites that have been configured. Although the server determines which cipher suite is used it should take the first supported cipher in the list sent by the client. See <a href="../man1/ciphers.html">ciphers(1)</a> for more information.</p>
+
+</dd>
+<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
+<dd>
+
+<p>This allows the TLSv1.3 ciphersuites sent by the client to be modified. This list will be combined with any TLSv1.2 and below ciphersuites that have been configured. Although the server determines which cipher suite is used it should take the first supported cipher in the list sent by the client. See <a href="../man1/ciphers.html">ciphers(1)</a> for more information. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names.</p>
+
+</dd>
+<dt id="time-length"><b>-time length</b></dt>
+<dd>
+
+<p>Specifies how long (in seconds) <b>s_time</b> should establish connections and optionally transfer payload data from a server. Server and client performance and the link speed determine how many connections <b>s_time</b> can establish.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>s_time</b> can be used to measure the performance of an SSL connection. To connect to an SSL HTTP server and get the default page the command</p>
+
+<pre><code> openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]</code></pre>
+
+<p>would typically be used (https uses port 443). &#39;commoncipher&#39; is a cipher to which both client and server can agree, see the <a href="../man1/ciphers.html">ciphers(1)</a> command for details.</p>
+
+<p>If the handshake fails then there are several possible causes, if it is nothing obvious like no client certificate then the <b>-bugs</b> and <b>-ssl3</b> options can be tried in case it is a buggy server. In particular you should play with these options <b>before</b> submitting a bug report to an OpenSSL mailing list.</p>
+
+<p>A frequent problem when attempting to get client certificates working is that a web client complains it has no certificates or gives an empty list to choose from. This is normally because the server is not sending the clients certificate authority in its &quot;acceptable CA list&quot; when it requests a certificate. By using <a href="../man1/s_client.html">s_client(1)</a> the CA list can be viewed and checked. However some servers only request client authentication after a specific URL is requested. To obtain the list in this case it is necessary to use the <b>-prexit</b> option of <a href="../man1/s_client.html">s_client(1)</a> and send an HTTP request for an appropriate page.</p>
+
+<p>If a certificate is specified on the command line using the <b>-cert</b> option it will not be used unless the server specifically requests a client certificate. Therefor merely including a client certificate on the command line is no guarantee that the certificate works.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Because this program does not have all the options of the <a href="../man1/s_client.html">s_client(1)</a> program to turn protocols on and off, you may not be able to measure the performance of all protocols with all servers.</p>
+
+<p>The <b>-verify</b> option should really exit if the server verification fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/s_client.html">s_client(1)</a>, <a href="../man1/s_server.html">s_server(1)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-sess_id.html b/msys2/usr/share/doc/openssl/html/man1/openssl-sess_id.html
new file mode 100644
index 000000000..9418710ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-sess_id.html
@@ -0,0 +1,195 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>sess_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#OUTPUT">OUTPUT</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-sess_id, sess_id - SSL/TLS session handling utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>sess_id</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER|NSS</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-context ID</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>sess_id</b> process the encoded version of the SSL session structure and optionally prints out SSL session details (for example the SSL session master key) in human readable format. Since this is a diagnostic tool that needs some knowledge of the SSL protocol to use properly, most users will not need to use it.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded format containing session details. The precise format can vary from one version to the next. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM-NSS"><b>-outform DER|PEM|NSS</b></dt>
+<dd>
+
+<p>This specifies the output format. The <b>PEM</b> and <b>DER</b> options have the same meaning and default as the <b>-inform</b> option. The <b>NSS</b> option outputs the session id and the master key in NSS keylog format.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read session information from or standard input by default.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write session information to or standard output if this option is not specified.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the various public or private key components in plain text in addition to the encoded version.</p>
+
+</dd>
+<dt id="cert"><b>-cert</b></dt>
+<dd>
+
+<p>If a certificate is present in the session it will be output using this option, if the <b>-text</b> option is also present then it will be printed out in text form.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the session.</p>
+
+</dd>
+<dt id="context-ID"><b>-context ID</b></dt>
+<dd>
+
+<p>This option can set the session id so the output session information uses the supplied ID. The ID can be any string of characters. This option won&#39;t normally be used.</p>
+
+</dd>
+</dl>
+
+<h1 id="OUTPUT">OUTPUT</h1>
+
+<p>Typical output:</p>
+
+<pre><code> SSL-Session:
+     Protocol  : TLSv1
+     Cipher    : 0016
+     Session-ID: 871E62626C554CE95488823752CBD5F3673A3EF3DCE9C67BD916C809914B40ED
+     Session-ID-ctx: 01000000
+     Master-Key: A7CEFC571974BE02CAC305269DC59F76EA9F0B180CB6642697A68251F2D2BB57E51DBBB4C7885573192AE9AEE220FACD
+     Key-Arg   : None
+     Start Time: 948459261
+     Timeout   : 300 (sec)
+     Verify return code 0 (ok)</code></pre>
+
+<p>Theses are described below in more detail.</p>
+
+<dl>
+
+<dt id="Protocol"><b>Protocol</b></dt>
+<dd>
+
+<p>This is the protocol in use TLSv1.3, TLSv1.2, TLSv1.1, TLSv1 or SSLv3.</p>
+
+</dd>
+<dt id="Cipher"><b>Cipher</b></dt>
+<dd>
+
+<p>The cipher used this is the actual raw SSL or TLS cipher code, see the SSL or TLS specifications for more information.</p>
+
+</dd>
+<dt id="Session-ID"><b>Session-ID</b></dt>
+<dd>
+
+<p>The SSL session ID in hex format.</p>
+
+</dd>
+<dt id="Session-ID-ctx"><b>Session-ID-ctx</b></dt>
+<dd>
+
+<p>The session ID context in hex format.</p>
+
+</dd>
+<dt id="Master-Key"><b>Master-Key</b></dt>
+<dd>
+
+<p>This is the SSL session master key.</p>
+
+</dd>
+<dt id="Start-Time"><b>Start Time</b></dt>
+<dd>
+
+<p>This is the session start time represented as an integer in standard Unix format.</p>
+
+</dd>
+<dt id="Timeout"><b>Timeout</b></dt>
+<dd>
+
+<p>The timeout in seconds.</p>
+
+</dd>
+<dt id="Verify-return-code"><b>Verify return code</b></dt>
+<dd>
+
+<p>This is the return code when an SSL client certificate is verified.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM encoded session format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN SSL SESSION PARAMETERS-----
+ -----END SSL SESSION PARAMETERS-----</code></pre>
+
+<p>Since the SSL session output contains the master key it is possible to read the contents of an encrypted session using this information. Therefore appropriate security precautions should be taken if the information is being output by a &quot;real&quot; application. This is however strongly discouraged and should only be used for debugging purposes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The cipher and start time should be printed out in human readable form.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man1/s_server.html">s_server(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-smime.html b/msys2/usr/share/doc/openssl/html/man1/openssl-smime.html
new file mode 100644
index 000000000..6b570ff39
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-smime.html
@@ -0,0 +1,454 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>smime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXIT-CODES">EXIT CODES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-smime, smime - S/MIME utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>smime</b> [<b>-help</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-sign</b>] [<b>-resign</b>] [<b>-verify</b>] [<b>-pk7out</b>] [<b>-binary</b>] [<b>-crlfeol</b>] [<b>-<i>cipher</i></b>] [<b>-in file</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-certfile file</b>] [<b>-signer file</b>] [<b>-recip file</b>] [<b>-inform SMIME|PEM|DER</b>] [<b>-passin arg</b>] [<b>-inkey file_or_id</b>] [<b>-out file</b>] [<b>-outform SMIME|PEM|DER</b>] [<b>-content file</b>] [<b>-to addr</b>] [<b>-from ad</b>] [<b>-subject s</b>] [<b>-text</b>] [<b>-indef</b>] [<b>-noindef</b>] [<b>-stream</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-md digest</b>] [cert.pem]...</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>smime</b> command handles S/MIME mail. It can encrypt, decrypt, sign and verify S/MIME messages.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>There are six operation options that set the type of operation to be performed. The meaning of the other options varies according to the operation type.</p>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="encrypt"><b>-encrypt</b></dt>
+<dd>
+
+<p>Encrypt mail for the given recipient certificates. Input file is the message to be encrypted. The output file is the encrypted mail in MIME format.</p>
+
+<p>Note that no revocation check is done for the recipient cert, so if that key has been compromised, others may be able to decrypt the text.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Decrypt mail using the supplied certificate and private key. Expects an encrypted mail message in MIME format for the input file. The decrypted mail is written to the output file.</p>
+
+</dd>
+<dt id="sign"><b>-sign</b></dt>
+<dd>
+
+<p>Sign mail using the supplied certificate and private key. Input file is the message to be signed. The signed message in MIME format is written to the output file.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verify signed mail. Expects a signed mail message on input and outputs the signed data. Both clear text and opaque signing is supported.</p>
+
+</dd>
+<dt id="pk7out"><b>-pk7out</b></dt>
+<dd>
+
+<p>Takes an input message and writes out a PEM encoded PKCS#7 structure.</p>
+
+</dd>
+<dt id="resign"><b>-resign</b></dt>
+<dd>
+
+<p>Resign a message: take an existing message and one or more new signers.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>The input message to be encrypted or signed or the MIME message to be decrypted or verified.</p>
+
+</dd>
+<dt id="inform-SMIME-PEM-DER"><b>-inform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>This specifies the input format for the PKCS#7 structure. The default is <b>SMIME</b> which reads an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to expect PEM and DER format PKCS#7 structures instead. This currently only affects the input format of the PKCS#7 structure, if no PKCS#7 structure is being input (for example with <b>-encrypt</b> or <b>-sign</b>) this option has no effect.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The message text that has been decrypted or verified or the output MIME format message that has been signed or verified.</p>
+
+</dd>
+<dt id="outform-SMIME-PEM-DER"><b>-outform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>This specifies the output format for the PKCS#7 structure. The default is <b>SMIME</b> which write an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to write PEM and DER format PKCS#7 structures instead. This currently only affects the output format of the PKCS#7 structure, if no PKCS#7 structure is being output (for example with <b>-verify</b> or <b>-decrypt</b>) this option has no effect.</p>
+
+</dd>
+<dt id="stream--indef--noindef"><b>-stream -indef -noindef</b></dt>
+<dd>
+
+<p>The <b>-stream</b> and <b>-indef</b> options are equivalent and enable streaming I/O for encoding operations. This permits single pass processing of data without the need to hold the entire contents in memory, potentially supporting very large files. Streaming is automatically set for S/MIME signing with detached data if the output format is <b>SMIME</b> it is currently off by default for all other operations.</p>
+
+</dd>
+<dt id="noindef"><b>-noindef</b></dt>
+<dd>
+
+<p>Disable streaming I/O where it would produce and indefinite length constructed encoding. This option currently has no effect. In future streaming will be enabled by default on all relevant operations and this option will disable it.</p>
+
+</dd>
+<dt id="content-filename"><b>-content filename</b></dt>
+<dd>
+
+<p>This specifies a file containing the detached content, this is only useful with the <b>-verify</b> command. This is only usable if the PKCS#7 structure is using the detached signature form where the content is not included. This option will override any content if the input format is S/MIME and it uses the multipart/signed MIME content type.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option adds plain text (text/plain) MIME headers to the supplied message if encrypting or signing. If decrypting or verifying it strips off text headers: if the decrypted or verified message is not of MIME type text/plain then an error occurs.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted CA certificates, only used with <b>-verify</b>.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>A directory containing trusted CA certificates, only used with <b>-verify</b>. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location.</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location.</p>
+
+</dd>
+<dt id="md-digest"><b>-md digest</b></dt>
+<dd>
+
+<p>Digest algorithm to use when signing or resigning. If not present then the default digest algorithm for the signing key will be used (usually SHA1).</p>
+
+</dd>
+<dt id="cipher"><b>-<i>cipher</i></b></dt>
+<dd>
+
+<p>The encryption algorithm to use. For example DES (56 bits) - <b>-des</b>, triple DES (168 bits) - <b>-des3</b>, EVP_get_cipherbyname() function) can also be used preceded by a dash, for example <b>-aes-128-cbc</b>. See <a href="../man1/enc.html"><b>enc</b></a> for list of ciphers supported by your version of OpenSSL.</p>
+
+<p>If not specified triple DES is used. Only used with <b>-encrypt</b>.</p>
+
+</dd>
+<dt id="nointern"><b>-nointern</b></dt>
+<dd>
+
+<p>When verifying a message normally certificates (if any) included in the message are searched for the signing certificate. With this option only the certificates specified in the <b>-certfile</b> option are used. The supplied certificates can still be used as untrusted CAs however.</p>
+
+</dd>
+<dt id="noverify"><b>-noverify</b></dt>
+<dd>
+
+<p>Do not verify the signers certificate of a signed message.</p>
+
+</dd>
+<dt id="nochain"><b>-nochain</b></dt>
+<dd>
+
+<p>Do not do chain verification of signers certificates: that is don&#39;t use the certificates in the signed message as untrusted CAs.</p>
+
+</dd>
+<dt id="nosigs"><b>-nosigs</b></dt>
+<dd>
+
+<p>Don&#39;t try to verify the signatures on the message.</p>
+
+</dd>
+<dt id="nocerts"><b>-nocerts</b></dt>
+<dd>
+
+<p>When signing a message the signer&#39;s certificate is normally included with this option it is excluded. This will reduce the size of the signed message but the verifier must have a copy of the signers certificate available locally (passed using the <b>-certfile</b> option for example).</p>
+
+</dd>
+<dt id="noattr"><b>-noattr</b></dt>
+<dd>
+
+<p>Normally when a message is signed a set of attributes are included which include the signing time and supported symmetric algorithms. With this option they are not included.</p>
+
+</dd>
+<dt id="binary"><b>-binary</b></dt>
+<dd>
+
+<p>Normally the input message is converted to &quot;canonical&quot; format which is effectively using CR and LF as end of line: as required by the S/MIME specification. When this option is present no translation occurs. This is useful when handling binary data which may not be in MIME format.</p>
+
+</dd>
+<dt id="crlfeol"><b>-crlfeol</b></dt>
+<dd>
+
+<p>Normally the output file uses a single <b>LF</b> as end of line. When this option is present <b>CRLF</b> is used instead.</p>
+
+</dd>
+<dt id="nodetach"><b>-nodetach</b></dt>
+<dd>
+
+<p>When signing a message use opaque signing: this form is more resistant to translation by mail relays but it cannot be read by mail agents that do not support S/MIME. Without this option cleartext signing with the MIME type multipart/signed is used.</p>
+
+</dd>
+<dt id="certfile-file"><b>-certfile file</b></dt>
+<dd>
+
+<p>Allows additional certificates to be specified. When signing these will be included with the message. When verifying these will be searched for the signers certificates. The certificates should be in PEM format.</p>
+
+</dd>
+<dt id="signer-file"><b>-signer file</b></dt>
+<dd>
+
+<p>A signing certificate when signing or resigning a message, this option can be used multiple times if more than one signer is required. If a message is being verified then the signers certificates will be written to this file if the verification was successful.</p>
+
+</dd>
+<dt id="recip-file"><b>-recip file</b></dt>
+<dd>
+
+<p>The recipients certificate when decrypting a message. This certificate must match one of the recipients of the message or an error occurs.</p>
+
+</dd>
+<dt id="inkey-file_or_id"><b>-inkey file_or_id</b></dt>
+<dd>
+
+<p>The private key to use when signing or decrypting. This must match the corresponding certificate. If this option is not specified then the private key must be included in the certificate file specified with the <b>-recip</b> or <b>-signer</b> file. When signing this option can be used multiple times to specify successive keys. If no engine is used, the argument is taken as a file; if an engine is specified, the argument is given to the engine as a key identifier.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The private key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="cert.pem"><b>cert.pem...</b></dt>
+<dd>
+
+<p>One or more certificates of message recipients: used when encrypting a message.</p>
+
+</dd>
+<dt id="to--from--subject"><b>-to, -from, -subject</b></dt>
+<dd>
+
+<p>The relevant mail headers. These are included outside the signed portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate&#39;s email address matches that specified in the From: address.</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set various options of certificate chain verification. See <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The MIME message must be sent without any blank lines between the headers and the output. Some mail programs will automatically add a blank line. Piping the mail directly to sendmail is one way to achieve the correct format.</p>
+
+<p>The supplied message to be signed or encrypted must include the necessary MIME headers or many S/MIME clients won&#39;t display it properly (if at all). You can use the <b>-text</b> option to automatically add plain text headers.</p>
+
+<p>A &quot;signed and encrypted&quot; message is one where a signed message is then encrypted. This can be produced by encrypting an already signed message: see the examples section.</p>
+
+<p>This version of the program only allows one signer per message but it will verify multiple signers on received messages. Some S/MIME clients choke if a message contains multiple signers. It is possible to sign messages &quot;in parallel&quot; by signing an already signed message.</p>
+
+<p>The options <b>-encrypt</b> and <b>-decrypt</b> reflect common usage in S/MIME clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7 encrypted data is used for other purposes.</p>
+
+<p>The <b>-resign</b> option uses an existing message digest when adding a new signer. This means that attributes must be present in at least one existing signer using the same message digest or this operation will fail.</p>
+
+<p>The <b>-stream</b> and <b>-indef</b> options enable streaming I/O support. As a result the encoding is BER using indefinite length constructed encoding and no longer DER. Streaming is supported for the <b>-encrypt</b> operation and the <b>-sign</b> operation if the content is not detached.</p>
+
+<p>Streaming is always used for the <b>-sign</b> operation with detached data but since the content is no longer part of the PKCS#7 structure the encoding remains DER.</p>
+
+<h1 id="EXIT-CODES">EXIT CODES</h1>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation was completely successfully.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>An error occurred parsing the command options.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>One of the input files could not be read.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>An error occurred creating the PKCS#7 file or when reading the MIME message.</p>
+
+</dd>
+<dt id="pod4">4</dt>
+<dd>
+
+<p>An error occurred decrypting or verifying the message.</p>
+
+</dd>
+<dt id="pod5">5</dt>
+<dd>
+
+<p>The message was verified correctly but an error occurred writing out the signers certificates.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create a cleartext signed message:</p>
+
+<pre><code> openssl smime -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem</code></pre>
+
+<p>Create an opaque signed message:</p>
+
+<pre><code> openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
+        -signer mycert.pem</code></pre>
+
+<p>Create a signed message, include some additional certificates and read the private key from another file:</p>
+
+<pre><code> openssl smime -sign -in in.txt -text -out mail.msg \
+        -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem</code></pre>
+
+<p>Create a signed message with two signers:</p>
+
+<pre><code> openssl smime -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem -signer othercert.pem</code></pre>
+
+<p>Send a signed message under Unix directly to sendmail, including headers:</p>
+
+<pre><code> openssl smime -sign -in in.txt -text -signer mycert.pem \
+        -from steve@openssl.org -to someone@somewhere \
+        -subject &quot;Signed message&quot; | sendmail someone@somewhere</code></pre>
+
+<p>Verify a message and extract the signer&#39;s certificate if successful:</p>
+
+<pre><code> openssl smime -verify -in mail.msg -signer user.pem -out signedtext.txt</code></pre>
+
+<p>Send encrypted mail using triple DES:</p>
+
+<pre><code> openssl smime -encrypt -in in.txt -from steve@openssl.org \
+        -to someone@somewhere -subject &quot;Encrypted message&quot; \
+        -des3 user.pem -out mail.msg</code></pre>
+
+<p>Sign and encrypt mail:</p>
+
+<pre><code> openssl smime -sign -in ml.txt -signer my.pem -text \
+        | openssl smime -encrypt -out mail.msg \
+        -from steve@openssl.org -to someone@somewhere \
+        -subject &quot;Signed and Encrypted message&quot; -des3 user.pem</code></pre>
+
+<p>Note: the encryption command does not include the <b>-text</b> option because the message being encrypted already has MIME headers.</p>
+
+<p>Decrypt mail:</p>
+
+<pre><code> openssl smime -decrypt -in mail.msg -recip mycert.pem -inkey key.pem</code></pre>
+
+<p>The output from Netscape form signing is a PKCS#7 structure with the detached signature format. You can use this program to verify the signature by line wrapping the base64 encoded structure and surrounding it with:</p>
+
+<pre><code> -----BEGIN PKCS7-----
+ -----END PKCS7-----</code></pre>
+
+<p>and using the command:</p>
+
+<pre><code> openssl smime -verify -inform PEM -in signature.pem -content content.txt</code></pre>
+
+<p>Alternatively you can base64 decode the signature and use:</p>
+
+<pre><code> openssl smime -verify -inform DER -in signature.der -content content.txt</code></pre>
+
+<p>Create an encrypted message using 128 bit Camellia:</p>
+
+<pre><code> openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem</code></pre>
+
+<p>Add a signer to an existing message:</p>
+
+<pre><code> openssl smime -resign -in mail.msg -signer newsign.pem -out mail2.msg</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The MIME parser isn&#39;t very clever: it seems to handle most messages that I&#39;ve thrown at it but it may choke on others.</p>
+
+<p>The code currently will only write out the signer&#39;s certificate to a file: if the signer has a separate encryption certificate this must be manually extracted. There should be some heuristic that determines the correct encryption certificate.</p>
+
+<p>Ideally a database should be maintained of a certificates for each email address.</p>
+
+<p>The code doesn&#39;t currently take note of the permitted symmetric encryption algorithms as supplied in the SMIMECapabilities signed attribute. This means the user has to manually include the correct encryption algorithm. It should store the list of permitted ciphers in a database and only use those.</p>
+
+<p>No revocation checking is done on the signer&#39;s certificate.</p>
+
+<p>The current code can only handle S/MIME v2 messages, the more complex S/MIME v3 structures may cause parsing errors.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The use of multiple <b>-signer</b> options and the <b>-resign</b> command were first added in OpenSSL 1.0.0</p>
+
+<p>The -no_alt_chains option was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-speed.html b/msys2/usr/share/doc/openssl/html/man1/openssl-speed.html
new file mode 100644
index 000000000..1f4448aca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-speed.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>speed</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-speed, speed - test library performance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl speed</b> [<b>-help</b>] [<b>-engine id</b>] [<b>-elapsed</b>] [<b>-evp algo</b>] [<b>-decrypt</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-primes num</b>] [<b>-seconds num</b>] [<b>-bytes num</b>] [<b>algorithm...</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to test the performance of cryptographic algorithms. To see the list of supported algorithms, use the <i>list --digest-commands</i> or <i>list --cipher-commands</i> command. The global CSPRNG is denoted by the <i>rand</i> algorithm name.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>speed</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="elapsed"><b>-elapsed</b></dt>
+<dd>
+
+<p>When calculating operations- or bytes-per-second, use wall-clock time instead of CPU user time as divisor. It can be useful when testing speed of hardware engines.</p>
+
+</dd>
+<dt id="evp-algo"><b>-evp algo</b></dt>
+<dd>
+
+<p>Use the specified cipher or message digest algorithm via the EVP interface. If <b>algo</b> is an AEAD cipher, then you can pass &lt;-aead&gt; to benchmark a TLS-like sequence. And if <b>algo</b> is a multi-buffer capable cipher, e.g. aes-128-cbc-hmac-sha1, then <b>-mb</b> will time multi-buffer operation.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Time the decryption instead of encryption. Affects only the EVP testing.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="primes-num"><b>-primes num</b></dt>
+<dd>
+
+<p>Generate a <b>num</b>-prime RSA key and use it to run the benchmarks. This option is only effective if RSA algorithm is specified to test.</p>
+
+</dd>
+<dt id="seconds-num"><b>-seconds num</b></dt>
+<dd>
+
+<p>Run benchmarks for <b>num</b> seconds.</p>
+
+</dd>
+<dt id="bytes-num"><b>-bytes num</b></dt>
+<dd>
+
+<p>Run benchmarks on <b>num</b>-byte buffers. Affects ciphers, digests and the CSPRNG.</p>
+
+</dd>
+<dt id="zero-or-more-test-algorithms"><b>[zero or more test algorithms]</b></dt>
+<dd>
+
+<p>If any options are given, <b>speed</b> tests those algorithms, otherwise a pre-compiled grand selection is tested.</p>
+
+</dd>
+</dl>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-spkac.html b/msys2/usr/share/doc/openssl/html/man1/openssl-spkac.html
new file mode 100644
index 000000000..4b8ba7a9d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-spkac.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>spkac</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-spkac, spkac - SPKAC printing and generating utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>spkac</b> [<b>-help</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-key keyfile</b>] [<b>-keyform PEM|DER|ENGINE</b>] [<b>-passin arg</b>] [<b>-challenge string</b>] [<b>-pubkey</b>] [<b>-spkac spkacname</b>] [<b>-spksect section</b>] [<b>-noout</b>] [<b>-verify</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>spkac</b> command processes Netscape signed public key and challenge (SPKAC) files. It can print out their contents, verify the signature and produce its own SPKACs from a supplied private key.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read from or standard input if this option is not specified. Ignored if the <b>-key</b> option is used.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="key-keyfile"><b>-key keyfile</b></dt>
+<dd>
+
+<p>Create an SPKAC file using the private key in <b>keyfile</b>. The <b>-in</b>, <b>-noout</b>, <b>-spksect</b> and <b>-verify</b> options are ignored if present.</p>
+
+</dd>
+<dt id="keyform-PEM-DER-ENGINE"><b>-keyform PEM|DER|ENGINE</b></dt>
+<dd>
+
+<p>Whether the key format is PEM, DER, or an engine-backed key. The default is PEM.</p>
+
+</dd>
+<dt id="passin-password"><b>-passin password</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="challenge-string"><b>-challenge string</b></dt>
+<dd>
+
+<p>Specifies the challenge string if an SPKAC is being created.</p>
+
+</dd>
+<dt id="spkac-spkacname"><b>-spkac spkacname</b></dt>
+<dd>
+
+<p>Allows an alternative name form the variable containing the SPKAC. The default is &quot;SPKAC&quot;. This option affects both generated and input SPKAC files.</p>
+
+</dd>
+<dt id="spksect-section"><b>-spksect section</b></dt>
+<dd>
+
+<p>Allows an alternative name form the section containing the SPKAC. The default is the default section.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Don&#39;t output the text version of the SPKAC (not used if an SPKAC is being created).</p>
+
+</dd>
+<dt id="pubkey"><b>-pubkey</b></dt>
+<dd>
+
+<p>Output the public key of an SPKAC (not used if an SPKAC is being created).</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verifies the digital signature on the supplied SPKAC.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>spkac</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Print out the contents of an SPKAC:</p>
+
+<pre><code> openssl spkac -in spkac.cnf</code></pre>
+
+<p>Verify the signature of an SPKAC:</p>
+
+<pre><code> openssl spkac -in spkac.cnf -noout -verify</code></pre>
+
+<p>Create an SPKAC using the challenge string &quot;hello&quot;:</p>
+
+<pre><code> openssl spkac -key key.pem -challenge hello -out spkac.cnf</code></pre>
+
+<p>Example of an SPKAC, (long lines split up for clarity):</p>
+
+<pre><code> SPKAC=MIG5MGUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA\
+ 1cCoq2Wa3Ixs47uI7FPVwHVIPDx5yso105Y6zpozam135a\
+ 8R0CpoRvkkigIyXfcCjiVi5oWk+6FfPaD03uPFoQIDAQAB\
+ FgVoZWxsbzANBgkqhkiG9w0BAQQFAANBAFpQtY/FojdwkJ\
+ h1bEIYuc2EeM2KHTWPEepWYeawvHD0gQ3DngSC75YCWnnD\
+ dq+NQ3F+X4deMx9AaEglZtULwV4=</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A created SPKAC with suitable DN components appended can be fed into the <b>ca</b> utility.</p>
+
+<p>SPKACs are typically generated by Netscape when a form is submitted containing the <b>KEYGEN</b> tag as part of the certificate enrollment process.</p>
+
+<p>The challenge string permits a primitive form of proof of possession of private key. By checking the SPKAC signature and a random challenge string some guarantee is given that the user knows the private key corresponding to the public key being certified. This is important in some applications. Without this it is possible for a previous SPKAC to be used in a &quot;replay attack&quot;.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/ca.html">ca(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-srp.html b/msys2/usr/share/doc/openssl/html/man1/openssl-srp.html
new file mode 100644
index 000000000..6b6b08a92
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-srp.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>srp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-srp, srp - maintain SRP password file</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl srp</b> [<b>-help</b>] [<b>-verbose</b>] [<b>-add</b>] [<b>-modify</b>] [<b>-delete</b>] [<b>-list</b>] [<b>-name section</b>] [<b>-config file</b>] [<b>-srpvfile file</b>] [<b>-gn identifier</b>] [<b>-userinfo text...</b>] [<b>-passin arg</b>] [<b>-passout arg</b>] [<i>user...</i>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>srp</b> command is user to maintain an SRP (secure remote password) file. At most one of the <b>-add</b>, <b>-modify</b>, <b>-delete</b>, and <b>-list</b> options can be specified. These options take zero or more usernames as parameters and perform the appropriate operation on the SRP file. For <b>-list</b>, if no <b>user</b> is given then all users are displayed.</p>
+
+<p>The configuration file to use, and the section within the file, can be specified with the <b>-config</b> and <b>-name</b> flags, respectively. If the config file is not specified, the <b>-srpvfile</b> can be used to just specify the file to operate on.</p>
+
+<p>The <b>-userinfo</b> option specifies additional information to add when adding or modifying a user.</p>
+
+<p>The <b>-gn</b> flag specifies the <b>g</b> and <b>N</b> values, using one of the strengths defined in IETF RFC 5054.</p>
+
+<p>The <b>-passin</b> and <b>-passout</b> arguments are parsed as described in the <a href="../man1/openssl.html">openssl(1)</a> command.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help">[<b>-help</b>]</dt>
+<dd>
+
+<p>Display an option summary.</p>
+
+</dd>
+<dt id="verbose">[<b>-verbose</b>]</dt>
+<dd>
+
+<p>Generate verbose output while processing.</p>
+
+</dd>
+</dl>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-storeutl.html b/msys2/usr/share/doc/openssl/html/man1/openssl-storeutl.html
new file mode 100644
index 000000000..e80cb9915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-storeutl.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>storeutl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-storeutl, storeutl - STORE utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>storeutl</b> [<b>-help</b>] [<b>-out file</b>] [<b>-noout</b>] [<b>-passin arg</b>] [<b>-text arg</b>] [<b>-engine id</b>] [<b>-r</b>] [<b>-certs</b>] [<b>-keys</b>] [<b>-crls</b>] [<b>-subject arg</b>] [<b>-issuer arg</b>] [<b>-serial arg</b>] [<b>-alias arg</b>] [<b>-fingerprint arg</b>] [<b>-<i>digest</i></b>] <b>uri</b> ...</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>storeutl</b> command can be used to display the contents (after decryption as the case may be) fetched from the given URIs.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>this option prevents output of the PEM data.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>the key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the objects in text form, similarly to the <b>-text</b> output from <b>openssl x509</b>, <b>openssl pkey</b>, etc.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>specifying an engine (by its unique <b>id</b> string) will cause <b>storeutl</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="r"><b>-r</b></dt>
+<dd>
+
+<p>Fetch objects recursively when possible.</p>
+
+</dd>
+<dt id="certs"><b>-certs</b></dt>
+<dd>
+
+</dd>
+<dt id="keys"><b>-keys</b></dt>
+<dd>
+
+</dd>
+<dt id="crls"><b>-crls</b></dt>
+<dd>
+
+<p>Only select the certificates, keys or CRLs from the given URI. However, if this URI would return a set of names (URIs), those are always returned.</p>
+
+</dd>
+<dt id="subject-arg"><b>-subject arg</b></dt>
+<dd>
+
+<p>Search for an object having the subject name <b>arg</b>. The arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>. Keyword characters may be escaped by \ (backslash), and whitespace is retained. Empty values are permitted but are ignored for the search. That is, a search with an empty value will have the same effect as not specifying the type at all.</p>
+
+</dd>
+<dt id="issuer-arg"><b>-issuer arg</b></dt>
+<dd>
+
+</dd>
+<dt id="serial-arg"><b>-serial arg</b></dt>
+<dd>
+
+<p>Search for an object having the given issuer name and serial number. These two options <i>must</i> be used together. The issuer arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>, characters may be escaped by \ (backslash), no spaces are skipped. The serial arg may be specified as a decimal value or a hex value if preceded by <b>0x</b>.</p>
+
+</dd>
+<dt id="alias-arg"><b>-alias arg</b></dt>
+<dd>
+
+<p>Search for an object having the given alias.</p>
+
+</dd>
+<dt id="fingerprint-arg"><b>-fingerprint arg</b></dt>
+<dd>
+
+<p>Search for an object having the given fingerprint.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>The digest that was used to compute the fingerprint given with <b>-fingerprint</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>openssl</b> <b>storeutl</b> app was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-ts.html b/msys2/usr/share/doc/openssl/html/man1/openssl-ts.html
new file mode 100644
index 000000000..8692ef9d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-ts.html
@@ -0,0 +1,555 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ts</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#Time-Stamp-Request-generation">Time Stamp Request generation</a></li>
+      <li><a href="#Time-Stamp-Response-generation">Time Stamp Response generation</a></li>
+      <li><a href="#Time-Stamp-Response-verification">Time Stamp Response verification</a></li>
+    </ul>
+  </li>
+  <li><a href="#CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a>
+    <ul>
+      <li><a href="#Time-Stamp-Request">Time Stamp Request</a></li>
+      <li><a href="#Time-Stamp-Response">Time Stamp Response</a></li>
+      <li><a href="#Time-Stamp-Verification">Time Stamp Verification</a></li>
+    </ul>
+  </li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ts, ts - Time Stamping Authority tool (client/server)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ts</b> <b>-query</b> [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-config</b> configfile] [<b>-data</b> file_to_hash] [<b>-digest</b> digest_bytes] [<b>-<i>digest</i></b>] [<b>-tspolicy</b> object_id] [<b>-no_nonce</b>] [<b>-cert</b>] [<b>-in</b> request.tsq] [<b>-out</b> request.tsq] [<b>-text</b>]</p>
+
+<p><b>openssl</b> <b>ts</b> <b>-reply</b> [<b>-config</b> configfile] [<b>-section</b> tsa_section] [<b>-queryfile</b> request.tsq] [<b>-passin</b> password_src] [<b>-signer</b> tsa_cert.pem] [<b>-inkey</b> file_or_id] [<b>-<i>digest</i></b>] [<b>-chain</b> certs_file.pem] [<b>-tspolicy</b> object_id] [<b>-in</b> response.tsr] [<b>-token_in</b>] [<b>-out</b> response.tsr] [<b>-token_out</b>] [<b>-text</b>] [<b>-engine</b> id]</p>
+
+<p><b>openssl</b> <b>ts</b> <b>-verify</b> [<b>-data</b> file_to_hash] [<b>-digest</b> digest_bytes] [<b>-queryfile</b> request.tsq] [<b>-in</b> response.tsr] [<b>-token_in</b>] [<b>-CApath</b> trusted_cert_path] [<b>-CAfile</b> trusted_certs.pem] [<b>-untrusted</b> cert_file.pem] [<i>verify options</i>]</p>
+
+<p><i>verify options:</i> [-attime timestamp] [-check_ss_sig] [-crl_check] [-crl_check_all] [-explicit_policy] [-extended_crl] [-ignore_critical] [-inhibit_any] [-inhibit_map] [-issuer_checks] [-no_alt_chains] [-no_check_time] [-partial_chain] [-policy arg] [-policy_check] [-policy_print] [-purpose purpose] [-suiteB_128] [-suiteB_128_only] [-suiteB_192] [-trusted_first] [-use_deltas] [-auth_level num] [-verify_depth num] [-verify_email email] [-verify_hostname hostname] [-verify_ip ip] [-verify_name name] [-x509_strict]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>ts</b> command is a basic Time Stamping Authority (TSA) client and server application as specified in RFC 3161 (Time-Stamp Protocol, TSP). A TSA can be part of a PKI deployment and its role is to provide long term proof of the existence of a certain datum before a particular time. Here is a brief description of the protocol:</p>
+
+<ol>
+
+<li><p>The TSA client computes a one-way hash value for a data file and sends the hash to the TSA.</p>
+
+</li>
+<li><p>The TSA attaches the current date and time to the received hash value, signs them and sends the time stamp token back to the client. By creating this token the TSA certifies the existence of the original data file at the time of response generation.</p>
+
+</li>
+<li><p>The TSA client receives the time stamp token and verifies the signature on it. It also checks if the token contains the same hash value that it had sent to the TSA.</p>
+
+</li>
+</ol>
+
+<p>There is one DER encoded protocol data unit defined for transporting a time stamp request to the TSA and one for sending the time stamp response back to the client. The <b>ts</b> command has three main functions: creating a time stamp request based on a data file, creating a time stamp response based on a request, verifying if a response corresponds to a particular request or a data file.</p>
+
+<p>There is no support for sending the requests/responses automatically over HTTP or TCP yet as suggested in RFC 3161. The users must send the requests either by ftp or e-mail.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<h2 id="Time-Stamp-Request-generation">Time Stamp Request generation</h2>
+
+<p>The <b>-query</b> switch can be used for creating and printing a time stamp request with the following options:</p>
+
+<dl>
+
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="config-configfile"><b>-config</b> configfile</dt>
+<dd>
+
+<p>The configuration file to use. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>.</p>
+
+</dd>
+<dt id="data-file_to_hash"><b>-data</b> file_to_hash</dt>
+<dd>
+
+<p>The data file for which the time stamp request needs to be created. stdin is the default if neither the <b>-data</b> nor the <b>-digest</b> parameter is specified. (Optional)</p>
+
+</dd>
+<dt id="digest-digest_bytes"><b>-digest</b> digest_bytes</dt>
+<dd>
+
+<p>It is possible to specify the message imprint explicitly without the data file. The imprint must be specified in a hexadecimal format, two characters per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or 1AF601...). The number of bytes must match the message digest algorithm in use. (Optional)</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>The message digest to apply to the data file. Any digest supported by the OpenSSL <b>dgst</b> command can be used. The default is SHA-1. (Optional)</p>
+
+</dd>
+<dt id="tspolicy-object_id"><b>-tspolicy</b> object_id</dt>
+<dd>
+
+<p>The policy that the client expects the TSA to use for creating the time stamp token. Either the dotted OID notation or OID names defined in the config file can be used. If no policy is requested the TSA will use its own default policy. (Optional)</p>
+
+</dd>
+<dt id="no_nonce"><b>-no_nonce</b></dt>
+<dd>
+
+<p>No nonce is specified in the request if this option is given. Otherwise a 64 bit long pseudo-random none is included in the request. It is recommended to use nonce to protect against replay-attacks. (Optional)</p>
+
+</dd>
+<dt id="cert"><b>-cert</b></dt>
+<dd>
+
+<p>The TSA is expected to include its signing certificate in the response. (Optional)</p>
+
+</dd>
+<dt id="in-request.tsq"><b>-in</b> request.tsq</dt>
+<dd>
+
+<p>This option specifies a previously created time stamp request in DER format that will be printed into the output file. Useful when you need to examine the content of a request in human-readable format. (Optional)</p>
+
+</dd>
+<dt id="out-request.tsq"><b>-out</b> request.tsq</dt>
+<dd>
+
+<p>Name of the output file to which the request will be written. Default is stdout. (Optional)</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>If this option is specified the output is human-readable text format instead of DER. (Optional)</p>
+
+</dd>
+</dl>
+
+<h2 id="Time-Stamp-Response-generation">Time Stamp Response generation</h2>
+
+<p>A time stamp response (TimeStampResp) consists of a response status and the time stamp token itself (ContentInfo), if the token generation was successful. The <b>-reply</b> command is for creating a time stamp response or time stamp token based on a request and printing the response/token in human-readable format. If <b>-token_out</b> is not specified the output is always a time stamp response (TimeStampResp), otherwise it is a time stamp token (ContentInfo).</p>
+
+<dl>
+
+<dt id="config-configfile1"><b>-config</b> configfile</dt>
+<dd>
+
+<p>The configuration file to use. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>. See <b>CONFIGURATION FILE OPTIONS</b> for configurable variables.</p>
+
+</dd>
+<dt id="section-tsa_section"><b>-section</b> tsa_section</dt>
+<dd>
+
+<p>The name of the config file section containing the settings for the response generation. If not specified the default TSA section is used, see <b>CONFIGURATION FILE OPTIONS</b> for details. (Optional)</p>
+
+</dd>
+<dt id="queryfile-request.tsq"><b>-queryfile</b> request.tsq</dt>
+<dd>
+
+<p>The name of the file containing a DER encoded time stamp request. (Optional)</p>
+
+</dd>
+<dt id="passin-password_src"><b>-passin</b> password_src</dt>
+<dd>
+
+<p>Specifies the password source for the private key of the TSA. See <b>PASS PHRASE ARGUMENTS</b> in <a href="../man1/openssl.html">openssl(1)</a>. (Optional)</p>
+
+</dd>
+<dt id="signer-tsa_cert.pem"><b>-signer</b> tsa_cert.pem</dt>
+<dd>
+
+<p>The signer certificate of the TSA in PEM format. The TSA signing certificate must have exactly one extended key usage assigned to it: timeStamping. The extended key usage must also be critical, otherwise the certificate is going to be refused. Overrides the <b>signer_cert</b> variable of the config file. (Optional)</p>
+
+</dd>
+<dt id="inkey-file_or_id"><b>-inkey</b> file_or_id</dt>
+<dd>
+
+<p>The signer private key of the TSA in PEM format. Overrides the <b>signer_key</b> config file option. (Optional) If no engine is used, the argument is taken as a file; if an engine is specified, the argument is given to the engine as a key identifier.</p>
+
+</dd>
+<dt id="digest1"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>Signing digest to use. Overrides the <b>signer_digest</b> config file option. (Optional)</p>
+
+</dd>
+<dt id="chain-certs_file.pem"><b>-chain</b> certs_file.pem</dt>
+<dd>
+
+<p>The collection of certificates in PEM format that will all be included in the response in addition to the signer certificate if the <b>-cert</b> option was used for the request. This file is supposed to contain the certificate chain for the signer certificate from its issuer upwards. The <b>-reply</b> command does not build a certificate chain automatically. (Optional)</p>
+
+</dd>
+<dt id="tspolicy-object_id1"><b>-tspolicy</b> object_id</dt>
+<dd>
+
+<p>The default policy to use for the response unless the client explicitly requires a particular TSA policy. The OID can be specified either in dotted notation or with its name. Overrides the <b>default_policy</b> config file option. (Optional)</p>
+
+</dd>
+<dt id="in-response.tsr"><b>-in</b> response.tsr</dt>
+<dd>
+
+<p>Specifies a previously created time stamp response or time stamp token (if <b>-token_in</b> is also specified) in DER format that will be written to the output file. This option does not require a request, it is useful e.g. when you need to examine the content of a response or token or you want to extract the time stamp token from a response. If the input is a token and the output is a time stamp response a default &#39;granted&#39; status info is added to the token. (Optional)</p>
+
+</dd>
+<dt id="token_in"><b>-token_in</b></dt>
+<dd>
+
+<p>This flag can be used together with the <b>-in</b> option and indicates that the input is a DER encoded time stamp token (ContentInfo) instead of a time stamp response (TimeStampResp). (Optional)</p>
+
+</dd>
+<dt id="out-response.tsr"><b>-out</b> response.tsr</dt>
+<dd>
+
+<p>The response is written to this file. The format and content of the file depends on other options (see <b>-text</b>, <b>-token_out</b>). The default is stdout. (Optional)</p>
+
+</dd>
+<dt id="token_out"><b>-token_out</b></dt>
+<dd>
+
+<p>The output is a time stamp token (ContentInfo) instead of time stamp response (TimeStampResp). (Optional)</p>
+
+</dd>
+<dt id="text1"><b>-text</b></dt>
+<dd>
+
+<p>If this option is specified the output is human-readable text format instead of DER. (Optional)</p>
+
+</dd>
+<dt id="engine-id"><b>-engine</b> id</dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ts</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. Default is builtin. (Optional)</p>
+
+</dd>
+</dl>
+
+<h2 id="Time-Stamp-Response-verification">Time Stamp Response verification</h2>
+
+<p>The <b>-verify</b> command is for verifying if a time stamp response or time stamp token is valid and matches a particular time stamp request or data file. The <b>-verify</b> command does not use the configuration file.</p>
+
+<dl>
+
+<dt id="data-file_to_hash1"><b>-data</b> file_to_hash</dt>
+<dd>
+
+<p>The response or token must be verified against file_to_hash. The file is hashed with the message digest algorithm specified in the token. The <b>-digest</b> and <b>-queryfile</b> options must not be specified with this one. (Optional)</p>
+
+</dd>
+<dt id="digest-digest_bytes1"><b>-digest</b> digest_bytes</dt>
+<dd>
+
+<p>The response or token must be verified against the message digest specified with this option. The number of bytes must match the message digest algorithm specified in the token. The <b>-data</b> and <b>-queryfile</b> options must not be specified with this one. (Optional)</p>
+
+</dd>
+<dt id="queryfile-request.tsq1"><b>-queryfile</b> request.tsq</dt>
+<dd>
+
+<p>The original time stamp request in DER format. The <b>-data</b> and <b>-digest</b> options must not be specified with this one. (Optional)</p>
+
+</dd>
+<dt id="in-response.tsr1"><b>-in</b> response.tsr</dt>
+<dd>
+
+<p>The time stamp response that needs to be verified in DER format. (Mandatory)</p>
+
+</dd>
+<dt id="token_in1"><b>-token_in</b></dt>
+<dd>
+
+<p>This flag can be used together with the <b>-in</b> option and indicates that the input is a DER encoded time stamp token (ContentInfo) instead of a time stamp response (TimeStampResp). (Optional)</p>
+
+</dd>
+<dt id="CApath-trusted_cert_path"><b>-CApath</b> trusted_cert_path</dt>
+<dd>
+
+<p>The name of the directory containing the trusted CA certificates of the client. See the similar option of <a href="../man1/verify.html">verify(1)</a> for additional details. Either this option or <b>-CAfile</b> must be specified. (Optional)</p>
+
+</dd>
+<dt id="CAfile-trusted_certs.pem"><b>-CAfile</b> trusted_certs.pem</dt>
+<dd>
+
+<p>The name of the file containing a set of trusted self-signed CA certificates in PEM format. See the similar option of <a href="../man1/verify.html">verify(1)</a> for additional details. Either this option or <b>-CApath</b> must be specified. (Optional)</p>
+
+</dd>
+<dt id="untrusted-cert_file.pem"><b>-untrusted</b> cert_file.pem</dt>
+<dd>
+
+<p>Set of additional untrusted certificates in PEM format which may be needed when building the certificate chain for the TSA&#39;s signing certificate. This file must contain the TSA signing certificate and all intermediate CA certificates unless the response includes them. (Optional)</p>
+
+</dd>
+<dt id="verify-options"><i>verify options</i></dt>
+<dd>
+
+<p>The options <b>-attime timestamp</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-issuer_checks</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, and <b>-x509_strict</b> can be used to control timestamp verification. See <a href="../man1/verify.html">verify(1)</a>.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</h1>
+
+<p>The <b>-query</b> and <b>-reply</b> commands make use of a configuration file. See <a href="../man5/config.html">config(5)</a> for a general description of the syntax of the config file. The <b>-query</b> command uses only the symbolic OID names section and it can work without it. However, the <b>-reply</b> command needs the config file for its operation.</p>
+
+<p>When there is a command line switch equivalent of a variable the switch always overrides the settings in the config file.</p>
+
+<dl>
+
+<dt id="tsa-section-default_tsa"><b>tsa</b> section, <b>default_tsa</b></dt>
+<dd>
+
+<p>This is the main section and it specifies the name of another section that contains all the options for the <b>-reply</b> command. This default section can be overridden with the <b>-section</b> command line switch. (Optional)</p>
+
+</dd>
+<dt id="oid_file"><b>oid_file</b></dt>
+<dd>
+
+<p>See <a href="../man1/ca.html">ca(1)</a> for description. (Optional)</p>
+
+</dd>
+<dt id="oid_section"><b>oid_section</b></dt>
+<dd>
+
+<p>See <a href="../man1/ca.html">ca(1)</a> for description. (Optional)</p>
+
+</dd>
+<dt id="RANDFILE"><b>RANDFILE</b></dt>
+<dd>
+
+<p>See <a href="../man1/ca.html">ca(1)</a> for description. (Optional)</p>
+
+</dd>
+<dt id="serial"><b>serial</b></dt>
+<dd>
+
+<p>The name of the file containing the hexadecimal serial number of the last time stamp response created. This number is incremented by 1 for each response. If the file does not exist at the time of response generation a new file is created with serial number 1. (Mandatory)</p>
+
+</dd>
+<dt id="crypto_device"><b>crypto_device</b></dt>
+<dd>
+
+<p>Specifies the OpenSSL engine that will be set as the default for all available algorithms. The default value is builtin, you can specify any other engines supported by OpenSSL (e.g. use chil for the NCipher HSM). (Optional)</p>
+
+</dd>
+<dt id="signer_cert"><b>signer_cert</b></dt>
+<dd>
+
+<p>TSA signing certificate in PEM format. The same as the <b>-signer</b> command line option. (Optional)</p>
+
+</dd>
+<dt id="certs"><b>certs</b></dt>
+<dd>
+
+<p>A file containing a set of PEM encoded certificates that need to be included in the response. The same as the <b>-chain</b> command line option. (Optional)</p>
+
+</dd>
+<dt id="signer_key"><b>signer_key</b></dt>
+<dd>
+
+<p>The private key of the TSA in PEM format. The same as the <b>-inkey</b> command line option. (Optional)</p>
+
+</dd>
+<dt id="signer_digest"><b>signer_digest</b></dt>
+<dd>
+
+<p>Signing digest to use. The same as the <b>-<i>digest</i></b> command line option. (Optional)</p>
+
+</dd>
+<dt id="default_policy"><b>default_policy</b></dt>
+<dd>
+
+<p>The default policy to use when the request does not mandate any policy. The same as the <b>-tspolicy</b> command line option. (Optional)</p>
+
+</dd>
+<dt id="other_policies"><b>other_policies</b></dt>
+<dd>
+
+<p>Comma separated list of policies that are also acceptable by the TSA and used only if the request explicitly specifies one of them. (Optional)</p>
+
+</dd>
+<dt id="digests"><b>digests</b></dt>
+<dd>
+
+<p>The list of message digest algorithms that the TSA accepts. At least one algorithm must be specified. (Mandatory)</p>
+
+</dd>
+<dt id="accuracy"><b>accuracy</b></dt>
+<dd>
+
+<p>The accuracy of the time source of the TSA in seconds, milliseconds and microseconds. E.g. secs:1, millisecs:500, microsecs:100. If any of the components is missing zero is assumed for that field. (Optional)</p>
+
+</dd>
+<dt id="clock_precision_digits"><b>clock_precision_digits</b></dt>
+<dd>
+
+<p>Specifies the maximum number of digits, which represent the fraction of seconds, that need to be included in the time field. The trailing zeroes must be removed from the time, so there might actually be fewer digits, or no fraction of seconds at all. Supported only on UNIX platforms. The maximum value is 6, default is 0. (Optional)</p>
+
+</dd>
+<dt id="ordering"><b>ordering</b></dt>
+<dd>
+
+<p>If this option is yes the responses generated by this TSA can always be ordered, even if the time difference between two responses is less than the sum of their accuracies. Default is no. (Optional)</p>
+
+</dd>
+<dt id="tsa_name"><b>tsa_name</b></dt>
+<dd>
+
+<p>Set this option to yes if the subject name of the TSA must be included in the TSA name field of the response. Default is no. (Optional)</p>
+
+</dd>
+<dt id="ess_cert_id_chain"><b>ess_cert_id_chain</b></dt>
+<dd>
+
+<p>The SignedData objects created by the TSA always contain the certificate identifier of the signing certificate in a signed attribute (see RFC 2634, Enhanced Security Services). If this option is set to yes and either the <b>certs</b> variable or the <b>-chain</b> option is specified then the certificate identifiers of the chain will also be included in the SigningCertificate signed attribute. If this variable is set to no, only the signing certificate identifier is included. Default is no. (Optional)</p>
+
+</dd>
+<dt id="ess_cert_id_alg"><b>ess_cert_id_alg</b></dt>
+<dd>
+
+<p>This option specifies the hash function to be used to calculate the TSA&#39;s public key certificate identifier. Default is sha1. (Optional)</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>All the examples below presume that <b>OPENSSL_CONF</b> is set to a proper configuration file, e.g. the example configuration file openssl/apps/openssl.cnf will do.</p>
+
+<h2 id="Time-Stamp-Request">Time Stamp Request</h2>
+
+<p>To create a time stamp request for design1.txt with SHA-1 without nonce and policy and no certificate is required in the response:</p>
+
+<pre><code>  openssl ts -query -data design1.txt -no_nonce \
+        -out design1.tsq</code></pre>
+
+<p>To create a similar time stamp request with specifying the message imprint explicitly:</p>
+
+<pre><code>  openssl ts -query -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+         -no_nonce -out design1.tsq</code></pre>
+
+<p>To print the content of the previous request in human readable format:</p>
+
+<pre><code>  openssl ts -query -in design1.tsq -text</code></pre>
+
+<p>To create a time stamp request which includes the MD-5 digest of design2.txt, requests the signer certificate and nonce, specifies a policy id (assuming the tsa_policy1 name is defined in the OID section of the config file):</p>
+
+<pre><code>  openssl ts -query -data design2.txt -md5 \
+        -tspolicy tsa_policy1 -cert -out design2.tsq</code></pre>
+
+<h2 id="Time-Stamp-Response">Time Stamp Response</h2>
+
+<p>Before generating a response a signing certificate must be created for the TSA that contains the <b>timeStamping</b> critical extended key usage extension without any other key usage extensions. You can add this line to the user certificate section of the config file to generate a proper certificate;</p>
+
+<pre><code>   extendedKeyUsage = critical,timeStamping</code></pre>
+
+<p>See <a href="../man1/req.html">req(1)</a>, <a href="../man1/ca.html">ca(1)</a>, and <a href="../man1/x509.html">x509(1)</a> for instructions. The examples below assume that cacert.pem contains the certificate of the CA, tsacert.pem is the signing certificate issued by cacert.pem and tsakey.pem is the private key of the TSA.</p>
+
+<p>To create a time stamp response for a request:</p>
+
+<pre><code>  openssl ts -reply -queryfile design1.tsq -inkey tsakey.pem \
+        -signer tsacert.pem -out design1.tsr</code></pre>
+
+<p>If you want to use the settings in the config file you could just write:</p>
+
+<pre><code>  openssl ts -reply -queryfile design1.tsq -out design1.tsr</code></pre>
+
+<p>To print a time stamp reply to stdout in human readable format:</p>
+
+<pre><code>  openssl ts -reply -in design1.tsr -text</code></pre>
+
+<p>To create a time stamp token instead of time stamp response:</p>
+
+<pre><code>  openssl ts -reply -queryfile design1.tsq -out design1_token.der -token_out</code></pre>
+
+<p>To print a time stamp token to stdout in human readable format:</p>
+
+<pre><code>  openssl ts -reply -in design1_token.der -token_in -text -token_out</code></pre>
+
+<p>To extract the time stamp token from a response:</p>
+
+<pre><code>  openssl ts -reply -in design1.tsr -out design1_token.der -token_out</code></pre>
+
+<p>To add &#39;granted&#39; status info to a time stamp token thereby creating a valid response:</p>
+
+<pre><code>  openssl ts -reply -in design1_token.der -token_in -out design1.tsr</code></pre>
+
+<h2 id="Time-Stamp-Verification">Time Stamp Verification</h2>
+
+<p>To verify a time stamp reply against a request:</p>
+
+<pre><code>  openssl ts -verify -queryfile design1.tsq -in design1.tsr \
+        -CAfile cacert.pem -untrusted tsacert.pem</code></pre>
+
+<p>To verify a time stamp reply that includes the certificate chain:</p>
+
+<pre><code>  openssl ts -verify -queryfile design2.tsq -in design2.tsr \
+        -CAfile cacert.pem</code></pre>
+
+<p>To verify a time stamp token against the original data file: openssl ts -verify -data design2.txt -in design2.tsr \ -CAfile cacert.pem</p>
+
+<p>To verify a time stamp token against a message imprint: openssl ts -verify -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \ -in design2.tsr -CAfile cacert.pem</p>
+
+<p>You could also look at the &#39;test&#39; directory for more examples.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<ul>
+
+<li><p>No support for time stamps over SMTP, though it is quite easy to implement an automatic e-mail based TSA with <a href="../man1/procmail.html">procmail(1)</a> and <a href="../man1/perl.html">perl(1)</a>. HTTP server support is provided in the form of a separate apache module. HTTP client support is provided by <a href="../man1/tsget.html">tsget(1)</a>. Pure TCP/IP protocol is not supported.</p>
+
+</li>
+<li><p>The file containing the last serial number of the TSA is not locked when being read or written. This is a problem if more than one instance of <a href="../man1/openssl.html">openssl(1)</a> is trying to create a time stamp response at the same time. This is not an issue when using the apache server module, it does proper locking.</p>
+
+</li>
+<li><p>Look for the FIXME word in the source files.</p>
+
+</li>
+<li><p>The source code should really be reviewed by somebody else, too.</p>
+
+</li>
+<li><p>More testing is needed, I have done only some basic tests (see test/testtsa).</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/tsget.html">tsget(1)</a>, <a href="../man1/openssl.html">openssl(1)</a>, <a href="../man1/req.html">req(1)</a>, <a href="../man1/x509.html">x509(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-tsget.html b/msys2/usr/share/doc/openssl/html/man1/openssl-tsget.html
new file mode 100644
index 000000000..10aa41e35
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-tsget.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>tsget</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#ENVIRONMENT-VARIABLES">ENVIRONMENT VARIABLES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-tsget, tsget - Time Stamping HTTP/HTTPS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>tsget</b> <b>-h</b> server_url [<b>-e</b> extension] [<b>-o</b> output] [<b>-v</b>] [<b>-d</b>] [<b>-k</b> private_key.pem] [<b>-p</b> key_password] [<b>-c</b> client_cert.pem] [<b>-C</b> CA_certs.pem] [<b>-P</b> CA_path] [<b>-r</b> file:file...] [<b>-g</b> EGD_socket] [request]...</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>tsget</b> command can be used for sending a time stamp request, as specified in <b>RFC 3161</b>, to a time stamp server over HTTP or HTTPS and storing the time stamp response in a file. This tool cannot be used for creating the requests and verifying responses, you can use the OpenSSL <b>ts(1)</b> command to do that. <b>tsget</b> can send several requests to the server without closing the TCP connection if more than one requests are specified on the command line.</p>
+
+<p>The tool sends the following HTTP request for each time stamp request:</p>
+
+<pre><code>        POST url HTTP/1.1
+        User-Agent: OpenTSA tsget.pl/&lt;version&gt;
+        Host: &lt;host&gt;:&lt;port&gt;
+        Pragma: no-cache
+        Content-Type: application/timestamp-query
+        Accept: application/timestamp-reply
+        Content-Length: length of body
+
+        ...binary request specified by the user...</code></pre>
+
+<p><b>tsget</b> expects a response of type application/timestamp-reply, which is written to a file without any interpretation.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="h-server_url"><b>-h</b> server_url</dt>
+<dd>
+
+<p>The URL of the HTTP/HTTPS server listening for time stamp requests.</p>
+
+</dd>
+<dt id="e-extension"><b>-e</b> extension</dt>
+<dd>
+
+<p>If the <b>-o</b> option is not given this argument specifies the extension of the output files. The base name of the output file will be the same as those of the input files. Default extension is &#39;.tsr&#39;. (Optional)</p>
+
+</dd>
+<dt id="o-output"><b>-o</b> output</dt>
+<dd>
+
+<p>This option can be specified only when just one request is sent to the server. The time stamp response will be written to the given output file. &#39;-&#39; means standard output. In case of multiple time stamp requests or the absence of this argument the names of the output files will be derived from the names of the input files and the default or specified extension argument. (Optional)</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>The name of the currently processed request is printed on standard error. (Optional)</p>
+
+</dd>
+<dt id="d"><b>-d</b></dt>
+<dd>
+
+<p>Switches on verbose mode for the underlying <b>curl</b> library. You can see detailed debug messages for the connection. (Optional)</p>
+
+</dd>
+<dt id="k-private_key.pem"><b>-k</b> private_key.pem</dt>
+<dd>
+
+<p>(HTTPS) In case of certificate-based client authentication over HTTPS &lt;private_key.pem&gt; must contain the private key of the user. The private key file can optionally be protected by a passphrase. The <b>-c</b> option must also be specified. (Optional)</p>
+
+</dd>
+<dt id="p-key_password"><b>-p</b> key_password</dt>
+<dd>
+
+<p>(HTTPS) Specifies the passphrase for the private key specified by the <b>-k</b> argument. If this option is omitted and the key is passphrase protected <b>tsget</b> will ask for it. (Optional)</p>
+
+</dd>
+<dt id="c-client_cert.pem"><b>-c</b> client_cert.pem</dt>
+<dd>
+
+<p>(HTTPS) In case of certificate-based client authentication over HTTPS &lt;client_cert.pem&gt; must contain the X.509 certificate of the user. The <b>-k</b> option must also be specified. If this option is not specified no certificate-based client authentication will take place. (Optional)</p>
+
+</dd>
+<dt id="C-CA_certs.pem"><b>-C</b> CA_certs.pem</dt>
+<dd>
+
+<p>(HTTPS) The trusted CA certificate store. The certificate chain of the peer&#39;s certificate must include one of the CA certificates specified in this file. Either option <b>-C</b> or option <b>-P</b> must be given in case of HTTPS. (Optional)</p>
+
+</dd>
+<dt id="P-CA_path"><b>-P</b> CA_path</dt>
+<dd>
+
+<p>(HTTPS) The path containing the trusted CA certificates to verify the peer&#39;s certificate. The directory must be prepared with the <b>c_rehash</b> OpenSSL utility. Either option <b>-C</b> or option <b>-P</b> must be given in case of HTTPS. (Optional)</p>
+
+</dd>
+<dt id="rand-file:file"><b>-rand</b> file:file...</dt>
+<dd>
+
+<p>The files containing random data for seeding the random number generator. Multiple files can be specified, the separator is <b>;</b> for MS-Windows, <b>,</b> for VMS and <b>:</b> for all other platforms. (Optional)</p>
+
+</dd>
+<dt id="g-EGD_socket"><b>-g</b> EGD_socket</dt>
+<dd>
+
+<p>The name of an EGD socket to get random data from. (Optional)</p>
+
+</dd>
+<dt id="request">[request]...</dt>
+<dd>
+
+<p>List of files containing <b>RFC 3161</b> DER-encoded time stamp requests. If no requests are specified only one request will be sent to the server and it will be read from the standard input. (Optional)</p>
+
+</dd>
+</dl>
+
+<h1 id="ENVIRONMENT-VARIABLES">ENVIRONMENT VARIABLES</h1>
+
+<p>The <b>TSGET</b> environment variable can optionally contain default arguments. The content of this variable is added to the list of command line arguments.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The examples below presume that <b>file1.tsq</b> and <b>file2.tsq</b> contain valid time stamp requests, tsa.opentsa.org listens at port 8080 for HTTP requests and at port 8443 for HTTPS requests, the TSA service is available at the /tsa absolute path.</p>
+
+<p>Get a time stamp response for file1.tsq over HTTP, output is written to file1.tsr:</p>
+
+<pre><code>  tsget -h http://tsa.opentsa.org:8080/tsa file1.tsq</code></pre>
+
+<p>Get a time stamp response for file1.tsq and file2.tsq over HTTP showing progress, output is written to file1.reply and file2.reply respectively:</p>
+
+<pre><code>  tsget -h http://tsa.opentsa.org:8080/tsa -v -e .reply \
+        file1.tsq file2.tsq</code></pre>
+
+<p>Create a time stamp request, write it to file3.tsq, send it to the server and write the response to file3.tsr:</p>
+
+<pre><code>  openssl ts -query -data file3.txt -cert | tee file3.tsq \
+        | tsget -h http://tsa.opentsa.org:8080/tsa \
+        -o file3.tsr</code></pre>
+
+<p>Get a time stamp response for file1.tsq over HTTPS without client authentication:</p>
+
+<pre><code>  tsget -h https://tsa.opentsa.org:8443/tsa \
+        -C cacerts.pem file1.tsq</code></pre>
+
+<p>Get a time stamp response for file1.tsq over HTTPS with certificate-based client authentication (it will ask for the passphrase if client_key.pem is protected):</p>
+
+<pre><code>  tsget -h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+        -k client_key.pem -c client_cert.pem file1.tsq</code></pre>
+
+<p>You can shorten the previous command line if you make use of the <b>TSGET</b> environment variable. The following commands do the same as the previous example:</p>
+
+<pre><code>  TSGET=&#39;-h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+        -k client_key.pem -c client_cert.pem&#39;
+  export TSGET
+  tsget file1.tsq</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man1/ts.html">ts(1)</a>, <a href="../man1/curl.html">curl(1)</a>, <b>RFC 3161</b></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-verify.html b/msys2/usr/share/doc/openssl/html/man1/openssl-verify.html
new file mode 100644
index 000000000..7dd412551
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-verify.html
@@ -0,0 +1,825 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#VERIFY-OPERATION">VERIFY OPERATION</a></li>
+  <li><a href="#DIAGNOSTICS">DIAGNOSTICS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-verify, verify - Utility to verify certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>verify</b> [<b>-help</b>] [<b>-CAfile file</b>] [<b>-CApath directory</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-allow_proxy_certs</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-CRLfile file</b>] [<b>-crl_download</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-engine id</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-nameopt option</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-untrusted file</b>] [<b>-trusted file</b>] [<b>-use_deltas</b>] [<b>-verbose</b>] [<b>-auth_level level</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-show_chain</b>] [<b>-</b>] [certificates]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>verify</b> command verifies certificate chains.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A <b>file</b> of trusted certificates. The file should contain one or more certificates in PEM format.</p>
+
+</dd>
+<dt id="CApath-directory"><b>-CApath directory</b></dt>
+<dd>
+
+<p>A directory of trusted certificates. The certificates should have names of the form: hash.0 or have symbolic links to them of this form (&quot;hash&quot; is the hashed certificate subject name: see the <b>-hash</b> option of the <b>x509</b> utility). Under Unix the <b>c_rehash</b> script will automatically create symbolic links to a directory of certificates.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location.</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location.</p>
+
+</dd>
+<dt id="allow_proxy_certs"><b>-allow_proxy_certs</b></dt>
+<dd>
+
+<p>Allow the verification of proxy certificates.</p>
+
+</dd>
+<dt id="attime-timestamp"><b>-attime timestamp</b></dt>
+<dd>
+
+<p>Perform validation checks using time specified by <b>timestamp</b> and not current system time. <b>timestamp</b> is the number of seconds since 01.01.1970 (UNIX time).</p>
+
+</dd>
+<dt id="check_ss_sig"><b>-check_ss_sig</b></dt>
+<dd>
+
+<p>Verify the signature on the self-signed root CA. This is disabled by default because it doesn&#39;t add any security.</p>
+
+</dd>
+<dt id="CRLfile-file"><b>-CRLfile file</b></dt>
+<dd>
+
+<p>The <b>file</b> should contain one or more CRLs in PEM format. This option can be specified more than once to include CRLs from multiple <b>files</b>.</p>
+
+</dd>
+<dt id="crl_download"><b>-crl_download</b></dt>
+<dd>
+
+<p>Attempt to download CRL information for this certificate.</p>
+
+</dd>
+<dt id="crl_check"><b>-crl_check</b></dt>
+<dd>
+
+<p>Checks end entity certificate validity by attempting to look up a valid CRL. If a valid CRL cannot be found an error occurs.</p>
+
+</dd>
+<dt id="crl_check_all"><b>-crl_check_all</b></dt>
+<dd>
+
+<p>Checks the validity of <b>all</b> certificates in the chain by attempting to look up valid CRLs.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine <b>id</b> will cause <a href="../man1/verify.html">verify(1)</a> to attempt to load the specified engine. The engine will then be set as the default for all its supported algorithms. If you want to load certificates or CRLs that require engine support via any of the <b>-trusted</b>, <b>-untrusted</b> or <b>-CRLfile</b> options, the <b>-engine</b> option must be specified before those options.</p>
+
+</dd>
+<dt id="explicit_policy"><b>-explicit_policy</b></dt>
+<dd>
+
+<p>Set policy variable require-explicit-policy (see RFC5280).</p>
+
+</dd>
+<dt id="extended_crl"><b>-extended_crl</b></dt>
+<dd>
+
+<p>Enable extended CRL features such as indirect CRLs and alternate CRL signing keys.</p>
+
+</dd>
+<dt id="ignore_critical"><b>-ignore_critical</b></dt>
+<dd>
+
+<p>Normally if an unhandled critical extension is present which is not supported by OpenSSL the certificate is rejected (as required by RFC5280). If this option is set critical extensions are ignored.</p>
+
+</dd>
+<dt id="inhibit_any"><b>-inhibit_any</b></dt>
+<dd>
+
+<p>Set policy variable inhibit-any-policy (see RFC5280).</p>
+
+</dd>
+<dt id="inhibit_map"><b>-inhibit_map</b></dt>
+<dd>
+
+<p>Set policy variable inhibit-policy-mapping (see RFC5280).</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="no_check_time"><b>-no_check_time</b></dt>
+<dd>
+
+<p>This option suppresses checking the validity period of certificates and CRLs against the current time. If option <b>-attime timestamp</b> is used to specify a verification time, the check is not suppressed.</p>
+
+</dd>
+<dt id="partial_chain"><b>-partial_chain</b></dt>
+<dd>
+
+<p>Allow verification to succeed even if a <i>complete</i> chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed.</p>
+
+</dd>
+<dt id="policy-arg"><b>-policy arg</b></dt>
+<dd>
+
+<p>Enable policy processing and add <b>arg</b> to the user-initial-policy-set (see RFC5280). The policy <b>arg</b> can be an object name an OID in numeric form. This argument can appear more than once.</p>
+
+</dd>
+<dt id="policy_check"><b>-policy_check</b></dt>
+<dd>
+
+<p>Enables certificate policy processing.</p>
+
+</dd>
+<dt id="policy_print"><b>-policy_print</b></dt>
+<dd>
+
+<p>Print out diagnostics related to policy processing.</p>
+
+</dd>
+<dt id="purpose-purpose"><b>-purpose purpose</b></dt>
+<dd>
+
+<p>The intended use for the certificate. If this option is not specified, <b>verify</b> will not consider certificate purpose during chain verification. Currently accepted uses are <b>sslclient</b>, <b>sslserver</b>, <b>nssslserver</b>, <b>smimesign</b>, <b>smimeencrypt</b>. See the <b>VERIFY OPERATION</b> section for more information.</p>
+
+</dd>
+<dt id="suiteB_128_only--suiteB_128--suiteB_192"><b>-suiteB_128_only</b>, <b>-suiteB_128</b>, <b>-suiteB_192</b></dt>
+<dd>
+
+<p>Enable the Suite B mode operation at 128 bit Level of Security, 128 bit or 192 bit, or only 192 bit Level of Security respectively. See RFC6460 for details. In particular the supported signature algorithms are reduced to support only ECDSA and SHA256 or SHA384 and only the elliptic curves P-256 and P-384.</p>
+
+</dd>
+<dt id="trusted_first"><b>-trusted_first</b></dt>
+<dd>
+
+<p>When constructing the certificate chain, use the trusted certificates specified via <b>-CAfile</b>, <b>-CApath</b> or <b>-trusted</b> before any certificates specified via <b>-untrusted</b>. This can be useful in environments with Bridge or Cross-Certified CAs. As of OpenSSL 1.1.0 this option is on by default and cannot be disabled.</p>
+
+</dd>
+<dt id="no_alt_chains"><b>-no_alt_chains</b></dt>
+<dd>
+
+<p>By default, unless <b>-trusted_first</b> is specified, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted issuer certificates with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>-trusted_first</b> always on, this option has no effect.</p>
+
+</dd>
+<dt id="untrusted-file"><b>-untrusted file</b></dt>
+<dd>
+
+<p>A <b>file</b> of additional untrusted certificates (intermediate issuer CAs) used to construct a certificate chain from the subject certificate to a trust-anchor. The <b>file</b> should contain one or more certificates in PEM format. This option can be specified more than once to include untrusted certificates from multiple <b>files</b>.</p>
+
+</dd>
+<dt id="trusted-file"><b>-trusted file</b></dt>
+<dd>
+
+<p>A <b>file</b> of trusted certificates, which must be self-signed, unless the <b>-partial_chain</b> option is specified. The <b>file</b> contains one or more certificates in PEM format. With this option, no additional (e.g., default) certificate lists are consulted. That is, the only trust-anchors are those listed in <b>file</b>. This option can be specified more than once to include trusted certificates from multiple <b>files</b>. This option implies the <b>-no-CAfile</b> and <b>-no-CApath</b> options. This option cannot be used in combination with either of the <b>-CAfile</b> or <b>-CApath</b> options.</p>
+
+</dd>
+<dt id="use_deltas"><b>-use_deltas</b></dt>
+<dd>
+
+<p>Enable support for delta CRLs.</p>
+
+</dd>
+<dt id="verbose"><b>-verbose</b></dt>
+<dd>
+
+<p>Print extra information about the operations being performed.</p>
+
+</dd>
+<dt id="auth_level-level"><b>-auth_level level</b></dt>
+<dd>
+
+<p>Set the certificate chain authentication security level to <b>level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security <b>level</b>. The signature algorithm security level is enforced for all the certificates in the chain except for the chain&#39;s <i>trust anchor</i>, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+</dd>
+<dt id="verify_depth-num"><b>-verify_depth num</b></dt>
+<dd>
+
+<p>Limit the certificate chain to <b>num</b> intermediate CA certificates. A maximal depth chain can have up to <b>num+2</b> certificates, since neither the end-entity certificate nor the trust-anchor certificate count against the <b>-verify_depth</b> limit.</p>
+
+</dd>
+<dt id="verify_email-email"><b>-verify_email email</b></dt>
+<dd>
+
+<p>Verify if the <b>email</b> matches the email address in Subject Alternative Name or the email in the subject Distinguished Name.</p>
+
+</dd>
+<dt id="verify_hostname-hostname"><b>-verify_hostname hostname</b></dt>
+<dd>
+
+<p>Verify if the <b>hostname</b> matches DNS name in Subject Alternative Name or Common Name in the subject certificate.</p>
+
+</dd>
+<dt id="verify_ip-ip"><b>-verify_ip ip</b></dt>
+<dd>
+
+<p>Verify if the <b>ip</b> matches the IP address in Subject Alternative Name of the subject certificate.</p>
+
+</dd>
+<dt id="verify_name-name"><b>-verify_name name</b></dt>
+<dd>
+
+<p>Use default verification policies like trust model and required certificate policies identified by <b>name</b>. The trust model determines which auxiliary trust or reject OIDs are applicable to verifying the given certificate chain. See the <b>-addtrust</b> and <b>-addreject</b> options of the <a href="../man1/x509.html">x509(1)</a> command-line utility. Supported policy names include: <b>default</b>, <b>pkcs7</b>, <b>smime_sign</b>, <b>ssl_client</b>, <b>ssl_server</b>. These mimics the combinations of purpose and trust settings used in SSL, CMS and S/MIME. As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not specified, so the <b>-verify_name</b> options are functionally equivalent to the corresponding <b>-purpose</b> settings.</p>
+
+</dd>
+<dt id="x509_strict"><b>-x509_strict</b></dt>
+<dd>
+
+<p>For strict X.509 compliance, disable non-compliant workarounds for broken certificates.</p>
+
+</dd>
+<dt id="show_chain"><b>-show_chain</b></dt>
+<dd>
+
+<p>Display information about the certificate chain that has been built (if successful). Certificates in the chain that came from the untrusted list will be flagged as &quot;untrusted&quot;.</p>
+
+</dd>
+<dt id="pod"><b>-</b></dt>
+<dd>
+
+<p>Indicates the last option. All arguments following this are assumed to be certificate files. This is useful if the first certificate filename begins with a <b>-</b>.</p>
+
+</dd>
+<dt id="certificates"><b>certificates</b></dt>
+<dd>
+
+<p>One or more certificates to verify. If no certificates are given, <b>verify</b> will attempt to read a certificate from standard input. Certificates must be in PEM format.</p>
+
+</dd>
+</dl>
+
+<h1 id="VERIFY-OPERATION">VERIFY OPERATION</h1>
+
+<p>The <b>verify</b> program uses the same functions as the internal SSL and S/MIME verification, therefore this description applies to these verify operations too.</p>
+
+<p>There is one crucial difference between the verify operations performed by the <b>verify</b> program: wherever possible an attempt is made to continue after an error whereas normally the verify operation would halt on the first error. This allows all the problems with a certificate chain to be determined.</p>
+
+<p>The verify operation consists of a number of separate steps.</p>
+
+<p>Firstly a certificate chain is built up starting from the supplied certificate and ending in the root CA. It is an error if the whole chain cannot be built up. The chain is built up by looking up the issuers certificate of the current certificate. If a certificate is found which is its own issuer it is assumed to be the root CA.</p>
+
+<p>The process of &#39;looking up the issuers certificate&#39; itself involves a number of steps. After all certificates whose subject name matches the issuer name of the current certificate are subject to further tests. The relevant authority key identifier components of the current certificate (if present) must match the subject key identifier (if present) and issuer and serial number of the candidate issuer, in addition the keyUsage extension of the candidate issuer (if present) must permit certificate signing.</p>
+
+<p>The lookup first looks in the list of untrusted certificates and if no match is found the remaining lookups are from the trusted certificates. The root CA is always looked up in the trusted certificate list: if the certificate to verify is a root certificate then an exact match must be found in the trusted list.</p>
+
+<p>The second operation is to check every untrusted certificate&#39;s extensions for consistency with the supplied purpose. If the <b>-purpose</b> option is not included then no checks are done. The supplied or &quot;leaf&quot; certificate must have extensions compatible with the supplied purpose and all other certificates must also be valid CA certificates. The precise extensions required are described in more detail in the <b>CERTIFICATE EXTENSIONS</b> section of the <b>x509</b> utility.</p>
+
+<p>The third operation is to check the trust settings on the root CA. The root CA should be trusted for the supplied purpose. For compatibility with previous versions of OpenSSL, a certificate with no trust settings is considered to be valid for all purposes.</p>
+
+<p>The final operation is to check the validity of the certificate chain. The validity period is checked against the current system time and the notBefore and notAfter dates in the certificate. The certificate signatures are also checked at this point.</p>
+
+<p>If all operations complete successfully then certificate is considered valid. If any operation fails then the certificate is not valid.</p>
+
+<h1 id="DIAGNOSTICS">DIAGNOSTICS</h1>
+
+<p>When a verify operation fails the output messages can be somewhat cryptic. The general form of the error message is:</p>
+
+<pre><code> server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+ error 24 at 1 depth lookup:invalid CA certificate</code></pre>
+
+<p>The first line contains the name of the certificate being verified followed by the subject name of the certificate. The second line contains the error number and the depth. The depth is number of the certificate being verified when a problem was detected starting with zero for the certificate being verified itself then 1 for the CA that signed the certificate and so on. Finally a text version of the error number is presented.</p>
+
+<p>A partial list of the error codes and messages is shown below, this also includes the name of the error code as defined in the header file x509_vfy.h Some of the error codes are defined but never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK"><b>X509_V_OK</b></dt>
+<dd>
+
+<p>The operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSPECIFIED"><b>X509_V_ERR_UNSPECIFIED</b></dt>
+<dd>
+
+<p>Unspecified error; should not happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT</b></dt>
+<dd>
+
+<p>The issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL</b></dt>
+<dd>
+
+<p>The CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE</b></dt>
+<dd>
+
+<p>The certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE</b></dt>
+<dd>
+
+<p>The CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY</b></dt>
+<dd>
+
+<p>The public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE</b></dt>
+<dd>
+
+<p>The signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE</b></dt>
+<dd>
+
+<p>The signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID"><b>X509_V_ERR_CERT_NOT_YET_VALID</b></dt>
+<dd>
+
+<p>The certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED"><b>X509_V_ERR_CERT_HAS_EXPIRED</b></dt>
+<dd>
+
+<p>The certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID"><b>X509_V_ERR_CRL_NOT_YET_VALID</b></dt>
+<dd>
+
+<p>The CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED"><b>X509_V_ERR_CRL_HAS_EXPIRED</b></dt>
+<dd>
+
+<p>The CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD</b></dt>
+<dd>
+
+<p>The certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD</b></dt>
+<dd>
+
+<p>The certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD</b></dt>
+<dd>
+
+<p>The CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD</b></dt>
+<dd>
+
+<p>The CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM"><b>X509_V_ERR_OUT_OF_MEM</b></dt>
+<dd>
+
+<p>An error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT</b></dt>
+<dd>
+
+<p>The passed certificate is self-signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN</b></dt>
+<dd>
+
+<p>The certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY</b></dt>
+<dd>
+
+<p>The issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE</b></dt>
+<dd>
+
+<p>No signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG</b></dt>
+<dd>
+
+<p>The certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED"><b>X509_V_ERR_CERT_REVOKED</b></dt>
+<dd>
+
+<p>The certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA"><b>X509_V_ERR_INVALID_CA</b></dt>
+<dd>
+
+<p>A CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED</b></dt>
+<dd>
+
+<p>The basicConstraints pathlength parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE"><b>X509_V_ERR_INVALID_PURPOSE</b></dt>
+<dd>
+
+<p>The supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED"><b>X509_V_ERR_CERT_UNTRUSTED</b></dt>
+<dd>
+
+<p>The root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED"><b>X509_V_ERR_CERT_REJECTED</b></dt>
+<dd>
+
+<p>The root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH</b></dt>
+<dd>
+
+<p>Not used as of OpenSSL 1.1.0 as a result of the deprecation of the <b>-issuer_checks</b> option.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH"><b>X509_V_ERR_AKID_SKID_MISMATCH</b></dt>
+<dd>
+
+<p>Not used as of OpenSSL 1.1.0 as a result of the deprecation of the <b>-issuer_checks</b> option.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH</b></dt>
+<dd>
+
+<p>Not used as of OpenSSL 1.1.0 as a result of the deprecation of the <b>-issuer_checks</b> option.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN</b></dt>
+<dd>
+
+<p>Not used as of OpenSSL 1.1.0 as a result of the deprecation of the <b>-issuer_checks</b> option.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER"><b>X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER</b></dt>
+<dd>
+
+<p>Unable to get CRL issuer certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION"><b>X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION</b></dt>
+<dd>
+
+<p>Unhandled critical extension.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CRL_SIGN"><b>X509_V_ERR_KEYUSAGE_NO_CRL_SIGN</b></dt>
+<dd>
+
+<p>Key usage does not include CRL signing.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION"><b>X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION</b></dt>
+<dd>
+
+<p>Unhandled critical CRL extension.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_NON_CA"><b>X509_V_ERR_INVALID_NON_CA</b></dt>
+<dd>
+
+<p>Invalid non-CA certificate has CA markings.</p>
+
+</dd>
+<dt id="X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED"><b>X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED</b></dt>
+<dd>
+
+<p>Proxy path length constraint exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_PROXY_SUBJECT_INVALID"><b>X509_V_ERR_PROXY_SUBJECT_INVALID</b></dt>
+<dd>
+
+<p>Proxy certificate subject is invalid. It MUST be the same as the issuer with a single CN component added.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE"><b>X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE</b></dt>
+<dd>
+
+<p>Key usage does not include digital signature.</p>
+
+</dd>
+<dt id="X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED"><b>X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED</b></dt>
+<dd>
+
+<p>Proxy certificates not allowed, please use <b>-allow_proxy_certs</b>.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION"><b>X509_V_ERR_INVALID_EXTENSION</b></dt>
+<dd>
+
+<p>Invalid or inconsistent certificate extension.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION"><b>X509_V_ERR_INVALID_POLICY_EXTENSION</b></dt>
+<dd>
+
+<p>Invalid or inconsistent certificate policy extension.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY"><b>X509_V_ERR_NO_EXPLICIT_POLICY</b></dt>
+<dd>
+
+<p>No explicit policy.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE</b></dt>
+<dd>
+
+<p>Different CRL scope.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE</b></dt>
+<dd>
+
+<p>Unsupported extension feature.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNNESTED_RESOURCE"><b>X509_V_ERR_UNNESTED_RESOURCE</b></dt>
+<dd>
+
+<p>RFC 3779 resource not subset of parent&#39;s resources.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION"><b>X509_V_ERR_PERMITTED_VIOLATION</b></dt>
+<dd>
+
+<p>Permitted subtree violation.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION"><b>X509_V_ERR_EXCLUDED_VIOLATION</b></dt>
+<dd>
+
+<p>Excluded subtree violation.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX"><b>X509_V_ERR_SUBTREE_MINMAX</b></dt>
+<dd>
+
+<p>Name constraints minimum and maximum not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION"><b>X509_V_ERR_APPLICATION_VERIFICATION</b></dt>
+<dd>
+
+<p>Application verification failure. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE</b></dt>
+<dd>
+
+<p>Unsupported name constraint type.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX</b></dt>
+<dd>
+
+<p>Unsupported or invalid name constraint syntax.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_NAME_SYNTAX"><b>X509_V_ERR_UNSUPPORTED_NAME_SYNTAX</b></dt>
+<dd>
+
+<p>Unsupported or invalid name syntax.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR</b></dt>
+<dd>
+
+<p>CRL path validation error.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LOOP"><b>X509_V_ERR_PATH_LOOP</b></dt>
+<dd>
+
+<p>Path loop.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_INVALID_VERSION"><b>X509_V_ERR_SUITE_B_INVALID_VERSION</b></dt>
+<dd>
+
+<p>Suite B: certificate version invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_INVALID_ALGORITHM"><b>X509_V_ERR_SUITE_B_INVALID_ALGORITHM</b></dt>
+<dd>
+
+<p>Suite B: invalid public key algorithm.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_INVALID_CURVE"><b>X509_V_ERR_SUITE_B_INVALID_CURVE</b></dt>
+<dd>
+
+<p>Suite B: invalid ECC curve.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM"><b>X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM</b></dt>
+<dd>
+
+<p>Suite B: invalid signature algorithm.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED"><b>X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED</b></dt>
+<dd>
+
+<p>Suite B: curve not allowed for this LOS.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256"><b>X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256</b></dt>
+<dd>
+
+<p>Suite B: cannot sign P-384 with P-256.</p>
+
+</dd>
+<dt id="X509_V_ERR_HOSTNAME_MISMATCH"><b>X509_V_ERR_HOSTNAME_MISMATCH</b></dt>
+<dd>
+
+<p>Hostname mismatch.</p>
+
+</dd>
+<dt id="X509_V_ERR_EMAIL_MISMATCH"><b>X509_V_ERR_EMAIL_MISMATCH</b></dt>
+<dd>
+
+<p>Email address mismatch.</p>
+
+</dd>
+<dt id="X509_V_ERR_IP_ADDRESS_MISMATCH"><b>X509_V_ERR_IP_ADDRESS_MISMATCH</b></dt>
+<dd>
+
+<p>IP address mismatch.</p>
+
+</dd>
+<dt id="X509_V_ERR_DANE_NO_MATCH"><b>X509_V_ERR_DANE_NO_MATCH</b></dt>
+<dd>
+
+<p>DANE TLSA authentication is enabled, but no TLSA records matched the certificate chain. This error is only possible in <a href="../man1/s_client.html">s_client(1)</a>.</p>
+
+</dd>
+<dt id="X509_V_ERR_EE_KEY_TOO_SMALL"><b>X509_V_ERR_EE_KEY_TOO_SMALL</b></dt>
+<dd>
+
+<p>EE certificate key too weak.</p>
+
+</dd>
+<dt id="X509_ERR_CA_KEY_TOO_SMALL"><b>X509_ERR_CA_KEY_TOO_SMALL</b></dt>
+<dd>
+
+<p>CA certificate key too weak.</p>
+
+</dd>
+<dt id="X509_ERR_CA_MD_TOO_WEAK"><b>X509_ERR_CA_MD_TOO_WEAK</b></dt>
+<dd>
+
+<p>CA signature digest algorithm too weak.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CALL"><b>X509_V_ERR_INVALID_CALL</b></dt>
+<dd>
+
+<p>nvalid certificate verification context.</p>
+
+</dd>
+<dt id="X509_V_ERR_STORE_LOOKUP"><b>X509_V_ERR_STORE_LOOKUP</b></dt>
+<dd>
+
+<p>Issuer certificate lookup error.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_VALID_SCTS"><b>X509_V_ERR_NO_VALID_SCTS</b></dt>
+<dd>
+
+<p>Certificate Transparency required, but no valid SCTs found.</p>
+
+</dd>
+<dt id="X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION"><b>X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION</b></dt>
+<dd>
+
+<p>Proxy subject name violation.</p>
+
+</dd>
+<dt id="X509_V_ERR_OCSP_VERIFY_NEEDED"><b>X509_V_ERR_OCSP_VERIFY_NEEDED</b></dt>
+<dd>
+
+<p>Returned by the verify callback to indicate an OCSP verification is needed.</p>
+
+</dd>
+<dt id="X509_V_ERR_OCSP_VERIFY_FAILED"><b>X509_V_ERR_OCSP_VERIFY_FAILED</b></dt>
+<dd>
+
+<p>Returned by the verify callback to indicate OCSP verification failed.</p>
+
+</dd>
+<dt id="X509_V_ERR_OCSP_CERT_UNKNOWN"><b>X509_V_ERR_OCSP_CERT_UNKNOWN</b></dt>
+<dd>
+
+<p>Returned by the verify callback to indicate that the certificate is not recognized by the OCSP responder.</p>
+
+</dd>
+</dl>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Although the issuer checks are a considerable improvement over the old technique they still suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that trusted certificates with matching subject name must either appear in a file (as specified by the <b>-CAfile</b> option) or a directory (as specified by <b>-CApath</b>). If they occur in both then only the certificates in the file will be recognised.</p>
+
+<p>Previous versions of OpenSSL assume certificates with matching subject name are identical and mishandled them.</p>
+
+<p>Previous versions of this documentation swapped the meaning of the <b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT</b> and <b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY</b> error codes.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>-show_chain</b> option was added in OpenSSL 1.1.0.</p>
+
+<p>The <b>-issuer_checks</b> option is deprecated as of OpenSSL 1.1.0 and is silently ignored.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-version.html b/msys2/usr/share/doc/openssl/html/man1/openssl-version.html
new file mode 100644
index 000000000..d32b6ec56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-version.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-version, version - print OpenSSL version information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl version</b> [<b>-help</b>] [<b>-a</b>] [<b>-v</b>] [<b>-b</b>] [<b>-o</b>] [<b>-f</b>] [<b>-p</b>] [<b>-d</b>] [<b>-e</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to print out version information about OpenSSL.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="a"><b>-a</b></dt>
+<dd>
+
+<p>All information, this is the same as setting all the other flags.</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>The current OpenSSL version.</p>
+
+</dd>
+<dt id="b"><b>-b</b></dt>
+<dd>
+
+<p>The date the current version of OpenSSL was built.</p>
+
+</dd>
+<dt id="o"><b>-o</b></dt>
+<dd>
+
+<p>Option information: various options set when the library was built.</p>
+
+</dd>
+<dt id="f"><b>-f</b></dt>
+<dd>
+
+<p>Compilation flags.</p>
+
+</dd>
+<dt id="p"><b>-p</b></dt>
+<dd>
+
+<p>Platform setting.</p>
+
+</dd>
+<dt id="d"><b>-d</b></dt>
+<dd>
+
+<p>OPENSSLDIR setting.</p>
+
+</dd>
+<dt id="e"><b>-e</b></dt>
+<dd>
+
+<p>ENGINESDIR setting.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The output of <b>openssl version -a</b> would typically be used when sending in a bug report.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl-x509.html b/msys2/usr/share/doc/openssl/html/man1/openssl-x509.html
new file mode 100644
index 000000000..804a75922
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl-x509.html
@@ -0,0 +1,886 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>x509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#Input-Output-and-General-Purpose-Options">Input, Output, and General Purpose Options</a></li>
+      <li><a href="#Display-Options">Display Options</a></li>
+      <li><a href="#Trust-Settings">Trust Settings</a></li>
+      <li><a href="#Signing-Options">Signing Options</a></li>
+      <li><a href="#Name-Options">Name Options</a></li>
+      <li><a href="#Text-Options">Text Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#CERTIFICATE-EXTENSIONS">CERTIFICATE EXTENSIONS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-x509, x509 - Certificate display and signing utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>x509</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-keyform DER|PEM</b>] [<b>-CAform DER|PEM</b>] [<b>-CAkeyform DER|PEM</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-serial</b>] [<b>-hash</b>] [<b>-subject_hash</b>] [<b>-issuer_hash</b>] [<b>-ocspid</b>] [<b>-subject</b>] [<b>-issuer</b>] [<b>-nameopt option</b>] [<b>-email</b>] [<b>-ocsp_uri</b>] [<b>-startdate</b>] [<b>-enddate</b>] [<b>-purpose</b>] [<b>-dates</b>] [<b>-checkend num</b>] [<b>-modulus</b>] [<b>-pubkey</b>] [<b>-fingerprint</b>] [<b>-alias</b>] [<b>-noout</b>] [<b>-trustout</b>] [<b>-clrtrust</b>] [<b>-clrreject</b>] [<b>-addtrust arg</b>] [<b>-addreject arg</b>] [<b>-setalias arg</b>] [<b>-days arg</b>] [<b>-set_serial n</b>] [<b>-signkey filename</b>] [<b>-passin arg</b>] [<b>-x509toreq</b>] [<b>-req</b>] [<b>-CA filename</b>] [<b>-CAkey filename</b>] [<b>-CAcreateserial</b>] [<b>-CAserial filename</b>] [<b>-force_pubkey key</b>] [<b>-text</b>] [<b>-ext extensions</b>] [<b>-certopt option</b>] [<b>-C</b>] [<b>-<i>digest</i></b>] [<b>-clrext</b>] [<b>-extfile filename</b>] [<b>-extensions section</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>-preserve_dates</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>x509</b> command is a multi purpose certificate utility. It can be used to display certificate information, convert certificates to various forms, sign certificate requests like a &quot;mini CA&quot; or edit certificate trust settings.</p>
+
+<p>Since there are a large number of options they will split up into various sections.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<h2 id="Input-Output-and-General-Purpose-Options">Input, Output, and General Purpose Options</h2>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format normally the command will expect an X509 certificate but this can change if other options such as <b>-req</b> are present. The DER format is the DER encoding of the certificate and PEM is the base64 encoding of the DER encoding with header and footer lines added. The default format is PEM.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a certificate from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>The digest to use. This affects any signing or display option that uses a message digest, such as the <b>-fingerprint</b>, <b>-signkey</b> and <b>-CA</b> options. Any digest supported by the OpenSSL <b>dgst</b> command can be used. If not specified then SHA1 is used with <b>-fingerprint</b> or the default digest for the signing algorithm is used, typically SHA256.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>x509</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="preserve_dates"><b>-preserve_dates</b></dt>
+<dd>
+
+<p>When signing a certificate, preserve the &quot;notBefore&quot; and &quot;notAfter&quot; dates instead of adjusting them to current time and duration. Cannot be used with the <b>-days</b> option.</p>
+
+</dd>
+</dl>
+
+<h2 id="Display-Options">Display Options</h2>
+
+<p>Note: the <b>-alias</b> and <b>-purpose</b> options are also display options but are described in the <b>TRUST SETTINGS</b> section.</p>
+
+<dl>
+
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the certificate in text form. Full details are output including the public key, signature algorithms, issuer and subject names, serial number any extensions present and any trust settings.</p>
+
+</dd>
+<dt id="ext-extensions"><b>-ext extensions</b></dt>
+<dd>
+
+<p>Prints out the certificate extensions in text form. Extensions are specified with a comma separated string, e.g., &quot;subjectAltName,subjectKeyIdentifier&quot;. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for the extension names.</p>
+
+</dd>
+<dt id="certopt-option"><b>-certopt option</b></dt>
+<dd>
+
+<p>Customise the output format used with <b>-text</b>. The <b>option</b> argument can be a single option or multiple options separated by commas. The <b>-certopt</b> switch may be also be used more than once to set multiple options. See the <b>TEXT OPTIONS</b> section for more information.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the certificate.</p>
+
+</dd>
+<dt id="pubkey"><b>-pubkey</b></dt>
+<dd>
+
+<p>Outputs the certificate&#39;s SubjectPublicKeyInfo block in PEM format.</p>
+
+</dd>
+<dt id="modulus"><b>-modulus</b></dt>
+<dd>
+
+<p>This option prints out the value of the modulus of the public key contained in the certificate.</p>
+
+</dd>
+<dt id="serial"><b>-serial</b></dt>
+<dd>
+
+<p>Outputs the certificate serial number.</p>
+
+</dd>
+<dt id="subject_hash"><b>-subject_hash</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the certificate subject name. This is used in OpenSSL to form an index to allow certificates in a directory to be looked up by subject name.</p>
+
+</dd>
+<dt id="issuer_hash"><b>-issuer_hash</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the certificate issuer name.</p>
+
+</dd>
+<dt id="ocspid"><b>-ocspid</b></dt>
+<dd>
+
+<p>Outputs the OCSP hash values for the subject name and public key.</p>
+
+</dd>
+<dt id="hash"><b>-hash</b></dt>
+<dd>
+
+<p>Synonym for &quot;-subject_hash&quot; for backward compatibility reasons.</p>
+
+</dd>
+<dt id="subject_hash_old"><b>-subject_hash_old</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the certificate subject name using the older algorithm as used by OpenSSL before version 1.0.0.</p>
+
+</dd>
+<dt id="issuer_hash_old"><b>-issuer_hash_old</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the certificate issuer name using the older algorithm as used by OpenSSL before version 1.0.0.</p>
+
+</dd>
+<dt id="subject"><b>-subject</b></dt>
+<dd>
+
+<p>Outputs the subject name.</p>
+
+</dd>
+<dt id="issuer"><b>-issuer</b></dt>
+<dd>
+
+<p>Outputs the issuer name.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <b>NAME OPTIONS</b> section for more information.</p>
+
+</dd>
+<dt id="email"><b>-email</b></dt>
+<dd>
+
+<p>Outputs the email address(es) if any.</p>
+
+</dd>
+<dt id="ocsp_uri"><b>-ocsp_uri</b></dt>
+<dd>
+
+<p>Outputs the OCSP responder address(es) if any.</p>
+
+</dd>
+<dt id="startdate"><b>-startdate</b></dt>
+<dd>
+
+<p>Prints out the start date of the certificate, that is the notBefore date.</p>
+
+</dd>
+<dt id="enddate"><b>-enddate</b></dt>
+<dd>
+
+<p>Prints out the expiry date of the certificate, that is the notAfter date.</p>
+
+</dd>
+<dt id="dates"><b>-dates</b></dt>
+<dd>
+
+<p>Prints out the start and expiry dates of a certificate.</p>
+
+</dd>
+<dt id="checkend-arg"><b>-checkend arg</b></dt>
+<dd>
+
+<p>Checks if the certificate expires within the next <b>arg</b> seconds and exits non-zero if yes it will expire or zero if not.</p>
+
+</dd>
+<dt id="fingerprint"><b>-fingerprint</b></dt>
+<dd>
+
+<p>Calculates and outputs the digest of the DER encoded version of the entire certificate (see digest options). This is commonly called a &quot;fingerprint&quot;. Because of the nature of message digests, the fingerprint of a certificate is unique to that certificate and two certificates with the same fingerprint can be considered to be the same.</p>
+
+</dd>
+<dt id="C"><b>-C</b></dt>
+<dd>
+
+<p>This outputs the certificate in the form of a C source file.</p>
+
+</dd>
+</dl>
+
+<h2 id="Trust-Settings">Trust Settings</h2>
+
+<p>A <b>trusted certificate</b> is an ordinary certificate which has several additional pieces of information attached to it such as the permitted and prohibited uses of the certificate and an &quot;alias&quot;.</p>
+
+<p>Normally when a certificate is being verified at least one certificate must be &quot;trusted&quot;. By default a trusted certificate must be stored locally and must be a root CA: any certificate chain ending in this CA is then usable for any purpose.</p>
+
+<p>Trust settings currently are only used with a root CA. They allow a finer control over the purposes the root CA can be used for. For example a CA may be trusted for SSL client but not SSL server use.</p>
+
+<p>See the description of the <b>verify</b> utility for more information on the meaning of trust settings.</p>
+
+<p>Future versions of OpenSSL will recognize trust settings on any certificate: not just root CAs.</p>
+
+<dl>
+
+<dt id="trustout"><b>-trustout</b></dt>
+<dd>
+
+<p>This causes <b>x509</b> to output a <b>trusted</b> certificate. An ordinary or trusted certificate can be input but by default an ordinary certificate is output and any trust settings are discarded. With the <b>-trustout</b> option a trusted certificate is output. A trusted certificate is automatically output if any trust settings are modified.</p>
+
+</dd>
+<dt id="setalias-arg"><b>-setalias arg</b></dt>
+<dd>
+
+<p>Sets the alias of the certificate. This will allow the certificate to be referred to using a nickname for example &quot;Steve&#39;s Certificate&quot;.</p>
+
+</dd>
+<dt id="alias"><b>-alias</b></dt>
+<dd>
+
+<p>Outputs the certificate alias, if any.</p>
+
+</dd>
+<dt id="clrtrust"><b>-clrtrust</b></dt>
+<dd>
+
+<p>Clears all the permitted or trusted uses of the certificate.</p>
+
+</dd>
+<dt id="clrreject"><b>-clrreject</b></dt>
+<dd>
+
+<p>Clears all the prohibited or rejected uses of the certificate.</p>
+
+</dd>
+<dt id="addtrust-arg"><b>-addtrust arg</b></dt>
+<dd>
+
+<p>Adds a trusted certificate use. Any object name can be used here but currently only <b>clientAuth</b> (SSL client use), <b>serverAuth</b> (SSL server use), <b>emailProtection</b> (S/MIME email) and <b>anyExtendedKeyUsage</b> are used. As of OpenSSL 1.1.0, the last of these blocks all purposes when rejected or enables all purposes when trusted. Other OpenSSL applications may define additional uses.</p>
+
+</dd>
+<dt id="addreject-arg"><b>-addreject arg</b></dt>
+<dd>
+
+<p>Adds a prohibited use. It accepts the same values as the <b>-addtrust</b> option.</p>
+
+</dd>
+<dt id="purpose"><b>-purpose</b></dt>
+<dd>
+
+<p>This option performs tests on the certificate extensions and outputs the results. For a more complete description see the <b>CERTIFICATE EXTENSIONS</b> section.</p>
+
+</dd>
+</dl>
+
+<h2 id="Signing-Options">Signing Options</h2>
+
+<p>The <b>x509</b> utility can be used to sign certificates and requests: it can thus behave like a &quot;mini CA&quot;.</p>
+
+<dl>
+
+<dt id="signkey-filename"><b>-signkey filename</b></dt>
+<dd>
+
+<p>This option causes the input file to be self signed using the supplied private key.</p>
+
+<p>If the input file is a certificate it sets the issuer name to the subject name (i.e. makes it self signed) changes the public key to the supplied value and changes the start and end dates. The start date is set to the current time and the end date is set to a value determined by the <b>-days</b> option. Any certificate extensions are retained unless the <b>-clrext</b> option is supplied; this includes, for example, any existing key identifier extensions.</p>
+
+<p>If the input is a certificate request then a self signed certificate is created using the supplied private key using the subject name in the request.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="clrext"><b>-clrext</b></dt>
+<dd>
+
+<p>Delete any extensions from a certificate. This option is used when a certificate is being created from another certificate (for example with the <b>-signkey</b> or the <b>-CA</b> options). Normally all extensions are retained.</p>
+
+</dd>
+<dt id="keyform-PEM-DER"><b>-keyform PEM|DER</b></dt>
+<dd>
+
+<p>Specifies the format (DER or PEM) of the private key file used in the <b>-signkey</b> option.</p>
+
+</dd>
+<dt id="days-arg"><b>-days arg</b></dt>
+<dd>
+
+<p>Specifies the number of days to make a certificate valid for. The default is 30 days. Cannot be used with the <b>-preserve_dates</b> option.</p>
+
+</dd>
+<dt id="x509toreq"><b>-x509toreq</b></dt>
+<dd>
+
+<p>Converts a certificate into a certificate request. The <b>-signkey</b> option is used to pass the required private key.</p>
+
+</dd>
+<dt id="req"><b>-req</b></dt>
+<dd>
+
+<p>By default a certificate is expected on input. With this option a certificate request is expected instead.</p>
+
+</dd>
+<dt id="set_serial-n"><b>-set_serial n</b></dt>
+<dd>
+
+<p>Specifies the serial number to use. This option can be used with either the <b>-signkey</b> or <b>-CA</b> options. If used in conjunction with the <b>-CA</b> option the serial number file (as specified by the <b>-CAserial</b> or <b>-CAcreateserial</b> options) is not used.</p>
+
+<p>The serial number can be decimal or hex (if preceded by <b>0x</b>).</p>
+
+</dd>
+<dt id="CA-filename"><b>-CA filename</b></dt>
+<dd>
+
+<p>Specifies the CA certificate to be used for signing. When this option is present <b>x509</b> behaves like a &quot;mini CA&quot;. The input file is signed by this CA using this option: that is its issuer name is set to the subject name of the CA and it is digitally signed using the CAs private key.</p>
+
+<p>This option is normally combined with the <b>-req</b> option. Without the <b>-req</b> option the input is a certificate which must be self signed.</p>
+
+</dd>
+<dt id="CAkey-filename"><b>-CAkey filename</b></dt>
+<dd>
+
+<p>Sets the CA private key to sign a certificate with. If this option is not specified then it is assumed that the CA private key is present in the CA certificate file.</p>
+
+</dd>
+<dt id="CAserial-filename"><b>-CAserial filename</b></dt>
+<dd>
+
+<p>Sets the CA serial number file to use.</p>
+
+<p>When the <b>-CA</b> option is used to sign a certificate it uses a serial number specified in a file. This file consists of one line containing an even number of hex digits with the serial number to use. After each use the serial number is incremented and written out to the file again.</p>
+
+<p>The default filename consists of the CA certificate file base name with &quot;.srl&quot; appended. For example if the CA certificate file is called &quot;mycacert.pem&quot; it expects to find a serial number file called &quot;mycacert.srl&quot;.</p>
+
+</dd>
+<dt id="CAcreateserial"><b>-CAcreateserial</b></dt>
+<dd>
+
+<p>With this option the CA serial number file is created if it does not exist: it will contain the serial number &quot;02&quot; and the certificate being signed will have the 1 as its serial number. If the <b>-CA</b> option is specified and the serial number file does not exist a random number is generated; this is the recommended practice.</p>
+
+</dd>
+<dt id="extfile-filename"><b>-extfile filename</b></dt>
+<dd>
+
+<p>File containing certificate extensions to use. If not specified then no extensions are added to the certificate.</p>
+
+</dd>
+<dt id="extensions-section"><b>-extensions section</b></dt>
+<dd>
+
+<p>The section to add certificate extensions from. If this option is not specified then the extensions should either be contained in the unnamed (default) section or the default section should contain a variable called &quot;extensions&quot; which contains the section to use. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
+
+</dd>
+<dt id="force_pubkey-key"><b>-force_pubkey key</b></dt>
+<dd>
+
+<p>When a certificate is created set its public key to <b>key</b> instead of the key in the certificate or certificate request. This option is useful for creating certificates where the algorithm can&#39;t normally sign requests, for example DH.</p>
+
+<p>The format or <b>key</b> can be specified using the <b>-keyform</b> option.</p>
+
+</dd>
+</dl>
+
+<h2 id="Name-Options">Name Options</h2>
+
+<p>The <b>nameopt</b> command line switch determines how the subject and issuer names are displayed. If no <b>nameopt</b> switch is present the default &quot;oneline&quot; format is used which is compatible with previous versions of OpenSSL. Each option is described in detail below, all options can be preceded by a <b>-</b> to turn the option off. Only the first four will normally be used.</p>
+
+<dl>
+
+<dt id="compat"><b>compat</b></dt>
+<dd>
+
+<p>Use the old format.</p>
+
+</dd>
+<dt id="RFC2253"><b>RFC2253</b></dt>
+<dd>
+
+<p>Displays names compatible with RFC2253 equivalent to <b>esc_2253</b>, <b>esc_ctrl</b>, <b>esc_msb</b>, <b>utf8</b>, <b>dump_nostr</b>, <b>dump_unknown</b>, <b>dump_der</b>, <b>sep_comma_plus</b>, <b>dn_rev</b> and <b>sname</b>.</p>
+
+</dd>
+<dt id="oneline"><b>oneline</b></dt>
+<dd>
+
+<p>A oneline format which is more readable than RFC2253. It is equivalent to specifying the <b>esc_2253</b>, <b>esc_ctrl</b>, <b>esc_msb</b>, <b>utf8</b>, <b>dump_nostr</b>, <b>dump_der</b>, <b>use_quote</b>, <b>sep_comma_plus_space</b>, <b>space_eq</b> and <b>sname</b> options. This is the <i>default</i> of no name options are given explicitly.</p>
+
+</dd>
+<dt id="multiline"><b>multiline</b></dt>
+<dd>
+
+<p>A multiline format. It is equivalent <b>esc_ctrl</b>, <b>esc_msb</b>, <b>sep_multiline</b>, <b>space_eq</b>, <b>lname</b> and <b>align</b>.</p>
+
+</dd>
+<dt id="esc_2253"><b>esc_2253</b></dt>
+<dd>
+
+<p>Escape the &quot;special&quot; characters required by RFC2253 in a field. That is <b>,+&quot;&lt;&gt;;</b>. Additionally <b>#</b> is escaped at the beginning of a string and a space character at the beginning or end of a string.</p>
+
+</dd>
+<dt id="esc_2254"><b>esc_2254</b></dt>
+<dd>
+
+<p>Escape the &quot;special&quot; characters required by RFC2254 in a field. That is the <b>NUL</b> character as well as and <b>()*</b>.</p>
+
+</dd>
+<dt id="esc_ctrl"><b>esc_ctrl</b></dt>
+<dd>
+
+<p>Escape control characters. That is those with ASCII values less than 0x20 (space) and the delete (0x7f) character. They are escaped using the RFC2253 \XX notation (where XX are two hex digits representing the character value).</p>
+
+</dd>
+<dt id="esc_msb"><b>esc_msb</b></dt>
+<dd>
+
+<p>Escape characters with the MSB set, that is with ASCII values larger than 127.</p>
+
+</dd>
+<dt id="use_quote"><b>use_quote</b></dt>
+<dd>
+
+<p>Escapes some characters by surrounding the whole string with <b>&quot;</b> characters, without the option all escaping is done with the <b>\</b> character.</p>
+
+</dd>
+<dt id="utf8"><b>utf8</b></dt>
+<dd>
+
+<p>Convert all strings to UTF8 format first. This is required by RFC2253. If you are lucky enough to have a UTF8 compatible terminal then the use of this option (and <b>not</b> setting <b>esc_msb</b>) may result in the correct display of multibyte (international) characters. Is this option is not present then multibyte characters larger than 0xff will be represented using the format \UXXXX for 16 bits and \WXXXXXXXX for 32 bits. Also if this option is off any UTF8Strings will be converted to their character form first.</p>
+
+</dd>
+<dt id="ignore_type"><b>ignore_type</b></dt>
+<dd>
+
+<p>This option does not attempt to interpret multibyte characters in any way. That is their content octets are merely dumped as though one octet represents each character. This is useful for diagnostic purposes but will result in rather odd looking output.</p>
+
+</dd>
+<dt id="show_type"><b>show_type</b></dt>
+<dd>
+
+<p>Show the type of the ASN1 character string. The type precedes the field contents. For example &quot;BMPSTRING: Hello World&quot;.</p>
+
+</dd>
+<dt id="dump_der"><b>dump_der</b></dt>
+<dd>
+
+<p>When this option is set any fields that need to be hexdumped will be dumped using the DER encoding of the field. Otherwise just the content octets will be displayed. Both options use the RFC2253 <b>#XXXX...</b> format.</p>
+
+</dd>
+<dt id="dump_nostr"><b>dump_nostr</b></dt>
+<dd>
+
+<p>Dump non character string types (for example OCTET STRING) if this option is not set then non character string types will be displayed as though each content octet represents a single character.</p>
+
+</dd>
+<dt id="dump_all"><b>dump_all</b></dt>
+<dd>
+
+<p>Dump all fields. This option when used with <b>dump_der</b> allows the DER encoding of the structure to be unambiguously determined.</p>
+
+</dd>
+<dt id="dump_unknown"><b>dump_unknown</b></dt>
+<dd>
+
+<p>Dump any field whose OID is not recognised by OpenSSL.</p>
+
+</dd>
+<dt id="sep_comma_plus-sep_comma_plus_space-sep_semi_plus_space-sep_multiline"><b>sep_comma_plus</b>, <b>sep_comma_plus_space</b>, <b>sep_semi_plus_space</b>, <b>sep_multiline</b></dt>
+<dd>
+
+<p>These options determine the field separators. The first character is between RDNs and the second between multiple AVAs (multiple AVAs are very rare and their use is discouraged). The options ending in &quot;space&quot; additionally place a space after the separator to make it more readable. The <b>sep_multiline</b> uses a linefeed character for the RDN separator and a spaced <b>+</b> for the AVA separator. It also indents the fields by four characters. If no field separator is specified then <b>sep_comma_plus_space</b> is used by default.</p>
+
+</dd>
+<dt id="dn_rev"><b>dn_rev</b></dt>
+<dd>
+
+<p>Reverse the fields of the DN. This is required by RFC2253. As a side effect this also reverses the order of multiple AVAs but this is permissible.</p>
+
+</dd>
+<dt id="nofname-sname-lname-oid"><b>nofname</b>, <b>sname</b>, <b>lname</b>, <b>oid</b></dt>
+<dd>
+
+<p>These options alter how the field name is displayed. <b>nofname</b> does not display the field at all. <b>sname</b> uses the &quot;short name&quot; form (CN for commonName for example). <b>lname</b> uses the long form. <b>oid</b> represents the OID in numerical form and is useful for diagnostic purpose.</p>
+
+</dd>
+<dt id="align"><b>align</b></dt>
+<dd>
+
+<p>Align field values for a more readable output. Only usable with <b>sep_multiline</b>.</p>
+
+</dd>
+<dt id="space_eq"><b>space_eq</b></dt>
+<dd>
+
+<p>Places spaces round the <b>=</b> character which follows the field name.</p>
+
+</dd>
+</dl>
+
+<h2 id="Text-Options">Text Options</h2>
+
+<p>As well as customising the name output format, it is also possible to customise the actual fields printed using the <b>certopt</b> options when the <b>text</b> option is present. The default behaviour is to print all fields.</p>
+
+<dl>
+
+<dt id="compatible"><b>compatible</b></dt>
+<dd>
+
+<p>Use the old format. This is equivalent to specifying no output options at all.</p>
+
+</dd>
+<dt id="no_header"><b>no_header</b></dt>
+<dd>
+
+<p>Don&#39;t print header information: that is the lines saying &quot;Certificate&quot; and &quot;Data&quot;.</p>
+
+</dd>
+<dt id="no_version"><b>no_version</b></dt>
+<dd>
+
+<p>Don&#39;t print out the version number.</p>
+
+</dd>
+<dt id="no_serial"><b>no_serial</b></dt>
+<dd>
+
+<p>Don&#39;t print out the serial number.</p>
+
+</dd>
+<dt id="no_signame"><b>no_signame</b></dt>
+<dd>
+
+<p>Don&#39;t print out the signature algorithm used.</p>
+
+</dd>
+<dt id="no_validity"><b>no_validity</b></dt>
+<dd>
+
+<p>Don&#39;t print the validity, that is the <b>notBefore</b> and <b>notAfter</b> fields.</p>
+
+</dd>
+<dt id="no_subject"><b>no_subject</b></dt>
+<dd>
+
+<p>Don&#39;t print out the subject name.</p>
+
+</dd>
+<dt id="no_issuer"><b>no_issuer</b></dt>
+<dd>
+
+<p>Don&#39;t print out the issuer name.</p>
+
+</dd>
+<dt id="no_pubkey"><b>no_pubkey</b></dt>
+<dd>
+
+<p>Don&#39;t print out the public key.</p>
+
+</dd>
+<dt id="no_sigdump"><b>no_sigdump</b></dt>
+<dd>
+
+<p>Don&#39;t give a hexadecimal dump of the certificate signature.</p>
+
+</dd>
+<dt id="no_aux"><b>no_aux</b></dt>
+<dd>
+
+<p>Don&#39;t print out certificate trust information.</p>
+
+</dd>
+<dt id="no_extensions"><b>no_extensions</b></dt>
+<dd>
+
+<p>Don&#39;t print out any X509V3 extensions.</p>
+
+</dd>
+<dt id="ext_default"><b>ext_default</b></dt>
+<dd>
+
+<p>Retain default extension behaviour: attempt to print out unsupported certificate extensions.</p>
+
+</dd>
+<dt id="ext_error"><b>ext_error</b></dt>
+<dd>
+
+<p>Print an error message for unsupported certificate extensions.</p>
+
+</dd>
+<dt id="ext_parse"><b>ext_parse</b></dt>
+<dd>
+
+<p>ASN1 parse unsupported extensions.</p>
+
+</dd>
+<dt id="ext_dump"><b>ext_dump</b></dt>
+<dd>
+
+<p>Hex dump unsupported extensions.</p>
+
+</dd>
+<dt id="ca_default"><b>ca_default</b></dt>
+<dd>
+
+<p>The value used by the <b>ca</b> utility, equivalent to <b>no_issuer</b>, <b>no_pubkey</b>, <b>no_header</b>, and <b>no_version</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Note: in these examples the &#39;\&#39; means the example should be all on one line.</p>
+
+<p>Display the contents of a certificate:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -text</code></pre>
+
+<p>Display the &quot;Subject Alternative Name&quot; extension of a certificate:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -ext subjectAltName</code></pre>
+
+<p>Display more extensions of a certificate:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -ext subjectAltName,nsCertType</code></pre>
+
+<p>Display the certificate serial number:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -serial</code></pre>
+
+<p>Display the certificate subject name:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -subject</code></pre>
+
+<p>Display the certificate subject name in RFC2253 form:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -subject -nameopt RFC2253</code></pre>
+
+<p>Display the certificate subject name in oneline form on a terminal supporting UTF8:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -subject -nameopt oneline,-esc_msb</code></pre>
+
+<p>Display the certificate SHA1 fingerprint:</p>
+
+<pre><code> openssl x509 -sha1 -in cert.pem -noout -fingerprint</code></pre>
+
+<p>Convert a certificate from PEM to DER format:</p>
+
+<pre><code> openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER</code></pre>
+
+<p>Convert a certificate to a certificate request:</p>
+
+<pre><code> openssl x509 -x509toreq -in cert.pem -out req.pem -signkey key.pem</code></pre>
+
+<p>Convert a certificate request into a self signed certificate using extensions for a CA:</p>
+
+<pre><code> openssl x509 -req -in careq.pem -extfile openssl.cnf -extensions v3_ca \
+        -signkey key.pem -out cacert.pem</code></pre>
+
+<p>Sign a certificate request using the CA certificate above and add user certificate extensions:</p>
+
+<pre><code> openssl x509 -req -in req.pem -extfile openssl.cnf -extensions v3_usr \
+        -CA cacert.pem -CAkey key.pem -CAcreateserial</code></pre>
+
+<p>Set a certificate to be trusted for SSL client use and change set its alias to &quot;Steve&#39;s Class 1 CA&quot;</p>
+
+<pre><code> openssl x509 -in cert.pem -addtrust clientAuth \
+        -setalias &quot;Steve&#39;s Class 1 CA&quot; -out trust.pem</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----</code></pre>
+
+<p>it will also handle files containing:</p>
+
+<pre><code> -----BEGIN X509 CERTIFICATE-----
+ -----END X509 CERTIFICATE-----</code></pre>
+
+<p>Trusted certificates have the lines</p>
+
+<pre><code> -----BEGIN TRUSTED CERTIFICATE-----
+ -----END TRUSTED CERTIFICATE-----</code></pre>
+
+<p>The conversion to UTF8 format used with the name options assumes that T61Strings use the ISO8859-1 character set. This is wrong but Netscape and MSIE do this as do many certificates. So although this is incorrect it is more likely to display the majority of certificates correctly.</p>
+
+<p>The <b>-email</b> option searches the subject name and the subject alternative name extension. Only unique email addresses will be printed out: it will not print the same address more than once.</p>
+
+<h1 id="CERTIFICATE-EXTENSIONS">CERTIFICATE EXTENSIONS</h1>
+
+<p>The <b>-purpose</b> option checks the certificate extensions and determines what the certificate can be used for. The actual checks done are rather complex and include various hacks and workarounds to handle broken certificates and software.</p>
+
+<p>The same code is used when verifying untrusted certificates in chains so this section is useful if a chain is rejected by the verify code.</p>
+
+<p>The basicConstraints extension CA flag is used to determine whether the certificate can be used as a CA. If the CA flag is true then it is a CA, if the CA flag is false then it is not a CA. <b>All</b> CAs should have the CA flag set to true.</p>
+
+<p>If the basicConstraints extension is absent then the certificate is considered to be a &quot;possible CA&quot; other extensions are checked according to the intended use of the certificate. A warning is given in this case because the certificate should really not be regarded as a CA: however it is allowed to be a CA to work around some broken software.</p>
+
+<p>If the certificate is a V1 certificate (and thus has no extensions) and it is self signed it is also assumed to be a CA but a warning is again given: this is to work around the problem of Verisign roots which are V1 self signed certificates.</p>
+
+<p>If the keyUsage extension is present then additional restraints are made on the uses of the certificate. A CA certificate <b>must</b> have the keyCertSign bit set if the keyUsage extension is present.</p>
+
+<p>The extended key usage extension places additional restrictions on the certificate uses. If this extension is present (whether critical or not) the key can only be used for the purposes specified.</p>
+
+<p>A complete description of each test is given below. The comments about basicConstraints and keyUsage and V1 certificates above apply to <b>all</b> CA certificates.</p>
+
+<dl>
+
+<dt id="SSL-Client"><b>SSL Client</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;web client authentication&quot; OID. keyUsage must be absent or it must have the digitalSignature bit set. Netscape certificate type must be absent or it must have the SSL client bit set.</p>
+
+</dd>
+<dt id="SSL-Client-CA"><b>SSL Client CA</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;web client authentication&quot; OID. Netscape certificate type must be absent or it must have the SSL CA bit set: this is used as a work around if the basicConstraints extension is absent.</p>
+
+</dd>
+<dt id="SSL-Server"><b>SSL Server</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;web server authentication&quot; and/or one of the SGC OIDs. keyUsage must be absent or it must have the digitalSignature, the keyEncipherment set or both bits set. Netscape certificate type must be absent or have the SSL server bit set.</p>
+
+</dd>
+<dt id="SSL-Server-CA"><b>SSL Server CA</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;web server authentication&quot; and/or one of the SGC OIDs. Netscape certificate type must be absent or the SSL CA bit must be set: this is used as a work around if the basicConstraints extension is absent.</p>
+
+</dd>
+<dt id="Netscape-SSL-Server"><b>Netscape SSL Server</b></dt>
+<dd>
+
+<p>For Netscape SSL clients to connect to an SSL server it must have the keyEncipherment bit set if the keyUsage extension is present. This isn&#39;t always valid because some cipher suites use the key for digital signing. Otherwise it is the same as a normal SSL server.</p>
+
+</dd>
+<dt id="Common-S-MIME-Client-Tests"><b>Common S/MIME Client Tests</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;email protection&quot; OID. Netscape certificate type must be absent or should have the S/MIME bit set. If the S/MIME bit is not set in Netscape certificate type then the SSL client bit is tolerated as an alternative but a warning is shown: this is because some Verisign certificates don&#39;t set the S/MIME bit.</p>
+
+</dd>
+<dt id="S-MIME-Signing"><b>S/MIME Signing</b></dt>
+<dd>
+
+<p>In addition to the common S/MIME client tests the digitalSignature bit or the nonRepudiation bit must be set if the keyUsage extension is present.</p>
+
+</dd>
+<dt id="S-MIME-Encryption"><b>S/MIME Encryption</b></dt>
+<dd>
+
+<p>In addition to the common S/MIME tests the keyEncipherment bit must be set if the keyUsage extension is present.</p>
+
+</dd>
+<dt id="S-MIME-CA"><b>S/MIME CA</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;email protection&quot; OID. Netscape certificate type must be absent or must have the S/MIME CA bit set: this is used as a work around if the basicConstraints extension is absent.</p>
+
+</dd>
+<dt id="CRL-Signing"><b>CRL Signing</b></dt>
+<dd>
+
+<p>The keyUsage extension must be absent or it must have the CRL signing bit set.</p>
+
+</dd>
+<dt id="CRL-Signing-CA"><b>CRL Signing CA</b></dt>
+<dd>
+
+<p>The normal CA tests apply. Except in this case the basicConstraints extension must be present.</p>
+
+</dd>
+</dl>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Extensions in certificates are not transferred to certificate requests and vice versa.</p>
+
+<p>It is possible to produce invalid certificates or requests by specifying the wrong private key or using inconsistent options in some cases: these should be checked.</p>
+
+<p>There should be options to explicitly set such things as start and end dates rather than an offset from the current time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/req.html">req(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/verify.html">verify(1)</a>, <a href="../man5/x509v3_config.html">x509v3_config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The hash algorithm used in the <b>-subject_hash</b> and <b>-issuer_hash</b> options before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding of the distinguished name. In OpenSSL 1.0.0 and later it is based on a canonical version of the DN using SHA1. This means that any directories using the old form must have their links rebuilt using <b>c_rehash</b> or similar.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/openssl.html b/msys2/usr/share/doc/openssl/html/man1/openssl.html
new file mode 100644
index 000000000..df0d8d7e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/openssl.html
@@ -0,0 +1,712 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>openssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#COMMAND-SUMMARY">COMMAND SUMMARY</a>
+    <ul>
+      <li><a href="#Standard-Commands">Standard Commands</a></li>
+      <li><a href="#Message-Digest-Commands">Message Digest Commands</a></li>
+      <li><a href="#Encoding-and-Cipher-Commands">Encoding and Cipher Commands</a></li>
+    </ul>
+  </li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#Common-Options">Common Options</a></li>
+      <li><a href="#Pass-Phrase-Options">Pass Phrase Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl - OpenSSL command line tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <i>command</i> [ <i>command_opts</i> ] [ <i>command_args</i> ]</p>
+
+<p><b>openssl</b> <b>list</b> [ <b>standard-commands</b> | <b>digest-commands</b> | <b>cipher-commands</b> | <b>cipher-algorithms</b> | <b>digest-algorithms</b> | <b>public-key-algorithms</b>]</p>
+
+<p><b>openssl</b> <b>no-</b><i>XXX</i> [ <i>arbitrary options</i> ]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.</p>
+
+<p>The <b>openssl</b> program is a command line tool for using the various cryptography functions of OpenSSL&#39;s <b>crypto</b> library from the shell. It can be used for</p>
+
+<pre><code> o  Creation and management of private keys, public keys and parameters
+ o  Public key cryptographic operations
+ o  Creation of X.509 certificates, CSRs and CRLs
+ o  Calculation of Message Digests
+ o  Encryption and Decryption with Ciphers
+ o  SSL/TLS Client and Server Tests
+ o  Handling of S/MIME signed or encrypted mail
+ o  Time Stamp requests, generation and verification</code></pre>
+
+<h1 id="COMMAND-SUMMARY">COMMAND SUMMARY</h1>
+
+<p>The <b>openssl</b> program provides a rich variety of commands (<i>command</i> in the SYNOPSIS above), each of which often has a wealth of options and arguments (<i>command_opts</i> and <i>command_args</i> in the SYNOPSIS).</p>
+
+<p>Detailed documentation and use cases for most standard subcommands are available (e.g., <a href="../man1/x509.html">x509(1)</a> or <a href="../man1/openssl-x509.html">openssl-x509(1)</a>).</p>
+
+<p>Many commands use an external configuration file for some or all of their arguments and have a <b>-config</b> option to specify that file. The environment variable <b>OPENSSL_CONF</b> can be used to specify the location of the file. If the environment variable is not specified, then the file is named <b>openssl.cnf</b> in the default certificate storage area, whose value depends on the configuration flags specified when the OpenSSL was built.</p>
+
+<p>The list parameters <b>standard-commands</b>, <b>digest-commands</b>, and <b>cipher-commands</b> output a list (one entry per line) of the names of all standard commands, message digest commands, or cipher commands, respectively, that are available in the present <b>openssl</b> utility.</p>
+
+<p>The list parameters <b>cipher-algorithms</b> and <b>digest-algorithms</b> list all cipher and message digest names, one entry per line. Aliases are listed as:</p>
+
+<pre><code> from =&gt; to</code></pre>
+
+<p>The list parameter <b>public-key-algorithms</b> lists all supported public key algorithms.</p>
+
+<p>The command <b>no-</b><i>XXX</i> tests whether a command of the specified name is available. If no command named <i>XXX</i> exists, it returns 0 (success) and prints <b>no-</b><i>XXX</i>; otherwise it returns 1 and prints <i>XXX</i>. In both cases, the output goes to <b>stdout</b> and nothing is printed to <b>stderr</b>. Additional command line arguments are always ignored. Since for each cipher there is a command of the same name, this provides an easy way for shell scripts to test for the availability of ciphers in the <b>openssl</b> program. (<b>no-</b><i>XXX</i> is not able to detect pseudo-commands such as <b>quit</b>, <b>list</b>, or <b>no-</b><i>XXX</i> itself.)</p>
+
+<h2 id="Standard-Commands">Standard Commands</h2>
+
+<dl>
+
+<dt id="asn1parse"><b>asn1parse</b></dt>
+<dd>
+
+<p>Parse an ASN.1 sequence.</p>
+
+</dd>
+<dt id="ca"><b>ca</b></dt>
+<dd>
+
+<p>Certificate Authority (CA) Management.</p>
+
+</dd>
+<dt id="ciphers"><b>ciphers</b></dt>
+<dd>
+
+<p>Cipher Suite Description Determination.</p>
+
+</dd>
+<dt id="cms"><b>cms</b></dt>
+<dd>
+
+<p>CMS (Cryptographic Message Syntax) utility.</p>
+
+</dd>
+<dt id="crl"><b>crl</b></dt>
+<dd>
+
+<p>Certificate Revocation List (CRL) Management.</p>
+
+</dd>
+<dt id="crl2pkcs7"><b>crl2pkcs7</b></dt>
+<dd>
+
+<p>CRL to PKCS#7 Conversion.</p>
+
+</dd>
+<dt id="dgst"><b>dgst</b></dt>
+<dd>
+
+<p>Message Digest Calculation.</p>
+
+</dd>
+<dt id="dh"><b>dh</b></dt>
+<dd>
+
+<p>Diffie-Hellman Parameter Management. Obsoleted by <a href="../man1/dhparam.html">dhparam(1)</a>.</p>
+
+</dd>
+<dt id="dhparam"><b>dhparam</b></dt>
+<dd>
+
+<p>Generation and Management of Diffie-Hellman Parameters. Superseded by <a href="../man1/genpkey.html">genpkey(1)</a> and <a href="../man1/pkeyparam.html">pkeyparam(1)</a>.</p>
+
+</dd>
+<dt id="dsa"><b>dsa</b></dt>
+<dd>
+
+<p>DSA Data Management.</p>
+
+</dd>
+<dt id="dsaparam"><b>dsaparam</b></dt>
+<dd>
+
+<p>DSA Parameter Generation and Management. Superseded by <a href="../man1/genpkey.html">genpkey(1)</a> and <a href="../man1/pkeyparam.html">pkeyparam(1)</a>.</p>
+
+</dd>
+<dt id="ec"><b>ec</b></dt>
+<dd>
+
+<p>EC (Elliptic curve) key processing.</p>
+
+</dd>
+<dt id="ecparam"><b>ecparam</b></dt>
+<dd>
+
+<p>EC parameter manipulation and generation.</p>
+
+</dd>
+<dt id="enc"><b>enc</b></dt>
+<dd>
+
+<p>Encoding with Ciphers.</p>
+
+</dd>
+<dt id="engine"><b>engine</b></dt>
+<dd>
+
+<p>Engine (loadable module) information and manipulation.</p>
+
+</dd>
+<dt id="errstr"><b>errstr</b></dt>
+<dd>
+
+<p>Error Number to Error String Conversion.</p>
+
+</dd>
+<dt id="gendh"><b>gendh</b></dt>
+<dd>
+
+<p>Generation of Diffie-Hellman Parameters. Obsoleted by <a href="../man1/dhparam.html">dhparam(1)</a>.</p>
+
+</dd>
+<dt id="gendsa"><b>gendsa</b></dt>
+<dd>
+
+<p>Generation of DSA Private Key from Parameters. Superseded by <a href="../man1/genpkey.html">genpkey(1)</a> and <a href="../man1/pkey.html">pkey(1)</a>.</p>
+
+</dd>
+<dt id="genpkey"><b>genpkey</b></dt>
+<dd>
+
+<p>Generation of Private Key or Parameters.</p>
+
+</dd>
+<dt id="genrsa"><b>genrsa</b></dt>
+<dd>
+
+<p>Generation of RSA Private Key. Superseded by <a href="../man1/genpkey.html">genpkey(1)</a>.</p>
+
+</dd>
+<dt id="nseq"><b>nseq</b></dt>
+<dd>
+
+<p>Create or examine a Netscape certificate sequence.</p>
+
+</dd>
+<dt id="ocsp"><b>ocsp</b></dt>
+<dd>
+
+<p>Online Certificate Status Protocol utility.</p>
+
+</dd>
+<dt id="passwd"><b>passwd</b></dt>
+<dd>
+
+<p>Generation of hashed passwords.</p>
+
+</dd>
+<dt id="pkcs12"><b>pkcs12</b></dt>
+<dd>
+
+<p>PKCS#12 Data Management.</p>
+
+</dd>
+<dt id="pkcs7"><b>pkcs7</b></dt>
+<dd>
+
+<p>PKCS#7 Data Management.</p>
+
+</dd>
+<dt id="pkcs8"><b>pkcs8</b></dt>
+<dd>
+
+<p>PKCS#8 format private key conversion tool.</p>
+
+</dd>
+<dt id="pkey"><b>pkey</b></dt>
+<dd>
+
+<p>Public and private key management.</p>
+
+</dd>
+<dt id="pkeyparam"><b>pkeyparam</b></dt>
+<dd>
+
+<p>Public key algorithm parameter management.</p>
+
+</dd>
+<dt id="pkeyutl"><b>pkeyutl</b></dt>
+<dd>
+
+<p>Public key algorithm cryptographic operation utility.</p>
+
+</dd>
+<dt id="prime"><b>prime</b></dt>
+<dd>
+
+<p>Compute prime numbers.</p>
+
+</dd>
+<dt id="rand"><b>rand</b></dt>
+<dd>
+
+<p>Generate pseudo-random bytes.</p>
+
+</dd>
+<dt id="rehash"><b>rehash</b></dt>
+<dd>
+
+<p>Create symbolic links to certificate and CRL files named by the hash values.</p>
+
+</dd>
+<dt id="req"><b>req</b></dt>
+<dd>
+
+<p>PKCS#10 X.509 Certificate Signing Request (CSR) Management.</p>
+
+</dd>
+<dt id="rsa"><b>rsa</b></dt>
+<dd>
+
+<p>RSA key management.</p>
+
+</dd>
+<dt id="rsautl"><b>rsautl</b></dt>
+<dd>
+
+<p>RSA utility for signing, verification, encryption, and decryption. Superseded by <a href="../man1/pkeyutl.html">pkeyutl(1)</a>.</p>
+
+</dd>
+<dt id="s_client"><b>s_client</b></dt>
+<dd>
+
+<p>This implements a generic SSL/TLS client which can establish a transparent connection to a remote server speaking SSL/TLS. It&#39;s intended for testing purposes only and provides only rudimentary interface functionality but internally uses mostly all functionality of the OpenSSL <b>ssl</b> library.</p>
+
+</dd>
+<dt id="s_server"><b>s_server</b></dt>
+<dd>
+
+<p>This implements a generic SSL/TLS server which accepts connections from remote clients speaking SSL/TLS. It&#39;s intended for testing purposes only and provides only rudimentary interface functionality but internally uses mostly all functionality of the OpenSSL <b>ssl</b> library. It provides both an own command line oriented protocol for testing SSL functions and a simple HTTP response facility to emulate an SSL/TLS-aware webserver.</p>
+
+</dd>
+<dt id="s_time"><b>s_time</b></dt>
+<dd>
+
+<p>SSL Connection Timer.</p>
+
+</dd>
+<dt id="sess_id"><b>sess_id</b></dt>
+<dd>
+
+<p>SSL Session Data Management.</p>
+
+</dd>
+<dt id="smime"><b>smime</b></dt>
+<dd>
+
+<p>S/MIME mail processing.</p>
+
+</dd>
+<dt id="speed"><b>speed</b></dt>
+<dd>
+
+<p>Algorithm Speed Measurement.</p>
+
+</dd>
+<dt id="spkac"><b>spkac</b></dt>
+<dd>
+
+<p>SPKAC printing and generating utility.</p>
+
+</dd>
+<dt id="srp"><b>srp</b></dt>
+<dd>
+
+<p>Maintain SRP password file.</p>
+
+</dd>
+<dt id="storeutl"><b>storeutl</b></dt>
+<dd>
+
+<p>Utility to list and display certificates, keys, CRLs, etc.</p>
+
+</dd>
+<dt id="ts"><b>ts</b></dt>
+<dd>
+
+<p>Time Stamping Authority tool (client/server).</p>
+
+</dd>
+<dt id="verify"><b>verify</b></dt>
+<dd>
+
+<p>X.509 Certificate Verification.</p>
+
+</dd>
+<dt id="version"><b>version</b></dt>
+<dd>
+
+<p>OpenSSL Version Information.</p>
+
+</dd>
+<dt id="x509"><b>x509</b></dt>
+<dd>
+
+<p>X.509 Certificate Data Management.</p>
+
+</dd>
+</dl>
+
+<h2 id="Message-Digest-Commands">Message Digest Commands</h2>
+
+<dl>
+
+<dt id="blake2b512"><b>blake2b512</b></dt>
+<dd>
+
+<p>BLAKE2b-512 Digest</p>
+
+</dd>
+<dt id="blake2s256"><b>blake2s256</b></dt>
+<dd>
+
+<p>BLAKE2s-256 Digest</p>
+
+</dd>
+<dt id="md2"><b>md2</b></dt>
+<dd>
+
+<p>MD2 Digest</p>
+
+</dd>
+<dt id="md4"><b>md4</b></dt>
+<dd>
+
+<p>MD4 Digest</p>
+
+</dd>
+<dt id="md5"><b>md5</b></dt>
+<dd>
+
+<p>MD5 Digest</p>
+
+</dd>
+<dt id="mdc2"><b>mdc2</b></dt>
+<dd>
+
+<p>MDC2 Digest</p>
+
+</dd>
+<dt id="rmd160"><b>rmd160</b></dt>
+<dd>
+
+<p>RMD-160 Digest</p>
+
+</dd>
+<dt id="sha1"><b>sha1</b></dt>
+<dd>
+
+<p>SHA-1 Digest</p>
+
+</dd>
+<dt id="sha224"><b>sha224</b></dt>
+<dd>
+
+<p>SHA-2 224 Digest</p>
+
+</dd>
+<dt id="sha256"><b>sha256</b></dt>
+<dd>
+
+<p>SHA-2 256 Digest</p>
+
+</dd>
+<dt id="sha384"><b>sha384</b></dt>
+<dd>
+
+<p>SHA-2 384 Digest</p>
+
+</dd>
+<dt id="sha512"><b>sha512</b></dt>
+<dd>
+
+<p>SHA-2 512 Digest</p>
+
+</dd>
+<dt id="sha3-224"><b>sha3-224</b></dt>
+<dd>
+
+<p>SHA-3 224 Digest</p>
+
+</dd>
+<dt id="sha3-256"><b>sha3-256</b></dt>
+<dd>
+
+<p>SHA-3 256 Digest</p>
+
+</dd>
+<dt id="sha3-384"><b>sha3-384</b></dt>
+<dd>
+
+<p>SHA-3 384 Digest</p>
+
+</dd>
+<dt id="sha3-512"><b>sha3-512</b></dt>
+<dd>
+
+<p>SHA-3 512 Digest</p>
+
+</dd>
+<dt id="shake128"><b>shake128</b></dt>
+<dd>
+
+<p>SHA-3 SHAKE128 Digest</p>
+
+</dd>
+<dt id="shake256"><b>shake256</b></dt>
+<dd>
+
+<p>SHA-3 SHAKE256 Digest</p>
+
+</dd>
+<dt id="sm3"><b>sm3</b></dt>
+<dd>
+
+<p>SM3 Digest</p>
+
+</dd>
+</dl>
+
+<h2 id="Encoding-and-Cipher-Commands">Encoding and Cipher Commands</h2>
+
+<p>The following aliases provide convenient access to the most used encodings and ciphers.</p>
+
+<p>Depending on how OpenSSL was configured and built, not all ciphers listed here may be present. See <a href="../man1/enc.html">enc(1)</a> for more information and command usage.</p>
+
+<dl>
+
+<dt id="aes128-aes-128-cbc-aes-128-cfb-aes-128-ctr-aes-128-ecb-aes-128-ofb"><b>aes128</b>, <b>aes-128-cbc</b>, <b>aes-128-cfb</b>, <b>aes-128-ctr</b>, <b>aes-128-ecb</b>, <b>aes-128-ofb</b></dt>
+<dd>
+
+<p>AES-128 Cipher</p>
+
+</dd>
+<dt id="aes192-aes-192-cbc-aes-192-cfb-aes-192-ctr-aes-192-ecb-aes-192-ofb"><b>aes192</b>, <b>aes-192-cbc</b>, <b>aes-192-cfb</b>, <b>aes-192-ctr</b>, <b>aes-192-ecb</b>, <b>aes-192-ofb</b></dt>
+<dd>
+
+<p>AES-192 Cipher</p>
+
+</dd>
+<dt id="aes256-aes-256-cbc-aes-256-cfb-aes-256-ctr-aes-256-ecb-aes-256-ofb"><b>aes256</b>, <b>aes-256-cbc</b>, <b>aes-256-cfb</b>, <b>aes-256-ctr</b>, <b>aes-256-ecb</b>, <b>aes-256-ofb</b></dt>
+<dd>
+
+<p>AES-256 Cipher</p>
+
+</dd>
+<dt id="aria128-aria-128-cbc-aria-128-cfb-aria-128-ctr-aria-128-ecb-aria-128-ofb"><b>aria128</b>, <b>aria-128-cbc</b>, <b>aria-128-cfb</b>, <b>aria-128-ctr</b>, <b>aria-128-ecb</b>, <b>aria-128-ofb</b></dt>
+<dd>
+
+<p>Aria-128 Cipher</p>
+
+</dd>
+<dt id="aria192-aria-192-cbc-aria-192-cfb-aria-192-ctr-aria-192-ecb-aria-192-ofb"><b>aria192</b>, <b>aria-192-cbc</b>, <b>aria-192-cfb</b>, <b>aria-192-ctr</b>, <b>aria-192-ecb</b>, <b>aria-192-ofb</b></dt>
+<dd>
+
+<p>Aria-192 Cipher</p>
+
+</dd>
+<dt id="aria256-aria-256-cbc-aria-256-cfb-aria-256-ctr-aria-256-ecb-aria-256-ofb"><b>aria256</b>, <b>aria-256-cbc</b>, <b>aria-256-cfb</b>, <b>aria-256-ctr</b>, <b>aria-256-ecb</b>, <b>aria-256-ofb</b></dt>
+<dd>
+
+<p>Aria-256 Cipher</p>
+
+</dd>
+<dt id="base64"><b>base64</b></dt>
+<dd>
+
+<p>Base64 Encoding</p>
+
+</dd>
+<dt id="bf-bf-cbc-bf-cfb-bf-ecb-bf-ofb"><b>bf</b>, <b>bf-cbc</b>, <b>bf-cfb</b>, <b>bf-ecb</b>, <b>bf-ofb</b></dt>
+<dd>
+
+<p>Blowfish Cipher</p>
+
+</dd>
+<dt id="camellia128-camellia-128-cbc-camellia-128-cfb-camellia-128-ctr-camellia-128-ecb-camellia-128-ofb"><b>camellia128</b>, <b>camellia-128-cbc</b>, <b>camellia-128-cfb</b>, <b>camellia-128-ctr</b>, <b>camellia-128-ecb</b>, <b>camellia-128-ofb</b></dt>
+<dd>
+
+<p>Camellia-128 Cipher</p>
+
+</dd>
+<dt id="camellia192-camellia-192-cbc-camellia-192-cfb-camellia-192-ctr-camellia-192-ecb-camellia-192-ofb"><b>camellia192</b>, <b>camellia-192-cbc</b>, <b>camellia-192-cfb</b>, <b>camellia-192-ctr</b>, <b>camellia-192-ecb</b>, <b>camellia-192-ofb</b></dt>
+<dd>
+
+<p>Camellia-192 Cipher</p>
+
+</dd>
+<dt id="camellia256-camellia-256-cbc-camellia-256-cfb-camellia-256-ctr-camellia-256-ecb-camellia-256-ofb"><b>camellia256</b>, <b>camellia-256-cbc</b>, <b>camellia-256-cfb</b>, <b>camellia-256-ctr</b>, <b>camellia-256-ecb</b>, <b>camellia-256-ofb</b></dt>
+<dd>
+
+<p>Camellia-256 Cipher</p>
+
+</dd>
+<dt id="cast-cast-cbc"><b>cast</b>, <b>cast-cbc</b></dt>
+<dd>
+
+<p>CAST Cipher</p>
+
+</dd>
+<dt id="cast5-cbc-cast5-cfb-cast5-ecb-cast5-ofb"><b>cast5-cbc</b>, <b>cast5-cfb</b>, <b>cast5-ecb</b>, <b>cast5-ofb</b></dt>
+<dd>
+
+<p>CAST5 Cipher</p>
+
+</dd>
+<dt id="chacha20"><b>chacha20</b></dt>
+<dd>
+
+<p>Chacha20 Cipher</p>
+
+</dd>
+<dt id="des-des-cbc-des-cfb-des-ecb-des-ede-des-ede-cbc-des-ede-cfb-des-ede-ofb-des-ofb"><b>des</b>, <b>des-cbc</b>, <b>des-cfb</b>, <b>des-ecb</b>, <b>des-ede</b>, <b>des-ede-cbc</b>, <b>des-ede-cfb</b>, <b>des-ede-ofb</b>, <b>des-ofb</b></dt>
+<dd>
+
+<p>DES Cipher</p>
+
+</dd>
+<dt id="des3-desx-des-ede3-des-ede3-cbc-des-ede3-cfb-des-ede3-ofb"><b>des3</b>, <b>desx</b>, <b>des-ede3</b>, <b>des-ede3-cbc</b>, <b>des-ede3-cfb</b>, <b>des-ede3-ofb</b></dt>
+<dd>
+
+<p>Triple-DES Cipher</p>
+
+</dd>
+<dt id="idea-idea-cbc-idea-cfb-idea-ecb-idea-ofb"><b>idea</b>, <b>idea-cbc</b>, <b>idea-cfb</b>, <b>idea-ecb</b>, <b>idea-ofb</b></dt>
+<dd>
+
+<p>IDEA Cipher</p>
+
+</dd>
+<dt id="rc2-rc2-cbc-rc2-cfb-rc2-ecb-rc2-ofb"><b>rc2</b>, <b>rc2-cbc</b>, <b>rc2-cfb</b>, <b>rc2-ecb</b>, <b>rc2-ofb</b></dt>
+<dd>
+
+<p>RC2 Cipher</p>
+
+</dd>
+<dt id="rc4"><b>rc4</b></dt>
+<dd>
+
+<p>RC4 Cipher</p>
+
+</dd>
+<dt id="rc5-rc5-cbc-rc5-cfb-rc5-ecb-rc5-ofb"><b>rc5</b>, <b>rc5-cbc</b>, <b>rc5-cfb</b>, <b>rc5-ecb</b>, <b>rc5-ofb</b></dt>
+<dd>
+
+<p>RC5 Cipher</p>
+
+</dd>
+<dt id="seed-seed-cbc-seed-cfb-seed-ecb-seed-ofb"><b>seed</b>, <b>seed-cbc</b>, <b>seed-cfb</b>, <b>seed-ecb</b>, <b>seed-ofb</b></dt>
+<dd>
+
+<p>SEED Cipher</p>
+
+</dd>
+<dt id="sm4-sm4-cbc-sm4-cfb-sm4-ctr-sm4-ecb-sm4-ofb"><b>sm4</b>, <b>sm4-cbc</b>, <b>sm4-cfb</b>, <b>sm4-ctr</b>, <b>sm4-ecb</b>, <b>sm4-ofb</b></dt>
+<dd>
+
+<p>SM4 Cipher</p>
+
+</dd>
+</dl>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>Details of which options are available depend on the specific command. This section describes some common options with common behavior.</p>
+
+<h2 id="Common-Options">Common Options</h2>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Provides a terse summary of all options.</p>
+
+</dd>
+</dl>
+
+<h2 id="Pass-Phrase-Options">Pass Phrase Options</h2>
+
+<p>Several commands accept password arguments, typically using <b>-passin</b> and <b>-passout</b> for input and output passwords respectively. These allow the password to be obtained from a variety of sources. Both of these options take a single argument whose format is described below. If no password argument is given and a password is required then the user is prompted to enter one: this will typically be read from the current terminal with echoing turned off.</p>
+
+<p>Note that character encoding may be relevant, please see <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a>.</p>
+
+<dl>
+
+<dt id="pass:password"><b>pass:password</b></dt>
+<dd>
+
+<p>The actual password is <b>password</b>. Since the password is visible to utilities (like &#39;ps&#39; under Unix) this form should only be used where security is not important.</p>
+
+</dd>
+<dt id="env:var"><b>env:var</b></dt>
+<dd>
+
+<p>Obtain the password from the environment variable <b>var</b>. Since the environment of other processes is visible on certain platforms (e.g. ps under certain Unix OSes) this option should be used with caution.</p>
+
+</dd>
+<dt id="file:pathname"><b>file:pathname</b></dt>
+<dd>
+
+<p>The first line of <b>pathname</b> is the password. If the same <b>pathname</b> argument is supplied to <b>-passin</b> and <b>-passout</b> arguments then the first line will be used for the input password and the next line for the output password. <b>pathname</b> need not refer to a regular file: it could for example refer to a device or named pipe.</p>
+
+</dd>
+<dt id="fd:number"><b>fd:number</b></dt>
+<dd>
+
+<p>Read the password from the file descriptor <b>number</b>. This can be used to send the data via a pipe for example.</p>
+
+</dd>
+<dt id="stdin"><b>stdin</b></dt>
+<dd>
+
+<p>Read the password from standard input.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/asn1parse.html">asn1parse(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man1/cms.html">cms(1)</a>, <a href="../man5/config.html">config(5)</a>, <a href="../man1/crl.html">crl(1)</a>, <a href="../man1/crl2pkcs7.html">crl2pkcs7(1)</a>, <a href="../man1/dgst.html">dgst(1)</a>, <a href="../man1/dhparam.html">dhparam(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/dsaparam.html">dsaparam(1)</a>, <a href="../man1/ec.html">ec(1)</a>, <a href="../man1/ecparam.html">ecparam(1)</a>, <a href="../man1/enc.html">enc(1)</a>, <a href="../man1/engine.html">engine(1)</a>, <a href="../man1/errstr.html">errstr(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/genpkey.html">genpkey(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/nseq.html">nseq(1)</a>, <a href="../man1/ocsp.html">ocsp(1)</a>, <a href="../man1/passwd.html">passwd(1)</a>, <a href="../man1/pkcs12.html">pkcs12(1)</a>, <a href="../man1/pkcs7.html">pkcs7(1)</a>, <a href="../man1/pkcs8.html">pkcs8(1)</a>, <a href="../man1/pkey.html">pkey(1)</a>, <a href="../man1/pkeyparam.html">pkeyparam(1)</a>, <a href="../man1/pkeyutl.html">pkeyutl(1)</a>, <a href="../man1/prime.html">prime(1)</a>, <a href="../man1/rand.html">rand(1)</a>, <a href="../man1/rehash.html">rehash(1)</a>, <a href="../man1/req.html">req(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/rsautl.html">rsautl(1)</a>, <a href="../man1/s_client.html">s_client(1)</a>, <a href="../man1/s_server.html">s_server(1)</a>, <a href="../man1/s_time.html">s_time(1)</a>, <a href="../man1/sess_id.html">sess_id(1)</a>, <a href="../man1/smime.html">smime(1)</a>, <a href="../man1/speed.html">speed(1)</a>, <a href="../man1/spkac.html">spkac(1)</a>, <a href="../man1/srp.html">srp(1)</a>, <a href="../man1/storeutl.html">storeutl(1)</a>, <a href="../man1/ts.html">ts(1)</a>, <a href="../man1/verify.html">verify(1)</a>, <a href="../man1/version.html">version(1)</a>, <a href="../man1/x509.html">x509(1)</a>, <a href="../man7/crypto.html">crypto(7)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man5/x509v3_config.html">x509v3_config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>list-</b><i>XXX</i><b>-algorithms</b> pseudo-commands were added in OpenSSL 1.0.0; For notes on the availability of other commands, see their individual manual pages.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/passwd.html b/msys2/usr/share/doc/openssl/html/man1/passwd.html
new file mode 100644
index 000000000..fe4f40a9e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/passwd.html
@@ -0,0 +1,154 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>passwd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-passwd, passwd - compute password hashes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl passwd</b> [<b>-help</b>] [<b>-crypt</b>] [<b>-1</b>] [<b>-apr1</b>] [<b>-aixmd5</b>] [<b>-5</b>] [<b>-6</b>] [<b>-salt</b> <i>string</i>] [<b>-in</b> <i>file</i>] [<b>-stdin</b>] [<b>-noverify</b>] [<b>-quiet</b>] [<b>-table</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] {<i>password</i>}</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>passwd</b> command computes the hash of a password typed at run-time or the hash of each password in a list. The password list is taken from the named file for option <b>-in file</b>, from stdin for option <b>-stdin</b>, or from the command line, or from the terminal otherwise. The Unix standard algorithm <b>crypt</b> and the MD5-based BSD password algorithm <b>1</b>, its Apache variant <b>apr1</b>, and its AIX variant are available.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="crypt"><b>-crypt</b></dt>
+<dd>
+
+<p>Use the <b>crypt</b> algorithm (default).</p>
+
+</dd>
+<dt id="pod-1"><b>-1</b></dt>
+<dd>
+
+<p>Use the MD5 based BSD password algorithm <b>1</b>.</p>
+
+</dd>
+<dt id="apr1"><b>-apr1</b></dt>
+<dd>
+
+<p>Use the <b>apr1</b> algorithm (Apache variant of the BSD algorithm).</p>
+
+</dd>
+<dt id="aixmd5"><b>-aixmd5</b></dt>
+<dd>
+
+<p>Use the <b>AIX MD5</b> algorithm (AIX variant of the BSD algorithm).</p>
+
+</dd>
+<dt id="pod-5"><b>-5</b></dt>
+<dd>
+
+</dd>
+<dt id="pod-6"><b>-6</b></dt>
+<dd>
+
+<p>Use the <b>SHA256</b> / <b>SHA512</b> based algorithms defined by Ulrich Drepper. See <a href="https://www.akkadia.org/drepper/SHA-crypt.txt">https://www.akkadia.org/drepper/SHA-crypt.txt</a>.</p>
+
+</dd>
+<dt id="salt-string"><b>-salt</b> <i>string</i></dt>
+<dd>
+
+<p>Use the specified salt. When reading a password from the terminal, this implies <b>-noverify</b>.</p>
+
+</dd>
+<dt id="in-file"><b>-in</b> <i>file</i></dt>
+<dd>
+
+<p>Read passwords from <i>file</i>.</p>
+
+</dd>
+<dt id="stdin"><b>-stdin</b></dt>
+<dd>
+
+<p>Read passwords from <b>stdin</b>.</p>
+
+</dd>
+<dt id="noverify"><b>-noverify</b></dt>
+<dd>
+
+<p>Don&#39;t verify when reading a password from the terminal.</p>
+
+</dd>
+<dt id="quiet"><b>-quiet</b></dt>
+<dd>
+
+<p>Don&#39;t output warnings when passwords given at the command line are truncated.</p>
+
+</dd>
+<dt id="table"><b>-table</b></dt>
+<dd>
+
+<p>In the output list, prepend the cleartext password and a TAB character to each password hash.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<pre><code>  % openssl passwd -crypt -salt xx password
+  xxj31ZMTZzkVA
+
+  % openssl passwd -1 -salt xxxxxxxx password
+  $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.
+
+  % openssl passwd -apr1 -salt xxxxxxxx password
+  $apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0
+
+  % openssl passwd -aixmd5 -salt xxxxxxxx password
+  xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/pkcs12.html b/msys2/usr/share/doc/openssl/html/man1/pkcs12.html
new file mode 100644
index 000000000..be1721ecc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/pkcs12.html
@@ -0,0 +1,379 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkcs12</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#PARSING-OPTIONS">PARSING OPTIONS</a></li>
+  <li><a href="#FILE-CREATION-OPTIONS">FILE CREATION OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkcs12, pkcs12 - PKCS#12 file utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkcs12</b> [<b>-help</b>] [<b>-export</b>] [<b>-chain</b>] [<b>-inkey file_or_id</b>] [<b>-certfile filename</b>] [<b>-name name</b>] [<b>-caname name</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-nomacver</b>] [<b>-nocerts</b>] [<b>-clcerts</b>] [<b>-cacerts</b>] [<b>-nokeys</b>] [<b>-info</b>] [<b>-des | -des3 | -idea | -aes128 | -aes192 | -aes256 | -aria128 | -aria192 | -aria256 | -camellia128 | -camellia192 | -camellia256 | -nodes</b>] [<b>-noiter</b>] [<b>-maciter | -nomaciter | -nomac</b>] [<b>-twopass</b>] [<b>-descert</b>] [<b>-certpbe cipher</b>] [<b>-keypbe cipher</b>] [<b>-macalg digest</b>] [<b>-keyex</b>] [<b>-keysig</b>] [<b>-password arg</b>] [<b>-passin arg</b>] [<b>-passout arg</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-CSP name</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkcs12</b> command allows PKCS#12 files (sometimes referred to as PFX files) to be created and parsed. PKCS#12 files are used by several programs including Netscape, MSIE and MS Outlook.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>There are a lot of options the meaning of some depends of whether a PKCS#12 file is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12 file can be created by using the <b>-export</b> option (see below).</p>
+
+<h1 id="PARSING-OPTIONS">PARSING OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies filename of the PKCS#12 file to be parsed. Standard input is used by default.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The filename to write certificates and private keys to, standard output by default. They are all written in PEM format.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The PKCS#12 file (i.e. input file) password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>Pass phrase source to encrypt any outputted private keys with. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="password-arg"><b>-password arg</b></dt>
+<dd>
+
+<p>With -export, -password is equivalent to -passout. Otherwise, -password is equivalent to -passin.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option inhibits output of the keys and certificates to the output file version of the PKCS#12 file.</p>
+
+</dd>
+<dt id="clcerts"><b>-clcerts</b></dt>
+<dd>
+
+<p>Only output client certificates (not CA certificates).</p>
+
+</dd>
+<dt id="cacerts"><b>-cacerts</b></dt>
+<dd>
+
+<p>Only output CA certificates (not client certificates).</p>
+
+</dd>
+<dt id="nocerts"><b>-nocerts</b></dt>
+<dd>
+
+<p>No certificates at all will be output.</p>
+
+</dd>
+<dt id="nokeys"><b>-nokeys</b></dt>
+<dd>
+
+<p>No private keys will be output.</p>
+
+</dd>
+<dt id="info"><b>-info</b></dt>
+<dd>
+
+<p>Output additional information about the PKCS#12 file structure, algorithms used and iteration counts.</p>
+
+</dd>
+<dt id="des"><b>-des</b></dt>
+<dd>
+
+<p>Use DES to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="des3"><b>-des3</b></dt>
+<dd>
+
+<p>Use triple DES to encrypt private keys before outputting, this is the default.</p>
+
+</dd>
+<dt id="idea"><b>-idea</b></dt>
+<dd>
+
+<p>Use IDEA to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b></dt>
+<dd>
+
+<p>Use AES to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="aria128--aria192--aria256"><b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b></dt>
+<dd>
+
+<p>Use ARIA to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="camellia128--camellia192--camellia256"><b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b></dt>
+<dd>
+
+<p>Use Camellia to encrypt private keys before outputting.</p>
+
+</dd>
+<dt id="nodes"><b>-nodes</b></dt>
+<dd>
+
+<p>Don&#39;t encrypt the private keys at all.</p>
+
+</dd>
+<dt id="nomacver"><b>-nomacver</b></dt>
+<dd>
+
+<p>Don&#39;t attempt to verify the integrity MAC before reading the file.</p>
+
+</dd>
+<dt id="twopass"><b>-twopass</b></dt>
+<dd>
+
+<p>Prompt for separate integrity and encryption passwords: most software always assumes these are the same so this option will render such PKCS#12 files unreadable. Cannot be used in combination with the options -password, -passin (if importing) or -passout (if exporting).</p>
+
+</dd>
+</dl>
+
+<h1 id="FILE-CREATION-OPTIONS">FILE CREATION OPTIONS</h1>
+
+<dl>
+
+<dt id="export"><b>-export</b></dt>
+<dd>
+
+<p>This option specifies that a PKCS#12 file will be created rather than parsed.</p>
+
+</dd>
+<dt id="out-filename1"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies filename to write the PKCS#12 file to. Standard output is used by default.</p>
+
+</dd>
+<dt id="in-filename1"><b>-in filename</b></dt>
+<dd>
+
+<p>The filename to read certificates and private keys from, standard input by default. They must all be in PEM format. The order doesn&#39;t matter but one private key and its corresponding certificate should be present. If additional certificates are present they will also be included in the PKCS#12 file.</p>
+
+</dd>
+<dt id="inkey-file_or_id"><b>-inkey file_or_id</b></dt>
+<dd>
+
+<p>File to read private key from. If not present then a private key must be present in the input file. If no engine is used, the argument is taken as a file; if an engine is specified, the argument is given to the engine as a key identifier.</p>
+
+</dd>
+<dt id="name-friendlyname"><b>-name friendlyname</b></dt>
+<dd>
+
+<p>This specifies the &quot;friendly name&quot; for the certificate and private key. This name is typically displayed in list boxes by software importing the file.</p>
+
+</dd>
+<dt id="certfile-filename"><b>-certfile filename</b></dt>
+<dd>
+
+<p>A filename to read additional certificates from.</p>
+
+</dd>
+<dt id="caname-friendlyname"><b>-caname friendlyname</b></dt>
+<dd>
+
+<p>This specifies the &quot;friendly name&quot; for other certificates. This option may be used multiple times to specify names for all certificates in the order they appear. Netscape ignores friendly names on other certificates whereas MSIE displays them.</p>
+
+</dd>
+<dt id="pass-arg--passout-arg"><b>-pass arg</b>, <b>-passout arg</b></dt>
+<dd>
+
+<p>The PKCS#12 file (i.e. output file) password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="passin-password"><b>-passin password</b></dt>
+<dd>
+
+<p>Pass phrase source to decrypt any input private keys with. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="chain"><b>-chain</b></dt>
+<dd>
+
+<p>If this option is present then an attempt is made to include the entire certificate chain of the user certificate. The standard CA store is used for this search. If the search fails it is considered a fatal error.</p>
+
+</dd>
+<dt id="descert"><b>-descert</b></dt>
+<dd>
+
+<p>Encrypt the certificate using triple DES, this may render the PKCS#12 file unreadable by some &quot;export grade&quot; software. By default the private key is encrypted using triple DES and the certificate using 40 bit RC2.</p>
+
+</dd>
+<dt id="keypbe-alg--certpbe-alg"><b>-keypbe alg</b>, <b>-certpbe alg</b></dt>
+<dd>
+
+<p>These options allow the algorithm used to encrypt the private key and certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name can be used (see <b>NOTES</b> section for more information). If a cipher name (as output by the <b>list-cipher-algorithms</b> command is specified then it is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only use PKCS#12 algorithms.</p>
+
+</dd>
+<dt id="keyex--keysig"><b>-keyex|-keysig</b></dt>
+<dd>
+
+<p>Specifies that the private key is to be used for key exchange or just signing. This option is only interpreted by MSIE and similar MS software. Normally &quot;export grade&quot; software will only allow 512 bit RSA keys to be used for encryption purposes but arbitrary length keys for signing. The <b>-keysig</b> option marks the key for signing only. Signing only keys can be used for S/MIME signing, authenticode (ActiveX control signing) and SSL client authentication, however due to a bug only MSIE 5.0 and later support the use of signing only keys for SSL client authentication.</p>
+
+</dd>
+<dt id="macalg-digest"><b>-macalg digest</b></dt>
+<dd>
+
+<p>Specify the MAC digest algorithm. If not included them SHA1 will be used.</p>
+
+</dd>
+<dt id="nomaciter--noiter"><b>-nomaciter</b>, <b>-noiter</b></dt>
+<dd>
+
+<p>These options affect the iteration counts on the MAC and key algorithms. Unless you wish to produce files compatible with MSIE 4.0 you should leave these options alone.</p>
+
+<p>To discourage attacks by using large dictionaries of common passwords the algorithm that derives keys from passwords can have an iteration count applied to it: this causes a certain part of the algorithm to be repeated and slows it down. The MAC is used to check the file integrity but since it will normally have the same password as the keys and certificates it could also be attacked. By default both MAC and encryption iteration counts are set to 2048, using these options the MAC and encryption iteration counts can be set to 1, since this reduces the file security you should not use these options unless you really have to. Most software supports both MAC and key iteration counts. MSIE 4.0 doesn&#39;t support MAC iteration counts so it needs the <b>-nomaciter</b> option.</p>
+
+</dd>
+<dt id="maciter"><b>-maciter</b></dt>
+<dd>
+
+<p>This option is included for compatibility with previous versions, it used to be needed to use MAC iterations counts but they are now used by default.</p>
+
+</dd>
+<dt id="nomac"><b>-nomac</b></dt>
+<dd>
+
+<p>Don&#39;t attempt to provide the MAC integrity.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>CA storage as a file.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>CA storage as a directory. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location.</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location.</p>
+
+</dd>
+<dt id="CSP-name"><b>-CSP name</b></dt>
+<dd>
+
+<p>Write <b>name</b> as a Microsoft CSP name.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Although there are a large number of options most of them are very rarely used. For PKCS#12 file parsing only <b>-in</b> and <b>-out</b> need to be used for PKCS#12 file creation <b>-export</b> and <b>-name</b> are also used.</p>
+
+<p>If none of the <b>-clcerts</b>, <b>-cacerts</b> or <b>-nocerts</b> options are present then all certificates will be output in the order they appear in the input PKCS#12 files. There is no guarantee that the first certificate present is the one corresponding to the private key. Certain software which requires a private key and certificate and assumes the first certificate in the file is the one corresponding to the private key: this may not always be the case. Using the <b>-clcerts</b> option will solve this problem by only outputting the certificate corresponding to the private key. If the CA certificates are required then they can be output to a separate file using the <b>-nokeys -cacerts</b> options to just output CA certificates.</p>
+
+<p>The <b>-keypbe</b> and <b>-certpbe</b> algorithms allow the precise encryption algorithms for private keys and certificates to be specified. Normally the defaults are fine but occasionally software can&#39;t handle triple DES encrypted private keys, then the option <b>-keypbe PBE-SHA1-RC2-40</b> can be used to reduce the private key encryption to 40 bit RC2. A complete description of all algorithms is contained in the <b>pkcs8</b> manual page.</p>
+
+<p>Prior 1.1 release passwords containing non-ASCII characters were encoded in non-compliant manner, which limited interoperability, in first hand with Windows. But switching to standard-compliant password encoding poses problem accessing old data protected with broken encoding. For this reason even legacy encodings is attempted when reading the data. If you use PKCS#12 files in production application you are advised to convert the data, because implemented heuristic approach is not MT-safe, its sole goal is to facilitate the data upgrade with this utility.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Parse a PKCS#12 file and output it to a file:</p>
+
+<pre><code> openssl pkcs12 -in file.p12 -out file.pem</code></pre>
+
+<p>Output only client certificates to a file:</p>
+
+<pre><code> openssl pkcs12 -in file.p12 -clcerts -out file.pem</code></pre>
+
+<p>Don&#39;t encrypt the private key:</p>
+
+<pre><code> openssl pkcs12 -in file.p12 -out file.pem -nodes</code></pre>
+
+<p>Print some info about a PKCS#12 file:</p>
+
+<pre><code> openssl pkcs12 -in file.p12 -info -noout</code></pre>
+
+<p>Create a PKCS#12 file:</p>
+
+<pre><code> openssl pkcs12 -export -in file.pem -out file.p12 -name &quot;My Certificate&quot;</code></pre>
+
+<p>Include some extra certificates:</p>
+
+<pre><code> openssl pkcs12 -export -in file.pem -out file.p12 -name &quot;My Certificate&quot; \
+  -certfile othercerts.pem</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/pkcs8.html">pkcs8(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/pkcs7.html b/msys2/usr/share/doc/openssl/html/man1/pkcs7.html
new file mode 100644
index 000000000..4051327b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/pkcs7.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkcs7</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkcs7, pkcs7 - PKCS#7 utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkcs7</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-print_certs</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkcs7</b> command processes PKCS#7 files in DER or PEM format.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. <b>DER</b> format is DER encoded PKCS#7 v1.5 structure.<b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="print_certs"><b>-print_certs</b></dt>
+<dd>
+
+<p>Prints out any certificates or CRLs contained in the file. They are preceded by their subject and issuer names in one line format.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out certificates details in full rather than just subject and issuer names.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Don&#39;t output the encoded version of the PKCS#7 structure (or certificates is <b>-print_certs</b> is set).</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkcs7</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Convert a PKCS#7 file from PEM to DER:</p>
+
+<pre><code> openssl pkcs7 -in file.pem -outform DER -out file.der</code></pre>
+
+<p>Output all certificates in a file:</p>
+
+<pre><code> openssl pkcs7 -in file.pem -print_certs -out certs.pem</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM PKCS#7 format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN PKCS7-----
+ -----END PKCS7-----</code></pre>
+
+<p>For compatibility with some CAs it will also accept:</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----</code></pre>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>There is no option to print out all the fields of a PKCS#7 file.</p>
+
+<p>This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they cannot currently parse, for example, the new CMS as described in RFC2630.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/crl2pkcs7.html">crl2pkcs7(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/pkcs8.html b/msys2/usr/share/doc/openssl/html/man1/pkcs8.html
new file mode 100644
index 000000000..eb2f3f7a8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/pkcs8.html
@@ -0,0 +1,291 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkcs8</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#KEY-FORMATS">KEY FORMATS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PKCS-5-v1.5-and-PKCS-12-algorithms">PKCS#5 v1.5 and PKCS#12 algorithms.</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#STANDARDS">STANDARDS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkcs8, pkcs8 - PKCS#8 format private key conversion tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkcs8</b> [<b>-help</b>] [<b>-topk8</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-iter count</b>] [<b>-noiter</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-nocrypt</b>] [<b>-traditional</b>] [<b>-v2 alg</b>] [<b>-v2prf alg</b>] [<b>-v1 alg</b>] [<b>-engine id</b>] [<b>-scrypt</b>] [<b>-scrypt_N N</b>] [<b>-scrypt_r r</b>] [<b>-scrypt_p p</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkcs8</b> command processes private keys in PKCS#8 format. It can handle both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo format with a variety of PKCS#5 (v1.5 and v2.0) and PKCS#12 algorithms.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="topk8"><b>-topk8</b></dt>
+<dd>
+
+<p>Normally a PKCS#8 private key is expected on input and a private key will be written to the output file. With the <b>-topk8</b> option the situation is reversed: it reads a private key and writes a PKCS#8 format key.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format: see <a href="#KEY-FORMATS">&quot;KEY FORMATS&quot;</a> for more details. The default format is PEM.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format: see <a href="#KEY-FORMATS">&quot;KEY FORMATS&quot;</a> for more details. The default format is PEM.</p>
+
+</dd>
+<dt id="traditional"><b>-traditional</b></dt>
+<dd>
+
+<p>When this option is present and <b>-topk8</b> is not a traditional format private key is written.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output by default. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="iter-count"><b>-iter count</b></dt>
+<dd>
+
+<p>When creating new PKCS#8 containers, use a given number of iterations on the password in deriving the encryption key for the PKCS#8 output. High values increase the time required to brute-force a PKCS#8 container.</p>
+
+</dd>
+<dt id="nocrypt"><b>-nocrypt</b></dt>
+<dd>
+
+<p>PKCS#8 keys generated or input are normally PKCS#8 EncryptedPrivateKeyInfo structures using an appropriate password based encryption algorithm. With this option an unencrypted PrivateKeyInfo structure is expected or output. This option does not encrypt private keys at all and should only be used when absolutely necessary. Certain software such as some versions of Java code signing software used unencrypted private keys.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="v2-alg"><b>-v2 alg</b></dt>
+<dd>
+
+<p>This option sets the PKCS#5 v2.0 algorithm.</p>
+
+<p>The <b>alg</b> argument is the encryption algorithm to use, valid values include <b>aes128</b>, <b>aes256</b> and <b>des3</b>. If this option isn&#39;t specified then <b>aes256</b> is used.</p>
+
+</dd>
+<dt id="v2prf-alg"><b>-v2prf alg</b></dt>
+<dd>
+
+<p>This option sets the PRF algorithm to use with PKCS#5 v2.0. A typical value value would be <b>hmacWithSHA256</b>. If this option isn&#39;t set then the default for the cipher is used or <b>hmacWithSHA256</b> if there is no default.</p>
+
+<p>Some implementations may not support custom PRF algorithms and may require the <b>hmacWithSHA1</b> option to work.</p>
+
+</dd>
+<dt id="v1-alg"><b>-v1 alg</b></dt>
+<dd>
+
+<p>This option indicates a PKCS#5 v1.5 or PKCS#12 algorithm should be used. Some older implementations may not support PKCS#5 v2.0 and may require this option. If not specified PKCS#5 v2.0 form is used.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkcs8</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="scrypt"><b>-scrypt</b></dt>
+<dd>
+
+<p>Uses the <b>scrypt</b> algorithm for private key encryption using default parameters: currently N=16384, r=8 and p=1 and AES in CBC mode with a 256 bit key. These parameters can be modified using the <b>-scrypt_N</b>, <b>-scrypt_r</b>, <b>-scrypt_p</b> and <b>-v2</b> options.</p>
+
+</dd>
+<dt id="scrypt_N-N--scrypt_r-r--scrypt_p-p"><b>-scrypt_N N</b> <b>-scrypt_r r</b> <b>-scrypt_p p</b></dt>
+<dd>
+
+<p>Sets the scrypt <b>N</b>, <b>r</b> or <b>p</b> parameters.</p>
+
+</dd>
+</dl>
+
+<h1 id="KEY-FORMATS">KEY FORMATS</h1>
+
+<p>Various different formats are used by the pkcs8 utility. These are detailed below.</p>
+
+<p>If a key is being converted from PKCS#8 form (i.e. the <b>-topk8</b> option is not used) then the input file must be in PKCS#8 format. An encrypted key is expected unless <b>-nocrypt</b> is included.</p>
+
+<p>If <b>-topk8</b> is not used and <b>PEM</b> mode is set the output file will be an unencrypted private key in PKCS#8 format. If the <b>-traditional</b> option is used then a traditional format private key is written instead.</p>
+
+<p>If <b>-topk8</b> is not used and <b>DER</b> mode is set the output file will be an unencrypted private key in traditional DER format.</p>
+
+<p>If <b>-topk8</b> is used then any supported private key can be used for the input file in a format specified by <b>-inform</b>. The output file will be encrypted PKCS#8 format using the specified encryption parameters unless <b>-nocrypt</b> is included.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>By default, when converting a key to PKCS#8 format, PKCS#5 v2.0 using 256 bit AES with HMAC and SHA256 is used.</p>
+
+<p>Some older implementations do not support PKCS#5 v2.0 format and require the older PKCS#5 v1.5 form instead, possibly also requiring insecure weak encryption algorithms such as 56 bit DES.</p>
+
+<p>The encrypted form of a PEM encode PKCS#8 files uses the following headers and footers:</p>
+
+<pre><code> -----BEGIN ENCRYPTED PRIVATE KEY-----
+ -----END ENCRYPTED PRIVATE KEY-----</code></pre>
+
+<p>The unencrypted form uses:</p>
+
+<pre><code> -----BEGIN PRIVATE KEY-----
+ -----END PRIVATE KEY-----</code></pre>
+
+<p>Private keys encrypted using PKCS#5 v2.0 algorithms and high iteration counts are more secure that those encrypted using the traditional SSLeay compatible formats. So if additional security is considered important the keys should be converted.</p>
+
+<p>It is possible to write out DER encoded encrypted private keys in PKCS#8 format because the encryption details are included at an ASN1 level whereas the traditional format includes them at a PEM level.</p>
+
+<h1 id="PKCS-5-v1.5-and-PKCS-12-algorithms">PKCS#5 v1.5 and PKCS#12 algorithms.</h1>
+
+<p>Various algorithms can be used with the <b>-v1</b> command line option, including PKCS#5 v1.5 and PKCS#12. These are described in more detail below.</p>
+
+<dl>
+
+<dt id="PBE-MD2-DES-PBE-MD5-DES"><b>PBE-MD2-DES PBE-MD5-DES</b></dt>
+<dd>
+
+<p>These algorithms were included in the original PKCS#5 v1.5 specification. They only offer 56 bits of protection since they both use DES.</p>
+
+</dd>
+<dt id="PBE-SHA1-RC2-64-PBE-MD2-RC2-64-PBE-MD5-RC2-64-PBE-SHA1-DES"><b>PBE-SHA1-RC2-64</b>, <b>PBE-MD2-RC2-64</b>, <b>PBE-MD5-RC2-64</b>, <b>PBE-SHA1-DES</b></dt>
+<dd>
+
+<p>These algorithms are not mentioned in the original PKCS#5 v1.5 specification but they use the same key derivation algorithm and are supported by some software. They are mentioned in PKCS#5 v2.0. They use either 64 bit RC2 or 56 bit DES.</p>
+
+</dd>
+<dt id="PBE-SHA1-RC4-128-PBE-SHA1-RC4-40-PBE-SHA1-3DES-PBE-SHA1-2DES-PBE-SHA1-RC2-128-PBE-SHA1-RC2-40"><b>PBE-SHA1-RC4-128</b>, <b>PBE-SHA1-RC4-40</b>, <b>PBE-SHA1-3DES</b>, <b>PBE-SHA1-2DES</b>, <b>PBE-SHA1-RC2-128</b>, <b>PBE-SHA1-RC2-40</b></dt>
+<dd>
+
+<p>These algorithms use the PKCS#12 password based encryption algorithm and allow strong encryption algorithms like triple DES or 128 bit RC2 to be used.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Convert a private key to PKCS#8 format using default parameters (AES with 256 bit key and <b>hmacWithSHA256</b>):</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#8 unencrypted format:</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -nocrypt -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#5 v2.0 format using triple DES:</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -v2 des3 -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#5 v2.0 format using AES with 256 bits in CBC mode and <b>hmacWithSHA512</b> PRF:</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA512 -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#8 using a PKCS#5 1.5 compatible algorithm (DES):</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -v1 PBE-MD5-DES -out enckey.pem</code></pre>
+
+<p>Convert a private key to PKCS#8 using a PKCS#12 compatible algorithm (3DES):</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -out enckey.pem -v1 PBE-SHA1-3DES</code></pre>
+
+<p>Read a DER unencrypted PKCS#8 format private key:</p>
+
+<pre><code> openssl pkcs8 -inform DER -nocrypt -in key.der -out key.pem</code></pre>
+
+<p>Convert a private key from any PKCS#8 encrypted format to traditional format:</p>
+
+<pre><code> openssl pkcs8 -in pk8.pem -traditional -out key.pem</code></pre>
+
+<p>Convert a private key to PKCS#8 format, encrypting with AES-256 and with one million iterations of the password:</p>
+
+<pre><code> openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -iter 1000000 -out pk8.pem</code></pre>
+
+<h1 id="STANDARDS">STANDARDS</h1>
+
+<p>Test vectors from this PKCS#5 v2.0 implementation were posted to the pkcs-tng mailing list using triple DES, DES and RC2 with high iteration counts, several people confirmed that they could decrypt the private keys produced and Therefore it can be assumed that the PKCS#5 v2.0 implementation is reasonably accurate at least as far as these algorithms are concerned.</p>
+
+<p>The format of PKCS#8 DSA (and other) private keys is not well documented: it is hidden away in PKCS#11 v2.01, section 11.9. OpenSSL&#39;s default DSA PKCS#8 private key format complies with this standard.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option that prints out the encryption algorithm in use and other details such as the iteration count.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>-iter</b> option was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/pkey.html b/msys2/usr/share/doc/openssl/html/man1/pkey.html
new file mode 100644
index 000000000..50c30993b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/pkey.html
@@ -0,0 +1,185 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkey, pkey - public or private key processing tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkey</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-traditional</b>] [<b>-<i>cipher</i></b>] [<b>-text</b>] [<b>-text_pub</b>] [<b>-noout</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-engine id</b>] [<b>-check</b>] [<b>-pubcheck</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkey</b> command processes public or private keys. They can be converted between various forms and their components printed out.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format DER or PEM. The default format is PEM.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output if this option is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-password"><b>-passout password</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="traditional"><b>-traditional</b></dt>
+<dd>
+
+<p>Normally a private key is written using standard format: this is PKCS#8 form with the appropriate encryption algorithm (if any). If the <b>-traditional</b> option is specified then the older &quot;traditional&quot; format is used instead.</p>
+
+</dd>
+<dt id="cipher"><b>-<i>cipher</i></b></dt>
+<dd>
+
+<p>These options encrypt the private key with the supplied cipher. Any algorithm name accepted by EVP_get_cipherbyname() is acceptable such as <b>des3</b>.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the various public or private key components in plain text in addition to the encoded version.</p>
+
+</dd>
+<dt id="text_pub"><b>-text_pub</b></dt>
+<dd>
+
+<p>Print out only public key components even if a private key is being processed.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Do not output the encoded version of the key.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>By default a private key is read from the input file: with this option a public key is read instead.</p>
+
+</dd>
+<dt id="pubout"><b>-pubout</b></dt>
+<dd>
+
+<p>By default a private key is output: with this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkey</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>This option checks the consistency of a key pair for both public and private components.</p>
+
+</dd>
+<dt id="pubcheck"><b>-pubcheck</b></dt>
+<dd>
+
+<p>This option checks the correctness of either a public key or the public component of a key pair.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To remove the pass phrase on an RSA private key:</p>
+
+<pre><code> openssl pkey -in key.pem -out keyout.pem</code></pre>
+
+<p>To encrypt a private key using triple DES:</p>
+
+<pre><code> openssl pkey -in key.pem -des3 -out keyout.pem</code></pre>
+
+<p>To convert a private key from PEM to DER format:</p>
+
+<pre><code> openssl pkey -in key.pem -outform DER -out keyout.der</code></pre>
+
+<p>To print out the components of a private key to standard output:</p>
+
+<pre><code> openssl pkey -in key.pem -text -noout</code></pre>
+
+<p>To print out the public components of a private key to standard output:</p>
+
+<pre><code> openssl pkey -in key.pem -text_pub -noout</code></pre>
+
+<p>To just output the public part of a private key:</p>
+
+<pre><code> openssl pkey -in key.pem -pubout -out pubkey.pem</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/genpkey.html">genpkey(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/pkcs8.html">pkcs8(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/pkeyparam.html b/msys2/usr/share/doc/openssl/html/man1/pkeyparam.html
new file mode 100644
index 000000000..fe5659ebc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/pkeyparam.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkeyparam</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkeyparam, pkeyparam - public key algorithm parameter processing tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkeyparam</b> [<b>-help</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-engine id</b>] [<b>-check</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkeyparam</b> command processes public key algorithm parameters. They can be checked for correctness and their components printed out.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read parameters from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write parameters to or standard output if this option is not specified.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the parameters in plain text in addition to the encoded version.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Do not output the encoded version of the parameters.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkeyparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>This option checks the correctness of parameters.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Print out text version of parameters:</p>
+
+<pre><code> openssl pkeyparam -in param.pem -text</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>There are no <b>-inform</b> or <b>-outform</b> options for this command because only PEM format is supported because the key type is determined by the PEM headers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/genpkey.html">genpkey(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/pkcs8.html">pkcs8(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/pkeyutl.html b/msys2/usr/share/doc/openssl/html/man1/pkeyutl.html
new file mode 100644
index 000000000..0ba70762e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/pkeyutl.html
@@ -0,0 +1,331 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>pkeyutl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RSA-ALGORITHM">RSA ALGORITHM</a></li>
+  <li><a href="#RSA-PSS-ALGORITHM">RSA-PSS ALGORITHM</a></li>
+  <li><a href="#DSA-ALGORITHM">DSA ALGORITHM</a></li>
+  <li><a href="#DH-ALGORITHM">DH ALGORITHM</a></li>
+  <li><a href="#EC-ALGORITHM">EC ALGORITHM</a></li>
+  <li><a href="#X25519-and-X448-ALGORITHMS">X25519 and X448 ALGORITHMS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-pkeyutl, pkeyutl - public key algorithm utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>pkeyutl</b> [<b>-help</b>] [<b>-in file</b>] [<b>-out file</b>] [<b>-sigfile file</b>] [<b>-inkey file</b>] [<b>-keyform PEM|DER|ENGINE</b>] [<b>-passin arg</b>] [<b>-peerkey file</b>] [<b>-peerform PEM|DER|ENGINE</b>] [<b>-pubin</b>] [<b>-certin</b>] [<b>-rev</b>] [<b>-sign</b>] [<b>-verify</b>] [<b>-verifyrecover</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-derive</b>] [<b>-kdf algorithm</b>] [<b>-kdflen length</b>] [<b>-pkeyopt opt:value</b>] [<b>-hexdump</b>] [<b>-asn1parse</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>-engine_impl</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>pkeyutl</b> command can be used to perform low level public key operations using any supported algorithm.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read data from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="sigfile-file"><b>-sigfile file</b></dt>
+<dd>
+
+<p>Signature file, required for <b>verify</b> operations only</p>
+
+</dd>
+<dt id="inkey-file"><b>-inkey file</b></dt>
+<dd>
+
+<p>The input key file, by default it should be a private key.</p>
+
+</dd>
+<dt id="keyform-PEM-DER-ENGINE"><b>-keyform PEM|DER|ENGINE</b></dt>
+<dd>
+
+<p>The key format PEM, DER or ENGINE. Default is PEM.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="peerkey-file"><b>-peerkey file</b></dt>
+<dd>
+
+<p>The peer key file, used by key derivation (agreement) operations.</p>
+
+</dd>
+<dt id="peerform-PEM-DER-ENGINE"><b>-peerform PEM|DER|ENGINE</b></dt>
+<dd>
+
+<p>The peer key format PEM, DER or ENGINE. Default is PEM.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>The input file is a public key.</p>
+
+</dd>
+<dt id="certin"><b>-certin</b></dt>
+<dd>
+
+<p>The input is a certificate containing a public key.</p>
+
+</dd>
+<dt id="rev"><b>-rev</b></dt>
+<dd>
+
+<p>Reverse the order of the input buffer. This is useful for some libraries (such as CryptoAPI) which represent the buffer in little endian format.</p>
+
+</dd>
+<dt id="sign"><b>-sign</b></dt>
+<dd>
+
+<p>Sign the input data (which must be a hash) and output the signed result. This requires a private key.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verify the input data (which must be a hash) against the signature file and indicate if the verification succeeded or failed.</p>
+
+</dd>
+<dt id="verifyrecover"><b>-verifyrecover</b></dt>
+<dd>
+
+<p>Verify the input data (which must be a hash) and output the recovered data.</p>
+
+</dd>
+<dt id="encrypt"><b>-encrypt</b></dt>
+<dd>
+
+<p>Encrypt the input data using a public key.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Decrypt the input data using a private key.</p>
+
+</dd>
+<dt id="derive"><b>-derive</b></dt>
+<dd>
+
+<p>Derive a shared secret using the peer key.</p>
+
+</dd>
+<dt id="kdf-algorithm"><b>-kdf algorithm</b></dt>
+<dd>
+
+<p>Use key derivation function <b>algorithm</b>. The supported algorithms are at present <b>TLS1-PRF</b> and <b>HKDF</b>. Note: additional parameters and the KDF output length will normally have to be set for this to work. See <a href="../man3/EVP_PKEY_CTX_set_hkdf_md.html">EVP_PKEY_CTX_set_hkdf_md(3)</a> and <a href="../man3/EVP_PKEY_CTX_set_tls1_prf_md.html">EVP_PKEY_CTX_set_tls1_prf_md(3)</a> for the supported string parameters of each algorithm.</p>
+
+</dd>
+<dt id="kdflen-length"><b>-kdflen length</b></dt>
+<dd>
+
+<p>Set the output length for KDF.</p>
+
+</dd>
+<dt id="pkeyopt-opt:value"><b>-pkeyopt opt:value</b></dt>
+<dd>
+
+<p>Public key options specified as opt:value. See NOTES below for more details.</p>
+
+</dd>
+<dt id="hexdump"><b>-hexdump</b></dt>
+<dd>
+
+<p>hex dump the output data.</p>
+
+</dd>
+<dt id="asn1parse"><b>-asn1parse</b></dt>
+<dd>
+
+<p>Parse the ASN.1 output data, this is useful when combined with the <b>-verifyrecover</b> option when an ASN1 structure is signed.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>pkeyutl</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="engine_impl"><b>-engine_impl</b></dt>
+<dd>
+
+<p>When used with the <b>-engine</b> option, it specifies to also use engine <b>id</b> for crypto operations.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The operations and options supported vary according to the key algorithm and its implementation. The OpenSSL operations and options are indicated below.</p>
+
+<p>Unless otherwise mentioned all algorithms support the <b>digest:alg</b> option which specifies the digest in use for sign, verify and verifyrecover operations. The value <b>alg</b> should represent a digest name as used in the EVP_get_digestbyname() function for example <b>sha1</b>. This value is not used to hash the input data. It is used (by some algorithms) for sanity-checking the lengths of data passed in to the <b>pkeyutl</b> and for creating the structures that make up the signature (e.g. <b>DigestInfo</b> in RSASSA PKCS#1 v1.5 signatures).</p>
+
+<p>This utility does not hash the input data but rather it will use the data directly as input to the signature algorithm. Depending on the key type, signature type, and mode of padding, the maximum acceptable lengths of input data differ. The signed data can&#39;t be longer than the key modulus with RSA. In case of ECDSA and DSA the data shouldn&#39;t be longer than the field size, otherwise it will be silently truncated to the field size. In any event the input size must not be larger than the largest supported digest size.</p>
+
+<p>In other words, if the value of digest is <b>sha1</b> the input should be the 20 bytes long binary encoding of the SHA-1 hash function output.</p>
+
+<p>The Ed25519 and Ed448 signature algorithms are not supported by this utility. They accept non-hashed input, but this utility can only be used to sign hashed input.</p>
+
+<h1 id="RSA-ALGORITHM">RSA ALGORITHM</h1>
+
+<p>The RSA algorithm generally supports the encrypt, decrypt, sign, verify and verifyrecover operations. However, some padding modes support only a subset of these operations. The following additional <b>pkeyopt</b> values are supported:</p>
+
+<dl>
+
+<dt id="rsa_padding_mode:mode"><b>rsa_padding_mode:mode</b></dt>
+<dd>
+
+<p>This sets the RSA padding mode. Acceptable values for <b>mode</b> are <b>pkcs1</b> for PKCS#1 padding, <b>sslv23</b> for SSLv23 padding, <b>none</b> for no padding, <b>oaep</b> for <b>OAEP</b> mode, <b>x931</b> for X9.31 mode and <b>pss</b> for PSS.</p>
+
+<p>In PKCS#1 padding if the message digest is not set then the supplied data is signed or verified directly instead of using a <b>DigestInfo</b> structure. If a digest is set then the a <b>DigestInfo</b> structure is used and its the length must correspond to the digest type.</p>
+
+<p>For <b>oaep</b> mode only encryption and decryption is supported.</p>
+
+<p>For <b>x931</b> if the digest type is set it is used to format the block data otherwise the first byte is used to specify the X9.31 digest ID. Sign, verify and verifyrecover are can be performed in this mode.</p>
+
+<p>For <b>pss</b> mode only sign and verify are supported and the digest type must be specified.</p>
+
+</dd>
+<dt id="rsa_pss_saltlen:len"><b>rsa_pss_saltlen:len</b></dt>
+<dd>
+
+<p>For <b>pss</b> mode only this option specifies the salt length. Three special values are supported: &quot;digest&quot; sets the salt length to the digest length, &quot;max&quot; sets the salt length to the maximum permissible value. When verifying &quot;auto&quot; causes the salt length to be automatically determined based on the <b>PSS</b> block structure.</p>
+
+</dd>
+<dt id="rsa_mgf1_md:digest"><b>rsa_mgf1_md:digest</b></dt>
+<dd>
+
+<p>For PSS and OAEP padding sets the MGF1 digest. If the MGF1 digest is not explicitly set in PSS mode then the signing digest is used.</p>
+
+</dd>
+</dl>
+
+<h1 id="RSA-PSS-ALGORITHM">RSA-PSS ALGORITHM</h1>
+
+<p>The RSA-PSS algorithm is a restricted version of the RSA algorithm which only supports the sign and verify operations with PSS padding. The following additional <b>pkeyopt</b> values are supported:</p>
+
+<dl>
+
+<dt id="rsa_padding_mode:mode-rsa_pss_saltlen:len-rsa_mgf1_md:digest"><b>rsa_padding_mode:mode</b>, <b>rsa_pss_saltlen:len</b>, <b>rsa_mgf1_md:digest</b></dt>
+<dd>
+
+<p>These have the same meaning as the <b>RSA</b> algorithm with some additional restrictions. The padding mode can only be set to <b>pss</b> which is the default value.</p>
+
+<p>If the key has parameter restrictions than the digest, MGF1 digest and salt length are set to the values specified in the parameters. The digest and MG cannot be changed and the salt length cannot be set to a value less than the minimum restriction.</p>
+
+</dd>
+</dl>
+
+<h1 id="DSA-ALGORITHM">DSA ALGORITHM</h1>
+
+<p>The DSA algorithm supports signing and verification operations only. Currently there are no additional options other than <b>digest</b>. Only the SHA1 digest can be used and this digest is assumed by default.</p>
+
+<h1 id="DH-ALGORITHM">DH ALGORITHM</h1>
+
+<p>The DH algorithm only supports the derivation operation and no additional options.</p>
+
+<h1 id="EC-ALGORITHM">EC ALGORITHM</h1>
+
+<p>The EC algorithm supports sign, verify and derive operations. The sign and verify operations use ECDSA and derive uses ECDH. Currently there are no additional options other than <b>digest</b>. Only the SHA1 digest can be used and this digest is assumed by default.</p>
+
+<h1 id="X25519-and-X448-ALGORITHMS">X25519 and X448 ALGORITHMS</h1>
+
+<p>The X25519 and X448 algorithms support key derivation only. Currently there are no additional options.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Sign some data using a private key:</p>
+
+<pre><code> openssl pkeyutl -sign -in file -inkey key.pem -out sig</code></pre>
+
+<p>Recover the signed data (e.g. if an RSA key is used):</p>
+
+<pre><code> openssl pkeyutl -verifyrecover -in sig -inkey key.pem</code></pre>
+
+<p>Verify the signature (e.g. a DSA key):</p>
+
+<pre><code> openssl pkeyutl -verify -in file -sigfile sig -inkey key.pem</code></pre>
+
+<p>Sign data using a message digest value (this is currently only valid for RSA):</p>
+
+<pre><code> openssl pkeyutl -sign -in file -inkey key.pem -out sig -pkeyopt digest:sha256</code></pre>
+
+<p>Derive a shared secret value:</p>
+
+<pre><code> openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret</code></pre>
+
+<p>Hexdump 48 bytes of TLS1 PRF using digest <b>SHA256</b> and shared secret and seed consisting of the single byte 0xFF:</p>
+
+<pre><code> openssl pkeyutl -kdf TLS1-PRF -kdflen 48 -pkeyopt md:SHA256 \
+    -pkeyopt hexsecret:ff -pkeyopt hexseed:ff -hexdump</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/genpkey.html">genpkey(1)</a>, <a href="../man1/pkey.html">pkey(1)</a>, <a href="../man1/rsautl.html">rsautl(1)</a> <a href="../man1/dgst.html">dgst(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man3/EVP_PKEY_CTX_set_hkdf_md.html">EVP_PKEY_CTX_set_hkdf_md(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_tls1_prf_md.html">EVP_PKEY_CTX_set_tls1_prf_md(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/prime.html b/msys2/usr/share/doc/openssl/html/man1/prime.html
new file mode 100644
index 000000000..37e03e9b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/prime.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-prime, prime - compute prime numbers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl prime</b> [<b>-help</b>] [<b>-hex</b>] [<b>-generate</b>] [<b>-bits</b>] [<b>-safe</b>] [<b>-checks</b>] [<i>number...</i>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>prime</b> command checks if the specified numbers are prime.</p>
+
+<p>If no numbers are given on the command line, the <b>-generate</b> flag should be used to generate primes according to the requirements specified by the rest of the flags.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help">[<b>-help</b>]</dt>
+<dd>
+
+<p>Display an option summary.</p>
+
+</dd>
+<dt id="hex">[<b>-hex</b>]</dt>
+<dd>
+
+<p>Generate hex output.</p>
+
+</dd>
+<dt id="generate">[<b>-generate</b>]</dt>
+<dd>
+
+<p>Generate a prime number.</p>
+
+</dd>
+<dt id="bits-num">[<b>-bits num</b>]</dt>
+<dd>
+
+<p>Generate a prime with <b>num</b> bits.</p>
+
+</dd>
+<dt id="safe">[<b>-safe</b>]</dt>
+<dd>
+
+<p>When used with <b>-generate</b>, generates a &quot;safe&quot; prime. If the number generated is <b>n</b>, then check that <b>(n-1)/2</b> is also prime.</p>
+
+</dd>
+<dt id="checks-num">[<b>-checks num</b>]</dt>
+<dd>
+
+<p>Perform the checks <b>num</b> times to see that the generated number is prime. The default is 20.</p>
+
+</dd>
+</dl>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/rand.html b/msys2/usr/share/doc/openssl/html/man1/rand.html
new file mode 100644
index 000000000..6a57eadc7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/rand.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rand</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-rand, rand - generate pseudo-random bytes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl rand</b> [<b>-help</b>] [<b>-out</b> <i>file</i>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-base64</b>] [<b>-hex</b>] <i>num</i></p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>rand</b> command outputs <i>num</i> pseudo-random bytes after seeding the random number generator once. As in other <b>openssl</b> command line tools, PRNG seeding uses the file <i>$HOME/</i><b>.rnd</b> or <b>.rnd</b> in addition to the files given in the <b>-rand</b> option. A new <i>$HOME</i>/<b>.rnd</b> or <b>.rnd</b> file will be written back if enough seeding was obtained from these sources.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-file"><b>-out file</b></dt>
+<dd>
+
+<p>Write to <i>file</i> instead of standard output.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="base64"><b>-base64</b></dt>
+<dd>
+
+<p>Perform base64 encoding on the output.</p>
+
+</dd>
+<dt id="hex"><b>-hex</b></dt>
+<dd>
+
+<p>Show the output as a hex string.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/rehash.html b/msys2/usr/share/doc/openssl/html/man1/rehash.html
new file mode 100644
index 000000000..5b31c5996
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/rehash.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rehash</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Script-Configuration">Script Configuration</a></li>
+    </ul>
+  </li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-c_rehash, openssl-rehash, c_rehash, rehash - Create symbolic links to files named by the hash values</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>rehash</b> <b>[-h]</b> <b>[-help]</b> <b>[-old]</b> <b>[-n]</b> <b>[-v]</b> [ <i>directory</i>...]</p>
+
+<p><b>c_rehash</b> <i>flags...</i></p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>On some platforms, the OpenSSL <b>rehash</b> command is available as an external script called <b>c_rehash</b>. They are functionally equivalent, except for minor differences noted below.</p>
+
+<p><b>rehash</b> scans directories and calculates a hash value of each <code>.pem</code>, <code>.crt</code>, <code>.cer</code>, or <code>.crl</code> file in the specified directory list and creates symbolic links for each file, where the name of the link is the hash value. (If the platform does not support symbolic links, a copy is made.) This utility is useful as many programs that use OpenSSL require directories to be set up like this in order to find certificates.</p>
+
+<p>If any directories are named on the command line, then those are processed in turn. If not, then the <b>SSL_CERT_DIR</b> environment variable is consulted; this should be a colon-separated list of directories, like the Unix <b>PATH</b> variable. If that is not set then the default directory (installation-specific but often <b>/usr/local/ssl/certs</b>) is processed.</p>
+
+<p>In order for a directory to be processed, the user must have write permissions on that directory, otherwise an error will be generated.</p>
+
+<p>The links created are of the form <code>HHHHHHHH.D</code>, where each <b>H</b> is a hexadecimal character and <b>D</b> is a single decimal digit. When processing a directory, <b>rehash</b> will first remove all links that have a name in that syntax, even if they are being used for some other purpose. To skip the removal step, use the <b>-n</b> flag. Hashes for CRL&#39;s look similar except the letter <b>r</b> appears after the period, like this: <code>HHHHHHHH.rD</code>.</p>
+
+<p>Multiple objects may have the same hash; they will be indicated by incrementing the <b>D</b> value. Duplicates are found by comparing the full SHA-1 fingerprint. A warning will be displayed if a duplicate is found.</p>
+
+<p>A warning will also be displayed if there are files that cannot be parsed as either a certificate or a CRL or if more than one such object appears in the file.</p>
+
+<h2 id="Script-Configuration">Script Configuration</h2>
+
+<p>The <b>c_rehash</b> script uses the <b>openssl</b> program to compute the hashes and fingerprints. If not found in the user&#39;s <b>PATH</b>, then set the <b>OPENSSL</b> environment variable to the full pathname. Any program can be used, it will be invoked as follows for either a certificate or CRL:</p>
+
+<pre><code>  $OPENSSL x509 -hash -fingerprint -noout -in FILENAME
+  $OPENSSL crl -hash -fingerprint -noout -in FILENAME</code></pre>
+
+<p>where <b>FILENAME</b> is the filename. It must output the hash of the file on the first line, and the fingerprint on the second, optionally prefixed with some text and an equals sign.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help--h"><b>-help</b> <b>-h</b></dt>
+<dd>
+
+<p>Display a brief usage message.</p>
+
+</dd>
+<dt id="old"><b>-old</b></dt>
+<dd>
+
+<p>Use old-style hashing (MD5, as opposed to SHA-1) for generating links to be used for releases before 1.0.0. Note that current versions will not use the old style.</p>
+
+</dd>
+<dt id="n"><b>-n</b></dt>
+<dd>
+
+<p>Do not remove existing links. This is needed when keeping new and old-style links in the same directory.</p>
+
+</dd>
+<dt id="compat"><b>-compat</b></dt>
+<dd>
+
+<p>Generate links for both old-style (MD5) and new-style (SHA1) hashing. This allows releases before 1.0.0 to use these links along-side newer releases.</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>Print messages about old links removed and new links created. By default, <b>rehash</b> only lists each directory as it is processed.</p>
+
+</dd>
+</dl>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL"><b>OPENSSL</b></dt>
+<dd>
+
+<p>The path to an executable to use to generate hashes and fingerprints (see above).</p>
+
+</dd>
+<dt id="SSL_CERT_DIR"><b>SSL_CERT_DIR</b></dt>
+<dd>
+
+<p>Colon separated list of directories to operate on. Ignored if directories are listed on the command line.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man1/crl.html">crl(1)</a>. <a href="../man1/x509.html">x509(1)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/req.html b/msys2/usr/share/doc/openssl/html/man1/req.html
new file mode 100644
index 000000000..aaa3f33e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/req.html
@@ -0,0 +1,606 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>req</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CONFIGURATION-FILE-FORMAT">CONFIGURATION FILE FORMAT</a></li>
+  <li><a href="#DISTINGUISHED-NAME-AND-ATTRIBUTE-SECTION-FORMAT">DISTINGUISHED NAME AND ATTRIBUTE SECTION FORMAT</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#DIAGNOSTICS">DIAGNOSTICS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-req, req - PKCS#10 certificate request and certificate generating utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>req</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-text</b>] [<b>-pubkey</b>] [<b>-noout</b>] [<b>-verify</b>] [<b>-modulus</b>] [<b>-new</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-newkey rsa:bits</b>] [<b>-newkey alg:file</b>] [<b>-nodes</b>] [<b>-key filename</b>] [<b>-keyform PEM|DER</b>] [<b>-keyout filename</b>] [<b>-keygen_engine id</b>] [<b>-<i>digest</i></b>] [<b>-config filename</b>] [<b>-multivalue-rdn</b>] [<b>-x509</b>] [<b>-days n</b>] [<b>-set_serial n</b>] [<b>-newhdr</b>] [<b>-addext ext</b>] [<b>-extensions section</b>] [<b>-reqexts section</b>] [<b>-precert</b>] [<b>-utf8</b>] [<b>-nameopt</b>] [<b>-reqopt</b>] [<b>-subject</b>] [<b>-subj arg</b>] [<b>-batch</b>] [<b>-verbose</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>req</b> command primarily creates and processes certificate requests in PKCS#10 format. It can additionally create self signed certificates for use as root CAs for example.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with the PKCS#10. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a request from or standard input if this option is not specified. A request is only read if the creation options (<b>-new</b> and <b>-newkey</b>) are not specified.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="passout-arg"><b>-passout arg</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the certificate request in text form.</p>
+
+</dd>
+<dt id="subject"><b>-subject</b></dt>
+<dd>
+
+<p>Prints out the request subject (or certificate subject if <b>-x509</b> is specified)</p>
+
+</dd>
+<dt id="pubkey"><b>-pubkey</b></dt>
+<dd>
+
+<p>Outputs the public key.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the request.</p>
+
+</dd>
+<dt id="modulus"><b>-modulus</b></dt>
+<dd>
+
+<p>This option prints out the value of the modulus of the public key contained in the request.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verifies the signature on the request.</p>
+
+</dd>
+<dt id="new"><b>-new</b></dt>
+<dd>
+
+<p>This option generates a new certificate request. It will prompt the user for the relevant field values. The actual fields prompted for and their maximum and minimum sizes are specified in the configuration file and any requested extensions.</p>
+
+<p>If the <b>-key</b> option is not used it will generate a new RSA private key using information specified in the configuration file.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="newkey-arg"><b>-newkey arg</b></dt>
+<dd>
+
+<p>This option creates a new certificate request and a new private key. The argument takes one of several forms. <b>rsa:nbits</b>, where <b>nbits</b> is the number of bits, generates an RSA key <b>nbits</b> in size. If <b>nbits</b> is omitted, i.e. <b>-newkey rsa</b> specified, the default key size, specified in the configuration file is used.</p>
+
+<p>All other algorithms support the <b>-newkey alg:file</b> form, where file may be an algorithm parameter file, created by the <b>genpkey -genparam</b> command or and X.509 certificate for a key with appropriate algorithm.</p>
+
+<p><b>param:file</b> generates a key using the parameter file or certificate <b>file</b>, the algorithm is determined by the parameters. <b>algname:file</b> use algorithm <b>algname</b> and parameter file <b>file</b>: the two algorithms must match or an error occurs. <b>algname</b> just uses algorithm <b>algname</b>, and parameters, if necessary should be specified via <b>-pkeyopt</b> parameter.</p>
+
+<p><b>dsa:filename</b> generates a DSA key using the parameters in the file <b>filename</b>. <b>ec:filename</b> generates EC key (usable both with ECDSA or ECDH algorithms), <b>gost2001:filename</b> generates GOST R 34.10-2001 key (requires <b>ccgost</b> engine configured in the configuration file). If just <b>gost2001</b> is specified a parameter set should be specified by <b>-pkeyopt paramset:X</b></p>
+
+</dd>
+<dt id="pkeyopt-opt:value"><b>-pkeyopt opt:value</b></dt>
+<dd>
+
+<p>Set the public key algorithm option <b>opt</b> to <b>value</b>. The precise set of options supported depends on the public key algorithm used and its implementation. See <b>KEY GENERATION OPTIONS</b> in the <b>genpkey</b> manual page for more details.</p>
+
+</dd>
+<dt id="key-filename"><b>-key filename</b></dt>
+<dd>
+
+<p>This specifies the file to read the private key from. It also accepts PKCS#8 format private keys for PEM format files.</p>
+
+</dd>
+<dt id="keyform-PEM-DER"><b>-keyform PEM|DER</b></dt>
+<dd>
+
+<p>The format of the private key file specified in the <b>-key</b> argument. PEM is the default.</p>
+
+</dd>
+<dt id="keyout-filename"><b>-keyout filename</b></dt>
+<dd>
+
+<p>This gives the filename to write the newly created private key to. If this option is not specified then the filename present in the configuration file is used.</p>
+
+</dd>
+<dt id="nodes"><b>-nodes</b></dt>
+<dd>
+
+<p>If this option is specified then if a private key is created it will not be encrypted.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>This specifies the message digest to sign the request. Any digest supported by the OpenSSL <b>dgst</b> command can be used. This overrides the digest algorithm specified in the configuration file.</p>
+
+<p>Some public key algorithms may override this choice. For instance, DSA signatures always use SHA1, GOST R 34.10 signatures always use GOST R 34.11-94 (<b>-md_gost94</b>), Ed25519 and Ed448 never use any digest.</p>
+
+</dd>
+<dt id="config-filename"><b>-config filename</b></dt>
+<dd>
+
+<p>This allows an alternative configuration file to be specified. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>.</p>
+
+</dd>
+<dt id="subj-arg"><b>-subj arg</b></dt>
+<dd>
+
+<p>Sets subject name for new request or supersedes the subject name when processing a request. The arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>. Keyword characters may be escaped by \ (backslash), and whitespace is retained. Empty values are permitted, but the corresponding type will not be included in the request.</p>
+
+</dd>
+<dt id="multivalue-rdn"><b>-multivalue-rdn</b></dt>
+<dd>
+
+<p>This option causes the -subj argument to be interpreted with full support for multivalued RDNs. Example:</p>
+
+<p><i>/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe</i></p>
+
+<p>If -multi-rdn is not used then the UID value is <i>123456+CN=John Doe</i>.</p>
+
+</dd>
+<dt id="x509"><b>-x509</b></dt>
+<dd>
+
+<p>This option outputs a self signed certificate instead of a certificate request. This is typically used to generate a test certificate or a self signed root CA. The extensions added to the certificate (if any) are specified in the configuration file. Unless specified using the <b>set_serial</b> option, a large random number will be used for the serial number.</p>
+
+<p>If existing request is specified with the <b>-in</b> option, it is converted to the self signed certificate otherwise new request is created.</p>
+
+</dd>
+<dt id="days-n"><b>-days n</b></dt>
+<dd>
+
+<p>When the <b>-x509</b> option is being used this specifies the number of days to certify the certificate for, otherwise it is ignored. <b>n</b> should be a positive integer. The default is 30 days.</p>
+
+</dd>
+<dt id="set_serial-n"><b>-set_serial n</b></dt>
+<dd>
+
+<p>Serial number to use when outputting a self signed certificate. This may be specified as a decimal value or a hex value if preceded by <b>0x</b>.</p>
+
+</dd>
+<dt id="addext-ext"><b>-addext ext</b></dt>
+<dd>
+
+<p>Add a specific extension to the certificate (if the <b>-x509</b> option is present) or certificate request. The argument must have the form of a key=value pair as it would appear in a config file.</p>
+
+<p>This option can be given multiple times.</p>
+
+</dd>
+<dt id="extensions-section"><b>-extensions section</b></dt>
+<dd>
+
+</dd>
+<dt id="reqexts-section"><b>-reqexts section</b></dt>
+<dd>
+
+<p>These options specify alternative sections to include certificate extensions (if the <b>-x509</b> option is present) or certificate request extensions. This allows several different sections to be used in the same configuration file to specify requests for a variety of purposes.</p>
+
+</dd>
+<dt id="precert"><b>-precert</b></dt>
+<dd>
+
+<p>A poison extension will be added to the certificate, making it a &quot;pre-certificate&quot; (see RFC6962). This can be submitted to Certificate Transparency logs in order to obtain signed certificate timestamps (SCTs). These SCTs can then be embedded into the pre-certificate as an extension, before removing the poison and signing the certificate.</p>
+
+<p>This implies the <b>-new</b> flag.</p>
+
+</dd>
+<dt id="utf8"><b>-utf8</b></dt>
+<dd>
+
+<p>This option causes field values to be interpreted as UTF8 strings, by default they are interpreted as ASCII. This means that the field values, whether prompted from a terminal or obtained from a configuration file, must be valid UTF8 strings.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="reqopt"><b>-reqopt</b></dt>
+<dd>
+
+<p>Customise the output format used with <b>-text</b>. The <b>option</b> argument can be a single option or multiple options separated by commas.</p>
+
+<p>See discussion of the <b>-certopt</b> parameter in the <a href="../man1/x509.html">x509(1)</a> command.</p>
+
+</dd>
+<dt id="newhdr"><b>-newhdr</b></dt>
+<dd>
+
+<p>Adds the word <b>NEW</b> to the PEM file header and footer lines on the outputted request. Some software (Netscape certificate server) and some CAs need this.</p>
+
+</dd>
+<dt id="batch"><b>-batch</b></dt>
+<dd>
+
+<p>Non-interactive mode.</p>
+
+</dd>
+<dt id="verbose"><b>-verbose</b></dt>
+<dd>
+
+<p>Print extra details about the operations being performed.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>req</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="keygen_engine-id"><b>-keygen_engine id</b></dt>
+<dd>
+
+<p>Specifies an engine (by its unique <b>id</b> string) which would be used for key generation operations.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONFIGURATION-FILE-FORMAT">CONFIGURATION FILE FORMAT</h1>
+
+<p>The configuration options are specified in the <b>req</b> section of the configuration file. As with all configuration files if no value is specified in the specific section (i.e. <b>req</b>) then the initial unnamed or <b>default</b> section is searched too.</p>
+
+<p>The options available are described in detail below.</p>
+
+<dl>
+
+<dt id="input_password-output_password"><b>input_password output_password</b></dt>
+<dd>
+
+<p>The passwords for the input private key file (if present) and the output private key file (if one will be created). The command line options <b>passin</b> and <b>passout</b> override the configuration file values.</p>
+
+</dd>
+<dt id="default_bits"><b>default_bits</b></dt>
+<dd>
+
+<p>Specifies the default key size in bits.</p>
+
+<p>This option is used in conjunction with the <b>-new</b> option to generate a new key. It can be overridden by specifying an explicit key size in the <b>-newkey</b> option. The smallest accepted key size is 512 bits. If no key size is specified then 2048 bits is used.</p>
+
+</dd>
+<dt id="default_keyfile"><b>default_keyfile</b></dt>
+<dd>
+
+<p>This is the default filename to write a private key to. If not specified the key is written to standard output. This can be overridden by the <b>-keyout</b> option.</p>
+
+</dd>
+<dt id="oid_file"><b>oid_file</b></dt>
+<dd>
+
+<p>This specifies a file containing additional <b>OBJECT IDENTIFIERS</b>. Each line of the file should consist of the numerical form of the object identifier followed by white space then the short name followed by white space and finally the long name.</p>
+
+</dd>
+<dt id="oid_section"><b>oid_section</b></dt>
+<dd>
+
+<p>This specifies a section in the configuration file containing extra object identifiers. Each line should consist of the short name of the object identifier followed by <b>=</b> and the numerical form. The short and long names are the same when this option is used.</p>
+
+</dd>
+<dt id="RANDFILE"><b>RANDFILE</b></dt>
+<dd>
+
+<p>At startup the specified file is loaded into the random number generator, and at exit 256 bytes will be written to it. It is used for private key generation.</p>
+
+</dd>
+<dt id="encrypt_key"><b>encrypt_key</b></dt>
+<dd>
+
+<p>If this is set to <b>no</b> then if a private key is generated it is <b>not</b> encrypted. This is equivalent to the <b>-nodes</b> command line option. For compatibility <b>encrypt_rsa_key</b> is an equivalent option.</p>
+
+</dd>
+<dt id="default_md"><b>default_md</b></dt>
+<dd>
+
+<p>This option specifies the digest algorithm to use. Any digest supported by the OpenSSL <b>dgst</b> command can be used. This option can be overridden on the command line. Certain signing algorithms (i.e. Ed25519 and Ed448) will ignore any digest that has been set.</p>
+
+</dd>
+<dt id="string_mask"><b>string_mask</b></dt>
+<dd>
+
+<p>This option masks out the use of certain string types in certain fields. Most users will not need to change this option.</p>
+
+<p>It can be set to several values <b>default</b> which is also the default option uses PrintableStrings, T61Strings and BMPStrings if the <b>pkix</b> value is used then only PrintableStrings and BMPStrings will be used. This follows the PKIX recommendation in RFC2459. If the <b>utf8only</b> option is used then only UTF8Strings will be used: this is the PKIX recommendation in RFC2459 after 2003. Finally the <b>nombstr</b> option just uses PrintableStrings and T61Strings: certain software has problems with BMPStrings and UTF8Strings: in particular Netscape.</p>
+
+</dd>
+<dt id="req_extensions"><b>req_extensions</b></dt>
+<dd>
+
+<p>This specifies the configuration file section containing a list of extensions to add to the certificate request. It can be overridden by the <b>-reqexts</b> command line switch. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
+
+</dd>
+<dt id="x509_extensions"><b>x509_extensions</b></dt>
+<dd>
+
+<p>This specifies the configuration file section containing a list of extensions to add to certificate generated when the <b>-x509</b> switch is used. It can be overridden by the <b>-extensions</b> command line switch.</p>
+
+</dd>
+<dt id="prompt"><b>prompt</b></dt>
+<dd>
+
+<p>If set to the value <b>no</b> this disables prompting of certificate fields and just takes values from the config file directly. It also changes the expected format of the <b>distinguished_name</b> and <b>attributes</b> sections.</p>
+
+</dd>
+<dt id="utf81"><b>utf8</b></dt>
+<dd>
+
+<p>If set to the value <b>yes</b> then field values to be interpreted as UTF8 strings, by default they are interpreted as ASCII. This means that the field values, whether prompted from a terminal or obtained from a configuration file, must be valid UTF8 strings.</p>
+
+</dd>
+<dt id="attributes"><b>attributes</b></dt>
+<dd>
+
+<p>This specifies the section containing any request attributes: its format is the same as <b>distinguished_name</b>. Typically these may contain the challengePassword or unstructuredName types. They are currently ignored by OpenSSL&#39;s request signing utilities but some CAs might want them.</p>
+
+</dd>
+<dt id="distinguished_name"><b>distinguished_name</b></dt>
+<dd>
+
+<p>This specifies the section containing the distinguished name fields to prompt for when generating a certificate or certificate request. The format is described in the next section.</p>
+
+</dd>
+</dl>
+
+<h1 id="DISTINGUISHED-NAME-AND-ATTRIBUTE-SECTION-FORMAT">DISTINGUISHED NAME AND ATTRIBUTE SECTION FORMAT</h1>
+
+<p>There are two separate formats for the distinguished name and attribute sections. If the <b>prompt</b> option is set to <b>no</b> then these sections just consist of field names and values: for example,</p>
+
+<pre><code> CN=My Name
+ OU=My Organization
+ emailAddress=someone@somewhere.org</code></pre>
+
+<p>This allows external programs (e.g. GUI based) to generate a template file with all the field names and values and just pass it to <b>req</b>. An example of this kind of configuration file is contained in the <b>EXAMPLES</b> section.</p>
+
+<p>Alternatively if the <b>prompt</b> option is absent or not set to <b>no</b> then the file contains field prompting information. It consists of lines of the form:</p>
+
+<pre><code> fieldName=&quot;prompt&quot;
+ fieldName_default=&quot;default field value&quot;
+ fieldName_min= 2
+ fieldName_max= 4</code></pre>
+
+<p>&quot;fieldName&quot; is the field name being used, for example commonName (or CN). The &quot;prompt&quot; string is used to ask the user to enter the relevant details. If the user enters nothing then the default value is used if no default value is present then the field is omitted. A field can still be omitted if a default value is present if the user just enters the &#39;.&#39; character.</p>
+
+<p>The number of characters entered must be between the fieldName_min and fieldName_max limits: there may be additional restrictions based on the field being used (for example countryName can only ever be two characters long and must fit in a PrintableString).</p>
+
+<p>Some fields (such as organizationName) can be used more than once in a DN. This presents a problem because configuration files will not recognize the same name occurring twice. To avoid this problem if the fieldName contains some characters followed by a full stop they will be ignored. So for example a second organizationName can be input by calling it &quot;1.organizationName&quot;.</p>
+
+<p>The actual permitted field names are any object identifier short or long names. These are compiled into OpenSSL and include the usual values such as commonName, countryName, localityName, organizationName, organizationalUnitName, stateOrProvinceName. Additionally emailAddress is included as well as name, surname, givenName, initials, and dnQualifier.</p>
+
+<p>Additional object identifiers can be defined with the <b>oid_file</b> or <b>oid_section</b> options in the configuration file. Any additional fields will be treated as though they were a DirectoryString.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Examine and verify certificate request:</p>
+
+<pre><code> openssl req -in req.pem -text -verify -noout</code></pre>
+
+<p>Create a private key and then generate a certificate request from it:</p>
+
+<pre><code> openssl genrsa -out key.pem 2048
+ openssl req -new -key key.pem -out req.pem</code></pre>
+
+<p>The same but just using req:</p>
+
+<pre><code> openssl req -newkey rsa:2048 -keyout key.pem -out req.pem</code></pre>
+
+<p>Generate a self signed root certificate:</p>
+
+<pre><code> openssl req -x509 -newkey rsa:2048 -keyout key.pem -out req.pem</code></pre>
+
+<p>Example of a file pointed to by the <b>oid_file</b> option:</p>
+
+<pre><code> 1.2.3.4        shortName       A longer Name
+ 1.2.3.6        otherName       Other longer Name</code></pre>
+
+<p>Example of a section pointed to by <b>oid_section</b> making use of variable expansion:</p>
+
+<pre><code> testoid1=1.2.3.5
+ testoid2=${testoid1}.6</code></pre>
+
+<p>Sample configuration file prompting for field values:</p>
+
+<pre><code> [ req ]
+ default_bits           = 2048
+ default_keyfile        = privkey.pem
+ distinguished_name     = req_distinguished_name
+ attributes             = req_attributes
+ req_extensions         = v3_ca
+
+ dirstring_type = nobmp
+
+ [ req_distinguished_name ]
+ countryName                    = Country Name (2 letter code)
+ countryName_default            = AU
+ countryName_min                = 2
+ countryName_max                = 2
+
+ localityName                   = Locality Name (eg, city)
+
+ organizationalUnitName         = Organizational Unit Name (eg, section)
+
+ commonName                     = Common Name (eg, YOUR name)
+ commonName_max                 = 64
+
+ emailAddress                   = Email Address
+ emailAddress_max               = 40
+
+ [ req_attributes ]
+ challengePassword              = A challenge password
+ challengePassword_min          = 4
+ challengePassword_max          = 20
+
+ [ v3_ca ]
+
+ subjectKeyIdentifier=hash
+ authorityKeyIdentifier=keyid:always,issuer:always
+ basicConstraints = critical, CA:true</code></pre>
+
+<p>Sample configuration containing all field values:</p>
+
+<pre><code> RANDFILE               = $ENV::HOME/.rnd
+
+ [ req ]
+ default_bits           = 2048
+ default_keyfile        = keyfile.pem
+ distinguished_name     = req_distinguished_name
+ attributes             = req_attributes
+ prompt                 = no
+ output_password        = mypass
+
+ [ req_distinguished_name ]
+ C                      = GB
+ ST                     = Test State or Province
+ L                      = Test Locality
+ O                      = Organization Name
+ OU                     = Organizational Unit Name
+ CN                     = Common Name
+ emailAddress           = test@email.address
+
+ [ req_attributes ]
+ challengePassword              = A challenge password</code></pre>
+
+<p>Example of giving the most common attributes (subject and extensions) on the command line:</p>
+
+<pre><code> openssl req -new -subj &quot;/C=GB/CN=foo&quot; \
+                  -addext &quot;subjectAltName = DNS:foo.co.uk&quot; \
+                  -addext &quot;certificatePolicies = 1.2.3.4&quot; \
+                  -newkey rsa:2048 -keyout key.pem -out req.pem</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The header and footer lines in the <b>PEM</b> format are normally:</p>
+
+<pre><code> -----BEGIN CERTIFICATE REQUEST-----
+ -----END CERTIFICATE REQUEST-----</code></pre>
+
+<p>some software (some versions of Netscape certificate server) instead needs:</p>
+
+<pre><code> -----BEGIN NEW CERTIFICATE REQUEST-----
+ -----END NEW CERTIFICATE REQUEST-----</code></pre>
+
+<p>which is produced with the <b>-newhdr</b> option but is otherwise compatible. Either form is accepted transparently on input.</p>
+
+<p>The certificate requests generated by <b>Xenroll</b> with MSIE have extensions added. It includes the <b>keyUsage</b> extension which determines the type of key (signature only or general purpose) and any additional OIDs entered by the script in an extendedKeyUsage extension.</p>
+
+<h1 id="DIAGNOSTICS">DIAGNOSTICS</h1>
+
+<p>The following messages are frequently asked about:</p>
+
+<pre><code>        Using configuration from /some/path/openssl.cnf
+        Unable to load config info</code></pre>
+
+<p>This is followed some time later by...</p>
+
+<pre><code>        unable to find &#39;distinguished_name&#39; in config
+        problems making Certificate Request</code></pre>
+
+<p>The first error message is the clue: it can&#39;t find the configuration file! Certain operations (like examining a certificate request) don&#39;t need a configuration file so its use isn&#39;t enforced. Generation of certificates or requests however does need a configuration file. This could be regarded as a bug.</p>
+
+<p>Another puzzling message is this:</p>
+
+<pre><code>        Attributes:
+            a0:00</code></pre>
+
+<p>this is displayed when no attributes are present and the request includes the correct empty <b>SET OF</b> structure (the DER encoding of which is 0xa0 0x00). If you just see:</p>
+
+<pre><code>        Attributes:</code></pre>
+
+<p>then the <b>SET OF</b> is missing and the encoding is technically invalid (but it is tolerated). See the description of the command line option <b>-asn1-kludge</b> for more information.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OpenSSL&#39;s handling of T61Strings (aka TeletexStrings) is broken: it effectively treats them as ISO-8859-1 (Latin 1), Netscape and MSIE have similar behaviour. This can cause problems if you need characters that aren&#39;t available in PrintableStrings and you don&#39;t want to or can&#39;t use BMPStrings.</p>
+
+<p>As a consequence of the T61String handling the only correct way to represent accented characters in OpenSSL is to use a BMPString: unfortunately Netscape currently chokes on these. If you have to use accented characters with Netscape and MSIE then you currently need to use the invalid T61String form.</p>
+
+<p>The current prompting is not very friendly. It doesn&#39;t allow you to confirm what you&#39;ve just entered. Other things like extensions in certificate requests are statically defined in the configuration file. Some of these: like an email address in subjectAltName should be input by the user.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/x509.html">x509(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man5/config.html">config(5)</a>, <a href="../man5/x509v3_config.html">x509v3_config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/rsa.html b/msys2/usr/share/doc/openssl/html/man1/rsa.html
new file mode 100644
index 000000000..7320ee62d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/rsa.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rsa</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-rsa, rsa - RSA key processing tool</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>rsa</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-modulus</b>] [<b>-check</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-RSAPublicKey_in</b>] [<b>-RSAPublicKey_out</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>rsa</b> command processes RSA keys. They can be converted between various forms and their components printed out. <b>Note</b> this command uses the traditional SSLeay compatible format for private key encryption: newer applications should use the more secure PKCS#8 format using the <b>pkcs8</b> utility.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with the PKCS#1 RSAPrivateKey or SubjectPublicKeyInfo format. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines. On input PKCS#8 format private keys are also accepted.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write a key to or standard output if this option is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
+
+</dd>
+<dt id="passout-password"><b>-passout password</b></dt>
+<dd>
+
+<p>The output file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
+<dd>
+
+<p>These options encrypt the private key with the specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the <b>rsa</b> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the various public or private key components in plain text in addition to the encoded version.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the key.</p>
+
+</dd>
+<dt id="modulus"><b>-modulus</b></dt>
+<dd>
+
+<p>This option prints out the value of the modulus of the key.</p>
+
+</dd>
+<dt id="check"><b>-check</b></dt>
+<dd>
+
+<p>This option checks the consistency of an RSA private key.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>By default a private key is read from the input file: with this option a public key is read instead.</p>
+
+</dd>
+<dt id="pubout"><b>-pubout</b></dt>
+<dd>
+
+<p>By default a private key is output: with this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
+
+</dd>
+<dt id="RSAPublicKey_in--RSAPublicKey_out"><b>-RSAPublicKey_in</b>, <b>-RSAPublicKey_out</b></dt>
+<dd>
+
+<p>Like <b>-pubin</b> and <b>-pubout</b> except <b>RSAPublicKey</b> format is used instead.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>rsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM private key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The PEM public key format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----</code></pre>
+
+<p>The PEM <b>RSAPublicKey</b> format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN RSA PUBLIC KEY-----
+ -----END RSA PUBLIC KEY-----</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>To remove the pass phrase on an RSA private key:</p>
+
+<pre><code> openssl rsa -in key.pem -out keyout.pem</code></pre>
+
+<p>To encrypt a private key using triple DES:</p>
+
+<pre><code> openssl rsa -in key.pem -des3 -out keyout.pem</code></pre>
+
+<p>To convert a private key from PEM to DER format:</p>
+
+<pre><code> openssl rsa -in key.pem -outform DER -out keyout.der</code></pre>
+
+<p>To print out the components of a private key to standard output:</p>
+
+<pre><code> openssl rsa -in key.pem -text -noout</code></pre>
+
+<p>To just output the public part of a private key:</p>
+
+<pre><code> openssl rsa -in key.pem -pubout -out pubkey.pem</code></pre>
+
+<p>Output the public part of a private key in <b>RSAPublicKey</b> format:</p>
+
+<pre><code> openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option that automatically handles .key files, without having to manually edit them.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/pkcs8.html">pkcs8(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/rsautl.html b/msys2/usr/share/doc/openssl/html/man1/rsautl.html
new file mode 100644
index 000000000..68b6efdbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/rsautl.html
@@ -0,0 +1,236 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>rsautl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-rsautl, rsautl - RSA utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>rsautl</b> [<b>-help</b>] [<b>-in file</b>] [<b>-out file</b>] [<b>-inkey file</b>] [<b>-keyform PEM|DER|ENGINE</b>] [<b>-pubin</b>] [<b>-certin</b>] [<b>-sign</b>] [<b>-verify</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-pkcs</b>] [<b>-ssl</b>] [<b>-raw</b>] [<b>-hexdump</b>] [<b>-asn1parse</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>rsautl</b> command can be used to sign, verify, encrypt and decrypt data using the RSA algorithm.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read data from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="inkey-file"><b>-inkey file</b></dt>
+<dd>
+
+<p>The input key file, by default it should be an RSA private key.</p>
+
+</dd>
+<dt id="keyform-PEM-DER-ENGINE"><b>-keyform PEM|DER|ENGINE</b></dt>
+<dd>
+
+<p>The key format PEM, DER or ENGINE.</p>
+
+</dd>
+<dt id="pubin"><b>-pubin</b></dt>
+<dd>
+
+<p>The input file is an RSA public key.</p>
+
+</dd>
+<dt id="certin"><b>-certin</b></dt>
+<dd>
+
+<p>The input is a certificate containing an RSA public key.</p>
+
+</dd>
+<dt id="sign"><b>-sign</b></dt>
+<dd>
+
+<p>Sign the input data and output the signed result. This requires an RSA private key.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verify the input data and output the recovered data.</p>
+
+</dd>
+<dt id="encrypt"><b>-encrypt</b></dt>
+<dd>
+
+<p>Encrypt the input data using an RSA public key.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Decrypt the input data using an RSA private key.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="pkcs--oaep--ssl--raw"><b>-pkcs, -oaep, -ssl, -raw</b></dt>
+<dd>
+
+<p>The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP, special padding used in SSL v2 backwards compatible handshakes, or no padding, respectively. For signatures, only <b>-pkcs</b> and <b>-raw</b> can be used.</p>
+
+</dd>
+<dt id="hexdump"><b>-hexdump</b></dt>
+<dd>
+
+<p>Hex dump the output data.</p>
+
+</dd>
+<dt id="asn1parse"><b>-asn1parse</b></dt>
+<dd>
+
+<p>Parse the ASN.1 output data, this is useful when combined with the <b>-verify</b> option.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>rsautl</b> because it uses the RSA algorithm directly can only be used to sign or verify small pieces of data.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Sign some data using a private key:</p>
+
+<pre><code> openssl rsautl -sign -in file -inkey key.pem -out sig</code></pre>
+
+<p>Recover the signed data</p>
+
+<pre><code> openssl rsautl -verify -in sig -inkey key.pem</code></pre>
+
+<p>Examine the raw signed data:</p>
+
+<pre><code> openssl rsautl -verify -in sig -inkey key.pem -raw -hexdump
+
+ 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64   .....hello world</code></pre>
+
+<p>The PKCS#1 block formatting is evident from this. If this was done using encrypt and decrypt the block would have been of type 2 (the second byte) and random padding data visible instead of the 0xff bytes.</p>
+
+<p>It is possible to analyse the signature of certificates using this utility in conjunction with <b>asn1parse</b>. Consider the self signed example in certs/pca-cert.pem . Running <b>asn1parse</b> as follows yields:</p>
+
+<pre><code> openssl asn1parse -in pca-cert.pem
+
+    0:d=0  hl=4 l= 742 cons: SEQUENCE
+    4:d=1  hl=4 l= 591 cons:  SEQUENCE
+    8:d=2  hl=2 l=   3 cons:   cont [ 0 ]
+   10:d=3  hl=2 l=   1 prim:    INTEGER           :02
+   13:d=2  hl=2 l=   1 prim:   INTEGER           :00
+   16:d=2  hl=2 l=  13 cons:   SEQUENCE
+   18:d=3  hl=2 l=   9 prim:    OBJECT            :md5WithRSAEncryption
+   29:d=3  hl=2 l=   0 prim:    NULL
+   31:d=2  hl=2 l=  92 cons:   SEQUENCE
+   33:d=3  hl=2 l=  11 cons:    SET
+   35:d=4  hl=2 l=   9 cons:     SEQUENCE
+   37:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
+   42:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :AU
+  ....
+  599:d=1  hl=2 l=  13 cons:  SEQUENCE
+  601:d=2  hl=2 l=   9 prim:   OBJECT            :md5WithRSAEncryption
+  612:d=2  hl=2 l=   0 prim:   NULL
+  614:d=1  hl=3 l= 129 prim:  BIT STRING</code></pre>
+
+<p>The final BIT STRING contains the actual signature. It can be extracted with:</p>
+
+<pre><code> openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614</code></pre>
+
+<p>The certificate public key can be extracted with:</p>
+
+<pre><code> openssl x509 -in test/testx509.pem -pubkey -noout &gt;pubkey.pem</code></pre>
+
+<p>The signature can be analysed with:</p>
+
+<pre><code> openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
+
+    0:d=0  hl=2 l=  32 cons: SEQUENCE
+    2:d=1  hl=2 l=  12 cons:  SEQUENCE
+    4:d=2  hl=2 l=   8 prim:   OBJECT            :md5
+   14:d=2  hl=2 l=   0 prim:   NULL
+   16:d=1  hl=2 l=  16 prim:  OCTET STRING
+      0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5   .F...Js.7...H%..</code></pre>
+
+<p>This is the parsed version of an ASN1 DigestInfo structure. It can be seen that the digest used was md5. The actual part of the certificate that was signed can be extracted with:</p>
+
+<pre><code> openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4</code></pre>
+
+<p>and its digest computed with:</p>
+
+<pre><code> openssl md5 -c tbs
+ MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5</code></pre>
+
+<p>which it can be seen agrees with the recovered value above.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/s_client.html b/msys2/usr/share/doc/openssl/html/man1/s_client.html
new file mode 100644
index 000000000..f1be44f0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/s_client.html
@@ -0,0 +1,681 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>s_client</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CONNECTED-COMMANDS">CONNECTED COMMANDS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-s_client, s_client - SSL/TLS client program</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>s_client</b> [<b>-help</b>] [<b>-connect host:port</b>] [<b>-bind host:port</b>] [<b>-proxy host:port</b>] [<b>-unix path</b>] [<b>-4</b>] [<b>-6</b>] [<b>-servername name</b>] [<b>-noservername</b>] [<b>-verify depth</b>] [<b>-verify_return_error</b>] [<b>-cert filename</b>] [<b>-certform DER|PEM</b>] [<b>-key filename</b>] [<b>-keyform DER|PEM</b>] [<b>-cert_chain filename</b>] [<b>-build_chain</b>] [<b>-xkey</b>] [<b>-xcert</b>] [<b>-xchain</b>] [<b>-xchain_build</b>] [<b>-xcertform PEM|DER</b>] [<b>-xkeyform PEM|DER</b>] [<b>-pass arg</b>] [<b>-CApath directory</b>] [<b>-CAfile filename</b>] [<b>-chainCApath directory</b>] [<b>-chainCAfile filename</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-requestCAfile filename</b>] [<b>-dane_tlsa_domain domain</b>] [<b>-dane_tlsa_rrdata rrdata</b>] [<b>-dane_ee_no_namechecks</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-nameopt option</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-build_chain</b>] [<b>-x509_strict</b>] [<b>-reconnect</b>] [<b>-showcerts</b>] [<b>-debug</b>] [<b>-msg</b>] [<b>-nbio_test</b>] [<b>-state</b>] [<b>-nbio</b>] [<b>-crlf</b>] [<b>-ign_eof</b>] [<b>-no_ign_eof</b>] [<b>-psk_identity identity</b>] [<b>-psk key</b>] [<b>-psk_session file</b>] [<b>-quiet</b>] [<b>-ssl3</b>] [<b>-tls1</b>] [<b>-tls1_1</b>] [<b>-tls1_2</b>] [<b>-tls1_3</b>] [<b>-no_ssl3</b>] [<b>-no_tls1</b>] [<b>-no_tls1_1</b>] [<b>-no_tls1_2</b>] [<b>-no_tls1_3</b>] [<b>-dtls</b>] [<b>-dtls1</b>] [<b>-dtls1_2</b>] [<b>-sctp</b>] [<b>-sctp_label_bug</b>] [<b>-fallback_scsv</b>] [<b>-async</b>] [<b>-max_send_frag</b>] [<b>-split_send_frag</b>] [<b>-max_pipelines</b>] [<b>-read_buf</b>] [<b>-bugs</b>] [<b>-comp</b>] [<b>-no_comp</b>] [<b>-allow_no_dhe_kex</b>] [<b>-sigalgs sigalglist</b>] [<b>-curves curvelist</b>] [<b>-cipher cipherlist</b>] [<b>-ciphersuites val</b>] [<b>-serverpref</b>] [<b>-starttls protocol</b>] [<b>-xmpphost hostname</b>] [<b>-name hostname</b>] [<b>-engine id</b>] [<b>-tlsextdebug</b>] [<b>-no_ticket</b>] [<b>-sess_out filename</b>] [<b>-sess_in filename</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-serverinfo types</b>] [<b>-status</b>] [<b>-alpn protocols</b>] [<b>-nextprotoneg protocols</b>] [<b>-ct</b>] [<b>-noct</b>] [<b>-ctlogfile</b>] [<b>-keylogfile file</b>] [<b>-early_data file</b>] [<b>-enable_pha</b>] [<b>target</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>s_client</b> command implements a generic SSL/TLS client which connects to a remote host using SSL/TLS. It is a <i>very</i> useful diagnostic tool for SSL servers.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>In addition to the options below the <b>s_client</b> utility also supports the common and client only options documented in the in the &quot;Supported Command Line Commands&quot; section of the <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a> manual page.</p>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="connect-host:port"><b>-connect host:port</b></dt>
+<dd>
+
+<p>This specifies the host and optional port to connect to. It is possible to select the host and port using the optional target positional argument instead. If neither this nor the target positional argument are specified then an attempt is made to connect to the local host on port 4433.</p>
+
+</dd>
+<dt id="bind-host:port"><b>-bind host:port</b>]</dt>
+<dd>
+
+<p>This specifies the host address and or port to bind as the source for the connection. For Unix-domain sockets the port is ignored and the host is used as the source socket address.</p>
+
+</dd>
+<dt id="proxy-host:port"><b>-proxy host:port</b></dt>
+<dd>
+
+<p>When used with the <b>-connect</b> flag, the program uses the host and port specified with this flag and issues an HTTP CONNECT command to connect to the desired server.</p>
+
+</dd>
+<dt id="unix-path"><b>-unix path</b></dt>
+<dd>
+
+<p>Connect over the specified Unix-domain socket.</p>
+
+</dd>
+<dt id="pod-4"><b>-4</b></dt>
+<dd>
+
+<p>Use IPv4 only.</p>
+
+</dd>
+<dt id="pod-6"><b>-6</b></dt>
+<dd>
+
+<p>Use IPv6 only.</p>
+
+</dd>
+<dt id="servername-name"><b>-servername name</b></dt>
+<dd>
+
+<p>Set the TLS SNI (Server Name Indication) extension in the ClientHello message to the given value. If <b>-servername</b> is not provided, the TLS SNI extension will be populated with the name given to <b>-connect</b> if it follows a DNS name format. If <b>-connect</b> is not provided either, the SNI is set to &quot;localhost&quot;. This is the default since OpenSSL 1.1.1.</p>
+
+<p>Even though SNI should normally be a DNS name and not an IP address, if <b>-servername</b> is provided then that name will be sent, regardless of whether it is a DNS name or not.</p>
+
+<p>This option cannot be used in conjuction with <b>-noservername</b>.</p>
+
+</dd>
+<dt id="noservername"><b>-noservername</b></dt>
+<dd>
+
+<p>Suppresses sending of the SNI (Server Name Indication) extension in the ClientHello message. Cannot be used in conjunction with the <b>-servername</b> or &lt;-dane_tlsa_domain&gt; options.</p>
+
+</dd>
+<dt id="cert-certname"><b>-cert certname</b></dt>
+<dd>
+
+<p>The certificate to use, if one is requested by the server. The default is not to use a certificate.</p>
+
+</dd>
+<dt id="certform-format"><b>-certform format</b></dt>
+<dd>
+
+<p>The certificate format to use: DER or PEM. PEM is the default.</p>
+
+</dd>
+<dt id="key-keyfile"><b>-key keyfile</b></dt>
+<dd>
+
+<p>The private key to use. If not specified then the certificate file will be used.</p>
+
+</dd>
+<dt id="keyform-format"><b>-keyform format</b></dt>
+<dd>
+
+<p>The private format to use: DER or PEM. PEM is the default.</p>
+
+</dd>
+<dt id="cert_chain"><b>-cert_chain</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the client/server certificate chain related to the certificate specified via the <b>-cert</b> option.</p>
+
+</dd>
+<dt id="build_chain"><b>-build_chain</b></dt>
+<dd>
+
+<p>Specify whether the application should build the certificate chain to be provided to the server.</p>
+
+</dd>
+<dt id="xkey-infile--xcert-infile--xchain"><b>-xkey infile</b>, <b>-xcert infile</b>, <b>-xchain</b></dt>
+<dd>
+
+<p>Specify an extra certificate, private key and certificate chain. These behave in the same manner as the <b>-cert</b>, <b>-key</b> and <b>-cert_chain</b> options. When specified, the callback returning the first valid chain will be in use by the client.</p>
+
+</dd>
+<dt id="xchain_build"><b>-xchain_build</b></dt>
+<dd>
+
+<p>Specify whether the application should build the certificate chain to be provided to the server for the extra certificates provided via <b>-xkey infile</b>, <b>-xcert infile</b>, <b>-xchain</b> options.</p>
+
+</dd>
+<dt id="xcertform-PEM-DER--xkeyform-PEM-DER"><b>-xcertform PEM|DER</b>, <b>-xkeyform PEM|DER</b></dt>
+<dd>
+
+<p>Extra certificate and private key format respectively.</p>
+
+</dd>
+<dt id="pass-arg"><b>-pass arg</b></dt>
+<dd>
+
+<p>the private key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="verify-depth"><b>-verify depth</b></dt>
+<dd>
+
+<p>The verify depth to use. This specifies the maximum length of the server certificate chain and turns on server certificate verification. Currently the verify operation continues after errors so all the problems with a certificate chain can be seen. As a side effect the connection will never fail due to a server certificate verify failure.</p>
+
+</dd>
+<dt id="verify_return_error"><b>-verify_return_error</b></dt>
+<dd>
+
+<p>Return verification errors instead of continuing. This will typically abort the handshake with a fatal error.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="CApath-directory"><b>-CApath directory</b></dt>
+<dd>
+
+<p>The directory to use for server certificate verification. This directory must be in &quot;hash format&quot;, see <a href="../man1/verify.html">verify(1)</a> for more information. These are also used when building the client certificate chain.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use during server authentication and to use when attempting to build the client certificate chain.</p>
+
+</dd>
+<dt id="chainCApath-directory"><b>-chainCApath directory</b></dt>
+<dd>
+
+<p>The directory to use for building the chain provided to the server. This directory must be in &quot;hash format&quot;, see <a href="../man1/verify.html">verify(1)</a> for more information.</p>
+
+</dd>
+<dt id="chainCAfile-file"><b>-chainCAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the client certificate chain.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location</p>
+
+</dd>
+<dt id="requestCAfile-file"><b>-requestCAfile file</b></dt>
+<dd>
+
+<p>A file containing a list of certificates whose subject names will be sent to the server in the <b>certificate_authorities</b> extension. Only supported for TLS 1.3</p>
+
+</dd>
+<dt id="dane_tlsa_domain-domain"><b>-dane_tlsa_domain domain</b></dt>
+<dd>
+
+<p>Enable RFC6698/RFC7671 DANE TLSA authentication and specify the TLSA base domain which becomes the default SNI hint and the primary reference identifier for hostname checks. This must be used in combination with at least one instance of the <b>-dane_tlsa_rrdata</b> option below.</p>
+
+<p>When DANE authentication succeeds, the diagnostic output will include the lowest (closest to 0) depth at which a TLSA record authenticated a chain certificate. When that TLSA record is a &quot;2 1 0&quot; trust anchor public key that signed (rather than matched) the top-most certificate of the chain, the result is reported as &quot;TA public key verified&quot;. Otherwise, either the TLSA record &quot;matched TA certificate&quot; at a positive depth or else &quot;matched EE certificate&quot; at depth 0.</p>
+
+</dd>
+<dt id="dane_tlsa_rrdata-rrdata"><b>-dane_tlsa_rrdata rrdata</b></dt>
+<dd>
+
+<p>Use one or more times to specify the RRDATA fields of the DANE TLSA RRset associated with the target service. The <b>rrdata</b> value is specied in &quot;presentation form&quot;, that is four whitespace separated fields that specify the usage, selector, matching type and associated data, with the last of these encoded in hexadecimal. Optional whitespace is ignored in the associated data field. For example:</p>
+
+<pre><code>  $ openssl s_client -brief -starttls smtp \
+    -connect smtp.example.com:25 \
+    -dane_tlsa_domain smtp.example.com \
+    -dane_tlsa_rrdata &quot;2 1 1
+      B111DD8A1C2091A89BD4FD60C57F0716CCE50FEEFF8137CDBEE0326E 02CF362B&quot; \
+    -dane_tlsa_rrdata &quot;2 1 1
+      60B87575447DCBA2A36B7D11AC09FB24A9DB406FEE12D2CC90180517 616E8A18&quot;
+  ...
+  Verification: OK
+  Verified peername: smtp.example.com
+  DANE TLSA 2 1 1 ...ee12d2cc90180517616e8a18 matched TA certificate at depth 1
+  ...</code></pre>
+
+</dd>
+<dt id="dane_ee_no_namechecks"><b>-dane_ee_no_namechecks</b></dt>
+<dd>
+
+<p>This disables server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set various certificate chain validation options. See the <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="reconnect"><b>-reconnect</b></dt>
+<dd>
+
+<p>Reconnects to the same server 5 times using the same session ID, this can be used as a test that session caching is working.</p>
+
+</dd>
+<dt id="showcerts"><b>-showcerts</b></dt>
+<dd>
+
+<p>Displays the server certificate list as sent by the server: it only consists of certificates the server has sent (in the order the server has sent them). It is <b>not</b> a verified chain.</p>
+
+</dd>
+<dt id="prexit"><b>-prexit</b></dt>
+<dd>
+
+<p>Print session information when the program exits. This will always attempt to print out information even if the connection fails. Normally information will only be printed out once if the connection succeeds. This option is useful because the cipher in use may be renegotiated or the connection may fail because a client certificate is required or is requested only after an attempt is made to access a certain URL. Note: the output produced by this option is not always accurate because a connection might never have been established.</p>
+
+</dd>
+<dt id="state"><b>-state</b></dt>
+<dd>
+
+<p>Prints out the SSL session states.</p>
+
+</dd>
+<dt id="debug"><b>-debug</b></dt>
+<dd>
+
+<p>Print extensive debugging information including a hex dump of all traffic.</p>
+
+</dd>
+<dt id="msg"><b>-msg</b></dt>
+<dd>
+
+<p>Show all protocol messages with hex dump.</p>
+
+</dd>
+<dt id="trace"><b>-trace</b></dt>
+<dd>
+
+<p>Show verbose trace output of protocol messages. OpenSSL needs to be compiled with <b>enable-ssl-trace</b> for this option to work.</p>
+
+</dd>
+<dt id="msgfile"><b>-msgfile</b></dt>
+<dd>
+
+<p>File to send output of <b>-msg</b> or <b>-trace</b> to, default standard output.</p>
+
+</dd>
+<dt id="nbio_test"><b>-nbio_test</b></dt>
+<dd>
+
+<p>Tests non-blocking I/O</p>
+
+</dd>
+<dt id="nbio"><b>-nbio</b></dt>
+<dd>
+
+<p>Turns on non-blocking I/O</p>
+
+</dd>
+<dt id="crlf"><b>-crlf</b></dt>
+<dd>
+
+<p>This option translated a line feed from the terminal into CR+LF as required by some servers.</p>
+
+</dd>
+<dt id="ign_eof"><b>-ign_eof</b></dt>
+<dd>
+
+<p>Inhibit shutting down the connection when end of file is reached in the input.</p>
+
+</dd>
+<dt id="quiet"><b>-quiet</b></dt>
+<dd>
+
+<p>Inhibit printing of session and certificate information. This implicitly turns on <b>-ign_eof</b> as well.</p>
+
+</dd>
+<dt id="no_ign_eof"><b>-no_ign_eof</b></dt>
+<dd>
+
+<p>Shut down the connection when end of file is reached in the input. Can be used to override the implicit <b>-ign_eof</b> after <b>-quiet</b>.</p>
+
+</dd>
+<dt id="psk_identity-identity"><b>-psk_identity identity</b></dt>
+<dd>
+
+<p>Use the PSK identity <b>identity</b> when using a PSK cipher suite. The default value is &quot;Client_identity&quot; (without the quotes).</p>
+
+</dd>
+<dt id="psk-key"><b>-psk key</b></dt>
+<dd>
+
+<p>Use the PSK key <b>key</b> when using a PSK cipher suite. The key is given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. This option must be provided in order to use a PSK cipher.</p>
+
+</dd>
+<dt id="psk_session-file"><b>-psk_session file</b></dt>
+<dd>
+
+<p>Use the pem encoded SSL_SESSION data stored in <b>file</b> as the basis of a PSK. Note that this will only work if TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="ssl3--tls1--tls1_1--tls1_2--tls1_3--no_ssl3--no_tls1--no_tls1_1--no_tls1_2--no_tls1_3"><b>-ssl3</b>, <b>-tls1</b>, <b>-tls1_1</b>, <b>-tls1_2</b>, <b>-tls1_3</b>, <b>-no_ssl3</b>, <b>-no_tls1</b>, <b>-no_tls1_1</b>, <b>-no_tls1_2</b>, <b>-no_tls1_3</b></dt>
+<dd>
+
+<p>These options require or disable the use of the specified SSL or TLS protocols. By default <b>s_client</b> will negotiate the highest mutually supported protocol version. When a specific TLS version is required, only that version will be offered to and accepted from the server. Note that not all protocols and flags may be available, depending on how OpenSSL was built.</p>
+
+</dd>
+<dt id="dtls--dtls1--dtls1_2"><b>-dtls</b>, <b>-dtls1</b>, <b>-dtls1_2</b></dt>
+<dd>
+
+<p>These options make <b>s_client</b> use DTLS protocols instead of TLS. With <b>-dtls</b>, <b>s_client</b> will negotiate any supported DTLS protocol version, whilst <b>-dtls1</b> and <b>-dtls1_2</b> will only support DTLS1.0 and DTLS1.2 respectively.</p>
+
+</dd>
+<dt id="sctp"><b>-sctp</b></dt>
+<dd>
+
+<p>Use SCTP for the transport protocol instead of UDP in DTLS. Must be used in conjunction with <b>-dtls</b>, <b>-dtls1</b> or <b>-dtls1_2</b>. This option is only available where OpenSSL has support for SCTP enabled.</p>
+
+</dd>
+<dt id="sctp_label_bug"><b>-sctp_label_bug</b></dt>
+<dd>
+
+<p>Use the incorrect behaviour of older OpenSSL implementations when computing endpoint-pair shared secrets for DTLS/SCTP. This allows communication with older broken implementations but breaks interoperability with correct implementations. Must be used in conjunction with <b>-sctp</b>. This option is only available where OpenSSL has support for SCTP enabled.</p>
+
+</dd>
+<dt id="fallback_scsv"><b>-fallback_scsv</b></dt>
+<dd>
+
+<p>Send TLS_FALLBACK_SCSV in the ClientHello.</p>
+
+</dd>
+<dt id="async"><b>-async</b></dt>
+<dd>
+
+<p>Switch on asynchronous mode. Cryptographic operations will be performed asynchronously. This will only have an effect if an asynchronous capable engine is also used via the <b>-engine</b> option. For test purposes the dummy async engine (dasync) can be used (if available).</p>
+
+</dd>
+<dt id="max_send_frag-int"><b>-max_send_frag int</b></dt>
+<dd>
+
+<p>The maximum size of data fragment to send. See <a href="../man3/SSL_CTX_set_max_send_fragment.html">SSL_CTX_set_max_send_fragment(3)</a> for further information.</p>
+
+</dd>
+<dt id="split_send_frag-int"><b>-split_send_frag int</b></dt>
+<dd>
+
+<p>The size used to split data for encrypt pipelines. If more data is written in one go than this value then it will be split into multiple pipelines, up to the maximum number of pipelines defined by max_pipelines. This only has an effect if a suitable cipher suite has been negotiated, an engine that supports pipelining has been loaded, and max_pipelines is greater than 1. See <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a> for further information.</p>
+
+</dd>
+<dt id="max_pipelines-int"><b>-max_pipelines int</b></dt>
+<dd>
+
+<p>The maximum number of encrypt/decrypt pipelines to be used. This will only have an effect if an engine has been loaded that supports pipelining (e.g. the dasync engine) and a suitable cipher suite has been negotiated. The default value is 1. See <a href="../man3/SSL_CTX_set_max_pipelines.html">SSL_CTX_set_max_pipelines(3)</a> for further information.</p>
+
+</dd>
+<dt id="read_buf-int"><b>-read_buf int</b></dt>
+<dd>
+
+<p>The default read buffer size to be used for connections. This will only have an effect if the buffer size is larger than the size that would otherwise be used and pipelining is in use (see <a href="../man3/SSL_CTX_set_default_read_buffer_len.html">SSL_CTX_set_default_read_buffer_len(3)</a> for further information).</p>
+
+</dd>
+<dt id="bugs"><b>-bugs</b></dt>
+<dd>
+
+<p>There are several known bug in SSL and TLS implementations. Adding this option enables various workarounds.</p>
+
+</dd>
+<dt id="comp"><b>-comp</b></dt>
+<dd>
+
+<p>Enables support for SSL/TLS compression. This option was introduced in OpenSSL 1.1.0. TLS compression is not recommended and is off by default as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="no_comp"><b>-no_comp</b></dt>
+<dd>
+
+<p>Disables support for SSL/TLS compression. TLS compression is not recommended and is off by default as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="brief"><b>-brief</b></dt>
+<dd>
+
+<p>Only provide a brief summary of connection parameters instead of the normal verbose output.</p>
+
+</dd>
+<dt id="sigalgs-sigalglist"><b>-sigalgs sigalglist</b></dt>
+<dd>
+
+<p>Specifies the list of signature algorithms that are sent by the client. The server selects one entry in the list based on its preferences. For example strings, see <a href="../man3/SSL_CTX_set1_sigalgs.html">SSL_CTX_set1_sigalgs(3)</a></p>
+
+</dd>
+<dt id="curves-curvelist"><b>-curves curvelist</b></dt>
+<dd>
+
+<p>Specifies the list of supported curves to be sent by the client. The curve is ultimately selected by the server. For a list of all curves, use:</p>
+
+<pre><code>    $ openssl ecparam -list_curves</code></pre>
+
+</dd>
+<dt id="cipher-cipherlist"><b>-cipher cipherlist</b></dt>
+<dd>
+
+<p>This allows the TLSv1.2 and below cipher list sent by the client to be modified. This list will be combined with any TLSv1.3 ciphersuites that have been configured. Although the server determines which ciphersuite is used it should take the first supported cipher in the list sent by the client. See the <b>ciphers</b> command for more information.</p>
+
+</dd>
+<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
+<dd>
+
+<p>This allows the TLSv1.3 ciphersuites sent by the client to be modified. This list will be combined with any TLSv1.2 and below ciphersuites that have been configured. Although the server determines which cipher suite is used it should take the first supported cipher in the list sent by the client. See the <b>ciphers</b> command for more information. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names.</p>
+
+</dd>
+<dt id="starttls-protocol"><b>-starttls protocol</b></dt>
+<dd>
+
+<p>Send the protocol-specific message(s) to switch to TLS for communication. <b>protocol</b> is a keyword for the intended protocol. Currently, the only supported keywords are &quot;smtp&quot;, &quot;pop3&quot;, &quot;imap&quot;, &quot;ftp&quot;, &quot;xmpp&quot;, &quot;xmpp-server&quot;, &quot;irc&quot;, &quot;postgres&quot;, &quot;mysql&quot;, &quot;lmtp&quot;, &quot;nntp&quot;, &quot;sieve&quot; and &quot;ldap&quot;.</p>
+
+</dd>
+<dt id="xmpphost-hostname"><b>-xmpphost hostname</b></dt>
+<dd>
+
+<p>This option, when used with &quot;-starttls xmpp&quot; or &quot;-starttls xmpp-server&quot;, specifies the host for the &quot;to&quot; attribute of the stream element. If this option is not specified, then the host specified with &quot;-connect&quot; will be used.</p>
+
+<p>This option is an alias of the <b>-name</b> option for &quot;xmpp&quot; and &quot;xmpp-server&quot;.</p>
+
+</dd>
+<dt id="name-hostname"><b>-name hostname</b></dt>
+<dd>
+
+<p>This option is used to specify hostname information for various protocols used with <b>-starttls</b> option. Currently only &quot;xmpp&quot;, &quot;xmpp-server&quot;, &quot;smtp&quot; and &quot;lmtp&quot; can utilize this <b>-name</b> option.</p>
+
+<p>If this option is used with &quot;-starttls xmpp&quot; or &quot;-starttls xmpp-server&quot;, if specifies the host for the &quot;to&quot; attribute of the stream element. If this option is not specified, then the host specified with &quot;-connect&quot; will be used.</p>
+
+<p>If this option is used with &quot;-starttls lmtp&quot; or &quot;-starttls smtp&quot;, it specifies the name to use in the &quot;LMTP LHLO&quot; or &quot;SMTP EHLO&quot; message, respectively. If this option is not specified, then &quot;mail.example.com&quot; will be used.</p>
+
+</dd>
+<dt id="tlsextdebug"><b>-tlsextdebug</b></dt>
+<dd>
+
+<p>Print out a hex dump of any TLS extensions received from the server.</p>
+
+</dd>
+<dt id="no_ticket"><b>-no_ticket</b></dt>
+<dd>
+
+<p>Disable RFC4507bis session ticket support.</p>
+
+</dd>
+<dt id="sess_out-filename"><b>-sess_out filename</b></dt>
+<dd>
+
+<p>Output SSL session to <b>filename</b>.</p>
+
+</dd>
+<dt id="sess_in-sess.pem"><b>-sess_in sess.pem</b></dt>
+<dd>
+
+<p>Load SSL session from <b>filename</b>. The client will attempt to resume a connection from this session.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>s_client</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="serverinfo-types"><b>-serverinfo types</b></dt>
+<dd>
+
+<p>A list of comma-separated TLS Extension Types (numbers between 0 and 65535). Each type will be sent as an empty ClientHello TLS Extension. The server&#39;s response (if any) will be encoded and displayed as a PEM file.</p>
+
+</dd>
+<dt id="status"><b>-status</b></dt>
+<dd>
+
+<p>Sends a certificate status request to the server (OCSP stapling). The server response (if any) is printed out.</p>
+
+</dd>
+<dt id="alpn-protocols--nextprotoneg-protocols"><b>-alpn protocols</b>, <b>-nextprotoneg protocols</b></dt>
+<dd>
+
+<p>These flags enable the Enable the Application-Layer Protocol Negotiation or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the IETF standard and replaces NPN. The <b>protocols</b> list is a comma-separated list of protocol names that the client should advertise support for. The list should contain the most desirable protocols first. Protocol names are printable ASCII strings, for example &quot;http/1.1&quot; or &quot;spdy/3&quot;. An empty list of protocols is treated specially and will cause the client to advertise support for the TLS extension but disconnect just after receiving ServerHello with a list of server supported protocols. The flag <b>-nextprotoneg</b> cannot be specified if <b>-tls1_3</b> is used.</p>
+
+</dd>
+<dt id="ct--noct"><b>-ct</b>, <b>-noct</b></dt>
+<dd>
+
+<p>Use one of these two options to control whether Certificate Transparency (CT) is enabled (<b>-ct</b>) or disabled (<b>-noct</b>). If CT is enabled, signed certificate timestamps (SCTs) will be requested from the server and reported at handshake completion.</p>
+
+<p>Enabling CT also enables OCSP stapling, as this is one possible delivery method for SCTs.</p>
+
+</dd>
+<dt id="ctlogfile"><b>-ctlogfile</b></dt>
+<dd>
+
+<p>A file containing a list of known Certificate Transparency logs. See <a href="../man3/SSL_CTX_set_ctlog_list_file.html">SSL_CTX_set_ctlog_list_file(3)</a> for the expected file format.</p>
+
+</dd>
+<dt id="keylogfile-file"><b>-keylogfile file</b></dt>
+<dd>
+
+<p>Appends TLS secrets to the specified keylog file such that external programs (like Wireshark) can decrypt TLS connections.</p>
+
+</dd>
+<dt id="early_data-file"><b>-early_data file</b></dt>
+<dd>
+
+<p>Reads the contents of the specified file and attempts to send it as early data to the server. This will only work with resumed sessions that support early data and when the server accepts the early data.</p>
+
+</dd>
+<dt id="enable_pha"><b>-enable_pha</b></dt>
+<dd>
+
+<p>For TLSv1.3 only, send the Post-Handshake Authentication extension. This will happen whether or not a certificate has been provided via <b>-cert</b>.</p>
+
+</dd>
+<dt id="target"><b>[target]</b></dt>
+<dd>
+
+<p>Rather than providing <b>-connect</b>, the target hostname and optional port may be provided as a single positional argument after all options. If neither this nor <b>-connect</b> are provided, falls back to attempting to connect to localhost on port 4433.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONNECTED-COMMANDS">CONNECTED COMMANDS</h1>
+
+<p>If a connection is established with an SSL server then any data received from the server is displayed and any key presses will be sent to the server. If end of file is reached then the connection will be closed down. When used interactively (which means neither <b>-quiet</b> nor <b>-ign_eof</b> have been given), then certain commands are also recognized which perform special operations. These commands are a letter which must appear at the start of a line. They are listed below.</p>
+
+<dl>
+
+<dt id="Q"><b>Q</b></dt>
+<dd>
+
+<p>End the current SSL connection and exit.</p>
+
+</dd>
+<dt id="R"><b>R</b></dt>
+<dd>
+
+<p>Renegotiate the SSL session (TLSv1.2 and below only).</p>
+
+</dd>
+<dt id="B"><b>B</b></dt>
+<dd>
+
+<p>Send a heartbeat message to the server (DTLS only)</p>
+
+</dd>
+<dt id="k"><b>k</b></dt>
+<dd>
+
+<p>Send a key update message to the server (TLSv1.3 only)</p>
+
+</dd>
+<dt id="K"><b>K</b></dt>
+<dd>
+
+<p>Send a key update message to the server and request one back (TLSv1.3 only)</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>s_client</b> can be used to debug SSL servers. To connect to an SSL HTTP server the command:</p>
+
+<pre><code> openssl s_client -connect servername:443</code></pre>
+
+<p>would typically be used (https uses port 443). If the connection succeeds then an HTTP command can be given such as &quot;GET /&quot; to retrieve a web page.</p>
+
+<p>If the handshake fails then there are several possible causes, if it is nothing obvious like no client certificate then the <b>-bugs</b>, <b>-ssl3</b>, <b>-tls1</b>, <b>-no_ssl3</b>, <b>-no_tls1</b> options can be tried in case it is a buggy server. In particular you should play with these options <b>before</b> submitting a bug report to an OpenSSL mailing list.</p>
+
+<p>A frequent problem when attempting to get client certificates working is that a web client complains it has no certificates or gives an empty list to choose from. This is normally because the server is not sending the clients certificate authority in its &quot;acceptable CA list&quot; when it requests a certificate. By using <b>s_client</b> the CA list can be viewed and checked. However some servers only request client authentication after a specific URL is requested. To obtain the list in this case it is necessary to use the <b>-prexit</b> option and send an HTTP request for an appropriate page.</p>
+
+<p>If a certificate is specified on the command line using the <b>-cert</b> option it will not be used unless the server specifically requests a client certificate. Therefor merely including a client certificate on the command line is no guarantee that the certificate works.</p>
+
+<p>If there are problems verifying a server certificate then the <b>-showcerts</b> option can be used to show all the certificates sent by the server.</p>
+
+<p>The <b>s_client</b> utility is a test tool and is designed to continue the handshake after any certificate verification errors. As a result it will accept any certificate chain (trusted or not) sent by the peer. None test applications should <b>not</b> do this as it makes them vulnerable to a MITM attack. This behaviour can be changed by with the <b>-verify_return_error</b> option: any verify errors are then returned aborting the handshake.</p>
+
+<p>The <b>-bind</b> option may be useful if the server or a firewall requires connections to come from some particular address and or port.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Because this program has a lot of options and also because some of the techniques used are rather old, the C source of <b>s_client</b> is rather hard to read and not a model of how things should be done. A typical SSL client program would be much simpler.</p>
+
+<p>The <b>-prexit</b> option is a bit of a hack. We should really report information whenever a session is renegotiated.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man1/sess_id.html">sess_id(1)</a>, <a href="../man1/s_server.html">s_server(1)</a>, <a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man3/SSL_CTX_set_max_send_fragment.html">SSL_CTX_set_max_send_fragment(3)</a>, <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a>, <a href="../man3/SSL_CTX_set_max_pipelines.html">SSL_CTX_set_max_pipelines(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>-no_alt_chains</b> option was added in OpenSSL 1.1.0. The <b>-name</b> option was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/s_server.html b/msys2/usr/share/doc/openssl/html/man1/s_server.html
new file mode 100644
index 000000000..9f707fc94
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/s_server.html
@@ -0,0 +1,714 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>s_server</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#CONNECTED-COMMANDS">CONNECTED COMMANDS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-s_server, s_server - SSL/TLS server program</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>s_server</b> [<b>-help</b>] [<b>-port +int</b>] [<b>-accept val</b>] [<b>-unix val</b>] [<b>-4</b>] [<b>-6</b>] [<b>-unlink</b>] [<b>-context val</b>] [<b>-verify int</b>] [<b>-Verify int</b>] [<b>-cert infile</b>] [<b>-nameopt val</b>] [<b>-naccept +int</b>] [<b>-serverinfo val</b>] [<b>-certform PEM|DER</b>] [<b>-key infile</b>] [<b>-keyform format</b>] [<b>-pass val</b>] [<b>-dcert infile</b>] [<b>-dcertform PEM|DER</b>] [<b>-dkey infile</b>] [<b>-dkeyform PEM|DER</b>] [<b>-dpass val</b>] [<b>-nbio_test</b>] [<b>-crlf</b>] [<b>-debug</b>] [<b>-msg</b>] [<b>-msgfile outfile</b>] [<b>-state</b>] [<b>-CAfile infile</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-nocert</b>] [<b>-quiet</b>] [<b>-no_resume_ephemeral</b>] [<b>-www</b>] [<b>-WWW</b>] [<b>-servername</b>] [<b>-servername_fatal</b>] [<b>-cert2 infile</b>] [<b>-key2 infile</b>] [<b>-tlsextdebug</b>] [<b>-HTTP</b>] [<b>-id_prefix val</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-keymatexport val</b>] [<b>-keymatexportlen +int</b>] [<b>-CRL infile</b>] [<b>-crl_download</b>] [<b>-cert_chain infile</b>] [<b>-dcert_chain infile</b>] [<b>-chainCApath dir</b>] [<b>-verifyCApath dir</b>] [<b>-no_cache</b>] [<b>-ext_cache</b>] [<b>-CRLform PEM|DER</b>] [<b>-verify_return_error</b>] [<b>-verify_quiet</b>] [<b>-build_chain</b>] [<b>-chainCAfile infile</b>] [<b>-verifyCAfile infile</b>] [<b>-ign_eof</b>] [<b>-no_ign_eof</b>] [<b>-status</b>] [<b>-status_verbose</b>] [<b>-status_timeout int</b>] [<b>-status_url val</b>] [<b>-status_file infile</b>] [<b>-trace</b>] [<b>-security_debug</b>] [<b>-security_debug_verbose</b>] [<b>-brief</b>] [<b>-rev</b>] [<b>-async</b>] [<b>-ssl_config val</b>] [<b>-max_send_frag +int</b>] [<b>-split_send_frag +int</b>] [<b>-max_pipelines +int</b>] [<b>-read_buf +int</b>] [<b>-no_ssl3</b>] [<b>-no_tls1</b>] [<b>-no_tls1_1</b>] [<b>-no_tls1_2</b>] [<b>-no_tls1_3</b>] [<b>-bugs</b>] [<b>-no_comp</b>] [<b>-comp</b>] [<b>-no_ticket</b>] [<b>-num_tickets</b>] [<b>-serverpref</b>] [<b>-legacy_renegotiation</b>] [<b>-no_renegotiation</b>] [<b>-legacy_server_connect</b>] [<b>-no_resumption_on_reneg</b>] [<b>-no_legacy_server_connect</b>] [<b>-allow_no_dhe_kex</b>] [<b>-prioritize_chacha</b>] [<b>-strict</b>] [<b>-sigalgs val</b>] [<b>-client_sigalgs val</b>] [<b>-groups val</b>] [<b>-curves val</b>] [<b>-named_curve val</b>] [<b>-cipher val</b>] [<b>-ciphersuites val</b>] [<b>-dhparam infile</b>] [<b>-record_padding val</b>] [<b>-debug_broken_protocol</b>] [<b>-policy val</b>] [<b>-purpose val</b>] [<b>-verify_name val</b>] [<b>-verify_depth int</b>] [<b>-auth_level int</b>] [<b>-attime intmax</b>] [<b>-verify_hostname val</b>] [<b>-verify_email val</b>] [<b>-verify_ip</b>] [<b>-ignore_critical</b>] [<b>-issuer_checks</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-policy_check</b>] [<b>-explicit_policy</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-x509_strict</b>] [<b>-extended_crl</b>] [<b>-use_deltas</b>] [<b>-policy_print</b>] [<b>-check_ss_sig</b>] [<b>-trusted_first</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_128</b>] [<b>-suiteB_192</b>] [<b>-partial_chain</b>] [<b>-no_alt_chains</b>] [<b>-no_check_time</b>] [<b>-allow_proxy_certs</b>] [<b>-xkey</b>] [<b>-xcert</b>] [<b>-xchain</b>] [<b>-xchain_build</b>] [<b>-xcertform PEM|DER</b>] [<b>-xkeyform PEM|DER</b>] [<b>-nbio</b>] [<b>-psk_identity val</b>] [<b>-psk_hint val</b>] [<b>-psk val</b>] [<b>-psk_session file</b>] [<b>-srpvfile infile</b>] [<b>-srpuserseed val</b>] [<b>-ssl3</b>] [<b>-tls1</b>] [<b>-tls1_1</b>] [<b>-tls1_2</b>] [<b>-tls1_3</b>] [<b>-dtls</b>] [<b>-timeout</b>] [<b>-mtu +int</b>] [<b>-listen</b>] [<b>-dtls1</b>] [<b>-dtls1_2</b>] [<b>-sctp</b>] [<b>-sctp_label_bug</b>] [<b>-no_dhe</b>] [<b>-nextprotoneg val</b>] [<b>-use_srtp val</b>] [<b>-alpn val</b>] [<b>-engine val</b>] [<b>-keylogfile outfile</b>] [<b>-max_early_data int</b>] [<b>-early_data</b>] [<b>-anti_replay</b>] [<b>-no_anti_replay</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>s_server</b> command implements a generic SSL/TLS server which listens for connections on a given port using SSL/TLS.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>In addition to the options below the <b>s_server</b> utility also supports the common and server only options documented in the in the &quot;Supported Command Line Commands&quot; section of the <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a> manual page.</p>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="port-int"><b>-port +int</b></dt>
+<dd>
+
+<p>The TCP port to listen on for connections. If not specified 4433 is used.</p>
+
+</dd>
+<dt id="accept-val"><b>-accept val</b></dt>
+<dd>
+
+<p>The optional TCP host and port to listen on for connections. If not specified, *:4433 is used.</p>
+
+</dd>
+<dt id="unix-val"><b>-unix val</b></dt>
+<dd>
+
+<p>Unix domain socket to accept on.</p>
+
+</dd>
+<dt id="pod-4"><b>-4</b></dt>
+<dd>
+
+<p>Use IPv4 only.</p>
+
+</dd>
+<dt id="pod-6"><b>-6</b></dt>
+<dd>
+
+<p>Use IPv6 only.</p>
+
+</dd>
+<dt id="unlink"><b>-unlink</b></dt>
+<dd>
+
+<p>For -unix, unlink any existing socket first.</p>
+
+</dd>
+<dt id="context-val"><b>-context val</b></dt>
+<dd>
+
+<p>Sets the SSL context id. It can be given any string value. If this option is not present a default value will be used.</p>
+
+</dd>
+<dt id="verify-int--Verify-int"><b>-verify int</b>, <b>-Verify int</b></dt>
+<dd>
+
+<p>The verify depth to use. This specifies the maximum length of the client certificate chain and makes the server request a certificate from the client. With the <b>-verify</b> option a certificate is requested but the client does not have to send one, with the <b>-Verify</b> option the client must supply a certificate or an error occurs.</p>
+
+<p>If the cipher suite cannot request a client certificate (for example an anonymous cipher suite or PSK) this option has no effect.</p>
+
+</dd>
+<dt id="cert-infile"><b>-cert infile</b></dt>
+<dd>
+
+<p>The certificate to use, most servers cipher suites require the use of a certificate and some require a certificate with a certain public key type: for example the DSS cipher suites require a certificate containing a DSS (DSA) key. If not specified then the filename &quot;server.pem&quot; will be used.</p>
+
+</dd>
+<dt id="cert_chain"><b>-cert_chain</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the client/server certificate chain related to the certificate specified via the <b>-cert</b> option.</p>
+
+</dd>
+<dt id="build_chain"><b>-build_chain</b></dt>
+<dd>
+
+<p>Specify whether the application should build the certificate chain to be provided to the client.</p>
+
+</dd>
+<dt id="nameopt-val"><b>-nameopt val</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>val</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="naccept-int"><b>-naccept +int</b></dt>
+<dd>
+
+<p>The server will exit after receiving the specified number of connections, default unlimited.</p>
+
+</dd>
+<dt id="serverinfo-val"><b>-serverinfo val</b></dt>
+<dd>
+
+<p>A file containing one or more blocks of PEM data. Each PEM block must encode a TLS ServerHello extension (2 bytes type, 2 bytes length, followed by &quot;length&quot; bytes of extension data). If the client sends an empty TLS ClientHello extension matching the type, the corresponding ServerHello extension will be returned.</p>
+
+</dd>
+<dt id="certform-PEM-DER"><b>-certform PEM|DER</b></dt>
+<dd>
+
+<p>The certificate format to use: DER or PEM. PEM is the default.</p>
+
+</dd>
+<dt id="key-infile"><b>-key infile</b></dt>
+<dd>
+
+<p>The private key to use. If not specified then the certificate file will be used.</p>
+
+</dd>
+<dt id="keyform-format"><b>-keyform format</b></dt>
+<dd>
+
+<p>The private format to use: DER or PEM. PEM is the default.</p>
+
+</dd>
+<dt id="pass-val"><b>-pass val</b></dt>
+<dd>
+
+<p>The private key password source. For more information about the format of <b>val</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="dcert-infile--dkey-infile"><b>-dcert infile</b>, <b>-dkey infile</b></dt>
+<dd>
+
+<p>Specify an additional certificate and private key, these behave in the same manner as the <b>-cert</b> and <b>-key</b> options except there is no default if they are not specified (no additional certificate and key is used). As noted above some cipher suites require a certificate containing a key of a certain type. Some cipher suites need a certificate carrying an RSA key and some a DSS (DSA) key. By using RSA and DSS certificates and keys a server can support clients which only support RSA or DSS cipher suites by using an appropriate certificate.</p>
+
+</dd>
+<dt id="dcert_chain"><b>-dcert_chain</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the server certificate chain when a certificate specified via the <b>-dcert</b> option is in use.</p>
+
+</dd>
+<dt id="dcertform-PEM-DER--dkeyform-PEM-DER--dpass-val"><b>-dcertform PEM|DER</b>, <b>-dkeyform PEM|DER</b>, <b>-dpass val</b></dt>
+<dd>
+
+<p>Additional certificate and private key format and passphrase respectively.</p>
+
+</dd>
+<dt id="xkey-infile--xcert-infile--xchain"><b>-xkey infile</b>, <b>-xcert infile</b>, <b>-xchain</b></dt>
+<dd>
+
+<p>Specify an extra certificate, private key and certificate chain. These behave in the same manner as the <b>-cert</b>, <b>-key</b> and <b>-cert_chain</b> options. When specified, the callback returning the first valid chain will be in use by the server.</p>
+
+</dd>
+<dt id="xchain_build"><b>-xchain_build</b></dt>
+<dd>
+
+<p>Specify whether the application should build the certificate chain to be provided to the client for the extra certificates provided via <b>-xkey infile</b>, <b>-xcert infile</b>, <b>-xchain</b> options.</p>
+
+</dd>
+<dt id="xcertform-PEM-DER--xkeyform-PEM-DER"><b>-xcertform PEM|DER</b>, <b>-xkeyform PEM|DER</b></dt>
+<dd>
+
+<p>Extra certificate and private key format respectively.</p>
+
+</dd>
+<dt id="nbio_test"><b>-nbio_test</b></dt>
+<dd>
+
+<p>Tests non blocking I/O.</p>
+
+</dd>
+<dt id="crlf"><b>-crlf</b></dt>
+<dd>
+
+<p>This option translated a line feed from the terminal into CR+LF.</p>
+
+</dd>
+<dt id="debug"><b>-debug</b></dt>
+<dd>
+
+<p>Print extensive debugging information including a hex dump of all traffic.</p>
+
+</dd>
+<dt id="msg"><b>-msg</b></dt>
+<dd>
+
+<p>Show all protocol messages with hex dump.</p>
+
+</dd>
+<dt id="msgfile-outfile"><b>-msgfile outfile</b></dt>
+<dd>
+
+<p>File to send output of <b>-msg</b> or <b>-trace</b> to, default standard output.</p>
+
+</dd>
+<dt id="state"><b>-state</b></dt>
+<dd>
+
+<p>Prints the SSL session states.</p>
+
+</dd>
+<dt id="CAfile-infile"><b>-CAfile infile</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use during client authentication and to use when attempting to build the server certificate chain. The list is also used in the list of acceptable client CAs passed to the client when a certificate is requested.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>The directory to use for client certificate verification. This directory must be in &quot;hash format&quot;, see <a href="../man1/verify.html">verify(1)</a> for more information. These are also used when building the server certificate chain.</p>
+
+</dd>
+<dt id="chainCApath-dir"><b>-chainCApath dir</b></dt>
+<dd>
+
+<p>The directory to use for building the chain provided to the client. This directory must be in &quot;hash format&quot;, see <a href="../man1/verify.html">verify(1)</a> for more information.</p>
+
+</dd>
+<dt id="chainCAfile-file"><b>-chainCAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use when attempting to build the server certificate chain.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location.</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location.</p>
+
+</dd>
+<dt id="nocert"><b>-nocert</b></dt>
+<dd>
+
+<p>If this option is set then no certificate is used. This restricts the cipher suites available to the anonymous ones (currently just anonymous DH).</p>
+
+</dd>
+<dt id="quiet"><b>-quiet</b></dt>
+<dd>
+
+<p>Inhibit printing of session and certificate information.</p>
+
+</dd>
+<dt id="www"><b>-www</b></dt>
+<dd>
+
+<p>Sends a status message back to the client when it connects. This includes information about the ciphers used and various session parameters. The output is in HTML format so this option will normally be used with a web browser. Cannot be used in conjunction with <b>-early_data</b>.</p>
+
+</dd>
+<dt id="WWW"><b>-WWW</b></dt>
+<dd>
+
+<p>Emulates a simple web server. Pages will be resolved relative to the current directory, for example if the URL https://myhost/page.html is requested the file ./page.html will be loaded. Cannot be used in conjunction with <b>-early_data</b>.</p>
+
+</dd>
+<dt id="tlsextdebug"><b>-tlsextdebug</b></dt>
+<dd>
+
+<p>Print a hex dump of any TLS extensions received from the server.</p>
+
+</dd>
+<dt id="HTTP"><b>-HTTP</b></dt>
+<dd>
+
+<p>Emulates a simple web server. Pages will be resolved relative to the current directory, for example if the URL https://myhost/page.html is requested the file ./page.html will be loaded. The files loaded are assumed to contain a complete and correct HTTP response (lines that are part of the HTTP response line and headers must end with CRLF). Cannot be used in conjunction with <b>-early_data</b>.</p>
+
+</dd>
+<dt id="id_prefix-val"><b>-id_prefix val</b></dt>
+<dd>
+
+<p>Generate SSL/TLS session IDs prefixed by <b>val</b>. This is mostly useful for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple servers, when each of which might be generating a unique range of session IDs (eg. with a certain prefix).</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="verify_return_error"><b>-verify_return_error</b></dt>
+<dd>
+
+<p>Verification errors normally just print a message but allow the connection to continue, for debugging purposes. If this option is used, then verification errors close the connection.</p>
+
+</dd>
+<dt id="status"><b>-status</b></dt>
+<dd>
+
+<p>Enables certificate status request support (aka OCSP stapling).</p>
+
+</dd>
+<dt id="status_verbose"><b>-status_verbose</b></dt>
+<dd>
+
+<p>Enables certificate status request support (aka OCSP stapling) and gives a verbose printout of the OCSP response.</p>
+
+</dd>
+<dt id="status_timeout-int"><b>-status_timeout int</b></dt>
+<dd>
+
+<p>Sets the timeout for OCSP response to <b>int</b> seconds.</p>
+
+</dd>
+<dt id="status_url-val"><b>-status_url val</b></dt>
+<dd>
+
+<p>Sets a fallback responder URL to use if no responder URL is present in the server certificate. Without this option an error is returned if the server certificate does not contain a responder address.</p>
+
+</dd>
+<dt id="status_file-infile"><b>-status_file infile</b></dt>
+<dd>
+
+<p>Overrides any OCSP responder URLs from the certificate and always provides the OCSP Response stored in the file. The file must be in DER format.</p>
+
+</dd>
+<dt id="trace"><b>-trace</b></dt>
+<dd>
+
+<p>Show verbose trace output of protocol messages. OpenSSL needs to be compiled with <b>enable-ssl-trace</b> for this option to work.</p>
+
+</dd>
+<dt id="brief"><b>-brief</b></dt>
+<dd>
+
+<p>Provide a brief summary of connection parameters instead of the normal verbose output.</p>
+
+</dd>
+<dt id="rev"><b>-rev</b></dt>
+<dd>
+
+<p>Simple test server which just reverses the text received from the client and sends it back to the server. Also sets <b>-brief</b>. Cannot be used in conjunction with <b>-early_data</b>.</p>
+
+</dd>
+<dt id="async"><b>-async</b></dt>
+<dd>
+
+<p>Switch on asynchronous mode. Cryptographic operations will be performed asynchronously. This will only have an effect if an asynchronous capable engine is also used via the <b>-engine</b> option. For test purposes the dummy async engine (dasync) can be used (if available).</p>
+
+</dd>
+<dt id="max_send_frag-int"><b>-max_send_frag +int</b></dt>
+<dd>
+
+<p>The maximum size of data fragment to send. See <a href="../man3/SSL_CTX_set_max_send_fragment.html">SSL_CTX_set_max_send_fragment(3)</a> for further information.</p>
+
+</dd>
+<dt id="split_send_frag-int"><b>-split_send_frag +int</b></dt>
+<dd>
+
+<p>The size used to split data for encrypt pipelines. If more data is written in one go than this value then it will be split into multiple pipelines, up to the maximum number of pipelines defined by max_pipelines. This only has an effect if a suitable cipher suite has been negotiated, an engine that supports pipelining has been loaded, and max_pipelines is greater than 1. See <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a> for further information.</p>
+
+</dd>
+<dt id="max_pipelines-int"><b>-max_pipelines +int</b></dt>
+<dd>
+
+<p>The maximum number of encrypt/decrypt pipelines to be used. This will only have an effect if an engine has been loaded that supports pipelining (e.g. the dasync engine) and a suitable cipher suite has been negotiated. The default value is 1. See <a href="../man3/SSL_CTX_set_max_pipelines.html">SSL_CTX_set_max_pipelines(3)</a> for further information.</p>
+
+</dd>
+<dt id="read_buf-int"><b>-read_buf +int</b></dt>
+<dd>
+
+<p>The default read buffer size to be used for connections. This will only have an effect if the buffer size is larger than the size that would otherwise be used and pipelining is in use (see <a href="../man3/SSL_CTX_set_default_read_buffer_len.html">SSL_CTX_set_default_read_buffer_len(3)</a> for further information).</p>
+
+</dd>
+<dt id="ssl2--ssl3--tls1--tls1_1--tls1_2--tls1_3--no_ssl2--no_ssl3--no_tls1--no_tls1_1--no_tls1_2--no_tls1_3"><b>-ssl2</b>, <b>-ssl3</b>, <b>-tls1</b>, <b>-tls1_1</b>, <b>-tls1_2</b>, <b>-tls1_3</b>, <b>-no_ssl2</b>, <b>-no_ssl3</b>, <b>-no_tls1</b>, <b>-no_tls1_1</b>, <b>-no_tls1_2</b>, <b>-no_tls1_3</b></dt>
+<dd>
+
+<p>These options require or disable the use of the specified SSL or TLS protocols. By default <b>s_server</b> will negotiate the highest mutually supported protocol version. When a specific TLS version is required, only that version will be accepted from the client. Note that not all protocols and flags may be available, depending on how OpenSSL was built.</p>
+
+</dd>
+<dt id="bugs"><b>-bugs</b></dt>
+<dd>
+
+<p>There are several known bug in SSL and TLS implementations. Adding this option enables various workarounds.</p>
+
+</dd>
+<dt id="no_comp"><b>-no_comp</b></dt>
+<dd>
+
+<p>Disable negotiation of TLS compression. TLS compression is not recommended and is off by default as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="comp"><b>-comp</b></dt>
+<dd>
+
+<p>Enable negotiation of TLS compression. This option was introduced in OpenSSL 1.1.0. TLS compression is not recommended and is off by default as of OpenSSL 1.1.0.</p>
+
+</dd>
+<dt id="no_ticket"><b>-no_ticket</b></dt>
+<dd>
+
+<p>Disable RFC4507bis session ticket support. This option has no effect if TLSv1.3 is negotiated. See <b>-num_tickets</b>.</p>
+
+</dd>
+<dt id="num_tickets"><b>-num_tickets</b></dt>
+<dd>
+
+<p>Control the number of tickets that will be sent to the client after a full handshake in TLSv1.3. The default number of tickets is 2. This option does not affect the number of tickets sent after a resumption handshake.</p>
+
+</dd>
+<dt id="serverpref"><b>-serverpref</b></dt>
+<dd>
+
+<p>Use the server&#39;s cipher preferences, rather than the client&#39;s preferences.</p>
+
+</dd>
+<dt id="prioritize_chacha"><b>-prioritize_chacha</b></dt>
+<dd>
+
+<p>Prioritize ChaCha ciphers when preferred by clients. Requires <b>-serverpref</b>.</p>
+
+</dd>
+<dt id="no_resumption_on_reneg"><b>-no_resumption_on_reneg</b></dt>
+<dd>
+
+<p>Set the <b>SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</b> option.</p>
+
+</dd>
+<dt id="client_sigalgs-val"><b>-client_sigalgs val</b></dt>
+<dd>
+
+<p>Signature algorithms to support for client certificate authentication (colon-separated list).</p>
+
+</dd>
+<dt id="named_curve-val"><b>-named_curve val</b></dt>
+<dd>
+
+<p>Specifies the elliptic curve to use. NOTE: this is single curve, not a list. For a list of all possible curves, use:</p>
+
+<pre><code>    $ openssl ecparam -list_curves</code></pre>
+
+</dd>
+<dt id="cipher-val"><b>-cipher val</b></dt>
+<dd>
+
+<p>This allows the list of TLSv1.2 and below ciphersuites used by the server to be modified. This list is combined with any TLSv1.3 ciphersuites that have been configured. When the client sends a list of supported ciphers the first client cipher also included in the server list is used. Because the client specifies the preference order, the order of the server cipherlist is irrelevant. See the <b>ciphers</b> command for more information.</p>
+
+</dd>
+<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
+<dd>
+
+<p>This allows the list of TLSv1.3 ciphersuites used by the server to be modified. This list is combined with any TLSv1.2 and below ciphersuites that have been configured. When the client sends a list of supported ciphers the first client cipher also included in the server list is used. Because the client specifies the preference order, the order of the server cipherlist is irrelevant. See the <b>ciphers</b> command for more information. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names.</p>
+
+</dd>
+<dt id="dhparam-infile"><b>-dhparam infile</b></dt>
+<dd>
+
+<p>The DH parameter file to use. The ephemeral DH cipher suites generate keys using a set of DH parameters. If not specified then an attempt is made to load the parameters from the server certificate file. If this fails then a static set of parameters hard coded into the <b>s_server</b> program will be used.</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set different peer certificate verification options. See the <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="crl_check--crl_check_all"><b>-crl_check</b>, <b>-crl_check_all</b></dt>
+<dd>
+
+<p>Check the peer certificate has not been revoked by its CA. The CRL(s) are appended to the certificate file. With the <b>-crl_check_all</b> option all CRLs of all CAs in the chain are checked.</p>
+
+</dd>
+<dt id="nbio"><b>-nbio</b></dt>
+<dd>
+
+<p>Turns on non blocking I/O.</p>
+
+</dd>
+<dt id="psk_identity-val"><b>-psk_identity val</b></dt>
+<dd>
+
+<p>Expect the client to send PSK identity <b>val</b> when using a PSK cipher suite, and warn if they do not. By default, the expected PSK identity is the string &quot;Client_identity&quot;.</p>
+
+</dd>
+<dt id="psk_hint-val"><b>-psk_hint val</b></dt>
+<dd>
+
+<p>Use the PSK identity hint <b>val</b> when using a PSK cipher suite.</p>
+
+</dd>
+<dt id="psk-val"><b>-psk val</b></dt>
+<dd>
+
+<p>Use the PSK key <b>val</b> when using a PSK cipher suite. The key is given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. This option must be provided in order to use a PSK cipher.</p>
+
+</dd>
+<dt id="psk_session-file"><b>-psk_session file</b></dt>
+<dd>
+
+<p>Use the pem encoded SSL_SESSION data stored in <b>file</b> as the basis of a PSK. Note that this will only work if TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="listen"><b>-listen</b></dt>
+<dd>
+
+<p>This option can only be used in conjunction with one of the DTLS options above. With this option <b>s_server</b> will listen on a UDP port for incoming connections. Any ClientHellos that arrive will be checked to see if they have a cookie in them or not. Any without a cookie will be responded to with a HelloVerifyRequest. If a ClientHello with a cookie is received then <b>s_server</b> will connect to that peer and complete the handshake.</p>
+
+</dd>
+<dt id="dtls--dtls1--dtls1_2"><b>-dtls</b>, <b>-dtls1</b>, <b>-dtls1_2</b></dt>
+<dd>
+
+<p>These options make <b>s_server</b> use DTLS protocols instead of TLS. With <b>-dtls</b>, <b>s_server</b> will negotiate any supported DTLS protocol version, whilst <b>-dtls1</b> and <b>-dtls1_2</b> will only support DTLSv1.0 and DTLSv1.2 respectively.</p>
+
+</dd>
+<dt id="sctp"><b>-sctp</b></dt>
+<dd>
+
+<p>Use SCTP for the transport protocol instead of UDP in DTLS. Must be used in conjunction with <b>-dtls</b>, <b>-dtls1</b> or <b>-dtls1_2</b>. This option is only available where OpenSSL has support for SCTP enabled.</p>
+
+</dd>
+<dt id="sctp_label_bug"><b>-sctp_label_bug</b></dt>
+<dd>
+
+<p>Use the incorrect behaviour of older OpenSSL implementations when computing endpoint-pair shared secrets for DTLS/SCTP. This allows communication with older broken implementations but breaks interoperability with correct implementations. Must be used in conjunction with <b>-sctp</b>. This option is only available where OpenSSL has support for SCTP enabled.</p>
+
+</dd>
+<dt id="no_dhe"><b>-no_dhe</b></dt>
+<dd>
+
+<p>If this option is set then no DH parameters will be loaded effectively disabling the ephemeral DH cipher suites.</p>
+
+</dd>
+<dt id="alpn-val--nextprotoneg-val"><b>-alpn val</b>, <b>-nextprotoneg val</b></dt>
+<dd>
+
+<p>These flags enable the Enable the Application-Layer Protocol Negotiation or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the IETF standard and replaces NPN. The <b>val</b> list is a comma-separated list of supported protocol names. The list should contain the most desirable protocols first. Protocol names are printable ASCII strings, for example &quot;http/1.1&quot; or &quot;spdy/3&quot;. The flag <b>-nextprotoneg</b> cannot be specified if <b>-tls1_3</b> is used.</p>
+
+</dd>
+<dt id="engine-val"><b>-engine val</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique id string in <b>val</b>) will cause <b>s_server</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="keylogfile-outfile"><b>-keylogfile outfile</b></dt>
+<dd>
+
+<p>Appends TLS secrets to the specified keylog file such that external programs (like Wireshark) can decrypt TLS connections.</p>
+
+</dd>
+<dt id="max_early_data-int"><b>-max_early_data int</b></dt>
+<dd>
+
+<p>Change the default maximum early data bytes that are specified for new sessions and any incoming early data (when used in conjunction with the <b>-early_data</b> flag). The default value is approximately 16k. The argument must be an integer greater than or equal to 0.</p>
+
+</dd>
+<dt id="early_data"><b>-early_data</b></dt>
+<dd>
+
+<p>Accept early data where possible. Cannot be used in conjunction with <b>-www</b>, <b>-WWW</b>, <b>-HTTP</b> or <b>-rev</b>.</p>
+
+</dd>
+<dt id="anti_replay--no_anti_replay"><b>-anti_replay</b>, <b>-no_anti_replay</b></dt>
+<dd>
+
+<p>Switches replay protection on or off, respectively. Replay protection is on by default unless overridden by a configuration file. When it is on, OpenSSL will automatically detect if a session ticket has been used more than once, TLSv1.3 has been negotiated, and early data is enabled on the server. A full handshake is forced if a session ticket is used a second or subsequent time. Any early data that was sent will be rejected.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONNECTED-COMMANDS">CONNECTED COMMANDS</h1>
+
+<p>If a connection request is established with an SSL client and neither the <b>-www</b> nor the <b>-WWW</b> option has been used then normally any data received from the client is displayed and any key presses will be sent to the client.</p>
+
+<p>Certain commands are also recognized which perform special operations. These commands are a letter which must appear at the start of a line. They are listed below.</p>
+
+<dl>
+
+<dt id="q"><b>q</b></dt>
+<dd>
+
+<p>End the current SSL connection but still accept new connections.</p>
+
+</dd>
+<dt id="Q"><b>Q</b></dt>
+<dd>
+
+<p>End the current SSL connection and exit.</p>
+
+</dd>
+<dt id="r"><b>r</b></dt>
+<dd>
+
+<p>Renegotiate the SSL session (TLSv1.2 and below only).</p>
+
+</dd>
+<dt id="R"><b>R</b></dt>
+<dd>
+
+<p>Renegotiate the SSL session and request a client certificate (TLSv1.2 and below only).</p>
+
+</dd>
+<dt id="P"><b>P</b></dt>
+<dd>
+
+<p>Send some plain text down the underlying TCP connection: this should cause the client to disconnect due to a protocol violation.</p>
+
+</dd>
+<dt id="S"><b>S</b></dt>
+<dd>
+
+<p>Print out some session cache status information.</p>
+
+</dd>
+<dt id="B"><b>B</b></dt>
+<dd>
+
+<p>Send a heartbeat message to the client (DTLS only)</p>
+
+</dd>
+<dt id="k"><b>k</b></dt>
+<dd>
+
+<p>Send a key update message to the client (TLSv1.3 only)</p>
+
+</dd>
+<dt id="K"><b>K</b></dt>
+<dd>
+
+<p>Send a key update message to the client and request one back (TLSv1.3 only)</p>
+
+</dd>
+<dt id="c"><b>c</b></dt>
+<dd>
+
+<p>Send a certificate request to the client (TLSv1.3 only)</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>s_server</b> can be used to debug SSL clients. To accept connections from a web browser the command:</p>
+
+<pre><code> openssl s_server -accept 443 -www</code></pre>
+
+<p>can be used for example.</p>
+
+<p>Although specifying an empty list of CAs when requesting a client certificate is strictly speaking a protocol violation, some SSL clients interpret this to mean any CA is acceptable. This is useful for debugging purposes.</p>
+
+<p>The session parameters can printed out using the <b>sess_id</b> program.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Because this program has a lot of options and also because some of the techniques used are rather old, the C source of <b>s_server</b> is rather hard to read and not a model of how things should be done. A typical SSL server program would be much simpler.</p>
+
+<p>The output of common ciphers is wrong: it just gives the list of ciphers that OpenSSL recognizes and the client supports.</p>
+
+<p>There should be a way for the <b>s_server</b> program to print out details of any unknown cipher suites a client says it supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man1/sess_id.html">sess_id(1)</a>, <a href="../man1/s_client.html">s_client(1)</a>, <a href="../man1/ciphers.html">ciphers(1)</a> <a href="../man3/SSL_CTX_set_max_send_fragment.html">SSL_CTX_set_max_send_fragment(3)</a>, <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a>, <a href="../man3/SSL_CTX_set_max_pipelines.html">SSL_CTX_set_max_pipelines(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The -no_alt_chains option was added in OpenSSL 1.1.0.</p>
+
+<p>The -allow-no-dhe-kex and -prioritize_chacha options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/s_time.html b/msys2/usr/share/doc/openssl/html/man1/s_time.html
new file mode 100644
index 000000000..22b349b98
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/s_time.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>s_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-s_time, s_time - SSL/TLS performance timing program</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>s_time</b> [<b>-help</b>] [<b>-connect host:port</b>] [<b>-www page</b>] [<b>-cert filename</b>] [<b>-key filename</b>] [<b>-CApath directory</b>] [<b>-cafile filename</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-reuse</b>] [<b>-new</b>] [<b>-verify depth</b>] [<b>-nameopt option</b>] [<b>-time seconds</b>] [<b>-ssl3</b>] [<b>-bugs</b>] [<b>-cipher cipherlist</b>] [<b>-ciphersuites val</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>s_time</b> command implements a generic SSL/TLS client which connects to a remote host using SSL/TLS. It can request a page from the server and includes the time to transfer the payload data in its timing measurements. It measures the number of connections within a given timeframe, the amount of data transferred (if any), and calculates the average time spent for one connection.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="connect-host:port"><b>-connect host:port</b></dt>
+<dd>
+
+<p>This specifies the host and optional port to connect to.</p>
+
+</dd>
+<dt id="www-page"><b>-www page</b></dt>
+<dd>
+
+<p>This specifies the page to GET from the server. A value of &#39;/&#39; gets the index.htm[l] page. If this parameter is not specified, then <b>s_time</b> will only perform the handshake to establish SSL connections but not transfer any payload data.</p>
+
+</dd>
+<dt id="cert-certname"><b>-cert certname</b></dt>
+<dd>
+
+<p>The certificate to use, if one is requested by the server. The default is not to use a certificate. The file is in PEM format.</p>
+
+</dd>
+<dt id="key-keyfile"><b>-key keyfile</b></dt>
+<dd>
+
+<p>The private key to use. If not specified then the certificate file will be used. The file is in PEM format.</p>
+
+</dd>
+<dt id="verify-depth"><b>-verify depth</b></dt>
+<dd>
+
+<p>The verify depth to use. This specifies the maximum length of the server certificate chain and turns on server certificate verification. Currently the verify operation continues after errors so all the problems with a certificate chain can be seen. As a side effect the connection will never fail due to a server certificate verify failure.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="CApath-directory"><b>-CApath directory</b></dt>
+<dd>
+
+<p>The directory to use for server certificate verification. This directory must be in &quot;hash format&quot;, see <b>verify</b> for more information. These are also used when building the client certificate chain.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted certificates to use during server authentication and to use when attempting to build the client certificate chain.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location</p>
+
+</dd>
+<dt id="new"><b>-new</b></dt>
+<dd>
+
+<p>Performs the timing test using a new session ID for each connection. If neither <b>-new</b> nor <b>-reuse</b> are specified, they are both on by default and executed in sequence.</p>
+
+</dd>
+<dt id="reuse"><b>-reuse</b></dt>
+<dd>
+
+<p>Performs the timing test using the same session ID; this can be used as a test that session caching is working. If neither <b>-new</b> nor <b>-reuse</b> are specified, they are both on by default and executed in sequence.</p>
+
+</dd>
+<dt id="ssl3"><b>-ssl3</b></dt>
+<dd>
+
+<p>This option disables the use of SSL version 3. By default the initial handshake uses a method which should be compatible with all servers and permit them to use SSL v3 or TLS as appropriate.</p>
+
+<p>The timing program is not as rich in options to turn protocols on and off as the <a href="../man1/s_client.html">s_client(1)</a> program and may not connect to all servers. Unfortunately there are a lot of ancient and broken servers in use which cannot handle this technique and will fail to connect. Some servers only work if TLS is turned off with the <b>-ssl3</b> option.</p>
+
+<p>Note that this option may not be available, depending on how OpenSSL was built.</p>
+
+</dd>
+<dt id="bugs"><b>-bugs</b></dt>
+<dd>
+
+<p>There are several known bug in SSL and TLS implementations. Adding this option enables various workarounds.</p>
+
+</dd>
+<dt id="cipher-cipherlist"><b>-cipher cipherlist</b></dt>
+<dd>
+
+<p>This allows the TLSv1.2 and below cipher list sent by the client to be modified. This list will be combined with any TLSv1.3 ciphersuites that have been configured. Although the server determines which cipher suite is used it should take the first supported cipher in the list sent by the client. See <a href="../man1/ciphers.html">ciphers(1)</a> for more information.</p>
+
+</dd>
+<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
+<dd>
+
+<p>This allows the TLSv1.3 ciphersuites sent by the client to be modified. This list will be combined with any TLSv1.2 and below ciphersuites that have been configured. Although the server determines which cipher suite is used it should take the first supported cipher in the list sent by the client. See <a href="../man1/ciphers.html">ciphers(1)</a> for more information. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names.</p>
+
+</dd>
+<dt id="time-length"><b>-time length</b></dt>
+<dd>
+
+<p>Specifies how long (in seconds) <b>s_time</b> should establish connections and optionally transfer payload data from a server. Server and client performance and the link speed determine how many connections <b>s_time</b> can establish.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>s_time</b> can be used to measure the performance of an SSL connection. To connect to an SSL HTTP server and get the default page the command</p>
+
+<pre><code> openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]</code></pre>
+
+<p>would typically be used (https uses port 443). &#39;commoncipher&#39; is a cipher to which both client and server can agree, see the <a href="../man1/ciphers.html">ciphers(1)</a> command for details.</p>
+
+<p>If the handshake fails then there are several possible causes, if it is nothing obvious like no client certificate then the <b>-bugs</b> and <b>-ssl3</b> options can be tried in case it is a buggy server. In particular you should play with these options <b>before</b> submitting a bug report to an OpenSSL mailing list.</p>
+
+<p>A frequent problem when attempting to get client certificates working is that a web client complains it has no certificates or gives an empty list to choose from. This is normally because the server is not sending the clients certificate authority in its &quot;acceptable CA list&quot; when it requests a certificate. By using <a href="../man1/s_client.html">s_client(1)</a> the CA list can be viewed and checked. However some servers only request client authentication after a specific URL is requested. To obtain the list in this case it is necessary to use the <b>-prexit</b> option of <a href="../man1/s_client.html">s_client(1)</a> and send an HTTP request for an appropriate page.</p>
+
+<p>If a certificate is specified on the command line using the <b>-cert</b> option it will not be used unless the server specifically requests a client certificate. Therefor merely including a client certificate on the command line is no guarantee that the certificate works.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Because this program does not have all the options of the <a href="../man1/s_client.html">s_client(1)</a> program to turn protocols on and off, you may not be able to measure the performance of all protocols with all servers.</p>
+
+<p>The <b>-verify</b> option should really exit if the server verification fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/s_client.html">s_client(1)</a>, <a href="../man1/s_server.html">s_server(1)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/sess_id.html b/msys2/usr/share/doc/openssl/html/man1/sess_id.html
new file mode 100644
index 000000000..9418710ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/sess_id.html
@@ -0,0 +1,195 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>sess_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#OUTPUT">OUTPUT</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-sess_id, sess_id - SSL/TLS session handling utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>sess_id</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER|NSS</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-context ID</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>sess_id</b> process the encoded version of the SSL session structure and optionally prints out SSL session details (for example the SSL session master key) in human readable format. Since this is a diagnostic tool that needs some knowledge of the SSL protocol to use properly, most users will not need to use it.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded format containing session details. The precise format can vary from one version to the next. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
+
+</dd>
+<dt id="outform-DER-PEM-NSS"><b>-outform DER|PEM|NSS</b></dt>
+<dd>
+
+<p>This specifies the output format. The <b>PEM</b> and <b>DER</b> options have the same meaning and default as the <b>-inform</b> option. The <b>NSS</b> option outputs the session id and the master key in NSS keylog format.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read session information from or standard input by default.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write session information to or standard output if this option is not specified.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the various public or private key components in plain text in addition to the encoded version.</p>
+
+</dd>
+<dt id="cert"><b>-cert</b></dt>
+<dd>
+
+<p>If a certificate is present in the session it will be output using this option, if the <b>-text</b> option is also present then it will be printed out in text form.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the session.</p>
+
+</dd>
+<dt id="context-ID"><b>-context ID</b></dt>
+<dd>
+
+<p>This option can set the session id so the output session information uses the supplied ID. The ID can be any string of characters. This option won&#39;t normally be used.</p>
+
+</dd>
+</dl>
+
+<h1 id="OUTPUT">OUTPUT</h1>
+
+<p>Typical output:</p>
+
+<pre><code> SSL-Session:
+     Protocol  : TLSv1
+     Cipher    : 0016
+     Session-ID: 871E62626C554CE95488823752CBD5F3673A3EF3DCE9C67BD916C809914B40ED
+     Session-ID-ctx: 01000000
+     Master-Key: A7CEFC571974BE02CAC305269DC59F76EA9F0B180CB6642697A68251F2D2BB57E51DBBB4C7885573192AE9AEE220FACD
+     Key-Arg   : None
+     Start Time: 948459261
+     Timeout   : 300 (sec)
+     Verify return code 0 (ok)</code></pre>
+
+<p>Theses are described below in more detail.</p>
+
+<dl>
+
+<dt id="Protocol"><b>Protocol</b></dt>
+<dd>
+
+<p>This is the protocol in use TLSv1.3, TLSv1.2, TLSv1.1, TLSv1 or SSLv3.</p>
+
+</dd>
+<dt id="Cipher"><b>Cipher</b></dt>
+<dd>
+
+<p>The cipher used this is the actual raw SSL or TLS cipher code, see the SSL or TLS specifications for more information.</p>
+
+</dd>
+<dt id="Session-ID"><b>Session-ID</b></dt>
+<dd>
+
+<p>The SSL session ID in hex format.</p>
+
+</dd>
+<dt id="Session-ID-ctx"><b>Session-ID-ctx</b></dt>
+<dd>
+
+<p>The session ID context in hex format.</p>
+
+</dd>
+<dt id="Master-Key"><b>Master-Key</b></dt>
+<dd>
+
+<p>This is the SSL session master key.</p>
+
+</dd>
+<dt id="Start-Time"><b>Start Time</b></dt>
+<dd>
+
+<p>This is the session start time represented as an integer in standard Unix format.</p>
+
+</dd>
+<dt id="Timeout"><b>Timeout</b></dt>
+<dd>
+
+<p>The timeout in seconds.</p>
+
+</dd>
+<dt id="Verify-return-code"><b>Verify return code</b></dt>
+<dd>
+
+<p>This is the return code when an SSL client certificate is verified.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM encoded session format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN SSL SESSION PARAMETERS-----
+ -----END SSL SESSION PARAMETERS-----</code></pre>
+
+<p>Since the SSL session output contains the master key it is possible to read the contents of an encrypted session using this information. Therefore appropriate security precautions should be taken if the information is being output by a &quot;real&quot; application. This is however strongly discouraged and should only be used for debugging purposes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The cipher and start time should be printed out in human readable form.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man1/s_server.html">s_server(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/smime.html b/msys2/usr/share/doc/openssl/html/man1/smime.html
new file mode 100644
index 000000000..6b570ff39
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/smime.html
@@ -0,0 +1,454 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>smime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXIT-CODES">EXIT CODES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-smime, smime - S/MIME utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>smime</b> [<b>-help</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-sign</b>] [<b>-resign</b>] [<b>-verify</b>] [<b>-pk7out</b>] [<b>-binary</b>] [<b>-crlfeol</b>] [<b>-<i>cipher</i></b>] [<b>-in file</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-certfile file</b>] [<b>-signer file</b>] [<b>-recip file</b>] [<b>-inform SMIME|PEM|DER</b>] [<b>-passin arg</b>] [<b>-inkey file_or_id</b>] [<b>-out file</b>] [<b>-outform SMIME|PEM|DER</b>] [<b>-content file</b>] [<b>-to addr</b>] [<b>-from ad</b>] [<b>-subject s</b>] [<b>-text</b>] [<b>-indef</b>] [<b>-noindef</b>] [<b>-stream</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-md digest</b>] [cert.pem]...</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>smime</b> command handles S/MIME mail. It can encrypt, decrypt, sign and verify S/MIME messages.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<p>There are six operation options that set the type of operation to be performed. The meaning of the other options varies according to the operation type.</p>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="encrypt"><b>-encrypt</b></dt>
+<dd>
+
+<p>Encrypt mail for the given recipient certificates. Input file is the message to be encrypted. The output file is the encrypted mail in MIME format.</p>
+
+<p>Note that no revocation check is done for the recipient cert, so if that key has been compromised, others may be able to decrypt the text.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Decrypt mail using the supplied certificate and private key. Expects an encrypted mail message in MIME format for the input file. The decrypted mail is written to the output file.</p>
+
+</dd>
+<dt id="sign"><b>-sign</b></dt>
+<dd>
+
+<p>Sign mail using the supplied certificate and private key. Input file is the message to be signed. The signed message in MIME format is written to the output file.</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verify signed mail. Expects a signed mail message on input and outputs the signed data. Both clear text and opaque signing is supported.</p>
+
+</dd>
+<dt id="pk7out"><b>-pk7out</b></dt>
+<dd>
+
+<p>Takes an input message and writes out a PEM encoded PKCS#7 structure.</p>
+
+</dd>
+<dt id="resign"><b>-resign</b></dt>
+<dd>
+
+<p>Resign a message: take an existing message and one or more new signers.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>The input message to be encrypted or signed or the MIME message to be decrypted or verified.</p>
+
+</dd>
+<dt id="inform-SMIME-PEM-DER"><b>-inform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>This specifies the input format for the PKCS#7 structure. The default is <b>SMIME</b> which reads an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to expect PEM and DER format PKCS#7 structures instead. This currently only affects the input format of the PKCS#7 structure, if no PKCS#7 structure is being input (for example with <b>-encrypt</b> or <b>-sign</b>) this option has no effect.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>The message text that has been decrypted or verified or the output MIME format message that has been signed or verified.</p>
+
+</dd>
+<dt id="outform-SMIME-PEM-DER"><b>-outform SMIME|PEM|DER</b></dt>
+<dd>
+
+<p>This specifies the output format for the PKCS#7 structure. The default is <b>SMIME</b> which write an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to write PEM and DER format PKCS#7 structures instead. This currently only affects the output format of the PKCS#7 structure, if no PKCS#7 structure is being output (for example with <b>-verify</b> or <b>-decrypt</b>) this option has no effect.</p>
+
+</dd>
+<dt id="stream--indef--noindef"><b>-stream -indef -noindef</b></dt>
+<dd>
+
+<p>The <b>-stream</b> and <b>-indef</b> options are equivalent and enable streaming I/O for encoding operations. This permits single pass processing of data without the need to hold the entire contents in memory, potentially supporting very large files. Streaming is automatically set for S/MIME signing with detached data if the output format is <b>SMIME</b> it is currently off by default for all other operations.</p>
+
+</dd>
+<dt id="noindef"><b>-noindef</b></dt>
+<dd>
+
+<p>Disable streaming I/O where it would produce and indefinite length constructed encoding. This option currently has no effect. In future streaming will be enabled by default on all relevant operations and this option will disable it.</p>
+
+</dd>
+<dt id="content-filename"><b>-content filename</b></dt>
+<dd>
+
+<p>This specifies a file containing the detached content, this is only useful with the <b>-verify</b> command. This is only usable if the PKCS#7 structure is using the detached signature form where the content is not included. This option will override any content if the input format is S/MIME and it uses the multipart/signed MIME content type.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>This option adds plain text (text/plain) MIME headers to the supplied message if encrypting or signing. If decrypting or verifying it strips off text headers: if the decrypted or verified message is not of MIME type text/plain then an error occurs.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A file containing trusted CA certificates, only used with <b>-verify</b>.</p>
+
+</dd>
+<dt id="CApath-dir"><b>-CApath dir</b></dt>
+<dd>
+
+<p>A directory containing trusted CA certificates, only used with <b>-verify</b>. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location.</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location.</p>
+
+</dd>
+<dt id="md-digest"><b>-md digest</b></dt>
+<dd>
+
+<p>Digest algorithm to use when signing or resigning. If not present then the default digest algorithm for the signing key will be used (usually SHA1).</p>
+
+</dd>
+<dt id="cipher"><b>-<i>cipher</i></b></dt>
+<dd>
+
+<p>The encryption algorithm to use. For example DES (56 bits) - <b>-des</b>, triple DES (168 bits) - <b>-des3</b>, EVP_get_cipherbyname() function) can also be used preceded by a dash, for example <b>-aes-128-cbc</b>. See <a href="../man1/enc.html"><b>enc</b></a> for list of ciphers supported by your version of OpenSSL.</p>
+
+<p>If not specified triple DES is used. Only used with <b>-encrypt</b>.</p>
+
+</dd>
+<dt id="nointern"><b>-nointern</b></dt>
+<dd>
+
+<p>When verifying a message normally certificates (if any) included in the message are searched for the signing certificate. With this option only the certificates specified in the <b>-certfile</b> option are used. The supplied certificates can still be used as untrusted CAs however.</p>
+
+</dd>
+<dt id="noverify"><b>-noverify</b></dt>
+<dd>
+
+<p>Do not verify the signers certificate of a signed message.</p>
+
+</dd>
+<dt id="nochain"><b>-nochain</b></dt>
+<dd>
+
+<p>Do not do chain verification of signers certificates: that is don&#39;t use the certificates in the signed message as untrusted CAs.</p>
+
+</dd>
+<dt id="nosigs"><b>-nosigs</b></dt>
+<dd>
+
+<p>Don&#39;t try to verify the signatures on the message.</p>
+
+</dd>
+<dt id="nocerts"><b>-nocerts</b></dt>
+<dd>
+
+<p>When signing a message the signer&#39;s certificate is normally included with this option it is excluded. This will reduce the size of the signed message but the verifier must have a copy of the signers certificate available locally (passed using the <b>-certfile</b> option for example).</p>
+
+</dd>
+<dt id="noattr"><b>-noattr</b></dt>
+<dd>
+
+<p>Normally when a message is signed a set of attributes are included which include the signing time and supported symmetric algorithms. With this option they are not included.</p>
+
+</dd>
+<dt id="binary"><b>-binary</b></dt>
+<dd>
+
+<p>Normally the input message is converted to &quot;canonical&quot; format which is effectively using CR and LF as end of line: as required by the S/MIME specification. When this option is present no translation occurs. This is useful when handling binary data which may not be in MIME format.</p>
+
+</dd>
+<dt id="crlfeol"><b>-crlfeol</b></dt>
+<dd>
+
+<p>Normally the output file uses a single <b>LF</b> as end of line. When this option is present <b>CRLF</b> is used instead.</p>
+
+</dd>
+<dt id="nodetach"><b>-nodetach</b></dt>
+<dd>
+
+<p>When signing a message use opaque signing: this form is more resistant to translation by mail relays but it cannot be read by mail agents that do not support S/MIME. Without this option cleartext signing with the MIME type multipart/signed is used.</p>
+
+</dd>
+<dt id="certfile-file"><b>-certfile file</b></dt>
+<dd>
+
+<p>Allows additional certificates to be specified. When signing these will be included with the message. When verifying these will be searched for the signers certificates. The certificates should be in PEM format.</p>
+
+</dd>
+<dt id="signer-file"><b>-signer file</b></dt>
+<dd>
+
+<p>A signing certificate when signing or resigning a message, this option can be used multiple times if more than one signer is required. If a message is being verified then the signers certificates will be written to this file if the verification was successful.</p>
+
+</dd>
+<dt id="recip-file"><b>-recip file</b></dt>
+<dd>
+
+<p>The recipients certificate when decrypting a message. This certificate must match one of the recipients of the message or an error occurs.</p>
+
+</dd>
+<dt id="inkey-file_or_id"><b>-inkey file_or_id</b></dt>
+<dd>
+
+<p>The private key to use when signing or decrypting. This must match the corresponding certificate. If this option is not specified then the private key must be included in the certificate file specified with the <b>-recip</b> or <b>-signer</b> file. When signing this option can be used multiple times to specify successive keys. If no engine is used, the argument is taken as a file; if an engine is specified, the argument is given to the engine as a key identifier.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The private key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="cert.pem"><b>cert.pem...</b></dt>
+<dd>
+
+<p>One or more certificates of message recipients: used when encrypting a message.</p>
+
+</dd>
+<dt id="to--from--subject"><b>-to, -from, -subject</b></dt>
+<dd>
+
+<p>The relevant mail headers. These are included outside the signed portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate&#39;s email address matches that specified in the From: address.</p>
+
+</dd>
+<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
+<dd>
+
+<p>Set various options of certificate chain verification. See <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The MIME message must be sent without any blank lines between the headers and the output. Some mail programs will automatically add a blank line. Piping the mail directly to sendmail is one way to achieve the correct format.</p>
+
+<p>The supplied message to be signed or encrypted must include the necessary MIME headers or many S/MIME clients won&#39;t display it properly (if at all). You can use the <b>-text</b> option to automatically add plain text headers.</p>
+
+<p>A &quot;signed and encrypted&quot; message is one where a signed message is then encrypted. This can be produced by encrypting an already signed message: see the examples section.</p>
+
+<p>This version of the program only allows one signer per message but it will verify multiple signers on received messages. Some S/MIME clients choke if a message contains multiple signers. It is possible to sign messages &quot;in parallel&quot; by signing an already signed message.</p>
+
+<p>The options <b>-encrypt</b> and <b>-decrypt</b> reflect common usage in S/MIME clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7 encrypted data is used for other purposes.</p>
+
+<p>The <b>-resign</b> option uses an existing message digest when adding a new signer. This means that attributes must be present in at least one existing signer using the same message digest or this operation will fail.</p>
+
+<p>The <b>-stream</b> and <b>-indef</b> options enable streaming I/O support. As a result the encoding is BER using indefinite length constructed encoding and no longer DER. Streaming is supported for the <b>-encrypt</b> operation and the <b>-sign</b> operation if the content is not detached.</p>
+
+<p>Streaming is always used for the <b>-sign</b> operation with detached data but since the content is no longer part of the PKCS#7 structure the encoding remains DER.</p>
+
+<h1 id="EXIT-CODES">EXIT CODES</h1>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation was completely successfully.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>An error occurred parsing the command options.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>One of the input files could not be read.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>An error occurred creating the PKCS#7 file or when reading the MIME message.</p>
+
+</dd>
+<dt id="pod4">4</dt>
+<dd>
+
+<p>An error occurred decrypting or verifying the message.</p>
+
+</dd>
+<dt id="pod5">5</dt>
+<dd>
+
+<p>The message was verified correctly but an error occurred writing out the signers certificates.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create a cleartext signed message:</p>
+
+<pre><code> openssl smime -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem</code></pre>
+
+<p>Create an opaque signed message:</p>
+
+<pre><code> openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
+        -signer mycert.pem</code></pre>
+
+<p>Create a signed message, include some additional certificates and read the private key from another file:</p>
+
+<pre><code> openssl smime -sign -in in.txt -text -out mail.msg \
+        -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem</code></pre>
+
+<p>Create a signed message with two signers:</p>
+
+<pre><code> openssl smime -sign -in message.txt -text -out mail.msg \
+        -signer mycert.pem -signer othercert.pem</code></pre>
+
+<p>Send a signed message under Unix directly to sendmail, including headers:</p>
+
+<pre><code> openssl smime -sign -in in.txt -text -signer mycert.pem \
+        -from steve@openssl.org -to someone@somewhere \
+        -subject &quot;Signed message&quot; | sendmail someone@somewhere</code></pre>
+
+<p>Verify a message and extract the signer&#39;s certificate if successful:</p>
+
+<pre><code> openssl smime -verify -in mail.msg -signer user.pem -out signedtext.txt</code></pre>
+
+<p>Send encrypted mail using triple DES:</p>
+
+<pre><code> openssl smime -encrypt -in in.txt -from steve@openssl.org \
+        -to someone@somewhere -subject &quot;Encrypted message&quot; \
+        -des3 user.pem -out mail.msg</code></pre>
+
+<p>Sign and encrypt mail:</p>
+
+<pre><code> openssl smime -sign -in ml.txt -signer my.pem -text \
+        | openssl smime -encrypt -out mail.msg \
+        -from steve@openssl.org -to someone@somewhere \
+        -subject &quot;Signed and Encrypted message&quot; -des3 user.pem</code></pre>
+
+<p>Note: the encryption command does not include the <b>-text</b> option because the message being encrypted already has MIME headers.</p>
+
+<p>Decrypt mail:</p>
+
+<pre><code> openssl smime -decrypt -in mail.msg -recip mycert.pem -inkey key.pem</code></pre>
+
+<p>The output from Netscape form signing is a PKCS#7 structure with the detached signature format. You can use this program to verify the signature by line wrapping the base64 encoded structure and surrounding it with:</p>
+
+<pre><code> -----BEGIN PKCS7-----
+ -----END PKCS7-----</code></pre>
+
+<p>and using the command:</p>
+
+<pre><code> openssl smime -verify -inform PEM -in signature.pem -content content.txt</code></pre>
+
+<p>Alternatively you can base64 decode the signature and use:</p>
+
+<pre><code> openssl smime -verify -inform DER -in signature.der -content content.txt</code></pre>
+
+<p>Create an encrypted message using 128 bit Camellia:</p>
+
+<pre><code> openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem</code></pre>
+
+<p>Add a signer to an existing message:</p>
+
+<pre><code> openssl smime -resign -in mail.msg -signer newsign.pem -out mail2.msg</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The MIME parser isn&#39;t very clever: it seems to handle most messages that I&#39;ve thrown at it but it may choke on others.</p>
+
+<p>The code currently will only write out the signer&#39;s certificate to a file: if the signer has a separate encryption certificate this must be manually extracted. There should be some heuristic that determines the correct encryption certificate.</p>
+
+<p>Ideally a database should be maintained of a certificates for each email address.</p>
+
+<p>The code doesn&#39;t currently take note of the permitted symmetric encryption algorithms as supplied in the SMIMECapabilities signed attribute. This means the user has to manually include the correct encryption algorithm. It should store the list of permitted ciphers in a database and only use those.</p>
+
+<p>No revocation checking is done on the signer&#39;s certificate.</p>
+
+<p>The current code can only handle S/MIME v2 messages, the more complex S/MIME v3 structures may cause parsing errors.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The use of multiple <b>-signer</b> options and the <b>-resign</b> command were first added in OpenSSL 1.0.0</p>
+
+<p>The -no_alt_chains option was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/speed.html b/msys2/usr/share/doc/openssl/html/man1/speed.html
new file mode 100644
index 000000000..1f4448aca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/speed.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>speed</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-speed, speed - test library performance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl speed</b> [<b>-help</b>] [<b>-engine id</b>] [<b>-elapsed</b>] [<b>-evp algo</b>] [<b>-decrypt</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-primes num</b>] [<b>-seconds num</b>] [<b>-bytes num</b>] [<b>algorithm...</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to test the performance of cryptographic algorithms. To see the list of supported algorithms, use the <i>list --digest-commands</i> or <i>list --cipher-commands</i> command. The global CSPRNG is denoted by the <i>rand</i> algorithm name.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>speed</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="elapsed"><b>-elapsed</b></dt>
+<dd>
+
+<p>When calculating operations- or bytes-per-second, use wall-clock time instead of CPU user time as divisor. It can be useful when testing speed of hardware engines.</p>
+
+</dd>
+<dt id="evp-algo"><b>-evp algo</b></dt>
+<dd>
+
+<p>Use the specified cipher or message digest algorithm via the EVP interface. If <b>algo</b> is an AEAD cipher, then you can pass &lt;-aead&gt; to benchmark a TLS-like sequence. And if <b>algo</b> is a multi-buffer capable cipher, e.g. aes-128-cbc-hmac-sha1, then <b>-mb</b> will time multi-buffer operation.</p>
+
+</dd>
+<dt id="decrypt"><b>-decrypt</b></dt>
+<dd>
+
+<p>Time the decryption instead of encryption. Affects only the EVP testing.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="primes-num"><b>-primes num</b></dt>
+<dd>
+
+<p>Generate a <b>num</b>-prime RSA key and use it to run the benchmarks. This option is only effective if RSA algorithm is specified to test.</p>
+
+</dd>
+<dt id="seconds-num"><b>-seconds num</b></dt>
+<dd>
+
+<p>Run benchmarks for <b>num</b> seconds.</p>
+
+</dd>
+<dt id="bytes-num"><b>-bytes num</b></dt>
+<dd>
+
+<p>Run benchmarks on <b>num</b>-byte buffers. Affects ciphers, digests and the CSPRNG.</p>
+
+</dd>
+<dt id="zero-or-more-test-algorithms"><b>[zero or more test algorithms]</b></dt>
+<dd>
+
+<p>If any options are given, <b>speed</b> tests those algorithms, otherwise a pre-compiled grand selection is tested.</p>
+
+</dd>
+</dl>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/spkac.html b/msys2/usr/share/doc/openssl/html/man1/spkac.html
new file mode 100644
index 000000000..4b8ba7a9d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/spkac.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>spkac</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-spkac, spkac - SPKAC printing and generating utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>spkac</b> [<b>-help</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-key keyfile</b>] [<b>-keyform PEM|DER|ENGINE</b>] [<b>-passin arg</b>] [<b>-challenge string</b>] [<b>-pubkey</b>] [<b>-spkac spkacname</b>] [<b>-spksect section</b>] [<b>-noout</b>] [<b>-verify</b>] [<b>-engine id</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>spkac</b> command processes Netscape signed public key and challenge (SPKAC) files. It can print out their contents, verify the signature and produce its own SPKACs from a supplied private key.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read from or standard input if this option is not specified. Ignored if the <b>-key</b> option is used.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>Specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="key-keyfile"><b>-key keyfile</b></dt>
+<dd>
+
+<p>Create an SPKAC file using the private key in <b>keyfile</b>. The <b>-in</b>, <b>-noout</b>, <b>-spksect</b> and <b>-verify</b> options are ignored if present.</p>
+
+</dd>
+<dt id="keyform-PEM-DER-ENGINE"><b>-keyform PEM|DER|ENGINE</b></dt>
+<dd>
+
+<p>Whether the key format is PEM, DER, or an engine-backed key. The default is PEM.</p>
+
+</dd>
+<dt id="passin-password"><b>-passin password</b></dt>
+<dd>
+
+<p>The input file password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="challenge-string"><b>-challenge string</b></dt>
+<dd>
+
+<p>Specifies the challenge string if an SPKAC is being created.</p>
+
+</dd>
+<dt id="spkac-spkacname"><b>-spkac spkacname</b></dt>
+<dd>
+
+<p>Allows an alternative name form the variable containing the SPKAC. The default is &quot;SPKAC&quot;. This option affects both generated and input SPKAC files.</p>
+
+</dd>
+<dt id="spksect-section"><b>-spksect section</b></dt>
+<dd>
+
+<p>Allows an alternative name form the section containing the SPKAC. The default is the default section.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>Don&#39;t output the text version of the SPKAC (not used if an SPKAC is being created).</p>
+
+</dd>
+<dt id="pubkey"><b>-pubkey</b></dt>
+<dd>
+
+<p>Output the public key of an SPKAC (not used if an SPKAC is being created).</p>
+
+</dd>
+<dt id="verify"><b>-verify</b></dt>
+<dd>
+
+<p>Verifies the digital signature on the supplied SPKAC.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>spkac</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Print out the contents of an SPKAC:</p>
+
+<pre><code> openssl spkac -in spkac.cnf</code></pre>
+
+<p>Verify the signature of an SPKAC:</p>
+
+<pre><code> openssl spkac -in spkac.cnf -noout -verify</code></pre>
+
+<p>Create an SPKAC using the challenge string &quot;hello&quot;:</p>
+
+<pre><code> openssl spkac -key key.pem -challenge hello -out spkac.cnf</code></pre>
+
+<p>Example of an SPKAC, (long lines split up for clarity):</p>
+
+<pre><code> SPKAC=MIG5MGUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA\
+ 1cCoq2Wa3Ixs47uI7FPVwHVIPDx5yso105Y6zpozam135a\
+ 8R0CpoRvkkigIyXfcCjiVi5oWk+6FfPaD03uPFoQIDAQAB\
+ FgVoZWxsbzANBgkqhkiG9w0BAQQFAANBAFpQtY/FojdwkJ\
+ h1bEIYuc2EeM2KHTWPEepWYeawvHD0gQ3DngSC75YCWnnD\
+ dq+NQ3F+X4deMx9AaEglZtULwV4=</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A created SPKAC with suitable DN components appended can be fed into the <b>ca</b> utility.</p>
+
+<p>SPKACs are typically generated by Netscape when a form is submitted containing the <b>KEYGEN</b> tag as part of the certificate enrollment process.</p>
+
+<p>The challenge string permits a primitive form of proof of possession of private key. By checking the SPKAC signature and a random challenge string some guarantee is given that the user knows the private key corresponding to the public key being certified. This is important in some applications. Without this it is possible for a previous SPKAC to be used in a &quot;replay attack&quot;.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/ca.html">ca(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/srp.html b/msys2/usr/share/doc/openssl/html/man1/srp.html
new file mode 100644
index 000000000..6b6b08a92
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/srp.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>srp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-srp, srp - maintain SRP password file</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl srp</b> [<b>-help</b>] [<b>-verbose</b>] [<b>-add</b>] [<b>-modify</b>] [<b>-delete</b>] [<b>-list</b>] [<b>-name section</b>] [<b>-config file</b>] [<b>-srpvfile file</b>] [<b>-gn identifier</b>] [<b>-userinfo text...</b>] [<b>-passin arg</b>] [<b>-passout arg</b>] [<i>user...</i>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>srp</b> command is user to maintain an SRP (secure remote password) file. At most one of the <b>-add</b>, <b>-modify</b>, <b>-delete</b>, and <b>-list</b> options can be specified. These options take zero or more usernames as parameters and perform the appropriate operation on the SRP file. For <b>-list</b>, if no <b>user</b> is given then all users are displayed.</p>
+
+<p>The configuration file to use, and the section within the file, can be specified with the <b>-config</b> and <b>-name</b> flags, respectively. If the config file is not specified, the <b>-srpvfile</b> can be used to just specify the file to operate on.</p>
+
+<p>The <b>-userinfo</b> option specifies additional information to add when adding or modifying a user.</p>
+
+<p>The <b>-gn</b> flag specifies the <b>g</b> and <b>N</b> values, using one of the strengths defined in IETF RFC 5054.</p>
+
+<p>The <b>-passin</b> and <b>-passout</b> arguments are parsed as described in the <a href="../man1/openssl.html">openssl(1)</a> command.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help">[<b>-help</b>]</dt>
+<dd>
+
+<p>Display an option summary.</p>
+
+</dd>
+<dt id="verbose">[<b>-verbose</b>]</dt>
+<dd>
+
+<p>Generate verbose output while processing.</p>
+
+</dd>
+</dl>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/storeutl.html b/msys2/usr/share/doc/openssl/html/man1/storeutl.html
new file mode 100644
index 000000000..e80cb9915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/storeutl.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>storeutl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-storeutl, storeutl - STORE utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>storeutl</b> [<b>-help</b>] [<b>-out file</b>] [<b>-noout</b>] [<b>-passin arg</b>] [<b>-text arg</b>] [<b>-engine id</b>] [<b>-r</b>] [<b>-certs</b>] [<b>-keys</b>] [<b>-crls</b>] [<b>-subject arg</b>] [<b>-issuer arg</b>] [<b>-serial arg</b>] [<b>-alias arg</b>] [<b>-fingerprint arg</b>] [<b>-<i>digest</i></b>] <b>uri</b> ...</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>storeutl</b> command can be used to display the contents (after decryption as the case may be) fetched from the given URIs.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>this option prevents output of the PEM data.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>the key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the objects in text form, similarly to the <b>-text</b> output from <b>openssl x509</b>, <b>openssl pkey</b>, etc.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>specifying an engine (by its unique <b>id</b> string) will cause <b>storeutl</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="r"><b>-r</b></dt>
+<dd>
+
+<p>Fetch objects recursively when possible.</p>
+
+</dd>
+<dt id="certs"><b>-certs</b></dt>
+<dd>
+
+</dd>
+<dt id="keys"><b>-keys</b></dt>
+<dd>
+
+</dd>
+<dt id="crls"><b>-crls</b></dt>
+<dd>
+
+<p>Only select the certificates, keys or CRLs from the given URI. However, if this URI would return a set of names (URIs), those are always returned.</p>
+
+</dd>
+<dt id="subject-arg"><b>-subject arg</b></dt>
+<dd>
+
+<p>Search for an object having the subject name <b>arg</b>. The arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>. Keyword characters may be escaped by \ (backslash), and whitespace is retained. Empty values are permitted but are ignored for the search. That is, a search with an empty value will have the same effect as not specifying the type at all.</p>
+
+</dd>
+<dt id="issuer-arg"><b>-issuer arg</b></dt>
+<dd>
+
+</dd>
+<dt id="serial-arg"><b>-serial arg</b></dt>
+<dd>
+
+<p>Search for an object having the given issuer name and serial number. These two options <i>must</i> be used together. The issuer arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>, characters may be escaped by \ (backslash), no spaces are skipped. The serial arg may be specified as a decimal value or a hex value if preceded by <b>0x</b>.</p>
+
+</dd>
+<dt id="alias-arg"><b>-alias arg</b></dt>
+<dd>
+
+<p>Search for an object having the given alias.</p>
+
+</dd>
+<dt id="fingerprint-arg"><b>-fingerprint arg</b></dt>
+<dd>
+
+<p>Search for an object having the given fingerprint.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>The digest that was used to compute the fingerprint given with <b>-fingerprint</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>openssl</b> <b>storeutl</b> app was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/ts.html b/msys2/usr/share/doc/openssl/html/man1/ts.html
new file mode 100644
index 000000000..8692ef9d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/ts.html
@@ -0,0 +1,555 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ts</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#Time-Stamp-Request-generation">Time Stamp Request generation</a></li>
+      <li><a href="#Time-Stamp-Response-generation">Time Stamp Response generation</a></li>
+      <li><a href="#Time-Stamp-Response-verification">Time Stamp Response verification</a></li>
+    </ul>
+  </li>
+  <li><a href="#CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a>
+    <ul>
+      <li><a href="#Time-Stamp-Request">Time Stamp Request</a></li>
+      <li><a href="#Time-Stamp-Response">Time Stamp Response</a></li>
+      <li><a href="#Time-Stamp-Verification">Time Stamp Verification</a></li>
+    </ul>
+  </li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-ts, ts - Time Stamping Authority tool (client/server)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>ts</b> <b>-query</b> [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-config</b> configfile] [<b>-data</b> file_to_hash] [<b>-digest</b> digest_bytes] [<b>-<i>digest</i></b>] [<b>-tspolicy</b> object_id] [<b>-no_nonce</b>] [<b>-cert</b>] [<b>-in</b> request.tsq] [<b>-out</b> request.tsq] [<b>-text</b>]</p>
+
+<p><b>openssl</b> <b>ts</b> <b>-reply</b> [<b>-config</b> configfile] [<b>-section</b> tsa_section] [<b>-queryfile</b> request.tsq] [<b>-passin</b> password_src] [<b>-signer</b> tsa_cert.pem] [<b>-inkey</b> file_or_id] [<b>-<i>digest</i></b>] [<b>-chain</b> certs_file.pem] [<b>-tspolicy</b> object_id] [<b>-in</b> response.tsr] [<b>-token_in</b>] [<b>-out</b> response.tsr] [<b>-token_out</b>] [<b>-text</b>] [<b>-engine</b> id]</p>
+
+<p><b>openssl</b> <b>ts</b> <b>-verify</b> [<b>-data</b> file_to_hash] [<b>-digest</b> digest_bytes] [<b>-queryfile</b> request.tsq] [<b>-in</b> response.tsr] [<b>-token_in</b>] [<b>-CApath</b> trusted_cert_path] [<b>-CAfile</b> trusted_certs.pem] [<b>-untrusted</b> cert_file.pem] [<i>verify options</i>]</p>
+
+<p><i>verify options:</i> [-attime timestamp] [-check_ss_sig] [-crl_check] [-crl_check_all] [-explicit_policy] [-extended_crl] [-ignore_critical] [-inhibit_any] [-inhibit_map] [-issuer_checks] [-no_alt_chains] [-no_check_time] [-partial_chain] [-policy arg] [-policy_check] [-policy_print] [-purpose purpose] [-suiteB_128] [-suiteB_128_only] [-suiteB_192] [-trusted_first] [-use_deltas] [-auth_level num] [-verify_depth num] [-verify_email email] [-verify_hostname hostname] [-verify_ip ip] [-verify_name name] [-x509_strict]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>ts</b> command is a basic Time Stamping Authority (TSA) client and server application as specified in RFC 3161 (Time-Stamp Protocol, TSP). A TSA can be part of a PKI deployment and its role is to provide long term proof of the existence of a certain datum before a particular time. Here is a brief description of the protocol:</p>
+
+<ol>
+
+<li><p>The TSA client computes a one-way hash value for a data file and sends the hash to the TSA.</p>
+
+</li>
+<li><p>The TSA attaches the current date and time to the received hash value, signs them and sends the time stamp token back to the client. By creating this token the TSA certifies the existence of the original data file at the time of response generation.</p>
+
+</li>
+<li><p>The TSA client receives the time stamp token and verifies the signature on it. It also checks if the token contains the same hash value that it had sent to the TSA.</p>
+
+</li>
+</ol>
+
+<p>There is one DER encoded protocol data unit defined for transporting a time stamp request to the TSA and one for sending the time stamp response back to the client. The <b>ts</b> command has three main functions: creating a time stamp request based on a data file, creating a time stamp response based on a request, verifying if a response corresponds to a particular request or a data file.</p>
+
+<p>There is no support for sending the requests/responses automatically over HTTP or TCP yet as suggested in RFC 3161. The users must send the requests either by ftp or e-mail.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<h2 id="Time-Stamp-Request-generation">Time Stamp Request generation</h2>
+
+<p>The <b>-query</b> switch can be used for creating and printing a time stamp request with the following options:</p>
+
+<dl>
+
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="config-configfile"><b>-config</b> configfile</dt>
+<dd>
+
+<p>The configuration file to use. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>.</p>
+
+</dd>
+<dt id="data-file_to_hash"><b>-data</b> file_to_hash</dt>
+<dd>
+
+<p>The data file for which the time stamp request needs to be created. stdin is the default if neither the <b>-data</b> nor the <b>-digest</b> parameter is specified. (Optional)</p>
+
+</dd>
+<dt id="digest-digest_bytes"><b>-digest</b> digest_bytes</dt>
+<dd>
+
+<p>It is possible to specify the message imprint explicitly without the data file. The imprint must be specified in a hexadecimal format, two characters per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or 1AF601...). The number of bytes must match the message digest algorithm in use. (Optional)</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>The message digest to apply to the data file. Any digest supported by the OpenSSL <b>dgst</b> command can be used. The default is SHA-1. (Optional)</p>
+
+</dd>
+<dt id="tspolicy-object_id"><b>-tspolicy</b> object_id</dt>
+<dd>
+
+<p>The policy that the client expects the TSA to use for creating the time stamp token. Either the dotted OID notation or OID names defined in the config file can be used. If no policy is requested the TSA will use its own default policy. (Optional)</p>
+
+</dd>
+<dt id="no_nonce"><b>-no_nonce</b></dt>
+<dd>
+
+<p>No nonce is specified in the request if this option is given. Otherwise a 64 bit long pseudo-random none is included in the request. It is recommended to use nonce to protect against replay-attacks. (Optional)</p>
+
+</dd>
+<dt id="cert"><b>-cert</b></dt>
+<dd>
+
+<p>The TSA is expected to include its signing certificate in the response. (Optional)</p>
+
+</dd>
+<dt id="in-request.tsq"><b>-in</b> request.tsq</dt>
+<dd>
+
+<p>This option specifies a previously created time stamp request in DER format that will be printed into the output file. Useful when you need to examine the content of a request in human-readable format. (Optional)</p>
+
+</dd>
+<dt id="out-request.tsq"><b>-out</b> request.tsq</dt>
+<dd>
+
+<p>Name of the output file to which the request will be written. Default is stdout. (Optional)</p>
+
+</dd>
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>If this option is specified the output is human-readable text format instead of DER. (Optional)</p>
+
+</dd>
+</dl>
+
+<h2 id="Time-Stamp-Response-generation">Time Stamp Response generation</h2>
+
+<p>A time stamp response (TimeStampResp) consists of a response status and the time stamp token itself (ContentInfo), if the token generation was successful. The <b>-reply</b> command is for creating a time stamp response or time stamp token based on a request and printing the response/token in human-readable format. If <b>-token_out</b> is not specified the output is always a time stamp response (TimeStampResp), otherwise it is a time stamp token (ContentInfo).</p>
+
+<dl>
+
+<dt id="config-configfile1"><b>-config</b> configfile</dt>
+<dd>
+
+<p>The configuration file to use. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>. See <b>CONFIGURATION FILE OPTIONS</b> for configurable variables.</p>
+
+</dd>
+<dt id="section-tsa_section"><b>-section</b> tsa_section</dt>
+<dd>
+
+<p>The name of the config file section containing the settings for the response generation. If not specified the default TSA section is used, see <b>CONFIGURATION FILE OPTIONS</b> for details. (Optional)</p>
+
+</dd>
+<dt id="queryfile-request.tsq"><b>-queryfile</b> request.tsq</dt>
+<dd>
+
+<p>The name of the file containing a DER encoded time stamp request. (Optional)</p>
+
+</dd>
+<dt id="passin-password_src"><b>-passin</b> password_src</dt>
+<dd>
+
+<p>Specifies the password source for the private key of the TSA. See <b>PASS PHRASE ARGUMENTS</b> in <a href="../man1/openssl.html">openssl(1)</a>. (Optional)</p>
+
+</dd>
+<dt id="signer-tsa_cert.pem"><b>-signer</b> tsa_cert.pem</dt>
+<dd>
+
+<p>The signer certificate of the TSA in PEM format. The TSA signing certificate must have exactly one extended key usage assigned to it: timeStamping. The extended key usage must also be critical, otherwise the certificate is going to be refused. Overrides the <b>signer_cert</b> variable of the config file. (Optional)</p>
+
+</dd>
+<dt id="inkey-file_or_id"><b>-inkey</b> file_or_id</dt>
+<dd>
+
+<p>The signer private key of the TSA in PEM format. Overrides the <b>signer_key</b> config file option. (Optional) If no engine is used, the argument is taken as a file; if an engine is specified, the argument is given to the engine as a key identifier.</p>
+
+</dd>
+<dt id="digest1"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>Signing digest to use. Overrides the <b>signer_digest</b> config file option. (Optional)</p>
+
+</dd>
+<dt id="chain-certs_file.pem"><b>-chain</b> certs_file.pem</dt>
+<dd>
+
+<p>The collection of certificates in PEM format that will all be included in the response in addition to the signer certificate if the <b>-cert</b> option was used for the request. This file is supposed to contain the certificate chain for the signer certificate from its issuer upwards. The <b>-reply</b> command does not build a certificate chain automatically. (Optional)</p>
+
+</dd>
+<dt id="tspolicy-object_id1"><b>-tspolicy</b> object_id</dt>
+<dd>
+
+<p>The default policy to use for the response unless the client explicitly requires a particular TSA policy. The OID can be specified either in dotted notation or with its name. Overrides the <b>default_policy</b> config file option. (Optional)</p>
+
+</dd>
+<dt id="in-response.tsr"><b>-in</b> response.tsr</dt>
+<dd>
+
+<p>Specifies a previously created time stamp response or time stamp token (if <b>-token_in</b> is also specified) in DER format that will be written to the output file. This option does not require a request, it is useful e.g. when you need to examine the content of a response or token or you want to extract the time stamp token from a response. If the input is a token and the output is a time stamp response a default &#39;granted&#39; status info is added to the token. (Optional)</p>
+
+</dd>
+<dt id="token_in"><b>-token_in</b></dt>
+<dd>
+
+<p>This flag can be used together with the <b>-in</b> option and indicates that the input is a DER encoded time stamp token (ContentInfo) instead of a time stamp response (TimeStampResp). (Optional)</p>
+
+</dd>
+<dt id="out-response.tsr"><b>-out</b> response.tsr</dt>
+<dd>
+
+<p>The response is written to this file. The format and content of the file depends on other options (see <b>-text</b>, <b>-token_out</b>). The default is stdout. (Optional)</p>
+
+</dd>
+<dt id="token_out"><b>-token_out</b></dt>
+<dd>
+
+<p>The output is a time stamp token (ContentInfo) instead of time stamp response (TimeStampResp). (Optional)</p>
+
+</dd>
+<dt id="text1"><b>-text</b></dt>
+<dd>
+
+<p>If this option is specified the output is human-readable text format instead of DER. (Optional)</p>
+
+</dd>
+<dt id="engine-id"><b>-engine</b> id</dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ts</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. Default is builtin. (Optional)</p>
+
+</dd>
+</dl>
+
+<h2 id="Time-Stamp-Response-verification">Time Stamp Response verification</h2>
+
+<p>The <b>-verify</b> command is for verifying if a time stamp response or time stamp token is valid and matches a particular time stamp request or data file. The <b>-verify</b> command does not use the configuration file.</p>
+
+<dl>
+
+<dt id="data-file_to_hash1"><b>-data</b> file_to_hash</dt>
+<dd>
+
+<p>The response or token must be verified against file_to_hash. The file is hashed with the message digest algorithm specified in the token. The <b>-digest</b> and <b>-queryfile</b> options must not be specified with this one. (Optional)</p>
+
+</dd>
+<dt id="digest-digest_bytes1"><b>-digest</b> digest_bytes</dt>
+<dd>
+
+<p>The response or token must be verified against the message digest specified with this option. The number of bytes must match the message digest algorithm specified in the token. The <b>-data</b> and <b>-queryfile</b> options must not be specified with this one. (Optional)</p>
+
+</dd>
+<dt id="queryfile-request.tsq1"><b>-queryfile</b> request.tsq</dt>
+<dd>
+
+<p>The original time stamp request in DER format. The <b>-data</b> and <b>-digest</b> options must not be specified with this one. (Optional)</p>
+
+</dd>
+<dt id="in-response.tsr1"><b>-in</b> response.tsr</dt>
+<dd>
+
+<p>The time stamp response that needs to be verified in DER format. (Mandatory)</p>
+
+</dd>
+<dt id="token_in1"><b>-token_in</b></dt>
+<dd>
+
+<p>This flag can be used together with the <b>-in</b> option and indicates that the input is a DER encoded time stamp token (ContentInfo) instead of a time stamp response (TimeStampResp). (Optional)</p>
+
+</dd>
+<dt id="CApath-trusted_cert_path"><b>-CApath</b> trusted_cert_path</dt>
+<dd>
+
+<p>The name of the directory containing the trusted CA certificates of the client. See the similar option of <a href="../man1/verify.html">verify(1)</a> for additional details. Either this option or <b>-CAfile</b> must be specified. (Optional)</p>
+
+</dd>
+<dt id="CAfile-trusted_certs.pem"><b>-CAfile</b> trusted_certs.pem</dt>
+<dd>
+
+<p>The name of the file containing a set of trusted self-signed CA certificates in PEM format. See the similar option of <a href="../man1/verify.html">verify(1)</a> for additional details. Either this option or <b>-CApath</b> must be specified. (Optional)</p>
+
+</dd>
+<dt id="untrusted-cert_file.pem"><b>-untrusted</b> cert_file.pem</dt>
+<dd>
+
+<p>Set of additional untrusted certificates in PEM format which may be needed when building the certificate chain for the TSA&#39;s signing certificate. This file must contain the TSA signing certificate and all intermediate CA certificates unless the response includes them. (Optional)</p>
+
+</dd>
+<dt id="verify-options"><i>verify options</i></dt>
+<dd>
+
+<p>The options <b>-attime timestamp</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-issuer_checks</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, and <b>-x509_strict</b> can be used to control timestamp verification. See <a href="../man1/verify.html">verify(1)</a>.</p>
+
+</dd>
+</dl>
+
+<h1 id="CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</h1>
+
+<p>The <b>-query</b> and <b>-reply</b> commands make use of a configuration file. See <a href="../man5/config.html">config(5)</a> for a general description of the syntax of the config file. The <b>-query</b> command uses only the symbolic OID names section and it can work without it. However, the <b>-reply</b> command needs the config file for its operation.</p>
+
+<p>When there is a command line switch equivalent of a variable the switch always overrides the settings in the config file.</p>
+
+<dl>
+
+<dt id="tsa-section-default_tsa"><b>tsa</b> section, <b>default_tsa</b></dt>
+<dd>
+
+<p>This is the main section and it specifies the name of another section that contains all the options for the <b>-reply</b> command. This default section can be overridden with the <b>-section</b> command line switch. (Optional)</p>
+
+</dd>
+<dt id="oid_file"><b>oid_file</b></dt>
+<dd>
+
+<p>See <a href="../man1/ca.html">ca(1)</a> for description. (Optional)</p>
+
+</dd>
+<dt id="oid_section"><b>oid_section</b></dt>
+<dd>
+
+<p>See <a href="../man1/ca.html">ca(1)</a> for description. (Optional)</p>
+
+</dd>
+<dt id="RANDFILE"><b>RANDFILE</b></dt>
+<dd>
+
+<p>See <a href="../man1/ca.html">ca(1)</a> for description. (Optional)</p>
+
+</dd>
+<dt id="serial"><b>serial</b></dt>
+<dd>
+
+<p>The name of the file containing the hexadecimal serial number of the last time stamp response created. This number is incremented by 1 for each response. If the file does not exist at the time of response generation a new file is created with serial number 1. (Mandatory)</p>
+
+</dd>
+<dt id="crypto_device"><b>crypto_device</b></dt>
+<dd>
+
+<p>Specifies the OpenSSL engine that will be set as the default for all available algorithms. The default value is builtin, you can specify any other engines supported by OpenSSL (e.g. use chil for the NCipher HSM). (Optional)</p>
+
+</dd>
+<dt id="signer_cert"><b>signer_cert</b></dt>
+<dd>
+
+<p>TSA signing certificate in PEM format. The same as the <b>-signer</b> command line option. (Optional)</p>
+
+</dd>
+<dt id="certs"><b>certs</b></dt>
+<dd>
+
+<p>A file containing a set of PEM encoded certificates that need to be included in the response. The same as the <b>-chain</b> command line option. (Optional)</p>
+
+</dd>
+<dt id="signer_key"><b>signer_key</b></dt>
+<dd>
+
+<p>The private key of the TSA in PEM format. The same as the <b>-inkey</b> command line option. (Optional)</p>
+
+</dd>
+<dt id="signer_digest"><b>signer_digest</b></dt>
+<dd>
+
+<p>Signing digest to use. The same as the <b>-<i>digest</i></b> command line option. (Optional)</p>
+
+</dd>
+<dt id="default_policy"><b>default_policy</b></dt>
+<dd>
+
+<p>The default policy to use when the request does not mandate any policy. The same as the <b>-tspolicy</b> command line option. (Optional)</p>
+
+</dd>
+<dt id="other_policies"><b>other_policies</b></dt>
+<dd>
+
+<p>Comma separated list of policies that are also acceptable by the TSA and used only if the request explicitly specifies one of them. (Optional)</p>
+
+</dd>
+<dt id="digests"><b>digests</b></dt>
+<dd>
+
+<p>The list of message digest algorithms that the TSA accepts. At least one algorithm must be specified. (Mandatory)</p>
+
+</dd>
+<dt id="accuracy"><b>accuracy</b></dt>
+<dd>
+
+<p>The accuracy of the time source of the TSA in seconds, milliseconds and microseconds. E.g. secs:1, millisecs:500, microsecs:100. If any of the components is missing zero is assumed for that field. (Optional)</p>
+
+</dd>
+<dt id="clock_precision_digits"><b>clock_precision_digits</b></dt>
+<dd>
+
+<p>Specifies the maximum number of digits, which represent the fraction of seconds, that need to be included in the time field. The trailing zeroes must be removed from the time, so there might actually be fewer digits, or no fraction of seconds at all. Supported only on UNIX platforms. The maximum value is 6, default is 0. (Optional)</p>
+
+</dd>
+<dt id="ordering"><b>ordering</b></dt>
+<dd>
+
+<p>If this option is yes the responses generated by this TSA can always be ordered, even if the time difference between two responses is less than the sum of their accuracies. Default is no. (Optional)</p>
+
+</dd>
+<dt id="tsa_name"><b>tsa_name</b></dt>
+<dd>
+
+<p>Set this option to yes if the subject name of the TSA must be included in the TSA name field of the response. Default is no. (Optional)</p>
+
+</dd>
+<dt id="ess_cert_id_chain"><b>ess_cert_id_chain</b></dt>
+<dd>
+
+<p>The SignedData objects created by the TSA always contain the certificate identifier of the signing certificate in a signed attribute (see RFC 2634, Enhanced Security Services). If this option is set to yes and either the <b>certs</b> variable or the <b>-chain</b> option is specified then the certificate identifiers of the chain will also be included in the SigningCertificate signed attribute. If this variable is set to no, only the signing certificate identifier is included. Default is no. (Optional)</p>
+
+</dd>
+<dt id="ess_cert_id_alg"><b>ess_cert_id_alg</b></dt>
+<dd>
+
+<p>This option specifies the hash function to be used to calculate the TSA&#39;s public key certificate identifier. Default is sha1. (Optional)</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>All the examples below presume that <b>OPENSSL_CONF</b> is set to a proper configuration file, e.g. the example configuration file openssl/apps/openssl.cnf will do.</p>
+
+<h2 id="Time-Stamp-Request">Time Stamp Request</h2>
+
+<p>To create a time stamp request for design1.txt with SHA-1 without nonce and policy and no certificate is required in the response:</p>
+
+<pre><code>  openssl ts -query -data design1.txt -no_nonce \
+        -out design1.tsq</code></pre>
+
+<p>To create a similar time stamp request with specifying the message imprint explicitly:</p>
+
+<pre><code>  openssl ts -query -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+         -no_nonce -out design1.tsq</code></pre>
+
+<p>To print the content of the previous request in human readable format:</p>
+
+<pre><code>  openssl ts -query -in design1.tsq -text</code></pre>
+
+<p>To create a time stamp request which includes the MD-5 digest of design2.txt, requests the signer certificate and nonce, specifies a policy id (assuming the tsa_policy1 name is defined in the OID section of the config file):</p>
+
+<pre><code>  openssl ts -query -data design2.txt -md5 \
+        -tspolicy tsa_policy1 -cert -out design2.tsq</code></pre>
+
+<h2 id="Time-Stamp-Response">Time Stamp Response</h2>
+
+<p>Before generating a response a signing certificate must be created for the TSA that contains the <b>timeStamping</b> critical extended key usage extension without any other key usage extensions. You can add this line to the user certificate section of the config file to generate a proper certificate;</p>
+
+<pre><code>   extendedKeyUsage = critical,timeStamping</code></pre>
+
+<p>See <a href="../man1/req.html">req(1)</a>, <a href="../man1/ca.html">ca(1)</a>, and <a href="../man1/x509.html">x509(1)</a> for instructions. The examples below assume that cacert.pem contains the certificate of the CA, tsacert.pem is the signing certificate issued by cacert.pem and tsakey.pem is the private key of the TSA.</p>
+
+<p>To create a time stamp response for a request:</p>
+
+<pre><code>  openssl ts -reply -queryfile design1.tsq -inkey tsakey.pem \
+        -signer tsacert.pem -out design1.tsr</code></pre>
+
+<p>If you want to use the settings in the config file you could just write:</p>
+
+<pre><code>  openssl ts -reply -queryfile design1.tsq -out design1.tsr</code></pre>
+
+<p>To print a time stamp reply to stdout in human readable format:</p>
+
+<pre><code>  openssl ts -reply -in design1.tsr -text</code></pre>
+
+<p>To create a time stamp token instead of time stamp response:</p>
+
+<pre><code>  openssl ts -reply -queryfile design1.tsq -out design1_token.der -token_out</code></pre>
+
+<p>To print a time stamp token to stdout in human readable format:</p>
+
+<pre><code>  openssl ts -reply -in design1_token.der -token_in -text -token_out</code></pre>
+
+<p>To extract the time stamp token from a response:</p>
+
+<pre><code>  openssl ts -reply -in design1.tsr -out design1_token.der -token_out</code></pre>
+
+<p>To add &#39;granted&#39; status info to a time stamp token thereby creating a valid response:</p>
+
+<pre><code>  openssl ts -reply -in design1_token.der -token_in -out design1.tsr</code></pre>
+
+<h2 id="Time-Stamp-Verification">Time Stamp Verification</h2>
+
+<p>To verify a time stamp reply against a request:</p>
+
+<pre><code>  openssl ts -verify -queryfile design1.tsq -in design1.tsr \
+        -CAfile cacert.pem -untrusted tsacert.pem</code></pre>
+
+<p>To verify a time stamp reply that includes the certificate chain:</p>
+
+<pre><code>  openssl ts -verify -queryfile design2.tsq -in design2.tsr \
+        -CAfile cacert.pem</code></pre>
+
+<p>To verify a time stamp token against the original data file: openssl ts -verify -data design2.txt -in design2.tsr \ -CAfile cacert.pem</p>
+
+<p>To verify a time stamp token against a message imprint: openssl ts -verify -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \ -in design2.tsr -CAfile cacert.pem</p>
+
+<p>You could also look at the &#39;test&#39; directory for more examples.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<ul>
+
+<li><p>No support for time stamps over SMTP, though it is quite easy to implement an automatic e-mail based TSA with <a href="../man1/procmail.html">procmail(1)</a> and <a href="../man1/perl.html">perl(1)</a>. HTTP server support is provided in the form of a separate apache module. HTTP client support is provided by <a href="../man1/tsget.html">tsget(1)</a>. Pure TCP/IP protocol is not supported.</p>
+
+</li>
+<li><p>The file containing the last serial number of the TSA is not locked when being read or written. This is a problem if more than one instance of <a href="../man1/openssl.html">openssl(1)</a> is trying to create a time stamp response at the same time. This is not an issue when using the apache server module, it does proper locking.</p>
+
+</li>
+<li><p>Look for the FIXME word in the source files.</p>
+
+</li>
+<li><p>The source code should really be reviewed by somebody else, too.</p>
+
+</li>
+<li><p>More testing is needed, I have done only some basic tests (see test/testtsa).</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/tsget.html">tsget(1)</a>, <a href="../man1/openssl.html">openssl(1)</a>, <a href="../man1/req.html">req(1)</a>, <a href="../man1/x509.html">x509(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/tsget.html b/msys2/usr/share/doc/openssl/html/man1/tsget.html
new file mode 100644
index 000000000..10aa41e35
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/tsget.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>tsget</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#ENVIRONMENT-VARIABLES">ENVIRONMENT VARIABLES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-tsget, tsget - Time Stamping HTTP/HTTPS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>tsget</b> <b>-h</b> server_url [<b>-e</b> extension] [<b>-o</b> output] [<b>-v</b>] [<b>-d</b>] [<b>-k</b> private_key.pem] [<b>-p</b> key_password] [<b>-c</b> client_cert.pem] [<b>-C</b> CA_certs.pem] [<b>-P</b> CA_path] [<b>-r</b> file:file...] [<b>-g</b> EGD_socket] [request]...</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>tsget</b> command can be used for sending a time stamp request, as specified in <b>RFC 3161</b>, to a time stamp server over HTTP or HTTPS and storing the time stamp response in a file. This tool cannot be used for creating the requests and verifying responses, you can use the OpenSSL <b>ts(1)</b> command to do that. <b>tsget</b> can send several requests to the server without closing the TCP connection if more than one requests are specified on the command line.</p>
+
+<p>The tool sends the following HTTP request for each time stamp request:</p>
+
+<pre><code>        POST url HTTP/1.1
+        User-Agent: OpenTSA tsget.pl/&lt;version&gt;
+        Host: &lt;host&gt;:&lt;port&gt;
+        Pragma: no-cache
+        Content-Type: application/timestamp-query
+        Accept: application/timestamp-reply
+        Content-Length: length of body
+
+        ...binary request specified by the user...</code></pre>
+
+<p><b>tsget</b> expects a response of type application/timestamp-reply, which is written to a file without any interpretation.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="h-server_url"><b>-h</b> server_url</dt>
+<dd>
+
+<p>The URL of the HTTP/HTTPS server listening for time stamp requests.</p>
+
+</dd>
+<dt id="e-extension"><b>-e</b> extension</dt>
+<dd>
+
+<p>If the <b>-o</b> option is not given this argument specifies the extension of the output files. The base name of the output file will be the same as those of the input files. Default extension is &#39;.tsr&#39;. (Optional)</p>
+
+</dd>
+<dt id="o-output"><b>-o</b> output</dt>
+<dd>
+
+<p>This option can be specified only when just one request is sent to the server. The time stamp response will be written to the given output file. &#39;-&#39; means standard output. In case of multiple time stamp requests or the absence of this argument the names of the output files will be derived from the names of the input files and the default or specified extension argument. (Optional)</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>The name of the currently processed request is printed on standard error. (Optional)</p>
+
+</dd>
+<dt id="d"><b>-d</b></dt>
+<dd>
+
+<p>Switches on verbose mode for the underlying <b>curl</b> library. You can see detailed debug messages for the connection. (Optional)</p>
+
+</dd>
+<dt id="k-private_key.pem"><b>-k</b> private_key.pem</dt>
+<dd>
+
+<p>(HTTPS) In case of certificate-based client authentication over HTTPS &lt;private_key.pem&gt; must contain the private key of the user. The private key file can optionally be protected by a passphrase. The <b>-c</b> option must also be specified. (Optional)</p>
+
+</dd>
+<dt id="p-key_password"><b>-p</b> key_password</dt>
+<dd>
+
+<p>(HTTPS) Specifies the passphrase for the private key specified by the <b>-k</b> argument. If this option is omitted and the key is passphrase protected <b>tsget</b> will ask for it. (Optional)</p>
+
+</dd>
+<dt id="c-client_cert.pem"><b>-c</b> client_cert.pem</dt>
+<dd>
+
+<p>(HTTPS) In case of certificate-based client authentication over HTTPS &lt;client_cert.pem&gt; must contain the X.509 certificate of the user. The <b>-k</b> option must also be specified. If this option is not specified no certificate-based client authentication will take place. (Optional)</p>
+
+</dd>
+<dt id="C-CA_certs.pem"><b>-C</b> CA_certs.pem</dt>
+<dd>
+
+<p>(HTTPS) The trusted CA certificate store. The certificate chain of the peer&#39;s certificate must include one of the CA certificates specified in this file. Either option <b>-C</b> or option <b>-P</b> must be given in case of HTTPS. (Optional)</p>
+
+</dd>
+<dt id="P-CA_path"><b>-P</b> CA_path</dt>
+<dd>
+
+<p>(HTTPS) The path containing the trusted CA certificates to verify the peer&#39;s certificate. The directory must be prepared with the <b>c_rehash</b> OpenSSL utility. Either option <b>-C</b> or option <b>-P</b> must be given in case of HTTPS. (Optional)</p>
+
+</dd>
+<dt id="rand-file:file"><b>-rand</b> file:file...</dt>
+<dd>
+
+<p>The files containing random data for seeding the random number generator. Multiple files can be specified, the separator is <b>;</b> for MS-Windows, <b>,</b> for VMS and <b>:</b> for all other platforms. (Optional)</p>
+
+</dd>
+<dt id="g-EGD_socket"><b>-g</b> EGD_socket</dt>
+<dd>
+
+<p>The name of an EGD socket to get random data from. (Optional)</p>
+
+</dd>
+<dt id="request">[request]...</dt>
+<dd>
+
+<p>List of files containing <b>RFC 3161</b> DER-encoded time stamp requests. If no requests are specified only one request will be sent to the server and it will be read from the standard input. (Optional)</p>
+
+</dd>
+</dl>
+
+<h1 id="ENVIRONMENT-VARIABLES">ENVIRONMENT VARIABLES</h1>
+
+<p>The <b>TSGET</b> environment variable can optionally contain default arguments. The content of this variable is added to the list of command line arguments.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The examples below presume that <b>file1.tsq</b> and <b>file2.tsq</b> contain valid time stamp requests, tsa.opentsa.org listens at port 8080 for HTTP requests and at port 8443 for HTTPS requests, the TSA service is available at the /tsa absolute path.</p>
+
+<p>Get a time stamp response for file1.tsq over HTTP, output is written to file1.tsr:</p>
+
+<pre><code>  tsget -h http://tsa.opentsa.org:8080/tsa file1.tsq</code></pre>
+
+<p>Get a time stamp response for file1.tsq and file2.tsq over HTTP showing progress, output is written to file1.reply and file2.reply respectively:</p>
+
+<pre><code>  tsget -h http://tsa.opentsa.org:8080/tsa -v -e .reply \
+        file1.tsq file2.tsq</code></pre>
+
+<p>Create a time stamp request, write it to file3.tsq, send it to the server and write the response to file3.tsr:</p>
+
+<pre><code>  openssl ts -query -data file3.txt -cert | tee file3.tsq \
+        | tsget -h http://tsa.opentsa.org:8080/tsa \
+        -o file3.tsr</code></pre>
+
+<p>Get a time stamp response for file1.tsq over HTTPS without client authentication:</p>
+
+<pre><code>  tsget -h https://tsa.opentsa.org:8443/tsa \
+        -C cacerts.pem file1.tsq</code></pre>
+
+<p>Get a time stamp response for file1.tsq over HTTPS with certificate-based client authentication (it will ask for the passphrase if client_key.pem is protected):</p>
+
+<pre><code>  tsget -h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+        -k client_key.pem -c client_cert.pem file1.tsq</code></pre>
+
+<p>You can shorten the previous command line if you make use of the <b>TSGET</b> environment variable. The following commands do the same as the previous example:</p>
+
+<pre><code>  TSGET=&#39;-h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+        -k client_key.pem -c client_cert.pem&#39;
+  export TSGET
+  tsget file1.tsq</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man1/ts.html">ts(1)</a>, <a href="../man1/curl.html">curl(1)</a>, <b>RFC 3161</b></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/verify.html b/msys2/usr/share/doc/openssl/html/man1/verify.html
new file mode 100644
index 000000000..7dd412551
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/verify.html
@@ -0,0 +1,825 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#VERIFY-OPERATION">VERIFY OPERATION</a></li>
+  <li><a href="#DIAGNOSTICS">DIAGNOSTICS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-verify, verify - Utility to verify certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>verify</b> [<b>-help</b>] [<b>-CAfile file</b>] [<b>-CApath directory</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-allow_proxy_certs</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-CRLfile file</b>] [<b>-crl_download</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-engine id</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-nameopt option</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-untrusted file</b>] [<b>-trusted file</b>] [<b>-use_deltas</b>] [<b>-verbose</b>] [<b>-auth_level level</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-show_chain</b>] [<b>-</b>] [certificates]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>verify</b> command verifies certificate chains.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="CAfile-file"><b>-CAfile file</b></dt>
+<dd>
+
+<p>A <b>file</b> of trusted certificates. The file should contain one or more certificates in PEM format.</p>
+
+</dd>
+<dt id="CApath-directory"><b>-CApath directory</b></dt>
+<dd>
+
+<p>A directory of trusted certificates. The certificates should have names of the form: hash.0 or have symbolic links to them of this form (&quot;hash&quot; is the hashed certificate subject name: see the <b>-hash</b> option of the <b>x509</b> utility). Under Unix the <b>c_rehash</b> script will automatically create symbolic links to a directory of certificates.</p>
+
+</dd>
+<dt id="no-CAfile"><b>-no-CAfile</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default file location.</p>
+
+</dd>
+<dt id="no-CApath"><b>-no-CApath</b></dt>
+<dd>
+
+<p>Do not load the trusted CA certificates from the default directory location.</p>
+
+</dd>
+<dt id="allow_proxy_certs"><b>-allow_proxy_certs</b></dt>
+<dd>
+
+<p>Allow the verification of proxy certificates.</p>
+
+</dd>
+<dt id="attime-timestamp"><b>-attime timestamp</b></dt>
+<dd>
+
+<p>Perform validation checks using time specified by <b>timestamp</b> and not current system time. <b>timestamp</b> is the number of seconds since 01.01.1970 (UNIX time).</p>
+
+</dd>
+<dt id="check_ss_sig"><b>-check_ss_sig</b></dt>
+<dd>
+
+<p>Verify the signature on the self-signed root CA. This is disabled by default because it doesn&#39;t add any security.</p>
+
+</dd>
+<dt id="CRLfile-file"><b>-CRLfile file</b></dt>
+<dd>
+
+<p>The <b>file</b> should contain one or more CRLs in PEM format. This option can be specified more than once to include CRLs from multiple <b>files</b>.</p>
+
+</dd>
+<dt id="crl_download"><b>-crl_download</b></dt>
+<dd>
+
+<p>Attempt to download CRL information for this certificate.</p>
+
+</dd>
+<dt id="crl_check"><b>-crl_check</b></dt>
+<dd>
+
+<p>Checks end entity certificate validity by attempting to look up a valid CRL. If a valid CRL cannot be found an error occurs.</p>
+
+</dd>
+<dt id="crl_check_all"><b>-crl_check_all</b></dt>
+<dd>
+
+<p>Checks the validity of <b>all</b> certificates in the chain by attempting to look up valid CRLs.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine <b>id</b> will cause <a href="../man1/verify.html">verify(1)</a> to attempt to load the specified engine. The engine will then be set as the default for all its supported algorithms. If you want to load certificates or CRLs that require engine support via any of the <b>-trusted</b>, <b>-untrusted</b> or <b>-CRLfile</b> options, the <b>-engine</b> option must be specified before those options.</p>
+
+</dd>
+<dt id="explicit_policy"><b>-explicit_policy</b></dt>
+<dd>
+
+<p>Set policy variable require-explicit-policy (see RFC5280).</p>
+
+</dd>
+<dt id="extended_crl"><b>-extended_crl</b></dt>
+<dd>
+
+<p>Enable extended CRL features such as indirect CRLs and alternate CRL signing keys.</p>
+
+</dd>
+<dt id="ignore_critical"><b>-ignore_critical</b></dt>
+<dd>
+
+<p>Normally if an unhandled critical extension is present which is not supported by OpenSSL the certificate is rejected (as required by RFC5280). If this option is set critical extensions are ignored.</p>
+
+</dd>
+<dt id="inhibit_any"><b>-inhibit_any</b></dt>
+<dd>
+
+<p>Set policy variable inhibit-any-policy (see RFC5280).</p>
+
+</dd>
+<dt id="inhibit_map"><b>-inhibit_map</b></dt>
+<dd>
+
+<p>Set policy variable inhibit-policy-mapping (see RFC5280).</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <a href="../man1/x509.html">x509(1)</a> manual page for details.</p>
+
+</dd>
+<dt id="no_check_time"><b>-no_check_time</b></dt>
+<dd>
+
+<p>This option suppresses checking the validity period of certificates and CRLs against the current time. If option <b>-attime timestamp</b> is used to specify a verification time, the check is not suppressed.</p>
+
+</dd>
+<dt id="partial_chain"><b>-partial_chain</b></dt>
+<dd>
+
+<p>Allow verification to succeed even if a <i>complete</i> chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed.</p>
+
+</dd>
+<dt id="policy-arg"><b>-policy arg</b></dt>
+<dd>
+
+<p>Enable policy processing and add <b>arg</b> to the user-initial-policy-set (see RFC5280). The policy <b>arg</b> can be an object name an OID in numeric form. This argument can appear more than once.</p>
+
+</dd>
+<dt id="policy_check"><b>-policy_check</b></dt>
+<dd>
+
+<p>Enables certificate policy processing.</p>
+
+</dd>
+<dt id="policy_print"><b>-policy_print</b></dt>
+<dd>
+
+<p>Print out diagnostics related to policy processing.</p>
+
+</dd>
+<dt id="purpose-purpose"><b>-purpose purpose</b></dt>
+<dd>
+
+<p>The intended use for the certificate. If this option is not specified, <b>verify</b> will not consider certificate purpose during chain verification. Currently accepted uses are <b>sslclient</b>, <b>sslserver</b>, <b>nssslserver</b>, <b>smimesign</b>, <b>smimeencrypt</b>. See the <b>VERIFY OPERATION</b> section for more information.</p>
+
+</dd>
+<dt id="suiteB_128_only--suiteB_128--suiteB_192"><b>-suiteB_128_only</b>, <b>-suiteB_128</b>, <b>-suiteB_192</b></dt>
+<dd>
+
+<p>Enable the Suite B mode operation at 128 bit Level of Security, 128 bit or 192 bit, or only 192 bit Level of Security respectively. See RFC6460 for details. In particular the supported signature algorithms are reduced to support only ECDSA and SHA256 or SHA384 and only the elliptic curves P-256 and P-384.</p>
+
+</dd>
+<dt id="trusted_first"><b>-trusted_first</b></dt>
+<dd>
+
+<p>When constructing the certificate chain, use the trusted certificates specified via <b>-CAfile</b>, <b>-CApath</b> or <b>-trusted</b> before any certificates specified via <b>-untrusted</b>. This can be useful in environments with Bridge or Cross-Certified CAs. As of OpenSSL 1.1.0 this option is on by default and cannot be disabled.</p>
+
+</dd>
+<dt id="no_alt_chains"><b>-no_alt_chains</b></dt>
+<dd>
+
+<p>By default, unless <b>-trusted_first</b> is specified, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted issuer certificates with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>-trusted_first</b> always on, this option has no effect.</p>
+
+</dd>
+<dt id="untrusted-file"><b>-untrusted file</b></dt>
+<dd>
+
+<p>A <b>file</b> of additional untrusted certificates (intermediate issuer CAs) used to construct a certificate chain from the subject certificate to a trust-anchor. The <b>file</b> should contain one or more certificates in PEM format. This option can be specified more than once to include untrusted certificates from multiple <b>files</b>.</p>
+
+</dd>
+<dt id="trusted-file"><b>-trusted file</b></dt>
+<dd>
+
+<p>A <b>file</b> of trusted certificates, which must be self-signed, unless the <b>-partial_chain</b> option is specified. The <b>file</b> contains one or more certificates in PEM format. With this option, no additional (e.g., default) certificate lists are consulted. That is, the only trust-anchors are those listed in <b>file</b>. This option can be specified more than once to include trusted certificates from multiple <b>files</b>. This option implies the <b>-no-CAfile</b> and <b>-no-CApath</b> options. This option cannot be used in combination with either of the <b>-CAfile</b> or <b>-CApath</b> options.</p>
+
+</dd>
+<dt id="use_deltas"><b>-use_deltas</b></dt>
+<dd>
+
+<p>Enable support for delta CRLs.</p>
+
+</dd>
+<dt id="verbose"><b>-verbose</b></dt>
+<dd>
+
+<p>Print extra information about the operations being performed.</p>
+
+</dd>
+<dt id="auth_level-level"><b>-auth_level level</b></dt>
+<dd>
+
+<p>Set the certificate chain authentication security level to <b>level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security <b>level</b>. The signature algorithm security level is enforced for all the certificates in the chain except for the chain&#39;s <i>trust anchor</i>, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+</dd>
+<dt id="verify_depth-num"><b>-verify_depth num</b></dt>
+<dd>
+
+<p>Limit the certificate chain to <b>num</b> intermediate CA certificates. A maximal depth chain can have up to <b>num+2</b> certificates, since neither the end-entity certificate nor the trust-anchor certificate count against the <b>-verify_depth</b> limit.</p>
+
+</dd>
+<dt id="verify_email-email"><b>-verify_email email</b></dt>
+<dd>
+
+<p>Verify if the <b>email</b> matches the email address in Subject Alternative Name or the email in the subject Distinguished Name.</p>
+
+</dd>
+<dt id="verify_hostname-hostname"><b>-verify_hostname hostname</b></dt>
+<dd>
+
+<p>Verify if the <b>hostname</b> matches DNS name in Subject Alternative Name or Common Name in the subject certificate.</p>
+
+</dd>
+<dt id="verify_ip-ip"><b>-verify_ip ip</b></dt>
+<dd>
+
+<p>Verify if the <b>ip</b> matches the IP address in Subject Alternative Name of the subject certificate.</p>
+
+</dd>
+<dt id="verify_name-name"><b>-verify_name name</b></dt>
+<dd>
+
+<p>Use default verification policies like trust model and required certificate policies identified by <b>name</b>. The trust model determines which auxiliary trust or reject OIDs are applicable to verifying the given certificate chain. See the <b>-addtrust</b> and <b>-addreject</b> options of the <a href="../man1/x509.html">x509(1)</a> command-line utility. Supported policy names include: <b>default</b>, <b>pkcs7</b>, <b>smime_sign</b>, <b>ssl_client</b>, <b>ssl_server</b>. These mimics the combinations of purpose and trust settings used in SSL, CMS and S/MIME. As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not specified, so the <b>-verify_name</b> options are functionally equivalent to the corresponding <b>-purpose</b> settings.</p>
+
+</dd>
+<dt id="x509_strict"><b>-x509_strict</b></dt>
+<dd>
+
+<p>For strict X.509 compliance, disable non-compliant workarounds for broken certificates.</p>
+
+</dd>
+<dt id="show_chain"><b>-show_chain</b></dt>
+<dd>
+
+<p>Display information about the certificate chain that has been built (if successful). Certificates in the chain that came from the untrusted list will be flagged as &quot;untrusted&quot;.</p>
+
+</dd>
+<dt id="pod"><b>-</b></dt>
+<dd>
+
+<p>Indicates the last option. All arguments following this are assumed to be certificate files. This is useful if the first certificate filename begins with a <b>-</b>.</p>
+
+</dd>
+<dt id="certificates"><b>certificates</b></dt>
+<dd>
+
+<p>One or more certificates to verify. If no certificates are given, <b>verify</b> will attempt to read a certificate from standard input. Certificates must be in PEM format.</p>
+
+</dd>
+</dl>
+
+<h1 id="VERIFY-OPERATION">VERIFY OPERATION</h1>
+
+<p>The <b>verify</b> program uses the same functions as the internal SSL and S/MIME verification, therefore this description applies to these verify operations too.</p>
+
+<p>There is one crucial difference between the verify operations performed by the <b>verify</b> program: wherever possible an attempt is made to continue after an error whereas normally the verify operation would halt on the first error. This allows all the problems with a certificate chain to be determined.</p>
+
+<p>The verify operation consists of a number of separate steps.</p>
+
+<p>Firstly a certificate chain is built up starting from the supplied certificate and ending in the root CA. It is an error if the whole chain cannot be built up. The chain is built up by looking up the issuers certificate of the current certificate. If a certificate is found which is its own issuer it is assumed to be the root CA.</p>
+
+<p>The process of &#39;looking up the issuers certificate&#39; itself involves a number of steps. After all certificates whose subject name matches the issuer name of the current certificate are subject to further tests. The relevant authority key identifier components of the current certificate (if present) must match the subject key identifier (if present) and issuer and serial number of the candidate issuer, in addition the keyUsage extension of the candidate issuer (if present) must permit certificate signing.</p>
+
+<p>The lookup first looks in the list of untrusted certificates and if no match is found the remaining lookups are from the trusted certificates. The root CA is always looked up in the trusted certificate list: if the certificate to verify is a root certificate then an exact match must be found in the trusted list.</p>
+
+<p>The second operation is to check every untrusted certificate&#39;s extensions for consistency with the supplied purpose. If the <b>-purpose</b> option is not included then no checks are done. The supplied or &quot;leaf&quot; certificate must have extensions compatible with the supplied purpose and all other certificates must also be valid CA certificates. The precise extensions required are described in more detail in the <b>CERTIFICATE EXTENSIONS</b> section of the <b>x509</b> utility.</p>
+
+<p>The third operation is to check the trust settings on the root CA. The root CA should be trusted for the supplied purpose. For compatibility with previous versions of OpenSSL, a certificate with no trust settings is considered to be valid for all purposes.</p>
+
+<p>The final operation is to check the validity of the certificate chain. The validity period is checked against the current system time and the notBefore and notAfter dates in the certificate. The certificate signatures are also checked at this point.</p>
+
+<p>If all operations complete successfully then certificate is considered valid. If any operation fails then the certificate is not valid.</p>
+
+<h1 id="DIAGNOSTICS">DIAGNOSTICS</h1>
+
+<p>When a verify operation fails the output messages can be somewhat cryptic. The general form of the error message is:</p>
+
+<pre><code> server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+ error 24 at 1 depth lookup:invalid CA certificate</code></pre>
+
+<p>The first line contains the name of the certificate being verified followed by the subject name of the certificate. The second line contains the error number and the depth. The depth is number of the certificate being verified when a problem was detected starting with zero for the certificate being verified itself then 1 for the CA that signed the certificate and so on. Finally a text version of the error number is presented.</p>
+
+<p>A partial list of the error codes and messages is shown below, this also includes the name of the error code as defined in the header file x509_vfy.h Some of the error codes are defined but never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK"><b>X509_V_OK</b></dt>
+<dd>
+
+<p>The operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSPECIFIED"><b>X509_V_ERR_UNSPECIFIED</b></dt>
+<dd>
+
+<p>Unspecified error; should not happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT</b></dt>
+<dd>
+
+<p>The issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL</b></dt>
+<dd>
+
+<p>The CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE</b></dt>
+<dd>
+
+<p>The certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE</b></dt>
+<dd>
+
+<p>The CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY</b></dt>
+<dd>
+
+<p>The public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE</b></dt>
+<dd>
+
+<p>The signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE</b></dt>
+<dd>
+
+<p>The signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID"><b>X509_V_ERR_CERT_NOT_YET_VALID</b></dt>
+<dd>
+
+<p>The certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED"><b>X509_V_ERR_CERT_HAS_EXPIRED</b></dt>
+<dd>
+
+<p>The certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID"><b>X509_V_ERR_CRL_NOT_YET_VALID</b></dt>
+<dd>
+
+<p>The CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED"><b>X509_V_ERR_CRL_HAS_EXPIRED</b></dt>
+<dd>
+
+<p>The CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD</b></dt>
+<dd>
+
+<p>The certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD</b></dt>
+<dd>
+
+<p>The certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD</b></dt>
+<dd>
+
+<p>The CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD</b></dt>
+<dd>
+
+<p>The CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM"><b>X509_V_ERR_OUT_OF_MEM</b></dt>
+<dd>
+
+<p>An error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT</b></dt>
+<dd>
+
+<p>The passed certificate is self-signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN</b></dt>
+<dd>
+
+<p>The certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY</b></dt>
+<dd>
+
+<p>The issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE</b></dt>
+<dd>
+
+<p>No signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG</b></dt>
+<dd>
+
+<p>The certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED"><b>X509_V_ERR_CERT_REVOKED</b></dt>
+<dd>
+
+<p>The certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA"><b>X509_V_ERR_INVALID_CA</b></dt>
+<dd>
+
+<p>A CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED</b></dt>
+<dd>
+
+<p>The basicConstraints pathlength parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE"><b>X509_V_ERR_INVALID_PURPOSE</b></dt>
+<dd>
+
+<p>The supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED"><b>X509_V_ERR_CERT_UNTRUSTED</b></dt>
+<dd>
+
+<p>The root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED"><b>X509_V_ERR_CERT_REJECTED</b></dt>
+<dd>
+
+<p>The root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH</b></dt>
+<dd>
+
+<p>Not used as of OpenSSL 1.1.0 as a result of the deprecation of the <b>-issuer_checks</b> option.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH"><b>X509_V_ERR_AKID_SKID_MISMATCH</b></dt>
+<dd>
+
+<p>Not used as of OpenSSL 1.1.0 as a result of the deprecation of the <b>-issuer_checks</b> option.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH</b></dt>
+<dd>
+
+<p>Not used as of OpenSSL 1.1.0 as a result of the deprecation of the <b>-issuer_checks</b> option.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN</b></dt>
+<dd>
+
+<p>Not used as of OpenSSL 1.1.0 as a result of the deprecation of the <b>-issuer_checks</b> option.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER"><b>X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER</b></dt>
+<dd>
+
+<p>Unable to get CRL issuer certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION"><b>X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION</b></dt>
+<dd>
+
+<p>Unhandled critical extension.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CRL_SIGN"><b>X509_V_ERR_KEYUSAGE_NO_CRL_SIGN</b></dt>
+<dd>
+
+<p>Key usage does not include CRL signing.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION"><b>X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION</b></dt>
+<dd>
+
+<p>Unhandled critical CRL extension.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_NON_CA"><b>X509_V_ERR_INVALID_NON_CA</b></dt>
+<dd>
+
+<p>Invalid non-CA certificate has CA markings.</p>
+
+</dd>
+<dt id="X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED"><b>X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED</b></dt>
+<dd>
+
+<p>Proxy path length constraint exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_PROXY_SUBJECT_INVALID"><b>X509_V_ERR_PROXY_SUBJECT_INVALID</b></dt>
+<dd>
+
+<p>Proxy certificate subject is invalid. It MUST be the same as the issuer with a single CN component added.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE"><b>X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE</b></dt>
+<dd>
+
+<p>Key usage does not include digital signature.</p>
+
+</dd>
+<dt id="X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED"><b>X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED</b></dt>
+<dd>
+
+<p>Proxy certificates not allowed, please use <b>-allow_proxy_certs</b>.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION"><b>X509_V_ERR_INVALID_EXTENSION</b></dt>
+<dd>
+
+<p>Invalid or inconsistent certificate extension.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION"><b>X509_V_ERR_INVALID_POLICY_EXTENSION</b></dt>
+<dd>
+
+<p>Invalid or inconsistent certificate policy extension.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY"><b>X509_V_ERR_NO_EXPLICIT_POLICY</b></dt>
+<dd>
+
+<p>No explicit policy.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE</b></dt>
+<dd>
+
+<p>Different CRL scope.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE</b></dt>
+<dd>
+
+<p>Unsupported extension feature.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNNESTED_RESOURCE"><b>X509_V_ERR_UNNESTED_RESOURCE</b></dt>
+<dd>
+
+<p>RFC 3779 resource not subset of parent&#39;s resources.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION"><b>X509_V_ERR_PERMITTED_VIOLATION</b></dt>
+<dd>
+
+<p>Permitted subtree violation.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION"><b>X509_V_ERR_EXCLUDED_VIOLATION</b></dt>
+<dd>
+
+<p>Excluded subtree violation.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX"><b>X509_V_ERR_SUBTREE_MINMAX</b></dt>
+<dd>
+
+<p>Name constraints minimum and maximum not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION"><b>X509_V_ERR_APPLICATION_VERIFICATION</b></dt>
+<dd>
+
+<p>Application verification failure. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE</b></dt>
+<dd>
+
+<p>Unsupported name constraint type.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX</b></dt>
+<dd>
+
+<p>Unsupported or invalid name constraint syntax.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_NAME_SYNTAX"><b>X509_V_ERR_UNSUPPORTED_NAME_SYNTAX</b></dt>
+<dd>
+
+<p>Unsupported or invalid name syntax.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR</b></dt>
+<dd>
+
+<p>CRL path validation error.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LOOP"><b>X509_V_ERR_PATH_LOOP</b></dt>
+<dd>
+
+<p>Path loop.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_INVALID_VERSION"><b>X509_V_ERR_SUITE_B_INVALID_VERSION</b></dt>
+<dd>
+
+<p>Suite B: certificate version invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_INVALID_ALGORITHM"><b>X509_V_ERR_SUITE_B_INVALID_ALGORITHM</b></dt>
+<dd>
+
+<p>Suite B: invalid public key algorithm.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_INVALID_CURVE"><b>X509_V_ERR_SUITE_B_INVALID_CURVE</b></dt>
+<dd>
+
+<p>Suite B: invalid ECC curve.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM"><b>X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM</b></dt>
+<dd>
+
+<p>Suite B: invalid signature algorithm.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED"><b>X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED</b></dt>
+<dd>
+
+<p>Suite B: curve not allowed for this LOS.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256"><b>X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256</b></dt>
+<dd>
+
+<p>Suite B: cannot sign P-384 with P-256.</p>
+
+</dd>
+<dt id="X509_V_ERR_HOSTNAME_MISMATCH"><b>X509_V_ERR_HOSTNAME_MISMATCH</b></dt>
+<dd>
+
+<p>Hostname mismatch.</p>
+
+</dd>
+<dt id="X509_V_ERR_EMAIL_MISMATCH"><b>X509_V_ERR_EMAIL_MISMATCH</b></dt>
+<dd>
+
+<p>Email address mismatch.</p>
+
+</dd>
+<dt id="X509_V_ERR_IP_ADDRESS_MISMATCH"><b>X509_V_ERR_IP_ADDRESS_MISMATCH</b></dt>
+<dd>
+
+<p>IP address mismatch.</p>
+
+</dd>
+<dt id="X509_V_ERR_DANE_NO_MATCH"><b>X509_V_ERR_DANE_NO_MATCH</b></dt>
+<dd>
+
+<p>DANE TLSA authentication is enabled, but no TLSA records matched the certificate chain. This error is only possible in <a href="../man1/s_client.html">s_client(1)</a>.</p>
+
+</dd>
+<dt id="X509_V_ERR_EE_KEY_TOO_SMALL"><b>X509_V_ERR_EE_KEY_TOO_SMALL</b></dt>
+<dd>
+
+<p>EE certificate key too weak.</p>
+
+</dd>
+<dt id="X509_ERR_CA_KEY_TOO_SMALL"><b>X509_ERR_CA_KEY_TOO_SMALL</b></dt>
+<dd>
+
+<p>CA certificate key too weak.</p>
+
+</dd>
+<dt id="X509_ERR_CA_MD_TOO_WEAK"><b>X509_ERR_CA_MD_TOO_WEAK</b></dt>
+<dd>
+
+<p>CA signature digest algorithm too weak.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CALL"><b>X509_V_ERR_INVALID_CALL</b></dt>
+<dd>
+
+<p>nvalid certificate verification context.</p>
+
+</dd>
+<dt id="X509_V_ERR_STORE_LOOKUP"><b>X509_V_ERR_STORE_LOOKUP</b></dt>
+<dd>
+
+<p>Issuer certificate lookup error.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_VALID_SCTS"><b>X509_V_ERR_NO_VALID_SCTS</b></dt>
+<dd>
+
+<p>Certificate Transparency required, but no valid SCTs found.</p>
+
+</dd>
+<dt id="X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION"><b>X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION</b></dt>
+<dd>
+
+<p>Proxy subject name violation.</p>
+
+</dd>
+<dt id="X509_V_ERR_OCSP_VERIFY_NEEDED"><b>X509_V_ERR_OCSP_VERIFY_NEEDED</b></dt>
+<dd>
+
+<p>Returned by the verify callback to indicate an OCSP verification is needed.</p>
+
+</dd>
+<dt id="X509_V_ERR_OCSP_VERIFY_FAILED"><b>X509_V_ERR_OCSP_VERIFY_FAILED</b></dt>
+<dd>
+
+<p>Returned by the verify callback to indicate OCSP verification failed.</p>
+
+</dd>
+<dt id="X509_V_ERR_OCSP_CERT_UNKNOWN"><b>X509_V_ERR_OCSP_CERT_UNKNOWN</b></dt>
+<dd>
+
+<p>Returned by the verify callback to indicate that the certificate is not recognized by the OCSP responder.</p>
+
+</dd>
+</dl>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Although the issuer checks are a considerable improvement over the old technique they still suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that trusted certificates with matching subject name must either appear in a file (as specified by the <b>-CAfile</b> option) or a directory (as specified by <b>-CApath</b>). If they occur in both then only the certificates in the file will be recognised.</p>
+
+<p>Previous versions of OpenSSL assume certificates with matching subject name are identical and mishandled them.</p>
+
+<p>Previous versions of this documentation swapped the meaning of the <b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT</b> and <b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY</b> error codes.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>-show_chain</b> option was added in OpenSSL 1.1.0.</p>
+
+<p>The <b>-issuer_checks</b> option is deprecated as of OpenSSL 1.1.0 and is silently ignored.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/version.html b/msys2/usr/share/doc/openssl/html/man1/version.html
new file mode 100644
index 000000000..d32b6ec56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/version.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-version, version - print OpenSSL version information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl version</b> [<b>-help</b>] [<b>-a</b>] [<b>-v</b>] [<b>-b</b>] [<b>-o</b>] [<b>-f</b>] [<b>-p</b>] [<b>-d</b>] [<b>-e</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This command is used to print out version information about OpenSSL.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="a"><b>-a</b></dt>
+<dd>
+
+<p>All information, this is the same as setting all the other flags.</p>
+
+</dd>
+<dt id="v"><b>-v</b></dt>
+<dd>
+
+<p>The current OpenSSL version.</p>
+
+</dd>
+<dt id="b"><b>-b</b></dt>
+<dd>
+
+<p>The date the current version of OpenSSL was built.</p>
+
+</dd>
+<dt id="o"><b>-o</b></dt>
+<dd>
+
+<p>Option information: various options set when the library was built.</p>
+
+</dd>
+<dt id="f"><b>-f</b></dt>
+<dd>
+
+<p>Compilation flags.</p>
+
+</dd>
+<dt id="p"><b>-p</b></dt>
+<dd>
+
+<p>Platform setting.</p>
+
+</dd>
+<dt id="d"><b>-d</b></dt>
+<dd>
+
+<p>OPENSSLDIR setting.</p>
+
+</dd>
+<dt id="e"><b>-e</b></dt>
+<dd>
+
+<p>ENGINESDIR setting.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The output of <b>openssl version -a</b> would typically be used when sending in a bug report.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man1/x509.html b/msys2/usr/share/doc/openssl/html/man1/x509.html
new file mode 100644
index 000000000..804a75922
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man1/x509.html
@@ -0,0 +1,886 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>x509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPTIONS">OPTIONS</a>
+    <ul>
+      <li><a href="#Input-Output-and-General-Purpose-Options">Input, Output, and General Purpose Options</a></li>
+      <li><a href="#Display-Options">Display Options</a></li>
+      <li><a href="#Trust-Settings">Trust Settings</a></li>
+      <li><a href="#Signing-Options">Signing Options</a></li>
+      <li><a href="#Name-Options">Name Options</a></li>
+      <li><a href="#Text-Options">Text Options</a></li>
+    </ul>
+  </li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#CERTIFICATE-EXTENSIONS">CERTIFICATE EXTENSIONS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>openssl-x509, x509 - Certificate display and signing utility</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p><b>openssl</b> <b>x509</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-keyform DER|PEM</b>] [<b>-CAform DER|PEM</b>] [<b>-CAkeyform DER|PEM</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-serial</b>] [<b>-hash</b>] [<b>-subject_hash</b>] [<b>-issuer_hash</b>] [<b>-ocspid</b>] [<b>-subject</b>] [<b>-issuer</b>] [<b>-nameopt option</b>] [<b>-email</b>] [<b>-ocsp_uri</b>] [<b>-startdate</b>] [<b>-enddate</b>] [<b>-purpose</b>] [<b>-dates</b>] [<b>-checkend num</b>] [<b>-modulus</b>] [<b>-pubkey</b>] [<b>-fingerprint</b>] [<b>-alias</b>] [<b>-noout</b>] [<b>-trustout</b>] [<b>-clrtrust</b>] [<b>-clrreject</b>] [<b>-addtrust arg</b>] [<b>-addreject arg</b>] [<b>-setalias arg</b>] [<b>-days arg</b>] [<b>-set_serial n</b>] [<b>-signkey filename</b>] [<b>-passin arg</b>] [<b>-x509toreq</b>] [<b>-req</b>] [<b>-CA filename</b>] [<b>-CAkey filename</b>] [<b>-CAcreateserial</b>] [<b>-CAserial filename</b>] [<b>-force_pubkey key</b>] [<b>-text</b>] [<b>-ext extensions</b>] [<b>-certopt option</b>] [<b>-C</b>] [<b>-<i>digest</i></b>] [<b>-clrext</b>] [<b>-extfile filename</b>] [<b>-extensions section</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>-preserve_dates</b>]</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>x509</b> command is a multi purpose certificate utility. It can be used to display certificate information, convert certificates to various forms, sign certificate requests like a &quot;mini CA&quot; or edit certificate trust settings.</p>
+
+<p>Since there are a large number of options they will split up into various sections.</p>
+
+<h1 id="OPTIONS">OPTIONS</h1>
+
+<h2 id="Input-Output-and-General-Purpose-Options">Input, Output, and General Purpose Options</h2>
+
+<dl>
+
+<dt id="help"><b>-help</b></dt>
+<dd>
+
+<p>Print out a usage message.</p>
+
+</dd>
+<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the input format normally the command will expect an X509 certificate but this can change if other options such as <b>-req</b> are present. The DER format is the DER encoding of the certificate and PEM is the base64 encoding of the DER encoding with header and footer lines added. The default format is PEM.</p>
+
+</dd>
+<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
+<dd>
+
+<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
+
+</dd>
+<dt id="in-filename"><b>-in filename</b></dt>
+<dd>
+
+<p>This specifies the input filename to read a certificate from or standard input if this option is not specified.</p>
+
+</dd>
+<dt id="out-filename"><b>-out filename</b></dt>
+<dd>
+
+<p>This specifies the output filename to write to or standard output by default.</p>
+
+</dd>
+<dt id="digest"><b>-<i>digest</i></b></dt>
+<dd>
+
+<p>The digest to use. This affects any signing or display option that uses a message digest, such as the <b>-fingerprint</b>, <b>-signkey</b> and <b>-CA</b> options. Any digest supported by the OpenSSL <b>dgst</b> command can be used. If not specified then SHA1 is used with <b>-fingerprint</b> or the default digest for the signing algorithm is used, typically SHA256.</p>
+
+</dd>
+<dt id="rand-file"><b>-rand file...</b></dt>
+<dd>
+
+<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
+
+</dd>
+<dt id="writerand-file">[<b>-writerand file</b>]</dt>
+<dd>
+
+<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
+
+</dd>
+<dt id="engine-id"><b>-engine id</b></dt>
+<dd>
+
+<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>x509</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
+
+</dd>
+<dt id="preserve_dates"><b>-preserve_dates</b></dt>
+<dd>
+
+<p>When signing a certificate, preserve the &quot;notBefore&quot; and &quot;notAfter&quot; dates instead of adjusting them to current time and duration. Cannot be used with the <b>-days</b> option.</p>
+
+</dd>
+</dl>
+
+<h2 id="Display-Options">Display Options</h2>
+
+<p>Note: the <b>-alias</b> and <b>-purpose</b> options are also display options but are described in the <b>TRUST SETTINGS</b> section.</p>
+
+<dl>
+
+<dt id="text"><b>-text</b></dt>
+<dd>
+
+<p>Prints out the certificate in text form. Full details are output including the public key, signature algorithms, issuer and subject names, serial number any extensions present and any trust settings.</p>
+
+</dd>
+<dt id="ext-extensions"><b>-ext extensions</b></dt>
+<dd>
+
+<p>Prints out the certificate extensions in text form. Extensions are specified with a comma separated string, e.g., &quot;subjectAltName,subjectKeyIdentifier&quot;. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for the extension names.</p>
+
+</dd>
+<dt id="certopt-option"><b>-certopt option</b></dt>
+<dd>
+
+<p>Customise the output format used with <b>-text</b>. The <b>option</b> argument can be a single option or multiple options separated by commas. The <b>-certopt</b> switch may be also be used more than once to set multiple options. See the <b>TEXT OPTIONS</b> section for more information.</p>
+
+</dd>
+<dt id="noout"><b>-noout</b></dt>
+<dd>
+
+<p>This option prevents output of the encoded version of the certificate.</p>
+
+</dd>
+<dt id="pubkey"><b>-pubkey</b></dt>
+<dd>
+
+<p>Outputs the certificate&#39;s SubjectPublicKeyInfo block in PEM format.</p>
+
+</dd>
+<dt id="modulus"><b>-modulus</b></dt>
+<dd>
+
+<p>This option prints out the value of the modulus of the public key contained in the certificate.</p>
+
+</dd>
+<dt id="serial"><b>-serial</b></dt>
+<dd>
+
+<p>Outputs the certificate serial number.</p>
+
+</dd>
+<dt id="subject_hash"><b>-subject_hash</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the certificate subject name. This is used in OpenSSL to form an index to allow certificates in a directory to be looked up by subject name.</p>
+
+</dd>
+<dt id="issuer_hash"><b>-issuer_hash</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the certificate issuer name.</p>
+
+</dd>
+<dt id="ocspid"><b>-ocspid</b></dt>
+<dd>
+
+<p>Outputs the OCSP hash values for the subject name and public key.</p>
+
+</dd>
+<dt id="hash"><b>-hash</b></dt>
+<dd>
+
+<p>Synonym for &quot;-subject_hash&quot; for backward compatibility reasons.</p>
+
+</dd>
+<dt id="subject_hash_old"><b>-subject_hash_old</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the certificate subject name using the older algorithm as used by OpenSSL before version 1.0.0.</p>
+
+</dd>
+<dt id="issuer_hash_old"><b>-issuer_hash_old</b></dt>
+<dd>
+
+<p>Outputs the &quot;hash&quot; of the certificate issuer name using the older algorithm as used by OpenSSL before version 1.0.0.</p>
+
+</dd>
+<dt id="subject"><b>-subject</b></dt>
+<dd>
+
+<p>Outputs the subject name.</p>
+
+</dd>
+<dt id="issuer"><b>-issuer</b></dt>
+<dd>
+
+<p>Outputs the issuer name.</p>
+
+</dd>
+<dt id="nameopt-option"><b>-nameopt option</b></dt>
+<dd>
+
+<p>Option which determines how the subject or issuer names are displayed. The <b>option</b> argument can be a single option or multiple options separated by commas. Alternatively the <b>-nameopt</b> switch may be used more than once to set multiple options. See the <b>NAME OPTIONS</b> section for more information.</p>
+
+</dd>
+<dt id="email"><b>-email</b></dt>
+<dd>
+
+<p>Outputs the email address(es) if any.</p>
+
+</dd>
+<dt id="ocsp_uri"><b>-ocsp_uri</b></dt>
+<dd>
+
+<p>Outputs the OCSP responder address(es) if any.</p>
+
+</dd>
+<dt id="startdate"><b>-startdate</b></dt>
+<dd>
+
+<p>Prints out the start date of the certificate, that is the notBefore date.</p>
+
+</dd>
+<dt id="enddate"><b>-enddate</b></dt>
+<dd>
+
+<p>Prints out the expiry date of the certificate, that is the notAfter date.</p>
+
+</dd>
+<dt id="dates"><b>-dates</b></dt>
+<dd>
+
+<p>Prints out the start and expiry dates of a certificate.</p>
+
+</dd>
+<dt id="checkend-arg"><b>-checkend arg</b></dt>
+<dd>
+
+<p>Checks if the certificate expires within the next <b>arg</b> seconds and exits non-zero if yes it will expire or zero if not.</p>
+
+</dd>
+<dt id="fingerprint"><b>-fingerprint</b></dt>
+<dd>
+
+<p>Calculates and outputs the digest of the DER encoded version of the entire certificate (see digest options). This is commonly called a &quot;fingerprint&quot;. Because of the nature of message digests, the fingerprint of a certificate is unique to that certificate and two certificates with the same fingerprint can be considered to be the same.</p>
+
+</dd>
+<dt id="C"><b>-C</b></dt>
+<dd>
+
+<p>This outputs the certificate in the form of a C source file.</p>
+
+</dd>
+</dl>
+
+<h2 id="Trust-Settings">Trust Settings</h2>
+
+<p>A <b>trusted certificate</b> is an ordinary certificate which has several additional pieces of information attached to it such as the permitted and prohibited uses of the certificate and an &quot;alias&quot;.</p>
+
+<p>Normally when a certificate is being verified at least one certificate must be &quot;trusted&quot;. By default a trusted certificate must be stored locally and must be a root CA: any certificate chain ending in this CA is then usable for any purpose.</p>
+
+<p>Trust settings currently are only used with a root CA. They allow a finer control over the purposes the root CA can be used for. For example a CA may be trusted for SSL client but not SSL server use.</p>
+
+<p>See the description of the <b>verify</b> utility for more information on the meaning of trust settings.</p>
+
+<p>Future versions of OpenSSL will recognize trust settings on any certificate: not just root CAs.</p>
+
+<dl>
+
+<dt id="trustout"><b>-trustout</b></dt>
+<dd>
+
+<p>This causes <b>x509</b> to output a <b>trusted</b> certificate. An ordinary or trusted certificate can be input but by default an ordinary certificate is output and any trust settings are discarded. With the <b>-trustout</b> option a trusted certificate is output. A trusted certificate is automatically output if any trust settings are modified.</p>
+
+</dd>
+<dt id="setalias-arg"><b>-setalias arg</b></dt>
+<dd>
+
+<p>Sets the alias of the certificate. This will allow the certificate to be referred to using a nickname for example &quot;Steve&#39;s Certificate&quot;.</p>
+
+</dd>
+<dt id="alias"><b>-alias</b></dt>
+<dd>
+
+<p>Outputs the certificate alias, if any.</p>
+
+</dd>
+<dt id="clrtrust"><b>-clrtrust</b></dt>
+<dd>
+
+<p>Clears all the permitted or trusted uses of the certificate.</p>
+
+</dd>
+<dt id="clrreject"><b>-clrreject</b></dt>
+<dd>
+
+<p>Clears all the prohibited or rejected uses of the certificate.</p>
+
+</dd>
+<dt id="addtrust-arg"><b>-addtrust arg</b></dt>
+<dd>
+
+<p>Adds a trusted certificate use. Any object name can be used here but currently only <b>clientAuth</b> (SSL client use), <b>serverAuth</b> (SSL server use), <b>emailProtection</b> (S/MIME email) and <b>anyExtendedKeyUsage</b> are used. As of OpenSSL 1.1.0, the last of these blocks all purposes when rejected or enables all purposes when trusted. Other OpenSSL applications may define additional uses.</p>
+
+</dd>
+<dt id="addreject-arg"><b>-addreject arg</b></dt>
+<dd>
+
+<p>Adds a prohibited use. It accepts the same values as the <b>-addtrust</b> option.</p>
+
+</dd>
+<dt id="purpose"><b>-purpose</b></dt>
+<dd>
+
+<p>This option performs tests on the certificate extensions and outputs the results. For a more complete description see the <b>CERTIFICATE EXTENSIONS</b> section.</p>
+
+</dd>
+</dl>
+
+<h2 id="Signing-Options">Signing Options</h2>
+
+<p>The <b>x509</b> utility can be used to sign certificates and requests: it can thus behave like a &quot;mini CA&quot;.</p>
+
+<dl>
+
+<dt id="signkey-filename"><b>-signkey filename</b></dt>
+<dd>
+
+<p>This option causes the input file to be self signed using the supplied private key.</p>
+
+<p>If the input file is a certificate it sets the issuer name to the subject name (i.e. makes it self signed) changes the public key to the supplied value and changes the start and end dates. The start date is set to the current time and the end date is set to a value determined by the <b>-days</b> option. Any certificate extensions are retained unless the <b>-clrext</b> option is supplied; this includes, for example, any existing key identifier extensions.</p>
+
+<p>If the input is a certificate request then a self signed certificate is created using the supplied private key using the subject name in the request.</p>
+
+</dd>
+<dt id="passin-arg"><b>-passin arg</b></dt>
+<dd>
+
+<p>The key password source. For more information about the format of <b>arg</b> see the <b>PASS PHRASE ARGUMENTS</b> section in <a href="../man1/openssl.html">openssl(1)</a>.</p>
+
+</dd>
+<dt id="clrext"><b>-clrext</b></dt>
+<dd>
+
+<p>Delete any extensions from a certificate. This option is used when a certificate is being created from another certificate (for example with the <b>-signkey</b> or the <b>-CA</b> options). Normally all extensions are retained.</p>
+
+</dd>
+<dt id="keyform-PEM-DER"><b>-keyform PEM|DER</b></dt>
+<dd>
+
+<p>Specifies the format (DER or PEM) of the private key file used in the <b>-signkey</b> option.</p>
+
+</dd>
+<dt id="days-arg"><b>-days arg</b></dt>
+<dd>
+
+<p>Specifies the number of days to make a certificate valid for. The default is 30 days. Cannot be used with the <b>-preserve_dates</b> option.</p>
+
+</dd>
+<dt id="x509toreq"><b>-x509toreq</b></dt>
+<dd>
+
+<p>Converts a certificate into a certificate request. The <b>-signkey</b> option is used to pass the required private key.</p>
+
+</dd>
+<dt id="req"><b>-req</b></dt>
+<dd>
+
+<p>By default a certificate is expected on input. With this option a certificate request is expected instead.</p>
+
+</dd>
+<dt id="set_serial-n"><b>-set_serial n</b></dt>
+<dd>
+
+<p>Specifies the serial number to use. This option can be used with either the <b>-signkey</b> or <b>-CA</b> options. If used in conjunction with the <b>-CA</b> option the serial number file (as specified by the <b>-CAserial</b> or <b>-CAcreateserial</b> options) is not used.</p>
+
+<p>The serial number can be decimal or hex (if preceded by <b>0x</b>).</p>
+
+</dd>
+<dt id="CA-filename"><b>-CA filename</b></dt>
+<dd>
+
+<p>Specifies the CA certificate to be used for signing. When this option is present <b>x509</b> behaves like a &quot;mini CA&quot;. The input file is signed by this CA using this option: that is its issuer name is set to the subject name of the CA and it is digitally signed using the CAs private key.</p>
+
+<p>This option is normally combined with the <b>-req</b> option. Without the <b>-req</b> option the input is a certificate which must be self signed.</p>
+
+</dd>
+<dt id="CAkey-filename"><b>-CAkey filename</b></dt>
+<dd>
+
+<p>Sets the CA private key to sign a certificate with. If this option is not specified then it is assumed that the CA private key is present in the CA certificate file.</p>
+
+</dd>
+<dt id="CAserial-filename"><b>-CAserial filename</b></dt>
+<dd>
+
+<p>Sets the CA serial number file to use.</p>
+
+<p>When the <b>-CA</b> option is used to sign a certificate it uses a serial number specified in a file. This file consists of one line containing an even number of hex digits with the serial number to use. After each use the serial number is incremented and written out to the file again.</p>
+
+<p>The default filename consists of the CA certificate file base name with &quot;.srl&quot; appended. For example if the CA certificate file is called &quot;mycacert.pem&quot; it expects to find a serial number file called &quot;mycacert.srl&quot;.</p>
+
+</dd>
+<dt id="CAcreateserial"><b>-CAcreateserial</b></dt>
+<dd>
+
+<p>With this option the CA serial number file is created if it does not exist: it will contain the serial number &quot;02&quot; and the certificate being signed will have the 1 as its serial number. If the <b>-CA</b> option is specified and the serial number file does not exist a random number is generated; this is the recommended practice.</p>
+
+</dd>
+<dt id="extfile-filename"><b>-extfile filename</b></dt>
+<dd>
+
+<p>File containing certificate extensions to use. If not specified then no extensions are added to the certificate.</p>
+
+</dd>
+<dt id="extensions-section"><b>-extensions section</b></dt>
+<dd>
+
+<p>The section to add certificate extensions from. If this option is not specified then the extensions should either be contained in the unnamed (default) section or the default section should contain a variable called &quot;extensions&quot; which contains the section to use. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
+
+</dd>
+<dt id="force_pubkey-key"><b>-force_pubkey key</b></dt>
+<dd>
+
+<p>When a certificate is created set its public key to <b>key</b> instead of the key in the certificate or certificate request. This option is useful for creating certificates where the algorithm can&#39;t normally sign requests, for example DH.</p>
+
+<p>The format or <b>key</b> can be specified using the <b>-keyform</b> option.</p>
+
+</dd>
+</dl>
+
+<h2 id="Name-Options">Name Options</h2>
+
+<p>The <b>nameopt</b> command line switch determines how the subject and issuer names are displayed. If no <b>nameopt</b> switch is present the default &quot;oneline&quot; format is used which is compatible with previous versions of OpenSSL. Each option is described in detail below, all options can be preceded by a <b>-</b> to turn the option off. Only the first four will normally be used.</p>
+
+<dl>
+
+<dt id="compat"><b>compat</b></dt>
+<dd>
+
+<p>Use the old format.</p>
+
+</dd>
+<dt id="RFC2253"><b>RFC2253</b></dt>
+<dd>
+
+<p>Displays names compatible with RFC2253 equivalent to <b>esc_2253</b>, <b>esc_ctrl</b>, <b>esc_msb</b>, <b>utf8</b>, <b>dump_nostr</b>, <b>dump_unknown</b>, <b>dump_der</b>, <b>sep_comma_plus</b>, <b>dn_rev</b> and <b>sname</b>.</p>
+
+</dd>
+<dt id="oneline"><b>oneline</b></dt>
+<dd>
+
+<p>A oneline format which is more readable than RFC2253. It is equivalent to specifying the <b>esc_2253</b>, <b>esc_ctrl</b>, <b>esc_msb</b>, <b>utf8</b>, <b>dump_nostr</b>, <b>dump_der</b>, <b>use_quote</b>, <b>sep_comma_plus_space</b>, <b>space_eq</b> and <b>sname</b> options. This is the <i>default</i> of no name options are given explicitly.</p>
+
+</dd>
+<dt id="multiline"><b>multiline</b></dt>
+<dd>
+
+<p>A multiline format. It is equivalent <b>esc_ctrl</b>, <b>esc_msb</b>, <b>sep_multiline</b>, <b>space_eq</b>, <b>lname</b> and <b>align</b>.</p>
+
+</dd>
+<dt id="esc_2253"><b>esc_2253</b></dt>
+<dd>
+
+<p>Escape the &quot;special&quot; characters required by RFC2253 in a field. That is <b>,+&quot;&lt;&gt;;</b>. Additionally <b>#</b> is escaped at the beginning of a string and a space character at the beginning or end of a string.</p>
+
+</dd>
+<dt id="esc_2254"><b>esc_2254</b></dt>
+<dd>
+
+<p>Escape the &quot;special&quot; characters required by RFC2254 in a field. That is the <b>NUL</b> character as well as and <b>()*</b>.</p>
+
+</dd>
+<dt id="esc_ctrl"><b>esc_ctrl</b></dt>
+<dd>
+
+<p>Escape control characters. That is those with ASCII values less than 0x20 (space) and the delete (0x7f) character. They are escaped using the RFC2253 \XX notation (where XX are two hex digits representing the character value).</p>
+
+</dd>
+<dt id="esc_msb"><b>esc_msb</b></dt>
+<dd>
+
+<p>Escape characters with the MSB set, that is with ASCII values larger than 127.</p>
+
+</dd>
+<dt id="use_quote"><b>use_quote</b></dt>
+<dd>
+
+<p>Escapes some characters by surrounding the whole string with <b>&quot;</b> characters, without the option all escaping is done with the <b>\</b> character.</p>
+
+</dd>
+<dt id="utf8"><b>utf8</b></dt>
+<dd>
+
+<p>Convert all strings to UTF8 format first. This is required by RFC2253. If you are lucky enough to have a UTF8 compatible terminal then the use of this option (and <b>not</b> setting <b>esc_msb</b>) may result in the correct display of multibyte (international) characters. Is this option is not present then multibyte characters larger than 0xff will be represented using the format \UXXXX for 16 bits and \WXXXXXXXX for 32 bits. Also if this option is off any UTF8Strings will be converted to their character form first.</p>
+
+</dd>
+<dt id="ignore_type"><b>ignore_type</b></dt>
+<dd>
+
+<p>This option does not attempt to interpret multibyte characters in any way. That is their content octets are merely dumped as though one octet represents each character. This is useful for diagnostic purposes but will result in rather odd looking output.</p>
+
+</dd>
+<dt id="show_type"><b>show_type</b></dt>
+<dd>
+
+<p>Show the type of the ASN1 character string. The type precedes the field contents. For example &quot;BMPSTRING: Hello World&quot;.</p>
+
+</dd>
+<dt id="dump_der"><b>dump_der</b></dt>
+<dd>
+
+<p>When this option is set any fields that need to be hexdumped will be dumped using the DER encoding of the field. Otherwise just the content octets will be displayed. Both options use the RFC2253 <b>#XXXX...</b> format.</p>
+
+</dd>
+<dt id="dump_nostr"><b>dump_nostr</b></dt>
+<dd>
+
+<p>Dump non character string types (for example OCTET STRING) if this option is not set then non character string types will be displayed as though each content octet represents a single character.</p>
+
+</dd>
+<dt id="dump_all"><b>dump_all</b></dt>
+<dd>
+
+<p>Dump all fields. This option when used with <b>dump_der</b> allows the DER encoding of the structure to be unambiguously determined.</p>
+
+</dd>
+<dt id="dump_unknown"><b>dump_unknown</b></dt>
+<dd>
+
+<p>Dump any field whose OID is not recognised by OpenSSL.</p>
+
+</dd>
+<dt id="sep_comma_plus-sep_comma_plus_space-sep_semi_plus_space-sep_multiline"><b>sep_comma_plus</b>, <b>sep_comma_plus_space</b>, <b>sep_semi_plus_space</b>, <b>sep_multiline</b></dt>
+<dd>
+
+<p>These options determine the field separators. The first character is between RDNs and the second between multiple AVAs (multiple AVAs are very rare and their use is discouraged). The options ending in &quot;space&quot; additionally place a space after the separator to make it more readable. The <b>sep_multiline</b> uses a linefeed character for the RDN separator and a spaced <b>+</b> for the AVA separator. It also indents the fields by four characters. If no field separator is specified then <b>sep_comma_plus_space</b> is used by default.</p>
+
+</dd>
+<dt id="dn_rev"><b>dn_rev</b></dt>
+<dd>
+
+<p>Reverse the fields of the DN. This is required by RFC2253. As a side effect this also reverses the order of multiple AVAs but this is permissible.</p>
+
+</dd>
+<dt id="nofname-sname-lname-oid"><b>nofname</b>, <b>sname</b>, <b>lname</b>, <b>oid</b></dt>
+<dd>
+
+<p>These options alter how the field name is displayed. <b>nofname</b> does not display the field at all. <b>sname</b> uses the &quot;short name&quot; form (CN for commonName for example). <b>lname</b> uses the long form. <b>oid</b> represents the OID in numerical form and is useful for diagnostic purpose.</p>
+
+</dd>
+<dt id="align"><b>align</b></dt>
+<dd>
+
+<p>Align field values for a more readable output. Only usable with <b>sep_multiline</b>.</p>
+
+</dd>
+<dt id="space_eq"><b>space_eq</b></dt>
+<dd>
+
+<p>Places spaces round the <b>=</b> character which follows the field name.</p>
+
+</dd>
+</dl>
+
+<h2 id="Text-Options">Text Options</h2>
+
+<p>As well as customising the name output format, it is also possible to customise the actual fields printed using the <b>certopt</b> options when the <b>text</b> option is present. The default behaviour is to print all fields.</p>
+
+<dl>
+
+<dt id="compatible"><b>compatible</b></dt>
+<dd>
+
+<p>Use the old format. This is equivalent to specifying no output options at all.</p>
+
+</dd>
+<dt id="no_header"><b>no_header</b></dt>
+<dd>
+
+<p>Don&#39;t print header information: that is the lines saying &quot;Certificate&quot; and &quot;Data&quot;.</p>
+
+</dd>
+<dt id="no_version"><b>no_version</b></dt>
+<dd>
+
+<p>Don&#39;t print out the version number.</p>
+
+</dd>
+<dt id="no_serial"><b>no_serial</b></dt>
+<dd>
+
+<p>Don&#39;t print out the serial number.</p>
+
+</dd>
+<dt id="no_signame"><b>no_signame</b></dt>
+<dd>
+
+<p>Don&#39;t print out the signature algorithm used.</p>
+
+</dd>
+<dt id="no_validity"><b>no_validity</b></dt>
+<dd>
+
+<p>Don&#39;t print the validity, that is the <b>notBefore</b> and <b>notAfter</b> fields.</p>
+
+</dd>
+<dt id="no_subject"><b>no_subject</b></dt>
+<dd>
+
+<p>Don&#39;t print out the subject name.</p>
+
+</dd>
+<dt id="no_issuer"><b>no_issuer</b></dt>
+<dd>
+
+<p>Don&#39;t print out the issuer name.</p>
+
+</dd>
+<dt id="no_pubkey"><b>no_pubkey</b></dt>
+<dd>
+
+<p>Don&#39;t print out the public key.</p>
+
+</dd>
+<dt id="no_sigdump"><b>no_sigdump</b></dt>
+<dd>
+
+<p>Don&#39;t give a hexadecimal dump of the certificate signature.</p>
+
+</dd>
+<dt id="no_aux"><b>no_aux</b></dt>
+<dd>
+
+<p>Don&#39;t print out certificate trust information.</p>
+
+</dd>
+<dt id="no_extensions"><b>no_extensions</b></dt>
+<dd>
+
+<p>Don&#39;t print out any X509V3 extensions.</p>
+
+</dd>
+<dt id="ext_default"><b>ext_default</b></dt>
+<dd>
+
+<p>Retain default extension behaviour: attempt to print out unsupported certificate extensions.</p>
+
+</dd>
+<dt id="ext_error"><b>ext_error</b></dt>
+<dd>
+
+<p>Print an error message for unsupported certificate extensions.</p>
+
+</dd>
+<dt id="ext_parse"><b>ext_parse</b></dt>
+<dd>
+
+<p>ASN1 parse unsupported extensions.</p>
+
+</dd>
+<dt id="ext_dump"><b>ext_dump</b></dt>
+<dd>
+
+<p>Hex dump unsupported extensions.</p>
+
+</dd>
+<dt id="ca_default"><b>ca_default</b></dt>
+<dd>
+
+<p>The value used by the <b>ca</b> utility, equivalent to <b>no_issuer</b>, <b>no_pubkey</b>, <b>no_header</b>, and <b>no_version</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Note: in these examples the &#39;\&#39; means the example should be all on one line.</p>
+
+<p>Display the contents of a certificate:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -text</code></pre>
+
+<p>Display the &quot;Subject Alternative Name&quot; extension of a certificate:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -ext subjectAltName</code></pre>
+
+<p>Display more extensions of a certificate:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -ext subjectAltName,nsCertType</code></pre>
+
+<p>Display the certificate serial number:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -serial</code></pre>
+
+<p>Display the certificate subject name:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -subject</code></pre>
+
+<p>Display the certificate subject name in RFC2253 form:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -subject -nameopt RFC2253</code></pre>
+
+<p>Display the certificate subject name in oneline form on a terminal supporting UTF8:</p>
+
+<pre><code> openssl x509 -in cert.pem -noout -subject -nameopt oneline,-esc_msb</code></pre>
+
+<p>Display the certificate SHA1 fingerprint:</p>
+
+<pre><code> openssl x509 -sha1 -in cert.pem -noout -fingerprint</code></pre>
+
+<p>Convert a certificate from PEM to DER format:</p>
+
+<pre><code> openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER</code></pre>
+
+<p>Convert a certificate to a certificate request:</p>
+
+<pre><code> openssl x509 -x509toreq -in cert.pem -out req.pem -signkey key.pem</code></pre>
+
+<p>Convert a certificate request into a self signed certificate using extensions for a CA:</p>
+
+<pre><code> openssl x509 -req -in careq.pem -extfile openssl.cnf -extensions v3_ca \
+        -signkey key.pem -out cacert.pem</code></pre>
+
+<p>Sign a certificate request using the CA certificate above and add user certificate extensions:</p>
+
+<pre><code> openssl x509 -req -in req.pem -extfile openssl.cnf -extensions v3_usr \
+        -CA cacert.pem -CAkey key.pem -CAcreateserial</code></pre>
+
+<p>Set a certificate to be trusted for SSL client use and change set its alias to &quot;Steve&#39;s Class 1 CA&quot;</p>
+
+<pre><code> openssl x509 -in cert.pem -addtrust clientAuth \
+        -setalias &quot;Steve&#39;s Class 1 CA&quot; -out trust.pem</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM format uses the header and footer lines:</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----</code></pre>
+
+<p>it will also handle files containing:</p>
+
+<pre><code> -----BEGIN X509 CERTIFICATE-----
+ -----END X509 CERTIFICATE-----</code></pre>
+
+<p>Trusted certificates have the lines</p>
+
+<pre><code> -----BEGIN TRUSTED CERTIFICATE-----
+ -----END TRUSTED CERTIFICATE-----</code></pre>
+
+<p>The conversion to UTF8 format used with the name options assumes that T61Strings use the ISO8859-1 character set. This is wrong but Netscape and MSIE do this as do many certificates. So although this is incorrect it is more likely to display the majority of certificates correctly.</p>
+
+<p>The <b>-email</b> option searches the subject name and the subject alternative name extension. Only unique email addresses will be printed out: it will not print the same address more than once.</p>
+
+<h1 id="CERTIFICATE-EXTENSIONS">CERTIFICATE EXTENSIONS</h1>
+
+<p>The <b>-purpose</b> option checks the certificate extensions and determines what the certificate can be used for. The actual checks done are rather complex and include various hacks and workarounds to handle broken certificates and software.</p>
+
+<p>The same code is used when verifying untrusted certificates in chains so this section is useful if a chain is rejected by the verify code.</p>
+
+<p>The basicConstraints extension CA flag is used to determine whether the certificate can be used as a CA. If the CA flag is true then it is a CA, if the CA flag is false then it is not a CA. <b>All</b> CAs should have the CA flag set to true.</p>
+
+<p>If the basicConstraints extension is absent then the certificate is considered to be a &quot;possible CA&quot; other extensions are checked according to the intended use of the certificate. A warning is given in this case because the certificate should really not be regarded as a CA: however it is allowed to be a CA to work around some broken software.</p>
+
+<p>If the certificate is a V1 certificate (and thus has no extensions) and it is self signed it is also assumed to be a CA but a warning is again given: this is to work around the problem of Verisign roots which are V1 self signed certificates.</p>
+
+<p>If the keyUsage extension is present then additional restraints are made on the uses of the certificate. A CA certificate <b>must</b> have the keyCertSign bit set if the keyUsage extension is present.</p>
+
+<p>The extended key usage extension places additional restrictions on the certificate uses. If this extension is present (whether critical or not) the key can only be used for the purposes specified.</p>
+
+<p>A complete description of each test is given below. The comments about basicConstraints and keyUsage and V1 certificates above apply to <b>all</b> CA certificates.</p>
+
+<dl>
+
+<dt id="SSL-Client"><b>SSL Client</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;web client authentication&quot; OID. keyUsage must be absent or it must have the digitalSignature bit set. Netscape certificate type must be absent or it must have the SSL client bit set.</p>
+
+</dd>
+<dt id="SSL-Client-CA"><b>SSL Client CA</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;web client authentication&quot; OID. Netscape certificate type must be absent or it must have the SSL CA bit set: this is used as a work around if the basicConstraints extension is absent.</p>
+
+</dd>
+<dt id="SSL-Server"><b>SSL Server</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;web server authentication&quot; and/or one of the SGC OIDs. keyUsage must be absent or it must have the digitalSignature, the keyEncipherment set or both bits set. Netscape certificate type must be absent or have the SSL server bit set.</p>
+
+</dd>
+<dt id="SSL-Server-CA"><b>SSL Server CA</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;web server authentication&quot; and/or one of the SGC OIDs. Netscape certificate type must be absent or the SSL CA bit must be set: this is used as a work around if the basicConstraints extension is absent.</p>
+
+</dd>
+<dt id="Netscape-SSL-Server"><b>Netscape SSL Server</b></dt>
+<dd>
+
+<p>For Netscape SSL clients to connect to an SSL server it must have the keyEncipherment bit set if the keyUsage extension is present. This isn&#39;t always valid because some cipher suites use the key for digital signing. Otherwise it is the same as a normal SSL server.</p>
+
+</dd>
+<dt id="Common-S-MIME-Client-Tests"><b>Common S/MIME Client Tests</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;email protection&quot; OID. Netscape certificate type must be absent or should have the S/MIME bit set. If the S/MIME bit is not set in Netscape certificate type then the SSL client bit is tolerated as an alternative but a warning is shown: this is because some Verisign certificates don&#39;t set the S/MIME bit.</p>
+
+</dd>
+<dt id="S-MIME-Signing"><b>S/MIME Signing</b></dt>
+<dd>
+
+<p>In addition to the common S/MIME client tests the digitalSignature bit or the nonRepudiation bit must be set if the keyUsage extension is present.</p>
+
+</dd>
+<dt id="S-MIME-Encryption"><b>S/MIME Encryption</b></dt>
+<dd>
+
+<p>In addition to the common S/MIME tests the keyEncipherment bit must be set if the keyUsage extension is present.</p>
+
+</dd>
+<dt id="S-MIME-CA"><b>S/MIME CA</b></dt>
+<dd>
+
+<p>The extended key usage extension must be absent or include the &quot;email protection&quot; OID. Netscape certificate type must be absent or must have the S/MIME CA bit set: this is used as a work around if the basicConstraints extension is absent.</p>
+
+</dd>
+<dt id="CRL-Signing"><b>CRL Signing</b></dt>
+<dd>
+
+<p>The keyUsage extension must be absent or it must have the CRL signing bit set.</p>
+
+</dd>
+<dt id="CRL-Signing-CA"><b>CRL Signing CA</b></dt>
+<dd>
+
+<p>The normal CA tests apply. Except in this case the basicConstraints extension must be present.</p>
+
+</dd>
+</dl>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Extensions in certificates are not transferred to certificate requests and vice versa.</p>
+
+<p>It is possible to produce invalid certificates or requests by specifying the wrong private key or using inconsistent options in some cases: these should be checked.</p>
+
+<p>There should be options to explicitly set such things as start and end dates rather than an offset from the current time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/req.html">req(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/verify.html">verify(1)</a>, <a href="../man5/x509v3_config.html">x509v3_config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The hash algorithm used in the <b>-subject_hash</b> and <b>-issuer_hash</b> options before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding of the distinguished name. In OpenSSL 1.0.0 and later it is based on a canonical version of the DN using SHA1. This means that any directories using the old form must have their links rebuilt using <b>c_rehash</b> or similar.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ACCESS_DESCRIPTION_free.html b/msys2/usr/share/doc/openssl/html/man3/ACCESS_DESCRIPTION_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ACCESS_DESCRIPTION_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ACCESS_DESCRIPTION_new.html b/msys2/usr/share/doc/openssl/html/man3/ACCESS_DESCRIPTION_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ACCESS_DESCRIPTION_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_free.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_admissionAuthority.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_admissionAuthority.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_admissionAuthority.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_namingAuthority.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_namingAuthority.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_namingAuthority.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_professionInfos.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_professionInfos.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_get0_professionInfos.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_new.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_admissionAuthority.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_admissionAuthority.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_admissionAuthority.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_namingAuthority.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_namingAuthority.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_namingAuthority.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_professionInfos.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_professionInfos.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSIONS_set0_professionInfos.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_free.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_get0_admissionAuthority.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_get0_admissionAuthority.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_get0_admissionAuthority.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_get0_contentsOfAdmissions.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_get0_contentsOfAdmissions.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_get0_contentsOfAdmissions.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_new.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_set0_admissionAuthority.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_set0_admissionAuthority.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_set0_admissionAuthority.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_set0_contentsOfAdmissions.html b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_set0_contentsOfAdmissions.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_set0_contentsOfAdmissions.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASIdOrRange_free.html b/msys2/usr/share/doc/openssl/html/man3/ASIdOrRange_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASIdOrRange_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASIdOrRange_new.html b/msys2/usr/share/doc/openssl/html/man3/ASIdOrRange_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASIdOrRange_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASIdentifierChoice_free.html b/msys2/usr/share/doc/openssl/html/man3/ASIdentifierChoice_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASIdentifierChoice_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASIdentifierChoice_new.html b/msys2/usr/share/doc/openssl/html/man3/ASIdentifierChoice_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASIdentifierChoice_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASIdentifiers_free.html b/msys2/usr/share/doc/openssl/html/man3/ASIdentifiers_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASIdentifiers_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASIdentifiers_new.html b/msys2/usr/share/doc/openssl/html/man3/ASIdentifiers_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASIdentifiers_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_get.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_get.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_get.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_get_int64.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_get_int64.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_get_int64.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_set.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_set.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_set.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_set_int64.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_set_int64.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_set_int64.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_to_BN.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_to_BN.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_to_BN.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_adj.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_adj.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_adj.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_check.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_check.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_check.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_print.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_print.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_print.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_set.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_set.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_set.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_set_string.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_set_string.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_set_string.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get_int64.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get_int64.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get_int64.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get_uint64.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get_uint64.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_get_uint64.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set_int64.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set_int64.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set_int64.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set_uint64.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set_uint64.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_set_uint64.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_to_BN.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_to_BN.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_INTEGER_to_BN.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM_get.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM_get.html
new file mode 100644
index 000000000..6ee70f61b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM_get.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_ITEM_lookup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_ITEM_lookup, ASN1_ITEM_get - lookup ASN.1 structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ const ASN1_ITEM *ASN1_ITEM_lookup(const char *name);
+ const ASN1_ITEM *ASN1_ITEM_get(size_t i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ASN1_ITEM_lookup() returns the <b>ASN1_ITEM name</b>.</p>
+
+<p>ASN1_ITEM_get() returns the <b>ASN1_ITEM</b> with index <b>i</b>. This function returns <b>NULL</b> if the index <b>i</b> is out of range.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_ITEM_lookup() and ASN1_ITEM_get() return a valid <b>ASN1_ITEM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM_lookup.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM_lookup.html
new file mode 100644
index 000000000..6ee70f61b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_ITEM_lookup.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_ITEM_lookup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_ITEM_lookup, ASN1_ITEM_get - lookup ASN.1 structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ const ASN1_ITEM *ASN1_ITEM_lookup(const char *name);
+ const ASN1_ITEM *ASN1_ITEM_get(size_t i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ASN1_ITEM_lookup() returns the <b>ASN1_ITEM name</b>.</p>
+
+<p>ASN1_ITEM_get() returns the <b>ASN1_ITEM</b> with index <b>i</b>. This function returns <b>NULL</b> if the index <b>i</b> is out of range.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_ITEM_lookup() and ASN1_ITEM_get() return a valid <b>ASN1_ITEM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_OBJECT_free.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_OBJECT_free.html
new file mode 100644
index 000000000..daae73557
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_OBJECT_free.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_OBJECT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_OBJECT_new, ASN1_OBJECT_free - object allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ ASN1_OBJECT *ASN1_OBJECT_new(void);
+ void ASN1_OBJECT_free(ASN1_OBJECT *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_OBJECT allocation routines, allocate and free an ASN1_OBJECT structure, which represents an ASN1 OBJECT IDENTIFIER.</p>
+
+<p>ASN1_OBJECT_new() allocates and initializes an ASN1_OBJECT structure.</p>
+
+<p>ASN1_OBJECT_free() frees up the <b>ASN1_OBJECT</b> structure <b>a</b>. If <b>a</b> is NULL, nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Although ASN1_OBJECT_new() allocates a new ASN1_OBJECT structure it is almost never used in applications. The ASN1 object utility functions such as OBJ_nid2obj() are used instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, ASN1_OBJECT_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>ASN1_OBJECT_free() returns no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_ASN1_OBJECT.html">d2i_ASN1_OBJECT(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_OBJECT_new.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_OBJECT_new.html
new file mode 100644
index 000000000..daae73557
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_OBJECT_new.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_OBJECT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_OBJECT_new, ASN1_OBJECT_free - object allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ ASN1_OBJECT *ASN1_OBJECT_new(void);
+ void ASN1_OBJECT_free(ASN1_OBJECT *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_OBJECT allocation routines, allocate and free an ASN1_OBJECT structure, which represents an ASN1 OBJECT IDENTIFIER.</p>
+
+<p>ASN1_OBJECT_new() allocates and initializes an ASN1_OBJECT structure.</p>
+
+<p>ASN1_OBJECT_free() frees up the <b>ASN1_OBJECT</b> structure <b>a</b>. If <b>a</b> is NULL, nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Although ASN1_OBJECT_new() allocates a new ASN1_OBJECT structure it is almost never used in applications. The ASN1 object utility functions such as OBJ_nid2obj() are used instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, ASN1_OBJECT_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>ASN1_OBJECT_free() returns no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_ASN1_OBJECT.html">d2i_ASN1_OBJECT(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE.html
new file mode 100644
index 000000000..638ca6e62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_TABLE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_TABLE, ASN1_STRING_TABLE_add, ASN1_STRING_TABLE_get, ASN1_STRING_TABLE_cleanup - ASN1_STRING_TABLE manipulation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ typedef struct asn1_string_table_st ASN1_STRING_TABLE;
+
+ int ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize,
+                           unsigned long mask, unsigned long flags);
+ ASN1_STRING_TABLE * ASN1_STRING_TABLE_get(int nid);
+ void ASN1_STRING_TABLE_cleanup(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<h2 id="Types">Types</h2>
+
+<p><b>ASN1_STRING_TABLE</b> is a table which holds string information (basically minimum size, maximum size, type and etc) for a NID object.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>ASN1_STRING_TABLE_add() adds a new <b>ASN1_STRING_TABLE</b> item into the local ASN1 string table based on the <b>nid</b> along with other parameters.</p>
+
+<p>If the item is already in the table, fields of <b>ASN1_STRING_TABLE</b> are updated (depending on the values of those parameters, e.g., <b>minsize</b> and <b>maxsize</b> &gt;= 0, <b>mask</b> and <b>flags</b> != 0). If the <b>nid</b> is standard, a copy of the standard <b>ASN1_STRING_TABLE</b> is created and updated with other parameters.</p>
+
+<p>ASN1_STRING_TABLE_get() searches for an <b>ASN1_STRING_TABLE</b> item based on <b>nid</b>. It will search the local table first, then the standard one.</p>
+
+<p>ASN1_STRING_TABLE_cleanup() frees all <b>ASN1_STRING_TABLE</b> items added by ASN1_STRING_TABLE_add().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_TABLE_add() returns 1 on success, 0 if an error occurred.</p>
+
+<p>ASN1_STRING_TABLE_get() returns a valid <b>ASN1_STRING_TABLE</b> structure or <b>NULL</b> if nothing is found.</p>
+
+<p>ASN1_STRING_TABLE_cleanup() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_add.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_add.html
new file mode 100644
index 000000000..638ca6e62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_add.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_TABLE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_TABLE, ASN1_STRING_TABLE_add, ASN1_STRING_TABLE_get, ASN1_STRING_TABLE_cleanup - ASN1_STRING_TABLE manipulation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ typedef struct asn1_string_table_st ASN1_STRING_TABLE;
+
+ int ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize,
+                           unsigned long mask, unsigned long flags);
+ ASN1_STRING_TABLE * ASN1_STRING_TABLE_get(int nid);
+ void ASN1_STRING_TABLE_cleanup(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<h2 id="Types">Types</h2>
+
+<p><b>ASN1_STRING_TABLE</b> is a table which holds string information (basically minimum size, maximum size, type and etc) for a NID object.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>ASN1_STRING_TABLE_add() adds a new <b>ASN1_STRING_TABLE</b> item into the local ASN1 string table based on the <b>nid</b> along with other parameters.</p>
+
+<p>If the item is already in the table, fields of <b>ASN1_STRING_TABLE</b> are updated (depending on the values of those parameters, e.g., <b>minsize</b> and <b>maxsize</b> &gt;= 0, <b>mask</b> and <b>flags</b> != 0). If the <b>nid</b> is standard, a copy of the standard <b>ASN1_STRING_TABLE</b> is created and updated with other parameters.</p>
+
+<p>ASN1_STRING_TABLE_get() searches for an <b>ASN1_STRING_TABLE</b> item based on <b>nid</b>. It will search the local table first, then the standard one.</p>
+
+<p>ASN1_STRING_TABLE_cleanup() frees all <b>ASN1_STRING_TABLE</b> items added by ASN1_STRING_TABLE_add().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_TABLE_add() returns 1 on success, 0 if an error occurred.</p>
+
+<p>ASN1_STRING_TABLE_get() returns a valid <b>ASN1_STRING_TABLE</b> structure or <b>NULL</b> if nothing is found.</p>
+
+<p>ASN1_STRING_TABLE_cleanup() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_cleanup.html
new file mode 100644
index 000000000..638ca6e62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_cleanup.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_TABLE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_TABLE, ASN1_STRING_TABLE_add, ASN1_STRING_TABLE_get, ASN1_STRING_TABLE_cleanup - ASN1_STRING_TABLE manipulation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ typedef struct asn1_string_table_st ASN1_STRING_TABLE;
+
+ int ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize,
+                           unsigned long mask, unsigned long flags);
+ ASN1_STRING_TABLE * ASN1_STRING_TABLE_get(int nid);
+ void ASN1_STRING_TABLE_cleanup(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<h2 id="Types">Types</h2>
+
+<p><b>ASN1_STRING_TABLE</b> is a table which holds string information (basically minimum size, maximum size, type and etc) for a NID object.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>ASN1_STRING_TABLE_add() adds a new <b>ASN1_STRING_TABLE</b> item into the local ASN1 string table based on the <b>nid</b> along with other parameters.</p>
+
+<p>If the item is already in the table, fields of <b>ASN1_STRING_TABLE</b> are updated (depending on the values of those parameters, e.g., <b>minsize</b> and <b>maxsize</b> &gt;= 0, <b>mask</b> and <b>flags</b> != 0). If the <b>nid</b> is standard, a copy of the standard <b>ASN1_STRING_TABLE</b> is created and updated with other parameters.</p>
+
+<p>ASN1_STRING_TABLE_get() searches for an <b>ASN1_STRING_TABLE</b> item based on <b>nid</b>. It will search the local table first, then the standard one.</p>
+
+<p>ASN1_STRING_TABLE_cleanup() frees all <b>ASN1_STRING_TABLE</b> items added by ASN1_STRING_TABLE_add().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_TABLE_add() returns 1 on success, 0 if an error occurred.</p>
+
+<p>ASN1_STRING_TABLE_get() returns a valid <b>ASN1_STRING_TABLE</b> structure or <b>NULL</b> if nothing is found.</p>
+
+<p>ASN1_STRING_TABLE_cleanup() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_get.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_get.html
new file mode 100644
index 000000000..638ca6e62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_get.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_TABLE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_TABLE, ASN1_STRING_TABLE_add, ASN1_STRING_TABLE_get, ASN1_STRING_TABLE_cleanup - ASN1_STRING_TABLE manipulation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ typedef struct asn1_string_table_st ASN1_STRING_TABLE;
+
+ int ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize,
+                           unsigned long mask, unsigned long flags);
+ ASN1_STRING_TABLE * ASN1_STRING_TABLE_get(int nid);
+ void ASN1_STRING_TABLE_cleanup(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<h2 id="Types">Types</h2>
+
+<p><b>ASN1_STRING_TABLE</b> is a table which holds string information (basically minimum size, maximum size, type and etc) for a NID object.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>ASN1_STRING_TABLE_add() adds a new <b>ASN1_STRING_TABLE</b> item into the local ASN1 string table based on the <b>nid</b> along with other parameters.</p>
+
+<p>If the item is already in the table, fields of <b>ASN1_STRING_TABLE</b> are updated (depending on the values of those parameters, e.g., <b>minsize</b> and <b>maxsize</b> &gt;= 0, <b>mask</b> and <b>flags</b> != 0). If the <b>nid</b> is standard, a copy of the standard <b>ASN1_STRING_TABLE</b> is created and updated with other parameters.</p>
+
+<p>ASN1_STRING_TABLE_get() searches for an <b>ASN1_STRING_TABLE</b> item based on <b>nid</b>. It will search the local table first, then the standard one.</p>
+
+<p>ASN1_STRING_TABLE_cleanup() frees all <b>ASN1_STRING_TABLE</b> items added by ASN1_STRING_TABLE_add().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_TABLE_add() returns 1 on success, 0 if an error occurred.</p>
+
+<p>ASN1_STRING_TABLE_get() returns a valid <b>ASN1_STRING_TABLE</b> structure or <b>NULL</b> if nothing is found.</p>
+
+<p>ASN1_STRING_TABLE_cleanup() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_cmp.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_cmp.html
new file mode 100644
index 000000000..80479b8a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_cmp.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_length</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(const ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <b>x</b>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
+
+<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
+
+<p>ASN1_STRING_dup() returns a copy of the structure <b>a</b>.</p>
+
+<p>ASN1_STRING_cmp() compares <b>a</b> and <b>b</b> returning 0 if the two are identical. The string types and content are compared.</p>
+
+<p>ASN1_STRING_set() sets the data of string <b>str</b> to the buffer <b>data</b> or length <b>len</b>. The supplied data is copied. If <b>len</b> is -1 then the length is determined by strlen(data).</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() converts the string <b>in</b> to UTF8 format, the converted data is allocated in a buffer in <b>*out</b>. The length of <b>out</b> is returned or a negative error code. The buffer <b>*out</b> should be freed using OPENSSL_free().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
+
+<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
+
+<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for an UTF8String it will be in UTF8 format.</p>
+
+<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <b>x</b>.</p>
+
+<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <b>a</b> is greater than, equal to, or less than <b>b</b>.</p>
+
+<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <b>out</b> or a negative value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_data.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_data.html
new file mode 100644
index 000000000..80479b8a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_data.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_length</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(const ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <b>x</b>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
+
+<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
+
+<p>ASN1_STRING_dup() returns a copy of the structure <b>a</b>.</p>
+
+<p>ASN1_STRING_cmp() compares <b>a</b> and <b>b</b> returning 0 if the two are identical. The string types and content are compared.</p>
+
+<p>ASN1_STRING_set() sets the data of string <b>str</b> to the buffer <b>data</b> or length <b>len</b>. The supplied data is copied. If <b>len</b> is -1 then the length is determined by strlen(data).</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() converts the string <b>in</b> to UTF8 format, the converted data is allocated in a buffer in <b>*out</b>. The length of <b>out</b> is returned or a negative error code. The buffer <b>*out</b> should be freed using OPENSSL_free().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
+
+<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
+
+<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for an UTF8String it will be in UTF8 format.</p>
+
+<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <b>x</b>.</p>
+
+<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <b>a</b> is greater than, equal to, or less than <b>b</b>.</p>
+
+<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <b>out</b> or a negative value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_dup.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_dup.html
new file mode 100644
index 000000000..80479b8a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_dup.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_length</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(const ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <b>x</b>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
+
+<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
+
+<p>ASN1_STRING_dup() returns a copy of the structure <b>a</b>.</p>
+
+<p>ASN1_STRING_cmp() compares <b>a</b> and <b>b</b> returning 0 if the two are identical. The string types and content are compared.</p>
+
+<p>ASN1_STRING_set() sets the data of string <b>str</b> to the buffer <b>data</b> or length <b>len</b>. The supplied data is copied. If <b>len</b> is -1 then the length is determined by strlen(data).</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() converts the string <b>in</b> to UTF8 format, the converted data is allocated in a buffer in <b>*out</b>. The length of <b>out</b> is returned or a negative error code. The buffer <b>*out</b> should be freed using OPENSSL_free().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
+
+<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
+
+<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for an UTF8String it will be in UTF8 format.</p>
+
+<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <b>x</b>.</p>
+
+<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <b>a</b> is greater than, equal to, or less than <b>b</b>.</p>
+
+<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <b>out</b> or a negative value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_free.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_free.html
new file mode 100644
index 000000000..e8b834f33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_free.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_new, ASN1_STRING_type_new, ASN1_STRING_free - ASN1_STRING allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ ASN1_STRING * ASN1_STRING_new(void);
+ ASN1_STRING * ASN1_STRING_type_new(int type);
+ void ASN1_STRING_free(ASN1_STRING *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ASN1_STRING_new() returns an allocated <b>ASN1_STRING</b> structure. Its type is undefined.</p>
+
+<p>ASN1_STRING_type_new() returns an allocated <b>ASN1_STRING</b> structure of type <b>type</b>.</p>
+
+<p>ASN1_STRING_free() frees up <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Other string types call the <b>ASN1_STRING</b> functions. For example ASN1_OCTET_STRING_new() calls ASN1_STRING_type(V_ASN1_OCTET_STRING).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_new() and ASN1_STRING_type_new() return a valid ASN1_STRING structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_get0_data.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_get0_data.html
new file mode 100644
index 000000000..80479b8a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_get0_data.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_length</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(const ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <b>x</b>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
+
+<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
+
+<p>ASN1_STRING_dup() returns a copy of the structure <b>a</b>.</p>
+
+<p>ASN1_STRING_cmp() compares <b>a</b> and <b>b</b> returning 0 if the two are identical. The string types and content are compared.</p>
+
+<p>ASN1_STRING_set() sets the data of string <b>str</b> to the buffer <b>data</b> or length <b>len</b>. The supplied data is copied. If <b>len</b> is -1 then the length is determined by strlen(data).</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() converts the string <b>in</b> to UTF8 format, the converted data is allocated in a buffer in <b>*out</b>. The length of <b>out</b> is returned or a negative error code. The buffer <b>*out</b> should be freed using OPENSSL_free().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
+
+<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
+
+<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for an UTF8String it will be in UTF8 format.</p>
+
+<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <b>x</b>.</p>
+
+<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <b>a</b> is greater than, equal to, or less than <b>b</b>.</p>
+
+<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <b>out</b> or a negative value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_length.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_length.html
new file mode 100644
index 000000000..80479b8a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_length.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_length</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(const ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <b>x</b>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
+
+<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
+
+<p>ASN1_STRING_dup() returns a copy of the structure <b>a</b>.</p>
+
+<p>ASN1_STRING_cmp() compares <b>a</b> and <b>b</b> returning 0 if the two are identical. The string types and content are compared.</p>
+
+<p>ASN1_STRING_set() sets the data of string <b>str</b> to the buffer <b>data</b> or length <b>len</b>. The supplied data is copied. If <b>len</b> is -1 then the length is determined by strlen(data).</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() converts the string <b>in</b> to UTF8 format, the converted data is allocated in a buffer in <b>*out</b>. The length of <b>out</b> is returned or a negative error code. The buffer <b>*out</b> should be freed using OPENSSL_free().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
+
+<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
+
+<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for an UTF8String it will be in UTF8 format.</p>
+
+<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <b>x</b>.</p>
+
+<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <b>a</b> is greater than, equal to, or less than <b>b</b>.</p>
+
+<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <b>out</b> or a negative value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_new.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_new.html
new file mode 100644
index 000000000..e8b834f33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_new.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_new, ASN1_STRING_type_new, ASN1_STRING_free - ASN1_STRING allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ ASN1_STRING * ASN1_STRING_new(void);
+ ASN1_STRING * ASN1_STRING_type_new(int type);
+ void ASN1_STRING_free(ASN1_STRING *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ASN1_STRING_new() returns an allocated <b>ASN1_STRING</b> structure. Its type is undefined.</p>
+
+<p>ASN1_STRING_type_new() returns an allocated <b>ASN1_STRING</b> structure of type <b>type</b>.</p>
+
+<p>ASN1_STRING_free() frees up <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Other string types call the <b>ASN1_STRING</b> functions. For example ASN1_OCTET_STRING_new() calls ASN1_STRING_type(V_ASN1_OCTET_STRING).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_new() and ASN1_STRING_type_new() return a valid ASN1_STRING structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print.html
new file mode 100644
index 000000000..a90250192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_print_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_tag2str, ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp, ASN1_STRING_print - ASN1_STRING output routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
+
+ const char *ASN1_tag2str(int tag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions output an <b>ASN1_STRING</b> structure. <b>ASN1_STRING</b> is used to represent all the ASN1 string types.</p>
+
+<p>ASN1_STRING_print_ex() outputs <b>str</b> to <b>out</b>, the format is determined by the options <b>flags</b>. ASN1_STRING_print_ex_fp() is identical except it outputs to <b>fp</b> instead.</p>
+
+<p>ASN1_STRING_print() prints <b>str</b> to <b>out</b> but using a different format to ASN1_STRING_print_ex(). It replaces unprintable characters (other than CR, LF) with &#39;.&#39;.</p>
+
+<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <b>tag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>ASN1_STRING_print() is a deprecated function which should be avoided; use ASN1_STRING_print_ex() instead.</p>
+
+<p>Although there are a large number of options frequently <b>ASN1_STRFLGS_RFC2253</b> is suitable, or on UTF8 terminals <b>ASN1_STRFLGS_RFC2253 &amp; ~ASN1_STRFLGS_ESC_MSB</b>.</p>
+
+<p>The complete set of supported options for <b>flags</b> is listed below.</p>
+
+<p>Various characters can be escaped. If <b>ASN1_STRFLGS_ESC_2253</b> is set the characters determined by RFC2253 are escaped. If <b>ASN1_STRFLGS_ESC_CTRL</b> is set control characters are escaped. If <b>ASN1_STRFLGS_ESC_MSB</b> is set characters with the MSB set are escaped: this option should <b>not</b> be used if the terminal correctly interprets UTF8 sequences.</p>
+
+<p>Escaping takes several forms.</p>
+
+<p>If the character being escaped is a 16 bit character then the form &quot;\UXXXX&quot; is used using exactly four characters for the hex representation. If it is 32 bits then &quot;\WXXXXXXXX&quot; is used using eight characters of its hex representation. These forms will only be used if UTF8 conversion is not set (see below).</p>
+
+<p>Printable characters are normally escaped using the backslash &#39;\&#39; character. If <b>ASN1_STRFLGS_ESC_QUOTE</b> is set then the whole string is instead surrounded by double quote characters: this is arguably more readable than the backslash notation. Other characters use the &quot;\XX&quot; using exactly two characters of the hex representation.</p>
+
+<p>If <b>ASN1_STRFLGS_UTF8_CONVERT</b> is set then characters are converted to UTF8 format first. If the terminal supports the display of UTF8 sequences then this option will correctly display multi byte characters.</p>
+
+<p>If <b>ASN1_STRFLGS_IGNORE_TYPE</b> is set then the string type is not interpreted at all: everything is assumed to be one byte per character. This is primarily for debugging purposes and can result in confusing output in multi character strings.</p>
+
+<p>If <b>ASN1_STRFLGS_SHOW_TYPE</b> is set then the string type itself is printed out before its value (for example &quot;BMPSTRING&quot;), this actually uses ASN1_tag2str().</p>
+
+<p>The content of a string instead of being interpreted can be &quot;dumped&quot;: this just outputs the value of the string using the form #XXXX using hex format for each octet.</p>
+
+<p>If <b>ASN1_STRFLGS_DUMP_ALL</b> is set then any type is dumped.</p>
+
+<p>Normally non character string types (such as OCTET STRING) are assumed to be one byte per character, if <b>ASN1_STRFLGS_DUMP_UNKNOWN</b> is set then they will be dumped instead.</p>
+
+<p>When a type is dumped normally just the content octets are printed, if <b>ASN1_STRFLGS_DUMP_DER</b> is set then the complete encoding is dumped instead (including tag and length octets).</p>
+
+<p><b>ASN1_STRFLGS_RFC2253</b> includes all the flags required by RFC2253. It is equivalent to: ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_print_ex() and ASN1_STRING_print_ex_fp() return the number of characters written or -1 if an error occurred.</p>
+
+<p>ASN1_STRING_print() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <b>tag</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/ASN1_tag2str.html">ASN1_tag2str(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print_ex.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print_ex.html
new file mode 100644
index 000000000..a90250192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print_ex.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_print_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_tag2str, ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp, ASN1_STRING_print - ASN1_STRING output routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
+
+ const char *ASN1_tag2str(int tag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions output an <b>ASN1_STRING</b> structure. <b>ASN1_STRING</b> is used to represent all the ASN1 string types.</p>
+
+<p>ASN1_STRING_print_ex() outputs <b>str</b> to <b>out</b>, the format is determined by the options <b>flags</b>. ASN1_STRING_print_ex_fp() is identical except it outputs to <b>fp</b> instead.</p>
+
+<p>ASN1_STRING_print() prints <b>str</b> to <b>out</b> but using a different format to ASN1_STRING_print_ex(). It replaces unprintable characters (other than CR, LF) with &#39;.&#39;.</p>
+
+<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <b>tag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>ASN1_STRING_print() is a deprecated function which should be avoided; use ASN1_STRING_print_ex() instead.</p>
+
+<p>Although there are a large number of options frequently <b>ASN1_STRFLGS_RFC2253</b> is suitable, or on UTF8 terminals <b>ASN1_STRFLGS_RFC2253 &amp; ~ASN1_STRFLGS_ESC_MSB</b>.</p>
+
+<p>The complete set of supported options for <b>flags</b> is listed below.</p>
+
+<p>Various characters can be escaped. If <b>ASN1_STRFLGS_ESC_2253</b> is set the characters determined by RFC2253 are escaped. If <b>ASN1_STRFLGS_ESC_CTRL</b> is set control characters are escaped. If <b>ASN1_STRFLGS_ESC_MSB</b> is set characters with the MSB set are escaped: this option should <b>not</b> be used if the terminal correctly interprets UTF8 sequences.</p>
+
+<p>Escaping takes several forms.</p>
+
+<p>If the character being escaped is a 16 bit character then the form &quot;\UXXXX&quot; is used using exactly four characters for the hex representation. If it is 32 bits then &quot;\WXXXXXXXX&quot; is used using eight characters of its hex representation. These forms will only be used if UTF8 conversion is not set (see below).</p>
+
+<p>Printable characters are normally escaped using the backslash &#39;\&#39; character. If <b>ASN1_STRFLGS_ESC_QUOTE</b> is set then the whole string is instead surrounded by double quote characters: this is arguably more readable than the backslash notation. Other characters use the &quot;\XX&quot; using exactly two characters of the hex representation.</p>
+
+<p>If <b>ASN1_STRFLGS_UTF8_CONVERT</b> is set then characters are converted to UTF8 format first. If the terminal supports the display of UTF8 sequences then this option will correctly display multi byte characters.</p>
+
+<p>If <b>ASN1_STRFLGS_IGNORE_TYPE</b> is set then the string type is not interpreted at all: everything is assumed to be one byte per character. This is primarily for debugging purposes and can result in confusing output in multi character strings.</p>
+
+<p>If <b>ASN1_STRFLGS_SHOW_TYPE</b> is set then the string type itself is printed out before its value (for example &quot;BMPSTRING&quot;), this actually uses ASN1_tag2str().</p>
+
+<p>The content of a string instead of being interpreted can be &quot;dumped&quot;: this just outputs the value of the string using the form #XXXX using hex format for each octet.</p>
+
+<p>If <b>ASN1_STRFLGS_DUMP_ALL</b> is set then any type is dumped.</p>
+
+<p>Normally non character string types (such as OCTET STRING) are assumed to be one byte per character, if <b>ASN1_STRFLGS_DUMP_UNKNOWN</b> is set then they will be dumped instead.</p>
+
+<p>When a type is dumped normally just the content octets are printed, if <b>ASN1_STRFLGS_DUMP_DER</b> is set then the complete encoding is dumped instead (including tag and length octets).</p>
+
+<p><b>ASN1_STRFLGS_RFC2253</b> includes all the flags required by RFC2253. It is equivalent to: ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_print_ex() and ASN1_STRING_print_ex_fp() return the number of characters written or -1 if an error occurred.</p>
+
+<p>ASN1_STRING_print() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <b>tag</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/ASN1_tag2str.html">ASN1_tag2str(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print_ex_fp.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print_ex_fp.html
new file mode 100644
index 000000000..a90250192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_print_ex_fp.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_print_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_tag2str, ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp, ASN1_STRING_print - ASN1_STRING output routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
+
+ const char *ASN1_tag2str(int tag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions output an <b>ASN1_STRING</b> structure. <b>ASN1_STRING</b> is used to represent all the ASN1 string types.</p>
+
+<p>ASN1_STRING_print_ex() outputs <b>str</b> to <b>out</b>, the format is determined by the options <b>flags</b>. ASN1_STRING_print_ex_fp() is identical except it outputs to <b>fp</b> instead.</p>
+
+<p>ASN1_STRING_print() prints <b>str</b> to <b>out</b> but using a different format to ASN1_STRING_print_ex(). It replaces unprintable characters (other than CR, LF) with &#39;.&#39;.</p>
+
+<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <b>tag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>ASN1_STRING_print() is a deprecated function which should be avoided; use ASN1_STRING_print_ex() instead.</p>
+
+<p>Although there are a large number of options frequently <b>ASN1_STRFLGS_RFC2253</b> is suitable, or on UTF8 terminals <b>ASN1_STRFLGS_RFC2253 &amp; ~ASN1_STRFLGS_ESC_MSB</b>.</p>
+
+<p>The complete set of supported options for <b>flags</b> is listed below.</p>
+
+<p>Various characters can be escaped. If <b>ASN1_STRFLGS_ESC_2253</b> is set the characters determined by RFC2253 are escaped. If <b>ASN1_STRFLGS_ESC_CTRL</b> is set control characters are escaped. If <b>ASN1_STRFLGS_ESC_MSB</b> is set characters with the MSB set are escaped: this option should <b>not</b> be used if the terminal correctly interprets UTF8 sequences.</p>
+
+<p>Escaping takes several forms.</p>
+
+<p>If the character being escaped is a 16 bit character then the form &quot;\UXXXX&quot; is used using exactly four characters for the hex representation. If it is 32 bits then &quot;\WXXXXXXXX&quot; is used using eight characters of its hex representation. These forms will only be used if UTF8 conversion is not set (see below).</p>
+
+<p>Printable characters are normally escaped using the backslash &#39;\&#39; character. If <b>ASN1_STRFLGS_ESC_QUOTE</b> is set then the whole string is instead surrounded by double quote characters: this is arguably more readable than the backslash notation. Other characters use the &quot;\XX&quot; using exactly two characters of the hex representation.</p>
+
+<p>If <b>ASN1_STRFLGS_UTF8_CONVERT</b> is set then characters are converted to UTF8 format first. If the terminal supports the display of UTF8 sequences then this option will correctly display multi byte characters.</p>
+
+<p>If <b>ASN1_STRFLGS_IGNORE_TYPE</b> is set then the string type is not interpreted at all: everything is assumed to be one byte per character. This is primarily for debugging purposes and can result in confusing output in multi character strings.</p>
+
+<p>If <b>ASN1_STRFLGS_SHOW_TYPE</b> is set then the string type itself is printed out before its value (for example &quot;BMPSTRING&quot;), this actually uses ASN1_tag2str().</p>
+
+<p>The content of a string instead of being interpreted can be &quot;dumped&quot;: this just outputs the value of the string using the form #XXXX using hex format for each octet.</p>
+
+<p>If <b>ASN1_STRFLGS_DUMP_ALL</b> is set then any type is dumped.</p>
+
+<p>Normally non character string types (such as OCTET STRING) are assumed to be one byte per character, if <b>ASN1_STRFLGS_DUMP_UNKNOWN</b> is set then they will be dumped instead.</p>
+
+<p>When a type is dumped normally just the content octets are printed, if <b>ASN1_STRFLGS_DUMP_DER</b> is set then the complete encoding is dumped instead (including tag and length octets).</p>
+
+<p><b>ASN1_STRFLGS_RFC2253</b> includes all the flags required by RFC2253. It is equivalent to: ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_print_ex() and ASN1_STRING_print_ex_fp() return the number of characters written or -1 if an error occurred.</p>
+
+<p>ASN1_STRING_print() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <b>tag</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/ASN1_tag2str.html">ASN1_tag2str(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_set.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_set.html
new file mode 100644
index 000000000..80479b8a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_set.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_length</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(const ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <b>x</b>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
+
+<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
+
+<p>ASN1_STRING_dup() returns a copy of the structure <b>a</b>.</p>
+
+<p>ASN1_STRING_cmp() compares <b>a</b> and <b>b</b> returning 0 if the two are identical. The string types and content are compared.</p>
+
+<p>ASN1_STRING_set() sets the data of string <b>str</b> to the buffer <b>data</b> or length <b>len</b>. The supplied data is copied. If <b>len</b> is -1 then the length is determined by strlen(data).</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() converts the string <b>in</b> to UTF8 format, the converted data is allocated in a buffer in <b>*out</b>. The length of <b>out</b> is returned or a negative error code. The buffer <b>*out</b> should be freed using OPENSSL_free().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
+
+<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
+
+<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for an UTF8String it will be in UTF8 format.</p>
+
+<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <b>x</b>.</p>
+
+<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <b>a</b> is greater than, equal to, or less than <b>b</b>.</p>
+
+<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <b>out</b> or a negative value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_to_UTF8.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_to_UTF8.html
new file mode 100644
index 000000000..80479b8a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_to_UTF8.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_length</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(const ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <b>x</b>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
+
+<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
+
+<p>ASN1_STRING_dup() returns a copy of the structure <b>a</b>.</p>
+
+<p>ASN1_STRING_cmp() compares <b>a</b> and <b>b</b> returning 0 if the two are identical. The string types and content are compared.</p>
+
+<p>ASN1_STRING_set() sets the data of string <b>str</b> to the buffer <b>data</b> or length <b>len</b>. The supplied data is copied. If <b>len</b> is -1 then the length is determined by strlen(data).</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() converts the string <b>in</b> to UTF8 format, the converted data is allocated in a buffer in <b>*out</b>. The length of <b>out</b> is returned or a negative error code. The buffer <b>*out</b> should be freed using OPENSSL_free().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
+
+<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
+
+<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for an UTF8String it will be in UTF8 format.</p>
+
+<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <b>x</b>.</p>
+
+<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <b>a</b> is greater than, equal to, or less than <b>b</b>.</p>
+
+<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <b>out</b> or a negative value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_type.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_type.html
new file mode 100644
index 000000000..80479b8a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_type.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_length</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length, ASN1_STRING_type, ASN1_STRING_get0_data, ASN1_STRING_data, ASN1_STRING_to_UTF8 - ASN1_STRING utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(const ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>ASN1_STRING</b> structure to be manipulated.</p>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() returns an internal pointer to the data of <b>x</b>. Since this is an internal pointer it should <b>not</b> be freed or modified in any way.</p>
+
+<p>ASN1_STRING_data() is similar to ASN1_STRING_get0_data() except the returned value is not constant. This function is deprecated: applications should use ASN1_STRING_get0_data() instead.</p>
+
+<p>ASN1_STRING_dup() returns a copy of the structure <b>a</b>.</p>
+
+<p>ASN1_STRING_cmp() compares <b>a</b> and <b>b</b> returning 0 if the two are identical. The string types and content are compared.</p>
+
+<p>ASN1_STRING_set() sets the data of string <b>str</b> to the buffer <b>data</b> or length <b>len</b>. The supplied data is copied. If <b>len</b> is -1 then the length is determined by strlen(data).</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>, using standard constants such as <b>V_ASN1_OCTET_STRING</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() converts the string <b>in</b> to UTF8 format, the converted data is allocated in a buffer in <b>*out</b>. The length of <b>out</b> is returned or a negative error code. The buffer <b>*out</b> should be freed using OPENSSL_free().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Almost all ASN1 types in OpenSSL are represented as an <b>ASN1_STRING</b> structure. Other types such as <b>ASN1_OCTET_STRING</b> are simply typedef&#39;ed to <b>ASN1_STRING</b> and the functions call the <b>ASN1_STRING</b> equivalents. <b>ASN1_STRING</b> is also used for some <b>CHOICE</b> types which consist entirely of primitive string types such as <b>DirectoryString</b> and <b>Time</b>.</p>
+
+<p>These functions should <b>not</b> be used to examine or modify <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> types: the relevant <b>INTEGER</b> or <b>ENUMERATED</b> utility functions should be used instead.</p>
+
+<p>In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example for an IA5String the data will be ASCII, for a BMPString two bytes per character in big endian format, and for an UTF8String it will be in UTF8 format.</p>
+
+<p>Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_length() returns the length of the content of <b>x</b>.</p>
+
+<p>ASN1_STRING_get0_data() and ASN1_STRING_data() return an internal pointer to the data of <b>x</b>.</p>
+
+<p>ASN1_STRING_dup() returns a valid <b>ASN1_STRING</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_cmp() returns an integer greater than, equal to, or less than 0, according to whether <b>a</b> is greater than, equal to, or less than <b>b</b>.</p>
+
+<p>ASN1_STRING_set() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_STRING_type() returns the type of <b>x</b>.</p>
+
+<p>ASN1_STRING_to_UTF8() returns the number of bytes in output string <b>out</b> or a negative value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_type_new.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_type_new.html
new file mode 100644
index 000000000..e8b834f33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_STRING_type_new.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_STRING_new, ASN1_STRING_type_new, ASN1_STRING_free - ASN1_STRING allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ ASN1_STRING * ASN1_STRING_new(void);
+ ASN1_STRING * ASN1_STRING_type_new(int type);
+ void ASN1_STRING_free(ASN1_STRING *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ASN1_STRING_new() returns an allocated <b>ASN1_STRING</b> structure. Its type is undefined.</p>
+
+<p>ASN1_STRING_type_new() returns an allocated <b>ASN1_STRING</b> structure of type <b>type</b>.</p>
+
+<p>ASN1_STRING_free() frees up <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Other string types call the <b>ASN1_STRING</b> functions. For example ASN1_OCTET_STRING_new() calls ASN1_STRING_type(V_ASN1_OCTET_STRING).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_new() and ASN1_STRING_type_new() return a valid ASN1_STRING structure or <b>NULL</b> if an error occurred.</p>
+
+<p>ASN1_STRING_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_adj.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_adj.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_adj.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_check.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_check.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_check.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_cmp_time_t.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_cmp_time_t.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_cmp_time_t.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_compare.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_compare.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_compare.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_diff.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_diff.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_diff.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_normalize.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_normalize.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_normalize.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_print.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_print.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_print.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set_string.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set_string.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set_string.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set_string_X509.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set_string_X509.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_set_string_X509.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_to_generalizedtime.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_to_generalizedtime.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_to_generalizedtime.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_to_tm.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_to_tm.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TIME_to_tm.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_cmp.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_cmp.html
new file mode 100644
index 000000000..042943c49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_cmp.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TYPE_get</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TYPE_get, ASN1_TYPE_set, ASN1_TYPE_set1, ASN1_TYPE_cmp, ASN1_TYPE_unpack_sequence, ASN1_TYPE_pack_sequence - ASN1_TYPE utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_TYPE_get(const ASN1_TYPE *a);
+ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+ ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s,
+                                    ASN1_TYPE **t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an ASN1_TYPE structure to be manipulated. The ASN1_TYPE structure can contain any ASN.1 type or constructed type such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.</p>
+
+<p>ASN1_TYPE_get() returns the type of <b>a</b>.</p>
+
+<p>ASN1_TYPE_set() sets the value of <b>a</b> to <b>type</b> and <b>value</b>. This function uses the pointer <b>value</b> internally so it must <b>not</b> be freed up after the call.</p>
+
+<p>ASN1_TYPE_set1() sets the value of <b>a</b> to <b>type</b> a copy of <b>value</b>.</p>
+
+<p>ASN1_TYPE_cmp() compares ASN.1 types <b>a</b> and <b>b</b> and returns 0 if they are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() attempts to parse the SEQUENCE present in <b>t</b> using the ASN.1 structure <b>it</b>. If successful it returns a pointer to the ASN.1 structure corresponding to <b>it</b> which must be freed by the caller. If it fails it return NULL.</p>
+
+<p>ASN1_TYPE_pack_sequence() attempts to encode the ASN.1 structure <b>s</b> corresponding to <b>it</b> into an ASN1_TYPE. If successful the encoded ASN1_TYPE is returned. If <b>t</b> and <b>*t</b> are not NULL the encoded type is written to <b>t</b> overwriting any existing data. If <b>t</b> is not NULL but <b>*t</b> is NULL the returned ASN1_TYPE is written to <b>*t</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The type and meaning of the <b>value</b> parameter for ASN1_TYPE_set() and ASN1_TYPE_set1() is determined by the <b>type</b> parameter. If <b>type</b> is V_ASN1_NULL <b>value</b> is ignored. If <b>type</b> is V_ASN1_BOOLEAN then the boolean is set to TRUE if <b>value</b> is not NULL. If <b>type</b> is V_ASN1_OBJECT then value is an ASN1_OBJECT structure. Otherwise <b>type</b> is and ASN1_STRING structure. If <b>type</b> corresponds to a primitive type (or a string type) then the contents of the ASN1_STRING contain the content octets of the type. If <b>type</b> corresponds to a constructed type or a tagged type (V_ASN1_SEQUENCE, V_ASN1_SET or V_ASN1_OTHER) then the ASN1_STRING contains the entire ASN.1 encoding verbatim (including tag and length octets).</p>
+
+<p>ASN1_TYPE_cmp() may not return zero if two types are equivalent but have different encodings. For example the single content octet of the boolean TRUE value under BER can have any non-zero encoding but ASN1_TYPE_cmp() will only return zero if the values are the same.</p>
+
+<p>If either or both of the parameters passed to ASN1_TYPE_cmp() is NULL the return value is non-zero. Technically if both parameters are NULL the two types could be absent OPTIONAL fields and so should match, however passing NULL values could also indicate a programming error (for example an unparseable type which returns NULL) for types which do <b>not</b> match. So applications should handle the case of two absent values separately.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TYPE_get() returns the type of the ASN1_TYPE argument.</p>
+
+<p>ASN1_TYPE_set() does not return a value.</p>
+
+<p>ASN1_TYPE_set1() returns 1 for success and 0 for failure.</p>
+
+<p>ASN1_TYPE_cmp() returns 0 if the types are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() returns a pointer to an ASN.1 structure or NULL on failure.</p>
+
+<p>ASN1_TYPE_pack_sequence() return an ASN1_TYPE structure if it succeeds or NULL on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_get.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_get.html
new file mode 100644
index 000000000..042943c49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_get.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TYPE_get</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TYPE_get, ASN1_TYPE_set, ASN1_TYPE_set1, ASN1_TYPE_cmp, ASN1_TYPE_unpack_sequence, ASN1_TYPE_pack_sequence - ASN1_TYPE utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_TYPE_get(const ASN1_TYPE *a);
+ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+ ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s,
+                                    ASN1_TYPE **t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an ASN1_TYPE structure to be manipulated. The ASN1_TYPE structure can contain any ASN.1 type or constructed type such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.</p>
+
+<p>ASN1_TYPE_get() returns the type of <b>a</b>.</p>
+
+<p>ASN1_TYPE_set() sets the value of <b>a</b> to <b>type</b> and <b>value</b>. This function uses the pointer <b>value</b> internally so it must <b>not</b> be freed up after the call.</p>
+
+<p>ASN1_TYPE_set1() sets the value of <b>a</b> to <b>type</b> a copy of <b>value</b>.</p>
+
+<p>ASN1_TYPE_cmp() compares ASN.1 types <b>a</b> and <b>b</b> and returns 0 if they are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() attempts to parse the SEQUENCE present in <b>t</b> using the ASN.1 structure <b>it</b>. If successful it returns a pointer to the ASN.1 structure corresponding to <b>it</b> which must be freed by the caller. If it fails it return NULL.</p>
+
+<p>ASN1_TYPE_pack_sequence() attempts to encode the ASN.1 structure <b>s</b> corresponding to <b>it</b> into an ASN1_TYPE. If successful the encoded ASN1_TYPE is returned. If <b>t</b> and <b>*t</b> are not NULL the encoded type is written to <b>t</b> overwriting any existing data. If <b>t</b> is not NULL but <b>*t</b> is NULL the returned ASN1_TYPE is written to <b>*t</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The type and meaning of the <b>value</b> parameter for ASN1_TYPE_set() and ASN1_TYPE_set1() is determined by the <b>type</b> parameter. If <b>type</b> is V_ASN1_NULL <b>value</b> is ignored. If <b>type</b> is V_ASN1_BOOLEAN then the boolean is set to TRUE if <b>value</b> is not NULL. If <b>type</b> is V_ASN1_OBJECT then value is an ASN1_OBJECT structure. Otherwise <b>type</b> is and ASN1_STRING structure. If <b>type</b> corresponds to a primitive type (or a string type) then the contents of the ASN1_STRING contain the content octets of the type. If <b>type</b> corresponds to a constructed type or a tagged type (V_ASN1_SEQUENCE, V_ASN1_SET or V_ASN1_OTHER) then the ASN1_STRING contains the entire ASN.1 encoding verbatim (including tag and length octets).</p>
+
+<p>ASN1_TYPE_cmp() may not return zero if two types are equivalent but have different encodings. For example the single content octet of the boolean TRUE value under BER can have any non-zero encoding but ASN1_TYPE_cmp() will only return zero if the values are the same.</p>
+
+<p>If either or both of the parameters passed to ASN1_TYPE_cmp() is NULL the return value is non-zero. Technically if both parameters are NULL the two types could be absent OPTIONAL fields and so should match, however passing NULL values could also indicate a programming error (for example an unparseable type which returns NULL) for types which do <b>not</b> match. So applications should handle the case of two absent values separately.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TYPE_get() returns the type of the ASN1_TYPE argument.</p>
+
+<p>ASN1_TYPE_set() does not return a value.</p>
+
+<p>ASN1_TYPE_set1() returns 1 for success and 0 for failure.</p>
+
+<p>ASN1_TYPE_cmp() returns 0 if the types are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() returns a pointer to an ASN.1 structure or NULL on failure.</p>
+
+<p>ASN1_TYPE_pack_sequence() return an ASN1_TYPE structure if it succeeds or NULL on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_pack_sequence.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_pack_sequence.html
new file mode 100644
index 000000000..042943c49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_pack_sequence.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TYPE_get</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TYPE_get, ASN1_TYPE_set, ASN1_TYPE_set1, ASN1_TYPE_cmp, ASN1_TYPE_unpack_sequence, ASN1_TYPE_pack_sequence - ASN1_TYPE utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_TYPE_get(const ASN1_TYPE *a);
+ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+ ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s,
+                                    ASN1_TYPE **t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an ASN1_TYPE structure to be manipulated. The ASN1_TYPE structure can contain any ASN.1 type or constructed type such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.</p>
+
+<p>ASN1_TYPE_get() returns the type of <b>a</b>.</p>
+
+<p>ASN1_TYPE_set() sets the value of <b>a</b> to <b>type</b> and <b>value</b>. This function uses the pointer <b>value</b> internally so it must <b>not</b> be freed up after the call.</p>
+
+<p>ASN1_TYPE_set1() sets the value of <b>a</b> to <b>type</b> a copy of <b>value</b>.</p>
+
+<p>ASN1_TYPE_cmp() compares ASN.1 types <b>a</b> and <b>b</b> and returns 0 if they are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() attempts to parse the SEQUENCE present in <b>t</b> using the ASN.1 structure <b>it</b>. If successful it returns a pointer to the ASN.1 structure corresponding to <b>it</b> which must be freed by the caller. If it fails it return NULL.</p>
+
+<p>ASN1_TYPE_pack_sequence() attempts to encode the ASN.1 structure <b>s</b> corresponding to <b>it</b> into an ASN1_TYPE. If successful the encoded ASN1_TYPE is returned. If <b>t</b> and <b>*t</b> are not NULL the encoded type is written to <b>t</b> overwriting any existing data. If <b>t</b> is not NULL but <b>*t</b> is NULL the returned ASN1_TYPE is written to <b>*t</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The type and meaning of the <b>value</b> parameter for ASN1_TYPE_set() and ASN1_TYPE_set1() is determined by the <b>type</b> parameter. If <b>type</b> is V_ASN1_NULL <b>value</b> is ignored. If <b>type</b> is V_ASN1_BOOLEAN then the boolean is set to TRUE if <b>value</b> is not NULL. If <b>type</b> is V_ASN1_OBJECT then value is an ASN1_OBJECT structure. Otherwise <b>type</b> is and ASN1_STRING structure. If <b>type</b> corresponds to a primitive type (or a string type) then the contents of the ASN1_STRING contain the content octets of the type. If <b>type</b> corresponds to a constructed type or a tagged type (V_ASN1_SEQUENCE, V_ASN1_SET or V_ASN1_OTHER) then the ASN1_STRING contains the entire ASN.1 encoding verbatim (including tag and length octets).</p>
+
+<p>ASN1_TYPE_cmp() may not return zero if two types are equivalent but have different encodings. For example the single content octet of the boolean TRUE value under BER can have any non-zero encoding but ASN1_TYPE_cmp() will only return zero if the values are the same.</p>
+
+<p>If either or both of the parameters passed to ASN1_TYPE_cmp() is NULL the return value is non-zero. Technically if both parameters are NULL the two types could be absent OPTIONAL fields and so should match, however passing NULL values could also indicate a programming error (for example an unparseable type which returns NULL) for types which do <b>not</b> match. So applications should handle the case of two absent values separately.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TYPE_get() returns the type of the ASN1_TYPE argument.</p>
+
+<p>ASN1_TYPE_set() does not return a value.</p>
+
+<p>ASN1_TYPE_set1() returns 1 for success and 0 for failure.</p>
+
+<p>ASN1_TYPE_cmp() returns 0 if the types are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() returns a pointer to an ASN.1 structure or NULL on failure.</p>
+
+<p>ASN1_TYPE_pack_sequence() return an ASN1_TYPE structure if it succeeds or NULL on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_set.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_set.html
new file mode 100644
index 000000000..042943c49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_set.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TYPE_get</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TYPE_get, ASN1_TYPE_set, ASN1_TYPE_set1, ASN1_TYPE_cmp, ASN1_TYPE_unpack_sequence, ASN1_TYPE_pack_sequence - ASN1_TYPE utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_TYPE_get(const ASN1_TYPE *a);
+ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+ ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s,
+                                    ASN1_TYPE **t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an ASN1_TYPE structure to be manipulated. The ASN1_TYPE structure can contain any ASN.1 type or constructed type such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.</p>
+
+<p>ASN1_TYPE_get() returns the type of <b>a</b>.</p>
+
+<p>ASN1_TYPE_set() sets the value of <b>a</b> to <b>type</b> and <b>value</b>. This function uses the pointer <b>value</b> internally so it must <b>not</b> be freed up after the call.</p>
+
+<p>ASN1_TYPE_set1() sets the value of <b>a</b> to <b>type</b> a copy of <b>value</b>.</p>
+
+<p>ASN1_TYPE_cmp() compares ASN.1 types <b>a</b> and <b>b</b> and returns 0 if they are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() attempts to parse the SEQUENCE present in <b>t</b> using the ASN.1 structure <b>it</b>. If successful it returns a pointer to the ASN.1 structure corresponding to <b>it</b> which must be freed by the caller. If it fails it return NULL.</p>
+
+<p>ASN1_TYPE_pack_sequence() attempts to encode the ASN.1 structure <b>s</b> corresponding to <b>it</b> into an ASN1_TYPE. If successful the encoded ASN1_TYPE is returned. If <b>t</b> and <b>*t</b> are not NULL the encoded type is written to <b>t</b> overwriting any existing data. If <b>t</b> is not NULL but <b>*t</b> is NULL the returned ASN1_TYPE is written to <b>*t</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The type and meaning of the <b>value</b> parameter for ASN1_TYPE_set() and ASN1_TYPE_set1() is determined by the <b>type</b> parameter. If <b>type</b> is V_ASN1_NULL <b>value</b> is ignored. If <b>type</b> is V_ASN1_BOOLEAN then the boolean is set to TRUE if <b>value</b> is not NULL. If <b>type</b> is V_ASN1_OBJECT then value is an ASN1_OBJECT structure. Otherwise <b>type</b> is and ASN1_STRING structure. If <b>type</b> corresponds to a primitive type (or a string type) then the contents of the ASN1_STRING contain the content octets of the type. If <b>type</b> corresponds to a constructed type or a tagged type (V_ASN1_SEQUENCE, V_ASN1_SET or V_ASN1_OTHER) then the ASN1_STRING contains the entire ASN.1 encoding verbatim (including tag and length octets).</p>
+
+<p>ASN1_TYPE_cmp() may not return zero if two types are equivalent but have different encodings. For example the single content octet of the boolean TRUE value under BER can have any non-zero encoding but ASN1_TYPE_cmp() will only return zero if the values are the same.</p>
+
+<p>If either or both of the parameters passed to ASN1_TYPE_cmp() is NULL the return value is non-zero. Technically if both parameters are NULL the two types could be absent OPTIONAL fields and so should match, however passing NULL values could also indicate a programming error (for example an unparseable type which returns NULL) for types which do <b>not</b> match. So applications should handle the case of two absent values separately.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TYPE_get() returns the type of the ASN1_TYPE argument.</p>
+
+<p>ASN1_TYPE_set() does not return a value.</p>
+
+<p>ASN1_TYPE_set1() returns 1 for success and 0 for failure.</p>
+
+<p>ASN1_TYPE_cmp() returns 0 if the types are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() returns a pointer to an ASN.1 structure or NULL on failure.</p>
+
+<p>ASN1_TYPE_pack_sequence() return an ASN1_TYPE structure if it succeeds or NULL on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_set1.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_set1.html
new file mode 100644
index 000000000..042943c49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_set1.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TYPE_get</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TYPE_get, ASN1_TYPE_set, ASN1_TYPE_set1, ASN1_TYPE_cmp, ASN1_TYPE_unpack_sequence, ASN1_TYPE_pack_sequence - ASN1_TYPE utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_TYPE_get(const ASN1_TYPE *a);
+ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+ ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s,
+                                    ASN1_TYPE **t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an ASN1_TYPE structure to be manipulated. The ASN1_TYPE structure can contain any ASN.1 type or constructed type such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.</p>
+
+<p>ASN1_TYPE_get() returns the type of <b>a</b>.</p>
+
+<p>ASN1_TYPE_set() sets the value of <b>a</b> to <b>type</b> and <b>value</b>. This function uses the pointer <b>value</b> internally so it must <b>not</b> be freed up after the call.</p>
+
+<p>ASN1_TYPE_set1() sets the value of <b>a</b> to <b>type</b> a copy of <b>value</b>.</p>
+
+<p>ASN1_TYPE_cmp() compares ASN.1 types <b>a</b> and <b>b</b> and returns 0 if they are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() attempts to parse the SEQUENCE present in <b>t</b> using the ASN.1 structure <b>it</b>. If successful it returns a pointer to the ASN.1 structure corresponding to <b>it</b> which must be freed by the caller. If it fails it return NULL.</p>
+
+<p>ASN1_TYPE_pack_sequence() attempts to encode the ASN.1 structure <b>s</b> corresponding to <b>it</b> into an ASN1_TYPE. If successful the encoded ASN1_TYPE is returned. If <b>t</b> and <b>*t</b> are not NULL the encoded type is written to <b>t</b> overwriting any existing data. If <b>t</b> is not NULL but <b>*t</b> is NULL the returned ASN1_TYPE is written to <b>*t</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The type and meaning of the <b>value</b> parameter for ASN1_TYPE_set() and ASN1_TYPE_set1() is determined by the <b>type</b> parameter. If <b>type</b> is V_ASN1_NULL <b>value</b> is ignored. If <b>type</b> is V_ASN1_BOOLEAN then the boolean is set to TRUE if <b>value</b> is not NULL. If <b>type</b> is V_ASN1_OBJECT then value is an ASN1_OBJECT structure. Otherwise <b>type</b> is and ASN1_STRING structure. If <b>type</b> corresponds to a primitive type (or a string type) then the contents of the ASN1_STRING contain the content octets of the type. If <b>type</b> corresponds to a constructed type or a tagged type (V_ASN1_SEQUENCE, V_ASN1_SET or V_ASN1_OTHER) then the ASN1_STRING contains the entire ASN.1 encoding verbatim (including tag and length octets).</p>
+
+<p>ASN1_TYPE_cmp() may not return zero if two types are equivalent but have different encodings. For example the single content octet of the boolean TRUE value under BER can have any non-zero encoding but ASN1_TYPE_cmp() will only return zero if the values are the same.</p>
+
+<p>If either or both of the parameters passed to ASN1_TYPE_cmp() is NULL the return value is non-zero. Technically if both parameters are NULL the two types could be absent OPTIONAL fields and so should match, however passing NULL values could also indicate a programming error (for example an unparseable type which returns NULL) for types which do <b>not</b> match. So applications should handle the case of two absent values separately.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TYPE_get() returns the type of the ASN1_TYPE argument.</p>
+
+<p>ASN1_TYPE_set() does not return a value.</p>
+
+<p>ASN1_TYPE_set1() returns 1 for success and 0 for failure.</p>
+
+<p>ASN1_TYPE_cmp() returns 0 if the types are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() returns a pointer to an ASN.1 structure or NULL on failure.</p>
+
+<p>ASN1_TYPE_pack_sequence() return an ASN1_TYPE structure if it succeeds or NULL on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_unpack_sequence.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_unpack_sequence.html
new file mode 100644
index 000000000..042943c49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_TYPE_unpack_sequence.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TYPE_get</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TYPE_get, ASN1_TYPE_set, ASN1_TYPE_set1, ASN1_TYPE_cmp, ASN1_TYPE_unpack_sequence, ASN1_TYPE_pack_sequence - ASN1_TYPE utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_TYPE_get(const ASN1_TYPE *a);
+ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+ ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s,
+                                    ASN1_TYPE **t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an ASN1_TYPE structure to be manipulated. The ASN1_TYPE structure can contain any ASN.1 type or constructed type such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type.</p>
+
+<p>ASN1_TYPE_get() returns the type of <b>a</b>.</p>
+
+<p>ASN1_TYPE_set() sets the value of <b>a</b> to <b>type</b> and <b>value</b>. This function uses the pointer <b>value</b> internally so it must <b>not</b> be freed up after the call.</p>
+
+<p>ASN1_TYPE_set1() sets the value of <b>a</b> to <b>type</b> a copy of <b>value</b>.</p>
+
+<p>ASN1_TYPE_cmp() compares ASN.1 types <b>a</b> and <b>b</b> and returns 0 if they are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() attempts to parse the SEQUENCE present in <b>t</b> using the ASN.1 structure <b>it</b>. If successful it returns a pointer to the ASN.1 structure corresponding to <b>it</b> which must be freed by the caller. If it fails it return NULL.</p>
+
+<p>ASN1_TYPE_pack_sequence() attempts to encode the ASN.1 structure <b>s</b> corresponding to <b>it</b> into an ASN1_TYPE. If successful the encoded ASN1_TYPE is returned. If <b>t</b> and <b>*t</b> are not NULL the encoded type is written to <b>t</b> overwriting any existing data. If <b>t</b> is not NULL but <b>*t</b> is NULL the returned ASN1_TYPE is written to <b>*t</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The type and meaning of the <b>value</b> parameter for ASN1_TYPE_set() and ASN1_TYPE_set1() is determined by the <b>type</b> parameter. If <b>type</b> is V_ASN1_NULL <b>value</b> is ignored. If <b>type</b> is V_ASN1_BOOLEAN then the boolean is set to TRUE if <b>value</b> is not NULL. If <b>type</b> is V_ASN1_OBJECT then value is an ASN1_OBJECT structure. Otherwise <b>type</b> is and ASN1_STRING structure. If <b>type</b> corresponds to a primitive type (or a string type) then the contents of the ASN1_STRING contain the content octets of the type. If <b>type</b> corresponds to a constructed type or a tagged type (V_ASN1_SEQUENCE, V_ASN1_SET or V_ASN1_OTHER) then the ASN1_STRING contains the entire ASN.1 encoding verbatim (including tag and length octets).</p>
+
+<p>ASN1_TYPE_cmp() may not return zero if two types are equivalent but have different encodings. For example the single content octet of the boolean TRUE value under BER can have any non-zero encoding but ASN1_TYPE_cmp() will only return zero if the values are the same.</p>
+
+<p>If either or both of the parameters passed to ASN1_TYPE_cmp() is NULL the return value is non-zero. Technically if both parameters are NULL the two types could be absent OPTIONAL fields and so should match, however passing NULL values could also indicate a programming error (for example an unparseable type which returns NULL) for types which do <b>not</b> match. So applications should handle the case of two absent values separately.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TYPE_get() returns the type of the ASN1_TYPE argument.</p>
+
+<p>ASN1_TYPE_set() does not return a value.</p>
+
+<p>ASN1_TYPE_set1() returns 1 for success and 0 for failure.</p>
+
+<p>ASN1_TYPE_cmp() returns 0 if the types are identical and non-zero otherwise.</p>
+
+<p>ASN1_TYPE_unpack_sequence() returns a pointer to an ASN.1 structure or NULL on failure.</p>
+
+<p>ASN1_TYPE_pack_sequence() return an ASN1_TYPE structure if it succeeds or NULL on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_adj.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_adj.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_adj.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_check.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_check.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_check.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_cmp_time_t.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_cmp_time_t.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_cmp_time_t.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_print.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_print.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_print.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_set.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_set.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_set.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_set_string.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_set_string.html
new file mode 100644
index 000000000..5589a58dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_UTCTIME_set_string.html
@@ -0,0 +1,190 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_TIME_set</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_TIME_set, ASN1_UTCTIME_set, ASN1_GENERALIZEDTIME_set, ASN1_TIME_adj, ASN1_UTCTIME_adj, ASN1_GENERALIZEDTIME_adj, ASN1_TIME_check, ASN1_UTCTIME_check, ASN1_GENERALIZEDTIME_check, ASN1_TIME_set_string, ASN1_UTCTIME_set_string, ASN1_GENERALIZEDTIME_set_string, ASN1_TIME_set_string_X509, ASN1_TIME_normalize, ASN1_TIME_to_tm, ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print, ASN1_TIME_diff, ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t, ASN1_TIME_compare, ASN1_TIME_to_generalizedtime - ASN.1 Time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                                time_t t);
+
+ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
+                          long offset_sec);
+ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                                int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                                time_t t, int offset_day,
+                                                long offset_sec);
+
+ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
+                                     const char *str);
+
+ int ASN1_TIME_normalize(ASN1_TIME *s);
+
+ int ASN1_TIME_check(const ASN1_TIME *t);
+ int ASN1_UTCTIME_check(const ASN1_UTCTIME *t);
+ int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *t);
+
+ int ASN1_TIME_print(BIO *b, const ASN1_TIME *s);
+ int ASN1_UTCTIME_print(BIO *b, const ASN1_UTCTIME *s);
+ int ASN1_GENERALIZEDTIME_print(BIO *b, const ASN1_GENERALIZEDTIME *s);
+
+ int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
+                    const ASN1_TIME *to);
+
+ int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+ int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                    ASN1_GENERALIZEDTIME **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set() functions set the structure <b>s</b> to the time represented by the time_t value <b>t</b>. If <b>s</b> is NULL a new time structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_adj(), ASN1_UTCTIME_adj() and ASN1_GENERALIZEDTIME_adj() functions set the time structure <b>s</b> to the time represented by the time <b>offset_day</b> and <b>offset_sec</b> after the time_t value <b>t</b>. The values of <b>offset_day</b> or <b>offset_sec</b> can be negative to set a time before <b>t</b>. The <b>offset_sec</b> value can also exceed the number of seconds in a day. If <b>s</b> is NULL a new structure is allocated and returned.</p>
+
+<p>The ASN1_TIME_set_string(), ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() functions set the time structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate ASN.1 time format (for example YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ). If <b>s</b> is NULL this function performs a format check on <b>str</b> only. The string <b>str</b> is copied into <b>s</b>.</p>
+
+<p>ASN1_TIME_set_string_X509() sets ASN1_TIME structure <b>s</b> to the time represented by string <b>str</b> which must be in appropriate time format that RFC 5280 requires, which means it only allows YYMMDDHHMMSSZ and YYYYMMDDHHMMSSZ (leap second is rejected), all other ASN.1 time format are not allowed. If <b>s</b> is NULL this function performs a format check on <b>str</b> only.</p>
+
+<p>The ASN1_TIME_normalize() function converts an ASN1_GENERALIZEDTIME or ASN1_UTCTIME into a time value that can be used in a certificate. It should be used after the ASN1_TIME_set_string() functions and before ASN1_TIME_print() functions to get consistent (i.e. GMT) results.</p>
+
+<p>The ASN1_TIME_check(), ASN1_UTCTIME_check() and ASN1_GENERALIZEDTIME_check() functions check the syntax of the time structure <b>s</b>.</p>
+
+<p>The ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() functions print the time structure <b>s</b> to BIO <b>b</b> in human readable format. It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example &quot;Feb 3 00:55:52 2015 GMT&quot; it does not include a newline. If the time structure has invalid format it prints out &quot;Bad time value&quot; and returns an error. The output for generalized time may include a fractional part following the second.</p>
+
+<p>ASN1_TIME_to_tm() converts the time <b>s</b> to the standard <b>tm</b> structure. If <b>s</b> is NULL, then the current time is converted. The output time is GMT. The <b>tm_sec</b>, <b>tm_min</b>, <b>tm_hour</b>, <b>tm_mday</b>, <b>tm_wday</b>, <b>tm_yday</b>, <b>tm_mon</b> and <b>tm_year</b> fields of <b>tm</b> structure are set to proper values, whereas all other fields are set to 0. If <b>tm</b> is NULL this function performs a format check on <b>s</b> only. If <b>s</b> is in Generalized format with fractional seconds, e.g. YYYYMMDDHHMMSS.SSSZ, the fractional seconds will be lost while converting <b>s</b> to <b>tm</b> structure.</p>
+
+<p>ASN1_TIME_diff() sets <b>*pday</b> and <b>*psec</b> to the time difference between <b>from</b> and <b>to</b>. If <b>to</b> represents a time later than <b>from</b> then one or both (depending on the time difference) of <b>*pday</b> and <b>*psec</b> will be positive. If <b>to</b> represents a time earlier than <b>from</b> then one or both of <b>*pday</b> and <b>*psec</b> will be negative. If <b>to</b> and <b>from</b> represent the same time then <b>*pday</b> and <b>*psec</b> will both be zero. If both <b>*pday</b> and <b>*psec</b> are non-zero they will always have the same sign. The value of <b>*psec</b> will always be less than the number of seconds in a day. If <b>from</b> or <b>to</b> is NULL the current time is used.</p>
+
+<p>The ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() functions compare the two times represented by the time structure <b>s</b> and the time_t <b>t</b>.</p>
+
+<p>The ASN1_TIME_compare() function compares the two times represented by the time structures <b>a</b> and <b>b</b>.</p>
+
+<p>The ASN1_TIME_to_generalizedtime() function converts an ASN1_TIME to an ASN1_GENERALIZEDTIME, regardless of year. If either <b>out</b> or <b>*out</b> are NULL, then a new object is allocated and must be freed after use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ASN1_TIME structure corresponds to the ASN.1 structure <b>Time</b> defined in RFC5280 et al. The time setting functions obey the rules outlined in RFC5280: if the date can be represented by UTCTime it is used, else GeneralizedTime is used.</p>
+
+<p>The ASN1_TIME, ASN1_UTCTIME and ASN1_GENERALIZEDTIME structures are represented as an ASN1_STRING internally and can be freed up using ASN1_STRING_free().</p>
+
+<p>The ASN1_TIME structure can represent years from 0000 to 9999 but no attempt is made to correct ancient calendar changes (for example from Julian to Gregorian calendars).</p>
+
+<p>ASN1_UTCTIME is limited to a year range of 1950 through 2049.</p>
+
+<p>Some applications add offset times directly to a time_t value and pass the results to ASN1_TIME_set() (or equivalent). This can cause problems as the time_t value can overflow on some systems resulting in unexpected results. New applications should use ASN1_TIME_adj() instead and pass the offset value in the <b>offset_sec</b> and <b>offset_day</b> parameters instead of directly manipulating a time_t value.</p>
+
+<p>ASN1_TIME_adj() may change the type from ASN1_GENERALIZEDTIME to ASN1_UTCTIME, or vice versa, based on the resulting year. The ASN1_GENERALIZEDTIME_adj() and ASN1_UTCTIME_adj() functions will not modify the type of the return structure.</p>
+
+<p>It is recommended that functions starting with ASN1_TIME be used instead of those starting with ASN1_UTCTIME or ASN1_GENERALIZEDTIME. The functions starting with ASN1_UTCTIME and ASN1_GENERALIZEDTIME act only on that specific time format. The functions starting with ASN1_TIME will operate on either format.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() do not print out the time zone: it either prints out &quot;GMT&quot; or nothing. But all certificates complying with RFC5280 et al use GMT anyway.</p>
+
+<p>Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set a time structure to one hour after the current time and print it out:</p>
+
+<pre><code> #include &lt;time.h&gt;
+ #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TIME *tm;
+ time_t t;
+ BIO *b;
+
+ t = time(NULL);
+ tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60);
+ b = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ASN1_TIME_print(b, tm);
+ ASN1_STRING_free(tm);
+ BIO_free(b);</code></pre>
+
+<p>Determine if one time is later or sooner than the current time:</p>
+
+<pre><code> int day, sec;
+
+ if (!ASN1_TIME_diff(&amp;day, &amp;sec, NULL, to))
+     /* Invalid time format */
+
+ if (day &gt; 0 || sec &gt; 0)
+     printf(&quot;Later\n&quot;);
+ else if (day &lt; 0 || sec &lt; 0)
+     printf(&quot;Sooner\n&quot;);
+ else
+     printf(&quot;Same\n&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), ASN1_UTCTIME_adj and ASN1_GENERALIZEDTIME_set return a pointer to a time structure or NULL if an error occurred.</p>
+
+<p>ASN1_TIME_set_string(), ASN1_UTCTIME_set_string(), ASN1_GENERALIZEDTIME_set_string() ASN1_TIME_set_string_X509() return 1 if the time value is successfully set and 0 otherwise.</p>
+
+<p>ASN1_TIME_normalize() returns 1 on success, and 0 on error.</p>
+
+<p>ASN1_TIME_check(), ASN1_UTCTIME_check and ASN1_GENERALIZEDTIME_check() return 1 if the structure is syntactically correct and 0 otherwise.</p>
+
+<p>ASN1_TIME_print(), ASN1_UTCTIME_print() and ASN1_GENERALIZEDTIME_print() return 1 if the time is successfully printed out and 0 if an error occurred (I/O error or invalid time format).</p>
+
+<p>ASN1_TIME_to_tm() returns 1 if the time is successfully parsed and 0 if an error occurred (invalid time format).</p>
+
+<p>ASN1_TIME_diff() returns 1 for success and 0 for failure. It can fail if the passed-in time structure has invalid syntax, for example.</p>
+
+<p>ASN1_TIME_cmp_time_t() and ASN1_UTCTIME_cmp_time_t() return -1 if <b>s</b> is before <b>t</b>, 0 if <b>s</b> equals <b>t</b>, or 1 if <b>s</b> is after <b>t</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_compare() returns -1 if <b>a</b> is before <b>b</b>, 0 if <b>a</b> equals <b>b</b>, or 1 if <b>a</b> is after <b>b</b>. -2 is returned on error.</p>
+
+<p>ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. The ASN1_TIME_set_string_X509() function was added in OpenSSL 1.1.1. The ASN1_TIME_normalize() function was added in OpenSSL 1.1.1. The ASN1_TIME_cmp_time_t() function was added in OpenSSL 1.1.1. The ASN1_TIME_compare() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_add_oid_module.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_add_oid_module.html
new file mode 100644
index 000000000..7bcd49022
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_add_oid_module.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_load_builtin_modules</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_load_builtin_modules, ASN1_add_oid_module, ENGINE_add_conf_module - add standard configuration modules</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ void OPENSSL_load_builtin_modules(void);
+ void ASN1_add_oid_module(void);
+ void ENGINE_add_conf_module(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OPENSSL_load_builtin_modules() adds all the standard OpenSSL configuration modules to the internal list. They can then be used by the OpenSSL configuration code.</p>
+
+<p>ASN1_add_oid_module() adds just the ASN1 OBJECT module.</p>
+
+<p>ENGINE_add_conf_module() adds just the ENGINE configuration module.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If the simple configuration function OPENSSL_config() is called then OPENSSL_load_builtin_modules() is called automatically.</p>
+
+<p>Applications which use the configuration functions directly will need to call OPENSSL_load_builtin_modules() themselves <i>before</i> any other configuration code.</p>
+
+<p>Applications should call OPENSSL_load_builtin_modules() to load all configuration modules instead of adding modules selectively: otherwise functionality may be missing from the application if an when new modules are added.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/OPENSSL_config.html">OPENSSL_config(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_generate_nconf.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_generate_nconf.html
new file mode 100644
index 000000000..64db058f7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_generate_nconf.html
@@ -0,0 +1,274 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_generate_nconf</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#GENERATION-STRING-FORMAT">GENERATION STRING FORMAT</a>
+    <ul>
+      <li><a href="#Supported-Types">Supported Types</a></li>
+      <li><a href="#Modifiers">Modifiers</a></li>
+    </ul>
+  </li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_generate_nconf, ASN1_generate_v3 - ASN1 generation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf);
+ ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions generate the ASN1 encoding of a string in an <b>ASN1_TYPE</b> structure.</p>
+
+<p><b>str</b> contains the string to encode <b>nconf</b> or <b>cnf</b> contains the optional configuration information where additional strings will be read from. <b>nconf</b> will typically come from a config file whereas <b>cnf</b> is obtained from an <b>X509V3_CTX</b> structure which will typically be used by X509 v3 certificate extension functions. <b>cnf</b> or <b>nconf</b> can be set to <b>NULL</b> if no additional configuration will be used.</p>
+
+<h1 id="GENERATION-STRING-FORMAT">GENERATION STRING FORMAT</h1>
+
+<p>The actual data encoded is determined by the string <b>str</b> and the configuration information. The general format of the string is:</p>
+
+<dl>
+
+<dt id="modifier-type-:value"><b>[modifier,]type[:value]</b></dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>That is zero or more comma separated modifiers followed by a type followed by an optional colon and a value. The formats of <b>type</b>, <b>value</b> and <b>modifier</b> are explained below.</p>
+
+<h2 id="Supported-Types">Supported Types</h2>
+
+<p>The supported types are listed below. Unless otherwise specified only the <b>ASCII</b> format is permissible.</p>
+
+<dl>
+
+<dt id="BOOLEAN-BOOL"><b>BOOLEAN</b>, <b>BOOL</b></dt>
+<dd>
+
+<p>This encodes a boolean type. The <b>value</b> string is mandatory and should be <b>TRUE</b> or <b>FALSE</b>. Additionally <b>TRUE</b>, <b>true</b>, <b>Y</b>, <b>y</b>, <b>YES</b>, <b>yes</b>, <b>FALSE</b>, <b>false</b>, <b>N</b>, <b>n</b>, <b>NO</b> and <b>no</b> are acceptable.</p>
+
+</dd>
+<dt id="NULL"><b>NULL</b></dt>
+<dd>
+
+<p>Encode the <b>NULL</b> type, the <b>value</b> string must not be present.</p>
+
+</dd>
+<dt id="INTEGER-INT"><b>INTEGER</b>, <b>INT</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>INTEGER</b> type. The <b>value</b> string represents the value of the integer, it can be prefaced by a minus sign and is normally interpreted as a decimal value unless the prefix <b>0x</b> is included.</p>
+
+</dd>
+<dt id="ENUMERATED-ENUM"><b>ENUMERATED</b>, <b>ENUM</b></dt>
+<dd>
+
+<p>Encodes the ASN1 <b>ENUMERATED</b> type, it is otherwise identical to <b>INTEGER</b>.</p>
+
+</dd>
+<dt id="OBJECT-OID"><b>OBJECT</b>, <b>OID</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>OBJECT IDENTIFIER</b>, the <b>value</b> string can be a short name, a long name or numerical format.</p>
+
+</dd>
+<dt id="UTCTIME-UTC"><b>UTCTIME</b>, <b>UTC</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>UTCTime</b> structure, the value should be in the format <b>YYMMDDHHMMSSZ</b>.</p>
+
+</dd>
+<dt id="GENERALIZEDTIME-GENTIME"><b>GENERALIZEDTIME</b>, <b>GENTIME</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>GeneralizedTime</b> structure, the value should be in the format <b>YYYYMMDDHHMMSSZ</b>.</p>
+
+</dd>
+<dt id="OCTETSTRING-OCT"><b>OCTETSTRING</b>, <b>OCT</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>OCTET STRING</b>. <b>value</b> represents the contents of this structure, the format strings <b>ASCII</b> and <b>HEX</b> can be used to specify the format of <b>value</b>.</p>
+
+</dd>
+<dt id="BITSTRING-BITSTR"><b>BITSTRING</b>, <b>BITSTR</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>BIT STRING</b>. <b>value</b> represents the contents of this structure, the format strings <b>ASCII</b>, <b>HEX</b> and <b>BITLIST</b> can be used to specify the format of <b>value</b>.</p>
+
+<p>If the format is anything other than <b>BITLIST</b> the number of unused bits is set to zero.</p>
+
+</dd>
+<dt id="UNIVERSALSTRING-UNIV-IA5-IA5STRING-UTF8-UTF8String-BMP-BMPSTRING-VISIBLESTRING-VISIBLE-PRINTABLESTRING-PRINTABLE-T61-T61STRING-TELETEXSTRING-GeneralString-NUMERICSTRING-NUMERIC"><b>UNIVERSALSTRING</b>, <b>UNIV</b>, <b>IA5</b>, <b>IA5STRING</b>, <b>UTF8</b>, <b>UTF8String</b>, <b>BMP</b>, <b>BMPSTRING</b>, <b>VISIBLESTRING</b>, <b>VISIBLE</b>, <b>PRINTABLESTRING</b>, <b>PRINTABLE</b>, <b>T61</b>, <b>T61STRING</b>, <b>TELETEXSTRING</b>, <b>GeneralString</b>, <b>NUMERICSTRING</b>, <b>NUMERIC</b></dt>
+<dd>
+
+<p>These encode the corresponding string types. <b>value</b> represents the contents of this structure. The format can be <b>ASCII</b> or <b>UTF8</b>.</p>
+
+</dd>
+<dt id="SEQUENCE-SEQ-SET"><b>SEQUENCE</b>, <b>SEQ</b>, <b>SET</b></dt>
+<dd>
+
+<p>Formats the result as an ASN1 <b>SEQUENCE</b> or <b>SET</b> type. <b>value</b> should be a section name which will contain the contents. The field names in the section are ignored and the values are in the generated string format. If <b>value</b> is absent then an empty SEQUENCE will be encoded.</p>
+
+</dd>
+</dl>
+
+<h2 id="Modifiers">Modifiers</h2>
+
+<p>Modifiers affect the following structure, they can be used to add EXPLICIT or IMPLICIT tagging, add wrappers or to change the string format of the final type and value. The supported formats are documented below.</p>
+
+<dl>
+
+<dt id="EXPLICIT-EXP"><b>EXPLICIT</b>, <b>EXP</b></dt>
+<dd>
+
+<p>Add an explicit tag to the following structure. This string should be followed by a colon and the tag value to use as a decimal value.</p>
+
+<p>By following the number with <b>U</b>, <b>A</b>, <b>P</b> or <b>C</b> UNIVERSAL, APPLICATION, PRIVATE or CONTEXT SPECIFIC tagging can be used, the default is CONTEXT SPECIFIC.</p>
+
+</dd>
+<dt id="IMPLICIT-IMP"><b>IMPLICIT</b>, <b>IMP</b></dt>
+<dd>
+
+<p>This is the same as <b>EXPLICIT</b> except IMPLICIT tagging is used instead.</p>
+
+</dd>
+<dt id="OCTWRAP-SEQWRAP-SETWRAP-BITWRAP"><b>OCTWRAP</b>, <b>SEQWRAP</b>, <b>SETWRAP</b>, <b>BITWRAP</b></dt>
+<dd>
+
+<p>The following structure is surrounded by an OCTET STRING, a SEQUENCE, a SET or a BIT STRING respectively. For a BIT STRING the number of unused bits is set to zero.</p>
+
+</dd>
+<dt id="FORMAT"><b>FORMAT</b></dt>
+<dd>
+
+<p>This specifies the format of the ultimate value. It should be followed by a colon and one of the strings <b>ASCII</b>, <b>UTF8</b>, <b>HEX</b> or <b>BITLIST</b>.</p>
+
+<p>If no format specifier is included then <b>ASCII</b> is used. If <b>UTF8</b> is specified then the value string must be a valid <b>UTF8</b> string. For <b>HEX</b> the output must be a set of hex digits. <b>BITLIST</b> (which is only valid for a BIT STRING) is a comma separated list of the indices of the set bits, all other bits are zero.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>A simple IA5String:</p>
+
+<pre><code> IA5STRING:Hello World</code></pre>
+
+<p>An IA5String explicitly tagged:</p>
+
+<pre><code> EXPLICIT:0,IA5STRING:Hello World</code></pre>
+
+<p>An IA5String explicitly tagged using APPLICATION tagging:</p>
+
+<pre><code> EXPLICIT:0A,IA5STRING:Hello World</code></pre>
+
+<p>A BITSTRING with bits 1 and 5 set and all others zero:</p>
+
+<pre><code> FORMAT:BITLIST,BITSTRING:1,5</code></pre>
+
+<p>A more complex example using a config file to produce a SEQUENCE consisting of a BOOL an OID and a UTF8String:</p>
+
+<pre><code> asn1 = SEQUENCE:seq_section
+
+ [seq_section]
+
+ field1 = BOOLEAN:TRUE
+ field2 = OID:commonName
+ field3 = UTF8:Third field</code></pre>
+
+<p>This example produces an RSAPrivateKey structure, this is the key contained in the file client.pem in all OpenSSL distributions (note: the field names such as &#39;coeff&#39; are ignored and are present just for clarity):</p>
+
+<pre><code> asn1=SEQUENCE:private_key
+ [private_key]
+ version=INTEGER:0
+
+ n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
+ D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
+
+ e=INTEGER:0x010001
+
+ d=INTEGER:0x6F05EAD2F27FFAEC84BEC360C4B928FD5F3A9865D0FCAAD291E2A52F4A\
+ F810DC6373278C006A0ABBA27DC8C63BF97F7E666E27C5284D7D3B1FFFE16B7A87B51D
+
+ p=INTEGER:0xF3929B9435608F8A22C208D86795271D54EBDFB09DDEF539AB083DA912\
+ D4BD57
+
+ q=INTEGER:0xC50016F89DFF2561347ED1186A46E150E28BF2D0F539A1594BBD7FE467\
+ 46EC4F
+
+ exp1=INTEGER:0x9E7D4326C924AFC1DEA40B45650134966D6F9DFA3A7F9D698CD4ABEA\
+ 9C0A39B9
+
+ exp2=INTEGER:0xBA84003BB95355AFB7C50DF140C60513D0BA51D637272E355E397779\
+ E7B2458F
+
+ coeff=INTEGER:0x30B9E4F2AFA5AC679F920FC83F1F2DF1BAF1779CF989447FABC2F5\
+ 628657053A</code></pre>
+
+<p>This example is the corresponding public key in a SubjectPublicKeyInfo structure:</p>
+
+<pre><code> # Start with a SEQUENCE
+ asn1=SEQUENCE:pubkeyinfo
+
+ # pubkeyinfo contains an algorithm identifier and the public key wrapped
+ # in a BIT STRING
+ [pubkeyinfo]
+ algorithm=SEQUENCE:rsa_alg
+ pubkey=BITWRAP,SEQUENCE:rsapubkey
+
+ # algorithm ID for RSA is just an OID and a NULL
+ [rsa_alg]
+ algorithm=OID:rsaEncryption
+ parameter=NULL
+
+ # Actual public key: modulus and exponent
+ [rsapubkey]
+ n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
+ D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
+
+ e=INTEGER:0x010001</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_generate_nconf() and ASN1_generate_v3() return the encoded data as an <b>ASN1_TYPE</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>The error codes that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_generate_v3.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_generate_v3.html
new file mode 100644
index 000000000..64db058f7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_generate_v3.html
@@ -0,0 +1,274 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_generate_nconf</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#GENERATION-STRING-FORMAT">GENERATION STRING FORMAT</a>
+    <ul>
+      <li><a href="#Supported-Types">Supported Types</a></li>
+      <li><a href="#Modifiers">Modifiers</a></li>
+    </ul>
+  </li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_generate_nconf, ASN1_generate_v3 - ASN1 generation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf);
+ ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions generate the ASN1 encoding of a string in an <b>ASN1_TYPE</b> structure.</p>
+
+<p><b>str</b> contains the string to encode <b>nconf</b> or <b>cnf</b> contains the optional configuration information where additional strings will be read from. <b>nconf</b> will typically come from a config file whereas <b>cnf</b> is obtained from an <b>X509V3_CTX</b> structure which will typically be used by X509 v3 certificate extension functions. <b>cnf</b> or <b>nconf</b> can be set to <b>NULL</b> if no additional configuration will be used.</p>
+
+<h1 id="GENERATION-STRING-FORMAT">GENERATION STRING FORMAT</h1>
+
+<p>The actual data encoded is determined by the string <b>str</b> and the configuration information. The general format of the string is:</p>
+
+<dl>
+
+<dt id="modifier-type-:value"><b>[modifier,]type[:value]</b></dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>That is zero or more comma separated modifiers followed by a type followed by an optional colon and a value. The formats of <b>type</b>, <b>value</b> and <b>modifier</b> are explained below.</p>
+
+<h2 id="Supported-Types">Supported Types</h2>
+
+<p>The supported types are listed below. Unless otherwise specified only the <b>ASCII</b> format is permissible.</p>
+
+<dl>
+
+<dt id="BOOLEAN-BOOL"><b>BOOLEAN</b>, <b>BOOL</b></dt>
+<dd>
+
+<p>This encodes a boolean type. The <b>value</b> string is mandatory and should be <b>TRUE</b> or <b>FALSE</b>. Additionally <b>TRUE</b>, <b>true</b>, <b>Y</b>, <b>y</b>, <b>YES</b>, <b>yes</b>, <b>FALSE</b>, <b>false</b>, <b>N</b>, <b>n</b>, <b>NO</b> and <b>no</b> are acceptable.</p>
+
+</dd>
+<dt id="NULL"><b>NULL</b></dt>
+<dd>
+
+<p>Encode the <b>NULL</b> type, the <b>value</b> string must not be present.</p>
+
+</dd>
+<dt id="INTEGER-INT"><b>INTEGER</b>, <b>INT</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>INTEGER</b> type. The <b>value</b> string represents the value of the integer, it can be prefaced by a minus sign and is normally interpreted as a decimal value unless the prefix <b>0x</b> is included.</p>
+
+</dd>
+<dt id="ENUMERATED-ENUM"><b>ENUMERATED</b>, <b>ENUM</b></dt>
+<dd>
+
+<p>Encodes the ASN1 <b>ENUMERATED</b> type, it is otherwise identical to <b>INTEGER</b>.</p>
+
+</dd>
+<dt id="OBJECT-OID"><b>OBJECT</b>, <b>OID</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>OBJECT IDENTIFIER</b>, the <b>value</b> string can be a short name, a long name or numerical format.</p>
+
+</dd>
+<dt id="UTCTIME-UTC"><b>UTCTIME</b>, <b>UTC</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>UTCTime</b> structure, the value should be in the format <b>YYMMDDHHMMSSZ</b>.</p>
+
+</dd>
+<dt id="GENERALIZEDTIME-GENTIME"><b>GENERALIZEDTIME</b>, <b>GENTIME</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>GeneralizedTime</b> structure, the value should be in the format <b>YYYYMMDDHHMMSSZ</b>.</p>
+
+</dd>
+<dt id="OCTETSTRING-OCT"><b>OCTETSTRING</b>, <b>OCT</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>OCTET STRING</b>. <b>value</b> represents the contents of this structure, the format strings <b>ASCII</b> and <b>HEX</b> can be used to specify the format of <b>value</b>.</p>
+
+</dd>
+<dt id="BITSTRING-BITSTR"><b>BITSTRING</b>, <b>BITSTR</b></dt>
+<dd>
+
+<p>Encodes an ASN1 <b>BIT STRING</b>. <b>value</b> represents the contents of this structure, the format strings <b>ASCII</b>, <b>HEX</b> and <b>BITLIST</b> can be used to specify the format of <b>value</b>.</p>
+
+<p>If the format is anything other than <b>BITLIST</b> the number of unused bits is set to zero.</p>
+
+</dd>
+<dt id="UNIVERSALSTRING-UNIV-IA5-IA5STRING-UTF8-UTF8String-BMP-BMPSTRING-VISIBLESTRING-VISIBLE-PRINTABLESTRING-PRINTABLE-T61-T61STRING-TELETEXSTRING-GeneralString-NUMERICSTRING-NUMERIC"><b>UNIVERSALSTRING</b>, <b>UNIV</b>, <b>IA5</b>, <b>IA5STRING</b>, <b>UTF8</b>, <b>UTF8String</b>, <b>BMP</b>, <b>BMPSTRING</b>, <b>VISIBLESTRING</b>, <b>VISIBLE</b>, <b>PRINTABLESTRING</b>, <b>PRINTABLE</b>, <b>T61</b>, <b>T61STRING</b>, <b>TELETEXSTRING</b>, <b>GeneralString</b>, <b>NUMERICSTRING</b>, <b>NUMERIC</b></dt>
+<dd>
+
+<p>These encode the corresponding string types. <b>value</b> represents the contents of this structure. The format can be <b>ASCII</b> or <b>UTF8</b>.</p>
+
+</dd>
+<dt id="SEQUENCE-SEQ-SET"><b>SEQUENCE</b>, <b>SEQ</b>, <b>SET</b></dt>
+<dd>
+
+<p>Formats the result as an ASN1 <b>SEQUENCE</b> or <b>SET</b> type. <b>value</b> should be a section name which will contain the contents. The field names in the section are ignored and the values are in the generated string format. If <b>value</b> is absent then an empty SEQUENCE will be encoded.</p>
+
+</dd>
+</dl>
+
+<h2 id="Modifiers">Modifiers</h2>
+
+<p>Modifiers affect the following structure, they can be used to add EXPLICIT or IMPLICIT tagging, add wrappers or to change the string format of the final type and value. The supported formats are documented below.</p>
+
+<dl>
+
+<dt id="EXPLICIT-EXP"><b>EXPLICIT</b>, <b>EXP</b></dt>
+<dd>
+
+<p>Add an explicit tag to the following structure. This string should be followed by a colon and the tag value to use as a decimal value.</p>
+
+<p>By following the number with <b>U</b>, <b>A</b>, <b>P</b> or <b>C</b> UNIVERSAL, APPLICATION, PRIVATE or CONTEXT SPECIFIC tagging can be used, the default is CONTEXT SPECIFIC.</p>
+
+</dd>
+<dt id="IMPLICIT-IMP"><b>IMPLICIT</b>, <b>IMP</b></dt>
+<dd>
+
+<p>This is the same as <b>EXPLICIT</b> except IMPLICIT tagging is used instead.</p>
+
+</dd>
+<dt id="OCTWRAP-SEQWRAP-SETWRAP-BITWRAP"><b>OCTWRAP</b>, <b>SEQWRAP</b>, <b>SETWRAP</b>, <b>BITWRAP</b></dt>
+<dd>
+
+<p>The following structure is surrounded by an OCTET STRING, a SEQUENCE, a SET or a BIT STRING respectively. For a BIT STRING the number of unused bits is set to zero.</p>
+
+</dd>
+<dt id="FORMAT"><b>FORMAT</b></dt>
+<dd>
+
+<p>This specifies the format of the ultimate value. It should be followed by a colon and one of the strings <b>ASCII</b>, <b>UTF8</b>, <b>HEX</b> or <b>BITLIST</b>.</p>
+
+<p>If no format specifier is included then <b>ASCII</b> is used. If <b>UTF8</b> is specified then the value string must be a valid <b>UTF8</b> string. For <b>HEX</b> the output must be a set of hex digits. <b>BITLIST</b> (which is only valid for a BIT STRING) is a comma separated list of the indices of the set bits, all other bits are zero.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>A simple IA5String:</p>
+
+<pre><code> IA5STRING:Hello World</code></pre>
+
+<p>An IA5String explicitly tagged:</p>
+
+<pre><code> EXPLICIT:0,IA5STRING:Hello World</code></pre>
+
+<p>An IA5String explicitly tagged using APPLICATION tagging:</p>
+
+<pre><code> EXPLICIT:0A,IA5STRING:Hello World</code></pre>
+
+<p>A BITSTRING with bits 1 and 5 set and all others zero:</p>
+
+<pre><code> FORMAT:BITLIST,BITSTRING:1,5</code></pre>
+
+<p>A more complex example using a config file to produce a SEQUENCE consisting of a BOOL an OID and a UTF8String:</p>
+
+<pre><code> asn1 = SEQUENCE:seq_section
+
+ [seq_section]
+
+ field1 = BOOLEAN:TRUE
+ field2 = OID:commonName
+ field3 = UTF8:Third field</code></pre>
+
+<p>This example produces an RSAPrivateKey structure, this is the key contained in the file client.pem in all OpenSSL distributions (note: the field names such as &#39;coeff&#39; are ignored and are present just for clarity):</p>
+
+<pre><code> asn1=SEQUENCE:private_key
+ [private_key]
+ version=INTEGER:0
+
+ n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
+ D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
+
+ e=INTEGER:0x010001
+
+ d=INTEGER:0x6F05EAD2F27FFAEC84BEC360C4B928FD5F3A9865D0FCAAD291E2A52F4A\
+ F810DC6373278C006A0ABBA27DC8C63BF97F7E666E27C5284D7D3B1FFFE16B7A87B51D
+
+ p=INTEGER:0xF3929B9435608F8A22C208D86795271D54EBDFB09DDEF539AB083DA912\
+ D4BD57
+
+ q=INTEGER:0xC50016F89DFF2561347ED1186A46E150E28BF2D0F539A1594BBD7FE467\
+ 46EC4F
+
+ exp1=INTEGER:0x9E7D4326C924AFC1DEA40B45650134966D6F9DFA3A7F9D698CD4ABEA\
+ 9C0A39B9
+
+ exp2=INTEGER:0xBA84003BB95355AFB7C50DF140C60513D0BA51D637272E355E397779\
+ E7B2458F
+
+ coeff=INTEGER:0x30B9E4F2AFA5AC679F920FC83F1F2DF1BAF1779CF989447FABC2F5\
+ 628657053A</code></pre>
+
+<p>This example is the corresponding public key in a SubjectPublicKeyInfo structure:</p>
+
+<pre><code> # Start with a SEQUENCE
+ asn1=SEQUENCE:pubkeyinfo
+
+ # pubkeyinfo contains an algorithm identifier and the public key wrapped
+ # in a BIT STRING
+ [pubkeyinfo]
+ algorithm=SEQUENCE:rsa_alg
+ pubkey=BITWRAP,SEQUENCE:rsapubkey
+
+ # algorithm ID for RSA is just an OID and a NULL
+ [rsa_alg]
+ algorithm=OID:rsaEncryption
+ parameter=NULL
+
+ # Actual public key: modulus and exponent
+ [rsapubkey]
+ n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
+ D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
+
+ e=INTEGER:0x010001</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_generate_nconf() and ASN1_generate_v3() return the encoded data as an <b>ASN1_TYPE</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>The error codes that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASN1_tag2str.html b/msys2/usr/share/doc/openssl/html/man3/ASN1_tag2str.html
new file mode 100644
index 000000000..a90250192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASN1_tag2str.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_STRING_print_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_tag2str, ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp, ASN1_STRING_print - ASN1_STRING output routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
+
+ const char *ASN1_tag2str(int tag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions output an <b>ASN1_STRING</b> structure. <b>ASN1_STRING</b> is used to represent all the ASN1 string types.</p>
+
+<p>ASN1_STRING_print_ex() outputs <b>str</b> to <b>out</b>, the format is determined by the options <b>flags</b>. ASN1_STRING_print_ex_fp() is identical except it outputs to <b>fp</b> instead.</p>
+
+<p>ASN1_STRING_print() prints <b>str</b> to <b>out</b> but using a different format to ASN1_STRING_print_ex(). It replaces unprintable characters (other than CR, LF) with &#39;.&#39;.</p>
+
+<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <b>tag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>ASN1_STRING_print() is a deprecated function which should be avoided; use ASN1_STRING_print_ex() instead.</p>
+
+<p>Although there are a large number of options frequently <b>ASN1_STRFLGS_RFC2253</b> is suitable, or on UTF8 terminals <b>ASN1_STRFLGS_RFC2253 &amp; ~ASN1_STRFLGS_ESC_MSB</b>.</p>
+
+<p>The complete set of supported options for <b>flags</b> is listed below.</p>
+
+<p>Various characters can be escaped. If <b>ASN1_STRFLGS_ESC_2253</b> is set the characters determined by RFC2253 are escaped. If <b>ASN1_STRFLGS_ESC_CTRL</b> is set control characters are escaped. If <b>ASN1_STRFLGS_ESC_MSB</b> is set characters with the MSB set are escaped: this option should <b>not</b> be used if the terminal correctly interprets UTF8 sequences.</p>
+
+<p>Escaping takes several forms.</p>
+
+<p>If the character being escaped is a 16 bit character then the form &quot;\UXXXX&quot; is used using exactly four characters for the hex representation. If it is 32 bits then &quot;\WXXXXXXXX&quot; is used using eight characters of its hex representation. These forms will only be used if UTF8 conversion is not set (see below).</p>
+
+<p>Printable characters are normally escaped using the backslash &#39;\&#39; character. If <b>ASN1_STRFLGS_ESC_QUOTE</b> is set then the whole string is instead surrounded by double quote characters: this is arguably more readable than the backslash notation. Other characters use the &quot;\XX&quot; using exactly two characters of the hex representation.</p>
+
+<p>If <b>ASN1_STRFLGS_UTF8_CONVERT</b> is set then characters are converted to UTF8 format first. If the terminal supports the display of UTF8 sequences then this option will correctly display multi byte characters.</p>
+
+<p>If <b>ASN1_STRFLGS_IGNORE_TYPE</b> is set then the string type is not interpreted at all: everything is assumed to be one byte per character. This is primarily for debugging purposes and can result in confusing output in multi character strings.</p>
+
+<p>If <b>ASN1_STRFLGS_SHOW_TYPE</b> is set then the string type itself is printed out before its value (for example &quot;BMPSTRING&quot;), this actually uses ASN1_tag2str().</p>
+
+<p>The content of a string instead of being interpreted can be &quot;dumped&quot;: this just outputs the value of the string using the form #XXXX using hex format for each octet.</p>
+
+<p>If <b>ASN1_STRFLGS_DUMP_ALL</b> is set then any type is dumped.</p>
+
+<p>Normally non character string types (such as OCTET STRING) are assumed to be one byte per character, if <b>ASN1_STRFLGS_DUMP_UNKNOWN</b> is set then they will be dumped instead.</p>
+
+<p>When a type is dumped normally just the content octets are printed, if <b>ASN1_STRFLGS_DUMP_DER</b> is set then the complete encoding is dumped instead (including tag and length octets).</p>
+
+<p><b>ASN1_STRFLGS_RFC2253</b> includes all the flags required by RFC2253. It is equivalent to: ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_STRING_print_ex() and ASN1_STRING_print_ex_fp() return the number of characters written or -1 if an error occurred.</p>
+
+<p>ASN1_STRING_print() returns 1 on success or 0 on error.</p>
+
+<p>ASN1_tag2str() returns a human-readable name of the specified ASN.1 <b>tag</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/ASN1_tag2str.html">ASN1_tag2str(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASRange_free.html b/msys2/usr/share/doc/openssl/html/man3/ASRange_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASRange_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASRange_new.html b/msys2/usr/share/doc/openssl/html/man3/ASRange_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASRange_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_clear_fd.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_clear_fd.html
new file mode 100644
index 000000000..f5bb40a9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_clear_fd.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_WAIT_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd - functions to manage waiting for asynchronous jobs to complete</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
+ void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
+ int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                                OSSL_ASYNC_FD fd,
+                                void *custom_data,
+                                void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
+                                                OSSL_ASYNC_FD, void *));
+ int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                           OSSL_ASYNC_FD *fd, void **custom_data);
+ int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
+                                size_t *numfds);
+ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
+                                    size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+                                    size_t *numdelfds);
+ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For an overview of how asynchronous operations are implemented in OpenSSL see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>. An ASYNC_WAIT_CTX object represents an asynchronous &quot;session&quot;, i.e. a related set of crypto operations. For example in SSL terms this would have a one-to-one correspondence with an SSL connection.</p>
+
+<p>Application code must create an ASYNC_WAIT_CTX using the ASYNC_WAIT_CTX_new() function prior to calling ASYNC_start_job() (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). When the job is started it is associated with the ASYNC_WAIT_CTX for the duration of that job. An ASYNC_WAIT_CTX should only be used for one ASYNC_JOB at any one time, but can be reused after an ASYNC_JOB has finished for a subsequent ASYNC_JOB. When the session is complete (e.g. the SSL connection is closed), application code cleans up with ASYNC_WAIT_CTX_free().</p>
+
+<p>ASYNC_WAIT_CTXs can have &quot;wait&quot; file descriptors associated with them. Calling ASYNC_WAIT_CTX_get_all_fds() and passing in a pointer to an ASYNC_WAIT_CTX in the <b>ctx</b> parameter will return the wait file descriptors associated with that job in <b>*fd</b>. The number of file descriptors returned will be stored in <b>*numfds</b>. It is the caller&#39;s responsibility to ensure that sufficient memory has been allocated in <b>*fd</b> to receive all the file descriptors. Calling ASYNC_WAIT_CTX_get_all_fds() with a NULL <b>fd</b> value will return no file descriptors but will still populate <b>*numfds</b>. Therefore application code is typically expected to call this function twice: once to get the number of fds, and then again when sufficient memory has been allocated. If only one asynchronous engine is being used then normally this call will only ever return one fd. If multiple asynchronous engines are being used then more could be returned.</p>
+
+<p>The function ASYNC_WAIT_CTX_get_changed_fds() can be used to detect if any fds have changed since the last call time ASYNC_start_job() returned an ASYNC_PAUSE result (or since the ASYNC_WAIT_CTX was created if no ASYNC_PAUSE result has been received). The <b>numaddfds</b> and <b>numdelfds</b> parameters will be populated with the number of fds added or deleted respectively. <b>*addfd</b> and <b>*delfd</b> will be populated with the list of added and deleted fds respectively. Similarly to ASYNC_WAIT_CTX_get_all_fds() either of these can be NULL, but if they are not NULL then the caller is responsible for ensuring sufficient memory is allocated.</p>
+
+<p>Implementors of async aware code (e.g. engines) are encouraged to return a stable fd for the lifetime of the ASYNC_WAIT_CTX in order to reduce the &quot;churn&quot; of regularly changing fds - although no guarantees of this are provided to applications.</p>
+
+<p>Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>Async aware code (e.g. engines) can get the current ASYNC_WAIT_CTX from the job via <a href="../man3/ASYNC_get_wait_ctx.html">ASYNC_get_wait_ctx(3)</a> and provide a file descriptor to use for waiting on by calling ASYNC_WAIT_CTX_set_wait_fd(). Typically this would be done by an engine immediately prior to calling ASYNC_pause_job() and not by end user code. An existing association with a file descriptor can be obtained using ASYNC_WAIT_CTX_get_fd() and cleared using ASYNC_WAIT_CTX_clear_fd(). Both of these functions requires a <b>key</b> value which is unique to the async aware code. This could be any unique value but a good candidate might be the <b>ENGINE *</b> for the engine. The <b>custom_data</b> parameter can be any value, and will be returned in a subsequent call to ASYNC_WAIT_CTX_get_fd(). The ASYNC_WAIT_CTX_set_wait_fd() function also expects a pointer to a &quot;cleanup&quot; routine. This can be NULL but if provided will automatically get called when the ASYNC_WAIT_CTX is freed, and gives the engine the opportunity to close the fd or any other resources. Note: The &quot;cleanup&quot; routine does not get called if the fd is cleared directly via a call to ASYNC_WAIT_CTX_clear_fd().</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call ASYNC_WAIT_CTX_set_wait_fd() followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_WAIT_CTX_new() returns a pointer to the newly allocated ASYNC_WAIT_CTX or NULL on error.</p>
+
+<p>ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds and ASYNC_WAIT_CTX_clear_fd all return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_WAIT_CTX_new(), ASYNC_WAIT_CTX_free(), ASYNC_WAIT_CTX_set_wait_fd(), ASYNC_WAIT_CTX_get_fd(), ASYNC_WAIT_CTX_get_all_fds(), ASYNC_WAIT_CTX_get_changed_fds() and ASYNC_WAIT_CTX_clear_fd() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_free.html
new file mode 100644
index 000000000..f5bb40a9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_free.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_WAIT_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd - functions to manage waiting for asynchronous jobs to complete</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
+ void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
+ int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                                OSSL_ASYNC_FD fd,
+                                void *custom_data,
+                                void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
+                                                OSSL_ASYNC_FD, void *));
+ int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                           OSSL_ASYNC_FD *fd, void **custom_data);
+ int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
+                                size_t *numfds);
+ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
+                                    size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+                                    size_t *numdelfds);
+ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For an overview of how asynchronous operations are implemented in OpenSSL see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>. An ASYNC_WAIT_CTX object represents an asynchronous &quot;session&quot;, i.e. a related set of crypto operations. For example in SSL terms this would have a one-to-one correspondence with an SSL connection.</p>
+
+<p>Application code must create an ASYNC_WAIT_CTX using the ASYNC_WAIT_CTX_new() function prior to calling ASYNC_start_job() (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). When the job is started it is associated with the ASYNC_WAIT_CTX for the duration of that job. An ASYNC_WAIT_CTX should only be used for one ASYNC_JOB at any one time, but can be reused after an ASYNC_JOB has finished for a subsequent ASYNC_JOB. When the session is complete (e.g. the SSL connection is closed), application code cleans up with ASYNC_WAIT_CTX_free().</p>
+
+<p>ASYNC_WAIT_CTXs can have &quot;wait&quot; file descriptors associated with them. Calling ASYNC_WAIT_CTX_get_all_fds() and passing in a pointer to an ASYNC_WAIT_CTX in the <b>ctx</b> parameter will return the wait file descriptors associated with that job in <b>*fd</b>. The number of file descriptors returned will be stored in <b>*numfds</b>. It is the caller&#39;s responsibility to ensure that sufficient memory has been allocated in <b>*fd</b> to receive all the file descriptors. Calling ASYNC_WAIT_CTX_get_all_fds() with a NULL <b>fd</b> value will return no file descriptors but will still populate <b>*numfds</b>. Therefore application code is typically expected to call this function twice: once to get the number of fds, and then again when sufficient memory has been allocated. If only one asynchronous engine is being used then normally this call will only ever return one fd. If multiple asynchronous engines are being used then more could be returned.</p>
+
+<p>The function ASYNC_WAIT_CTX_get_changed_fds() can be used to detect if any fds have changed since the last call time ASYNC_start_job() returned an ASYNC_PAUSE result (or since the ASYNC_WAIT_CTX was created if no ASYNC_PAUSE result has been received). The <b>numaddfds</b> and <b>numdelfds</b> parameters will be populated with the number of fds added or deleted respectively. <b>*addfd</b> and <b>*delfd</b> will be populated with the list of added and deleted fds respectively. Similarly to ASYNC_WAIT_CTX_get_all_fds() either of these can be NULL, but if they are not NULL then the caller is responsible for ensuring sufficient memory is allocated.</p>
+
+<p>Implementors of async aware code (e.g. engines) are encouraged to return a stable fd for the lifetime of the ASYNC_WAIT_CTX in order to reduce the &quot;churn&quot; of regularly changing fds - although no guarantees of this are provided to applications.</p>
+
+<p>Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>Async aware code (e.g. engines) can get the current ASYNC_WAIT_CTX from the job via <a href="../man3/ASYNC_get_wait_ctx.html">ASYNC_get_wait_ctx(3)</a> and provide a file descriptor to use for waiting on by calling ASYNC_WAIT_CTX_set_wait_fd(). Typically this would be done by an engine immediately prior to calling ASYNC_pause_job() and not by end user code. An existing association with a file descriptor can be obtained using ASYNC_WAIT_CTX_get_fd() and cleared using ASYNC_WAIT_CTX_clear_fd(). Both of these functions requires a <b>key</b> value which is unique to the async aware code. This could be any unique value but a good candidate might be the <b>ENGINE *</b> for the engine. The <b>custom_data</b> parameter can be any value, and will be returned in a subsequent call to ASYNC_WAIT_CTX_get_fd(). The ASYNC_WAIT_CTX_set_wait_fd() function also expects a pointer to a &quot;cleanup&quot; routine. This can be NULL but if provided will automatically get called when the ASYNC_WAIT_CTX is freed, and gives the engine the opportunity to close the fd or any other resources. Note: The &quot;cleanup&quot; routine does not get called if the fd is cleared directly via a call to ASYNC_WAIT_CTX_clear_fd().</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call ASYNC_WAIT_CTX_set_wait_fd() followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_WAIT_CTX_new() returns a pointer to the newly allocated ASYNC_WAIT_CTX or NULL on error.</p>
+
+<p>ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds and ASYNC_WAIT_CTX_clear_fd all return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_WAIT_CTX_new(), ASYNC_WAIT_CTX_free(), ASYNC_WAIT_CTX_set_wait_fd(), ASYNC_WAIT_CTX_get_fd(), ASYNC_WAIT_CTX_get_all_fds(), ASYNC_WAIT_CTX_get_changed_fds() and ASYNC_WAIT_CTX_clear_fd() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_all_fds.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_all_fds.html
new file mode 100644
index 000000000..f5bb40a9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_all_fds.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_WAIT_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd - functions to manage waiting for asynchronous jobs to complete</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
+ void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
+ int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                                OSSL_ASYNC_FD fd,
+                                void *custom_data,
+                                void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
+                                                OSSL_ASYNC_FD, void *));
+ int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                           OSSL_ASYNC_FD *fd, void **custom_data);
+ int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
+                                size_t *numfds);
+ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
+                                    size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+                                    size_t *numdelfds);
+ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For an overview of how asynchronous operations are implemented in OpenSSL see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>. An ASYNC_WAIT_CTX object represents an asynchronous &quot;session&quot;, i.e. a related set of crypto operations. For example in SSL terms this would have a one-to-one correspondence with an SSL connection.</p>
+
+<p>Application code must create an ASYNC_WAIT_CTX using the ASYNC_WAIT_CTX_new() function prior to calling ASYNC_start_job() (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). When the job is started it is associated with the ASYNC_WAIT_CTX for the duration of that job. An ASYNC_WAIT_CTX should only be used for one ASYNC_JOB at any one time, but can be reused after an ASYNC_JOB has finished for a subsequent ASYNC_JOB. When the session is complete (e.g. the SSL connection is closed), application code cleans up with ASYNC_WAIT_CTX_free().</p>
+
+<p>ASYNC_WAIT_CTXs can have &quot;wait&quot; file descriptors associated with them. Calling ASYNC_WAIT_CTX_get_all_fds() and passing in a pointer to an ASYNC_WAIT_CTX in the <b>ctx</b> parameter will return the wait file descriptors associated with that job in <b>*fd</b>. The number of file descriptors returned will be stored in <b>*numfds</b>. It is the caller&#39;s responsibility to ensure that sufficient memory has been allocated in <b>*fd</b> to receive all the file descriptors. Calling ASYNC_WAIT_CTX_get_all_fds() with a NULL <b>fd</b> value will return no file descriptors but will still populate <b>*numfds</b>. Therefore application code is typically expected to call this function twice: once to get the number of fds, and then again when sufficient memory has been allocated. If only one asynchronous engine is being used then normally this call will only ever return one fd. If multiple asynchronous engines are being used then more could be returned.</p>
+
+<p>The function ASYNC_WAIT_CTX_get_changed_fds() can be used to detect if any fds have changed since the last call time ASYNC_start_job() returned an ASYNC_PAUSE result (or since the ASYNC_WAIT_CTX was created if no ASYNC_PAUSE result has been received). The <b>numaddfds</b> and <b>numdelfds</b> parameters will be populated with the number of fds added or deleted respectively. <b>*addfd</b> and <b>*delfd</b> will be populated with the list of added and deleted fds respectively. Similarly to ASYNC_WAIT_CTX_get_all_fds() either of these can be NULL, but if they are not NULL then the caller is responsible for ensuring sufficient memory is allocated.</p>
+
+<p>Implementors of async aware code (e.g. engines) are encouraged to return a stable fd for the lifetime of the ASYNC_WAIT_CTX in order to reduce the &quot;churn&quot; of regularly changing fds - although no guarantees of this are provided to applications.</p>
+
+<p>Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>Async aware code (e.g. engines) can get the current ASYNC_WAIT_CTX from the job via <a href="../man3/ASYNC_get_wait_ctx.html">ASYNC_get_wait_ctx(3)</a> and provide a file descriptor to use for waiting on by calling ASYNC_WAIT_CTX_set_wait_fd(). Typically this would be done by an engine immediately prior to calling ASYNC_pause_job() and not by end user code. An existing association with a file descriptor can be obtained using ASYNC_WAIT_CTX_get_fd() and cleared using ASYNC_WAIT_CTX_clear_fd(). Both of these functions requires a <b>key</b> value which is unique to the async aware code. This could be any unique value but a good candidate might be the <b>ENGINE *</b> for the engine. The <b>custom_data</b> parameter can be any value, and will be returned in a subsequent call to ASYNC_WAIT_CTX_get_fd(). The ASYNC_WAIT_CTX_set_wait_fd() function also expects a pointer to a &quot;cleanup&quot; routine. This can be NULL but if provided will automatically get called when the ASYNC_WAIT_CTX is freed, and gives the engine the opportunity to close the fd or any other resources. Note: The &quot;cleanup&quot; routine does not get called if the fd is cleared directly via a call to ASYNC_WAIT_CTX_clear_fd().</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call ASYNC_WAIT_CTX_set_wait_fd() followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_WAIT_CTX_new() returns a pointer to the newly allocated ASYNC_WAIT_CTX or NULL on error.</p>
+
+<p>ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds and ASYNC_WAIT_CTX_clear_fd all return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_WAIT_CTX_new(), ASYNC_WAIT_CTX_free(), ASYNC_WAIT_CTX_set_wait_fd(), ASYNC_WAIT_CTX_get_fd(), ASYNC_WAIT_CTX_get_all_fds(), ASYNC_WAIT_CTX_get_changed_fds() and ASYNC_WAIT_CTX_clear_fd() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_changed_fds.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_changed_fds.html
new file mode 100644
index 000000000..f5bb40a9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_changed_fds.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_WAIT_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd - functions to manage waiting for asynchronous jobs to complete</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
+ void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
+ int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                                OSSL_ASYNC_FD fd,
+                                void *custom_data,
+                                void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
+                                                OSSL_ASYNC_FD, void *));
+ int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                           OSSL_ASYNC_FD *fd, void **custom_data);
+ int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
+                                size_t *numfds);
+ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
+                                    size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+                                    size_t *numdelfds);
+ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For an overview of how asynchronous operations are implemented in OpenSSL see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>. An ASYNC_WAIT_CTX object represents an asynchronous &quot;session&quot;, i.e. a related set of crypto operations. For example in SSL terms this would have a one-to-one correspondence with an SSL connection.</p>
+
+<p>Application code must create an ASYNC_WAIT_CTX using the ASYNC_WAIT_CTX_new() function prior to calling ASYNC_start_job() (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). When the job is started it is associated with the ASYNC_WAIT_CTX for the duration of that job. An ASYNC_WAIT_CTX should only be used for one ASYNC_JOB at any one time, but can be reused after an ASYNC_JOB has finished for a subsequent ASYNC_JOB. When the session is complete (e.g. the SSL connection is closed), application code cleans up with ASYNC_WAIT_CTX_free().</p>
+
+<p>ASYNC_WAIT_CTXs can have &quot;wait&quot; file descriptors associated with them. Calling ASYNC_WAIT_CTX_get_all_fds() and passing in a pointer to an ASYNC_WAIT_CTX in the <b>ctx</b> parameter will return the wait file descriptors associated with that job in <b>*fd</b>. The number of file descriptors returned will be stored in <b>*numfds</b>. It is the caller&#39;s responsibility to ensure that sufficient memory has been allocated in <b>*fd</b> to receive all the file descriptors. Calling ASYNC_WAIT_CTX_get_all_fds() with a NULL <b>fd</b> value will return no file descriptors but will still populate <b>*numfds</b>. Therefore application code is typically expected to call this function twice: once to get the number of fds, and then again when sufficient memory has been allocated. If only one asynchronous engine is being used then normally this call will only ever return one fd. If multiple asynchronous engines are being used then more could be returned.</p>
+
+<p>The function ASYNC_WAIT_CTX_get_changed_fds() can be used to detect if any fds have changed since the last call time ASYNC_start_job() returned an ASYNC_PAUSE result (or since the ASYNC_WAIT_CTX was created if no ASYNC_PAUSE result has been received). The <b>numaddfds</b> and <b>numdelfds</b> parameters will be populated with the number of fds added or deleted respectively. <b>*addfd</b> and <b>*delfd</b> will be populated with the list of added and deleted fds respectively. Similarly to ASYNC_WAIT_CTX_get_all_fds() either of these can be NULL, but if they are not NULL then the caller is responsible for ensuring sufficient memory is allocated.</p>
+
+<p>Implementors of async aware code (e.g. engines) are encouraged to return a stable fd for the lifetime of the ASYNC_WAIT_CTX in order to reduce the &quot;churn&quot; of regularly changing fds - although no guarantees of this are provided to applications.</p>
+
+<p>Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>Async aware code (e.g. engines) can get the current ASYNC_WAIT_CTX from the job via <a href="../man3/ASYNC_get_wait_ctx.html">ASYNC_get_wait_ctx(3)</a> and provide a file descriptor to use for waiting on by calling ASYNC_WAIT_CTX_set_wait_fd(). Typically this would be done by an engine immediately prior to calling ASYNC_pause_job() and not by end user code. An existing association with a file descriptor can be obtained using ASYNC_WAIT_CTX_get_fd() and cleared using ASYNC_WAIT_CTX_clear_fd(). Both of these functions requires a <b>key</b> value which is unique to the async aware code. This could be any unique value but a good candidate might be the <b>ENGINE *</b> for the engine. The <b>custom_data</b> parameter can be any value, and will be returned in a subsequent call to ASYNC_WAIT_CTX_get_fd(). The ASYNC_WAIT_CTX_set_wait_fd() function also expects a pointer to a &quot;cleanup&quot; routine. This can be NULL but if provided will automatically get called when the ASYNC_WAIT_CTX is freed, and gives the engine the opportunity to close the fd or any other resources. Note: The &quot;cleanup&quot; routine does not get called if the fd is cleared directly via a call to ASYNC_WAIT_CTX_clear_fd().</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call ASYNC_WAIT_CTX_set_wait_fd() followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_WAIT_CTX_new() returns a pointer to the newly allocated ASYNC_WAIT_CTX or NULL on error.</p>
+
+<p>ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds and ASYNC_WAIT_CTX_clear_fd all return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_WAIT_CTX_new(), ASYNC_WAIT_CTX_free(), ASYNC_WAIT_CTX_set_wait_fd(), ASYNC_WAIT_CTX_get_fd(), ASYNC_WAIT_CTX_get_all_fds(), ASYNC_WAIT_CTX_get_changed_fds() and ASYNC_WAIT_CTX_clear_fd() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_fd.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_fd.html
new file mode 100644
index 000000000..f5bb40a9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_fd.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_WAIT_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd - functions to manage waiting for asynchronous jobs to complete</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
+ void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
+ int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                                OSSL_ASYNC_FD fd,
+                                void *custom_data,
+                                void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
+                                                OSSL_ASYNC_FD, void *));
+ int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                           OSSL_ASYNC_FD *fd, void **custom_data);
+ int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
+                                size_t *numfds);
+ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
+                                    size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+                                    size_t *numdelfds);
+ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For an overview of how asynchronous operations are implemented in OpenSSL see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>. An ASYNC_WAIT_CTX object represents an asynchronous &quot;session&quot;, i.e. a related set of crypto operations. For example in SSL terms this would have a one-to-one correspondence with an SSL connection.</p>
+
+<p>Application code must create an ASYNC_WAIT_CTX using the ASYNC_WAIT_CTX_new() function prior to calling ASYNC_start_job() (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). When the job is started it is associated with the ASYNC_WAIT_CTX for the duration of that job. An ASYNC_WAIT_CTX should only be used for one ASYNC_JOB at any one time, but can be reused after an ASYNC_JOB has finished for a subsequent ASYNC_JOB. When the session is complete (e.g. the SSL connection is closed), application code cleans up with ASYNC_WAIT_CTX_free().</p>
+
+<p>ASYNC_WAIT_CTXs can have &quot;wait&quot; file descriptors associated with them. Calling ASYNC_WAIT_CTX_get_all_fds() and passing in a pointer to an ASYNC_WAIT_CTX in the <b>ctx</b> parameter will return the wait file descriptors associated with that job in <b>*fd</b>. The number of file descriptors returned will be stored in <b>*numfds</b>. It is the caller&#39;s responsibility to ensure that sufficient memory has been allocated in <b>*fd</b> to receive all the file descriptors. Calling ASYNC_WAIT_CTX_get_all_fds() with a NULL <b>fd</b> value will return no file descriptors but will still populate <b>*numfds</b>. Therefore application code is typically expected to call this function twice: once to get the number of fds, and then again when sufficient memory has been allocated. If only one asynchronous engine is being used then normally this call will only ever return one fd. If multiple asynchronous engines are being used then more could be returned.</p>
+
+<p>The function ASYNC_WAIT_CTX_get_changed_fds() can be used to detect if any fds have changed since the last call time ASYNC_start_job() returned an ASYNC_PAUSE result (or since the ASYNC_WAIT_CTX was created if no ASYNC_PAUSE result has been received). The <b>numaddfds</b> and <b>numdelfds</b> parameters will be populated with the number of fds added or deleted respectively. <b>*addfd</b> and <b>*delfd</b> will be populated with the list of added and deleted fds respectively. Similarly to ASYNC_WAIT_CTX_get_all_fds() either of these can be NULL, but if they are not NULL then the caller is responsible for ensuring sufficient memory is allocated.</p>
+
+<p>Implementors of async aware code (e.g. engines) are encouraged to return a stable fd for the lifetime of the ASYNC_WAIT_CTX in order to reduce the &quot;churn&quot; of regularly changing fds - although no guarantees of this are provided to applications.</p>
+
+<p>Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>Async aware code (e.g. engines) can get the current ASYNC_WAIT_CTX from the job via <a href="../man3/ASYNC_get_wait_ctx.html">ASYNC_get_wait_ctx(3)</a> and provide a file descriptor to use for waiting on by calling ASYNC_WAIT_CTX_set_wait_fd(). Typically this would be done by an engine immediately prior to calling ASYNC_pause_job() and not by end user code. An existing association with a file descriptor can be obtained using ASYNC_WAIT_CTX_get_fd() and cleared using ASYNC_WAIT_CTX_clear_fd(). Both of these functions requires a <b>key</b> value which is unique to the async aware code. This could be any unique value but a good candidate might be the <b>ENGINE *</b> for the engine. The <b>custom_data</b> parameter can be any value, and will be returned in a subsequent call to ASYNC_WAIT_CTX_get_fd(). The ASYNC_WAIT_CTX_set_wait_fd() function also expects a pointer to a &quot;cleanup&quot; routine. This can be NULL but if provided will automatically get called when the ASYNC_WAIT_CTX is freed, and gives the engine the opportunity to close the fd or any other resources. Note: The &quot;cleanup&quot; routine does not get called if the fd is cleared directly via a call to ASYNC_WAIT_CTX_clear_fd().</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call ASYNC_WAIT_CTX_set_wait_fd() followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_WAIT_CTX_new() returns a pointer to the newly allocated ASYNC_WAIT_CTX or NULL on error.</p>
+
+<p>ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds and ASYNC_WAIT_CTX_clear_fd all return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_WAIT_CTX_new(), ASYNC_WAIT_CTX_free(), ASYNC_WAIT_CTX_set_wait_fd(), ASYNC_WAIT_CTX_get_fd(), ASYNC_WAIT_CTX_get_all_fds(), ASYNC_WAIT_CTX_get_changed_fds() and ASYNC_WAIT_CTX_clear_fd() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_new.html
new file mode 100644
index 000000000..f5bb40a9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_new.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_WAIT_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd - functions to manage waiting for asynchronous jobs to complete</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
+ void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
+ int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                                OSSL_ASYNC_FD fd,
+                                void *custom_data,
+                                void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
+                                                OSSL_ASYNC_FD, void *));
+ int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                           OSSL_ASYNC_FD *fd, void **custom_data);
+ int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
+                                size_t *numfds);
+ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
+                                    size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+                                    size_t *numdelfds);
+ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For an overview of how asynchronous operations are implemented in OpenSSL see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>. An ASYNC_WAIT_CTX object represents an asynchronous &quot;session&quot;, i.e. a related set of crypto operations. For example in SSL terms this would have a one-to-one correspondence with an SSL connection.</p>
+
+<p>Application code must create an ASYNC_WAIT_CTX using the ASYNC_WAIT_CTX_new() function prior to calling ASYNC_start_job() (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). When the job is started it is associated with the ASYNC_WAIT_CTX for the duration of that job. An ASYNC_WAIT_CTX should only be used for one ASYNC_JOB at any one time, but can be reused after an ASYNC_JOB has finished for a subsequent ASYNC_JOB. When the session is complete (e.g. the SSL connection is closed), application code cleans up with ASYNC_WAIT_CTX_free().</p>
+
+<p>ASYNC_WAIT_CTXs can have &quot;wait&quot; file descriptors associated with them. Calling ASYNC_WAIT_CTX_get_all_fds() and passing in a pointer to an ASYNC_WAIT_CTX in the <b>ctx</b> parameter will return the wait file descriptors associated with that job in <b>*fd</b>. The number of file descriptors returned will be stored in <b>*numfds</b>. It is the caller&#39;s responsibility to ensure that sufficient memory has been allocated in <b>*fd</b> to receive all the file descriptors. Calling ASYNC_WAIT_CTX_get_all_fds() with a NULL <b>fd</b> value will return no file descriptors but will still populate <b>*numfds</b>. Therefore application code is typically expected to call this function twice: once to get the number of fds, and then again when sufficient memory has been allocated. If only one asynchronous engine is being used then normally this call will only ever return one fd. If multiple asynchronous engines are being used then more could be returned.</p>
+
+<p>The function ASYNC_WAIT_CTX_get_changed_fds() can be used to detect if any fds have changed since the last call time ASYNC_start_job() returned an ASYNC_PAUSE result (or since the ASYNC_WAIT_CTX was created if no ASYNC_PAUSE result has been received). The <b>numaddfds</b> and <b>numdelfds</b> parameters will be populated with the number of fds added or deleted respectively. <b>*addfd</b> and <b>*delfd</b> will be populated with the list of added and deleted fds respectively. Similarly to ASYNC_WAIT_CTX_get_all_fds() either of these can be NULL, but if they are not NULL then the caller is responsible for ensuring sufficient memory is allocated.</p>
+
+<p>Implementors of async aware code (e.g. engines) are encouraged to return a stable fd for the lifetime of the ASYNC_WAIT_CTX in order to reduce the &quot;churn&quot; of regularly changing fds - although no guarantees of this are provided to applications.</p>
+
+<p>Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>Async aware code (e.g. engines) can get the current ASYNC_WAIT_CTX from the job via <a href="../man3/ASYNC_get_wait_ctx.html">ASYNC_get_wait_ctx(3)</a> and provide a file descriptor to use for waiting on by calling ASYNC_WAIT_CTX_set_wait_fd(). Typically this would be done by an engine immediately prior to calling ASYNC_pause_job() and not by end user code. An existing association with a file descriptor can be obtained using ASYNC_WAIT_CTX_get_fd() and cleared using ASYNC_WAIT_CTX_clear_fd(). Both of these functions requires a <b>key</b> value which is unique to the async aware code. This could be any unique value but a good candidate might be the <b>ENGINE *</b> for the engine. The <b>custom_data</b> parameter can be any value, and will be returned in a subsequent call to ASYNC_WAIT_CTX_get_fd(). The ASYNC_WAIT_CTX_set_wait_fd() function also expects a pointer to a &quot;cleanup&quot; routine. This can be NULL but if provided will automatically get called when the ASYNC_WAIT_CTX is freed, and gives the engine the opportunity to close the fd or any other resources. Note: The &quot;cleanup&quot; routine does not get called if the fd is cleared directly via a call to ASYNC_WAIT_CTX_clear_fd().</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call ASYNC_WAIT_CTX_set_wait_fd() followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_WAIT_CTX_new() returns a pointer to the newly allocated ASYNC_WAIT_CTX or NULL on error.</p>
+
+<p>ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds and ASYNC_WAIT_CTX_clear_fd all return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_WAIT_CTX_new(), ASYNC_WAIT_CTX_free(), ASYNC_WAIT_CTX_set_wait_fd(), ASYNC_WAIT_CTX_get_fd(), ASYNC_WAIT_CTX_get_all_fds(), ASYNC_WAIT_CTX_get_changed_fds() and ASYNC_WAIT_CTX_clear_fd() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_set_wait_fd.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_set_wait_fd.html
new file mode 100644
index 000000000..f5bb40a9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_set_wait_fd.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_WAIT_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_WAIT_CTX_new, ASYNC_WAIT_CTX_free, ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds, ASYNC_WAIT_CTX_clear_fd - functions to manage waiting for asynchronous jobs to complete</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
+ void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
+ int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                                OSSL_ASYNC_FD fd,
+                                void *custom_data,
+                                void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
+                                                OSSL_ASYNC_FD, void *));
+ int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+                           OSSL_ASYNC_FD *fd, void **custom_data);
+ int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
+                                size_t *numfds);
+ int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
+                                    size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+                                    size_t *numdelfds);
+ int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For an overview of how asynchronous operations are implemented in OpenSSL see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>. An ASYNC_WAIT_CTX object represents an asynchronous &quot;session&quot;, i.e. a related set of crypto operations. For example in SSL terms this would have a one-to-one correspondence with an SSL connection.</p>
+
+<p>Application code must create an ASYNC_WAIT_CTX using the ASYNC_WAIT_CTX_new() function prior to calling ASYNC_start_job() (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). When the job is started it is associated with the ASYNC_WAIT_CTX for the duration of that job. An ASYNC_WAIT_CTX should only be used for one ASYNC_JOB at any one time, but can be reused after an ASYNC_JOB has finished for a subsequent ASYNC_JOB. When the session is complete (e.g. the SSL connection is closed), application code cleans up with ASYNC_WAIT_CTX_free().</p>
+
+<p>ASYNC_WAIT_CTXs can have &quot;wait&quot; file descriptors associated with them. Calling ASYNC_WAIT_CTX_get_all_fds() and passing in a pointer to an ASYNC_WAIT_CTX in the <b>ctx</b> parameter will return the wait file descriptors associated with that job in <b>*fd</b>. The number of file descriptors returned will be stored in <b>*numfds</b>. It is the caller&#39;s responsibility to ensure that sufficient memory has been allocated in <b>*fd</b> to receive all the file descriptors. Calling ASYNC_WAIT_CTX_get_all_fds() with a NULL <b>fd</b> value will return no file descriptors but will still populate <b>*numfds</b>. Therefore application code is typically expected to call this function twice: once to get the number of fds, and then again when sufficient memory has been allocated. If only one asynchronous engine is being used then normally this call will only ever return one fd. If multiple asynchronous engines are being used then more could be returned.</p>
+
+<p>The function ASYNC_WAIT_CTX_get_changed_fds() can be used to detect if any fds have changed since the last call time ASYNC_start_job() returned an ASYNC_PAUSE result (or since the ASYNC_WAIT_CTX was created if no ASYNC_PAUSE result has been received). The <b>numaddfds</b> and <b>numdelfds</b> parameters will be populated with the number of fds added or deleted respectively. <b>*addfd</b> and <b>*delfd</b> will be populated with the list of added and deleted fds respectively. Similarly to ASYNC_WAIT_CTX_get_all_fds() either of these can be NULL, but if they are not NULL then the caller is responsible for ensuring sufficient memory is allocated.</p>
+
+<p>Implementors of async aware code (e.g. engines) are encouraged to return a stable fd for the lifetime of the ASYNC_WAIT_CTX in order to reduce the &quot;churn&quot; of regularly changing fds - although no guarantees of this are provided to applications.</p>
+
+<p>Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>Async aware code (e.g. engines) can get the current ASYNC_WAIT_CTX from the job via <a href="../man3/ASYNC_get_wait_ctx.html">ASYNC_get_wait_ctx(3)</a> and provide a file descriptor to use for waiting on by calling ASYNC_WAIT_CTX_set_wait_fd(). Typically this would be done by an engine immediately prior to calling ASYNC_pause_job() and not by end user code. An existing association with a file descriptor can be obtained using ASYNC_WAIT_CTX_get_fd() and cleared using ASYNC_WAIT_CTX_clear_fd(). Both of these functions requires a <b>key</b> value which is unique to the async aware code. This could be any unique value but a good candidate might be the <b>ENGINE *</b> for the engine. The <b>custom_data</b> parameter can be any value, and will be returned in a subsequent call to ASYNC_WAIT_CTX_get_fd(). The ASYNC_WAIT_CTX_set_wait_fd() function also expects a pointer to a &quot;cleanup&quot; routine. This can be NULL but if provided will automatically get called when the ASYNC_WAIT_CTX is freed, and gives the engine the opportunity to close the fd or any other resources. Note: The &quot;cleanup&quot; routine does not get called if the fd is cleared directly via a call to ASYNC_WAIT_CTX_clear_fd().</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call ASYNC_WAIT_CTX_set_wait_fd() followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_WAIT_CTX_new() returns a pointer to the newly allocated ASYNC_WAIT_CTX or NULL on error.</p>
+
+<p>ASYNC_WAIT_CTX_set_wait_fd, ASYNC_WAIT_CTX_get_fd, ASYNC_WAIT_CTX_get_all_fds, ASYNC_WAIT_CTX_get_changed_fds and ASYNC_WAIT_CTX_clear_fd all return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_WAIT_CTX_new(), ASYNC_WAIT_CTX_free(), ASYNC_WAIT_CTX_set_wait_fd(), ASYNC_WAIT_CTX_get_fd(), ASYNC_WAIT_CTX_get_all_fds(), ASYNC_WAIT_CTX_get_changed_fds() and ASYNC_WAIT_CTX_clear_fd() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_block_pause.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_block_pause.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_block_pause.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_cleanup_thread.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_cleanup_thread.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_cleanup_thread.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_get_current_job.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_get_current_job.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_get_current_job.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_get_wait_ctx.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_get_wait_ctx.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_get_wait_ctx.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_init_thread.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_init_thread.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_init_thread.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_is_capable.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_is_capable.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_is_capable.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_pause_job.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_pause_job.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_pause_job.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_start_job.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_start_job.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_start_job.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ASYNC_unblock_pause.html b/msys2/usr/share/doc/openssl/html/man3/ASYNC_unblock_pause.html
new file mode 100644
index 000000000..814428954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ASYNC_unblock_pause.html
@@ -0,0 +1,273 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASYNC_start_job</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASYNC_get_wait_ctx, ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_block_pause, ASYNC_unblock_pause, ASYNC_is_capable - asynchronous job management functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+
+ int ASYNC_init_thread(size_t max_size, size_t init_size);
+ void ASYNC_cleanup_thread(void);
+
+ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+                     int (*func)(void *), void *args, size_t size);
+ int ASYNC_pause_job(void);
+
+ ASYNC_JOB *ASYNC_get_current_job(void);
+ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+ void ASYNC_block_pause(void);
+ void ASYNC_unblock_pause(void);
+
+ int ASYNC_is_capable(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL implements asynchronous capabilities through an ASYNC_JOB. This represents code that can be started and executes until some event occurs. At that point the code can be paused and control returns to user code until some subsequent event indicates that the job can be resumed.</p>
+
+<p>The creation of an ASYNC_JOB is a relatively expensive operation. Therefore, for efficiency reasons, jobs can be created up front and reused many times. They are held in a pool until they are needed, at which point they are removed from the pool, used, and then returned to the pool when the job completes. If the user application is multi-threaded, then ASYNC_init_thread() may be called for each thread that will initiate asynchronous jobs. Before user code exits per-thread resources need to be cleaned up. This will normally occur automatically (see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>) but may be explicitly initiated by using ASYNC_cleanup_thread(). No asynchronous jobs must be outstanding for the thread when ASYNC_cleanup_thread() is called. Failing to ensure this will result in memory leaks.</p>
+
+<p>The <b>max_size</b> argument limits the number of ASYNC_JOBs that will be held in the pool. If <b>max_size</b> is set to 0 then no upper limit is set. When an ASYNC_JOB is needed but there are none available in the pool already then one will be automatically created, as long as the total of ASYNC_JOBs managed by the pool does not exceed <b>max_size</b>. When the pool is first initialised <b>init_size</b> ASYNC_JOBs will be created immediately. If ASYNC_init_thread() is not called before the pool is first used then it will be called automatically with a <b>max_size</b> of 0 (no upper limit) and an <b>init_size</b> of 0 (no ASYNC_JOBs created up front).</p>
+
+<p>An asynchronous job is started by calling the ASYNC_start_job() function. Initially <b>*job</b> should be NULL. <b>ctx</b> should point to an ASYNC_WAIT_CTX object created through the <a href="../man3/ASYNC_WAIT_CTX_new.html">ASYNC_WAIT_CTX_new(3)</a> function. <b>ret</b> should point to a location where the return value of the asynchronous function should be stored on completion of the job. <b>func</b> represents the function that should be started asynchronously. The data pointed to by <b>args</b> and of size <b>size</b> will be copied and then passed as an argument to <b>func</b> when the job starts. ASYNC_start_job will return one of the following values:</p>
+
+<dl>
+
+<dt id="ASYNC_ERR"><b>ASYNC_ERR</b></dt>
+<dd>
+
+<p>An error occurred trying to start the job. Check the OpenSSL error queue (e.g. see <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a>) for more details.</p>
+
+</dd>
+<dt id="ASYNC_NO_JOBS"><b>ASYNC_NO_JOBS</b></dt>
+<dd>
+
+<p>There are no jobs currently available in the pool. This call can be retried again at a later time.</p>
+
+</dd>
+<dt id="ASYNC_PAUSE"><b>ASYNC_PAUSE</b></dt>
+<dd>
+
+<p>The job was successfully started but was &quot;paused&quot; before it completed (see ASYNC_pause_job() below). A handle to the job is placed in <b>*job</b>. Other work can be performed (if desired) and the job restarted at a later time. To restart a job call ASYNC_start_job() again passing the job handle in <b>*job</b>. The <b>func</b>, <b>args</b> and <b>size</b> parameters will be ignored when restarting a job. When restarting a job ASYNC_start_job() <b>must</b> be called from the same thread that the job was originally started from.</p>
+
+</dd>
+<dt id="ASYNC_FINISH"><b>ASYNC_FINISH</b></dt>
+<dd>
+
+<p>The job completed. <b>*job</b> will be NULL and the return value from <b>func</b> will be placed in <b>*ret</b>.</p>
+
+</dd>
+</dl>
+
+<p>At any one time there can be a maximum of one job actively running per thread (you can have many that are paused). ASYNC_get_current_job() can be used to get a pointer to the currently executing ASYNC_JOB. If no job is currently executing then this will return NULL.</p>
+
+<p>If executing within the context of a job (i.e. having been called directly or indirectly by the function &quot;func&quot; passed as an argument to ASYNC_start_job()) then ASYNC_pause_job() will immediately return control to the calling application with ASYNC_PAUSE returned from the ASYNC_start_job() call. A subsequent call to ASYNC_start_job passing in the relevant ASYNC_JOB in the <b>*job</b> parameter will resume execution from the ASYNC_pause_job() call. If ASYNC_pause_job() is called whilst not within the context of a job then no action is taken and ASYNC_pause_job() returns immediately.</p>
+
+<p>ASYNC_get_wait_ctx() can be used to get a pointer to the ASYNC_WAIT_CTX for the <b>job</b>. ASYNC_WAIT_CTXs can have a &quot;wait&quot; file descriptor associated with them. Applications can wait for the file descriptor to be ready for &quot;read&quot; using a system function call such as select or poll (being ready for &quot;read&quot; indicates that the job should be resumed). If no file descriptor is made available then an application will have to periodically &quot;poll&quot; the job by attempting to restart it to see if it is ready to continue.</p>
+
+<p>An example of typical usage might be an async capable engine. User code would initiate cryptographic operations. The engine would initiate those operations asynchronously and then call <a href="../man3/ASYNC_WAIT_CTX_set_wait_fd.html">ASYNC_WAIT_CTX_set_wait_fd(3)</a> followed by ASYNC_pause_job() to return control to the user code. The user code can then perform other tasks or wait for the job to be ready by calling &quot;select&quot; or other similar function on the wait file descriptor. The engine can signal to the user code that the job should be resumed by making the wait file descriptor &quot;readable&quot;. Once resumed the engine should clear the wake signal on the wait file descriptor.</p>
+
+<p>The ASYNC_block_pause() function will prevent the currently active job from pausing. The block will remain in place until a subsequent call to ASYNC_unblock_pause(). These functions can be nested, e.g. if you call ASYNC_block_pause() twice then you must call ASYNC_unblock_pause() twice in order to re-enable pausing. If these functions are called while there is no currently active job then they have no effect. This functionality can be useful to avoid deadlock scenarios. For example during the execution of an ASYNC_JOB an application acquires a lock. It then calls some cryptographic function which invokes ASYNC_pause_job(). This returns control back to the code that created the ASYNC_JOB. If that code then attempts to acquire the same lock before resuming the original job then a deadlock can occur. By calling ASYNC_block_pause() immediately after acquiring the lock and ASYNC_unblock_pause() immediately before releasing it then this situation cannot occur.</p>
+
+<p>Some platforms cannot support async operations. The ASYNC_is_capable() function can be used to detect whether the current platform is async capable or not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASYNC_init_thread returns 1 on success or 0 otherwise.</p>
+
+<p>ASYNC_start_job returns one of ASYNC_ERR, ASYNC_NO_JOBS, ASYNC_PAUSE or ASYNC_FINISH as described above.</p>
+
+<p>ASYNC_pause_job returns 0 if an error occurred or 1 on success. If called when not within the context of an ASYNC_JOB then this is counted as success so 1 is returned.</p>
+
+<p>ASYNC_get_current_job returns a pointer to the currently executing ASYNC_JOB or NULL if not within the context of a job.</p>
+
+<p>ASYNC_get_wait_ctx() returns a pointer to the ASYNC_WAIT_CTX for the job.</p>
+
+<p>ASYNC_is_capable() returns 1 if the current platform is async capable or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The following example demonstrates how to use most of the core async APIs:</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;stdio.h&gt;
+ #include &lt;unistd.h&gt;
+ #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/crypto.h&gt;
+
+ int unique = 0;
+
+ void cleanup(ASYNC_WAIT_CTX *ctx, const void *key, OSSL_ASYNC_FD r, void *vw)
+ {
+     OSSL_ASYNC_FD *w = (OSSL_ASYNC_FD *)vw;
+
+     close(r);
+     close(*w);
+     OPENSSL_free(w);
+ }
+
+ int jobfunc(void *arg)
+ {
+     ASYNC_JOB *currjob;
+     unsigned char *msg;
+     int pipefds[2] = {0, 0};
+     OSSL_ASYNC_FD *wptr;
+     char buf = &#39;X&#39;;
+
+     currjob = ASYNC_get_current_job();
+     if (currjob != NULL) {
+         printf(&quot;Executing within a job\n&quot;);
+     } else {
+         printf(&quot;Not executing within a job - should not happen\n&quot;);
+         return 0;
+     }
+
+     msg = (unsigned char *)arg;
+     printf(&quot;Passed in message is: %s\n&quot;, msg);
+
+     if (pipe(pipefds) != 0) {
+         printf(&quot;Failed to create pipe\n&quot;);
+         return 0;
+     }
+     wptr = OPENSSL_malloc(sizeof(OSSL_ASYNC_FD));
+     if (wptr == NULL) {
+         printf(&quot;Failed to malloc\n&quot;);
+         return 0;
+     }
+     *wptr = pipefds[1];
+     ASYNC_WAIT_CTX_set_wait_fd(ASYNC_get_wait_ctx(currjob), &amp;unique,
+                                pipefds[0], wptr, cleanup);
+
+     /*
+      * Normally some external event would cause this to happen at some
+      * later point - but we do it here for demo purposes, i.e.
+      * immediately signalling that the job is ready to be woken up after
+      * we return to main via ASYNC_pause_job().
+      */
+     write(pipefds[1], &amp;buf, 1);
+
+     /* Return control back to main */
+     ASYNC_pause_job();
+
+     /* Clear the wake signal */
+     read(pipefds[0], &amp;buf, 1);
+
+     printf (&quot;Resumed the job after a pause\n&quot;);
+
+     return 1;
+ }
+
+ int main(void)
+ {
+     ASYNC_JOB *job = NULL;
+     ASYNC_WAIT_CTX *ctx = NULL;
+     int ret;
+     OSSL_ASYNC_FD waitfd;
+     fd_set waitfdset;
+     size_t numfds;
+     unsigned char msg[13] = &quot;Hello world!&quot;;
+
+     printf(&quot;Starting...\n&quot;);
+
+     ctx = ASYNC_WAIT_CTX_new();
+     if (ctx == NULL) {
+         printf(&quot;Failed to create ASYNC_WAIT_CTX\n&quot;);
+         abort();
+     }
+
+     for (;;) {
+         switch (ASYNC_start_job(&amp;job, ctx, &amp;ret, jobfunc, msg, sizeof(msg))) {
+         case ASYNC_ERR:
+         case ASYNC_NO_JOBS:
+             printf(&quot;An error occurred\n&quot;);
+             goto end;
+         case ASYNC_PAUSE:
+             printf(&quot;Job was paused\n&quot;);
+             break;
+         case ASYNC_FINISH:
+             printf(&quot;Job finished with return value %d\n&quot;, ret);
+             goto end;
+         }
+
+         /* Wait for the job to be woken */
+         printf(&quot;Waiting for the job to be woken up\n&quot;);
+
+         if (!ASYNC_WAIT_CTX_get_all_fds(ctx, NULL, &amp;numfds)
+                 || numfds &gt; 1) {
+             printf(&quot;Unexpected number of fds\n&quot;);
+             abort();
+         }
+         ASYNC_WAIT_CTX_get_all_fds(ctx, &amp;waitfd, &amp;numfds);
+         FD_ZERO(&amp;waitfdset);
+         FD_SET(waitfd, &amp;waitfdset);
+         select(waitfd + 1, &amp;waitfdset, NULL, NULL, NULL);
+     }
+
+ end:
+     ASYNC_WAIT_CTX_free(ctx);
+     printf(&quot;Finishing\n&quot;);
+
+     return 0;
+ }</code></pre>
+
+<p>The expected output from executing the above example program is:</p>
+
+<pre><code> Starting...
+ Executing within a job
+ Passed in message is: Hello world!
+ Job was paused
+ Waiting for the job to be woken up
+ Resumed the job after a pause
+ Job finished with return value 1
+ Finishing</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASYNC_init_thread, ASYNC_cleanup_thread, ASYNC_start_job, ASYNC_pause_job, ASYNC_get_current_job, ASYNC_get_wait_ctx(), ASYNC_block_pause(), ASYNC_unblock_pause() and ASYNC_is_capable() were first added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_INFO_ACCESS_free.html b/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_INFO_ACCESS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_INFO_ACCESS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_INFO_ACCESS_new.html b/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_INFO_ACCESS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_INFO_ACCESS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_KEYID_free.html b/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_KEYID_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_KEYID_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_KEYID_new.html b/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_KEYID_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/AUTHORITY_KEYID_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BASIC_CONSTRAINTS_free.html b/msys2/usr/share/doc/openssl/html/man3/BASIC_CONSTRAINTS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BASIC_CONSTRAINTS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BASIC_CONSTRAINTS_new.html b/msys2/usr/share/doc/openssl/html/man3/BASIC_CONSTRAINTS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BASIC_CONSTRAINTS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BF_cbc_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/BF_cbc_encrypt.html
new file mode 100644
index 000000000..22f195a62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BF_cbc_encrypt.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BF_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/blowfish.h&gt;
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     long length, BF_KEY *schedule,
+                     unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num, int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
+
+<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
+
+<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
+
+<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
+
+<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
+
+<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
+
+<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
+
+<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions presented here return any value.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BF_cfb64_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/BF_cfb64_encrypt.html
new file mode 100644
index 000000000..22f195a62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BF_cfb64_encrypt.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BF_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/blowfish.h&gt;
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     long length, BF_KEY *schedule,
+                     unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num, int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
+
+<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
+
+<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
+
+<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
+
+<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
+
+<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
+
+<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
+
+<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions presented here return any value.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BF_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/BF_decrypt.html
new file mode 100644
index 000000000..22f195a62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BF_decrypt.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BF_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/blowfish.h&gt;
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     long length, BF_KEY *schedule,
+                     unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num, int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
+
+<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
+
+<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
+
+<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
+
+<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
+
+<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
+
+<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
+
+<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions presented here return any value.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BF_ecb_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/BF_ecb_encrypt.html
new file mode 100644
index 000000000..22f195a62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BF_ecb_encrypt.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BF_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/blowfish.h&gt;
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     long length, BF_KEY *schedule,
+                     unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num, int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
+
+<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
+
+<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
+
+<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
+
+<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
+
+<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
+
+<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
+
+<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions presented here return any value.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BF_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/BF_encrypt.html
new file mode 100644
index 000000000..22f195a62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BF_encrypt.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BF_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/blowfish.h&gt;
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     long length, BF_KEY *schedule,
+                     unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num, int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
+
+<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
+
+<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
+
+<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
+
+<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
+
+<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
+
+<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
+
+<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions presented here return any value.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BF_ofb64_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/BF_ofb64_encrypt.html
new file mode 100644
index 000000000..22f195a62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BF_ofb64_encrypt.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BF_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/blowfish.h&gt;
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     long length, BF_KEY *schedule,
+                     unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num, int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
+
+<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
+
+<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
+
+<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
+
+<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
+
+<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
+
+<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
+
+<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions presented here return any value.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BF_options.html b/msys2/usr/share/doc/openssl/html/man3/BF_options.html
new file mode 100644
index 000000000..22f195a62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BF_options.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BF_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/blowfish.h&gt;
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     long length, BF_KEY *schedule,
+                     unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num, int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
+
+<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
+
+<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
+
+<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
+
+<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
+
+<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
+
+<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
+
+<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions presented here return any value.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BF_set_key.html b/msys2/usr/share/doc/openssl/html/man3/BF_set_key.html
new file mode 100644
index 000000000..22f195a62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BF_set_key.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BF_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt, BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/blowfish.h&gt;
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     long length, BF_KEY *schedule,
+                     unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num, int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, BF_KEY *schedule,
+                       unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Blowfish cipher, which was invented and described by Counterpane (see http://www.counterpane.com/blowfish.html ).</p>
+
+<p>Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are considered good for strong encryption. Blowfish can be used in the same modes as DES (see <a href="../man7/des_modes.html">des_modes(7)</a>). Blowfish is currently one of the faster block ciphers. It is quite a bit faster than DES, and much faster than IDEA or RC2.</p>
+
+<p>Blowfish consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>BF_set_key() sets up the <b>BF_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>BF_ecb_encrypt() is the basic Blowfish encryption and decryption function. It encrypts or decrypts the first 64 bits of <b>in</b> using the key <b>key</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. The vector pointed at by <b>in</b> and <b>out</b> must be 64 bits in length, no less. If they are larger, everything after the first 64 bits is ignored.</p>
+
+<p>The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt() all operate on variable length data. They all take an initialization vector <b>ivec</b> which needs to be passed along into the next call of the same function for the same message. <b>ivec</b> may be initialized with anything, but the recipient needs to know what it was initialized with, or it won&#39;t be able to decrypt. Some programs and protocols simplify this, like SSH, where <b>ivec</b> is simply initialized to zero. BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable number of bytes (the amount does not have to be an exact multiple of 8). The purpose of the latter two is to simulate stream ciphers, and therefore, they need the parameter <b>num</b>, which is a pointer to an integer where the current offset in <b>ivec</b> is stored between calls. This integer must be initialized to zero when <b>ivec</b> is initialized.</p>
+
+<p>BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish. It encrypts or decrypts the 64 bits chunks of <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (BF_ENCRYPT) or decryption (BF_DECRYPT) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector.</p>
+
+<p>BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback. It encrypts or decrypts the bytes in <b>in</b> using the key <b>schedule</b>, putting the result in <b>out</b>. <b>enc</b> decides if encryption (<b>BF_ENCRYPT</b>) or decryption (<b>BF_DECRYPT</b>) shall be performed. <b>ivec</b> must point at an 8 byte long initialization vector. <b>num</b> must point at an integer which must be initially zero.</p>
+
+<p>BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback. It uses the same parameters as BF_cfb64_encrypt(), which must be initialized the same way.</p>
+
+<p>BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish encryption. They encrypt/decrypt the first 64 bits of the vector pointed by <b>data</b>, using the key <b>key</b>. These functions should not be used unless you implement &#39;modes&#39; of Blowfish. The alternative is to use BF_ecb_encrypt(). If you still want to use these functions, you should be aware that they take each 32-bit chunk in host-byte order, which is little-endian on little-endian platforms and big-endian on big-endian ones.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions presented here return any value.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man7/des_modes.html">des_modes(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_address.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_address.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_address.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_family.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_family.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_family.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_free.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_free.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_free.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_next.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_next.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_next.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_protocol.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_protocol.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_protocol.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_socktype.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_socktype.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDRINFO_socktype.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_clear.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_clear.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_clear.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_family.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_family.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_family.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_free.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_free.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_free.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_hostname_string.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_hostname_string.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_hostname_string.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_new.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_new.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_new.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_path_string.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_path_string.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_path_string.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawaddress.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawaddress.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawaddress.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawmake.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawmake.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawmake.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawport.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawport.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_rawport.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_service_string.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_service_string.html
new file mode 100644
index 000000000..c92fb067e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ADDR_service_string.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDR</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RAW-ADDRESSES">RAW ADDRESSES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ADDR, BIO_ADDR_new, BIO_ADDR_clear, BIO_ADDR_free, BIO_ADDR_rawmake, BIO_ADDR_family, BIO_ADDR_rawaddress, BIO_ADDR_rawport, BIO_ADDR_hostname_string, BIO_ADDR_service_string, BIO_ADDR_path_string - BIO_ADDR routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addr_st BIO_ADDR;
+
+ BIO_ADDR *BIO_ADDR_new(void);
+ void BIO_ADDR_free(BIO_ADDR *);
+ void BIO_ADDR_clear(BIO_ADDR *ap);
+ int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+                      const void *where, size_t wherelen, unsigned short port);
+ int BIO_ADDR_family(const BIO_ADDR *ap);
+ int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+ unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+ char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+ char *BIO_ADDR_path_string(const BIO_ADDR *ap);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDR</b> type is a wrapper around all types of socket addresses that OpenSSL deals with, currently transparently supporting AF_INET, AF_INET6 and AF_UNIX according to what&#39;s available on the platform at hand.</p>
+
+<p>BIO_ADDR_new() creates a new unfilled <b>BIO_ADDR</b>, to be used with routines that will fill it with information, such as BIO_accept_ex().</p>
+
+<p>BIO_ADDR_free() frees a <b>BIO_ADDR</b> created with BIO_ADDR_new().</p>
+
+<p>BIO_ADDR_clear() clears any data held within the provided <b>BIO_ADDR</b> and sets it back to an uninitialised state.</p>
+
+<p>BIO_ADDR_rawmake() takes a protocol <b>family</b>, an byte array of size <b>wherelen</b> with an address in network byte order pointed at by <b>where</b> and a port number in network byte order in <b>port</b> (except for the <b>AF_UNIX</b> protocol family, where <b>port</b> is meaningless and therefore ignored) and populates the given <b>BIO_ADDR</b> with them. In case this creates a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>wherelen</b> is expected to be the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_family() returns the protocol family of the given <b>BIO_ADDR</b>. The possible non-error results are one of the constants AF_INET, AF_INET6 and AF_UNIX. It will also return AF_UNSPEC if the BIO_ADDR has not been initialised.</p>
+
+<p>BIO_ADDR_rawaddress() will write the raw address of the given <b>BIO_ADDR</b> in the area pointed at by <b>p</b> if <b>p</b> is non-NULL, and will set <b>*l</b> to be the amount of bytes the raw address takes up if <b>l</b> is non-NULL. A technique to only find out the size of the address is a call with <b>p</b> set to <b>NULL</b>. The raw address will be in network byte order, most significant byte first. In case this is a <b>AF_UNIX</b> <b>BIO_ADDR</b>, <b>l</b> gets the length of the path string (not including the terminating NUL, such as the result of a call to strlen()). <i>Read on about the addresses in <a href="#RAW-ADDRESSES">&quot;RAW ADDRESSES&quot;</a> below</i>.</p>
+
+<p>BIO_ADDR_rawport() returns the raw port of the given <b>BIO_ADDR</b>. The raw port will be in network byte order.</p>
+
+<p>BIO_ADDR_hostname_string() returns a character string with the hostname of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the numerical form of the address. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_service_string() returns a character string with the service name of the port of the given <b>BIO_ADDR</b>. If <b>numeric</b> is 1, the string will contain the port number. This only works for <b>BIO_ADDR</b> of the protocol families AF_INET and AF_INET6. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<p>BIO_ADDR_path_string() returns a character string with the path of the given <b>BIO_ADDR</b>. This only works for <b>BIO_ADDR</b> of the protocol family AF_UNIX. The returned string has been allocated on the heap and must be freed with OPENSSL_free().</p>
+
+<h1 id="RAW-ADDRESSES">RAW ADDRESSES</h1>
+
+<p>Both BIO_ADDR_rawmake() and BIO_ADDR_rawaddress() take a pointer to a network byte order address of a specific site. Internally, those are treated as a pointer to <b>struct in_addr</b> (for <b>AF_INET</b>), <b>struct in6_addr</b> (for <b>AF_INET6</b>) or <b>char *</b> (for <b>AF_UNIX</b>), all depending on the protocol family the address is for.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The string producing functions BIO_ADDR_hostname_string(), BIO_ADDR_service_string() and BIO_ADDR_path_string() will return <b>NULL</b> on error and leave an error indication on the OpenSSL error stack.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_connect.html">BIO_connect(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_accept_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_accept_ex.html
new file mode 100644
index 000000000..5f38b0655
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_accept_ex.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_socket, BIO_bind, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket - BIO socket communication setup routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_socket(int domain, int socktype, int protocol, int options);
+ int BIO_bind(int sock, const BIO_ADDR *addr, int options);
+ int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+ int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+ int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
+ int BIO_closesocket(int sock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_socket() creates a socket in the domain <b>domain</b>, of type <b>socktype</b> and <b>protocol</b>. Socket <b>options</b> are currently unused, but is present for future use.</p>
+
+<p>BIO_bind() binds the source address and service to a socket and may be useful before calling BIO_connect(). The options may include <b>BIO_SOCK_REUSADDR</b>, which is described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_connect() connects <b>sock</b> to the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b> and <b>BIO_SOCK_NODELAY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_listen() has <b>sock</b> start listening on the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b>, <b>BIO_SOCK_NODELAY</b>, <b>BIO_SOCK_REUSEADDR</b> and <b>BIO_SOCK_V6_ONLY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_accept_ex() waits for an incoming connections on the given socket <b>accept_sock</b>. When it gets a connection, the address and port of the peer gets stored in <b>peer</b> if that one is non-NULL. Accept <b>options</b> may be zero or <b>BIO_SOCK_NONBLOCK</b>, and is applied on the accepted socket. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_closesocket() closes <b>sock</b>.</p>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<dl>
+
+<dt id="BIO_SOCK_KEEPALIVE">BIO_SOCK_KEEPALIVE</dt>
+<dd>
+
+<p>Enables regular sending of keep-alive messages.</p>
+
+</dd>
+<dt id="BIO_SOCK_NONBLOCK">BIO_SOCK_NONBLOCK</dt>
+<dd>
+
+<p>Sets the socket to non-blocking mode.</p>
+
+</dd>
+<dt id="BIO_SOCK_NODELAY">BIO_SOCK_NODELAY</dt>
+<dd>
+
+<p>Corresponds to <b>TCP_NODELAY</b>, and disables the Nagle algorithm. With this set, any data will be sent as soon as possible instead of being buffered until there&#39;s enough for the socket to send out in one go.</p>
+
+</dd>
+<dt id="BIO_SOCK_REUSEADDR">BIO_SOCK_REUSEADDR</dt>
+<dd>
+
+<p>Try to reuse the address and port combination for a recently closed port.</p>
+
+</dd>
+<dt id="BIO_SOCK_V6_ONLY">BIO_SOCK_V6_ONLY</dt>
+<dd>
+
+<p>When creating an IPv6 socket, make it only listen for IPv6 addresses and not IPv4 addresses mapped to IPv6.</p>
+
+</dd>
+</dl>
+
+<p>These flags are bit flags, so they are to be combined with the <code>|</code> operator, for example:</p>
+
+<pre><code> BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_socket() returns the socket number on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_bind(), BIO_connect() and BIO_listen() return 1 on success or 0 on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_accept_ex() returns the accepted socket on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gethostname(), BIO_get_port(), BIO_get_host_ip(), BIO_get_accept_socket() and BIO_accept() were deprecated in OpenSSL 1.1.0. Use the functions described above instead.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_append_filename.html b/msys2/usr/share/doc/openssl/html/man3/BIO_append_filename.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_append_filename.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_bind.html b/msys2/usr/share/doc/openssl/html/man3/BIO_bind.html
new file mode 100644
index 000000000..5f38b0655
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_bind.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_socket, BIO_bind, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket - BIO socket communication setup routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_socket(int domain, int socktype, int protocol, int options);
+ int BIO_bind(int sock, const BIO_ADDR *addr, int options);
+ int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+ int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+ int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
+ int BIO_closesocket(int sock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_socket() creates a socket in the domain <b>domain</b>, of type <b>socktype</b> and <b>protocol</b>. Socket <b>options</b> are currently unused, but is present for future use.</p>
+
+<p>BIO_bind() binds the source address and service to a socket and may be useful before calling BIO_connect(). The options may include <b>BIO_SOCK_REUSADDR</b>, which is described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_connect() connects <b>sock</b> to the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b> and <b>BIO_SOCK_NODELAY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_listen() has <b>sock</b> start listening on the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b>, <b>BIO_SOCK_NODELAY</b>, <b>BIO_SOCK_REUSEADDR</b> and <b>BIO_SOCK_V6_ONLY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_accept_ex() waits for an incoming connections on the given socket <b>accept_sock</b>. When it gets a connection, the address and port of the peer gets stored in <b>peer</b> if that one is non-NULL. Accept <b>options</b> may be zero or <b>BIO_SOCK_NONBLOCK</b>, and is applied on the accepted socket. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_closesocket() closes <b>sock</b>.</p>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<dl>
+
+<dt id="BIO_SOCK_KEEPALIVE">BIO_SOCK_KEEPALIVE</dt>
+<dd>
+
+<p>Enables regular sending of keep-alive messages.</p>
+
+</dd>
+<dt id="BIO_SOCK_NONBLOCK">BIO_SOCK_NONBLOCK</dt>
+<dd>
+
+<p>Sets the socket to non-blocking mode.</p>
+
+</dd>
+<dt id="BIO_SOCK_NODELAY">BIO_SOCK_NODELAY</dt>
+<dd>
+
+<p>Corresponds to <b>TCP_NODELAY</b>, and disables the Nagle algorithm. With this set, any data will be sent as soon as possible instead of being buffered until there&#39;s enough for the socket to send out in one go.</p>
+
+</dd>
+<dt id="BIO_SOCK_REUSEADDR">BIO_SOCK_REUSEADDR</dt>
+<dd>
+
+<p>Try to reuse the address and port combination for a recently closed port.</p>
+
+</dd>
+<dt id="BIO_SOCK_V6_ONLY">BIO_SOCK_V6_ONLY</dt>
+<dd>
+
+<p>When creating an IPv6 socket, make it only listen for IPv6 addresses and not IPv4 addresses mapped to IPv6.</p>
+
+</dd>
+</dl>
+
+<p>These flags are bit flags, so they are to be combined with the <code>|</code> operator, for example:</p>
+
+<pre><code> BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_socket() returns the socket number on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_bind(), BIO_connect() and BIO_listen() return 1 on success or 0 on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_accept_ex() returns the accepted socket on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gethostname(), BIO_get_port(), BIO_get_host_ip(), BIO_get_accept_socket() and BIO_accept() were deprecated in OpenSSL 1.1.0. Use the functions described above instead.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_callback_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_callback_ctrl.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_callback_ctrl.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_callback_fn.html b/msys2/usr/share/doc/openssl/html/man3/BIO_callback_fn.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_callback_fn.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_callback_fn_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_callback_fn_ex.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_callback_fn_ex.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_closesocket.html b/msys2/usr/share/doc/openssl/html/man3/BIO_closesocket.html
new file mode 100644
index 000000000..5f38b0655
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_closesocket.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_socket, BIO_bind, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket - BIO socket communication setup routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_socket(int domain, int socktype, int protocol, int options);
+ int BIO_bind(int sock, const BIO_ADDR *addr, int options);
+ int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+ int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+ int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
+ int BIO_closesocket(int sock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_socket() creates a socket in the domain <b>domain</b>, of type <b>socktype</b> and <b>protocol</b>. Socket <b>options</b> are currently unused, but is present for future use.</p>
+
+<p>BIO_bind() binds the source address and service to a socket and may be useful before calling BIO_connect(). The options may include <b>BIO_SOCK_REUSADDR</b>, which is described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_connect() connects <b>sock</b> to the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b> and <b>BIO_SOCK_NODELAY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_listen() has <b>sock</b> start listening on the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b>, <b>BIO_SOCK_NODELAY</b>, <b>BIO_SOCK_REUSEADDR</b> and <b>BIO_SOCK_V6_ONLY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_accept_ex() waits for an incoming connections on the given socket <b>accept_sock</b>. When it gets a connection, the address and port of the peer gets stored in <b>peer</b> if that one is non-NULL. Accept <b>options</b> may be zero or <b>BIO_SOCK_NONBLOCK</b>, and is applied on the accepted socket. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_closesocket() closes <b>sock</b>.</p>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<dl>
+
+<dt id="BIO_SOCK_KEEPALIVE">BIO_SOCK_KEEPALIVE</dt>
+<dd>
+
+<p>Enables regular sending of keep-alive messages.</p>
+
+</dd>
+<dt id="BIO_SOCK_NONBLOCK">BIO_SOCK_NONBLOCK</dt>
+<dd>
+
+<p>Sets the socket to non-blocking mode.</p>
+
+</dd>
+<dt id="BIO_SOCK_NODELAY">BIO_SOCK_NODELAY</dt>
+<dd>
+
+<p>Corresponds to <b>TCP_NODELAY</b>, and disables the Nagle algorithm. With this set, any data will be sent as soon as possible instead of being buffered until there&#39;s enough for the socket to send out in one go.</p>
+
+</dd>
+<dt id="BIO_SOCK_REUSEADDR">BIO_SOCK_REUSEADDR</dt>
+<dd>
+
+<p>Try to reuse the address and port combination for a recently closed port.</p>
+
+</dd>
+<dt id="BIO_SOCK_V6_ONLY">BIO_SOCK_V6_ONLY</dt>
+<dd>
+
+<p>When creating an IPv6 socket, make it only listen for IPv6 addresses and not IPv4 addresses mapped to IPv6.</p>
+
+</dd>
+</dl>
+
+<p>These flags are bit flags, so they are to be combined with the <code>|</code> operator, for example:</p>
+
+<pre><code> BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_socket() returns the socket number on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_bind(), BIO_connect() and BIO_listen() return 1 on success or 0 on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_accept_ex() returns the accepted socket on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gethostname(), BIO_get_port(), BIO_get_host_ip(), BIO_get_accept_socket() and BIO_accept() were deprecated in OpenSSL 1.1.0. Use the functions described above instead.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_connect.html b/msys2/usr/share/doc/openssl/html/man3/BIO_connect.html
new file mode 100644
index 000000000..5f38b0655
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_connect.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_socket, BIO_bind, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket - BIO socket communication setup routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_socket(int domain, int socktype, int protocol, int options);
+ int BIO_bind(int sock, const BIO_ADDR *addr, int options);
+ int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+ int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+ int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
+ int BIO_closesocket(int sock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_socket() creates a socket in the domain <b>domain</b>, of type <b>socktype</b> and <b>protocol</b>. Socket <b>options</b> are currently unused, but is present for future use.</p>
+
+<p>BIO_bind() binds the source address and service to a socket and may be useful before calling BIO_connect(). The options may include <b>BIO_SOCK_REUSADDR</b>, which is described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_connect() connects <b>sock</b> to the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b> and <b>BIO_SOCK_NODELAY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_listen() has <b>sock</b> start listening on the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b>, <b>BIO_SOCK_NODELAY</b>, <b>BIO_SOCK_REUSEADDR</b> and <b>BIO_SOCK_V6_ONLY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_accept_ex() waits for an incoming connections on the given socket <b>accept_sock</b>. When it gets a connection, the address and port of the peer gets stored in <b>peer</b> if that one is non-NULL. Accept <b>options</b> may be zero or <b>BIO_SOCK_NONBLOCK</b>, and is applied on the accepted socket. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_closesocket() closes <b>sock</b>.</p>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<dl>
+
+<dt id="BIO_SOCK_KEEPALIVE">BIO_SOCK_KEEPALIVE</dt>
+<dd>
+
+<p>Enables regular sending of keep-alive messages.</p>
+
+</dd>
+<dt id="BIO_SOCK_NONBLOCK">BIO_SOCK_NONBLOCK</dt>
+<dd>
+
+<p>Sets the socket to non-blocking mode.</p>
+
+</dd>
+<dt id="BIO_SOCK_NODELAY">BIO_SOCK_NODELAY</dt>
+<dd>
+
+<p>Corresponds to <b>TCP_NODELAY</b>, and disables the Nagle algorithm. With this set, any data will be sent as soon as possible instead of being buffered until there&#39;s enough for the socket to send out in one go.</p>
+
+</dd>
+<dt id="BIO_SOCK_REUSEADDR">BIO_SOCK_REUSEADDR</dt>
+<dd>
+
+<p>Try to reuse the address and port combination for a recently closed port.</p>
+
+</dd>
+<dt id="BIO_SOCK_V6_ONLY">BIO_SOCK_V6_ONLY</dt>
+<dd>
+
+<p>When creating an IPv6 socket, make it only listen for IPv6 addresses and not IPv4 addresses mapped to IPv6.</p>
+
+</dd>
+</dl>
+
+<p>These flags are bit flags, so they are to be combined with the <code>|</code> operator, for example:</p>
+
+<pre><code> BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_socket() returns the socket number on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_bind(), BIO_connect() and BIO_listen() return 1 on success or 0 on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_accept_ex() returns the accepted socket on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gethostname(), BIO_get_port(), BIO_get_host_ip(), BIO_get_accept_socket() and BIO_accept() were deprecated in OpenSSL 1.1.0. Use the functions described above instead.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_get_read_request.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_get_read_request.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_get_read_request.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_get_write_guarantee.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_get_write_guarantee.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_get_write_guarantee.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_pending.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_pending.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_pending.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_reset_read_request.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_reset_read_request.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_reset_read_request.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_wpending.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_wpending.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ctrl_wpending.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_debug_callback.html b/msys2/usr/share/doc/openssl/html/man3/BIO_debug_callback.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_debug_callback.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_destroy_bio_pair.html b/msys2/usr/share/doc/openssl/html/man3/BIO_destroy_bio_pair.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_destroy_bio_pair.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_do_accept.html b/msys2/usr/share/doc/openssl/html/man3/BIO_do_accept.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_do_accept.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_do_connect.html b/msys2/usr/share/doc/openssl/html/man3/BIO_do_connect.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_do_connect.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_do_handshake.html b/msys2/usr/share/doc/openssl/html/man3/BIO_do_handshake.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_do_handshake.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_eof.html b/msys2/usr/share/doc/openssl/html/man3/BIO_eof.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_eof.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_f_base64.html b/msys2/usr/share/doc/openssl/html/man3/BIO_f_base64.html
new file mode 100644
index 000000000..285cd50b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_f_base64.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_base64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_base64 - base64 BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_base64(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_base64() returns the base64 BIO method. This is a filter BIO that base64 encodes any data written through it and decodes any data read through it.</p>
+
+<p>Base64 BIOs do not support BIO_gets() or BIO_puts().</p>
+
+<p>BIO_flush() on a base64 BIO that is being written through is used to signal that no more data is to be encoded: this is used to flush the final block through the BIO.</p>
+
+<p>The flag BIO_FLAGS_BASE64_NO_NL can be set with BIO_set_flags() to encode the data all on one line or expect the data to be all on one line.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Because of the format of base64 encoding the end of the encoded block cannot always be reliably determined.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_base64() returns the base64 BIO method.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Base64 encode the string &quot;Hello World\n&quot; and write the result to standard output:</p>
+
+<pre><code> BIO *bio, *b64;
+ char message[] = &quot;Hello World \n&quot;;
+
+ b64 = BIO_new(BIO_f_base64());
+ bio = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_push(b64, bio);
+ BIO_write(b64, message, strlen(message));
+ BIO_flush(b64);
+
+ BIO_free_all(b64);</code></pre>
+
+<p>Read Base64 encoded data from standard input and write the decoded data to standard output:</p>
+
+<pre><code> BIO *bio, *b64, *bio_out;
+ char inbuf[512];
+ int inlen;
+
+ b64 = BIO_new(BIO_f_base64());
+ bio = BIO_new_fp(stdin, BIO_NOCLOSE);
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_push(b64, bio);
+ while ((inlen = BIO_read(b64, inbuf, 512)) &gt; 0)
+     BIO_write(bio_out, inbuf, inlen);
+
+ BIO_flush(bio_out);
+ BIO_free_all(b64);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguity of EOF in base64 encoded data can cause additional data following the base64 encoded block to be misinterpreted.</p>
+
+<p>There should be some way of specifying a test that the BIO can perform to reliably determine EOF (for example a MIME boundary).</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_f_buffer.html b/msys2/usr/share/doc/openssl/html/man3/BIO_f_buffer.html
new file mode 100644
index 000000000..10477380d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_f_buffer.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_buffer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_buffer_num_lines, BIO_set_read_buffer_size, BIO_set_write_buffer_size, BIO_set_buffer_size, BIO_set_buffer_read_data, BIO_f_buffer - buffering BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_f_buffer(void);
+
+ long BIO_get_buffer_num_lines(BIO *b);
+ long BIO_set_read_buffer_size(BIO *b, long size);
+ long BIO_set_write_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_read_data(BIO *b, void *buf, long num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>Data written to a buffering BIO is buffered and periodically written to the next BIO in the chain. Data read from a buffering BIO comes from an internal buffer which is filled from the next BIO in the chain. Both BIO_gets() and BIO_puts() are supported.</p>
+
+<p>Calling BIO_reset() on a buffering BIO clears any buffered data.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines currently buffered.</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() set the read, write or both read and write buffer sizes to <b>size</b>. The initial buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared when the buffer is resized.</p>
+
+<p>BIO_set_buffer_read_data() clears the read buffer and fills it with <b>num</b> bytes of <b>buf</b>. If <b>num</b> is larger than the current buffer size the buffer is expanded.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions, other than BIO_f_buffer(), are implemented as macros.</p>
+
+<p>Buffering BIOs implement BIO_gets() by using BIO_read_ex() operations on the next BIO in the chain. By prepending a buffering BIO to a chain it is therefore possible to provide BIO_gets() functionality if the following BIOs do not support it (for example SSL BIOs).</p>
+
+<p>Data is only written to the next BIO in the chain when the write buffer fills or when BIO_flush() is called. It is therefore important to call BIO_flush() whenever any pending data should be written such as when removing a buffering BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate source/sink BIO is non blocking.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() return 1 if the buffer was successfully resized or 0 for failure.</p>
+
+<p>BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if there was an error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_pop.html">BIO_pop(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_f_cipher.html b/msys2/usr/share/doc/openssl/html/man3/BIO_f_cipher.html
new file mode 100644
index 000000000..c344c9ade
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_f_cipher.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_cipher(void);
+ void BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher,
+                     unsigned char *key, unsigned char *iv, int enc);
+ int BIO_get_cipher_status(BIO *b)
+ int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_cipher() returns the cipher BIO method. This is a filter BIO that encrypts any data written through it, and decrypts any data read from it. It is a BIO wrapper for the cipher routines EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().</p>
+
+<p>Cipher BIOs do not support BIO_gets() or BIO_puts().</p>
+
+<p>BIO_flush() on an encryption BIO that is being written through is used to signal that no more data is to be encrypted: this is used to flush and possibly pad the final block through the BIO.</p>
+
+<p>BIO_set_cipher() sets the cipher of BIO <b>b</b> to <b>cipher</b> using key <b>key</b> and IV <b>iv</b>. <b>enc</b> should be set to 1 for encryption and zero for decryption.</p>
+
+<p>When reading from an encryption BIO the final block is automatically decrypted and checked when EOF is detected. BIO_get_cipher_status() is a BIO_ctrl() macro which can be called to determine whether the decryption operation was successful.</p>
+
+<p>BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal BIO cipher context. The retrieved context can be used in conjunction with the standard cipher routines to set it up. This is useful when BIO_set_cipher() is not flexible enough for the applications needs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When encrypting BIO_flush() <b>must</b> be called to flush the final block through the BIO. If it is not then the final block will fail a subsequent decrypt.</p>
+
+<p>When decrypting an error on the final block is signaled by a zero return value from the read operation. A successful decrypt followed by EOF will also return zero for the final read. BIO_get_cipher_status() should be called to determine if the decrypt was successful.</p>
+
+<p>As always, if BIO_gets() or BIO_puts() support is needed then it can be achieved by preceding the cipher BIO with a buffering BIO.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_cipher() returns the cipher BIO method.</p>
+
+<p>BIO_set_cipher() does not return a value.</p>
+
+<p>BIO_get_cipher_status() returns 1 for a successful decrypt and 0 for failure.</p>
+
+<p>BIO_get_cipher_ctx() currently always returns 1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_f_md.html b/msys2/usr/share/doc/openssl/html/man3/BIO_f_md.html
new file mode 100644
index 000000000..8ffe30797
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_f_md.html
@@ -0,0 +1,156 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_md(void);
+ int BIO_set_md(BIO *b, EVP_MD *md);
+ int BIO_get_md(BIO *b, EVP_MD **mdp);
+ int BIO_get_md_ctx(BIO *b, EVP_MD_CTX **mdcp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_md() returns the message digest BIO method. This is a filter BIO that digests any data passed through it, it is a BIO wrapper for the digest routines EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal().</p>
+
+<p>Any data written or read through a digest BIO using BIO_read_ex() and BIO_write_ex() is digested.</p>
+
+<p>BIO_gets(), if its <b>size</b> parameter is large enough finishes the digest calculation and returns the digest value. BIO_puts() is not supported.</p>
+
+<p>BIO_reset() reinitialises a digest BIO.</p>
+
+<p>BIO_set_md() sets the message digest of BIO <b>b</b> to <b>md</b>: this must be called to initialize a digest BIO before any data is passed through it. It is a BIO_ctrl() macro.</p>
+
+<p>BIO_get_md() places the a pointer to the digest BIOs digest method in <b>mdp</b>, it is a BIO_ctrl() macro.</p>
+
+<p>BIO_get_md_ctx() returns the digest BIOs context into <b>mdcp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The context returned by BIO_get_md_ctx() can be used in calls to EVP_DigestFinal() and also the signature routines EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>The context returned by BIO_get_md_ctx() is an internal context structure. Changes made to this context will affect the digest BIO itself and the context pointer will become invalid when the digest BIO is freed.</p>
+
+<p>After the digest has been retrieved from a digest BIO it must be reinitialized by calling BIO_reset(), or BIO_set_md() before any more data is passed through it.</p>
+
+<p>If an application needs to call BIO_gets() or BIO_puts() through a chain containing digest BIOs then this can be done by prepending a buffering BIO.</p>
+
+<p>Calling BIO_get_md_ctx() will return the context and initialize the BIO state. This allows applications to initialize the context externally if the standard calls such as BIO_set_md() are not sufficiently flexible.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_md() returns the digest BIO method.</p>
+
+<p>BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and 0 for failure.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example creates a BIO chain containing an SHA1 and MD5 digest BIO and passes the string &quot;Hello World&quot; through it. Error checking has been omitted for clarity.</p>
+
+<pre><code> BIO *bio, *mdtmp;
+ char message[] = &quot;Hello World&quot;;
+
+ bio = BIO_new(BIO_s_null());
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ /*
+  * For BIO_push() we want to append the sink BIO and keep a note of
+  * the start of the chain.
+  */
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ /* Note: mdtmp can now be discarded */
+ BIO_write(bio, message, strlen(message));</code></pre>
+
+<p>The next example digests data by reading through a chain instead:</p>
+
+<pre><code> BIO *bio, *mdtmp;
+ char buf[1024];
+ int rdlen;
+
+ bio = BIO_new_file(file, &quot;rb&quot;);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ do {
+     rdlen = BIO_read(bio, buf, sizeof(buf));
+     /* Might want to do something with the data here */
+ } while (rdlen &gt; 0);</code></pre>
+
+<p>This next example retrieves the message digests from a BIO chain and outputs them. This could be used with the examples above.</p>
+
+<pre><code> BIO *mdtmp;
+ unsigned char mdbuf[EVP_MAX_MD_SIZE];
+ int mdlen;
+ int i;
+
+ mdtmp = bio;   /* Assume bio has previously been set up */
+ do {
+     EVP_MD *md;
+
+     mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
+     if (!mdtmp)
+         break;
+     BIO_get_md(mdtmp, &amp;md);
+     printf(&quot;%s digest&quot;, OBJ_nid2sn(EVP_MD_type(md)));
+     mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
+     for (i = 0; i &lt; mdlen; i++) printf(&quot;:%02X&quot;, mdbuf[i]);
+     printf(&quot;\n&quot;);
+     mdtmp = BIO_next(mdtmp);
+ } while (mdtmp);
+
+ BIO_free_all(bio);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The lack of support for BIO_puts() and the non standard behaviour of BIO_gets() could be regarded as anomalous. It could be argued that BIO_gets() and BIO_puts() should be passed to the next BIO in the chain and digest the data passed through and that digests should be retrieved using a separate BIO_ctrl() call.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.0.0., the call to BIO_get_md_ctx() would only work if the BIO was initialized first.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_f_null.html b/msys2/usr/share/doc/openssl/html/man3/BIO_f_null.html
new file mode 100644
index 000000000..2dd15a7fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_f_null.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_null</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_null - null filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_f_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_null() returns the null filter BIO method. This is a filter BIO that does nothing.</p>
+
+<p>All requests to a null filter BIO are passed through to the next BIO in the chain: this means that a BIO chain containing a null filter BIO behaves just as though the BIO was not there.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>As may be apparent a null filter BIO is not particularly useful.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_null() returns the null filter BIO method.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_f_ssl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_f_ssl.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_f_ssl.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_find_type.html b/msys2/usr/share/doc/openssl/html/man3/BIO_find_type.html
new file mode 100644
index 000000000..6263679f5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_find_type.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_find_type</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_find_type, BIO_next, BIO_method_type - BIO chain traversal</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *BIO_find_type(BIO *b, int bio_type);
+ BIO *BIO_next(BIO *b);
+ int BIO_method_type(const BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_find_type() searches for a BIO of a given type in a chain, starting at BIO <b>b</b>. If <b>type</b> is a specific type (such as <b>BIO_TYPE_MEM</b>) then a search is made for a BIO of that type. If <b>type</b> is a general type (such as <b>BIO_TYPE_SOURCE_SINK</b>) then the next matching BIO of the given general type is searched for. BIO_find_type() returns the next matching BIO or NULL if none is found.</p>
+
+<p>The following general types are defined: <b>BIO_TYPE_DESCRIPTOR</b>, <b>BIO_TYPE_FILTER</b>, and <b>BIO_TYPE_SOURCE_SINK</b>.</p>
+
+<p>For a list of the specific types, see the <b>openssl/bio.h</b> header file.</p>
+
+<p>BIO_next() returns the next BIO in a chain. It can be used to traverse all BIOs in a chain or used in conjunction with BIO_find_type() to find all BIOs of a certain type.</p>
+
+<p>BIO_method_type() returns the type of a BIO.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_find_type() returns a matching BIO or NULL for no match.</p>
+
+<p>BIO_next() returns the next BIO in a chain.</p>
+
+<p>BIO_method_type() returns the type of the BIO <b>b</b>.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Traverse a chain looking for digest BIOs:</p>
+
+<pre><code> BIO *btmp;
+
+ btmp = in_bio; /* in_bio is chain to search through */
+ do {
+     btmp = BIO_find_type(btmp, BIO_TYPE_MD);
+     if (btmp == NULL)
+         break; /* Not found */
+     /* btmp is a digest BIO, do something with it ...*/
+     ...
+
+     btmp = BIO_next(btmp);
+ } while (btmp);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_flush.html b/msys2/usr/share/doc/openssl/html/man3/BIO_flush.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_flush.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_free.html b/msys2/usr/share/doc/openssl/html/man3/BIO_free.html
new file mode 100644
index 000000000..0469d0f84
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_free.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_new, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and freeing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *  BIO_new(const BIO_METHOD *type);
+ int    BIO_up_ref(BIO *a);
+ int    BIO_free(BIO *a);
+ void   BIO_vfree(BIO *a);
+ void   BIO_free_all(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_new() function returns a new BIO using method <b>type</b>.</p>
+
+<p>BIO_up_ref() increments the reference count associated with the BIO object.</p>
+
+<p>BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO but it does not return a value. If <b>a</b> is NULL nothing is done. Calling BIO_free() may also have some effect on the underlying I/O structure, for example it may close the file being referred to under certain circumstances. For more details see the individual BIO_METHOD descriptions.</p>
+
+<p>BIO_free_all() frees up an entire BIO chain, it does not halt if an error occurs freeing up an individual BIO in the chain. If <b>a</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new() returns a newly created BIO or NULL if the call fails.</p>
+
+<p>BIO_up_ref() and BIO_free() return 1 for success and 0 for failure.</p>
+
+<p>BIO_free_all() and BIO_vfree() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If BIO_free() is called on a BIO chain it will only free one BIO resulting in a memory leak.</p>
+
+<p>Calling BIO_free_all() on a single BIO has the same effect as calling BIO_free() on it other than the discarded return value.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set() was removed in OpenSSL 1.1.0 as BIO type is now opaque.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_free_all.html b/msys2/usr/share/doc/openssl/html/man3/BIO_free_all.html
new file mode 100644
index 000000000..0469d0f84
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_free_all.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_new, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and freeing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *  BIO_new(const BIO_METHOD *type);
+ int    BIO_up_ref(BIO *a);
+ int    BIO_free(BIO *a);
+ void   BIO_vfree(BIO *a);
+ void   BIO_free_all(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_new() function returns a new BIO using method <b>type</b>.</p>
+
+<p>BIO_up_ref() increments the reference count associated with the BIO object.</p>
+
+<p>BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO but it does not return a value. If <b>a</b> is NULL nothing is done. Calling BIO_free() may also have some effect on the underlying I/O structure, for example it may close the file being referred to under certain circumstances. For more details see the individual BIO_METHOD descriptions.</p>
+
+<p>BIO_free_all() frees up an entire BIO chain, it does not halt if an error occurs freeing up an individual BIO in the chain. If <b>a</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new() returns a newly created BIO or NULL if the call fails.</p>
+
+<p>BIO_up_ref() and BIO_free() return 1 for success and 0 for failure.</p>
+
+<p>BIO_free_all() and BIO_vfree() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If BIO_free() is called on a BIO chain it will only free one BIO resulting in a memory leak.</p>
+
+<p>Calling BIO_free_all() on a single BIO has the same effect as calling BIO_free() on it other than the discarded return value.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set() was removed in OpenSSL 1.1.0 as BIO type is now opaque.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_ip_family.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_ip_family.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_ip_family.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_name.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_name.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_name.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_port.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_port.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_accept_port.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_bind_mode.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_bind_mode.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_bind_mode.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_buffer_num_lines.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_buffer_num_lines.html
new file mode 100644
index 000000000..10477380d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_buffer_num_lines.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_buffer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_buffer_num_lines, BIO_set_read_buffer_size, BIO_set_write_buffer_size, BIO_set_buffer_size, BIO_set_buffer_read_data, BIO_f_buffer - buffering BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_f_buffer(void);
+
+ long BIO_get_buffer_num_lines(BIO *b);
+ long BIO_set_read_buffer_size(BIO *b, long size);
+ long BIO_set_write_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_read_data(BIO *b, void *buf, long num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>Data written to a buffering BIO is buffered and periodically written to the next BIO in the chain. Data read from a buffering BIO comes from an internal buffer which is filled from the next BIO in the chain. Both BIO_gets() and BIO_puts() are supported.</p>
+
+<p>Calling BIO_reset() on a buffering BIO clears any buffered data.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines currently buffered.</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() set the read, write or both read and write buffer sizes to <b>size</b>. The initial buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared when the buffer is resized.</p>
+
+<p>BIO_set_buffer_read_data() clears the read buffer and fills it with <b>num</b> bytes of <b>buf</b>. If <b>num</b> is larger than the current buffer size the buffer is expanded.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions, other than BIO_f_buffer(), are implemented as macros.</p>
+
+<p>Buffering BIOs implement BIO_gets() by using BIO_read_ex() operations on the next BIO in the chain. By prepending a buffering BIO to a chain it is therefore possible to provide BIO_gets() functionality if the following BIOs do not support it (for example SSL BIOs).</p>
+
+<p>Data is only written to the next BIO in the chain when the write buffer fills or when BIO_flush() is called. It is therefore important to call BIO_flush() whenever any pending data should be written such as when removing a buffering BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate source/sink BIO is non blocking.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() return 1 if the buffer was successfully resized or 0 for failure.</p>
+
+<p>BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if there was an error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_pop.html">BIO_pop(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback_arg.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback_arg.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback_arg.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback_ex.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_callback_ex.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_cipher_ctx.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_cipher_ctx.html
new file mode 100644
index 000000000..c344c9ade
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_cipher_ctx.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_cipher(void);
+ void BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher,
+                     unsigned char *key, unsigned char *iv, int enc);
+ int BIO_get_cipher_status(BIO *b)
+ int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_cipher() returns the cipher BIO method. This is a filter BIO that encrypts any data written through it, and decrypts any data read from it. It is a BIO wrapper for the cipher routines EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().</p>
+
+<p>Cipher BIOs do not support BIO_gets() or BIO_puts().</p>
+
+<p>BIO_flush() on an encryption BIO that is being written through is used to signal that no more data is to be encrypted: this is used to flush and possibly pad the final block through the BIO.</p>
+
+<p>BIO_set_cipher() sets the cipher of BIO <b>b</b> to <b>cipher</b> using key <b>key</b> and IV <b>iv</b>. <b>enc</b> should be set to 1 for encryption and zero for decryption.</p>
+
+<p>When reading from an encryption BIO the final block is automatically decrypted and checked when EOF is detected. BIO_get_cipher_status() is a BIO_ctrl() macro which can be called to determine whether the decryption operation was successful.</p>
+
+<p>BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal BIO cipher context. The retrieved context can be used in conjunction with the standard cipher routines to set it up. This is useful when BIO_set_cipher() is not flexible enough for the applications needs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When encrypting BIO_flush() <b>must</b> be called to flush the final block through the BIO. If it is not then the final block will fail a subsequent decrypt.</p>
+
+<p>When decrypting an error on the final block is signaled by a zero return value from the read operation. A successful decrypt followed by EOF will also return zero for the final read. BIO_get_cipher_status() should be called to determine if the decrypt was successful.</p>
+
+<p>As always, if BIO_gets() or BIO_puts() support is needed then it can be achieved by preceding the cipher BIO with a buffering BIO.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_cipher() returns the cipher BIO method.</p>
+
+<p>BIO_set_cipher() does not return a value.</p>
+
+<p>BIO_get_cipher_status() returns 1 for a successful decrypt and 0 for failure.</p>
+
+<p>BIO_get_cipher_ctx() currently always returns 1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_cipher_status.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_cipher_status.html
new file mode 100644
index 000000000..c344c9ade
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_cipher_status.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_cipher(void);
+ void BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher,
+                     unsigned char *key, unsigned char *iv, int enc);
+ int BIO_get_cipher_status(BIO *b)
+ int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_cipher() returns the cipher BIO method. This is a filter BIO that encrypts any data written through it, and decrypts any data read from it. It is a BIO wrapper for the cipher routines EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().</p>
+
+<p>Cipher BIOs do not support BIO_gets() or BIO_puts().</p>
+
+<p>BIO_flush() on an encryption BIO that is being written through is used to signal that no more data is to be encrypted: this is used to flush and possibly pad the final block through the BIO.</p>
+
+<p>BIO_set_cipher() sets the cipher of BIO <b>b</b> to <b>cipher</b> using key <b>key</b> and IV <b>iv</b>. <b>enc</b> should be set to 1 for encryption and zero for decryption.</p>
+
+<p>When reading from an encryption BIO the final block is automatically decrypted and checked when EOF is detected. BIO_get_cipher_status() is a BIO_ctrl() macro which can be called to determine whether the decryption operation was successful.</p>
+
+<p>BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal BIO cipher context. The retrieved context can be used in conjunction with the standard cipher routines to set it up. This is useful when BIO_set_cipher() is not flexible enough for the applications needs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When encrypting BIO_flush() <b>must</b> be called to flush the final block through the BIO. If it is not then the final block will fail a subsequent decrypt.</p>
+
+<p>When decrypting an error on the final block is signaled by a zero return value from the read operation. A successful decrypt followed by EOF will also return zero for the final read. BIO_get_cipher_status() should be called to determine if the decrypt was successful.</p>
+
+<p>As always, if BIO_gets() or BIO_puts() support is needed then it can be achieved by preceding the cipher BIO with a buffering BIO.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_cipher() returns the cipher BIO method.</p>
+
+<p>BIO_set_cipher() does not return a value.</p>
+
+<p>BIO_get_cipher_status() returns 1 for a successful decrypt and 0 for failure.</p>
+
+<p>BIO_get_cipher_ctx() currently always returns 1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_close.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_close.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_close.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_address.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_address.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_address.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_hostname.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_hostname.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_hostname.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_ip_family.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_ip_family.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_ip_family.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_port.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_port.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_conn_port.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_data.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_data.html
new file mode 100644
index 000000000..920691bbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_data.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_data, BIO_get_data, BIO_set_init, BIO_get_init, BIO_set_shutdown, BIO_get_shutdown - functions for managing BIO state information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ void BIO_set_data(BIO *a, void *ptr);
+ void *BIO_get_data(BIO *a);
+ void BIO_set_init(BIO *a, int init);
+ int BIO_get_init(BIO *a);
+ void BIO_set_shutdown(BIO *a, int shut);
+ int BIO_get_shutdown(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are mainly useful when implementing a custom BIO.</p>
+
+<p>The BIO_set_data() function associates the custom data pointed to by <b>ptr</b> with the BIO. This data can subsequently be retrieved via a call to BIO_get_data(). This can be used by custom BIOs for storing implementation specific information.</p>
+
+<p>The BIO_set_init() function sets the value of the BIO&#39;s &quot;init&quot; flag to indicate whether initialisation has been completed for this BIO or not. A non-zero value indicates that initialisation is complete, whilst zero indicates that it is not. Often initialisation will complete during initial construction of the BIO. For some BIOs however, initialisation may not complete until after additional steps have occurred (for example through calling custom ctrls). The BIO_get_init() function returns the value of the &quot;init&quot; flag.</p>
+
+<p>The BIO_set_shutdown() and BIO_get_shutdown() functions set and get the state of this BIO&#39;s shutdown (i.e. BIO_CLOSE) flag. If set then the underlying resource is also closed when the BIO is freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_data() returns a pointer to the implementation specific custom data associated with this BIO, or NULL if none has been set.</p>
+
+<p>BIO_get_init() returns the state of the BIO&#39;s init flag.</p>
+
+<p>BIO_get_shutdown() returns the stat of the BIO&#39;s shutdown (i.e. BIO_CLOSE) flag.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_meth_new.html">BIO_meth_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_fd.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_fd.html
new file mode 100644
index 000000000..2e57de134
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_fd.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd - file descriptor BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_fd(void);
+
+ int BIO_set_fd(BIO *b, int fd, int c);
+ int BIO_get_fd(BIO *b, int *c);
+
+ BIO *BIO_new_fd(int fd, int close_flag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_fd() returns the file descriptor BIO method. This is a wrapper round the platforms file descriptor routines such as read() and write().</p>
+
+<p>BIO_read_ex() and BIO_write_ex() read or write the underlying descriptor. BIO_puts() is supported but BIO_gets() is not.</p>
+
+<p>If the close flag is set then close() is called on the underlying file descriptor when the BIO is freed.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file such as by using <b>lseek(fd, 0, 0)</b>.</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file such as by using <b>lseek(fd, ofs, 0)</b>.</p>
+
+<p>BIO_tell() returns the current file position such as by calling <b>lseek(fd, 0, 1)</b>.</p>
+
+<p>BIO_set_fd() sets the file descriptor of BIO <b>b</b> to <b>fd</b> and the close flag to <b>c</b>.</p>
+
+<p>BIO_get_fd() places the file descriptor in <b>c</b> if it is not NULL, it also returns the file descriptor.</p>
+
+<p>BIO_new_fd() returns a file descriptor BIO using <b>fd</b> and <b>close_flag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of BIO_read_ex() and BIO_write_ex() depends on the behavior of the platforms read() and write() calls on the descriptor. If the underlying file descriptor is in a non blocking mode then the BIO will behave in the manner described in the <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a> and <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> manual pages.</p>
+
+<p>File descriptor BIOs should not be used for socket I/O. Use socket BIOs instead.</p>
+
+<p>BIO_set_fd() and BIO_get_fd() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_fd() returns the file descriptor BIO method.</p>
+
+<p>BIO_set_fd() always returns 1.</p>
+
+<p>BIO_get_fd() returns the file descriptor or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_new_fd() returns the newly allocated BIO or NULL is an error occurred.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is a file descriptor BIO version of &quot;Hello World&quot;:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_fd(fileno(stdout), BIO_NOCLOSE);
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_fp.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_fp.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_fp.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_info_callback.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_info_callback.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_info_callback.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_init.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_init.html
new file mode 100644
index 000000000..920691bbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_init.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_data, BIO_get_data, BIO_set_init, BIO_get_init, BIO_set_shutdown, BIO_get_shutdown - functions for managing BIO state information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ void BIO_set_data(BIO *a, void *ptr);
+ void *BIO_get_data(BIO *a);
+ void BIO_set_init(BIO *a, int init);
+ int BIO_get_init(BIO *a);
+ void BIO_set_shutdown(BIO *a, int shut);
+ int BIO_get_shutdown(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are mainly useful when implementing a custom BIO.</p>
+
+<p>The BIO_set_data() function associates the custom data pointed to by <b>ptr</b> with the BIO. This data can subsequently be retrieved via a call to BIO_get_data(). This can be used by custom BIOs for storing implementation specific information.</p>
+
+<p>The BIO_set_init() function sets the value of the BIO&#39;s &quot;init&quot; flag to indicate whether initialisation has been completed for this BIO or not. A non-zero value indicates that initialisation is complete, whilst zero indicates that it is not. Often initialisation will complete during initial construction of the BIO. For some BIOs however, initialisation may not complete until after additional steps have occurred (for example through calling custom ctrls). The BIO_get_init() function returns the value of the &quot;init&quot; flag.</p>
+
+<p>The BIO_set_shutdown() and BIO_get_shutdown() functions set and get the state of this BIO&#39;s shutdown (i.e. BIO_CLOSE) flag. If set then the underlying resource is also closed when the BIO is freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_data() returns a pointer to the implementation specific custom data associated with this BIO, or NULL if none has been set.</p>
+
+<p>BIO_get_init() returns the state of the BIO&#39;s init flag.</p>
+
+<p>BIO_get_shutdown() returns the stat of the BIO&#39;s shutdown (i.e. BIO_CLOSE) flag.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_meth_new.html">BIO_meth_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_md.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_md.html
new file mode 100644
index 000000000..8ffe30797
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_md.html
@@ -0,0 +1,156 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_md(void);
+ int BIO_set_md(BIO *b, EVP_MD *md);
+ int BIO_get_md(BIO *b, EVP_MD **mdp);
+ int BIO_get_md_ctx(BIO *b, EVP_MD_CTX **mdcp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_md() returns the message digest BIO method. This is a filter BIO that digests any data passed through it, it is a BIO wrapper for the digest routines EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal().</p>
+
+<p>Any data written or read through a digest BIO using BIO_read_ex() and BIO_write_ex() is digested.</p>
+
+<p>BIO_gets(), if its <b>size</b> parameter is large enough finishes the digest calculation and returns the digest value. BIO_puts() is not supported.</p>
+
+<p>BIO_reset() reinitialises a digest BIO.</p>
+
+<p>BIO_set_md() sets the message digest of BIO <b>b</b> to <b>md</b>: this must be called to initialize a digest BIO before any data is passed through it. It is a BIO_ctrl() macro.</p>
+
+<p>BIO_get_md() places the a pointer to the digest BIOs digest method in <b>mdp</b>, it is a BIO_ctrl() macro.</p>
+
+<p>BIO_get_md_ctx() returns the digest BIOs context into <b>mdcp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The context returned by BIO_get_md_ctx() can be used in calls to EVP_DigestFinal() and also the signature routines EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>The context returned by BIO_get_md_ctx() is an internal context structure. Changes made to this context will affect the digest BIO itself and the context pointer will become invalid when the digest BIO is freed.</p>
+
+<p>After the digest has been retrieved from a digest BIO it must be reinitialized by calling BIO_reset(), or BIO_set_md() before any more data is passed through it.</p>
+
+<p>If an application needs to call BIO_gets() or BIO_puts() through a chain containing digest BIOs then this can be done by prepending a buffering BIO.</p>
+
+<p>Calling BIO_get_md_ctx() will return the context and initialize the BIO state. This allows applications to initialize the context externally if the standard calls such as BIO_set_md() are not sufficiently flexible.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_md() returns the digest BIO method.</p>
+
+<p>BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and 0 for failure.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example creates a BIO chain containing an SHA1 and MD5 digest BIO and passes the string &quot;Hello World&quot; through it. Error checking has been omitted for clarity.</p>
+
+<pre><code> BIO *bio, *mdtmp;
+ char message[] = &quot;Hello World&quot;;
+
+ bio = BIO_new(BIO_s_null());
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ /*
+  * For BIO_push() we want to append the sink BIO and keep a note of
+  * the start of the chain.
+  */
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ /* Note: mdtmp can now be discarded */
+ BIO_write(bio, message, strlen(message));</code></pre>
+
+<p>The next example digests data by reading through a chain instead:</p>
+
+<pre><code> BIO *bio, *mdtmp;
+ char buf[1024];
+ int rdlen;
+
+ bio = BIO_new_file(file, &quot;rb&quot;);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ do {
+     rdlen = BIO_read(bio, buf, sizeof(buf));
+     /* Might want to do something with the data here */
+ } while (rdlen &gt; 0);</code></pre>
+
+<p>This next example retrieves the message digests from a BIO chain and outputs them. This could be used with the examples above.</p>
+
+<pre><code> BIO *mdtmp;
+ unsigned char mdbuf[EVP_MAX_MD_SIZE];
+ int mdlen;
+ int i;
+
+ mdtmp = bio;   /* Assume bio has previously been set up */
+ do {
+     EVP_MD *md;
+
+     mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
+     if (!mdtmp)
+         break;
+     BIO_get_md(mdtmp, &amp;md);
+     printf(&quot;%s digest&quot;, OBJ_nid2sn(EVP_MD_type(md)));
+     mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
+     for (i = 0; i &lt; mdlen; i++) printf(&quot;:%02X&quot;, mdbuf[i]);
+     printf(&quot;\n&quot;);
+     mdtmp = BIO_next(mdtmp);
+ } while (mdtmp);
+
+ BIO_free_all(bio);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The lack of support for BIO_puts() and the non standard behaviour of BIO_gets() could be regarded as anomalous. It could be argued that BIO_gets() and BIO_puts() should be passed to the next BIO in the chain and digest the data passed through and that digests should be retrieved using a separate BIO_ctrl() call.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.0.0., the call to BIO_get_md_ctx() would only work if the BIO was initialized first.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_md_ctx.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_md_ctx.html
new file mode 100644
index 000000000..8ffe30797
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_md_ctx.html
@@ -0,0 +1,156 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_md(void);
+ int BIO_set_md(BIO *b, EVP_MD *md);
+ int BIO_get_md(BIO *b, EVP_MD **mdp);
+ int BIO_get_md_ctx(BIO *b, EVP_MD_CTX **mdcp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_md() returns the message digest BIO method. This is a filter BIO that digests any data passed through it, it is a BIO wrapper for the digest routines EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal().</p>
+
+<p>Any data written or read through a digest BIO using BIO_read_ex() and BIO_write_ex() is digested.</p>
+
+<p>BIO_gets(), if its <b>size</b> parameter is large enough finishes the digest calculation and returns the digest value. BIO_puts() is not supported.</p>
+
+<p>BIO_reset() reinitialises a digest BIO.</p>
+
+<p>BIO_set_md() sets the message digest of BIO <b>b</b> to <b>md</b>: this must be called to initialize a digest BIO before any data is passed through it. It is a BIO_ctrl() macro.</p>
+
+<p>BIO_get_md() places the a pointer to the digest BIOs digest method in <b>mdp</b>, it is a BIO_ctrl() macro.</p>
+
+<p>BIO_get_md_ctx() returns the digest BIOs context into <b>mdcp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The context returned by BIO_get_md_ctx() can be used in calls to EVP_DigestFinal() and also the signature routines EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>The context returned by BIO_get_md_ctx() is an internal context structure. Changes made to this context will affect the digest BIO itself and the context pointer will become invalid when the digest BIO is freed.</p>
+
+<p>After the digest has been retrieved from a digest BIO it must be reinitialized by calling BIO_reset(), or BIO_set_md() before any more data is passed through it.</p>
+
+<p>If an application needs to call BIO_gets() or BIO_puts() through a chain containing digest BIOs then this can be done by prepending a buffering BIO.</p>
+
+<p>Calling BIO_get_md_ctx() will return the context and initialize the BIO state. This allows applications to initialize the context externally if the standard calls such as BIO_set_md() are not sufficiently flexible.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_md() returns the digest BIO method.</p>
+
+<p>BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and 0 for failure.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example creates a BIO chain containing an SHA1 and MD5 digest BIO and passes the string &quot;Hello World&quot; through it. Error checking has been omitted for clarity.</p>
+
+<pre><code> BIO *bio, *mdtmp;
+ char message[] = &quot;Hello World&quot;;
+
+ bio = BIO_new(BIO_s_null());
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ /*
+  * For BIO_push() we want to append the sink BIO and keep a note of
+  * the start of the chain.
+  */
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ /* Note: mdtmp can now be discarded */
+ BIO_write(bio, message, strlen(message));</code></pre>
+
+<p>The next example digests data by reading through a chain instead:</p>
+
+<pre><code> BIO *bio, *mdtmp;
+ char buf[1024];
+ int rdlen;
+
+ bio = BIO_new_file(file, &quot;rb&quot;);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ do {
+     rdlen = BIO_read(bio, buf, sizeof(buf));
+     /* Might want to do something with the data here */
+ } while (rdlen &gt; 0);</code></pre>
+
+<p>This next example retrieves the message digests from a BIO chain and outputs them. This could be used with the examples above.</p>
+
+<pre><code> BIO *mdtmp;
+ unsigned char mdbuf[EVP_MAX_MD_SIZE];
+ int mdlen;
+ int i;
+
+ mdtmp = bio;   /* Assume bio has previously been set up */
+ do {
+     EVP_MD *md;
+
+     mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
+     if (!mdtmp)
+         break;
+     BIO_get_md(mdtmp, &amp;md);
+     printf(&quot;%s digest&quot;, OBJ_nid2sn(EVP_MD_type(md)));
+     mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
+     for (i = 0; i &lt; mdlen; i++) printf(&quot;:%02X&quot;, mdbuf[i]);
+     printf(&quot;\n&quot;);
+     mdtmp = BIO_next(mdtmp);
+ } while (mdtmp);
+
+ BIO_free_all(bio);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The lack of support for BIO_puts() and the non standard behaviour of BIO_gets() could be regarded as anomalous. It could be argued that BIO_gets() and BIO_puts() should be passed to the next BIO in the chain and digest the data passed through and that digests should be retrieved using a separate BIO_ctrl() call.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.0.0., the call to BIO_get_md_ctx() would only work if the BIO was initialized first.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_mem_data.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_mem_data.html
new file mode 100644
index 000000000..d307f64e7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_mem_data.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_mem</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_secmem, BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf, BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_mem(void);
+ const BIO_METHOD *BIO_s_secmem(void);
+
+ BIO_set_mem_eof_return(BIO *b, int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+ BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c)
+ BIO_get_mem_ptr(BIO *b, BUF_MEM **pp)
+
+ BIO *BIO_new_mem_buf(const void *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_mem() returns the memory BIO method function.</p>
+
+<p>A memory BIO is a source/sink BIO which uses memory for its I/O. Data written to a memory BIO is stored in a BUF_MEM structure which is extended as appropriate to accommodate the stored data.</p>
+
+<p>BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used for buffer storage.</p>
+
+<p>Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only any data read from it is deleted from the BIO.</p>
+
+<p>Memory BIOs support BIO_gets() and BIO_puts().</p>
+
+<p>If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying BUF_MEM structure is also freed.</p>
+
+<p>Calling BIO_reset() on a read write memory BIO clears any data in it if the flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and the data can be read again.</p>
+
+<p>BIO_eof() is true if no data is in the BIO.</p>
+
+<p>BIO_ctrl_pending() returns the number of bytes currently stored.</p>
+
+<p>BIO_set_mem_eof_return() sets the behaviour of memory BIO <b>b</b> when it is empty. If the <b>v</b> is zero then an empty memory BIO will return EOF (that is it will return zero and BIO_should_retry(b) will be false. If <b>v</b> is non zero then it will return <b>v</b> when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value <b>v</b> should be set to a negative value, typically -1.</p>
+
+<p>BIO_get_mem_data() sets *<b>pp</b> to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro.</p>
+
+<p>BIO_set_mem_buf() sets the internal BUF_MEM structure to <b>bm</b> and sets the close flag to <b>c</b>, that is <b>c</b> should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro.</p>
+
+<p>BIO_get_mem_ptr() places the underlying BUF_MEM structure in *<b>pp</b>. It is a macro.</p>
+
+<p>BIO_new_mem_buf() creates a memory BIO using <b>len</b> bytes of data at <b>buf</b>, if <b>len</b> is -1 then the <b>buf</b> is assumed to be nul terminated and its length is determined by <b>strlen</b>. The BIO is set to a read only state and as a result cannot be written to. This is useful when some data needs to be made available from a static area of memory in the form of a BIO. The supplied data is read directly from the supplied buffer: it is <b>not</b> copied first, so the supplied area of memory must be unchanged until the BIO is freed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Writes to memory BIOs will always succeed if memory is available: that is their size can grow indefinitely.</p>
+
+<p>Every read from a read write memory BIO will remove the data just read with an internal copy operation, if a BIO contains a lot of data and it is read in small chunks the operation can be very slow. The use of a read only memory BIO avoids this problem. If the BIO must be read write then adding a buffering BIO to the chain will speed up the process.</p>
+
+<p>Calling BIO_set_mem_buf() on a BIO created with BIO_new_secmem() will give undefined results, including perhaps a program crash.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option to set the maximum size of a memory BIO.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO and write some data to it:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());
+
+ BIO_puts(mem, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Create a read only memory BIO:</p>
+
+<pre><code> char data[] = &quot;Hello World&quot;;
+ BIO *mem = BIO_new_mem_buf(data, -1);</code></pre>
+
+<p>Extract the BUF_MEM structure from a memory BIO and then free up the BIO:</p>
+
+<pre><code> BUF_MEM *bptr;
+
+ BIO_get_mem_ptr(mem, &amp;bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_mem() and BIO_s_secmem() return a valid memory <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_mem_buf() returns a valid <b>BIO</b> structure on success or NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_mem_ptr.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_mem_ptr.html
new file mode 100644
index 000000000..d307f64e7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_mem_ptr.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_mem</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_secmem, BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf, BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_mem(void);
+ const BIO_METHOD *BIO_s_secmem(void);
+
+ BIO_set_mem_eof_return(BIO *b, int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+ BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c)
+ BIO_get_mem_ptr(BIO *b, BUF_MEM **pp)
+
+ BIO *BIO_new_mem_buf(const void *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_mem() returns the memory BIO method function.</p>
+
+<p>A memory BIO is a source/sink BIO which uses memory for its I/O. Data written to a memory BIO is stored in a BUF_MEM structure which is extended as appropriate to accommodate the stored data.</p>
+
+<p>BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used for buffer storage.</p>
+
+<p>Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only any data read from it is deleted from the BIO.</p>
+
+<p>Memory BIOs support BIO_gets() and BIO_puts().</p>
+
+<p>If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying BUF_MEM structure is also freed.</p>
+
+<p>Calling BIO_reset() on a read write memory BIO clears any data in it if the flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and the data can be read again.</p>
+
+<p>BIO_eof() is true if no data is in the BIO.</p>
+
+<p>BIO_ctrl_pending() returns the number of bytes currently stored.</p>
+
+<p>BIO_set_mem_eof_return() sets the behaviour of memory BIO <b>b</b> when it is empty. If the <b>v</b> is zero then an empty memory BIO will return EOF (that is it will return zero and BIO_should_retry(b) will be false. If <b>v</b> is non zero then it will return <b>v</b> when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value <b>v</b> should be set to a negative value, typically -1.</p>
+
+<p>BIO_get_mem_data() sets *<b>pp</b> to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro.</p>
+
+<p>BIO_set_mem_buf() sets the internal BUF_MEM structure to <b>bm</b> and sets the close flag to <b>c</b>, that is <b>c</b> should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro.</p>
+
+<p>BIO_get_mem_ptr() places the underlying BUF_MEM structure in *<b>pp</b>. It is a macro.</p>
+
+<p>BIO_new_mem_buf() creates a memory BIO using <b>len</b> bytes of data at <b>buf</b>, if <b>len</b> is -1 then the <b>buf</b> is assumed to be nul terminated and its length is determined by <b>strlen</b>. The BIO is set to a read only state and as a result cannot be written to. This is useful when some data needs to be made available from a static area of memory in the form of a BIO. The supplied data is read directly from the supplied buffer: it is <b>not</b> copied first, so the supplied area of memory must be unchanged until the BIO is freed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Writes to memory BIOs will always succeed if memory is available: that is their size can grow indefinitely.</p>
+
+<p>Every read from a read write memory BIO will remove the data just read with an internal copy operation, if a BIO contains a lot of data and it is read in small chunks the operation can be very slow. The use of a read only memory BIO avoids this problem. If the BIO must be read write then adding a buffering BIO to the chain will speed up the process.</p>
+
+<p>Calling BIO_set_mem_buf() on a BIO created with BIO_new_secmem() will give undefined results, including perhaps a program crash.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option to set the maximum size of a memory BIO.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO and write some data to it:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());
+
+ BIO_puts(mem, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Create a read only memory BIO:</p>
+
+<pre><code> char data[] = &quot;Hello World&quot;;
+ BIO *mem = BIO_new_mem_buf(data, -1);</code></pre>
+
+<p>Extract the BUF_MEM structure from a memory BIO and then free up the BIO:</p>
+
+<pre><code> BUF_MEM *bptr;
+
+ BIO_get_mem_ptr(mem, &amp;bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_mem() and BIO_s_secmem() return a valid memory <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_mem_buf() returns a valid <b>BIO</b> structure on success or NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_new_index.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_new_index.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_new_index.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_num_renegotiates.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_num_renegotiates.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_num_renegotiates.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_peer_name.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_peer_name.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_peer_name.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_peer_port.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_peer_port.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_peer_port.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_read_request.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_read_request.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_read_request.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_retry_BIO.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_retry_BIO.html
new file mode 100644
index 000000000..19927d973
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_retry_BIO.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_should_retry</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_should_read(BIO *b);
+ int BIO_should_write(BIO *b);
+ int BIO_should_io_special(iBIO *b);
+ int BIO_retry_type(BIO *b);
+ int BIO_should_retry(BIO *b);
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+ void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
+
+<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
+
+<p>If BIO_should_retry() is false then the cause is an error condition.</p>
+
+<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
+
+<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
+
+<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
+
+<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
+
+<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
+
+<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
+
+<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
+
+<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
+
+<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
+
+<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
+
+<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
+
+<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
+
+<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
+
+<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_retry_reason.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_retry_reason.html
new file mode 100644
index 000000000..19927d973
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_retry_reason.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_should_retry</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_should_read(BIO *b);
+ int BIO_should_write(BIO *b);
+ int BIO_should_io_special(iBIO *b);
+ int BIO_retry_type(BIO *b);
+ int BIO_should_retry(BIO *b);
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+ void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
+
+<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
+
+<p>If BIO_should_retry() is false then the cause is an error condition.</p>
+
+<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
+
+<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
+
+<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
+
+<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
+
+<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
+
+<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
+
+<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
+
+<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
+
+<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
+
+<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
+
+<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
+
+<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
+
+<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
+
+<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_shutdown.html
new file mode 100644
index 000000000..920691bbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_shutdown.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_data, BIO_get_data, BIO_set_init, BIO_get_init, BIO_set_shutdown, BIO_get_shutdown - functions for managing BIO state information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ void BIO_set_data(BIO *a, void *ptr);
+ void *BIO_get_data(BIO *a);
+ void BIO_set_init(BIO *a, int init);
+ int BIO_get_init(BIO *a);
+ void BIO_set_shutdown(BIO *a, int shut);
+ int BIO_get_shutdown(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are mainly useful when implementing a custom BIO.</p>
+
+<p>The BIO_set_data() function associates the custom data pointed to by <b>ptr</b> with the BIO. This data can subsequently be retrieved via a call to BIO_get_data(). This can be used by custom BIOs for storing implementation specific information.</p>
+
+<p>The BIO_set_init() function sets the value of the BIO&#39;s &quot;init&quot; flag to indicate whether initialisation has been completed for this BIO or not. A non-zero value indicates that initialisation is complete, whilst zero indicates that it is not. Often initialisation will complete during initial construction of the BIO. For some BIOs however, initialisation may not complete until after additional steps have occurred (for example through calling custom ctrls). The BIO_get_init() function returns the value of the &quot;init&quot; flag.</p>
+
+<p>The BIO_set_shutdown() and BIO_get_shutdown() functions set and get the state of this BIO&#39;s shutdown (i.e. BIO_CLOSE) flag. If set then the underlying resource is also closed when the BIO is freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_data() returns a pointer to the implementation specific custom data associated with this BIO, or NULL if none has been set.</p>
+
+<p>BIO_get_init() returns the state of the BIO&#39;s init flag.</p>
+
+<p>BIO_get_shutdown() returns the stat of the BIO&#39;s shutdown (i.e. BIO_CLOSE) flag.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_meth_new.html">BIO_meth_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_ssl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_ssl.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_ssl.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_write_buf_size.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_write_buf_size.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_write_buf_size.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_get_write_guarantee.html b/msys2/usr/share/doc/openssl/html/man3/BIO_get_write_guarantee.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_get_write_guarantee.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_gets.html b/msys2/usr/share/doc/openssl/html/man3/BIO_gets.html
new file mode 100644
index 000000000..c178bd7b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_gets.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_read_ex, BIO_write_ex, BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
+ int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
+
+ int BIO_read(BIO *b, void *data, int dlen);
+ int BIO_gets(BIO *b, char *buf, int size);
+ int BIO_write(BIO *b, const void *data, int dlen);
+ int BIO_puts(BIO *b, const char *buf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_read_ex() attempts to read <b>dlen</b> bytes from BIO <b>b</b> and places the data in <b>data</b>. If any bytes were successfully read then the number of bytes read is stored in <b>*readbytes</b>.</p>
+
+<p>BIO_write_ex() attempts to write <b>dlen</b> bytes from <b>data</b> to BIO <b>b</b>. If successful then the number of bytes written is stored in <b>*written</b>.</p>
+
+<p>BIO_read() attempts to read <b>len</b> bytes from BIO <b>b</b> and places the data in <b>buf</b>.</p>
+
+<p>BIO_gets() performs the BIOs &quot;gets&quot; operation and places the data in <b>buf</b>. Usually this operation will attempt to read a line of data from the BIO of maximum length <b>size-1</b>. There are exceptions to this, however; for example, BIO_gets() on a digest BIO will calculate and return the digest and other BIOs may not support BIO_gets() at all. The returned string is always NUL-terminated and the &#39;\n&#39; is preserved if present in the input data.</p>
+
+<p>BIO_write() attempts to write <b>len</b> bytes from <b>buf</b> to BIO <b>b</b>.</p>
+
+<p>BIO_puts() attempts to write a NUL-terminated string <b>buf</b> to BIO <b>b</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_read_ex() and BIO_write_ex() return 1 if data was successfully read or written, and 0 otherwise.</p>
+
+<p>All other functions return either the amount of data successfully read or written (if the return value is positive) or that no data was successfully read or written if the result is 0 or -1. If the return value is -2 then the operation is not implemented in the specific BIO type. The trailing NUL is not included in the length returned by BIO_gets().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A 0 or -1 return is not necessarily an indication of an error. In particular when the source/sink is non-blocking or of a certain type it may merely be an indication that no data is currently available and that the application should retry the operation later.</p>
+
+<p>One technique sometimes used with blocking sockets is to use a system call (such as select(), poll() or equivalent) to determine when data is available and then call read() to read the data. The equivalent with BIOs (that is call select() on the underlying I/O structure and then call BIO_read() to read the data) should <b>not</b> be used because a single call to BIO_read() can cause several reads (and writes in the case of SSL BIOs) on the underlying I/O structure and may block as a result. Instead select() (or equivalent) should be combined with non blocking I/O so successive reads will request a retry instead of blocking.</p>
+
+<p>See <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> for details of how to determine the cause of a retry and other I/O issues.</p>
+
+<p>If the BIO_gets() function is not supported by a BIO then it possible to work around this by adding a buffering BIO <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a> to the chain.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gets() on 1.1.0 and older when called on BIO_fd() based BIO does not keep the &#39;\n&#39; at the end of the line in the buffer.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_hostserv_priorities.html b/msys2/usr/share/doc/openssl/html/man3/BIO_hostserv_priorities.html
new file mode 100644
index 000000000..c71fcbaab
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_hostserv_priorities.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_parse_hostserv</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_hostserv_priorities, BIO_parse_hostserv - utility routines to parse a standard host and service string</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ enum BIO_hostserv_priorities {
+     BIO_PARSE_PRIO_HOST, BIO_PARSE_PRIO_SERV
+ };
+ int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
+                        enum BIO_hostserv_priorities hostserv_prio);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_parse_hostserv() will parse the information given in <b>hostserv</b>, create strings with the host name and service name and give those back via <b>host</b> and <b>service</b>. Those will need to be freed after they are used. <b>hostserv_prio</b> helps determine if <b>hostserv</b> shall be interpreted primarily as a host name or a service name in ambiguous cases.</p>
+
+<p>The syntax the BIO_parse_hostserv() recognises is:</p>
+
+<pre><code> host + &#39;:&#39; + service
+ host + &#39;:&#39; + &#39;*&#39;
+ host + &#39;:&#39;
+        &#39;:&#39; + service
+ &#39;*&#39;  + &#39;:&#39; + service
+ host
+ service</code></pre>
+
+<p>The host part can be a name or an IP address. If it&#39;s a IPv6 address, it MUST be enclosed in brackets, such as &#39;[::1]&#39;.</p>
+
+<p>The service part can be a service name or its port number.</p>
+
+<p>The returned values will depend on the given <b>hostserv</b> string and <b>hostserv_prio</b>, as follows:</p>
+
+<pre><code> host + &#39;:&#39; + service  =&gt; *host = &quot;host&quot;, *service = &quot;service&quot;
+ host + &#39;:&#39; + &#39;*&#39;      =&gt; *host = &quot;host&quot;, *service = NULL
+ host + &#39;:&#39;            =&gt; *host = &quot;host&quot;, *service = NULL
+        &#39;:&#39; + service  =&gt; *host = NULL, *service = &quot;service&quot;
+  &#39;*&#39; + &#39;:&#39; + service  =&gt; *host = NULL, *service = &quot;service&quot;
+
+ in case no &#39;:&#39; is present in the string, the result depends on
+ hostserv_prio, as follows:
+
+ when hostserv_prio == BIO_PARSE_PRIO_HOST
+ host                 =&gt; *host = &quot;host&quot;, *service untouched
+
+ when hostserv_prio == BIO_PARSE_PRIO_SERV
+ service              =&gt; *host untouched, *service = &quot;service&quot;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_parse_hostserv() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDRINFO.html">BIO_ADDRINFO(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_info_cb.html b/msys2/usr/share/doc/openssl/html/man3/BIO_info_cb.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_info_cb.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_int_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_int_ctrl.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_int_ctrl.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_listen.html b/msys2/usr/share/doc/openssl/html/man3/BIO_listen.html
new file mode 100644
index 000000000..5f38b0655
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_listen.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_socket, BIO_bind, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket - BIO socket communication setup routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_socket(int domain, int socktype, int protocol, int options);
+ int BIO_bind(int sock, const BIO_ADDR *addr, int options);
+ int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+ int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+ int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
+ int BIO_closesocket(int sock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_socket() creates a socket in the domain <b>domain</b>, of type <b>socktype</b> and <b>protocol</b>. Socket <b>options</b> are currently unused, but is present for future use.</p>
+
+<p>BIO_bind() binds the source address and service to a socket and may be useful before calling BIO_connect(). The options may include <b>BIO_SOCK_REUSADDR</b>, which is described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_connect() connects <b>sock</b> to the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b> and <b>BIO_SOCK_NODELAY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_listen() has <b>sock</b> start listening on the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b>, <b>BIO_SOCK_NODELAY</b>, <b>BIO_SOCK_REUSEADDR</b> and <b>BIO_SOCK_V6_ONLY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_accept_ex() waits for an incoming connections on the given socket <b>accept_sock</b>. When it gets a connection, the address and port of the peer gets stored in <b>peer</b> if that one is non-NULL. Accept <b>options</b> may be zero or <b>BIO_SOCK_NONBLOCK</b>, and is applied on the accepted socket. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_closesocket() closes <b>sock</b>.</p>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<dl>
+
+<dt id="BIO_SOCK_KEEPALIVE">BIO_SOCK_KEEPALIVE</dt>
+<dd>
+
+<p>Enables regular sending of keep-alive messages.</p>
+
+</dd>
+<dt id="BIO_SOCK_NONBLOCK">BIO_SOCK_NONBLOCK</dt>
+<dd>
+
+<p>Sets the socket to non-blocking mode.</p>
+
+</dd>
+<dt id="BIO_SOCK_NODELAY">BIO_SOCK_NODELAY</dt>
+<dd>
+
+<p>Corresponds to <b>TCP_NODELAY</b>, and disables the Nagle algorithm. With this set, any data will be sent as soon as possible instead of being buffered until there&#39;s enough for the socket to send out in one go.</p>
+
+</dd>
+<dt id="BIO_SOCK_REUSEADDR">BIO_SOCK_REUSEADDR</dt>
+<dd>
+
+<p>Try to reuse the address and port combination for a recently closed port.</p>
+
+</dd>
+<dt id="BIO_SOCK_V6_ONLY">BIO_SOCK_V6_ONLY</dt>
+<dd>
+
+<p>When creating an IPv6 socket, make it only listen for IPv6 addresses and not IPv4 addresses mapped to IPv6.</p>
+
+</dd>
+</dl>
+
+<p>These flags are bit flags, so they are to be combined with the <code>|</code> operator, for example:</p>
+
+<pre><code> BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_socket() returns the socket number on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_bind(), BIO_connect() and BIO_listen() return 1 on success or 0 on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_accept_ex() returns the accepted socket on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gethostname(), BIO_get_port(), BIO_get_host_ip(), BIO_get_accept_socket() and BIO_accept() were deprecated in OpenSSL 1.1.0. Use the functions described above instead.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_lookup.html b/msys2/usr/share/doc/openssl/html/man3/BIO_lookup.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_lookup.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_lookup_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_lookup_ex.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_lookup_ex.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_lookup_type.html b/msys2/usr/share/doc/openssl/html/man3/BIO_lookup_type.html
new file mode 100644
index 000000000..9867658e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_lookup_type.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ADDRINFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_lookup_type, BIO_ADDRINFO, BIO_ADDRINFO_next, BIO_ADDRINFO_free, BIO_ADDRINFO_family, BIO_ADDRINFO_socktype, BIO_ADDRINFO_protocol, BIO_ADDRINFO_address, BIO_lookup_ex, BIO_lookup - BIO_ADDRINFO type and routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;sys/types.h&gt;
+ #include &lt;openssl/bio.h&gt;
+
+ typedef union bio_addrinfo_st BIO_ADDRINFO;
+
+ enum BIO_lookup_type {
+     BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+ };
+
+ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
+                   int family, int socktype, int protocol, BIO_ADDRINFO **res);
+ int BIO_lookup(const char *node, const char *service,
+                enum BIO_lookup_type lookup_type,
+                int family, int socktype, BIO_ADDRINFO **res);
+
+ const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+ int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+ const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+ void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_ADDRINFO</b> type is a wrapper for address information types provided on your platform.</p>
+
+<p><b>BIO_ADDRINFO</b> normally forms a chain of several that can be picked at one by one.</p>
+
+<p>BIO_lookup_ex() looks up a specified <b>host</b> and <b>service</b>, and uses <b>lookup_type</b> to determine what the default address should be if <b>host</b> is <b>NULL</b>. <b>family</b>, <b>socktype</b> and <b>protocol</b> are used to determine what protocol family, socket type and protocol should be used for the lookup. <b>family</b> can be any of AF_INET, AF_INET6, AF_UNIX and AF_UNSPEC. <b>socktype</b> can be SOCK_STREAM, SOCK_DGRAM or 0. Specifying 0 indicates that any type can be used. <b>protocol</b> specifies a protocol such as IPPROTO_TCP, IPPROTO_UDP or IPPORTO_SCTP. If set to 0 than any protocol can be used. <b>res</b> points at a pointer to hold the start of a <b>BIO_ADDRINFO</b> chain.</p>
+
+<p>For the family <b>AF_UNIX</b>, BIO_lookup_ex() will ignore the <b>service</b> parameter and expects the <b>node</b> parameter to hold the path to the socket file.</p>
+
+<p>BIO_lookup() does the same as BIO_lookup_ex() but does not provide the ability to select based on the protocol (any protocol may be returned).</p>
+
+<p>BIO_ADDRINFO_family() returns the family of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants AF_INET, AF_INET6 and AF_UNIX.</p>
+
+<p>BIO_ADDRINFO_socktype() returns the socket type of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants SOCK_STREAM and SOCK_DGRAM.</p>
+
+<p>BIO_ADDRINFO_protocol() returns the protocol id of the given <b>BIO_ADDRINFO</b>. The result will be one of the constants IPPROTO_TCP and IPPROTO_UDP.</p>
+
+<p>BIO_ADDRINFO_address() returns the underlying <b>BIO_ADDR</b> of the given <b>BIO_ADDRINFO</b>.</p>
+
+<p>BIO_ADDRINFO_next() returns the next <b>BIO_ADDRINFO</b> in the chain from the given one.</p>
+
+<p>BIO_ADDRINFO_free() frees the chain of <b>BIO_ADDRINFO</b> starting with the given one.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_lookup_ex() and BIO_lookup() return 1 on success and 0 when an error occurred, and will leave an error indication on the OpenSSL error stack in that case.</p>
+
+<p>All other functions described here return 0 or <b>NULL</b> when the information they should return isn&#39;t available.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The BIO_lookup_ex() implementation uses the platform provided getaddrinfo() function. On Linux it is known that specifying 0 for the protocol will not return any SCTP based addresses when calling getaddrinfo(). Therefore if an SCTP address is required then the <b>protocol</b> parameter to BIO_lookup_ex() should be explicitly set to IPPROTO_SCTP. The same may be true on other platforms.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_lookup_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_make_bio_pair.html b/msys2/usr/share/doc/openssl/html/man3/BIO_make_bio_pair.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_make_bio_pair.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_free.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_free.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_free.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_callback_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_callback_ctrl.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_callback_ctrl.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_create.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_create.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_create.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_ctrl.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_ctrl.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_destroy.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_destroy.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_destroy.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_gets.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_gets.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_gets.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_puts.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_puts.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_puts.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_read.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_read.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_read.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_read_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_read_ex.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_read_ex.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_write.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_write.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_write.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_write_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_write_ex.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_get_write_ex.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_new.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_new.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_new.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_callback_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_callback_ctrl.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_callback_ctrl.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_create.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_create.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_create.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_ctrl.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_ctrl.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_destroy.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_destroy.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_destroy.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_gets.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_gets.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_gets.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_puts.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_puts.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_puts.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_read.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_read.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_read.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_read_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_read_ex.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_read_ex.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_write.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_write.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_write.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_write_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_write_ex.html
new file mode 100644
index 000000000..f817cdb37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_meth_set_write_ex.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_new_index, BIO_meth_new, BIO_meth_free, BIO_meth_get_read_ex, BIO_meth_set_read_ex, BIO_meth_get_write_ex, BIO_meth_set_write_ex, BIO_meth_get_write, BIO_meth_set_write, BIO_meth_get_read, BIO_meth_set_read, BIO_meth_get_puts, BIO_meth_set_puts, BIO_meth_get_gets, BIO_meth_set_gets, BIO_meth_get_ctrl, BIO_meth_set_ctrl, BIO_meth_get_create, BIO_meth_set_create, BIO_meth_get_destroy, BIO_meth_set_destroy, BIO_meth_get_callback_ctrl, BIO_meth_set_callback_ctrl - Routines to build up BIO methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_get_new_index(void);
+
+ BIO_METHOD *BIO_meth_new(int type, const char *name);
+
+ void BIO_meth_free(BIO_METHOD *biom);
+
+ int (*BIO_meth_get_write_ex(const BIO_METHOD *biom))(BIO *, const char *, size_t,
+                                                size_t *);
+ int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int);
+ int BIO_meth_set_write_ex(BIO_METHOD *biom,
+                           int (*bwrite)(BIO *, const char *, size_t, size_t *));
+ int BIO_meth_set_write(BIO_METHOD *biom,
+                        int (*write)(BIO *, const char *, int));
+
+ int (*BIO_meth_get_read_ex(const BIO_METHOD *biom))(BIO *, char *, size_t, size_t *);
+ int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_read_ex(BIO_METHOD *biom,
+                          int (*bread)(BIO *, char *, size_t, size_t *));
+ int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int));
+
+ int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *);
+ int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *));
+
+ int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int);
+ int BIO_meth_set_gets(BIO_METHOD *biom,
+                       int (*gets)(BIO *, char *, int));
+
+ long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *);
+ int BIO_meth_set_ctrl(BIO_METHOD *biom,
+                       long (*ctrl)(BIO *, int, long, void *));
+
+ int (*BIO_meth_get_create(const BIO_METHOD *bion))(BIO *);
+ int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *));
+
+ int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *);
+ int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *));
+
+ long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *);
+ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+                                long (*callback_ctrl)(BIO *, int, BIO_info_cb *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>BIO_METHOD</b> type is a structure used for the implementation of new BIO types. It provides a set of functions used by OpenSSL for the implementation of the various BIO capabilities. See the <a href="/../man7/bio.html">bio</a> page for more information.</p>
+
+<p>BIO_meth_new() creates a new <b>BIO_METHOD</b> structure. It should be given a unique integer <b>type</b> and a string that represents its <b>name</b>. Use BIO_get_new_index() to get the value for <b>type</b>.</p>
+
+<p>The set of standard OpenSSL provided BIO types is provided in <b>bio.h</b>. Some examples include <b>BIO_TYPE_BUFFER</b> and <b>BIO_TYPE_CIPHER</b>. Filter BIOs should have a type which have the &quot;filter&quot; bit set (<b>BIO_TYPE_FILTER</b>). Source/sink BIOs should have the &quot;source/sink&quot; bit set (<b>BIO_TYPE_SOURCE_SINK</b>). File descriptor based BIOs (e.g. socket, fd, connect, accept etc) should additionally have the &quot;descriptor&quot; bit set (<b>BIO_TYPE_DESCRIPTOR</b>). See the <a href="/../man3/BIO_find_type.html">BIO_find_type</a> page for more information.</p>
+
+<p>BIO_meth_free() destroys a <b>BIO_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>BIO_meth_get_write_ex() and BIO_meth_set_write_ex() get and set the function used for writing arbitrary length data to the BIO respectively. This function will be called in response to the application calling BIO_write_ex() or BIO_write(). The parameters for the function have the same meaning as for BIO_write_ex(). Older code may call BIO_meth_get_write() and BIO_meth_set_write() instead. Applications should not call both BIO_meth_set_write_ex() and BIO_meth_set_write() or call BIO_meth_get_write() when the function was set with BIO_meth_set_write_ex().</p>
+
+<p>BIO_meth_get_read_ex() and BIO_meth_set_read_ex() get and set the function used for reading arbitrary length data from the BIO respectively. This function will be called in response to the application calling BIO_read_ex() or BIO_read(). The parameters for the function have the same meaning as for BIO_read_ex(). Older code may call BIO_meth_get_read() and BIO_meth_set_read() instead. Applications should not call both BIO_meth_set_read_ex() and BIO_meth_set_read() or call BIO_meth_get_read() when the function was set with BIO_meth_set_read_ex().</p>
+
+<p>BIO_meth_get_puts() and BIO_meth_set_puts() get and set the function used for writing a NULL terminated string to the BIO respectively. This function will be called in response to the application calling BIO_puts(). The parameters for the function have the same meaning as for BIO_puts().</p>
+
+<p>BIO_meth_get_gets() and BIO_meth_set_gets() get and set the function typically used for reading a line of data from the BIO respectively (see the <a href="../man3/BIO_gets.html">BIO_gets(3)</a> page for more information). This function will be called in response to the application calling BIO_gets(). The parameters for the function have the same meaning as for BIO_gets().</p>
+
+<p>BIO_meth_get_ctrl() and BIO_meth_set_ctrl() get and set the function used for processing ctrl messages in the BIO respectively. See the <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a> page for more information. This function will be called in response to the application calling BIO_ctrl(). The parameters for the function have the same meaning as for BIO_ctrl().</p>
+
+<p>BIO_meth_get_create() and BIO_meth_set_create() get and set the function used for creating a new instance of the BIO respectively. This function will be called in response to the application calling BIO_new() and passing in a pointer to the current BIO_METHOD. The BIO_new() function will allocate the memory for the new BIO, and a pointer to this newly allocated structure will be passed as a parameter to the function.</p>
+
+<p>BIO_meth_get_destroy() and BIO_meth_set_destroy() get and set the function used for destroying an instance of a BIO respectively. This function will be called in response to the application calling BIO_free(). A pointer to the BIO to be destroyed is passed as a parameter. The destroy function should be used for BIO specific clean up. The memory for the BIO itself should not be freed by this function.</p>
+
+<p>BIO_meth_get_callback_ctrl() and BIO_meth_set_callback_ctrl() get and set the function used for processing callback ctrl messages in the BIO respectively. See the <a href="../man3/BIO_callback_ctrl.html">BIO_callback_ctrl(3)</a> page for more information. This function will be called in response to the application calling BIO_callback_ctrl(). The parameters for the function have the same meaning as for BIO_callback_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_new_index() returns the new BIO type value or -1 if an error occurred.</p>
+
+<p>BIO_meth_new(int type, const char *name) returns a valid <b>BIO_METHOD</b> or NULL if an error occurred.</p>
+
+<p>The <b>BIO_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>BIO_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_find_type.html">BIO_find_type</a>, <a href="/../man3/BIO_ctrl.html">BIO_ctrl</a>, <a>BIO_read_ex</a>, <a href="/../man3/BIO_new.html">BIO_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_method_type.html b/msys2/usr/share/doc/openssl/html/man3/BIO_method_type.html
new file mode 100644
index 000000000..6263679f5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_method_type.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_find_type</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_find_type, BIO_next, BIO_method_type - BIO chain traversal</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *BIO_find_type(BIO *b, int bio_type);
+ BIO *BIO_next(BIO *b);
+ int BIO_method_type(const BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_find_type() searches for a BIO of a given type in a chain, starting at BIO <b>b</b>. If <b>type</b> is a specific type (such as <b>BIO_TYPE_MEM</b>) then a search is made for a BIO of that type. If <b>type</b> is a general type (such as <b>BIO_TYPE_SOURCE_SINK</b>) then the next matching BIO of the given general type is searched for. BIO_find_type() returns the next matching BIO or NULL if none is found.</p>
+
+<p>The following general types are defined: <b>BIO_TYPE_DESCRIPTOR</b>, <b>BIO_TYPE_FILTER</b>, and <b>BIO_TYPE_SOURCE_SINK</b>.</p>
+
+<p>For a list of the specific types, see the <b>openssl/bio.h</b> header file.</p>
+
+<p>BIO_next() returns the next BIO in a chain. It can be used to traverse all BIOs in a chain or used in conjunction with BIO_find_type() to find all BIOs of a certain type.</p>
+
+<p>BIO_method_type() returns the type of a BIO.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_find_type() returns a matching BIO or NULL for no match.</p>
+
+<p>BIO_next() returns the next BIO in a chain.</p>
+
+<p>BIO_method_type() returns the type of the BIO <b>b</b>.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Traverse a chain looking for digest BIOs:</p>
+
+<pre><code> BIO *btmp;
+
+ btmp = in_bio; /* in_bio is chain to search through */
+ do {
+     btmp = BIO_find_type(btmp, BIO_TYPE_MD);
+     if (btmp == NULL)
+         break; /* Not found */
+     /* btmp is a digest BIO, do something with it ...*/
+     ...
+
+     btmp = BIO_next(btmp);
+ } while (btmp);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new.html
new file mode 100644
index 000000000..0469d0f84
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_new, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and freeing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *  BIO_new(const BIO_METHOD *type);
+ int    BIO_up_ref(BIO *a);
+ int    BIO_free(BIO *a);
+ void   BIO_vfree(BIO *a);
+ void   BIO_free_all(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_new() function returns a new BIO using method <b>type</b>.</p>
+
+<p>BIO_up_ref() increments the reference count associated with the BIO object.</p>
+
+<p>BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO but it does not return a value. If <b>a</b> is NULL nothing is done. Calling BIO_free() may also have some effect on the underlying I/O structure, for example it may close the file being referred to under certain circumstances. For more details see the individual BIO_METHOD descriptions.</p>
+
+<p>BIO_free_all() frees up an entire BIO chain, it does not halt if an error occurs freeing up an individual BIO in the chain. If <b>a</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new() returns a newly created BIO or NULL if the call fails.</p>
+
+<p>BIO_up_ref() and BIO_free() return 1 for success and 0 for failure.</p>
+
+<p>BIO_free_all() and BIO_vfree() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If BIO_free() is called on a BIO chain it will only free one BIO resulting in a memory leak.</p>
+
+<p>Calling BIO_free_all() on a single BIO has the same effect as calling BIO_free() on it other than the discarded return value.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set() was removed in OpenSSL 1.1.0 as BIO type is now opaque.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_CMS.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_CMS.html
new file mode 100644
index 000000000..eb214bc5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_CMS.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_new_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_new_CMS - CMS streaming filter BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_new_CMS() returns a streaming filter BIO chain based on <b>cms</b>. The output of the filter is written to <b>out</b>. Any data written to the chain is automatically translated to a BER format CMS structure of the appropriate type.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chain returned by this function behaves like a standard filter BIO. It supports non blocking I/O. Content is processed and streamed on the fly and not all held in memory at once: so it is possible to encode very large structures. After all content has been written through the chain BIO_flush() must be called to finalise the structure.</p>
+
+<p>The <b>CMS_STREAM</b> flag must be included in the corresponding <b>flags</b> parameter of the <b>cms</b> creation function.</p>
+
+<p>If an application wishes to write additional data to <b>out</b> BIOs should be removed from the chain using BIO_pop() and freed with BIO_free() until <b>out</b> is reached. If no additional data needs to be written BIO_free_all() can be called to free up the whole chain.</p>
+
+<p>Any content written through the filter is used verbatim: no canonical translation is performed.</p>
+
+<p>It is possible to chain multiple BIOs to, for example, create a triple wrapped signed, enveloped, signed structure. In this case it is the applications responsibility to set the inner content type of any outer CMS_ContentInfo structures.</p>
+
+<p>Large numbers of small writes through the chain should be avoided as this will produce an output consisting of lots of OCTET STRING structures. Prepending a BIO_f_buffer() buffering BIO will prevent this.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There is currently no corresponding inverse BIO: i.e. one which can decode a CMS structure on the fly.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_CMS() returns a BIO chain when successful or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_new_CMS() function was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_accept.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_accept.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_accept.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_bio_pair.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_bio_pair.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_bio_pair.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_buffer_ssl_connect.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_buffer_ssl_connect.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_buffer_ssl_connect.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_connect.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_connect.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_connect.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_fd.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_fd.html
new file mode 100644
index 000000000..2e57de134
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_fd.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd - file descriptor BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_fd(void);
+
+ int BIO_set_fd(BIO *b, int fd, int c);
+ int BIO_get_fd(BIO *b, int *c);
+
+ BIO *BIO_new_fd(int fd, int close_flag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_fd() returns the file descriptor BIO method. This is a wrapper round the platforms file descriptor routines such as read() and write().</p>
+
+<p>BIO_read_ex() and BIO_write_ex() read or write the underlying descriptor. BIO_puts() is supported but BIO_gets() is not.</p>
+
+<p>If the close flag is set then close() is called on the underlying file descriptor when the BIO is freed.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file such as by using <b>lseek(fd, 0, 0)</b>.</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file such as by using <b>lseek(fd, ofs, 0)</b>.</p>
+
+<p>BIO_tell() returns the current file position such as by calling <b>lseek(fd, 0, 1)</b>.</p>
+
+<p>BIO_set_fd() sets the file descriptor of BIO <b>b</b> to <b>fd</b> and the close flag to <b>c</b>.</p>
+
+<p>BIO_get_fd() places the file descriptor in <b>c</b> if it is not NULL, it also returns the file descriptor.</p>
+
+<p>BIO_new_fd() returns a file descriptor BIO using <b>fd</b> and <b>close_flag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of BIO_read_ex() and BIO_write_ex() depends on the behavior of the platforms read() and write() calls on the descriptor. If the underlying file descriptor is in a non blocking mode then the BIO will behave in the manner described in the <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a> and <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> manual pages.</p>
+
+<p>File descriptor BIOs should not be used for socket I/O. Use socket BIOs instead.</p>
+
+<p>BIO_set_fd() and BIO_get_fd() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_fd() returns the file descriptor BIO method.</p>
+
+<p>BIO_set_fd() always returns 1.</p>
+
+<p>BIO_get_fd() returns the file descriptor or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_new_fd() returns the newly allocated BIO or NULL is an error occurred.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is a file descriptor BIO version of &quot;Hello World&quot;:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_fd(fileno(stdout), BIO_NOCLOSE);
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_file.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_file.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_file.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_fp.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_fp.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_fp.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_mem_buf.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_mem_buf.html
new file mode 100644
index 000000000..d307f64e7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_mem_buf.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_mem</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_secmem, BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf, BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_mem(void);
+ const BIO_METHOD *BIO_s_secmem(void);
+
+ BIO_set_mem_eof_return(BIO *b, int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+ BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c)
+ BIO_get_mem_ptr(BIO *b, BUF_MEM **pp)
+
+ BIO *BIO_new_mem_buf(const void *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_mem() returns the memory BIO method function.</p>
+
+<p>A memory BIO is a source/sink BIO which uses memory for its I/O. Data written to a memory BIO is stored in a BUF_MEM structure which is extended as appropriate to accommodate the stored data.</p>
+
+<p>BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used for buffer storage.</p>
+
+<p>Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only any data read from it is deleted from the BIO.</p>
+
+<p>Memory BIOs support BIO_gets() and BIO_puts().</p>
+
+<p>If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying BUF_MEM structure is also freed.</p>
+
+<p>Calling BIO_reset() on a read write memory BIO clears any data in it if the flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and the data can be read again.</p>
+
+<p>BIO_eof() is true if no data is in the BIO.</p>
+
+<p>BIO_ctrl_pending() returns the number of bytes currently stored.</p>
+
+<p>BIO_set_mem_eof_return() sets the behaviour of memory BIO <b>b</b> when it is empty. If the <b>v</b> is zero then an empty memory BIO will return EOF (that is it will return zero and BIO_should_retry(b) will be false. If <b>v</b> is non zero then it will return <b>v</b> when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value <b>v</b> should be set to a negative value, typically -1.</p>
+
+<p>BIO_get_mem_data() sets *<b>pp</b> to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro.</p>
+
+<p>BIO_set_mem_buf() sets the internal BUF_MEM structure to <b>bm</b> and sets the close flag to <b>c</b>, that is <b>c</b> should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro.</p>
+
+<p>BIO_get_mem_ptr() places the underlying BUF_MEM structure in *<b>pp</b>. It is a macro.</p>
+
+<p>BIO_new_mem_buf() creates a memory BIO using <b>len</b> bytes of data at <b>buf</b>, if <b>len</b> is -1 then the <b>buf</b> is assumed to be nul terminated and its length is determined by <b>strlen</b>. The BIO is set to a read only state and as a result cannot be written to. This is useful when some data needs to be made available from a static area of memory in the form of a BIO. The supplied data is read directly from the supplied buffer: it is <b>not</b> copied first, so the supplied area of memory must be unchanged until the BIO is freed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Writes to memory BIOs will always succeed if memory is available: that is their size can grow indefinitely.</p>
+
+<p>Every read from a read write memory BIO will remove the data just read with an internal copy operation, if a BIO contains a lot of data and it is read in small chunks the operation can be very slow. The use of a read only memory BIO avoids this problem. If the BIO must be read write then adding a buffering BIO to the chain will speed up the process.</p>
+
+<p>Calling BIO_set_mem_buf() on a BIO created with BIO_new_secmem() will give undefined results, including perhaps a program crash.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option to set the maximum size of a memory BIO.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO and write some data to it:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());
+
+ BIO_puts(mem, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Create a read only memory BIO:</p>
+
+<pre><code> char data[] = &quot;Hello World&quot;;
+ BIO *mem = BIO_new_mem_buf(data, -1);</code></pre>
+
+<p>Extract the BUF_MEM structure from a memory BIO and then free up the BIO:</p>
+
+<pre><code> BUF_MEM *bptr;
+
+ BIO_get_mem_ptr(mem, &amp;bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_mem() and BIO_s_secmem() return a valid memory <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_mem_buf() returns a valid <b>BIO</b> structure on success or NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_socket.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_socket.html
new file mode 100644
index 000000000..5490cc016
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_socket.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_socket</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_socket, BIO_new_socket - socket BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_socket(void);
+
+ BIO *BIO_new_socket(int sock, int close_flag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_socket() returns the socket BIO method. This is a wrapper round the platform&#39;s socket routines.</p>
+
+<p>BIO_read_ex() and BIO_write_ex() read or write the underlying socket. BIO_puts() is supported but BIO_gets() is not.</p>
+
+<p>If the close flag is set then the socket is shut down and closed when the BIO is freed.</p>
+
+<p>BIO_new_socket() returns a socket BIO using <b>sock</b> and <b>close_flag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Socket BIOs also support any relevant functionality of file descriptor BIOs.</p>
+
+<p>The reason for having separate file descriptor and socket BIOs is that on some platforms sockets are not file descriptors and use distinct I/O routines, Windows is one such platform. Any code mixing the two will not work on all platforms.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_socket() returns the socket BIO method.</p>
+
+<p>BIO_new_socket() returns the newly allocated BIO or NULL is an error occurred.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_ssl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_ssl.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_ssl.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_new_ssl_connect.html b/msys2/usr/share/doc/openssl/html/man3/BIO_new_ssl_connect.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_new_ssl_connect.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_next.html b/msys2/usr/share/doc/openssl/html/man3/BIO_next.html
new file mode 100644
index 000000000..6263679f5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_next.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_find_type</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_find_type, BIO_next, BIO_method_type - BIO chain traversal</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *BIO_find_type(BIO *b, int bio_type);
+ BIO *BIO_next(BIO *b);
+ int BIO_method_type(const BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_find_type() searches for a BIO of a given type in a chain, starting at BIO <b>b</b>. If <b>type</b> is a specific type (such as <b>BIO_TYPE_MEM</b>) then a search is made for a BIO of that type. If <b>type</b> is a general type (such as <b>BIO_TYPE_SOURCE_SINK</b>) then the next matching BIO of the given general type is searched for. BIO_find_type() returns the next matching BIO or NULL if none is found.</p>
+
+<p>The following general types are defined: <b>BIO_TYPE_DESCRIPTOR</b>, <b>BIO_TYPE_FILTER</b>, and <b>BIO_TYPE_SOURCE_SINK</b>.</p>
+
+<p>For a list of the specific types, see the <b>openssl/bio.h</b> header file.</p>
+
+<p>BIO_next() returns the next BIO in a chain. It can be used to traverse all BIOs in a chain or used in conjunction with BIO_find_type() to find all BIOs of a certain type.</p>
+
+<p>BIO_method_type() returns the type of a BIO.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_find_type() returns a matching BIO or NULL for no match.</p>
+
+<p>BIO_next() returns the next BIO in a chain.</p>
+
+<p>BIO_method_type() returns the type of the BIO <b>b</b>.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Traverse a chain looking for digest BIOs:</p>
+
+<pre><code> BIO *btmp;
+
+ btmp = in_bio; /* in_bio is chain to search through */
+ do {
+     btmp = BIO_find_type(btmp, BIO_TYPE_MD);
+     if (btmp == NULL)
+         break; /* Not found */
+     /* btmp is a digest BIO, do something with it ...*/
+     ...
+
+     btmp = BIO_next(btmp);
+ } while (btmp);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_parse_hostserv.html b/msys2/usr/share/doc/openssl/html/man3/BIO_parse_hostserv.html
new file mode 100644
index 000000000..c71fcbaab
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_parse_hostserv.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_parse_hostserv</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_hostserv_priorities, BIO_parse_hostserv - utility routines to parse a standard host and service string</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ enum BIO_hostserv_priorities {
+     BIO_PARSE_PRIO_HOST, BIO_PARSE_PRIO_SERV
+ };
+ int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
+                        enum BIO_hostserv_priorities hostserv_prio);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_parse_hostserv() will parse the information given in <b>hostserv</b>, create strings with the host name and service name and give those back via <b>host</b> and <b>service</b>. Those will need to be freed after they are used. <b>hostserv_prio</b> helps determine if <b>hostserv</b> shall be interpreted primarily as a host name or a service name in ambiguous cases.</p>
+
+<p>The syntax the BIO_parse_hostserv() recognises is:</p>
+
+<pre><code> host + &#39;:&#39; + service
+ host + &#39;:&#39; + &#39;*&#39;
+ host + &#39;:&#39;
+        &#39;:&#39; + service
+ &#39;*&#39;  + &#39;:&#39; + service
+ host
+ service</code></pre>
+
+<p>The host part can be a name or an IP address. If it&#39;s a IPv6 address, it MUST be enclosed in brackets, such as &#39;[::1]&#39;.</p>
+
+<p>The service part can be a service name or its port number.</p>
+
+<p>The returned values will depend on the given <b>hostserv</b> string and <b>hostserv_prio</b>, as follows:</p>
+
+<pre><code> host + &#39;:&#39; + service  =&gt; *host = &quot;host&quot;, *service = &quot;service&quot;
+ host + &#39;:&#39; + &#39;*&#39;      =&gt; *host = &quot;host&quot;, *service = NULL
+ host + &#39;:&#39;            =&gt; *host = &quot;host&quot;, *service = NULL
+        &#39;:&#39; + service  =&gt; *host = NULL, *service = &quot;service&quot;
+  &#39;*&#39; + &#39;:&#39; + service  =&gt; *host = NULL, *service = &quot;service&quot;
+
+ in case no &#39;:&#39; is present in the string, the result depends on
+ hostserv_prio, as follows:
+
+ when hostserv_prio == BIO_PARSE_PRIO_HOST
+ host                 =&gt; *host = &quot;host&quot;, *service untouched
+
+ when hostserv_prio == BIO_PARSE_PRIO_SERV
+ service              =&gt; *host untouched, *service = &quot;service&quot;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_parse_hostserv() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDRINFO.html">BIO_ADDRINFO(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_pending.html b/msys2/usr/share/doc/openssl/html/man3/BIO_pending.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_pending.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_pop.html b/msys2/usr/share/doc/openssl/html/man3/BIO_pop.html
new file mode 100644
index 000000000..8326ef222
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_pop.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_push</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_push, BIO_pop, BIO_set_next - add and remove BIOs from a chain</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *BIO_push(BIO *b, BIO *append);
+ BIO *BIO_pop(BIO *b);
+ void BIO_set_next(BIO *b, BIO *next);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_push() function appends the BIO <b>append</b> to <b>b</b>, it returns <b>b</b>.</p>
+
+<p>BIO_pop() removes the BIO <b>b</b> from a chain and returns the next BIO in the chain, or NULL if there is no next BIO. The removed BIO then becomes a single BIO with no association with the original chain, it can thus be freed or attached to a different chain.</p>
+
+<p>BIO_set_next() replaces the existing next BIO in a chain with the BIO pointed to by <b>next</b>. The new chain may include some of the same BIOs from the old chain or it may be completely different.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The names of these functions are perhaps a little misleading. BIO_push() joins two BIO chains whereas BIO_pop() deletes a single BIO from a chain, the deleted BIO does not need to be at the end of a chain.</p>
+
+<p>The process of calling BIO_push() and BIO_pop() on a BIO may have additional consequences (a control call is made to the affected BIOs) any effects will be noted in the descriptions of individual BIOs.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>For these examples suppose <b>md1</b> and <b>md2</b> are digest BIOs, <b>b64</b> is a base64 BIO and <b>f</b> is a file BIO.</p>
+
+<p>If the call:</p>
+
+<pre><code> BIO_push(b64, f);</code></pre>
+
+<p>is made then the new chain will be <b>b64-f</b>. After making the calls</p>
+
+<pre><code> BIO_push(md2, b64);
+ BIO_push(md1, md2);</code></pre>
+
+<p>the new chain is <b>md1-md2-b64-f</b>. Data written to <b>md1</b> will be digested by <b>md1</b> and <b>md2</b>, <b>base64</b> encoded and written to <b>f</b>.</p>
+
+<p>It should be noted that reading causes data to pass in the reverse direction, that is data is read from <b>f</b>, base64 <b>decoded</b> and digested by <b>md1</b> and <b>md2</b>. If the call:</p>
+
+<pre><code> BIO_pop(md2);</code></pre>
+
+<p>The call will return <b>b64</b> and the new chain will be <b>md1-b64-f</b> data can be written to <b>md1</b> as before.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_push() returns the end of the chain, <b>b</b>.</p>
+
+<p>BIO_pop() returns the next BIO in the chain, or NULL if there is no next BIO.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_set_next() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_printf.html b/msys2/usr/share/doc/openssl/html/man3/BIO_printf.html
new file mode 100644
index 000000000..af1b25f8d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_printf.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_printf</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_printf, BIO_vprintf, BIO_snprintf, BIO_vsnprintf - formatted output to a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_printf(BIO *bio, const char *format, ...)
+ int BIO_vprintf(BIO *bio, const char *format, va_list args)
+
+ int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_printf() is similar to the standard C printf() function, except that the output is sent to the specified BIO, <b>bio</b>, rather than standard output. All common format specifiers are supported.</p>
+
+<p>BIO_vprintf() is similar to the vprintf() function found on many platforms, the output is sent to the specified BIO, <b>bio</b>, rather than standard output. All common format specifiers are supported. The argument list <b>args</b> is a stdarg argument list.</p>
+
+<p>BIO_snprintf() is for platforms that do not have the common snprintf() function. It is like sprintf() except that the size parameter, <b>n</b>, specifies the size of the output buffer.</p>
+
+<p>BIO_vsnprintf() is to BIO_snprintf() as BIO_vprintf() is to BIO_printf().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions return the number of bytes written, or -1 on error. For BIO_snprintf() and BIO_vsnprintf() this includes when the output buffer is too small.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ptr_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ptr_ctrl.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ptr_ctrl.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_push.html b/msys2/usr/share/doc/openssl/html/man3/BIO_push.html
new file mode 100644
index 000000000..8326ef222
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_push.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_push</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_push, BIO_pop, BIO_set_next - add and remove BIOs from a chain</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *BIO_push(BIO *b, BIO *append);
+ BIO *BIO_pop(BIO *b);
+ void BIO_set_next(BIO *b, BIO *next);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_push() function appends the BIO <b>append</b> to <b>b</b>, it returns <b>b</b>.</p>
+
+<p>BIO_pop() removes the BIO <b>b</b> from a chain and returns the next BIO in the chain, or NULL if there is no next BIO. The removed BIO then becomes a single BIO with no association with the original chain, it can thus be freed or attached to a different chain.</p>
+
+<p>BIO_set_next() replaces the existing next BIO in a chain with the BIO pointed to by <b>next</b>. The new chain may include some of the same BIOs from the old chain or it may be completely different.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The names of these functions are perhaps a little misleading. BIO_push() joins two BIO chains whereas BIO_pop() deletes a single BIO from a chain, the deleted BIO does not need to be at the end of a chain.</p>
+
+<p>The process of calling BIO_push() and BIO_pop() on a BIO may have additional consequences (a control call is made to the affected BIOs) any effects will be noted in the descriptions of individual BIOs.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>For these examples suppose <b>md1</b> and <b>md2</b> are digest BIOs, <b>b64</b> is a base64 BIO and <b>f</b> is a file BIO.</p>
+
+<p>If the call:</p>
+
+<pre><code> BIO_push(b64, f);</code></pre>
+
+<p>is made then the new chain will be <b>b64-f</b>. After making the calls</p>
+
+<pre><code> BIO_push(md2, b64);
+ BIO_push(md1, md2);</code></pre>
+
+<p>the new chain is <b>md1-md2-b64-f</b>. Data written to <b>md1</b> will be digested by <b>md1</b> and <b>md2</b>, <b>base64</b> encoded and written to <b>f</b>.</p>
+
+<p>It should be noted that reading causes data to pass in the reverse direction, that is data is read from <b>f</b>, base64 <b>decoded</b> and digested by <b>md1</b> and <b>md2</b>. If the call:</p>
+
+<pre><code> BIO_pop(md2);</code></pre>
+
+<p>The call will return <b>b64</b> and the new chain will be <b>md1-b64-f</b> data can be written to <b>md1</b> as before.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_push() returns the end of the chain, <b>b</b>.</p>
+
+<p>BIO_pop() returns the next BIO in the chain, or NULL if there is no next BIO.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_set_next() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_puts.html b/msys2/usr/share/doc/openssl/html/man3/BIO_puts.html
new file mode 100644
index 000000000..c178bd7b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_puts.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_read_ex, BIO_write_ex, BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
+ int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
+
+ int BIO_read(BIO *b, void *data, int dlen);
+ int BIO_gets(BIO *b, char *buf, int size);
+ int BIO_write(BIO *b, const void *data, int dlen);
+ int BIO_puts(BIO *b, const char *buf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_read_ex() attempts to read <b>dlen</b> bytes from BIO <b>b</b> and places the data in <b>data</b>. If any bytes were successfully read then the number of bytes read is stored in <b>*readbytes</b>.</p>
+
+<p>BIO_write_ex() attempts to write <b>dlen</b> bytes from <b>data</b> to BIO <b>b</b>. If successful then the number of bytes written is stored in <b>*written</b>.</p>
+
+<p>BIO_read() attempts to read <b>len</b> bytes from BIO <b>b</b> and places the data in <b>buf</b>.</p>
+
+<p>BIO_gets() performs the BIOs &quot;gets&quot; operation and places the data in <b>buf</b>. Usually this operation will attempt to read a line of data from the BIO of maximum length <b>size-1</b>. There are exceptions to this, however; for example, BIO_gets() on a digest BIO will calculate and return the digest and other BIOs may not support BIO_gets() at all. The returned string is always NUL-terminated and the &#39;\n&#39; is preserved if present in the input data.</p>
+
+<p>BIO_write() attempts to write <b>len</b> bytes from <b>buf</b> to BIO <b>b</b>.</p>
+
+<p>BIO_puts() attempts to write a NUL-terminated string <b>buf</b> to BIO <b>b</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_read_ex() and BIO_write_ex() return 1 if data was successfully read or written, and 0 otherwise.</p>
+
+<p>All other functions return either the amount of data successfully read or written (if the return value is positive) or that no data was successfully read or written if the result is 0 or -1. If the return value is -2 then the operation is not implemented in the specific BIO type. The trailing NUL is not included in the length returned by BIO_gets().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A 0 or -1 return is not necessarily an indication of an error. In particular when the source/sink is non-blocking or of a certain type it may merely be an indication that no data is currently available and that the application should retry the operation later.</p>
+
+<p>One technique sometimes used with blocking sockets is to use a system call (such as select(), poll() or equivalent) to determine when data is available and then call read() to read the data. The equivalent with BIOs (that is call select() on the underlying I/O structure and then call BIO_read() to read the data) should <b>not</b> be used because a single call to BIO_read() can cause several reads (and writes in the case of SSL BIOs) on the underlying I/O structure and may block as a result. Instead select() (or equivalent) should be combined with non blocking I/O so successive reads will request a retry instead of blocking.</p>
+
+<p>See <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> for details of how to determine the cause of a retry and other I/O issues.</p>
+
+<p>If the BIO_gets() function is not supported by a BIO then it possible to work around this by adding a buffering BIO <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a> to the chain.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gets() on 1.1.0 and older when called on BIO_fd() based BIO does not keep the &#39;\n&#39; at the end of the line in the buffer.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_read.html b/msys2/usr/share/doc/openssl/html/man3/BIO_read.html
new file mode 100644
index 000000000..c178bd7b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_read.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_read_ex, BIO_write_ex, BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
+ int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
+
+ int BIO_read(BIO *b, void *data, int dlen);
+ int BIO_gets(BIO *b, char *buf, int size);
+ int BIO_write(BIO *b, const void *data, int dlen);
+ int BIO_puts(BIO *b, const char *buf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_read_ex() attempts to read <b>dlen</b> bytes from BIO <b>b</b> and places the data in <b>data</b>. If any bytes were successfully read then the number of bytes read is stored in <b>*readbytes</b>.</p>
+
+<p>BIO_write_ex() attempts to write <b>dlen</b> bytes from <b>data</b> to BIO <b>b</b>. If successful then the number of bytes written is stored in <b>*written</b>.</p>
+
+<p>BIO_read() attempts to read <b>len</b> bytes from BIO <b>b</b> and places the data in <b>buf</b>.</p>
+
+<p>BIO_gets() performs the BIOs &quot;gets&quot; operation and places the data in <b>buf</b>. Usually this operation will attempt to read a line of data from the BIO of maximum length <b>size-1</b>. There are exceptions to this, however; for example, BIO_gets() on a digest BIO will calculate and return the digest and other BIOs may not support BIO_gets() at all. The returned string is always NUL-terminated and the &#39;\n&#39; is preserved if present in the input data.</p>
+
+<p>BIO_write() attempts to write <b>len</b> bytes from <b>buf</b> to BIO <b>b</b>.</p>
+
+<p>BIO_puts() attempts to write a NUL-terminated string <b>buf</b> to BIO <b>b</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_read_ex() and BIO_write_ex() return 1 if data was successfully read or written, and 0 otherwise.</p>
+
+<p>All other functions return either the amount of data successfully read or written (if the return value is positive) or that no data was successfully read or written if the result is 0 or -1. If the return value is -2 then the operation is not implemented in the specific BIO type. The trailing NUL is not included in the length returned by BIO_gets().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A 0 or -1 return is not necessarily an indication of an error. In particular when the source/sink is non-blocking or of a certain type it may merely be an indication that no data is currently available and that the application should retry the operation later.</p>
+
+<p>One technique sometimes used with blocking sockets is to use a system call (such as select(), poll() or equivalent) to determine when data is available and then call read() to read the data. The equivalent with BIOs (that is call select() on the underlying I/O structure and then call BIO_read() to read the data) should <b>not</b> be used because a single call to BIO_read() can cause several reads (and writes in the case of SSL BIOs) on the underlying I/O structure and may block as a result. Instead select() (or equivalent) should be combined with non blocking I/O so successive reads will request a retry instead of blocking.</p>
+
+<p>See <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> for details of how to determine the cause of a retry and other I/O issues.</p>
+
+<p>If the BIO_gets() function is not supported by a BIO then it possible to work around this by adding a buffering BIO <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a> to the chain.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gets() on 1.1.0 and older when called on BIO_fd() based BIO does not keep the &#39;\n&#39; at the end of the line in the buffer.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_read_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_read_ex.html
new file mode 100644
index 000000000..c178bd7b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_read_ex.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_read_ex, BIO_write_ex, BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
+ int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
+
+ int BIO_read(BIO *b, void *data, int dlen);
+ int BIO_gets(BIO *b, char *buf, int size);
+ int BIO_write(BIO *b, const void *data, int dlen);
+ int BIO_puts(BIO *b, const char *buf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_read_ex() attempts to read <b>dlen</b> bytes from BIO <b>b</b> and places the data in <b>data</b>. If any bytes were successfully read then the number of bytes read is stored in <b>*readbytes</b>.</p>
+
+<p>BIO_write_ex() attempts to write <b>dlen</b> bytes from <b>data</b> to BIO <b>b</b>. If successful then the number of bytes written is stored in <b>*written</b>.</p>
+
+<p>BIO_read() attempts to read <b>len</b> bytes from BIO <b>b</b> and places the data in <b>buf</b>.</p>
+
+<p>BIO_gets() performs the BIOs &quot;gets&quot; operation and places the data in <b>buf</b>. Usually this operation will attempt to read a line of data from the BIO of maximum length <b>size-1</b>. There are exceptions to this, however; for example, BIO_gets() on a digest BIO will calculate and return the digest and other BIOs may not support BIO_gets() at all. The returned string is always NUL-terminated and the &#39;\n&#39; is preserved if present in the input data.</p>
+
+<p>BIO_write() attempts to write <b>len</b> bytes from <b>buf</b> to BIO <b>b</b>.</p>
+
+<p>BIO_puts() attempts to write a NUL-terminated string <b>buf</b> to BIO <b>b</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_read_ex() and BIO_write_ex() return 1 if data was successfully read or written, and 0 otherwise.</p>
+
+<p>All other functions return either the amount of data successfully read or written (if the return value is positive) or that no data was successfully read or written if the result is 0 or -1. If the return value is -2 then the operation is not implemented in the specific BIO type. The trailing NUL is not included in the length returned by BIO_gets().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A 0 or -1 return is not necessarily an indication of an error. In particular when the source/sink is non-blocking or of a certain type it may merely be an indication that no data is currently available and that the application should retry the operation later.</p>
+
+<p>One technique sometimes used with blocking sockets is to use a system call (such as select(), poll() or equivalent) to determine when data is available and then call read() to read the data. The equivalent with BIOs (that is call select() on the underlying I/O structure and then call BIO_read() to read the data) should <b>not</b> be used because a single call to BIO_read() can cause several reads (and writes in the case of SSL BIOs) on the underlying I/O structure and may block as a result. Instead select() (or equivalent) should be combined with non blocking I/O so successive reads will request a retry instead of blocking.</p>
+
+<p>See <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> for details of how to determine the cause of a retry and other I/O issues.</p>
+
+<p>If the BIO_gets() function is not supported by a BIO then it possible to work around this by adding a buffering BIO <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a> to the chain.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gets() on 1.1.0 and older when called on BIO_fd() based BIO does not keep the &#39;\n&#39; at the end of the line in the buffer.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_read_filename.html b/msys2/usr/share/doc/openssl/html/man3/BIO_read_filename.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_read_filename.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_reset.html b/msys2/usr/share/doc/openssl/html/man3/BIO_reset.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_reset.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_retry_type.html b/msys2/usr/share/doc/openssl/html/man3/BIO_retry_type.html
new file mode 100644
index 000000000..19927d973
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_retry_type.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_should_retry</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_should_read(BIO *b);
+ int BIO_should_write(BIO *b);
+ int BIO_should_io_special(iBIO *b);
+ int BIO_retry_type(BIO *b);
+ int BIO_should_retry(BIO *b);
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+ void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
+
+<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
+
+<p>If BIO_should_retry() is false then the cause is an error condition.</p>
+
+<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
+
+<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
+
+<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
+
+<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
+
+<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
+
+<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
+
+<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
+
+<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
+
+<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
+
+<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
+
+<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
+
+<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
+
+<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
+
+<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_rw_filename.html b/msys2/usr/share/doc/openssl/html/man3/BIO_rw_filename.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_rw_filename.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_accept.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_accept.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_accept.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_bio.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_bio.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_bio.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_connect.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_connect.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_connect.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_fd.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_fd.html
new file mode 100644
index 000000000..2e57de134
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_fd.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd - file descriptor BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_fd(void);
+
+ int BIO_set_fd(BIO *b, int fd, int c);
+ int BIO_get_fd(BIO *b, int *c);
+
+ BIO *BIO_new_fd(int fd, int close_flag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_fd() returns the file descriptor BIO method. This is a wrapper round the platforms file descriptor routines such as read() and write().</p>
+
+<p>BIO_read_ex() and BIO_write_ex() read or write the underlying descriptor. BIO_puts() is supported but BIO_gets() is not.</p>
+
+<p>If the close flag is set then close() is called on the underlying file descriptor when the BIO is freed.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file such as by using <b>lseek(fd, 0, 0)</b>.</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file such as by using <b>lseek(fd, ofs, 0)</b>.</p>
+
+<p>BIO_tell() returns the current file position such as by calling <b>lseek(fd, 0, 1)</b>.</p>
+
+<p>BIO_set_fd() sets the file descriptor of BIO <b>b</b> to <b>fd</b> and the close flag to <b>c</b>.</p>
+
+<p>BIO_get_fd() places the file descriptor in <b>c</b> if it is not NULL, it also returns the file descriptor.</p>
+
+<p>BIO_new_fd() returns a file descriptor BIO using <b>fd</b> and <b>close_flag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of BIO_read_ex() and BIO_write_ex() depends on the behavior of the platforms read() and write() calls on the descriptor. If the underlying file descriptor is in a non blocking mode then the BIO will behave in the manner described in the <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a> and <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> manual pages.</p>
+
+<p>File descriptor BIOs should not be used for socket I/O. Use socket BIOs instead.</p>
+
+<p>BIO_set_fd() and BIO_get_fd() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_fd() returns the file descriptor BIO method.</p>
+
+<p>BIO_set_fd() always returns 1.</p>
+
+<p>BIO_get_fd() returns the file descriptor or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_new_fd() returns the newly allocated BIO or NULL is an error occurred.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is a file descriptor BIO version of &quot;Hello World&quot;:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_fd(fileno(stdout), BIO_NOCLOSE);
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_file.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_file.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_file.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_mem.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_mem.html
new file mode 100644
index 000000000..d307f64e7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_mem.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_mem</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_secmem, BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf, BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_mem(void);
+ const BIO_METHOD *BIO_s_secmem(void);
+
+ BIO_set_mem_eof_return(BIO *b, int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+ BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c)
+ BIO_get_mem_ptr(BIO *b, BUF_MEM **pp)
+
+ BIO *BIO_new_mem_buf(const void *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_mem() returns the memory BIO method function.</p>
+
+<p>A memory BIO is a source/sink BIO which uses memory for its I/O. Data written to a memory BIO is stored in a BUF_MEM structure which is extended as appropriate to accommodate the stored data.</p>
+
+<p>BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used for buffer storage.</p>
+
+<p>Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only any data read from it is deleted from the BIO.</p>
+
+<p>Memory BIOs support BIO_gets() and BIO_puts().</p>
+
+<p>If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying BUF_MEM structure is also freed.</p>
+
+<p>Calling BIO_reset() on a read write memory BIO clears any data in it if the flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and the data can be read again.</p>
+
+<p>BIO_eof() is true if no data is in the BIO.</p>
+
+<p>BIO_ctrl_pending() returns the number of bytes currently stored.</p>
+
+<p>BIO_set_mem_eof_return() sets the behaviour of memory BIO <b>b</b> when it is empty. If the <b>v</b> is zero then an empty memory BIO will return EOF (that is it will return zero and BIO_should_retry(b) will be false. If <b>v</b> is non zero then it will return <b>v</b> when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value <b>v</b> should be set to a negative value, typically -1.</p>
+
+<p>BIO_get_mem_data() sets *<b>pp</b> to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro.</p>
+
+<p>BIO_set_mem_buf() sets the internal BUF_MEM structure to <b>bm</b> and sets the close flag to <b>c</b>, that is <b>c</b> should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro.</p>
+
+<p>BIO_get_mem_ptr() places the underlying BUF_MEM structure in *<b>pp</b>. It is a macro.</p>
+
+<p>BIO_new_mem_buf() creates a memory BIO using <b>len</b> bytes of data at <b>buf</b>, if <b>len</b> is -1 then the <b>buf</b> is assumed to be nul terminated and its length is determined by <b>strlen</b>. The BIO is set to a read only state and as a result cannot be written to. This is useful when some data needs to be made available from a static area of memory in the form of a BIO. The supplied data is read directly from the supplied buffer: it is <b>not</b> copied first, so the supplied area of memory must be unchanged until the BIO is freed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Writes to memory BIOs will always succeed if memory is available: that is their size can grow indefinitely.</p>
+
+<p>Every read from a read write memory BIO will remove the data just read with an internal copy operation, if a BIO contains a lot of data and it is read in small chunks the operation can be very slow. The use of a read only memory BIO avoids this problem. If the BIO must be read write then adding a buffering BIO to the chain will speed up the process.</p>
+
+<p>Calling BIO_set_mem_buf() on a BIO created with BIO_new_secmem() will give undefined results, including perhaps a program crash.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option to set the maximum size of a memory BIO.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO and write some data to it:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());
+
+ BIO_puts(mem, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Create a read only memory BIO:</p>
+
+<pre><code> char data[] = &quot;Hello World&quot;;
+ BIO *mem = BIO_new_mem_buf(data, -1);</code></pre>
+
+<p>Extract the BUF_MEM structure from a memory BIO and then free up the BIO:</p>
+
+<pre><code> BUF_MEM *bptr;
+
+ BIO_get_mem_ptr(mem, &amp;bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_mem() and BIO_s_secmem() return a valid memory <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_mem_buf() returns a valid <b>BIO</b> structure on success or NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_null.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_null.html
new file mode 100644
index 000000000..6b608b700
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_null.html
@@ -0,0 +1,60 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_null</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_null - null data sink</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_null() returns the null sink BIO method. Data written to the null sink is discarded, reads return EOF.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A null sink BIO behaves in a similar manner to the Unix /dev/null device.</p>
+
+<p>A null bio can be placed on the end of a chain to discard any data passed through it.</p>
+
+<p>A null sink is useful if, for example, an application wishes to digest some data by writing through a digest bio but not send the digested data anywhere. Since a BIO chain must normally include a source/sink BIO this can be achieved by adding a null sink BIO to the end of the chain</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_null() returns the null sink BIO method.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_secmem.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_secmem.html
new file mode 100644
index 000000000..d307f64e7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_secmem.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_mem</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_secmem, BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf, BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_mem(void);
+ const BIO_METHOD *BIO_s_secmem(void);
+
+ BIO_set_mem_eof_return(BIO *b, int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+ BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c)
+ BIO_get_mem_ptr(BIO *b, BUF_MEM **pp)
+
+ BIO *BIO_new_mem_buf(const void *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_mem() returns the memory BIO method function.</p>
+
+<p>A memory BIO is a source/sink BIO which uses memory for its I/O. Data written to a memory BIO is stored in a BUF_MEM structure which is extended as appropriate to accommodate the stored data.</p>
+
+<p>BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used for buffer storage.</p>
+
+<p>Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only any data read from it is deleted from the BIO.</p>
+
+<p>Memory BIOs support BIO_gets() and BIO_puts().</p>
+
+<p>If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying BUF_MEM structure is also freed.</p>
+
+<p>Calling BIO_reset() on a read write memory BIO clears any data in it if the flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and the data can be read again.</p>
+
+<p>BIO_eof() is true if no data is in the BIO.</p>
+
+<p>BIO_ctrl_pending() returns the number of bytes currently stored.</p>
+
+<p>BIO_set_mem_eof_return() sets the behaviour of memory BIO <b>b</b> when it is empty. If the <b>v</b> is zero then an empty memory BIO will return EOF (that is it will return zero and BIO_should_retry(b) will be false. If <b>v</b> is non zero then it will return <b>v</b> when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value <b>v</b> should be set to a negative value, typically -1.</p>
+
+<p>BIO_get_mem_data() sets *<b>pp</b> to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro.</p>
+
+<p>BIO_set_mem_buf() sets the internal BUF_MEM structure to <b>bm</b> and sets the close flag to <b>c</b>, that is <b>c</b> should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro.</p>
+
+<p>BIO_get_mem_ptr() places the underlying BUF_MEM structure in *<b>pp</b>. It is a macro.</p>
+
+<p>BIO_new_mem_buf() creates a memory BIO using <b>len</b> bytes of data at <b>buf</b>, if <b>len</b> is -1 then the <b>buf</b> is assumed to be nul terminated and its length is determined by <b>strlen</b>. The BIO is set to a read only state and as a result cannot be written to. This is useful when some data needs to be made available from a static area of memory in the form of a BIO. The supplied data is read directly from the supplied buffer: it is <b>not</b> copied first, so the supplied area of memory must be unchanged until the BIO is freed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Writes to memory BIOs will always succeed if memory is available: that is their size can grow indefinitely.</p>
+
+<p>Every read from a read write memory BIO will remove the data just read with an internal copy operation, if a BIO contains a lot of data and it is read in small chunks the operation can be very slow. The use of a read only memory BIO avoids this problem. If the BIO must be read write then adding a buffering BIO to the chain will speed up the process.</p>
+
+<p>Calling BIO_set_mem_buf() on a BIO created with BIO_new_secmem() will give undefined results, including perhaps a program crash.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option to set the maximum size of a memory BIO.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO and write some data to it:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());
+
+ BIO_puts(mem, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Create a read only memory BIO:</p>
+
+<pre><code> char data[] = &quot;Hello World&quot;;
+ BIO *mem = BIO_new_mem_buf(data, -1);</code></pre>
+
+<p>Extract the BUF_MEM structure from a memory BIO and then free up the BIO:</p>
+
+<pre><code> BUF_MEM *bptr;
+
+ BIO_get_mem_ptr(mem, &amp;bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_mem() and BIO_s_secmem() return a valid memory <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_mem_buf() returns a valid <b>BIO</b> structure on success or NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_s_socket.html b/msys2/usr/share/doc/openssl/html/man3/BIO_s_socket.html
new file mode 100644
index 000000000..5490cc016
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_s_socket.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_socket</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_socket, BIO_new_socket - socket BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_socket(void);
+
+ BIO *BIO_new_socket(int sock, int close_flag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_socket() returns the socket BIO method. This is a wrapper round the platform&#39;s socket routines.</p>
+
+<p>BIO_read_ex() and BIO_write_ex() read or write the underlying socket. BIO_puts() is supported but BIO_gets() is not.</p>
+
+<p>If the close flag is set then the socket is shut down and closed when the BIO is freed.</p>
+
+<p>BIO_new_socket() returns a socket BIO using <b>sock</b> and <b>close_flag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Socket BIOs also support any relevant functionality of file descriptor BIOs.</p>
+
+<p>The reason for having separate file descriptor and socket BIOs is that on some platforms sockets are not file descriptors and use distinct I/O routines, Windows is one such platform. Any code mixing the two will not work on all platforms.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_socket() returns the socket BIO method.</p>
+
+<p>BIO_new_socket() returns the newly allocated BIO or NULL is an error occurred.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_seek.html b/msys2/usr/share/doc/openssl/html/man3/BIO_seek.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_seek.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_bios.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_bios.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_bios.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_ip_family.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_ip_family.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_ip_family.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_name.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_name.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_name.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_port.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_port.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_accept_port.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_bind_mode.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_bind_mode.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_bind_mode.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_buffer_read_data.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_buffer_read_data.html
new file mode 100644
index 000000000..10477380d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_buffer_read_data.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_buffer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_buffer_num_lines, BIO_set_read_buffer_size, BIO_set_write_buffer_size, BIO_set_buffer_size, BIO_set_buffer_read_data, BIO_f_buffer - buffering BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_f_buffer(void);
+
+ long BIO_get_buffer_num_lines(BIO *b);
+ long BIO_set_read_buffer_size(BIO *b, long size);
+ long BIO_set_write_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_read_data(BIO *b, void *buf, long num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>Data written to a buffering BIO is buffered and periodically written to the next BIO in the chain. Data read from a buffering BIO comes from an internal buffer which is filled from the next BIO in the chain. Both BIO_gets() and BIO_puts() are supported.</p>
+
+<p>Calling BIO_reset() on a buffering BIO clears any buffered data.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines currently buffered.</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() set the read, write or both read and write buffer sizes to <b>size</b>. The initial buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared when the buffer is resized.</p>
+
+<p>BIO_set_buffer_read_data() clears the read buffer and fills it with <b>num</b> bytes of <b>buf</b>. If <b>num</b> is larger than the current buffer size the buffer is expanded.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions, other than BIO_f_buffer(), are implemented as macros.</p>
+
+<p>Buffering BIOs implement BIO_gets() by using BIO_read_ex() operations on the next BIO in the chain. By prepending a buffering BIO to a chain it is therefore possible to provide BIO_gets() functionality if the following BIOs do not support it (for example SSL BIOs).</p>
+
+<p>Data is only written to the next BIO in the chain when the write buffer fills or when BIO_flush() is called. It is therefore important to call BIO_flush() whenever any pending data should be written such as when removing a buffering BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate source/sink BIO is non blocking.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() return 1 if the buffer was successfully resized or 0 for failure.</p>
+
+<p>BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if there was an error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_pop.html">BIO_pop(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_buffer_size.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_buffer_size.html
new file mode 100644
index 000000000..10477380d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_buffer_size.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_buffer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_buffer_num_lines, BIO_set_read_buffer_size, BIO_set_write_buffer_size, BIO_set_buffer_size, BIO_set_buffer_read_data, BIO_f_buffer - buffering BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_f_buffer(void);
+
+ long BIO_get_buffer_num_lines(BIO *b);
+ long BIO_set_read_buffer_size(BIO *b, long size);
+ long BIO_set_write_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_read_data(BIO *b, void *buf, long num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>Data written to a buffering BIO is buffered and periodically written to the next BIO in the chain. Data read from a buffering BIO comes from an internal buffer which is filled from the next BIO in the chain. Both BIO_gets() and BIO_puts() are supported.</p>
+
+<p>Calling BIO_reset() on a buffering BIO clears any buffered data.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines currently buffered.</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() set the read, write or both read and write buffer sizes to <b>size</b>. The initial buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared when the buffer is resized.</p>
+
+<p>BIO_set_buffer_read_data() clears the read buffer and fills it with <b>num</b> bytes of <b>buf</b>. If <b>num</b> is larger than the current buffer size the buffer is expanded.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions, other than BIO_f_buffer(), are implemented as macros.</p>
+
+<p>Buffering BIOs implement BIO_gets() by using BIO_read_ex() operations on the next BIO in the chain. By prepending a buffering BIO to a chain it is therefore possible to provide BIO_gets() functionality if the following BIOs do not support it (for example SSL BIOs).</p>
+
+<p>Data is only written to the next BIO in the chain when the write buffer fills or when BIO_flush() is called. It is therefore important to call BIO_flush() whenever any pending data should be written such as when removing a buffering BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate source/sink BIO is non blocking.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() return 1 if the buffer was successfully resized or 0 for failure.</p>
+
+<p>BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if there was an error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_pop.html">BIO_pop(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback_arg.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback_arg.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback_arg.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback_ex.html
new file mode 100644
index 000000000..50bf3983d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_callback_ex.html
@@ -0,0 +1,251 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_set_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#CALLBACK-OPERATIONS">CALLBACK OPERATIONS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_callback_ex, BIO_get_callback_ex, BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg, BIO_debug_callback, BIO_callback_fn_ex, BIO_callback_fn - BIO callback functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+                                    size_t len, int argi,
+                                    long argl, int ret, size_t *processed);
+ typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+                                 long argl, long ret);
+
+ void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+ BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+
+ void BIO_set_callback(BIO *b, BIO_callback_fn cb);
+ BIO_callback_fn BIO_get_callback(BIO *b);
+ void BIO_set_callback_arg(BIO *b, char *arg);
+ char *BIO_get_callback_arg(const BIO *b);
+
+ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                         long argl, long ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_set_callback_ex() and BIO_get_callback_ex() set and retrieve the BIO callback. The callback is called during most high level BIO operations. It can be used for debugging purposes to trace operations on a BIO or to modify its operation.</p>
+
+<p>BIO_set_callback() and BIO_get_callback() set and retrieve the old format BIO callback. New code should not use these functions, but they are retained for backwards compatibility. Any callback set via BIO_set_callback_ex() will get called in preference to any set by BIO_set_callback().</p>
+
+<p>BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be used to set and retrieve an argument for use in the callback.</p>
+
+<p>BIO_debug_callback() is a standard debugging callback which prints out information relating to each BIO operation. If the callback argument is set it is interpreted as a BIO to send the information to, otherwise stderr is used.</p>
+
+<p>BIO_callback_fn_ex() is the type of the callback function and BIO_callback_fn() is the type of the old format callback function. The meaning of each argument is described below:</p>
+
+<dl>
+
+<dt id="b"><b>b</b></dt>
+<dd>
+
+<p>The BIO the callback is attached to is passed in <b>b</b>.</p>
+
+</dd>
+<dt id="oper"><b>oper</b></dt>
+<dd>
+
+<p><b>oper</b> is set to the operation being performed. For some operations the callback is called twice, once before and once after the actual operation, the latter case has <b>oper</b> or&#39;ed with BIO_CB_RETURN.</p>
+
+</dd>
+<dt id="len"><b>len</b></dt>
+<dd>
+
+<p>The length of the data requested to be read or written. This is only useful if <b>oper</b> is BIO_CB_READ, BIO_CB_WRITE or BIO_CB_GETS.</p>
+
+</dd>
+<dt id="argp-argi-argl"><b>argp</b> <b>argi</b> <b>argl</b></dt>
+<dd>
+
+<p>The meaning of the arguments <b>argp</b>, <b>argi</b> and <b>argl</b> depends on the value of <b>oper</b>, that is the operation being performed.</p>
+
+</dd>
+<dt id="processed"><b>processed</b></dt>
+<dd>
+
+<p><b>processed</b> is a pointer to a location which will be updated with the amount of data that was actually read or written. Only used for BIO_CB_READ, BIO_CB_WRITE, BIO_CB_GETS and BIO_CB_PUTS.</p>
+
+</dd>
+<dt id="ret"><b>ret</b></dt>
+<dd>
+
+<p><b>ret</b> is the return value that would be returned to the application if no callback were present. The actual value returned is the return value of the callback itself. In the case of callbacks called before the actual BIO operation 1 is placed in <b>ret</b>, if the return value is not positive it will be immediately returned to the application and the BIO operation will not be performed.</p>
+
+</dd>
+</dl>
+
+<p>The callback should normally simply return <b>ret</b> when it has finished processing, unless it specifically wishes to modify the value returned to the application.</p>
+
+<h1 id="CALLBACK-OPERATIONS">CALLBACK OPERATIONS</h1>
+
+<p>In the notes below, <b>callback</b> defers to the actual callback function that is called.</p>
+
+<dl>
+
+<dt id="BIO_free-b"><b>BIO_free(b)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L)</code></pre>
+
+<p>is called before the free operation.</p>
+
+</dd>
+<dt id="BIO_read_ex-b-data-dlen-readbytes"><b>BIO_read_ex(b, data, dlen, readbytes)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_READ, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ, data, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the read and</p>
+
+<pre><code> callback_ex(b, BIO_CB_READ | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_READ|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_write-b-data-dlen-written"><b>BIO_write(b, data, dlen, written)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE, data, dlen, 0, 0L, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE, datat, dlen, 0L, 1L)</code></pre>
+
+<p>is called before the write and</p>
+
+<pre><code> callback_ex(b, BIO_CB_WRITE | BIO_CB_RETURN, data, dlen, 0, 0L, retvalue,
+             &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_WRITE|BIO_CB_RETURN, data, dlen, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_gets-b-buf-size"><b>BIO_gets(b, buf, size)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_GETS, buf, size, 0, 0L, 1, NULL, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS, buf, size, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_GETS | BIO_CB_RETURN, buf, size, 0, 0L, retvalue,
+             &amp;readbytes)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_GETS|BIO_CB_RETURN, buf, size, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_puts-b-buf"><b>BIO_puts(b, buf)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS, buf, 0, 0, 0L, 1L, NULL);</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS, buf, 0, 0L, 1L)</code></pre>
+
+<p>is called before the operation and</p>
+
+<pre><code> callback_ex(b, BIO_CB_PUTS | BIO_CB_RETURN, buf, 0, 0, 0L, retvalue, &amp;written)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_PUTS|BIO_CB_RETURN, buf, 0, 0L, retvalue)</code></pre>
+
+<p>after.</p>
+
+</dd>
+<dt id="BIO_ctrl-BIO-b-int-cmd-long-larg-void-parg"><b>BIO_ctrl(BIO *b, int cmd, long larg, void *parg)</b></dt>
+<dd>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1L, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L)</code></pre>
+
+<p>is called before the call and</p>
+
+<pre><code> callback_ex(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL)</code></pre>
+
+<p>or</p>
+
+<pre><code> callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret)</code></pre>
+
+<p>after.</p>
+
+<p>Note: <b>cmd</b> == <b>BIO_CTRL_SET_CALLBACK</b> is special, because <b>parg</b> is not the argument of type <b>BIO_info_cb</b> itself. In this case <b>parg</b> is a pointer to the actual call parameter, see <b>BIO_callback_ctrl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO_debug_callback() function is a good example, its source is in crypto/bio/bio_cb.c</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_callback_ex() and BIO_get_callback() return the callback function previously set by a call to BIO_set_callback_ex() and BIO_set_callback() respectively.</p>
+
+<p>BIO_get_callback_arg() returns a <b>char</b> pointer to the value previously set via a call to BIO_set_callback_arg().</p>
+
+<p>BIO_debug_callback() returns 1 or <b>ret</b> if it&#39;s called after specific BIO operations.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_cipher.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_cipher.html
new file mode 100644
index 000000000..c344c9ade
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_cipher.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_cipher(void);
+ void BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher,
+                     unsigned char *key, unsigned char *iv, int enc);
+ int BIO_get_cipher_status(BIO *b)
+ int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_cipher() returns the cipher BIO method. This is a filter BIO that encrypts any data written through it, and decrypts any data read from it. It is a BIO wrapper for the cipher routines EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().</p>
+
+<p>Cipher BIOs do not support BIO_gets() or BIO_puts().</p>
+
+<p>BIO_flush() on an encryption BIO that is being written through is used to signal that no more data is to be encrypted: this is used to flush and possibly pad the final block through the BIO.</p>
+
+<p>BIO_set_cipher() sets the cipher of BIO <b>b</b> to <b>cipher</b> using key <b>key</b> and IV <b>iv</b>. <b>enc</b> should be set to 1 for encryption and zero for decryption.</p>
+
+<p>When reading from an encryption BIO the final block is automatically decrypted and checked when EOF is detected. BIO_get_cipher_status() is a BIO_ctrl() macro which can be called to determine whether the decryption operation was successful.</p>
+
+<p>BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal BIO cipher context. The retrieved context can be used in conjunction with the standard cipher routines to set it up. This is useful when BIO_set_cipher() is not flexible enough for the applications needs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When encrypting BIO_flush() <b>must</b> be called to flush the final block through the BIO. If it is not then the final block will fail a subsequent decrypt.</p>
+
+<p>When decrypting an error on the final block is signaled by a zero return value from the read operation. A successful decrypt followed by EOF will also return zero for the final read. BIO_get_cipher_status() should be called to determine if the decrypt was successful.</p>
+
+<p>As always, if BIO_gets() or BIO_puts() support is needed then it can be achieved by preceding the cipher BIO with a buffering BIO.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_cipher() returns the cipher BIO method.</p>
+
+<p>BIO_set_cipher() does not return a value.</p>
+
+<p>BIO_get_cipher_status() returns 1 for a successful decrypt and 0 for failure.</p>
+
+<p>BIO_get_cipher_ctx() currently always returns 1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_close.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_close.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_close.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_address.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_address.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_address.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_hostname.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_hostname.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_hostname.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_ip_family.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_ip_family.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_ip_family.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_port.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_port.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_conn_port.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_data.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_data.html
new file mode 100644
index 000000000..920691bbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_data.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_data, BIO_get_data, BIO_set_init, BIO_get_init, BIO_set_shutdown, BIO_get_shutdown - functions for managing BIO state information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ void BIO_set_data(BIO *a, void *ptr);
+ void *BIO_get_data(BIO *a);
+ void BIO_set_init(BIO *a, int init);
+ int BIO_get_init(BIO *a);
+ void BIO_set_shutdown(BIO *a, int shut);
+ int BIO_get_shutdown(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are mainly useful when implementing a custom BIO.</p>
+
+<p>The BIO_set_data() function associates the custom data pointed to by <b>ptr</b> with the BIO. This data can subsequently be retrieved via a call to BIO_get_data(). This can be used by custom BIOs for storing implementation specific information.</p>
+
+<p>The BIO_set_init() function sets the value of the BIO&#39;s &quot;init&quot; flag to indicate whether initialisation has been completed for this BIO or not. A non-zero value indicates that initialisation is complete, whilst zero indicates that it is not. Often initialisation will complete during initial construction of the BIO. For some BIOs however, initialisation may not complete until after additional steps have occurred (for example through calling custom ctrls). The BIO_get_init() function returns the value of the &quot;init&quot; flag.</p>
+
+<p>The BIO_set_shutdown() and BIO_get_shutdown() functions set and get the state of this BIO&#39;s shutdown (i.e. BIO_CLOSE) flag. If set then the underlying resource is also closed when the BIO is freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_data() returns a pointer to the implementation specific custom data associated with this BIO, or NULL if none has been set.</p>
+
+<p>BIO_get_init() returns the state of the BIO&#39;s init flag.</p>
+
+<p>BIO_get_shutdown() returns the stat of the BIO&#39;s shutdown (i.e. BIO_CLOSE) flag.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_meth_new.html">BIO_meth_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_fd.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_fd.html
new file mode 100644
index 000000000..2e57de134
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_fd.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd - file descriptor BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_fd(void);
+
+ int BIO_set_fd(BIO *b, int fd, int c);
+ int BIO_get_fd(BIO *b, int *c);
+
+ BIO *BIO_new_fd(int fd, int close_flag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_fd() returns the file descriptor BIO method. This is a wrapper round the platforms file descriptor routines such as read() and write().</p>
+
+<p>BIO_read_ex() and BIO_write_ex() read or write the underlying descriptor. BIO_puts() is supported but BIO_gets() is not.</p>
+
+<p>If the close flag is set then close() is called on the underlying file descriptor when the BIO is freed.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file such as by using <b>lseek(fd, 0, 0)</b>.</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file such as by using <b>lseek(fd, ofs, 0)</b>.</p>
+
+<p>BIO_tell() returns the current file position such as by calling <b>lseek(fd, 0, 1)</b>.</p>
+
+<p>BIO_set_fd() sets the file descriptor of BIO <b>b</b> to <b>fd</b> and the close flag to <b>c</b>.</p>
+
+<p>BIO_get_fd() places the file descriptor in <b>c</b> if it is not NULL, it also returns the file descriptor.</p>
+
+<p>BIO_new_fd() returns a file descriptor BIO using <b>fd</b> and <b>close_flag</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of BIO_read_ex() and BIO_write_ex() depends on the behavior of the platforms read() and write() calls on the descriptor. If the underlying file descriptor is in a non blocking mode then the BIO will behave in the manner described in the <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a> and <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> manual pages.</p>
+
+<p>File descriptor BIOs should not be used for socket I/O. Use socket BIOs instead.</p>
+
+<p>BIO_set_fd() and BIO_get_fd() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_fd() returns the file descriptor BIO method.</p>
+
+<p>BIO_set_fd() always returns 1.</p>
+
+<p>BIO_get_fd() returns the file descriptor or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_new_fd() returns the newly allocated BIO or NULL is an error occurred.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is a file descriptor BIO version of &quot;Hello World&quot;:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_fd(fileno(stdout), BIO_NOCLOSE);
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_fp.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_fp.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_fp.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_info_callback.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_info_callback.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_info_callback.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_init.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_init.html
new file mode 100644
index 000000000..920691bbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_init.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_data, BIO_get_data, BIO_set_init, BIO_get_init, BIO_set_shutdown, BIO_get_shutdown - functions for managing BIO state information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ void BIO_set_data(BIO *a, void *ptr);
+ void *BIO_get_data(BIO *a);
+ void BIO_set_init(BIO *a, int init);
+ int BIO_get_init(BIO *a);
+ void BIO_set_shutdown(BIO *a, int shut);
+ int BIO_get_shutdown(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are mainly useful when implementing a custom BIO.</p>
+
+<p>The BIO_set_data() function associates the custom data pointed to by <b>ptr</b> with the BIO. This data can subsequently be retrieved via a call to BIO_get_data(). This can be used by custom BIOs for storing implementation specific information.</p>
+
+<p>The BIO_set_init() function sets the value of the BIO&#39;s &quot;init&quot; flag to indicate whether initialisation has been completed for this BIO or not. A non-zero value indicates that initialisation is complete, whilst zero indicates that it is not. Often initialisation will complete during initial construction of the BIO. For some BIOs however, initialisation may not complete until after additional steps have occurred (for example through calling custom ctrls). The BIO_get_init() function returns the value of the &quot;init&quot; flag.</p>
+
+<p>The BIO_set_shutdown() and BIO_get_shutdown() functions set and get the state of this BIO&#39;s shutdown (i.e. BIO_CLOSE) flag. If set then the underlying resource is also closed when the BIO is freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_data() returns a pointer to the implementation specific custom data associated with this BIO, or NULL if none has been set.</p>
+
+<p>BIO_get_init() returns the state of the BIO&#39;s init flag.</p>
+
+<p>BIO_get_shutdown() returns the stat of the BIO&#39;s shutdown (i.e. BIO_CLOSE) flag.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_meth_new.html">BIO_meth_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_md.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_md.html
new file mode 100644
index 000000000..8ffe30797
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_md.html
@@ -0,0 +1,156 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ const BIO_METHOD *BIO_f_md(void);
+ int BIO_set_md(BIO *b, EVP_MD *md);
+ int BIO_get_md(BIO *b, EVP_MD **mdp);
+ int BIO_get_md_ctx(BIO *b, EVP_MD_CTX **mdcp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_md() returns the message digest BIO method. This is a filter BIO that digests any data passed through it, it is a BIO wrapper for the digest routines EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal().</p>
+
+<p>Any data written or read through a digest BIO using BIO_read_ex() and BIO_write_ex() is digested.</p>
+
+<p>BIO_gets(), if its <b>size</b> parameter is large enough finishes the digest calculation and returns the digest value. BIO_puts() is not supported.</p>
+
+<p>BIO_reset() reinitialises a digest BIO.</p>
+
+<p>BIO_set_md() sets the message digest of BIO <b>b</b> to <b>md</b>: this must be called to initialize a digest BIO before any data is passed through it. It is a BIO_ctrl() macro.</p>
+
+<p>BIO_get_md() places the a pointer to the digest BIOs digest method in <b>mdp</b>, it is a BIO_ctrl() macro.</p>
+
+<p>BIO_get_md_ctx() returns the digest BIOs context into <b>mdcp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The context returned by BIO_get_md_ctx() can be used in calls to EVP_DigestFinal() and also the signature routines EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>The context returned by BIO_get_md_ctx() is an internal context structure. Changes made to this context will affect the digest BIO itself and the context pointer will become invalid when the digest BIO is freed.</p>
+
+<p>After the digest has been retrieved from a digest BIO it must be reinitialized by calling BIO_reset(), or BIO_set_md() before any more data is passed through it.</p>
+
+<p>If an application needs to call BIO_gets() or BIO_puts() through a chain containing digest BIOs then this can be done by prepending a buffering BIO.</p>
+
+<p>Calling BIO_get_md_ctx() will return the context and initialize the BIO state. This allows applications to initialize the context externally if the standard calls such as BIO_set_md() are not sufficiently flexible.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_md() returns the digest BIO method.</p>
+
+<p>BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and 0 for failure.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example creates a BIO chain containing an SHA1 and MD5 digest BIO and passes the string &quot;Hello World&quot; through it. Error checking has been omitted for clarity.</p>
+
+<pre><code> BIO *bio, *mdtmp;
+ char message[] = &quot;Hello World&quot;;
+
+ bio = BIO_new(BIO_s_null());
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ /*
+  * For BIO_push() we want to append the sink BIO and keep a note of
+  * the start of the chain.
+  */
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ /* Note: mdtmp can now be discarded */
+ BIO_write(bio, message, strlen(message));</code></pre>
+
+<p>The next example digests data by reading through a chain instead:</p>
+
+<pre><code> BIO *bio, *mdtmp;
+ char buf[1024];
+ int rdlen;
+
+ bio = BIO_new_file(file, &quot;rb&quot;);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ do {
+     rdlen = BIO_read(bio, buf, sizeof(buf));
+     /* Might want to do something with the data here */
+ } while (rdlen &gt; 0);</code></pre>
+
+<p>This next example retrieves the message digests from a BIO chain and outputs them. This could be used with the examples above.</p>
+
+<pre><code> BIO *mdtmp;
+ unsigned char mdbuf[EVP_MAX_MD_SIZE];
+ int mdlen;
+ int i;
+
+ mdtmp = bio;   /* Assume bio has previously been set up */
+ do {
+     EVP_MD *md;
+
+     mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
+     if (!mdtmp)
+         break;
+     BIO_get_md(mdtmp, &amp;md);
+     printf(&quot;%s digest&quot;, OBJ_nid2sn(EVP_MD_type(md)));
+     mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
+     for (i = 0; i &lt; mdlen; i++) printf(&quot;:%02X&quot;, mdbuf[i]);
+     printf(&quot;\n&quot;);
+     mdtmp = BIO_next(mdtmp);
+ } while (mdtmp);
+
+ BIO_free_all(bio);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The lack of support for BIO_puts() and the non standard behaviour of BIO_gets() could be regarded as anomalous. It could be argued that BIO_gets() and BIO_puts() should be passed to the next BIO in the chain and digest the data passed through and that digests should be retrieved using a separate BIO_ctrl() call.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.0.0., the call to BIO_get_md_ctx() would only work if the BIO was initialized first.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_mem_buf.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_mem_buf.html
new file mode 100644
index 000000000..d307f64e7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_mem_buf.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_mem</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_secmem, BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf, BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_mem(void);
+ const BIO_METHOD *BIO_s_secmem(void);
+
+ BIO_set_mem_eof_return(BIO *b, int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+ BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c)
+ BIO_get_mem_ptr(BIO *b, BUF_MEM **pp)
+
+ BIO *BIO_new_mem_buf(const void *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_mem() returns the memory BIO method function.</p>
+
+<p>A memory BIO is a source/sink BIO which uses memory for its I/O. Data written to a memory BIO is stored in a BUF_MEM structure which is extended as appropriate to accommodate the stored data.</p>
+
+<p>BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used for buffer storage.</p>
+
+<p>Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only any data read from it is deleted from the BIO.</p>
+
+<p>Memory BIOs support BIO_gets() and BIO_puts().</p>
+
+<p>If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying BUF_MEM structure is also freed.</p>
+
+<p>Calling BIO_reset() on a read write memory BIO clears any data in it if the flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and the data can be read again.</p>
+
+<p>BIO_eof() is true if no data is in the BIO.</p>
+
+<p>BIO_ctrl_pending() returns the number of bytes currently stored.</p>
+
+<p>BIO_set_mem_eof_return() sets the behaviour of memory BIO <b>b</b> when it is empty. If the <b>v</b> is zero then an empty memory BIO will return EOF (that is it will return zero and BIO_should_retry(b) will be false. If <b>v</b> is non zero then it will return <b>v</b> when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value <b>v</b> should be set to a negative value, typically -1.</p>
+
+<p>BIO_get_mem_data() sets *<b>pp</b> to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro.</p>
+
+<p>BIO_set_mem_buf() sets the internal BUF_MEM structure to <b>bm</b> and sets the close flag to <b>c</b>, that is <b>c</b> should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro.</p>
+
+<p>BIO_get_mem_ptr() places the underlying BUF_MEM structure in *<b>pp</b>. It is a macro.</p>
+
+<p>BIO_new_mem_buf() creates a memory BIO using <b>len</b> bytes of data at <b>buf</b>, if <b>len</b> is -1 then the <b>buf</b> is assumed to be nul terminated and its length is determined by <b>strlen</b>. The BIO is set to a read only state and as a result cannot be written to. This is useful when some data needs to be made available from a static area of memory in the form of a BIO. The supplied data is read directly from the supplied buffer: it is <b>not</b> copied first, so the supplied area of memory must be unchanged until the BIO is freed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Writes to memory BIOs will always succeed if memory is available: that is their size can grow indefinitely.</p>
+
+<p>Every read from a read write memory BIO will remove the data just read with an internal copy operation, if a BIO contains a lot of data and it is read in small chunks the operation can be very slow. The use of a read only memory BIO avoids this problem. If the BIO must be read write then adding a buffering BIO to the chain will speed up the process.</p>
+
+<p>Calling BIO_set_mem_buf() on a BIO created with BIO_new_secmem() will give undefined results, including perhaps a program crash.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option to set the maximum size of a memory BIO.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO and write some data to it:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());
+
+ BIO_puts(mem, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Create a read only memory BIO:</p>
+
+<pre><code> char data[] = &quot;Hello World&quot;;
+ BIO *mem = BIO_new_mem_buf(data, -1);</code></pre>
+
+<p>Extract the BUF_MEM structure from a memory BIO and then free up the BIO:</p>
+
+<pre><code> BUF_MEM *bptr;
+
+ BIO_get_mem_ptr(mem, &amp;bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_mem() and BIO_s_secmem() return a valid memory <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_mem_buf() returns a valid <b>BIO</b> structure on success or NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_mem_eof_return.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_mem_eof_return.html
new file mode 100644
index 000000000..d307f64e7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_mem_eof_return.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_mem</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_secmem, BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf, BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_mem(void);
+ const BIO_METHOD *BIO_s_secmem(void);
+
+ BIO_set_mem_eof_return(BIO *b, int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+ BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c)
+ BIO_get_mem_ptr(BIO *b, BUF_MEM **pp)
+
+ BIO *BIO_new_mem_buf(const void *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_mem() returns the memory BIO method function.</p>
+
+<p>A memory BIO is a source/sink BIO which uses memory for its I/O. Data written to a memory BIO is stored in a BUF_MEM structure which is extended as appropriate to accommodate the stored data.</p>
+
+<p>BIO_s_secmem() is like BIO_s_mem() except that the secure heap is used for buffer storage.</p>
+
+<p>Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only any data read from it is deleted from the BIO.</p>
+
+<p>Memory BIOs support BIO_gets() and BIO_puts().</p>
+
+<p>If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying BUF_MEM structure is also freed.</p>
+
+<p>Calling BIO_reset() on a read write memory BIO clears any data in it if the flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and the data can be read again.</p>
+
+<p>BIO_eof() is true if no data is in the BIO.</p>
+
+<p>BIO_ctrl_pending() returns the number of bytes currently stored.</p>
+
+<p>BIO_set_mem_eof_return() sets the behaviour of memory BIO <b>b</b> when it is empty. If the <b>v</b> is zero then an empty memory BIO will return EOF (that is it will return zero and BIO_should_retry(b) will be false. If <b>v</b> is non zero then it will return <b>v</b> when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value <b>v</b> should be set to a negative value, typically -1.</p>
+
+<p>BIO_get_mem_data() sets *<b>pp</b> to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro.</p>
+
+<p>BIO_set_mem_buf() sets the internal BUF_MEM structure to <b>bm</b> and sets the close flag to <b>c</b>, that is <b>c</b> should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro.</p>
+
+<p>BIO_get_mem_ptr() places the underlying BUF_MEM structure in *<b>pp</b>. It is a macro.</p>
+
+<p>BIO_new_mem_buf() creates a memory BIO using <b>len</b> bytes of data at <b>buf</b>, if <b>len</b> is -1 then the <b>buf</b> is assumed to be nul terminated and its length is determined by <b>strlen</b>. The BIO is set to a read only state and as a result cannot be written to. This is useful when some data needs to be made available from a static area of memory in the form of a BIO. The supplied data is read directly from the supplied buffer: it is <b>not</b> copied first, so the supplied area of memory must be unchanged until the BIO is freed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Writes to memory BIOs will always succeed if memory is available: that is their size can grow indefinitely.</p>
+
+<p>Every read from a read write memory BIO will remove the data just read with an internal copy operation, if a BIO contains a lot of data and it is read in small chunks the operation can be very slow. The use of a read only memory BIO avoids this problem. If the BIO must be read write then adding a buffering BIO to the chain will speed up the process.</p>
+
+<p>Calling BIO_set_mem_buf() on a BIO created with BIO_new_secmem() will give undefined results, including perhaps a program crash.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>There should be an option to set the maximum size of a memory BIO.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO and write some data to it:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());
+
+ BIO_puts(mem, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Create a read only memory BIO:</p>
+
+<pre><code> char data[] = &quot;Hello World&quot;;
+ BIO *mem = BIO_new_mem_buf(data, -1);</code></pre>
+
+<p>Extract the BUF_MEM structure from a memory BIO and then free up the BIO:</p>
+
+<pre><code> BUF_MEM *bptr;
+
+ BIO_get_mem_ptr(mem, &amp;bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_mem() and BIO_s_secmem() return a valid memory <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_mem_buf() returns a valid <b>BIO</b> structure on success or NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_nbio.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_nbio.html
new file mode 100644
index 000000000..400c2818a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_nbio.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_conn_address, BIO_get_conn_address, BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port, BIO_set_conn_ip_family, BIO_get_conn_ip_family, BIO_get_conn_hostname, BIO_get_conn_port, BIO_set_nbio, BIO_do_connect - connect BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_address(BIO *b, BIO_ADDR *addr);
+ long BIO_set_conn_ip_family(BIO *b, long family);
+ const char *BIO_get_conn_hostname(BIO *b);
+ const char *BIO_get_conn_port(BIO *b);
+ const BIO_ADDR *BIO_get_conn_address(BIO *b);
+ const long BIO_get_conn_ip_family(BIO *b);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_connect() returns the connect BIO method. This is a wrapper round the platform&#39;s TCP/IP socket connection routines.</p>
+
+<p>Using connect BIOs, TCP/IP connections can be made and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on a connect BIO will perform I/O on the underlying connection. If no connection is established and the port and hostname (see below) is set up properly then a connection is established first.</p>
+
+<p>Connect BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on a connect BIO then any active connection is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on a connect BIO will close any active connection and reset the BIO into a state where it can connect to the same host again.</p>
+
+<p>BIO_get_fd() places the underlying socket in <b>c</b> if it is not NULL, it also returns the socket . If <b>c</b> is not NULL it should be of type (int *).</p>
+
+<p>BIO_set_conn_hostname() uses the string <b>name</b> to set the hostname. The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port.</p>
+
+<p>BIO_set_conn_port() sets the port to <b>port</b>. <b>port</b> can be the numerical form or a string such as &quot;http&quot;. A string will be looked up first using getservbyname() on the host platform but if that fails a standard table of port names will be used. This internal list is http, telnet, socks, https, ssl, ftp, and gopher.</p>
+
+<p>BIO_set_conn_address() sets the address and port information using a BIO_ADDR(3ssl).</p>
+
+<p>BIO_set_conn_ip_family() sets the IP family.</p>
+
+<p>BIO_get_conn_hostname() returns the hostname of the connect BIO or NULL if the BIO is initialized but no hostname is set. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_port() returns the port as a string. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_address() returns the address information as a BIO_ADDR. This return value is an internal pointer which should not be modified.</p>
+
+<p>BIO_get_conn_ip_family() returns the IP family of the connect BIO.</p>
+
+<p>BIO_set_nbio() sets the non blocking I/O flag to <b>n</b>. If <b>n</b> is zero then blocking I/O is set. If <b>n</b> is 1 then non blocking I/O is set. Blocking I/O is the default. The call to BIO_set_nbio() should be made before the connection is established because non blocking I/O is set during the connect process.</p>
+
+<p>BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into a single call: that is it creates a new connect BIO with <b>name</b>.</p>
+
+<p>BIO_do_connect() attempts to connect the supplied BIO. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If blocking I/O is set then a non positive return value from any I/O call is caused by an error condition, although a zero return will normally mean that the connection was closed.</p>
+
+<p>If the port name is supplied as part of the host name then this will override any value set with BIO_set_conn_port(). This may be undesirable if the application does not wish to allow connection to arbitrary ports. This can be avoided by checking for the presence of the &#39;:&#39; character in the passed hostname and either indicating an error or truncating the string at that point.</p>
+
+<p>The values returned by BIO_get_conn_hostname(), BIO_get_conn_address(), and BIO_get_conn_port() are updated when a connection attempt is made. Before any connection attempt the values returned are those set by the application itself.</p>
+
+<p>Applications do not have to call BIO_do_connect() but may wish to do so to separate the connection process from other I/O processing.</p>
+
+<p>If non blocking I/O is set then retries will be requested as appropriate.</p>
+
+<p>It addition to BIO_should_read() and BIO_should_write() it is also possible for BIO_should_io_special() to be true during the initial connection process with the reason BIO_RR_CONNECT. If this is returned then this is an indication that a connection attempt would block, the application should then take appropriate action to wait until the underlying socket has connected and retry the call.</p>
+
+<p>BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_get_conn_hostname(), BIO_set_conn_address(), BIO_get_conn_port(), BIO_get_conn_address(), BIO_set_conn_ip_family(), BIO_get_conn_ip_family(), BIO_set_nbio(), and BIO_do_connect() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_connect() returns the connect BIO method.</p>
+
+<p>BIO_get_fd() returns the socket or -1 if the BIO has not been initialized.</p>
+
+<p>BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() always return 1.</p>
+
+<p>BIO_set_conn_hostname() returns 1 on success and 0 on failure.</p>
+
+<p>BIO_get_conn_address() returns the address information or NULL if none was set.</p>
+
+<p>BIO_get_conn_hostname() returns the connected hostname or NULL if none was set.</p>
+
+<p>BIO_get_conn_ip_family() returns the address family or -1 if none was set.</p>
+
+<p>BIO_get_conn_port() returns a string representing the connected port or NULL if not set.</p>
+
+<p>BIO_set_nbio() always returns 1.</p>
+
+<p>BIO_do_connect() returns 1 if the connection was successfully established and 0 or -1 if the connection failed.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This is example connects to a webserver on the local host and attempts to retrieve a page and copy the result to standard output.</p>
+
+<pre><code> BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+
+ cbio = BIO_new_connect(&quot;localhost:http&quot;);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(cbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ BIO_puts(cbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(cbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set_conn_int_port(), BIO_get_conn_int_port(), BIO_set_conn_ip(), and BIO_get_conn_ip() were removed in OpenSSL 1.1.0. Use BIO_set_conn_address() and BIO_get_conn_address() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_nbio_accept.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_nbio_accept.html
new file mode 100644
index 000000000..c49b65130
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_nbio_accept.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_accept, BIO_set_accept_name, BIO_set_accept_port, BIO_get_accept_name, BIO_get_accept_port, BIO_new_accept, BIO_set_nbio_accept, BIO_set_accept_bios, BIO_get_peer_name, BIO_get_peer_port, BIO_get_accept_ip_family, BIO_set_accept_ip_family, BIO_set_bind_mode, BIO_get_bind_mode, BIO_do_accept - accept BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_name(BIO *b, char *name);
+ char *BIO_get_accept_name(BIO *b);
+
+ long BIO_set_accept_port(BIO *b, char *port);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ char *BIO_get_peer_name(BIO *b);
+ char *BIO_get_peer_port(BIO *b);
+ long BIO_get_accept_ip_family(BIO *b);
+ long BIO_set_accept_ip_family(BIO *b, long family);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b);
+
+ int BIO_do_accept(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_accept() returns the accept BIO method. This is a wrapper round the platform&#39;s TCP/IP socket accept routines.</p>
+
+<p>Using accept BIOs, TCP/IP connections can be accepted and data transferred using only BIO routines. In this way any platform specific operations are hidden by the BIO abstraction.</p>
+
+<p>Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up properly then the BIO waits for an incoming connection.</p>
+
+<p>Accept BIOs support BIO_puts() but not BIO_gets().</p>
+
+<p>If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed.</p>
+
+<p>Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection.</p>
+
+<p>BIO_get_fd() and BIO_set_fd() can be called to retrieve or set the accept socket. See <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a></p>
+
+<p>BIO_set_accept_name() uses the string <b>name</b> to set the accept name. The name is represented as a string of the form &quot;host:port&quot;, where &quot;host&quot; is the interface to use and &quot;port&quot; is the port. The host can be &quot;*&quot; or empty which is interpreted as meaning any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example &quot;[::1]:https&quot;. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_set_accept_port() uses the string <b>port</b> to set the accept port. &quot;port&quot; has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a string to lookup using getservbyname() and a string table.</p>
+
+<p>BIO_new_accept() combines BIO_new() and BIO_set_accept_name() into a single call: that is it creates a new accept BIO with port <b>host_port</b>.</p>
+
+<p>BIO_set_nbio_accept() sets the accept socket to blocking mode (the default) if <b>n</b> is 0 or non blocking mode if <b>n</b> is 1.</p>
+
+<p>BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and prepended to the chain when an incoming connection is received. This is useful if, for example, a buffering or SSL BIO is required for each connection. The chain of BIOs must not be freed after this call, they will be automatically freed when the accept BIO is freed.</p>
+
+<p>BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve the current bind mode. If <b>BIO_BIND_NORMAL</b> (the default) is set then another socket cannot be bound to the same port. If <b>BIO_BIND_REUSEADDR</b> is set then other sockets can bind to the same port. If <b>BIO_BIND_REUSEADDR_IF_UNUSED</b> is set then and attempt is first made to use BIO_BIN_NORMAL, if this fails and the port is not in use then a second attempt is made using <b>BIO_BIND_REUSEADDR</b>.</p>
+
+<p>BIO_do_accept() serves two functions. When it is first called, after the accept BIO has been setup, it will attempt to create the accept socket and bind an address to it. Second and subsequent calls to BIO_do_accept() will await an incoming connection, or request a retry in non blocking mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When an accept BIO is at the end of a chain it will await an incoming connection before processing I/O calls. When an accept BIO is not at then end of a chain it passes I/O calls to the next BIO in the chain.</p>
+
+<p>When a connection is established a new socket BIO is created for the connection and appended to the chain. That is the chain is now accept-&gt;socket. This effectively means that attempting I/O on an initial accept socket will await an incoming connection then perform I/O on it.</p>
+
+<p>If any additional BIOs have been set using BIO_set_accept_bios() then they are placed between the socket and the accept BIO, that is the chain will be accept-&gt;otherbios-&gt;socket.</p>
+
+<p>If a server wishes to process multiple connections (as is normally the case) then the accept BIO must be made available for further incoming connections. This can be done by waiting for a connection and then calling:</p>
+
+<pre><code> connection = BIO_pop(accept);</code></pre>
+
+<p>After this call <b>connection</b> will contain a BIO for the recently established connection and <b>accept</b> will now be a single BIO again which can be used to await further incoming connections. If no further connections will be accepted the <b>accept</b> can be freed using BIO_free().</p>
+
+<p>If only a single connection will be processed it is possible to perform I/O using the accept BIO itself. This is often undesirable however because the accept BIO will still accept additional incoming connections. This can be resolved by using BIO_pop() (see above) and freeing up the accept BIO after the initial connection.</p>
+
+<p>If the underlying accept socket is non-blocking and BIO_do_accept() is called to await an incoming connection it is possible for BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens then it is an indication that an accept attempt would block: the application should take appropriate action to wait until the underlying socket has accepted a connection and retry the call.</p>
+
+<p>BIO_set_accept_name(), BIO_get_accept_name(), BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_get_peer_name(), BIO_get_peer_port(), BIO_get_accept_ip_family(), BIO_set_accept_ip_family(), BIO_set_bind_mode(), BIO_get_bind_mode() and BIO_do_accept() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() return 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error.</p>
+
+<p>BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. BIO_get_accept_ip_family() returns the IP family or -1 on error.</p>
+
+<p>BIO_get_bind_mode() returns the set of <b>BIO_BIND</b> flags, or -1 on failure.</p>
+
+<p>BIO_new_accept() returns a BIO or NULL on error.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example accepts two connections on port 4444, sends messages down each and finally closes both down.</p>
+
+<pre><code> BIO *abio, *cbio, *cbio2;
+
+ /* First call to BIO_accept() sets up accept BIO */
+ abio = BIO_new_accept(&quot;4444&quot;);
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Wait for incoming connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 1 established\n&quot;);
+
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, &quot;Connection 1: Sending out Data on initial connection\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 1\n&quot;);
+
+ /* Wait for another connection */
+ if (BIO_do_accept(abio) &lt;= 0) {
+     fprintf(stderr, &quot;Error accepting connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ fprintf(stderr, &quot;Connection 2 established\n&quot;);
+
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, &quot;Connection 2: Sending out Data on second\n&quot;);
+ fprintf(stderr, &quot;Sent out data on connection 2\n&quot;);
+
+ BIO_puts(cbio, &quot;Connection 1: Second connection established\n&quot;);
+
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_next.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_next.html
new file mode 100644
index 000000000..8326ef222
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_next.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_push</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_push, BIO_pop, BIO_set_next - add and remove BIOs from a chain</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *BIO_push(BIO *b, BIO *append);
+ BIO *BIO_pop(BIO *b);
+ void BIO_set_next(BIO *b, BIO *next);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_push() function appends the BIO <b>append</b> to <b>b</b>, it returns <b>b</b>.</p>
+
+<p>BIO_pop() removes the BIO <b>b</b> from a chain and returns the next BIO in the chain, or NULL if there is no next BIO. The removed BIO then becomes a single BIO with no association with the original chain, it can thus be freed or attached to a different chain.</p>
+
+<p>BIO_set_next() replaces the existing next BIO in a chain with the BIO pointed to by <b>next</b>. The new chain may include some of the same BIOs from the old chain or it may be completely different.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The names of these functions are perhaps a little misleading. BIO_push() joins two BIO chains whereas BIO_pop() deletes a single BIO from a chain, the deleted BIO does not need to be at the end of a chain.</p>
+
+<p>The process of calling BIO_push() and BIO_pop() on a BIO may have additional consequences (a control call is made to the affected BIOs) any effects will be noted in the descriptions of individual BIOs.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>For these examples suppose <b>md1</b> and <b>md2</b> are digest BIOs, <b>b64</b> is a base64 BIO and <b>f</b> is a file BIO.</p>
+
+<p>If the call:</p>
+
+<pre><code> BIO_push(b64, f);</code></pre>
+
+<p>is made then the new chain will be <b>b64-f</b>. After making the calls</p>
+
+<pre><code> BIO_push(md2, b64);
+ BIO_push(md1, md2);</code></pre>
+
+<p>the new chain is <b>md1-md2-b64-f</b>. Data written to <b>md1</b> will be digested by <b>md1</b> and <b>md2</b>, <b>base64</b> encoded and written to <b>f</b>.</p>
+
+<p>It should be noted that reading causes data to pass in the reverse direction, that is data is read from <b>f</b>, base64 <b>decoded</b> and digested by <b>md1</b> and <b>md2</b>. If the call:</p>
+
+<pre><code> BIO_pop(md2);</code></pre>
+
+<p>The call will return <b>b64</b> and the new chain will be <b>md1-b64-f</b> data can be written to <b>md1</b> as before.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_push() returns the end of the chain, <b>b</b>.</p>
+
+<p>BIO_pop() returns the next BIO in the chain, or NULL if there is no next BIO.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_set_next() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_read_buffer_size.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_read_buffer_size.html
new file mode 100644
index 000000000..10477380d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_read_buffer_size.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_buffer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_buffer_num_lines, BIO_set_read_buffer_size, BIO_set_write_buffer_size, BIO_set_buffer_size, BIO_set_buffer_read_data, BIO_f_buffer - buffering BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_f_buffer(void);
+
+ long BIO_get_buffer_num_lines(BIO *b);
+ long BIO_set_read_buffer_size(BIO *b, long size);
+ long BIO_set_write_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_read_data(BIO *b, void *buf, long num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>Data written to a buffering BIO is buffered and periodically written to the next BIO in the chain. Data read from a buffering BIO comes from an internal buffer which is filled from the next BIO in the chain. Both BIO_gets() and BIO_puts() are supported.</p>
+
+<p>Calling BIO_reset() on a buffering BIO clears any buffered data.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines currently buffered.</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() set the read, write or both read and write buffer sizes to <b>size</b>. The initial buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared when the buffer is resized.</p>
+
+<p>BIO_set_buffer_read_data() clears the read buffer and fills it with <b>num</b> bytes of <b>buf</b>. If <b>num</b> is larger than the current buffer size the buffer is expanded.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions, other than BIO_f_buffer(), are implemented as macros.</p>
+
+<p>Buffering BIOs implement BIO_gets() by using BIO_read_ex() operations on the next BIO in the chain. By prepending a buffering BIO to a chain it is therefore possible to provide BIO_gets() functionality if the following BIOs do not support it (for example SSL BIOs).</p>
+
+<p>Data is only written to the next BIO in the chain when the write buffer fills or when BIO_flush() is called. It is therefore important to call BIO_flush() whenever any pending data should be written such as when removing a buffering BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate source/sink BIO is non blocking.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() return 1 if the buffer was successfully resized or 0 for failure.</p>
+
+<p>BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if there was an error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_pop.html">BIO_pop(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_retry_reason.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_retry_reason.html
new file mode 100644
index 000000000..19927d973
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_retry_reason.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_should_retry</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_should_read(BIO *b);
+ int BIO_should_write(BIO *b);
+ int BIO_should_io_special(iBIO *b);
+ int BIO_retry_type(BIO *b);
+ int BIO_should_retry(BIO *b);
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+ void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
+
+<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
+
+<p>If BIO_should_retry() is false then the cause is an error condition.</p>
+
+<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
+
+<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
+
+<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
+
+<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
+
+<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
+
+<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
+
+<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
+
+<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
+
+<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
+
+<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
+
+<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
+
+<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
+
+<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
+
+<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_shutdown.html
new file mode 100644
index 000000000..920691bbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_shutdown.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_set_data, BIO_get_data, BIO_set_init, BIO_get_init, BIO_set_shutdown, BIO_get_shutdown - functions for managing BIO state information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ void BIO_set_data(BIO *a, void *ptr);
+ void *BIO_get_data(BIO *a);
+ void BIO_set_init(BIO *a, int init);
+ int BIO_get_init(BIO *a);
+ void BIO_set_shutdown(BIO *a, int shut);
+ int BIO_get_shutdown(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are mainly useful when implementing a custom BIO.</p>
+
+<p>The BIO_set_data() function associates the custom data pointed to by <b>ptr</b> with the BIO. This data can subsequently be retrieved via a call to BIO_get_data(). This can be used by custom BIOs for storing implementation specific information.</p>
+
+<p>The BIO_set_init() function sets the value of the BIO&#39;s &quot;init&quot; flag to indicate whether initialisation has been completed for this BIO or not. A non-zero value indicates that initialisation is complete, whilst zero indicates that it is not. Often initialisation will complete during initial construction of the BIO. For some BIOs however, initialisation may not complete until after additional steps have occurred (for example through calling custom ctrls). The BIO_get_init() function returns the value of the &quot;init&quot; flag.</p>
+
+<p>The BIO_set_shutdown() and BIO_get_shutdown() functions set and get the state of this BIO&#39;s shutdown (i.e. BIO_CLOSE) flag. If set then the underlying resource is also closed when the BIO is freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_get_data() returns a pointer to the implementation specific custom data associated with this BIO, or NULL if none has been set.</p>
+
+<p>BIO_get_init() returns the state of the BIO&#39;s init flag.</p>
+
+<p>BIO_get_shutdown() returns the stat of the BIO&#39;s shutdown (i.e. BIO_CLOSE) flag.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a>, <a href="/../man3/BIO_meth_new.html">BIO_meth_new</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_mode.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_mode.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_mode.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_renegotiate_bytes.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_renegotiate_bytes.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_renegotiate_bytes.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_renegotiate_timeout.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_renegotiate_timeout.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_ssl_renegotiate_timeout.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_write_buf_size.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_write_buf_size.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_write_buf_size.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_set_write_buffer_size.html b/msys2/usr/share/doc/openssl/html/man3/BIO_set_write_buffer_size.html
new file mode 100644
index 000000000..10477380d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_set_write_buffer_size.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_buffer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_buffer_num_lines, BIO_set_read_buffer_size, BIO_set_write_buffer_size, BIO_set_buffer_size, BIO_set_buffer_read_data, BIO_f_buffer - buffering BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_f_buffer(void);
+
+ long BIO_get_buffer_num_lines(BIO *b);
+ long BIO_set_read_buffer_size(BIO *b, long size);
+ long BIO_set_write_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_size(BIO *b, long size);
+ long BIO_set_buffer_read_data(BIO *b, void *buf, long num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>Data written to a buffering BIO is buffered and periodically written to the next BIO in the chain. Data read from a buffering BIO comes from an internal buffer which is filled from the next BIO in the chain. Both BIO_gets() and BIO_puts() are supported.</p>
+
+<p>Calling BIO_reset() on a buffering BIO clears any buffered data.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines currently buffered.</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() set the read, write or both read and write buffer sizes to <b>size</b>. The initial buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared when the buffer is resized.</p>
+
+<p>BIO_set_buffer_read_data() clears the read buffer and fills it with <b>num</b> bytes of <b>buf</b>. If <b>num</b> is larger than the current buffer size the buffer is expanded.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions, other than BIO_f_buffer(), are implemented as macros.</p>
+
+<p>Buffering BIOs implement BIO_gets() by using BIO_read_ex() operations on the next BIO in the chain. By prepending a buffering BIO to a chain it is therefore possible to provide BIO_gets() functionality if the following BIOs do not support it (for example SSL BIOs).</p>
+
+<p>Data is only written to the next BIO in the chain when the write buffer fills or when BIO_flush() is called. It is therefore important to call BIO_flush() whenever any pending data should be written such as when removing a buffering BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate source/sink BIO is non blocking.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_buffer() returns the buffering BIO method.</p>
+
+<p>BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).</p>
+
+<p>BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() return 1 if the buffer was successfully resized or 0 for failure.</p>
+
+<p>BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if there was an error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_pop.html">BIO_pop(3)</a>, <a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_should_io_special.html b/msys2/usr/share/doc/openssl/html/man3/BIO_should_io_special.html
new file mode 100644
index 000000000..19927d973
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_should_io_special.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_should_retry</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_should_read(BIO *b);
+ int BIO_should_write(BIO *b);
+ int BIO_should_io_special(iBIO *b);
+ int BIO_retry_type(BIO *b);
+ int BIO_should_retry(BIO *b);
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+ void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
+
+<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
+
+<p>If BIO_should_retry() is false then the cause is an error condition.</p>
+
+<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
+
+<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
+
+<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
+
+<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
+
+<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
+
+<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
+
+<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
+
+<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
+
+<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
+
+<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
+
+<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
+
+<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
+
+<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
+
+<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_should_read.html b/msys2/usr/share/doc/openssl/html/man3/BIO_should_read.html
new file mode 100644
index 000000000..19927d973
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_should_read.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_should_retry</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_should_read(BIO *b);
+ int BIO_should_write(BIO *b);
+ int BIO_should_io_special(iBIO *b);
+ int BIO_retry_type(BIO *b);
+ int BIO_should_retry(BIO *b);
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+ void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
+
+<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
+
+<p>If BIO_should_retry() is false then the cause is an error condition.</p>
+
+<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
+
+<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
+
+<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
+
+<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
+
+<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
+
+<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
+
+<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
+
+<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
+
+<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
+
+<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
+
+<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
+
+<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
+
+<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
+
+<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_should_retry.html b/msys2/usr/share/doc/openssl/html/man3/BIO_should_retry.html
new file mode 100644
index 000000000..19927d973
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_should_retry.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_should_retry</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_should_read(BIO *b);
+ int BIO_should_write(BIO *b);
+ int BIO_should_io_special(iBIO *b);
+ int BIO_retry_type(BIO *b);
+ int BIO_should_retry(BIO *b);
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+ void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
+
+<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
+
+<p>If BIO_should_retry() is false then the cause is an error condition.</p>
+
+<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
+
+<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
+
+<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
+
+<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
+
+<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
+
+<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
+
+<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
+
+<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
+
+<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
+
+<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
+
+<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
+
+<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
+
+<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
+
+<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_should_write.html b/msys2/usr/share/doc/openssl/html/man3/BIO_should_write.html
new file mode 100644
index 000000000..19927d973
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_should_write.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_should_retry</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_should_read, BIO_should_write, BIO_should_io_special, BIO_retry_type, BIO_should_retry, BIO_get_retry_BIO, BIO_get_retry_reason, BIO_set_retry_reason - BIO retry functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_should_read(BIO *b);
+ int BIO_should_write(BIO *b);
+ int BIO_should_io_special(iBIO *b);
+ int BIO_retry_type(BIO *b);
+ int BIO_should_retry(BIO *b);
+
+ BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+ int BIO_get_retry_reason(BIO *bio);
+ void BIO_set_retry_reason(BIO *bio, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions determine why a BIO is not able to read or write data. They will typically be called after a failed BIO_read_ex() or BIO_write_ex() call.</p>
+
+<p>BIO_should_retry() is true if the call that produced this condition should then be retried at a later time.</p>
+
+<p>If BIO_should_retry() is false then the cause is an error condition.</p>
+
+<p>BIO_should_read() is true if the cause of the condition is that the BIO has insufficient data to return. Check for readability and/or retry the last operation.</p>
+
+<p>BIO_should_write() is true if the cause of the condition is that the BIO has pending data to write. Check for writability and/or retry the last operation.</p>
+
+<p>BIO_should_io_special() is true if some &quot;special&quot; condition, that is a reason other than reading or writing is the cause of the condition.</p>
+
+<p>BIO_retry_type() returns a mask of the cause of a retry condition consisting of the values <b>BIO_FLAGS_READ</b>, <b>BIO_FLAGS_WRITE</b>, <b>BIO_FLAGS_IO_SPECIAL</b> though current BIO types will only set one of these.</p>
+
+<p>BIO_get_retry_BIO() determines the precise reason for the special condition, it returns the BIO that caused this condition and if <b>reason</b> is not NULL it contains the reason code. The meaning of the reason code and the action that should be taken depends on the type of BIO that resulted in this condition.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition if passed the relevant BIO, for example as returned by BIO_get_retry_BIO().</p>
+
+<p>BIO_set_retry_reason() sets the retry reason for a special condition for a given BIO. This would usually only be called by BIO implementations.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), BIO_retry_type(), and BIO_should_retry(), are implemented as macros.</p>
+
+<p>If BIO_should_retry() returns false then the precise &quot;error condition&quot; depends on the BIO type that caused it and the return code of the BIO operation. For example if a call to BIO_read_ex() on a socket BIO returns 0 and BIO_should_retry() is false then the cause will be that the connection closed. A similar condition on a file BIO will mean that it has reached EOF. Some BIO types may place additional information on the error queue. For more details see the individual BIO type manual pages.</p>
+
+<p>If the underlying I/O structure is in a blocking mode almost all current BIO types will not request a retry, because the underlying I/O calls will not. If the application knows that the BIO type will never signal a retry then it need not call BIO_should_retry() after a failed BIO I/O call. This is typically done with file BIOs.</p>
+
+<p>SSL BIOs are the only current exception to this rule: they can request a retry even if the underlying I/O structure is blocking, if a handshake occurs during a call to BIO_read(). An application can retry the failed call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY on the underlying SSL structure.</p>
+
+<p>While an application may retry a failed non blocking call immediately this is likely to be very inefficient because the call will fail repeatedly until data can be processed or is available. An application will normally wait until the necessary condition is satisfied. How this is done depends on the underlying I/O structure.</p>
+
+<p>For example if the cause is ultimately a socket and BIO_should_read() is true then a call to select() may be made to wait until data is available and then retry the BIO operation. By combining the retry conditions of several non blocking BIOs in a single select() call it is possible to service several BIOs in a single thread, though the performance may be poor if SSL BIOs are present because long delays can occur during the initial handshake process.</p>
+
+<p>It is possible for a BIO to block indefinitely if the underlying I/O structure cannot process or return any data. This depends on the behaviour of the platforms I/O functions. This is often not desirable: one solution is to use non blocking I/O and use a timeout on the select() (or equivalent) call.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O: that is they cannot retry after a partial read or write. This is usually worked around by only passing the relevant data to ASN1 functions when the entire structure can be read or written.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_should_read(), BIO_should_write(), BIO_should_io_special(), and BIO_should_retry() return either 1 or 0 based on the actual conditions of the <b>BIO</b>.</p>
+
+<p>BIO_retry_type() returns a flag combination presenting the cause of a retry condition or false if there is no retry condition.</p>
+
+<p>BIO_get_retry_BIO() returns a valid <b>BIO</b> structure.</p>
+
+<p>BIO_get_retry_reason() returns the reason for a special condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man7/bio.html">bio</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BIO_get_retry_reason() and BIO_set_retry_reason() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_shutdown_wr.html b/msys2/usr/share/doc/openssl/html/man3/BIO_shutdown_wr.html
new file mode 100644
index 000000000..fc36b7e75
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_shutdown_wr.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair, BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request, BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_bio(void);
+
+ int BIO_make_bio_pair(BIO *b1, BIO *b2);
+ int BIO_destroy_bio_pair(BIO *b);
+ int BIO_shutdown_wr(BIO *b);
+
+ int BIO_set_write_buf_size(BIO *b, long size);
+ size_t BIO_get_write_buf_size(BIO *b, long size);
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ int BIO_get_write_guarantee(BIO *b);
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+ int BIO_get_read_request(BIO *b);
+ size_t BIO_ctrl_get_read_request(BIO *b);
+ int BIO_ctrl_reset_read_request(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink BIOs where data written to either half of the pair is buffered and can be read from the other half. Both halves must usually by handled by the same application thread since no locking is done on the internal data structures.</p>
+
+<p>Since BIO chains typically end in a source/sink BIO it is possible to make this one half of a BIO pair and have all the data processed by the chain under application control.</p>
+
+<p>One typical use of BIO pairs is to place TLS/SSL I/O under application control, this can be used when the application wishes to use a non standard transport for TLS/SSL or the normal socket routines are inappropriate.</p>
+
+<p>Calls to BIO_read_ex() will read data from the buffer or request a retry if no data is available.</p>
+
+<p>Calls to BIO_write_ex() will place data in the buffer or request a retry if the buffer is full.</p>
+
+<p>The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to determine the amount of pending data in the read or write buffer.</p>
+
+<p>BIO_reset() clears any data in the write buffer.</p>
+
+<p>BIO_make_bio_pair() joins two separate BIOs into a connected pair.</p>
+
+<p>BIO_destroy_pair() destroys the association between two connected BIOs. Freeing up any half of the pair will automatically destroy the association.</p>
+
+<p>BIO_shutdown_wr() is used to close down a BIO <b>b</b>. After this call no further writes on BIO <b>b</b> are allowed (they will return an error). Reads on the other half of the pair will return any pending data or EOF when all pending data has been read.</p>
+
+<p>BIO_set_write_buf_size() sets the write buffer size of BIO <b>b</b> to <b>size</b>. If the size is not initialized a default value is used. This is currently 17K, sufficient for a maximum size TLS record.</p>
+
+<p>BIO_get_write_buf_size() returns the size of the write buffer.</p>
+
+<p>BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and BIO_set_write_buf_size() to create a connected pair of BIOs <b>bio1</b>, <b>bio2</b> with write buffer sizes <b>writebuf1</b> and <b>writebuf2</b>. If either size is zero then the default size is used. BIO_new_bio_pair() does not check whether <b>bio1</b> or <b>bio2</b> do point to some other BIO, the values are overwritten, BIO_free() is not called.</p>
+
+<p>BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum length of data that can be currently written to the BIO. Writes larger than this value will return a value from BIO_write_ex() less than the amount requested or if the buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function whereas BIO_get_write_guarantee() is a macro.</p>
+
+<p>BIO_get_read_request() and BIO_ctrl_get_read_request() return the amount of data requested, or the buffer size if it is less, if the last read attempt at the other half of the BIO pair failed due to an empty buffer. This can be used to determine how much data should be written to the BIO so the next read will succeed: this is most useful in TLS/SSL applications where the amount of data read is usually meaningful rather than just a buffer size. After a successful read this call will return zero. It also will return zero once new data has been written satisfying the read request or part of it. Note that BIO_get_read_request() never returns an amount larger than that returned by BIO_get_write_guarantee().</p>
+
+<p>BIO_ctrl_reset_read_request() can also be used to reset the value returned by BIO_get_read_request() to zero.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Both halves of a BIO pair should be freed. That is even if one half is implicit freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.</p>
+
+<p>When used in bidirectional applications (such as TLS/SSL) care should be taken to flush any data in the write buffer. This can be done by calling BIO_pending() on the other half of the pair and, if any data is pending, reading it and sending it to the underlying transport. This must be done before any normal processing (such as calling select() ) due to a request and BIO_should_read() being true.</p>
+
+<p>To see why this is important consider a case where a request is sent using BIO_write_ex() and a response read with BIO_read_ex(), this can occur during an TLS/SSL handshake for example. BIO_write_ex() will succeed and place data in the write buffer. BIO_read_ex() will initially fail and BIO_should_read() will be true. If the application then waits for data to be available on the underlying transport before flushing the write buffer it will never succeed because the request was never sent!</p>
+
+<p>BIO_eof() is true if no data is in the peer BIO and the peer BIO has been shutdown.</p>
+
+<p>BIO_make_bio_pair(), BIO_destroy_bio_pair(), BIO_shutdown_wr(), BIO_set_write_buf_size(), BIO_get_write_buf_size(), BIO_get_write_guarantee(), and BIO_get_read_request() are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new_bio_pair() returns 1 on success, with the new BIOs available in <b>bio1</b> and <b>bio2</b>, or 0 on failure, with NULL pointers stored into the locations for <b>bio1</b> and <b>bio2</b>. Check the error stack for more information.</p>
+
+<p>[XXXXX: More return values need to be added here]</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>The BIO pair can be used to have full control over the network access of an application. The application can call select() on the socket as required without having to go through the SSL-interface.</p>
+
+<pre><code> BIO *internal_bio, *network_bio;
+
+ ...
+ BIO_new_bio_pair(&amp;internal_bio, 0, &amp;network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations(); /* e.g SSL_read and SSL_write */
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------&gt; SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+             |   BIO-pair (network_bio)
+             |     ||     /\
+             |     \/     ||
+    +-----------&lt; BIO_operations()
+    |        |
+    |        |
+   socket
+
+  ...
+  SSL_free(ssl);                /* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...</code></pre>
+
+<p>As the BIO pair will only buffer the data and never directly access the connection, it behaves non-blocking and will return as soon as the write buffer is full or the read buffer is drained. Then the application has to flush the write buffer and/or fill the read buffer.</p>
+
+<p>Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO and must be transferred to the network. Use BIO_ctrl_get_read_request() to find out, how many bytes must be written into the buffer before the SSL_operation() can successfully be continued.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as the peer might be waiting for the data before being able to continue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_snprintf.html b/msys2/usr/share/doc/openssl/html/man3/BIO_snprintf.html
new file mode 100644
index 000000000..af1b25f8d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_snprintf.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_printf</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_printf, BIO_vprintf, BIO_snprintf, BIO_vsnprintf - formatted output to a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_printf(BIO *bio, const char *format, ...)
+ int BIO_vprintf(BIO *bio, const char *format, va_list args)
+
+ int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_printf() is similar to the standard C printf() function, except that the output is sent to the specified BIO, <b>bio</b>, rather than standard output. All common format specifiers are supported.</p>
+
+<p>BIO_vprintf() is similar to the vprintf() function found on many platforms, the output is sent to the specified BIO, <b>bio</b>, rather than standard output. All common format specifiers are supported. The argument list <b>args</b> is a stdarg argument list.</p>
+
+<p>BIO_snprintf() is for platforms that do not have the common snprintf() function. It is like sprintf() except that the size parameter, <b>n</b>, specifies the size of the output buffer.</p>
+
+<p>BIO_vsnprintf() is to BIO_snprintf() as BIO_vprintf() is to BIO_printf().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions return the number of bytes written, or -1 on error. For BIO_snprintf() and BIO_vsnprintf() this includes when the output buffer is too small.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_socket.html b/msys2/usr/share/doc/openssl/html/man3/BIO_socket.html
new file mode 100644
index 000000000..5f38b0655
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_socket.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_socket, BIO_bind, BIO_connect, BIO_listen, BIO_accept_ex, BIO_closesocket - BIO socket communication setup routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_socket(int domain, int socktype, int protocol, int options);
+ int BIO_bind(int sock, const BIO_ADDR *addr, int options);
+ int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+ int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+ int BIO_accept_ex(int accept_sock, BIO_ADDR *peer, int options);
+ int BIO_closesocket(int sock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_socket() creates a socket in the domain <b>domain</b>, of type <b>socktype</b> and <b>protocol</b>. Socket <b>options</b> are currently unused, but is present for future use.</p>
+
+<p>BIO_bind() binds the source address and service to a socket and may be useful before calling BIO_connect(). The options may include <b>BIO_SOCK_REUSADDR</b>, which is described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_connect() connects <b>sock</b> to the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b> and <b>BIO_SOCK_NODELAY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_listen() has <b>sock</b> start listening on the address and service given by <b>addr</b>. Connection <b>options</b> may be zero or any combination of <b>BIO_SOCK_KEEPALIVE</b>, <b>BIO_SOCK_NONBLOCK</b>, <b>BIO_SOCK_NODELAY</b>, <b>BIO_SOCK_REUSEADDR</b> and <b>BIO_SOCK_V6_ONLY</b>. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_accept_ex() waits for an incoming connections on the given socket <b>accept_sock</b>. When it gets a connection, the address and port of the peer gets stored in <b>peer</b> if that one is non-NULL. Accept <b>options</b> may be zero or <b>BIO_SOCK_NONBLOCK</b>, and is applied on the accepted socket. The flags are described in <a href="#FLAGS">&quot;FLAGS&quot;</a> below.</p>
+
+<p>BIO_closesocket() closes <b>sock</b>.</p>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<dl>
+
+<dt id="BIO_SOCK_KEEPALIVE">BIO_SOCK_KEEPALIVE</dt>
+<dd>
+
+<p>Enables regular sending of keep-alive messages.</p>
+
+</dd>
+<dt id="BIO_SOCK_NONBLOCK">BIO_SOCK_NONBLOCK</dt>
+<dd>
+
+<p>Sets the socket to non-blocking mode.</p>
+
+</dd>
+<dt id="BIO_SOCK_NODELAY">BIO_SOCK_NODELAY</dt>
+<dd>
+
+<p>Corresponds to <b>TCP_NODELAY</b>, and disables the Nagle algorithm. With this set, any data will be sent as soon as possible instead of being buffered until there&#39;s enough for the socket to send out in one go.</p>
+
+</dd>
+<dt id="BIO_SOCK_REUSEADDR">BIO_SOCK_REUSEADDR</dt>
+<dd>
+
+<p>Try to reuse the address and port combination for a recently closed port.</p>
+
+</dd>
+<dt id="BIO_SOCK_V6_ONLY">BIO_SOCK_V6_ONLY</dt>
+<dd>
+
+<p>When creating an IPv6 socket, make it only listen for IPv6 addresses and not IPv4 addresses mapped to IPv6.</p>
+
+</dd>
+</dl>
+
+<p>These flags are bit flags, so they are to be combined with the <code>|</code> operator, for example:</p>
+
+<pre><code> BIO_connect(sock, addr, BIO_SOCK_KEEPALIVE | BIO_SOCK_NONBLOCK);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_socket() returns the socket number on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_bind(), BIO_connect() and BIO_listen() return 1 on success or 0 on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<p>BIO_accept_ex() returns the accepted socket on success or <b>INVALID_SOCKET</b> (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gethostname(), BIO_get_port(), BIO_get_host_ip(), BIO_get_accept_socket() and BIO_accept() were deprecated in OpenSSL 1.1.0. Use the functions described above instead.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ADDR.html">BIO_ADDR(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ssl_copy_session_id.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ssl_copy_session_id.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ssl_copy_session_id.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_ssl_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/BIO_ssl_shutdown.html
new file mode 100644
index 000000000..0e1fefeef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_ssl_shutdown.html
@@ -0,0 +1,263 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_f_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_do_handshake, BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown - SSL BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ const BIO_METHOD *BIO_f_ssl(void);
+
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
+ long BIO_get_ssl(BIO *b, SSL **sslp);
+ long BIO_set_ssl_mode(BIO *b, long client);
+ long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
+ long BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
+ long BIO_get_num_renegotiates(BIO *b);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ long BIO_do_handshake(BIO *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper round the OpenSSL SSL routines adding a BIO &quot;flavour&quot; to SSL I/O.</p>
+
+<p>I/O performed on an SSL BIO communicates using the SSL protocol with the SSLs read and write BIOs. If an SSL connection is not established then an attempt is made to establish one on the first I/O call.</p>
+
+<p>If a BIO is appended to an SSL BIO using BIO_push() it is automatically used as the SSL BIOs read and write BIOs.</p>
+
+<p>Calling BIO_reset() on an SSL BIO closes down any current SSL connection by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in the chain: this will typically disconnect the underlying transport. The SSL BIO is then reset to the initial accept or connect state.</p>
+
+<p>If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free().</p>
+
+<p>BIO_set_ssl() sets the internal SSL pointer of BIO <b>b</b> to <b>ssl</b> using the close flag <b>c</b>.</p>
+
+<p>BIO_get_ssl() retrieves the SSL pointer of BIO <b>b</b>, it can then be manipulated using the standard SSL library functions.</p>
+
+<p>BIO_set_ssl_mode() sets the SSL BIO mode to <b>client</b>. If <b>client</b> is 1 client mode is set. If <b>client</b> is 0 server mode is set.</p>
+
+<p>BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count to <b>num</b>. When set after every <b>num</b> bytes of I/O (read and write) the SSL session is automatically renegotiated. <b>num</b> must be at least 512 bytes.</p>
+
+<p>BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to <b>seconds</b>. When the renegotiate timeout elapses the session is automatically renegotiated.</p>
+
+<p>BIO_get_num_renegotiates() returns the total number of session renegotiations due to I/O or timeout.</p>
+
+<p>BIO_new_ssl() allocates an SSL BIO using SSL_CTX <b>ctx</b> and using client mode if <b>client</b> is non zero.</p>
+
+<p>BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using <b>ctx</b>) followed by a connect BIO.</p>
+
+<p>BIO_new_buffer_ssl_connect() creates a new BIO chain consisting of a buffering BIO, an SSL BIO (using <b>ctx</b>) and a connect BIO.</p>
+
+<p>BIO_ssl_copy_session_id() copies an SSL session id between BIO chains <b>from</b> and <b>to</b>. It does this by locating the SSL BIOs in each chain and calling SSL_copy_session_id() on the internal SSL pointer.</p>
+
+<p>BIO_ssl_shutdown() closes down an SSL connection on BIO chain <b>bio</b>. It does this by locating the SSL BIO in the chain and calling SSL_shutdown() on its internal SSL pointer.</p>
+
+<p>BIO_do_handshake() attempts to complete an SSL handshake on the supplied BIO and establish the SSL connection. It returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established, the call BIO_should_retry() should be used for non blocking connect BIOs to determine if the call should be retried. If an SSL connection has already been established this call has no effect.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read_ex() operation, one case where this happens is when step up occurs.</p>
+
+<p>The SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set an SSL BIO using a blocking transport will never request a retry.</p>
+
+<p>Since unknown BIO_ctrl() operations are sent through filter BIOs the servers name and port can be set using BIO_set_host() on the BIO returned by BIO_new_ssl_connect() without having to locate the connect BIO first.</p>
+
+<p>Applications do not have to call BIO_do_handshake() but may wish to do so to separate the handshake process from other I/O processing.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(), BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>.</p>
+
+<pre><code> BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_client_method());
+
+ /* XXX Set verify paths and mode here. */
+
+ sbio = BIO_new_ssl_connect(ctx);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* Don&#39;t want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* XXX We might want to do other things with ssl here */
+
+ /* An empty host part means the loopback address */
+ BIO_set_conn_hostname(sbio, &quot;:https&quot;);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (BIO_do_connect(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error connecting to server\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error establishing SSL connection\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, &quot;GET / HTTP/1.0\n\n&quot;);
+ for (;;) {
+     len = BIO_read(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);</code></pre>
+
+<p>Here is a simple server example. It makes use of a buffering BIO to allow lines to be read from the SSL BIO using BIO_gets. It creates a pseudo web page containing the actual request from a client and also echoes the request to standard output.</p>
+
+<pre><code> BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ /* XXX Seed the PRNG if needed. */
+
+ ctx = SSL_CTX_new(TLS_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_use_PrivateKey_file(ctx, &quot;server.pem&quot;, SSL_FILETYPE_PEM)
+         || !SSL_CTX_check_private_key(ctx)) {
+     fprintf(stderr, &quot;Error setting up SSL_CTX\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* XXX Other things like set verify locations, EDH temp callbacks. */
+
+ /* New SSL BIO setup as server */
+ sbio = BIO_new_ssl(ctx, 0);
+ BIO_get_ssl(sbio, &amp;ssl);
+ if (ssl == NULL) {
+     fprintf(stderr, &quot;Can&#39;t locate SSL pointer\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+ bbio = BIO_new(BIO_f_buffer());
+ sbio = BIO_push(bbio, sbio);
+ acpt = BIO_new_accept(&quot;4433&quot;);
+
+ /*
+  * By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now &#39;swallowed&#39; by the accept BIO and
+  * will be freed when the accept BIO is freed.
+  */
+ BIO_set_accept_bios(acpt, sbio);
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if (BIO_do_accept(acpt) &lt;= 0) {
+     fprintf(stderr, &quot;Error setting up accept BIO\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ /* We only want one connection so remove and free accept BIO */
+ sbio = BIO_pop(acpt);
+ BIO_free_all(acpt);
+
+ if (BIO_do_handshake(sbio) &lt;= 0) {
+     fprintf(stderr, &quot;Error in SSL handshake\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }
+
+ BIO_puts(sbio, &quot;HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\nConnection Established\r\nRequest headers:\r\n&quot;);
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+
+ for (;;) {
+     len = BIO_gets(sbio, tmpbuf, 1024);
+     if (len &lt;= 0)
+         break;
+     BIO_write(sbio, tmpbuf, len);
+     BIO_write(out, tmpbuf, len);
+     /* Look for blank line signifying end of headers*/
+     if (tmpbuf[0] == &#39;\r&#39; || tmpbuf[0] == &#39;\n&#39;)
+         break;
+ }
+
+ BIO_puts(sbio, &quot;--------------------------------------------------\r\n&quot;);
+ BIO_puts(sbio, &quot;\r\n&quot;);
+ BIO_flush(sbio);
+ BIO_free_all(sbio);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_f_ssl() returns the SSL <b>BIO_METHOD</b> structure.</p>
+
+<p>BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on success or a value which is less than or equal to 0 if an error occurred.</p>
+
+<p>BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return a valid <b>BIO</b> structure on success or <b>NULL</b> if an error occurred.</p>
+
+<p>BIO_ssl_copy_session_id() returns 1 on success or 0 on error.</p>
+
+<p>BIO_do_handshake() returns 1 if the connection was established successfully. A zero or negative value is returned if the connection could not be established.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly, the I/O BIO reference count was incorrectly incremented (instead of decremented) and dissociated with the SSL BIO even if the SSL BIO was not explicitly being popped (e.g. a pop higher up the chain). Applications which included workarounds for this bug (e.g. freeing BIOs more than once) should be modified to handle this fix or they may free up an already freed BIO.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_tell.html b/msys2/usr/share/doc/openssl/html/man3/BIO_tell.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_tell.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/BIO_up_ref.html
new file mode 100644
index 000000000..0469d0f84
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_up_ref.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_new, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and freeing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *  BIO_new(const BIO_METHOD *type);
+ int    BIO_up_ref(BIO *a);
+ int    BIO_free(BIO *a);
+ void   BIO_vfree(BIO *a);
+ void   BIO_free_all(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_new() function returns a new BIO using method <b>type</b>.</p>
+
+<p>BIO_up_ref() increments the reference count associated with the BIO object.</p>
+
+<p>BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO but it does not return a value. If <b>a</b> is NULL nothing is done. Calling BIO_free() may also have some effect on the underlying I/O structure, for example it may close the file being referred to under certain circumstances. For more details see the individual BIO_METHOD descriptions.</p>
+
+<p>BIO_free_all() frees up an entire BIO chain, it does not halt if an error occurs freeing up an individual BIO in the chain. If <b>a</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new() returns a newly created BIO or NULL if the call fails.</p>
+
+<p>BIO_up_ref() and BIO_free() return 1 for success and 0 for failure.</p>
+
+<p>BIO_free_all() and BIO_vfree() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If BIO_free() is called on a BIO chain it will only free one BIO resulting in a memory leak.</p>
+
+<p>Calling BIO_free_all() on a single BIO has the same effect as calling BIO_free() on it other than the discarded return value.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set() was removed in OpenSSL 1.1.0 as BIO type is now opaque.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_vfree.html b/msys2/usr/share/doc/openssl/html/man3/BIO_vfree.html
new file mode 100644
index 000000000..0469d0f84
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_vfree.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_new, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and freeing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ BIO *  BIO_new(const BIO_METHOD *type);
+ int    BIO_up_ref(BIO *a);
+ int    BIO_free(BIO *a);
+ void   BIO_vfree(BIO *a);
+ void   BIO_free_all(BIO *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The BIO_new() function returns a new BIO using method <b>type</b>.</p>
+
+<p>BIO_up_ref() increments the reference count associated with the BIO object.</p>
+
+<p>BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO but it does not return a value. If <b>a</b> is NULL nothing is done. Calling BIO_free() may also have some effect on the underlying I/O structure, for example it may close the file being referred to under certain circumstances. For more details see the individual BIO_METHOD descriptions.</p>
+
+<p>BIO_free_all() frees up an entire BIO chain, it does not halt if an error occurs freeing up an individual BIO in the chain. If <b>a</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_new() returns a newly created BIO or NULL if the call fails.</p>
+
+<p>BIO_up_ref() and BIO_free() return 1 for success and 0 for failure.</p>
+
+<p>BIO_free_all() and BIO_vfree() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If BIO_free() is called on a BIO chain it will only free one BIO resulting in a memory leak.</p>
+
+<p>Calling BIO_free_all() on a single BIO has the same effect as calling BIO_free() on it other than the discarded return value.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_set() was removed in OpenSSL 1.1.0 as BIO type is now opaque.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());</code></pre>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_vprintf.html b/msys2/usr/share/doc/openssl/html/man3/BIO_vprintf.html
new file mode 100644
index 000000000..af1b25f8d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_vprintf.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_printf</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_printf, BIO_vprintf, BIO_snprintf, BIO_vsnprintf - formatted output to a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_printf(BIO *bio, const char *format, ...)
+ int BIO_vprintf(BIO *bio, const char *format, va_list args)
+
+ int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_printf() is similar to the standard C printf() function, except that the output is sent to the specified BIO, <b>bio</b>, rather than standard output. All common format specifiers are supported.</p>
+
+<p>BIO_vprintf() is similar to the vprintf() function found on many platforms, the output is sent to the specified BIO, <b>bio</b>, rather than standard output. All common format specifiers are supported. The argument list <b>args</b> is a stdarg argument list.</p>
+
+<p>BIO_snprintf() is for platforms that do not have the common snprintf() function. It is like sprintf() except that the size parameter, <b>n</b>, specifies the size of the output buffer.</p>
+
+<p>BIO_vsnprintf() is to BIO_snprintf() as BIO_vprintf() is to BIO_printf().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions return the number of bytes written, or -1 on error. For BIO_snprintf() and BIO_vsnprintf() this includes when the output buffer is too small.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_vsnprintf.html b/msys2/usr/share/doc/openssl/html/man3/BIO_vsnprintf.html
new file mode 100644
index 000000000..af1b25f8d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_vsnprintf.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_printf</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_printf, BIO_vprintf, BIO_snprintf, BIO_vsnprintf - formatted output to a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_printf(BIO *bio, const char *format, ...)
+ int BIO_vprintf(BIO *bio, const char *format, va_list args)
+
+ int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_printf() is similar to the standard C printf() function, except that the output is sent to the specified BIO, <b>bio</b>, rather than standard output. All common format specifiers are supported.</p>
+
+<p>BIO_vprintf() is similar to the vprintf() function found on many platforms, the output is sent to the specified BIO, <b>bio</b>, rather than standard output. All common format specifiers are supported. The argument list <b>args</b> is a stdarg argument list.</p>
+
+<p>BIO_snprintf() is for platforms that do not have the common snprintf() function. It is like sprintf() except that the size parameter, <b>n</b>, specifies the size of the output buffer.</p>
+
+<p>BIO_vsnprintf() is to BIO_snprintf() as BIO_vprintf() is to BIO_printf().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions return the number of bytes written, or -1 on error. For BIO_snprintf() and BIO_vsnprintf() this includes when the output buffer is too small.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_wpending.html b/msys2/usr/share/doc/openssl/html/man3/BIO_wpending.html
new file mode 100644
index 000000000..ccbb411c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_wpending.html
@@ -0,0 +1,115 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset, BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close, BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending, BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb - BIO control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ typedef int BIO_info_cb(BIO *b, int state, int res);
+
+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
+ char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b, long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b, BIO_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b, BIO_info_cb *cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl() are BIO &quot;control&quot; operations taking arguments of various types. These functions are not normally called directly, various macros are used instead. The standard macros are described below, macros specific to a particular type of BIO are described in the specific BIOs manual page as well as any special features of the standard calls.</p>
+
+<p>BIO_reset() typically resets a BIO to some initial state, in the case of file related BIOs for example it rewinds the file pointer to the start of the file.</p>
+
+<p>BIO_seek() resets a file related BIO&#39;s (that is file descriptor and FILE BIOs) file position pointer to <b>ofs</b> bytes from start of file.</p>
+
+<p>BIO_tell() returns the current file position of a file related BIO.</p>
+
+<p>BIO_flush() normally writes out any internally buffered data, in some cases it is used to signal EOF and that no more data will be written.</p>
+
+<p>BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of &quot;EOF&quot; varies according to the BIO type.</p>
+
+<p>BIO_set_close() sets the BIO <b>b</b> close flag to <b>flag</b>. <b>flag</b> can take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used in a source/sink BIO to indicate that the underlying I/O stream should be closed when the BIO is freed.</p>
+
+<p>BIO_get_close() returns the BIOs close flag.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the number of pending characters in the BIOs read and write buffers. Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending() return a size_t type and are functions, BIO_pending() and BIO_wpending() are macros which call BIO_ctrl().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_reset() normally returns 1 for success and 0 or -1 for failure. File BIOs are an exception, they return 0 for success and -1 for failure.</p>
+
+<p>BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure.</p>
+
+<p>BIO_flush() returns 1 for success and 0 or -1 for failure.</p>
+
+<p>BIO_eof() returns 1 if EOF has been reached 0 otherwise.</p>
+
+<p>BIO_set_close() always returns 1.</p>
+
+<p>BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.</p>
+
+<p>BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>BIO_flush(), because it can write data may return 0 or -1 indicating that the call should be retried later in a similar manner to BIO_write_ex(). The BIO_should_retry() call should be used and appropriate action taken is the call fails.</p>
+
+<p>The return values of BIO_pending() and BIO_wpending() may not reliably determine the amount of pending data in all cases. For example in the case of a file BIO some data may be available in the FILE structures internal buffers but it is not possible to determine this in a portably way. For other types of BIO they may not be supported.</p>
+
+<p>Filter BIOs if they do not internally handle a particular BIO_ctrl() operation usually pass the operation to the next BIO in the chain. This often means there is no need to locate the required BIO for a particular operation, it can be called on a chain and it will be automatically passed to the relevant BIO. However this can cause unexpected results: for example no current filter BIOs implement BIO_seek(), but this may still succeed if the chain ends in a FILE or file descriptor BIO.</p>
+
+<p>Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some of the return values are ambiguous and care should be taken. In particular a return value of 0 can be returned if an operation is not supported, if an error occurred, if EOF has not been reached and in the case of BIO_seek() on a file BIO for a successful operation.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_write.html b/msys2/usr/share/doc/openssl/html/man3/BIO_write.html
new file mode 100644
index 000000000..c178bd7b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_write.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_read_ex, BIO_write_ex, BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
+ int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
+
+ int BIO_read(BIO *b, void *data, int dlen);
+ int BIO_gets(BIO *b, char *buf, int size);
+ int BIO_write(BIO *b, const void *data, int dlen);
+ int BIO_puts(BIO *b, const char *buf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_read_ex() attempts to read <b>dlen</b> bytes from BIO <b>b</b> and places the data in <b>data</b>. If any bytes were successfully read then the number of bytes read is stored in <b>*readbytes</b>.</p>
+
+<p>BIO_write_ex() attempts to write <b>dlen</b> bytes from <b>data</b> to BIO <b>b</b>. If successful then the number of bytes written is stored in <b>*written</b>.</p>
+
+<p>BIO_read() attempts to read <b>len</b> bytes from BIO <b>b</b> and places the data in <b>buf</b>.</p>
+
+<p>BIO_gets() performs the BIOs &quot;gets&quot; operation and places the data in <b>buf</b>. Usually this operation will attempt to read a line of data from the BIO of maximum length <b>size-1</b>. There are exceptions to this, however; for example, BIO_gets() on a digest BIO will calculate and return the digest and other BIOs may not support BIO_gets() at all. The returned string is always NUL-terminated and the &#39;\n&#39; is preserved if present in the input data.</p>
+
+<p>BIO_write() attempts to write <b>len</b> bytes from <b>buf</b> to BIO <b>b</b>.</p>
+
+<p>BIO_puts() attempts to write a NUL-terminated string <b>buf</b> to BIO <b>b</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_read_ex() and BIO_write_ex() return 1 if data was successfully read or written, and 0 otherwise.</p>
+
+<p>All other functions return either the amount of data successfully read or written (if the return value is positive) or that no data was successfully read or written if the result is 0 or -1. If the return value is -2 then the operation is not implemented in the specific BIO type. The trailing NUL is not included in the length returned by BIO_gets().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A 0 or -1 return is not necessarily an indication of an error. In particular when the source/sink is non-blocking or of a certain type it may merely be an indication that no data is currently available and that the application should retry the operation later.</p>
+
+<p>One technique sometimes used with blocking sockets is to use a system call (such as select(), poll() or equivalent) to determine when data is available and then call read() to read the data. The equivalent with BIOs (that is call select() on the underlying I/O structure and then call BIO_read() to read the data) should <b>not</b> be used because a single call to BIO_read() can cause several reads (and writes in the case of SSL BIOs) on the underlying I/O structure and may block as a result. Instead select() (or equivalent) should be combined with non blocking I/O so successive reads will request a retry instead of blocking.</p>
+
+<p>See <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> for details of how to determine the cause of a retry and other I/O issues.</p>
+
+<p>If the BIO_gets() function is not supported by a BIO then it possible to work around this by adding a buffering BIO <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a> to the chain.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gets() on 1.1.0 and older when called on BIO_fd() based BIO does not keep the &#39;\n&#39; at the end of the line in the buffer.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_write_ex.html b/msys2/usr/share/doc/openssl/html/man3/BIO_write_ex.html
new file mode 100644
index 000000000..c178bd7b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_write_ex.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_read_ex, BIO_write_ex, BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
+ int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
+
+ int BIO_read(BIO *b, void *data, int dlen);
+ int BIO_gets(BIO *b, char *buf, int size);
+ int BIO_write(BIO *b, const void *data, int dlen);
+ int BIO_puts(BIO *b, const char *buf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_read_ex() attempts to read <b>dlen</b> bytes from BIO <b>b</b> and places the data in <b>data</b>. If any bytes were successfully read then the number of bytes read is stored in <b>*readbytes</b>.</p>
+
+<p>BIO_write_ex() attempts to write <b>dlen</b> bytes from <b>data</b> to BIO <b>b</b>. If successful then the number of bytes written is stored in <b>*written</b>.</p>
+
+<p>BIO_read() attempts to read <b>len</b> bytes from BIO <b>b</b> and places the data in <b>buf</b>.</p>
+
+<p>BIO_gets() performs the BIOs &quot;gets&quot; operation and places the data in <b>buf</b>. Usually this operation will attempt to read a line of data from the BIO of maximum length <b>size-1</b>. There are exceptions to this, however; for example, BIO_gets() on a digest BIO will calculate and return the digest and other BIOs may not support BIO_gets() at all. The returned string is always NUL-terminated and the &#39;\n&#39; is preserved if present in the input data.</p>
+
+<p>BIO_write() attempts to write <b>len</b> bytes from <b>buf</b> to BIO <b>b</b>.</p>
+
+<p>BIO_puts() attempts to write a NUL-terminated string <b>buf</b> to BIO <b>b</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_read_ex() and BIO_write_ex() return 1 if data was successfully read or written, and 0 otherwise.</p>
+
+<p>All other functions return either the amount of data successfully read or written (if the return value is positive) or that no data was successfully read or written if the result is 0 or -1. If the return value is -2 then the operation is not implemented in the specific BIO type. The trailing NUL is not included in the length returned by BIO_gets().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A 0 or -1 return is not necessarily an indication of an error. In particular when the source/sink is non-blocking or of a certain type it may merely be an indication that no data is currently available and that the application should retry the operation later.</p>
+
+<p>One technique sometimes used with blocking sockets is to use a system call (such as select(), poll() or equivalent) to determine when data is available and then call read() to read the data. The equivalent with BIOs (that is call select() on the underlying I/O structure and then call BIO_read() to read the data) should <b>not</b> be used because a single call to BIO_read() can cause several reads (and writes in the case of SSL BIOs) on the underlying I/O structure and may block as a result. Instead select() (or equivalent) should be combined with non blocking I/O so successive reads will request a retry instead of blocking.</p>
+
+<p>See <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a> for details of how to determine the cause of a retry and other I/O issues.</p>
+
+<p>If the BIO_gets() function is not supported by a BIO then it possible to work around this by adding a buffering BIO <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a> to the chain.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BIO_gets() on 1.1.0 and older when called on BIO_fd() based BIO does not keep the &#39;\n&#39; at the end of the line in the buffer.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BIO_write_filename.html b/msys2/usr/share/doc/openssl/html/man3/BIO_write_filename.html
new file mode 100644
index 000000000..62da75192
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BIO_write_filename.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_s_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp, BIO_read_filename, BIO_write_filename, BIO_append_filename, BIO_rw_filename - FILE bio</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;
+
+ const BIO_METHOD *BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BIO_s_file() returns the BIO file method. As its name implies it is a wrapper round the stdio FILE structure and it is a source/sink BIO.</p>
+
+<p>Calls to BIO_read_ex() and BIO_write_ex() read and write data to the underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.</p>
+
+<p>BIO_flush() on a file BIO calls the fflush() function on the wrapped stream.</p>
+
+<p>BIO_reset() attempts to change the file pointer to the start of file using fseek(stream, 0, 0).</p>
+
+<p>BIO_seek() sets the file pointer to position <b>ofs</b> from start of file using fseek(stream, ofs, 0).</p>
+
+<p>BIO_eof() calls feof().</p>
+
+<p>Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO is freed.</p>
+
+<p>BIO_new_file() creates a new file BIO with mode <b>mode</b> the meaning of <b>mode</b> is the same as the stdio function fopen(). The BIO_CLOSE flag is set on the returned BIO.</p>
+
+<p>BIO_new_fp() creates a file BIO wrapping <b>stream</b>. Flags can be: BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying stream to text mode, default is binary: this only has any effect under Win32).</p>
+
+<p>BIO_set_fp() sets the fp of a file BIO to <b>fp</b>. <b>flags</b> has the same meaning as in BIO_new_fp(), it is a macro.</p>
+
+<p>BIO_get_fp() retrieves the fp of a file BIO, it is a macro.</p>
+
+<p>BIO_seek() is a macro that sets the position pointer to <b>offset</b> bytes from the start of file.</p>
+
+<p>BIO_tell() returns the value of the position pointer.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() set the file BIO <b>b</b> to use file <b>name</b> for reading, writing, append or read write respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When wrapping stdout, stdin or stderr the underlying stream should not normally be closed so the BIO_NOCLOSE flag should be set.</p>
+
+<p>Because the file BIO calls the underlying stdio functions any quirks in stdio behaviour will be mirrored by the corresponding BIO.</p>
+
+<p>On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>File BIO &quot;hello world&quot;:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *bio_out;
+
+ bio_out = BIO_new(BIO_s_file());
+ if (bio_out == NULL)
+     /* Error */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE))
+     /* Error */
+ BIO_printf(bio_out, &quot;Hello World\n&quot;);</code></pre>
+
+<p>Write to a file:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new_file(&quot;filename.txt&quot;, &quot;w&quot;);
+ if (!out)
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> BIO *out;
+
+ out = BIO_new(BIO_s_file());
+ if (out == NULL)
+     /* Error */
+ if (!BIO_write_filename(out, &quot;filename.txt&quot;))
+     /* Error */
+ BIO_printf(out, &quot;Hello World\n&quot;);
+ BIO_free(out);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BIO_s_file() returns the file BIO method.</p>
+
+<p>BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred.</p>
+
+<p>BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure (although the current implementation never return 0).</p>
+
+<p>BIO_seek() returns the same value as the underlying fseek() function: 0 for success or -1 for failure.</p>
+
+<p>BIO_tell() returns the current file position.</p>
+
+<p>BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and BIO_rw_filename() return 1 for success or 0 for failure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>BIO_reset() and BIO_seek() are implemented using fseek() on the underlying stream. The return value for fseek() is 0 for success or -1 if an error occurred this differs from other types of BIO which will typically return 1 for success and a non positive value if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_seek.html">BIO_seek(3)</a>, <a href="../man3/BIO_tell.html">BIO_tell(3)</a>, <a href="../man3/BIO_reset.html">BIO_reset(3)</a>, <a href="../man3/BIO_flush.html">BIO_flush(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_write_ex.html">BIO_write_ex(3)</a>, <a href="../man3/BIO_puts.html">BIO_puts(3)</a>, <a href="../man3/BIO_gets.html">BIO_gets(3)</a>, <a href="../man3/BIO_printf.html">BIO_printf(3)</a>, <a href="../man3/BIO_set_close.html">BIO_set_close(3)</a>, <a href="../man3/BIO_get_close.html">BIO_get_close(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_convert.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_convert.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_convert.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_convert_ex.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_convert_ex.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_convert_ex.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_create_param.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_create_param.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_create_param.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_free.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_free.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_free.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_get_flags.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_get_flags.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_get_flags.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_invert.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_invert.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_invert.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_invert_ex.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_invert_ex.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_invert_ex.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_is_current_thread.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_is_current_thread.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_is_current_thread.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_lock.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_lock.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_lock.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_new.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_new.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_new.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_set_current_thread.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_set_current_thread.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_set_current_thread.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_set_flags.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_set_flags.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_unlock.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_unlock.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_unlock.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_update.html b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_update.html
new file mode 100644
index 000000000..1406aa4a4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_BLINDING_update.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_BLINDING_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+                              BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+                            BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                           BN_CTX *ctx);
+ int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+ void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+ int BN_BLINDING_lock(BN_BLINDING *b);
+ int BN_BLINDING_unlock(BN_BLINDING *b);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                       const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                       int (*bn_mod_exp)(BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                       BN_MONT_CTX *m_ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_BLINDING_new() allocates a new <b>BN_BLINDING</b> structure and copies the <b>A</b> and <b>Ai</b> values into the newly created <b>BN_BLINDING</b> object.</p>
+
+<p>BN_BLINDING_free() frees the <b>BN_BLINDING</b> structure. If <b>b</b> is NULL, nothing is done.</p>
+
+<p>BN_BLINDING_update() updates the <b>BN_BLINDING</b> parameters by squaring the <b>A</b> and <b>Ai</b> or, after specific number of uses and if the necessary parameters are set, by re-creating the blinding parameters.</p>
+
+<p>BN_BLINDING_convert_ex() multiplies <b>n</b> with the blinding factor <b>A</b>. If <b>r</b> is not NULL a copy the inverse blinding factor <b>Ai</b> will be returned in <b>r</b> (this is useful if a <b>RSA</b> object is shared among several threads). BN_BLINDING_invert_ex() multiplies <b>n</b> with the inverse blinding factor <b>Ai</b>. If <b>r</b> is not NULL it will be used as the inverse blinding.</p>
+
+<p>BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() with <b>r</b> set to NULL.</p>
+
+<p>BN_BLINDING_is_current_thread() returns whether the <b>BN_BLINDING</b> structure is owned by the current thread. This is to help users provide proper locking if needed for multi-threaded use.</p>
+
+<p>BN_BLINDING_set_current_thread() sets the current thread as the owner of the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_lock() locks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_unlock() unlocks the <b>BN_BLINDING</b> structure.</p>
+
+<p>BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently there are two supported flags: <b>BN_BLINDING_NO_UPDATE</b> and <b>BN_BLINDING_NO_RECREATE</b>. <b>BN_BLINDING_NO_UPDATE</b> inhibits the automatic update of the <b>BN_BLINDING</b> parameters after each use and <b>BN_BLINDING_NO_RECREATE</b> inhibits the automatic re-creation of the <b>BN_BLINDING</b> parameters after a fixed number of uses (currently 32). In newly allocated <b>BN_BLINDING</b> objects no flags are set. BN_BLINDING_set_flags() sets the <b>BN_BLINDING</b> parameters flags.</p>
+
+<p>BN_BLINDING_create_param() creates new <b>BN_BLINDING</b> parameters using the exponent <b>e</b> and the modulus <b>m</b>. <b>bn_mod_exp</b> and <b>m_ctx</b> can be used to pass special functions for exponentiation (normally BN_mod_exp_mont() and <b>BN_MONT_CTX</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_BLINDING_new() returns the newly allocated <b>BN_BLINDING</b> structure or NULL in case of an error.</p>
+
+<p>BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on success and 0 if an error occurred.</p>
+
+<p>BN_BLINDING_is_current_thread() returns 1 if the current thread owns the <b>BN_BLINDING</b> object, 0 otherwise.</p>
+
+<p>BN_BLINDING_set_current_thread() doesn&#39;t return anything.</p>
+
+<p>BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation succeeded or 0 on error.</p>
+
+<p>BN_BLINDING_get_flags() returns the currently set <b>BN_BLINDING</b> flags (a <b>unsigned long</b> value).</p>
+
+<p>BN_BLINDING_create_param() returns the newly created <b>BN_BLINDING</b> parameters or NULL on error.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it deprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_CTX_end.html b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_end.html
new file mode 100644
index 000000000..554b847c2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_end.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_CTX_start</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_CTX_start(BN_CTX *ctx);
+
+ BIGNUM *BN_CTX_get(BN_CTX *ctx);
+
+ void BN_CTX_end(BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to obtain temporary <b>BIGNUM</b> variables from a <b>BN_CTX</b> (which can been created by using <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>) in order to save the overhead of repeatedly creating and freeing <b>BIGNUM</b>s in functions that are called from inside a loop.</p>
+
+<p>A function must call BN_CTX_start() first. Then, BN_CTX_get() may be called repeatedly to obtain temporary <b>BIGNUM</b>s. All BN_CTX_get() calls must be made before calling any other functions that use the <b>ctx</b> as an argument.</p>
+
+<p>Finally, BN_CTX_end() must be called before returning from the function. When BN_CTX_end() is called, the <b>BIGNUM</b> pointers obtained from BN_CTX_get() become invalid.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_CTX_start() and BN_CTX_end() return no values.</p>
+
+<p>BN_CTX_get() returns a pointer to the <b>BIGNUM</b>, or <b>NULL</b> on error. Once BN_CTX_get() has failed, the subsequent calls will return <b>NULL</b> as well, so it is sufficient to check the return value of the last BN_CTX_get() call. In case of an error, an error code is set, which can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_free.html
new file mode 100644
index 000000000..3820ddad2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_free.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_CTX_new, BN_CTX_secure_new, BN_CTX_free - allocate and free BN_CTX structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_CTX *BN_CTX_new(void);
+
+ BN_CTX *BN_CTX_secure_new(void);
+
+ void BN_CTX_free(BN_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>BN_CTX</b> is a structure that holds <b>BIGNUM</b> temporary variables used by library functions. Since dynamic memory allocation to create <b>BIGNUM</b>s is rather expensive when used in conjunction with repeated subroutine calls, the <b>BN_CTX</b> structure is used.</p>
+
+<p>BN_CTX_new() allocates and initializes a <b>BN_CTX</b> structure. BN_CTX_secure_new() allocates and initializes a <b>BN_CTX</b> structure but uses the secure heap (see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>) to hold the <b>BIGNUM</b>s.</p>
+
+<p>BN_CTX_free() frees the components of the <b>BN_CTX</b> and the structure itself. Since BN_CTX_start() is required in order to obtain <b>BIGNUM</b>s from the <b>BN_CTX</b>, in most cases BN_CTX_end() must be called before the <b>BN_CTX</b> may be freed by BN_CTX_free(). If <b>c</b> is NULL, nothing is done.</p>
+
+<p>A given <b>BN_CTX</b> must only be used by a single thread of execution. No locking is performed, and the internal pool allocator will not properly handle multiple threads of execution.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_CTX_new() and BN_CTX_secure_new() return a pointer to the <b>BN_CTX</b>. If the allocation fails, they return <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_CTX_free() has no return values.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<pre><code> void BN_CTX_init(BN_CTX *c);</code></pre>
+
+<p>BN_CTX_init() is no longer available as of OpenSSL 1.1.0. Applications should replace use of BN_CTX_init with BN_CTX_new instead:</p>
+
+<pre><code> BN_CTX *ctx;
+ ctx = BN_CTX_new();
+ if (!ctx)
+     /* error */
+ ...
+ BN_CTX_free(ctx);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_start.html">BN_CTX_start(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_CTX_init() was removed in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_CTX_get.html b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_get.html
new file mode 100644
index 000000000..554b847c2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_get.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_CTX_start</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_CTX_start(BN_CTX *ctx);
+
+ BIGNUM *BN_CTX_get(BN_CTX *ctx);
+
+ void BN_CTX_end(BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to obtain temporary <b>BIGNUM</b> variables from a <b>BN_CTX</b> (which can been created by using <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>) in order to save the overhead of repeatedly creating and freeing <b>BIGNUM</b>s in functions that are called from inside a loop.</p>
+
+<p>A function must call BN_CTX_start() first. Then, BN_CTX_get() may be called repeatedly to obtain temporary <b>BIGNUM</b>s. All BN_CTX_get() calls must be made before calling any other functions that use the <b>ctx</b> as an argument.</p>
+
+<p>Finally, BN_CTX_end() must be called before returning from the function. When BN_CTX_end() is called, the <b>BIGNUM</b> pointers obtained from BN_CTX_get() become invalid.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_CTX_start() and BN_CTX_end() return no values.</p>
+
+<p>BN_CTX_get() returns a pointer to the <b>BIGNUM</b>, or <b>NULL</b> on error. Once BN_CTX_get() has failed, the subsequent calls will return <b>NULL</b> as well, so it is sufficient to check the return value of the last BN_CTX_get() call. In case of an error, an error code is set, which can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_new.html
new file mode 100644
index 000000000..3820ddad2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_new.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_CTX_new, BN_CTX_secure_new, BN_CTX_free - allocate and free BN_CTX structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_CTX *BN_CTX_new(void);
+
+ BN_CTX *BN_CTX_secure_new(void);
+
+ void BN_CTX_free(BN_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>BN_CTX</b> is a structure that holds <b>BIGNUM</b> temporary variables used by library functions. Since dynamic memory allocation to create <b>BIGNUM</b>s is rather expensive when used in conjunction with repeated subroutine calls, the <b>BN_CTX</b> structure is used.</p>
+
+<p>BN_CTX_new() allocates and initializes a <b>BN_CTX</b> structure. BN_CTX_secure_new() allocates and initializes a <b>BN_CTX</b> structure but uses the secure heap (see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>) to hold the <b>BIGNUM</b>s.</p>
+
+<p>BN_CTX_free() frees the components of the <b>BN_CTX</b> and the structure itself. Since BN_CTX_start() is required in order to obtain <b>BIGNUM</b>s from the <b>BN_CTX</b>, in most cases BN_CTX_end() must be called before the <b>BN_CTX</b> may be freed by BN_CTX_free(). If <b>c</b> is NULL, nothing is done.</p>
+
+<p>A given <b>BN_CTX</b> must only be used by a single thread of execution. No locking is performed, and the internal pool allocator will not properly handle multiple threads of execution.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_CTX_new() and BN_CTX_secure_new() return a pointer to the <b>BN_CTX</b>. If the allocation fails, they return <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_CTX_free() has no return values.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<pre><code> void BN_CTX_init(BN_CTX *c);</code></pre>
+
+<p>BN_CTX_init() is no longer available as of OpenSSL 1.1.0. Applications should replace use of BN_CTX_init with BN_CTX_new instead:</p>
+
+<pre><code> BN_CTX *ctx;
+ ctx = BN_CTX_new();
+ if (!ctx)
+     /* error */
+ ...
+ BN_CTX_free(ctx);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_start.html">BN_CTX_start(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_CTX_init() was removed in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_CTX_secure_new.html b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_secure_new.html
new file mode 100644
index 000000000..3820ddad2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_secure_new.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_CTX_new, BN_CTX_secure_new, BN_CTX_free - allocate and free BN_CTX structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_CTX *BN_CTX_new(void);
+
+ BN_CTX *BN_CTX_secure_new(void);
+
+ void BN_CTX_free(BN_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>BN_CTX</b> is a structure that holds <b>BIGNUM</b> temporary variables used by library functions. Since dynamic memory allocation to create <b>BIGNUM</b>s is rather expensive when used in conjunction with repeated subroutine calls, the <b>BN_CTX</b> structure is used.</p>
+
+<p>BN_CTX_new() allocates and initializes a <b>BN_CTX</b> structure. BN_CTX_secure_new() allocates and initializes a <b>BN_CTX</b> structure but uses the secure heap (see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>) to hold the <b>BIGNUM</b>s.</p>
+
+<p>BN_CTX_free() frees the components of the <b>BN_CTX</b> and the structure itself. Since BN_CTX_start() is required in order to obtain <b>BIGNUM</b>s from the <b>BN_CTX</b>, in most cases BN_CTX_end() must be called before the <b>BN_CTX</b> may be freed by BN_CTX_free(). If <b>c</b> is NULL, nothing is done.</p>
+
+<p>A given <b>BN_CTX</b> must only be used by a single thread of execution. No locking is performed, and the internal pool allocator will not properly handle multiple threads of execution.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_CTX_new() and BN_CTX_secure_new() return a pointer to the <b>BN_CTX</b>. If the allocation fails, they return <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_CTX_free() has no return values.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<pre><code> void BN_CTX_init(BN_CTX *c);</code></pre>
+
+<p>BN_CTX_init() is no longer available as of OpenSSL 1.1.0. Applications should replace use of BN_CTX_init with BN_CTX_new instead:</p>
+
+<pre><code> BN_CTX *ctx;
+ ctx = BN_CTX_new();
+ if (!ctx)
+     /* error */
+ ...
+ BN_CTX_free(ctx);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_start.html">BN_CTX_start(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_CTX_init() was removed in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_CTX_start.html b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_start.html
new file mode 100644
index 000000000..554b847c2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_CTX_start.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_CTX_start</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_CTX_start(BN_CTX *ctx);
+
+ BIGNUM *BN_CTX_get(BN_CTX *ctx);
+
+ void BN_CTX_end(BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to obtain temporary <b>BIGNUM</b> variables from a <b>BN_CTX</b> (which can been created by using <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>) in order to save the overhead of repeatedly creating and freeing <b>BIGNUM</b>s in functions that are called from inside a loop.</p>
+
+<p>A function must call BN_CTX_start() first. Then, BN_CTX_get() may be called repeatedly to obtain temporary <b>BIGNUM</b>s. All BN_CTX_get() calls must be made before calling any other functions that use the <b>ctx</b> as an argument.</p>
+
+<p>Finally, BN_CTX_end() must be called before returning from the function. When BN_CTX_end() is called, the <b>BIGNUM</b> pointers obtained from BN_CTX_get() become invalid.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_CTX_start() and BN_CTX_end() return no values.</p>
+
+<p>BN_CTX_get() returns a pointer to the <b>BIGNUM</b>, or <b>NULL</b> on error. Once BN_CTX_get() has failed, the subsequent calls will return <b>NULL</b> as well, so it is sufficient to check the return value of the last BN_CTX_get() call. In case of an error, an error code is set, which can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_call.html b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_call.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_call.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_free.html b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_free.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_free.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_get_arg.html b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_get_arg.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_get_arg.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_new.html b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_new.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_new.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_set.html b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_set.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_set.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_set_old.html b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_set_old.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_GENCB_set_old.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_copy.html b/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_copy.html
new file mode 100644
index 000000000..a31aa022c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_copy.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_montgomery</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_montgomery, BN_to_montgomery - Montgomery multiplication</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_MONT_CTX *mont, BN_CTX *ctx);
+
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                        BN_CTX *ctx);
+
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                      BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement Montgomery multiplication. They are used automatically when <a href="../man3/BN_mod_exp.html">BN_mod_exp(3)</a> is called with suitable input, but they may be useful when several operations are to be performed using the same modulus.</p>
+
+<p>BN_MONT_CTX_new() allocates and initializes a <b>BN_MONT_CTX</b> structure.</p>
+
+<p>BN_MONT_CTX_set() sets up the <i>mont</i> structure from the modulus <i>m</i> by precomputing its inverse and a value R.</p>
+
+<p>BN_MONT_CTX_copy() copies the <b>BN_MONT_CTX</b> <i>from</i> to <i>to</i>.</p>
+
+<p>BN_MONT_CTX_free() frees the components of the <b>BN_MONT_CTX</b>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. If <b>mont</b> is NULL, nothing is done.</p>
+
+<p>BN_mod_mul_montgomery() computes Mont(<i>a</i>,<i>b</i>):=<i>a</i>*<i>b</i>*R^-1 and places the result in <i>r</i>.</p>
+
+<p>BN_from_montgomery() performs the Montgomery reduction <i>r</i> = <i>a</i>*R^-1.</p>
+
+<p>BN_to_montgomery() computes Mont(<i>a</i>,R^2), i.e. <i>a</i>*R. Note that <i>a</i> must be non-negative and smaller than the modulus.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_MONT_CTX_new() returns the newly allocated <b>BN_MONT_CTX</b>, and NULL on error.</p>
+
+<p>BN_MONT_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The inputs must be reduced modulo <b>m</b>, otherwise the result will be outside the expected range.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_MONT_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_free.html
new file mode 100644
index 000000000..a31aa022c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_free.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_montgomery</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_montgomery, BN_to_montgomery - Montgomery multiplication</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_MONT_CTX *mont, BN_CTX *ctx);
+
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                        BN_CTX *ctx);
+
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                      BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement Montgomery multiplication. They are used automatically when <a href="../man3/BN_mod_exp.html">BN_mod_exp(3)</a> is called with suitable input, but they may be useful when several operations are to be performed using the same modulus.</p>
+
+<p>BN_MONT_CTX_new() allocates and initializes a <b>BN_MONT_CTX</b> structure.</p>
+
+<p>BN_MONT_CTX_set() sets up the <i>mont</i> structure from the modulus <i>m</i> by precomputing its inverse and a value R.</p>
+
+<p>BN_MONT_CTX_copy() copies the <b>BN_MONT_CTX</b> <i>from</i> to <i>to</i>.</p>
+
+<p>BN_MONT_CTX_free() frees the components of the <b>BN_MONT_CTX</b>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. If <b>mont</b> is NULL, nothing is done.</p>
+
+<p>BN_mod_mul_montgomery() computes Mont(<i>a</i>,<i>b</i>):=<i>a</i>*<i>b</i>*R^-1 and places the result in <i>r</i>.</p>
+
+<p>BN_from_montgomery() performs the Montgomery reduction <i>r</i> = <i>a</i>*R^-1.</p>
+
+<p>BN_to_montgomery() computes Mont(<i>a</i>,R^2), i.e. <i>a</i>*R. Note that <i>a</i> must be non-negative and smaller than the modulus.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_MONT_CTX_new() returns the newly allocated <b>BN_MONT_CTX</b>, and NULL on error.</p>
+
+<p>BN_MONT_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The inputs must be reduced modulo <b>m</b>, otherwise the result will be outside the expected range.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_MONT_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_new.html
new file mode 100644
index 000000000..a31aa022c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_new.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_montgomery</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_montgomery, BN_to_montgomery - Montgomery multiplication</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_MONT_CTX *mont, BN_CTX *ctx);
+
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                        BN_CTX *ctx);
+
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                      BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement Montgomery multiplication. They are used automatically when <a href="../man3/BN_mod_exp.html">BN_mod_exp(3)</a> is called with suitable input, but they may be useful when several operations are to be performed using the same modulus.</p>
+
+<p>BN_MONT_CTX_new() allocates and initializes a <b>BN_MONT_CTX</b> structure.</p>
+
+<p>BN_MONT_CTX_set() sets up the <i>mont</i> structure from the modulus <i>m</i> by precomputing its inverse and a value R.</p>
+
+<p>BN_MONT_CTX_copy() copies the <b>BN_MONT_CTX</b> <i>from</i> to <i>to</i>.</p>
+
+<p>BN_MONT_CTX_free() frees the components of the <b>BN_MONT_CTX</b>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. If <b>mont</b> is NULL, nothing is done.</p>
+
+<p>BN_mod_mul_montgomery() computes Mont(<i>a</i>,<i>b</i>):=<i>a</i>*<i>b</i>*R^-1 and places the result in <i>r</i>.</p>
+
+<p>BN_from_montgomery() performs the Montgomery reduction <i>r</i> = <i>a</i>*R^-1.</p>
+
+<p>BN_to_montgomery() computes Mont(<i>a</i>,R^2), i.e. <i>a</i>*R. Note that <i>a</i> must be non-negative and smaller than the modulus.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_MONT_CTX_new() returns the newly allocated <b>BN_MONT_CTX</b>, and NULL on error.</p>
+
+<p>BN_MONT_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The inputs must be reduced modulo <b>m</b>, otherwise the result will be outside the expected range.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_MONT_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_set.html b/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_set.html
new file mode 100644
index 000000000..a31aa022c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_MONT_CTX_set.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_montgomery</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_montgomery, BN_to_montgomery - Montgomery multiplication</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_MONT_CTX *mont, BN_CTX *ctx);
+
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                        BN_CTX *ctx);
+
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                      BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement Montgomery multiplication. They are used automatically when <a href="../man3/BN_mod_exp.html">BN_mod_exp(3)</a> is called with suitable input, but they may be useful when several operations are to be performed using the same modulus.</p>
+
+<p>BN_MONT_CTX_new() allocates and initializes a <b>BN_MONT_CTX</b> structure.</p>
+
+<p>BN_MONT_CTX_set() sets up the <i>mont</i> structure from the modulus <i>m</i> by precomputing its inverse and a value R.</p>
+
+<p>BN_MONT_CTX_copy() copies the <b>BN_MONT_CTX</b> <i>from</i> to <i>to</i>.</p>
+
+<p>BN_MONT_CTX_free() frees the components of the <b>BN_MONT_CTX</b>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. If <b>mont</b> is NULL, nothing is done.</p>
+
+<p>BN_mod_mul_montgomery() computes Mont(<i>a</i>,<i>b</i>):=<i>a</i>*<i>b</i>*R^-1 and places the result in <i>r</i>.</p>
+
+<p>BN_from_montgomery() performs the Montgomery reduction <i>r</i> = <i>a</i>*R^-1.</p>
+
+<p>BN_to_montgomery() computes Mont(<i>a</i>,R^2), i.e. <i>a</i>*R. Note that <i>a</i> must be non-negative and smaller than the modulus.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_MONT_CTX_new() returns the newly allocated <b>BN_MONT_CTX</b>, and NULL on error.</p>
+
+<p>BN_MONT_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The inputs must be reduced modulo <b>m</b>, otherwise the result will be outside the expected range.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_MONT_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_free.html
new file mode 100644
index 000000000..51c393d99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_free.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_reciprocal</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using reciprocal</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_RECP_CTX *BN_RECP_CTX_new(void);
+ void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+
+ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp,
+                 BN_CTX *ctx);
+
+ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_RECP_CTX *recp, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_mod_mul_reciprocal() can be used to perform an efficient <a href="../man3/BN_mod_mul.html">BN_mod_mul(3)</a> operation when the operation will be performed repeatedly with the same modulus. It computes <b>r</b>=(<b>a</b>*<b>b</b>)%<b>m</b> using <b>recp</b>=1/<b>m</b>, which is set as described below. <b>ctx</b> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<p>BN_RECP_CTX_new() allocates and initializes a <b>BN_RECP</b> structure.</p>
+
+<p>BN_RECP_CTX_free() frees the components of the <b>BN_RECP</b>, and, if it was created by BN_RECP_CTX_new(), also the structure itself. If <b>recp</b> is NULL, nothing is done.</p>
+
+<p>BN_RECP_CTX_set() stores <b>m</b> in <b>recp</b> and sets it up for computing 1/<b>m</b> and shifting it left by BN_num_bits(<b>m</b>)+1 to make it an integer. The result and the number of bits it was shifted left will later be stored in <b>recp</b>.</p>
+
+<p>BN_div_recp() divides <b>a</b> by <b>m</b> using <b>recp</b>. It places the quotient in <b>dv</b> and the remainder in <b>rem</b>.</p>
+
+<p>The <b>BN_RECP_CTX</b> structure cannot be shared between threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_RECP_CTX_new() returns the newly allocated <b>BN_RECP_CTX</b>, and NULL on error.</p>
+
+<p>BN_RECP_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_RECP_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_new.html
new file mode 100644
index 000000000..51c393d99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_new.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_reciprocal</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using reciprocal</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_RECP_CTX *BN_RECP_CTX_new(void);
+ void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+
+ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp,
+                 BN_CTX *ctx);
+
+ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_RECP_CTX *recp, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_mod_mul_reciprocal() can be used to perform an efficient <a href="../man3/BN_mod_mul.html">BN_mod_mul(3)</a> operation when the operation will be performed repeatedly with the same modulus. It computes <b>r</b>=(<b>a</b>*<b>b</b>)%<b>m</b> using <b>recp</b>=1/<b>m</b>, which is set as described below. <b>ctx</b> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<p>BN_RECP_CTX_new() allocates and initializes a <b>BN_RECP</b> structure.</p>
+
+<p>BN_RECP_CTX_free() frees the components of the <b>BN_RECP</b>, and, if it was created by BN_RECP_CTX_new(), also the structure itself. If <b>recp</b> is NULL, nothing is done.</p>
+
+<p>BN_RECP_CTX_set() stores <b>m</b> in <b>recp</b> and sets it up for computing 1/<b>m</b> and shifting it left by BN_num_bits(<b>m</b>)+1 to make it an integer. The result and the number of bits it was shifted left will later be stored in <b>recp</b>.</p>
+
+<p>BN_div_recp() divides <b>a</b> by <b>m</b> using <b>recp</b>. It places the quotient in <b>dv</b> and the remainder in <b>rem</b>.</p>
+
+<p>The <b>BN_RECP_CTX</b> structure cannot be shared between threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_RECP_CTX_new() returns the newly allocated <b>BN_RECP_CTX</b>, and NULL on error.</p>
+
+<p>BN_RECP_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_RECP_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_set.html b/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_set.html
new file mode 100644
index 000000000..51c393d99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_RECP_CTX_set.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_reciprocal</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using reciprocal</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_RECP_CTX *BN_RECP_CTX_new(void);
+ void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+
+ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp,
+                 BN_CTX *ctx);
+
+ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_RECP_CTX *recp, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_mod_mul_reciprocal() can be used to perform an efficient <a href="../man3/BN_mod_mul.html">BN_mod_mul(3)</a> operation when the operation will be performed repeatedly with the same modulus. It computes <b>r</b>=(<b>a</b>*<b>b</b>)%<b>m</b> using <b>recp</b>=1/<b>m</b>, which is set as described below. <b>ctx</b> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<p>BN_RECP_CTX_new() allocates and initializes a <b>BN_RECP</b> structure.</p>
+
+<p>BN_RECP_CTX_free() frees the components of the <b>BN_RECP</b>, and, if it was created by BN_RECP_CTX_new(), also the structure itself. If <b>recp</b> is NULL, nothing is done.</p>
+
+<p>BN_RECP_CTX_set() stores <b>m</b> in <b>recp</b> and sets it up for computing 1/<b>m</b> and shifting it left by BN_num_bits(<b>m</b>)+1 to make it an integer. The result and the number of bits it was shifted left will later be stored in <b>recp</b>.</p>
+
+<p>BN_div_recp() divides <b>a</b> by <b>m</b> using <b>recp</b>. It places the quotient in <b>dv</b> and the remainder in <b>rem</b>.</p>
+
+<p>The <b>BN_RECP_CTX</b> structure cannot be shared between threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_RECP_CTX_new() returns the newly allocated <b>BN_RECP_CTX</b>, and NULL on error.</p>
+
+<p>BN_RECP_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_RECP_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_add.html b/msys2/usr/share/doc/openssl/html/man3/BN_add.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_add.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_add_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_add_word.html
new file mode 100644
index 000000000..31be49a8a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_add_word.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add_word</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic functions on BIGNUMs with integers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_sub_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_mul_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions perform arithmetic operations on BIGNUMs with unsigned integers. They are much more efficient than the normal BIGNUM arithmetic operations.</p>
+
+<p>BN_add_word() adds <b>w</b> to <b>a</b> (<code>a+=w</code>).</p>
+
+<p>BN_sub_word() subtracts <b>w</b> from <b>a</b> (<code>a-=w</code>).</p>
+
+<p>BN_mul_word() multiplies <b>a</b> and <b>w</b> (<code>a*=w</code>).</p>
+
+<p>BN_div_word() divides <b>a</b> by <b>w</b> (<code>a/=w</code>) and returns the remainder.</p>
+
+<p>BN_mod_word() returns the remainder of <b>a</b> divided by <b>w</b> (<code>a%w</code>).</p>
+
+<p>For BN_div_word() and BN_mod_word(), <b>w</b> must not be 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_mod_word() and BN_div_word() return <b>a</b>%<b>w</b> on success and <b>(BN_ULONG)-1</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_bin2bn.html b/msys2/usr/share/doc/openssl/html/man3/BN_bin2bn.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_bin2bn.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_bn2bin.html b/msys2/usr/share/doc/openssl/html/man3/BN_bn2bin.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_bn2bin.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_bn2binpad.html b/msys2/usr/share/doc/openssl/html/man3/BN_bn2binpad.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_bn2binpad.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_bn2dec.html b/msys2/usr/share/doc/openssl/html/man3/BN_bn2dec.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_bn2dec.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_bn2hex.html b/msys2/usr/share/doc/openssl/html/man3/BN_bn2hex.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_bn2hex.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_bn2lebinpad.html b/msys2/usr/share/doc/openssl/html/man3/BN_bn2lebinpad.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_bn2lebinpad.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_bn2mpi.html b/msys2/usr/share/doc/openssl/html/man3/BN_bn2mpi.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_bn2mpi.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_clear.html b/msys2/usr/share/doc/openssl/html/man3/BN_clear.html
new file mode 100644
index 000000000..a14a6de6c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_clear.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_new, BN_secure_new, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_new(void);
+
+ BIGNUM *BN_secure_new(void);
+
+ void BN_clear(BIGNUM *a);
+
+ void BN_free(BIGNUM *a);
+
+ void BN_clear_free(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_new() allocates and initializes a <b>BIGNUM</b> structure. BN_secure_new() does the same except that the secure heap OPENSSL_secure_malloc(3) is used to store the value.</p>
+
+<p>BN_clear() is used to destroy sensitive data such as keys when they are no longer needed. It erases the memory used by <b>a</b> and sets it to the value 0.</p>
+
+<p>BN_free() frees the components of the <b>BIGNUM</b>, and if it was created by BN_new(), also the structure itself. BN_clear_free() additionally overwrites the data before the memory is returned to the system. If <b>a</b> is NULL, nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_new() and BN_secure_new() return a pointer to the <b>BIGNUM</b> initialised to the value 0. If the allocation fails, they return <b>NULL</b> and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_clear(), BN_free() and BN_clear_free() have no return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_init() was removed in OpenSSL 1.1.0; use BN_new() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_clear_bit.html b/msys2/usr/share/doc/openssl/html/man3/BN_clear_bit.html
new file mode 100644
index 000000000..084793e43
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_clear_bit.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_set_bit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
+
+<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
+
+<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
+
+<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&gt;&gt;n)</code>). An error occurs if <b>a</b> already is shorter than <b>n</b> bits.</p>
+
+<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be non-negative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
+
+<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be non-negative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
+
+<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
+
+<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_clear_free.html b/msys2/usr/share/doc/openssl/html/man3/BN_clear_free.html
new file mode 100644
index 000000000..a14a6de6c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_clear_free.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_new, BN_secure_new, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_new(void);
+
+ BIGNUM *BN_secure_new(void);
+
+ void BN_clear(BIGNUM *a);
+
+ void BN_free(BIGNUM *a);
+
+ void BN_clear_free(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_new() allocates and initializes a <b>BIGNUM</b> structure. BN_secure_new() does the same except that the secure heap OPENSSL_secure_malloc(3) is used to store the value.</p>
+
+<p>BN_clear() is used to destroy sensitive data such as keys when they are no longer needed. It erases the memory used by <b>a</b> and sets it to the value 0.</p>
+
+<p>BN_free() frees the components of the <b>BIGNUM</b>, and if it was created by BN_new(), also the structure itself. BN_clear_free() additionally overwrites the data before the memory is returned to the system. If <b>a</b> is NULL, nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_new() and BN_secure_new() return a pointer to the <b>BIGNUM</b> initialised to the value 0. If the allocation fails, they return <b>NULL</b> and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_clear(), BN_free() and BN_clear_free() have no return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_init() was removed in OpenSSL 1.1.0; use BN_new() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_cmp.html b/msys2/usr/share/doc/openssl/html/man3/BN_cmp.html
new file mode 100644
index 000000000..fb0a36149
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_cmp.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_cmp(BIGNUM *a, BIGNUM *b);
+ int BN_ucmp(BIGNUM *a, BIGNUM *b);
+
+ int BN_is_zero(BIGNUM *a);
+ int BN_is_one(BIGNUM *a);
+ int BN_is_word(BIGNUM *a, BN_ULONG w);
+ int BN_is_odd(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_cmp() compares the numbers <b>a</b> and <b>b</b>. BN_ucmp() compares their absolute values.</p>
+
+<p>BN_is_zero(), BN_is_one() and BN_is_word() test if <b>a</b> equals 0, 1, or <b>w</b> respectively. BN_is_odd() tests if a is odd.</p>
+
+<p>BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_cmp() returns -1 if <b>a</b> &lt; <b>b</b>, 0 if <b>a</b> == <b>b</b> and 1 if <b>a</b> &gt; <b>b</b>. BN_ucmp() is the same using the absolute values of <b>a</b> and <b>b</b>.</p>
+
+<p>BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if the condition is true, 0 otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_copy.html b/msys2/usr/share/doc/openssl/html/man3/BN_copy.html
new file mode 100644
index 000000000..ddd7ed675
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_copy.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_copy, BN_dup, BN_with_flags - copy BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_copy(BIGNUM *to, const BIGNUM *from);
+
+ BIGNUM *BN_dup(const BIGNUM *from);
+
+ void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_copy() copies <b>from</b> to <b>to</b>. BN_dup() creates a new <b>BIGNUM</b> containing the value <b>from</b>.</p>
+
+<p>BN_with_flags creates a <b>temporary</b> shallow copy of <b>b</b> in <b>dest</b>. It places significant restrictions on the copied data. Applications that do no adhere to these restrictions may encounter unexpected side effects or crashes. For that reason use of this function is discouraged. Any flags provided in <b>flags</b> will be set in <b>dest</b> in addition to any flags already set in <b>b</b>. For example this might commonly be used to create a temporary copy of a BIGNUM with the <b>BN_FLG_CONSTTIME</b> flag set for constant time operations. The temporary copy in <b>dest</b> will share some internal state with <b>b</b>. For this reason the following restrictions apply to the use of <b>dest</b>:</p>
+
+<ul>
+
+<li><p><b>dest</b> should be a newly allocated BIGNUM obtained via a call to BN_new(). It should not have been used for other purposes or initialised in any way.</p>
+
+</li>
+<li><p><b>dest</b> must only be used in &quot;read-only&quot; operations, i.e. typically those functions where the relevant parameter is declared &quot;const&quot;.</p>
+
+</li>
+<li><p><b>dest</b> must be used and freed before any further subsequent use of <b>b</b></p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_copy() returns <b>to</b> on success, NULL on error. BN_dup() returns the new <b>BIGNUM</b>, and NULL on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_dec2bn.html b/msys2/usr/share/doc/openssl/html/man3/BN_dec2bn.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_dec2bn.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_div.html b/msys2/usr/share/doc/openssl/html/man3/BN_div.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_div.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_div_recp.html b/msys2/usr/share/doc/openssl/html/man3/BN_div_recp.html
new file mode 100644
index 000000000..51c393d99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_div_recp.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_reciprocal</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using reciprocal</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_RECP_CTX *BN_RECP_CTX_new(void);
+ void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+
+ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp,
+                 BN_CTX *ctx);
+
+ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_RECP_CTX *recp, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_mod_mul_reciprocal() can be used to perform an efficient <a href="../man3/BN_mod_mul.html">BN_mod_mul(3)</a> operation when the operation will be performed repeatedly with the same modulus. It computes <b>r</b>=(<b>a</b>*<b>b</b>)%<b>m</b> using <b>recp</b>=1/<b>m</b>, which is set as described below. <b>ctx</b> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<p>BN_RECP_CTX_new() allocates and initializes a <b>BN_RECP</b> structure.</p>
+
+<p>BN_RECP_CTX_free() frees the components of the <b>BN_RECP</b>, and, if it was created by BN_RECP_CTX_new(), also the structure itself. If <b>recp</b> is NULL, nothing is done.</p>
+
+<p>BN_RECP_CTX_set() stores <b>m</b> in <b>recp</b> and sets it up for computing 1/<b>m</b> and shifting it left by BN_num_bits(<b>m</b>)+1 to make it an integer. The result and the number of bits it was shifted left will later be stored in <b>recp</b>.</p>
+
+<p>BN_div_recp() divides <b>a</b> by <b>m</b> using <b>recp</b>. It places the quotient in <b>dv</b> and the remainder in <b>rem</b>.</p>
+
+<p>The <b>BN_RECP_CTX</b> structure cannot be shared between threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_RECP_CTX_new() returns the newly allocated <b>BN_RECP_CTX</b>, and NULL on error.</p>
+
+<p>BN_RECP_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_RECP_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_div_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_div_word.html
new file mode 100644
index 000000000..31be49a8a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_div_word.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add_word</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic functions on BIGNUMs with integers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_sub_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_mul_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions perform arithmetic operations on BIGNUMs with unsigned integers. They are much more efficient than the normal BIGNUM arithmetic operations.</p>
+
+<p>BN_add_word() adds <b>w</b> to <b>a</b> (<code>a+=w</code>).</p>
+
+<p>BN_sub_word() subtracts <b>w</b> from <b>a</b> (<code>a-=w</code>).</p>
+
+<p>BN_mul_word() multiplies <b>a</b> and <b>w</b> (<code>a*=w</code>).</p>
+
+<p>BN_div_word() divides <b>a</b> by <b>w</b> (<code>a/=w</code>) and returns the remainder.</p>
+
+<p>BN_mod_word() returns the remainder of <b>a</b> divided by <b>w</b> (<code>a%w</code>).</p>
+
+<p>For BN_div_word() and BN_mod_word(), <b>w</b> must not be 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_mod_word() and BN_div_word() return <b>a</b>%<b>w</b> on success and <b>(BN_ULONG)-1</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_dup.html b/msys2/usr/share/doc/openssl/html/man3/BN_dup.html
new file mode 100644
index 000000000..ddd7ed675
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_dup.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_copy, BN_dup, BN_with_flags - copy BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_copy(BIGNUM *to, const BIGNUM *from);
+
+ BIGNUM *BN_dup(const BIGNUM *from);
+
+ void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_copy() copies <b>from</b> to <b>to</b>. BN_dup() creates a new <b>BIGNUM</b> containing the value <b>from</b>.</p>
+
+<p>BN_with_flags creates a <b>temporary</b> shallow copy of <b>b</b> in <b>dest</b>. It places significant restrictions on the copied data. Applications that do no adhere to these restrictions may encounter unexpected side effects or crashes. For that reason use of this function is discouraged. Any flags provided in <b>flags</b> will be set in <b>dest</b> in addition to any flags already set in <b>b</b>. For example this might commonly be used to create a temporary copy of a BIGNUM with the <b>BN_FLG_CONSTTIME</b> flag set for constant time operations. The temporary copy in <b>dest</b> will share some internal state with <b>b</b>. For this reason the following restrictions apply to the use of <b>dest</b>:</p>
+
+<ul>
+
+<li><p><b>dest</b> should be a newly allocated BIGNUM obtained via a call to BN_new(). It should not have been used for other purposes or initialised in any way.</p>
+
+</li>
+<li><p><b>dest</b> must only be used in &quot;read-only&quot; operations, i.e. typically those functions where the relevant parameter is declared &quot;const&quot;.</p>
+
+</li>
+<li><p><b>dest</b> must be used and freed before any further subsequent use of <b>b</b></p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_copy() returns <b>to</b> on success, NULL on error. BN_dup() returns the new <b>BIGNUM</b>, and NULL on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_exp.html b/msys2/usr/share/doc/openssl/html/man3/BN_exp.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_exp.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_free.html b/msys2/usr/share/doc/openssl/html/man3/BN_free.html
new file mode 100644
index 000000000..a14a6de6c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_free.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_new, BN_secure_new, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_new(void);
+
+ BIGNUM *BN_secure_new(void);
+
+ void BN_clear(BIGNUM *a);
+
+ void BN_free(BIGNUM *a);
+
+ void BN_clear_free(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_new() allocates and initializes a <b>BIGNUM</b> structure. BN_secure_new() does the same except that the secure heap OPENSSL_secure_malloc(3) is used to store the value.</p>
+
+<p>BN_clear() is used to destroy sensitive data such as keys when they are no longer needed. It erases the memory used by <b>a</b> and sets it to the value 0.</p>
+
+<p>BN_free() frees the components of the <b>BIGNUM</b>, and if it was created by BN_new(), also the structure itself. BN_clear_free() additionally overwrites the data before the memory is returned to the system. If <b>a</b> is NULL, nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_new() and BN_secure_new() return a pointer to the <b>BIGNUM</b> initialised to the value 0. If the allocation fails, they return <b>NULL</b> and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_clear(), BN_free() and BN_clear_free() have no return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_init() was removed in OpenSSL 1.1.0; use BN_new() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_from_montgomery.html b/msys2/usr/share/doc/openssl/html/man3/BN_from_montgomery.html
new file mode 100644
index 000000000..a31aa022c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_from_montgomery.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_montgomery</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_montgomery, BN_to_montgomery - Montgomery multiplication</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_MONT_CTX *mont, BN_CTX *ctx);
+
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                        BN_CTX *ctx);
+
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                      BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement Montgomery multiplication. They are used automatically when <a href="../man3/BN_mod_exp.html">BN_mod_exp(3)</a> is called with suitable input, but they may be useful when several operations are to be performed using the same modulus.</p>
+
+<p>BN_MONT_CTX_new() allocates and initializes a <b>BN_MONT_CTX</b> structure.</p>
+
+<p>BN_MONT_CTX_set() sets up the <i>mont</i> structure from the modulus <i>m</i> by precomputing its inverse and a value R.</p>
+
+<p>BN_MONT_CTX_copy() copies the <b>BN_MONT_CTX</b> <i>from</i> to <i>to</i>.</p>
+
+<p>BN_MONT_CTX_free() frees the components of the <b>BN_MONT_CTX</b>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. If <b>mont</b> is NULL, nothing is done.</p>
+
+<p>BN_mod_mul_montgomery() computes Mont(<i>a</i>,<i>b</i>):=<i>a</i>*<i>b</i>*R^-1 and places the result in <i>r</i>.</p>
+
+<p>BN_from_montgomery() performs the Montgomery reduction <i>r</i> = <i>a</i>*R^-1.</p>
+
+<p>BN_to_montgomery() computes Mont(<i>a</i>,R^2), i.e. <i>a</i>*R. Note that <i>a</i> must be non-negative and smaller than the modulus.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_MONT_CTX_new() returns the newly allocated <b>BN_MONT_CTX</b>, and NULL on error.</p>
+
+<p>BN_MONT_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The inputs must be reduced modulo <b>m</b>, otherwise the result will be outside the expected range.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_MONT_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_gcd.html b/msys2/usr/share/doc/openssl/html/man3/BN_gcd.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_gcd.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_generate_prime.html b/msys2/usr/share/doc/openssl/html/man3/BN_generate_prime.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_generate_prime.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_generate_prime_ex.html b/msys2/usr/share/doc/openssl/html/man3/BN_generate_prime_ex.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_generate_prime_ex.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_192.html b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_192.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_192.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_224.html b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_224.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_224.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_256.html b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_256.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_256.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_384.html b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_384.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_384.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_521.html b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_521.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get0_nist_prime_521.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc2409_prime_1024.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc2409_prime_1024.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc2409_prime_1024.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc2409_prime_768.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc2409_prime_768.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc2409_prime_768.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_1536.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_1536.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_1536.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_2048.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_2048.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_2048.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_3072.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_3072.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_3072.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_4096.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_4096.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_4096.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_6144.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_6144.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_6144.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_8192.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_8192.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_8192.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_get_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_get_word.html
new file mode 100644
index 000000000..bffa67231
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_get_word.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_zero</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_zero(BIGNUM *a);
+ int BN_one(BIGNUM *a);
+
+ const BIGNUM *BN_value_one(void);
+
+ int BN_set_word(BIGNUM *a, BN_ULONG w);
+ unsigned BN_ULONG BN_get_word(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>BN_ULONG</b> is a macro that will be an unsigned integral type optimized for the most efficient implementation on the local platform.</p>
+
+<p>BN_zero(), BN_one() and BN_set_word() set <b>a</b> to the values 0, 1 and <b>w</b> respectively. BN_zero() and BN_one() are macros.</p>
+
+<p>BN_value_one() returns a <b>BIGNUM</b> constant of value 1. This constant is useful for use in comparisons and assignment.</p>
+
+<p>BN_get_word() returns <b>a</b>, if it can be represented as a <b>BN_ULONG</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_get_word() returns the value <b>a</b>, or all-bits-set if <b>a</b> cannot be represented as a single integer.</p>
+
+<p>BN_one() and BN_set_word() return 1 on success, 0 otherwise. BN_value_one() returns the constant. BN_zero() never fails and returns no value.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>If a <b>BIGNUM</b> is equal to the value of all-bits-set, it will collide with the error condition returned by BN_get_word() which uses that as an error value.</p>
+
+<p><b>BN_ULONG</b> should probably be a typedef.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 0.9.8, BN_zero() was changed to not return a value; previous versions returned an int.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_hex2bn.html b/msys2/usr/share/doc/openssl/html/man3/BN_hex2bn.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_hex2bn.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_bit_set.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_bit_set.html
new file mode 100644
index 000000000..084793e43
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_bit_set.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_set_bit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
+
+<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
+
+<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
+
+<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&gt;&gt;n)</code>). An error occurs if <b>a</b> already is shorter than <b>n</b> bits.</p>
+
+<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be non-negative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
+
+<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be non-negative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
+
+<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
+
+<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_odd.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_odd.html
new file mode 100644
index 000000000..fb0a36149
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_odd.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_cmp(BIGNUM *a, BIGNUM *b);
+ int BN_ucmp(BIGNUM *a, BIGNUM *b);
+
+ int BN_is_zero(BIGNUM *a);
+ int BN_is_one(BIGNUM *a);
+ int BN_is_word(BIGNUM *a, BN_ULONG w);
+ int BN_is_odd(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_cmp() compares the numbers <b>a</b> and <b>b</b>. BN_ucmp() compares their absolute values.</p>
+
+<p>BN_is_zero(), BN_is_one() and BN_is_word() test if <b>a</b> equals 0, 1, or <b>w</b> respectively. BN_is_odd() tests if a is odd.</p>
+
+<p>BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_cmp() returns -1 if <b>a</b> &lt; <b>b</b>, 0 if <b>a</b> == <b>b</b> and 1 if <b>a</b> &gt; <b>b</b>. BN_ucmp() is the same using the absolute values of <b>a</b> and <b>b</b>.</p>
+
+<p>BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if the condition is true, 0 otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_one.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_one.html
new file mode 100644
index 000000000..fb0a36149
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_one.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_cmp(BIGNUM *a, BIGNUM *b);
+ int BN_ucmp(BIGNUM *a, BIGNUM *b);
+
+ int BN_is_zero(BIGNUM *a);
+ int BN_is_one(BIGNUM *a);
+ int BN_is_word(BIGNUM *a, BN_ULONG w);
+ int BN_is_odd(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_cmp() compares the numbers <b>a</b> and <b>b</b>. BN_ucmp() compares their absolute values.</p>
+
+<p>BN_is_zero(), BN_is_one() and BN_is_word() test if <b>a</b> equals 0, 1, or <b>w</b> respectively. BN_is_odd() tests if a is odd.</p>
+
+<p>BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_cmp() returns -1 if <b>a</b> &lt; <b>b</b>, 0 if <b>a</b> == <b>b</b> and 1 if <b>a</b> &gt; <b>b</b>. BN_ucmp() is the same using the absolute values of <b>a</b> and <b>b</b>.</p>
+
+<p>BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if the condition is true, 0 otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_prime.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_prime.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_prime.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_ex.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_ex.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_ex.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_fasttest.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_fasttest.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_fasttest.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_fasttest_ex.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_fasttest_ex.html
new file mode 100644
index 000000000..3935a16e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_prime_fasttest_ex.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_generate_prime</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                          const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                             int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ BN_GENCB *BN_GENCB_new(void);
+
+ void BN_GENCB_free(BN_GENCB *cb);
+
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+                       void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+                   int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+                           BIGNUM *rem, void (*callback)(int, int, void *),
+                           void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks,
+                 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                          void (*callback)(int, int, void *), BN_CTX *ctx,
+                          void *cb_arg, int do_trial_division);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length <b>bits</b>. If <b>ret</b> is not <b>NULL</b>, it will be used to store the number.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, it is used as follows:</p>
+
+<ul>
+
+<li><p><b>BN_GENCB_call(cb, 0, i)</b> is called after generating the i-th potential prime number.</p>
+
+</li>
+<li><p>While the number is being tested for primality, <b>BN_GENCB_call(cb, 1, j)</b> is called as described below.</p>
+
+</li>
+<li><p>When a prime has been found, <b>BN_GENCB_call(cb, 2, i)</b> is called.</p>
+
+</li>
+<li><p>The callers of BN_generate_prime_ex() may call <b>BN_GENCB_call(cb, i, j)</b> with other values as described in their respective man pages; see <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a>.</p>
+
+</li>
+</ul>
+
+<p>The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:</p>
+
+<p>If <b>add</b> is not <b>NULL</b>, the prime will fulfill the condition p % <b>add</b> == <b>rem</b> (p % <b>add</b> == 1 if <b>rem</b> == <b>NULL</b>) in order to suit a given generator.</p>
+
+<p>If <b>safe</b> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).</p>
+
+<p>The PRNG must be seeded prior to calling BN_generate_prime_ex(). The prime number generation has a negligible error probability.</p>
+
+<p>BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number <b>p</b> is prime. The following tests are performed until one of them shows that <b>p</b> is composite; if <b>p</b> passes all these tests, it is considered prime.</p>
+
+<p>BN_is_prime_fasttest_ex(), when called with <b>do_trial_division == 1</b>, first attempts trial division by a number of small primes; if no divisors are found by this test and <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, -1)</b> is called. If <b>do_trial_division == 0</b>, this test is skipped.</p>
+
+<p>Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with <b>nchecks</b> iterations. If <b>nchecks == BN_prime_checks</b>, a number of iterations is used that yields a false positive rate of at most 2^-64 for random input. The error rate depends on the size of the prime and goes down for bigger primes. The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits, 2^-192 at 3747 bits and 2^-256 at 6394 bits.</p>
+
+<p>When the source of the prime is not random or not trusted, the number of checks needs to be much higher to reach the same level of assurance: It should equal half of the targeted security level in bits (rounded up to the next integer if necessary). For instance, to reach the 128 bit security level, <b>nchecks</b> should be set to 64.</p>
+
+<p>If <b>cb</b> is not <b>NULL</b>, <b>BN_GENCB_call(cb, 1, j)</b> is called after the j-th iteration (j = 0, 1, ...). <b>ctx</b> is a pre-allocated <b>BN_CTX</b> (to save the overhead of allocating and freeing the structure in a loop), or <b>NULL</b>.</p>
+
+<p>BN_GENCB_call() calls the callback function held in the <b>BN_GENCB</b> structure and passes the ints <b>a</b> and <b>b</b> as arguments. There are two types of <b>BN_GENCB</b> structure that are supported: &quot;new&quot; style and &quot;old&quot; style. New programs should prefer the &quot;new&quot; style, whilst the &quot;old&quot; style is provided for backwards compatibility purposes.</p>
+
+<p>A <b>BN_GENCB</b> structure should be created through a call to BN_GENCB_new(), and freed through a call to BN_GENCB_free().</p>
+
+<p>For &quot;new&quot; style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where <b>gencb</b> is a <b>BN_GENCB *</b>, <b>callback</b> is of type <b>int (*callback)(int, int, BN_GENCB *)</b> and <b>cb_arg</b> is a <b>void *</b>. &quot;Old&quot; style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and <b>callback</b> is of type <b>void (*callback)(int, int, void *)</b>.</p>
+
+<p>A callback is invoked through a call to <b>BN_GENCB_call</b>. This will check the type of the callback and will invoke <b>callback(a, b, gencb)</b> for new style callbacks or <b>callback(a, b, cb_arg)</b> for old style.</p>
+
+<p>It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.</p>
+
+<p>BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old-style callback function directly in the <b>callback</b> parameter, and an argument to pass to it in the <b>cb_arg</b>. BN_is_prime() and BN_is_prime_fasttest() can similarly be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex(), respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_generate_prime_ex() return 1 on success or 0 on error.</p>
+
+<p>BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is prime with an error probability of less than 0.25^<b>nchecks</b>, and -1 on error.</p>
+
+<p>BN_generate_prime() returns the prime number on success, <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or <b>NULL</b> otherwise.</p>
+
+<p>BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB structure.</p>
+
+<p>Callback functions should return 1 on success or 0 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="REMOVED-FUNCTIONALITY">REMOVED FUNCTIONALITY</h1>
+
+<p>As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure directly, as in:</p>
+
+<pre><code> BN_GENCB callback;</code></pre>
+
+<p>Instead applications should create a BN_GENCB structure using BN_GENCB_new:</p>
+
+<pre><code> BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if (!callback)
+     /* error */
+ ...
+ BN_GENCB_free(callback);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_GENCB_new(), BN_GENCB_free(), and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_word.html
new file mode 100644
index 000000000..fb0a36149
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_word.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_cmp(BIGNUM *a, BIGNUM *b);
+ int BN_ucmp(BIGNUM *a, BIGNUM *b);
+
+ int BN_is_zero(BIGNUM *a);
+ int BN_is_one(BIGNUM *a);
+ int BN_is_word(BIGNUM *a, BN_ULONG w);
+ int BN_is_odd(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_cmp() compares the numbers <b>a</b> and <b>b</b>. BN_ucmp() compares their absolute values.</p>
+
+<p>BN_is_zero(), BN_is_one() and BN_is_word() test if <b>a</b> equals 0, 1, or <b>w</b> respectively. BN_is_odd() tests if a is odd.</p>
+
+<p>BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_cmp() returns -1 if <b>a</b> &lt; <b>b</b>, 0 if <b>a</b> == <b>b</b> and 1 if <b>a</b> &gt; <b>b</b>. BN_ucmp() is the same using the absolute values of <b>a</b> and <b>b</b>.</p>
+
+<p>BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if the condition is true, 0 otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_is_zero.html b/msys2/usr/share/doc/openssl/html/man3/BN_is_zero.html
new file mode 100644
index 000000000..fb0a36149
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_is_zero.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_cmp(BIGNUM *a, BIGNUM *b);
+ int BN_ucmp(BIGNUM *a, BIGNUM *b);
+
+ int BN_is_zero(BIGNUM *a);
+ int BN_is_one(BIGNUM *a);
+ int BN_is_word(BIGNUM *a, BN_ULONG w);
+ int BN_is_odd(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_cmp() compares the numbers <b>a</b> and <b>b</b>. BN_ucmp() compares their absolute values.</p>
+
+<p>BN_is_zero(), BN_is_one() and BN_is_word() test if <b>a</b> equals 0, 1, or <b>w</b> respectively. BN_is_odd() tests if a is odd.</p>
+
+<p>BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_cmp() returns -1 if <b>a</b> &lt; <b>b</b>, 0 if <b>a</b> == <b>b</b> and 1 if <b>a</b> &gt; <b>b</b>. BN_ucmp() is the same using the absolute values of <b>a</b> and <b>b</b>.</p>
+
+<p>BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if the condition is true, 0 otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_lebin2bn.html b/msys2/usr/share/doc/openssl/html/man3/BN_lebin2bn.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_lebin2bn.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_lshift.html b/msys2/usr/share/doc/openssl/html/man3/BN_lshift.html
new file mode 100644
index 000000000..084793e43
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_lshift.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_set_bit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
+
+<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
+
+<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
+
+<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&gt;&gt;n)</code>). An error occurs if <b>a</b> already is shorter than <b>n</b> bits.</p>
+
+<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be non-negative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
+
+<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be non-negative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
+
+<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
+
+<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_lshift1.html b/msys2/usr/share/doc/openssl/html/man3/BN_lshift1.html
new file mode 100644
index 000000000..084793e43
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_lshift1.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_set_bit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
+
+<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
+
+<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
+
+<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&gt;&gt;n)</code>). An error occurs if <b>a</b> already is shorter than <b>n</b> bits.</p>
+
+<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be non-negative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
+
+<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be non-negative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
+
+<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
+
+<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mask_bits.html b/msys2/usr/share/doc/openssl/html/man3/BN_mask_bits.html
new file mode 100644
index 000000000..084793e43
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mask_bits.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_set_bit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
+
+<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
+
+<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
+
+<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&gt;&gt;n)</code>). An error occurs if <b>a</b> already is shorter than <b>n</b> bits.</p>
+
+<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be non-negative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
+
+<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be non-negative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
+
+<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
+
+<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_add.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_add.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_add.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_exp.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_exp.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_inverse.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_inverse.html
new file mode 100644
index 000000000..79b92a55e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_inverse.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_inverse</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_inverse - compute inverse modulo n</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
+                        BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_mod_inverse() computes the inverse of <b>a</b> modulo <b>n</b> places the result in <b>r</b> (<code>(a*r)%n==1</code>). If <b>r</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p><b>ctx</b> is a previously allocated <b>BN_CTX</b> used for temporary variables. <b>r</b> may be the same <b>BIGNUM</b> as <b>a</b> or <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_mod_inverse() returns the <b>BIGNUM</b> containing the inverse, and NULL on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul_montgomery.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul_montgomery.html
new file mode 100644
index 000000000..a31aa022c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul_montgomery.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_montgomery</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_montgomery, BN_to_montgomery - Montgomery multiplication</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_MONT_CTX *mont, BN_CTX *ctx);
+
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                        BN_CTX *ctx);
+
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                      BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement Montgomery multiplication. They are used automatically when <a href="../man3/BN_mod_exp.html">BN_mod_exp(3)</a> is called with suitable input, but they may be useful when several operations are to be performed using the same modulus.</p>
+
+<p>BN_MONT_CTX_new() allocates and initializes a <b>BN_MONT_CTX</b> structure.</p>
+
+<p>BN_MONT_CTX_set() sets up the <i>mont</i> structure from the modulus <i>m</i> by precomputing its inverse and a value R.</p>
+
+<p>BN_MONT_CTX_copy() copies the <b>BN_MONT_CTX</b> <i>from</i> to <i>to</i>.</p>
+
+<p>BN_MONT_CTX_free() frees the components of the <b>BN_MONT_CTX</b>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. If <b>mont</b> is NULL, nothing is done.</p>
+
+<p>BN_mod_mul_montgomery() computes Mont(<i>a</i>,<i>b</i>):=<i>a</i>*<i>b</i>*R^-1 and places the result in <i>r</i>.</p>
+
+<p>BN_from_montgomery() performs the Montgomery reduction <i>r</i> = <i>a</i>*R^-1.</p>
+
+<p>BN_to_montgomery() computes Mont(<i>a</i>,R^2), i.e. <i>a</i>*R. Note that <i>a</i> must be non-negative and smaller than the modulus.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_MONT_CTX_new() returns the newly allocated <b>BN_MONT_CTX</b>, and NULL on error.</p>
+
+<p>BN_MONT_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The inputs must be reduced modulo <b>m</b>, otherwise the result will be outside the expected range.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_MONT_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul_reciprocal.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul_reciprocal.html
new file mode 100644
index 000000000..51c393d99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_mul_reciprocal.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_reciprocal</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using reciprocal</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_RECP_CTX *BN_RECP_CTX_new(void);
+ void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+
+ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp,
+                 BN_CTX *ctx);
+
+ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_RECP_CTX *recp, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_mod_mul_reciprocal() can be used to perform an efficient <a href="../man3/BN_mod_mul.html">BN_mod_mul(3)</a> operation when the operation will be performed repeatedly with the same modulus. It computes <b>r</b>=(<b>a</b>*<b>b</b>)%<b>m</b> using <b>recp</b>=1/<b>m</b>, which is set as described below. <b>ctx</b> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<p>BN_RECP_CTX_new() allocates and initializes a <b>BN_RECP</b> structure.</p>
+
+<p>BN_RECP_CTX_free() frees the components of the <b>BN_RECP</b>, and, if it was created by BN_RECP_CTX_new(), also the structure itself. If <b>recp</b> is NULL, nothing is done.</p>
+
+<p>BN_RECP_CTX_set() stores <b>m</b> in <b>recp</b> and sets it up for computing 1/<b>m</b> and shifting it left by BN_num_bits(<b>m</b>)+1 to make it an integer. The result and the number of bits it was shifted left will later be stored in <b>recp</b>.</p>
+
+<p>BN_div_recp() divides <b>a</b> by <b>m</b> using <b>recp</b>. It places the quotient in <b>dv</b> and the remainder in <b>rem</b>.</p>
+
+<p>The <b>BN_RECP_CTX</b> structure cannot be shared between threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_RECP_CTX_new() returns the newly allocated <b>BN_RECP_CTX</b>, and NULL on error.</p>
+
+<p>BN_RECP_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_RECP_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_sqr.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_sqr.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_sqr.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_sub.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_sub.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_sub.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mod_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_mod_word.html
new file mode 100644
index 000000000..31be49a8a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mod_word.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add_word</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic functions on BIGNUMs with integers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_sub_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_mul_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions perform arithmetic operations on BIGNUMs with unsigned integers. They are much more efficient than the normal BIGNUM arithmetic operations.</p>
+
+<p>BN_add_word() adds <b>w</b> to <b>a</b> (<code>a+=w</code>).</p>
+
+<p>BN_sub_word() subtracts <b>w</b> from <b>a</b> (<code>a-=w</code>).</p>
+
+<p>BN_mul_word() multiplies <b>a</b> and <b>w</b> (<code>a*=w</code>).</p>
+
+<p>BN_div_word() divides <b>a</b> by <b>w</b> (<code>a/=w</code>) and returns the remainder.</p>
+
+<p>BN_mod_word() returns the remainder of <b>a</b> divided by <b>w</b> (<code>a%w</code>).</p>
+
+<p>For BN_div_word() and BN_mod_word(), <b>w</b> must not be 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_mod_word() and BN_div_word() return <b>a</b>%<b>w</b> on success and <b>(BN_ULONG)-1</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mpi2bn.html b/msys2/usr/share/doc/openssl/html/man3/BN_mpi2bn.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mpi2bn.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mul.html b/msys2/usr/share/doc/openssl/html/man3/BN_mul.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mul.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_mul_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_mul_word.html
new file mode 100644
index 000000000..31be49a8a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_mul_word.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add_word</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic functions on BIGNUMs with integers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_sub_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_mul_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions perform arithmetic operations on BIGNUMs with unsigned integers. They are much more efficient than the normal BIGNUM arithmetic operations.</p>
+
+<p>BN_add_word() adds <b>w</b> to <b>a</b> (<code>a+=w</code>).</p>
+
+<p>BN_sub_word() subtracts <b>w</b> from <b>a</b> (<code>a-=w</code>).</p>
+
+<p>BN_mul_word() multiplies <b>a</b> and <b>w</b> (<code>a*=w</code>).</p>
+
+<p>BN_div_word() divides <b>a</b> by <b>w</b> (<code>a/=w</code>) and returns the remainder.</p>
+
+<p>BN_mod_word() returns the remainder of <b>a</b> divided by <b>w</b> (<code>a%w</code>).</p>
+
+<p>For BN_div_word() and BN_mod_word(), <b>w</b> must not be 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_mod_word() and BN_div_word() return <b>a</b>%<b>w</b> on success and <b>(BN_ULONG)-1</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_new.html b/msys2/usr/share/doc/openssl/html/man3/BN_new.html
new file mode 100644
index 000000000..a14a6de6c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_new.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_new, BN_secure_new, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_new(void);
+
+ BIGNUM *BN_secure_new(void);
+
+ void BN_clear(BIGNUM *a);
+
+ void BN_free(BIGNUM *a);
+
+ void BN_clear_free(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_new() allocates and initializes a <b>BIGNUM</b> structure. BN_secure_new() does the same except that the secure heap OPENSSL_secure_malloc(3) is used to store the value.</p>
+
+<p>BN_clear() is used to destroy sensitive data such as keys when they are no longer needed. It erases the memory used by <b>a</b> and sets it to the value 0.</p>
+
+<p>BN_free() frees the components of the <b>BIGNUM</b>, and if it was created by BN_new(), also the structure itself. BN_clear_free() additionally overwrites the data before the memory is returned to the system. If <b>a</b> is NULL, nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_new() and BN_secure_new() return a pointer to the <b>BIGNUM</b> initialised to the value 0. If the allocation fails, they return <b>NULL</b> and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_clear(), BN_free() and BN_clear_free() have no return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_init() was removed in OpenSSL 1.1.0; use BN_new() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_nnmod.html b/msys2/usr/share/doc/openssl/html/man3/BN_nnmod.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_nnmod.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_num_bits.html b/msys2/usr/share/doc/openssl/html/man3/BN_num_bits.html
new file mode 100644
index 000000000..b2b539d2c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_num_bits.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_num_bytes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_num_bytes(const BIGNUM *a);
+
+ int BN_num_bits(const BIGNUM *a);
+
+ int BN_num_bits_word(BN_ULONG w);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_num_bytes() returns the size of a <b>BIGNUM</b> in bytes.</p>
+
+<p>BN_num_bits_word() returns the number of significant bits in a word. If we take 0x00000432 as an example, it returns 11, not 16, not 32. Basically, except for a zero, it returns <i>floor(log2(w))+1</i>.</p>
+
+<p>BN_num_bits() returns the number of significant bits in a <b>BIGNUM</b>, following the same principle as BN_num_bits_word().</p>
+
+<p>BN_num_bytes() is a macro.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some have tried using BN_num_bits() on individual numbers in RSA keys, DH keys and DSA keys, and found that they don&#39;t always come up with the number of bits they expected (something like 512, 1024, 2048, ...). This is because generating a number with some specific number of bits doesn&#39;t always set the highest bits, thereby making the number of <i>significant</i> bits a little lower. If you want to know the &quot;key size&quot; of such a key, either use functions like RSA_size(), DH_size() and DSA_size(), or use BN_num_bytes() and multiply with 8 (although there&#39;s no real guarantee that will match the &quot;key size&quot;, just a lot more probability).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_num_bits_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_num_bits_word.html
new file mode 100644
index 000000000..b2b539d2c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_num_bits_word.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_num_bytes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_num_bytes(const BIGNUM *a);
+
+ int BN_num_bits(const BIGNUM *a);
+
+ int BN_num_bits_word(BN_ULONG w);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_num_bytes() returns the size of a <b>BIGNUM</b> in bytes.</p>
+
+<p>BN_num_bits_word() returns the number of significant bits in a word. If we take 0x00000432 as an example, it returns 11, not 16, not 32. Basically, except for a zero, it returns <i>floor(log2(w))+1</i>.</p>
+
+<p>BN_num_bits() returns the number of significant bits in a <b>BIGNUM</b>, following the same principle as BN_num_bits_word().</p>
+
+<p>BN_num_bytes() is a macro.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some have tried using BN_num_bits() on individual numbers in RSA keys, DH keys and DSA keys, and found that they don&#39;t always come up with the number of bits they expected (something like 512, 1024, 2048, ...). This is because generating a number with some specific number of bits doesn&#39;t always set the highest bits, thereby making the number of <i>significant</i> bits a little lower. If you want to know the &quot;key size&quot; of such a key, either use functions like RSA_size(), DH_size() and DSA_size(), or use BN_num_bytes() and multiply with 8 (although there&#39;s no real guarantee that will match the &quot;key size&quot;, just a lot more probability).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_num_bytes.html b/msys2/usr/share/doc/openssl/html/man3/BN_num_bytes.html
new file mode 100644
index 000000000..b2b539d2c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_num_bytes.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_num_bytes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_num_bytes(const BIGNUM *a);
+
+ int BN_num_bits(const BIGNUM *a);
+
+ int BN_num_bits_word(BN_ULONG w);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_num_bytes() returns the size of a <b>BIGNUM</b> in bytes.</p>
+
+<p>BN_num_bits_word() returns the number of significant bits in a word. If we take 0x00000432 as an example, it returns 11, not 16, not 32. Basically, except for a zero, it returns <i>floor(log2(w))+1</i>.</p>
+
+<p>BN_num_bits() returns the number of significant bits in a <b>BIGNUM</b>, following the same principle as BN_num_bits_word().</p>
+
+<p>BN_num_bytes() is a macro.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some have tried using BN_num_bits() on individual numbers in RSA keys, DH keys and DSA keys, and found that they don&#39;t always come up with the number of bits they expected (something like 512, 1024, 2048, ...). This is because generating a number with some specific number of bits doesn&#39;t always set the highest bits, thereby making the number of <i>significant</i> bits a little lower. If you want to know the &quot;key size&quot; of such a key, either use functions like RSA_size(), DH_size() and DSA_size(), or use BN_num_bytes() and multiply with 8 (although there&#39;s no real guarantee that will match the &quot;key size&quot;, just a lot more probability).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_one.html b/msys2/usr/share/doc/openssl/html/man3/BN_one.html
new file mode 100644
index 000000000..bffa67231
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_one.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_zero</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_zero(BIGNUM *a);
+ int BN_one(BIGNUM *a);
+
+ const BIGNUM *BN_value_one(void);
+
+ int BN_set_word(BIGNUM *a, BN_ULONG w);
+ unsigned BN_ULONG BN_get_word(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>BN_ULONG</b> is a macro that will be an unsigned integral type optimized for the most efficient implementation on the local platform.</p>
+
+<p>BN_zero(), BN_one() and BN_set_word() set <b>a</b> to the values 0, 1 and <b>w</b> respectively. BN_zero() and BN_one() are macros.</p>
+
+<p>BN_value_one() returns a <b>BIGNUM</b> constant of value 1. This constant is useful for use in comparisons and assignment.</p>
+
+<p>BN_get_word() returns <b>a</b>, if it can be represented as a <b>BN_ULONG</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_get_word() returns the value <b>a</b>, or all-bits-set if <b>a</b> cannot be represented as a single integer.</p>
+
+<p>BN_one() and BN_set_word() return 1 on success, 0 otherwise. BN_value_one() returns the constant. BN_zero() never fails and returns no value.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>If a <b>BIGNUM</b> is equal to the value of all-bits-set, it will collide with the error condition returned by BN_get_word() which uses that as an error value.</p>
+
+<p><b>BN_ULONG</b> should probably be a typedef.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 0.9.8, BN_zero() was changed to not return a value; previous versions returned an int.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_print.html b/msys2/usr/share/doc/openssl/html/man3/BN_print.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_print.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_print_fp.html b/msys2/usr/share/doc/openssl/html/man3/BN_print_fp.html
new file mode 100644
index 000000000..152a43462
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_print_fp.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_bn2bin</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_bn2binpad, BN_bn2bin, BN_bin2bn, BN_bn2lebinpad, BN_lebin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_bn2bin() converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>to</b> must point to BN_num_bytes(<b>a</b>) bytes of memory.</p>
+
+<p>BN_bn2binpad() also converts the absolute value of <b>a</b> into big-endian form and stores it at <b>to</b>. <b>tolen</b> indicates the length of the output buffer <b>to</b>. The result is padded with zeroes if necessary. If <b>tolen</b> is less than BN_num_bytes(<b>a</b>) an error is returned.</p>
+
+<p>BN_bin2bn() converts the positive integer in big-endian form of length <b>len</b> at <b>s</b> into a <b>BIGNUM</b> and places it in <b>ret</b>. If <b>ret</b> is NULL, a new <b>BIGNUM</b> is created.</p>
+
+<p>BN_bn2lebinpad() and BN_lebin2bn() are identical to BN_bn2binpad() and BN_bin2bn() except the buffer is in little-endian format.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return printable strings containing the hexadecimal and decimal encoding of <b>a</b> respectively. For negative numbers, the string is prefaced with a leading &#39;-&#39;. The string must be freed later using OPENSSL_free().</p>
+
+<p>BN_hex2bn() takes as many characters as possible from the string <b>str</b>, including the leading character &#39;-&#39; which means negative, to form a valid hexadecimal number representation and converts them to a <b>BIGNUM</b> and stores it in **<b>a</b>. If *<b>a</b> is NULL, a new <b>BIGNUM</b> is created. If <b>a</b> is NULL, it only computes the length of valid representation. A &quot;negative zero&quot; is converted to zero. BN_dec2bn() is the same using the decimal system.</p>
+
+<p>BN_print() and BN_print_fp() write the hexadecimal encoding of <b>a</b>, with a leading &#39;-&#39; for negative numbers, to the <b>BIO</b> or <b>FILE</b> <b>fp</b>.</p>
+
+<p>BN_bn2mpi() and BN_mpi2bn() convert <b>BIGNUM</b>s from and to a format that consists of the number&#39;s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).</p>
+
+<p>BN_bn2mpi() stores the representation of <b>a</b> at <b>to</b>, where <b>to</b> must be large enough to hold the result. The size can be determined by calling BN_bn2mpi(<b>a</b>, NULL).</p>
+
+<p>BN_mpi2bn() converts the <b>len</b> bytes long representation at <b>s</b> to a <b>BIGNUM</b> and stores it at <b>ret</b>, or in a newly allocated <b>BIGNUM</b> if <b>ret</b> is NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_bn2bin() returns the length of the big-endian number placed at <b>to</b>. BN_bin2bn() returns the <b>BIGNUM</b>, NULL on error.</p>
+
+<p>BN_bn2binpad() returns the number of bytes written or -1 if the supplied buffer is too small.</p>
+
+<p>BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new <b>BIGNUM</b> will be created.</p>
+
+<p>BN_print_fp() and BN_print() return 1 on success, 0 on write errors.</p>
+
+<p>BN_bn2mpi() returns the length of the representation. BN_mpi2bn() returns the <b>BIGNUM</b>, and NULL on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_zero.html">BN_zero(3)</a>, <a href="../man3/ASN1_INTEGER_to_BN.html">ASN1_INTEGER_to_BN(3)</a>, <a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_priv_rand.html b/msys2/usr/share/doc/openssl/html/man3/BN_priv_rand.html
new file mode 100644
index 000000000..ffa032497
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_priv_rand.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_rand</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_rand, BN_priv_rand, BN_pseudo_rand, BN_rand_range, BN_priv_rand_range, BN_pseudo_rand_range - generate pseudo-random number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_priv_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_rand() generates a cryptographically strong pseudo-random number of <b>bits</b> in length and stores it in <b>rnd</b>. If <b>bits</b> is less than zero, or too small to accommodate the requirements specified by the <b>top</b> and <b>bottom</b> parameters, an error is returned. The <b>top</b> parameters specifies requirements on the most significant bit of the generated number. If it is <b>BN_RAND_TOP_ANY</b>, there is no constraint. If it is <b>BN_RAND_TOP_ONE</b>, the top bit must be one. If it is <b>BN_RAND_TOP_TWO</b>, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*<b>bits</b> length. If <b>bottom</b> is <b>BN_RAND_BOTTOM_ODD</b>, the number will be odd; if it is <b>BN_RAND_BOTTOM_ANY</b> it can be odd or even. If <b>bits</b> is 1 then <b>top</b> cannot also be <b>BN_RAND_FLG_TOPTWO</b>.</p>
+
+<p>BN_rand_range() generates a cryptographically strong pseudo-random number <b>rnd</b> in the range 0 &lt;= <b>rnd</b> &lt; <b>range</b>.</p>
+
+<p>BN_priv_rand() and BN_priv_rand_range() have the same semantics as BN_rand() and BN_rand_range() respectively. They are intended to be used for generating values that should remain private, and mirror the same difference between <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of these functions and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 on success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical to BN_rand() and BN_pseudo_rand_range() has been identical to BN_rand_range(). The &quot;pseudo&quot; functions should not be used and may be deprecated in a future release.</p>
+
+</li>
+<li><p>The BN_priv_rand() and BN_priv_rand_range() functions were added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_priv_rand_range.html b/msys2/usr/share/doc/openssl/html/man3/BN_priv_rand_range.html
new file mode 100644
index 000000000..ffa032497
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_priv_rand_range.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_rand</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_rand, BN_priv_rand, BN_pseudo_rand, BN_rand_range, BN_priv_rand_range, BN_pseudo_rand_range - generate pseudo-random number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_priv_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_rand() generates a cryptographically strong pseudo-random number of <b>bits</b> in length and stores it in <b>rnd</b>. If <b>bits</b> is less than zero, or too small to accommodate the requirements specified by the <b>top</b> and <b>bottom</b> parameters, an error is returned. The <b>top</b> parameters specifies requirements on the most significant bit of the generated number. If it is <b>BN_RAND_TOP_ANY</b>, there is no constraint. If it is <b>BN_RAND_TOP_ONE</b>, the top bit must be one. If it is <b>BN_RAND_TOP_TWO</b>, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*<b>bits</b> length. If <b>bottom</b> is <b>BN_RAND_BOTTOM_ODD</b>, the number will be odd; if it is <b>BN_RAND_BOTTOM_ANY</b> it can be odd or even. If <b>bits</b> is 1 then <b>top</b> cannot also be <b>BN_RAND_FLG_TOPTWO</b>.</p>
+
+<p>BN_rand_range() generates a cryptographically strong pseudo-random number <b>rnd</b> in the range 0 &lt;= <b>rnd</b> &lt; <b>range</b>.</p>
+
+<p>BN_priv_rand() and BN_priv_rand_range() have the same semantics as BN_rand() and BN_rand_range() respectively. They are intended to be used for generating values that should remain private, and mirror the same difference between <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of these functions and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 on success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical to BN_rand() and BN_pseudo_rand_range() has been identical to BN_rand_range(). The &quot;pseudo&quot; functions should not be used and may be deprecated in a future release.</p>
+
+</li>
+<li><p>The BN_priv_rand() and BN_priv_rand_range() functions were added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_pseudo_rand.html b/msys2/usr/share/doc/openssl/html/man3/BN_pseudo_rand.html
new file mode 100644
index 000000000..ffa032497
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_pseudo_rand.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_rand</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_rand, BN_priv_rand, BN_pseudo_rand, BN_rand_range, BN_priv_rand_range, BN_pseudo_rand_range - generate pseudo-random number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_priv_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_rand() generates a cryptographically strong pseudo-random number of <b>bits</b> in length and stores it in <b>rnd</b>. If <b>bits</b> is less than zero, or too small to accommodate the requirements specified by the <b>top</b> and <b>bottom</b> parameters, an error is returned. The <b>top</b> parameters specifies requirements on the most significant bit of the generated number. If it is <b>BN_RAND_TOP_ANY</b>, there is no constraint. If it is <b>BN_RAND_TOP_ONE</b>, the top bit must be one. If it is <b>BN_RAND_TOP_TWO</b>, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*<b>bits</b> length. If <b>bottom</b> is <b>BN_RAND_BOTTOM_ODD</b>, the number will be odd; if it is <b>BN_RAND_BOTTOM_ANY</b> it can be odd or even. If <b>bits</b> is 1 then <b>top</b> cannot also be <b>BN_RAND_FLG_TOPTWO</b>.</p>
+
+<p>BN_rand_range() generates a cryptographically strong pseudo-random number <b>rnd</b> in the range 0 &lt;= <b>rnd</b> &lt; <b>range</b>.</p>
+
+<p>BN_priv_rand() and BN_priv_rand_range() have the same semantics as BN_rand() and BN_rand_range() respectively. They are intended to be used for generating values that should remain private, and mirror the same difference between <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of these functions and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 on success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical to BN_rand() and BN_pseudo_rand_range() has been identical to BN_rand_range(). The &quot;pseudo&quot; functions should not be used and may be deprecated in a future release.</p>
+
+</li>
+<li><p>The BN_priv_rand() and BN_priv_rand_range() functions were added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_pseudo_rand_range.html b/msys2/usr/share/doc/openssl/html/man3/BN_pseudo_rand_range.html
new file mode 100644
index 000000000..ffa032497
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_pseudo_rand_range.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_rand</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_rand, BN_priv_rand, BN_pseudo_rand, BN_rand_range, BN_priv_rand_range, BN_pseudo_rand_range - generate pseudo-random number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_priv_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_rand() generates a cryptographically strong pseudo-random number of <b>bits</b> in length and stores it in <b>rnd</b>. If <b>bits</b> is less than zero, or too small to accommodate the requirements specified by the <b>top</b> and <b>bottom</b> parameters, an error is returned. The <b>top</b> parameters specifies requirements on the most significant bit of the generated number. If it is <b>BN_RAND_TOP_ANY</b>, there is no constraint. If it is <b>BN_RAND_TOP_ONE</b>, the top bit must be one. If it is <b>BN_RAND_TOP_TWO</b>, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*<b>bits</b> length. If <b>bottom</b> is <b>BN_RAND_BOTTOM_ODD</b>, the number will be odd; if it is <b>BN_RAND_BOTTOM_ANY</b> it can be odd or even. If <b>bits</b> is 1 then <b>top</b> cannot also be <b>BN_RAND_FLG_TOPTWO</b>.</p>
+
+<p>BN_rand_range() generates a cryptographically strong pseudo-random number <b>rnd</b> in the range 0 &lt;= <b>rnd</b> &lt; <b>range</b>.</p>
+
+<p>BN_priv_rand() and BN_priv_rand_range() have the same semantics as BN_rand() and BN_rand_range() respectively. They are intended to be used for generating values that should remain private, and mirror the same difference between <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of these functions and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 on success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical to BN_rand() and BN_pseudo_rand_range() has been identical to BN_rand_range(). The &quot;pseudo&quot; functions should not be used and may be deprecated in a future release.</p>
+
+</li>
+<li><p>The BN_priv_rand() and BN_priv_rand_range() functions were added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_rand.html b/msys2/usr/share/doc/openssl/html/man3/BN_rand.html
new file mode 100644
index 000000000..ffa032497
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_rand.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_rand</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_rand, BN_priv_rand, BN_pseudo_rand, BN_rand_range, BN_priv_rand_range, BN_pseudo_rand_range - generate pseudo-random number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_priv_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_rand() generates a cryptographically strong pseudo-random number of <b>bits</b> in length and stores it in <b>rnd</b>. If <b>bits</b> is less than zero, or too small to accommodate the requirements specified by the <b>top</b> and <b>bottom</b> parameters, an error is returned. The <b>top</b> parameters specifies requirements on the most significant bit of the generated number. If it is <b>BN_RAND_TOP_ANY</b>, there is no constraint. If it is <b>BN_RAND_TOP_ONE</b>, the top bit must be one. If it is <b>BN_RAND_TOP_TWO</b>, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*<b>bits</b> length. If <b>bottom</b> is <b>BN_RAND_BOTTOM_ODD</b>, the number will be odd; if it is <b>BN_RAND_BOTTOM_ANY</b> it can be odd or even. If <b>bits</b> is 1 then <b>top</b> cannot also be <b>BN_RAND_FLG_TOPTWO</b>.</p>
+
+<p>BN_rand_range() generates a cryptographically strong pseudo-random number <b>rnd</b> in the range 0 &lt;= <b>rnd</b> &lt; <b>range</b>.</p>
+
+<p>BN_priv_rand() and BN_priv_rand_range() have the same semantics as BN_rand() and BN_rand_range() respectively. They are intended to be used for generating values that should remain private, and mirror the same difference between <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of these functions and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 on success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical to BN_rand() and BN_pseudo_rand_range() has been identical to BN_rand_range(). The &quot;pseudo&quot; functions should not be used and may be deprecated in a future release.</p>
+
+</li>
+<li><p>The BN_priv_rand() and BN_priv_rand_range() functions were added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_rand_range.html b/msys2/usr/share/doc/openssl/html/man3/BN_rand_range.html
new file mode 100644
index 000000000..ffa032497
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_rand_range.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_rand</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_rand, BN_priv_rand, BN_pseudo_rand, BN_rand_range, BN_priv_rand_range, BN_pseudo_rand_range - generate pseudo-random number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_priv_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_rand() generates a cryptographically strong pseudo-random number of <b>bits</b> in length and stores it in <b>rnd</b>. If <b>bits</b> is less than zero, or too small to accommodate the requirements specified by the <b>top</b> and <b>bottom</b> parameters, an error is returned. The <b>top</b> parameters specifies requirements on the most significant bit of the generated number. If it is <b>BN_RAND_TOP_ANY</b>, there is no constraint. If it is <b>BN_RAND_TOP_ONE</b>, the top bit must be one. If it is <b>BN_RAND_TOP_TWO</b>, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*<b>bits</b> length. If <b>bottom</b> is <b>BN_RAND_BOTTOM_ODD</b>, the number will be odd; if it is <b>BN_RAND_BOTTOM_ANY</b> it can be odd or even. If <b>bits</b> is 1 then <b>top</b> cannot also be <b>BN_RAND_FLG_TOPTWO</b>.</p>
+
+<p>BN_rand_range() generates a cryptographically strong pseudo-random number <b>rnd</b> in the range 0 &lt;= <b>rnd</b> &lt; <b>range</b>.</p>
+
+<p>BN_priv_rand() and BN_priv_rand_range() have the same semantics as BN_rand() and BN_rand_range() respectively. They are intended to be used for generating values that should remain private, and mirror the same difference between <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of these functions and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 on success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical to BN_rand() and BN_pseudo_rand_range() has been identical to BN_rand_range(). The &quot;pseudo&quot; functions should not be used and may be deprecated in a future release.</p>
+
+</li>
+<li><p>The BN_priv_rand() and BN_priv_rand_range() functions were added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_rshift.html b/msys2/usr/share/doc/openssl/html/man3/BN_rshift.html
new file mode 100644
index 000000000..084793e43
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_rshift.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_set_bit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
+
+<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
+
+<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
+
+<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&gt;&gt;n)</code>). An error occurs if <b>a</b> already is shorter than <b>n</b> bits.</p>
+
+<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be non-negative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
+
+<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be non-negative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
+
+<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
+
+<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_rshift1.html b/msys2/usr/share/doc/openssl/html/man3/BN_rshift1.html
new file mode 100644
index 000000000..084793e43
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_rshift1.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_set_bit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
+
+<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
+
+<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
+
+<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&gt;&gt;n)</code>). An error occurs if <b>a</b> already is shorter than <b>n</b> bits.</p>
+
+<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be non-negative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
+
+<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be non-negative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
+
+<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
+
+<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_secure_new.html b/msys2/usr/share/doc/openssl/html/man3/BN_secure_new.html
new file mode 100644
index 000000000..a14a6de6c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_secure_new.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_new, BN_secure_new, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_new(void);
+
+ BIGNUM *BN_secure_new(void);
+
+ void BN_clear(BIGNUM *a);
+
+ void BN_free(BIGNUM *a);
+
+ void BN_clear_free(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_new() allocates and initializes a <b>BIGNUM</b> structure. BN_secure_new() does the same except that the secure heap OPENSSL_secure_malloc(3) is used to store the value.</p>
+
+<p>BN_clear() is used to destroy sensitive data such as keys when they are no longer needed. It erases the memory used by <b>a</b> and sets it to the value 0.</p>
+
+<p>BN_free() frees the components of the <b>BIGNUM</b>, and if it was created by BN_new(), also the structure itself. BN_clear_free() additionally overwrites the data before the memory is returned to the system. If <b>a</b> is NULL, nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_new() and BN_secure_new() return a pointer to the <b>BIGNUM</b> initialised to the value 0. If the allocation fails, they return <b>NULL</b> and set an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_clear(), BN_free() and BN_clear_free() have no return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_init() was removed in OpenSSL 1.1.0; use BN_new() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_security_bits.html b/msys2/usr/share/doc/openssl/html/man3/BN_security_bits.html
new file mode 100644
index 000000000..3f680779b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_security_bits.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_security_bits</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_security_bits - returns bits of security based on given numbers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_security_bits(int L, int N);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_security_bits() returns the number of bits of security provided by a specific algorithm and a particular key size. The bits of security is defined in NIST SP800-57. Currently, BN_security_bits() support two types of asymmetric algorithms: the FFC (Finite Field Cryptography) and IFC (Integer Factorization Cryptography). For FFC, e.g., DSA and DH, both parameters <b>L</b> and <b>N</b> are used to decide the bits of security, where <b>L</b> is the size of the public key and <b>N</b> is the size of the private key. For IFC, e.g., RSA, only <b>L</b> is used and it&#39;s commonly considered to be the key size (modulus).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Number of security bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>ECC (Elliptic Curve Cryptography) is not covered by the BN_security_bits() function. The symmetric algorithms are not covered neither.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BN_security_bits() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_security_bits.html">DH_security_bits(3)</a>, <a href="../man3/DSA_security_bits.html">DSA_security_bits(3)</a>, <a href="../man3/RSA_security_bits.html">RSA_security_bits(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_set_bit.html b/msys2/usr/share/doc/openssl/html/man3/BN_set_bit.html
new file mode 100644
index 000000000..084793e43
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_set_bit.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_set_bit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_set_bit() sets bit <b>n</b> in <b>a</b> to 1 (<code>a|=(1&lt;&lt;n)</code>). The number is expanded if necessary.</p>
+
+<p>BN_clear_bit() sets bit <b>n</b> in <b>a</b> to 0 (<code>a&amp;=~(1&lt;&lt;n)</code>). An error occurs if <b>a</b> is shorter than <b>n</b> bits.</p>
+
+<p>BN_is_bit_set() tests if bit <b>n</b> in <b>a</b> is set.</p>
+
+<p>BN_mask_bits() truncates <b>a</b> to an <b>n</b> bit number (<code>a&amp;=~((~0)&gt;&gt;n)</code>). An error occurs if <b>a</b> already is shorter than <b>n</b> bits.</p>
+
+<p>BN_lshift() shifts <b>a</b> left by <b>n</b> bits and places the result in <b>r</b> (<code>r=a*2^n</code>). Note that <b>n</b> must be non-negative. BN_lshift1() shifts <b>a</b> left by one and places the result in <b>r</b> (<code>r=2*a</code>).</p>
+
+<p>BN_rshift() shifts <b>a</b> right by <b>n</b> bits and places the result in <b>r</b> (<code>r=a/2^n</code>). Note that <b>n</b> must be non-negative. BN_rshift1() shifts <b>a</b> right by one and places the result in <b>r</b> (<code>r=a/2</code>).</p>
+
+<p>For the shift functions, <b>r</b> and <b>a</b> may be the same variable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.</p>
+
+<p>All other functions return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bytes.html">BN_num_bytes(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_set_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_set_word.html
new file mode 100644
index 000000000..bffa67231
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_set_word.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_zero</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_zero(BIGNUM *a);
+ int BN_one(BIGNUM *a);
+
+ const BIGNUM *BN_value_one(void);
+
+ int BN_set_word(BIGNUM *a, BN_ULONG w);
+ unsigned BN_ULONG BN_get_word(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>BN_ULONG</b> is a macro that will be an unsigned integral type optimized for the most efficient implementation on the local platform.</p>
+
+<p>BN_zero(), BN_one() and BN_set_word() set <b>a</b> to the values 0, 1 and <b>w</b> respectively. BN_zero() and BN_one() are macros.</p>
+
+<p>BN_value_one() returns a <b>BIGNUM</b> constant of value 1. This constant is useful for use in comparisons and assignment.</p>
+
+<p>BN_get_word() returns <b>a</b>, if it can be represented as a <b>BN_ULONG</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_get_word() returns the value <b>a</b>, or all-bits-set if <b>a</b> cannot be represented as a single integer.</p>
+
+<p>BN_one() and BN_set_word() return 1 on success, 0 otherwise. BN_value_one() returns the constant. BN_zero() never fails and returns no value.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>If a <b>BIGNUM</b> is equal to the value of all-bits-set, it will collide with the error condition returned by BN_get_word() which uses that as an error value.</p>
+
+<p><b>BN_ULONG</b> should probably be a typedef.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 0.9.8, BN_zero() was changed to not return a value; previous versions returned an int.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_sqr.html b/msys2/usr/share/doc/openssl/html/man3/BN_sqr.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_sqr.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_sub.html b/msys2/usr/share/doc/openssl/html/man3/BN_sub.html
new file mode 100644
index 000000000..a79886d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_sub.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - arithmetic operations on BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+            BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+                BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_add() adds <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a+b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_sub() subtracts <i>b</i> from <i>a</i> and places the result in <i>r</i> (<code>r=a-b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>BN_mul() multiplies <i>a</i> and <i>b</i> and places the result in <i>r</i> (<code>r=a*b</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For multiplication by powers of 2, use <a href="../man3/BN_lshift.html">BN_lshift(3)</a>.</p>
+
+<p>BN_sqr() takes the square of <i>a</i> and places the result in <i>r</i> (<code>r=a^2</code>). <i>r</i> and <i>a</i> may be the same <b>BIGNUM</b>. This function is faster than BN_mul(r,a,a).</p>
+
+<p>BN_div() divides <i>a</i> by <i>d</i> and places the result in <i>dv</i> and the remainder in <i>rem</i> (<code>dv=a/d, rem=a%d</code>). Either of <i>dv</i> and <i>rem</i> may be <b>NULL</b>, in which case the respective value is not returned. The result is rounded towards zero; thus if <i>a</i> is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).</p>
+
+<p>BN_mod() corresponds to BN_div() with <i>dv</i> set to <b>NULL</b>.</p>
+
+<p>BN_nnmod() reduces <i>a</i> modulo <i>m</i> and places the non-negative remainder in <i>r</i>.</p>
+
+<p>BN_mod_add() adds <i>a</i> to <i>b</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_sub() subtracts <i>b</i> from <i>a</i> modulo <i>m</i> and places the non-negative result in <i>r</i>.</p>
+
+<p>BN_mod_mul() multiplies <i>a</i> by <i>b</i> and finds the non-negative remainder respective to modulus <i>m</i> (<code>r=(a*b) mod m</code>). <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>. For more efficient algorithms for repeated computations using the same modulus, see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a> and <a href="../man3/BN_mod_mul_reciprocal.html">BN_mod_mul_reciprocal(3)</a>.</p>
+
+<p>BN_mod_sqr() takes the square of <i>a</i> modulo <b>m</b> and places the result in <i>r</i>.</p>
+
+<p>BN_exp() raises <i>a</i> to the <i>p</i>-th power and places the result in <i>r</i> (<code>r=a^p</code>). This function is faster than repeated applications of BN_mul().</p>
+
+<p>BN_mod_exp() computes <i>a</i> to the <i>p</i>-th power modulo <i>m</i> (<code>r=a^p % m</code>). This function uses less time and space than BN_exp(). Do not call this function when <b>m</b> is even and any of the parameters have the <b>BN_FLG_CONSTTIME</b> flag set.</p>
+
+<p>BN_gcd() computes the greatest common divisor of <i>a</i> and <i>b</i> and places the result in <i>r</i>. <i>r</i> may be the same <b>BIGNUM</b> as <i>a</i> or <i>b</i>.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables; see <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>.</p>
+
+<p>Unless noted otherwise, the result <b>BIGNUM</b> must be different from the arguments.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For all functions, 1 is returned for success, 0 on error. The return value should always be checked (e.g., <code>if (!BN_add(r,a,b)) goto err;</code>). The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a>, <a href="../man3/BN_add_word.html">BN_add_word(3)</a>, <a href="../man3/BN_set_bit.html">BN_set_bit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_sub_word.html b/msys2/usr/share/doc/openssl/html/man3/BN_sub_word.html
new file mode 100644
index 000000000..31be49a8a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_sub_word.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_add_word</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic functions on BIGNUMs with integers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_add_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_sub_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_mul_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions perform arithmetic operations on BIGNUMs with unsigned integers. They are much more efficient than the normal BIGNUM arithmetic operations.</p>
+
+<p>BN_add_word() adds <b>w</b> to <b>a</b> (<code>a+=w</code>).</p>
+
+<p>BN_sub_word() subtracts <b>w</b> from <b>a</b> (<code>a-=w</code>).</p>
+
+<p>BN_mul_word() multiplies <b>a</b> and <b>w</b> (<code>a*=w</code>).</p>
+
+<p>BN_div_word() divides <b>a</b> by <b>w</b> (<code>a/=w</code>) and returns the remainder.</p>
+
+<p>BN_mod_word() returns the remainder of <b>a</b> divided by <b>w</b> (<code>a%w</code>).</p>
+
+<p>For BN_div_word() and BN_mod_word(), <b>w</b> must not be 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>BN_mod_word() and BN_div_word() return <b>a</b>%<b>w</b> on success and <b>(BN_ULONG)-1</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_swap.html b/msys2/usr/share/doc/openssl/html/man3/BN_swap.html
new file mode 100644
index 000000000..6e332193d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_swap.html
@@ -0,0 +1,51 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_swap</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_swap - exchange BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_swap(BIGNUM *a, BIGNUM *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_swap() exchanges the values of <i>a</i> and <i>b</i>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_swap() does not return a value.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_to_ASN1_ENUMERATED.html b/msys2/usr/share/doc/openssl/html/man3/BN_to_ASN1_ENUMERATED.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_to_ASN1_ENUMERATED.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_to_ASN1_INTEGER.html b/msys2/usr/share/doc/openssl/html/man3/BN_to_ASN1_INTEGER.html
new file mode 100644
index 000000000..86621397a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_to_ASN1_INTEGER.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ASN1_INTEGER_get_int64</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ASN1_INTEGER_get_uint64, ASN1_INTEGER_set_uint64, ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN - ASN.1 INTEGER and ENUMERATED utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1.h&gt;
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions convert to and from <b>ASN1_INTEGER</b> and <b>ASN1_ENUMERATED</b> structures.</p>
+
+<p>ASN1_INTEGER_get_int64() converts an <b>ASN1_INTEGER</b> into an <b>int64_t</b> type If successful it returns 1 and sets <b>*pr</b> to the value of <b>a</b>. If it fails (due to invalid type or the value being too big to fit into an <b>int64_t</b> type) it returns 0.</p>
+
+<p>ASN1_INTEGER_get_uint64() is similar to ASN1_INTEGER_get_int64_t() except it converts to a <b>uint64_t</b> type and an error is returned if the passed integer is negative.</p>
+
+<p>ASN1_INTEGER_get() also returns the value of <b>a</b> but it returns 0 if <b>a</b> is NULL and -1 on error (which is ambiguous because -1 is a legitimate value for an <b>ASN1_INTEGER</b>). New applications should use ASN1_INTEGER_get_int64() instead.</p>
+
+<p>ASN1_INTEGER_set_int64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>int64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set_uint64() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>uint64_t</b> value <b>r</b>.</p>
+
+<p>ASN1_INTEGER_set() sets the value of <b>ASN1_INTEGER</b> <b>a</b> to the <b>long</b> value <b>v</b>.</p>
+
+<p>BN_to_ASN1_INTEGER() converts <b>BIGNUM</b> <b>bn</b> to an <b>ASN1_INTEGER</b>. If <b>ai</b> is NULL a new <b>ASN1_INTEGER</b> structure is returned. If <b>ai</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_INTEGER_to_BN() converts ASN1_INTEGER <b>ai</b> into a <b>BIGNUM</b>. If <b>bn</b> is NULL a new <b>BIGNUM</b> structure is returned. If <b>bn</b> is not NULL then the existing structure will be used instead.</p>
+
+<p>ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(), ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN() behave in an identical way to their ASN1_INTEGER counterparts except they operate on an <b>ASN1_ENUMERATED</b> value.</p>
+
+<p>ASN1_ENUMERATED_get() returns the value of <b>a</b> in a similar way to ASN1_INTEGER_get() but it returns <b>0xffffffffL</b> if the value of <b>a</b> will not fit in a long type. New applications should use ASN1_ENUMERATED_get_int64() instead.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In general an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> type can contain an integer of almost arbitrary size and so cannot always be represented by a C <b>int64_t</b> type. However in many cases (for example version numbers) they represent small integers which can be more easily manipulated if converted to an appropriate C integer type.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The ambiguous return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get() mean these functions should be avoided if possible. They are retained for compatibility. Normally the ambiguous return values are not legitimate values for the fields they represent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only fail if a memory allocation error occurs.</p>
+
+<p>ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success and 0 for failure. They will fail if the passed type is incorrect (this will only happen if there is a programming error) or if the value exceeds the range of an <b>int64_t</b> type.</p>
+
+<p>BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an <b>ASN1_INTEGER</b> or <b>ASN1_ENUMERATED</b> structure respectively or NULL if an error occurs. They will only fail due to a memory allocation error.</p>
+
+<p>ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a <b>BIGNUM</b> structure of NULL if an error occurs. They can fail if the passed type is incorrect (due to programming error) or due to a memory allocation failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(), ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_to_montgomery.html b/msys2/usr/share/doc/openssl/html/man3/BN_to_montgomery.html
new file mode 100644
index 000000000..a31aa022c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_to_montgomery.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_mod_mul_montgomery</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_montgomery, BN_to_montgomery - Montgomery multiplication</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+                           BN_MONT_CTX *mont, BN_CTX *ctx);
+
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                        BN_CTX *ctx);
+
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+                      BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement Montgomery multiplication. They are used automatically when <a href="../man3/BN_mod_exp.html">BN_mod_exp(3)</a> is called with suitable input, but they may be useful when several operations are to be performed using the same modulus.</p>
+
+<p>BN_MONT_CTX_new() allocates and initializes a <b>BN_MONT_CTX</b> structure.</p>
+
+<p>BN_MONT_CTX_set() sets up the <i>mont</i> structure from the modulus <i>m</i> by precomputing its inverse and a value R.</p>
+
+<p>BN_MONT_CTX_copy() copies the <b>BN_MONT_CTX</b> <i>from</i> to <i>to</i>.</p>
+
+<p>BN_MONT_CTX_free() frees the components of the <b>BN_MONT_CTX</b>, and, if it was created by BN_MONT_CTX_new(), also the structure itself. If <b>mont</b> is NULL, nothing is done.</p>
+
+<p>BN_mod_mul_montgomery() computes Mont(<i>a</i>,<i>b</i>):=<i>a</i>*<i>b</i>*R^-1 and places the result in <i>r</i>.</p>
+
+<p>BN_from_montgomery() performs the Montgomery reduction <i>r</i> = <i>a</i>*R^-1.</p>
+
+<p>BN_to_montgomery() computes Mont(<i>a</i>,R^2), i.e. <i>a</i>*R. Note that <i>a</i> must be non-negative and smaller than the modulus.</p>
+
+<p>For all functions, <i>ctx</i> is a previously allocated <b>BN_CTX</b> used for temporary variables.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_MONT_CTX_new() returns the newly allocated <b>BN_MONT_CTX</b>, and NULL on error.</p>
+
+<p>BN_MONT_CTX_free() has no return value.</p>
+
+<p>For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The inputs must be reduced modulo <b>m</b>, otherwise the result will be outside the expected range.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/BN_add.html">BN_add(3)</a>, <a href="../man3/BN_CTX_new.html">BN_CTX_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>BN_MONT_CTX_init() was removed in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_ucmp.html b/msys2/usr/share/doc/openssl/html/man3/BN_ucmp.html
new file mode 100644
index 000000000..fb0a36149
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_ucmp.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ int BN_cmp(BIGNUM *a, BIGNUM *b);
+ int BN_ucmp(BIGNUM *a, BIGNUM *b);
+
+ int BN_is_zero(BIGNUM *a);
+ int BN_is_one(BIGNUM *a);
+ int BN_is_word(BIGNUM *a, BN_ULONG w);
+ int BN_is_odd(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_cmp() compares the numbers <b>a</b> and <b>b</b>. BN_ucmp() compares their absolute values.</p>
+
+<p>BN_is_zero(), BN_is_one() and BN_is_word() test if <b>a</b> equals 0, 1, or <b>w</b> respectively. BN_is_odd() tests if a is odd.</p>
+
+<p>BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_cmp() returns -1 if <b>a</b> &lt; <b>b</b>, 0 if <b>a</b> == <b>b</b> and 1 if <b>a</b> &gt; <b>b</b>. BN_ucmp() is the same using the absolute values of <b>a</b> and <b>b</b>.</p>
+
+<p>BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if the condition is true, 0 otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_value_one.html b/msys2/usr/share/doc/openssl/html/man3/BN_value_one.html
new file mode 100644
index 000000000..bffa67231
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_value_one.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_zero</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_zero(BIGNUM *a);
+ int BN_one(BIGNUM *a);
+
+ const BIGNUM *BN_value_one(void);
+
+ int BN_set_word(BIGNUM *a, BN_ULONG w);
+ unsigned BN_ULONG BN_get_word(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>BN_ULONG</b> is a macro that will be an unsigned integral type optimized for the most efficient implementation on the local platform.</p>
+
+<p>BN_zero(), BN_one() and BN_set_word() set <b>a</b> to the values 0, 1 and <b>w</b> respectively. BN_zero() and BN_one() are macros.</p>
+
+<p>BN_value_one() returns a <b>BIGNUM</b> constant of value 1. This constant is useful for use in comparisons and assignment.</p>
+
+<p>BN_get_word() returns <b>a</b>, if it can be represented as a <b>BN_ULONG</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_get_word() returns the value <b>a</b>, or all-bits-set if <b>a</b> cannot be represented as a single integer.</p>
+
+<p>BN_one() and BN_set_word() return 1 on success, 0 otherwise. BN_value_one() returns the constant. BN_zero() never fails and returns no value.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>If a <b>BIGNUM</b> is equal to the value of all-bits-set, it will collide with the error condition returned by BN_get_word() which uses that as an error value.</p>
+
+<p><b>BN_ULONG</b> should probably be a typedef.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 0.9.8, BN_zero() was changed to not return a value; previous versions returned an int.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_with_flags.html b/msys2/usr/share/doc/openssl/html/man3/BN_with_flags.html
new file mode 100644
index 000000000..ddd7ed675
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_with_flags.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_copy, BN_dup, BN_with_flags - copy BIGNUMs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ BIGNUM *BN_copy(BIGNUM *to, const BIGNUM *from);
+
+ BIGNUM *BN_dup(const BIGNUM *from);
+
+ void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BN_copy() copies <b>from</b> to <b>to</b>. BN_dup() creates a new <b>BIGNUM</b> containing the value <b>from</b>.</p>
+
+<p>BN_with_flags creates a <b>temporary</b> shallow copy of <b>b</b> in <b>dest</b>. It places significant restrictions on the copied data. Applications that do no adhere to these restrictions may encounter unexpected side effects or crashes. For that reason use of this function is discouraged. Any flags provided in <b>flags</b> will be set in <b>dest</b> in addition to any flags already set in <b>b</b>. For example this might commonly be used to create a temporary copy of a BIGNUM with the <b>BN_FLG_CONSTTIME</b> flag set for constant time operations. The temporary copy in <b>dest</b> will share some internal state with <b>b</b>. For this reason the following restrictions apply to the use of <b>dest</b>:</p>
+
+<ul>
+
+<li><p><b>dest</b> should be a newly allocated BIGNUM obtained via a call to BN_new(). It should not have been used for other purposes or initialised in any way.</p>
+
+</li>
+<li><p><b>dest</b> must only be used in &quot;read-only&quot; operations, i.e. typically those functions where the relevant parameter is declared &quot;const&quot;.</p>
+
+</li>
+<li><p><b>dest</b> must be used and freed before any further subsequent use of <b>b</b></p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_copy() returns <b>to</b> on success, NULL on error. BN_dup() returns the new <b>BIGNUM</b>, and NULL on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BN_zero.html b/msys2/usr/share/doc/openssl/html/man3/BN_zero.html
new file mode 100644
index 000000000..bffa67231
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BN_zero.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BN_zero</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bn.h&gt;
+
+ void BN_zero(BIGNUM *a);
+ int BN_one(BIGNUM *a);
+
+ const BIGNUM *BN_value_one(void);
+
+ int BN_set_word(BIGNUM *a, BN_ULONG w);
+ unsigned BN_ULONG BN_get_word(BIGNUM *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>BN_ULONG</b> is a macro that will be an unsigned integral type optimized for the most efficient implementation on the local platform.</p>
+
+<p>BN_zero(), BN_one() and BN_set_word() set <b>a</b> to the values 0, 1 and <b>w</b> respectively. BN_zero() and BN_one() are macros.</p>
+
+<p>BN_value_one() returns a <b>BIGNUM</b> constant of value 1. This constant is useful for use in comparisons and assignment.</p>
+
+<p>BN_get_word() returns <b>a</b>, if it can be represented as a <b>BN_ULONG</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BN_get_word() returns the value <b>a</b>, or all-bits-set if <b>a</b> cannot be represented as a single integer.</p>
+
+<p>BN_one() and BN_set_word() return 1 on success, 0 otherwise. BN_value_one() returns the constant. BN_zero() never fails and returns no value.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>If a <b>BIGNUM</b> is equal to the value of all-bits-set, it will collide with the error condition returned by BN_get_word() which uses that as an error value.</p>
+
+<p><b>BN_ULONG</b> should probably be a typedef.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 0.9.8, BN_zero() was changed to not return a value; previous versions returned an int.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_free.html b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_free.html
new file mode 100644
index 000000000..524e4b1a1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_free.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BUF_MEM_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BUF_MEM_new, BUF_MEM_new_ex, BUF_MEM_free, BUF_MEM_grow, BUF_MEM_grow_clean, BUF_reverse - simple character array structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/buffer.h&gt;
+
+ BUF_MEM *BUF_MEM_new(void);
+
+ BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
+
+ void BUF_MEM_free(BUF_MEM *a);
+
+ int BUF_MEM_grow(BUF_MEM *str, int len);
+ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+
+ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The buffer library handles simple character arrays. Buffers are used for various purposes in the library, most notably memory BIOs.</p>
+
+<p>BUF_MEM_new() allocates a new buffer of zero size.</p>
+
+<p>BUF_MEM_new_ex() allocates a buffer with the specified flags. The flag <b>BUF_MEM_FLAG_SECURE</b> specifies that the <b>data</b> pointer should be allocated on the secure heap; see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<p>BUF_MEM_free() frees up an already existing buffer. The data is zeroed before freeing up in case the buffer contains sensitive data.</p>
+
+<p>BUF_MEM_grow() changes the size of an already existing buffer to <b>len</b>. Any data already in the buffer is preserved if it increases in size.</p>
+
+<p>BUF_MEM_grow_clean() is similar to BUF_MEM_grow() but it sets any free&#39;d or additionally-allocated memory to zero.</p>
+
+<p>BUF_reverse() reverses <b>size</b> bytes at <b>in</b> into <b>out</b>. If <b>in</b> is NULL, the array is reversed in-place.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BUF_MEM_new() returns the buffer or NULL on error.</p>
+
+<p>BUF_MEM_free() has no return value.</p>
+
+<p>BUF_MEM_grow() and BUF_MEM_grow_clean() return zero on error or the new size (i.e., <b>len</b>).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BUF_MEM_new_ex() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_grow.html b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_grow.html
new file mode 100644
index 000000000..524e4b1a1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_grow.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BUF_MEM_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BUF_MEM_new, BUF_MEM_new_ex, BUF_MEM_free, BUF_MEM_grow, BUF_MEM_grow_clean, BUF_reverse - simple character array structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/buffer.h&gt;
+
+ BUF_MEM *BUF_MEM_new(void);
+
+ BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
+
+ void BUF_MEM_free(BUF_MEM *a);
+
+ int BUF_MEM_grow(BUF_MEM *str, int len);
+ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+
+ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The buffer library handles simple character arrays. Buffers are used for various purposes in the library, most notably memory BIOs.</p>
+
+<p>BUF_MEM_new() allocates a new buffer of zero size.</p>
+
+<p>BUF_MEM_new_ex() allocates a buffer with the specified flags. The flag <b>BUF_MEM_FLAG_SECURE</b> specifies that the <b>data</b> pointer should be allocated on the secure heap; see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<p>BUF_MEM_free() frees up an already existing buffer. The data is zeroed before freeing up in case the buffer contains sensitive data.</p>
+
+<p>BUF_MEM_grow() changes the size of an already existing buffer to <b>len</b>. Any data already in the buffer is preserved if it increases in size.</p>
+
+<p>BUF_MEM_grow_clean() is similar to BUF_MEM_grow() but it sets any free&#39;d or additionally-allocated memory to zero.</p>
+
+<p>BUF_reverse() reverses <b>size</b> bytes at <b>in</b> into <b>out</b>. If <b>in</b> is NULL, the array is reversed in-place.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BUF_MEM_new() returns the buffer or NULL on error.</p>
+
+<p>BUF_MEM_free() has no return value.</p>
+
+<p>BUF_MEM_grow() and BUF_MEM_grow_clean() return zero on error or the new size (i.e., <b>len</b>).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BUF_MEM_new_ex() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_grow_clean.html b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_grow_clean.html
new file mode 100644
index 000000000..524e4b1a1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_grow_clean.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BUF_MEM_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BUF_MEM_new, BUF_MEM_new_ex, BUF_MEM_free, BUF_MEM_grow, BUF_MEM_grow_clean, BUF_reverse - simple character array structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/buffer.h&gt;
+
+ BUF_MEM *BUF_MEM_new(void);
+
+ BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
+
+ void BUF_MEM_free(BUF_MEM *a);
+
+ int BUF_MEM_grow(BUF_MEM *str, int len);
+ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+
+ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The buffer library handles simple character arrays. Buffers are used for various purposes in the library, most notably memory BIOs.</p>
+
+<p>BUF_MEM_new() allocates a new buffer of zero size.</p>
+
+<p>BUF_MEM_new_ex() allocates a buffer with the specified flags. The flag <b>BUF_MEM_FLAG_SECURE</b> specifies that the <b>data</b> pointer should be allocated on the secure heap; see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<p>BUF_MEM_free() frees up an already existing buffer. The data is zeroed before freeing up in case the buffer contains sensitive data.</p>
+
+<p>BUF_MEM_grow() changes the size of an already existing buffer to <b>len</b>. Any data already in the buffer is preserved if it increases in size.</p>
+
+<p>BUF_MEM_grow_clean() is similar to BUF_MEM_grow() but it sets any free&#39;d or additionally-allocated memory to zero.</p>
+
+<p>BUF_reverse() reverses <b>size</b> bytes at <b>in</b> into <b>out</b>. If <b>in</b> is NULL, the array is reversed in-place.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BUF_MEM_new() returns the buffer or NULL on error.</p>
+
+<p>BUF_MEM_free() has no return value.</p>
+
+<p>BUF_MEM_grow() and BUF_MEM_grow_clean() return zero on error or the new size (i.e., <b>len</b>).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BUF_MEM_new_ex() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_new.html b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_new.html
new file mode 100644
index 000000000..524e4b1a1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_new.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BUF_MEM_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BUF_MEM_new, BUF_MEM_new_ex, BUF_MEM_free, BUF_MEM_grow, BUF_MEM_grow_clean, BUF_reverse - simple character array structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/buffer.h&gt;
+
+ BUF_MEM *BUF_MEM_new(void);
+
+ BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
+
+ void BUF_MEM_free(BUF_MEM *a);
+
+ int BUF_MEM_grow(BUF_MEM *str, int len);
+ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+
+ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The buffer library handles simple character arrays. Buffers are used for various purposes in the library, most notably memory BIOs.</p>
+
+<p>BUF_MEM_new() allocates a new buffer of zero size.</p>
+
+<p>BUF_MEM_new_ex() allocates a buffer with the specified flags. The flag <b>BUF_MEM_FLAG_SECURE</b> specifies that the <b>data</b> pointer should be allocated on the secure heap; see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<p>BUF_MEM_free() frees up an already existing buffer. The data is zeroed before freeing up in case the buffer contains sensitive data.</p>
+
+<p>BUF_MEM_grow() changes the size of an already existing buffer to <b>len</b>. Any data already in the buffer is preserved if it increases in size.</p>
+
+<p>BUF_MEM_grow_clean() is similar to BUF_MEM_grow() but it sets any free&#39;d or additionally-allocated memory to zero.</p>
+
+<p>BUF_reverse() reverses <b>size</b> bytes at <b>in</b> into <b>out</b>. If <b>in</b> is NULL, the array is reversed in-place.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BUF_MEM_new() returns the buffer or NULL on error.</p>
+
+<p>BUF_MEM_free() has no return value.</p>
+
+<p>BUF_MEM_grow() and BUF_MEM_grow_clean() return zero on error or the new size (i.e., <b>len</b>).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BUF_MEM_new_ex() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_new_ex.html b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_new_ex.html
new file mode 100644
index 000000000..524e4b1a1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BUF_MEM_new_ex.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BUF_MEM_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BUF_MEM_new, BUF_MEM_new_ex, BUF_MEM_free, BUF_MEM_grow, BUF_MEM_grow_clean, BUF_reverse - simple character array structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/buffer.h&gt;
+
+ BUF_MEM *BUF_MEM_new(void);
+
+ BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
+
+ void BUF_MEM_free(BUF_MEM *a);
+
+ int BUF_MEM_grow(BUF_MEM *str, int len);
+ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+
+ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The buffer library handles simple character arrays. Buffers are used for various purposes in the library, most notably memory BIOs.</p>
+
+<p>BUF_MEM_new() allocates a new buffer of zero size.</p>
+
+<p>BUF_MEM_new_ex() allocates a buffer with the specified flags. The flag <b>BUF_MEM_FLAG_SECURE</b> specifies that the <b>data</b> pointer should be allocated on the secure heap; see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<p>BUF_MEM_free() frees up an already existing buffer. The data is zeroed before freeing up in case the buffer contains sensitive data.</p>
+
+<p>BUF_MEM_grow() changes the size of an already existing buffer to <b>len</b>. Any data already in the buffer is preserved if it increases in size.</p>
+
+<p>BUF_MEM_grow_clean() is similar to BUF_MEM_grow() but it sets any free&#39;d or additionally-allocated memory to zero.</p>
+
+<p>BUF_reverse() reverses <b>size</b> bytes at <b>in</b> into <b>out</b>. If <b>in</b> is NULL, the array is reversed in-place.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BUF_MEM_new() returns the buffer or NULL on error.</p>
+
+<p>BUF_MEM_free() has no return value.</p>
+
+<p>BUF_MEM_grow() and BUF_MEM_grow_clean() return zero on error or the new size (i.e., <b>len</b>).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BUF_MEM_new_ex() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/BUF_reverse.html b/msys2/usr/share/doc/openssl/html/man3/BUF_reverse.html
new file mode 100644
index 000000000..524e4b1a1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/BUF_reverse.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BUF_MEM_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BUF_MEM_new, BUF_MEM_new_ex, BUF_MEM_free, BUF_MEM_grow, BUF_MEM_grow_clean, BUF_reverse - simple character array structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/buffer.h&gt;
+
+ BUF_MEM *BUF_MEM_new(void);
+
+ BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
+
+ void BUF_MEM_free(BUF_MEM *a);
+
+ int BUF_MEM_grow(BUF_MEM *str, int len);
+ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+
+ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The buffer library handles simple character arrays. Buffers are used for various purposes in the library, most notably memory BIOs.</p>
+
+<p>BUF_MEM_new() allocates a new buffer of zero size.</p>
+
+<p>BUF_MEM_new_ex() allocates a buffer with the specified flags. The flag <b>BUF_MEM_FLAG_SECURE</b> specifies that the <b>data</b> pointer should be allocated on the secure heap; see <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<p>BUF_MEM_free() frees up an already existing buffer. The data is zeroed before freeing up in case the buffer contains sensitive data.</p>
+
+<p>BUF_MEM_grow() changes the size of an already existing buffer to <b>len</b>. Any data already in the buffer is preserved if it increases in size.</p>
+
+<p>BUF_MEM_grow_clean() is similar to BUF_MEM_grow() but it sets any free&#39;d or additionally-allocated memory to zero.</p>
+
+<p>BUF_reverse() reverses <b>size</b> bytes at <b>in</b> into <b>out</b>. If <b>in</b> is NULL, the array is reversed in-place.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>BUF_MEM_new() returns the buffer or NULL on error.</p>
+
+<p>BUF_MEM_free() has no return value.</p>
+
+<p>BUF_MEM_grow() and BUF_MEM_grow_clean() return zero on error or the new size (i.e., <b>len</b>).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CRYPTO_secure_malloc.html">CRYPTO_secure_malloc(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The BUF_MEM_new_ex() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CERTIFICATEPOLICIES_free.html b/msys2/usr/share/doc/openssl/html/man3/CERTIFICATEPOLICIES_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CERTIFICATEPOLICIES_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CERTIFICATEPOLICIES_new.html b/msys2/usr/share/doc/openssl/html/man3/CERTIFICATEPOLICIES_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CERTIFICATEPOLICIES_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_free.html b/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_new.html b/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_print_ctx.html b/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_print_ctx.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_ContentInfo_print_ctx.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_create0.html b/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_create0.html
new file mode 100644
index 000000000..1a5e435d7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_create0.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get1_ReceiptRequest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+                                                int allorfirst,
+                                                STACK_OF(GENERAL_NAMES) *receiptList,
+                                                STACK_OF(GENERAL_NAMES) *receiptsTo);
+ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
+                                     int *pallorfirst,
+                                     STACK_OF(GENERAL_NAMES) **plist,
+                                     STACK_OF(GENERAL_NAMES) **prto);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_ReceiptRequest_create0() creates a signed receipt request structure. The <b>signedContentIdentifier</b> field is set using <b>id</b> and <b>idlen</b>, or it is set to 32 bytes of pseudo random data if <b>id</b> is NULL. If <b>receiptList</b> is NULL the allOrFirstTier option in <b>receiptsFrom</b> is used and set to the value of the <b>allorfirst</b> parameter. If <b>receiptList</b> is not NULL the <b>receiptList</b> option in <b>receiptsFrom</b> is used. The <b>receiptsTo</b> parameter specifies the <b>receiptsTo</b> field value.</p>
+
+<p>The CMS_add1_ReceiptRequest() function adds a signed receipt request <b>rr</b> to SignerInfo structure <b>si</b>.</p>
+
+<p>int CMS_get1_ReceiptRequest() looks for a signed receipt request in <b>si</b>, if any is found it is decoded and written to <b>prr</b>.</p>
+
+<p>CMS_ReceiptRequest_get0_values() retrieves the values of a receipt request. The signedContentIdentifier is copied to <b>pcid</b>. If the <b>allOrFirstTier</b> option of <b>receiptsFrom</b> is used its value is copied to <b>pallorfirst</b> otherwise the <b>receiptList</b> field is copied to <b>plist</b>. The <b>receiptsTo</b> parameter is copied to <b>prto</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For more details of the meaning of the fields see RFC2634.</p>
+
+<p>The contents of a signed receipt should only be considered meaningful if the corresponding CMS_ContentInfo structure can be successfully verified using CMS_verify().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_ReceiptRequest_create0() returns a signed receipt request structure or NULL if an error occurred.</p>
+
+<p>CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred.</p>
+
+<p>CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and decoded. It returns 0 if a signed receipt request is not present and -1 if it is present but malformed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_sign_receipt.html">CMS_sign_receipt(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a> <a href="../man3/CMS_verify_receipt.html">CMS_verify_receipt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_free.html b/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_get0_values.html b/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_get0_values.html
new file mode 100644
index 000000000..1a5e435d7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_get0_values.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get1_ReceiptRequest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+                                                int allorfirst,
+                                                STACK_OF(GENERAL_NAMES) *receiptList,
+                                                STACK_OF(GENERAL_NAMES) *receiptsTo);
+ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
+                                     int *pallorfirst,
+                                     STACK_OF(GENERAL_NAMES) **plist,
+                                     STACK_OF(GENERAL_NAMES) **prto);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_ReceiptRequest_create0() creates a signed receipt request structure. The <b>signedContentIdentifier</b> field is set using <b>id</b> and <b>idlen</b>, or it is set to 32 bytes of pseudo random data if <b>id</b> is NULL. If <b>receiptList</b> is NULL the allOrFirstTier option in <b>receiptsFrom</b> is used and set to the value of the <b>allorfirst</b> parameter. If <b>receiptList</b> is not NULL the <b>receiptList</b> option in <b>receiptsFrom</b> is used. The <b>receiptsTo</b> parameter specifies the <b>receiptsTo</b> field value.</p>
+
+<p>The CMS_add1_ReceiptRequest() function adds a signed receipt request <b>rr</b> to SignerInfo structure <b>si</b>.</p>
+
+<p>int CMS_get1_ReceiptRequest() looks for a signed receipt request in <b>si</b>, if any is found it is decoded and written to <b>prr</b>.</p>
+
+<p>CMS_ReceiptRequest_get0_values() retrieves the values of a receipt request. The signedContentIdentifier is copied to <b>pcid</b>. If the <b>allOrFirstTier</b> option of <b>receiptsFrom</b> is used its value is copied to <b>pallorfirst</b> otherwise the <b>receiptList</b> field is copied to <b>plist</b>. The <b>receiptsTo</b> parameter is copied to <b>prto</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For more details of the meaning of the fields see RFC2634.</p>
+
+<p>The contents of a signed receipt should only be considered meaningful if the corresponding CMS_ContentInfo structure can be successfully verified using CMS_verify().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_ReceiptRequest_create0() returns a signed receipt request structure or NULL if an error occurred.</p>
+
+<p>CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred.</p>
+
+<p>CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and decoded. It returns 0 if a signed receipt request is not present and -1 if it is present but malformed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_sign_receipt.html">CMS_sign_receipt(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a> <a href="../man3/CMS_verify_receipt.html">CMS_verify_receipt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_new.html b/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_decrypt.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_decrypt.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_encrypt.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_encrypt.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_kekri_get0_id.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_kekri_get0_id.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_kekri_get0_id.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_kekri_id_cmp.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_kekri_id_cmp.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_kekri_id_cmp.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_ktri_cert_cmp.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_ktri_cert_cmp.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_ktri_cert_cmp.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_ktri_get0_signer_id.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_ktri_get0_signer_id.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_ktri_get0_signer_id.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_set0_key.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_set0_key.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_set0_key.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_set0_pkey.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_set0_pkey.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_set0_pkey.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_type.html b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_type.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_RecipientInfo_type.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_cert_cmp.html b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_cert_cmp.html
new file mode 100644
index 000000000..6f790235a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_cert_cmp.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_SignerInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_SignerInfo_set1_signer_cert, CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp - CMS signedData signer functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid,
+                                   X509_NAME **issuer, ASN1_INTEGER **sno);
+ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+ int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures associated with a CMS signedData structure.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier associated with a specific CMS_SignerInfo structure <b>si</b>. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_SignerInfo_get0_signature() retrieves the signature associated with <b>si</b> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned corresponds to the internal signature value if <b>si</b> so it may be read or modified.</p>
+
+<p>CMS_SignerInfo_cert_cmp() compares the certificate <b>cert</b> against the signer identifier <b>si</b>. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() sets the signers certificate of <b>si</b> to <b>signer</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup signers certificates using any appropriate technique when the simpler method of CMS_verify() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_SignerInfo structures using CMS_get0_SignerInfo() and retrieve the identifier information using CMS. It will then obtain the signer certificate by some unspecified means (or return and error if it cannot be found) and set it using CMS_SignerInfo_set1_signer_cert().</p>
+
+<p>Once all signer certificates have been set CMS_verify() can be used.</p>
+
+<p>Although CMS_get0_SignerInfos() can return NULL if an error occurs <b>or</b> if there are no signers this is not a problem in practice because the only error which can occur is if the <b>cms</b> structure is not of type signedData due to application error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there are no signers or an error occurs.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.</p>
+
+<p>CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non zero otherwise.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() does not return a value.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_get0_signature.html b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_get0_signature.html
new file mode 100644
index 000000000..6f790235a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_get0_signature.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_SignerInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_SignerInfo_set1_signer_cert, CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp - CMS signedData signer functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid,
+                                   X509_NAME **issuer, ASN1_INTEGER **sno);
+ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+ int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures associated with a CMS signedData structure.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier associated with a specific CMS_SignerInfo structure <b>si</b>. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_SignerInfo_get0_signature() retrieves the signature associated with <b>si</b> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned corresponds to the internal signature value if <b>si</b> so it may be read or modified.</p>
+
+<p>CMS_SignerInfo_cert_cmp() compares the certificate <b>cert</b> against the signer identifier <b>si</b>. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() sets the signers certificate of <b>si</b> to <b>signer</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup signers certificates using any appropriate technique when the simpler method of CMS_verify() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_SignerInfo structures using CMS_get0_SignerInfo() and retrieve the identifier information using CMS. It will then obtain the signer certificate by some unspecified means (or return and error if it cannot be found) and set it using CMS_SignerInfo_set1_signer_cert().</p>
+
+<p>Once all signer certificates have been set CMS_verify() can be used.</p>
+
+<p>Although CMS_get0_SignerInfos() can return NULL if an error occurs <b>or</b> if there are no signers this is not a problem in practice because the only error which can occur is if the <b>cms</b> structure is not of type signedData due to application error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there are no signers or an error occurs.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.</p>
+
+<p>CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non zero otherwise.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() does not return a value.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_get0_signer_id.html b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_get0_signer_id.html
new file mode 100644
index 000000000..6f790235a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_get0_signer_id.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_SignerInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_SignerInfo_set1_signer_cert, CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp - CMS signedData signer functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid,
+                                   X509_NAME **issuer, ASN1_INTEGER **sno);
+ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+ int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures associated with a CMS signedData structure.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier associated with a specific CMS_SignerInfo structure <b>si</b>. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_SignerInfo_get0_signature() retrieves the signature associated with <b>si</b> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned corresponds to the internal signature value if <b>si</b> so it may be read or modified.</p>
+
+<p>CMS_SignerInfo_cert_cmp() compares the certificate <b>cert</b> against the signer identifier <b>si</b>. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() sets the signers certificate of <b>si</b> to <b>signer</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup signers certificates using any appropriate technique when the simpler method of CMS_verify() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_SignerInfo structures using CMS_get0_SignerInfo() and retrieve the identifier information using CMS. It will then obtain the signer certificate by some unspecified means (or return and error if it cannot be found) and set it using CMS_SignerInfo_set1_signer_cert().</p>
+
+<p>Once all signer certificates have been set CMS_verify() can be used.</p>
+
+<p>Although CMS_get0_SignerInfos() can return NULL if an error occurs <b>or</b> if there are no signers this is not a problem in practice because the only error which can occur is if the <b>cms</b> structure is not of type signedData due to application error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there are no signers or an error occurs.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.</p>
+
+<p>CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non zero otherwise.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() does not return a value.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_set1_signer_cert.html b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_set1_signer_cert.html
new file mode 100644
index 000000000..6f790235a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_set1_signer_cert.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_SignerInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_SignerInfo_set1_signer_cert, CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp - CMS signedData signer functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid,
+                                   X509_NAME **issuer, ASN1_INTEGER **sno);
+ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+ int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures associated with a CMS signedData structure.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier associated with a specific CMS_SignerInfo structure <b>si</b>. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_SignerInfo_get0_signature() retrieves the signature associated with <b>si</b> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned corresponds to the internal signature value if <b>si</b> so it may be read or modified.</p>
+
+<p>CMS_SignerInfo_cert_cmp() compares the certificate <b>cert</b> against the signer identifier <b>si</b>. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() sets the signers certificate of <b>si</b> to <b>signer</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup signers certificates using any appropriate technique when the simpler method of CMS_verify() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_SignerInfo structures using CMS_get0_SignerInfo() and retrieve the identifier information using CMS. It will then obtain the signer certificate by some unspecified means (or return and error if it cannot be found) and set it using CMS_SignerInfo_set1_signer_cert().</p>
+
+<p>Once all signer certificates have been set CMS_verify() can be used.</p>
+
+<p>Although CMS_get0_SignerInfos() can return NULL if an error occurs <b>or</b> if there are no signers this is not a problem in practice because the only error which can occur is if the <b>cms</b> structure is not of type signedData due to application error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there are no signers or an error occurs.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.</p>
+
+<p>CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non zero otherwise.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() does not return a value.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_sign.html b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_sign.html
new file mode 100644
index 000000000..39322f98a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_SignerInfo_sign.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add1_signer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert,
+                                 EVP_PKEY *pkey, const EVP_MD *md,
+                                 unsigned int flags);
+
+ int CMS_SignerInfo_sign(CMS_SignerInfo *si);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add1_signer() adds a signer with certificate <b>signcert</b> and private key <b>pkey</b> using message digest <b>md</b> to CMS_ContentInfo SignedData structure <b>cms</b>.</p>
+
+<p>The CMS_ContentInfo structure should be obtained from an initial call to CMS_sign() with the flag <b>CMS_PARTIAL</b> set or in the case or re-signing a valid CMS_ContentInfo SignedData structure.</p>
+
+<p>If the <b>md</b> parameter is <b>NULL</b> then the default digest for the public key algorithm will be used.</p>
+
+<p>Unless the <b>CMS_REUSE_DIGEST</b> flag is set the returned CMS_ContentInfo structure is not complete and must be finalized either by streaming (if applicable) or a call to CMS_final().</p>
+
+<p>The CMS_SignerInfo_sign() function will explicitly sign a CMS_SignerInfo structure, its main use is when <b>CMS_REUSE_DIGEST</b> and <b>CMS_PARTIAL</b> flags are both set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of CMS_add1_signer() is to provide finer control over a CMS signed data structure where the simpler CMS_sign() function defaults are not appropriate. For example if multiple signers or non default digest algorithms are needed. New attributes can also be added using the returned CMS_SignerInfo structure and the CMS attribute utility functions or the CMS signed receipt request functions.</p>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter.</p>
+
+<p>If <b>CMS_REUSE_DIGEST</b> is set then an attempt is made to copy the content digest value from the CMS_ContentInfo structure: to add a signer to an existing structure. An error occurs if a matching digest value cannot be found to copy. The returned CMS_ContentInfo structure will be valid and finalized when this flag is set.</p>
+
+<p>If <b>CMS_PARTIAL</b> is set in addition to <b>CMS_REUSE_DIGEST</b> then the CMS_SignerInfo structure will not be finalized so additional attributes can be added. In this case an explicit call to CMS_SignerInfo_sign() is needed to finalize it.</p>
+
+<p>If <b>CMS_NOCERTS</b> is set the signer&#39;s certificate will not be included in the CMS_ContentInfo structure, the signer&#39;s certificate must still be supplied in the <b>signcert</b> parameter though. This can reduce the size of the signature if the signers certificate can be obtained by other means: for example a previously signed message.</p>
+
+<p>The SignedData structure includes several CMS signedAttributes including the signing time, the CMS content type and the supported list of ciphers in an SMIMECapabilities attribute. If <b>CMS_NOATTR</b> is set then no signedAttributes will be used. If <b>CMS_NOSMIMECAP</b> is set then just the SMIMECapabilities are omitted.</p>
+
+<p>OpenSSL will by default identify signing certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if the signing certificate does not have a subject key identifier extension.</p>
+
+<p>If present the SMIMECapabilities attribute indicates support for the following algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is not loaded.</p>
+
+<p>CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo structure just added, this can be used to set additional attributes before it is finalized.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo structure just added or NULL if an error occurs.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_add0_cert.html b/msys2/usr/share/doc/openssl/html/man3/CMS_add0_cert.html
new file mode 100644
index 000000000..8cee48a4d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_add0_cert.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add0_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls - CMS certificate and CRL utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add0_cert() and CMS_add1_cert() add certificate <b>cert</b> to <b>cms</b>. must be of type signed data or enveloped data.</p>
+
+<p>CMS_get1_certs() returns all certificates in <b>cms</b>.</p>
+
+<p>CMS_add0_crl() and CMS_add1_crl() add CRL <b>crl</b> to <b>cms</b>. CMS_get1_crls() returns any CRLs in <b>cms</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The CMS_ContentInfo structure <b>cms</b> must be of type signed data or enveloped data or an error will be returned.</p>
+
+<p>For signed data certificates and CRLs are added to the <b>certificates</b> and <b>crls</b> fields of SignedData structure. For enveloped data they are added to <b>OriginatorInfo</b>.</p>
+
+<p>As the <b>0</b> implies CMS_add0_cert() adds <b>cert</b> internally to <b>cms</b> and it must not be freed up after the call as opposed to CMS_add1_cert() where <b>cert</b> must be freed up.</p>
+
+<p>The same certificate or CRL must not be added to the same cms structure more than once.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return 1 for success and 0 for failure.</p>
+
+<p>CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. The only error which will occur in practice is if the <b>cms</b> type is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_add0_crl.html b/msys2/usr/share/doc/openssl/html/man3/CMS_add0_crl.html
new file mode 100644
index 000000000..8cee48a4d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_add0_crl.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add0_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls - CMS certificate and CRL utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add0_cert() and CMS_add1_cert() add certificate <b>cert</b> to <b>cms</b>. must be of type signed data or enveloped data.</p>
+
+<p>CMS_get1_certs() returns all certificates in <b>cms</b>.</p>
+
+<p>CMS_add0_crl() and CMS_add1_crl() add CRL <b>crl</b> to <b>cms</b>. CMS_get1_crls() returns any CRLs in <b>cms</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The CMS_ContentInfo structure <b>cms</b> must be of type signed data or enveloped data or an error will be returned.</p>
+
+<p>For signed data certificates and CRLs are added to the <b>certificates</b> and <b>crls</b> fields of SignedData structure. For enveloped data they are added to <b>OriginatorInfo</b>.</p>
+
+<p>As the <b>0</b> implies CMS_add0_cert() adds <b>cert</b> internally to <b>cms</b> and it must not be freed up after the call as opposed to CMS_add1_cert() where <b>cert</b> must be freed up.</p>
+
+<p>The same certificate or CRL must not be added to the same cms structure more than once.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return 1 for success and 0 for failure.</p>
+
+<p>CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. The only error which will occur in practice is if the <b>cms</b> type is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_add0_recipient_key.html b/msys2/usr/share/doc/openssl/html/man3/CMS_add0_recipient_key.html
new file mode 100644
index 000000000..2efcb97d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_add0_recipient_key.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add1_recipient_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+                                            X509 *recip, unsigned int flags);
+
+ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+                                           unsigned char *key, size_t keylen,
+                                           unsigned char *id, size_t idlen,
+                                           ASN1_GENERALIZEDTIME *date,
+                                           ASN1_OBJECT *otherTypeId,
+                                           ASN1_TYPE *otherType);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add1_recipient_cert() adds recipient <b>recip</b> to CMS_ContentInfo enveloped data structure <b>cms</b> as a KeyTransRecipientInfo structure.</p>
+
+<p>CMS_add0_recipient_key() adds symmetric key <b>key</b> of length <b>keylen</b> using wrapping algorithm <b>nid</b>, identifier <b>id</b> of length <b>idlen</b> and optional values <b>date</b>, <b>otherTypeId</b> and <b>otherType</b> to CMS_ContentInfo enveloped data structure <b>cms</b> as a KEKRecipientInfo structure.</p>
+
+<p>The CMS_ContentInfo structure should be obtained from an initial call to CMS_encrypt() with the flag <b>CMS_PARTIAL</b> set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of this function is to provide finer control over a CMS enveloped data structure where the simpler CMS_encrypt() function defaults are not appropriate. For example if one or more KEKRecipientInfo structures need to be added. New attributes can also be added using the returned CMS_RecipientInfo structure and the CMS attribute utility functions.</p>
+
+<p>OpenSSL will by default identify recipient certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if all recipient certificates do not have a subject key identifier extension.</p>
+
+<p>Currently only AES based key wrapping algorithms are supported for <b>nid</b>, specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and NID_id_aes256_wrap. If <b>nid</b> is set to <b>NID_undef</b> then an AES wrap algorithm will be used consistent with <b>keylen</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an internal pointer to the CMS_RecipientInfo structure just added or NULL if an error occurs.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_add1_ReceiptRequest.html b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_ReceiptRequest.html
new file mode 100644
index 000000000..1a5e435d7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_ReceiptRequest.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get1_ReceiptRequest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+                                                int allorfirst,
+                                                STACK_OF(GENERAL_NAMES) *receiptList,
+                                                STACK_OF(GENERAL_NAMES) *receiptsTo);
+ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
+                                     int *pallorfirst,
+                                     STACK_OF(GENERAL_NAMES) **plist,
+                                     STACK_OF(GENERAL_NAMES) **prto);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_ReceiptRequest_create0() creates a signed receipt request structure. The <b>signedContentIdentifier</b> field is set using <b>id</b> and <b>idlen</b>, or it is set to 32 bytes of pseudo random data if <b>id</b> is NULL. If <b>receiptList</b> is NULL the allOrFirstTier option in <b>receiptsFrom</b> is used and set to the value of the <b>allorfirst</b> parameter. If <b>receiptList</b> is not NULL the <b>receiptList</b> option in <b>receiptsFrom</b> is used. The <b>receiptsTo</b> parameter specifies the <b>receiptsTo</b> field value.</p>
+
+<p>The CMS_add1_ReceiptRequest() function adds a signed receipt request <b>rr</b> to SignerInfo structure <b>si</b>.</p>
+
+<p>int CMS_get1_ReceiptRequest() looks for a signed receipt request in <b>si</b>, if any is found it is decoded and written to <b>prr</b>.</p>
+
+<p>CMS_ReceiptRequest_get0_values() retrieves the values of a receipt request. The signedContentIdentifier is copied to <b>pcid</b>. If the <b>allOrFirstTier</b> option of <b>receiptsFrom</b> is used its value is copied to <b>pallorfirst</b> otherwise the <b>receiptList</b> field is copied to <b>plist</b>. The <b>receiptsTo</b> parameter is copied to <b>prto</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For more details of the meaning of the fields see RFC2634.</p>
+
+<p>The contents of a signed receipt should only be considered meaningful if the corresponding CMS_ContentInfo structure can be successfully verified using CMS_verify().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_ReceiptRequest_create0() returns a signed receipt request structure or NULL if an error occurred.</p>
+
+<p>CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred.</p>
+
+<p>CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and decoded. It returns 0 if a signed receipt request is not present and -1 if it is present but malformed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_sign_receipt.html">CMS_sign_receipt(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a> <a href="../man3/CMS_verify_receipt.html">CMS_verify_receipt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_add1_cert.html b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_cert.html
new file mode 100644
index 000000000..8cee48a4d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_cert.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add0_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls - CMS certificate and CRL utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add0_cert() and CMS_add1_cert() add certificate <b>cert</b> to <b>cms</b>. must be of type signed data or enveloped data.</p>
+
+<p>CMS_get1_certs() returns all certificates in <b>cms</b>.</p>
+
+<p>CMS_add0_crl() and CMS_add1_crl() add CRL <b>crl</b> to <b>cms</b>. CMS_get1_crls() returns any CRLs in <b>cms</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The CMS_ContentInfo structure <b>cms</b> must be of type signed data or enveloped data or an error will be returned.</p>
+
+<p>For signed data certificates and CRLs are added to the <b>certificates</b> and <b>crls</b> fields of SignedData structure. For enveloped data they are added to <b>OriginatorInfo</b>.</p>
+
+<p>As the <b>0</b> implies CMS_add0_cert() adds <b>cert</b> internally to <b>cms</b> and it must not be freed up after the call as opposed to CMS_add1_cert() where <b>cert</b> must be freed up.</p>
+
+<p>The same certificate or CRL must not be added to the same cms structure more than once.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return 1 for success and 0 for failure.</p>
+
+<p>CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. The only error which will occur in practice is if the <b>cms</b> type is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_add1_crl.html b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_crl.html
new file mode 100644
index 000000000..8cee48a4d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_crl.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add0_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls - CMS certificate and CRL utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add0_cert() and CMS_add1_cert() add certificate <b>cert</b> to <b>cms</b>. must be of type signed data or enveloped data.</p>
+
+<p>CMS_get1_certs() returns all certificates in <b>cms</b>.</p>
+
+<p>CMS_add0_crl() and CMS_add1_crl() add CRL <b>crl</b> to <b>cms</b>. CMS_get1_crls() returns any CRLs in <b>cms</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The CMS_ContentInfo structure <b>cms</b> must be of type signed data or enveloped data or an error will be returned.</p>
+
+<p>For signed data certificates and CRLs are added to the <b>certificates</b> and <b>crls</b> fields of SignedData structure. For enveloped data they are added to <b>OriginatorInfo</b>.</p>
+
+<p>As the <b>0</b> implies CMS_add0_cert() adds <b>cert</b> internally to <b>cms</b> and it must not be freed up after the call as opposed to CMS_add1_cert() where <b>cert</b> must be freed up.</p>
+
+<p>The same certificate or CRL must not be added to the same cms structure more than once.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return 1 for success and 0 for failure.</p>
+
+<p>CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. The only error which will occur in practice is if the <b>cms</b> type is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_add1_recipient_cert.html b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_recipient_cert.html
new file mode 100644
index 000000000..2efcb97d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_recipient_cert.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add1_recipient_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+                                            X509 *recip, unsigned int flags);
+
+ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+                                           unsigned char *key, size_t keylen,
+                                           unsigned char *id, size_t idlen,
+                                           ASN1_GENERALIZEDTIME *date,
+                                           ASN1_OBJECT *otherTypeId,
+                                           ASN1_TYPE *otherType);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add1_recipient_cert() adds recipient <b>recip</b> to CMS_ContentInfo enveloped data structure <b>cms</b> as a KeyTransRecipientInfo structure.</p>
+
+<p>CMS_add0_recipient_key() adds symmetric key <b>key</b> of length <b>keylen</b> using wrapping algorithm <b>nid</b>, identifier <b>id</b> of length <b>idlen</b> and optional values <b>date</b>, <b>otherTypeId</b> and <b>otherType</b> to CMS_ContentInfo enveloped data structure <b>cms</b> as a KEKRecipientInfo structure.</p>
+
+<p>The CMS_ContentInfo structure should be obtained from an initial call to CMS_encrypt() with the flag <b>CMS_PARTIAL</b> set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of this function is to provide finer control over a CMS enveloped data structure where the simpler CMS_encrypt() function defaults are not appropriate. For example if one or more KEKRecipientInfo structures need to be added. New attributes can also be added using the returned CMS_RecipientInfo structure and the CMS attribute utility functions.</p>
+
+<p>OpenSSL will by default identify recipient certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if all recipient certificates do not have a subject key identifier extension.</p>
+
+<p>Currently only AES based key wrapping algorithms are supported for <b>nid</b>, specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and NID_id_aes256_wrap. If <b>nid</b> is set to <b>NID_undef</b> then an AES wrap algorithm will be used consistent with <b>keylen</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an internal pointer to the CMS_RecipientInfo structure just added or NULL if an error occurs.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_add1_signer.html b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_signer.html
new file mode 100644
index 000000000..39322f98a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_add1_signer.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add1_signer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert,
+                                 EVP_PKEY *pkey, const EVP_MD *md,
+                                 unsigned int flags);
+
+ int CMS_SignerInfo_sign(CMS_SignerInfo *si);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add1_signer() adds a signer with certificate <b>signcert</b> and private key <b>pkey</b> using message digest <b>md</b> to CMS_ContentInfo SignedData structure <b>cms</b>.</p>
+
+<p>The CMS_ContentInfo structure should be obtained from an initial call to CMS_sign() with the flag <b>CMS_PARTIAL</b> set or in the case or re-signing a valid CMS_ContentInfo SignedData structure.</p>
+
+<p>If the <b>md</b> parameter is <b>NULL</b> then the default digest for the public key algorithm will be used.</p>
+
+<p>Unless the <b>CMS_REUSE_DIGEST</b> flag is set the returned CMS_ContentInfo structure is not complete and must be finalized either by streaming (if applicable) or a call to CMS_final().</p>
+
+<p>The CMS_SignerInfo_sign() function will explicitly sign a CMS_SignerInfo structure, its main use is when <b>CMS_REUSE_DIGEST</b> and <b>CMS_PARTIAL</b> flags are both set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of CMS_add1_signer() is to provide finer control over a CMS signed data structure where the simpler CMS_sign() function defaults are not appropriate. For example if multiple signers or non default digest algorithms are needed. New attributes can also be added using the returned CMS_SignerInfo structure and the CMS attribute utility functions or the CMS signed receipt request functions.</p>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter.</p>
+
+<p>If <b>CMS_REUSE_DIGEST</b> is set then an attempt is made to copy the content digest value from the CMS_ContentInfo structure: to add a signer to an existing structure. An error occurs if a matching digest value cannot be found to copy. The returned CMS_ContentInfo structure will be valid and finalized when this flag is set.</p>
+
+<p>If <b>CMS_PARTIAL</b> is set in addition to <b>CMS_REUSE_DIGEST</b> then the CMS_SignerInfo structure will not be finalized so additional attributes can be added. In this case an explicit call to CMS_SignerInfo_sign() is needed to finalize it.</p>
+
+<p>If <b>CMS_NOCERTS</b> is set the signer&#39;s certificate will not be included in the CMS_ContentInfo structure, the signer&#39;s certificate must still be supplied in the <b>signcert</b> parameter though. This can reduce the size of the signature if the signers certificate can be obtained by other means: for example a previously signed message.</p>
+
+<p>The SignedData structure includes several CMS signedAttributes including the signing time, the CMS content type and the supported list of ciphers in an SMIMECapabilities attribute. If <b>CMS_NOATTR</b> is set then no signedAttributes will be used. If <b>CMS_NOSMIMECAP</b> is set then just the SMIMECapabilities are omitted.</p>
+
+<p>OpenSSL will by default identify signing certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if the signing certificate does not have a subject key identifier extension.</p>
+
+<p>If present the SMIMECapabilities attribute indicates support for the following algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is not loaded.</p>
+
+<p>CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo structure just added, this can be used to set additional attributes before it is finalized.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo structure just added or NULL if an error occurs.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_final.html">CMS_final(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_compress.html b/msys2/usr/share/doc/openssl/html/man3/CMS_compress.html
new file mode 100644
index 000000000..ce8b0ac08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_compress.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_compress</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_compress - create a CMS CompressedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_compress() creates and returns a CMS CompressedData structure. <b>comp_nid</b> is the compression algorithm to use or <b>NID_undef</b> to use the default algorithm (zlib compression). <b>in</b> is the content to be compressed. <b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The only currently supported compression algorithm is zlib using the NID NID_zlib_compression.</p>
+
+<p>If zlib support is not compiled into OpenSSL then CMS_compress() will return an error.</p>
+
+<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are prepended to the data.</p>
+
+<p>Normally the supplied content is translated into MIME canonical format (as required by the S/MIME specifications) if <b>CMS_BINARY</b> is set no translation occurs. This option should be used if the supplied data is in binary format otherwise the translation will corrupt it. If <b>CMS_BINARY</b> is set then <b>CMS_TEXT</b> is ignored.</p>
+
+<p>If the <b>CMS_STREAM</b> flag is set a partial <b>CMS_ContentInfo</b> structure is returned suitable for streaming I/O: no data is read from the BIO <b>in</b>.</p>
+
+<p>The compressed data is included in the CMS_ContentInfo structure, unless <b>CMS_DETACHED</b> is set in which case it is omitted. This is rarely used in practice and is not supported by SMIME_write_CMS().</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>If the flag <b>CMS_STREAM</b> is set the returned <b>CMS_ContentInfo</b> structure is <b>not</b> complete and outputting its contents via a function that does not properly finalize the <b>CMS_ContentInfo</b> structure will give unpredictable results.</p>
+
+<p>Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(), PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 <b>BIO</b> directly using BIO_new_CMS().</p>
+
+<p>Additional compression parameters such as the zlib compression level cannot currently be set.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_compress() returns either a CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_uncompress.html">CMS_uncompress(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>CMS_STREAM</b> flag was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/CMS_decrypt.html
new file mode 100644
index 000000000..29b157f9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_decrypt.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_decrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_decrypt - decrypt content from a CMS envelopedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
+                 BIO *dcont, BIO *out, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_decrypt() extracts and decrypts the content from a CMS EnvelopedData structure. <b>pkey</b> is the private key of the recipient, <b>cert</b> is the recipient&#39;s certificate, <b>out</b> is a BIO to write the content to and <b>flags</b> is an optional set of flags.</p>
+
+<p>The <b>dcont</b> parameter is used in the rare case where the encrypted content is detached. It will normally be set to NULL.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Although the recipients certificate is not needed to decrypt the data it is needed to locate the appropriate (of possible several) recipients in the CMS structure.</p>
+
+<p>If <b>cert</b> is set to NULL all possible recipients are tried. This case however is problematic. To thwart the MMA attack (Bleichenbacher&#39;s attack on PKCS #1 v1.5 RSA padding) all recipients are tried whether they succeed or not. If no recipient succeeds then a random symmetric key is used to decrypt the content: this will typically output garbage and may (but is not guaranteed to) ultimately return a padding error only. If CMS_decrypt() just returned an error when all recipient encrypted keys failed to decrypt an attacker could use this in a timing attack. If the special flag <b>CMS_DEBUG_DECRYPT</b> is set then the above behaviour is modified and an error <b>is</b> returned if no recipient encrypted key can be decrypted <b>without</b> generating a random content encryption key. Applications should use this flag with <b>extreme caution</b> especially in automated gateways as it can leave them open to attack.</p>
+
+<p>It is possible to determine the correct recipient key by other means (for example looking them up in a database) and setting them in the CMS structure in advance using the CMS utility functions such as CMS_set1_pkey(). In this case both <b>cert</b> and <b>pkey</b> should be set to NULL.</p>
+
+<p>To process KEKRecipientInfo types CMS_set1_key() or CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() should be called before CMS_decrypt() and <b>cert</b> and <b>pkey</b> set to NULL.</p>
+
+<p>The following flags can be passed in the <b>flags</b> parameter.</p>
+
+<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are deleted from the content. If the content is not of type <b>text/plain</b> then an error is returned.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_decrypt() returns either 1 for success or 0 for failure. The error can be obtained from ERR_get_error(3)</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The lack of single pass processing and the need to hold all data in memory as mentioned in CMS_verify() also applies to CMS_decrypt().</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/CMS_encrypt.html
new file mode 100644
index 000000000..bb79d5d87
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_encrypt.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_encrypt - create a CMS envelopedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
+                              const EVP_CIPHER *cipher, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_encrypt() creates and returns a CMS EnvelopedData structure. <b>certs</b> is a list of recipient certificates. <b>in</b> is the content to be encrypted. <b>cipher</b> is the symmetric cipher to use. <b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this function.</p>
+
+<p>EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use because most clients will support it.</p>
+
+<p>The algorithm passed in the <b>cipher</b> parameter must support ASN1 encoding of its parameters.</p>
+
+<p>Many browsers implement a &quot;sign and encrypt&quot; option which is simply an S/MIME envelopedData containing an S/MIME signed message. This can be readily produced by storing the S/MIME signed message in a memory BIO and passing it to CMS_encrypt().</p>
+
+<p>The following flags can be passed in the <b>flags</b> parameter.</p>
+
+<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are prepended to the data.</p>
+
+<p>Normally the supplied content is translated into MIME canonical format (as required by the S/MIME specifications) if <b>CMS_BINARY</b> is set no translation occurs. This option should be used if the supplied data is in binary format otherwise the translation will corrupt it. If <b>CMS_BINARY</b> is set then <b>CMS_TEXT</b> is ignored.</p>
+
+<p>OpenSSL will by default identify recipient certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if all recipient certificates do not have a subject key identifier extension.</p>
+
+<p>If the <b>CMS_STREAM</b> flag is set a partial <b>CMS_ContentInfo</b> structure is returned suitable for streaming I/O: no data is read from the BIO <b>in</b>.</p>
+
+<p>If the <b>CMS_PARTIAL</b> flag is set a partial <b>CMS_ContentInfo</b> structure is returned to which additional recipients and attributes can be added before finalization.</p>
+
+<p>The data being encrypted is included in the CMS_ContentInfo structure, unless <b>CMS_DETACHED</b> is set in which case it is omitted. This is rarely used in practice and is not supported by SMIME_write_CMS().</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>If the flag <b>CMS_STREAM</b> is set the returned <b>CMS_ContentInfo</b> structure is <b>not</b> complete and outputting its contents via a function that does not properly finalize the <b>CMS_ContentInfo</b> structure will give unpredictable results.</p>
+
+<p>Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(), PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 <b>BIO</b> directly using BIO_new_CMS().</p>
+
+<p>The recipients specified in <b>certs</b> use a CMS KeyTransRecipientInfo info structure. KEKRecipientInfo is also supported using the flag <b>CMS_PARTIAL</b> and CMS_add0_recipient_key().</p>
+
+<p>The parameter <b>certs</b> may be NULL if <b>CMS_PARTIAL</b> is set and recipients added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_encrypt() returns either a CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>CMS_STREAM</b> flag was first supported in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_final.html b/msys2/usr/share/doc/openssl/html/man3/CMS_final.html
new file mode 100644
index 000000000..a90622744
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_final.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_final</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_final - finalise a CMS_ContentInfo structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_final() finalises the structure <b>cms</b>. It&#39;s purpose is to perform any operations necessary on <b>cms</b> (digest computation for example) and set the appropriate fields. The parameter <b>data</b> contains the content to be processed. The <b>dcont</b> parameter contains a BIO to write content to after processing: this is only used with detached data and will usually be set to NULL.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This function will normally be called when the <b>CMS_PARTIAL</b> flag is used. It should only be used when streaming is not performed because the streaming I/O functions perform finalisation operations internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_final() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get0_RecipientInfos.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_RecipientInfos.html
new file mode 100644
index 000000000..e638e19fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_RecipientInfos.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_RecipientInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                           ASN1_OCTET_STRING **keyid,
+                                           X509_NAME **issuer,
+                                           ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
+                                     ASN1_OCTET_STRING **pid,
+                                     ASN1_GENERALIZEDTIME **pdate,
+                                     ASN1_OBJECT **potherid,
+                                     ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                    const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                                unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo structures associated with a CMS EnvelopedData structure.</p>
+
+<p>CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure <b>ri</b>. It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() compares the certificate <b>cert</b> against the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_pkey() associates the private key <b>pkey</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_TRANS.</p>
+
+<p>CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the CMS_RecipientInfo structure <b>ri</b> which must be of type CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the application is not interested in the value of a field. Where a field is optional and absent NULL will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to <b>palg</b>, the <b>keyIdentifier</b> field is written to <b>pid</b>, the <b>date</b> field if present is written to <b>pdate</b>, if the <b>other</b> field is present the components <b>keyAttrId</b> and <b>keyAttr</b> are written to parameters <b>potherid</b> and <b>pothertype</b>.</p>
+
+<p>CMS_RecipientInfo_kekri_id_cmp() compares the ID in the <b>id</b> and <b>idlen</b> parameters against the <b>keyIdentifier</b> CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_RecipientInfo_set0_key() associates the symmetric key <b>key</b> of length <b>keylen</b> with the CMS_RecipientInfo structure <b>ri</b>, which must be of type CMS_RECIPINFO_KEK.</p>
+
+<p>CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first.</p>
+
+<p>CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure <b>ri</b> in structure <b>cms</b>. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to CMS_RecipientInfo_decrypt().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of CMS_decrypt() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_RecipientInfo structures using CMS_get0_RecipientInfos() and check the type of each using CMS_RecipientInfo_type(). Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and CMS_RecipientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content.</p>
+
+<p>The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as CMS_add1_recipient_cert() and finally encrypt the content encryption key using CMS_RecipientInfo_encrypt().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.</p>
+
+<p>CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get0_SignerInfos.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_SignerInfos.html
new file mode 100644
index 000000000..6f790235a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_SignerInfos.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_SignerInfos</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_SignerInfo_set1_signer_cert, CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp - CMS signedData signer functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid,
+                                   X509_NAME **issuer, ASN1_INTEGER **sno);
+ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+ int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures associated with a CMS signedData structure.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier associated with a specific CMS_SignerInfo structure <b>si</b>. Either the keyidentifier will be set in <b>keyid</b> or <b>both</b> issuer name and serial number in <b>issuer</b> and <b>sno</b>.</p>
+
+<p>CMS_SignerInfo_get0_signature() retrieves the signature associated with <b>si</b> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned corresponds to the internal signature value if <b>si</b> so it may be read or modified.</p>
+
+<p>CMS_SignerInfo_cert_cmp() compares the certificate <b>cert</b> against the signer identifier <b>si</b>. It returns zero if the comparison is successful and non zero if not.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() sets the signers certificate of <b>si</b> to <b>signer</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of these functions is to enable an application to lookup signers certificates using any appropriate technique when the simpler method of CMS_verify() is not appropriate.</p>
+
+<p>In typical usage and application will retrieve all CMS_SignerInfo structures using CMS_get0_SignerInfo() and retrieve the identifier information using CMS. It will then obtain the signer certificate by some unspecified means (or return and error if it cannot be found) and set it using CMS_SignerInfo_set1_signer_cert().</p>
+
+<p>Once all signer certificates have been set CMS_verify() can be used.</p>
+
+<p>Although CMS_get0_SignerInfos() can return NULL if an error occurs <b>or</b> if there are no signers this is not a problem in practice because the only error which can occur is if the <b>cms</b> structure is not of type signedData due to application error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there are no signers or an error occurs.</p>
+
+<p>CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.</p>
+
+<p>CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non zero otherwise.</p>
+
+<p>CMS_SignerInfo_set1_signer_cert() does not return a value.</p>
+
+<p>Any error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get0_content.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_content.html
new file mode 100644
index 000000000..c033b84cf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_content.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_type</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType, CMS_get0_content - get and set CMS content types and content</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms);
+ int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+ const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+ ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_get0_type() returns the content type of a CMS_ContentInfo structure as an ASN1_OBJECT pointer. An application can then decide how to process the CMS_ContentInfo structure based on this value.</p>
+
+<p>CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo structure. It should be called with CMS functions (such as <a href="/../man3/CMS_sign.html">CMS_sign</a>, <a href="/../man3/CMS_encrypt.html">CMS_encrypt</a>) with the <b>CMS_PARTIAL</b> flag and <b>before</b> the structure is finalised, otherwise the results are undefined.</p>
+
+<p>ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded content type.</p>
+
+<p>CMS_get0_content() returns a pointer to the <b>ASN1_OCTET_STRING</b> pointer containing the embedded content.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>As the <b>0</b> implies CMS_get0_type(), CMS_get0_eContentType() and CMS_get0_content() return internal pointers which should <b>not</b> be freed up. CMS_set1_eContentType() copies the supplied OID and it <b>should</b> be freed up after use.</p>
+
+<p>The <b>ASN1_OBJECT</b> values returned can be converted to an integer <b>NID</b> value using OBJ_obj2nid(). For the currently supported content types the following values are returned:</p>
+
+<pre><code> NID_pkcs7_data
+ NID_pkcs7_signed
+ NID_pkcs7_digest
+ NID_id_smime_ct_compressedData:
+ NID_pkcs7_encrypted
+ NID_pkcs7_enveloped</code></pre>
+
+<p>The return value of CMS_get0_content() is a pointer to the <b>ASN1_OCTET_STRING</b> content pointer. That means that for example:</p>
+
+<pre><code> ASN1_OCTET_STRING **pconf = CMS_get0_content(cms);</code></pre>
+
+<p><b>*pconf</b> could be NULL if there is no embedded content. Applications can access, modify or create the embedded content in a <b>CMS_ContentInfo</b> structure using this function. Applications usually will not need to modify the embedded content as it is normally set by higher level functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_type() and CMS_get0_eContentType() return an ASN1_OBJECT structure.</p>
+
+<p>CMS_set1_eContentType() returns 1 for success or 0 if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get0_eContentType.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_eContentType.html
new file mode 100644
index 000000000..c033b84cf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_eContentType.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_type</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType, CMS_get0_content - get and set CMS content types and content</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms);
+ int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+ const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+ ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_get0_type() returns the content type of a CMS_ContentInfo structure as an ASN1_OBJECT pointer. An application can then decide how to process the CMS_ContentInfo structure based on this value.</p>
+
+<p>CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo structure. It should be called with CMS functions (such as <a href="/../man3/CMS_sign.html">CMS_sign</a>, <a href="/../man3/CMS_encrypt.html">CMS_encrypt</a>) with the <b>CMS_PARTIAL</b> flag and <b>before</b> the structure is finalised, otherwise the results are undefined.</p>
+
+<p>ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded content type.</p>
+
+<p>CMS_get0_content() returns a pointer to the <b>ASN1_OCTET_STRING</b> pointer containing the embedded content.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>As the <b>0</b> implies CMS_get0_type(), CMS_get0_eContentType() and CMS_get0_content() return internal pointers which should <b>not</b> be freed up. CMS_set1_eContentType() copies the supplied OID and it <b>should</b> be freed up after use.</p>
+
+<p>The <b>ASN1_OBJECT</b> values returned can be converted to an integer <b>NID</b> value using OBJ_obj2nid(). For the currently supported content types the following values are returned:</p>
+
+<pre><code> NID_pkcs7_data
+ NID_pkcs7_signed
+ NID_pkcs7_digest
+ NID_id_smime_ct_compressedData:
+ NID_pkcs7_encrypted
+ NID_pkcs7_enveloped</code></pre>
+
+<p>The return value of CMS_get0_content() is a pointer to the <b>ASN1_OCTET_STRING</b> content pointer. That means that for example:</p>
+
+<pre><code> ASN1_OCTET_STRING **pconf = CMS_get0_content(cms);</code></pre>
+
+<p><b>*pconf</b> could be NULL if there is no embedded content. Applications can access, modify or create the embedded content in a <b>CMS_ContentInfo</b> structure using this function. Applications usually will not need to modify the embedded content as it is normally set by higher level functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_type() and CMS_get0_eContentType() return an ASN1_OBJECT structure.</p>
+
+<p>CMS_set1_eContentType() returns 1 for success or 0 if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get0_signers.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_signers.html
new file mode 100644
index 000000000..6342d5999
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_signers.html
@@ -0,0 +1,114 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#VERIFY-PROCESS">VERIFY PROCESS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_verify, CMS_get0_signers - verify a CMS SignedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
+                BIO *indata, BIO *out, unsigned int flags);
+
+ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_verify() verifies a CMS SignedData structure. <b>cms</b> is the CMS_ContentInfo structure to verify. <b>certs</b> is a set of certificates in which to search for the signing certificate(s). <b>store</b> is a trusted certificate store used for chain verification. <b>indata</b> is the detached content if the content is not present in <b>cms</b>. The content is written to <b>out</b> if it is not NULL.</p>
+
+<p><b>flags</b> is an optional set of flags, which can be used to modify the verify operation.</p>
+
+<p>CMS_get0_signers() retrieves the signing certificate(s) from <b>cms</b>, it must be called after a successful CMS_verify() operation.</p>
+
+<h1 id="VERIFY-PROCESS">VERIFY PROCESS</h1>
+
+<p>Normally the verify process proceeds as follows.</p>
+
+<p>Initially some sanity checks are performed on <b>cms</b>. The type of <b>cms</b> must be SignedData. There must be at least one signature on the data and if the content is detached <b>indata</b> cannot be <b>NULL</b>.</p>
+
+<p>An attempt is made to locate all the signing certificate(s), first looking in the <b>certs</b> parameter (if it is not NULL) and then looking in any certificates contained in the <b>cms</b> structure itself. If any signing certificate cannot be located the operation fails.</p>
+
+<p>Each signing certificate is chain verified using the <b>smimesign</b> purpose and the supplied trusted certificate store. Any internal certificates in the message are used as untrusted CAs. If CRL checking is enabled in <b>store</b> any internal CRLs are used in addition to attempting to look them up in <b>store</b>. If any chain verify fails an error code is returned.</p>
+
+<p>Finally the signed content is read (and written to <b>out</b> is it is not NULL) and the signature&#39;s checked.</p>
+
+<p>If all signature&#39;s verify correctly then the function is successful.</p>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter to change the default verify behaviour.</p>
+
+<p>If <b>CMS_NOINTERN</b> is set the certificates in the message itself are not searched when locating the signing certificate(s). This means that all the signing certificates must be in the <b>certs</b> parameter.</p>
+
+<p>If <b>CMS_NOCRL</b> is set and CRL checking is enabled in <b>store</b> then any CRLs in the message itself are ignored.</p>
+
+<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are deleted from the content. If the content is not of type <b>text/plain</b> then an error is returned.</p>
+
+<p>If <b>CMS_NO_SIGNER_CERT_VERIFY</b> is set the signing certificates are not verified.</p>
+
+<p>If <b>CMS_NO_ATTR_VERIFY</b> is set the signed attributes signature is not verified.</p>
+
+<p>If <b>CMS_NO_CONTENT_VERIFY</b> is set then the content digest is not checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>One application of <b>CMS_NOINTERN</b> is to only accept messages signed by a small number of certificates. The acceptable certificates would be passed in the <b>certs</b> parameter. In this case if the signer is not one of the certificates supplied in <b>certs</b> then the verify will fail because the signer cannot be found.</p>
+
+<p>In some cases the standard techniques for looking up and validating certificates are not appropriate: for example an application may wish to lookup certificates in a database or perform customised verification. This can be achieved by setting and verifying the signers certificates manually using the signed data utility functions.</p>
+
+<p>Care should be taken when modifying the default verify behaviour, for example setting <b>CMS_NO_CONTENT_VERIFY</b> will totally disable all content verification and any modified content will be considered valid. This combination is however useful if one merely wishes to write the content to <b>out</b> and its validity is not considered important.</p>
+
+<p>Chain verification should arguably be performed using the signing time rather than the current time. However since the signing time is supplied by the signer it cannot be trusted without additional evidence (such as a trusted timestamp).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_verify() returns 1 for a successful verification and zero if an error occurred.</p>
+
+<p>CMS_get0_signers() returns all signers or NULL if an error occurred.</p>
+
+<p>The error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The trusted certificate store is not searched for the signing certificate, this is primarily due to the inadequacies of the current <b>X509_STORE</b> functionality.</p>
+
+<p>The lack of single pass processing means that the signed content must all be held in memory if it is not detached.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get0_type.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_type.html
new file mode 100644
index 000000000..c033b84cf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get0_type.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_type</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType, CMS_get0_content - get and set CMS content types and content</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms);
+ int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+ const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+ ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_get0_type() returns the content type of a CMS_ContentInfo structure as an ASN1_OBJECT pointer. An application can then decide how to process the CMS_ContentInfo structure based on this value.</p>
+
+<p>CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo structure. It should be called with CMS functions (such as <a href="/../man3/CMS_sign.html">CMS_sign</a>, <a href="/../man3/CMS_encrypt.html">CMS_encrypt</a>) with the <b>CMS_PARTIAL</b> flag and <b>before</b> the structure is finalised, otherwise the results are undefined.</p>
+
+<p>ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded content type.</p>
+
+<p>CMS_get0_content() returns a pointer to the <b>ASN1_OCTET_STRING</b> pointer containing the embedded content.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>As the <b>0</b> implies CMS_get0_type(), CMS_get0_eContentType() and CMS_get0_content() return internal pointers which should <b>not</b> be freed up. CMS_set1_eContentType() copies the supplied OID and it <b>should</b> be freed up after use.</p>
+
+<p>The <b>ASN1_OBJECT</b> values returned can be converted to an integer <b>NID</b> value using OBJ_obj2nid(). For the currently supported content types the following values are returned:</p>
+
+<pre><code> NID_pkcs7_data
+ NID_pkcs7_signed
+ NID_pkcs7_digest
+ NID_id_smime_ct_compressedData:
+ NID_pkcs7_encrypted
+ NID_pkcs7_enveloped</code></pre>
+
+<p>The return value of CMS_get0_content() is a pointer to the <b>ASN1_OCTET_STRING</b> content pointer. That means that for example:</p>
+
+<pre><code> ASN1_OCTET_STRING **pconf = CMS_get0_content(cms);</code></pre>
+
+<p><b>*pconf</b> could be NULL if there is no embedded content. Applications can access, modify or create the embedded content in a <b>CMS_ContentInfo</b> structure using this function. Applications usually will not need to modify the embedded content as it is normally set by higher level functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_type() and CMS_get0_eContentType() return an ASN1_OBJECT structure.</p>
+
+<p>CMS_set1_eContentType() returns 1 for success or 0 if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get1_ReceiptRequest.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get1_ReceiptRequest.html
new file mode 100644
index 000000000..1a5e435d7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get1_ReceiptRequest.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get1_ReceiptRequest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+                                                int allorfirst,
+                                                STACK_OF(GENERAL_NAMES) *receiptList,
+                                                STACK_OF(GENERAL_NAMES) *receiptsTo);
+ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
+                                     int *pallorfirst,
+                                     STACK_OF(GENERAL_NAMES) **plist,
+                                     STACK_OF(GENERAL_NAMES) **prto);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_ReceiptRequest_create0() creates a signed receipt request structure. The <b>signedContentIdentifier</b> field is set using <b>id</b> and <b>idlen</b>, or it is set to 32 bytes of pseudo random data if <b>id</b> is NULL. If <b>receiptList</b> is NULL the allOrFirstTier option in <b>receiptsFrom</b> is used and set to the value of the <b>allorfirst</b> parameter. If <b>receiptList</b> is not NULL the <b>receiptList</b> option in <b>receiptsFrom</b> is used. The <b>receiptsTo</b> parameter specifies the <b>receiptsTo</b> field value.</p>
+
+<p>The CMS_add1_ReceiptRequest() function adds a signed receipt request <b>rr</b> to SignerInfo structure <b>si</b>.</p>
+
+<p>int CMS_get1_ReceiptRequest() looks for a signed receipt request in <b>si</b>, if any is found it is decoded and written to <b>prr</b>.</p>
+
+<p>CMS_ReceiptRequest_get0_values() retrieves the values of a receipt request. The signedContentIdentifier is copied to <b>pcid</b>. If the <b>allOrFirstTier</b> option of <b>receiptsFrom</b> is used its value is copied to <b>pallorfirst</b> otherwise the <b>receiptList</b> field is copied to <b>plist</b>. The <b>receiptsTo</b> parameter is copied to <b>prto</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For more details of the meaning of the fields see RFC2634.</p>
+
+<p>The contents of a signed receipt should only be considered meaningful if the corresponding CMS_ContentInfo structure can be successfully verified using CMS_verify().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_ReceiptRequest_create0() returns a signed receipt request structure or NULL if an error occurred.</p>
+
+<p>CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred.</p>
+
+<p>CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and decoded. It returns 0 if a signed receipt request is not present and -1 if it is present but malformed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_sign_receipt.html">CMS_sign_receipt(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a> <a href="../man3/CMS_verify_receipt.html">CMS_verify_receipt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get1_certs.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get1_certs.html
new file mode 100644
index 000000000..8cee48a4d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get1_certs.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add0_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls - CMS certificate and CRL utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add0_cert() and CMS_add1_cert() add certificate <b>cert</b> to <b>cms</b>. must be of type signed data or enveloped data.</p>
+
+<p>CMS_get1_certs() returns all certificates in <b>cms</b>.</p>
+
+<p>CMS_add0_crl() and CMS_add1_crl() add CRL <b>crl</b> to <b>cms</b>. CMS_get1_crls() returns any CRLs in <b>cms</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The CMS_ContentInfo structure <b>cms</b> must be of type signed data or enveloped data or an error will be returned.</p>
+
+<p>For signed data certificates and CRLs are added to the <b>certificates</b> and <b>crls</b> fields of SignedData structure. For enveloped data they are added to <b>OriginatorInfo</b>.</p>
+
+<p>As the <b>0</b> implies CMS_add0_cert() adds <b>cert</b> internally to <b>cms</b> and it must not be freed up after the call as opposed to CMS_add1_cert() where <b>cert</b> must be freed up.</p>
+
+<p>The same certificate or CRL must not be added to the same cms structure more than once.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return 1 for success and 0 for failure.</p>
+
+<p>CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. The only error which will occur in practice is if the <b>cms</b> type is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_get1_crls.html b/msys2/usr/share/doc/openssl/html/man3/CMS_get1_crls.html
new file mode 100644
index 000000000..8cee48a4d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_get1_crls.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_add0_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls - CMS certificate and CRL utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_add0_cert() and CMS_add1_cert() add certificate <b>cert</b> to <b>cms</b>. must be of type signed data or enveloped data.</p>
+
+<p>CMS_get1_certs() returns all certificates in <b>cms</b>.</p>
+
+<p>CMS_add0_crl() and CMS_add1_crl() add CRL <b>crl</b> to <b>cms</b>. CMS_get1_crls() returns any CRLs in <b>cms</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The CMS_ContentInfo structure <b>cms</b> must be of type signed data or enveloped data or an error will be returned.</p>
+
+<p>For signed data certificates and CRLs are added to the <b>certificates</b> and <b>crls</b> fields of SignedData structure. For enveloped data they are added to <b>OriginatorInfo</b>.</p>
+
+<p>As the <b>0</b> implies CMS_add0_cert() adds <b>cert</b> internally to <b>cms</b> and it must not be freed up after the call as opposed to CMS_add1_cert() where <b>cert</b> must be freed up.</p>
+
+<p>The same certificate or CRL must not be added to the same cms structure more than once.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return 1 for success and 0 for failure.</p>
+
+<p>CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. The only error which will occur in practice is if the <b>cms</b> type is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_set1_eContentType.html b/msys2/usr/share/doc/openssl/html/man3/CMS_set1_eContentType.html
new file mode 100644
index 000000000..c033b84cf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_set1_eContentType.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_get0_type</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType, CMS_get0_content - get and set CMS content types and content</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms);
+ int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+ const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+ ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_get0_type() returns the content type of a CMS_ContentInfo structure as an ASN1_OBJECT pointer. An application can then decide how to process the CMS_ContentInfo structure based on this value.</p>
+
+<p>CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo structure. It should be called with CMS functions (such as <a href="/../man3/CMS_sign.html">CMS_sign</a>, <a href="/../man3/CMS_encrypt.html">CMS_encrypt</a>) with the <b>CMS_PARTIAL</b> flag and <b>before</b> the structure is finalised, otherwise the results are undefined.</p>
+
+<p>ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded content type.</p>
+
+<p>CMS_get0_content() returns a pointer to the <b>ASN1_OCTET_STRING</b> pointer containing the embedded content.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>As the <b>0</b> implies CMS_get0_type(), CMS_get0_eContentType() and CMS_get0_content() return internal pointers which should <b>not</b> be freed up. CMS_set1_eContentType() copies the supplied OID and it <b>should</b> be freed up after use.</p>
+
+<p>The <b>ASN1_OBJECT</b> values returned can be converted to an integer <b>NID</b> value using OBJ_obj2nid(). For the currently supported content types the following values are returned:</p>
+
+<pre><code> NID_pkcs7_data
+ NID_pkcs7_signed
+ NID_pkcs7_digest
+ NID_id_smime_ct_compressedData:
+ NID_pkcs7_encrypted
+ NID_pkcs7_enveloped</code></pre>
+
+<p>The return value of CMS_get0_content() is a pointer to the <b>ASN1_OCTET_STRING</b> content pointer. That means that for example:</p>
+
+<pre><code> ASN1_OCTET_STRING **pconf = CMS_get0_content(cms);</code></pre>
+
+<p><b>*pconf</b> could be NULL if there is no embedded content. Applications can access, modify or create the embedded content in a <b>CMS_ContentInfo</b> structure using this function. Applications usually will not need to modify the embedded content as it is normally set by higher level functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_get0_type() and CMS_get0_eContentType() return an ASN1_OBJECT structure.</p>
+
+<p>CMS_set1_eContentType() returns 1 for success or 0 if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_sign.html b/msys2/usr/share/doc/openssl/html/man3/CMS_sign.html
new file mode 100644
index 000000000..352404d39
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_sign.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_sign - create a CMS SignedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+                           BIO *data, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_sign() creates and returns a CMS SignedData structure. <b>signcert</b> is the certificate to sign with, <b>pkey</b> is the corresponding private key. <b>certs</b> is an optional additional set of certificates to include in the CMS structure (for example any intermediate CAs in the chain). Any or all of these parameters can be <b>NULL</b>, see <b>NOTES</b> below.</p>
+
+<p>The data to be signed is read from BIO <b>data</b>.</p>
+
+<p><b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter.</p>
+
+<p>Many S/MIME clients expect the signed content to include valid MIME headers. If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are prepended to the data.</p>
+
+<p>If <b>CMS_NOCERTS</b> is set the signer&#39;s certificate will not be included in the CMS_ContentInfo structure, the signer&#39;s certificate must still be supplied in the <b>signcert</b> parameter though. This can reduce the size of the signature if the signers certificate can be obtained by other means: for example a previously signed message.</p>
+
+<p>The data being signed is included in the CMS_ContentInfo structure, unless <b>CMS_DETACHED</b> is set in which case it is omitted. This is used for CMS_ContentInfo detached signatures which are used in S/MIME plaintext signed messages for example.</p>
+
+<p>Normally the supplied content is translated into MIME canonical format (as required by the S/MIME specifications) if <b>CMS_BINARY</b> is set no translation occurs. This option should be used if the supplied data is in binary format otherwise the translation will corrupt it.</p>
+
+<p>The SignedData structure includes several CMS signedAttributes including the signing time, the CMS content type and the supported list of ciphers in an SMIMECapabilities attribute. If <b>CMS_NOATTR</b> is set then no signedAttributes will be used. If <b>CMS_NOSMIMECAP</b> is set then just the SMIMECapabilities are omitted.</p>
+
+<p>If present the SMIMECapabilities attribute indicates support for the following algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is not loaded.</p>
+
+<p>OpenSSL will by default identify signing certificates using issuer name and serial number. If <b>CMS_USE_KEYID</b> is set it will use the subject key identifier value instead. An error occurs if the signing certificate does not have a subject key identifier extension.</p>
+
+<p>If the flags <b>CMS_STREAM</b> is set then the returned <b>CMS_ContentInfo</b> structure is just initialized ready to perform the signing operation. The signing is however <b>not</b> performed and the data to be signed is not read from the <b>data</b> parameter. Signing is deferred until after the data has been written. In this way data can be signed in a single pass.</p>
+
+<p>If the <b>CMS_PARTIAL</b> flag is set a partial <b>CMS_ContentInfo</b> structure is output to which additional signers and capabilities can be added before finalization.</p>
+
+<p>If the flag <b>CMS_STREAM</b> is set the returned <b>CMS_ContentInfo</b> structure is <b>not</b> complete and outputting its contents via a function that does not properly finalize the <b>CMS_ContentInfo</b> structure will give unpredictable results.</p>
+
+<p>Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(), PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 <b>BIO</b> directly using BIO_new_CMS().</p>
+
+<p>If a signer is specified it will use the default digest for the signing algorithm. This is <b>SHA1</b> for both RSA and DSA keys.</p>
+
+<p>If <b>signcert</b> and <b>pkey</b> are NULL then a certificates only CMS structure is output.</p>
+
+<p>The function CMS_sign() is a basic CMS signing function whose output will be suitable for many purposes. For finer control of the output format the <b>certs</b>, <b>signcert</b> and <b>pkey</b> parameters can all be <b>NULL</b> and the <b>CMS_PARTIAL</b> flag set. Then one or more signers can be added using the function CMS_sign_add1_signer(), non default digests can be used and custom attributes added. CMS_final() must then be called to finalize the structure if streaming is not enabled.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some attributes such as counter signatures are not supported.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_sign() returns either a valid CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>CMS_STREAM</b> flag is only supported for detached data in OpenSSL 0.9.8, it is supported for embedded data in OpenSSL 1.0.0 and later.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_sign_receipt.html b/msys2/usr/share/doc/openssl/html/man3/CMS_sign_receipt.html
new file mode 100644
index 000000000..5ab4149e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_sign_receipt.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_sign_receipt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_sign_receipt - create a CMS signed receipt</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert,
+                                   EVP_PKEY *pkey, STACK_OF(X509) *certs,
+                                   unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_sign_receipt() creates and returns a CMS signed receipt structure. <b>si</b> is the <b>CMS_SignerInfo</b> structure containing the signed receipt request. <b>signcert</b> is the certificate to sign with, <b>pkey</b> is the corresponding private key. <b>certs</b> is an optional additional set of certificates to include in the CMS structure (for example any intermediate CAs in the chain).</p>
+
+<p><b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This functions behaves in a similar way to CMS_sign() except the flag values <b>CMS_DETACHED</b>, <b>CMS_BINARY</b>, <b>CMS_NOATTR</b>, <b>CMS_TEXT</b> and <b>CMS_STREAM</b> are not supported since they do not make sense in the context of signed receipts.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_sign_receipt() returns either a valid CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_verify_receipt.html">CMS_verify_receipt(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_uncompress.html b/msys2/usr/share/doc/openssl/html/man3/CMS_uncompress.html
new file mode 100644
index 000000000..e4ee5fa66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_uncompress.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_uncompress</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_uncompress - uncompress a CMS CompressedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_uncompress() extracts and uncompresses the content from a CMS CompressedData structure <b>cms</b>. <b>data</b> is a BIO to write the content to and <b>flags</b> is an optional set of flags.</p>
+
+<p>The <b>dcont</b> parameter is used in the rare case where the compressed content is detached. It will normally be set to NULL.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The only currently supported compression algorithm is zlib: if the structure indicates the use of any other algorithm an error is returned.</p>
+
+<p>If zlib support is not compiled into OpenSSL then CMS_uncompress() will always return an error.</p>
+
+<p>The following flags can be passed in the <b>flags</b> parameter.</p>
+
+<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are deleted from the content. If the content is not of type <b>text/plain</b> then an error is returned.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_uncompress() returns either 1 for success or 0 for failure. The error can be obtained from ERR_get_error(3)</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The lack of single pass processing and the need to hold all data in memory as mentioned in CMS_verify() also applies to CMS_decompress().</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_compress.html">CMS_compress(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_verify.html b/msys2/usr/share/doc/openssl/html/man3/CMS_verify.html
new file mode 100644
index 000000000..6342d5999
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_verify.html
@@ -0,0 +1,114 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#VERIFY-PROCESS">VERIFY PROCESS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_verify, CMS_get0_signers - verify a CMS SignedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
+                BIO *indata, BIO *out, unsigned int flags);
+
+ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_verify() verifies a CMS SignedData structure. <b>cms</b> is the CMS_ContentInfo structure to verify. <b>certs</b> is a set of certificates in which to search for the signing certificate(s). <b>store</b> is a trusted certificate store used for chain verification. <b>indata</b> is the detached content if the content is not present in <b>cms</b>. The content is written to <b>out</b> if it is not NULL.</p>
+
+<p><b>flags</b> is an optional set of flags, which can be used to modify the verify operation.</p>
+
+<p>CMS_get0_signers() retrieves the signing certificate(s) from <b>cms</b>, it must be called after a successful CMS_verify() operation.</p>
+
+<h1 id="VERIFY-PROCESS">VERIFY PROCESS</h1>
+
+<p>Normally the verify process proceeds as follows.</p>
+
+<p>Initially some sanity checks are performed on <b>cms</b>. The type of <b>cms</b> must be SignedData. There must be at least one signature on the data and if the content is detached <b>indata</b> cannot be <b>NULL</b>.</p>
+
+<p>An attempt is made to locate all the signing certificate(s), first looking in the <b>certs</b> parameter (if it is not NULL) and then looking in any certificates contained in the <b>cms</b> structure itself. If any signing certificate cannot be located the operation fails.</p>
+
+<p>Each signing certificate is chain verified using the <b>smimesign</b> purpose and the supplied trusted certificate store. Any internal certificates in the message are used as untrusted CAs. If CRL checking is enabled in <b>store</b> any internal CRLs are used in addition to attempting to look them up in <b>store</b>. If any chain verify fails an error code is returned.</p>
+
+<p>Finally the signed content is read (and written to <b>out</b> is it is not NULL) and the signature&#39;s checked.</p>
+
+<p>If all signature&#39;s verify correctly then the function is successful.</p>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter to change the default verify behaviour.</p>
+
+<p>If <b>CMS_NOINTERN</b> is set the certificates in the message itself are not searched when locating the signing certificate(s). This means that all the signing certificates must be in the <b>certs</b> parameter.</p>
+
+<p>If <b>CMS_NOCRL</b> is set and CRL checking is enabled in <b>store</b> then any CRLs in the message itself are ignored.</p>
+
+<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are deleted from the content. If the content is not of type <b>text/plain</b> then an error is returned.</p>
+
+<p>If <b>CMS_NO_SIGNER_CERT_VERIFY</b> is set the signing certificates are not verified.</p>
+
+<p>If <b>CMS_NO_ATTR_VERIFY</b> is set the signed attributes signature is not verified.</p>
+
+<p>If <b>CMS_NO_CONTENT_VERIFY</b> is set then the content digest is not checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>One application of <b>CMS_NOINTERN</b> is to only accept messages signed by a small number of certificates. The acceptable certificates would be passed in the <b>certs</b> parameter. In this case if the signer is not one of the certificates supplied in <b>certs</b> then the verify will fail because the signer cannot be found.</p>
+
+<p>In some cases the standard techniques for looking up and validating certificates are not appropriate: for example an application may wish to lookup certificates in a database or perform customised verification. This can be achieved by setting and verifying the signers certificates manually using the signed data utility functions.</p>
+
+<p>Care should be taken when modifying the default verify behaviour, for example setting <b>CMS_NO_CONTENT_VERIFY</b> will totally disable all content verification and any modified content will be considered valid. This combination is however useful if one merely wishes to write the content to <b>out</b> and its validity is not considered important.</p>
+
+<p>Chain verification should arguably be performed using the signing time rather than the current time. However since the signing time is supplied by the signer it cannot be trusted without additional evidence (such as a trusted timestamp).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_verify() returns 1 for a successful verification and zero if an error occurred.</p>
+
+<p>CMS_get0_signers() returns all signers or NULL if an error occurred.</p>
+
+<p>The error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The trusted certificate store is not searched for the signing certificate, this is primarily due to the inadequacies of the current <b>X509_STORE</b> functionality.</p>
+
+<p>The lack of single pass processing means that the signed content must all be held in memory if it is not detached.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CMS_verify_receipt.html b/msys2/usr/share/doc/openssl/html/man3/CMS_verify_receipt.html
new file mode 100644
index 000000000..39d95744f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CMS_verify_receipt.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CMS_verify_receipt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CMS_verify_receipt - verify a CMS signed receipt</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
+                        STACK_OF(X509) *certs, X509_STORE *store,
+                        unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CMS_verify_receipt() verifies a CMS signed receipt. <b>rcms</b> is the signed receipt to verify. <b>ocms</b> is the original SignedData structure containing the receipt request. <b>certs</b> is a set of certificates in which to search for the signing certificate. <b>store</b> is a trusted certificate store (used for chain verification).</p>
+
+<p><b>flags</b> is an optional set of flags, which can be used to modify the verify operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This functions behaves in a similar way to CMS_verify() except the flag values <b>CMS_DETACHED</b>, <b>CMS_BINARY</b>, <b>CMS_TEXT</b> and <b>CMS_STREAM</b> are not supported since they do not make sense in the context of signed receipts.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CMS_verify_receipt() returns 1 for a successful verification and zero if an error occurred.</p>
+
+<p>The error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign_receipt.html">CMS_sign_receipt(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CONF_modules_finish.html b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_finish.html
new file mode 100644
index 000000000..e51aadfcb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_finish.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CONF_modules_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CONF_modules_free, CONF_modules_finish, CONF_modules_unload - OpenSSL configuration cleanup functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ void CONF_modules_finish(void);
+ void CONF_modules_unload(int all);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void CONF_modules_free(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CONF_modules_free() closes down and frees up all memory allocated by all configuration modules. Normally, in versions of OpenSSL prior to 1.1.0, applications called CONF_modules_free() at exit to tidy up any configuration performed.</p>
+
+<p>CONF_modules_finish() calls each configuration modules <b>finish</b> handler to free up any configuration that module may have performed.</p>
+
+<p>CONF_modules_unload() finishes and unloads configuration modules. If <b>all</b> is set to <b>0</b> only modules loaded from DSOs will be unloads. If <b>all</b> is <b>1</b> all modules, including builtin modules will be unloaded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/OPENSSL_config.html">OPENSSL_config(3)</a>, <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>CONF_modules_free() was deprecated in OpenSSL 1.1.0; do not use it. For more information see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CONF_modules_free.html b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_free.html
new file mode 100644
index 000000000..e51aadfcb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_free.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CONF_modules_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CONF_modules_free, CONF_modules_finish, CONF_modules_unload - OpenSSL configuration cleanup functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ void CONF_modules_finish(void);
+ void CONF_modules_unload(int all);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void CONF_modules_free(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CONF_modules_free() closes down and frees up all memory allocated by all configuration modules. Normally, in versions of OpenSSL prior to 1.1.0, applications called CONF_modules_free() at exit to tidy up any configuration performed.</p>
+
+<p>CONF_modules_finish() calls each configuration modules <b>finish</b> handler to free up any configuration that module may have performed.</p>
+
+<p>CONF_modules_unload() finishes and unloads configuration modules. If <b>all</b> is set to <b>0</b> only modules loaded from DSOs will be unloads. If <b>all</b> is <b>1</b> all modules, including builtin modules will be unloaded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/OPENSSL_config.html">OPENSSL_config(3)</a>, <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>CONF_modules_free() was deprecated in OpenSSL 1.1.0; do not use it. For more information see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CONF_modules_load.html b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_load.html
new file mode 100644
index 000000000..094cd79b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_load.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CONF_modules_load_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ int CONF_modules_load_file(const char *filename, const char *appname,
+                            unsigned long flags);
+ int CONF_modules_load(const CONF *cnf, const char *appname,
+                       unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CONF_modules_load_file() configures OpenSSL using file <b>filename</b> and application name <b>appname</b>. If <b>filename</b> is NULL the standard OpenSSL configuration file is used. If <b>appname</b> is NULL the standard OpenSSL application name <b>openssl_conf</b> is used. The behaviour can be customized using <b>flags</b>.</p>
+
+<p>CONF_modules_load() is identical to CONF_modules_load_file() except it reads configuration information from <b>cnf</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following <b>flags</b> are currently recognized:</p>
+
+<p>If <b>CONF_MFLAGS_IGNORE_ERRORS</b> is set errors returned by individual configuration modules are ignored. If not set the first module error is considered fatal and no further modules are loaded.</p>
+
+<p>Normally any modules errors will add error information to the error queue. If <b>CONF_MFLAGS_SILENT</b> is set no error information is added.</p>
+
+<p>If <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> is set the function unconditionally returns success. This is used by default in <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> to ignore any errors in the default system-wide configuration file, as having all OpenSSL applications fail to start when there are potentially minor issues in the file is too risky. Applications calling <b>CONF_modules_load_file</b> explicitly should not generally set this flag.</p>
+
+<p>If <b>CONF_MFLAGS_NO_DSO</b> is set configuration module loading from DSOs is disabled.</p>
+
+<p><b>CONF_MFLAGS_IGNORE_MISSING_FILE</b> if set will make CONF_load_modules_file() ignore missing configuration files. Normally a missing configuration file return an error.</p>
+
+<p><b>CONF_MFLAGS_DEFAULT_SECTION</b> if set and <b>appname</b> is not NULL will use the default section pointed to by <b>openssl_conf</b> if <b>appname</b> does not exist.</p>
+
+<p>By using CONF_modules_load_file() with appropriate flags an application can customise application configuration to best suit its needs. In some cases the use of a configuration file is optional and its absence is not an error: in this case <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b> would be set.</p>
+
+<p>Errors during configuration may also be handled differently by different applications. For example in some cases an error may simply print out a warning message and the application continue. In other cases an application might consider a configuration file error as fatal and exit immediately.</p>
+
+<p>Applications can use the CONF_modules_load() function if they wish to load a configuration file themselves and have finer control over how errors are treated.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Load a configuration file and print out any errors and exit (missing file considered fatal):</p>
+
+<pre><code> if (CONF_modules_load_file(NULL, NULL, 0) &lt;= 0) {
+     fprintf(stderr, &quot;FATAL: error loading configuration file\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }</code></pre>
+
+<p>Load default configuration file using the section indicated by &quot;myapp&quot;, tolerate missing files, but exit on other errors:</p>
+
+<pre><code> if (CONF_modules_load_file(NULL, &quot;myapp&quot;,
+                            CONF_MFLAGS_IGNORE_MISSING_FILE) &lt;= 0) {
+     fprintf(stderr, &quot;FATAL: error loading configuration file\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }</code></pre>
+
+<p>Load custom configuration file and section, only print warnings on error, missing configuration file ignored:</p>
+
+<pre><code> if (CONF_modules_load_file(&quot;/something/app.cnf&quot;, &quot;myapp&quot;,
+                            CONF_MFLAGS_IGNORE_MISSING_FILE) &lt;= 0) {
+     fprintf(stderr, &quot;WARNING: error loading configuration file\n&quot;);
+     ERR_print_errors_fp(stderr);
+ }</code></pre>
+
+<p>Load and parse configuration file manually, custom error handling:</p>
+
+<pre><code> FILE *fp;
+ CONF *cnf = NULL;
+ long eline;
+
+ fp = fopen(&quot;/somepath/app.cnf&quot;, &quot;r&quot;);
+ if (fp == NULL) {
+     fprintf(stderr, &quot;Error opening configuration file\n&quot;);
+     /* Other missing configuration file behaviour */
+ } else {
+     cnf = NCONF_new(NULL);
+     if (NCONF_load_fp(cnf, fp, &amp;eline) == 0) {
+         fprintf(stderr, &quot;Error on line %ld of configuration file\n&quot;, eline);
+         ERR_print_errors_fp(stderr);
+         /* Other malformed configuration file behaviour */
+     } else if (CONF_modules_load(cnf, &quot;appname&quot;, 0) &lt;= 0) {
+         fprintf(stderr, &quot;Error configuring application\n&quot;);
+         ERR_print_errors_fp(stderr);
+         /* Other configuration error behaviour */
+     }
+     fclose(fp);
+     NCONF_free(cnf);
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 for success and a zero or negative value for failure. If module errors are not ignored the return code will reflect the return value of the failing module (this will always be zero or negative).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/OPENSSL_config.html">OPENSSL_config(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CONF_modules_load_file.html b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_load_file.html
new file mode 100644
index 000000000..094cd79b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_load_file.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CONF_modules_load_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ int CONF_modules_load_file(const char *filename, const char *appname,
+                            unsigned long flags);
+ int CONF_modules_load(const CONF *cnf, const char *appname,
+                       unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function CONF_modules_load_file() configures OpenSSL using file <b>filename</b> and application name <b>appname</b>. If <b>filename</b> is NULL the standard OpenSSL configuration file is used. If <b>appname</b> is NULL the standard OpenSSL application name <b>openssl_conf</b> is used. The behaviour can be customized using <b>flags</b>.</p>
+
+<p>CONF_modules_load() is identical to CONF_modules_load_file() except it reads configuration information from <b>cnf</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following <b>flags</b> are currently recognized:</p>
+
+<p>If <b>CONF_MFLAGS_IGNORE_ERRORS</b> is set errors returned by individual configuration modules are ignored. If not set the first module error is considered fatal and no further modules are loaded.</p>
+
+<p>Normally any modules errors will add error information to the error queue. If <b>CONF_MFLAGS_SILENT</b> is set no error information is added.</p>
+
+<p>If <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> is set the function unconditionally returns success. This is used by default in <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> to ignore any errors in the default system-wide configuration file, as having all OpenSSL applications fail to start when there are potentially minor issues in the file is too risky. Applications calling <b>CONF_modules_load_file</b> explicitly should not generally set this flag.</p>
+
+<p>If <b>CONF_MFLAGS_NO_DSO</b> is set configuration module loading from DSOs is disabled.</p>
+
+<p><b>CONF_MFLAGS_IGNORE_MISSING_FILE</b> if set will make CONF_load_modules_file() ignore missing configuration files. Normally a missing configuration file return an error.</p>
+
+<p><b>CONF_MFLAGS_DEFAULT_SECTION</b> if set and <b>appname</b> is not NULL will use the default section pointed to by <b>openssl_conf</b> if <b>appname</b> does not exist.</p>
+
+<p>By using CONF_modules_load_file() with appropriate flags an application can customise application configuration to best suit its needs. In some cases the use of a configuration file is optional and its absence is not an error: in this case <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b> would be set.</p>
+
+<p>Errors during configuration may also be handled differently by different applications. For example in some cases an error may simply print out a warning message and the application continue. In other cases an application might consider a configuration file error as fatal and exit immediately.</p>
+
+<p>Applications can use the CONF_modules_load() function if they wish to load a configuration file themselves and have finer control over how errors are treated.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Load a configuration file and print out any errors and exit (missing file considered fatal):</p>
+
+<pre><code> if (CONF_modules_load_file(NULL, NULL, 0) &lt;= 0) {
+     fprintf(stderr, &quot;FATAL: error loading configuration file\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }</code></pre>
+
+<p>Load default configuration file using the section indicated by &quot;myapp&quot;, tolerate missing files, but exit on other errors:</p>
+
+<pre><code> if (CONF_modules_load_file(NULL, &quot;myapp&quot;,
+                            CONF_MFLAGS_IGNORE_MISSING_FILE) &lt;= 0) {
+     fprintf(stderr, &quot;FATAL: error loading configuration file\n&quot;);
+     ERR_print_errors_fp(stderr);
+     exit(1);
+ }</code></pre>
+
+<p>Load custom configuration file and section, only print warnings on error, missing configuration file ignored:</p>
+
+<pre><code> if (CONF_modules_load_file(&quot;/something/app.cnf&quot;, &quot;myapp&quot;,
+                            CONF_MFLAGS_IGNORE_MISSING_FILE) &lt;= 0) {
+     fprintf(stderr, &quot;WARNING: error loading configuration file\n&quot;);
+     ERR_print_errors_fp(stderr);
+ }</code></pre>
+
+<p>Load and parse configuration file manually, custom error handling:</p>
+
+<pre><code> FILE *fp;
+ CONF *cnf = NULL;
+ long eline;
+
+ fp = fopen(&quot;/somepath/app.cnf&quot;, &quot;r&quot;);
+ if (fp == NULL) {
+     fprintf(stderr, &quot;Error opening configuration file\n&quot;);
+     /* Other missing configuration file behaviour */
+ } else {
+     cnf = NCONF_new(NULL);
+     if (NCONF_load_fp(cnf, fp, &amp;eline) == 0) {
+         fprintf(stderr, &quot;Error on line %ld of configuration file\n&quot;, eline);
+         ERR_print_errors_fp(stderr);
+         /* Other malformed configuration file behaviour */
+     } else if (CONF_modules_load(cnf, &quot;appname&quot;, 0) &lt;= 0) {
+         fprintf(stderr, &quot;Error configuring application\n&quot;);
+         ERR_print_errors_fp(stderr);
+         /* Other configuration error behaviour */
+     }
+     fclose(fp);
+     NCONF_free(cnf);
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 for success and a zero or negative value for failure. If module errors are not ignored the return code will reflect the return value of the failing module (this will always be zero or negative).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/OPENSSL_config.html">OPENSSL_config(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CONF_modules_unload.html b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_unload.html
new file mode 100644
index 000000000..e51aadfcb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CONF_modules_unload.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CONF_modules_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CONF_modules_free, CONF_modules_finish, CONF_modules_unload - OpenSSL configuration cleanup functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ void CONF_modules_finish(void);
+ void CONF_modules_unload(int all);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void CONF_modules_free(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CONF_modules_free() closes down and frees up all memory allocated by all configuration modules. Normally, in versions of OpenSSL prior to 1.1.0, applications called CONF_modules_free() at exit to tidy up any configuration performed.</p>
+
+<p>CONF_modules_finish() calls each configuration modules <b>finish</b> handler to free up any configuration that module may have performed.</p>
+
+<p>CONF_modules_unload() finishes and unloads configuration modules. If <b>all</b> is set to <b>0</b> only modules loaded from DSOs will be unloads. If <b>all</b> is <b>1</b> all modules, including builtin modules will be unloaded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/OPENSSL_config.html">OPENSSL_config(3)</a>, <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>CONF_modules_free() was deprecated in OpenSSL 1.1.0; do not use it. For more information see <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRL_DIST_POINTS_free.html b/msys2/usr/share/doc/openssl/html/man3/CRL_DIST_POINTS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRL_DIST_POINTS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRL_DIST_POINTS_new.html b/msys2/usr/share/doc/openssl/html/man3/CRL_DIST_POINTS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRL_DIST_POINTS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_dup.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_dup.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_dup.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_free.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_free.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_free.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_new.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_new.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_EX_new.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_lock_free.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_lock_free.html
new file mode 100644
index 000000000..88978ecee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_lock_free.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_THREAD_run_once</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_THREAD_run_once, CRYPTO_THREAD_lock_new, CRYPTO_THREAD_read_lock, CRYPTO_THREAD_write_lock, CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL thread support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ CRYPTO_ONCE CRYPTO_ONCE_STATIC_INIT;
+ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+
+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
+ void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
+
+ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in. Currently, OpenSSL supports the pthread and Windows APIs. OpenSSL can also be built without any multi-threading support, for example on platforms that don&#39;t provide any threading support or that provide a threading API that is not yet supported by OpenSSL.</p>
+
+<p>The following multi-threading function are provided:</p>
+
+<ul>
+
+<li><p>CRYPTO_THREAD_run_once() can be used to perform one-time initialization. The <b>once</b> argument must be a pointer to a static object of type <b>CRYPTO_ONCE</b> that was statically initialized to the value <b>CRYPTO_ONCE_STATIC_INIT</b>. The <b>init</b> argument is a pointer to a function that performs the desired exactly once initialization. In particular, this can be used to allocate locks in a thread-safe manner, which can then be used with the locking functions below.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_new() allocates, initializes and returns a new read/write lock.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_read_lock() locks the provided <b>lock</b> for reading.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_write_lock() locks the provided <b>lock</b> for writing.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_unlock() unlocks the previously locked <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_free() frees the provided <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_atomic_add() atomically adds <b>amount</b> to <b>val</b> and returns the result of the operation in <b>ret</b>. <b>lock</b> will be locked, unless atomic operations are supported on the specific platform. Because of this, if a variable is modified by CRYPTO_atomic_add() then CRYPTO_atomic_add() must be the only way that the variable is modified.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.</p>
+
+<p>CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.</p>
+
+<p>CRYPTO_THREAD_lock_free() returns no value.</p>
+
+<p>The other functions return 1 on success, or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the CRYPTO_THREAD_* types and functions in the openssl/crypto.h header are dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to crypto.h where use of CRYPTO_THREAD_* types and functions is required.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example safely initializes and uses a lock.</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;openssl/crypto.h&gt;
+
+ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
+ static CRYPTO_RWLOCK *lock;
+
+ static void myinit(void)
+ {
+     lock = CRYPTO_THREAD_lock_new();
+ }
+
+ static int mylock(void)
+ {
+     if (!CRYPTO_THREAD_run_once(&amp;once, void init) || lock == NULL)
+         return 0;
+     return CRYPTO_THREAD_write_lock(lock);
+ }
+
+ static int myunlock(void)
+ {
+     return CRYPTO_THREAD_unlock(lock);
+ }
+
+ int serialized(void)
+ {
+     int ret = 0;
+
+     if (mylock()) {
+         /* Your code here, do not return without releasing the lock! */
+         ret = ... ;
+     }
+     myunlock();
+     return ret;
+ }</code></pre>
+
+<p>Finalization of locks is an advanced topic, not covered in this example. This can only be done at process exit or when a dynamically loaded library is no longer in use and is unloaded. The simplest solution is to just &quot;leak&quot; the lock in applications and not repeatedly load/unload shared libraries that allocate locks.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>You can find out if OpenSSL was configured with thread support:</p>
+
+<pre><code> #include &lt;openssl/opensslconf.h&gt;
+ #if defined(OPENSSL_THREADS)
+     /* thread support enabled */
+ #else
+     /* no thread support */
+ #endif</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_lock_new.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_lock_new.html
new file mode 100644
index 000000000..88978ecee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_lock_new.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_THREAD_run_once</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_THREAD_run_once, CRYPTO_THREAD_lock_new, CRYPTO_THREAD_read_lock, CRYPTO_THREAD_write_lock, CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL thread support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ CRYPTO_ONCE CRYPTO_ONCE_STATIC_INIT;
+ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+
+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
+ void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
+
+ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in. Currently, OpenSSL supports the pthread and Windows APIs. OpenSSL can also be built without any multi-threading support, for example on platforms that don&#39;t provide any threading support or that provide a threading API that is not yet supported by OpenSSL.</p>
+
+<p>The following multi-threading function are provided:</p>
+
+<ul>
+
+<li><p>CRYPTO_THREAD_run_once() can be used to perform one-time initialization. The <b>once</b> argument must be a pointer to a static object of type <b>CRYPTO_ONCE</b> that was statically initialized to the value <b>CRYPTO_ONCE_STATIC_INIT</b>. The <b>init</b> argument is a pointer to a function that performs the desired exactly once initialization. In particular, this can be used to allocate locks in a thread-safe manner, which can then be used with the locking functions below.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_new() allocates, initializes and returns a new read/write lock.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_read_lock() locks the provided <b>lock</b> for reading.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_write_lock() locks the provided <b>lock</b> for writing.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_unlock() unlocks the previously locked <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_free() frees the provided <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_atomic_add() atomically adds <b>amount</b> to <b>val</b> and returns the result of the operation in <b>ret</b>. <b>lock</b> will be locked, unless atomic operations are supported on the specific platform. Because of this, if a variable is modified by CRYPTO_atomic_add() then CRYPTO_atomic_add() must be the only way that the variable is modified.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.</p>
+
+<p>CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.</p>
+
+<p>CRYPTO_THREAD_lock_free() returns no value.</p>
+
+<p>The other functions return 1 on success, or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the CRYPTO_THREAD_* types and functions in the openssl/crypto.h header are dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to crypto.h where use of CRYPTO_THREAD_* types and functions is required.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example safely initializes and uses a lock.</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;openssl/crypto.h&gt;
+
+ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
+ static CRYPTO_RWLOCK *lock;
+
+ static void myinit(void)
+ {
+     lock = CRYPTO_THREAD_lock_new();
+ }
+
+ static int mylock(void)
+ {
+     if (!CRYPTO_THREAD_run_once(&amp;once, void init) || lock == NULL)
+         return 0;
+     return CRYPTO_THREAD_write_lock(lock);
+ }
+
+ static int myunlock(void)
+ {
+     return CRYPTO_THREAD_unlock(lock);
+ }
+
+ int serialized(void)
+ {
+     int ret = 0;
+
+     if (mylock()) {
+         /* Your code here, do not return without releasing the lock! */
+         ret = ... ;
+     }
+     myunlock();
+     return ret;
+ }</code></pre>
+
+<p>Finalization of locks is an advanced topic, not covered in this example. This can only be done at process exit or when a dynamically loaded library is no longer in use and is unloaded. The simplest solution is to just &quot;leak&quot; the lock in applications and not repeatedly load/unload shared libraries that allocate locks.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>You can find out if OpenSSL was configured with thread support:</p>
+
+<pre><code> #include &lt;openssl/opensslconf.h&gt;
+ #if defined(OPENSSL_THREADS)
+     /* thread support enabled */
+ #else
+     /* no thread support */
+ #endif</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_read_lock.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_read_lock.html
new file mode 100644
index 000000000..88978ecee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_read_lock.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_THREAD_run_once</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_THREAD_run_once, CRYPTO_THREAD_lock_new, CRYPTO_THREAD_read_lock, CRYPTO_THREAD_write_lock, CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL thread support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ CRYPTO_ONCE CRYPTO_ONCE_STATIC_INIT;
+ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+
+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
+ void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
+
+ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in. Currently, OpenSSL supports the pthread and Windows APIs. OpenSSL can also be built without any multi-threading support, for example on platforms that don&#39;t provide any threading support or that provide a threading API that is not yet supported by OpenSSL.</p>
+
+<p>The following multi-threading function are provided:</p>
+
+<ul>
+
+<li><p>CRYPTO_THREAD_run_once() can be used to perform one-time initialization. The <b>once</b> argument must be a pointer to a static object of type <b>CRYPTO_ONCE</b> that was statically initialized to the value <b>CRYPTO_ONCE_STATIC_INIT</b>. The <b>init</b> argument is a pointer to a function that performs the desired exactly once initialization. In particular, this can be used to allocate locks in a thread-safe manner, which can then be used with the locking functions below.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_new() allocates, initializes and returns a new read/write lock.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_read_lock() locks the provided <b>lock</b> for reading.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_write_lock() locks the provided <b>lock</b> for writing.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_unlock() unlocks the previously locked <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_free() frees the provided <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_atomic_add() atomically adds <b>amount</b> to <b>val</b> and returns the result of the operation in <b>ret</b>. <b>lock</b> will be locked, unless atomic operations are supported on the specific platform. Because of this, if a variable is modified by CRYPTO_atomic_add() then CRYPTO_atomic_add() must be the only way that the variable is modified.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.</p>
+
+<p>CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.</p>
+
+<p>CRYPTO_THREAD_lock_free() returns no value.</p>
+
+<p>The other functions return 1 on success, or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the CRYPTO_THREAD_* types and functions in the openssl/crypto.h header are dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to crypto.h where use of CRYPTO_THREAD_* types and functions is required.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example safely initializes and uses a lock.</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;openssl/crypto.h&gt;
+
+ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
+ static CRYPTO_RWLOCK *lock;
+
+ static void myinit(void)
+ {
+     lock = CRYPTO_THREAD_lock_new();
+ }
+
+ static int mylock(void)
+ {
+     if (!CRYPTO_THREAD_run_once(&amp;once, void init) || lock == NULL)
+         return 0;
+     return CRYPTO_THREAD_write_lock(lock);
+ }
+
+ static int myunlock(void)
+ {
+     return CRYPTO_THREAD_unlock(lock);
+ }
+
+ int serialized(void)
+ {
+     int ret = 0;
+
+     if (mylock()) {
+         /* Your code here, do not return without releasing the lock! */
+         ret = ... ;
+     }
+     myunlock();
+     return ret;
+ }</code></pre>
+
+<p>Finalization of locks is an advanced topic, not covered in this example. This can only be done at process exit or when a dynamically loaded library is no longer in use and is unloaded. The simplest solution is to just &quot;leak&quot; the lock in applications and not repeatedly load/unload shared libraries that allocate locks.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>You can find out if OpenSSL was configured with thread support:</p>
+
+<pre><code> #include &lt;openssl/opensslconf.h&gt;
+ #if defined(OPENSSL_THREADS)
+     /* thread support enabled */
+ #else
+     /* no thread support */
+ #endif</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_run_once.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_run_once.html
new file mode 100644
index 000000000..88978ecee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_run_once.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_THREAD_run_once</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_THREAD_run_once, CRYPTO_THREAD_lock_new, CRYPTO_THREAD_read_lock, CRYPTO_THREAD_write_lock, CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL thread support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ CRYPTO_ONCE CRYPTO_ONCE_STATIC_INIT;
+ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+
+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
+ void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
+
+ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in. Currently, OpenSSL supports the pthread and Windows APIs. OpenSSL can also be built without any multi-threading support, for example on platforms that don&#39;t provide any threading support or that provide a threading API that is not yet supported by OpenSSL.</p>
+
+<p>The following multi-threading function are provided:</p>
+
+<ul>
+
+<li><p>CRYPTO_THREAD_run_once() can be used to perform one-time initialization. The <b>once</b> argument must be a pointer to a static object of type <b>CRYPTO_ONCE</b> that was statically initialized to the value <b>CRYPTO_ONCE_STATIC_INIT</b>. The <b>init</b> argument is a pointer to a function that performs the desired exactly once initialization. In particular, this can be used to allocate locks in a thread-safe manner, which can then be used with the locking functions below.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_new() allocates, initializes and returns a new read/write lock.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_read_lock() locks the provided <b>lock</b> for reading.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_write_lock() locks the provided <b>lock</b> for writing.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_unlock() unlocks the previously locked <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_free() frees the provided <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_atomic_add() atomically adds <b>amount</b> to <b>val</b> and returns the result of the operation in <b>ret</b>. <b>lock</b> will be locked, unless atomic operations are supported on the specific platform. Because of this, if a variable is modified by CRYPTO_atomic_add() then CRYPTO_atomic_add() must be the only way that the variable is modified.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.</p>
+
+<p>CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.</p>
+
+<p>CRYPTO_THREAD_lock_free() returns no value.</p>
+
+<p>The other functions return 1 on success, or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the CRYPTO_THREAD_* types and functions in the openssl/crypto.h header are dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to crypto.h where use of CRYPTO_THREAD_* types and functions is required.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example safely initializes and uses a lock.</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;openssl/crypto.h&gt;
+
+ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
+ static CRYPTO_RWLOCK *lock;
+
+ static void myinit(void)
+ {
+     lock = CRYPTO_THREAD_lock_new();
+ }
+
+ static int mylock(void)
+ {
+     if (!CRYPTO_THREAD_run_once(&amp;once, void init) || lock == NULL)
+         return 0;
+     return CRYPTO_THREAD_write_lock(lock);
+ }
+
+ static int myunlock(void)
+ {
+     return CRYPTO_THREAD_unlock(lock);
+ }
+
+ int serialized(void)
+ {
+     int ret = 0;
+
+     if (mylock()) {
+         /* Your code here, do not return without releasing the lock! */
+         ret = ... ;
+     }
+     myunlock();
+     return ret;
+ }</code></pre>
+
+<p>Finalization of locks is an advanced topic, not covered in this example. This can only be done at process exit or when a dynamically loaded library is no longer in use and is unloaded. The simplest solution is to just &quot;leak&quot; the lock in applications and not repeatedly load/unload shared libraries that allocate locks.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>You can find out if OpenSSL was configured with thread support:</p>
+
+<pre><code> #include &lt;openssl/opensslconf.h&gt;
+ #if defined(OPENSSL_THREADS)
+     /* thread support enabled */
+ #else
+     /* no thread support */
+ #endif</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_unlock.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_unlock.html
new file mode 100644
index 000000000..88978ecee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_unlock.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_THREAD_run_once</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_THREAD_run_once, CRYPTO_THREAD_lock_new, CRYPTO_THREAD_read_lock, CRYPTO_THREAD_write_lock, CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL thread support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ CRYPTO_ONCE CRYPTO_ONCE_STATIC_INIT;
+ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+
+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
+ void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
+
+ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in. Currently, OpenSSL supports the pthread and Windows APIs. OpenSSL can also be built without any multi-threading support, for example on platforms that don&#39;t provide any threading support or that provide a threading API that is not yet supported by OpenSSL.</p>
+
+<p>The following multi-threading function are provided:</p>
+
+<ul>
+
+<li><p>CRYPTO_THREAD_run_once() can be used to perform one-time initialization. The <b>once</b> argument must be a pointer to a static object of type <b>CRYPTO_ONCE</b> that was statically initialized to the value <b>CRYPTO_ONCE_STATIC_INIT</b>. The <b>init</b> argument is a pointer to a function that performs the desired exactly once initialization. In particular, this can be used to allocate locks in a thread-safe manner, which can then be used with the locking functions below.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_new() allocates, initializes and returns a new read/write lock.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_read_lock() locks the provided <b>lock</b> for reading.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_write_lock() locks the provided <b>lock</b> for writing.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_unlock() unlocks the previously locked <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_free() frees the provided <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_atomic_add() atomically adds <b>amount</b> to <b>val</b> and returns the result of the operation in <b>ret</b>. <b>lock</b> will be locked, unless atomic operations are supported on the specific platform. Because of this, if a variable is modified by CRYPTO_atomic_add() then CRYPTO_atomic_add() must be the only way that the variable is modified.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.</p>
+
+<p>CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.</p>
+
+<p>CRYPTO_THREAD_lock_free() returns no value.</p>
+
+<p>The other functions return 1 on success, or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the CRYPTO_THREAD_* types and functions in the openssl/crypto.h header are dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to crypto.h where use of CRYPTO_THREAD_* types and functions is required.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example safely initializes and uses a lock.</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;openssl/crypto.h&gt;
+
+ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
+ static CRYPTO_RWLOCK *lock;
+
+ static void myinit(void)
+ {
+     lock = CRYPTO_THREAD_lock_new();
+ }
+
+ static int mylock(void)
+ {
+     if (!CRYPTO_THREAD_run_once(&amp;once, void init) || lock == NULL)
+         return 0;
+     return CRYPTO_THREAD_write_lock(lock);
+ }
+
+ static int myunlock(void)
+ {
+     return CRYPTO_THREAD_unlock(lock);
+ }
+
+ int serialized(void)
+ {
+     int ret = 0;
+
+     if (mylock()) {
+         /* Your code here, do not return without releasing the lock! */
+         ret = ... ;
+     }
+     myunlock();
+     return ret;
+ }</code></pre>
+
+<p>Finalization of locks is an advanced topic, not covered in this example. This can only be done at process exit or when a dynamically loaded library is no longer in use and is unloaded. The simplest solution is to just &quot;leak&quot; the lock in applications and not repeatedly load/unload shared libraries that allocate locks.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>You can find out if OpenSSL was configured with thread support:</p>
+
+<pre><code> #include &lt;openssl/opensslconf.h&gt;
+ #if defined(OPENSSL_THREADS)
+     /* thread support enabled */
+ #else
+     /* no thread support */
+ #endif</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_write_lock.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_write_lock.html
new file mode 100644
index 000000000..88978ecee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_THREAD_write_lock.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_THREAD_run_once</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_THREAD_run_once, CRYPTO_THREAD_lock_new, CRYPTO_THREAD_read_lock, CRYPTO_THREAD_write_lock, CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL thread support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ CRYPTO_ONCE CRYPTO_ONCE_STATIC_INIT;
+ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+
+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
+ void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
+
+ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in. Currently, OpenSSL supports the pthread and Windows APIs. OpenSSL can also be built without any multi-threading support, for example on platforms that don&#39;t provide any threading support or that provide a threading API that is not yet supported by OpenSSL.</p>
+
+<p>The following multi-threading function are provided:</p>
+
+<ul>
+
+<li><p>CRYPTO_THREAD_run_once() can be used to perform one-time initialization. The <b>once</b> argument must be a pointer to a static object of type <b>CRYPTO_ONCE</b> that was statically initialized to the value <b>CRYPTO_ONCE_STATIC_INIT</b>. The <b>init</b> argument is a pointer to a function that performs the desired exactly once initialization. In particular, this can be used to allocate locks in a thread-safe manner, which can then be used with the locking functions below.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_new() allocates, initializes and returns a new read/write lock.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_read_lock() locks the provided <b>lock</b> for reading.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_write_lock() locks the provided <b>lock</b> for writing.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_unlock() unlocks the previously locked <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_free() frees the provided <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_atomic_add() atomically adds <b>amount</b> to <b>val</b> and returns the result of the operation in <b>ret</b>. <b>lock</b> will be locked, unless atomic operations are supported on the specific platform. Because of this, if a variable is modified by CRYPTO_atomic_add() then CRYPTO_atomic_add() must be the only way that the variable is modified.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.</p>
+
+<p>CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.</p>
+
+<p>CRYPTO_THREAD_lock_free() returns no value.</p>
+
+<p>The other functions return 1 on success, or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the CRYPTO_THREAD_* types and functions in the openssl/crypto.h header are dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to crypto.h where use of CRYPTO_THREAD_* types and functions is required.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example safely initializes and uses a lock.</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;openssl/crypto.h&gt;
+
+ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
+ static CRYPTO_RWLOCK *lock;
+
+ static void myinit(void)
+ {
+     lock = CRYPTO_THREAD_lock_new();
+ }
+
+ static int mylock(void)
+ {
+     if (!CRYPTO_THREAD_run_once(&amp;once, void init) || lock == NULL)
+         return 0;
+     return CRYPTO_THREAD_write_lock(lock);
+ }
+
+ static int myunlock(void)
+ {
+     return CRYPTO_THREAD_unlock(lock);
+ }
+
+ int serialized(void)
+ {
+     int ret = 0;
+
+     if (mylock()) {
+         /* Your code here, do not return without releasing the lock! */
+         ret = ... ;
+     }
+     myunlock();
+     return ret;
+ }</code></pre>
+
+<p>Finalization of locks is an advanced topic, not covered in this example. This can only be done at process exit or when a dynamically loaded library is no longer in use and is unloaded. The simplest solution is to just &quot;leak&quot; the lock in applications and not repeatedly load/unload shared libraries that allocate locks.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>You can find out if OpenSSL was configured with thread support:</p>
+
+<pre><code> #include &lt;openssl/opensslconf.h&gt;
+ #if defined(OPENSSL_THREADS)
+     /* thread support enabled */
+ #else
+     /* no thread support */
+ #endif</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_atomic_add.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_atomic_add.html
new file mode 100644
index 000000000..88978ecee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_atomic_add.html
@@ -0,0 +1,159 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_THREAD_run_once</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_THREAD_run_once, CRYPTO_THREAD_lock_new, CRYPTO_THREAD_read_lock, CRYPTO_THREAD_write_lock, CRYPTO_THREAD_unlock, CRYPTO_THREAD_lock_free, CRYPTO_atomic_add - OpenSSL thread support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ CRYPTO_ONCE CRYPTO_ONCE_STATIC_INIT;
+ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+
+ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+ int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+ int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
+ void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
+
+ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in. Currently, OpenSSL supports the pthread and Windows APIs. OpenSSL can also be built without any multi-threading support, for example on platforms that don&#39;t provide any threading support or that provide a threading API that is not yet supported by OpenSSL.</p>
+
+<p>The following multi-threading function are provided:</p>
+
+<ul>
+
+<li><p>CRYPTO_THREAD_run_once() can be used to perform one-time initialization. The <b>once</b> argument must be a pointer to a static object of type <b>CRYPTO_ONCE</b> that was statically initialized to the value <b>CRYPTO_ONCE_STATIC_INIT</b>. The <b>init</b> argument is a pointer to a function that performs the desired exactly once initialization. In particular, this can be used to allocate locks in a thread-safe manner, which can then be used with the locking functions below.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_new() allocates, initializes and returns a new read/write lock.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_read_lock() locks the provided <b>lock</b> for reading.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_write_lock() locks the provided <b>lock</b> for writing.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_unlock() unlocks the previously locked <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_THREAD_lock_free() frees the provided <b>lock</b>.</p>
+
+</li>
+<li><p>CRYPTO_atomic_add() atomically adds <b>amount</b> to <b>val</b> and returns the result of the operation in <b>ret</b>. <b>lock</b> will be locked, unless atomic operations are supported on the specific platform. Because of this, if a variable is modified by CRYPTO_atomic_add() then CRYPTO_atomic_add() must be the only way that the variable is modified.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.</p>
+
+<p>CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.</p>
+
+<p>CRYPTO_THREAD_lock_free() returns no value.</p>
+
+<p>The other functions return 1 on success, or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the CRYPTO_THREAD_* types and functions in the openssl/crypto.h header are dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to crypto.h where use of CRYPTO_THREAD_* types and functions is required.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example safely initializes and uses a lock.</p>
+
+<pre><code> #ifdef _WIN32
+ # include &lt;windows.h&gt;
+ #endif
+ #include &lt;openssl/crypto.h&gt;
+
+ static CRYPTO_ONCE once = CRYPTO_ONCE_STATIC_INIT;
+ static CRYPTO_RWLOCK *lock;
+
+ static void myinit(void)
+ {
+     lock = CRYPTO_THREAD_lock_new();
+ }
+
+ static int mylock(void)
+ {
+     if (!CRYPTO_THREAD_run_once(&amp;once, void init) || lock == NULL)
+         return 0;
+     return CRYPTO_THREAD_write_lock(lock);
+ }
+
+ static int myunlock(void)
+ {
+     return CRYPTO_THREAD_unlock(lock);
+ }
+
+ int serialized(void)
+ {
+     int ret = 0;
+
+     if (mylock()) {
+         /* Your code here, do not return without releasing the lock! */
+         ret = ... ;
+     }
+     myunlock();
+     return ret;
+ }</code></pre>
+
+<p>Finalization of locks is an advanced topic, not covered in this example. This can only be done at process exit or when a dynamically loaded library is no longer in use and is unloaded. The simplest solution is to just &quot;leak&quot; the lock in applications and not repeatedly load/unload shared libraries that allocate locks.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>You can find out if OpenSSL was configured with thread support:</p>
+
+<pre><code> #include &lt;openssl/opensslconf.h&gt;
+ #if defined(OPENSSL_THREADS)
+     /* thread support enabled */
+ #else
+     /* no thread support */
+ #endif</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_clear_free.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_clear_free.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_clear_free.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_clear_realloc.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_clear_realloc.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_clear_realloc.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free_ex_data.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free_ex_data.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free_ex_index.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free_ex_index.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_free_ex_index.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_alloc_counts.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_alloc_counts.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_alloc_counts.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_ex_data.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_ex_data.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_ex_new_index.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_ex_new_index.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_mem_functions.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_mem_functions.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_get_mem_functions.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_malloc.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_malloc.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_malloc.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_ctrl.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_ctrl.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_debug_pop.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_debug_pop.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_debug_pop.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_debug_push.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_debug_push.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_debug_push.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks_cb.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks_cb.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks_cb.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks_fp.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks_fp.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks_fp.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_new_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_new_ex_data.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_new_ex_data.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_realloc.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_realloc.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_realloc.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_clear_free.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_clear_free.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_clear_free.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_free.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_free.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_free.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_done.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_done.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_done.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_init.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_init.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_init.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_initialized.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_initialized.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_initialized.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_used.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_used.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_used.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_zalloc.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_zalloc.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_secure_zalloc.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_ex_data.html
new file mode 100644
index 000000000..bcb1290e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_ex_data.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CRYPTO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_EX_new, CRYPTO_EX_free, CRYPTO_EX_dup, CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data - functions supporting application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_get_ex_new_index(int class_index,
+                             long argl, void *argp,
+                             CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+ typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                            int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
+
+ int CRYPTO_free_ex_index(int class_index, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several OpenSSL structures can have application-specific data attached to them, known as &quot;exdata.&quot; The specific structures are:</p>
+
+<pre><code>    APP
+    BIO
+    DH
+    DRBG
+    DSA
+    EC_KEY
+    ENGINE
+    RSA
+    SSL
+    SSL_CTX
+    SSL_SESSION
+    UI
+    UI_METHOD
+    X509
+    X509_STORE
+    X509_STORE_CTX</code></pre>
+
+<p>Each is identified by an <b>CRYPTO_EX_INDEX_xxx</b> define in the <b>crypto.h</b> header file. In addition, <b>CRYPTO_EX_INDEX_APP</b> is reserved for applications to use this facility for their own structures.</p>
+
+<p>The API described here is used by OpenSSL to manipulate exdata for specific structures. Since the application data can be anything at all it is passed and retrieved as a <b>void *</b> type.</p>
+
+<p>The <b>CRYPTO_EX_DATA</b> type is opaque. To initialize the exdata part of a structure, call CRYPTO_new_ex_data(). This is only necessary for <b>CRYPTO_EX_INDEX_APP</b> objects.</p>
+
+<p>Exdata types are identified by an <b>index</b>, an integer guaranteed to be unique within structures for the lifetime of the program. Applications using exdata typically call <b>CRYPTO_get_ex_new_index</b> at startup, and store the result in a global variable, or write a wrapper function to provide lazy evaluation. The <b>class_index</b> should be one of the <b>CRYPTO_EX_INDEX_xxx</b> values. The <b>argl</b> and <b>argp</b> parameters are saved to be passed to the callbacks but are otherwise not used. In order to transparently manipulate exdata, three callbacks must be provided. The semantics of those callbacks are described below.</p>
+
+<p>When copying or releasing objects with exdata, the callback functions are called in increasing order of their <b>index</b> value.</p>
+
+<p>If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() when this is done. This will replace the callbacks with no-ops so that applications don&#39;t crash. Any existing exdata will be leaked.</p>
+
+<p>To set or get the exdata on an object, the appropriate type-specific routine must be used. This is because the containing structure is opaque and the <b>CRYPTO_EX_DATA</b> field is not accessible. In both API&#39;s, the <b>idx</b> parameter should be an already-created index value.</p>
+
+<p>When setting exdata, the pointer specified with a particular index is saved, and returned on a subsequent &quot;get&quot; call. If the application is going to release the data, it must make sure to set a <b>NULL</b> value at the index, to avoid likely double-free crashes.</p>
+
+<p>The function <b>CRYPTO_free_ex_data</b> is used to free all exdata attached to a structure. The appropriate type-specific routine must be used. The <b>class_index</b> identifies the structure type, the <b>obj</b> is a pointer to the actual structure, and <b>r</b> is a pointer to the structure&#39;s exdata field.</p>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<p>This section describes how the callback functions are used. Applications that are defining their own exdata using <b>CYPRTO_EX_INDEX_APP</b> must call them as described here.</p>
+
+<p>When a structure is initially allocated (such as RSA_new()) then the new_func() is called for every defined index. There is no requirement that the entire parent, or containing, structure has been set up. The new_func() is typically used only to allocate memory to store the exdata, and perhaps an &quot;initialized&quot; flag within that memory. The exdata value should be set by calling CRYPTO_set_ex_data().</p>
+
+<p>When a structure is free&#39;d (such as SSL_CTX_free()) then the free_func() is called for every defined index. Again, the state of the parent structure is not guaranteed. The free_func() may be called with a NULL pointer.</p>
+
+<p>Both new_func() and free_func() take the same parameters. The <b>parent</b> is the pointer to the structure that contains the exdata. The <b>ptr</b> is the current exdata item; for new_func() this will typically be NULL. The <b>r</b> parameter is a pointer to the exdata field of the object. The <b>idx</b> is the index and is the value returned when the callbacks were initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata.</p>
+
+<p>dup_func() is called when a structure is being copied. This is only done for <b>SSL</b>, <b>SSL_SESSION</b>, <b>EC_KEY</b> objects and <b>BIO</b> chains via BIO_dup_chain(). The <b>to</b> and <b>from</b> parameters are pointers to the destination and source <b>CRYPTO_EX_DATA</b> structures, respectively. The <b>from_d</b> parameter needs to be cast to a <b>void **pptr</b> as the API has currently the wrong signature; that will be changed in a future version. The <b>*pptr</b> is a pointer to the source exdata. When the dup_func() returns, the value in <b>*pptr</b> is copied to the destination ex_data. If the pointer contained in <b>*pptr</b> is not modified by the dup_func(), then both <b>to</b> and <b>from</b> will point to the same data. The <b>idx</b>, <b>argl</b> and <b>argp</b> parameters are as described for the other two callbacks. If the dup_func() returns <b>0</b> the whole CRYPTO_dup_ex_data() will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_get_ex_new_index() returns a new index or -1 on failure.</p>
+
+<p>CRYPTO_free_ex_index() and CRYPTO_set_ex_data() return 1 on success or 0 on failure.</p>
+
+<p>CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value.</p>
+
+<p>dup_func() should return 0 for failure and 1 for success.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_mem_debug.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_mem_debug.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_mem_debug.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_mem_functions.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_mem_functions.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_set_mem_functions.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_strdup.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_strdup.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_strdup.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_strndup.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_strndup.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_strndup.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CRYPTO_zalloc.html b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_zalloc.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CRYPTO_zalloc.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_free.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_free.html
new file mode 100644
index 000000000..721075e32
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_free.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_STORE_new, CTLOG_STORE_free, CTLOG_STORE_load_default_file, CTLOG_STORE_load_file - Create and populate a Certificate Transparency log list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG_STORE *CTLOG_STORE_new(void);
+ void CTLOG_STORE_free(CTLOG_STORE *store);
+
+ int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
+ int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A CTLOG_STORE is a container for a list of CTLOGs (Certificate Transparency logs). The list can be loaded from one or more files and then searched by LogID (see RFC 6962, Section 3.2, for the definition of a LogID).</p>
+
+<p>CTLOG_STORE_new() creates an empty list of CT logs. This is then populated by CTLOG_STORE_load_default_file() or CTLOG_STORE_load_file(). CTLOG_STORE_load_default_file() loads from the default file, which is named &quot;ct_log_list.cnf&quot; in OPENSSLDIR (see the output of <a href="/../man1/version.html">version</a>). This can be overridden using an environment variable named &quot;CTLOG_FILE&quot;. CTLOG_STORE_load_file() loads from a caller-specified file path instead. Both of these functions append any loaded CT logs to the CTLOG_STORE.</p>
+
+<p>The expected format of the file is:</p>
+
+<pre><code> enabled_logs=foo,bar
+
+ [foo]
+ description = Log 1
+ key = &lt;base64-encoded DER SubjectPublicKeyInfo here&gt;
+
+ [bar]
+ description = Log 2
+ key = &lt;base64-encoded DER SubjectPublicKeyInfo here&gt;</code></pre>
+
+<p>Once a CTLOG_STORE is no longer required, it should be passed to CTLOG_STORE_free(). This will delete all of the CTLOGs stored within, along with the CTLOG_STORE itself.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If there are any invalid CT logs in a file, they are skipped and the remaining valid logs will still be added to the CTLOG_STORE. A CT log will be considered invalid if it is missing a &quot;key&quot; or &quot;description&quot; field.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Both <b>CTLOG_STORE_load_default_file</b> and <b>CTLOG_STORE_load_file</b> return 1 if all CT logs in the file are successfully parsed and loaded, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/CTLOG_STORE_get0_log_by_id.html">CTLOG_STORE_get0_log_by_id(3)</a>, <a href="../man3/SSL_CTX_set_ctlog_list_file.html">SSL_CTX_set_ctlog_list_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_get0_log_by_id.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_get0_log_by_id.html
new file mode 100644
index 000000000..4fe47326c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_get0_log_by_id.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_STORE_get0_log_by_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_STORE_get0_log_by_id - Get a Certificate Transparency log from a CTLOG_STORE</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ const CTLOG *CTLOG_STORE_get0_log_by_id(const CTLOG_STORE *store,
+                                         const uint8_t *log_id,
+                                         size_t log_id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A Signed Certificate Timestamp (SCT) identifies the Certificate Transparency (CT) log that issued it using the log&#39;s LogID (see RFC 6962, Section 3.2). Therefore, it is useful to be able to look up more information about a log (e.g. its public key) using this LogID.</p>
+
+<p>CTLOG_STORE_get0_log_by_id() provides a way to do this. It will find a CTLOG in a CTLOG_STORE that has a given LogID.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>CTLOG_STORE_get0_log_by_id</b> returns a CTLOG with the given LogID, if it exists in the given CTLOG_STORE, otherwise it returns NULL.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The CTLOG_STORE_get0_log_by_id() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_load_default_file.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_load_default_file.html
new file mode 100644
index 000000000..721075e32
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_load_default_file.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_STORE_new, CTLOG_STORE_free, CTLOG_STORE_load_default_file, CTLOG_STORE_load_file - Create and populate a Certificate Transparency log list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG_STORE *CTLOG_STORE_new(void);
+ void CTLOG_STORE_free(CTLOG_STORE *store);
+
+ int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
+ int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A CTLOG_STORE is a container for a list of CTLOGs (Certificate Transparency logs). The list can be loaded from one or more files and then searched by LogID (see RFC 6962, Section 3.2, for the definition of a LogID).</p>
+
+<p>CTLOG_STORE_new() creates an empty list of CT logs. This is then populated by CTLOG_STORE_load_default_file() or CTLOG_STORE_load_file(). CTLOG_STORE_load_default_file() loads from the default file, which is named &quot;ct_log_list.cnf&quot; in OPENSSLDIR (see the output of <a href="/../man1/version.html">version</a>). This can be overridden using an environment variable named &quot;CTLOG_FILE&quot;. CTLOG_STORE_load_file() loads from a caller-specified file path instead. Both of these functions append any loaded CT logs to the CTLOG_STORE.</p>
+
+<p>The expected format of the file is:</p>
+
+<pre><code> enabled_logs=foo,bar
+
+ [foo]
+ description = Log 1
+ key = &lt;base64-encoded DER SubjectPublicKeyInfo here&gt;
+
+ [bar]
+ description = Log 2
+ key = &lt;base64-encoded DER SubjectPublicKeyInfo here&gt;</code></pre>
+
+<p>Once a CTLOG_STORE is no longer required, it should be passed to CTLOG_STORE_free(). This will delete all of the CTLOGs stored within, along with the CTLOG_STORE itself.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If there are any invalid CT logs in a file, they are skipped and the remaining valid logs will still be added to the CTLOG_STORE. A CT log will be considered invalid if it is missing a &quot;key&quot; or &quot;description&quot; field.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Both <b>CTLOG_STORE_load_default_file</b> and <b>CTLOG_STORE_load_file</b> return 1 if all CT logs in the file are successfully parsed and loaded, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/CTLOG_STORE_get0_log_by_id.html">CTLOG_STORE_get0_log_by_id(3)</a>, <a href="../man3/SSL_CTX_set_ctlog_list_file.html">SSL_CTX_set_ctlog_list_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_load_file.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_load_file.html
new file mode 100644
index 000000000..721075e32
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_load_file.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_STORE_new, CTLOG_STORE_free, CTLOG_STORE_load_default_file, CTLOG_STORE_load_file - Create and populate a Certificate Transparency log list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG_STORE *CTLOG_STORE_new(void);
+ void CTLOG_STORE_free(CTLOG_STORE *store);
+
+ int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
+ int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A CTLOG_STORE is a container for a list of CTLOGs (Certificate Transparency logs). The list can be loaded from one or more files and then searched by LogID (see RFC 6962, Section 3.2, for the definition of a LogID).</p>
+
+<p>CTLOG_STORE_new() creates an empty list of CT logs. This is then populated by CTLOG_STORE_load_default_file() or CTLOG_STORE_load_file(). CTLOG_STORE_load_default_file() loads from the default file, which is named &quot;ct_log_list.cnf&quot; in OPENSSLDIR (see the output of <a href="/../man1/version.html">version</a>). This can be overridden using an environment variable named &quot;CTLOG_FILE&quot;. CTLOG_STORE_load_file() loads from a caller-specified file path instead. Both of these functions append any loaded CT logs to the CTLOG_STORE.</p>
+
+<p>The expected format of the file is:</p>
+
+<pre><code> enabled_logs=foo,bar
+
+ [foo]
+ description = Log 1
+ key = &lt;base64-encoded DER SubjectPublicKeyInfo here&gt;
+
+ [bar]
+ description = Log 2
+ key = &lt;base64-encoded DER SubjectPublicKeyInfo here&gt;</code></pre>
+
+<p>Once a CTLOG_STORE is no longer required, it should be passed to CTLOG_STORE_free(). This will delete all of the CTLOGs stored within, along with the CTLOG_STORE itself.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If there are any invalid CT logs in a file, they are skipped and the remaining valid logs will still be added to the CTLOG_STORE. A CT log will be considered invalid if it is missing a &quot;key&quot; or &quot;description&quot; field.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Both <b>CTLOG_STORE_load_default_file</b> and <b>CTLOG_STORE_load_file</b> return 1 if all CT logs in the file are successfully parsed and loaded, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/CTLOG_STORE_get0_log_by_id.html">CTLOG_STORE_get0_log_by_id(3)</a>, <a href="../man3/SSL_CTX_set_ctlog_list_file.html">SSL_CTX_set_ctlog_list_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_new.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_new.html
new file mode 100644
index 000000000..721075e32
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_STORE_new.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_STORE_new, CTLOG_STORE_free, CTLOG_STORE_load_default_file, CTLOG_STORE_load_file - Create and populate a Certificate Transparency log list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG_STORE *CTLOG_STORE_new(void);
+ void CTLOG_STORE_free(CTLOG_STORE *store);
+
+ int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
+ int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A CTLOG_STORE is a container for a list of CTLOGs (Certificate Transparency logs). The list can be loaded from one or more files and then searched by LogID (see RFC 6962, Section 3.2, for the definition of a LogID).</p>
+
+<p>CTLOG_STORE_new() creates an empty list of CT logs. This is then populated by CTLOG_STORE_load_default_file() or CTLOG_STORE_load_file(). CTLOG_STORE_load_default_file() loads from the default file, which is named &quot;ct_log_list.cnf&quot; in OPENSSLDIR (see the output of <a href="/../man1/version.html">version</a>). This can be overridden using an environment variable named &quot;CTLOG_FILE&quot;. CTLOG_STORE_load_file() loads from a caller-specified file path instead. Both of these functions append any loaded CT logs to the CTLOG_STORE.</p>
+
+<p>The expected format of the file is:</p>
+
+<pre><code> enabled_logs=foo,bar
+
+ [foo]
+ description = Log 1
+ key = &lt;base64-encoded DER SubjectPublicKeyInfo here&gt;
+
+ [bar]
+ description = Log 2
+ key = &lt;base64-encoded DER SubjectPublicKeyInfo here&gt;</code></pre>
+
+<p>Once a CTLOG_STORE is no longer required, it should be passed to CTLOG_STORE_free(). This will delete all of the CTLOGs stored within, along with the CTLOG_STORE itself.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If there are any invalid CT logs in a file, they are skipped and the remaining valid logs will still be added to the CTLOG_STORE. A CT log will be considered invalid if it is missing a &quot;key&quot; or &quot;description&quot; field.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Both <b>CTLOG_STORE_load_default_file</b> and <b>CTLOG_STORE_load_file</b> return 1 if all CT logs in the file are successfully parsed and loaded, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/CTLOG_STORE_get0_log_by_id.html">CTLOG_STORE_get0_log_by_id(3)</a>, <a href="../man3/SSL_CTX_set_ctlog_list_file.html">SSL_CTX_set_ctlog_list_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_free.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_free.html
new file mode 100644
index 000000000..d1a125878
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_free.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_new, CTLOG_new_from_base64, CTLOG_free, CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key - encapsulates information about a Certificate Transparency log</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
+ int CTLOG_new_from_base64(CTLOG ** ct_log,
+                           const char *pkey_base64, const char *name);
+ void CTLOG_free(CTLOG *log);
+ const char *CTLOG_get0_name(const CTLOG *log);
+ void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+                        size_t *log_id_len);
+ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CTLOG_new() returns a new CTLOG that represents the Certificate Transparency (CT) log with the given public key. A name must also be provided that can be used to help users identify this log. Ownership of the public key is transferred.</p>
+
+<p>CTLOG_new_from_base64() also creates a new CTLOG, but takes the public key in base64-encoded DER form and sets the ct_log pointer to point to the new CTLOG. The base64 will be decoded and the public key parsed.</p>
+
+<p>Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the caller&#39;s responsibility to pass the CTLOG to CTLOG_free() once it is no longer needed. This will delete it and, if created by CTLOG_new(), the EVP_PKEY that was passed to it.</p>
+
+<p>CTLOG_get0_name() returns the name of the log, as provided when the CTLOG was created. Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_log_id() sets *log_id to point to a string containing that log&#39;s LogID (see RFC 6962). It sets *log_id_len to the length of that LogID. For a v1 CT log, the LogID will be a SHA-256 hash (i.e. 32 bytes long). Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_public_key() returns the public key of the CT log. Ownership of the EVP_PKEY remains with the CTLOG.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CTLOG_new() will return NULL if an error occurs.</p>
+
+<p>CTLOG_new_from_base64() will return 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_log_id.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_log_id.html
new file mode 100644
index 000000000..d1a125878
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_log_id.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_new, CTLOG_new_from_base64, CTLOG_free, CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key - encapsulates information about a Certificate Transparency log</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
+ int CTLOG_new_from_base64(CTLOG ** ct_log,
+                           const char *pkey_base64, const char *name);
+ void CTLOG_free(CTLOG *log);
+ const char *CTLOG_get0_name(const CTLOG *log);
+ void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+                        size_t *log_id_len);
+ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CTLOG_new() returns a new CTLOG that represents the Certificate Transparency (CT) log with the given public key. A name must also be provided that can be used to help users identify this log. Ownership of the public key is transferred.</p>
+
+<p>CTLOG_new_from_base64() also creates a new CTLOG, but takes the public key in base64-encoded DER form and sets the ct_log pointer to point to the new CTLOG. The base64 will be decoded and the public key parsed.</p>
+
+<p>Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the caller&#39;s responsibility to pass the CTLOG to CTLOG_free() once it is no longer needed. This will delete it and, if created by CTLOG_new(), the EVP_PKEY that was passed to it.</p>
+
+<p>CTLOG_get0_name() returns the name of the log, as provided when the CTLOG was created. Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_log_id() sets *log_id to point to a string containing that log&#39;s LogID (see RFC 6962). It sets *log_id_len to the length of that LogID. For a v1 CT log, the LogID will be a SHA-256 hash (i.e. 32 bytes long). Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_public_key() returns the public key of the CT log. Ownership of the EVP_PKEY remains with the CTLOG.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CTLOG_new() will return NULL if an error occurs.</p>
+
+<p>CTLOG_new_from_base64() will return 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_name.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_name.html
new file mode 100644
index 000000000..d1a125878
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_name.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_new, CTLOG_new_from_base64, CTLOG_free, CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key - encapsulates information about a Certificate Transparency log</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
+ int CTLOG_new_from_base64(CTLOG ** ct_log,
+                           const char *pkey_base64, const char *name);
+ void CTLOG_free(CTLOG *log);
+ const char *CTLOG_get0_name(const CTLOG *log);
+ void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+                        size_t *log_id_len);
+ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CTLOG_new() returns a new CTLOG that represents the Certificate Transparency (CT) log with the given public key. A name must also be provided that can be used to help users identify this log. Ownership of the public key is transferred.</p>
+
+<p>CTLOG_new_from_base64() also creates a new CTLOG, but takes the public key in base64-encoded DER form and sets the ct_log pointer to point to the new CTLOG. The base64 will be decoded and the public key parsed.</p>
+
+<p>Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the caller&#39;s responsibility to pass the CTLOG to CTLOG_free() once it is no longer needed. This will delete it and, if created by CTLOG_new(), the EVP_PKEY that was passed to it.</p>
+
+<p>CTLOG_get0_name() returns the name of the log, as provided when the CTLOG was created. Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_log_id() sets *log_id to point to a string containing that log&#39;s LogID (see RFC 6962). It sets *log_id_len to the length of that LogID. For a v1 CT log, the LogID will be a SHA-256 hash (i.e. 32 bytes long). Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_public_key() returns the public key of the CT log. Ownership of the EVP_PKEY remains with the CTLOG.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CTLOG_new() will return NULL if an error occurs.</p>
+
+<p>CTLOG_new_from_base64() will return 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_public_key.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_public_key.html
new file mode 100644
index 000000000..d1a125878
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_get0_public_key.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_new, CTLOG_new_from_base64, CTLOG_free, CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key - encapsulates information about a Certificate Transparency log</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
+ int CTLOG_new_from_base64(CTLOG ** ct_log,
+                           const char *pkey_base64, const char *name);
+ void CTLOG_free(CTLOG *log);
+ const char *CTLOG_get0_name(const CTLOG *log);
+ void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+                        size_t *log_id_len);
+ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CTLOG_new() returns a new CTLOG that represents the Certificate Transparency (CT) log with the given public key. A name must also be provided that can be used to help users identify this log. Ownership of the public key is transferred.</p>
+
+<p>CTLOG_new_from_base64() also creates a new CTLOG, but takes the public key in base64-encoded DER form and sets the ct_log pointer to point to the new CTLOG. The base64 will be decoded and the public key parsed.</p>
+
+<p>Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the caller&#39;s responsibility to pass the CTLOG to CTLOG_free() once it is no longer needed. This will delete it and, if created by CTLOG_new(), the EVP_PKEY that was passed to it.</p>
+
+<p>CTLOG_get0_name() returns the name of the log, as provided when the CTLOG was created. Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_log_id() sets *log_id to point to a string containing that log&#39;s LogID (see RFC 6962). It sets *log_id_len to the length of that LogID. For a v1 CT log, the LogID will be a SHA-256 hash (i.e. 32 bytes long). Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_public_key() returns the public key of the CT log. Ownership of the EVP_PKEY remains with the CTLOG.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CTLOG_new() will return NULL if an error occurs.</p>
+
+<p>CTLOG_new_from_base64() will return 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_new.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_new.html
new file mode 100644
index 000000000..d1a125878
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_new.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_new, CTLOG_new_from_base64, CTLOG_free, CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key - encapsulates information about a Certificate Transparency log</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
+ int CTLOG_new_from_base64(CTLOG ** ct_log,
+                           const char *pkey_base64, const char *name);
+ void CTLOG_free(CTLOG *log);
+ const char *CTLOG_get0_name(const CTLOG *log);
+ void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+                        size_t *log_id_len);
+ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CTLOG_new() returns a new CTLOG that represents the Certificate Transparency (CT) log with the given public key. A name must also be provided that can be used to help users identify this log. Ownership of the public key is transferred.</p>
+
+<p>CTLOG_new_from_base64() also creates a new CTLOG, but takes the public key in base64-encoded DER form and sets the ct_log pointer to point to the new CTLOG. The base64 will be decoded and the public key parsed.</p>
+
+<p>Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the caller&#39;s responsibility to pass the CTLOG to CTLOG_free() once it is no longer needed. This will delete it and, if created by CTLOG_new(), the EVP_PKEY that was passed to it.</p>
+
+<p>CTLOG_get0_name() returns the name of the log, as provided when the CTLOG was created. Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_log_id() sets *log_id to point to a string containing that log&#39;s LogID (see RFC 6962). It sets *log_id_len to the length of that LogID. For a v1 CT log, the LogID will be a SHA-256 hash (i.e. 32 bytes long). Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_public_key() returns the public key of the CT log. Ownership of the EVP_PKEY remains with the CTLOG.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CTLOG_new() will return NULL if an error occurs.</p>
+
+<p>CTLOG_new_from_base64() will return 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CTLOG_new_from_base64.html b/msys2/usr/share/doc/openssl/html/man3/CTLOG_new_from_base64.html
new file mode 100644
index 000000000..d1a125878
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CTLOG_new_from_base64.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CTLOG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CTLOG_new, CTLOG_new_from_base64, CTLOG_free, CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key - encapsulates information about a Certificate Transparency log</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
+ int CTLOG_new_from_base64(CTLOG ** ct_log,
+                           const char *pkey_base64, const char *name);
+ void CTLOG_free(CTLOG *log);
+ const char *CTLOG_get0_name(const CTLOG *log);
+ void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+                        size_t *log_id_len);
+ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>CTLOG_new() returns a new CTLOG that represents the Certificate Transparency (CT) log with the given public key. A name must also be provided that can be used to help users identify this log. Ownership of the public key is transferred.</p>
+
+<p>CTLOG_new_from_base64() also creates a new CTLOG, but takes the public key in base64-encoded DER form and sets the ct_log pointer to point to the new CTLOG. The base64 will be decoded and the public key parsed.</p>
+
+<p>Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the caller&#39;s responsibility to pass the CTLOG to CTLOG_free() once it is no longer needed. This will delete it and, if created by CTLOG_new(), the EVP_PKEY that was passed to it.</p>
+
+<p>CTLOG_get0_name() returns the name of the log, as provided when the CTLOG was created. Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_log_id() sets *log_id to point to a string containing that log&#39;s LogID (see RFC 6962). It sets *log_id_len to the length of that LogID. For a v1 CT log, the LogID will be a SHA-256 hash (i.e. 32 bytes long). Ownership of the string remains with the CTLOG.</p>
+
+<p>CTLOG_get0_public_key() returns the public key of the CT log. Ownership of the EVP_PKEY remains with the CTLOG.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CTLOG_new() will return NULL if an error occurs.</p>
+
+<p>CTLOG_new_from_base64() will return 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_free.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_free.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_cert.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_cert.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_cert.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_issuer.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_issuer.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_issuer.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_log_store.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_log_store.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_log_store.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get_time.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get_time.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get_time.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_new.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_new.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set1_cert.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set1_cert.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set1_cert.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set1_issuer.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set1_issuer.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set1_issuer.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set_time.html b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set_time.html
new file mode 100644
index 000000000..12daa6f56
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set_time.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CT_POLICY_EVAL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, CT_POLICY_EVAL_CTX_get0_log_store, CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE, CT_POLICY_EVAL_CTX_get_time, CT_POLICY_EVAL_CTX_set_time - Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+ void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+ X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+ X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+ int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+ const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+                                                CTLOG_STORE *log_store);
+ uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+ void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>CT_POLICY_EVAL_CTX</b> is used by functions that evaluate whether Signed Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy. This policy may be, for example, that at least one valid SCT is available. To determine this, an SCT&#39;s timestamp and signature must be verified. This requires:</p>
+
+<ul>
+
+<li><p>the public key of the log that issued the SCT</p>
+
+</li>
+<li><p>the certificate that the SCT was issued for</p>
+
+</li>
+<li><p>the issuer certificate (if the SCT was issued for a pre-certificate)</p>
+
+</li>
+<li><p>the current time</p>
+
+</li>
+</ul>
+
+<p>The above requirements are met using the setters described below.</p>
+
+<p>CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This should then be populated using:</p>
+
+<ul>
+
+<li><p>CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate</p>
+
+<p>Increments the reference count of the certificate.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs</p>
+
+<p>Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the CT_POLICY_EVAL_CTX.</p>
+
+</li>
+<li><p>CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid</p>
+
+<p>The SCT timestamp will be compared to this time to check whether the SCT was issued in the future. RFC6962 states that &quot;TLS clients MUST reject SCTs whose timestamp is in the future&quot;. By default, this will be set to 5 minutes in the future (e.g. (time() + 300) * 1000), to allow for clock drift.</p>
+
+<p>The time should be in milliseconds since the Unix epoch.</p>
+
+</li>
+</ul>
+
+<p>Each setter has a matching getter for accessing the current value.</p>
+
+<p>When no longer required, the <b>CT_POLICY_EVAL_CTX</b> should be passed to CT_POLICY_EVAL_CTX_free() to delete it.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer certificate only needs to be provided if at least one of the SCTs was issued for a pre-certificate. This will be the case for SCTs embedded in a certificate (i.e. those in an X.509 extension), but may not be the case for SCTs found in the TLS SCT extension or OCSP response.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DECLARE_ASN1_FUNCTIONS.html b/msys2/usr/share/doc/openssl/html/man3/DECLARE_ASN1_FUNCTIONS.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DECLARE_ASN1_FUNCTIONS.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DECLARE_LHASH_OF.html b/msys2/usr/share/doc/openssl/html/man3/DECLARE_LHASH_OF.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DECLARE_LHASH_OF.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DECLARE_PEM_rw.html b/msys2/usr/share/doc/openssl/html/man3/DECLARE_PEM_rw.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DECLARE_PEM_rw.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DEFINE_SPECIAL_STACK_OF.html b/msys2/usr/share/doc/openssl/html/man3/DEFINE_SPECIAL_STACK_OF.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DEFINE_SPECIAL_STACK_OF.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DEFINE_SPECIAL_STACK_OF_CONST.html b/msys2/usr/share/doc/openssl/html/man3/DEFINE_SPECIAL_STACK_OF_CONST.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DEFINE_SPECIAL_STACK_OF_CONST.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DEFINE_STACK_OF.html b/msys2/usr/share/doc/openssl/html/man3/DEFINE_STACK_OF.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DEFINE_STACK_OF.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DEFINE_STACK_OF_CONST.html b/msys2/usr/share/doc/openssl/html/man3/DEFINE_STACK_OF_CONST.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DEFINE_STACK_OF_CONST.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_cbc_cksum.html b/msys2/usr/share/doc/openssl/html/man3/DES_cbc_cksum.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_cbc_cksum.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_cfb64_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_cfb64_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_cfb64_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_cfb_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_cfb_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_cfb_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_crypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_crypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_crypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ecb2_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ecb2_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ecb2_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ecb3_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ecb3_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ecb3_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ecb_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ecb_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ecb_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ede2_cbc_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ede2_cbc_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ede2_cbc_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ede2_cfb64_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ede2_cfb64_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ede2_cfb64_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ede2_ofb64_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ede2_ofb64_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ede2_ofb64_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ede3_cbc_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ede3_cbc_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ede3_cbc_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ede3_cfb64_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ede3_cfb64_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ede3_cfb64_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ede3_ofb64_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ede3_ofb64_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ede3_ofb64_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_fcrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_fcrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_fcrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_is_weak_key.html b/msys2/usr/share/doc/openssl/html/man3/DES_is_weak_key.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_is_weak_key.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_key_sched.html b/msys2/usr/share/doc/openssl/html/man3/DES_key_sched.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_key_sched.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ncbc_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ncbc_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ncbc_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ofb64_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ofb64_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ofb64_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_ofb_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_ofb_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_ofb_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_pcbc_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_pcbc_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_pcbc_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_quad_cksum.html b/msys2/usr/share/doc/openssl/html/man3/DES_quad_cksum.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_quad_cksum.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_random_key.html b/msys2/usr/share/doc/openssl/html/man3/DES_random_key.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_random_key.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_set_key.html b/msys2/usr/share/doc/openssl/html/man3/DES_set_key.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_set_key.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_set_key_checked.html b/msys2/usr/share/doc/openssl/html/man3/DES_set_key_checked.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_set_key_checked.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_set_key_unchecked.html b/msys2/usr/share/doc/openssl/html/man3/DES_set_key_unchecked.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_set_key_unchecked.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_set_odd_parity.html b/msys2/usr/share/doc/openssl/html/man3/DES_set_odd_parity.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_set_odd_parity.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_string_to_2keys.html b/msys2/usr/share/doc/openssl/html/man3/DES_string_to_2keys.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_string_to_2keys.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_string_to_key.html b/msys2/usr/share/doc/openssl/html/man3/DES_string_to_key.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_string_to_key.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DES_xcbc_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/DES_xcbc_encrypt.html
new file mode 100644
index 000000000..9d281cedf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DES_xcbc_encrypt.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DES_random_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked, DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key, DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, DES_fcrypt, DES_crypt - DES encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/des.h&gt;
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                       DES_key_schedule *ks1, DES_key_schedule *ks2,
+                       DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+                      int numbits, long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                       long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                       const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec,
+                             int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec, int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                             long length, DES_key_schedule *ks1,
+                             DES_key_schedule *ks2, DES_key_schedule *ks3,
+                             DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                        long length, DES_key_schedule *schedule,
+                        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                         long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library contains a fast implementation of the DES encryption algorithm.</p>
+
+<p>There are two phases to the use of DES encryption. The first is the generation of a <i>DES_key_schedule</i> from a key, the second is the actual encryption. A DES key is of type <i>DES_cblock</i>. This type consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process.</p>
+
+<p>DES_random_key() generates a random key. The PRNG must be seeded prior to using this function (see <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>). If the PRNG could not generate a secure key, 0 is returned.</p>
+
+<p>Before a DES key can be used, it must be converted into the architecture dependent <i>DES_key_schedule</i> via the DES_set_key_checked() or DES_set_key_unchecked() function.</p>
+
+<p>DES_set_key_checked() will check that the key passed is of odd parity and is not a weak or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated.</p>
+
+<p>DES_set_key() works like DES_set_key_checked() if the <i>DES_check_key</i> flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable.</p>
+
+<p>DES_set_odd_parity() sets the parity of the passed <i>key</i> to odd.</p>
+
+<p>DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it is ok.</p>
+
+<p>The following routines mostly operate on an input and output stream of <i>DES_cblock</i>s.</p>
+
+<p>DES_ecb_encrypt() is the basic DES encryption routine that encrypts or decrypts a single 8-byte <i>DES_cblock</i> in <i>electronic code book</i> (ECB) mode. It always transforms the input data, pointed to by <i>input</i>, into the output data, pointed to by the <i>output</i> argument. If the <i>encrypt</i> argument is non-zero (DES_ENCRYPT), the <i>input</i> (cleartext) is encrypted in to the <i>output</i> (ciphertext) using the key_schedule specified by the <i>schedule</i> argument, previously set via <i>DES_set_key</i>. If <i>encrypt</i> is zero (DES_DECRYPT), the <i>input</i> (now ciphertext) is decrypted into the <i>output</i> (now cleartext). Input and output may overlap. DES_ecb_encrypt() does not return a value.</p>
+
+<p>DES_ecb3_encrypt() encrypts/decrypts the <i>input</i> block by using three-key Triple-DES encryption in ECB mode. This involves encrypting the input with <i>ks1</i>, decrypting with the key schedule <i>ks2</i>, and then encrypting with <i>ks3</i>. This routine greatly reduces the chances of brute force breaking of DES and has the advantage of if <i>ks1</i>, <i>ks2</i> and <i>ks3</i> are the same, it is equivalent to just encryption using ECB mode and <i>ks1</i> as the key.</p>
+
+<p>The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES encryption by using <i>ks1</i> for the final encryption.</p>
+
+<p>DES_ncbc_encrypt() encrypts/decrypts using the <i>cipher-block-chaining</i> (CBC) mode of DES. If the <i>encrypt</i> argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the <i>input</i> argument into the ciphertext pointed to by the <i>output</i> argument, using the key schedule provided by the <i>schedule</i> argument, and initialization vector provided by the <i>ivec</i> argument. If the <i>length</i> argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.</p>
+
+<p>DES_xcbc_encrypt() is RSA&#39;s DESX mode of DES. It uses <i>inw</i> and <i>outw</i> to &#39;whiten&#39; the encryption. <i>inw</i> and <i>outw</i> are secret (unlike the iv) and are as such, part of the key. So the key is sort of 24 bytes. This is much better than CBC DES.</p>
+
+<p>DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is <code>C=E(ks3,D(ks2,E(ks1,M)))</code>. This mode is used by SSL.</p>
+
+<p>The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing <i>ks1</i> for the final encryption. <code>C=E(ks1,D(ks2,E(ks1,M)))</code>. This form of Triple-DES is used by the RSAREF library.</p>
+
+<p>DES_pcbc_encrypt() encrypts/decrypts using the propagating cipher block chaining mode used by Kerberos v4. Its parameters are the same as DES_ncbc_encrypt().</p>
+
+<p>DES_cfb_encrypt() encrypts/decrypts using cipher feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_cfb64_encrypt() implements CFB mode of DES with 64-bit feedback. Why is this useful you ask? Because this routine will allow you to encrypt an arbitrary number of bytes, without 8 byte padding. Each call to this routine will encrypt the input bytes to output and then update ivec and num. num contains &#39;how far&#39; we are though ivec. If this does not make much sense, read more about CFB mode of DES.</p>
+
+<p>DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as DES_cfb64_encrypt() except that Triple-DES is used.</p>
+
+<p>DES_ofb_encrypt() encrypts using output feedback mode. This method takes an array of characters as input and outputs an array of characters. It does not require any padding to 8 character groups. Note: the <i>ivec</i> variable is changed and the new changed value needs to be passed to the next call to this function. Since this function runs a complete DES ECB encryption per <i>numbits</i>, this function is only suggested for use when sending a small number of characters.</p>
+
+<p>DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output Feed Back mode.</p>
+
+<p>DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES.</p>
+
+<p>The following functions are included in the DES library for compatibility with the MIT Kerberos library.</p>
+
+<p>DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in <i>output</i>. This function is used by Kerberos v4. Other applications should use <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead.</p>
+
+<p>DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the input, depending on <i>out_count</i>, 1, 2, 3 or 4 times. If <i>output</i> is non-NULL, the 8 bytes generated by each pass are written into <i>output</i>.</p>
+
+<p>The following are DES-based transformations:</p>
+
+<p>DES_fcrypt() is a fast version of the Unix crypt(3) function. This version takes only a small amount of space relative to other fast crypt() implementations. This is different to the normal crypt() in that the third parameter is the buffer that the return value is written into. It needs to be at least 14 bytes long. This function is thread safe, unlike the normal crypt().</p>
+
+<p>DES_crypt() is a faster replacement for the normal system crypt(). This function calls DES_fcrypt() with a static array passed as the third parameter. This mostly emulates the normal non-thread-safe semantics of crypt(3). The <b>salt</b> must be two ASCII characters.</p>
+
+<p>The values returned by DES_fcrypt() and DES_crypt() are terminated by NUL character.</p>
+
+<p>DES_enc_write() writes <i>len</i> bytes to file descriptor <i>fd</i> from buffer <i>buf</i>. The data is encrypted via <i>pcbc_encrypt</i> (default) using <i>sched</i> for the key and <i>iv</i> as a starting vector. The actual data send down <i>fd</i> consists of 4 bytes (in network byte order) containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>DES_cbc_encrypt() does not modify <b>ivec</b>; use DES_ncbc_encrypt() instead.</p>
+
+<p>DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits. What this means is that if you set numbits to 12, and length to 2, the first 12 bits will come from the 1st input byte and the low half of the second input byte. The second 12 bits will have the low 8 bits taken from the 3rd input byte and the top 4 bits taken from the 4th input byte. The same holds for output. This function has been implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly!</p>
+
+<p>DES_string_to_key() is available for backward compatibility with the MIT library. New applications should use a cryptographic hash function. The same applies for DES_string_to_2key().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>des</b> library was written to be source code compatible with the MIT Kerberos library.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>Single-key DES is insecure due to its short key size. ECB mode is not suitable for most applications; see <a href="../man7/des_modes.html">des_modes(7)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DES_set_key(), DES_key_sched(), DES_set_key_checked() and DES_is_weak_key() return 0 on success or negative values on error.</p>
+
+<p>DES_cbc_cksum() and DES_quad_cksum() return 4-byte integer representing the last 4 bytes of the checksum of the input.</p>
+
+<p>DES_fcrypt() returns a pointer to the caller-provided buffer and DES_crypt() - to a static buffer on success; otherwise they return NULL.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The requirement that the <b>salt</b> parameter to DES_crypt() and DES_fcrypt() be two ASCII characters was first enforced in OpenSSL 1.1.0. Previous versions tried to use the letter uppercase <b>A</b> if both character were not present, and could crash when given non-ASCII on some platforms.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/des_modes.html">des_modes(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_OpenSSL.html b/msys2/usr/share/doc/openssl/html/man3/DH_OpenSSL.html
new file mode 100644
index 000000000..8497f0fdb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_OpenSSL.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_set_default_method, DH_get_default_method, DH_set_method, DH_new_method, DH_OpenSSL - select DH method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_set_default_method(const DH_METHOD *meth);
+
+ const DH_METHOD *DH_get_default_method(void);
+
+ int DH_set_method(DH *dh, const DH_METHOD *meth);
+
+ DH *DH_new_method(ENGINE *engine);
+
+ const DH_METHOD *DH_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DH_METHOD</b> specifies the functions that OpenSSL uses for Diffie-Hellman operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DH API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DH_METHOD is the OpenSSL internal implementation, as returned by DH_OpenSSL().</p>
+
+<p>DH_set_default_method() makes <b>meth</b> the default method for all DH structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DH, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DH_get_default_method() returns a pointer to the current default DH_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DH_set_method() selects <b>meth</b> to perform all operations using the key <b>dh</b>. This will replace the DH_METHOD used by the DH key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DH keys that only work with certain DH_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DH_METHOD for the key can have unexpected results.</p>
+
+<p>DH_new_method() allocates and initializes a DH structure so that <b>engine</b> will be used for the DH operations. If <b>engine</b> is NULL, the default ENGINE for DH operations is used, and if no default ENGINE is set, the DH_METHOD controlled by DH_set_default_method() is used.</p>
+
+<p>A new DH_METHOD object may be constructed using DH_meth_new() (see <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_OpenSSL() and DH_get_default_method() return pointers to the respective <b>DH_METHOD</b>s.</p>
+
+<p>DH_set_default_method() returns no value.</p>
+
+<p>DH_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dh</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DH_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_bits.html b/msys2/usr/share/doc/openssl/html/man3/DH_bits.html
new file mode 100644
index 000000000..9ec2db8f2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_bits.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_size, DH_bits, DH_security_bits - get Diffie-Hellman prime size and security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_size(const DH *dh);
+
+ int DH_bits(const DH *dh);
+
+ int DH_security_bits(const DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_size() returns the Diffie-Hellman prime size in bytes. It can be used to determine how much memory must be allocated for the shared secret computed by <a href="../man3/DH_compute_key.html">DH_compute_key(3)</a>.</p>
+
+<p>DH_bits() returns the number of significant bits.</p>
+
+<p><b>dh</b> and <b>dh-&gt;p</b> must not be <b>NULL</b>.</p>
+
+<p>DH_security_bits() returns the number of security bits of the given <b>dh</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_size() returns the prime size of Diffie-Hellman in bytes.</p>
+
+<p>DH_bits() returns the number of bits in the key.</p>
+
+<p>DH_security_bits() returns the number of security bits.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/BN_num_bits.html">BN_num_bits(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The DH_bits() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_check.html b/msys2/usr/share/doc/openssl/html/man3/DH_check.html
new file mode 100644
index 000000000..5f5e3b122
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_check.html
@@ -0,0 +1,155 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_parameters_ex, DH_generate_parameters, DH_check, DH_check_params, DH_check_ex, DH_check_params_ex, DH_check_pub_key_ex - generate and check Diffie-Hellman parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
+
+ int DH_check(DH *dh, int *codes);
+ int DH_check_params(DH *dh, int *codes);
+
+ int DH_check_ex(const DH *dh);
+ int DH_check_params_ex(const DH *dh);
+ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DH *DH_generate_parameters(int prime_len, int generator,
+                            void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_parameters_ex() generates Diffie-Hellman parameters that can be shared among a group of users, and stores them in the provided <b>DH</b> structure. The pseudo-random number generator must be seeded before calling it. The parameters generated by DH_generate_parameters_ex() should not be used in signature schemes.</p>
+
+<p><b>prime_len</b> is the length in bits of the safe prime to be generated. <b>generator</b> is a small number &gt; 1, typically 2 or 5.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> while a random prime number is generated, and when a prime has been found, <b>BN_GENCB_call(cb, 3, 0)</b> is called. See <a href="../man3/BN_generate_prime_ex.html">BN_generate_prime_ex(3)</a> for information on the BN_GENCB_call() function.</p>
+
+<p>DH_generate_parameters() is similar to DH_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<p>DH_check_params() confirms that the <b>p</b> and <b>g</b> are likely enough to be valid. This is a lightweight check, if a more thorough check is needed, use DH_check(). The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> has been determined to not being an odd prime. Note that the lack of this bit doesn&#39;t guarantee that <b>p</b> is a prime.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable. Note that the lack of this bit doesn&#39;t guarantee that <b>g</b> is suitable, unless <b>p</b> is known to be a strong prime.</p>
+
+</dd>
+</dl>
+
+<p>DH_check() confirms that the Diffie-Hellman parameters <b>dh</b> are valid. The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME1">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_P_NOT_SAFE_PRIME">DH_CHECK_P_NOT_SAFE_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not a safe prime and no <b>q</b> value is present.</p>
+
+</dd>
+<dt id="DH_UNABLE_TO_CHECK_GENERATOR">DH_UNABLE_TO_CHECK_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> cannot be checked for suitability.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR1">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable.</p>
+
+</dd>
+<dt id="DH_CHECK_Q_NOT_PRIME">DH_CHECK_Q_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>q</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_Q_VALUE">DH_CHECK_INVALID_Q_VALUE</dt>
+<dd>
+
+<p>The parameter <b>q</b> is invalid.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_J_VALUE">DH_CHECK_INVALID_J_VALUE</dt>
+<dd>
+
+<p>The parameter <b>j</b> is invalid.</p>
+
+</dd>
+</dl>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to DH_check() and DH_check_params() respectively, but the error reasons are added to the thread&#39;s error queue instead of provided as return values from the function.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1 if the check could be performed, 0 otherwise.</p>
+
+<p>DH_generate_parameters() returns a pointer to the DH structure or NULL if the parameter generation fails.</p>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() return 1 if the check is successful, 0 for failed.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_free.html">DH_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use DH_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_check_ex.html b/msys2/usr/share/doc/openssl/html/man3/DH_check_ex.html
new file mode 100644
index 000000000..5f5e3b122
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_check_ex.html
@@ -0,0 +1,155 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_parameters_ex, DH_generate_parameters, DH_check, DH_check_params, DH_check_ex, DH_check_params_ex, DH_check_pub_key_ex - generate and check Diffie-Hellman parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
+
+ int DH_check(DH *dh, int *codes);
+ int DH_check_params(DH *dh, int *codes);
+
+ int DH_check_ex(const DH *dh);
+ int DH_check_params_ex(const DH *dh);
+ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DH *DH_generate_parameters(int prime_len, int generator,
+                            void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_parameters_ex() generates Diffie-Hellman parameters that can be shared among a group of users, and stores them in the provided <b>DH</b> structure. The pseudo-random number generator must be seeded before calling it. The parameters generated by DH_generate_parameters_ex() should not be used in signature schemes.</p>
+
+<p><b>prime_len</b> is the length in bits of the safe prime to be generated. <b>generator</b> is a small number &gt; 1, typically 2 or 5.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> while a random prime number is generated, and when a prime has been found, <b>BN_GENCB_call(cb, 3, 0)</b> is called. See <a href="../man3/BN_generate_prime_ex.html">BN_generate_prime_ex(3)</a> for information on the BN_GENCB_call() function.</p>
+
+<p>DH_generate_parameters() is similar to DH_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<p>DH_check_params() confirms that the <b>p</b> and <b>g</b> are likely enough to be valid. This is a lightweight check, if a more thorough check is needed, use DH_check(). The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> has been determined to not being an odd prime. Note that the lack of this bit doesn&#39;t guarantee that <b>p</b> is a prime.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable. Note that the lack of this bit doesn&#39;t guarantee that <b>g</b> is suitable, unless <b>p</b> is known to be a strong prime.</p>
+
+</dd>
+</dl>
+
+<p>DH_check() confirms that the Diffie-Hellman parameters <b>dh</b> are valid. The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME1">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_P_NOT_SAFE_PRIME">DH_CHECK_P_NOT_SAFE_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not a safe prime and no <b>q</b> value is present.</p>
+
+</dd>
+<dt id="DH_UNABLE_TO_CHECK_GENERATOR">DH_UNABLE_TO_CHECK_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> cannot be checked for suitability.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR1">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable.</p>
+
+</dd>
+<dt id="DH_CHECK_Q_NOT_PRIME">DH_CHECK_Q_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>q</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_Q_VALUE">DH_CHECK_INVALID_Q_VALUE</dt>
+<dd>
+
+<p>The parameter <b>q</b> is invalid.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_J_VALUE">DH_CHECK_INVALID_J_VALUE</dt>
+<dd>
+
+<p>The parameter <b>j</b> is invalid.</p>
+
+</dd>
+</dl>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to DH_check() and DH_check_params() respectively, but the error reasons are added to the thread&#39;s error queue instead of provided as return values from the function.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1 if the check could be performed, 0 otherwise.</p>
+
+<p>DH_generate_parameters() returns a pointer to the DH structure or NULL if the parameter generation fails.</p>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() return 1 if the check is successful, 0 for failed.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_free.html">DH_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use DH_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_check_params.html b/msys2/usr/share/doc/openssl/html/man3/DH_check_params.html
new file mode 100644
index 000000000..5f5e3b122
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_check_params.html
@@ -0,0 +1,155 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_parameters_ex, DH_generate_parameters, DH_check, DH_check_params, DH_check_ex, DH_check_params_ex, DH_check_pub_key_ex - generate and check Diffie-Hellman parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
+
+ int DH_check(DH *dh, int *codes);
+ int DH_check_params(DH *dh, int *codes);
+
+ int DH_check_ex(const DH *dh);
+ int DH_check_params_ex(const DH *dh);
+ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DH *DH_generate_parameters(int prime_len, int generator,
+                            void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_parameters_ex() generates Diffie-Hellman parameters that can be shared among a group of users, and stores them in the provided <b>DH</b> structure. The pseudo-random number generator must be seeded before calling it. The parameters generated by DH_generate_parameters_ex() should not be used in signature schemes.</p>
+
+<p><b>prime_len</b> is the length in bits of the safe prime to be generated. <b>generator</b> is a small number &gt; 1, typically 2 or 5.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> while a random prime number is generated, and when a prime has been found, <b>BN_GENCB_call(cb, 3, 0)</b> is called. See <a href="../man3/BN_generate_prime_ex.html">BN_generate_prime_ex(3)</a> for information on the BN_GENCB_call() function.</p>
+
+<p>DH_generate_parameters() is similar to DH_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<p>DH_check_params() confirms that the <b>p</b> and <b>g</b> are likely enough to be valid. This is a lightweight check, if a more thorough check is needed, use DH_check(). The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> has been determined to not being an odd prime. Note that the lack of this bit doesn&#39;t guarantee that <b>p</b> is a prime.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable. Note that the lack of this bit doesn&#39;t guarantee that <b>g</b> is suitable, unless <b>p</b> is known to be a strong prime.</p>
+
+</dd>
+</dl>
+
+<p>DH_check() confirms that the Diffie-Hellman parameters <b>dh</b> are valid. The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME1">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_P_NOT_SAFE_PRIME">DH_CHECK_P_NOT_SAFE_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not a safe prime and no <b>q</b> value is present.</p>
+
+</dd>
+<dt id="DH_UNABLE_TO_CHECK_GENERATOR">DH_UNABLE_TO_CHECK_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> cannot be checked for suitability.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR1">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable.</p>
+
+</dd>
+<dt id="DH_CHECK_Q_NOT_PRIME">DH_CHECK_Q_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>q</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_Q_VALUE">DH_CHECK_INVALID_Q_VALUE</dt>
+<dd>
+
+<p>The parameter <b>q</b> is invalid.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_J_VALUE">DH_CHECK_INVALID_J_VALUE</dt>
+<dd>
+
+<p>The parameter <b>j</b> is invalid.</p>
+
+</dd>
+</dl>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to DH_check() and DH_check_params() respectively, but the error reasons are added to the thread&#39;s error queue instead of provided as return values from the function.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1 if the check could be performed, 0 otherwise.</p>
+
+<p>DH_generate_parameters() returns a pointer to the DH structure or NULL if the parameter generation fails.</p>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() return 1 if the check is successful, 0 for failed.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_free.html">DH_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use DH_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_check_params_ex.html b/msys2/usr/share/doc/openssl/html/man3/DH_check_params_ex.html
new file mode 100644
index 000000000..5f5e3b122
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_check_params_ex.html
@@ -0,0 +1,155 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_parameters_ex, DH_generate_parameters, DH_check, DH_check_params, DH_check_ex, DH_check_params_ex, DH_check_pub_key_ex - generate and check Diffie-Hellman parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
+
+ int DH_check(DH *dh, int *codes);
+ int DH_check_params(DH *dh, int *codes);
+
+ int DH_check_ex(const DH *dh);
+ int DH_check_params_ex(const DH *dh);
+ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DH *DH_generate_parameters(int prime_len, int generator,
+                            void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_parameters_ex() generates Diffie-Hellman parameters that can be shared among a group of users, and stores them in the provided <b>DH</b> structure. The pseudo-random number generator must be seeded before calling it. The parameters generated by DH_generate_parameters_ex() should not be used in signature schemes.</p>
+
+<p><b>prime_len</b> is the length in bits of the safe prime to be generated. <b>generator</b> is a small number &gt; 1, typically 2 or 5.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> while a random prime number is generated, and when a prime has been found, <b>BN_GENCB_call(cb, 3, 0)</b> is called. See <a href="../man3/BN_generate_prime_ex.html">BN_generate_prime_ex(3)</a> for information on the BN_GENCB_call() function.</p>
+
+<p>DH_generate_parameters() is similar to DH_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<p>DH_check_params() confirms that the <b>p</b> and <b>g</b> are likely enough to be valid. This is a lightweight check, if a more thorough check is needed, use DH_check(). The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> has been determined to not being an odd prime. Note that the lack of this bit doesn&#39;t guarantee that <b>p</b> is a prime.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable. Note that the lack of this bit doesn&#39;t guarantee that <b>g</b> is suitable, unless <b>p</b> is known to be a strong prime.</p>
+
+</dd>
+</dl>
+
+<p>DH_check() confirms that the Diffie-Hellman parameters <b>dh</b> are valid. The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME1">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_P_NOT_SAFE_PRIME">DH_CHECK_P_NOT_SAFE_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not a safe prime and no <b>q</b> value is present.</p>
+
+</dd>
+<dt id="DH_UNABLE_TO_CHECK_GENERATOR">DH_UNABLE_TO_CHECK_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> cannot be checked for suitability.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR1">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable.</p>
+
+</dd>
+<dt id="DH_CHECK_Q_NOT_PRIME">DH_CHECK_Q_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>q</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_Q_VALUE">DH_CHECK_INVALID_Q_VALUE</dt>
+<dd>
+
+<p>The parameter <b>q</b> is invalid.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_J_VALUE">DH_CHECK_INVALID_J_VALUE</dt>
+<dd>
+
+<p>The parameter <b>j</b> is invalid.</p>
+
+</dd>
+</dl>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to DH_check() and DH_check_params() respectively, but the error reasons are added to the thread&#39;s error queue instead of provided as return values from the function.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1 if the check could be performed, 0 otherwise.</p>
+
+<p>DH_generate_parameters() returns a pointer to the DH structure or NULL if the parameter generation fails.</p>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() return 1 if the check is successful, 0 for failed.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_free.html">DH_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use DH_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_check_pub_key_ex.html b/msys2/usr/share/doc/openssl/html/man3/DH_check_pub_key_ex.html
new file mode 100644
index 000000000..5f5e3b122
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_check_pub_key_ex.html
@@ -0,0 +1,155 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_parameters_ex, DH_generate_parameters, DH_check, DH_check_params, DH_check_ex, DH_check_params_ex, DH_check_pub_key_ex - generate and check Diffie-Hellman parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
+
+ int DH_check(DH *dh, int *codes);
+ int DH_check_params(DH *dh, int *codes);
+
+ int DH_check_ex(const DH *dh);
+ int DH_check_params_ex(const DH *dh);
+ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DH *DH_generate_parameters(int prime_len, int generator,
+                            void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_parameters_ex() generates Diffie-Hellman parameters that can be shared among a group of users, and stores them in the provided <b>DH</b> structure. The pseudo-random number generator must be seeded before calling it. The parameters generated by DH_generate_parameters_ex() should not be used in signature schemes.</p>
+
+<p><b>prime_len</b> is the length in bits of the safe prime to be generated. <b>generator</b> is a small number &gt; 1, typically 2 or 5.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> while a random prime number is generated, and when a prime has been found, <b>BN_GENCB_call(cb, 3, 0)</b> is called. See <a href="../man3/BN_generate_prime_ex.html">BN_generate_prime_ex(3)</a> for information on the BN_GENCB_call() function.</p>
+
+<p>DH_generate_parameters() is similar to DH_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<p>DH_check_params() confirms that the <b>p</b> and <b>g</b> are likely enough to be valid. This is a lightweight check, if a more thorough check is needed, use DH_check(). The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> has been determined to not being an odd prime. Note that the lack of this bit doesn&#39;t guarantee that <b>p</b> is a prime.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable. Note that the lack of this bit doesn&#39;t guarantee that <b>g</b> is suitable, unless <b>p</b> is known to be a strong prime.</p>
+
+</dd>
+</dl>
+
+<p>DH_check() confirms that the Diffie-Hellman parameters <b>dh</b> are valid. The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME1">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_P_NOT_SAFE_PRIME">DH_CHECK_P_NOT_SAFE_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not a safe prime and no <b>q</b> value is present.</p>
+
+</dd>
+<dt id="DH_UNABLE_TO_CHECK_GENERATOR">DH_UNABLE_TO_CHECK_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> cannot be checked for suitability.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR1">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable.</p>
+
+</dd>
+<dt id="DH_CHECK_Q_NOT_PRIME">DH_CHECK_Q_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>q</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_Q_VALUE">DH_CHECK_INVALID_Q_VALUE</dt>
+<dd>
+
+<p>The parameter <b>q</b> is invalid.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_J_VALUE">DH_CHECK_INVALID_J_VALUE</dt>
+<dd>
+
+<p>The parameter <b>j</b> is invalid.</p>
+
+</dd>
+</dl>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to DH_check() and DH_check_params() respectively, but the error reasons are added to the thread&#39;s error queue instead of provided as return values from the function.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1 if the check could be performed, 0 otherwise.</p>
+
+<p>DH_generate_parameters() returns a pointer to the DH structure or NULL if the parameter generation fails.</p>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() return 1 if the check is successful, 0 for failed.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_free.html">DH_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use DH_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/DH_clear_flags.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_clear_flags.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_compute_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_compute_key.html
new file mode 100644
index 000000000..c520babfb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_compute_key.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_key(DH *dh);
+
+ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_key() performs the first step of a Diffie-Hellman key exchange by generating private and public DH values. By calling DH_compute_key(), these are combined with the other party&#39;s public value to compute the shared key.</p>
+
+<p>DH_generate_key() expects <b>dh</b> to contain the shared parameters <b>dh-&gt;p</b> and <b>dh-&gt;g</b>. It generates a random private DH value unless <b>dh-&gt;priv_key</b> is already set, and computes the corresponding public value <b>dh-&gt;pub_key</b>, which can then be published.</p>
+
+<p>DH_compute_key() computes the shared secret from the private DH value in <b>dh</b> and the other party&#39;s public value in <b>pub_key</b> and stores it in <b>key</b>. <b>key</b> must point to <b>DH_size(dh)</b> bytes of memory.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_key() returns 1 on success, 0 otherwise.</p>
+
+<p>DH_compute_key() returns the size of the shared secret on success, -1 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_free.html b/msys2/usr/share/doc/openssl/html/man3/DH_free.html
new file mode 100644
index 000000000..631b252a6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_free.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_new, DH_free - allocate and free DH objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH* DH_new(void);
+
+ void DH_free(DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_new() allocates and initializes a <b>DH</b> structure.</p>
+
+<p>DH_free() frees the <b>DH</b> structure and its components. The values are erased before the memory is returned to the system. If <b>dh</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, DH_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>DH_free() returns no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_generate_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_generate_key.html
new file mode 100644
index 000000000..c520babfb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_generate_key.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_key(DH *dh);
+
+ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_key() performs the first step of a Diffie-Hellman key exchange by generating private and public DH values. By calling DH_compute_key(), these are combined with the other party&#39;s public value to compute the shared key.</p>
+
+<p>DH_generate_key() expects <b>dh</b> to contain the shared parameters <b>dh-&gt;p</b> and <b>dh-&gt;g</b>. It generates a random private DH value unless <b>dh-&gt;priv_key</b> is already set, and computes the corresponding public value <b>dh-&gt;pub_key</b>, which can then be published.</p>
+
+<p>DH_compute_key() computes the shared secret from the private DH value in <b>dh</b> and the other party&#39;s public value in <b>pub_key</b> and stores it in <b>key</b>. <b>key</b> must point to <b>DH_size(dh)</b> bytes of memory.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_key() returns 1 on success, 0 otherwise.</p>
+
+<p>DH_compute_key() returns the size of the shared secret on success, -1 on error.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_generate_parameters.html b/msys2/usr/share/doc/openssl/html/man3/DH_generate_parameters.html
new file mode 100644
index 000000000..5f5e3b122
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_generate_parameters.html
@@ -0,0 +1,155 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_parameters_ex, DH_generate_parameters, DH_check, DH_check_params, DH_check_ex, DH_check_params_ex, DH_check_pub_key_ex - generate and check Diffie-Hellman parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
+
+ int DH_check(DH *dh, int *codes);
+ int DH_check_params(DH *dh, int *codes);
+
+ int DH_check_ex(const DH *dh);
+ int DH_check_params_ex(const DH *dh);
+ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DH *DH_generate_parameters(int prime_len, int generator,
+                            void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_parameters_ex() generates Diffie-Hellman parameters that can be shared among a group of users, and stores them in the provided <b>DH</b> structure. The pseudo-random number generator must be seeded before calling it. The parameters generated by DH_generate_parameters_ex() should not be used in signature schemes.</p>
+
+<p><b>prime_len</b> is the length in bits of the safe prime to be generated. <b>generator</b> is a small number &gt; 1, typically 2 or 5.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> while a random prime number is generated, and when a prime has been found, <b>BN_GENCB_call(cb, 3, 0)</b> is called. See <a href="../man3/BN_generate_prime_ex.html">BN_generate_prime_ex(3)</a> for information on the BN_GENCB_call() function.</p>
+
+<p>DH_generate_parameters() is similar to DH_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<p>DH_check_params() confirms that the <b>p</b> and <b>g</b> are likely enough to be valid. This is a lightweight check, if a more thorough check is needed, use DH_check(). The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> has been determined to not being an odd prime. Note that the lack of this bit doesn&#39;t guarantee that <b>p</b> is a prime.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable. Note that the lack of this bit doesn&#39;t guarantee that <b>g</b> is suitable, unless <b>p</b> is known to be a strong prime.</p>
+
+</dd>
+</dl>
+
+<p>DH_check() confirms that the Diffie-Hellman parameters <b>dh</b> are valid. The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME1">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_P_NOT_SAFE_PRIME">DH_CHECK_P_NOT_SAFE_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not a safe prime and no <b>q</b> value is present.</p>
+
+</dd>
+<dt id="DH_UNABLE_TO_CHECK_GENERATOR">DH_UNABLE_TO_CHECK_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> cannot be checked for suitability.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR1">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable.</p>
+
+</dd>
+<dt id="DH_CHECK_Q_NOT_PRIME">DH_CHECK_Q_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>q</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_Q_VALUE">DH_CHECK_INVALID_Q_VALUE</dt>
+<dd>
+
+<p>The parameter <b>q</b> is invalid.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_J_VALUE">DH_CHECK_INVALID_J_VALUE</dt>
+<dd>
+
+<p>The parameter <b>j</b> is invalid.</p>
+
+</dd>
+</dl>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to DH_check() and DH_check_params() respectively, but the error reasons are added to the thread&#39;s error queue instead of provided as return values from the function.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1 if the check could be performed, 0 otherwise.</p>
+
+<p>DH_generate_parameters() returns a pointer to the DH structure or NULL if the parameter generation fails.</p>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() return 1 if the check is successful, 0 for failed.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_free.html">DH_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use DH_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_generate_parameters_ex.html b/msys2/usr/share/doc/openssl/html/man3/DH_generate_parameters_ex.html
new file mode 100644
index 000000000..5f5e3b122
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_generate_parameters_ex.html
@@ -0,0 +1,155 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_generate_parameters_ex, DH_generate_parameters, DH_check, DH_check_params, DH_check_ex, DH_check_params_ex, DH_check_pub_key_ex - generate and check Diffie-Hellman parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
+
+ int DH_check(DH *dh, int *codes);
+ int DH_check_params(DH *dh, int *codes);
+
+ int DH_check_ex(const DH *dh);
+ int DH_check_params_ex(const DH *dh);
+ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DH *DH_generate_parameters(int prime_len, int generator,
+                            void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_generate_parameters_ex() generates Diffie-Hellman parameters that can be shared among a group of users, and stores them in the provided <b>DH</b> structure. The pseudo-random number generator must be seeded before calling it. The parameters generated by DH_generate_parameters_ex() should not be used in signature schemes.</p>
+
+<p><b>prime_len</b> is the length in bits of the safe prime to be generated. <b>generator</b> is a small number &gt; 1, typically 2 or 5.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> while a random prime number is generated, and when a prime has been found, <b>BN_GENCB_call(cb, 3, 0)</b> is called. See <a href="../man3/BN_generate_prime_ex.html">BN_generate_prime_ex(3)</a> for information on the BN_GENCB_call() function.</p>
+
+<p>DH_generate_parameters() is similar to DH_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<p>DH_check_params() confirms that the <b>p</b> and <b>g</b> are likely enough to be valid. This is a lightweight check, if a more thorough check is needed, use DH_check(). The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> has been determined to not being an odd prime. Note that the lack of this bit doesn&#39;t guarantee that <b>p</b> is a prime.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable. Note that the lack of this bit doesn&#39;t guarantee that <b>g</b> is suitable, unless <b>p</b> is known to be a strong prime.</p>
+
+</dd>
+</dl>
+
+<p>DH_check() confirms that the Diffie-Hellman parameters <b>dh</b> are valid. The value of <b>*codes</b> is updated with any problems found. If <b>*codes</b> is zero then no problems were found, otherwise the following bits may be set:</p>
+
+<dl>
+
+<dt id="DH_CHECK_P_NOT_PRIME1">DH_CHECK_P_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_P_NOT_SAFE_PRIME">DH_CHECK_P_NOT_SAFE_PRIME</dt>
+<dd>
+
+<p>The parameter <b>p</b> is not a safe prime and no <b>q</b> value is present.</p>
+
+</dd>
+<dt id="DH_UNABLE_TO_CHECK_GENERATOR">DH_UNABLE_TO_CHECK_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> cannot be checked for suitability.</p>
+
+</dd>
+<dt id="DH_NOT_SUITABLE_GENERATOR1">DH_NOT_SUITABLE_GENERATOR</dt>
+<dd>
+
+<p>The generator <b>g</b> is not suitable.</p>
+
+</dd>
+<dt id="DH_CHECK_Q_NOT_PRIME">DH_CHECK_Q_NOT_PRIME</dt>
+<dd>
+
+<p>The parameter <b>q</b> is not prime.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_Q_VALUE">DH_CHECK_INVALID_Q_VALUE</dt>
+<dd>
+
+<p>The parameter <b>q</b> is invalid.</p>
+
+</dd>
+<dt id="DH_CHECK_INVALID_J_VALUE">DH_CHECK_INVALID_J_VALUE</dt>
+<dd>
+
+<p>The parameter <b>j</b> is invalid.</p>
+
+</dd>
+</dl>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to DH_check() and DH_check_params() respectively, but the error reasons are added to the thread&#39;s error queue instead of provided as return values from the function.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1 if the check could be performed, 0 otherwise.</p>
+
+<p>DH_generate_parameters() returns a pointer to the DH structure or NULL if the parameter generation fails.</p>
+
+<p>DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() return 1 if the check is successful, 0 for failed.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DH_free.html">DH_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use DH_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get0_engine.html b/msys2/usr/share/doc/openssl/html/man3/DH_get0_engine.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get0_engine.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get0_g.html b/msys2/usr/share/doc/openssl/html/man3/DH_get0_g.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get0_g.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get0_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_get0_key.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get0_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get0_p.html b/msys2/usr/share/doc/openssl/html/man3/DH_get0_p.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get0_p.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get0_pqg.html b/msys2/usr/share/doc/openssl/html/man3/DH_get0_pqg.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get0_pqg.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get0_priv_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_get0_priv_key.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get0_priv_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get0_pub_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_get0_pub_key.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get0_pub_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get0_q.html b/msys2/usr/share/doc/openssl/html/man3/DH_get0_q.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get0_q.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get_1024_160.html b/msys2/usr/share/doc/openssl/html/man3/DH_get_1024_160.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get_1024_160.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get_2048_224.html b/msys2/usr/share/doc/openssl/html/man3/DH_get_2048_224.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get_2048_224.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get_2048_256.html b/msys2/usr/share/doc/openssl/html/man3/DH_get_2048_256.html
new file mode 100644
index 000000000..671bec505
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get_2048_256.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get_1024_160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, BN_get0_nist_prime_192, BN_get0_nist_prime_224, BN_get0_nist_prime_256, BN_get0_nist_prime_384, BN_get0_nist_prime_521, BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192 - Create standardized public primes or DH pairs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_get_1024_160(void)
+ DH *DH_get_2048_224(void)
+ DH *DH_get_2048_256(void)
+
+ const BIGNUM *BN_get0_nist_prime_192(void)
+ const BIGNUM *BN_get0_nist_prime_224(void)
+ const BIGNUM *BN_get0_nist_prime_256(void)
+ const BIGNUM *BN_get0_nist_prime_384(void)
+ const BIGNUM *BN_get0_nist_prime_521(void)
+
+ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
+ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn)
+ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_get_1024_160(), DH_get_2048_224(), and DH_get_2048_256() each return a DH object for the IETF RFC 5114 value.</p>
+
+<p>BN_get0_nist_prime_192(), BN_get0_nist_prime_224(), BN_get0_nist_prime_256(), BN_get0_nist_prime_384(), and BN_get0_nist_prime_521() functions return a BIGNUM for the specific NIST prime curve (e.g., P-256).</p>
+
+<p>BN_get_rfc2409_prime_768(), BN_get_rfc2409_prime_1024(), BN_get_rfc3526_prime_1536(), BN_get_rfc3526_prime_2048(), BN_get_rfc3526_prime_3072(), BN_get_rfc3526_prime_4096(), BN_get_rfc3526_prime_6144(), and BN_get_rfc3526_prime_8192() functions return a BIGNUM for the specified size from IETF RFC 2409. If <b>bn</b> is not NULL, the BIGNUM will be set into that location as well.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Defined above.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get_default_method.html b/msys2/usr/share/doc/openssl/html/man3/DH_get_default_method.html
new file mode 100644
index 000000000..8497f0fdb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get_default_method.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_set_default_method, DH_get_default_method, DH_set_method, DH_new_method, DH_OpenSSL - select DH method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_set_default_method(const DH_METHOD *meth);
+
+ const DH_METHOD *DH_get_default_method(void);
+
+ int DH_set_method(DH *dh, const DH_METHOD *meth);
+
+ DH *DH_new_method(ENGINE *engine);
+
+ const DH_METHOD *DH_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DH_METHOD</b> specifies the functions that OpenSSL uses for Diffie-Hellman operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DH API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DH_METHOD is the OpenSSL internal implementation, as returned by DH_OpenSSL().</p>
+
+<p>DH_set_default_method() makes <b>meth</b> the default method for all DH structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DH, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DH_get_default_method() returns a pointer to the current default DH_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DH_set_method() selects <b>meth</b> to perform all operations using the key <b>dh</b>. This will replace the DH_METHOD used by the DH key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DH keys that only work with certain DH_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DH_METHOD for the key can have unexpected results.</p>
+
+<p>DH_new_method() allocates and initializes a DH structure so that <b>engine</b> will be used for the DH operations. If <b>engine</b> is NULL, the default ENGINE for DH operations is used, and if no default ENGINE is set, the DH_METHOD controlled by DH_set_default_method() is used.</p>
+
+<p>A new DH_METHOD object may be constructed using DH_meth_new() (see <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_OpenSSL() and DH_get_default_method() return pointers to the respective <b>DH_METHOD</b>s.</p>
+
+<p>DH_set_default_method() returns no value.</p>
+
+<p>DH_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dh</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DH_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/DH_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/DH_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get_length.html b/msys2/usr/share/doc/openssl/html/man3/DH_get_length.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get_length.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_get_nid.html b/msys2/usr/share/doc/openssl/html/man3/DH_get_nid.html
new file mode 100644
index 000000000..2f5b676ad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_get_nid.html
@@ -0,0 +1,55 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_new_by_nid</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_new_by_nid, DH_get_nid - get or find DH named parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_new_by_nid(int nid);
+ int *DH_get_nid(const DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_new_by_nid() creates and returns a DH structure containing named parameters <b>nid</b>. Currently <b>nid</b> must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b> or <b>NID_ffdhe8192</b>.</p>
+
+<p>DH_get_nid() determines if the parameters contained in <b>dh</b> match any named set. It returns the NID corresponding to the matching parameters or <b>NID_undef</b> if there is no match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_new_by_nid() returns a set of DH parameters or <b>NULL</b> if an error occurred.</p>
+
+<p>DH_get_nid() returns the NID of the matching set of parameters or <b>NID_undef</b> if there is no match.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_dup.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_dup.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_dup.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_free.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_free.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_free.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get0_app_data.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get0_app_data.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get0_app_data.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get0_name.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get0_name.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get0_name.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_bn_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_bn_mod_exp.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_bn_mod_exp.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_compute_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_compute_key.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_compute_key.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_finish.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_finish.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_finish.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_flags.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_flags.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_flags.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_generate_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_generate_key.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_generate_key.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_generate_params.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_generate_params.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_generate_params.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_init.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_init.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_get_init.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_new.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_new.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_new.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set0_app_data.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set0_app_data.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set0_app_data.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set1_name.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set1_name.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set1_name.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_bn_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_bn_mod_exp.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_bn_mod_exp.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_compute_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_compute_key.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_compute_key.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_finish.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_finish.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_finish.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_flags.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_flags.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_generate_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_generate_key.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_generate_key.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_generate_params.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_generate_params.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_generate_params.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_init.html b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_init.html
new file mode 100644
index 000000000..59775b552
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_meth_set_init.html
@@ -0,0 +1,135 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_meth_new, DH_meth_free, DH_meth_dup, DH_meth_get0_name, DH_meth_set1_name, DH_meth_get_flags, DH_meth_set_flags, DH_meth_get0_app_data, DH_meth_set0_app_data, DH_meth_get_generate_key, DH_meth_set_generate_key, DH_meth_get_compute_key, DH_meth_set_compute_key, DH_meth_get_bn_mod_exp, DH_meth_set_bn_mod_exp, DH_meth_get_init, DH_meth_set_init, DH_meth_get_finish, DH_meth_set_finish, DH_meth_get_generate_params, DH_meth_set_generate_params - Routines to build up DH methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH_METHOD *DH_meth_new(const char *name, int flags);
+
+ void DH_meth_free(DH_METHOD *dhm);
+
+ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+
+ const char *DH_meth_get0_name(const DH_METHOD *dhm);
+ int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+
+ int DH_meth_get_flags(const DH_METHOD *dhm);
+ int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+
+ void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+ int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+
+ int (*DH_meth_get_generate_key(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key)(DH *));
+
+ int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+     (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ int DH_meth_set_compute_key(DH_METHOD *dhm,
+     int (*compute_key)(unsigned char *key, const BIGNUM *pub_key, DH *dh));
+
+ int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+     (const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+     int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx));
+
+ int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+
+ int (*DH_meth_get_finish(const DH_METHOD *dhm))(DH *);
+ int DH_meth_set_finish(DH_METHOD *dhm, int (*finish)(DH *));
+
+ int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+     (DH *, int, int, BN_GENCB *);
+ int DH_meth_set_generate_params(DH_METHOD *dhm,
+     int (*generate_params)(DH *, int, int, BN_GENCB *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DH_METHOD</b> type is a structure used for the provision of custom DH implementations. It provides a set of functions used by OpenSSL for the implementation of the various DH capabilities.</p>
+
+<p>DH_meth_new() creates a new <b>DH_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DH_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DH</b> object based on this <b>DH_METHOD</b>. Any new <b>DH</b> object will have those flags set by default.</p>
+
+<p>DH_meth_dup() creates a duplicate copy of the <b>DH_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DH_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DH_meth_free() destroys a <b>DH_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DH_meth_get0_name() will return a pointer to the name of this DH_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DH_meth_set1_name() sets the name of the DH_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DH_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DH_meth_get_flags() returns the current value of the flags associated with this DH_METHOD. DH_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DH_meth_get0_app_data() and DH_meth_set0_app_data() provide the ability to associate implementation specific data with the DH_METHOD. It is the application&#39;s responsibility to free this data before the DH_METHOD is freed via a call to DH_meth_free().</p>
+
+<p>DH_meth_get_generate_key() and DH_meth_set_generate_key() get and set the function used for generating a new DH key pair respectively. This function will be called in response to the application calling DH_generate_key(). The parameter for the function has the same meaning as for DH_generate_key().</p>
+
+<p>DH_meth_get_compute_key() and DH_meth_set_compute_key() get and set the function used for computing a new DH shared secret respectively. This function will be called in response to the application calling DH_compute_key(). The parameters for the function have the same meaning as for DH_compute_key().</p>
+
+<p>DH_meth_get_bn_mod_exp() and DH_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DH_generate_key(). The result is stored in the <b>r</b> parameter. This function may be NULL unless using the default generate key function, in which case it must be present.</p>
+
+<p>DH_meth_get_init() and DH_meth_set_init() get and set the function used for creating a new DH instance respectively. This function will be called in response to the application calling DH_new() (if the current default DH_METHOD is this one) or DH_new_method(). The DH_new() and DH_new_method() functions will allocate the memory for the new DH object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DH_meth_get_finish() and DH_meth_set_finish() get and set the function used for destroying an instance of a DH object respectively. This function will be called in response to the application calling DH_free(). A pointer to the DH to be destroyed is passed as a parameter. The destroy function should be used for DH implementation specific clean up. The memory for the DH itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DH_meth_get_generate_params() and DH_meth_set_generate_params() get and set the function used for generating DH parameters respectively. This function will be called in response to the application calling DH_generate_parameters_ex() (or DH_generate_parameters()). The parameters for the function have the same meaning as for DH_generate_parameters_ex(). This function may be NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_meth_new() and DH_meth_dup() return the newly allocated DH_METHOD object or NULL on failure.</p>
+
+<p>DH_meth_get0_name() and DH_meth_get_flags() return the name and flags associated with the DH_METHOD respectively.</p>
+
+<p>All other DH_meth_get_*() functions return the appropriate function pointer that has been set in the DH_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DH_meth_set1_name() and all DH_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_get0_pqg.html">DH_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_new.html b/msys2/usr/share/doc/openssl/html/man3/DH_new.html
new file mode 100644
index 000000000..631b252a6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_new.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_new, DH_free - allocate and free DH objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH* DH_new(void);
+
+ void DH_free(DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_new() allocates and initializes a <b>DH</b> structure.</p>
+
+<p>DH_free() frees the <b>DH</b> structure and its components. The values are erased before the memory is returned to the system. If <b>dh</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, DH_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>DH_free() returns no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_new_by_nid.html b/msys2/usr/share/doc/openssl/html/man3/DH_new_by_nid.html
new file mode 100644
index 000000000..2f5b676ad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_new_by_nid.html
@@ -0,0 +1,55 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_new_by_nid</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_new_by_nid, DH_get_nid - get or find DH named parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+ DH *DH_new_by_nid(int nid);
+ int *DH_get_nid(const DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_new_by_nid() creates and returns a DH structure containing named parameters <b>nid</b>. Currently <b>nid</b> must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b> or <b>NID_ffdhe8192</b>.</p>
+
+<p>DH_get_nid() determines if the parameters contained in <b>dh</b> match any named set. It returns the NID corresponding to the matching parameters or <b>NID_undef</b> if there is no match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_new_by_nid() returns a set of DH parameters or <b>NULL</b> if an error occurred.</p>
+
+<p>DH_get_nid() returns the NID of the matching set of parameters or <b>NID_undef</b> if there is no match.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_new_method.html b/msys2/usr/share/doc/openssl/html/man3/DH_new_method.html
new file mode 100644
index 000000000..8497f0fdb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_new_method.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_set_default_method, DH_get_default_method, DH_set_method, DH_new_method, DH_OpenSSL - select DH method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_set_default_method(const DH_METHOD *meth);
+
+ const DH_METHOD *DH_get_default_method(void);
+
+ int DH_set_method(DH *dh, const DH_METHOD *meth);
+
+ DH *DH_new_method(ENGINE *engine);
+
+ const DH_METHOD *DH_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DH_METHOD</b> specifies the functions that OpenSSL uses for Diffie-Hellman operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DH API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DH_METHOD is the OpenSSL internal implementation, as returned by DH_OpenSSL().</p>
+
+<p>DH_set_default_method() makes <b>meth</b> the default method for all DH structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DH, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DH_get_default_method() returns a pointer to the current default DH_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DH_set_method() selects <b>meth</b> to perform all operations using the key <b>dh</b>. This will replace the DH_METHOD used by the DH key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DH keys that only work with certain DH_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DH_METHOD for the key can have unexpected results.</p>
+
+<p>DH_new_method() allocates and initializes a DH structure so that <b>engine</b> will be used for the DH operations. If <b>engine</b> is NULL, the default ENGINE for DH operations is used, and if no default ENGINE is set, the DH_METHOD controlled by DH_set_default_method() is used.</p>
+
+<p>A new DH_METHOD object may be constructed using DH_meth_new() (see <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_OpenSSL() and DH_get_default_method() return pointers to the respective <b>DH_METHOD</b>s.</p>
+
+<p>DH_set_default_method() returns no value.</p>
+
+<p>DH_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dh</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DH_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_security_bits.html b/msys2/usr/share/doc/openssl/html/man3/DH_security_bits.html
new file mode 100644
index 000000000..9ec2db8f2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_security_bits.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_size, DH_bits, DH_security_bits - get Diffie-Hellman prime size and security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_size(const DH *dh);
+
+ int DH_bits(const DH *dh);
+
+ int DH_security_bits(const DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_size() returns the Diffie-Hellman prime size in bytes. It can be used to determine how much memory must be allocated for the shared secret computed by <a href="../man3/DH_compute_key.html">DH_compute_key(3)</a>.</p>
+
+<p>DH_bits() returns the number of significant bits.</p>
+
+<p><b>dh</b> and <b>dh-&gt;p</b> must not be <b>NULL</b>.</p>
+
+<p>DH_security_bits() returns the number of security bits of the given <b>dh</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_size() returns the prime size of Diffie-Hellman in bytes.</p>
+
+<p>DH_bits() returns the number of bits in the key.</p>
+
+<p>DH_security_bits() returns the number of security bits.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/BN_num_bits.html">BN_num_bits(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The DH_bits() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_set0_key.html b/msys2/usr/share/doc/openssl/html/man3/DH_set0_key.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_set0_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_set0_pqg.html b/msys2/usr/share/doc/openssl/html/man3/DH_set0_pqg.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_set0_pqg.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_set_default_method.html b/msys2/usr/share/doc/openssl/html/man3/DH_set_default_method.html
new file mode 100644
index 000000000..8497f0fdb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_set_default_method.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_set_default_method, DH_get_default_method, DH_set_method, DH_new_method, DH_OpenSSL - select DH method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_set_default_method(const DH_METHOD *meth);
+
+ const DH_METHOD *DH_get_default_method(void);
+
+ int DH_set_method(DH *dh, const DH_METHOD *meth);
+
+ DH *DH_new_method(ENGINE *engine);
+
+ const DH_METHOD *DH_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DH_METHOD</b> specifies the functions that OpenSSL uses for Diffie-Hellman operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DH API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DH_METHOD is the OpenSSL internal implementation, as returned by DH_OpenSSL().</p>
+
+<p>DH_set_default_method() makes <b>meth</b> the default method for all DH structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DH, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DH_get_default_method() returns a pointer to the current default DH_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DH_set_method() selects <b>meth</b> to perform all operations using the key <b>dh</b>. This will replace the DH_METHOD used by the DH key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DH keys that only work with certain DH_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DH_METHOD for the key can have unexpected results.</p>
+
+<p>DH_new_method() allocates and initializes a DH structure so that <b>engine</b> will be used for the DH operations. If <b>engine</b> is NULL, the default ENGINE for DH operations is used, and if no default ENGINE is set, the DH_METHOD controlled by DH_set_default_method() is used.</p>
+
+<p>A new DH_METHOD object may be constructed using DH_meth_new() (see <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_OpenSSL() and DH_get_default_method() return pointers to the respective <b>DH_METHOD</b>s.</p>
+
+<p>DH_set_default_method() returns no value.</p>
+
+<p>DH_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dh</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DH_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/DH_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/DH_set_flags.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_set_flags.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_set_length.html b/msys2/usr/share/doc/openssl/html/man3/DH_set_length.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_set_length.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_set_method.html b/msys2/usr/share/doc/openssl/html/man3/DH_set_method.html
new file mode 100644
index 000000000..8497f0fdb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_set_method.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_set_default_method, DH_get_default_method, DH_set_method, DH_new_method, DH_OpenSSL - select DH method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_set_default_method(const DH_METHOD *meth);
+
+ const DH_METHOD *DH_get_default_method(void);
+
+ int DH_set_method(DH *dh, const DH_METHOD *meth);
+
+ DH *DH_new_method(ENGINE *engine);
+
+ const DH_METHOD *DH_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DH_METHOD</b> specifies the functions that OpenSSL uses for Diffie-Hellman operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DH API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DH_METHOD is the OpenSSL internal implementation, as returned by DH_OpenSSL().</p>
+
+<p>DH_set_default_method() makes <b>meth</b> the default method for all DH structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DH, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DH_get_default_method() returns a pointer to the current default DH_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DH_set_method() selects <b>meth</b> to perform all operations using the key <b>dh</b>. This will replace the DH_METHOD used by the DH key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DH keys that only work with certain DH_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DH_METHOD for the key can have unexpected results.</p>
+
+<p>DH_new_method() allocates and initializes a DH structure so that <b>engine</b> will be used for the DH operations. If <b>engine</b> is NULL, the default ENGINE for DH operations is used, and if no default ENGINE is set, the DH_METHOD controlled by DH_set_default_method() is used.</p>
+
+<p>A new DH_METHOD object may be constructed using DH_meth_new() (see <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_OpenSSL() and DH_get_default_method() return pointers to the respective <b>DH_METHOD</b>s.</p>
+
+<p>DH_set_default_method() returns no value.</p>
+
+<p>DH_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dh</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DH_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_size.html b/msys2/usr/share/doc/openssl/html/man3/DH_size.html
new file mode 100644
index 000000000..9ec2db8f2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_size.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_size, DH_bits, DH_security_bits - get Diffie-Hellman prime size and security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ int DH_size(const DH *dh);
+
+ int DH_bits(const DH *dh);
+
+ int DH_security_bits(const DH *dh);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DH_size() returns the Diffie-Hellman prime size in bytes. It can be used to determine how much memory must be allocated for the shared secret computed by <a href="../man3/DH_compute_key.html">DH_compute_key(3)</a>.</p>
+
+<p>DH_bits() returns the number of significant bits.</p>
+
+<p><b>dh</b> and <b>dh-&gt;p</b> must not be <b>NULL</b>.</p>
+
+<p>DH_security_bits() returns the number of security bits of the given <b>dh</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_size() returns the prime size of Diffie-Hellman in bytes.</p>
+
+<p>DH_bits() returns the number of bits in the key.</p>
+
+<p>DH_security_bits() returns the number of security bits.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/BN_num_bits.html">BN_num_bits(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The DH_bits() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DH_test_flags.html b/msys2/usr/share/doc/openssl/html/man3/DH_test_flags.html
new file mode 100644
index 000000000..1998926b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DH_test_flags.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DH_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_get0_p, DH_get0_q, DH_get0_g, DH_get0_priv_key, DH_get0_pub_key, DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length, DH_set_length - Routines for getting and setting data in a DH object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ void DH_get0_pqg(const DH *dh,
+                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DH_get0_key(const DH *dh,
+                  const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
+ void DH_clear_flags(DH *dh, int flags);
+ int DH_test_flags(const DH *dh, int flags);
+ void DH_set_flags(DH *dh, int flags);
+ ENGINE *DH_get0_engine(DH *d);
+ long DH_get_length(const DH *dh);
+ int DH_set_length(DH *dh, long length);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DH object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. Note that the <b>q</b> parameter is optional. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DH_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly. Any of the out parameters <b>p</b>, <b>q</b>, and <b>g</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DH_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DH object, and therefore the values that have been passed in should not be freed directly after this function has been called. The <b>q</b> parameter may be NULL.</p>
+
+<p>To get the public and private key values use the DH_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly. Any of the out parameters <b>pub_key</b> and <b>priv_key</b> can be NULL, in which case no value will be returned for that parameter.</p>
+
+<p>The public and private key values can be set using DH_set0_key(). Either parameter may be NULL, which means the corresponding DH field is left untouched. As with DH_set0_pqg() this function transfers the memory management of the key values to the DH object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.</p>
+
+<p>DH_set_flags() sets the flags in the <b>flags</b> parameter on the DH object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DH_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DH object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DH_clear_flags() clears the specified flags within the DH object.</p>
+
+<p>DH_get0_engine() returns a handle to the ENGINE that has been set for this DH object, or NULL if no such ENGINE has been set.</p>
+
+<p>The DH_get_length() and DH_set_length() functions get and set the optional length parameter associated with this DH object. If the length is non-zero then it is used, otherwise it is ignored. The <b>length</b> parameter indicates the length of the secret exponent (private key) in bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DH_get0_key() are owned by the DH object used in the call and may therefore <i>not</i> be passed to DH_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key() return the respective value, or NULL if it is unset.</p>
+
+<p>DH_test_flags() returns the current state of the flags in the DH object.</p>
+
+<p>DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE has been set.</p>
+
+<p>DH_get_length() returns the length of the secret exponent (private key) in bits, or zero if no such length has been explicitly set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DH_generate_parameters.html">DH_generate_parameters(3)</a>, <a href="../man3/DH_generate_key.html">DH_generate_key(3)</a>, <a href="../man3/DH_set_method.html">DH_set_method(3)</a>, <a href="../man3/DH_size.html">DH_size(3)</a>, <a href="../man3/DH_meth_new.html">DH_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DHparams_print.html b/msys2/usr/share/doc/openssl/html/man3/DHparams_print.html
new file mode 100644
index 000000000..e18800060
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DHparams_print.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_print, RSA_print_fp, DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A human-readable hexadecimal output of the components of the RSA key, DSA parameters or key or DH parameters is printed to <b>bp</b> or <b>fp</b>.</p>
+
+<p>The output lines are indented by <b>offset</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 on success, 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DHparams_print_fp.html b/msys2/usr/share/doc/openssl/html/man3/DHparams_print_fp.html
new file mode 100644
index 000000000..e18800060
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DHparams_print_fp.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_print, RSA_print_fp, DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A human-readable hexadecimal output of the components of the RSA key, DSA parameters or key or DH parameters is printed to <b>bp</b> or <b>fp</b>.</p>
+
+<p>The output lines are indented by <b>offset</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 on success, 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DIRECTORYSTRING_free.html b/msys2/usr/share/doc/openssl/html/man3/DIRECTORYSTRING_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DIRECTORYSTRING_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DIRECTORYSTRING_new.html b/msys2/usr/share/doc/openssl/html/man3/DIRECTORYSTRING_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DIRECTORYSTRING_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DISPLAYTEXT_free.html b/msys2/usr/share/doc/openssl/html/man3/DISPLAYTEXT_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DISPLAYTEXT_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DISPLAYTEXT_new.html b/msys2/usr/share/doc/openssl/html/man3/DISPLAYTEXT_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DISPLAYTEXT_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_NAME_free.html b/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_NAME_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_NAME_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_NAME_new.html b/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_NAME_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_NAME_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_free.html b/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_new.html b/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DIST_POINT_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_OpenSSL.html b/msys2/usr/share/doc/openssl/html/man3/DSA_OpenSSL.html
new file mode 100644
index 000000000..2b3e64a03
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_OpenSSL.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_set_default_method, DSA_get_default_method, DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_set_default_method(const DSA_METHOD *meth);
+
+ const DSA_METHOD *DSA_get_default_method(void);
+
+ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
+
+ DSA *DSA_new_method(ENGINE *engine);
+
+ DSA_METHOD *DSA_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DSA_METHOD</b> specifies the functions that OpenSSL uses for DSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DSA_METHOD is the OpenSSL internal implementation, as returned by DSA_OpenSSL().</p>
+
+<p>DSA_set_default_method() makes <b>meth</b> the default method for all DSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DSA_get_default_method() returns a pointer to the current default DSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the DSA_METHOD used by the DSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DSA keys that only work with certain DSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DSA_METHOD for the key can have unexpected results. See <a href="/../man3/DSA_meth_new.html">DSA_meth_new</a> for information on constructing custom DSA_METHOD objects;</p>
+
+<p>DSA_new_method() allocates and initializes a DSA structure so that <b>engine</b> will be used for the DSA operations. If <b>engine</b> is NULL, the default engine for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD controlled by DSA_set_default_method() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective <b>DSA_METHOD</b>s.</p>
+
+<p>DSA_set_default_method() returns no value.</p>
+
+<p>DSA_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dsa</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_free.html b/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_free.html
new file mode 100644
index 000000000..5a2ae95f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_free.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_SIG_get0, DSA_SIG_set0, DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_SIG *DSA_SIG_new(void);
+ void DSA_SIG_free(DSA_SIG *a);
+ void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_SIG_new() allocates an empty <b>DSA_SIG</b> structure.</p>
+
+<p>DSA_SIG_free() frees the <b>DSA_SIG</b> structure and its components. The values are erased before the memory is returned to the system.</p>
+
+<p>DSA_SIG_get0() returns internal pointers to the <b>r</b> and <b>s</b> values contained in <b>sig</b>.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling DSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, DSA_SIG_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>DSA_SIG_free() returns no value.</p>
+
+<p>DSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_get0.html b/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_get0.html
new file mode 100644
index 000000000..5a2ae95f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_get0.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_SIG_get0, DSA_SIG_set0, DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_SIG *DSA_SIG_new(void);
+ void DSA_SIG_free(DSA_SIG *a);
+ void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_SIG_new() allocates an empty <b>DSA_SIG</b> structure.</p>
+
+<p>DSA_SIG_free() frees the <b>DSA_SIG</b> structure and its components. The values are erased before the memory is returned to the system.</p>
+
+<p>DSA_SIG_get0() returns internal pointers to the <b>r</b> and <b>s</b> values contained in <b>sig</b>.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling DSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, DSA_SIG_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>DSA_SIG_free() returns no value.</p>
+
+<p>DSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_new.html b/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_new.html
new file mode 100644
index 000000000..5a2ae95f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_new.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_SIG_get0, DSA_SIG_set0, DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_SIG *DSA_SIG_new(void);
+ void DSA_SIG_free(DSA_SIG *a);
+ void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_SIG_new() allocates an empty <b>DSA_SIG</b> structure.</p>
+
+<p>DSA_SIG_free() frees the <b>DSA_SIG</b> structure and its components. The values are erased before the memory is returned to the system.</p>
+
+<p>DSA_SIG_get0() returns internal pointers to the <b>r</b> and <b>s</b> values contained in <b>sig</b>.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling DSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, DSA_SIG_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>DSA_SIG_free() returns no value.</p>
+
+<p>DSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_set0.html b/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_set0.html
new file mode 100644
index 000000000..5a2ae95f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_SIG_set0.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_SIG_get0, DSA_SIG_set0, DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_SIG *DSA_SIG_new(void);
+ void DSA_SIG_free(DSA_SIG *a);
+ void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_SIG_new() allocates an empty <b>DSA_SIG</b> structure.</p>
+
+<p>DSA_SIG_free() frees the <b>DSA_SIG</b> structure and its components. The values are erased before the memory is returned to the system.</p>
+
+<p>DSA_SIG_get0() returns internal pointers to the <b>r</b> and <b>s</b> values contained in <b>sig</b>.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling DSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, DSA_SIG_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>DSA_SIG_free() returns no value.</p>
+
+<p>DSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_bits.html b/msys2/usr/share/doc/openssl/html/man3/DSA_bits.html
new file mode 100644
index 000000000..fe8d686bf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_bits.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_size, DSA_bits, DSA_security_bits - get DSA signature size, key bits or security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_size(const DSA *dsa);
+ int DSA_bits(const DSA *dsa);
+ int DSA_security_bits(const DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_size() returns the maximum size of an ASN.1 encoded DSA signature for key <b>dsa</b> in bytes. It can be used to determine how much memory must be allocated for a DSA signature.</p>
+
+<p><b>dsa-&gt;q</b> must not be <b>NULL</b>.</p>
+
+<p>DSA_bits() returns the number of bits in key <b>dsa</b>: this is the number of bits in the <b>p</b> parameter.</p>
+
+<p>DSA_security_bits() returns the number of security bits of the given <b>dsa</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_size() returns the signature size in bytes.</p>
+
+<p>DSA_bits() returns the number of bits in the key.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/DSA_clear_flags.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_clear_flags.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_do_sign.html b/msys2/usr/share/doc/openssl/html/man3/DSA_do_sign.html
new file mode 100644
index 000000000..ef39bb8f3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_do_sign.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_do_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_do_sign, DSA_do_verify - raw DSA signature operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+
+ int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+                   DSA_SIG *sig, DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_do_sign() computes a digital signature on the <b>len</b> byte message digest <b>dgst</b> using the private key <b>dsa</b> and returns it in a newly allocated <b>DSA_SIG</b> structure.</p>
+
+<p><a href="../man3/DSA_sign_setup.html">DSA_sign_setup(3)</a> may be used to precompute part of the signing operation in case signature generation is time-critical.</p>
+
+<p>DSA_do_verify() verifies that the signature <b>sig</b> matches a given message digest <b>dgst</b> of size <b>len</b>. <b>dsa</b> is the signer&#39;s public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_do_sign() returns the signature, NULL on error. DSA_do_verify() returns 1 for a valid signature, 0 for an incorrect signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_do_verify.html b/msys2/usr/share/doc/openssl/html/man3/DSA_do_verify.html
new file mode 100644
index 000000000..ef39bb8f3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_do_verify.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_do_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_do_sign, DSA_do_verify - raw DSA signature operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+
+ int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+                   DSA_SIG *sig, DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_do_sign() computes a digital signature on the <b>len</b> byte message digest <b>dgst</b> using the private key <b>dsa</b> and returns it in a newly allocated <b>DSA_SIG</b> structure.</p>
+
+<p><a href="../man3/DSA_sign_setup.html">DSA_sign_setup(3)</a> may be used to precompute part of the signing operation in case signature generation is time-critical.</p>
+
+<p>DSA_do_verify() verifies that the signature <b>sig</b> matches a given message digest <b>dgst</b> of size <b>len</b>. <b>dsa</b> is the signer&#39;s public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_do_sign() returns the signature, NULL on error. DSA_do_verify() returns 1 for a valid signature, 0 for an incorrect signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_dup_DH.html b/msys2/usr/share/doc/openssl/html/man3/DSA_dup_DH.html
new file mode 100644
index 000000000..bd7e38977
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_dup_DH.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_dup_DH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_dup_DH - create a DH structure out of DSA structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DH *DSA_dup_DH(const DSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q is lost during that conversion, but the resulting DH parameters contain its length.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_dup_DH() returns the new <b>DH</b> structure, and NULL on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Be careful to avoid small subgroup attacks when using this.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_free.html b/msys2/usr/share/doc/openssl/html/man3/DSA_free.html
new file mode 100644
index 000000000..96ba47003
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_free.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_new, DSA_free - allocate and free DSA objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA* DSA_new(void);
+
+ void DSA_free(DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_new() allocates and initializes a <b>DSA</b> structure. It is equivalent to calling DSA_new_method(NULL).</p>
+
+<p>DSA_free() frees the <b>DSA</b> structure and its components. The values are erased before the memory is returned to the system. If <b>dsa</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, DSA_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>DSA_free() returns no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_generate_key.html b/msys2/usr/share/doc/openssl/html/man3/DSA_generate_key.html
new file mode 100644
index 000000000..6a4a33831
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_generate_key.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_generate_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_generate_key - generate DSA key pair</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_generate_key(DSA *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_generate_key() expects <b>a</b> to contain DSA parameters. It generates a new key pair and stores it in <b>a-&gt;pub_key</b> and <b>a-&gt;priv_key</b>.</p>
+
+<p>The PRNG must be seeded prior to calling DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_generate_key() returns 1 on success, 0 otherwise. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DSA_generate_parameters_ex.html">DSA_generate_parameters_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_generate_parameters.html b/msys2/usr/share/doc/openssl/html/man3/DSA_generate_parameters.html
new file mode 100644
index 000000000..5090b8a77
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_generate_parameters.html
@@ -0,0 +1,114 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_generate_parameters_ex(DSA *dsa, int bits,
+                                const unsigned char *seed, int seed_len,
+                                int *counter_ret, unsigned long *h_ret,
+                                BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DSA *DSA_generate_parameters(int bits, unsigned char *seed, int seed_len,
+                              int *counter_ret, unsigned long *h_ret,
+                              void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_generate_parameters_ex() generates primes p and q and a generator g for use in the DSA and stores the result in <b>dsa</b>.</p>
+
+<p><b>bits</b> is the length of the prime p to be generated. For lengths under 2048 bits, the length of q is 160 bits; for lengths greater than or equal to 2048 bits, the length of q is set to 256 bits.</p>
+
+<p>If <b>seed</b> is NULL, the primes will be generated at random. If <b>seed_len</b> is less than the length of q, an error is returned.</p>
+
+<p>DSA_generate_parameters_ex() places the iteration count in *<b>counter_ret</b> and a counter used for finding a generator in *<b>h_ret</b>, unless these are <b>NULL</b>.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as shown below. For information on the BN_GENCB structure and the BN_GENCB_call function discussed below, refer to <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a>.</p>
+
+<p>DSA_generate_prime() is similar to DSA_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<ul>
+
+<li><p>When a candidate for q is generated, <b>BN_GENCB_call(cb, 0, m++)</b> is called (m is 0 for the first candidate).</p>
+
+</li>
+<li><p>When a candidate for q has passed a test by trial division, <b>BN_GENCB_call(cb, 1, -1)</b> is called. While a candidate for q is tested by Miller-Rabin primality tests, <b>BN_GENCB_call(cb, 1, i)</b> is called in the outer loop (once for each witness that confirms that the candidate may be prime); i is the loop counter (starting at 0).</p>
+
+</li>
+<li><p>When a prime q has been found, <b>BN_GENCB_call(cb, 2, 0)</b> and <b>BN_GENCB_call(cb, 3, 0)</b> are called.</p>
+
+</li>
+<li><p>Before a candidate for p (other than the first) is generated and tested, <b>BN_GENCB_call(cb, 0, counter)</b> is called.</p>
+
+</li>
+<li><p>When a candidate for p has passed the test by trial division, <b>BN_GENCB_call(cb, 1, -1)</b> is called. While it is tested by the Miller-Rabin primality test, <b>BN_GENCB_call(cb, 1, i)</b> is called in the outer loop (once for each witness that confirms that the candidate may be prime). i is the loop counter (starting at 0).</p>
+
+</li>
+<li><p>When p has been found, <b>BN_GENCB_call(cb, 2, 1)</b> is called.</p>
+
+</li>
+<li><p>When the generator has been found, <b>BN_GENCB_call(cb, 3, 1)</b> is called.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_generate_parameters_ex() returns a 1 on success, or 0 otherwise. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>DSA_generate_parameters() returns a pointer to the DSA structure or <b>NULL</b> if the parameter generation fails.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Seed lengths greater than 20 are not supported.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DSA_free.html">DSA_free(3)</a>, <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DSA_generate_parameters() was deprecated in OpenSSL 0.9.8; use DSA_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_generate_parameters_ex.html b/msys2/usr/share/doc/openssl/html/man3/DSA_generate_parameters_ex.html
new file mode 100644
index 000000000..5090b8a77
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_generate_parameters_ex.html
@@ -0,0 +1,114 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_generate_parameters</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_generate_parameters_ex(DSA *dsa, int bits,
+                                const unsigned char *seed, int seed_len,
+                                int *counter_ret, unsigned long *h_ret,
+                                BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ DSA *DSA_generate_parameters(int bits, unsigned char *seed, int seed_len,
+                              int *counter_ret, unsigned long *h_ret,
+                              void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_generate_parameters_ex() generates primes p and q and a generator g for use in the DSA and stores the result in <b>dsa</b>.</p>
+
+<p><b>bits</b> is the length of the prime p to be generated. For lengths under 2048 bits, the length of q is 160 bits; for lengths greater than or equal to 2048 bits, the length of q is set to 256 bits.</p>
+
+<p>If <b>seed</b> is NULL, the primes will be generated at random. If <b>seed_len</b> is less than the length of q, an error is returned.</p>
+
+<p>DSA_generate_parameters_ex() places the iteration count in *<b>counter_ret</b> and a counter used for finding a generator in *<b>h_ret</b>, unless these are <b>NULL</b>.</p>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as shown below. For information on the BN_GENCB structure and the BN_GENCB_call function discussed below, refer to <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a>.</p>
+
+<p>DSA_generate_prime() is similar to DSA_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<ul>
+
+<li><p>When a candidate for q is generated, <b>BN_GENCB_call(cb, 0, m++)</b> is called (m is 0 for the first candidate).</p>
+
+</li>
+<li><p>When a candidate for q has passed a test by trial division, <b>BN_GENCB_call(cb, 1, -1)</b> is called. While a candidate for q is tested by Miller-Rabin primality tests, <b>BN_GENCB_call(cb, 1, i)</b> is called in the outer loop (once for each witness that confirms that the candidate may be prime); i is the loop counter (starting at 0).</p>
+
+</li>
+<li><p>When a prime q has been found, <b>BN_GENCB_call(cb, 2, 0)</b> and <b>BN_GENCB_call(cb, 3, 0)</b> are called.</p>
+
+</li>
+<li><p>Before a candidate for p (other than the first) is generated and tested, <b>BN_GENCB_call(cb, 0, counter)</b> is called.</p>
+
+</li>
+<li><p>When a candidate for p has passed the test by trial division, <b>BN_GENCB_call(cb, 1, -1)</b> is called. While it is tested by the Miller-Rabin primality test, <b>BN_GENCB_call(cb, 1, i)</b> is called in the outer loop (once for each witness that confirms that the candidate may be prime). i is the loop counter (starting at 0).</p>
+
+</li>
+<li><p>When p has been found, <b>BN_GENCB_call(cb, 2, 1)</b> is called.</p>
+
+</li>
+<li><p>When the generator has been found, <b>BN_GENCB_call(cb, 3, 1)</b> is called.</p>
+
+</li>
+</ul>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_generate_parameters_ex() returns a 1 on success, or 0 otherwise. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>DSA_generate_parameters() returns a pointer to the DSA structure or <b>NULL</b> if the parameter generation fails.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Seed lengths greater than 20 are not supported.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DSA_free.html">DSA_free(3)</a>, <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>DSA_generate_parameters() was deprecated in OpenSSL 0.9.8; use DSA_generate_parameters_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get0_engine.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_engine.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_engine.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get0_g.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_g.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_g.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get0_key.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_key.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_key.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get0_p.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_p.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_p.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get0_pqg.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_pqg.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_pqg.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get0_priv_key.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_priv_key.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_priv_key.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get0_pub_key.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_pub_key.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_pub_key.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get0_q.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_q.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get0_q.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get_default_method.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get_default_method.html
new file mode 100644
index 000000000..2b3e64a03
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get_default_method.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_set_default_method, DSA_get_default_method, DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_set_default_method(const DSA_METHOD *meth);
+
+ const DSA_METHOD *DSA_get_default_method(void);
+
+ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
+
+ DSA *DSA_new_method(ENGINE *engine);
+
+ DSA_METHOD *DSA_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DSA_METHOD</b> specifies the functions that OpenSSL uses for DSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DSA_METHOD is the OpenSSL internal implementation, as returned by DSA_OpenSSL().</p>
+
+<p>DSA_set_default_method() makes <b>meth</b> the default method for all DSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DSA_get_default_method() returns a pointer to the current default DSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the DSA_METHOD used by the DSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DSA keys that only work with certain DSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DSA_METHOD for the key can have unexpected results. See <a href="/../man3/DSA_meth_new.html">DSA_meth_new</a> for information on constructing custom DSA_METHOD objects;</p>
+
+<p>DSA_new_method() allocates and initializes a DSA structure so that <b>engine</b> will be used for the DSA operations. If <b>engine</b> is NULL, the default engine for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD controlled by DSA_set_default_method() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective <b>DSA_METHOD</b>s.</p>
+
+<p>DSA_set_default_method() returns no value.</p>
+
+<p>DSA_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dsa</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/DSA_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_dup.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_dup.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_dup.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_free.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_free.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_free.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get0_app_data.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get0_app_data.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get0_app_data.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get0_name.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get0_name.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get0_name.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_bn_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_bn_mod_exp.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_bn_mod_exp.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_finish.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_finish.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_finish.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_flags.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_flags.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_flags.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_init.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_init.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_init.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_keygen.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_keygen.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_keygen.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_mod_exp.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_mod_exp.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_paramgen.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_paramgen.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_paramgen.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_sign.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_sign.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_sign.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_sign_setup.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_sign_setup.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_sign_setup.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_verify.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_verify.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_get_verify.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_new.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_new.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_new.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set0_app_data.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set0_app_data.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set0_app_data.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set1_name.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set1_name.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set1_name.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_bn_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_bn_mod_exp.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_bn_mod_exp.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_finish.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_finish.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_finish.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_flags.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_flags.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_init.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_init.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_init.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_keygen.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_keygen.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_keygen.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_mod_exp.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_mod_exp.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_paramgen.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_paramgen.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_paramgen.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_sign.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_sign.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_sign.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_sign_setup.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_sign_setup.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_sign_setup.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_verify.html b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_verify.html
new file mode 100644
index 000000000..80da8b89b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_meth_set_verify.html
@@ -0,0 +1,171 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_meth_new, DSA_meth_free, DSA_meth_dup, DSA_meth_get0_name, DSA_meth_set1_name, DSA_meth_get_flags, DSA_meth_set_flags, DSA_meth_get0_app_data, DSA_meth_set0_app_data, DSA_meth_get_sign, DSA_meth_set_sign, DSA_meth_get_sign_setup, DSA_meth_set_sign_setup, DSA_meth_get_verify, DSA_meth_set_verify, DSA_meth_get_mod_exp, DSA_meth_set_mod_exp, DSA_meth_get_bn_mod_exp, DSA_meth_set_bn_mod_exp, DSA_meth_get_init, DSA_meth_set_init, DSA_meth_get_finish, DSA_meth_set_finish, DSA_meth_get_paramgen, DSA_meth_set_paramgen, DSA_meth_get_keygen, DSA_meth_set_keygen - Routines to build up DSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA_METHOD *DSA_meth_new(const char *name, int flags);
+
+ void DSA_meth_free(DSA_METHOD *dsam);
+
+ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth);
+
+ const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name);
+
+ int DSA_meth_get_flags(const DSA_METHOD *dsam);
+ int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+
+ void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+ int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data);
+
+ DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))(const unsigned char *,
+                                                       int, DSA *);
+ int DSA_meth_set_sign(DSA_METHOD *dsam, DSA_SIG *(*sign)(const unsigned char *,
+                                                          int, DSA *));
+
+ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))(DSA *, BN_CTX *,$
+                                                        BIGNUM **, BIGNUM **);
+ int DSA_meth_set_sign_setup(DSA_METHOD *dsam, int (*sign_setup)(DSA *, BN_CTX *,
+                                                                 BIGNUM **, BIGNUM **));
+
+ int (*DSA_meth_get_verify(const DSA_METHOD *dsam))(const unsigned char *,
+                                                    int, DSA_SIG *, DSA *);
+ int DSA_meth_set_verify(DSA_METHOD *dsam, int (*verify)(const unsigned char *,
+                                                         int, DSA_SIG *, DSA *));
+
+ int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                                     BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                                     BIGNUM *m, BN_CTX *ctx,
+                                                     BN_MONT_CTX *in_mont);
+ int DSA_meth_set_mod_exp(DSA_METHOD *dsam, int (*mod_exp)(DSA *dsa, BIGNUM *rr,
+                                                           BIGNUM *a1, BIGNUM *p1,
+                                                           BIGNUM *a2, BIGNUM *p2,
+                                                           BIGNUM *m, BN_CTX *ctx,
+                                                           BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *mont);
+ int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam, int (*bn_mod_exp)(DSA *dsa,
+                                                                 BIGNUM *r,
+                                                                 BIGNUM *a,
+                                                                 const BIGNUM *p,
+                                                                 const BIGNUM *m,
+                                                                 BN_CTX *ctx,
+                                                                 BN_MONT_CTX *mont));
+
+ int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *));
+
+ int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish)(DSA *));
+
+ int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))(DSA *, int,
+                                                      const unsigned char *,
+                                                      int, int *, unsigned long *,
+                                                      BN_GENCB *);
+ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+                           int (*paramgen)(DSA *, int, const unsigned char *,
+                                           int, int *, unsigned long *, BN_GENCB *));
+
+ int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen)(DSA *));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>DSA_METHOD</b> type is a structure used for the provision of custom DSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various DSA capabilities. See the <a href="/../man1/dsa.html">dsa</a> page for more information.</p>
+
+<p>DSA_meth_new() creates a new <b>DSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>DSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>DSA</b> object based on this <b>DSA_METHOD</b>. Any new <b>DSA</b> object will have those flags set by default.</p>
+
+<p>DSA_meth_dup() creates a duplicate copy of the <b>DSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>DSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>DSA_meth_free() destroys a <b>DSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>DSA_meth_get0_name() will return a pointer to the name of this DSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. DSA_meth_set1_name() sets the name of the DSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the DSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>DSA_meth_get_flags() returns the current value of the flags associated with this DSA_METHOD. DSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions DSA_meth_get0_app_data() and DSA_meth_set0_app_data() provide the ability to associate implementation specific data with the DSA_METHOD. It is the application&#39;s responsibility to free this data before the DSA_METHOD is freed via a call to DSA_meth_free().</p>
+
+<p>DSA_meth_get_sign() and DSA_meth_set_sign() get and set the function used for creating a DSA signature respectively. This function will be called in response to the application calling DSA_do_sign() (or DSA_sign()). The parameters for the function have the same meaning as for DSA_do_sign().</p>
+
+<p>DSA_meth_get_sign_setup() and DSA_meth_set_sign_setup() get and set the function used for precalculating the DSA signature values <b>k^-1</b> and <b>r</b>. This function will be called in response to the application calling DSA_sign_setup(). The parameters for the function have the same meaning as for DSA_sign_setup().</p>
+
+<p>DSA_meth_get_verify() and DSA_meth_set_verify() get and set the function used for verifying a DSA signature respectively. This function will be called in response to the application calling DSA_do_verify() (or DSA_verify()). The parameters for the function have the same meaning as for DSA_do_verify().</p>
+
+<p>DSA_meth_get_mod_exp() and DSA_meth_set_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> rr = a1^p1 * a2^p2 mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL method during verification of a DSA signature. The result is stored in the <b>rr</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_bn_mod_exp() and DSA_meth_set_bn_mod_exp() get and set the function used for computing the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>This function will be called by the default OpenSSL function for DSA_sign_setup(). The result is stored in the <b>r</b> parameter. This function may be NULL.</p>
+
+<p>DSA_meth_get_init() and DSA_meth_set_init() get and set the function used for creating a new DSA instance respectively. This function will be called in response to the application calling DSA_new() (if the current default DSA_METHOD is this one) or DSA_new_method(). The DSA_new() and DSA_new_method() functions will allocate the memory for the new DSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>DSA_meth_get_finish() and DSA_meth_set_finish() get and set the function used for destroying an instance of a DSA object respectively. This function will be called in response to the application calling DSA_free(). A pointer to the DSA to be destroyed is passed as a parameter. The destroy function should be used for DSA implementation specific clean up. The memory for the DSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>DSA_meth_get_paramgen() and DSA_meth_set_paramgen() get and set the function used for generating DSA parameters respectively. This function will be called in response to the application calling DSA_generate_parameters_ex() (or DSA_generate_parameters()). The parameters for the function have the same meaning as for DSA_generate_parameters_ex().</p>
+
+<p>DSA_meth_get_keygen() and DSA_meth_set_keygen() get and set the function used for generating a new DSA key pair respectively. This function will be called in response to the application calling DSA_generate_key(). The parameter for the function has the same meaning as for DSA_generate_key().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_meth_new() and DSA_meth_dup() return the newly allocated DSA_METHOD object or NULL on failure.</p>
+
+<p>DSA_meth_get0_name() and DSA_meth_get_flags() return the name and flags associated with the DSA_METHOD respectively.</p>
+
+<p>All other DSA_meth_get_*() functions return the appropriate function pointer that has been set in the DSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>DSA_meth_set1_name() and all DSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_get0_pqg.html">DSA_get0_pqg(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_new.html b/msys2/usr/share/doc/openssl/html/man3/DSA_new.html
new file mode 100644
index 000000000..96ba47003
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_new.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_new, DSA_free - allocate and free DSA objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ DSA* DSA_new(void);
+
+ void DSA_free(DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_new() allocates and initializes a <b>DSA</b> structure. It is equivalent to calling DSA_new_method(NULL).</p>
+
+<p>DSA_free() frees the <b>DSA</b> structure and its components. The values are erased before the memory is returned to the system. If <b>dsa</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, DSA_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>DSA_free() returns no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_new_method.html b/msys2/usr/share/doc/openssl/html/man3/DSA_new_method.html
new file mode 100644
index 000000000..2b3e64a03
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_new_method.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_set_default_method, DSA_get_default_method, DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_set_default_method(const DSA_METHOD *meth);
+
+ const DSA_METHOD *DSA_get_default_method(void);
+
+ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
+
+ DSA *DSA_new_method(ENGINE *engine);
+
+ DSA_METHOD *DSA_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DSA_METHOD</b> specifies the functions that OpenSSL uses for DSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DSA_METHOD is the OpenSSL internal implementation, as returned by DSA_OpenSSL().</p>
+
+<p>DSA_set_default_method() makes <b>meth</b> the default method for all DSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DSA_get_default_method() returns a pointer to the current default DSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the DSA_METHOD used by the DSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DSA keys that only work with certain DSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DSA_METHOD for the key can have unexpected results. See <a href="/../man3/DSA_meth_new.html">DSA_meth_new</a> for information on constructing custom DSA_METHOD objects;</p>
+
+<p>DSA_new_method() allocates and initializes a DSA structure so that <b>engine</b> will be used for the DSA operations. If <b>engine</b> is NULL, the default engine for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD controlled by DSA_set_default_method() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective <b>DSA_METHOD</b>s.</p>
+
+<p>DSA_set_default_method() returns no value.</p>
+
+<p>DSA_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dsa</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_print.html b/msys2/usr/share/doc/openssl/html/man3/DSA_print.html
new file mode 100644
index 000000000..e18800060
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_print.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_print, RSA_print_fp, DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A human-readable hexadecimal output of the components of the RSA key, DSA parameters or key or DH parameters is printed to <b>bp</b> or <b>fp</b>.</p>
+
+<p>The output lines are indented by <b>offset</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 on success, 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_print_fp.html b/msys2/usr/share/doc/openssl/html/man3/DSA_print_fp.html
new file mode 100644
index 000000000..e18800060
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_print_fp.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_print, RSA_print_fp, DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A human-readable hexadecimal output of the components of the RSA key, DSA parameters or key or DH parameters is printed to <b>bp</b> or <b>fp</b>.</p>
+
+<p>The output lines are indented by <b>offset</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 on success, 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_security_bits.html b/msys2/usr/share/doc/openssl/html/man3/DSA_security_bits.html
new file mode 100644
index 000000000..fe8d686bf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_security_bits.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_size, DSA_bits, DSA_security_bits - get DSA signature size, key bits or security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_size(const DSA *dsa);
+ int DSA_bits(const DSA *dsa);
+ int DSA_security_bits(const DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_size() returns the maximum size of an ASN.1 encoded DSA signature for key <b>dsa</b> in bytes. It can be used to determine how much memory must be allocated for a DSA signature.</p>
+
+<p><b>dsa-&gt;q</b> must not be <b>NULL</b>.</p>
+
+<p>DSA_bits() returns the number of bits in key <b>dsa</b>: this is the number of bits in the <b>p</b> parameter.</p>
+
+<p>DSA_security_bits() returns the number of security bits of the given <b>dsa</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_size() returns the signature size in bytes.</p>
+
+<p>DSA_bits() returns the number of bits in the key.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_set0_key.html b/msys2/usr/share/doc/openssl/html/man3/DSA_set0_key.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_set0_key.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_set0_pqg.html b/msys2/usr/share/doc/openssl/html/man3/DSA_set0_pqg.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_set0_pqg.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_set_default_method.html b/msys2/usr/share/doc/openssl/html/man3/DSA_set_default_method.html
new file mode 100644
index 000000000..2b3e64a03
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_set_default_method.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_set_default_method, DSA_get_default_method, DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_set_default_method(const DSA_METHOD *meth);
+
+ const DSA_METHOD *DSA_get_default_method(void);
+
+ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
+
+ DSA *DSA_new_method(ENGINE *engine);
+
+ DSA_METHOD *DSA_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DSA_METHOD</b> specifies the functions that OpenSSL uses for DSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DSA_METHOD is the OpenSSL internal implementation, as returned by DSA_OpenSSL().</p>
+
+<p>DSA_set_default_method() makes <b>meth</b> the default method for all DSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DSA_get_default_method() returns a pointer to the current default DSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the DSA_METHOD used by the DSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DSA keys that only work with certain DSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DSA_METHOD for the key can have unexpected results. See <a href="/../man3/DSA_meth_new.html">DSA_meth_new</a> for information on constructing custom DSA_METHOD objects;</p>
+
+<p>DSA_new_method() allocates and initializes a DSA structure so that <b>engine</b> will be used for the DSA operations. If <b>engine</b> is NULL, the default engine for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD controlled by DSA_set_default_method() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective <b>DSA_METHOD</b>s.</p>
+
+<p>DSA_set_default_method() returns no value.</p>
+
+<p>DSA_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dsa</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/DSA_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/DSA_set_flags.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_set_flags.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_set_method.html b/msys2/usr/share/doc/openssl/html/man3/DSA_set_method.html
new file mode 100644
index 000000000..2b3e64a03
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_set_method.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_set_default_method, DSA_get_default_method, DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_set_default_method(const DSA_METHOD *meth);
+
+ const DSA_METHOD *DSA_get_default_method(void);
+
+ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
+
+ DSA *DSA_new_method(ENGINE *engine);
+
+ DSA_METHOD *DSA_OpenSSL(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>DSA_METHOD</b> specifies the functions that OpenSSL uses for DSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default DSA_METHOD is the OpenSSL internal implementation, as returned by DSA_OpenSSL().</p>
+
+<p>DSA_set_default_method() makes <b>meth</b> the default method for all DSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for DSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>DSA_get_default_method() returns a pointer to the current default DSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>DSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the DSA_METHOD used by the DSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DSA keys that only work with certain DSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DSA_METHOD for the key can have unexpected results. See <a href="/../man3/DSA_meth_new.html">DSA_meth_new</a> for information on constructing custom DSA_METHOD objects;</p>
+
+<p>DSA_new_method() allocates and initializes a DSA structure so that <b>engine</b> will be used for the DSA operations. If <b>engine</b> is NULL, the default engine for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD controlled by DSA_set_default_method() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective <b>DSA_METHOD</b>s.</p>
+
+<p>DSA_set_default_method() returns no value.</p>
+
+<p>DSA_set_method() returns non-zero if the provided <b>meth</b> was successfully set as the method for <b>dsa</b> (including unloading the ENGINE handle if the previous method was supplied by an ENGINE).</p>
+
+<p>DSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_sign.html b/msys2/usr/share/doc/openssl/html/man3/DSA_sign.html
new file mode 100644
index 000000000..02d7c6620
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_sign.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_sign(int type, const unsigned char *dgst, int len,
+              unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+
+ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp, BIGNUM **rp);
+
+ int DSA_verify(int type, const unsigned char *dgst, int len,
+                unsigned char *sigbuf, int siglen, DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_sign() computes a digital signature on the <b>len</b> byte message digest <b>dgst</b> using the private key <b>dsa</b> and places its ASN.1 DER encoding at <b>sigret</b>. The length of the signature is places in *<b>siglen</b>. <b>sigret</b> must point to DSA_size(<b>dsa</b>) bytes of memory.</p>
+
+<p>DSA_sign_setup() is defined only for backward binary compatibility and should not be used. Since OpenSSL 1.1.0 the DSA type is opaque and the output of DSA_sign_setup() cannot be used anyway: calling this function will only cause overhead, and does not affect the actual signature (pre-)computation.</p>
+
+<p>DSA_verify() verifies that the signature <b>sigbuf</b> of size <b>siglen</b> matches a given message digest <b>dgst</b> of size <b>len</b>. <b>dsa</b> is the signer&#39;s public key.</p>
+
+<p>The <b>type</b> parameter is ignored.</p>
+
+<p>The PRNG must be seeded before DSA_sign() (or DSA_sign_setup()) is called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error. DSA_verify() returns 1 for a valid signature, 0 for an incorrect signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS 186 (Digital Signature Standard, DSS), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_sign_setup.html b/msys2/usr/share/doc/openssl/html/man3/DSA_sign_setup.html
new file mode 100644
index 000000000..02d7c6620
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_sign_setup.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_sign(int type, const unsigned char *dgst, int len,
+              unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+
+ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp, BIGNUM **rp);
+
+ int DSA_verify(int type, const unsigned char *dgst, int len,
+                unsigned char *sigbuf, int siglen, DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_sign() computes a digital signature on the <b>len</b> byte message digest <b>dgst</b> using the private key <b>dsa</b> and places its ASN.1 DER encoding at <b>sigret</b>. The length of the signature is places in *<b>siglen</b>. <b>sigret</b> must point to DSA_size(<b>dsa</b>) bytes of memory.</p>
+
+<p>DSA_sign_setup() is defined only for backward binary compatibility and should not be used. Since OpenSSL 1.1.0 the DSA type is opaque and the output of DSA_sign_setup() cannot be used anyway: calling this function will only cause overhead, and does not affect the actual signature (pre-)computation.</p>
+
+<p>DSA_verify() verifies that the signature <b>sigbuf</b> of size <b>siglen</b> matches a given message digest <b>dgst</b> of size <b>len</b>. <b>dsa</b> is the signer&#39;s public key.</p>
+
+<p>The <b>type</b> parameter is ignored.</p>
+
+<p>The PRNG must be seeded before DSA_sign() (or DSA_sign_setup()) is called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error. DSA_verify() returns 1 for a valid signature, 0 for an incorrect signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS 186 (Digital Signature Standard, DSS), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_size.html b/msys2/usr/share/doc/openssl/html/man3/DSA_size.html
new file mode 100644
index 000000000..fe8d686bf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_size.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_size, DSA_bits, DSA_security_bits - get DSA signature size, key bits or security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_size(const DSA *dsa);
+ int DSA_bits(const DSA *dsa);
+ int DSA_security_bits(const DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_size() returns the maximum size of an ASN.1 encoded DSA signature for key <b>dsa</b> in bytes. It can be used to determine how much memory must be allocated for a DSA signature.</p>
+
+<p><b>dsa-&gt;q</b> must not be <b>NULL</b>.</p>
+
+<p>DSA_bits() returns the number of bits in key <b>dsa</b>: this is the number of bits in the <b>p</b> parameter.</p>
+
+<p>DSA_security_bits() returns the number of security bits of the given <b>dsa</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_size() returns the signature size in bytes.</p>
+
+<p>DSA_bits() returns the number of bits in the key.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_test_flags.html b/msys2/usr/share/doc/openssl/html/man3/DSA_test_flags.html
new file mode 100644
index 000000000..c0ac06713
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_test_flags.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_get0_pqg</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_get0_pqg, DSA_set0_pqg, DSA_get0_key, DSA_set0_key, DSA_get0_p, DSA_get0_q, DSA_get0_g, DSA_get0_pub_key, DSA_get0_priv_key, DSA_clear_flags, DSA_test_flags, DSA_set_flags, DSA_get0_engine - Routines for getting and setting data in a DSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ void DSA_get0_pqg(const DSA *d,
+                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+ void DSA_get0_key(const DSA *d,
+                   const BIGNUM **pub_key, const BIGNUM **priv_key);
+ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DSA_get0_p(const DSA *d);
+ const BIGNUM *DSA_get0_q(const DSA *d);
+ const BIGNUM *DSA_get0_g(const DSA *d);
+ const BIGNUM *DSA_get0_pub_key(const DSA *d);
+ const BIGNUM *DSA_get0_priv_key(const DSA *d);
+ void DSA_clear_flags(DSA *d, int flags);
+ int DSA_test_flags(const DSA *d, int flags);
+ void DSA_set_flags(DSA *d, int flags);
+ ENGINE *DSA_get0_engine(DSA *d);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A DSA object contains the parameters <b>p</b>, <b>q</b> and <b>g</b>. It also contains a public key (<b>pub_key</b>) and (optionally) a private key (<b>priv_key</b>).</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> parameters can be obtained by calling DSA_get0_pqg(). If the parameters have not yet been set then <b>*p</b>, <b>*q</b> and <b>*g</b> will be set to NULL. Otherwise they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed directly.</p>
+
+<p>The <b>p</b>, <b>q</b> and <b>g</b> values can be set by calling DSA_set0_pqg() and passing the new values for <b>p</b>, <b>q</b> and <b>g</b> as parameters to the function. Calling this function transfers the memory management of the values to the DSA object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>To get the public and private key values use the DSA_get0_key() function. A pointer to the public key will be stored in <b>*pub_key</b>, and a pointer to the private key will be stored in <b>*priv_key</b>. Either may be NULL if they have not been set yet, although if the private key has been set then the public key must be. The values point to the internal representation of the public key and private key values. This memory should not be freed directly.</p>
+
+<p>The public and private key values can be set using DSA_set0_key(). The public key must be non-NULL the first time this function is called on a given DSA object. The private key may be NULL. On subsequent calls, either may be NULL, which means the corresponding DSA field is left untouched. As for DSA_set0_pqg() this function transfers the memory management of the key values to the DSA object, and therefore they should not be freed directly after this function has been called.</p>
+
+<p>Any of the values <b>p</b>, <b>q</b>, <b>g</b>, <b>priv_key</b>, and <b>pub_key</b> can also be retrieved separately by the corresponding function DSA_get0_p(), DSA_get0_q(), DSA_get0_g(), DSA_get0_priv_key(), and DSA_get0_pub_key(), respectively.</p>
+
+<p>DSA_set_flags() sets the flags in the <b>flags</b> parameter on the DSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. DSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the DSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. DSA_clear_flags() clears the specified flags within the DSA object.</p>
+
+<p>DSA_get0_engine() returns a handle to the ENGINE that has been set for this DSA object, or NULL if no such ENGINE has been set.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with DSA_get0_key() are owned by the DSA object used in the call and may therefore <i>not</i> be passed to DSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to DSA_get0_pqg() and DSA_set0_pqg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_set0_pqg() and DSA_set0_key() return 1 on success or 0 on failure.</p>
+
+<p>DSA_test_flags() returns the current state of the flags in the DSA object.</p>
+
+<p>DSA_get0_engine() returns the ENGINE set for the DSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DSA_generate_parameters.html">DSA_generate_parameters(3)</a>, <a href="../man3/DSA_generate_key.html">DSA_generate_key(3)</a>, <a href="../man3/DSA_dup_DH.html">DSA_dup_DH(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a>, <a href="../man3/DSA_set_method.html">DSA_set_method(3)</a>, <a href="../man3/DSA_SIG_new.html">DSA_SIG_new(3)</a>, <a href="../man3/DSA_sign.html">DSA_sign(3)</a>, <a href="../man3/DSA_size.html">DSA_size(3)</a>, <a href="../man3/DSA_meth_new.html">DSA_meth_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSA_verify.html b/msys2/usr/share/doc/openssl/html/man3/DSA_verify.html
new file mode 100644
index 000000000..02d7c6620
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSA_verify.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DSA_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dsa.h&gt;
+
+ int DSA_sign(int type, const unsigned char *dgst, int len,
+              unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+
+ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp, BIGNUM **rp);
+
+ int DSA_verify(int type, const unsigned char *dgst, int len,
+                unsigned char *sigbuf, int siglen, DSA *dsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>DSA_sign() computes a digital signature on the <b>len</b> byte message digest <b>dgst</b> using the private key <b>dsa</b> and places its ASN.1 DER encoding at <b>sigret</b>. The length of the signature is places in *<b>siglen</b>. <b>sigret</b> must point to DSA_size(<b>dsa</b>) bytes of memory.</p>
+
+<p>DSA_sign_setup() is defined only for backward binary compatibility and should not be used. Since OpenSSL 1.1.0 the DSA type is opaque and the output of DSA_sign_setup() cannot be used anyway: calling this function will only cause overhead, and does not affect the actual signature (pre-)computation.</p>
+
+<p>DSA_verify() verifies that the signature <b>sigbuf</b> of size <b>siglen</b> matches a given message digest <b>dgst</b> of size <b>len</b>. <b>dsa</b> is the signer&#39;s public key.</p>
+
+<p>The <b>type</b> parameter is ignored.</p>
+
+<p>The PRNG must be seeded before DSA_sign() (or DSA_sign_setup()) is called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error. DSA_verify() returns 1 for a valid signature, 0 for an incorrect signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS 186 (Digital Signature Standard, DSS), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/DSA_do_sign.html">DSA_do_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSAparams_dup.html b/msys2/usr/share/doc/openssl/html/man3/DSAparams_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSAparams_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSAparams_print.html b/msys2/usr/share/doc/openssl/html/man3/DSAparams_print.html
new file mode 100644
index 000000000..e18800060
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSAparams_print.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_print, RSA_print_fp, DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A human-readable hexadecimal output of the components of the RSA key, DSA parameters or key or DH parameters is printed to <b>bp</b> or <b>fp</b>.</p>
+
+<p>The output lines are indented by <b>offset</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 on success, 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DSAparams_print_fp.html b/msys2/usr/share/doc/openssl/html/man3/DSAparams_print_fp.html
new file mode 100644
index 000000000..e18800060
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DSAparams_print_fp.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_print, RSA_print_fp, DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A human-readable hexadecimal output of the components of the RSA key, DSA parameters or key or DH parameters is printed to <b>bp</b> or <b>fp</b>.</p>
+
+<p>The output lines are indented by <b>offset</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 on success, 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLS_client_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLS_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLS_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLS_get_data_mtu.html b/msys2/usr/share/doc/openssl/html/man3/DTLS_get_data_mtu.html
new file mode 100644
index 000000000..f62072796
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLS_get_data_mtu.html
@@ -0,0 +1,56 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DTLS_get_data_mtu</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DTLS_get_data_mtu - Get maximum data payload size</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ size_t DTLS_get_data_mtu(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This function obtains the maximum data payload size for the established DTLS connection <b>ssl</b>, based on the DTLS record MTU and the overhead of the DTLS record header, encryption and authentication currently in use.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Returns the maximum data payload size on success, or 0 on failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The DTLS_get_data_mtu() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLS_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLS_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLS_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLS_server_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLS_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLS_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLS_set_timer_cb.html b/msys2/usr/share/doc/openssl/html/man3/DTLS_set_timer_cb.html
new file mode 100644
index 000000000..0d605adff
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLS_set_timer_cb.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DTLS_set_timer_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DTLS_timer_cb, DTLS_set_timer_cb - Set callback for controlling DTLS timer duration</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef unsigned int (*DTLS_timer_cb)(SSL *s, unsigned int timer_us);
+
+ void DTLS_set_timer_cb(SSL *s, DTLS_timer_cb cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This function sets an optional callback function for controlling the timeout interval on the DTLS protocol. The callback function will be called by DTLS for every new DTLS packet that is sent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Returns void.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The DTLS_set_timer_cb() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLS_timer_cb.html b/msys2/usr/share/doc/openssl/html/man3/DTLS_timer_cb.html
new file mode 100644
index 000000000..0d605adff
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLS_timer_cb.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DTLS_set_timer_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DTLS_timer_cb, DTLS_set_timer_cb - Set callback for controlling DTLS timer duration</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef unsigned int (*DTLS_timer_cb)(SSL *s, unsigned int timer_us);
+
+ void DTLS_set_timer_cb(SSL *s, DTLS_timer_cb cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This function sets an optional callback function for controlling the timeout interval on the DTLS protocol. The callback function will be called by DTLS for every new DTLS packet that is sent.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Returns void.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The DTLS_set_timer_cb() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_client_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_server_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_2_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLSv1_client_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLSv1_listen.html b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_listen.html
new file mode 100644
index 000000000..078279aa1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_listen.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DTLSv1_listen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_stateless, DTLSv1_listen - Statelessly listen for incoming connections</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_stateless(SSL *s);
+ int DTLSv1_listen(SSL *ssl, BIO_ADDR *peer);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_stateless() statelessly listens for new incoming TLSv1.3 connections. DTLSv1_listen() statelessly listens for new incoming DTLS connections. If a ClientHello is received that does not contain a cookie, then they respond with a request for a new ClientHello that does contain a cookie. If a ClientHello is received with a cookie that is verified then the function returns in order to enable the handshake to be completed (for example by using SSL_accept()).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some transport protocols (such as UDP) can be susceptible to amplification attacks. Unlike TCP there is no initial connection setup in UDP that validates that the client can actually receive messages on its advertised source address. An attacker could forge its source IP address and then send handshake initiation messages to the server. The server would then send its response to the forged source IP. If the response messages are larger than the original message then the amplification attack has succeeded.</p>
+
+<p>If DTLS is used over UDP (or any datagram based protocol that does not validate the source IP) then it is susceptible to this type of attack. TLSv1.3 is designed to operate over a stream-based transport protocol (such as TCP). If TCP is being used then there is no need to use SSL_stateless(). However some stream-based transport protocols (e.g. QUIC) may not validate the source address. In this case a TLSv1.3 application would be susceptible to this attack.</p>
+
+<p>As a countermeasure to this issue TLSv1.3 and DTLS include a stateless cookie mechanism. The idea is that when a client attempts to connect to a server it sends a ClientHello message. The server responds with a HelloRetryRequest (in TLSv1.3) or a HelloVerifyRequest (in DTLS) which contains a unique cookie. The client then resends the ClientHello, but this time includes the cookie in the message thus proving that the client is capable of receiving messages sent to that address. All of this can be done by the server without allocating any state, and thus without consuming expensive resources.</p>
+
+<p>OpenSSL implements this capability via the SSL_stateless() and DTLSv1_listen() functions. The <b>ssl</b> parameter should be a newly allocated SSL object with its read and write BIOs set, in the same way as might be done for a call to SSL_accept(). Typically, for DTLS, the read BIO will be in an &quot;unconnected&quot; state and thus capable of receiving messages from any peer.</p>
+
+<p>When a ClientHello is received that contains a cookie that has been verified, then these functions will return with the <b>ssl</b> parameter updated into a state where the handshake can be continued by a call to (for example) SSL_accept(). Additionally, for DTLSv1_listen(), the <b>BIO_ADDR</b> pointed to by <b>peer</b> will be filled in with details of the peer that sent the ClientHello. If the underlying BIO is unable to obtain the <b>BIO_ADDR</b> of the peer (for example because the BIO does not support this), then <b>*peer</b> will be cleared and the family set to AF_UNSPEC. Typically user code is expected to &quot;connect&quot; the underlying socket to the peer and continue the handshake in a connected state.</p>
+
+<p>Prior to calling DTLSv1_listen() user code must ensure that cookie generation and verification callbacks have been set up using SSL_CTX_set_cookie_generate_cb() and SSL_CTX_set_cookie_verify_cb() respectively. For SSL_stateless(), SSL_CTX_set_stateless_cookie_generate_cb() and SSL_CTX_set_stateless_cookie_verify_cb() must be used instead.</p>
+
+<p>Since DTLSv1_listen() operates entirely statelessly whilst processing incoming ClientHellos it is unable to process fragmented messages (since this would require the allocation of state). An implication of this is that DTLSv1_listen() <b>only</b> supports ClientHellos that fit inside a single datagram.</p>
+
+<p>For SSL_stateless() if an entire ClientHello message cannot be read without the &quot;read&quot; BIO becoming empty then the SSL_stateless() call will fail. It is the application&#39;s responsibility to ensure that data read from the &quot;read&quot; BIO during a single SSL_stateless() call is all from the same peer.</p>
+
+<p>SSL_stateless() will fail (with a 0 return value) if some TLS version less than TLSv1.3 is used.</p>
+
+<p>Both SSL_stateless() and DTLSv1_listen() will clear the error queue when they start.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For SSL_stateless() a return value of 1 indicates success and the <b>ssl</b> object will be set up ready to continue the handshake. A return value of 0 or -1 indicates failure. If the value is 0 then a HelloRetryRequest was sent. A value of -1 indicates any other error. User code may retry the SSL_stateless() call.</p>
+
+<p>For DTLSv1_listen() a return value of &gt;= 1 indicates success. The <b>ssl</b> object will be set up ready to continue the handshake. the <b>peer</b> value will also be filled in.</p>
+
+<p>A return value of 0 indicates a non-fatal error. This could (for example) be because of non-blocking IO, or some invalid message having been received from a peer. Errors may be placed on the OpenSSL error queue with further information if appropriate. Typically user code is expected to retry the call to DTLSv1_listen() in the event of a non-fatal error.</p>
+
+<p>A return value of &lt;0 indicates a fatal error. This could (for example) be because of a failure to allocate sufficient memory for the operation.</p>
+
+<p>For DTLSv1_listen(), prior to OpenSSL 1.1.0, fatal and non-fatal errors both produce return codes &lt;= 0 (in typical implementations user code treats all errors as non-fatal), whilst return codes &gt;0 indicate success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_stateless() function was added in OpenSSL 1.1.1.</p>
+
+<p>The DTLSv1_listen() return codes were clarified in OpenSSL 1.1.0. The type of &quot;peer&quot; also changed in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLSv1_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/DTLSv1_server_method.html b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/DTLSv1_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDH_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/ECDH_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDH_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDH_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/ECDH_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDH_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDH_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/ECDH_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDH_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_free.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_free.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_free.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0_r.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0_r.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0_r.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0_s.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0_s.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_get0_s.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_new.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_new.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_new.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_set0.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_set0.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_SIG_set0.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_sign.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_sign.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_sign.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_sign_ex.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_sign_ex.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_sign_ex.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_verify.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_verify.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_do_verify.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign_ex.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign_ex.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign_ex.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign_setup.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign_setup.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_sign_setup.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_size.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_size.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_size.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECDSA_verify.html b/msys2/usr/share/doc/openssl/html/man3/ECDSA_verify.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECDSA_verify.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECPARAMETERS_free.html b/msys2/usr/share/doc/openssl/html/man3/ECPARAMETERS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECPARAMETERS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECPARAMETERS_new.html b/msys2/usr/share/doc/openssl/html/man3/ECPARAMETERS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECPARAMETERS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECPKPARAMETERS_free.html b/msys2/usr/share/doc/openssl/html/man3/ECPKPARAMETERS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECPKPARAMETERS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECPKPARAMETERS_new.html b/msys2/usr/share/doc/openssl/html/man3/ECPKPARAMETERS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECPKPARAMETERS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECPKParameters_print.html b/msys2/usr/share/doc/openssl/html/man3/ECPKParameters_print.html
new file mode 100644
index 000000000..c2771bbee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECPKParameters_print.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECPKParameters_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECPKParameters_print, ECPKParameters_print_fp - Functions for decoding and encoding ASN1 representations of elliptic curve entities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ECPKParameters represent the public parameters for an <b>EC_GROUP</b> structure, which represents a curve.</p>
+
+<p>The ECPKParameters_print() and ECPKParameters_print_fp() functions print a human-readable output of the public parameters of the EC_GROUP to <b>bp</b> or <b>fp</b>. The output lines are indented by <b>off</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECPKParameters_print() and ECPKParameters_print_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ECPKParameters_print_fp.html b/msys2/usr/share/doc/openssl/html/man3/ECPKParameters_print_fp.html
new file mode 100644
index 000000000..c2771bbee
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ECPKParameters_print_fp.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECPKParameters_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECPKParameters_print, ECPKParameters_print_fp - Functions for decoding and encoding ASN1 representations of elliptic curve entities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ECPKParameters represent the public parameters for an <b>EC_GROUP</b> structure, which represents a curve.</p>
+
+<p>The ECPKParameters_print() and ECPKParameters_print_fp() functions print a human-readable output of the public parameters of the EC_GROUP to <b>bp</b> or <b>fp</b>. The output lines are indented by <b>off</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECPKParameters_print() and ECPKParameters_print_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GF2m_simple_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_GF2m_simple_method.html
new file mode 100644
index 000000000..002f9bff1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GF2m_simple_method.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GFp_simple_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining EC_METHOD objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>) an implementation method must be provided. The functions described here all return a const pointer to an <b>EC_METHOD</b> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation type for the form of curve selected is used.</p>
+
+<p>For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.</p>
+
+<p>For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the use of montgomery multiplication (see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a>). EC_GFp_nist_method offers an implementation optimised for use with NIST recommended curves (NIST curves are available through EC_GROUP_new_by_curve_name as described in <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>).</p>
+
+<p>The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms.</p>
+
+<p>EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either F2^m or Fp. If the field type is Fp then the value <b>NID_X9_62_prime_field</b> is returned. If the field type is F2^m then the value <b>NID_X9_62_characteristic_two_field</b> is returned. These values are defined in the obj_mac.h header file.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.</p>
+
+<p>EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GFp_mont_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_mont_method.html
new file mode 100644
index 000000000..002f9bff1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_mont_method.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GFp_simple_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining EC_METHOD objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>) an implementation method must be provided. The functions described here all return a const pointer to an <b>EC_METHOD</b> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation type for the form of curve selected is used.</p>
+
+<p>For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.</p>
+
+<p>For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the use of montgomery multiplication (see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a>). EC_GFp_nist_method offers an implementation optimised for use with NIST recommended curves (NIST curves are available through EC_GROUP_new_by_curve_name as described in <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>).</p>
+
+<p>The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms.</p>
+
+<p>EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either F2^m or Fp. If the field type is Fp then the value <b>NID_X9_62_prime_field</b> is returned. If the field type is F2^m then the value <b>NID_X9_62_characteristic_two_field</b> is returned. These values are defined in the obj_mac.h header file.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.</p>
+
+<p>EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nist_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nist_method.html
new file mode 100644
index 000000000..002f9bff1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nist_method.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GFp_simple_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining EC_METHOD objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>) an implementation method must be provided. The functions described here all return a const pointer to an <b>EC_METHOD</b> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation type for the form of curve selected is used.</p>
+
+<p>For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.</p>
+
+<p>For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the use of montgomery multiplication (see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a>). EC_GFp_nist_method offers an implementation optimised for use with NIST recommended curves (NIST curves are available through EC_GROUP_new_by_curve_name as described in <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>).</p>
+
+<p>The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms.</p>
+
+<p>EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either F2^m or Fp. If the field type is Fp then the value <b>NID_X9_62_prime_field</b> is returned. If the field type is F2^m then the value <b>NID_X9_62_characteristic_two_field</b> is returned. These values are defined in the obj_mac.h header file.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.</p>
+
+<p>EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp224_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp224_method.html
new file mode 100644
index 000000000..002f9bff1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp224_method.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GFp_simple_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining EC_METHOD objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>) an implementation method must be provided. The functions described here all return a const pointer to an <b>EC_METHOD</b> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation type for the form of curve selected is used.</p>
+
+<p>For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.</p>
+
+<p>For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the use of montgomery multiplication (see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a>). EC_GFp_nist_method offers an implementation optimised for use with NIST recommended curves (NIST curves are available through EC_GROUP_new_by_curve_name as described in <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>).</p>
+
+<p>The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms.</p>
+
+<p>EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either F2^m or Fp. If the field type is Fp then the value <b>NID_X9_62_prime_field</b> is returned. If the field type is F2^m then the value <b>NID_X9_62_characteristic_two_field</b> is returned. These values are defined in the obj_mac.h header file.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.</p>
+
+<p>EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp256_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp256_method.html
new file mode 100644
index 000000000..002f9bff1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp256_method.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GFp_simple_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining EC_METHOD objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>) an implementation method must be provided. The functions described here all return a const pointer to an <b>EC_METHOD</b> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation type for the form of curve selected is used.</p>
+
+<p>For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.</p>
+
+<p>For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the use of montgomery multiplication (see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a>). EC_GFp_nist_method offers an implementation optimised for use with NIST recommended curves (NIST curves are available through EC_GROUP_new_by_curve_name as described in <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>).</p>
+
+<p>The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms.</p>
+
+<p>EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either F2^m or Fp. If the field type is Fp then the value <b>NID_X9_62_prime_field</b> is returned. If the field type is F2^m then the value <b>NID_X9_62_characteristic_two_field</b> is returned. These values are defined in the obj_mac.h header file.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.</p>
+
+<p>EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp521_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp521_method.html
new file mode 100644
index 000000000..002f9bff1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_nistp521_method.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GFp_simple_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining EC_METHOD objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>) an implementation method must be provided. The functions described here all return a const pointer to an <b>EC_METHOD</b> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation type for the form of curve selected is used.</p>
+
+<p>For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.</p>
+
+<p>For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the use of montgomery multiplication (see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a>). EC_GFp_nist_method offers an implementation optimised for use with NIST recommended curves (NIST curves are available through EC_GROUP_new_by_curve_name as described in <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>).</p>
+
+<p>The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms.</p>
+
+<p>EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either F2^m or Fp. If the field type is Fp then the value <b>NID_X9_62_prime_field</b> is returned. If the field type is F2^m then the value <b>NID_X9_62_characteristic_two_field</b> is returned. These values are defined in the obj_mac.h header file.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.</p>
+
+<p>EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GFp_simple_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_simple_method.html
new file mode 100644
index 000000000..002f9bff1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GFp_simple_method.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GFp_simple_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining EC_METHOD objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>) an implementation method must be provided. The functions described here all return a const pointer to an <b>EC_METHOD</b> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation type for the form of curve selected is used.</p>
+
+<p>For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.</p>
+
+<p>For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the use of montgomery multiplication (see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a>). EC_GFp_nist_method offers an implementation optimised for use with NIST recommended curves (NIST curves are available through EC_GROUP_new_by_curve_name as described in <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>).</p>
+
+<p>The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms.</p>
+
+<p>EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either F2^m or Fp. If the field type is Fp then the value <b>NID_X9_62_prime_field</b> is returned. If the field type is F2^m then the value <b>NID_X9_62_characteristic_two_field</b> is returned. These values are defined in the obj_mac.h header file.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.</p>
+
+<p>EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_check.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_check.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_check.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_check_discriminant.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_check_discriminant.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_check_discriminant.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_clear_free.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_clear_free.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_clear_free.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_cmp.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_cmp.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_cmp.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_copy.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_copy.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_copy.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_dup.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_dup.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_dup.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_free.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_free.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_free.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_cofactor.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_cofactor.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_cofactor.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_generator.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_generator.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_generator.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_order.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_order.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_order.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_seed.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_seed.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get0_seed.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_asn1_flag.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_asn1_flag.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_asn1_flag.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_basis_type.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_basis_type.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_basis_type.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_cofactor.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_cofactor.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_cofactor.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_GF2m.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_GF2m.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_GF2m.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_GFp.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_GFp.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_GFp.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_name.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_name.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_name.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_degree.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_degree.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_degree.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_ecparameters.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_ecparameters.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_ecparameters.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_ecpkparameters.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_ecpkparameters.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_ecpkparameters.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_order.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_order.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_order.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_pentanomial_basis.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_pentanomial_basis.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_pentanomial_basis.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_point_conversion_form.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_point_conversion_form.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_point_conversion_form.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_seed_len.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_seed_len.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_seed_len.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_trinomial_basis.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_trinomial_basis.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_get_trinomial_basis.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_have_precompute_mult.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_have_precompute_mult.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_have_precompute_mult.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_method_of.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_method_of.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_method_of.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_by_curve_name.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_by_curve_name.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_by_curve_name.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_curve_GF2m.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_curve_GF2m.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_curve_GF2m.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_curve_GFp.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_curve_GFp.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_curve_GFp.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_from_ecparameters.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_from_ecparameters.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_from_ecparameters.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_from_ecpkparameters.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_from_ecpkparameters.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_new_from_ecpkparameters.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_order_bits.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_order_bits.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_order_bits.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_precompute_mult.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_precompute_mult.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_precompute_mult.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_asn1_flag.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_asn1_flag.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_asn1_flag.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_GF2m.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_GF2m.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_GF2m.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_GFp.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_GFp.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_GFp.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_name.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_name.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_name.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_generator.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_generator.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_generator.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_point_conversion_form.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_point_conversion_form.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_point_conversion_form.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_seed.html b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_seed.html
new file mode 100644
index 000000000..ba2358384
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_GROUP_set_seed.html
@@ -0,0 +1,168 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_copy</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get0_order, EC_GROUP_order_bits, EC_GROUP_get0_cofactor, EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                            const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+ int EC_GROUP_order_bits(const EC_GROUP *group);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                    unsigned int *k2, unsigned int *k3);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_GROUP_copy copies the curve <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same EC_METHOD.</p>
+
+<p>EC_GROUP_dup creates a new EC_GROUP object and copies the content from <b>src</b> to the newly created EC_GROUP object.</p>
+
+<p>EC_GROUP_method_of obtains the EC_METHOD of <b>group</b>.</p>
+
+<p>EC_GROUP_set_generator sets curve parameters that must be agreed by all participants using the curve. These parameters include the <b>generator</b>, the <b>order</b> and the <b>cofactor</b>. The <b>generator</b> is a well defined point on the curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and n-1 where n is the <b>order</b>. The <b>order</b> multiplied by the <b>cofactor</b> gives the number of points on the curve.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the identified <b>group</b>.</p>
+
+<p>The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided <b>order</b> and <b>cofactor</b> parameters with the respective order and cofactors for the <b>group</b>.</p>
+
+<p>The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>The asn1_flag value is used to determine whether the curve encoding uses explicit parameters or a named curve using an ASN1 OID: many applications only support the latter form. If asn1_flag is <b>OPENSSL_EC_NAMED_CURVE</b> then the named curve form is used and the parameters must have a corresponding named curve NID set. If asn1_flags is <b>OPENSSL_EC_EXPLICIT_CURVE</b> the parameters are explicitly encoded. The functions EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. Note: <b>OPENSSL_EC_EXPLICIT_CURVE</b> was added in OpenSSL 1.1.0, for previous versions of OpenSSL the value 0 must be used instead. Before OpenSSL 1.1.0 the default form was to use explicit parameters (meaning that applications would have to explicitly set the named curve form) in OpenSSL 1.1.0 and later the named curve form is the default.</p>
+
+<p>The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA). point_conversion_form_t is an enum defined as follows:</p>
+
+<pre><code> typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *   which solution of the quadratic equation y is  */
+        POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x04  */
+        POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+        POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;</code></pre>
+
+<p>For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by the octets for x, followed by the octets for y.</p>
+
+<p>For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of the two possible solutions for y has been used, followed by the octets for x.</p>
+
+<p>For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two possible solutions for y has been used, followed by the octets for x, followed by the octets for y.</p>
+
+<p>The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form for the curve respectively.</p>
+
+<p>ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications.</p>
+
+<p>EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be the value m.</p>
+
+<p>The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. In either case for the curve to be valid the discriminant must be non zero.</p>
+
+<p>The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has the correct order.</p>
+
+<p>EC_GROUP_cmp compares <b>a</b> and <b>b</b> to determine whether they represent the same curve or not.</p>
+
+<p>The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial function f(x). This function is either a trinomial of the form:</p>
+
+<p>f(x) = x^m + x^k + 1 with m &gt; k &gt;= 1</p>
+
+<p>or a pentanomial of the form:</p>
+
+<p>f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m &gt; k3 &gt; k2 &gt; k1 &gt;= 1</p>
+
+<p>The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of <b>k</b>. Similarly the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of <b>k1</b>, <b>k2</b> and <b>k3</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.</p>
+
+<p>EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.</p>
+
+<p>EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.</p>
+
+<p>EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.</p>
+
+<p>EC_GROUP_get0_order() returns an internal pointer to the group order. EC_GROUP_order_bits() returns the number of bits in the group order. EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.</p>
+
+<p>EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.</p>
+
+<p>EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is 0, the return value will be 1. On error 0 is returned.</p>
+
+<p>EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.</p>
+
+<p>EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in &lt;openssl/obj_mac.h&gt;) for a trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_check_key.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_check_key.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_check_key.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_clear_flags.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_clear_flags.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_copy.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_copy.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_copy.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_dup.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_dup.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_dup.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_free.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_free.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_free.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_generate_key.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_generate_key.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_generate_key.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_engine.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_engine.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_engine.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_group.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_group.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_group.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_private_key.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_private_key.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_private_key.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_public_key.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_public_key.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get0_public_key.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_conv_form.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_conv_form.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_conv_form.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_enc_flags.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_enc_flags.html
new file mode 100644
index 000000000..9838db47b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_enc_flags.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_get_enc_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_enc_flags, EC_KEY_set_enc_flags - Get and set flags for encoding EC_KEY structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ unsigned int EC_KEY_get_enc_flags(const EC_KEY *key);
+ void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The format of the external representation of the public key written by i2d_ECPrivateKey() (such as whether it is stored in a compressed form or not) is described by the point_conversion_form. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for a description of point_conversion_form.</p>
+
+<p>When reading a private key encoded without an associated public key (e.g. if EC_PKEY_NO_PUBKEY has been used - see below), then d2i_ECPrivateKey() generates the missing public key automatically. Private keys encoded without parameters (e.g. if EC_PKEY_NO_PARAMETERS has been used - see below) cannot be loaded using d2i_ECPrivateKey().</p>
+
+<p>The functions EC_KEY_get_enc_flags() and EC_KEY_set_enc_flags() get and set the value of the encoding flags for the <b>key</b>. There are two encoding flags currently defined - EC_PKEY_NO_PARAMETERS and EC_PKEY_NO_PUBKEY. These flags define the behaviour of how the <b>key</b> is converted into ASN1 in a call to i2d_ECPrivateKey(). If EC_PKEY_NO_PARAMETERS is set then the public parameters for the curve are not encoded along with the private key. If EC_PKEY_NO_PUBKEY is set then the public key is not encoded along with the private key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_get_enc_flags() returns the value of the current encoding flags for the EC_KEY.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/d2i_ECPrivateKey.html">d2i_ECPrivateKey(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_flags.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_flags.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_flags.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_method.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_get_method.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_key2buf.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_key2buf.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_key2buf.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_new.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_new.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_new.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_new_by_curve_name.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_new_by_curve_name.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_new_by_curve_name.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_oct2key.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_oct2key.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_oct2key.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_oct2priv.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_oct2priv.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_oct2priv.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_precompute_mult.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_precompute_mult.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_precompute_mult.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_priv2buf.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_priv2buf.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_priv2buf.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_priv2oct.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_priv2oct.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_priv2oct.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_asn1_flag.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_asn1_flag.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_asn1_flag.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_conv_form.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_conv_form.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_conv_form.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_enc_flags.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_enc_flags.html
new file mode 100644
index 000000000..9838db47b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_enc_flags.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_get_enc_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_enc_flags, EC_KEY_set_enc_flags - Get and set flags for encoding EC_KEY structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ unsigned int EC_KEY_get_enc_flags(const EC_KEY *key);
+ void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The format of the external representation of the public key written by i2d_ECPrivateKey() (such as whether it is stored in a compressed form or not) is described by the point_conversion_form. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for a description of point_conversion_form.</p>
+
+<p>When reading a private key encoded without an associated public key (e.g. if EC_PKEY_NO_PUBKEY has been used - see below), then d2i_ECPrivateKey() generates the missing public key automatically. Private keys encoded without parameters (e.g. if EC_PKEY_NO_PARAMETERS has been used - see below) cannot be loaded using d2i_ECPrivateKey().</p>
+
+<p>The functions EC_KEY_get_enc_flags() and EC_KEY_set_enc_flags() get and set the value of the encoding flags for the <b>key</b>. There are two encoding flags currently defined - EC_PKEY_NO_PARAMETERS and EC_PKEY_NO_PUBKEY. These flags define the behaviour of how the <b>key</b> is converted into ASN1 in a call to i2d_ECPrivateKey(). If EC_PKEY_NO_PARAMETERS is set then the public parameters for the curve are not encoded along with the private key. If EC_PKEY_NO_PUBKEY is set then the public key is not encoded along with the private key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_get_enc_flags() returns the value of the current encoding flags for the EC_KEY.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/d2i_ECPrivateKey.html">d2i_ECPrivateKey(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_flags.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_flags.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_group.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_group.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_group.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_method.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_method.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_method.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_private_key.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_private_key.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_private_key.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_public_key.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_public_key.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_public_key.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_public_key_affine_coordinates.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_public_key_affine_coordinates.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_set_public_key_affine_coordinates.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_KEY_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_up_ref.html
new file mode 100644
index 000000000..f61fd6351
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_KEY_up_ref.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_KEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, EC_KEY_priv2buf - Functions for creating, destroying and manipulating EC_KEY objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+ const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+
+ int EC_KEY_oct2key(EC_KEY *eckey, const unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_KEY_key2buf(const EC_KEY *eckey, point_conversion_form_t form,
+                       unsigned char **pbuf, BN_CTX *ctx);
+
+ int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len);
+ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len);
+
+ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new(). The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling EC_KEY_set_group().</p>
+
+<p>Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name() and supplying the nid of the associated curve. See <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a> for a description of curve names. This function simply wraps calls to EC_KEY_new() and EC_GROUP_new_by_curve_name().</p>
+
+<p>Calling EC_KEY_free() decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated with it. If <b>key</b> is NULL nothing is done.</p>
+
+<p>EC_KEY_copy() copies the contents of the EC_KEY in <b>src</b> into <b>dest</b>.</p>
+
+<p>EC_KEY_dup() creates a new EC_KEY object and copies <b>ec_key</b> into it.</p>
+
+<p>EC_KEY_up_ref() increments the reference count associated with the EC_KEY object.</p>
+
+<p>EC_KEY_get0_engine() returns a handle to the ENGINE that has been set for this EC_KEY object.</p>
+
+<p>EC_KEY_generate_key() generates a new public and private key for the supplied <b>eckey</b> object. <b>eckey</b> must have an EC_GROUP object associated with it before calling this function. The private key is a random integer (0 &lt; priv_key &lt; order, where <i>order</i> is the order of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the private key.</p>
+
+<p>EC_KEY_check_key() performs various sanity checks on the EC_KEY object to confirm that it is valid.</p>
+
+<p>EC_KEY_set_public_key_affine_coordinates() sets the public key for <b>key</b> based on its affine co-ordinates; i.e., it constructs an EC_POINT object based on the supplied <b>x</b> and <b>y</b> values and sets the public key to be this EC_POINT. It also performs certain sanity checks on the key to confirm that it is valid.</p>
+
+<p>The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, and the EC_POINT public key for the <b>key</b> respectively.</p>
+
+<p>The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the <b>key</b>. For a description of point_conversion_forms please see <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>.</p>
+
+<p>EC_KEY_set_flags() sets the flags in the <b>flags</b> parameter on the EC_KEY object. Any flags that are already set are left set. The flags currently defined are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH. EC_KEY_get_flags() returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags() clears the flags indicated by the <b>flags</b> parameter; all other flags are left in their existing state.</p>
+
+<p>EC_KEY_set_asn1_flag() sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for further information on the asn1_flag.</p>
+
+<p>EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>.</p>
+
+<p>EC_KEY_oct2key() and EC_KEY_key2buf() are identical to the functions EC_POINT_oct2point() and EC_KEY_point2buf() except they use the public key EC_POINT in <b>eckey</b>.</p>
+
+<p>EC_KEY_oct2priv() and EC_KEY_priv2oct() convert between the private key component of <b>eckey</b> and octet form. The octet form consists of the content octets of the <b>privateKey</b> OCTET STRING in an <b>ECPrivateKey</b> ASN.1 structure.</p>
+
+<p>The function EC_KEY_priv2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will just return the required buffer length.</p>
+
+<p>The function EC_KEY_priv2buf() allocates a buffer of suitable length and writes an EC_KEY to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_KEY_new(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error.</p>
+
+<p>EC_KEY_get_flags() returns the flags associated with the EC_KEY object as an integer.</p>
+
+<p>EC_KEY_copy() returns a pointer to the destination key, or NULL on error.</p>
+
+<p>EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn&#39;t set.</p>
+
+<p>EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.</p>
+
+<p>EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.</p>
+
+<p>EC_KEY_get0_private_key() returns the private key associated with the EC_KEY.</p>
+
+<p>EC_KEY_get_conv_form() return the point_conversion_form for the EC_KEY.</p>
+
+<p>EC_KEY_key2buf(), EC_KEY_priv2oct() and EC_KEY_priv2buf() return the length of the buffer or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_METHOD_get_field_type.html b/msys2/usr/share/doc/openssl/html/man3/EC_METHOD_get_field_type.html
new file mode 100644
index 000000000..002f9bff1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_METHOD_get_field_type.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GFp_simple_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining EC_METHOD objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>) an implementation method must be provided. The functions described here all return a const pointer to an <b>EC_METHOD</b> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation type for the form of curve selected is used.</p>
+
+<p>For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.</p>
+
+<p>For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the use of montgomery multiplication (see <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a>). EC_GFp_nist_method offers an implementation optimised for use with NIST recommended curves (NIST curves are available through EC_GROUP_new_by_curve_name as described in <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>).</p>
+
+<p>The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms.</p>
+
+<p>EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either F2^m or Fp. If the field type is Fp then the value <b>NID_X9_62_prime_field</b> is returned. If the field type is F2^m then the value <b>NID_X9_62_characteristic_two_field</b> is returned. These values are defined in the obj_mac.h header file.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.</p>
+
+<p>EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a>, <a href="../man3/BN_mod_mul_montgomery.html">BN_mod_mul_montgomery(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_add.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_add.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_add.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_bn2point.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_bn2point.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_bn2point.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_clear_free.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_clear_free.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_clear_free.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_cmp.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_cmp.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_cmp.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_copy.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_copy.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_copy.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_dbl.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_dbl.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_dbl.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_dup.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_dup.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_dup.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_free.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_free.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_free.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_Jprojective_coordinates_GFp.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_Jprojective_coordinates_GFp.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_Jprojective_coordinates_GFp.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates_GF2m.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates_GF2m.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates_GF2m.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates_GFp.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates_GFp.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates_GFp.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_hex2point.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_hex2point.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_hex2point.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_invert.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_invert.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_invert.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_is_at_infinity.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_is_at_infinity.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_is_at_infinity.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_is_on_curve.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_is_on_curve.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_is_on_curve.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_make_affine.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_make_affine.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_make_affine.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_method_of.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_method_of.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_method_of.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_mul.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_mul.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_mul.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_new.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_new.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_new.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_oct2point.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_oct2point.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_oct2point.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2bn.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2bn.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2bn.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2buf.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2buf.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2buf.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2hex.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2hex.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2hex.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2oct.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2oct.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_point2oct.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_Jprojective_coordinates_GFp.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_Jprojective_coordinates_GFp.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_Jprojective_coordinates_GFp.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates_GF2m.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates_GF2m.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates_GF2m.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates_GFp.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates_GFp.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates_GFp.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates_GF2m.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates_GF2m.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates_GF2m.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates_GFp.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates_GFp.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates_GFp.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_to_infinity.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_to_infinity.html
new file mode 100644
index 000000000..892e7f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINT_set_to_infinity.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_set_Jprojective_coordinates_GFp, EC_POINT_point2buf, EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates, EC_POINT_get_affine_coordinates, EC_POINT_set_compressed_coordinates, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, const BIGNUM *y,
+                                              const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                              const EC_POINT *p,
+                                              BIGNUM *x, BIGNUM *y, BIGNUM *z,
+                                              BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                     const BIGNUM *x, const BIGNUM *y,
+                                     BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+                                     BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, int y_bit,
+                                         BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                         const EC_POINT *p,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                          const BIGNUM *x, const BIGNUM *y,
+                                          BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                          const EC_POINT *p,
+                                          BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                              EC_POINT *p,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form,
+                           unsigned char *buf, size_t len, BN_CTX *ctx);
+ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+                           point_conversion_form_t form,
+                           unsigned char **pbuf, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *p,
+                           point_conversion_form_t form, BIGNUM *bn,
+                           BN_CTX *ctx);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, const BIGNUM *bn,
+                             EC_POINT *p, BN_CTX *ctx);
+ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form, BN_CTX *ctx);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex,
+                              EC_POINT *p, BN_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>EC_POINT</b> structure represents a point on a curve. A new point is constructed by calling the function EC_POINT_new() and providing the <b>group</b> object that the point relates to.</p>
+
+<p>EC_POINT_free() frees the memory associated with the <b>EC_POINT</b>. if <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_clear_free() destroys any sensitive data held within the EC_POINT and then frees its memory. If <b>point</b> is NULL nothing is done.</p>
+
+<p>EC_POINT_copy() copies the point <b>src</b> into <b>dst</b>. Both <b>src</b> and <b>dst</b> must use the same <b>EC_METHOD</b>.</p>
+
+<p>EC_POINT_dup() creates a new <b>EC_POINT</b> object and copies the content from <b>src</b> to the newly created <b>EC_POINT</b> object.</p>
+
+<p>EC_POINT_method_of() obtains the <b>EC_METHOD</b> associated with <b>point</b>.</p>
+
+<p>A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity().</p>
+
+<p>The affine co-ordinates for a point describe a point in terms of its x and y position. The function EC_POINT_set_affine_coordinates() sets the <b>x</b> and <b>y</b> co-ordinates for the point <b>p</b> defined over the curve given in <b>group</b>. The function EC_POINT_get_affine_coordinates() sets <b>x</b> and <b>y</b>, either of which may be NULL, to the corresponding coordinates of <b>p</b>.</p>
+
+<p>The functions EC_POINT_set_affine_coordinates_GFp() and EC_POINT_set_affine_coordinates_GF2m() are synonyms for EC_POINT_set_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_POINT_get_affine_coordinates_GFp() and EC_POINT_get_affine_coordinates_GF2m() are synonyms for EC_POINT_get_affine_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in this co-ordinate system provides more efficient point multiplication operations. A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective from affine co-ordinates is simple. The co-ordinate (x, y) is mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp() and EC_POINT_get_Jprojective_coordinates_GFp() respectively.</p>
+
+<p>Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates() function where <b>x</b> is the x co-ordinate and <b>y_bit</b> is a value 0 or 1 to identify which of the two possible values for y should be used.</p>
+
+<p>The functions EC_POINT_set_compressed_coordinates_GFp() and EC_POINT_set_compressed_coordinates_GF2m() are synonyms for EC_POINT_set_compressed_coordinates(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>In addition <b>EC_POINT</b> can be converted to and from various external representations. The octet form is the binary encoding of the <b>ECPoint</b> structure (as defined in RFC5480 and used in certificates and TLS records): only the content octets are present, the <b>OCTET STRING</b> tag and length are not included. <b>BIGNUM</b> form is the octet form interpreted as a big endian integer converted to a <b>BIGNUM</b> structure. Hexadecimal form is the octet form converted to a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).</p>
+
+<p>The functions EC_POINT_point2oct(), EC_POINT_oct2point(), EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex() and EC_POINT_hex2point() convert from and to EC_POINTs for the formats: octet, BIGNUM and hexadecimal respectively.</p>
+
+<p>The function EC_POINT_point2oct() must be supplied with a buffer long enough to store the octet form. The return value provides the number of octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.</p>
+
+<p>The function EC_POINT_point2buf() allocates a buffer of suitable length and writes an EC_POINT to it in octet format. The allocated buffer is written to <b>*pbuf</b> and its length is returned. The caller must free up the allocated buffer with a call to OPENSSL_free(). Since the allocated buffer value is written to <b>*pbuf</b> the <b>pbuf</b> parameter <b>MUST NOT</b> be <b>NULL</b>.</p>
+
+<p>The function EC_POINT_point2hex() will allocate sufficient memory to store the hexadecimal string. It is the caller&#39;s responsibility to free this memory with a subsequent call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EC_POINT_new() and EC_POINT_dup() return the newly allocated EC_POINT or NULL on error.</p>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_copy(), EC_POINT_set_to_infinity(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), EC_POINT_set_compressed_coordinates_GFp(), EC_POINT_set_affine_coordinates_GF2m(), EC_POINT_get_affine_coordinates_GF2m(), EC_POINT_set_compressed_coordinates_GF2m() and EC_POINT_oct2point().</p>
+
+<p>EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.</p>
+
+<p>EC_POINT_point2oct() and EC_POINT_point2buf() return the length of the required buffer or 0 on error.</p>
+
+<p>EC_POINT_point2bn() returns the pointer to the BIGNUM supplied, or NULL on error.</p>
+
+<p>EC_POINT_bn2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<p>EC_POINT_point2hex() returns a pointer to the hex string, or NULL on error.</p>
+
+<p>EC_POINT_hex2point() returns the pointer to the EC_POINT supplied, or NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINTs_make_affine.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINTs_make_affine.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINTs_make_affine.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_POINTs_mul.html b/msys2/usr/share/doc/openssl/html/man3/EC_POINTs_mul.html
new file mode 100644
index 000000000..35441a799
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_POINTs_mul.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_POINT_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on EC_POINT objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                  const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                           EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num,
+                   const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EC_POINT_add adds the two points <b>a</b> and <b>b</b> and places the result in <b>r</b>. Similarly EC_POINT_dbl doubles the point <b>a</b> and places the result in <b>r</b>. In both cases it is valid for <b>r</b> to be one of <b>a</b> or <b>b</b>.</p>
+
+<p>EC_POINT_invert calculates the inverse of the supplied point <b>a</b>. The result is placed back in <b>a</b>.</p>
+
+<p>The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.</p>
+
+<p>EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.</p>
+
+<p>EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.</p>
+
+<p>The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine co-ordinate system. In the case of EC_POINTs_make_affine the value <b>num</b> provides the number of points in the array <b>points</b> to be forced.</p>
+
+<p>EC_POINT_mul is a convenient interface to EC_POINTs_mul: it calculates the value generator * <b>n</b> + <b>q</b> * <b>m</b> and stores the result in <b>r</b>. The value <b>n</b> may be NULL in which case the result is just <b>q</b> * <b>m</b> (variable point multiplication). Alternatively, both <b>q</b> and <b>m</b> may be NULL, and <b>n</b> non-NULL, in which case the result is just generator * <b>n</b> (fixed point multiplication). When performing a single fixed or variable point multiplication, the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m</b>) is in the range [0, ec_group_order).</p>
+
+<p>EC_POINTs_mul calculates the value generator * <b>n</b> + <b>q[0]</b> * <b>m[0]</b> + ... + <b>q[num-1]</b> * <b>m[num-1]</b>. As for EC_POINT_mul the value <b>n</b> may be NULL or <b>num</b> may be zero. When performing a fixed point multiplication (<b>n</b> is non-NULL and <b>num</b> is 0) or a variable point multiplication (<b>n</b> is NULL and <b>num</b> is 1), the underlying implementation uses a constant time algorithm, when the input scalar (either <b>n</b> or <b>m[0]</b>) is in the range [0, ec_group_order).</p>
+
+<p>The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a> for information about the generator.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.</p>
+
+<p>EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.</p>
+
+<p>EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.</p>
+
+<p>EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.</p>
+
+<p>EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_new.html">EC_GROUP_new(3)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EC_get_builtin_curves.html b/msys2/usr/share/doc/openssl/html/man3/EC_get_builtin_curves.html
new file mode 100644
index 000000000..af68fbacf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EC_get_builtin_curves.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EC_GROUP_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying EC_GROUP objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ec.h&gt;
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+ EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                        const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                        BN_CTX *ctx);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+                            const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+                            BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+                             BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, ECPARAMETERS *params)
+ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, ECPKPARAMETERS *params)
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised elliptic curve equation as follows:</p>
+
+<p>y^2 mod p = x^3 +ax + b mod p</p>
+
+<p>The second form is those defined over a binary field F2^m where the elements of the field are integers of length at most m bits. For this form the elliptic curve equation is modified to:</p>
+
+<p>y^2 + xy = x^3 + ax^2 + b (where b != 0)</p>
+
+<p>Operations in a binary field are performed relative to an <b>irreducible polynomial</b>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter.</p>
+
+<p>A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by <b>meth</b> (see <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>). It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. EC_GROUP_new_from_ecparameters() will create a group from the specified <b>params</b> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK <b>params</b>.</p>
+
+<p>EC_GROUP_set_curve() sets the curve parameters <b>p</b>, <b>a</b> and <b>b</b>. For a curve over Fp <b>b</b> is the prime for the field. For a curve over F2^m <b>p</b> represents the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.</p>
+
+<p>EC_group_get_curve() obtains the previously set curve parameters.</p>
+
+<p>EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for backwards compatibility only and should not be used.</p>
+
+<p>The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the EC_GROUP_set_curve function. An appropriate default implementation method will be used.</p>
+
+<p>Whilst the library can be used to create any curve using the functions described above, there are also a number of predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function EC_get_builtin_curves. The parameter <b>r</b> should be an array of EC_builtin_curve structures of size <b>nitems</b>. The function will populate the <b>r</b> array with information about the builtin curves. If <b>nitems</b> is less than the total number of curves available, then the first <b>nitems</b> curves will be returned. Otherwise the total number of curves will be provided. The return value is the total number of curves available (whether that number has been populated in <b>r</b> or not). Passing a NULL <b>r</b>, or setting <b>nitems</b> to 0 will do nothing other than return the total number of curves available. The EC_builtin_curve structure is defined as follows:</p>
+
+<pre><code> typedef struct {
+        int nid;
+        const char *comment;
+        } EC_builtin_curve;</code></pre>
+
+<p>Each EC_builtin_curve item has a unique integer id (<b>nid</b>), and a human readable comment string describing the curve.</p>
+
+<p>In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the <b>nid</b> of the curve to be constructed.</p>
+
+<p>EC_GROUP_free frees the memory associated with the EC_GROUP. If <b>group</b> is NULL nothing is done.</p>
+
+<p>EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory. If <b>group</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.</p>
+
+<p>EC_get_builtin_curves returns the number of builtin curves that are available.</p>
+
+<p>EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/EC_GROUP_copy.html">EC_GROUP_copy(3)</a>, <a href="../man3/EC_POINT_new.html">EC_POINT_new(3)</a>, <a href="../man3/EC_POINT_add.html">EC_POINT_add(3)</a>, <a href="../man3/EC_KEY_new.html">EC_KEY_new(3)</a>, <a href="../man3/EC_GFp_simple_method.html">EC_GFp_simple_method(3)</a>, <a href="../man3/d2i_ECPKParameters.html">d2i_ECPKParameters(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EDIPARTYNAME_free.html b/msys2/usr/share/doc/openssl/html/man3/EDIPARTYNAME_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EDIPARTYNAME_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EDIPARTYNAME_new.html b/msys2/usr/share/doc/openssl/html/man3/EDIPARTYNAME_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EDIPARTYNAME_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_add.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_add.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_add.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_add_conf_module.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_add_conf_module.html
new file mode 100644
index 000000000..7bcd49022
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_add_conf_module.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_load_builtin_modules</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_load_builtin_modules, ASN1_add_oid_module, ENGINE_add_conf_module - add standard configuration modules</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ void OPENSSL_load_builtin_modules(void);
+ void ASN1_add_oid_module(void);
+ void ENGINE_add_conf_module(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OPENSSL_load_builtin_modules() adds all the standard OpenSSL configuration modules to the internal list. They can then be used by the OpenSSL configuration code.</p>
+
+<p>ASN1_add_oid_module() adds just the ASN1 OBJECT module.</p>
+
+<p>ENGINE_add_conf_module() adds just the ENGINE configuration module.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If the simple configuration function OPENSSL_config() is called then OPENSSL_load_builtin_modules() is called automatically.</p>
+
+<p>Applications which use the configuration functions directly will need to call OPENSSL_load_builtin_modules() themselves <i>before</i> any other configuration code.</p>
+
+<p>Applications should call OPENSSL_load_builtin_modules() to load all configuration modules instead of adding modules selectively: otherwise functionality may be missing from the application if an when new modules are added.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/OPENSSL_config.html">OPENSSL_config(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_by_id.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_by_id.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_by_id.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_cleanup.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_cleanup.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_cmd_is_executable.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_cmd_is_executable.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_cmd_is_executable.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl_cmd.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl_cmd.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl_cmd.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl_cmd_string.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl_cmd_string.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_ctrl_cmd_string.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_finish.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_finish.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_finish.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_free.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_free.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_free.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_DH.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_DH.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_DH.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_DSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_DSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_DSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_RAND.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_RAND.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_RAND.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_RSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_RSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_RSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cipher.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cipher.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cipher.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cipher_engine.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cipher_engine.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cipher_engine.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ciphers.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ciphers.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cmd_defns.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cmd_defns.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_cmd_defns.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ctrl_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ctrl_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ctrl_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_DH.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_DH.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_DH.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_DSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_DSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_DSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_RAND.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_RAND.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_RAND.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_RSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_RSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_default_RSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_destroy_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_destroy_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_destroy_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digest.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digest.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digest.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digest_engine.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digest_engine.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digest_engine.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digests.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digests.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_digests.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_finish_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_finish_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_finish_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_first.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_first.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_first.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_flags.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_flags.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_flags.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_id.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_id.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_id.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_init_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_init_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_init_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_last.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_last.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_last.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_load_privkey_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_load_privkey_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_load_privkey_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_load_pubkey_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_load_pubkey_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_load_pubkey_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_name.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_name.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_name.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_next.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_next.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_next.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_prev.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_prev.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_prev.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_table_flags.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_table_flags.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_get_table_flags.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_init.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_init.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_init.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_builtin_engines.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_builtin_engines.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_builtin_engines.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_private_key.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_private_key.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_private_key.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_public_key.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_public_key.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_load_public_key.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_new.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_new.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_new.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_DH.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_DH.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_DH.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_DSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_DSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_DSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_RAND.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_RAND.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_RAND.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_RSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_RSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_RSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_DH.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_DH.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_DH.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_DSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_DSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_DSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_RAND.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_RAND.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_RAND.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_RSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_RSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_RSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_ciphers.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_ciphers.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_complete.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_complete.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_complete.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_digests.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_digests.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_all_digests.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_ciphers.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_ciphers.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_complete.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_complete.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_complete.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_digests.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_digests.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_register_digests.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_remove.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_remove.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_remove.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_DH.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_DH.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_DH.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_DSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_DSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_DSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_RAND.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_RAND.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_RAND.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_RSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_RSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_RSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ciphers.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ciphers.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_cmd_defns.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_cmd_defns.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_cmd_defns.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ctrl_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ctrl_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ctrl_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_DH.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_DH.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_DH.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_DSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_DSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_DSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_RAND.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_RAND.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_RAND.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_RSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_RSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_RSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_ciphers.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_ciphers.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_digests.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_digests.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_digests.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_string.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_string.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_default_string.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_destroy_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_destroy_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_destroy_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_digests.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_digests.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_digests.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_finish_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_finish_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_finish_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_flags.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_flags.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_id.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_id.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_id.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_init_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_init_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_init_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_load_privkey_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_load_privkey_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_load_privkey_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_load_pubkey_function.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_load_pubkey_function.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_load_pubkey_function.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_name.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_name.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_name.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_table_flags.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_table_flags.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_set_table_flags.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_DH.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_DH.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_DH.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_DSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_DSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_DSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_RAND.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_RAND.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_RAND.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_RSA.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_RSA.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_RSA.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_ciphers.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_ciphers.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_digests.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_digests.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_unregister_digests.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ENGINE_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/ENGINE_up_ref.html
new file mode 100644
index 000000000..7f7f027cb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ENGINE_up_ref.html
@@ -0,0 +1,422 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ENGINE_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reference-counting-and-handles">Reference counting and handles</a></li>
+      <li><a href="#Default-implementations">Default implementations</a></li>
+      <li><a href="#Application-requirements">Application requirements</a></li>
+      <li><a href="#Advanced-configuration-support">Advanced configuration support</a></li>
+    </ul>
+  </li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ENGINE_get_DH, ENGINE_get_DSA, ENGINE_by_id, ENGINE_get_cipher_engine, ENGINE_get_default_DH, ENGINE_get_default_DSA, ENGINE_get_default_RAND, ENGINE_get_default_RSA, ENGINE_get_digest_engine, ENGINE_get_first, ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev, ENGINE_new, ENGINE_get_ciphers, ENGINE_get_ctrl_function, ENGINE_get_digests, ENGINE_get_destroy_function, ENGINE_get_finish_function, ENGINE_get_init_function, ENGINE_get_load_privkey_function, ENGINE_get_load_pubkey_function, ENGINE_load_private_key, ENGINE_load_public_key, ENGINE_get_RAND, ENGINE_get_RSA, ENGINE_get_id, ENGINE_get_name, ENGINE_get_cmd_defns, ENGINE_get_cipher, ENGINE_get_digest, ENGINE_add, ENGINE_cmd_is_executable, ENGINE_ctrl, ENGINE_ctrl_cmd, ENGINE_ctrl_cmd_string, ENGINE_finish, ENGINE_free, ENGINE_get_flags, ENGINE_init, ENGINE_register_DH, ENGINE_register_DSA, ENGINE_register_RAND, ENGINE_register_RSA, ENGINE_register_all_complete, ENGINE_register_ciphers, ENGINE_register_complete, ENGINE_register_digests, ENGINE_remove, ENGINE_set_DH, ENGINE_set_DSA, ENGINE_set_RAND, ENGINE_set_RSA, ENGINE_set_ciphers, ENGINE_set_cmd_defns, ENGINE_set_ctrl_function, ENGINE_set_default, ENGINE_set_default_DH, ENGINE_set_default_DSA, ENGINE_set_default_RAND, ENGINE_set_default_RSA, ENGINE_set_default_ciphers, ENGINE_set_default_digests, ENGINE_set_default_string, ENGINE_set_destroy_function, ENGINE_set_digests, ENGINE_set_finish_function, ENGINE_set_flags, ENGINE_set_id, ENGINE_set_init_function, ENGINE_set_load_privkey_function, ENGINE_set_load_pubkey_function, ENGINE_set_name, ENGINE_up_ref, ENGINE_get_table_flags, ENGINE_cleanup, ENGINE_load_builtin_engines, ENGINE_register_all_DH, ENGINE_register_all_DSA, ENGINE_register_all_RAND, ENGINE_register_all_RSA, ENGINE_register_all_ciphers, ENGINE_register_all_digests, ENGINE_set_table_flags, ENGINE_unregister_DH, ENGINE_unregister_DSA, ENGINE_unregister_RAND, ENGINE_unregister_RSA, ENGINE_unregister_ciphers, ENGINE_unregister_digests - ENGINE cryptographic module support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/engine.h&gt;
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_builtin_engines(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                     long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                            int cmd_optional);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ENGINE_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions create, manipulate, and use cryptographic modules in the form of <b>ENGINE</b> objects. These objects act as containers for implementations of cryptographic algorithms, and support a reference-counted mechanism to allow them to be dynamically loaded in and out of the running application.</p>
+
+<p>The cryptographic functionality that can be provided by an <b>ENGINE</b> implementation includes the following abstractions;</p>
+
+<pre><code> RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by &#39;nid&#39;)
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by &#39;nid&#39;)
+ key-loading - loading public and/or private EVP_PKEY keys</code></pre>
+
+<h2 id="Reference-counting-and-handles">Reference counting and handles</h2>
+
+<p>Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be treated as handles - ie. not only as pointers, but also as references to the underlying ENGINE object. Ie. one should obtain a new reference when making copies of an ENGINE pointer if the copies will be used (and released) independently.</p>
+
+<p>ENGINE objects have two levels of reference-counting to match the way in which the objects are used. At the most basic level, each ENGINE pointer is inherently a <b>structural</b> reference - a structural reference is required to use the pointer value at all, as this kind of reference is a guarantee that the structure can not be deallocated until the reference is released.</p>
+
+<p>However, a structural reference provides no guarantee that the ENGINE is initialised and able to use any of its cryptographic implementations. Indeed it&#39;s quite possible that most ENGINEs will not initialise at all in typical environments, as ENGINEs are typically used to support specialised hardware. To use an ENGINE&#39;s functionality, you need a <b>functional</b> reference. This kind of reference can be considered a specialised form of structural reference, because each functional reference implicitly contains a structural reference as well - however to avoid difficult-to-find programming bugs, it is recommended to treat the two kinds of reference independently. If you have a functional reference to an ENGINE, you have a guarantee that the ENGINE has been initialised and is ready to perform cryptographic operations, and will remain initialised until after you have released your reference.</p>
+
+<p><i>Structural references</i></p>
+
+<p>This basic type of reference is used for instantiating new ENGINEs, iterating across OpenSSL&#39;s internal linked-list of loaded ENGINEs, reading information about an ENGINE, etc. Essentially a structural reference is sufficient if you only need to query or manipulate the data of an ENGINE implementation rather than use its functionality.</p>
+
+<p>The ENGINE_new() function returns a structural reference to a new (empty) ENGINE object. There are other ENGINE API functions that return structural references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next(), ENGINE_get_prev(). All structural references should be released by a corresponding to call to the ENGINE_free() function - the ENGINE object itself will only actually be cleaned up and deallocated when the last structural reference is released.</p>
+
+<p>It should also be noted that many ENGINE API function calls that accept a structural reference will internally obtain another reference - typically this happens whenever the supplied ENGINE will be needed by OpenSSL after the function has returned. Eg. the function to add a new ENGINE to OpenSSL&#39;s internal list is ENGINE_add() - if this function returns success, then OpenSSL will have stored a new structural reference internally so the caller is still responsible for freeing their own reference with ENGINE_free() when they are finished with it. In a similar way, some functions will automatically release the structural reference passed to it if part of the function&#39;s job is to do so. Eg. the ENGINE_get_next() and ENGINE_get_prev() functions are used for iterating across the internal ENGINE list - they will return a new structural reference to the next (or previous) ENGINE in the list or NULL if at the end (or beginning) of the list, but in either case the structural reference passed to the function is released on behalf of the caller.</p>
+
+<p>To clarify a particular function&#39;s handling of references, one should always consult that function&#39;s documentation &quot;man&quot; page, or failing that the openssl/engine.h header file includes some hints.</p>
+
+<p><i>Functional references</i></p>
+
+<p>As mentioned, functional references exist when the cryptographic functionality of an ENGINE is required to be available. A functional reference can be obtained in one of two ways; from an existing structural reference to the required ENGINE, or by asking OpenSSL for the default operational ENGINE for a given cryptographic purpose.</p>
+
+<p>To obtain a functional reference from an existing structural reference, call the ENGINE_init() function. This returns zero if the ENGINE was not already operational and couldn&#39;t be successfully initialised (eg. lack of system drivers, no special hardware attached, etc), otherwise it will return non-zero to indicate that the ENGINE is now operational and will have allocated a new <b>functional</b> reference to the ENGINE. All functional references are released by calling ENGINE_finish() (which removes the implicit structural reference as well).</p>
+
+<p>The second way to get a functional reference is by asking OpenSSL for a default implementation for a given task, eg. by ENGINE_get_default_RSA(), ENGINE_get_default_cipher_engine(), etc. These are discussed in the next section, though they are not usually required by application programmers as they are used automatically when creating and using the relevant algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.</p>
+
+<h2 id="Default-implementations">Default implementations</h2>
+
+<p>For each supported abstraction, the ENGINE code maintains an internal table of state to control which implementations are available for a given abstraction and which should be used by default. These implementations are registered in the tables and indexed by an &#39;nid&#39; value, because abstractions like EVP_CIPHER and EVP_DIGEST support many distinct algorithms and modes, and ENGINEs can support arbitrarily many of them. In the case of other abstractions like RSA, DSA, etc, there is only one &quot;algorithm&quot; so all implementations implicitly register using the same &#39;nid&#39; index.</p>
+
+<p>When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg. when calling RSA_new_method(NULL)), a &quot;get_default&quot; call will be made to the ENGINE subsystem to process the corresponding state table and return a functional reference to an initialised ENGINE whose implementation should be used. If no ENGINE should (or can) be used, it will return NULL and the caller will operate with a NULL ENGINE handle - this usually equates to using the conventional software implementation. In the latter case, OpenSSL will from then on behave the way it used to before the ENGINE API existed.</p>
+
+<p>Each state table has a flag to note whether it has processed this &quot;get_default&quot; query since the table was last modified, because to process this question it must iterate across all the registered ENGINEs in the table trying to initialise each of them in turn, in case one of them is operational. If it returns a functional reference to an ENGINE, it will also cache another reference to speed up processing future queries (without needing to iterate across the table). Likewise, it will cache a NULL response if no ENGINE was available so that future queries won&#39;t repeat the same iteration unless the state table changes. This behaviour can also be changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using ENGINE_set_table_flags()), no attempted initialisations will take place, instead the only way for the state table to return a non-NULL ENGINE to the &quot;get_default&quot; query will be if one is expressly set in the table. Eg. ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except that it also sets the state table&#39;s cached response for the &quot;get_default&quot; query. In the case of abstractions like EVP_CIPHER, where implementations are indexed by &#39;nid&#39;, these flags and cached-responses are distinct for each &#39;nid&#39; value.</p>
+
+<h2 id="Application-requirements">Application requirements</h2>
+
+<p>This section will explain the basic things an application programmer should support to make the most useful elements of the ENGINE functionality available to the user. The first thing to consider is whether the programmer wishes to make alternative ENGINE modules available to the application and user. OpenSSL maintains an internal linked list of &quot;visible&quot; ENGINEs from which it has to operate - at start-up, this list is empty and in fact if an application does not call any ENGINE API calls and it uses static linking against openssl, then the resulting application binary will not contain any alternative ENGINE code at all. So the first consideration is whether any/all available ENGINE implementations should be made visible to OpenSSL - this is controlled by calling the various &quot;load&quot; functions.</p>
+
+<p>The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are &quot;registered&quot; or called into use by OpenSSL automatically - that behaviour is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialise - ie. to assume that this corresponds to acceleration hardware attached to the machine or some such thing. There are probably numerous other ways in which applications may prefer to handle things, so we will simply illustrate the consequences as they apply to a couple of simple cases and leave developers to consider these and the source code to openssl&#39;s builtin utilities as guides.</p>
+
+<p>If no ENGINE API functions are called within an application, then OpenSSL will not allocate any internal resources. Prior to OpenSSL 1.1.0, however, if any ENGINEs are loaded, even if not registered or used, it was necessary to call ENGINE_cleanup() before the program exits.</p>
+
+<p><i>Using a specific ENGINE implementation</i></p>
+
+<p>Here we&#39;ll assume an application has been configured by its user or admin to want to use the &quot;ACME&quot; ENGINE if it is available in the version of OpenSSL the application was compiled with. If it is available, it should be used by default for all RSA, DSA, and symmetric cipher operations, otherwise OpenSSL should use its builtin software as per usual. The following code illustrates how to approach this;</p>
+
+<pre><code> ENGINE *e;
+ const char *engine_id = &quot;ACME&quot;;
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if (!e)
+     /* the engine isn&#39;t available */
+     return;
+ if (!ENGINE_init(e)) {
+     /* the engine couldn&#39;t initialise, release &#39;e&#39; */
+     ENGINE_free(e);
+     return;
+ }
+ if (!ENGINE_set_default_RSA(e))
+     /*
+      * This should only happen when &#39;e&#39; can&#39;t initialise, but the previous
+      * statement suggests it did.
+      */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);</code></pre>
+
+<p><i>Automatically using builtin ENGINE implementations</i></p>
+
+<p>Here we&#39;ll assume we want to load and register all ENGINE implementations bundled with OpenSSL, such that for any cryptographic algorithm required by OpenSSL - if there is an ENGINE that implements it and can be initialised, it should be used. The following code illustrates how this can work;</p>
+
+<pre><code> /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();</code></pre>
+
+<p>That&#39;s all that&#39;s required. Eg. the next time OpenSSL tries to set up an RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to ENGINE_init() and if any of those succeed, that ENGINE will be set as the default for RSA use from then on.</p>
+
+<h2 id="Advanced-configuration-support">Advanced configuration support</h2>
+
+<p>There is a mechanism supported by the ENGINE framework that allows each ENGINE implementation to define an arbitrary set of configuration &quot;commands&quot; and expose them to OpenSSL and any applications based on OpenSSL. This mechanism is entirely based on the use of name-value pairs and assumes ASCII input (no unicode or UTF for now!), so it is ideal if applications want to provide a transparent way for users to provide arbitrary configuration &quot;directives&quot; directly to such ENGINEs. It is also possible for the application to dynamically interrogate the loaded ENGINE implementations for the names, descriptions, and input flags of their available &quot;control commands&quot;, providing a more flexible configuration scheme. However, if the user is expected to know which ENGINE device he/she is using (in the case of specialised hardware, this goes without saying) then applications may not need to concern themselves with discovering the supported control commands and simply prefer to pass settings into ENGINEs exactly as they are provided by the user.</p>
+
+<p>Before illustrating how control commands work, it is worth mentioning what they are typically used for. Broadly speaking there are two uses for control commands; the first is to provide the necessary details to the implementation (which may know nothing at all specific to the host system) so that it can be initialised for use. This could include the path to any driver or config files it needs to load, required network addresses, smart-card identifiers, passwords to initialise protected devices, logging information, etc etc. This class of commands typically needs to be passed to an ENGINE <b>before</b> attempting to initialise it, ie. before calling ENGINE_init(). The other class of commands consist of settings or operations that tweak certain behaviour or cause certain operations to take place, and these commands may work either before or after ENGINE_init(), or in some cases both. ENGINE implementations should provide indications of this in the descriptions attached to builtin control commands and/or in external product documentation.</p>
+
+<p><i>Issuing control commands to an ENGINE</i></p>
+
+<p>Let&#39;s illustrate by example; a function for which the caller supplies the name of the ENGINE it wishes to use, a table of string-pairs for use before initialisation, and another table for use after initialisation. Note that the string-pairs used for control commands consist of a command &quot;name&quot; followed by the command &quot;parameter&quot; - the parameter could be NULL in some cases but the name can not. This function should initialise the ENGINE (issuing the &quot;pre&quot; commands beforehand and the &quot;post&quot; commands afterwards) and set it as the default for everything except RAND and then return a boolean success or failure.</p>
+
+<pre><code> int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if (!e) return 0;
+     while (pre_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_free(e);
+             return 0;
+         }
+         pre_cmds += 2;
+     }
+     if (!ENGINE_init(e)) {
+         fprintf(stderr, &quot;Failed initialisation\n&quot;);
+         ENGINE_free(e);
+         return 0;
+     }
+     /*
+      * ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id().
+      */
+     ENGINE_free(e);
+     while (post_num--) {
+         if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, &quot;Failed command (%s - %s:%s)\n&quot;, engine_id,
+                     post_cmds[0], post_cmds[1] ? post_cmds[1] : &quot;(NULL)&quot;);
+             ENGINE_finish(e);
+             return 0;
+         }
+         post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL &amp; ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }</code></pre>
+
+<p>Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can relax the semantics of the function - if set non-zero it will only return failure if the ENGINE supported the given command name but failed while executing it, if the ENGINE doesn&#39;t support the command name it will simply return success without doing anything. In this case we assume the user is only supplying commands specific to the given ENGINE so we set this to FALSE.</p>
+
+<p><i>Discovering supported control commands</i></p>
+
+<p>It is possible to discover at run-time the names, numerical-ids, descriptions and input parameters of the control commands supported by an ENGINE using a structural reference. Note that some control commands are defined by OpenSSL itself and it will intercept and handle these control commands on behalf of the ENGINE, ie. the ENGINE&#39;s ctrl() handler is not used for the control command. openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a &quot;generic&quot; command is handled directly by the OpenSSL core routines.</p>
+
+<p>It is using these &quot;core&quot; control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands:</p>
+
+<pre><code> ENGINE_HAS_CTRL_FUNCTION
+ ENGINE_CTRL_GET_FIRST_CMD_TYPE
+ ENGINE_CTRL_GET_NEXT_CMD_TYPE
+ ENGINE_CTRL_GET_CMD_FROM_NAME
+ ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
+ ENGINE_CTRL_GET_NAME_FROM_CMD
+ ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
+ ENGINE_CTRL_GET_DESC_FROM_CMD
+ ENGINE_CTRL_GET_CMD_FLAGS</code></pre>
+
+<p>Whilst these commands are automatically processed by the OpenSSL framework code, they use various properties exposed by each ENGINE to process these queries. An ENGINE has 3 properties it exposes that can affect how this behaves; it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in the ENGINE&#39;s flags, and it can expose an array of control command descriptions. If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will simply pass all these &quot;core&quot; control commands directly to the ENGINE&#39;s ctrl() handler (and thus, it must have supplied one), so it is up to the ENGINE to reply to these &quot;discovery&quot; commands itself. If that flag is not set, then the OpenSSL framework code will work with the following rules:</p>
+
+<pre><code> if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...</code></pre>
+
+<p>If the ENGINE&#39;s array of control commands is empty then all other commands will fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the identifier of a command supported by the ENGINE and returns the next command identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string name for a command and returns the corresponding identifier or fails if no such command name exists, and the remaining commands take a command identifier and return properties of the corresponding commands. All except ENGINE_CTRL_GET_FLAGS return the string length of a command name or description, or populate a supplied character buffer with a copy of the command name or description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR&#39;d mask of the following possible values:</p>
+
+<pre><code> ENGINE_CMD_FLAG_NUMERIC
+ ENGINE_CMD_FLAG_STRING
+ ENGINE_CMD_FLAG_NO_INPUT
+ ENGINE_CMD_FLAG_INTERNAL</code></pre>
+
+<p>If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely informational to the caller - this flag will prevent the command being usable for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string(). &quot;INTERNAL&quot; commands are not intended to be exposed to text-based configuration by applications, administrations, users, etc. These can support arbitrary operations via ENGINE_ctrl(), including passing to and/or from the control commands data of any arbitrary type. These commands are supported in the discovery mechanisms simply to allow applications to determine if an ENGINE supports certain specific commands it might want to use (eg. application &quot;foo&quot; might query various ENGINEs to see if they implement &quot;FOO_GET_VENDOR_LOGO_GIF&quot; - and ENGINE could therefore decide whether or not to support this &quot;foo&quot;-specific extension).</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ENGINE_get_first(), ENGINE_get_last(), ENGINE_get_next() and ENGINE_get_prev() return a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_add() and ENGINE_remove() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_by_id() returns a valid <b>ENGINE</b> structure or NULL if an error occurred.</p>
+
+<p>ENGINE_init() and ENGINE_finish() return 1 on success or 0 on error.</p>
+
+<p>All ENGINE_get_default_TYPE() functions, ENGINE_get_cipher_engine() and ENGINE_get_digest_engine() return a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>All ENGINE_set_default_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_default() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_table_flags() returns an unsigned integer value representing the global table flags which are used to control the registration behaviour of <b>ENGINE</b> implementations.</p>
+
+<p>All ENGINE_register_TYPE() functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_ctrl() returns a positive value on success or others on error.</p>
+
+<p>ENGINE_cmd_is_executable() returns 1 if <b>cmd</b> is executable or 0 otherwise.</p>
+
+<p>ENGINE_ctrl_cmd() and ENGINE_ctrl_cmd_string() return 1 on success or 0 on error.</p>
+
+<p>ENGINE_new() returns a valid <b>ENGINE</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_free() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_up_ref() returns 1 on success or 0 on error.</p>
+
+<p>ENGINE_set_id() and ENGINE_set_name() return 1 on success or 0 on error.</p>
+
+<p>All other <b>ENGINE_set_*</b> functions return 1 on success or 0 on error.</p>
+
+<p>ENGINE_get_id() and ENGINE_get_name() return a string representing the identifier and the name of the ENGINE <b>e</b> respectively.</p>
+
+<p>ENGINE_get_RSA(), ENGINE_get_DSA(), ENGINE_get_DH() and ENGINE_get_RAND() return corresponding method structures for each algorithms.</p>
+
+<p>ENGINE_get_destroy_function(), ENGINE_get_init_function(), ENGINE_get_finish_function(), ENGINE_get_ctrl_function(), ENGINE_get_load_privkey_function(), ENGINE_get_load_pubkey_function(), ENGINE_get_ciphers() and ENGINE_get_digests() return corresponding function pointers of the callbacks.</p>
+
+<p>ENGINE_get_cipher() returns a valid <b>EVP_CIPHER</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_digest() returns a valid <b>EVP_MD</b> structure on success or NULL if an error occurred.</p>
+
+<p>ENGINE_get_flags() returns an integer representing the ENGINE flags which are used to control various behaviours of an ENGINE.</p>
+
+<p>ENGINE_get_cmd_defns() returns an <b>ENGINE_CMD_DEFN</b> structure or NULL if it&#39;s not set.</p>
+
+<p>ENGINE_load_private_key() and ENGINE_load_public_key() return a valid <b>EVP_PKEY</b> structure on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a>, <a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/DH_new.html">DH_new(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man5/config.html">config(5)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ENGINE_cleanup() was deprecated in OpenSSL 1.1.0 by the automatic cleanup done by OPENSSL_cleanup() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_FATAL_ERROR.html b/msys2/usr/share/doc/openssl/html/man3/ERR_FATAL_ERROR.html
new file mode 100644
index 000000000..18458f4e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_FATAL_ERROR.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_GET_LIB</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON, ERR_FATAL_ERROR - get information from error codes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ int ERR_GET_LIB(unsigned long e);
+
+ int ERR_GET_FUNC(unsigned long e);
+
+ int ERR_GET_REASON(unsigned long e);
+
+ int ERR_FATAL_ERROR(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The error code returned by ERR_get_error() consists of a library number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() can be used to extract these.</p>
+
+<p>ERR_FATAL_ERROR() indicates whether a given error code is a fatal error.</p>
+
+<p>The library number and function code describe where the error occurred, the reason code is the information about what went wrong.</p>
+
+<p>Each sub-library of OpenSSL has a unique library number; function and reason codes are unique within each sub-library. Note that different libraries may use the same value to signal different functions and reasons.</p>
+
+<p><b>ERR_R_...</b> reason codes such as <b>ERR_R_MALLOC_FAILURE</b> are globally unique. However, when checking for sub-library specific reason codes, be sure to also compare the library number.</p>
+
+<p>ERR_GET_LIB(), ERR_GET_FUNC(), ERR_GET_REASON(), and ERR_FATAL_ERROR() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The library number, function code, reason code, and whether the error is fatal, respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in all versions of OpenSSL.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_GET_FUNC.html b/msys2/usr/share/doc/openssl/html/man3/ERR_GET_FUNC.html
new file mode 100644
index 000000000..18458f4e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_GET_FUNC.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_GET_LIB</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON, ERR_FATAL_ERROR - get information from error codes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ int ERR_GET_LIB(unsigned long e);
+
+ int ERR_GET_FUNC(unsigned long e);
+
+ int ERR_GET_REASON(unsigned long e);
+
+ int ERR_FATAL_ERROR(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The error code returned by ERR_get_error() consists of a library number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() can be used to extract these.</p>
+
+<p>ERR_FATAL_ERROR() indicates whether a given error code is a fatal error.</p>
+
+<p>The library number and function code describe where the error occurred, the reason code is the information about what went wrong.</p>
+
+<p>Each sub-library of OpenSSL has a unique library number; function and reason codes are unique within each sub-library. Note that different libraries may use the same value to signal different functions and reasons.</p>
+
+<p><b>ERR_R_...</b> reason codes such as <b>ERR_R_MALLOC_FAILURE</b> are globally unique. However, when checking for sub-library specific reason codes, be sure to also compare the library number.</p>
+
+<p>ERR_GET_LIB(), ERR_GET_FUNC(), ERR_GET_REASON(), and ERR_FATAL_ERROR() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The library number, function code, reason code, and whether the error is fatal, respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in all versions of OpenSSL.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_GET_LIB.html b/msys2/usr/share/doc/openssl/html/man3/ERR_GET_LIB.html
new file mode 100644
index 000000000..18458f4e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_GET_LIB.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_GET_LIB</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON, ERR_FATAL_ERROR - get information from error codes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ int ERR_GET_LIB(unsigned long e);
+
+ int ERR_GET_FUNC(unsigned long e);
+
+ int ERR_GET_REASON(unsigned long e);
+
+ int ERR_FATAL_ERROR(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The error code returned by ERR_get_error() consists of a library number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() can be used to extract these.</p>
+
+<p>ERR_FATAL_ERROR() indicates whether a given error code is a fatal error.</p>
+
+<p>The library number and function code describe where the error occurred, the reason code is the information about what went wrong.</p>
+
+<p>Each sub-library of OpenSSL has a unique library number; function and reason codes are unique within each sub-library. Note that different libraries may use the same value to signal different functions and reasons.</p>
+
+<p><b>ERR_R_...</b> reason codes such as <b>ERR_R_MALLOC_FAILURE</b> are globally unique. However, when checking for sub-library specific reason codes, be sure to also compare the library number.</p>
+
+<p>ERR_GET_LIB(), ERR_GET_FUNC(), ERR_GET_REASON(), and ERR_FATAL_ERROR() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The library number, function code, reason code, and whether the error is fatal, respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in all versions of OpenSSL.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_GET_REASON.html b/msys2/usr/share/doc/openssl/html/man3/ERR_GET_REASON.html
new file mode 100644
index 000000000..18458f4e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_GET_REASON.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_GET_LIB</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON, ERR_FATAL_ERROR - get information from error codes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ int ERR_GET_LIB(unsigned long e);
+
+ int ERR_GET_FUNC(unsigned long e);
+
+ int ERR_GET_REASON(unsigned long e);
+
+ int ERR_FATAL_ERROR(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The error code returned by ERR_get_error() consists of a library number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() can be used to extract these.</p>
+
+<p>ERR_FATAL_ERROR() indicates whether a given error code is a fatal error.</p>
+
+<p>The library number and function code describe where the error occurred, the reason code is the information about what went wrong.</p>
+
+<p>Each sub-library of OpenSSL has a unique library number; function and reason codes are unique within each sub-library. Note that different libraries may use the same value to signal different functions and reasons.</p>
+
+<p><b>ERR_R_...</b> reason codes such as <b>ERR_R_MALLOC_FAILURE</b> are globally unique. However, when checking for sub-library specific reason codes, be sure to also compare the library number.</p>
+
+<p>ERR_GET_LIB(), ERR_GET_FUNC(), ERR_GET_REASON(), and ERR_FATAL_ERROR() are macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The library number, function code, reason code, and whether the error is fatal, respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in all versions of OpenSSL.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_PACK.html b/msys2/usr/share/doc/openssl/html/man3/ERR_PACK.html
new file mode 100644
index 000000000..1d3cc87af
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_PACK.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_load_strings</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load arbitrary error strings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
+
+ int ERR_get_next_error_library(void);
+
+ unsigned long ERR_PACK(int lib, int func, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_load_strings() registers error strings for library number <b>lib</b>.</p>
+
+<p><b>str</b> is an array of error string data:</p>
+
+<pre><code> typedef struct ERR_string_data_st
+ {
+     unsigned long error;
+     char *string;
+ } ERR_STRING_DATA;</code></pre>
+
+<p>The error code is generated from the library number and a function and reason code: <b>error</b> = ERR_PACK(<b>lib</b>, <b>func</b>, <b>reason</b>). ERR_PACK() is a macro.</p>
+
+<p>The last entry in the array is {0,0}.</p>
+
+<p>ERR_get_next_error_library() can be used to assign library numbers to user libraries at runtime.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_load_strings() returns no value. ERR_PACK() return the error code. ERR_get_next_error_library() returns zero on failure, otherwise a new library number.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_add_error_data.html b/msys2/usr/share/doc/openssl/html/man3/ERR_add_error_data.html
new file mode 100644
index 000000000..0e9c9e7aa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_add_error_data.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_put_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reporting-errors">Reporting errors</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_put_error, ERR_add_error_data, ERR_add_error_vdata - record an error</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_put_error(int lib, int func, int reason, const char *file, int line);
+
+ void ERR_add_error_data(int num, ...);
+ void ERR_add_error_vdata(int num, va_list arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_put_error() adds an error code to the thread&#39;s error queue. It signals that the error of reason code <b>reason</b> occurred in function <b>func</b> of library <b>lib</b>, in line number <b>line</b> of <b>file</b>. This function is usually called by a macro.</p>
+
+<p>ERR_add_error_data() associates the concatenation of its <b>num</b> string arguments with the error code added last. ERR_add_error_vdata() is similar except the argument is a <b>va_list</b>.</p>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a> can be used to register error strings so that the application can a generate human-readable error messages for the error code.</p>
+
+<h2 id="Reporting-errors">Reporting errors</h2>
+
+<p>Each sub-library has a specific macro XXXerr() that is used to report errors. Its first argument is a function code <b>XXX_F_...</b>, the second argument is a reason code <b>XXX_R_...</b>. Function codes are derived from the function names; reason codes consist of textual error descriptions. For example, the function ssl3_read_bytes() reports a &quot;handshake failure&quot; as follows:</p>
+
+<pre><code> SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);</code></pre>
+
+<p>Function and reason codes should consist of upper case characters, numbers and underscores only. The error file generation script translates function codes into function names by looking in the header files for an appropriate function name, if none is found it just uses the capitalized form such as &quot;SSL3_READ_BYTES&quot; in the above example.</p>
+
+<p>The trailing section of a reason code (after the &quot;_R_&quot;) is translated into lower case and underscores changed to spaces.</p>
+
+<p>Although a library will normally report errors using its own specific XXXerr macro, another library&#39;s macro can be used. This is normally only done when a library wants to include ASN1 code which must use the ASN1err() macro.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_put_error() and ERR_add_error_data() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_add_error_vdata.html b/msys2/usr/share/doc/openssl/html/man3/ERR_add_error_vdata.html
new file mode 100644
index 000000000..0e9c9e7aa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_add_error_vdata.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_put_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reporting-errors">Reporting errors</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_put_error, ERR_add_error_data, ERR_add_error_vdata - record an error</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_put_error(int lib, int func, int reason, const char *file, int line);
+
+ void ERR_add_error_data(int num, ...);
+ void ERR_add_error_vdata(int num, va_list arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_put_error() adds an error code to the thread&#39;s error queue. It signals that the error of reason code <b>reason</b> occurred in function <b>func</b> of library <b>lib</b>, in line number <b>line</b> of <b>file</b>. This function is usually called by a macro.</p>
+
+<p>ERR_add_error_data() associates the concatenation of its <b>num</b> string arguments with the error code added last. ERR_add_error_vdata() is similar except the argument is a <b>va_list</b>.</p>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a> can be used to register error strings so that the application can a generate human-readable error messages for the error code.</p>
+
+<h2 id="Reporting-errors">Reporting errors</h2>
+
+<p>Each sub-library has a specific macro XXXerr() that is used to report errors. Its first argument is a function code <b>XXX_F_...</b>, the second argument is a reason code <b>XXX_R_...</b>. Function codes are derived from the function names; reason codes consist of textual error descriptions. For example, the function ssl3_read_bytes() reports a &quot;handshake failure&quot; as follows:</p>
+
+<pre><code> SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);</code></pre>
+
+<p>Function and reason codes should consist of upper case characters, numbers and underscores only. The error file generation script translates function codes into function names by looking in the header files for an appropriate function name, if none is found it just uses the capitalized form such as &quot;SSL3_READ_BYTES&quot; in the above example.</p>
+
+<p>The trailing section of a reason code (after the &quot;_R_&quot;) is translated into lower case and underscores changed to spaces.</p>
+
+<p>Although a library will normally report errors using its own specific XXXerr macro, another library&#39;s macro can be used. This is normally only done when a library wants to include ASN1 code which must use the ASN1err() macro.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_put_error() and ERR_add_error_data() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_clear_error.html b/msys2/usr/share/doc/openssl/html/man3/ERR_clear_error.html
new file mode 100644
index 000000000..72ea4c5bb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_clear_error.html
@@ -0,0 +1,56 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_clear_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_clear_error - clear the error queue</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_clear_error(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_clear_error() empties the current thread&#39;s error queue.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_clear_error() has no return value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_error_string.html b/msys2/usr/share/doc/openssl/html/man3/ERR_error_string.html
new file mode 100644
index 000000000..fecc6a229
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_error_string.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_error_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_error_string, ERR_error_string_n, ERR_lib_error_string, ERR_func_error_string, ERR_reason_error_string - obtain human-readable error message</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+
+ const char *ERR_lib_error_string(unsigned long e);
+ const char *ERR_func_error_string(unsigned long e);
+ const char *ERR_reason_error_string(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_error_string() generates a human-readable string representing the error code <i>e</i>, and places it at <i>buf</i>. <i>buf</i> must be at least 256 bytes long. If <i>buf</i> is <b>NULL</b>, the error string is placed in a static buffer. Note that this function is not thread-safe and does no checks on the size of the buffer; use ERR_error_string_n() instead.</p>
+
+<p>ERR_error_string_n() is a variant of ERR_error_string() that writes at most <i>len</i> characters (including the terminating 0) and truncates the string if necessary. For ERR_error_string_n(), <i>buf</i> may not be <b>NULL</b>.</p>
+
+<p>The string will have the following format:</p>
+
+<pre><code> error:[error code]:[library name]:[function name]:[reason string]</code></pre>
+
+<p><i>error code</i> is an 8 digit hexadecimal number, <i>library name</i>, <i>function name</i> and <i>reason string</i> are ASCII text.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the library name, function name and reason string respectively.</p>
+
+<p>If there is no text string registered for the given error code, the error string will contain the numeric code.</p>
+
+<p><a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a> can be used to print all error codes currently in the queue.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_error_string() returns a pointer to a static buffer containing the string if <i>buf</i> <b>== NULL</b>, <i>buf</i> otherwise.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the strings, and <b>NULL</b> if none is registered for the error code.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_error_string_n.html b/msys2/usr/share/doc/openssl/html/man3/ERR_error_string_n.html
new file mode 100644
index 000000000..fecc6a229
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_error_string_n.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_error_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_error_string, ERR_error_string_n, ERR_lib_error_string, ERR_func_error_string, ERR_reason_error_string - obtain human-readable error message</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+
+ const char *ERR_lib_error_string(unsigned long e);
+ const char *ERR_func_error_string(unsigned long e);
+ const char *ERR_reason_error_string(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_error_string() generates a human-readable string representing the error code <i>e</i>, and places it at <i>buf</i>. <i>buf</i> must be at least 256 bytes long. If <i>buf</i> is <b>NULL</b>, the error string is placed in a static buffer. Note that this function is not thread-safe and does no checks on the size of the buffer; use ERR_error_string_n() instead.</p>
+
+<p>ERR_error_string_n() is a variant of ERR_error_string() that writes at most <i>len</i> characters (including the terminating 0) and truncates the string if necessary. For ERR_error_string_n(), <i>buf</i> may not be <b>NULL</b>.</p>
+
+<p>The string will have the following format:</p>
+
+<pre><code> error:[error code]:[library name]:[function name]:[reason string]</code></pre>
+
+<p><i>error code</i> is an 8 digit hexadecimal number, <i>library name</i>, <i>function name</i> and <i>reason string</i> are ASCII text.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the library name, function name and reason string respectively.</p>
+
+<p>If there is no text string registered for the given error code, the error string will contain the numeric code.</p>
+
+<p><a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a> can be used to print all error codes currently in the queue.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_error_string() returns a pointer to a static buffer containing the string if <i>buf</i> <b>== NULL</b>, <i>buf</i> otherwise.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the strings, and <b>NULL</b> if none is registered for the error code.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_free_strings.html b/msys2/usr/share/doc/openssl/html/man3/ERR_free_strings.html
new file mode 100644
index 000000000..ff69f12c2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_free_strings.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_load_crypto_strings</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings - load and free error strings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>Deprecated:</p>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ERR_load_crypto_strings(void);
+ void ERR_free_strings(void);
+ #endif
+
+ #include &lt;openssl/ssl.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void SSL_load_error_strings(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_load_crypto_strings() registers the error strings for all <b>libcrypto</b> functions. SSL_load_error_strings() does the same, but also registers the <b>libssl</b> error strings.</p>
+
+<p>In versions prior to OpenSSL 1.1.0, ERR_free_strings() releases any resources created by the above functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_load_crypto_strings(), SSL_load_error_strings() and ERR_free_strings() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ERR_load_crypto_strings(), SSL_load_error_strings(), and ERR_free_strings() functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto() and OPENSSL_init_ssl() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_func_error_string.html b/msys2/usr/share/doc/openssl/html/man3/ERR_func_error_string.html
new file mode 100644
index 000000000..fecc6a229
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_func_error_string.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_error_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_error_string, ERR_error_string_n, ERR_lib_error_string, ERR_func_error_string, ERR_reason_error_string - obtain human-readable error message</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+
+ const char *ERR_lib_error_string(unsigned long e);
+ const char *ERR_func_error_string(unsigned long e);
+ const char *ERR_reason_error_string(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_error_string() generates a human-readable string representing the error code <i>e</i>, and places it at <i>buf</i>. <i>buf</i> must be at least 256 bytes long. If <i>buf</i> is <b>NULL</b>, the error string is placed in a static buffer. Note that this function is not thread-safe and does no checks on the size of the buffer; use ERR_error_string_n() instead.</p>
+
+<p>ERR_error_string_n() is a variant of ERR_error_string() that writes at most <i>len</i> characters (including the terminating 0) and truncates the string if necessary. For ERR_error_string_n(), <i>buf</i> may not be <b>NULL</b>.</p>
+
+<p>The string will have the following format:</p>
+
+<pre><code> error:[error code]:[library name]:[function name]:[reason string]</code></pre>
+
+<p><i>error code</i> is an 8 digit hexadecimal number, <i>library name</i>, <i>function name</i> and <i>reason string</i> are ASCII text.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the library name, function name and reason string respectively.</p>
+
+<p>If there is no text string registered for the given error code, the error string will contain the numeric code.</p>
+
+<p><a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a> can be used to print all error codes currently in the queue.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_error_string() returns a pointer to a static buffer containing the string if <i>buf</i> <b>== NULL</b>, <i>buf</i> otherwise.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the strings, and <b>NULL</b> if none is registered for the error code.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_get_error.html b/msys2/usr/share/doc/openssl/html/man3/ERR_get_error.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_get_error.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_get_error_line.html b/msys2/usr/share/doc/openssl/html/man3/ERR_get_error_line.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_get_error_line.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_get_error_line_data.html b/msys2/usr/share/doc/openssl/html/man3/ERR_get_error_line_data.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_get_error_line_data.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_get_next_error_library.html b/msys2/usr/share/doc/openssl/html/man3/ERR_get_next_error_library.html
new file mode 100644
index 000000000..1d3cc87af
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_get_next_error_library.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_load_strings</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load arbitrary error strings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
+
+ int ERR_get_next_error_library(void);
+
+ unsigned long ERR_PACK(int lib, int func, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_load_strings() registers error strings for library number <b>lib</b>.</p>
+
+<p><b>str</b> is an array of error string data:</p>
+
+<pre><code> typedef struct ERR_string_data_st
+ {
+     unsigned long error;
+     char *string;
+ } ERR_STRING_DATA;</code></pre>
+
+<p>The error code is generated from the library number and a function and reason code: <b>error</b> = ERR_PACK(<b>lib</b>, <b>func</b>, <b>reason</b>). ERR_PACK() is a macro.</p>
+
+<p>The last entry in the array is {0,0}.</p>
+
+<p>ERR_get_next_error_library() can be used to assign library numbers to user libraries at runtime.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_load_strings() returns no value. ERR_PACK() return the error code. ERR_get_next_error_library() returns zero on failure, otherwise a new library number.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_lib_error_string.html b/msys2/usr/share/doc/openssl/html/man3/ERR_lib_error_string.html
new file mode 100644
index 000000000..fecc6a229
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_lib_error_string.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_error_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_error_string, ERR_error_string_n, ERR_lib_error_string, ERR_func_error_string, ERR_reason_error_string - obtain human-readable error message</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+
+ const char *ERR_lib_error_string(unsigned long e);
+ const char *ERR_func_error_string(unsigned long e);
+ const char *ERR_reason_error_string(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_error_string() generates a human-readable string representing the error code <i>e</i>, and places it at <i>buf</i>. <i>buf</i> must be at least 256 bytes long. If <i>buf</i> is <b>NULL</b>, the error string is placed in a static buffer. Note that this function is not thread-safe and does no checks on the size of the buffer; use ERR_error_string_n() instead.</p>
+
+<p>ERR_error_string_n() is a variant of ERR_error_string() that writes at most <i>len</i> characters (including the terminating 0) and truncates the string if necessary. For ERR_error_string_n(), <i>buf</i> may not be <b>NULL</b>.</p>
+
+<p>The string will have the following format:</p>
+
+<pre><code> error:[error code]:[library name]:[function name]:[reason string]</code></pre>
+
+<p><i>error code</i> is an 8 digit hexadecimal number, <i>library name</i>, <i>function name</i> and <i>reason string</i> are ASCII text.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the library name, function name and reason string respectively.</p>
+
+<p>If there is no text string registered for the given error code, the error string will contain the numeric code.</p>
+
+<p><a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a> can be used to print all error codes currently in the queue.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_error_string() returns a pointer to a static buffer containing the string if <i>buf</i> <b>== NULL</b>, <i>buf</i> otherwise.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the strings, and <b>NULL</b> if none is registered for the error code.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_load_crypto_strings.html b/msys2/usr/share/doc/openssl/html/man3/ERR_load_crypto_strings.html
new file mode 100644
index 000000000..ff69f12c2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_load_crypto_strings.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_load_crypto_strings</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings - load and free error strings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>Deprecated:</p>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ERR_load_crypto_strings(void);
+ void ERR_free_strings(void);
+ #endif
+
+ #include &lt;openssl/ssl.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void SSL_load_error_strings(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_load_crypto_strings() registers the error strings for all <b>libcrypto</b> functions. SSL_load_error_strings() does the same, but also registers the <b>libssl</b> error strings.</p>
+
+<p>In versions prior to OpenSSL 1.1.0, ERR_free_strings() releases any resources created by the above functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_load_crypto_strings(), SSL_load_error_strings() and ERR_free_strings() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ERR_load_crypto_strings(), SSL_load_error_strings(), and ERR_free_strings() functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto() and OPENSSL_init_ssl() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_load_strings.html b/msys2/usr/share/doc/openssl/html/man3/ERR_load_strings.html
new file mode 100644
index 000000000..1d3cc87af
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_load_strings.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_load_strings</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load arbitrary error strings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
+
+ int ERR_get_next_error_library(void);
+
+ unsigned long ERR_PACK(int lib, int func, int reason);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_load_strings() registers error strings for library number <b>lib</b>.</p>
+
+<p><b>str</b> is an array of error string data:</p>
+
+<pre><code> typedef struct ERR_string_data_st
+ {
+     unsigned long error;
+     char *string;
+ } ERR_STRING_DATA;</code></pre>
+
+<p>The error code is generated from the library number and a function and reason code: <b>error</b> = ERR_PACK(<b>lib</b>, <b>func</b>, <b>reason</b>). ERR_PACK() is a macro.</p>
+
+<p>The last entry in the array is {0,0}.</p>
+
+<p>ERR_get_next_error_library() can be used to assign library numbers to user libraries at runtime.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_load_strings() returns no value. ERR_PACK() return the error code. ERR_get_next_error_library() returns zero on failure, otherwise a new library number.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error.html b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error_line.html b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error_line.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error_line.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error_line_data.html b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error_line_data.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_error_line_data.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error.html b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error_line.html b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error_line.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error_line.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error_line_data.html b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error_line_data.html
new file mode 100644
index 000000000..a793d6c48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_peek_last_error_line_data.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_get_error, ERR_peek_error, ERR_peek_last_error, ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line, ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data - obtain error code and data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                        const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                             const char **data, int *flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_get_error() returns the earliest error code from the thread&#39;s error queue and removes the entry. This function can be called repeatedly until there are no more error codes to return.</p>
+
+<p>ERR_peek_error() returns the earliest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>ERR_peek_last_error() returns the latest error code from the thread&#39;s error queue without modifying it.</p>
+
+<p>See <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a> for obtaining information about location and reason of the error, and <a href="../man3/ERR_error_string.html">ERR_error_string(3)</a> for human-readable error messages.</p>
+
+<p>ERR_get_error_line(), ERR_peek_error_line() and ERR_peek_last_error_line() are the same as the above, but they additionally store the file name and line number where the error occurred in *<b>file</b> and *<b>line</b>, unless these are <b>NULL</b>.</p>
+
+<p>ERR_get_error_line_data(), ERR_peek_error_line_data() and ERR_peek_last_error_line_data() store additional data and flags associated with the error code in *<b>data</b> and *<b>flags</b>, unless these are <b>NULL</b>. *<b>data</b> contains a string if *<b>flags</b>&amp;<b>ERR_TXT_STRING</b> is true.</p>
+
+<p>An application <b>MUST NOT</b> free the *<b>data</b> pointer (or any other pointers returned by these functions) with OPENSSL_free() as freeing is handled automatically by the error library.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The error code, or 0 if there is no error in the queue.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_pop_to_mark.html b/msys2/usr/share/doc/openssl/html/man3/ERR_pop_to_mark.html
new file mode 100644
index 000000000..45796629d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_pop_to_mark.html
@@ -0,0 +1,57 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_set_mark</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_set_mark, ERR_pop_to_mark - set marks and pop errors until mark</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ int ERR_set_mark(void);
+
+ int ERR_pop_to_mark(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_set_mark() sets a mark on the current topmost error record if there is one.</p>
+
+<p>ERR_pop_to_mark() will pop the top of the error stack until a mark is found. The mark is then removed. If there is no mark, the whole stack is removed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_set_mark() returns 0 if the error stack is empty, otherwise 1.</p>
+
+<p>ERR_pop_to_mark() returns 0 if there was no mark in the error stack, which implies that the stack became empty, otherwise 1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2003-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors.html b/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors.html
new file mode 100644
index 000000000..d020058dd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_print_errors</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_print_errors, ERR_print_errors_fp, ERR_print_errors_cb - print error messages</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_print_errors(BIO *bp);
+ void ERR_print_errors_fp(FILE *fp);
+ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), void *u)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_print_errors() is a convenience function that prints the error strings for all errors that OpenSSL has recorded to <b>bp</b>, thus emptying the error queue.</p>
+
+<p>ERR_print_errors_fp() is the same, except that the output goes to a <b>FILE</b>.</p>
+
+<p>ERR_print_errors_cb() is the same, except that the callback function, <b>cb</b>, is called for each error line with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>The error strings will have the following format:</p>
+
+<pre><code> [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]</code></pre>
+
+<p><i>error code</i> is an 8 digit hexadecimal number. <i>library name</i>, <i>function name</i> and <i>reason string</i> are ASCII text, as is <i>optional text message</i> if one was set for the respective error code.</p>
+
+<p>If there is no text string registered for the given error code, the error string will contain the numeric code.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_print_errors() and ERR_print_errors_fp() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors_cb.html b/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors_cb.html
new file mode 100644
index 000000000..d020058dd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors_cb.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_print_errors</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_print_errors, ERR_print_errors_fp, ERR_print_errors_cb - print error messages</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_print_errors(BIO *bp);
+ void ERR_print_errors_fp(FILE *fp);
+ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), void *u)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_print_errors() is a convenience function that prints the error strings for all errors that OpenSSL has recorded to <b>bp</b>, thus emptying the error queue.</p>
+
+<p>ERR_print_errors_fp() is the same, except that the output goes to a <b>FILE</b>.</p>
+
+<p>ERR_print_errors_cb() is the same, except that the callback function, <b>cb</b>, is called for each error line with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>The error strings will have the following format:</p>
+
+<pre><code> [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]</code></pre>
+
+<p><i>error code</i> is an 8 digit hexadecimal number. <i>library name</i>, <i>function name</i> and <i>reason string</i> are ASCII text, as is <i>optional text message</i> if one was set for the respective error code.</p>
+
+<p>If there is no text string registered for the given error code, the error string will contain the numeric code.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_print_errors() and ERR_print_errors_fp() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors_fp.html b/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors_fp.html
new file mode 100644
index 000000000..d020058dd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_print_errors_fp.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_print_errors</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_print_errors, ERR_print_errors_fp, ERR_print_errors_cb - print error messages</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_print_errors(BIO *bp);
+ void ERR_print_errors_fp(FILE *fp);
+ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), void *u)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_print_errors() is a convenience function that prints the error strings for all errors that OpenSSL has recorded to <b>bp</b>, thus emptying the error queue.</p>
+
+<p>ERR_print_errors_fp() is the same, except that the output goes to a <b>FILE</b>.</p>
+
+<p>ERR_print_errors_cb() is the same, except that the callback function, <b>cb</b>, is called for each error line with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>The error strings will have the following format:</p>
+
+<pre><code> [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]</code></pre>
+
+<p><i>error code</i> is an 8 digit hexadecimal number. <i>library name</i>, <i>function name</i> and <i>reason string</i> are ASCII text, as is <i>optional text message</i> if one was set for the respective error code.</p>
+
+<p>If there is no text string registered for the given error code, the error string will contain the numeric code.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_print_errors() and ERR_print_errors_fp() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_put_error.html b/msys2/usr/share/doc/openssl/html/man3/ERR_put_error.html
new file mode 100644
index 000000000..0e9c9e7aa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_put_error.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_put_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Reporting-errors">Reporting errors</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_put_error, ERR_add_error_data, ERR_add_error_vdata - record an error</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ void ERR_put_error(int lib, int func, int reason, const char *file, int line);
+
+ void ERR_add_error_data(int num, ...);
+ void ERR_add_error_vdata(int num, va_list arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_put_error() adds an error code to the thread&#39;s error queue. It signals that the error of reason code <b>reason</b> occurred in function <b>func</b> of library <b>lib</b>, in line number <b>line</b> of <b>file</b>. This function is usually called by a macro.</p>
+
+<p>ERR_add_error_data() associates the concatenation of its <b>num</b> string arguments with the error code added last. ERR_add_error_vdata() is similar except the argument is a <b>va_list</b>.</p>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a> can be used to register error strings so that the application can a generate human-readable error messages for the error code.</p>
+
+<h2 id="Reporting-errors">Reporting errors</h2>
+
+<p>Each sub-library has a specific macro XXXerr() that is used to report errors. Its first argument is a function code <b>XXX_F_...</b>, the second argument is a reason code <b>XXX_R_...</b>. Function codes are derived from the function names; reason codes consist of textual error descriptions. For example, the function ssl3_read_bytes() reports a &quot;handshake failure&quot; as follows:</p>
+
+<pre><code> SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);</code></pre>
+
+<p>Function and reason codes should consist of upper case characters, numbers and underscores only. The error file generation script translates function codes into function names by looking in the header files for an appropriate function name, if none is found it just uses the capitalized form such as &quot;SSL3_READ_BYTES&quot; in the above example.</p>
+
+<p>The trailing section of a reason code (after the &quot;_R_&quot;) is translated into lower case and underscores changed to spaces.</p>
+
+<p>Although a library will normally report errors using its own specific XXXerr macro, another library&#39;s macro can be used. This is normally only done when a library wants to include ASN1 code which must use the ASN1err() macro.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_put_error() and ERR_add_error_data() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_load_strings.html">ERR_load_strings(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_reason_error_string.html b/msys2/usr/share/doc/openssl/html/man3/ERR_reason_error_string.html
new file mode 100644
index 000000000..fecc6a229
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_reason_error_string.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_error_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_error_string, ERR_error_string_n, ERR_lib_error_string, ERR_func_error_string, ERR_reason_error_string - obtain human-readable error message</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+
+ const char *ERR_lib_error_string(unsigned long e);
+ const char *ERR_func_error_string(unsigned long e);
+ const char *ERR_reason_error_string(unsigned long e);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_error_string() generates a human-readable string representing the error code <i>e</i>, and places it at <i>buf</i>. <i>buf</i> must be at least 256 bytes long. If <i>buf</i> is <b>NULL</b>, the error string is placed in a static buffer. Note that this function is not thread-safe and does no checks on the size of the buffer; use ERR_error_string_n() instead.</p>
+
+<p>ERR_error_string_n() is a variant of ERR_error_string() that writes at most <i>len</i> characters (including the terminating 0) and truncates the string if necessary. For ERR_error_string_n(), <i>buf</i> may not be <b>NULL</b>.</p>
+
+<p>The string will have the following format:</p>
+
+<pre><code> error:[error code]:[library name]:[function name]:[reason string]</code></pre>
+
+<p><i>error code</i> is an 8 digit hexadecimal number, <i>library name</i>, <i>function name</i> and <i>reason string</i> are ASCII text.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the library name, function name and reason string respectively.</p>
+
+<p>If there is no text string registered for the given error code, the error string will contain the numeric code.</p>
+
+<p><a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a> can be used to print all error codes currently in the queue.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_error_string() returns a pointer to a static buffer containing the string if <i>buf</i> <b>== NULL</b>, <i>buf</i> otherwise.</p>
+
+<p>ERR_lib_error_string(), ERR_func_error_string() and ERR_reason_error_string() return the strings, and <b>NULL</b> if none is registered for the error code.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/ERR_print_errors.html">ERR_print_errors(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_remove_state.html b/msys2/usr/share/doc/openssl/html/man3/ERR_remove_state.html
new file mode 100644
index 000000000..378dbef50
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_remove_state.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_remove_state</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_remove_thread_state, ERR_remove_state - DEPRECATED</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10000000L
+ void ERR_remove_state(unsigned long tid);
+ #endif
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ERR_remove_thread_state(void *tid);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_remove_state() frees the error queue associated with the specified thread, identified by <b>tid</b>. ERR_remove_thread_state() does the same thing, except the identifier is an opaque pointer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_remove_state() and ERR_remove_thread_state() return no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p>L<a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ERR_remove_state() was deprecated in OpenSSL 1.0.0 and ERR_remove_thread_state() was deprecated in OpenSSL 1.1.0; these functions and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_remove_thread_state.html b/msys2/usr/share/doc/openssl/html/man3/ERR_remove_thread_state.html
new file mode 100644
index 000000000..378dbef50
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_remove_thread_state.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_remove_state</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_remove_thread_state, ERR_remove_state - DEPRECATED</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10000000L
+ void ERR_remove_state(unsigned long tid);
+ #endif
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ERR_remove_thread_state(void *tid);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_remove_state() frees the error queue associated with the specified thread, identified by <b>tid</b>. ERR_remove_thread_state() does the same thing, except the identifier is an opaque pointer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_remove_state() and ERR_remove_thread_state() return no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p>L<a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>ERR_remove_state() was deprecated in OpenSSL 1.0.0 and ERR_remove_thread_state() was deprecated in OpenSSL 1.1.0; these functions and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ERR_set_mark.html b/msys2/usr/share/doc/openssl/html/man3/ERR_set_mark.html
new file mode 100644
index 000000000..45796629d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ERR_set_mark.html
@@ -0,0 +1,57 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_set_mark</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_set_mark, ERR_pop_to_mark - set marks and pop errors until mark</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ int ERR_set_mark(void);
+
+ int ERR_pop_to_mark(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_set_mark() sets a mark on the current topmost error record if there is one.</p>
+
+<p>ERR_pop_to_mark() will pop the top of the error stack until a mark is found. The mark is then removed. If there is no mark, the whole stack is removed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_set_mark() returns 0 if the error stack is empty, otherwise 1.</p>
+
+<p>ERR_pop_to_mark() returns 0 if there was no mark in the error stack, which implies that the stack became empty, otherwise 1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2003-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_dup.html b/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_free.html b/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_new.html b/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_CERT_ID_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_dup.html b/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_free.html b/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_new.html b/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_dup.html b/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_free.html b/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_new.html b/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_BytesToKey.html b/msys2/usr/share/doc/openssl/html/man3/EVP_BytesToKey.html
new file mode 100644
index 000000000..31547278c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_BytesToKey.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_BytesToKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#KEY-DERIVATION-ALGORITHM">KEY DERIVATION ALGORITHM</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_BytesToKey - password based encryption routine</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
+                    const unsigned char *salt,
+                    const unsigned char *data, int datal, int count,
+                    unsigned char *key, unsigned char *iv);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_BytesToKey() derives a key and IV from various parameters. <b>type</b> is the cipher to derive the key and IV for. <b>md</b> is the message digest to use. The <b>salt</b> parameter is used as a salt in the derivation: it should point to an 8 byte buffer or NULL if no salt is used. <b>data</b> is a buffer containing <b>datal</b> bytes which is used to derive the keying data. <b>count</b> is the iteration count to use. The derived key and IV will be written to <b>key</b> and <b>iv</b> respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A typical application of this function is to derive keying material for an encryption algorithm from a password in the <b>data</b> parameter.</p>
+
+<p>Increasing the <b>count</b> parameter slows down the algorithm which makes it harder for an attacker to perform a brute force attack using a large number of candidate passwords.</p>
+
+<p>If the total key and IV length is less than the digest length and <b>MD5</b> is used then the derivation algorithm is compatible with PKCS#5 v1.5 otherwise a non standard extension is used to derive the extra data.</p>
+
+<p>Newer applications should use a more modern algorithm such as PBKDF2 as defined in PKCS#5v2.1 and provided by PKCS5_PBKDF2_HMAC.</p>
+
+<h1 id="KEY-DERIVATION-ALGORITHM">KEY DERIVATION ALGORITHM</h1>
+
+<p>The key and IV is derived by concatenating D_1, D_2, etc until enough data is available for the key and IV. D_i is defined as:</p>
+
+<pre><code>        D_i = HASH^count(D_(i-1) || data || salt)</code></pre>
+
+<p>where || denotes concatenation, D_0 is empty, HASH is the digest algorithm in use, HASH^1(data) is simply HASH(data), HASH^2(data) is HASH(HASH(data)) and so on.</p>
+
+<p>The initial bytes are used for the key and the subsequent bytes for the IV.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If <b>data</b> is NULL, then EVP_BytesToKey() returns the number of bytes needed to store the derived key. Otherwise, EVP_BytesToKey() returns the size of the derived key in bytes, or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/PKCS5_PBKDF2_HMAC.html">PKCS5_PBKDF2_HMAC(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_block_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_block_size.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_block_size.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_cipher.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_cipher.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_cipher.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_ctrl.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_ctrl.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_flags.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_flags.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_flags.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_free.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_free.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_get_app_data.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_get_app_data.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_get_app_data.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_get_cipher_data.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_get_cipher_data.html
new file mode 100644
index 000000000..0ffbb8187
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_get_cipher_data.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_CTX_get_cipher_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_get_cipher_data, EVP_CIPHER_CTX_set_cipher_data - Routines to inspect and modify EVP_CIPHER_CTX objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_CIPHER_CTX_get_cipher_data() function returns a pointer to the cipher data relevant to EVP_CIPHER_CTX. The contents of this data is specific to the particular implementation of the cipher. For example this data can be used by engines to store engine specific information. The data is automatically allocated and freed by OpenSSL, so applications and engines should not normally free this directly (but see below).</p>
+
+<p>The EVP_CIPHER_CTX_set_cipher_data() function allows an application or engine to replace the cipher data with new data. A pointer to any existing cipher data is returned from this function. If the old data is no longer required then it should be freed through a call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The EVP_CIPHER_CTX_get_cipher_data() function returns a pointer to the current cipher data for the EVP_CIPHER_CTX.</p>
+
+<p>The EVP_CIPHER_CTX_set_cipher_data() function returns a pointer to the old cipher data for the EVP_CIPHER_CTX.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_CIPHER_CTX_get_cipher_data() and EVP_CIPHER_CTX_set_cipher_data() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_iv_length.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_iv_length.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_iv_length.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_key_length.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_key_length.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_key_length.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_mode.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_mode.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_mode.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_new.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_new.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_nid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_nid.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_nid.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_reset.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_reset.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_reset.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_app_data.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_app_data.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_app_data.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_cipher_data.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_cipher_data.html
new file mode 100644
index 000000000..0ffbb8187
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_cipher_data.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_CTX_get_cipher_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_get_cipher_data, EVP_CIPHER_CTX_set_cipher_data - Routines to inspect and modify EVP_CIPHER_CTX objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_CIPHER_CTX_get_cipher_data() function returns a pointer to the cipher data relevant to EVP_CIPHER_CTX. The contents of this data is specific to the particular implementation of the cipher. For example this data can be used by engines to store engine specific information. The data is automatically allocated and freed by OpenSSL, so applications and engines should not normally free this directly (but see below).</p>
+
+<p>The EVP_CIPHER_CTX_set_cipher_data() function allows an application or engine to replace the cipher data with new data. A pointer to any existing cipher data is returned from this function. If the old data is no longer required then it should be freed through a call to OPENSSL_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The EVP_CIPHER_CTX_get_cipher_data() function returns a pointer to the current cipher data for the EVP_CIPHER_CTX.</p>
+
+<p>The EVP_CIPHER_CTX_set_cipher_data() function returns a pointer to the old cipher data for the EVP_CIPHER_CTX.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_CIPHER_CTX_get_cipher_data() and EVP_CIPHER_CTX_set_cipher_data() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_key_length.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_key_length.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_key_length.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_padding.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_padding.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_padding.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_type.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_type.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_asn1_to_param.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_asn1_to_param.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_asn1_to_param.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_block_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_block_size.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_block_size.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_flags.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_flags.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_flags.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_iv_length.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_iv_length.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_iv_length.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_key_length.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_key_length.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_key_length.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_dup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_dup.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_dup.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_free.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_free.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_cleanup.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_cleanup.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_ctrl.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_ctrl.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_do_cipher.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_do_cipher.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_do_cipher.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_get_asn1_params.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_get_asn1_params.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_get_asn1_params.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_init.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_init.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_set_asn1_params.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_set_asn1_params.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_set_asn1_params.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_new.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_new.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_cleanup.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_cleanup.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_ctrl.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_ctrl.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_do_cipher.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_do_cipher.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_do_cipher.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_flags.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_flags.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_get_asn1_params.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_get_asn1_params.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_get_asn1_params.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_impl_ctx_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_impl_ctx_size.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_impl_ctx_size.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_init.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_init.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_iv_length.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_iv_length.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_iv_length.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_set_asn1_params.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_set_asn1_params.html
new file mode 100644
index 000000000..24afcee3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_set_asn1_params.html
@@ -0,0 +1,217 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_CIPHER_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_meth_new, EVP_CIPHER_meth_dup, EVP_CIPHER_meth_free, EVP_CIPHER_meth_set_iv_length, EVP_CIPHER_meth_set_flags, EVP_CIPHER_meth_set_impl_ctx_size, EVP_CIPHER_meth_set_init, EVP_CIPHER_meth_set_do_cipher, EVP_CIPHER_meth_set_cleanup, EVP_CIPHER_meth_set_set_asn1_params, EVP_CIPHER_meth_set_get_asn1_params, EVP_CIPHER_meth_set_ctrl, EVP_CIPHER_meth_get_init, EVP_CIPHER_meth_get_do_cipher, EVP_CIPHER_meth_get_cleanup, EVP_CIPHER_meth_get_set_asn1_params, EVP_CIPHER_meth_get_get_asn1_params, EVP_CIPHER_meth_get_ctrl - Routines to build up EVP_CIPHER methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+ EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+ int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+ int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+ int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+                              int (*init)(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *iv,
+                                          int enc));
+ int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+                                   int (*do_cipher)(EVP_CIPHER_CTX *ctx,
+                                                    unsigned char *out,
+                                                    const unsigned char *in,
+                                                    size_t inl));
+ int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+                                 int (*cleanup)(EVP_CIPHER_CTX *));
+ int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+                                         int (*set_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+                                         int (*get_asn1_parameters)(EVP_CIPHER_CTX *,
+                                                                    ASN1_TYPE *));
+ int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+                              int (*ctrl)(EVP_CIPHER_CTX *, int type,
+                                          int arg, void *ptr));
+
+ int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                           const unsigned char *key,
+                                                           const unsigned char *iv,
+                                                           int enc);
+ int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+                                                                unsigned char *out,
+                                                                const unsigned char *in,
+                                                                size_t inl);
+ int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+ int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                                      ASN1_TYPE *);
+ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+                                                           int type, int arg,
+                                                           void *ptr);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_CIPHER</b> type is a structure for symmetric cipher method implementation.</p>
+
+<p>EVP_CIPHER_meth_new() creates a new <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_dup() creates a copy of <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_free() destroys a <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it.</p>
+
+<p>EVP_CIPHER_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>cipher</b>. With the exception of cipher modes, of which only one may be present, several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_CIPH_STREAM_CIPHER-EVP_CIPH_ECB_MODE-EVP_CIPH_CBC_MODE-EVP_CIPH_CFB_MODE-EVP_CIPH_OFB_MODE-EVP_CIPH_CTR_MODE-EVP_CIPH_GCM_MODE-EVP_CIPH_CCM_MODE-EVP_CIPH_XTS_MODE-EVP_CIPH_WRAP_MODE-EVP_CIPH_OCB_MODE">EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE, EVP_CIPH_OCB_MODE</dt>
+<dd>
+
+<p>The cipher mode.</p>
+
+</dd>
+<dt id="EVP_CIPH_VARIABLE_LENGTH">EVP_CIPH_VARIABLE_LENGTH</dt>
+<dd>
+
+<p>This cipher is of variable length.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_IV">EVP_CIPH_CUSTOM_IV</dt>
+<dd>
+
+<p>Storing and initialising the IV is left entirely to the implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_ALWAYS_CALL_INIT">EVP_CIPH_ALWAYS_CALL_INIT</dt>
+<dd>
+
+<p>Set this if the implementation&#39;s init() function should be called even if <b>key</b> is <b>NULL</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CTRL_INIT">EVP_CIPH_CTRL_INIT</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_INIT</b> early in its setup.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_KEY_LENGTH">EVP_CIPH_CUSTOM_KEY_LENGTH</dt>
+<dd>
+
+<p>Checking and setting the key length after creating the <b>EVP_CIPHER</b> is left to the implementation. Whenever someone uses EVP_CIPHER_CTX_set_key_length() on a <b>EVP_CIPHER</b> with this flag set, the implementation&#39;s ctrl() function will be called with the control code <b>EVP_CTRL_SET_KEY_LENGTH</b> and the key length in <b>arg</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_NO_PADDING">EVP_CIPH_NO_PADDING</dt>
+<dd>
+
+<p>Don&#39;t use standard block padding.</p>
+
+</dd>
+<dt id="EVP_CIPH_RAND_KEY">EVP_CIPH_RAND_KEY</dt>
+<dd>
+
+<p>Making a key with random content is left to the implementation. This is done by calling the implementation&#39;s ctrl() function with the control code <b>EVP_CTRL_RAND_KEY</b> and the pointer to the key memory storage in <b>ptr</b>.</p>
+
+</dd>
+<dt id="EVP_CIPH_CUSTOM_COPY">EVP_CIPH_CUSTOM_COPY</dt>
+<dd>
+
+<p>Set this to have the implementation&#39;s ctrl() function called with command code <b>EVP_CTRL_COPY</b> at the end of EVP_CIPHER_CTX_copy(). The intended use is for further things to deal with after the implementation specific data block has been copied. The destination <b>EVP_CIPHER_CTX</b> is passed to the control with the <b>ptr</b> parameter. The implementation specific data block is reached with EVP_CIPHER_CTX_get_cipher_data().</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_DEFAULT_ASN1">EVP_CIPH_FLAG_DEFAULT_ASN1</dt>
+<dd>
+
+<p>Use the default EVP routines to pass IV to and from ASN.1.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_LENGTH_BITS">EVP_CIPH_FLAG_LENGTH_BITS</dt>
+<dd>
+
+<p>Signals that the length of the input buffer for encryption / decryption is to be understood as the number of bits instead of bytes for this implementation. This is only useful for CFB1 ciphers.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_CUSTOM_CIPHER">EVP_CIPH_FLAG_CUSTOM_CIPHER</dt>
+<dd>
+
+<p>This indicates that the implementation takes care of everything, including padding, buffering and finalization. The EVP routines will simply give them control and do nothing more.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_AEAD_CIPHER">EVP_CIPH_FLAG_AEAD_CIPHER</dt>
+<dd>
+
+<p>This indicates that this is an AEAD cipher implementation.</p>
+
+</dd>
+<dt id="EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK">EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK</dt>
+<dd>
+
+<p>Allow interleaving of crypto blocks, a particular optimization only applicable to certain TLS ciphers.</p>
+
+</dd>
+</dl>
+
+<p>EVP_CIPHER_meth_set_impl_ctx_size() sets the size of the EVP_CIPHER&#39;s implementation context so that it can be automatically allocated.</p>
+
+<p>EVP_CIPHER_meth_set_init() sets the cipher init function for <b>cipher</b>. The cipher init function is called by EVP_CipherInit(), EVP_CipherInit_ex(), EVP_EncryptInit(), EVP_EncryptInit_ex(), EVP_DecryptInit(), EVP_DecryptInit_ex().</p>
+
+<p>EVP_CIPHER_meth_set_do_cipher() sets the cipher function for <b>cipher</b>. The cipher function is called by EVP_CipherUpdate(), EVP_EncryptUpdate(), EVP_DecryptUpdate(), EVP_CipherFinal(), EVP_EncryptFinal(), EVP_EncryptFinal_ex(), EVP_DecryptFinal() and EVP_DecryptFinal_ex().</p>
+
+<p>EVP_CIPHER_meth_set_cleanup() sets the function for <b>cipher</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_CIPHER_CTX *</b>, the private data structure is then available with EVP_CIPHER_CTX_get_cipher_data(). This cleanup function is called by EVP_CIPHER_CTX_reset() and EVP_CIPHER_CTX_free().</p>
+
+<p>EVP_CIPHER_meth_set_set_asn1_params() sets the function for <b>cipher</b> to set the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This function is called by EVP_CIPHER_param_to_asn1(). EVP_CIPHER_meth_set_get_asn1_params() sets the function for <b>cipher</b> that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier &quot;parameter&quot;. Both these functions are needed when there is a need for custom data (more or other than the cipher IV). They are called by EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() respectively if defined.</p>
+
+<p>EVP_CIPHER_meth_set_ctrl() sets the control function for <b>cipher</b>.</p>
+
+<p>EVP_CIPHER_meth_get_init(), EVP_CIPHER_meth_get_do_cipher(), EVP_CIPHER_meth_get_cleanup(), EVP_CIPHER_meth_get_set_asn1_params(), EVP_CIPHER_meth_get_get_asn1_params() and EVP_CIPHER_meth_get_ctrl() are all used to retrieve the method data given with the EVP_CIPHER_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_meth_new() and EVP_CIPHER_meth_dup() return a pointer to a newly created <b>EVP_CIPHER</b>, or NULL on failure. All EVP_CIPHER_meth_set_*() functions return 1. All EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>cipher</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="/../man3/EVP_EncryptInit.html">EVP_EncryptInit</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_mode.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_mode.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_mode.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_nid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_nid.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_nid.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_param_to_asn1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_param_to_asn1.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_param_to_asn1.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_type.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CIPHER_type.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CipherFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherFinal.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherFinal.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CipherFinal_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherFinal_ex.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherFinal_ex.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CipherInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherInit.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherInit.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CipherInit_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherInit_ex.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherInit_ex.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_CipherUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherUpdate.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_CipherUpdate.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeBlock.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeBlock.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeBlock.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeFinal.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeFinal.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeInit.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeInit.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeUpdate.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecodeUpdate.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptFinal.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptFinal.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptFinal_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptFinal_ex.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptFinal_ex.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptInit.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptInit.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptInit_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptInit_ex.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptInit_ex.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptUpdate.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DecryptUpdate.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinal.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinal.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinalXOF.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinalXOF.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinalXOF.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinal_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinal_ex.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestFinal_ex.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestInit.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestInit.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestInit_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestInit_ex.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestInit_ex.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSign.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSign.html
new file mode 100644
index 000000000..264e579f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSign.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestSignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+
+ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
+                    size_t *siglen, const unsigned char *tbs,
+                    size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_DigestSignInit() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>e</b> and private key <b>pkey</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function. If <b>pctx</b> is not NULL, the EVP_PKEY_CTX of the signing operation will be written to <b>*pctx</b>: this can be used to set alternative signing options. Note that any existing value in <b>*pctx</b> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if <b>ctx</b> is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit() and it will be freed automatically when the EVP_MD_CTX is freed).</p>
+
+<p>The digest <b>type</b> may be NULL if the signing algorithm supports it.</p>
+
+<p>No <b>EVP_PKEY_CTX</b> will be created by EVP_DigsetSignInit() if the passed <b>ctx</b> has already been assigned one via <a href="../man3/EVP_MD_CTX_set_ctx.html">EVP_MD_CTX_set_ctx(3)</a>. See also <a href="../man7/SM2.html">SM2(7)</a>.</p>
+
+<p>Only EVP_PKEY types that support signing can be used with these functions. This includes MAC algorithms where the MAC generation is considered as a form of &quot;signing&quot;. Built-in EVP_PKEY types supported by these functions are CMAC, Poly1305, DSA, ECDSA, HMAC, RSA, SipHash, Ed25519 and Ed448.</p>
+
+<p>Not all digests can be used for all key types. The following combinations apply.</p>
+
+<dl>
+
+<dt id="DSA">DSA</dt>
+<dd>
+
+<p>Supports SHA1, SHA224, SHA256, SHA384 and SHA512</p>
+
+</dd>
+<dt id="ECDSA">ECDSA</dt>
+<dd>
+
+<p>Supports SHA1, SHA224, SHA256, SHA384, SHA512 and SM3</p>
+
+</dd>
+<dt id="RSA-with-no-padding">RSA with no padding</dt>
+<dd>
+
+<p>Supports no digests (the digest <b>type</b> must be NULL)</p>
+
+</dd>
+<dt id="RSA-with-X931-padding">RSA with X931 padding</dt>
+<dd>
+
+<p>Supports SHA1, SHA256, SHA384 and SHA512</p>
+
+</dd>
+<dt id="All-other-RSA-padding-types">All other RSA padding types</dt>
+<dd>
+
+<p>Support SHA1, SHA224, SHA256, SHA384, SHA512, MD5, MD5_SHA1, MD2, MD4, MDC2, SHA3-224, SHA3-256, SHA3-384, SHA3-512</p>
+
+</dd>
+<dt id="Ed25519-and-Ed448">Ed25519 and Ed448</dt>
+<dd>
+
+<p>Support no digests (the digest <b>type</b> must be NULL)</p>
+
+</dd>
+<dt id="HMAC">HMAC</dt>
+<dd>
+
+<p>Supports any digest</p>
+
+</dd>
+<dt id="CMAC-Poly1305-and-SipHash">CMAC, Poly1305 and SipHash</dt>
+<dd>
+
+<p>Will ignore any digest provided.</p>
+
+</dd>
+</dl>
+
+<p>If RSA-PSS is used and restrictions apply then the digest must match.</p>
+
+<p>EVP_DigestSignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data. This function is currently implemented using a macro.</p>
+
+<p>EVP_DigestSignFinal() signs the data in <b>ctx</b> and places the signature in <b>sig</b>. If <b>sig</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>siglen</b> parameter. If <b>sig</b> is not <b>NULL</b> then before the call the <b>siglen</b> parameter should contain the length of the <b>sig</b> buffer. If the call is successful the signature is written to <b>sig</b> and the amount of data written to <b>siglen</b>.</p>
+
+<p>EVP_DigestSign() signs <b>tbslen</b> bytes of data at <b>tbs</b> and places the signature in <b>sig</b> and its length in <b>siglen</b> in a similar way to EVP_DigestSignFinal().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_DigestSignInit(), EVP_DigestSignUpdate(), EVP_DigestSignaFinal() and EVP_DigestSign() return 1 for success and 0 or a negative value for failure. In particular, a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>The error codes can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>EVP_DigestSign() is a one shot operation which signs a single block of data in one function. For algorithms that support streaming it is equivalent to calling EVP_DigestSignUpdate() and EVP_DigestSignFinal(). For algorithms which do not support streaming (e.g. PureEdDSA) it is the only way to sign data.</p>
+
+<p>In previous versions of OpenSSL there was a link between message digest types and public key algorithms. This meant that &quot;clone&quot; digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged.</p>
+
+<p>For some key types and parameters the random number generator must be seeded or the operation will fail.</p>
+
+<p>The call to EVP_DigestSignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_DigestSignUpdate() and EVP_DigestSignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized, the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<p>The use of EVP_PKEY_size() with these functions is discouraged because some signature operations may have a signature length which depends on the parameters set. As a result EVP_PKEY_size() would have to return a value which indicates the maximum possible signature for any set of parameters.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignFinal.html
new file mode 100644
index 000000000..264e579f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignFinal.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestSignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+
+ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
+                    size_t *siglen, const unsigned char *tbs,
+                    size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_DigestSignInit() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>e</b> and private key <b>pkey</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function. If <b>pctx</b> is not NULL, the EVP_PKEY_CTX of the signing operation will be written to <b>*pctx</b>: this can be used to set alternative signing options. Note that any existing value in <b>*pctx</b> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if <b>ctx</b> is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit() and it will be freed automatically when the EVP_MD_CTX is freed).</p>
+
+<p>The digest <b>type</b> may be NULL if the signing algorithm supports it.</p>
+
+<p>No <b>EVP_PKEY_CTX</b> will be created by EVP_DigsetSignInit() if the passed <b>ctx</b> has already been assigned one via <a href="../man3/EVP_MD_CTX_set_ctx.html">EVP_MD_CTX_set_ctx(3)</a>. See also <a href="../man7/SM2.html">SM2(7)</a>.</p>
+
+<p>Only EVP_PKEY types that support signing can be used with these functions. This includes MAC algorithms where the MAC generation is considered as a form of &quot;signing&quot;. Built-in EVP_PKEY types supported by these functions are CMAC, Poly1305, DSA, ECDSA, HMAC, RSA, SipHash, Ed25519 and Ed448.</p>
+
+<p>Not all digests can be used for all key types. The following combinations apply.</p>
+
+<dl>
+
+<dt id="DSA">DSA</dt>
+<dd>
+
+<p>Supports SHA1, SHA224, SHA256, SHA384 and SHA512</p>
+
+</dd>
+<dt id="ECDSA">ECDSA</dt>
+<dd>
+
+<p>Supports SHA1, SHA224, SHA256, SHA384, SHA512 and SM3</p>
+
+</dd>
+<dt id="RSA-with-no-padding">RSA with no padding</dt>
+<dd>
+
+<p>Supports no digests (the digest <b>type</b> must be NULL)</p>
+
+</dd>
+<dt id="RSA-with-X931-padding">RSA with X931 padding</dt>
+<dd>
+
+<p>Supports SHA1, SHA256, SHA384 and SHA512</p>
+
+</dd>
+<dt id="All-other-RSA-padding-types">All other RSA padding types</dt>
+<dd>
+
+<p>Support SHA1, SHA224, SHA256, SHA384, SHA512, MD5, MD5_SHA1, MD2, MD4, MDC2, SHA3-224, SHA3-256, SHA3-384, SHA3-512</p>
+
+</dd>
+<dt id="Ed25519-and-Ed448">Ed25519 and Ed448</dt>
+<dd>
+
+<p>Support no digests (the digest <b>type</b> must be NULL)</p>
+
+</dd>
+<dt id="HMAC">HMAC</dt>
+<dd>
+
+<p>Supports any digest</p>
+
+</dd>
+<dt id="CMAC-Poly1305-and-SipHash">CMAC, Poly1305 and SipHash</dt>
+<dd>
+
+<p>Will ignore any digest provided.</p>
+
+</dd>
+</dl>
+
+<p>If RSA-PSS is used and restrictions apply then the digest must match.</p>
+
+<p>EVP_DigestSignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data. This function is currently implemented using a macro.</p>
+
+<p>EVP_DigestSignFinal() signs the data in <b>ctx</b> and places the signature in <b>sig</b>. If <b>sig</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>siglen</b> parameter. If <b>sig</b> is not <b>NULL</b> then before the call the <b>siglen</b> parameter should contain the length of the <b>sig</b> buffer. If the call is successful the signature is written to <b>sig</b> and the amount of data written to <b>siglen</b>.</p>
+
+<p>EVP_DigestSign() signs <b>tbslen</b> bytes of data at <b>tbs</b> and places the signature in <b>sig</b> and its length in <b>siglen</b> in a similar way to EVP_DigestSignFinal().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_DigestSignInit(), EVP_DigestSignUpdate(), EVP_DigestSignaFinal() and EVP_DigestSign() return 1 for success and 0 or a negative value for failure. In particular, a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>The error codes can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>EVP_DigestSign() is a one shot operation which signs a single block of data in one function. For algorithms that support streaming it is equivalent to calling EVP_DigestSignUpdate() and EVP_DigestSignFinal(). For algorithms which do not support streaming (e.g. PureEdDSA) it is the only way to sign data.</p>
+
+<p>In previous versions of OpenSSL there was a link between message digest types and public key algorithms. This meant that &quot;clone&quot; digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged.</p>
+
+<p>For some key types and parameters the random number generator must be seeded or the operation will fail.</p>
+
+<p>The call to EVP_DigestSignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_DigestSignUpdate() and EVP_DigestSignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized, the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<p>The use of EVP_PKEY_size() with these functions is discouraged because some signature operations may have a signature length which depends on the parameters set. As a result EVP_PKEY_size() would have to return a value which indicates the maximum possible signature for any set of parameters.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignInit.html
new file mode 100644
index 000000000..264e579f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignInit.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestSignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+
+ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
+                    size_t *siglen, const unsigned char *tbs,
+                    size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_DigestSignInit() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>e</b> and private key <b>pkey</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function. If <b>pctx</b> is not NULL, the EVP_PKEY_CTX of the signing operation will be written to <b>*pctx</b>: this can be used to set alternative signing options. Note that any existing value in <b>*pctx</b> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if <b>ctx</b> is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit() and it will be freed automatically when the EVP_MD_CTX is freed).</p>
+
+<p>The digest <b>type</b> may be NULL if the signing algorithm supports it.</p>
+
+<p>No <b>EVP_PKEY_CTX</b> will be created by EVP_DigsetSignInit() if the passed <b>ctx</b> has already been assigned one via <a href="../man3/EVP_MD_CTX_set_ctx.html">EVP_MD_CTX_set_ctx(3)</a>. See also <a href="../man7/SM2.html">SM2(7)</a>.</p>
+
+<p>Only EVP_PKEY types that support signing can be used with these functions. This includes MAC algorithms where the MAC generation is considered as a form of &quot;signing&quot;. Built-in EVP_PKEY types supported by these functions are CMAC, Poly1305, DSA, ECDSA, HMAC, RSA, SipHash, Ed25519 and Ed448.</p>
+
+<p>Not all digests can be used for all key types. The following combinations apply.</p>
+
+<dl>
+
+<dt id="DSA">DSA</dt>
+<dd>
+
+<p>Supports SHA1, SHA224, SHA256, SHA384 and SHA512</p>
+
+</dd>
+<dt id="ECDSA">ECDSA</dt>
+<dd>
+
+<p>Supports SHA1, SHA224, SHA256, SHA384, SHA512 and SM3</p>
+
+</dd>
+<dt id="RSA-with-no-padding">RSA with no padding</dt>
+<dd>
+
+<p>Supports no digests (the digest <b>type</b> must be NULL)</p>
+
+</dd>
+<dt id="RSA-with-X931-padding">RSA with X931 padding</dt>
+<dd>
+
+<p>Supports SHA1, SHA256, SHA384 and SHA512</p>
+
+</dd>
+<dt id="All-other-RSA-padding-types">All other RSA padding types</dt>
+<dd>
+
+<p>Support SHA1, SHA224, SHA256, SHA384, SHA512, MD5, MD5_SHA1, MD2, MD4, MDC2, SHA3-224, SHA3-256, SHA3-384, SHA3-512</p>
+
+</dd>
+<dt id="Ed25519-and-Ed448">Ed25519 and Ed448</dt>
+<dd>
+
+<p>Support no digests (the digest <b>type</b> must be NULL)</p>
+
+</dd>
+<dt id="HMAC">HMAC</dt>
+<dd>
+
+<p>Supports any digest</p>
+
+</dd>
+<dt id="CMAC-Poly1305-and-SipHash">CMAC, Poly1305 and SipHash</dt>
+<dd>
+
+<p>Will ignore any digest provided.</p>
+
+</dd>
+</dl>
+
+<p>If RSA-PSS is used and restrictions apply then the digest must match.</p>
+
+<p>EVP_DigestSignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data. This function is currently implemented using a macro.</p>
+
+<p>EVP_DigestSignFinal() signs the data in <b>ctx</b> and places the signature in <b>sig</b>. If <b>sig</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>siglen</b> parameter. If <b>sig</b> is not <b>NULL</b> then before the call the <b>siglen</b> parameter should contain the length of the <b>sig</b> buffer. If the call is successful the signature is written to <b>sig</b> and the amount of data written to <b>siglen</b>.</p>
+
+<p>EVP_DigestSign() signs <b>tbslen</b> bytes of data at <b>tbs</b> and places the signature in <b>sig</b> and its length in <b>siglen</b> in a similar way to EVP_DigestSignFinal().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_DigestSignInit(), EVP_DigestSignUpdate(), EVP_DigestSignaFinal() and EVP_DigestSign() return 1 for success and 0 or a negative value for failure. In particular, a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>The error codes can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>EVP_DigestSign() is a one shot operation which signs a single block of data in one function. For algorithms that support streaming it is equivalent to calling EVP_DigestSignUpdate() and EVP_DigestSignFinal(). For algorithms which do not support streaming (e.g. PureEdDSA) it is the only way to sign data.</p>
+
+<p>In previous versions of OpenSSL there was a link between message digest types and public key algorithms. This meant that &quot;clone&quot; digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged.</p>
+
+<p>For some key types and parameters the random number generator must be seeded or the operation will fail.</p>
+
+<p>The call to EVP_DigestSignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_DigestSignUpdate() and EVP_DigestSignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized, the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<p>The use of EVP_PKEY_size() with these functions is discouraged because some signature operations may have a signature length which depends on the parameters set. As a result EVP_PKEY_size() would have to return a value which indicates the maximum possible signature for any set of parameters.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignUpdate.html
new file mode 100644
index 000000000..264e579f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestSignUpdate.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestSignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+
+ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
+                    size_t *siglen, const unsigned char *tbs,
+                    size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_DigestSignInit() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>e</b> and private key <b>pkey</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function. If <b>pctx</b> is not NULL, the EVP_PKEY_CTX of the signing operation will be written to <b>*pctx</b>: this can be used to set alternative signing options. Note that any existing value in <b>*pctx</b> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if <b>ctx</b> is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit() and it will be freed automatically when the EVP_MD_CTX is freed).</p>
+
+<p>The digest <b>type</b> may be NULL if the signing algorithm supports it.</p>
+
+<p>No <b>EVP_PKEY_CTX</b> will be created by EVP_DigsetSignInit() if the passed <b>ctx</b> has already been assigned one via <a href="../man3/EVP_MD_CTX_set_ctx.html">EVP_MD_CTX_set_ctx(3)</a>. See also <a href="../man7/SM2.html">SM2(7)</a>.</p>
+
+<p>Only EVP_PKEY types that support signing can be used with these functions. This includes MAC algorithms where the MAC generation is considered as a form of &quot;signing&quot;. Built-in EVP_PKEY types supported by these functions are CMAC, Poly1305, DSA, ECDSA, HMAC, RSA, SipHash, Ed25519 and Ed448.</p>
+
+<p>Not all digests can be used for all key types. The following combinations apply.</p>
+
+<dl>
+
+<dt id="DSA">DSA</dt>
+<dd>
+
+<p>Supports SHA1, SHA224, SHA256, SHA384 and SHA512</p>
+
+</dd>
+<dt id="ECDSA">ECDSA</dt>
+<dd>
+
+<p>Supports SHA1, SHA224, SHA256, SHA384, SHA512 and SM3</p>
+
+</dd>
+<dt id="RSA-with-no-padding">RSA with no padding</dt>
+<dd>
+
+<p>Supports no digests (the digest <b>type</b> must be NULL)</p>
+
+</dd>
+<dt id="RSA-with-X931-padding">RSA with X931 padding</dt>
+<dd>
+
+<p>Supports SHA1, SHA256, SHA384 and SHA512</p>
+
+</dd>
+<dt id="All-other-RSA-padding-types">All other RSA padding types</dt>
+<dd>
+
+<p>Support SHA1, SHA224, SHA256, SHA384, SHA512, MD5, MD5_SHA1, MD2, MD4, MDC2, SHA3-224, SHA3-256, SHA3-384, SHA3-512</p>
+
+</dd>
+<dt id="Ed25519-and-Ed448">Ed25519 and Ed448</dt>
+<dd>
+
+<p>Support no digests (the digest <b>type</b> must be NULL)</p>
+
+</dd>
+<dt id="HMAC">HMAC</dt>
+<dd>
+
+<p>Supports any digest</p>
+
+</dd>
+<dt id="CMAC-Poly1305-and-SipHash">CMAC, Poly1305 and SipHash</dt>
+<dd>
+
+<p>Will ignore any digest provided.</p>
+
+</dd>
+</dl>
+
+<p>If RSA-PSS is used and restrictions apply then the digest must match.</p>
+
+<p>EVP_DigestSignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data. This function is currently implemented using a macro.</p>
+
+<p>EVP_DigestSignFinal() signs the data in <b>ctx</b> and places the signature in <b>sig</b>. If <b>sig</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>siglen</b> parameter. If <b>sig</b> is not <b>NULL</b> then before the call the <b>siglen</b> parameter should contain the length of the <b>sig</b> buffer. If the call is successful the signature is written to <b>sig</b> and the amount of data written to <b>siglen</b>.</p>
+
+<p>EVP_DigestSign() signs <b>tbslen</b> bytes of data at <b>tbs</b> and places the signature in <b>sig</b> and its length in <b>siglen</b> in a similar way to EVP_DigestSignFinal().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_DigestSignInit(), EVP_DigestSignUpdate(), EVP_DigestSignaFinal() and EVP_DigestSign() return 1 for success and 0 or a negative value for failure. In particular, a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>The error codes can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>EVP_DigestSign() is a one shot operation which signs a single block of data in one function. For algorithms that support streaming it is equivalent to calling EVP_DigestSignUpdate() and EVP_DigestSignFinal(). For algorithms which do not support streaming (e.g. PureEdDSA) it is the only way to sign data.</p>
+
+<p>In previous versions of OpenSSL there was a link between message digest types and public key algorithms. This meant that &quot;clone&quot; digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged.</p>
+
+<p>For some key types and parameters the random number generator must be seeded or the operation will fail.</p>
+
+<p>The call to EVP_DigestSignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_DigestSignUpdate() and EVP_DigestSignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized, the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<p>The use of EVP_PKEY_size() with these functions is discouraged because some signature operations may have a signature length which depends on the parameters set. As a result EVP_PKEY_size() would have to return a value which indicates the maximum possible signature for any set of parameters.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestUpdate.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestUpdate.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerify.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerify.html
new file mode 100644
index 000000000..c40463372
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerify.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestVerifyInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
+                           size_t siglen);
+ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
+                      size_t siglen, const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_DigestVerifyInit() sets up verification context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>e</b> and public key <b>pkey</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function. If <b>pctx</b> is not NULL, the EVP_PKEY_CTX of the verification operation will be written to <b>*pctx</b>: this can be used to set alternative verification options. Note that any existing value in <b>*pctx</b> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if <b>ctx</b> is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit() and it will be freed automatically when the EVP_MD_CTX is freed).</p>
+
+<p>No <b>EVP_PKEY_CTX</b> will be created by EVP_DigsetSignInit() if the passed <b>ctx</b> has already been assigned one via <a href="../man3/EVP_MD_CTX_set_ctx.html">EVP_MD_CTX_set_ctx(3)</a>. See also <a href="../man7/SM2.html">SM2(7)</a>.</p>
+
+<p>EVP_DigestVerifyUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the verification context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data. This function is currently implemented using a macro.</p>
+
+<p>EVP_DigestVerifyFinal() verifies the data in <b>ctx</b> against the signature in <b>sig</b> of length <b>siglen</b>.</p>
+
+<p>EVP_DigestVerify() verifies <b>tbslen</b> bytes at <b>tbs</b> against the signature in <b>sig</b> of length <b>siglen</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DigestVerifyFinal() and EVP_DigestVerify() return 1 for success; any other value indicates failure. A return value of zero indicates that the signature did not verify successfully (that is, <b>tbs</b> did not match the original data or the signature had an invalid form), while other values indicate a more serious error (and sometimes also indicate an invalid signature form).</p>
+
+<p>The error codes can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>EVP_DigestVerify() is a one shot operation which verifies a single block of data in one function. For algorithms that support streaming it is equivalent to calling EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal(). For algorithms which do not support streaming (e.g. PureEdDSA) it is the only way to verify data.</p>
+
+<p>In previous versions of OpenSSL there was a link between message digest types and public key algorithms. This meant that &quot;clone&quot; digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged.</p>
+
+<p>For some key types and parameters the random number generator must be seeded or the operation will fail.</p>
+
+<p>The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized, the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyFinal.html
new file mode 100644
index 000000000..c40463372
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyFinal.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestVerifyInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
+                           size_t siglen);
+ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
+                      size_t siglen, const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_DigestVerifyInit() sets up verification context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>e</b> and public key <b>pkey</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function. If <b>pctx</b> is not NULL, the EVP_PKEY_CTX of the verification operation will be written to <b>*pctx</b>: this can be used to set alternative verification options. Note that any existing value in <b>*pctx</b> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if <b>ctx</b> is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit() and it will be freed automatically when the EVP_MD_CTX is freed).</p>
+
+<p>No <b>EVP_PKEY_CTX</b> will be created by EVP_DigsetSignInit() if the passed <b>ctx</b> has already been assigned one via <a href="../man3/EVP_MD_CTX_set_ctx.html">EVP_MD_CTX_set_ctx(3)</a>. See also <a href="../man7/SM2.html">SM2(7)</a>.</p>
+
+<p>EVP_DigestVerifyUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the verification context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data. This function is currently implemented using a macro.</p>
+
+<p>EVP_DigestVerifyFinal() verifies the data in <b>ctx</b> against the signature in <b>sig</b> of length <b>siglen</b>.</p>
+
+<p>EVP_DigestVerify() verifies <b>tbslen</b> bytes at <b>tbs</b> against the signature in <b>sig</b> of length <b>siglen</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DigestVerifyFinal() and EVP_DigestVerify() return 1 for success; any other value indicates failure. A return value of zero indicates that the signature did not verify successfully (that is, <b>tbs</b> did not match the original data or the signature had an invalid form), while other values indicate a more serious error (and sometimes also indicate an invalid signature form).</p>
+
+<p>The error codes can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>EVP_DigestVerify() is a one shot operation which verifies a single block of data in one function. For algorithms that support streaming it is equivalent to calling EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal(). For algorithms which do not support streaming (e.g. PureEdDSA) it is the only way to verify data.</p>
+
+<p>In previous versions of OpenSSL there was a link between message digest types and public key algorithms. This meant that &quot;clone&quot; digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged.</p>
+
+<p>For some key types and parameters the random number generator must be seeded or the operation will fail.</p>
+
+<p>The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized, the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyInit.html
new file mode 100644
index 000000000..c40463372
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyInit.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestVerifyInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
+                           size_t siglen);
+ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
+                      size_t siglen, const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_DigestVerifyInit() sets up verification context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>e</b> and public key <b>pkey</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function. If <b>pctx</b> is not NULL, the EVP_PKEY_CTX of the verification operation will be written to <b>*pctx</b>: this can be used to set alternative verification options. Note that any existing value in <b>*pctx</b> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if <b>ctx</b> is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit() and it will be freed automatically when the EVP_MD_CTX is freed).</p>
+
+<p>No <b>EVP_PKEY_CTX</b> will be created by EVP_DigsetSignInit() if the passed <b>ctx</b> has already been assigned one via <a href="../man3/EVP_MD_CTX_set_ctx.html">EVP_MD_CTX_set_ctx(3)</a>. See also <a href="../man7/SM2.html">SM2(7)</a>.</p>
+
+<p>EVP_DigestVerifyUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the verification context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data. This function is currently implemented using a macro.</p>
+
+<p>EVP_DigestVerifyFinal() verifies the data in <b>ctx</b> against the signature in <b>sig</b> of length <b>siglen</b>.</p>
+
+<p>EVP_DigestVerify() verifies <b>tbslen</b> bytes at <b>tbs</b> against the signature in <b>sig</b> of length <b>siglen</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DigestVerifyFinal() and EVP_DigestVerify() return 1 for success; any other value indicates failure. A return value of zero indicates that the signature did not verify successfully (that is, <b>tbs</b> did not match the original data or the signature had an invalid form), while other values indicate a more serious error (and sometimes also indicate an invalid signature form).</p>
+
+<p>The error codes can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>EVP_DigestVerify() is a one shot operation which verifies a single block of data in one function. For algorithms that support streaming it is equivalent to calling EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal(). For algorithms which do not support streaming (e.g. PureEdDSA) it is the only way to verify data.</p>
+
+<p>In previous versions of OpenSSL there was a link between message digest types and public key algorithms. This meant that &quot;clone&quot; digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged.</p>
+
+<p>For some key types and parameters the random number generator must be seeded or the operation will fail.</p>
+
+<p>The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized, the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyUpdate.html
new file mode 100644
index 000000000..c40463372
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_DigestVerifyUpdate.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestVerifyInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
+                           size_t siglen);
+ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
+                      size_t siglen, const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_DigestVerifyInit() sets up verification context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>e</b> and public key <b>pkey</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function. If <b>pctx</b> is not NULL, the EVP_PKEY_CTX of the verification operation will be written to <b>*pctx</b>: this can be used to set alternative verification options. Note that any existing value in <b>*pctx</b> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if <b>ctx</b> is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit() and it will be freed automatically when the EVP_MD_CTX is freed).</p>
+
+<p>No <b>EVP_PKEY_CTX</b> will be created by EVP_DigsetSignInit() if the passed <b>ctx</b> has already been assigned one via <a href="../man3/EVP_MD_CTX_set_ctx.html">EVP_MD_CTX_set_ctx(3)</a>. See also <a href="../man7/SM2.html">SM2(7)</a>.</p>
+
+<p>EVP_DigestVerifyUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the verification context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data. This function is currently implemented using a macro.</p>
+
+<p>EVP_DigestVerifyFinal() verifies the data in <b>ctx</b> against the signature in <b>sig</b> of length <b>siglen</b>.</p>
+
+<p>EVP_DigestVerify() verifies <b>tbslen</b> bytes at <b>tbs</b> against the signature in <b>sig</b> of length <b>siglen</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DigestVerifyFinal() and EVP_DigestVerify() return 1 for success; any other value indicates failure. A return value of zero indicates that the signature did not verify successfully (that is, <b>tbs</b> did not match the original data or the signature had an invalid form), while other values indicate a more serious error (and sometimes also indicate an invalid signature form).</p>
+
+<p>The error codes can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>EVP_DigestVerify() is a one shot operation which verifies a single block of data in one function. For algorithms that support streaming it is equivalent to calling EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal(). For algorithms which do not support streaming (e.g. PureEdDSA) it is the only way to verify data.</p>
+
+<p>In previous versions of OpenSSL there was a link between message digest types and public key algorithms. This meant that &quot;clone&quot; digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged.</p>
+
+<p>For some key types and parameters the random number generator must be seeded or the operation will fail.</p>
+
+<p>The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized, the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_copy.html b/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_copy.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_copy.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_free.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_free.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_new.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_new.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_num.html b/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_num.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_num.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeBlock.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeBlock.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeBlock.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeFinal.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeFinal.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeInit.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeInit.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeUpdate.html
new file mode 100644
index 000000000..9f5339915
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncodeUpdate.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncodeInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy, EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64 encode/decode routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+ int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx);
+ int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+ int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP encode routines provide a high level interface to base 64 encoding and decoding. Base 64 encoding converts binary data into a printable form that uses the characters A-Z, a-z, 0-9, &quot;+&quot; and &quot;/&quot; to represent the data. For every 3 bytes of binary data provided 4 bytes of base 64 encoded data will be produced plus some occasional newlines (see below). If the input data length is not a multiple of 3 then the output data will be padded at the end using the &quot;=&quot; character.</p>
+
+<p>EVP_ENCODE_CTX_new() allocates, initializes and returns a context to be used for the encode/decode functions.</p>
+
+<p>EVP_ENCODE_CTX_free() cleans up an encode/decode context <b>ctx</b> and frees up the space allocated to it.</p>
+
+<p>Encoding of binary data is performed in blocks of 48 input bytes (or less for the final block). For each 48 byte input block encoded 64 bytes of base 64 data is output plus an additional newline character (i.e. 65 bytes in total). The final block (which may be less than 48 bytes) will output 4 bytes for every 3 bytes of input. If the data length is not divisible by 3 then a full 4 bytes is still output for the final 1 or 2 bytes of input. Similarly a newline character will also be output.</p>
+
+<p>EVP_EncodeInit() initialises <b>ctx</b> for the start of a new encoding operation.</p>
+
+<p>EVP_EncodeUpdate() encode <b>inl</b> bytes of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. Only full blocks of data (48 bytes) will be immediately processed and output by this function. Any remainder is held in the <b>ctx</b> object and will be processed by a subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the required size of the output buffer add together the value of <b>inl</b> with the amount of unprocessed data held in <b>ctx</b> and divide the result by 48 (ignore any remainder). This gives the number of blocks of data that will be processed. Ensure the output buffer contains 65 bytes of storage for each block, plus an additional byte for a NUL terminator. EVP_EncodeUpdate() may be called repeatedly to process large amounts of input data. In the event of an error EVP_EncodeUpdate() will set <b>*outl</b> to 0 and return 0. On success 1 will be returned.</p>
+
+<p>EVP_EncodeFinal() must be called at the end of an encoding operation. It will process any partial block of data remaining in the <b>ctx</b> object. The output data will be stored in <b>out</b> and the length of the data written will be stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that <b>out</b> is sufficiently large to accommodate the output data which will never be more than 65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).</p>
+
+<p>EVP_ENCODE_CTX_copy() can be used to copy a context <b>sctx</b> to a context <b>dctx</b>. <b>dctx</b> must be initialized before calling this function.</p>
+
+<p>EVP_ENCODE_CTX_num() will return the number of as yet unprocessed bytes still to be encoded or decoded that are pending in the <b>ctx</b> object.</p>
+
+<p>EVP_EncodeBlock() encodes a full block of input data in <b>f</b> and of length <b>dlen</b> and stores it in <b>t</b>. For every 3 bytes of input provided 4 bytes of output data will be produced. If <b>dlen</b> is not divisible by 3 then the block is encoded as a final block of data and the output is padded such that it is always divisible by 4. Additionally a NUL terminator character will be added. For example if 16 bytes of input data is provided then 24 bytes of encoded data is created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of the data generated <i>without</i> the NUL terminator is returned from the function.</p>
+
+<p>EVP_DecodeInit() initialises <b>ctx</b> for the start of a new decoding operation.</p>
+
+<p>EVP_DecodeUpdate() decodes <b>inl</b> characters of data found in the buffer pointed to by <b>in</b>. The output is stored in the buffer <b>out</b> and the number of bytes output is stored in <b>*outl</b>. It is the caller&#39;s responsibility to ensure that the buffer at <b>out</b> is sufficiently large to accommodate the output data. This function will attempt to decode as much data as possible in 4 byte chunks. Any whitespace, newline or carriage return characters are ignored. Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in the <b>ctx</b> object and processed by a subsequent call to EVP_DecodeUpdate(). If any illegal base 64 characters are encountered or if the base 64 padding character &quot;=&quot; is encountered in the middle of the data then the function returns -1 to indicate an error. A return value of 0 or 1 indicates successful processing of the data. A return value of 0 additionally indicates that the last input data characters processed included the base 64 padding character &quot;=&quot; and therefore no more non-padding character data is expected to be processed. For every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and line feeds), 3 bytes of binary output data will be produced (or less at the end of the data where the padding character &quot;=&quot; has been used).</p>
+
+<p>EVP_DecodeFinal() must be called at the end of a decoding operation. If there is any unprocessed data still in <b>ctx</b> then the input data must not have been a multiple of 4 and therefore an error has occurred. The function will return -1 in this case. Otherwise the function returns 1 on success.</p>
+
+<p>EVP_DecodeBlock() will decode the block of <b>n</b> characters of base 64 data contained in <b>f</b> and store the result in <b>t</b>. Any leading whitespace will be trimmed as will any trailing whitespace, newlines, carriage returns or EOF characters. After such trimming the length of the data in <b>f</b> must be divisible by 4. For every 4 input bytes exactly 3 output bytes will be produced. The output will be padded with 0 bits if necessary to ensure that the output is always 3 bytes for every 4 input bytes. This function will return the length of the data decoded or -1 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_ENCODE_CTX_new() returns a pointer to the newly allocated EVP_ENCODE_CTX object or NULL on error.</p>
+
+<p>EVP_ENCODE_CTX_num() returns the number of bytes pending encoding or decoding in <b>ctx</b>.</p>
+
+<p>EVP_EncodeUpdate() returns 0 on error or 1 on success.</p>
+
+<p>EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL terminator.</p>
+
+<p>EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned then no more non-padding base 64 characters are expected.</p>
+
+<p>EVP_DecodeFinal() returns -1 on error or 1 on success.</p>
+
+<p>EVP_DecodeBlock() returns the length of the data decoded or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptFinal.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptFinal.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptFinal_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptFinal_ex.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptFinal_ex.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptInit.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptInit.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptInit_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptInit_ex.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptInit_ex.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptUpdate.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_EncryptUpdate.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_block_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_block_size.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_block_size.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_clear_flags.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_clear_flags.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_copy.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_copy.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_copy.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_copy_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_copy_ex.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_copy_ex.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_ctrl.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_ctrl.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_free.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_free.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_md.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_md.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_md_data.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_md_data.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_md_data.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_new.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_new.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_reset.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_reset.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_reset.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_set_flags.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_set_flags.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_set_pkey_ctx.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_set_pkey_ctx.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_set_pkey_ctx.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_size.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_size.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_test_flags.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_test_flags.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_test_flags.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_type.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_CTX_type.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_block_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_block_size.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_block_size.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_dup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_dup.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_dup.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_free.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_free.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_app_datasize.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_app_datasize.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_app_datasize.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_cleanup.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_cleanup.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_copy.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_copy.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_copy.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_ctrl.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_ctrl.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_final.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_final.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_final.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_flags.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_flags.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_flags.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_init.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_init.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_input_blocksize.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_input_blocksize.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_input_blocksize.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_result_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_result_size.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_result_size.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_update.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_update.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_get_update.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_new.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_new.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_app_datasize.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_app_datasize.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_app_datasize.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_cleanup.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_cleanup.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_copy.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_copy.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_copy.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_ctrl.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_ctrl.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_final.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_final.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_final.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_flags.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_flags.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_init.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_init.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_input_blocksize.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_input_blocksize.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_input_blocksize.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_result_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_result_size.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_result_size.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_update.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_update.html
new file mode 100644
index 000000000..e30c7ba55
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_meth_set_update.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_MD_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl, EVP_MD_meth_get_input_blocksize, EVP_MD_meth_get_result_size, EVP_MD_meth_get_app_datasize, EVP_MD_meth_get_flags, EVP_MD_meth_get_init, EVP_MD_meth_get_update, EVP_MD_meth_get_final, EVP_MD_meth_get_copy, EVP_MD_meth_get_cleanup, EVP_MD_meth_get_ctrl - Routines to build up EVP_MD methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+ void EVP_MD_meth_free(EVP_MD *md);
+ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+
+ int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+ int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+ int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+ int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+                                                      const void *data,
+                                                      size_t count));
+ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+                                                    unsigned char *md));
+ int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+                                                  const EVP_MD_CTX *from));
+ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+ int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+                                                  int p1, void *p2));
+
+ int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+ int EVP_MD_meth_get_result_size(const EVP_MD *md);
+ int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+ unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                 const void *data,
+                                                 size_t count);
+ int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+                                                unsigned char *md);
+ int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+                                               const EVP_MD_CTX *from);
+ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+                                               int p1, void *p2);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_MD</b> type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.</p>
+
+<p>EVP_MD_meth_new() creates a new <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_dup() creates a copy of <b>md</b>.</p>
+
+<p>EVP_MD_meth_free() destroys a <b>EVP_MD</b> structure.</p>
+
+<p>EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method <b>md</b> to <b>blocksize</b> bytes.</p>
+
+<p>EVP_MD_meth_set_result_size() sets the size of the result that the digest method in <b>md</b> is expected to produce to <b>resultsize</b> bytes.</p>
+
+<p>The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to <b>datasize</b>.</p>
+
+<p>EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular <b>md</b>. Several flags can be or&#39;d together. The available flags are:</p>
+
+<dl>
+
+<dt id="EVP_MD_FLAG_ONESHOT">EVP_MD_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This digest method can only handles one block of input.</p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_NULL">EVP_MD_FLAG_DIGALGID_NULL</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter set to NULL by default. Use this for PKCS#1. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_ABSENT">EVP_MD_FLAG_DIGALGID_ABSENT</dt>
+<dd>
+
+<p>When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i></p>
+
+</dd>
+<dt id="EVP_MD_FLAG_DIGALGID_CUSTOM">EVP_MD_FLAG_DIGALGID_CUSTOM</dt>
+<dd>
+
+<p>Custom DigestAlgorithmIdentifier handling via ctrl, with <b>EVP_MD_FLAG_DIGALGID_ABSENT</b> as default. <i>Note: if combined with EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.</i> Currently unused.</p>
+
+</dd>
+</dl>
+
+<p>EVP_MD_meth_set_init() sets the digest init function for <b>md</b>. The digest init function is called by EVP_DigestInit(), EVP_DigestInit_ex(), EVP_SignInit, EVP_SignInit_ex(), EVP_VerifyInit() and EVP_VerifyInit_ex().</p>
+
+<p>EVP_MD_meth_set_update() sets the digest update function for <b>md</b>. The digest update function is called by EVP_DigestUpdate(), EVP_SignUpdate().</p>
+
+<p>EVP_MD_meth_set_final() sets the digest final function for <b>md</b>. The digest final function is called by EVP_DigestFinal(), EVP_DigestFinal_ex(), EVP_SignFinal() and EVP_VerifyFinal().</p>
+
+<p>EVP_MD_meth_set_copy() sets the function for <b>md</b> to do extra computations after the method&#39;s private data structure has been copied from one <b>EVP_MD_CTX</b> to another. If all that&#39;s needed is to copy the data, there is no need for this copy function. Note that the copy function is passed two <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This copy function is called by EVP_MD_CTX_copy() and EVP_MD_CTX_copy_ex().</p>
+
+<p>EVP_MD_meth_set_cleanup() sets the function for <b>md</b> to do extra cleanup before the method&#39;s private data structure is cleaned out and freed. Note that the cleanup function is passed a <b>EVP_MD_CTX *</b>, the private data structure is then available with EVP_MD_CTX_md_data(). This cleanup function is called by EVP_MD_CTX_reset() and EVP_MD_CTX_free().</p>
+
+<p>EVP_MD_meth_set_ctrl() sets the control function for <b>md</b>.</p>
+
+<p>EVP_MD_meth_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize(), EVP_MD_meth_get_flags(), EVP_MD_meth_get_init(), EVP_MD_meth_get_update(), EVP_MD_meth_get_final(), EVP_MD_meth_get_copy(), EVP_MD_meth_get_cleanup() and EVP_MD_meth_get_ctrl() are all used to retrieve the method data given with the EVP_MD_meth_set_*() functions above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created <b>EVP_MD</b>, or NULL on failure. All EVP_MD_meth_set_*() functions return 1. EVP_MD_get_input_blocksize(), EVP_MD_meth_get_result_size(), EVP_MD_meth_get_app_datasize() and EVP_MD_meth_get_flags() return the indicated sizes or flags. All other EVP_CIPHER_meth_get_*() functions return pointers to their respective <b>md</b> function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>EVP_MD</b> structure was openly available in OpenSSL before version 1.1. The functions described here were added in OpenSSL 1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_pkey_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_pkey_type.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_pkey_type.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_size.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_size.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_MD_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_type.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_MD_type.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_OpenFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_OpenFinal.html
new file mode 100644
index 000000000..1e8d7383c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_OpenFinal.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_OpenInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
+                  int ekl, unsigned char *iv, EVP_PKEY *priv);
+ int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                    int *outl, unsigned char *in, int inl);
+ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP envelope routines are a high level interface to envelope decryption. They decrypt a public key encrypted symmetric key and then decrypt data using it.</p>
+
+<p>EVP_OpenInit() initializes a cipher context <b>ctx</b> for decryption with cipher <b>type</b>. It decrypts the encrypted symmetric key of length <b>ekl</b> bytes passed in the <b>ek</b> parameter using the private key <b>priv</b>. The IV is supplied in the <b>iv</b> parameter.</p>
+
+<p>EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as documented on the <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> manual page.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is possible to call EVP_OpenInit() twice in the same way as EVP_DecryptInit(). The first call should have <b>priv</b> set to NULL and (after setting any cipher parameters) it should be called again with <b>type</b> set to NULL.</p>
+
+<p>If the cipher passed in the <b>type</b> parameter is a variable length cipher then the key length will be set to the value of the recovered key length. If the cipher is a fixed length cipher then the recovered key length must match the fixed cipher length.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_OpenInit() returns 0 on error or a non zero integer (actually the recovered secret key size) if successful.</p>
+
+<p>EVP_OpenUpdate() returns 1 for success or 0 for failure.</p>
+
+<p>EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_SealInit.html">EVP_SealInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_OpenInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_OpenInit.html
new file mode 100644
index 000000000..1e8d7383c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_OpenInit.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_OpenInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
+                  int ekl, unsigned char *iv, EVP_PKEY *priv);
+ int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                    int *outl, unsigned char *in, int inl);
+ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP envelope routines are a high level interface to envelope decryption. They decrypt a public key encrypted symmetric key and then decrypt data using it.</p>
+
+<p>EVP_OpenInit() initializes a cipher context <b>ctx</b> for decryption with cipher <b>type</b>. It decrypts the encrypted symmetric key of length <b>ekl</b> bytes passed in the <b>ek</b> parameter using the private key <b>priv</b>. The IV is supplied in the <b>iv</b> parameter.</p>
+
+<p>EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as documented on the <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> manual page.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is possible to call EVP_OpenInit() twice in the same way as EVP_DecryptInit(). The first call should have <b>priv</b> set to NULL and (after setting any cipher parameters) it should be called again with <b>type</b> set to NULL.</p>
+
+<p>If the cipher passed in the <b>type</b> parameter is a variable length cipher then the key length will be set to the value of the recovered key length. If the cipher is a fixed length cipher then the recovered key length must match the fixed cipher length.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_OpenInit() returns 0 on error or a non zero integer (actually the recovered secret key size) if successful.</p>
+
+<p>EVP_OpenUpdate() returns 1 for success or 0 for failure.</p>
+
+<p>EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_SealInit.html">EVP_SealInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_OpenUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_OpenUpdate.html
new file mode 100644
index 000000000..1e8d7383c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_OpenUpdate.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_OpenInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
+                  int ekl, unsigned char *iv, EVP_PKEY *priv);
+ int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                    int *outl, unsigned char *in, int inl);
+ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP envelope routines are a high level interface to envelope decryption. They decrypt a public key encrypted symmetric key and then decrypt data using it.</p>
+
+<p>EVP_OpenInit() initializes a cipher context <b>ctx</b> for decryption with cipher <b>type</b>. It decrypts the encrypted symmetric key of length <b>ekl</b> bytes passed in the <b>ek</b> parameter using the private key <b>priv</b>. The IV is supplied in the <b>iv</b> parameter.</p>
+
+<p>EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as documented on the <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> manual page.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is possible to call EVP_OpenInit() twice in the same way as EVP_DecryptInit(). The first call should have <b>priv</b> set to NULL and (after setting any cipher parameters) it should be called again with <b>type</b> set to NULL.</p>
+
+<p>If the cipher passed in the <b>type</b> parameter is a variable length cipher then the key length will be set to the value of the recovered key length. If the cipher is a fixed length cipher then the recovered key length must match the fixed cipher length.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_OpenInit() returns 0 on error or a non zero integer (actually the recovered secret key size) if successful.</p>
+
+<p>EVP_OpenUpdate() returns 1 for success or 0 for failure.</p>
+
+<p>EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_SealInit.html">EVP_SealInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_ASN1_METHOD.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_ASN1_METHOD.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_ASN1_METHOD.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_add1_hkdf_info.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_add1_hkdf_info.html
new file mode 100644
index 000000000..5bdcd18ca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_add1_hkdf_info.html
@@ -0,0 +1,153 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_hkdf_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_hkdf_md, EVP_PKEY_CTX_set1_hkdf_salt, EVP_PKEY_CTX_set1_hkdf_key, EVP_PKEY_CTX_add1_hkdf_info, EVP_PKEY_CTX_hkdf_mode - HMAC-based Extract-and-Expand key derivation algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *pctx, int mode);
+
+ int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
+
+ int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                 int saltlen);
+
+ int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *pctx, unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *pctx, unsigned char *info,
+                                 int infolen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_HKDF algorithm implements the HKDF key derivation function. HKDF follows the &quot;extract-then-expand&quot; paradigm, where the KDF logically consists of two modules. The first stage takes the input keying material and &quot;extracts&quot; from it a fixed-length pseudorandom key K. The second stage &quot;expands&quot; the key K into several additional pseudorandom keys (the output of the KDF).</p>
+
+<p>EVP_PKEY_CTX_hkdf_mode() sets the mode for the HKDF operation. There are three modes that are currently defined:</p>
+
+<dl>
+
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND">EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND</dt>
+<dd>
+
+<p>This is the default mode. Calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> on an EVP_PKEY_CTX set up for HKDF will perform an extract followed by an expand operation in one go. The derived key returned will be the result after the expand operation. The intermediate fixed-length pseudorandom key K is not returned.</p>
+
+<p>In this mode the digest, key, salt and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY">EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the extract operation. The value returned will be the intermediate fixed-length pseudorandom key K.</p>
+
+<p>The digest, key and salt values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXPAND_ONLY">EVP_PKEY_HKDEF_MODE_EXPAND_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the expand operation. The input key should be set to the intermediate fixed-length pseudorandom key K returned from a previous extract operation.</p>
+
+<p>The digest, key and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+</dl>
+
+<p>EVP_PKEY_CTX_set_hkdf_md() sets the message digest associated with the HKDF.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_salt() sets the salt to <b>saltlen</b> bytes of the buffer <b>salt</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_key() sets the key to <b>keylen</b> bytes of the buffer <b>key</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_add1_hkdf_info() sets the info value to <b>infolen</b> bytes of the buffer <b>info</b>. If a value is already set, it is appended to the existing value.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>HKDF also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>type</b> parameter &quot;md&quot; uses the supplied <b>value</b> as the name of the digest algorithm to use. The <b>type</b> parameter &quot;mode&quot; uses the values &quot;EXTRACT_AND_EXPAND&quot;, &quot;EXTRACT_ONLY&quot; and &quot;EXPAND_ONLY&quot; to determine the mode to use. The <b>type</b> parameters &quot;salt&quot;, &quot;key&quot; and &quot;info&quot; use the supplied <b>value</b> parameter as a <b>seed</b>, <b>key</b> or <b>info</b> value. The names &quot;hexsalt&quot;, &quot;hexkey&quot; and &quot;hexinfo&quot; are similar except they take a hex string which is converted to binary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>A context for HKDF can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);</code></pre>
+
+<p>The total length of the info buffer cannot exceed 1024 bytes in length: this should be more than enough for any normal use of HKDF.</p>
+
+<p>The output length of an HKDF expand operation is specified via the length parameter to the <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> function. Since the HKDF output length is variable, passing a <b>NULL</b> buffer as a means to obtain the requisite length is not meaningful with HKDF in any mode that performs an expand operation. Instead, the caller must allocate a buffer of the desired length, and pass that buffer to <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> along with (a pointer initialized to) the desired length. Passing a <b>NULL</b> buffer to obtain the length is allowed when using EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY.</p>
+
+<p>Optimised versions of HKDF can be implemented in an ENGINE.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives 10 bytes using SHA-256 with the secret key &quot;secret&quot;, salt value &quot;salt&quot; and info value &quot;label&quot;:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, &quot;salt&quot;, 4) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_key(pctx, &quot;secret&quot;, 6) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_hkdf_info(pctx, &quot;label&quot;, 5) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0)
+     /* Error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 5869</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_add1_tls1_prf_seed.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_add1_tls1_prf_seed.html
new file mode 100644
index 000000000..15e36d81a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_add1_tls1_prf_seed.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_tls1_prf_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_tls1_prf_md, EVP_PKEY_CTX_set1_tls1_prf_secret, EVP_PKEY_CTX_add1_tls1_prf_seed - TLS PRF key derivation algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *pctx,
+                                       unsigned char *sec, int seclen);
+ int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *pctx,
+                                     unsigned char *seed, int seedlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_PKEY_TLS1_PRF</b> algorithm implements the PRF key derivation function for TLS. It has no associated private key and only implements key derivation using <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<p>EVP_PKEY_set_tls1_prf_md() sets the message digest associated with the TLS PRF. EVP_md5_sha1() is treated as a special case which uses the PRF algorithm using both <b>MD5</b> and <b>SHA1</b> as used in TLS 1.0 and 1.1.</p>
+
+<p>EVP_PKEY_CTX_set_tls1_prf_secret() sets the secret value of the TLS PRF to <b>seclen</b> bytes of the buffer <b>sec</b>. Any existing secret value is replaced and any seed is reset.</p>
+
+<p>EVP_PKEY_CTX_add1_tls1_prf_seed() sets the seed to <b>seedlen</b> bytes of <b>seed</b>. If a seed is already set it is appended to the existing value.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>The TLS PRF also supports string based control operations using <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>type</b> parameter &quot;md&quot; uses the supplied <b>value</b> as the name of the digest algorithm to use. The <b>type</b> parameters &quot;secret&quot; and &quot;seed&quot; use the supplied <b>value</b> parameter as a secret or seed value. The names &quot;hexsecret&quot; and &quot;hexseed&quot; are similar except they take a hex string which is converted to binary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>A context for the TLS PRF can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);</code></pre>
+
+<p>The digest, secret value and seed must be set before a key is derived or an error occurs.</p>
+
+<p>The total length of all seeds cannot exceed 1024 bytes in length: this should be more than enough for any normal use of the TLS PRF.</p>
+
+<p>The output length of the PRF is specified by the length parameter in the EVP_PKEY_derive() function. Since the output length is variable, setting the buffer to <b>NULL</b> is not meaningful for the TLS PRF.</p>
+
+<p>Optimised versions of the TLS PRF can be implemented in an ENGINE.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives 10 bytes using SHA-256 with the secret key &quot;secret&quot; and seed value &quot;seed&quot;:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, &quot;secret&quot;, 6) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, &quot;seed&quot;, 4) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0)
+     /* Error */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl_str.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl_str.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl_str.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl_uint64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl_uint64.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl_uint64.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_dup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_dup.html
new file mode 100644
index 000000000..b398a22c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_dup.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - public key algorithm context functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_CTX_new() function allocates public key algorithm context using the algorithm specified in <b>pkey</b> and ENGINE <b>e</b>.</p>
+
+<p>The EVP_PKEY_CTX_new_id() function allocates public key algorithm context using the algorithm specified by <b>id</b> and ENGINE <b>e</b>. It is normally used when no <b>EVP_PKEY</b> structure is associated with the operations, for example during parameter generation of key generation for some algorithms.</p>
+
+<p>EVP_PKEY_CTX_dup() duplicates the context <b>ctx</b>.</p>
+
+<p>EVP_PKEY_CTX_free() frees up the context <b>ctx</b>. If <b>ctx</b> is NULL, nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY_CTX</b> structure is an opaque public key algorithm context used by the OpenSSL high level public key API. Contexts <b>MUST NOT</b> be shared between threads: that is it is not permissible to use the same context simultaneously in two threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either the newly allocated <b>EVP_PKEY_CTX</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_CTX_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_free.html
new file mode 100644
index 000000000..b398a22c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_free.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - public key algorithm context functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_CTX_new() function allocates public key algorithm context using the algorithm specified in <b>pkey</b> and ENGINE <b>e</b>.</p>
+
+<p>The EVP_PKEY_CTX_new_id() function allocates public key algorithm context using the algorithm specified by <b>id</b> and ENGINE <b>e</b>. It is normally used when no <b>EVP_PKEY</b> structure is associated with the operations, for example during parameter generation of key generation for some algorithms.</p>
+
+<p>EVP_PKEY_CTX_dup() duplicates the context <b>ctx</b>.</p>
+
+<p>EVP_PKEY_CTX_free() frees up the context <b>ctx</b>. If <b>ctx</b> is NULL, nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY_CTX</b> structure is an opaque public key algorithm context used by the OpenSSL high level public key API. Contexts <b>MUST NOT</b> be shared between threads: that is it is not permissible to use the same context simultaneously in two threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either the newly allocated <b>EVP_PKEY_CTX</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_CTX_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_dh_kdf_oid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_dh_kdf_oid.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_dh_kdf_oid.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_dh_kdf_ukm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_dh_kdf_ukm.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_dh_kdf_ukm.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_ecdh_kdf_ukm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_ecdh_kdf_ukm.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_ecdh_kdf_ukm.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_rsa_oaep_label.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_rsa_oaep_label.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_rsa_oaep_label.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get1_id.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get1_id.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get1_id.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get1_id_len.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get1_id_len.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get1_id_len.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_app_data.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_app_data.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_app_data.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_cb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_cb.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_cb.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_outlen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_outlen.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_outlen.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_type.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_type.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_cofactor_mode.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_cofactor_mode.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_cofactor_mode.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_outlen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_outlen.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_outlen.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_type.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_type.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_keygen_info.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_keygen_info.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_keygen_info.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_mgf1_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_mgf1_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_mgf1_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_oaep_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_oaep_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_oaep_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_padding.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_padding.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_padding.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_pss_saltlen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_pss_saltlen.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_pss_saltlen.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_signature_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_signature_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_signature_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_hkdf_mode.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_hkdf_mode.html
new file mode 100644
index 000000000..5bdcd18ca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_hkdf_mode.html
@@ -0,0 +1,153 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_hkdf_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_hkdf_md, EVP_PKEY_CTX_set1_hkdf_salt, EVP_PKEY_CTX_set1_hkdf_key, EVP_PKEY_CTX_add1_hkdf_info, EVP_PKEY_CTX_hkdf_mode - HMAC-based Extract-and-Expand key derivation algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *pctx, int mode);
+
+ int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
+
+ int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                 int saltlen);
+
+ int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *pctx, unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *pctx, unsigned char *info,
+                                 int infolen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_HKDF algorithm implements the HKDF key derivation function. HKDF follows the &quot;extract-then-expand&quot; paradigm, where the KDF logically consists of two modules. The first stage takes the input keying material and &quot;extracts&quot; from it a fixed-length pseudorandom key K. The second stage &quot;expands&quot; the key K into several additional pseudorandom keys (the output of the KDF).</p>
+
+<p>EVP_PKEY_CTX_hkdf_mode() sets the mode for the HKDF operation. There are three modes that are currently defined:</p>
+
+<dl>
+
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND">EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND</dt>
+<dd>
+
+<p>This is the default mode. Calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> on an EVP_PKEY_CTX set up for HKDF will perform an extract followed by an expand operation in one go. The derived key returned will be the result after the expand operation. The intermediate fixed-length pseudorandom key K is not returned.</p>
+
+<p>In this mode the digest, key, salt and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY">EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the extract operation. The value returned will be the intermediate fixed-length pseudorandom key K.</p>
+
+<p>The digest, key and salt values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXPAND_ONLY">EVP_PKEY_HKDEF_MODE_EXPAND_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the expand operation. The input key should be set to the intermediate fixed-length pseudorandom key K returned from a previous extract operation.</p>
+
+<p>The digest, key and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+</dl>
+
+<p>EVP_PKEY_CTX_set_hkdf_md() sets the message digest associated with the HKDF.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_salt() sets the salt to <b>saltlen</b> bytes of the buffer <b>salt</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_key() sets the key to <b>keylen</b> bytes of the buffer <b>key</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_add1_hkdf_info() sets the info value to <b>infolen</b> bytes of the buffer <b>info</b>. If a value is already set, it is appended to the existing value.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>HKDF also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>type</b> parameter &quot;md&quot; uses the supplied <b>value</b> as the name of the digest algorithm to use. The <b>type</b> parameter &quot;mode&quot; uses the values &quot;EXTRACT_AND_EXPAND&quot;, &quot;EXTRACT_ONLY&quot; and &quot;EXPAND_ONLY&quot; to determine the mode to use. The <b>type</b> parameters &quot;salt&quot;, &quot;key&quot; and &quot;info&quot; use the supplied <b>value</b> parameter as a <b>seed</b>, <b>key</b> or <b>info</b> value. The names &quot;hexsalt&quot;, &quot;hexkey&quot; and &quot;hexinfo&quot; are similar except they take a hex string which is converted to binary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>A context for HKDF can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);</code></pre>
+
+<p>The total length of the info buffer cannot exceed 1024 bytes in length: this should be more than enough for any normal use of HKDF.</p>
+
+<p>The output length of an HKDF expand operation is specified via the length parameter to the <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> function. Since the HKDF output length is variable, passing a <b>NULL</b> buffer as a means to obtain the requisite length is not meaningful with HKDF in any mode that performs an expand operation. Instead, the caller must allocate a buffer of the desired length, and pass that buffer to <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> along with (a pointer initialized to) the desired length. Passing a <b>NULL</b> buffer to obtain the length is allowed when using EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY.</p>
+
+<p>Optimised versions of HKDF can be implemented in an ENGINE.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives 10 bytes using SHA-256 with the secret key &quot;secret&quot;, salt value &quot;salt&quot; and info value &quot;label&quot;:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, &quot;salt&quot;, 4) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_key(pctx, &quot;secret&quot;, 6) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_hkdf_info(pctx, &quot;label&quot;, 5) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0)
+     /* Error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 5869</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_new.html
new file mode 100644
index 000000000..b398a22c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_new.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - public key algorithm context functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_CTX_new() function allocates public key algorithm context using the algorithm specified in <b>pkey</b> and ENGINE <b>e</b>.</p>
+
+<p>The EVP_PKEY_CTX_new_id() function allocates public key algorithm context using the algorithm specified by <b>id</b> and ENGINE <b>e</b>. It is normally used when no <b>EVP_PKEY</b> structure is associated with the operations, for example during parameter generation of key generation for some algorithms.</p>
+
+<p>EVP_PKEY_CTX_dup() duplicates the context <b>ctx</b>.</p>
+
+<p>EVP_PKEY_CTX_free() frees up the context <b>ctx</b>. If <b>ctx</b> is NULL, nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY_CTX</b> structure is an opaque public key algorithm context used by the OpenSSL high level public key API. Contexts <b>MUST NOT</b> be shared between threads: that is it is not permissible to use the same context simultaneously in two threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either the newly allocated <b>EVP_PKEY_CTX</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_CTX_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_new_id.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_new_id.html
new file mode 100644
index 000000000..b398a22c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_new_id.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - public key algorithm context functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_CTX_new() function allocates public key algorithm context using the algorithm specified in <b>pkey</b> and ENGINE <b>e</b>.</p>
+
+<p>The EVP_PKEY_CTX_new_id() function allocates public key algorithm context using the algorithm specified by <b>id</b> and ENGINE <b>e</b>. It is normally used when no <b>EVP_PKEY</b> structure is associated with the operations, for example during parameter generation of key generation for some algorithms.</p>
+
+<p>EVP_PKEY_CTX_dup() duplicates the context <b>ctx</b>.</p>
+
+<p>EVP_PKEY_CTX_free() frees up the context <b>ctx</b>. If <b>ctx</b> is NULL, nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY_CTX</b> structure is an opaque public key algorithm context used by the OpenSSL high level public key API. Contexts <b>MUST NOT</b> be shared between threads: that is it is not permissible to use the same context simultaneously in two threads.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either the newly allocated <b>EVP_PKEY_CTX</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_CTX_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_dh_kdf_oid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_dh_kdf_oid.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_dh_kdf_oid.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_dh_kdf_ukm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_dh_kdf_ukm.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_dh_kdf_ukm.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_ecdh_kdf_ukm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_ecdh_kdf_ukm.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_ecdh_kdf_ukm.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_rsa_oaep_label.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_rsa_oaep_label.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_rsa_oaep_label.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_hkdf_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_hkdf_key.html
new file mode 100644
index 000000000..5bdcd18ca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_hkdf_key.html
@@ -0,0 +1,153 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_hkdf_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_hkdf_md, EVP_PKEY_CTX_set1_hkdf_salt, EVP_PKEY_CTX_set1_hkdf_key, EVP_PKEY_CTX_add1_hkdf_info, EVP_PKEY_CTX_hkdf_mode - HMAC-based Extract-and-Expand key derivation algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *pctx, int mode);
+
+ int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
+
+ int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                 int saltlen);
+
+ int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *pctx, unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *pctx, unsigned char *info,
+                                 int infolen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_HKDF algorithm implements the HKDF key derivation function. HKDF follows the &quot;extract-then-expand&quot; paradigm, where the KDF logically consists of two modules. The first stage takes the input keying material and &quot;extracts&quot; from it a fixed-length pseudorandom key K. The second stage &quot;expands&quot; the key K into several additional pseudorandom keys (the output of the KDF).</p>
+
+<p>EVP_PKEY_CTX_hkdf_mode() sets the mode for the HKDF operation. There are three modes that are currently defined:</p>
+
+<dl>
+
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND">EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND</dt>
+<dd>
+
+<p>This is the default mode. Calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> on an EVP_PKEY_CTX set up for HKDF will perform an extract followed by an expand operation in one go. The derived key returned will be the result after the expand operation. The intermediate fixed-length pseudorandom key K is not returned.</p>
+
+<p>In this mode the digest, key, salt and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY">EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the extract operation. The value returned will be the intermediate fixed-length pseudorandom key K.</p>
+
+<p>The digest, key and salt values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXPAND_ONLY">EVP_PKEY_HKDEF_MODE_EXPAND_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the expand operation. The input key should be set to the intermediate fixed-length pseudorandom key K returned from a previous extract operation.</p>
+
+<p>The digest, key and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+</dl>
+
+<p>EVP_PKEY_CTX_set_hkdf_md() sets the message digest associated with the HKDF.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_salt() sets the salt to <b>saltlen</b> bytes of the buffer <b>salt</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_key() sets the key to <b>keylen</b> bytes of the buffer <b>key</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_add1_hkdf_info() sets the info value to <b>infolen</b> bytes of the buffer <b>info</b>. If a value is already set, it is appended to the existing value.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>HKDF also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>type</b> parameter &quot;md&quot; uses the supplied <b>value</b> as the name of the digest algorithm to use. The <b>type</b> parameter &quot;mode&quot; uses the values &quot;EXTRACT_AND_EXPAND&quot;, &quot;EXTRACT_ONLY&quot; and &quot;EXPAND_ONLY&quot; to determine the mode to use. The <b>type</b> parameters &quot;salt&quot;, &quot;key&quot; and &quot;info&quot; use the supplied <b>value</b> parameter as a <b>seed</b>, <b>key</b> or <b>info</b> value. The names &quot;hexsalt&quot;, &quot;hexkey&quot; and &quot;hexinfo&quot; are similar except they take a hex string which is converted to binary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>A context for HKDF can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);</code></pre>
+
+<p>The total length of the info buffer cannot exceed 1024 bytes in length: this should be more than enough for any normal use of HKDF.</p>
+
+<p>The output length of an HKDF expand operation is specified via the length parameter to the <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> function. Since the HKDF output length is variable, passing a <b>NULL</b> buffer as a means to obtain the requisite length is not meaningful with HKDF in any mode that performs an expand operation. Instead, the caller must allocate a buffer of the desired length, and pass that buffer to <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> along with (a pointer initialized to) the desired length. Passing a <b>NULL</b> buffer to obtain the length is allowed when using EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY.</p>
+
+<p>Optimised versions of HKDF can be implemented in an ENGINE.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives 10 bytes using SHA-256 with the secret key &quot;secret&quot;, salt value &quot;salt&quot; and info value &quot;label&quot;:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, &quot;salt&quot;, 4) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_key(pctx, &quot;secret&quot;, 6) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_hkdf_info(pctx, &quot;label&quot;, 5) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0)
+     /* Error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 5869</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_hkdf_salt.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_hkdf_salt.html
new file mode 100644
index 000000000..5bdcd18ca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_hkdf_salt.html
@@ -0,0 +1,153 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_hkdf_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_hkdf_md, EVP_PKEY_CTX_set1_hkdf_salt, EVP_PKEY_CTX_set1_hkdf_key, EVP_PKEY_CTX_add1_hkdf_info, EVP_PKEY_CTX_hkdf_mode - HMAC-based Extract-and-Expand key derivation algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *pctx, int mode);
+
+ int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
+
+ int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                 int saltlen);
+
+ int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *pctx, unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *pctx, unsigned char *info,
+                                 int infolen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_HKDF algorithm implements the HKDF key derivation function. HKDF follows the &quot;extract-then-expand&quot; paradigm, where the KDF logically consists of two modules. The first stage takes the input keying material and &quot;extracts&quot; from it a fixed-length pseudorandom key K. The second stage &quot;expands&quot; the key K into several additional pseudorandom keys (the output of the KDF).</p>
+
+<p>EVP_PKEY_CTX_hkdf_mode() sets the mode for the HKDF operation. There are three modes that are currently defined:</p>
+
+<dl>
+
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND">EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND</dt>
+<dd>
+
+<p>This is the default mode. Calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> on an EVP_PKEY_CTX set up for HKDF will perform an extract followed by an expand operation in one go. The derived key returned will be the result after the expand operation. The intermediate fixed-length pseudorandom key K is not returned.</p>
+
+<p>In this mode the digest, key, salt and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY">EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the extract operation. The value returned will be the intermediate fixed-length pseudorandom key K.</p>
+
+<p>The digest, key and salt values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXPAND_ONLY">EVP_PKEY_HKDEF_MODE_EXPAND_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the expand operation. The input key should be set to the intermediate fixed-length pseudorandom key K returned from a previous extract operation.</p>
+
+<p>The digest, key and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+</dl>
+
+<p>EVP_PKEY_CTX_set_hkdf_md() sets the message digest associated with the HKDF.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_salt() sets the salt to <b>saltlen</b> bytes of the buffer <b>salt</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_key() sets the key to <b>keylen</b> bytes of the buffer <b>key</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_add1_hkdf_info() sets the info value to <b>infolen</b> bytes of the buffer <b>info</b>. If a value is already set, it is appended to the existing value.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>HKDF also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>type</b> parameter &quot;md&quot; uses the supplied <b>value</b> as the name of the digest algorithm to use. The <b>type</b> parameter &quot;mode&quot; uses the values &quot;EXTRACT_AND_EXPAND&quot;, &quot;EXTRACT_ONLY&quot; and &quot;EXPAND_ONLY&quot; to determine the mode to use. The <b>type</b> parameters &quot;salt&quot;, &quot;key&quot; and &quot;info&quot; use the supplied <b>value</b> parameter as a <b>seed</b>, <b>key</b> or <b>info</b> value. The names &quot;hexsalt&quot;, &quot;hexkey&quot; and &quot;hexinfo&quot; are similar except they take a hex string which is converted to binary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>A context for HKDF can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);</code></pre>
+
+<p>The total length of the info buffer cannot exceed 1024 bytes in length: this should be more than enough for any normal use of HKDF.</p>
+
+<p>The output length of an HKDF expand operation is specified via the length parameter to the <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> function. Since the HKDF output length is variable, passing a <b>NULL</b> buffer as a means to obtain the requisite length is not meaningful with HKDF in any mode that performs an expand operation. Instead, the caller must allocate a buffer of the desired length, and pass that buffer to <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> along with (a pointer initialized to) the desired length. Passing a <b>NULL</b> buffer to obtain the length is allowed when using EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY.</p>
+
+<p>Optimised versions of HKDF can be implemented in an ENGINE.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives 10 bytes using SHA-256 with the secret key &quot;secret&quot;, salt value &quot;salt&quot; and info value &quot;label&quot;:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, &quot;salt&quot;, 4) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_key(pctx, &quot;secret&quot;, 6) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_hkdf_info(pctx, &quot;label&quot;, 5) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0)
+     /* Error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 5869</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_id.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_id.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_id.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html
new file mode 100644
index 000000000..7ba20f56e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set1_pbe_pass</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set1_pbe_pass - generic KDF support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *pctx, unsigned char *pass,
+                                int passlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are generic support functions for all KDF algorithms.</p>
+
+<p>EVP_PKEY_CTX_set1_pbe_pass() sets the password to the <b>passlen</b> first bytes from <b>pass</b>.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>There is also support for string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>password</b> can be directly specified using the <b>type</b> parameter &quot;pass&quot; or given in hex encoding using the &quot;hexpass&quot; parameter.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_scrypt_salt.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_scrypt_salt.html
new file mode 100644
index 000000000..d1d4b0eb7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_scrypt_salt.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_scrypt_N</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt, EVP_PKEY_CTX_set_scrypt_N, EVP_PKEY_CTX_set_scrypt_r, EVP_PKEY_CTX_set_scrypt_p, EVP_PKEY_CTX_set_scrypt_maxmem_bytes - EVP_PKEY scrypt KDF support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                   int saltlen);
+
+ int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *pctx, uint64_t N);
+
+ int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *pctx, uint64_t r);
+
+ int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *pctx, uint64_t p);
+
+ int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *pctx,
+                                          uint64_t maxmem);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to set up the necessary data to use the scrypt KDF. For more information on scrypt, see <a href="../man7/scrypt.html">scrypt(7)</a>.</p>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt() sets the <b>saltlen</b> bytes long salt value.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_N(), EVP_PKEY_CTX_set_scrypt_r() and EVP_PKEY_CTX_set_scrypt_p() configure the work factors N, r and p.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_maxmem_bytes() sets how much RAM key derivation may maximally use, given in bytes. If RAM is exceeded because the load factors are chosen too high, the key derivation will fail.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>scrypt also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. Similarly, the <b>salt</b> can either be specified using the <b>type</b> parameter &quot;salt&quot; or in hex encoding by using the &quot;hexsalt&quot; parameter. The work factors <b>N</b>, <b>r</b> and <b>p</b> as well as <b>maxmem_bytes</b> can be set by using the parameters &quot;N&quot;, &quot;r&quot;, &quot;p&quot; and &quot;maxmem_bytes&quot;, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as the value from the string controls &quot;pass&quot; and &quot;hexpass&quot;. See <a href="../man3/EVP_PKEY_CTX_set1_pbe_pass.html">EVP_PKEY_CTX_set1_pbe_pass(3)</a>.</p>
+
+<p>All the functions described here are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/scrypt.html">scrypt(7)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_tls1_prf_secret.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_tls1_prf_secret.html
new file mode 100644
index 000000000..15e36d81a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_tls1_prf_secret.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_tls1_prf_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_tls1_prf_md, EVP_PKEY_CTX_set1_tls1_prf_secret, EVP_PKEY_CTX_add1_tls1_prf_seed - TLS PRF key derivation algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *pctx,
+                                       unsigned char *sec, int seclen);
+ int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *pctx,
+                                     unsigned char *seed, int seedlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_PKEY_TLS1_PRF</b> algorithm implements the PRF key derivation function for TLS. It has no associated private key and only implements key derivation using <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<p>EVP_PKEY_set_tls1_prf_md() sets the message digest associated with the TLS PRF. EVP_md5_sha1() is treated as a special case which uses the PRF algorithm using both <b>MD5</b> and <b>SHA1</b> as used in TLS 1.0 and 1.1.</p>
+
+<p>EVP_PKEY_CTX_set_tls1_prf_secret() sets the secret value of the TLS PRF to <b>seclen</b> bytes of the buffer <b>sec</b>. Any existing secret value is replaced and any seed is reset.</p>
+
+<p>EVP_PKEY_CTX_add1_tls1_prf_seed() sets the seed to <b>seedlen</b> bytes of <b>seed</b>. If a seed is already set it is appended to the existing value.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>The TLS PRF also supports string based control operations using <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>type</b> parameter &quot;md&quot; uses the supplied <b>value</b> as the name of the digest algorithm to use. The <b>type</b> parameters &quot;secret&quot; and &quot;seed&quot; use the supplied <b>value</b> parameter as a secret or seed value. The names &quot;hexsecret&quot; and &quot;hexseed&quot; are similar except they take a hex string which is converted to binary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>A context for the TLS PRF can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);</code></pre>
+
+<p>The digest, secret value and seed must be set before a key is derived or an error occurs.</p>
+
+<p>The total length of all seeds cannot exceed 1024 bytes in length: this should be more than enough for any normal use of the TLS PRF.</p>
+
+<p>The output length of the PRF is specified by the length parameter in the EVP_PKEY_derive() function. Since the output length is variable, setting the buffer to <b>NULL</b> is not meaningful for the TLS PRF.</p>
+
+<p>Optimised versions of the TLS PRF can be implemented in an ENGINE.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives 10 bytes using SHA-256 with the secret key &quot;secret&quot; and seed value &quot;seed&quot;:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, &quot;secret&quot;, 6) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, &quot;seed&quot;, 4) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0)
+     /* Error */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_app_data.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_app_data.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_app_data.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_cb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_cb.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_cb.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_outlen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_outlen.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_outlen.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_type.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_type.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_nid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_nid.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_nid.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_pad.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_pad.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_pad.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_subprime_len.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_subprime_len.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_subprime_len.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_type.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_type.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_rfc5114.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_rfc5114.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_rfc5114.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dhx_rfc5114.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dhx_rfc5114.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dhx_rfc5114.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ec_param_enc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ec_param_enc.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ec_param_enc.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_outlen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_outlen.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_outlen.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_type.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_type.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_hkdf_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_hkdf_md.html
new file mode 100644
index 000000000..5bdcd18ca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_hkdf_md.html
@@ -0,0 +1,153 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_hkdf_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_hkdf_md, EVP_PKEY_CTX_set1_hkdf_salt, EVP_PKEY_CTX_set1_hkdf_key, EVP_PKEY_CTX_add1_hkdf_info, EVP_PKEY_CTX_hkdf_mode - HMAC-based Extract-and-Expand key derivation algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *pctx, int mode);
+
+ int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
+
+ int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                 int saltlen);
+
+ int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *pctx, unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *pctx, unsigned char *info,
+                                 int infolen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_HKDF algorithm implements the HKDF key derivation function. HKDF follows the &quot;extract-then-expand&quot; paradigm, where the KDF logically consists of two modules. The first stage takes the input keying material and &quot;extracts&quot; from it a fixed-length pseudorandom key K. The second stage &quot;expands&quot; the key K into several additional pseudorandom keys (the output of the KDF).</p>
+
+<p>EVP_PKEY_CTX_hkdf_mode() sets the mode for the HKDF operation. There are three modes that are currently defined:</p>
+
+<dl>
+
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND">EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND</dt>
+<dd>
+
+<p>This is the default mode. Calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> on an EVP_PKEY_CTX set up for HKDF will perform an extract followed by an expand operation in one go. The derived key returned will be the result after the expand operation. The intermediate fixed-length pseudorandom key K is not returned.</p>
+
+<p>In this mode the digest, key, salt and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY">EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the extract operation. The value returned will be the intermediate fixed-length pseudorandom key K.</p>
+
+<p>The digest, key and salt values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+<dt id="EVP_PKEY_HKDEF_MODE_EXPAND_ONLY">EVP_PKEY_HKDEF_MODE_EXPAND_ONLY</dt>
+<dd>
+
+<p>In this mode calling <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> will just perform the expand operation. The input key should be set to the intermediate fixed-length pseudorandom key K returned from a previous extract operation.</p>
+
+<p>The digest, key and info values must be set before a key is derived or an error occurs.</p>
+
+</dd>
+</dl>
+
+<p>EVP_PKEY_CTX_set_hkdf_md() sets the message digest associated with the HKDF.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_salt() sets the salt to <b>saltlen</b> bytes of the buffer <b>salt</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_set1_hkdf_key() sets the key to <b>keylen</b> bytes of the buffer <b>key</b>. Any existing value is replaced.</p>
+
+<p>EVP_PKEY_CTX_add1_hkdf_info() sets the info value to <b>infolen</b> bytes of the buffer <b>info</b>. If a value is already set, it is appended to the existing value.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>HKDF also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>type</b> parameter &quot;md&quot; uses the supplied <b>value</b> as the name of the digest algorithm to use. The <b>type</b> parameter &quot;mode&quot; uses the values &quot;EXTRACT_AND_EXPAND&quot;, &quot;EXTRACT_ONLY&quot; and &quot;EXPAND_ONLY&quot; to determine the mode to use. The <b>type</b> parameters &quot;salt&quot;, &quot;key&quot; and &quot;info&quot; use the supplied <b>value</b> parameter as a <b>seed</b>, <b>key</b> or <b>info</b> value. The names &quot;hexsalt&quot;, &quot;hexkey&quot; and &quot;hexinfo&quot; are similar except they take a hex string which is converted to binary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>A context for HKDF can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);</code></pre>
+
+<p>The total length of the info buffer cannot exceed 1024 bytes in length: this should be more than enough for any normal use of HKDF.</p>
+
+<p>The output length of an HKDF expand operation is specified via the length parameter to the <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> function. Since the HKDF output length is variable, passing a <b>NULL</b> buffer as a means to obtain the requisite length is not meaningful with HKDF in any mode that performs an expand operation. Instead, the caller must allocate a buffer of the desired length, and pass that buffer to <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> along with (a pointer initialized to) the desired length. Passing a <b>NULL</b> buffer to obtain the length is allowed when using EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY.</p>
+
+<p>Optimised versions of HKDF can be implemented in an ENGINE.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives 10 bytes using SHA-256 with the secret key &quot;secret&quot;, salt value &quot;salt&quot; and info value &quot;label&quot;:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, &quot;salt&quot;, 4) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_hkdf_key(pctx, &quot;secret&quot;, 6) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_hkdf_info(pctx, &quot;label&quot;, 5) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0)
+     /* Error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 5869</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_mac_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_mac_key.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_mac_key.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_bits.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_bits.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_bits.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_primes.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_primes.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_primes.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_mgf1_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_mgf1_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_mgf1_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_oaep_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_oaep_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_oaep_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_padding.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_padding.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_padding.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html
new file mode 100644
index 000000000..8b1b00e65
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html
@@ -0,0 +1,93 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_rsa_pss_keygen_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Signing-and-Verification">Signing and Verification</a></li>
+      <li><a href="#Key-Generation">Key Generation</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_md, EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md, EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen - EVP_PKEY RSA-PSS algorithm support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_md(EVP_PKEY_CTX *pctx,
+                                        const EVP_MD *md);
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(EVP_PKEY_CTX *pctx,
+                                             const EVP_MD *md);
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *pctx,
+                                             int saltlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These are the functions that implement <a href="../man7/RSA-PSS.html">RSA-PSS(7)</a>.</p>
+
+<h2 id="Signing-and-Verification">Signing and Verification</h2>
+
+<p>The macro EVP_PKEY_CTX_set_rsa_padding() is supported but an error is returned if an attempt is made to set the padding mode to anything other than <b>PSS</b>. It is otherwise similar to the <b>RSA</b> version.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro is used to set the salt length. If the key has usage restrictions then an error is returned if an attempt is made to set the salt length below the minimum value. It is otherwise similar to the <b>RSA</b> operation except detection of the salt length (using RSA_PSS_SALTLEN_AUTO) is not supported for verification if the key has usage restrictions.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() and EVP_PKEY_CTX_set_rsa_mgf1_md() macros are used to set the digest and MGF1 algorithms respectively. If the key has usage restrictions then an error is returned if an attempt is made to set the digest to anything other than the restricted value. Otherwise these are similar to the <b>RSA</b> versions.</p>
+
+<h2 id="Key-Generation">Key Generation</h2>
+
+<p>As with RSA key generation the EVP_PKEY_CTX_set_rsa_keygen_bits() and EVP_PKEY_CTX_set_rsa_keygen_pubexp() macros are supported for RSA-PSS: they have exactly the same meaning as for the RSA algorithm.</p>
+
+<p>Optional parameter restrictions can be specified when generating a PSS key. If any restrictions are set (using the macros described below) then <b>all</b> parameters are restricted. For example, setting a minimum salt length also restricts the digest and MGF1 algorithms. If any restrictions are in place then they are reflected in the corresponding parameters of the public key when (for example) a certificate request is signed.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_md() restricts the digest algorithm the generated key can use to <b>md</b>.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md() restricts the MGF1 algorithm the generated key can use to <b>md</b>.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen() restricts the minimum salt length to <b>saltlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A context for the <b>RSA-PSS</b> algorithm can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA_PSS, NULL);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/RSA-PSS.html">RSA-PSS(7)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.html
new file mode 100644
index 000000000..8b1b00e65
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.html
@@ -0,0 +1,93 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_rsa_pss_keygen_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Signing-and-Verification">Signing and Verification</a></li>
+      <li><a href="#Key-Generation">Key Generation</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_md, EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md, EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen - EVP_PKEY RSA-PSS algorithm support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_md(EVP_PKEY_CTX *pctx,
+                                        const EVP_MD *md);
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(EVP_PKEY_CTX *pctx,
+                                             const EVP_MD *md);
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *pctx,
+                                             int saltlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These are the functions that implement <a href="../man7/RSA-PSS.html">RSA-PSS(7)</a>.</p>
+
+<h2 id="Signing-and-Verification">Signing and Verification</h2>
+
+<p>The macro EVP_PKEY_CTX_set_rsa_padding() is supported but an error is returned if an attempt is made to set the padding mode to anything other than <b>PSS</b>. It is otherwise similar to the <b>RSA</b> version.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro is used to set the salt length. If the key has usage restrictions then an error is returned if an attempt is made to set the salt length below the minimum value. It is otherwise similar to the <b>RSA</b> operation except detection of the salt length (using RSA_PSS_SALTLEN_AUTO) is not supported for verification if the key has usage restrictions.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() and EVP_PKEY_CTX_set_rsa_mgf1_md() macros are used to set the digest and MGF1 algorithms respectively. If the key has usage restrictions then an error is returned if an attempt is made to set the digest to anything other than the restricted value. Otherwise these are similar to the <b>RSA</b> versions.</p>
+
+<h2 id="Key-Generation">Key Generation</h2>
+
+<p>As with RSA key generation the EVP_PKEY_CTX_set_rsa_keygen_bits() and EVP_PKEY_CTX_set_rsa_keygen_pubexp() macros are supported for RSA-PSS: they have exactly the same meaning as for the RSA algorithm.</p>
+
+<p>Optional parameter restrictions can be specified when generating a PSS key. If any restrictions are set (using the macros described below) then <b>all</b> parameters are restricted. For example, setting a minimum salt length also restricts the digest and MGF1 algorithms. If any restrictions are in place then they are reflected in the corresponding parameters of the public key when (for example) a certificate request is signed.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_md() restricts the digest algorithm the generated key can use to <b>md</b>.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md() restricts the MGF1 algorithm the generated key can use to <b>md</b>.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen() restricts the minimum salt length to <b>saltlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A context for the <b>RSA-PSS</b> algorithm can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA_PSS, NULL);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/RSA-PSS.html">RSA-PSS(7)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.html
new file mode 100644
index 000000000..8b1b00e65
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.html
@@ -0,0 +1,93 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_rsa_pss_keygen_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Signing-and-Verification">Signing and Verification</a></li>
+      <li><a href="#Key-Generation">Key Generation</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_md, EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md, EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen - EVP_PKEY RSA-PSS algorithm support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_md(EVP_PKEY_CTX *pctx,
+                                        const EVP_MD *md);
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(EVP_PKEY_CTX *pctx,
+                                             const EVP_MD *md);
+ int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *pctx,
+                                             int saltlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These are the functions that implement <a href="../man7/RSA-PSS.html">RSA-PSS(7)</a>.</p>
+
+<h2 id="Signing-and-Verification">Signing and Verification</h2>
+
+<p>The macro EVP_PKEY_CTX_set_rsa_padding() is supported but an error is returned if an attempt is made to set the padding mode to anything other than <b>PSS</b>. It is otherwise similar to the <b>RSA</b> version.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro is used to set the salt length. If the key has usage restrictions then an error is returned if an attempt is made to set the salt length below the minimum value. It is otherwise similar to the <b>RSA</b> operation except detection of the salt length (using RSA_PSS_SALTLEN_AUTO) is not supported for verification if the key has usage restrictions.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() and EVP_PKEY_CTX_set_rsa_mgf1_md() macros are used to set the digest and MGF1 algorithms respectively. If the key has usage restrictions then an error is returned if an attempt is made to set the digest to anything other than the restricted value. Otherwise these are similar to the <b>RSA</b> versions.</p>
+
+<h2 id="Key-Generation">Key Generation</h2>
+
+<p>As with RSA key generation the EVP_PKEY_CTX_set_rsa_keygen_bits() and EVP_PKEY_CTX_set_rsa_keygen_pubexp() macros are supported for RSA-PSS: they have exactly the same meaning as for the RSA algorithm.</p>
+
+<p>Optional parameter restrictions can be specified when generating a PSS key. If any restrictions are set (using the macros described below) then <b>all</b> parameters are restricted. For example, setting a minimum salt length also restricts the digest and MGF1 algorithms. If any restrictions are in place then they are reflected in the corresponding parameters of the public key when (for example) a certificate request is signed.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_md() restricts the digest algorithm the generated key can use to <b>md</b>.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md() restricts the MGF1 algorithm the generated key can use to <b>md</b>.</p>
+
+<p>EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen() restricts the minimum salt length to <b>saltlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A context for the <b>RSA-PSS</b> algorithm can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA_PSS, NULL);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/RSA-PSS.html">RSA-PSS(7)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_N.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_N.html
new file mode 100644
index 000000000..d1d4b0eb7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_N.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_scrypt_N</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt, EVP_PKEY_CTX_set_scrypt_N, EVP_PKEY_CTX_set_scrypt_r, EVP_PKEY_CTX_set_scrypt_p, EVP_PKEY_CTX_set_scrypt_maxmem_bytes - EVP_PKEY scrypt KDF support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                   int saltlen);
+
+ int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *pctx, uint64_t N);
+
+ int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *pctx, uint64_t r);
+
+ int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *pctx, uint64_t p);
+
+ int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *pctx,
+                                          uint64_t maxmem);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to set up the necessary data to use the scrypt KDF. For more information on scrypt, see <a href="../man7/scrypt.html">scrypt(7)</a>.</p>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt() sets the <b>saltlen</b> bytes long salt value.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_N(), EVP_PKEY_CTX_set_scrypt_r() and EVP_PKEY_CTX_set_scrypt_p() configure the work factors N, r and p.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_maxmem_bytes() sets how much RAM key derivation may maximally use, given in bytes. If RAM is exceeded because the load factors are chosen too high, the key derivation will fail.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>scrypt also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. Similarly, the <b>salt</b> can either be specified using the <b>type</b> parameter &quot;salt&quot; or in hex encoding by using the &quot;hexsalt&quot; parameter. The work factors <b>N</b>, <b>r</b> and <b>p</b> as well as <b>maxmem_bytes</b> can be set by using the parameters &quot;N&quot;, &quot;r&quot;, &quot;p&quot; and &quot;maxmem_bytes&quot;, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as the value from the string controls &quot;pass&quot; and &quot;hexpass&quot;. See <a href="../man3/EVP_PKEY_CTX_set1_pbe_pass.html">EVP_PKEY_CTX_set1_pbe_pass(3)</a>.</p>
+
+<p>All the functions described here are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/scrypt.html">scrypt(7)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.html
new file mode 100644
index 000000000..d1d4b0eb7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_scrypt_N</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt, EVP_PKEY_CTX_set_scrypt_N, EVP_PKEY_CTX_set_scrypt_r, EVP_PKEY_CTX_set_scrypt_p, EVP_PKEY_CTX_set_scrypt_maxmem_bytes - EVP_PKEY scrypt KDF support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                   int saltlen);
+
+ int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *pctx, uint64_t N);
+
+ int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *pctx, uint64_t r);
+
+ int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *pctx, uint64_t p);
+
+ int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *pctx,
+                                          uint64_t maxmem);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to set up the necessary data to use the scrypt KDF. For more information on scrypt, see <a href="../man7/scrypt.html">scrypt(7)</a>.</p>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt() sets the <b>saltlen</b> bytes long salt value.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_N(), EVP_PKEY_CTX_set_scrypt_r() and EVP_PKEY_CTX_set_scrypt_p() configure the work factors N, r and p.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_maxmem_bytes() sets how much RAM key derivation may maximally use, given in bytes. If RAM is exceeded because the load factors are chosen too high, the key derivation will fail.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>scrypt also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. Similarly, the <b>salt</b> can either be specified using the <b>type</b> parameter &quot;salt&quot; or in hex encoding by using the &quot;hexsalt&quot; parameter. The work factors <b>N</b>, <b>r</b> and <b>p</b> as well as <b>maxmem_bytes</b> can be set by using the parameters &quot;N&quot;, &quot;r&quot;, &quot;p&quot; and &quot;maxmem_bytes&quot;, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as the value from the string controls &quot;pass&quot; and &quot;hexpass&quot;. See <a href="../man3/EVP_PKEY_CTX_set1_pbe_pass.html">EVP_PKEY_CTX_set1_pbe_pass(3)</a>.</p>
+
+<p>All the functions described here are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/scrypt.html">scrypt(7)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_p.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_p.html
new file mode 100644
index 000000000..d1d4b0eb7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_p.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_scrypt_N</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt, EVP_PKEY_CTX_set_scrypt_N, EVP_PKEY_CTX_set_scrypt_r, EVP_PKEY_CTX_set_scrypt_p, EVP_PKEY_CTX_set_scrypt_maxmem_bytes - EVP_PKEY scrypt KDF support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                   int saltlen);
+
+ int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *pctx, uint64_t N);
+
+ int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *pctx, uint64_t r);
+
+ int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *pctx, uint64_t p);
+
+ int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *pctx,
+                                          uint64_t maxmem);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to set up the necessary data to use the scrypt KDF. For more information on scrypt, see <a href="../man7/scrypt.html">scrypt(7)</a>.</p>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt() sets the <b>saltlen</b> bytes long salt value.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_N(), EVP_PKEY_CTX_set_scrypt_r() and EVP_PKEY_CTX_set_scrypt_p() configure the work factors N, r and p.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_maxmem_bytes() sets how much RAM key derivation may maximally use, given in bytes. If RAM is exceeded because the load factors are chosen too high, the key derivation will fail.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>scrypt also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. Similarly, the <b>salt</b> can either be specified using the <b>type</b> parameter &quot;salt&quot; or in hex encoding by using the &quot;hexsalt&quot; parameter. The work factors <b>N</b>, <b>r</b> and <b>p</b> as well as <b>maxmem_bytes</b> can be set by using the parameters &quot;N&quot;, &quot;r&quot;, &quot;p&quot; and &quot;maxmem_bytes&quot;, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as the value from the string controls &quot;pass&quot; and &quot;hexpass&quot;. See <a href="../man3/EVP_PKEY_CTX_set1_pbe_pass.html">EVP_PKEY_CTX_set1_pbe_pass(3)</a>.</p>
+
+<p>All the functions described here are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/scrypt.html">scrypt(7)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_r.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_r.html
new file mode 100644
index 000000000..d1d4b0eb7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_r.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_scrypt_N</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt, EVP_PKEY_CTX_set_scrypt_N, EVP_PKEY_CTX_set_scrypt_r, EVP_PKEY_CTX_set_scrypt_p, EVP_PKEY_CTX_set_scrypt_maxmem_bytes - EVP_PKEY scrypt KDF support functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
+                                   int saltlen);
+
+ int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *pctx, uint64_t N);
+
+ int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *pctx, uint64_t r);
+
+ int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *pctx, uint64_t p);
+
+ int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *pctx,
+                                          uint64_t maxmem);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to set up the necessary data to use the scrypt KDF. For more information on scrypt, see <a href="../man7/scrypt.html">scrypt(7)</a>.</p>
+
+<p>EVP_PKEY_CTX_set1_scrypt_salt() sets the <b>saltlen</b> bytes long salt value.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_N(), EVP_PKEY_CTX_set_scrypt_r() and EVP_PKEY_CTX_set_scrypt_p() configure the work factors N, r and p.</p>
+
+<p>EVP_PKEY_CTX_set_scrypt_maxmem_bytes() sets how much RAM key derivation may maximally use, given in bytes. If RAM is exceeded because the load factors are chosen too high, the key derivation will fail.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>scrypt also supports string based control operations via <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. Similarly, the <b>salt</b> can either be specified using the <b>type</b> parameter &quot;salt&quot; or in hex encoding by using the &quot;hexsalt&quot; parameter. The work factors <b>N</b>, <b>r</b> and <b>p</b> as well as <b>maxmem_bytes</b> can be set by using the parameters &quot;N&quot;, &quot;r&quot;, &quot;p&quot; and &quot;maxmem_bytes&quot;, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as the value from the string controls &quot;pass&quot; and &quot;hexpass&quot;. See <a href="../man3/EVP_PKEY_CTX_set1_pbe_pass.html">EVP_PKEY_CTX_set1_pbe_pass(3)</a>.</p>
+
+<p>All the functions described here are implemented as macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/scrypt.html">scrypt(7)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_signature_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_signature_md.html
new file mode 100644
index 000000000..76e906068
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_signature_md.html
@@ -0,0 +1,272 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#RSA-parameters">RSA parameters</a></li>
+      <li><a href="#DSA-parameters">DSA parameters</a></li>
+      <li><a href="#DH-parameters">DH parameters</a></li>
+      <li><a href="#DH-key-derivation-function-parameters">DH key derivation function parameters</a></li>
+      <li><a href="#EC-parameters">EC parameters</a></li>
+      <li><a href="#ECDH-parameters">ECDH parameters</a></li>
+      <li><a href="#ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</a></li>
+      <li><a href="#Other-parameters">Other parameters</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_CTX_ctrl_uint64, EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_get_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_keygen_bits, EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_rsa_keygen_primes, EVP_PKEY_CTX_set_rsa_mgf1_md, EVP_PKEY_CTX_get_rsa_mgf1_md, EVP_PKEY_CTX_set_rsa_oaep_md, EVP_PKEY_CTX_get_rsa_oaep_md, EVP_PKEY_CTX_set0_rsa_oaep_label, EVP_PKEY_CTX_get0_rsa_oaep_label, EVP_PKEY_CTX_set_dsa_paramgen_bits, EVP_PKEY_CTX_set_dh_paramgen_prime_len, EVP_PKEY_CTX_set_dh_paramgen_subprime_len, EVP_PKEY_CTX_set_dh_paramgen_generator, EVP_PKEY_CTX_set_dh_paramgen_type, EVP_PKEY_CTX_set_dh_rfc5114, EVP_PKEY_CTX_set_dhx_rfc5114, EVP_PKEY_CTX_set_dh_pad, EVP_PKEY_CTX_set_dh_nid, EVP_PKEY_CTX_set_dh_kdf_type, EVP_PKEY_CTX_get_dh_kdf_type, EVP_PKEY_CTX_set0_dh_kdf_oid, EVP_PKEY_CTX_get0_dh_kdf_oid, EVP_PKEY_CTX_set_dh_kdf_md, EVP_PKEY_CTX_get_dh_kdf_md, EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, EVP_PKEY_CTX_get_ecdh_cofactor_mode, EVP_PKEY_CTX_set_ecdh_kdf_type, EVP_PKEY_CTX_get_ecdh_kdf_type, EVP_PKEY_CTX_set_ecdh_kdf_md, EVP_PKEY_CTX_get_ecdh_kdf_md, EVP_PKEY_CTX_set_ecdh_kdf_outlen, EVP_PKEY_CTX_get_ecdh_kdf_outlen, EVP_PKEY_CTX_set0_ecdh_kdf_ukm, EVP_PKEY_CTX_get0_ecdh_kdf_ukm, EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len - algorithm specific control operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                       int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                              int cmd, uint64_t value);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                           const char *value);
+
+ int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
+
+ int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
+
+ #include &lt;openssl/rsa.h&gt;
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+ int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len);
+ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+ int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type);
+ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114);
+ int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+ int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+ int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ #include &lt;openssl/ec.h&gt;
+
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+ int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+ int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+ int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+ int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+ int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+ int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
+ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+ int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_CTX_ctrl() sends a control operation to the context <b>ctx</b>. The key type used must match <b>keytype</b> if it is not -1. The parameter <b>optype</b> is a mask indicating which operations the control can be applied to. The control command is indicated in <b>cmd</b> and any additional arguments in <b>p1</b> and <b>p2</b>.</p>
+
+<p>For <b>cmd</b> = <b>EVP_PKEY_CTRL_SET_MAC_KEY</b>, <b>p1</b> is the length of the MAC key, and <b>p2</b> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.</p>
+
+<p>Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will instead call one of the algorithm specific macros below.</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a uint64 value as <b>p2</b> to EVP_PKEY_CTX_ctrl().</p>
+
+<p>The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm specific control operation to a context <b>ctx</b> in string form. This is intended to be used for options specified on the command line or in text files. The commands supported are documented in the openssl utility command line pages for the option <b>-pkeyopt</b> which is supported by the <b>pkeyutl</b>, <b>genpkey</b> and <b>req</b> commands.</p>
+
+<p>The function EVP_PKEY_CTX_md() sends a message digest control operation to the context <b>ctx</b>. The message digest is specified by its name <b>md</b>.</p>
+
+<p>All the remaining &quot;functions&quot; are implemented as macros.</p>
+
+<p>The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a signature. It can be used in the RSA, DSA and ECDSA algorithms.</p>
+
+<p>Key generation typically involves setting up parameters to be used and generating the private and public key data. Some algorithm implementations allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() macro. In this case key generation is simply the process of setting up the parameters for the key and then setting the raw key data to the value explicitly provided by that macro. Normally applications would call <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or similar functions instead of this macro.</p>
+
+<p>The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> function.</p>
+
+<h2 id="RSA-parameters">RSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_rsa_padding() macro sets the RSA padding mode for <b>ctx</b>. The <b>pad</b> parameter can take the value <b>RSA_PKCS1_PADDING</b> for PKCS#1 padding, <b>RSA_SSLV23_PADDING</b> for SSLv23 padding, <b>RSA_NO_PADDING</b> for no padding, <b>RSA_PKCS1_OAEP_PADDING</b> for OAEP padding (encrypt and decrypt only), <b>RSA_X931_PADDING</b> for X9.31 padding (signature operations only) and <b>RSA_PKCS1_PSS_PADDING</b> (sign and verify only).</p>
+
+<p>Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is used. If this macro is called for PKCS#1 padding the plaintext buffer is an actual digest value and is encapsulated in a DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. If this control is not used with RSA and PKCS#1 padding then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_padding() macro gets the RSA padding mode for <b>ctx</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to <b>len</b>. As its name implies it is only supported for PSS padding. Three special values are supported: <b>RSA_PSS_SALTLEN_DIGEST</b> sets the salt length to the digest length, <b>RSA_PSS_SALTLEN_MAX</b> sets the salt length to the maximum permissible value. When verifying <b>RSA_PSS_SALTLEN_AUTO</b> causes the salt length to be automatically determined based on the <b>PSS</b> block structure. If this macro is not called maximum salt length is used when signing and auto detection when verifying is used by default.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_pss_saltlen() macro gets the RSA PSS salt length for <b>ctx</b>. The padding mode must have been set to <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for RSA key generation to <b>bits</b>. If not specified 1024 bits is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value for RSA key generation to <b>pubexp</b>. Currently it should be an odd integer. The <b>pubexp</b> pointer is used internally by this function so it should not be modified or freed after the call. If not specified 65537 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for RSA key generation to <b>primes</b>. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_mgf1_md() macro sets the MGF1 digest for RSA padding schemes to <b>md</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_mgf1_md() macro gets the MGF1 digest for <b>ctx</b>. If not explicitly set the signing digest is used. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b> or <b>RSA_PKCS1_PSS_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_rsa_oaep_md() macro sets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get_rsa_oaep_md() macro gets the message digest type used in RSA OAEP to <b>md</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_rsa_oaep_label() macro sets the RSA OAEP label to <b>label</b> and its length to <b>len</b>. If <b>label</b> is NULL or <b>len</b> is 0, the label is cleared. The library takes ownership of the label so the caller should not free the original memory pointed to by <b>label</b>. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_rsa_oaep_label() macro gets the RSA OAEP label to <b>label</b>. The return value is the label length. The padding mode must have been set to <b>RSA_PKCS1_OAEP_PADDING</b>. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="DSA-parameters">DSA parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used for DSA parameter generation to <b>bits</b>. If not specified 1024 is used.</p>
+
+<h2 id="DH-parameters">DH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH prime parameter <b>p</b> for DH parameter generation. If this macro is not called then 1024 is used. Only accepts lengths greater than or equal to 256.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH optional subprime parameter <b>q</b> for DH parameter generation. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. The DH paramgen type must have been set to x9.42.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to <b>gen</b> for DH parameter generation. If not specified 2 is used.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If <b>pad</b> is 1 the shared secret is padded with zeroes up to the size of the DH prime <b>p</b>. If <b>pad</b> is zero (the default) then no padding is performed.</p>
+
+<p>EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to <b>nid</b> as defined in RFC7919. The <b>nid</b> parameter must be <b>NID_ffdhe2048</b>, <b>NID_ffdhe3072</b>, <b>NID_ffdhe4096</b>, <b>NID_ffdhe6144</b>, <b>NID_ffdhe8192</b> or <b>NID_undef</b> to clear the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are synonymous. They set the DH parameters to the values defined in RFC5114. The <b>rfc5114</b> parameter must be 1, 2 or 3 corresponding to RFC5114 sections 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called during parameter generation. The <b>ctx</b> must have a key type of <b>EVP_PKEY_DHX</b>. The rfc5114 parameter and the nid parameter are mutually exclusive.</p>
+
+<h2 id="DH-key-derivation-function-parameters">DH key derivation function parameters</h2>
+
+<p>Note that all of the following functions require that the <b>ctx</b> parameter has a private key type of <b>EVP_PKEY_DHX</b>. When using key derivation, the output of EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. The KDF output is typically used as a Key Encryption Key (KEK) that in turn encrypts a Content Encryption Key (CEK).</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b> which uses the key derivation specified in RFC2631 (based on the keying algorithm described in X9.42). When using key derivation, the <b>kdf_oid</b>, <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type for <b>ctx</b> used for DH key derivation. Possible values are <b>EVP_PKEY_DH_KDF_NONE</b> and <b>EVP_PKEY_DH_KDF_X9_42</b>.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function object identifier to <b>oid</b> for DH key derivation. This OID should identify the algorithm to be used with the Content Encryption Key. The library takes ownership of the object identifier so the caller should not free the original memory pointed to by <b>oid</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid for <b>ctx</b> used for DH key derivation. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for DH key derivation. Note that RFC2631 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for DH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to <b>ukm</b> and its length to <b>len</b> for DH key derivation. This parameter is optional and corresponds to the partyAInfo field in RFC2631 terms. The specification requires that it is 512 bits long but this is not enforced by OpenSSL. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="EC-parameters">EC parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter generation to <b>nid</b>. For EC parameter generation this macro must be called or an error occurs because there is no default curve. This function can also be called to set the curve explicitly when generating an EC key.</p>
+
+<p>The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to <b>param_enc</b> when generating EC parameters or an EC key. The encoding can be <b>OPENSSL_EC_EXPLICIT_CURVE</b> for explicit parameters (the default in versions of OpenSSL before 1.1.0) or <b>OPENSSL_EC_NAMED_CURVE</b> to use named curve form. For maximum compatibility the named curve form should be used. Note: the <b>OPENSSL_EC_NAMED_CURVE</b> value was added in OpenSSL 1.1.0; previous versions should use 0 instead.</p>
+
+<h2 id="ECDH-parameters">ECDH parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to <b>cofactor_mode</b> for ECDH key derivation. Possible values are 1 to enable cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor mode and fallback to the private key cofactor mode.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for <b>ctx</b> used for ECDH key derivation. Possible values are 1 when cofactor key derivation is enabled and 0 otherwise.</p>
+
+<h2 id="ECDH-key-derivation-function-parameters">ECDH key derivation function parameters</h2>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type to <b>kdf</b> for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b> which uses the key derivation specified in X9.63. When using key derivation, the <b>kdf_md</b> and <b>kdf_outlen</b> parameters must also be specified.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function type for <b>ctx</b> used for ECDH key derivation. Possible values are <b>EVP_PKEY_ECDH_KDF_NONE</b> and <b>EVP_PKEY_ECDH_KDF_X9_63</b>.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function message digest to <b>md</b> for ECDH key derivation. Note that X9.63 specifies that this digest should be SHA1 but OpenSSL tolerates other digests.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function message digest for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function output length to <b>len</b> for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function output length for <b>ctx</b> used for ECDH key derivation.</p>
+
+<p>The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to <b>ukm</b> for ECDH key derivation. This parameter is optional and corresponds to the shared info in X9.63 terms. The library takes ownership of the user key material so the caller should not free the original memory pointed to by <b>ukm</b>.</p>
+
+<p>The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for <b>ctx</b>. The return value is the user key material length. The resulting pointer is owned by the library and should not be freed by the caller.</p>
+
+<h2 id="Other-parameters">Other parameters</h2>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros are used to manipulate the special identifier field for specific signature algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by <b>id</b> with the length <b>id_len</b> to the library. The library takes a copy of the id so that the caller can safely free the original memory pointed to by <b>id</b>. The EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() macro returns the previously set ID value to caller in <b>id</b>. The caller should allocate adequate memory space for the <b>id</b> before calling EVP_PKEY_CTX_get1_id().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html
new file mode 100644
index 000000000..15e36d81a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_CTX_set_tls1_prf_md</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STRING-CTRLS">STRING CTRLS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_CTX_set_tls1_prf_md, EVP_PKEY_CTX_set1_tls1_prf_secret, EVP_PKEY_CTX_add1_tls1_prf_seed - TLS PRF key derivation algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/kdf.h&gt;
+
+ int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *pctx, const EVP_MD *md);
+ int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *pctx,
+                                       unsigned char *sec, int seclen);
+ int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *pctx,
+                                     unsigned char *seed, int seedlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>EVP_PKEY_TLS1_PRF</b> algorithm implements the PRF key derivation function for TLS. It has no associated private key and only implements key derivation using <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<p>EVP_PKEY_set_tls1_prf_md() sets the message digest associated with the TLS PRF. EVP_md5_sha1() is treated as a special case which uses the PRF algorithm using both <b>MD5</b> and <b>SHA1</b> as used in TLS 1.0 and 1.1.</p>
+
+<p>EVP_PKEY_CTX_set_tls1_prf_secret() sets the secret value of the TLS PRF to <b>seclen</b> bytes of the buffer <b>sec</b>. Any existing secret value is replaced and any seed is reset.</p>
+
+<p>EVP_PKEY_CTX_add1_tls1_prf_seed() sets the seed to <b>seedlen</b> bytes of <b>seed</b>. If a seed is already set it is appended to the existing value.</p>
+
+<h1 id="STRING-CTRLS">STRING CTRLS</h1>
+
+<p>The TLS PRF also supports string based control operations using <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>. The <b>type</b> parameter &quot;md&quot; uses the supplied <b>value</b> as the name of the digest algorithm to use. The <b>type</b> parameters &quot;secret&quot; and &quot;seed&quot; use the supplied <b>value</b> parameter as a secret or seed value. The names &quot;hexsecret&quot; and &quot;hexseed&quot; are similar except they take a hex string which is converted to binary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>A context for the TLS PRF can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);</code></pre>
+
+<p>The digest, secret value and seed must be set before a key is derived or an error occurs.</p>
+
+<p>The total length of all seeds cannot exceed 1024 bytes in length: this should be more than enough for any normal use of the TLS PRF.</p>
+
+<p>The output length of the PRF is specified by the length parameter in the EVP_PKEY_derive() function. Since the output length is variable, setting the buffer to <b>NULL</b> is not meaningful for the TLS PRF.</p>
+
+<p>Optimised versions of the TLS PRF can be implemented in an ENGINE.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives 10 bytes using SHA-256 with the secret key &quot;secret&quot; and seed value &quot;seed&quot;:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, &quot;secret&quot;, 6) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, &quot;seed&quot;, 4) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0)
+     /* Error */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_METHOD.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_METHOD.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_METHOD.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_add0.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_add0.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_add0.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_add_alias.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_add_alias.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_add_alias.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_copy.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_copy.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_copy.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_find.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_find.html
new file mode 100644
index 000000000..1c348b624
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_find.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_asn1_get_count</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_asn1_find, EVP_PKEY_asn1_find_str, EVP_PKEY_asn1_get_count, EVP_PKEY_asn1_get0, EVP_PKEY_asn1_get0_info - enumerate public key ASN.1 methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_asn1_get_count(void);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+                                                    const char *str, int len);
+ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+                             int *ppkey_flags, const char **pinfo,
+                             const char **ppem_str,
+                             const EVP_PKEY_ASN1_METHOD *ameth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_asn1_count() returns a count of the number of public key ASN.1 methods available: it includes standard methods and any methods added by the application.</p>
+
+<p>EVP_PKEY_asn1_get0() returns the public key ASN.1 method <b>idx</b>. The value of <b>idx</b> must be between zero and EVP_PKEY_asn1_get_count() - 1.</p>
+
+<p>EVP_PKEY_asn1_find() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>type</b>. If <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_find_str() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with PEM type string <b>str</b>. Just like EVP_PKEY_asn1_find(), if <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns the public key ID, base public key ID (both NIDs), any flags, the method description and PEM type string associated with the public key ASN.1 method <b>*ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_count(), EVP_PKEY_asn1_get0(), EVP_PKEY_asn1_find() and EVP_PKEY_asn1_find_str() are not thread safe, but as long as all <b>EVP_PKEY_ASN1_METHOD</b> objects are added before the application gets threaded, using them is safe. See <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_count() returns the number of available public key methods.</p>
+
+<p>EVP_PKEY_asn1_get0() return a public key method or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns 0 on failure, 1 on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_asn1_new.html">EVP_PKEY_asn1_new(3)</a>, <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_find_str.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_find_str.html
new file mode 100644
index 000000000..1c348b624
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_find_str.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_asn1_get_count</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_asn1_find, EVP_PKEY_asn1_find_str, EVP_PKEY_asn1_get_count, EVP_PKEY_asn1_get0, EVP_PKEY_asn1_get0_info - enumerate public key ASN.1 methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_asn1_get_count(void);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+                                                    const char *str, int len);
+ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+                             int *ppkey_flags, const char **pinfo,
+                             const char **ppem_str,
+                             const EVP_PKEY_ASN1_METHOD *ameth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_asn1_count() returns a count of the number of public key ASN.1 methods available: it includes standard methods and any methods added by the application.</p>
+
+<p>EVP_PKEY_asn1_get0() returns the public key ASN.1 method <b>idx</b>. The value of <b>idx</b> must be between zero and EVP_PKEY_asn1_get_count() - 1.</p>
+
+<p>EVP_PKEY_asn1_find() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>type</b>. If <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_find_str() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with PEM type string <b>str</b>. Just like EVP_PKEY_asn1_find(), if <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns the public key ID, base public key ID (both NIDs), any flags, the method description and PEM type string associated with the public key ASN.1 method <b>*ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_count(), EVP_PKEY_asn1_get0(), EVP_PKEY_asn1_find() and EVP_PKEY_asn1_find_str() are not thread safe, but as long as all <b>EVP_PKEY_ASN1_METHOD</b> objects are added before the application gets threaded, using them is safe. See <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_count() returns the number of available public key methods.</p>
+
+<p>EVP_PKEY_asn1_get0() return a public key method or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns 0 on failure, 1 on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_asn1_new.html">EVP_PKEY_asn1_new(3)</a>, <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_free.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_free.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get0.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get0.html
new file mode 100644
index 000000000..1c348b624
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get0.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_asn1_get_count</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_asn1_find, EVP_PKEY_asn1_find_str, EVP_PKEY_asn1_get_count, EVP_PKEY_asn1_get0, EVP_PKEY_asn1_get0_info - enumerate public key ASN.1 methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_asn1_get_count(void);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+                                                    const char *str, int len);
+ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+                             int *ppkey_flags, const char **pinfo,
+                             const char **ppem_str,
+                             const EVP_PKEY_ASN1_METHOD *ameth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_asn1_count() returns a count of the number of public key ASN.1 methods available: it includes standard methods and any methods added by the application.</p>
+
+<p>EVP_PKEY_asn1_get0() returns the public key ASN.1 method <b>idx</b>. The value of <b>idx</b> must be between zero and EVP_PKEY_asn1_get_count() - 1.</p>
+
+<p>EVP_PKEY_asn1_find() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>type</b>. If <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_find_str() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with PEM type string <b>str</b>. Just like EVP_PKEY_asn1_find(), if <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns the public key ID, base public key ID (both NIDs), any flags, the method description and PEM type string associated with the public key ASN.1 method <b>*ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_count(), EVP_PKEY_asn1_get0(), EVP_PKEY_asn1_find() and EVP_PKEY_asn1_find_str() are not thread safe, but as long as all <b>EVP_PKEY_ASN1_METHOD</b> objects are added before the application gets threaded, using them is safe. See <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_count() returns the number of available public key methods.</p>
+
+<p>EVP_PKEY_asn1_get0() return a public key method or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns 0 on failure, 1 on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_asn1_new.html">EVP_PKEY_asn1_new(3)</a>, <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get0_info.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get0_info.html
new file mode 100644
index 000000000..1c348b624
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get0_info.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_asn1_get_count</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_asn1_find, EVP_PKEY_asn1_find_str, EVP_PKEY_asn1_get_count, EVP_PKEY_asn1_get0, EVP_PKEY_asn1_get0_info - enumerate public key ASN.1 methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_asn1_get_count(void);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+                                                    const char *str, int len);
+ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+                             int *ppkey_flags, const char **pinfo,
+                             const char **ppem_str,
+                             const EVP_PKEY_ASN1_METHOD *ameth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_asn1_count() returns a count of the number of public key ASN.1 methods available: it includes standard methods and any methods added by the application.</p>
+
+<p>EVP_PKEY_asn1_get0() returns the public key ASN.1 method <b>idx</b>. The value of <b>idx</b> must be between zero and EVP_PKEY_asn1_get_count() - 1.</p>
+
+<p>EVP_PKEY_asn1_find() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>type</b>. If <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_find_str() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with PEM type string <b>str</b>. Just like EVP_PKEY_asn1_find(), if <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns the public key ID, base public key ID (both NIDs), any flags, the method description and PEM type string associated with the public key ASN.1 method <b>*ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_count(), EVP_PKEY_asn1_get0(), EVP_PKEY_asn1_find() and EVP_PKEY_asn1_find_str() are not thread safe, but as long as all <b>EVP_PKEY_ASN1_METHOD</b> objects are added before the application gets threaded, using them is safe. See <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_count() returns the number of available public key methods.</p>
+
+<p>EVP_PKEY_asn1_get0() return a public key method or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns 0 on failure, 1 on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_asn1_new.html">EVP_PKEY_asn1_new(3)</a>, <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get_count.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get_count.html
new file mode 100644
index 000000000..1c348b624
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get_count.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_asn1_get_count</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_asn1_find, EVP_PKEY_asn1_find_str, EVP_PKEY_asn1_get_count, EVP_PKEY_asn1_get0, EVP_PKEY_asn1_get0_info - enumerate public key ASN.1 methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_asn1_get_count(void);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+                                                    const char *str, int len);
+ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+                             int *ppkey_flags, const char **pinfo,
+                             const char **ppem_str,
+                             const EVP_PKEY_ASN1_METHOD *ameth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_asn1_count() returns a count of the number of public key ASN.1 methods available: it includes standard methods and any methods added by the application.</p>
+
+<p>EVP_PKEY_asn1_get0() returns the public key ASN.1 method <b>idx</b>. The value of <b>idx</b> must be between zero and EVP_PKEY_asn1_get_count() - 1.</p>
+
+<p>EVP_PKEY_asn1_find() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>type</b>. If <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_find_str() looks up the <b>EVP_PKEY_ASN1_METHOD</b> with PEM type string <b>str</b>. Just like EVP_PKEY_asn1_find(), if <b>pe</b> isn&#39;t <b>NULL</b>, then it will look up an engine implementing a <b>EVP_PKEY_ASN1_METHOD</b> for the NID <b>type</b> and return that instead, and also set <b>*pe</b> to point at the engine that implements it.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns the public key ID, base public key ID (both NIDs), any flags, the method description and PEM type string associated with the public key ASN.1 method <b>*ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_count(), EVP_PKEY_asn1_get0(), EVP_PKEY_asn1_find() and EVP_PKEY_asn1_find_str() are not thread safe, but as long as all <b>EVP_PKEY_ASN1_METHOD</b> objects are added before the application gets threaded, using them is safe. See <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_count() returns the number of available public key methods.</p>
+
+<p>EVP_PKEY_asn1_get0() return a public key method or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>EVP_PKEY_asn1_get0_info() returns 0 on failure, 1 on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_asn1_new.html">EVP_PKEY_asn1_new(3)</a>, <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_new.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_new.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_check.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_check.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_ctrl.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_ctrl.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_free.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_free.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_get_priv_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_get_priv_key.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_get_priv_key.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_get_pub_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_get_pub_key.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_get_pub_key.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_item.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_item.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_item.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_param.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_param.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_param.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_param_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_param_check.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_param_check.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_private.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_private.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_private.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_public.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_public.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_public.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_public_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_public_check.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_public_check.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_security_bits.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_security_bits.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_security_bits.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_set_priv_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_set_priv_key.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_set_priv_key.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_set_pub_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_set_pub_key.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_set_pub_key.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_siginf.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_siginf.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_siginf.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_DH.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_DH.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_DH.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_DSA.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_DSA.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_DSA.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_EC_KEY.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_EC_KEY.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_EC_KEY.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_POLY1305.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_POLY1305.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_POLY1305.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_RSA.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_RSA.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_RSA.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_SIPHASH.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_SIPHASH.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_assign_SIPHASH.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_base_id.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_base_id.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_base_id.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_check.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_check.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_cmp.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_cmp.html
new file mode 100644
index 000000000..1d9cbaaad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_cmp.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+
+ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of <b>pkey</b> are missing and 0 if they are present or the algorithm doesn&#39;t use parameters.</p>
+
+<p>The function EVP_PKEY_copy_parameters() copies the parameters from key <b>from</b> to key <b>to</b>. An error is returned if the parameters are missing in <b>from</b> or present in both <b>from</b> and <b>to</b> and mismatch. If the parameters in <b>from</b> and <b>to</b> are both present and match this function has no effect.</p>
+
+<p>The function EVP_PKEY_cmp_parameters() compares the parameters of keys <b>a</b> and <b>b</b>.</p>
+
+<p>The function EVP_PKEY_cmp() compares the public key components and parameters (if present) of keys <b>a</b> and <b>b</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of the functions EVP_PKEY_missing_parameters() and EVP_PKEY_copy_parameters() is to handle public keys in certificates where the parameters are sometimes omitted from a public key if they are inherited from the CA that signed it.</p>
+
+<p>Since OpenSSL private keys contain public key components too the function EVP_PKEY_cmp() can also be used to determine if a private key matches a public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of <b>pkey</b> are missing and 0 if they are present or the algorithm doesn&#39;t use parameters.</p>
+
+<p>These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for failure.</p>
+
+<p>The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the keys match, 0 if they don&#39;t match, -1 if the key types are different and -2 if the operation is not supported.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_cmp_parameters.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_cmp_parameters.html
new file mode 100644
index 000000000..1d9cbaaad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_cmp_parameters.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+
+ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of <b>pkey</b> are missing and 0 if they are present or the algorithm doesn&#39;t use parameters.</p>
+
+<p>The function EVP_PKEY_copy_parameters() copies the parameters from key <b>from</b> to key <b>to</b>. An error is returned if the parameters are missing in <b>from</b> or present in both <b>from</b> and <b>to</b> and mismatch. If the parameters in <b>from</b> and <b>to</b> are both present and match this function has no effect.</p>
+
+<p>The function EVP_PKEY_cmp_parameters() compares the parameters of keys <b>a</b> and <b>b</b>.</p>
+
+<p>The function EVP_PKEY_cmp() compares the public key components and parameters (if present) of keys <b>a</b> and <b>b</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of the functions EVP_PKEY_missing_parameters() and EVP_PKEY_copy_parameters() is to handle public keys in certificates where the parameters are sometimes omitted from a public key if they are inherited from the CA that signed it.</p>
+
+<p>Since OpenSSL private keys contain public key components too the function EVP_PKEY_cmp() can also be used to determine if a private key matches a public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of <b>pkey</b> are missing and 0 if they are present or the algorithm doesn&#39;t use parameters.</p>
+
+<p>These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for failure.</p>
+
+<p>The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the keys match, 0 if they don&#39;t match, -1 if the key types are different and -2 if the operation is not supported.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_copy_parameters.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_copy_parameters.html
new file mode 100644
index 000000000..1d9cbaaad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_copy_parameters.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+
+ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of <b>pkey</b> are missing and 0 if they are present or the algorithm doesn&#39;t use parameters.</p>
+
+<p>The function EVP_PKEY_copy_parameters() copies the parameters from key <b>from</b> to key <b>to</b>. An error is returned if the parameters are missing in <b>from</b> or present in both <b>from</b> and <b>to</b> and mismatch. If the parameters in <b>from</b> and <b>to</b> are both present and match this function has no effect.</p>
+
+<p>The function EVP_PKEY_cmp_parameters() compares the parameters of keys <b>a</b> and <b>b</b>.</p>
+
+<p>The function EVP_PKEY_cmp() compares the public key components and parameters (if present) of keys <b>a</b> and <b>b</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of the functions EVP_PKEY_missing_parameters() and EVP_PKEY_copy_parameters() is to handle public keys in certificates where the parameters are sometimes omitted from a public key if they are inherited from the CA that signed it.</p>
+
+<p>Since OpenSSL private keys contain public key components too the function EVP_PKEY_cmp() can also be used to determine if a private key matches a public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of <b>pkey</b> are missing and 0 if they are present or the algorithm doesn&#39;t use parameters.</p>
+
+<p>These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for failure.</p>
+
+<p>The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the keys match, 0 if they don&#39;t match, -1 if the key types are different and -2 if the operation is not supported.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_decrypt.html
new file mode 100644
index 000000000..5ae876efd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_decrypt.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_decrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+                      unsigned char *out, size_t *outlen,
+                      const unsigned char *in, size_t inlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_decrypt_init() function initializes a public key algorithm context using key <b>pkey</b> for a decryption operation.</p>
+
+<p>The EVP_PKEY_decrypt() function performs a public key decryption operation using <b>ctx</b>. The data to be decrypted is specified using the <b>in</b> and <b>inlen</b> parameters. If <b>out</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>outlen</b> parameter. If <b>out</b> is not <b>NULL</b> then before the call the <b>outlen</b> parameter should contain the length of the <b>out</b> buffer, if the call is successful the decrypted data is written to <b>out</b> and the amount of data written to <b>outlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_decrypt_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_decrypt() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Decrypt data using OAEP (for RSA keys):</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *out, *in;
+ size_t outlen, inlen;
+ EVP_PKEY *key;
+
+ /*
+  * NB: assumes key, eng, in, inlen are already set up
+  * and that key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(key, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &amp;outlen, in, inlen) &lt;= 0)
+     /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+     /* malloc failure */
+
+ if (EVP_PKEY_decrypt(ctx, out, &amp;outlen, in, inlen) &lt;= 0)
+     /* Error */
+
+ /* Decrypted data is outlen bytes written to buffer out */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_decrypt_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_decrypt_init.html
new file mode 100644
index 000000000..5ae876efd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_decrypt_init.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_decrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+                      unsigned char *out, size_t *outlen,
+                      const unsigned char *in, size_t inlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_decrypt_init() function initializes a public key algorithm context using key <b>pkey</b> for a decryption operation.</p>
+
+<p>The EVP_PKEY_decrypt() function performs a public key decryption operation using <b>ctx</b>. The data to be decrypted is specified using the <b>in</b> and <b>inlen</b> parameters. If <b>out</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>outlen</b> parameter. If <b>out</b> is not <b>NULL</b> then before the call the <b>outlen</b> parameter should contain the length of the <b>out</b> buffer, if the call is successful the decrypted data is written to <b>out</b> and the amount of data written to <b>outlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_decrypt_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_decrypt() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Decrypt data using OAEP (for RSA keys):</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *out, *in;
+ size_t outlen, inlen;
+ EVP_PKEY *key;
+
+ /*
+  * NB: assumes key, eng, in, inlen are already set up
+  * and that key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(key, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &amp;outlen, in, inlen) &lt;= 0)
+     /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+     /* malloc failure */
+
+ if (EVP_PKEY_decrypt(ctx, out, &amp;outlen, in, inlen) &lt;= 0)
+     /* Error */
+
+ /* Decrypted data is outlen bytes written to buffer out */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive.html
new file mode 100644
index 000000000..b2e4e93e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_derive</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_derive_init() function initializes a public key algorithm context using key <b>pkey</b> for shared secret derivation.</p>
+
+<p>The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally be a public key.</p>
+
+<p>The EVP_PKEY_derive() derives a shared secret using <b>ctx</b>. If <b>key</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>keylen</b> parameter. If <b>key</b> is not <b>NULL</b> then before the call the <b>keylen</b> parameter should contain the length of the <b>key</b> buffer, if the call is successful the shared secret is written to <b>key</b> and the amount of data written to <b>keylen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_derive_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_derive() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Derive shared secret (for example DH or EC keys):</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *skey;
+ size_t skeylen;
+ EVP_PKEY *pkey, *peerkey;
+ /* NB: assumes pkey, eng, peerkey have been already set up */
+
+ ctx = EVP_PKEY_CTX_new(pkey, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_derive_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive_set_peer(ctx, peerkey) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_derive(ctx, NULL, &amp;skeylen) &lt;= 0)
+     /* Error */
+
+ skey = OPENSSL_malloc(skeylen);
+
+ if (!skey)
+     /* malloc failure */
+
+ if (EVP_PKEY_derive(ctx, skey, &amp;skeylen) &lt;= 0)
+     /* Error */
+
+ /* Shared secret is skey bytes written to buffer skey */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>,</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive_init.html
new file mode 100644
index 000000000..b2e4e93e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive_init.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_derive</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_derive_init() function initializes a public key algorithm context using key <b>pkey</b> for shared secret derivation.</p>
+
+<p>The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally be a public key.</p>
+
+<p>The EVP_PKEY_derive() derives a shared secret using <b>ctx</b>. If <b>key</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>keylen</b> parameter. If <b>key</b> is not <b>NULL</b> then before the call the <b>keylen</b> parameter should contain the length of the <b>key</b> buffer, if the call is successful the shared secret is written to <b>key</b> and the amount of data written to <b>keylen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_derive_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_derive() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Derive shared secret (for example DH or EC keys):</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *skey;
+ size_t skeylen;
+ EVP_PKEY *pkey, *peerkey;
+ /* NB: assumes pkey, eng, peerkey have been already set up */
+
+ ctx = EVP_PKEY_CTX_new(pkey, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_derive_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive_set_peer(ctx, peerkey) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_derive(ctx, NULL, &amp;skeylen) &lt;= 0)
+     /* Error */
+
+ skey = OPENSSL_malloc(skeylen);
+
+ if (!skey)
+     /* malloc failure */
+
+ if (EVP_PKEY_derive(ctx, skey, &amp;skeylen) &lt;= 0)
+     /* Error */
+
+ /* Shared secret is skey bytes written to buffer skey */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>,</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive_set_peer.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive_set_peer.html
new file mode 100644
index 000000000..b2e4e93e8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_derive_set_peer.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_derive</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_derive_init() function initializes a public key algorithm context using key <b>pkey</b> for shared secret derivation.</p>
+
+<p>The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally be a public key.</p>
+
+<p>The EVP_PKEY_derive() derives a shared secret using <b>ctx</b>. If <b>key</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>keylen</b> parameter. If <b>key</b> is not <b>NULL</b> then before the call the <b>keylen</b> parameter should contain the length of the <b>key</b> buffer, if the call is successful the shared secret is written to <b>key</b> and the amount of data written to <b>keylen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_derive_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_derive() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Derive shared secret (for example DH or EC keys):</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *skey;
+ size_t skeylen;
+ EVP_PKEY *pkey, *peerkey;
+ /* NB: assumes pkey, eng, peerkey have been already set up */
+
+ ctx = EVP_PKEY_CTX_new(pkey, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_derive_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_derive_set_peer(ctx, peerkey) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_derive(ctx, NULL, &amp;skeylen) &lt;= 0)
+     /* Error */
+
+ skey = OPENSSL_malloc(skeylen);
+
+ if (!skey)
+     /* malloc failure */
+
+ if (EVP_PKEY_derive(ctx, skey, &amp;skeylen) &lt;= 0)
+     /* Error */
+
+ /* Shared secret is skey bytes written to buffer skey */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>,</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_encrypt.html
new file mode 100644
index 000000000..62016fa74
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_encrypt.html
@@ -0,0 +1,114 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+                      unsigned char *out, size_t *outlen,
+                      const unsigned char *in, size_t inlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_encrypt_init() function initializes a public key algorithm context using key <b>pkey</b> for an encryption operation.</p>
+
+<p>The EVP_PKEY_encrypt() function performs a public key encryption operation using <b>ctx</b>. The data to be encrypted is specified using the <b>in</b> and <b>inlen</b> parameters. If <b>out</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>outlen</b> parameter. If <b>out</b> is not <b>NULL</b> then before the call the <b>outlen</b> parameter should contain the length of the <b>out</b> buffer, if the call is successful the encrypted data is written to <b>out</b> and the amount of data written to <b>outlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_encrypt_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_encrypt() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Encrypt data using OAEP (for RSA keys). See also <a href="../man3/PEM_read_PUBKEY.html">PEM_read_PUBKEY(3)</a> or <a href="../man3/d2i_X509.html">d2i_X509(3)</a> for means to load a public key. You may also simply set &#39;eng = NULL;&#39; to start with the default OpenSSL RSA implementation:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+ #include &lt;openssl/engine.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *out, *in;
+ size_t outlen, inlen;
+ EVP_PKEY *key;
+
+ /*
+  * NB: assumes eng, key, in, inlen are already set up,
+  * and that key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(key, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_encrypt_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_encrypt(ctx, NULL, &amp;outlen, in, inlen) &lt;= 0)
+     /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+     /* malloc failure */
+
+ if (EVP_PKEY_encrypt(ctx, out, &amp;outlen, in, inlen) &lt;= 0)
+     /* Error */
+
+ /* Encrypted data is outlen bytes written to buffer out */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ENGINE_by_id.html">ENGINE_by_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_encrypt_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_encrypt_init.html
new file mode 100644
index 000000000..62016fa74
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_encrypt_init.html
@@ -0,0 +1,114 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+                      unsigned char *out, size_t *outlen,
+                      const unsigned char *in, size_t inlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_encrypt_init() function initializes a public key algorithm context using key <b>pkey</b> for an encryption operation.</p>
+
+<p>The EVP_PKEY_encrypt() function performs a public key encryption operation using <b>ctx</b>. The data to be encrypted is specified using the <b>in</b> and <b>inlen</b> parameters. If <b>out</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>outlen</b> parameter. If <b>out</b> is not <b>NULL</b> then before the call the <b>outlen</b> parameter should contain the length of the <b>out</b> buffer, if the call is successful the encrypted data is written to <b>out</b> and the amount of data written to <b>outlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_encrypt_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_encrypt() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Encrypt data using OAEP (for RSA keys). See also <a href="../man3/PEM_read_PUBKEY.html">PEM_read_PUBKEY(3)</a> or <a href="../man3/d2i_X509.html">d2i_X509(3)</a> for means to load a public key. You may also simply set &#39;eng = NULL;&#39; to start with the default OpenSSL RSA implementation:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+ #include &lt;openssl/engine.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *out, *in;
+ size_t outlen, inlen;
+ EVP_PKEY *key;
+
+ /*
+  * NB: assumes eng, key, in, inlen are already set up,
+  * and that key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(key, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_encrypt_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_encrypt(ctx, NULL, &amp;outlen, in, inlen) &lt;= 0)
+     /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+     /* malloc failure */
+
+ if (EVP_PKEY_encrypt(ctx, out, &amp;outlen, in, inlen) &lt;= 0)
+     /* Error */
+
+ /* Encrypted data is outlen bytes written to buffer out */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ENGINE_by_id.html">ENGINE_by_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_free.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_free.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_gen_cb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_gen_cb.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_gen_cb.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_DH.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_DH.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_DH.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_DSA.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_DSA.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_DSA.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_EC_KEY.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_EC_KEY.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_EC_KEY.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_RSA.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_RSA.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_RSA.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_asn1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_asn1.html
new file mode 100644
index 000000000..a12e8ac1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_asn1.html
@@ -0,0 +1,341 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_ASN1_METHOD</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_ASN1_METHOD, EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_add0, EVP_PKEY_asn1_add_alias, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_item, EVP_PKEY_asn1_set_siginf, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bits, EVP_PKEY_asn1_set_set_priv_key, EVP_PKEY_asn1_set_set_pub_key, EVP_PKEY_asn1_set_get_priv_key, EVP_PKEY_asn1_set_get_pub_key, EVP_PKEY_get0_asn1 - manipulating and registering EVP_PKEY_ASN1_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                         const char *pem_str,
+                                         const char *info);
+ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                         const EVP_PKEY_ASN1_METHOD *src);
+ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+ int EVP_PKEY_asn1_add_alias(int to, int from);
+
+ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pub_decode) (EVP_PKEY *pk,
+                                                  X509_PUBKEY *pub),
+                               int (*pub_encode) (X509_PUBKEY *pub,
+                                                  const EVP_PKEY *pk),
+                               int (*pub_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                               int (*pub_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx),
+                               int (*pkey_size) (const EVP_PKEY *pk),
+                               int (*pkey_bits) (const EVP_PKEY *pk));
+ void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                                int (*priv_decode) (EVP_PKEY *pk,
+                                                    const PKCS8_PRIV_KEY_INFO
+                                                    *p8inf),
+                                int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                    const EVP_PKEY *pk),
+                                int (*priv_print) (BIO *out,
+                                                   const EVP_PKEY *pkey,
+                                                   int indent,
+                                                   ASN1_PCTX *pctx));
+ void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*param_decode) (EVP_PKEY *pkey,
+                                                   const unsigned char **pder,
+                                                   int derlen),
+                              int (*param_encode) (const EVP_PKEY *pkey,
+                                                   unsigned char **pder),
+                              int (*param_missing) (const EVP_PKEY *pk),
+                              int (*param_copy) (EVP_PKEY *to,
+                                                 const EVP_PKEY *from),
+                              int (*param_cmp) (const EVP_PKEY *a,
+                                                const EVP_PKEY *b),
+                              int (*param_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+
+ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                             void (*pkey_free) (EVP_PKEY *pkey));
+ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                               long arg1, void *arg2));
+ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*item_verify) (EVP_MD_CTX *ctx,
+                                                 const ASN1_ITEM *it,
+                                                 void *asn,
+                                                 X509_ALGOR *a,
+                                                 ASN1_BIT_STRING *sig,
+                                                 EVP_PKEY *pkey),
+                             int (*item_sign) (EVP_MD_CTX *ctx,
+                                               const ASN1_ITEM *it,
+                                               void *asn,
+                                               X509_ALGOR *alg1,
+                                               X509_ALGOR *alg2,
+                                               ASN1_BIT_STRING *sig));
+
+ void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*siginf_set) (X509_SIG_INFO *siginf,
+                                                  const X509_ALGOR *alg,
+                                                  const ASN1_STRING *sig));
+
+ void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pkey_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*pkey_param_check) (const EVP_PKEY *pk));
+
+ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                                      int (*pkey_security_bits) (const EVP_PKEY
+                                                                 *pk));
+
+ void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*set_priv_key) (EVP_PKEY *pk,
+                                                          const unsigned char
+                                                             *priv,
+                                                          size_t len));
+
+ void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*set_pub_key) (EVP_PKEY *pk,
+                                                        const unsigned char *pub,
+                                                        size_t len));
+
+ void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                     int (*get_priv_key) (const EVP_PKEY *pk,
+                                                          unsigned char *priv,
+                                                          size_t *len));
+
+ void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+                                    int (*get_pub_key) (const EVP_PKEY *pk,
+                                                        unsigned char *pub,
+                                                        size_t *len));
+
+ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_ASN1_METHOD</b> is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.</p>
+
+<p>There are two places where the <b>EVP_PKEY_ASN1_METHOD</b> objects are stored: one is a built-in array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_asn1_add0.html">EVP_PKEY_asn1_add0(3)</a>.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY</b> object.</p>
+
+<pre><code> int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                   ASN1_PCTX *pctx);</code></pre>
+
+<p>The pub_decode() and pub_encode() methods are called to decode / encode <b>X509_PUBKEY</b> ASN.1 parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/X509_PUBKEY_get0.html">X509_PUBKEY_get0(3)</a> and <a href="../man3/X509_PUBKEY_set.html">X509_PUBKEY_set(3)</a>.</p>
+
+<p>The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It&#39;s called by <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>.</p>
+
+<p>The pub_print() method is called to print a public key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_public.html">EVP_PKEY_print_public(3)</a>.</p>
+
+<pre><code> int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                    ASN1_PCTX *pctx);</code></pre>
+
+<p>The priv_decode() and priv_encode() methods are called to decode / encode <b>PKCS8_PRIV_KEY_INFO</b> form private key to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/EVP_PKCS82PKEY.html">EVP_PKCS82PKEY(3)</a> and <a href="../man3/EVP_PKEY2PKCS8.html">EVP_PKEY2PKCS8(3)</a>.</p>
+
+<p>The priv_print() method is called to print a private key in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<pre><code> int (*pkey_size) (const EVP_PKEY *pk);
+ int (*pkey_bits) (const EVP_PKEY *pk);
+ int (*pkey_security_bits) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_size() method returns the key size in bytes. It&#39;s called by <a href="../man3/EVP_PKEY_size.html">EVP_PKEY_size(3)</a>.</p>
+
+<p>The pkey_bits() method returns the key size in bits. It&#39;s called by <a href="../man3/EVP_PKEY_bits.html">EVP_PKEY_bits(3)</a>.</p>
+
+<pre><code> int (*param_decode) (EVP_PKEY *pkey,
+                      const unsigned char **pder, int derlen);
+ int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing) (const EVP_PKEY *pk);
+ int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                     ASN1_PCTX *pctx);</code></pre>
+
+<p>The param_decode() and param_encode() methods are called to decode / encode DER formatted parameters to / from <b>pk</b>. They MUST return 0 on error, 1 on success. They&#39;re called by <a href="../man3/PEM_read_bio_Parameters.html">PEM_read_bio_Parameters(3)</a> and the <b>file:</b> <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>.</p>
+
+<p>The param_missing() method returns 0 if a key parameter is missing, otherwise 1. It&#39;s called by <a href="../man3/EVP_PKEY_missing_parameters.html">EVP_PKEY_missing_parameters(3)</a>.</p>
+
+<p>The param_copy() method copies key parameters from <b>from</b> to <b>to</b>. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_copy_parameters.html">EVP_PKEY_copy_parameters(3)</a>.</p>
+
+<p>The param_cmp() method compares the parameters of keys <b>a</b> and <b>b</b>. It MUST return 1 when the keys are equal, 0 when not equal, or a negative number on error. It&#39;s called by <a href="../man3/EVP_PKEY_cmp_parameters.html">EVP_PKEY_cmp_parameters(3)</a>.</p>
+
+<p>The param_print() method prints the private key parameters in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/EVP_PKEY_print_params.html">EVP_PKEY_print_params(3)</a>.</p>
+
+<pre><code> int (*sig_print) (BIO *out,
+                   const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                   int indent, ASN1_PCTX *pctx);</code></pre>
+
+<p>The sig_print() method prints a signature in humanly readable text to <b>out</b>, indented <b>indent</b> spaces. <b>sigalg</b> contains the exact signature algorithm. If the signature in <b>sig</b> doesn&#39;t correspond to what this method expects, X509_signature_dump() must be used as a last resort. It MUST return 0 on error, 1 on success. It&#39;s called by <a href="../man3/X509_signature_print.html">X509_signature_print(3)</a>.</p>
+
+<pre><code> void (*pkey_free) (EVP_PKEY *pkey);</code></pre>
+
+<p>The pkey_free() method helps freeing the internals of <b>pkey</b>. It&#39;s called by <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>, <a href="../man3/EVP_PKEY_set_type.html">EVP_PKEY_set_type(3)</a>, <a href="../man3/EVP_PKEY_set_type_str.html">EVP_PKEY_set_type_str(3)</a>, and <a href="../man3/EVP_PKEY_assign.html">EVP_PKEY_assign(3)</a>.</p>
+
+<pre><code> int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);</code></pre>
+
+<p>The pkey_ctrl() method adds extra algorithm specific control. It&#39;s called by <a href="../man3/EVP_PKEY_get_default_digest_nid.html">EVP_PKEY_get_default_digest_nid(3)</a>, <a href="../man3/EVP_PKEY_set1_tls_encodedpoint.html">EVP_PKEY_set1_tls_encodedpoint(3)</a>, <a href="../man3/EVP_PKEY_get1_tls_encodedpoint.html">EVP_PKEY_get1_tls_encodedpoint(3)</a>, <a href="../man3/PKCS7_SIGNER_INFO_set.html">PKCS7_SIGNER_INFO_set(3)</a>, <a href="../man3/PKCS7_RECIP_INFO_set.html">PKCS7_RECIP_INFO_set(3)</a>, ...</p>
+
+<pre><code> int (*old_priv_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+ int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);</code></pre>
+
+<p>The old_priv_decode() and old_priv_encode() methods decode / encode they private key <b>pkey</b> from / to a DER formatted array. These are exclusively used to help decoding / encoding older (pre PKCS#8) PEM formatted encrypted private keys. old_priv_decode() MUST return 0 on error, 1 on success. old_priv_encode() MUST the return same kind of values as i2d_PrivateKey(). They&#39;re called by <a href="../man3/d2i_PrivateKey.html">d2i_PrivateKey(3)</a> and <a href="../man3/i2d_PrivateKey.html">i2d_PrivateKey(3)</a>.</p>
+
+<pre><code> int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                     X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                   X509_ALGOR *alg1, X509_ALGOR *alg2,
+                   ASN1_BIT_STRING *sig);</code></pre>
+
+<p>The item_sign() and item_verify() methods make it possible to have algorithm specific signatures and verification of them.</p>
+
+<p>item_sign() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-0">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod2">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+<dt id="pod3">3</dt>
+<dd>
+
+<p>item_sign() set the algorithm identifier <b>algor1</b> and <b>algor2</b>, OpenSSL internals should just sign using those algorithms.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() MUST return one of:</p>
+
+<dl>
+
+<dt id="pod-01">&lt;=0</dt>
+<dd>
+
+<p>error</p>
+
+</dd>
+<dt id="pod11">1</dt>
+<dd>
+
+<p>item_sign() did everything, OpenSSL internals just needs to pass the signature length back.</p>
+
+</dd>
+<dt id="pod21">2</dt>
+<dd>
+
+<p>item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.</p>
+
+</dd>
+</dl>
+
+<p>item_verify() and item_sign() are called by <a href="../man3/ASN1_item_verify.html">ASN1_item_verify(3)</a> and <a href="../man3/ASN1_item_sign.html">ASN1_item_sign(3)</a>, and by extension, <a href="../man3/X509_verify.html">X509_verify(3)</a>, <a href="../man3/X509_REQ_verify.html">X509_REQ_verify(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_REQ_sign.html">X509_REQ_sign(3)</a>, ...</p>
+
+<pre><code> int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
+                    const ASN1_STRING *sig);</code></pre>
+
+<p>The siginf_set() method is used to set custom <b>X509_SIG_INFO</b> parameters. It MUST return 0 on error, or 1 on success. It&#39;s called as part of <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a> and <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>.</p>
+
+<pre><code> int (*pkey_check) (const EVP_PKEY *pk);
+ int (*pkey_public_check) (const EVP_PKEY *pk);
+ int (*pkey_param_check) (const EVP_PKEY *pk);</code></pre>
+
+<p>The pkey_check(), pkey_public_check() and pkey_param_check() methods are used to check the validity of <b>pk</b> for key-pair, public component and parameters, respectively. They MUST return 0 for an invalid key, or 1 for a valid key. They are called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
+ int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);</code></pre>
+
+<p>The set_priv_key() and set_pub_key() methods are used to set the raw private and public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success. They are called by <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a>, and <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> respectively.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_asn1_new() creates and returns a new <b>EVP_PKEY_ASN1_METHOD</b> object, and associates the given <b>id</b>, <b>flags</b>, <b>pem_str</b> and <b>info</b>. <b>id</b> is a NID, <b>pem_str</b> is the PEM type string, <b>info</b> is a descriptive string. The following <b>flags</b> are supported:</p>
+
+<pre><code> ASN1_PKEY_SIGPARAM_NULL</code></pre>
+
+<p>If <b>ASN1_PKEY_SIGPARAM_NULL</b> is set, then the signature algorithm parameters are given the type <b>V_ASN1_NULL</b> by default, otherwise they will be given the type <b>V_ASN1_UNDEF</b> (i.e. the parameter is omitted). See <a href="../man3/X509_ALGOR_set0.html">X509_ALGOR_set0(3)</a> for more information.</p>
+
+<p>EVP_PKEY_asn1_copy() copies an <b>EVP_PKEY_ASN1_METHOD</b> object from <b>src</b> to <b>dst</b>. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_free() frees an existing <b>EVP_PKEY_ASN1_METHOD</b> pointed by <b>ameth</b>.</p>
+
+<p>EVP_PKEY_asn1_add0() adds <b>ameth</b> to the user defined stack of methods unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already there. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_add_alias() creates an alias with the NID <b>to</b> for the <b>EVP_PKEY_ASN1_METHOD</b> with NID <b>from</b> unless another <b>EVP_PKEY_ASN1_METHOD</b> with the same NID is already added. This function is not thread safe, it&#39;s recommended to only use this when initializing the application.</p>
+
+<p>EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), EVP_PKEY_asn1_set_ctrl(), EVP_PKEY_asn1_set_item(), EVP_PKEY_asn1_set_siginf(), EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), EVP_PKEY_asn1_set_param_check(), EVP_PKEY_asn1_set_security_bits(), EVP_PKEY_asn1_set_set_priv_key(), EVP_PKEY_asn1_set_set_pub_key(), EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() set the diverse methods of the given <b>EVP_PKEY_ASN1_METHOD</b> object.</p>
+
+<p>EVP_PKEY_get0_asn1() finds the <b>EVP_PKEY_ASN1_METHOD</b> associated with the key <b>pkey</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<p>EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.</p>
+
+<p>EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant <b>EVP_PKEY_ASN1_METHOD</b> object otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_hmac.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_hmac.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_hmac.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_poly1305.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_poly1305.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_poly1305.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_siphash.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_siphash.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get0_siphash.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_DH.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_DH.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_DH.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_DSA.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_DSA.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_DSA.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_EC_KEY.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_EC_KEY.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_EC_KEY.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_RSA.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_RSA.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get1_RSA.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_default_digest_nid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_default_digest_nid.html
new file mode 100644
index 000000000..299f66b9b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_default_digest_nid.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_get_default_digest_nid</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_get_default_digest_nid - get default signature digest</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_get_default_digest_nid() function sets <b>pnid</b> to the default message digest NID for the public key signature operations associated with key <b>pkey</b>. Note that some signature algorithms (i.e. Ed25519 and Ed448) do not use a digest during signing. In this case <b>pnid</b> will be set to NID_undef.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For all current standard OpenSSL public key algorithms SHA1 is returned.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The EVP_PKEY_get_default_digest_nid() function returns 1 if the message digest is advisory (that is other digests can be used) and 2 if it is mandatory (other digests can not be used). It returns 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>,</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>This function was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_raw_private_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_raw_private_key.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_raw_private_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_raw_public_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_raw_public_key.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_get_raw_public_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_id.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_id.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_id.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_keygen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_keygen.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_keygen.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_keygen_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_keygen_init.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_keygen_init.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_add0.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_add0.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_add0.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_copy.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_copy.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_copy.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_find.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_find.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_find.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_free.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_free.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_free.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get0.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get0.html
new file mode 100644
index 000000000..9e8ba8e2e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get0.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_get_count</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_get_count, EVP_PKEY_meth_get0, EVP_PKEY_meth_get0_info - enumerate public key methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ size_t EVP_PKEY_meth_get_count(void);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
+ void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+                              const EVP_PKEY_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_meth_count() returns a count of the number of public key methods available: it includes standard methods and any methods added by the application.</p>
+
+<p>EVP_PKEY_meth_get0() returns the public key method <b>idx</b>. The value of <b>idx</b> must be between zero and EVP_PKEY_meth_get_count() - 1.</p>
+
+<p>EVP_PKEY_meth_get0_info() returns the public key ID (a NID) and any flags associated with the public key method <b>*meth</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_count() returns the number of available public key methods.</p>
+
+<p>EVP_PKEY_meth_get0() return a public key method or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>EVP_PKEY_meth_get0_info() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get0_info.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get0_info.html
new file mode 100644
index 000000000..9e8ba8e2e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get0_info.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_get_count</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_get_count, EVP_PKEY_meth_get0, EVP_PKEY_meth_get0_info - enumerate public key methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ size_t EVP_PKEY_meth_get_count(void);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
+ void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+                              const EVP_PKEY_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_meth_count() returns a count of the number of public key methods available: it includes standard methods and any methods added by the application.</p>
+
+<p>EVP_PKEY_meth_get0() returns the public key method <b>idx</b>. The value of <b>idx</b> must be between zero and EVP_PKEY_meth_get_count() - 1.</p>
+
+<p>EVP_PKEY_meth_get0_info() returns the public key ID (a NID) and any flags associated with the public key method <b>*meth</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_count() returns the number of available public key methods.</p>
+
+<p>EVP_PKEY_meth_get0() return a public key method or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>EVP_PKEY_meth_get0_info() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_check.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_check.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_cleanup.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_cleanup.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_copy.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_copy.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_copy.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_count.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_count.html
new file mode 100644
index 000000000..9e8ba8e2e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_count.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_get_count</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_get_count, EVP_PKEY_meth_get0, EVP_PKEY_meth_get0_info - enumerate public key methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ size_t EVP_PKEY_meth_get_count(void);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
+ void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+                              const EVP_PKEY_METHOD *meth);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_meth_count() returns a count of the number of public key methods available: it includes standard methods and any methods added by the application.</p>
+
+<p>EVP_PKEY_meth_get0() returns the public key method <b>idx</b>. The value of <b>idx</b> must be between zero and EVP_PKEY_meth_get_count() - 1.</p>
+
+<p>EVP_PKEY_meth_get0_info() returns the public key ID (a NID) and any flags associated with the public key method <b>*meth</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_count() returns the number of available public key methods.</p>
+
+<p>EVP_PKEY_meth_get0() return a public key method or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>EVP_PKEY_meth_get0_info() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_ctrl.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_ctrl.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_decrypt.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_decrypt.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_derive.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_derive.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_derive.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_digest_custom.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_digest_custom.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_digest_custom.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_encrypt.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_encrypt.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_init.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_init.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_keygen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_keygen.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_keygen.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_param_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_param_check.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_param_check.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_paramgen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_paramgen.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_paramgen.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_public_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_public_check.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_public_check.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_sign.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_sign.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_sign.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_signctx.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_signctx.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_signctx.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verify.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verify.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verify.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verify_recover.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verify_recover.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verify_recover.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verifyctx.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verifyctx.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verifyctx.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_new.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_new.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_remove.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_remove.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_remove.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_check.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_check.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_cleanup.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_cleanup.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_copy.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_copy.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_copy.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_ctrl.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_ctrl.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_decrypt.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_decrypt.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_derive.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_derive.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_derive.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_digest_custom.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_digest_custom.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_digest_custom.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_encrypt.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_encrypt.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_init.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_init.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_keygen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_keygen.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_keygen.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_param_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_param_check.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_param_check.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_paramgen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_paramgen.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_paramgen.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_public_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_public_check.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_public_check.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_sign.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_sign.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_sign.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_signctx.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_signctx.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_signctx.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verify.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verify.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verify.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verify_recover.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verify_recover.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verify_recover.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verifyctx.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verifyctx.html
new file mode 100644
index 000000000..fac0d750a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verifyctx.html
@@ -0,0 +1,370 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Methods">Methods</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_set_check, EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, EVP_PKEY_meth_set_digest_custom, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, EVP_PKEY_meth_get_check, EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, EVP_PKEY_meth_get_digest_custom, EVP_PKEY_meth_remove - manipulating EVP_PKEY_METHOD structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+
+ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+ void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+ void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+ int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+
+ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                             int (*init) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                             int (*copy) (EVP_PKEY_CTX *dst,
+                                          EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                                void (*cleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                  EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                               int (*keygen) (EVP_PKEY_CTX *ctx,
+                                              EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                             int (*sign_init) (EVP_PKEY_CTX *ctx),
+                             int (*sign) (EVP_PKEY_CTX *ctx,
+                                          unsigned char *sig, size_t *siglen,
+                                          const unsigned char *tbs,
+                                          size_t tbslen));
+ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                               int (*verify_init) (EVP_PKEY_CTX *ctx),
+                               int (*verify) (EVP_PKEY_CTX *ctx,
+                                              const unsigned char *sig,
+                                              size_t siglen,
+                                              const unsigned char *tbs,
+                                              size_t tbslen));
+ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                       int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                   *ctx),
+                                       int (*verify_recover) (EVP_PKEY_CTX
+                                                              *ctx,
+                                                              unsigned char
+                                                              *sig,
+                                                              size_t *siglen,
+                                                              const unsigned
+                                                              char *tbs,
+                                                              size_t tbslen));
+ void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                     EVP_MD_CTX *mctx),
+                                int (*signctx) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *sig,
+                                                size_t *siglen,
+                                                EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                         EVP_MD_CTX *mctx),
+                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                    const unsigned char *sig,
+                                                    int siglen,
+                                                    EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *out,
+                                                size_t *outlen,
+                                                const unsigned char *in,
+                                                size_t inlen));
+ void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                               int (*derive_init) (EVP_PKEY_CTX *ctx),
+                               int (*derive) (EVP_PKEY_CTX *ctx,
+                                              unsigned char *key,
+                                              size_t *keylen));
+ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                          void *p2),
+                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                              const char *type,
+                                              const char *value));
+ void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+                              int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+                                     int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+                                    int (*check) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx));
+
+ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+                             int (**pinit) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+                             int (**pcopy) (EVP_PKEY_CTX *dst,
+                                            EVP_PKEY_CTX *src));
+ void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
+ void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
+                                                    EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
+                                                EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+                             int (**psign_init) (EVP_PKEY_CTX *ctx),
+                             int (**psign) (EVP_PKEY_CTX *ctx,
+                                            unsigned char *sig, size_t *siglen,
+                                            const unsigned char *tbs,
+                                            size_t tbslen));
+ void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
+                               int (**pverify) (EVP_PKEY_CTX *ctx,
+                                                const unsigned char *sig,
+                                                size_t siglen,
+                                                const unsigned char *tbs,
+                                                size_t tbslen));
+ void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+                                       int (**pverify_recover_init) (EVP_PKEY_CTX
+                                                                     *ctx),
+                                       int (**pverify_recover) (EVP_PKEY_CTX
+                                                                *ctx,
+                                                                unsigned char
+                                                                *sig,
+                                                                size_t *siglen,
+                                                                const unsigned
+                                                                char *tbs,
+                                                                size_t tbslen));
+ void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+                                                       EVP_MD_CTX *mctx),
+                                int (**psignctx) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *sig,
+                                                  size_t *siglen,
+                                                  EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                           EVP_MD_CTX *mctx),
+                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+                                                      const unsigned char *sig,
+                                                      int siglen,
+                                                      EVP_MD_CTX *mctx));
+ void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+                                                    unsigned char *out,
+                                                    size_t *outlen,
+                                                    const unsigned char *in,
+                                                    size_t inlen));
+ void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+                                                  unsigned char *out,
+                                                  size_t *outlen,
+                                                  const unsigned char *in,
+                                                  size_t inlen));
+ void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
+                               int (**pderive) (EVP_PKEY_CTX *ctx,
+                                                unsigned char *key,
+                                                size_t *keylen));
+ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                            void *p2),
+                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+                                                const char *type,
+                                                const char *value));
+ void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+                              int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+                                     int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+                                    int (**pcheck) (EVP_PKEY *pkey));
+ void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+                                                             EVP_MD_CTX *mctx));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>EVP_PKEY_METHOD</b> is a structure which holds a set of methods for a specific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc.</p>
+
+<p>There are two places where the <b>EVP_PKEY_METHOD</b> objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using <a href="../man3/EVP_PKEY_meth_add0.html">EVP_PKEY_meth_add0(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_METHOD</b> objects are usually referenced by <b>EVP_PKEY_CTX</b> objects.</p>
+
+<h2 id="Methods">Methods</h2>
+
+<p>The methods are the underlying implementations of a particular public key algorithm present by the <b>EVP_PKEY_CTX</b> object.</p>
+
+<pre><code> int (*init) (EVP_PKEY_CTX *ctx);
+ int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup) (EVP_PKEY_CTX *ctx);</code></pre>
+
+<p>The init() method is called to initialize algorithm-specific data when a new <b>EVP_PKEY_CTX</b> is created. As opposed to init(), the cleanup() method is called when an <b>EVP_PKEY_CTX</b> is freed. The copy() method is called when an <b>EVP_PKEY_CTX</b> is being duplicated. Refer to <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_new_id.html">EVP_PKEY_CTX_new_id(3)</a>, <a href="../man3/EVP_PKEY_CTX_free.html">EVP_PKEY_CTX_free(3)</a> and <a href="../man3/EVP_PKEY_CTX_dup.html">EVP_PKEY_CTX_dup(3)</a>.</p>
+
+<pre><code> int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by <a href="../man3/EVP_PKEY_paramgen_init.html">EVP_PKEY_paramgen_init(3)</a> and <a href="../man3/EVP_PKEY_paramgen.html">EVP_PKEY_paramgen(3)</a> to handle the parameter generation process.</p>
+
+<pre><code> int (*keygen_init) (EVP_PKEY_CTX *ctx);
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);</code></pre>
+
+<p>The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by <a href="../man3/EVP_PKEY_keygen_init.html">EVP_PKEY_keygen_init(3)</a> and <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>.</p>
+
+<pre><code> int (*sign_init) (EVP_PKEY_CTX *ctx);
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+              const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by <a href="../man3/EVP_PKEY_sign_init.html">EVP_PKEY_sign_init(3)</a> and <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<pre><code> int (*verify_init) (EVP_PKEY_CTX *ctx);
+ int (*verify) (EVP_PKEY_CTX *ctx,
+                const unsigned char *sig, size_t siglen,
+                const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<p>The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by <a href="../man3/EVP_PKEY_verify_init.html">EVP_PKEY_verify_init(3)</a> and <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>.</p>
+
+<pre><code> int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+ int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                        unsigned char *rout, size_t *routlen,
+                        const unsigned char *sig, size_t siglen);</code></pre>
+
+<p>The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by <a href="../man3/EVP_PKEY_verify_recover_init.html">EVP_PKEY_verify_recover_init(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>.</p>
+
+<pre><code> int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 EVP_MD_CTX *mctx);</code></pre>
+
+<p>The signctx_init() and signctx() methods are used to sign a digest present by a <b>EVP_MD_CTX</b> object. They are called by the EVP_DigestSign functions. See <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> for detail.</p>
+
+<pre><code> int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                   EVP_MD_CTX *mctx);</code></pre>
+
+<p>The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a <b>EVP_MD_CTX</b> object. They are called by the various EVP_DigestVerify functions. See <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> for detail.</p>
+
+<pre><code> int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_encrypt_init.html">EVP_PKEY_encrypt_init(3)</a> and <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>.</p>
+
+<pre><code> int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                 const unsigned char *in, size_t inlen);</code></pre>
+
+<p>The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by <a href="../man3/EVP_PKEY_decrypt_init.html">EVP_PKEY_decrypt_init(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>.</p>
+
+<pre><code> int (*derive_init) (EVP_PKEY_CTX *ctx);
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);</code></pre>
+
+<p>The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by <a href="../man3/EVP_PKEY_derive_init.html">EVP_PKEY_derive_init(3)</a> and <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>.</p>
+
+<pre><code> int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);</code></pre>
+
+<p>The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a> and related functions for detail.</p>
+
+<pre><code> int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+                      size_t siglen, const unsigned char *tbs,
+                      size_t tbslen);</code></pre>
+
+<p>The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by <a href="../man3/EVP_DigetSign.html">EVP_DigetSign(3)</a> and <a href="../man3/EVP_DigestVerify.html">EVP_DigestVerify(3)</a>.</p>
+
+<pre><code> int (*check) (EVP_PKEY *pkey);
+ int (*public_check) (EVP_PKEY *pkey);
+ int (*param_check) (EVP_PKEY *pkey);</code></pre>
+
+<p>The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given <b>pkey</b>. They could be called by <a href="../man3/EVP_PKEY_check.html">EVP_PKEY_check(3)</a>, <a href="../man3/EVP_PKEY_public_check.html">EVP_PKEY_public_check(3)</a> and <a href="../man3/EVP_PKEY_param_check.html">EVP_PKEY_param_check(3)</a> respectively.</p>
+
+<pre><code> int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);</code></pre>
+
+<p>The digest_custom() method is used to generate customized digest content before the real message is passed to functions like <a href="../man3/EVP_DigestSignUpdate.html">EVP_DigestSignUpdate(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>EVP_PKEY_meth_new() creates and returns a new <b>EVP_PKEY_METHOD</b> object, and associates the given <b>id</b> and <b>flags</b>. The following flags are supported:</p>
+
+<pre><code> EVP_PKEY_FLAG_AUTOARGLEN
+ EVP_PKEY_FLAG_SIGCTX_CUSTOM</code></pre>
+
+<p>If an <b>EVP_PKEY_METHOD</b> is set with the <b>EVP_PKEY_FLAG_AUTOARGLEN</b> flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don&#39;t need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>.</p>
+
+<p>The <b>EVP_PKEY_FLAG_SIGCTX_CUSTOM</b> is used to indicate the signctx() method of an <b>EVP_PKEY_METHOD</b> is always called by the EVP framework while doing a digest signing operation by calling <a href="../man3/EVP_DigestSignFinal.html">EVP_DigestSignFinal(3)</a>.</p>
+
+<p>EVP_PKEY_meth_free() frees an existing <b>EVP_PKEY_METHOD</b> pointed by <b>pmeth</b>.</p>
+
+<p>EVP_PKEY_meth_copy() copies an <b>EVP_PKEY_METHOD</b> object from <b>src</b> to <b>dst</b>.</p>
+
+<p>EVP_PKEY_meth_find() finds an <b>EVP_PKEY_METHOD</b> object with the <b>id</b>. This function first searches through the user-defined method objects and then the built-in objects.</p>
+
+<p>EVP_PKEY_meth_add0() adds <b>pmeth</b> to the user defined stack of methods.</p>
+
+<p>EVP_PKEY_meth_remove() removes an <b>EVP_PKEY_METHOD</b> object added by EVP_PKEY_meth_add0().</p>
+
+<p>The EVP_PKEY_meth_set functions set the corresponding fields of <b>EVP_PKEY_METHOD</b> structure with the arguments passed.</p>
+
+<p>The EVP_PKEY_meth_get functions get the corresponding fields of <b>EVP_PKEY_METHOD</b> structure to the arguments provided.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_meth_new() returns a pointer to a new <b>EVP_PKEY_METHOD</b> object or returns NULL on error.</p>
+
+<p>EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.</p>
+
+<p>EVP_PKEY_meth_find() returns a pointer to the found <b>EVP_PKEY_METHOD</b> object or returns NULL if not found.</p>
+
+<p>EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.</p>
+
+<p>EVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.</p>
+
+<p>All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the &#39;get&#39; functions, function pointers are returned by arguments.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_missing_parameters.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_missing_parameters.html
new file mode 100644
index 000000000..1d9cbaaad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_missing_parameters.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_cmp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+
+ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of <b>pkey</b> are missing and 0 if they are present or the algorithm doesn&#39;t use parameters.</p>
+
+<p>The function EVP_PKEY_copy_parameters() copies the parameters from key <b>from</b> to key <b>to</b>. An error is returned if the parameters are missing in <b>from</b> or present in both <b>from</b> and <b>to</b> and mismatch. If the parameters in <b>from</b> and <b>to</b> are both present and match this function has no effect.</p>
+
+<p>The function EVP_PKEY_cmp_parameters() compares the parameters of keys <b>a</b> and <b>b</b>.</p>
+
+<p>The function EVP_PKEY_cmp() compares the public key components and parameters (if present) of keys <b>a</b> and <b>b</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of the functions EVP_PKEY_missing_parameters() and EVP_PKEY_copy_parameters() is to handle public keys in certificates where the parameters are sometimes omitted from a public key if they are inherited from the CA that signed it.</p>
+
+<p>Since OpenSSL private keys contain public key components too the function EVP_PKEY_cmp() can also be used to determine if a private key matches a public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of <b>pkey</b> are missing and 0 if they are present or the algorithm doesn&#39;t use parameters.</p>
+
+<p>These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for failure.</p>
+
+<p>The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the keys match, 0 if they don&#39;t match, -1 if the key types are different and -2 if the operation is not supported.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_CMAC_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_CMAC_key.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_CMAC_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_mac_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_mac_key.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_mac_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_raw_private_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_raw_private_key.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_raw_private_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_raw_public_key.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_raw_public_key.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_new_raw_public_key.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_param_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_param_check.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_param_check.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_paramgen.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_paramgen.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_paramgen.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_paramgen_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_paramgen_init.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_paramgen_init.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_params.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_params.html
new file mode 100644
index 000000000..eb131597f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_params.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_print_private</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+                           int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+                            int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+                           int indent, ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and EVP_PKEY_print_params() print out the public, private or parameter components of key <b>pkey</b> respectively. The key is sent to BIO <b>out</b> in human readable form. The parameter <b>indent</b> indicated how far the printout should be indented.</p>
+
+<p>The <b>pctx</b> parameter allows the print output to be finely tuned by using ASN1 printing options. If <b>pctx</b> is set to NULL then default values will be used.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Currently no public key algorithms include any options in the <b>pctx</b> parameter.</p>
+
+<p>If the key does not include all the components indicated by the function then only those contained in the key will be printed. For example passing a public key to EVP_PKEY_print_private() will only print the public components.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions all return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_private.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_private.html
new file mode 100644
index 000000000..eb131597f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_private.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_print_private</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+                           int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+                            int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+                           int indent, ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and EVP_PKEY_print_params() print out the public, private or parameter components of key <b>pkey</b> respectively. The key is sent to BIO <b>out</b> in human readable form. The parameter <b>indent</b> indicated how far the printout should be indented.</p>
+
+<p>The <b>pctx</b> parameter allows the print output to be finely tuned by using ASN1 printing options. If <b>pctx</b> is set to NULL then default values will be used.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Currently no public key algorithms include any options in the <b>pctx</b> parameter.</p>
+
+<p>If the key does not include all the components indicated by the function then only those contained in the key will be printed. For example passing a public key to EVP_PKEY_print_private() will only print the public components.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions all return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_public.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_public.html
new file mode 100644
index 000000000..eb131597f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_print_public.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_print_private</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+                           int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+                            int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+                           int indent, ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and EVP_PKEY_print_params() print out the public, private or parameter components of key <b>pkey</b> respectively. The key is sent to BIO <b>out</b> in human readable form. The parameter <b>indent</b> indicated how far the printout should be indented.</p>
+
+<p>The <b>pctx</b> parameter allows the print output to be finely tuned by using ASN1 printing options. If <b>pctx</b> is set to NULL then default values will be used.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Currently no public key algorithms include any options in the <b>pctx</b> parameter.</p>
+
+<p>If the key does not include all the components indicated by the function then only those contained in the key will be printed. For example passing a public key to EVP_PKEY_print_private() will only print the public components.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions all return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_public_check.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_public_check.html
new file mode 100644
index 000000000..1feb84ad9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_public_check.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_keygen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data, EVP_PKEY_gen_cb, EVP_PKEY_check, EVP_PKEY_public_check, EVP_PKEY_param_check - key and parameter generation and check functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_keygen_init() function initializes a public key algorithm context using key <b>pkey</b> for a key generation operation.</p>
+
+<p>The EVP_PKEY_keygen() function performs a key generation operation, the generated key is written to <b>ppkey</b>.</p>
+
+<p>The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar except parameters are generated.</p>
+
+<p>The function EVP_PKEY_set_cb() sets the key or parameter generation callback to <b>cb</b>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback.</p>
+
+<p>The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If <b>idx</b> is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for <b>idx</b> should only be called within the generation callback.</p>
+
+<p>If the callback returns 0 then the key generation operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a &quot;cancel&quot; button.</p>
+
+<p>The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a &quot;progress dialog&quot;.</p>
+
+<p>EVP_PKEY_check() validates the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_public_check() validates the public component of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<p>EVP_PKEY_param_check() validates the algorithm parameters of the key-pair given by <b>ctx</b>. This function first tries to use customized key check method in <b>EVP_PKEY_METHOD</b> if it&#39;s present; otherwise it calls a default one defined in <b>EVP_PKEY_ASN1_METHOD</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<p>The meaning of the parameters passed to the callback will depend on the algorithm and the specific implementation of the algorithm. Some might not give any useful information at all during key or parameter generation. Others might not even call the callback.</p>
+
+<p>The operation performed by key or parameter generation depends on the algorithm used. In some cases (e.g. EC with a supplied named curve) the &quot;generation&quot; option merely sets the appropriate fields in an EVP_PKEY structure.</p>
+
+<p>In OpenSSL an EVP_PKEY structure containing a private key also contains the public key components and parameters (if any). An OpenSSL private key is equivalent to what some libraries call a &quot;key pair&quot;. A private key can be used in functions which require the use of a public key or parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() return 1 for success or others for failure. They return -2 if the operation is not supported for the specific algorithm.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a 2048 bit RSA key:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Generate a key from a set of parameters:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ EVP_PKEY *pkey = NULL, *param;
+
+ /* Assumed param, eng are set up already */
+ ctx = EVP_PKEY_CTX_new(param, eng);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) &lt;= 0)
+     /* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &amp;pkey) &lt;= 0)
+     /* Error */</code></pre>
+
+<p>Example of generation callback for OpenSSL public key implementations:</p>
+
+<pre><code> /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+ {
+     char c = &#39;*&#39;;
+     BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+     int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+
+     if (p == 0)
+         c = &#39;.&#39;;
+     if (p == 1)
+         c = &#39;+&#39;;
+     if (p == 2)
+         c = &#39;*&#39;;
+     if (p == 3)
+         c = &#39;\n&#39;;
+     BIO_write(b, &amp;c, 1);
+     (void)BIO_flush(b);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<p>EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_security_bits.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_security_bits.html
new file mode 100644
index 000000000..f9348cbe6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_security_bits.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_size, EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal, EVP_PKEY_security_bits - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
+
+ void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+ int EVP_PKEY_size(const EVP_PKEY *pkey);
+ int EVP_PKEY_security_bits(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_SignInit_ex() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_SignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_SignFinal() signs the data in <b>ctx</b> using the private key <b>pkey</b> and places the signature in <b>sig</b>. <b>sig</b> must be at least EVP_PKEY_size(pkey) bytes in size. <b>s</b> is an OUT parameter, and not used as an IN parameter. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at <b>s</b>, at most EVP_PKEY_size(pkey) bytes will be written.</p>
+
+<p>EVP_SignInit() initializes a signing context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual signature returned by EVP_SignFinal() may be smaller.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits of the given <b>pkey</b>, bits of security is defined in NIST SP800-57.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>When signing with DSA private keys the random number generator must be seeded or the operation will fail. The random number generator does not need to be seeded for RSA signatures.</p>
+
+<p>The call to EVP_SignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_SignUpdate() could not be made after calling EVP_SignFinal().</p>
+
+<p>Since the private key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_SignDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_DH.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_DH.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_DH.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_DSA.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_DSA.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_DSA.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_EC_KEY.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_EC_KEY.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_EC_KEY.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_RSA.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_RSA.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_RSA.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_engine.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_engine.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set1_engine.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set_alias_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set_alias_type.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_set_alias_type.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_sign.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_sign.html
new file mode 100644
index 000000000..dec6d0e3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_sign.html
@@ -0,0 +1,118 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+                   unsigned char *sig, size_t *siglen,
+                   const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_sign_init() function initializes a public key algorithm context using key <b>pkey</b> for a signing operation.</p>
+
+<p>The EVP_PKEY_sign() function performs a public key signing operation using <b>ctx</b>. The data to be signed is specified using the <b>tbs</b> and <b>tbslen</b> parameters. If <b>sig</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>siglen</b> parameter. If <b>sig</b> is not <b>NULL</b> then before the call the <b>siglen</b> parameter should contain the length of the <b>sig</b> buffer, if the call is successful the signature is written to <b>sig</b> and the amount of data written to <b>siglen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>EVP_PKEY_sign() does not hash the data to be signed, and therefore is normally used to sign digests. For signing arbitrary messages, see the <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a> signing interfaces instead.</p>
+
+<p>After the call to EVP_PKEY_sign_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation (see <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a>).</p>
+
+<p>The function EVP_PKEY_sign() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_sign_init() and EVP_PKEY_sign() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Sign data using RSA with PKCS#1 padding and SHA256 digest:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ /* md is a SHA-256 digest in this example. */
+ unsigned char *md, *sig;
+ size_t mdlen = 32, siglen;
+ EVP_PKEY *signing_key;
+
+ /*
+  * NB: assumes signing_key and md are set up before the next
+  * step. signing_key must be an RSA private key and md must
+  * point to the SHA-256 digest to be signed.
+  */
+ ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_sign_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_sign(ctx, NULL, &amp;siglen, md, mdlen) &lt;= 0)
+     /* Error */
+
+ sig = OPENSSL_malloc(siglen);
+
+ if (!sig)
+     /* malloc failure */
+
+ if (EVP_PKEY_sign(ctx, sig, &amp;siglen, md, mdlen) &lt;= 0)
+     /* Error */
+
+ /* Signature is siglen bytes written to buffer sig */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_sign_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_sign_init.html
new file mode 100644
index 000000000..dec6d0e3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_sign_init.html
@@ -0,0 +1,118 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+                   unsigned char *sig, size_t *siglen,
+                   const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_sign_init() function initializes a public key algorithm context using key <b>pkey</b> for a signing operation.</p>
+
+<p>The EVP_PKEY_sign() function performs a public key signing operation using <b>ctx</b>. The data to be signed is specified using the <b>tbs</b> and <b>tbslen</b> parameters. If <b>sig</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>siglen</b> parameter. If <b>sig</b> is not <b>NULL</b> then before the call the <b>siglen</b> parameter should contain the length of the <b>sig</b> buffer, if the call is successful the signature is written to <b>sig</b> and the amount of data written to <b>siglen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>EVP_PKEY_sign() does not hash the data to be signed, and therefore is normally used to sign digests. For signing arbitrary messages, see the <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> and <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a> signing interfaces instead.</p>
+
+<p>After the call to EVP_PKEY_sign_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation (see <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a>).</p>
+
+<p>The function EVP_PKEY_sign() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_sign_init() and EVP_PKEY_sign() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Sign data using RSA with PKCS#1 padding and SHA256 digest:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ /* md is a SHA-256 digest in this example. */
+ unsigned char *md, *sig;
+ size_t mdlen = 32, siglen;
+ EVP_PKEY *signing_key;
+
+ /*
+  * NB: assumes signing_key and md are set up before the next
+  * step. signing_key must be an RSA private key and md must
+  * point to the SHA-256 digest to be signed.
+  */
+ ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_sign_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_sign(ctx, NULL, &amp;siglen, md, mdlen) &lt;= 0)
+     /* Error */
+
+ sig = OPENSSL_malloc(siglen);
+
+ if (!sig)
+     /* malloc failure */
+
+ if (EVP_PKEY_sign(ctx, sig, &amp;siglen, md, mdlen) &lt;= 0)
+     /* Error */
+
+ /* Signature is siglen bytes written to buffer sig */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl.html">EVP_PKEY_CTX_ctrl(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_size.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_size.html
new file mode 100644
index 000000000..f9348cbe6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_size.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_size, EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal, EVP_PKEY_security_bits - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
+
+ void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+ int EVP_PKEY_size(const EVP_PKEY *pkey);
+ int EVP_PKEY_security_bits(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_SignInit_ex() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_SignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_SignFinal() signs the data in <b>ctx</b> using the private key <b>pkey</b> and places the signature in <b>sig</b>. <b>sig</b> must be at least EVP_PKEY_size(pkey) bytes in size. <b>s</b> is an OUT parameter, and not used as an IN parameter. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at <b>s</b>, at most EVP_PKEY_size(pkey) bytes will be written.</p>
+
+<p>EVP_SignInit() initializes a signing context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual signature returned by EVP_SignFinal() may be smaller.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits of the given <b>pkey</b>, bits of security is defined in NIST SP800-57.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>When signing with DSA private keys the random number generator must be seeded or the operation will fail. The random number generator does not need to be seeded for RSA signatures.</p>
+
+<p>The call to EVP_SignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_SignUpdate() could not be made after calling EVP_SignFinal().</p>
+
+<p>Since the private key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_SignDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_type.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_type.html
new file mode 100644
index 000000000..d0b9236b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_type.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_set1_RSA</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine - EVP_PKEY assignment functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
+ int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+ int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
+
+ int EVP_PKEY_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+ int EVP_PKEY_type(int type);
+ int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+
+ int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() set the key referenced by <b>pkey</b> to <b>key</b>.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type.</p>
+
+<p>EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() also return the referenced key in <b>pkey</b> or <b>NULL</b> if the key is not of the correct type but the reference count of the returned key is <b>not</b> incremented and so must not be freed up after use.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() also set the referenced key to <b>key</b> however these use the supplied <b>key</b> internally and so <b>key</b> will be freed when the parent <b>pkey</b> is freed.</p>
+
+<p>EVP_PKEY_base_id() returns the type of <b>pkey</b>. For example an RSA key will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_id() returns the actual OID associated with <b>pkey</b>. Historically keys using the same algorithm could use different OIDs. For example an RSA key could use the OIDs corresponding to the NIDs <b>NID_rsaEncryption</b> (equivalent to <b>EVP_PKEY_RSA</b>) or <b>NID_rsa</b> (equivalent to <b>EVP_PKEY_RSA2</b>). The use of alternative non-standard OIDs is now rare so <b>EVP_PKEY_RSA2</b> et al are not often seen in practice.</p>
+
+<p>EVP_PKEY_type() returns the underlying type of the NID <b>type</b>. For example EVP_PKEY_type(EVP_PKEY_RSA2) will return <b>EVP_PKEY_RSA</b>.</p>
+
+<p>EVP_PKEY_set1_engine() sets the ENGINE handling <b>pkey</b> to <b>engine</b>. It must be called after the key algorithm and components are set up. If <b>engine</b> does not include an <b>EVP_PKEY_METHOD</b> for <b>pkey</b> an error occurs.</p>
+
+<p>EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a different set of algorithms than the default. This is currently used to support SM2 keys, which use an identical encoding to ECDSA.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In accordance with the OpenSSL naming convention the key obtained from or assigned to the <b>pkey</b> using the <b>1</b> functions must be freed as well as <b>pkey</b>.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() are implemented as macros.</p>
+
+<p>Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type: which will be identical in almost all cases.</p>
+
+<p>Previous versions of this document suggested using EVP_PKEY_type(pkey-&gt;type) to determine the type of a key. Since <b>EVP_PKEY</b> is now opaque this is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).</p>
+
+<p>EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>After loading an ECC key, it is possible to convert it to using SM2 algorithms with EVP_PKEY_set_alias_type:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.</p>
+
+<p>EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() return the referenced key or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key type or <b>NID_undef</b> (equivalently <b>EVP_PKEY_NONE</b>) on error.</p>
+
+<p>EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_up_ref.html
new file mode 100644
index 000000000..863dd6d1c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_up_ref.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, EVP_PKEY_new_raw_private_key, EVP_PKEY_new_raw_public_key, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, EVP_PKEY_get_raw_public_key - public/private key allocation and raw key handling functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ int EVP_PKEY_up_ref(EVP_PKEY *key);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+                                        const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+                                       const unsigned char *key, size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+                                 size_t len, const EVP_CIPHER *cipher);
+ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
+                                int keylen);
+
+ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+                                  size_t *len);
+ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+                                 size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_new() function allocates an empty <b>EVP_PKEY</b> structure which is used by OpenSSL to store public and private keys. The reference count is set to <b>1</b>.</p>
+
+<p>EVP_PKEY_up_ref() increments the reference count of <b>key</b>.</p>
+
+<p>EVP_PKEY_free() decrements the reference count of <b>key</b> and, if the reference count is zero, frees it up. If <b>key</b> is NULL, nothing is done.</p>
+
+<p>EVP_PKEY_new_raw_private_key() allocates a new <b>EVP_PKEY</b>. If <b>e</b> is non-NULL then the new <b>EVP_PKEY</b> structure is associated with the engine <b>e</b>. The <b>type</b> argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>. <b>key</b> points to the raw private key data for this <b>EVP_PKEY</b> which should be of length <b>keylen</b>. The length should be appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type).</p>
+
+<p>EVP_PKEY_new_raw_public_key() works in the same way as EVP_PKEY_new_raw_private_key() except that <b>key</b> points to the raw public key data. The <b>EVP_PKEY</b> structure will be initialised without any private key information. Algorithm types that support raw public keys are <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the <b>EVP_PKEY_CMAC</b> algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the <b>cipher</b> argument.</p>
+
+<p>EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). New applications should use EVP_PKEY_new_raw_private_key() instead.</p>
+
+<p>EVP_PKEY_get_raw_private_key() fills the buffer provided by <b>priv</b> with raw private key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>priv</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the private key data. This function only works for algorithms that support raw private keys. Currently this is: <b>EVP_PKEY_HMAC</b>, <b>EVP_PKEY_POLY1305</b>, <b>EVP_PKEY_SIPHASH</b>, <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<p>EVP_PKEY_get_raw_public_key() fills the buffer provided by <b>pub</b> with raw public key data. The number of bytes written is populated in <b>*len</b>. If the buffer <b>pub</b> is NULL then <b>*len</b> is populated with the number of bytes required to hold the key. The calling application is responsible for ensuring that the buffer is large enough to receive the public key data. This function only works for algorithms that support raw public keys. Currently this is: <b>EVP_PKEY_X25519</b>, <b>EVP_PKEY_ED25519</b>, <b>EVP_PKEY_X448</b> or <b>EVP_PKEY_ED448</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP_PKEY</b> structure is used by various OpenSSL functions which require a general private key without reference to any particular algorithm.</p>
+
+<p>The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly allocated <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>EVP_PKEY_up_ref(), EVP_PKEY_get_raw_private_key() and EVP_PKEY_get_raw_public_key() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a>EVP_PKEY_set1_DSA</a>, <a>EVP_PKEY_set1_DH</a> or <a>EVP_PKEY_set1_EC_KEY</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_PKEY_new() and EVP_PKEY_free() functions exist in all versions of OpenSSL.</p>
+
+<p>The EVP_PKEY_up_ref() function was added in OpenSSL 1.1.0.</p>
+
+<p>The EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify.html
new file mode 100644
index 000000000..28641189e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+                     const unsigned char *sig, size_t siglen,
+                     const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_verify_init() function initializes a public key algorithm context using key <b>pkey</b> for a signature verification operation.</p>
+
+<p>The EVP_PKEY_verify() function performs a public key verification operation using <b>ctx</b>. The signature is specified using the <b>sig</b> and <b>siglen</b> parameters. The verified data (i.e. the data believed originally signed) is specified using the <b>tbs</b> and <b>tbslen</b> parameters.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_verify_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_verify() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification was successful and 0 if it failed. Unlike other functions the return value 0 from EVP_PKEY_verify() only indicates that the signature did not verify successfully (that is tbs did not match the original data or the signature was of invalid form) it is not an indication of a more serious error.</p>
+
+<p>A negative value indicates an error other that signature verification failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Verify signature using PKCS#1 and SHA256 digest:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+ size_t mdlen, siglen;
+ EVP_PKEY *verify_key;
+
+ /*
+  * NB: assumes verify_key, sig, siglen md and mdlen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_verify_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+
+ /* Perform operation */
+ ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
+
+ /*
+  * ret == 1 indicates success, 0 verify failure and &lt; 0 for some
+  * other error.
+  */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_init.html
new file mode 100644
index 000000000..28641189e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_init.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+                     const unsigned char *sig, size_t siglen,
+                     const unsigned char *tbs, size_t tbslen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_verify_init() function initializes a public key algorithm context using key <b>pkey</b> for a signature verification operation.</p>
+
+<p>The EVP_PKEY_verify() function performs a public key verification operation using <b>ctx</b>. The signature is specified using the <b>sig</b> and <b>siglen</b> parameters. The verified data (i.e. the data believed originally signed) is specified using the <b>tbs</b> and <b>tbslen</b> parameters.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>After the call to EVP_PKEY_verify_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_verify() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification was successful and 0 if it failed. Unlike other functions the return value 0 from EVP_PKEY_verify() only indicates that the signature did not verify successfully (that is tbs did not match the original data or the signature was of invalid form) it is not an indication of a more serious error.</p>
+
+<p>A negative value indicates an error other that signature verification failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Verify signature using PKCS#1 and SHA256 digest:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+ size_t mdlen, siglen;
+ EVP_PKEY *verify_key;
+
+ /*
+  * NB: assumes verify_key, sig, siglen md and mdlen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_verify_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+
+ /* Perform operation */
+ ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
+
+ /*
+  * ret == 1 indicates success, 0 verify failure and &lt; 0 for some
+  * other error.
+  */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_recover.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_recover.html
new file mode 100644
index 000000000..b10d586eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_recover.html
@@ -0,0 +1,118 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_verify_recover</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_verify_recover_init, EVP_PKEY_verify_recover - recover signature using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+                             unsigned char *rout, size_t *routlen,
+                             const unsigned char *sig, size_t siglen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_verify_recover_init() function initializes a public key algorithm context using key <b>pkey</b> for a verify recover operation.</p>
+
+<p>The EVP_PKEY_verify_recover() function recovers signed data using <b>ctx</b>. The signature is specified using the <b>sig</b> and <b>siglen</b> parameters. If <b>rout</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>routlen</b> parameter. If <b>rout</b> is not <b>NULL</b> then before the call the <b>routlen</b> parameter should contain the length of the <b>rout</b> buffer, if the call is successful recovered data is written to <b>rout</b> and the amount of data written to <b>routlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Normally an application is only interested in whether a signature verification operation is successful in those cases the EVP_verify() function should be used.</p>
+
+<p>Sometimes however it is useful to obtain the data originally signed using a signing operation. Only certain public key algorithms can recover a signature in this way (for example RSA in PKCS padding mode).</p>
+
+<p>After the call to EVP_PKEY_verify_recover_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_verify_recover() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_verify_recover_init() and EVP_PKEY_verify_recover() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Recover digest originally signed using PKCS#1 and SHA256 digest:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *rout, *sig;
+ size_t routlen, siglen;
+ EVP_PKEY *verify_key;
+
+ /*
+  * NB: assumes verify_key, sig and siglen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_verify_recover_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_verify_recover(ctx, NULL, &amp;routlen, sig, siglen) &lt;= 0)
+     /* Error */
+
+ rout = OPENSSL_malloc(routlen);
+
+ if (!rout)
+     /* malloc failure */
+
+ if (EVP_PKEY_verify_recover(ctx, rout, &amp;routlen, sig, siglen) &lt;= 0)
+     /* Error */
+
+ /* Recovered data is routlen bytes written to buffer rout */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_recover_init.html b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_recover_init.html
new file mode 100644
index 000000000..b10d586eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_PKEY_verify_recover_init.html
@@ -0,0 +1,118 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_PKEY_verify_recover</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_verify_recover_init, EVP_PKEY_verify_recover - recover signature using a public key algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+                             unsigned char *rout, size_t *routlen,
+                             const unsigned char *sig, size_t siglen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_verify_recover_init() function initializes a public key algorithm context using key <b>pkey</b> for a verify recover operation.</p>
+
+<p>The EVP_PKEY_verify_recover() function recovers signed data using <b>ctx</b>. The signature is specified using the <b>sig</b> and <b>siglen</b> parameters. If <b>rout</b> is <b>NULL</b> then the maximum size of the output buffer is written to the <b>routlen</b> parameter. If <b>rout</b> is not <b>NULL</b> then before the call the <b>routlen</b> parameter should contain the length of the <b>rout</b> buffer, if the call is successful recovered data is written to <b>rout</b> and the amount of data written to <b>routlen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Normally an application is only interested in whether a signature verification operation is successful in those cases the EVP_verify() function should be used.</p>
+
+<p>Sometimes however it is useful to obtain the data originally signed using a signing operation. Only certain public key algorithms can recover a signature in this way (for example RSA in PKCS padding mode).</p>
+
+<p>After the call to EVP_PKEY_verify_recover_init() algorithm specific control operations can be performed to set any appropriate parameters for the operation.</p>
+
+<p>The function EVP_PKEY_verify_recover() can be called more than once on the same context if several operations are performed using the same parameters.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_PKEY_verify_recover_init() and EVP_PKEY_verify_recover() return 1 for success and 0 or a negative value for failure. In particular a return value of -2 indicates the operation is not supported by the public key algorithm.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Recover digest originally signed using PKCS#1 and SHA256 digest:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/rsa.h&gt;
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *rout, *sig;
+ size_t routlen, siglen;
+ EVP_PKEY *verify_key;
+
+ /*
+  * NB: assumes verify_key, sig and siglen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */);
+ if (!ctx)
+     /* Error occurred */
+ if (EVP_PKEY_verify_recover_init(ctx) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) &lt;= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) &lt;= 0)
+     /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_verify_recover(ctx, NULL, &amp;routlen, sig, siglen) &lt;= 0)
+     /* Error */
+
+ rout = OPENSSL_malloc(routlen);
+
+ if (!rout)
+     /* malloc failure */
+
+ if (EVP_PKEY_verify_recover(ctx, rout, &amp;routlen, sig, siglen) &lt;= 0)
+     /* Error */
+
+ /* Recovered data is routlen bytes written to buffer rout */</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_SealFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_SealFinal.html
new file mode 100644
index 000000000..448a73f8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_SealFinal.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SealInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                  unsigned char **ek, int *ekl, unsigned char *iv,
+                  EVP_PKEY **pubk, int npubk);
+ int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                    int *outl, unsigned char *in, int inl);
+ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP envelope routines are a high level interface to envelope encryption. They generate a random key and IV (if required) then &quot;envelope&quot; it by using public key encryption. Data can then be encrypted using this key.</p>
+
+<p>EVP_SealInit() initializes a cipher context <b>ctx</b> for encryption with cipher <b>type</b> using a random secret key and IV. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). The secret key is encrypted using one or more public keys, this allows the same encrypted data to be decrypted using any of the corresponding private keys. <b>ek</b> is an array of buffers where the public key encrypted secret key will be written, each buffer must contain enough room for the corresponding encrypted key: that is <b>ek[i]</b> must have room for <b>EVP_PKEY_size(pubk[i])</b> bytes. The actual size of each encrypted secret key is written to the array <b>ekl</b>. <b>pubk</b> is an array of <b>npubk</b> public keys.</p>
+
+<p>The <b>iv</b> parameter is a buffer where the generated IV is written to. It must contain enough room for the corresponding cipher&#39;s IV, as determined by (for example) EVP_CIPHER_iv_length(type).</p>
+
+<p>If the cipher does not require an IV then the <b>iv</b> parameter is ignored and can be <b>NULL</b>.</p>
+
+<p>EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as documented on the <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> manual page.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SealInit() returns 0 on error or <b>npubk</b> if successful.</p>
+
+<p>EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Because a random secret key is generated the random number generator must be seeded before calling EVP_SealInit().</p>
+
+<p>The public key must be RSA because it is the only OpenSSL public key algorithm that supports key transport.</p>
+
+<p>Envelope encryption is the usual method of using public key encryption on large amounts of data, this is because public key encryption is slow but symmetric encryption is fast. So symmetric encryption is used for bulk encryption and the small random symmetric key used is transferred using public key encryption.</p>
+
+<p>It is possible to call EVP_SealInit() twice in the same way as EVP_EncryptInit(). The first call should have <b>npubk</b> set to 0 and (after setting any cipher parameters) it should be called again with <b>type</b> set to NULL.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_OpenInit.html">EVP_OpenInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_SealInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_SealInit.html
new file mode 100644
index 000000000..448a73f8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_SealInit.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SealInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                  unsigned char **ek, int *ekl, unsigned char *iv,
+                  EVP_PKEY **pubk, int npubk);
+ int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                    int *outl, unsigned char *in, int inl);
+ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP envelope routines are a high level interface to envelope encryption. They generate a random key and IV (if required) then &quot;envelope&quot; it by using public key encryption. Data can then be encrypted using this key.</p>
+
+<p>EVP_SealInit() initializes a cipher context <b>ctx</b> for encryption with cipher <b>type</b> using a random secret key and IV. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). The secret key is encrypted using one or more public keys, this allows the same encrypted data to be decrypted using any of the corresponding private keys. <b>ek</b> is an array of buffers where the public key encrypted secret key will be written, each buffer must contain enough room for the corresponding encrypted key: that is <b>ek[i]</b> must have room for <b>EVP_PKEY_size(pubk[i])</b> bytes. The actual size of each encrypted secret key is written to the array <b>ekl</b>. <b>pubk</b> is an array of <b>npubk</b> public keys.</p>
+
+<p>The <b>iv</b> parameter is a buffer where the generated IV is written to. It must contain enough room for the corresponding cipher&#39;s IV, as determined by (for example) EVP_CIPHER_iv_length(type).</p>
+
+<p>If the cipher does not require an IV then the <b>iv</b> parameter is ignored and can be <b>NULL</b>.</p>
+
+<p>EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as documented on the <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> manual page.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SealInit() returns 0 on error or <b>npubk</b> if successful.</p>
+
+<p>EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Because a random secret key is generated the random number generator must be seeded before calling EVP_SealInit().</p>
+
+<p>The public key must be RSA because it is the only OpenSSL public key algorithm that supports key transport.</p>
+
+<p>Envelope encryption is the usual method of using public key encryption on large amounts of data, this is because public key encryption is slow but symmetric encryption is fast. So symmetric encryption is used for bulk encryption and the small random symmetric key used is transferred using public key encryption.</p>
+
+<p>It is possible to call EVP_SealInit() twice in the same way as EVP_EncryptInit(). The first call should have <b>npubk</b> set to 0 and (after setting any cipher parameters) it should be called again with <b>type</b> set to NULL.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_OpenInit.html">EVP_OpenInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_SealUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_SealUpdate.html
new file mode 100644
index 000000000..448a73f8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_SealUpdate.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SealInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                  unsigned char **ek, int *ekl, unsigned char *iv,
+                  EVP_PKEY **pubk, int npubk);
+ int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                    int *outl, unsigned char *in, int inl);
+ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP envelope routines are a high level interface to envelope encryption. They generate a random key and IV (if required) then &quot;envelope&quot; it by using public key encryption. Data can then be encrypted using this key.</p>
+
+<p>EVP_SealInit() initializes a cipher context <b>ctx</b> for encryption with cipher <b>type</b> using a random secret key and IV. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). The secret key is encrypted using one or more public keys, this allows the same encrypted data to be decrypted using any of the corresponding private keys. <b>ek</b> is an array of buffers where the public key encrypted secret key will be written, each buffer must contain enough room for the corresponding encrypted key: that is <b>ek[i]</b> must have room for <b>EVP_PKEY_size(pubk[i])</b> bytes. The actual size of each encrypted secret key is written to the array <b>ekl</b>. <b>pubk</b> is an array of <b>npubk</b> public keys.</p>
+
+<p>The <b>iv</b> parameter is a buffer where the generated IV is written to. It must contain enough room for the corresponding cipher&#39;s IV, as determined by (for example) EVP_CIPHER_iv_length(type).</p>
+
+<p>If the cipher does not require an IV then the <b>iv</b> parameter is ignored and can be <b>NULL</b>.</p>
+
+<p>EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as documented on the <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> manual page.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SealInit() returns 0 on error or <b>npubk</b> if successful.</p>
+
+<p>EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Because a random secret key is generated the random number generator must be seeded before calling EVP_SealInit().</p>
+
+<p>The public key must be RSA because it is the only OpenSSL public key algorithm that supports key transport.</p>
+
+<p>Envelope encryption is the usual method of using public key encryption on large amounts of data, this is because public key encryption is slow but symmetric encryption is fast. So symmetric encryption is used for bulk encryption and the small random symmetric key used is transferred using public key encryption.</p>
+
+<p>It is possible to call EVP_SealInit() twice in the same way as EVP_EncryptInit(). The first call should have <b>npubk</b> set to 0 and (after setting any cipher parameters) it should be called again with <b>type</b> set to NULL.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_OpenInit.html">EVP_OpenInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_SignFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_SignFinal.html
new file mode 100644
index 000000000..f9348cbe6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_SignFinal.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_size, EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal, EVP_PKEY_security_bits - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
+
+ void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+ int EVP_PKEY_size(const EVP_PKEY *pkey);
+ int EVP_PKEY_security_bits(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_SignInit_ex() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_SignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_SignFinal() signs the data in <b>ctx</b> using the private key <b>pkey</b> and places the signature in <b>sig</b>. <b>sig</b> must be at least EVP_PKEY_size(pkey) bytes in size. <b>s</b> is an OUT parameter, and not used as an IN parameter. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at <b>s</b>, at most EVP_PKEY_size(pkey) bytes will be written.</p>
+
+<p>EVP_SignInit() initializes a signing context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual signature returned by EVP_SignFinal() may be smaller.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits of the given <b>pkey</b>, bits of security is defined in NIST SP800-57.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>When signing with DSA private keys the random number generator must be seeded or the operation will fail. The random number generator does not need to be seeded for RSA signatures.</p>
+
+<p>The call to EVP_SignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_SignUpdate() could not be made after calling EVP_SignFinal().</p>
+
+<p>Since the private key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_SignDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_SignInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_SignInit.html
new file mode 100644
index 000000000..f9348cbe6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_SignInit.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_size, EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal, EVP_PKEY_security_bits - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
+
+ void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+ int EVP_PKEY_size(const EVP_PKEY *pkey);
+ int EVP_PKEY_security_bits(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_SignInit_ex() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_SignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_SignFinal() signs the data in <b>ctx</b> using the private key <b>pkey</b> and places the signature in <b>sig</b>. <b>sig</b> must be at least EVP_PKEY_size(pkey) bytes in size. <b>s</b> is an OUT parameter, and not used as an IN parameter. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at <b>s</b>, at most EVP_PKEY_size(pkey) bytes will be written.</p>
+
+<p>EVP_SignInit() initializes a signing context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual signature returned by EVP_SignFinal() may be smaller.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits of the given <b>pkey</b>, bits of security is defined in NIST SP800-57.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>When signing with DSA private keys the random number generator must be seeded or the operation will fail. The random number generator does not need to be seeded for RSA signatures.</p>
+
+<p>The call to EVP_SignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_SignUpdate() could not be made after calling EVP_SignFinal().</p>
+
+<p>Since the private key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_SignDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_SignInit_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_SignInit_ex.html
new file mode 100644
index 000000000..f9348cbe6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_SignInit_ex.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_size, EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal, EVP_PKEY_security_bits - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
+
+ void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+ int EVP_PKEY_size(const EVP_PKEY *pkey);
+ int EVP_PKEY_security_bits(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_SignInit_ex() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_SignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_SignFinal() signs the data in <b>ctx</b> using the private key <b>pkey</b> and places the signature in <b>sig</b>. <b>sig</b> must be at least EVP_PKEY_size(pkey) bytes in size. <b>s</b> is an OUT parameter, and not used as an IN parameter. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at <b>s</b>, at most EVP_PKEY_size(pkey) bytes will be written.</p>
+
+<p>EVP_SignInit() initializes a signing context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual signature returned by EVP_SignFinal() may be smaller.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits of the given <b>pkey</b>, bits of security is defined in NIST SP800-57.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>When signing with DSA private keys the random number generator must be seeded or the operation will fail. The random number generator does not need to be seeded for RSA signatures.</p>
+
+<p>The call to EVP_SignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_SignUpdate() could not be made after calling EVP_SignFinal().</p>
+
+<p>Since the private key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_SignDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_SignUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_SignUpdate.html
new file mode 100644
index 000000000..f9348cbe6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_SignUpdate.html
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_SignInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_PKEY_size, EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal, EVP_PKEY_security_bits - EVP signing functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
+
+ void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+ int EVP_PKEY_size(const EVP_PKEY *pkey);
+ int EVP_PKEY_security_bits(const EVP_PKEY *pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature routines are a high level interface to digital signatures.</p>
+
+<p>EVP_SignInit_ex() sets up signing context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created with EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_SignUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the signature context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_SignFinal() signs the data in <b>ctx</b> using the private key <b>pkey</b> and places the signature in <b>sig</b>. <b>sig</b> must be at least EVP_PKEY_size(pkey) bytes in size. <b>s</b> is an OUT parameter, and not used as an IN parameter. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at <b>s</b>, at most EVP_PKEY_size(pkey) bytes will be written.</p>
+
+<p>EVP_SignInit() initializes a signing context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual signature returned by EVP_SignFinal() may be smaller.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits of the given <b>pkey</b>, bits of security is defined in NIST SP800-57.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 for success and 0 for failure.</p>
+
+<p>EVP_PKEY_size() returns the maximum size of a signature in bytes.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>EVP_PKEY_security_bits() returns the number of security bits.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>When signing with DSA private keys the random number generator must be seeded or the operation will fail. The random number generator does not need to be seeded for RSA signatures.</p>
+
+<p>The call to EVP_SignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called later to digest and sign additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_SignUpdate() could not be made after calling EVP_SignFinal().</p>
+
+<p>Since the private key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_SignDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyFinal.html b/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyFinal.html
new file mode 100644
index 000000000..3fa32b745
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyFinal.html
@@ -0,0 +1,93 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_VerifyInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_VerifyInit_ex, EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
+                     EVP_PKEY *pkey);
+
+ int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature verification routines are a high level interface to digital signatures.</p>
+
+<p>EVP_VerifyInit_ex() sets up verification context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created by calling EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_VerifyUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the verification context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_VerifyFinal() verifies the data in <b>ctx</b> using the public key <b>pkey</b> and against the <b>siglen</b> bytes at <b>sigbuf</b>.</p>
+
+<p>EVP_VerifyInit() initializes verification context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure.</p>
+
+<p>EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some other error occurred.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>The call to EVP_VerifyFinal() internally finalizes a copy of the digest context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().</p>
+
+<p>Since the public key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyInit.html b/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyInit.html
new file mode 100644
index 000000000..3fa32b745
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyInit.html
@@ -0,0 +1,93 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_VerifyInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_VerifyInit_ex, EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
+                     EVP_PKEY *pkey);
+
+ int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature verification routines are a high level interface to digital signatures.</p>
+
+<p>EVP_VerifyInit_ex() sets up verification context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created by calling EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_VerifyUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the verification context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_VerifyFinal() verifies the data in <b>ctx</b> using the public key <b>pkey</b> and against the <b>siglen</b> bytes at <b>sigbuf</b>.</p>
+
+<p>EVP_VerifyInit() initializes verification context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure.</p>
+
+<p>EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some other error occurred.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>The call to EVP_VerifyFinal() internally finalizes a copy of the digest context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().</p>
+
+<p>Since the public key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyInit_ex.html b/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyInit_ex.html
new file mode 100644
index 000000000..3fa32b745
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyInit_ex.html
@@ -0,0 +1,93 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_VerifyInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_VerifyInit_ex, EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
+                     EVP_PKEY *pkey);
+
+ int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature verification routines are a high level interface to digital signatures.</p>
+
+<p>EVP_VerifyInit_ex() sets up verification context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created by calling EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_VerifyUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the verification context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_VerifyFinal() verifies the data in <b>ctx</b> using the public key <b>pkey</b> and against the <b>siglen</b> bytes at <b>sigbuf</b>.</p>
+
+<p>EVP_VerifyInit() initializes verification context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure.</p>
+
+<p>EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some other error occurred.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>The call to EVP_VerifyFinal() internally finalizes a copy of the digest context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().</p>
+
+<p>Since the public key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyUpdate.html b/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyUpdate.html
new file mode 100644
index 000000000..3fa32b745
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_VerifyUpdate.html
@@ -0,0 +1,93 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_VerifyInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_VerifyInit_ex, EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
+                     EVP_PKEY *pkey);
+
+ int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP signature verification routines are a high level interface to digital signatures.</p>
+
+<p>EVP_VerifyInit_ex() sets up verification context <b>ctx</b> to use digest <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created by calling EVP_MD_CTX_new() before calling this function.</p>
+
+<p>EVP_VerifyUpdate() hashes <b>cnt</b> bytes of data at <b>d</b> into the verification context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to include additional data.</p>
+
+<p>EVP_VerifyFinal() verifies the data in <b>ctx</b> using the public key <b>pkey</b> and against the <b>siglen</b> bytes at <b>sigbuf</b>.</p>
+
+<p>EVP_VerifyInit() initializes verification context <b>ctx</b> to use the default implementation of digest <b>type</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure.</p>
+
+<p>EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some other error occurred.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible.</p>
+
+<p>The call to EVP_VerifyFinal() internally finalizes a copy of the digest context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data.</p>
+
+<p>Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak will occur.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Older versions of this documentation wrongly stated that calls to EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().</p>
+
+<p>Since the public key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().</p>
+
+<p>It is not possible to change the signing parameters using these function.</p>
+
+<p>The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man7/evp.html">evp(7)</a>, <a href="../man3/HMAC.html">HMAC(3)</a>, <a href="../man3/MD2.html">MD2(3)</a>, <a href="../man3/MD5.html">MD5(3)</a>, <a href="../man3/MDC2.html">MDC2(3)</a>, <a href="../man3/RIPEMD160.html">RIPEMD160(3)</a>, <a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man1/dgst.html">dgst(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc_hmac_sha1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc_hmac_sha1.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc_hmac_sha1.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc_hmac_sha256.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc_hmac_sha256.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cbc_hmac_sha256.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ccm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ccm.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ccm.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb1.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb1.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb128.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb128.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb8.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_cfb8.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ctr.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ctr.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ecb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ecb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_gcm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_gcm.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_gcm.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ocb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ocb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ocb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ofb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_ofb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_wrap.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_wrap.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_wrap.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_wrap_pad.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_wrap_pad.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_wrap_pad.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_xts.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_xts.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_128_xts.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cbc.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cbc.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ccm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ccm.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ccm.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb1.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb1.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb128.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb128.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb8.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_cfb8.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ctr.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ctr.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ecb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ecb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_gcm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_gcm.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_gcm.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ocb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ocb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ocb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ofb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_ofb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_wrap.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_wrap.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_wrap.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_wrap_pad.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_wrap_pad.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_192_wrap_pad.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc_hmac_sha1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc_hmac_sha1.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc_hmac_sha1.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc_hmac_sha256.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc_hmac_sha256.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cbc_hmac_sha256.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ccm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ccm.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ccm.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb1.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb1.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb128.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb128.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb8.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_cfb8.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ctr.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ctr.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ecb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ecb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_gcm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_gcm.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_gcm.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ocb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ocb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ocb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ofb.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_ofb.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_wrap.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_wrap.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_wrap.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_wrap_pad.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_wrap_pad.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_wrap_pad.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_xts.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_xts.html
new file mode 100644
index 000000000..b1a622366
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aes_256_xts.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aes_128_cbc, EVP_aes_192_cbc, EVP_aes_256_cbc, EVP_aes_128_cfb, EVP_aes_192_cfb, EVP_aes_256_cfb, EVP_aes_128_cfb1, EVP_aes_192_cfb1, EVP_aes_256_cfb1, EVP_aes_128_cfb8, EVP_aes_192_cfb8, EVP_aes_256_cfb8, EVP_aes_128_cfb128, EVP_aes_192_cfb128, EVP_aes_256_cfb128, EVP_aes_128_ctr, EVP_aes_192_ctr, EVP_aes_256_ctr, EVP_aes_128_ecb, EVP_aes_192_ecb, EVP_aes_256_ecb, EVP_aes_128_ofb, EVP_aes_192_ofb, EVP_aes_256_ofb, EVP_aes_128_cbc_hmac_sha1, EVP_aes_256_cbc_hmac_sha1, EVP_aes_128_cbc_hmac_sha256, EVP_aes_256_cbc_hmac_sha256, EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ocb, EVP_aes_192_ocb, EVP_aes_256_ocb, EVP_aes_128_wrap, EVP_aes_192_wrap, EVP_aes_256_wrap, EVP_aes_128_wrap_pad, EVP_aes_192_wrap_pad, EVP_aes_256_wrap_pad, EVP_aes_128_xts, EVP_aes_256_xts - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aes_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The AES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aes_128_cbc-EVP_aes_192_cbc-EVP_aes_256_cbc-EVP_aes_128_cfb-EVP_aes_192_cfb-EVP_aes_256_cfb-EVP_aes_128_cfb1-EVP_aes_192_cfb1-EVP_aes_256_cfb1-EVP_aes_128_cfb8-EVP_aes_192_cfb8-EVP_aes_256_cfb8-EVP_aes_128_cfb128-EVP_aes_192_cfb128-EVP_aes_256_cfb128-EVP_aes_128_ctr-EVP_aes_192_ctr-EVP_aes_256_ctr-EVP_aes_128_ecb-EVP_aes_192_ecb-EVP_aes_256_ecb-EVP_aes_128_ofb-EVP_aes_192_ofb-EVP_aes_256_ofb">EVP_aes_128_cbc(), EVP_aes_192_cbc(), EVP_aes_256_cbc(), EVP_aes_128_cfb(), EVP_aes_192_cfb(), EVP_aes_256_cfb(), EVP_aes_128_cfb1(), EVP_aes_192_cfb1(), EVP_aes_256_cfb1(), EVP_aes_128_cfb8(), EVP_aes_192_cfb8(), EVP_aes_256_cfb8(), EVP_aes_128_cfb128(), EVP_aes_192_cfb128(), EVP_aes_256_cfb128(), EVP_aes_128_ctr(), EVP_aes_192_ctr(), EVP_aes_256_ctr(), EVP_aes_128_ecb(), EVP_aes_192_ecb(), EVP_aes_256_ecb(), EVP_aes_128_ofb(), EVP_aes_192_ofb(), EVP_aes_256_ofb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB, and OFB.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha1-EVP_aes_256_cbc_hmac_sha1">EVP_aes_128_cbc_hmac_sha1(), EVP_aes_256_cbc_hmac_sha1()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 160 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_cbc_hmac_sha256-EVP_aes_256_cbc_hmac_sha256">EVP_aes_128_cbc_hmac_sha256(), EVP_aes_256_cbc_hmac_sha256()</dt>
+<dd>
+
+<p>Authenticated encryption with AES in CBC mode using SHA256 (SHA-2, 256-bits) as HMAC, with keys of 128 and 256 bits length respectively. The authentication tag is 256 bits long.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+<dt id="EVP_aes_128_ccm-EVP_aes_192_ccm-EVP_aes_256_ccm-EVP_aes_128_gcm-EVP_aes_192_gcm-EVP_aes_256_gcm-EVP_aes_128_ocb-EVP_aes_192_ocb-EVP_aes_256_ocb">EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm(), EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm(), EVP_aes_128_ocb(), EVP_aes_192_ocb(), EVP_aes_256_ocb()</dt>
+<dd>
+
+<p>AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+<dt id="EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_128_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_192_wrap_pad-EVP_aes_128_wrap-EVP_aes_192_wrap-EVP_aes_256_wrap-EVP_aes_256_wrap_pad">EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_128_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_192_wrap_pad(), EVP_aes_128_wrap(), EVP_aes_192_wrap(), EVP_aes_256_wrap(), EVP_aes_256_wrap_pad()</dt>
+<dd>
+
+<p>AES key wrap with 128, 192 and 256 bit keys, as according to RFC 3394 section 2.2.1 (&quot;wrap&quot;) and RFC 5649 section 4.1 (&quot;wrap with padding&quot;) respectively.</p>
+
+</dd>
+<dt id="EVP_aes_128_xts-EVP_aes_256_xts">EVP_aes_128_xts(), EVP_aes_256_xts()</dt>
+<dd>
+
+<p>AES XTS mode (XTS-AES) is standardized in IEEE Std. 1619-2007 and described in NIST SP 800-38E. The XTS (XEX-based tweaked-codebook mode with ciphertext stealing) mode was designed by Prof. Phillip Rogaway of University of California, Davis, intended for encrypting data on a storage device.</p>
+
+<p>XTS-AES provides confidentiality but not authentication of data. It also requires a key of double-length for protection of a certain key size. In particular, XTS-AES-128 (<b>EVP_aes_128_xts</b>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (<b>EVP_aes_256_xts</b>) takes input of a 512-bit key to achieve AES 256-bit security.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cbc.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cbc.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ccm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ccm.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ccm.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb1.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb1.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb128.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb128.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb8.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_cfb8.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ctr.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ctr.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ecb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ecb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_gcm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_gcm.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_gcm.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ofb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_128_ofb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cbc.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cbc.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ccm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ccm.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ccm.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb1.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb1.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb128.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb128.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb8.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_cfb8.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ctr.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ctr.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ecb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ecb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_gcm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_gcm.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_gcm.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ofb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_192_ofb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cbc.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cbc.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ccm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ccm.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ccm.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb1.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb1.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb128.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb128.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb8.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_cfb8.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ctr.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ctr.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ecb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ecb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_gcm.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_gcm.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_gcm.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ofb.html
new file mode 100644
index 000000000..ac7454221
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_aria_256_ofb.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_aria</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_aria_128_cbc, EVP_aria_192_cbc, EVP_aria_256_cbc, EVP_aria_128_cfb, EVP_aria_192_cfb, EVP_aria_256_cfb, EVP_aria_128_cfb1, EVP_aria_192_cfb1, EVP_aria_256_cfb1, EVP_aria_128_cfb8, EVP_aria_192_cfb8, EVP_aria_256_cfb8, EVP_aria_128_cfb128, EVP_aria_192_cfb128, EVP_aria_256_cfb128, EVP_aria_128_ctr, EVP_aria_192_ctr, EVP_aria_256_ctr, EVP_aria_128_ecb, EVP_aria_192_ecb, EVP_aria_256_ecb, EVP_aria_128_ofb, EVP_aria_192_ofb, EVP_aria_256_ofb, EVP_aria_128_ccm, EVP_aria_192_ccm, EVP_aria_256_ccm, EVP_aria_128_gcm, EVP_aria_192_gcm, EVP_aria_256_gcm, - EVP AES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_aria_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ARIA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_aria_128_cbc-EVP_aria_192_cbc-EVP_aria_256_cbc-EVP_aria_128_cfb-EVP_aria_192_cfb-EVP_aria_256_cfb-EVP_aria_128_cfb1-EVP_aria_192_cfb1-EVP_aria_256_cfb1-EVP_aria_128_cfb8-EVP_aria_192_cfb8-EVP_aria_256_cfb8-EVP_aria_128_cfb128-EVP_aria_192_cfb128-EVP_aria_256_cfb128-EVP_aria_128_ctr-EVP_aria_192_ctr-EVP_aria_256_ctr-EVP_aria_128_ecb-EVP_aria_192_ecb-EVP_aria_256_ecb-EVP_aria_128_ofb-EVP_aria_192_ofb-EVP_aria_256_ofb">EVP_aria_128_cbc(), EVP_aria_192_cbc(), EVP_aria_256_cbc(), EVP_aria_128_cfb(), EVP_aria_192_cfb(), EVP_aria_256_cfb(), EVP_aria_128_cfb1(), EVP_aria_192_cfb1(), EVP_aria_256_cfb1(), EVP_aria_128_cfb8(), EVP_aria_192_cfb8(), EVP_aria_256_cfb8(), EVP_aria_128_cfb128(), EVP_aria_192_cfb128(), EVP_aria_256_cfb128(), EVP_aria_128_ctr(), EVP_aria_192_ctr(), EVP_aria_256_ctr(), EVP_aria_128_ecb(), EVP_aria_192_ecb(), EVP_aria_256_ecb(), EVP_aria_128_ofb(), EVP_aria_192_ofb(), EVP_aria_256_ofb()</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+<dt id="EVP_aria_128_ccm-EVP_aria_192_ccm-EVP_aria_256_ccm-EVP_aria_128_gcm-EVP_aria_192_gcm-EVP_aria_256_gcm">EVP_aria_128_ccm(), EVP_aria_192_ccm(), EVP_aria_256_ccm(), EVP_aria_128_gcm(), EVP_aria_192_gcm(), EVP_aria_256_gcm(),</dt>
+<dd>
+
+<p>ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function correctly, see the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for details.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cbc.html
new file mode 100644
index 000000000..cd09ea181
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cbc.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_bf_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_bf_cbc, EVP_bf_cfb, EVP_bf_cfb64, EVP_bf_ecb, EVP_bf_ofb - EVP Blowfish cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_bf_cbc(void)
+ const EVP_CIPHER *EVP_bf_cfb(void)
+ const EVP_CIPHER *EVP_bf_cfb64(void)
+ const EVP_CIPHER *EVP_bf_ecb(void)
+ const EVP_CIPHER *EVP_bf_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Blowfish encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_bf_cbc-EVP_bf_cfb-EVP_bf_cfb64-EVP_bf_ecb-EVP_bf_ofb">EVP_bf_cbc(), EVP_bf_cfb(), EVP_bf_cfb64(), EVP_bf_ecb(), EVP_bf_ofb()</dt>
+<dd>
+
+<p>Blowfish encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cfb.html
new file mode 100644
index 000000000..cd09ea181
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cfb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_bf_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_bf_cbc, EVP_bf_cfb, EVP_bf_cfb64, EVP_bf_ecb, EVP_bf_ofb - EVP Blowfish cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_bf_cbc(void)
+ const EVP_CIPHER *EVP_bf_cfb(void)
+ const EVP_CIPHER *EVP_bf_cfb64(void)
+ const EVP_CIPHER *EVP_bf_ecb(void)
+ const EVP_CIPHER *EVP_bf_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Blowfish encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_bf_cbc-EVP_bf_cfb-EVP_bf_cfb64-EVP_bf_ecb-EVP_bf_ofb">EVP_bf_cbc(), EVP_bf_cfb(), EVP_bf_cfb64(), EVP_bf_ecb(), EVP_bf_ofb()</dt>
+<dd>
+
+<p>Blowfish encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cfb64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cfb64.html
new file mode 100644
index 000000000..cd09ea181
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_cfb64.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_bf_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_bf_cbc, EVP_bf_cfb, EVP_bf_cfb64, EVP_bf_ecb, EVP_bf_ofb - EVP Blowfish cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_bf_cbc(void)
+ const EVP_CIPHER *EVP_bf_cfb(void)
+ const EVP_CIPHER *EVP_bf_cfb64(void)
+ const EVP_CIPHER *EVP_bf_ecb(void)
+ const EVP_CIPHER *EVP_bf_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Blowfish encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_bf_cbc-EVP_bf_cfb-EVP_bf_cfb64-EVP_bf_ecb-EVP_bf_ofb">EVP_bf_cbc(), EVP_bf_cfb(), EVP_bf_cfb64(), EVP_bf_ecb(), EVP_bf_ofb()</dt>
+<dd>
+
+<p>Blowfish encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_bf_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_ecb.html
new file mode 100644
index 000000000..cd09ea181
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_ecb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_bf_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_bf_cbc, EVP_bf_cfb, EVP_bf_cfb64, EVP_bf_ecb, EVP_bf_ofb - EVP Blowfish cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_bf_cbc(void)
+ const EVP_CIPHER *EVP_bf_cfb(void)
+ const EVP_CIPHER *EVP_bf_cfb64(void)
+ const EVP_CIPHER *EVP_bf_ecb(void)
+ const EVP_CIPHER *EVP_bf_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Blowfish encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_bf_cbc-EVP_bf_cfb-EVP_bf_cfb64-EVP_bf_ecb-EVP_bf_ofb">EVP_bf_cbc(), EVP_bf_cfb(), EVP_bf_cfb64(), EVP_bf_ecb(), EVP_bf_ofb()</dt>
+<dd>
+
+<p>Blowfish encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_bf_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_ofb.html
new file mode 100644
index 000000000..cd09ea181
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_bf_ofb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_bf_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_bf_cbc, EVP_bf_cfb, EVP_bf_cfb64, EVP_bf_ecb, EVP_bf_ofb - EVP Blowfish cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_bf_cbc(void)
+ const EVP_CIPHER *EVP_bf_cfb(void)
+ const EVP_CIPHER *EVP_bf_cfb64(void)
+ const EVP_CIPHER *EVP_bf_ecb(void)
+ const EVP_CIPHER *EVP_bf_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Blowfish encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_bf_cbc-EVP_bf_cfb-EVP_bf_cfb64-EVP_bf_ecb-EVP_bf_ofb">EVP_bf_cbc(), EVP_bf_cfb(), EVP_bf_cfb64(), EVP_bf_ecb(), EVP_bf_ofb()</dt>
+<dd>
+
+<p>Blowfish encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_blake2b512.html b/msys2/usr/share/doc/openssl/html/man3/EVP_blake2b512.html
new file mode 100644
index 000000000..e393e458e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_blake2b512.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_blake2b512</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_blake2b512, EVP_blake2s256 - BLAKE2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_blake2b512(void);
+ const EVP_MD *EVP_blake2s256(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BLAKE2 is an improved version of BLAKE, which was submitted to the NIST SHA-3 algorithm competition. The BLAKE2s and BLAKE2b algorithms are described in RFC 7693.</p>
+
+<dl>
+
+<dt id="EVP_blake2s256">EVP_blake2s256()</dt>
+<dd>
+
+<p>The BLAKE2s algorithm that produces a 256-bit output from a given input.</p>
+
+</dd>
+<dt id="EVP_blake2b512">EVP_blake2b512()</dt>
+<dd>
+
+<p>The BLAKE2b algorithm that produces a 512-bit output from a given input.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 7693.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While the BLAKE2b and BLAKE2s algorithms supports a variable length digest, this implementation outputs a digest of a fixed length (the maximum length supported), which is 512-bits for BLAKE2b and 256-bits for BLAKE2s.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_blake2s256.html b/msys2/usr/share/doc/openssl/html/man3/EVP_blake2s256.html
new file mode 100644
index 000000000..e393e458e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_blake2s256.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_blake2b512</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_blake2b512, EVP_blake2s256 - BLAKE2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_blake2b512(void);
+ const EVP_MD *EVP_blake2s256(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>BLAKE2 is an improved version of BLAKE, which was submitted to the NIST SHA-3 algorithm competition. The BLAKE2s and BLAKE2b algorithms are described in RFC 7693.</p>
+
+<dl>
+
+<dt id="EVP_blake2s256">EVP_blake2s256()</dt>
+<dd>
+
+<p>The BLAKE2s algorithm that produces a 256-bit output from a given input.</p>
+
+</dd>
+<dt id="EVP_blake2b512">EVP_blake2b512()</dt>
+<dd>
+
+<p>The BLAKE2b algorithm that produces a 512-bit output from a given input.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 7693.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While the BLAKE2b and BLAKE2s algorithms supports a variable length digest, this implementation outputs a digest of a fixed length (the maximum length supported), which is 512-bits for BLAKE2b and 256-bits for BLAKE2s.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cbc.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cbc.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb1.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb1.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb128.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb128.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb8.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb8.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ctr.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ctr.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ecb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ecb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ofb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_128_ofb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cbc.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cbc.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb1.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb1.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb128.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb128.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb8.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb8.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ctr.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ctr.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ecb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ecb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ofb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_192_ofb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cbc.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cbc.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb1.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb1.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb128.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb128.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb8.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb8.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ctr.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ctr.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ecb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ecb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ofb.html
new file mode 100644
index 000000000..f9d8bcac1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_camellia_256_ofb.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_camellia</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_camellia_128_cbc, EVP_camellia_192_cbc, EVP_camellia_256_cbc, EVP_camellia_128_cfb, EVP_camellia_192_cfb, EVP_camellia_256_cfb, EVP_camellia_128_cfb1, EVP_camellia_192_cfb1, EVP_camellia_256_cfb1, EVP_camellia_128_cfb8, EVP_camellia_192_cfb8, EVP_camellia_256_cfb8, EVP_camellia_128_cfb128, EVP_camellia_192_cfb128, EVP_camellia_256_cfb128, EVP_camellia_128_ctr, EVP_camellia_192_ctr, EVP_camellia_256_ctr, EVP_camellia_128_ecb, EVP_camellia_192_ecb, EVP_camellia_256_ecb, EVP_camellia_128_ofb, EVP_camellia_192_ofb, EVP_camellia_256_ofb - EVP Camellia cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_camellia_128_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The Camellia encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_camellia_128_cbc-EVP_camellia_192_cbc-EVP_camellia_256_cbc-EVP_camellia_128_cfb-EVP_camellia_192_cfb-EVP_camellia_256_cfb-EVP_camellia_128_cfb1-EVP_camellia_192_cfb1-EVP_camellia_256_cfb1-EVP_camellia_128_cfb8-EVP_camellia_192_cfb8-EVP_camellia_256_cfb8-EVP_camellia_128_cfb128-EVP_camellia_192_cfb128-EVP_camellia_256_cfb128-EVP_camellia_128_ctr-EVP_camellia_192_ctr-EVP_camellia_256_ctr-EVP_camellia_128_ecb-EVP_camellia_192_ecb-EVP_camellia_256_ecb-EVP_camellia_128_ofb-EVP_camellia_192_ofb-EVP_camellia_256_ofb">EVP_camellia_128_cbc(), EVP_camellia_192_cbc(), EVP_camellia_256_cbc(), EVP_camellia_128_cfb(), EVP_camellia_192_cfb(), EVP_camellia_256_cfb(), EVP_camellia_128_cfb1(), EVP_camellia_192_cfb1(), EVP_camellia_256_cfb1(), EVP_camellia_128_cfb8(), EVP_camellia_192_cfb8(), EVP_camellia_256_cfb8(), EVP_camellia_128_cfb128(), EVP_camellia_192_cfb128(), EVP_camellia_256_cfb128(), EVP_camellia_128_ctr(), EVP_camellia_192_ctr(), EVP_camellia_256_ctr(), EVP_camellia_128_ecb(), EVP_camellia_192_ecb(), EVP_camellia_256_ecb(), EVP_camellia_128_ofb(), EVP_camellia_192_ofb(), EVP_camellia_256_ofb()</dt>
+<dd>
+
+<p>Camellia for 128, 192 and 256 bit keys in the following modes: CBC, CFB with 128-bit shift, CFB with 1-bit shift, CFB with 8-bit shift, CTR, ECB and OFB.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cbc.html
new file mode 100644
index 000000000..7f7d36c65
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cbc.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_cast5_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_cast5_cbc, EVP_cast5_cfb, EVP_cast5_cfb64, EVP_cast5_ecb, EVP_cast5_ofb - EVP CAST cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_cast5_cbc(void)
+ const EVP_CIPHER *EVP_cast5_cfb(void)
+ const EVP_CIPHER *EVP_cast5_cfb64(void)
+ const EVP_CIPHER *EVP_cast5_ecb(void)
+ const EVP_CIPHER *EVP_cast5_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The CAST encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_cast5_cbc-EVP_cast5_ecb-EVP_cast5_cfb-EVP_cast5_cfb64-EVP_cast5_ofb">EVP_cast5_cbc(), EVP_cast5_ecb(), EVP_cast5_cfb(), EVP_cast5_cfb64(), EVP_cast5_ofb()</dt>
+<dd>
+
+<p>CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cfb.html
new file mode 100644
index 000000000..7f7d36c65
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cfb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_cast5_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_cast5_cbc, EVP_cast5_cfb, EVP_cast5_cfb64, EVP_cast5_ecb, EVP_cast5_ofb - EVP CAST cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_cast5_cbc(void)
+ const EVP_CIPHER *EVP_cast5_cfb(void)
+ const EVP_CIPHER *EVP_cast5_cfb64(void)
+ const EVP_CIPHER *EVP_cast5_ecb(void)
+ const EVP_CIPHER *EVP_cast5_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The CAST encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_cast5_cbc-EVP_cast5_ecb-EVP_cast5_cfb-EVP_cast5_cfb64-EVP_cast5_ofb">EVP_cast5_cbc(), EVP_cast5_ecb(), EVP_cast5_cfb(), EVP_cast5_cfb64(), EVP_cast5_ofb()</dt>
+<dd>
+
+<p>CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cfb64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cfb64.html
new file mode 100644
index 000000000..7f7d36c65
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_cfb64.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_cast5_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_cast5_cbc, EVP_cast5_cfb, EVP_cast5_cfb64, EVP_cast5_ecb, EVP_cast5_ofb - EVP CAST cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_cast5_cbc(void)
+ const EVP_CIPHER *EVP_cast5_cfb(void)
+ const EVP_CIPHER *EVP_cast5_cfb64(void)
+ const EVP_CIPHER *EVP_cast5_ecb(void)
+ const EVP_CIPHER *EVP_cast5_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The CAST encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_cast5_cbc-EVP_cast5_ecb-EVP_cast5_cfb-EVP_cast5_cfb64-EVP_cast5_ofb">EVP_cast5_cbc(), EVP_cast5_ecb(), EVP_cast5_cfb(), EVP_cast5_cfb64(), EVP_cast5_ofb()</dt>
+<dd>
+
+<p>CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_ecb.html
new file mode 100644
index 000000000..7f7d36c65
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_ecb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_cast5_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_cast5_cbc, EVP_cast5_cfb, EVP_cast5_cfb64, EVP_cast5_ecb, EVP_cast5_ofb - EVP CAST cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_cast5_cbc(void)
+ const EVP_CIPHER *EVP_cast5_cfb(void)
+ const EVP_CIPHER *EVP_cast5_cfb64(void)
+ const EVP_CIPHER *EVP_cast5_ecb(void)
+ const EVP_CIPHER *EVP_cast5_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The CAST encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_cast5_cbc-EVP_cast5_ecb-EVP_cast5_cfb-EVP_cast5_cfb64-EVP_cast5_ofb">EVP_cast5_cbc(), EVP_cast5_ecb(), EVP_cast5_cfb(), EVP_cast5_cfb64(), EVP_cast5_ofb()</dt>
+<dd>
+
+<p>CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_ofb.html
new file mode 100644
index 000000000..7f7d36c65
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_cast5_ofb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_cast5_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_cast5_cbc, EVP_cast5_cfb, EVP_cast5_cfb64, EVP_cast5_ecb, EVP_cast5_ofb - EVP CAST cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_cast5_cbc(void)
+ const EVP_CIPHER *EVP_cast5_cfb(void)
+ const EVP_CIPHER *EVP_cast5_cfb64(void)
+ const EVP_CIPHER *EVP_cast5_ecb(void)
+ const EVP_CIPHER *EVP_cast5_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The CAST encryption algorithm for EVP.</p>
+
+<p>This is a variable key length cipher.</p>
+
+<dl>
+
+<dt id="EVP_cast5_cbc-EVP_cast5_ecb-EVP_cast5_cfb-EVP_cast5_cfb64-EVP_cast5_ofb">EVP_cast5_cbc(), EVP_cast5_ecb(), EVP_cast5_cfb(), EVP_cast5_cfb64(), EVP_cast5_ofb()</dt>
+<dd>
+
+<p>CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_chacha20.html b/msys2/usr/share/doc/openssl/html/man3/EVP_chacha20.html
new file mode 100644
index 000000000..02b66daf3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_chacha20.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_chacha20</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_chacha20, EVP_chacha20_poly1305 - EVP ChaCha20 stream cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_chacha20(void)
+ const EVP_CIPHER *EVP_chacha20_poly1305(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ChaCha20 stream cipher for EVP.</p>
+
+<dl>
+
+<dt id="EVP_chacha20">EVP_chacha20()</dt>
+<dd>
+
+<p>The ChaCha20 stream cipher. The key length is 256 bits, the IV is 96 bits long.</p>
+
+</dd>
+<dt id="EVP_chacha20_poly1305">EVP_chacha20_poly1305()</dt>
+<dd>
+
+<p>Authenticated encryption with ChaCha20-Poly1305. Like EVP_chacha20(), the key is 256 bits and the IV is 96 bits. This supports additional authenticated data (AAD) and produces a 128-bit authentication tag. See the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for more information.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_chacha20_poly1305.html b/msys2/usr/share/doc/openssl/html/man3/EVP_chacha20_poly1305.html
new file mode 100644
index 000000000..02b66daf3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_chacha20_poly1305.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_chacha20</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_chacha20, EVP_chacha20_poly1305 - EVP ChaCha20 stream cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_chacha20(void)
+ const EVP_CIPHER *EVP_chacha20_poly1305(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ChaCha20 stream cipher for EVP.</p>
+
+<dl>
+
+<dt id="EVP_chacha20">EVP_chacha20()</dt>
+<dd>
+
+<p>The ChaCha20 stream cipher. The key length is 256 bits, the IV is 96 bits long.</p>
+
+</dd>
+<dt id="EVP_chacha20_poly1305">EVP_chacha20_poly1305()</dt>
+<dd>
+
+<p>Authenticated encryption with ChaCha20-Poly1305. Like EVP_chacha20(), the key is 256 bits and the IV is 96 bits. This supports additional authenticated data (AAD) and produces a 128-bit authentication tag. See the <a href="../man3/EVP_EncryptInit.html">&quot;AEAD Interface&quot; in EVP_EncryptInit(3)</a> section for more information.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/EVP_cleanup.html
new file mode 100644
index 000000000..5d423fd38
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_cleanup.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OpenSSL_add_all_algorithms</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests, EVP_cleanup - add algorithms to internal table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> # if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OpenSSL_add_all_algorithms(void);
+ void OpenSSL_add_all_ciphers(void);
+ void OpenSSL_add_all_digests(void);
+
+ void EVP_cleanup(void)
+# endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL keeps an internal table of digest algorithms and ciphers. It uses this table to lookup ciphers via functions such as EVP_get_cipher_byname().</p>
+
+<p>OpenSSL_add_all_digests() adds all digest algorithms to the table.</p>
+
+<p>OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and ciphers).</p>
+
+<p>OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including password based encryption algorithms.</p>
+
+<p>In versions prior to 1.1.0 EVP_cleanup() removed all ciphers and digests from the table. It no longer has any effect in OpenSSL 1.1.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OpenSSL_add_all_algorithms(), OpenSSL_add_all_ciphers(), OpenSSL_add_all_digests(), and EVP_cleanup(), functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cbc.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cbc.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb1.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb1.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb64.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb64.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb8.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_cfb8.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ecb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ecb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cbc.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cbc.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb1.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb1.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb64.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb64.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb8.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb8.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb8.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_ecb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_ecb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_ofb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_ofb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_wrap.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_wrap.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede3_wrap.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cbc.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cbc.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cfb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cfb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cfb64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cfb64.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_cfb64.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_ecb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_ecb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_ofb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ede_ofb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_des_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ofb.html
new file mode 100644
index 000000000..66f7199b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_des_ofb.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_des</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_des_cbc, EVP_des_cfb, EVP_des_cfb1, EVP_des_cfb8, EVP_des_cfb64, EVP_des_ecb, EVP_des_ofb, EVP_des_ede, EVP_des_ede_cbc, EVP_des_ede_cfb, EVP_des_ede_cfb64, EVP_des_ede_ecb, EVP_des_ede_ofb, EVP_des_ede3, EVP_des_ede3_cbc, EVP_des_ede3_cfb, EVP_des_ede3_cfb1, EVP_des_ede3_cfb8, EVP_des_ede3_cfb64, EVP_des_ede3_ecb, EVP_des_ede3_ofb, EVP_des_ede3_wrap - EVP DES cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_ciphername(void)</code></pre>
+
+<p><i>EVP_ciphername</i> is used a placeholder for any of the described cipher functions, such as <i>EVP_des_cbc</i>.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_des_cbc-EVP_des_ecb-EVP_des_cfb-EVP_des_cfb1-EVP_des_cfb8-EVP_des_cfb64-EVP_des_ofb">EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_cfb1(), EVP_des_cfb8(), EVP_des_cfb64(), EVP_des_ofb()</dt>
+<dd>
+
+<p>DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede-EVP_des_ede_cbc-EVP_des_ede_cfb-EVP_des_ede_cfb64-EVP_des_ede_ecb-EVP_des_ede_ofb">EVP_des_ede(), EVP_des_ede_cbc(), EVP_des_ede_cfb(), EVP_des_ede_cfb64(), EVP_des_ede_ecb(), EVP_des_ede_ofb()</dt>
+<dd>
+
+<p>Two key triple DES in ECB, CBC, CFB with 64-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3-EVP_des_ede3_cbc-EVP_des_ede3_cfb-EVP_des_ede3_cfb1-EVP_des_ede3_cfb8-EVP_des_ede3_cfb64-EVP_des_ede3_ecb-EVP_des_ede3_ofb">EVP_des_ede3(), EVP_des_ede3_cbc(), EVP_des_ede3_cfb(), EVP_des_ede3_cfb1(), EVP_des_ede3_cfb8(), EVP_des_ede3_cfb64(), EVP_des_ede3_ecb(), EVP_des_ede3_ofb()</dt>
+<dd>
+
+<p>Three-key triple DES in ECB, CBC, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit shift and OFB modes.</p>
+
+</dd>
+<dt id="EVP_des_ede3_wrap">EVP_des_ede3_wrap()</dt>
+<dd>
+
+<p>Triple-DES key wrap according to RFC 3217 Section 3.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_desx_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_desx_cbc.html
new file mode 100644
index 000000000..43b5d1a6a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_desx_cbc.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_desx_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_desx_cbc - EVP DES-X cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_desx_cbc(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The DES-X encryption algorithm for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128-bits.</p>
+
+<dl>
+
+<dt id="EVP_desx_cbc">EVP_desx_cbc()</dt>
+<dd>
+
+<p>The DES-X algorithm in CBC mode.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_enc_null.html b/msys2/usr/share/doc/openssl/html/man3/EVP_enc_null.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_enc_null.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbyname.html b/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbyname.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbyname.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbynid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbynid.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbynid.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbyobj.html b/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbyobj.html
new file mode 100644
index 000000000..0b602bfe9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_get_cipherbyobj.html
@@ -0,0 +1,465 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_EncryptInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CIPHER-LISTING">CIPHER LISTING</a></li>
+  <li><a href="#AEAD-Interface">AEAD Interface</a>
+    <ul>
+      <li><a href="#GCM-and-OCB-Modes">GCM and OCB Modes</a></li>
+      <li><a href="#CCM-Mode">CCM Mode</a></li>
+      <li><a href="#ChaCha20-Poly1305">ChaCha20-Poly1305</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, EVP_CIPHER_CTX_set_padding, EVP_enc_null - EVP cipher routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                        ENGINE *impl, const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       int *outl, const unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                       ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      int *outl, const unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                     const unsigned char *key, const unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                    const unsigned char *key, const unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid);
+ const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *a);
+
+ int EVP_CIPHER_nid(const EVP_CIPHER *e);
+ int EVP_CIPHER_block_size(const EVP_CIPHER *e);
+ int EVP_CIPHER_key_length(const EVP_CIPHER *e);
+ int EVP_CIPHER_iv_length(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *e);
+ unsigned long EVP_CIPHER_mode(const EVP_CIPHER *e);
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+ void EVP_CIPHER_CTX_set_app_data(const EVP_CIPHER_CTX *ctx, void *data);
+ int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);
+ int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP cipher routines are a high level interface to certain symmetric ciphers.</p>
+
+<p>EVP_CIPHER_CTX_new() creates a cipher context.</p>
+
+<p>EVP_CIPHER_CTX_free() clears all information from a cipher context and free up any allocated memory associate with it, including <b>ctx</b> itself. This function should be called after all operations using a cipher are complete so sensitive information does not remain in memory.</p>
+
+<p>EVP_EncryptInit_ex() sets up cipher context <b>ctx</b> for encryption with cipher <b>type</b> from ENGINE <b>impl</b>. <b>ctx</b> must be created before calling this function. <b>type</b> is normally supplied by a function such as EVP_aes_256_cbc(). If <b>impl</b> is NULL then the default implementation is used. <b>key</b> is the symmetric key to use and <b>iv</b> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set all parameters to NULL except <b>type</b> in an initial call and supply the remaining parameters in subsequent calls, all of which have <b>type</b> set to NULL. This is done when the default cipher parameters are not appropriate.</p>
+
+<p>EVP_EncryptUpdate() encrypts <b>inl</b> bytes from the buffer <b>in</b> and writes the encrypted version to <b>out</b>. This function can be called multiple times to encrypt successive blocks of data. The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so <b>out</b> should contain sufficient room. The actual number of bytes written is placed in <b>outl</b>. It also checks if <b>in</b> and <b>out</b> are partially overlapping, and if they are 0 is returned to indicate failure.</p>
+
+<p>If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the &quot;final&quot; data, that is any data that remains in a partial block. It uses standard block padding (aka PKCS padding) as described in the NOTES section, below. The encrypted final data is written to <b>out</b> which should have sufficient space for one cipher block. The number of bytes written is placed in <b>outl</b>. After this function is called the encryption operation is finished and no further calls to EVP_EncryptUpdate() should be made.</p>
+
+<p>If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more data and it will return an error if any data remains in a partial block: that is if the total data length is not a multiple of the block size.</p>
+
+<p>EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer <b>out</b> passed to EVP_DecryptUpdate() should have sufficient room for (<b>inl</b> + cipher_block_size) bytes unless the cipher block size is 1 in which case <b>inl</b> bytes is sufficient.</p>
+
+<p>EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are functions that can be used for decryption or encryption. The operation performed depends on the value of the <b>enc</b> parameter. It should be set to 1 for encryption, 0 for decryption and -1 to leave the value unchanged (the actual value of &#39;enc&#39; being supplied in a previous call).</p>
+
+<p>EVP_CIPHER_CTX_reset() clears all information from a cipher context and free up any allocated memory associate with it, except the <b>ctx</b> itself. This function should be called anytime <b>ctx</b> is to be reused for another EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.</p>
+
+<p>EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and EVP_CipherInit_ex() except they always use the default cipher implementation.</p>
+
+<p>EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and EVP_CipherFinal_ex(). In previous releases they also cleaned up the <b>ctx</b>, but this is no longer done and EVP_CIPHER_CTX_clean() must be called to free any context resources.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an EVP_CIPHER structure when passed a cipher name, a NID or an ASN1_OBJECT structure.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() enables or disables padding. This function should be called after the context is set up for encryption or decryption with EVP_EncryptInit_ex(), EVP_DecryptInit_ex() or EVP_CipherInit_ex(). By default encryption operations are padded using standard block padding and the padding is checked and removed when decrypting. If the <b>pad</b> parameter is zero then no padding is performed, the total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_KEY_LENGTH</b> is the maximum key length for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a given cipher, the value of EVP_CIPHER_CTX_key_length() may be different for variable key length ciphers.</p>
+
+<p>EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. If the cipher is a fixed length cipher then attempting to set the key length to any value other than the fixed value is an error.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b>. It will return zero if the cipher does not use an IV. The constant <b>EVP_MAX_IV_LENGTH</b> is the maximum IV length for all ciphers.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size of a cipher when passed an <b>EVP_CIPHER</b> or <b>EVP_CIPHER_CTX</b> structure. The constant <b>EVP_MAX_BLOCK_LENGTH</b> is also the maximum block length for all ciphers.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed cipher or context. This &quot;type&quot; is the actual NID of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an object identifier or does not have ASN1 support this function will return <b>NID_undef</b>.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns the <b>EVP_CIPHER</b> structure when passed an <b>EVP_CIPHER_CTX</b> structure.</p>
+
+<p>EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.</p>
+
+<p>EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier &quot;parameter&quot; based on the passed cipher. This will typically include any parameters and an IV. The cipher IV (if any) must be set when this call is made. This call should be made before the cipher is actually &quot;used&quot; (before any EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function may fail if the cipher does not have any ASN1 support.</p>
+
+<p>EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 AlgorithmIdentifier &quot;parameter&quot;. The precise effect depends on the cipher In the case of RC2, for example, it will set the IV and effective key length. This function should be called after the base cipher type is set but before the key is set. For example EVP_CipherInit() will be called with the IV and key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally EVP_CipherInit() again with all parameters except the key set to NULL. It is possible for this function to fail if the cipher does not have any ASN1 support or the parameters cannot be set (for example the RC2 effective key length is not supported.</p>
+
+<p>EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length based on the cipher context. The EVP_CIPHER can provide its own random key generation routine to support keys of a specific form. <b>Key</b> must point to a buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>EVP_CIPHER_CTX_new() returns a pointer to a newly created <b>EVP_CIPHER_CTX</b> for success and <b>NULL</b> for failure.</p>
+
+<p>EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex() return 1 for success and 0 for failure.</p>
+
+<p>EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure. EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.</p>
+
+<p>EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure. EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.</p>
+
+<p>EVP_CIPHER_CTX_reset() returns 1 for success and 0 for failure.</p>
+
+<p>EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() return an <b>EVP_CIPHER</b> structure or NULL on error.</p>
+
+<p>EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.</p>
+
+<p>EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block size.</p>
+
+<p>EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key length.</p>
+
+<p>EVP_CIPHER_CTX_set_padding() always returns 1.</p>
+
+<p>EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV length or zero if the cipher does not use an IV.</p>
+
+<p>EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher&#39;s OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.</p>
+
+<p>EVP_CIPHER_CTX_cipher() returns an <b>EVP_CIPHER</b> structure.</p>
+
+<p>EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number on failure.</p>
+
+<p>EVP_CIPHER_CTX_rand_key() returns 1 for success.</p>
+
+<h1 id="CIPHER-LISTING">CIPHER LISTING</h1>
+
+<p>All algorithms have a fixed key length unless otherwise stated.</p>
+
+<p>Refer to <a href="#SEE-ALSO">&quot;SEE ALSO&quot;</a> for the full list of ciphers available through the EVP interface.</p>
+
+<dl>
+
+<dt id="EVP_enc_null">EVP_enc_null()</dt>
+<dd>
+
+<p>Null cipher: does nothing.</p>
+
+</dd>
+</dl>
+
+<h1 id="AEAD-Interface">AEAD Interface</h1>
+
+<p>The EVP interface for Authenticated Encryption with Associated Data (AEAD) modes are subtly altered and several additional <i>ctrl</i> operations are supported depending on the mode specified.</p>
+
+<p>To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output parameter <b>out</b> set to <b>NULL</b>.</p>
+
+<p>When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() indicates whether the operation was successful. If it does not indicate success, the authentication operation has failed and any output data <b>MUST NOT</b> be used as it is corrupted.</p>
+
+<h2 id="GCM-and-OCB-Modes">GCM and OCB Modes</h2>
+
+<p>The following <i>ctrl</i>s are supported in GCM and OCB modes.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the IV length. This call can only be made before specifying an IV. If not called a default IV length is used.</p>
+
+<p>For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the maximum is 15.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p>For OCB, <code>taglen</code> must either be 16 or the value previously set via <b>EVP_CTRL_AEAD_SET_TAG</b>.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 inclusive.</p>
+
+<p>For GCM, this call is only valid when decrypting data.</p>
+
+<p>For OCB, this call is valid when decrypting data to set the expected tag, and before encryption to set the desired tag length.</p>
+
+<p>In OCB mode, calling this before encryption with <code>tag</code> set to <code>NULL</code> sets the tag length. If this is not called prior to encryption, a default tag length is used.</p>
+
+<p>For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB.</p>
+
+</dd>
+</dl>
+
+<h2 id="CCM-Mode">CCM Mode</h2>
+
+<p>The EVP interface for CCM mode is similar to that of the GCM mode but with a few additional requirements and different <i>ctrl</i> values.</p>
+
+<p>For CCM mode, the total plaintext or ciphertext length <b>MUST</b> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output and input parameters (<b>in</b> and <b>out</b>) set to <b>NULL</b> and the length passed in the <b>inl</b> parameter.</p>
+
+<p>The following <i>ctrl</i>s are supported in CCM mode.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>This call is made to set the expected <b>CCM</b> tag value when decrypting or the length of the tag (with the <code>tag</code> parameter set to NULL) when encrypting. The tag length is often referred to as <b>M</b>. If not set a default value is used (12 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_CCM_SET_L-ivlen-NULL">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM <b>L</b> value. If not set a default is used (8 for AES).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the CCM nonce (IV) length. This call can only be made before specifying an nonce value. The nonce length is given by <b>15 - L</b> so it is 7 by default for AES.</p>
+
+</dd>
+</dl>
+
+<h2 id="ChaCha20-Poly1305">ChaCha20-Poly1305</h2>
+
+<p>The following <i>ctrl</i>s are supported for the ChaCha20-Poly1305 AEAD algorithm.</p>
+
+<dl>
+
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_IVLEN-ivlen-NULL2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL)</dt>
+<dd>
+
+<p>Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum nonce length is 16 (<b>CHACHA_CTR_SIZE</b>, i.e. 128-bits).</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_GET_TAG-taglen-tag1">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Writes <code>taglen</code> bytes of the tag value to the buffer indicated by <code>tag</code>. This call can only be made when encrypting data and <b>after</b> all data has been processed (e.g. after an EVP_EncryptFinal() call).</p>
+
+<p><code>taglen</code> specified here must be 16 (<b>POLY1305_BLOCK_SIZE</b>, i.e. 128-bits) or less.</p>
+
+</dd>
+<dt id="EVP_CIPHER_CTX_ctrl-ctx-EVP_CTRL_AEAD_SET_TAG-taglen-tag2">EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)</dt>
+<dd>
+
+<p>Sets the expected tag to <code>taglen</code> bytes from <code>tag</code>. The tag length can only be set before specifying an IV. <code>taglen</code> must be between 1 and 16 (<b>POLY1305_BLOCK_SIZE</b>) inclusive. This call is only valid when decrypting data.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Where possible the <b>EVP</b> interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and much more flexible. Additionally, the <b>EVP</b> interface will ensure the use of platform specific cryptographic acceleration such as AES-NI (the low level interfaces do not provide the guarantee).</p>
+
+<p>PKCS padding works by adding <b>n</b> padding bytes of value <b>n</b> to make the total length of the encrypted data a multiple of the block size. Padding is always added so if the data is already a multiple of the block size <b>n</b> will equal the block size. For example if the block size is 8 and 11 bytes are to be encrypted then 5 padding bytes of value 5 will be added.</p>
+
+<p>When decrypting the final block is checked to see if it has the correct form.</p>
+
+<p>Although the decryption operation can produce an error if padding is enabled, it is not a strong test that the input data or key is correct. A random block has better than 1 in 256 chance of being of the correct format and problems with the input data earlier on will not produce a final decrypt error.</p>
+
+<p>If padding is disabled then the decryption operation will always succeed if the total amount of data decrypted is a multiple of the block size.</p>
+
+<p>The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(), EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for compatibility with existing code. New code should use EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an existing context without allocating and freeing it up on each call.</p>
+
+<p>EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>EVP_MAX_KEY_LENGTH</b> and <b>EVP_MAX_IV_LENGTH</b> only refer to the internal ciphers with default key lengths. If custom ciphers exceed these values the results are unpredictable. This is because it has become standard practice to define a generic key as a fixed unsigned char array containing <b>EVP_MAX_KEY_LENGTH</b> bytes.</p>
+
+<p>The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Encrypt a string using IDEA:</p>
+
+<pre><code> int do_crypt(char *outfile)
+ {
+     unsigned char outbuf[1024];
+     int outlen, tmplen;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+     unsigned char iv[] = {1,2,3,4,5,6,7,8};
+     char intext[] = &quot;Some Crypto Text&quot;;
+     EVP_CIPHER_CTX *ctx;
+     FILE *out;
+
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv);
+
+     if (!EVP_EncryptUpdate(ctx, outbuf, &amp;outlen, intext, strlen(intext))) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     /*
+      * Buffer passed to EVP_EncryptFinal() must be after data just
+      * encrypted to avoid overwriting it.
+      */
+     if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &amp;tmplen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_free(ctx);
+     /*
+      * Need binary mode for fopen because encrypted data is
+      * binary data. Also cannot use strlen() on it because
+      * it won&#39;t be NUL terminated and may contain embedded
+      * NULs.
+      */
+     out = fopen(outfile, &quot;wb&quot;);
+     if (out == NULL) {
+         /* Error */
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+     fclose(out);
+     return 1;
+ }</code></pre>
+
+<p>The ciphertext from the above example can be decrypted using the <b>openssl</b> utility with the command line (shown on two lines for clarity):</p>
+
+<pre><code> openssl idea -d \
+     -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 &lt;filename</code></pre>
+
+<p>General encryption and decryption function example using FILE I/O and AES128 with a 128-bit key:</p>
+
+<pre><code> int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ {
+     /* Allow enough space in output buffer for additional block */
+     unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+     int inlen, outlen;
+     EVP_CIPHER_CTX *ctx;
+     /*
+      * Bogus key and IV: we&#39;d normally set these from
+      * another source.
+      */
+     unsigned char key[] = &quot;0123456789abcdeF&quot;;
+     unsigned char iv[] = &quot;1234567887654321&quot;;
+
+     /* Don&#39;t set key or IV right away; we want to check lengths */
+     ctx = EVP_CIPHER_CTX_new();
+     EVP_CipherInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+                       do_encrypt);
+     OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
+     OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
+
+     /* Now we can set key and IV */
+     EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);
+
+     for (;;) {
+         inlen = fread(inbuf, 1, 1024, in);
+         if (inlen &lt;= 0)
+             break;
+         if (!EVP_CipherUpdate(ctx, outbuf, &amp;outlen, inbuf, inlen)) {
+             /* Error */
+             EVP_CIPHER_CTX_free(ctx);
+             return 0;
+         }
+         fwrite(outbuf, 1, outlen, out);
+     }
+     if (!EVP_CipherFinal_ex(ctx, outbuf, &amp;outlen)) {
+         /* Error */
+         EVP_CIPHER_CTX_free(ctx);
+         return 0;
+     }
+     fwrite(outbuf, 1, outlen, out);
+
+     EVP_CIPHER_CTX_free(ctx);
+     return 1;
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a></p>
+
+<p>Supported ciphers are listed in:</p>
+
+<p><a href="../man3/EVP_aes.html">EVP_aes(3)</a>, <a href="../man3/EVP_aria.html">EVP_aria(3)</a>, <a href="../man3/EVP_bf.html">EVP_bf(3)</a>, <a href="../man3/EVP_camellia.html">EVP_camellia(3)</a>, <a href="../man3/EVP_cast5.html">EVP_cast5(3)</a>, <a href="../man3/EVP_chacha20.html">EVP_chacha20(3)</a>, <a href="../man3/EVP_des.html">EVP_des(3)</a>, <a href="../man3/EVP_desx.html">EVP_desx(3)</a>, <a href="../man3/EVP_idea.html">EVP_idea(3)</a>, <a href="../man3/EVP_rc2.html">EVP_rc2(3)</a>, <a href="../man3/EVP_rc4.html">EVP_rc4(3)</a>, <a href="../man3/EVP_rc5.html">EVP_rc5(3)</a>, <a href="../man3/EVP_seed.html">EVP_seed(3)</a>, <a href="../man3/EVP_sm4.html">EVP_sm4(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for OCB mode was added in OpenSSL 1.1.0.</p>
+
+<p><b>EVP_CIPHER_CTX</b> was made opaque in OpenSSL 1.1.0. As a result, EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared. EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbyname.html b/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbyname.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbyname.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbynid.html b/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbynid.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbynid.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbyobj.html b/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbyobj.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_get_digestbyobj.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cbc.html
new file mode 100644
index 000000000..7d43b7e9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cbc.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_idea_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_idea_cbc, EVP_idea_cfb, EVP_idea_cfb64, EVP_idea_ecb, EVP_idea_ofb - EVP IDEA cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_idea_cbc(void)
+ const EVP_CIPHER *EVP_idea_cfb(void)
+ const EVP_CIPHER *EVP_idea_cfb64(void)
+ const EVP_CIPHER *EVP_idea_ecb(void)
+ const EVP_CIPHER *EVP_idea_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The IDEA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_idea_cbc-EVP_idea_cfb-EVP_idea_cfb64-EVP_idea_ecb-EVP_idea_ofb">EVP_idea_cbc(), EVP_idea_cfb(), EVP_idea_cfb64(), EVP_idea_ecb(), EVP_idea_ofb()</dt>
+<dd>
+
+<p>The IDEA encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cfb.html
new file mode 100644
index 000000000..7d43b7e9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cfb.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_idea_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_idea_cbc, EVP_idea_cfb, EVP_idea_cfb64, EVP_idea_ecb, EVP_idea_ofb - EVP IDEA cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_idea_cbc(void)
+ const EVP_CIPHER *EVP_idea_cfb(void)
+ const EVP_CIPHER *EVP_idea_cfb64(void)
+ const EVP_CIPHER *EVP_idea_ecb(void)
+ const EVP_CIPHER *EVP_idea_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The IDEA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_idea_cbc-EVP_idea_cfb-EVP_idea_cfb64-EVP_idea_ecb-EVP_idea_ofb">EVP_idea_cbc(), EVP_idea_cfb(), EVP_idea_cfb64(), EVP_idea_ecb(), EVP_idea_ofb()</dt>
+<dd>
+
+<p>The IDEA encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cfb64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cfb64.html
new file mode 100644
index 000000000..7d43b7e9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_cfb64.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_idea_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_idea_cbc, EVP_idea_cfb, EVP_idea_cfb64, EVP_idea_ecb, EVP_idea_ofb - EVP IDEA cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_idea_cbc(void)
+ const EVP_CIPHER *EVP_idea_cfb(void)
+ const EVP_CIPHER *EVP_idea_cfb64(void)
+ const EVP_CIPHER *EVP_idea_ecb(void)
+ const EVP_CIPHER *EVP_idea_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The IDEA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_idea_cbc-EVP_idea_cfb-EVP_idea_cfb64-EVP_idea_ecb-EVP_idea_ofb">EVP_idea_cbc(), EVP_idea_cfb(), EVP_idea_cfb64(), EVP_idea_ecb(), EVP_idea_ofb()</dt>
+<dd>
+
+<p>The IDEA encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_idea_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_ecb.html
new file mode 100644
index 000000000..7d43b7e9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_ecb.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_idea_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_idea_cbc, EVP_idea_cfb, EVP_idea_cfb64, EVP_idea_ecb, EVP_idea_ofb - EVP IDEA cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_idea_cbc(void)
+ const EVP_CIPHER *EVP_idea_cfb(void)
+ const EVP_CIPHER *EVP_idea_cfb64(void)
+ const EVP_CIPHER *EVP_idea_ecb(void)
+ const EVP_CIPHER *EVP_idea_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The IDEA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_idea_cbc-EVP_idea_cfb-EVP_idea_cfb64-EVP_idea_ecb-EVP_idea_ofb">EVP_idea_cbc(), EVP_idea_cfb(), EVP_idea_cfb64(), EVP_idea_ecb(), EVP_idea_ofb()</dt>
+<dd>
+
+<p>The IDEA encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_idea_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_ofb.html
new file mode 100644
index 000000000..7d43b7e9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_idea_ofb.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_idea_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_idea_cbc, EVP_idea_cfb, EVP_idea_cfb64, EVP_idea_ecb, EVP_idea_ofb - EVP IDEA cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_idea_cbc(void)
+ const EVP_CIPHER *EVP_idea_cfb(void)
+ const EVP_CIPHER *EVP_idea_cfb64(void)
+ const EVP_CIPHER *EVP_idea_ecb(void)
+ const EVP_CIPHER *EVP_idea_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The IDEA encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_idea_cbc-EVP_idea_cfb-EVP_idea_cfb64-EVP_idea_ecb-EVP_idea_ofb">EVP_idea_cbc(), EVP_idea_cfb(), EVP_idea_cfb64(), EVP_idea_ecb(), EVP_idea_ofb()</dt>
+<dd>
+
+<p>The IDEA encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_md2.html b/msys2/usr/share/doc/openssl/html/man3/EVP_md2.html
new file mode 100644
index 000000000..38519f004
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_md2.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_md2</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_md2 - MD2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_md2(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2 is a cryptographic hash function standardized in RFC 1319 and designed by Ronald Rivest.</p>
+
+<dl>
+
+<dt id="EVP_md2">EVP_md2()</dt>
+<dd>
+
+<p>The MD2 algorithm which produces a 128-bit output from a given input.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>IETF RFC 1319.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_md4.html b/msys2/usr/share/doc/openssl/html/man3/EVP_md4.html
new file mode 100644
index 000000000..e9085f8af
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_md4.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_md4</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_md4 - MD4 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_md4(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD4 is a cryptographic hash function standardized in RFC 1320 and designed by Ronald Rivest, first published in 1990.</p>
+
+<dl>
+
+<dt id="EVP_md4">EVP_md4()</dt>
+<dd>
+
+<p>The MD4 algorithm which produces a 128-bit output from a given input.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>IETF RFC 1320.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_md5.html b/msys2/usr/share/doc/openssl/html/man3/EVP_md5.html
new file mode 100644
index 000000000..0b86afbfd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_md5.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_md5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_md5, EVP_md5_sha1 - MD5 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_md5(void);
+ const EVP_MD *EVP_md5_sha1(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD5 is a cryptographic hash function standardized in RFC 1321 and designed by Ronald Rivest.</p>
+
+<p>The CMU Software Engineering Institute considers MD5 unsuitable for further use since its security has been severely compromised.</p>
+
+<dl>
+
+<dt id="EVP_md5">EVP_md5()</dt>
+<dd>
+
+<p>The MD5 algorithm which produces a 128-bit output from a given input.</p>
+
+</dd>
+<dt id="EVP_md5_sha1">EVP_md5_sha1()</dt>
+<dd>
+
+<p>A hash algorithm of SSL v3 that combines MD5 with SHA-1 as decirbed in RFC 6101.</p>
+
+<p>WARNING: this algorithm is not intended for non-SSL usage.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>IETF RFC 1321.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_md5_sha1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_md5_sha1.html
new file mode 100644
index 000000000..0b86afbfd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_md5_sha1.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_md5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_md5, EVP_md5_sha1 - MD5 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_md5(void);
+ const EVP_MD *EVP_md5_sha1(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD5 is a cryptographic hash function standardized in RFC 1321 and designed by Ronald Rivest.</p>
+
+<p>The CMU Software Engineering Institute considers MD5 unsuitable for further use since its security has been severely compromised.</p>
+
+<dl>
+
+<dt id="EVP_md5">EVP_md5()</dt>
+<dd>
+
+<p>The MD5 algorithm which produces a 128-bit output from a given input.</p>
+
+</dd>
+<dt id="EVP_md5_sha1">EVP_md5_sha1()</dt>
+<dd>
+
+<p>A hash algorithm of SSL v3 that combines MD5 with SHA-1 as decirbed in RFC 6101.</p>
+
+<p>WARNING: this algorithm is not intended for non-SSL usage.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>IETF RFC 1321.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_md_null.html b/msys2/usr/share/doc/openssl/html/man3/EVP_md_null.html
new file mode 100644
index 000000000..96538aa3e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_md_null.html
@@ -0,0 +1,382 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_DigestInit</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#FLAGS">FLAGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl, EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags, EVP_DigestInit_ex, EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_MD_CTX_md_data, EVP_md_null, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj, EVP_MD_CTX_set_pkey_ctx - EVP digest routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_MD_CTX *EVP_MD_CTX_new(void);
+ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void* p2);
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+ void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ int EVP_MD_CTX_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_block_size(const EVP_MD *ctx);
+ int EVP_MD_CTX_type(const EVP_MD *ctx);
+ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+ const EVP_MD *EVP_md_null(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ const EVP_MD *EVP_get_digestbynid(int type);
+ const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);
+
+ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP digest routines are a high level interface to message digests, and should be used instead of the cipher-specific functions.</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_new">EVP_MD_CTX_new()</dt>
+<dd>
+
+<p>Allocates and returns a digest context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_reset">EVP_MD_CTX_reset()</dt>
+<dd>
+
+<p>Resets the digest context <b>ctx</b>. This can be used to reuse an already existing context.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_free">EVP_MD_CTX_free()</dt>
+<dd>
+
+<p>Cleans up digest context <b>ctx</b> and frees up the space allocated to it.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Performs digest-specific control actions on context <b>ctx</b>.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_flags-EVP_MD_CTX_clear_flags-EVP_MD_CTX_test_flags">EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags(), EVP_MD_CTX_test_flags()</dt>
+<dd>
+
+<p>Sets, clears and tests <b>ctx</b> flags. See <a href="#FLAGS">&quot;FLAGS&quot;</a> below for more information.</p>
+
+</dd>
+<dt id="EVP_DigestInit_ex">EVP_DigestInit_ex()</dt>
+<dd>
+
+<p>Sets up digest context <b>ctx</b> to use a digest <b>type</b> from ENGINE <b>impl</b>. <b>type</b> will typically be supplied by a function such as EVP_sha1(). If <b>impl</b> is NULL then the default implementation of digest <b>type</b> is used.</p>
+
+</dd>
+<dt id="EVP_DigestUpdate">EVP_DigestUpdate()</dt>
+<dd>
+
+<p>Hashes <b>cnt</b> bytes of data at <b>d</b> into the digest context <b>ctx</b>. This function can be called several times on the same <b>ctx</b> to hash additional data.</p>
+
+</dd>
+<dt id="EVP_DigestFinal_ex">EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Retrieves the digest value from <b>ctx</b> and places it in <b>md</b>. If the <b>s</b> parameter is not NULL then the number of bytes of data written (i.e. the length of the digest) will be written to the integer at <b>s</b>, at most <b>EVP_MAX_MD_SIZE</b> bytes will be written. After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new digest operation.</p>
+
+</dd>
+<dt id="EVP_DigestFinalXOF">EVP_DigestFinalXOF()</dt>
+<dd>
+
+<p>Interfaces to extendable-output functions, XOFs, such as SHAKE128 and SHAKE256. It retrieves the digest value from <b>ctx</b> and places it in <b>len</b>-sized &lt;B&gt;md. After calling this function no additional calls to EVP_DigestUpdate() can be made, but EVP_DigestInit_ex() can be called to initialize a new operation.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Can be used to copy the message digest state from <b>in</b> to <b>out</b>. This is useful if large amounts of data are to be hashed which only differ in the last few bytes.</p>
+
+</dd>
+<dt id="EVP_DigestInit">EVP_DigestInit()</dt>
+<dd>
+
+<p>Behaves in the same way as EVP_DigestInit_ex() except it always uses the default digest implementation.</p>
+
+</dd>
+<dt id="EVP_DigestFinal">EVP_DigestFinal()</dt>
+<dd>
+
+<p>Similar to EVP_DigestFinal_ex() except the digest context <b>ctx</b> is automatically cleaned up.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy">EVP_MD_CTX_copy()</dt>
+<dd>
+
+<p>Similar to EVP_MD_CTX_copy_ex() except the destination <b>out</b> does not have to be initialized.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_CTX_size">EVP_MD_size(), EVP_MD_CTX_size()</dt>
+<dd>
+
+<p>Return the size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure, i.e. the size of the hash.</p>
+
+</dd>
+<dt id="EVP_MD_block_size-EVP_MD_CTX_block_size">EVP_MD_block_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Return the block size of the message digest when passed an <b>EVP_MD</b> or an <b>EVP_MD_CTX</b> structure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_CTX_type">EVP_MD_type(), EVP_MD_CTX_type()</dt>
+<dd>
+
+<p>Return the NID of the OBJECT IDENTIFIER representing the given message digest when passed an <b>EVP_MD</b> structure. For example, <code>EVP_MD_type(EVP_sha1())</code> returns <b>NID_sha1</b>. This function is normally used when setting ASN1 OIDs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md_data">EVP_MD_CTX_md_data()</dt>
+<dd>
+
+<p>Return the digest method private data for the passed <b>EVP_MD_CTX</b>. The space is allocated by OpenSSL and has the size originally set with EVP_MD_meth_set_app_datasize().</p>
+
+</dd>
+<dt id="EVP_MD_CTX_md">EVP_MD_CTX_md()</dt>
+<dd>
+
+<p>Returns the <b>EVP_MD</b> structure corresponding to the passed <b>EVP_MD_CTX</b>.</p>
+
+</dd>
+<dt id="EVP_MD_pkey_type">EVP_MD_pkey_type()</dt>
+<dd>
+
+<p>Returns the NID of the public key signing algorithm associated with this digest. For example EVP_sha1() is associated with RSA so this will return <b>NID_sha1WithRSAEncryption</b>. Since digests and signature algorithms are no longer linked this function is only retained for compatibility reasons.</p>
+
+</dd>
+<dt id="EVP_md_null">EVP_md_null()</dt>
+<dd>
+
+<p>A &quot;null&quot; message digest that does nothing: i.e. the hash it returns is of zero length.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns an <b>EVP_MD</b> structure when passed a digest name, a digest <b>NID</b> or an <b>ASN1_OBJECT</b> structure respectively.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>Assigns an <b>EVP_PKEY_CTX</b> to <b>EVP_MD_CTX</b>. This is usually used to provide a customzied <b>EVP_PKEY_CTX</b> to <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>. The <b>pctx</b> passed to this function should be freed by the caller. A NULL <b>pctx</b> pointer is also allowed to clear the <b>EVP_PKEY_CTX</b> assigned to <b>ctx</b>. In such case, freeing the cleared <b>EVP_PKEY_CTX</b> or not depends on how the <b>EVP_PKEY_CTX</b> is created.</p>
+
+</dd>
+</dl>
+
+<h1 id="FLAGS">FLAGS</h1>
+
+<p>EVP_MD_CTX_set_flags(), EVP_MD_CTX_clear_flags() and EVP_MD_CTX_test_flags() can be used the manipulate and test these <b>EVP_MD_CTX</b> flags:</p>
+
+<dl>
+
+<dt id="EVP_MD_CTX_FLAG_ONESHOT">EVP_MD_CTX_FLAG_ONESHOT</dt>
+<dd>
+
+<p>This flag instructs the digest to optimize for one update only, if possible.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_NO_INIT">EVP_MD_CTX_FLAG_NO_INIT</dt>
+<dd>
+
+<p>This flag instructs EVP_DigestInit() and similar not to initialise the implementation specific data.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_FLAG_FINALISE">EVP_MD_CTX_FLAG_FINALISE</dt>
+<dd>
+
+<p>Some functions such as EVP_DigestSign only finalise copies of internal contexts so additional data can be included after the finalisation call. This is inefficient if this functionality is not required, and can be disabled with this flag.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<dl>
+
+<dt id="EVP_DigestInit_ex-EVP_DigestUpdate-EVP_DigestFinal_ex">EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex()</dt>
+<dd>
+
+<p>Returns 1 for success and 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_ctrl1">EVP_MD_CTX_ctrl()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_copy_ex1">EVP_MD_CTX_copy_ex()</dt>
+<dd>
+
+<p>Returns 1 if successful or 0 for failure.</p>
+
+</dd>
+<dt id="EVP_MD_type-EVP_MD_pkey_type-EVP_MD_type">EVP_MD_type(), EVP_MD_pkey_type(), EVP_MD_type()</dt>
+<dd>
+
+<p>Returns the NID of the corresponding OBJECT IDENTIFIER or NID_undef if none exists.</p>
+
+</dd>
+<dt id="EVP_MD_size-EVP_MD_block_size-EVP_MD_CTX_size-EVP_MD_CTX_block_size">EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(), EVP_MD_CTX_block_size()</dt>
+<dd>
+
+<p>Returns the digest or block size in bytes.</p>
+
+</dd>
+<dt id="EVP_md_null1">EVP_md_null()</dt>
+<dd>
+
+<p>Returns a pointer to the <b>EVP_MD</b> structure of the &quot;null&quot; message digest.</p>
+
+</dd>
+<dt id="EVP_get_digestbyname-EVP_get_digestbynid-EVP_get_digestbyobj1">EVP_get_digestbyname(), EVP_get_digestbynid(), EVP_get_digestbyobj()</dt>
+<dd>
+
+<p>Returns either an <b>EVP_MD</b> structure or NULL if an error occurs.</p>
+
+</dd>
+<dt id="EVP_MD_CTX_set_pkey_ctx1">EVP_MD_CTX_set_pkey_ctx()</dt>
+<dd>
+
+<p>This function has no return value.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>EVP</b> interface to message digests should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the digest used and much more flexible.</p>
+
+<p>New applications should use the SHA-2 (such as <a href="../man3/EVP_sha256.html">EVP_sha256(3)</a>) or the SHA-3 digest algorithms (such as <a href="../man3/EVP_sha3_512.html">EVP_sha3_512(3)</a>). The other digest algorithms are still in common use.</p>
+
+<p>For most applications the <b>impl</b> parameter to EVP_DigestInit_ex() will be set to NULL to use the default digest implementation.</p>
+
+<p>The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are obsolete but are retained to maintain compatibility with existing code. New applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context instead of initializing and cleaning it up on each call and allow non default implementations of digests to be specified.</p>
+
+<p>If digest contexts are not cleaned up after use, memory leaks will occur.</p>
+
+<p>EVP_MD_CTX_size(), EVP_MD_CTX_block_size(), EVP_MD_CTX_type(), EVP_get_digestbynid() and EVP_get_digestbyobj() are defined as macros.</p>
+
+<p>EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration or control.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example digests the data &quot;Test Message\n&quot; and &quot;Hello World\n&quot;, using the digest name passed on the command line.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;string.h&gt;
+ #include &lt;openssl/evp.h&gt;
+
+ int main(int argc, char *argv[])
+ {
+     EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     char mess1[] = &quot;Test Message\n&quot;;
+     char mess2[] = &quot;Hello World\n&quot;;
+     unsigned char md_value[EVP_MAX_MD_SIZE];
+     unsigned int md_len, i;
+
+     if (argv[1] == NULL) {
+         printf(&quot;Usage: mdtest digestname\n&quot;);
+         exit(1);
+     }
+
+     md = EVP_get_digestbyname(argv[1]);
+     if (md == NULL) {
+         printf(&quot;Unknown message digest %s\n&quot;, argv[1]);
+         exit(1);
+     }
+
+     mdctx = EVP_MD_CTX_new();
+     EVP_DigestInit_ex(mdctx, md, NULL);
+     EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+     EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+     EVP_DigestFinal_ex(mdctx, md_value, &amp;md_len);
+     EVP_MD_CTX_free(mdctx);
+
+     printf(&quot;Digest is: &quot;);
+     for (i = 0; i &lt; md_len; i++)
+         printf(&quot;%02x&quot;, md_value[i]);
+     printf(&quot;\n&quot;);
+
+     exit(0);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/dgst.html">dgst(1)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<p>The full list of digest algorithms are provided below.</p>
+
+<p><a href="../man3/EVP_blake2b512.html">EVP_blake2b512(3)</a>, <a href="../man3/EVP_md2.html">EVP_md2(3)</a>, <a href="../man3/EVP_md4.html">EVP_md4(3)</a>, <a href="../man3/EVP_md5.html">EVP_md5(3)</a>, <a href="../man3/EVP_mdc2.html">EVP_mdc2(3)</a>, <a href="../man3/EVP_ripemd160.html">EVP_ripemd160(3)</a>, <a href="../man3/EVP_sha1.html">EVP_sha1(3)</a>, <a href="../man3/EVP_sha224.html">EVP_sha224(3)</a>, <a href="../man3/EVP_sha3_224.html">EVP_sha3_224(3)</a>, <a href="../man3/EVP_sm3.html">EVP_sm3(3)</a>, <a href="../man3/EVP_whirlpool.html">EVP_whirlpool(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The EVP_MD_CTX_create() and EVP_MD_CTX_destroy() functions were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.0, respectively.</p>
+
+<p>The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA.</p>
+
+<p>The EVP_dss1() function was removed in OpenSSL 1.1.0.</p>
+
+<p>The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_mdc2.html b/msys2/usr/share/doc/openssl/html/man3/EVP_mdc2.html
new file mode 100644
index 000000000..ff97a163a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_mdc2.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_mdc2</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_mdc2 - MDC-2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_mdc2(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MDC-2 (Modification Detection Code 2 or Meyer-Schilling) is a cryptographic hash function based on a block cipher.</p>
+
+<dl>
+
+<dt id="EVP_mdc2">EVP_mdc2()</dt>
+<dd>
+
+<p>The MDC-2DES algorithm of using MDC-2 with the DES block cipher. It produces a 128-bit output from a given input.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-2:2000 Hash-Function 2, with DES as the underlying block cipher.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_40_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_40_cbc.html
new file mode 100644
index 000000000..32c3dd48e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_40_cbc.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc2_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc2_cbc, EVP_rc2_cfb, EVP_rc2_cfb64, EVP_rc2_ecb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc - EVP RC2 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc2_cbc(void)
+ const EVP_CIPHER *EVP_rc2_cfb(void)
+ const EVP_CIPHER *EVP_rc2_cfb64(void)
+ const EVP_CIPHER *EVP_rc2_ecb(void)
+ const EVP_CIPHER *EVP_rc2_ofb(void)
+ const EVP_CIPHER *EVP_rc2_40_cbc(void)
+ const EVP_CIPHER *EVP_rc2_64_cbc(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC2 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc2_cbc-EVP_rc2_cfb-EVP_rc2_cfb64-EVP_rc2_ecb-EVP_rc2_ofb">EVP_rc2_cbc(), EVP_rc2_cfb(), EVP_rc2_cfb64(), EVP_rc2_ecb(), EVP_rc2_ofb()</dt>
+<dd>
+
+<p>RC2 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional parameter called &quot;effective key bits&quot; or &quot;effective key length&quot;. By default both are set to 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc2_40_cbc-EVP_rc2_64_cbc">EVP_rc2_40_cbc(), EVP_rc2_64_cbc()</dt>
+<dd>
+
+<p>RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.</p>
+
+<p>WARNING: these functions are obsolete. Their usage should be replaced with the EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl() functions to set the key length and effective key length.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_64_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_64_cbc.html
new file mode 100644
index 000000000..32c3dd48e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_64_cbc.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc2_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc2_cbc, EVP_rc2_cfb, EVP_rc2_cfb64, EVP_rc2_ecb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc - EVP RC2 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc2_cbc(void)
+ const EVP_CIPHER *EVP_rc2_cfb(void)
+ const EVP_CIPHER *EVP_rc2_cfb64(void)
+ const EVP_CIPHER *EVP_rc2_ecb(void)
+ const EVP_CIPHER *EVP_rc2_ofb(void)
+ const EVP_CIPHER *EVP_rc2_40_cbc(void)
+ const EVP_CIPHER *EVP_rc2_64_cbc(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC2 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc2_cbc-EVP_rc2_cfb-EVP_rc2_cfb64-EVP_rc2_ecb-EVP_rc2_ofb">EVP_rc2_cbc(), EVP_rc2_cfb(), EVP_rc2_cfb64(), EVP_rc2_ecb(), EVP_rc2_ofb()</dt>
+<dd>
+
+<p>RC2 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional parameter called &quot;effective key bits&quot; or &quot;effective key length&quot;. By default both are set to 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc2_40_cbc-EVP_rc2_64_cbc">EVP_rc2_40_cbc(), EVP_rc2_64_cbc()</dt>
+<dd>
+
+<p>RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.</p>
+
+<p>WARNING: these functions are obsolete. Their usage should be replaced with the EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl() functions to set the key length and effective key length.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cbc.html
new file mode 100644
index 000000000..32c3dd48e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cbc.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc2_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc2_cbc, EVP_rc2_cfb, EVP_rc2_cfb64, EVP_rc2_ecb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc - EVP RC2 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc2_cbc(void)
+ const EVP_CIPHER *EVP_rc2_cfb(void)
+ const EVP_CIPHER *EVP_rc2_cfb64(void)
+ const EVP_CIPHER *EVP_rc2_ecb(void)
+ const EVP_CIPHER *EVP_rc2_ofb(void)
+ const EVP_CIPHER *EVP_rc2_40_cbc(void)
+ const EVP_CIPHER *EVP_rc2_64_cbc(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC2 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc2_cbc-EVP_rc2_cfb-EVP_rc2_cfb64-EVP_rc2_ecb-EVP_rc2_ofb">EVP_rc2_cbc(), EVP_rc2_cfb(), EVP_rc2_cfb64(), EVP_rc2_ecb(), EVP_rc2_ofb()</dt>
+<dd>
+
+<p>RC2 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional parameter called &quot;effective key bits&quot; or &quot;effective key length&quot;. By default both are set to 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc2_40_cbc-EVP_rc2_64_cbc">EVP_rc2_40_cbc(), EVP_rc2_64_cbc()</dt>
+<dd>
+
+<p>RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.</p>
+
+<p>WARNING: these functions are obsolete. Their usage should be replaced with the EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl() functions to set the key length and effective key length.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cfb.html
new file mode 100644
index 000000000..32c3dd48e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cfb.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc2_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc2_cbc, EVP_rc2_cfb, EVP_rc2_cfb64, EVP_rc2_ecb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc - EVP RC2 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc2_cbc(void)
+ const EVP_CIPHER *EVP_rc2_cfb(void)
+ const EVP_CIPHER *EVP_rc2_cfb64(void)
+ const EVP_CIPHER *EVP_rc2_ecb(void)
+ const EVP_CIPHER *EVP_rc2_ofb(void)
+ const EVP_CIPHER *EVP_rc2_40_cbc(void)
+ const EVP_CIPHER *EVP_rc2_64_cbc(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC2 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc2_cbc-EVP_rc2_cfb-EVP_rc2_cfb64-EVP_rc2_ecb-EVP_rc2_ofb">EVP_rc2_cbc(), EVP_rc2_cfb(), EVP_rc2_cfb64(), EVP_rc2_ecb(), EVP_rc2_ofb()</dt>
+<dd>
+
+<p>RC2 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional parameter called &quot;effective key bits&quot; or &quot;effective key length&quot;. By default both are set to 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc2_40_cbc-EVP_rc2_64_cbc">EVP_rc2_40_cbc(), EVP_rc2_64_cbc()</dt>
+<dd>
+
+<p>RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.</p>
+
+<p>WARNING: these functions are obsolete. Their usage should be replaced with the EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl() functions to set the key length and effective key length.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cfb64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cfb64.html
new file mode 100644
index 000000000..32c3dd48e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_cfb64.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc2_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc2_cbc, EVP_rc2_cfb, EVP_rc2_cfb64, EVP_rc2_ecb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc - EVP RC2 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc2_cbc(void)
+ const EVP_CIPHER *EVP_rc2_cfb(void)
+ const EVP_CIPHER *EVP_rc2_cfb64(void)
+ const EVP_CIPHER *EVP_rc2_ecb(void)
+ const EVP_CIPHER *EVP_rc2_ofb(void)
+ const EVP_CIPHER *EVP_rc2_40_cbc(void)
+ const EVP_CIPHER *EVP_rc2_64_cbc(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC2 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc2_cbc-EVP_rc2_cfb-EVP_rc2_cfb64-EVP_rc2_ecb-EVP_rc2_ofb">EVP_rc2_cbc(), EVP_rc2_cfb(), EVP_rc2_cfb64(), EVP_rc2_ecb(), EVP_rc2_ofb()</dt>
+<dd>
+
+<p>RC2 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional parameter called &quot;effective key bits&quot; or &quot;effective key length&quot;. By default both are set to 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc2_40_cbc-EVP_rc2_64_cbc">EVP_rc2_40_cbc(), EVP_rc2_64_cbc()</dt>
+<dd>
+
+<p>RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.</p>
+
+<p>WARNING: these functions are obsolete. Their usage should be replaced with the EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl() functions to set the key length and effective key length.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_ecb.html
new file mode 100644
index 000000000..32c3dd48e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_ecb.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc2_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc2_cbc, EVP_rc2_cfb, EVP_rc2_cfb64, EVP_rc2_ecb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc - EVP RC2 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc2_cbc(void)
+ const EVP_CIPHER *EVP_rc2_cfb(void)
+ const EVP_CIPHER *EVP_rc2_cfb64(void)
+ const EVP_CIPHER *EVP_rc2_ecb(void)
+ const EVP_CIPHER *EVP_rc2_ofb(void)
+ const EVP_CIPHER *EVP_rc2_40_cbc(void)
+ const EVP_CIPHER *EVP_rc2_64_cbc(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC2 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc2_cbc-EVP_rc2_cfb-EVP_rc2_cfb64-EVP_rc2_ecb-EVP_rc2_ofb">EVP_rc2_cbc(), EVP_rc2_cfb(), EVP_rc2_cfb64(), EVP_rc2_ecb(), EVP_rc2_ofb()</dt>
+<dd>
+
+<p>RC2 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional parameter called &quot;effective key bits&quot; or &quot;effective key length&quot;. By default both are set to 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc2_40_cbc-EVP_rc2_64_cbc">EVP_rc2_40_cbc(), EVP_rc2_64_cbc()</dt>
+<dd>
+
+<p>RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.</p>
+
+<p>WARNING: these functions are obsolete. Their usage should be replaced with the EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl() functions to set the key length and effective key length.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_ofb.html
new file mode 100644
index 000000000..32c3dd48e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc2_ofb.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc2_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc2_cbc, EVP_rc2_cfb, EVP_rc2_cfb64, EVP_rc2_ecb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc - EVP RC2 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc2_cbc(void)
+ const EVP_CIPHER *EVP_rc2_cfb(void)
+ const EVP_CIPHER *EVP_rc2_cfb64(void)
+ const EVP_CIPHER *EVP_rc2_ecb(void)
+ const EVP_CIPHER *EVP_rc2_ofb(void)
+ const EVP_CIPHER *EVP_rc2_40_cbc(void)
+ const EVP_CIPHER *EVP_rc2_64_cbc(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC2 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc2_cbc-EVP_rc2_cfb-EVP_rc2_cfb64-EVP_rc2_ecb-EVP_rc2_ofb">EVP_rc2_cbc(), EVP_rc2_cfb(), EVP_rc2_cfb64(), EVP_rc2_ecb(), EVP_rc2_ofb()</dt>
+<dd>
+
+<p>RC2 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional parameter called &quot;effective key bits&quot; or &quot;effective key length&quot;. By default both are set to 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc2_40_cbc-EVP_rc2_64_cbc">EVP_rc2_40_cbc(), EVP_rc2_64_cbc()</dt>
+<dd>
+
+<p>RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.</p>
+
+<p>WARNING: these functions are obsolete. Their usage should be replaced with the EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl() functions to set the key length and effective key length.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc4.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc4.html
new file mode 100644
index 000000000..70a5b1a52
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc4.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc4</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc4, EVP_rc4_40, EVP_rc4_hmac_md5 - EVP RC4 stream cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc4(void)
+ const EVP_CIPHER *EVP_rc4_40(void)
+ const EVP_CIPHER *EVP_rc4_hmac_md5(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC4 stream cipher for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc4">EVP_rc4()</dt>
+<dd>
+
+<p>RC4 stream cipher. This is a variable key length cipher with a default key length of 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc4_40">EVP_rc4_40()</dt>
+<dd>
+
+<p>RC4 stream cipher with 40 bit key length.</p>
+
+<p>WARNING: this function is obsolete. Its usage should be replaced with the EVP_rc4() and the EVP_CIPHER_CTX_set_key_length() functions.</p>
+
+</dd>
+<dt id="EVP_rc4_hmac_md5">EVP_rc4_hmac_md5()</dt>
+<dd>
+
+<p>Authenticated encryption with the RC4 stream cipher with MD5 as HMAC.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc4_40.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc4_40.html
new file mode 100644
index 000000000..70a5b1a52
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc4_40.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc4</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc4, EVP_rc4_40, EVP_rc4_hmac_md5 - EVP RC4 stream cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc4(void)
+ const EVP_CIPHER *EVP_rc4_40(void)
+ const EVP_CIPHER *EVP_rc4_hmac_md5(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC4 stream cipher for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc4">EVP_rc4()</dt>
+<dd>
+
+<p>RC4 stream cipher. This is a variable key length cipher with a default key length of 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc4_40">EVP_rc4_40()</dt>
+<dd>
+
+<p>RC4 stream cipher with 40 bit key length.</p>
+
+<p>WARNING: this function is obsolete. Its usage should be replaced with the EVP_rc4() and the EVP_CIPHER_CTX_set_key_length() functions.</p>
+
+</dd>
+<dt id="EVP_rc4_hmac_md5">EVP_rc4_hmac_md5()</dt>
+<dd>
+
+<p>Authenticated encryption with the RC4 stream cipher with MD5 as HMAC.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc4_hmac_md5.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc4_hmac_md5.html
new file mode 100644
index 000000000..70a5b1a52
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc4_hmac_md5.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc4</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc4, EVP_rc4_40, EVP_rc4_hmac_md5 - EVP RC4 stream cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc4(void)
+ const EVP_CIPHER *EVP_rc4_40(void)
+ const EVP_CIPHER *EVP_rc4_hmac_md5(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC4 stream cipher for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc4">EVP_rc4()</dt>
+<dd>
+
+<p>RC4 stream cipher. This is a variable key length cipher with a default key length of 128 bits.</p>
+
+</dd>
+<dt id="EVP_rc4_40">EVP_rc4_40()</dt>
+<dd>
+
+<p>RC4 stream cipher with 40 bit key length.</p>
+
+<p>WARNING: this function is obsolete. Its usage should be replaced with the EVP_rc4() and the EVP_CIPHER_CTX_set_key_length() functions.</p>
+
+</dd>
+<dt id="EVP_rc4_hmac_md5">EVP_rc4_hmac_md5()</dt>
+<dd>
+
+<p>Authenticated encryption with the RC4 stream cipher with MD5 as HMAC.</p>
+
+<p>WARNING: this is not intended for usage outside of TLS and requires calling of some undocumented ctrl functions. These ciphers do not conform to the EVP AEAD interface.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cbc.html
new file mode 100644
index 000000000..b30db4867
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cbc.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc5_32_12_16_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc5_32_12_16_cbc, EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_cfb64, EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_ofb - EVP RC5 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC5 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc5_32_12_16_cbc-EVP_rc5_32_12_16_cfb-EVP_rc5_32_12_16_cfb64-EVP_rc5_32_12_16_ecb-EVP_rc5_32_12_16_ofb">EVP_rc5_32_12_16_cbc(), EVP_rc5_32_12_16_cfb(), EVP_rc5_32_12_16_cfb64(), EVP_rc5_32_12_16_ecb(), EVP_rc5_32_12_16_ofb()</dt>
+<dd>
+
+<p>RC5 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional &quot;number of rounds&quot; parameter. By default the key length is set to 128 bits and 12 rounds.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Currently the number of rounds in RC5 can only be set to 8, 12 or 16. This is a limitation of the current RC5 code rather than the EVP interface.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cfb.html
new file mode 100644
index 000000000..b30db4867
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cfb.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc5_32_12_16_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc5_32_12_16_cbc, EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_cfb64, EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_ofb - EVP RC5 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC5 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc5_32_12_16_cbc-EVP_rc5_32_12_16_cfb-EVP_rc5_32_12_16_cfb64-EVP_rc5_32_12_16_ecb-EVP_rc5_32_12_16_ofb">EVP_rc5_32_12_16_cbc(), EVP_rc5_32_12_16_cfb(), EVP_rc5_32_12_16_cfb64(), EVP_rc5_32_12_16_ecb(), EVP_rc5_32_12_16_ofb()</dt>
+<dd>
+
+<p>RC5 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional &quot;number of rounds&quot; parameter. By default the key length is set to 128 bits and 12 rounds.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Currently the number of rounds in RC5 can only be set to 8, 12 or 16. This is a limitation of the current RC5 code rather than the EVP interface.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cfb64.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cfb64.html
new file mode 100644
index 000000000..b30db4867
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cfb64.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc5_32_12_16_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc5_32_12_16_cbc, EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_cfb64, EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_ofb - EVP RC5 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC5 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc5_32_12_16_cbc-EVP_rc5_32_12_16_cfb-EVP_rc5_32_12_16_cfb64-EVP_rc5_32_12_16_ecb-EVP_rc5_32_12_16_ofb">EVP_rc5_32_12_16_cbc(), EVP_rc5_32_12_16_cfb(), EVP_rc5_32_12_16_cfb64(), EVP_rc5_32_12_16_ecb(), EVP_rc5_32_12_16_ofb()</dt>
+<dd>
+
+<p>RC5 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional &quot;number of rounds&quot; parameter. By default the key length is set to 128 bits and 12 rounds.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Currently the number of rounds in RC5 can only be set to 8, 12 or 16. This is a limitation of the current RC5 code rather than the EVP interface.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_ecb.html
new file mode 100644
index 000000000..b30db4867
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_ecb.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc5_32_12_16_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc5_32_12_16_cbc, EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_cfb64, EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_ofb - EVP RC5 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC5 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc5_32_12_16_cbc-EVP_rc5_32_12_16_cfb-EVP_rc5_32_12_16_cfb64-EVP_rc5_32_12_16_ecb-EVP_rc5_32_12_16_ofb">EVP_rc5_32_12_16_cbc(), EVP_rc5_32_12_16_cfb(), EVP_rc5_32_12_16_cfb64(), EVP_rc5_32_12_16_ecb(), EVP_rc5_32_12_16_ofb()</dt>
+<dd>
+
+<p>RC5 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional &quot;number of rounds&quot; parameter. By default the key length is set to 128 bits and 12 rounds.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Currently the number of rounds in RC5 can only be set to 8, 12 or 16. This is a limitation of the current RC5 code rather than the EVP interface.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_ofb.html
new file mode 100644
index 000000000..b30db4867
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_ofb.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_rc5_32_12_16_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_rc5_32_12_16_cbc, EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_cfb64, EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_ofb - EVP RC5 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void)
+ const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RC5 encryption algorithm for EVP.</p>
+
+<dl>
+
+<dt id="EVP_rc5_32_12_16_cbc-EVP_rc5_32_12_16_cfb-EVP_rc5_32_12_16_cfb64-EVP_rc5_32_12_16_ecb-EVP_rc5_32_12_16_ofb">EVP_rc5_32_12_16_cbc(), EVP_rc5_32_12_16_cfb(), EVP_rc5_32_12_16_cfb64(), EVP_rc5_32_12_16_ecb(), EVP_rc5_32_12_16_ofb()</dt>
+<dd>
+
+<p>RC5 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a variable key length cipher with an additional &quot;number of rounds&quot; parameter. By default the key length is set to 128 bits and 12 rounds.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Currently the number of rounds in RC5 can only be set to 8, 12 or 16. This is a limitation of the current RC5 code rather than the EVP interface.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_ripemd160.html b/msys2/usr/share/doc/openssl/html/man3/EVP_ripemd160.html
new file mode 100644
index 000000000..6f9878fb7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_ripemd160.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_ripemd160</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_ripemd160 - RIPEMD160 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_ripemd160(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RIPEMD-160 is a cryptographic hash function first published in 1996 belonging to the RIPEMD family (RACE Integrity Primitives Evaluation Message Digest).</p>
+
+<dl>
+
+<dt id="EVP_ripemd160">EVP_ripemd160()</dt>
+<dd>
+
+<p>The RIPEMD-160 algorithm which produces a 160-bit output from a given input.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-3:2016 Dedicated Hash-Function 1 (RIPEMD-160).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cbc.html
new file mode 100644
index 000000000..dfec2c118
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cbc.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_seed_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_seed_cbc, EVP_seed_cfb, EVP_seed_cfb128, EVP_seed_ecb, EVP_seed_ofb - EVP SEED cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_seed_cbc(void)
+ const EVP_CIPHER *EVP_seed_cfb(void)
+ const EVP_CIPHER *EVP_seed_cfb128(void)
+ const EVP_CIPHER *EVP_seed_ecb(void)
+ const EVP_CIPHER *EVP_seed_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SEED encryption algorithm for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128-bits.</p>
+
+<dl>
+
+<dt id="EVP_seed_cbc-EVP_seed_cfb-EVP_seed_cfb128-EVP_seed_ecb-EVP_seed_ofb">EVP_seed_cbc(), EVP_seed_cfb(), EVP_seed_cfb128(), EVP_seed_ecb(), EVP_seed_ofb()</dt>
+<dd>
+
+<p>The SEED encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cfb.html
new file mode 100644
index 000000000..dfec2c118
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cfb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_seed_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_seed_cbc, EVP_seed_cfb, EVP_seed_cfb128, EVP_seed_ecb, EVP_seed_ofb - EVP SEED cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_seed_cbc(void)
+ const EVP_CIPHER *EVP_seed_cfb(void)
+ const EVP_CIPHER *EVP_seed_cfb128(void)
+ const EVP_CIPHER *EVP_seed_ecb(void)
+ const EVP_CIPHER *EVP_seed_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SEED encryption algorithm for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128-bits.</p>
+
+<dl>
+
+<dt id="EVP_seed_cbc-EVP_seed_cfb-EVP_seed_cfb128-EVP_seed_ecb-EVP_seed_ofb">EVP_seed_cbc(), EVP_seed_cfb(), EVP_seed_cfb128(), EVP_seed_ecb(), EVP_seed_ofb()</dt>
+<dd>
+
+<p>The SEED encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cfb128.html
new file mode 100644
index 000000000..dfec2c118
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_cfb128.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_seed_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_seed_cbc, EVP_seed_cfb, EVP_seed_cfb128, EVP_seed_ecb, EVP_seed_ofb - EVP SEED cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_seed_cbc(void)
+ const EVP_CIPHER *EVP_seed_cfb(void)
+ const EVP_CIPHER *EVP_seed_cfb128(void)
+ const EVP_CIPHER *EVP_seed_ecb(void)
+ const EVP_CIPHER *EVP_seed_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SEED encryption algorithm for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128-bits.</p>
+
+<dl>
+
+<dt id="EVP_seed_cbc-EVP_seed_cfb-EVP_seed_cfb128-EVP_seed_ecb-EVP_seed_ofb">EVP_seed_cbc(), EVP_seed_cfb(), EVP_seed_cfb128(), EVP_seed_ecb(), EVP_seed_ofb()</dt>
+<dd>
+
+<p>The SEED encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_seed_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_ecb.html
new file mode 100644
index 000000000..dfec2c118
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_ecb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_seed_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_seed_cbc, EVP_seed_cfb, EVP_seed_cfb128, EVP_seed_ecb, EVP_seed_ofb - EVP SEED cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_seed_cbc(void)
+ const EVP_CIPHER *EVP_seed_cfb(void)
+ const EVP_CIPHER *EVP_seed_cfb128(void)
+ const EVP_CIPHER *EVP_seed_ecb(void)
+ const EVP_CIPHER *EVP_seed_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SEED encryption algorithm for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128-bits.</p>
+
+<dl>
+
+<dt id="EVP_seed_cbc-EVP_seed_cfb-EVP_seed_cfb128-EVP_seed_ecb-EVP_seed_ofb">EVP_seed_cbc(), EVP_seed_cfb(), EVP_seed_cfb128(), EVP_seed_ecb(), EVP_seed_ofb()</dt>
+<dd>
+
+<p>The SEED encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_seed_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_ofb.html
new file mode 100644
index 000000000..dfec2c118
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_seed_ofb.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_seed_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_seed_cbc, EVP_seed_cfb, EVP_seed_cfb128, EVP_seed_ecb, EVP_seed_ofb - EVP SEED cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_seed_cbc(void)
+ const EVP_CIPHER *EVP_seed_cfb(void)
+ const EVP_CIPHER *EVP_seed_cfb128(void)
+ const EVP_CIPHER *EVP_seed_ecb(void)
+ const EVP_CIPHER *EVP_seed_ofb(void)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SEED encryption algorithm for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128-bits.</p>
+
+<dl>
+
+<dt id="EVP_seed_cbc-EVP_seed_cfb-EVP_seed_cfb128-EVP_seed_ecb-EVP_seed_ofb">EVP_seed_cbc(), EVP_seed_cfb(), EVP_seed_cfb128(), EVP_seed_ecb(), EVP_seed_ofb()</dt>
+<dd>
+
+<p>The SEED encryption algorithm in CBC, CFB, ECB and OFB modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return an <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha1.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha1.html
new file mode 100644
index 000000000..0a8ac2d49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha1.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha1 - SHA-1 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha1(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function standardized in NIST FIPS 180-4. The algorithm was designed by the United States National Security Agency and initially published in 1995.</p>
+
+<dl>
+
+<dt id="EVP_sha1">EVP_sha1()</dt>
+<dd>
+
+<p>The SHA-1 algorithm which produces a 160-bit output from a given input.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 180-4.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha224.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha224.html
new file mode 100644
index 000000000..c5c9f4423
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha224.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha224, EVP_sha256, EVP_sha512_224, EVP_sha512_256, EVP_sha384, EVP_sha512 - SHA-2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha512_224(void);
+ const EVP_MD *EVP_sha512_256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-2 (Secure Hash Algorithm 2) is a family of cryptographic hash functions standardized in NIST FIPS 180-4, first published in 2001.</p>
+
+<dl>
+
+<dt id="EVP_sha224-EVP_sha256-EVP_sha512_224-EVP_sha512_256-EVP_sha384-EVP_sha512">EVP_sha224(), EVP_sha256(), EVP_sha512_224, EVP_sha512_256, EVP_sha384(), EVP_sha512()</dt>
+<dd>
+
+<p>The SHA-2 SHA-224, SHA-256, SHA-512/224, SHA512/256, SHA-384 and SHA-512 algorithms, which generate 224, 256, 224, 256, 384 and 512 bits respectively of output from a given input.</p>
+
+<p>The two algorithms: SHA-512/224 and SHA512/256 are truncated forms of the SHA-512 algorithm. They are distinct from SHA-224 and SHA-256 even though their outputs are of the same size.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 180-4.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha256.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha256.html
new file mode 100644
index 000000000..c5c9f4423
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha256.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha224, EVP_sha256, EVP_sha512_224, EVP_sha512_256, EVP_sha384, EVP_sha512 - SHA-2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha512_224(void);
+ const EVP_MD *EVP_sha512_256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-2 (Secure Hash Algorithm 2) is a family of cryptographic hash functions standardized in NIST FIPS 180-4, first published in 2001.</p>
+
+<dl>
+
+<dt id="EVP_sha224-EVP_sha256-EVP_sha512_224-EVP_sha512_256-EVP_sha384-EVP_sha512">EVP_sha224(), EVP_sha256(), EVP_sha512_224, EVP_sha512_256, EVP_sha384(), EVP_sha512()</dt>
+<dd>
+
+<p>The SHA-2 SHA-224, SHA-256, SHA-512/224, SHA512/256, SHA-384 and SHA-512 algorithms, which generate 224, 256, 224, 256, 384 and 512 bits respectively of output from a given input.</p>
+
+<p>The two algorithms: SHA-512/224 and SHA512/256 are truncated forms of the SHA-512 algorithm. They are distinct from SHA-224 and SHA-256 even though their outputs are of the same size.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 180-4.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha384.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha384.html
new file mode 100644
index 000000000..c5c9f4423
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha384.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha224, EVP_sha256, EVP_sha512_224, EVP_sha512_256, EVP_sha384, EVP_sha512 - SHA-2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha512_224(void);
+ const EVP_MD *EVP_sha512_256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-2 (Secure Hash Algorithm 2) is a family of cryptographic hash functions standardized in NIST FIPS 180-4, first published in 2001.</p>
+
+<dl>
+
+<dt id="EVP_sha224-EVP_sha256-EVP_sha512_224-EVP_sha512_256-EVP_sha384-EVP_sha512">EVP_sha224(), EVP_sha256(), EVP_sha512_224, EVP_sha512_256, EVP_sha384(), EVP_sha512()</dt>
+<dd>
+
+<p>The SHA-2 SHA-224, SHA-256, SHA-512/224, SHA512/256, SHA-384 and SHA-512 algorithms, which generate 224, 256, 224, 256, 384 and 512 bits respectively of output from a given input.</p>
+
+<p>The two algorithms: SHA-512/224 and SHA512/256 are truncated forms of the SHA-512 algorithm. They are distinct from SHA-224 and SHA-256 even though their outputs are of the same size.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 180-4.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_224.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_224.html
new file mode 100644
index 000000000..734ea2897
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_224.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha3_224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha3_224, EVP_sha3_256, EVP_sha3_384, EVP_sha3_512, EVP_shake128, EVP_shake256 - SHA-3 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha3_224(void);
+ const EVP_MD *EVP_sha3_256(void);
+ const EVP_MD *EVP_sha3_384(void);
+ const EVP_MD *EVP_sha3_512(void);
+
+ const EVP_MD *EVP_shake128(void);
+ const EVP_MD *EVP_shake256(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-3 (Secure Hash Algorithm 3) is a family of cryptographic hash functions standardized in NIST FIPS 202, first published in 2015. It is based on the Keccak algorithm.</p>
+
+<dl>
+
+<dt id="EVP_sha3_224-EVP_sha3_256-EVP_sha3_384-EVP_sha3_512">EVP_sha3_224(), EVP_sha3_256(), EVP_sha3_384(), EVP_sha3_512()</dt>
+<dd>
+
+<p>The SHA-3 SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512 algorithms respectively. They produce 224, 256, 384 and 512 bits of output from a given input.</p>
+
+</dd>
+<dt id="EVP_shake128-EVP_shake256">EVP_shake128(), EVP_shake256()</dt>
+<dd>
+
+<p>The SHAKE-128 and SHAKE-256 Extendable Output Functions (XOF) that can generate a variable hash length.</p>
+
+<p>Specifically, <b>EVP_shake128</b> provides an overall security of 128 bits, while <b>EVP_shake256</b> provides that of 256 bits.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 202.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_256.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_256.html
new file mode 100644
index 000000000..734ea2897
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_256.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha3_224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha3_224, EVP_sha3_256, EVP_sha3_384, EVP_sha3_512, EVP_shake128, EVP_shake256 - SHA-3 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha3_224(void);
+ const EVP_MD *EVP_sha3_256(void);
+ const EVP_MD *EVP_sha3_384(void);
+ const EVP_MD *EVP_sha3_512(void);
+
+ const EVP_MD *EVP_shake128(void);
+ const EVP_MD *EVP_shake256(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-3 (Secure Hash Algorithm 3) is a family of cryptographic hash functions standardized in NIST FIPS 202, first published in 2015. It is based on the Keccak algorithm.</p>
+
+<dl>
+
+<dt id="EVP_sha3_224-EVP_sha3_256-EVP_sha3_384-EVP_sha3_512">EVP_sha3_224(), EVP_sha3_256(), EVP_sha3_384(), EVP_sha3_512()</dt>
+<dd>
+
+<p>The SHA-3 SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512 algorithms respectively. They produce 224, 256, 384 and 512 bits of output from a given input.</p>
+
+</dd>
+<dt id="EVP_shake128-EVP_shake256">EVP_shake128(), EVP_shake256()</dt>
+<dd>
+
+<p>The SHAKE-128 and SHAKE-256 Extendable Output Functions (XOF) that can generate a variable hash length.</p>
+
+<p>Specifically, <b>EVP_shake128</b> provides an overall security of 128 bits, while <b>EVP_shake256</b> provides that of 256 bits.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 202.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_384.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_384.html
new file mode 100644
index 000000000..734ea2897
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_384.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha3_224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha3_224, EVP_sha3_256, EVP_sha3_384, EVP_sha3_512, EVP_shake128, EVP_shake256 - SHA-3 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha3_224(void);
+ const EVP_MD *EVP_sha3_256(void);
+ const EVP_MD *EVP_sha3_384(void);
+ const EVP_MD *EVP_sha3_512(void);
+
+ const EVP_MD *EVP_shake128(void);
+ const EVP_MD *EVP_shake256(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-3 (Secure Hash Algorithm 3) is a family of cryptographic hash functions standardized in NIST FIPS 202, first published in 2015. It is based on the Keccak algorithm.</p>
+
+<dl>
+
+<dt id="EVP_sha3_224-EVP_sha3_256-EVP_sha3_384-EVP_sha3_512">EVP_sha3_224(), EVP_sha3_256(), EVP_sha3_384(), EVP_sha3_512()</dt>
+<dd>
+
+<p>The SHA-3 SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512 algorithms respectively. They produce 224, 256, 384 and 512 bits of output from a given input.</p>
+
+</dd>
+<dt id="EVP_shake128-EVP_shake256">EVP_shake128(), EVP_shake256()</dt>
+<dd>
+
+<p>The SHAKE-128 and SHAKE-256 Extendable Output Functions (XOF) that can generate a variable hash length.</p>
+
+<p>Specifically, <b>EVP_shake128</b> provides an overall security of 128 bits, while <b>EVP_shake256</b> provides that of 256 bits.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 202.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_512.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_512.html
new file mode 100644
index 000000000..734ea2897
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha3_512.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha3_224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha3_224, EVP_sha3_256, EVP_sha3_384, EVP_sha3_512, EVP_shake128, EVP_shake256 - SHA-3 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha3_224(void);
+ const EVP_MD *EVP_sha3_256(void);
+ const EVP_MD *EVP_sha3_384(void);
+ const EVP_MD *EVP_sha3_512(void);
+
+ const EVP_MD *EVP_shake128(void);
+ const EVP_MD *EVP_shake256(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-3 (Secure Hash Algorithm 3) is a family of cryptographic hash functions standardized in NIST FIPS 202, first published in 2015. It is based on the Keccak algorithm.</p>
+
+<dl>
+
+<dt id="EVP_sha3_224-EVP_sha3_256-EVP_sha3_384-EVP_sha3_512">EVP_sha3_224(), EVP_sha3_256(), EVP_sha3_384(), EVP_sha3_512()</dt>
+<dd>
+
+<p>The SHA-3 SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512 algorithms respectively. They produce 224, 256, 384 and 512 bits of output from a given input.</p>
+
+</dd>
+<dt id="EVP_shake128-EVP_shake256">EVP_shake128(), EVP_shake256()</dt>
+<dd>
+
+<p>The SHAKE-128 and SHAKE-256 Extendable Output Functions (XOF) that can generate a variable hash length.</p>
+
+<p>Specifically, <b>EVP_shake128</b> provides an overall security of 128 bits, while <b>EVP_shake256</b> provides that of 256 bits.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 202.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha512.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha512.html
new file mode 100644
index 000000000..c5c9f4423
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha512.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha224, EVP_sha256, EVP_sha512_224, EVP_sha512_256, EVP_sha384, EVP_sha512 - SHA-2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha512_224(void);
+ const EVP_MD *EVP_sha512_256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-2 (Secure Hash Algorithm 2) is a family of cryptographic hash functions standardized in NIST FIPS 180-4, first published in 2001.</p>
+
+<dl>
+
+<dt id="EVP_sha224-EVP_sha256-EVP_sha512_224-EVP_sha512_256-EVP_sha384-EVP_sha512">EVP_sha224(), EVP_sha256(), EVP_sha512_224, EVP_sha512_256, EVP_sha384(), EVP_sha512()</dt>
+<dd>
+
+<p>The SHA-2 SHA-224, SHA-256, SHA-512/224, SHA512/256, SHA-384 and SHA-512 algorithms, which generate 224, 256, 224, 256, 384 and 512 bits respectively of output from a given input.</p>
+
+<p>The two algorithms: SHA-512/224 and SHA512/256 are truncated forms of the SHA-512 algorithm. They are distinct from SHA-224 and SHA-256 even though their outputs are of the same size.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 180-4.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha512_224.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha512_224.html
new file mode 100644
index 000000000..c5c9f4423
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha512_224.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha224, EVP_sha256, EVP_sha512_224, EVP_sha512_256, EVP_sha384, EVP_sha512 - SHA-2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha512_224(void);
+ const EVP_MD *EVP_sha512_256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-2 (Secure Hash Algorithm 2) is a family of cryptographic hash functions standardized in NIST FIPS 180-4, first published in 2001.</p>
+
+<dl>
+
+<dt id="EVP_sha224-EVP_sha256-EVP_sha512_224-EVP_sha512_256-EVP_sha384-EVP_sha512">EVP_sha224(), EVP_sha256(), EVP_sha512_224, EVP_sha512_256, EVP_sha384(), EVP_sha512()</dt>
+<dd>
+
+<p>The SHA-2 SHA-224, SHA-256, SHA-512/224, SHA512/256, SHA-384 and SHA-512 algorithms, which generate 224, 256, 224, 256, 384 and 512 bits respectively of output from a given input.</p>
+
+<p>The two algorithms: SHA-512/224 and SHA512/256 are truncated forms of the SHA-512 algorithm. They are distinct from SHA-224 and SHA-256 even though their outputs are of the same size.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 180-4.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sha512_256.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sha512_256.html
new file mode 100644
index 000000000..c5c9f4423
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sha512_256.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha224, EVP_sha256, EVP_sha512_224, EVP_sha512_256, EVP_sha384, EVP_sha512 - SHA-2 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha512_224(void);
+ const EVP_MD *EVP_sha512_256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-2 (Secure Hash Algorithm 2) is a family of cryptographic hash functions standardized in NIST FIPS 180-4, first published in 2001.</p>
+
+<dl>
+
+<dt id="EVP_sha224-EVP_sha256-EVP_sha512_224-EVP_sha512_256-EVP_sha384-EVP_sha512">EVP_sha224(), EVP_sha256(), EVP_sha512_224, EVP_sha512_256, EVP_sha384(), EVP_sha512()</dt>
+<dd>
+
+<p>The SHA-2 SHA-224, SHA-256, SHA-512/224, SHA512/256, SHA-384 and SHA-512 algorithms, which generate 224, 256, 224, 256, 384 and 512 bits respectively of output from a given input.</p>
+
+<p>The two algorithms: SHA-512/224 and SHA512/256 are truncated forms of the SHA-512 algorithm. They are distinct from SHA-224 and SHA-256 even though their outputs are of the same size.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 180-4.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_shake128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_shake128.html
new file mode 100644
index 000000000..734ea2897
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_shake128.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha3_224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha3_224, EVP_sha3_256, EVP_sha3_384, EVP_sha3_512, EVP_shake128, EVP_shake256 - SHA-3 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha3_224(void);
+ const EVP_MD *EVP_sha3_256(void);
+ const EVP_MD *EVP_sha3_384(void);
+ const EVP_MD *EVP_sha3_512(void);
+
+ const EVP_MD *EVP_shake128(void);
+ const EVP_MD *EVP_shake256(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-3 (Secure Hash Algorithm 3) is a family of cryptographic hash functions standardized in NIST FIPS 202, first published in 2015. It is based on the Keccak algorithm.</p>
+
+<dl>
+
+<dt id="EVP_sha3_224-EVP_sha3_256-EVP_sha3_384-EVP_sha3_512">EVP_sha3_224(), EVP_sha3_256(), EVP_sha3_384(), EVP_sha3_512()</dt>
+<dd>
+
+<p>The SHA-3 SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512 algorithms respectively. They produce 224, 256, 384 and 512 bits of output from a given input.</p>
+
+</dd>
+<dt id="EVP_shake128-EVP_shake256">EVP_shake128(), EVP_shake256()</dt>
+<dd>
+
+<p>The SHAKE-128 and SHAKE-256 Extendable Output Functions (XOF) that can generate a variable hash length.</p>
+
+<p>Specifically, <b>EVP_shake128</b> provides an overall security of 128 bits, while <b>EVP_shake256</b> provides that of 256 bits.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 202.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_shake256.html b/msys2/usr/share/doc/openssl/html/man3/EVP_shake256.html
new file mode 100644
index 000000000..734ea2897
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_shake256.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sha3_224</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sha3_224, EVP_sha3_256, EVP_sha3_384, EVP_sha3_512, EVP_shake128, EVP_shake256 - SHA-3 For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sha3_224(void);
+ const EVP_MD *EVP_sha3_256(void);
+ const EVP_MD *EVP_sha3_384(void);
+ const EVP_MD *EVP_sha3_512(void);
+
+ const EVP_MD *EVP_shake128(void);
+ const EVP_MD *EVP_shake256(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SHA-3 (Secure Hash Algorithm 3) is a family of cryptographic hash functions standardized in NIST FIPS 202, first published in 2015. It is based on the Keccak algorithm.</p>
+
+<dl>
+
+<dt id="EVP_sha3_224-EVP_sha3_256-EVP_sha3_384-EVP_sha3_512">EVP_sha3_224(), EVP_sha3_256(), EVP_sha3_384(), EVP_sha3_512()</dt>
+<dd>
+
+<p>The SHA-3 SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512 algorithms respectively. They produce 224, 256, 384 and 512 bits of output from a given input.</p>
+
+</dd>
+<dt id="EVP_shake128-EVP_shake256">EVP_shake128(), EVP_shake256()</dt>
+<dd>
+
+<p>The SHAKE-128 and SHAKE-256 Extendable Output Functions (XOF) that can generate a variable hash length.</p>
+
+<p>Specifically, <b>EVP_shake128</b> provides an overall security of 128 bits, while <b>EVP_shake256</b> provides that of 256 bits.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>NIST FIPS 202.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sm3.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sm3.html
new file mode 100644
index 000000000..14850d963
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sm3.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sm3</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sm3 - SM3 for EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_sm3(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SM3 is a cryptographic hash function with a 256-bit output, defined in GB/T 32905-2016.</p>
+
+<dl>
+
+<dt id="EVP_sm3">EVP_sm3()</dt>
+<dd>
+
+<p>The SM3 hash function.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>GB/T 32905-2016 and GM/T 0004-2012.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2017 Ribose Inc. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cbc.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cbc.html
new file mode 100644
index 000000000..85cc914d9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cbc.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sm4_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sm4_cbc, EVP_sm4_ecb, EVP_sm4_cfb, EVP_sm4_cfb128, EVP_sm4_ofb, EVP_sm4_ctr - EVP SM4 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_sm4_cbc(void);
+ const EVP_CIPHER *EVP_sm4_ecb(void);
+ const EVP_CIPHER *EVP_sm4_cfb(void);
+ const EVP_CIPHER *EVP_sm4_cfb128(void);
+ const EVP_CIPHER *EVP_sm4_ofb(void);
+ const EVP_CIPHER *EVP_sm4_ctr(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SM4 blockcipher (GB/T 32907-2016) for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128 bits.</p>
+
+<dl>
+
+<dt id="EVP_sm4_cbc-EVP_sm4_ecb-EVP_sm4_cfb-EVP_sm4_cfb128-EVP_sm4_ofb-EVP_sm4_ctr">EVP_sm4_cbc(), EVP_sm4_ecb(), EVP_sm4_cfb(), EVP_sm4_cfb128(), EVP_sm4_ofb(), EVP_sm4_ctr()</dt>
+<dd>
+
+<p>The SM4 blockcipher with a 128-bit key in CBC, ECB, CFB, OFB and CTR modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2017 Ribose Inc. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cfb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cfb.html
new file mode 100644
index 000000000..85cc914d9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cfb.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sm4_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sm4_cbc, EVP_sm4_ecb, EVP_sm4_cfb, EVP_sm4_cfb128, EVP_sm4_ofb, EVP_sm4_ctr - EVP SM4 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_sm4_cbc(void);
+ const EVP_CIPHER *EVP_sm4_ecb(void);
+ const EVP_CIPHER *EVP_sm4_cfb(void);
+ const EVP_CIPHER *EVP_sm4_cfb128(void);
+ const EVP_CIPHER *EVP_sm4_ofb(void);
+ const EVP_CIPHER *EVP_sm4_ctr(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SM4 blockcipher (GB/T 32907-2016) for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128 bits.</p>
+
+<dl>
+
+<dt id="EVP_sm4_cbc-EVP_sm4_ecb-EVP_sm4_cfb-EVP_sm4_cfb128-EVP_sm4_ofb-EVP_sm4_ctr">EVP_sm4_cbc(), EVP_sm4_ecb(), EVP_sm4_cfb(), EVP_sm4_cfb128(), EVP_sm4_ofb(), EVP_sm4_ctr()</dt>
+<dd>
+
+<p>The SM4 blockcipher with a 128-bit key in CBC, ECB, CFB, OFB and CTR modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2017 Ribose Inc. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cfb128.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cfb128.html
new file mode 100644
index 000000000..85cc914d9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_cfb128.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sm4_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sm4_cbc, EVP_sm4_ecb, EVP_sm4_cfb, EVP_sm4_cfb128, EVP_sm4_ofb, EVP_sm4_ctr - EVP SM4 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_sm4_cbc(void);
+ const EVP_CIPHER *EVP_sm4_ecb(void);
+ const EVP_CIPHER *EVP_sm4_cfb(void);
+ const EVP_CIPHER *EVP_sm4_cfb128(void);
+ const EVP_CIPHER *EVP_sm4_ofb(void);
+ const EVP_CIPHER *EVP_sm4_ctr(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SM4 blockcipher (GB/T 32907-2016) for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128 bits.</p>
+
+<dl>
+
+<dt id="EVP_sm4_cbc-EVP_sm4_ecb-EVP_sm4_cfb-EVP_sm4_cfb128-EVP_sm4_ofb-EVP_sm4_ctr">EVP_sm4_cbc(), EVP_sm4_ecb(), EVP_sm4_cfb(), EVP_sm4_cfb128(), EVP_sm4_ofb(), EVP_sm4_ctr()</dt>
+<dd>
+
+<p>The SM4 blockcipher with a 128-bit key in CBC, ECB, CFB, OFB and CTR modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2017 Ribose Inc. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ctr.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ctr.html
new file mode 100644
index 000000000..85cc914d9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ctr.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sm4_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sm4_cbc, EVP_sm4_ecb, EVP_sm4_cfb, EVP_sm4_cfb128, EVP_sm4_ofb, EVP_sm4_ctr - EVP SM4 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_sm4_cbc(void);
+ const EVP_CIPHER *EVP_sm4_ecb(void);
+ const EVP_CIPHER *EVP_sm4_cfb(void);
+ const EVP_CIPHER *EVP_sm4_cfb128(void);
+ const EVP_CIPHER *EVP_sm4_ofb(void);
+ const EVP_CIPHER *EVP_sm4_ctr(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SM4 blockcipher (GB/T 32907-2016) for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128 bits.</p>
+
+<dl>
+
+<dt id="EVP_sm4_cbc-EVP_sm4_ecb-EVP_sm4_cfb-EVP_sm4_cfb128-EVP_sm4_ofb-EVP_sm4_ctr">EVP_sm4_cbc(), EVP_sm4_ecb(), EVP_sm4_cfb(), EVP_sm4_cfb128(), EVP_sm4_ofb(), EVP_sm4_ctr()</dt>
+<dd>
+
+<p>The SM4 blockcipher with a 128-bit key in CBC, ECB, CFB, OFB and CTR modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2017 Ribose Inc. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ecb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ecb.html
new file mode 100644
index 000000000..85cc914d9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ecb.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sm4_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sm4_cbc, EVP_sm4_ecb, EVP_sm4_cfb, EVP_sm4_cfb128, EVP_sm4_ofb, EVP_sm4_ctr - EVP SM4 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_sm4_cbc(void);
+ const EVP_CIPHER *EVP_sm4_ecb(void);
+ const EVP_CIPHER *EVP_sm4_cfb(void);
+ const EVP_CIPHER *EVP_sm4_cfb128(void);
+ const EVP_CIPHER *EVP_sm4_ofb(void);
+ const EVP_CIPHER *EVP_sm4_ctr(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SM4 blockcipher (GB/T 32907-2016) for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128 bits.</p>
+
+<dl>
+
+<dt id="EVP_sm4_cbc-EVP_sm4_ecb-EVP_sm4_cfb-EVP_sm4_cfb128-EVP_sm4_ofb-EVP_sm4_ctr">EVP_sm4_cbc(), EVP_sm4_ecb(), EVP_sm4_cfb(), EVP_sm4_cfb128(), EVP_sm4_ofb(), EVP_sm4_ctr()</dt>
+<dd>
+
+<p>The SM4 blockcipher with a 128-bit key in CBC, ECB, CFB, OFB and CTR modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2017 Ribose Inc. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ofb.html b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ofb.html
new file mode 100644
index 000000000..85cc914d9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_sm4_ofb.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_sm4_cbc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_sm4_cbc, EVP_sm4_ecb, EVP_sm4_cfb, EVP_sm4_cfb128, EVP_sm4_ofb, EVP_sm4_ctr - EVP SM4 cipher</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_CIPHER *EVP_sm4_cbc(void);
+ const EVP_CIPHER *EVP_sm4_ecb(void);
+ const EVP_CIPHER *EVP_sm4_cfb(void);
+ const EVP_CIPHER *EVP_sm4_cfb128(void);
+ const EVP_CIPHER *EVP_sm4_ofb(void);
+ const EVP_CIPHER *EVP_sm4_ctr(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SM4 blockcipher (GB/T 32907-2016) for EVP.</p>
+
+<p>All modes below use a key length of 128 bits and acts on blocks of 128 bits.</p>
+
+<dl>
+
+<dt id="EVP_sm4_cbc-EVP_sm4_ecb-EVP_sm4_cfb-EVP_sm4_cfb128-EVP_sm4_ofb-EVP_sm4_ctr">EVP_sm4_cbc(), EVP_sm4_ecb(), EVP_sm4_cfb(), EVP_sm4_cfb128(), EVP_sm4_ofb(), EVP_sm4_ctr()</dt>
+<dd>
+
+<p>The SM4 blockcipher with a 128-bit key in CBC, ECB, CFB, OFB and CTR modes respectively.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_CIPHER</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a> for details of the <b>EVP_CIPHER</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_CIPHER_meth_new.html">EVP_CIPHER_meth_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2017 Ribose Inc. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EVP_whirlpool.html b/msys2/usr/share/doc/openssl/html/man3/EVP_whirlpool.html
new file mode 100644
index 000000000..62f512513
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EVP_whirlpool.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>EVP_whirlpool</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>EVP_whirlpool - WHIRLPOOL For EVP</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ const EVP_MD *EVP_whirlpool(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>WHIRLPOOL is a cryptographic hash function standardized in ISO/IEC 10118-3:2004 designed by Vincent Rijmen and Paulo S. L. M. Barreto.</p>
+
+<dl>
+
+<dt id="EVP_whirlpool">EVP_whirlpool()</dt>
+<dd>
+
+<p>The WHIRLPOOL algorithm that produces a message digest of 512-bits from a given input.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return a <b>EVP_MD</b> structure that contains the implementation of the symmetric cipher. See <a href="../man3/EVP_MD_meth_new.html">EVP_MD_meth_new(3)</a> for details of the <b>EVP_MD</b> structure.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-3:2004.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EXTENDED_KEY_USAGE_free.html b/msys2/usr/share/doc/openssl/html/man3/EXTENDED_KEY_USAGE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EXTENDED_KEY_USAGE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/EXTENDED_KEY_USAGE_new.html b/msys2/usr/share/doc/openssl/html/man3/EXTENDED_KEY_USAGE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/EXTENDED_KEY_USAGE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAMES_free.html b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAMES_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAMES_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAMES_new.html b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAMES_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAMES_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_dup.html b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_free.html b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_new.html b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/GENERAL_NAME_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/GENERAL_SUBTREE_free.html b/msys2/usr/share/doc/openssl/html/man3/GENERAL_SUBTREE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/GENERAL_SUBTREE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/GENERAL_SUBTREE_new.html b/msys2/usr/share/doc/openssl/html/man3/GENERAL_SUBTREE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/GENERAL_SUBTREE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/GEN_SESSION_CB.html b/msys2/usr/share/doc/openssl/html/man3/GEN_SESSION_CB.html
new file mode 100644
index 000000000..d6315039d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/GEN_SESSION_CB.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_generate_session_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id, GEN_SESSION_CB - manipulate generation of SSL session IDs (server only)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
+                               unsigned int *id_len);
+
+ int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
+ int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb);
+ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+                                 unsigned int id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_generate_session_id() sets the callback function for generating new session ids for SSL/TLS sessions for <b>ctx</b> to be <b>cb</b>.</p>
+
+<p>SSL_set_generate_session_id() sets the callback function for generating new session ids for SSL/TLS sessions for <b>ssl</b> to be <b>cb</b>.</p>
+
+<p>SSL_has_matching_session_id() checks, whether a session with id <b>id</b> (of length <b>id_len</b>) is already contained in the internal session cache of the parent context of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a new session is established between client and server, the server generates a session id. The session id is an arbitrary sequence of bytes. The length of the session id is between 1 and 32 bytes. The session id is not security critical but must be unique for the server. Additionally, the session id is transmitted in the clear when reusing the session so it must not contain sensitive information.</p>
+
+<p>Without a callback being set, an OpenSSL server will generate a unique session id from pseudo random numbers of the maximum possible length. Using the callback function, the session id can be changed to contain additional information like e.g. a host id in order to improve load balancing or external caching techniques.</p>
+
+<p>The callback function receives a pointer to the memory location to put <b>id</b> into and a pointer to the maximum allowed length <b>id_len</b>. The buffer at location <b>id</b> is only guaranteed to have the size <b>id_len</b>. The callback is only allowed to generate a shorter id and reduce <b>id_len</b>; the callback <b>must never</b> increase <b>id_len</b> or write to the location <b>id</b> exceeding the given limit.</p>
+
+<p>The location <b>id</b> is filled with 0x00 before the callback is called, so the callback may only fill part of the possible length and leave <b>id_len</b> untouched while maintaining reproducibility.</p>
+
+<p>Since the sessions must be distinguished, session ids must be unique. Without the callback a random number is used, so that the probability of generating the same session id is extremely small (2^256 for SSLv3/TLSv1). In order to assure the uniqueness of the generated session id, the callback must call SSL_has_matching_session_id() and generate another id if a conflict occurs. If an id conflict is not resolved, the handshake will fail. If the application codes e.g. a unique host id, a unique process number, and a unique sequence number into the session id, uniqueness could easily be achieved without randomness added (it should however be taken care that no confidential information is leaked this way). If the application can not guarantee uniqueness, it is recommended to use the maximum <b>id_len</b> and fill in the bytes not used to code special information with random data to avoid collisions.</p>
+
+<p>SSL_has_matching_session_id() will only query the internal session cache, not the external one. Since the session id is generated before the handshake is completed, it is not immediately added to the cache. If another thread is using the same internal session cache, a race condition can occur in that another thread generates the same session id. Collisions can also occur when using an external session cache, since the external cache is not tested with SSL_has_matching_session_id() and the same race condition applies.</p>
+
+<p>The callback must return 0 if it cannot generate a session id for whatever reason and return 1 on success.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The callback function listed will generate a session id with the server id given, and will fill the rest with pseudo random bytes:</p>
+
+<pre><code> const char session_id_prefix = &quot;www-18&quot;;
+
+ #define MAX_SESSION_ID_ATTEMPTS 10
+ static int generate_session_id(const SSL *ssl, unsigned char *id,
+                                unsigned int *id_len)
+ {
+     unsigned int count = 0;
+
+     do {
+         RAND_pseudo_bytes(id, *id_len);
+         /*
+          * Prefix the session_id with the required prefix. NB: If our
+          * prefix is too long, clip it - but there will be worse effects
+          * anyway, eg. the server could only possibly create 1 session
+          * ID (ie. the prefix!) so all future session negotiations will
+          * fail due to conflicts.
+          */
+         memcpy(id, session_id_prefix, strlen(session_id_prefix) &lt; *id_len ?
+                                       strlen(session_id_prefix) : *id_len);
+     } while (SSL_has_matching_session_id(ssl, id, *id_len)
+               &amp;&amp; ++count &lt; MAX_SESSION_ID_ATTEMPTS);
+     if (count &gt;= MAX_SESSION_ID_ATTEMPTS)
+         return 0;
+     return 1;
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id() always return 1.</p>
+
+<p>SSL_has_matching_session_id() returns 1 if another session with the same id is already in the cache.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_version.html">SSL_get_version(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC.html b/msys2/usr/share/doc/openssl/html/man3/HMAC.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_copy.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_copy.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_copy.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_free.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_free.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_get_md.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_get_md.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_get_md.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_new.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_new.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_reset.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_reset.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_reset.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_set_flags.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_CTX_set_flags.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_Final.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_Final.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_Final.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_Init.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_Init.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_Init.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_Init_ex.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_Init_ex.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_Init_ex.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_Update.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_Update.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_Update.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/HMAC_size.html b/msys2/usr/share/doc/openssl/html/man3/HMAC_size.html
new file mode 100644
index 000000000..7cde6754b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/HMAC_size.html
@@ -0,0 +1,137 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>HMAC, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags, HMAC_CTX_get_md, HMAC_size - HMAC message authentication code</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/hmac.h&gt;
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+                     int key_len, const unsigned char *d, int n,
+                     unsigned char *md, unsigned int *md_len);
+
+ HMAC_CTX *HMAC_CTX_new(void);
+ int HMAC_CTX_reset(HMAC_CTX *ctx);
+
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+                  const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_free(HMAC_CTX *ctx);
+
+ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+ const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
+ size_t HMAC_size(const HMAC_CTX *e);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>HMAC is a MAC (message authentication code), i.e. a keyed hash function used for message authentication, which is based on a hash function.</p>
+
+<p>HMAC() computes the message authentication code of the <b>n</b> bytes at <b>d</b> using the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>It places the result in <b>md</b> (which must have space for the output of the hash function, which is no more than <b>EVP_MAX_MD_SIZE</b> bytes). If <b>md</b> is NULL, the digest is placed in a static array. The size of the output is placed in <b>md_len</b>, unless it is <b>NULL</b>. Note: passing a NULL value for <b>md</b> to use the static array is not thread safe.</p>
+
+<p><b>evp_md</b> can be EVP_sha1(), EVP_ripemd160() etc.</p>
+
+<p>HMAC_CTX_new() creates a new HMAC_CTX in heap memory.</p>
+
+<p>HMAC_CTX_reset() zeroes an existing <b>HMAC_CTX</b> and associated resources, making it suitable for new computations as if it was newly created with HMAC_CTX_new().</p>
+
+<p>HMAC_CTX_free() erases the key and other data from the <b>HMAC_CTX</b>, releases any associated resources and finally frees the <b>HMAC_CTX</b> itself.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>HMAC_Init_ex() initializes or reuses a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and key <b>key</b>. If both are NULL, or if <b>key</b> is NULL and <b>evp_md</b> is the same as the previous call, then the existing key is reused. <b>ctx</b> must have been created with HMAC_CTX_new() before the first use of an <b>HMAC_CTX</b> in this function.</p>
+
+<p>If HMAC_Init_ex() is called with <b>key</b> NULL and <b>evp_md</b> is not the same as the previous digest used by <b>ctx</b> then an error is returned because reuse of an existing key with a different digest is not supported.</p>
+
+<p>HMAC_Init() initializes a <b>HMAC_CTX</b> structure to use the hash function <b>evp_md</b> and the key <b>key</b> which is <b>key_len</b> bytes long.</p>
+
+<p>HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>HMAC_Final() places the message authentication code in <b>md</b>, which must have space for the hash function output.</p>
+
+<p>HMAC_CTX_copy() copies all of the internal state from <b>sctx</b> into <b>dctx</b>.</p>
+
+<p>HMAC_CTX_set_flags() applies the specified flags to the internal EVP_MD_CTXs. These flags have the same meaning as for <a href="../man3/EVP_MD_CTX_set_flags.html">EVP_MD_CTX_set_flags(3)</a>.</p>
+
+<p>HMAC_CTX_get_md() returns the EVP_MD that has previously been set for the supplied HMAC_CTX.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>HMAC() returns a pointer to the message authentication code or NULL if an error occurred.</p>
+
+<p>HMAC_CTX_new() returns a pointer to a new <b>HMAC_CTX</b> on success or <b>NULL</b> if an error occurred.</p>
+
+<p>HMAC_CTX_reset(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and HMAC_CTX_copy() return 1 for success or 0 if an error occurred.</p>
+
+<p>HMAC_CTX_get_md() return the EVP_MD previously set for the supplied HMAC_CTX or NULL if no EVP_MD has been set.</p>
+
+<p>HMAC_size() returns the length in bytes of the underlying hash function output or zero on error.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 2104</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SHA1.html">SHA1(3)</a>, <a href="../man7/evp.html">evp(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.</p>
+
+<p>HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.</p>
+
+<p>HMAC_CTX_new(), HMAC_CTX_free() and HMAC_CTX_get_md() are new in OpenSSL 1.1.0.</p>
+
+<p>HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in OpenSSL before version 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_ASN1_FUNCTIONS.html b/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_ASN1_FUNCTIONS.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_ASN1_FUNCTIONS.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_LHASH_COMP_FN.html b/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_LHASH_COMP_FN.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_LHASH_COMP_FN.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_LHASH_HASH_FN.html b/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_LHASH_HASH_FN.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IMPLEMENT_LHASH_HASH_FN.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IPAddressChoice_free.html b/msys2/usr/share/doc/openssl/html/man3/IPAddressChoice_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IPAddressChoice_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IPAddressChoice_new.html b/msys2/usr/share/doc/openssl/html/man3/IPAddressChoice_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IPAddressChoice_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IPAddressFamily_free.html b/msys2/usr/share/doc/openssl/html/man3/IPAddressFamily_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IPAddressFamily_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IPAddressFamily_new.html b/msys2/usr/share/doc/openssl/html/man3/IPAddressFamily_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IPAddressFamily_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IPAddressOrRange_free.html b/msys2/usr/share/doc/openssl/html/man3/IPAddressOrRange_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IPAddressOrRange_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IPAddressOrRange_new.html b/msys2/usr/share/doc/openssl/html/man3/IPAddressOrRange_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IPAddressOrRange_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IPAddressRange_free.html b/msys2/usr/share/doc/openssl/html/man3/IPAddressRange_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IPAddressRange_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/IPAddressRange_new.html b/msys2/usr/share/doc/openssl/html/man3/IPAddressRange_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/IPAddressRange_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ISSUING_DIST_POINT_free.html b/msys2/usr/share/doc/openssl/html/man3/ISSUING_DIST_POINT_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ISSUING_DIST_POINT_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ISSUING_DIST_POINT_new.html b/msys2/usr/share/doc/openssl/html/man3/ISSUING_DIST_POINT_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ISSUING_DIST_POINT_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/LHASH.html b/msys2/usr/share/doc/openssl/html/man3/LHASH.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/LHASH.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/LHASH_DOALL_ARG_FN_TYPE.html b/msys2/usr/share/doc/openssl/html/man3/LHASH_DOALL_ARG_FN_TYPE.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/LHASH_DOALL_ARG_FN_TYPE.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD2.html b/msys2/usr/share/doc/openssl/html/man3/MD2.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD2.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD2_Final.html b/msys2/usr/share/doc/openssl/html/man3/MD2_Final.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD2_Final.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD2_Init.html b/msys2/usr/share/doc/openssl/html/man3/MD2_Init.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD2_Init.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD2_Update.html b/msys2/usr/share/doc/openssl/html/man3/MD2_Update.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD2_Update.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD4.html b/msys2/usr/share/doc/openssl/html/man3/MD4.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD4.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD4_Final.html b/msys2/usr/share/doc/openssl/html/man3/MD4_Final.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD4_Final.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD4_Init.html b/msys2/usr/share/doc/openssl/html/man3/MD4_Init.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD4_Init.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD4_Update.html b/msys2/usr/share/doc/openssl/html/man3/MD4_Update.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD4_Update.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD5.html b/msys2/usr/share/doc/openssl/html/man3/MD5.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD5.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD5_Final.html b/msys2/usr/share/doc/openssl/html/man3/MD5_Final.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD5_Final.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD5_Init.html b/msys2/usr/share/doc/openssl/html/man3/MD5_Init.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD5_Init.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MD5_Update.html b/msys2/usr/share/doc/openssl/html/man3/MD5_Update.html
new file mode 100644
index 000000000..75bebba33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MD5_Update.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MD5</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update, MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/md2.h&gt;
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include &lt;openssl/md4.h&gt;
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include &lt;openssl/md5.h&gt;
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.</p>
+
+<p>MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest of the <b>n</b> bytes at <b>d</b> and place it in <b>md</b> (which must have space for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MD2_Init() initializes a <b>MD2_CTX</b> structure.</p>
+
+<p>MD2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MD2_Final() places the message digest in <b>md</b>, which must have space for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MD2_CTX</b>.</p>
+
+<p>MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() are analogous using an <b>MD4_CTX</b> and <b>MD5_CTX</b> structure.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>MD2, MD4, and MD5 are recommended only for compatibility with existing applications. In new applications, SHA-1 or RIPEMD-160 should be preferred.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MD2(), MD4(), and MD5() return pointers to the hash value.</p>
+
+<p>MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 1319, RFC 1320, RFC 1321</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MDC2.html b/msys2/usr/share/doc/openssl/html/man3/MDC2.html
new file mode 100644
index 000000000..1045bead3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MDC2.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MDC2_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MDC2, MDC2_Init, MDC2_Update, MDC2_Final - MDC2 hash function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/mdc2.h&gt;
+
+ unsigned char *MDC2(const unsigned char *d, unsigned long n,
+                     unsigned char *md);
+
+ int MDC2_Init(MDC2_CTX *c);
+ int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+                 unsigned long len);
+ int MDC2_Final(unsigned char *md, MDC2_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MDC2 is a method to construct hash functions with 128 bit output from block ciphers. These functions are an implementation of MDC2 with DES.</p>
+
+<p>MDC2() computes the MDC2 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for MDC2_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MDC2_Init() initializes a <b>MDC2_CTX</b> structure.</p>
+
+<p>MDC2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MDC2_Final() places the message digest in <b>md</b>, which must have space for MDC2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MDC2_CTX</b>.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MDC2() returns a pointer to the hash value.</p>
+
+<p>MDC2_Init(), MDC2_Update() and MDC2_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-2:2000 Hash-Function 2, with DES as the underlying block cipher.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MDC2_Final.html b/msys2/usr/share/doc/openssl/html/man3/MDC2_Final.html
new file mode 100644
index 000000000..1045bead3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MDC2_Final.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MDC2_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MDC2, MDC2_Init, MDC2_Update, MDC2_Final - MDC2 hash function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/mdc2.h&gt;
+
+ unsigned char *MDC2(const unsigned char *d, unsigned long n,
+                     unsigned char *md);
+
+ int MDC2_Init(MDC2_CTX *c);
+ int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+                 unsigned long len);
+ int MDC2_Final(unsigned char *md, MDC2_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MDC2 is a method to construct hash functions with 128 bit output from block ciphers. These functions are an implementation of MDC2 with DES.</p>
+
+<p>MDC2() computes the MDC2 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for MDC2_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MDC2_Init() initializes a <b>MDC2_CTX</b> structure.</p>
+
+<p>MDC2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MDC2_Final() places the message digest in <b>md</b>, which must have space for MDC2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MDC2_CTX</b>.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MDC2() returns a pointer to the hash value.</p>
+
+<p>MDC2_Init(), MDC2_Update() and MDC2_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-2:2000 Hash-Function 2, with DES as the underlying block cipher.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MDC2_Init.html b/msys2/usr/share/doc/openssl/html/man3/MDC2_Init.html
new file mode 100644
index 000000000..1045bead3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MDC2_Init.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MDC2_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MDC2, MDC2_Init, MDC2_Update, MDC2_Final - MDC2 hash function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/mdc2.h&gt;
+
+ unsigned char *MDC2(const unsigned char *d, unsigned long n,
+                     unsigned char *md);
+
+ int MDC2_Init(MDC2_CTX *c);
+ int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+                 unsigned long len);
+ int MDC2_Final(unsigned char *md, MDC2_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MDC2 is a method to construct hash functions with 128 bit output from block ciphers. These functions are an implementation of MDC2 with DES.</p>
+
+<p>MDC2() computes the MDC2 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for MDC2_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MDC2_Init() initializes a <b>MDC2_CTX</b> structure.</p>
+
+<p>MDC2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MDC2_Final() places the message digest in <b>md</b>, which must have space for MDC2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MDC2_CTX</b>.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MDC2() returns a pointer to the hash value.</p>
+
+<p>MDC2_Init(), MDC2_Update() and MDC2_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-2:2000 Hash-Function 2, with DES as the underlying block cipher.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/MDC2_Update.html b/msys2/usr/share/doc/openssl/html/man3/MDC2_Update.html
new file mode 100644
index 000000000..1045bead3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/MDC2_Update.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>MDC2_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>MDC2, MDC2_Init, MDC2_Update, MDC2_Final - MDC2 hash function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/mdc2.h&gt;
+
+ unsigned char *MDC2(const unsigned char *d, unsigned long n,
+                     unsigned char *md);
+
+ int MDC2_Init(MDC2_CTX *c);
+ int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+                 unsigned long len);
+ int MDC2_Final(unsigned char *md, MDC2_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>MDC2 is a method to construct hash functions with 128 bit output from block ciphers. These functions are an implementation of MDC2 with DES.</p>
+
+<p>MDC2() computes the MDC2 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for MDC2_DIGEST_LENGTH == 16 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>MDC2_Init() initializes a <b>MDC2_CTX</b> structure.</p>
+
+<p>MDC2_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>MDC2_Final() places the message digest in <b>md</b>, which must have space for MDC2_DIGEST_LENGTH == 16 bytes of output, and erases the <b>MDC2_CTX</b>.</p>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>MDC2() returns a pointer to the hash value.</p>
+
+<p>MDC2_Init(), MDC2_Update() and MDC2_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-2:2000 Hash-Function 2, with DES as the underlying block cipher.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAME_CONSTRAINTS_free.html b/msys2/usr/share/doc/openssl/html/man3/NAME_CONSTRAINTS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAME_CONSTRAINTS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAME_CONSTRAINTS_new.html b/msys2/usr/share/doc/openssl/html/man3/NAME_CONSTRAINTS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAME_CONSTRAINTS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_free.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityId.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityId.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityId.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityText.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityText.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityText.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityURL.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityURL.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityURL.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_new.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityId.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityId.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityId.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityText.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityText.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityText.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityURL.html b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityURL.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityURL.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_CERT_SEQUENCE_free.html b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_CERT_SEQUENCE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_CERT_SEQUENCE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_CERT_SEQUENCE_new.html b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_CERT_SEQUENCE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_CERT_SEQUENCE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKAC_free.html b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKAC_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKAC_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKAC_new.html b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKAC_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKAC_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKI_free.html b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKI_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKI_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKI_new.html b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKI_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NETSCAPE_SPKI_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NOTICEREF_free.html b/msys2/usr/share/doc/openssl/html/man3/NOTICEREF_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NOTICEREF_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/NOTICEREF_new.html b/msys2/usr/share/doc/openssl/html/man3/NOTICEREF_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/NOTICEREF_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_cleanup.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_cleanup.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_cmp.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_cmp.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_cmp.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_create.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_create.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_create.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_dup.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_dup.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_dup.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_get0_data.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_get0_data.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_get0_data.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_length.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_length.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_length.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_ln2nid.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_ln2nid.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_ln2nid.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2ln.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2ln.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2ln.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2obj.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2obj.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2obj.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2sn.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2sn.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_nid2sn.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_obj2nid.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_obj2nid.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_obj2nid.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_obj2txt.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_obj2txt.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_obj2txt.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_sn2nid.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_sn2nid.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_sn2nid.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_txt2nid.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_txt2nid.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_txt2nid.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OBJ_txt2obj.html b/msys2/usr/share/doc/openssl/html/man3/OBJ_txt2obj.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OBJ_txt2obj.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_BASICRESP_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_BASICRESP_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_BASICRESP_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_BASICRESP_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_BASICRESP_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_BASICRESP_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_dup.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_free.html
new file mode 100644
index 000000000..9a44387b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_free.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_cert_to_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp, OCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst,
+                              X509 *subject, X509 *issuer);
+
+ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+                               X509_NAME *issuerName,
+                               ASN1_BIT_STRING *issuerKey,
+                               ASN1_INTEGER *serialNumber);
+
+ void OCSP_CERTID_free(OCSP_CERTID *id);
+
+ int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+ int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+
+ int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+                       ASN1_OCTET_STRING **pikeyHash,
+                       ASN1_INTEGER **pserial, OCSP_CERTID *cid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_cert_to_id() creates and returns a new <b>OCSP_CERTID</b> structure using message digest <b>dgst</b> for certificate <b>subject</b> with issuer <b>issuer</b>. If <b>dgst</b> is <b>NULL</b> then SHA1 is used.</p>
+
+<p>OCSP_cert_id_new() creates and returns a new <b>OCSP_CERTID</b> using <b>dgst</b> and issuer name <b>issuerName</b>, issuer key hash <b>issuerKey</b> and serial number <b>serialNumber</b>.</p>
+
+<p>OCSP_CERTID_free() frees up <b>id</b>.</p>
+
+<p>OCSP_id_cmp() compares <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_issuer_cmp() compares only the issuer name of <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and serial number contained in <b>cid</b>. If any of the values are not required the corresponding parameter can be set to <b>NULL</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_cert_to_id() and OCSP_cert_id_new() return either a pointer to a valid <b>OCSP_CERTID</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and non-zero otherwise.</p>
+
+<p>OCSP_CERTID_free() does not return a value.</p>
+
+<p>OCSP_id_get0_info() returns 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP clients will typically only use OCSP_cert_to_id() or OCSP_cert_id_new(): the other functions are used by responder applications.</p>
+
+<p>The values returned by OCSP_id_get0_info() are internal pointers and <b>MUST NOT</b> be freed up by an application: they will be freed when the corresponding <b>OCSP_CERTID</b> structure is freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTID_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTSTATUS_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTSTATUS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTSTATUS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTSTATUS_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTSTATUS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_CERTSTATUS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_CRLID_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_CRLID_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_CRLID_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_CRLID_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_CRLID_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_CRLID_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_ONEREQ_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_ONEREQ_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_ONEREQ_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_ONEREQ_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_ONEREQ_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_ONEREQ_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REQINFO_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQINFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQINFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REQINFO_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQINFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQINFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REQUEST_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQUEST_free.html
new file mode 100644
index 000000000..ab6739460
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQUEST_free.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_REQUEST_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id, OCSP_request_sign, OCSP_request_add1_cert, OCSP_request_onereq_count, OCSP_request_onereq_get0 - OCSP request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQUEST *OCSP_REQUEST_new(void);
+ void OCSP_REQUEST_free(OCSP_REQUEST *req);
+
+ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+ int OCSP_request_sign(OCSP_REQUEST *req,
+                       X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                       STACK_OF(X509) *certs, unsigned long flags);
+
+ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+ int OCSP_request_onereq_count(OCSP_REQUEST *req);
+ OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_REQUEST_new() allocates and returns an empty <b>OCSP_REQUEST</b> structure.</p>
+
+<p>OCSP_REQUEST_free() frees up the request structure <b>req</b>.</p>
+
+<p>OCSP_request_add0_id() adds certificate ID <b>cid</b> to <b>req</b>. It returns the <b>OCSP_ONEREQ</b> structure added so an application can add additional extensions to the request. The <b>id</b> parameter <b>MUST NOT</b> be freed up after the operation.</p>
+
+<p>OCSP_request_sign() signs OCSP request <b>req</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request.</p>
+
+<p>OCSP_request_add1_cert() adds certificate <b>cert</b> to request <b>req</b>. The application is responsible for freeing up <b>cert</b> after use.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns an internal pointer to the <b>OCSP_ONEREQ</b> contained in <b>req</b> of index <b>i</b>. The index value <b>i</b> runs from 0 to OCSP_request_onereq_count(req) - 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_REQUEST_new() returns an empty <b>OCSP_REQUEST</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_add0_id() returns the <b>OCSP_ONEREQ</b> structure containing <b>cid</b> or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_sign() and OCSP_request_add1_cert() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns a pointer to an <b>OCSP_ONEREQ</b> structure or <b>NULL</b> if the index value is out or range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An OCSP request structure contains one or more <b>OCSP_ONEREQ</b> structures corresponding to each certificate.</p>
+
+<p>OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly used by OCSP responders.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create an <b>OCSP_REQUEST</b> structure for certificate <b>cert</b> with issuer <b>issuer</b>:</p>
+
+<pre><code> OCSP_REQUEST *req;
+ OCSP_ID *cid;
+
+ req = OCSP_REQUEST_new();
+ if (req == NULL)
+    /* error */
+ cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
+ if (cid == NULL)
+    /* error */
+
+ if (OCSP_REQUEST_add0_id(req, cid) == NULL)
+    /* error */
+
+ /* Do something with req, e.g. query responder */
+
+ OCSP_REQUEST_free(req);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REQUEST_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQUEST_new.html
new file mode 100644
index 000000000..ab6739460
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQUEST_new.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_REQUEST_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id, OCSP_request_sign, OCSP_request_add1_cert, OCSP_request_onereq_count, OCSP_request_onereq_get0 - OCSP request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQUEST *OCSP_REQUEST_new(void);
+ void OCSP_REQUEST_free(OCSP_REQUEST *req);
+
+ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+ int OCSP_request_sign(OCSP_REQUEST *req,
+                       X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                       STACK_OF(X509) *certs, unsigned long flags);
+
+ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+ int OCSP_request_onereq_count(OCSP_REQUEST *req);
+ OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_REQUEST_new() allocates and returns an empty <b>OCSP_REQUEST</b> structure.</p>
+
+<p>OCSP_REQUEST_free() frees up the request structure <b>req</b>.</p>
+
+<p>OCSP_request_add0_id() adds certificate ID <b>cid</b> to <b>req</b>. It returns the <b>OCSP_ONEREQ</b> structure added so an application can add additional extensions to the request. The <b>id</b> parameter <b>MUST NOT</b> be freed up after the operation.</p>
+
+<p>OCSP_request_sign() signs OCSP request <b>req</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request.</p>
+
+<p>OCSP_request_add1_cert() adds certificate <b>cert</b> to request <b>req</b>. The application is responsible for freeing up <b>cert</b> after use.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns an internal pointer to the <b>OCSP_ONEREQ</b> contained in <b>req</b> of index <b>i</b>. The index value <b>i</b> runs from 0 to OCSP_request_onereq_count(req) - 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_REQUEST_new() returns an empty <b>OCSP_REQUEST</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_add0_id() returns the <b>OCSP_ONEREQ</b> structure containing <b>cid</b> or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_sign() and OCSP_request_add1_cert() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns a pointer to an <b>OCSP_ONEREQ</b> structure or <b>NULL</b> if the index value is out or range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An OCSP request structure contains one or more <b>OCSP_ONEREQ</b> structures corresponding to each certificate.</p>
+
+<p>OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly used by OCSP responders.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create an <b>OCSP_REQUEST</b> structure for certificate <b>cert</b> with issuer <b>issuer</b>:</p>
+
+<pre><code> OCSP_REQUEST *req;
+ OCSP_ID *cid;
+
+ req = OCSP_REQUEST_new();
+ if (req == NULL)
+    /* error */
+ cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
+ if (cid == NULL)
+    /* error */
+
+ if (OCSP_REQUEST_add0_id(req, cid) == NULL)
+    /* error */
+
+ /* Do something with req, e.g. query responder */
+
+ OCSP_REQUEST_free(req);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_add1_header.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_add1_header.html
new file mode 100644
index 000000000..4785a6010
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_add1_header.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_sendreq_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                                int maxline);
+
+ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+
+ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+
+ void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+
+ int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                              const char *name, const char *value);
+
+ int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+
+ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req,
+                                 int maxline);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OCSP_sendreq_new() returns an <b>OCSP_CTX</b> structure using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used. The OCSP request <b>req</b> may be set to <b>NULL</b> and provided later if required.</p>
+
+<p>OCSP_sendreq_nbio() performs non-blocking I/O on the OCSP request context <b>rctx</b>. When the operation is complete it returns the response in <b>*presp</b>.</p>
+
+<p>OCSP_REQ_CTX_free() frees up the OCSP context <b>rctx</b>.</p>
+
+<p>OCSP_set_max_response_length() sets the maximum response length for <b>rctx</b> to <b>len</b>. If the response exceeds this length an error occurs. If not set a default value of 100k is used.</p>
+
+<p>OCSP_REQ_CTX_add1_header() adds header <b>name</b> with value <b>value</b> to the context <b>rctx</b>. It can be called more than once to add multiple headers. It <b>MUST</b> be called before any calls to OCSP_sendreq_nbio(). The <b>req</b> parameter in the initial to OCSP_sendreq_new() call MUST be set to <b>NULL</b> if additional headers are set.</p>
+
+<p>OCSP_REQ_CTX_set1_req() sets the OCSP request in <b>rctx</b> to <b>req</b>. This function should be called after any calls to OCSP_REQ_CTX_add1_header().</p>
+
+<p>OCSP_sendreq_bio() performs an OCSP request using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_sendreq_new() returns a valid <b>OCSP_REQ_CTX</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_sendreq_nbio() returns <b>1</b> if the operation was completed successfully, <b>-1</b> if the operation should be retried and <b>0</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>OCSP_sendreq_bio() returns the <b>OCSP_RESPONSE</b> structure sent by the responder or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_free() and OCSP_set_max_response_length() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions only perform a minimal HTTP query to a responder. If an application wishes to support more advanced features it should use an alternative more complete HTTP library.</p>
+
+<p>Currently only HTTP POST queries to responders are supported.</p>
+
+<p>The arguments to OCSP_sendreq_new() correspond to the components of the URL. For example if the responder URL is <b>http://ocsp.com/ocspreq</b> the BIO <b>io</b> should be connected to host <b>ocsp.com</b> on port 80 and <b>path</b> should be set to <b>&quot;/ocspreq&quot;</b></p>
+
+<p>The headers added with OCSP_REQ_CTX_add1_header() are of the form &quot;<b>name</b>: <b>value</b>&quot; or just &quot;<b>name</b>&quot; if <b>value</b> is <b>NULL</b>. So to add a Host header for <b>ocsp.com</b> you would call:</p>
+
+<pre><code> OCSP_REQ_CTX_add1_header(ctx, &quot;Host&quot;, &quot;ocsp.com&quot;);</code></pre>
+
+<p>If OCSP_sendreq_nbio() indicates an operation should be retried the corresponding BIO can be examined to determine which operation (read or write) should be retried and appropriate action taken (for example a select() call on the underlying socket).</p>
+
+<p>OCSP_sendreq_bio() does not support retries and so cannot handle non-blocking I/O efficiently. It is retained for compatibility and its use in new applications is not recommended.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_free.html
new file mode 100644
index 000000000..4785a6010
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_free.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_sendreq_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                                int maxline);
+
+ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+
+ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+
+ void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+
+ int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                              const char *name, const char *value);
+
+ int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+
+ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req,
+                                 int maxline);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OCSP_sendreq_new() returns an <b>OCSP_CTX</b> structure using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used. The OCSP request <b>req</b> may be set to <b>NULL</b> and provided later if required.</p>
+
+<p>OCSP_sendreq_nbio() performs non-blocking I/O on the OCSP request context <b>rctx</b>. When the operation is complete it returns the response in <b>*presp</b>.</p>
+
+<p>OCSP_REQ_CTX_free() frees up the OCSP context <b>rctx</b>.</p>
+
+<p>OCSP_set_max_response_length() sets the maximum response length for <b>rctx</b> to <b>len</b>. If the response exceeds this length an error occurs. If not set a default value of 100k is used.</p>
+
+<p>OCSP_REQ_CTX_add1_header() adds header <b>name</b> with value <b>value</b> to the context <b>rctx</b>. It can be called more than once to add multiple headers. It <b>MUST</b> be called before any calls to OCSP_sendreq_nbio(). The <b>req</b> parameter in the initial to OCSP_sendreq_new() call MUST be set to <b>NULL</b> if additional headers are set.</p>
+
+<p>OCSP_REQ_CTX_set1_req() sets the OCSP request in <b>rctx</b> to <b>req</b>. This function should be called after any calls to OCSP_REQ_CTX_add1_header().</p>
+
+<p>OCSP_sendreq_bio() performs an OCSP request using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_sendreq_new() returns a valid <b>OCSP_REQ_CTX</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_sendreq_nbio() returns <b>1</b> if the operation was completed successfully, <b>-1</b> if the operation should be retried and <b>0</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>OCSP_sendreq_bio() returns the <b>OCSP_RESPONSE</b> structure sent by the responder or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_free() and OCSP_set_max_response_length() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions only perform a minimal HTTP query to a responder. If an application wishes to support more advanced features it should use an alternative more complete HTTP library.</p>
+
+<p>Currently only HTTP POST queries to responders are supported.</p>
+
+<p>The arguments to OCSP_sendreq_new() correspond to the components of the URL. For example if the responder URL is <b>http://ocsp.com/ocspreq</b> the BIO <b>io</b> should be connected to host <b>ocsp.com</b> on port 80 and <b>path</b> should be set to <b>&quot;/ocspreq&quot;</b></p>
+
+<p>The headers added with OCSP_REQ_CTX_add1_header() are of the form &quot;<b>name</b>: <b>value</b>&quot; or just &quot;<b>name</b>&quot; if <b>value</b> is <b>NULL</b>. So to add a Host header for <b>ocsp.com</b> you would call:</p>
+
+<pre><code> OCSP_REQ_CTX_add1_header(ctx, &quot;Host&quot;, &quot;ocsp.com&quot;);</code></pre>
+
+<p>If OCSP_sendreq_nbio() indicates an operation should be retried the corresponding BIO can be examined to determine which operation (read or write) should be retried and appropriate action taken (for example a select() call on the underlying socket).</p>
+
+<p>OCSP_sendreq_bio() does not support retries and so cannot handle non-blocking I/O efficiently. It is retained for compatibility and its use in new applications is not recommended.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_set1_req.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_set1_req.html
new file mode 100644
index 000000000..4785a6010
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_set1_req.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_sendreq_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                                int maxline);
+
+ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+
+ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+
+ void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+
+ int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                              const char *name, const char *value);
+
+ int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+
+ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req,
+                                 int maxline);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OCSP_sendreq_new() returns an <b>OCSP_CTX</b> structure using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used. The OCSP request <b>req</b> may be set to <b>NULL</b> and provided later if required.</p>
+
+<p>OCSP_sendreq_nbio() performs non-blocking I/O on the OCSP request context <b>rctx</b>. When the operation is complete it returns the response in <b>*presp</b>.</p>
+
+<p>OCSP_REQ_CTX_free() frees up the OCSP context <b>rctx</b>.</p>
+
+<p>OCSP_set_max_response_length() sets the maximum response length for <b>rctx</b> to <b>len</b>. If the response exceeds this length an error occurs. If not set a default value of 100k is used.</p>
+
+<p>OCSP_REQ_CTX_add1_header() adds header <b>name</b> with value <b>value</b> to the context <b>rctx</b>. It can be called more than once to add multiple headers. It <b>MUST</b> be called before any calls to OCSP_sendreq_nbio(). The <b>req</b> parameter in the initial to OCSP_sendreq_new() call MUST be set to <b>NULL</b> if additional headers are set.</p>
+
+<p>OCSP_REQ_CTX_set1_req() sets the OCSP request in <b>rctx</b> to <b>req</b>. This function should be called after any calls to OCSP_REQ_CTX_add1_header().</p>
+
+<p>OCSP_sendreq_bio() performs an OCSP request using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_sendreq_new() returns a valid <b>OCSP_REQ_CTX</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_sendreq_nbio() returns <b>1</b> if the operation was completed successfully, <b>-1</b> if the operation should be retried and <b>0</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>OCSP_sendreq_bio() returns the <b>OCSP_RESPONSE</b> structure sent by the responder or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_free() and OCSP_set_max_response_length() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions only perform a minimal HTTP query to a responder. If an application wishes to support more advanced features it should use an alternative more complete HTTP library.</p>
+
+<p>Currently only HTTP POST queries to responders are supported.</p>
+
+<p>The arguments to OCSP_sendreq_new() correspond to the components of the URL. For example if the responder URL is <b>http://ocsp.com/ocspreq</b> the BIO <b>io</b> should be connected to host <b>ocsp.com</b> on port 80 and <b>path</b> should be set to <b>&quot;/ocspreq&quot;</b></p>
+
+<p>The headers added with OCSP_REQ_CTX_add1_header() are of the form &quot;<b>name</b>: <b>value</b>&quot; or just &quot;<b>name</b>&quot; if <b>value</b> is <b>NULL</b>. So to add a Host header for <b>ocsp.com</b> you would call:</p>
+
+<pre><code> OCSP_REQ_CTX_add1_header(ctx, &quot;Host&quot;, &quot;ocsp.com&quot;);</code></pre>
+
+<p>If OCSP_sendreq_nbio() indicates an operation should be retried the corresponding BIO can be examined to determine which operation (read or write) should be retried and appropriate action taken (for example a select() call on the underlying socket).</p>
+
+<p>OCSP_sendreq_bio() does not support retries and so cannot handle non-blocking I/O efficiently. It is retained for compatibility and its use in new applications is not recommended.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPBYTES_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPBYTES_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPBYTES_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPBYTES_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPBYTES_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPBYTES_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPDATA_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPDATA_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPDATA_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPDATA_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPDATA_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPDATA_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_match.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_match.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_match.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_set_by_key.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_set_by_key.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_set_by_key.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_set_by_name.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_set_by_name.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPID_set_by_name.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPONSE_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPONSE_free.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPONSE_free.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPONSE_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPONSE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_RESPONSE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REVOKEDINFO_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REVOKEDINFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REVOKEDINFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_REVOKEDINFO_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_REVOKEDINFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_REVOKEDINFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_SERVICELOC_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_SERVICELOC_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_SERVICELOC_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_SERVICELOC_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_SERVICELOC_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_SERVICELOC_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_SIGNATURE_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_SIGNATURE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_SIGNATURE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_SIGNATURE_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_SIGNATURE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_SIGNATURE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_SINGLERESP_free.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_SINGLERESP_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_SINGLERESP_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_SINGLERESP_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_SINGLERESP_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_SINGLERESP_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_add1_nonce.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_add1_nonce.html
new file mode 100644
index 000000000..3c4785555
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_add1_nonce.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_request_add1_nonce</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_request_add1_nonce, OCSP_basic_add1_nonce, OCSP_check_nonce, OCSP_copy_nonce - OCSP nonce functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
+ int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
+ int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
+ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *resp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_request_add1_nonce() adds a nonce of value <b>val</b> and length <b>len</b> to OCSP request <b>req</b>. If <b>val</b> is <b>NULL</b> a random nonce is used. If <b>len</b> is zero or negative a default length will be used (currently 16 bytes).</p>
+
+<p>OCSP_basic_add1_nonce() is identical to OCSP_request_add1_nonce() except it adds a nonce to OCSP basic response <b>resp</b>.</p>
+
+<p>OCSP_check_nonce() compares the nonce value in <b>req</b> and <b>resp</b>.</p>
+
+<p>OCSP_copy_nonce() copys any nonce value present in <b>req</b> to <b>resp</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_request_add1_nonce() and OCSP_basic_add1_nonce() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_copy_nonce() returns 1 if a nonce was successfully copied, 2 if no nonce was present in <b>req</b> and 0 if an error occurred.</p>
+
+<p>OCSP_check_nonce() returns the result of the nonce comparison between <b>req</b> and <b>resp</b>. The return value indicates the result of the comparison. If nonces are present and equal 1 is returned. If the nonces are absent 2 is returned. If a nonce is present in the response only 3 is returned. If nonces are present and unequal 0 is returned. If the nonce is present in the request only then -1 is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For most purposes the nonce value in a request is set to a random value so the <b>val</b> parameter in OCSP_request_add1_nonce() is usually NULL.</p>
+
+<p>An OCSP nonce is typically added to an OCSP request to thwart replay attacks by checking the same nonce value appears in the response.</p>
+
+<p>Some responders may include a nonce in all responses even if one is not supplied.</p>
+
+<p>Some responders cache OCSP responses and do not sign each response for performance reasons. As a result they do not support nonces.</p>
+
+<p>The return values of OCSP_check_nonce() can be checked to cover each case. A positive return value effectively indicates success: nonces are both present and match, both absent or present in the response only. A non-zero return additionally covers the case where the nonce is present in the request only: this will happen if the responder doesn&#39;t support nonces. A zero return value indicates present and mismatched nonces: this should be treated as an error condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_sign.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_sign.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_sign.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_sign_ctx.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_sign_ctx.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_sign_ctx.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_verify.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_verify.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_basic_verify.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_cert_id_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_cert_id_new.html
new file mode 100644
index 000000000..9a44387b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_cert_id_new.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_cert_to_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp, OCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst,
+                              X509 *subject, X509 *issuer);
+
+ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+                               X509_NAME *issuerName,
+                               ASN1_BIT_STRING *issuerKey,
+                               ASN1_INTEGER *serialNumber);
+
+ void OCSP_CERTID_free(OCSP_CERTID *id);
+
+ int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+ int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+
+ int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+                       ASN1_OCTET_STRING **pikeyHash,
+                       ASN1_INTEGER **pserial, OCSP_CERTID *cid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_cert_to_id() creates and returns a new <b>OCSP_CERTID</b> structure using message digest <b>dgst</b> for certificate <b>subject</b> with issuer <b>issuer</b>. If <b>dgst</b> is <b>NULL</b> then SHA1 is used.</p>
+
+<p>OCSP_cert_id_new() creates and returns a new <b>OCSP_CERTID</b> using <b>dgst</b> and issuer name <b>issuerName</b>, issuer key hash <b>issuerKey</b> and serial number <b>serialNumber</b>.</p>
+
+<p>OCSP_CERTID_free() frees up <b>id</b>.</p>
+
+<p>OCSP_id_cmp() compares <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_issuer_cmp() compares only the issuer name of <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and serial number contained in <b>cid</b>. If any of the values are not required the corresponding parameter can be set to <b>NULL</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_cert_to_id() and OCSP_cert_id_new() return either a pointer to a valid <b>OCSP_CERTID</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and non-zero otherwise.</p>
+
+<p>OCSP_CERTID_free() does not return a value.</p>
+
+<p>OCSP_id_get0_info() returns 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP clients will typically only use OCSP_cert_to_id() or OCSP_cert_id_new(): the other functions are used by responder applications.</p>
+
+<p>The values returned by OCSP_id_get0_info() are internal pointers and <b>MUST NOT</b> be freed up by an application: they will be freed when the corresponding <b>OCSP_CERTID</b> structure is freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_cert_to_id.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_cert_to_id.html
new file mode 100644
index 000000000..9a44387b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_cert_to_id.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_cert_to_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp, OCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst,
+                              X509 *subject, X509 *issuer);
+
+ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+                               X509_NAME *issuerName,
+                               ASN1_BIT_STRING *issuerKey,
+                               ASN1_INTEGER *serialNumber);
+
+ void OCSP_CERTID_free(OCSP_CERTID *id);
+
+ int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+ int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+
+ int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+                       ASN1_OCTET_STRING **pikeyHash,
+                       ASN1_INTEGER **pserial, OCSP_CERTID *cid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_cert_to_id() creates and returns a new <b>OCSP_CERTID</b> structure using message digest <b>dgst</b> for certificate <b>subject</b> with issuer <b>issuer</b>. If <b>dgst</b> is <b>NULL</b> then SHA1 is used.</p>
+
+<p>OCSP_cert_id_new() creates and returns a new <b>OCSP_CERTID</b> using <b>dgst</b> and issuer name <b>issuerName</b>, issuer key hash <b>issuerKey</b> and serial number <b>serialNumber</b>.</p>
+
+<p>OCSP_CERTID_free() frees up <b>id</b>.</p>
+
+<p>OCSP_id_cmp() compares <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_issuer_cmp() compares only the issuer name of <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and serial number contained in <b>cid</b>. If any of the values are not required the corresponding parameter can be set to <b>NULL</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_cert_to_id() and OCSP_cert_id_new() return either a pointer to a valid <b>OCSP_CERTID</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and non-zero otherwise.</p>
+
+<p>OCSP_CERTID_free() does not return a value.</p>
+
+<p>OCSP_id_get0_info() returns 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP clients will typically only use OCSP_cert_to_id() or OCSP_cert_id_new(): the other functions are used by responder applications.</p>
+
+<p>The values returned by OCSP_id_get0_info() are internal pointers and <b>MUST NOT</b> be freed up by an application: they will be freed when the corresponding <b>OCSP_CERTID</b> structure is freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_check_nonce.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_check_nonce.html
new file mode 100644
index 000000000..3c4785555
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_check_nonce.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_request_add1_nonce</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_request_add1_nonce, OCSP_basic_add1_nonce, OCSP_check_nonce, OCSP_copy_nonce - OCSP nonce functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
+ int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
+ int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
+ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *resp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_request_add1_nonce() adds a nonce of value <b>val</b> and length <b>len</b> to OCSP request <b>req</b>. If <b>val</b> is <b>NULL</b> a random nonce is used. If <b>len</b> is zero or negative a default length will be used (currently 16 bytes).</p>
+
+<p>OCSP_basic_add1_nonce() is identical to OCSP_request_add1_nonce() except it adds a nonce to OCSP basic response <b>resp</b>.</p>
+
+<p>OCSP_check_nonce() compares the nonce value in <b>req</b> and <b>resp</b>.</p>
+
+<p>OCSP_copy_nonce() copys any nonce value present in <b>req</b> to <b>resp</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_request_add1_nonce() and OCSP_basic_add1_nonce() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_copy_nonce() returns 1 if a nonce was successfully copied, 2 if no nonce was present in <b>req</b> and 0 if an error occurred.</p>
+
+<p>OCSP_check_nonce() returns the result of the nonce comparison between <b>req</b> and <b>resp</b>. The return value indicates the result of the comparison. If nonces are present and equal 1 is returned. If the nonces are absent 2 is returned. If a nonce is present in the response only 3 is returned. If nonces are present and unequal 0 is returned. If the nonce is present in the request only then -1 is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For most purposes the nonce value in a request is set to a random value so the <b>val</b> parameter in OCSP_request_add1_nonce() is usually NULL.</p>
+
+<p>An OCSP nonce is typically added to an OCSP request to thwart replay attacks by checking the same nonce value appears in the response.</p>
+
+<p>Some responders may include a nonce in all responses even if one is not supplied.</p>
+
+<p>Some responders cache OCSP responses and do not sign each response for performance reasons. As a result they do not support nonces.</p>
+
+<p>The return values of OCSP_check_nonce() can be checked to cover each case. A positive return value effectively indicates success: nonces are both present and match, both absent or present in the response only. A non-zero return additionally covers the case where the nonce is present in the request only: this will happen if the responder doesn&#39;t support nonces. A zero return value indicates present and mismatched nonces: this should be treated as an error condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_check_validity.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_check_validity.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_check_validity.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_copy_nonce.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_copy_nonce.html
new file mode 100644
index 000000000..3c4785555
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_copy_nonce.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_request_add1_nonce</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_request_add1_nonce, OCSP_basic_add1_nonce, OCSP_check_nonce, OCSP_copy_nonce - OCSP nonce functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
+ int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
+ int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
+ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *resp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_request_add1_nonce() adds a nonce of value <b>val</b> and length <b>len</b> to OCSP request <b>req</b>. If <b>val</b> is <b>NULL</b> a random nonce is used. If <b>len</b> is zero or negative a default length will be used (currently 16 bytes).</p>
+
+<p>OCSP_basic_add1_nonce() is identical to OCSP_request_add1_nonce() except it adds a nonce to OCSP basic response <b>resp</b>.</p>
+
+<p>OCSP_check_nonce() compares the nonce value in <b>req</b> and <b>resp</b>.</p>
+
+<p>OCSP_copy_nonce() copys any nonce value present in <b>req</b> to <b>resp</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_request_add1_nonce() and OCSP_basic_add1_nonce() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_copy_nonce() returns 1 if a nonce was successfully copied, 2 if no nonce was present in <b>req</b> and 0 if an error occurred.</p>
+
+<p>OCSP_check_nonce() returns the result of the nonce comparison between <b>req</b> and <b>resp</b>. The return value indicates the result of the comparison. If nonces are present and equal 1 is returned. If the nonces are absent 2 is returned. If a nonce is present in the response only 3 is returned. If nonces are present and unequal 0 is returned. If the nonce is present in the request only then -1 is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For most purposes the nonce value in a request is set to a random value so the <b>val</b> parameter in OCSP_request_add1_nonce() is usually NULL.</p>
+
+<p>An OCSP nonce is typically added to an OCSP request to thwart replay attacks by checking the same nonce value appears in the response.</p>
+
+<p>Some responders may include a nonce in all responses even if one is not supplied.</p>
+
+<p>Some responders cache OCSP responses and do not sign each response for performance reasons. As a result they do not support nonces.</p>
+
+<p>The return values of OCSP_check_nonce() can be checked to cover each case. A positive return value effectively indicates success: nonces are both present and match, both absent or present in the response only. A non-zero return additionally covers the case where the nonce is present in the request only: this will happen if the responder doesn&#39;t support nonces. A zero return value indicates present and mismatched nonces: this should be treated as an error condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_id_cmp.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_id_cmp.html
new file mode 100644
index 000000000..9a44387b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_id_cmp.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_cert_to_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp, OCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst,
+                              X509 *subject, X509 *issuer);
+
+ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+                               X509_NAME *issuerName,
+                               ASN1_BIT_STRING *issuerKey,
+                               ASN1_INTEGER *serialNumber);
+
+ void OCSP_CERTID_free(OCSP_CERTID *id);
+
+ int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+ int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+
+ int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+                       ASN1_OCTET_STRING **pikeyHash,
+                       ASN1_INTEGER **pserial, OCSP_CERTID *cid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_cert_to_id() creates and returns a new <b>OCSP_CERTID</b> structure using message digest <b>dgst</b> for certificate <b>subject</b> with issuer <b>issuer</b>. If <b>dgst</b> is <b>NULL</b> then SHA1 is used.</p>
+
+<p>OCSP_cert_id_new() creates and returns a new <b>OCSP_CERTID</b> using <b>dgst</b> and issuer name <b>issuerName</b>, issuer key hash <b>issuerKey</b> and serial number <b>serialNumber</b>.</p>
+
+<p>OCSP_CERTID_free() frees up <b>id</b>.</p>
+
+<p>OCSP_id_cmp() compares <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_issuer_cmp() compares only the issuer name of <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and serial number contained in <b>cid</b>. If any of the values are not required the corresponding parameter can be set to <b>NULL</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_cert_to_id() and OCSP_cert_id_new() return either a pointer to a valid <b>OCSP_CERTID</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and non-zero otherwise.</p>
+
+<p>OCSP_CERTID_free() does not return a value.</p>
+
+<p>OCSP_id_get0_info() returns 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP clients will typically only use OCSP_cert_to_id() or OCSP_cert_id_new(): the other functions are used by responder applications.</p>
+
+<p>The values returned by OCSP_id_get0_info() are internal pointers and <b>MUST NOT</b> be freed up by an application: they will be freed when the corresponding <b>OCSP_CERTID</b> structure is freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_id_get0_info.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_id_get0_info.html
new file mode 100644
index 000000000..9a44387b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_id_get0_info.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_cert_to_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp, OCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst,
+                              X509 *subject, X509 *issuer);
+
+ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+                               X509_NAME *issuerName,
+                               ASN1_BIT_STRING *issuerKey,
+                               ASN1_INTEGER *serialNumber);
+
+ void OCSP_CERTID_free(OCSP_CERTID *id);
+
+ int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+ int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+
+ int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+                       ASN1_OCTET_STRING **pikeyHash,
+                       ASN1_INTEGER **pserial, OCSP_CERTID *cid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_cert_to_id() creates and returns a new <b>OCSP_CERTID</b> structure using message digest <b>dgst</b> for certificate <b>subject</b> with issuer <b>issuer</b>. If <b>dgst</b> is <b>NULL</b> then SHA1 is used.</p>
+
+<p>OCSP_cert_id_new() creates and returns a new <b>OCSP_CERTID</b> using <b>dgst</b> and issuer name <b>issuerName</b>, issuer key hash <b>issuerKey</b> and serial number <b>serialNumber</b>.</p>
+
+<p>OCSP_CERTID_free() frees up <b>id</b>.</p>
+
+<p>OCSP_id_cmp() compares <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_issuer_cmp() compares only the issuer name of <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and serial number contained in <b>cid</b>. If any of the values are not required the corresponding parameter can be set to <b>NULL</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_cert_to_id() and OCSP_cert_id_new() return either a pointer to a valid <b>OCSP_CERTID</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and non-zero otherwise.</p>
+
+<p>OCSP_CERTID_free() does not return a value.</p>
+
+<p>OCSP_id_get0_info() returns 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP clients will typically only use OCSP_cert_to_id() or OCSP_cert_id_new(): the other functions are used by responder applications.</p>
+
+<p>The values returned by OCSP_id_get0_info() are internal pointers and <b>MUST NOT</b> be freed up by an application: they will be freed when the corresponding <b>OCSP_CERTID</b> structure is freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_id_issuer_cmp.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_id_issuer_cmp.html
new file mode 100644
index 000000000..9a44387b5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_id_issuer_cmp.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_cert_to_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_cert_to_id, OCSP_cert_id_new, OCSP_CERTID_free, OCSP_id_issuer_cmp, OCSP_id_cmp, OCSP_id_get0_info - OCSP certificate ID utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst,
+                              X509 *subject, X509 *issuer);
+
+ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+                               X509_NAME *issuerName,
+                               ASN1_BIT_STRING *issuerKey,
+                               ASN1_INTEGER *serialNumber);
+
+ void OCSP_CERTID_free(OCSP_CERTID *id);
+
+ int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+ int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+
+ int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+                       ASN1_OCTET_STRING **pikeyHash,
+                       ASN1_INTEGER **pserial, OCSP_CERTID *cid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_cert_to_id() creates and returns a new <b>OCSP_CERTID</b> structure using message digest <b>dgst</b> for certificate <b>subject</b> with issuer <b>issuer</b>. If <b>dgst</b> is <b>NULL</b> then SHA1 is used.</p>
+
+<p>OCSP_cert_id_new() creates and returns a new <b>OCSP_CERTID</b> using <b>dgst</b> and issuer name <b>issuerName</b>, issuer key hash <b>issuerKey</b> and serial number <b>serialNumber</b>.</p>
+
+<p>OCSP_CERTID_free() frees up <b>id</b>.</p>
+
+<p>OCSP_id_cmp() compares <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_issuer_cmp() compares only the issuer name of <b>OCSP_CERTID</b> <b>a</b> and <b>b</b>.</p>
+
+<p>OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and serial number contained in <b>cid</b>. If any of the values are not required the corresponding parameter can be set to <b>NULL</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_cert_to_id() and OCSP_cert_id_new() return either a pointer to a valid <b>OCSP_CERTID</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_id_cmp() and OCSP_id_issuer_cmp() returns zero for a match and non-zero otherwise.</p>
+
+<p>OCSP_CERTID_free() does not return a value.</p>
+
+<p>OCSP_id_get0_info() returns 1 for success and 0 for failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP clients will typically only use OCSP_cert_to_id() or OCSP_cert_id_new(): the other functions are used by responder applications.</p>
+
+<p>The values returned by OCSP_id_get0_info() are internal pointers and <b>MUST NOT</b> be freed up by an application: they will be freed when the corresponding <b>OCSP_CERTID</b> structure is freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add0_id.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add0_id.html
new file mode 100644
index 000000000..ab6739460
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add0_id.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_REQUEST_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id, OCSP_request_sign, OCSP_request_add1_cert, OCSP_request_onereq_count, OCSP_request_onereq_get0 - OCSP request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQUEST *OCSP_REQUEST_new(void);
+ void OCSP_REQUEST_free(OCSP_REQUEST *req);
+
+ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+ int OCSP_request_sign(OCSP_REQUEST *req,
+                       X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                       STACK_OF(X509) *certs, unsigned long flags);
+
+ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+ int OCSP_request_onereq_count(OCSP_REQUEST *req);
+ OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_REQUEST_new() allocates and returns an empty <b>OCSP_REQUEST</b> structure.</p>
+
+<p>OCSP_REQUEST_free() frees up the request structure <b>req</b>.</p>
+
+<p>OCSP_request_add0_id() adds certificate ID <b>cid</b> to <b>req</b>. It returns the <b>OCSP_ONEREQ</b> structure added so an application can add additional extensions to the request. The <b>id</b> parameter <b>MUST NOT</b> be freed up after the operation.</p>
+
+<p>OCSP_request_sign() signs OCSP request <b>req</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request.</p>
+
+<p>OCSP_request_add1_cert() adds certificate <b>cert</b> to request <b>req</b>. The application is responsible for freeing up <b>cert</b> after use.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns an internal pointer to the <b>OCSP_ONEREQ</b> contained in <b>req</b> of index <b>i</b>. The index value <b>i</b> runs from 0 to OCSP_request_onereq_count(req) - 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_REQUEST_new() returns an empty <b>OCSP_REQUEST</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_add0_id() returns the <b>OCSP_ONEREQ</b> structure containing <b>cid</b> or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_sign() and OCSP_request_add1_cert() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns a pointer to an <b>OCSP_ONEREQ</b> structure or <b>NULL</b> if the index value is out or range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An OCSP request structure contains one or more <b>OCSP_ONEREQ</b> structures corresponding to each certificate.</p>
+
+<p>OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly used by OCSP responders.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create an <b>OCSP_REQUEST</b> structure for certificate <b>cert</b> with issuer <b>issuer</b>:</p>
+
+<pre><code> OCSP_REQUEST *req;
+ OCSP_ID *cid;
+
+ req = OCSP_REQUEST_new();
+ if (req == NULL)
+    /* error */
+ cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
+ if (cid == NULL)
+    /* error */
+
+ if (OCSP_REQUEST_add0_id(req, cid) == NULL)
+    /* error */
+
+ /* Do something with req, e.g. query responder */
+
+ OCSP_REQUEST_free(req);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add1_cert.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add1_cert.html
new file mode 100644
index 000000000..ab6739460
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add1_cert.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_REQUEST_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id, OCSP_request_sign, OCSP_request_add1_cert, OCSP_request_onereq_count, OCSP_request_onereq_get0 - OCSP request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQUEST *OCSP_REQUEST_new(void);
+ void OCSP_REQUEST_free(OCSP_REQUEST *req);
+
+ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+ int OCSP_request_sign(OCSP_REQUEST *req,
+                       X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                       STACK_OF(X509) *certs, unsigned long flags);
+
+ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+ int OCSP_request_onereq_count(OCSP_REQUEST *req);
+ OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_REQUEST_new() allocates and returns an empty <b>OCSP_REQUEST</b> structure.</p>
+
+<p>OCSP_REQUEST_free() frees up the request structure <b>req</b>.</p>
+
+<p>OCSP_request_add0_id() adds certificate ID <b>cid</b> to <b>req</b>. It returns the <b>OCSP_ONEREQ</b> structure added so an application can add additional extensions to the request. The <b>id</b> parameter <b>MUST NOT</b> be freed up after the operation.</p>
+
+<p>OCSP_request_sign() signs OCSP request <b>req</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request.</p>
+
+<p>OCSP_request_add1_cert() adds certificate <b>cert</b> to request <b>req</b>. The application is responsible for freeing up <b>cert</b> after use.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns an internal pointer to the <b>OCSP_ONEREQ</b> contained in <b>req</b> of index <b>i</b>. The index value <b>i</b> runs from 0 to OCSP_request_onereq_count(req) - 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_REQUEST_new() returns an empty <b>OCSP_REQUEST</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_add0_id() returns the <b>OCSP_ONEREQ</b> structure containing <b>cid</b> or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_sign() and OCSP_request_add1_cert() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns a pointer to an <b>OCSP_ONEREQ</b> structure or <b>NULL</b> if the index value is out or range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An OCSP request structure contains one or more <b>OCSP_ONEREQ</b> structures corresponding to each certificate.</p>
+
+<p>OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly used by OCSP responders.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create an <b>OCSP_REQUEST</b> structure for certificate <b>cert</b> with issuer <b>issuer</b>:</p>
+
+<pre><code> OCSP_REQUEST *req;
+ OCSP_ID *cid;
+
+ req = OCSP_REQUEST_new();
+ if (req == NULL)
+    /* error */
+ cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
+ if (cid == NULL)
+    /* error */
+
+ if (OCSP_REQUEST_add0_id(req, cid) == NULL)
+    /* error */
+
+ /* Do something with req, e.g. query responder */
+
+ OCSP_REQUEST_free(req);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add1_nonce.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add1_nonce.html
new file mode 100644
index 000000000..3c4785555
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_add1_nonce.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_request_add1_nonce</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_request_add1_nonce, OCSP_basic_add1_nonce, OCSP_check_nonce, OCSP_copy_nonce - OCSP nonce functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
+ int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
+ int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
+ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *resp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_request_add1_nonce() adds a nonce of value <b>val</b> and length <b>len</b> to OCSP request <b>req</b>. If <b>val</b> is <b>NULL</b> a random nonce is used. If <b>len</b> is zero or negative a default length will be used (currently 16 bytes).</p>
+
+<p>OCSP_basic_add1_nonce() is identical to OCSP_request_add1_nonce() except it adds a nonce to OCSP basic response <b>resp</b>.</p>
+
+<p>OCSP_check_nonce() compares the nonce value in <b>req</b> and <b>resp</b>.</p>
+
+<p>OCSP_copy_nonce() copys any nonce value present in <b>req</b> to <b>resp</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_request_add1_nonce() and OCSP_basic_add1_nonce() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_copy_nonce() returns 1 if a nonce was successfully copied, 2 if no nonce was present in <b>req</b> and 0 if an error occurred.</p>
+
+<p>OCSP_check_nonce() returns the result of the nonce comparison between <b>req</b> and <b>resp</b>. The return value indicates the result of the comparison. If nonces are present and equal 1 is returned. If the nonces are absent 2 is returned. If a nonce is present in the response only 3 is returned. If nonces are present and unequal 0 is returned. If the nonce is present in the request only then -1 is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>For most purposes the nonce value in a request is set to a random value so the <b>val</b> parameter in OCSP_request_add1_nonce() is usually NULL.</p>
+
+<p>An OCSP nonce is typically added to an OCSP request to thwart replay attacks by checking the same nonce value appears in the response.</p>
+
+<p>Some responders may include a nonce in all responses even if one is not supplied.</p>
+
+<p>Some responders cache OCSP responses and do not sign each response for performance reasons. As a result they do not support nonces.</p>
+
+<p>The return values of OCSP_check_nonce() can be checked to cover each case. A positive return value effectively indicates success: nonces are both present and match, both absent or present in the response only. A non-zero return additionally covers the case where the nonce is present in the request only: this will happen if the responder doesn&#39;t support nonces. A zero return value indicates present and mismatched nonces: this should be treated as an error condition.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_request_onereq_count.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_onereq_count.html
new file mode 100644
index 000000000..ab6739460
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_onereq_count.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_REQUEST_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id, OCSP_request_sign, OCSP_request_add1_cert, OCSP_request_onereq_count, OCSP_request_onereq_get0 - OCSP request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQUEST *OCSP_REQUEST_new(void);
+ void OCSP_REQUEST_free(OCSP_REQUEST *req);
+
+ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+ int OCSP_request_sign(OCSP_REQUEST *req,
+                       X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                       STACK_OF(X509) *certs, unsigned long flags);
+
+ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+ int OCSP_request_onereq_count(OCSP_REQUEST *req);
+ OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_REQUEST_new() allocates and returns an empty <b>OCSP_REQUEST</b> structure.</p>
+
+<p>OCSP_REQUEST_free() frees up the request structure <b>req</b>.</p>
+
+<p>OCSP_request_add0_id() adds certificate ID <b>cid</b> to <b>req</b>. It returns the <b>OCSP_ONEREQ</b> structure added so an application can add additional extensions to the request. The <b>id</b> parameter <b>MUST NOT</b> be freed up after the operation.</p>
+
+<p>OCSP_request_sign() signs OCSP request <b>req</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request.</p>
+
+<p>OCSP_request_add1_cert() adds certificate <b>cert</b> to request <b>req</b>. The application is responsible for freeing up <b>cert</b> after use.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns an internal pointer to the <b>OCSP_ONEREQ</b> contained in <b>req</b> of index <b>i</b>. The index value <b>i</b> runs from 0 to OCSP_request_onereq_count(req) - 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_REQUEST_new() returns an empty <b>OCSP_REQUEST</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_add0_id() returns the <b>OCSP_ONEREQ</b> structure containing <b>cid</b> or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_sign() and OCSP_request_add1_cert() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns a pointer to an <b>OCSP_ONEREQ</b> structure or <b>NULL</b> if the index value is out or range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An OCSP request structure contains one or more <b>OCSP_ONEREQ</b> structures corresponding to each certificate.</p>
+
+<p>OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly used by OCSP responders.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create an <b>OCSP_REQUEST</b> structure for certificate <b>cert</b> with issuer <b>issuer</b>:</p>
+
+<pre><code> OCSP_REQUEST *req;
+ OCSP_ID *cid;
+
+ req = OCSP_REQUEST_new();
+ if (req == NULL)
+    /* error */
+ cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
+ if (cid == NULL)
+    /* error */
+
+ if (OCSP_REQUEST_add0_id(req, cid) == NULL)
+    /* error */
+
+ /* Do something with req, e.g. query responder */
+
+ OCSP_REQUEST_free(req);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_request_onereq_get0.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_onereq_get0.html
new file mode 100644
index 000000000..ab6739460
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_onereq_get0.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_REQUEST_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id, OCSP_request_sign, OCSP_request_add1_cert, OCSP_request_onereq_count, OCSP_request_onereq_get0 - OCSP request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQUEST *OCSP_REQUEST_new(void);
+ void OCSP_REQUEST_free(OCSP_REQUEST *req);
+
+ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+ int OCSP_request_sign(OCSP_REQUEST *req,
+                       X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                       STACK_OF(X509) *certs, unsigned long flags);
+
+ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+ int OCSP_request_onereq_count(OCSP_REQUEST *req);
+ OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_REQUEST_new() allocates and returns an empty <b>OCSP_REQUEST</b> structure.</p>
+
+<p>OCSP_REQUEST_free() frees up the request structure <b>req</b>.</p>
+
+<p>OCSP_request_add0_id() adds certificate ID <b>cid</b> to <b>req</b>. It returns the <b>OCSP_ONEREQ</b> structure added so an application can add additional extensions to the request. The <b>id</b> parameter <b>MUST NOT</b> be freed up after the operation.</p>
+
+<p>OCSP_request_sign() signs OCSP request <b>req</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request.</p>
+
+<p>OCSP_request_add1_cert() adds certificate <b>cert</b> to request <b>req</b>. The application is responsible for freeing up <b>cert</b> after use.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns an internal pointer to the <b>OCSP_ONEREQ</b> contained in <b>req</b> of index <b>i</b>. The index value <b>i</b> runs from 0 to OCSP_request_onereq_count(req) - 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_REQUEST_new() returns an empty <b>OCSP_REQUEST</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_add0_id() returns the <b>OCSP_ONEREQ</b> structure containing <b>cid</b> or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_sign() and OCSP_request_add1_cert() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns a pointer to an <b>OCSP_ONEREQ</b> structure or <b>NULL</b> if the index value is out or range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An OCSP request structure contains one or more <b>OCSP_ONEREQ</b> structures corresponding to each certificate.</p>
+
+<p>OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly used by OCSP responders.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create an <b>OCSP_REQUEST</b> structure for certificate <b>cert</b> with issuer <b>issuer</b>:</p>
+
+<pre><code> OCSP_REQUEST *req;
+ OCSP_ID *cid;
+
+ req = OCSP_REQUEST_new();
+ if (req == NULL)
+    /* error */
+ cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
+ if (cid == NULL)
+    /* error */
+
+ if (OCSP_REQUEST_add0_id(req, cid) == NULL)
+    /* error */
+
+ /* Do something with req, e.g. query responder */
+
+ OCSP_REQUEST_free(req);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_request_sign.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_sign.html
new file mode 100644
index 000000000..ab6739460
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_request_sign.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_REQUEST_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id, OCSP_request_sign, OCSP_request_add1_cert, OCSP_request_onereq_count, OCSP_request_onereq_get0 - OCSP request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQUEST *OCSP_REQUEST_new(void);
+ void OCSP_REQUEST_free(OCSP_REQUEST *req);
+
+ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+ int OCSP_request_sign(OCSP_REQUEST *req,
+                       X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                       STACK_OF(X509) *certs, unsigned long flags);
+
+ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+ int OCSP_request_onereq_count(OCSP_REQUEST *req);
+ OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_REQUEST_new() allocates and returns an empty <b>OCSP_REQUEST</b> structure.</p>
+
+<p>OCSP_REQUEST_free() frees up the request structure <b>req</b>.</p>
+
+<p>OCSP_request_add0_id() adds certificate ID <b>cid</b> to <b>req</b>. It returns the <b>OCSP_ONEREQ</b> structure added so an application can add additional extensions to the request. The <b>id</b> parameter <b>MUST NOT</b> be freed up after the operation.</p>
+
+<p>OCSP_request_sign() signs OCSP request <b>req</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request.</p>
+
+<p>OCSP_request_add1_cert() adds certificate <b>cert</b> to request <b>req</b>. The application is responsible for freeing up <b>cert</b> after use.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns an internal pointer to the <b>OCSP_ONEREQ</b> contained in <b>req</b> of index <b>i</b>. The index value <b>i</b> runs from 0 to OCSP_request_onereq_count(req) - 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_REQUEST_new() returns an empty <b>OCSP_REQUEST</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_add0_id() returns the <b>OCSP_ONEREQ</b> structure containing <b>cid</b> or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_request_sign() and OCSP_request_add1_cert() return 1 for success and 0 for failure.</p>
+
+<p>OCSP_request_onereq_count() returns the total number of <b>OCSP_ONEREQ</b> structures in <b>req</b>.</p>
+
+<p>OCSP_request_onereq_get0() returns a pointer to an <b>OCSP_ONEREQ</b> structure or <b>NULL</b> if the index value is out or range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An OCSP request structure contains one or more <b>OCSP_ONEREQ</b> structures corresponding to each certificate.</p>
+
+<p>OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly used by OCSP responders.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create an <b>OCSP_REQUEST</b> structure for certificate <b>cert</b> with issuer <b>issuer</b>:</p>
+
+<pre><code> OCSP_REQUEST *req;
+ OCSP_ID *cid;
+
+ req = OCSP_REQUEST_new();
+ if (req == NULL)
+    /* error */
+ cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
+ if (cid == NULL)
+    /* error */
+
+ if (OCSP_REQUEST_add0_id(req, cid) == NULL)
+    /* error */
+
+ /* Do something with req, e.g. query responder */
+
+ OCSP_REQUEST_free(req);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_count.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_count.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_count.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_find.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_find.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_find.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_find_status.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_find_status.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_find_status.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_certs.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_certs.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_certs.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_id.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_id.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_id.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_produced_at.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_produced_at.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_produced_at.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_respdata.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_respdata.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_respdata.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_signature.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_signature.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_signature.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_signer.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_signer.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_signer.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_tbs_sigalg.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_tbs_sigalg.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get0_tbs_sigalg.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get1_id.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get1_id.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_resp_get1_id.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_response_create.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_response_create.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_response_create.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_response_get1_basic.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_response_get1_basic.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_response_get1_basic.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_response_status.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_response_status.html
new file mode 100644
index 000000000..556f9df13
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_response_status.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_response_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_response_status, OCSP_response_get1_basic, OCSP_response_create, OCSP_RESPONSE_free, OCSP_RESPID_set_by_name, OCSP_RESPID_set_by_key, OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx - OCSP response functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_response_status(OCSP_RESPONSE *resp);
+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+ OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+ void OCSP_RESPONSE_free(OCSP_RESPONSE *resp);
+
+ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+ int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+ int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
+                     const EVP_MD *dgst, STACK_OF(X509) *certs,
+                     unsigned long flags);
+ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
+                         STACK_OF(X509) *certs, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_response_status() returns the OCSP response status of <b>resp</b>. It returns one of the values: <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>, <b>OCSP_RESPONSE_STATUS_MALFORMEDREQUEST</b>, <b>OCSP_RESPONSE_STATUS_INTERNALERROR</b>, <b>OCSP_RESPONSE_STATUS_TRYLATER</b> <b>OCSP_RESPONSE_STATUS_SIGREQUIRED</b>, or <b>OCSP_RESPONSE_STATUS_UNAUTHORIZED</b>.</p>
+
+<p>OCSP_response_get1_basic() decodes and returns the <b>OCSP_BASICRESP</b> structure contained in <b>resp</b>.</p>
+
+<p>OCSP_response_create() creates and returns an <b>OCSP_RESPONSE</b> structure for <b>status</b> and optionally including basic response <b>bs</b>.</p>
+
+<p>OCSP_RESPONSE_free() frees up OCSP response <b>resp</b>.</p>
+
+<p>OCSP_RESPID_set_by_name() sets the name of the OCSP_RESPID to be the same as the subject name in the supplied X509 certificate <b>cert</b> for the OCSP responder.</p>
+
+<p>OCSP_RESPID_set_by_key() sets the key of the OCSP_RESPID to be the same as the key in the supplied X509 certificate <b>cert</b> for the OCSP responder. The key is stored as a SHA1 hash.</p>
+
+<p>Note that an OCSP_RESPID can only have one of the name, or the key set. Calling OCSP_RESPID_set_by_name() or OCSP_RESPID_set_by_key() will clear any existing setting.</p>
+
+<p>OCSP_RESPID_match() tests whether the OCSP_RESPID given in <b>respid</b> matches with the X509 certificate <b>cert</b>.</p>
+
+<p>OCSP_basic_sign() signs OCSP response <b>brsp</b> using certificate <b>signer</b>, private key <b>key</b>, digest <b>dgst</b> and additional certificates <b>certs</b>. If the <b>flags</b> option <b>OCSP_NOCERTS</b> is set then no certificates will be included in the request. If the <b>flags</b> option <b>OCSP_RESPID_KEY</b> is set then the responder is identified by key ID rather than by name. OCSP_basic_sign_ctx() also signs OCSP response <b>brsp</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_RESPONSE_status() returns a status value.</p>
+
+<p>OCSP_response_get1_basic() returns an <b>OCSP_BASICRESP</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_response_create() returns an <b>OCSP_RESPONSE</b> structure pointer or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_RESPONSE_free() does not return a value.</p>
+
+<p>OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key(), OCSP_basic_sign(), and OCSP_basic_sign_ctx() return 1 on success or 0 on failure.</p>
+
+<p>OCSP_RESPID_match() returns 1 if the OCSP_RESPID and the X509 certificate match or 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>OCSP_response_get1_basic() is only called if the status of a response is <b>OCSP_RESPONSE_STATUS_SUCCESSFUL</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a> <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a> <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a> <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a> <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a> <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a> <a href="../man3/OCSP_RESPID_new.html">OCSP_RESPID_new(3)</a> <a href="../man3/OCSP_RESPID_free.html">OCSP_RESPID_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OCSP_RESPID_set_by_name(), OCSP_RESPID_set_by_key() and OCSP_RESPID_match() functions were added in OpenSSL 1.1.0a.</p>
+
+<p>The OCSP_basic_sign_ctx() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_bio.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_bio.html
new file mode 100644
index 000000000..4785a6010
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_bio.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_sendreq_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                                int maxline);
+
+ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+
+ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+
+ void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+
+ int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                              const char *name, const char *value);
+
+ int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+
+ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req,
+                                 int maxline);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OCSP_sendreq_new() returns an <b>OCSP_CTX</b> structure using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used. The OCSP request <b>req</b> may be set to <b>NULL</b> and provided later if required.</p>
+
+<p>OCSP_sendreq_nbio() performs non-blocking I/O on the OCSP request context <b>rctx</b>. When the operation is complete it returns the response in <b>*presp</b>.</p>
+
+<p>OCSP_REQ_CTX_free() frees up the OCSP context <b>rctx</b>.</p>
+
+<p>OCSP_set_max_response_length() sets the maximum response length for <b>rctx</b> to <b>len</b>. If the response exceeds this length an error occurs. If not set a default value of 100k is used.</p>
+
+<p>OCSP_REQ_CTX_add1_header() adds header <b>name</b> with value <b>value</b> to the context <b>rctx</b>. It can be called more than once to add multiple headers. It <b>MUST</b> be called before any calls to OCSP_sendreq_nbio(). The <b>req</b> parameter in the initial to OCSP_sendreq_new() call MUST be set to <b>NULL</b> if additional headers are set.</p>
+
+<p>OCSP_REQ_CTX_set1_req() sets the OCSP request in <b>rctx</b> to <b>req</b>. This function should be called after any calls to OCSP_REQ_CTX_add1_header().</p>
+
+<p>OCSP_sendreq_bio() performs an OCSP request using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_sendreq_new() returns a valid <b>OCSP_REQ_CTX</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_sendreq_nbio() returns <b>1</b> if the operation was completed successfully, <b>-1</b> if the operation should be retried and <b>0</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>OCSP_sendreq_bio() returns the <b>OCSP_RESPONSE</b> structure sent by the responder or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_free() and OCSP_set_max_response_length() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions only perform a minimal HTTP query to a responder. If an application wishes to support more advanced features it should use an alternative more complete HTTP library.</p>
+
+<p>Currently only HTTP POST queries to responders are supported.</p>
+
+<p>The arguments to OCSP_sendreq_new() correspond to the components of the URL. For example if the responder URL is <b>http://ocsp.com/ocspreq</b> the BIO <b>io</b> should be connected to host <b>ocsp.com</b> on port 80 and <b>path</b> should be set to <b>&quot;/ocspreq&quot;</b></p>
+
+<p>The headers added with OCSP_REQ_CTX_add1_header() are of the form &quot;<b>name</b>: <b>value</b>&quot; or just &quot;<b>name</b>&quot; if <b>value</b> is <b>NULL</b>. So to add a Host header for <b>ocsp.com</b> you would call:</p>
+
+<pre><code> OCSP_REQ_CTX_add1_header(ctx, &quot;Host&quot;, &quot;ocsp.com&quot;);</code></pre>
+
+<p>If OCSP_sendreq_nbio() indicates an operation should be retried the corresponding BIO can be examined to determine which operation (read or write) should be retried and appropriate action taken (for example a select() call on the underlying socket).</p>
+
+<p>OCSP_sendreq_bio() does not support retries and so cannot handle non-blocking I/O efficiently. It is retained for compatibility and its use in new applications is not recommended.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_nbio.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_nbio.html
new file mode 100644
index 000000000..4785a6010
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_nbio.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_sendreq_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                                int maxline);
+
+ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+
+ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+
+ void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+
+ int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                              const char *name, const char *value);
+
+ int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+
+ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req,
+                                 int maxline);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OCSP_sendreq_new() returns an <b>OCSP_CTX</b> structure using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used. The OCSP request <b>req</b> may be set to <b>NULL</b> and provided later if required.</p>
+
+<p>OCSP_sendreq_nbio() performs non-blocking I/O on the OCSP request context <b>rctx</b>. When the operation is complete it returns the response in <b>*presp</b>.</p>
+
+<p>OCSP_REQ_CTX_free() frees up the OCSP context <b>rctx</b>.</p>
+
+<p>OCSP_set_max_response_length() sets the maximum response length for <b>rctx</b> to <b>len</b>. If the response exceeds this length an error occurs. If not set a default value of 100k is used.</p>
+
+<p>OCSP_REQ_CTX_add1_header() adds header <b>name</b> with value <b>value</b> to the context <b>rctx</b>. It can be called more than once to add multiple headers. It <b>MUST</b> be called before any calls to OCSP_sendreq_nbio(). The <b>req</b> parameter in the initial to OCSP_sendreq_new() call MUST be set to <b>NULL</b> if additional headers are set.</p>
+
+<p>OCSP_REQ_CTX_set1_req() sets the OCSP request in <b>rctx</b> to <b>req</b>. This function should be called after any calls to OCSP_REQ_CTX_add1_header().</p>
+
+<p>OCSP_sendreq_bio() performs an OCSP request using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_sendreq_new() returns a valid <b>OCSP_REQ_CTX</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_sendreq_nbio() returns <b>1</b> if the operation was completed successfully, <b>-1</b> if the operation should be retried and <b>0</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>OCSP_sendreq_bio() returns the <b>OCSP_RESPONSE</b> structure sent by the responder or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_free() and OCSP_set_max_response_length() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions only perform a minimal HTTP query to a responder. If an application wishes to support more advanced features it should use an alternative more complete HTTP library.</p>
+
+<p>Currently only HTTP POST queries to responders are supported.</p>
+
+<p>The arguments to OCSP_sendreq_new() correspond to the components of the URL. For example if the responder URL is <b>http://ocsp.com/ocspreq</b> the BIO <b>io</b> should be connected to host <b>ocsp.com</b> on port 80 and <b>path</b> should be set to <b>&quot;/ocspreq&quot;</b></p>
+
+<p>The headers added with OCSP_REQ_CTX_add1_header() are of the form &quot;<b>name</b>: <b>value</b>&quot; or just &quot;<b>name</b>&quot; if <b>value</b> is <b>NULL</b>. So to add a Host header for <b>ocsp.com</b> you would call:</p>
+
+<pre><code> OCSP_REQ_CTX_add1_header(ctx, &quot;Host&quot;, &quot;ocsp.com&quot;);</code></pre>
+
+<p>If OCSP_sendreq_nbio() indicates an operation should be retried the corresponding BIO can be examined to determine which operation (read or write) should be retried and appropriate action taken (for example a select() call on the underlying socket).</p>
+
+<p>OCSP_sendreq_bio() does not support retries and so cannot handle non-blocking I/O efficiently. It is retained for compatibility and its use in new applications is not recommended.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_new.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_new.html
new file mode 100644
index 000000000..4785a6010
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_sendreq_new.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_sendreq_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                                int maxline);
+
+ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+
+ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+
+ void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+
+ int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                              const char *name, const char *value);
+
+ int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+
+ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req,
+                                 int maxline);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OCSP_sendreq_new() returns an <b>OCSP_CTX</b> structure using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used. The OCSP request <b>req</b> may be set to <b>NULL</b> and provided later if required.</p>
+
+<p>OCSP_sendreq_nbio() performs non-blocking I/O on the OCSP request context <b>rctx</b>. When the operation is complete it returns the response in <b>*presp</b>.</p>
+
+<p>OCSP_REQ_CTX_free() frees up the OCSP context <b>rctx</b>.</p>
+
+<p>OCSP_set_max_response_length() sets the maximum response length for <b>rctx</b> to <b>len</b>. If the response exceeds this length an error occurs. If not set a default value of 100k is used.</p>
+
+<p>OCSP_REQ_CTX_add1_header() adds header <b>name</b> with value <b>value</b> to the context <b>rctx</b>. It can be called more than once to add multiple headers. It <b>MUST</b> be called before any calls to OCSP_sendreq_nbio(). The <b>req</b> parameter in the initial to OCSP_sendreq_new() call MUST be set to <b>NULL</b> if additional headers are set.</p>
+
+<p>OCSP_REQ_CTX_set1_req() sets the OCSP request in <b>rctx</b> to <b>req</b>. This function should be called after any calls to OCSP_REQ_CTX_add1_header().</p>
+
+<p>OCSP_sendreq_bio() performs an OCSP request using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_sendreq_new() returns a valid <b>OCSP_REQ_CTX</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_sendreq_nbio() returns <b>1</b> if the operation was completed successfully, <b>-1</b> if the operation should be retried and <b>0</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>OCSP_sendreq_bio() returns the <b>OCSP_RESPONSE</b> structure sent by the responder or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_free() and OCSP_set_max_response_length() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions only perform a minimal HTTP query to a responder. If an application wishes to support more advanced features it should use an alternative more complete HTTP library.</p>
+
+<p>Currently only HTTP POST queries to responders are supported.</p>
+
+<p>The arguments to OCSP_sendreq_new() correspond to the components of the URL. For example if the responder URL is <b>http://ocsp.com/ocspreq</b> the BIO <b>io</b> should be connected to host <b>ocsp.com</b> on port 80 and <b>path</b> should be set to <b>&quot;/ocspreq&quot;</b></p>
+
+<p>The headers added with OCSP_REQ_CTX_add1_header() are of the form &quot;<b>name</b>: <b>value</b>&quot; or just &quot;<b>name</b>&quot; if <b>value</b> is <b>NULL</b>. So to add a Host header for <b>ocsp.com</b> you would call:</p>
+
+<pre><code> OCSP_REQ_CTX_add1_header(ctx, &quot;Host&quot;, &quot;ocsp.com&quot;);</code></pre>
+
+<p>If OCSP_sendreq_nbio() indicates an operation should be retried the corresponding BIO can be examined to determine which operation (read or write) should be retried and appropriate action taken (for example a select() call on the underlying socket).</p>
+
+<p>OCSP_sendreq_bio() does not support retries and so cannot handle non-blocking I/O efficiently. It is retained for compatibility and its use in new applications is not recommended.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_set_max_response_length.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_set_max_response_length.html
new file mode 100644
index 000000000..4785a6010
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_set_max_response_length.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_sendreq_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                                int maxline);
+
+ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+
+ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+
+ void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+
+ int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                              const char *name, const char *value);
+
+ int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+
+ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req,
+                                 int maxline);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OCSP_sendreq_new() returns an <b>OCSP_CTX</b> structure using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used. The OCSP request <b>req</b> may be set to <b>NULL</b> and provided later if required.</p>
+
+<p>OCSP_sendreq_nbio() performs non-blocking I/O on the OCSP request context <b>rctx</b>. When the operation is complete it returns the response in <b>*presp</b>.</p>
+
+<p>OCSP_REQ_CTX_free() frees up the OCSP context <b>rctx</b>.</p>
+
+<p>OCSP_set_max_response_length() sets the maximum response length for <b>rctx</b> to <b>len</b>. If the response exceeds this length an error occurs. If not set a default value of 100k is used.</p>
+
+<p>OCSP_REQ_CTX_add1_header() adds header <b>name</b> with value <b>value</b> to the context <b>rctx</b>. It can be called more than once to add multiple headers. It <b>MUST</b> be called before any calls to OCSP_sendreq_nbio(). The <b>req</b> parameter in the initial to OCSP_sendreq_new() call MUST be set to <b>NULL</b> if additional headers are set.</p>
+
+<p>OCSP_REQ_CTX_set1_req() sets the OCSP request in <b>rctx</b> to <b>req</b>. This function should be called after any calls to OCSP_REQ_CTX_add1_header().</p>
+
+<p>OCSP_sendreq_bio() performs an OCSP request using the responder <b>io</b>, the URL path <b>path</b>, the OCSP request <b>req</b> and with a response header maximum line length of <b>maxline</b>. If <b>maxline</b> is zero a default value of 4k is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_sendreq_new() returns a valid <b>OCSP_REQ_CTX</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_sendreq_nbio() returns <b>1</b> if the operation was completed successfully, <b>-1</b> if the operation should be retried and <b>0</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>OCSP_sendreq_bio() returns the <b>OCSP_RESPONSE</b> structure sent by the responder or <b>NULL</b> if an error occurred.</p>
+
+<p>OCSP_REQ_CTX_free() and OCSP_set_max_response_length() do not return values.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions only perform a minimal HTTP query to a responder. If an application wishes to support more advanced features it should use an alternative more complete HTTP library.</p>
+
+<p>Currently only HTTP POST queries to responders are supported.</p>
+
+<p>The arguments to OCSP_sendreq_new() correspond to the components of the URL. For example if the responder URL is <b>http://ocsp.com/ocspreq</b> the BIO <b>io</b> should be connected to host <b>ocsp.com</b> on port 80 and <b>path</b> should be set to <b>&quot;/ocspreq&quot;</b></p>
+
+<p>The headers added with OCSP_REQ_CTX_add1_header() are of the form &quot;<b>name</b>: <b>value</b>&quot; or just &quot;<b>name</b>&quot; if <b>value</b> is <b>NULL</b>. So to add a Host header for <b>ocsp.com</b> you would call:</p>
+
+<pre><code> OCSP_REQ_CTX_add1_header(ctx, &quot;Host&quot;, &quot;ocsp.com&quot;);</code></pre>
+
+<p>If OCSP_sendreq_nbio() indicates an operation should be retried the corresponding BIO can be examined to determine which operation (read or write) should be retried and appropriate action taken (for example a select() call on the underlying socket).</p>
+
+<p>OCSP_sendreq_bio() does not support retries and so cannot handle non-blocking I/O efficiently. It is retained for compatibility and its use in new applications is not recommended.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_resp_find_status.html">OCSP_resp_find_status(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OCSP_single_get0_status.html b/msys2/usr/share/doc/openssl/html/man3/OCSP_single_get0_status.html
new file mode 100644
index 000000000..ffdd3b6c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OCSP_single_get0_status.html
@@ -0,0 +1,140 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OCSP_resp_find_status</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OCSP_resp_get0_certs, OCSP_resp_get0_signer, OCSP_resp_get0_id, OCSP_resp_get1_id, OCSP_resp_get0_produced_at, OCSP_resp_get0_signature, OCSP_resp_get0_tbs_sigalg, OCSP_resp_get0_respdata, OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity, OCSP_basic_verify - OCSP response utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ocsp.h&gt;
+
+ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                           int *reason,
+                           ASN1_GENERALIZEDTIME **revtime,
+                           ASN1_GENERALIZEDTIME **thisupd,
+                           ASN1_GENERALIZEDTIME **nextupd);
+
+ int OCSP_resp_count(OCSP_BASICRESP *bs);
+ OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+ int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+ int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                             ASN1_GENERALIZEDTIME **revtime,
+                             ASN1_GENERALIZEDTIME **thisupd,
+                             ASN1_GENERALIZEDTIME **nextupd);
+
+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
+                             const OCSP_BASICRESP* single);
+
+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+ const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+ const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+ const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+
+ int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+                           STACK_OF(X509) *extra_certs);
+
+ int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+                       const ASN1_OCTET_STRING **pid,
+                       const X509_NAME **pname);
+ int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+                       ASN1_OCTET_STRING **pid,
+                       X509_NAME **pname);
+
+ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                         ASN1_GENERALIZEDTIME *nextupd,
+                         long sec, long maxsec);
+
+ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OCSP_resp_find_status() searches <b>bs</b> for an OCSP response for <b>id</b>. If it is successful the fields of the response are returned in <b>*status</b>, <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>. The <b>*status</b> value will be one of <b>V_OCSP_CERTSTATUS_GOOD</b>, <b>V_OCSP_CERTSTATUS_REVOKED</b> or <b>V_OCSP_CERTSTATUS_UNKNOWN</b>. The <b>*reason</b> and <b>*revtime</b> fields are only set if the status is <b>V_OCSP_CERTSTATUS_REVOKED</b>. If set the <b>*reason</b> field will be set to the revocation reason which will be one of <b>OCSP_REVOKED_STATUS_NOSTATUS</b>, <b>OCSP_REVOKED_STATUS_UNSPECIFIED</b>, <b>OCSP_REVOKED_STATUS_KEYCOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_CACOMPROMISE</b>, <b>OCSP_REVOKED_STATUS_AFFILIATIONCHANGED</b>, <b>OCSP_REVOKED_STATUS_SUPERSEDED</b>, <b>OCSP_REVOKED_STATUS_CESSATIONOFOPERATION</b>, <b>OCSP_REVOKED_STATUS_CERTIFICATEHOLD</b> or <b>OCSP_REVOKED_STATUS_REMOVEFROMCRL</b>.</p>
+
+<p>OCSP_resp_count() returns the number of <b>OCSP_SINGLERESP</b> structures in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns the <b>OCSP_SINGLERESP</b> structure in <b>bs</b> corresponding to index <b>idx</b>. Where <b>idx</b> runs from 0 to OCSP_resp_count(bs) - 1.</p>
+
+<p>OCSP_resp_find() searches <b>bs</b> for <b>id</b> and returns the index of the first matching entry after <b>last</b> or starting from the beginning if <b>last</b> is -1.</p>
+
+<p>OCSP_single_get0_status() extracts the fields of <b>single</b> in <b>*reason</b>, <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b>.</p>
+
+<p>OCSP_resp_get0_produced_at() extracts the <b>producedAt</b> field from the single response <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signature() returns the signature from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_tbs_sigalg() returns the <b>signatureAlgorithm</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_respdata() returns the <b>tbsResponseData</b> from <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_certs() returns any certificates included in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0_signer() attempts to retrieve the certificate that directly signed <b>bs</b>. The OCSP protocol does not require that this certificate is included in the <b>certs</b> field of the response, so additional certificates can be supplied in <b>extra_certs</b> if the certificates that may have signed the response are known via some out-of-band mechanism.</p>
+
+<p>OCSP_resp_get0_id() gets the responder id of <b>bs</b>. If the responder ID is a name then &lt;*pname&gt; is set to the name and <b>*pid</b> is set to NULL. If the responder ID is by key ID then <b>*pid</b> is set to the key ID and <b>*pname</b> is set to NULL. OCSP_resp_get1_id() leaves ownership of <b>*pid</b> and <b>*pname</b> with the caller, who is responsible for freeing them. Both functions return 1 in case of success and 0 in case of failure. If OCSP_resp_get1_id() returns 0, no freeing of the results is necessary.</p>
+
+<p>OCSP_check_validity() checks the validity of <b>thisupd</b> and <b>nextupd</b> values which will be typically obtained from OCSP_resp_find_status() or OCSP_single_get0_status(). If <b>sec</b> is non-zero it indicates how many seconds leeway should be allowed in the check. If <b>maxsec</b> is positive it indicates the maximum age of <b>thisupd</b> in seconds.</p>
+
+<p>OCSP_basic_verify() checks that the basic response message <b>bs</b> is correctly signed and that the signer certificate can be validated. It takes <b>st</b> as the trusted store and <b>certs</b> as a set of untrusted intermediate certificates. The function first tries to find the signer certificate of the response in &lt;certs&gt;. It also searches the certificates the responder may have included in <b>bs</b> unless the <b>flags</b> contain <b>OCSP_NOINTERN</b>. It fails if the signer certificate cannot be found. Next, the function checks the signature of <b>bs</b> and fails on error unless the <b>flags</b> contain <b>OCSP_NOSIGS</b>. Then the function already returns success if the <b>flags</b> contain <b>OCSP_NOVERIFY</b> or if the signer certificate was found in <b>certs</b> and the <b>flags</b> contain <b>OCSP_TRUSTOTHER</b>. Otherwise the function continues by validating the signer certificate. To this end, all certificates in <b>cert</b> and in <b>bs</b> are considered as untrusted certificates for the construction of the validation path for the signer certificate unless the <b>OCSP_NOCHAIN</b> flag is set. After successful path validation the function returns success if the <b>OCSP_NOCHECKS</b> flag is set. Otherwise it verifies that the signer certificate meets the OCSP issuer criteria including potential delegation. If this does not succeed and the <b>flags</b> do not contain <b>OCSP_NOEXPLICIT</b> the function checks for explicit trust for OCSP signing in the root CA certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OCSP_resp_find_status() returns 1 if <b>id</b> is found in <b>bs</b> and 0 otherwise.</p>
+
+<p>OCSP_resp_count() returns the total number of <b>OCSP_SINGLERESP</b> fields in <b>bs</b>.</p>
+
+<p>OCSP_resp_get0() returns a pointer to an <b>OCSP_SINGLERESP</b> structure or <b>NULL</b> if <b>idx</b> is out of range.</p>
+
+<p>OCSP_resp_find() returns the index of <b>id</b> in <b>bs</b> (which may be 0) or -1 if <b>id</b> was not found.</p>
+
+<p>OCSP_single_get0_status() returns the status of <b>single</b> or -1 if an error occurred.</p>
+
+<p>OCSP_resp_get0_signer() returns 1 if the signing certificate was located, or 0 on error.</p>
+
+<p>OCSP_basic_verify() returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications will typically call OCSP_resp_find_status() using the certificate ID of interest and then check its validity using OCSP_check_validity(). They can then take appropriate action based on the status of the certificate.</p>
+
+<p>An OCSP response for a certificate contains <b>thisUpdate</b> and <b>nextUpdate</b> fields. Normally the current time should be between these two values. To account for clock skew the <b>maxsec</b> field can be set to non-zero in OCSP_check_validity(). Some responders do not set the <b>nextUpdate</b> field, this would otherwise mean an ancient response would be considered valid: the <b>maxsec</b> parameter to OCSP_check_validity() can be used to limit the permitted age of responses.</p>
+
+<p>The values written to <b>*revtime</b>, <b>*thisupd</b> and <b>*nextupd</b> by OCSP_resp_find_status() and OCSP_single_get0_status() are internal pointers which <b>MUST NOT</b> be freed up by the calling application. Any or all of these parameters can be set to NULL if their value is not required.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/OCSP_cert_to_id.html">OCSP_cert_to_id(3)</a>, <a href="../man3/OCSP_request_add1_nonce.html">OCSP_request_add1_nonce(3)</a>, <a href="../man3/OCSP_REQUEST_new.html">OCSP_REQUEST_new(3)</a>, <a href="../man3/OCSP_response_status.html">OCSP_response_status(3)</a>, <a href="../man3/OCSP_sendreq_new.html">OCSP_sendreq_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_Applink.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_Applink.html
new file mode 100644
index 000000000..f1ff2099d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_Applink.html
@@ -0,0 +1,49 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_Applink</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_Applink - glue between OpenSSL BIO and Win32 compiler run-time</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> __declspec(dllexport) void **OPENSSL_Applink();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OPENSSL_Applink is application-side interface which provides a glue between OpenSSL BIO layer and Win32 compiler run-time environment. Even though it appears at application side, it&#39;s essentially OpenSSL private interface. For this reason application developers are not expected to implement it, but to compile provided module with compiler of their choice and link it into the target application. The referred module is available as <i>applink.c</i>, located alongside the public header files (only on the platforms where applicable).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Not available.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_free.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_free.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_free.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_new.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_new.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_new.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_appname.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_appname.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_appname.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_file_flags.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_file_flags.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_file_flags.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_filename.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_filename.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_filename.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_COMPFUNC.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_COMPFUNC.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_COMPFUNC.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_DOALL_FUNC.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_DOALL_FUNC.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_DOALL_FUNC.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_HASHFUNC.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_HASHFUNC.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_HASHFUNC.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_stats.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_stats.html
new file mode 100644
index 000000000..038a2025f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_stats.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_stats</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio, OPENSSL_LH_node_usage_stats_bio - LHASH statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ void OPENSSL_LH_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_usage_stats(LHASH *table, FILE *out);
+
+ void OPENSSL_LH_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_usage_stats_bio(LHASH *table, BIO *out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>LHASH</b> structure records statistics about most aspects of accessing the hash table.</p>
+
+<p>OPENSSL_LH_stats() prints out statistics on the size of the hash table, how many entries are in it, and the number and result of calls to the routines in this library.</p>
+
+<p>OPENSSL_LH_node_stats() prints the number of entries for each &#39;bucket&#39; in the hash table.</p>
+
+<p>OPENSSL_LH_node_usage_stats() prints out a short summary of the state of the hash table. It prints the &#39;load&#39; and the &#39;actual load&#39;. The load is the average number of data items per &#39;bucket&#39; in the hash table. The &#39;actual load&#39; is the average number of items per &#39;bucket&#39;, but only for buckets which contain entries. So the &#39;actual load&#39; is the average number of searches that will need to find an item in the hash table, while the &#39;load&#39; is the average number that will be done to record a miss.</p>
+
+<p>OPENSSL_LH_stats_bio(), OPENSSL_LH_node_stats_bio() and OPENSSL_LH_node_usage_stats_bio() are the same as the above, except that the output goes to a <b>BIO</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not return values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>These calls should be made under a read lock. Refer to <a href="../man3/OPENSSL_LH_COMPFUNC.html">&quot;NOTE&quot; in OPENSSL_LH_COMPFUNC(3)</a> for more details about the locks required when using the LHASH data structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/OPENSSL_LH_COMPFUNC.html">OPENSSL_LH_COMPFUNC(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_stats_bio.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_stats_bio.html
new file mode 100644
index 000000000..038a2025f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_stats_bio.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_stats</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio, OPENSSL_LH_node_usage_stats_bio - LHASH statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ void OPENSSL_LH_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_usage_stats(LHASH *table, FILE *out);
+
+ void OPENSSL_LH_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_usage_stats_bio(LHASH *table, BIO *out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>LHASH</b> structure records statistics about most aspects of accessing the hash table.</p>
+
+<p>OPENSSL_LH_stats() prints out statistics on the size of the hash table, how many entries are in it, and the number and result of calls to the routines in this library.</p>
+
+<p>OPENSSL_LH_node_stats() prints the number of entries for each &#39;bucket&#39; in the hash table.</p>
+
+<p>OPENSSL_LH_node_usage_stats() prints out a short summary of the state of the hash table. It prints the &#39;load&#39; and the &#39;actual load&#39;. The load is the average number of data items per &#39;bucket&#39; in the hash table. The &#39;actual load&#39; is the average number of items per &#39;bucket&#39;, but only for buckets which contain entries. So the &#39;actual load&#39; is the average number of searches that will need to find an item in the hash table, while the &#39;load&#39; is the average number that will be done to record a miss.</p>
+
+<p>OPENSSL_LH_stats_bio(), OPENSSL_LH_node_stats_bio() and OPENSSL_LH_node_usage_stats_bio() are the same as the above, except that the output goes to a <b>BIO</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not return values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>These calls should be made under a read lock. Refer to <a href="../man3/OPENSSL_LH_COMPFUNC.html">&quot;NOTE&quot; in OPENSSL_LH_COMPFUNC(3)</a> for more details about the locks required when using the LHASH data structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/OPENSSL_LH_COMPFUNC.html">OPENSSL_LH_COMPFUNC(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_usage_stats.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_usage_stats.html
new file mode 100644
index 000000000..038a2025f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_usage_stats.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_stats</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio, OPENSSL_LH_node_usage_stats_bio - LHASH statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ void OPENSSL_LH_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_usage_stats(LHASH *table, FILE *out);
+
+ void OPENSSL_LH_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_usage_stats_bio(LHASH *table, BIO *out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>LHASH</b> structure records statistics about most aspects of accessing the hash table.</p>
+
+<p>OPENSSL_LH_stats() prints out statistics on the size of the hash table, how many entries are in it, and the number and result of calls to the routines in this library.</p>
+
+<p>OPENSSL_LH_node_stats() prints the number of entries for each &#39;bucket&#39; in the hash table.</p>
+
+<p>OPENSSL_LH_node_usage_stats() prints out a short summary of the state of the hash table. It prints the &#39;load&#39; and the &#39;actual load&#39;. The load is the average number of data items per &#39;bucket&#39; in the hash table. The &#39;actual load&#39; is the average number of items per &#39;bucket&#39;, but only for buckets which contain entries. So the &#39;actual load&#39; is the average number of searches that will need to find an item in the hash table, while the &#39;load&#39; is the average number that will be done to record a miss.</p>
+
+<p>OPENSSL_LH_stats_bio(), OPENSSL_LH_node_stats_bio() and OPENSSL_LH_node_usage_stats_bio() are the same as the above, except that the output goes to a <b>BIO</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not return values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>These calls should be made under a read lock. Refer to <a href="../man3/OPENSSL_LH_COMPFUNC.html">&quot;NOTE&quot; in OPENSSL_LH_COMPFUNC(3)</a> for more details about the locks required when using the LHASH data structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/OPENSSL_LH_COMPFUNC.html">OPENSSL_LH_COMPFUNC(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_usage_stats_bio.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_usage_stats_bio.html
new file mode 100644
index 000000000..038a2025f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_node_usage_stats_bio.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_stats</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio, OPENSSL_LH_node_usage_stats_bio - LHASH statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ void OPENSSL_LH_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_usage_stats(LHASH *table, FILE *out);
+
+ void OPENSSL_LH_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_usage_stats_bio(LHASH *table, BIO *out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>LHASH</b> structure records statistics about most aspects of accessing the hash table.</p>
+
+<p>OPENSSL_LH_stats() prints out statistics on the size of the hash table, how many entries are in it, and the number and result of calls to the routines in this library.</p>
+
+<p>OPENSSL_LH_node_stats() prints the number of entries for each &#39;bucket&#39; in the hash table.</p>
+
+<p>OPENSSL_LH_node_usage_stats() prints out a short summary of the state of the hash table. It prints the &#39;load&#39; and the &#39;actual load&#39;. The load is the average number of data items per &#39;bucket&#39; in the hash table. The &#39;actual load&#39; is the average number of items per &#39;bucket&#39;, but only for buckets which contain entries. So the &#39;actual load&#39; is the average number of searches that will need to find an item in the hash table, while the &#39;load&#39; is the average number that will be done to record a miss.</p>
+
+<p>OPENSSL_LH_stats_bio(), OPENSSL_LH_node_stats_bio() and OPENSSL_LH_node_usage_stats_bio() are the same as the above, except that the output goes to a <b>BIO</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not return values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>These calls should be made under a read lock. Refer to <a href="../man3/OPENSSL_LH_COMPFUNC.html">&quot;NOTE&quot; in OPENSSL_LH_COMPFUNC(3)</a> for more details about the locks required when using the LHASH data structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/OPENSSL_LH_COMPFUNC.html">OPENSSL_LH_COMPFUNC(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_stats.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_stats.html
new file mode 100644
index 000000000..038a2025f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_stats.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_stats</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio, OPENSSL_LH_node_usage_stats_bio - LHASH statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ void OPENSSL_LH_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_usage_stats(LHASH *table, FILE *out);
+
+ void OPENSSL_LH_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_usage_stats_bio(LHASH *table, BIO *out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>LHASH</b> structure records statistics about most aspects of accessing the hash table.</p>
+
+<p>OPENSSL_LH_stats() prints out statistics on the size of the hash table, how many entries are in it, and the number and result of calls to the routines in this library.</p>
+
+<p>OPENSSL_LH_node_stats() prints the number of entries for each &#39;bucket&#39; in the hash table.</p>
+
+<p>OPENSSL_LH_node_usage_stats() prints out a short summary of the state of the hash table. It prints the &#39;load&#39; and the &#39;actual load&#39;. The load is the average number of data items per &#39;bucket&#39; in the hash table. The &#39;actual load&#39; is the average number of items per &#39;bucket&#39;, but only for buckets which contain entries. So the &#39;actual load&#39; is the average number of searches that will need to find an item in the hash table, while the &#39;load&#39; is the average number that will be done to record a miss.</p>
+
+<p>OPENSSL_LH_stats_bio(), OPENSSL_LH_node_stats_bio() and OPENSSL_LH_node_usage_stats_bio() are the same as the above, except that the output goes to a <b>BIO</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not return values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>These calls should be made under a read lock. Refer to <a href="../man3/OPENSSL_LH_COMPFUNC.html">&quot;NOTE&quot; in OPENSSL_LH_COMPFUNC(3)</a> for more details about the locks required when using the LHASH data structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/OPENSSL_LH_COMPFUNC.html">OPENSSL_LH_COMPFUNC(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_stats_bio.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_stats_bio.html
new file mode 100644
index 000000000..038a2025f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_LH_stats_bio.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_stats</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio, OPENSSL_LH_node_usage_stats_bio - LHASH statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ void OPENSSL_LH_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_stats(LHASH *table, FILE *out);
+ void OPENSSL_LH_node_usage_stats(LHASH *table, FILE *out);
+
+ void OPENSSL_LH_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_stats_bio(LHASH *table, BIO *out);
+ void OPENSSL_LH_node_usage_stats_bio(LHASH *table, BIO *out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>LHASH</b> structure records statistics about most aspects of accessing the hash table.</p>
+
+<p>OPENSSL_LH_stats() prints out statistics on the size of the hash table, how many entries are in it, and the number and result of calls to the routines in this library.</p>
+
+<p>OPENSSL_LH_node_stats() prints the number of entries for each &#39;bucket&#39; in the hash table.</p>
+
+<p>OPENSSL_LH_node_usage_stats() prints out a short summary of the state of the hash table. It prints the &#39;load&#39; and the &#39;actual load&#39;. The load is the average number of data items per &#39;bucket&#39; in the hash table. The &#39;actual load&#39; is the average number of items per &#39;bucket&#39;, but only for buckets which contain entries. So the &#39;actual load&#39; is the average number of searches that will need to find an item in the hash table, while the &#39;load&#39; is the average number that will be done to record a miss.</p>
+
+<p>OPENSSL_LH_stats_bio(), OPENSSL_LH_node_stats_bio() and OPENSSL_LH_node_usage_stats_bio() are the same as the above, except that the output goes to a <b>BIO</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not return values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>These calls should be made under a read lock. Refer to <a href="../man3/OPENSSL_LH_COMPFUNC.html">&quot;NOTE&quot; in OPENSSL_LH_COMPFUNC(3)</a> for more details about the locks required when using the LHASH data structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/bio.html">bio(7)</a>, <a href="../man3/OPENSSL_LH_COMPFUNC.html">OPENSSL_LH_COMPFUNC(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_MALLOC_FAILURES.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_MALLOC_FAILURES.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_MALLOC_FAILURES.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_MALLOC_FD.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_MALLOC_FD.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_MALLOC_FD.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_VERSION_NUMBER.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_VERSION_NUMBER.html
new file mode 100644
index 000000000..ca1ec6eb8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_VERSION_NUMBER.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_VERSION_NUMBER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT, OpenSSL_version, OpenSSL_version_num - get OpenSSL version number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/opensslv.h&gt;
+ #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
+ #define OPENSSL_VERSION_TEXT &quot;OpenSSL x.y.z xx XXX xxxx&quot;
+
+ #include &lt;openssl/crypto.h&gt;
+
+ unsigned long OpenSSL_version_num();
+ const char *OpenSSL_version(int t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OPENSSL_VERSION_NUMBER is a numeric release version identifier:</p>
+
+<pre><code> MNNFFPPS: major minor fix patch status</code></pre>
+
+<p>The status nibble has one of the values 0 for development, 1 to e for betas 1 to 14, and f for release.</p>
+
+<p>for example</p>
+
+<pre><code> 0x000906000 == 0.9.6 dev
+ 0x000906023 == 0.9.6b beta 3
+ 0x00090605f == 0.9.6e release</code></pre>
+
+<p>Versions prior to 0.9.3 have identifiers &lt; 0x0930. Versions between 0.9.3 and 0.9.5 had a version identifier with this interpretation:</p>
+
+<pre><code> MMNNFFRBB major minor fix final beta/patch</code></pre>
+
+<p>for example</p>
+
+<pre><code> 0x000904100 == 0.9.4 release
+ 0x000905000 == 0.9.5 dev</code></pre>
+
+<p>Version 0.9.5a had an interim interpretation that is like the current one, except the patch level got the highest bit set, to keep continuity. The number was therefore 0x0090581f.</p>
+
+<p>OPENSSL_VERSION_TEXT is the text variant of the version number and the release date. For example, &quot;OpenSSL 1.0.1a 15 Oct 2015&quot;.</p>
+
+<p>OpenSSL_version_num() returns the version number.</p>
+
+<p>OpenSSL_version() returns different strings depending on <b>t</b>:</p>
+
+<dl>
+
+<dt id="OPENSSL_VERSION">OPENSSL_VERSION</dt>
+<dd>
+
+<p>The text variant of the version number and the release date. For example, &quot;OpenSSL 1.0.1a 15 Oct 2015&quot;.</p>
+
+</dd>
+<dt id="OPENSSL_CFLAGS">OPENSSL_CFLAGS</dt>
+<dd>
+
+<p>The compiler flags set for the compilation process in the form &quot;compiler: ...&quot; if available or &quot;compiler: information not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_BUILT_ON">OPENSSL_BUILT_ON</dt>
+<dd>
+
+<p>The date of the build process in the form &quot;built on: ...&quot; if available or &quot;built on: date not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_PLATFORM">OPENSSL_PLATFORM</dt>
+<dd>
+
+<p>The &quot;Configure&quot; target of the library build in the form &quot;platform: ...&quot; if available or &quot;platform: information not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_DIR">OPENSSL_DIR</dt>
+<dd>
+
+<p>The &quot;OPENSSLDIR&quot; setting of the library build in the form &quot;OPENSSLDIR: &quot;...&quot;&quot; if available or &quot;OPENSSLDIR: N/A&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_ENGINES_DIR">OPENSSL_ENGINES_DIR</dt>
+<dd>
+
+<p>The &quot;ENGINESDIR&quot; setting of the library build in the form &quot;ENGINESDIR: &quot;...&quot;&quot; if available or &quot;ENGINESDIR: N/A&quot; otherwise.</p>
+
+</dd>
+</dl>
+
+<p>For an unknown <b>t</b>, the text &quot;not available&quot; is returned.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OpenSSL_version_num() returns the version number.</p>
+
+<p>OpenSSL_version() returns requested version strings.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_VERSION_TEXT.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_VERSION_TEXT.html
new file mode 100644
index 000000000..ca1ec6eb8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_VERSION_TEXT.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_VERSION_NUMBER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT, OpenSSL_version, OpenSSL_version_num - get OpenSSL version number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/opensslv.h&gt;
+ #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
+ #define OPENSSL_VERSION_TEXT &quot;OpenSSL x.y.z xx XXX xxxx&quot;
+
+ #include &lt;openssl/crypto.h&gt;
+
+ unsigned long OpenSSL_version_num();
+ const char *OpenSSL_version(int t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OPENSSL_VERSION_NUMBER is a numeric release version identifier:</p>
+
+<pre><code> MNNFFPPS: major minor fix patch status</code></pre>
+
+<p>The status nibble has one of the values 0 for development, 1 to e for betas 1 to 14, and f for release.</p>
+
+<p>for example</p>
+
+<pre><code> 0x000906000 == 0.9.6 dev
+ 0x000906023 == 0.9.6b beta 3
+ 0x00090605f == 0.9.6e release</code></pre>
+
+<p>Versions prior to 0.9.3 have identifiers &lt; 0x0930. Versions between 0.9.3 and 0.9.5 had a version identifier with this interpretation:</p>
+
+<pre><code> MMNNFFRBB major minor fix final beta/patch</code></pre>
+
+<p>for example</p>
+
+<pre><code> 0x000904100 == 0.9.4 release
+ 0x000905000 == 0.9.5 dev</code></pre>
+
+<p>Version 0.9.5a had an interim interpretation that is like the current one, except the patch level got the highest bit set, to keep continuity. The number was therefore 0x0090581f.</p>
+
+<p>OPENSSL_VERSION_TEXT is the text variant of the version number and the release date. For example, &quot;OpenSSL 1.0.1a 15 Oct 2015&quot;.</p>
+
+<p>OpenSSL_version_num() returns the version number.</p>
+
+<p>OpenSSL_version() returns different strings depending on <b>t</b>:</p>
+
+<dl>
+
+<dt id="OPENSSL_VERSION">OPENSSL_VERSION</dt>
+<dd>
+
+<p>The text variant of the version number and the release date. For example, &quot;OpenSSL 1.0.1a 15 Oct 2015&quot;.</p>
+
+</dd>
+<dt id="OPENSSL_CFLAGS">OPENSSL_CFLAGS</dt>
+<dd>
+
+<p>The compiler flags set for the compilation process in the form &quot;compiler: ...&quot; if available or &quot;compiler: information not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_BUILT_ON">OPENSSL_BUILT_ON</dt>
+<dd>
+
+<p>The date of the build process in the form &quot;built on: ...&quot; if available or &quot;built on: date not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_PLATFORM">OPENSSL_PLATFORM</dt>
+<dd>
+
+<p>The &quot;Configure&quot; target of the library build in the form &quot;platform: ...&quot; if available or &quot;platform: information not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_DIR">OPENSSL_DIR</dt>
+<dd>
+
+<p>The &quot;OPENSSLDIR&quot; setting of the library build in the form &quot;OPENSSLDIR: &quot;...&quot;&quot; if available or &quot;OPENSSLDIR: N/A&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_ENGINES_DIR">OPENSSL_ENGINES_DIR</dt>
+<dd>
+
+<p>The &quot;ENGINESDIR&quot; setting of the library build in the form &quot;ENGINESDIR: &quot;...&quot;&quot; if available or &quot;ENGINESDIR: N/A&quot; otherwise.</p>
+
+</dd>
+</dl>
+
+<p>For an unknown <b>t</b>, the text &quot;not available&quot; is returned.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OpenSSL_version_num() returns the version number.</p>
+
+<p>OpenSSL_version() returns requested version strings.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_atexit.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_atexit.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_atexit.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_buf2hexstr.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_buf2hexstr.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_buf2hexstr.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cipher_name.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cipher_name.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cipher_name.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cleanse.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cleanse.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cleanse.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cleanup.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_cleanup.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_clear_free.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_clear_free.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_clear_free.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_clear_realloc.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_clear_realloc.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_clear_realloc.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_config.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_config.html
new file mode 100644
index 000000000..d9d744087
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_config.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_config</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_config, OPENSSL_no_config - simple OpenSSL configuration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OPENSSL_config(const char *appname);
+ void OPENSSL_no_config(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OPENSSL_config() configures OpenSSL using the standard <b>openssl.cnf</b> and reads from the application section <b>appname</b>. If <b>appname</b> is NULL then the default section, <b>openssl_conf</b>, will be used. Errors are silently ignored. Multiple calls have no effect.</p>
+
+<p>OPENSSL_no_config() disables configuration. If called before OPENSSL_config() no configuration takes place.</p>
+
+<p>If the application is built with <b>OPENSSL_LOAD_CONF</b> defined, then a call to OpenSSL_add_all_algorithms() will implicitly call OPENSSL_config() first.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The OPENSSL_config() function is designed to be a very simple &quot;call it and forget it&quot; function. It is however <b>much</b> better than nothing. Applications which need finer control over their configuration functionality should use the configuration functions such as CONF_modules_load() directly. This function is deprecated and its use should be avoided. Applications should instead call CONF_modules_load() during initialization (that is before starting any threads).</p>
+
+<p>There are several reasons why calling the OpenSSL configuration routines is advisable. For example, to load dynamic ENGINEs from shared libraries (DSOs). However very few applications currently support the control interface and so very few can load and use dynamic ENGINEs. Equally in future more sophisticated ENGINEs will require certain control operations to customize them. If an application calls OPENSSL_config() it doesn&#39;t need to know or care about ENGINE control operations because they can be performed by editing a configuration file.</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_CONF"><b>OPENSSL_CONF</b></dt>
+<dd>
+
+<p>The path to the config file. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Neither OPENSSL_config() nor OPENSSL_no_config() return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_no_config() and OPENSSL_config() functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_child.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_child.html
new file mode 100644
index 000000000..e6d298589
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_child.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_fork_prepare</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_fork_prepare, OPENSSL_fork_parent, OPENSSL_fork_child - OpenSSL fork handlers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_fork_prepare(void);
+ void OPENSSL_fork_parent(void);
+ void OPENSSL_fork_child(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL has state that should be reset when a process forks. For example, the entropy pool used to generate random numbers (and therefore encryption keys) should not be shared across multiple programs. The OPENSSL_fork_prepare(), OPENSSL_fork_parent(), and OPENSSL_fork_child() functions are used to reset this internal state.</p>
+
+<p>Platforms without fork(2) will probably not need to use these functions. Platforms with fork(2) but without pthreads_atfork(3) will probably need to call them manually, as described in the following paragraph. Platforms such as Linux that have both functions will normally not need to call these functions as the OpenSSL library will do so automatically.</p>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> will register these functions with the appropriate handler, when the <b>OPENSSL_INIT_ATFORK</b> flag is used. For other applications, these functions can be called directly. They should be used according to the calling sequence described by the pthreads_atfork(3) documentation, which is summarized here. OPENSSL_fork_prepare() should be called before a fork() is done. After the fork() returns, the parent process should call OPENSSL_fork_parent() and the child process should call OPENSSL_fork_child().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_fork_prepare(), OPENSSL_fork_parent() and OPENSSL_fork_child() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_parent.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_parent.html
new file mode 100644
index 000000000..e6d298589
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_parent.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_fork_prepare</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_fork_prepare, OPENSSL_fork_parent, OPENSSL_fork_child - OpenSSL fork handlers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_fork_prepare(void);
+ void OPENSSL_fork_parent(void);
+ void OPENSSL_fork_child(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL has state that should be reset when a process forks. For example, the entropy pool used to generate random numbers (and therefore encryption keys) should not be shared across multiple programs. The OPENSSL_fork_prepare(), OPENSSL_fork_parent(), and OPENSSL_fork_child() functions are used to reset this internal state.</p>
+
+<p>Platforms without fork(2) will probably not need to use these functions. Platforms with fork(2) but without pthreads_atfork(3) will probably need to call them manually, as described in the following paragraph. Platforms such as Linux that have both functions will normally not need to call these functions as the OpenSSL library will do so automatically.</p>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> will register these functions with the appropriate handler, when the <b>OPENSSL_INIT_ATFORK</b> flag is used. For other applications, these functions can be called directly. They should be used according to the calling sequence described by the pthreads_atfork(3) documentation, which is summarized here. OPENSSL_fork_prepare() should be called before a fork() is done. After the fork() returns, the parent process should call OPENSSL_fork_parent() and the child process should call OPENSSL_fork_child().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_fork_prepare(), OPENSSL_fork_parent() and OPENSSL_fork_child() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_prepare.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_prepare.html
new file mode 100644
index 000000000..e6d298589
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_fork_prepare.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_fork_prepare</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_fork_prepare, OPENSSL_fork_parent, OPENSSL_fork_child - OpenSSL fork handlers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_fork_prepare(void);
+ void OPENSSL_fork_parent(void);
+ void OPENSSL_fork_child(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL has state that should be reset when a process forks. For example, the entropy pool used to generate random numbers (and therefore encryption keys) should not be shared across multiple programs. The OPENSSL_fork_prepare(), OPENSSL_fork_parent(), and OPENSSL_fork_child() functions are used to reset this internal state.</p>
+
+<p>Platforms without fork(2) will probably not need to use these functions. Platforms with fork(2) but without pthreads_atfork(3) will probably need to call them manually, as described in the following paragraph. Platforms such as Linux that have both functions will normally not need to call these functions as the OpenSSL library will do so automatically.</p>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> will register these functions with the appropriate handler, when the <b>OPENSSL_INIT_ATFORK</b> flag is used. For other applications, these functions can be called directly. They should be used according to the calling sequence described by the pthreads_atfork(3) documentation, which is summarized here. OPENSSL_fork_prepare() should be called before a fork() is done. After the fork() returns, the parent process should call OPENSSL_fork_parent() and the child process should call OPENSSL_fork_child().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_fork_prepare(), OPENSSL_fork_parent() and OPENSSL_fork_child() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_free.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_free.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_free.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_hexchar2int.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_hexchar2int.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_hexchar2int.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_hexstr2buf.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_hexstr2buf.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_hexstr2buf.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_ia32cap.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_ia32cap.html
new file mode 100644
index 000000000..17b9e93c4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_ia32cap.html
@@ -0,0 +1,206 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_ia32cap</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_ia32cap - the x86[_64] processor capabilities vector</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> env OPENSSL_ia32cap=... &lt;application&gt;</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL supports a range of x86[_64] instruction set extensions. These extensions are denoted by individual bits in capability vector returned by processor in EDX:ECX register pair after executing CPUID instruction with EAX=1 input value (see Intel Application Note #241618). This vector is copied to memory upon toolkit initialization and used to choose between different code paths to provide optimal performance across wide range of processors. For the moment of this writing following bits are significant:</p>
+
+<dl>
+
+<dt id="bit-4-denoting-presence-of-Time-Stamp-Counter">bit #4 denoting presence of Time-Stamp Counter.</dt>
+<dd>
+
+</dd>
+<dt id="bit-19-denoting-availability-of-CLFLUSH-instruction">bit #19 denoting availability of CLFLUSH instruction;</dt>
+<dd>
+
+</dd>
+<dt id="bit-20-reserved-by-Intel-is-used-to-choose-among-RC4-code-paths">bit #20, reserved by Intel, is used to choose among RC4 code paths;</dt>
+<dd>
+
+</dd>
+<dt id="bit-23-denoting-MMX-support">bit #23 denoting MMX support;</dt>
+<dd>
+
+</dd>
+<dt id="bit-24-FXSR-bit-denoting-availability-of-XMM-registers">bit #24, FXSR bit, denoting availability of XMM registers;</dt>
+<dd>
+
+</dd>
+<dt id="bit-25-denoting-SSE-support">bit #25 denoting SSE support;</dt>
+<dd>
+
+</dd>
+<dt id="bit-26-denoting-SSE2-support">bit #26 denoting SSE2 support;</dt>
+<dd>
+
+</dd>
+<dt id="bit-28-denoting-Hyperthreading-which-is-used-to-distinguish-cores-with-shared-cache">bit #28 denoting Hyperthreading, which is used to distinguish cores with shared cache;</dt>
+<dd>
+
+</dd>
+<dt id="bit-30-reserved-by-Intel-denotes-specifically-Intel-CPUs">bit #30, reserved by Intel, denotes specifically Intel CPUs;</dt>
+<dd>
+
+</dd>
+<dt id="bit-33-denoting-availability-of-PCLMULQDQ-instruction">bit #33 denoting availability of PCLMULQDQ instruction;</dt>
+<dd>
+
+</dd>
+<dt id="bit-41-denoting-SSSE3-Supplemental-SSE3-support">bit #41 denoting SSSE3, Supplemental SSE3, support;</dt>
+<dd>
+
+</dd>
+<dt id="bit-43-denoting-AMD-XOP-support-forced-to-zero-on-non-AMD-CPUs">bit #43 denoting AMD XOP support (forced to zero on non-AMD CPUs);</dt>
+<dd>
+
+</dd>
+<dt id="bit-54-denoting-availability-of-MOVBE-instruction">bit #54 denoting availability of MOVBE instruction;</dt>
+<dd>
+
+</dd>
+<dt id="bit-57-denoting-AES-NI-instruction-set-extension">bit #57 denoting AES-NI instruction set extension;</dt>
+<dd>
+
+</dd>
+<dt id="bit-58-XSAVE-bit-lack-of-which-in-combination-with-MOVBE-is-used-to-identify-Atom-Silvermont-core">bit #58, XSAVE bit, lack of which in combination with MOVBE is used to identify Atom Silvermont core;</dt>
+<dd>
+
+</dd>
+<dt id="bit-59-OSXSAVE-bit-denoting-availability-of-YMM-registers">bit #59, OSXSAVE bit, denoting availability of YMM registers;</dt>
+<dd>
+
+</dd>
+<dt id="bit-60-denoting-AVX-extension">bit #60 denoting AVX extension;</dt>
+<dd>
+
+</dd>
+<dt id="bit-62-denoting-availability-of-RDRAND-instruction">bit #62 denoting availability of RDRAND instruction;</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>For example, in 32-bit application context clearing bit #26 at run-time disables high-performance SSE2 code present in the crypto library, while clearing bit #24 disables SSE2 code operating on 128-bit XMM register bank. You might have to do the latter if target OpenSSL application is executed on SSE2 capable CPU, but under control of OS that does not enable XMM registers. Historically address of the capability vector copy was exposed to application through OPENSSL_ia32cap_loc(), but not anymore. Now the only way to affect the capability detection is to set OPENSSL_ia32cap environment variable prior target application start. To give a specific example, on Intel P4 processor &#39;env OPENSSL_ia32cap=0x16980010 apps/openssl&#39;, or better yet &#39;env OPENSSL_ia32cap=~0x1000000 apps/openssl&#39; would achieve the desired effect. Alternatively you can reconfigure the toolkit with no-sse2 option and recompile.</p>
+
+<p>Less intuitive is clearing bit #28, or ~0x10000000 in the &quot;environment variable&quot; terms. The truth is that it&#39;s not copied from CPUID output verbatim, but is adjusted to reflect whether or not the data cache is actually shared between logical cores. This in turn affects the decision on whether or not expensive countermeasures against cache-timing attacks are applied, most notably in AES assembler module.</p>
+
+<p>The capability vector is further extended with EBX value returned by CPUID with EAX=7 and ECX=0 as input. Following bits are significant:</p>
+
+<dl>
+
+<dt id="bit-64-3-denoting-availability-of-BMI1-instructions-e.g.-ANDN">bit #64+3 denoting availability of BMI1 instructions, e.g. ANDN;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-5-denoting-availability-of-AVX2-instructions">bit #64+5 denoting availability of AVX2 instructions;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-8-denoting-availability-of-BMI2-instructions-e.g.-MULX-and-RORX">bit #64+8 denoting availability of BMI2 instructions, e.g. MULX and RORX;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-16-denoting-availability-of-AVX512F-extension">bit #64+16 denoting availability of AVX512F extension;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-18-denoting-availability-of-RDSEED-instruction">bit #64+18 denoting availability of RDSEED instruction;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-19-denoting-availability-of-ADCX-and-ADOX-instructions">bit #64+19 denoting availability of ADCX and ADOX instructions;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-21-denoting-availability-of-VPMADD52-LH-UQ-instructions-a.k.a.-AVX512IFMA-extension">bit #64+21 denoting availability of VPMADD52[LH]UQ instructions, a.k.a. AVX512IFMA extension;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-29-denoting-availability-of-SHA-extension">bit #64+29 denoting availability of SHA extension;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-30-denoting-availability-of-AVX512BW-extension">bit #64+30 denoting availability of AVX512BW extension;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-31-denoting-availability-of-AVX512VL-extension">bit #64+31 denoting availability of AVX512VL extension;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-41-denoting-availability-of-VAES-extension">bit #64+41 denoting availability of VAES extension;</dt>
+<dd>
+
+</dd>
+<dt id="bit-64-42-denoting-availability-of-VPCLMULQDQ-extension">bit #64+42 denoting availability of VPCLMULQDQ extension;</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>To control this extended capability word use &#39;:&#39; as delimiter when setting up OPENSSL_ia32cap environment variable. For example assigning &#39;:~0x20&#39; would disable AVX2 code paths, and &#39;:0&#39; - all post-AVX extensions.</p>
+
+<p>It should be noted that whether or not some of the most &quot;fancy&quot; extension code paths are actually assembled depends on current assembler version. Base minimum of AES-NI/PCLMULQDQ, SSSE3 and SHA extension code paths are always assembled. Apart from that, minimum assembler version requirements are summarized in below table:</p>
+
+<pre><code>   Extension   | GNU as | nasm   | llvm
+   ------------+--------+--------+--------
+   AVX         | 2.19   | 2.09   | 3.0
+   AVX2        | 2.22   | 2.10   | 3.1
+   ADCX/ADOX   | 2.23   | 2.10   | 3.3
+   AVX512      | 2.25   | 2.11.8 | see NOTES
+   AVX512IFMA  | 2.26   | 2.11.8 | see NOTES
+   VAES        | 2.30   | 2.13.3 |</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Even though AVX512 support was implemented in llvm 3.6, compilation of assembly modules apparently requires explicit -march flag. But then compiler generates processor-specific code, which in turn contradicts the mere idea of run-time switch execution facilitated by the variable in question. Till the limitation is lifted, it&#39;s possible to work around the problem by making build procedure use following script:</p>
+
+<pre><code>   #!/bin/sh
+   exec clang -no-integrated-as &quot;$@&quot;</code></pre>
+
+<p>instead of real clang. In which case it doesn&#39;t matter which clang version is used, as it is GNU assembler version that will be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Not available.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_init_crypto.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_init_crypto.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_init_crypto.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_init_ssl.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_init_ssl.html
new file mode 100644
index 000000000..40431d09c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_init_ssl.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_init_ssl - OpenSSL (libssl and libcrypto) initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libssl and libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_ssl() can be used for this purpose. Calling this function will explicitly initialise BOTH libcrypto and libssl. To explicitly initialise ONLY libcrypto see the <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> function.</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_ssl(). Therefore, in order to perform non-default initialisation, OPENSSL_init_ssl() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libssl and libcrypto should be initialised. Valid options for libcrypto are described on the <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> page. In addition to any libcrypto specific option the following libssl options can also be used:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_SSL_STRINGS">OPENSSL_INIT_NO_LOAD_SSL_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libssl error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_ssl() with the option <b>OPENSSL_INIT_LOAD_SSL_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_SSL_STRINGS">OPENSSL_INIT_LOAD_SSL_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libssl error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_ssl() with the option <b>OPENSSL_INIT_LOAD_SSL_STRINGS</b> will be ignored.</p>
+
+</dd>
+</dl>
+
+<p>OPENSSL_init_ssl() takes a <b>settings</b> parameter which can be used to set parameter values. See <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The function OPENSSL_init_ssl() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_ssl() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_instrument_bus.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_instrument_bus.html
new file mode 100644
index 000000000..e8374e2e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_instrument_bus.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_instrument_bus</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_instrument_bus, OPENSSL_instrument_bus2 - instrument references to memory bus</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #ifdef OPENSSL_CPUID_OBJ
+ size_t OPENSSL_instrument_bus(int *vector, size_t num);
+ size_t OPENSSL_instrument_bus2(int *vector, size_t num, size_t max);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>It was empirically found that timings of references to primary memory are subject to irregular, apparently non-deterministic variations. The subroutines in question instrument these references for purposes of gathering randomness for random number generator. In order to make it bus-bound a &#39;flush cache line&#39; instruction is used between probes. In addition probes are added to <b>vector</b> elements in atomic or interlocked manner, which should contribute additional noise on multi-processor systems. This also means that <b>vector[num]</b> should be zeroed upon invocation (if you want to retrieve actual probe values).</p>
+
+<p>OPENSSL_instrument_bus() performs <b>num</b> probes and records the number of oscillator cycles every probe took.</p>
+
+<p>OPENSSL_instrument_bus2() on the other hand <b>accumulates</b> consecutive probes with the same value, i.e. in a way it records duration of periods when probe values appeared deterministic. The subroutine performs at most <b>max</b> probes in attempt to fill the <b>vector[num]</b>, with <b>max</b> value of 0 meaning &quot;as many as it takes.&quot;</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Return value of 0 indicates that CPU is not capable of performing the benchmark, either because oscillator counter or &#39;flush cache line&#39; is not available on current platform. For reference, on x86 &#39;flush cache line&#39; was introduced with the SSE2 extensions.</p>
+
+<p>Otherwise number of recorded values is returned.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_instrument_bus2.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_instrument_bus2.html
new file mode 100644
index 000000000..e8374e2e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_instrument_bus2.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_instrument_bus</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_instrument_bus, OPENSSL_instrument_bus2 - instrument references to memory bus</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #ifdef OPENSSL_CPUID_OBJ
+ size_t OPENSSL_instrument_bus(int *vector, size_t num);
+ size_t OPENSSL_instrument_bus2(int *vector, size_t num, size_t max);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>It was empirically found that timings of references to primary memory are subject to irregular, apparently non-deterministic variations. The subroutines in question instrument these references for purposes of gathering randomness for random number generator. In order to make it bus-bound a &#39;flush cache line&#39; instruction is used between probes. In addition probes are added to <b>vector</b> elements in atomic or interlocked manner, which should contribute additional noise on multi-processor systems. This also means that <b>vector[num]</b> should be zeroed upon invocation (if you want to retrieve actual probe values).</p>
+
+<p>OPENSSL_instrument_bus() performs <b>num</b> probes and records the number of oscillator cycles every probe took.</p>
+
+<p>OPENSSL_instrument_bus2() on the other hand <b>accumulates</b> consecutive probes with the same value, i.e. in a way it records duration of periods when probe values appeared deterministic. The subroutine performs at most <b>max</b> probes in attempt to fill the <b>vector[num]</b>, with <b>max</b> value of 0 meaning &quot;as many as it takes.&quot;</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Return value of 0 indicates that CPU is not capable of performing the benchmark, either because oscillator counter or &#39;flush cache line&#39; is not available on current platform. For reference, on x86 &#39;flush cache line&#39; was introduced with the SSE2 extensions.</p>
+
+<p>Otherwise number of recorded values is returned.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_load_builtin_modules.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_load_builtin_modules.html
new file mode 100644
index 000000000..7bcd49022
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_load_builtin_modules.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_load_builtin_modules</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_load_builtin_modules, ASN1_add_oid_module, ENGINE_add_conf_module - add standard configuration modules</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ void OPENSSL_load_builtin_modules(void);
+ void ASN1_add_oid_module(void);
+ void ENGINE_add_conf_module(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function OPENSSL_load_builtin_modules() adds all the standard OpenSSL configuration modules to the internal list. They can then be used by the OpenSSL configuration code.</p>
+
+<p>ASN1_add_oid_module() adds just the ASN1 OBJECT module.</p>
+
+<p>ENGINE_add_conf_module() adds just the ENGINE configuration module.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If the simple configuration function OPENSSL_config() is called then OPENSSL_load_builtin_modules() is called automatically.</p>
+
+<p>Applications which use the configuration functions directly will need to call OPENSSL_load_builtin_modules() themselves <i>before</i> any other configuration code.</p>
+
+<p>Applications should call OPENSSL_load_builtin_modules() to load all configuration modules instead of adding modules selectively: otherwise functionality may be missing from the application if an when new modules are added.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/OPENSSL_config.html">OPENSSL_config(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_malloc.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_malloc.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_malloc.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_malloc_init.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_malloc_init.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_malloc_init.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_mem_debug_pop.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_mem_debug_pop.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_mem_debug_pop.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_mem_debug_push.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_mem_debug_push.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_mem_debug_push.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_memdup.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_memdup.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_memdup.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_no_config.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_no_config.html
new file mode 100644
index 000000000..d9d744087
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_no_config.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_config</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_config, OPENSSL_no_config - simple OpenSSL configuration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/conf.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OPENSSL_config(const char *appname);
+ void OPENSSL_no_config(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OPENSSL_config() configures OpenSSL using the standard <b>openssl.cnf</b> and reads from the application section <b>appname</b>. If <b>appname</b> is NULL then the default section, <b>openssl_conf</b>, will be used. Errors are silently ignored. Multiple calls have no effect.</p>
+
+<p>OPENSSL_no_config() disables configuration. If called before OPENSSL_config() no configuration takes place.</p>
+
+<p>If the application is built with <b>OPENSSL_LOAD_CONF</b> defined, then a call to OpenSSL_add_all_algorithms() will implicitly call OPENSSL_config() first.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The OPENSSL_config() function is designed to be a very simple &quot;call it and forget it&quot; function. It is however <b>much</b> better than nothing. Applications which need finer control over their configuration functionality should use the configuration functions such as CONF_modules_load() directly. This function is deprecated and its use should be avoided. Applications should instead call CONF_modules_load() during initialization (that is before starting any threads).</p>
+
+<p>There are several reasons why calling the OpenSSL configuration routines is advisable. For example, to load dynamic ENGINEs from shared libraries (DSOs). However very few applications currently support the control interface and so very few can load and use dynamic ENGINEs. Equally in future more sophisticated ENGINEs will require certain control operations to customize them. If an application calls OPENSSL_config() it doesn&#39;t need to know or care about ENGINE control operations because they can be performed by editing a configuration file.</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_CONF"><b>OPENSSL_CONF</b></dt>
+<dd>
+
+<p>The path to the config file. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Neither OPENSSL_config() nor OPENSSL_no_config() return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_no_config() and OPENSSL_config() functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_realloc.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_realloc.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_realloc.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_actual_size.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_actual_size.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_actual_size.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_clear_free.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_clear_free.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_clear_free.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_free.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_free.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_free.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_malloc.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_malloc.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_malloc.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_zalloc.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_zalloc.html
new file mode 100644
index 000000000..c7c4825e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_secure_zalloc.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_secure_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>CRYPTO_secure_malloc_init, CRYPTO_secure_malloc_initialized, CRYPTO_secure_malloc_done, OPENSSL_secure_malloc, CRYPTO_secure_malloc, OPENSSL_secure_zalloc, CRYPTO_secure_zalloc, OPENSSL_secure_free, CRYPTO_secure_free, OPENSSL_secure_clear_free, CRYPTO_secure_clear_free, OPENSSL_secure_actual_size, CRYPTO_secure_used - secure heap storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int CRYPTO_secure_malloc_init(size_t size, int minsize);
+
+ int CRYPTO_secure_malloc_initialized();
+
+ int CRYPTO_secure_malloc_done();
+
+ void *OPENSSL_secure_malloc(size_t num);
+ void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+
+ void *OPENSSL_secure_zalloc(size_t num);
+ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+
+ void OPENSSL_secure_free(void* ptr);
+ void CRYPTO_secure_free(void *ptr, const char *, int);
+
+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
+ size_t OPENSSL_secure_actual_size(const void *ptr);
+
+ size_t CRYPTO_secure_used();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In order to help protect applications (particularly long-running servers) from pointer overruns or underruns that could return arbitrary data from the program&#39;s dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a &quot;secure heap.&quot; The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your threat model and concerns.</p>
+
+<p>If a secure heap is used, then private key <b>BIGNUM</b> values are stored there. This protects long-term storage of private keys, but will not necessarily put all intermediate values and computations there.</p>
+
+<p>CRYPTO_secure_malloc_init() creates the secure heap, with the specified <code>size</code> in bytes. The <code>minsize</code> parameter is the minimum size to allocate from the heap. Both <code>size</code> and <code>minsize</code> must be a power of two.</p>
+
+<p>CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.</p>
+
+<p>CRYPTO_secure_malloc_done() releases the heap and makes the memory unavailable to the process if all secure memory has been freed. It can take noticeably long to complete.</p>
+
+<p>OPENSSL_secure_malloc() allocates <code>num</code> bytes from the heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_malloc(). It is a macro that expands to CRYPTO_secure_malloc() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters.</p>
+
+<p>OPENSSL_secure_zalloc() and CRYPTO_secure_zalloc() are like OPENSSL_secure_malloc() and CRYPTO_secure_malloc(), respectively, except that they call memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_secure_free() releases the memory at <code>ptr</code> back to the heap. It must be called with a value previously obtained from OPENSSL_secure_malloc(). If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_free(). It exists for consistency with OPENSSL_secure_malloc() , and is a macro that expands to CRYPTO_secure_free() and adds the <code>__FILE__</code> and <code>__LINE__</code> parameters..</p>
+
+<p>OPENSSL_secure_clear_free() is similar to OPENSSL_secure_free() except that it has an additional <code>num</code> parameter which is used to clear the memory if it was not allocated from the secure heap. If CRYPTO_secure_malloc_init() is not called, this is equivalent to calling OPENSSL_clear_free().</p>
+
+<p>OPENSSL_secure_actual_size() tells the actual size allocated to the pointer; implementations may allocate more space than initially requested, in order to &quot;round up&quot; and reduce secure heap fragmentation.</p>
+
+<p>CRYPTO_secure_used() returns the number of bytes allocated in the secure heap.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>CRYPTO_secure_malloc_init() returns 0 on failure, 1 if successful, and 2 if successful but the heap could not be protected by memory mapping.</p>
+
+<p>CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is available (that is, if CRYPTO_secure_malloc_init() has been called, but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.</p>
+
+<p>OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or <code>NULL</code> if memory could not be allocated.</p>
+
+<p>CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.</p>
+
+<p>CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.</p>
+
+<p>OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_malloc.html">OPENSSL_malloc(3)</a>, <a href="../man3/BN_new.html">BN_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_secure_clear_free() function was added in OpenSSL 1.1.0g.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strdup.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strdup.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strdup.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strlcat.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strlcat.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strlcat.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strlcpy.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strlcpy.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strlcpy.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strndup.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strndup.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_strndup.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_thread_stop.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_thread_stop.html
new file mode 100644
index 000000000..89da92c71
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_thread_stop.html
@@ -0,0 +1,221 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_init_crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_INIT_new, OPENSSL_INIT_set_config_filename, OPENSSL_INIT_set_config_appname, OPENSSL_INIT_set_config_file_flags, OPENSSL_INIT_free, OPENSSL_init_crypto, OPENSSL_cleanup, OPENSSL_atexit, OPENSSL_thread_stop - OpenSSL initialisation and deinitialisation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ void OPENSSL_cleanup(void);
+ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+ int OPENSSL_atexit(void (*handler)(void));
+ void OPENSSL_thread_stop(void);
+
+ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+ int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *init,
+                                      const char* filename);
+ int OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *init,
+                                        unsigned long flags);
+ int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *init,
+                                     const char* name);
+ void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *init);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During normal operation OpenSSL (libcrypto) will allocate various resources at start up that must, subsequently, be freed on close down of the library. Additionally some resources are allocated on a per thread basis (if the application is multi-threaded), and these resources must be freed prior to the thread closing.</p>
+
+<p>As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required. Similarly it will also automatically deinitialise as required.</p>
+
+<p>However, there may be situations when explicit initialisation is desirable or needed, for example when some non-default initialisation is required. The function OPENSSL_init_crypto() can be used for this purpose for libcrypto (see also <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for the libssl equivalent).</p>
+
+<p>Numerous internal OpenSSL functions call OPENSSL_init_crypto(). Therefore, in order to perform non-default initialisation, OPENSSL_init_crypto() MUST be called by application code prior to any other OpenSSL function calls.</p>
+
+<p>The <b>opts</b> parameter specifies which aspects of libcrypto should be initialised. Valid options are:</p>
+
+<dl>
+
+<dt id="OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Suppress automatic loading of the libcrypto error strings. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CRYPTO_STRINGS">OPENSSL_INIT_LOAD_CRYPTO_STRINGS</dt>
+<dd>
+
+<p>Automatic loading of the libcrypto error strings. With this option the library will automatically load the libcrypto error strings. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_CIPHERS">OPENSSL_INIT_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto ciphers. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ADD_ALL_DIGESTS">OPENSSL_INIT_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_NO_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_CIPHERS">OPENSSL_INIT_NO_ADD_ALL_CIPHERS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto ciphers. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_CIPHERS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ADD_ALL_DIGESTS">OPENSSL_INIT_NO_ADD_ALL_DIGESTS</dt>
+<dd>
+
+<p>With this option the library will suppress automatic loading of libcrypto digests. This option is not a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option <b>OPENSSL_INIT_ADD_ALL_DIGESTS</b> will be ignored.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_LOAD_CONFIG">OPENSSL_INIT_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option an OpenSSL configuration file will be automatically loaded and used by calling OPENSSL_config(). This is not a default option for libcrypto. As of OpenSSL 1.1.1 this is a default option for libssl (see <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a> for further details about libssl initialisation). See the description of OPENSSL_INIT_new(), below.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_LOAD_CONFIG">OPENSSL_INIT_NO_LOAD_CONFIG</dt>
+<dd>
+
+<p>With this option the loading of OpenSSL configuration files will be suppressed. It is the equivalent of calling OPENSSL_no_config(). This is not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ASYNC">OPENSSL_INIT_ASYNC</dt>
+<dd>
+
+<p>With this option the library with automatically initialise the libcrypto async sub-library (see <a href="../man3/ASYNC_start_job.html">ASYNC_start_job(3)</a>). This is a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_RDRAND">OPENSSL_INIT_ENGINE_RDRAND</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the RDRAND engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_DYNAMIC">OPENSSL_INIT_ENGINE_DYNAMIC</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the dynamic engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_OPENSSL">OPENSSL_INIT_ENGINE_OPENSSL</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the openssl engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CRYPTODEV">OPENSSL_INIT_ENGINE_CRYPTODEV</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the cryptodev engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_CAPI">OPENSSL_INIT_ENGINE_CAPI</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the CAPI engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_PADLOCK">OPENSSL_INIT_ENGINE_PADLOCK</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the padlock engine (if available). This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_AFALG">OPENSSL_INIT_ENGINE_AFALG</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise the AFALG engine. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ENGINE_ALL_BUILTIN">OPENSSL_INIT_ENGINE_ALL_BUILTIN</dt>
+<dd>
+
+<p>With this option the library will automatically load and initialise all the built in engines listed above with the exception of the openssl and afalg engines. This not a default option.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_ATFORK">OPENSSL_INIT_ATFORK</dt>
+<dd>
+
+<p>With this option the library will register its fork handlers. See OPENSSL_fork_prepare(3) for details.</p>
+
+</dd>
+<dt id="OPENSSL_INIT_NO_ATEXIT">OPENSSL_INIT_NO_ATEXIT</dt>
+<dd>
+
+<p>By default OpenSSL will attempt to clean itself up when the process exits via an &quot;atexit&quot; handler. Using this option suppresses that behaviour. This means that the application will have to clean up OpenSSL explicitly using OPENSSL_cleanup().</p>
+
+</dd>
+</dl>
+
+<p>Multiple options may be combined together in a single call to OPENSSL_init_crypto(). For example:</p>
+
+<pre><code> OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS
+                     | OPENSSL_INIT_NO_ADD_ALL_DIGESTS, NULL);</code></pre>
+
+<p>The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto and libssl). All resources allocated by OpenSSL are freed. Typically there should be no need to call this function directly as it is initiated automatically on application exit. This is done via the standard C library atexit() function. In the event that the application will close in a manner that will not call the registered atexit() handlers then the application should call OPENSSL_cleanup() directly. Developers of libraries using OpenSSL are discouraged from calling this function and should instead, typically, rely on auto-deinitialisation. This is to avoid error conditions where both an application and a library it depends on both use OpenSSL, and the library deinitialises it before the application has finished using it.</p>
+
+<p>Once OPENSSL_cleanup() has been called the library cannot be reinitialised. Attempts to call OPENSSL_init_crypto() will fail and an ERR_R_INIT_FAIL error will be added to the error stack. Note that because initialisation has failed OpenSSL error strings will not be available, only an error code. This code can be put through the openssl errstr command line application to produce a human readable error (see <a href="../man1/errstr.html">errstr(1)</a>).</p>
+
+<p>The OPENSSL_atexit() function enables the registration of a function to be called during OPENSSL_cleanup(). Stop handlers are called after deinitialisation of resources local to a thread, but before other process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution.</p>
+
+<p>The OPENSSL_thread_stop() function deallocates resources associated with the current thread. Typically this function will be called automatically by the library when the thread exits. This should only be called directly if resources should be freed at an earlier time, or under the circumstances described in the NOTES section below.</p>
+
+<p>The <b>OPENSSL_INIT_LOAD_CONFIG</b> flag will load a configuration file, as with <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a> with NULL filename and application name and the <b>CONF_MFLAGS_IGNORE_MISSING_FILE</b>, <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> and <b>CONF_MFLAGS_DEFAULT_SECTION</b> flags. The filename, application name, and flags can be customized by providing a non-null <b>OPENSSL_INIT_SETTINGS</b> object. The object can be allocated via <b>OPENSSL_init_new()</b>. The <b>OPENSSL_INIT_set_config_filename()</b> function can be used to specify a non-default filename, which is copied and need not refer to persistent storage. Similarly, OPENSSL_INIT_set_config_appname() can be used to specify a non-default application name. Finally, OPENSSL_INIT_set_file_flags can be used to specify non-default flags. If the <b>CONF_MFLAGS_IGNORE_RETURN_CODES</b> flag is not included, any errors in the configuration file will cause an error return from <b>OPENSSL_init_crypto</b> or indirectly <a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a>. The object can be released with OPENSSL_INIT_free() when done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Resources local to a thread are deallocated automatically when the thread exits (e.g. in a pthreads environment, when pthread_exit() is called). On Windows platforms this is done in response to a DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point. Some windows functions may cause threads to exit without sending this message (for example ExitProcess()). If the application uses such functions, then the application must free up OpenSSL resources directly via a call to OPENSSL_thread_stop() on each thread. Similarly this message will also not be sent if OpenSSL is linked statically, and therefore applications using static linking should also call OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded dynamically via LoadLibrary() and the threads are not destroyed until after FreeLibrary() is called then each thread should call OPENSSL_thread_stop() prior to the FreeLibrary() call.</p>
+
+<p>On Linux/Unix where OpenSSL has been loaded via dlopen() and the application is multi-threaded and if dlclose() is subsequently called prior to the threads being destroyed then OpenSSL will not be able to deallocate resources associated with those threads. The application should either call OPENSSL_thread_stop() on each thread prior to the dlclose() call, or alternatively the original dlopen() call should use the RTLD_NODELETE flag (where available on the platform).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions OPENSSL_init_crypto, OPENSSL_atexit() and OPENSSL_INIT_set_config_appname() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_init_ssl.html">OPENSSL_init_ssl(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OPENSSL_init_crypto(), OPENSSL_cleanup(), OPENSSL_atexit(), OPENSSL_thread_stop(), OPENSSL_INIT_new(), OPENSSL_INIT_set_config_appname() and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OPENSSL_zalloc.html b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_zalloc.html
new file mode 100644
index 000000000..d90ba3c08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OPENSSL_zalloc.html
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_malloc</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_malloc_init, OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, OPENSSL_strdup, OPENSSL_strndup, OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, OPENSSL_hexstr2buf, OPENSSL_buf2hexstr, OPENSSL_hexchar2int, CRYPTO_strdup, CRYPTO_strndup, OPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, CRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, CRYPTO_clear_realloc, CRYPTO_clear_free, CRYPTO_get_mem_functions, CRYPTO_set_mem_functions, CRYPTO_get_alloc_counts, CRYPTO_set_mem_debug, CRYPTO_mem_ctrl, CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, OPENSSL_MALLOC_FAILURES, OPENSSL_MALLOC_FD - Memory allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/crypto.h&gt;
+
+ int OPENSSL_malloc_init(void)
+
+ void *OPENSSL_malloc(size_t num)
+ void *OPENSSL_zalloc(size_t num)
+ void *OPENSSL_realloc(void *addr, size_t num)
+ void OPENSSL_free(void *addr)
+ char *OPENSSL_strdup(const char *str)
+ char *OPENSSL_strndup(const char *str, size_t s)
+ size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
+ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
+ void *OPENSSL_memdup(void *data, size_t s)
+ void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num)
+ void OPENSSL_clear_free(void *str, size_t num)
+ void OPENSSL_cleanse(void *ptr, size_t len);
+
+ unsigned char *OPENSSL_hexstr2buf(const char *str, long *len);
+ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len);
+ int OPENSSL_hexchar2int(unsigned char c);
+
+ void *CRYPTO_malloc(size_t num, const char *file, int line)
+ void *CRYPTO_zalloc(size_t num, const char *file, int line)
+ void *CRYPTO_realloc(void *p, size_t num, const char *file, int line)
+ void CRYPTO_free(void *str, const char *, int)
+ char *CRYPTO_strdup(const char *p, const char *file, int line)
+ char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line)
+ void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
+                            const char *file, int line)
+ void CRYPTO_clear_free(void *str, size_t num, const char *, int)
+
+ void CRYPTO_get_mem_functions(
+         void *(**m)(size_t, const char *, int),
+         void *(**r)(void *, size_t, const char *, int),
+         void (**f)(void *, const char *, int))
+ int CRYPTO_set_mem_functions(
+         void *(*m)(size_t, const char *, int),
+         void *(*r)(void *, size_t, const char *, int),
+         void (*f)(void *, const char *, int))
+
+ void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
+
+ int CRYPTO_set_mem_debug(int onoff)
+
+ env OPENSSL_MALLOC_FAILURES=... &lt;application&gt;
+ env OPENSSL_MALLOC_FD=... &lt;application&gt;
+
+ int CRYPTO_mem_ctrl(int mode);
+
+ int OPENSSL_mem_debug_push(const char *info)
+ int OPENSSL_mem_debug_pop(void);
+
+ int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
+ int CRYPTO_mem_debug_pop(void);
+
+ int CRYPTO_mem_leaks(BIO *b);
+ int CRYPTO_mem_leaks_fp(FILE *fp);
+ int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+                         void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL memory allocation is handled by the <b>OPENSSL_xxx</b> API. These are generally macro&#39;s that add the standard C <b>__FILE__</b> and <b>__LINE__</b> parameters and call a lower-level <b>CRYPTO_xxx</b> API. Some functions do not add those parameters, but exist for consistency.</p>
+
+<p>OPENSSL_malloc_init() does nothing and does not need to be called. It is included for compatibility with older versions of OpenSSL.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the C malloc(), realloc(), and free() functions. OPENSSL_zalloc() calls memset() to zero the memory before returning.</p>
+
+<p>OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at <b>addr</b> holds sensitive information. The old buffer is filled with zero&#39;s by calling OPENSSL_cleanse() before ultimately calling OPENSSL_free().</p>
+
+<p>OPENSSL_cleanse() fills <b>ptr</b> of size <b>len</b> with a string of 0&#39;s. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. If the storage controller uses write compression, then its possible that sensitive tail bytes will survive zeroization because the block of zeros will be compressed. If the storage controller uses wear leveling, then the old sensitive data will not be overwritten; rather, a block of 0&#39;s will be written at a new physical location.</p>
+
+<p>OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the equivalent C functions, except that memory is allocated by calling the OPENSSL_malloc() and should be released by calling OPENSSL_free().</p>
+
+<p>OPENSSL_strlcpy(), OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C library functions and are provided for portability.</p>
+
+<p>OPENSSL_hexstr2buf() parses <b>str</b> as a hex string and returns a pointer to the parsed value. The memory is allocated by calling OPENSSL_malloc() and should be released by calling OPENSSL_free(). If <b>len</b> is not NULL, it is filled in with the output length. Colons between two-character hex &quot;bytes&quot; are ignored. An odd number of hex digits is an error.</p>
+
+<p>OPENSSL_buf2hexstr() takes the specified buffer and length, and returns a hex string for value, or NULL on error. <b>Buffer</b> cannot be NULL; if <b>len</b> is 0 an empty string is returned.</p>
+
+<p>OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent, or returns -1 on error.</p>
+
+<p>If no allocations have been done, it is possible to &quot;swap out&quot; the default implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free() and replace them with alternate versions (hooks). CRYPTO_get_mem_functions() function fills in the given arguments with the function pointers for the current implementations. With CRYPTO_set_mem_functions(), you can specify a different set of functions. If any of <b>m</b>, <b>r</b>, or <b>f</b> are NULL, then the function is not changed.</p>
+
+<p>The default implementation can include some debugging capability (if enabled at build-time). This adds some overhead by keeping a list of all memory allocations, and removes items from the list when they are free&#39;d. This is most useful for identifying memory leaks. CRYPTO_set_mem_debug() turns this tracking on and off. In order to have any effect, is must be called before any of the allocation functions (e.g., CRYPTO_malloc()) are called, and is therefore normally one of the first lines of main() in an application. CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking. To enable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_ON</b>. To disable tracking call CRYPTO_mem_ctrl() with a <b>mode</b> argument of the <b>CRYPTO_MEM_CHECK_OFF</b>.</p>
+
+<p>While checking memory, it can be useful to store additional context about what is being done. For example, identifying the field names when parsing a complicated data structure. OPENSSL_mem_debug_push() (which calls CRYPTO_mem_debug_push()) attachs an identifying string to the allocation stack. This must be a global or other static string; it is not copied. OPENSSL_mem_debug_pop() removes identifying state from the stack.</p>
+
+<p>At the end of the program, calling CRYPTO_mem_leaks() or CRYPTO_mem_leaks_fp() will report all &quot;leaked&quot; memory, writing it to the specified BIO <b>b</b> or FILE <b>fp</b>. These functions return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead of writing to a given BIO, the callback function is called for each output string with the string, length, and userdata <b>u</b> as the callback parameters.</p>
+
+<p>If the library is built with the <code>crypto-mdebug</code> option, then one function, CRYPTO_get_alloc_counts(), and two additional environment variables, <b>OPENSSL_MALLOC_FAILURES</b> and <b>OPENSSL_MALLOC_FD</b>, are available.</p>
+
+<p>The function CRYPTO_get_alloc_counts() fills in the number of times each of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been called, into the values pointed to by <b>mcount</b>, <b>rcount</b>, and <b>fcount</b>, respectively. If a pointer is NULL, then the corresponding count is not stored.</p>
+
+<p>The variable <b>OPENSSL_MALLOC_FAILURES</b> controls how often allocations should fail. It is a set of fields separated by semicolons, which each field is a count (defaulting to zero) and an optional atsign and percentage (defaulting to 100). If the count is zero, then it lasts forever. For example, <code>100;@25</code> or <code>100@0;0@25</code> means the first 100 allocations pass, then all other allocations (until the program exits or crashes) have a 25% chance of failing.</p>
+
+<p>If the variable <b>OPENSSL_MALLOC_FD</b> is parsed as a positive integer, then it is taken as an open file descriptor, and a record of all allocations is written to that descriptor. If an allocation will fail, and the platform supports it, then a backtrace will be written to the descriptor. This can be useful because a malloc may fail but not be checked, and problems will only occur later. The following example in classic shell syntax shows how to use this (will not work on all platforms):</p>
+
+<pre><code>  OPENSSL_MALLOC_FAILURES=&#39;200;@10&#39;
+  export OPENSSL_MALLOC_FAILURES
+  OPENSSL_MALLOC_FD=3
+  export OPENSSL_MALLOC_FD
+  ...app invocation... 3&gt;/tmp/log$$</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() return no value.</p>
+
+<p>CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if there are no leaks, 0 if there are leaks and -1 if an error occurred.</p>
+
+<p>OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), OPENSSL_clear_realloc(), CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), CRYPTO_clear_realloc(), OPENSSL_buf2hexstr(), OPENSSL_hexstr2buf(), OPENSSL_strdup(), and OPENSSL_strndup() return a pointer to allocated memory or NULL on error.</p>
+
+<p>CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug() return 1 on success or 0 on failure (almost always because allocations have already happened).</p>
+
+<p>CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the previous value of the mode.</p>
+
+<p>OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop() return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>While it&#39;s permitted to swap out only a few and not all the functions with CRYPTO_set_mem_functions(), it&#39;s recommended to swap them all out at once. <i>This applies specially if OpenSSL was built with the configuration option</i> <code>crypto-mdebug</code> <i>enabled. In case, swapping out only, say, the malloc() implementation is outright dangerous.</i></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_CTX.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_CTX.html
new file mode 100644
index 000000000..538ac52a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_CTX.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_open</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-SCHEMES">SUPPORTED SCHEMES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                             void *);
+
+ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+                                 void *ui_data,
+                                 OSSL_STORE_post_process_info_fn post_process,
+                                 void *post_process_data);
+ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help the application to fetch supported objects (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a> for information on which those are) from a given URI (see <a href="#SUPPORTED-SCHEMES">&quot;SUPPORTED SCHEMES&quot;</a> for more information on the supported URI schemes). The general method to do so is to &quot;open&quot; the URI using OSSL_STORE_open(), read each available and supported object using OSSL_STORE_load() as long as OSSL_STORE_eof() hasn&#39;t been reached, and finish it off with OSSL_STORE_close().</p>
+
+<p>The retrieved information is stored in a <b>OSSL_STORE_INFO</b>, which is further described in <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_CTX</b> is a context variable that holds all the internal information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_open() takes a uri or path <b>uri</b>, password UI method <b>ui_method</b> with associated data <b>ui_data</b>, and post processing callback <b>post_process</b> with associated data <b>post_process_data</b>, opens a channel to the data located at that URI and returns a <b>OSSL_STORE_CTX</b> with all necessary internal information. The given <b>ui_method</b> and <b>ui_data_data</b> will be reused by all functions that use <b>OSSL_STORE_CTX</b> when interaction is needed. The given <b>post_process</b> and <b>post_process_data</b> will be reused by OSSL_STORE_load() to manipulate or drop the value to be returned. The <b>post_process</b> function drops values by returning <b>NULL</b>, which will cause OSSL_STORE_load() to start its process over with loading the next object, until <b>post_process</b> returns something other than <b>NULL</b>, or the end of data is reached as indicated by OSSL_STORE_eof().</p>
+
+<p>OSSL_STORE_ctrl() takes a <b>OSSL_STORE_CTX</b>, and command number <b>cmd</b> and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that&#39;s used and is documented together with that loader.</p>
+
+<p>There are also global controls available:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_C_USE_SECMEM"><b>OSSL_STORE_C_USE_SECMEM</b></dt>
+<dd>
+
+<p>Controls if the loader should attempt to use secure memory for any allocated <b>OSSL_STORE_INFO</b> and its contents. This control expects one argument, a pointer to an <b>int</b> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.</p>
+
+</dd>
+</dl>
+
+<p>OSSL_STORE_load() takes a <b>OSSL_STORE_CTX</b>, tries to load the next available object and return it wrapped with <b>OSSL_STORE_INFO</b>.</p>
+
+<p>OSSL_STORE_eof() takes a <b>OSSL_STORE_CTX</b> and checks if we&#39;ve reached the end of data.</p>
+
+<p>OSSL_STORE_error() takes a <b>OSSL_STORE_CTX</b> and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.</p>
+
+<p>OSSL_STORE_close() takes a <b>OSSL_STORE_CTX</b>, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the <b>OSSL_STORE_CTX</b>, as well as the <b>OSSL_STORE_CTX</b> itself.</p>
+
+<h1 id="SUPPORTED-SCHEMES">SUPPORTED SCHEMES</h1>
+
+<p>The basic supported scheme is <b>file:</b>. Any other scheme can be added dynamically, using OSSL_STORE_register_loader().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A string without a scheme prefix (that is, a non-URI string) is implicitly interpreted as using the <i>file:</i> scheme.</p>
+
+<p>There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it&#39;s a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason <code>OSSL_STORE_R_UNREGISTERED_SCHEME</code>.</p>
+
+<p>These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the <b>file:</b> scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for further information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_open() returns a pointer to a <b>OSSL_STORE_CTX</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_load() returns a pointer to a <b>OSSL_STORE_INFO</b> on success, or <b>NULL</b> on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned <b>NULL</b>.</p>
+
+<p>OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.</p>
+
+<p>OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.</p>
+
+<p>OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_free.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_free.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_CERT.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_CERT.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_CERT.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_CRL.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_CRL.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_CRL.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_NAME.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_NAME.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_NAME.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_NAME_description.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_NAME_description.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_NAME_description.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_PARAMS.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_PARAMS.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_PKEY.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_PKEY.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_PKEY.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_CERT.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_CERT.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_CERT.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_CRL.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_CRL.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_CRL.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_NAME.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_NAME.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_NAME.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_NAME_description.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_NAME_description.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_NAME_description.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_PARAMS.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_PARAMS.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_PKEY.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_PKEY.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_PKEY.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get_type.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get_type.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get_type.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_CERT.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_CERT.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_CERT.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_CRL.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_CRL.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_CRL.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_NAME.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_NAME.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_NAME.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_PARAMS.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_PARAMS.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_PKEY.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_PKEY.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_PKEY.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_set0_NAME_description.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_set0_NAME_description.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_set0_NAME_description.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_type_string.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_type_string.html
new file mode 100644
index 000000000..0aa121e02
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_type_string.html
@@ -0,0 +1,163 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_INFO</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-OBJECTS">SUPPORTED OBJECTS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME, OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL, OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description, OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free, OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description, OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_info_st OSSL_STORE_INFO;
+
+ int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *store_info);
+ char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *store_info);
+ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO
+                                                   *store_info);
+ char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
+ X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *store_info);
+ X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *store_info);
+
+ const char *OSSL_STORE_INFO_type_string(int type);
+
+ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *store_info);
+
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+ int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are primarily useful for applications to retrieve supported objects from <b>OSSL_STORE_INFO</b> objects and for scheme specific loaders to create <b>OSSL_STORE_INFO</b> holders.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_INFO</b> is an opaque type that&#39;s just an intermediary holder for the objects that have been retrieved by OSSL_STORE_load() and similar functions. Supported OpenSSL type object can be extracted using one of STORE_INFO_get0_TYPE(). The life time of this extracted object is as long as the life time of the <b>OSSL_STORE_INFO</b> it was extracted from, so care should be taken not to free the latter too early. As an alternative, STORE_INFO_get1_TYPE() extracts a duplicate (or the same object with its reference count increased), which can be used after the containing <b>OSSL_STORE_INFO</b> has been freed. The object returned by STORE_INFO_get1_TYPE() must be freed separately by the caller. See <a href="#SUPPORTED-OBJECTS">&quot;SUPPORTED OBJECTS&quot;</a> for more information on the types that are supported.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_INFO_get_type() takes a <b>OSSL_STORE_INFO</b> and returns the STORE type number for the object inside. STORE_INFO_get_type_string() takes a STORE type number and returns a short string describing it.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a <b>OSSL_STORE_INFO</b> and return the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(), OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a <b>OSSL_STORE_INFO</b> and return a duplicate of the held object of the appropriate OpenSSL type provided that&#39;s what&#39;s held.</p>
+
+<p>OSSL_STORE_INFO_free() frees a <b>OSSL_STORE_INFO</b> and its contained type.</p>
+
+<p>OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() create a <b>OSSL_STORE_INFO</b> object to hold the given input object. Additionally, for <b>OSSL_STORE_INFO_NAME</b>` objects, OSSL_STORE_INFO_set0_NAME_description() can be used to add an extra description. This description is meant to be human readable and should be used for information printout.</p>
+
+<h1 id="SUPPORTED-OBJECTS">SUPPORTED OBJECTS</h1>
+
+<p>Currently supported object types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_INFO_NAME">OSSL_STORE_INFO_NAME</dt>
+<dd>
+
+<p>A name is exactly that, a name. It&#39;s like a name in a directory, but formatted as a complete URI. For example, the path in URI <code>file:/foo/bar/</code> could include a file named <code>cookie.pem</code>, and in that case, the returned <b>OSSL_STORE_INFO_NAME</b> object would have the URI <code>file:/foo/bar/cookie.pem</code>, which can be used by the application to get the objects in that file. This can be applied to all schemes that can somehow support a listing of object URIs.</p>
+
+<p>For <code>file:</code> URIs that are used without the explicit scheme, the returned name will be the path of each object, so if <code>/foo/bar</code> was given and that path has the file <code>cookie.pem</code>, the name <code>/foo/bar/cookie.pem</code> will be returned.</p>
+
+<p>The returned URI is considered canonical and must be unique and permanent for the storage where the object (or collection of objects) resides. Each loader is responsible for ensuring that it only returns canonical URIs. However, it&#39;s possible that certain schemes allow an object (or collection thereof) to be reached with alternative URIs; just because one URI is canonical doesn&#39;t mean that other variants can&#39;t be used.</p>
+
+<p>At the discretion of the loader that was used to get these names, an extra description may be attached as well.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PARAMS">OSSL_STORE_INFO_PARAMS</dt>
+<dd>
+
+<p>Key parameters.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_PKEY">OSSL_STORE_INFO_PKEY</dt>
+<dd>
+
+<p>A private/public key of some sort.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CERT">OSSL_STORE_INFO_CERT</dt>
+<dd>
+
+<p>An X.509 certificate.</p>
+
+</dd>
+<dt id="OSSL_STORE_INFO_CRL">OSSL_STORE_INFO_CRL</dt>
+<dd>
+
+<p>A X.509 certificate revocation list.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_INFO_get_type() returns the STORE type number of the given <b>OSSL_STORE_INFO</b>. There is no error value.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all return a pointer to a duplicate of the OpenSSL object on success, NULL otherwise.</p>
+
+<p>OSSL_STORE_INFO_type_string() returns a string on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() return a <b>OSSL_STORE_INFO</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_INFO_set0_NAME_description() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_INFO(), OSSL_STORE_INFO_get_type(), OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), OSSL_STORE_INFO_get0_CRL(), OSSL_STORE_INFO_type_string(), OSSL_STORE_INFO_free(), OSSL_STORE_INFO_new_NAME(), OSSL_STORE_INFO_new_PARAMS(), OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_CTX.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_CTX.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_CTX.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_free.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_free.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_free.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_get0_engine.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_get0_engine.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_get0_engine.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_get0_scheme.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_get0_scheme.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_get0_scheme.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_new.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_new.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_new.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_close.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_close.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_close.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_ctrl.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_ctrl.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_eof.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_eof.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_eof.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_error.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_error.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_error.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_expect.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_expect.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_expect.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_find.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_find.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_find.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_load.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_load.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_load.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_open.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_open.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_open.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_alias.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_alias.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_alias.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_issuer_serial.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_issuer_serial.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_issuer_serial.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_key_fingerprint.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_key_fingerprint.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_key_fingerprint.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_name.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_name.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_name.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_free.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_free.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_free.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_bytes.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_bytes.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_bytes.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_digest.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_digest.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_digest.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_name.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_name.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_name.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_serial.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_serial.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_serial.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_string.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_string.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_string.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get_type.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get_type.html
new file mode 100644
index 000000000..7f093b825
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get_type.html
@@ -0,0 +1,151 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_SEARCH</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Application-Functions">Application Functions</a></li>
+      <li><a href="#Loader-Functions">Loader Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_SEARCH, OSSL_STORE_SEARCH_by_name, OSSL_STORE_SEARCH_by_issuer_serial, OSSL_STORE_SEARCH_by_key_fingerprint, OSSL_STORE_SEARCH_by_alias, OSSL_STORE_SEARCH_free, OSSL_STORE_SEARCH_get_type, OSSL_STORE_SEARCH_get0_name, OSSL_STORE_SEARCH_get0_serial, OSSL_STORE_SEARCH_get0_bytes, OSSL_STORE_SEARCH_get0_string, OSSL_STORE_SEARCH_get0_digest - Type and functions to create OSSL_STORE search criteria</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+                                                       const ASN1_INTEGER
+                                                       *serial);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+                                                         const unsigned char
+                                                         *bytes, int len);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+ void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+ int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+ X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+                                                   *criterion);
+ const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+                                                   *criterion, size_t *length);
+ const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH
+                                             *criterion);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to specify search criteria to help search for specific objects through other names than just the URI that&#39;s given to OSSL_STORE_open(). For example, this can be useful for an application that has received a URI and then wants to add on search criteria in a uniform and supported manner.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_SEARCH</b> is an opaque type that holds the constructed search criterion, and that can be given to an OSSL_STORE context with OSSL_STORE_find().</p>
+
+<p>The calling application owns the allocation of an <b>OSSL_STORE_SEARCH</b> at all times, and should therefore be careful not to deallocate it before OSSL_STORE_close() has been called for the OSSL_STORE context it was given to.</p>
+
+<h2 id="Application-Functions">Application Functions</h2>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() are used to create an <b>OSSL_STORE_SEARCH</b> from a subject name, an issuer name and serial number pair, a key fingerprint, and an alias (for example a friendly name). The parameters that are provided are not copied, only referred to in a criterion, so they must have at least the same life time as the created <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_free() is used to free the <b>OSSL_STORE_SEARCH</b>.</p>
+
+<h2 id="Loader-Functions">Loader Functions</h2>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type for the given <b>OSSL_STORE_SEARCH</b>.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), OSSL_STORE_SEARCH_get0_string(), and OSSL_STORE_SEARCH_get0_digest() are used to retrieve different data from a <b>OSSL_STORE_SEARCH</b>, as available for each type. For more information, see <a href="#SUPPORTED-CRITERION-TYPES">&quot;SUPPORTED CRITERION TYPES&quot;</a> below.</p>
+
+<h1 id="SUPPORTED-CRITERION-TYPES">SUPPORTED CRITERION TYPES</h1>
+
+<p>Currently supported criterion types are:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_SEARCH_BY_NAME">OSSL_STORE_SEARCH_BY_NAME</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of subject name. The subject name itself is a <b>X509_NAME</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_name(), and the actual subject name is retrieved with OSSL_STORE_SEARCH_get0_name().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ISSUER_SERIAL">OSSL_STORE_SEARCH_BY_ISSUER_SERIAL</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of both issuer name and serial number. The issuer name itself is a <b>X509_NAME</b> pointer, and the serial number is a <b>ASN1_INTEGER</b> pointer. A criterion of this type is created with OSSL_STORE_SEARCH_by_issuer_serial() and the actual issuer name and serial number are retrieved with OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_SEARCH_get0_serial().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT">OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT</dt>
+<dd>
+
+<p>This criterion supports a search by exact match of key fingerprint. The key fingerprint in itself is a string of bytes and its length, as well as the algorithm that was used to compute the fingerprint. The digest may be left unspecified (NULL), and in that case, the loader has to decide on a default digest and compare fingerprints accordingly. A criterion of this type is created with OSSL_STORE_SEARCH_by_key_fingerprint() and the actual fingerprint and its length can be retrieved with OSSL_STORE_SEARCH_get0_bytes(). The digest can be retrieved with OSSL_STORE_SEARCH_get0_digest().</p>
+
+</dd>
+<dt id="OSSL_STORE_SEARCH_BY_ALIAS">OSSL_STORE_SEARCH_BY_ALIAS</dt>
+<dd>
+
+<p>This criterion supports a search by match of an alias of some kind. The alias in itself is a simple C string. A criterion of this type is created with OSSL_STORE_SEARCH_by_alias() and the actual alias is retrieved with OSSL_STORE_SEARCH_get0_string().</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), and OSSL_STORE_SEARCH_by_alias() return a <b>OSSL_STORE_SEARCH</b> pointer on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_SEARCH_get_type() returns the criterion type of the given <b>OSSL_STORE_SEARCH</b>. There is no error value.</p>
+
+<p>OSSL_STORE_SEARCH_get0_name() returns a <b>X509_NAME</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_serial() returns a <b>ASN1_INTEGER</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_bytes() returns a <b>const unsigned char</b> pointer and sets <b>*length</b> to the strings length on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_string() returns a <b>const char</b> pointer on success, or <b>NULL</b> when the given <b>OSSL_STORE_SEARCH</b> was of a different type.</p>
+
+<p>OSSL_STORE_SEARCH_get0_digest() returns a <b>const EVP_MD</b> pointer. <b>NULL</b> is a valid value and means that the store loader default will be used when applicable.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_supports_search.html">OSSL_STORE_supports_search(3)</a>, <a href="../man3/OSSL_STORE_find.html">OSSL_STORE_find(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>OSSL_STORE_SEARCH</b>, OSSL_STORE_SEARCH_by_name(), OSSL_STORE_SEARCH_by_issuer_serial(), OSSL_STORE_SEARCH_by_key_fingerprint(), OSSL_STORE_SEARCH_by_alias(), OSSL_STORE_SEARCH_free(), OSSL_STORE_SEARCH_get_type(), OSSL_STORE_SEARCH_get0_name(), OSSL_STORE_SEARCH_get0_serial(), OSSL_STORE_SEARCH_get0_bytes(), and OSSL_STORE_SEARCH_get0_string() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_close.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_close.html
new file mode 100644
index 000000000..538ac52a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_close.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_open</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-SCHEMES">SUPPORTED SCHEMES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                             void *);
+
+ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+                                 void *ui_data,
+                                 OSSL_STORE_post_process_info_fn post_process,
+                                 void *post_process_data);
+ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help the application to fetch supported objects (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a> for information on which those are) from a given URI (see <a href="#SUPPORTED-SCHEMES">&quot;SUPPORTED SCHEMES&quot;</a> for more information on the supported URI schemes). The general method to do so is to &quot;open&quot; the URI using OSSL_STORE_open(), read each available and supported object using OSSL_STORE_load() as long as OSSL_STORE_eof() hasn&#39;t been reached, and finish it off with OSSL_STORE_close().</p>
+
+<p>The retrieved information is stored in a <b>OSSL_STORE_INFO</b>, which is further described in <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_CTX</b> is a context variable that holds all the internal information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_open() takes a uri or path <b>uri</b>, password UI method <b>ui_method</b> with associated data <b>ui_data</b>, and post processing callback <b>post_process</b> with associated data <b>post_process_data</b>, opens a channel to the data located at that URI and returns a <b>OSSL_STORE_CTX</b> with all necessary internal information. The given <b>ui_method</b> and <b>ui_data_data</b> will be reused by all functions that use <b>OSSL_STORE_CTX</b> when interaction is needed. The given <b>post_process</b> and <b>post_process_data</b> will be reused by OSSL_STORE_load() to manipulate or drop the value to be returned. The <b>post_process</b> function drops values by returning <b>NULL</b>, which will cause OSSL_STORE_load() to start its process over with loading the next object, until <b>post_process</b> returns something other than <b>NULL</b>, or the end of data is reached as indicated by OSSL_STORE_eof().</p>
+
+<p>OSSL_STORE_ctrl() takes a <b>OSSL_STORE_CTX</b>, and command number <b>cmd</b> and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that&#39;s used and is documented together with that loader.</p>
+
+<p>There are also global controls available:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_C_USE_SECMEM"><b>OSSL_STORE_C_USE_SECMEM</b></dt>
+<dd>
+
+<p>Controls if the loader should attempt to use secure memory for any allocated <b>OSSL_STORE_INFO</b> and its contents. This control expects one argument, a pointer to an <b>int</b> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.</p>
+
+</dd>
+</dl>
+
+<p>OSSL_STORE_load() takes a <b>OSSL_STORE_CTX</b>, tries to load the next available object and return it wrapped with <b>OSSL_STORE_INFO</b>.</p>
+
+<p>OSSL_STORE_eof() takes a <b>OSSL_STORE_CTX</b> and checks if we&#39;ve reached the end of data.</p>
+
+<p>OSSL_STORE_error() takes a <b>OSSL_STORE_CTX</b> and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.</p>
+
+<p>OSSL_STORE_close() takes a <b>OSSL_STORE_CTX</b>, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the <b>OSSL_STORE_CTX</b>, as well as the <b>OSSL_STORE_CTX</b> itself.</p>
+
+<h1 id="SUPPORTED-SCHEMES">SUPPORTED SCHEMES</h1>
+
+<p>The basic supported scheme is <b>file:</b>. Any other scheme can be added dynamically, using OSSL_STORE_register_loader().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A string without a scheme prefix (that is, a non-URI string) is implicitly interpreted as using the <i>file:</i> scheme.</p>
+
+<p>There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it&#39;s a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason <code>OSSL_STORE_R_UNREGISTERED_SCHEME</code>.</p>
+
+<p>These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the <b>file:</b> scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for further information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_open() returns a pointer to a <b>OSSL_STORE_CTX</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_load() returns a pointer to a <b>OSSL_STORE_INFO</b> on success, or <b>NULL</b> on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned <b>NULL</b>.</p>
+
+<p>OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.</p>
+
+<p>OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.</p>
+
+<p>OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_close_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_close_fn.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_close_fn.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_ctrl.html
new file mode 100644
index 000000000..538ac52a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_ctrl.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_open</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-SCHEMES">SUPPORTED SCHEMES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                             void *);
+
+ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+                                 void *ui_data,
+                                 OSSL_STORE_post_process_info_fn post_process,
+                                 void *post_process_data);
+ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help the application to fetch supported objects (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a> for information on which those are) from a given URI (see <a href="#SUPPORTED-SCHEMES">&quot;SUPPORTED SCHEMES&quot;</a> for more information on the supported URI schemes). The general method to do so is to &quot;open&quot; the URI using OSSL_STORE_open(), read each available and supported object using OSSL_STORE_load() as long as OSSL_STORE_eof() hasn&#39;t been reached, and finish it off with OSSL_STORE_close().</p>
+
+<p>The retrieved information is stored in a <b>OSSL_STORE_INFO</b>, which is further described in <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_CTX</b> is a context variable that holds all the internal information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_open() takes a uri or path <b>uri</b>, password UI method <b>ui_method</b> with associated data <b>ui_data</b>, and post processing callback <b>post_process</b> with associated data <b>post_process_data</b>, opens a channel to the data located at that URI and returns a <b>OSSL_STORE_CTX</b> with all necessary internal information. The given <b>ui_method</b> and <b>ui_data_data</b> will be reused by all functions that use <b>OSSL_STORE_CTX</b> when interaction is needed. The given <b>post_process</b> and <b>post_process_data</b> will be reused by OSSL_STORE_load() to manipulate or drop the value to be returned. The <b>post_process</b> function drops values by returning <b>NULL</b>, which will cause OSSL_STORE_load() to start its process over with loading the next object, until <b>post_process</b> returns something other than <b>NULL</b>, or the end of data is reached as indicated by OSSL_STORE_eof().</p>
+
+<p>OSSL_STORE_ctrl() takes a <b>OSSL_STORE_CTX</b>, and command number <b>cmd</b> and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that&#39;s used and is documented together with that loader.</p>
+
+<p>There are also global controls available:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_C_USE_SECMEM"><b>OSSL_STORE_C_USE_SECMEM</b></dt>
+<dd>
+
+<p>Controls if the loader should attempt to use secure memory for any allocated <b>OSSL_STORE_INFO</b> and its contents. This control expects one argument, a pointer to an <b>int</b> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.</p>
+
+</dd>
+</dl>
+
+<p>OSSL_STORE_load() takes a <b>OSSL_STORE_CTX</b>, tries to load the next available object and return it wrapped with <b>OSSL_STORE_INFO</b>.</p>
+
+<p>OSSL_STORE_eof() takes a <b>OSSL_STORE_CTX</b> and checks if we&#39;ve reached the end of data.</p>
+
+<p>OSSL_STORE_error() takes a <b>OSSL_STORE_CTX</b> and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.</p>
+
+<p>OSSL_STORE_close() takes a <b>OSSL_STORE_CTX</b>, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the <b>OSSL_STORE_CTX</b>, as well as the <b>OSSL_STORE_CTX</b> itself.</p>
+
+<h1 id="SUPPORTED-SCHEMES">SUPPORTED SCHEMES</h1>
+
+<p>The basic supported scheme is <b>file:</b>. Any other scheme can be added dynamically, using OSSL_STORE_register_loader().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A string without a scheme prefix (that is, a non-URI string) is implicitly interpreted as using the <i>file:</i> scheme.</p>
+
+<p>There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it&#39;s a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason <code>OSSL_STORE_R_UNREGISTERED_SCHEME</code>.</p>
+
+<p>These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the <b>file:</b> scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for further information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_open() returns a pointer to a <b>OSSL_STORE_CTX</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_load() returns a pointer to a <b>OSSL_STORE_INFO</b> on success, or <b>NULL</b> on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned <b>NULL</b>.</p>
+
+<p>OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.</p>
+
+<p>OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.</p>
+
+<p>OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_ctrl_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_ctrl_fn.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_ctrl_fn.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_eof.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_eof.html
new file mode 100644
index 000000000..538ac52a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_eof.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_open</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-SCHEMES">SUPPORTED SCHEMES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                             void *);
+
+ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+                                 void *ui_data,
+                                 OSSL_STORE_post_process_info_fn post_process,
+                                 void *post_process_data);
+ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help the application to fetch supported objects (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a> for information on which those are) from a given URI (see <a href="#SUPPORTED-SCHEMES">&quot;SUPPORTED SCHEMES&quot;</a> for more information on the supported URI schemes). The general method to do so is to &quot;open&quot; the URI using OSSL_STORE_open(), read each available and supported object using OSSL_STORE_load() as long as OSSL_STORE_eof() hasn&#39;t been reached, and finish it off with OSSL_STORE_close().</p>
+
+<p>The retrieved information is stored in a <b>OSSL_STORE_INFO</b>, which is further described in <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_CTX</b> is a context variable that holds all the internal information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_open() takes a uri or path <b>uri</b>, password UI method <b>ui_method</b> with associated data <b>ui_data</b>, and post processing callback <b>post_process</b> with associated data <b>post_process_data</b>, opens a channel to the data located at that URI and returns a <b>OSSL_STORE_CTX</b> with all necessary internal information. The given <b>ui_method</b> and <b>ui_data_data</b> will be reused by all functions that use <b>OSSL_STORE_CTX</b> when interaction is needed. The given <b>post_process</b> and <b>post_process_data</b> will be reused by OSSL_STORE_load() to manipulate or drop the value to be returned. The <b>post_process</b> function drops values by returning <b>NULL</b>, which will cause OSSL_STORE_load() to start its process over with loading the next object, until <b>post_process</b> returns something other than <b>NULL</b>, or the end of data is reached as indicated by OSSL_STORE_eof().</p>
+
+<p>OSSL_STORE_ctrl() takes a <b>OSSL_STORE_CTX</b>, and command number <b>cmd</b> and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that&#39;s used and is documented together with that loader.</p>
+
+<p>There are also global controls available:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_C_USE_SECMEM"><b>OSSL_STORE_C_USE_SECMEM</b></dt>
+<dd>
+
+<p>Controls if the loader should attempt to use secure memory for any allocated <b>OSSL_STORE_INFO</b> and its contents. This control expects one argument, a pointer to an <b>int</b> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.</p>
+
+</dd>
+</dl>
+
+<p>OSSL_STORE_load() takes a <b>OSSL_STORE_CTX</b>, tries to load the next available object and return it wrapped with <b>OSSL_STORE_INFO</b>.</p>
+
+<p>OSSL_STORE_eof() takes a <b>OSSL_STORE_CTX</b> and checks if we&#39;ve reached the end of data.</p>
+
+<p>OSSL_STORE_error() takes a <b>OSSL_STORE_CTX</b> and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.</p>
+
+<p>OSSL_STORE_close() takes a <b>OSSL_STORE_CTX</b>, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the <b>OSSL_STORE_CTX</b>, as well as the <b>OSSL_STORE_CTX</b> itself.</p>
+
+<h1 id="SUPPORTED-SCHEMES">SUPPORTED SCHEMES</h1>
+
+<p>The basic supported scheme is <b>file:</b>. Any other scheme can be added dynamically, using OSSL_STORE_register_loader().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A string without a scheme prefix (that is, a non-URI string) is implicitly interpreted as using the <i>file:</i> scheme.</p>
+
+<p>There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it&#39;s a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason <code>OSSL_STORE_R_UNREGISTERED_SCHEME</code>.</p>
+
+<p>These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the <b>file:</b> scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for further information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_open() returns a pointer to a <b>OSSL_STORE_CTX</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_load() returns a pointer to a <b>OSSL_STORE_INFO</b> on success, or <b>NULL</b> on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned <b>NULL</b>.</p>
+
+<p>OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.</p>
+
+<p>OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.</p>
+
+<p>OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_eof_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_eof_fn.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_eof_fn.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_error.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_error.html
new file mode 100644
index 000000000..538ac52a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_error.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_open</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-SCHEMES">SUPPORTED SCHEMES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                             void *);
+
+ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+                                 void *ui_data,
+                                 OSSL_STORE_post_process_info_fn post_process,
+                                 void *post_process_data);
+ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help the application to fetch supported objects (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a> for information on which those are) from a given URI (see <a href="#SUPPORTED-SCHEMES">&quot;SUPPORTED SCHEMES&quot;</a> for more information on the supported URI schemes). The general method to do so is to &quot;open&quot; the URI using OSSL_STORE_open(), read each available and supported object using OSSL_STORE_load() as long as OSSL_STORE_eof() hasn&#39;t been reached, and finish it off with OSSL_STORE_close().</p>
+
+<p>The retrieved information is stored in a <b>OSSL_STORE_INFO</b>, which is further described in <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_CTX</b> is a context variable that holds all the internal information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_open() takes a uri or path <b>uri</b>, password UI method <b>ui_method</b> with associated data <b>ui_data</b>, and post processing callback <b>post_process</b> with associated data <b>post_process_data</b>, opens a channel to the data located at that URI and returns a <b>OSSL_STORE_CTX</b> with all necessary internal information. The given <b>ui_method</b> and <b>ui_data_data</b> will be reused by all functions that use <b>OSSL_STORE_CTX</b> when interaction is needed. The given <b>post_process</b> and <b>post_process_data</b> will be reused by OSSL_STORE_load() to manipulate or drop the value to be returned. The <b>post_process</b> function drops values by returning <b>NULL</b>, which will cause OSSL_STORE_load() to start its process over with loading the next object, until <b>post_process</b> returns something other than <b>NULL</b>, or the end of data is reached as indicated by OSSL_STORE_eof().</p>
+
+<p>OSSL_STORE_ctrl() takes a <b>OSSL_STORE_CTX</b>, and command number <b>cmd</b> and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that&#39;s used and is documented together with that loader.</p>
+
+<p>There are also global controls available:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_C_USE_SECMEM"><b>OSSL_STORE_C_USE_SECMEM</b></dt>
+<dd>
+
+<p>Controls if the loader should attempt to use secure memory for any allocated <b>OSSL_STORE_INFO</b> and its contents. This control expects one argument, a pointer to an <b>int</b> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.</p>
+
+</dd>
+</dl>
+
+<p>OSSL_STORE_load() takes a <b>OSSL_STORE_CTX</b>, tries to load the next available object and return it wrapped with <b>OSSL_STORE_INFO</b>.</p>
+
+<p>OSSL_STORE_eof() takes a <b>OSSL_STORE_CTX</b> and checks if we&#39;ve reached the end of data.</p>
+
+<p>OSSL_STORE_error() takes a <b>OSSL_STORE_CTX</b> and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.</p>
+
+<p>OSSL_STORE_close() takes a <b>OSSL_STORE_CTX</b>, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the <b>OSSL_STORE_CTX</b>, as well as the <b>OSSL_STORE_CTX</b> itself.</p>
+
+<h1 id="SUPPORTED-SCHEMES">SUPPORTED SCHEMES</h1>
+
+<p>The basic supported scheme is <b>file:</b>. Any other scheme can be added dynamically, using OSSL_STORE_register_loader().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A string without a scheme prefix (that is, a non-URI string) is implicitly interpreted as using the <i>file:</i> scheme.</p>
+
+<p>There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it&#39;s a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason <code>OSSL_STORE_R_UNREGISTERED_SCHEME</code>.</p>
+
+<p>These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the <b>file:</b> scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for further information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_open() returns a pointer to a <b>OSSL_STORE_CTX</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_load() returns a pointer to a <b>OSSL_STORE_INFO</b> on success, or <b>NULL</b> on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned <b>NULL</b>.</p>
+
+<p>OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.</p>
+
+<p>OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.</p>
+
+<p>OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_error_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_error_fn.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_error_fn.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_expect.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_expect.html
new file mode 100644
index 000000000..9986639de
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_expect.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_expect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_expect, OSSL_STORE_supports_search, OSSL_STORE_find - Specify what object type is expected</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type);
+
+ int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int criterion_type);
+
+ int OSSL_STORE_find(OSSL_STORE_CTX *ctx, OSSL_STORE_SEARCH *search);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OSSL_STORE_expect() helps applications filter what OSSL_STORE_load() returns by specifying a <b>OSSL_STORE_INFO</b> type. For example, if <code>file:/foo/bar/store.pem</code> contains several different objects and only the certificates are interesting, the application can simply say that it expects the type <b>OSSL_STORE_INFO_CERT</b>. All known object types (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a>) except for <b>OSSL_STORE_INFO_NAME</b> are supported.</p>
+
+<p>OSSL_STORE_find() helps applications specify a criterion for a more fine grained search of objects.</p>
+
+<p>OSSL_STORE_supports_search() checks if the loader of the given OSSL_STORE context supports the given search type. See <a href="/../man3/OSSL_STORE_SEARCH.html#SUPPORED-CRITERION-TYPES">&quot;SUPPORED CRITERION TYPES&quot; in OSSL_STORE_SEARCH</a> for information on the supported search criterion types.</p>
+
+<p>OSSL_STORE_expect() and OSSL_STORE_find <i>must</i> be called before the first OSSL_STORE_load() of a given session, or they will fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If a more elaborate filter is required by the application, a better choice would be to use a post-processing function. See <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a> for more information.</p>
+
+<p>However, some loaders may take advantage of the knowledge of an expected type to make object retrieval more efficient, so if a single type is expected, this method is usually preferable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_expect() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_supports_search() returns 1 if the criterion is supported, or 0 otherwise.</p>
+
+<p>OSSL_STORE_find() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_SEARCH.html">OSSL_STORE_SEARCH(3)</a>, <a href="../man3/OSSL_STORE_load.html">OSSL_STORE_load(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_expect(), OSSL_STORE_supports_search() and OSSL_STORE_find() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_expect_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_expect_fn.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_expect_fn.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_find.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_find.html
new file mode 100644
index 000000000..9986639de
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_find.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_expect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_expect, OSSL_STORE_supports_search, OSSL_STORE_find - Specify what object type is expected</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type);
+
+ int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int criterion_type);
+
+ int OSSL_STORE_find(OSSL_STORE_CTX *ctx, OSSL_STORE_SEARCH *search);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OSSL_STORE_expect() helps applications filter what OSSL_STORE_load() returns by specifying a <b>OSSL_STORE_INFO</b> type. For example, if <code>file:/foo/bar/store.pem</code> contains several different objects and only the certificates are interesting, the application can simply say that it expects the type <b>OSSL_STORE_INFO_CERT</b>. All known object types (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a>) except for <b>OSSL_STORE_INFO_NAME</b> are supported.</p>
+
+<p>OSSL_STORE_find() helps applications specify a criterion for a more fine grained search of objects.</p>
+
+<p>OSSL_STORE_supports_search() checks if the loader of the given OSSL_STORE context supports the given search type. See <a href="/../man3/OSSL_STORE_SEARCH.html#SUPPORED-CRITERION-TYPES">&quot;SUPPORED CRITERION TYPES&quot; in OSSL_STORE_SEARCH</a> for information on the supported search criterion types.</p>
+
+<p>OSSL_STORE_expect() and OSSL_STORE_find <i>must</i> be called before the first OSSL_STORE_load() of a given session, or they will fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If a more elaborate filter is required by the application, a better choice would be to use a post-processing function. See <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a> for more information.</p>
+
+<p>However, some loaders may take advantage of the knowledge of an expected type to make object retrieval more efficient, so if a single type is expected, this method is usually preferable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_expect() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_supports_search() returns 1 if the criterion is supported, or 0 otherwise.</p>
+
+<p>OSSL_STORE_find() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_SEARCH.html">OSSL_STORE_SEARCH(3)</a>, <a href="../man3/OSSL_STORE_load.html">OSSL_STORE_load(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_expect(), OSSL_STORE_supports_search() and OSSL_STORE_find() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_find_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_find_fn.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_find_fn.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_load.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_load.html
new file mode 100644
index 000000000..538ac52a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_load.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_open</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-SCHEMES">SUPPORTED SCHEMES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                             void *);
+
+ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+                                 void *ui_data,
+                                 OSSL_STORE_post_process_info_fn post_process,
+                                 void *post_process_data);
+ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help the application to fetch supported objects (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a> for information on which those are) from a given URI (see <a href="#SUPPORTED-SCHEMES">&quot;SUPPORTED SCHEMES&quot;</a> for more information on the supported URI schemes). The general method to do so is to &quot;open&quot; the URI using OSSL_STORE_open(), read each available and supported object using OSSL_STORE_load() as long as OSSL_STORE_eof() hasn&#39;t been reached, and finish it off with OSSL_STORE_close().</p>
+
+<p>The retrieved information is stored in a <b>OSSL_STORE_INFO</b>, which is further described in <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_CTX</b> is a context variable that holds all the internal information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_open() takes a uri or path <b>uri</b>, password UI method <b>ui_method</b> with associated data <b>ui_data</b>, and post processing callback <b>post_process</b> with associated data <b>post_process_data</b>, opens a channel to the data located at that URI and returns a <b>OSSL_STORE_CTX</b> with all necessary internal information. The given <b>ui_method</b> and <b>ui_data_data</b> will be reused by all functions that use <b>OSSL_STORE_CTX</b> when interaction is needed. The given <b>post_process</b> and <b>post_process_data</b> will be reused by OSSL_STORE_load() to manipulate or drop the value to be returned. The <b>post_process</b> function drops values by returning <b>NULL</b>, which will cause OSSL_STORE_load() to start its process over with loading the next object, until <b>post_process</b> returns something other than <b>NULL</b>, or the end of data is reached as indicated by OSSL_STORE_eof().</p>
+
+<p>OSSL_STORE_ctrl() takes a <b>OSSL_STORE_CTX</b>, and command number <b>cmd</b> and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that&#39;s used and is documented together with that loader.</p>
+
+<p>There are also global controls available:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_C_USE_SECMEM"><b>OSSL_STORE_C_USE_SECMEM</b></dt>
+<dd>
+
+<p>Controls if the loader should attempt to use secure memory for any allocated <b>OSSL_STORE_INFO</b> and its contents. This control expects one argument, a pointer to an <b>int</b> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.</p>
+
+</dd>
+</dl>
+
+<p>OSSL_STORE_load() takes a <b>OSSL_STORE_CTX</b>, tries to load the next available object and return it wrapped with <b>OSSL_STORE_INFO</b>.</p>
+
+<p>OSSL_STORE_eof() takes a <b>OSSL_STORE_CTX</b> and checks if we&#39;ve reached the end of data.</p>
+
+<p>OSSL_STORE_error() takes a <b>OSSL_STORE_CTX</b> and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.</p>
+
+<p>OSSL_STORE_close() takes a <b>OSSL_STORE_CTX</b>, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the <b>OSSL_STORE_CTX</b>, as well as the <b>OSSL_STORE_CTX</b> itself.</p>
+
+<h1 id="SUPPORTED-SCHEMES">SUPPORTED SCHEMES</h1>
+
+<p>The basic supported scheme is <b>file:</b>. Any other scheme can be added dynamically, using OSSL_STORE_register_loader().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A string without a scheme prefix (that is, a non-URI string) is implicitly interpreted as using the <i>file:</i> scheme.</p>
+
+<p>There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it&#39;s a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason <code>OSSL_STORE_R_UNREGISTERED_SCHEME</code>.</p>
+
+<p>These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the <b>file:</b> scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for further information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_open() returns a pointer to a <b>OSSL_STORE_CTX</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_load() returns a pointer to a <b>OSSL_STORE_INFO</b> on success, or <b>NULL</b> on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned <b>NULL</b>.</p>
+
+<p>OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.</p>
+
+<p>OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.</p>
+
+<p>OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_load_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_load_fn.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_load_fn.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_open.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_open.html
new file mode 100644
index 000000000..538ac52a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_open.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_open</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-SCHEMES">SUPPORTED SCHEMES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                             void *);
+
+ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+                                 void *ui_data,
+                                 OSSL_STORE_post_process_info_fn post_process,
+                                 void *post_process_data);
+ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help the application to fetch supported objects (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a> for information on which those are) from a given URI (see <a href="#SUPPORTED-SCHEMES">&quot;SUPPORTED SCHEMES&quot;</a> for more information on the supported URI schemes). The general method to do so is to &quot;open&quot; the URI using OSSL_STORE_open(), read each available and supported object using OSSL_STORE_load() as long as OSSL_STORE_eof() hasn&#39;t been reached, and finish it off with OSSL_STORE_close().</p>
+
+<p>The retrieved information is stored in a <b>OSSL_STORE_INFO</b>, which is further described in <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_CTX</b> is a context variable that holds all the internal information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_open() takes a uri or path <b>uri</b>, password UI method <b>ui_method</b> with associated data <b>ui_data</b>, and post processing callback <b>post_process</b> with associated data <b>post_process_data</b>, opens a channel to the data located at that URI and returns a <b>OSSL_STORE_CTX</b> with all necessary internal information. The given <b>ui_method</b> and <b>ui_data_data</b> will be reused by all functions that use <b>OSSL_STORE_CTX</b> when interaction is needed. The given <b>post_process</b> and <b>post_process_data</b> will be reused by OSSL_STORE_load() to manipulate or drop the value to be returned. The <b>post_process</b> function drops values by returning <b>NULL</b>, which will cause OSSL_STORE_load() to start its process over with loading the next object, until <b>post_process</b> returns something other than <b>NULL</b>, or the end of data is reached as indicated by OSSL_STORE_eof().</p>
+
+<p>OSSL_STORE_ctrl() takes a <b>OSSL_STORE_CTX</b>, and command number <b>cmd</b> and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that&#39;s used and is documented together with that loader.</p>
+
+<p>There are also global controls available:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_C_USE_SECMEM"><b>OSSL_STORE_C_USE_SECMEM</b></dt>
+<dd>
+
+<p>Controls if the loader should attempt to use secure memory for any allocated <b>OSSL_STORE_INFO</b> and its contents. This control expects one argument, a pointer to an <b>int</b> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.</p>
+
+</dd>
+</dl>
+
+<p>OSSL_STORE_load() takes a <b>OSSL_STORE_CTX</b>, tries to load the next available object and return it wrapped with <b>OSSL_STORE_INFO</b>.</p>
+
+<p>OSSL_STORE_eof() takes a <b>OSSL_STORE_CTX</b> and checks if we&#39;ve reached the end of data.</p>
+
+<p>OSSL_STORE_error() takes a <b>OSSL_STORE_CTX</b> and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.</p>
+
+<p>OSSL_STORE_close() takes a <b>OSSL_STORE_CTX</b>, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the <b>OSSL_STORE_CTX</b>, as well as the <b>OSSL_STORE_CTX</b> itself.</p>
+
+<h1 id="SUPPORTED-SCHEMES">SUPPORTED SCHEMES</h1>
+
+<p>The basic supported scheme is <b>file:</b>. Any other scheme can be added dynamically, using OSSL_STORE_register_loader().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A string without a scheme prefix (that is, a non-URI string) is implicitly interpreted as using the <i>file:</i> scheme.</p>
+
+<p>There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it&#39;s a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason <code>OSSL_STORE_R_UNREGISTERED_SCHEME</code>.</p>
+
+<p>These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the <b>file:</b> scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for further information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_open() returns a pointer to a <b>OSSL_STORE_CTX</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_load() returns a pointer to a <b>OSSL_STORE_INFO</b> on success, or <b>NULL</b> on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned <b>NULL</b>.</p>
+
+<p>OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.</p>
+
+<p>OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.</p>
+
+<p>OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_open_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_open_fn.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_open_fn.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_post_process_info_fn.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_post_process_info_fn.html
new file mode 100644
index 000000000..538ac52a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_post_process_info_fn.html
@@ -0,0 +1,133 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_open</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#SUPPORTED-SCHEMES">SUPPORTED SCHEMES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                             void *);
+
+ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+                                 void *ui_data,
+                                 OSSL_STORE_post_process_info_fn post_process,
+                                 void *post_process_data);
+ int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help the application to fetch supported objects (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a> for information on which those are) from a given URI (see <a href="#SUPPORTED-SCHEMES">&quot;SUPPORTED SCHEMES&quot;</a> for more information on the supported URI schemes). The general method to do so is to &quot;open&quot; the URI using OSSL_STORE_open(), read each available and supported object using OSSL_STORE_load() as long as OSSL_STORE_eof() hasn&#39;t been reached, and finish it off with OSSL_STORE_close().</p>
+
+<p>The retrieved information is stored in a <b>OSSL_STORE_INFO</b>, which is further described in <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_CTX</b> is a context variable that holds all the internal information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together.</p>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_open() takes a uri or path <b>uri</b>, password UI method <b>ui_method</b> with associated data <b>ui_data</b>, and post processing callback <b>post_process</b> with associated data <b>post_process_data</b>, opens a channel to the data located at that URI and returns a <b>OSSL_STORE_CTX</b> with all necessary internal information. The given <b>ui_method</b> and <b>ui_data_data</b> will be reused by all functions that use <b>OSSL_STORE_CTX</b> when interaction is needed. The given <b>post_process</b> and <b>post_process_data</b> will be reused by OSSL_STORE_load() to manipulate or drop the value to be returned. The <b>post_process</b> function drops values by returning <b>NULL</b>, which will cause OSSL_STORE_load() to start its process over with loading the next object, until <b>post_process</b> returns something other than <b>NULL</b>, or the end of data is reached as indicated by OSSL_STORE_eof().</p>
+
+<p>OSSL_STORE_ctrl() takes a <b>OSSL_STORE_CTX</b>, and command number <b>cmd</b> and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that&#39;s used and is documented together with that loader.</p>
+
+<p>There are also global controls available:</p>
+
+<dl>
+
+<dt id="OSSL_STORE_C_USE_SECMEM"><b>OSSL_STORE_C_USE_SECMEM</b></dt>
+<dd>
+
+<p>Controls if the loader should attempt to use secure memory for any allocated <b>OSSL_STORE_INFO</b> and its contents. This control expects one argument, a pointer to an <b>int</b> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.</p>
+
+</dd>
+</dl>
+
+<p>OSSL_STORE_load() takes a <b>OSSL_STORE_CTX</b>, tries to load the next available object and return it wrapped with <b>OSSL_STORE_INFO</b>.</p>
+
+<p>OSSL_STORE_eof() takes a <b>OSSL_STORE_CTX</b> and checks if we&#39;ve reached the end of data.</p>
+
+<p>OSSL_STORE_error() takes a <b>OSSL_STORE_CTX</b> and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.</p>
+
+<p>OSSL_STORE_close() takes a <b>OSSL_STORE_CTX</b>, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the <b>OSSL_STORE_CTX</b>, as well as the <b>OSSL_STORE_CTX</b> itself.</p>
+
+<h1 id="SUPPORTED-SCHEMES">SUPPORTED SCHEMES</h1>
+
+<p>The basic supported scheme is <b>file:</b>. Any other scheme can be added dynamically, using OSSL_STORE_register_loader().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A string without a scheme prefix (that is, a non-URI string) is implicitly interpreted as using the <i>file:</i> scheme.</p>
+
+<p>There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it&#39;s a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason <code>OSSL_STORE_R_UNREGISTERED_SCHEME</code>.</p>
+
+<p>These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the <b>file:</b> scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for further information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_open() returns a pointer to a <b>OSSL_STORE_CTX</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_load() returns a pointer to a <b>OSSL_STORE_INFO</b> on success, or <b>NULL</b> on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned <b>NULL</b>.</p>
+
+<p>OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.</p>
+
+<p>OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.</p>
+
+<p>OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_register_loader.html">OSSL_STORE_register_loader(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_register_loader.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_register_loader.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_register_loader.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_supports_search.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_supports_search.html
new file mode 100644
index 000000000..9986639de
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_supports_search.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_expect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_expect, OSSL_STORE_supports_search, OSSL_STORE_find - Specify what object type is expected</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type);
+
+ int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int criterion_type);
+
+ int OSSL_STORE_find(OSSL_STORE_CTX *ctx, OSSL_STORE_SEARCH *search);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OSSL_STORE_expect() helps applications filter what OSSL_STORE_load() returns by specifying a <b>OSSL_STORE_INFO</b> type. For example, if <code>file:/foo/bar/store.pem</code> contains several different objects and only the certificates are interesting, the application can simply say that it expects the type <b>OSSL_STORE_INFO_CERT</b>. All known object types (see <a href="../man3/OSSL_STORE_INFO.html">&quot;SUPPORTED OBJECTS&quot; in OSSL_STORE_INFO(3)</a>) except for <b>OSSL_STORE_INFO_NAME</b> are supported.</p>
+
+<p>OSSL_STORE_find() helps applications specify a criterion for a more fine grained search of objects.</p>
+
+<p>OSSL_STORE_supports_search() checks if the loader of the given OSSL_STORE context supports the given search type. See <a href="/../man3/OSSL_STORE_SEARCH.html#SUPPORED-CRITERION-TYPES">&quot;SUPPORED CRITERION TYPES&quot; in OSSL_STORE_SEARCH</a> for information on the supported search criterion types.</p>
+
+<p>OSSL_STORE_expect() and OSSL_STORE_find <i>must</i> be called before the first OSSL_STORE_load() of a given session, or they will fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If a more elaborate filter is required by the application, a better choice would be to use a post-processing function. See <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a> for more information.</p>
+
+<p>However, some loaders may take advantage of the knowledge of an expected type to make object retrieval more efficient, so if a single type is expected, this method is usually preferable.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OSSL_STORE_expect() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_supports_search() returns 1 if the criterion is supported, or 0 otherwise.</p>
+
+<p>OSSL_STORE_find() returns 1 on success, or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_SEARCH.html">OSSL_STORE_SEARCH(3)</a>, <a href="../man3/OSSL_STORE_load.html">OSSL_STORE_load(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_expect(), OSSL_STORE_supports_search() and OSSL_STORE_find() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_unregister_loader.html b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_unregister_loader.html
new file mode 100644
index 000000000..0c51bd89d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OSSL_STORE_unregister_loader.html
@@ -0,0 +1,219 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OSSL_STORE_LOADER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Types">Types</a></li>
+      <li><a href="#Functions">Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OSSL_STORE_LOADER, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_LOADER_free, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, OSSL_STORE_open_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, OSSL_STORE_close_fn - Types and functions to manipulate, register and unregister STORE loaders for different URI schemes</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/store.h&gt;
+
+ typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+ const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER
+                                             *store_loader);
+ const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER
+                                           *store_loader);
+
+ /* struct ossl_store_loader_ctx_st is defined differently by each loader */
+ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const char *uri,
+                                                      const UI_METHOD *ui_method,
+                                                      void *ui_data);
+ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_open_fn store_open_function);
+ typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+                                   va_list args);
+ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_ctrl_fn store_ctrl_function);
+ typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+ int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+                                  OSSL_STORE_expect_fn expect_function);
+ typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                   OSSL_STORE_SEARCH *criteria);
+ int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+                                OSSL_STORE_find_fn find_function);
+ typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+                                                UI_METHOD *ui_method,
+                                                void *ui_data);
+ int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *store_loader,
+                                OSSL_STORE_load_fn store_load_function);
+ typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *store_loader,
+                               OSSL_STORE_eof_fn store_eof_function);
+ typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_error_fn store_error_function);
+ typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+ int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *store_loader,
+                                 OSSL_STORE_close_fn store_close_function);
+ void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *store_loader);
+
+ int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+ OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions help applications and engines to create loaders for schemes they support.</p>
+
+<h2 id="Types">Types</h2>
+
+<p><b>OSSL_STORE_LOADER</b> is the type to hold a loader. It contains a scheme and the functions needed to implement OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for this scheme.</p>
+
+<p><b>OSSL_STORE_LOADER_CTX</b> is a type template, to be defined by each loader using <b>struct ossl_store_loader_ctx_st { ... }</b>.</p>
+
+<p><b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_find_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b>, and <b>OSSL_STORE_close_fn</b> are the function pointer types used within a STORE loader. The functions pointed at define the functionality of the given loader.</p>
+
+<dl>
+
+<dt id="OSSL_STORE_open_fn"><b>OSSL_STORE_open_fn</b></dt>
+<dd>
+
+<p>This function takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements, it also takes a <b>UI_METHOD</b> and associated data, to be used any time something needs to be prompted for. Furthermore, this function is expected to initialize what needs to be initialized, to create a privata data store (<b>OSSL_STORE_LOADER_CTX</b>, see above), and to return it. If something goes wrong, this function is expected to return NULL.</p>
+
+</dd>
+<dt id="OSSL_STORE_ctrl_fn"><b>OSSL_STORE_ctrl_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer, a command number <b>cmd</b> and a <b>va_list</b> <b>args</b> and is used to manipulate loader specific parameters.</p>
+
+<p>Loader specific command numbers must begin at <b>OSSL_STORE_C_CUSTOM_START</b>. Any number below that is reserved for future globally known command numbers.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_expect_fn"><b>OSSL_STORE_expect_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_INFO</b> identity <b>expected</b>, and is used to tell the loader what object type is expected. <b>expected</b> may be zero to signify that no specific object type is expected.</p>
+
+<p>This function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_find_fn"><b>OSSL_STORE_find_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>OSSL_STORE_SEARCH</b> search criterion, and is used to tell the loader what to search for.</p>
+
+<p>When called with the loader context being <b>NULL</b>, this function is expected to return 1 if the loader supports the criterion, otherwise 0.</p>
+
+<p>When called with the loader context being something other than <b>NULL</b>, this function is expected to return 1 on success, 0 on error.</p>
+
+</dd>
+<dt id="OSSL_STORE_load_fn"><b>OSSL_STORE_load_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and a <b>UI_METHOD</b> with associated data. It&#39;s expected to load the next available data, mold it into a data structure that can be wrapped in a <b>OSSL_STORE_INFO</b> using one of the <a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a> functions. If no more data is available or an error occurs, this function is expected to return NULL. The <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_error_fn</b> functions must indicate if it was in fact the end of data or if an error occurred.</p>
+
+<p>Note that this function retrieves <i>one</i> data item only.</p>
+
+</dd>
+<dt id="OSSL_STORE_eof_fn"><b>OSSL_STORE_eof_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that the end of available data has been reached. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_error_fn"><b>OSSL_STORE_error_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to return 1 to indicate that an error occurred in a previous call to the <b>OSSL_STORE_load_fn</b> function. It is otherwise expected to return 0.</p>
+
+</dd>
+<dt id="OSSL_STORE_close_fn"><b>OSSL_STORE_close_fn</b></dt>
+<dd>
+
+<p>This function takes a <b>OSSL_STORE_LOADER_CTX</b> pointer and is expected to close or shut down what needs to be closed, and finally free the contents of the <b>OSSL_STORE_LOADER_CTX</b> pointer. It returns 1 on success and 0 on error.</p>
+
+</dd>
+</dl>
+
+<h2 id="Functions">Functions</h2>
+
+<p>OSSL_STORE_LOADER_new() creates a new <b>OSSL_STORE_LOADER</b>. It takes an <b>ENGINE</b> <b>e</b> and a string <b>scheme</b>. <b>scheme</b> must <i>always</i> be set. Both <b>e</b> and <b>scheme</b> are used as is and must therefore be alive as long as the created loader is.</p>
+
+<p>OSSL_STORE_LOADER_get0_engine() returns the engine of the <b>store_loader</b>. OSSL_STORE_LOADER_get0_scheme() returns the scheme of the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_open() sets the opener function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_ctrl() sets the control function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_expect() sets the expect function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_load() sets the loader function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_eof() sets the end of file checker function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_set_close() sets the closing function for the <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_LOADER_free() frees the given <b>store_loader</b>.</p>
+
+<p>OSSL_STORE_register_loader() register the given <b>store_loader</b> and thereby makes it available for use with OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close().</p>
+
+<p>OSSL_STORE_unregister_loader() unregister the store loader for the given <b>scheme</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>file:</b> scheme has built in support.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions with the types <b>OSSL_STORE_open_fn</b>, <b>OSSL_STORE_ctrl_fn</b>, <b>OSSL_STORE_expect_fn</b>, <b>OSSL_STORE_load_fn</b>, <b>OSSL_STORE_eof_fn</b> and <b>OSSL_STORE_close_fn</b> have the same return values as OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.</p>
+
+<p>OSSL_STORE_LOADER_new() returns a pointer to a <b>OSSL_STORE_LOADER</b> on success, or <b>NULL</b> on failure.</p>
+
+<p>OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_register_loader() returns 1 on success, or 0 on failure.</p>
+
+<p>OSSL_STORE_unregister_loader() returns the unregistered loader on success, or <b>NULL</b> on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OSSL_STORE_LOADER(), OSSL_STORE_LOADER_CTX(), OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof(), OSSL_STORE_LOADER_set_close(), OSSL_STORE_LOADER_free(), OSSL_STORE_register_loader(), OSSL_STORE_unregister_loader(), OSSL_STORE_open_fn(), OSSL_STORE_ctrl_fn(), OSSL_STORE_load_fn(), OSSL_STORE_eof_fn() and OSSL_STORE_close_fn() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OTHERNAME_free.html b/msys2/usr/share/doc/openssl/html/man3/OTHERNAME_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OTHERNAME_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OTHERNAME_new.html b/msys2/usr/share/doc/openssl/html/man3/OTHERNAME_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OTHERNAME_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_algorithms.html b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_algorithms.html
new file mode 100644
index 000000000..5d423fd38
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_algorithms.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OpenSSL_add_all_algorithms</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests, EVP_cleanup - add algorithms to internal table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> # if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OpenSSL_add_all_algorithms(void);
+ void OpenSSL_add_all_ciphers(void);
+ void OpenSSL_add_all_digests(void);
+
+ void EVP_cleanup(void)
+# endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL keeps an internal table of digest algorithms and ciphers. It uses this table to lookup ciphers via functions such as EVP_get_cipher_byname().</p>
+
+<p>OpenSSL_add_all_digests() adds all digest algorithms to the table.</p>
+
+<p>OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and ciphers).</p>
+
+<p>OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including password based encryption algorithms.</p>
+
+<p>In versions prior to 1.1.0 EVP_cleanup() removed all ciphers and digests from the table. It no longer has any effect in OpenSSL 1.1.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OpenSSL_add_all_algorithms(), OpenSSL_add_all_ciphers(), OpenSSL_add_all_digests(), and EVP_cleanup(), functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_ciphers.html
new file mode 100644
index 000000000..5d423fd38
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_ciphers.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OpenSSL_add_all_algorithms</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests, EVP_cleanup - add algorithms to internal table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> # if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OpenSSL_add_all_algorithms(void);
+ void OpenSSL_add_all_ciphers(void);
+ void OpenSSL_add_all_digests(void);
+
+ void EVP_cleanup(void)
+# endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL keeps an internal table of digest algorithms and ciphers. It uses this table to lookup ciphers via functions such as EVP_get_cipher_byname().</p>
+
+<p>OpenSSL_add_all_digests() adds all digest algorithms to the table.</p>
+
+<p>OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and ciphers).</p>
+
+<p>OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including password based encryption algorithms.</p>
+
+<p>In versions prior to 1.1.0 EVP_cleanup() removed all ciphers and digests from the table. It no longer has any effect in OpenSSL 1.1.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OpenSSL_add_all_algorithms(), OpenSSL_add_all_ciphers(), OpenSSL_add_all_digests(), and EVP_cleanup(), functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_digests.html b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_digests.html
new file mode 100644
index 000000000..5d423fd38
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_all_digests.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OpenSSL_add_all_algorithms</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests, EVP_cleanup - add algorithms to internal table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> # if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OpenSSL_add_all_algorithms(void);
+ void OpenSSL_add_all_ciphers(void);
+ void OpenSSL_add_all_digests(void);
+
+ void EVP_cleanup(void)
+# endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OpenSSL keeps an internal table of digest algorithms and ciphers. It uses this table to lookup ciphers via functions such as EVP_get_cipher_byname().</p>
+
+<p>OpenSSL_add_all_digests() adds all digest algorithms to the table.</p>
+
+<p>OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and ciphers).</p>
+
+<p>OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including password based encryption algorithms.</p>
+
+<p>In versions prior to 1.1.0 EVP_cleanup() removed all ciphers and digests from the table. It no longer has any effect in OpenSSL 1.1.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>None of the functions return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The OpenSSL_add_all_algorithms(), OpenSSL_add_all_ciphers(), OpenSSL_add_all_digests(), and EVP_cleanup(), functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_ssl_algorithms.html b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_ssl_algorithms.html
new file mode 100644
index 000000000..c7e7b8fa7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_add_ssl_algorithms.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_library_init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_library_init, OpenSSL_add_ssl_algorithms - initialize SSL library by registering algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_library_init(void);
+
+ int OpenSSL_add_ssl_algorithms(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_library_init() registers the available SSL/TLS ciphers and digests.</p>
+
+<p>OpenSSL_add_ssl_algorithms() is a synonym for SSL_library_init() and is implemented as a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_library_init() must be called before any other action takes place. SSL_library_init() is not reentrant.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>SSL_library_init() adds ciphers and digests used directly and indirectly by SSL/TLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_library_init() always returns &quot;1&quot;, so it is safe to discard the return value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_library_init() and OpenSSL_add_ssl_algorithms() functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_ssl().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OpenSSL_version.html b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_version.html
new file mode 100644
index 000000000..ca1ec6eb8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_version.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_VERSION_NUMBER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT, OpenSSL_version, OpenSSL_version_num - get OpenSSL version number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/opensslv.h&gt;
+ #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
+ #define OPENSSL_VERSION_TEXT &quot;OpenSSL x.y.z xx XXX xxxx&quot;
+
+ #include &lt;openssl/crypto.h&gt;
+
+ unsigned long OpenSSL_version_num();
+ const char *OpenSSL_version(int t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OPENSSL_VERSION_NUMBER is a numeric release version identifier:</p>
+
+<pre><code> MNNFFPPS: major minor fix patch status</code></pre>
+
+<p>The status nibble has one of the values 0 for development, 1 to e for betas 1 to 14, and f for release.</p>
+
+<p>for example</p>
+
+<pre><code> 0x000906000 == 0.9.6 dev
+ 0x000906023 == 0.9.6b beta 3
+ 0x00090605f == 0.9.6e release</code></pre>
+
+<p>Versions prior to 0.9.3 have identifiers &lt; 0x0930. Versions between 0.9.3 and 0.9.5 had a version identifier with this interpretation:</p>
+
+<pre><code> MMNNFFRBB major minor fix final beta/patch</code></pre>
+
+<p>for example</p>
+
+<pre><code> 0x000904100 == 0.9.4 release
+ 0x000905000 == 0.9.5 dev</code></pre>
+
+<p>Version 0.9.5a had an interim interpretation that is like the current one, except the patch level got the highest bit set, to keep continuity. The number was therefore 0x0090581f.</p>
+
+<p>OPENSSL_VERSION_TEXT is the text variant of the version number and the release date. For example, &quot;OpenSSL 1.0.1a 15 Oct 2015&quot;.</p>
+
+<p>OpenSSL_version_num() returns the version number.</p>
+
+<p>OpenSSL_version() returns different strings depending on <b>t</b>:</p>
+
+<dl>
+
+<dt id="OPENSSL_VERSION">OPENSSL_VERSION</dt>
+<dd>
+
+<p>The text variant of the version number and the release date. For example, &quot;OpenSSL 1.0.1a 15 Oct 2015&quot;.</p>
+
+</dd>
+<dt id="OPENSSL_CFLAGS">OPENSSL_CFLAGS</dt>
+<dd>
+
+<p>The compiler flags set for the compilation process in the form &quot;compiler: ...&quot; if available or &quot;compiler: information not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_BUILT_ON">OPENSSL_BUILT_ON</dt>
+<dd>
+
+<p>The date of the build process in the form &quot;built on: ...&quot; if available or &quot;built on: date not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_PLATFORM">OPENSSL_PLATFORM</dt>
+<dd>
+
+<p>The &quot;Configure&quot; target of the library build in the form &quot;platform: ...&quot; if available or &quot;platform: information not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_DIR">OPENSSL_DIR</dt>
+<dd>
+
+<p>The &quot;OPENSSLDIR&quot; setting of the library build in the form &quot;OPENSSLDIR: &quot;...&quot;&quot; if available or &quot;OPENSSLDIR: N/A&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_ENGINES_DIR">OPENSSL_ENGINES_DIR</dt>
+<dd>
+
+<p>The &quot;ENGINESDIR&quot; setting of the library build in the form &quot;ENGINESDIR: &quot;...&quot;&quot; if available or &quot;ENGINESDIR: N/A&quot; otherwise.</p>
+
+</dd>
+</dl>
+
+<p>For an unknown <b>t</b>, the text &quot;not available&quot; is returned.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OpenSSL_version_num() returns the version number.</p>
+
+<p>OpenSSL_version() returns requested version strings.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/OpenSSL_version_num.html b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_version_num.html
new file mode 100644
index 000000000..ca1ec6eb8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/OpenSSL_version_num.html
@@ -0,0 +1,132 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_VERSION_NUMBER</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT, OpenSSL_version, OpenSSL_version_num - get OpenSSL version number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/opensslv.h&gt;
+ #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
+ #define OPENSSL_VERSION_TEXT &quot;OpenSSL x.y.z xx XXX xxxx&quot;
+
+ #include &lt;openssl/crypto.h&gt;
+
+ unsigned long OpenSSL_version_num();
+ const char *OpenSSL_version(int t);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>OPENSSL_VERSION_NUMBER is a numeric release version identifier:</p>
+
+<pre><code> MNNFFPPS: major minor fix patch status</code></pre>
+
+<p>The status nibble has one of the values 0 for development, 1 to e for betas 1 to 14, and f for release.</p>
+
+<p>for example</p>
+
+<pre><code> 0x000906000 == 0.9.6 dev
+ 0x000906023 == 0.9.6b beta 3
+ 0x00090605f == 0.9.6e release</code></pre>
+
+<p>Versions prior to 0.9.3 have identifiers &lt; 0x0930. Versions between 0.9.3 and 0.9.5 had a version identifier with this interpretation:</p>
+
+<pre><code> MMNNFFRBB major minor fix final beta/patch</code></pre>
+
+<p>for example</p>
+
+<pre><code> 0x000904100 == 0.9.4 release
+ 0x000905000 == 0.9.5 dev</code></pre>
+
+<p>Version 0.9.5a had an interim interpretation that is like the current one, except the patch level got the highest bit set, to keep continuity. The number was therefore 0x0090581f.</p>
+
+<p>OPENSSL_VERSION_TEXT is the text variant of the version number and the release date. For example, &quot;OpenSSL 1.0.1a 15 Oct 2015&quot;.</p>
+
+<p>OpenSSL_version_num() returns the version number.</p>
+
+<p>OpenSSL_version() returns different strings depending on <b>t</b>:</p>
+
+<dl>
+
+<dt id="OPENSSL_VERSION">OPENSSL_VERSION</dt>
+<dd>
+
+<p>The text variant of the version number and the release date. For example, &quot;OpenSSL 1.0.1a 15 Oct 2015&quot;.</p>
+
+</dd>
+<dt id="OPENSSL_CFLAGS">OPENSSL_CFLAGS</dt>
+<dd>
+
+<p>The compiler flags set for the compilation process in the form &quot;compiler: ...&quot; if available or &quot;compiler: information not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_BUILT_ON">OPENSSL_BUILT_ON</dt>
+<dd>
+
+<p>The date of the build process in the form &quot;built on: ...&quot; if available or &quot;built on: date not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_PLATFORM">OPENSSL_PLATFORM</dt>
+<dd>
+
+<p>The &quot;Configure&quot; target of the library build in the form &quot;platform: ...&quot; if available or &quot;platform: information not available&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_DIR">OPENSSL_DIR</dt>
+<dd>
+
+<p>The &quot;OPENSSLDIR&quot; setting of the library build in the form &quot;OPENSSLDIR: &quot;...&quot;&quot; if available or &quot;OPENSSLDIR: N/A&quot; otherwise.</p>
+
+</dd>
+<dt id="OPENSSL_ENGINES_DIR">OPENSSL_ENGINES_DIR</dt>
+<dd>
+
+<p>The &quot;ENGINESDIR&quot; setting of the library build in the form &quot;ENGINESDIR: &quot;...&quot;&quot; if available or &quot;ENGINESDIR: N/A&quot; otherwise.</p>
+
+</dd>
+</dl>
+
+<p>For an unknown <b>t</b>, the text &quot;not available&quot; is returned.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OpenSSL_version_num() returns the version number.</p>
+
+<p>OpenSSL_version() returns requested version strings.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PBE2PARAM_free.html b/msys2/usr/share/doc/openssl/html/man3/PBE2PARAM_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PBE2PARAM_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PBE2PARAM_new.html b/msys2/usr/share/doc/openssl/html/man3/PBE2PARAM_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PBE2PARAM_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PBEPARAM_free.html b/msys2/usr/share/doc/openssl/html/man3/PBEPARAM_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PBEPARAM_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PBEPARAM_new.html b/msys2/usr/share/doc/openssl/html/man3/PBEPARAM_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PBEPARAM_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PBKDF2PARAM_free.html b/msys2/usr/share/doc/openssl/html/man3/PBKDF2PARAM_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PBKDF2PARAM_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PBKDF2PARAM_new.html b/msys2/usr/share/doc/openssl/html/man3/PBKDF2PARAM_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PBKDF2PARAM_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_EAY_COMPATIBLE.html b/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_EAY_COMPATIBLE.html
new file mode 100644
index 000000000..e69025edb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_EAY_COMPATIBLE.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_read_bio_ex, PEM_FLAG_SECURE, PEM_FLAG_EAY_COMPATIBLE, PEM_FLAG_ONLY_B64 - read PEM format files with custom processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ #define PEM_FLAG_SECURE             0x1
+ #define PEM_FLAG_EAY_COMPATIBLE     0x2
+ #define PEM_FLAG_ONLY_B64           0x4
+ int PEM_read_bio_ex(BIO *in, char **name, char **header,
+                     unsigned char **data, long *len, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PEM_read_bio_ex() reads in PEM formatted data from an input BIO, outputting the name of the type of contained data, the header information regarding the possibly encrypted data, and the binary data payload (after base64 decoding). It should generally only be used to implement PEM_read_bio_-family functions for specific data types or other usage, but is exposed to allow greater flexibility over how processing is performed, if needed.</p>
+
+<p>If PEM_FLAG_SECURE is set, the intermediate buffers used to read in lines of input are allocated from the secure heap.</p>
+
+<p>If PEM_FLAG_EAY_COMPATIBLE is set, a simple algorithm is used to remove whitespace and control characters from the end of each line, so as to be compatible with the historical behavior of PEM_read_bio().</p>
+
+<p>If PEM_FLAG_ONLY_B64 is set, all characters are required to be valid base64 characters (or newlines); non-base64 characters are treated as end of input.</p>
+
+<p>If neither PEM_FLAG_EAY_COMPATIBLE or PEM_FLAG_ONLY_B64 is set, control characters are ignored.</p>
+
+<p>If both PEM_FLAG_EAY_COMPATIBLE and PEM_FLAG_ONLY_B64 are set, an error is returned; these options are not compatible with each other.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The caller must release the storage allocated for *name, *header, and *data. If PEM_FLAG_SECURE was set, use OPENSSL_secure_free(); otherwise, OPENSSL_free() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_bio_ex() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM.html">PEM(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The PEM_read_bio_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_ONLY_B64.html b/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_ONLY_B64.html
new file mode 100644
index 000000000..e69025edb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_ONLY_B64.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_read_bio_ex, PEM_FLAG_SECURE, PEM_FLAG_EAY_COMPATIBLE, PEM_FLAG_ONLY_B64 - read PEM format files with custom processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ #define PEM_FLAG_SECURE             0x1
+ #define PEM_FLAG_EAY_COMPATIBLE     0x2
+ #define PEM_FLAG_ONLY_B64           0x4
+ int PEM_read_bio_ex(BIO *in, char **name, char **header,
+                     unsigned char **data, long *len, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PEM_read_bio_ex() reads in PEM formatted data from an input BIO, outputting the name of the type of contained data, the header information regarding the possibly encrypted data, and the binary data payload (after base64 decoding). It should generally only be used to implement PEM_read_bio_-family functions for specific data types or other usage, but is exposed to allow greater flexibility over how processing is performed, if needed.</p>
+
+<p>If PEM_FLAG_SECURE is set, the intermediate buffers used to read in lines of input are allocated from the secure heap.</p>
+
+<p>If PEM_FLAG_EAY_COMPATIBLE is set, a simple algorithm is used to remove whitespace and control characters from the end of each line, so as to be compatible with the historical behavior of PEM_read_bio().</p>
+
+<p>If PEM_FLAG_ONLY_B64 is set, all characters are required to be valid base64 characters (or newlines); non-base64 characters are treated as end of input.</p>
+
+<p>If neither PEM_FLAG_EAY_COMPATIBLE or PEM_FLAG_ONLY_B64 is set, control characters are ignored.</p>
+
+<p>If both PEM_FLAG_EAY_COMPATIBLE and PEM_FLAG_ONLY_B64 are set, an error is returned; these options are not compatible with each other.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The caller must release the storage allocated for *name, *header, and *data. If PEM_FLAG_SECURE was set, use OPENSSL_secure_free(); otherwise, OPENSSL_free() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_bio_ex() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM.html">PEM(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The PEM_read_bio_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_SECURE.html b/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_SECURE.html
new file mode 100644
index 000000000..e69025edb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_FLAG_SECURE.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_read_bio_ex, PEM_FLAG_SECURE, PEM_FLAG_EAY_COMPATIBLE, PEM_FLAG_ONLY_B64 - read PEM format files with custom processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ #define PEM_FLAG_SECURE             0x1
+ #define PEM_FLAG_EAY_COMPATIBLE     0x2
+ #define PEM_FLAG_ONLY_B64           0x4
+ int PEM_read_bio_ex(BIO *in, char **name, char **header,
+                     unsigned char **data, long *len, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PEM_read_bio_ex() reads in PEM formatted data from an input BIO, outputting the name of the type of contained data, the header information regarding the possibly encrypted data, and the binary data payload (after base64 decoding). It should generally only be used to implement PEM_read_bio_-family functions for specific data types or other usage, but is exposed to allow greater flexibility over how processing is performed, if needed.</p>
+
+<p>If PEM_FLAG_SECURE is set, the intermediate buffers used to read in lines of input are allocated from the secure heap.</p>
+
+<p>If PEM_FLAG_EAY_COMPATIBLE is set, a simple algorithm is used to remove whitespace and control characters from the end of each line, so as to be compatible with the historical behavior of PEM_read_bio().</p>
+
+<p>If PEM_FLAG_ONLY_B64 is set, all characters are required to be valid base64 characters (or newlines); non-base64 characters are treated as end of input.</p>
+
+<p>If neither PEM_FLAG_EAY_COMPATIBLE or PEM_FLAG_ONLY_B64 is set, control characters are ignored.</p>
+
+<p>If both PEM_FLAG_EAY_COMPATIBLE and PEM_FLAG_ONLY_B64 are set, an error is returned; these options are not compatible with each other.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The caller must release the storage allocated for *name, *header, and *data. If PEM_FLAG_SECURE was set, use OPENSSL_secure_free(); otherwise, OPENSSL_free() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_bio_ex() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM.html">PEM(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The PEM_read_bio_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_bytes_read_bio.html b/msys2/usr/share/doc/openssl/html/man3/PEM_bytes_read_bio.html
new file mode 100644
index 000000000..c7ae335ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_bytes_read_bio.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_bytes_read_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_bytes_read_bio, PEM_bytes_read_bio_secmem - read a PEM-encoded data structure from a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
+                        const char *name, BIO *bp, pem_password_cb *cb,
+                        void *u);
+ int PEM_bytes_read_bio_secmem(unsigned char **pdata, long *plen, char **pnm,
+                               const char *name, BIO *bp, pem_password_cb *cb,
+                               void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PEM_bytes_read_bio() reads PEM-formatted (RFC 1421) data from the BIO <i>bp</i> for the data type given in <i>name</i> (RSA PRIVATE KEY, CERTIFICATE, etc.). If multiple PEM-encoded data structures are present in the same stream, PEM_bytes_read_bio() will skip non-matching data types and continue reading. Non-PEM data present in the stream may cause an error.</p>
+
+<p>The PEM header may indicate that the following data is encrypted; if so, the data will be decrypted, waiting on user input to supply a passphrase if needed. The password callback <i>cb</i> and rock <i>u</i> are used to obtain the decryption passphrase, if applicable.</p>
+
+<p>Some data types have compatibility aliases, such as a file containing X509 CERTIFICATE matching a request for the deprecated type CERTIFICATE. The actual type indicated by the file is returned in <i>*pnm</i> if <i>pnm</i> is non-NULL. The caller must free the storage pointed to by <i>*pnm</i>.</p>
+
+<p>The returned data is the DER-encoded form of the requested type, in <i>*pdata</i> with length <i>*plen</i>. The caller must free the storage pointed to by <i>*pdata</i>.</p>
+
+<p>PEM_bytes_read_bio_secmem() is similar to PEM_bytes_read_bio(), but uses memory from the secure heap for its temporary buffers and the storage returned in <i>*pdata</i> and <i>*pnm</i>. Accordingly, the caller must use OPENSSL_secure_free() to free that storage.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>PEM_bytes_read_bio_secmem() only enforces that the secure heap is used for storage allocated within the PEM processing stack. The BIO stack from which input is read may also use temporary buffers, which are not necessarily allocated from the secure heap. In cases where it is desirable to ensure that the contents of the PEM file only appears in memory from the secure heap, care is needed in generating the BIO passed as <i>bp</i>. In particular, the use of BIO_s_file() indicates the use of the operating system stdio functionality, which includes buffering as a feature; BIO_s_fd() is likely to be more appropriate in such cases.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_bytes_read_bio() and PEM_bytes_read_bio_secmem() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM.html">PEM(3)</a>, <a href="../man3/PEM_read_bio_ex.html">PEM_read_bio_ex(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>PEM_bytes_read_bio_secmem() was introduced in OpenSSL 1.1.1</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_bytes_read_bio_secmem.html b/msys2/usr/share/doc/openssl/html/man3/PEM_bytes_read_bio_secmem.html
new file mode 100644
index 000000000..c7ae335ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_bytes_read_bio_secmem.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_bytes_read_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_bytes_read_bio, PEM_bytes_read_bio_secmem - read a PEM-encoded data structure from a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
+                        const char *name, BIO *bp, pem_password_cb *cb,
+                        void *u);
+ int PEM_bytes_read_bio_secmem(unsigned char **pdata, long *plen, char **pnm,
+                               const char *name, BIO *bp, pem_password_cb *cb,
+                               void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PEM_bytes_read_bio() reads PEM-formatted (RFC 1421) data from the BIO <i>bp</i> for the data type given in <i>name</i> (RSA PRIVATE KEY, CERTIFICATE, etc.). If multiple PEM-encoded data structures are present in the same stream, PEM_bytes_read_bio() will skip non-matching data types and continue reading. Non-PEM data present in the stream may cause an error.</p>
+
+<p>The PEM header may indicate that the following data is encrypted; if so, the data will be decrypted, waiting on user input to supply a passphrase if needed. The password callback <i>cb</i> and rock <i>u</i> are used to obtain the decryption passphrase, if applicable.</p>
+
+<p>Some data types have compatibility aliases, such as a file containing X509 CERTIFICATE matching a request for the deprecated type CERTIFICATE. The actual type indicated by the file is returned in <i>*pnm</i> if <i>pnm</i> is non-NULL. The caller must free the storage pointed to by <i>*pnm</i>.</p>
+
+<p>The returned data is the DER-encoded form of the requested type, in <i>*pdata</i> with length <i>*plen</i>. The caller must free the storage pointed to by <i>*pdata</i>.</p>
+
+<p>PEM_bytes_read_bio_secmem() is similar to PEM_bytes_read_bio(), but uses memory from the secure heap for its temporary buffers and the storage returned in <i>*pdata</i> and <i>*pnm</i>. Accordingly, the caller must use OPENSSL_secure_free() to free that storage.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>PEM_bytes_read_bio_secmem() only enforces that the secure heap is used for storage allocated within the PEM processing stack. The BIO stack from which input is read may also use temporary buffers, which are not necessarily allocated from the secure heap. In cases where it is desirable to ensure that the contents of the PEM file only appears in memory from the secure heap, care is needed in generating the BIO passed as <i>bp</i>. In particular, the use of BIO_s_file() indicates the use of the operating system stdio functionality, which includes buffering as a feature; BIO_s_fd() is likely to be more appropriate in such cases.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_bytes_read_bio() and PEM_bytes_read_bio_secmem() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM.html">PEM(3)</a>, <a href="../man3/PEM_read_bio_ex.html">PEM_read_bio_ex(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>PEM_bytes_read_bio_secmem() was introduced in OpenSSL 1.1.1</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_do_header.html b/msys2/usr/share/doc/openssl/html/man3/PEM_do_header.html
new file mode 100644
index 000000000..8baad0d87
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_do_header.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_write, PEM_write_bio, PEM_read, PEM_read_bio, PEM_do_header, PEM_get_EVP_CIPHER_INFO - PEM encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ int PEM_write(FILE *fp, const char *name, const char *header,
+               const unsigned char *data, long len)
+ int PEM_write_bio(BIO *bp, const char *name, const char *header,
+                   const unsigned char *data, long len)
+
+ int PEM_read(FILE *fp, char **name, char **header,
+              unsigned char **data, long *len);
+ int PEM_read_bio(BIO *bp, char **name, char **header,
+                  unsigned char **data, long *len);
+
+ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cinfo);
+ int PEM_do_header(EVP_CIPHER_INFO *cinfo, unsigned char *data, long *len,
+                   pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions read and write PEM-encoded objects, using the PEM type <b>name</b>, any additional <b>header</b> information, and the raw <b>data</b> of length <b>len</b>.</p>
+
+<p>PEM is the term used for binary content encoding first defined in IETF RFC 1421. The content is a series of base64-encoded lines, surrounded by begin/end markers each on their own line. For example:</p>
+
+<pre><code> -----BEGIN PRIVATE KEY-----
+ MIICdg....
+ ... bhTQ==
+ -----END PRIVATE KEY-----</code></pre>
+
+<p>Optional header line(s) may appear after the begin line, and their existence depends on the type of object being written or read.</p>
+
+<p>PEM_write() writes to the file <b>fp</b>, while PEM_write_bio() writes to the BIO <b>bp</b>. The <b>name</b> is the name to use in the marker, the <b>header</b> is the header value or NULL, and <b>data</b> and <b>len</b> specify the data and its length.</p>
+
+<p>The final <b>data</b> buffer is typically an ASN.1 object which can be decoded with the <b>d2i</b> function appropriate to the type <b>name</b>; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a> for examples.</p>
+
+<p>PEM_read() reads from the file <b>fp</b>, while PEM_read_bio() reads from the BIO <b>bp</b>. Both skip any non-PEM data that precedes the start of the next PEM object. When an object is successfully retrieved, the type name from the &quot;----BEGIN &lt;type&gt;-----&quot; is returned via the <b>name</b> argument, any encapsulation headers are returned in <b>header</b> and the base64-decoded content and its length are returned via <b>data</b> and <b>len</b> respectively. The <b>name</b>, <b>header</b> and <b>data</b> pointers are allocated via OPENSSL_malloc() and should be freed by the caller via OPENSSL_free() when no longer needed.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() can be used to determine the <b>data</b> returned by PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher and IV. The caller passes a pointer to structure of type <b>EVP_CIPHER_INFO</b> via the <b>cinfo</b> argument and the <b>header</b> returned via PEM_read() or PEM_read_bio(). If the call is successful 1 is returned and the cipher and IV are stored at the address pointed to by <b>cinfo</b>. When the header is malformed, or not supported or when the cipher is unknown or some internal error happens 0 is returned. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>PEM_do_header() can then be used to decrypt the data if the header indicates encryption. The <b>cinfo</b> argument is a pointer to the structure initialized by the previous call to PEM_get_EVP_CIPHER_INFO(). The <b>data</b> and <b>len</b> arguments are those returned by the previous call to PEM_read() or PEM_read_bio(). The <b>cb</b> and <b>u</b> arguments make it possible to override the default password prompt function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>. On successful completion the <b>data</b> is decrypted in place, and <b>len</b> is updated to indicate the plaintext length. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>If the data is a priori known to not be encrypted, then neither PEM_do_header() nor PEM_get_EVP_CIPHER_INFO() need be called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read() and PEM_read_bio() return 1 on success and 0 on failure, the latter includes the case when no more PEM objects remain in the input file. To distinguish end of file from more serious errors the caller must peek at the error stack and check for <b>PEM_R_NO_START_LINE</b>, which indicates that no more PEM objects were found. See <a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_REASON.html">ERR_GET_REASON(3)</a>.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() and PEM_do_header() return 1 on success, and 0 on failure. The <b>data</b> is likely meaningless if these functions fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM_get_EVP_CIPHER_INFO() and PEM_do_header() functions are deprecated. This is because the underlying PEM encryption format is obsolete, and should be avoided. It uses an encryption format with an OpenSSL-specific key-derivation function, which employs MD5 with an iteration count of 1! Instead, private keys should be stored in PKCS#8 form, with a strong PKCS#5 v2.0 PBE. See <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> and <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>.</p>
+
+<p>PEM_do_header() makes no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_get_EVP_CIPHER_INFO.html b/msys2/usr/share/doc/openssl/html/man3/PEM_get_EVP_CIPHER_INFO.html
new file mode 100644
index 000000000..8baad0d87
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_get_EVP_CIPHER_INFO.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_write, PEM_write_bio, PEM_read, PEM_read_bio, PEM_do_header, PEM_get_EVP_CIPHER_INFO - PEM encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ int PEM_write(FILE *fp, const char *name, const char *header,
+               const unsigned char *data, long len)
+ int PEM_write_bio(BIO *bp, const char *name, const char *header,
+                   const unsigned char *data, long len)
+
+ int PEM_read(FILE *fp, char **name, char **header,
+              unsigned char **data, long *len);
+ int PEM_read_bio(BIO *bp, char **name, char **header,
+                  unsigned char **data, long *len);
+
+ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cinfo);
+ int PEM_do_header(EVP_CIPHER_INFO *cinfo, unsigned char *data, long *len,
+                   pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions read and write PEM-encoded objects, using the PEM type <b>name</b>, any additional <b>header</b> information, and the raw <b>data</b> of length <b>len</b>.</p>
+
+<p>PEM is the term used for binary content encoding first defined in IETF RFC 1421. The content is a series of base64-encoded lines, surrounded by begin/end markers each on their own line. For example:</p>
+
+<pre><code> -----BEGIN PRIVATE KEY-----
+ MIICdg....
+ ... bhTQ==
+ -----END PRIVATE KEY-----</code></pre>
+
+<p>Optional header line(s) may appear after the begin line, and their existence depends on the type of object being written or read.</p>
+
+<p>PEM_write() writes to the file <b>fp</b>, while PEM_write_bio() writes to the BIO <b>bp</b>. The <b>name</b> is the name to use in the marker, the <b>header</b> is the header value or NULL, and <b>data</b> and <b>len</b> specify the data and its length.</p>
+
+<p>The final <b>data</b> buffer is typically an ASN.1 object which can be decoded with the <b>d2i</b> function appropriate to the type <b>name</b>; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a> for examples.</p>
+
+<p>PEM_read() reads from the file <b>fp</b>, while PEM_read_bio() reads from the BIO <b>bp</b>. Both skip any non-PEM data that precedes the start of the next PEM object. When an object is successfully retrieved, the type name from the &quot;----BEGIN &lt;type&gt;-----&quot; is returned via the <b>name</b> argument, any encapsulation headers are returned in <b>header</b> and the base64-decoded content and its length are returned via <b>data</b> and <b>len</b> respectively. The <b>name</b>, <b>header</b> and <b>data</b> pointers are allocated via OPENSSL_malloc() and should be freed by the caller via OPENSSL_free() when no longer needed.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() can be used to determine the <b>data</b> returned by PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher and IV. The caller passes a pointer to structure of type <b>EVP_CIPHER_INFO</b> via the <b>cinfo</b> argument and the <b>header</b> returned via PEM_read() or PEM_read_bio(). If the call is successful 1 is returned and the cipher and IV are stored at the address pointed to by <b>cinfo</b>. When the header is malformed, or not supported or when the cipher is unknown or some internal error happens 0 is returned. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>PEM_do_header() can then be used to decrypt the data if the header indicates encryption. The <b>cinfo</b> argument is a pointer to the structure initialized by the previous call to PEM_get_EVP_CIPHER_INFO(). The <b>data</b> and <b>len</b> arguments are those returned by the previous call to PEM_read() or PEM_read_bio(). The <b>cb</b> and <b>u</b> arguments make it possible to override the default password prompt function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>. On successful completion the <b>data</b> is decrypted in place, and <b>len</b> is updated to indicate the plaintext length. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>If the data is a priori known to not be encrypted, then neither PEM_do_header() nor PEM_get_EVP_CIPHER_INFO() need be called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read() and PEM_read_bio() return 1 on success and 0 on failure, the latter includes the case when no more PEM objects remain in the input file. To distinguish end of file from more serious errors the caller must peek at the error stack and check for <b>PEM_R_NO_START_LINE</b>, which indicates that no more PEM objects were found. See <a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_REASON.html">ERR_GET_REASON(3)</a>.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() and PEM_do_header() return 1 on success, and 0 on failure. The <b>data</b> is likely meaningless if these functions fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM_get_EVP_CIPHER_INFO() and PEM_do_header() functions are deprecated. This is because the underlying PEM encryption format is obsolete, and should be avoided. It uses an encryption format with an OpenSSL-specific key-derivation function, which employs MD5 with an iteration count of 1! Instead, private keys should be stored in PKCS#8 form, with a strong PKCS#5 v2.0 PBE. See <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> and <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>.</p>
+
+<p>PEM_do_header() makes no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read.html
new file mode 100644
index 000000000..8baad0d87
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_write, PEM_write_bio, PEM_read, PEM_read_bio, PEM_do_header, PEM_get_EVP_CIPHER_INFO - PEM encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ int PEM_write(FILE *fp, const char *name, const char *header,
+               const unsigned char *data, long len)
+ int PEM_write_bio(BIO *bp, const char *name, const char *header,
+                   const unsigned char *data, long len)
+
+ int PEM_read(FILE *fp, char **name, char **header,
+              unsigned char **data, long *len);
+ int PEM_read_bio(BIO *bp, char **name, char **header,
+                  unsigned char **data, long *len);
+
+ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cinfo);
+ int PEM_do_header(EVP_CIPHER_INFO *cinfo, unsigned char *data, long *len,
+                   pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions read and write PEM-encoded objects, using the PEM type <b>name</b>, any additional <b>header</b> information, and the raw <b>data</b> of length <b>len</b>.</p>
+
+<p>PEM is the term used for binary content encoding first defined in IETF RFC 1421. The content is a series of base64-encoded lines, surrounded by begin/end markers each on their own line. For example:</p>
+
+<pre><code> -----BEGIN PRIVATE KEY-----
+ MIICdg....
+ ... bhTQ==
+ -----END PRIVATE KEY-----</code></pre>
+
+<p>Optional header line(s) may appear after the begin line, and their existence depends on the type of object being written or read.</p>
+
+<p>PEM_write() writes to the file <b>fp</b>, while PEM_write_bio() writes to the BIO <b>bp</b>. The <b>name</b> is the name to use in the marker, the <b>header</b> is the header value or NULL, and <b>data</b> and <b>len</b> specify the data and its length.</p>
+
+<p>The final <b>data</b> buffer is typically an ASN.1 object which can be decoded with the <b>d2i</b> function appropriate to the type <b>name</b>; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a> for examples.</p>
+
+<p>PEM_read() reads from the file <b>fp</b>, while PEM_read_bio() reads from the BIO <b>bp</b>. Both skip any non-PEM data that precedes the start of the next PEM object. When an object is successfully retrieved, the type name from the &quot;----BEGIN &lt;type&gt;-----&quot; is returned via the <b>name</b> argument, any encapsulation headers are returned in <b>header</b> and the base64-decoded content and its length are returned via <b>data</b> and <b>len</b> respectively. The <b>name</b>, <b>header</b> and <b>data</b> pointers are allocated via OPENSSL_malloc() and should be freed by the caller via OPENSSL_free() when no longer needed.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() can be used to determine the <b>data</b> returned by PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher and IV. The caller passes a pointer to structure of type <b>EVP_CIPHER_INFO</b> via the <b>cinfo</b> argument and the <b>header</b> returned via PEM_read() or PEM_read_bio(). If the call is successful 1 is returned and the cipher and IV are stored at the address pointed to by <b>cinfo</b>. When the header is malformed, or not supported or when the cipher is unknown or some internal error happens 0 is returned. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>PEM_do_header() can then be used to decrypt the data if the header indicates encryption. The <b>cinfo</b> argument is a pointer to the structure initialized by the previous call to PEM_get_EVP_CIPHER_INFO(). The <b>data</b> and <b>len</b> arguments are those returned by the previous call to PEM_read() or PEM_read_bio(). The <b>cb</b> and <b>u</b> arguments make it possible to override the default password prompt function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>. On successful completion the <b>data</b> is decrypted in place, and <b>len</b> is updated to indicate the plaintext length. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>If the data is a priori known to not be encrypted, then neither PEM_do_header() nor PEM_get_EVP_CIPHER_INFO() need be called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read() and PEM_read_bio() return 1 on success and 0 on failure, the latter includes the case when no more PEM objects remain in the input file. To distinguish end of file from more serious errors the caller must peek at the error stack and check for <b>PEM_R_NO_START_LINE</b>, which indicates that no more PEM objects were found. See <a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_REASON.html">ERR_GET_REASON(3)</a>.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() and PEM_do_header() return 1 on success, and 0 on failure. The <b>data</b> is likely meaningless if these functions fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM_get_EVP_CIPHER_INFO() and PEM_do_header() functions are deprecated. This is because the underlying PEM encryption format is obsolete, and should be avoided. It uses an encryption format with an OpenSSL-specific key-derivation function, which employs MD5 with an iteration count of 1! Instead, private keys should be stored in PKCS#8 form, with a strong PKCS#5 v2.0 PBE. See <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> and <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>.</p>
+
+<p>PEM_do_header() makes no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_CMS.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_CMS.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_CMS.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_DHparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_DHparams.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_DHparams.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSAPrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSAPrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSA_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSA_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSAparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSAparams.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_DSAparams.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_ECPKParameters.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_ECPKParameters.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_ECPKParameters.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_ECPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_ECPrivateKey.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_ECPrivateKey.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_EC_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_EC_PUBKEY.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_EC_PUBKEY.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_NETSCAPE_CERT_SEQUENCE.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_NETSCAPE_CERT_SEQUENCE.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_NETSCAPE_CERT_SEQUENCE.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS7.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS7.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS7.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS8.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS8.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS8.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS8_PRIV_KEY_INFO.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS8_PRIV_KEY_INFO.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PKCS8_PRIV_KEY_INFO.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_PrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSAPrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSAPrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSAPublicKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSAPublicKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSAPublicKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSA_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_RSA_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_SSL_SESSION.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_SSL_SESSION.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_SSL_SESSION.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_AUX.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_AUX.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_AUX.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_CRL.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_CRL.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_CRL.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_REQ.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_REQ.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_X509_REQ.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio.html
new file mode 100644
index 000000000..8baad0d87
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_write, PEM_write_bio, PEM_read, PEM_read_bio, PEM_do_header, PEM_get_EVP_CIPHER_INFO - PEM encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ int PEM_write(FILE *fp, const char *name, const char *header,
+               const unsigned char *data, long len)
+ int PEM_write_bio(BIO *bp, const char *name, const char *header,
+                   const unsigned char *data, long len)
+
+ int PEM_read(FILE *fp, char **name, char **header,
+              unsigned char **data, long *len);
+ int PEM_read_bio(BIO *bp, char **name, char **header,
+                  unsigned char **data, long *len);
+
+ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cinfo);
+ int PEM_do_header(EVP_CIPHER_INFO *cinfo, unsigned char *data, long *len,
+                   pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions read and write PEM-encoded objects, using the PEM type <b>name</b>, any additional <b>header</b> information, and the raw <b>data</b> of length <b>len</b>.</p>
+
+<p>PEM is the term used for binary content encoding first defined in IETF RFC 1421. The content is a series of base64-encoded lines, surrounded by begin/end markers each on their own line. For example:</p>
+
+<pre><code> -----BEGIN PRIVATE KEY-----
+ MIICdg....
+ ... bhTQ==
+ -----END PRIVATE KEY-----</code></pre>
+
+<p>Optional header line(s) may appear after the begin line, and their existence depends on the type of object being written or read.</p>
+
+<p>PEM_write() writes to the file <b>fp</b>, while PEM_write_bio() writes to the BIO <b>bp</b>. The <b>name</b> is the name to use in the marker, the <b>header</b> is the header value or NULL, and <b>data</b> and <b>len</b> specify the data and its length.</p>
+
+<p>The final <b>data</b> buffer is typically an ASN.1 object which can be decoded with the <b>d2i</b> function appropriate to the type <b>name</b>; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a> for examples.</p>
+
+<p>PEM_read() reads from the file <b>fp</b>, while PEM_read_bio() reads from the BIO <b>bp</b>. Both skip any non-PEM data that precedes the start of the next PEM object. When an object is successfully retrieved, the type name from the &quot;----BEGIN &lt;type&gt;-----&quot; is returned via the <b>name</b> argument, any encapsulation headers are returned in <b>header</b> and the base64-decoded content and its length are returned via <b>data</b> and <b>len</b> respectively. The <b>name</b>, <b>header</b> and <b>data</b> pointers are allocated via OPENSSL_malloc() and should be freed by the caller via OPENSSL_free() when no longer needed.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() can be used to determine the <b>data</b> returned by PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher and IV. The caller passes a pointer to structure of type <b>EVP_CIPHER_INFO</b> via the <b>cinfo</b> argument and the <b>header</b> returned via PEM_read() or PEM_read_bio(). If the call is successful 1 is returned and the cipher and IV are stored at the address pointed to by <b>cinfo</b>. When the header is malformed, or not supported or when the cipher is unknown or some internal error happens 0 is returned. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>PEM_do_header() can then be used to decrypt the data if the header indicates encryption. The <b>cinfo</b> argument is a pointer to the structure initialized by the previous call to PEM_get_EVP_CIPHER_INFO(). The <b>data</b> and <b>len</b> arguments are those returned by the previous call to PEM_read() or PEM_read_bio(). The <b>cb</b> and <b>u</b> arguments make it possible to override the default password prompt function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>. On successful completion the <b>data</b> is decrypted in place, and <b>len</b> is updated to indicate the plaintext length. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>If the data is a priori known to not be encrypted, then neither PEM_do_header() nor PEM_get_EVP_CIPHER_INFO() need be called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read() and PEM_read_bio() return 1 on success and 0 on failure, the latter includes the case when no more PEM objects remain in the input file. To distinguish end of file from more serious errors the caller must peek at the error stack and check for <b>PEM_R_NO_START_LINE</b>, which indicates that no more PEM objects were found. See <a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_REASON.html">ERR_GET_REASON(3)</a>.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() and PEM_do_header() return 1 on success, and 0 on failure. The <b>data</b> is likely meaningless if these functions fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM_get_EVP_CIPHER_INFO() and PEM_do_header() functions are deprecated. This is because the underlying PEM encryption format is obsolete, and should be avoided. It uses an encryption format with an OpenSSL-specific key-derivation function, which employs MD5 with an iteration count of 1! Instead, private keys should be stored in PKCS#8 form, with a strong PKCS#5 v2.0 PBE. See <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> and <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>.</p>
+
+<p>PEM_do_header() makes no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_CMS.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_CMS.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_CMS.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DHparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DHparams.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DHparams.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSAPrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSAPrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSA_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSA_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSAparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSAparams.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_DSAparams.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_ECPKParameters.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_ECPKParameters.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_ECPKParameters.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_EC_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_EC_PUBKEY.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_EC_PUBKEY.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_NETSCAPE_CERT_SEQUENCE.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_NETSCAPE_CERT_SEQUENCE.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_NETSCAPE_CERT_SEQUENCE.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS7.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS7.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS7.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS8.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS8.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS8.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_PrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSAPrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSAPrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSAPublicKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSAPublicKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSAPublicKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSA_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_RSA_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_SSL_SESSION.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_SSL_SESSION.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_SSL_SESSION.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_AUX.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_AUX.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_AUX.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_CRL.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_CRL.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_CRL.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_REQ.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_REQ.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_X509_REQ.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_ex.html b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_ex.html
new file mode 100644
index 000000000..e69025edb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_read_bio_ex.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_read_bio_ex, PEM_FLAG_SECURE, PEM_FLAG_EAY_COMPATIBLE, PEM_FLAG_ONLY_B64 - read PEM format files with custom processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ #define PEM_FLAG_SECURE             0x1
+ #define PEM_FLAG_EAY_COMPATIBLE     0x2
+ #define PEM_FLAG_ONLY_B64           0x4
+ int PEM_read_bio_ex(BIO *in, char **name, char **header,
+                     unsigned char **data, long *len, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PEM_read_bio_ex() reads in PEM formatted data from an input BIO, outputting the name of the type of contained data, the header information regarding the possibly encrypted data, and the binary data payload (after base64 decoding). It should generally only be used to implement PEM_read_bio_-family functions for specific data types or other usage, but is exposed to allow greater flexibility over how processing is performed, if needed.</p>
+
+<p>If PEM_FLAG_SECURE is set, the intermediate buffers used to read in lines of input are allocated from the secure heap.</p>
+
+<p>If PEM_FLAG_EAY_COMPATIBLE is set, a simple algorithm is used to remove whitespace and control characters from the end of each line, so as to be compatible with the historical behavior of PEM_read_bio().</p>
+
+<p>If PEM_FLAG_ONLY_B64 is set, all characters are required to be valid base64 characters (or newlines); non-base64 characters are treated as end of input.</p>
+
+<p>If neither PEM_FLAG_EAY_COMPATIBLE or PEM_FLAG_ONLY_B64 is set, control characters are ignored.</p>
+
+<p>If both PEM_FLAG_EAY_COMPATIBLE and PEM_FLAG_ONLY_B64 are set, an error is returned; these options are not compatible with each other.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The caller must release the storage allocated for *name, *header, and *data. If PEM_FLAG_SECURE was set, use OPENSSL_secure_free(); otherwise, OPENSSL_free() is used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_bio_ex() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM.html">PEM(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The PEM_read_bio_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write.html
new file mode 100644
index 000000000..8baad0d87
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_write, PEM_write_bio, PEM_read, PEM_read_bio, PEM_do_header, PEM_get_EVP_CIPHER_INFO - PEM encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ int PEM_write(FILE *fp, const char *name, const char *header,
+               const unsigned char *data, long len)
+ int PEM_write_bio(BIO *bp, const char *name, const char *header,
+                   const unsigned char *data, long len)
+
+ int PEM_read(FILE *fp, char **name, char **header,
+              unsigned char **data, long *len);
+ int PEM_read_bio(BIO *bp, char **name, char **header,
+                  unsigned char **data, long *len);
+
+ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cinfo);
+ int PEM_do_header(EVP_CIPHER_INFO *cinfo, unsigned char *data, long *len,
+                   pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions read and write PEM-encoded objects, using the PEM type <b>name</b>, any additional <b>header</b> information, and the raw <b>data</b> of length <b>len</b>.</p>
+
+<p>PEM is the term used for binary content encoding first defined in IETF RFC 1421. The content is a series of base64-encoded lines, surrounded by begin/end markers each on their own line. For example:</p>
+
+<pre><code> -----BEGIN PRIVATE KEY-----
+ MIICdg....
+ ... bhTQ==
+ -----END PRIVATE KEY-----</code></pre>
+
+<p>Optional header line(s) may appear after the begin line, and their existence depends on the type of object being written or read.</p>
+
+<p>PEM_write() writes to the file <b>fp</b>, while PEM_write_bio() writes to the BIO <b>bp</b>. The <b>name</b> is the name to use in the marker, the <b>header</b> is the header value or NULL, and <b>data</b> and <b>len</b> specify the data and its length.</p>
+
+<p>The final <b>data</b> buffer is typically an ASN.1 object which can be decoded with the <b>d2i</b> function appropriate to the type <b>name</b>; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a> for examples.</p>
+
+<p>PEM_read() reads from the file <b>fp</b>, while PEM_read_bio() reads from the BIO <b>bp</b>. Both skip any non-PEM data that precedes the start of the next PEM object. When an object is successfully retrieved, the type name from the &quot;----BEGIN &lt;type&gt;-----&quot; is returned via the <b>name</b> argument, any encapsulation headers are returned in <b>header</b> and the base64-decoded content and its length are returned via <b>data</b> and <b>len</b> respectively. The <b>name</b>, <b>header</b> and <b>data</b> pointers are allocated via OPENSSL_malloc() and should be freed by the caller via OPENSSL_free() when no longer needed.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() can be used to determine the <b>data</b> returned by PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher and IV. The caller passes a pointer to structure of type <b>EVP_CIPHER_INFO</b> via the <b>cinfo</b> argument and the <b>header</b> returned via PEM_read() or PEM_read_bio(). If the call is successful 1 is returned and the cipher and IV are stored at the address pointed to by <b>cinfo</b>. When the header is malformed, or not supported or when the cipher is unknown or some internal error happens 0 is returned. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>PEM_do_header() can then be used to decrypt the data if the header indicates encryption. The <b>cinfo</b> argument is a pointer to the structure initialized by the previous call to PEM_get_EVP_CIPHER_INFO(). The <b>data</b> and <b>len</b> arguments are those returned by the previous call to PEM_read() or PEM_read_bio(). The <b>cb</b> and <b>u</b> arguments make it possible to override the default password prompt function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>. On successful completion the <b>data</b> is decrypted in place, and <b>len</b> is updated to indicate the plaintext length. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>If the data is a priori known to not be encrypted, then neither PEM_do_header() nor PEM_get_EVP_CIPHER_INFO() need be called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read() and PEM_read_bio() return 1 on success and 0 on failure, the latter includes the case when no more PEM objects remain in the input file. To distinguish end of file from more serious errors the caller must peek at the error stack and check for <b>PEM_R_NO_START_LINE</b>, which indicates that no more PEM objects were found. See <a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_REASON.html">ERR_GET_REASON(3)</a>.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() and PEM_do_header() return 1 on success, and 0 on failure. The <b>data</b> is likely meaningless if these functions fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM_get_EVP_CIPHER_INFO() and PEM_do_header() functions are deprecated. This is because the underlying PEM encryption format is obsolete, and should be avoided. It uses an encryption format with an OpenSSL-specific key-derivation function, which employs MD5 with an iteration count of 1! Instead, private keys should be stored in PKCS#8 form, with a strong PKCS#5 v2.0 PBE. See <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> and <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>.</p>
+
+<p>PEM_do_header() makes no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_CMS.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_CMS.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_CMS.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_DHparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DHparams.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DHparams.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_DHxparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DHxparams.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DHxparams.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSAPrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSAPrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSA_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSA_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSAparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSAparams.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_DSAparams.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_ECPKParameters.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_ECPKParameters.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_ECPKParameters.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_ECPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_ECPrivateKey.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_ECPrivateKey.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_EC_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_EC_PUBKEY.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_EC_PUBKEY.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_NETSCAPE_CERT_SEQUENCE.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_NETSCAPE_CERT_SEQUENCE.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_NETSCAPE_CERT_SEQUENCE.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS7.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS7.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS7.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8PrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8PrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8PrivateKey_nid.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8PrivateKey_nid.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8PrivateKey_nid.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8_PRIV_KEY_INFO.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8_PRIV_KEY_INFO.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PKCS8_PRIV_KEY_INFO.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_PrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSAPrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSAPrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSAPublicKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSAPublicKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSAPublicKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSA_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_RSA_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_SSL_SESSION.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_SSL_SESSION.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_SSL_SESSION.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_AUX.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_AUX.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_AUX.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_CRL.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_CRL.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_CRL.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_REQ.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_REQ.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_REQ.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_REQ_NEW.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_REQ_NEW.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_X509_REQ_NEW.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio.html
new file mode 100644
index 000000000..8baad0d87
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio.html
@@ -0,0 +1,98 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_write, PEM_write_bio, PEM_read, PEM_read_bio, PEM_do_header, PEM_get_EVP_CIPHER_INFO - PEM encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ int PEM_write(FILE *fp, const char *name, const char *header,
+               const unsigned char *data, long len)
+ int PEM_write_bio(BIO *bp, const char *name, const char *header,
+                   const unsigned char *data, long len)
+
+ int PEM_read(FILE *fp, char **name, char **header,
+              unsigned char **data, long *len);
+ int PEM_read_bio(BIO *bp, char **name, char **header,
+                  unsigned char **data, long *len);
+
+ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cinfo);
+ int PEM_do_header(EVP_CIPHER_INFO *cinfo, unsigned char *data, long *len,
+                   pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions read and write PEM-encoded objects, using the PEM type <b>name</b>, any additional <b>header</b> information, and the raw <b>data</b> of length <b>len</b>.</p>
+
+<p>PEM is the term used for binary content encoding first defined in IETF RFC 1421. The content is a series of base64-encoded lines, surrounded by begin/end markers each on their own line. For example:</p>
+
+<pre><code> -----BEGIN PRIVATE KEY-----
+ MIICdg....
+ ... bhTQ==
+ -----END PRIVATE KEY-----</code></pre>
+
+<p>Optional header line(s) may appear after the begin line, and their existence depends on the type of object being written or read.</p>
+
+<p>PEM_write() writes to the file <b>fp</b>, while PEM_write_bio() writes to the BIO <b>bp</b>. The <b>name</b> is the name to use in the marker, the <b>header</b> is the header value or NULL, and <b>data</b> and <b>len</b> specify the data and its length.</p>
+
+<p>The final <b>data</b> buffer is typically an ASN.1 object which can be decoded with the <b>d2i</b> function appropriate to the type <b>name</b>; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a> for examples.</p>
+
+<p>PEM_read() reads from the file <b>fp</b>, while PEM_read_bio() reads from the BIO <b>bp</b>. Both skip any non-PEM data that precedes the start of the next PEM object. When an object is successfully retrieved, the type name from the &quot;----BEGIN &lt;type&gt;-----&quot; is returned via the <b>name</b> argument, any encapsulation headers are returned in <b>header</b> and the base64-decoded content and its length are returned via <b>data</b> and <b>len</b> respectively. The <b>name</b>, <b>header</b> and <b>data</b> pointers are allocated via OPENSSL_malloc() and should be freed by the caller via OPENSSL_free() when no longer needed.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() can be used to determine the <b>data</b> returned by PEM_read() or PEM_read_bio() is encrypted and to retrieve the associated cipher and IV. The caller passes a pointer to structure of type <b>EVP_CIPHER_INFO</b> via the <b>cinfo</b> argument and the <b>header</b> returned via PEM_read() or PEM_read_bio(). If the call is successful 1 is returned and the cipher and IV are stored at the address pointed to by <b>cinfo</b>. When the header is malformed, or not supported or when the cipher is unknown or some internal error happens 0 is returned. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>PEM_do_header() can then be used to decrypt the data if the header indicates encryption. The <b>cinfo</b> argument is a pointer to the structure initialized by the previous call to PEM_get_EVP_CIPHER_INFO(). The <b>data</b> and <b>len</b> arguments are those returned by the previous call to PEM_read() or PEM_read_bio(). The <b>cb</b> and <b>u</b> arguments make it possible to override the default password prompt function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>. On successful completion the <b>data</b> is decrypted in place, and <b>len</b> is updated to indicate the plaintext length. This function is deprecated, see <b>NOTES</b> below.</p>
+
+<p>If the data is a priori known to not be encrypted, then neither PEM_do_header() nor PEM_get_EVP_CIPHER_INFO() need be called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read() and PEM_read_bio() return 1 on success and 0 on failure, the latter includes the case when no more PEM objects remain in the input file. To distinguish end of file from more serious errors the caller must peek at the error stack and check for <b>PEM_R_NO_START_LINE</b>, which indicates that no more PEM objects were found. See <a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_REASON.html">ERR_GET_REASON(3)</a>.</p>
+
+<p>PEM_get_EVP_CIPHER_INFO() and PEM_do_header() return 1 on success, and 0 on failure. The <b>data</b> is likely meaningless if these functions fail.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PEM_get_EVP_CIPHER_INFO() and PEM_do_header() functions are deprecated. This is because the underlying PEM encryption format is obsolete, and should be avoided. It uses an encryption format with an OpenSSL-specific key-derivation function, which employs MD5 with an iteration count of 1! Instead, private keys should be stored in PKCS#8 form, with a strong PKCS#5 v2.0 PBE. See <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> and <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>.</p>
+
+<p>PEM_do_header() makes no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_peek_last_error.html">ERR_peek_last_error(3)</a>, <a href="../man3/ERR_GET_LIB.html">ERR_GET_LIB(3)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_CMS.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_CMS.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_CMS.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_CMS_stream.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_CMS_stream.html
new file mode 100644
index 000000000..02b8836dc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_CMS_stream.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_write_bio_CMS_stream</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_write_bio_CMS_stream - output CMS_ContentInfo structure in PEM format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PEM_write_bio_CMS_stream() outputs a CMS_ContentInfo structure in PEM format.</p>
+
+<p>It is otherwise identical to the function SMIME_write_CMS().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This function is effectively a version of the PEM_write_bio_CMS() supporting streaming.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_write_bio_CMS_stream() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a> <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>, <a href="../man3/PEM_write.html">PEM_write(3)</a>, <a href="../man3/SMIME_write_CMS.html">SMIME_write_CMS(3)</a>, <a href="../man3/i2d_CMS_bio_stream.html">i2d_CMS_bio_stream(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The PEM_write_bio_CMS_stream() function was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DHparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DHparams.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DHparams.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DHxparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DHxparams.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DHxparams.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSAPrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSAPrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSA_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSA_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSAparams.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSAparams.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_DSAparams.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_ECPKParameters.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_ECPKParameters.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_ECPKParameters.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_ECPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_ECPrivateKey.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_ECPrivateKey.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_EC_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_EC_PUBKEY.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_EC_PUBKEY.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_NETSCAPE_CERT_SEQUENCE.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_NETSCAPE_CERT_SEQUENCE.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_NETSCAPE_CERT_SEQUENCE.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS7.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS7.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS7.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS7_stream.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS7_stream.html
new file mode 100644
index 000000000..c88baa01b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS7_stream.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_write_bio_PKCS7_stream</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PEM_write_bio_PKCS7_stream - output PKCS7 structure in PEM format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PEM_write_bio_PKCS7_stream() outputs a PKCS7 structure in PEM format.</p>
+
+<p>It is otherwise identical to the function SMIME_write_PKCS7().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This function is effectively a version of the PEM_write_bio_PKCS7() supporting streaming.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_write_bio_PKCS7_stream() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_sign.html">PKCS7_sign(3)</a>, <a href="../man3/PKCS7_verify.html">PKCS7_verify(3)</a>, <a href="../man3/PKCS7_encrypt.html">PKCS7_encrypt(3)</a> <a href="../man3/PKCS7_decrypt.html">PKCS7_decrypt(3)</a>, <a href="../man3/SMIME_write_PKCS7.html">SMIME_write_PKCS7(3)</a>, <a href="../man3/i2d_PKCS7_bio_stream.html">i2d_PKCS7_bio_stream(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The PEM_write_bio_PKCS7_stream() function was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8PrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8PrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8PrivateKey_nid.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8PrivateKey_nid.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8PrivateKey_nid.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PrivateKey_traditional.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PrivateKey_traditional.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_PrivateKey_traditional.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSAPrivateKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSAPrivateKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSAPublicKey.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSAPublicKey.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSAPublicKey.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSA_PUBKEY.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_RSA_PUBKEY.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_SSL_SESSION.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_SSL_SESSION.html
new file mode 100644
index 000000000..f99785e0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_SSL_SESSION.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_PEM_rw, PEM_read_CMS, PEM_read_bio_CMS, PEM_write_CMS, PEM_write_bio_CMS, PEM_write_DHxparams, PEM_write_bio_DHxparams, PEM_read_ECPKParameters, PEM_read_bio_ECPKParameters, PEM_write_ECPKParameters, PEM_write_bio_ECPKParameters, PEM_read_ECPrivateKey, PEM_write_ECPrivateKey, PEM_write_bio_ECPrivateKey, PEM_read_EC_PUBKEY, PEM_read_bio_EC_PUBKEY, PEM_write_EC_PUBKEY, PEM_write_bio_EC_PUBKEY, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_PKCS8, PEM_read_bio_PKCS8, PEM_write_PKCS8, PEM_write_bio_PKCS8, PEM_write_PKCS8_PRIV_KEY_INFO, PEM_read_bio_PKCS8_PRIV_KEY_INFO, PEM_read_PKCS8_PRIV_KEY_INFO, PEM_write_bio_PKCS8_PRIV_KEY_INFO, PEM_read_SSL_SESSION, PEM_read_bio_SSL_SESSION, PEM_write_SSL_SESSION, PEM_write_bio_SSL_SESSION - PEM object encoding routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ DECLARE_PEM_rw(name, TYPE)
+
+ TYPE *PEM_read_TYPE(FILE *fp, TYPE **a, pem_password_cb *cb, void *u);
+ TYPE *PEM_read_bio_TYPE(BIO *bp, TYPE **a, pem_password_cb *cb, void *u);
+ int PEM_write_TYPE(FILE *fp, const TYPE *a);
+ int PEM_write_bio_TYPE(BIO *bp, const TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>. The macro <b>DECLARE_PEM_rw</b> expands to the set of declarations shown in the next four lines of the synopsis.</p>
+
+<p>These routines convert between local instances of ASN1 datatypes and the PEM encoding. For more information on the templates, see <a href="../man3/ASN1_ITEM.html">ASN1_ITEM(3)</a>. For more information on the lower-level routines used by the functions here, see <a href="../man3/PEM_read.html">PEM_read(3)</a>.</p>
+
+<p>PEM_read_TYPE() reads a PEM-encoded object of <i>TYPE</i> from the file <b>fp</b> and returns it. The <b>cb</b> and <b>u</b> parameters are as described in <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<p>PEM_read_bio_TYPE() is similar to PEM_read_TYPE() but reads from the BIO <b>bp</b>.</p>
+
+<p>PEM_write_TYPE() writes the PEM encoding of the object <b>a</b> to the file <b>fp</b>.</p>
+
+<p>PEM_write_bio_TYPE() similarly writes to the BIO <b>bp</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PEM_read_TYPE() and PEM_read_bio_TYPE() return a pointer to an allocated object, which should be released by calling TYPE_free(), or NULL on error.</p>
+
+<p>PEM_write_TYPE() and PEM_write_bio_TYPE() return the number of bytes written or zero on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read.html">PEM_read(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_AUX.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_AUX.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_AUX.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_CRL.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_CRL.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_CRL.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_REQ.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_REQ.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_REQ.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_REQ_NEW.html b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_REQ_NEW.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PEM_write_bio_X509_REQ_NEW.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_BAGS_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_BAGS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_BAGS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_BAGS_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_BAGS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_BAGS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_MAC_DATA_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_MAC_DATA_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_MAC_DATA_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_MAC_DATA_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_MAC_DATA_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_MAC_DATA_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_SAFEBAG_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_SAFEBAG_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_SAFEBAG_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_SAFEBAG_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_SAFEBAG_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_SAFEBAG_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_create.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_create.html
new file mode 100644
index 000000000..ec5fcbc39
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_create.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS12_create</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS12_create - create a PKCS#12 structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs12.h&gt;
+
+ PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey,
+                       X509 *cert, STACK_OF(X509) *ca,
+                       int nid_key, int nid_cert, int iter, int mac_iter, int keytype);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS12_create() creates a PKCS#12 structure.</p>
+
+<p><b>pass</b> is the passphrase to use. <b>name</b> is the <b>friendlyName</b> to use for the supplied certificate and key. <b>pkey</b> is the private key to include in the structure and <b>cert</b> its corresponding certificates. <b>ca</b>, if not <b>NULL</b> is an optional set of certificates to also include in the structure.</p>
+
+<p><b>nid_key</b> and <b>nid_cert</b> are the encryption algorithms that should be used for the key and certificate respectively. The modes GCM, CCM, XTS, and OCB are unsupported. <b>iter</b> is the encryption algorithm iteration count to use and <b>mac_iter</b> is the MAC iteration count to use. <b>keytype</b> is the type of key.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The parameters <b>nid_key</b>, <b>nid_cert</b>, <b>iter</b>, <b>mac_iter</b> and <b>keytype</b> can all be set to zero and sensible defaults will be used.</p>
+
+<p>These defaults are: 40 bit RC2 encryption for certificates, triple DES encryption for private keys, a key iteration count of PKCS12_DEFAULT_ITER (currently 2048) and a MAC iteration count of 1.</p>
+
+<p>The default MAC iteration count is 1 in order to retain compatibility with old software which did not interpret MAC iteration counts. If such compatibility is not required then <b>mac_iter</b> should be set to PKCS12_DEFAULT_ITER.</p>
+
+<p><b>keytype</b> adds a flag to the store private key. This is a non standard extension that is only currently interpreted by MSIE. If set to zero the flag is omitted, if set to <b>KEY_SIG</b> the key can be used for signing only, if set to <b>KEY_EX</b> it can be used for signing and encryption. This option was useful for old export grade software which could use signing only keys of arbitrary size but had restrictions on the permissible sizes of keys which could be used for encryption.</p>
+
+<p>If a certificate contains an <b>alias</b> or <b>keyid</b> then this will be used for the corresponding <b>friendlyName</b> or <b>localKeyID</b> in the PKCS12 structure.</p>
+
+<p>Either <b>pkey</b>, <b>cert</b> or both can be <b>NULL</b> to indicate that no key or certificate is required. In previous versions both had to be present or a fatal error is returned.</p>
+
+<p><b>nid_key</b> or <b>nid_cert</b> can be set to -1 indicating that no encryption should be used.</p>
+
+<p><b>mac_iter</b> can be set to -1 and the MAC will then be omitted entirely.</p>
+
+<p>PKCS12_create() makes assumptions regarding the encoding of the given pass phrase. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for more information.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS12_create() returns a valid <b>PKCS12</b> structure or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_PKCS12.html">d2i_PKCS12(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_newpass.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_newpass.html
new file mode 100644
index 000000000..ea631ae95
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_newpass.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS12_newpass</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS12_newpass - change the password of a PKCS12 structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs12.h&gt;
+
+ int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS12_newpass() changes the password of a PKCS12 structure.</p>
+
+<p><b>p12</b> is a pointer to a PKCS12 structure. <b>oldpass</b> is the existing password and <b>newpass</b> is the new password.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Each of <b>oldpass</b> and <b>newpass</b> is independently interpreted as a string in the UTF-8 encoding. If it is not valid UTF-8, it is assumed to be ISO8859-1 instead.</p>
+
+<p>In particular, this means that passwords in the locale character set (or code page on Windows) must potentially be converted to UTF-8 before use. This may include passwords from local text files, or input from the terminal or command line. Refer to the documentation of <a href="../man3/UI_OpenSSL.html">UI_OpenSSL(3)</a>, for example.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS12_newpass() returns 1 on success or 0 on failure. Applications can retrieve the most recent error from PKCS12_newpass() with ERR_get_error().</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example loads a PKCS#12 file, changes its password and writes out the result to a new file.</p>
+
+<pre><code> #include &lt;stdio.h&gt;
+ #include &lt;stdlib.h&gt;
+ #include &lt;openssl/pem.h&gt;
+ #include &lt;openssl/err.h&gt;
+ #include &lt;openssl/pkcs12.h&gt;
+
+ int main(int argc, char **argv)
+ {
+     FILE *fp;
+     PKCS12 *p12;
+
+     if (argc != 5) {
+         fprintf(stderr, &quot;Usage: pkread p12file password newpass opfile\n&quot;);
+         return 1;
+     }
+     if ((fp = fopen(argv[1], &quot;rb&quot;)) == NULL) {
+         fprintf(stderr, &quot;Error opening file %s\n&quot;, argv[1]);
+         return 1;
+     }
+     p12 = d2i_PKCS12_fp(fp, NULL);
+     fclose(fp);
+     if (p12 == NULL) {
+         fprintf(stderr, &quot;Error reading PKCS#12 file\n&quot;);
+         ERR_print_errors_fp(stderr);
+         return 1;
+     }
+     if (PKCS12_newpass(p12, argv[2], argv[3]) == 0) {
+         fprintf(stderr, &quot;Error changing password\n&quot;);
+         ERR_print_errors_fp(stderr);
+         PKCS12_free(p12);
+         return 1;
+     }
+     if ((fp = fopen(argv[4], &quot;wb&quot;)) == NULL) {
+         fprintf(stderr, &quot;Error opening file %s\n&quot;, argv[4]);
+         PKCS12_free(p12);
+         return 1;
+     }
+     i2d_PKCS12_fp(fp, p12);
+     PKCS12_free(p12);
+     fclose(fp);
+     return 0;
+ }</code></pre>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>If the PKCS#12 structure does not have a password, then you must use the empty string &quot;&quot; for <b>oldpass</b>. Using NULL for <b>oldpass</b> will result in a PKCS12_newpass() failure.</p>
+
+<p>If the wrong password is used for <b>oldpass</b> then the function will fail, with a MAC verification error. In rare cases the PKCS12 structure does not contain a MAC: in this case it will usually fail with a decryption padding error.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The password format is a NULL terminated ASCII string which is converted to Unicode form internally. As a result some passwords cannot be supplied to this function.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PKCS12_create.html">PKCS12_create(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS12_parse.html b/msys2/usr/share/doc/openssl/html/man3/PKCS12_parse.html
new file mode 100644
index 000000000..11617f45b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS12_parse.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS12_parse</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS12_parse - parse a PKCS#12 structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs12.h&gt;
+
+ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
+                  STACK_OF(X509) **ca);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS12_parse() parses a PKCS12 structure.</p>
+
+<p><b>p12</b> is the <b>PKCS12</b> structure to parse. <b>pass</b> is the passphrase to use. If successful the private key will be written to <b>*pkey</b>, the corresponding certificate to <b>*cert</b> and any additional certificates to <b>*ca</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The parameters <b>pkey</b> and <b>cert</b> cannot be <b>NULL</b>. <b>ca</b> can be &lt;NULL&gt; in which case additional certificates will be discarded. <b>*ca</b> can also be a valid STACK in which case additional certificates are appended to <b>*ca</b>. If <b>*ca</b> is <b>NULL</b> a new STACK will be allocated.</p>
+
+<p>The <b>friendlyName</b> and <b>localKeyID</b> attributes (if present) on each certificate will be stored in the <b>alias</b> and <b>keyid</b> attributes of the <b>X509</b> structure.</p>
+
+<p>The parameter <b>pass</b> is interpreted as a string in the UTF-8 encoding. If it is not valid UTF-8, then it is assumed to be ISO8859-1 instead.</p>
+
+<p>In particular, this means that passwords in the locale character set (or code page on Windows) must potentially be converted to UTF-8 before use. This may include passwords from local text files, or input from the terminal or command line. Refer to the documentation of <a href="../man3/UI_OpenSSL.html">UI_OpenSSL(3)</a>, for example.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS12_parse() returns 1 for success and zero if an error occurred.</p>
+
+<p>The error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Only a single private key and corresponding certificate is returned by this function. More complex PKCS#12 files with multiple private keys will only return the first match.</p>
+
+<p>Only <b>friendlyName</b> and <b>localKeyID</b> attributes are currently stored in certificates. Other attributes are discarded.</p>
+
+<p>Attributes currently cannot be stored in the private key <b>EVP_PKEY</b> structure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_PKCS12.html">d2i_PKCS12(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS5_PBKDF2_HMAC.html b/msys2/usr/share/doc/openssl/html/man3/PKCS5_PBKDF2_HMAC.html
new file mode 100644
index 000000000..fb0cf79f4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS5_PBKDF2_HMAC.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS5_PBKDF2_HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS5_PBKDF2_HMAC, PKCS5_PBKDF2_HMAC_SHA1 - password based derivation routines with salt and iteration count</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+                       const unsigned char *salt, int saltlen, int iter,
+                       const EVP_MD *digest,
+                       int keylen, unsigned char *out);
+
+ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+                            const unsigned char *salt, int saltlen, int iter,
+                            int keylen, unsigned char *out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS5_PBKDF2_HMAC() derives a key from a password using a salt and iteration count as specified in RFC 2898.</p>
+
+<p><b>pass</b> is the password used in the derivation of length <b>passlen</b>. <b>pass</b> is an optional parameter and can be NULL. If <b>passlen</b> is -1, then the function will calculate the length of <b>pass</b> using strlen().</p>
+
+<p><b>salt</b> is the salt used in the derivation of length <b>saltlen</b>. If the <b>salt</b> is NULL, then <b>saltlen</b> must be 0. The function will not attempt to calculate the length of the <b>salt</b> because it is not assumed to be NULL terminated.</p>
+
+<p><b>iter</b> is the iteration count and its value should be greater than or equal to 1. RFC 2898 suggests an iteration count of at least 1000. Any <b>iter</b> less than 1 is treated as a single iteration.</p>
+
+<p><b>digest</b> is the message digest function used in the derivation. Values include any of the EVP_* message digests. PKCS5_PBKDF2_HMAC_SHA1() calls PKCS5_PBKDF2_HMAC() with EVP_sha1().</p>
+
+<p>The derived key will be written to <b>out</b>. The size of the <b>out</b> buffer is specified via <b>keylen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A typical application of this function is to derive keying material for an encryption algorithm from a password in the <b>pass</b>, a salt in <b>salt</b>, and an iteration count.</p>
+
+<p>Increasing the <b>iter</b> parameter slows down the algorithm which makes it harder for an attacker to perform a brute force attack using a large number of candidate passwords.</p>
+
+<p>These functions make no assumption regarding the given password. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS5_PBKDF2_HMAC() and PBKCS5_PBKDF2_HMAC_SHA1() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS5_PBKDF2_HMAC_SHA1.html b/msys2/usr/share/doc/openssl/html/man3/PKCS5_PBKDF2_HMAC_SHA1.html
new file mode 100644
index 000000000..fb0cf79f4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS5_PBKDF2_HMAC_SHA1.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS5_PBKDF2_HMAC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS5_PBKDF2_HMAC, PKCS5_PBKDF2_HMAC_SHA1 - password based derivation routines with salt and iteration count</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+                       const unsigned char *salt, int saltlen, int iter,
+                       const EVP_MD *digest,
+                       int keylen, unsigned char *out);
+
+ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+                            const unsigned char *salt, int saltlen, int iter,
+                            int keylen, unsigned char *out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS5_PBKDF2_HMAC() derives a key from a password using a salt and iteration count as specified in RFC 2898.</p>
+
+<p><b>pass</b> is the password used in the derivation of length <b>passlen</b>. <b>pass</b> is an optional parameter and can be NULL. If <b>passlen</b> is -1, then the function will calculate the length of <b>pass</b> using strlen().</p>
+
+<p><b>salt</b> is the salt used in the derivation of length <b>saltlen</b>. If the <b>salt</b> is NULL, then <b>saltlen</b> must be 0. The function will not attempt to calculate the length of the <b>salt</b> because it is not assumed to be NULL terminated.</p>
+
+<p><b>iter</b> is the iteration count and its value should be greater than or equal to 1. RFC 2898 suggests an iteration count of at least 1000. Any <b>iter</b> less than 1 is treated as a single iteration.</p>
+
+<p><b>digest</b> is the message digest function used in the derivation. Values include any of the EVP_* message digests. PKCS5_PBKDF2_HMAC_SHA1() calls PKCS5_PBKDF2_HMAC() with EVP_sha1().</p>
+
+<p>The derived key will be written to <b>out</b>. The size of the <b>out</b> buffer is specified via <b>keylen</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A typical application of this function is to derive keying material for an encryption algorithm from a password in the <b>pass</b>, a salt in <b>salt</b>, and an iteration count.</p>
+
+<p>Increasing the <b>iter</b> parameter slows down the algorithm which makes it harder for an attacker to perform a brute force attack using a large number of candidate passwords.</p>
+
+<p>These functions make no assumption regarding the given password. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS5_PBKDF2_HMAC() and PBKCS5_PBKDF2_HMAC_SHA1() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_DIGEST_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_DIGEST_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_DIGEST_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_DIGEST_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_DIGEST_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_DIGEST_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENCRYPT_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENCRYPT_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENCRYPT_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENCRYPT_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENCRYPT_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENCRYPT_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENC_CONTENT_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENC_CONTENT_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENC_CONTENT_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENC_CONTENT_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENC_CONTENT_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENC_CONTENT_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENVELOPE_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENVELOPE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENVELOPE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENVELOPE_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENVELOPE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ENVELOPE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_digest.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_digest.html
new file mode 100644
index 000000000..98c8462b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_digest.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_digest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_digest, PKCS7_ISSUER_AND_SERIAL_digest - get digest of various objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
+                 unsigned int *len);
+
+ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
+                     unsigned int *len);
+
+ int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+                        unsigned char *md, unsigned int *len);
+
+ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+                     unsigned char *md, unsigned int *len);
+
+ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+                      unsigned char *md, unsigned int *len);
+
+ #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+                                    const EVP_MD *type, unsigned char *md,
+                                    unsigned int *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_pubkey_digest() returns a digest of the DER representation of the public key in the specified X509 <b>data</b> object. All other functions described here return a digest of the DER representation of their entire <b>data</b> objects.</p>
+
+<p>The <b>type</b> parameter specifies the digest to be used, such as EVP_sha1(). The <b>md</b> is a pointer to the buffer where the digest will be copied and is assumed to be large enough; the constant <b>EVP_MAX_MD_SIZE</b> is suggested. The <b>len</b> parameter, if not NULL, points to a place where the digest size will be stored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions described here return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_sha1.html">EVP_sha1(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_RECIP_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_RECIP_INFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_RECIP_INFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_RECIP_INFO_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_RECIP_INFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_RECIP_INFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNED_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNED_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNED_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNED_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNED_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNED_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNER_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNER_INFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNER_INFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNER_INFO_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNER_INFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGNER_INFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGN_ENVELOPE_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGN_ENVELOPE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGN_ENVELOPE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGN_ENVELOPE_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGN_ENVELOPE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_SIGN_ENVELOPE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_decrypt.html
new file mode 100644
index 000000000..777925a89
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_decrypt.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS7_decrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS7_decrypt() extracts and decrypts the content from a PKCS#7 envelopedData structure. <b>pkey</b> is the private key of the recipient, <b>cert</b> is the recipients certificate, <b>data</b> is a BIO to write the content to and <b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Although the recipients certificate is not needed to decrypt the data it is needed to locate the appropriate (of possible several) recipients in the PKCS#7 structure.</p>
+
+<p>The following flags can be passed in the <b>flags</b> parameter.</p>
+
+<p>If the <b>PKCS7_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are deleted from the content. If the content is not of type <b>text/plain</b> then an error is returned.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS7_decrypt() returns either 1 for success or 0 for failure. The error can be obtained from ERR_get_error(3)</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>PKCS7_decrypt() must be passed the correct recipient key and certificate. It would be better if it could look up the correct key and certificate from a database.</p>
+
+<p>The lack of single pass processing and need to hold all data in memory as mentioned in PKCS7_sign() also applies to PKCS7_verify().</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_encrypt.html">PKCS7_encrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_dup.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_encrypt.html
new file mode 100644
index 000000000..1f5b9a074
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_encrypt.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS7_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS7_encrypt - create a PKCS#7 envelopedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
+                      int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS7_encrypt() creates and returns a PKCS#7 envelopedData structure. <b>certs</b> is a list of recipient certificates. <b>in</b> is the content to be encrypted. <b>cipher</b> is the symmetric cipher to use. <b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Only RSA keys are supported in PKCS#7 and envelopedData so the recipient certificates supplied to this function must all contain RSA public keys, though they do not have to be signed using the RSA algorithm.</p>
+
+<p>EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use because most clients will support it.</p>
+
+<p>Some old &quot;export grade&quot; clients may only support weak encryption using 40 or 64 bit RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() respectively.</p>
+
+<p>The algorithm passed in the <b>cipher</b> parameter must support ASN1 encoding of its parameters.</p>
+
+<p>Many browsers implement a &quot;sign and encrypt&quot; option which is simply an S/MIME envelopedData containing an S/MIME signed message. This can be readily produced by storing the S/MIME signed message in a memory BIO and passing it to PKCS7_encrypt().</p>
+
+<p>The following flags can be passed in the <b>flags</b> parameter.</p>
+
+<p>If the <b>PKCS7_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are prepended to the data.</p>
+
+<p>Normally the supplied content is translated into MIME canonical format (as required by the S/MIME specifications) if <b>PKCS7_BINARY</b> is set no translation occurs. This option should be used if the supplied data is in binary format otherwise the translation will corrupt it. If <b>PKCS7_BINARY</b> is set then <b>PKCS7_TEXT</b> is ignored.</p>
+
+<p>If the <b>PKCS7_STREAM</b> flag is set a partial <b>PKCS7</b> structure is output suitable for streaming I/O: no data is read from the BIO <b>in</b>.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>If the flag <b>PKCS7_STREAM</b> is set the returned <b>PKCS7</b> structure is <b>not</b> complete and outputting its contents via a function that does not properly finalize the <b>PKCS7</b> structure will give unpredictable results.</p>
+
+<p>Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(), PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 <b>BIO</b> directly using BIO_new_PKCS7().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS7_encrypt() returns either a PKCS7 structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_decrypt.html">PKCS7_decrypt(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>PKCS7_STREAM</b> flag was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_get0_signers.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_get0_signers.html
new file mode 100644
index 000000000..d29734c9e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_get0_signers.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS7_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#VERIFY-PROCESS">VERIFY PROCESS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS7_verify, PKCS7_get0_signers - verify a PKCS#7 signedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
+                  BIO *indata, BIO *out, int flags);
+
+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS7_verify() verifies a PKCS#7 signedData structure. <b>p7</b> is the PKCS7 structure to verify. <b>certs</b> is a set of certificates in which to search for the signer&#39;s certificate. <b>store</b> is a trusted certificate store (used for chain verification). <b>indata</b> is the signed data if the content is not present in <b>p7</b> (that is it is detached). The content is written to <b>out</b> if it is not NULL.</p>
+
+<p><b>flags</b> is an optional set of flags, which can be used to modify the verify operation.</p>
+
+<p>PKCS7_get0_signers() retrieves the signer&#39;s certificates from <b>p7</b>, it does <b>not</b> check their validity or whether any signatures are valid. The <b>certs</b> and <b>flags</b> parameters have the same meanings as in PKCS7_verify().</p>
+
+<h1 id="VERIFY-PROCESS">VERIFY PROCESS</h1>
+
+<p>Normally the verify process proceeds as follows.</p>
+
+<p>Initially some sanity checks are performed on <b>p7</b>. The type of <b>p7</b> must be signedData. There must be at least one signature on the data and if the content is detached <b>indata</b> cannot be <b>NULL</b>. If the content is not detached and <b>indata</b> is not <b>NULL</b>, then the structure has both embedded and external content. To treat this as an error, use the flag <b>PKCS7_NO_DUAL_CONTENT</b>. The default behavior allows this, for compatibility with older versions of OpenSSL.</p>
+
+<p>An attempt is made to locate all the signer&#39;s certificates, first looking in the <b>certs</b> parameter (if it is not <b>NULL</b>) and then looking in any certificates contained in the <b>p7</b> structure itself. If any signer&#39;s certificates cannot be located the operation fails.</p>
+
+<p>Each signer&#39;s certificate is chain verified using the <b>smimesign</b> purpose and the supplied trusted certificate store. Any internal certificates in the message are used as untrusted CAs. If any chain verify fails an error code is returned.</p>
+
+<p>Finally the signed content is read (and written to <b>out</b> is it is not NULL) and the signature&#39;s checked.</p>
+
+<p>If all signature&#39;s verify correctly then the function is successful.</p>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter to change the default verify behaviour. Only the flag <b>PKCS7_NOINTERN</b> is meaningful to PKCS7_get0_signers().</p>
+
+<p>If <b>PKCS7_NOINTERN</b> is set the certificates in the message itself are not searched when locating the signer&#39;s certificate. This means that all the signers certificates must be in the <b>certs</b> parameter.</p>
+
+<p>If the <b>PKCS7_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are deleted from the content. If the content is not of type <b>text/plain</b> then an error is returned.</p>
+
+<p>If <b>PKCS7_NOVERIFY</b> is set the signer&#39;s certificates are not chain verified.</p>
+
+<p>If <b>PKCS7_NOCHAIN</b> is set then the certificates contained in the message are not used as untrusted CAs. This means that the whole verify chain (apart from the signer&#39;s certificate) must be contained in the trusted store.</p>
+
+<p>If <b>PKCS7_NOSIGS</b> is set then the signatures on the data are not checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>One application of <b>PKCS7_NOINTERN</b> is to only accept messages signed by a small number of certificates. The acceptable certificates would be passed in the <b>certs</b> parameter. In this case if the signer is not one of the certificates supplied in <b>certs</b> then the verify will fail because the signer cannot be found.</p>
+
+<p>Care should be taken when modifying the default verify behaviour, for example setting <b>PKCS7_NOVERIFY|PKCS7_NOSIGS</b> will totally disable all verification and any signed message will be considered valid. This combination is however useful if one merely wishes to write the content to <b>out</b> and its validity is not considered important.</p>
+
+<p>Chain verification should arguably be performed using the signing time rather than the current time. However since the signing time is supplied by the signer it cannot be trusted without additional evidence (such as a trusted timestamp).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS7_verify() returns one for a successful verification and zero if an error occurs.</p>
+
+<p>PKCS7_get0_signers() returns all signers or <b>NULL</b> if an error occurred.</p>
+
+<p>The error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The trusted certificate store is not searched for the signers certificate, this is primarily due to the inadequacies of the current <b>X509_STORE</b> functionality.</p>
+
+<p>The lack of single pass processing and need to hold all data in memory as mentioned in PKCS7_sign() also applies to PKCS7_verify().</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_sign.html">PKCS7_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_print_ctx.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_print_ctx.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_print_ctx.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_sign.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_sign.html
new file mode 100644
index 000000000..29e17f5b4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_sign.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS7_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS7_sign - create a PKCS#7 signedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+                   BIO *data, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS7_sign() creates and returns a PKCS#7 signedData structure. <b>signcert</b> is the certificate to sign with, <b>pkey</b> is the corresponding private key. <b>certs</b> is an optional additional set of certificates to include in the PKCS#7 structure (for example any intermediate CAs in the chain).</p>
+
+<p>The data to be signed is read from BIO <b>data</b>.</p>
+
+<p><b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter.</p>
+
+<p>Many S/MIME clients expect the signed content to include valid MIME headers. If the <b>PKCS7_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are prepended to the data.</p>
+
+<p>If <b>PKCS7_NOCERTS</b> is set the signer&#39;s certificate will not be included in the PKCS7 structure, the signer&#39;s certificate must still be supplied in the <b>signcert</b> parameter though. This can reduce the size of the signature if the signers certificate can be obtained by other means: for example a previously signed message.</p>
+
+<p>The data being signed is included in the PKCS7 structure, unless <b>PKCS7_DETACHED</b> is set in which case it is omitted. This is used for PKCS7 detached signatures which are used in S/MIME plaintext signed messages for example.</p>
+
+<p>Normally the supplied content is translated into MIME canonical format (as required by the S/MIME specifications) if <b>PKCS7_BINARY</b> is set no translation occurs. This option should be used if the supplied data is in binary format otherwise the translation will corrupt it.</p>
+
+<p>The signedData structure includes several PKCS#7 authenticatedAttributes including the signing time, the PKCS#7 content type and the supported list of ciphers in an SMIMECapabilities attribute. If <b>PKCS7_NOATTR</b> is set then no authenticatedAttributes will be used. If <b>PKCS7_NOSMIMECAP</b> is set then just the SMIMECapabilities are omitted.</p>
+
+<p>If present the SMIMECapabilities attribute indicates support for the following algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is disabled then it will not be included.</p>
+
+<p>If the flags <b>PKCS7_STREAM</b> is set then the returned <b>PKCS7</b> structure is just initialized ready to perform the signing operation. The signing is however <b>not</b> performed and the data to be signed is not read from the <b>data</b> parameter. Signing is deferred until after the data has been written. In this way data can be signed in a single pass.</p>
+
+<p>If the <b>PKCS7_PARTIAL</b> flag is set a partial <b>PKCS7</b> structure is output to which additional signers and capabilities can be added before finalization.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>If the flag <b>PKCS7_STREAM</b> is set the returned <b>PKCS7</b> structure is <b>not</b> complete and outputting its contents via a function that does not properly finalize the <b>PKCS7</b> structure will give unpredictable results.</p>
+
+<p>Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(), PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 <b>BIO</b> directly using BIO_new_PKCS7().</p>
+
+<p>If a signer is specified it will use the default digest for the signing algorithm. This is <b>SHA1</b> for both RSA and DSA keys.</p>
+
+<p>The <b>certs</b>, <b>signcert</b> and <b>pkey</b> parameters can all be <b>NULL</b> if the <b>PKCS7_PARTIAL</b> flag is set. One or more signers can be added using the function PKCS7_sign_add_signer(). PKCS7_final() must also be called to finalize the structure if streaming is not enabled. Alternative signing digests can also be specified using this method.</p>
+
+<p>If <b>signcert</b> and <b>pkey</b> are NULL then a certificates only PKCS#7 structure is output.</p>
+
+<p>In versions of OpenSSL before 1.0.0 the <b>signcert</b> and <b>pkey</b> parameters must <b>NOT</b> be NULL.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Some advanced attributes such as counter signatures are not supported.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_verify.html">PKCS7_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>PKCS7_PARTIAL</b> flag, and the ability for <b>certs</b>, <b>signcert</b>, and <b>pkey</b> parameters to be <b>NULL</b> were added in OpenSSL 1.0.0.</p>
+
+<p>The <b>PKCS7_STREAM</b> flag was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_sign_add_signer.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_sign_add_signer.html
new file mode 100644
index 000000000..9c00158bc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_sign_add_signer.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS7_sign_add_signer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS7_sign_add_signer - add a signer PKCS7 signed data structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
+                                          EVP_PKEY *pkey, const EVP_MD *md, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS7_sign_add_signer() adds a signer with certificate <b>signcert</b> and private key <b>pkey</b> using message digest <b>md</b> to a PKCS7 signed data structure <b>p7</b>.</p>
+
+<p>The PKCS7 structure should be obtained from an initial call to PKCS7_sign() with the flag <b>PKCS7_PARTIAL</b> set or in the case or re-signing a valid PKCS7 signed data structure.</p>
+
+<p>If the <b>md</b> parameter is <b>NULL</b> then the default digest for the public key algorithm will be used.</p>
+
+<p>Unless the <b>PKCS7_REUSE_DIGEST</b> flag is set the returned PKCS7 structure is not complete and must be finalized either by streaming (if applicable) or a call to PKCS7_final().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The main purpose of this function is to provide finer control over a PKCS#7 signed data structure where the simpler PKCS7_sign() function defaults are not appropriate. For example if multiple signers or non default digest algorithms are needed.</p>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter.</p>
+
+<p>If <b>PKCS7_REUSE_DIGEST</b> is set then an attempt is made to copy the content digest value from the PKCS7 structure: to add a signer to an existing structure. An error occurs if a matching digest value cannot be found to copy. The returned PKCS7 structure will be valid and finalized when this flag is set.</p>
+
+<p>If <b>PKCS7_PARTIAL</b> is set in addition to <b>PKCS7_REUSE_DIGEST</b> then the <b>PKCS7_SIGNER_INO</b> structure will not be finalized so additional attributes can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is needed to finalize it.</p>
+
+<p>If <b>PKCS7_NOCERTS</b> is set the signer&#39;s certificate will not be included in the PKCS7 structure, the signer&#39;s certificate must still be supplied in the <b>signcert</b> parameter though. This can reduce the size of the signature if the signers certificate can be obtained by other means: for example a previously signed message.</p>
+
+<p>The signedData structure includes several PKCS#7 authenticatedAttributes including the signing time, the PKCS#7 content type and the supported list of ciphers in an SMIMECapabilities attribute. If <b>PKCS7_NOATTR</b> is set then no authenticatedAttributes will be used. If <b>PKCS7_NOSMIMECAP</b> is set then just the SMIMECapabilities are omitted.</p>
+
+<p>If present the SMIMECapabilities attribute indicates support for the following algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is disabled then it will not be included.</p>
+
+<p>PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO structure just added, this can be used to set additional attributes before it is finalized.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO structure just added or NULL if an error occurs.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_sign.html">PKCS7_sign(3)</a>, <a href="../man3/PKCS7_final.html">PKCS7_final(3)</a>,</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The PPKCS7_sign_add_signer() function was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS7_verify.html b/msys2/usr/share/doc/openssl/html/man3/PKCS7_verify.html
new file mode 100644
index 000000000..d29734c9e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS7_verify.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PKCS7_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#VERIFY-PROCESS">VERIFY PROCESS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>PKCS7_verify, PKCS7_get0_signers - verify a PKCS#7 signedData structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
+                  BIO *indata, BIO *out, int flags);
+
+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>PKCS7_verify() verifies a PKCS#7 signedData structure. <b>p7</b> is the PKCS7 structure to verify. <b>certs</b> is a set of certificates in which to search for the signer&#39;s certificate. <b>store</b> is a trusted certificate store (used for chain verification). <b>indata</b> is the signed data if the content is not present in <b>p7</b> (that is it is detached). The content is written to <b>out</b> if it is not NULL.</p>
+
+<p><b>flags</b> is an optional set of flags, which can be used to modify the verify operation.</p>
+
+<p>PKCS7_get0_signers() retrieves the signer&#39;s certificates from <b>p7</b>, it does <b>not</b> check their validity or whether any signatures are valid. The <b>certs</b> and <b>flags</b> parameters have the same meanings as in PKCS7_verify().</p>
+
+<h1 id="VERIFY-PROCESS">VERIFY PROCESS</h1>
+
+<p>Normally the verify process proceeds as follows.</p>
+
+<p>Initially some sanity checks are performed on <b>p7</b>. The type of <b>p7</b> must be signedData. There must be at least one signature on the data and if the content is detached <b>indata</b> cannot be <b>NULL</b>. If the content is not detached and <b>indata</b> is not <b>NULL</b>, then the structure has both embedded and external content. To treat this as an error, use the flag <b>PKCS7_NO_DUAL_CONTENT</b>. The default behavior allows this, for compatibility with older versions of OpenSSL.</p>
+
+<p>An attempt is made to locate all the signer&#39;s certificates, first looking in the <b>certs</b> parameter (if it is not <b>NULL</b>) and then looking in any certificates contained in the <b>p7</b> structure itself. If any signer&#39;s certificates cannot be located the operation fails.</p>
+
+<p>Each signer&#39;s certificate is chain verified using the <b>smimesign</b> purpose and the supplied trusted certificate store. Any internal certificates in the message are used as untrusted CAs. If any chain verify fails an error code is returned.</p>
+
+<p>Finally the signed content is read (and written to <b>out</b> is it is not NULL) and the signature&#39;s checked.</p>
+
+<p>If all signature&#39;s verify correctly then the function is successful.</p>
+
+<p>Any of the following flags (ored together) can be passed in the <b>flags</b> parameter to change the default verify behaviour. Only the flag <b>PKCS7_NOINTERN</b> is meaningful to PKCS7_get0_signers().</p>
+
+<p>If <b>PKCS7_NOINTERN</b> is set the certificates in the message itself are not searched when locating the signer&#39;s certificate. This means that all the signers certificates must be in the <b>certs</b> parameter.</p>
+
+<p>If the <b>PKCS7_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are deleted from the content. If the content is not of type <b>text/plain</b> then an error is returned.</p>
+
+<p>If <b>PKCS7_NOVERIFY</b> is set the signer&#39;s certificates are not chain verified.</p>
+
+<p>If <b>PKCS7_NOCHAIN</b> is set then the certificates contained in the message are not used as untrusted CAs. This means that the whole verify chain (apart from the signer&#39;s certificate) must be contained in the trusted store.</p>
+
+<p>If <b>PKCS7_NOSIGS</b> is set then the signatures on the data are not checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>One application of <b>PKCS7_NOINTERN</b> is to only accept messages signed by a small number of certificates. The acceptable certificates would be passed in the <b>certs</b> parameter. In this case if the signer is not one of the certificates supplied in <b>certs</b> then the verify will fail because the signer cannot be found.</p>
+
+<p>Care should be taken when modifying the default verify behaviour, for example setting <b>PKCS7_NOVERIFY|PKCS7_NOSIGS</b> will totally disable all verification and any signed message will be considered valid. This combination is however useful if one merely wishes to write the content to <b>out</b> and its validity is not considered important.</p>
+
+<p>Chain verification should arguably be performed using the signing time rather than the current time. However since the signing time is supplied by the signer it cannot be trusted without additional evidence (such as a trusted timestamp).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>PKCS7_verify() returns one for a successful verification and zero if an error occurs.</p>
+
+<p>PKCS7_get0_signers() returns all signers or <b>NULL</b> if an error occurred.</p>
+
+<p>The error can be obtained from <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The trusted certificate store is not searched for the signers certificate, this is primarily due to the inadequacies of the current <b>X509_STORE</b> functionality.</p>
+
+<p>The lack of single pass processing and need to hold all data in memory as mentioned in PKCS7_sign() also applies to PKCS7_verify().</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_sign.html">PKCS7_sign(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS8_PRIV_KEY_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/PKCS8_PRIV_KEY_INFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS8_PRIV_KEY_INFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKCS8_PRIV_KEY_INFO_new.html b/msys2/usr/share/doc/openssl/html/man3/PKCS8_PRIV_KEY_INFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKCS8_PRIV_KEY_INFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKEY_USAGE_PERIOD_free.html b/msys2/usr/share/doc/openssl/html/man3/PKEY_USAGE_PERIOD_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKEY_USAGE_PERIOD_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PKEY_USAGE_PERIOD_new.html b/msys2/usr/share/doc/openssl/html/man3/PKEY_USAGE_PERIOD_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PKEY_USAGE_PERIOD_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/POLICYINFO_free.html b/msys2/usr/share/doc/openssl/html/man3/POLICYINFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/POLICYINFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/POLICYINFO_new.html b/msys2/usr/share/doc/openssl/html/man3/POLICYINFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/POLICYINFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/POLICYQUALINFO_free.html b/msys2/usr/share/doc/openssl/html/man3/POLICYQUALINFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/POLICYQUALINFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/POLICYQUALINFO_new.html b/msys2/usr/share/doc/openssl/html/man3/POLICYQUALINFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/POLICYQUALINFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/POLICY_CONSTRAINTS_free.html b/msys2/usr/share/doc/openssl/html/man3/POLICY_CONSTRAINTS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/POLICY_CONSTRAINTS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/POLICY_CONSTRAINTS_new.html b/msys2/usr/share/doc/openssl/html/man3/POLICY_CONSTRAINTS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/POLICY_CONSTRAINTS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/POLICY_MAPPING_free.html b/msys2/usr/share/doc/openssl/html/man3/POLICY_MAPPING_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/POLICY_MAPPING_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/POLICY_MAPPING_new.html b/msys2/usr/share/doc/openssl/html/man3/POLICY_MAPPING_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/POLICY_MAPPING_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS_free.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS_new.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFOS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_addProfessionInfo.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_addProfessionInfo.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_addProfessionInfo.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_namingAuthority.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_namingAuthority.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_namingAuthority.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_professionItems.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_professionItems.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_professionItems.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_professionOIDs.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_professionOIDs.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_professionOIDs.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_registrationNumber.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_registrationNumber.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_registrationNumber.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_new.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_addProfessionInfo.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_addProfessionInfo.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_addProfessionInfo.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_namingAuthority.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_namingAuthority.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_namingAuthority.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_professionItems.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_professionItems.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_professionItems.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_professionOIDs.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_professionOIDs.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_professionOIDs.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_registrationNumber.html b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_registrationNumber.html
new file mode 100644
index 000000000..0a16a7e51
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_registrationNumber.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ADMISSIONS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ADMISSIONS, ADMISSIONS_get0_admissionAuthority, ADMISSIONS_get0_namingAuthority, ADMISSIONS_get0_professionInfos, ADMISSIONS_set0_admissionAuthority, ADMISSIONS_set0_namingAuthority, ADMISSIONS_set0_professionInfos, ADMISSION_SYNTAX, ADMISSION_SYNTAX_get0_admissionAuthority, ADMISSION_SYNTAX_get0_contentsOfAdmissions, ADMISSION_SYNTAX_set0_admissionAuthority, ADMISSION_SYNTAX_set0_contentsOfAdmissions, NAMING_AUTHORITY, NAMING_AUTHORITY_get0_authorityId, NAMING_AUTHORITY_get0_authorityURL, NAMING_AUTHORITY_get0_authorityText, NAMING_AUTHORITY_set0_authorityId, NAMING_AUTHORITY_set0_authorityURL, NAMING_AUTHORITY_set0_authorityText, PROFESSION_INFO, PROFESSION_INFOS, PROFESSION_INFO_get0_addProfessionInfo, PROFESSION_INFO_get0_namingAuthority, PROFESSION_INFO_get0_professionItems, PROFESSION_INFO_get0_professionOIDs, PROFESSION_INFO_get0_registrationNumber, PROFESSION_INFO_set0_addProfessionInfo, PROFESSION_INFO_set0_namingAuthority, PROFESSION_INFO_set0_professionItems, PROFESSION_INFO_set0_professionOIDs, PROFESSION_INFO_set0_registrationNumber - Accessors and settors for ADMISSION_SYNTAX</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef struct NamingAuthority_st NAMING_AUTHORITY;
+ typedef struct ProfessionInfo_st PROFESSION_INFO;
+ typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+ typedef struct Admissions_st ADMISSIONS;
+ typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+
+ const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+     ASN1_OBJECT* namingAuthorityId);
+ const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+     ASN1_IA5STRING* namingAuthorityUrl);
+ const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+     const NAMING_AUTHORITY *n);
+ void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+     ASN1_STRING* namingAuthorityText);
+
+ const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_admissionAuthority(
+     ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+ const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+     const ADMISSION_SYNTAX *as);
+ void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+     ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+
+ const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+ const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+ void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+ const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+ void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+
+ const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_addProfessionInfo(
+     PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+ const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_namingAuthority(
+     PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+ const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionItems(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+ const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_professionOIDs(
+     PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+ const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+     const PROFESSION_INFO *pi);
+ void PROFESSION_INFO_set0_registrationNumber(
+     PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>PROFESSION_INFOS</b>, <b>ADMISSION_SYNTAX</b>, <b>ADMISSIONS</b>, and <b>PROFESSION_INFO</b> types are opaque structures representing the analogous types defined in the Common PKI Specification published by <a href="https://www.t7ev.org">https://www.t7ev.org</a>. Knowledge of those structures and their semantics is assumed.</p>
+
+<p>The conventional routines to convert between DER and the local format are described in <a href="../man3/d2i_X509.html">d2i_X509(3)</a>. The conventional routines to allocate and free the types are defined in <a href="../man3/X509_dup.html">X509_dup(3)</a>.</p>
+
+<p>The <b>PROFESSION_INFOS</b> type is a stack of <b>PROFESSION_INFO</b>; see <a href="../man3/DEFINE_STACK_OF.html">DEFINE_STACK_OF(3)</a> for details.</p>
+
+<p>The <b>NAMING_AUTHORITY</b> type has an authority ID and URL, and text fields. The NAMING_AUTHORITY_get0_authorityId(), NAMING_AUTHORITY_get0_get0_authorityURL(), and NAMING_AUTHORITY_get0_get0_authorityText(), functions return pointers to those values within the object. The NAMING_AUTHORITY_set0_authorityId(), NAMING_AUTHORITY_set0_get0_authorityURL(), and NAMING_AUTHORITY_set0_get0_authorityText(), functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION_SYNTAX</b> type has an authority name and a stack of <b>ADMISSION</b> objects. The ADMISSION_SYNTAX_get0_admissionAuthority() and ADMISSION_SYNTAX_get0_contentsOfAdmissions() functions return pointers to those values within the object. The ADMISSION_SYNTAX_set0_admissionAuthority() and ADMISSION_SYNTAX_set0_contentsOfAdmissions() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>ADMISSION</b> type has an authority name, authority object, and a stack of <b>PROFSSION_INFO</b> items. The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(), and ADMISSIONS_get0_professionInfos() functions return pointers to those values within the object. The ADMISSIONS_set0_admissionAuthority(), ADMISSIONS_set0_namingAuthority(), and ADMISSIONS_set0_professionInfos() functions free any existing value and set the pointer to the specified value.</p>
+
+<p>The <b>PROFESSION_INFO</b> type has a name authority, stacks of profession Items and OIDs, a registration number, and additional profession info. The functions PROFESSION_INFO_get0_addProfessionInfo(), PROFESSION_INFO_get0_namingAuthority(), PROFESSION_INFO_get0_professionItems(), PROFESSION_INFO_get0_professionOIDs(), and PROFESSION_INFO_get0_registrationNumber() functions return pointers to those values within the object. The PROFESSION_INFO_set0_addProfessionInfo(), PROFESSION_INFO_set0_namingAuthority(), PROFESSION_INFO_set0_professionItems(), PROFESSION_INFO_set0_professionOIDs(), and PROFESSION_INFO_set0_registrationNumber() functions free any existing value and set the pointer to the specified value.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Described above. Note that all of the <i>get0</i> functions return a pointer to the internal data structure and must not be freed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_dup.html">X509_dup(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROXY_CERT_INFO_EXTENSION_free.html b/msys2/usr/share/doc/openssl/html/man3/PROXY_CERT_INFO_EXTENSION_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROXY_CERT_INFO_EXTENSION_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROXY_CERT_INFO_EXTENSION_new.html b/msys2/usr/share/doc/openssl/html/man3/PROXY_CERT_INFO_EXTENSION_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROXY_CERT_INFO_EXTENSION_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROXY_POLICY_free.html b/msys2/usr/share/doc/openssl/html/man3/PROXY_POLICY_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROXY_POLICY_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/PROXY_POLICY_new.html b/msys2/usr/share/doc/openssl/html/man3/PROXY_POLICY_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/PROXY_POLICY_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_bytes.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_bytes.html
new file mode 100644
index 000000000..3115f0ecf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_bytes.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_generate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_generate, RAND_DRBG_bytes - generate random bytes using the given drbg instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_generate(RAND_DRBG *drbg,
+                        unsigned char *out, size_t outlen,
+                        int prediction_resistance,
+                        const unsigned char *adin, size_t adinlen);
+
+ int RAND_DRBG_bytes(RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_generate() generates <b>outlen</b> random bytes using the given DRBG instance <b>drbg</b> and stores them in the buffer at <b>out</b>.</p>
+
+<p>Before generating the output, the DRBG instance checks whether the maximum number of generate requests (<i>reseed interval</i>) or the maximum timespan (<i>reseed time interval</i>) since its last seeding have been reached. If this is the case, the DRBG reseeds automatically. Additionally, an immediate reseeding can be requested by setting the <b>prediction_resistance</b> flag to 1. See NOTES section for more details.</p>
+
+<p>The caller can optionally provide additional data to be used for reseeding by passing a pointer <b>adin</b> to a buffer of length <b>adinlen</b>. This additional data is mixed into the internal state of the random generator but does not contribute to the entropy count. The additional data can be omitted by setting <b>adin</b> to NULL and <b>adinlen</b> to 0;</p>
+
+<p>RAND_DRBG_bytes() generates <b>outlen</b> random bytes using the given DRBG instance <b>drbg</b> and stores them in the buffer at <b>out</b>. This function is a wrapper around the RAND_DRBG_generate() call, which collects some additional data from low entropy sources (e.g., a high resolution timer) and calls RAND_DRBG_generate(drbg, out, outlen, 0, adin, adinlen).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_generate() and RAND_DRBG_bytes() return 1 on success, and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <i>reseed interval</i> and <i>reseed time interval</i> of the <b>drbg</b> are set to reasonable default values, which in general do not have to be adjusted. If necessary, they can be changed using <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a> and <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, respectively.</p>
+
+<p>A request for prediction resistance can only be satisfied by pulling fresh entropy from one of the approved entropy sources listed in section 5.5.2 of [NIST SP 800-90C]. Since the default DRBG implementation does not have access to such an approved entropy source, a request for prediction resistance will always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_cleanup_entropy_fn.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_cleanup_entropy_fn.html
new file mode 100644
index 000000000..143adce11
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_cleanup_entropy_fn.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_set_callbacks</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_set_callbacks, RAND_DRBG_get_entropy_fn, RAND_DRBG_cleanup_entropy_fn, RAND_DRBG_get_nonce_fn, RAND_DRBG_cleanup_nonce_fn - set callbacks for reseeding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
+                             RAND_DRBG_get_entropy_fn get_entropy,
+                             RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
+                             RAND_DRBG_get_nonce_fn get_nonce,
+                             RAND_DRBG_cleanup_nonce_fn cleanup_nonce);</code></pre>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<pre><code> typedef size_t (*RAND_DRBG_get_entropy_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len,
+                       int prediction_resistance);
+
+ typedef void (*RAND_DRBG_cleanup_entropy_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);
+
+ typedef size_t (*RAND_DRBG_get_nonce_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len);
+
+ typedef void (*RAND_DRBG_cleanup_nonce_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_set_callbacks() sets the callbacks for obtaining fresh entropy and the nonce when reseeding the given <b>drbg</b>. The callback functions are implemented and provided by the caller. Their parameter lists need to match the function prototypes above.</p>
+
+<p>Setting the callbacks is allowed only if the DRBG has not been initialized yet. Otherwise, the operation will fail. To change the settings for one of the three shared DRBGs it is necessary to call RAND_DRBG_uninstantiate() first.</p>
+
+<p>The <b>get_entropy</b>() callback is called by the <b>drbg</b> when it requests fresh random input. It is expected that the callback allocates and fills a random buffer of size <b>min_len</b> &lt;= size &lt;= <b>max_len</b> (in bytes) which contains at least <b>entropy</b> bits of randomness. The <b>prediction_resistance</b> flag indicates whether the reseeding was triggered by a prediction resistance request.</p>
+
+<p>The buffer&#39;s address is to be returned in *<b>pout</b> and the number of collected randomness bytes as return value.</p>
+
+<p>If the callback fails to acquire at least <b>entropy</b> bits of randomness, it must indicate an error by returning a buffer length of 0.</p>
+
+<p>If <b>prediction_resistance</b> was requested and the random source of the DRBG does not satisfy the conditions requested by [NIST SP 800-90C], then it must also indicate an error by returning a buffer length of 0. See NOTES section for more details.</p>
+
+<p>The <b>cleanup_entropy</b>() callback is called from the <b>drbg</b> to to clear and free the buffer allocated previously by get_entropy(). The values <b>out</b> and <b>outlen</b> are the random buffer&#39;s address and length, as returned by the get_entropy() callback.</p>
+
+<p>The <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks are used to obtain a nonce and free it again. A nonce is only required for instantiation (not for reseeding) and only in the case where the DRBG uses a derivation function. The callbacks are analogous to get_entropy() and cleanup_entropy(), except for the missing prediction_resistance flag.</p>
+
+<p>If the derivation function is disabled, then no nonce is used for instantiation, and the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_set_callbacks() return 1 on success, and 0 on failure</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is important that <b>cleanup_entropy</b>() and <b>cleanup_nonce</b>() clear the buffer contents safely before freeing it, in order not to leave sensitive information about the DRBG&#39;s state in memory.</p>
+
+<p>A request for prediction resistance can only be satisfied by pulling fresh entropy from one of the approved entropy sources listed in section 5.5.2 of [NIST SP 800-90C]. Since the default implementation of the get_entropy callback does not have access to such an approved entropy source, a request for prediction resistance will always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
+
+<p>The derivation function is disabled during initialization by calling the RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag. For more information on the derivation function and when it can be omitted, see [NIST SP 800-90A Rev. 1]. Roughly speeking it can be omitted if the random source has &quot;full entropy&quot;, i.e., contains 8 bits of entropy per byte.</p>
+
+<p>Even if a nonce is required, the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL. In this case the DRBG will automatically request an extra amount of entropy (using the <b>get_entropy</b>() and <b>cleanup_entropy</b>() callbacks) which it will utilize for the nonce, following the recommendations of [NIST SP 800-90A Rev. 1], section 8.6.7.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_new.html">RAND_DRBG_new(3)</a>, <a href="../man3/RAND_DRBG_reseed.html">RAND_DRBG_reseed(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_cleanup_nonce_fn.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_cleanup_nonce_fn.html
new file mode 100644
index 000000000..143adce11
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_cleanup_nonce_fn.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_set_callbacks</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_set_callbacks, RAND_DRBG_get_entropy_fn, RAND_DRBG_cleanup_entropy_fn, RAND_DRBG_get_nonce_fn, RAND_DRBG_cleanup_nonce_fn - set callbacks for reseeding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
+                             RAND_DRBG_get_entropy_fn get_entropy,
+                             RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
+                             RAND_DRBG_get_nonce_fn get_nonce,
+                             RAND_DRBG_cleanup_nonce_fn cleanup_nonce);</code></pre>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<pre><code> typedef size_t (*RAND_DRBG_get_entropy_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len,
+                       int prediction_resistance);
+
+ typedef void (*RAND_DRBG_cleanup_entropy_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);
+
+ typedef size_t (*RAND_DRBG_get_nonce_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len);
+
+ typedef void (*RAND_DRBG_cleanup_nonce_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_set_callbacks() sets the callbacks for obtaining fresh entropy and the nonce when reseeding the given <b>drbg</b>. The callback functions are implemented and provided by the caller. Their parameter lists need to match the function prototypes above.</p>
+
+<p>Setting the callbacks is allowed only if the DRBG has not been initialized yet. Otherwise, the operation will fail. To change the settings for one of the three shared DRBGs it is necessary to call RAND_DRBG_uninstantiate() first.</p>
+
+<p>The <b>get_entropy</b>() callback is called by the <b>drbg</b> when it requests fresh random input. It is expected that the callback allocates and fills a random buffer of size <b>min_len</b> &lt;= size &lt;= <b>max_len</b> (in bytes) which contains at least <b>entropy</b> bits of randomness. The <b>prediction_resistance</b> flag indicates whether the reseeding was triggered by a prediction resistance request.</p>
+
+<p>The buffer&#39;s address is to be returned in *<b>pout</b> and the number of collected randomness bytes as return value.</p>
+
+<p>If the callback fails to acquire at least <b>entropy</b> bits of randomness, it must indicate an error by returning a buffer length of 0.</p>
+
+<p>If <b>prediction_resistance</b> was requested and the random source of the DRBG does not satisfy the conditions requested by [NIST SP 800-90C], then it must also indicate an error by returning a buffer length of 0. See NOTES section for more details.</p>
+
+<p>The <b>cleanup_entropy</b>() callback is called from the <b>drbg</b> to to clear and free the buffer allocated previously by get_entropy(). The values <b>out</b> and <b>outlen</b> are the random buffer&#39;s address and length, as returned by the get_entropy() callback.</p>
+
+<p>The <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks are used to obtain a nonce and free it again. A nonce is only required for instantiation (not for reseeding) and only in the case where the DRBG uses a derivation function. The callbacks are analogous to get_entropy() and cleanup_entropy(), except for the missing prediction_resistance flag.</p>
+
+<p>If the derivation function is disabled, then no nonce is used for instantiation, and the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_set_callbacks() return 1 on success, and 0 on failure</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is important that <b>cleanup_entropy</b>() and <b>cleanup_nonce</b>() clear the buffer contents safely before freeing it, in order not to leave sensitive information about the DRBG&#39;s state in memory.</p>
+
+<p>A request for prediction resistance can only be satisfied by pulling fresh entropy from one of the approved entropy sources listed in section 5.5.2 of [NIST SP 800-90C]. Since the default implementation of the get_entropy callback does not have access to such an approved entropy source, a request for prediction resistance will always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
+
+<p>The derivation function is disabled during initialization by calling the RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag. For more information on the derivation function and when it can be omitted, see [NIST SP 800-90A Rev. 1]. Roughly speeking it can be omitted if the random source has &quot;full entropy&quot;, i.e., contains 8 bits of entropy per byte.</p>
+
+<p>Even if a nonce is required, the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL. In this case the DRBG will automatically request an extra amount of entropy (using the <b>get_entropy</b>() and <b>cleanup_entropy</b>() callbacks) which it will utilize for the nonce, following the recommendations of [NIST SP 800-90A Rev. 1], section 8.6.7.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_new.html">RAND_DRBG_new(3)</a>, <a href="../man3/RAND_DRBG_reseed.html">RAND_DRBG_reseed(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_free.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_free.html
new file mode 100644
index 000000000..fa99219ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_free.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_new, RAND_DRBG_secure_new, RAND_DRBG_set, RAND_DRBG_set_defaults, RAND_DRBG_instantiate, RAND_DRBG_uninstantiate, RAND_DRBG_free - initialize and cleanup a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ RAND_DRBG *RAND_DRBG_new(int type,
+                          unsigned int flags,
+                          RAND_DRBG *parent);
+
+ RAND_DRBG *RAND_DRBG_secure_new(int type,
+                                 unsigned int flags,
+                                 RAND_DRBG *parent);
+
+ int RAND_DRBG_set(RAND_DRBG *drbg,
+                   int type, unsigned int flags);
+
+ int RAND_DRBG_set_defaults(int type, unsigned int flags);
+
+ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
+                           const unsigned char *pers, size_t perslen);
+
+ int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
+
+ void RAND_DRBG_free(RAND_DRBG *drbg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() create a new DRBG instance of the given <b>type</b>, allocated from the heap resp. the secure heap (using OPENSSL_zalloc() resp. OPENSSL_secure_zalloc()).</p>
+
+<p>RAND_DRBG_set() initializes the <b>drbg</b> with the given <b>type</b> and <b>flags</b>.</p>
+
+<p>RAND_DRBG_set_defaults() sets the default <b>type</b> and <b>flags</b> for new DRBG instances.</p>
+
+<p>Currently, all DRBG types are based on AES-CTR, so <b>type</b> can be one of the following values: NID_aes_128_ctr, NID_aes_192_ctr, NID_aes_256_ctr. Before the DRBG can be used to generate random bits, it is necessary to set its type and to instantiate it.</p>
+
+<p>The optional <b>flags</b> argument specifies a set of bit flags which can be joined using the | operator. Currently, the only flag is RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of a the derivation function ctr_df. For an explanation, see [NIST SP 800-90A Rev. 1].</p>
+
+<p>If a <b>parent</b> instance is specified then this will be used instead of the default entropy source for reseeding the <b>drbg</b>. It is said that the <b>drbg</b> is <i>chained</i> to its <b>parent</b>. For more information, see the NOTES section.</p>
+
+<p>RAND_DRBG_instantiate() seeds the <b>drbg</b> instance using random input from trusted entropy sources. Optionally, a personalization string <b>pers</b> of length <b>perslen</b> can be specified. To omit the personalization string, set <b>pers</b>=NULL and <b>perslen</b>=0;</p>
+
+<p>RAND_DRBG_uninstantiate() clears the internal state of the <b>drbg</b> and puts it back in the uninstantiated state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() return a pointer to a DRBG instance allocated on the heap, resp. secure heap.</p>
+
+<p>RAND_DRBG_set(), RAND_DRBG_instantiate(), and RAND_DRBG_uninstantiate() return 1 on success, and 0 on failure.</p>
+
+<p>RAND_DRBG_free() does not return a value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The DRBG design supports <i>chaining</i>, which means that a DRBG instance can use another <b>parent</b> DRBG instance instead of the default entropy source to obtain fresh random input for reseeding, provided that <b>parent</b> DRBG instance was properly instantiated, either from a trusted entropy source, or from yet another parent DRBG instance. For a detailed description of the reseeding process, see <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<p>The default DRBG type and flags are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_zalloc.html">OPENSSL_zalloc(3)</a>, <a href="../man3/OPENSSL_secure_zalloc.html">OPENSSL_secure_zalloc(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_generate.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_generate.html
new file mode 100644
index 000000000..3115f0ecf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_generate.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_generate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_generate, RAND_DRBG_bytes - generate random bytes using the given drbg instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_generate(RAND_DRBG *drbg,
+                        unsigned char *out, size_t outlen,
+                        int prediction_resistance,
+                        const unsigned char *adin, size_t adinlen);
+
+ int RAND_DRBG_bytes(RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_generate() generates <b>outlen</b> random bytes using the given DRBG instance <b>drbg</b> and stores them in the buffer at <b>out</b>.</p>
+
+<p>Before generating the output, the DRBG instance checks whether the maximum number of generate requests (<i>reseed interval</i>) or the maximum timespan (<i>reseed time interval</i>) since its last seeding have been reached. If this is the case, the DRBG reseeds automatically. Additionally, an immediate reseeding can be requested by setting the <b>prediction_resistance</b> flag to 1. See NOTES section for more details.</p>
+
+<p>The caller can optionally provide additional data to be used for reseeding by passing a pointer <b>adin</b> to a buffer of length <b>adinlen</b>. This additional data is mixed into the internal state of the random generator but does not contribute to the entropy count. The additional data can be omitted by setting <b>adin</b> to NULL and <b>adinlen</b> to 0;</p>
+
+<p>RAND_DRBG_bytes() generates <b>outlen</b> random bytes using the given DRBG instance <b>drbg</b> and stores them in the buffer at <b>out</b>. This function is a wrapper around the RAND_DRBG_generate() call, which collects some additional data from low entropy sources (e.g., a high resolution timer) and calls RAND_DRBG_generate(drbg, out, outlen, 0, adin, adinlen).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_generate() and RAND_DRBG_bytes() return 1 on success, and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <i>reseed interval</i> and <i>reseed time interval</i> of the <b>drbg</b> are set to reasonable default values, which in general do not have to be adjusted. If necessary, they can be changed using <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a> and <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, respectively.</p>
+
+<p>A request for prediction resistance can only be satisfied by pulling fresh entropy from one of the approved entropy sources listed in section 5.5.2 of [NIST SP 800-90C]. Since the default DRBG implementation does not have access to such an approved entropy source, a request for prediction resistance will always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_master.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_master.html
new file mode 100644
index 000000000..635fe3d8d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_master.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_get0_master</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_get0_master, RAND_DRBG_get0_public, RAND_DRBG_get0_private - get access to the global RAND_DRBG instances</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ RAND_DRBG *RAND_DRBG_get0_master(void);
+ RAND_DRBG *RAND_DRBG_get0_public(void);
+ RAND_DRBG *RAND_DRBG_get0_private(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The default RAND API implementation (RAND_OpenSSL()) utilizes three shared DRBG instances which are accessed via the RAND API:</p>
+
+<p>The &lt;public&gt; and &lt;private&gt; DRBG are thread-local instances, which are used by RAND_bytes() and RAND_priv_bytes(), respectively. The &lt;master&gt; DRBG is a global instance, which is not intended to be used directly, but is used internally to reseed the other two instances.</p>
+
+<p>These functions here provide access to the shared DRBG instances.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_get0_master() returns a pointer to the &lt;master&gt; DRBG instance.</p>
+
+<p>RAND_DRBG_get0_public() returns a pointer to the &lt;public&gt; DRBG instance.</p>
+
+<p>RAND_DRBG_get0_private() returns a pointer to the &lt;private&gt; DRBG instance.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is not thread-safe to access the &lt;master&gt; DRBG instance. The &lt;public&gt; and &lt;private&gt; DRBG instance can be accessed safely, because they are thread-local. Note however, that changes to these two instances apply only to the current thread.</p>
+
+<p>For that reason it is recommended not to change the settings of these three instances directly. Instead, an application should change the default settings for new DRBG instances at initialization time, before creating additional threads.</p>
+
+<p>During initialization, it is possible to change the reseed interval and reseed time interval. It is also possible to exchange the reseeding callbacks entirely.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_defaults.html">RAND_DRBG_set_reseed_defaults(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, <a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_private.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_private.html
new file mode 100644
index 000000000..635fe3d8d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_private.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_get0_master</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_get0_master, RAND_DRBG_get0_public, RAND_DRBG_get0_private - get access to the global RAND_DRBG instances</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ RAND_DRBG *RAND_DRBG_get0_master(void);
+ RAND_DRBG *RAND_DRBG_get0_public(void);
+ RAND_DRBG *RAND_DRBG_get0_private(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The default RAND API implementation (RAND_OpenSSL()) utilizes three shared DRBG instances which are accessed via the RAND API:</p>
+
+<p>The &lt;public&gt; and &lt;private&gt; DRBG are thread-local instances, which are used by RAND_bytes() and RAND_priv_bytes(), respectively. The &lt;master&gt; DRBG is a global instance, which is not intended to be used directly, but is used internally to reseed the other two instances.</p>
+
+<p>These functions here provide access to the shared DRBG instances.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_get0_master() returns a pointer to the &lt;master&gt; DRBG instance.</p>
+
+<p>RAND_DRBG_get0_public() returns a pointer to the &lt;public&gt; DRBG instance.</p>
+
+<p>RAND_DRBG_get0_private() returns a pointer to the &lt;private&gt; DRBG instance.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is not thread-safe to access the &lt;master&gt; DRBG instance. The &lt;public&gt; and &lt;private&gt; DRBG instance can be accessed safely, because they are thread-local. Note however, that changes to these two instances apply only to the current thread.</p>
+
+<p>For that reason it is recommended not to change the settings of these three instances directly. Instead, an application should change the default settings for new DRBG instances at initialization time, before creating additional threads.</p>
+
+<p>During initialization, it is possible to change the reseed interval and reseed time interval. It is also possible to exchange the reseeding callbacks entirely.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_defaults.html">RAND_DRBG_set_reseed_defaults(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, <a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_public.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_public.html
new file mode 100644
index 000000000..635fe3d8d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get0_public.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_get0_master</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_get0_master, RAND_DRBG_get0_public, RAND_DRBG_get0_private - get access to the global RAND_DRBG instances</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ RAND_DRBG *RAND_DRBG_get0_master(void);
+ RAND_DRBG *RAND_DRBG_get0_public(void);
+ RAND_DRBG *RAND_DRBG_get0_private(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The default RAND API implementation (RAND_OpenSSL()) utilizes three shared DRBG instances which are accessed via the RAND API:</p>
+
+<p>The &lt;public&gt; and &lt;private&gt; DRBG are thread-local instances, which are used by RAND_bytes() and RAND_priv_bytes(), respectively. The &lt;master&gt; DRBG is a global instance, which is not intended to be used directly, but is used internally to reseed the other two instances.</p>
+
+<p>These functions here provide access to the shared DRBG instances.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_get0_master() returns a pointer to the &lt;master&gt; DRBG instance.</p>
+
+<p>RAND_DRBG_get0_public() returns a pointer to the &lt;public&gt; DRBG instance.</p>
+
+<p>RAND_DRBG_get0_private() returns a pointer to the &lt;private&gt; DRBG instance.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is not thread-safe to access the &lt;master&gt; DRBG instance. The &lt;public&gt; and &lt;private&gt; DRBG instance can be accessed safely, because they are thread-local. Note however, that changes to these two instances apply only to the current thread.</p>
+
+<p>For that reason it is recommended not to change the settings of these three instances directly. Instead, an application should change the default settings for new DRBG instances at initialization time, before creating additional threads.</p>
+
+<p>During initialization, it is possible to change the reseed interval and reseed time interval. It is also possible to exchange the reseeding callbacks entirely.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_defaults.html">RAND_DRBG_set_reseed_defaults(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, <a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_entropy_fn.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_entropy_fn.html
new file mode 100644
index 000000000..143adce11
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_entropy_fn.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_set_callbacks</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_set_callbacks, RAND_DRBG_get_entropy_fn, RAND_DRBG_cleanup_entropy_fn, RAND_DRBG_get_nonce_fn, RAND_DRBG_cleanup_nonce_fn - set callbacks for reseeding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
+                             RAND_DRBG_get_entropy_fn get_entropy,
+                             RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
+                             RAND_DRBG_get_nonce_fn get_nonce,
+                             RAND_DRBG_cleanup_nonce_fn cleanup_nonce);</code></pre>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<pre><code> typedef size_t (*RAND_DRBG_get_entropy_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len,
+                       int prediction_resistance);
+
+ typedef void (*RAND_DRBG_cleanup_entropy_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);
+
+ typedef size_t (*RAND_DRBG_get_nonce_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len);
+
+ typedef void (*RAND_DRBG_cleanup_nonce_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_set_callbacks() sets the callbacks for obtaining fresh entropy and the nonce when reseeding the given <b>drbg</b>. The callback functions are implemented and provided by the caller. Their parameter lists need to match the function prototypes above.</p>
+
+<p>Setting the callbacks is allowed only if the DRBG has not been initialized yet. Otherwise, the operation will fail. To change the settings for one of the three shared DRBGs it is necessary to call RAND_DRBG_uninstantiate() first.</p>
+
+<p>The <b>get_entropy</b>() callback is called by the <b>drbg</b> when it requests fresh random input. It is expected that the callback allocates and fills a random buffer of size <b>min_len</b> &lt;= size &lt;= <b>max_len</b> (in bytes) which contains at least <b>entropy</b> bits of randomness. The <b>prediction_resistance</b> flag indicates whether the reseeding was triggered by a prediction resistance request.</p>
+
+<p>The buffer&#39;s address is to be returned in *<b>pout</b> and the number of collected randomness bytes as return value.</p>
+
+<p>If the callback fails to acquire at least <b>entropy</b> bits of randomness, it must indicate an error by returning a buffer length of 0.</p>
+
+<p>If <b>prediction_resistance</b> was requested and the random source of the DRBG does not satisfy the conditions requested by [NIST SP 800-90C], then it must also indicate an error by returning a buffer length of 0. See NOTES section for more details.</p>
+
+<p>The <b>cleanup_entropy</b>() callback is called from the <b>drbg</b> to to clear and free the buffer allocated previously by get_entropy(). The values <b>out</b> and <b>outlen</b> are the random buffer&#39;s address and length, as returned by the get_entropy() callback.</p>
+
+<p>The <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks are used to obtain a nonce and free it again. A nonce is only required for instantiation (not for reseeding) and only in the case where the DRBG uses a derivation function. The callbacks are analogous to get_entropy() and cleanup_entropy(), except for the missing prediction_resistance flag.</p>
+
+<p>If the derivation function is disabled, then no nonce is used for instantiation, and the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_set_callbacks() return 1 on success, and 0 on failure</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is important that <b>cleanup_entropy</b>() and <b>cleanup_nonce</b>() clear the buffer contents safely before freeing it, in order not to leave sensitive information about the DRBG&#39;s state in memory.</p>
+
+<p>A request for prediction resistance can only be satisfied by pulling fresh entropy from one of the approved entropy sources listed in section 5.5.2 of [NIST SP 800-90C]. Since the default implementation of the get_entropy callback does not have access to such an approved entropy source, a request for prediction resistance will always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
+
+<p>The derivation function is disabled during initialization by calling the RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag. For more information on the derivation function and when it can be omitted, see [NIST SP 800-90A Rev. 1]. Roughly speeking it can be omitted if the random source has &quot;full entropy&quot;, i.e., contains 8 bits of entropy per byte.</p>
+
+<p>Even if a nonce is required, the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL. In this case the DRBG will automatically request an extra amount of entropy (using the <b>get_entropy</b>() and <b>cleanup_entropy</b>() callbacks) which it will utilize for the nonce, following the recommendations of [NIST SP 800-90A Rev. 1], section 8.6.7.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_new.html">RAND_DRBG_new(3)</a>, <a href="../man3/RAND_DRBG_reseed.html">RAND_DRBG_reseed(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_ex_data.html
new file mode 100644
index 000000000..1aed97602
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_ex_data.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_set_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_set_ex_data, RAND_DRBG_get_ex_data, RAND_DRBG_get_ex_new_index - store and retrieve extra data from the DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_set_ex_data(RAND_DRBG *drbg, int idx, void *data);
+
+ void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int idx);
+
+ int RAND_DRBG_get_ex_new_index(long argl, void *argp,
+                                CRYPTO_EX_new *new_func,
+                                CRYPTO_EX_dup *dup_func,
+                                CRYPTO_EX_free *free_func);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_set_ex_data() enables an application to store arbitrary application specific data <b>data</b> in a RAND_DRBG instance <b>drbg</b>. The index <b>idx</b> should be a value previously returned from a call to RAND_DRBG_get_ex_new_index().</p>
+
+<p>RAND_DRBG_get_ex_data() retrieves application specific data previously stored in an RAND_DRBG instance <b>drbg</b>. The <b>idx</b> value should be the same as that used when originally storing the data.</p>
+
+<p>For more detailed information see <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a> and <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a> which implement these functions and <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for generating a unique index.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_set_ex_data() returns 1 for success or 0 for failure.</p>
+
+<p>RAND_DRBG_get_ex_data() returns the previously stored value or NULL on failure. NULL may also be a valid value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>RAND_DRBG_get_ex_new_index(...) is implemented as a macro and equivalent to CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG,...).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_ex_new_index.html
new file mode 100644
index 000000000..1aed97602
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_ex_new_index.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_set_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_set_ex_data, RAND_DRBG_get_ex_data, RAND_DRBG_get_ex_new_index - store and retrieve extra data from the DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_set_ex_data(RAND_DRBG *drbg, int idx, void *data);
+
+ void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int idx);
+
+ int RAND_DRBG_get_ex_new_index(long argl, void *argp,
+                                CRYPTO_EX_new *new_func,
+                                CRYPTO_EX_dup *dup_func,
+                                CRYPTO_EX_free *free_func);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_set_ex_data() enables an application to store arbitrary application specific data <b>data</b> in a RAND_DRBG instance <b>drbg</b>. The index <b>idx</b> should be a value previously returned from a call to RAND_DRBG_get_ex_new_index().</p>
+
+<p>RAND_DRBG_get_ex_data() retrieves application specific data previously stored in an RAND_DRBG instance <b>drbg</b>. The <b>idx</b> value should be the same as that used when originally storing the data.</p>
+
+<p>For more detailed information see <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a> and <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a> which implement these functions and <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for generating a unique index.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_set_ex_data() returns 1 for success or 0 for failure.</p>
+
+<p>RAND_DRBG_get_ex_data() returns the previously stored value or NULL on failure. NULL may also be a valid value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>RAND_DRBG_get_ex_new_index(...) is implemented as a macro and equivalent to CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG,...).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_nonce_fn.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_nonce_fn.html
new file mode 100644
index 000000000..143adce11
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_get_nonce_fn.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_set_callbacks</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_set_callbacks, RAND_DRBG_get_entropy_fn, RAND_DRBG_cleanup_entropy_fn, RAND_DRBG_get_nonce_fn, RAND_DRBG_cleanup_nonce_fn - set callbacks for reseeding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
+                             RAND_DRBG_get_entropy_fn get_entropy,
+                             RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
+                             RAND_DRBG_get_nonce_fn get_nonce,
+                             RAND_DRBG_cleanup_nonce_fn cleanup_nonce);</code></pre>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<pre><code> typedef size_t (*RAND_DRBG_get_entropy_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len,
+                       int prediction_resistance);
+
+ typedef void (*RAND_DRBG_cleanup_entropy_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);
+
+ typedef size_t (*RAND_DRBG_get_nonce_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len);
+
+ typedef void (*RAND_DRBG_cleanup_nonce_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_set_callbacks() sets the callbacks for obtaining fresh entropy and the nonce when reseeding the given <b>drbg</b>. The callback functions are implemented and provided by the caller. Their parameter lists need to match the function prototypes above.</p>
+
+<p>Setting the callbacks is allowed only if the DRBG has not been initialized yet. Otherwise, the operation will fail. To change the settings for one of the three shared DRBGs it is necessary to call RAND_DRBG_uninstantiate() first.</p>
+
+<p>The <b>get_entropy</b>() callback is called by the <b>drbg</b> when it requests fresh random input. It is expected that the callback allocates and fills a random buffer of size <b>min_len</b> &lt;= size &lt;= <b>max_len</b> (in bytes) which contains at least <b>entropy</b> bits of randomness. The <b>prediction_resistance</b> flag indicates whether the reseeding was triggered by a prediction resistance request.</p>
+
+<p>The buffer&#39;s address is to be returned in *<b>pout</b> and the number of collected randomness bytes as return value.</p>
+
+<p>If the callback fails to acquire at least <b>entropy</b> bits of randomness, it must indicate an error by returning a buffer length of 0.</p>
+
+<p>If <b>prediction_resistance</b> was requested and the random source of the DRBG does not satisfy the conditions requested by [NIST SP 800-90C], then it must also indicate an error by returning a buffer length of 0. See NOTES section for more details.</p>
+
+<p>The <b>cleanup_entropy</b>() callback is called from the <b>drbg</b> to to clear and free the buffer allocated previously by get_entropy(). The values <b>out</b> and <b>outlen</b> are the random buffer&#39;s address and length, as returned by the get_entropy() callback.</p>
+
+<p>The <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks are used to obtain a nonce and free it again. A nonce is only required for instantiation (not for reseeding) and only in the case where the DRBG uses a derivation function. The callbacks are analogous to get_entropy() and cleanup_entropy(), except for the missing prediction_resistance flag.</p>
+
+<p>If the derivation function is disabled, then no nonce is used for instantiation, and the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_set_callbacks() return 1 on success, and 0 on failure</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is important that <b>cleanup_entropy</b>() and <b>cleanup_nonce</b>() clear the buffer contents safely before freeing it, in order not to leave sensitive information about the DRBG&#39;s state in memory.</p>
+
+<p>A request for prediction resistance can only be satisfied by pulling fresh entropy from one of the approved entropy sources listed in section 5.5.2 of [NIST SP 800-90C]. Since the default implementation of the get_entropy callback does not have access to such an approved entropy source, a request for prediction resistance will always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
+
+<p>The derivation function is disabled during initialization by calling the RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag. For more information on the derivation function and when it can be omitted, see [NIST SP 800-90A Rev. 1]. Roughly speeking it can be omitted if the random source has &quot;full entropy&quot;, i.e., contains 8 bits of entropy per byte.</p>
+
+<p>Even if a nonce is required, the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL. In this case the DRBG will automatically request an extra amount of entropy (using the <b>get_entropy</b>() and <b>cleanup_entropy</b>() callbacks) which it will utilize for the nonce, following the recommendations of [NIST SP 800-90A Rev. 1], section 8.6.7.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_new.html">RAND_DRBG_new(3)</a>, <a href="../man3/RAND_DRBG_reseed.html">RAND_DRBG_reseed(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_instantiate.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_instantiate.html
new file mode 100644
index 000000000..fa99219ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_instantiate.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_new, RAND_DRBG_secure_new, RAND_DRBG_set, RAND_DRBG_set_defaults, RAND_DRBG_instantiate, RAND_DRBG_uninstantiate, RAND_DRBG_free - initialize and cleanup a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ RAND_DRBG *RAND_DRBG_new(int type,
+                          unsigned int flags,
+                          RAND_DRBG *parent);
+
+ RAND_DRBG *RAND_DRBG_secure_new(int type,
+                                 unsigned int flags,
+                                 RAND_DRBG *parent);
+
+ int RAND_DRBG_set(RAND_DRBG *drbg,
+                   int type, unsigned int flags);
+
+ int RAND_DRBG_set_defaults(int type, unsigned int flags);
+
+ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
+                           const unsigned char *pers, size_t perslen);
+
+ int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
+
+ void RAND_DRBG_free(RAND_DRBG *drbg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() create a new DRBG instance of the given <b>type</b>, allocated from the heap resp. the secure heap (using OPENSSL_zalloc() resp. OPENSSL_secure_zalloc()).</p>
+
+<p>RAND_DRBG_set() initializes the <b>drbg</b> with the given <b>type</b> and <b>flags</b>.</p>
+
+<p>RAND_DRBG_set_defaults() sets the default <b>type</b> and <b>flags</b> for new DRBG instances.</p>
+
+<p>Currently, all DRBG types are based on AES-CTR, so <b>type</b> can be one of the following values: NID_aes_128_ctr, NID_aes_192_ctr, NID_aes_256_ctr. Before the DRBG can be used to generate random bits, it is necessary to set its type and to instantiate it.</p>
+
+<p>The optional <b>flags</b> argument specifies a set of bit flags which can be joined using the | operator. Currently, the only flag is RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of a the derivation function ctr_df. For an explanation, see [NIST SP 800-90A Rev. 1].</p>
+
+<p>If a <b>parent</b> instance is specified then this will be used instead of the default entropy source for reseeding the <b>drbg</b>. It is said that the <b>drbg</b> is <i>chained</i> to its <b>parent</b>. For more information, see the NOTES section.</p>
+
+<p>RAND_DRBG_instantiate() seeds the <b>drbg</b> instance using random input from trusted entropy sources. Optionally, a personalization string <b>pers</b> of length <b>perslen</b> can be specified. To omit the personalization string, set <b>pers</b>=NULL and <b>perslen</b>=0;</p>
+
+<p>RAND_DRBG_uninstantiate() clears the internal state of the <b>drbg</b> and puts it back in the uninstantiated state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() return a pointer to a DRBG instance allocated on the heap, resp. secure heap.</p>
+
+<p>RAND_DRBG_set(), RAND_DRBG_instantiate(), and RAND_DRBG_uninstantiate() return 1 on success, and 0 on failure.</p>
+
+<p>RAND_DRBG_free() does not return a value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The DRBG design supports <i>chaining</i>, which means that a DRBG instance can use another <b>parent</b> DRBG instance instead of the default entropy source to obtain fresh random input for reseeding, provided that <b>parent</b> DRBG instance was properly instantiated, either from a trusted entropy source, or from yet another parent DRBG instance. For a detailed description of the reseeding process, see <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<p>The default DRBG type and flags are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_zalloc.html">OPENSSL_zalloc(3)</a>, <a href="../man3/OPENSSL_secure_zalloc.html">OPENSSL_secure_zalloc(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_new.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_new.html
new file mode 100644
index 000000000..fa99219ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_new.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_new, RAND_DRBG_secure_new, RAND_DRBG_set, RAND_DRBG_set_defaults, RAND_DRBG_instantiate, RAND_DRBG_uninstantiate, RAND_DRBG_free - initialize and cleanup a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ RAND_DRBG *RAND_DRBG_new(int type,
+                          unsigned int flags,
+                          RAND_DRBG *parent);
+
+ RAND_DRBG *RAND_DRBG_secure_new(int type,
+                                 unsigned int flags,
+                                 RAND_DRBG *parent);
+
+ int RAND_DRBG_set(RAND_DRBG *drbg,
+                   int type, unsigned int flags);
+
+ int RAND_DRBG_set_defaults(int type, unsigned int flags);
+
+ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
+                           const unsigned char *pers, size_t perslen);
+
+ int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
+
+ void RAND_DRBG_free(RAND_DRBG *drbg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() create a new DRBG instance of the given <b>type</b>, allocated from the heap resp. the secure heap (using OPENSSL_zalloc() resp. OPENSSL_secure_zalloc()).</p>
+
+<p>RAND_DRBG_set() initializes the <b>drbg</b> with the given <b>type</b> and <b>flags</b>.</p>
+
+<p>RAND_DRBG_set_defaults() sets the default <b>type</b> and <b>flags</b> for new DRBG instances.</p>
+
+<p>Currently, all DRBG types are based on AES-CTR, so <b>type</b> can be one of the following values: NID_aes_128_ctr, NID_aes_192_ctr, NID_aes_256_ctr. Before the DRBG can be used to generate random bits, it is necessary to set its type and to instantiate it.</p>
+
+<p>The optional <b>flags</b> argument specifies a set of bit flags which can be joined using the | operator. Currently, the only flag is RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of a the derivation function ctr_df. For an explanation, see [NIST SP 800-90A Rev. 1].</p>
+
+<p>If a <b>parent</b> instance is specified then this will be used instead of the default entropy source for reseeding the <b>drbg</b>. It is said that the <b>drbg</b> is <i>chained</i> to its <b>parent</b>. For more information, see the NOTES section.</p>
+
+<p>RAND_DRBG_instantiate() seeds the <b>drbg</b> instance using random input from trusted entropy sources. Optionally, a personalization string <b>pers</b> of length <b>perslen</b> can be specified. To omit the personalization string, set <b>pers</b>=NULL and <b>perslen</b>=0;</p>
+
+<p>RAND_DRBG_uninstantiate() clears the internal state of the <b>drbg</b> and puts it back in the uninstantiated state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() return a pointer to a DRBG instance allocated on the heap, resp. secure heap.</p>
+
+<p>RAND_DRBG_set(), RAND_DRBG_instantiate(), and RAND_DRBG_uninstantiate() return 1 on success, and 0 on failure.</p>
+
+<p>RAND_DRBG_free() does not return a value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The DRBG design supports <i>chaining</i>, which means that a DRBG instance can use another <b>parent</b> DRBG instance instead of the default entropy source to obtain fresh random input for reseeding, provided that <b>parent</b> DRBG instance was properly instantiated, either from a trusted entropy source, or from yet another parent DRBG instance. For a detailed description of the reseeding process, see <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<p>The default DRBG type and flags are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_zalloc.html">OPENSSL_zalloc(3)</a>, <a href="../man3/OPENSSL_secure_zalloc.html">OPENSSL_secure_zalloc(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_reseed.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_reseed.html
new file mode 100644
index 000000000..15865768e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_reseed.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_reseed</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_reseed, RAND_DRBG_set_reseed_interval, RAND_DRBG_set_reseed_time_interval, RAND_DRBG_set_reseed_defaults - reseed a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_reseed(RAND_DRBG *drbg,
+                      const unsigned char *adin, size_t adinlen);
+
+ int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
+                                   unsigned int interval);
+
+ int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg,
+                                        time_t interval);
+
+ int RAND_DRBG_set_reseed_defaults(
+                                   unsigned int master_reseed_interval,
+                                   unsigned int slave_reseed_interval,
+                                   time_t master_reseed_time_interval,
+                                   time_t slave_reseed_time_interval
+                                   );</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_reseed() reseeds the given <b>drbg</b>, obtaining entropy input from its entropy source and mixing in the specified additional data provided in the buffer <b>adin</b> of length <b>adinlen</b>. The additional data can be omitted by setting <b>adin</b> to NULL and <b>adinlen</b> to 0.</p>
+
+<p>RAND_DRBG_set_reseed_interval() sets the reseed interval of the <b>drbg</b>, which is the maximum allowed number of generate requests between consecutive reseedings. If <b>interval</b> &gt; 0, then the <b>drbg</b> will reseed automatically whenever the number of generate requests since its last seeding exceeds the given reseed interval. If <b>interval</b> == 0, then this feature is disabled.</p>
+
+<p>RAND_DRBG_set_reseed_time_interval() sets the reseed time interval of the <b>drbg</b>, which is the maximum allowed number of seconds between consecutive reseedings. If <b>interval</b> &gt; 0, then the <b>drbg</b> will reseed automatically whenever the elapsed time since its last reseeding exceeds the given reseed time interval. If <b>interval</b> == 0, then this feature is disabled.</p>
+
+<p>RAND_DRBG_set_reseed_defaults() sets the default values for the reseed interval (<b>master_reseed_interval</b> and <b>slave_reseed_interval</b>) and the reseed time interval (<b>master_reseed_time_interval</b> and <b>slave_reseed_tme_interval</b>) of DRBG instances. The default values are set independently for master DRBG instances (which don&#39;t have a parent) and slave DRBG instances (which are chained to a parent DRBG).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_reseed(), RAND_DRBG_set_reseed_interval(), and RAND_DRBG_set_reseed_time_interval(), return 1 on success, 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default OpenSSL random generator is already set up for automatic reseeding, so in general it is not necessary to reseed it explicitly, or to modify its reseeding thresholds.</p>
+
+<p>Normally, the entropy input for seeding a DRBG is either obtained from a trusted os entropy source or from a parent DRBG instance, which was seeded (directly or indirectly) from a trusted os entropy source. In exceptional cases it is possible to replace the reseeding mechanism entirely by providing application defined callbacks using RAND_DRBG_set_callbacks().</p>
+
+<p>The reseeding default values are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_reseed_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a>, <a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>. <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_secure_new.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_secure_new.html
new file mode 100644
index 000000000..fa99219ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_secure_new.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_new, RAND_DRBG_secure_new, RAND_DRBG_set, RAND_DRBG_set_defaults, RAND_DRBG_instantiate, RAND_DRBG_uninstantiate, RAND_DRBG_free - initialize and cleanup a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ RAND_DRBG *RAND_DRBG_new(int type,
+                          unsigned int flags,
+                          RAND_DRBG *parent);
+
+ RAND_DRBG *RAND_DRBG_secure_new(int type,
+                                 unsigned int flags,
+                                 RAND_DRBG *parent);
+
+ int RAND_DRBG_set(RAND_DRBG *drbg,
+                   int type, unsigned int flags);
+
+ int RAND_DRBG_set_defaults(int type, unsigned int flags);
+
+ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
+                           const unsigned char *pers, size_t perslen);
+
+ int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
+
+ void RAND_DRBG_free(RAND_DRBG *drbg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() create a new DRBG instance of the given <b>type</b>, allocated from the heap resp. the secure heap (using OPENSSL_zalloc() resp. OPENSSL_secure_zalloc()).</p>
+
+<p>RAND_DRBG_set() initializes the <b>drbg</b> with the given <b>type</b> and <b>flags</b>.</p>
+
+<p>RAND_DRBG_set_defaults() sets the default <b>type</b> and <b>flags</b> for new DRBG instances.</p>
+
+<p>Currently, all DRBG types are based on AES-CTR, so <b>type</b> can be one of the following values: NID_aes_128_ctr, NID_aes_192_ctr, NID_aes_256_ctr. Before the DRBG can be used to generate random bits, it is necessary to set its type and to instantiate it.</p>
+
+<p>The optional <b>flags</b> argument specifies a set of bit flags which can be joined using the | operator. Currently, the only flag is RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of a the derivation function ctr_df. For an explanation, see [NIST SP 800-90A Rev. 1].</p>
+
+<p>If a <b>parent</b> instance is specified then this will be used instead of the default entropy source for reseeding the <b>drbg</b>. It is said that the <b>drbg</b> is <i>chained</i> to its <b>parent</b>. For more information, see the NOTES section.</p>
+
+<p>RAND_DRBG_instantiate() seeds the <b>drbg</b> instance using random input from trusted entropy sources. Optionally, a personalization string <b>pers</b> of length <b>perslen</b> can be specified. To omit the personalization string, set <b>pers</b>=NULL and <b>perslen</b>=0;</p>
+
+<p>RAND_DRBG_uninstantiate() clears the internal state of the <b>drbg</b> and puts it back in the uninstantiated state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() return a pointer to a DRBG instance allocated on the heap, resp. secure heap.</p>
+
+<p>RAND_DRBG_set(), RAND_DRBG_instantiate(), and RAND_DRBG_uninstantiate() return 1 on success, and 0 on failure.</p>
+
+<p>RAND_DRBG_free() does not return a value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The DRBG design supports <i>chaining</i>, which means that a DRBG instance can use another <b>parent</b> DRBG instance instead of the default entropy source to obtain fresh random input for reseeding, provided that <b>parent</b> DRBG instance was properly instantiated, either from a trusted entropy source, or from yet another parent DRBG instance. For a detailed description of the reseeding process, see <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<p>The default DRBG type and flags are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_zalloc.html">OPENSSL_zalloc(3)</a>, <a href="../man3/OPENSSL_secure_zalloc.html">OPENSSL_secure_zalloc(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set.html
new file mode 100644
index 000000000..fa99219ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_new, RAND_DRBG_secure_new, RAND_DRBG_set, RAND_DRBG_set_defaults, RAND_DRBG_instantiate, RAND_DRBG_uninstantiate, RAND_DRBG_free - initialize and cleanup a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ RAND_DRBG *RAND_DRBG_new(int type,
+                          unsigned int flags,
+                          RAND_DRBG *parent);
+
+ RAND_DRBG *RAND_DRBG_secure_new(int type,
+                                 unsigned int flags,
+                                 RAND_DRBG *parent);
+
+ int RAND_DRBG_set(RAND_DRBG *drbg,
+                   int type, unsigned int flags);
+
+ int RAND_DRBG_set_defaults(int type, unsigned int flags);
+
+ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
+                           const unsigned char *pers, size_t perslen);
+
+ int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
+
+ void RAND_DRBG_free(RAND_DRBG *drbg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() create a new DRBG instance of the given <b>type</b>, allocated from the heap resp. the secure heap (using OPENSSL_zalloc() resp. OPENSSL_secure_zalloc()).</p>
+
+<p>RAND_DRBG_set() initializes the <b>drbg</b> with the given <b>type</b> and <b>flags</b>.</p>
+
+<p>RAND_DRBG_set_defaults() sets the default <b>type</b> and <b>flags</b> for new DRBG instances.</p>
+
+<p>Currently, all DRBG types are based on AES-CTR, so <b>type</b> can be one of the following values: NID_aes_128_ctr, NID_aes_192_ctr, NID_aes_256_ctr. Before the DRBG can be used to generate random bits, it is necessary to set its type and to instantiate it.</p>
+
+<p>The optional <b>flags</b> argument specifies a set of bit flags which can be joined using the | operator. Currently, the only flag is RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of a the derivation function ctr_df. For an explanation, see [NIST SP 800-90A Rev. 1].</p>
+
+<p>If a <b>parent</b> instance is specified then this will be used instead of the default entropy source for reseeding the <b>drbg</b>. It is said that the <b>drbg</b> is <i>chained</i> to its <b>parent</b>. For more information, see the NOTES section.</p>
+
+<p>RAND_DRBG_instantiate() seeds the <b>drbg</b> instance using random input from trusted entropy sources. Optionally, a personalization string <b>pers</b> of length <b>perslen</b> can be specified. To omit the personalization string, set <b>pers</b>=NULL and <b>perslen</b>=0;</p>
+
+<p>RAND_DRBG_uninstantiate() clears the internal state of the <b>drbg</b> and puts it back in the uninstantiated state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() return a pointer to a DRBG instance allocated on the heap, resp. secure heap.</p>
+
+<p>RAND_DRBG_set(), RAND_DRBG_instantiate(), and RAND_DRBG_uninstantiate() return 1 on success, and 0 on failure.</p>
+
+<p>RAND_DRBG_free() does not return a value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The DRBG design supports <i>chaining</i>, which means that a DRBG instance can use another <b>parent</b> DRBG instance instead of the default entropy source to obtain fresh random input for reseeding, provided that <b>parent</b> DRBG instance was properly instantiated, either from a trusted entropy source, or from yet another parent DRBG instance. For a detailed description of the reseeding process, see <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<p>The default DRBG type and flags are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_zalloc.html">OPENSSL_zalloc(3)</a>, <a href="../man3/OPENSSL_secure_zalloc.html">OPENSSL_secure_zalloc(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_callbacks.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_callbacks.html
new file mode 100644
index 000000000..143adce11
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_callbacks.html
@@ -0,0 +1,120 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_set_callbacks</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a>
+    <ul>
+      <li><a href="#Callback-Functions">Callback Functions</a></li>
+    </ul>
+  </li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_set_callbacks, RAND_DRBG_get_entropy_fn, RAND_DRBG_cleanup_entropy_fn, RAND_DRBG_get_nonce_fn, RAND_DRBG_cleanup_nonce_fn - set callbacks for reseeding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
+                             RAND_DRBG_get_entropy_fn get_entropy,
+                             RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
+                             RAND_DRBG_get_nonce_fn get_nonce,
+                             RAND_DRBG_cleanup_nonce_fn cleanup_nonce);</code></pre>
+
+<h2 id="Callback-Functions">Callback Functions</h2>
+
+<pre><code> typedef size_t (*RAND_DRBG_get_entropy_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len,
+                       int prediction_resistance);
+
+ typedef void (*RAND_DRBG_cleanup_entropy_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);
+
+ typedef size_t (*RAND_DRBG_get_nonce_fn)(
+                       RAND_DRBG *drbg,
+                       unsigned char **pout,
+                       int entropy,
+                       size_t min_len, size_t max_len);
+
+ typedef void (*RAND_DRBG_cleanup_nonce_fn)(
+                     RAND_DRBG *drbg,
+                     unsigned char *out, size_t outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_set_callbacks() sets the callbacks for obtaining fresh entropy and the nonce when reseeding the given <b>drbg</b>. The callback functions are implemented and provided by the caller. Their parameter lists need to match the function prototypes above.</p>
+
+<p>Setting the callbacks is allowed only if the DRBG has not been initialized yet. Otherwise, the operation will fail. To change the settings for one of the three shared DRBGs it is necessary to call RAND_DRBG_uninstantiate() first.</p>
+
+<p>The <b>get_entropy</b>() callback is called by the <b>drbg</b> when it requests fresh random input. It is expected that the callback allocates and fills a random buffer of size <b>min_len</b> &lt;= size &lt;= <b>max_len</b> (in bytes) which contains at least <b>entropy</b> bits of randomness. The <b>prediction_resistance</b> flag indicates whether the reseeding was triggered by a prediction resistance request.</p>
+
+<p>The buffer&#39;s address is to be returned in *<b>pout</b> and the number of collected randomness bytes as return value.</p>
+
+<p>If the callback fails to acquire at least <b>entropy</b> bits of randomness, it must indicate an error by returning a buffer length of 0.</p>
+
+<p>If <b>prediction_resistance</b> was requested and the random source of the DRBG does not satisfy the conditions requested by [NIST SP 800-90C], then it must also indicate an error by returning a buffer length of 0. See NOTES section for more details.</p>
+
+<p>The <b>cleanup_entropy</b>() callback is called from the <b>drbg</b> to to clear and free the buffer allocated previously by get_entropy(). The values <b>out</b> and <b>outlen</b> are the random buffer&#39;s address and length, as returned by the get_entropy() callback.</p>
+
+<p>The <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks are used to obtain a nonce and free it again. A nonce is only required for instantiation (not for reseeding) and only in the case where the DRBG uses a derivation function. The callbacks are analogous to get_entropy() and cleanup_entropy(), except for the missing prediction_resistance flag.</p>
+
+<p>If the derivation function is disabled, then no nonce is used for instantiation, and the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_set_callbacks() return 1 on success, and 0 on failure</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is important that <b>cleanup_entropy</b>() and <b>cleanup_nonce</b>() clear the buffer contents safely before freeing it, in order not to leave sensitive information about the DRBG&#39;s state in memory.</p>
+
+<p>A request for prediction resistance can only be satisfied by pulling fresh entropy from one of the approved entropy sources listed in section 5.5.2 of [NIST SP 800-90C]. Since the default implementation of the get_entropy callback does not have access to such an approved entropy source, a request for prediction resistance will always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
+
+<p>The derivation function is disabled during initialization by calling the RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag. For more information on the derivation function and when it can be omitted, see [NIST SP 800-90A Rev. 1]. Roughly speeking it can be omitted if the random source has &quot;full entropy&quot;, i.e., contains 8 bits of entropy per byte.</p>
+
+<p>Even if a nonce is required, the <b>get_nonce</b>() and <b>cleanup_nonce</b>() callbacks can be omitted by setting them to NULL. In this case the DRBG will automatically request an extra amount of entropy (using the <b>get_entropy</b>() and <b>cleanup_entropy</b>() callbacks) which it will utilize for the nonce, following the recommendations of [NIST SP 800-90A Rev. 1], section 8.6.7.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_new.html">RAND_DRBG_new(3)</a>, <a href="../man3/RAND_DRBG_reseed.html">RAND_DRBG_reseed(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_defaults.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_defaults.html
new file mode 100644
index 000000000..fa99219ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_defaults.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_new, RAND_DRBG_secure_new, RAND_DRBG_set, RAND_DRBG_set_defaults, RAND_DRBG_instantiate, RAND_DRBG_uninstantiate, RAND_DRBG_free - initialize and cleanup a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ RAND_DRBG *RAND_DRBG_new(int type,
+                          unsigned int flags,
+                          RAND_DRBG *parent);
+
+ RAND_DRBG *RAND_DRBG_secure_new(int type,
+                                 unsigned int flags,
+                                 RAND_DRBG *parent);
+
+ int RAND_DRBG_set(RAND_DRBG *drbg,
+                   int type, unsigned int flags);
+
+ int RAND_DRBG_set_defaults(int type, unsigned int flags);
+
+ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
+                           const unsigned char *pers, size_t perslen);
+
+ int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
+
+ void RAND_DRBG_free(RAND_DRBG *drbg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() create a new DRBG instance of the given <b>type</b>, allocated from the heap resp. the secure heap (using OPENSSL_zalloc() resp. OPENSSL_secure_zalloc()).</p>
+
+<p>RAND_DRBG_set() initializes the <b>drbg</b> with the given <b>type</b> and <b>flags</b>.</p>
+
+<p>RAND_DRBG_set_defaults() sets the default <b>type</b> and <b>flags</b> for new DRBG instances.</p>
+
+<p>Currently, all DRBG types are based on AES-CTR, so <b>type</b> can be one of the following values: NID_aes_128_ctr, NID_aes_192_ctr, NID_aes_256_ctr. Before the DRBG can be used to generate random bits, it is necessary to set its type and to instantiate it.</p>
+
+<p>The optional <b>flags</b> argument specifies a set of bit flags which can be joined using the | operator. Currently, the only flag is RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of a the derivation function ctr_df. For an explanation, see [NIST SP 800-90A Rev. 1].</p>
+
+<p>If a <b>parent</b> instance is specified then this will be used instead of the default entropy source for reseeding the <b>drbg</b>. It is said that the <b>drbg</b> is <i>chained</i> to its <b>parent</b>. For more information, see the NOTES section.</p>
+
+<p>RAND_DRBG_instantiate() seeds the <b>drbg</b> instance using random input from trusted entropy sources. Optionally, a personalization string <b>pers</b> of length <b>perslen</b> can be specified. To omit the personalization string, set <b>pers</b>=NULL and <b>perslen</b>=0;</p>
+
+<p>RAND_DRBG_uninstantiate() clears the internal state of the <b>drbg</b> and puts it back in the uninstantiated state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() return a pointer to a DRBG instance allocated on the heap, resp. secure heap.</p>
+
+<p>RAND_DRBG_set(), RAND_DRBG_instantiate(), and RAND_DRBG_uninstantiate() return 1 on success, and 0 on failure.</p>
+
+<p>RAND_DRBG_free() does not return a value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The DRBG design supports <i>chaining</i>, which means that a DRBG instance can use another <b>parent</b> DRBG instance instead of the default entropy source to obtain fresh random input for reseeding, provided that <b>parent</b> DRBG instance was properly instantiated, either from a trusted entropy source, or from yet another parent DRBG instance. For a detailed description of the reseeding process, see <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<p>The default DRBG type and flags are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_zalloc.html">OPENSSL_zalloc(3)</a>, <a href="../man3/OPENSSL_secure_zalloc.html">OPENSSL_secure_zalloc(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_ex_data.html
new file mode 100644
index 000000000..1aed97602
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_ex_data.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_set_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_set_ex_data, RAND_DRBG_get_ex_data, RAND_DRBG_get_ex_new_index - store and retrieve extra data from the DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_set_ex_data(RAND_DRBG *drbg, int idx, void *data);
+
+ void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int idx);
+
+ int RAND_DRBG_get_ex_new_index(long argl, void *argp,
+                                CRYPTO_EX_new *new_func,
+                                CRYPTO_EX_dup *dup_func,
+                                CRYPTO_EX_free *free_func);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_set_ex_data() enables an application to store arbitrary application specific data <b>data</b> in a RAND_DRBG instance <b>drbg</b>. The index <b>idx</b> should be a value previously returned from a call to RAND_DRBG_get_ex_new_index().</p>
+
+<p>RAND_DRBG_get_ex_data() retrieves application specific data previously stored in an RAND_DRBG instance <b>drbg</b>. The <b>idx</b> value should be the same as that used when originally storing the data.</p>
+
+<p>For more detailed information see <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a> and <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a> which implement these functions and <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for generating a unique index.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_set_ex_data() returns 1 for success or 0 for failure.</p>
+
+<p>RAND_DRBG_get_ex_data() returns the previously stored value or NULL on failure. NULL may also be a valid value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>RAND_DRBG_get_ex_new_index(...) is implemented as a macro and equivalent to CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG,...).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_defaults.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_defaults.html
new file mode 100644
index 000000000..15865768e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_defaults.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_reseed</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_reseed, RAND_DRBG_set_reseed_interval, RAND_DRBG_set_reseed_time_interval, RAND_DRBG_set_reseed_defaults - reseed a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_reseed(RAND_DRBG *drbg,
+                      const unsigned char *adin, size_t adinlen);
+
+ int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
+                                   unsigned int interval);
+
+ int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg,
+                                        time_t interval);
+
+ int RAND_DRBG_set_reseed_defaults(
+                                   unsigned int master_reseed_interval,
+                                   unsigned int slave_reseed_interval,
+                                   time_t master_reseed_time_interval,
+                                   time_t slave_reseed_time_interval
+                                   );</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_reseed() reseeds the given <b>drbg</b>, obtaining entropy input from its entropy source and mixing in the specified additional data provided in the buffer <b>adin</b> of length <b>adinlen</b>. The additional data can be omitted by setting <b>adin</b> to NULL and <b>adinlen</b> to 0.</p>
+
+<p>RAND_DRBG_set_reseed_interval() sets the reseed interval of the <b>drbg</b>, which is the maximum allowed number of generate requests between consecutive reseedings. If <b>interval</b> &gt; 0, then the <b>drbg</b> will reseed automatically whenever the number of generate requests since its last seeding exceeds the given reseed interval. If <b>interval</b> == 0, then this feature is disabled.</p>
+
+<p>RAND_DRBG_set_reseed_time_interval() sets the reseed time interval of the <b>drbg</b>, which is the maximum allowed number of seconds between consecutive reseedings. If <b>interval</b> &gt; 0, then the <b>drbg</b> will reseed automatically whenever the elapsed time since its last reseeding exceeds the given reseed time interval. If <b>interval</b> == 0, then this feature is disabled.</p>
+
+<p>RAND_DRBG_set_reseed_defaults() sets the default values for the reseed interval (<b>master_reseed_interval</b> and <b>slave_reseed_interval</b>) and the reseed time interval (<b>master_reseed_time_interval</b> and <b>slave_reseed_tme_interval</b>) of DRBG instances. The default values are set independently for master DRBG instances (which don&#39;t have a parent) and slave DRBG instances (which are chained to a parent DRBG).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_reseed(), RAND_DRBG_set_reseed_interval(), and RAND_DRBG_set_reseed_time_interval(), return 1 on success, 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default OpenSSL random generator is already set up for automatic reseeding, so in general it is not necessary to reseed it explicitly, or to modify its reseeding thresholds.</p>
+
+<p>Normally, the entropy input for seeding a DRBG is either obtained from a trusted os entropy source or from a parent DRBG instance, which was seeded (directly or indirectly) from a trusted os entropy source. In exceptional cases it is possible to replace the reseeding mechanism entirely by providing application defined callbacks using RAND_DRBG_set_callbacks().</p>
+
+<p>The reseeding default values are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_reseed_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a>, <a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>. <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_interval.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_interval.html
new file mode 100644
index 000000000..15865768e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_interval.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_reseed</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_reseed, RAND_DRBG_set_reseed_interval, RAND_DRBG_set_reseed_time_interval, RAND_DRBG_set_reseed_defaults - reseed a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_reseed(RAND_DRBG *drbg,
+                      const unsigned char *adin, size_t adinlen);
+
+ int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
+                                   unsigned int interval);
+
+ int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg,
+                                        time_t interval);
+
+ int RAND_DRBG_set_reseed_defaults(
+                                   unsigned int master_reseed_interval,
+                                   unsigned int slave_reseed_interval,
+                                   time_t master_reseed_time_interval,
+                                   time_t slave_reseed_time_interval
+                                   );</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_reseed() reseeds the given <b>drbg</b>, obtaining entropy input from its entropy source and mixing in the specified additional data provided in the buffer <b>adin</b> of length <b>adinlen</b>. The additional data can be omitted by setting <b>adin</b> to NULL and <b>adinlen</b> to 0.</p>
+
+<p>RAND_DRBG_set_reseed_interval() sets the reseed interval of the <b>drbg</b>, which is the maximum allowed number of generate requests between consecutive reseedings. If <b>interval</b> &gt; 0, then the <b>drbg</b> will reseed automatically whenever the number of generate requests since its last seeding exceeds the given reseed interval. If <b>interval</b> == 0, then this feature is disabled.</p>
+
+<p>RAND_DRBG_set_reseed_time_interval() sets the reseed time interval of the <b>drbg</b>, which is the maximum allowed number of seconds between consecutive reseedings. If <b>interval</b> &gt; 0, then the <b>drbg</b> will reseed automatically whenever the elapsed time since its last reseeding exceeds the given reseed time interval. If <b>interval</b> == 0, then this feature is disabled.</p>
+
+<p>RAND_DRBG_set_reseed_defaults() sets the default values for the reseed interval (<b>master_reseed_interval</b> and <b>slave_reseed_interval</b>) and the reseed time interval (<b>master_reseed_time_interval</b> and <b>slave_reseed_tme_interval</b>) of DRBG instances. The default values are set independently for master DRBG instances (which don&#39;t have a parent) and slave DRBG instances (which are chained to a parent DRBG).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_reseed(), RAND_DRBG_set_reseed_interval(), and RAND_DRBG_set_reseed_time_interval(), return 1 on success, 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default OpenSSL random generator is already set up for automatic reseeding, so in general it is not necessary to reseed it explicitly, or to modify its reseeding thresholds.</p>
+
+<p>Normally, the entropy input for seeding a DRBG is either obtained from a trusted os entropy source or from a parent DRBG instance, which was seeded (directly or indirectly) from a trusted os entropy source. In exceptional cases it is possible to replace the reseeding mechanism entirely by providing application defined callbacks using RAND_DRBG_set_callbacks().</p>
+
+<p>The reseeding default values are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_reseed_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a>, <a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>. <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_time_interval.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_time_interval.html
new file mode 100644
index 000000000..15865768e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_time_interval.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_reseed</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_reseed, RAND_DRBG_set_reseed_interval, RAND_DRBG_set_reseed_time_interval, RAND_DRBG_set_reseed_defaults - reseed a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+ int RAND_DRBG_reseed(RAND_DRBG *drbg,
+                      const unsigned char *adin, size_t adinlen);
+
+ int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
+                                   unsigned int interval);
+
+ int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg,
+                                        time_t interval);
+
+ int RAND_DRBG_set_reseed_defaults(
+                                   unsigned int master_reseed_interval,
+                                   unsigned int slave_reseed_interval,
+                                   time_t master_reseed_time_interval,
+                                   time_t slave_reseed_time_interval
+                                   );</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_reseed() reseeds the given <b>drbg</b>, obtaining entropy input from its entropy source and mixing in the specified additional data provided in the buffer <b>adin</b> of length <b>adinlen</b>. The additional data can be omitted by setting <b>adin</b> to NULL and <b>adinlen</b> to 0.</p>
+
+<p>RAND_DRBG_set_reseed_interval() sets the reseed interval of the <b>drbg</b>, which is the maximum allowed number of generate requests between consecutive reseedings. If <b>interval</b> &gt; 0, then the <b>drbg</b> will reseed automatically whenever the number of generate requests since its last seeding exceeds the given reseed interval. If <b>interval</b> == 0, then this feature is disabled.</p>
+
+<p>RAND_DRBG_set_reseed_time_interval() sets the reseed time interval of the <b>drbg</b>, which is the maximum allowed number of seconds between consecutive reseedings. If <b>interval</b> &gt; 0, then the <b>drbg</b> will reseed automatically whenever the elapsed time since its last reseeding exceeds the given reseed time interval. If <b>interval</b> == 0, then this feature is disabled.</p>
+
+<p>RAND_DRBG_set_reseed_defaults() sets the default values for the reseed interval (<b>master_reseed_interval</b> and <b>slave_reseed_interval</b>) and the reseed time interval (<b>master_reseed_time_interval</b> and <b>slave_reseed_tme_interval</b>) of DRBG instances. The default values are set independently for master DRBG instances (which don&#39;t have a parent) and slave DRBG instances (which are chained to a parent DRBG).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_reseed(), RAND_DRBG_set_reseed_interval(), and RAND_DRBG_set_reseed_time_interval(), return 1 on success, 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default OpenSSL random generator is already set up for automatic reseeding, so in general it is not necessary to reseed it explicitly, or to modify its reseeding thresholds.</p>
+
+<p>Normally, the entropy input for seeding a DRBG is either obtained from a trusted os entropy source or from a parent DRBG instance, which was seeded (directly or indirectly) from a trusted os entropy source. In exceptional cases it is possible to replace the reseeding mechanism entirely by providing application defined callbacks using RAND_DRBG_set_callbacks().</p>
+
+<p>The reseeding default values are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_reseed_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a>, <a href="../man3/RAND_DRBG_set_callbacks.html">RAND_DRBG_set_callbacks(3)</a>. <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_uninstantiate.html b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_uninstantiate.html
new file mode 100644
index 000000000..fa99219ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_DRBG_uninstantiate.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG_new, RAND_DRBG_secure_new, RAND_DRBG_set, RAND_DRBG_set_defaults, RAND_DRBG_instantiate, RAND_DRBG_uninstantiate, RAND_DRBG_free - initialize and cleanup a RAND_DRBG instance</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;
+
+
+ RAND_DRBG *RAND_DRBG_new(int type,
+                          unsigned int flags,
+                          RAND_DRBG *parent);
+
+ RAND_DRBG *RAND_DRBG_secure_new(int type,
+                                 unsigned int flags,
+                                 RAND_DRBG *parent);
+
+ int RAND_DRBG_set(RAND_DRBG *drbg,
+                   int type, unsigned int flags);
+
+ int RAND_DRBG_set_defaults(int type, unsigned int flags);
+
+ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
+                           const unsigned char *pers, size_t perslen);
+
+ int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
+
+ void RAND_DRBG_free(RAND_DRBG *drbg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() create a new DRBG instance of the given <b>type</b>, allocated from the heap resp. the secure heap (using OPENSSL_zalloc() resp. OPENSSL_secure_zalloc()).</p>
+
+<p>RAND_DRBG_set() initializes the <b>drbg</b> with the given <b>type</b> and <b>flags</b>.</p>
+
+<p>RAND_DRBG_set_defaults() sets the default <b>type</b> and <b>flags</b> for new DRBG instances.</p>
+
+<p>Currently, all DRBG types are based on AES-CTR, so <b>type</b> can be one of the following values: NID_aes_128_ctr, NID_aes_192_ctr, NID_aes_256_ctr. Before the DRBG can be used to generate random bits, it is necessary to set its type and to instantiate it.</p>
+
+<p>The optional <b>flags</b> argument specifies a set of bit flags which can be joined using the | operator. Currently, the only flag is RAND_DRBG_FLAG_CTR_NO_DF, which disables the use of a the derivation function ctr_df. For an explanation, see [NIST SP 800-90A Rev. 1].</p>
+
+<p>If a <b>parent</b> instance is specified then this will be used instead of the default entropy source for reseeding the <b>drbg</b>. It is said that the <b>drbg</b> is <i>chained</i> to its <b>parent</b>. For more information, see the NOTES section.</p>
+
+<p>RAND_DRBG_instantiate() seeds the <b>drbg</b> instance using random input from trusted entropy sources. Optionally, a personalization string <b>pers</b> of length <b>perslen</b> can be specified. To omit the personalization string, set <b>pers</b>=NULL and <b>perslen</b>=0;</p>
+
+<p>RAND_DRBG_uninstantiate() clears the internal state of the <b>drbg</b> and puts it back in the uninstantiated state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_DRBG_new() and RAND_DRBG_secure_new() return a pointer to a DRBG instance allocated on the heap, resp. secure heap.</p>
+
+<p>RAND_DRBG_set(), RAND_DRBG_instantiate(), and RAND_DRBG_uninstantiate() return 1 on success, and 0 on failure.</p>
+
+<p>RAND_DRBG_free() does not return a value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The DRBG design supports <i>chaining</i>, which means that a DRBG instance can use another <b>parent</b> DRBG instance instead of the default entropy source to obtain fresh random input for reseeding, provided that <b>parent</b> DRBG instance was properly instantiated, either from a trusted entropy source, or from yet another parent DRBG instance. For a detailed description of the reseeding process, see <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<p>The default DRBG type and flags are applied only during creation of a DRBG instance. To ensure that they are applied to the global and thread-local DRBG instances (&lt;master&gt;, resp. &lt;public&gt; and &lt;private&gt;), it is necessary to call RAND_DRBG_set_defaults() before creating any thread and before calling any cryptographic routines that obtain random data directly or indirectly.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RAND_DRBG functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_zalloc.html">OPENSSL_zalloc(3)</a>, <a href="../man3/OPENSSL_secure_zalloc.html">OPENSSL_secure_zalloc(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_OpenSSL.html b/msys2/usr/share/doc/openssl/html/man3/RAND_OpenSSL.html
new file mode 100644
index 000000000..5d0c34fb2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_OpenSSL.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_set_rand_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RAND_METHOD-STRUCTURE">THE RAND_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_set_rand_method, RAND_get_rand_method, RAND_OpenSSL - select RAND method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ RAND_METHOD *RAND_OpenSSL(void);
+
+ void RAND_set_rand_method(const RAND_METHOD *meth);
+
+ const RAND_METHOD *RAND_get_rand_method(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>RAND_METHOD</b> specifies the functions that OpenSSL uses for random number generation.</p>
+
+<p>RAND_OpenSSL() returns the default <b>RAND_METHOD</b> implementation by OpenSSL. This implementation ensures that the PRNG state is unique for each thread.</p>
+
+<p>If an <b>ENGINE</b> is loaded that provides the RAND API, however, it will be used instead of the method returned by RAND_OpenSSL().</p>
+
+<p>RAND_set_rand_method() makes <b>meth</b> the method for PRNG use. If an ENGINE was providing the method, it will be released first.</p>
+
+<p>RAND_get_rand_method() returns a pointer to the current <b>RAND_METHOD</b>.</p>
+
+<h1 id="THE-RAND_METHOD-STRUCTURE">THE RAND_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rand_meth_st {
+     void (*seed)(const void *buf, int num);
+     int (*bytes)(unsigned char *buf, int num);
+     void (*cleanup)(void);
+     void (*add)(const void *buf, int num, int randomness);
+     int (*pseudorand)(unsigned char *buf, int num);
+     int (*status)(void);
+ } RAND_METHOD;</code></pre>
+
+<p>The fields point to functions that are used by, in order, RAND_seed(), RAND_bytes(), internal RAND cleanup, RAND_add(), RAND_pseudo_rand() and RAND_status(). Each pointer may be NULL if the function is not implemented.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_set_rand_method() returns no value. RAND_get_rand_method() and RAND_OpenSSL() return pointers to the respective methods.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/ENGINE_by_id.html">ENGINE_by_id(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_add.html b/msys2/usr/share/doc/openssl/html/man3/RAND_add.html
new file mode 100644
index 000000000..14f84ccfc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_add.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen, RAND_keep_random_devices_open - add randomness to the PRNG or get its status</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_status(void);
+ int RAND_poll();
+
+ void RAND_add(const void *buf, int num, double randomness);
+ void RAND_seed(const void *buf, int num);
+
+ void RAND_keep_random_devices_open(int keep);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
+ void RAND_screen(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions can be used to seed the random generator and to check its seeded state. In general, manual (re-)seeding of the default OpenSSL random generator (<a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>) is not necessary (but allowed), since it does (re-)seed itself automatically using trusted system entropy sources. This holds unless the default RAND_METHOD has been replaced or OpenSSL was built with automatic reseeding disabled, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_status() indicates whether or not the random generator has been sufficiently seeded. If not, functions such as <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> will fail.</p>
+
+<p>RAND_poll() uses the system&#39;s capabilities to seed the random generator using random input obtained from polling various trusted entropy sources. The default choice of the entropy source can be modified at build time, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_add() mixes the <b>num</b> bytes at <b>buf</b> into the internal state of the random generator. This function will not normally be needed, as mentioned above. The <b>randomness</b> argument is an estimate of how much randomness is contained in <b>buf</b>, in bytes, and should be a number between zero and <b>num</b>. Details about sources of randomness and how to estimate their randomness can be found in the literature; for example [NIST SP 800-90B]. The content of <b>buf</b> cannot be recovered from subsequent random generator output. Applications that intend to save and restore random state in an external file should consider using <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a> instead.</p>
+
+<p>RAND_seed() is equivalent to RAND_add() with <b>randomness</b> set to <b>num</b>.</p>
+
+<p>RAND_keep_random_devices_open() is used to control file descriptor usage by the random seed sources. Some seed sources maintain open file descriptors by default, which allows such sources to operate in a chroot(2) jail without the associated device nodes being available. When the <b>keep</b> argument is zero, this call disables the retention of file descriptors. Conversely, a non-zero argument enables the retention of file descriptors. This function is usually called during initialization and it takes effect immediately.</p>
+
+<p>RAND_event() and RAND_screen() are equivalent to RAND_poll() and exist for compatibility reasons only. See HISTORY section below.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_status() returns 1 if the random generator has been seeded with enough data, 0 otherwise.</p>
+
+<p>RAND_poll() returns 1 if it generated seed data, 0 otherwise.</p>
+
+<p>RAND_event() returns RAND_status().</p>
+
+<p>The other functions do not return values.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RAND_event() and RAND_screen() were deprecated in OpenSSL 1.1.0 and should not be used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_egd.html">RAND_egd(3)</a>, <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_bytes.html b/msys2/usr/share/doc/openssl/html/man3/RAND_bytes.html
new file mode 100644
index 000000000..6863a55ad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_bytes.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_bytes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes - generate random data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_bytes(unsigned char *buf, int num);
+ int RAND_priv_bytes(unsigned char *buf, int num);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_pseudo_bytes(unsigned char *buf, int num);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_bytes() puts <b>num</b> cryptographically strong pseudo-random bytes into <b>buf</b>.</p>
+
+<p>RAND_priv_bytes() has the same semantics as RAND_bytes(). It is intended to be used for generating values that should remain private. If using the default RAND_METHOD, this function uses a separate &quot;private&quot; PRNG instance so that a compromise of the &quot;public&quot; PRNG instance will not affect the secrecy of these private values, as described in <a href="../man7/RAND.html">RAND(7)</a> and <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of RAND_bytes() and RAND_priv_bytes() and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_bytes() and RAND_priv_bytes() return 1 on success, -1 if not supported by the current RAND method, or 0 on other failure. The error code can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0; use RAND_bytes() instead.</p>
+
+</li>
+<li><p>The RAND_priv_bytes() function was added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/RAND_cleanup.html
new file mode 100644
index 000000000..2894216a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_cleanup.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_cleanup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_cleanup - erase the PRNG state</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void RAND_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Prior to OpenSSL 1.1.0, RAND_cleanup() released all resources used by the PRNG. As of version 1.1.0, it does nothing and should not be called, since no explicit initialisation or de-initialisation is necessary. See <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_cleanup() returns no value.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RAND_cleanup() was deprecated in OpenSSL 1.1.0; do not use it. See <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a></p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_egd.html b/msys2/usr/share/doc/openssl/html/man3/RAND_egd.html
new file mode 100644
index 000000000..64554144d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_egd.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_egd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_egd_bytes(const char *path, int num);
+ int RAND_egd(const char *path);
+
+ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>On older platforms without a good source of randomness such as <code>/dev/urandom</code>, it is possible to query an Entropy Gathering Daemon (EGD) over a local socket to obtain randomness and seed the OpenSSL RNG. The protocol used is defined by the EGDs available at <a href="http://egd.sourceforge.net/">http://egd.sourceforge.net/</a> or <a href="http://prngd.sourceforge.net">http://prngd.sourceforge.net</a>.</p>
+
+<p>RAND_egd_bytes() requests <b>num</b> bytes of randomness from an EGD at the specified socket <b>path</b>, and passes the data it receives into RAND_add(). RAND_egd() is equivalent to RAND_egd_bytes() with <b>num</b> set to 255.</p>
+
+<p>RAND_query_egd_bytes() requests <b>num</b> bytes of randomness from an EGD at the specified socket <b>path</b>, where <b>num</b> must be less than 256. If <b>buf</b> is <b>NULL</b>, it is equivalent to RAND_egd_bytes(). If <b>buf</b> is not <b>NULL</b>, then the data is copied to the buffer and RAND_add() is not called.</p>
+
+<p>OpenSSL can be configured at build time to try to use the EGD for seeding automatically.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_egd() and RAND_egd_bytes() return the number of bytes read from the daemon on success, or -1 if the connection failed or the daemon did not return enough data to fully seed the PRNG.</p>
+
+<p>RAND_query_egd_bytes() returns the number of bytes read from the daemon on success, or -1 if the connection failed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_egd_bytes.html b/msys2/usr/share/doc/openssl/html/man3/RAND_egd_bytes.html
new file mode 100644
index 000000000..64554144d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_egd_bytes.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_egd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_egd_bytes(const char *path, int num);
+ int RAND_egd(const char *path);
+
+ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>On older platforms without a good source of randomness such as <code>/dev/urandom</code>, it is possible to query an Entropy Gathering Daemon (EGD) over a local socket to obtain randomness and seed the OpenSSL RNG. The protocol used is defined by the EGDs available at <a href="http://egd.sourceforge.net/">http://egd.sourceforge.net/</a> or <a href="http://prngd.sourceforge.net">http://prngd.sourceforge.net</a>.</p>
+
+<p>RAND_egd_bytes() requests <b>num</b> bytes of randomness from an EGD at the specified socket <b>path</b>, and passes the data it receives into RAND_add(). RAND_egd() is equivalent to RAND_egd_bytes() with <b>num</b> set to 255.</p>
+
+<p>RAND_query_egd_bytes() requests <b>num</b> bytes of randomness from an EGD at the specified socket <b>path</b>, where <b>num</b> must be less than 256. If <b>buf</b> is <b>NULL</b>, it is equivalent to RAND_egd_bytes(). If <b>buf</b> is not <b>NULL</b>, then the data is copied to the buffer and RAND_add() is not called.</p>
+
+<p>OpenSSL can be configured at build time to try to use the EGD for seeding automatically.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_egd() and RAND_egd_bytes() return the number of bytes read from the daemon on success, or -1 if the connection failed or the daemon did not return enough data to fully seed the PRNG.</p>
+
+<p>RAND_query_egd_bytes() returns the number of bytes read from the daemon on success, or -1 if the connection failed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_event.html b/msys2/usr/share/doc/openssl/html/man3/RAND_event.html
new file mode 100644
index 000000000..14f84ccfc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_event.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen, RAND_keep_random_devices_open - add randomness to the PRNG or get its status</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_status(void);
+ int RAND_poll();
+
+ void RAND_add(const void *buf, int num, double randomness);
+ void RAND_seed(const void *buf, int num);
+
+ void RAND_keep_random_devices_open(int keep);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
+ void RAND_screen(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions can be used to seed the random generator and to check its seeded state. In general, manual (re-)seeding of the default OpenSSL random generator (<a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>) is not necessary (but allowed), since it does (re-)seed itself automatically using trusted system entropy sources. This holds unless the default RAND_METHOD has been replaced or OpenSSL was built with automatic reseeding disabled, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_status() indicates whether or not the random generator has been sufficiently seeded. If not, functions such as <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> will fail.</p>
+
+<p>RAND_poll() uses the system&#39;s capabilities to seed the random generator using random input obtained from polling various trusted entropy sources. The default choice of the entropy source can be modified at build time, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_add() mixes the <b>num</b> bytes at <b>buf</b> into the internal state of the random generator. This function will not normally be needed, as mentioned above. The <b>randomness</b> argument is an estimate of how much randomness is contained in <b>buf</b>, in bytes, and should be a number between zero and <b>num</b>. Details about sources of randomness and how to estimate their randomness can be found in the literature; for example [NIST SP 800-90B]. The content of <b>buf</b> cannot be recovered from subsequent random generator output. Applications that intend to save and restore random state in an external file should consider using <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a> instead.</p>
+
+<p>RAND_seed() is equivalent to RAND_add() with <b>randomness</b> set to <b>num</b>.</p>
+
+<p>RAND_keep_random_devices_open() is used to control file descriptor usage by the random seed sources. Some seed sources maintain open file descriptors by default, which allows such sources to operate in a chroot(2) jail without the associated device nodes being available. When the <b>keep</b> argument is zero, this call disables the retention of file descriptors. Conversely, a non-zero argument enables the retention of file descriptors. This function is usually called during initialization and it takes effect immediately.</p>
+
+<p>RAND_event() and RAND_screen() are equivalent to RAND_poll() and exist for compatibility reasons only. See HISTORY section below.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_status() returns 1 if the random generator has been seeded with enough data, 0 otherwise.</p>
+
+<p>RAND_poll() returns 1 if it generated seed data, 0 otherwise.</p>
+
+<p>RAND_event() returns RAND_status().</p>
+
+<p>The other functions do not return values.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RAND_event() and RAND_screen() were deprecated in OpenSSL 1.1.0 and should not be used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_egd.html">RAND_egd(3)</a>, <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_file_name.html b/msys2/usr/share/doc/openssl/html/man3/RAND_file_name.html
new file mode 100644
index 000000000..147b85313
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_file_name.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_load_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_load_file(const char *filename, long max_bytes);
+
+ int RAND_write_file(const char *filename);
+
+ const char *RAND_file_name(char *buf, size_t num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_load_file() reads a number of bytes from file <b>filename</b> and adds them to the PRNG. If <b>max_bytes</b> is non-negative, up to <b>max_bytes</b> are read; if <b>max_bytes</b> is -1, the complete file is read. Do not load the same file multiple times unless its contents have been updated by RAND_write_file() between reads. Also, note that <b>filename</b> should be adequately protected so that an attacker cannot replace or examine the contents. If <b>filename</b> is not a regular file, then user is considered to be responsible for any side effects, e.g. non-anticipated blocking or capture of controlling terminal.</p>
+
+<p>RAND_write_file() writes a number of random bytes (currently 128) to file <b>filename</b> which can be used to initialize the PRNG by calling RAND_load_file() in a later session.</p>
+
+<p>RAND_file_name() generates a default path for the random seed file. <b>buf</b> points to a buffer of size <b>num</b> in which to store the filename.</p>
+
+<p>On all systems, if the environment variable <b>RANDFILE</b> is set, its value will be used as the seed file name. Otherwise, the file is called <code>.rnd</code>, found in platform dependent locations:</p>
+
+<dl>
+
+<dt id="On-Windows-in-order-of-preference">On Windows (in order of preference)</dt>
+<dd>
+
+<pre><code> %HOME%, %USERPROFILE%, %SYSTEMROOT%, C:\</code></pre>
+
+</dd>
+<dt id="On-VMS">On VMS</dt>
+<dd>
+
+<pre><code> SYS$LOGIN:</code></pre>
+
+</dd>
+<dt id="On-all-other-systems">On all other systems</dt>
+<dd>
+
+<pre><code> $HOME</code></pre>
+
+</dd>
+</dl>
+
+<p>If <code>$HOME</code> (on non-Windows and non-VMS system) is not set either, or <b>num</b> is too small for the path name, an error occurs.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_load_file() returns the number of bytes read or -1 on error.</p>
+
+<p>RAND_write_file() returns the number of bytes written, or -1 if the bytes written were generated without appropriate seeding.</p>
+
+<p>RAND_file_name() returns a pointer to <b>buf</b> on success, and NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_get_rand_method.html b/msys2/usr/share/doc/openssl/html/man3/RAND_get_rand_method.html
new file mode 100644
index 000000000..5d0c34fb2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_get_rand_method.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_set_rand_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RAND_METHOD-STRUCTURE">THE RAND_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_set_rand_method, RAND_get_rand_method, RAND_OpenSSL - select RAND method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ RAND_METHOD *RAND_OpenSSL(void);
+
+ void RAND_set_rand_method(const RAND_METHOD *meth);
+
+ const RAND_METHOD *RAND_get_rand_method(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>RAND_METHOD</b> specifies the functions that OpenSSL uses for random number generation.</p>
+
+<p>RAND_OpenSSL() returns the default <b>RAND_METHOD</b> implementation by OpenSSL. This implementation ensures that the PRNG state is unique for each thread.</p>
+
+<p>If an <b>ENGINE</b> is loaded that provides the RAND API, however, it will be used instead of the method returned by RAND_OpenSSL().</p>
+
+<p>RAND_set_rand_method() makes <b>meth</b> the method for PRNG use. If an ENGINE was providing the method, it will be released first.</p>
+
+<p>RAND_get_rand_method() returns a pointer to the current <b>RAND_METHOD</b>.</p>
+
+<h1 id="THE-RAND_METHOD-STRUCTURE">THE RAND_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rand_meth_st {
+     void (*seed)(const void *buf, int num);
+     int (*bytes)(unsigned char *buf, int num);
+     void (*cleanup)(void);
+     void (*add)(const void *buf, int num, int randomness);
+     int (*pseudorand)(unsigned char *buf, int num);
+     int (*status)(void);
+ } RAND_METHOD;</code></pre>
+
+<p>The fields point to functions that are used by, in order, RAND_seed(), RAND_bytes(), internal RAND cleanup, RAND_add(), RAND_pseudo_rand() and RAND_status(). Each pointer may be NULL if the function is not implemented.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_set_rand_method() returns no value. RAND_get_rand_method() and RAND_OpenSSL() return pointers to the respective methods.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/ENGINE_by_id.html">ENGINE_by_id(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_keep_random_devices_open.html b/msys2/usr/share/doc/openssl/html/man3/RAND_keep_random_devices_open.html
new file mode 100644
index 000000000..14f84ccfc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_keep_random_devices_open.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen, RAND_keep_random_devices_open - add randomness to the PRNG or get its status</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_status(void);
+ int RAND_poll();
+
+ void RAND_add(const void *buf, int num, double randomness);
+ void RAND_seed(const void *buf, int num);
+
+ void RAND_keep_random_devices_open(int keep);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
+ void RAND_screen(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions can be used to seed the random generator and to check its seeded state. In general, manual (re-)seeding of the default OpenSSL random generator (<a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>) is not necessary (but allowed), since it does (re-)seed itself automatically using trusted system entropy sources. This holds unless the default RAND_METHOD has been replaced or OpenSSL was built with automatic reseeding disabled, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_status() indicates whether or not the random generator has been sufficiently seeded. If not, functions such as <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> will fail.</p>
+
+<p>RAND_poll() uses the system&#39;s capabilities to seed the random generator using random input obtained from polling various trusted entropy sources. The default choice of the entropy source can be modified at build time, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_add() mixes the <b>num</b> bytes at <b>buf</b> into the internal state of the random generator. This function will not normally be needed, as mentioned above. The <b>randomness</b> argument is an estimate of how much randomness is contained in <b>buf</b>, in bytes, and should be a number between zero and <b>num</b>. Details about sources of randomness and how to estimate their randomness can be found in the literature; for example [NIST SP 800-90B]. The content of <b>buf</b> cannot be recovered from subsequent random generator output. Applications that intend to save and restore random state in an external file should consider using <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a> instead.</p>
+
+<p>RAND_seed() is equivalent to RAND_add() with <b>randomness</b> set to <b>num</b>.</p>
+
+<p>RAND_keep_random_devices_open() is used to control file descriptor usage by the random seed sources. Some seed sources maintain open file descriptors by default, which allows such sources to operate in a chroot(2) jail without the associated device nodes being available. When the <b>keep</b> argument is zero, this call disables the retention of file descriptors. Conversely, a non-zero argument enables the retention of file descriptors. This function is usually called during initialization and it takes effect immediately.</p>
+
+<p>RAND_event() and RAND_screen() are equivalent to RAND_poll() and exist for compatibility reasons only. See HISTORY section below.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_status() returns 1 if the random generator has been seeded with enough data, 0 otherwise.</p>
+
+<p>RAND_poll() returns 1 if it generated seed data, 0 otherwise.</p>
+
+<p>RAND_event() returns RAND_status().</p>
+
+<p>The other functions do not return values.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RAND_event() and RAND_screen() were deprecated in OpenSSL 1.1.0 and should not be used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_egd.html">RAND_egd(3)</a>, <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_load_file.html b/msys2/usr/share/doc/openssl/html/man3/RAND_load_file.html
new file mode 100644
index 000000000..147b85313
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_load_file.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_load_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_load_file(const char *filename, long max_bytes);
+
+ int RAND_write_file(const char *filename);
+
+ const char *RAND_file_name(char *buf, size_t num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_load_file() reads a number of bytes from file <b>filename</b> and adds them to the PRNG. If <b>max_bytes</b> is non-negative, up to <b>max_bytes</b> are read; if <b>max_bytes</b> is -1, the complete file is read. Do not load the same file multiple times unless its contents have been updated by RAND_write_file() between reads. Also, note that <b>filename</b> should be adequately protected so that an attacker cannot replace or examine the contents. If <b>filename</b> is not a regular file, then user is considered to be responsible for any side effects, e.g. non-anticipated blocking or capture of controlling terminal.</p>
+
+<p>RAND_write_file() writes a number of random bytes (currently 128) to file <b>filename</b> which can be used to initialize the PRNG by calling RAND_load_file() in a later session.</p>
+
+<p>RAND_file_name() generates a default path for the random seed file. <b>buf</b> points to a buffer of size <b>num</b> in which to store the filename.</p>
+
+<p>On all systems, if the environment variable <b>RANDFILE</b> is set, its value will be used as the seed file name. Otherwise, the file is called <code>.rnd</code>, found in platform dependent locations:</p>
+
+<dl>
+
+<dt id="On-Windows-in-order-of-preference">On Windows (in order of preference)</dt>
+<dd>
+
+<pre><code> %HOME%, %USERPROFILE%, %SYSTEMROOT%, C:\</code></pre>
+
+</dd>
+<dt id="On-VMS">On VMS</dt>
+<dd>
+
+<pre><code> SYS$LOGIN:</code></pre>
+
+</dd>
+<dt id="On-all-other-systems">On all other systems</dt>
+<dd>
+
+<pre><code> $HOME</code></pre>
+
+</dd>
+</dl>
+
+<p>If <code>$HOME</code> (on non-Windows and non-VMS system) is not set either, or <b>num</b> is too small for the path name, an error occurs.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_load_file() returns the number of bytes read or -1 on error.</p>
+
+<p>RAND_write_file() returns the number of bytes written, or -1 if the bytes written were generated without appropriate seeding.</p>
+
+<p>RAND_file_name() returns a pointer to <b>buf</b> on success, and NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_poll.html b/msys2/usr/share/doc/openssl/html/man3/RAND_poll.html
new file mode 100644
index 000000000..14f84ccfc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_poll.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen, RAND_keep_random_devices_open - add randomness to the PRNG or get its status</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_status(void);
+ int RAND_poll();
+
+ void RAND_add(const void *buf, int num, double randomness);
+ void RAND_seed(const void *buf, int num);
+
+ void RAND_keep_random_devices_open(int keep);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
+ void RAND_screen(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions can be used to seed the random generator and to check its seeded state. In general, manual (re-)seeding of the default OpenSSL random generator (<a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>) is not necessary (but allowed), since it does (re-)seed itself automatically using trusted system entropy sources. This holds unless the default RAND_METHOD has been replaced or OpenSSL was built with automatic reseeding disabled, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_status() indicates whether or not the random generator has been sufficiently seeded. If not, functions such as <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> will fail.</p>
+
+<p>RAND_poll() uses the system&#39;s capabilities to seed the random generator using random input obtained from polling various trusted entropy sources. The default choice of the entropy source can be modified at build time, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_add() mixes the <b>num</b> bytes at <b>buf</b> into the internal state of the random generator. This function will not normally be needed, as mentioned above. The <b>randomness</b> argument is an estimate of how much randomness is contained in <b>buf</b>, in bytes, and should be a number between zero and <b>num</b>. Details about sources of randomness and how to estimate their randomness can be found in the literature; for example [NIST SP 800-90B]. The content of <b>buf</b> cannot be recovered from subsequent random generator output. Applications that intend to save and restore random state in an external file should consider using <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a> instead.</p>
+
+<p>RAND_seed() is equivalent to RAND_add() with <b>randomness</b> set to <b>num</b>.</p>
+
+<p>RAND_keep_random_devices_open() is used to control file descriptor usage by the random seed sources. Some seed sources maintain open file descriptors by default, which allows such sources to operate in a chroot(2) jail without the associated device nodes being available. When the <b>keep</b> argument is zero, this call disables the retention of file descriptors. Conversely, a non-zero argument enables the retention of file descriptors. This function is usually called during initialization and it takes effect immediately.</p>
+
+<p>RAND_event() and RAND_screen() are equivalent to RAND_poll() and exist for compatibility reasons only. See HISTORY section below.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_status() returns 1 if the random generator has been seeded with enough data, 0 otherwise.</p>
+
+<p>RAND_poll() returns 1 if it generated seed data, 0 otherwise.</p>
+
+<p>RAND_event() returns RAND_status().</p>
+
+<p>The other functions do not return values.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RAND_event() and RAND_screen() were deprecated in OpenSSL 1.1.0 and should not be used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_egd.html">RAND_egd(3)</a>, <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_priv_bytes.html b/msys2/usr/share/doc/openssl/html/man3/RAND_priv_bytes.html
new file mode 100644
index 000000000..6863a55ad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_priv_bytes.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_bytes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes - generate random data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_bytes(unsigned char *buf, int num);
+ int RAND_priv_bytes(unsigned char *buf, int num);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_pseudo_bytes(unsigned char *buf, int num);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_bytes() puts <b>num</b> cryptographically strong pseudo-random bytes into <b>buf</b>.</p>
+
+<p>RAND_priv_bytes() has the same semantics as RAND_bytes(). It is intended to be used for generating values that should remain private. If using the default RAND_METHOD, this function uses a separate &quot;private&quot; PRNG instance so that a compromise of the &quot;public&quot; PRNG instance will not affect the secrecy of these private values, as described in <a href="../man7/RAND.html">RAND(7)</a> and <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of RAND_bytes() and RAND_priv_bytes() and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_bytes() and RAND_priv_bytes() return 1 on success, -1 if not supported by the current RAND method, or 0 on other failure. The error code can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0; use RAND_bytes() instead.</p>
+
+</li>
+<li><p>The RAND_priv_bytes() function was added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_pseudo_bytes.html b/msys2/usr/share/doc/openssl/html/man3/RAND_pseudo_bytes.html
new file mode 100644
index 000000000..6863a55ad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_pseudo_bytes.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_bytes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes - generate random data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_bytes(unsigned char *buf, int num);
+ int RAND_priv_bytes(unsigned char *buf, int num);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_pseudo_bytes(unsigned char *buf, int num);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_bytes() puts <b>num</b> cryptographically strong pseudo-random bytes into <b>buf</b>.</p>
+
+<p>RAND_priv_bytes() has the same semantics as RAND_bytes(). It is intended to be used for generating values that should remain private. If using the default RAND_METHOD, this function uses a separate &quot;private&quot; PRNG instance so that a compromise of the &quot;public&quot; PRNG instance will not affect the secrecy of these private values, as described in <a href="../man7/RAND.html">RAND(7)</a> and <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Always check the error return value of RAND_bytes() and RAND_priv_bytes() and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_bytes() and RAND_priv_bytes() return 1 on success, -1 if not supported by the current RAND method, or 0 on other failure. The error code can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<ul>
+
+<li><p>RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0; use RAND_bytes() instead.</p>
+
+</li>
+<li><p>The RAND_priv_bytes() function was added in OpenSSL 1.1.1.</p>
+
+</li>
+</ul>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_query_egd_bytes.html b/msys2/usr/share/doc/openssl/html/man3/RAND_query_egd_bytes.html
new file mode 100644
index 000000000..64554144d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_query_egd_bytes.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_egd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_egd_bytes(const char *path, int num);
+ int RAND_egd(const char *path);
+
+ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>On older platforms without a good source of randomness such as <code>/dev/urandom</code>, it is possible to query an Entropy Gathering Daemon (EGD) over a local socket to obtain randomness and seed the OpenSSL RNG. The protocol used is defined by the EGDs available at <a href="http://egd.sourceforge.net/">http://egd.sourceforge.net/</a> or <a href="http://prngd.sourceforge.net">http://prngd.sourceforge.net</a>.</p>
+
+<p>RAND_egd_bytes() requests <b>num</b> bytes of randomness from an EGD at the specified socket <b>path</b>, and passes the data it receives into RAND_add(). RAND_egd() is equivalent to RAND_egd_bytes() with <b>num</b> set to 255.</p>
+
+<p>RAND_query_egd_bytes() requests <b>num</b> bytes of randomness from an EGD at the specified socket <b>path</b>, where <b>num</b> must be less than 256. If <b>buf</b> is <b>NULL</b>, it is equivalent to RAND_egd_bytes(). If <b>buf</b> is not <b>NULL</b>, then the data is copied to the buffer and RAND_add() is not called.</p>
+
+<p>OpenSSL can be configured at build time to try to use the EGD for seeding automatically.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_egd() and RAND_egd_bytes() return the number of bytes read from the daemon on success, or -1 if the connection failed or the daemon did not return enough data to fully seed the PRNG.</p>
+
+<p>RAND_query_egd_bytes() returns the number of bytes read from the daemon on success, or -1 if the connection failed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_screen.html b/msys2/usr/share/doc/openssl/html/man3/RAND_screen.html
new file mode 100644
index 000000000..14f84ccfc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_screen.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen, RAND_keep_random_devices_open - add randomness to the PRNG or get its status</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_status(void);
+ int RAND_poll();
+
+ void RAND_add(const void *buf, int num, double randomness);
+ void RAND_seed(const void *buf, int num);
+
+ void RAND_keep_random_devices_open(int keep);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
+ void RAND_screen(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions can be used to seed the random generator and to check its seeded state. In general, manual (re-)seeding of the default OpenSSL random generator (<a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>) is not necessary (but allowed), since it does (re-)seed itself automatically using trusted system entropy sources. This holds unless the default RAND_METHOD has been replaced or OpenSSL was built with automatic reseeding disabled, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_status() indicates whether or not the random generator has been sufficiently seeded. If not, functions such as <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> will fail.</p>
+
+<p>RAND_poll() uses the system&#39;s capabilities to seed the random generator using random input obtained from polling various trusted entropy sources. The default choice of the entropy source can be modified at build time, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_add() mixes the <b>num</b> bytes at <b>buf</b> into the internal state of the random generator. This function will not normally be needed, as mentioned above. The <b>randomness</b> argument is an estimate of how much randomness is contained in <b>buf</b>, in bytes, and should be a number between zero and <b>num</b>. Details about sources of randomness and how to estimate their randomness can be found in the literature; for example [NIST SP 800-90B]. The content of <b>buf</b> cannot be recovered from subsequent random generator output. Applications that intend to save and restore random state in an external file should consider using <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a> instead.</p>
+
+<p>RAND_seed() is equivalent to RAND_add() with <b>randomness</b> set to <b>num</b>.</p>
+
+<p>RAND_keep_random_devices_open() is used to control file descriptor usage by the random seed sources. Some seed sources maintain open file descriptors by default, which allows such sources to operate in a chroot(2) jail without the associated device nodes being available. When the <b>keep</b> argument is zero, this call disables the retention of file descriptors. Conversely, a non-zero argument enables the retention of file descriptors. This function is usually called during initialization and it takes effect immediately.</p>
+
+<p>RAND_event() and RAND_screen() are equivalent to RAND_poll() and exist for compatibility reasons only. See HISTORY section below.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_status() returns 1 if the random generator has been seeded with enough data, 0 otherwise.</p>
+
+<p>RAND_poll() returns 1 if it generated seed data, 0 otherwise.</p>
+
+<p>RAND_event() returns RAND_status().</p>
+
+<p>The other functions do not return values.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RAND_event() and RAND_screen() were deprecated in OpenSSL 1.1.0 and should not be used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_egd.html">RAND_egd(3)</a>, <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_seed.html b/msys2/usr/share/doc/openssl/html/man3/RAND_seed.html
new file mode 100644
index 000000000..14f84ccfc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_seed.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen, RAND_keep_random_devices_open - add randomness to the PRNG or get its status</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_status(void);
+ int RAND_poll();
+
+ void RAND_add(const void *buf, int num, double randomness);
+ void RAND_seed(const void *buf, int num);
+
+ void RAND_keep_random_devices_open(int keep);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
+ void RAND_screen(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions can be used to seed the random generator and to check its seeded state. In general, manual (re-)seeding of the default OpenSSL random generator (<a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>) is not necessary (but allowed), since it does (re-)seed itself automatically using trusted system entropy sources. This holds unless the default RAND_METHOD has been replaced or OpenSSL was built with automatic reseeding disabled, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_status() indicates whether or not the random generator has been sufficiently seeded. If not, functions such as <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> will fail.</p>
+
+<p>RAND_poll() uses the system&#39;s capabilities to seed the random generator using random input obtained from polling various trusted entropy sources. The default choice of the entropy source can be modified at build time, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_add() mixes the <b>num</b> bytes at <b>buf</b> into the internal state of the random generator. This function will not normally be needed, as mentioned above. The <b>randomness</b> argument is an estimate of how much randomness is contained in <b>buf</b>, in bytes, and should be a number between zero and <b>num</b>. Details about sources of randomness and how to estimate their randomness can be found in the literature; for example [NIST SP 800-90B]. The content of <b>buf</b> cannot be recovered from subsequent random generator output. Applications that intend to save and restore random state in an external file should consider using <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a> instead.</p>
+
+<p>RAND_seed() is equivalent to RAND_add() with <b>randomness</b> set to <b>num</b>.</p>
+
+<p>RAND_keep_random_devices_open() is used to control file descriptor usage by the random seed sources. Some seed sources maintain open file descriptors by default, which allows such sources to operate in a chroot(2) jail without the associated device nodes being available. When the <b>keep</b> argument is zero, this call disables the retention of file descriptors. Conversely, a non-zero argument enables the retention of file descriptors. This function is usually called during initialization and it takes effect immediately.</p>
+
+<p>RAND_event() and RAND_screen() are equivalent to RAND_poll() and exist for compatibility reasons only. See HISTORY section below.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_status() returns 1 if the random generator has been seeded with enough data, 0 otherwise.</p>
+
+<p>RAND_poll() returns 1 if it generated seed data, 0 otherwise.</p>
+
+<p>RAND_event() returns RAND_status().</p>
+
+<p>The other functions do not return values.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RAND_event() and RAND_screen() were deprecated in OpenSSL 1.1.0 and should not be used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_egd.html">RAND_egd(3)</a>, <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_set_rand_method.html b/msys2/usr/share/doc/openssl/html/man3/RAND_set_rand_method.html
new file mode 100644
index 000000000..5d0c34fb2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_set_rand_method.html
@@ -0,0 +1,82 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_set_rand_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RAND_METHOD-STRUCTURE">THE RAND_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_set_rand_method, RAND_get_rand_method, RAND_OpenSSL - select RAND method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ RAND_METHOD *RAND_OpenSSL(void);
+
+ void RAND_set_rand_method(const RAND_METHOD *meth);
+
+ const RAND_METHOD *RAND_get_rand_method(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A <b>RAND_METHOD</b> specifies the functions that OpenSSL uses for random number generation.</p>
+
+<p>RAND_OpenSSL() returns the default <b>RAND_METHOD</b> implementation by OpenSSL. This implementation ensures that the PRNG state is unique for each thread.</p>
+
+<p>If an <b>ENGINE</b> is loaded that provides the RAND API, however, it will be used instead of the method returned by RAND_OpenSSL().</p>
+
+<p>RAND_set_rand_method() makes <b>meth</b> the method for PRNG use. If an ENGINE was providing the method, it will be released first.</p>
+
+<p>RAND_get_rand_method() returns a pointer to the current <b>RAND_METHOD</b>.</p>
+
+<h1 id="THE-RAND_METHOD-STRUCTURE">THE RAND_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rand_meth_st {
+     void (*seed)(const void *buf, int num);
+     int (*bytes)(unsigned char *buf, int num);
+     void (*cleanup)(void);
+     void (*add)(const void *buf, int num, int randomness);
+     int (*pseudorand)(unsigned char *buf, int num);
+     int (*status)(void);
+ } RAND_METHOD;</code></pre>
+
+<p>The fields point to functions that are used by, in order, RAND_seed(), RAND_bytes(), internal RAND cleanup, RAND_add(), RAND_pseudo_rand() and RAND_status(). Each pointer may be NULL if the function is not implemented.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_set_rand_method() returns no value. RAND_get_rand_method() and RAND_OpenSSL() return pointers to the respective methods.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/ENGINE_by_id.html">ENGINE_by_id(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_status.html b/msys2/usr/share/doc/openssl/html/man3/RAND_status.html
new file mode 100644
index 000000000..14f84ccfc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_status.html
@@ -0,0 +1,92 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_add</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen, RAND_keep_random_devices_open - add randomness to the PRNG or get its status</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_status(void);
+ int RAND_poll();
+
+ void RAND_add(const void *buf, int num, double randomness);
+ void RAND_seed(const void *buf, int num);
+
+ void RAND_keep_random_devices_open(int keep);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
+ void RAND_screen(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions can be used to seed the random generator and to check its seeded state. In general, manual (re-)seeding of the default OpenSSL random generator (<a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>) is not necessary (but allowed), since it does (re-)seed itself automatically using trusted system entropy sources. This holds unless the default RAND_METHOD has been replaced or OpenSSL was built with automatic reseeding disabled, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_status() indicates whether or not the random generator has been sufficiently seeded. If not, functions such as <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> will fail.</p>
+
+<p>RAND_poll() uses the system&#39;s capabilities to seed the random generator using random input obtained from polling various trusted entropy sources. The default choice of the entropy source can be modified at build time, see <a href="../man7/RAND.html">RAND(7)</a> for more details.</p>
+
+<p>RAND_add() mixes the <b>num</b> bytes at <b>buf</b> into the internal state of the random generator. This function will not normally be needed, as mentioned above. The <b>randomness</b> argument is an estimate of how much randomness is contained in <b>buf</b>, in bytes, and should be a number between zero and <b>num</b>. Details about sources of randomness and how to estimate their randomness can be found in the literature; for example [NIST SP 800-90B]. The content of <b>buf</b> cannot be recovered from subsequent random generator output. Applications that intend to save and restore random state in an external file should consider using <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a> instead.</p>
+
+<p>RAND_seed() is equivalent to RAND_add() with <b>randomness</b> set to <b>num</b>.</p>
+
+<p>RAND_keep_random_devices_open() is used to control file descriptor usage by the random seed sources. Some seed sources maintain open file descriptors by default, which allows such sources to operate in a chroot(2) jail without the associated device nodes being available. When the <b>keep</b> argument is zero, this call disables the retention of file descriptors. Conversely, a non-zero argument enables the retention of file descriptors. This function is usually called during initialization and it takes effect immediately.</p>
+
+<p>RAND_event() and RAND_screen() are equivalent to RAND_poll() and exist for compatibility reasons only. See HISTORY section below.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_status() returns 1 if the random generator has been seeded with enough data, 0 otherwise.</p>
+
+<p>RAND_poll() returns 1 if it generated seed data, 0 otherwise.</p>
+
+<p>RAND_event() returns RAND_status().</p>
+
+<p>The other functions do not return values.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RAND_event() and RAND_screen() were deprecated in OpenSSL 1.1.0 and should not be used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_egd.html">RAND_egd(3)</a>, <a href="../man3/RAND_load_file.html">RAND_load_file(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RAND_write_file.html b/msys2/usr/share/doc/openssl/html/man3/RAND_write_file.html
new file mode 100644
index 000000000..147b85313
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RAND_write_file.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_load_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand.h&gt;
+
+ int RAND_load_file(const char *filename, long max_bytes);
+
+ int RAND_write_file(const char *filename);
+
+ const char *RAND_file_name(char *buf, size_t num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RAND_load_file() reads a number of bytes from file <b>filename</b> and adds them to the PRNG. If <b>max_bytes</b> is non-negative, up to <b>max_bytes</b> are read; if <b>max_bytes</b> is -1, the complete file is read. Do not load the same file multiple times unless its contents have been updated by RAND_write_file() between reads. Also, note that <b>filename</b> should be adequately protected so that an attacker cannot replace or examine the contents. If <b>filename</b> is not a regular file, then user is considered to be responsible for any side effects, e.g. non-anticipated blocking or capture of controlling terminal.</p>
+
+<p>RAND_write_file() writes a number of random bytes (currently 128) to file <b>filename</b> which can be used to initialize the PRNG by calling RAND_load_file() in a later session.</p>
+
+<p>RAND_file_name() generates a default path for the random seed file. <b>buf</b> points to a buffer of size <b>num</b> in which to store the filename.</p>
+
+<p>On all systems, if the environment variable <b>RANDFILE</b> is set, its value will be used as the seed file name. Otherwise, the file is called <code>.rnd</code>, found in platform dependent locations:</p>
+
+<dl>
+
+<dt id="On-Windows-in-order-of-preference">On Windows (in order of preference)</dt>
+<dd>
+
+<pre><code> %HOME%, %USERPROFILE%, %SYSTEMROOT%, C:\</code></pre>
+
+</dd>
+<dt id="On-VMS">On VMS</dt>
+<dd>
+
+<pre><code> SYS$LOGIN:</code></pre>
+
+</dd>
+<dt id="On-all-other-systems">On all other systems</dt>
+<dd>
+
+<pre><code> $HOME</code></pre>
+
+</dd>
+</dl>
+
+<p>If <code>$HOME</code> (on non-Windows and non-VMS system) is not set either, or <b>num</b> is too small for the path name, an error occurs.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RAND_load_file() returns the number of bytes read or -1 on error.</p>
+
+<p>RAND_write_file() returns the number of bytes written, or -1 if the bytes written were generated without appropriate seeding.</p>
+
+<p>RAND_file_name() returns a pointer to <b>buf</b> on success, and NULL on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man7/RAND.html">RAND(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RC4.html b/msys2/usr/share/doc/openssl/html/man3/RC4.html
new file mode 100644
index 000000000..ab78a2d27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RC4.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RC4_set_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RC4_set_key, RC4 - RC4 encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rc4.h&gt;
+
+ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+
+ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+          unsigned char *outdata);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Alleged RC4 cipher, which is described for example in <i>Applied Cryptography</i>. It is believed to be compatible with RC4[TM], a proprietary cipher of RSA Security Inc.</p>
+
+<p>RC4 is a stream cipher with variable key length. Typically, 128 bit (16 byte) keys are used for strong encryption, but shorter insecure key sizes have been widely used due to export restrictions.</p>
+
+<p>RC4 consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>RC4_set_key() sets up the <b>RC4_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>RC4() encrypts or decrypts the <b>len</b> bytes of data at <b>indata</b> using <b>key</b> and places the result at <b>outdata</b>. Repeated RC4() calls with the same <b>key</b> yield a continuous key stream.</p>
+
+<p>Since RC4 is a stream cipher (the input is XORed with a pseudo-random key stream to produce the output), decryption uses the same function calls as encryption.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RC4_set_key() and RC4() do not return values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>It is difficult to securely use stream ciphers. For example, do not perform multiple encryptions using the same key stream.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RC4_set_key.html b/msys2/usr/share/doc/openssl/html/man3/RC4_set_key.html
new file mode 100644
index 000000000..ab78a2d27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RC4_set_key.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RC4_set_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RC4_set_key, RC4 - RC4 encryption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rc4.h&gt;
+
+ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+
+ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+          unsigned char *outdata);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements the Alleged RC4 cipher, which is described for example in <i>Applied Cryptography</i>. It is believed to be compatible with RC4[TM], a proprietary cipher of RSA Security Inc.</p>
+
+<p>RC4 is a stream cipher with variable key length. Typically, 128 bit (16 byte) keys are used for strong encryption, but shorter insecure key sizes have been widely used due to export restrictions.</p>
+
+<p>RC4 consists of a key setup phase and the actual encryption or decryption phase.</p>
+
+<p>RC4_set_key() sets up the <b>RC4_KEY</b> <b>key</b> using the <b>len</b> bytes long key at <b>data</b>.</p>
+
+<p>RC4() encrypts or decrypts the <b>len</b> bytes of data at <b>indata</b> using <b>key</b> and places the result at <b>outdata</b>. Repeated RC4() calls with the same <b>key</b> yield a continuous key stream.</p>
+
+<p>Since RC4 is a stream cipher (the input is XORed with a pseudo-random key stream to produce the output), decryption uses the same function calls as encryption.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RC4_set_key() and RC4() do not return values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<p>It is difficult to securely use stream ciphers. For example, do not perform multiple encryptions using the same key stream.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RIPEMD160.html b/msys2/usr/share/doc/openssl/html/man3/RIPEMD160.html
new file mode 100644
index 000000000..c26ca468e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RIPEMD160.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RIPEMD160_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final - RIPEMD-160 hash function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ripemd.h&gt;
+
+ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
+                          unsigned char *md);
+
+ int RIPEMD160_Init(RIPEMD160_CTX *c);
+ int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len);
+ int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RIPEMD-160 is a cryptographic hash function with a 160 bit output.</p>
+
+<p>RIPEMD160() computes the RIPEMD-160 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>RIPEMD160_Init() initializes a <b>RIPEMD160_CTX</b> structure.</p>
+
+<p>RIPEMD160_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>RIPEMD160_Final() places the message digest in <b>md</b>, which must have space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output, and erases the <b>RIPEMD160_CTX</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RIPEMD160() returns a pointer to the hash value.</p>
+
+<p>RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-3:2016 Dedicated Hash-Function 1 (RIPEMD-160).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Final.html b/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Final.html
new file mode 100644
index 000000000..c26ca468e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Final.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RIPEMD160_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final - RIPEMD-160 hash function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ripemd.h&gt;
+
+ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
+                          unsigned char *md);
+
+ int RIPEMD160_Init(RIPEMD160_CTX *c);
+ int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len);
+ int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RIPEMD-160 is a cryptographic hash function with a 160 bit output.</p>
+
+<p>RIPEMD160() computes the RIPEMD-160 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>RIPEMD160_Init() initializes a <b>RIPEMD160_CTX</b> structure.</p>
+
+<p>RIPEMD160_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>RIPEMD160_Final() places the message digest in <b>md</b>, which must have space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output, and erases the <b>RIPEMD160_CTX</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RIPEMD160() returns a pointer to the hash value.</p>
+
+<p>RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-3:2016 Dedicated Hash-Function 1 (RIPEMD-160).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Init.html b/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Init.html
new file mode 100644
index 000000000..c26ca468e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Init.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RIPEMD160_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final - RIPEMD-160 hash function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ripemd.h&gt;
+
+ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
+                          unsigned char *md);
+
+ int RIPEMD160_Init(RIPEMD160_CTX *c);
+ int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len);
+ int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RIPEMD-160 is a cryptographic hash function with a 160 bit output.</p>
+
+<p>RIPEMD160() computes the RIPEMD-160 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>RIPEMD160_Init() initializes a <b>RIPEMD160_CTX</b> structure.</p>
+
+<p>RIPEMD160_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>RIPEMD160_Final() places the message digest in <b>md</b>, which must have space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output, and erases the <b>RIPEMD160_CTX</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RIPEMD160() returns a pointer to the hash value.</p>
+
+<p>RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-3:2016 Dedicated Hash-Function 1 (RIPEMD-160).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Update.html b/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Update.html
new file mode 100644
index 000000000..c26ca468e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RIPEMD160_Update.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RIPEMD160_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final - RIPEMD-160 hash function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ripemd.h&gt;
+
+ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
+                          unsigned char *md);
+
+ int RIPEMD160_Init(RIPEMD160_CTX *c);
+ int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len);
+ int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RIPEMD-160 is a cryptographic hash function with a 160 bit output.</p>
+
+<p>RIPEMD160() computes the RIPEMD-160 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>RIPEMD160_Init() initializes a <b>RIPEMD160_CTX</b> structure.</p>
+
+<p>RIPEMD160_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>RIPEMD160_Final() places the message digest in <b>md</b>, which must have space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output, and erases the <b>RIPEMD160_CTX</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RIPEMD160() returns a pointer to the hash value.</p>
+
+<p>RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for success, 0 otherwise.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling these functions directly.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ISO/IEC 10118-3:2016 Dedicated Hash-Function 1 (RIPEMD-160).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSAPrivateKey_dup.html b/msys2/usr/share/doc/openssl/html/man3/RSAPrivateKey_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSAPrivateKey_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSAPublicKey_dup.html b/msys2/usr/share/doc/openssl/html/man3/RSAPublicKey_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSAPublicKey_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_OAEP_PARAMS_free.html b/msys2/usr/share/doc/openssl/html/man3/RSA_OAEP_PARAMS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_OAEP_PARAMS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_OAEP_PARAMS_new.html b/msys2/usr/share/doc/openssl/html/man3/RSA_OAEP_PARAMS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_OAEP_PARAMS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_PKCS1_OpenSSL.html b/msys2/usr/share/doc/openssl/html/man3/RSA_PKCS1_OpenSSL.html
new file mode 100644
index 000000000..ad1a0e3b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_PKCS1_OpenSSL.html
@@ -0,0 +1,161 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set_default_method, RSA_get_default_method, RSA_set_method, RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_default_method(void);
+
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_method(const RSA *rsa);
+
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
+
+ int RSA_flags(const RSA *rsa);
+
+ RSA *RSA_new_method(ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>RSA_METHOD</b> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these RSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default RSA_METHOD is the OpenSSL internal implementation, as returned by RSA_PKCS1_OpenSSL().</p>
+
+<p>RSA_set_default_method() makes <b>meth</b> the default method for all RSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>RSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the RSA_METHOD used by the RSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have RSA keys that only work with certain RSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the RSA_METHOD for the key can have unexpected results.</p>
+
+<p>RSA_get_method() returns a pointer to the RSA_METHOD being used by <b>rsa</b>. This method may or may not be supplied by an ENGINE implementation, but if it is, the return value can only be guaranteed to be valid as long as the RSA key itself is valid and does not have its implementation changed by RSA_set_method().</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current RSA_METHOD. See the BUGS section.</p>
+
+<p>RSA_new_method() allocates and initializes an RSA structure so that <b>engine</b> will be used for the RSA operations. If <b>engine</b> is NULL, the default ENGINE for RSA operations is used, and if no default ENGINE is set, the RSA_METHOD controlled by RSA_set_default_method() is used.</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current method.</p>
+
+<p>RSA_new_method() allocates and initializes an <b>RSA</b> structure so that <b>method</b> will be used for the RSA operations. If <b>method</b> is <b>NULL</b>, the default method is used.</p>
+
+<h1 id="THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rsa_meth_st
+ {
+     /* name of the implementation */
+     const char *name;
+
+     /* encrypt */
+     int (*rsa_pub_enc)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* verify arbitrary data */
+     int (*rsa_pub_dec)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* sign arbitrary data */
+     int (*rsa_priv_enc)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* decrypt */
+     int (*rsa_priv_dec)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* compute r0 = r0 ^ I mod rsa-&gt;n (May be NULL for some implementations) */
+     int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+     int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at RSA_new */
+     int (*init)(RSA *rsa);
+
+     /* called at RSA_free */
+     int (*finish)(RSA *rsa);
+
+     /*
+      * RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
+      *                            operations, even if p,q,dmp1,dmq1,iqmp
+      *                            are NULL
+      * RSA_METHOD_FLAG_NO_CHECK - don&#39;t check pub/private match
+      */
+     int flags;
+
+     char *app_data; /* ?? */
+
+     int (*rsa_sign)(int type,
+                     const unsigned char *m, unsigned int m_length,
+                     unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+     int (*rsa_verify)(int dtype,
+                       const unsigned char *m, unsigned int m_length,
+                       const unsigned char *sigbuf, unsigned int siglen,
+                       const RSA *rsa);
+     /* keygen. If NULL builtin RSA key generation will be used */
+     int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method() and RSA_get_method() return pointers to the respective RSA_METHODs.</p>
+
+<p>RSA_set_default_method() returns no value.</p>
+
+<p>RSA_set_method() returns a pointer to the old RSA_METHOD implementation that was replaced. However, this return value should probably be ignored because if it was supplied by an ENGINE, the pointer could be invalidated at any time if the ENGINE is unloaded (in fact it could be unloaded as a result of the RSA_set_method() function releasing its handle to the ENGINE). For this reason, the return type may be replaced with a <b>void</b> declaration in a future release.</p>
+
+<p>RSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The behaviour of RSA_flags() is a mis-feature that is left as-is for now to avoid creating compatibility problems. RSA functionality, such as the encryption functions, are controlled by the <b>flags</b> value in the RSA key itself, not by the <b>flags</b> value in the RSA_METHOD attached to the RSA key (which is what this function returns). If the flags element of an RSA key is changed, the changes will be honoured by RSA functionality but will not be reflected in the return value of the RSA_flags() function - in effect RSA_flags() behaves more like an RSA_default_flags() function (which does not currently exist).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_null_method(), which was a partial attempt to avoid patent issues, was replaced to always return NULL in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_PSS_PARAMS_free.html b/msys2/usr/share/doc/openssl/html/man3/RSA_PSS_PARAMS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_PSS_PARAMS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_PSS_PARAMS_new.html b/msys2/usr/share/doc/openssl/html/man3/RSA_PSS_PARAMS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_PSS_PARAMS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_bits.html b/msys2/usr/share/doc/openssl/html/man3/RSA_bits.html
new file mode 100644
index 000000000..109183188
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_bits.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_size, RSA_bits, RSA_security_bits - get RSA modulus size or security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_size(const RSA *rsa);
+
+ int RSA_bits(const RSA *rsa);
+
+ int RSA_security_bits(const RSA *rsa)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_size() returns the RSA modulus size in bytes. It can be used to determine how much memory must be allocated for an RSA encrypted value.</p>
+
+<p>RSA_bits() returns the number of significant bits.</p>
+
+<p><b>rsa</b> and <b>rsa-&gt;n</b> must not be <b>NULL</b>.</p>
+
+<p>RSA_security_bits() returns the number of security bits of the given <b>rsa</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_size() returns the size of modulus in bytes.</p>
+
+<p>DSA_bits() returns the number of bits in the key.</p>
+
+<p>RSA_security_bits() returns the number of security bits.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bits.html">BN_num_bits(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_bits() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_blinding_off.html b/msys2/usr/share/doc/openssl/html/man3/RSA_blinding_off.html
new file mode 100644
index 000000000..a3583a0f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_blinding_off.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_blinding_on</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+
+ void RSA_blinding_off(RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA is vulnerable to timing attacks. In a setup where attackers can measure the time of RSA decryption or signature operations, blinding must be used to protect the RSA operation from that attack.</p>
+
+<p>RSA_blinding_on() turns blinding on for key <b>rsa</b> and generates a random blinding factor. <b>ctx</b> is <b>NULL</b> or a pre-allocated and initialized <b>BN_CTX</b>. The random number generator must be seeded prior to calling RSA_blinding_on().</p>
+
+<p>RSA_blinding_off() turns blinding off and frees the memory used for the blinding factor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_blinding_on() returns 1 on success, and 0 if an error occurred.</p>
+
+<p>RSA_blinding_off() returns no value.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_blinding_on.html b/msys2/usr/share/doc/openssl/html/man3/RSA_blinding_on.html
new file mode 100644
index 000000000..a3583a0f9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_blinding_on.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_blinding_on</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+
+ void RSA_blinding_off(RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA is vulnerable to timing attacks. In a setup where attackers can measure the time of RSA decryption or signature operations, blinding must be used to protect the RSA operation from that attack.</p>
+
+<p>RSA_blinding_on() turns blinding on for key <b>rsa</b> and generates a random blinding factor. <b>ctx</b> is <b>NULL</b> or a pre-allocated and initialized <b>BN_CTX</b>. The random number generator must be seeded prior to calling RSA_blinding_on().</p>
+
+<p>RSA_blinding_off() turns blinding off and frees the memory used for the blinding factor.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_blinding_on() returns 1 on success, and 0 if an error occurred.</p>
+
+<p>RSA_blinding_off() returns no value.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_check_key.html b/msys2/usr/share/doc/openssl/html/man3/RSA_check_key.html
new file mode 100644
index 000000000..abcfd3d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_check_key.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_check_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_check_key_ex, RSA_check_key - validate private RSA keys</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_check_key_ex(RSA *rsa, BN_GENCB *cb);
+
+ int RSA_check_key(RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_check_key_ex() function validates RSA keys. It checks that <b>p</b> and <b>q</b> are in fact prime, and that <b>n = p*q</b>.</p>
+
+<p>It does not work on RSA public keys that have only the modulus and public exponent elements populated. It also checks that <b>d*e = 1 mod (p-1*q-1)</b>, and that <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are set correctly or are <b>NULL</b>. It performs integrity checks on all the RSA key material, so the RSA key structure must contain all the private key data too. Therefore, it cannot be used with any arbitrary RSA key object, even if it is otherwise fit for regular RSA operation.</p>
+
+<p>The <b>cb</b> parameter is a callback that will be invoked in the same manner as <a href="../man3/BN_is_prime_ex.html">BN_is_prime_ex(3)</a>.</p>
+
+<p>RSA_check_key() is equivalent to RSA_check_key_ex() with a NULL <b>cb</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_check_key_ex() and RSA_check_key() return 1 if <b>rsa</b> is a valid RSA key, and 0 otherwise. They return -1 if an error occurs while checking the key.</p>
+
+<p>If the key is invalid or an error occurred, the reason code can be obtained using <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Unlike most other RSA functions, this function does <b>not</b> work transparently with any underlying ENGINE implementation because it uses the key data in the RSA structure directly. An ENGINE implementation can override the way key data is stored and handled, and can even provide support for HSM keys - in which case the RSA structure may contain <b>no</b> key data at all! If the ENGINE in question is only being used for acceleration or analysis purposes, then in all likelihood the RSA key data is complete and untouched, but this can&#39;t be assumed in the general case.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>A method of verifying the RSA key using opaque RSA API functions might need to be considered. Right now RSA_check_key() simply uses the RSA structure elements directly, bypassing the RSA_METHOD table altogether (and completely violating encapsulation and object-orientation in the process). The best fix will probably be to introduce a &quot;check_key()&quot; handler to the RSA_METHOD function table so that alternative implementations can also provide their own verifiers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_is_prime_ex.html">BN_is_prime_ex(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_check_key_ex() appeared after OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_check_key_ex.html b/msys2/usr/share/doc/openssl/html/man3/RSA_check_key_ex.html
new file mode 100644
index 000000000..abcfd3d91
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_check_key_ex.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_check_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_check_key_ex, RSA_check_key - validate private RSA keys</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_check_key_ex(RSA *rsa, BN_GENCB *cb);
+
+ int RSA_check_key(RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_check_key_ex() function validates RSA keys. It checks that <b>p</b> and <b>q</b> are in fact prime, and that <b>n = p*q</b>.</p>
+
+<p>It does not work on RSA public keys that have only the modulus and public exponent elements populated. It also checks that <b>d*e = 1 mod (p-1*q-1)</b>, and that <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are set correctly or are <b>NULL</b>. It performs integrity checks on all the RSA key material, so the RSA key structure must contain all the private key data too. Therefore, it cannot be used with any arbitrary RSA key object, even if it is otherwise fit for regular RSA operation.</p>
+
+<p>The <b>cb</b> parameter is a callback that will be invoked in the same manner as <a href="../man3/BN_is_prime_ex.html">BN_is_prime_ex(3)</a>.</p>
+
+<p>RSA_check_key() is equivalent to RSA_check_key_ex() with a NULL <b>cb</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_check_key_ex() and RSA_check_key() return 1 if <b>rsa</b> is a valid RSA key, and 0 otherwise. They return -1 if an error occurs while checking the key.</p>
+
+<p>If the key is invalid or an error occurred, the reason code can be obtained using <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Unlike most other RSA functions, this function does <b>not</b> work transparently with any underlying ENGINE implementation because it uses the key data in the RSA structure directly. An ENGINE implementation can override the way key data is stored and handled, and can even provide support for HSM keys - in which case the RSA structure may contain <b>no</b> key data at all! If the ENGINE in question is only being used for acceleration or analysis purposes, then in all likelihood the RSA key data is complete and untouched, but this can&#39;t be assumed in the general case.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>A method of verifying the RSA key using opaque RSA API functions might need to be considered. Right now RSA_check_key() simply uses the RSA structure elements directly, bypassing the RSA_METHOD table altogether (and completely violating encapsulation and object-orientation in the process). The best fix will probably be to introduce a &quot;check_key()&quot; handler to the RSA_METHOD function table so that alternative implementations can also provide their own verifiers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_is_prime_ex.html">BN_is_prime_ex(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_check_key_ex() appeared after OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/RSA_clear_flags.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_clear_flags.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_flags.html b/msys2/usr/share/doc/openssl/html/man3/RSA_flags.html
new file mode 100644
index 000000000..ad1a0e3b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_flags.html
@@ -0,0 +1,161 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set_default_method, RSA_get_default_method, RSA_set_method, RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_default_method(void);
+
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_method(const RSA *rsa);
+
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
+
+ int RSA_flags(const RSA *rsa);
+
+ RSA *RSA_new_method(ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>RSA_METHOD</b> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these RSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default RSA_METHOD is the OpenSSL internal implementation, as returned by RSA_PKCS1_OpenSSL().</p>
+
+<p>RSA_set_default_method() makes <b>meth</b> the default method for all RSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>RSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the RSA_METHOD used by the RSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have RSA keys that only work with certain RSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the RSA_METHOD for the key can have unexpected results.</p>
+
+<p>RSA_get_method() returns a pointer to the RSA_METHOD being used by <b>rsa</b>. This method may or may not be supplied by an ENGINE implementation, but if it is, the return value can only be guaranteed to be valid as long as the RSA key itself is valid and does not have its implementation changed by RSA_set_method().</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current RSA_METHOD. See the BUGS section.</p>
+
+<p>RSA_new_method() allocates and initializes an RSA structure so that <b>engine</b> will be used for the RSA operations. If <b>engine</b> is NULL, the default ENGINE for RSA operations is used, and if no default ENGINE is set, the RSA_METHOD controlled by RSA_set_default_method() is used.</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current method.</p>
+
+<p>RSA_new_method() allocates and initializes an <b>RSA</b> structure so that <b>method</b> will be used for the RSA operations. If <b>method</b> is <b>NULL</b>, the default method is used.</p>
+
+<h1 id="THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rsa_meth_st
+ {
+     /* name of the implementation */
+     const char *name;
+
+     /* encrypt */
+     int (*rsa_pub_enc)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* verify arbitrary data */
+     int (*rsa_pub_dec)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* sign arbitrary data */
+     int (*rsa_priv_enc)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* decrypt */
+     int (*rsa_priv_dec)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* compute r0 = r0 ^ I mod rsa-&gt;n (May be NULL for some implementations) */
+     int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+     int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at RSA_new */
+     int (*init)(RSA *rsa);
+
+     /* called at RSA_free */
+     int (*finish)(RSA *rsa);
+
+     /*
+      * RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
+      *                            operations, even if p,q,dmp1,dmq1,iqmp
+      *                            are NULL
+      * RSA_METHOD_FLAG_NO_CHECK - don&#39;t check pub/private match
+      */
+     int flags;
+
+     char *app_data; /* ?? */
+
+     int (*rsa_sign)(int type,
+                     const unsigned char *m, unsigned int m_length,
+                     unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+     int (*rsa_verify)(int dtype,
+                       const unsigned char *m, unsigned int m_length,
+                       const unsigned char *sigbuf, unsigned int siglen,
+                       const RSA *rsa);
+     /* keygen. If NULL builtin RSA key generation will be used */
+     int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method() and RSA_get_method() return pointers to the respective RSA_METHODs.</p>
+
+<p>RSA_set_default_method() returns no value.</p>
+
+<p>RSA_set_method() returns a pointer to the old RSA_METHOD implementation that was replaced. However, this return value should probably be ignored because if it was supplied by an ENGINE, the pointer could be invalidated at any time if the ENGINE is unloaded (in fact it could be unloaded as a result of the RSA_set_method() function releasing its handle to the ENGINE). For this reason, the return type may be replaced with a <b>void</b> declaration in a future release.</p>
+
+<p>RSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The behaviour of RSA_flags() is a mis-feature that is left as-is for now to avoid creating compatibility problems. RSA functionality, such as the encryption functions, are controlled by the <b>flags</b> value in the RSA key itself, not by the <b>flags</b> value in the RSA_METHOD attached to the RSA key (which is what this function returns). If the flags element of an RSA key is changed, the changes will be honoured by RSA functionality but will not be reflected in the return value of the RSA_flags() function - in effect RSA_flags() behaves more like an RSA_default_flags() function (which does not currently exist).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_null_method(), which was a partial attempt to avoid patent issues, was replaced to always return NULL in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_free.html b/msys2/usr/share/doc/openssl/html/man3/RSA_free.html
new file mode 100644
index 000000000..112aa3238
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_free.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_new, RSA_free - allocate and free RSA objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA *RSA_new(void);
+
+ void RSA_free(RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_new() allocates and initializes an <b>RSA</b> structure. It is equivalent to calling RSA_new_method(NULL).</p>
+
+<p>RSA_free() frees the <b>RSA</b> structure and its components. The key is erased before the memory is returned to the system. If <b>rsa</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, RSA_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>RSA_free() returns no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_generate_key.html b/msys2/usr/share/doc/openssl/html/man3/RSA_generate_key.html
new file mode 100644
index 000000000..622a306fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_generate_key.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_generate_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_generate_key_ex, RSA_generate_key, RSA_generate_multi_prime_key - generate RSA key pair</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+ int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ RSA *RSA_generate_key(int num, unsigned long e,
+                       void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_generate_key_ex() generates a 2-prime RSA key pair and stores it in the <b>RSA</b> structure provided in <b>rsa</b>. The pseudo-random number generator must be seeded prior to calling RSA_generate_key_ex().</p>
+
+<p>RSA_generate_multi_prime_key() generates a multi-prime RSA key pair and stores it in the <b>RSA</b> structure provided in <b>rsa</b>. The number of primes is given by the <b>primes</b> parameter. The pseudo-random number generator must be seeded prior to calling RSA_generate_multi_prime_key().</p>
+
+<p>The modulus size will be of length <b>bits</b>, the number of primes to form the modulus will be <b>primes</b>, and the public exponent will be <b>e</b>. Key sizes with <b>num</b> &lt; 1024 should be considered insecure. The exponent is an odd number, typically 3, 17 or 65537.</p>
+
+<p>In order to maintain adequate security level, the maximum number of permitted <b>primes</b> depends on modulus bit length:</p>
+
+<pre><code>   &lt;1024 | &gt;=1024 | &gt;=4096 | &gt;=8192
+   ------+--------+--------+-------
+     2   |   3    |   4    |   5</code></pre>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as follows using the BN_GENCB_call() function described on the <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> page.</p>
+
+<p>RSA_generate_prime() is similar to RSA_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<ul>
+
+<li><p>While a random prime number is generated, it is called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a>.</p>
+
+</li>
+<li><p>When the n-th randomly generated prime is rejected as not suitable for the key, <b>BN_GENCB_call(cb, 2, n)</b> is called.</p>
+
+</li>
+<li><p>When a random p has been found with p-1 relatively prime to <b>e</b>, it is called as <b>BN_GENCB_call(cb, 3, 0)</b>.</p>
+
+</li>
+</ul>
+
+<p>The process is then repeated for prime q and other primes (if any) with <b>BN_GENCB_call(cb, 3, i)</b> where <b>i</b> indicates the i-th prime.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_generate_multi_prime_key() returns 1 on success or 0 on error. RSA_generate_key_ex() returns 1 on success or 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>RSA_generate_key() returns a pointer to the RSA structure or <b>NULL</b> if the key generation fails.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>BN_GENCB_call(cb, 2, x)</b> is used with two different meanings.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_generate_key() was deprecated in OpenSSL 0.9.8; use RSA_generate_key_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_generate_key_ex.html b/msys2/usr/share/doc/openssl/html/man3/RSA_generate_key_ex.html
new file mode 100644
index 000000000..622a306fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_generate_key_ex.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_generate_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_generate_key_ex, RSA_generate_key, RSA_generate_multi_prime_key - generate RSA key pair</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+ int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ RSA *RSA_generate_key(int num, unsigned long e,
+                       void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_generate_key_ex() generates a 2-prime RSA key pair and stores it in the <b>RSA</b> structure provided in <b>rsa</b>. The pseudo-random number generator must be seeded prior to calling RSA_generate_key_ex().</p>
+
+<p>RSA_generate_multi_prime_key() generates a multi-prime RSA key pair and stores it in the <b>RSA</b> structure provided in <b>rsa</b>. The number of primes is given by the <b>primes</b> parameter. The pseudo-random number generator must be seeded prior to calling RSA_generate_multi_prime_key().</p>
+
+<p>The modulus size will be of length <b>bits</b>, the number of primes to form the modulus will be <b>primes</b>, and the public exponent will be <b>e</b>. Key sizes with <b>num</b> &lt; 1024 should be considered insecure. The exponent is an odd number, typically 3, 17 or 65537.</p>
+
+<p>In order to maintain adequate security level, the maximum number of permitted <b>primes</b> depends on modulus bit length:</p>
+
+<pre><code>   &lt;1024 | &gt;=1024 | &gt;=4096 | &gt;=8192
+   ------+--------+--------+-------
+     2   |   3    |   4    |   5</code></pre>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as follows using the BN_GENCB_call() function described on the <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> page.</p>
+
+<p>RSA_generate_prime() is similar to RSA_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<ul>
+
+<li><p>While a random prime number is generated, it is called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a>.</p>
+
+</li>
+<li><p>When the n-th randomly generated prime is rejected as not suitable for the key, <b>BN_GENCB_call(cb, 2, n)</b> is called.</p>
+
+</li>
+<li><p>When a random p has been found with p-1 relatively prime to <b>e</b>, it is called as <b>BN_GENCB_call(cb, 3, 0)</b>.</p>
+
+</li>
+</ul>
+
+<p>The process is then repeated for prime q and other primes (if any) with <b>BN_GENCB_call(cb, 3, i)</b> where <b>i</b> indicates the i-th prime.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_generate_multi_prime_key() returns 1 on success or 0 on error. RSA_generate_key_ex() returns 1 on success or 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>RSA_generate_key() returns a pointer to the RSA structure or <b>NULL</b> if the key generation fails.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>BN_GENCB_call(cb, 2, x)</b> is used with two different meanings.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_generate_key() was deprecated in OpenSSL 0.9.8; use RSA_generate_key_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_generate_multi_prime_key.html b/msys2/usr/share/doc/openssl/html/man3/RSA_generate_multi_prime_key.html
new file mode 100644
index 000000000..622a306fa
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_generate_multi_prime_key.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_generate_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_generate_key_ex, RSA_generate_key, RSA_generate_multi_prime_key - generate RSA key pair</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+ int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x00908000L
+ RSA *RSA_generate_key(int num, unsigned long e,
+                       void (*callback)(int, int, void *), void *cb_arg);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_generate_key_ex() generates a 2-prime RSA key pair and stores it in the <b>RSA</b> structure provided in <b>rsa</b>. The pseudo-random number generator must be seeded prior to calling RSA_generate_key_ex().</p>
+
+<p>RSA_generate_multi_prime_key() generates a multi-prime RSA key pair and stores it in the <b>RSA</b> structure provided in <b>rsa</b>. The number of primes is given by the <b>primes</b> parameter. The pseudo-random number generator must be seeded prior to calling RSA_generate_multi_prime_key().</p>
+
+<p>The modulus size will be of length <b>bits</b>, the number of primes to form the modulus will be <b>primes</b>, and the public exponent will be <b>e</b>. Key sizes with <b>num</b> &lt; 1024 should be considered insecure. The exponent is an odd number, typically 3, 17 or 65537.</p>
+
+<p>In order to maintain adequate security level, the maximum number of permitted <b>primes</b> depends on modulus bit length:</p>
+
+<pre><code>   &lt;1024 | &gt;=1024 | &gt;=4096 | &gt;=8192
+   ------+--------+--------+-------
+     2   |   3    |   4    |   5</code></pre>
+
+<p>A callback function may be used to provide feedback about the progress of the key generation. If <b>cb</b> is not <b>NULL</b>, it will be called as follows using the BN_GENCB_call() function described on the <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> page.</p>
+
+<p>RSA_generate_prime() is similar to RSA_generate_prime_ex() but expects an old-style callback function; see <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a> for information on the old-style callback.</p>
+
+<ul>
+
+<li><p>While a random prime number is generated, it is called as described in <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a>.</p>
+
+</li>
+<li><p>When the n-th randomly generated prime is rejected as not suitable for the key, <b>BN_GENCB_call(cb, 2, n)</b> is called.</p>
+
+</li>
+<li><p>When a random p has been found with p-1 relatively prime to <b>e</b>, it is called as <b>BN_GENCB_call(cb, 3, 0)</b>.</p>
+
+</li>
+</ul>
+
+<p>The process is then repeated for prime q and other primes (if any) with <b>BN_GENCB_call(cb, 3, i)</b> where <b>i</b> indicates the i-th prime.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_generate_multi_prime_key() returns 1 on success or 0 on error. RSA_generate_key_ex() returns 1 on success or 0 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>RSA_generate_key() returns a pointer to the RSA structure or <b>NULL</b> if the key generation fails.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>BN_GENCB_call(cb, 2, x)</b> is used with two different meanings.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/BN_generate_prime.html">BN_generate_prime(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_generate_key() was deprecated in OpenSSL 0.9.8; use RSA_generate_key_ex() instead.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_crt_params.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_crt_params.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_crt_params.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_d.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_d.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_d.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_dmp1.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_dmp1.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_dmp1.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_dmq1.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_dmq1.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_dmq1.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_e.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_e.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_e.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_engine.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_engine.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_engine.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_factors.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_factors.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_factors.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_iqmp.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_iqmp.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_iqmp.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_key.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_key.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_key.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_multi_prime_crt_params.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_multi_prime_crt_params.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_multi_prime_crt_params.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_multi_prime_factors.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_multi_prime_factors.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_multi_prime_factors.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_n.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_n.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_n.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_p.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_p.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_p.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get0_q.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_q.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get0_q.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get_default_method.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get_default_method.html
new file mode 100644
index 000000000..ad1a0e3b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get_default_method.html
@@ -0,0 +1,161 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set_default_method, RSA_get_default_method, RSA_set_method, RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_default_method(void);
+
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_method(const RSA *rsa);
+
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
+
+ int RSA_flags(const RSA *rsa);
+
+ RSA *RSA_new_method(ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>RSA_METHOD</b> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these RSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default RSA_METHOD is the OpenSSL internal implementation, as returned by RSA_PKCS1_OpenSSL().</p>
+
+<p>RSA_set_default_method() makes <b>meth</b> the default method for all RSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>RSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the RSA_METHOD used by the RSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have RSA keys that only work with certain RSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the RSA_METHOD for the key can have unexpected results.</p>
+
+<p>RSA_get_method() returns a pointer to the RSA_METHOD being used by <b>rsa</b>. This method may or may not be supplied by an ENGINE implementation, but if it is, the return value can only be guaranteed to be valid as long as the RSA key itself is valid and does not have its implementation changed by RSA_set_method().</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current RSA_METHOD. See the BUGS section.</p>
+
+<p>RSA_new_method() allocates and initializes an RSA structure so that <b>engine</b> will be used for the RSA operations. If <b>engine</b> is NULL, the default ENGINE for RSA operations is used, and if no default ENGINE is set, the RSA_METHOD controlled by RSA_set_default_method() is used.</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current method.</p>
+
+<p>RSA_new_method() allocates and initializes an <b>RSA</b> structure so that <b>method</b> will be used for the RSA operations. If <b>method</b> is <b>NULL</b>, the default method is used.</p>
+
+<h1 id="THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rsa_meth_st
+ {
+     /* name of the implementation */
+     const char *name;
+
+     /* encrypt */
+     int (*rsa_pub_enc)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* verify arbitrary data */
+     int (*rsa_pub_dec)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* sign arbitrary data */
+     int (*rsa_priv_enc)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* decrypt */
+     int (*rsa_priv_dec)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* compute r0 = r0 ^ I mod rsa-&gt;n (May be NULL for some implementations) */
+     int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+     int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at RSA_new */
+     int (*init)(RSA *rsa);
+
+     /* called at RSA_free */
+     int (*finish)(RSA *rsa);
+
+     /*
+      * RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
+      *                            operations, even if p,q,dmp1,dmq1,iqmp
+      *                            are NULL
+      * RSA_METHOD_FLAG_NO_CHECK - don&#39;t check pub/private match
+      */
+     int flags;
+
+     char *app_data; /* ?? */
+
+     int (*rsa_sign)(int type,
+                     const unsigned char *m, unsigned int m_length,
+                     unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+     int (*rsa_verify)(int dtype,
+                       const unsigned char *m, unsigned int m_length,
+                       const unsigned char *sigbuf, unsigned int siglen,
+                       const RSA *rsa);
+     /* keygen. If NULL builtin RSA key generation will be used */
+     int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method() and RSA_get_method() return pointers to the respective RSA_METHODs.</p>
+
+<p>RSA_set_default_method() returns no value.</p>
+
+<p>RSA_set_method() returns a pointer to the old RSA_METHOD implementation that was replaced. However, this return value should probably be ignored because if it was supplied by an ENGINE, the pointer could be invalidated at any time if the ENGINE is unloaded (in fact it could be unloaded as a result of the RSA_set_method() function releasing its handle to the ENGINE). For this reason, the return type may be replaced with a <b>void</b> declaration in a future release.</p>
+
+<p>RSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The behaviour of RSA_flags() is a mis-feature that is left as-is for now to avoid creating compatibility problems. RSA functionality, such as the encryption functions, are controlled by the <b>flags</b> value in the RSA key itself, not by the <b>flags</b> value in the RSA_METHOD attached to the RSA key (which is what this function returns). If the flags element of an RSA key is changed, the changes will be honoured by RSA functionality but will not be reflected in the return value of the RSA_flags() function - in effect RSA_flags() behaves more like an RSA_default_flags() function (which does not currently exist).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_null_method(), which was a partial attempt to avoid patent issues, was replaced to always return NULL in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get_method.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get_method.html
new file mode 100644
index 000000000..ad1a0e3b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get_method.html
@@ -0,0 +1,161 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set_default_method, RSA_get_default_method, RSA_set_method, RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_default_method(void);
+
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_method(const RSA *rsa);
+
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
+
+ int RSA_flags(const RSA *rsa);
+
+ RSA *RSA_new_method(ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>RSA_METHOD</b> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these RSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default RSA_METHOD is the OpenSSL internal implementation, as returned by RSA_PKCS1_OpenSSL().</p>
+
+<p>RSA_set_default_method() makes <b>meth</b> the default method for all RSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>RSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the RSA_METHOD used by the RSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have RSA keys that only work with certain RSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the RSA_METHOD for the key can have unexpected results.</p>
+
+<p>RSA_get_method() returns a pointer to the RSA_METHOD being used by <b>rsa</b>. This method may or may not be supplied by an ENGINE implementation, but if it is, the return value can only be guaranteed to be valid as long as the RSA key itself is valid and does not have its implementation changed by RSA_set_method().</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current RSA_METHOD. See the BUGS section.</p>
+
+<p>RSA_new_method() allocates and initializes an RSA structure so that <b>engine</b> will be used for the RSA operations. If <b>engine</b> is NULL, the default ENGINE for RSA operations is used, and if no default ENGINE is set, the RSA_METHOD controlled by RSA_set_default_method() is used.</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current method.</p>
+
+<p>RSA_new_method() allocates and initializes an <b>RSA</b> structure so that <b>method</b> will be used for the RSA operations. If <b>method</b> is <b>NULL</b>, the default method is used.</p>
+
+<h1 id="THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rsa_meth_st
+ {
+     /* name of the implementation */
+     const char *name;
+
+     /* encrypt */
+     int (*rsa_pub_enc)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* verify arbitrary data */
+     int (*rsa_pub_dec)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* sign arbitrary data */
+     int (*rsa_priv_enc)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* decrypt */
+     int (*rsa_priv_dec)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* compute r0 = r0 ^ I mod rsa-&gt;n (May be NULL for some implementations) */
+     int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+     int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at RSA_new */
+     int (*init)(RSA *rsa);
+
+     /* called at RSA_free */
+     int (*finish)(RSA *rsa);
+
+     /*
+      * RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
+      *                            operations, even if p,q,dmp1,dmq1,iqmp
+      *                            are NULL
+      * RSA_METHOD_FLAG_NO_CHECK - don&#39;t check pub/private match
+      */
+     int flags;
+
+     char *app_data; /* ?? */
+
+     int (*rsa_sign)(int type,
+                     const unsigned char *m, unsigned int m_length,
+                     unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+     int (*rsa_verify)(int dtype,
+                       const unsigned char *m, unsigned int m_length,
+                       const unsigned char *sigbuf, unsigned int siglen,
+                       const RSA *rsa);
+     /* keygen. If NULL builtin RSA key generation will be used */
+     int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method() and RSA_get_method() return pointers to the respective RSA_METHODs.</p>
+
+<p>RSA_set_default_method() returns no value.</p>
+
+<p>RSA_set_method() returns a pointer to the old RSA_METHOD implementation that was replaced. However, this return value should probably be ignored because if it was supplied by an ENGINE, the pointer could be invalidated at any time if the ENGINE is unloaded (in fact it could be unloaded as a result of the RSA_set_method() function releasing its handle to the ENGINE). For this reason, the return type may be replaced with a <b>void</b> declaration in a future release.</p>
+
+<p>RSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The behaviour of RSA_flags() is a mis-feature that is left as-is for now to avoid creating compatibility problems. RSA functionality, such as the encryption functions, are controlled by the <b>flags</b> value in the RSA key itself, not by the <b>flags</b> value in the RSA_METHOD attached to the RSA key (which is what this function returns). If the flags element of an RSA key is changed, the changes will be honoured by RSA functionality but will not be reflected in the return value of the RSA_flags() function - in effect RSA_flags() behaves more like an RSA_default_flags() function (which does not currently exist).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_null_method(), which was a partial attempt to avoid patent issues, was replaced to always return NULL in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get_multi_prime_extra_count.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get_multi_prime_extra_count.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get_multi_prime_extra_count.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_get_version.html b/msys2/usr/share/doc/openssl/html/man3/RSA_get_version.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_get_version.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_dup.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_dup.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_dup.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_free.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_free.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_free.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get0_app_data.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get0_app_data.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get0_app_data.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get0_name.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get0_name.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get0_name.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_bn_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_bn_mod_exp.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_bn_mod_exp.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_finish.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_finish.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_finish.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_flags.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_flags.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_flags.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_init.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_init.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_init.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_keygen.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_keygen.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_keygen.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_mod_exp.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_mod_exp.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_multi_prime_keygen.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_multi_prime_keygen.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_multi_prime_keygen.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_priv_dec.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_priv_dec.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_priv_dec.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_priv_enc.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_priv_enc.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_priv_enc.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_pub_dec.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_pub_dec.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_pub_dec.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_pub_enc.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_pub_enc.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_pub_enc.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_sign.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_sign.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_sign.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_verify.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_verify.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_get_verify.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_new.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_new.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_new.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set0_app_data.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set0_app_data.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set0_app_data.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set1_name.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set1_name.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set1_name.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_bn_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_bn_mod_exp.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_bn_mod_exp.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_finish.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_finish.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_finish.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_flags.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_flags.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_init.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_init.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_init.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_keygen.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_keygen.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_keygen.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_mod_exp.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_mod_exp.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_mod_exp.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_multi_prime_keygen.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_multi_prime_keygen.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_multi_prime_keygen.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_priv_dec.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_priv_dec.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_priv_dec.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_priv_enc.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_priv_enc.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_priv_enc.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_pub_dec.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_pub_dec.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_pub_dec.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_pub_enc.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_pub_enc.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_pub_enc.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_sign.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_sign.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_sign.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_verify.html b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_verify.html
new file mode 100644
index 000000000..39839ab3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_meth_set_verify.html
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_meth_get0_app_data, RSA_meth_set0_app_data, RSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, RSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, RSA_meth_get_pub_enc, RSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, RSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, RSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, RSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, RSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, RSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, RSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, RSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen - Routines to build up RSA methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA_METHOD *RSA_meth_new(const char *name, int flags);
+ void RSA_meth_free(RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+
+ const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
+
+ int RSA_meth_get_flags(const RSA_METHOD *meth);
+ int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+
+ void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+ int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data);
+
+ int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                     unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+                          int (*pub_enc)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+     (int flen, const unsigned char *from,
+      unsigned char *to, RSA *rsa, int padding);
+ int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+                          int (*pub_dec)(int flen, const unsigned char *from,
+                                         unsigned char *to, RSA *rsa,
+                                         int padding));
+
+ int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+                           int (*priv_enc)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from,
+                                                      unsigned char *to, RSA *rsa,
+                                                      int padding);
+ int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+                           int (*priv_dec)(int flen, const unsigned char *from,
+                                           unsigned char *to, RSA *rsa, int padding));
+
+ /* Can be null */
+ int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i,
+                                                     RSA *rsa, BN_CTX *ctx);
+ int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+                          int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                                         BN_CTX *ctx));
+
+ /* Can be null */
+ int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a,
+                                                        const BIGNUM *p, const BIGNUM *m,
+                                                        BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+                             int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a,
+                                               const BIGNUM *p, const BIGNUM *m,
+                                               BN_CTX *ctx, BN_MONT_CTX *m_ctx));
+
+ /* called at new */
+ int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa);
+ int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa));
+
+ /* called at free */
+ int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
+ int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa));
+
+ int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m,
+                                                  unsigned int m_length,
+                                                  unsigned char *sigret,
+                                                  unsigned int *siglen, const RSA *rsa);
+ int RSA_meth_set_sign(RSA_METHOD *rsa,
+                       int (*sign)(int type, const unsigned char *m,
+                                   unsigned int m_length, unsigned char *sigret,
+                                   unsigned int *siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m,
+                                                    unsigned int m_length,
+                                                    const unsigned char *sigbuf,
+                                                    unsigned int siglen, const RSA *rsa);
+ int RSA_meth_set_verify(RSA_METHOD *rsa,
+                         int (*verify)(int dtype, const unsigned char *m,
+                                       unsigned int m_length,
+                                       const unsigned char *sigbuf,
+                                       unsigned int siglen, const RSA *rsa));
+
+ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e,
+                                                    BN_GENCB *cb);
+ int RSA_meth_set_keygen(RSA_METHOD *rsa,
+                         int (*keygen)(RSA *rsa, int bits, BIGNUM *e,
+                                       BN_GENCB *cb));
+
+ int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits,
+                                                                int primes, BIGNUM *e,
+                                                                BN_GENCB *cb);
+
+ int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+                                     int (*keygen) (RSA *rsa, int bits,
+                                                    int primes, BIGNUM *e,
+                                                    BN_GENCB *cb));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA_METHOD</b> type is a structure used for the provision of custom RSA implementations. It provides a set of functions used by OpenSSL for the implementation of the various RSA capabilities. See the <a href="/../man1/rsa.html">rsa</a> page for more information.</p>
+
+<p>RSA_meth_new() creates a new <b>RSA_METHOD</b> structure. It should be given a unique <b>name</b> and a set of <b>flags</b>. The <b>name</b> should be a NULL terminated string, which will be duplicated and stored in the <b>RSA_METHOD</b> object. It is the callers responsibility to free the original string. The flags will be used during the construction of a new <b>RSA</b> object based on this <b>RSA_METHOD</b>. Any new <b>RSA</b> object will have those flags set by default.</p>
+
+<p>RSA_meth_dup() creates a duplicate copy of the <b>RSA_METHOD</b> object passed as a parameter. This might be useful for creating a new <b>RSA_METHOD</b> based on an existing one, but with some differences.</p>
+
+<p>RSA_meth_free() destroys an <b>RSA_METHOD</b> structure and frees up any memory associated with it.</p>
+
+<p>RSA_meth_get0_name() will return a pointer to the name of this RSA_METHOD. This is a pointer to the internal name string and so should not be freed by the caller. RSA_meth_set1_name() sets the name of the RSA_METHOD to <b>name</b>. The string is duplicated and the copy is stored in the RSA_METHOD structure, so the caller remains responsible for freeing the memory associated with the name.</p>
+
+<p>RSA_meth_get_flags() returns the current value of the flags associated with this RSA_METHOD. RSA_meth_set_flags() provides the ability to set these flags.</p>
+
+<p>The functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() provide the ability to associate implementation specific data with the RSA_METHOD. It is the application&#39;s responsibility to free this data before the RSA_METHOD is freed via a call to RSA_meth_free().</p>
+
+<p>RSA_meth_get_sign() and RSA_meth_set_sign() get and set the function used for creating an RSA signature respectively. This function will be called in response to the application calling RSA_sign(). The parameters for the function have the same meaning as for RSA_sign().</p>
+
+<p>RSA_meth_get_verify() and RSA_meth_set_verify() get and set the function used for verifying an RSA signature respectively. This function will be called in response to the application calling RSA_verify(). The parameters for the function have the same meaning as for RSA_verify().</p>
+
+<p>RSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the function used for CRT computations.</p>
+
+<p>RSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set the function used for CRT computations, specifically the following value:</p>
+
+<pre><code> r = a ^ p mod m</code></pre>
+
+<p>Both the mod_exp() and bn_mod_exp() functions are called by the default OpenSSL method during encryption, decryption, signing and verification.</p>
+
+<p>RSA_meth_get_init() and RSA_meth_set_init() get and set the function used for creating a new RSA instance respectively. This function will be called in response to the application calling RSA_new() (if the current default RSA_METHOD is this one) or RSA_new_method(). The RSA_new() and RSA_new_method() functions will allocate the memory for the new RSA object, and a pointer to this newly allocated structure will be passed as a parameter to the function. This function may be NULL.</p>
+
+<p>RSA_meth_get_finish() and RSA_meth_set_finish() get and set the function used for destroying an instance of an RSA object respectively. This function will be called in response to the application calling RSA_free(). A pointer to the RSA to be destroyed is passed as a parameter. The destroy function should be used for RSA implementation specific clean up. The memory for the RSA itself should not be freed by this function. This function may be NULL.</p>
+
+<p>RSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the function used for generating a new RSA key pair respectively. This function will be called in response to the application calling RSA_generate_key_ex(). The parameter for the function has the same meaning as for RSA_generate_key_ex().</p>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get and set the function used for generating a new multi-prime RSA key pair respectively. This function will be called in response to the application calling RSA_generate_multi_prime_key(). The parameter for the function has the same meaning as for RSA_generate_multi_prime_key().</p>
+
+<p>RSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), RSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), RSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), RSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the functions used for public and private key encryption and decryption. These functions will be called in response to the application calling RSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and RSA_public_decrypt() and take the same parameters as those.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_meth_new() and RSA_meth_dup() return the newly allocated RSA_METHOD object or NULL on failure.</p>
+
+<p>RSA_meth_get0_name() and RSA_meth_get_flags() return the name and flags associated with the RSA_METHOD respectively.</p>
+
+<p>All other RSA_meth_get_*() functions return the appropriate function pointer that has been set in the RSA_METHOD, or NULL if no such pointer has yet been set.</p>
+
+<p>RSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_generate_key_ex.html">RSA_generate_key_ex(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_set_method.html">RSA_set_method(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a>, <a href="../man3/RSA_get0_key.html">RSA_get0_key(3)</a>, <a href="../man3/RSA_generate_multi_prime_key.html">RSA_generate_multi_prime_key(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>RSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_new.html b/msys2/usr/share/doc/openssl/html/man3/RSA_new.html
new file mode 100644
index 000000000..112aa3238
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_new.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_new, RSA_free - allocate and free RSA objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ RSA *RSA_new(void);
+
+ void RSA_free(RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_new() allocates and initializes an <b>RSA</b> structure. It is equivalent to calling RSA_new_method(NULL).</p>
+
+<p>RSA_free() frees the <b>RSA</b> structure and its components. The key is erased before the memory is returned to the system. If <b>rsa</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, RSA_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>RSA_free() returns no value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RSA_generate_key.html">RSA_generate_key(3)</a>, <a href="../man3/RSA_new_method.html">RSA_new_method(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_new_method.html b/msys2/usr/share/doc/openssl/html/man3/RSA_new_method.html
new file mode 100644
index 000000000..ad1a0e3b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_new_method.html
@@ -0,0 +1,161 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set_default_method, RSA_get_default_method, RSA_set_method, RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_default_method(void);
+
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_method(const RSA *rsa);
+
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
+
+ int RSA_flags(const RSA *rsa);
+
+ RSA *RSA_new_method(ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>RSA_METHOD</b> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these RSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default RSA_METHOD is the OpenSSL internal implementation, as returned by RSA_PKCS1_OpenSSL().</p>
+
+<p>RSA_set_default_method() makes <b>meth</b> the default method for all RSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>RSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the RSA_METHOD used by the RSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have RSA keys that only work with certain RSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the RSA_METHOD for the key can have unexpected results.</p>
+
+<p>RSA_get_method() returns a pointer to the RSA_METHOD being used by <b>rsa</b>. This method may or may not be supplied by an ENGINE implementation, but if it is, the return value can only be guaranteed to be valid as long as the RSA key itself is valid and does not have its implementation changed by RSA_set_method().</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current RSA_METHOD. See the BUGS section.</p>
+
+<p>RSA_new_method() allocates and initializes an RSA structure so that <b>engine</b> will be used for the RSA operations. If <b>engine</b> is NULL, the default ENGINE for RSA operations is used, and if no default ENGINE is set, the RSA_METHOD controlled by RSA_set_default_method() is used.</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current method.</p>
+
+<p>RSA_new_method() allocates and initializes an <b>RSA</b> structure so that <b>method</b> will be used for the RSA operations. If <b>method</b> is <b>NULL</b>, the default method is used.</p>
+
+<h1 id="THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rsa_meth_st
+ {
+     /* name of the implementation */
+     const char *name;
+
+     /* encrypt */
+     int (*rsa_pub_enc)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* verify arbitrary data */
+     int (*rsa_pub_dec)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* sign arbitrary data */
+     int (*rsa_priv_enc)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* decrypt */
+     int (*rsa_priv_dec)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* compute r0 = r0 ^ I mod rsa-&gt;n (May be NULL for some implementations) */
+     int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+     int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at RSA_new */
+     int (*init)(RSA *rsa);
+
+     /* called at RSA_free */
+     int (*finish)(RSA *rsa);
+
+     /*
+      * RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
+      *                            operations, even if p,q,dmp1,dmq1,iqmp
+      *                            are NULL
+      * RSA_METHOD_FLAG_NO_CHECK - don&#39;t check pub/private match
+      */
+     int flags;
+
+     char *app_data; /* ?? */
+
+     int (*rsa_sign)(int type,
+                     const unsigned char *m, unsigned int m_length,
+                     unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+     int (*rsa_verify)(int dtype,
+                       const unsigned char *m, unsigned int m_length,
+                       const unsigned char *sigbuf, unsigned int siglen,
+                       const RSA *rsa);
+     /* keygen. If NULL builtin RSA key generation will be used */
+     int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method() and RSA_get_method() return pointers to the respective RSA_METHODs.</p>
+
+<p>RSA_set_default_method() returns no value.</p>
+
+<p>RSA_set_method() returns a pointer to the old RSA_METHOD implementation that was replaced. However, this return value should probably be ignored because if it was supplied by an ENGINE, the pointer could be invalidated at any time if the ENGINE is unloaded (in fact it could be unloaded as a result of the RSA_set_method() function releasing its handle to the ENGINE). For this reason, the return type may be replaced with a <b>void</b> declaration in a future release.</p>
+
+<p>RSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The behaviour of RSA_flags() is a mis-feature that is left as-is for now to avoid creating compatibility problems. RSA functionality, such as the encryption functions, are controlled by the <b>flags</b> value in the RSA key itself, not by the <b>flags</b> value in the RSA_METHOD attached to the RSA key (which is what this function returns). If the flags element of an RSA key is changed, the changes will be honoured by RSA functionality but will not be reflected in the return value of the RSA_flags() function - in effect RSA_flags() behaves more like an RSA_default_flags() function (which does not currently exist).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_null_method(), which was a partial attempt to avoid patent issues, was replaced to always return NULL in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_OAEP.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_OAEP.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_OAEP.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_type_1.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_type_1.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_type_1.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_type_2.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_type_2.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_type_2.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_SSLv23.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_SSLv23.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_SSLv23.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_none.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_none.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_add_none.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_OAEP.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_OAEP.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_OAEP.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_type_1.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_type_1.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_type_1.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_type_2.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_type_2.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_type_2.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_SSLv23.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_SSLv23.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_SSLv23.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_none.html b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_none.html
new file mode 100644
index 000000000..882020adb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_padding_check_none.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_padding_add_PKCS1_type_1</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                                unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                  unsigned char *f, int fl, int rsa_len,
+                                  unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                            unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                              unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+                          unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+                            unsigned char *f, int fl, int rsa_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, decrypt, sign and verify functions. Normally they should not be called from application programs.</p>
+
+<p>However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with <b>RSA_NO_PADDING</b> in order to implement OAEP with an encoding parameter.</p>
+
+<p>RSA_padding_add_xxx() encodes <b>fl</b> bytes from <b>f</b> so as to fit into <b>tlen</b> bytes and stores the result at <b>to</b>. An error occurs if <b>fl</b> does not meet the size requirements of the encoding method.</p>
+
+<p>The following encoding methods are implemented:</p>
+
+<dl>
+
+<dt id="PKCS1_type_1">PKCS1_type_1</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures</p>
+
+</dd>
+<dt id="PKCS1_type_2">PKCS1_type_2</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)</p>
+
+</dd>
+<dt id="PKCS1_OAEP">PKCS1_OAEP</dt>
+<dd>
+
+<p>PKCS #1 v2.0 EME-OAEP</p>
+
+</dd>
+<dt id="SSLv23">SSLv23</dt>
+<dd>
+
+<p>PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification</p>
+
+</dd>
+<dt id="none">none</dt>
+<dd>
+
+<p>simply copy the data</p>
+
+</dd>
+</dl>
+
+<p>The random number generator must be seeded prior to calling RSA_padding_add_xxx().</p>
+
+<p>RSA_padding_check_xxx() verifies that the <b>fl</b> bytes at <b>f</b> contain a valid encoding for a <b>rsa_len</b> byte RSA key in the respective encoding method and stores the recovered data of at most <b>tlen</b> bytes (for <b>RSA_NO_PADDING</b>: of size <b>tlen</b>) at <b>to</b>.</p>
+
+<p>For RSA_padding_xxx_OAEP(), <b>p</b> points to the encoding parameter of length <b>pl</b>. <b>p</b> may be <b>NULL</b> if <b>pl</b> is 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The RSA_padding_add_xxx() functions return 1 on success, 0 on error. The RSA_padding_check_xxx() functions return the length of the recovered data, -1 on error. Error codes can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>The RSA_padding_check_PKCS1_type_2() padding check leaks timing information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can be recommended to pass zero-padded <b>f</b>, so that <b>fl</b> equals to <b>rsa_len</b>, and if fixed by protocol, <b>tlen</b> being set to the expected length. In such case leakage would be minimal, it would take attacker&#39;s ability to observe memory access pattern with byte granilarity as it occurs, post-factum timing analysis won&#39;t do.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_public_encrypt.html">RSA_public_encrypt(3)</a>, <a href="../man3/RSA_private_decrypt.html">RSA_private_decrypt(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_print.html b/msys2/usr/share/doc/openssl/html/man3/RSA_print.html
new file mode 100644
index 000000000..e18800060
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_print.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_print, RSA_print_fp, DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A human-readable hexadecimal output of the components of the RSA key, DSA parameters or key or DH parameters is printed to <b>bp</b> or <b>fp</b>.</p>
+
+<p>The output lines are indented by <b>offset</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 on success, 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_print_fp.html b/msys2/usr/share/doc/openssl/html/man3/RSA_print_fp.html
new file mode 100644
index 000000000..e18800060
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_print_fp.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_print, RSA_print_fp, DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include &lt;openssl/dsa.h&gt;
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include &lt;openssl/dh.h&gt;
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A human-readable hexadecimal output of the components of the RSA key, DSA parameters or key or DH parameters is printed to <b>bp</b> or <b>fp</b>.</p>
+
+<p>The output lines are indented by <b>offset</b> spaces.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 on success, 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_bn2bin.html">BN_bn2bin(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_private_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/RSA_private_decrypt.html
new file mode 100644
index 000000000..8712ad5ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_private_decrypt.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_public_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_public_encrypt(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+ int RSA_private_decrypt(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_public_encrypt() encrypts the <b>flen</b> bytes at <b>from</b> (usually a session key) using the public key <b>rsa</b> and stores the ciphertext in <b>to</b>. <b>to</b> must point to RSA_size(<b>rsa</b>) bytes of memory.</p>
+
+<p><b>padding</b> denotes one of the following modes:</p>
+
+<dl>
+
+<dt id="RSA_PKCS1_PADDING">RSA_PKCS1_PADDING</dt>
+<dd>
+
+<p>PKCS #1 v1.5 padding. This currently is the most widely used mode.</p>
+
+</dd>
+<dt id="RSA_PKCS1_OAEP_PADDING">RSA_PKCS1_OAEP_PADDING</dt>
+<dd>
+
+<p>EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding parameter. This mode is recommended for all new applications.</p>
+
+</dd>
+<dt id="RSA_SSLV23_PADDING">RSA_SSLV23_PADDING</dt>
+<dd>
+
+<p>PKCS #1 v1.5 padding with an SSL-specific modification that denotes that the server is SSL3 capable.</p>
+
+</dd>
+<dt id="RSA_NO_PADDING">RSA_NO_PADDING</dt>
+<dd>
+
+<p>Raw RSA encryption. This mode should <i>only</i> be used to implement cryptographically sound padding modes in the application code. Encrypting user data directly with RSA is insecure.</p>
+
+</dd>
+</dl>
+
+<p><b>flen</b> must be less than RSA_size(<b>rsa</b>) - 11 for the PKCS #1 v1.5 based padding modes, less than RSA_size(<b>rsa</b>) - 41 for RSA_PKCS1_OAEP_PADDING and exactly RSA_size(<b>rsa</b>) for RSA_NO_PADDING. The random number generator must be seeded prior to calling RSA_public_encrypt().</p>
+
+<p>RSA_private_decrypt() decrypts the <b>flen</b> bytes at <b>from</b> using the private key <b>rsa</b> and stores the plaintext in <b>to</b>. <b>to</b> must point to a memory section large enough to hold the decrypted data (which is smaller than RSA_size(<b>rsa</b>)). <b>padding</b> is the padding mode that was used to encrypt the data.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_public_encrypt() returns the size of the encrypted data (i.e., RSA_size(<b>rsa</b>)). RSA_private_decrypt() returns the size of the recovered plaintext.</p>
+
+<p>On error, -1 is returned; the error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>Decryption failures in the RSA_PKCS1_PADDING mode leak information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer RSA_PKCS1_OAEP_PADDING.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>SSL, PKCS #1 v2.0</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_private_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/RSA_private_encrypt.html
new file mode 100644
index 000000000..b89e7ace7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_private_encrypt.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_private_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_private_encrypt, RSA_public_decrypt - low level signature operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_private_encrypt(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+ int RSA_public_decrypt(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions handle RSA signatures at a low level.</p>
+
+<p>RSA_private_encrypt() signs the <b>flen</b> bytes at <b>from</b> (usually a message digest with an algorithm identifier) using the private key <b>rsa</b> and stores the signature in <b>to</b>. <b>to</b> must point to <b>RSA_size(rsa)</b> bytes of memory.</p>
+
+<p><b>padding</b> denotes one of the following modes:</p>
+
+<dl>
+
+<dt id="RSA_PKCS1_PADDING">RSA_PKCS1_PADDING</dt>
+<dd>
+
+<p>PKCS #1 v1.5 padding. This function does not handle the <b>algorithmIdentifier</b> specified in PKCS #1. When generating or verifying PKCS #1 signatures, <a href="../man3/RSA_sign.html">RSA_sign(3)</a> and <a href="../man3/RSA_verify.html">RSA_verify(3)</a> should be used.</p>
+
+</dd>
+<dt id="RSA_NO_PADDING">RSA_NO_PADDING</dt>
+<dd>
+
+<p>Raw RSA signature. This mode should <i>only</i> be used to implement cryptographically sound padding modes in the application code. Signing user data directly with RSA is insecure.</p>
+
+</dd>
+</dl>
+
+<p>RSA_public_decrypt() recovers the message digest from the <b>flen</b> bytes long signature at <b>from</b> using the signer&#39;s public key <b>rsa</b>. <b>to</b> must point to a memory section large enough to hold the message digest (which is smaller than <b>RSA_size(rsa) - 11</b>). <b>padding</b> is the padding mode that was used to sign the data.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_private_encrypt() returns the size of the signature (i.e., RSA_size(rsa)). RSA_public_decrypt() returns the size of the recovered message digest.</p>
+
+<p>On error, -1 is returned; the error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_public_decrypt.html b/msys2/usr/share/doc/openssl/html/man3/RSA_public_decrypt.html
new file mode 100644
index 000000000..b89e7ace7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_public_decrypt.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_private_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_private_encrypt, RSA_public_decrypt - low level signature operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_private_encrypt(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+ int RSA_public_decrypt(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions handle RSA signatures at a low level.</p>
+
+<p>RSA_private_encrypt() signs the <b>flen</b> bytes at <b>from</b> (usually a message digest with an algorithm identifier) using the private key <b>rsa</b> and stores the signature in <b>to</b>. <b>to</b> must point to <b>RSA_size(rsa)</b> bytes of memory.</p>
+
+<p><b>padding</b> denotes one of the following modes:</p>
+
+<dl>
+
+<dt id="RSA_PKCS1_PADDING">RSA_PKCS1_PADDING</dt>
+<dd>
+
+<p>PKCS #1 v1.5 padding. This function does not handle the <b>algorithmIdentifier</b> specified in PKCS #1. When generating or verifying PKCS #1 signatures, <a href="../man3/RSA_sign.html">RSA_sign(3)</a> and <a href="../man3/RSA_verify.html">RSA_verify(3)</a> should be used.</p>
+
+</dd>
+<dt id="RSA_NO_PADDING">RSA_NO_PADDING</dt>
+<dd>
+
+<p>Raw RSA signature. This mode should <i>only</i> be used to implement cryptographically sound padding modes in the application code. Signing user data directly with RSA is insecure.</p>
+
+</dd>
+</dl>
+
+<p>RSA_public_decrypt() recovers the message digest from the <b>flen</b> bytes long signature at <b>from</b> using the signer&#39;s public key <b>rsa</b>. <b>to</b> must point to a memory section large enough to hold the message digest (which is smaller than <b>RSA_size(rsa) - 11</b>). <b>padding</b> is the padding mode that was used to sign the data.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_private_encrypt() returns the size of the signature (i.e., RSA_size(rsa)). RSA_public_decrypt() returns the size of the recovered message digest.</p>
+
+<p>On error, -1 is returned; the error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_public_encrypt.html b/msys2/usr/share/doc/openssl/html/man3/RSA_public_encrypt.html
new file mode 100644
index 000000000..8712ad5ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_public_encrypt.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_public_encrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_public_encrypt(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+ int RSA_private_decrypt(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_public_encrypt() encrypts the <b>flen</b> bytes at <b>from</b> (usually a session key) using the public key <b>rsa</b> and stores the ciphertext in <b>to</b>. <b>to</b> must point to RSA_size(<b>rsa</b>) bytes of memory.</p>
+
+<p><b>padding</b> denotes one of the following modes:</p>
+
+<dl>
+
+<dt id="RSA_PKCS1_PADDING">RSA_PKCS1_PADDING</dt>
+<dd>
+
+<p>PKCS #1 v1.5 padding. This currently is the most widely used mode.</p>
+
+</dd>
+<dt id="RSA_PKCS1_OAEP_PADDING">RSA_PKCS1_OAEP_PADDING</dt>
+<dd>
+
+<p>EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding parameter. This mode is recommended for all new applications.</p>
+
+</dd>
+<dt id="RSA_SSLV23_PADDING">RSA_SSLV23_PADDING</dt>
+<dd>
+
+<p>PKCS #1 v1.5 padding with an SSL-specific modification that denotes that the server is SSL3 capable.</p>
+
+</dd>
+<dt id="RSA_NO_PADDING">RSA_NO_PADDING</dt>
+<dd>
+
+<p>Raw RSA encryption. This mode should <i>only</i> be used to implement cryptographically sound padding modes in the application code. Encrypting user data directly with RSA is insecure.</p>
+
+</dd>
+</dl>
+
+<p><b>flen</b> must be less than RSA_size(<b>rsa</b>) - 11 for the PKCS #1 v1.5 based padding modes, less than RSA_size(<b>rsa</b>) - 41 for RSA_PKCS1_OAEP_PADDING and exactly RSA_size(<b>rsa</b>) for RSA_NO_PADDING. The random number generator must be seeded prior to calling RSA_public_encrypt().</p>
+
+<p>RSA_private_decrypt() decrypts the <b>flen</b> bytes at <b>from</b> using the private key <b>rsa</b> and stores the plaintext in <b>to</b>. <b>to</b> must point to a memory section large enough to hold the decrypted data (which is smaller than RSA_size(<b>rsa</b>)). <b>padding</b> is the padding mode that was used to encrypt the data.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_public_encrypt() returns the size of the encrypted data (i.e., RSA_size(<b>rsa</b>)). RSA_private_decrypt() returns the size of the recovered plaintext.</p>
+
+<p>On error, -1 is returned; the error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>Decryption failures in the RSA_PKCS1_PADDING mode leak information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 v1.5 padding design. Prefer RSA_PKCS1_OAEP_PADDING.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>SSL, PKCS #1 v2.0</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_security_bits.html b/msys2/usr/share/doc/openssl/html/man3/RSA_security_bits.html
new file mode 100644
index 000000000..109183188
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_security_bits.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_size, RSA_bits, RSA_security_bits - get RSA modulus size or security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_size(const RSA *rsa);
+
+ int RSA_bits(const RSA *rsa);
+
+ int RSA_security_bits(const RSA *rsa)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_size() returns the RSA modulus size in bytes. It can be used to determine how much memory must be allocated for an RSA encrypted value.</p>
+
+<p>RSA_bits() returns the number of significant bits.</p>
+
+<p><b>rsa</b> and <b>rsa-&gt;n</b> must not be <b>NULL</b>.</p>
+
+<p>RSA_security_bits() returns the number of security bits of the given <b>rsa</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_size() returns the size of modulus in bytes.</p>
+
+<p>DSA_bits() returns the number of bits in the key.</p>
+
+<p>RSA_security_bits() returns the number of security bits.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bits.html">BN_num_bits(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_bits() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_set0_crt_params.html b/msys2/usr/share/doc/openssl/html/man3/RSA_set0_crt_params.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_set0_crt_params.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_set0_factors.html b/msys2/usr/share/doc/openssl/html/man3/RSA_set0_factors.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_set0_factors.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_set0_key.html b/msys2/usr/share/doc/openssl/html/man3/RSA_set0_key.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_set0_key.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_set0_multi_prime_params.html b/msys2/usr/share/doc/openssl/html/man3/RSA_set0_multi_prime_params.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_set0_multi_prime_params.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_set_default_method.html b/msys2/usr/share/doc/openssl/html/man3/RSA_set_default_method.html
new file mode 100644
index 000000000..ad1a0e3b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_set_default_method.html
@@ -0,0 +1,161 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set_default_method, RSA_get_default_method, RSA_set_method, RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_default_method(void);
+
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_method(const RSA *rsa);
+
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
+
+ int RSA_flags(const RSA *rsa);
+
+ RSA *RSA_new_method(ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>RSA_METHOD</b> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these RSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default RSA_METHOD is the OpenSSL internal implementation, as returned by RSA_PKCS1_OpenSSL().</p>
+
+<p>RSA_set_default_method() makes <b>meth</b> the default method for all RSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>RSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the RSA_METHOD used by the RSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have RSA keys that only work with certain RSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the RSA_METHOD for the key can have unexpected results.</p>
+
+<p>RSA_get_method() returns a pointer to the RSA_METHOD being used by <b>rsa</b>. This method may or may not be supplied by an ENGINE implementation, but if it is, the return value can only be guaranteed to be valid as long as the RSA key itself is valid and does not have its implementation changed by RSA_set_method().</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current RSA_METHOD. See the BUGS section.</p>
+
+<p>RSA_new_method() allocates and initializes an RSA structure so that <b>engine</b> will be used for the RSA operations. If <b>engine</b> is NULL, the default ENGINE for RSA operations is used, and if no default ENGINE is set, the RSA_METHOD controlled by RSA_set_default_method() is used.</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current method.</p>
+
+<p>RSA_new_method() allocates and initializes an <b>RSA</b> structure so that <b>method</b> will be used for the RSA operations. If <b>method</b> is <b>NULL</b>, the default method is used.</p>
+
+<h1 id="THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rsa_meth_st
+ {
+     /* name of the implementation */
+     const char *name;
+
+     /* encrypt */
+     int (*rsa_pub_enc)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* verify arbitrary data */
+     int (*rsa_pub_dec)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* sign arbitrary data */
+     int (*rsa_priv_enc)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* decrypt */
+     int (*rsa_priv_dec)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* compute r0 = r0 ^ I mod rsa-&gt;n (May be NULL for some implementations) */
+     int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+     int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at RSA_new */
+     int (*init)(RSA *rsa);
+
+     /* called at RSA_free */
+     int (*finish)(RSA *rsa);
+
+     /*
+      * RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
+      *                            operations, even if p,q,dmp1,dmq1,iqmp
+      *                            are NULL
+      * RSA_METHOD_FLAG_NO_CHECK - don&#39;t check pub/private match
+      */
+     int flags;
+
+     char *app_data; /* ?? */
+
+     int (*rsa_sign)(int type,
+                     const unsigned char *m, unsigned int m_length,
+                     unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+     int (*rsa_verify)(int dtype,
+                       const unsigned char *m, unsigned int m_length,
+                       const unsigned char *sigbuf, unsigned int siglen,
+                       const RSA *rsa);
+     /* keygen. If NULL builtin RSA key generation will be used */
+     int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method() and RSA_get_method() return pointers to the respective RSA_METHODs.</p>
+
+<p>RSA_set_default_method() returns no value.</p>
+
+<p>RSA_set_method() returns a pointer to the old RSA_METHOD implementation that was replaced. However, this return value should probably be ignored because if it was supplied by an ENGINE, the pointer could be invalidated at any time if the ENGINE is unloaded (in fact it could be unloaded as a result of the RSA_set_method() function releasing its handle to the ENGINE). For this reason, the return type may be replaced with a <b>void</b> declaration in a future release.</p>
+
+<p>RSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The behaviour of RSA_flags() is a mis-feature that is left as-is for now to avoid creating compatibility problems. RSA functionality, such as the encryption functions, are controlled by the <b>flags</b> value in the RSA key itself, not by the <b>flags</b> value in the RSA_METHOD attached to the RSA key (which is what this function returns). If the flags element of an RSA key is changed, the changes will be honoured by RSA functionality but will not be reflected in the return value of the RSA_flags() function - in effect RSA_flags() behaves more like an RSA_default_flags() function (which does not currently exist).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_null_method(), which was a partial attempt to avoid patent issues, was replaced to always return NULL in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/RSA_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/RSA_set_flags.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_set_flags.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_set_method.html b/msys2/usr/share/doc/openssl/html/man3/RSA_set_method.html
new file mode 100644
index 000000000..ad1a0e3b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_set_method.html
@@ -0,0 +1,161 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_set_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set_default_method, RSA_get_default_method, RSA_set_method, RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_default_method(void);
+
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_method(const RSA *rsa);
+
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
+
+ int RSA_flags(const RSA *rsa);
+
+ RSA *RSA_new_method(ENGINE *engine);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An <b>RSA_METHOD</b> specifies the functions that OpenSSL uses for RSA operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these RSA API functions are affected by the use of <b>ENGINE</b> API calls.</p>
+
+<p>Initially, the default RSA_METHOD is the OpenSSL internal implementation, as returned by RSA_PKCS1_OpenSSL().</p>
+
+<p>RSA_set_default_method() makes <b>meth</b> the default method for all RSA structures created later. <b>NB</b>: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.</p>
+
+<p>RSA_set_method() selects <b>meth</b> to perform all operations using the key <b>rsa</b>. This will replace the RSA_METHOD used by the RSA key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have RSA keys that only work with certain RSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the RSA_METHOD for the key can have unexpected results.</p>
+
+<p>RSA_get_method() returns a pointer to the RSA_METHOD being used by <b>rsa</b>. This method may or may not be supplied by an ENGINE implementation, but if it is, the return value can only be guaranteed to be valid as long as the RSA key itself is valid and does not have its implementation changed by RSA_set_method().</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current RSA_METHOD. See the BUGS section.</p>
+
+<p>RSA_new_method() allocates and initializes an RSA structure so that <b>engine</b> will be used for the RSA operations. If <b>engine</b> is NULL, the default ENGINE for RSA operations is used, and if no default ENGINE is set, the RSA_METHOD controlled by RSA_set_default_method() is used.</p>
+
+<p>RSA_flags() returns the <b>flags</b> that are set for <b>rsa</b>&#39;s current method.</p>
+
+<p>RSA_new_method() allocates and initializes an <b>RSA</b> structure so that <b>method</b> will be used for the RSA operations. If <b>method</b> is <b>NULL</b>, the default method is used.</p>
+
+<h1 id="THE-RSA_METHOD-STRUCTURE">THE RSA_METHOD STRUCTURE</h1>
+
+<pre><code> typedef struct rsa_meth_st
+ {
+     /* name of the implementation */
+     const char *name;
+
+     /* encrypt */
+     int (*rsa_pub_enc)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* verify arbitrary data */
+     int (*rsa_pub_dec)(int flen, unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+
+     /* sign arbitrary data */
+     int (*rsa_priv_enc)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* decrypt */
+     int (*rsa_priv_dec)(int flen, unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+
+     /* compute r0 = r0 ^ I mod rsa-&gt;n (May be NULL for some implementations) */
+     int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+     int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at RSA_new */
+     int (*init)(RSA *rsa);
+
+     /* called at RSA_free */
+     int (*finish)(RSA *rsa);
+
+     /*
+      * RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
+      *                            operations, even if p,q,dmp1,dmq1,iqmp
+      *                            are NULL
+      * RSA_METHOD_FLAG_NO_CHECK - don&#39;t check pub/private match
+      */
+     int flags;
+
+     char *app_data; /* ?? */
+
+     int (*rsa_sign)(int type,
+                     const unsigned char *m, unsigned int m_length,
+                     unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+     int (*rsa_verify)(int dtype,
+                       const unsigned char *m, unsigned int m_length,
+                       const unsigned char *sigbuf, unsigned int siglen,
+                       const RSA *rsa);
+     /* keygen. If NULL builtin RSA key generation will be used */
+     int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method() and RSA_get_method() return pointers to the respective RSA_METHODs.</p>
+
+<p>RSA_set_default_method() returns no value.</p>
+
+<p>RSA_set_method() returns a pointer to the old RSA_METHOD implementation that was replaced. However, this return value should probably be ignored because if it was supplied by an ENGINE, the pointer could be invalidated at any time if the ENGINE is unloaded (in fact it could be unloaded as a result of the RSA_set_method() function releasing its handle to the ENGINE). For this reason, the return type may be replaced with a <b>void</b> declaration in a future release.</p>
+
+<p>RSA_new_method() returns NULL and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The behaviour of RSA_flags() is a mis-feature that is left as-is for now to avoid creating compatibility problems. RSA functionality, such as the encryption functions, are controlled by the <b>flags</b> value in the RSA key itself, not by the <b>flags</b> value in the RSA_METHOD attached to the RSA key (which is what this function returns). If the flags element of an RSA key is changed, the changes will be honoured by RSA functionality but will not be reflected in the return value of the RSA_flags() function - in effect RSA_flags() behaves more like an RSA_default_flags() function (which does not currently exist).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_null_method(), which was a partial attempt to avoid patent issues, was replaced to always return NULL in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_sign.html b/msys2/usr/share/doc/openssl/html/man3/RSA_sign.html
new file mode 100644
index 000000000..fae589914
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_sign.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_sign, RSA_verify - RSA signatures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
+              unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+
+ int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
+                unsigned char *sigbuf, unsigned int siglen, RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_sign() signs the message digest <b>m</b> of size <b>m_len</b> using the private key <b>rsa</b> using RSASSA-PKCS1-v1_5 as specified in RFC 3447. It stores the signature in <b>sigret</b> and the signature size in <b>siglen</b>. <b>sigret</b> must point to RSA_size(<b>rsa</b>) bytes of memory. Note that PKCS #1 adds meta-data, placing limits on the size of the key that can be used. See <a href="../man3/RSA_private_encrypt.html">RSA_private_encrypt(3)</a> for lower-level operations.</p>
+
+<p><b>type</b> denotes the message digest algorithm that was used to generate <b>m</b>. If <b>type</b> is <b>NID_md5_sha1</b>, an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding and no algorithm identifier) is created.</p>
+
+<p>RSA_verify() verifies that the signature <b>sigbuf</b> of size <b>siglen</b> matches a given message digest <b>m</b> of size <b>m_len</b>. <b>type</b> denotes the message digest algorithm that was used to generate the signature. <b>rsa</b> is the signer&#39;s public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_sign() returns 1 on success. RSA_verify() returns 1 on successful verification.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>SSL, PKCS #1 v2.0</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RSA_private_encrypt.html">RSA_private_encrypt(3)</a>, <a href="../man3/RSA_public_decrypt.html">RSA_public_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_sign_ASN1_OCTET_STRING.html b/msys2/usr/share/doc/openssl/html/man3/RSA_sign_ASN1_OCTET_STRING.html
new file mode 100644
index 000000000..c1d7d2f37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_sign_ASN1_OCTET_STRING.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_sign_ASN1_OCTET_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING - RSA signatures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
+                                unsigned int m_len, unsigned char *sigret,
+                                unsigned int *siglen, RSA *rsa);
+
+ int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
+                                  unsigned int m_len, unsigned char *sigbuf,
+                                  unsigned int siglen, RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_sign_ASN1_OCTET_STRING() signs the octet string <b>m</b> of size <b>m_len</b> using the private key <b>rsa</b> represented in DER using PKCS #1 padding. It stores the signature in <b>sigret</b> and the signature size in <b>siglen</b>. <b>sigret</b> must point to <b>RSA_size(rsa)</b> bytes of memory.</p>
+
+<p><b>dummy</b> is ignored.</p>
+
+<p>The random number generator must be seeded prior to calling RSA_sign_ASN1_OCTET_STRING().</p>
+
+<p>RSA_verify_ASN1_OCTET_STRING() verifies that the signature <b>sigbuf</b> of size <b>siglen</b> is the DER representation of a given octet string <b>m</b> of size <b>m_len</b>. <b>dummy</b> is ignored. <b>rsa</b> is the signer&#39;s public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise. RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0 otherwise.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>These functions serve no recognizable purpose.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_size.html b/msys2/usr/share/doc/openssl/html/man3/RSA_size.html
new file mode 100644
index 000000000..109183188
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_size.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_size, RSA_bits, RSA_security_bits - get RSA modulus size or security bits</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_size(const RSA *rsa);
+
+ int RSA_bits(const RSA *rsa);
+
+ int RSA_security_bits(const RSA *rsa)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_size() returns the RSA modulus size in bytes. It can be used to determine how much memory must be allocated for an RSA encrypted value.</p>
+
+<p>RSA_bits() returns the number of significant bits.</p>
+
+<p><b>rsa</b> and <b>rsa-&gt;n</b> must not be <b>NULL</b>.</p>
+
+<p>RSA_security_bits() returns the number of security bits of the given <b>rsa</b> key. See <a href="../man3/BN_security_bits.html">BN_security_bits(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_size() returns the size of modulus in bytes.</p>
+
+<p>DSA_bits() returns the number of bits in the key.</p>
+
+<p>RSA_security_bits() returns the number of security bits.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BN_num_bits.html">BN_num_bits(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_bits() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_test_flags.html b/msys2/usr/share/doc/openssl/html/man3/RSA_test_flags.html
new file mode 100644
index 000000000..68d38cd9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_test_flags.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_get0_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_clear_flags, RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, RSA_set0_multi_prime_params, RSA_get_version - Routines for getting and setting data in an RSA object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ void RSA_get0_key(const RSA *r,
+                   const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+ void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+ void RSA_get0_crt_params(const RSA *r,
+                          const BIGNUM **dmp1, const BIGNUM **dmq1,
+                          const BIGNUM **iqmp);
+ const BIGNUM *RSA_get0_n(const RSA *d);
+ const BIGNUM *RSA_get0_e(const RSA *d);
+ const BIGNUM *RSA_get0_d(const RSA *d);
+ const BIGNUM *RSA_get0_p(const RSA *d);
+ const BIGNUM *RSA_get0_q(const RSA *d);
+ const BIGNUM *RSA_get0_dmp1(const RSA *r);
+ const BIGNUM *RSA_get0_dmq1(const RSA *r);
+ const BIGNUM *RSA_get0_iqmp(const RSA *r);
+ void RSA_clear_flags(RSA *r, int flags);
+ int RSA_test_flags(const RSA *r, int flags);
+ void RSA_set_flags(RSA *r, int flags);
+ ENGINE *RSA_get0_engine(RSA *r);
+ int RSA_get_multi_prime_extra_count(const RSA *r);
+ int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+ int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+                                     const BIGNUM *coeffs[]);
+ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+                                BIGNUM *coeffs[], int pnum);
+ int RSA_get_version(RSA *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An RSA object contains the components for the public and private key, <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b>. <b>n</b> is the modulus common to both public and private key, <b>e</b> is the public exponent and <b>d</b> is the private exponent. <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where <b>p</b> and <b>q</b> are the first and second factor of <b>n</b> and <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> are the exponents and coefficient for CRT calculations.</p>
+
+<p>For multi-prime RSA (defined in RFC 8017), there are also one or more &#39;triplet&#39; in an RSA object. A triplet contains three members, <b>r</b>, <b>d</b> and <b>t</b>. <b>r</b> is the additional prime besides <b>p</b> and <b>q</b>. <b>d</b> and <b>t</b> are the exponent and coefficient for CRT calculations.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameters can be obtained by calling RSA_get0_key(). If they have not been set yet, then <b>*n</b>, <b>*e</b> and <b>*d</b> will be set to NULL. Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.</p>
+
+<p>The <b>n</b>, <b>e</b> and <b>d</b> parameter values can be set by calling RSA_set0_key() and passing the new values for <b>n</b>, <b>e</b> and <b>d</b> as parameters to the function. The values <b>n</b> and <b>e</b> must be non-NULL the first time this function is called on a given RSA object. The value <b>d</b> may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.</p>
+
+<p>In a similar fashion, the <b>p</b> and <b>q</b> parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the <b>dmp1</b>, <b>dmq1</b> and <b>iqmp</b> parameters can be obtained and set with RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), NULL value BIGNUM ** output parameters are permitted. The functions ignore NULL parameters but return values for other, non-NULL, parameters.</p>
+
+<p>For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related CRT parameters. The return values are stored in an array of <b>BIGNUM *</b>. RSA_set0_multi_prime_params() sets a collect of multi-prime &#39;triplet&#39; members (prime, exponent and coefficient) into an RSA object.</p>
+
+<p>Any of the values <b>n</b>, <b>e</b>, <b>d</b>, <b>p</b>, <b>q</b>, <b>dmp1</b>, <b>dmq1</b>, and <b>iqmp</b> can also be retrieved separately by the corresponding function RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.</p>
+
+<p>RSA_set_flags() sets the flags in the <b>flags</b> parameter on the RSA object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the <b>flags</b> parameter are currently set in the RSA object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the RSA object.</p>
+
+<p>RSA_get0_engine() returns a handle to the ENGINE that has been set for this RSA object, or NULL if no such ENGINE has been set.</p>
+
+<p>RSA_get_version() returns the version of an RSA object <b>r</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Values retrieved with RSA_get0_key() are owned by the RSA object used in the call and may therefore <i>not</i> be passed to RSA_set0_key(). If needed, duplicate the received value using BN_dup() and pass the duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() as well as RSA_get0_crt_params() and RSA_set0_crt_params().</p>
+
+<p>The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().</p>
+
+<p>RSA_set0_multi_prime_params() always clears the original multi-prime triplets in RSA object <b>r</b> and assign the new set of triplets into it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and RSA_set0_multi_prime_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.</p>
+
+<p>RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.</p>
+
+<p>RSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional RSA and the number of extra primes for multi-prime RSA.</p>
+
+<p>RSA_get_version() returns <b>RSA_ASN1_VERSION_MULTI</b> for multi-prime RSA and <b>RSA_ASN1_VERSION_DEFAULT</b> for normal two-prime RSA, as defined in RFC 8017.</p>
+
+<p>RSA_test_flags() returns the current state of the flags in the RSA object.</p>
+
+<p>RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no ENGINE has been set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RSA_new.html">RSA_new(3)</a>, <a href="../man3/RSA_size.html">RSA_size(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.</p>
+
+<p>Other functions described here were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_verify.html b/msys2/usr/share/doc/openssl/html/man3/RSA_verify.html
new file mode 100644
index 000000000..fae589914
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_verify.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_sign, RSA_verify - RSA signatures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
+              unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+
+ int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
+                unsigned char *sigbuf, unsigned int siglen, RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_sign() signs the message digest <b>m</b> of size <b>m_len</b> using the private key <b>rsa</b> using RSASSA-PKCS1-v1_5 as specified in RFC 3447. It stores the signature in <b>sigret</b> and the signature size in <b>siglen</b>. <b>sigret</b> must point to RSA_size(<b>rsa</b>) bytes of memory. Note that PKCS #1 adds meta-data, placing limits on the size of the key that can be used. See <a href="../man3/RSA_private_encrypt.html">RSA_private_encrypt(3)</a> for lower-level operations.</p>
+
+<p><b>type</b> denotes the message digest algorithm that was used to generate <b>m</b>. If <b>type</b> is <b>NID_md5_sha1</b>, an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding and no algorithm identifier) is created.</p>
+
+<p>RSA_verify() verifies that the signature <b>sigbuf</b> of size <b>siglen</b> matches a given message digest <b>m</b> of size <b>m_len</b>. <b>type</b> denotes the message digest algorithm that was used to generate the signature. <b>rsa</b> is the signer&#39;s public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_sign() returns 1 on success. RSA_verify() returns 1 on successful verification.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>SSL, PKCS #1 v2.0</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RSA_private_encrypt.html">RSA_private_encrypt(3)</a>, <a href="../man3/RSA_public_decrypt.html">RSA_public_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/RSA_verify_ASN1_OCTET_STRING.html b/msys2/usr/share/doc/openssl/html/man3/RSA_verify_ASN1_OCTET_STRING.html
new file mode 100644
index 000000000..c1d7d2f37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/RSA_verify_ASN1_OCTET_STRING.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA_sign_ASN1_OCTET_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING - RSA signatures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rsa.h&gt;
+
+ int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
+                                unsigned int m_len, unsigned char *sigret,
+                                unsigned int *siglen, RSA *rsa);
+
+ int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
+                                  unsigned int m_len, unsigned char *sigbuf,
+                                  unsigned int siglen, RSA *rsa);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>RSA_sign_ASN1_OCTET_STRING() signs the octet string <b>m</b> of size <b>m_len</b> using the private key <b>rsa</b> represented in DER using PKCS #1 padding. It stores the signature in <b>sigret</b> and the signature size in <b>siglen</b>. <b>sigret</b> must point to <b>RSA_size(rsa)</b> bytes of memory.</p>
+
+<p><b>dummy</b> is ignored.</p>
+
+<p>The random number generator must be seeded prior to calling RSA_sign_ASN1_OCTET_STRING().</p>
+
+<p>RSA_verify_ASN1_OCTET_STRING() verifies that the signature <b>sigbuf</b> of size <b>siglen</b> is the DER representation of a given octet string <b>m</b> of size <b>m_len</b>. <b>dummy</b> is ignored. <b>rsa</b> is the signer&#39;s public key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise. RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0 otherwise.</p>
+
+<p>The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>These functions serve no recognizable purpose.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RSA_sign.html">RSA_sign(3)</a>, <a href="../man3/RSA_verify.html">RSA_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCRYPT_PARAMS_free.html b/msys2/usr/share/doc/openssl/html/man3/SCRYPT_PARAMS_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCRYPT_PARAMS_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCRYPT_PARAMS_new.html b/msys2/usr/share/doc/openssl/html/man3/SCRYPT_PARAMS_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCRYPT_PARAMS_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_free.html b/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_free.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_free.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_print.html b/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_print.html
new file mode 100644
index 000000000..dce280738
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_print.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_print, SCT_LIST_print, SCT_validation_status_string - Prints Signed Certificate Timestamps in a human-readable way</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ void SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *logs);
+ void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
+                     const char *separator, const CTLOG_STORE *logs);
+ const char *SCT_validation_status_string(const SCT *sct);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SCT_print() prints a single Signed Certificate Timestamp (SCT) to a <a href="/../man7/bio.html">bio</a> in a human-readable format. SCT_LIST_print() prints an entire list of SCTs in a similar way. A separator can be specified to delimit each SCT in the output.</p>
+
+<p>The output can be indented by a specified number of spaces. If a <b>CTLOG_STORE</b> is provided, it will be used to print the description of the CT log that issued each SCT (if that log is in the CTLOG_STORE). Alternatively, NULL can be passed as the CTLOG_STORE parameter to disable this feature.</p>
+
+<p>SCT_validation_status_string() will return the validation status of an SCT as a human-readable string. Call SCT_validate() or SCT_LIST_validate() beforehand in order to set the validation status of an SCT first.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_validation_status_string() returns a null-terminated string representing the validation status of an <b>SCT</b> object.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_validate.html b/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_validate.html
new file mode 100644
index 000000000..584eae8a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_LIST_validate.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_validate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_validate, SCT_LIST_validate, SCT_get_validation_status - checks Signed Certificate Timestamps (SCTs) are valid</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     SCT_VALIDATION_STATUS_NOT_SET,
+     SCT_VALIDATION_STATUS_UNKNOWN_LOG,
+     SCT_VALIDATION_STATUS_VALID,
+     SCT_VALIDATION_STATUS_INVALID,
+     SCT_VALIDATION_STATUS_UNVERIFIED,
+     SCT_VALIDATION_STATUS_UNKNOWN_VERSION
+ } sct_validation_status_t;
+
+ int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
+ int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx);
+ sct_validation_status_t SCT_get_validation_status(const SCT *sct);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SCT_validate() will check that an SCT is valid and verify its signature. SCT_LIST_validate() performs the same checks on an entire stack of SCTs. The result of the validation checks can be obtained by passing the SCT to SCT_get_validation_status().</p>
+
+<p>A CT_POLICY_EVAL_CTX must be provided that specifies:</p>
+
+<ul>
+
+<li><p>The certificate the SCT was issued for.</p>
+
+<p>Failure to provide the certificate will result in the validation status being SCT_VALIDATION_STATUS_UNVERIFIED.</p>
+
+</li>
+<li><p>The issuer of that certificate.</p>
+
+<p>This is only required if the SCT was issued for a pre-certificate (see RFC 6962). If it is required but not provided, the validation status will be SCT_VALIDATION_STATUS_UNVERIFIED.</p>
+
+</li>
+<li><p>A CTLOG_STORE that contains the CT log that issued this SCT.</p>
+
+<p>If the SCT was issued by a log that is not in this CTLOG_STORE, the validation status will be SCT_VALIDATION_STATUS_UNKNOWN_LOG.</p>
+
+</li>
+</ul>
+
+<p>If the SCT is of an unsupported version (only v1 is currently supported), the validation status will be SCT_VALIDATION_STATUS_UNKNOWN_VERSION.</p>
+
+<p>If the SCT&#39;s signature is incorrect, its timestamp is in the future (relative to the time in CT_POLICY_EVAL_CTX), or if it is otherwise invalid, the validation status will be SCT_VALIDATION_STATUS_INVALID.</p>
+
+<p>If all checks pass, the validation status will be SCT_VALIDATION_STATUS_VALID.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A return value of 0 from SCT_LIST_validate() should not be interpreted as a failure. At a minimum, only one valid SCT may provide sufficient confidence that a certificate has been publicly logged.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_validate() returns a negative integer if an internal error occurs, 0 if the SCT fails validation, or 1 if the SCT passes validation.</p>
+
+<p>SCT_LIST_validate() returns a negative integer if an internal error occurs, 0 if any of SCTs fails validation, or 1 if they all pass validation.</p>
+
+<p>SCT_get_validation_status() returns the validation status of the SCT. If SCT_validate() or SCT_LIST_validate() have not been passed that SCT, the returned value will be SCT_VALIDATION_STATUS_NOT_SET.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_free.html b/msys2/usr/share/doc/openssl/html/man3/SCT_free.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_free.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get0_extensions.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get0_extensions.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get0_extensions.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get0_log_id.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get0_log_id.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get0_log_id.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get0_signature.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get0_signature.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get0_signature.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get_log_entry_type.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get_log_entry_type.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get_log_entry_type.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get_signature_nid.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get_signature_nid.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get_signature_nid.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get_source.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get_source.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get_source.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get_timestamp.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get_timestamp.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get_timestamp.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get_validation_status.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get_validation_status.html
new file mode 100644
index 000000000..584eae8a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get_validation_status.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_validate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_validate, SCT_LIST_validate, SCT_get_validation_status - checks Signed Certificate Timestamps (SCTs) are valid</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     SCT_VALIDATION_STATUS_NOT_SET,
+     SCT_VALIDATION_STATUS_UNKNOWN_LOG,
+     SCT_VALIDATION_STATUS_VALID,
+     SCT_VALIDATION_STATUS_INVALID,
+     SCT_VALIDATION_STATUS_UNVERIFIED,
+     SCT_VALIDATION_STATUS_UNKNOWN_VERSION
+ } sct_validation_status_t;
+
+ int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
+ int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx);
+ sct_validation_status_t SCT_get_validation_status(const SCT *sct);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SCT_validate() will check that an SCT is valid and verify its signature. SCT_LIST_validate() performs the same checks on an entire stack of SCTs. The result of the validation checks can be obtained by passing the SCT to SCT_get_validation_status().</p>
+
+<p>A CT_POLICY_EVAL_CTX must be provided that specifies:</p>
+
+<ul>
+
+<li><p>The certificate the SCT was issued for.</p>
+
+<p>Failure to provide the certificate will result in the validation status being SCT_VALIDATION_STATUS_UNVERIFIED.</p>
+
+</li>
+<li><p>The issuer of that certificate.</p>
+
+<p>This is only required if the SCT was issued for a pre-certificate (see RFC 6962). If it is required but not provided, the validation status will be SCT_VALIDATION_STATUS_UNVERIFIED.</p>
+
+</li>
+<li><p>A CTLOG_STORE that contains the CT log that issued this SCT.</p>
+
+<p>If the SCT was issued by a log that is not in this CTLOG_STORE, the validation status will be SCT_VALIDATION_STATUS_UNKNOWN_LOG.</p>
+
+</li>
+</ul>
+
+<p>If the SCT is of an unsupported version (only v1 is currently supported), the validation status will be SCT_VALIDATION_STATUS_UNKNOWN_VERSION.</p>
+
+<p>If the SCT&#39;s signature is incorrect, its timestamp is in the future (relative to the time in CT_POLICY_EVAL_CTX), or if it is otherwise invalid, the validation status will be SCT_VALIDATION_STATUS_INVALID.</p>
+
+<p>If all checks pass, the validation status will be SCT_VALIDATION_STATUS_VALID.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A return value of 0 from SCT_LIST_validate() should not be interpreted as a failure. At a minimum, only one valid SCT may provide sufficient confidence that a certificate has been publicly logged.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_validate() returns a negative integer if an internal error occurs, 0 if the SCT fails validation, or 1 if the SCT passes validation.</p>
+
+<p>SCT_LIST_validate() returns a negative integer if an internal error occurs, 0 if any of SCTs fails validation, or 1 if they all pass validation.</p>
+
+<p>SCT_get_validation_status() returns the validation status of the SCT. If SCT_validate() or SCT_LIST_validate() have not been passed that SCT, the returned value will be SCT_VALIDATION_STATUS_NOT_SET.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_get_version.html b/msys2/usr/share/doc/openssl/html/man3/SCT_get_version.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_get_version.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_new.html b/msys2/usr/share/doc/openssl/html/man3/SCT_new.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_new.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_new_from_base64.html b/msys2/usr/share/doc/openssl/html/man3/SCT_new_from_base64.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_new_from_base64.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_print.html b/msys2/usr/share/doc/openssl/html/man3/SCT_print.html
new file mode 100644
index 000000000..dce280738
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_print.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_print, SCT_LIST_print, SCT_validation_status_string - Prints Signed Certificate Timestamps in a human-readable way</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ void SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *logs);
+ void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
+                     const char *separator, const CTLOG_STORE *logs);
+ const char *SCT_validation_status_string(const SCT *sct);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SCT_print() prints a single Signed Certificate Timestamp (SCT) to a <a href="/../man7/bio.html">bio</a> in a human-readable format. SCT_LIST_print() prints an entire list of SCTs in a similar way. A separator can be specified to delimit each SCT in the output.</p>
+
+<p>The output can be indented by a specified number of spaces. If a <b>CTLOG_STORE</b> is provided, it will be used to print the description of the CT log that issued each SCT (if that log is in the CTLOG_STORE). Alternatively, NULL can be passed as the CTLOG_STORE parameter to disable this feature.</p>
+
+<p>SCT_validation_status_string() will return the validation status of an SCT as a human-readable string. Call SCT_validate() or SCT_LIST_validate() beforehand in order to set the validation status of an SCT first.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_validation_status_string() returns a null-terminated string representing the validation status of an <b>SCT</b> object.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set0_extensions.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set0_extensions.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set0_extensions.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set0_log_id.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set0_log_id.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set0_log_id.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set0_signature.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set0_signature.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set0_signature.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set1_extensions.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set1_extensions.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set1_extensions.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set1_log_id.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set1_log_id.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set1_log_id.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set1_signature.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set1_signature.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set1_signature.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set_log_entry_type.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set_log_entry_type.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set_log_entry_type.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set_signature_nid.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set_signature_nid.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set_signature_nid.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set_source.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set_source.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set_source.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set_timestamp.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set_timestamp.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set_timestamp.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_set_version.html b/msys2/usr/share/doc/openssl/html/man3/SCT_set_version.html
new file mode 100644
index 000000000..5d822d5f1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_set_version.html
@@ -0,0 +1,199 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_new, SCT_new_from_base64, SCT_free, SCT_LIST_free, SCT_get_version, SCT_set_version, SCT_get_log_entry_type, SCT_set_log_entry_type, SCT_get0_log_id, SCT_set0_log_id, SCT_set1_log_id, SCT_get_timestamp, SCT_set_timestamp, SCT_get_signature_nid, SCT_set_signature_nid, SCT_get0_signature, SCT_set0_signature, SCT_set1_signature, SCT_get0_extensions, SCT_set0_extensions, SCT_set1_extensions, SCT_get_source, SCT_set_source - A Certificate Transparency Signed Certificate Timestamp</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+     CT_LOG_ENTRY_TYPE_X509 = 0,
+     CT_LOG_ENTRY_TYPE_PRECERT = 1
+ } ct_log_entry_type_t;
+
+ typedef enum {
+     SCT_VERSION_NOT_SET = -1,
+     SCT_VERSION_V1 = 0
+ } sct_version_t;
+
+ typedef enum {
+     SCT_SOURCE_UNKNOWN,
+     SCT_SOURCE_TLS_EXTENSION,
+     SCT_SOURCE_X509V3_EXTENSION,
+     SCT_SOURCE_OCSP_STAPLED_RESPONSE
+ } sct_source_t;
+
+ SCT *SCT_new(void);
+ SCT *SCT_new_from_base64(unsigned char version,
+                          const char *logid_base64,
+                          ct_log_entry_type_t entry_type,
+                          uint64_t timestamp,
+                          const char *extensions_base64,
+                          const char *signature_base64);
+
+ void SCT_free(SCT *sct);
+ void SCT_LIST_free(STACK_OF(SCT) *a);
+
+ sct_version_t SCT_get_version(const SCT *sct);
+ int SCT_set_version(SCT *sct, sct_version_t version);
+
+ ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+ int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+ size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
+
+ uint64_t SCT_get_timestamp(const SCT *sct);
+ void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+ int SCT_get_signature_nid(const SCT *sct);
+ int SCT_set_signature_nid(SCT *sct, int nid);
+
+ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
+
+ size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+ void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
+
+ sct_source_t SCT_get_source(const SCT *sct);
+ int SCT_set_source(SCT *sct, sct_source_t source);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Signed Certificate Timestamps (SCTs) are defined by RFC 6962, Section 3.2. They constitute a promise by a Certificate Transparency (CT) log to publicly record a certificate. By cryptographically verifying that a log did indeed issue an SCT, some confidence can be gained that the certificate is publicly known.</p>
+
+<p>An internal representation of an SCT can be created in one of two ways. The first option is to create a blank SCT, using SCT_new(), and then populate it using:</p>
+
+<ul>
+
+<li><p>SCT_set_version() to set the SCT version.</p>
+
+<p>Only SCT_VERSION_V1 is currently supported.</p>
+
+</li>
+<li><p>SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:</p>
+
+<p><b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy. See RFC 6962, Section 3.2 for the definition of LogID.</p>
+
+</li>
+<li><p>SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>SCT_set_signature_nid() to set the NID of the signature.</p>
+
+</li>
+<li><p>SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+<li><p>SCT_set0_extensions() or <b>SCT_set1_extensions</b> to provide SCT extensions.</p>
+
+<p>The former takes ownership, whereas the latter makes a copy.</p>
+
+</li>
+</ul>
+
+<p>Alternatively, the SCT can be pre-populated from the following data using SCT_new_from_base64():</p>
+
+<ul>
+
+<li><p>The SCT version (only SCT_VERSION_V1 is currently supported).</p>
+
+</li>
+<li><p>The LogID (see RFC 6962, Section 3.2), base64 encoded.</p>
+
+</li>
+<li><p>The type of certificate the SCT was issued for: <b>CT_LOG_ENTRY_TYPE_X509</b> for a normal certificate. <b>CT_LOG_ENTRY_TYPE_PRECERT</b> for a pre-certificate.</p>
+
+</li>
+<li><p>The time that the SCT was issued (epoch time in milliseconds).</p>
+
+</li>
+<li><p>The SCT extensions, base64 encoded.</p>
+
+</li>
+<li><p>The SCT signature, base64 encoded.</p>
+
+</li>
+</ul>
+
+<p>SCT_set_source() can be used to record where the SCT was found (TLS extension, X.509 certificate extension or OCSP response). This is not required for verifying the SCT.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the setters return int, instead of void. These will all return 1 on success, 0 on failure. They will not make changes on failure.</p>
+
+<p>All of the setters will reset the validation status of the SCT to SCT_VALIDATION_STATUS_NOT_SET (see <a href="../man3/SCT_validate.html">SCT_validate(3)</a>).</p>
+
+<p>SCT_set_source() will call SCT_set_log_entry_type() if the type of certificate the SCT was issued for can be inferred from where the SCT was found. For example, an SCT found in an X.509 extension must have been issued for a pre- certificate.</p>
+
+<p>SCT_set_source() will not refuse unknown values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.</p>
+
+<p>SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.</p>
+
+<p>SCT_set0_log_id() and <b>SCT_set1_log_id</b> return 1 if the specified LogID is a valid SHA-256 hash, 0 otherwise. Additionally, <b>SCT_set1_log_id</b> returns 0 if malloc fails.</p>
+
+<p><b>SCT_set_signature_nid</b> returns 1 if the specified NID is supported, 0 otherwise.</p>
+
+<p><b>SCT_set1_extensions</b> and <b>SCT_set1_signature</b> return 1 if the supplied buffer is copied successfully, 0 otherwise (i.e. if malloc fails).</p>
+
+<p><b>SCT_set_source</b> returns 1 on success, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_validate.html b/msys2/usr/share/doc/openssl/html/man3/SCT_validate.html
new file mode 100644
index 000000000..584eae8a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_validate.html
@@ -0,0 +1,108 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_validate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_validate, SCT_LIST_validate, SCT_get_validation_status - checks Signed Certificate Timestamps (SCTs) are valid</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ typedef enum {
+     SCT_VALIDATION_STATUS_NOT_SET,
+     SCT_VALIDATION_STATUS_UNKNOWN_LOG,
+     SCT_VALIDATION_STATUS_VALID,
+     SCT_VALIDATION_STATUS_INVALID,
+     SCT_VALIDATION_STATUS_UNVERIFIED,
+     SCT_VALIDATION_STATUS_UNKNOWN_VERSION
+ } sct_validation_status_t;
+
+ int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
+ int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx);
+ sct_validation_status_t SCT_get_validation_status(const SCT *sct);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SCT_validate() will check that an SCT is valid and verify its signature. SCT_LIST_validate() performs the same checks on an entire stack of SCTs. The result of the validation checks can be obtained by passing the SCT to SCT_get_validation_status().</p>
+
+<p>A CT_POLICY_EVAL_CTX must be provided that specifies:</p>
+
+<ul>
+
+<li><p>The certificate the SCT was issued for.</p>
+
+<p>Failure to provide the certificate will result in the validation status being SCT_VALIDATION_STATUS_UNVERIFIED.</p>
+
+</li>
+<li><p>The issuer of that certificate.</p>
+
+<p>This is only required if the SCT was issued for a pre-certificate (see RFC 6962). If it is required but not provided, the validation status will be SCT_VALIDATION_STATUS_UNVERIFIED.</p>
+
+</li>
+<li><p>A CTLOG_STORE that contains the CT log that issued this SCT.</p>
+
+<p>If the SCT was issued by a log that is not in this CTLOG_STORE, the validation status will be SCT_VALIDATION_STATUS_UNKNOWN_LOG.</p>
+
+</li>
+</ul>
+
+<p>If the SCT is of an unsupported version (only v1 is currently supported), the validation status will be SCT_VALIDATION_STATUS_UNKNOWN_VERSION.</p>
+
+<p>If the SCT&#39;s signature is incorrect, its timestamp is in the future (relative to the time in CT_POLICY_EVAL_CTX), or if it is otherwise invalid, the validation status will be SCT_VALIDATION_STATUS_INVALID.</p>
+
+<p>If all checks pass, the validation status will be SCT_VALIDATION_STATUS_VALID.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A return value of 0 from SCT_LIST_validate() should not be interpreted as a failure. At a minimum, only one valid SCT may provide sufficient confidence that a certificate has been publicly logged.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_validate() returns a negative integer if an internal error occurs, 0 if the SCT fails validation, or 1 if the SCT passes validation.</p>
+
+<p>SCT_LIST_validate() returns a negative integer if an internal error occurs, 0 if any of SCTs fails validation, or 1 if they all pass validation.</p>
+
+<p>SCT_get_validation_status() returns the validation status of the SCT. If SCT_validate() or SCT_LIST_validate() have not been passed that SCT, the returned value will be SCT_VALIDATION_STATUS_NOT_SET.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SCT_validation_status_string.html b/msys2/usr/share/doc/openssl/html/man3/SCT_validation_status_string.html
new file mode 100644
index 000000000..dce280738
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SCT_validation_status_string.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SCT_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SCT_print, SCT_LIST_print, SCT_validation_status_string - Prints Signed Certificate Timestamps in a human-readable way</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ void SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *logs);
+ void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
+                     const char *separator, const CTLOG_STORE *logs);
+ const char *SCT_validation_status_string(const SCT *sct);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SCT_print() prints a single Signed Certificate Timestamp (SCT) to a <a href="/../man7/bio.html">bio</a> in a human-readable format. SCT_LIST_print() prints an entire list of SCTs in a similar way. A separator can be specified to delimit each SCT in the output.</p>
+
+<p>The output can be indented by a specified number of spaces. If a <b>CTLOG_STORE</b> is provided, it will be used to print the description of the CT log that issued each SCT (if that log is in the CTLOG_STORE). Alternatively, NULL can be passed as the CTLOG_STORE parameter to disable this feature.</p>
+
+<p>SCT_validation_status_string() will return the validation status of an SCT as a human-readable string. Call SCT_validate() or SCT_LIST_validate() beforehand in order to set the validation status of an SCT first.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SCT_validation_status_string() returns a null-terminated string representing the validation status of an <b>SCT</b> object.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA1.html b/msys2/usr/share/doc/openssl/html/man3/SHA1.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA1.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA1_Final.html b/msys2/usr/share/doc/openssl/html/man3/SHA1_Final.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA1_Final.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA1_Init.html b/msys2/usr/share/doc/openssl/html/man3/SHA1_Init.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA1_Init.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA1_Update.html b/msys2/usr/share/doc/openssl/html/man3/SHA1_Update.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA1_Update.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA224.html b/msys2/usr/share/doc/openssl/html/man3/SHA224.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA224.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA224_Final.html b/msys2/usr/share/doc/openssl/html/man3/SHA224_Final.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA224_Final.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA224_Init.html b/msys2/usr/share/doc/openssl/html/man3/SHA224_Init.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA224_Init.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA224_Update.html b/msys2/usr/share/doc/openssl/html/man3/SHA224_Update.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA224_Update.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA256.html b/msys2/usr/share/doc/openssl/html/man3/SHA256.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA256.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA256_Final.html b/msys2/usr/share/doc/openssl/html/man3/SHA256_Final.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA256_Final.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA256_Init.html b/msys2/usr/share/doc/openssl/html/man3/SHA256_Init.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA256_Init.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA256_Update.html b/msys2/usr/share/doc/openssl/html/man3/SHA256_Update.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA256_Update.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA384.html b/msys2/usr/share/doc/openssl/html/man3/SHA384.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA384.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA384_Final.html b/msys2/usr/share/doc/openssl/html/man3/SHA384_Final.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA384_Final.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA384_Init.html b/msys2/usr/share/doc/openssl/html/man3/SHA384_Init.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA384_Init.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA384_Update.html b/msys2/usr/share/doc/openssl/html/man3/SHA384_Update.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA384_Update.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA512.html b/msys2/usr/share/doc/openssl/html/man3/SHA512.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA512.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA512_Final.html b/msys2/usr/share/doc/openssl/html/man3/SHA512_Final.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA512_Final.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA512_Init.html b/msys2/usr/share/doc/openssl/html/man3/SHA512_Init.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA512_Init.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SHA512_Update.html b/msys2/usr/share/doc/openssl/html/man3/SHA512_Update.html
new file mode 100644
index 000000000..64b9223f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SHA512_Update.html
@@ -0,0 +1,107 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SHA256_Init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SHA1, SHA1_Init, SHA1_Update, SHA1_Final, SHA224, SHA224_Init, SHA224_Update, SHA224_Final, SHA256, SHA256_Init, SHA256_Update, SHA256_Final, SHA384, SHA384_Init, SHA384_Update, SHA384_Final, SHA512, SHA512_Init, SHA512_Update, SHA512_Final - Secure Hash Algorithm</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/sha.h&gt;
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+ unsigned char *SHA1(const unsigned char *d, size_t n,
+                     unsigned char *md);
+
+ int SHA224_Init(SHA256_CTX *c);
+ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA224(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA256_Init(SHA256_CTX *c);
+ int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+ int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+ unsigned char *SHA256(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA384_Init(SHA512_CTX *c);
+ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA384(const unsigned char *d, size_t n,
+                       unsigned char *md);
+
+ int SHA512_Init(SHA512_CTX *c);
+ int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+ int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+ unsigned char *SHA512(const unsigned char *d, size_t n,
+                       unsigned char *md);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications should use the higher level functions <a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a> etc. instead of calling the hash functions directly.</p>
+
+<p>SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a 160 bit output.</p>
+
+<p>SHA1() computes the SHA-1 message digest of the <b>n</b> bytes at <b>d</b> and places it in <b>md</b> (which must have space for SHA_DIGEST_LENGTH == 20 bytes of output). If <b>md</b> is NULL, the digest is placed in a static array. Note: setting <b>md</b> to NULL is <b>not thread safe</b>.</p>
+
+<p>The following functions may be used if the message is not completely stored in memory:</p>
+
+<p>SHA1_Init() initializes a <b>SHA_CTX</b> structure.</p>
+
+<p>SHA1_Update() can be called repeatedly with chunks of the message to be hashed (<b>len</b> bytes at <b>data</b>).</p>
+
+<p>SHA1_Final() places the message digest in <b>md</b>, which must have space for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the <b>SHA_CTX</b>.</p>
+
+<p>The SHA224, SHA256, SHA384 and SHA512 families of functions operate in the same way as for the SHA1 functions. Note that SHA224 and SHA256 use a <b>SHA256_CTX</b> object instead of <b>SHA_CTX</b>. SHA384 and SHA512 use <b>SHA512_CTX</b>. The buffer <b>md</b> must have space for the output from the SHA variant being used (defined by SHA224_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA384_DIGEST_LENGTH and SHA512_DIGEST_LENGTH). Also note that, as for the SHA1() function above, the SHA224(), SHA256(), SHA384() and SHA512() functions are not thread safe if <b>md</b> is NULL.</p>
+
+<p>The predecessor of SHA-1, SHA, is also implemented, but it should be used only when backward compatibility is required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SHA1(), SHA224(), SHA256(), SHA384() and SHA512() return a pointer to the hash value.</p>
+
+<p>SHA1_Init(), SHA1_Update() and SHA1_Final() and equivalent SHA224, SHA256, SHA384 and SHA512 functions return 1 for success, 0 otherwise.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>US Federal Information Processing Standard FIPS PUB 180-4 (Secure Hash Standard), ANSI X9.30</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SMIME_read_CMS.html b/msys2/usr/share/doc/openssl/html/man3/SMIME_read_CMS.html
new file mode 100644
index 000000000..f52ef0c46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SMIME_read_CMS.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SMIME_read_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SMIME_read_CMS - parse S/MIME message</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ CMS_ContentInfo *SMIME_read_CMS(BIO *in, BIO **bcont);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SMIME_read_CMS() parses a message in S/MIME format.</p>
+
+<p><b>in</b> is a BIO to read the message from.</p>
+
+<p>If cleartext signing is used then the content is saved in a memory bio which is written to <b>*bcont</b>, otherwise <b>*bcont</b> is set to NULL.</p>
+
+<p>The parsed CMS_ContentInfo structure is returned or NULL if an error occurred.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If <b>*bcont</b> is not NULL then the message is clear text signed. <b>*bcont</b> can then be passed to CMS_verify() with the <b>CMS_DETACHED</b> flag set.</p>
+
+<p>Otherwise the type of the returned structure can be determined using CMS_get0_type().</p>
+
+<p>To support future functionality if <b>bcont</b> is not NULL <b>*bcont</b> should be initialized to NULL. For example:</p>
+
+<pre><code> BIO *cont = NULL;
+ CMS_ContentInfo *cms;
+
+ cms = SMIME_read_CMS(in, &amp;cont);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The MIME parser used by SMIME_read_CMS() is somewhat primitive. While it will handle most S/MIME messages more complex compound formats may not work.</p>
+
+<p>The parser assumes that the CMS_ContentInfo structure is always base64 encoded and will not handle the case where it is in binary format or uses quoted printable format.</p>
+
+<p>The use of a memory BIO to hold the signed content limits the size of message which can be processed due to memory restraints: a streaming single pass option should be available.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SMIME_read_CMS() returns a valid <b>CMS_ContentInfo</b> structure or <b>NULL</b> if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_type.html">CMS_type(3)</a>, <a href="../man3/SMIME_read_CMS.html">SMIME_read_CMS(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a>, <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SMIME_read_PKCS7.html b/msys2/usr/share/doc/openssl/html/man3/SMIME_read_PKCS7.html
new file mode 100644
index 000000000..2531ea108
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SMIME_read_PKCS7.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SMIME_read_PKCS7</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SMIME_read_PKCS7 - parse S/MIME message</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SMIME_read_PKCS7() parses a message in S/MIME format.</p>
+
+<p><b>in</b> is a BIO to read the message from.</p>
+
+<p>If cleartext signing is used then the content is saved in a memory bio which is written to <b>*bcont</b>, otherwise <b>*bcont</b> is set to <b>NULL</b>.</p>
+
+<p>The parsed PKCS#7 structure is returned or <b>NULL</b> if an error occurred.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If <b>*bcont</b> is not <b>NULL</b> then the message is clear text signed. <b>*bcont</b> can then be passed to PKCS7_verify() with the <b>PKCS7_DETACHED</b> flag set.</p>
+
+<p>Otherwise the type of the returned structure can be determined using PKCS7_type_is_enveloped(), etc.</p>
+
+<p>To support future functionality if <b>bcont</b> is not <b>NULL</b> <b>*bcont</b> should be initialized to <b>NULL</b>. For example:</p>
+
+<pre><code> BIO *cont = NULL;
+ PKCS7 *p7;
+
+ p7 = SMIME_read_PKCS7(in, &amp;cont);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The MIME parser used by SMIME_read_PKCS7() is somewhat primitive. While it will handle most S/MIME messages more complex compound formats may not work.</p>
+
+<p>The parser assumes that the PKCS7 structure is always base64 encoded and will not handle the case where it is in binary format or uses quoted printable format.</p>
+
+<p>The use of a memory BIO to hold the signed content limits the size of message which can be processed due to memory restraints: a streaming single pass option should be available.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SMIME_read_PKCS7() returns a valid <b>PKCS7</b> structure or <b>NULL</b> if an error occurred. The error can be obtained from ERR_get_error(3).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/SMIME_read_PKCS7.html">SMIME_read_PKCS7(3)</a>, <a href="../man3/PKCS7_sign.html">PKCS7_sign(3)</a>, <a href="../man3/PKCS7_verify.html">PKCS7_verify(3)</a>, <a href="../man3/PKCS7_encrypt.html">PKCS7_encrypt(3)</a> <a href="../man3/PKCS7_decrypt.html">PKCS7_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SMIME_write_CMS.html b/msys2/usr/share/doc/openssl/html/man3/SMIME_write_CMS.html
new file mode 100644
index 000000000..af395e487
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SMIME_write_CMS.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SMIME_write_CMS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SMIME_write_CMS - convert CMS structure to S/MIME format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int SMIME_write_CMS(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SMIME_write_CMS() adds the appropriate MIME headers to a CMS structure to produce an S/MIME message.</p>
+
+<p><b>out</b> is the BIO to write the data to. <b>cms</b> is the appropriate <b>CMS_ContentInfo</b> structure. If streaming is enabled then the content must be supplied in the <b>data</b> argument. <b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following flags can be passed in the <b>flags</b> parameter.</p>
+
+<p>If <b>CMS_DETACHED</b> is set then cleartext signing will be used, this option only makes sense for SignedData where <b>CMS_DETACHED</b> is also set when CMS_sign() is called.</p>
+
+<p>If the <b>CMS_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are added to the content, this only makes sense if <b>CMS_DETACHED</b> is also set.</p>
+
+<p>If the <b>CMS_STREAM</b> flag is set streaming is performed. This flag should only be set if <b>CMS_STREAM</b> was also set in the previous call to a CMS_ContentInfo creation function.</p>
+
+<p>If cleartext signing is being used and <b>CMS_STREAM</b> not set then the data must be read twice: once to compute the signature in CMS_sign() and once to output the S/MIME message.</p>
+
+<p>If streaming is performed the content is output in BER format using indefinite length constructed encoding except in the case of signed data with detached content where the content is absent and DER format is used.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>SMIME_write_CMS() always base64 encodes CMS structures, there should be an option to disable this.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SMIME_write_CMS() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a> <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SMIME_write_PKCS7.html b/msys2/usr/share/doc/openssl/html/man3/SMIME_write_PKCS7.html
new file mode 100644
index 000000000..39cefbeca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SMIME_write_PKCS7.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SMIME_write_PKCS7</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SMIME_write_PKCS7 - convert PKCS#7 structure to S/MIME format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7 structure to produce an S/MIME message.</p>
+
+<p><b>out</b> is the BIO to write the data to. <b>p7</b> is the appropriate <b>PKCS7</b> structure. If streaming is enabled then the content must be supplied in the <b>data</b> argument. <b>flags</b> is an optional set of flags.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following flags can be passed in the <b>flags</b> parameter.</p>
+
+<p>If <b>PKCS7_DETACHED</b> is set then cleartext signing will be used, this option only makes sense for signedData where <b>PKCS7_DETACHED</b> is also set when PKCS7_sign() is also called.</p>
+
+<p>If the <b>PKCS7_TEXT</b> flag is set MIME headers for type <b>text/plain</b> are added to the content, this only makes sense if <b>PKCS7_DETACHED</b> is also set.</p>
+
+<p>If the <b>PKCS7_STREAM</b> flag is set streaming is performed. This flag should only be set if <b>PKCS7_STREAM</b> was also set in the previous call to PKCS7_sign() or PKCS7_encrypt().</p>
+
+<p>If cleartext signing is being used and <b>PKCS7_STREAM</b> not set then the data must be read twice: once to compute the signature in PKCS7_sign() and once to output the S/MIME message.</p>
+
+<p>If streaming is performed the content is output in BER format using indefinite length constructed encoding except in the case of signed data with detached content where the content is absent and DER format is used.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there should be an option to disable this.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SMIME_write_PKCS7() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_sign.html">PKCS7_sign(3)</a>, <a href="../man3/PKCS7_verify.html">PKCS7_verify(3)</a>, <a href="../man3/PKCS7_encrypt.html">PKCS7_encrypt(3)</a> <a href="../man3/PKCS7_decrypt.html">PKCS7_decrypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_description.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_description.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_description.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_find.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_find.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_find.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_auth_nid.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_auth_nid.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_auth_nid.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_bits.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_bits.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_bits.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_cipher_nid.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_cipher_nid.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_cipher_nid.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_digest_nid.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_digest_nid.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_digest_nid.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_handshake_digest.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_handshake_digest.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_handshake_digest.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_id.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_id.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_kx_nid.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_kx_nid.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_kx_nid.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_name.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_name.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_name.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_protocol_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_protocol_id.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_protocol_id.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_version.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_get_version.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_is_aead.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_is_aead.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_is_aead.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_standard_name.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_standard_name.html
new file mode 100644
index 000000000..f885fc00e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CIPHER_standard_name.html
@@ -0,0 +1,181 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CIPHER_get_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CIPHER_get_name, SSL_CIPHER_standard_name, OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, SSL_CIPHER_get_cipher_nid, SSL_CIPHER_get_digest_nid, SSL_CIPHER_get_handshake_digest, SSL_CIPHER_get_kx_nid, SSL_CIPHER_get_auth_nid, SSL_CIPHER_is_aead, SSL_CIPHER_find, SSL_CIPHER_get_id, SSL_CIPHER_get_protocol_id - get SSL_CIPHER properties</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher);
+ const char *OPENSSL_cipher_name(const char *stdname);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+ int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+ const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+ int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+ const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+ uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+ uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CIPHER_get_name() returns a pointer to the name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;.</p>
+
+<p>SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of <b>cipher</b>. If the <b>cipher</b> is NULL, it returns &quot;(NONE)&quot;. If the <b>cipher</b> has no standard name, it returns <b>NULL</b>. If <b>cipher</b> was defined in both SSLv3 and TLS, it returns the TLS name.</p>
+
+<p>OPENSSL_cipher_name() returns a pointer to the OpenSSL name of <b>stdname</b>. If the <b>stdname</b> is NULL, or <b>stdname</b> has no corresponding OpenSSL name, it returns &quot;(NONE)&quot;. Where both exist, <b>stdname</b> should be the TLS name rather than the SSLv3 name.</p>
+
+<p>SSL_CIPHER_get_bits() returns the number of secret bits used for <b>cipher</b>. If <b>cipher</b> is NULL, 0 is returned.</p>
+
+<p>SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol version that first defined the cipher. It returns &quot;(NONE)&quot; if <b>cipher</b> is NULL.</p>
+
+<p>SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to <b>c</b>. If there is no cipher (e.g. for cipher suites with no encryption) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC used by <b>c</b> during record encryption/decryption. If there is no digest (e.g. for AEAD cipher suites) then <b>NID_undef</b> is returned.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns an EVP_MD for the digest used during the SSL/TLS handshake when using the SSL_CIPHER <b>c</b>. Note that this may be different to the digest used to calculate the MAC for encrypted records.</p>
+
+<p>SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method used by <b>c</b>. If there is no key exchange, then <b>NID_undef</b> is returned. If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_kx_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_kx_rsa
+ NID_kx_ecdhe
+ NID_kx_dhe
+ NID_kx_psk</code></pre>
+
+<p>SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method used by <b>c</b>. If there is no authentication, then <b>NID_undef</b> is returned. If any appropriate authentication algorithm can be used (as in the case of TLS 1.3 cipher suites) <b>NID_auth_any</b> is returned. Examples (not comprehensive):</p>
+
+<pre><code> NID_auth_rsa
+ NID_auth_ecdsa
+ NID_auth_psk</code></pre>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher <b>c</b> is AEAD (e.g. GCM or ChaCha20/Poly1305), and 0 if it is not AEAD.</p>
+
+<p>SSL_CIPHER_find() returns a <b>SSL_CIPHER</b> structure which has the cipher ID stored in <b>ptr</b>. The <b>ptr</b> parameter is a two element array of <b>char</b>, which stores the two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter is usually retrieved from a TLS packet by using functions like <a href="../man3/SSL_client_hello_get0_ciphers.html">SSL_client_hello_get0_ciphers(3)</a>. SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.</p>
+
+<p>SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher <b>c</b>. That ID is not the same as the IANA-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns the two-byte ID used in the TLS protocol of the given cipher <b>c</b>.</p>
+
+<p>SSL_CIPHER_description() returns a textual description of the cipher used into the buffer <b>buf</b> of length <b>len</b> provided. If <b>buf</b> is provided, it must be at least 128 bytes, otherwise a buffer will be allocated using OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails, <b>NULL</b> is returned.</p>
+
+<p>The string returned by SSL_CIPHER_description() consists of several fields separated by whitespace:</p>
+
+<dl>
+
+<dt id="ciphername">&lt;ciphername&gt;</dt>
+<dd>
+
+<p>Textual representation of the cipher name.</p>
+
+</dd>
+<dt id="protocol-version">&lt;protocol version&gt;</dt>
+<dd>
+
+<p>Protocol version, such as <b>TLSv1.2</b>, when the cipher was first defined.</p>
+
+</dd>
+<dt id="Kx-key-exchange">Kx=&lt;key exchange&gt;</dt>
+<dd>
+
+<p>Key exchange method such as <b>RSA</b>, <b>ECDHE</b>, etc.</p>
+
+</dd>
+<dt id="Au-authentication">Au=&lt;authentication&gt;</dt>
+<dd>
+
+<p>Authentication method such as <b>RSA</b>, <b>None</b>, etc.. None is the representation of anonymous ciphers.</p>
+
+</dd>
+<dt id="Enc-symmetric-encryption-method">Enc=&lt;symmetric encryption method&gt;</dt>
+<dd>
+
+<p>Encryption method, with number of secret bits, such as <b>AESGCM(128)</b>.</p>
+
+</dd>
+<dt id="Mac-message-authentication-code">Mac=&lt;message authentication code&gt;</dt>
+<dd>
+
+<p>Message digest, such as <b>SHA256</b>.</p>
+
+</dd>
+</dl>
+
+<p>Some examples for the output of SSL_CIPHER_description():</p>
+
+<pre><code> ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
+ RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding value in a null-terminated string for a specific cipher or &quot;(NONE)&quot; if the cipher is not found.</p>
+
+<p>SSL_CIPHER_get_bits() returns a positive integer representing the number of secret bits or 0 if an error occurred.</p>
+
+<p>SSL_CIPHER_get_cipher_nid(), SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid() return the NID value or <b>NID_undef</b> if an error occurred.</p>
+
+<p>SSL_CIPHER_get_handshake_digest() returns a valid <b>EVP_MD</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_is_aead() returns 1 if the cipher is AEAD or 0 otherwise.</p>
+
+<p>SSL_CIPHER_find() returns a valid <b>SSL_CIPHER</b> structure or NULL if an error occurred.</p>
+
+<p>SSL_CIPHER_get_id() returns a 4-byte integer representing the OpenSSL-specific ID.</p>
+
+<p>SSL_CIPHER_get_protocol_id() returns a 2-byte integer representing the TLS protocol-specific ID.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CIPHER_get_version() function was updated to always return the correct protocol string in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_description() function was changed to return <b>NULL</b> on error, rather than a fixed string, in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CIPHER_get_handshake_digest() function was added in OpenSSL 1.1.1.</p>
+
+<p>The SSL_CIPHER_standard_name() function was globally available in OpenSSL 1.1.1. Before OpenSSL 1.1.1, tracing (<b>enable-ssl-trace</b> argument to Configure) was required to enable this function.</p>
+
+<p>The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_current_cipher.html">SSL_get_current_cipher(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_add_compression_method.html b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_add_compression_method.html
new file mode 100644
index 000000000..9244fab68
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_add_compression_method.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_COMP_add_compression_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_COMP_add_compression_method, SSL_COMP_get_compression_methods, SSL_COMP_get0_name, SSL_COMP_get_id, SSL_COMP_free_compression_methods - handle SSL/TLS integrated compression methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+ STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+ const char *SSL_COMP_get0_name(const SSL_COMP *comp);
+ int SSL_COMP_get_id(const SSL_COMP *comp);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void SSL_COMP_free_compression_methods(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_COMP_add_compression_method() adds the compression method <b>cm</b> with the identifier <b>id</b> to the list of available compression methods. This list is globally maintained for all SSL operations within this application. It cannot be set for specific SSL_CTX or SSL objects.</p>
+
+<p>SSL_COMP_get_compression_methods() returns a stack of all of the available compression methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_get_id() returns the id of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_free_compression_methods() releases any resources acquired to maintain the internal table of compression methods.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The TLS standard (or SSLv3) allows the integration of compression methods into the communication. The TLS RFC does however not specify compression methods or their corresponding identifiers, so there is currently no compatible way to integrate compression with unknown peers. It is therefore currently not recommended to integrate compression into applications. Applications for non-public use may agree on certain compression methods. Using different compression methods with the same identifier will lead to connection failure.</p>
+
+<p>An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1) will unconditionally send the list of all compression methods enabled with SSL_COMP_add_compression_method() to the server during the handshake. Unlike the mechanisms to set a cipher list, there is no method available to restrict the list of compression method on a per connection basis.</p>
+
+<p>An OpenSSL server will match the identifiers listed by a client against its own compression methods and will unconditionally activate compression when a matching identifier is found. There is no way to restrict the list of compression methods supported on a per connection basis.</p>
+
+<p>If enabled during compilation, the OpenSSL library will have the COMP_zlib() compression method available.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_COMP_add_compression_method() may return the following values:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation failed. Check the error queue to find out the reason.</p>
+
+</dd>
+</dl>
+
+<p>SSL_COMP_get_compression_methods() returns the stack of compressions methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method or NULL on error.</p>
+
+<p>SSL_COMP_get_id() returns the name of the compression method or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_COMP_free_compression_methods() function was deprecated in OpenSSL 1.1.0. The SSL_COMP_get0_name() and SSL_comp_get_id() functions were added in OpenSSL 1.1.0d.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_free_compression_methods.html b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_free_compression_methods.html
new file mode 100644
index 000000000..9244fab68
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_free_compression_methods.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_COMP_add_compression_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_COMP_add_compression_method, SSL_COMP_get_compression_methods, SSL_COMP_get0_name, SSL_COMP_get_id, SSL_COMP_free_compression_methods - handle SSL/TLS integrated compression methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+ STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+ const char *SSL_COMP_get0_name(const SSL_COMP *comp);
+ int SSL_COMP_get_id(const SSL_COMP *comp);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void SSL_COMP_free_compression_methods(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_COMP_add_compression_method() adds the compression method <b>cm</b> with the identifier <b>id</b> to the list of available compression methods. This list is globally maintained for all SSL operations within this application. It cannot be set for specific SSL_CTX or SSL objects.</p>
+
+<p>SSL_COMP_get_compression_methods() returns a stack of all of the available compression methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_get_id() returns the id of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_free_compression_methods() releases any resources acquired to maintain the internal table of compression methods.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The TLS standard (or SSLv3) allows the integration of compression methods into the communication. The TLS RFC does however not specify compression methods or their corresponding identifiers, so there is currently no compatible way to integrate compression with unknown peers. It is therefore currently not recommended to integrate compression into applications. Applications for non-public use may agree on certain compression methods. Using different compression methods with the same identifier will lead to connection failure.</p>
+
+<p>An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1) will unconditionally send the list of all compression methods enabled with SSL_COMP_add_compression_method() to the server during the handshake. Unlike the mechanisms to set a cipher list, there is no method available to restrict the list of compression method on a per connection basis.</p>
+
+<p>An OpenSSL server will match the identifiers listed by a client against its own compression methods and will unconditionally activate compression when a matching identifier is found. There is no way to restrict the list of compression methods supported on a per connection basis.</p>
+
+<p>If enabled during compilation, the OpenSSL library will have the COMP_zlib() compression method available.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_COMP_add_compression_method() may return the following values:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation failed. Check the error queue to find out the reason.</p>
+
+</dd>
+</dl>
+
+<p>SSL_COMP_get_compression_methods() returns the stack of compressions methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method or NULL on error.</p>
+
+<p>SSL_COMP_get_id() returns the name of the compression method or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_COMP_free_compression_methods() function was deprecated in OpenSSL 1.1.0. The SSL_COMP_get0_name() and SSL_comp_get_id() functions were added in OpenSSL 1.1.0d.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get0_name.html b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get0_name.html
new file mode 100644
index 000000000..9244fab68
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get0_name.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_COMP_add_compression_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_COMP_add_compression_method, SSL_COMP_get_compression_methods, SSL_COMP_get0_name, SSL_COMP_get_id, SSL_COMP_free_compression_methods - handle SSL/TLS integrated compression methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+ STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+ const char *SSL_COMP_get0_name(const SSL_COMP *comp);
+ int SSL_COMP_get_id(const SSL_COMP *comp);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void SSL_COMP_free_compression_methods(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_COMP_add_compression_method() adds the compression method <b>cm</b> with the identifier <b>id</b> to the list of available compression methods. This list is globally maintained for all SSL operations within this application. It cannot be set for specific SSL_CTX or SSL objects.</p>
+
+<p>SSL_COMP_get_compression_methods() returns a stack of all of the available compression methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_get_id() returns the id of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_free_compression_methods() releases any resources acquired to maintain the internal table of compression methods.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The TLS standard (or SSLv3) allows the integration of compression methods into the communication. The TLS RFC does however not specify compression methods or their corresponding identifiers, so there is currently no compatible way to integrate compression with unknown peers. It is therefore currently not recommended to integrate compression into applications. Applications for non-public use may agree on certain compression methods. Using different compression methods with the same identifier will lead to connection failure.</p>
+
+<p>An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1) will unconditionally send the list of all compression methods enabled with SSL_COMP_add_compression_method() to the server during the handshake. Unlike the mechanisms to set a cipher list, there is no method available to restrict the list of compression method on a per connection basis.</p>
+
+<p>An OpenSSL server will match the identifiers listed by a client against its own compression methods and will unconditionally activate compression when a matching identifier is found. There is no way to restrict the list of compression methods supported on a per connection basis.</p>
+
+<p>If enabled during compilation, the OpenSSL library will have the COMP_zlib() compression method available.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_COMP_add_compression_method() may return the following values:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation failed. Check the error queue to find out the reason.</p>
+
+</dd>
+</dl>
+
+<p>SSL_COMP_get_compression_methods() returns the stack of compressions methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method or NULL on error.</p>
+
+<p>SSL_COMP_get_id() returns the name of the compression method or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_COMP_free_compression_methods() function was deprecated in OpenSSL 1.1.0. The SSL_COMP_get0_name() and SSL_comp_get_id() functions were added in OpenSSL 1.1.0d.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get_compression_methods.html b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get_compression_methods.html
new file mode 100644
index 000000000..9244fab68
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get_compression_methods.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_COMP_add_compression_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_COMP_add_compression_method, SSL_COMP_get_compression_methods, SSL_COMP_get0_name, SSL_COMP_get_id, SSL_COMP_free_compression_methods - handle SSL/TLS integrated compression methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+ STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+ const char *SSL_COMP_get0_name(const SSL_COMP *comp);
+ int SSL_COMP_get_id(const SSL_COMP *comp);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void SSL_COMP_free_compression_methods(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_COMP_add_compression_method() adds the compression method <b>cm</b> with the identifier <b>id</b> to the list of available compression methods. This list is globally maintained for all SSL operations within this application. It cannot be set for specific SSL_CTX or SSL objects.</p>
+
+<p>SSL_COMP_get_compression_methods() returns a stack of all of the available compression methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_get_id() returns the id of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_free_compression_methods() releases any resources acquired to maintain the internal table of compression methods.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The TLS standard (or SSLv3) allows the integration of compression methods into the communication. The TLS RFC does however not specify compression methods or their corresponding identifiers, so there is currently no compatible way to integrate compression with unknown peers. It is therefore currently not recommended to integrate compression into applications. Applications for non-public use may agree on certain compression methods. Using different compression methods with the same identifier will lead to connection failure.</p>
+
+<p>An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1) will unconditionally send the list of all compression methods enabled with SSL_COMP_add_compression_method() to the server during the handshake. Unlike the mechanisms to set a cipher list, there is no method available to restrict the list of compression method on a per connection basis.</p>
+
+<p>An OpenSSL server will match the identifiers listed by a client against its own compression methods and will unconditionally activate compression when a matching identifier is found. There is no way to restrict the list of compression methods supported on a per connection basis.</p>
+
+<p>If enabled during compilation, the OpenSSL library will have the COMP_zlib() compression method available.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_COMP_add_compression_method() may return the following values:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation failed. Check the error queue to find out the reason.</p>
+
+</dd>
+</dl>
+
+<p>SSL_COMP_get_compression_methods() returns the stack of compressions methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method or NULL on error.</p>
+
+<p>SSL_COMP_get_id() returns the name of the compression method or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_COMP_free_compression_methods() function was deprecated in OpenSSL 1.1.0. The SSL_COMP_get0_name() and SSL_comp_get_id() functions were added in OpenSSL 1.1.0d.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get_id.html
new file mode 100644
index 000000000..9244fab68
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_COMP_get_id.html
@@ -0,0 +1,111 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_COMP_add_compression_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_COMP_add_compression_method, SSL_COMP_get_compression_methods, SSL_COMP_get0_name, SSL_COMP_get_id, SSL_COMP_free_compression_methods - handle SSL/TLS integrated compression methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+ STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+ const char *SSL_COMP_get0_name(const SSL_COMP *comp);
+ int SSL_COMP_get_id(const SSL_COMP *comp);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void SSL_COMP_free_compression_methods(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_COMP_add_compression_method() adds the compression method <b>cm</b> with the identifier <b>id</b> to the list of available compression methods. This list is globally maintained for all SSL operations within this application. It cannot be set for specific SSL_CTX or SSL objects.</p>
+
+<p>SSL_COMP_get_compression_methods() returns a stack of all of the available compression methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_get_id() returns the id of the compression method <b>comp</b>.</p>
+
+<p>SSL_COMP_free_compression_methods() releases any resources acquired to maintain the internal table of compression methods.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The TLS standard (or SSLv3) allows the integration of compression methods into the communication. The TLS RFC does however not specify compression methods or their corresponding identifiers, so there is currently no compatible way to integrate compression with unknown peers. It is therefore currently not recommended to integrate compression into applications. Applications for non-public use may agree on certain compression methods. Using different compression methods with the same identifier will lead to connection failure.</p>
+
+<p>An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1) will unconditionally send the list of all compression methods enabled with SSL_COMP_add_compression_method() to the server during the handshake. Unlike the mechanisms to set a cipher list, there is no method available to restrict the list of compression method on a per connection basis.</p>
+
+<p>An OpenSSL server will match the identifiers listed by a client against its own compression methods and will unconditionally activate compression when a matching identifier is found. There is no way to restrict the list of compression methods supported on a per connection basis.</p>
+
+<p>If enabled during compilation, the OpenSSL library will have the COMP_zlib() compression method available.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_COMP_add_compression_method() may return the following values:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation failed. Check the error queue to find out the reason.</p>
+
+</dd>
+</dl>
+
+<p>SSL_COMP_get_compression_methods() returns the stack of compressions methods or NULL on error.</p>
+
+<p>SSL_COMP_get0_name() returns the name of the compression method or NULL on error.</p>
+
+<p>SSL_COMP_get_id() returns the name of the compression method or -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_COMP_free_compression_methods() function was deprecated in OpenSSL 1.1.0. The SSL_COMP_get0_name() and SSL_comp_get_id() functions were added in OpenSSL 1.1.0d.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_clear_flags.html
new file mode 100644
index 000000000..6c1a0a10e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_clear_flags.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_CTX_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_CTX_set_flags, SSL_CONF_CTX_clear_flags - Set or clear SSL configuration context flags</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+ unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function SSL_CONF_CTX_set_flags() sets <b>flags</b> in the context <b>cctx</b>.</p>
+
+<p>The function SSL_CONF_CTX_clear_flags() clears <b>flags</b> in the context <b>cctx</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The flags set affect how subsequent calls to SSL_CONF_cmd() or SSL_CONF_argv() behave.</p>
+
+<p>Currently the following <b>flags</b> values are recognised:</p>
+
+<dl>
+
+<dt id="SSL_CONF_FLAG_CMDLINE-SSL_CONF_FLAG_FILE">SSL_CONF_FLAG_CMDLINE, SSL_CONF_FLAG_FILE</dt>
+<dd>
+
+<p>recognise options intended for command line or configuration file use. At least one of these flags must be set.</p>
+
+</dd>
+<dt id="SSL_CONF_FLAG_CLIENT-SSL_CONF_FLAG_SERVER">SSL_CONF_FLAG_CLIENT, SSL_CONF_FLAG_SERVER</dt>
+<dd>
+
+<p>recognise options intended for use in SSL/TLS clients or servers. One or both of these flags must be set.</p>
+
+</dd>
+<dt id="SSL_CONF_FLAG_CERTIFICATE">SSL_CONF_FLAG_CERTIFICATE</dt>
+<dd>
+
+<p>recognise certificate and private key options.</p>
+
+</dd>
+<dt id="SSL_CONF_FLAG_REQUIRE_PRIVATE">SSL_CONF_FLAG_REQUIRE_PRIVATE</dt>
+<dd>
+
+<p>If this option is set then if a private key is not specified for a certificate it will attempt to load a private key from the certificate file when SSL_CONF_CTX_finish() is called. If a key cannot be loaded from the certificate file an error occurs.</p>
+
+</dd>
+<dt id="SSL_CONF_FLAG_SHOW_ERRORS">SSL_CONF_FLAG_SHOW_ERRORS</dt>
+<dd>
+
+<p>indicate errors relating to unrecognised options or missing arguments in the error queue. If this option isn&#39;t set such errors are only reflected in the return values of SSL_CONF_set_cmd() or SSL_CONF_set_argv()</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_CTX_set_flags() and SSL_CONF_CTX_clear_flags() returns the new flags value after setting or clearing flags.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a>, <a href="../man3/SSL_CONF_CTX_set_ssl_ctx.html">SSL_CONF_CTX_set_ssl_ctx(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_free.html
new file mode 100644
index 000000000..da7d95662
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_free.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_CTX_new, SSL_CONF_CTX_free - SSL configuration allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CONF_CTX *SSL_CONF_CTX_new(void);
+ void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function SSL_CONF_CTX_new() allocates and initialises an <b>SSL_CONF_CTX</b> structure for use with the SSL_CONF functions.</p>
+
+<p>The function SSL_CONF_CTX_free() frees up the context <b>cctx</b>. If <b>cctx</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_CTX_new() returns either the newly allocated <b>SSL_CONF_CTX</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>SSL_CONF_CTX_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_set_flags.html">SSL_CONF_CTX_set_flags(3)</a>, <a href="../man3/SSL_CONF_CTX_set_ssl_ctx.html">SSL_CONF_CTX_set_ssl_ctx(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_new.html
new file mode 100644
index 000000000..da7d95662
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_new.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_CTX_new, SSL_CONF_CTX_free - SSL configuration allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CONF_CTX *SSL_CONF_CTX_new(void);
+ void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function SSL_CONF_CTX_new() allocates and initialises an <b>SSL_CONF_CTX</b> structure for use with the SSL_CONF functions.</p>
+
+<p>The function SSL_CONF_CTX_free() frees up the context <b>cctx</b>. If <b>cctx</b> is NULL nothing is done.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_CTX_new() returns either the newly allocated <b>SSL_CONF_CTX</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>SSL_CONF_CTX_free() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_set_flags.html">SSL_CONF_CTX_set_flags(3)</a>, <a href="../man3/SSL_CONF_CTX_set_ssl_ctx.html">SSL_CONF_CTX_set_ssl_ctx(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set1_prefix.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set1_prefix.html
new file mode 100644
index 000000000..f382932c8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set1_prefix.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_CTX_set1_prefix</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_CTX_set1_prefix - Set configuration context command prefix</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ unsigned int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *prefix);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function SSL_CONF_CTX_set1_prefix() sets the command prefix of <b>cctx</b> to <b>prefix</b>. If <b>prefix</b> is <b>NULL</b> it is restored to the default value.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Command prefixes alter the commands recognised by subsequent SSL_CONF_cmd() calls. For example for files, if the prefix &quot;SSL&quot; is set then command names such as &quot;SSLProtocol&quot;, &quot;SSLOptions&quot; etc. are recognised instead of &quot;Protocol&quot; and &quot;Options&quot;. Similarly for command lines if the prefix is &quot;--ssl-&quot; then &quot;--ssl-no_tls1_2&quot; is recognised instead of &quot;-no_tls1_2&quot;.</p>
+
+<p>If the <b>SSL_CONF_FLAG_CMDLINE</b> flag is set then prefix checks are case sensitive and &quot;-&quot; is the default. In the unlikely even an application explicitly wants to set no prefix it must be explicitly set to &quot;&quot;.</p>
+
+<p>If the <b>SSL_CONF_FLAG_FILE</b> flag is set then prefix checks are case insensitive and no prefix is the default.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_CTX_set1_prefix() returns 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a>, <a href="../man3/SSL_CONF_CTX_set_flags.html">SSL_CONF_CTX_set_flags(3)</a>, <a href="../man3/SSL_CONF_CTX_set_ssl_ctx.html">SSL_CONF_CTX_set_ssl_ctx(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_flags.html
new file mode 100644
index 000000000..6c1a0a10e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_flags.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_CTX_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_CTX_set_flags, SSL_CONF_CTX_clear_flags - Set or clear SSL configuration context flags</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+ unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function SSL_CONF_CTX_set_flags() sets <b>flags</b> in the context <b>cctx</b>.</p>
+
+<p>The function SSL_CONF_CTX_clear_flags() clears <b>flags</b> in the context <b>cctx</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The flags set affect how subsequent calls to SSL_CONF_cmd() or SSL_CONF_argv() behave.</p>
+
+<p>Currently the following <b>flags</b> values are recognised:</p>
+
+<dl>
+
+<dt id="SSL_CONF_FLAG_CMDLINE-SSL_CONF_FLAG_FILE">SSL_CONF_FLAG_CMDLINE, SSL_CONF_FLAG_FILE</dt>
+<dd>
+
+<p>recognise options intended for command line or configuration file use. At least one of these flags must be set.</p>
+
+</dd>
+<dt id="SSL_CONF_FLAG_CLIENT-SSL_CONF_FLAG_SERVER">SSL_CONF_FLAG_CLIENT, SSL_CONF_FLAG_SERVER</dt>
+<dd>
+
+<p>recognise options intended for use in SSL/TLS clients or servers. One or both of these flags must be set.</p>
+
+</dd>
+<dt id="SSL_CONF_FLAG_CERTIFICATE">SSL_CONF_FLAG_CERTIFICATE</dt>
+<dd>
+
+<p>recognise certificate and private key options.</p>
+
+</dd>
+<dt id="SSL_CONF_FLAG_REQUIRE_PRIVATE">SSL_CONF_FLAG_REQUIRE_PRIVATE</dt>
+<dd>
+
+<p>If this option is set then if a private key is not specified for a certificate it will attempt to load a private key from the certificate file when SSL_CONF_CTX_finish() is called. If a key cannot be loaded from the certificate file an error occurs.</p>
+
+</dd>
+<dt id="SSL_CONF_FLAG_SHOW_ERRORS">SSL_CONF_FLAG_SHOW_ERRORS</dt>
+<dd>
+
+<p>indicate errors relating to unrecognised options or missing arguments in the error queue. If this option isn&#39;t set such errors are only reflected in the return values of SSL_CONF_set_cmd() or SSL_CONF_set_argv()</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_CTX_set_flags() and SSL_CONF_CTX_clear_flags() returns the new flags value after setting or clearing flags.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a>, <a href="../man3/SSL_CONF_CTX_set_ssl_ctx.html">SSL_CONF_CTX_set_ssl_ctx(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_ssl.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_ssl.html
new file mode 100644
index 000000000..a98e52642
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_ssl.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_CTX_set_ssl_ctx</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX_set_ssl - set context to configure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx);
+ void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CONF_CTX_set_ssl_ctx() sets the context associated with <b>cctx</b> to the <b>SSL_CTX</b> structure <b>ctx</b>. Any previous <b>SSL</b> or <b>SSL_CTX</b> associated with <b>cctx</b> is cleared. Subsequent calls to SSL_CONF_cmd() will be sent to <b>ctx</b>.</p>
+
+<p>SSL_CONF_CTX_set_ssl() sets the context associated with <b>cctx</b> to the <b>SSL</b> structure <b>ssl</b>. Any previous <b>SSL</b> or <b>SSL_CTX</b> associated with <b>cctx</b> is cleared. Subsequent calls to SSL_CONF_cmd() will be sent to <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The context need not be set or it can be set to <b>NULL</b> in which case only syntax checking of commands is performed, where possible.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_CTX_set_ssl_ctx() and SSL_CTX_set_ssl() do not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a>, <a href="../man3/SSL_CONF_CTX_set_flags.html">SSL_CONF_CTX_set_flags(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_ssl_ctx.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_ssl_ctx.html
new file mode 100644
index 000000000..a98e52642
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_ssl_ctx.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_CTX_set_ssl_ctx</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX_set_ssl - set context to configure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx);
+ void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CONF_CTX_set_ssl_ctx() sets the context associated with <b>cctx</b> to the <b>SSL_CTX</b> structure <b>ctx</b>. Any previous <b>SSL</b> or <b>SSL_CTX</b> associated with <b>cctx</b> is cleared. Subsequent calls to SSL_CONF_cmd() will be sent to <b>ctx</b>.</p>
+
+<p>SSL_CONF_CTX_set_ssl() sets the context associated with <b>cctx</b> to the <b>SSL</b> structure <b>ssl</b>. Any previous <b>SSL</b> or <b>SSL_CTX</b> associated with <b>cctx</b> is cleared. Subsequent calls to SSL_CONF_cmd() will be sent to <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The context need not be set or it can be set to <b>NULL</b> in which case only syntax checking of commands is performed, where possible.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_CTX_set_ssl_ctx() and SSL_CTX_set_ssl() do not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a>, <a href="../man3/SSL_CONF_CTX_set_flags.html">SSL_CONF_CTX_set_flags(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd.html
new file mode 100644
index 000000000..c8b93bdd2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd.html
@@ -0,0 +1,556 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_cmd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#SUPPORTED-COMMAND-LINE-COMMANDS">SUPPORTED COMMAND LINE COMMANDS</a></li>
+  <li><a href="#SUPPORTED-CONFIGURATION-FILE-COMMANDS">SUPPORTED CONFIGURATION FILE COMMANDS</a></li>
+  <li><a href="#SUPPORTED-COMMAND-TYPES">SUPPORTED COMMAND TYPES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_cmd_value_type, SSL_CONF_cmd - send configuration command</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
+ int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function SSL_CONF_cmd() performs configuration operation <b>cmd</b> with optional parameter <b>value</b> on <b>ctx</b>. Its purpose is to simplify application configuration of <b>SSL_CTX</b> or <b>SSL</b> structures by providing a common framework for command line options or configuration files.</p>
+
+<p>SSL_CONF_cmd_value_type() returns the type of value that <b>cmd</b> refers to.</p>
+
+<h1 id="SUPPORTED-COMMAND-LINE-COMMANDS">SUPPORTED COMMAND LINE COMMANDS</h1>
+
+<p>Currently supported <b>cmd</b> names for command lines (i.e. when the flag <b>SSL_CONF_CMDLINE</b> is set) are listed below. Note: all <b>cmd</b> names are case sensitive. Unless otherwise stated commands can be used by both clients and servers and the <b>value</b> parameter is not used. The default prefix for command line commands is <b>-</b> and that is reflected below.</p>
+
+<dl>
+
+<dt id="sigalgs"><b>-sigalgs</b></dt>
+<dd>
+
+<p>This sets the supported signature algorithms for TLSv1.2 and TLSv1.3. For clients this value is used directly for the supported signature algorithms extension. For servers it is used to determine which signature algorithms to support.</p>
+
+<p>The <b>value</b> argument should be a colon separated list of signature algorithms in order of decreasing preference of the form <b>algorithm+hash</b> or <b>signature_scheme</b>. <b>algorithm</b> is one of <b>RSA</b>, <b>DSA</b> or <b>ECDSA</b> and <b>hash</b> is a supported algorithm OID short name such as <b>SHA1</b>, <b>SHA224</b>, <b>SHA256</b>, <b>SHA384</b> of <b>SHA512</b>. Note: algorithm and hash names are case sensitive. <b>signature_scheme</b> is one of the signature schemes defined in TLSv1.3, specified using the IETF name, e.g., <b>ecdsa_secp256r1_sha256</b>, <b>ed25519</b>, or <b>rsa_pss_pss_sha256</b>.</p>
+
+<p>If this option is not set then all signature algorithms supported by the OpenSSL library are permissible.</p>
+
+<p>Note: algorithms which specify a PKCS#1 v1.5 signature scheme (either by using <b>RSA</b> as the <b>algorithm</b> or by using one of the <b>rsa_pkcs1_*</b> identifiers) are ignored in TLSv1.3 and will not be negotiated.</p>
+
+</dd>
+<dt id="client_sigalgs"><b>-client_sigalgs</b></dt>
+<dd>
+
+<p>This sets the supported signature algorithms associated with client authentication for TLSv1.2 and TLSv1.3. For servers the value is used in the <b>signature_algorithms</b> field of a <b>CertificateRequest</b> message. For clients it is used to determine which signature algorithm to use with the client certificate. If a server does not request a certificate this option has no effect.</p>
+
+<p>The syntax of <b>value</b> is identical to <b>-sigalgs</b>. If not set then the value set for <b>-sigalgs</b> will be used instead.</p>
+
+</dd>
+<dt id="groups"><b>-groups</b></dt>
+<dd>
+
+<p>This sets the supported groups. For clients, the groups are sent using the supported groups extension. For servers, it is used to determine which group to use. This setting affects groups used for signatures (in TLSv1.2 and earlier) and key exchange. The first group listed will also be used for the <b>key_share</b> sent by a client in a TLSv1.3 <b>ClientHello</b>.</p>
+
+<p>The <b>value</b> argument is a colon separated list of groups. The group can be either the <b>NIST</b> name (e.g. <b>P-256</b>), some other commonly used name where applicable (e.g. <b>X25519</b>) or an OpenSSL OID name (e.g <b>prime256v1</b>). Group names are case sensitive. The list should be in order of preference with the most preferred group first.</p>
+
+</dd>
+<dt id="curves"><b>-curves</b></dt>
+<dd>
+
+<p>This is a synonym for the &quot;-groups&quot; command.</p>
+
+</dd>
+<dt id="named_curve"><b>-named_curve</b></dt>
+<dd>
+
+<p>This sets the temporary curve used for ephemeral ECDH modes. Only used by servers</p>
+
+<p>The <b>value</b> argument is a curve name or the special value <b>auto</b> which picks an appropriate curve based on client and server preferences. The curve can be either the <b>NIST</b> name (e.g. <b>P-256</b>) or an OpenSSL OID name (e.g <b>prime256v1</b>). Curve names are case sensitive.</p>
+
+</dd>
+<dt id="cipher"><b>-cipher</b></dt>
+<dd>
+
+<p>Sets the TLSv1.2 and below ciphersuite list to <b>value</b>. This list will be combined with any configured TLSv1.3 ciphersuites. Note: syntax checking of <b>value</b> is currently not performed unless a <b>SSL</b> or <b>SSL_CTX</b> structure is associated with <b>cctx</b>.</p>
+
+</dd>
+<dt id="ciphersuites"><b>-ciphersuites</b></dt>
+<dd>
+
+<p>Sets the available ciphersuites for TLSv1.3 to value. This is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names in order of preference. This list will be combined any configured TLSv1.2 and below ciphersuites. See <a href="../man1/ciphers.html">ciphers(1)</a> for more information.</p>
+
+</dd>
+<dt id="cert"><b>-cert</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the certificate for the appropriate context. It currently uses SSL_CTX_use_certificate_chain_file() if an <b>SSL_CTX</b> structure is set or SSL_use_certificate_file() with filetype PEM if an <b>SSL</b> structure is set. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="key"><b>-key</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the private key for the appropriate context. This option is only supported if certificate operations are permitted. Note: if no <b>-key</b> option is set then a private key is not loaded unless the flag <b>SSL_CONF_FLAG_REQUIRE_PRIVATE</b> is set.</p>
+
+</dd>
+<dt id="dhparam"><b>-dhparam</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the set of temporary DH parameters for the appropriate context. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="record_padding"><b>-record_padding</b></dt>
+<dd>
+
+<p>Attempts to pad TLSv1.3 records so that they are a multiple of <b>value</b> in length on send. A <b>value</b> of 0 or 1 turns off padding. Otherwise, the <b>value</b> must be &gt;1 or &lt;=16384.</p>
+
+</dd>
+<dt id="no_renegotiation"><b>-no_renegotiation</b></dt>
+<dd>
+
+<p>Disables all attempts at renegotiation in TLSv1.2 and earlier, same as setting <b>SSL_OP_NO_RENEGOTIATION</b>.</p>
+
+</dd>
+<dt id="min_protocol--max_protocol"><b>-min_protocol</b>, <b>-max_protocol</b></dt>
+<dd>
+
+<p>Sets the minimum and maximum supported protocol. Currently supported protocol values are <b>SSLv3</b>, <b>TLSv1</b>, <b>TLSv1.1</b>, <b>TLSv1.2</b>, <b>TLSv1.3</b> for TLS and <b>DTLSv1</b>, <b>DTLSv1.2</b> for DTLS, and <b>None</b> for no limit. If either bound is not specified then only the other bound applies, if specified. To restrict the supported protocol versions use these commands rather than the deprecated alternative commands below.</p>
+
+</dd>
+<dt id="no_ssl3--no_tls1--no_tls1_1--no_tls1_2--no_tls1_3"><b>-no_ssl3</b>, <b>-no_tls1</b>, <b>-no_tls1_1</b>, <b>-no_tls1_2</b>, <b>-no_tls1_3</b></dt>
+<dd>
+
+<p>Disables protocol support for SSLv3, TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3 by setting the corresponding options <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> respectively. These options are deprecated, instead use <b>-min_protocol</b> and <b>-max_protocol</b>.</p>
+
+</dd>
+<dt id="bugs"><b>-bugs</b></dt>
+<dd>
+
+<p>Various bug workarounds are set, same as setting <b>SSL_OP_ALL</b>.</p>
+
+</dd>
+<dt id="comp"><b>-comp</b></dt>
+<dd>
+
+<p>Enables support for SSL/TLS compression, same as clearing <b>SSL_OP_NO_COMPRESSION</b>. This command was introduced in OpenSSL 1.1.0. As of OpenSSL 1.1.0, compression is off by default.</p>
+
+</dd>
+<dt id="no_comp"><b>-no_comp</b></dt>
+<dd>
+
+<p>Disables support for SSL/TLS compression, same as setting <b>SSL_OP_NO_COMPRESSION</b>. As of OpenSSL 1.1.0, compression is off by default.</p>
+
+</dd>
+<dt id="no_ticket"><b>-no_ticket</b></dt>
+<dd>
+
+<p>Disables support for session tickets, same as setting <b>SSL_OP_NO_TICKET</b>.</p>
+
+</dd>
+<dt id="serverpref"><b>-serverpref</b></dt>
+<dd>
+
+<p>Use server and not client preference order when determining which cipher suite, signature algorithm or elliptic curve to use for an incoming connection. Equivalent to <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>. Only used by servers.</p>
+
+</dd>
+<dt id="prioritize_chacha"><b>-prioritize_chacha</b></dt>
+<dd>
+
+<p>Prioritize ChaCha ciphers when the client has a ChaCha20 cipher at the top of its preference list. This usually indicates a client without AES hardware acceleration (e.g. mobile) is in use. Equivalent to <b>SSL_OP_PRIORITIZE_CHACHA</b>. Only used by servers. Requires <b>-serverpref</b>.</p>
+
+</dd>
+<dt id="no_resumption_on_reneg"><b>-no_resumption_on_reneg</b></dt>
+<dd>
+
+<p>set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. Only used by servers.</p>
+
+</dd>
+<dt id="legacyrenegotiation"><b>-legacyrenegotiation</b></dt>
+<dd>
+
+<p>permits the use of unsafe legacy renegotiation. Equivalent to setting <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b>.</p>
+
+</dd>
+<dt id="legacy_server_connect--no_legacy_server_connect"><b>-legacy_server_connect</b>, <b>-no_legacy_server_connect</b></dt>
+<dd>
+
+<p>permits or prohibits the use of unsafe legacy renegotiation for OpenSSL clients only. Equivalent to setting or clearing <b>SSL_OP_LEGACY_SERVER_CONNECT</b>. Set by default.</p>
+
+</dd>
+<dt id="allow_no_dhe_kex"><b>-allow_no_dhe_kex</b></dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="strict"><b>-strict</b></dt>
+<dd>
+
+<p>enables strict mode protocol handling. Equivalent to setting <b>SSL_CERT_FLAG_TLS_STRICT</b>.</p>
+
+</dd>
+<dt id="anti_replay--no_anti_replay"><b>-anti_replay</b>, <b>-no_anti_replay</b></dt>
+<dd>
+
+<p>Switches replay protection, on or off respectively. With replay protection on, OpenSSL will automatically detect if a session ticket has been used more than once, TLSv1.3 has been negotiated, and early data is enabled on the server. A full handshake is forced if a session ticket is used a second or subsequent time. Anti-Replay is on by default unless overridden by a configuration file and is only used by servers. Anti-replay measures are required for compliance with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built-in OpenSSL functionality is not required. Switching off anti-replay is equivalent to <b>SSL_OP_NO_ANTI_REPLAY</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SUPPORTED-CONFIGURATION-FILE-COMMANDS">SUPPORTED CONFIGURATION FILE COMMANDS</h1>
+
+<p>Currently supported <b>cmd</b> names for configuration files (i.e. when the flag <b>SSL_CONF_FLAG_FILE</b> is set) are listed below. All configuration file <b>cmd</b> names are case insensitive so <b>signaturealgorithms</b> is recognised as well as <b>SignatureAlgorithms</b>. Unless otherwise stated the <b>value</b> names are also case insensitive.</p>
+
+<p>Note: the command prefix (if set) alters the recognised <b>cmd</b> values.</p>
+
+<dl>
+
+<dt id="CipherString"><b>CipherString</b></dt>
+<dd>
+
+<p>Sets the ciphersuite list for TLSv1.2 and below to <b>value</b>. This list will be combined with any configured TLSv1.3 ciphersuites. Note: syntax checking of <b>value</b> is currently not performed unless an <b>SSL</b> or <b>SSL_CTX</b> structure is associated with <b>cctx</b>.</p>
+
+</dd>
+<dt id="Ciphersuites"><b>Ciphersuites</b></dt>
+<dd>
+
+<p>Sets the available ciphersuites for TLSv1.3 to <b>value</b>. This is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names in order of preference. This list will be combined any configured TLSv1.2 and below ciphersuites. See <a href="../man1/ciphers.html">ciphers(1)</a> for more information.</p>
+
+</dd>
+<dt id="Certificate"><b>Certificate</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the certificate for the appropriate context. It currently uses SSL_CTX_use_certificate_chain_file() if an <b>SSL_CTX</b> structure is set or SSL_use_certificate_file() with filetype PEM if an <b>SSL</b> structure is set. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="PrivateKey"><b>PrivateKey</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the private key for the appropriate context. This option is only supported if certificate operations are permitted. Note: if no <b>PrivateKey</b> option is set then a private key is not loaded unless the <b>SSL_CONF_FLAG_REQUIRE_PRIVATE</b> is set.</p>
+
+</dd>
+<dt id="ChainCAFile-ChainCAPath-VerifyCAFile-VerifyCAPath"><b>ChainCAFile</b>, <b>ChainCAPath</b>, <b>VerifyCAFile</b>, <b>VerifyCAPath</b></dt>
+<dd>
+
+<p>These options indicate a file or directory used for building certificate chains or verifying certificate chains. These options are only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="RequestCAFile"><b>RequestCAFile</b></dt>
+<dd>
+
+<p>This option indicates a file containing a set of certificates in PEM form. The subject names of the certificates are sent to the peer in the <b>certificate_authorities</b> extension for TLS 1.3 (in ClientHello or CertificateRequest) or in a certificate request for previous versions or TLS.</p>
+
+</dd>
+<dt id="ServerInfoFile"><b>ServerInfoFile</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> in the &quot;serverinfo&quot; extension using the function SSL_CTX_use_serverinfo_file.</p>
+
+</dd>
+<dt id="DHParameters"><b>DHParameters</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the set of temporary DH parameters for the appropriate context. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="RecordPadding"><b>RecordPadding</b></dt>
+<dd>
+
+<p>Attempts to pad TLSv1.3 records so that they are a multiple of <b>value</b> in length on send. A <b>value</b> of 0 or 1 turns off padding. Otherwise, the <b>value</b> must be &gt;1 or &lt;=16384.</p>
+
+</dd>
+<dt id="SignatureAlgorithms"><b>SignatureAlgorithms</b></dt>
+<dd>
+
+<p>This sets the supported signature algorithms for TLSv1.2 and TLSv1.3. For clients this value is used directly for the supported signature algorithms extension. For servers it is used to determine which signature algorithms to support.</p>
+
+<p>The <b>value</b> argument should be a colon separated list of signature algorithms in order of decreasing preference of the form <b>algorithm+hash</b> or <b>signature_scheme</b>. <b>algorithm</b> is one of <b>RSA</b>, <b>DSA</b> or <b>ECDSA</b> and <b>hash</b> is a supported algorithm OID short name such as <b>SHA1</b>, <b>SHA224</b>, <b>SHA256</b>, <b>SHA384</b> of <b>SHA512</b>. Note: algorithm and hash names are case sensitive. <b>signature_scheme</b> is one of the signature schemes defined in TLSv1.3, specified using the IETF name, e.g., <b>ecdsa_secp256r1_sha256</b>, <b>ed25519</b>, or <b>rsa_pss_pss_sha256</b>.</p>
+
+<p>If this option is not set then all signature algorithms supported by the OpenSSL library are permissible.</p>
+
+<p>Note: algorithms which specify a PKCS#1 v1.5 signature scheme (either by using <b>RSA</b> as the <b>algorithm</b> or by using one of the <b>rsa_pkcs1_*</b> identifiers) are ignored in TLSv1.3 and will not be negotiated.</p>
+
+</dd>
+<dt id="ClientSignatureAlgorithms"><b>ClientSignatureAlgorithms</b></dt>
+<dd>
+
+<p>This sets the supported signature algorithms associated with client authentication for TLSv1.2 and TLSv1.3. For servers the value is used in the <b>signature_algorithms</b> field of a <b>CertificateRequest</b> message. For clients it is used to determine which signature algorithm to use with the client certificate. If a server does not request a certificate this option has no effect.</p>
+
+<p>The syntax of <b>value</b> is identical to <b>SignatureAlgorithms</b>. If not set then the value set for <b>SignatureAlgorithms</b> will be used instead.</p>
+
+</dd>
+<dt id="Groups"><b>Groups</b></dt>
+<dd>
+
+<p>This sets the supported groups. For clients, the groups are sent using the supported groups extension. For servers, it is used to determine which group to use. This setting affects groups used for signatures (in TLSv1.2 and earlier) and key exchange. The first group listed will also be used for the <b>key_share</b> sent by a client in a TLSv1.3 <b>ClientHello</b>.</p>
+
+<p>The <b>value</b> argument is a colon separated list of groups. The group can be either the <b>NIST</b> name (e.g. <b>P-256</b>), some other commonly used name where applicable (e.g. <b>X25519</b>) or an OpenSSL OID name (e.g <b>prime256v1</b>). Group names are case sensitive. The list should be in order of preference with the most preferred group first.</p>
+
+</dd>
+<dt id="Curves"><b>Curves</b></dt>
+<dd>
+
+<p>This is a synonym for the &quot;Groups&quot; command.</p>
+
+</dd>
+<dt id="MinProtocol"><b>MinProtocol</b></dt>
+<dd>
+
+<p>This sets the minimum supported SSL, TLS or DTLS version.</p>
+
+<p>Currently supported protocol values are <b>SSLv3</b>, <b>TLSv1</b>, <b>TLSv1.1</b>, <b>TLSv1.2</b>, <b>TLSv1.3</b>, <b>DTLSv1</b> and <b>DTLSv1.2</b>. The value <b>None</b> will disable the limit.</p>
+
+</dd>
+<dt id="MaxProtocol"><b>MaxProtocol</b></dt>
+<dd>
+
+<p>This sets the maximum supported SSL, TLS or DTLS version.</p>
+
+<p>Currently supported protocol values are <b>SSLv3</b>, <b>TLSv1</b>, <b>TLSv1.1</b>, <b>TLSv1.2</b>, <b>TLSv1.3</b>, <b>DTLSv1</b> and <b>DTLSv1.2</b>. The value <b>None</b> will disable the limit.</p>
+
+</dd>
+<dt id="Protocol"><b>Protocol</b></dt>
+<dd>
+
+<p>This can be used to enable or disable certain versions of the SSL, TLS or DTLS protocol.</p>
+
+<p>The <b>value</b> argument is a comma separated list of supported protocols to enable or disable. If a protocol is preceded by <b>-</b> that version is disabled.</p>
+
+<p>All protocol versions are enabled by default. You need to disable at least one protocol version for this setting have any effect. Only enabling some protocol versions does not disable the other protocol versions.</p>
+
+<p>Currently supported protocol values are <b>SSLv3</b>, <b>TLSv1</b>, <b>TLSv1.1</b>, <b>TLSv1.2</b>, <b>TLSv1.3</b>, <b>DTLSv1</b> and <b>DTLSv1.2</b>. The special value <b>ALL</b> refers to all supported versions.</p>
+
+<p>This can&#39;t enable protocols that are disabled using <b>MinProtocol</b> or <b>MaxProtocol</b>, but can disable protocols that are still allowed by them.</p>
+
+<p>The <b>Protocol</b> command is fragile and deprecated; do not use it. Use <b>MinProtocol</b> and <b>MaxProtocol</b> instead. If you do use <b>Protocol</b>, make sure that the resulting range of enabled protocols has no &quot;holes&quot;, e.g. if TLS 1.0 and TLS 1.2 are both enabled, make sure to also leave TLS 1.1 enabled.</p>
+
+</dd>
+<dt id="Options"><b>Options</b></dt>
+<dd>
+
+<p>The <b>value</b> argument is a comma separated list of various flags to set. If a flag string is preceded <b>-</b> it is disabled. See the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> function for more details of individual options.</p>
+
+<p>Each option is listed below. Where an operation is enabled by default the <b>-flag</b> syntax is needed to disable it.</p>
+
+<p><b>SessionTicket</b>: session ticket support, enabled by default. Inverse of <b>SSL_OP_NO_TICKET</b>: that is <b>-SessionTicket</b> is the same as setting <b>SSL_OP_NO_TICKET</b>.</p>
+
+<p><b>Compression</b>: SSL/TLS compression support, enabled by default. Inverse of <b>SSL_OP_NO_COMPRESSION</b>.</p>
+
+<p><b>EmptyFragments</b>: use empty fragments as a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers. It is set by default. Inverse of <b>SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</b>.</p>
+
+<p><b>Bugs</b>: enable various bug workarounds. Same as <b>SSL_OP_ALL</b>.</p>
+
+<p><b>DHSingle</b>: enable single use DH keys, set by default. Inverse of <b>SSL_OP_DH_SINGLE</b>. Only used by servers.</p>
+
+<p><b>ECDHSingle</b>: enable single use ECDH keys, set by default. Inverse of <b>SSL_OP_ECDH_SINGLE</b>. Only used by servers.</p>
+
+<p><b>ServerPreference</b>: use server and not client preference order when determining which cipher suite, signature algorithm or elliptic curve to use for an incoming connection. Equivalent to <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>. Only used by servers.</p>
+
+<p><b>PrioritizeChaCha</b>: prioritizes ChaCha ciphers when the client has a ChaCha20 cipher at the top of its preference list. This usually indicates a mobile client is in use. Equivalent to <b>SSL_OP_PRIORITIZE_CHACHA</b>. Only used by servers.</p>
+
+<p><b>NoResumptionOnRenegotiation</b>: set <b>SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</b> flag. Only used by servers.</p>
+
+<p><b>NoRenegotiation</b>: disables all attempts at renegotiation in TLSv1.2 and earlier, same as setting <b>SSL_OP_NO_RENEGOTIATION</b>.</p>
+
+<p><b>UnsafeLegacyRenegotiation</b>: permits the use of unsafe legacy renegotiation. Equivalent to <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b>.</p>
+
+<p><b>UnsafeLegacyServerConnect</b>: permits the use of unsafe legacy renegotiation for OpenSSL clients only. Equivalent to <b>SSL_OP_LEGACY_SERVER_CONNECT</b>. Set by default.</p>
+
+<p><b>EncryptThenMac</b>: use encrypt-then-mac extension, enabled by default. Inverse of <b>SSL_OP_NO_ENCRYPT_THEN_MAC</b>: that is, <b>-EncryptThenMac</b> is the same as setting <b>SSL_OP_NO_ENCRYPT_THEN_MAC</b>.</p>
+
+<p><b>AllowNoDHEKEX</b>: In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session. Equivalent to <b>SSL_OP_ALLOW_NO_DHE_KEX</b>.</p>
+
+<p><b>MiddleboxCompat</b>: If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. This option is set by default. A future version of OpenSSL may not set this by default. Equivalent to <b>SSL_OP_ENABLE_MIDDLEBOX_COMPAT</b>.</p>
+
+<p><b>AntiReplay</b>: If set then OpenSSL will automatically detect if a session ticket has been used more than once, TLSv1.3 has been negotiated, and early data is enabled on the server. A full handshake is forced if a session ticket is used a second or subsequent time. This option is set by default and is only used by servers. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built-in OpenSSL functionality is not required. Disabling anti-replay is equivalent to setting <b>SSL_OP_NO_ANTI_REPLAY</b>.</p>
+
+</dd>
+<dt id="VerifyMode"><b>VerifyMode</b></dt>
+<dd>
+
+<p>The <b>value</b> argument is a comma separated list of flags to set.</p>
+
+<p><b>Peer</b> enables peer verification: for clients only.</p>
+
+<p><b>Request</b> requests but does not require a certificate from the client. Servers only.</p>
+
+<p><b>Require</b> requests and requires a certificate from the client: an error occurs if the client does not present a certificate. Servers only.</p>
+
+<p><b>Once</b> requests a certificate from a client only on the initial connection: not when renegotiating. Servers only.</p>
+
+<p><b>RequestPostHandshake</b> configures the connection to support requests but does not require a certificate from the client post-handshake. A certificate will not be requested during the initial handshake. The server application must provide a mechanism to request a certificate post-handshake. Servers only. TLSv1.3 only.</p>
+
+<p><b>RequiresPostHandshake</b> configures the connection to support requests and requires a certificate from the client post-handshake: an error occurs if the client does not present a certificate. A certificate will not be requested during the initial handshake. The server application must provide a mechanism to request a certificate post-handshake. Servers only. TLSv1.3 only.</p>
+
+</dd>
+<dt id="ClientCAFile-ClientCAPath"><b>ClientCAFile</b>, <b>ClientCAPath</b></dt>
+<dd>
+
+<p>A file or directory of certificates in PEM format whose names are used as the set of acceptable names for client CAs. Servers only. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+</dl>
+
+<h1 id="SUPPORTED-COMMAND-TYPES">SUPPORTED COMMAND TYPES</h1>
+
+<p>The function SSL_CONF_cmd_value_type() currently returns one of the following types:</p>
+
+<dl>
+
+<dt id="SSL_CONF_TYPE_UNKNOWN"><b>SSL_CONF_TYPE_UNKNOWN</b></dt>
+<dd>
+
+<p>The <b>cmd</b> string is unrecognised, this return value can be use to flag syntax errors.</p>
+
+</dd>
+<dt id="SSL_CONF_TYPE_STRING"><b>SSL_CONF_TYPE_STRING</b></dt>
+<dd>
+
+<p>The value is a string without any specific structure.</p>
+
+</dd>
+<dt id="SSL_CONF_TYPE_FILE"><b>SSL_CONF_TYPE_FILE</b></dt>
+<dd>
+
+<p>The value is a file name.</p>
+
+</dd>
+<dt id="SSL_CONF_TYPE_DIR"><b>SSL_CONF_TYPE_DIR</b></dt>
+<dd>
+
+<p>The value is a directory name.</p>
+
+</dd>
+<dt id="SSL_CONF_TYPE_NONE"><b>SSL_CONF_TYPE_NONE</b></dt>
+<dd>
+
+<p>The value string is not used e.g. a command line option which doesn&#39;t take an argument.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The order of operations is significant. This can be used to set either defaults or values which cannot be overridden. For example if an application calls:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;-SSLv3&quot;);
+ SSL_CONF_cmd(ctx, userparam, uservalue);</code></pre>
+
+<p>it will disable SSLv3 support by default but the user can override it. If however the call sequence is:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, userparam, uservalue);
+ SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;-SSLv3&quot;);</code></pre>
+
+<p>SSLv3 is <b>always</b> disabled and attempt to override this by the user are ignored.</p>
+
+<p>By checking the return code of SSL_CONF_cmd() it is possible to query if a given <b>cmd</b> is recognised, this is useful if SSL_CONF_cmd() values are mixed with additional application specific operations.</p>
+
+<p>For example an application might call SSL_CONF_cmd() and if it returns -2 (unrecognised command) continue with processing of application specific commands.</p>
+
+<p>Applications can also use SSL_CONF_cmd() to process command lines though the utility function SSL_CONF_cmd_argv() is normally used instead. One way to do this is to set the prefix to an appropriate value using SSL_CONF_CTX_set1_prefix(), pass the current argument to <b>cmd</b> and the following argument to <b>value</b> (which may be NULL).</p>
+
+<p>In this case if the return value is positive then it is used to skip that number of arguments as they have been processed by SSL_CONF_cmd(). If -2 is returned then <b>cmd</b> is not recognised and application specific arguments can be checked instead. If -3 is returned a required argument is missing and an error is indicated. If 0 is returned some other error occurred and this can be reported back to the user.</p>
+
+<p>The function SSL_CONF_cmd_value_type() can be used by applications to check for the existence of a command or to perform additional syntax checking or translation of the command value. For example if the return value is <b>SSL_CONF_TYPE_FILE</b> an application could translate a relative pathname to an absolute pathname.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;SignatureAlgorithms&quot;, &quot;ECDSA+SHA256:RSA+SHA256:DSA+SHA256&quot;);</code></pre>
+
+<p>There are various ways to select the supported protocols.</p>
+
+<p>This set the minimum protocol version to TLSv1, and so disables SSLv3. This is the recommended way to disable protocols.</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;MinProtocol&quot;, &quot;TLSv1&quot;);</code></pre>
+
+<p>The following also disables SSLv3:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;-SSLv3&quot;);</code></pre>
+
+<p>The following will first enable all protocols, and then disable SSLv3. If no protocol versions were disabled before this has the same effect as &quot;-SSLv3&quot;, but if some versions were disables this will re-enable them before disabling SSLv3.</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;ALL,-SSLv3&quot;);</code></pre>
+
+<p>Only enable TLSv1.2:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;MinProtocol&quot;, &quot;TLSv1.2&quot;);
+ SSL_CONF_cmd(ctx, &quot;MaxProtocol&quot;, &quot;TLSv1.2&quot;);</code></pre>
+
+<p>This also only enables TLSv1.2:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;-ALL,TLSv1.2&quot;);</code></pre>
+
+<p>Disable TLS session tickets:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Options&quot;, &quot;-SessionTicket&quot;);</code></pre>
+
+<p>Enable compression:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Options&quot;, &quot;Compression&quot;);</code></pre>
+
+<p>Set supported curves to P-256, P-384:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Curves&quot;, &quot;P-256:P-384&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_cmd() returns 1 if the value of <b>cmd</b> is recognised and <b>value</b> is <b>NOT</b> used and 2 if both <b>cmd</b> and <b>value</b> are used. In other words it returns the number of arguments processed. This is useful when processing command lines.</p>
+
+<p>A return value of -2 means <b>cmd</b> is not recognised.</p>
+
+<p>A return value of -3 means <b>cmd</b> is recognised and the command requires a value but <b>value</b> is NULL.</p>
+
+<p>A return code of 0 indicates that both <b>cmd</b> and <b>value</b> are valid but an error occurred attempting to perform the operation: for example due to an error in the syntax of <b>value</b> in this case the error queue may provide additional information.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a>, <a href="../man3/SSL_CONF_CTX_set_flags.html">SSL_CONF_CTX_set_flags(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_CTX_set_ssl_ctx.html">SSL_CONF_CTX_set_ssl_ctx(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CONF_cmd() function was added in OpenSSL 1.0.2.</p>
+
+<p>The <b>SSL_OP_NO_SSL2</b> option doesn&#39;t have effect since 1.1.0, but the macro is retained for backwards compatibility.</p>
+
+<p>The <b>SSL_CONF_TYPE_NONE</b> was added in OpenSSL 1.1.0. In earlier versions of OpenSSL passing a command which didn&#39;t take an argument would return <b>SSL_CONF_TYPE_UNKNOWN</b>.</p>
+
+<p><b>MinProtocol</b> and <b>MaxProtocol</b> where added in OpenSSL 1.1.0.</p>
+
+<p><b>AllowNoDHEKEX</b> and <b>PrioritizeChaCha</b> were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd_argv.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd_argv.html
new file mode 100644
index 000000000..bf4197545
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd_argv.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_cmd_argv</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_cmd_argv - SSL configuration command line processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function SSL_CONF_cmd_argv() processes at most two command line arguments from <b>pargv</b> and <b>pargc</b>. The values of <b>pargv</b> and <b>pargc</b> are updated to reflect the number of command options processed. The <b>pargc</b> argument can be set to <b>NULL</b> if it is not used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_cmd_argv() returns the number of command arguments processed: 0, 1, 2 or a negative error code.</p>
+
+<p>If -2 is returned then an argument for a command is missing.</p>
+
+<p>If -1 is returned the command is recognised but couldn&#39;t be processed due to an error: for example a syntax error in the argument.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a>, <a href="../man3/SSL_CONF_CTX_set_flags.html">SSL_CONF_CTX_set_flags(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_CTX_set_ssl_ctx.html">SSL_CONF_CTX_set_ssl_ctx(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd_value_type.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd_value_type.html
new file mode 100644
index 000000000..c8b93bdd2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CONF_cmd_value_type.html
@@ -0,0 +1,556 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CONF_cmd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#SUPPORTED-COMMAND-LINE-COMMANDS">SUPPORTED COMMAND LINE COMMANDS</a></li>
+  <li><a href="#SUPPORTED-CONFIGURATION-FILE-COMMANDS">SUPPORTED CONFIGURATION FILE COMMANDS</a></li>
+  <li><a href="#SUPPORTED-COMMAND-TYPES">SUPPORTED COMMAND TYPES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CONF_cmd_value_type, SSL_CONF_cmd - send configuration command</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
+ int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function SSL_CONF_cmd() performs configuration operation <b>cmd</b> with optional parameter <b>value</b> on <b>ctx</b>. Its purpose is to simplify application configuration of <b>SSL_CTX</b> or <b>SSL</b> structures by providing a common framework for command line options or configuration files.</p>
+
+<p>SSL_CONF_cmd_value_type() returns the type of value that <b>cmd</b> refers to.</p>
+
+<h1 id="SUPPORTED-COMMAND-LINE-COMMANDS">SUPPORTED COMMAND LINE COMMANDS</h1>
+
+<p>Currently supported <b>cmd</b> names for command lines (i.e. when the flag <b>SSL_CONF_CMDLINE</b> is set) are listed below. Note: all <b>cmd</b> names are case sensitive. Unless otherwise stated commands can be used by both clients and servers and the <b>value</b> parameter is not used. The default prefix for command line commands is <b>-</b> and that is reflected below.</p>
+
+<dl>
+
+<dt id="sigalgs"><b>-sigalgs</b></dt>
+<dd>
+
+<p>This sets the supported signature algorithms for TLSv1.2 and TLSv1.3. For clients this value is used directly for the supported signature algorithms extension. For servers it is used to determine which signature algorithms to support.</p>
+
+<p>The <b>value</b> argument should be a colon separated list of signature algorithms in order of decreasing preference of the form <b>algorithm+hash</b> or <b>signature_scheme</b>. <b>algorithm</b> is one of <b>RSA</b>, <b>DSA</b> or <b>ECDSA</b> and <b>hash</b> is a supported algorithm OID short name such as <b>SHA1</b>, <b>SHA224</b>, <b>SHA256</b>, <b>SHA384</b> of <b>SHA512</b>. Note: algorithm and hash names are case sensitive. <b>signature_scheme</b> is one of the signature schemes defined in TLSv1.3, specified using the IETF name, e.g., <b>ecdsa_secp256r1_sha256</b>, <b>ed25519</b>, or <b>rsa_pss_pss_sha256</b>.</p>
+
+<p>If this option is not set then all signature algorithms supported by the OpenSSL library are permissible.</p>
+
+<p>Note: algorithms which specify a PKCS#1 v1.5 signature scheme (either by using <b>RSA</b> as the <b>algorithm</b> or by using one of the <b>rsa_pkcs1_*</b> identifiers) are ignored in TLSv1.3 and will not be negotiated.</p>
+
+</dd>
+<dt id="client_sigalgs"><b>-client_sigalgs</b></dt>
+<dd>
+
+<p>This sets the supported signature algorithms associated with client authentication for TLSv1.2 and TLSv1.3. For servers the value is used in the <b>signature_algorithms</b> field of a <b>CertificateRequest</b> message. For clients it is used to determine which signature algorithm to use with the client certificate. If a server does not request a certificate this option has no effect.</p>
+
+<p>The syntax of <b>value</b> is identical to <b>-sigalgs</b>. If not set then the value set for <b>-sigalgs</b> will be used instead.</p>
+
+</dd>
+<dt id="groups"><b>-groups</b></dt>
+<dd>
+
+<p>This sets the supported groups. For clients, the groups are sent using the supported groups extension. For servers, it is used to determine which group to use. This setting affects groups used for signatures (in TLSv1.2 and earlier) and key exchange. The first group listed will also be used for the <b>key_share</b> sent by a client in a TLSv1.3 <b>ClientHello</b>.</p>
+
+<p>The <b>value</b> argument is a colon separated list of groups. The group can be either the <b>NIST</b> name (e.g. <b>P-256</b>), some other commonly used name where applicable (e.g. <b>X25519</b>) or an OpenSSL OID name (e.g <b>prime256v1</b>). Group names are case sensitive. The list should be in order of preference with the most preferred group first.</p>
+
+</dd>
+<dt id="curves"><b>-curves</b></dt>
+<dd>
+
+<p>This is a synonym for the &quot;-groups&quot; command.</p>
+
+</dd>
+<dt id="named_curve"><b>-named_curve</b></dt>
+<dd>
+
+<p>This sets the temporary curve used for ephemeral ECDH modes. Only used by servers</p>
+
+<p>The <b>value</b> argument is a curve name or the special value <b>auto</b> which picks an appropriate curve based on client and server preferences. The curve can be either the <b>NIST</b> name (e.g. <b>P-256</b>) or an OpenSSL OID name (e.g <b>prime256v1</b>). Curve names are case sensitive.</p>
+
+</dd>
+<dt id="cipher"><b>-cipher</b></dt>
+<dd>
+
+<p>Sets the TLSv1.2 and below ciphersuite list to <b>value</b>. This list will be combined with any configured TLSv1.3 ciphersuites. Note: syntax checking of <b>value</b> is currently not performed unless a <b>SSL</b> or <b>SSL_CTX</b> structure is associated with <b>cctx</b>.</p>
+
+</dd>
+<dt id="ciphersuites"><b>-ciphersuites</b></dt>
+<dd>
+
+<p>Sets the available ciphersuites for TLSv1.3 to value. This is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names in order of preference. This list will be combined any configured TLSv1.2 and below ciphersuites. See <a href="../man1/ciphers.html">ciphers(1)</a> for more information.</p>
+
+</dd>
+<dt id="cert"><b>-cert</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the certificate for the appropriate context. It currently uses SSL_CTX_use_certificate_chain_file() if an <b>SSL_CTX</b> structure is set or SSL_use_certificate_file() with filetype PEM if an <b>SSL</b> structure is set. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="key"><b>-key</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the private key for the appropriate context. This option is only supported if certificate operations are permitted. Note: if no <b>-key</b> option is set then a private key is not loaded unless the flag <b>SSL_CONF_FLAG_REQUIRE_PRIVATE</b> is set.</p>
+
+</dd>
+<dt id="dhparam"><b>-dhparam</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the set of temporary DH parameters for the appropriate context. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="record_padding"><b>-record_padding</b></dt>
+<dd>
+
+<p>Attempts to pad TLSv1.3 records so that they are a multiple of <b>value</b> in length on send. A <b>value</b> of 0 or 1 turns off padding. Otherwise, the <b>value</b> must be &gt;1 or &lt;=16384.</p>
+
+</dd>
+<dt id="no_renegotiation"><b>-no_renegotiation</b></dt>
+<dd>
+
+<p>Disables all attempts at renegotiation in TLSv1.2 and earlier, same as setting <b>SSL_OP_NO_RENEGOTIATION</b>.</p>
+
+</dd>
+<dt id="min_protocol--max_protocol"><b>-min_protocol</b>, <b>-max_protocol</b></dt>
+<dd>
+
+<p>Sets the minimum and maximum supported protocol. Currently supported protocol values are <b>SSLv3</b>, <b>TLSv1</b>, <b>TLSv1.1</b>, <b>TLSv1.2</b>, <b>TLSv1.3</b> for TLS and <b>DTLSv1</b>, <b>DTLSv1.2</b> for DTLS, and <b>None</b> for no limit. If either bound is not specified then only the other bound applies, if specified. To restrict the supported protocol versions use these commands rather than the deprecated alternative commands below.</p>
+
+</dd>
+<dt id="no_ssl3--no_tls1--no_tls1_1--no_tls1_2--no_tls1_3"><b>-no_ssl3</b>, <b>-no_tls1</b>, <b>-no_tls1_1</b>, <b>-no_tls1_2</b>, <b>-no_tls1_3</b></dt>
+<dd>
+
+<p>Disables protocol support for SSLv3, TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3 by setting the corresponding options <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> respectively. These options are deprecated, instead use <b>-min_protocol</b> and <b>-max_protocol</b>.</p>
+
+</dd>
+<dt id="bugs"><b>-bugs</b></dt>
+<dd>
+
+<p>Various bug workarounds are set, same as setting <b>SSL_OP_ALL</b>.</p>
+
+</dd>
+<dt id="comp"><b>-comp</b></dt>
+<dd>
+
+<p>Enables support for SSL/TLS compression, same as clearing <b>SSL_OP_NO_COMPRESSION</b>. This command was introduced in OpenSSL 1.1.0. As of OpenSSL 1.1.0, compression is off by default.</p>
+
+</dd>
+<dt id="no_comp"><b>-no_comp</b></dt>
+<dd>
+
+<p>Disables support for SSL/TLS compression, same as setting <b>SSL_OP_NO_COMPRESSION</b>. As of OpenSSL 1.1.0, compression is off by default.</p>
+
+</dd>
+<dt id="no_ticket"><b>-no_ticket</b></dt>
+<dd>
+
+<p>Disables support for session tickets, same as setting <b>SSL_OP_NO_TICKET</b>.</p>
+
+</dd>
+<dt id="serverpref"><b>-serverpref</b></dt>
+<dd>
+
+<p>Use server and not client preference order when determining which cipher suite, signature algorithm or elliptic curve to use for an incoming connection. Equivalent to <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>. Only used by servers.</p>
+
+</dd>
+<dt id="prioritize_chacha"><b>-prioritize_chacha</b></dt>
+<dd>
+
+<p>Prioritize ChaCha ciphers when the client has a ChaCha20 cipher at the top of its preference list. This usually indicates a client without AES hardware acceleration (e.g. mobile) is in use. Equivalent to <b>SSL_OP_PRIORITIZE_CHACHA</b>. Only used by servers. Requires <b>-serverpref</b>.</p>
+
+</dd>
+<dt id="no_resumption_on_reneg"><b>-no_resumption_on_reneg</b></dt>
+<dd>
+
+<p>set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. Only used by servers.</p>
+
+</dd>
+<dt id="legacyrenegotiation"><b>-legacyrenegotiation</b></dt>
+<dd>
+
+<p>permits the use of unsafe legacy renegotiation. Equivalent to setting <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b>.</p>
+
+</dd>
+<dt id="legacy_server_connect--no_legacy_server_connect"><b>-legacy_server_connect</b>, <b>-no_legacy_server_connect</b></dt>
+<dd>
+
+<p>permits or prohibits the use of unsafe legacy renegotiation for OpenSSL clients only. Equivalent to setting or clearing <b>SSL_OP_LEGACY_SERVER_CONNECT</b>. Set by default.</p>
+
+</dd>
+<dt id="allow_no_dhe_kex"><b>-allow_no_dhe_kex</b></dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="strict"><b>-strict</b></dt>
+<dd>
+
+<p>enables strict mode protocol handling. Equivalent to setting <b>SSL_CERT_FLAG_TLS_STRICT</b>.</p>
+
+</dd>
+<dt id="anti_replay--no_anti_replay"><b>-anti_replay</b>, <b>-no_anti_replay</b></dt>
+<dd>
+
+<p>Switches replay protection, on or off respectively. With replay protection on, OpenSSL will automatically detect if a session ticket has been used more than once, TLSv1.3 has been negotiated, and early data is enabled on the server. A full handshake is forced if a session ticket is used a second or subsequent time. Anti-Replay is on by default unless overridden by a configuration file and is only used by servers. Anti-replay measures are required for compliance with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built-in OpenSSL functionality is not required. Switching off anti-replay is equivalent to <b>SSL_OP_NO_ANTI_REPLAY</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SUPPORTED-CONFIGURATION-FILE-COMMANDS">SUPPORTED CONFIGURATION FILE COMMANDS</h1>
+
+<p>Currently supported <b>cmd</b> names for configuration files (i.e. when the flag <b>SSL_CONF_FLAG_FILE</b> is set) are listed below. All configuration file <b>cmd</b> names are case insensitive so <b>signaturealgorithms</b> is recognised as well as <b>SignatureAlgorithms</b>. Unless otherwise stated the <b>value</b> names are also case insensitive.</p>
+
+<p>Note: the command prefix (if set) alters the recognised <b>cmd</b> values.</p>
+
+<dl>
+
+<dt id="CipherString"><b>CipherString</b></dt>
+<dd>
+
+<p>Sets the ciphersuite list for TLSv1.2 and below to <b>value</b>. This list will be combined with any configured TLSv1.3 ciphersuites. Note: syntax checking of <b>value</b> is currently not performed unless an <b>SSL</b> or <b>SSL_CTX</b> structure is associated with <b>cctx</b>.</p>
+
+</dd>
+<dt id="Ciphersuites"><b>Ciphersuites</b></dt>
+<dd>
+
+<p>Sets the available ciphersuites for TLSv1.3 to <b>value</b>. This is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names in order of preference. This list will be combined any configured TLSv1.2 and below ciphersuites. See <a href="../man1/ciphers.html">ciphers(1)</a> for more information.</p>
+
+</dd>
+<dt id="Certificate"><b>Certificate</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the certificate for the appropriate context. It currently uses SSL_CTX_use_certificate_chain_file() if an <b>SSL_CTX</b> structure is set or SSL_use_certificate_file() with filetype PEM if an <b>SSL</b> structure is set. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="PrivateKey"><b>PrivateKey</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the private key for the appropriate context. This option is only supported if certificate operations are permitted. Note: if no <b>PrivateKey</b> option is set then a private key is not loaded unless the <b>SSL_CONF_FLAG_REQUIRE_PRIVATE</b> is set.</p>
+
+</dd>
+<dt id="ChainCAFile-ChainCAPath-VerifyCAFile-VerifyCAPath"><b>ChainCAFile</b>, <b>ChainCAPath</b>, <b>VerifyCAFile</b>, <b>VerifyCAPath</b></dt>
+<dd>
+
+<p>These options indicate a file or directory used for building certificate chains or verifying certificate chains. These options are only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="RequestCAFile"><b>RequestCAFile</b></dt>
+<dd>
+
+<p>This option indicates a file containing a set of certificates in PEM form. The subject names of the certificates are sent to the peer in the <b>certificate_authorities</b> extension for TLS 1.3 (in ClientHello or CertificateRequest) or in a certificate request for previous versions or TLS.</p>
+
+</dd>
+<dt id="ServerInfoFile"><b>ServerInfoFile</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> in the &quot;serverinfo&quot; extension using the function SSL_CTX_use_serverinfo_file.</p>
+
+</dd>
+<dt id="DHParameters"><b>DHParameters</b></dt>
+<dd>
+
+<p>Attempts to use the file <b>value</b> as the set of temporary DH parameters for the appropriate context. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+<dt id="RecordPadding"><b>RecordPadding</b></dt>
+<dd>
+
+<p>Attempts to pad TLSv1.3 records so that they are a multiple of <b>value</b> in length on send. A <b>value</b> of 0 or 1 turns off padding. Otherwise, the <b>value</b> must be &gt;1 or &lt;=16384.</p>
+
+</dd>
+<dt id="SignatureAlgorithms"><b>SignatureAlgorithms</b></dt>
+<dd>
+
+<p>This sets the supported signature algorithms for TLSv1.2 and TLSv1.3. For clients this value is used directly for the supported signature algorithms extension. For servers it is used to determine which signature algorithms to support.</p>
+
+<p>The <b>value</b> argument should be a colon separated list of signature algorithms in order of decreasing preference of the form <b>algorithm+hash</b> or <b>signature_scheme</b>. <b>algorithm</b> is one of <b>RSA</b>, <b>DSA</b> or <b>ECDSA</b> and <b>hash</b> is a supported algorithm OID short name such as <b>SHA1</b>, <b>SHA224</b>, <b>SHA256</b>, <b>SHA384</b> of <b>SHA512</b>. Note: algorithm and hash names are case sensitive. <b>signature_scheme</b> is one of the signature schemes defined in TLSv1.3, specified using the IETF name, e.g., <b>ecdsa_secp256r1_sha256</b>, <b>ed25519</b>, or <b>rsa_pss_pss_sha256</b>.</p>
+
+<p>If this option is not set then all signature algorithms supported by the OpenSSL library are permissible.</p>
+
+<p>Note: algorithms which specify a PKCS#1 v1.5 signature scheme (either by using <b>RSA</b> as the <b>algorithm</b> or by using one of the <b>rsa_pkcs1_*</b> identifiers) are ignored in TLSv1.3 and will not be negotiated.</p>
+
+</dd>
+<dt id="ClientSignatureAlgorithms"><b>ClientSignatureAlgorithms</b></dt>
+<dd>
+
+<p>This sets the supported signature algorithms associated with client authentication for TLSv1.2 and TLSv1.3. For servers the value is used in the <b>signature_algorithms</b> field of a <b>CertificateRequest</b> message. For clients it is used to determine which signature algorithm to use with the client certificate. If a server does not request a certificate this option has no effect.</p>
+
+<p>The syntax of <b>value</b> is identical to <b>SignatureAlgorithms</b>. If not set then the value set for <b>SignatureAlgorithms</b> will be used instead.</p>
+
+</dd>
+<dt id="Groups"><b>Groups</b></dt>
+<dd>
+
+<p>This sets the supported groups. For clients, the groups are sent using the supported groups extension. For servers, it is used to determine which group to use. This setting affects groups used for signatures (in TLSv1.2 and earlier) and key exchange. The first group listed will also be used for the <b>key_share</b> sent by a client in a TLSv1.3 <b>ClientHello</b>.</p>
+
+<p>The <b>value</b> argument is a colon separated list of groups. The group can be either the <b>NIST</b> name (e.g. <b>P-256</b>), some other commonly used name where applicable (e.g. <b>X25519</b>) or an OpenSSL OID name (e.g <b>prime256v1</b>). Group names are case sensitive. The list should be in order of preference with the most preferred group first.</p>
+
+</dd>
+<dt id="Curves"><b>Curves</b></dt>
+<dd>
+
+<p>This is a synonym for the &quot;Groups&quot; command.</p>
+
+</dd>
+<dt id="MinProtocol"><b>MinProtocol</b></dt>
+<dd>
+
+<p>This sets the minimum supported SSL, TLS or DTLS version.</p>
+
+<p>Currently supported protocol values are <b>SSLv3</b>, <b>TLSv1</b>, <b>TLSv1.1</b>, <b>TLSv1.2</b>, <b>TLSv1.3</b>, <b>DTLSv1</b> and <b>DTLSv1.2</b>. The value <b>None</b> will disable the limit.</p>
+
+</dd>
+<dt id="MaxProtocol"><b>MaxProtocol</b></dt>
+<dd>
+
+<p>This sets the maximum supported SSL, TLS or DTLS version.</p>
+
+<p>Currently supported protocol values are <b>SSLv3</b>, <b>TLSv1</b>, <b>TLSv1.1</b>, <b>TLSv1.2</b>, <b>TLSv1.3</b>, <b>DTLSv1</b> and <b>DTLSv1.2</b>. The value <b>None</b> will disable the limit.</p>
+
+</dd>
+<dt id="Protocol"><b>Protocol</b></dt>
+<dd>
+
+<p>This can be used to enable or disable certain versions of the SSL, TLS or DTLS protocol.</p>
+
+<p>The <b>value</b> argument is a comma separated list of supported protocols to enable or disable. If a protocol is preceded by <b>-</b> that version is disabled.</p>
+
+<p>All protocol versions are enabled by default. You need to disable at least one protocol version for this setting have any effect. Only enabling some protocol versions does not disable the other protocol versions.</p>
+
+<p>Currently supported protocol values are <b>SSLv3</b>, <b>TLSv1</b>, <b>TLSv1.1</b>, <b>TLSv1.2</b>, <b>TLSv1.3</b>, <b>DTLSv1</b> and <b>DTLSv1.2</b>. The special value <b>ALL</b> refers to all supported versions.</p>
+
+<p>This can&#39;t enable protocols that are disabled using <b>MinProtocol</b> or <b>MaxProtocol</b>, but can disable protocols that are still allowed by them.</p>
+
+<p>The <b>Protocol</b> command is fragile and deprecated; do not use it. Use <b>MinProtocol</b> and <b>MaxProtocol</b> instead. If you do use <b>Protocol</b>, make sure that the resulting range of enabled protocols has no &quot;holes&quot;, e.g. if TLS 1.0 and TLS 1.2 are both enabled, make sure to also leave TLS 1.1 enabled.</p>
+
+</dd>
+<dt id="Options"><b>Options</b></dt>
+<dd>
+
+<p>The <b>value</b> argument is a comma separated list of various flags to set. If a flag string is preceded <b>-</b> it is disabled. See the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> function for more details of individual options.</p>
+
+<p>Each option is listed below. Where an operation is enabled by default the <b>-flag</b> syntax is needed to disable it.</p>
+
+<p><b>SessionTicket</b>: session ticket support, enabled by default. Inverse of <b>SSL_OP_NO_TICKET</b>: that is <b>-SessionTicket</b> is the same as setting <b>SSL_OP_NO_TICKET</b>.</p>
+
+<p><b>Compression</b>: SSL/TLS compression support, enabled by default. Inverse of <b>SSL_OP_NO_COMPRESSION</b>.</p>
+
+<p><b>EmptyFragments</b>: use empty fragments as a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers. It is set by default. Inverse of <b>SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</b>.</p>
+
+<p><b>Bugs</b>: enable various bug workarounds. Same as <b>SSL_OP_ALL</b>.</p>
+
+<p><b>DHSingle</b>: enable single use DH keys, set by default. Inverse of <b>SSL_OP_DH_SINGLE</b>. Only used by servers.</p>
+
+<p><b>ECDHSingle</b>: enable single use ECDH keys, set by default. Inverse of <b>SSL_OP_ECDH_SINGLE</b>. Only used by servers.</p>
+
+<p><b>ServerPreference</b>: use server and not client preference order when determining which cipher suite, signature algorithm or elliptic curve to use for an incoming connection. Equivalent to <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>. Only used by servers.</p>
+
+<p><b>PrioritizeChaCha</b>: prioritizes ChaCha ciphers when the client has a ChaCha20 cipher at the top of its preference list. This usually indicates a mobile client is in use. Equivalent to <b>SSL_OP_PRIORITIZE_CHACHA</b>. Only used by servers.</p>
+
+<p><b>NoResumptionOnRenegotiation</b>: set <b>SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</b> flag. Only used by servers.</p>
+
+<p><b>NoRenegotiation</b>: disables all attempts at renegotiation in TLSv1.2 and earlier, same as setting <b>SSL_OP_NO_RENEGOTIATION</b>.</p>
+
+<p><b>UnsafeLegacyRenegotiation</b>: permits the use of unsafe legacy renegotiation. Equivalent to <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b>.</p>
+
+<p><b>UnsafeLegacyServerConnect</b>: permits the use of unsafe legacy renegotiation for OpenSSL clients only. Equivalent to <b>SSL_OP_LEGACY_SERVER_CONNECT</b>. Set by default.</p>
+
+<p><b>EncryptThenMac</b>: use encrypt-then-mac extension, enabled by default. Inverse of <b>SSL_OP_NO_ENCRYPT_THEN_MAC</b>: that is, <b>-EncryptThenMac</b> is the same as setting <b>SSL_OP_NO_ENCRYPT_THEN_MAC</b>.</p>
+
+<p><b>AllowNoDHEKEX</b>: In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session. Equivalent to <b>SSL_OP_ALLOW_NO_DHE_KEX</b>.</p>
+
+<p><b>MiddleboxCompat</b>: If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. This option is set by default. A future version of OpenSSL may not set this by default. Equivalent to <b>SSL_OP_ENABLE_MIDDLEBOX_COMPAT</b>.</p>
+
+<p><b>AntiReplay</b>: If set then OpenSSL will automatically detect if a session ticket has been used more than once, TLSv1.3 has been negotiated, and early data is enabled on the server. A full handshake is forced if a session ticket is used a second or subsequent time. This option is set by default and is only used by servers. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built-in OpenSSL functionality is not required. Disabling anti-replay is equivalent to setting <b>SSL_OP_NO_ANTI_REPLAY</b>.</p>
+
+</dd>
+<dt id="VerifyMode"><b>VerifyMode</b></dt>
+<dd>
+
+<p>The <b>value</b> argument is a comma separated list of flags to set.</p>
+
+<p><b>Peer</b> enables peer verification: for clients only.</p>
+
+<p><b>Request</b> requests but does not require a certificate from the client. Servers only.</p>
+
+<p><b>Require</b> requests and requires a certificate from the client: an error occurs if the client does not present a certificate. Servers only.</p>
+
+<p><b>Once</b> requests a certificate from a client only on the initial connection: not when renegotiating. Servers only.</p>
+
+<p><b>RequestPostHandshake</b> configures the connection to support requests but does not require a certificate from the client post-handshake. A certificate will not be requested during the initial handshake. The server application must provide a mechanism to request a certificate post-handshake. Servers only. TLSv1.3 only.</p>
+
+<p><b>RequiresPostHandshake</b> configures the connection to support requests and requires a certificate from the client post-handshake: an error occurs if the client does not present a certificate. A certificate will not be requested during the initial handshake. The server application must provide a mechanism to request a certificate post-handshake. Servers only. TLSv1.3 only.</p>
+
+</dd>
+<dt id="ClientCAFile-ClientCAPath"><b>ClientCAFile</b>, <b>ClientCAPath</b></dt>
+<dd>
+
+<p>A file or directory of certificates in PEM format whose names are used as the set of acceptable names for client CAs. Servers only. This option is only supported if certificate operations are permitted.</p>
+
+</dd>
+</dl>
+
+<h1 id="SUPPORTED-COMMAND-TYPES">SUPPORTED COMMAND TYPES</h1>
+
+<p>The function SSL_CONF_cmd_value_type() currently returns one of the following types:</p>
+
+<dl>
+
+<dt id="SSL_CONF_TYPE_UNKNOWN"><b>SSL_CONF_TYPE_UNKNOWN</b></dt>
+<dd>
+
+<p>The <b>cmd</b> string is unrecognised, this return value can be use to flag syntax errors.</p>
+
+</dd>
+<dt id="SSL_CONF_TYPE_STRING"><b>SSL_CONF_TYPE_STRING</b></dt>
+<dd>
+
+<p>The value is a string without any specific structure.</p>
+
+</dd>
+<dt id="SSL_CONF_TYPE_FILE"><b>SSL_CONF_TYPE_FILE</b></dt>
+<dd>
+
+<p>The value is a file name.</p>
+
+</dd>
+<dt id="SSL_CONF_TYPE_DIR"><b>SSL_CONF_TYPE_DIR</b></dt>
+<dd>
+
+<p>The value is a directory name.</p>
+
+</dd>
+<dt id="SSL_CONF_TYPE_NONE"><b>SSL_CONF_TYPE_NONE</b></dt>
+<dd>
+
+<p>The value string is not used e.g. a command line option which doesn&#39;t take an argument.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The order of operations is significant. This can be used to set either defaults or values which cannot be overridden. For example if an application calls:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;-SSLv3&quot;);
+ SSL_CONF_cmd(ctx, userparam, uservalue);</code></pre>
+
+<p>it will disable SSLv3 support by default but the user can override it. If however the call sequence is:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, userparam, uservalue);
+ SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;-SSLv3&quot;);</code></pre>
+
+<p>SSLv3 is <b>always</b> disabled and attempt to override this by the user are ignored.</p>
+
+<p>By checking the return code of SSL_CONF_cmd() it is possible to query if a given <b>cmd</b> is recognised, this is useful if SSL_CONF_cmd() values are mixed with additional application specific operations.</p>
+
+<p>For example an application might call SSL_CONF_cmd() and if it returns -2 (unrecognised command) continue with processing of application specific commands.</p>
+
+<p>Applications can also use SSL_CONF_cmd() to process command lines though the utility function SSL_CONF_cmd_argv() is normally used instead. One way to do this is to set the prefix to an appropriate value using SSL_CONF_CTX_set1_prefix(), pass the current argument to <b>cmd</b> and the following argument to <b>value</b> (which may be NULL).</p>
+
+<p>In this case if the return value is positive then it is used to skip that number of arguments as they have been processed by SSL_CONF_cmd(). If -2 is returned then <b>cmd</b> is not recognised and application specific arguments can be checked instead. If -3 is returned a required argument is missing and an error is indicated. If 0 is returned some other error occurred and this can be reported back to the user.</p>
+
+<p>The function SSL_CONF_cmd_value_type() can be used by applications to check for the existence of a command or to perform additional syntax checking or translation of the command value. For example if the return value is <b>SSL_CONF_TYPE_FILE</b> an application could translate a relative pathname to an absolute pathname.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;SignatureAlgorithms&quot;, &quot;ECDSA+SHA256:RSA+SHA256:DSA+SHA256&quot;);</code></pre>
+
+<p>There are various ways to select the supported protocols.</p>
+
+<p>This set the minimum protocol version to TLSv1, and so disables SSLv3. This is the recommended way to disable protocols.</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;MinProtocol&quot;, &quot;TLSv1&quot;);</code></pre>
+
+<p>The following also disables SSLv3:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;-SSLv3&quot;);</code></pre>
+
+<p>The following will first enable all protocols, and then disable SSLv3. If no protocol versions were disabled before this has the same effect as &quot;-SSLv3&quot;, but if some versions were disables this will re-enable them before disabling SSLv3.</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;ALL,-SSLv3&quot;);</code></pre>
+
+<p>Only enable TLSv1.2:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;MinProtocol&quot;, &quot;TLSv1.2&quot;);
+ SSL_CONF_cmd(ctx, &quot;MaxProtocol&quot;, &quot;TLSv1.2&quot;);</code></pre>
+
+<p>This also only enables TLSv1.2:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Protocol&quot;, &quot;-ALL,TLSv1.2&quot;);</code></pre>
+
+<p>Disable TLS session tickets:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Options&quot;, &quot;-SessionTicket&quot;);</code></pre>
+
+<p>Enable compression:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Options&quot;, &quot;Compression&quot;);</code></pre>
+
+<p>Set supported curves to P-256, P-384:</p>
+
+<pre><code> SSL_CONF_cmd(ctx, &quot;Curves&quot;, &quot;P-256:P-384&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CONF_cmd() returns 1 if the value of <b>cmd</b> is recognised and <b>value</b> is <b>NOT</b> used and 2 if both <b>cmd</b> and <b>value</b> are used. In other words it returns the number of arguments processed. This is useful when processing command lines.</p>
+
+<p>A return value of -2 means <b>cmd</b> is not recognised.</p>
+
+<p>A return value of -3 means <b>cmd</b> is recognised and the command requires a value but <b>value</b> is NULL.</p>
+
+<p>A return code of 0 indicates that both <b>cmd</b> and <b>value</b> are valid but an error occurred attempting to perform the operation: for example due to an error in the syntax of <b>value</b> in this case the error queue may provide additional information.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a>, <a href="../man3/SSL_CONF_CTX_set_flags.html">SSL_CONF_CTX_set_flags(3)</a>, <a href="../man3/SSL_CONF_CTX_set1_prefix.html">SSL_CONF_CTX_set1_prefix(3)</a>, <a href="../man3/SSL_CONF_CTX_set_ssl_ctx.html">SSL_CONF_CTX_set_ssl_ctx(3)</a>, <a href="../man3/SSL_CONF_cmd_argv.html">SSL_CONF_cmd_argv(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CONF_cmd() function was added in OpenSSL 1.0.2.</p>
+
+<p>The <b>SSL_OP_NO_SSL2</b> option doesn&#39;t have effect since 1.1.0, but the macro is retained for backwards compatibility.</p>
+
+<p>The <b>SSL_CONF_TYPE_NONE</b> was added in OpenSSL 1.1.0. In earlier versions of OpenSSL passing a command which didn&#39;t take an argument would return <b>SSL_CONF_TYPE_UNKNOWN</b>.</p>
+
+<p><b>MinProtocol</b> and <b>MaxProtocol</b> where added in OpenSSL 1.1.0.</p>
+
+<p><b>AllowNoDHEKEX</b> and <b>PrioritizeChaCha</b> were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add0_chain_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add0_chain_cert.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add0_chain_cert.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add1_chain_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add1_chain_cert.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add1_chain_cert.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add1_to_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add1_to_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add1_to_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_client_CA.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_client_CA.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_client_CA.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_client_custom_ext.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_client_custom_ext.html
new file mode 100644
index 000000000..9df0f6450
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_client_custom_ext.html
@@ -0,0 +1,261 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_extension_supported</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#EXTENSION-CALLBACKS">EXTENSION CALLBACKS</a></li>
+  <li><a href="#EXTENSION-CONTEXTS">EXTENSION CONTEXTS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_extension_supported, SSL_CTX_add_custom_ext, SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext, custom_ext_add_cb, custom_ext_free_cb, custom_ext_parse_cb - custom TLS extension handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_custom_ext_add_cb_ex) (SSL *s, unsigned int ext_type,
+                                          unsigned int context,
+                                          const unsigned char **out,
+                                          size_t *outlen, X509 *x,
+                                          size_t chainidx, int *al,
+                                          void *add_arg);
+
+ typedef void (*SSL_custom_ext_free_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *out,
+                                            void *add_arg);
+
+ typedef int (*SSL_custom_ext_parse_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *in,
+                                            size_t inlen, X509 *x,
+                                            size_t chainidx, int *al,
+                                            void *parse_arg);
+
+ int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                            unsigned int context,
+                            SSL_custom_ext_add_cb_ex add_cb,
+                            SSL_custom_ext_free_cb_ex free_cb,
+                            void *add_arg,
+                            SSL_custom_ext_parse_cb_ex parse_cb,
+                            void *parse_arg);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+                                  const unsigned char **out,
+                                  size_t *outlen, int *al,
+                                  void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *out,
+                                    void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *in,
+                                    size_t inlen, int *al,
+                                    void *parse_arg);
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_custom_ext() adds a custom extension for a TLS/DTLS client or server for all supported protocol versions with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b> (see the <a href="#EXTENSION-CALLBACKS">&quot;EXTENSION CALLBACKS&quot;</a> section below). The <b>context</b> value determines which messages and under what conditions the extension will be added/parsed (see the <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> section below).</p>
+
+<p>SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS/DTLS client with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to clients, uses the older style of callbacks, and implicitly sets the <b>context</b> value to:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS/DTLS server with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to servers, uses the older style of callbacks, and implicitly sets the <b>context</b> value to the same as for SSL_CTX_add_client_custom_ext() above.</p>
+
+<p>The <b>ext_type</b> parameter corresponds to the <b>extension_type</b> field of RFC5246 et al. It is <b>not</b> a NID. In all cases the extension type must not be handled by OpenSSL internally or an error occurs.</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="EXTENSION-CALLBACKS">EXTENSION CALLBACKS</h1>
+
+<p>The callback <b>add_cb</b> is called to send custom extension data to be included in various TLS messages. The <b>ext_type</b> parameter is set to the extension type which will be added and <b>add_arg</b> to the value set when the extension handler was added. When using the new style callbacks the <b>context</b> parameter will indicate which message is currently being constructed e.g. for the ClientHello it will be set to <b>SSL_EXT_CLIENT_HELLO</b>.</p>
+
+<p>If the application wishes to include the extension <b>ext_type</b> it should set <b>*out</b> to the extension data, set <b>*outlen</b> to the length of the extension data and return 1.</p>
+
+<p>If the <b>add_cb</b> does not wish to include the extension it must return 0.</p>
+
+<p>If <b>add_cb</b> returns -1 a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>When constructing the ClientHello, if <b>add_cb</b> is set to NULL a zero length extension is added for <b>ext_type</b>. For all other messages if <b>add_cb</b> is set to NULL then no extension is added.</p>
+
+<p>When constructing a Certificate message the callback will be called for each certificate in the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0. The certificates are in the order that they were received in the Certificate message.</p>
+
+<p>For all messages except the ServerHello and EncryptedExtensions every registered <b>add_cb</b> is always called to see if the application wishes to add an extension (as long as all requirements of the specified <b>context</b> are met).</p>
+
+<p>For the ServerHello and EncryptedExtension messages every registered <b>add_cb</b> is called once if and only if the requirements of the specified <b>context</b> are met and the corresponding extension was received in the ClientHello. That is, if no corresponding extension was received in the ClientHello then <b>add_cb</b> will not be called.</p>
+
+<p>If an extension is added (that is <b>add_cb</b> returns 1) <b>free_cb</b> is called (if it is set) with the value of <b>out</b> set by the add callback. It can be used to free up any dynamic extension data set by <b>add_cb</b>. Since <b>out</b> is constant (to permit use of constant data in <b>add_cb</b>) applications may need to cast away const to free the data.</p>
+
+<p>The callback <b>parse_cb</b> receives data for TLS extensions. The callback is only called if the extension is present and relevant for the context (see <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> below).</p>
+
+<p>The extension data consists of <b>inlen</b> bytes in the buffer <b>in</b> for the extension <b>ext_type</b>.</p>
+
+<p>If the message being parsed is a TLSv1.3 compatible Certificate message then <b>parse_cb</b> will be called for each certificate contained within the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0.</p>
+
+<p>If the <b>parse_cb</b> considers the extension data acceptable it must return 1. If it returns 0 or a negative value a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>The buffer <b>in</b> is a temporary internal buffer which will not be valid after the callback returns.</p>
+
+<h1 id="EXTENSION-CONTEXTS">EXTENSION CONTEXTS</h1>
+
+<p>An extension context defines which messages and under which conditions an extension should be added or expected. The context is built up by performing a bitwise OR of multiple pre-defined values together. The valid context values are:</p>
+
+<dl>
+
+<dt id="SSL_EXT_TLS_ONLY">SSL_EXT_TLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in TLS</p>
+
+</dd>
+<dt id="SSL_EXT_DTLS_ONLY">SSL_EXT_DTLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in DTLS</p>
+
+</dd>
+<dt id="SSL_EXT_TLS_IMPLEMENTATION_ONLY">SSL_EXT_TLS_IMPLEMENTATION_ONLY</dt>
+<dd>
+
+<p>The extension is allowed in DTLS, but there is only a TLS implementation available (so it is ignored in DTLS).</p>
+
+</dd>
+<dt id="SSL_EXT_SSL3_ALLOWED">SSL_EXT_SSL3_ALLOWED</dt>
+<dd>
+
+<p>Extensions are not typically defined for SSLv3. Setting this value will allow the extension in SSLv3. Applications will not typically need to use this.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_AND_BELOW_ONLY">SSL_EXT_TLS1_2_AND_BELOW_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLSv1.2/DTLSv1.2 and below. Servers will ignore this extension if it is present in the ClientHello and TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ONLY">SSL_EXT_TLS1_3_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLS1.3 and above. Servers will ignore this extension if it is present in the ClientHello and TLSv1.2 or below is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_IGNORE_ON_RESUMPTION">SSL_EXT_IGNORE_ON_RESUMPTION</dt>
+<dd>
+
+<p>The extension will be ignored during parsing if a previous session is being successfully resumed.</p>
+
+</dd>
+<dt id="SSL_EXT_CLIENT_HELLO">SSL_EXT_CLIENT_HELLO</dt>
+<dd>
+
+<p>The extension may be present in the ClientHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_SERVER_HELLO">SSL_EXT_TLS1_2_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.2 or below compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_SERVER_HELLO">SSL_EXT_TLS1_3_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS">SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS</dt>
+<dd>
+
+<p>The extension may be present in an EncryptedExtensions message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST">SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a HelloRetryRequest message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE">SSL_EXT_TLS1_3_CERTIFICATE</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible Certificate message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_NEW_SESSION_TICKET">SSL_EXT_TLS1_3_NEW_SESSION_TICKET</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible NewSessionTicket message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE_REQUEST">SSL_EXT_TLS1_3_CERTIFICATE_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible CertificateRequest message.</p>
+
+</dd>
+</dl>
+
+<p>The context must include at least one message value (otherwise the extension will never be used).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>add_arg</b> and <b>parse_arg</b> parameters can be set to arbitrary values which will be passed to the corresponding callbacks. They can, for example, be used to store the extension data received in a convenient structure or pass the extension data to be added or freed when adding extensions.</p>
+
+<p>If the same custom extension type is received multiple times a fatal <b>decode_error</b> alert is sent and the handshake aborts. If a custom extension is received in a ServerHello/EncryptedExtensions message which was not sent in the ClientHello a fatal <b>unsupported_extension</b> alert is sent and the handshake is aborted. The ServerHello/EncryptedExtensions <b>add_cb</b> callback is only called if the corresponding extension was received in the ClientHello. This is compliant with the TLS specifications. This behaviour ensures that each callback is called at most once and that an application can never send unsolicited extensions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_custom_ext(), SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 for success and 0 for failure. A failure can occur if an attempt is made to add the same <b>ext_type</b> more than once, if an attempt is made to use an extension type handled internally by OpenSSL or if an internal error occurs (for example a memory allocation failure).</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_add_custom_ext() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_custom_ext.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_custom_ext.html
new file mode 100644
index 000000000..9df0f6450
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_custom_ext.html
@@ -0,0 +1,261 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_extension_supported</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#EXTENSION-CALLBACKS">EXTENSION CALLBACKS</a></li>
+  <li><a href="#EXTENSION-CONTEXTS">EXTENSION CONTEXTS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_extension_supported, SSL_CTX_add_custom_ext, SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext, custom_ext_add_cb, custom_ext_free_cb, custom_ext_parse_cb - custom TLS extension handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_custom_ext_add_cb_ex) (SSL *s, unsigned int ext_type,
+                                          unsigned int context,
+                                          const unsigned char **out,
+                                          size_t *outlen, X509 *x,
+                                          size_t chainidx, int *al,
+                                          void *add_arg);
+
+ typedef void (*SSL_custom_ext_free_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *out,
+                                            void *add_arg);
+
+ typedef int (*SSL_custom_ext_parse_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *in,
+                                            size_t inlen, X509 *x,
+                                            size_t chainidx, int *al,
+                                            void *parse_arg);
+
+ int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                            unsigned int context,
+                            SSL_custom_ext_add_cb_ex add_cb,
+                            SSL_custom_ext_free_cb_ex free_cb,
+                            void *add_arg,
+                            SSL_custom_ext_parse_cb_ex parse_cb,
+                            void *parse_arg);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+                                  const unsigned char **out,
+                                  size_t *outlen, int *al,
+                                  void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *out,
+                                    void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *in,
+                                    size_t inlen, int *al,
+                                    void *parse_arg);
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_custom_ext() adds a custom extension for a TLS/DTLS client or server for all supported protocol versions with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b> (see the <a href="#EXTENSION-CALLBACKS">&quot;EXTENSION CALLBACKS&quot;</a> section below). The <b>context</b> value determines which messages and under what conditions the extension will be added/parsed (see the <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> section below).</p>
+
+<p>SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS/DTLS client with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to clients, uses the older style of callbacks, and implicitly sets the <b>context</b> value to:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS/DTLS server with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to servers, uses the older style of callbacks, and implicitly sets the <b>context</b> value to the same as for SSL_CTX_add_client_custom_ext() above.</p>
+
+<p>The <b>ext_type</b> parameter corresponds to the <b>extension_type</b> field of RFC5246 et al. It is <b>not</b> a NID. In all cases the extension type must not be handled by OpenSSL internally or an error occurs.</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="EXTENSION-CALLBACKS">EXTENSION CALLBACKS</h1>
+
+<p>The callback <b>add_cb</b> is called to send custom extension data to be included in various TLS messages. The <b>ext_type</b> parameter is set to the extension type which will be added and <b>add_arg</b> to the value set when the extension handler was added. When using the new style callbacks the <b>context</b> parameter will indicate which message is currently being constructed e.g. for the ClientHello it will be set to <b>SSL_EXT_CLIENT_HELLO</b>.</p>
+
+<p>If the application wishes to include the extension <b>ext_type</b> it should set <b>*out</b> to the extension data, set <b>*outlen</b> to the length of the extension data and return 1.</p>
+
+<p>If the <b>add_cb</b> does not wish to include the extension it must return 0.</p>
+
+<p>If <b>add_cb</b> returns -1 a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>When constructing the ClientHello, if <b>add_cb</b> is set to NULL a zero length extension is added for <b>ext_type</b>. For all other messages if <b>add_cb</b> is set to NULL then no extension is added.</p>
+
+<p>When constructing a Certificate message the callback will be called for each certificate in the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0. The certificates are in the order that they were received in the Certificate message.</p>
+
+<p>For all messages except the ServerHello and EncryptedExtensions every registered <b>add_cb</b> is always called to see if the application wishes to add an extension (as long as all requirements of the specified <b>context</b> are met).</p>
+
+<p>For the ServerHello and EncryptedExtension messages every registered <b>add_cb</b> is called once if and only if the requirements of the specified <b>context</b> are met and the corresponding extension was received in the ClientHello. That is, if no corresponding extension was received in the ClientHello then <b>add_cb</b> will not be called.</p>
+
+<p>If an extension is added (that is <b>add_cb</b> returns 1) <b>free_cb</b> is called (if it is set) with the value of <b>out</b> set by the add callback. It can be used to free up any dynamic extension data set by <b>add_cb</b>. Since <b>out</b> is constant (to permit use of constant data in <b>add_cb</b>) applications may need to cast away const to free the data.</p>
+
+<p>The callback <b>parse_cb</b> receives data for TLS extensions. The callback is only called if the extension is present and relevant for the context (see <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> below).</p>
+
+<p>The extension data consists of <b>inlen</b> bytes in the buffer <b>in</b> for the extension <b>ext_type</b>.</p>
+
+<p>If the message being parsed is a TLSv1.3 compatible Certificate message then <b>parse_cb</b> will be called for each certificate contained within the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0.</p>
+
+<p>If the <b>parse_cb</b> considers the extension data acceptable it must return 1. If it returns 0 or a negative value a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>The buffer <b>in</b> is a temporary internal buffer which will not be valid after the callback returns.</p>
+
+<h1 id="EXTENSION-CONTEXTS">EXTENSION CONTEXTS</h1>
+
+<p>An extension context defines which messages and under which conditions an extension should be added or expected. The context is built up by performing a bitwise OR of multiple pre-defined values together. The valid context values are:</p>
+
+<dl>
+
+<dt id="SSL_EXT_TLS_ONLY">SSL_EXT_TLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in TLS</p>
+
+</dd>
+<dt id="SSL_EXT_DTLS_ONLY">SSL_EXT_DTLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in DTLS</p>
+
+</dd>
+<dt id="SSL_EXT_TLS_IMPLEMENTATION_ONLY">SSL_EXT_TLS_IMPLEMENTATION_ONLY</dt>
+<dd>
+
+<p>The extension is allowed in DTLS, but there is only a TLS implementation available (so it is ignored in DTLS).</p>
+
+</dd>
+<dt id="SSL_EXT_SSL3_ALLOWED">SSL_EXT_SSL3_ALLOWED</dt>
+<dd>
+
+<p>Extensions are not typically defined for SSLv3. Setting this value will allow the extension in SSLv3. Applications will not typically need to use this.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_AND_BELOW_ONLY">SSL_EXT_TLS1_2_AND_BELOW_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLSv1.2/DTLSv1.2 and below. Servers will ignore this extension if it is present in the ClientHello and TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ONLY">SSL_EXT_TLS1_3_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLS1.3 and above. Servers will ignore this extension if it is present in the ClientHello and TLSv1.2 or below is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_IGNORE_ON_RESUMPTION">SSL_EXT_IGNORE_ON_RESUMPTION</dt>
+<dd>
+
+<p>The extension will be ignored during parsing if a previous session is being successfully resumed.</p>
+
+</dd>
+<dt id="SSL_EXT_CLIENT_HELLO">SSL_EXT_CLIENT_HELLO</dt>
+<dd>
+
+<p>The extension may be present in the ClientHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_SERVER_HELLO">SSL_EXT_TLS1_2_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.2 or below compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_SERVER_HELLO">SSL_EXT_TLS1_3_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS">SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS</dt>
+<dd>
+
+<p>The extension may be present in an EncryptedExtensions message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST">SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a HelloRetryRequest message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE">SSL_EXT_TLS1_3_CERTIFICATE</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible Certificate message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_NEW_SESSION_TICKET">SSL_EXT_TLS1_3_NEW_SESSION_TICKET</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible NewSessionTicket message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE_REQUEST">SSL_EXT_TLS1_3_CERTIFICATE_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible CertificateRequest message.</p>
+
+</dd>
+</dl>
+
+<p>The context must include at least one message value (otherwise the extension will never be used).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>add_arg</b> and <b>parse_arg</b> parameters can be set to arbitrary values which will be passed to the corresponding callbacks. They can, for example, be used to store the extension data received in a convenient structure or pass the extension data to be added or freed when adding extensions.</p>
+
+<p>If the same custom extension type is received multiple times a fatal <b>decode_error</b> alert is sent and the handshake aborts. If a custom extension is received in a ServerHello/EncryptedExtensions message which was not sent in the ClientHello a fatal <b>unsupported_extension</b> alert is sent and the handshake is aborted. The ServerHello/EncryptedExtensions <b>add_cb</b> callback is only called if the corresponding extension was received in the ClientHello. This is compliant with the TLS specifications. This behaviour ensures that each callback is called at most once and that an application can never send unsolicited extensions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_custom_ext(), SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 for success and 0 for failure. A failure can occur if an attempt is made to add the same <b>ext_type</b> more than once, if an attempt is made to use an extension type handled internally by OpenSSL or if an internal error occurs (for example a memory allocation failure).</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_add_custom_ext() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_extra_chain_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_extra_chain_cert.html
new file mode 100644
index 000000000..ab1ecdfe1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_extra_chain_cert.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add_extra_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_add_extra_chain_cert, SSL_CTX_clear_extra_chain_certs - add or clear extra chain certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);
+ long SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_extra_chain_cert() adds the certificate <b>x509</b> to the extra chain certificates associated with <b>ctx</b>. Several certificates can be added one after another.</p>
+
+<p>SSL_CTX_clear_extra_chain_certs() clears all extra chain certificates associated with <b>ctx</b>.</p>
+
+<p>These functions are implemented as macros.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When sending a certificate chain, extra chain certificates are sent in order following the end entity certificate.</p>
+
+<p>If no chain is specified, the library will try to complete the chain from the available CA certificates in the trusted CA storage, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The <b>x509</b> certificate provided to SSL_CTX_add_extra_chain_cert() will be freed by the library when the <b>SSL_CTX</b> is destroyed. An application <b>should not</b> free the <b>x509</b> object.</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Only one set of extra chain certificates can be specified per SSL_CTX structure. Different chains for different certificates (for example if both RSA and DSA certificates are specified by the same server) or different SSL structures with the same parent SSL_CTX cannot be specified using this function. For more flexibility functions such as SSL_add1_chain_cert() should be used instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_extra_chain_cert() and SSL_CTX_clear_extra_chain_certs() return 1 on success and 0 for failure. Check out the error stack to find out the reason for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_server_custom_ext.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_server_custom_ext.html
new file mode 100644
index 000000000..9df0f6450
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_server_custom_ext.html
@@ -0,0 +1,261 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_extension_supported</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#EXTENSION-CALLBACKS">EXTENSION CALLBACKS</a></li>
+  <li><a href="#EXTENSION-CONTEXTS">EXTENSION CONTEXTS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_extension_supported, SSL_CTX_add_custom_ext, SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext, custom_ext_add_cb, custom_ext_free_cb, custom_ext_parse_cb - custom TLS extension handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_custom_ext_add_cb_ex) (SSL *s, unsigned int ext_type,
+                                          unsigned int context,
+                                          const unsigned char **out,
+                                          size_t *outlen, X509 *x,
+                                          size_t chainidx, int *al,
+                                          void *add_arg);
+
+ typedef void (*SSL_custom_ext_free_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *out,
+                                            void *add_arg);
+
+ typedef int (*SSL_custom_ext_parse_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *in,
+                                            size_t inlen, X509 *x,
+                                            size_t chainidx, int *al,
+                                            void *parse_arg);
+
+ int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                            unsigned int context,
+                            SSL_custom_ext_add_cb_ex add_cb,
+                            SSL_custom_ext_free_cb_ex free_cb,
+                            void *add_arg,
+                            SSL_custom_ext_parse_cb_ex parse_cb,
+                            void *parse_arg);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+                                  const unsigned char **out,
+                                  size_t *outlen, int *al,
+                                  void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *out,
+                                    void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *in,
+                                    size_t inlen, int *al,
+                                    void *parse_arg);
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_custom_ext() adds a custom extension for a TLS/DTLS client or server for all supported protocol versions with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b> (see the <a href="#EXTENSION-CALLBACKS">&quot;EXTENSION CALLBACKS&quot;</a> section below). The <b>context</b> value determines which messages and under what conditions the extension will be added/parsed (see the <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> section below).</p>
+
+<p>SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS/DTLS client with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to clients, uses the older style of callbacks, and implicitly sets the <b>context</b> value to:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS/DTLS server with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to servers, uses the older style of callbacks, and implicitly sets the <b>context</b> value to the same as for SSL_CTX_add_client_custom_ext() above.</p>
+
+<p>The <b>ext_type</b> parameter corresponds to the <b>extension_type</b> field of RFC5246 et al. It is <b>not</b> a NID. In all cases the extension type must not be handled by OpenSSL internally or an error occurs.</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="EXTENSION-CALLBACKS">EXTENSION CALLBACKS</h1>
+
+<p>The callback <b>add_cb</b> is called to send custom extension data to be included in various TLS messages. The <b>ext_type</b> parameter is set to the extension type which will be added and <b>add_arg</b> to the value set when the extension handler was added. When using the new style callbacks the <b>context</b> parameter will indicate which message is currently being constructed e.g. for the ClientHello it will be set to <b>SSL_EXT_CLIENT_HELLO</b>.</p>
+
+<p>If the application wishes to include the extension <b>ext_type</b> it should set <b>*out</b> to the extension data, set <b>*outlen</b> to the length of the extension data and return 1.</p>
+
+<p>If the <b>add_cb</b> does not wish to include the extension it must return 0.</p>
+
+<p>If <b>add_cb</b> returns -1 a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>When constructing the ClientHello, if <b>add_cb</b> is set to NULL a zero length extension is added for <b>ext_type</b>. For all other messages if <b>add_cb</b> is set to NULL then no extension is added.</p>
+
+<p>When constructing a Certificate message the callback will be called for each certificate in the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0. The certificates are in the order that they were received in the Certificate message.</p>
+
+<p>For all messages except the ServerHello and EncryptedExtensions every registered <b>add_cb</b> is always called to see if the application wishes to add an extension (as long as all requirements of the specified <b>context</b> are met).</p>
+
+<p>For the ServerHello and EncryptedExtension messages every registered <b>add_cb</b> is called once if and only if the requirements of the specified <b>context</b> are met and the corresponding extension was received in the ClientHello. That is, if no corresponding extension was received in the ClientHello then <b>add_cb</b> will not be called.</p>
+
+<p>If an extension is added (that is <b>add_cb</b> returns 1) <b>free_cb</b> is called (if it is set) with the value of <b>out</b> set by the add callback. It can be used to free up any dynamic extension data set by <b>add_cb</b>. Since <b>out</b> is constant (to permit use of constant data in <b>add_cb</b>) applications may need to cast away const to free the data.</p>
+
+<p>The callback <b>parse_cb</b> receives data for TLS extensions. The callback is only called if the extension is present and relevant for the context (see <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> below).</p>
+
+<p>The extension data consists of <b>inlen</b> bytes in the buffer <b>in</b> for the extension <b>ext_type</b>.</p>
+
+<p>If the message being parsed is a TLSv1.3 compatible Certificate message then <b>parse_cb</b> will be called for each certificate contained within the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0.</p>
+
+<p>If the <b>parse_cb</b> considers the extension data acceptable it must return 1. If it returns 0 or a negative value a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>The buffer <b>in</b> is a temporary internal buffer which will not be valid after the callback returns.</p>
+
+<h1 id="EXTENSION-CONTEXTS">EXTENSION CONTEXTS</h1>
+
+<p>An extension context defines which messages and under which conditions an extension should be added or expected. The context is built up by performing a bitwise OR of multiple pre-defined values together. The valid context values are:</p>
+
+<dl>
+
+<dt id="SSL_EXT_TLS_ONLY">SSL_EXT_TLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in TLS</p>
+
+</dd>
+<dt id="SSL_EXT_DTLS_ONLY">SSL_EXT_DTLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in DTLS</p>
+
+</dd>
+<dt id="SSL_EXT_TLS_IMPLEMENTATION_ONLY">SSL_EXT_TLS_IMPLEMENTATION_ONLY</dt>
+<dd>
+
+<p>The extension is allowed in DTLS, but there is only a TLS implementation available (so it is ignored in DTLS).</p>
+
+</dd>
+<dt id="SSL_EXT_SSL3_ALLOWED">SSL_EXT_SSL3_ALLOWED</dt>
+<dd>
+
+<p>Extensions are not typically defined for SSLv3. Setting this value will allow the extension in SSLv3. Applications will not typically need to use this.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_AND_BELOW_ONLY">SSL_EXT_TLS1_2_AND_BELOW_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLSv1.2/DTLSv1.2 and below. Servers will ignore this extension if it is present in the ClientHello and TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ONLY">SSL_EXT_TLS1_3_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLS1.3 and above. Servers will ignore this extension if it is present in the ClientHello and TLSv1.2 or below is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_IGNORE_ON_RESUMPTION">SSL_EXT_IGNORE_ON_RESUMPTION</dt>
+<dd>
+
+<p>The extension will be ignored during parsing if a previous session is being successfully resumed.</p>
+
+</dd>
+<dt id="SSL_EXT_CLIENT_HELLO">SSL_EXT_CLIENT_HELLO</dt>
+<dd>
+
+<p>The extension may be present in the ClientHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_SERVER_HELLO">SSL_EXT_TLS1_2_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.2 or below compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_SERVER_HELLO">SSL_EXT_TLS1_3_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS">SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS</dt>
+<dd>
+
+<p>The extension may be present in an EncryptedExtensions message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST">SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a HelloRetryRequest message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE">SSL_EXT_TLS1_3_CERTIFICATE</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible Certificate message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_NEW_SESSION_TICKET">SSL_EXT_TLS1_3_NEW_SESSION_TICKET</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible NewSessionTicket message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE_REQUEST">SSL_EXT_TLS1_3_CERTIFICATE_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible CertificateRequest message.</p>
+
+</dd>
+</dl>
+
+<p>The context must include at least one message value (otherwise the extension will never be used).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>add_arg</b> and <b>parse_arg</b> parameters can be set to arbitrary values which will be passed to the corresponding callbacks. They can, for example, be used to store the extension data received in a convenient structure or pass the extension data to be added or freed when adding extensions.</p>
+
+<p>If the same custom extension type is received multiple times a fatal <b>decode_error</b> alert is sent and the handshake aborts. If a custom extension is received in a ServerHello/EncryptedExtensions message which was not sent in the ClientHello a fatal <b>unsupported_extension</b> alert is sent and the handshake is aborted. The ServerHello/EncryptedExtensions <b>add_cb</b> callback is only called if the corresponding extension was received in the ClientHello. This is compliant with the TLS specifications. This behaviour ensures that each callback is called at most once and that an application can never send unsolicited extensions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_custom_ext(), SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 for success and 0 for failure. A failure can occur if an attempt is made to add the same <b>ext_type</b> more than once, if an attempt is made to use an extension type handled internally by OpenSSL or if an internal error occurs (for example a memory allocation failure).</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_add_custom_ext() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_session.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_session.html
new file mode 100644
index 000000000..2209e0b4d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_add_session.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add_session</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_add_session, SSL_CTX_remove_session - manipulate session cache</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
+
+ int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_session() adds the session <b>c</b> to the context <b>ctx</b>. The reference count for session <b>c</b> is incremented by 1. If a session with the same session id already exists, the old session is removed by calling <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>.</p>
+
+<p>SSL_CTX_remove_session() removes the session <b>c</b> from the context <b>ctx</b> and marks it as non-resumable. <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a> is called once for <b>c</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When adding a new session to the internal session cache, it is examined whether a session with the same session id already exists. In this case it is assumed that both sessions are identical. If the same session is stored in a different SSL_SESSION object, The old session is removed and replaced by the new session. If the session is actually identical (the SSL_SESSION object is identical), SSL_CTX_add_session() is a no-op, and the return value is 0.</p>
+
+<p>If a server SSL_CTX is configured with the SSL_SESS_CACHE_NO_INTERNAL_STORE flag then the internal cache will not be populated automatically by new sessions negotiated by the SSL/TLS implementation, even though the internal cache will be searched automatically for session-resume requests (the latter can be suppressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the application can use SSL_CTX_add_session() directly to have full control over the sessions that can be resumed if desired.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following values are returned by all functions:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed. In case of the add operation, it was tried to add the same (identical) session twice. In case of the remove operation, the session was not found in the cache.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_build_cert_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_build_cert_chain.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_build_cert_chain.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_callback_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_callback_ctrl.html
new file mode 100644
index 000000000..a279a2500
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_callback_ctrl.html
@@ -0,0 +1,60 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_ctrl, SSL_CTX_callback_ctrl, SSL_ctrl, SSL_callback_ctrl - internal handling functions for SSL_CTX and SSL objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+ long SSL_CTX_callback_ctrl(SSL_CTX *, int cmd, void (*fp)());
+
+ long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+ long SSL_callback_ctrl(SSL *, int cmd, void (*fp)());</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SSL_*_ctrl() family of functions is used to manipulate settings of the SSL_CTX and SSL objects. Depending on the command <b>cmd</b> the arguments <b>larg</b>, <b>parg</b>, or <b>fp</b> are evaluated. These functions should never be called directly. All functionalities needed are made available via other functions or macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The return values of the SSL*_ctrl() functions depend on the command supplied via the <b>cmd</b> parameter.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_check_private_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_check_private_key.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_check_private_key.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_chain_certs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_chain_certs.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_chain_certs.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_extra_chain_certs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_extra_chain_certs.html
new file mode 100644
index 000000000..ab1ecdfe1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_extra_chain_certs.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add_extra_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_add_extra_chain_cert, SSL_CTX_clear_extra_chain_certs - add or clear extra chain certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);
+ long SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_extra_chain_cert() adds the certificate <b>x509</b> to the extra chain certificates associated with <b>ctx</b>. Several certificates can be added one after another.</p>
+
+<p>SSL_CTX_clear_extra_chain_certs() clears all extra chain certificates associated with <b>ctx</b>.</p>
+
+<p>These functions are implemented as macros.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When sending a certificate chain, extra chain certificates are sent in order following the end entity certificate.</p>
+
+<p>If no chain is specified, the library will try to complete the chain from the available CA certificates in the trusted CA storage, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The <b>x509</b> certificate provided to SSL_CTX_add_extra_chain_cert() will be freed by the library when the <b>SSL_CTX</b> is destroyed. An application <b>should not</b> free the <b>x509</b> object.</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Only one set of extra chain certificates can be specified per SSL_CTX structure. Different chains for different certificates (for example if both RSA and DSA certificates are specified by the same server) or different SSL structures with the same parent SSL_CTX cannot be specified using this function. For more flexibility functions such as SSL_add1_chain_cert() should be used instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_extra_chain_cert() and SSL_CTX_clear_extra_chain_certs() return 1 on success and 0 for failure. Check out the error stack to find out the reason for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_mode.html
new file mode 100644
index 000000000..2e6c33d57
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_mode.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_mode, SSL_CTX_clear_mode, SSL_set_mode, SSL_clear_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
+ long SSL_CTX_clear_mode(SSL_CTX *ctx, long mode);
+ long SSL_set_mode(SSL *ssl, long mode);
+ long SSL_clear_mode(SSL *ssl, long mode);
+
+ long SSL_CTX_get_mode(SSL_CTX *ctx);
+ long SSL_get_mode(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ctx</b>. Options already set before are not cleared. SSL_CTX_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ctx</b>.</p>
+
+<p>SSL_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ssl</b>. Options already set before are not cleared. SSL_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_mode() returns the mode set for <b>ctx</b>.</p>
+
+<p>SSL_get_mode() returns the mode set for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following mode changes are available:</p>
+
+<dl>
+
+<dt id="SSL_MODE_ENABLE_PARTIAL_WRITE">SSL_MODE_ENABLE_PARTIAL_WRITE</dt>
+<dd>
+
+<p>Allow SSL_write_ex(..., n, &amp;r) to return with 0 &lt; r &lt; n (i.e. report success when just a single record has been written). This works in a similar way for SSL_write(). When not set (the default), SSL_write_ex() or SSL_write() will only report success once the complete chunk was written. Once SSL_write_ex() or SSL_write() returns successful, <b>r</b> bytes have been written and the next call to SSL_write_ex() or SSL_write() must only send the n-r bytes left, imitating the behaviour of write().</p>
+
+</dd>
+<dt id="SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER">SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</dt>
+<dd>
+
+<p>Make it possible to retry SSL_write_ex() or SSL_write() with changed buffer location (the buffer contents must stay the same). This is not the default to avoid the misconception that non-blocking SSL_write() behaves like non-blocking write().</p>
+
+</dd>
+<dt id="SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</dt>
+<dd>
+
+<p>During normal operations, non-application data records might need to be sent or received that the application is not aware of. If a non-application data record was processed, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> can return with a failure and indicate the need to retry with <b>SSL_ERROR_WANT_READ</b>. If such a non-application data record was processed, the flag <b>SSL_MODE_AUTO_RETRY</b> causes it to try to process the next record instead of returning.</p>
+
+<p>In a non-blocking environment applications must be prepared to handle incomplete read/write operations. Setting <b>SSL_MODE_AUTO_RETRY</b> for a non-blocking <b>BIO</b> will process non-application data records until either no more data is available or an application data record has been processed.</p>
+
+<p>In a blocking environment, applications are not always prepared to deal with the functions returning intermediate reports such as retry requests, and setting the <b>SSL_MODE_AUTO_RETRY</b> flag will cause the functions to only return after successfully processing an application data record or a failure.</p>
+
+<p>Turning off <b>SSL_MODE_AUTO_RETRY</b> can be useful with blocking <b>BIO</b>s in case they are used in combination with something like select() or poll(). Otherwise the call to SSL_read() or SSL_read_ex() might hang when a non-application record was sent and no application data was sent.</p>
+
+</dd>
+<dt id="SSL_MODE_RELEASE_BUFFERS">SSL_MODE_RELEASE_BUFFERS</dt>
+<dd>
+
+<p>When we no longer need a read buffer or a write buffer for a given SSL, then release the memory we were using to hold it. Using this flag can save around 34k per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections.</p>
+
+</dd>
+<dt id="SSL_MODE_SEND_FALLBACK_SCSV">SSL_MODE_SEND_FALLBACK_SCSV</dt>
+<dd>
+
+<p>Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications that reconnect with a downgraded protocol version; see draft-ietf-tls-downgrade-scsv-00 for details.</p>
+
+<p>DO NOT ENABLE THIS if your application attempts a normal handshake. Only use this in explicit fallback retries, following the guidance in draft-ietf-tls-downgrade-scsv-00.</p>
+
+</dd>
+<dt id="SSL_MODE_ASYNC">SSL_MODE_ASYNC</dt>
+<dd>
+
+<p>Enable asynchronous processing. TLS I/O operations may indicate a retry with SSL_ERROR_WANT_ASYNC with this mode set if an asynchronous capable engine is used to perform cryptographic operations. See <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+</dd>
+<dt id="SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG">SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG</dt>
+<dd>
+
+<p>Older versions of OpenSSL had a bug in the computation of the label length used for computing the endpoint-pair shared secret. The bug was that the terminating zero was included in the length of the label. Setting this option enables this behaviour to allow interoperability with such broken implementations. Please note that setting this option breaks interoperability with correct implementations. This option only applies to DTLS over SCTP.</p>
+
+</dd>
+</dl>
+
+<p>All modes are off by default except for SSL_MODE_AUTO_RETRY which is on by default since 1.1.1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask after adding <b>mode</b>.</p>
+
+<p>SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_MODE_ASYNC was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_options.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_options.html
new file mode 100644
index 000000000..b45ee0128
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_clear_options.html
@@ -0,0 +1,350 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_options</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SECURE-RENEGOTIATION">SECURE RENEGOTIATION</a>
+    <ul>
+      <li><a href="#Patched-client-and-server">Patched client and server</a></li>
+      <li><a href="#Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</a></li>
+      <li><a href="#Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_options() adds the options set via bitmask in <b>options</b> to <b>ctx</b>. Options already set before are not cleared!</p>
+
+<p>SSL_set_options() adds the options set via bitmask in <b>options</b> to <b>ssl</b>. Options already set before are not cleared!</p>
+
+<p>SSL_CTX_clear_options() clears the options set via bitmask in <b>options</b> to <b>ctx</b>.</p>
+
+<p>SSL_clear_options() clears the options set via bitmask in <b>options</b> to <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_options() returns the options set for <b>ctx</b>.</p>
+
+<p>SSL_get_options() returns the options set for <b>ssl</b>.</p>
+
+<p>SSL_get_secure_renegotiation_support() indicates whether the peer supports secure renegotiation. Note, this is implemented via a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of the SSL library can be changed by setting several options. The options are coded as bitmasks and can be combined by a bitwise <b>or</b> operation (|).</p>
+
+<p>SSL_CTX_set_options() and SSL_set_options() affect the (external) protocol behaviour of the SSL library. The (internal) behaviour of the API can be changed by using the similar <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> and SSL_set_mode() functions.</p>
+
+<p>During a handshake, the option settings of the SSL object are used. When a new SSL object is created from a context using SSL_new(), the current option setting is copied. Changes to <b>ctx</b> do not affect already created SSL objects. SSL_clear() does not affect the settings.</p>
+
+<p>The following <b>bug workaround</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_SAFARI_ECDHE_ECDSA_BUG">SSL_OP_SAFARI_ECDHE_ECDSA_BUG</dt>
+<dd>
+
+<p>Don&#39;t prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS">SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</dt>
+<dd>
+
+<p>Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_TLSEXT_PADDING">SSL_OP_TLSEXT_PADDING</dt>
+<dd>
+
+<p>Adds a padding extension to ensure the ClientHello size is never between 256 and 511 bytes in length. This is needed as a workaround for some implementations.</p>
+
+</dd>
+<dt id="SSL_OP_ALL">SSL_OP_ALL</dt>
+<dd>
+
+<p>All of the above bug workarounds plus <b>SSL_OP_LEGACY_SERVER_CONNECT</b> as mentioned below.</p>
+
+</dd>
+</dl>
+
+<p>It is usually safe to use <b>SSL_OP_ALL</b> to enable the bug workaround options if compatibility with somewhat broken implementations is desired.</p>
+
+<p>The following <b>modifying</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_TLS_ROLLBACK_BUG">SSL_OP_TLS_ROLLBACK_BUG</dt>
+<dd>
+
+<p>Disable version rollback attack detection.</p>
+
+<p>During the client key exchange, the client must send the same information about acceptable SSL/TLS protocol levels as during the first hello. Some clients violate this rule by adapting to the server&#39;s answer. (Example: the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server only understands up to SSLv3. In this case the client must still use the same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect to the server&#39;s answer and violate the version rollback protection.)</p>
+
+</dd>
+<dt id="SSL_OP_CIPHER_SERVER_PREFERENCE">SSL_OP_CIPHER_SERVER_PREFERENCE</dt>
+<dd>
+
+<p>When choosing a cipher, use the server&#39;s preferences instead of the client preferences. When not set, the SSL server will always follow the clients preferences. When set, the SSL/TLS server will choose following its own preferences.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SSLv3-SSL_OP_NO_TLSv1-SSL_OP_NO_TLSv1_1-SSL_OP_NO_TLSv1_2-SSL_OP_NO_TLSv1_3-SSL_OP_NO_DTLSv1-SSL_OP_NO_DTLSv1_2">SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2</dt>
+<dd>
+
+<p>These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively. As of OpenSSL 1.1.0, these options are deprecated, use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> and <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> instead.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION">SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</dt>
+<dd>
+
+<p>When performing renegotiation as a server, always start a new session (i.e., session resumption requests are only accepted in the initial handshake). This option is not needed for clients.</p>
+
+</dd>
+<dt id="SSL_OP_NO_COMPRESSION">SSL_OP_NO_COMPRESSION</dt>
+<dd>
+
+<p>Do not use compression even if it is supported.</p>
+
+</dd>
+<dt id="SSL_OP_NO_QUERY_MTU">SSL_OP_NO_QUERY_MTU</dt>
+<dd>
+
+<p>Do not query the MTU. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_COOKIE_EXCHANGE">SSL_OP_COOKIE_EXCHANGE</dt>
+<dd>
+
+<p>Turn on Cookie Exchange as described in RFC4347 Section 4.2.1. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_NO_TICKET">SSL_OP_NO_TICKET</dt>
+<dd>
+
+<p>SSL/TLS supports two mechanisms for resuming sessions: session ids and stateless session tickets.</p>
+
+<p>When using session ids a copy of the session information is cached on the server and a unique id is sent to the client. When the client wishes to resume it provides the unique id so that the server can retrieve the session information from its cache.</p>
+
+<p>When using stateless session tickets the server uses a session ticket encryption key to encrypt the session information. This encrypted data is sent to the client as a &quot;ticket&quot;. When the client wishes to resume it sends the encrypted data back to the server. The server uses its key to decrypt the data and resume the session. In this way the server can operate statelessly - no session information needs to be cached locally.</p>
+
+<p>The TLSv1.3 protocol only supports tickets and does not directly support session ids. However OpenSSL allows two modes of ticket operation in TLSv1.3: stateful and stateless. Stateless tickets work the same way as in TLSv1.2 and below. Stateful tickets mimic the session id behaviour available in TLSv1.2 and below. The session information is cached on the server and the session id is wrapped up in a ticket and sent back to the client. When the client wishes to resume, it presents a ticket in the same way as for stateless tickets. The server can then extract the session id from the ticket and retrieve the session information from its cache.</p>
+
+<p>By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET option will cause stateless tickets to not be issued. In TLSv1.2 and below this means no ticket gets sent to the client at all. In TLSv1.3 a stateful ticket will be sent. This is a server-side option only.</p>
+
+<p>In TLSv1.3 it is possible to suppress all tickets (stateful and stateless) from being sent by calling <a href="../man3/SSL_CTX_set_num_tickets.html">SSL_CTX_set_num_tickets(3)</a> or <a href="../man3/SSL_set_num_tickets.html">SSL_set_num_tickets(3)</a>.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION">SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_LEGACY_SERVER_CONNECT">SSL_OP_LEGACY_SERVER_CONNECT</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched servers <b>only</b>: this option is currently set by default. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ENCRYPT_THEN_MAC">SSL_OP_NO_ENCRYPT_THEN_MAC</dt>
+<dd>
+
+<p>Normally clients and servers will transparently attempt to negotiate the RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.</p>
+
+<p>If this option is set, Encrypt-then-MAC is disabled. Clients will not propose, and servers will not accept the extension.</p>
+
+</dd>
+<dt id="SSL_OP_NO_RENEGOTIATION">SSL_OP_NO_RENEGOTIATION</dt>
+<dd>
+
+<p>Disable all renegotiation in TLSv1.2 and earlier. Do not send HelloRequest messages, and ignore renegotiation requests via ClientHello.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_NO_DHE_KEX">SSL_OP_ALLOW_NO_DHE_KEX</dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="SSL_OP_PRIORITIZE_CHACHA">SSL_OP_PRIORITIZE_CHACHA</dt>
+<dd>
+
+<p>When SSL_OP_CIPHER_SERVER_PREFERENCE is set, temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers. Requires <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>.</p>
+
+</dd>
+<dt id="SSL_OP_ENABLE_MIDDLEBOX_COMPAT">SSL_OP_ENABLE_MIDDLEBOX_COMPAT</dt>
+<dd>
+
+<p>If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. Regardless of whether this option is set or not CCS messages received from the peer will always be ignored in TLSv1.3. This option is set by default. To switch it off use SSL_clear_options(). A future version of OpenSSL may not set this by default.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ANTI_REPLAY">SSL_OP_NO_ANTI_REPLAY</dt>
+<dd>
+
+<p>By default, when a server is configured for early data (i.e., max_early_data &gt; 0), OpenSSL will switch on replay protection. See <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a> for a description of the replay protection feature. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built in OpenSSL functionality is not required. Those applications can turn this feature off by setting this option. This is a server-side opton only. It is ignored by clients.</p>
+
+</dd>
+</dl>
+
+<p>The following options no longer have any effect but their identifiers are retained for compatibility purposes:</p>
+
+<dl>
+
+<dt id="SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG">SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER">SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLEAY_080_CLIENT_DH_BUG">SSL_OP_SSLEAY_080_CLIENT_DH_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_D5_BUG">SSL_OP_TLS_D5_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_BLOCK_PADDING_BUG">SSL_OP_TLS_BLOCK_PADDING_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MSIE_SSLV2_RSA_PADDING">SSL_OP_MSIE_SSLV2_RSA_PADDING</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG">SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_SESS_ID_BUG">SSL_OP_MICROSOFT_SESS_ID_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_NETSCAPE_CHALLENGE_BUG">SSL_OP_NETSCAPE_CHALLENGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_1">SSL_OP_PKCS1_CHECK_1</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_2">SSL_OP_PKCS1_CHECK_2</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_DH_USE">SSL_OP_SINGLE_DH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_ECDH_USE">SSL_OP_SINGLE_ECDH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_EPHEMERAL_RSA">SSL_OP_EPHEMERAL_RSA</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h1 id="SECURE-RENEGOTIATION">SECURE RENEGOTIATION</h1>
+
+<p>OpenSSL always attempts to use secure renegotiation as described in RFC5746. This counters the prefix attack described in CVE-2009-3555 and elsewhere.</p>
+
+<p>This attack has far reaching consequences which application writers should be aware of. In the description below an implementation supporting secure renegotiation is referred to as <i>patched</i>. A server not supporting secure renegotiation is referred to as <i>unpatched</i>.</p>
+
+<p>The following sections describe the operations permitted by OpenSSL&#39;s secure renegotiation implementation.</p>
+
+<h2 id="Patched-client-and-server">Patched client and server</h2>
+
+<p>Connections and renegotiation are always permitted by OpenSSL implementations.</p>
+
+<h2 id="Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</h2>
+
+<p>The initial connection succeeds but client renegotiation is denied by the server with a <b>no_renegotiation</b> warning alert if TLS v1.0 is used or a fatal <b>handshake_failure</b> alert in SSL v3.0.</p>
+
+<p>If the patched OpenSSL server attempts to renegotiate a fatal <b>handshake_failure</b> alert is sent. This is because the server code may be unaware of the unpatched nature of the client.</p>
+
+<p>If the option <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then renegotiation <b>always</b> succeeds.</p>
+
+<h2 id="Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</h2>
+
+<p>If the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> or <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then initial connections and renegotiation between patched OpenSSL clients and unpatched servers succeeds. If neither option is set then initial connections to unpatched servers will fail.</p>
+
+<p>The option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> is currently set by default even though it has security implications: otherwise it would be impossible to connect to unpatched servers (i.e. all of them initially) and this is clearly not acceptable. Renegotiation is permitted because this does not add any additional security issues: during an attack clients do not see any renegotiations anyway.</p>
+
+<p>As more servers become patched the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> will <b>not</b> be set by default in a future version of OpenSSL.</p>
+
+<p>OpenSSL client applications wishing to ensure they can connect to unpatched servers should always <b>set</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b></p>
+
+<p>OpenSSL client applications that want to ensure they can <b>not</b> connect to unpatched servers (and thus avoid any security issues) should always <b>clear</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b> using SSL_CTX_clear_options() or SSL_clear_options().</p>
+
+<p>The difference between the <b>SSL_OP_LEGACY_SERVER_CONNECT</b> and <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> options is that <b>SSL_OP_LEGACY_SERVER_CONNECT</b> enables initial connections and secure renegotiation between OpenSSL clients and unpatched servers <b>only</b>, while <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> allows initial connections and renegotiation between OpenSSL and unpatched clients or servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_options() and SSL_set_options() return the new options bitmask after adding <b>options</b>.</p>
+
+<p>SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask after clearing <b>options</b>.</p>
+
+<p>SSL_CTX_get_options() and SSL_get_options() return the current bitmask.</p>
+
+<p>SSL_get_secure_renegotiation_support() returns 1 is the peer supports secure renegotiation and 0 if it does not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The attempt to always try to use secure renegotiation was added in OpenSSL 0.9.8m.</p>
+
+<p>The <b>SSL_OP_PRIORITIZE_CHACHA</b> and <b>SSL_OP_NO_RENEGOTIATION</b> options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_config.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_config.html
new file mode 100644
index 000000000..c09a21ec3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_config.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_config</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_config, SSL_config - configure SSL_CTX or SSL structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_config(SSL_CTX *ctx, const char *name);
+ int SSL_config(SSL *s, const char *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_config() and SSL_config() configure an <b>SSL_CTX</b> or <b>SSL</b> structure using the configuration <b>name</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>By calling SSL_CTX_config() or SSL_config() an application can perform many complex tasks based on the contents of the configuration file: greatly simplifying application configuration code. A degree of future proofing can also be achieved: an application can support configuration features in newer versions of OpenSSL automatically.</p>
+
+<p>A configuration file must have been previously loaded, for example using CONF_modules_load_file(). See <a href="../man5/config.html">config(5)</a> for details of the configuration file syntax.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_config() and SSL_config() return 1 for success or 0 if an error occurred.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>If the file &quot;config.cnf&quot; contains the following:</p>
+
+<pre><code> testapp = test_sect
+
+ [test_sect]
+ # list of configuration modules
+
+ ssl_conf = ssl_sect
+
+ [ssl_sect]
+ server = server_section
+
+ [server_section]
+ RSA.Certificate = server-rsa.pem
+ ECDSA.Certificate = server-ecdsa.pem
+ Ciphers = ALL:!RC4</code></pre>
+
+<p>An application could call:</p>
+
+<pre><code> if (CONF_modules_load_file(&quot;config.cnf&quot;, &quot;testapp&quot;, 0) &lt;= 0) {
+     fprintf(stderr, &quot;Error processing config file\n&quot;);
+     goto err;
+ }
+
+ ctx = SSL_CTX_new(TLS_server_method());
+
+ if (SSL_CTX_config(ctx, &quot;server&quot;) == 0) {
+     fprintf(stderr, &quot;Error configuring server.\n&quot;);
+     goto err;
+ }</code></pre>
+
+<p>In this example two certificates and the cipher list are configured without the need for any additional application code.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_config() and SSL_config() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_ct_is_enabled.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_ct_is_enabled.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_ct_is_enabled.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_ctrl.html
new file mode 100644
index 000000000..a279a2500
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_ctrl.html
@@ -0,0 +1,60 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_ctrl, SSL_CTX_callback_ctrl, SSL_ctrl, SSL_callback_ctrl - internal handling functions for SSL_CTX and SSL objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+ long SSL_CTX_callback_ctrl(SSL_CTX *, int cmd, void (*fp)());
+
+ long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+ long SSL_callback_ctrl(SSL *, int cmd, void (*fp)());</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SSL_*_ctrl() family of functions is used to manipulate settings of the SSL_CTX and SSL objects. Depending on the command <b>cmd</b> the arguments <b>larg</b>, <b>parg</b>, or <b>fp</b> are evaluated. These functions should never be called directly. All functionalities needed are made available via other functions or macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The return values of the SSL*_ctrl() functions depend on the command supplied via the <b>cmd</b> parameter.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_clear_flags.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_clear_flags.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_enable.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_enable.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_enable.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_mtype_set.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_mtype_set.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_mtype_set.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_set_flags.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_dane_set_flags.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_decrypt_session_ticket_fn.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_decrypt_session_ticket_fn.html
new file mode 100644
index 000000000..3b212e2e5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_decrypt_session_ticket_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_ticket_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_ticket_cb, SSL_SESSION_get0_ticket_appdata, SSL_SESSION_set1_ticket_appdata, SSL_CTX_generate_session_ticket_fn, SSL_CTX_decrypt_session_ticket_fn - manage session ticket application data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_CTX_generate_session_ticket_fn)(SSL *s, void *arg);
+ typedef SSL_TICKET_RETURN (*SSL_CTX_decrypt_session_ticket_fn)(SSL *s, SSL_SESSION *ss,
+                                                                const unsigned char *keyname,
+                                                                size_t keyname_len,
+                                                                SSL_TICKET_STATUS status,
+                                                                void *arg);
+ int SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx,
+                                   SSL_CTX_generate_session_ticket_fn gen_cb,
+                                   SSL_CTX_decrypt_session_ticket_fn dec_cb,
+                                   void *arg);
+ int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len);
+ int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_set_session_ticket_cb() sets the application callbacks <b>gen_cb</b> and <b>dec_cb</b> that are used by a server to set and get application data stored with a session, and placed into a session ticket. Either callback function may be set to NULL. The value of <b>arg</b> is passed to the callbacks.</p>
+
+<p><b>gen_cb</b> is the application defined callback invoked when a session ticket is about to be created. The application can call SSL_SESSION_set1_ticket_appdata() at this time to add application data to the session ticket. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>gen_cb</b> callback is defined as type <b>SSL_CTX_generate_session_ticket_fn</b>.</p>
+
+<p><b>dec_cb</b> is the application defined callback invoked after session ticket decryption has been attempted and any session ticket application data is available. If ticket decryption was successful then the <b>ss</b> argument contains the session data. The <b>keyname</b> and <b>keyname_len</b> arguments identify the key used to decrypt the session ticket. The <b>status</b> argument is the result of the ticket decryption. See the <a>NOTES</a> section below for further details. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>dec_cb</b> callback is defined as type <b>SSL_CTX_decrypt_session_ticket_fn</b>.</p>
+
+<p>SSL_SESSION_set1_ticket_appdata() sets the application data specified by <b>data</b> and <b>len</b> into <b>ss</b> which is then placed into any generated session tickets. It can be called at any time before a session ticket is created to update the data placed into the session ticket. However, given that sessions and tickets are created by the handshake, the <b>gen_cb</b> is provided to notify the application that a session ticket is about to be generated.</p>
+
+<p>SSL_SESSION_get0_ticket_appdata() assigns <b>data</b> to the session ticket application data and assigns <b>len</b> to the length of the session ticket application data from <b>ss</b>. The application data can be set via SSL_SESSION_set1_ticket_appdata() or by a session ticket. NULL will be assigned to <b>data</b> and 0 will be assigned to <b>len</b> if there is no session ticket application data. SSL_SESSION_get0_ticket_appdata() can be called any time after a session has been created. The <b>dec_cb</b> is provided to notify the application that a session ticket has just been decrypted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When the <b>dec_cb</b> callback is invoked, the SSL_SESSION <b>ss</b> has not yet been assigned to the SSL <b>s</b>. The <b>status</b> indicates the result of the ticket decryption. The callback must check the <b>status</b> value before performing any action, as it is called even if ticket decryption fails.</p>
+
+<p>The <b>keyname</b> and <b>keyname_len</b> arguments to <b>dec_cb</b> may be used to identify the key that was used to encrypt the session ticket.</p>
+
+<p>The <b>status</b> argument can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_EMPTY">SSL_TICKET_EMPTY</dt>
+<dd>
+
+<p>Empty ticket present. No ticket data will be used and a new ticket should be sent to the client. This only occurs in TLSv1.2 or below. In TLSv1.3 it is not valid for a client to send an empty ticket.</p>
+
+</dd>
+<dt id="SSL_TICKET_NO_DECRYPT">SSL_TICKET_NO_DECRYPT</dt>
+<dd>
+
+<p>The ticket couldn&#39;t be decrypted. No ticket data will be used and a new ticket should be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS">SSL_TICKET_SUCCESS</dt>
+<dd>
+
+<p>A ticket was successfully decrypted, any session ticket application data should be available. A new ticket should not be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS_RENEW">SSL_TICKET_SUCCESS_RENEW</dt>
+<dd>
+
+<p>Same as <b>SSL_TICKET_SUCCESS</b>, but a new ticket should be sent to the client.</p>
+
+</dd>
+</dl>
+
+<p>The return value can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_RETURN_ABORT">SSL_TICKET_RETURN_ABORT</dt>
+<dd>
+
+<p>The handshake should be aborted, either because of an error or because of some policy. Note that in TLSv1.3 a client may send more than one ticket in a single handshake. Therefore just because one ticket is unacceptable it does not mean that all of them are. For this reason this option should be used with caution.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE">SSL_TICKET_RETURN_IGNORE</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Do not send a renewed ticket to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE_RENEW">SSL_TICKET_RETURN_IGNORE_RENEW</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Send a renewed ticket to the client.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE">SSL_TICKET_RETURN_USE</dt>
+<dd>
+
+<p>Use the ticket. Do not send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE_RENEW">SSL_TICKET_RETURN_USE_RENEW</dt>
+<dd>
+
+<p>Use the ticket. Send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+</dd>
+</dl>
+
+<p>If <b>status</b> has the value <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b> then no session data will be available and the callback must not use the <b>ss</b> argument. If <b>status</b> has the value <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b> then the application can call SSL_SESSION_get0_ticket_appdata() using the session provided in the <b>ss</b> argument to retrieve the application data.</p>
+
+<p>When the <b>gen_cb</b> callback is invoked, the SSL_get_session() function can be used to retrieve the SSL_SESSION for SSL_SESSION_set1_ticket_appdata().</p>
+
+<p>By default, in TLSv1.2 and below, a new session ticket is not issued on a successful resumption and therefore <b>gen_cb</b> will not be called. In TLSv1.3 the default behaviour is to always issue a new ticket on resumption. In both cases this behaviour can be changed if a ticket key callback is in use (see <a href="../man3/SSL_CTX_set_tlsext_ticket_key_cb.html">SSL_CTX_set_tlsext_ticket_key_cb(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get0_ticket_appdata() functions return 1 on success and 0 on failure.</p>
+
+<p>The <b>gen_cb</b> callback must return 1 to continue the connection. A return of 0 will terminate the connection with an INTERNAL_ERROR alert.</p>
+
+<p>The <b>dec_cb</b> callback must return a value as described in <a>NOTES</a> above.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get_ticket_appdata() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_disable_ct.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_disable_ct.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_disable_ct.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_enable_ct.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_enable_ct.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_enable_ct.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_flush_sessions.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_flush_sessions.html
new file mode 100644
index 000000000..2d42cedfb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_flush_sessions.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_flush_sessions</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_flush_sessions - remove expired sessions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_flush_sessions() causes a run through the session cache of <b>ctx</b> to remove sessions expired at time <b>tm</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If enabled, the internal session cache will collect all sessions established up to the specified maximum number (see SSL_CTX_sess_set_cache_size()). As sessions will not be reused ones they are expired, they should be removed from the cache to save resources. This can either be done automatically whenever 255 new sessions were established (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>) or manually by calling SSL_CTX_flush_sessions().</p>
+
+<p>The parameter <b>tm</b> specifies the time which should be used for the expiration test, in most cases the actual time given by time(0) will be used.</p>
+
+<p>SSL_CTX_flush_sessions() will only check sessions stored in the internal cache. When a session is found and removed, the remove_session_cb is however called to synchronize with the external cache (see <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_flush_sessions() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_free.html
new file mode 100644
index 000000000..ea406b5f2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_free.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_free - free an allocated SSL_CTX object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_free(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_free() decrements the reference count of <b>ctx</b>, and removes the SSL_CTX object pointed to by <b>ctx</b> and frees up the allocated memory if the reference count has reached 0.</p>
+
+<p>It also calls the free()ing procedures for indirectly affected items, if applicable: the session cache, the list of ciphers, the list of Client CAs, the certificates and keys.</p>
+
+<p>If <b>ctx</b> is NULL nothing is done.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>If a session-remove callback is set (SSL_CTX_sess_set_remove_cb()), this callback will be called for each session being freed from <b>ctx</b>&#39;s session cache. This implies, that all corresponding sessions from an external session cache are removed as well. If this is not desired, the user should explicitly unset the callback by calling SSL_CTX_sess_set_remove_cb(<b>ctx</b>, NULL) prior to calling SSL_CTX_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_free() does not provide diagnostic information.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_generate_session_ticket_fn.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_generate_session_ticket_fn.html
new file mode 100644
index 000000000..3b212e2e5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_generate_session_ticket_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_ticket_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_ticket_cb, SSL_SESSION_get0_ticket_appdata, SSL_SESSION_set1_ticket_appdata, SSL_CTX_generate_session_ticket_fn, SSL_CTX_decrypt_session_ticket_fn - manage session ticket application data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_CTX_generate_session_ticket_fn)(SSL *s, void *arg);
+ typedef SSL_TICKET_RETURN (*SSL_CTX_decrypt_session_ticket_fn)(SSL *s, SSL_SESSION *ss,
+                                                                const unsigned char *keyname,
+                                                                size_t keyname_len,
+                                                                SSL_TICKET_STATUS status,
+                                                                void *arg);
+ int SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx,
+                                   SSL_CTX_generate_session_ticket_fn gen_cb,
+                                   SSL_CTX_decrypt_session_ticket_fn dec_cb,
+                                   void *arg);
+ int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len);
+ int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_set_session_ticket_cb() sets the application callbacks <b>gen_cb</b> and <b>dec_cb</b> that are used by a server to set and get application data stored with a session, and placed into a session ticket. Either callback function may be set to NULL. The value of <b>arg</b> is passed to the callbacks.</p>
+
+<p><b>gen_cb</b> is the application defined callback invoked when a session ticket is about to be created. The application can call SSL_SESSION_set1_ticket_appdata() at this time to add application data to the session ticket. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>gen_cb</b> callback is defined as type <b>SSL_CTX_generate_session_ticket_fn</b>.</p>
+
+<p><b>dec_cb</b> is the application defined callback invoked after session ticket decryption has been attempted and any session ticket application data is available. If ticket decryption was successful then the <b>ss</b> argument contains the session data. The <b>keyname</b> and <b>keyname_len</b> arguments identify the key used to decrypt the session ticket. The <b>status</b> argument is the result of the ticket decryption. See the <a>NOTES</a> section below for further details. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>dec_cb</b> callback is defined as type <b>SSL_CTX_decrypt_session_ticket_fn</b>.</p>
+
+<p>SSL_SESSION_set1_ticket_appdata() sets the application data specified by <b>data</b> and <b>len</b> into <b>ss</b> which is then placed into any generated session tickets. It can be called at any time before a session ticket is created to update the data placed into the session ticket. However, given that sessions and tickets are created by the handshake, the <b>gen_cb</b> is provided to notify the application that a session ticket is about to be generated.</p>
+
+<p>SSL_SESSION_get0_ticket_appdata() assigns <b>data</b> to the session ticket application data and assigns <b>len</b> to the length of the session ticket application data from <b>ss</b>. The application data can be set via SSL_SESSION_set1_ticket_appdata() or by a session ticket. NULL will be assigned to <b>data</b> and 0 will be assigned to <b>len</b> if there is no session ticket application data. SSL_SESSION_get0_ticket_appdata() can be called any time after a session has been created. The <b>dec_cb</b> is provided to notify the application that a session ticket has just been decrypted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When the <b>dec_cb</b> callback is invoked, the SSL_SESSION <b>ss</b> has not yet been assigned to the SSL <b>s</b>. The <b>status</b> indicates the result of the ticket decryption. The callback must check the <b>status</b> value before performing any action, as it is called even if ticket decryption fails.</p>
+
+<p>The <b>keyname</b> and <b>keyname_len</b> arguments to <b>dec_cb</b> may be used to identify the key that was used to encrypt the session ticket.</p>
+
+<p>The <b>status</b> argument can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_EMPTY">SSL_TICKET_EMPTY</dt>
+<dd>
+
+<p>Empty ticket present. No ticket data will be used and a new ticket should be sent to the client. This only occurs in TLSv1.2 or below. In TLSv1.3 it is not valid for a client to send an empty ticket.</p>
+
+</dd>
+<dt id="SSL_TICKET_NO_DECRYPT">SSL_TICKET_NO_DECRYPT</dt>
+<dd>
+
+<p>The ticket couldn&#39;t be decrypted. No ticket data will be used and a new ticket should be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS">SSL_TICKET_SUCCESS</dt>
+<dd>
+
+<p>A ticket was successfully decrypted, any session ticket application data should be available. A new ticket should not be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS_RENEW">SSL_TICKET_SUCCESS_RENEW</dt>
+<dd>
+
+<p>Same as <b>SSL_TICKET_SUCCESS</b>, but a new ticket should be sent to the client.</p>
+
+</dd>
+</dl>
+
+<p>The return value can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_RETURN_ABORT">SSL_TICKET_RETURN_ABORT</dt>
+<dd>
+
+<p>The handshake should be aborted, either because of an error or because of some policy. Note that in TLSv1.3 a client may send more than one ticket in a single handshake. Therefore just because one ticket is unacceptable it does not mean that all of them are. For this reason this option should be used with caution.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE">SSL_TICKET_RETURN_IGNORE</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Do not send a renewed ticket to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE_RENEW">SSL_TICKET_RETURN_IGNORE_RENEW</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Send a renewed ticket to the client.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE">SSL_TICKET_RETURN_USE</dt>
+<dd>
+
+<p>Use the ticket. Do not send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE_RENEW">SSL_TICKET_RETURN_USE_RENEW</dt>
+<dd>
+
+<p>Use the ticket. Send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+</dd>
+</dl>
+
+<p>If <b>status</b> has the value <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b> then no session data will be available and the callback must not use the <b>ss</b> argument. If <b>status</b> has the value <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b> then the application can call SSL_SESSION_get0_ticket_appdata() using the session provided in the <b>ss</b> argument to retrieve the application data.</p>
+
+<p>When the <b>gen_cb</b> callback is invoked, the SSL_get_session() function can be used to retrieve the SSL_SESSION for SSL_SESSION_set1_ticket_appdata().</p>
+
+<p>By default, in TLSv1.2 and below, a new session ticket is not issued on a successful resumption and therefore <b>gen_cb</b> will not be called. In TLSv1.3 the default behaviour is to always issue a new ticket on resumption. In both cases this behaviour can be changed if a ticket key callback is in use (see <a href="../man3/SSL_CTX_set_tlsext_ticket_key_cb.html">SSL_CTX_set_tlsext_ticket_key_cb(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get0_ticket_appdata() functions return 1 on success and 0 on failure.</p>
+
+<p>The <b>gen_cb</b> callback must return 1 to continue the connection. A return of 0 will terminate the connection with an INTERNAL_ERROR alert.</p>
+
+<p>The <b>dec_cb</b> callback must return a value as described in <a>NOTES</a> above.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get_ticket_appdata() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_chain_certs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_chain_certs.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_chain_certs.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_param.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_param.html
new file mode 100644
index 000000000..8eafcb4e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_param.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get0_param</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get0_param, SSL_get0_param, SSL_CTX_set1_param, SSL_set1_param - get and set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
+ X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+ int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
+ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get0_param() and SSL_get0_param() retrieve an internal pointer to the verification parameters for <b>ctx</b> or <b>ssl</b> respectively. The returned pointer must not be freed by the calling application.</p>
+
+<p>SSL_CTX_set1_param() and SSL_set1_param() set the verification parameters to <b>vpm</b> for <b>ctx</b> or <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Typically parameters are retrieved from an <b>SSL_CTX</b> or <b>SSL</b> structure using SSL_CTX_get0_param() or SSL_get0_param() and an application modifies them to suit its needs: for example to add a hostname check.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Check hostname matches &quot;www.foo.com&quot; in peer certificate:</p>
+
+<pre><code> X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl);
+ X509_VERIFY_PARAM_set1_host(vpm, &quot;www.foo.com&quot;, 0);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get0_param() and SSL_get0_param() return a pointer to an <b>X509_VERIFY_PARAM</b> structure.</p>
+
+<p>SSL_CTX_set1_param() and SSL_set1_param() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_security_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_security_ex_data.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get0_security_ex_data.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_cert_store.html
new file mode 100644
index 000000000..b51de3d8b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_cert_store.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cert_store, SSL_CTX_set1_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate verification storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
+ void SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store);
+ X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cert_store() sets/replaces the certificate verification storage of <b>ctx</b> to/with <b>store</b>. If another X509_STORE object is currently set in <b>ctx</b>, it will be X509_STORE_free()ed.</p>
+
+<p>SSL_CTX_set1_cert_store() sets/replaces the certificate verification storage of <b>ctx</b> to/with <b>store</b>. The <b>store</b>&#39;s reference count is incremented. If another X509_STORE object is currently set in <b>ctx</b>, it will be X509_STORE_free()ed.</p>
+
+<p>SSL_CTX_get_cert_store() returns a pointer to the current certificate verification storage.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to verify the certificates presented by the peer, trusted CA certificates must be accessed. These CA certificates are made available via lookup methods, handled inside the X509_STORE. From the X509_STORE the X509_STORE_CTX used when verifying certificates is created.</p>
+
+<p>Typically the trusted certificate store is handled indirectly via using <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>. Using the SSL_CTX_set_cert_store() and SSL_CTX_get_cert_store() functions it is possible to manipulate the X509_STORE object beyond the <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> call.</p>
+
+<p>Currently no detailed documentation on how to use the X509_STORE object is available. Not all members of the X509_STORE are used when the verification takes place. So will e.g. the verify_callback() be overridden with the verify_callback() set via the <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a> family of functions. This document must therefore be updated when documentation about the X509_STORE object and its handling becomes available.</p>
+
+<p>SSL_CTX_set_cert_store() does not increment the <b>store</b>&#39;s reference count, so it should not be used to assign an X509_STORE that is owned by another SSL_CTX.</p>
+
+<p>To share X509_STOREs between two SSL_CTXs, use SSL_CTX_get_cert_store() to get the X509_STORE from the first SSL_CTX, and then use SSL_CTX_set1_cert_store() to assign to the second SSL_CTX and increment the reference count of the X509_STORE.</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>The X509_STORE structure used by an SSL_CTX is used for verifying peer certificates and building certificate chains, it is also shared by every child SSL structure. Applications wanting finer control can use functions such as SSL_CTX_set1_verify_cert_store() instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cert_store() does not return diagnostic output.</p>
+
+<p>SSL_CTX_set1_cert_store() does not return diagnostic output.</p>
+
+<p>SSL_CTX_get_cert_store() returns the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_ciphers.html
new file mode 100644
index 000000000..4230a6de9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_ciphers.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get1_supported_ciphers, SSL_get_client_ciphers, SSL_get_ciphers, SSL_CTX_get_ciphers, SSL_bytes_to_cipher_list, SSL_get_cipher_list, SSL_get_shared_ciphers - get list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+ STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *ssl);
+ int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len,
+                              int isv2format, STACK_OF(SSL_CIPHER) **sk,
+                              STACK_OF(SSL_CIPHER) **scsvs);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ssl</b>, sorted by preference. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_CTX_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ctx</b>.</p>
+
+<p>SSL_get1_supported_ciphers() returns the stack of enabled SSL_CIPHERs for <b>ssl</b> as would be sent in a ClientHello (that is, sorted by preference). The list depends on settings like the cipher list, the supported protocol versions, the security level, and the enabled signature algorithms. SRP and PSK ciphers are only enabled if the appropriate callbacks or settings have been applied. The list of ciphers that would be sent in a ClientHello can differ from the list of ciphers that would be acceptable when acting as a server. For example, additional ciphers may be usable by a server if there is a gap in the list of supported protocols, and some ciphers may not be usable by a server if there is not a suitable certificate configured. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_get_client_ciphers() returns the stack of available SSL_CIPHERs matching the list received from the client on <b>ssl</b>. If <b>ssl</b> is NULL, no ciphers are available, or <b>ssl</b> is not operating in server mode, NULL is returned.</p>
+
+<p>SSL_bytes_to_cipher_list() treats the supplied <b>len</b> octets in <b>bytes</b> as a wire-protocol cipher suite specification (in the three-octet-per-cipher SSLv2 wire format if <b>isv2format</b> is nonzero; otherwise the two-octet SSLv3/TLS wire format), and parses the cipher suites supported by the library into the returned stacks of SSL_CIPHER objects sk and Signalling Cipher-Suite Values scsvs. Unsupported cipher suites are ignored. Returns 1 on success and 0 on failure.</p>
+
+<p>SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER listed for <b>ssl</b> with <b>priority</b>. If <b>ssl</b> is NULL, no ciphers are available, or there are less ciphers than <b>priority</b> available, NULL is returned.</p>
+
+<p>SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of SSL_CIPHER names that are available in both the client and the server. <b>buf</b> is the buffer that should be populated with the list of names and <b>size</b> is the size of that buffer. A pointer to <b>buf</b> is returned on success or NULL on error. If the supplied buffer is not large enough to contain the complete list of names then a truncated list of names will be returned. Note that just because a ciphersuite is available (i.e. it is configured in the cipher list) and shared by both the client and the server it does not mean that it is enabled (see the description of SSL_get1_supported_ciphers() above). This function will return available shared ciphersuites whether or not they are enabled. This is a server side function only and must only be called after the completion of the initial handshake.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers() SSL_get1_supported_ciphers() and SSL_get_client_ciphers() can be obtained using the <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> family of functions.</p>
+
+<p>Call SSL_get_cipher_list() with <b>priority</b> starting from 0 to obtain the sorted list of available ciphers, until NULL is returned.</p>
+
+<p>Note: SSL_get_ciphers(), SSL_CTX_get_ciphers() and SSL_get_client_ciphers() return a pointer to an internal cipher stack, which will be freed later on when the SSL or SSL_SESSION object is freed. Therefore, the calling code <b>MUST NOT</b> free the return value itself.</p>
+
+<p>The stack returned by SSL_get1_supported_ciphers() should be freed using sk_SSL_CIPHER_free().</p>
+
+<p>The stacks returned by SSL_bytes_to_cipher_list() should be freed using sk_SSL_CIPHER_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_client_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_client_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_client_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_client_cert_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_client_cert_cb.html
new file mode 100644
index 000000000..d9ce14869
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_client_cert_cb.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_cert_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_cert_cb, SSL_CTX_get_client_cert_cb - handle client certificate callback function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+                                 int (*client_cert_cb)(SSL *ssl, X509 **x509,
+                                                       EVP_PKEY **pkey));
+ int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
+                                                 EVP_PKEY **pkey);
+ int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_cert_cb() sets the client_cert_cb() callback, that is called when a client certificate is requested by a server and no certificate was yet set for the SSL object.</p>
+
+<p>When client_cert_cb() is NULL, no callback function is used.</p>
+
+<p>SSL_CTX_get_client_cert_cb() returns a pointer to the currently set callback function.</p>
+
+<p>client_cert_cb() is the application defined callback. If it wants to set a certificate, a certificate/private key combination must be set using the <b>x509</b> and <b>pkey</b> arguments and &quot;1&quot; must be returned. The certificate will be installed into <b>ssl</b>, see the NOTES and BUGS sections. If no certificate should be set, &quot;0&quot; has to be returned and no certificate will be sent. A negative return value will suspend the handshake and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was suspended. The next call to the handshake function will again lead to the call of client_cert_cb(). It is the job of the client_cert_cb() to store information about the state of the last call, if required to continue.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During a handshake (or renegotiation) a server may request a certificate from the client. A client certificate must only be sent, when the server did send the request.</p>
+
+<p>When a certificate was set using the <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a> family of functions, it will be sent to the server. The TLS standard requires that only a certificate is sent, if it matches the list of acceptable CAs sent by the server. This constraint is violated by the default behavior of the OpenSSL library. Using the callback function it is possible to implement a proper selection routine or to allow a user interaction to choose the certificate to be sent.</p>
+
+<p>If a callback function is defined and no certificate was yet defined for the SSL object, the callback function will be called. If the callback function returns a certificate, the OpenSSL library will try to load the private key and certificate data into the SSL object using the SSL_use_certificate() and SSL_use_private_key() functions. Thus it will permanently install the certificate and key for this SSL object. It will not be reset by calling <a href="../man3/SSL_clear.html">SSL_clear(3)</a>. If the callback returns no certificate, the OpenSSL library will not send a certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get_client_cert_cb() returns function pointer of client_cert_cb() or NULL if the callback is not set.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The client_cert_cb() cannot return a complete certificate chain, it can only return one client certificate. If the chain only has a length of 2, the root CA certificate may be omitted according to the TLS standard and thus a standard conforming answer can be sent to the server. For a longer chain, the client must send the complete chain (with the option to leave out the root CA certificate). This can only be accomplished by either adding the intermediate CA certificates into the trusted certificate store for the SSL_CTX object (resulting in having to add CA certificates that otherwise maybe would not be trusted), or by adding the chain certificates using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function, which is only available for the SSL_CTX object as a whole and that therefore probably can only apply for one client certificate, making the concept of the callback function (to allow the choice from several certificates) questionable.</p>
+
+<p>Once the SSL object has been used in conjunction with the callback function, the certificate will be set for the SSL object and will not be cleared even when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is being called. It is therefore mandatory to destroy the SSL object using <a href="../man3/SSL_free.html">SSL_free(3)</a> and create a new one to return to the previous state.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_passwd_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_passwd_cb.html
new file mode 100644
index 000000000..7351cd5a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_passwd_cb.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_default_passwd_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata, SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata, SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata, SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or get passwd callback for encrypted PEM file handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
+ void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_passwd_cb() sets the default password callback called when loading/storing a PEM certificate with encryption.</p>
+
+<p>SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata, <b>u</b>, which will be provided to the password callback on invocation.</p>
+
+<p>SSL_CTX_get_default_passwd_cb() returns a function pointer to the password callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to the userdata currently set in <b>ctx</b>. If no userdata was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(), SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform the same function as their SSL_CTX counterparts, but using an SSL object.</p>
+
+<p>The password callback, which must be provided by the application, hands back the password to be used during decryption. On invocation a pointer to userdata is provided. The function must store the password into the provided buffer <b>buf</b> which is of size <b>size</b>. The actual length of the password must be returned to the calling function. <b>rwflag</b> indicates whether the callback is used for reading/decryption (rwflag=0) or writing/encryption (rwflag=1). For more details, see <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When loading or storing private keys, a password might be supplied to protect the private key. The way this password can be supplied may depend on the application. If only one private key is handled, it can be practical to have the callback handle the password dialog interactively. If several keys have to be handled, it can be practical to ask for the password once, then keep it in memory and use it several times. In the last case, the password could be stored into the userdata storage and the callback only returns the password already stored.</p>
+
+<p>When asking for the password interactively, the callback can use <b>rwflag</b> to check, whether an item shall be encrypted (rwflag=1). In this case the password dialog may ask for the same password twice for comparison in order to catch typos, that would make decryption impossible.</p>
+
+<p>Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not provide diagnostic information.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example returns the password provided as userdata to the calling function. The password is considered to be a &#39;\0&#39; terminated string. If the password does not fit into the buffer, the password is truncated.</p>
+
+<pre><code> int my_cb(char *buf, int size, int rwflag, void *u)
+ {
+     strncpy(buf, (char *)u, size);
+     buf[size - 1] = &#39;\0&#39;;
+     return strlen(buf);
+ }</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(), SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_passwd_cb_userdata.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_passwd_cb_userdata.html
new file mode 100644
index 000000000..7351cd5a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_passwd_cb_userdata.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_default_passwd_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata, SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata, SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata, SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or get passwd callback for encrypted PEM file handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
+ void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_passwd_cb() sets the default password callback called when loading/storing a PEM certificate with encryption.</p>
+
+<p>SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata, <b>u</b>, which will be provided to the password callback on invocation.</p>
+
+<p>SSL_CTX_get_default_passwd_cb() returns a function pointer to the password callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to the userdata currently set in <b>ctx</b>. If no userdata was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(), SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform the same function as their SSL_CTX counterparts, but using an SSL object.</p>
+
+<p>The password callback, which must be provided by the application, hands back the password to be used during decryption. On invocation a pointer to userdata is provided. The function must store the password into the provided buffer <b>buf</b> which is of size <b>size</b>. The actual length of the password must be returned to the calling function. <b>rwflag</b> indicates whether the callback is used for reading/decryption (rwflag=0) or writing/encryption (rwflag=1). For more details, see <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When loading or storing private keys, a password might be supplied to protect the private key. The way this password can be supplied may depend on the application. If only one private key is handled, it can be practical to have the callback handle the password dialog interactively. If several keys have to be handled, it can be practical to ask for the password once, then keep it in memory and use it several times. In the last case, the password could be stored into the userdata storage and the callback only returns the password already stored.</p>
+
+<p>When asking for the password interactively, the callback can use <b>rwflag</b> to check, whether an item shall be encrypted (rwflag=1). In this case the password dialog may ask for the same password twice for comparison in order to catch typos, that would make decryption impossible.</p>
+
+<p>Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not provide diagnostic information.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example returns the password provided as userdata to the calling function. The password is considered to be a &#39;\0&#39; terminated string. If the password does not fit into the buffer, the password is truncated.</p>
+
+<pre><code> int my_cb(char *buf, int size, int rwflag, void *u)
+ {
+     strncpy(buf, (char *)u, size);
+     buf[size - 1] = &#39;\0&#39;;
+     return strlen(buf);
+ }</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(), SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_read_ahead.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_read_ahead.html
new file mode 100644
index 000000000..ef56bb1b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_default_read_ahead.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_read_ahead</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_read_ahead, SSL_CTX_get_read_ahead, SSL_set_read_ahead, SSL_get_read_ahead, SSL_CTX_get_default_read_ahead - manage whether to read as many input bytes as possible</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_read_ahead(SSL *s, int yes);
+ int SSL_get_read_ahead(const SSL *s);
+
+ SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes);
+ long SSL_CTX_get_read_ahead(SSL_CTX *ctx);
+ long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_read_ahead() and SSL_set_read_ahead() set whether we should read as many input bytes as possible (for non-blocking reads) or not. For example if <b>x</b> bytes are currently required by OpenSSL, but <b>y</b> bytes are available from the underlying BIO (where <b>y</b> &gt; <b>x</b>), then OpenSSL will read all <b>y</b> bytes into its buffer (providing that the buffer is large enough) if reading ahead is on, or <b>x</b> bytes otherwise. Setting the parameter <b>yes</b> to 0 turns reading ahead is off, other values turn it on. SSL_CTX_set_default_read_ahead() is identical to SSL_CTX_set_read_ahead().</p>
+
+<p>SSL_CTX_get_read_ahead() and SSL_get_read_ahead() indicate whether reading ahead has been set or not. SSL_CTX_get_default_read_ahead() is identical to SSL_CTX_get_read_ahead().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions have no impact when used with DTLS. The return values for SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>Since SSL_read() can return <b>SSL_ERROR_WANT_READ</b> for non-application data records, and SSL_has_pending() can&#39;t tell the difference between processed and unprocessed data, it&#39;s recommended that if read ahead is turned on that <b>SSL_MODE_AUTO_RETRY</b> is not turned off using SSL_CTX_clear_mode(). That will prevent getting <b>SSL_ERROR_WANT_READ</b> when there is still a complete record availale that hasn&#39;t been processed.</p>
+
+<p>If the application wants to continue to use the underlying transport (e.g. TCP connection) after the SSL connection is finished using SSL_shutdown() reading ahead should be turned off. Otherwise the SSL structure might read data that it shouldn&#39;t.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_read_ahead() and SSL_CTX_get_read_ahead() return 0 if reading ahead is off, and non zero otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_ex_data.html
new file mode 100644
index 000000000..4a6cbddd5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_ex_data.html
@@ -0,0 +1,64 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_ex_data, SSL_CTX_set_ex_data, SSL_get_ex_data, SSL_set_ex_data - Store and retrieve extra data from the SSL_CTX, SSL or SSL_SESSION</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);
+
+ int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg);
+
+ void *SSL_get_ex_data(const SSL *s, int idx);
+
+ int SSL_set_ex_data(SSL *s, int idx, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL*_set_ex_data() functions can be used to store arbitrary user data into the <b>SSL_CTX</b>, or <b>SSL</b> object. The user must supply a unique index which they can subsequently use to retrieve the data using SSL*_get_ex_data().</p>
+
+<p>For more detailed information see <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a> and <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a> which implement these functions and <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for generating a unique index.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_ex_data() functions return 1 if the item is successfully stored and 0 if it is not. The SSL*_get_ex_data() functions return the ex_data pointer if successful, otherwise NULL.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_info_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_info_callback.html
new file mode 100644
index 000000000..1f7a32dbd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_info_callback.html
@@ -0,0 +1,186 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_info_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL_get_info_callback - handle information callback for SSL connections</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
+ void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
+
+ void SSL_set_info_callback(SSL *ssl, void (*callback)());
+ void (*SSL_get_info_callback(const SSL *ssl))();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_info_callback() sets the <b>callback</b> function, that can be used to obtain state information for SSL objects created from <b>ctx</b> during connection setup and use. The setting for <b>ctx</b> is overridden from the setting for a specific SSL object, if specified. When <b>callback</b> is NULL, no callback function is used.</p>
+
+<p>SSL_set_info_callback() sets the <b>callback</b> function, that can be used to obtain state information for <b>ssl</b> during connection setup and use. When <b>callback</b> is NULL, the callback setting currently valid for <b>ctx</b> is used.</p>
+
+<p>SSL_CTX_get_info_callback() returns a pointer to the currently set information callback function for <b>ctx</b>.</p>
+
+<p>SSL_get_info_callback() returns a pointer to the currently set information callback function for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When setting up a connection and during use, it is possible to obtain state information from the SSL/TLS engine. When set, an information callback function is called whenever a significant event occurs such as: the state changes, an alert appears, or an error occurs.</p>
+
+<p>The callback function is called as <b>callback(SSL *ssl, int where, int ret)</b>. The <b>where</b> argument specifies information about where (in which context) the callback function was called. If <b>ret</b> is 0, an error condition occurred. If an alert is handled, SSL_CB_ALERT is set and <b>ret</b> specifies the alert information.</p>
+
+<p><b>where</b> is a bitmask made up of the following bits:</p>
+
+<dl>
+
+<dt id="SSL_CB_LOOP">SSL_CB_LOOP</dt>
+<dd>
+
+<p>Callback has been called to indicate state change or some other significant state machine event. This may mean that the callback gets invoked more than once per state in some situations.</p>
+
+</dd>
+<dt id="SSL_CB_EXIT">SSL_CB_EXIT</dt>
+<dd>
+
+<p>Callback has been called to indicate exit of a handshake function. This will happen after the end of a handshake, but may happen at other times too such as on error or when IO might otherwise block and non-blocking is being used.</p>
+
+</dd>
+<dt id="SSL_CB_READ">SSL_CB_READ</dt>
+<dd>
+
+<p>Callback has been called during read operation.</p>
+
+</dd>
+<dt id="SSL_CB_WRITE">SSL_CB_WRITE</dt>
+<dd>
+
+<p>Callback has been called during write operation.</p>
+
+</dd>
+<dt id="SSL_CB_ALERT">SSL_CB_ALERT</dt>
+<dd>
+
+<p>Callback has been called due to an alert being sent or received.</p>
+
+</dd>
+<dt id="SSL_CB_READ_ALERT-SSL_CB_ALERT-SSL_CB_READ">SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_WRITE_ALERT-SSL_CB_ALERT-SSL_CB_WRITE">SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_ACCEPT_LOOP-SSL_ST_ACCEPT-SSL_CB_LOOP">SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_ACCEPT_EXIT-SSL_ST_ACCEPT-SSL_CB_EXIT">SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_CONNECT_LOOP-SSL_ST_CONNECT-SSL_CB_LOOP">SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_CONNECT_EXIT-SSL_ST_CONNECT-SSL_CB_EXIT">SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_HANDSHAKE_START">SSL_CB_HANDSHAKE_START</dt>
+<dd>
+
+<p>Callback has been called because a new handshake is started. It also occurs when resuming a handshake following a pause to handle early data.</p>
+
+</dd>
+<dt id="SSL_CB_HANDSHAKE_DONE">SSL_CB_HANDSHAKE_DONE</dt>
+<dd>
+
+<p>Callback has been called because a handshake is finished. It also occurs if the handshake is paused to allow the exchange of early data.</p>
+
+</dd>
+</dl>
+
+<p>The current state information can be obtained using the <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a> family of functions.</p>
+
+<p>The <b>ret</b> information can be evaluated using the <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a> family of functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_info_callback() does not provide diagnostic information.</p>
+
+<p>SSL_get_info_callback() returns the current setting.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example callback function prints state strings, information about alerts being handled and error messages to the <b>bio_err</b> BIO.</p>
+
+<pre><code> void apps_ssl_info_callback(SSL *s, int where, int ret)
+ {
+     const char *str;
+     int w = where &amp; ~SSL_ST_MASK;
+
+     if (w &amp; SSL_ST_CONNECT)
+         str = &quot;SSL_connect&quot;;
+     else if (w &amp; SSL_ST_ACCEPT)
+         str = &quot;SSL_accept&quot;;
+     else
+         str = &quot;undefined&quot;;
+
+     if (where &amp; SSL_CB_LOOP) {
+         BIO_printf(bio_err, &quot;%s:%s\n&quot;, str, SSL_state_string_long(s));
+     } else if (where &amp; SSL_CB_ALERT) {
+         str = (where &amp; SSL_CB_READ) ? &quot;read&quot; : &quot;write&quot;;
+         BIO_printf(bio_err, &quot;SSL3 alert %s:%s:%s\n&quot;, str,
+                    SSL_alert_type_string_long(ret),
+                    SSL_alert_desc_string_long(ret));
+     } else if (where &amp; SSL_CB_EXIT) {
+         if (ret == 0) {
+             BIO_printf(bio_err, &quot;%s:failed in %s\n&quot;,
+                        str, SSL_state_string_long(s));
+         } else if (ret &lt; 0) {
+             BIO_printf(bio_err, &quot;%s:error in %s\n&quot;,
+                        str, SSL_state_string_long(s));
+         }
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a>, <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_keylog_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_keylog_callback.html
new file mode 100644
index 000000000..7143f4b6a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_keylog_callback.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_keylog_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_keylog_callback, SSL_CTX_get_keylog_callback, SSL_CTX_keylog_cb_func - logging TLS key material</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef void (*SSL_CTX_keylog_cb_func)(const SSL *ssl, const char *line);
+
+ void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb);
+ SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_keylog_callback() sets the TLS key logging callback. This callback is called whenever TLS key material is generated or received, in order to allow applications to store this keying material for debugging purposes.</p>
+
+<p>SSL_CTX_get_keylog_callback() retrieves the previously set TLS key logging callback. If no callback has been set, this will return NULL. When there is no key logging callback, or if SSL_CTX_set_keylog_callback is called with NULL as the value of cb, no logging of key material will be done.</p>
+
+<p>The key logging callback is called with two items: the <b>ssl</b> object associated with the connection, and <b>line</b>, a string containing the key material in the format used by NSS for its <b>SSLKEYLOGFILE</b> debugging output. To recreate that file, the key logging callback should log <b>line</b>, followed by a newline. <b>line</b> will always be a NULL-terminated string.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get_keylog_callback() returns a pointer to <b>SSL_CTX_keylog_cb_func</b> or NULL if the callback is not set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_cert_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_cert_list.html
new file mode 100644
index 000000000..5e23392bb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_cert_list.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_max_cert_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list - manipulate allowed size for the peer&#39;s certificate chain</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_cert_list(SSL_CTX *ctx, long size);
+ long SSL_CTX_get_max_cert_list(SSL_CTX *ctx);
+
+ long SSL_set_max_cert_list(SSL *ssl, long size);
+ long SSL_get_max_cert_list(SSL *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer&#39;s certificate chain for all SSL objects created from <b>ctx</b> to be &lt;size&gt; bytes. The SSL objects inherit the setting valid for <b>ctx</b> at the time <a href="../man3/SSL_new.html">SSL_new(3)</a> is being called.</p>
+
+<p>SSL_CTX_get_max_cert_list() returns the currently set maximum size for <b>ctx</b>.</p>
+
+<p>SSL_set_max_cert_list() sets the maximum size allowed for the peer&#39;s certificate chain for <b>ssl</b> to be &lt;size&gt; bytes. This setting stays valid until a new value is set.</p>
+
+<p>SSL_get_max_cert_list() returns the currently set maximum size for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During the handshake process, the peer may send a certificate chain. The TLS/SSL standard does not give any maximum size of the certificate chain. The OpenSSL library handles incoming data by a dynamically allocated buffer. In order to prevent this buffer from growing without bounds due to data received from a faulty or malicious peer, a maximum size for the certificate chain is set.</p>
+
+<p>The default value for the maximum certificate chain size is 100kB (30kB on the 16bit DOS platform). This should be sufficient for usual certificate chains (OpenSSL&#39;s default maximum chain length is 10, see <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, and certificates without special extensions have a typical size of 1-2kB).</p>
+
+<p>For special applications it can be necessary to extend the maximum certificate chain size allowed to be sent by the peer, see e.g. the work on &quot;Internet X.509 Public Key Infrastructure Proxy Certificate Profile&quot; and &quot;TLS Delegation Protocol&quot; at http://www.ietf.org/ and http://www.globus.org/ .</p>
+
+<p>Under normal conditions it should never be necessary to set a value smaller than the default, as the buffer is handled dynamically and only uses the memory actually required by the data sent by the peer.</p>
+
+<p>If the maximum certificate chain size allowed is exceeded, the handshake will fail with a SSL_R_EXCESSIVE_MESSAGE_SIZE error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_max_cert_list() and SSL_set_max_cert_list() return the previously set value.</p>
+
+<p>SSL_CTX_get_max_cert_list() and SSL_get_max_cert_list() return the currently set value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_proto_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_proto_version.html
new file mode 100644
index 000000000..a5aadff8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_max_proto_version.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_min_proto_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
+ int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
+
+ int SSL_set_min_proto_version(SSL *ssl, int version);
+ int SSL_set_max_proto_version(SSL *ssl, int version);
+ int SSL_get_min_proto_version(SSL *ssl);
+ int SSL_get_max_proto_version(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions get or set the minimum and maximum supported protocol versions for the <b>ctx</b> or <b>ssl</b>. This works in combination with the options set via <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.</p>
+
+<p>Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.</p>
+
+<p>Getters return 0 in case <b>ctx</b> or <b>ssl</b> have been configured to automatically use the lowest or highest version supported by the library.</p>
+
+<p>Currently supported versions are <b>SSL3_VERSION</b>, <b>TLS1_VERSION</b>, <b>TLS1_1_VERSION</b>, <b>TLS1_2_VERSION</b>, <b>TLS1_3_VERSION</b> for TLS and <b>DTLS1_VERSION</b>, <b>DTLS1_2_VERSION</b> for DTLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_min_proto_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_min_proto_version.html
new file mode 100644
index 000000000..a5aadff8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_min_proto_version.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_min_proto_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
+ int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
+
+ int SSL_set_min_proto_version(SSL *ssl, int version);
+ int SSL_set_max_proto_version(SSL *ssl, int version);
+ int SSL_get_min_proto_version(SSL *ssl);
+ int SSL_get_max_proto_version(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions get or set the minimum and maximum supported protocol versions for the <b>ctx</b> or <b>ssl</b>. This works in combination with the options set via <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.</p>
+
+<p>Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.</p>
+
+<p>Getters return 0 in case <b>ctx</b> or <b>ssl</b> have been configured to automatically use the lowest or highest version supported by the library.</p>
+
+<p>Currently supported versions are <b>SSL3_VERSION</b>, <b>TLS1_VERSION</b>, <b>TLS1_1_VERSION</b>, <b>TLS1_2_VERSION</b>, <b>TLS1_3_VERSION</b> for TLS and <b>DTLS1_VERSION</b>, <b>DTLS1_2_VERSION</b> for DTLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_mode.html
new file mode 100644
index 000000000..2e6c33d57
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_mode.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_mode, SSL_CTX_clear_mode, SSL_set_mode, SSL_clear_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
+ long SSL_CTX_clear_mode(SSL_CTX *ctx, long mode);
+ long SSL_set_mode(SSL *ssl, long mode);
+ long SSL_clear_mode(SSL *ssl, long mode);
+
+ long SSL_CTX_get_mode(SSL_CTX *ctx);
+ long SSL_get_mode(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ctx</b>. Options already set before are not cleared. SSL_CTX_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ctx</b>.</p>
+
+<p>SSL_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ssl</b>. Options already set before are not cleared. SSL_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_mode() returns the mode set for <b>ctx</b>.</p>
+
+<p>SSL_get_mode() returns the mode set for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following mode changes are available:</p>
+
+<dl>
+
+<dt id="SSL_MODE_ENABLE_PARTIAL_WRITE">SSL_MODE_ENABLE_PARTIAL_WRITE</dt>
+<dd>
+
+<p>Allow SSL_write_ex(..., n, &amp;r) to return with 0 &lt; r &lt; n (i.e. report success when just a single record has been written). This works in a similar way for SSL_write(). When not set (the default), SSL_write_ex() or SSL_write() will only report success once the complete chunk was written. Once SSL_write_ex() or SSL_write() returns successful, <b>r</b> bytes have been written and the next call to SSL_write_ex() or SSL_write() must only send the n-r bytes left, imitating the behaviour of write().</p>
+
+</dd>
+<dt id="SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER">SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</dt>
+<dd>
+
+<p>Make it possible to retry SSL_write_ex() or SSL_write() with changed buffer location (the buffer contents must stay the same). This is not the default to avoid the misconception that non-blocking SSL_write() behaves like non-blocking write().</p>
+
+</dd>
+<dt id="SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</dt>
+<dd>
+
+<p>During normal operations, non-application data records might need to be sent or received that the application is not aware of. If a non-application data record was processed, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> can return with a failure and indicate the need to retry with <b>SSL_ERROR_WANT_READ</b>. If such a non-application data record was processed, the flag <b>SSL_MODE_AUTO_RETRY</b> causes it to try to process the next record instead of returning.</p>
+
+<p>In a non-blocking environment applications must be prepared to handle incomplete read/write operations. Setting <b>SSL_MODE_AUTO_RETRY</b> for a non-blocking <b>BIO</b> will process non-application data records until either no more data is available or an application data record has been processed.</p>
+
+<p>In a blocking environment, applications are not always prepared to deal with the functions returning intermediate reports such as retry requests, and setting the <b>SSL_MODE_AUTO_RETRY</b> flag will cause the functions to only return after successfully processing an application data record or a failure.</p>
+
+<p>Turning off <b>SSL_MODE_AUTO_RETRY</b> can be useful with blocking <b>BIO</b>s in case they are used in combination with something like select() or poll(). Otherwise the call to SSL_read() or SSL_read_ex() might hang when a non-application record was sent and no application data was sent.</p>
+
+</dd>
+<dt id="SSL_MODE_RELEASE_BUFFERS">SSL_MODE_RELEASE_BUFFERS</dt>
+<dd>
+
+<p>When we no longer need a read buffer or a write buffer for a given SSL, then release the memory we were using to hold it. Using this flag can save around 34k per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections.</p>
+
+</dd>
+<dt id="SSL_MODE_SEND_FALLBACK_SCSV">SSL_MODE_SEND_FALLBACK_SCSV</dt>
+<dd>
+
+<p>Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications that reconnect with a downgraded protocol version; see draft-ietf-tls-downgrade-scsv-00 for details.</p>
+
+<p>DO NOT ENABLE THIS if your application attempts a normal handshake. Only use this in explicit fallback retries, following the guidance in draft-ietf-tls-downgrade-scsv-00.</p>
+
+</dd>
+<dt id="SSL_MODE_ASYNC">SSL_MODE_ASYNC</dt>
+<dd>
+
+<p>Enable asynchronous processing. TLS I/O operations may indicate a retry with SSL_ERROR_WANT_ASYNC with this mode set if an asynchronous capable engine is used to perform cryptographic operations. See <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+</dd>
+<dt id="SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG">SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG</dt>
+<dd>
+
+<p>Older versions of OpenSSL had a bug in the computation of the label length used for computing the endpoint-pair shared secret. The bug was that the terminating zero was included in the length of the label. Setting this option enables this behaviour to allow interoperability with such broken implementations. Please note that setting this option breaks interoperability with correct implementations. This option only applies to DTLS over SCTP.</p>
+
+</dd>
+</dl>
+
+<p>All modes are off by default except for SSL_MODE_AUTO_RETRY which is on by default since 1.1.1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask after adding <b>mode</b>.</p>
+
+<p>SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_MODE_ASYNC was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_num_tickets.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_num_tickets.html
new file mode 100644
index 000000000..94cc9b7e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_num_tickets.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_num_tickets</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_num_tickets, SSL_get_num_tickets, SSL_CTX_set_num_tickets, SSL_CTX_get_num_tickets - control the number of TLSv1.3 session tickets that are issued</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set_num_tickets(SSL *s, size_t num_tickets);
+ size_t SSL_get_num_tickets(SSL *s);
+ int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
+ size_t SSL_CTX_get_num_tickets(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_num_tickets() and SSL_set_num_tickets() can be called for a server application and set the number of TLSv1.3 session tickets that will be sent to the client after a full handshake. Set the desired value (which could be 0) in the <b>num_tickets</b> argument. Typically these functions should be called before the start of the handshake.</p>
+
+<p>The default number of tickets is 2; the default number of tickets sent following a resumption handshake is 1 but this cannot be changed using these functions. The number of tickets following a resumption handshake can be reduced to 0 using custom session ticket callbacks (see <a href="../man3/SSL_CTX_set_session_ticket_cb.html">SSL_CTX_set_session_ticket_cb(3)</a>).</p>
+
+<p>Tickets are also issued on receipt of a post-handshake certificate from the client following a request by the server using <a href="../man3/SSL_verify_client_post_handshake.html">SSL_verify_client_post_handshake(3)</a>. These new tickets will be associated with the updated client identity (i.e. including their certificate and verification status). The number of tickets issued will normally be the same as was used for the initial handshake. If the initial handshake was a full handshake then SSL_set_num_tickets() can be called again prior to calling SSL_verify_client_post_handshake() to update the number of tickets that will be sent.</p>
+
+<p>SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets set by a previous call to SSL_CTX_set_num_tickets() or SSL_set_num_tickets(), or 2 if no such call has been made.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_num_tickets() and SSL_set_num_tickets() return 1 on success or 0 on failure.</p>
+
+<p>SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets that have been previously set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_options.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_options.html
new file mode 100644
index 000000000..b45ee0128
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_options.html
@@ -0,0 +1,350 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_options</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SECURE-RENEGOTIATION">SECURE RENEGOTIATION</a>
+    <ul>
+      <li><a href="#Patched-client-and-server">Patched client and server</a></li>
+      <li><a href="#Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</a></li>
+      <li><a href="#Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_options() adds the options set via bitmask in <b>options</b> to <b>ctx</b>. Options already set before are not cleared!</p>
+
+<p>SSL_set_options() adds the options set via bitmask in <b>options</b> to <b>ssl</b>. Options already set before are not cleared!</p>
+
+<p>SSL_CTX_clear_options() clears the options set via bitmask in <b>options</b> to <b>ctx</b>.</p>
+
+<p>SSL_clear_options() clears the options set via bitmask in <b>options</b> to <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_options() returns the options set for <b>ctx</b>.</p>
+
+<p>SSL_get_options() returns the options set for <b>ssl</b>.</p>
+
+<p>SSL_get_secure_renegotiation_support() indicates whether the peer supports secure renegotiation. Note, this is implemented via a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of the SSL library can be changed by setting several options. The options are coded as bitmasks and can be combined by a bitwise <b>or</b> operation (|).</p>
+
+<p>SSL_CTX_set_options() and SSL_set_options() affect the (external) protocol behaviour of the SSL library. The (internal) behaviour of the API can be changed by using the similar <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> and SSL_set_mode() functions.</p>
+
+<p>During a handshake, the option settings of the SSL object are used. When a new SSL object is created from a context using SSL_new(), the current option setting is copied. Changes to <b>ctx</b> do not affect already created SSL objects. SSL_clear() does not affect the settings.</p>
+
+<p>The following <b>bug workaround</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_SAFARI_ECDHE_ECDSA_BUG">SSL_OP_SAFARI_ECDHE_ECDSA_BUG</dt>
+<dd>
+
+<p>Don&#39;t prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS">SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</dt>
+<dd>
+
+<p>Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_TLSEXT_PADDING">SSL_OP_TLSEXT_PADDING</dt>
+<dd>
+
+<p>Adds a padding extension to ensure the ClientHello size is never between 256 and 511 bytes in length. This is needed as a workaround for some implementations.</p>
+
+</dd>
+<dt id="SSL_OP_ALL">SSL_OP_ALL</dt>
+<dd>
+
+<p>All of the above bug workarounds plus <b>SSL_OP_LEGACY_SERVER_CONNECT</b> as mentioned below.</p>
+
+</dd>
+</dl>
+
+<p>It is usually safe to use <b>SSL_OP_ALL</b> to enable the bug workaround options if compatibility with somewhat broken implementations is desired.</p>
+
+<p>The following <b>modifying</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_TLS_ROLLBACK_BUG">SSL_OP_TLS_ROLLBACK_BUG</dt>
+<dd>
+
+<p>Disable version rollback attack detection.</p>
+
+<p>During the client key exchange, the client must send the same information about acceptable SSL/TLS protocol levels as during the first hello. Some clients violate this rule by adapting to the server&#39;s answer. (Example: the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server only understands up to SSLv3. In this case the client must still use the same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect to the server&#39;s answer and violate the version rollback protection.)</p>
+
+</dd>
+<dt id="SSL_OP_CIPHER_SERVER_PREFERENCE">SSL_OP_CIPHER_SERVER_PREFERENCE</dt>
+<dd>
+
+<p>When choosing a cipher, use the server&#39;s preferences instead of the client preferences. When not set, the SSL server will always follow the clients preferences. When set, the SSL/TLS server will choose following its own preferences.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SSLv3-SSL_OP_NO_TLSv1-SSL_OP_NO_TLSv1_1-SSL_OP_NO_TLSv1_2-SSL_OP_NO_TLSv1_3-SSL_OP_NO_DTLSv1-SSL_OP_NO_DTLSv1_2">SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2</dt>
+<dd>
+
+<p>These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively. As of OpenSSL 1.1.0, these options are deprecated, use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> and <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> instead.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION">SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</dt>
+<dd>
+
+<p>When performing renegotiation as a server, always start a new session (i.e., session resumption requests are only accepted in the initial handshake). This option is not needed for clients.</p>
+
+</dd>
+<dt id="SSL_OP_NO_COMPRESSION">SSL_OP_NO_COMPRESSION</dt>
+<dd>
+
+<p>Do not use compression even if it is supported.</p>
+
+</dd>
+<dt id="SSL_OP_NO_QUERY_MTU">SSL_OP_NO_QUERY_MTU</dt>
+<dd>
+
+<p>Do not query the MTU. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_COOKIE_EXCHANGE">SSL_OP_COOKIE_EXCHANGE</dt>
+<dd>
+
+<p>Turn on Cookie Exchange as described in RFC4347 Section 4.2.1. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_NO_TICKET">SSL_OP_NO_TICKET</dt>
+<dd>
+
+<p>SSL/TLS supports two mechanisms for resuming sessions: session ids and stateless session tickets.</p>
+
+<p>When using session ids a copy of the session information is cached on the server and a unique id is sent to the client. When the client wishes to resume it provides the unique id so that the server can retrieve the session information from its cache.</p>
+
+<p>When using stateless session tickets the server uses a session ticket encryption key to encrypt the session information. This encrypted data is sent to the client as a &quot;ticket&quot;. When the client wishes to resume it sends the encrypted data back to the server. The server uses its key to decrypt the data and resume the session. In this way the server can operate statelessly - no session information needs to be cached locally.</p>
+
+<p>The TLSv1.3 protocol only supports tickets and does not directly support session ids. However OpenSSL allows two modes of ticket operation in TLSv1.3: stateful and stateless. Stateless tickets work the same way as in TLSv1.2 and below. Stateful tickets mimic the session id behaviour available in TLSv1.2 and below. The session information is cached on the server and the session id is wrapped up in a ticket and sent back to the client. When the client wishes to resume, it presents a ticket in the same way as for stateless tickets. The server can then extract the session id from the ticket and retrieve the session information from its cache.</p>
+
+<p>By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET option will cause stateless tickets to not be issued. In TLSv1.2 and below this means no ticket gets sent to the client at all. In TLSv1.3 a stateful ticket will be sent. This is a server-side option only.</p>
+
+<p>In TLSv1.3 it is possible to suppress all tickets (stateful and stateless) from being sent by calling <a href="../man3/SSL_CTX_set_num_tickets.html">SSL_CTX_set_num_tickets(3)</a> or <a href="../man3/SSL_set_num_tickets.html">SSL_set_num_tickets(3)</a>.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION">SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_LEGACY_SERVER_CONNECT">SSL_OP_LEGACY_SERVER_CONNECT</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched servers <b>only</b>: this option is currently set by default. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ENCRYPT_THEN_MAC">SSL_OP_NO_ENCRYPT_THEN_MAC</dt>
+<dd>
+
+<p>Normally clients and servers will transparently attempt to negotiate the RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.</p>
+
+<p>If this option is set, Encrypt-then-MAC is disabled. Clients will not propose, and servers will not accept the extension.</p>
+
+</dd>
+<dt id="SSL_OP_NO_RENEGOTIATION">SSL_OP_NO_RENEGOTIATION</dt>
+<dd>
+
+<p>Disable all renegotiation in TLSv1.2 and earlier. Do not send HelloRequest messages, and ignore renegotiation requests via ClientHello.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_NO_DHE_KEX">SSL_OP_ALLOW_NO_DHE_KEX</dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="SSL_OP_PRIORITIZE_CHACHA">SSL_OP_PRIORITIZE_CHACHA</dt>
+<dd>
+
+<p>When SSL_OP_CIPHER_SERVER_PREFERENCE is set, temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers. Requires <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>.</p>
+
+</dd>
+<dt id="SSL_OP_ENABLE_MIDDLEBOX_COMPAT">SSL_OP_ENABLE_MIDDLEBOX_COMPAT</dt>
+<dd>
+
+<p>If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. Regardless of whether this option is set or not CCS messages received from the peer will always be ignored in TLSv1.3. This option is set by default. To switch it off use SSL_clear_options(). A future version of OpenSSL may not set this by default.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ANTI_REPLAY">SSL_OP_NO_ANTI_REPLAY</dt>
+<dd>
+
+<p>By default, when a server is configured for early data (i.e., max_early_data &gt; 0), OpenSSL will switch on replay protection. See <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a> for a description of the replay protection feature. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built in OpenSSL functionality is not required. Those applications can turn this feature off by setting this option. This is a server-side opton only. It is ignored by clients.</p>
+
+</dd>
+</dl>
+
+<p>The following options no longer have any effect but their identifiers are retained for compatibility purposes:</p>
+
+<dl>
+
+<dt id="SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG">SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER">SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLEAY_080_CLIENT_DH_BUG">SSL_OP_SSLEAY_080_CLIENT_DH_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_D5_BUG">SSL_OP_TLS_D5_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_BLOCK_PADDING_BUG">SSL_OP_TLS_BLOCK_PADDING_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MSIE_SSLV2_RSA_PADDING">SSL_OP_MSIE_SSLV2_RSA_PADDING</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG">SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_SESS_ID_BUG">SSL_OP_MICROSOFT_SESS_ID_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_NETSCAPE_CHALLENGE_BUG">SSL_OP_NETSCAPE_CHALLENGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_1">SSL_OP_PKCS1_CHECK_1</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_2">SSL_OP_PKCS1_CHECK_2</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_DH_USE">SSL_OP_SINGLE_DH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_ECDH_USE">SSL_OP_SINGLE_ECDH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_EPHEMERAL_RSA">SSL_OP_EPHEMERAL_RSA</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h1 id="SECURE-RENEGOTIATION">SECURE RENEGOTIATION</h1>
+
+<p>OpenSSL always attempts to use secure renegotiation as described in RFC5746. This counters the prefix attack described in CVE-2009-3555 and elsewhere.</p>
+
+<p>This attack has far reaching consequences which application writers should be aware of. In the description below an implementation supporting secure renegotiation is referred to as <i>patched</i>. A server not supporting secure renegotiation is referred to as <i>unpatched</i>.</p>
+
+<p>The following sections describe the operations permitted by OpenSSL&#39;s secure renegotiation implementation.</p>
+
+<h2 id="Patched-client-and-server">Patched client and server</h2>
+
+<p>Connections and renegotiation are always permitted by OpenSSL implementations.</p>
+
+<h2 id="Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</h2>
+
+<p>The initial connection succeeds but client renegotiation is denied by the server with a <b>no_renegotiation</b> warning alert if TLS v1.0 is used or a fatal <b>handshake_failure</b> alert in SSL v3.0.</p>
+
+<p>If the patched OpenSSL server attempts to renegotiate a fatal <b>handshake_failure</b> alert is sent. This is because the server code may be unaware of the unpatched nature of the client.</p>
+
+<p>If the option <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then renegotiation <b>always</b> succeeds.</p>
+
+<h2 id="Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</h2>
+
+<p>If the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> or <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then initial connections and renegotiation between patched OpenSSL clients and unpatched servers succeeds. If neither option is set then initial connections to unpatched servers will fail.</p>
+
+<p>The option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> is currently set by default even though it has security implications: otherwise it would be impossible to connect to unpatched servers (i.e. all of them initially) and this is clearly not acceptable. Renegotiation is permitted because this does not add any additional security issues: during an attack clients do not see any renegotiations anyway.</p>
+
+<p>As more servers become patched the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> will <b>not</b> be set by default in a future version of OpenSSL.</p>
+
+<p>OpenSSL client applications wishing to ensure they can connect to unpatched servers should always <b>set</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b></p>
+
+<p>OpenSSL client applications that want to ensure they can <b>not</b> connect to unpatched servers (and thus avoid any security issues) should always <b>clear</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b> using SSL_CTX_clear_options() or SSL_clear_options().</p>
+
+<p>The difference between the <b>SSL_OP_LEGACY_SERVER_CONNECT</b> and <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> options is that <b>SSL_OP_LEGACY_SERVER_CONNECT</b> enables initial connections and secure renegotiation between OpenSSL clients and unpatched servers <b>only</b>, while <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> allows initial connections and renegotiation between OpenSSL and unpatched clients or servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_options() and SSL_set_options() return the new options bitmask after adding <b>options</b>.</p>
+
+<p>SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask after clearing <b>options</b>.</p>
+
+<p>SSL_CTX_get_options() and SSL_get_options() return the current bitmask.</p>
+
+<p>SSL_get_secure_renegotiation_support() returns 1 is the peer supports secure renegotiation and 0 if it does not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The attempt to always try to use secure renegotiation was added in OpenSSL 0.9.8m.</p>
+
+<p>The <b>SSL_OP_PRIORITIZE_CHACHA</b> and <b>SSL_OP_NO_RENEGOTIATION</b> options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_quiet_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_quiet_shutdown.html
new file mode 100644
index 000000000..7b96fc659
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_quiet_shutdown.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_quiet_shutdown</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown behaviour</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+ int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+
+ void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+ int SSL_get_quiet_shutdown(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_quiet_shutdown() sets the &quot;quiet shutdown&quot; flag for <b>ctx</b> to be <b>mode</b>. SSL objects created from <b>ctx</b> inherit the <b>mode</b> valid at the time <a href="../man3/SSL_new.html">SSL_new(3)</a> is called. <b>mode</b> may be 0 or 1.</p>
+
+<p>SSL_CTX_get_quiet_shutdown() returns the &quot;quiet shutdown&quot; setting of <b>ctx</b>.</p>
+
+<p>SSL_set_quiet_shutdown() sets the &quot;quiet shutdown&quot; flag for <b>ssl</b> to be <b>mode</b>. The setting stays valid until <b>ssl</b> is removed with <a href="../man3/SSL_free.html">SSL_free(3)</a> or SSL_set_quiet_shutdown() is called again. It is not changed when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called. <b>mode</b> may be 0 or 1.</p>
+
+<p>SSL_get_quiet_shutdown() returns the &quot;quiet shutdown&quot; setting of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Normally when a SSL connection is finished, the parties must send out close_notify alert messages using <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> for a clean shutdown.</p>
+
+<p>When setting the &quot;quiet shutdown&quot; flag to 1, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN. (<a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> then behaves like <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a> called with SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.) The session is thus considered to be shutdown, but no close_notify alert is sent to the peer. This behaviour violates the TLS standard.</p>
+
+<p>The default is normal shutdown behaviour as described by the TLS standard.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return diagnostic information.</p>
+
+<p>SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_read_ahead.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_read_ahead.html
new file mode 100644
index 000000000..ef56bb1b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_read_ahead.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_read_ahead</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_read_ahead, SSL_CTX_get_read_ahead, SSL_set_read_ahead, SSL_get_read_ahead, SSL_CTX_get_default_read_ahead - manage whether to read as many input bytes as possible</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_read_ahead(SSL *s, int yes);
+ int SSL_get_read_ahead(const SSL *s);
+
+ SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes);
+ long SSL_CTX_get_read_ahead(SSL_CTX *ctx);
+ long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_read_ahead() and SSL_set_read_ahead() set whether we should read as many input bytes as possible (for non-blocking reads) or not. For example if <b>x</b> bytes are currently required by OpenSSL, but <b>y</b> bytes are available from the underlying BIO (where <b>y</b> &gt; <b>x</b>), then OpenSSL will read all <b>y</b> bytes into its buffer (providing that the buffer is large enough) if reading ahead is on, or <b>x</b> bytes otherwise. Setting the parameter <b>yes</b> to 0 turns reading ahead is off, other values turn it on. SSL_CTX_set_default_read_ahead() is identical to SSL_CTX_set_read_ahead().</p>
+
+<p>SSL_CTX_get_read_ahead() and SSL_get_read_ahead() indicate whether reading ahead has been set or not. SSL_CTX_get_default_read_ahead() is identical to SSL_CTX_get_read_ahead().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions have no impact when used with DTLS. The return values for SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>Since SSL_read() can return <b>SSL_ERROR_WANT_READ</b> for non-application data records, and SSL_has_pending() can&#39;t tell the difference between processed and unprocessed data, it&#39;s recommended that if read ahead is turned on that <b>SSL_MODE_AUTO_RETRY</b> is not turned off using SSL_CTX_clear_mode(). That will prevent getting <b>SSL_ERROR_WANT_READ</b> when there is still a complete record availale that hasn&#39;t been processed.</p>
+
+<p>If the application wants to continue to use the underlying transport (e.g. TCP connection) after the SSL connection is finished using SSL_shutdown() reading ahead should be turned off. Otherwise the SSL structure might read data that it shouldn&#39;t.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_read_ahead() and SSL_CTX_get_read_ahead() return 0 if reading ahead is off, and non zero otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_record_padding_callback_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_record_padding_callback_arg.html
new file mode 100644
index 000000000..57d5c7c64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_record_padding_callback_arg.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_record_padding_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_record_padding_callback, SSL_set_record_padding_callback, SSL_CTX_set_record_padding_callback_arg, SSL_set_record_padding_callback_arg, SSL_CTX_get_record_padding_callback_arg, SSL_get_record_padding_callback_arg, SSL_CTX_set_block_padding, SSL_set_block_padding - install callback to specify TLS 1.3 record padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+ void SSL_set_record_padding_callback(SSL *ssl, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+
+ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+
+ void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+ void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+
+ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+ int SSL_set_block_padding(SSL *ssl, size_t block_size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_record_padding_callback() or SSL_set_record_padding_callback() can be used to assign a callback function <i>cb</i> to specify the padding for TLS 1.3 records. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_set_record_padding_callback_arg() and SSL_set_record_padding_callback_arg() assign a value <b>arg</b> that is passed to the callback when it is invoked. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() retrieve the <b>arg</b> value that is passed to the callback.</p>
+
+<p>SSL_CTX_set_block_padding() and SSL_set_block_padding() pads the record to a multiple of the <b>block_size</b>. A <b>block_size</b> of 0 or 1 disables block padding. The limit of <b>block_size</b> is SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>The callback is invoked for every record before encryption. The <b>type</b> parameter is the TLS record type that is being processed; may be one of SSL3_RT_APPLICATION_DATA, SSL3_RT_HANDSHAKE, or SSL3_RT_ALERT. The <b>len</b> parameter is the current plaintext length of the record before encryption. The <b>arg</b> parameter is the value set via SSL_CTX_set_record_padding_callback_arg() or SSL_set_record_padding_callback_arg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() functions return the <b>arg</b> value assigned in the corresponding set functions.</p>
+
+<p>The SSL_CTX_set_block_padding() and SSL_set_block_padding() functions return 1 on success or 0 if <b>block_size</b> is too large.</p>
+
+<p>The <b>cb</b> returns the number of padding bytes to add to the record. A return of 0 indicates no padding will be added. A return value that causes the record to exceed the maximum record size (SSL3_RT_MAX_PLAIN_LENGTH) will pad out to the maximum record size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default behavior is to add no padding to the record.</p>
+
+<p>A user-supplied padding callback function will override the behavior set by SSL_set_block_padding() or SSL_CTX_set_block_padding(). Setting the user-supplied callback to NULL will restore the configured block padding behavior.</p>
+
+<p>These functions only apply to TLS 1.3 records being written.</p>
+
+<p>Padding bytes are not added in constant-time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The record padding API was added for TLS 1.3 support in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_recv_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_recv_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_recv_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_security_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_security_callback.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_security_callback.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_security_level.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_security_level.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_security_level.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_session_cache_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_session_cache_mode.html
new file mode 100644
index 000000000..16d0192b2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_session_cache_mode.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_cache_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - enable/disable session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode);
+ long SSL_CTX_get_session_cache_mode(SSL_CTX ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_session_cache_mode() enables/disables session caching by setting the operational mode for <b>ctx</b> to &lt;mode&gt;.</p>
+
+<p>SSL_CTX_get_session_cache_mode() returns the currently used cache mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The OpenSSL library can store/retrieve SSL/TLS sessions for later reuse. The sessions can be held in memory for each <b>ctx</b>, if more than one SSL_CTX object is being maintained, the sessions are unique for each SSL_CTX object.</p>
+
+<p>In order to reuse a session, a client must send the session&#39;s id to the server. It can only send exactly one id. The server then either agrees to reuse the session or it starts a full handshake (to create a new session).</p>
+
+<p>A server will look up the session in its internal session storage. If the session is not found in internal storage or lookups for the internal storage have been deactivated (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), the server will try the external storage if available.</p>
+
+<p>Since a client may try to reuse a session intended for use in a different context, the session id context must be set by the server (see <a href="../man3/SSL_CTX_set_session_id_context.html">SSL_CTX_set_session_id_context(3)</a>).</p>
+
+<p>The following session cache modes and modifiers are available:</p>
+
+<dl>
+
+<dt id="SSL_SESS_CACHE_OFF">SSL_SESS_CACHE_OFF</dt>
+<dd>
+
+<p>No session caching for client or server takes place.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_CLIENT">SSL_SESS_CACHE_CLIENT</dt>
+<dd>
+
+<p>Client sessions are added to the session cache. As there is no reliable way for the OpenSSL library to know whether a session should be reused or which session to choose (due to the abstract BIO layer the SSL engine does not have details about the connection), the application must select the session to be reused by using the <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> function. This option is not activated by default.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_SERVER">SSL_SESS_CACHE_SERVER</dt>
+<dd>
+
+<p>Server sessions are added to the session cache. When a client proposes a session to be reused, the server looks for the corresponding session in (first) the internal session cache (unless SSL_SESS_CACHE_NO_INTERNAL_LOOKUP is set), then (second) in the external cache if available. If the session is found, the server will try to reuse the session. This is the default.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_BOTH">SSL_SESS_CACHE_BOTH</dt>
+<dd>
+
+<p>Enable both SSL_SESS_CACHE_CLIENT and SSL_SESS_CACHE_SERVER at the same time.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_NO_AUTO_CLEAR">SSL_SESS_CACHE_NO_AUTO_CLEAR</dt>
+<dd>
+
+<p>Normally the session cache is checked for expired sessions every 255 connections using the <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> function. Since this may lead to a delay which cannot be controlled, the automatic flushing may be disabled and <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> can be called explicitly by the application.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_NO_INTERNAL_LOOKUP">SSL_SESS_CACHE_NO_INTERNAL_LOOKUP</dt>
+<dd>
+
+<p>By setting this flag, session-resume operations in an SSL/TLS server will not automatically look up sessions in the internal cache, even if sessions are automatically stored there. If external session caching callbacks are in use, this flag guarantees that all lookups are directed to the external cache. As automatic lookup only applies for SSL/TLS servers, the flag has no effect on clients.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_NO_INTERNAL_STORE">SSL_SESS_CACHE_NO_INTERNAL_STORE</dt>
+<dd>
+
+<p>Depending on the presence of SSL_SESS_CACHE_CLIENT and/or SSL_SESS_CACHE_SERVER, sessions negotiated in an SSL/TLS handshake may be cached for possible reuse. Normally a new session is added to the internal cache as well as any external session caching (callback) that is configured for the SSL_CTX. This flag will prevent sessions being stored in the internal cache (though the application can add them manually using <a href="../man3/SSL_CTX_add_session.html">SSL_CTX_add_session(3)</a>). Note: in any SSL/TLS servers where external caching is configured, any successful session lookups in the external cache (ie. for session-resume requests) would normally be copied into the local cache before processing continues - this flag prevents these additions to the internal cache as well.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_NO_INTERNAL">SSL_SESS_CACHE_NO_INTERNAL</dt>
+<dd>
+
+<p>Enable both SSL_SESS_CACHE_NO_INTERNAL_LOOKUP and SSL_SESS_CACHE_NO_INTERNAL_STORE at the same time.</p>
+
+</dd>
+</dl>
+
+<p>The default mode is SSL_SESS_CACHE_SERVER.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_session_cache_mode() returns the previously set cache mode.</p>
+
+<p>SSL_CTX_get_session_cache_mode() returns the currently set cache mode.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_CTX_add_session.html">SSL_CTX_add_session(3)</a>, <a href="../man3/SSL_CTX_sess_number.html">SSL_CTX_sess_number(3)</a>, <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a>, <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a>, <a href="../man3/SSL_CTX_set_session_id_context.html">SSL_CTX_set_session_id_context(3)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_timeout.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_timeout.html
new file mode 100644
index 000000000..8f414fafc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_timeout.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_timeout</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_timeout, SSL_CTX_get_timeout - manipulate timeout values for session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+ long SSL_CTX_get_timeout(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_timeout() sets the timeout for newly created sessions for <b>ctx</b> to <b>t</b>. The timeout value <b>t</b> must be given in seconds.</p>
+
+<p>SSL_CTX_get_timeout() returns the currently set timeout value for <b>ctx</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Whenever a new session is created, it is assigned a maximum lifetime. This lifetime is specified by storing the creation time of the session and the timeout value valid at this time. If the actual time is later than creation time plus timeout, the session is not reused.</p>
+
+<p>Due to this realization, all sessions behave according to the timeout value valid at the time of the session negotiation. Changes of the timeout value do not affect already established sessions.</p>
+
+<p>The expiration time of a single session can be modified using the <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a> family of functions.</p>
+
+<p>Expired sessions are removed from the internal session cache, whenever <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> is called, either directly by the application or automatically (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>)</p>
+
+<p>The default value for session timeout is decided on a per protocol basis, see <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a>. All currently supported protocols have the same default timeout value of 300 seconds.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_timeout() returns the previously set timeout value.</p>
+
+<p>SSL_CTX_get_timeout() returns the currently set timeout value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_arg.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_arg.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_cb.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_cb.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_type.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_type.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_type.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_callback.html
new file mode 100644
index 000000000..7c192f5fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_callback.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get_verify_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+ int SSL_get_verify_mode(const SSL *ssl);
+ int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+ int SSL_get_verify_depth(const SSL *ssl);
+ int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
+ int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get_verify_mode() returns the verification mode currently set in <b>ctx</b>.</p>
+
+<p>SSL_get_verify_mode() returns the verification mode currently set in <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_verify_depth() returns the verification depth limit currently set in <b>ctx</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_get_verify_depth() returns the verification depth limit currently set in <b>ssl</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_CTX_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<p>SSL_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ssl</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_depth.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_depth.html
new file mode 100644
index 000000000..7c192f5fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_depth.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get_verify_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+ int SSL_get_verify_mode(const SSL *ssl);
+ int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+ int SSL_get_verify_depth(const SSL *ssl);
+ int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
+ int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get_verify_mode() returns the verification mode currently set in <b>ctx</b>.</p>
+
+<p>SSL_get_verify_mode() returns the verification mode currently set in <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_verify_depth() returns the verification depth limit currently set in <b>ctx</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_get_verify_depth() returns the verification depth limit currently set in <b>ssl</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_CTX_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<p>SSL_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ssl</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_mode.html
new file mode 100644
index 000000000..7c192f5fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_mode.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get_verify_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+ int SSL_get_verify_mode(const SSL *ssl);
+ int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+ int SSL_get_verify_depth(const SSL *ssl);
+ int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
+ int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get_verify_mode() returns the verification mode currently set in <b>ctx</b>.</p>
+
+<p>SSL_get_verify_mode() returns the verification mode currently set in <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_verify_depth() returns the verification depth limit currently set in <b>ctx</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_get_verify_depth() returns the verification depth limit currently set in <b>ssl</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_CTX_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<p>SSL_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ssl</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_has_client_custom_ext.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_has_client_custom_ext.html
new file mode 100644
index 000000000..ea4eea8b8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_has_client_custom_ext.html
@@ -0,0 +1,56 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_has_client_custom_ext</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_has_client_custom_ext - check whether a handler exists for a particular client extension type</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_has_client_custom_ext(const SSL_CTX *ctx, unsigned int ext_type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_has_client_custom_ext() checks whether a handler has been set for a client extension of type <b>ext_type</b> using SSL_CTX_add_client_custom_ext().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Returns 1 if a handler has been set, 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_add_client_custom_ext.html">SSL_CTX_add_client_custom_ext(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_keylog_cb_func.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_keylog_cb_func.html
new file mode 100644
index 000000000..7143f4b6a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_keylog_cb_func.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_keylog_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_keylog_callback, SSL_CTX_get_keylog_callback, SSL_CTX_keylog_cb_func - logging TLS key material</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef void (*SSL_CTX_keylog_cb_func)(const SSL *ssl, const char *line);
+
+ void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb);
+ SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_keylog_callback() sets the TLS key logging callback. This callback is called whenever TLS key material is generated or received, in order to allow applications to store this keying material for debugging purposes.</p>
+
+<p>SSL_CTX_get_keylog_callback() retrieves the previously set TLS key logging callback. If no callback has been set, this will return NULL. When there is no key logging callback, or if SSL_CTX_set_keylog_callback is called with NULL as the value of cb, no logging of key material will be done.</p>
+
+<p>The key logging callback is called with two items: the <b>ssl</b> object associated with the connection, and <b>line</b>, a string containing the key material in the format used by NSS for its <b>SSLKEYLOGFILE</b> debugging output. To recreate that file, the key logging callback should log <b>line</b>, followed by a newline. <b>line</b> will always be a NULL-terminated string.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get_keylog_callback() returns a pointer to <b>SSL_CTX_keylog_cb_func</b> or NULL if the callback is not set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_load_verify_locations.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_load_verify_locations.html
new file mode 100644
index 000000000..05aee0f9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_load_verify_locations.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_load_verify_locations</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_load_verify_locations, SSL_CTX_set_default_verify_paths, SSL_CTX_set_default_verify_dir, SSL_CTX_set_default_verify_file - set default locations for trusted CA certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+                                   const char *CApath);
+
+ int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+
+ int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx);
+
+ int SSL_CTX_set_default_verify_file(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_load_verify_locations() specifies the locations for <b>ctx</b>, at which CA certificates for verification purposes are located. The certificates available via <b>CAfile</b> and <b>CApath</b> are trusted.</p>
+
+<p>SSL_CTX_set_default_verify_paths() specifies that the default locations from which CA certificates are loaded should be used. There is one default directory and one default file. The default CA certificates directory is called &quot;certs&quot; in the default OpenSSL directory. Alternatively the SSL_CERT_DIR environment variable can be defined to override this location. The default CA certificates file is called &quot;cert.pem&quot; in the default OpenSSL directory. Alternatively the SSL_CERT_FILE environment variable can be defined to override this location.</p>
+
+<p>SSL_CTX_set_default_verify_dir() is similar to SSL_CTX_set_default_verify_paths() except that just the default directory is used.</p>
+
+<p>SSL_CTX_set_default_verify_file() is similar to SSL_CTX_set_default_verify_paths() except that just the default file is used.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If <b>CAfile</b> is not NULL, it points to a file of CA certificates in PEM format. The file can contain several CA certificates identified by</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ ... (CA certificate in base64 encoding) ...
+ -----END CERTIFICATE-----</code></pre>
+
+<p>sequences. Before, between, and after the certificates text is allowed which can be used e.g. for descriptions of the certificates.</p>
+
+<p>The <b>CAfile</b> is processed on execution of the SSL_CTX_load_verify_locations() function.</p>
+
+<p>If <b>CApath</b> is not NULL, it points to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search is performed in the ordering of the extension number, regardless of other properties of the certificates. Use the <b>c_rehash</b> utility to create the necessary links.</p>
+
+<p>The certificates in <b>CApath</b> are only looked up when required, e.g. when building the certificate chain or when actually performing the verification of a peer certificate.</p>
+
+<p>When looking up CA certificates, the OpenSSL library will first search the certificates in <b>CAfile</b>, then those in <b>CApath</b>. Certificate matching is done based on the subject name, the key identifier (if present), and the serial number as taken from the certificate to be verified. If these data do not match, the next certificate will be tried. If a first certificate matching the parameters is found, the verification process will be performed; no other certificates for the same parameters will be searched in case of failure.</p>
+
+<p>In server mode, when requesting a client certificate, the server must send the list of CAs of which it will accept client certificates. This list is not influenced by the contents of <b>CAfile</b> or <b>CApath</b> and must explicitly be set using the <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a> family of functions.</p>
+
+<p>When building its own certificate chain, an OpenSSL client/server will try to fill in missing certificates from <b>CAfile</b>/<b>CApath</b>, if the certificate chain was not explicitly specified (see <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>If several CA certificates matching the name, key identifier, and serial number condition are available, only the first one will be examined. This may lead to unexpected results if the same CA certificate is available with different expiration dates. If a &quot;certificate expired&quot; verification error occurs, no other certificate will be searched. Make sure to not have expired certificates mixed with valid ones.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a CA certificate file with descriptive text from the CA certificates ca1.pem ca2.pem ca3.pem:</p>
+
+<pre><code> #!/bin/sh
+ rm CAfile.pem
+ for i in ca1.pem ca2.pem ca3.pem ; do
+     openssl x509 -in $i -text &gt;&gt; CAfile.pem
+ done</code></pre>
+
+<p>Prepare the directory /some/where/certs containing several CA certificates for use as <b>CApath</b>:</p>
+
+<pre><code> cd /some/where/certs
+ c_rehash .</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For SSL_CTX_load_verify_locations the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed because <b>CAfile</b> and <b>CApath</b> are NULL or the processing at one of the locations specified failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_set_default_verify_paths(), SSL_CTX_set_default_verify_dir() and SSL_CTX_set_default_verify_file() all return 1 on success or 0 on failure. A missing default location is still treated as a success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_new.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_new.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_remove_session.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_remove_session.html
new file mode 100644
index 000000000..2209e0b4d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_remove_session.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add_session</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_add_session, SSL_CTX_remove_session - manipulate session cache</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
+
+ int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_session() adds the session <b>c</b> to the context <b>ctx</b>. The reference count for session <b>c</b> is incremented by 1. If a session with the same session id already exists, the old session is removed by calling <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>.</p>
+
+<p>SSL_CTX_remove_session() removes the session <b>c</b> from the context <b>ctx</b> and marks it as non-resumable. <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a> is called once for <b>c</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When adding a new session to the internal session cache, it is examined whether a session with the same session id already exists. In this case it is assumed that both sessions are identical. If the same session is stored in a different SSL_SESSION object, The old session is removed and replaced by the new session. If the session is actually identical (the SSL_SESSION object is identical), SSL_CTX_add_session() is a no-op, and the return value is 0.</p>
+
+<p>If a server SSL_CTX is configured with the SSL_SESS_CACHE_NO_INTERNAL_STORE flag then the internal cache will not be populated automatically by new sessions negotiated by the SSL/TLS implementation, even though the internal cache will be searched automatically for session-resume requests (the latter can be suppressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the application can use SSL_CTX_add_session() directly to have full control over the sessions that can be resumed if desired.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following values are returned by all functions:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed. In case of the add operation, it was tried to add the same (identical) session twice. In case of the remove operation, the session was not found in the cache.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_select_current_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_select_current_cert.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_select_current_cert.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept_good.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept_good.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept_good.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept_renegotiate.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept_renegotiate.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept_renegotiate.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_cache_full.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_cache_full.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_cache_full.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_cb_hits.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_cb_hits.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_cb_hits.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect_good.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect_good.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect_good.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect_renegotiate.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect_renegotiate.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect_renegotiate.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_cache_size.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_cache_size.html
new file mode 100644
index 000000000..469c2392b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_cache_size.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_set_cache_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_set_cache_size, SSL_CTX_sess_get_cache_size - manipulate session cache size</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, long t);
+ long SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_set_cache_size() sets the size of the internal session cache of context <b>ctx</b> to <b>t</b>. This value is a hint and not an absolute; see the notes below.</p>
+
+<p>SSL_CTX_sess_get_cache_size() returns the currently valid session cache size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal session cache size is SSL_SESSION_CACHE_MAX_SIZE_DEFAULT, currently 1024*20, so that up to 20000 sessions can be held. This size can be modified using the SSL_CTX_sess_set_cache_size() call. A special case is the size 0, which is used for unlimited size.</p>
+
+<p>If adding the session makes the cache exceed its size, then unused sessions are dropped from the end of the cache. Cache space may also be reclaimed by calling <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> to remove expired sessions.</p>
+
+<p>If the size of the session cache is reduced and more sessions are already in the session cache, old session will be removed at the next time a session shall be added. This removal is not synchronized with the expiration of sessions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sess_set_cache_size() returns the previously valid size.</p>
+
+<p>SSL_CTX_sess_get_cache_size() returns the currently valid size.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_sess_number.html">SSL_CTX_sess_number(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_get_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_get_cb.html
new file mode 100644
index 000000000..d50653714
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_get_cb.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_set_get_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+                              int (*new_session_cb)(SSL *, SSL_SESSION *));
+ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+                                 void (*remove_session_cb)(SSL_CTX *ctx,
+                                                           SSL_SESSION *));
+ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+                              SSL_SESSION (*get_session_cb)(SSL *,
+                                                            const unsigned char *,
+                                                            int, int *));
+
+ int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                              SSL_SESSION *sess);
+ void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
+                                                  SSL_SESSION *sess);
+ SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                                       const unsigned char *data,
+                                                       int len, int *copy);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_set_new_cb() sets the callback function, which is automatically called whenever a new session was negotiated.</p>
+
+<p>SSL_CTX_sess_set_remove_cb() sets the callback function, which is automatically called whenever a session is removed by the SSL engine, because it is considered faulty or the session has become obsolete because of exceeding the timeout value.</p>
+
+<p>SSL_CTX_sess_set_get_cb() sets the callback function which is called, whenever a SSL/TLS client proposed to resume a session but the session could not be found in the internal session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). (SSL/TLS server only.)</p>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and SSL_CTX_sess_get_get_cb() retrieve the function pointers set by the corresponding set callback functions. If a callback function has not been set, the NULL pointer is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to allow external session caching, synchronization with the internal session cache is realized via callback functions. Inside these callback functions, session can be saved to disk or put into a database using the <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a> interface.</p>
+
+<p>The new_session_cb() is called, whenever a new session has been negotiated and session caching is enabled (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). The new_session_cb() is passed the <b>ssl</b> connection and the ssl session <b>sess</b>. If the callback returns <b>0</b>, the session will be immediately removed again. Note that in TLSv1.3, sessions are established after the main handshake has completed. The server decides when to send the client the session information and this may occur some time after the end of the handshake (or not at all). This means that applications should expect the new_session_cb() function to be invoked during the handshake (for &lt;= TLSv1.2) or after the handshake (for TLSv1.3). It is also possible in TLSv1.3 for multiple sessions to be established with a single connection. In these case the new_session_cb() function will be invoked multiple times.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once. One way of enforcing that is for applications to call <a href="../man3/SSL_CTX_remove_session.html">SSL_CTX_remove_session(3)</a> after a session has been used.</p>
+
+<p>The remove_session_cb() is called, whenever the SSL engine removes a session from the internal cache. This happens when the session is removed because it is expired or when a connection was not shutdown cleanly. It also happens for all sessions in the internal session cache when <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a> is called. The remove_session_cb() is passed the <b>ctx</b> and the ssl session <b>sess</b>. It does not provide any feedback.</p>
+
+<p>The get_session_cb() is only called on SSL/TLS servers with the session id proposed by the client. The get_session_cb() is always called, also when session caching was disabled. The get_session_cb() is passed the <b>ssl</b> connection, the session id of length <b>length</b> at the memory location <b>data</b>. With the parameter <b>copy</b> the callback can require the SSL engine to increment the reference count of the SSL_SESSION object, Normally the reference count is not incremented and therefore the session must not be explicitly freed with <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb() and SSL_CTX_sess_get_get_cb() return different callback function pointers respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_new_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_new_cb.html
new file mode 100644
index 000000000..d50653714
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_new_cb.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_set_get_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+                              int (*new_session_cb)(SSL *, SSL_SESSION *));
+ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+                                 void (*remove_session_cb)(SSL_CTX *ctx,
+                                                           SSL_SESSION *));
+ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+                              SSL_SESSION (*get_session_cb)(SSL *,
+                                                            const unsigned char *,
+                                                            int, int *));
+
+ int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                              SSL_SESSION *sess);
+ void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
+                                                  SSL_SESSION *sess);
+ SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                                       const unsigned char *data,
+                                                       int len, int *copy);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_set_new_cb() sets the callback function, which is automatically called whenever a new session was negotiated.</p>
+
+<p>SSL_CTX_sess_set_remove_cb() sets the callback function, which is automatically called whenever a session is removed by the SSL engine, because it is considered faulty or the session has become obsolete because of exceeding the timeout value.</p>
+
+<p>SSL_CTX_sess_set_get_cb() sets the callback function which is called, whenever a SSL/TLS client proposed to resume a session but the session could not be found in the internal session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). (SSL/TLS server only.)</p>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and SSL_CTX_sess_get_get_cb() retrieve the function pointers set by the corresponding set callback functions. If a callback function has not been set, the NULL pointer is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to allow external session caching, synchronization with the internal session cache is realized via callback functions. Inside these callback functions, session can be saved to disk or put into a database using the <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a> interface.</p>
+
+<p>The new_session_cb() is called, whenever a new session has been negotiated and session caching is enabled (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). The new_session_cb() is passed the <b>ssl</b> connection and the ssl session <b>sess</b>. If the callback returns <b>0</b>, the session will be immediately removed again. Note that in TLSv1.3, sessions are established after the main handshake has completed. The server decides when to send the client the session information and this may occur some time after the end of the handshake (or not at all). This means that applications should expect the new_session_cb() function to be invoked during the handshake (for &lt;= TLSv1.2) or after the handshake (for TLSv1.3). It is also possible in TLSv1.3 for multiple sessions to be established with a single connection. In these case the new_session_cb() function will be invoked multiple times.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once. One way of enforcing that is for applications to call <a href="../man3/SSL_CTX_remove_session.html">SSL_CTX_remove_session(3)</a> after a session has been used.</p>
+
+<p>The remove_session_cb() is called, whenever the SSL engine removes a session from the internal cache. This happens when the session is removed because it is expired or when a connection was not shutdown cleanly. It also happens for all sessions in the internal session cache when <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a> is called. The remove_session_cb() is passed the <b>ctx</b> and the ssl session <b>sess</b>. It does not provide any feedback.</p>
+
+<p>The get_session_cb() is only called on SSL/TLS servers with the session id proposed by the client. The get_session_cb() is always called, also when session caching was disabled. The get_session_cb() is passed the <b>ssl</b> connection, the session id of length <b>length</b> at the memory location <b>data</b>. With the parameter <b>copy</b> the callback can require the SSL engine to increment the reference count of the SSL_SESSION object, Normally the reference count is not incremented and therefore the session must not be explicitly freed with <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb() and SSL_CTX_sess_get_get_cb() return different callback function pointers respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_remove_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_remove_cb.html
new file mode 100644
index 000000000..d50653714
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_remove_cb.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_set_get_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+                              int (*new_session_cb)(SSL *, SSL_SESSION *));
+ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+                                 void (*remove_session_cb)(SSL_CTX *ctx,
+                                                           SSL_SESSION *));
+ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+                              SSL_SESSION (*get_session_cb)(SSL *,
+                                                            const unsigned char *,
+                                                            int, int *));
+
+ int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                              SSL_SESSION *sess);
+ void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
+                                                  SSL_SESSION *sess);
+ SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                                       const unsigned char *data,
+                                                       int len, int *copy);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_set_new_cb() sets the callback function, which is automatically called whenever a new session was negotiated.</p>
+
+<p>SSL_CTX_sess_set_remove_cb() sets the callback function, which is automatically called whenever a session is removed by the SSL engine, because it is considered faulty or the session has become obsolete because of exceeding the timeout value.</p>
+
+<p>SSL_CTX_sess_set_get_cb() sets the callback function which is called, whenever a SSL/TLS client proposed to resume a session but the session could not be found in the internal session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). (SSL/TLS server only.)</p>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and SSL_CTX_sess_get_get_cb() retrieve the function pointers set by the corresponding set callback functions. If a callback function has not been set, the NULL pointer is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to allow external session caching, synchronization with the internal session cache is realized via callback functions. Inside these callback functions, session can be saved to disk or put into a database using the <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a> interface.</p>
+
+<p>The new_session_cb() is called, whenever a new session has been negotiated and session caching is enabled (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). The new_session_cb() is passed the <b>ssl</b> connection and the ssl session <b>sess</b>. If the callback returns <b>0</b>, the session will be immediately removed again. Note that in TLSv1.3, sessions are established after the main handshake has completed. The server decides when to send the client the session information and this may occur some time after the end of the handshake (or not at all). This means that applications should expect the new_session_cb() function to be invoked during the handshake (for &lt;= TLSv1.2) or after the handshake (for TLSv1.3). It is also possible in TLSv1.3 for multiple sessions to be established with a single connection. In these case the new_session_cb() function will be invoked multiple times.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once. One way of enforcing that is for applications to call <a href="../man3/SSL_CTX_remove_session.html">SSL_CTX_remove_session(3)</a> after a session has been used.</p>
+
+<p>The remove_session_cb() is called, whenever the SSL engine removes a session from the internal cache. This happens when the session is removed because it is expired or when a connection was not shutdown cleanly. It also happens for all sessions in the internal session cache when <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a> is called. The remove_session_cb() is passed the <b>ctx</b> and the ssl session <b>sess</b>. It does not provide any feedback.</p>
+
+<p>The get_session_cb() is only called on SSL/TLS servers with the session id proposed by the client. The get_session_cb() is always called, also when session caching was disabled. The get_session_cb() is passed the <b>ssl</b> connection, the session id of length <b>length</b> at the memory location <b>data</b>. With the parameter <b>copy</b> the callback can require the SSL engine to increment the reference count of the SSL_SESSION object, Normally the reference count is not incremented and therefore the session must not be explicitly freed with <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb() and SSL_CTX_sess_get_get_cb() return different callback function pointers respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_hits.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_hits.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_hits.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_misses.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_misses.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_misses.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_number.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_number.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_number.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_cache_size.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_cache_size.html
new file mode 100644
index 000000000..469c2392b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_cache_size.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_set_cache_size</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_set_cache_size, SSL_CTX_sess_get_cache_size - manipulate session cache size</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, long t);
+ long SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_set_cache_size() sets the size of the internal session cache of context <b>ctx</b> to <b>t</b>. This value is a hint and not an absolute; see the notes below.</p>
+
+<p>SSL_CTX_sess_get_cache_size() returns the currently valid session cache size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal session cache size is SSL_SESSION_CACHE_MAX_SIZE_DEFAULT, currently 1024*20, so that up to 20000 sessions can be held. This size can be modified using the SSL_CTX_sess_set_cache_size() call. A special case is the size 0, which is used for unlimited size.</p>
+
+<p>If adding the session makes the cache exceed its size, then unused sessions are dropped from the end of the cache. Cache space may also be reclaimed by calling <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> to remove expired sessions.</p>
+
+<p>If the size of the session cache is reduced and more sessions are already in the session cache, old session will be removed at the next time a session shall be added. This removal is not synchronized with the expiration of sessions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sess_set_cache_size() returns the previously valid size.</p>
+
+<p>SSL_CTX_sess_get_cache_size() returns the currently valid size.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_sess_number.html">SSL_CTX_sess_number(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_get_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_get_cb.html
new file mode 100644
index 000000000..d50653714
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_get_cb.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_set_get_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+                              int (*new_session_cb)(SSL *, SSL_SESSION *));
+ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+                                 void (*remove_session_cb)(SSL_CTX *ctx,
+                                                           SSL_SESSION *));
+ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+                              SSL_SESSION (*get_session_cb)(SSL *,
+                                                            const unsigned char *,
+                                                            int, int *));
+
+ int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                              SSL_SESSION *sess);
+ void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
+                                                  SSL_SESSION *sess);
+ SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                                       const unsigned char *data,
+                                                       int len, int *copy);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_set_new_cb() sets the callback function, which is automatically called whenever a new session was negotiated.</p>
+
+<p>SSL_CTX_sess_set_remove_cb() sets the callback function, which is automatically called whenever a session is removed by the SSL engine, because it is considered faulty or the session has become obsolete because of exceeding the timeout value.</p>
+
+<p>SSL_CTX_sess_set_get_cb() sets the callback function which is called, whenever a SSL/TLS client proposed to resume a session but the session could not be found in the internal session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). (SSL/TLS server only.)</p>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and SSL_CTX_sess_get_get_cb() retrieve the function pointers set by the corresponding set callback functions. If a callback function has not been set, the NULL pointer is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to allow external session caching, synchronization with the internal session cache is realized via callback functions. Inside these callback functions, session can be saved to disk or put into a database using the <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a> interface.</p>
+
+<p>The new_session_cb() is called, whenever a new session has been negotiated and session caching is enabled (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). The new_session_cb() is passed the <b>ssl</b> connection and the ssl session <b>sess</b>. If the callback returns <b>0</b>, the session will be immediately removed again. Note that in TLSv1.3, sessions are established after the main handshake has completed. The server decides when to send the client the session information and this may occur some time after the end of the handshake (or not at all). This means that applications should expect the new_session_cb() function to be invoked during the handshake (for &lt;= TLSv1.2) or after the handshake (for TLSv1.3). It is also possible in TLSv1.3 for multiple sessions to be established with a single connection. In these case the new_session_cb() function will be invoked multiple times.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once. One way of enforcing that is for applications to call <a href="../man3/SSL_CTX_remove_session.html">SSL_CTX_remove_session(3)</a> after a session has been used.</p>
+
+<p>The remove_session_cb() is called, whenever the SSL engine removes a session from the internal cache. This happens when the session is removed because it is expired or when a connection was not shutdown cleanly. It also happens for all sessions in the internal session cache when <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a> is called. The remove_session_cb() is passed the <b>ctx</b> and the ssl session <b>sess</b>. It does not provide any feedback.</p>
+
+<p>The get_session_cb() is only called on SSL/TLS servers with the session id proposed by the client. The get_session_cb() is always called, also when session caching was disabled. The get_session_cb() is passed the <b>ssl</b> connection, the session id of length <b>length</b> at the memory location <b>data</b>. With the parameter <b>copy</b> the callback can require the SSL engine to increment the reference count of the SSL_SESSION object, Normally the reference count is not incremented and therefore the session must not be explicitly freed with <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb() and SSL_CTX_sess_get_get_cb() return different callback function pointers respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_new_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_new_cb.html
new file mode 100644
index 000000000..d50653714
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_new_cb.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_set_get_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+                              int (*new_session_cb)(SSL *, SSL_SESSION *));
+ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+                                 void (*remove_session_cb)(SSL_CTX *ctx,
+                                                           SSL_SESSION *));
+ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+                              SSL_SESSION (*get_session_cb)(SSL *,
+                                                            const unsigned char *,
+                                                            int, int *));
+
+ int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                              SSL_SESSION *sess);
+ void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
+                                                  SSL_SESSION *sess);
+ SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                                       const unsigned char *data,
+                                                       int len, int *copy);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_set_new_cb() sets the callback function, which is automatically called whenever a new session was negotiated.</p>
+
+<p>SSL_CTX_sess_set_remove_cb() sets the callback function, which is automatically called whenever a session is removed by the SSL engine, because it is considered faulty or the session has become obsolete because of exceeding the timeout value.</p>
+
+<p>SSL_CTX_sess_set_get_cb() sets the callback function which is called, whenever a SSL/TLS client proposed to resume a session but the session could not be found in the internal session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). (SSL/TLS server only.)</p>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and SSL_CTX_sess_get_get_cb() retrieve the function pointers set by the corresponding set callback functions. If a callback function has not been set, the NULL pointer is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to allow external session caching, synchronization with the internal session cache is realized via callback functions. Inside these callback functions, session can be saved to disk or put into a database using the <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a> interface.</p>
+
+<p>The new_session_cb() is called, whenever a new session has been negotiated and session caching is enabled (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). The new_session_cb() is passed the <b>ssl</b> connection and the ssl session <b>sess</b>. If the callback returns <b>0</b>, the session will be immediately removed again. Note that in TLSv1.3, sessions are established after the main handshake has completed. The server decides when to send the client the session information and this may occur some time after the end of the handshake (or not at all). This means that applications should expect the new_session_cb() function to be invoked during the handshake (for &lt;= TLSv1.2) or after the handshake (for TLSv1.3). It is also possible in TLSv1.3 for multiple sessions to be established with a single connection. In these case the new_session_cb() function will be invoked multiple times.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once. One way of enforcing that is for applications to call <a href="../man3/SSL_CTX_remove_session.html">SSL_CTX_remove_session(3)</a> after a session has been used.</p>
+
+<p>The remove_session_cb() is called, whenever the SSL engine removes a session from the internal cache. This happens when the session is removed because it is expired or when a connection was not shutdown cleanly. It also happens for all sessions in the internal session cache when <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a> is called. The remove_session_cb() is passed the <b>ctx</b> and the ssl session <b>sess</b>. It does not provide any feedback.</p>
+
+<p>The get_session_cb() is only called on SSL/TLS servers with the session id proposed by the client. The get_session_cb() is always called, also when session caching was disabled. The get_session_cb() is passed the <b>ssl</b> connection, the session id of length <b>length</b> at the memory location <b>data</b>. With the parameter <b>copy</b> the callback can require the SSL engine to increment the reference count of the SSL_SESSION object, Normally the reference count is not incremented and therefore the session must not be explicitly freed with <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb() and SSL_CTX_sess_get_get_cb() return different callback function pointers respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_remove_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_remove_cb.html
new file mode 100644
index 000000000..d50653714
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_remove_cb.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_set_get_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+                              int (*new_session_cb)(SSL *, SSL_SESSION *));
+ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+                                 void (*remove_session_cb)(SSL_CTX *ctx,
+                                                           SSL_SESSION *));
+ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+                              SSL_SESSION (*get_session_cb)(SSL *,
+                                                            const unsigned char *,
+                                                            int, int *));
+
+ int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                              SSL_SESSION *sess);
+ void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
+                                                  SSL_SESSION *sess);
+ SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
+                                                       const unsigned char *data,
+                                                       int len, int *copy);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_set_new_cb() sets the callback function, which is automatically called whenever a new session was negotiated.</p>
+
+<p>SSL_CTX_sess_set_remove_cb() sets the callback function, which is automatically called whenever a session is removed by the SSL engine, because it is considered faulty or the session has become obsolete because of exceeding the timeout value.</p>
+
+<p>SSL_CTX_sess_set_get_cb() sets the callback function which is called, whenever a SSL/TLS client proposed to resume a session but the session could not be found in the internal session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). (SSL/TLS server only.)</p>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and SSL_CTX_sess_get_get_cb() retrieve the function pointers set by the corresponding set callback functions. If a callback function has not been set, the NULL pointer is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to allow external session caching, synchronization with the internal session cache is realized via callback functions. Inside these callback functions, session can be saved to disk or put into a database using the <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a> interface.</p>
+
+<p>The new_session_cb() is called, whenever a new session has been negotiated and session caching is enabled (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). The new_session_cb() is passed the <b>ssl</b> connection and the ssl session <b>sess</b>. If the callback returns <b>0</b>, the session will be immediately removed again. Note that in TLSv1.3, sessions are established after the main handshake has completed. The server decides when to send the client the session information and this may occur some time after the end of the handshake (or not at all). This means that applications should expect the new_session_cb() function to be invoked during the handshake (for &lt;= TLSv1.2) or after the handshake (for TLSv1.3). It is also possible in TLSv1.3 for multiple sessions to be established with a single connection. In these case the new_session_cb() function will be invoked multiple times.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once. One way of enforcing that is for applications to call <a href="../man3/SSL_CTX_remove_session.html">SSL_CTX_remove_session(3)</a> after a session has been used.</p>
+
+<p>The remove_session_cb() is called, whenever the SSL engine removes a session from the internal cache. This happens when the session is removed because it is expired or when a connection was not shutdown cleanly. It also happens for all sessions in the internal session cache when <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a> is called. The remove_session_cb() is passed the <b>ctx</b> and the ssl session <b>sess</b>. It does not provide any feedback.</p>
+
+<p>The get_session_cb() is only called on SSL/TLS servers with the session id proposed by the client. The get_session_cb() is always called, also when session caching was disabled. The get_session_cb() is passed the <b>ssl</b> connection, the session id of length <b>length</b> at the memory location <b>data</b>. With the parameter <b>copy</b> the callback can require the SSL engine to increment the reference count of the SSL_SESSION object, Normally the reference count is not incremented and therefore the session must not be explicitly freed with <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb() and SSL_CTX_sess_get_get_cb() return different callback function pointers respectively.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_timeouts.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_timeouts.html
new file mode 100644
index 000000000..ddf6d98d0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sess_timeouts.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sess_number</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sess_number() returns the current number of sessions in the internal session cache.</p>
+
+<p>SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in client mode.</p>
+
+<p>SSL_CTX_sess_connect_good() returns the number of successfully established SSL/TLS sessions in client mode.</p>
+
+<p>SSL_CTX_sess_connect_renegotiate() returns the number of started renegotiations in client mode.</p>
+
+<p>SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in server mode.</p>
+
+<p>SSL_CTX_sess_accept_good() returns the number of successfully established SSL/TLS sessions in server mode.</p>
+
+<p>SSL_CTX_sess_accept_renegotiate() returns the number of started renegotiations in server mode.</p>
+
+<p>SSL_CTX_sess_hits() returns the number of successfully reused sessions. In client mode a session set with <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> successfully reused is counted as a hit. In server mode a session successfully retrieved from internal or external cache is counted as a hit.</p>
+
+<p>SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions from the external session cache in server mode.</p>
+
+<p>SSL_CTX_sess_misses() returns the number of sessions proposed by clients that were not found in the internal session cache in server mode.</p>
+
+<p>SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients and either found in the internal or external session cache in server mode, but that were invalid due to timeout. These sessions are not included in the SSL_CTX_sess_hits() count.</p>
+
+<p>SSL_CTX_sess_cache_full() returns the number of sessions that were removed because the maximum session cache size was exceeded.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return the values indicated in the DESCRIPTION section.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a> <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sessions.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sessions.html
new file mode 100644
index 000000000..0be6dde76
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_sessions.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_sessions</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_sessions - access internal session cache</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_sessions() returns a pointer to the lhash databases containing the internal session cache for <b>ctx</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The sessions in the internal session cache are kept in an <a href="../man3/LHASH.html">LHASH(3)</a> type database. It is possible to directly access this database e.g. for searching. In parallel, the sessions form a linked list which is maintained separately from the <a href="../man3/LHASH.html">LHASH(3)</a> operations, so that the database must not be modified directly but by using the <a href="../man3/SSL_CTX_add_session.html">SSL_CTX_add_session(3)</a> family of functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_sessions() returns a pointer to the lhash of <b>SSL_SESSION</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/LHASH.html">LHASH(3)</a>, <a href="../man3/SSL_CTX_add_session.html">SSL_CTX_add_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_chain.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_chain.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_chain_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_chain_cert_store.html
new file mode 100644
index 000000000..c93b012a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_chain_cert_store.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_verify_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate verification or chain store</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store() set the certificate store used for certificate verification to <b>st</b>.</p>
+
+<p>SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store() set the certificate store used for certificate chain building to <b>st</b>.</p>
+
+<p>SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied store so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied store <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The stores pointers associated with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. As a result SSL structures will not be affected if the parent SSL_CTX store pointer is set to a new value.</p>
+
+<p>The verification store is used to verify the certificate chain sent by the peer: that is an SSL/TLS client will use the verification store to verify the server&#39;s certificate chain and a SSL/TLS server will use it to verify any client certificate chain.</p>
+
+<p>The chain store is used to build the certificate chain.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set or a certificate chain is configured already (for example using the functions such as <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> or <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>) then automatic chain building is disabled.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set then automatic chain building is disabled.</p>
+
+<p>If the chain or the verification store is not set then the store associated with the parent SSL_CTX is used instead to retain compatibility with previous versions of OpenSSL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_security_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_security_ex_data.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_security_ex_data.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_verify_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_verify_cert_store.html
new file mode 100644
index 000000000..c93b012a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set0_verify_cert_store.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_verify_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate verification or chain store</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store() set the certificate store used for certificate verification to <b>st</b>.</p>
+
+<p>SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store() set the certificate store used for certificate chain building to <b>st</b>.</p>
+
+<p>SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied store so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied store <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The stores pointers associated with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. As a result SSL structures will not be affected if the parent SSL_CTX store pointer is set to a new value.</p>
+
+<p>The verification store is used to verify the certificate chain sent by the peer: that is an SSL/TLS client will use the verification store to verify the server&#39;s certificate chain and a SSL/TLS server will use it to verify any client certificate chain.</p>
+
+<p>The chain store is used to build the certificate chain.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set or a certificate chain is configured already (for example using the functions such as <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> or <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>) then automatic chain building is disabled.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set then automatic chain building is disabled.</p>
+
+<p>If the chain or the verification store is not set then the store associated with the parent SSL_CTX is used instead to retain compatibility with previous versions of OpenSSL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_cert_store.html
new file mode 100644
index 000000000..b51de3d8b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_cert_store.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cert_store, SSL_CTX_set1_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate verification storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
+ void SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store);
+ X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cert_store() sets/replaces the certificate verification storage of <b>ctx</b> to/with <b>store</b>. If another X509_STORE object is currently set in <b>ctx</b>, it will be X509_STORE_free()ed.</p>
+
+<p>SSL_CTX_set1_cert_store() sets/replaces the certificate verification storage of <b>ctx</b> to/with <b>store</b>. The <b>store</b>&#39;s reference count is incremented. If another X509_STORE object is currently set in <b>ctx</b>, it will be X509_STORE_free()ed.</p>
+
+<p>SSL_CTX_get_cert_store() returns a pointer to the current certificate verification storage.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to verify the certificates presented by the peer, trusted CA certificates must be accessed. These CA certificates are made available via lookup methods, handled inside the X509_STORE. From the X509_STORE the X509_STORE_CTX used when verifying certificates is created.</p>
+
+<p>Typically the trusted certificate store is handled indirectly via using <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>. Using the SSL_CTX_set_cert_store() and SSL_CTX_get_cert_store() functions it is possible to manipulate the X509_STORE object beyond the <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> call.</p>
+
+<p>Currently no detailed documentation on how to use the X509_STORE object is available. Not all members of the X509_STORE are used when the verification takes place. So will e.g. the verify_callback() be overridden with the verify_callback() set via the <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a> family of functions. This document must therefore be updated when documentation about the X509_STORE object and its handling becomes available.</p>
+
+<p>SSL_CTX_set_cert_store() does not increment the <b>store</b>&#39;s reference count, so it should not be used to assign an X509_STORE that is owned by another SSL_CTX.</p>
+
+<p>To share X509_STOREs between two SSL_CTXs, use SSL_CTX_get_cert_store() to get the X509_STORE from the first SSL_CTX, and then use SSL_CTX_set1_cert_store() to assign to the second SSL_CTX and increment the reference count of the X509_STORE.</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>The X509_STORE structure used by an SSL_CTX is used for verifying peer certificates and building certificate chains, it is also shared by every child SSL structure. Applications wanting finer control can use functions such as SSL_CTX_set1_verify_cert_store() instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cert_store() does not return diagnostic output.</p>
+
+<p>SSL_CTX_set1_cert_store() does not return diagnostic output.</p>
+
+<p>SSL_CTX_get_cert_store() returns the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_chain.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_chain.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_chain_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_chain_cert_store.html
new file mode 100644
index 000000000..c93b012a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_chain_cert_store.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_verify_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate verification or chain store</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store() set the certificate store used for certificate verification to <b>st</b>.</p>
+
+<p>SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store() set the certificate store used for certificate chain building to <b>st</b>.</p>
+
+<p>SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied store so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied store <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The stores pointers associated with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. As a result SSL structures will not be affected if the parent SSL_CTX store pointer is set to a new value.</p>
+
+<p>The verification store is used to verify the certificate chain sent by the peer: that is an SSL/TLS client will use the verification store to verify the server&#39;s certificate chain and a SSL/TLS server will use it to verify any client certificate chain.</p>
+
+<p>The chain store is used to build the certificate chain.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set or a certificate chain is configured already (for example using the functions such as <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> or <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>) then automatic chain building is disabled.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set then automatic chain building is disabled.</p>
+
+<p>If the chain or the verification store is not set then the store associated with the parent SSL_CTX is used instead to retain compatibility with previous versions of OpenSSL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_client_sigalgs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_client_sigalgs.html
new file mode 100644
index 000000000..ef2aa7d66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_client_sigalgs.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_sigalgs, SSL_set1_sigalgs, SSL_CTX_set1_sigalgs_list, SSL_set1_sigalgs_list, SSL_CTX_set1_client_sigalgs, SSL_set1_client_sigalgs, SSL_CTX_set1_client_sigalgs_list, SSL_set1_client_sigalgs_list - set supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set1_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_sigalgs_list(SSL *ssl, const char *str);
+
+ long SSL_CTX_set1_client_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_client_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_client_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_client_sigalgs_list(SSL *ssl, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The array <b>slist</b> of length <b>slistlen</b> must consist of pairs of NIDs corresponding to digest and public key algorithms.</p>
+
+<p>SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The <b>str</b> parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by <b>+</b>, or a TLS 1.3-style named SignatureScheme such as rsa_pss_pss_sha256.</p>
+
+<p>SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), SSL_CTX_set1_client_sigalgs_list() and SSL_set1_client_sigalgs_list() set signature algorithms related to client authentication, otherwise they are identical to SSL_CTX_set1_sigalgs(), SSL_set1_sigalgs(), SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list().</p>
+
+<p>All these functions are implemented as macros. The signature algorithm parameter (integer array or string) is not freed: the application should free it, if necessary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to allow the setting of signature algorithms as one of many user configurable options it should consider using the more flexible SSL_CONF API instead.</p>
+
+<p>The signature algorithms set by a client are used directly in the supported signature algorithm in the client hello message.</p>
+
+<p>The supported signature algorithms set by a server are not sent to the client but are used to determine the set of shared signature algorithms and (if server preferences are set with SSL_OP_CIPHER_SERVER_PREFERENCE) their order.</p>
+
+<p>The client authentication signature algorithms set by a server are sent in a certificate request message if client authentication is enabled, otherwise they are unused.</p>
+
+<p>Similarly client authentication signature algorithms set by a client are used to determined the set of client authentication shared signature algorithms.</p>
+
+<p>Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).</p>
+
+<p>Currently the NID_md5, NID_sha1, NID_sha224, NID_sha256, NID_sha384 and NID_sha512 digest NIDs are supported and the public key algorithm NIDs EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_DSA and EVP_PKEY_EC.</p>
+
+<p>The short or long name values for digests can be used in a string (for example &quot;MD5&quot;, &quot;SHA1&quot;, &quot;SHA224&quot;, &quot;SHA256&quot;, &quot;SHA384&quot;, &quot;SHA512&quot;) and the public key algorithm strings &quot;RSA&quot;, &quot;RSA-PSS&quot;, &quot;DSA&quot; or &quot;ECDSA&quot;.</p>
+
+<p>The TLS 1.3 signature scheme names (such as &quot;rsa_pss_pss_sha256&quot;) can also be used with the <b>_list</b> forms of the API.</p>
+
+<p>The use of MD5 as a digest is strongly discouraged due to security weaknesses.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using an array:</p>
+
+<pre><code> const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);</code></pre>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using a string:</p>
+
+<pre><code> SSL_CTX_set1_sigalgs_list(ctx, &quot;ECDSA+SHA256:RSA+SHA256&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_shared_sigalgs.html">SSL_get_shared_sigalgs(3)</a>, <a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_client_sigalgs_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_client_sigalgs_list.html
new file mode 100644
index 000000000..ef2aa7d66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_client_sigalgs_list.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_sigalgs, SSL_set1_sigalgs, SSL_CTX_set1_sigalgs_list, SSL_set1_sigalgs_list, SSL_CTX_set1_client_sigalgs, SSL_set1_client_sigalgs, SSL_CTX_set1_client_sigalgs_list, SSL_set1_client_sigalgs_list - set supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set1_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_sigalgs_list(SSL *ssl, const char *str);
+
+ long SSL_CTX_set1_client_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_client_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_client_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_client_sigalgs_list(SSL *ssl, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The array <b>slist</b> of length <b>slistlen</b> must consist of pairs of NIDs corresponding to digest and public key algorithms.</p>
+
+<p>SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The <b>str</b> parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by <b>+</b>, or a TLS 1.3-style named SignatureScheme such as rsa_pss_pss_sha256.</p>
+
+<p>SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), SSL_CTX_set1_client_sigalgs_list() and SSL_set1_client_sigalgs_list() set signature algorithms related to client authentication, otherwise they are identical to SSL_CTX_set1_sigalgs(), SSL_set1_sigalgs(), SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list().</p>
+
+<p>All these functions are implemented as macros. The signature algorithm parameter (integer array or string) is not freed: the application should free it, if necessary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to allow the setting of signature algorithms as one of many user configurable options it should consider using the more flexible SSL_CONF API instead.</p>
+
+<p>The signature algorithms set by a client are used directly in the supported signature algorithm in the client hello message.</p>
+
+<p>The supported signature algorithms set by a server are not sent to the client but are used to determine the set of shared signature algorithms and (if server preferences are set with SSL_OP_CIPHER_SERVER_PREFERENCE) their order.</p>
+
+<p>The client authentication signature algorithms set by a server are sent in a certificate request message if client authentication is enabled, otherwise they are unused.</p>
+
+<p>Similarly client authentication signature algorithms set by a client are used to determined the set of client authentication shared signature algorithms.</p>
+
+<p>Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).</p>
+
+<p>Currently the NID_md5, NID_sha1, NID_sha224, NID_sha256, NID_sha384 and NID_sha512 digest NIDs are supported and the public key algorithm NIDs EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_DSA and EVP_PKEY_EC.</p>
+
+<p>The short or long name values for digests can be used in a string (for example &quot;MD5&quot;, &quot;SHA1&quot;, &quot;SHA224&quot;, &quot;SHA256&quot;, &quot;SHA384&quot;, &quot;SHA512&quot;) and the public key algorithm strings &quot;RSA&quot;, &quot;RSA-PSS&quot;, &quot;DSA&quot; or &quot;ECDSA&quot;.</p>
+
+<p>The TLS 1.3 signature scheme names (such as &quot;rsa_pss_pss_sha256&quot;) can also be used with the <b>_list</b> forms of the API.</p>
+
+<p>The use of MD5 as a digest is strongly discouraged due to security weaknesses.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using an array:</p>
+
+<pre><code> const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);</code></pre>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using a string:</p>
+
+<pre><code> SSL_CTX_set1_sigalgs_list(ctx, &quot;ECDSA+SHA256:RSA+SHA256&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_shared_sigalgs.html">SSL_get_shared_sigalgs(3)</a>, <a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_curves.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_curves.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_curves.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_curves_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_curves_list.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_curves_list.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_groups.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_groups.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_groups.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_groups_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_groups_list.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_groups_list.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_param.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_param.html
new file mode 100644
index 000000000..8eafcb4e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_param.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get0_param</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get0_param, SSL_get0_param, SSL_CTX_set1_param, SSL_set1_param - get and set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
+ X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+ int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
+ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get0_param() and SSL_get0_param() retrieve an internal pointer to the verification parameters for <b>ctx</b> or <b>ssl</b> respectively. The returned pointer must not be freed by the calling application.</p>
+
+<p>SSL_CTX_set1_param() and SSL_set1_param() set the verification parameters to <b>vpm</b> for <b>ctx</b> or <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Typically parameters are retrieved from an <b>SSL_CTX</b> or <b>SSL</b> structure using SSL_CTX_get0_param() or SSL_get0_param() and an application modifies them to suit its needs: for example to add a hostname check.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Check hostname matches &quot;www.foo.com&quot; in peer certificate:</p>
+
+<pre><code> X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl);
+ X509_VERIFY_PARAM_set1_host(vpm, &quot;www.foo.com&quot;, 0);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get0_param() and SSL_get0_param() return a pointer to an <b>X509_VERIFY_PARAM</b> structure.</p>
+
+<p>SSL_CTX_set1_param() and SSL_set1_param() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_sigalgs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_sigalgs.html
new file mode 100644
index 000000000..ef2aa7d66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_sigalgs.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_sigalgs, SSL_set1_sigalgs, SSL_CTX_set1_sigalgs_list, SSL_set1_sigalgs_list, SSL_CTX_set1_client_sigalgs, SSL_set1_client_sigalgs, SSL_CTX_set1_client_sigalgs_list, SSL_set1_client_sigalgs_list - set supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set1_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_sigalgs_list(SSL *ssl, const char *str);
+
+ long SSL_CTX_set1_client_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_client_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_client_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_client_sigalgs_list(SSL *ssl, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The array <b>slist</b> of length <b>slistlen</b> must consist of pairs of NIDs corresponding to digest and public key algorithms.</p>
+
+<p>SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The <b>str</b> parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by <b>+</b>, or a TLS 1.3-style named SignatureScheme such as rsa_pss_pss_sha256.</p>
+
+<p>SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), SSL_CTX_set1_client_sigalgs_list() and SSL_set1_client_sigalgs_list() set signature algorithms related to client authentication, otherwise they are identical to SSL_CTX_set1_sigalgs(), SSL_set1_sigalgs(), SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list().</p>
+
+<p>All these functions are implemented as macros. The signature algorithm parameter (integer array or string) is not freed: the application should free it, if necessary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to allow the setting of signature algorithms as one of many user configurable options it should consider using the more flexible SSL_CONF API instead.</p>
+
+<p>The signature algorithms set by a client are used directly in the supported signature algorithm in the client hello message.</p>
+
+<p>The supported signature algorithms set by a server are not sent to the client but are used to determine the set of shared signature algorithms and (if server preferences are set with SSL_OP_CIPHER_SERVER_PREFERENCE) their order.</p>
+
+<p>The client authentication signature algorithms set by a server are sent in a certificate request message if client authentication is enabled, otherwise they are unused.</p>
+
+<p>Similarly client authentication signature algorithms set by a client are used to determined the set of client authentication shared signature algorithms.</p>
+
+<p>Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).</p>
+
+<p>Currently the NID_md5, NID_sha1, NID_sha224, NID_sha256, NID_sha384 and NID_sha512 digest NIDs are supported and the public key algorithm NIDs EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_DSA and EVP_PKEY_EC.</p>
+
+<p>The short or long name values for digests can be used in a string (for example &quot;MD5&quot;, &quot;SHA1&quot;, &quot;SHA224&quot;, &quot;SHA256&quot;, &quot;SHA384&quot;, &quot;SHA512&quot;) and the public key algorithm strings &quot;RSA&quot;, &quot;RSA-PSS&quot;, &quot;DSA&quot; or &quot;ECDSA&quot;.</p>
+
+<p>The TLS 1.3 signature scheme names (such as &quot;rsa_pss_pss_sha256&quot;) can also be used with the <b>_list</b> forms of the API.</p>
+
+<p>The use of MD5 as a digest is strongly discouraged due to security weaknesses.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using an array:</p>
+
+<pre><code> const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);</code></pre>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using a string:</p>
+
+<pre><code> SSL_CTX_set1_sigalgs_list(ctx, &quot;ECDSA+SHA256:RSA+SHA256&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_shared_sigalgs.html">SSL_get_shared_sigalgs(3)</a>, <a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_sigalgs_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_sigalgs_list.html
new file mode 100644
index 000000000..ef2aa7d66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_sigalgs_list.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_sigalgs, SSL_set1_sigalgs, SSL_CTX_set1_sigalgs_list, SSL_set1_sigalgs_list, SSL_CTX_set1_client_sigalgs, SSL_set1_client_sigalgs, SSL_CTX_set1_client_sigalgs_list, SSL_set1_client_sigalgs_list - set supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set1_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_sigalgs_list(SSL *ssl, const char *str);
+
+ long SSL_CTX_set1_client_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_client_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_client_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_client_sigalgs_list(SSL *ssl, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The array <b>slist</b> of length <b>slistlen</b> must consist of pairs of NIDs corresponding to digest and public key algorithms.</p>
+
+<p>SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The <b>str</b> parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by <b>+</b>, or a TLS 1.3-style named SignatureScheme such as rsa_pss_pss_sha256.</p>
+
+<p>SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), SSL_CTX_set1_client_sigalgs_list() and SSL_set1_client_sigalgs_list() set signature algorithms related to client authentication, otherwise they are identical to SSL_CTX_set1_sigalgs(), SSL_set1_sigalgs(), SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list().</p>
+
+<p>All these functions are implemented as macros. The signature algorithm parameter (integer array or string) is not freed: the application should free it, if necessary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to allow the setting of signature algorithms as one of many user configurable options it should consider using the more flexible SSL_CONF API instead.</p>
+
+<p>The signature algorithms set by a client are used directly in the supported signature algorithm in the client hello message.</p>
+
+<p>The supported signature algorithms set by a server are not sent to the client but are used to determine the set of shared signature algorithms and (if server preferences are set with SSL_OP_CIPHER_SERVER_PREFERENCE) their order.</p>
+
+<p>The client authentication signature algorithms set by a server are sent in a certificate request message if client authentication is enabled, otherwise they are unused.</p>
+
+<p>Similarly client authentication signature algorithms set by a client are used to determined the set of client authentication shared signature algorithms.</p>
+
+<p>Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).</p>
+
+<p>Currently the NID_md5, NID_sha1, NID_sha224, NID_sha256, NID_sha384 and NID_sha512 digest NIDs are supported and the public key algorithm NIDs EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_DSA and EVP_PKEY_EC.</p>
+
+<p>The short or long name values for digests can be used in a string (for example &quot;MD5&quot;, &quot;SHA1&quot;, &quot;SHA224&quot;, &quot;SHA256&quot;, &quot;SHA384&quot;, &quot;SHA512&quot;) and the public key algorithm strings &quot;RSA&quot;, &quot;RSA-PSS&quot;, &quot;DSA&quot; or &quot;ECDSA&quot;.</p>
+
+<p>The TLS 1.3 signature scheme names (such as &quot;rsa_pss_pss_sha256&quot;) can also be used with the <b>_list</b> forms of the API.</p>
+
+<p>The use of MD5 as a digest is strongly discouraged due to security weaknesses.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using an array:</p>
+
+<pre><code> const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);</code></pre>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using a string:</p>
+
+<pre><code> SSL_CTX_set1_sigalgs_list(ctx, &quot;ECDSA+SHA256:RSA+SHA256&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_shared_sigalgs.html">SSL_get_shared_sigalgs(3)</a>, <a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_verify_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_verify_cert_store.html
new file mode 100644
index 000000000..c93b012a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set1_verify_cert_store.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_verify_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate verification or chain store</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store() set the certificate store used for certificate verification to <b>st</b>.</p>
+
+<p>SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store() set the certificate store used for certificate chain building to <b>st</b>.</p>
+
+<p>SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied store so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied store <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The stores pointers associated with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. As a result SSL structures will not be affected if the parent SSL_CTX store pointer is set to a new value.</p>
+
+<p>The verification store is used to verify the certificate chain sent by the peer: that is an SSL/TLS client will use the verification store to verify the server&#39;s certificate chain and a SSL/TLS server will use it to verify any client certificate chain.</p>
+
+<p>The chain store is used to build the certificate chain.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set or a certificate chain is configured already (for example using the functions such as <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> or <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>) then automatic chain building is disabled.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set then automatic chain building is disabled.</p>
+
+<p>If the chain or the verification store is not set then the store associated with the parent SSL_CTX is used instead to retain compatibility with previous versions of OpenSSL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_allow_early_data_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_allow_early_data_cb.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_allow_early_data_cb.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_alpn_protos.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_alpn_protos.html
new file mode 100644
index 000000000..2c1cda006
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_alpn_protos.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_alpn_select_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb, SSL_CTX_set_next_protos_advertised_cb, SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated - handle application layer protocol negotiation (ALPN)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                             unsigned int protos_len);
+ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                         unsigned int protos_len);
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                 int (*cb) (SSL *ssl,
+                                            const unsigned char **out,
+                                            unsigned char *outlen,
+                                            const unsigned char *in,
+                                            unsigned int inlen,
+                                            void *arg), void *arg);
+ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                            int (*cb)(SSL *ssl,
+                                                      const unsigned char **out,
+                                                      unsigned int *outlen,
+                                                      void *arg),
+                                            void *arg);
+ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                               int (*cb)(SSL *s,
+                                         unsigned char **out,
+                                         unsigned char *outlen,
+                                         const unsigned char *in,
+                                         unsigned int inlen,
+                                         void *arg),
+                               void *arg);
+ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           const unsigned char *server,
+                           unsigned int server_len,
+                           const unsigned char *client,
+                           unsigned int client_len)
+ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                             unsigned *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to set the list of protocols available to be negotiated. The <b>protos</b> must be in protocol-list format, described below. The length of <b>protos</b> is specified in <b>protos_len</b>.</p>
+
+<p>SSL_CTX_set_alpn_select_cb() sets the application callback <b>cb</b> used by a server to select which protocol to use for the incoming connection. When <b>cb</b> is NULL, ALPN is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p><b>cb</b> is the application defined callback. The <b>in</b>, <b>inlen</b> parameters are a vector in protocol-list format. The value of the <b>out</b>, <b>outlen</b> vector should be set to the value of a single protocol selected from the <b>in</b>, <b>inlen</b> vector. The <b>out</b> buffer may point directly into <b>in</b>, or to a buffer that outlives the handshake. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_alpn_select_cb().</p>
+
+<p>SSL_select_next_proto() is a helper function used to select protocols. It implements the standard protocol selection. It is expected that this function is called from the application callback <b>cb</b>. The protocol data in <b>server</b>, <b>server_len</b> and <b>client</b>, <b>client_len</b> must be in the protocol-list format described below. The first item in the <b>server</b>, <b>server_len</b> list that matches an item in the <b>client</b>, <b>client_len</b> list is selected, and returned in <b>out</b>, <b>outlen</b>. The <b>out</b> value will point into either <b>server</b> or <b>client</b>, so it should be copied immediately. If no match is found, the first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>. This function can also be used in the NPN callback.</p>
+
+<p>SSL_CTX_set_next_proto_select_cb() sets a callback <b>cb</b> that is called when a client needs to select a protocol from the server&#39;s provided list, and a user-defined pointer argument <b>arg</b> which will be passed to this callback. For the callback itself, <b>out</b> must be set to point to the selected protocol (which may be within <b>in</b>). The length of the protocol name must be written into <b>outlen</b>. The server&#39;s advertised protocols are provided in <b>in</b> and <b>inlen</b>. The callback can assume that <b>in</b> is syntactically valid. The client must select a protocol. It is fatal to the connection if this callback returns a value other than <b>SSL_TLSEXT_ERR_OK</b>. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().</p>
+
+<p>SSL_CTX_set_next_protos_advertised_cb() sets a callback <b>cb</b> that is called when a TLS server needs a list of supported protocols for Next Protocol Negotiation. The returned list must be in protocol-list format, described below. The list is returned by setting <b>out</b> to point to it and <b>outlen</b> to its length. This memory will not be modified, but the <b>SSL</b> does keep a reference to it. The callback should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<p>SSL_get0_alpn_selected() returns a pointer to the selected protocol in <b>data</b> with length <b>len</b>. It is not NUL-terminated. <b>data</b> is set to NULL and <b>len</b> is set to 0 if no protocol has been selected. <b>data</b> must not be freed.</p>
+
+<p>SSL_get0_next_proto_negotiated() sets <b>data</b> and <b>len</b> to point to the client&#39;s requested protocol for this connection. If the client did not request any protocol or NPN is not enabled, then <b>data</b> is set to NULL and <b>len</b> to 0. Note that the client can request any protocol it chooses. The value returned from this function need not be a member of the list of supported protocols provided by the callback.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. The length of the vector is not in the vector itself, but in a separate variable.</p>
+
+<p>Example:</p>
+
+<pre><code> unsigned char vector[] = {
+     6, &#39;s&#39;, &#39;p&#39;, &#39;d&#39;, &#39;y&#39;, &#39;/&#39;, &#39;1&#39;,
+     8, &#39;h&#39;, &#39;t&#39;, &#39;t&#39;, &#39;p&#39;, &#39;/&#39;, &#39;1&#39;, &#39;.&#39;, &#39;1&#39;
+ };
+ unsigned int length = sizeof(vector);</code></pre>
+
+<p>The ALPN callback is executed after the servername callback; as that servername callback may update the SSL_CTX, and subsequently, the ALPN callback.</p>
+
+<p>If there is no ALPN proposed in the ClientHello, the ALPN callback is not invoked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and non-0 on failure. WARNING: these functions reverse the return value convention.</p>
+
+<p>SSL_select_next_proto() returns one of the following:</p>
+
+<dl>
+
+<dt id="OPENSSL_NPN_NEGOTIATED">OPENSSL_NPN_NEGOTIATED</dt>
+<dd>
+
+<p>A match was found and is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+<dt id="OPENSSL_NPN_NO_OVERLAP">OPENSSL_NPN_NO_OVERLAP</dt>
+<dd>
+
+<p>No match was found. The first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+</dl>
+
+<p>The ALPN select callback <b>cb</b>, must return one of the following:</p>
+
+<dl>
+
+<dt id="SSL_TLSEXT_ERR_OK">SSL_TLSEXT_ERR_OK</dt>
+<dd>
+
+<p>ALPN protocol selected.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_ALERT_FATAL">SSL_TLSEXT_ERR_ALERT_FATAL</dt>
+<dd>
+
+<p>There was no overlap between the client&#39;s supplied list and the server configuration.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_NOACK">SSL_TLSEXT_ERR_NOACK</dt>
+<dd>
+
+<p>ALPN protocol not selected, e.g., because no ALPN protocols are configured for this connection.</p>
+
+</dd>
+</dl>
+
+<p>The callback set using SSL_CTX_set_next_proto_select_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if successful. Any other value is fatal to the connection.</p>
+
+<p>The callback set using SSL_CTX_set_next_protos_advertised_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_arg.html">SSL_CTX_set_tlsext_servername_arg(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_alpn_select_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_alpn_select_cb.html
new file mode 100644
index 000000000..2c1cda006
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_alpn_select_cb.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_alpn_select_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb, SSL_CTX_set_next_protos_advertised_cb, SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated - handle application layer protocol negotiation (ALPN)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                             unsigned int protos_len);
+ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                         unsigned int protos_len);
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                 int (*cb) (SSL *ssl,
+                                            const unsigned char **out,
+                                            unsigned char *outlen,
+                                            const unsigned char *in,
+                                            unsigned int inlen,
+                                            void *arg), void *arg);
+ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                            int (*cb)(SSL *ssl,
+                                                      const unsigned char **out,
+                                                      unsigned int *outlen,
+                                                      void *arg),
+                                            void *arg);
+ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                               int (*cb)(SSL *s,
+                                         unsigned char **out,
+                                         unsigned char *outlen,
+                                         const unsigned char *in,
+                                         unsigned int inlen,
+                                         void *arg),
+                               void *arg);
+ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           const unsigned char *server,
+                           unsigned int server_len,
+                           const unsigned char *client,
+                           unsigned int client_len)
+ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                             unsigned *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to set the list of protocols available to be negotiated. The <b>protos</b> must be in protocol-list format, described below. The length of <b>protos</b> is specified in <b>protos_len</b>.</p>
+
+<p>SSL_CTX_set_alpn_select_cb() sets the application callback <b>cb</b> used by a server to select which protocol to use for the incoming connection. When <b>cb</b> is NULL, ALPN is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p><b>cb</b> is the application defined callback. The <b>in</b>, <b>inlen</b> parameters are a vector in protocol-list format. The value of the <b>out</b>, <b>outlen</b> vector should be set to the value of a single protocol selected from the <b>in</b>, <b>inlen</b> vector. The <b>out</b> buffer may point directly into <b>in</b>, or to a buffer that outlives the handshake. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_alpn_select_cb().</p>
+
+<p>SSL_select_next_proto() is a helper function used to select protocols. It implements the standard protocol selection. It is expected that this function is called from the application callback <b>cb</b>. The protocol data in <b>server</b>, <b>server_len</b> and <b>client</b>, <b>client_len</b> must be in the protocol-list format described below. The first item in the <b>server</b>, <b>server_len</b> list that matches an item in the <b>client</b>, <b>client_len</b> list is selected, and returned in <b>out</b>, <b>outlen</b>. The <b>out</b> value will point into either <b>server</b> or <b>client</b>, so it should be copied immediately. If no match is found, the first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>. This function can also be used in the NPN callback.</p>
+
+<p>SSL_CTX_set_next_proto_select_cb() sets a callback <b>cb</b> that is called when a client needs to select a protocol from the server&#39;s provided list, and a user-defined pointer argument <b>arg</b> which will be passed to this callback. For the callback itself, <b>out</b> must be set to point to the selected protocol (which may be within <b>in</b>). The length of the protocol name must be written into <b>outlen</b>. The server&#39;s advertised protocols are provided in <b>in</b> and <b>inlen</b>. The callback can assume that <b>in</b> is syntactically valid. The client must select a protocol. It is fatal to the connection if this callback returns a value other than <b>SSL_TLSEXT_ERR_OK</b>. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().</p>
+
+<p>SSL_CTX_set_next_protos_advertised_cb() sets a callback <b>cb</b> that is called when a TLS server needs a list of supported protocols for Next Protocol Negotiation. The returned list must be in protocol-list format, described below. The list is returned by setting <b>out</b> to point to it and <b>outlen</b> to its length. This memory will not be modified, but the <b>SSL</b> does keep a reference to it. The callback should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<p>SSL_get0_alpn_selected() returns a pointer to the selected protocol in <b>data</b> with length <b>len</b>. It is not NUL-terminated. <b>data</b> is set to NULL and <b>len</b> is set to 0 if no protocol has been selected. <b>data</b> must not be freed.</p>
+
+<p>SSL_get0_next_proto_negotiated() sets <b>data</b> and <b>len</b> to point to the client&#39;s requested protocol for this connection. If the client did not request any protocol or NPN is not enabled, then <b>data</b> is set to NULL and <b>len</b> to 0. Note that the client can request any protocol it chooses. The value returned from this function need not be a member of the list of supported protocols provided by the callback.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. The length of the vector is not in the vector itself, but in a separate variable.</p>
+
+<p>Example:</p>
+
+<pre><code> unsigned char vector[] = {
+     6, &#39;s&#39;, &#39;p&#39;, &#39;d&#39;, &#39;y&#39;, &#39;/&#39;, &#39;1&#39;,
+     8, &#39;h&#39;, &#39;t&#39;, &#39;t&#39;, &#39;p&#39;, &#39;/&#39;, &#39;1&#39;, &#39;.&#39;, &#39;1&#39;
+ };
+ unsigned int length = sizeof(vector);</code></pre>
+
+<p>The ALPN callback is executed after the servername callback; as that servername callback may update the SSL_CTX, and subsequently, the ALPN callback.</p>
+
+<p>If there is no ALPN proposed in the ClientHello, the ALPN callback is not invoked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and non-0 on failure. WARNING: these functions reverse the return value convention.</p>
+
+<p>SSL_select_next_proto() returns one of the following:</p>
+
+<dl>
+
+<dt id="OPENSSL_NPN_NEGOTIATED">OPENSSL_NPN_NEGOTIATED</dt>
+<dd>
+
+<p>A match was found and is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+<dt id="OPENSSL_NPN_NO_OVERLAP">OPENSSL_NPN_NO_OVERLAP</dt>
+<dd>
+
+<p>No match was found. The first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+</dl>
+
+<p>The ALPN select callback <b>cb</b>, must return one of the following:</p>
+
+<dl>
+
+<dt id="SSL_TLSEXT_ERR_OK">SSL_TLSEXT_ERR_OK</dt>
+<dd>
+
+<p>ALPN protocol selected.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_ALERT_FATAL">SSL_TLSEXT_ERR_ALERT_FATAL</dt>
+<dd>
+
+<p>There was no overlap between the client&#39;s supplied list and the server configuration.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_NOACK">SSL_TLSEXT_ERR_NOACK</dt>
+<dd>
+
+<p>ALPN protocol not selected, e.g., because no ALPN protocols are configured for this connection.</p>
+
+</dd>
+</dl>
+
+<p>The callback set using SSL_CTX_set_next_proto_select_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if successful. Any other value is fatal to the connection.</p>
+
+<p>The callback set using SSL_CTX_set_next_protos_advertised_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_arg.html">SSL_CTX_set_tlsext_servername_arg(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_block_padding.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_block_padding.html
new file mode 100644
index 000000000..57d5c7c64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_block_padding.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_record_padding_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_record_padding_callback, SSL_set_record_padding_callback, SSL_CTX_set_record_padding_callback_arg, SSL_set_record_padding_callback_arg, SSL_CTX_get_record_padding_callback_arg, SSL_get_record_padding_callback_arg, SSL_CTX_set_block_padding, SSL_set_block_padding - install callback to specify TLS 1.3 record padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+ void SSL_set_record_padding_callback(SSL *ssl, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+
+ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+
+ void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+ void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+
+ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+ int SSL_set_block_padding(SSL *ssl, size_t block_size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_record_padding_callback() or SSL_set_record_padding_callback() can be used to assign a callback function <i>cb</i> to specify the padding for TLS 1.3 records. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_set_record_padding_callback_arg() and SSL_set_record_padding_callback_arg() assign a value <b>arg</b> that is passed to the callback when it is invoked. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() retrieve the <b>arg</b> value that is passed to the callback.</p>
+
+<p>SSL_CTX_set_block_padding() and SSL_set_block_padding() pads the record to a multiple of the <b>block_size</b>. A <b>block_size</b> of 0 or 1 disables block padding. The limit of <b>block_size</b> is SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>The callback is invoked for every record before encryption. The <b>type</b> parameter is the TLS record type that is being processed; may be one of SSL3_RT_APPLICATION_DATA, SSL3_RT_HANDSHAKE, or SSL3_RT_ALERT. The <b>len</b> parameter is the current plaintext length of the record before encryption. The <b>arg</b> parameter is the value set via SSL_CTX_set_record_padding_callback_arg() or SSL_set_record_padding_callback_arg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() functions return the <b>arg</b> value assigned in the corresponding set functions.</p>
+
+<p>The SSL_CTX_set_block_padding() and SSL_set_block_padding() functions return 1 on success or 0 if <b>block_size</b> is too large.</p>
+
+<p>The <b>cb</b> returns the number of padding bytes to add to the record. A return of 0 indicates no padding will be added. A return value that causes the record to exceed the maximum record size (SSL3_RT_MAX_PLAIN_LENGTH) will pad out to the maximum record size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default behavior is to add no padding to the record.</p>
+
+<p>A user-supplied padding callback function will override the behavior set by SSL_set_block_padding() or SSL_CTX_set_block_padding(). Setting the user-supplied callback to NULL will restore the configured block padding behavior.</p>
+
+<p>These functions only apply to TLS 1.3 records being written.</p>
+
+<p>Padding bytes are not added in constant-time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The record padding API was added for TLS 1.3 support in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_cb.html
new file mode 100644
index 000000000..f6fd39d99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_cb.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cert_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cert_cb, SSL_set_cert_cb - handle certificate callback function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cert_cb)(SSL *ssl, void *arg),
+                          void *arg);
+ void SSL_set_cert_cb(SSL *s, int (*cert_cb)(SSL *ssl, void *arg), void *arg);
+
+ int (*cert_cb)(SSL *ssl, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cert_cb() and SSL_set_cert_cb() sets the cert_cb() callback, <b>arg</b> value is pointer which is passed to the application callback.</p>
+
+<p>When cert_cb() is NULL, no callback function is used.</p>
+
+<p>cert_cb() is the application defined callback. It is called before a certificate will be used by a client or server. The callback can then inspect the passed <b>ssl</b> structure and set or clear any appropriate certificates. If the callback is successful it <b>MUST</b> return 1 even if no certificates have been set. A zero is returned on error which will abort the handshake with a fatal internal error alert. A negative return value will suspend the handshake and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was suspended. The next call to the handshake function will again lead to the call of cert_cb(). It is the job of the cert_cb() to store information about the state of the last call, if required to continue.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An application will typically call SSL_use_certificate() and SSL_use_PrivateKey() to set the end entity certificate and private key. It can add intermediate and optionally the root CA certificates using SSL_add1_chain_cert().</p>
+
+<p>It might also call SSL_certs_clear() to delete any certificates associated with the <b>SSL</b> object.</p>
+
+<p>The certificate callback functionality supersedes the (largely broken) functionality provided by the old client certificate callback interface. It is <b>always</b> called even is a certificate is already set so the callback can modify or delete the existing certificate.</p>
+
+<p>A more advanced callback might examine the handshake parameters and set whatever chain is appropriate. For example a legacy client supporting only TLSv1.0 might receive a certificate chain signed using SHA1 whereas a TLSv1.2 or later client which advertises support for SHA256 could receive a chain using SHA256.</p>
+
+<p>Normal server sanity checks are performed on any certificates set by the callback. So if an EC chain is set for a curve the client does not support it will <b>not</b> be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cert_cb() and SSL_set_cert_cb() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_use_certificate.html">SSL_use_certificate(3)</a>, <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_store.html
new file mode 100644
index 000000000..b51de3d8b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_store.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cert_store, SSL_CTX_set1_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate verification storage</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
+ void SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store);
+ X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cert_store() sets/replaces the certificate verification storage of <b>ctx</b> to/with <b>store</b>. If another X509_STORE object is currently set in <b>ctx</b>, it will be X509_STORE_free()ed.</p>
+
+<p>SSL_CTX_set1_cert_store() sets/replaces the certificate verification storage of <b>ctx</b> to/with <b>store</b>. The <b>store</b>&#39;s reference count is incremented. If another X509_STORE object is currently set in <b>ctx</b>, it will be X509_STORE_free()ed.</p>
+
+<p>SSL_CTX_get_cert_store() returns a pointer to the current certificate verification storage.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In order to verify the certificates presented by the peer, trusted CA certificates must be accessed. These CA certificates are made available via lookup methods, handled inside the X509_STORE. From the X509_STORE the X509_STORE_CTX used when verifying certificates is created.</p>
+
+<p>Typically the trusted certificate store is handled indirectly via using <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>. Using the SSL_CTX_set_cert_store() and SSL_CTX_get_cert_store() functions it is possible to manipulate the X509_STORE object beyond the <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> call.</p>
+
+<p>Currently no detailed documentation on how to use the X509_STORE object is available. Not all members of the X509_STORE are used when the verification takes place. So will e.g. the verify_callback() be overridden with the verify_callback() set via the <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a> family of functions. This document must therefore be updated when documentation about the X509_STORE object and its handling becomes available.</p>
+
+<p>SSL_CTX_set_cert_store() does not increment the <b>store</b>&#39;s reference count, so it should not be used to assign an X509_STORE that is owned by another SSL_CTX.</p>
+
+<p>To share X509_STOREs between two SSL_CTXs, use SSL_CTX_get_cert_store() to get the X509_STORE from the first SSL_CTX, and then use SSL_CTX_set1_cert_store() to assign to the second SSL_CTX and increment the reference count of the X509_STORE.</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>The X509_STORE structure used by an SSL_CTX is used for verifying peer certificates and building certificate chains, it is also shared by every child SSL structure. Applications wanting finer control can use functions such as SSL_CTX_set1_verify_cert_store() instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cert_store() does not return diagnostic output.</p>
+
+<p>SSL_CTX_set1_cert_store() does not return diagnostic output.</p>
+
+<p>SSL_CTX_get_cert_store() returns the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_verify_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_verify_callback.html
new file mode 100644
index 000000000..708979ffd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_verify_callback.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cert_verify_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cert_verify_callback - set peer certificate verification procedure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
+                                       int (*callback)(X509_STORE_CTX *, void *),
+                                       void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cert_verify_callback() sets the verification callback function for <i>ctx</i>. SSL objects that are created from <i>ctx</i> inherit the setting valid at the time when <a href="../man3/SSL_new.html">SSL_new(3)</a> is called.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Whenever a certificate is verified during a SSL/TLS handshake, a verification function is called. If the application does not explicitly specify a verification callback function, the built-in verification function is used. If a verification callback <i>callback</i> is specified via SSL_CTX_set_cert_verify_callback(), the supplied callback function is called instead. By setting <i>callback</i> to NULL, the default behaviour is restored.</p>
+
+<p>When the verification must be performed, <i>callback</i> will be called with the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The argument <i>arg</i> is specified by the application when setting <i>callback</i>.</p>
+
+<p><i>callback</i> should return 1 to indicate verification success and 0 to indicate verification failure. If SSL_VERIFY_PEER is set and <i>callback</i> returns 0, the handshake will fail. As the verification procedure may allow the connection to continue in the case of failure (by always returning 1) the verification result must be set in any case using the <b>error</b> member of <i>x509_store_ctx</i> so that the calling application will be informed about the detailed result of the verification procedure!</p>
+
+<p>Within <i>x509_store_ctx</i>, <i>callback</i> has access to the <i>verify_callback</i> function set using <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cert_verify_callback() does not return a value.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Do not mix the verification callback described in this function with the <b>verify_callback</b> function called during the verification process. The latter is set using the <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a> family of functions.</p>
+
+<p>Providing a complete verification procedure including certificate purpose settings etc is a complex task. The built-in procedure is quite powerful and in most cases it should be sufficient to modify its behaviour using the <b>verify_callback</b> function.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>SSL_CTX_set_cert_verify_callback() does not provide diagnostic information.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cipher_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cipher_list.html
new file mode 100644
index 000000000..bc7dbdbb3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_cipher_list.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cipher_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cipher_list, SSL_set_cipher_list, SSL_CTX_set_ciphersuites, SSL_set_ciphersuites - choose list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
+ int SSL_set_cipher_list(SSL *ssl, const char *str);
+
+ int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str);
+ int SSL_set_ciphersuites(SSL *s, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cipher_list() sets the list of available ciphers (TLSv1.2 and below) for <b>ctx</b> using the control string <b>str</b>. The format of the string is described in <a href="../man1/ciphers.html">ciphers(1)</a>. The list of ciphers is inherited by all <b>ssl</b> objects created from <b>ctx</b>. This function does not impact TLSv1.3 ciphersuites. Use SSL_CTX_set_ciphersuites() to configure those.</p>
+
+<p>SSL_set_cipher_list() sets the list of ciphers (TLSv1.2 and below) only for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_ciphersuites() is used to configure the available TLSv1.3 ciphersuites for <b>ctx</b>. This is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names in order of perference. Valid TLSv1.3 ciphersuite names are:</p>
+
+<dl>
+
+<dt id="TLS_AES_128_GCM_SHA256">TLS_AES_128_GCM_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_256_GCM_SHA384">TLS_AES_256_GCM_SHA384</dt>
+<dd>
+
+</dd>
+<dt id="TLS_CHACHA20_POLY1305_SHA256">TLS_CHACHA20_POLY1305_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_128_CCM_SHA256">TLS_AES_128_CCM_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_128_CCM_8_SHA256">TLS_AES_128_CCM_8_SHA256</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>An empty list is permissible. The default value for the this setting is:</p>
+
+<p>&quot;TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256&quot;</p>
+
+<p>SSL_set_ciphersuites() is the same as SSL_CTX_set_ciphersuites() except it configures the ciphersuites for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The control string <b>str</b> for SSL_CTX_set_cipher_list() and SSL_set_cipher_list() should be universally usable and not depend on details of the library configuration (ciphers compiled in). Thus no syntax checking takes place. Items that are not recognized, because the corresponding ciphers are not compiled in or because they are mistyped, are simply ignored. Failure is only flagged if no ciphers could be collected at all.</p>
+
+<p>It should be noted, that inclusion of a cipher to be used into the list is a necessary condition. On the client side, the inclusion into the list is also sufficient unless the security level excludes it. On the server side, additional restrictions apply. All ciphers have additional requirements. ADH ciphers don&#39;t need a certificate, but DH-parameters must have been set. All other ciphers need a corresponding certificate and key.</p>
+
+<p>A RSA cipher can only be chosen, when a RSA certificate is available. RSA ciphers using DHE need a certificate and key and additional DH-parameters (see <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>).</p>
+
+<p>A DSA cipher can only be chosen, when a DSA certificate is available. DSA ciphers always use DH key exchange and therefore need DH-parameters (see <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>).</p>
+
+<p>When these conditions are not met for any cipher in the list (e.g. a client only supports export RSA ciphers with an asymmetric key length of 512 bits and the server is not configured to use temporary RSA keys), the &quot;no shared cipher&quot; (SSL_R_NO_SHARED_CIPHER) error is generated and the handshake will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher could be selected and 0 on complete failure.</p>
+
+<p>SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() return 1 if the requested ciphersuite list was configured, and 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ciphersuites.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ciphersuites.html
new file mode 100644
index 000000000..bc7dbdbb3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ciphersuites.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cipher_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cipher_list, SSL_set_cipher_list, SSL_CTX_set_ciphersuites, SSL_set_ciphersuites - choose list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
+ int SSL_set_cipher_list(SSL *ssl, const char *str);
+
+ int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str);
+ int SSL_set_ciphersuites(SSL *s, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cipher_list() sets the list of available ciphers (TLSv1.2 and below) for <b>ctx</b> using the control string <b>str</b>. The format of the string is described in <a href="../man1/ciphers.html">ciphers(1)</a>. The list of ciphers is inherited by all <b>ssl</b> objects created from <b>ctx</b>. This function does not impact TLSv1.3 ciphersuites. Use SSL_CTX_set_ciphersuites() to configure those.</p>
+
+<p>SSL_set_cipher_list() sets the list of ciphers (TLSv1.2 and below) only for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_ciphersuites() is used to configure the available TLSv1.3 ciphersuites for <b>ctx</b>. This is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names in order of perference. Valid TLSv1.3 ciphersuite names are:</p>
+
+<dl>
+
+<dt id="TLS_AES_128_GCM_SHA256">TLS_AES_128_GCM_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_256_GCM_SHA384">TLS_AES_256_GCM_SHA384</dt>
+<dd>
+
+</dd>
+<dt id="TLS_CHACHA20_POLY1305_SHA256">TLS_CHACHA20_POLY1305_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_128_CCM_SHA256">TLS_AES_128_CCM_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_128_CCM_8_SHA256">TLS_AES_128_CCM_8_SHA256</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>An empty list is permissible. The default value for the this setting is:</p>
+
+<p>&quot;TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256&quot;</p>
+
+<p>SSL_set_ciphersuites() is the same as SSL_CTX_set_ciphersuites() except it configures the ciphersuites for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The control string <b>str</b> for SSL_CTX_set_cipher_list() and SSL_set_cipher_list() should be universally usable and not depend on details of the library configuration (ciphers compiled in). Thus no syntax checking takes place. Items that are not recognized, because the corresponding ciphers are not compiled in or because they are mistyped, are simply ignored. Failure is only flagged if no ciphers could be collected at all.</p>
+
+<p>It should be noted, that inclusion of a cipher to be used into the list is a necessary condition. On the client side, the inclusion into the list is also sufficient unless the security level excludes it. On the server side, additional restrictions apply. All ciphers have additional requirements. ADH ciphers don&#39;t need a certificate, but DH-parameters must have been set. All other ciphers need a corresponding certificate and key.</p>
+
+<p>A RSA cipher can only be chosen, when a RSA certificate is available. RSA ciphers using DHE need a certificate and key and additional DH-parameters (see <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>).</p>
+
+<p>A DSA cipher can only be chosen, when a DSA certificate is available. DSA ciphers always use DH key exchange and therefore need DH-parameters (see <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>).</p>
+
+<p>When these conditions are not met for any cipher in the list (e.g. a client only supports export RSA ciphers with an asymmetric key length of 512 bits and the server is not configured to use temporary RSA keys), the &quot;no shared cipher&quot; (SSL_R_NO_SHARED_CIPHER) error is generated and the handshake will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher could be selected and 0 on complete failure.</p>
+
+<p>SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() return 1 if the requested ciphersuite list was configured, and 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_cert_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_cert_cb.html
new file mode 100644
index 000000000..d9ce14869
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_cert_cb.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_cert_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_cert_cb, SSL_CTX_get_client_cert_cb - handle client certificate callback function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+                                 int (*client_cert_cb)(SSL *ssl, X509 **x509,
+                                                       EVP_PKEY **pkey));
+ int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
+                                                 EVP_PKEY **pkey);
+ int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_cert_cb() sets the client_cert_cb() callback, that is called when a client certificate is requested by a server and no certificate was yet set for the SSL object.</p>
+
+<p>When client_cert_cb() is NULL, no callback function is used.</p>
+
+<p>SSL_CTX_get_client_cert_cb() returns a pointer to the currently set callback function.</p>
+
+<p>client_cert_cb() is the application defined callback. If it wants to set a certificate, a certificate/private key combination must be set using the <b>x509</b> and <b>pkey</b> arguments and &quot;1&quot; must be returned. The certificate will be installed into <b>ssl</b>, see the NOTES and BUGS sections. If no certificate should be set, &quot;0&quot; has to be returned and no certificate will be sent. A negative return value will suspend the handshake and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was suspended. The next call to the handshake function will again lead to the call of client_cert_cb(). It is the job of the client_cert_cb() to store information about the state of the last call, if required to continue.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During a handshake (or renegotiation) a server may request a certificate from the client. A client certificate must only be sent, when the server did send the request.</p>
+
+<p>When a certificate was set using the <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a> family of functions, it will be sent to the server. The TLS standard requires that only a certificate is sent, if it matches the list of acceptable CAs sent by the server. This constraint is violated by the default behavior of the OpenSSL library. Using the callback function it is possible to implement a proper selection routine or to allow a user interaction to choose the certificate to be sent.</p>
+
+<p>If a callback function is defined and no certificate was yet defined for the SSL object, the callback function will be called. If the callback function returns a certificate, the OpenSSL library will try to load the private key and certificate data into the SSL object using the SSL_use_certificate() and SSL_use_private_key() functions. Thus it will permanently install the certificate and key for this SSL object. It will not be reset by calling <a href="../man3/SSL_clear.html">SSL_clear(3)</a>. If the callback returns no certificate, the OpenSSL library will not send a certificate.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get_client_cert_cb() returns function pointer of client_cert_cb() or NULL if the callback is not set.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The client_cert_cb() cannot return a complete certificate chain, it can only return one client certificate. If the chain only has a length of 2, the root CA certificate may be omitted according to the TLS standard and thus a standard conforming answer can be sent to the server. For a longer chain, the client must send the complete chain (with the option to leave out the root CA certificate). This can only be accomplished by either adding the intermediate CA certificates into the trusted certificate store for the SSL_CTX object (resulting in having to add CA certificates that otherwise maybe would not be trusted), or by adding the chain certificates using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function, which is only available for the SSL_CTX object as a whole and that therefore probably can only apply for one client certificate, making the concept of the callback function (to allow the choice from several certificates) questionable.</p>
+
+<p>Once the SSL object has been used in conjunction with the callback function, the certificate will be set for the SSL object and will not be cleared even when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is being called. It is therefore mandatory to destroy the SSL object using <a href="../man3/SSL_free.html">SSL_free(3)</a> and create a new one to return to the previous state.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_hello_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_hello_cb.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_client_hello_cb.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ct_validation_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ct_validation_callback.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ct_validation_callback.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ctlog_list_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ctlog_list_file.html
new file mode 100644
index 000000000..f9318e146
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ctlog_list_file.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ctlog_list_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_ctlog_list_file, SSL_CTX_set_ctlog_list_file - load a Certificate Transparency log list from a file</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_default_ctlog_list_file(SSL_CTX *ctx);
+ int SSL_CTX_set_ctlog_list_file(SSL_CTX *ctx, const char *path);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_ctlog_list_file() loads a list of Certificate Transparency (CT) logs from the default file location, &quot;ct_log_list.cnf&quot;, found in the directory where OpenSSL is installed.</p>
+
+<p>SSL_CTX_set_ctlog_list_file() loads a list of CT logs from a specific path. See <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a> for the file format.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions will not clear the existing CT log list - it will be appended to. To replace the existing list, use <a>SSL_CTX_set0_ctlog_store</a> first.</p>
+
+<p>If an error occurs whilst parsing a particular log entry in the file, that log entry will be skipped.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_default_ctlog_list_file() and SSL_CTX_set_ctlog_list_file() return 1 if the log list is successfully loaded, and 0 if an error occurs. In the case of an error, the log list may have been partially loaded.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_ct_validation_callback.html">SSL_CTX_set_ct_validation_callback(3)</a>, <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_current_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_current_cert.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_current_cert.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_ctlog_list_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_ctlog_list_file.html
new file mode 100644
index 000000000..f9318e146
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_ctlog_list_file.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ctlog_list_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_ctlog_list_file, SSL_CTX_set_ctlog_list_file - load a Certificate Transparency log list from a file</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_default_ctlog_list_file(SSL_CTX *ctx);
+ int SSL_CTX_set_ctlog_list_file(SSL_CTX *ctx, const char *path);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_ctlog_list_file() loads a list of Certificate Transparency (CT) logs from the default file location, &quot;ct_log_list.cnf&quot;, found in the directory where OpenSSL is installed.</p>
+
+<p>SSL_CTX_set_ctlog_list_file() loads a list of CT logs from a specific path. See <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a> for the file format.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions will not clear the existing CT log list - it will be appended to. To replace the existing list, use <a>SSL_CTX_set0_ctlog_store</a> first.</p>
+
+<p>If an error occurs whilst parsing a particular log entry in the file, that log entry will be skipped.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_default_ctlog_list_file() and SSL_CTX_set_ctlog_list_file() return 1 if the log list is successfully loaded, and 0 if an error occurs. In the case of an error, the log list may have been partially loaded.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_ct_validation_callback.html">SSL_CTX_set_ct_validation_callback(3)</a>, <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_passwd_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_passwd_cb.html
new file mode 100644
index 000000000..7351cd5a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_passwd_cb.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_default_passwd_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata, SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata, SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata, SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or get passwd callback for encrypted PEM file handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
+ void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_passwd_cb() sets the default password callback called when loading/storing a PEM certificate with encryption.</p>
+
+<p>SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata, <b>u</b>, which will be provided to the password callback on invocation.</p>
+
+<p>SSL_CTX_get_default_passwd_cb() returns a function pointer to the password callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to the userdata currently set in <b>ctx</b>. If no userdata was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(), SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform the same function as their SSL_CTX counterparts, but using an SSL object.</p>
+
+<p>The password callback, which must be provided by the application, hands back the password to be used during decryption. On invocation a pointer to userdata is provided. The function must store the password into the provided buffer <b>buf</b> which is of size <b>size</b>. The actual length of the password must be returned to the calling function. <b>rwflag</b> indicates whether the callback is used for reading/decryption (rwflag=0) or writing/encryption (rwflag=1). For more details, see <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When loading or storing private keys, a password might be supplied to protect the private key. The way this password can be supplied may depend on the application. If only one private key is handled, it can be practical to have the callback handle the password dialog interactively. If several keys have to be handled, it can be practical to ask for the password once, then keep it in memory and use it several times. In the last case, the password could be stored into the userdata storage and the callback only returns the password already stored.</p>
+
+<p>When asking for the password interactively, the callback can use <b>rwflag</b> to check, whether an item shall be encrypted (rwflag=1). In this case the password dialog may ask for the same password twice for comparison in order to catch typos, that would make decryption impossible.</p>
+
+<p>Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not provide diagnostic information.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example returns the password provided as userdata to the calling function. The password is considered to be a &#39;\0&#39; terminated string. If the password does not fit into the buffer, the password is truncated.</p>
+
+<pre><code> int my_cb(char *buf, int size, int rwflag, void *u)
+ {
+     strncpy(buf, (char *)u, size);
+     buf[size - 1] = &#39;\0&#39;;
+     return strlen(buf);
+ }</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(), SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_passwd_cb_userdata.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_passwd_cb_userdata.html
new file mode 100644
index 000000000..7351cd5a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_passwd_cb_userdata.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_default_passwd_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata, SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata, SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata, SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or get passwd callback for encrypted PEM file handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
+ void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_passwd_cb() sets the default password callback called when loading/storing a PEM certificate with encryption.</p>
+
+<p>SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata, <b>u</b>, which will be provided to the password callback on invocation.</p>
+
+<p>SSL_CTX_get_default_passwd_cb() returns a function pointer to the password callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to the userdata currently set in <b>ctx</b>. If no userdata was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(), SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform the same function as their SSL_CTX counterparts, but using an SSL object.</p>
+
+<p>The password callback, which must be provided by the application, hands back the password to be used during decryption. On invocation a pointer to userdata is provided. The function must store the password into the provided buffer <b>buf</b> which is of size <b>size</b>. The actual length of the password must be returned to the calling function. <b>rwflag</b> indicates whether the callback is used for reading/decryption (rwflag=0) or writing/encryption (rwflag=1). For more details, see <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When loading or storing private keys, a password might be supplied to protect the private key. The way this password can be supplied may depend on the application. If only one private key is handled, it can be practical to have the callback handle the password dialog interactively. If several keys have to be handled, it can be practical to ask for the password once, then keep it in memory and use it several times. In the last case, the password could be stored into the userdata storage and the callback only returns the password already stored.</p>
+
+<p>When asking for the password interactively, the callback can use <b>rwflag</b> to check, whether an item shall be encrypted (rwflag=1). In this case the password dialog may ask for the same password twice for comparison in order to catch typos, that would make decryption impossible.</p>
+
+<p>Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not provide diagnostic information.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example returns the password provided as userdata to the calling function. The password is considered to be a &#39;\0&#39; terminated string. If the password does not fit into the buffer, the password is truncated.</p>
+
+<pre><code> int my_cb(char *buf, int size, int rwflag, void *u)
+ {
+     strncpy(buf, (char *)u, size);
+     buf[size - 1] = &#39;\0&#39;;
+     return strlen(buf);
+ }</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(), SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_read_buffer_len.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_read_buffer_len.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_read_buffer_len.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_dir.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_dir.html
new file mode 100644
index 000000000..05aee0f9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_dir.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_load_verify_locations</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_load_verify_locations, SSL_CTX_set_default_verify_paths, SSL_CTX_set_default_verify_dir, SSL_CTX_set_default_verify_file - set default locations for trusted CA certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+                                   const char *CApath);
+
+ int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+
+ int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx);
+
+ int SSL_CTX_set_default_verify_file(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_load_verify_locations() specifies the locations for <b>ctx</b>, at which CA certificates for verification purposes are located. The certificates available via <b>CAfile</b> and <b>CApath</b> are trusted.</p>
+
+<p>SSL_CTX_set_default_verify_paths() specifies that the default locations from which CA certificates are loaded should be used. There is one default directory and one default file. The default CA certificates directory is called &quot;certs&quot; in the default OpenSSL directory. Alternatively the SSL_CERT_DIR environment variable can be defined to override this location. The default CA certificates file is called &quot;cert.pem&quot; in the default OpenSSL directory. Alternatively the SSL_CERT_FILE environment variable can be defined to override this location.</p>
+
+<p>SSL_CTX_set_default_verify_dir() is similar to SSL_CTX_set_default_verify_paths() except that just the default directory is used.</p>
+
+<p>SSL_CTX_set_default_verify_file() is similar to SSL_CTX_set_default_verify_paths() except that just the default file is used.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If <b>CAfile</b> is not NULL, it points to a file of CA certificates in PEM format. The file can contain several CA certificates identified by</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ ... (CA certificate in base64 encoding) ...
+ -----END CERTIFICATE-----</code></pre>
+
+<p>sequences. Before, between, and after the certificates text is allowed which can be used e.g. for descriptions of the certificates.</p>
+
+<p>The <b>CAfile</b> is processed on execution of the SSL_CTX_load_verify_locations() function.</p>
+
+<p>If <b>CApath</b> is not NULL, it points to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search is performed in the ordering of the extension number, regardless of other properties of the certificates. Use the <b>c_rehash</b> utility to create the necessary links.</p>
+
+<p>The certificates in <b>CApath</b> are only looked up when required, e.g. when building the certificate chain or when actually performing the verification of a peer certificate.</p>
+
+<p>When looking up CA certificates, the OpenSSL library will first search the certificates in <b>CAfile</b>, then those in <b>CApath</b>. Certificate matching is done based on the subject name, the key identifier (if present), and the serial number as taken from the certificate to be verified. If these data do not match, the next certificate will be tried. If a first certificate matching the parameters is found, the verification process will be performed; no other certificates for the same parameters will be searched in case of failure.</p>
+
+<p>In server mode, when requesting a client certificate, the server must send the list of CAs of which it will accept client certificates. This list is not influenced by the contents of <b>CAfile</b> or <b>CApath</b> and must explicitly be set using the <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a> family of functions.</p>
+
+<p>When building its own certificate chain, an OpenSSL client/server will try to fill in missing certificates from <b>CAfile</b>/<b>CApath</b>, if the certificate chain was not explicitly specified (see <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>If several CA certificates matching the name, key identifier, and serial number condition are available, only the first one will be examined. This may lead to unexpected results if the same CA certificate is available with different expiration dates. If a &quot;certificate expired&quot; verification error occurs, no other certificate will be searched. Make sure to not have expired certificates mixed with valid ones.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a CA certificate file with descriptive text from the CA certificates ca1.pem ca2.pem ca3.pem:</p>
+
+<pre><code> #!/bin/sh
+ rm CAfile.pem
+ for i in ca1.pem ca2.pem ca3.pem ; do
+     openssl x509 -in $i -text &gt;&gt; CAfile.pem
+ done</code></pre>
+
+<p>Prepare the directory /some/where/certs containing several CA certificates for use as <b>CApath</b>:</p>
+
+<pre><code> cd /some/where/certs
+ c_rehash .</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For SSL_CTX_load_verify_locations the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed because <b>CAfile</b> and <b>CApath</b> are NULL or the processing at one of the locations specified failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_set_default_verify_paths(), SSL_CTX_set_default_verify_dir() and SSL_CTX_set_default_verify_file() all return 1 on success or 0 on failure. A missing default location is still treated as a success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_file.html
new file mode 100644
index 000000000..05aee0f9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_file.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_load_verify_locations</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_load_verify_locations, SSL_CTX_set_default_verify_paths, SSL_CTX_set_default_verify_dir, SSL_CTX_set_default_verify_file - set default locations for trusted CA certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+                                   const char *CApath);
+
+ int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+
+ int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx);
+
+ int SSL_CTX_set_default_verify_file(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_load_verify_locations() specifies the locations for <b>ctx</b>, at which CA certificates for verification purposes are located. The certificates available via <b>CAfile</b> and <b>CApath</b> are trusted.</p>
+
+<p>SSL_CTX_set_default_verify_paths() specifies that the default locations from which CA certificates are loaded should be used. There is one default directory and one default file. The default CA certificates directory is called &quot;certs&quot; in the default OpenSSL directory. Alternatively the SSL_CERT_DIR environment variable can be defined to override this location. The default CA certificates file is called &quot;cert.pem&quot; in the default OpenSSL directory. Alternatively the SSL_CERT_FILE environment variable can be defined to override this location.</p>
+
+<p>SSL_CTX_set_default_verify_dir() is similar to SSL_CTX_set_default_verify_paths() except that just the default directory is used.</p>
+
+<p>SSL_CTX_set_default_verify_file() is similar to SSL_CTX_set_default_verify_paths() except that just the default file is used.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If <b>CAfile</b> is not NULL, it points to a file of CA certificates in PEM format. The file can contain several CA certificates identified by</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ ... (CA certificate in base64 encoding) ...
+ -----END CERTIFICATE-----</code></pre>
+
+<p>sequences. Before, between, and after the certificates text is allowed which can be used e.g. for descriptions of the certificates.</p>
+
+<p>The <b>CAfile</b> is processed on execution of the SSL_CTX_load_verify_locations() function.</p>
+
+<p>If <b>CApath</b> is not NULL, it points to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search is performed in the ordering of the extension number, regardless of other properties of the certificates. Use the <b>c_rehash</b> utility to create the necessary links.</p>
+
+<p>The certificates in <b>CApath</b> are only looked up when required, e.g. when building the certificate chain or when actually performing the verification of a peer certificate.</p>
+
+<p>When looking up CA certificates, the OpenSSL library will first search the certificates in <b>CAfile</b>, then those in <b>CApath</b>. Certificate matching is done based on the subject name, the key identifier (if present), and the serial number as taken from the certificate to be verified. If these data do not match, the next certificate will be tried. If a first certificate matching the parameters is found, the verification process will be performed; no other certificates for the same parameters will be searched in case of failure.</p>
+
+<p>In server mode, when requesting a client certificate, the server must send the list of CAs of which it will accept client certificates. This list is not influenced by the contents of <b>CAfile</b> or <b>CApath</b> and must explicitly be set using the <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a> family of functions.</p>
+
+<p>When building its own certificate chain, an OpenSSL client/server will try to fill in missing certificates from <b>CAfile</b>/<b>CApath</b>, if the certificate chain was not explicitly specified (see <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>If several CA certificates matching the name, key identifier, and serial number condition are available, only the first one will be examined. This may lead to unexpected results if the same CA certificate is available with different expiration dates. If a &quot;certificate expired&quot; verification error occurs, no other certificate will be searched. Make sure to not have expired certificates mixed with valid ones.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a CA certificate file with descriptive text from the CA certificates ca1.pem ca2.pem ca3.pem:</p>
+
+<pre><code> #!/bin/sh
+ rm CAfile.pem
+ for i in ca1.pem ca2.pem ca3.pem ; do
+     openssl x509 -in $i -text &gt;&gt; CAfile.pem
+ done</code></pre>
+
+<p>Prepare the directory /some/where/certs containing several CA certificates for use as <b>CApath</b>:</p>
+
+<pre><code> cd /some/where/certs
+ c_rehash .</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For SSL_CTX_load_verify_locations the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed because <b>CAfile</b> and <b>CApath</b> are NULL or the processing at one of the locations specified failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_set_default_verify_paths(), SSL_CTX_set_default_verify_dir() and SSL_CTX_set_default_verify_file() all return 1 on success or 0 on failure. A missing default location is still treated as a success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_paths.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_paths.html
new file mode 100644
index 000000000..05aee0f9a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_paths.html
@@ -0,0 +1,131 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_load_verify_locations</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_load_verify_locations, SSL_CTX_set_default_verify_paths, SSL_CTX_set_default_verify_dir, SSL_CTX_set_default_verify_file - set default locations for trusted CA certificates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+                                   const char *CApath);
+
+ int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+
+ int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx);
+
+ int SSL_CTX_set_default_verify_file(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_load_verify_locations() specifies the locations for <b>ctx</b>, at which CA certificates for verification purposes are located. The certificates available via <b>CAfile</b> and <b>CApath</b> are trusted.</p>
+
+<p>SSL_CTX_set_default_verify_paths() specifies that the default locations from which CA certificates are loaded should be used. There is one default directory and one default file. The default CA certificates directory is called &quot;certs&quot; in the default OpenSSL directory. Alternatively the SSL_CERT_DIR environment variable can be defined to override this location. The default CA certificates file is called &quot;cert.pem&quot; in the default OpenSSL directory. Alternatively the SSL_CERT_FILE environment variable can be defined to override this location.</p>
+
+<p>SSL_CTX_set_default_verify_dir() is similar to SSL_CTX_set_default_verify_paths() except that just the default directory is used.</p>
+
+<p>SSL_CTX_set_default_verify_file() is similar to SSL_CTX_set_default_verify_paths() except that just the default file is used.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If <b>CAfile</b> is not NULL, it points to a file of CA certificates in PEM format. The file can contain several CA certificates identified by</p>
+
+<pre><code> -----BEGIN CERTIFICATE-----
+ ... (CA certificate in base64 encoding) ...
+ -----END CERTIFICATE-----</code></pre>
+
+<p>sequences. Before, between, and after the certificates text is allowed which can be used e.g. for descriptions of the certificates.</p>
+
+<p>The <b>CAfile</b> is processed on execution of the SSL_CTX_load_verify_locations() function.</p>
+
+<p>If <b>CApath</b> is not NULL, it points to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search is performed in the ordering of the extension number, regardless of other properties of the certificates. Use the <b>c_rehash</b> utility to create the necessary links.</p>
+
+<p>The certificates in <b>CApath</b> are only looked up when required, e.g. when building the certificate chain or when actually performing the verification of a peer certificate.</p>
+
+<p>When looking up CA certificates, the OpenSSL library will first search the certificates in <b>CAfile</b>, then those in <b>CApath</b>. Certificate matching is done based on the subject name, the key identifier (if present), and the serial number as taken from the certificate to be verified. If these data do not match, the next certificate will be tried. If a first certificate matching the parameters is found, the verification process will be performed; no other certificates for the same parameters will be searched in case of failure.</p>
+
+<p>In server mode, when requesting a client certificate, the server must send the list of CAs of which it will accept client certificates. This list is not influenced by the contents of <b>CAfile</b> or <b>CApath</b> and must explicitly be set using the <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a> family of functions.</p>
+
+<p>When building its own certificate chain, an OpenSSL client/server will try to fill in missing certificates from <b>CAfile</b>/<b>CApath</b>, if the certificate chain was not explicitly specified (see <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>If several CA certificates matching the name, key identifier, and serial number condition are available, only the first one will be examined. This may lead to unexpected results if the same CA certificate is available with different expiration dates. If a &quot;certificate expired&quot; verification error occurs, no other certificate will be searched. Make sure to not have expired certificates mixed with valid ones.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Generate a CA certificate file with descriptive text from the CA certificates ca1.pem ca2.pem ca3.pem:</p>
+
+<pre><code> #!/bin/sh
+ rm CAfile.pem
+ for i in ca1.pem ca2.pem ca3.pem ; do
+     openssl x509 -in $i -text &gt;&gt; CAfile.pem
+ done</code></pre>
+
+<p>Prepare the directory /some/where/certs containing several CA certificates for use as <b>CApath</b>:</p>
+
+<pre><code> cd /some/where/certs
+ c_rehash .</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For SSL_CTX_load_verify_locations the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed because <b>CAfile</b> and <b>CApath</b> are NULL or the processing at one of the locations specified failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_set_default_verify_paths(), SSL_CTX_set_default_verify_dir() and SSL_CTX_set_default_verify_file() all return 1 on success or 0 on failure. A missing default location is still treated as a success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ex_data.html
new file mode 100644
index 000000000..4a6cbddd5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ex_data.html
@@ -0,0 +1,64 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_ex_data, SSL_CTX_set_ex_data, SSL_get_ex_data, SSL_set_ex_data - Store and retrieve extra data from the SSL_CTX, SSL or SSL_SESSION</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);
+
+ int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg);
+
+ void *SSL_get_ex_data(const SSL *s, int idx);
+
+ int SSL_set_ex_data(SSL *s, int idx, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL*_set_ex_data() functions can be used to store arbitrary user data into the <b>SSL_CTX</b>, or <b>SSL</b> object. The user must supply a unique index which they can subsequently use to retrieve the data using SSL*_get_ex_data().</p>
+
+<p>For more detailed information see <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a> and <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a> which implement these functions and <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for generating a unique index.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_ex_data() functions return 1 if the item is successfully stored and 0 if it is not. The SSL*_get_ex_data() functions return the ex_data pointer if successful, otherwise NULL.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_generate_session_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_generate_session_id.html
new file mode 100644
index 000000000..d6315039d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_generate_session_id.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_generate_session_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id, GEN_SESSION_CB - manipulate generation of SSL session IDs (server only)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
+                               unsigned int *id_len);
+
+ int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
+ int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb);
+ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+                                 unsigned int id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_generate_session_id() sets the callback function for generating new session ids for SSL/TLS sessions for <b>ctx</b> to be <b>cb</b>.</p>
+
+<p>SSL_set_generate_session_id() sets the callback function for generating new session ids for SSL/TLS sessions for <b>ssl</b> to be <b>cb</b>.</p>
+
+<p>SSL_has_matching_session_id() checks, whether a session with id <b>id</b> (of length <b>id_len</b>) is already contained in the internal session cache of the parent context of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a new session is established between client and server, the server generates a session id. The session id is an arbitrary sequence of bytes. The length of the session id is between 1 and 32 bytes. The session id is not security critical but must be unique for the server. Additionally, the session id is transmitted in the clear when reusing the session so it must not contain sensitive information.</p>
+
+<p>Without a callback being set, an OpenSSL server will generate a unique session id from pseudo random numbers of the maximum possible length. Using the callback function, the session id can be changed to contain additional information like e.g. a host id in order to improve load balancing or external caching techniques.</p>
+
+<p>The callback function receives a pointer to the memory location to put <b>id</b> into and a pointer to the maximum allowed length <b>id_len</b>. The buffer at location <b>id</b> is only guaranteed to have the size <b>id_len</b>. The callback is only allowed to generate a shorter id and reduce <b>id_len</b>; the callback <b>must never</b> increase <b>id_len</b> or write to the location <b>id</b> exceeding the given limit.</p>
+
+<p>The location <b>id</b> is filled with 0x00 before the callback is called, so the callback may only fill part of the possible length and leave <b>id_len</b> untouched while maintaining reproducibility.</p>
+
+<p>Since the sessions must be distinguished, session ids must be unique. Without the callback a random number is used, so that the probability of generating the same session id is extremely small (2^256 for SSLv3/TLSv1). In order to assure the uniqueness of the generated session id, the callback must call SSL_has_matching_session_id() and generate another id if a conflict occurs. If an id conflict is not resolved, the handshake will fail. If the application codes e.g. a unique host id, a unique process number, and a unique sequence number into the session id, uniqueness could easily be achieved without randomness added (it should however be taken care that no confidential information is leaked this way). If the application can not guarantee uniqueness, it is recommended to use the maximum <b>id_len</b> and fill in the bytes not used to code special information with random data to avoid collisions.</p>
+
+<p>SSL_has_matching_session_id() will only query the internal session cache, not the external one. Since the session id is generated before the handshake is completed, it is not immediately added to the cache. If another thread is using the same internal session cache, a race condition can occur in that another thread generates the same session id. Collisions can also occur when using an external session cache, since the external cache is not tested with SSL_has_matching_session_id() and the same race condition applies.</p>
+
+<p>The callback must return 0 if it cannot generate a session id for whatever reason and return 1 on success.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The callback function listed will generate a session id with the server id given, and will fill the rest with pseudo random bytes:</p>
+
+<pre><code> const char session_id_prefix = &quot;www-18&quot;;
+
+ #define MAX_SESSION_ID_ATTEMPTS 10
+ static int generate_session_id(const SSL *ssl, unsigned char *id,
+                                unsigned int *id_len)
+ {
+     unsigned int count = 0;
+
+     do {
+         RAND_pseudo_bytes(id, *id_len);
+         /*
+          * Prefix the session_id with the required prefix. NB: If our
+          * prefix is too long, clip it - but there will be worse effects
+          * anyway, eg. the server could only possibly create 1 session
+          * ID (ie. the prefix!) so all future session negotiations will
+          * fail due to conflicts.
+          */
+         memcpy(id, session_id_prefix, strlen(session_id_prefix) &lt; *id_len ?
+                                       strlen(session_id_prefix) : *id_len);
+     } while (SSL_has_matching_session_id(ssl, id, *id_len)
+               &amp;&amp; ++count &lt; MAX_SESSION_ID_ATTEMPTS);
+     if (count &gt;= MAX_SESSION_ID_ATTEMPTS)
+         return 0;
+     return 1;
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id() always return 1.</p>
+
+<p>SSL_has_matching_session_id() returns 1 if another session with the same id is already in the cache.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_version.html">SSL_get_version(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_info_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_info_callback.html
new file mode 100644
index 000000000..1f7a32dbd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_info_callback.html
@@ -0,0 +1,186 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_info_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL_get_info_callback - handle information callback for SSL connections</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
+ void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
+
+ void SSL_set_info_callback(SSL *ssl, void (*callback)());
+ void (*SSL_get_info_callback(const SSL *ssl))();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_info_callback() sets the <b>callback</b> function, that can be used to obtain state information for SSL objects created from <b>ctx</b> during connection setup and use. The setting for <b>ctx</b> is overridden from the setting for a specific SSL object, if specified. When <b>callback</b> is NULL, no callback function is used.</p>
+
+<p>SSL_set_info_callback() sets the <b>callback</b> function, that can be used to obtain state information for <b>ssl</b> during connection setup and use. When <b>callback</b> is NULL, the callback setting currently valid for <b>ctx</b> is used.</p>
+
+<p>SSL_CTX_get_info_callback() returns a pointer to the currently set information callback function for <b>ctx</b>.</p>
+
+<p>SSL_get_info_callback() returns a pointer to the currently set information callback function for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When setting up a connection and during use, it is possible to obtain state information from the SSL/TLS engine. When set, an information callback function is called whenever a significant event occurs such as: the state changes, an alert appears, or an error occurs.</p>
+
+<p>The callback function is called as <b>callback(SSL *ssl, int where, int ret)</b>. The <b>where</b> argument specifies information about where (in which context) the callback function was called. If <b>ret</b> is 0, an error condition occurred. If an alert is handled, SSL_CB_ALERT is set and <b>ret</b> specifies the alert information.</p>
+
+<p><b>where</b> is a bitmask made up of the following bits:</p>
+
+<dl>
+
+<dt id="SSL_CB_LOOP">SSL_CB_LOOP</dt>
+<dd>
+
+<p>Callback has been called to indicate state change or some other significant state machine event. This may mean that the callback gets invoked more than once per state in some situations.</p>
+
+</dd>
+<dt id="SSL_CB_EXIT">SSL_CB_EXIT</dt>
+<dd>
+
+<p>Callback has been called to indicate exit of a handshake function. This will happen after the end of a handshake, but may happen at other times too such as on error or when IO might otherwise block and non-blocking is being used.</p>
+
+</dd>
+<dt id="SSL_CB_READ">SSL_CB_READ</dt>
+<dd>
+
+<p>Callback has been called during read operation.</p>
+
+</dd>
+<dt id="SSL_CB_WRITE">SSL_CB_WRITE</dt>
+<dd>
+
+<p>Callback has been called during write operation.</p>
+
+</dd>
+<dt id="SSL_CB_ALERT">SSL_CB_ALERT</dt>
+<dd>
+
+<p>Callback has been called due to an alert being sent or received.</p>
+
+</dd>
+<dt id="SSL_CB_READ_ALERT-SSL_CB_ALERT-SSL_CB_READ">SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_WRITE_ALERT-SSL_CB_ALERT-SSL_CB_WRITE">SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_ACCEPT_LOOP-SSL_ST_ACCEPT-SSL_CB_LOOP">SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_ACCEPT_EXIT-SSL_ST_ACCEPT-SSL_CB_EXIT">SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_CONNECT_LOOP-SSL_ST_CONNECT-SSL_CB_LOOP">SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_CONNECT_EXIT-SSL_ST_CONNECT-SSL_CB_EXIT">SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_HANDSHAKE_START">SSL_CB_HANDSHAKE_START</dt>
+<dd>
+
+<p>Callback has been called because a new handshake is started. It also occurs when resuming a handshake following a pause to handle early data.</p>
+
+</dd>
+<dt id="SSL_CB_HANDSHAKE_DONE">SSL_CB_HANDSHAKE_DONE</dt>
+<dd>
+
+<p>Callback has been called because a handshake is finished. It also occurs if the handshake is paused to allow the exchange of early data.</p>
+
+</dd>
+</dl>
+
+<p>The current state information can be obtained using the <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a> family of functions.</p>
+
+<p>The <b>ret</b> information can be evaluated using the <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a> family of functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_info_callback() does not provide diagnostic information.</p>
+
+<p>SSL_get_info_callback() returns the current setting.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example callback function prints state strings, information about alerts being handled and error messages to the <b>bio_err</b> BIO.</p>
+
+<pre><code> void apps_ssl_info_callback(SSL *s, int where, int ret)
+ {
+     const char *str;
+     int w = where &amp; ~SSL_ST_MASK;
+
+     if (w &amp; SSL_ST_CONNECT)
+         str = &quot;SSL_connect&quot;;
+     else if (w &amp; SSL_ST_ACCEPT)
+         str = &quot;SSL_accept&quot;;
+     else
+         str = &quot;undefined&quot;;
+
+     if (where &amp; SSL_CB_LOOP) {
+         BIO_printf(bio_err, &quot;%s:%s\n&quot;, str, SSL_state_string_long(s));
+     } else if (where &amp; SSL_CB_ALERT) {
+         str = (where &amp; SSL_CB_READ) ? &quot;read&quot; : &quot;write&quot;;
+         BIO_printf(bio_err, &quot;SSL3 alert %s:%s:%s\n&quot;, str,
+                    SSL_alert_type_string_long(ret),
+                    SSL_alert_desc_string_long(ret));
+     } else if (where &amp; SSL_CB_EXIT) {
+         if (ret == 0) {
+             BIO_printf(bio_err, &quot;%s:failed in %s\n&quot;,
+                        str, SSL_state_string_long(s));
+         } else if (ret &lt; 0) {
+             BIO_printf(bio_err, &quot;%s:error in %s\n&quot;,
+                        str, SSL_state_string_long(s));
+         }
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a>, <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_keylog_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_keylog_callback.html
new file mode 100644
index 000000000..7143f4b6a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_keylog_callback.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_keylog_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_keylog_callback, SSL_CTX_get_keylog_callback, SSL_CTX_keylog_cb_func - logging TLS key material</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef void (*SSL_CTX_keylog_cb_func)(const SSL *ssl, const char *line);
+
+ void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb);
+ SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_keylog_callback() sets the TLS key logging callback. This callback is called whenever TLS key material is generated or received, in order to allow applications to store this keying material for debugging purposes.</p>
+
+<p>SSL_CTX_get_keylog_callback() retrieves the previously set TLS key logging callback. If no callback has been set, this will return NULL. When there is no key logging callback, or if SSL_CTX_set_keylog_callback is called with NULL as the value of cb, no logging of key material will be done.</p>
+
+<p>The key logging callback is called with two items: the <b>ssl</b> object associated with the connection, and <b>line</b>, a string containing the key material in the format used by NSS for its <b>SSLKEYLOGFILE</b> debugging output. To recreate that file, the key logging callback should log <b>line</b>, followed by a newline. <b>line</b> will always be a NULL-terminated string.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get_keylog_callback() returns a pointer to <b>SSL_CTX_keylog_cb_func</b> or NULL if the callback is not set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_cert_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_cert_list.html
new file mode 100644
index 000000000..5e23392bb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_cert_list.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_max_cert_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list - manipulate allowed size for the peer&#39;s certificate chain</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_cert_list(SSL_CTX *ctx, long size);
+ long SSL_CTX_get_max_cert_list(SSL_CTX *ctx);
+
+ long SSL_set_max_cert_list(SSL *ssl, long size);
+ long SSL_get_max_cert_list(SSL *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer&#39;s certificate chain for all SSL objects created from <b>ctx</b> to be &lt;size&gt; bytes. The SSL objects inherit the setting valid for <b>ctx</b> at the time <a href="../man3/SSL_new.html">SSL_new(3)</a> is being called.</p>
+
+<p>SSL_CTX_get_max_cert_list() returns the currently set maximum size for <b>ctx</b>.</p>
+
+<p>SSL_set_max_cert_list() sets the maximum size allowed for the peer&#39;s certificate chain for <b>ssl</b> to be &lt;size&gt; bytes. This setting stays valid until a new value is set.</p>
+
+<p>SSL_get_max_cert_list() returns the currently set maximum size for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During the handshake process, the peer may send a certificate chain. The TLS/SSL standard does not give any maximum size of the certificate chain. The OpenSSL library handles incoming data by a dynamically allocated buffer. In order to prevent this buffer from growing without bounds due to data received from a faulty or malicious peer, a maximum size for the certificate chain is set.</p>
+
+<p>The default value for the maximum certificate chain size is 100kB (30kB on the 16bit DOS platform). This should be sufficient for usual certificate chains (OpenSSL&#39;s default maximum chain length is 10, see <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, and certificates without special extensions have a typical size of 1-2kB).</p>
+
+<p>For special applications it can be necessary to extend the maximum certificate chain size allowed to be sent by the peer, see e.g. the work on &quot;Internet X.509 Public Key Infrastructure Proxy Certificate Profile&quot; and &quot;TLS Delegation Protocol&quot; at http://www.ietf.org/ and http://www.globus.org/ .</p>
+
+<p>Under normal conditions it should never be necessary to set a value smaller than the default, as the buffer is handled dynamically and only uses the memory actually required by the data sent by the peer.</p>
+
+<p>If the maximum certificate chain size allowed is exceeded, the handshake will fail with a SSL_R_EXCESSIVE_MESSAGE_SIZE error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_max_cert_list() and SSL_set_max_cert_list() return the previously set value.</p>
+
+<p>SSL_CTX_get_max_cert_list() and SSL_get_max_cert_list() return the currently set value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_pipelines.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_pipelines.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_pipelines.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_proto_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_proto_version.html
new file mode 100644
index 000000000..a5aadff8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_proto_version.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_min_proto_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
+ int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
+
+ int SSL_set_min_proto_version(SSL *ssl, int version);
+ int SSL_set_max_proto_version(SSL *ssl, int version);
+ int SSL_get_min_proto_version(SSL *ssl);
+ int SSL_get_max_proto_version(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions get or set the minimum and maximum supported protocol versions for the <b>ctx</b> or <b>ssl</b>. This works in combination with the options set via <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.</p>
+
+<p>Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.</p>
+
+<p>Getters return 0 in case <b>ctx</b> or <b>ssl</b> have been configured to automatically use the lowest or highest version supported by the library.</p>
+
+<p>Currently supported versions are <b>SSL3_VERSION</b>, <b>TLS1_VERSION</b>, <b>TLS1_1_VERSION</b>, <b>TLS1_2_VERSION</b>, <b>TLS1_3_VERSION</b> for TLS and <b>DTLS1_VERSION</b>, <b>DTLS1_2_VERSION</b> for DTLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_send_fragment.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_send_fragment.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_max_send_fragment.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_min_proto_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_min_proto_version.html
new file mode 100644
index 000000000..a5aadff8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_min_proto_version.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_min_proto_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
+ int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
+
+ int SSL_set_min_proto_version(SSL *ssl, int version);
+ int SSL_set_max_proto_version(SSL *ssl, int version);
+ int SSL_get_min_proto_version(SSL *ssl);
+ int SSL_get_max_proto_version(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions get or set the minimum and maximum supported protocol versions for the <b>ctx</b> or <b>ssl</b>. This works in combination with the options set via <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.</p>
+
+<p>Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.</p>
+
+<p>Getters return 0 in case <b>ctx</b> or <b>ssl</b> have been configured to automatically use the lowest or highest version supported by the library.</p>
+
+<p>Currently supported versions are <b>SSL3_VERSION</b>, <b>TLS1_VERSION</b>, <b>TLS1_1_VERSION</b>, <b>TLS1_2_VERSION</b>, <b>TLS1_3_VERSION</b> for TLS and <b>DTLS1_VERSION</b>, <b>DTLS1_2_VERSION</b> for DTLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_mode.html
new file mode 100644
index 000000000..2e6c33d57
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_mode.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_mode, SSL_CTX_clear_mode, SSL_set_mode, SSL_clear_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
+ long SSL_CTX_clear_mode(SSL_CTX *ctx, long mode);
+ long SSL_set_mode(SSL *ssl, long mode);
+ long SSL_clear_mode(SSL *ssl, long mode);
+
+ long SSL_CTX_get_mode(SSL_CTX *ctx);
+ long SSL_get_mode(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ctx</b>. Options already set before are not cleared. SSL_CTX_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ctx</b>.</p>
+
+<p>SSL_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ssl</b>. Options already set before are not cleared. SSL_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_mode() returns the mode set for <b>ctx</b>.</p>
+
+<p>SSL_get_mode() returns the mode set for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following mode changes are available:</p>
+
+<dl>
+
+<dt id="SSL_MODE_ENABLE_PARTIAL_WRITE">SSL_MODE_ENABLE_PARTIAL_WRITE</dt>
+<dd>
+
+<p>Allow SSL_write_ex(..., n, &amp;r) to return with 0 &lt; r &lt; n (i.e. report success when just a single record has been written). This works in a similar way for SSL_write(). When not set (the default), SSL_write_ex() or SSL_write() will only report success once the complete chunk was written. Once SSL_write_ex() or SSL_write() returns successful, <b>r</b> bytes have been written and the next call to SSL_write_ex() or SSL_write() must only send the n-r bytes left, imitating the behaviour of write().</p>
+
+</dd>
+<dt id="SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER">SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</dt>
+<dd>
+
+<p>Make it possible to retry SSL_write_ex() or SSL_write() with changed buffer location (the buffer contents must stay the same). This is not the default to avoid the misconception that non-blocking SSL_write() behaves like non-blocking write().</p>
+
+</dd>
+<dt id="SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</dt>
+<dd>
+
+<p>During normal operations, non-application data records might need to be sent or received that the application is not aware of. If a non-application data record was processed, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> can return with a failure and indicate the need to retry with <b>SSL_ERROR_WANT_READ</b>. If such a non-application data record was processed, the flag <b>SSL_MODE_AUTO_RETRY</b> causes it to try to process the next record instead of returning.</p>
+
+<p>In a non-blocking environment applications must be prepared to handle incomplete read/write operations. Setting <b>SSL_MODE_AUTO_RETRY</b> for a non-blocking <b>BIO</b> will process non-application data records until either no more data is available or an application data record has been processed.</p>
+
+<p>In a blocking environment, applications are not always prepared to deal with the functions returning intermediate reports such as retry requests, and setting the <b>SSL_MODE_AUTO_RETRY</b> flag will cause the functions to only return after successfully processing an application data record or a failure.</p>
+
+<p>Turning off <b>SSL_MODE_AUTO_RETRY</b> can be useful with blocking <b>BIO</b>s in case they are used in combination with something like select() or poll(). Otherwise the call to SSL_read() or SSL_read_ex() might hang when a non-application record was sent and no application data was sent.</p>
+
+</dd>
+<dt id="SSL_MODE_RELEASE_BUFFERS">SSL_MODE_RELEASE_BUFFERS</dt>
+<dd>
+
+<p>When we no longer need a read buffer or a write buffer for a given SSL, then release the memory we were using to hold it. Using this flag can save around 34k per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections.</p>
+
+</dd>
+<dt id="SSL_MODE_SEND_FALLBACK_SCSV">SSL_MODE_SEND_FALLBACK_SCSV</dt>
+<dd>
+
+<p>Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications that reconnect with a downgraded protocol version; see draft-ietf-tls-downgrade-scsv-00 for details.</p>
+
+<p>DO NOT ENABLE THIS if your application attempts a normal handshake. Only use this in explicit fallback retries, following the guidance in draft-ietf-tls-downgrade-scsv-00.</p>
+
+</dd>
+<dt id="SSL_MODE_ASYNC">SSL_MODE_ASYNC</dt>
+<dd>
+
+<p>Enable asynchronous processing. TLS I/O operations may indicate a retry with SSL_ERROR_WANT_ASYNC with this mode set if an asynchronous capable engine is used to perform cryptographic operations. See <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+</dd>
+<dt id="SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG">SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG</dt>
+<dd>
+
+<p>Older versions of OpenSSL had a bug in the computation of the label length used for computing the endpoint-pair shared secret. The bug was that the terminating zero was included in the length of the label. Setting this option enables this behaviour to allow interoperability with such broken implementations. Please note that setting this option breaks interoperability with correct implementations. This option only applies to DTLS over SCTP.</p>
+
+</dd>
+</dl>
+
+<p>All modes are off by default except for SSL_MODE_AUTO_RETRY which is on by default since 1.1.1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask after adding <b>mode</b>.</p>
+
+<p>SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_MODE_ASYNC was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_msg_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_msg_callback.html
new file mode 100644
index 000000000..444b63155
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_msg_callback.html
@@ -0,0 +1,142 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_msg_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SSL_set_msg_callback_arg - install callback for observing protocol messages</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+                               void (*cb)(int write_p, int version,
+                                          int content_type, const void *buf,
+                                          size_t len, SSL *ssl, void *arg));
+ void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
+
+ void SSL_set_msg_callback(SSL *ssl,
+                           void (*cb)(int write_p, int version,
+                                      int content_type, const void *buf,
+                                      size_t len, SSL *ssl, void *arg));
+ void SSL_set_msg_callback_arg(SSL *ssl, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_msg_callback() or SSL_set_msg_callback() can be used to define a message callback function <i>cb</i> for observing all SSL/TLS protocol messages (such as handshake messages) that are received or sent, as well as other events that occur during processing. SSL_CTX_set_msg_callback_arg() and SSL_set_msg_callback_arg() can be used to set argument <i>arg</i> to the callback function, which is available for arbitrary application use.</p>
+
+<p>SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify default settings that will be copied to new <b>SSL</b> objects by <a href="../man3/SSL_new.html">SSL_new(3)</a>. SSL_set_msg_callback() and SSL_set_msg_callback_arg() modify the actual settings of an <b>SSL</b> object. Using a <b>NULL</b> pointer for <i>cb</i> disables the message callback.</p>
+
+<p>When <i>cb</i> is called by the SSL/TLS library the function arguments have the following meaning:</p>
+
+<dl>
+
+<dt id="write_p"><i>write_p</i></dt>
+<dd>
+
+<p>This flag is <b>0</b> when a protocol message has been received and <b>1</b> when a protocol message has been sent.</p>
+
+</dd>
+<dt id="version"><i>version</i></dt>
+<dd>
+
+<p>The protocol version according to which the protocol message is interpreted by the library such as <b>TLS1_3_VERSION</b>, <b>TLS1_2_VERSION</b> etc. This is set to 0 for the SSL3_RT_HEADER pseudo content type (see NOTES below).</p>
+
+</dd>
+<dt id="content_type"><i>content_type</i></dt>
+<dd>
+
+<p>This is one of the content type values defined in the protocol specification (<b>SSL3_RT_CHANGE_CIPHER_SPEC</b>, <b>SSL3_RT_ALERT</b>, <b>SSL3_RT_HANDSHAKE</b>; but never <b>SSL3_RT_APPLICATION_DATA</b> because the callback will only be called for protocol messages). Alternatively it may be a &quot;pseudo&quot; content type. These pseudo content types are used to signal some other event in the processing of data (see NOTES below).</p>
+
+</dd>
+<dt id="buf-len"><i>buf</i>, <i>len</i></dt>
+<dd>
+
+<p><i>buf</i> points to a buffer containing the protocol message or other data (in the case of pseudo content types), which consists of <i>len</i> bytes. The buffer is no longer valid after the callback function has returned.</p>
+
+</dd>
+<dt id="ssl"><i>ssl</i></dt>
+<dd>
+
+<p>The <b>SSL</b> object that received or sent the message.</p>
+
+</dd>
+<dt id="arg"><i>arg</i></dt>
+<dd>
+
+<p>The user-defined argument optionally defined by SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg().</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Protocol messages are passed to the callback function after decryption and fragment collection where applicable. (Thus record boundaries are not visible.)</p>
+
+<p>If processing a received protocol message results in an error, the callback function may not be called. For example, the callback function will never see messages that are considered too large to be processed.</p>
+
+<p>Due to automatic protocol version negotiation, <i>version</i> is not necessarily the protocol version used by the sender of the message: If a TLS 1.0 ClientHello message is received by an SSL 3.0-only server, <i>version</i> will be <b>SSL3_VERSION</b>.</p>
+
+<p>Pseudo content type values may be sent at various points during the processing of data. The following pseudo content types are currently defined:</p>
+
+<dl>
+
+<dt id="SSL3_RT_HEADER"><b>SSL3_RT_HEADER</b></dt>
+<dd>
+
+<p>Used when a record is sent or received. The <b>buf</b> contains the record header bytes only.</p>
+
+</dd>
+<dt id="SSL3_RT_INNER_CONTENT_TYPE"><b>SSL3_RT_INNER_CONTENT_TYPE</b></dt>
+<dd>
+
+<p>Used when an encrypted TLSv1.3 record is sent or received. In encrypted TLSv1.3 records the content type in the record header is always SSL3_RT_APPLICATION_DATA. The real content type for the record is contained in an &quot;inner&quot; content type. <b>buf</b> contains the encoded &quot;inner&quot; content type byte.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(), SSL_set_msg_callback() and SSL_set_msg_callback_arg() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The pseudo content type <b>SSL3_RT_INNER_CONTENT_TYPE</b> was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_msg_callback_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_msg_callback_arg.html
new file mode 100644
index 000000000..444b63155
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_msg_callback_arg.html
@@ -0,0 +1,142 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_msg_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SSL_set_msg_callback_arg - install callback for observing protocol messages</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+                               void (*cb)(int write_p, int version,
+                                          int content_type, const void *buf,
+                                          size_t len, SSL *ssl, void *arg));
+ void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
+
+ void SSL_set_msg_callback(SSL *ssl,
+                           void (*cb)(int write_p, int version,
+                                      int content_type, const void *buf,
+                                      size_t len, SSL *ssl, void *arg));
+ void SSL_set_msg_callback_arg(SSL *ssl, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_msg_callback() or SSL_set_msg_callback() can be used to define a message callback function <i>cb</i> for observing all SSL/TLS protocol messages (such as handshake messages) that are received or sent, as well as other events that occur during processing. SSL_CTX_set_msg_callback_arg() and SSL_set_msg_callback_arg() can be used to set argument <i>arg</i> to the callback function, which is available for arbitrary application use.</p>
+
+<p>SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify default settings that will be copied to new <b>SSL</b> objects by <a href="../man3/SSL_new.html">SSL_new(3)</a>. SSL_set_msg_callback() and SSL_set_msg_callback_arg() modify the actual settings of an <b>SSL</b> object. Using a <b>NULL</b> pointer for <i>cb</i> disables the message callback.</p>
+
+<p>When <i>cb</i> is called by the SSL/TLS library the function arguments have the following meaning:</p>
+
+<dl>
+
+<dt id="write_p"><i>write_p</i></dt>
+<dd>
+
+<p>This flag is <b>0</b> when a protocol message has been received and <b>1</b> when a protocol message has been sent.</p>
+
+</dd>
+<dt id="version"><i>version</i></dt>
+<dd>
+
+<p>The protocol version according to which the protocol message is interpreted by the library such as <b>TLS1_3_VERSION</b>, <b>TLS1_2_VERSION</b> etc. This is set to 0 for the SSL3_RT_HEADER pseudo content type (see NOTES below).</p>
+
+</dd>
+<dt id="content_type"><i>content_type</i></dt>
+<dd>
+
+<p>This is one of the content type values defined in the protocol specification (<b>SSL3_RT_CHANGE_CIPHER_SPEC</b>, <b>SSL3_RT_ALERT</b>, <b>SSL3_RT_HANDSHAKE</b>; but never <b>SSL3_RT_APPLICATION_DATA</b> because the callback will only be called for protocol messages). Alternatively it may be a &quot;pseudo&quot; content type. These pseudo content types are used to signal some other event in the processing of data (see NOTES below).</p>
+
+</dd>
+<dt id="buf-len"><i>buf</i>, <i>len</i></dt>
+<dd>
+
+<p><i>buf</i> points to a buffer containing the protocol message or other data (in the case of pseudo content types), which consists of <i>len</i> bytes. The buffer is no longer valid after the callback function has returned.</p>
+
+</dd>
+<dt id="ssl"><i>ssl</i></dt>
+<dd>
+
+<p>The <b>SSL</b> object that received or sent the message.</p>
+
+</dd>
+<dt id="arg"><i>arg</i></dt>
+<dd>
+
+<p>The user-defined argument optionally defined by SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg().</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Protocol messages are passed to the callback function after decryption and fragment collection where applicable. (Thus record boundaries are not visible.)</p>
+
+<p>If processing a received protocol message results in an error, the callback function may not be called. For example, the callback function will never see messages that are considered too large to be processed.</p>
+
+<p>Due to automatic protocol version negotiation, <i>version</i> is not necessarily the protocol version used by the sender of the message: If a TLS 1.0 ClientHello message is received by an SSL 3.0-only server, <i>version</i> will be <b>SSL3_VERSION</b>.</p>
+
+<p>Pseudo content type values may be sent at various points during the processing of data. The following pseudo content types are currently defined:</p>
+
+<dl>
+
+<dt id="SSL3_RT_HEADER"><b>SSL3_RT_HEADER</b></dt>
+<dd>
+
+<p>Used when a record is sent or received. The <b>buf</b> contains the record header bytes only.</p>
+
+</dd>
+<dt id="SSL3_RT_INNER_CONTENT_TYPE"><b>SSL3_RT_INNER_CONTENT_TYPE</b></dt>
+<dd>
+
+<p>Used when an encrypted TLSv1.3 record is sent or received. In encrypted TLSv1.3 records the content type in the record header is always SSL3_RT_APPLICATION_DATA. The real content type for the record is contained in an &quot;inner&quot; content type. <b>buf</b> contains the encoded &quot;inner&quot; content type byte.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(), SSL_set_msg_callback() and SSL_set_msg_callback_arg() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The pseudo content type <b>SSL3_RT_INNER_CONTENT_TYPE</b> was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_next_proto_select_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_next_proto_select_cb.html
new file mode 100644
index 000000000..2c1cda006
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_next_proto_select_cb.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_alpn_select_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb, SSL_CTX_set_next_protos_advertised_cb, SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated - handle application layer protocol negotiation (ALPN)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                             unsigned int protos_len);
+ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                         unsigned int protos_len);
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                 int (*cb) (SSL *ssl,
+                                            const unsigned char **out,
+                                            unsigned char *outlen,
+                                            const unsigned char *in,
+                                            unsigned int inlen,
+                                            void *arg), void *arg);
+ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                            int (*cb)(SSL *ssl,
+                                                      const unsigned char **out,
+                                                      unsigned int *outlen,
+                                                      void *arg),
+                                            void *arg);
+ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                               int (*cb)(SSL *s,
+                                         unsigned char **out,
+                                         unsigned char *outlen,
+                                         const unsigned char *in,
+                                         unsigned int inlen,
+                                         void *arg),
+                               void *arg);
+ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           const unsigned char *server,
+                           unsigned int server_len,
+                           const unsigned char *client,
+                           unsigned int client_len)
+ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                             unsigned *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to set the list of protocols available to be negotiated. The <b>protos</b> must be in protocol-list format, described below. The length of <b>protos</b> is specified in <b>protos_len</b>.</p>
+
+<p>SSL_CTX_set_alpn_select_cb() sets the application callback <b>cb</b> used by a server to select which protocol to use for the incoming connection. When <b>cb</b> is NULL, ALPN is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p><b>cb</b> is the application defined callback. The <b>in</b>, <b>inlen</b> parameters are a vector in protocol-list format. The value of the <b>out</b>, <b>outlen</b> vector should be set to the value of a single protocol selected from the <b>in</b>, <b>inlen</b> vector. The <b>out</b> buffer may point directly into <b>in</b>, or to a buffer that outlives the handshake. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_alpn_select_cb().</p>
+
+<p>SSL_select_next_proto() is a helper function used to select protocols. It implements the standard protocol selection. It is expected that this function is called from the application callback <b>cb</b>. The protocol data in <b>server</b>, <b>server_len</b> and <b>client</b>, <b>client_len</b> must be in the protocol-list format described below. The first item in the <b>server</b>, <b>server_len</b> list that matches an item in the <b>client</b>, <b>client_len</b> list is selected, and returned in <b>out</b>, <b>outlen</b>. The <b>out</b> value will point into either <b>server</b> or <b>client</b>, so it should be copied immediately. If no match is found, the first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>. This function can also be used in the NPN callback.</p>
+
+<p>SSL_CTX_set_next_proto_select_cb() sets a callback <b>cb</b> that is called when a client needs to select a protocol from the server&#39;s provided list, and a user-defined pointer argument <b>arg</b> which will be passed to this callback. For the callback itself, <b>out</b> must be set to point to the selected protocol (which may be within <b>in</b>). The length of the protocol name must be written into <b>outlen</b>. The server&#39;s advertised protocols are provided in <b>in</b> and <b>inlen</b>. The callback can assume that <b>in</b> is syntactically valid. The client must select a protocol. It is fatal to the connection if this callback returns a value other than <b>SSL_TLSEXT_ERR_OK</b>. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().</p>
+
+<p>SSL_CTX_set_next_protos_advertised_cb() sets a callback <b>cb</b> that is called when a TLS server needs a list of supported protocols for Next Protocol Negotiation. The returned list must be in protocol-list format, described below. The list is returned by setting <b>out</b> to point to it and <b>outlen</b> to its length. This memory will not be modified, but the <b>SSL</b> does keep a reference to it. The callback should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<p>SSL_get0_alpn_selected() returns a pointer to the selected protocol in <b>data</b> with length <b>len</b>. It is not NUL-terminated. <b>data</b> is set to NULL and <b>len</b> is set to 0 if no protocol has been selected. <b>data</b> must not be freed.</p>
+
+<p>SSL_get0_next_proto_negotiated() sets <b>data</b> and <b>len</b> to point to the client&#39;s requested protocol for this connection. If the client did not request any protocol or NPN is not enabled, then <b>data</b> is set to NULL and <b>len</b> to 0. Note that the client can request any protocol it chooses. The value returned from this function need not be a member of the list of supported protocols provided by the callback.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. The length of the vector is not in the vector itself, but in a separate variable.</p>
+
+<p>Example:</p>
+
+<pre><code> unsigned char vector[] = {
+     6, &#39;s&#39;, &#39;p&#39;, &#39;d&#39;, &#39;y&#39;, &#39;/&#39;, &#39;1&#39;,
+     8, &#39;h&#39;, &#39;t&#39;, &#39;t&#39;, &#39;p&#39;, &#39;/&#39;, &#39;1&#39;, &#39;.&#39;, &#39;1&#39;
+ };
+ unsigned int length = sizeof(vector);</code></pre>
+
+<p>The ALPN callback is executed after the servername callback; as that servername callback may update the SSL_CTX, and subsequently, the ALPN callback.</p>
+
+<p>If there is no ALPN proposed in the ClientHello, the ALPN callback is not invoked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and non-0 on failure. WARNING: these functions reverse the return value convention.</p>
+
+<p>SSL_select_next_proto() returns one of the following:</p>
+
+<dl>
+
+<dt id="OPENSSL_NPN_NEGOTIATED">OPENSSL_NPN_NEGOTIATED</dt>
+<dd>
+
+<p>A match was found and is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+<dt id="OPENSSL_NPN_NO_OVERLAP">OPENSSL_NPN_NO_OVERLAP</dt>
+<dd>
+
+<p>No match was found. The first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+</dl>
+
+<p>The ALPN select callback <b>cb</b>, must return one of the following:</p>
+
+<dl>
+
+<dt id="SSL_TLSEXT_ERR_OK">SSL_TLSEXT_ERR_OK</dt>
+<dd>
+
+<p>ALPN protocol selected.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_ALERT_FATAL">SSL_TLSEXT_ERR_ALERT_FATAL</dt>
+<dd>
+
+<p>There was no overlap between the client&#39;s supplied list and the server configuration.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_NOACK">SSL_TLSEXT_ERR_NOACK</dt>
+<dd>
+
+<p>ALPN protocol not selected, e.g., because no ALPN protocols are configured for this connection.</p>
+
+</dd>
+</dl>
+
+<p>The callback set using SSL_CTX_set_next_proto_select_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if successful. Any other value is fatal to the connection.</p>
+
+<p>The callback set using SSL_CTX_set_next_protos_advertised_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_arg.html">SSL_CTX_set_tlsext_servername_arg(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_next_protos_advertised_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_next_protos_advertised_cb.html
new file mode 100644
index 000000000..2c1cda006
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_next_protos_advertised_cb.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_alpn_select_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb, SSL_CTX_set_next_protos_advertised_cb, SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated - handle application layer protocol negotiation (ALPN)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                             unsigned int protos_len);
+ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                         unsigned int protos_len);
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                 int (*cb) (SSL *ssl,
+                                            const unsigned char **out,
+                                            unsigned char *outlen,
+                                            const unsigned char *in,
+                                            unsigned int inlen,
+                                            void *arg), void *arg);
+ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                            int (*cb)(SSL *ssl,
+                                                      const unsigned char **out,
+                                                      unsigned int *outlen,
+                                                      void *arg),
+                                            void *arg);
+ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                               int (*cb)(SSL *s,
+                                         unsigned char **out,
+                                         unsigned char *outlen,
+                                         const unsigned char *in,
+                                         unsigned int inlen,
+                                         void *arg),
+                               void *arg);
+ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           const unsigned char *server,
+                           unsigned int server_len,
+                           const unsigned char *client,
+                           unsigned int client_len)
+ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                             unsigned *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to set the list of protocols available to be negotiated. The <b>protos</b> must be in protocol-list format, described below. The length of <b>protos</b> is specified in <b>protos_len</b>.</p>
+
+<p>SSL_CTX_set_alpn_select_cb() sets the application callback <b>cb</b> used by a server to select which protocol to use for the incoming connection. When <b>cb</b> is NULL, ALPN is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p><b>cb</b> is the application defined callback. The <b>in</b>, <b>inlen</b> parameters are a vector in protocol-list format. The value of the <b>out</b>, <b>outlen</b> vector should be set to the value of a single protocol selected from the <b>in</b>, <b>inlen</b> vector. The <b>out</b> buffer may point directly into <b>in</b>, or to a buffer that outlives the handshake. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_alpn_select_cb().</p>
+
+<p>SSL_select_next_proto() is a helper function used to select protocols. It implements the standard protocol selection. It is expected that this function is called from the application callback <b>cb</b>. The protocol data in <b>server</b>, <b>server_len</b> and <b>client</b>, <b>client_len</b> must be in the protocol-list format described below. The first item in the <b>server</b>, <b>server_len</b> list that matches an item in the <b>client</b>, <b>client_len</b> list is selected, and returned in <b>out</b>, <b>outlen</b>. The <b>out</b> value will point into either <b>server</b> or <b>client</b>, so it should be copied immediately. If no match is found, the first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>. This function can also be used in the NPN callback.</p>
+
+<p>SSL_CTX_set_next_proto_select_cb() sets a callback <b>cb</b> that is called when a client needs to select a protocol from the server&#39;s provided list, and a user-defined pointer argument <b>arg</b> which will be passed to this callback. For the callback itself, <b>out</b> must be set to point to the selected protocol (which may be within <b>in</b>). The length of the protocol name must be written into <b>outlen</b>. The server&#39;s advertised protocols are provided in <b>in</b> and <b>inlen</b>. The callback can assume that <b>in</b> is syntactically valid. The client must select a protocol. It is fatal to the connection if this callback returns a value other than <b>SSL_TLSEXT_ERR_OK</b>. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().</p>
+
+<p>SSL_CTX_set_next_protos_advertised_cb() sets a callback <b>cb</b> that is called when a TLS server needs a list of supported protocols for Next Protocol Negotiation. The returned list must be in protocol-list format, described below. The list is returned by setting <b>out</b> to point to it and <b>outlen</b> to its length. This memory will not be modified, but the <b>SSL</b> does keep a reference to it. The callback should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<p>SSL_get0_alpn_selected() returns a pointer to the selected protocol in <b>data</b> with length <b>len</b>. It is not NUL-terminated. <b>data</b> is set to NULL and <b>len</b> is set to 0 if no protocol has been selected. <b>data</b> must not be freed.</p>
+
+<p>SSL_get0_next_proto_negotiated() sets <b>data</b> and <b>len</b> to point to the client&#39;s requested protocol for this connection. If the client did not request any protocol or NPN is not enabled, then <b>data</b> is set to NULL and <b>len</b> to 0. Note that the client can request any protocol it chooses. The value returned from this function need not be a member of the list of supported protocols provided by the callback.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. The length of the vector is not in the vector itself, but in a separate variable.</p>
+
+<p>Example:</p>
+
+<pre><code> unsigned char vector[] = {
+     6, &#39;s&#39;, &#39;p&#39;, &#39;d&#39;, &#39;y&#39;, &#39;/&#39;, &#39;1&#39;,
+     8, &#39;h&#39;, &#39;t&#39;, &#39;t&#39;, &#39;p&#39;, &#39;/&#39;, &#39;1&#39;, &#39;.&#39;, &#39;1&#39;
+ };
+ unsigned int length = sizeof(vector);</code></pre>
+
+<p>The ALPN callback is executed after the servername callback; as that servername callback may update the SSL_CTX, and subsequently, the ALPN callback.</p>
+
+<p>If there is no ALPN proposed in the ClientHello, the ALPN callback is not invoked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and non-0 on failure. WARNING: these functions reverse the return value convention.</p>
+
+<p>SSL_select_next_proto() returns one of the following:</p>
+
+<dl>
+
+<dt id="OPENSSL_NPN_NEGOTIATED">OPENSSL_NPN_NEGOTIATED</dt>
+<dd>
+
+<p>A match was found and is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+<dt id="OPENSSL_NPN_NO_OVERLAP">OPENSSL_NPN_NO_OVERLAP</dt>
+<dd>
+
+<p>No match was found. The first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+</dl>
+
+<p>The ALPN select callback <b>cb</b>, must return one of the following:</p>
+
+<dl>
+
+<dt id="SSL_TLSEXT_ERR_OK">SSL_TLSEXT_ERR_OK</dt>
+<dd>
+
+<p>ALPN protocol selected.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_ALERT_FATAL">SSL_TLSEXT_ERR_ALERT_FATAL</dt>
+<dd>
+
+<p>There was no overlap between the client&#39;s supplied list and the server configuration.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_NOACK">SSL_TLSEXT_ERR_NOACK</dt>
+<dd>
+
+<p>ALPN protocol not selected, e.g., because no ALPN protocols are configured for this connection.</p>
+
+</dd>
+</dl>
+
+<p>The callback set using SSL_CTX_set_next_proto_select_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if successful. Any other value is fatal to the connection.</p>
+
+<p>The callback set using SSL_CTX_set_next_protos_advertised_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_arg.html">SSL_CTX_set_tlsext_servername_arg(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_num_tickets.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_num_tickets.html
new file mode 100644
index 000000000..94cc9b7e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_num_tickets.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_num_tickets</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_num_tickets, SSL_get_num_tickets, SSL_CTX_set_num_tickets, SSL_CTX_get_num_tickets - control the number of TLSv1.3 session tickets that are issued</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set_num_tickets(SSL *s, size_t num_tickets);
+ size_t SSL_get_num_tickets(SSL *s);
+ int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
+ size_t SSL_CTX_get_num_tickets(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_num_tickets() and SSL_set_num_tickets() can be called for a server application and set the number of TLSv1.3 session tickets that will be sent to the client after a full handshake. Set the desired value (which could be 0) in the <b>num_tickets</b> argument. Typically these functions should be called before the start of the handshake.</p>
+
+<p>The default number of tickets is 2; the default number of tickets sent following a resumption handshake is 1 but this cannot be changed using these functions. The number of tickets following a resumption handshake can be reduced to 0 using custom session ticket callbacks (see <a href="../man3/SSL_CTX_set_session_ticket_cb.html">SSL_CTX_set_session_ticket_cb(3)</a>).</p>
+
+<p>Tickets are also issued on receipt of a post-handshake certificate from the client following a request by the server using <a href="../man3/SSL_verify_client_post_handshake.html">SSL_verify_client_post_handshake(3)</a>. These new tickets will be associated with the updated client identity (i.e. including their certificate and verification status). The number of tickets issued will normally be the same as was used for the initial handshake. If the initial handshake was a full handshake then SSL_set_num_tickets() can be called again prior to calling SSL_verify_client_post_handshake() to update the number of tickets that will be sent.</p>
+
+<p>SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets set by a previous call to SSL_CTX_set_num_tickets() or SSL_set_num_tickets(), or 2 if no such call has been made.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_num_tickets() and SSL_set_num_tickets() return 1 on success or 0 on failure.</p>
+
+<p>SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets that have been previously set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_options.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_options.html
new file mode 100644
index 000000000..b45ee0128
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_options.html
@@ -0,0 +1,350 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_options</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SECURE-RENEGOTIATION">SECURE RENEGOTIATION</a>
+    <ul>
+      <li><a href="#Patched-client-and-server">Patched client and server</a></li>
+      <li><a href="#Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</a></li>
+      <li><a href="#Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_options() adds the options set via bitmask in <b>options</b> to <b>ctx</b>. Options already set before are not cleared!</p>
+
+<p>SSL_set_options() adds the options set via bitmask in <b>options</b> to <b>ssl</b>. Options already set before are not cleared!</p>
+
+<p>SSL_CTX_clear_options() clears the options set via bitmask in <b>options</b> to <b>ctx</b>.</p>
+
+<p>SSL_clear_options() clears the options set via bitmask in <b>options</b> to <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_options() returns the options set for <b>ctx</b>.</p>
+
+<p>SSL_get_options() returns the options set for <b>ssl</b>.</p>
+
+<p>SSL_get_secure_renegotiation_support() indicates whether the peer supports secure renegotiation. Note, this is implemented via a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of the SSL library can be changed by setting several options. The options are coded as bitmasks and can be combined by a bitwise <b>or</b> operation (|).</p>
+
+<p>SSL_CTX_set_options() and SSL_set_options() affect the (external) protocol behaviour of the SSL library. The (internal) behaviour of the API can be changed by using the similar <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> and SSL_set_mode() functions.</p>
+
+<p>During a handshake, the option settings of the SSL object are used. When a new SSL object is created from a context using SSL_new(), the current option setting is copied. Changes to <b>ctx</b> do not affect already created SSL objects. SSL_clear() does not affect the settings.</p>
+
+<p>The following <b>bug workaround</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_SAFARI_ECDHE_ECDSA_BUG">SSL_OP_SAFARI_ECDHE_ECDSA_BUG</dt>
+<dd>
+
+<p>Don&#39;t prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS">SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</dt>
+<dd>
+
+<p>Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_TLSEXT_PADDING">SSL_OP_TLSEXT_PADDING</dt>
+<dd>
+
+<p>Adds a padding extension to ensure the ClientHello size is never between 256 and 511 bytes in length. This is needed as a workaround for some implementations.</p>
+
+</dd>
+<dt id="SSL_OP_ALL">SSL_OP_ALL</dt>
+<dd>
+
+<p>All of the above bug workarounds plus <b>SSL_OP_LEGACY_SERVER_CONNECT</b> as mentioned below.</p>
+
+</dd>
+</dl>
+
+<p>It is usually safe to use <b>SSL_OP_ALL</b> to enable the bug workaround options if compatibility with somewhat broken implementations is desired.</p>
+
+<p>The following <b>modifying</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_TLS_ROLLBACK_BUG">SSL_OP_TLS_ROLLBACK_BUG</dt>
+<dd>
+
+<p>Disable version rollback attack detection.</p>
+
+<p>During the client key exchange, the client must send the same information about acceptable SSL/TLS protocol levels as during the first hello. Some clients violate this rule by adapting to the server&#39;s answer. (Example: the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server only understands up to SSLv3. In this case the client must still use the same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect to the server&#39;s answer and violate the version rollback protection.)</p>
+
+</dd>
+<dt id="SSL_OP_CIPHER_SERVER_PREFERENCE">SSL_OP_CIPHER_SERVER_PREFERENCE</dt>
+<dd>
+
+<p>When choosing a cipher, use the server&#39;s preferences instead of the client preferences. When not set, the SSL server will always follow the clients preferences. When set, the SSL/TLS server will choose following its own preferences.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SSLv3-SSL_OP_NO_TLSv1-SSL_OP_NO_TLSv1_1-SSL_OP_NO_TLSv1_2-SSL_OP_NO_TLSv1_3-SSL_OP_NO_DTLSv1-SSL_OP_NO_DTLSv1_2">SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2</dt>
+<dd>
+
+<p>These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively. As of OpenSSL 1.1.0, these options are deprecated, use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> and <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> instead.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION">SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</dt>
+<dd>
+
+<p>When performing renegotiation as a server, always start a new session (i.e., session resumption requests are only accepted in the initial handshake). This option is not needed for clients.</p>
+
+</dd>
+<dt id="SSL_OP_NO_COMPRESSION">SSL_OP_NO_COMPRESSION</dt>
+<dd>
+
+<p>Do not use compression even if it is supported.</p>
+
+</dd>
+<dt id="SSL_OP_NO_QUERY_MTU">SSL_OP_NO_QUERY_MTU</dt>
+<dd>
+
+<p>Do not query the MTU. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_COOKIE_EXCHANGE">SSL_OP_COOKIE_EXCHANGE</dt>
+<dd>
+
+<p>Turn on Cookie Exchange as described in RFC4347 Section 4.2.1. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_NO_TICKET">SSL_OP_NO_TICKET</dt>
+<dd>
+
+<p>SSL/TLS supports two mechanisms for resuming sessions: session ids and stateless session tickets.</p>
+
+<p>When using session ids a copy of the session information is cached on the server and a unique id is sent to the client. When the client wishes to resume it provides the unique id so that the server can retrieve the session information from its cache.</p>
+
+<p>When using stateless session tickets the server uses a session ticket encryption key to encrypt the session information. This encrypted data is sent to the client as a &quot;ticket&quot;. When the client wishes to resume it sends the encrypted data back to the server. The server uses its key to decrypt the data and resume the session. In this way the server can operate statelessly - no session information needs to be cached locally.</p>
+
+<p>The TLSv1.3 protocol only supports tickets and does not directly support session ids. However OpenSSL allows two modes of ticket operation in TLSv1.3: stateful and stateless. Stateless tickets work the same way as in TLSv1.2 and below. Stateful tickets mimic the session id behaviour available in TLSv1.2 and below. The session information is cached on the server and the session id is wrapped up in a ticket and sent back to the client. When the client wishes to resume, it presents a ticket in the same way as for stateless tickets. The server can then extract the session id from the ticket and retrieve the session information from its cache.</p>
+
+<p>By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET option will cause stateless tickets to not be issued. In TLSv1.2 and below this means no ticket gets sent to the client at all. In TLSv1.3 a stateful ticket will be sent. This is a server-side option only.</p>
+
+<p>In TLSv1.3 it is possible to suppress all tickets (stateful and stateless) from being sent by calling <a href="../man3/SSL_CTX_set_num_tickets.html">SSL_CTX_set_num_tickets(3)</a> or <a href="../man3/SSL_set_num_tickets.html">SSL_set_num_tickets(3)</a>.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION">SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_LEGACY_SERVER_CONNECT">SSL_OP_LEGACY_SERVER_CONNECT</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched servers <b>only</b>: this option is currently set by default. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ENCRYPT_THEN_MAC">SSL_OP_NO_ENCRYPT_THEN_MAC</dt>
+<dd>
+
+<p>Normally clients and servers will transparently attempt to negotiate the RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.</p>
+
+<p>If this option is set, Encrypt-then-MAC is disabled. Clients will not propose, and servers will not accept the extension.</p>
+
+</dd>
+<dt id="SSL_OP_NO_RENEGOTIATION">SSL_OP_NO_RENEGOTIATION</dt>
+<dd>
+
+<p>Disable all renegotiation in TLSv1.2 and earlier. Do not send HelloRequest messages, and ignore renegotiation requests via ClientHello.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_NO_DHE_KEX">SSL_OP_ALLOW_NO_DHE_KEX</dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="SSL_OP_PRIORITIZE_CHACHA">SSL_OP_PRIORITIZE_CHACHA</dt>
+<dd>
+
+<p>When SSL_OP_CIPHER_SERVER_PREFERENCE is set, temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers. Requires <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>.</p>
+
+</dd>
+<dt id="SSL_OP_ENABLE_MIDDLEBOX_COMPAT">SSL_OP_ENABLE_MIDDLEBOX_COMPAT</dt>
+<dd>
+
+<p>If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. Regardless of whether this option is set or not CCS messages received from the peer will always be ignored in TLSv1.3. This option is set by default. To switch it off use SSL_clear_options(). A future version of OpenSSL may not set this by default.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ANTI_REPLAY">SSL_OP_NO_ANTI_REPLAY</dt>
+<dd>
+
+<p>By default, when a server is configured for early data (i.e., max_early_data &gt; 0), OpenSSL will switch on replay protection. See <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a> for a description of the replay protection feature. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built in OpenSSL functionality is not required. Those applications can turn this feature off by setting this option. This is a server-side opton only. It is ignored by clients.</p>
+
+</dd>
+</dl>
+
+<p>The following options no longer have any effect but their identifiers are retained for compatibility purposes:</p>
+
+<dl>
+
+<dt id="SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG">SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER">SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLEAY_080_CLIENT_DH_BUG">SSL_OP_SSLEAY_080_CLIENT_DH_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_D5_BUG">SSL_OP_TLS_D5_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_BLOCK_PADDING_BUG">SSL_OP_TLS_BLOCK_PADDING_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MSIE_SSLV2_RSA_PADDING">SSL_OP_MSIE_SSLV2_RSA_PADDING</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG">SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_SESS_ID_BUG">SSL_OP_MICROSOFT_SESS_ID_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_NETSCAPE_CHALLENGE_BUG">SSL_OP_NETSCAPE_CHALLENGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_1">SSL_OP_PKCS1_CHECK_1</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_2">SSL_OP_PKCS1_CHECK_2</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_DH_USE">SSL_OP_SINGLE_DH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_ECDH_USE">SSL_OP_SINGLE_ECDH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_EPHEMERAL_RSA">SSL_OP_EPHEMERAL_RSA</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h1 id="SECURE-RENEGOTIATION">SECURE RENEGOTIATION</h1>
+
+<p>OpenSSL always attempts to use secure renegotiation as described in RFC5746. This counters the prefix attack described in CVE-2009-3555 and elsewhere.</p>
+
+<p>This attack has far reaching consequences which application writers should be aware of. In the description below an implementation supporting secure renegotiation is referred to as <i>patched</i>. A server not supporting secure renegotiation is referred to as <i>unpatched</i>.</p>
+
+<p>The following sections describe the operations permitted by OpenSSL&#39;s secure renegotiation implementation.</p>
+
+<h2 id="Patched-client-and-server">Patched client and server</h2>
+
+<p>Connections and renegotiation are always permitted by OpenSSL implementations.</p>
+
+<h2 id="Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</h2>
+
+<p>The initial connection succeeds but client renegotiation is denied by the server with a <b>no_renegotiation</b> warning alert if TLS v1.0 is used or a fatal <b>handshake_failure</b> alert in SSL v3.0.</p>
+
+<p>If the patched OpenSSL server attempts to renegotiate a fatal <b>handshake_failure</b> alert is sent. This is because the server code may be unaware of the unpatched nature of the client.</p>
+
+<p>If the option <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then renegotiation <b>always</b> succeeds.</p>
+
+<h2 id="Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</h2>
+
+<p>If the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> or <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then initial connections and renegotiation between patched OpenSSL clients and unpatched servers succeeds. If neither option is set then initial connections to unpatched servers will fail.</p>
+
+<p>The option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> is currently set by default even though it has security implications: otherwise it would be impossible to connect to unpatched servers (i.e. all of them initially) and this is clearly not acceptable. Renegotiation is permitted because this does not add any additional security issues: during an attack clients do not see any renegotiations anyway.</p>
+
+<p>As more servers become patched the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> will <b>not</b> be set by default in a future version of OpenSSL.</p>
+
+<p>OpenSSL client applications wishing to ensure they can connect to unpatched servers should always <b>set</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b></p>
+
+<p>OpenSSL client applications that want to ensure they can <b>not</b> connect to unpatched servers (and thus avoid any security issues) should always <b>clear</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b> using SSL_CTX_clear_options() or SSL_clear_options().</p>
+
+<p>The difference between the <b>SSL_OP_LEGACY_SERVER_CONNECT</b> and <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> options is that <b>SSL_OP_LEGACY_SERVER_CONNECT</b> enables initial connections and secure renegotiation between OpenSSL clients and unpatched servers <b>only</b>, while <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> allows initial connections and renegotiation between OpenSSL and unpatched clients or servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_options() and SSL_set_options() return the new options bitmask after adding <b>options</b>.</p>
+
+<p>SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask after clearing <b>options</b>.</p>
+
+<p>SSL_CTX_get_options() and SSL_get_options() return the current bitmask.</p>
+
+<p>SSL_get_secure_renegotiation_support() returns 1 is the peer supports secure renegotiation and 0 if it does not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The attempt to always try to use secure renegotiation was added in OpenSSL 0.9.8m.</p>
+
+<p>The <b>SSL_OP_PRIORITIZE_CHACHA</b> and <b>SSL_OP_NO_RENEGOTIATION</b> options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_post_handshake_auth.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_post_handshake_auth.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_post_handshake_auth.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_client_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_client_callback.html
new file mode 100644
index 000000000..2e073abef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_client_callback.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_psk_client_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_client_cb_func, SSL_psk_use_session_cb_func, SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback, SSL_CTX_set_psk_use_session_callback, SSL_set_psk_use_session_callback - set PSK client callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_use_session_cb_func)(SSL *ssl, const EVP_MD *md,
+                                            const unsigned char **id,
+                                            size_t *idlen,
+                                            SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
+                                           SSL_psk_use_session_cb_func cb);
+ void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
+
+
+ typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+                                                const char *hint,
+                                                char *identity,
+                                                unsigned int max_identity_len,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+ void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should use either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate. These functions cannot be used for TLSv1.2 and below PSKs.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b>.</p>
+
+<p>The first time the callback is called for a connection the <b>md</b> parameter is NULL. In some circumstances the callback will be called a second time. In that case the server will have specified a ciphersuite to use already and the PSK must be compatible with the digest for that ciphersuite. The digest will be given in <b>md</b>. The PSK returned by the callback is allowed to be different between the first and second time it is called.</p>
+
+<p>On successful completion the callback must store a pointer to an identifier for the PSK in <b>*id</b>. The identifier length in bytes should be stored in <b>*idlen</b>. The memory pointed to by <b>*id</b> remains owned by the application and should be freed by it as required at any point after the handshake is complete.</p>
+
+<p>Additionally the callback should store a pointer to an SSL_SESSION object in <b>*sess</b>. This is used as the basis for the PSK, and should, at a minimum, have the following fields set:</p>
+
+<dl>
+
+<dt id="The-master-key">The master key</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set1_master_key.html">SSL_SESSION_set1_master_key(3)</a>.</p>
+
+</dd>
+<dt id="A-ciphersuite">A ciphersuite</dt>
+<dd>
+
+<p>Only the handshake digest associated with the ciphersuite is relevant for the PSK (the server may go on to negotiate any ciphersuite which is compatible with the digest). The application can use any TLSv1.3 ciphersuite. If <b>md</b> is not NULL the handshake digest for the ciphersuite should be the same. The ciphersuite can be set via a call to &lt;SSL_SESSION_set_cipher(3)&gt;. The handshake digest of an SSL_CIPHER object can be checked using &lt;SSL_CIPHER_get_handshake_digest(3)&gt;.</p>
+
+</dd>
+<dt id="The-protocol-version">The protocol version</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set_protocol_version.html">SSL_SESSION_set_protocol_version(3)</a> and should be TLS1_3_VERSION.</p>
+
+</dd>
+</dl>
+
+<p>Additionally the maximum early data value should be set via a call to <a href="../man3/SSL_SESSION_set_max_early_data.html">SSL_SESSION_set_max_early_data(3)</a> if the PSK will be used for sending early data.</p>
+
+<p>Alternatively an SSL_SESSION created from a previous non-PSK handshake may also be used as the basis for a PSK.</p>
+
+<p>Ownership of the SSL_SESSION object is passed to the OpenSSL library and so it should not be freed by the application.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be sent to the server but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL. The contents of <b>*id</b> and <b>*idlen</b> will be ignored.</p>
+
+<p>A client application wishing to use PSK ciphersuites for TLSv1.2 and below must provide a different callback function. This function will be called when the client is sending the ClientKeyExchange message to the server.</p>
+
+<p>The purpose of the callback function is to select the PSK identity and the pre-shared key to use during the connection setup phase.</p>
+
+<p>The callback is set using functions SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback(). The callback function is given the connection in parameter <b>ssl</b>, a <b>NULL</b>-terminated PSK identity hint sent by the server in parameter <b>hint</b>, a buffer <b>identity</b> of length <b>max_identity_len</b> bytes where the resulting <b>NUL</b>-terminated identity is to be stored, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the resulting pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback() and use that. In this case the <b>hint</b> value will always be NULL and the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Note that parameter <b>hint</b> given to the callback may be <b>NULL</b>.</p>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Return values from the <b>SSL_psk_client_cb_func</b> callback are interpreted as follows:</p>
+
+<p>On success (callback found a PSK identity and a pre-shared key to use) the length (&gt; 0) of <b>psk</b> in bytes is returned.</p>
+
+<p>Otherwise or on errors the callback should return 0. In this case the connection setup fails.</p>
+
+<p>The SSL_psk_use_session_cb_func callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_find_session_callback.html">SSL_CTX_set_psk_find_session_callback(3)</a>, <a href="../man3/SSL_set_psk_find_session_callback.html">SSL_set_psk_find_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_use_session_callback() and SSL_set_psk_use_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_find_session_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_find_session_callback.html
new file mode 100644
index 000000000..59a43d097
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_find_session_callback.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_psk_identity_hint</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_server_cb_func, SSL_psk_find_session_cb_func, SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint, SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback, SSL_CTX_set_psk_find_session_callback, SSL_set_psk_find_session_callback - set PSK identity hint to use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+                                             const unsigned char *identity,
+                                             size_t identity_len,
+                                             SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+                                            SSL_psk_find_session_cb_func cb);
+ void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+
+ typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                                const char *identity,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+ void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should set a callback using either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b> and an identity in <b>identity</b> of length <b>identity_len</b>. The callback function should identify an SSL_SESSION object that provides the PSK details and store it in <b>*sess</b>. The SSL_SESSION object should, as a minimum, set the master key, the ciphersuite and the protocol version. See <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a> for details.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be used but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL.</p>
+
+<p>Identity hints are not relevant for TLSv1.3. A server application wishing to use PSK ciphersuites for TLSv1.2 and below may call SSL_CTX_use_psk_identity_hint() to set the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for SSL context object <b>ctx</b>. SSL_use_psk_identity_hint() sets the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for the SSL connection object <b>ssl</b>. If <b>hint</b> is <b>NULL</b> the current hint from <b>ctx</b> or <b>ssl</b> is deleted.</p>
+
+<p>In the case where PSK identity hint is <b>NULL</b>, the server does not send the ServerKeyExchange message to the client.</p>
+
+<p>A server application wishing to use PSKs for TLSv1.2 and below must provide a callback function which is called when the server receives the ClientKeyExchange message from the client. The purpose of the callback function is to validate the received PSK identity and to fetch the pre-shared key used during the connection setup phase. The callback is set using the functions SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback(). The callback function is given the connection in parameter <b>ssl</b>, <b>NUL</b>-terminated PSK identity sent by the client in parameter <b>identity</b>, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback() and use that. In this case the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>SSL_CTX_use_psk_identity_hint()</b> and <b>SSL_use_psk_identity_hint()</b> return 1 on success, 0 otherwise.</p>
+
+<p>Return values from the TLSv1.2 and below server callback are interpreted as follows:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>PSK identity was not found. An &quot;unknown_psk_identity&quot; alert message will be sent and the connection setup fails.</p>
+
+</dd>
+<dt id="pod01">&gt;0</dt>
+<dd>
+
+<p>PSK identity was found and the server callback has provided the PSK successfully in parameter <b>psk</b>. Return value is the length of <b>psk</b> in bytes. It is an error to return a value greater than <b>max_psk_len</b>.</p>
+
+<p>If the PSK identity was not found but the callback instructs the protocol to continue anyway, the callback must provide some random data to <b>psk</b> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely.</p>
+
+</dd>
+</dl>
+
+<p>The <b>SSL_psk_find_session_cb_func</b> callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man3/SSL_set_psk_use_session_callback.html">SSL_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_find_session_callback() and SSL_set_psk_find_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_server_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_server_callback.html
new file mode 100644
index 000000000..59a43d097
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_server_callback.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_psk_identity_hint</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_server_cb_func, SSL_psk_find_session_cb_func, SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint, SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback, SSL_CTX_set_psk_find_session_callback, SSL_set_psk_find_session_callback - set PSK identity hint to use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+                                             const unsigned char *identity,
+                                             size_t identity_len,
+                                             SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+                                            SSL_psk_find_session_cb_func cb);
+ void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+
+ typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                                const char *identity,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+ void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should set a callback using either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b> and an identity in <b>identity</b> of length <b>identity_len</b>. The callback function should identify an SSL_SESSION object that provides the PSK details and store it in <b>*sess</b>. The SSL_SESSION object should, as a minimum, set the master key, the ciphersuite and the protocol version. See <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a> for details.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be used but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL.</p>
+
+<p>Identity hints are not relevant for TLSv1.3. A server application wishing to use PSK ciphersuites for TLSv1.2 and below may call SSL_CTX_use_psk_identity_hint() to set the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for SSL context object <b>ctx</b>. SSL_use_psk_identity_hint() sets the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for the SSL connection object <b>ssl</b>. If <b>hint</b> is <b>NULL</b> the current hint from <b>ctx</b> or <b>ssl</b> is deleted.</p>
+
+<p>In the case where PSK identity hint is <b>NULL</b>, the server does not send the ServerKeyExchange message to the client.</p>
+
+<p>A server application wishing to use PSKs for TLSv1.2 and below must provide a callback function which is called when the server receives the ClientKeyExchange message from the client. The purpose of the callback function is to validate the received PSK identity and to fetch the pre-shared key used during the connection setup phase. The callback is set using the functions SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback(). The callback function is given the connection in parameter <b>ssl</b>, <b>NUL</b>-terminated PSK identity sent by the client in parameter <b>identity</b>, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback() and use that. In this case the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>SSL_CTX_use_psk_identity_hint()</b> and <b>SSL_use_psk_identity_hint()</b> return 1 on success, 0 otherwise.</p>
+
+<p>Return values from the TLSv1.2 and below server callback are interpreted as follows:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>PSK identity was not found. An &quot;unknown_psk_identity&quot; alert message will be sent and the connection setup fails.</p>
+
+</dd>
+<dt id="pod01">&gt;0</dt>
+<dd>
+
+<p>PSK identity was found and the server callback has provided the PSK successfully in parameter <b>psk</b>. Return value is the length of <b>psk</b> in bytes. It is an error to return a value greater than <b>max_psk_len</b>.</p>
+
+<p>If the PSK identity was not found but the callback instructs the protocol to continue anyway, the callback must provide some random data to <b>psk</b> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely.</p>
+
+</dd>
+</dl>
+
+<p>The <b>SSL_psk_find_session_cb_func</b> callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man3/SSL_set_psk_use_session_callback.html">SSL_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_find_session_callback() and SSL_set_psk_find_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_use_session_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_use_session_callback.html
new file mode 100644
index 000000000..2e073abef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_use_session_callback.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_psk_client_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_client_cb_func, SSL_psk_use_session_cb_func, SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback, SSL_CTX_set_psk_use_session_callback, SSL_set_psk_use_session_callback - set PSK client callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_use_session_cb_func)(SSL *ssl, const EVP_MD *md,
+                                            const unsigned char **id,
+                                            size_t *idlen,
+                                            SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
+                                           SSL_psk_use_session_cb_func cb);
+ void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
+
+
+ typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+                                                const char *hint,
+                                                char *identity,
+                                                unsigned int max_identity_len,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+ void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should use either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate. These functions cannot be used for TLSv1.2 and below PSKs.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b>.</p>
+
+<p>The first time the callback is called for a connection the <b>md</b> parameter is NULL. In some circumstances the callback will be called a second time. In that case the server will have specified a ciphersuite to use already and the PSK must be compatible with the digest for that ciphersuite. The digest will be given in <b>md</b>. The PSK returned by the callback is allowed to be different between the first and second time it is called.</p>
+
+<p>On successful completion the callback must store a pointer to an identifier for the PSK in <b>*id</b>. The identifier length in bytes should be stored in <b>*idlen</b>. The memory pointed to by <b>*id</b> remains owned by the application and should be freed by it as required at any point after the handshake is complete.</p>
+
+<p>Additionally the callback should store a pointer to an SSL_SESSION object in <b>*sess</b>. This is used as the basis for the PSK, and should, at a minimum, have the following fields set:</p>
+
+<dl>
+
+<dt id="The-master-key">The master key</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set1_master_key.html">SSL_SESSION_set1_master_key(3)</a>.</p>
+
+</dd>
+<dt id="A-ciphersuite">A ciphersuite</dt>
+<dd>
+
+<p>Only the handshake digest associated with the ciphersuite is relevant for the PSK (the server may go on to negotiate any ciphersuite which is compatible with the digest). The application can use any TLSv1.3 ciphersuite. If <b>md</b> is not NULL the handshake digest for the ciphersuite should be the same. The ciphersuite can be set via a call to &lt;SSL_SESSION_set_cipher(3)&gt;. The handshake digest of an SSL_CIPHER object can be checked using &lt;SSL_CIPHER_get_handshake_digest(3)&gt;.</p>
+
+</dd>
+<dt id="The-protocol-version">The protocol version</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set_protocol_version.html">SSL_SESSION_set_protocol_version(3)</a> and should be TLS1_3_VERSION.</p>
+
+</dd>
+</dl>
+
+<p>Additionally the maximum early data value should be set via a call to <a href="../man3/SSL_SESSION_set_max_early_data.html">SSL_SESSION_set_max_early_data(3)</a> if the PSK will be used for sending early data.</p>
+
+<p>Alternatively an SSL_SESSION created from a previous non-PSK handshake may also be used as the basis for a PSK.</p>
+
+<p>Ownership of the SSL_SESSION object is passed to the OpenSSL library and so it should not be freed by the application.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be sent to the server but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL. The contents of <b>*id</b> and <b>*idlen</b> will be ignored.</p>
+
+<p>A client application wishing to use PSK ciphersuites for TLSv1.2 and below must provide a different callback function. This function will be called when the client is sending the ClientKeyExchange message to the server.</p>
+
+<p>The purpose of the callback function is to select the PSK identity and the pre-shared key to use during the connection setup phase.</p>
+
+<p>The callback is set using functions SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback(). The callback function is given the connection in parameter <b>ssl</b>, a <b>NULL</b>-terminated PSK identity hint sent by the server in parameter <b>hint</b>, a buffer <b>identity</b> of length <b>max_identity_len</b> bytes where the resulting <b>NUL</b>-terminated identity is to be stored, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the resulting pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback() and use that. In this case the <b>hint</b> value will always be NULL and the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Note that parameter <b>hint</b> given to the callback may be <b>NULL</b>.</p>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Return values from the <b>SSL_psk_client_cb_func</b> callback are interpreted as follows:</p>
+
+<p>On success (callback found a PSK identity and a pre-shared key to use) the length (&gt; 0) of <b>psk</b> in bytes is returned.</p>
+
+<p>Otherwise or on errors the callback should return 0. In this case the connection setup fails.</p>
+
+<p>The SSL_psk_use_session_cb_func callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_find_session_callback.html">SSL_CTX_set_psk_find_session_callback(3)</a>, <a href="../man3/SSL_set_psk_find_session_callback.html">SSL_set_psk_find_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_use_session_callback() and SSL_set_psk_use_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_quiet_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_quiet_shutdown.html
new file mode 100644
index 000000000..7b96fc659
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_quiet_shutdown.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_quiet_shutdown</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown behaviour</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+ int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+
+ void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+ int SSL_get_quiet_shutdown(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_quiet_shutdown() sets the &quot;quiet shutdown&quot; flag for <b>ctx</b> to be <b>mode</b>. SSL objects created from <b>ctx</b> inherit the <b>mode</b> valid at the time <a href="../man3/SSL_new.html">SSL_new(3)</a> is called. <b>mode</b> may be 0 or 1.</p>
+
+<p>SSL_CTX_get_quiet_shutdown() returns the &quot;quiet shutdown&quot; setting of <b>ctx</b>.</p>
+
+<p>SSL_set_quiet_shutdown() sets the &quot;quiet shutdown&quot; flag for <b>ssl</b> to be <b>mode</b>. The setting stays valid until <b>ssl</b> is removed with <a href="../man3/SSL_free.html">SSL_free(3)</a> or SSL_set_quiet_shutdown() is called again. It is not changed when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called. <b>mode</b> may be 0 or 1.</p>
+
+<p>SSL_get_quiet_shutdown() returns the &quot;quiet shutdown&quot; setting of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Normally when a SSL connection is finished, the parties must send out close_notify alert messages using <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> for a clean shutdown.</p>
+
+<p>When setting the &quot;quiet shutdown&quot; flag to 1, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN. (<a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> then behaves like <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a> called with SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.) The session is thus considered to be shutdown, but no close_notify alert is sent to the peer. This behaviour violates the TLS standard.</p>
+
+<p>The default is normal shutdown behaviour as described by the TLS standard.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return diagnostic information.</p>
+
+<p>SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_read_ahead.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_read_ahead.html
new file mode 100644
index 000000000..ef56bb1b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_read_ahead.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_read_ahead</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_read_ahead, SSL_CTX_get_read_ahead, SSL_set_read_ahead, SSL_get_read_ahead, SSL_CTX_get_default_read_ahead - manage whether to read as many input bytes as possible</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_read_ahead(SSL *s, int yes);
+ int SSL_get_read_ahead(const SSL *s);
+
+ SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes);
+ long SSL_CTX_get_read_ahead(SSL_CTX *ctx);
+ long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_read_ahead() and SSL_set_read_ahead() set whether we should read as many input bytes as possible (for non-blocking reads) or not. For example if <b>x</b> bytes are currently required by OpenSSL, but <b>y</b> bytes are available from the underlying BIO (where <b>y</b> &gt; <b>x</b>), then OpenSSL will read all <b>y</b> bytes into its buffer (providing that the buffer is large enough) if reading ahead is on, or <b>x</b> bytes otherwise. Setting the parameter <b>yes</b> to 0 turns reading ahead is off, other values turn it on. SSL_CTX_set_default_read_ahead() is identical to SSL_CTX_set_read_ahead().</p>
+
+<p>SSL_CTX_get_read_ahead() and SSL_get_read_ahead() indicate whether reading ahead has been set or not. SSL_CTX_get_default_read_ahead() is identical to SSL_CTX_get_read_ahead().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions have no impact when used with DTLS. The return values for SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>Since SSL_read() can return <b>SSL_ERROR_WANT_READ</b> for non-application data records, and SSL_has_pending() can&#39;t tell the difference between processed and unprocessed data, it&#39;s recommended that if read ahead is turned on that <b>SSL_MODE_AUTO_RETRY</b> is not turned off using SSL_CTX_clear_mode(). That will prevent getting <b>SSL_ERROR_WANT_READ</b> when there is still a complete record availale that hasn&#39;t been processed.</p>
+
+<p>If the application wants to continue to use the underlying transport (e.g. TCP connection) after the SSL connection is finished using SSL_shutdown() reading ahead should be turned off. Otherwise the SSL structure might read data that it shouldn&#39;t.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_read_ahead() and SSL_CTX_get_read_ahead() return 0 if reading ahead is off, and non zero otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_record_padding_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_record_padding_callback.html
new file mode 100644
index 000000000..57d5c7c64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_record_padding_callback.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_record_padding_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_record_padding_callback, SSL_set_record_padding_callback, SSL_CTX_set_record_padding_callback_arg, SSL_set_record_padding_callback_arg, SSL_CTX_get_record_padding_callback_arg, SSL_get_record_padding_callback_arg, SSL_CTX_set_block_padding, SSL_set_block_padding - install callback to specify TLS 1.3 record padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+ void SSL_set_record_padding_callback(SSL *ssl, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+
+ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+
+ void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+ void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+
+ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+ int SSL_set_block_padding(SSL *ssl, size_t block_size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_record_padding_callback() or SSL_set_record_padding_callback() can be used to assign a callback function <i>cb</i> to specify the padding for TLS 1.3 records. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_set_record_padding_callback_arg() and SSL_set_record_padding_callback_arg() assign a value <b>arg</b> that is passed to the callback when it is invoked. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() retrieve the <b>arg</b> value that is passed to the callback.</p>
+
+<p>SSL_CTX_set_block_padding() and SSL_set_block_padding() pads the record to a multiple of the <b>block_size</b>. A <b>block_size</b> of 0 or 1 disables block padding. The limit of <b>block_size</b> is SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>The callback is invoked for every record before encryption. The <b>type</b> parameter is the TLS record type that is being processed; may be one of SSL3_RT_APPLICATION_DATA, SSL3_RT_HANDSHAKE, or SSL3_RT_ALERT. The <b>len</b> parameter is the current plaintext length of the record before encryption. The <b>arg</b> parameter is the value set via SSL_CTX_set_record_padding_callback_arg() or SSL_set_record_padding_callback_arg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() functions return the <b>arg</b> value assigned in the corresponding set functions.</p>
+
+<p>The SSL_CTX_set_block_padding() and SSL_set_block_padding() functions return 1 on success or 0 if <b>block_size</b> is too large.</p>
+
+<p>The <b>cb</b> returns the number of padding bytes to add to the record. A return of 0 indicates no padding will be added. A return value that causes the record to exceed the maximum record size (SSL3_RT_MAX_PLAIN_LENGTH) will pad out to the maximum record size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default behavior is to add no padding to the record.</p>
+
+<p>A user-supplied padding callback function will override the behavior set by SSL_set_block_padding() or SSL_CTX_set_block_padding(). Setting the user-supplied callback to NULL will restore the configured block padding behavior.</p>
+
+<p>These functions only apply to TLS 1.3 records being written.</p>
+
+<p>Padding bytes are not added in constant-time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The record padding API was added for TLS 1.3 support in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_record_padding_callback_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_record_padding_callback_arg.html
new file mode 100644
index 000000000..57d5c7c64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_record_padding_callback_arg.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_record_padding_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_record_padding_callback, SSL_set_record_padding_callback, SSL_CTX_set_record_padding_callback_arg, SSL_set_record_padding_callback_arg, SSL_CTX_get_record_padding_callback_arg, SSL_get_record_padding_callback_arg, SSL_CTX_set_block_padding, SSL_set_block_padding - install callback to specify TLS 1.3 record padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+ void SSL_set_record_padding_callback(SSL *ssl, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+
+ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+
+ void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+ void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+
+ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+ int SSL_set_block_padding(SSL *ssl, size_t block_size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_record_padding_callback() or SSL_set_record_padding_callback() can be used to assign a callback function <i>cb</i> to specify the padding for TLS 1.3 records. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_set_record_padding_callback_arg() and SSL_set_record_padding_callback_arg() assign a value <b>arg</b> that is passed to the callback when it is invoked. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() retrieve the <b>arg</b> value that is passed to the callback.</p>
+
+<p>SSL_CTX_set_block_padding() and SSL_set_block_padding() pads the record to a multiple of the <b>block_size</b>. A <b>block_size</b> of 0 or 1 disables block padding. The limit of <b>block_size</b> is SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>The callback is invoked for every record before encryption. The <b>type</b> parameter is the TLS record type that is being processed; may be one of SSL3_RT_APPLICATION_DATA, SSL3_RT_HANDSHAKE, or SSL3_RT_ALERT. The <b>len</b> parameter is the current plaintext length of the record before encryption. The <b>arg</b> parameter is the value set via SSL_CTX_set_record_padding_callback_arg() or SSL_set_record_padding_callback_arg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() functions return the <b>arg</b> value assigned in the corresponding set functions.</p>
+
+<p>The SSL_CTX_set_block_padding() and SSL_set_block_padding() functions return 1 on success or 0 if <b>block_size</b> is too large.</p>
+
+<p>The <b>cb</b> returns the number of padding bytes to add to the record. A return of 0 indicates no padding will be added. A return value that causes the record to exceed the maximum record size (SSL3_RT_MAX_PLAIN_LENGTH) will pad out to the maximum record size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default behavior is to add no padding to the record.</p>
+
+<p>A user-supplied padding callback function will override the behavior set by SSL_set_block_padding() or SSL_CTX_set_block_padding(). Setting the user-supplied callback to NULL will restore the configured block padding behavior.</p>
+
+<p>These functions only apply to TLS 1.3 records being written.</p>
+
+<p>Padding bytes are not added in constant-time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The record padding API was added for TLS 1.3 support in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_recv_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_recv_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_recv_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_security_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_security_callback.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_security_callback.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_security_level.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_security_level.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_security_level.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_cache_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_cache_mode.html
new file mode 100644
index 000000000..16d0192b2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_cache_mode.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_cache_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - enable/disable session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode);
+ long SSL_CTX_get_session_cache_mode(SSL_CTX ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_session_cache_mode() enables/disables session caching by setting the operational mode for <b>ctx</b> to &lt;mode&gt;.</p>
+
+<p>SSL_CTX_get_session_cache_mode() returns the currently used cache mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The OpenSSL library can store/retrieve SSL/TLS sessions for later reuse. The sessions can be held in memory for each <b>ctx</b>, if more than one SSL_CTX object is being maintained, the sessions are unique for each SSL_CTX object.</p>
+
+<p>In order to reuse a session, a client must send the session&#39;s id to the server. It can only send exactly one id. The server then either agrees to reuse the session or it starts a full handshake (to create a new session).</p>
+
+<p>A server will look up the session in its internal session storage. If the session is not found in internal storage or lookups for the internal storage have been deactivated (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), the server will try the external storage if available.</p>
+
+<p>Since a client may try to reuse a session intended for use in a different context, the session id context must be set by the server (see <a href="../man3/SSL_CTX_set_session_id_context.html">SSL_CTX_set_session_id_context(3)</a>).</p>
+
+<p>The following session cache modes and modifiers are available:</p>
+
+<dl>
+
+<dt id="SSL_SESS_CACHE_OFF">SSL_SESS_CACHE_OFF</dt>
+<dd>
+
+<p>No session caching for client or server takes place.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_CLIENT">SSL_SESS_CACHE_CLIENT</dt>
+<dd>
+
+<p>Client sessions are added to the session cache. As there is no reliable way for the OpenSSL library to know whether a session should be reused or which session to choose (due to the abstract BIO layer the SSL engine does not have details about the connection), the application must select the session to be reused by using the <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a> function. This option is not activated by default.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_SERVER">SSL_SESS_CACHE_SERVER</dt>
+<dd>
+
+<p>Server sessions are added to the session cache. When a client proposes a session to be reused, the server looks for the corresponding session in (first) the internal session cache (unless SSL_SESS_CACHE_NO_INTERNAL_LOOKUP is set), then (second) in the external cache if available. If the session is found, the server will try to reuse the session. This is the default.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_BOTH">SSL_SESS_CACHE_BOTH</dt>
+<dd>
+
+<p>Enable both SSL_SESS_CACHE_CLIENT and SSL_SESS_CACHE_SERVER at the same time.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_NO_AUTO_CLEAR">SSL_SESS_CACHE_NO_AUTO_CLEAR</dt>
+<dd>
+
+<p>Normally the session cache is checked for expired sessions every 255 connections using the <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> function. Since this may lead to a delay which cannot be controlled, the automatic flushing may be disabled and <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> can be called explicitly by the application.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_NO_INTERNAL_LOOKUP">SSL_SESS_CACHE_NO_INTERNAL_LOOKUP</dt>
+<dd>
+
+<p>By setting this flag, session-resume operations in an SSL/TLS server will not automatically look up sessions in the internal cache, even if sessions are automatically stored there. If external session caching callbacks are in use, this flag guarantees that all lookups are directed to the external cache. As automatic lookup only applies for SSL/TLS servers, the flag has no effect on clients.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_NO_INTERNAL_STORE">SSL_SESS_CACHE_NO_INTERNAL_STORE</dt>
+<dd>
+
+<p>Depending on the presence of SSL_SESS_CACHE_CLIENT and/or SSL_SESS_CACHE_SERVER, sessions negotiated in an SSL/TLS handshake may be cached for possible reuse. Normally a new session is added to the internal cache as well as any external session caching (callback) that is configured for the SSL_CTX. This flag will prevent sessions being stored in the internal cache (though the application can add them manually using <a href="../man3/SSL_CTX_add_session.html">SSL_CTX_add_session(3)</a>). Note: in any SSL/TLS servers where external caching is configured, any successful session lookups in the external cache (ie. for session-resume requests) would normally be copied into the local cache before processing continues - this flag prevents these additions to the internal cache as well.</p>
+
+</dd>
+<dt id="SSL_SESS_CACHE_NO_INTERNAL">SSL_SESS_CACHE_NO_INTERNAL</dt>
+<dd>
+
+<p>Enable both SSL_SESS_CACHE_NO_INTERNAL_LOOKUP and SSL_SESS_CACHE_NO_INTERNAL_STORE at the same time.</p>
+
+</dd>
+</dl>
+
+<p>The default mode is SSL_SESS_CACHE_SERVER.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_session_cache_mode() returns the previously set cache mode.</p>
+
+<p>SSL_CTX_get_session_cache_mode() returns the currently set cache mode.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_CTX_add_session.html">SSL_CTX_add_session(3)</a>, <a href="../man3/SSL_CTX_sess_number.html">SSL_CTX_sess_number(3)</a>, <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a>, <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a>, <a href="../man3/SSL_CTX_set_session_id_context.html">SSL_CTX_set_session_id_context(3)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_id_context.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_id_context.html
new file mode 100644
index 000000000..00eadaf08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_id_context.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_id_context</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context within which session can be reused (server side only)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+                                    unsigned int sid_ctx_len);
+ int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+                                unsigned int sid_ctx_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_session_id_context() sets the context <b>sid_ctx</b> of length <b>sid_ctx_len</b> within which a session can be reused for the <b>ctx</b> object.</p>
+
+<p>SSL_set_session_id_context() sets the context <b>sid_ctx</b> of length <b>sid_ctx_len</b> within which a session can be reused for the <b>ssl</b> object.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are generated within a certain context. When exporting/importing sessions with <b>i2d_SSL_SESSION</b>/<b>d2i_SSL_SESSION</b> it would be possible, to re-import a session generated from another context (e.g. another application), which might lead to malfunctions. Therefore each application must set its own session id context <b>sid_ctx</b> which is used to distinguish the contexts and is stored in exported sessions. The <b>sid_ctx</b> can be any kind of binary data with a given length, it is therefore possible to use e.g. the name of the application and/or the hostname and/or service name ...</p>
+
+<p>The session id context becomes part of the session. The session id context is set by the SSL/TLS server. The SSL_CTX_set_session_id_context() and SSL_set_session_id_context() functions are therefore only useful on the server side.</p>
+
+<p>OpenSSL clients will check the session id context returned by the server when reusing a session.</p>
+
+<p>The maximum length of the <b>sid_ctx</b> is limited to <b>SSL_MAX_SSL_SESSION_ID_LENGTH</b>.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>If the session id context is not set on an SSL/TLS server and client certificates are used, stored sessions will not be reused but a fatal error will be flagged and the handshake will fail.</p>
+
+<p>If a server returns a different session id context to an OpenSSL client when reusing a session, an error will be flagged and the handshake will fail. OpenSSL servers will always return the correct session id context, as an OpenSSL server checks the session id context itself before reusing a session as described above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_session_id_context() and SSL_set_session_id_context() return the following values:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The length <b>sid_ctx_len</b> of the session id context <b>sid_ctx</b> exceeded the maximum allowed length of <b>SSL_MAX_SSL_SESSION_ID_LENGTH</b>. The error is logged to the error stack.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_ticket_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_ticket_cb.html
new file mode 100644
index 000000000..3b212e2e5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_session_ticket_cb.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_ticket_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_ticket_cb, SSL_SESSION_get0_ticket_appdata, SSL_SESSION_set1_ticket_appdata, SSL_CTX_generate_session_ticket_fn, SSL_CTX_decrypt_session_ticket_fn - manage session ticket application data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_CTX_generate_session_ticket_fn)(SSL *s, void *arg);
+ typedef SSL_TICKET_RETURN (*SSL_CTX_decrypt_session_ticket_fn)(SSL *s, SSL_SESSION *ss,
+                                                                const unsigned char *keyname,
+                                                                size_t keyname_len,
+                                                                SSL_TICKET_STATUS status,
+                                                                void *arg);
+ int SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx,
+                                   SSL_CTX_generate_session_ticket_fn gen_cb,
+                                   SSL_CTX_decrypt_session_ticket_fn dec_cb,
+                                   void *arg);
+ int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len);
+ int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_set_session_ticket_cb() sets the application callbacks <b>gen_cb</b> and <b>dec_cb</b> that are used by a server to set and get application data stored with a session, and placed into a session ticket. Either callback function may be set to NULL. The value of <b>arg</b> is passed to the callbacks.</p>
+
+<p><b>gen_cb</b> is the application defined callback invoked when a session ticket is about to be created. The application can call SSL_SESSION_set1_ticket_appdata() at this time to add application data to the session ticket. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>gen_cb</b> callback is defined as type <b>SSL_CTX_generate_session_ticket_fn</b>.</p>
+
+<p><b>dec_cb</b> is the application defined callback invoked after session ticket decryption has been attempted and any session ticket application data is available. If ticket decryption was successful then the <b>ss</b> argument contains the session data. The <b>keyname</b> and <b>keyname_len</b> arguments identify the key used to decrypt the session ticket. The <b>status</b> argument is the result of the ticket decryption. See the <a>NOTES</a> section below for further details. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>dec_cb</b> callback is defined as type <b>SSL_CTX_decrypt_session_ticket_fn</b>.</p>
+
+<p>SSL_SESSION_set1_ticket_appdata() sets the application data specified by <b>data</b> and <b>len</b> into <b>ss</b> which is then placed into any generated session tickets. It can be called at any time before a session ticket is created to update the data placed into the session ticket. However, given that sessions and tickets are created by the handshake, the <b>gen_cb</b> is provided to notify the application that a session ticket is about to be generated.</p>
+
+<p>SSL_SESSION_get0_ticket_appdata() assigns <b>data</b> to the session ticket application data and assigns <b>len</b> to the length of the session ticket application data from <b>ss</b>. The application data can be set via SSL_SESSION_set1_ticket_appdata() or by a session ticket. NULL will be assigned to <b>data</b> and 0 will be assigned to <b>len</b> if there is no session ticket application data. SSL_SESSION_get0_ticket_appdata() can be called any time after a session has been created. The <b>dec_cb</b> is provided to notify the application that a session ticket has just been decrypted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When the <b>dec_cb</b> callback is invoked, the SSL_SESSION <b>ss</b> has not yet been assigned to the SSL <b>s</b>. The <b>status</b> indicates the result of the ticket decryption. The callback must check the <b>status</b> value before performing any action, as it is called even if ticket decryption fails.</p>
+
+<p>The <b>keyname</b> and <b>keyname_len</b> arguments to <b>dec_cb</b> may be used to identify the key that was used to encrypt the session ticket.</p>
+
+<p>The <b>status</b> argument can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_EMPTY">SSL_TICKET_EMPTY</dt>
+<dd>
+
+<p>Empty ticket present. No ticket data will be used and a new ticket should be sent to the client. This only occurs in TLSv1.2 or below. In TLSv1.3 it is not valid for a client to send an empty ticket.</p>
+
+</dd>
+<dt id="SSL_TICKET_NO_DECRYPT">SSL_TICKET_NO_DECRYPT</dt>
+<dd>
+
+<p>The ticket couldn&#39;t be decrypted. No ticket data will be used and a new ticket should be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS">SSL_TICKET_SUCCESS</dt>
+<dd>
+
+<p>A ticket was successfully decrypted, any session ticket application data should be available. A new ticket should not be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS_RENEW">SSL_TICKET_SUCCESS_RENEW</dt>
+<dd>
+
+<p>Same as <b>SSL_TICKET_SUCCESS</b>, but a new ticket should be sent to the client.</p>
+
+</dd>
+</dl>
+
+<p>The return value can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_RETURN_ABORT">SSL_TICKET_RETURN_ABORT</dt>
+<dd>
+
+<p>The handshake should be aborted, either because of an error or because of some policy. Note that in TLSv1.3 a client may send more than one ticket in a single handshake. Therefore just because one ticket is unacceptable it does not mean that all of them are. For this reason this option should be used with caution.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE">SSL_TICKET_RETURN_IGNORE</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Do not send a renewed ticket to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE_RENEW">SSL_TICKET_RETURN_IGNORE_RENEW</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Send a renewed ticket to the client.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE">SSL_TICKET_RETURN_USE</dt>
+<dd>
+
+<p>Use the ticket. Do not send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE_RENEW">SSL_TICKET_RETURN_USE_RENEW</dt>
+<dd>
+
+<p>Use the ticket. Send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+</dd>
+</dl>
+
+<p>If <b>status</b> has the value <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b> then no session data will be available and the callback must not use the <b>ss</b> argument. If <b>status</b> has the value <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b> then the application can call SSL_SESSION_get0_ticket_appdata() using the session provided in the <b>ss</b> argument to retrieve the application data.</p>
+
+<p>When the <b>gen_cb</b> callback is invoked, the SSL_get_session() function can be used to retrieve the SSL_SESSION for SSL_SESSION_set1_ticket_appdata().</p>
+
+<p>By default, in TLSv1.2 and below, a new session ticket is not issued on a successful resumption and therefore <b>gen_cb</b> will not be called. In TLSv1.3 the default behaviour is to always issue a new ticket on resumption. In both cases this behaviour can be changed if a ticket key callback is in use (see <a href="../man3/SSL_CTX_set_tlsext_ticket_key_cb.html">SSL_CTX_set_tlsext_ticket_key_cb(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get0_ticket_appdata() functions return 1 on success and 0 on failure.</p>
+
+<p>The <b>gen_cb</b> callback must return 1 to continue the connection. A return of 0 will terminate the connection with an INTERNAL_ERROR alert.</p>
+
+<p>The <b>dec_cb</b> callback must return a value as described in <a>NOTES</a> above.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get_ticket_appdata() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_split_send_fragment.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_split_send_fragment.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_split_send_fragment.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ssl_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ssl_version.html
new file mode 100644
index 000000000..c61545867
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_ssl_version.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ssl_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method - choose a new TLS/SSL method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
+ int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+ const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_ssl_version() sets a new default TLS/SSL <b>method</b> for SSL objects newly created from this <b>ctx</b>. SSL objects already created with <a href="../man3/SSL_new.html">SSL_new(3)</a> are not affected, except when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is being called.</p>
+
+<p>SSL_set_ssl_method() sets a new TLS/SSL <b>method</b> for a particular <b>ssl</b> object. It may be reset, when SSL_clear() is called.</p>
+
+<p>SSL_get_ssl_method() returns a function pointer to the TLS/SSL method set in <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The available <b>method</b> choices are described in <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>.</p>
+
+<p>When <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called and no session is connected to an SSL object, the method of the SSL object is reset to the method currently set in the corresponding SSL_CTX object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur for SSL_CTX_set_ssl_version() and SSL_set_ssl_method():</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The new choice failed, check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html
new file mode 100644
index 000000000..ba0895923
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_stateless_cookie_generate_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_stateless_cookie_generate_cb, SSL_CTX_set_stateless_cookie_verify_cb - Callback functions for stateless TLS1.3 cookies</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_stateless_cookie_generate_cb(
+     SSL_CTX *ctx,
+     int (*gen_stateless_cookie_cb) (SSL *ssl,
+                                     unsigned char *cookie,
+                                     size_t *cookie_len));
+ void SSL_CTX_set_stateless_cookie_verify_cb(
+     SSL_CTX *ctx,
+     int (*verify_stateless_cookie_cb) (SSL *ssl,
+                                        const unsigned char *cookie,
+                                        size_t cookie_len));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cookie_generate_cb() sets the callback used by <a href="../man3/SSL_stateless.html">SSL_stateless(3)</a> to generate the application-controlled portion of the cookie provided to clients in the HelloRetryRequest transmitted as a response to a ClientHello with a missing or invalid cookie. gen_stateless_cookie_cb() must write at most SSL_COOKIE_LENGTH bytes into <b>cookie</b>, and must write the number of bytes written to <b>cookie_len</b>. If a cookie cannot be generated, a zero return value can be used to abort the handshake.</p>
+
+<p>SSL_CTX_set_cookie_verify_cb() sets the callback used by <a href="../man3/SSL_stateless.html">SSL_stateless(3)</a> to determine whether the application-controlled portion of a ClientHello cookie is valid. A nonzero return value from app_verify_cookie_cb() communicates that the cookie is valid. The integrity of the entire cookie, including the application-controlled portion, is automatically verified by HMAC before verify_stateless_cookie_cb() is called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Neither function returns a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_stateless.html">SSL_stateless(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_stateless_cookie_verify_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_stateless_cookie_verify_cb.html
new file mode 100644
index 000000000..ba0895923
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_stateless_cookie_verify_cb.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_stateless_cookie_generate_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_stateless_cookie_generate_cb, SSL_CTX_set_stateless_cookie_verify_cb - Callback functions for stateless TLS1.3 cookies</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_stateless_cookie_generate_cb(
+     SSL_CTX *ctx,
+     int (*gen_stateless_cookie_cb) (SSL *ssl,
+                                     unsigned char *cookie,
+                                     size_t *cookie_len));
+ void SSL_CTX_set_stateless_cookie_verify_cb(
+     SSL_CTX *ctx,
+     int (*verify_stateless_cookie_cb) (SSL *ssl,
+                                        const unsigned char *cookie,
+                                        size_t cookie_len));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cookie_generate_cb() sets the callback used by <a href="../man3/SSL_stateless.html">SSL_stateless(3)</a> to generate the application-controlled portion of the cookie provided to clients in the HelloRetryRequest transmitted as a response to a ClientHello with a missing or invalid cookie. gen_stateless_cookie_cb() must write at most SSL_COOKIE_LENGTH bytes into <b>cookie</b>, and must write the number of bytes written to <b>cookie_len</b>. If a cookie cannot be generated, a zero return value can be used to abort the handshake.</p>
+
+<p>SSL_CTX_set_cookie_verify_cb() sets the callback used by <a href="../man3/SSL_stateless.html">SSL_stateless(3)</a> to determine whether the application-controlled portion of a ClientHello cookie is valid. A nonzero return value from app_verify_cookie_cb() communicates that the cookie is valid. The integrity of the entire cookie, including the application-controlled portion, is automatically verified by HMAC before verify_stateless_cookie_cb() is called.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Neither function returns a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_stateless.html">SSL_stateless(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_timeout.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_timeout.html
new file mode 100644
index 000000000..8f414fafc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_timeout.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_timeout</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_timeout, SSL_CTX_get_timeout - manipulate timeout values for session caching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+ long SSL_CTX_get_timeout(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_timeout() sets the timeout for newly created sessions for <b>ctx</b> to <b>t</b>. The timeout value <b>t</b> must be given in seconds.</p>
+
+<p>SSL_CTX_get_timeout() returns the currently set timeout value for <b>ctx</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Whenever a new session is created, it is assigned a maximum lifetime. This lifetime is specified by storing the creation time of the session and the timeout value valid at this time. If the actual time is later than creation time plus timeout, the session is not reused.</p>
+
+<p>Due to this realization, all sessions behave according to the timeout value valid at the time of the session negotiation. Changes of the timeout value do not affect already established sessions.</p>
+
+<p>The expiration time of a single session can be modified using the <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a> family of functions.</p>
+
+<p>Expired sessions are removed from the internal session cache, whenever <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> is called, either directly by the application or automatically (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>)</p>
+
+<p>The default value for session timeout is decided on a per protocol basis, see <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a>. All currently supported protocols have the same default timeout value of 300 seconds.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_timeout() returns the previously set timeout value.</p>
+
+<p>SSL_CTX_get_timeout() returns the currently set timeout value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_max_fragment_length.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_max_fragment_length.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_max_fragment_length.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_servername_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_servername_arg.html
new file mode 100644
index 000000000..4cf6c16a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_servername_arg.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_servername_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type, SSL_get_servername, SSL_set_tlsext_host_name - handle server name indication (SNI)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
+                                   int (*cb)(SSL *, int *, void *));
+ long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
+
+ const char *SSL_get_servername(const SSL *s, const int type);
+ int SSL_get_servername_type(const SSL *s);
+
+ int SSL_set_tlsext_host_name(const SSL *s, const char *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functionality provided by the servername callback is superseded by the ClientHello callback, which can be set using SSL_CTX_set_client_hello_cb(). The servername callback is retained for historical compatibility.</p>
+
+<p>SSL_CTX_set_tlsext_servername_callback() sets the application callback <b>cb</b> used by a server to perform any actions or configuration required based on the servername extension received in the incoming connection. When <b>cb</b> is NULL, SNI is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p>SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be passed into the callback for this <b>SSL_CTX</b>.</p>
+
+<p>SSL_get_servername() returns a servername extension value of the specified type if provided in the Client Hello or NULL.</p>
+
+<p>SSL_get_servername_type() returns the servername type or -1 if no servername is present. Currently the only supported type (defined in RFC3546) is <b>TLSEXT_NAMETYPE_host_name</b>.</p>
+
+<p>SSL_set_tlsext_host_name() sets the server name indication ClientHello extension to contain the value <b>name</b>. The type of server name indication extension is set to <b>TLSEXT_NAMETYPE_host_name</b> (defined in RFC3546).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Several callbacks are executed during ClientHello processing, including the ClientHello, ALPN, and servername callbacks. The ClientHello callback is executed first, then the servername callback, followed by the ALPN callback.</p>
+
+<p>The SSL_set_tlsext_host_name() function should only be called on SSL objects that will act as clients; otherwise the configured <b>name</b> will be ignored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback() and SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success. SSL_set_tlsext_host_name() returns 1 on success, 0 in case of error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_alpn_select_cb.html">SSL_CTX_set_alpn_select_cb(3)</a>, <a href="../man3/SSL_get0_alpn_selected.html">SSL_get0_alpn_selected(3)</a>, <a href="../man3/SSL_CTX_set_client_hello_cb.html">SSL_CTX_set_client_hello_cb(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_servername_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_servername_callback.html
new file mode 100644
index 000000000..4cf6c16a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_servername_callback.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_servername_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type, SSL_get_servername, SSL_set_tlsext_host_name - handle server name indication (SNI)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
+                                   int (*cb)(SSL *, int *, void *));
+ long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
+
+ const char *SSL_get_servername(const SSL *s, const int type);
+ int SSL_get_servername_type(const SSL *s);
+
+ int SSL_set_tlsext_host_name(const SSL *s, const char *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functionality provided by the servername callback is superseded by the ClientHello callback, which can be set using SSL_CTX_set_client_hello_cb(). The servername callback is retained for historical compatibility.</p>
+
+<p>SSL_CTX_set_tlsext_servername_callback() sets the application callback <b>cb</b> used by a server to perform any actions or configuration required based on the servername extension received in the incoming connection. When <b>cb</b> is NULL, SNI is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p>SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be passed into the callback for this <b>SSL_CTX</b>.</p>
+
+<p>SSL_get_servername() returns a servername extension value of the specified type if provided in the Client Hello or NULL.</p>
+
+<p>SSL_get_servername_type() returns the servername type or -1 if no servername is present. Currently the only supported type (defined in RFC3546) is <b>TLSEXT_NAMETYPE_host_name</b>.</p>
+
+<p>SSL_set_tlsext_host_name() sets the server name indication ClientHello extension to contain the value <b>name</b>. The type of server name indication extension is set to <b>TLSEXT_NAMETYPE_host_name</b> (defined in RFC3546).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Several callbacks are executed during ClientHello processing, including the ClientHello, ALPN, and servername callbacks. The ClientHello callback is executed first, then the servername callback, followed by the ALPN callback.</p>
+
+<p>The SSL_set_tlsext_host_name() function should only be called on SSL objects that will act as clients; otherwise the configured <b>name</b> will be ignored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback() and SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success. SSL_set_tlsext_host_name() returns 1 on success, 0 in case of error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_alpn_select_cb.html">SSL_CTX_set_alpn_select_cb(3)</a>, <a href="../man3/SSL_get0_alpn_selected.html">SSL_get0_alpn_selected(3)</a>, <a href="../man3/SSL_CTX_set_client_hello_cb.html">SSL_CTX_set_client_hello_cb(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_arg.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_arg.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_cb.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_cb.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_type.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_type.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_type.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html
new file mode 100644
index 000000000..c198a9389
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html
@@ -0,0 +1,175 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_ticket_key_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_ticket_key_cb - set a callback for session ticket processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX sslctx,
+     int (*cb)(SSL *s, unsigned char key_name[16],
+               unsigned char iv[EVP_MAX_IV_LENGTH],
+               EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc));</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_tlsext_ticket_key_cb() sets a callback function <i>cb</i> for handling session tickets for the ssl context <i>sslctx</i>. Session tickets, defined in RFC5077 provide an enhanced session resumption capability where the server implementation is not required to maintain per session state. It only applies to TLS and there is no SSLv3 implementation.</p>
+
+<p>The callback function <i>cb</i> will be called for every client instigated TLS session when session ticket extension is presented in the TLS hello message. It is the responsibility of this function to create or retrieve the cryptographic parameters and to maintain their state.</p>
+
+<p>The OpenSSL library uses your callback function to help implement a common TLS ticket construction state according to RFC5077 Section 4 such that per session state is unnecessary and a small set of cryptographic variables needs to be maintained by the callback function implementation.</p>
+
+<p>In order to reuse a session, a TLS client must send the a session ticket extension to the server. The client can only send exactly one session ticket. The server, through the callback function, either agrees to reuse the session ticket information or it starts a full TLS handshake to create a new session ticket.</p>
+
+<p>Before the callback function is started <i>ctx</i> and <i>hctx</i> have been initialised with <a href="../man3/EVP_CIPHER_CTX_reset.html">EVP_CIPHER_CTX_reset(3)</a> and <a href="../man3/HMAC_CTX_reset.html">HMAC_CTX_reset(3)</a> respectively.</p>
+
+<p>For new sessions tickets, when the client doesn&#39;t present a session ticket, or an attempted retrieval of the ticket failed, or a renew option was indicated, the callback function will be called with <i>enc</i> equal to 1. The OpenSSL library expects that the function will set an arbitrary <i>name</i>, initialize <i>iv</i>, and set the cipher context <i>ctx</i> and the hash context <i>hctx</i>.</p>
+
+<p>The <i>name</i> is 16 characters long and is used as a key identifier.</p>
+
+<p>The <i>iv</i> length is the length of the IV of the corresponding cipher. The maximum IV length is <b>EVP_MAX_IV_LENGTH</b> bytes defined in <b>evp.h</b>.</p>
+
+<p>The initialization vector <i>iv</i> should be a random value. The cipher context <i>ctx</i> should use the initialisation vector <i>iv</i>. The cipher context can be set using <a href="../man3/EVP_EncryptInit_ex.html">EVP_EncryptInit_ex(3)</a>. The hmac context can be set using <a href="../man3/HMAC_Init_ex.html">HMAC_Init_ex(3)</a>.</p>
+
+<p>When the client presents a session ticket, the callback function with be called with <i>enc</i> set to 0 indicating that the <i>cb</i> function should retrieve a set of parameters. In this case <i>name</i> and <i>iv</i> have already been parsed out of the session ticket. The OpenSSL library expects that the <i>name</i> will be used to retrieve a cryptographic parameters and that the cryptographic context <i>ctx</i> will be set with the retrieved parameters and the initialization vector <i>iv</i>. using a function like <a href="../man3/EVP_DecryptInit_ex.html">EVP_DecryptInit_ex(3)</a>. The <i>hctx</i> needs to be set using <a href="../man3/HMAC_Init_ex.html">HMAC_Init_ex(3)</a>.</p>
+
+<p>If the <i>name</i> is still valid but a renewal of the ticket is required the callback function should return 2. The library will call the callback again with an argument of enc equal to 1 to set the new ticket.</p>
+
+<p>The return value of the <i>cb</i> function is used by OpenSSL to determine what further processing will occur. The following return values have meaning:</p>
+
+<dl>
+
+<dt id="pod2">2</dt>
+<dd>
+
+<p>This indicates that the <i>ctx</i> and <i>hctx</i> have been set and the session can continue on those parameters. Additionally it indicates that the session ticket is in a renewal period and should be replaced. The OpenSSL library will call <i>cb</i> again with an enc argument of 1 to set the new ticket (see RFC5077 3.3 paragraph 2).</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>This indicates that the <i>ctx</i> and <i>hctx</i> have been set and the session can continue on those parameters.</p>
+
+</dd>
+<dt id="pod0">0</dt>
+<dd>
+
+<p>This indicates that it was not possible to set/retrieve a session ticket and the SSL/TLS session will continue by negotiating a set of cryptographic parameters or using the alternate SSL/TLS resumption mechanism, session ids.</p>
+
+<p>If called with enc equal to 0 the library will call the <i>cb</i> again to get a new set of parameters.</p>
+
+</dd>
+<dt id="less-than-0">less than 0</dt>
+<dd>
+
+<p>This indicates an error.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Session resumption shortcuts the TLS so that the client certificate negotiation don&#39;t occur. It makes up for this by storing client certificate an all other negotiated state information encrypted within the ticket. In a resumed session the applications will have all this state information available exactly as if a full negotiation had occurred.</p>
+
+<p>If an attacker can obtain the key used to encrypt a session ticket, they can obtain the master secret for any ticket using that key and decrypt any traffic using that session: even if the cipher suite supports forward secrecy. As a result applications may wish to use multiple keys and avoid using long term keys stored in files.</p>
+
+<p>Applications can use longer keys to maintain a consistent level of security. For example if a cipher suite uses 256 bit ciphers but only a 128 bit ticket key the overall security is only 128 bits because breaking the ticket key will enable an attacker to obtain the session keys.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Reference Implementation:</p>
+
+<pre><code> SSL_CTX_set_tlsext_ticket_key_cb(SSL, ssl_tlsext_ticket_key_cb);
+ ...
+
+ static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16],
+                                     unsigned char *iv, EVP_CIPHER_CTX *ctx,
+                                     HMAC_CTX *hctx, int enc)
+ {
+     if (enc) { /* create new session */
+         if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) &lt;= 0)
+             return -1; /* insufficient random */
+
+         key = currentkey(); /* something that you need to implement */
+         if (key == NULL) {
+             /* current key doesn&#39;t exist or isn&#39;t valid */
+             key = createkey(); /*
+                                 * Something that you need to implement.
+                                 * createkey needs to initialise a name,
+                                 * an aes_key, a hmac_key and optionally
+                                 * an expire time.
+                                 */
+             if (key == NULL) /* key couldn&#39;t be created */
+                 return 0;
+         }
+         memcpy(key_name, key-&gt;name, 16);
+
+         EVP_EncryptInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, key-&gt;aes_key, iv);
+         HMAC_Init_ex(&amp;hctx, key-&gt;hmac_key, 16, EVP_sha256(), NULL);
+
+         return 1;
+
+     } else { /* retrieve session */
+         key = findkey(name);
+
+         if (key == NULL || key-&gt;expire &lt; now())
+             return 0;
+
+         HMAC_Init_ex(&amp;hctx, key-&gt;hmac_key, 16, EVP_sha256(), NULL);
+         EVP_DecryptInit_ex(&amp;ctx, EVP_aes_128_cbc(), NULL, key-&gt;aes_key, iv);
+
+         if (key-&gt;expire &lt; now() - RENEW_TIME) {
+             /*
+              * return 2 - This session will get a new ticket even though the
+              * current one is still valid.
+              */
+             return 2;
+         }
+         return 1;
+     }
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>returns 0 to indicate the callback function was set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_CTX_add_session.html">SSL_CTX_add_session(3)</a>, <a href="../man3/SSL_CTX_sess_number.html">SSL_CTX_sess_number(3)</a>, <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a>, <a href="../man3/SSL_CTX_set_session_id_context.html">SSL_CTX_set_session_id_context(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_use_srtp.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_use_srtp.html
new file mode 100644
index 000000000..6f32f070f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_use_srtp.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_use_srtp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_use_srtp, SSL_set_tlsext_use_srtp, SSL_get_srtp_profiles, SSL_get_selected_srtp_profile - Configure and query SRTP support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/srtp.h&gt;
+
+ int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
+ int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles);
+
+ STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SRTP is the Secure Real-Time Transport Protocol. OpenSSL implements support for the &quot;use_srtp&quot; DTLS extension defined in RFC5764. This provides a mechanism for establishing SRTP keying material, algorithms and parameters using DTLS. This capability may be used as part of an implementation that conforms to RFC5763. OpenSSL does not implement SRTP itself or RFC5763. Note that OpenSSL does not support the use of SRTP Master Key Identifiers (MKIs). Also note that this extension is only supported in DTLS. Any SRTP configuration will be ignored if a TLS connection is attempted.</p>
+
+<p>An OpenSSL client wishing to send the &quot;use_srtp&quot; extension should call SSL_CTX_set_tlsext_use_srtp() to set its use for all SSL objects subsequently created from an SSL_CTX. Alternatively a client may call SSL_set_tlsext_use_srtp() to set its use for an individual SSL object. The <b>profiles</b> parameters should point to a NUL-terminated, colon delimited list of SRTP protection profile names.</p>
+
+<p>The currently supported protection profile names are:</p>
+
+<dl>
+
+<dt id="SRTP_AES128_CM_SHA1_80">SRTP_AES128_CM_SHA1_80</dt>
+<dd>
+
+<p>This corresponds to SRTP_AES128_CM_HMAC_SHA1_80 defined in RFC5764.</p>
+
+</dd>
+<dt id="SRTP_AES128_CM_SHA1_32">SRTP_AES128_CM_SHA1_32</dt>
+<dd>
+
+<p>This corresponds to SRTP_AES128_CM_HMAC_SHA1_32 defined in RFC5764.</p>
+
+</dd>
+<dt id="SRTP_AEAD_AES_128_GCM">SRTP_AEAD_AES_128_GCM</dt>
+<dd>
+
+<p>This corresponds to the profile of the same name defined in RFC7714.</p>
+
+</dd>
+<dt id="SRTP_AEAD_AES_256_GCM">SRTP_AEAD_AES_256_GCM</dt>
+<dd>
+
+<p>This corresponds to the profile of the same name defined in RFC7714.</p>
+
+</dd>
+</dl>
+
+<p>Supplying an unrecognised protection profile name will result in an error.</p>
+
+<p>An OpenSSL server wishing to support the &quot;use_srtp&quot; extension should also call SSL_CTX_set_tlsext_use_srtp() or SSL_set_tlsext_use_srtp() to indicate the protection profiles that it is willing to negotiate.</p>
+
+<p>The currently configured list of protection profiles for either a client or a server can be obtained by calling SSL_get_srtp_profiles(). This returns a stack of SRTP_PROTECTION_PROFILE objects. The memory pointed to in the return value of this function should not be freed by the caller.</p>
+
+<p>After a handshake has been completed the negotiated SRTP protection profile (if any) can be obtained (on the client or the server) by calling SSL_get_selected_srtp_profile(). This function will return NULL if no SRTP protection profile was negotiated. The memory returned from this function should not be freed by the caller.</p>
+
+<p>If an SRTP protection profile has been successfully negotiated then the SRTP keying material (on both the client and server) should be obtained via a call to <a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a>. This call should provide a label value of &quot;EXTRACTOR-dtls_srtp&quot; and a NULL context value (use_context is 0). The total length of keying material obtained should be equal to two times the sum of the master key length and the salt length as defined for the protection profile in use. This provides the client write master key, the server write master key, the client write master salt and the server write master salt in that order.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_use_srtp() and SSL_set_tlsext_use_srtp() return 0 on success or 1 on error.</p>
+
+<p>SSL_get_srtp_profiles() returns a stack of SRTP_PROTECTION_PROFILE objects on success or NULL on error or if no protection profiles have been configured.</p>
+
+<p>SSL_get_selected_srtp_profile() returns a pointer to an SRTP_PROTECTION_PROFILE object if one has been negotiated or NULL otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tmp_dh.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tmp_dh.html
new file mode 100644
index 000000000..0c5346120
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tmp_dh.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tmp_dh_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+                                  DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+                                                         int keylength));
+ long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
+
+ void SSL_set_tmp_dh_callback(SSL *ctx,
+                              DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+                                                     int keylength));
+ long SSL_set_tmp_dh(SSL *ssl, DH *dh)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback() sets the callback function for <b>ctx</b> to be used when a DH parameters are required to <b>tmp_dh_callback</b>. The callback is inherited by all <b>ssl</b> objects created from <b>ctx</b>.</p>
+
+<p>SSL_CTX_set_tmp_dh() sets DH parameters to be used to be <b>dh</b>. The key is inherited by all <b>ssl</b> objects created from <b>ctx</b>.</p>
+
+<p>SSL_set_tmp_dh_callback() sets the callback only for <b>ssl</b>.</p>
+
+<p>SSL_set_tmp_dh() sets the parameters only for <b>ssl</b>.</p>
+
+<p>These functions apply to SSL/TLS servers only.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When using a cipher with RSA authentication, an ephemeral DH key exchange can take place. Ciphers with DSA keys always use ephemeral DH keys as well. In these cases, the session data are negotiated using the ephemeral/temporary DH key and the key supplied and certified by the certificate chain is only used for signing. Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.</p>
+
+<p>Using ephemeral DH key exchange yields forward secrecy, as the connection can only be decrypted, when the DH key is known. By generating a temporary DH key inside the server application that is lost when the application is left, it becomes impossible for an attacker to decrypt past sessions, even if he gets hold of the normal (certified) key, as this key was only used for signing.</p>
+
+<p>In order to perform a DH key exchange the server must use a DH group (DH parameters) and generate a DH key. The server will always generate a new DH key during the negotiation.</p>
+
+<p>As generating DH parameters is extremely time consuming, an application should not generate the parameters on the fly but supply the parameters. DH parameters can be reused, as the actual key is newly generated during the negotiation. The risk in reusing DH parameters is that an attacker may specialize on a very often used DH group. Applications should therefore generate their own DH parameters during the installation process using the openssl <a href="../man1/dhparam.html">dhparam(1)</a> application. This application guarantees that &quot;strong&quot; primes are used.</p>
+
+<p>Files dh2048.pem, and dh4096.pem in the &#39;apps&#39; directory of the current version of the OpenSSL distribution contain the &#39;SKIP&#39; DH parameters, which use safe primes and were generated verifiably pseudo-randomly. These files can be converted into C code using the <b>-C</b> option of the <a href="../man1/dhparam.html">dhparam(1)</a> application. Generation of custom DH parameters during installation should still be preferred to stop an attacker from specializing on a commonly used group. File dh1024.pem contains old parameters that must not be used by applications.</p>
+
+<p>An application may either directly specify the DH parameters or can supply the DH parameters via a callback function.</p>
+
+<p>Previous versions of the callback used <b>is_export</b> and <b>keylength</b> parameters to control parameter generation for export and non-export cipher suites. Modern servers that do not support export cipher suites are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use the callback but ignore <b>keylength</b> and <b>is_export</b> and simply supply at least 2048-bit parameters in the callback.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Setup DH parameters with a key length of 2048 bits. (Error handling partly left out.)</p>
+
+<p>Command-line parameter generation:</p>
+
+<pre><code> $ openssl dhparam -out dh_param_2048.pem 2048</code></pre>
+
+<p>Code for setting up parameters during server initialization:</p>
+
+<pre><code> SSL_CTX ctx = SSL_CTX_new();
+
+ DH *dh_2048 = NULL;
+ FILE *paramfile = fopen(&quot;dh_param_2048.pem&quot;, &quot;r&quot;);
+
+ if (paramfile) {
+     dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+     fclose(paramfile);
+ } else {
+     /* Error. */
+ }
+ if (dh_2048 == NULL)
+     /* Error. */
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1)
+     /* Error. */
+ ...</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return diagnostic output.</p>
+
+<p>SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0 on failure. Check the error queue to find out the reason of failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tmp_dh_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tmp_dh_callback.html
new file mode 100644
index 000000000..0c5346120
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_tmp_dh_callback.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tmp_dh_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+                                  DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+                                                         int keylength));
+ long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
+
+ void SSL_set_tmp_dh_callback(SSL *ctx,
+                              DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+                                                     int keylength));
+ long SSL_set_tmp_dh(SSL *ssl, DH *dh)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback() sets the callback function for <b>ctx</b> to be used when a DH parameters are required to <b>tmp_dh_callback</b>. The callback is inherited by all <b>ssl</b> objects created from <b>ctx</b>.</p>
+
+<p>SSL_CTX_set_tmp_dh() sets DH parameters to be used to be <b>dh</b>. The key is inherited by all <b>ssl</b> objects created from <b>ctx</b>.</p>
+
+<p>SSL_set_tmp_dh_callback() sets the callback only for <b>ssl</b>.</p>
+
+<p>SSL_set_tmp_dh() sets the parameters only for <b>ssl</b>.</p>
+
+<p>These functions apply to SSL/TLS servers only.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When using a cipher with RSA authentication, an ephemeral DH key exchange can take place. Ciphers with DSA keys always use ephemeral DH keys as well. In these cases, the session data are negotiated using the ephemeral/temporary DH key and the key supplied and certified by the certificate chain is only used for signing. Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.</p>
+
+<p>Using ephemeral DH key exchange yields forward secrecy, as the connection can only be decrypted, when the DH key is known. By generating a temporary DH key inside the server application that is lost when the application is left, it becomes impossible for an attacker to decrypt past sessions, even if he gets hold of the normal (certified) key, as this key was only used for signing.</p>
+
+<p>In order to perform a DH key exchange the server must use a DH group (DH parameters) and generate a DH key. The server will always generate a new DH key during the negotiation.</p>
+
+<p>As generating DH parameters is extremely time consuming, an application should not generate the parameters on the fly but supply the parameters. DH parameters can be reused, as the actual key is newly generated during the negotiation. The risk in reusing DH parameters is that an attacker may specialize on a very often used DH group. Applications should therefore generate their own DH parameters during the installation process using the openssl <a href="../man1/dhparam.html">dhparam(1)</a> application. This application guarantees that &quot;strong&quot; primes are used.</p>
+
+<p>Files dh2048.pem, and dh4096.pem in the &#39;apps&#39; directory of the current version of the OpenSSL distribution contain the &#39;SKIP&#39; DH parameters, which use safe primes and were generated verifiably pseudo-randomly. These files can be converted into C code using the <b>-C</b> option of the <a href="../man1/dhparam.html">dhparam(1)</a> application. Generation of custom DH parameters during installation should still be preferred to stop an attacker from specializing on a commonly used group. File dh1024.pem contains old parameters that must not be used by applications.</p>
+
+<p>An application may either directly specify the DH parameters or can supply the DH parameters via a callback function.</p>
+
+<p>Previous versions of the callback used <b>is_export</b> and <b>keylength</b> parameters to control parameter generation for export and non-export cipher suites. Modern servers that do not support export cipher suites are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use the callback but ignore <b>keylength</b> and <b>is_export</b> and simply supply at least 2048-bit parameters in the callback.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Setup DH parameters with a key length of 2048 bits. (Error handling partly left out.)</p>
+
+<p>Command-line parameter generation:</p>
+
+<pre><code> $ openssl dhparam -out dh_param_2048.pem 2048</code></pre>
+
+<p>Code for setting up parameters during server initialization:</p>
+
+<pre><code> SSL_CTX ctx = SSL_CTX_new();
+
+ DH *dh_2048 = NULL;
+ FILE *paramfile = fopen(&quot;dh_param_2048.pem&quot;, &quot;r&quot;);
+
+ if (paramfile) {
+     dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+     fclose(paramfile);
+ } else {
+     /* Error. */
+ }
+ if (dh_2048 == NULL)
+     /* Error. */
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1)
+     /* Error. */
+ ...</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return diagnostic output.</p>
+
+<p>SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0 on failure. Check the error queue to find out the reason of failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_verify.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_verify.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_verify.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_verify_depth.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_verify_depth.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_set_verify_depth.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_up_ref.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_up_ref.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey_ASN1.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey_ASN1.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey_ASN1.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey_file.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey_file.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey_ASN1.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey_ASN1.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey_ASN1.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey_file.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey_file.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_cert_and_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_cert_and_key.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_cert_and_key.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_ASN1.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_ASN1.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_ASN1.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_chain_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_chain_file.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_chain_file.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_file.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_file.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_psk_identity_hint.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_psk_identity_hint.html
new file mode 100644
index 000000000..59a43d097
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_psk_identity_hint.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_psk_identity_hint</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_server_cb_func, SSL_psk_find_session_cb_func, SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint, SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback, SSL_CTX_set_psk_find_session_callback, SSL_set_psk_find_session_callback - set PSK identity hint to use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+                                             const unsigned char *identity,
+                                             size_t identity_len,
+                                             SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+                                            SSL_psk_find_session_cb_func cb);
+ void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+
+ typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                                const char *identity,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+ void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should set a callback using either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b> and an identity in <b>identity</b> of length <b>identity_len</b>. The callback function should identify an SSL_SESSION object that provides the PSK details and store it in <b>*sess</b>. The SSL_SESSION object should, as a minimum, set the master key, the ciphersuite and the protocol version. See <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a> for details.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be used but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL.</p>
+
+<p>Identity hints are not relevant for TLSv1.3. A server application wishing to use PSK ciphersuites for TLSv1.2 and below may call SSL_CTX_use_psk_identity_hint() to set the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for SSL context object <b>ctx</b>. SSL_use_psk_identity_hint() sets the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for the SSL connection object <b>ssl</b>. If <b>hint</b> is <b>NULL</b> the current hint from <b>ctx</b> or <b>ssl</b> is deleted.</p>
+
+<p>In the case where PSK identity hint is <b>NULL</b>, the server does not send the ServerKeyExchange message to the client.</p>
+
+<p>A server application wishing to use PSKs for TLSv1.2 and below must provide a callback function which is called when the server receives the ClientKeyExchange message from the client. The purpose of the callback function is to validate the received PSK identity and to fetch the pre-shared key used during the connection setup phase. The callback is set using the functions SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback(). The callback function is given the connection in parameter <b>ssl</b>, <b>NUL</b>-terminated PSK identity sent by the client in parameter <b>identity</b>, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback() and use that. In this case the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>SSL_CTX_use_psk_identity_hint()</b> and <b>SSL_use_psk_identity_hint()</b> return 1 on success, 0 otherwise.</p>
+
+<p>Return values from the TLSv1.2 and below server callback are interpreted as follows:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>PSK identity was not found. An &quot;unknown_psk_identity&quot; alert message will be sent and the connection setup fails.</p>
+
+</dd>
+<dt id="pod01">&gt;0</dt>
+<dd>
+
+<p>PSK identity was found and the server callback has provided the PSK successfully in parameter <b>psk</b>. Return value is the length of <b>psk</b> in bytes. It is an error to return a value greater than <b>max_psk_len</b>.</p>
+
+<p>If the PSK identity was not found but the callback instructs the protocol to continue anyway, the callback must provide some random data to <b>psk</b> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely.</p>
+
+</dd>
+</dl>
+
+<p>The <b>SSL_psk_find_session_cb_func</b> callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man3/SSL_set_psk_use_session_callback.html">SSL_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_find_session_callback() and SSL_set_psk_find_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo.html
new file mode 100644
index 000000000..4d5055eec
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_serverinfo</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_serverinfo_ex, SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - use serverinfo extension</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
+                               const unsigned char *serverinfo,
+                               size_t serverinfo_length);
+
+ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+                            size_t serverinfo_length);
+
+ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load &quot;serverinfo&quot; TLS extensions into the SSL_CTX. A &quot;serverinfo&quot; extension is returned in response to an empty ClientHello Extension.</p>
+
+<p>SSL_CTX_use_serverinfo_ex() loads one or more serverinfo extensions from a byte array into <b>ctx</b>. The <b>version</b> parameter specifies the format of the byte array provided in <b>*serverinfo</b> which is of length <b>serverinfo_length</b>.</p>
+
+<p>If <b>version</b> is <b>SSL_SERVERINFOV2</b> then the extensions in the array must consist of a 4-byte context, a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The context and type values have the same meaning as for <a href="../man3/SSL_CTX_add_custom_ext.html">SSL_CTX_add_custom_ext(3)</a>. If serverinfo is being loaded for extensions to be added to a Certificate message, then the extension will only be added for the first certificate in the message (which is always the end-entity certificate).</p>
+
+<p>If <b>version</b> is <b>SSL_SERVERINFOV1</b> then the extensions in the array must consist of a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The type value has the same meaning as for <a href="../man3/SSL_CTX_add_custom_ext.html">SSL_CTX_add_custom_ext(3)</a>. The following default context value will be used in this case:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_use_serverinfo() does the same thing as SSL_CTX_use_serverinfo_ex() except that there is no <b>version</b> parameter so a default version of SSL_SERVERINFOV1 is used instead.</p>
+
+<p>SSL_CTX_use_serverinfo_file() loads one or more serverinfo extensions from <b>file</b> into <b>ctx</b>. The extensions must be in PEM format. Each extension must be in a format as described above for SSL_CTX_use_serverinfo_ex(). Each PEM extension name must begin with the phrase &quot;BEGIN SERVERINFOV2 FOR &quot; for SSL_SERVERINFOV2 data or &quot;BEGIN SERVERINFO FOR &quot; for SSL_SERVERINFOV1 data.</p>
+
+<p>If more than one certificate (RSA/DSA) is installed using SSL_CTX_use_certificate(), the serverinfo extension will be loaded into the last certificate installed. If e.g. the last item was a RSA certificate, the loaded serverinfo extension data will be loaded for that certificate. To use the serverinfo extension for multiple certificates, SSL_CTX_use_serverinfo() needs to be called multiple times, once <b>after</b> each time a certificate is loaded via a call to SSL_CTX_use_certificate().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. On failure, the functions return 0. Check out the error stack to find out the reason.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo_ex.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo_ex.html
new file mode 100644
index 000000000..4d5055eec
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo_ex.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_serverinfo</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_serverinfo_ex, SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - use serverinfo extension</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
+                               const unsigned char *serverinfo,
+                               size_t serverinfo_length);
+
+ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+                            size_t serverinfo_length);
+
+ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load &quot;serverinfo&quot; TLS extensions into the SSL_CTX. A &quot;serverinfo&quot; extension is returned in response to an empty ClientHello Extension.</p>
+
+<p>SSL_CTX_use_serverinfo_ex() loads one or more serverinfo extensions from a byte array into <b>ctx</b>. The <b>version</b> parameter specifies the format of the byte array provided in <b>*serverinfo</b> which is of length <b>serverinfo_length</b>.</p>
+
+<p>If <b>version</b> is <b>SSL_SERVERINFOV2</b> then the extensions in the array must consist of a 4-byte context, a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The context and type values have the same meaning as for <a href="../man3/SSL_CTX_add_custom_ext.html">SSL_CTX_add_custom_ext(3)</a>. If serverinfo is being loaded for extensions to be added to a Certificate message, then the extension will only be added for the first certificate in the message (which is always the end-entity certificate).</p>
+
+<p>If <b>version</b> is <b>SSL_SERVERINFOV1</b> then the extensions in the array must consist of a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The type value has the same meaning as for <a href="../man3/SSL_CTX_add_custom_ext.html">SSL_CTX_add_custom_ext(3)</a>. The following default context value will be used in this case:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_use_serverinfo() does the same thing as SSL_CTX_use_serverinfo_ex() except that there is no <b>version</b> parameter so a default version of SSL_SERVERINFOV1 is used instead.</p>
+
+<p>SSL_CTX_use_serverinfo_file() loads one or more serverinfo extensions from <b>file</b> into <b>ctx</b>. The extensions must be in PEM format. Each extension must be in a format as described above for SSL_CTX_use_serverinfo_ex(). Each PEM extension name must begin with the phrase &quot;BEGIN SERVERINFOV2 FOR &quot; for SSL_SERVERINFOV2 data or &quot;BEGIN SERVERINFO FOR &quot; for SSL_SERVERINFOV1 data.</p>
+
+<p>If more than one certificate (RSA/DSA) is installed using SSL_CTX_use_certificate(), the serverinfo extension will be loaded into the last certificate installed. If e.g. the last item was a RSA certificate, the loaded serverinfo extension data will be loaded for that certificate. To use the serverinfo extension for multiple certificates, SSL_CTX_use_serverinfo() needs to be called multiple times, once <b>after</b> each time a certificate is loaded via a call to SSL_CTX_use_certificate().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. On failure, the functions return 0. Check out the error stack to find out the reason.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo_file.html
new file mode 100644
index 000000000..4d5055eec
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo_file.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_serverinfo</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_serverinfo_ex, SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - use serverinfo extension</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
+                               const unsigned char *serverinfo,
+                               size_t serverinfo_length);
+
+ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+                            size_t serverinfo_length);
+
+ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load &quot;serverinfo&quot; TLS extensions into the SSL_CTX. A &quot;serverinfo&quot; extension is returned in response to an empty ClientHello Extension.</p>
+
+<p>SSL_CTX_use_serverinfo_ex() loads one or more serverinfo extensions from a byte array into <b>ctx</b>. The <b>version</b> parameter specifies the format of the byte array provided in <b>*serverinfo</b> which is of length <b>serverinfo_length</b>.</p>
+
+<p>If <b>version</b> is <b>SSL_SERVERINFOV2</b> then the extensions in the array must consist of a 4-byte context, a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The context and type values have the same meaning as for <a href="../man3/SSL_CTX_add_custom_ext.html">SSL_CTX_add_custom_ext(3)</a>. If serverinfo is being loaded for extensions to be added to a Certificate message, then the extension will only be added for the first certificate in the message (which is always the end-entity certificate).</p>
+
+<p>If <b>version</b> is <b>SSL_SERVERINFOV1</b> then the extensions in the array must consist of a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The type value has the same meaning as for <a href="../man3/SSL_CTX_add_custom_ext.html">SSL_CTX_add_custom_ext(3)</a>. The following default context value will be used in this case:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_use_serverinfo() does the same thing as SSL_CTX_use_serverinfo_ex() except that there is no <b>version</b> parameter so a default version of SSL_SERVERINFOV1 is used instead.</p>
+
+<p>SSL_CTX_use_serverinfo_file() loads one or more serverinfo extensions from <b>file</b> into <b>ctx</b>. The extensions must be in PEM format. Each extension must be in a format as described above for SSL_CTX_use_serverinfo_ex(). Each PEM extension name must begin with the phrase &quot;BEGIN SERVERINFOV2 FOR &quot; for SSL_SERVERINFOV2 data or &quot;BEGIN SERVERINFO FOR &quot; for SSL_SERVERINFOV1 data.</p>
+
+<p>If more than one certificate (RSA/DSA) is installed using SSL_CTX_use_certificate(), the serverinfo extension will be loaded into the last certificate installed. If e.g. the last item was a RSA certificate, the loaded serverinfo extension data will be loaded for that certificate. To use the serverinfo extension for multiple certificates, SSL_CTX_use_serverinfo() needs to be called multiple times, once <b>after</b> each time a certificate is loaded via a call to SSL_CTX_use_certificate().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. On failure, the functions return 0. Check out the error stack to find out the reason.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_dup.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_dup.html
new file mode 100644
index 000000000..cf959d3ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_dup.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_new, SSL_SESSION_dup, SSL_SESSION_up_ref, SSL_SESSION_free - create, free and manage SSL_SESSION structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *SSL_SESSION_new(void);
+ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src);
+ int SSL_SESSION_up_ref(SSL_SESSION *ses);
+ void SSL_SESSION_free(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_new() creates a new SSL_SESSION structure and returns a pointer to it.</p>
+
+<p>SSL_SESSION_dup() copies the contents of the SSL_SESSION structure in <b>src</b> and returns a pointer to it.</p>
+
+<p>SSL_SESSION_up_ref() increments the reference count on the given SSL_SESSION structure.</p>
+
+<p>SSL_SESSION_free() decrements the reference count of <b>session</b> and removes the <b>SSL_SESSION</b> structure pointed to by <b>session</b> and frees up the allocated memory, if the reference count has reached 0. If <b>session</b> is NULL nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_SESSION objects are allocated, when a TLS/SSL handshake operation is successfully completed. Depending on the settings, see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, the SSL_SESSION objects are internally referenced by the SSL_CTX and linked into its session cache. SSL objects may be using the SSL_SESSION object; as a session may be reused, several SSL objects may be using one SSL_SESSION object at the same time. It is therefore crucial to keep the reference count (usage information) correct and not delete a SSL_SESSION object that is still used, as this may lead to program failures due to dangling pointers. These failures may also appear delayed, e.g. when an SSL_SESSION object was completely freed as the reference count incorrectly became 0, but it is still referenced in the internal session cache and the cache list is processed during a <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> operation.</p>
+
+<p>SSL_SESSION_free() must only be called for SSL_SESSION objects, for which the reference count was explicitly incremented (e.g. by calling SSL_get1_session(), see <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>) or when the SSL_SESSION object was generated outside a TLS handshake operation, e.g. by using <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>. It must not be called on other SSL_SESSION objects, as this would cause incorrect reference counts and therefore program failures.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_new returns a pointer to the newly allocated SSL_SESSION structure or NULL on error.</p>
+
+<p>SSL_SESSION_up_ref returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_dup() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_free.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_free.html
new file mode 100644
index 000000000..cf959d3ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_free.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_new, SSL_SESSION_dup, SSL_SESSION_up_ref, SSL_SESSION_free - create, free and manage SSL_SESSION structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *SSL_SESSION_new(void);
+ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src);
+ int SSL_SESSION_up_ref(SSL_SESSION *ses);
+ void SSL_SESSION_free(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_new() creates a new SSL_SESSION structure and returns a pointer to it.</p>
+
+<p>SSL_SESSION_dup() copies the contents of the SSL_SESSION structure in <b>src</b> and returns a pointer to it.</p>
+
+<p>SSL_SESSION_up_ref() increments the reference count on the given SSL_SESSION structure.</p>
+
+<p>SSL_SESSION_free() decrements the reference count of <b>session</b> and removes the <b>SSL_SESSION</b> structure pointed to by <b>session</b> and frees up the allocated memory, if the reference count has reached 0. If <b>session</b> is NULL nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_SESSION objects are allocated, when a TLS/SSL handshake operation is successfully completed. Depending on the settings, see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, the SSL_SESSION objects are internally referenced by the SSL_CTX and linked into its session cache. SSL objects may be using the SSL_SESSION object; as a session may be reused, several SSL objects may be using one SSL_SESSION object at the same time. It is therefore crucial to keep the reference count (usage information) correct and not delete a SSL_SESSION object that is still used, as this may lead to program failures due to dangling pointers. These failures may also appear delayed, e.g. when an SSL_SESSION object was completely freed as the reference count incorrectly became 0, but it is still referenced in the internal session cache and the cache list is processed during a <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> operation.</p>
+
+<p>SSL_SESSION_free() must only be called for SSL_SESSION objects, for which the reference count was explicitly incremented (e.g. by calling SSL_get1_session(), see <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>) or when the SSL_SESSION object was generated outside a TLS handshake operation, e.g. by using <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>. It must not be called on other SSL_SESSION objects, as this would cause incorrect reference counts and therefore program failures.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_new returns a pointer to the newly allocated SSL_SESSION structure or NULL on error.</p>
+
+<p>SSL_SESSION_up_ref returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_dup() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_alpn_selected.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_alpn_selected.html
new file mode 100644
index 000000000..762478d61
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_alpn_selected.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_hostname</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_hostname, SSL_SESSION_set1_hostname, SSL_SESSION_get0_alpn_selected, SSL_SESSION_set1_alpn_selected - get and set SNI and ALPN data ssociated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
+ int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname);
+
+ void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
+                                     const unsigned char **alpn,
+                                     size_t *len);
+ int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
+                                    size_t len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the client when the session was created, or NULL if no value was sent.</p>
+
+<p>The value returned is a pointer to memory maintained within <b>s</b> and should not be free&#39;d.</p>
+
+<p>SSL_SESSION_set1_hostname() sets the SNI value for the hostname to a copy of the string provided in hostname.</p>
+
+<p>SSL_SESSION_get0_alpn_selected() retrieves the selected ALPN protocol for this session and its associated length in bytes. The returned value of <b>*alpn</b> is a pointer to memory maintained within <b>s</b> and should not be free&#39;d.</p>
+
+<p>SSL_SESSION_set1_alpn_selected() sets the ALPN protocol for this session to the value in <b>alpn</b> which should be of length <b>len</b> bytes. A copy of the input value is made, and the caller retains ownership of the memory pointed to by <b>alpn</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get0_hostname() returns either a string or NULL based on if there is the SNI value sent by client.</p>
+
+<p>SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.</p>
+
+<p>SSL_SESSION_set1_alpn_selected() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_set1_hostname(), SSL_SESSION_get0_alpn_selected() and SSL_SESSION_set1_alpn_selected() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_cipher.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_cipher.html
new file mode 100644
index 000000000..6bd9c98f5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_cipher.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_cipher, SSL_SESSION_set_cipher - set and retrieve the SSL cipher associated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s);
+ int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get0_cipher() retrieves the cipher that was used by the connection when the session was created, or NULL if it cannot be determined.</p>
+
+<p>The value returned is a pointer to an object maintained within <b>s</b> and should not be released.</p>
+
+<p>SSL_SESSION_set_cipher() can be used to set the ciphersuite associated with the SSL_SESSION <b>s</b> to <b>cipher</b>. For example, this could be used to set up a session based PSK (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get0_cipher() returns the SSL_CIPHER associated with the SSL_SESSION or NULL if it cannot be determined.</p>
+
+<p>SSL_SESSION_set_cipher() returns 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_get0_hostname.html">SSL_SESSION_get0_hostname(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_get0_cipher() function was added in OpenSSL 1.1.0. The SSL_SESSION_set_cipher() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_hostname.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_hostname.html
new file mode 100644
index 000000000..762478d61
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_hostname.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_hostname</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_hostname, SSL_SESSION_set1_hostname, SSL_SESSION_get0_alpn_selected, SSL_SESSION_set1_alpn_selected - get and set SNI and ALPN data ssociated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
+ int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname);
+
+ void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
+                                     const unsigned char **alpn,
+                                     size_t *len);
+ int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
+                                    size_t len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the client when the session was created, or NULL if no value was sent.</p>
+
+<p>The value returned is a pointer to memory maintained within <b>s</b> and should not be free&#39;d.</p>
+
+<p>SSL_SESSION_set1_hostname() sets the SNI value for the hostname to a copy of the string provided in hostname.</p>
+
+<p>SSL_SESSION_get0_alpn_selected() retrieves the selected ALPN protocol for this session and its associated length in bytes. The returned value of <b>*alpn</b> is a pointer to memory maintained within <b>s</b> and should not be free&#39;d.</p>
+
+<p>SSL_SESSION_set1_alpn_selected() sets the ALPN protocol for this session to the value in <b>alpn</b> which should be of length <b>len</b> bytes. A copy of the input value is made, and the caller retains ownership of the memory pointed to by <b>alpn</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get0_hostname() returns either a string or NULL based on if there is the SNI value sent by client.</p>
+
+<p>SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.</p>
+
+<p>SSL_SESSION_set1_alpn_selected() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_set1_hostname(), SSL_SESSION_get0_alpn_selected() and SSL_SESSION_set1_alpn_selected() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_id_context.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_id_context.html
new file mode 100644
index 000000000..2f1135e92
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_id_context.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_id_context</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_id_context, SSL_SESSION_set1_id_context - get and set the SSL ID context associated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
+                                                  unsigned int *len)
+ int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+                                unsigned int sid_ctx_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>See <a href="../man3/SSL_CTX_set_session_id_context.html">SSL_CTX_set_session_id_context(3)</a> for further details on session ID contexts.</p>
+
+<p>SSL_SESSION_get0_id_context() returns the ID context associated with the SSL/TLS session <b>s</b>. The length of the ID context is written to <b>*len</b> if <b>len</b> is not NULL.</p>
+
+<p>The value returned is a pointer to an object maintained within <b>s</b> and should not be released.</p>
+
+<p>SSL_SESSION_set1_id_context() takes a copy of the provided ID context given in <b>sid_ctx</b> and associates it with the session <b>s</b>. The length of the ID context is given by <b>sid_ctx_len</b> which must not exceed SSL_MAX_SID_CTX_LENGTH bytes.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_set1_id_context() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session_id_context.html">SSL_set_session_id_context(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_get0_id_context() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_peer.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_peer.html
new file mode 100644
index 000000000..4d746a037
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_peer.html
@@ -0,0 +1,56 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_peer</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_peer - get details about peer&#39;s certificate for a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get0_peer() returns the peer certificate associated with the session <b>s</b> or NULL if no peer certificate is available. The caller should not free the returned value (unless <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> has also been called).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get0_peer() returns a pointer to the peer certificate or NULL if no peer certificate is available.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_ticket.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_ticket.html
new file mode 100644
index 000000000..0adca656e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_ticket.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_has_ticket</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_ticket, SSL_SESSION_has_ticket, SSL_SESSION_get_ticket_lifetime_hint - get details about the ticket associated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_has_ticket(const SSL_SESSION *s);
+ unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
+ void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
+                              size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_has_ticket() returns 1 if there is a Session Ticket associated with this session, and 0 otherwise.</p>
+
+<p>SSL_SESSION_get_ticket_lifetime_hint returns the lifetime hint in seconds associated with the session ticket.</p>
+
+<p>SSL_SESSION_get0_ticket obtains a pointer to the ticket associated with a session. The length of the ticket is written to <b>*len</b>. If <b>tick</b> is non NULL then a pointer to the ticket is written to <b>*tick</b>. The pointer is only valid while the connection is in use. The session (and hence the ticket pointer) may also become invalid as a result of a call to SSL_CTX_flush_sessions().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_has_ticket() returns 1 if session ticket exists or 0 otherwise.</p>
+
+<p>SSL_SESSION_get_ticket_lifetime_hint() returns the number of seconds.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_has_ticket(), SSL_SESSION_get_ticket_lifetime_hint() and SSL_SESSION_get0_ticket() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_ticket_appdata.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_ticket_appdata.html
new file mode 100644
index 000000000..3b212e2e5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get0_ticket_appdata.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_ticket_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_ticket_cb, SSL_SESSION_get0_ticket_appdata, SSL_SESSION_set1_ticket_appdata, SSL_CTX_generate_session_ticket_fn, SSL_CTX_decrypt_session_ticket_fn - manage session ticket application data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_CTX_generate_session_ticket_fn)(SSL *s, void *arg);
+ typedef SSL_TICKET_RETURN (*SSL_CTX_decrypt_session_ticket_fn)(SSL *s, SSL_SESSION *ss,
+                                                                const unsigned char *keyname,
+                                                                size_t keyname_len,
+                                                                SSL_TICKET_STATUS status,
+                                                                void *arg);
+ int SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx,
+                                   SSL_CTX_generate_session_ticket_fn gen_cb,
+                                   SSL_CTX_decrypt_session_ticket_fn dec_cb,
+                                   void *arg);
+ int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len);
+ int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_set_session_ticket_cb() sets the application callbacks <b>gen_cb</b> and <b>dec_cb</b> that are used by a server to set and get application data stored with a session, and placed into a session ticket. Either callback function may be set to NULL. The value of <b>arg</b> is passed to the callbacks.</p>
+
+<p><b>gen_cb</b> is the application defined callback invoked when a session ticket is about to be created. The application can call SSL_SESSION_set1_ticket_appdata() at this time to add application data to the session ticket. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>gen_cb</b> callback is defined as type <b>SSL_CTX_generate_session_ticket_fn</b>.</p>
+
+<p><b>dec_cb</b> is the application defined callback invoked after session ticket decryption has been attempted and any session ticket application data is available. If ticket decryption was successful then the <b>ss</b> argument contains the session data. The <b>keyname</b> and <b>keyname_len</b> arguments identify the key used to decrypt the session ticket. The <b>status</b> argument is the result of the ticket decryption. See the <a>NOTES</a> section below for further details. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>dec_cb</b> callback is defined as type <b>SSL_CTX_decrypt_session_ticket_fn</b>.</p>
+
+<p>SSL_SESSION_set1_ticket_appdata() sets the application data specified by <b>data</b> and <b>len</b> into <b>ss</b> which is then placed into any generated session tickets. It can be called at any time before a session ticket is created to update the data placed into the session ticket. However, given that sessions and tickets are created by the handshake, the <b>gen_cb</b> is provided to notify the application that a session ticket is about to be generated.</p>
+
+<p>SSL_SESSION_get0_ticket_appdata() assigns <b>data</b> to the session ticket application data and assigns <b>len</b> to the length of the session ticket application data from <b>ss</b>. The application data can be set via SSL_SESSION_set1_ticket_appdata() or by a session ticket. NULL will be assigned to <b>data</b> and 0 will be assigned to <b>len</b> if there is no session ticket application data. SSL_SESSION_get0_ticket_appdata() can be called any time after a session has been created. The <b>dec_cb</b> is provided to notify the application that a session ticket has just been decrypted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When the <b>dec_cb</b> callback is invoked, the SSL_SESSION <b>ss</b> has not yet been assigned to the SSL <b>s</b>. The <b>status</b> indicates the result of the ticket decryption. The callback must check the <b>status</b> value before performing any action, as it is called even if ticket decryption fails.</p>
+
+<p>The <b>keyname</b> and <b>keyname_len</b> arguments to <b>dec_cb</b> may be used to identify the key that was used to encrypt the session ticket.</p>
+
+<p>The <b>status</b> argument can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_EMPTY">SSL_TICKET_EMPTY</dt>
+<dd>
+
+<p>Empty ticket present. No ticket data will be used and a new ticket should be sent to the client. This only occurs in TLSv1.2 or below. In TLSv1.3 it is not valid for a client to send an empty ticket.</p>
+
+</dd>
+<dt id="SSL_TICKET_NO_DECRYPT">SSL_TICKET_NO_DECRYPT</dt>
+<dd>
+
+<p>The ticket couldn&#39;t be decrypted. No ticket data will be used and a new ticket should be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS">SSL_TICKET_SUCCESS</dt>
+<dd>
+
+<p>A ticket was successfully decrypted, any session ticket application data should be available. A new ticket should not be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS_RENEW">SSL_TICKET_SUCCESS_RENEW</dt>
+<dd>
+
+<p>Same as <b>SSL_TICKET_SUCCESS</b>, but a new ticket should be sent to the client.</p>
+
+</dd>
+</dl>
+
+<p>The return value can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_RETURN_ABORT">SSL_TICKET_RETURN_ABORT</dt>
+<dd>
+
+<p>The handshake should be aborted, either because of an error or because of some policy. Note that in TLSv1.3 a client may send more than one ticket in a single handshake. Therefore just because one ticket is unacceptable it does not mean that all of them are. For this reason this option should be used with caution.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE">SSL_TICKET_RETURN_IGNORE</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Do not send a renewed ticket to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE_RENEW">SSL_TICKET_RETURN_IGNORE_RENEW</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Send a renewed ticket to the client.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE">SSL_TICKET_RETURN_USE</dt>
+<dd>
+
+<p>Use the ticket. Do not send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE_RENEW">SSL_TICKET_RETURN_USE_RENEW</dt>
+<dd>
+
+<p>Use the ticket. Send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+</dd>
+</dl>
+
+<p>If <b>status</b> has the value <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b> then no session data will be available and the callback must not use the <b>ss</b> argument. If <b>status</b> has the value <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b> then the application can call SSL_SESSION_get0_ticket_appdata() using the session provided in the <b>ss</b> argument to retrieve the application data.</p>
+
+<p>When the <b>gen_cb</b> callback is invoked, the SSL_get_session() function can be used to retrieve the SSL_SESSION for SSL_SESSION_set1_ticket_appdata().</p>
+
+<p>By default, in TLSv1.2 and below, a new session ticket is not issued on a successful resumption and therefore <b>gen_cb</b> will not be called. In TLSv1.3 the default behaviour is to always issue a new ticket on resumption. In both cases this behaviour can be changed if a ticket key callback is in use (see <a href="../man3/SSL_CTX_set_tlsext_ticket_key_cb.html">SSL_CTX_set_tlsext_ticket_key_cb(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get0_ticket_appdata() functions return 1 on success and 0 on failure.</p>
+
+<p>The <b>gen_cb</b> callback must return 1 to continue the connection. A return of 0 will terminate the connection with an INTERNAL_ERROR alert.</p>
+
+<p>The <b>dec_cb</b> callback must return a value as described in <a>NOTES</a> above.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get_ticket_appdata() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_compress_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_compress_id.html
new file mode 100644
index 000000000..8a1e7cb10
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_compress_id.html
@@ -0,0 +1,56 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_compress_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_compress_id - get details about the compression associated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>If compression has been negotiated for an ssl session then SSL_SESSION_get_compress_id() will return the id for the compression method or 0 otherwise. The only built-in supported compression method is zlib which has an id of 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_compress_id() returns the id of the compression method or 0 if none.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_ex_data.html
new file mode 100644
index 000000000..1f9482ce4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_ex_data.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data - get and set application specific data on a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
+ void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_set_ex_data() enables an application to store arbitrary application specific data <b>data</b> in an SSL_SESSION structure <b>ss</b>. The index <b>idx</b> should be a value previously returned from a call to <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>SSL_SESSION_get_ex_data() retrieves application specific data previously stored in an SSL_SESSION structure <b>s</b>. The <b>idx</b> value should be the same as that used when originally storing the data.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_set_ex_data() returns 1 for success or 0 for failure.</p>
+
+<p>SSL_SESSION_get_ex_data() returns the previously stored value or NULL on failure. NULL may also be a valid value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_id.html
new file mode 100644
index 000000000..41a6e3a90
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_id.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_set1_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_id, SSL_SESSION_set1_id - get and set the SSL session ID</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+                                         unsigned int *len)
+ int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
+                         unsigned int sid_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_id() returns a pointer to the internal session id value for the session <b>s</b>. The length of the id in bytes is stored in <b>*len</b>. The length may be 0. The caller should not free the returned pointer directly.</p>
+
+<p>SSL_SESSION_set1_id() sets the session ID for the <b>ssl</b> SSL/TLS session to <b>sid</b> of length <b>sid_len</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_id() returns a pointer to the session id value. SSL_SESSION_set1_id() returns 1 for success and 0 for failure, for example if the supplied session ID length exceeds <b>SSL_MAX_SSL_SESSION_ID_LENGTH</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_set1_id() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_master_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_master_key.html
new file mode 100644
index 000000000..036807b3c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_master_key.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_client_random</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key, SSL_SESSION_set1_master_key - get internal TLS/SSL random values and get/set master key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen);
+ size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen);
+ size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
+                                   unsigned char *out, size_t outlen);
+ int SSL_SESSION_set1_master_key(SSL_SESSION *sess, const unsigned char *in,
+                                 size_t len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_client_random() extracts the random value sent from the client to the server during the initial SSL/TLS handshake. It copies as many bytes as it can of this value into the buffer provided in <b>out</b>, which must have at least <b>outlen</b> bytes available. It returns the total number of bytes that were actually copied. If <b>outlen</b> is zero, SSL_get_client_random() copies nothing, and returns the total size of the client_random value.</p>
+
+<p>SSL_get_server_random() behaves the same, but extracts the random value sent from the server to the client during the initial SSL/TLS handshake.</p>
+
+<p>SSL_SESSION_get_master_key() behaves the same, but extracts the master secret used to guarantee the security of the SSL/TLS session. This one can be dangerous if misused; see NOTES below.</p>
+
+<p>SSL_SESSION_set1_master_key() sets the master key value associated with the SSL_SESSION <b>sess</b>. For example, this could be used to set up a session based PSK (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). The master key of length <b>len</b> should be provided at <b>in</b>. The supplied master key is copied by the function, so the caller is responsible for freeing and cleaning any memory associated with <b>in</b>. The caller must ensure that the length of the key is suitable for the ciphersuite associated with the SSL_SESSION.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>You probably shouldn&#39;t use these functions.</p>
+
+<p>These functions expose internal values from the TLS handshake, for use in low-level protocols. You probably should not use them, unless you are implementing something that needs access to the internal protocol details.</p>
+
+<p>Despite the names of SSL_get_client_random() and SSL_get_server_random(), they ARE NOT random number generators. Instead, they return the mostly-random values that were already generated and used in the TLS protocol. Using them in place of RAND_bytes() would be grossly foolish.</p>
+
+<p>The security of your TLS session depends on keeping the master key secret: do not expose it, or any information about it, to anybody. If you need to calculate another secret value that depends on the master secret, you should probably use SSL_export_keying_material() instead, and forget that you ever saw these functions.</p>
+
+<p>In current versions of the TLS protocols, the length of client_random (and also server_random) is always SSL3_RANDOM_SIZE bytes. Support for other outlen arguments to the SSL_get_*_random() functions is provided in case of the unlikely event that a future version or variant of TLS uses some other length there.</p>
+
+<p>Finally, though the &quot;client_random&quot; and &quot;server_random&quot; values are called &quot;random&quot;, many TLS implementations will generate four bytes of those values based on their view of the current time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_set1_master_key() returns 1 on success or 0 on failure.</p>
+
+<p>For the other functions, if <b>outlen</b> is greater than 0 then these functions return the number of bytes actually copied, which will be less than or equal to <b>outlen</b>. If <b>outlen</b> is 0 then these functions return the maximum number of bytes they would copy -- that is, the length of the underlying field.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_max_fragment_length.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_max_fragment_length.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_max_fragment_length.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_protocol_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_protocol_version.html
new file mode 100644
index 000000000..8ff5f725e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_protocol_version.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_protocol_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_protocol_version, SSL_SESSION_set_protocol_version - get and set the session protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_get_protocol_version(const SSL_SESSION *s);
+ int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_protocol_version() returns the protocol version number used by session <b>s</b>.</p>
+
+<p>SSL_SESSION_set_protocol_version() sets the protocol version associated with the SSL_SESSION object <b>s</b> to the value <b>version</b>. This value should be a version constant such as <b>TLS1_3_VERSION</b> etc. For example, this could be used to set up a session based PSK (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_protocol_version() returns a number indicating the protocol version used for the session; this number matches the constants <i>e.g.</i> <b>TLS1_VERSION</b>, <b>TLS1_2_VERSION</b> or <b>TLS1_3_VERSION</b>.</p>
+
+<p>Note that the SSL_SESSION_get_protocol_version() function does <b>not</b> perform a null check on the provided session <b>s</b> pointer.</p>
+
+<p>SSL_SESSION_set_protocol_version() returns 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_get_protocol_version() function was added in OpenSSL 1.1.0. The SSL_SESSION_set_protocol_version() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_ticket_lifetime_hint.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_ticket_lifetime_hint.html
new file mode 100644
index 000000000..0adca656e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_ticket_lifetime_hint.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_has_ticket</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_ticket, SSL_SESSION_has_ticket, SSL_SESSION_get_ticket_lifetime_hint - get details about the ticket associated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_has_ticket(const SSL_SESSION *s);
+ unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
+ void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
+                              size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_has_ticket() returns 1 if there is a Session Ticket associated with this session, and 0 otherwise.</p>
+
+<p>SSL_SESSION_get_ticket_lifetime_hint returns the lifetime hint in seconds associated with the session ticket.</p>
+
+<p>SSL_SESSION_get0_ticket obtains a pointer to the ticket associated with a session. The length of the ticket is written to <b>*len</b>. If <b>tick</b> is non NULL then a pointer to the ticket is written to <b>*tick</b>. The pointer is only valid while the connection is in use. The session (and hence the ticket pointer) may also become invalid as a result of a call to SSL_CTX_flush_sessions().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_has_ticket() returns 1 if session ticket exists or 0 otherwise.</p>
+
+<p>SSL_SESSION_get_ticket_lifetime_hint() returns the number of seconds.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_has_ticket(), SSL_SESSION_get_ticket_lifetime_hint() and SSL_SESSION_get0_ticket() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_time.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_time.html
new file mode 100644
index 000000000..d4c3a8446
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_time.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout, SSL_get_time, SSL_set_time, SSL_get_timeout, SSL_set_timeout - retrieve and manipulate session time and timeout settings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_time() returns the time at which the session <b>s</b> was established. The time is given in seconds since the Epoch and therefore compatible to the time delivered by the time() call.</p>
+
+<p>SSL_SESSION_set_time() replaces the creation time of the session <b>s</b> with the chosen value <b>tm</b>.</p>
+
+<p>SSL_SESSION_get_timeout() returns the timeout value set for session <b>s</b> in seconds.</p>
+
+<p>SSL_SESSION_set_timeout() sets the timeout value for session <b>s</b> in seconds to <b>tm</b>.</p>
+
+<p>The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout() functions are synonyms for the SSL_SESSION_*() counterparts.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are expired by examining the creation time and the timeout value. Both are set at creation time of the session to the actual time and the default timeout value at creation, respectively, as set by <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>. Using these functions it is possible to extend or shorten the lifetime of the session.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently valid values.</p>
+
+<p>SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.</p>
+
+<p>If any of the function is passed the NULL pointer for the session <b>s</b>, 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_timeout.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_timeout.html
new file mode 100644
index 000000000..d4c3a8446
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_get_timeout.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout, SSL_get_time, SSL_set_time, SSL_get_timeout, SSL_set_timeout - retrieve and manipulate session time and timeout settings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_time() returns the time at which the session <b>s</b> was established. The time is given in seconds since the Epoch and therefore compatible to the time delivered by the time() call.</p>
+
+<p>SSL_SESSION_set_time() replaces the creation time of the session <b>s</b> with the chosen value <b>tm</b>.</p>
+
+<p>SSL_SESSION_get_timeout() returns the timeout value set for session <b>s</b> in seconds.</p>
+
+<p>SSL_SESSION_set_timeout() sets the timeout value for session <b>s</b> in seconds to <b>tm</b>.</p>
+
+<p>The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout() functions are synonyms for the SSL_SESSION_*() counterparts.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are expired by examining the creation time and the timeout value. Both are set at creation time of the session to the actual time and the default timeout value at creation, respectively, as set by <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>. Using these functions it is possible to extend or shorten the lifetime of the session.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently valid values.</p>
+
+<p>SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.</p>
+
+<p>If any of the function is passed the NULL pointer for the session <b>s</b>, 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_has_ticket.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_has_ticket.html
new file mode 100644
index 000000000..0adca656e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_has_ticket.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_has_ticket</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_ticket, SSL_SESSION_has_ticket, SSL_SESSION_get_ticket_lifetime_hint - get details about the ticket associated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_has_ticket(const SSL_SESSION *s);
+ unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
+ void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
+                              size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_has_ticket() returns 1 if there is a Session Ticket associated with this session, and 0 otherwise.</p>
+
+<p>SSL_SESSION_get_ticket_lifetime_hint returns the lifetime hint in seconds associated with the session ticket.</p>
+
+<p>SSL_SESSION_get0_ticket obtains a pointer to the ticket associated with a session. The length of the ticket is written to <b>*len</b>. If <b>tick</b> is non NULL then a pointer to the ticket is written to <b>*tick</b>. The pointer is only valid while the connection is in use. The session (and hence the ticket pointer) may also become invalid as a result of a call to SSL_CTX_flush_sessions().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_has_ticket() returns 1 if session ticket exists or 0 otherwise.</p>
+
+<p>SSL_SESSION_get_ticket_lifetime_hint() returns the number of seconds.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_has_ticket(), SSL_SESSION_get_ticket_lifetime_hint() and SSL_SESSION_get0_ticket() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_is_resumable.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_is_resumable.html
new file mode 100644
index 000000000..86ba2d3f6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_is_resumable.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_is_resumable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_is_resumable - determine whether an SSL_SESSION object can be used for resumption</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_is_resumable(const SSL_SESSION *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_is_resumable() determines whether an SSL_SESSION object can be used to resume a session or not. Returns 1 if it can or 0 if not. Note that attempting to resume with a non-resumable session will result in a full handshake.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_is_resumable() returns 1 if the session is resumable or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>, <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_is_resumable() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_new.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_new.html
new file mode 100644
index 000000000..cf959d3ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_new.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_new, SSL_SESSION_dup, SSL_SESSION_up_ref, SSL_SESSION_free - create, free and manage SSL_SESSION structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *SSL_SESSION_new(void);
+ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src);
+ int SSL_SESSION_up_ref(SSL_SESSION *ses);
+ void SSL_SESSION_free(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_new() creates a new SSL_SESSION structure and returns a pointer to it.</p>
+
+<p>SSL_SESSION_dup() copies the contents of the SSL_SESSION structure in <b>src</b> and returns a pointer to it.</p>
+
+<p>SSL_SESSION_up_ref() increments the reference count on the given SSL_SESSION structure.</p>
+
+<p>SSL_SESSION_free() decrements the reference count of <b>session</b> and removes the <b>SSL_SESSION</b> structure pointed to by <b>session</b> and frees up the allocated memory, if the reference count has reached 0. If <b>session</b> is NULL nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_SESSION objects are allocated, when a TLS/SSL handshake operation is successfully completed. Depending on the settings, see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, the SSL_SESSION objects are internally referenced by the SSL_CTX and linked into its session cache. SSL objects may be using the SSL_SESSION object; as a session may be reused, several SSL objects may be using one SSL_SESSION object at the same time. It is therefore crucial to keep the reference count (usage information) correct and not delete a SSL_SESSION object that is still used, as this may lead to program failures due to dangling pointers. These failures may also appear delayed, e.g. when an SSL_SESSION object was completely freed as the reference count incorrectly became 0, but it is still referenced in the internal session cache and the cache list is processed during a <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> operation.</p>
+
+<p>SSL_SESSION_free() must only be called for SSL_SESSION objects, for which the reference count was explicitly incremented (e.g. by calling SSL_get1_session(), see <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>) or when the SSL_SESSION object was generated outside a TLS handshake operation, e.g. by using <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>. It must not be called on other SSL_SESSION objects, as this would cause incorrect reference counts and therefore program failures.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_new returns a pointer to the newly allocated SSL_SESSION structure or NULL on error.</p>
+
+<p>SSL_SESSION_up_ref returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_dup() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print.html
new file mode 100644
index 000000000..a55566d34
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_print, SSL_SESSION_print_fp, SSL_SESSION_print_keylog - printf information about a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
+ int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
+ int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_print() prints summary information about the session provided in <b>ses</b> to the BIO <b>fp</b>.</p>
+
+<p>SSL_SESSION_print_fp() does the same as SSL_SESSION_print() except it prints it to the FILE <b>fp</b>.</p>
+
+<p>SSL_SESSION_print_keylog() prints session information to the provided BIO &lt;bp&gt; in NSS keylog format.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_print(), SSL_SESSION_print_fp() and SSL_SESSION_print_keylog return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print_fp.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print_fp.html
new file mode 100644
index 000000000..a55566d34
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print_fp.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_print, SSL_SESSION_print_fp, SSL_SESSION_print_keylog - printf information about a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
+ int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
+ int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_print() prints summary information about the session provided in <b>ses</b> to the BIO <b>fp</b>.</p>
+
+<p>SSL_SESSION_print_fp() does the same as SSL_SESSION_print() except it prints it to the FILE <b>fp</b>.</p>
+
+<p>SSL_SESSION_print_keylog() prints session information to the provided BIO &lt;bp&gt; in NSS keylog format.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_print(), SSL_SESSION_print_fp() and SSL_SESSION_print_keylog return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print_keylog.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print_keylog.html
new file mode 100644
index 000000000..a55566d34
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_print_keylog.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_print</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_print, SSL_SESSION_print_fp, SSL_SESSION_print_keylog - printf information about a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
+ int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
+ int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_print() prints summary information about the session provided in <b>ses</b> to the BIO <b>fp</b>.</p>
+
+<p>SSL_SESSION_print_fp() does the same as SSL_SESSION_print() except it prints it to the FILE <b>fp</b>.</p>
+
+<p>SSL_SESSION_print_keylog() prints session information to the provided BIO &lt;bp&gt; in NSS keylog format.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_print(), SSL_SESSION_print_fp() and SSL_SESSION_print_keylog return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_alpn_selected.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_alpn_selected.html
new file mode 100644
index 000000000..762478d61
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_alpn_selected.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_hostname</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_hostname, SSL_SESSION_set1_hostname, SSL_SESSION_get0_alpn_selected, SSL_SESSION_set1_alpn_selected - get and set SNI and ALPN data ssociated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
+ int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname);
+
+ void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
+                                     const unsigned char **alpn,
+                                     size_t *len);
+ int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
+                                    size_t len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the client when the session was created, or NULL if no value was sent.</p>
+
+<p>The value returned is a pointer to memory maintained within <b>s</b> and should not be free&#39;d.</p>
+
+<p>SSL_SESSION_set1_hostname() sets the SNI value for the hostname to a copy of the string provided in hostname.</p>
+
+<p>SSL_SESSION_get0_alpn_selected() retrieves the selected ALPN protocol for this session and its associated length in bytes. The returned value of <b>*alpn</b> is a pointer to memory maintained within <b>s</b> and should not be free&#39;d.</p>
+
+<p>SSL_SESSION_set1_alpn_selected() sets the ALPN protocol for this session to the value in <b>alpn</b> which should be of length <b>len</b> bytes. A copy of the input value is made, and the caller retains ownership of the memory pointed to by <b>alpn</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get0_hostname() returns either a string or NULL based on if there is the SNI value sent by client.</p>
+
+<p>SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.</p>
+
+<p>SSL_SESSION_set1_alpn_selected() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_set1_hostname(), SSL_SESSION_get0_alpn_selected() and SSL_SESSION_set1_alpn_selected() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_hostname.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_hostname.html
new file mode 100644
index 000000000..762478d61
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_hostname.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_hostname</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_hostname, SSL_SESSION_set1_hostname, SSL_SESSION_get0_alpn_selected, SSL_SESSION_set1_alpn_selected - get and set SNI and ALPN data ssociated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
+ int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname);
+
+ void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
+                                     const unsigned char **alpn,
+                                     size_t *len);
+ int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
+                                    size_t len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the client when the session was created, or NULL if no value was sent.</p>
+
+<p>The value returned is a pointer to memory maintained within <b>s</b> and should not be free&#39;d.</p>
+
+<p>SSL_SESSION_set1_hostname() sets the SNI value for the hostname to a copy of the string provided in hostname.</p>
+
+<p>SSL_SESSION_get0_alpn_selected() retrieves the selected ALPN protocol for this session and its associated length in bytes. The returned value of <b>*alpn</b> is a pointer to memory maintained within <b>s</b> and should not be free&#39;d.</p>
+
+<p>SSL_SESSION_set1_alpn_selected() sets the ALPN protocol for this session to the value in <b>alpn</b> which should be of length <b>len</b> bytes. A copy of the input value is made, and the caller retains ownership of the memory pointed to by <b>alpn</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get0_hostname() returns either a string or NULL based on if there is the SNI value sent by client.</p>
+
+<p>SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.</p>
+
+<p>SSL_SESSION_set1_alpn_selected() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_set1_hostname(), SSL_SESSION_get0_alpn_selected() and SSL_SESSION_set1_alpn_selected() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_id.html
new file mode 100644
index 000000000..41a6e3a90
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_id.html
@@ -0,0 +1,66 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_set1_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_id, SSL_SESSION_set1_id - get and set the SSL session ID</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+                                         unsigned int *len)
+ int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
+                         unsigned int sid_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_id() returns a pointer to the internal session id value for the session <b>s</b>. The length of the id in bytes is stored in <b>*len</b>. The length may be 0. The caller should not free the returned pointer directly.</p>
+
+<p>SSL_SESSION_set1_id() sets the session ID for the <b>ssl</b> SSL/TLS session to <b>sid</b> of length <b>sid_len</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_id() returns a pointer to the session id value. SSL_SESSION_set1_id() returns 1 for success and 0 for failure, for example if the supplied session ID length exceeds <b>SSL_MAX_SSL_SESSION_ID_LENGTH</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_set1_id() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_id_context.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_id_context.html
new file mode 100644
index 000000000..2f1135e92
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_id_context.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_id_context</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_id_context, SSL_SESSION_set1_id_context - get and set the SSL ID context associated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
+                                                  unsigned int *len)
+ int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+                                unsigned int sid_ctx_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>See <a href="../man3/SSL_CTX_set_session_id_context.html">SSL_CTX_set_session_id_context(3)</a> for further details on session ID contexts.</p>
+
+<p>SSL_SESSION_get0_id_context() returns the ID context associated with the SSL/TLS session <b>s</b>. The length of the ID context is written to <b>*len</b> if <b>len</b> is not NULL.</p>
+
+<p>The value returned is a pointer to an object maintained within <b>s</b> and should not be released.</p>
+
+<p>SSL_SESSION_set1_id_context() takes a copy of the provided ID context given in <b>sid_ctx</b> and associates it with the session <b>s</b>. The length of the ID context is given by <b>sid_ctx_len</b> which must not exceed SSL_MAX_SID_CTX_LENGTH bytes.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_set1_id_context() returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session_id_context.html">SSL_set_session_id_context(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_get0_id_context() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_master_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_master_key.html
new file mode 100644
index 000000000..036807b3c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_master_key.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_client_random</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key, SSL_SESSION_set1_master_key - get internal TLS/SSL random values and get/set master key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen);
+ size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen);
+ size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
+                                   unsigned char *out, size_t outlen);
+ int SSL_SESSION_set1_master_key(SSL_SESSION *sess, const unsigned char *in,
+                                 size_t len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_client_random() extracts the random value sent from the client to the server during the initial SSL/TLS handshake. It copies as many bytes as it can of this value into the buffer provided in <b>out</b>, which must have at least <b>outlen</b> bytes available. It returns the total number of bytes that were actually copied. If <b>outlen</b> is zero, SSL_get_client_random() copies nothing, and returns the total size of the client_random value.</p>
+
+<p>SSL_get_server_random() behaves the same, but extracts the random value sent from the server to the client during the initial SSL/TLS handshake.</p>
+
+<p>SSL_SESSION_get_master_key() behaves the same, but extracts the master secret used to guarantee the security of the SSL/TLS session. This one can be dangerous if misused; see NOTES below.</p>
+
+<p>SSL_SESSION_set1_master_key() sets the master key value associated with the SSL_SESSION <b>sess</b>. For example, this could be used to set up a session based PSK (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). The master key of length <b>len</b> should be provided at <b>in</b>. The supplied master key is copied by the function, so the caller is responsible for freeing and cleaning any memory associated with <b>in</b>. The caller must ensure that the length of the key is suitable for the ciphersuite associated with the SSL_SESSION.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>You probably shouldn&#39;t use these functions.</p>
+
+<p>These functions expose internal values from the TLS handshake, for use in low-level protocols. You probably should not use them, unless you are implementing something that needs access to the internal protocol details.</p>
+
+<p>Despite the names of SSL_get_client_random() and SSL_get_server_random(), they ARE NOT random number generators. Instead, they return the mostly-random values that were already generated and used in the TLS protocol. Using them in place of RAND_bytes() would be grossly foolish.</p>
+
+<p>The security of your TLS session depends on keeping the master key secret: do not expose it, or any information about it, to anybody. If you need to calculate another secret value that depends on the master secret, you should probably use SSL_export_keying_material() instead, and forget that you ever saw these functions.</p>
+
+<p>In current versions of the TLS protocols, the length of client_random (and also server_random) is always SSL3_RANDOM_SIZE bytes. Support for other outlen arguments to the SSL_get_*_random() functions is provided in case of the unlikely event that a future version or variant of TLS uses some other length there.</p>
+
+<p>Finally, though the &quot;client_random&quot; and &quot;server_random&quot; values are called &quot;random&quot;, many TLS implementations will generate four bytes of those values based on their view of the current time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_set1_master_key() returns 1 on success or 0 on failure.</p>
+
+<p>For the other functions, if <b>outlen</b> is greater than 0 then these functions return the number of bytes actually copied, which will be less than or equal to <b>outlen</b>. If <b>outlen</b> is 0 then these functions return the maximum number of bytes they would copy -- that is, the length of the underlying field.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_ticket_appdata.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_ticket_appdata.html
new file mode 100644
index 000000000..3b212e2e5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set1_ticket_appdata.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_ticket_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_ticket_cb, SSL_SESSION_get0_ticket_appdata, SSL_SESSION_set1_ticket_appdata, SSL_CTX_generate_session_ticket_fn, SSL_CTX_decrypt_session_ticket_fn - manage session ticket application data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_CTX_generate_session_ticket_fn)(SSL *s, void *arg);
+ typedef SSL_TICKET_RETURN (*SSL_CTX_decrypt_session_ticket_fn)(SSL *s, SSL_SESSION *ss,
+                                                                const unsigned char *keyname,
+                                                                size_t keyname_len,
+                                                                SSL_TICKET_STATUS status,
+                                                                void *arg);
+ int SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx,
+                                   SSL_CTX_generate_session_ticket_fn gen_cb,
+                                   SSL_CTX_decrypt_session_ticket_fn dec_cb,
+                                   void *arg);
+ int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len);
+ int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_set_session_ticket_cb() sets the application callbacks <b>gen_cb</b> and <b>dec_cb</b> that are used by a server to set and get application data stored with a session, and placed into a session ticket. Either callback function may be set to NULL. The value of <b>arg</b> is passed to the callbacks.</p>
+
+<p><b>gen_cb</b> is the application defined callback invoked when a session ticket is about to be created. The application can call SSL_SESSION_set1_ticket_appdata() at this time to add application data to the session ticket. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>gen_cb</b> callback is defined as type <b>SSL_CTX_generate_session_ticket_fn</b>.</p>
+
+<p><b>dec_cb</b> is the application defined callback invoked after session ticket decryption has been attempted and any session ticket application data is available. If ticket decryption was successful then the <b>ss</b> argument contains the session data. The <b>keyname</b> and <b>keyname_len</b> arguments identify the key used to decrypt the session ticket. The <b>status</b> argument is the result of the ticket decryption. See the <a>NOTES</a> section below for further details. The value of <b>arg</b> is the same as that given to SSL_CTX_set_session_ticket_cb(). The <b>dec_cb</b> callback is defined as type <b>SSL_CTX_decrypt_session_ticket_fn</b>.</p>
+
+<p>SSL_SESSION_set1_ticket_appdata() sets the application data specified by <b>data</b> and <b>len</b> into <b>ss</b> which is then placed into any generated session tickets. It can be called at any time before a session ticket is created to update the data placed into the session ticket. However, given that sessions and tickets are created by the handshake, the <b>gen_cb</b> is provided to notify the application that a session ticket is about to be generated.</p>
+
+<p>SSL_SESSION_get0_ticket_appdata() assigns <b>data</b> to the session ticket application data and assigns <b>len</b> to the length of the session ticket application data from <b>ss</b>. The application data can be set via SSL_SESSION_set1_ticket_appdata() or by a session ticket. NULL will be assigned to <b>data</b> and 0 will be assigned to <b>len</b> if there is no session ticket application data. SSL_SESSION_get0_ticket_appdata() can be called any time after a session has been created. The <b>dec_cb</b> is provided to notify the application that a session ticket has just been decrypted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When the <b>dec_cb</b> callback is invoked, the SSL_SESSION <b>ss</b> has not yet been assigned to the SSL <b>s</b>. The <b>status</b> indicates the result of the ticket decryption. The callback must check the <b>status</b> value before performing any action, as it is called even if ticket decryption fails.</p>
+
+<p>The <b>keyname</b> and <b>keyname_len</b> arguments to <b>dec_cb</b> may be used to identify the key that was used to encrypt the session ticket.</p>
+
+<p>The <b>status</b> argument can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_EMPTY">SSL_TICKET_EMPTY</dt>
+<dd>
+
+<p>Empty ticket present. No ticket data will be used and a new ticket should be sent to the client. This only occurs in TLSv1.2 or below. In TLSv1.3 it is not valid for a client to send an empty ticket.</p>
+
+</dd>
+<dt id="SSL_TICKET_NO_DECRYPT">SSL_TICKET_NO_DECRYPT</dt>
+<dd>
+
+<p>The ticket couldn&#39;t be decrypted. No ticket data will be used and a new ticket should be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS">SSL_TICKET_SUCCESS</dt>
+<dd>
+
+<p>A ticket was successfully decrypted, any session ticket application data should be available. A new ticket should not be sent to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_SUCCESS_RENEW">SSL_TICKET_SUCCESS_RENEW</dt>
+<dd>
+
+<p>Same as <b>SSL_TICKET_SUCCESS</b>, but a new ticket should be sent to the client.</p>
+
+</dd>
+</dl>
+
+<p>The return value can be any of these values:</p>
+
+<dl>
+
+<dt id="SSL_TICKET_RETURN_ABORT">SSL_TICKET_RETURN_ABORT</dt>
+<dd>
+
+<p>The handshake should be aborted, either because of an error or because of some policy. Note that in TLSv1.3 a client may send more than one ticket in a single handshake. Therefore just because one ticket is unacceptable it does not mean that all of them are. For this reason this option should be used with caution.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE">SSL_TICKET_RETURN_IGNORE</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Do not send a renewed ticket to the client.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_IGNORE_RENEW">SSL_TICKET_RETURN_IGNORE_RENEW</dt>
+<dd>
+
+<p>Do not use a ticket (if one was available). Send a renewed ticket to the client.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE">SSL_TICKET_RETURN_USE</dt>
+<dd>
+
+<p>Use the ticket. Do not send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS</b>.</p>
+
+</dd>
+<dt id="SSL_TICKET_RETURN_USE_RENEW">SSL_TICKET_RETURN_USE_RENEW</dt>
+<dd>
+
+<p>Use the ticket. Send a renewed ticket to the client. It is an error for the callback to return this value if <b>status</b> has a value other than <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+<p>If the callback does not wish to change the default ticket behaviour then it should return this value if <b>status</b> is <b>SSL_TICKET_SUCCESS_RENEW</b>.</p>
+
+</dd>
+</dl>
+
+<p>If <b>status</b> has the value <b>SSL_TICKET_EMPTY</b> or <b>SSL_TICKET_NO_DECRYPT</b> then no session data will be available and the callback must not use the <b>ss</b> argument. If <b>status</b> has the value <b>SSL_TICKET_SUCCESS</b> or <b>SSL_TICKET_SUCCESS_RENEW</b> then the application can call SSL_SESSION_get0_ticket_appdata() using the session provided in the <b>ss</b> argument to retrieve the application data.</p>
+
+<p>When the <b>gen_cb</b> callback is invoked, the SSL_get_session() function can be used to retrieve the SSL_SESSION for SSL_SESSION_set1_ticket_appdata().</p>
+
+<p>By default, in TLSv1.2 and below, a new session ticket is not issued on a successful resumption and therefore <b>gen_cb</b> will not be called. In TLSv1.3 the default behaviour is to always issue a new ticket on resumption. In both cases this behaviour can be changed if a ticket key callback is in use (see <a href="../man3/SSL_CTX_set_tlsext_ticket_key_cb.html">SSL_CTX_set_tlsext_ticket_key_cb(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get0_ticket_appdata() functions return 1 on success and 0 on failure.</p>
+
+<p>The <b>gen_cb</b> callback must return 1 to continue the connection. A return of 0 will terminate the connection with an INTERNAL_ERROR alert.</p>
+
+<p>The <b>dec_cb</b> callback must return a value as described in <a>NOTES</a> above.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_session_ticket_cb(), SSSL_SESSION_set1_ticket_appdata() and SSL_SESSION_get_ticket_appdata() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_cipher.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_cipher.html
new file mode 100644
index 000000000..6bd9c98f5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_cipher.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get0_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get0_cipher, SSL_SESSION_set_cipher - set and retrieve the SSL cipher associated with a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s);
+ int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get0_cipher() retrieves the cipher that was used by the connection when the session was created, or NULL if it cannot be determined.</p>
+
+<p>The value returned is a pointer to an object maintained within <b>s</b> and should not be released.</p>
+
+<p>SSL_SESSION_set_cipher() can be used to set the ciphersuite associated with the SSL_SESSION <b>s</b> to <b>cipher</b>. For example, this could be used to set up a session based PSK (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get0_cipher() returns the SSL_CIPHER associated with the SSL_SESSION or NULL if it cannot be determined.</p>
+
+<p>SSL_SESSION_set_cipher() returns 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_SESSION_get0_hostname.html">SSL_SESSION_get0_hostname(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_get0_cipher() function was added in OpenSSL 1.1.0. The SSL_SESSION_set_cipher() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_ex_data.html
new file mode 100644
index 000000000..1f9482ce4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_ex_data.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data - get and set application specific data on a session</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
+ void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_set_ex_data() enables an application to store arbitrary application specific data <b>data</b> in an SSL_SESSION structure <b>ss</b>. The index <b>idx</b> should be a value previously returned from a call to <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>SSL_SESSION_get_ex_data() retrieves application specific data previously stored in an SSL_SESSION structure <b>s</b>. The <b>idx</b> value should be the same as that used when originally storing the data.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_set_ex_data() returns 1 for success or 0 for failure.</p>
+
+<p>SSL_SESSION_get_ex_data() returns the previously stored value or NULL on failure. NULL may also be a valid value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_protocol_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_protocol_version.html
new file mode 100644
index 000000000..8ff5f725e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_protocol_version.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_protocol_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_protocol_version, SSL_SESSION_set_protocol_version - get and set the session protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_SESSION_get_protocol_version(const SSL_SESSION *s);
+ int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_protocol_version() returns the protocol version number used by session <b>s</b>.</p>
+
+<p>SSL_SESSION_set_protocol_version() sets the protocol version associated with the SSL_SESSION object <b>s</b> to the value <b>version</b>. This value should be a version constant such as <b>TLS1_3_VERSION</b> etc. For example, this could be used to set up a session based PSK (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_protocol_version() returns a number indicating the protocol version used for the session; this number matches the constants <i>e.g.</i> <b>TLS1_VERSION</b>, <b>TLS1_2_VERSION</b> or <b>TLS1_3_VERSION</b>.</p>
+
+<p>Note that the SSL_SESSION_get_protocol_version() function does <b>not</b> perform a null check on the provided session <b>s</b> pointer.</p>
+
+<p>SSL_SESSION_set_protocol_version() returns 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_get_protocol_version() function was added in OpenSSL 1.1.0. The SSL_SESSION_set_protocol_version() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_time.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_time.html
new file mode 100644
index 000000000..d4c3a8446
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_time.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout, SSL_get_time, SSL_set_time, SSL_get_timeout, SSL_set_timeout - retrieve and manipulate session time and timeout settings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_time() returns the time at which the session <b>s</b> was established. The time is given in seconds since the Epoch and therefore compatible to the time delivered by the time() call.</p>
+
+<p>SSL_SESSION_set_time() replaces the creation time of the session <b>s</b> with the chosen value <b>tm</b>.</p>
+
+<p>SSL_SESSION_get_timeout() returns the timeout value set for session <b>s</b> in seconds.</p>
+
+<p>SSL_SESSION_set_timeout() sets the timeout value for session <b>s</b> in seconds to <b>tm</b>.</p>
+
+<p>The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout() functions are synonyms for the SSL_SESSION_*() counterparts.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are expired by examining the creation time and the timeout value. Both are set at creation time of the session to the actual time and the default timeout value at creation, respectively, as set by <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>. Using these functions it is possible to extend or shorten the lifetime of the session.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently valid values.</p>
+
+<p>SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.</p>
+
+<p>If any of the function is passed the NULL pointer for the session <b>s</b>, 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_timeout.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_timeout.html
new file mode 100644
index 000000000..d4c3a8446
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_set_timeout.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout, SSL_get_time, SSL_set_time, SSL_get_timeout, SSL_set_timeout - retrieve and manipulate session time and timeout settings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_time() returns the time at which the session <b>s</b> was established. The time is given in seconds since the Epoch and therefore compatible to the time delivered by the time() call.</p>
+
+<p>SSL_SESSION_set_time() replaces the creation time of the session <b>s</b> with the chosen value <b>tm</b>.</p>
+
+<p>SSL_SESSION_get_timeout() returns the timeout value set for session <b>s</b> in seconds.</p>
+
+<p>SSL_SESSION_set_timeout() sets the timeout value for session <b>s</b> in seconds to <b>tm</b>.</p>
+
+<p>The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout() functions are synonyms for the SSL_SESSION_*() counterparts.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are expired by examining the creation time and the timeout value. Both are set at creation time of the session to the actual time and the default timeout value at creation, respectively, as set by <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>. Using these functions it is possible to extend or shorten the lifetime of the session.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently valid values.</p>
+
+<p>SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.</p>
+
+<p>If any of the function is passed the NULL pointer for the session <b>s</b>, 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_up_ref.html
new file mode 100644
index 000000000..cf959d3ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_SESSION_up_ref.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_new, SSL_SESSION_dup, SSL_SESSION_up_ref, SSL_SESSION_free - create, free and manage SSL_SESSION structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *SSL_SESSION_new(void);
+ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src);
+ int SSL_SESSION_up_ref(SSL_SESSION *ses);
+ void SSL_SESSION_free(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_new() creates a new SSL_SESSION structure and returns a pointer to it.</p>
+
+<p>SSL_SESSION_dup() copies the contents of the SSL_SESSION structure in <b>src</b> and returns a pointer to it.</p>
+
+<p>SSL_SESSION_up_ref() increments the reference count on the given SSL_SESSION structure.</p>
+
+<p>SSL_SESSION_free() decrements the reference count of <b>session</b> and removes the <b>SSL_SESSION</b> structure pointed to by <b>session</b> and frees up the allocated memory, if the reference count has reached 0. If <b>session</b> is NULL nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_SESSION objects are allocated, when a TLS/SSL handshake operation is successfully completed. Depending on the settings, see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, the SSL_SESSION objects are internally referenced by the SSL_CTX and linked into its session cache. SSL objects may be using the SSL_SESSION object; as a session may be reused, several SSL objects may be using one SSL_SESSION object at the same time. It is therefore crucial to keep the reference count (usage information) correct and not delete a SSL_SESSION object that is still used, as this may lead to program failures due to dangling pointers. These failures may also appear delayed, e.g. when an SSL_SESSION object was completely freed as the reference count incorrectly became 0, but it is still referenced in the internal session cache and the cache list is processed during a <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a> operation.</p>
+
+<p>SSL_SESSION_free() must only be called for SSL_SESSION objects, for which the reference count was explicitly incremented (e.g. by calling SSL_get1_session(), see <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>) or when the SSL_SESSION object was generated outside a TLS handshake operation, e.g. by using <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>. It must not be called on other SSL_SESSION objects, as this would cause incorrect reference counts and therefore program failures.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_new returns a pointer to the newly allocated SSL_SESSION structure or NULL on error.</p>
+
+<p>SSL_SESSION_up_ref returns 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_SESSION_dup() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_accept.html b/msys2/usr/share/doc/openssl/html/man3/SSL_accept.html
new file mode 100644
index 000000000..908240ef5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_accept.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_accept</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_accept - wait for a TLS/SSL client to initiate a TLS/SSL handshake</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_accept(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_accept() waits for a TLS/SSL client to initiate the TLS/SSL handshake. The communication channel must already have been set and assigned to the <b>ssl</b> by setting an underlying <b>BIO</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of SSL_accept() depends on the underlying BIO.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, SSL_accept() will only return once the handshake has been finished or an error occurred.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b>, SSL_accept() will also return when the underlying BIO could not satisfy the needs of SSL_accept() to continue the handshake, indicating the problem by the return value -1. In this case a call to SSL_get_error() with the return value of SSL_accept() will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. The calling process then must repeat the call after taking appropriate action to satisfy the needs of SSL_accept(). The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value <b>ret</b> to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established.</p>
+
+</dd>
+<dt id="pod01">&lt;0</dt>
+<dd>
+
+<p>The TLS/SSL handshake was not successful because a fatal error occurred either at the protocol level or a connection failure occurred. The shutdown was not clean. It can also occur of action is need to continue the operation for non-blocking BIOs. Call SSL_get_error() with the return value <b>ret</b> to find out the reason.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_add0_chain_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_add0_chain_cert.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_add0_chain_cert.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_add1_chain_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_add1_chain_cert.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_add1_chain_cert.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_add1_host.html b/msys2/usr/share/doc/openssl/html/man3/SSL_add1_host.html
new file mode 100644
index 000000000..84dbeba9e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_add1_host.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set1_host</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set1_host, SSL_add1_host, SSL_set_hostflags, SSL_get0_peername - SSL server verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set1_host(SSL *s, const char *hostname);
+ int SSL_add1_host(SSL *s, const char *hostname);
+ void SSL_set_hostflags(SSL *s, unsigned int flags);
+ const char *SSL_get0_peername(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions configure server hostname checks in the SSL client.</p>
+
+<p>SSL_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or the empty string the list of hostnames is cleared, and name checks are not performed on the peer certificate. When a non-empty <b>name</b> is specified, certificate verification automatically checks the peer hostname via <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with <b>flags</b> as specified via SSL_set_hostflags(). Clients that enable DANE TLSA authentication via <a href="../man3/SSL_dane_enable.html">SSL_dane_enable(3)</a> should leave it to that function to set the primary reference identifier of the peer, and should not call SSL_set1_host().</p>
+
+<p>SSL_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via SSL_set1_host() or SSL_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches. This function is required for DANE TLSA in the presence of service name indirection via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or RFC7673.</p>
+
+<p>SSL_set_hostflags() sets the <b>flags</b> that will be passed to <a href="../man3/X509_check_host.html">X509_check_host(3)</a> when name checks are applicable, by default the <b>flags</b> value is 0. See <a href="../man3/X509_check_host.html">X509_check_host(3)</a> for the list of available flags and their meaning.</p>
+
+<p>SSL_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, the name matched in the peer certificate may be a wildcard name. When one of the reference identifiers configured via SSL_set1_host() or SSL_add1_host() starts with &quot;.&quot;, which indicates a parent domain prefix rather than a fixed name, the matched peer name may be a sub-domain of the reference identifier. The returned string is allocated by the library and is no longer valid once the associated <b>ssl</b> handle is cleared or freed, or a renegotiation takes place. Applications must not free the return value.</p>
+
+<p>SSL clients are advised to use these functions in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>. Hostname checks may be out of scope with the RFC7671 DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE is enabled.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set1_host() and SSL_add1_host() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peername() returns NULL if peername verification is not applicable (as with RFC7671 DANE-EE(3)), or no trusted peername was matched. Otherwise, it returns the matched peername. To determine whether verification succeeded call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;. The calls below will arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+ if (!SSL_set1_host(ssl, &quot;smtp.example.com&quot;))
+     /* error */
+ if (!SSL_add1_host(ssl, &quot;example.com&quot;))
+     /* error */
+
+ /* XXX: Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+
+     if (peername != NULL)
+         /* Name checks were in scope and matched the peername */
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>. <a href="../man3/SSL_dane_enable.html">SSL_dane_enable(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_add1_to_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_add1_to_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_add1_to_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_add_client_CA.html b/msys2/usr/share/doc/openssl/html/man3/SSL_add_client_CA.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_add_client_CA.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_alert_desc_string.html b/msys2/usr/share/doc/openssl/html/man3/SSL_alert_desc_string.html
new file mode 100644
index 000000000..ef7e1041e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_alert_desc_string.html
@@ -0,0 +1,255 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_alert_type_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long - get textual description of alert information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_alert_type_string(int value);
+ const char *SSL_alert_type_string_long(int value);
+
+ const char *SSL_alert_desc_string(int value);
+ const char *SSL_alert_desc_string_long(int value);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_alert_type_string() returns a one letter string indicating the type of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_type_string_long() returns a string indicating the type of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_desc_string() returns a two letter string as a short form describing the reason of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_desc_string_long() returns a string describing the reason of the alert specified by <b>value</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When one side of an SSL/TLS communication wants to inform the peer about a special situation, it sends an alert. The alert is sent as a special message and does not influence the normal data stream (unless its contents results in the communication being canceled).</p>
+
+<p>A warning alert is sent, when a non-fatal error condition occurs. The &quot;close notify&quot; alert is sent as a warning alert. Other examples for non-fatal errors are certificate errors (&quot;certificate expired&quot;, &quot;unsupported certificate&quot;), for which a warning alert may be sent. (The sending party may however decide to send a fatal error.) The receiving side may cancel the connection on reception of a warning alert on it discretion.</p>
+
+<p>Several alert messages must be sent as fatal alert messages as specified by the TLS RFC. A fatal alert always leads to a connection abort.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following strings can occur for SSL_alert_type_string() or SSL_alert_type_string_long():</p>
+
+<dl>
+
+<dt id="W-warning">&quot;W&quot;/&quot;warning&quot;</dt>
+<dd>
+
+</dd>
+<dt id="F-fatal">&quot;F&quot;/&quot;fatal&quot;</dt>
+<dd>
+
+</dd>
+<dt id="U-unknown">&quot;U&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>This indicates that no support is available for this alert type. Probably <b>value</b> does not contain a correct alert message.</p>
+
+</dd>
+</dl>
+
+<p>The following strings can occur for SSL_alert_desc_string() or SSL_alert_desc_string_long():</p>
+
+<dl>
+
+<dt id="CN-close-notify">&quot;CN&quot;/&quot;close notify&quot;</dt>
+<dd>
+
+<p>The connection shall be closed. This is a warning alert.</p>
+
+</dd>
+<dt id="UM-unexpected-message">&quot;UM&quot;/&quot;unexpected message&quot;</dt>
+<dd>
+
+<p>An inappropriate message was received. This alert is always fatal and should never be observed in communication between proper implementations.</p>
+
+</dd>
+<dt id="BM-bad-record-mac">&quot;BM&quot;/&quot;bad record mac&quot;</dt>
+<dd>
+
+<p>This alert is returned if a record is received with an incorrect MAC. This message is always fatal.</p>
+
+</dd>
+<dt id="DF-decompression-failure">&quot;DF&quot;/&quot;decompression failure&quot;</dt>
+<dd>
+
+<p>The decompression function received improper input (e.g. data that would expand to excessive length). This message is always fatal.</p>
+
+</dd>
+<dt id="HF-handshake-failure">&quot;HF&quot;/&quot;handshake failure&quot;</dt>
+<dd>
+
+<p>Reception of a handshake_failure alert message indicates that the sender was unable to negotiate an acceptable set of security parameters given the options available. This is a fatal error.</p>
+
+</dd>
+<dt id="NC-no-certificate">&quot;NC&quot;/&quot;no certificate&quot;</dt>
+<dd>
+
+<p>A client, that was asked to send a certificate, does not send a certificate (SSLv3 only).</p>
+
+</dd>
+<dt id="BC-bad-certificate">&quot;BC&quot;/&quot;bad certificate&quot;</dt>
+<dd>
+
+<p>A certificate was corrupt, contained signatures that did not verify correctly, etc</p>
+
+</dd>
+<dt id="UC-unsupported-certificate">&quot;UC&quot;/&quot;unsupported certificate&quot;</dt>
+<dd>
+
+<p>A certificate was of an unsupported type.</p>
+
+</dd>
+<dt id="CR-certificate-revoked">&quot;CR&quot;/&quot;certificate revoked&quot;</dt>
+<dd>
+
+<p>A certificate was revoked by its signer.</p>
+
+</dd>
+<dt id="CE-certificate-expired">&quot;CE&quot;/&quot;certificate expired&quot;</dt>
+<dd>
+
+<p>A certificate has expired or is not currently valid.</p>
+
+</dd>
+<dt id="CU-certificate-unknown">&quot;CU&quot;/&quot;certificate unknown&quot;</dt>
+<dd>
+
+<p>Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable.</p>
+
+</dd>
+<dt id="IP-illegal-parameter">&quot;IP&quot;/&quot;illegal parameter&quot;</dt>
+<dd>
+
+<p>A field in the handshake was out of range or inconsistent with other fields. This is always fatal.</p>
+
+</dd>
+<dt id="DC-decryption-failed">&quot;DC&quot;/&quot;decryption failed&quot;</dt>
+<dd>
+
+<p>A TLSCiphertext decrypted in an invalid way: either it wasn&#39;t an even multiple of the block length or its padding values, when checked, weren&#39;t correct. This message is always fatal.</p>
+
+</dd>
+<dt id="RO-record-overflow">&quot;RO&quot;/&quot;record overflow&quot;</dt>
+<dd>
+
+<p>A TLSCiphertext record was received which had a length more than 2^14+2048 bytes, or a record decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always fatal.</p>
+
+</dd>
+<dt id="CA-unknown-CA">&quot;CA&quot;/&quot;unknown CA&quot;</dt>
+<dd>
+
+<p>A valid certificate chain or partial chain was received, but the certificate was not accepted because the CA certificate could not be located or couldn&#39;t be matched with a known, trusted CA. This message is always fatal.</p>
+
+</dd>
+<dt id="AD-access-denied">&quot;AD&quot;/&quot;access denied&quot;</dt>
+<dd>
+
+<p>A valid certificate was received, but when access control was applied, the sender decided not to proceed with negotiation. This message is always fatal.</p>
+
+</dd>
+<dt id="DE-decode-error">&quot;DE&quot;/&quot;decode error&quot;</dt>
+<dd>
+
+<p>A message could not be decoded because some field was out of the specified range or the length of the message was incorrect. This message is always fatal.</p>
+
+</dd>
+<dt id="CY-decrypt-error">&quot;CY&quot;/&quot;decrypt error&quot;</dt>
+<dd>
+
+<p>A handshake cryptographic operation failed, including being unable to correctly verify a signature, decrypt a key exchange, or validate a finished message.</p>
+
+</dd>
+<dt id="ER-export-restriction">&quot;ER&quot;/&quot;export restriction&quot;</dt>
+<dd>
+
+<p>A negotiation not in compliance with export restrictions was detected; for example, attempting to transfer a 1024 bit ephemeral RSA key for the RSA_EXPORT handshake method. This message is always fatal.</p>
+
+</dd>
+<dt id="PV-protocol-version">&quot;PV&quot;/&quot;protocol version&quot;</dt>
+<dd>
+
+<p>The protocol version the client has attempted to negotiate is recognized, but not supported. (For example, old protocol versions might be avoided for security reasons). This message is always fatal.</p>
+
+</dd>
+<dt id="IS-insufficient-security">&quot;IS&quot;/&quot;insufficient security&quot;</dt>
+<dd>
+
+<p>Returned instead of handshake_failure when a negotiation has failed specifically because the server requires ciphers more secure than those supported by the client. This message is always fatal.</p>
+
+</dd>
+<dt id="IE-internal-error">&quot;IE&quot;/&quot;internal error&quot;</dt>
+<dd>
+
+<p>An internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue (such as a memory allocation failure). This message is always fatal.</p>
+
+</dd>
+<dt id="US-user-canceled">&quot;US&quot;/&quot;user canceled&quot;</dt>
+<dd>
+
+<p>This handshake is being canceled for some reason unrelated to a protocol failure. If the user cancels an operation after the handshake is complete, just closing the connection by sending a close_notify is more appropriate. This alert should be followed by a close_notify. This message is generally a warning.</p>
+
+</dd>
+<dt id="NR-no-renegotiation">&quot;NR&quot;/&quot;no renegotiation&quot;</dt>
+<dd>
+
+<p>Sent by the client in response to a hello request or by the server in response to a client hello after initial handshaking. Either of these would normally lead to renegotiation; when that is not appropriate, the recipient should respond with this alert; at that point, the original requester can decide whether to proceed with the connection. One case where this would be appropriate would be where a server has spawned a process to satisfy a request; the process might receive security parameters (key length, authentication, etc.) at startup and it might be difficult to communicate changes to these parameters after that point. This message is always a warning.</p>
+
+</dd>
+<dt id="UP-unknown-PSK-identity">&quot;UP&quot;/&quot;unknown PSK identity&quot;</dt>
+<dd>
+
+<p>Sent by the server to indicate that it does not recognize a PSK identity or an SRP identity.</p>
+
+</dd>
+<dt id="UK-unknown">&quot;UK&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>This indicates that no description is available for this alert type. Probably <b>value</b> does not contain a correct alert message.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_info_callback.html">SSL_CTX_set_info_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_alert_desc_string_long.html b/msys2/usr/share/doc/openssl/html/man3/SSL_alert_desc_string_long.html
new file mode 100644
index 000000000..ef7e1041e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_alert_desc_string_long.html
@@ -0,0 +1,255 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_alert_type_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long - get textual description of alert information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_alert_type_string(int value);
+ const char *SSL_alert_type_string_long(int value);
+
+ const char *SSL_alert_desc_string(int value);
+ const char *SSL_alert_desc_string_long(int value);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_alert_type_string() returns a one letter string indicating the type of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_type_string_long() returns a string indicating the type of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_desc_string() returns a two letter string as a short form describing the reason of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_desc_string_long() returns a string describing the reason of the alert specified by <b>value</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When one side of an SSL/TLS communication wants to inform the peer about a special situation, it sends an alert. The alert is sent as a special message and does not influence the normal data stream (unless its contents results in the communication being canceled).</p>
+
+<p>A warning alert is sent, when a non-fatal error condition occurs. The &quot;close notify&quot; alert is sent as a warning alert. Other examples for non-fatal errors are certificate errors (&quot;certificate expired&quot;, &quot;unsupported certificate&quot;), for which a warning alert may be sent. (The sending party may however decide to send a fatal error.) The receiving side may cancel the connection on reception of a warning alert on it discretion.</p>
+
+<p>Several alert messages must be sent as fatal alert messages as specified by the TLS RFC. A fatal alert always leads to a connection abort.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following strings can occur for SSL_alert_type_string() or SSL_alert_type_string_long():</p>
+
+<dl>
+
+<dt id="W-warning">&quot;W&quot;/&quot;warning&quot;</dt>
+<dd>
+
+</dd>
+<dt id="F-fatal">&quot;F&quot;/&quot;fatal&quot;</dt>
+<dd>
+
+</dd>
+<dt id="U-unknown">&quot;U&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>This indicates that no support is available for this alert type. Probably <b>value</b> does not contain a correct alert message.</p>
+
+</dd>
+</dl>
+
+<p>The following strings can occur for SSL_alert_desc_string() or SSL_alert_desc_string_long():</p>
+
+<dl>
+
+<dt id="CN-close-notify">&quot;CN&quot;/&quot;close notify&quot;</dt>
+<dd>
+
+<p>The connection shall be closed. This is a warning alert.</p>
+
+</dd>
+<dt id="UM-unexpected-message">&quot;UM&quot;/&quot;unexpected message&quot;</dt>
+<dd>
+
+<p>An inappropriate message was received. This alert is always fatal and should never be observed in communication between proper implementations.</p>
+
+</dd>
+<dt id="BM-bad-record-mac">&quot;BM&quot;/&quot;bad record mac&quot;</dt>
+<dd>
+
+<p>This alert is returned if a record is received with an incorrect MAC. This message is always fatal.</p>
+
+</dd>
+<dt id="DF-decompression-failure">&quot;DF&quot;/&quot;decompression failure&quot;</dt>
+<dd>
+
+<p>The decompression function received improper input (e.g. data that would expand to excessive length). This message is always fatal.</p>
+
+</dd>
+<dt id="HF-handshake-failure">&quot;HF&quot;/&quot;handshake failure&quot;</dt>
+<dd>
+
+<p>Reception of a handshake_failure alert message indicates that the sender was unable to negotiate an acceptable set of security parameters given the options available. This is a fatal error.</p>
+
+</dd>
+<dt id="NC-no-certificate">&quot;NC&quot;/&quot;no certificate&quot;</dt>
+<dd>
+
+<p>A client, that was asked to send a certificate, does not send a certificate (SSLv3 only).</p>
+
+</dd>
+<dt id="BC-bad-certificate">&quot;BC&quot;/&quot;bad certificate&quot;</dt>
+<dd>
+
+<p>A certificate was corrupt, contained signatures that did not verify correctly, etc</p>
+
+</dd>
+<dt id="UC-unsupported-certificate">&quot;UC&quot;/&quot;unsupported certificate&quot;</dt>
+<dd>
+
+<p>A certificate was of an unsupported type.</p>
+
+</dd>
+<dt id="CR-certificate-revoked">&quot;CR&quot;/&quot;certificate revoked&quot;</dt>
+<dd>
+
+<p>A certificate was revoked by its signer.</p>
+
+</dd>
+<dt id="CE-certificate-expired">&quot;CE&quot;/&quot;certificate expired&quot;</dt>
+<dd>
+
+<p>A certificate has expired or is not currently valid.</p>
+
+</dd>
+<dt id="CU-certificate-unknown">&quot;CU&quot;/&quot;certificate unknown&quot;</dt>
+<dd>
+
+<p>Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable.</p>
+
+</dd>
+<dt id="IP-illegal-parameter">&quot;IP&quot;/&quot;illegal parameter&quot;</dt>
+<dd>
+
+<p>A field in the handshake was out of range or inconsistent with other fields. This is always fatal.</p>
+
+</dd>
+<dt id="DC-decryption-failed">&quot;DC&quot;/&quot;decryption failed&quot;</dt>
+<dd>
+
+<p>A TLSCiphertext decrypted in an invalid way: either it wasn&#39;t an even multiple of the block length or its padding values, when checked, weren&#39;t correct. This message is always fatal.</p>
+
+</dd>
+<dt id="RO-record-overflow">&quot;RO&quot;/&quot;record overflow&quot;</dt>
+<dd>
+
+<p>A TLSCiphertext record was received which had a length more than 2^14+2048 bytes, or a record decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always fatal.</p>
+
+</dd>
+<dt id="CA-unknown-CA">&quot;CA&quot;/&quot;unknown CA&quot;</dt>
+<dd>
+
+<p>A valid certificate chain or partial chain was received, but the certificate was not accepted because the CA certificate could not be located or couldn&#39;t be matched with a known, trusted CA. This message is always fatal.</p>
+
+</dd>
+<dt id="AD-access-denied">&quot;AD&quot;/&quot;access denied&quot;</dt>
+<dd>
+
+<p>A valid certificate was received, but when access control was applied, the sender decided not to proceed with negotiation. This message is always fatal.</p>
+
+</dd>
+<dt id="DE-decode-error">&quot;DE&quot;/&quot;decode error&quot;</dt>
+<dd>
+
+<p>A message could not be decoded because some field was out of the specified range or the length of the message was incorrect. This message is always fatal.</p>
+
+</dd>
+<dt id="CY-decrypt-error">&quot;CY&quot;/&quot;decrypt error&quot;</dt>
+<dd>
+
+<p>A handshake cryptographic operation failed, including being unable to correctly verify a signature, decrypt a key exchange, or validate a finished message.</p>
+
+</dd>
+<dt id="ER-export-restriction">&quot;ER&quot;/&quot;export restriction&quot;</dt>
+<dd>
+
+<p>A negotiation not in compliance with export restrictions was detected; for example, attempting to transfer a 1024 bit ephemeral RSA key for the RSA_EXPORT handshake method. This message is always fatal.</p>
+
+</dd>
+<dt id="PV-protocol-version">&quot;PV&quot;/&quot;protocol version&quot;</dt>
+<dd>
+
+<p>The protocol version the client has attempted to negotiate is recognized, but not supported. (For example, old protocol versions might be avoided for security reasons). This message is always fatal.</p>
+
+</dd>
+<dt id="IS-insufficient-security">&quot;IS&quot;/&quot;insufficient security&quot;</dt>
+<dd>
+
+<p>Returned instead of handshake_failure when a negotiation has failed specifically because the server requires ciphers more secure than those supported by the client. This message is always fatal.</p>
+
+</dd>
+<dt id="IE-internal-error">&quot;IE&quot;/&quot;internal error&quot;</dt>
+<dd>
+
+<p>An internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue (such as a memory allocation failure). This message is always fatal.</p>
+
+</dd>
+<dt id="US-user-canceled">&quot;US&quot;/&quot;user canceled&quot;</dt>
+<dd>
+
+<p>This handshake is being canceled for some reason unrelated to a protocol failure. If the user cancels an operation after the handshake is complete, just closing the connection by sending a close_notify is more appropriate. This alert should be followed by a close_notify. This message is generally a warning.</p>
+
+</dd>
+<dt id="NR-no-renegotiation">&quot;NR&quot;/&quot;no renegotiation&quot;</dt>
+<dd>
+
+<p>Sent by the client in response to a hello request or by the server in response to a client hello after initial handshaking. Either of these would normally lead to renegotiation; when that is not appropriate, the recipient should respond with this alert; at that point, the original requester can decide whether to proceed with the connection. One case where this would be appropriate would be where a server has spawned a process to satisfy a request; the process might receive security parameters (key length, authentication, etc.) at startup and it might be difficult to communicate changes to these parameters after that point. This message is always a warning.</p>
+
+</dd>
+<dt id="UP-unknown-PSK-identity">&quot;UP&quot;/&quot;unknown PSK identity&quot;</dt>
+<dd>
+
+<p>Sent by the server to indicate that it does not recognize a PSK identity or an SRP identity.</p>
+
+</dd>
+<dt id="UK-unknown">&quot;UK&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>This indicates that no description is available for this alert type. Probably <b>value</b> does not contain a correct alert message.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_info_callback.html">SSL_CTX_set_info_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_alert_type_string.html b/msys2/usr/share/doc/openssl/html/man3/SSL_alert_type_string.html
new file mode 100644
index 000000000..ef7e1041e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_alert_type_string.html
@@ -0,0 +1,255 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_alert_type_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long - get textual description of alert information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_alert_type_string(int value);
+ const char *SSL_alert_type_string_long(int value);
+
+ const char *SSL_alert_desc_string(int value);
+ const char *SSL_alert_desc_string_long(int value);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_alert_type_string() returns a one letter string indicating the type of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_type_string_long() returns a string indicating the type of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_desc_string() returns a two letter string as a short form describing the reason of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_desc_string_long() returns a string describing the reason of the alert specified by <b>value</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When one side of an SSL/TLS communication wants to inform the peer about a special situation, it sends an alert. The alert is sent as a special message and does not influence the normal data stream (unless its contents results in the communication being canceled).</p>
+
+<p>A warning alert is sent, when a non-fatal error condition occurs. The &quot;close notify&quot; alert is sent as a warning alert. Other examples for non-fatal errors are certificate errors (&quot;certificate expired&quot;, &quot;unsupported certificate&quot;), for which a warning alert may be sent. (The sending party may however decide to send a fatal error.) The receiving side may cancel the connection on reception of a warning alert on it discretion.</p>
+
+<p>Several alert messages must be sent as fatal alert messages as specified by the TLS RFC. A fatal alert always leads to a connection abort.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following strings can occur for SSL_alert_type_string() or SSL_alert_type_string_long():</p>
+
+<dl>
+
+<dt id="W-warning">&quot;W&quot;/&quot;warning&quot;</dt>
+<dd>
+
+</dd>
+<dt id="F-fatal">&quot;F&quot;/&quot;fatal&quot;</dt>
+<dd>
+
+</dd>
+<dt id="U-unknown">&quot;U&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>This indicates that no support is available for this alert type. Probably <b>value</b> does not contain a correct alert message.</p>
+
+</dd>
+</dl>
+
+<p>The following strings can occur for SSL_alert_desc_string() or SSL_alert_desc_string_long():</p>
+
+<dl>
+
+<dt id="CN-close-notify">&quot;CN&quot;/&quot;close notify&quot;</dt>
+<dd>
+
+<p>The connection shall be closed. This is a warning alert.</p>
+
+</dd>
+<dt id="UM-unexpected-message">&quot;UM&quot;/&quot;unexpected message&quot;</dt>
+<dd>
+
+<p>An inappropriate message was received. This alert is always fatal and should never be observed in communication between proper implementations.</p>
+
+</dd>
+<dt id="BM-bad-record-mac">&quot;BM&quot;/&quot;bad record mac&quot;</dt>
+<dd>
+
+<p>This alert is returned if a record is received with an incorrect MAC. This message is always fatal.</p>
+
+</dd>
+<dt id="DF-decompression-failure">&quot;DF&quot;/&quot;decompression failure&quot;</dt>
+<dd>
+
+<p>The decompression function received improper input (e.g. data that would expand to excessive length). This message is always fatal.</p>
+
+</dd>
+<dt id="HF-handshake-failure">&quot;HF&quot;/&quot;handshake failure&quot;</dt>
+<dd>
+
+<p>Reception of a handshake_failure alert message indicates that the sender was unable to negotiate an acceptable set of security parameters given the options available. This is a fatal error.</p>
+
+</dd>
+<dt id="NC-no-certificate">&quot;NC&quot;/&quot;no certificate&quot;</dt>
+<dd>
+
+<p>A client, that was asked to send a certificate, does not send a certificate (SSLv3 only).</p>
+
+</dd>
+<dt id="BC-bad-certificate">&quot;BC&quot;/&quot;bad certificate&quot;</dt>
+<dd>
+
+<p>A certificate was corrupt, contained signatures that did not verify correctly, etc</p>
+
+</dd>
+<dt id="UC-unsupported-certificate">&quot;UC&quot;/&quot;unsupported certificate&quot;</dt>
+<dd>
+
+<p>A certificate was of an unsupported type.</p>
+
+</dd>
+<dt id="CR-certificate-revoked">&quot;CR&quot;/&quot;certificate revoked&quot;</dt>
+<dd>
+
+<p>A certificate was revoked by its signer.</p>
+
+</dd>
+<dt id="CE-certificate-expired">&quot;CE&quot;/&quot;certificate expired&quot;</dt>
+<dd>
+
+<p>A certificate has expired or is not currently valid.</p>
+
+</dd>
+<dt id="CU-certificate-unknown">&quot;CU&quot;/&quot;certificate unknown&quot;</dt>
+<dd>
+
+<p>Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable.</p>
+
+</dd>
+<dt id="IP-illegal-parameter">&quot;IP&quot;/&quot;illegal parameter&quot;</dt>
+<dd>
+
+<p>A field in the handshake was out of range or inconsistent with other fields. This is always fatal.</p>
+
+</dd>
+<dt id="DC-decryption-failed">&quot;DC&quot;/&quot;decryption failed&quot;</dt>
+<dd>
+
+<p>A TLSCiphertext decrypted in an invalid way: either it wasn&#39;t an even multiple of the block length or its padding values, when checked, weren&#39;t correct. This message is always fatal.</p>
+
+</dd>
+<dt id="RO-record-overflow">&quot;RO&quot;/&quot;record overflow&quot;</dt>
+<dd>
+
+<p>A TLSCiphertext record was received which had a length more than 2^14+2048 bytes, or a record decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always fatal.</p>
+
+</dd>
+<dt id="CA-unknown-CA">&quot;CA&quot;/&quot;unknown CA&quot;</dt>
+<dd>
+
+<p>A valid certificate chain or partial chain was received, but the certificate was not accepted because the CA certificate could not be located or couldn&#39;t be matched with a known, trusted CA. This message is always fatal.</p>
+
+</dd>
+<dt id="AD-access-denied">&quot;AD&quot;/&quot;access denied&quot;</dt>
+<dd>
+
+<p>A valid certificate was received, but when access control was applied, the sender decided not to proceed with negotiation. This message is always fatal.</p>
+
+</dd>
+<dt id="DE-decode-error">&quot;DE&quot;/&quot;decode error&quot;</dt>
+<dd>
+
+<p>A message could not be decoded because some field was out of the specified range or the length of the message was incorrect. This message is always fatal.</p>
+
+</dd>
+<dt id="CY-decrypt-error">&quot;CY&quot;/&quot;decrypt error&quot;</dt>
+<dd>
+
+<p>A handshake cryptographic operation failed, including being unable to correctly verify a signature, decrypt a key exchange, or validate a finished message.</p>
+
+</dd>
+<dt id="ER-export-restriction">&quot;ER&quot;/&quot;export restriction&quot;</dt>
+<dd>
+
+<p>A negotiation not in compliance with export restrictions was detected; for example, attempting to transfer a 1024 bit ephemeral RSA key for the RSA_EXPORT handshake method. This message is always fatal.</p>
+
+</dd>
+<dt id="PV-protocol-version">&quot;PV&quot;/&quot;protocol version&quot;</dt>
+<dd>
+
+<p>The protocol version the client has attempted to negotiate is recognized, but not supported. (For example, old protocol versions might be avoided for security reasons). This message is always fatal.</p>
+
+</dd>
+<dt id="IS-insufficient-security">&quot;IS&quot;/&quot;insufficient security&quot;</dt>
+<dd>
+
+<p>Returned instead of handshake_failure when a negotiation has failed specifically because the server requires ciphers more secure than those supported by the client. This message is always fatal.</p>
+
+</dd>
+<dt id="IE-internal-error">&quot;IE&quot;/&quot;internal error&quot;</dt>
+<dd>
+
+<p>An internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue (such as a memory allocation failure). This message is always fatal.</p>
+
+</dd>
+<dt id="US-user-canceled">&quot;US&quot;/&quot;user canceled&quot;</dt>
+<dd>
+
+<p>This handshake is being canceled for some reason unrelated to a protocol failure. If the user cancels an operation after the handshake is complete, just closing the connection by sending a close_notify is more appropriate. This alert should be followed by a close_notify. This message is generally a warning.</p>
+
+</dd>
+<dt id="NR-no-renegotiation">&quot;NR&quot;/&quot;no renegotiation&quot;</dt>
+<dd>
+
+<p>Sent by the client in response to a hello request or by the server in response to a client hello after initial handshaking. Either of these would normally lead to renegotiation; when that is not appropriate, the recipient should respond with this alert; at that point, the original requester can decide whether to proceed with the connection. One case where this would be appropriate would be where a server has spawned a process to satisfy a request; the process might receive security parameters (key length, authentication, etc.) at startup and it might be difficult to communicate changes to these parameters after that point. This message is always a warning.</p>
+
+</dd>
+<dt id="UP-unknown-PSK-identity">&quot;UP&quot;/&quot;unknown PSK identity&quot;</dt>
+<dd>
+
+<p>Sent by the server to indicate that it does not recognize a PSK identity or an SRP identity.</p>
+
+</dd>
+<dt id="UK-unknown">&quot;UK&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>This indicates that no description is available for this alert type. Probably <b>value</b> does not contain a correct alert message.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_info_callback.html">SSL_CTX_set_info_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_alert_type_string_long.html b/msys2/usr/share/doc/openssl/html/man3/SSL_alert_type_string_long.html
new file mode 100644
index 000000000..ef7e1041e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_alert_type_string_long.html
@@ -0,0 +1,255 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_alert_type_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long - get textual description of alert information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_alert_type_string(int value);
+ const char *SSL_alert_type_string_long(int value);
+
+ const char *SSL_alert_desc_string(int value);
+ const char *SSL_alert_desc_string_long(int value);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_alert_type_string() returns a one letter string indicating the type of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_type_string_long() returns a string indicating the type of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_desc_string() returns a two letter string as a short form describing the reason of the alert specified by <b>value</b>.</p>
+
+<p>SSL_alert_desc_string_long() returns a string describing the reason of the alert specified by <b>value</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When one side of an SSL/TLS communication wants to inform the peer about a special situation, it sends an alert. The alert is sent as a special message and does not influence the normal data stream (unless its contents results in the communication being canceled).</p>
+
+<p>A warning alert is sent, when a non-fatal error condition occurs. The &quot;close notify&quot; alert is sent as a warning alert. Other examples for non-fatal errors are certificate errors (&quot;certificate expired&quot;, &quot;unsupported certificate&quot;), for which a warning alert may be sent. (The sending party may however decide to send a fatal error.) The receiving side may cancel the connection on reception of a warning alert on it discretion.</p>
+
+<p>Several alert messages must be sent as fatal alert messages as specified by the TLS RFC. A fatal alert always leads to a connection abort.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following strings can occur for SSL_alert_type_string() or SSL_alert_type_string_long():</p>
+
+<dl>
+
+<dt id="W-warning">&quot;W&quot;/&quot;warning&quot;</dt>
+<dd>
+
+</dd>
+<dt id="F-fatal">&quot;F&quot;/&quot;fatal&quot;</dt>
+<dd>
+
+</dd>
+<dt id="U-unknown">&quot;U&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>This indicates that no support is available for this alert type. Probably <b>value</b> does not contain a correct alert message.</p>
+
+</dd>
+</dl>
+
+<p>The following strings can occur for SSL_alert_desc_string() or SSL_alert_desc_string_long():</p>
+
+<dl>
+
+<dt id="CN-close-notify">&quot;CN&quot;/&quot;close notify&quot;</dt>
+<dd>
+
+<p>The connection shall be closed. This is a warning alert.</p>
+
+</dd>
+<dt id="UM-unexpected-message">&quot;UM&quot;/&quot;unexpected message&quot;</dt>
+<dd>
+
+<p>An inappropriate message was received. This alert is always fatal and should never be observed in communication between proper implementations.</p>
+
+</dd>
+<dt id="BM-bad-record-mac">&quot;BM&quot;/&quot;bad record mac&quot;</dt>
+<dd>
+
+<p>This alert is returned if a record is received with an incorrect MAC. This message is always fatal.</p>
+
+</dd>
+<dt id="DF-decompression-failure">&quot;DF&quot;/&quot;decompression failure&quot;</dt>
+<dd>
+
+<p>The decompression function received improper input (e.g. data that would expand to excessive length). This message is always fatal.</p>
+
+</dd>
+<dt id="HF-handshake-failure">&quot;HF&quot;/&quot;handshake failure&quot;</dt>
+<dd>
+
+<p>Reception of a handshake_failure alert message indicates that the sender was unable to negotiate an acceptable set of security parameters given the options available. This is a fatal error.</p>
+
+</dd>
+<dt id="NC-no-certificate">&quot;NC&quot;/&quot;no certificate&quot;</dt>
+<dd>
+
+<p>A client, that was asked to send a certificate, does not send a certificate (SSLv3 only).</p>
+
+</dd>
+<dt id="BC-bad-certificate">&quot;BC&quot;/&quot;bad certificate&quot;</dt>
+<dd>
+
+<p>A certificate was corrupt, contained signatures that did not verify correctly, etc</p>
+
+</dd>
+<dt id="UC-unsupported-certificate">&quot;UC&quot;/&quot;unsupported certificate&quot;</dt>
+<dd>
+
+<p>A certificate was of an unsupported type.</p>
+
+</dd>
+<dt id="CR-certificate-revoked">&quot;CR&quot;/&quot;certificate revoked&quot;</dt>
+<dd>
+
+<p>A certificate was revoked by its signer.</p>
+
+</dd>
+<dt id="CE-certificate-expired">&quot;CE&quot;/&quot;certificate expired&quot;</dt>
+<dd>
+
+<p>A certificate has expired or is not currently valid.</p>
+
+</dd>
+<dt id="CU-certificate-unknown">&quot;CU&quot;/&quot;certificate unknown&quot;</dt>
+<dd>
+
+<p>Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable.</p>
+
+</dd>
+<dt id="IP-illegal-parameter">&quot;IP&quot;/&quot;illegal parameter&quot;</dt>
+<dd>
+
+<p>A field in the handshake was out of range or inconsistent with other fields. This is always fatal.</p>
+
+</dd>
+<dt id="DC-decryption-failed">&quot;DC&quot;/&quot;decryption failed&quot;</dt>
+<dd>
+
+<p>A TLSCiphertext decrypted in an invalid way: either it wasn&#39;t an even multiple of the block length or its padding values, when checked, weren&#39;t correct. This message is always fatal.</p>
+
+</dd>
+<dt id="RO-record-overflow">&quot;RO&quot;/&quot;record overflow&quot;</dt>
+<dd>
+
+<p>A TLSCiphertext record was received which had a length more than 2^14+2048 bytes, or a record decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always fatal.</p>
+
+</dd>
+<dt id="CA-unknown-CA">&quot;CA&quot;/&quot;unknown CA&quot;</dt>
+<dd>
+
+<p>A valid certificate chain or partial chain was received, but the certificate was not accepted because the CA certificate could not be located or couldn&#39;t be matched with a known, trusted CA. This message is always fatal.</p>
+
+</dd>
+<dt id="AD-access-denied">&quot;AD&quot;/&quot;access denied&quot;</dt>
+<dd>
+
+<p>A valid certificate was received, but when access control was applied, the sender decided not to proceed with negotiation. This message is always fatal.</p>
+
+</dd>
+<dt id="DE-decode-error">&quot;DE&quot;/&quot;decode error&quot;</dt>
+<dd>
+
+<p>A message could not be decoded because some field was out of the specified range or the length of the message was incorrect. This message is always fatal.</p>
+
+</dd>
+<dt id="CY-decrypt-error">&quot;CY&quot;/&quot;decrypt error&quot;</dt>
+<dd>
+
+<p>A handshake cryptographic operation failed, including being unable to correctly verify a signature, decrypt a key exchange, or validate a finished message.</p>
+
+</dd>
+<dt id="ER-export-restriction">&quot;ER&quot;/&quot;export restriction&quot;</dt>
+<dd>
+
+<p>A negotiation not in compliance with export restrictions was detected; for example, attempting to transfer a 1024 bit ephemeral RSA key for the RSA_EXPORT handshake method. This message is always fatal.</p>
+
+</dd>
+<dt id="PV-protocol-version">&quot;PV&quot;/&quot;protocol version&quot;</dt>
+<dd>
+
+<p>The protocol version the client has attempted to negotiate is recognized, but not supported. (For example, old protocol versions might be avoided for security reasons). This message is always fatal.</p>
+
+</dd>
+<dt id="IS-insufficient-security">&quot;IS&quot;/&quot;insufficient security&quot;</dt>
+<dd>
+
+<p>Returned instead of handshake_failure when a negotiation has failed specifically because the server requires ciphers more secure than those supported by the client. This message is always fatal.</p>
+
+</dd>
+<dt id="IE-internal-error">&quot;IE&quot;/&quot;internal error&quot;</dt>
+<dd>
+
+<p>An internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue (such as a memory allocation failure). This message is always fatal.</p>
+
+</dd>
+<dt id="US-user-canceled">&quot;US&quot;/&quot;user canceled&quot;</dt>
+<dd>
+
+<p>This handshake is being canceled for some reason unrelated to a protocol failure. If the user cancels an operation after the handshake is complete, just closing the connection by sending a close_notify is more appropriate. This alert should be followed by a close_notify. This message is generally a warning.</p>
+
+</dd>
+<dt id="NR-no-renegotiation">&quot;NR&quot;/&quot;no renegotiation&quot;</dt>
+<dd>
+
+<p>Sent by the client in response to a hello request or by the server in response to a client hello after initial handshaking. Either of these would normally lead to renegotiation; when that is not appropriate, the recipient should respond with this alert; at that point, the original requester can decide whether to proceed with the connection. One case where this would be appropriate would be where a server has spawned a process to satisfy a request; the process might receive security parameters (key length, authentication, etc.) at startup and it might be difficult to communicate changes to these parameters after that point. This message is always a warning.</p>
+
+</dd>
+<dt id="UP-unknown-PSK-identity">&quot;UP&quot;/&quot;unknown PSK identity&quot;</dt>
+<dd>
+
+<p>Sent by the server to indicate that it does not recognize a PSK identity or an SRP identity.</p>
+
+</dd>
+<dt id="UK-unknown">&quot;UK&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>This indicates that no description is available for this alert type. Probably <b>value</b> does not contain a correct alert message.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_info_callback.html">SSL_CTX_set_info_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_alloc_buffers.html b/msys2/usr/share/doc/openssl/html/man3/SSL_alloc_buffers.html
new file mode 100644
index 000000000..e5c14e771
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_alloc_buffers.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_alloc_buffers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_free_buffers, SSL_alloc_buffers - manage SSL structure buffers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_free_buffers(SSL *ssl);
+ int SSL_alloc_buffers(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_free_buffers() frees the read and write buffers of the given <b>ssl</b>. SSL_alloc_buffers() allocates the read and write buffers of the given <b>ssl</b>.</p>
+
+<p>The <b>SSL_MODE_RELEASE_BUFFERS</b> mode releases read or write buffers whenever the buffers have been drained. These functions allow applications to manually control when buffers are freed and allocated.</p>
+
+<p>After freeing the buffers, the buffers are automatically reallocated upon a new read or write. The SSL_alloc_buffers() does not need to be called, but can be used to make sure the buffers are pre-allocated. This can be used to avoid allocation during data processing or with CRYPTO_set_mem_functions() to control where and how buffers are allocated.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="Failure">0 (Failure)</dt>
+<dd>
+
+<p>The SSL_free_buffers() function returns 0 when there is pending data to be read or written. The SSL_alloc_buffers() function returns 0 when there is an allocation failure.</p>
+
+</dd>
+<dt id="Success">1 (Success)</dt>
+<dd>
+
+<p>The SSL_free_buffers() function returns 1 if the buffers have been freed. This value is also returned if the buffers had been freed before calling SSL_free_buffers(). The SSL_alloc_buffers() function returns 1 if the buffers have been allocated. This value is also returned if the buffers had been allocated before calling SSL_alloc_buffers().</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a>CRYPTO_set_mem_functions</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_allow_early_data_cb_fn.html b/msys2/usr/share/doc/openssl/html/man3/SSL_allow_early_data_cb_fn.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_allow_early_data_cb_fn.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_build_cert_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_build_cert_chain.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_build_cert_chain.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_bytes_to_cipher_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_bytes_to_cipher_list.html
new file mode 100644
index 000000000..4230a6de9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_bytes_to_cipher_list.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get1_supported_ciphers, SSL_get_client_ciphers, SSL_get_ciphers, SSL_CTX_get_ciphers, SSL_bytes_to_cipher_list, SSL_get_cipher_list, SSL_get_shared_ciphers - get list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+ STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *ssl);
+ int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len,
+                              int isv2format, STACK_OF(SSL_CIPHER) **sk,
+                              STACK_OF(SSL_CIPHER) **scsvs);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ssl</b>, sorted by preference. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_CTX_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ctx</b>.</p>
+
+<p>SSL_get1_supported_ciphers() returns the stack of enabled SSL_CIPHERs for <b>ssl</b> as would be sent in a ClientHello (that is, sorted by preference). The list depends on settings like the cipher list, the supported protocol versions, the security level, and the enabled signature algorithms. SRP and PSK ciphers are only enabled if the appropriate callbacks or settings have been applied. The list of ciphers that would be sent in a ClientHello can differ from the list of ciphers that would be acceptable when acting as a server. For example, additional ciphers may be usable by a server if there is a gap in the list of supported protocols, and some ciphers may not be usable by a server if there is not a suitable certificate configured. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_get_client_ciphers() returns the stack of available SSL_CIPHERs matching the list received from the client on <b>ssl</b>. If <b>ssl</b> is NULL, no ciphers are available, or <b>ssl</b> is not operating in server mode, NULL is returned.</p>
+
+<p>SSL_bytes_to_cipher_list() treats the supplied <b>len</b> octets in <b>bytes</b> as a wire-protocol cipher suite specification (in the three-octet-per-cipher SSLv2 wire format if <b>isv2format</b> is nonzero; otherwise the two-octet SSLv3/TLS wire format), and parses the cipher suites supported by the library into the returned stacks of SSL_CIPHER objects sk and Signalling Cipher-Suite Values scsvs. Unsupported cipher suites are ignored. Returns 1 on success and 0 on failure.</p>
+
+<p>SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER listed for <b>ssl</b> with <b>priority</b>. If <b>ssl</b> is NULL, no ciphers are available, or there are less ciphers than <b>priority</b> available, NULL is returned.</p>
+
+<p>SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of SSL_CIPHER names that are available in both the client and the server. <b>buf</b> is the buffer that should be populated with the list of names and <b>size</b> is the size of that buffer. A pointer to <b>buf</b> is returned on success or NULL on error. If the supplied buffer is not large enough to contain the complete list of names then a truncated list of names will be returned. Note that just because a ciphersuite is available (i.e. it is configured in the cipher list) and shared by both the client and the server it does not mean that it is enabled (see the description of SSL_get1_supported_ciphers() above). This function will return available shared ciphersuites whether or not they are enabled. This is a server side function only and must only be called after the completion of the initial handshake.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers() SSL_get1_supported_ciphers() and SSL_get_client_ciphers() can be obtained using the <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> family of functions.</p>
+
+<p>Call SSL_get_cipher_list() with <b>priority</b> starting from 0 to obtain the sorted list of available ciphers, until NULL is returned.</p>
+
+<p>Note: SSL_get_ciphers(), SSL_CTX_get_ciphers() and SSL_get_client_ciphers() return a pointer to an internal cipher stack, which will be freed later on when the SSL or SSL_SESSION object is freed. Therefore, the calling code <b>MUST NOT</b> free the return value itself.</p>
+
+<p>The stack returned by SSL_get1_supported_ciphers() should be freed using sk_SSL_CIPHER_free().</p>
+
+<p>The stacks returned by SSL_bytes_to_cipher_list() should be freed using sk_SSL_CIPHER_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_callback_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/SSL_callback_ctrl.html
new file mode 100644
index 000000000..a279a2500
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_callback_ctrl.html
@@ -0,0 +1,60 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_ctrl, SSL_CTX_callback_ctrl, SSL_ctrl, SSL_callback_ctrl - internal handling functions for SSL_CTX and SSL objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+ long SSL_CTX_callback_ctrl(SSL_CTX *, int cmd, void (*fp)());
+
+ long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+ long SSL_callback_ctrl(SSL *, int cmd, void (*fp)());</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SSL_*_ctrl() family of functions is used to manipulate settings of the SSL_CTX and SSL objects. Depending on the command <b>cmd</b> the arguments <b>larg</b>, <b>parg</b>, or <b>fp</b> are evaluated. These functions should never be called directly. All functionalities needed are made available via other functions or macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The return values of the SSL*_ctrl() functions depend on the command supplied via the <b>cmd</b> parameter.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_check_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_check_chain.html
new file mode 100644
index 000000000..1151838d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_check_chain.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_check_chain</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_check_chain - check certificate chain suitability</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_check_chain() checks whether certificate <b>x</b>, private key <b>pk</b> and certificate chain <b>chain</b> is suitable for use with the current session <b>s</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_check_chain() returns a bitmap of flags indicating the validity of the chain.</p>
+
+<p><b>CERT_PKEY_VALID</b>: the chain can be used with the current session. If this flag is <b>not</b> set then the certificate will never be used even if the application tries to set it because it is inconsistent with the peer preferences.</p>
+
+<p><b>CERT_PKEY_SIGN</b>: the EE key can be used for signing.</p>
+
+<p><b>CERT_PKEY_EE_SIGNATURE</b>: the signature algorithm of the EE certificate is acceptable.</p>
+
+<p><b>CERT_PKEY_CA_SIGNATURE</b>: the signature algorithms of all CA certificates are acceptable.</p>
+
+<p><b>CERT_PKEY_EE_PARAM</b>: the parameters of the end entity certificate are acceptable (e.g. it is a supported curve).</p>
+
+<p><b>CERT_PKEY_CA_PARAM</b>: the parameters of all CA certificates are acceptable.</p>
+
+<p><b>CERT_PKEY_EXPLICIT_SIGN</b>: the end entity certificate algorithm can be used explicitly for signing (i.e. it is mentioned in the signature algorithms extension).</p>
+
+<p><b>CERT_PKEY_ISSUER_NAME</b>: the issuer name is acceptable. This is only meaningful for client authentication.</p>
+
+<p><b>CERT_PKEY_CERT_TYPE</b>: the certificate type is acceptable. Only meaningful for client authentication.</p>
+
+<p><b>CERT_PKEY_SUITEB</b>: chain is suitable for Suite B use.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_check_chain() must be called in servers after a client hello message or in clients after a certificate request message. It will typically be called in the certificate callback.</p>
+
+<p>An application wishing to support multiple certificate chains may call this function on each chain in turn: starting with the one it considers the most secure. It could then use the chain of the first set which returns suitable flags.</p>
+
+<p>As a minimum the flag <b>CERT_PKEY_VALID</b> must be set for a chain to be usable. An application supporting multiple chains with different CA signature algorithms may also wish to check <b>CERT_PKEY_CA_SIGNATURE</b> too. If no chain is suitable a server should fall back to the most secure chain which sets <b>CERT_PKEY_VALID</b>.</p>
+
+<p>The validity of a chain is determined by checking if it matches a supported signature algorithm, supported curves and in the case of client authentication certificate types and issuer names.</p>
+
+<p>Since the supported signature algorithms extension is only used in TLS 1.2, TLS 1.3 and DTLS 1.2 the results for earlier versions of TLS and DTLS may not be very useful. Applications may wish to specify a different &quot;legacy&quot; chain for earlier versions of TLS or DTLS.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_cert_cb.html">SSL_CTX_set_cert_cb(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_check_private_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_check_private_key.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_check_private_key.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_clear.html b/msys2/usr/share/doc/openssl/html/man3/SSL_clear.html
new file mode 100644
index 000000000..e44ee3f9f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_clear.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_clear</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_clear - reset SSL object to allow another connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_clear(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Reset <b>ssl</b> to allow another connection. All settings (method, ciphers, BIOs) are kept.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_clear is used to prepare an SSL object for a new connection. While all settings are kept, a side effect is the handling of the current SSL session. If a session is still <b>open</b>, it is considered bad and will be removed from the session cache, as required by RFC2246. A session is considered open, if <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> was not called for the connection or at least <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a> was used to set the SSL_SENT_SHUTDOWN state.</p>
+
+<p>If a session was closed cleanly, the session object will be kept and all settings corresponding. This explicitly means, that e.g. the special method used during the session will be kept for the next handshake. So if the session was a TLSv1 session, a SSL client object will use a TLSv1 client method for the next handshake and a SSL server object will use a TLSv1 server method, even if TLS_*_methods were chosen on startup. This will might lead to connection failures (see <a href="../man3/SSL_new.html">SSL_new(3)</a>) for a description of the method&#39;s properties.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>SSL_clear() resets the SSL object to allow for another connection. The reset operation however keeps several settings of the last sessions (some of these settings were made automatically during the last handshake). It only makes sense for a new connection with the exact same peer that shares these settings, and may fail if that peer changes its settings between connections. Use the sequence <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>; <a href="../man3/SSL_new.html">SSL_new(3)</a>; <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>; <a href="../man3/SSL_free.html">SSL_free(3)</a> instead to avoid such failures (or simply <a href="../man3/SSL_free.html">SSL_free(3)</a>; <a href="../man3/SSL_new.html">SSL_new(3)</a> if session reuse is not desired).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The SSL_clear() operation could not be performed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The SSL_clear() operation was successful.</p>
+
+</dd>
+</dl>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_clear_chain_certs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_clear_chain_certs.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_clear_chain_certs.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_clear_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_clear_mode.html
new file mode 100644
index 000000000..2e6c33d57
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_clear_mode.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_mode, SSL_CTX_clear_mode, SSL_set_mode, SSL_clear_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
+ long SSL_CTX_clear_mode(SSL_CTX *ctx, long mode);
+ long SSL_set_mode(SSL *ssl, long mode);
+ long SSL_clear_mode(SSL *ssl, long mode);
+
+ long SSL_CTX_get_mode(SSL_CTX *ctx);
+ long SSL_get_mode(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ctx</b>. Options already set before are not cleared. SSL_CTX_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ctx</b>.</p>
+
+<p>SSL_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ssl</b>. Options already set before are not cleared. SSL_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_mode() returns the mode set for <b>ctx</b>.</p>
+
+<p>SSL_get_mode() returns the mode set for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following mode changes are available:</p>
+
+<dl>
+
+<dt id="SSL_MODE_ENABLE_PARTIAL_WRITE">SSL_MODE_ENABLE_PARTIAL_WRITE</dt>
+<dd>
+
+<p>Allow SSL_write_ex(..., n, &amp;r) to return with 0 &lt; r &lt; n (i.e. report success when just a single record has been written). This works in a similar way for SSL_write(). When not set (the default), SSL_write_ex() or SSL_write() will only report success once the complete chunk was written. Once SSL_write_ex() or SSL_write() returns successful, <b>r</b> bytes have been written and the next call to SSL_write_ex() or SSL_write() must only send the n-r bytes left, imitating the behaviour of write().</p>
+
+</dd>
+<dt id="SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER">SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</dt>
+<dd>
+
+<p>Make it possible to retry SSL_write_ex() or SSL_write() with changed buffer location (the buffer contents must stay the same). This is not the default to avoid the misconception that non-blocking SSL_write() behaves like non-blocking write().</p>
+
+</dd>
+<dt id="SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</dt>
+<dd>
+
+<p>During normal operations, non-application data records might need to be sent or received that the application is not aware of. If a non-application data record was processed, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> can return with a failure and indicate the need to retry with <b>SSL_ERROR_WANT_READ</b>. If such a non-application data record was processed, the flag <b>SSL_MODE_AUTO_RETRY</b> causes it to try to process the next record instead of returning.</p>
+
+<p>In a non-blocking environment applications must be prepared to handle incomplete read/write operations. Setting <b>SSL_MODE_AUTO_RETRY</b> for a non-blocking <b>BIO</b> will process non-application data records until either no more data is available or an application data record has been processed.</p>
+
+<p>In a blocking environment, applications are not always prepared to deal with the functions returning intermediate reports such as retry requests, and setting the <b>SSL_MODE_AUTO_RETRY</b> flag will cause the functions to only return after successfully processing an application data record or a failure.</p>
+
+<p>Turning off <b>SSL_MODE_AUTO_RETRY</b> can be useful with blocking <b>BIO</b>s in case they are used in combination with something like select() or poll(). Otherwise the call to SSL_read() or SSL_read_ex() might hang when a non-application record was sent and no application data was sent.</p>
+
+</dd>
+<dt id="SSL_MODE_RELEASE_BUFFERS">SSL_MODE_RELEASE_BUFFERS</dt>
+<dd>
+
+<p>When we no longer need a read buffer or a write buffer for a given SSL, then release the memory we were using to hold it. Using this flag can save around 34k per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections.</p>
+
+</dd>
+<dt id="SSL_MODE_SEND_FALLBACK_SCSV">SSL_MODE_SEND_FALLBACK_SCSV</dt>
+<dd>
+
+<p>Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications that reconnect with a downgraded protocol version; see draft-ietf-tls-downgrade-scsv-00 for details.</p>
+
+<p>DO NOT ENABLE THIS if your application attempts a normal handshake. Only use this in explicit fallback retries, following the guidance in draft-ietf-tls-downgrade-scsv-00.</p>
+
+</dd>
+<dt id="SSL_MODE_ASYNC">SSL_MODE_ASYNC</dt>
+<dd>
+
+<p>Enable asynchronous processing. TLS I/O operations may indicate a retry with SSL_ERROR_WANT_ASYNC with this mode set if an asynchronous capable engine is used to perform cryptographic operations. See <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+</dd>
+<dt id="SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG">SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG</dt>
+<dd>
+
+<p>Older versions of OpenSSL had a bug in the computation of the label length used for computing the endpoint-pair shared secret. The bug was that the terminating zero was included in the length of the label. Setting this option enables this behaviour to allow interoperability with such broken implementations. Please note that setting this option breaks interoperability with correct implementations. This option only applies to DTLS over SCTP.</p>
+
+</dd>
+</dl>
+
+<p>All modes are off by default except for SSL_MODE_AUTO_RETRY which is on by default since 1.1.1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask after adding <b>mode</b>.</p>
+
+<p>SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_MODE_ASYNC was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_clear_options.html b/msys2/usr/share/doc/openssl/html/man3/SSL_clear_options.html
new file mode 100644
index 000000000..b45ee0128
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_clear_options.html
@@ -0,0 +1,350 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_options</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SECURE-RENEGOTIATION">SECURE RENEGOTIATION</a>
+    <ul>
+      <li><a href="#Patched-client-and-server">Patched client and server</a></li>
+      <li><a href="#Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</a></li>
+      <li><a href="#Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_options() adds the options set via bitmask in <b>options</b> to <b>ctx</b>. Options already set before are not cleared!</p>
+
+<p>SSL_set_options() adds the options set via bitmask in <b>options</b> to <b>ssl</b>. Options already set before are not cleared!</p>
+
+<p>SSL_CTX_clear_options() clears the options set via bitmask in <b>options</b> to <b>ctx</b>.</p>
+
+<p>SSL_clear_options() clears the options set via bitmask in <b>options</b> to <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_options() returns the options set for <b>ctx</b>.</p>
+
+<p>SSL_get_options() returns the options set for <b>ssl</b>.</p>
+
+<p>SSL_get_secure_renegotiation_support() indicates whether the peer supports secure renegotiation. Note, this is implemented via a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of the SSL library can be changed by setting several options. The options are coded as bitmasks and can be combined by a bitwise <b>or</b> operation (|).</p>
+
+<p>SSL_CTX_set_options() and SSL_set_options() affect the (external) protocol behaviour of the SSL library. The (internal) behaviour of the API can be changed by using the similar <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> and SSL_set_mode() functions.</p>
+
+<p>During a handshake, the option settings of the SSL object are used. When a new SSL object is created from a context using SSL_new(), the current option setting is copied. Changes to <b>ctx</b> do not affect already created SSL objects. SSL_clear() does not affect the settings.</p>
+
+<p>The following <b>bug workaround</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_SAFARI_ECDHE_ECDSA_BUG">SSL_OP_SAFARI_ECDHE_ECDSA_BUG</dt>
+<dd>
+
+<p>Don&#39;t prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS">SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</dt>
+<dd>
+
+<p>Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_TLSEXT_PADDING">SSL_OP_TLSEXT_PADDING</dt>
+<dd>
+
+<p>Adds a padding extension to ensure the ClientHello size is never between 256 and 511 bytes in length. This is needed as a workaround for some implementations.</p>
+
+</dd>
+<dt id="SSL_OP_ALL">SSL_OP_ALL</dt>
+<dd>
+
+<p>All of the above bug workarounds plus <b>SSL_OP_LEGACY_SERVER_CONNECT</b> as mentioned below.</p>
+
+</dd>
+</dl>
+
+<p>It is usually safe to use <b>SSL_OP_ALL</b> to enable the bug workaround options if compatibility with somewhat broken implementations is desired.</p>
+
+<p>The following <b>modifying</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_TLS_ROLLBACK_BUG">SSL_OP_TLS_ROLLBACK_BUG</dt>
+<dd>
+
+<p>Disable version rollback attack detection.</p>
+
+<p>During the client key exchange, the client must send the same information about acceptable SSL/TLS protocol levels as during the first hello. Some clients violate this rule by adapting to the server&#39;s answer. (Example: the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server only understands up to SSLv3. In this case the client must still use the same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect to the server&#39;s answer and violate the version rollback protection.)</p>
+
+</dd>
+<dt id="SSL_OP_CIPHER_SERVER_PREFERENCE">SSL_OP_CIPHER_SERVER_PREFERENCE</dt>
+<dd>
+
+<p>When choosing a cipher, use the server&#39;s preferences instead of the client preferences. When not set, the SSL server will always follow the clients preferences. When set, the SSL/TLS server will choose following its own preferences.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SSLv3-SSL_OP_NO_TLSv1-SSL_OP_NO_TLSv1_1-SSL_OP_NO_TLSv1_2-SSL_OP_NO_TLSv1_3-SSL_OP_NO_DTLSv1-SSL_OP_NO_DTLSv1_2">SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2</dt>
+<dd>
+
+<p>These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively. As of OpenSSL 1.1.0, these options are deprecated, use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> and <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> instead.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION">SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</dt>
+<dd>
+
+<p>When performing renegotiation as a server, always start a new session (i.e., session resumption requests are only accepted in the initial handshake). This option is not needed for clients.</p>
+
+</dd>
+<dt id="SSL_OP_NO_COMPRESSION">SSL_OP_NO_COMPRESSION</dt>
+<dd>
+
+<p>Do not use compression even if it is supported.</p>
+
+</dd>
+<dt id="SSL_OP_NO_QUERY_MTU">SSL_OP_NO_QUERY_MTU</dt>
+<dd>
+
+<p>Do not query the MTU. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_COOKIE_EXCHANGE">SSL_OP_COOKIE_EXCHANGE</dt>
+<dd>
+
+<p>Turn on Cookie Exchange as described in RFC4347 Section 4.2.1. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_NO_TICKET">SSL_OP_NO_TICKET</dt>
+<dd>
+
+<p>SSL/TLS supports two mechanisms for resuming sessions: session ids and stateless session tickets.</p>
+
+<p>When using session ids a copy of the session information is cached on the server and a unique id is sent to the client. When the client wishes to resume it provides the unique id so that the server can retrieve the session information from its cache.</p>
+
+<p>When using stateless session tickets the server uses a session ticket encryption key to encrypt the session information. This encrypted data is sent to the client as a &quot;ticket&quot;. When the client wishes to resume it sends the encrypted data back to the server. The server uses its key to decrypt the data and resume the session. In this way the server can operate statelessly - no session information needs to be cached locally.</p>
+
+<p>The TLSv1.3 protocol only supports tickets and does not directly support session ids. However OpenSSL allows two modes of ticket operation in TLSv1.3: stateful and stateless. Stateless tickets work the same way as in TLSv1.2 and below. Stateful tickets mimic the session id behaviour available in TLSv1.2 and below. The session information is cached on the server and the session id is wrapped up in a ticket and sent back to the client. When the client wishes to resume, it presents a ticket in the same way as for stateless tickets. The server can then extract the session id from the ticket and retrieve the session information from its cache.</p>
+
+<p>By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET option will cause stateless tickets to not be issued. In TLSv1.2 and below this means no ticket gets sent to the client at all. In TLSv1.3 a stateful ticket will be sent. This is a server-side option only.</p>
+
+<p>In TLSv1.3 it is possible to suppress all tickets (stateful and stateless) from being sent by calling <a href="../man3/SSL_CTX_set_num_tickets.html">SSL_CTX_set_num_tickets(3)</a> or <a href="../man3/SSL_set_num_tickets.html">SSL_set_num_tickets(3)</a>.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION">SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_LEGACY_SERVER_CONNECT">SSL_OP_LEGACY_SERVER_CONNECT</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched servers <b>only</b>: this option is currently set by default. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ENCRYPT_THEN_MAC">SSL_OP_NO_ENCRYPT_THEN_MAC</dt>
+<dd>
+
+<p>Normally clients and servers will transparently attempt to negotiate the RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.</p>
+
+<p>If this option is set, Encrypt-then-MAC is disabled. Clients will not propose, and servers will not accept the extension.</p>
+
+</dd>
+<dt id="SSL_OP_NO_RENEGOTIATION">SSL_OP_NO_RENEGOTIATION</dt>
+<dd>
+
+<p>Disable all renegotiation in TLSv1.2 and earlier. Do not send HelloRequest messages, and ignore renegotiation requests via ClientHello.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_NO_DHE_KEX">SSL_OP_ALLOW_NO_DHE_KEX</dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="SSL_OP_PRIORITIZE_CHACHA">SSL_OP_PRIORITIZE_CHACHA</dt>
+<dd>
+
+<p>When SSL_OP_CIPHER_SERVER_PREFERENCE is set, temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers. Requires <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>.</p>
+
+</dd>
+<dt id="SSL_OP_ENABLE_MIDDLEBOX_COMPAT">SSL_OP_ENABLE_MIDDLEBOX_COMPAT</dt>
+<dd>
+
+<p>If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. Regardless of whether this option is set or not CCS messages received from the peer will always be ignored in TLSv1.3. This option is set by default. To switch it off use SSL_clear_options(). A future version of OpenSSL may not set this by default.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ANTI_REPLAY">SSL_OP_NO_ANTI_REPLAY</dt>
+<dd>
+
+<p>By default, when a server is configured for early data (i.e., max_early_data &gt; 0), OpenSSL will switch on replay protection. See <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a> for a description of the replay protection feature. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built in OpenSSL functionality is not required. Those applications can turn this feature off by setting this option. This is a server-side opton only. It is ignored by clients.</p>
+
+</dd>
+</dl>
+
+<p>The following options no longer have any effect but their identifiers are retained for compatibility purposes:</p>
+
+<dl>
+
+<dt id="SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG">SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER">SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLEAY_080_CLIENT_DH_BUG">SSL_OP_SSLEAY_080_CLIENT_DH_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_D5_BUG">SSL_OP_TLS_D5_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_BLOCK_PADDING_BUG">SSL_OP_TLS_BLOCK_PADDING_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MSIE_SSLV2_RSA_PADDING">SSL_OP_MSIE_SSLV2_RSA_PADDING</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG">SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_SESS_ID_BUG">SSL_OP_MICROSOFT_SESS_ID_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_NETSCAPE_CHALLENGE_BUG">SSL_OP_NETSCAPE_CHALLENGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_1">SSL_OP_PKCS1_CHECK_1</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_2">SSL_OP_PKCS1_CHECK_2</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_DH_USE">SSL_OP_SINGLE_DH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_ECDH_USE">SSL_OP_SINGLE_ECDH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_EPHEMERAL_RSA">SSL_OP_EPHEMERAL_RSA</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h1 id="SECURE-RENEGOTIATION">SECURE RENEGOTIATION</h1>
+
+<p>OpenSSL always attempts to use secure renegotiation as described in RFC5746. This counters the prefix attack described in CVE-2009-3555 and elsewhere.</p>
+
+<p>This attack has far reaching consequences which application writers should be aware of. In the description below an implementation supporting secure renegotiation is referred to as <i>patched</i>. A server not supporting secure renegotiation is referred to as <i>unpatched</i>.</p>
+
+<p>The following sections describe the operations permitted by OpenSSL&#39;s secure renegotiation implementation.</p>
+
+<h2 id="Patched-client-and-server">Patched client and server</h2>
+
+<p>Connections and renegotiation are always permitted by OpenSSL implementations.</p>
+
+<h2 id="Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</h2>
+
+<p>The initial connection succeeds but client renegotiation is denied by the server with a <b>no_renegotiation</b> warning alert if TLS v1.0 is used or a fatal <b>handshake_failure</b> alert in SSL v3.0.</p>
+
+<p>If the patched OpenSSL server attempts to renegotiate a fatal <b>handshake_failure</b> alert is sent. This is because the server code may be unaware of the unpatched nature of the client.</p>
+
+<p>If the option <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then renegotiation <b>always</b> succeeds.</p>
+
+<h2 id="Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</h2>
+
+<p>If the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> or <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then initial connections and renegotiation between patched OpenSSL clients and unpatched servers succeeds. If neither option is set then initial connections to unpatched servers will fail.</p>
+
+<p>The option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> is currently set by default even though it has security implications: otherwise it would be impossible to connect to unpatched servers (i.e. all of them initially) and this is clearly not acceptable. Renegotiation is permitted because this does not add any additional security issues: during an attack clients do not see any renegotiations anyway.</p>
+
+<p>As more servers become patched the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> will <b>not</b> be set by default in a future version of OpenSSL.</p>
+
+<p>OpenSSL client applications wishing to ensure they can connect to unpatched servers should always <b>set</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b></p>
+
+<p>OpenSSL client applications that want to ensure they can <b>not</b> connect to unpatched servers (and thus avoid any security issues) should always <b>clear</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b> using SSL_CTX_clear_options() or SSL_clear_options().</p>
+
+<p>The difference between the <b>SSL_OP_LEGACY_SERVER_CONNECT</b> and <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> options is that <b>SSL_OP_LEGACY_SERVER_CONNECT</b> enables initial connections and secure renegotiation between OpenSSL clients and unpatched servers <b>only</b>, while <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> allows initial connections and renegotiation between OpenSSL and unpatched clients or servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_options() and SSL_set_options() return the new options bitmask after adding <b>options</b>.</p>
+
+<p>SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask after clearing <b>options</b>.</p>
+
+<p>SSL_CTX_get_options() and SSL_get_options() return the current bitmask.</p>
+
+<p>SSL_get_secure_renegotiation_support() returns 1 is the peer supports secure renegotiation and 0 if it does not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The attempt to always try to use secure renegotiation was added in OpenSSL 0.9.8m.</p>
+
+<p>The <b>SSL_OP_PRIORITIZE_CHACHA</b> and <b>SSL_OP_NO_RENEGOTIATION</b> options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_cb_fn.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_cb_fn.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_cb_fn.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_ciphers.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_ciphers.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_compression_methods.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_compression_methods.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_compression_methods.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_ext.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_ext.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_ext.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_legacy_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_legacy_version.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_legacy_version.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_random.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_random.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_random.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_session_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_session_id.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get0_session_id.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get1_extensions_present.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get1_extensions_present.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_get1_extensions_present.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_isv2.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_isv2.html
new file mode 100644
index 000000000..175f698eb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_hello_isv2.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_client_hello_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+                                  void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+                                                  const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+                                              size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+                               size_t *outlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically called during the early stages of ClientHello processing on the server. The argument supplied when setting the callback is passed back to the callback at runtime. A callback that returns failure (0) will cause the connection to terminate, and callbacks returning failure should indicate what alert value is to be sent in the <b>al</b> parameter. A callback may also return a negative value to suspend the handshake, and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended. It is the job of the ClientHello callback to store information about the state of the last call if needed to continue. On the next call into the handshake function, the ClientHello callback will be called again, and, if it returns success, normal handshake processing will continue from that point.</p>
+
+<p>SSL_client_hello_isv2() indicates whether the ClientHello was carried in a SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial differences from the normal SSLv3 format, including using three bytes per cipher suite, and not allowing extensions. Additionally, the SSLv2 format &#39;challenge&#39; field is exposed via SSL_client_hello_get0_random(), padded to SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos, SSL_client_hello_get0_compression_methods() returns a dummy list that only includes the null compression method, since the SSLv2 format does not include a mechanism by which to negotiate compression.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() provide access to the corresponding ClientHello fields, returning the field length and optionally setting an out pointer to the octets of that field.</p>
+
+<p>Similarly, SSL_client_hello_get0_ext() provides access to individual extensions from the ClientHello on a per-extension basis. For the provided wire protocol extension type value, the extension value and length are returned in the output parameters (if present).</p>
+
+<p>SSL_client_hello_get1_extensions_present() can be used prior to SSL_client_hello_get0_ext(), to determine which extensions are present in the ClientHello before querying for them. The <b>out</b> and <b>outlen</b> parameters are both required, and on success the caller must release the storage allocated for <b>*out</b> using OPENSSL_free(). The contents of <b>*out</b> is an array of integers holding the numerical value of the TLS extension types in the order they appear in the ClientHello. <b>*outlen</b> contains the number of elements in the array.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ClientHello callback provides a vast window of possibilities for application code to affect the TLS handshake. A primary use of the callback is to allow the server to examine the server name indication extension provided by the client in order to select an appropriate certificate to present, and make other configuration adjustments relevant to that server name and its configuration. Such configuration changes can include swapping out the associated SSL_CTX pointer, modifying the server&#39;s list of permitted TLS versions, changing the server&#39;s cipher list in response to the client&#39;s cipher list, etc.</p>
+
+<p>It is also recommended that applications utilize a ClientHello callback and not use a servername callback, in order to avoid unexpected behavior that occurs due to the relative order of processing between things like session resumption and the historical servername callback.</p>
+
+<p>The SSL_client_hello_* family of functions may only be called from code executing within a ClientHello callback.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The application&#39;s supplied ClientHello callback returns SSL_CLIENT_HELLO_SUCCESS on success, SSL_CLIENT_HELLO_ERROR on failure, and SSL_CLIENT_HELLO_RETRY to suspend processing.</p>
+
+<p>SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.</p>
+
+<p>SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), and SSL_client_hello_get0_compression_methods() return the length of the corresponding ClientHello fields. If zero is returned, the output pointer should not be assumed to be valid.</p>
+
+<p>SSL_client_hello_get0_ext() returns 1 if the extension of type &#39;type&#39; is present, and 0 otherwise.</p>
+
+<p>SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a>SSL_bytes_to_cipher_list</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL ClientHello callback, SSL_client_hello_isv2(), SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(), SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(), SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_client_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_client_version.html
new file mode 100644
index 000000000..4da1a9eba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_client_version.html
@@ -0,0 +1,145 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the protocol information of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_client_version(const SSL *s);
+
+ const char *SSL_get_version(const SSL *ssl);
+
+ int SSL_is_dtls(const SSL *ssl);
+
+ int SSL_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_client_version() returns the numeric protocol version advertised by the client in the legacy_version field of the ClientHello when initiating the connection. Note that, for TLS, this value will never indicate a version greater than TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version() returns the name of the protocol used for the connection. SSL_version() returns the numeric protocol version used for the connection. They should only be called after the initial handshake has been completed. Prior to that the results returned from these functions may be unreliable.</p>
+
+<p>SSL_is_dtls() returns one if the connection is using DTLS, zero if not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_version() returns one of the following strings:</p>
+
+<dl>
+
+<dt id="SSLv3">SSLv3</dt>
+<dd>
+
+<p>The connection uses the SSLv3 protocol.</p>
+
+</dd>
+<dt id="TLSv1">TLSv1</dt>
+<dd>
+
+<p>The connection uses the TLSv1.0 protocol.</p>
+
+</dd>
+<dt id="TLSv1.1">TLSv1.1</dt>
+<dd>
+
+<p>The connection uses the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1.2">TLSv1.2</dt>
+<dd>
+
+<p>The connection uses the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1.3">TLSv1.3</dt>
+<dd>
+
+<p>The connection uses the TLSv1.3 protocol.</p>
+
+</dd>
+<dt id="unknown">unknown</dt>
+<dd>
+
+<p>This indicates an unknown protocol version.</p>
+
+</dd>
+</dl>
+
+<p>SSL_version() and SSL_client_version() return an integer which could include any of the following:</p>
+
+<dl>
+
+<dt id="SSL3_VERSION">SSL3_VERSION</dt>
+<dd>
+
+<p>The connection uses the SSLv3 protocol.</p>
+
+</dd>
+<dt id="TLS1_VERSION">TLS1_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.0 protocol.</p>
+
+</dd>
+<dt id="TLS1_1_VERSION">TLS1_1_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLS1_2_VERSION">TLS1_2_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLS1_3_VERSION">TLS1_3_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.3 protocol (never returned for SSL_client_version()).</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_is_dtls() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_config.html b/msys2/usr/share/doc/openssl/html/man3/SSL_config.html
new file mode 100644
index 000000000..c09a21ec3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_config.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_config</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_config, SSL_config - configure SSL_CTX or SSL structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_config(SSL_CTX *ctx, const char *name);
+ int SSL_config(SSL *s, const char *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_config() and SSL_config() configure an <b>SSL_CTX</b> or <b>SSL</b> structure using the configuration <b>name</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>By calling SSL_CTX_config() or SSL_config() an application can perform many complex tasks based on the contents of the configuration file: greatly simplifying application configuration code. A degree of future proofing can also be achieved: an application can support configuration features in newer versions of OpenSSL automatically.</p>
+
+<p>A configuration file must have been previously loaded, for example using CONF_modules_load_file(). See <a href="../man5/config.html">config(5)</a> for details of the configuration file syntax.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_config() and SSL_config() return 1 for success or 0 if an error occurred.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>If the file &quot;config.cnf&quot; contains the following:</p>
+
+<pre><code> testapp = test_sect
+
+ [test_sect]
+ # list of configuration modules
+
+ ssl_conf = ssl_sect
+
+ [ssl_sect]
+ server = server_section
+
+ [server_section]
+ RSA.Certificate = server-rsa.pem
+ ECDSA.Certificate = server-ecdsa.pem
+ Ciphers = ALL:!RC4</code></pre>
+
+<p>An application could call:</p>
+
+<pre><code> if (CONF_modules_load_file(&quot;config.cnf&quot;, &quot;testapp&quot;, 0) &lt;= 0) {
+     fprintf(stderr, &quot;Error processing config file\n&quot;);
+     goto err;
+ }
+
+ ctx = SSL_CTX_new(TLS_server_method());
+
+ if (SSL_CTX_config(ctx, &quot;server&quot;) == 0) {
+     fprintf(stderr, &quot;Error configuring server.\n&quot;);
+     goto err;
+ }</code></pre>
+
+<p>In this example two certificates and the cipher list are configured without the need for any additional application code.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man5/config.html">config(5)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a>, <a href="../man3/CONF_modules_load_file.html">CONF_modules_load_file(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_config() and SSL_config() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_connect.html b/msys2/usr/share/doc/openssl/html/man3/SSL_connect.html
new file mode 100644
index 000000000..cc1b8993d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_connect.html
@@ -0,0 +1,91 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_connect</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_connect(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_connect() initiates the TLS/SSL handshake with a server. The communication channel must already have been set and assigned to the <b>ssl</b> by setting an underlying <b>BIO</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of SSL_connect() depends on the underlying BIO.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, SSL_connect() will only return once the handshake has been finished or an error occurred.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b>, SSL_connect() will also return when the underlying BIO could not satisfy the needs of SSL_connect() to continue the handshake, indicating the problem by the return value -1. In this case a call to SSL_get_error() with the return value of SSL_connect() will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. The calling process then must repeat the call after taking appropriate action to satisfy the needs of SSL_connect(). The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<p>Many systems implement Nagle&#39;s algorithm by default which means that it will buffer outgoing TCP data if a TCP packet has already been sent for which no corresponding ACK has been received yet from the peer. This can have performance impacts after a successful TLSv1.3 handshake or a successful TLSv1.2 (or below) resumption handshake, because the last peer to communicate in the handshake is the client. If the client is also the first to send application data (as is typical for many protocols) then this data could be buffered until an ACK has been received for the final handshake message.</p>
+
+<p>The <b>TCP_NODELAY</b> socket option is often available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again later if appropriate. The helper function BIO_set_tcp_ndelay() can be used to turn on or off the <b>TCP_NODELAY</b> option.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value <b>ret</b> to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established.</p>
+
+</dd>
+<dt id="pod01">&lt;0</dt>
+<dd>
+
+<p>The TLS/SSL handshake was not successful, because a fatal error occurred either at the protocol level or a connection failure occurred. The shutdown was not clean. It can also occur of action is need to continue the operation for non-blocking BIOs. Call SSL_get_error() with the return value <b>ret</b> to find out the reason.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_ct_is_enabled.html b/msys2/usr/share/doc/openssl/html/man3/SSL_ct_is_enabled.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_ct_is_enabled.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/SSL_ctrl.html
new file mode 100644
index 000000000..a279a2500
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_ctrl.html
@@ -0,0 +1,60 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_ctrl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_ctrl, SSL_CTX_callback_ctrl, SSL_ctrl, SSL_callback_ctrl - internal handling functions for SSL_CTX and SSL objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+ long SSL_CTX_callback_ctrl(SSL_CTX *, int cmd, void (*fp)());
+
+ long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+ long SSL_callback_ctrl(SSL *, int cmd, void (*fp)());</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SSL_*_ctrl() family of functions is used to manipulate settings of the SSL_CTX and SSL objects. Depending on the command <b>cmd</b> the arguments <b>larg</b>, <b>parg</b>, or <b>fp</b> are evaluated. These functions should never be called directly. All functionalities needed are made available via other functions or macros.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The return values of the SSL*_ctrl() functions depend on the command supplied via the <b>cmd</b> parameter.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_dane_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/SSL_dane_clear_flags.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_dane_clear_flags.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_dane_enable.html b/msys2/usr/share/doc/openssl/html/man3/SSL_dane_enable.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_dane_enable.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_dane_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/SSL_dane_set_flags.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_dane_set_flags.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_dane_tlsa_add.html b/msys2/usr/share/doc/openssl/html/man3/SSL_dane_tlsa_add.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_dane_tlsa_add.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_disable_ct.html b/msys2/usr/share/doc/openssl/html/man3/SSL_disable_ct.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_disable_ct.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_do_handshake.html b/msys2/usr/share/doc/openssl/html/man3/SSL_do_handshake.html
new file mode 100644
index 000000000..c6bec493c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_do_handshake.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_do_handshake</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_do_handshake - perform a TLS/SSL handshake</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_do_handshake(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the connection is in client mode, the handshake will be started. The handshake routines may have to be explicitly set in advance using either <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a> or <a href="../man3/SSL_set_accept_state.html">SSL_set_accept_state(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of SSL_do_handshake() depends on the underlying BIO.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, SSL_do_handshake() will only return once the handshake has been finished or an error occurred.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b>, SSL_do_handshake() will also return when the underlying BIO could not satisfy the needs of SSL_do_handshake() to continue the handshake. In this case a call to SSL_get_error() with the return value of SSL_do_handshake() will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. The calling process then must repeat the call after taking appropriate action to satisfy the needs of SSL_do_handshake(). The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the return value <b>ret</b> to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established.</p>
+
+</dd>
+<dt id="pod01">&lt;0</dt>
+<dd>
+
+<p>The TLS/SSL handshake was not successful because a fatal error occurred either at the protocol level or a connection failure occurred. The shutdown was not clean. It can also occur of action is need to continue the operation for non-blocking BIOs. Call SSL_get_error() with the return value <b>ret</b> to find out the reason.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_dup.html b/msys2/usr/share/doc/openssl/html/man3/SSL_dup.html
new file mode 100644
index 000000000..1f1f51b25
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_dup.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_dup, SSL_new, SSL_up_ref - create an SSL structure for a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL *SSL_dup(SSL *s);
+ SSL *SSL_new(SSL_CTX *ctx);
+ int SSL_up_ref(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_new() creates a new <b>SSL</b> structure which is needed to hold the data for a TLS/SSL connection. The new structure inherits the settings of the underlying context <b>ctx</b>: connection method, options, verification settings, timeout settings. An <b>SSL</b> structure is reference counted. Creating an <b>SSL</b> structure for the first time increments the reference count. Freeing it (using SSL_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL</b> structure are freed.</p>
+
+<p>SSL_up_ref() increments the reference count for an existing <b>SSL</b> structure.</p>
+
+<p>SSL_dup() duplicates an existing <b>SSL</b> structure into a new allocated one. All settings are inherited from the original <b>SSL</b> structure. Dynamic data (i.e. existing connection details) are not copied, the new <b>SSL</b> is set into an initial accept (server) or connect (client) state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL structure failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL-structure">Pointer to an SSL structure</dt>
+<dd>
+
+<p>The return value points to an allocated SSL structure.</p>
+
+<p>SSL_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_get_SSL_CTX.html">SSL_get_SSL_CTX(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_enable_ct.html b/msys2/usr/share/doc/openssl/html/man3/SSL_enable_ct.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_enable_ct.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_export_keying_material.html b/msys2/usr/share/doc/openssl/html/man3/SSL_export_keying_material.html
new file mode 100644
index 000000000..d0d3db190
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_export_keying_material.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_export_keying_material</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_export_keying_material, SSL_export_keying_material_early - obtain keying material for application use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+                                const char *label, size_t llen,
+                                const unsigned char *context,
+                                size_t contextlen, int use_context);
+
+ int SSL_export_keying_material_early(SSL *s, unsigned char *out, size_t olen,
+                                      const char *label, size_t llen,
+                                      const unsigned char *context,
+                                      size_t contextlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During the creation of a TLS or DTLS connection shared keying material is established between the two endpoints. The functions SSL_export_keying_material() and SSL_export_keying_material_early() enable an application to use some of this keying material for its own purposes in accordance with RFC5705 (for TLSv1.2 and below) or RFC8446 (for TLSv1.3).</p>
+
+<p>SSL_export_keying_material() derives keying material using the <i>exporter_master_secret</i> established in the handshake.</p>
+
+<p>SSL_export_keying_material_early() is only usable with TLSv1.3, and derives keying material using the <i>early_exporter_master_secret</i> (as defined in the TLS 1.3 RFC). For the client, the <i>early_exporter_master_secret</i> is only available when the client attempts to send 0-RTT data. For the server, it is only available when the server accepts 0-RTT data.</p>
+
+<p>An application may need to securely establish the context within which this keying material will be used. For example this may include identifiers for the application session, application algorithms or parameters, or the lifetime of the context. The context value is left to the application but must be the same on both sides of the communication.</p>
+
+<p>For a given SSL connection <b>s</b>, <b>olen</b> bytes of data will be written to <b>out</b>. The application specific context should be supplied in the location pointed to by <b>context</b> and should be <b>contextlen</b> bytes long. Provision of a context is optional. If the context should be omitted entirely then <b>use_context</b> should be set to 0. Otherwise it should be any other value. If <b>use_context</b> is 0 then the values of <b>context</b> and <b>contextlen</b> are ignored. Note that in TLSv1.2 and below a zero length context is treated differently from no context at all, and will result in different keying material being returned. In TLSv1.3 a zero length context is that same as no context at all and will result in the same keying material being returned.</p>
+
+<p>An application specific label should be provided in the location pointed to by <b>label</b> and should be <b>llen</b> bytes long. Typically this will be a value from the IANA Exporter Label Registry (<a href="https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels">https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels</a>). Alternatively labels beginning with &quot;EXPERIMENTAL&quot; are permitted by the standard to be used without registration. TLSv1.3 imposes a maximum label length of 249 bytes.</p>
+
+<p>Note that this function is only defined for TLSv1.0 and above, and DTLSv1.0 and above. Attempting to use it in SSLv3 will result in an error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_export_keying_material() returns 0 or -1 on failure or 1 on success.</p>
+
+<p>SSL_export_keying_material_early() returns 0 on failure or 1 on success.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_export_keying_material_early() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_export_keying_material_early.html b/msys2/usr/share/doc/openssl/html/man3/SSL_export_keying_material_early.html
new file mode 100644
index 000000000..d0d3db190
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_export_keying_material_early.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_export_keying_material</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_export_keying_material, SSL_export_keying_material_early - obtain keying material for application use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+                                const char *label, size_t llen,
+                                const unsigned char *context,
+                                size_t contextlen, int use_context);
+
+ int SSL_export_keying_material_early(SSL *s, unsigned char *out, size_t olen,
+                                      const char *label, size_t llen,
+                                      const unsigned char *context,
+                                      size_t contextlen);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>During the creation of a TLS or DTLS connection shared keying material is established between the two endpoints. The functions SSL_export_keying_material() and SSL_export_keying_material_early() enable an application to use some of this keying material for its own purposes in accordance with RFC5705 (for TLSv1.2 and below) or RFC8446 (for TLSv1.3).</p>
+
+<p>SSL_export_keying_material() derives keying material using the <i>exporter_master_secret</i> established in the handshake.</p>
+
+<p>SSL_export_keying_material_early() is only usable with TLSv1.3, and derives keying material using the <i>early_exporter_master_secret</i> (as defined in the TLS 1.3 RFC). For the client, the <i>early_exporter_master_secret</i> is only available when the client attempts to send 0-RTT data. For the server, it is only available when the server accepts 0-RTT data.</p>
+
+<p>An application may need to securely establish the context within which this keying material will be used. For example this may include identifiers for the application session, application algorithms or parameters, or the lifetime of the context. The context value is left to the application but must be the same on both sides of the communication.</p>
+
+<p>For a given SSL connection <b>s</b>, <b>olen</b> bytes of data will be written to <b>out</b>. The application specific context should be supplied in the location pointed to by <b>context</b> and should be <b>contextlen</b> bytes long. Provision of a context is optional. If the context should be omitted entirely then <b>use_context</b> should be set to 0. Otherwise it should be any other value. If <b>use_context</b> is 0 then the values of <b>context</b> and <b>contextlen</b> are ignored. Note that in TLSv1.2 and below a zero length context is treated differently from no context at all, and will result in different keying material being returned. In TLSv1.3 a zero length context is that same as no context at all and will result in the same keying material being returned.</p>
+
+<p>An application specific label should be provided in the location pointed to by <b>label</b> and should be <b>llen</b> bytes long. Typically this will be a value from the IANA Exporter Label Registry (<a href="https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels">https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels</a>). Alternatively labels beginning with &quot;EXPERIMENTAL&quot; are permitted by the standard to be used without registration. TLSv1.3 imposes a maximum label length of 249 bytes.</p>
+
+<p>Note that this function is only defined for TLSv1.0 and above, and DTLSv1.0 and above. Attempting to use it in SSLv3 will result in an error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_export_keying_material() returns 0 or -1 on failure or 1 on success.</p>
+
+<p>SSL_export_keying_material_early() returns 0 on failure or 1 on success.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_export_keying_material_early() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_extension_supported.html b/msys2/usr/share/doc/openssl/html/man3/SSL_extension_supported.html
new file mode 100644
index 000000000..9df0f6450
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_extension_supported.html
@@ -0,0 +1,261 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_extension_supported</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#EXTENSION-CALLBACKS">EXTENSION CALLBACKS</a></li>
+  <li><a href="#EXTENSION-CONTEXTS">EXTENSION CONTEXTS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_extension_supported, SSL_CTX_add_custom_ext, SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext, custom_ext_add_cb, custom_ext_free_cb, custom_ext_parse_cb - custom TLS extension handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_custom_ext_add_cb_ex) (SSL *s, unsigned int ext_type,
+                                          unsigned int context,
+                                          const unsigned char **out,
+                                          size_t *outlen, X509 *x,
+                                          size_t chainidx, int *al,
+                                          void *add_arg);
+
+ typedef void (*SSL_custom_ext_free_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *out,
+                                            void *add_arg);
+
+ typedef int (*SSL_custom_ext_parse_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *in,
+                                            size_t inlen, X509 *x,
+                                            size_t chainidx, int *al,
+                                            void *parse_arg);
+
+ int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                            unsigned int context,
+                            SSL_custom_ext_add_cb_ex add_cb,
+                            SSL_custom_ext_free_cb_ex free_cb,
+                            void *add_arg,
+                            SSL_custom_ext_parse_cb_ex parse_cb,
+                            void *parse_arg);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+                                  const unsigned char **out,
+                                  size_t *outlen, int *al,
+                                  void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *out,
+                                    void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *in,
+                                    size_t inlen, int *al,
+                                    void *parse_arg);
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_custom_ext() adds a custom extension for a TLS/DTLS client or server for all supported protocol versions with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b> (see the <a href="#EXTENSION-CALLBACKS">&quot;EXTENSION CALLBACKS&quot;</a> section below). The <b>context</b> value determines which messages and under what conditions the extension will be added/parsed (see the <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> section below).</p>
+
+<p>SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS/DTLS client with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to clients, uses the older style of callbacks, and implicitly sets the <b>context</b> value to:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS/DTLS server with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to servers, uses the older style of callbacks, and implicitly sets the <b>context</b> value to the same as for SSL_CTX_add_client_custom_ext() above.</p>
+
+<p>The <b>ext_type</b> parameter corresponds to the <b>extension_type</b> field of RFC5246 et al. It is <b>not</b> a NID. In all cases the extension type must not be handled by OpenSSL internally or an error occurs.</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="EXTENSION-CALLBACKS">EXTENSION CALLBACKS</h1>
+
+<p>The callback <b>add_cb</b> is called to send custom extension data to be included in various TLS messages. The <b>ext_type</b> parameter is set to the extension type which will be added and <b>add_arg</b> to the value set when the extension handler was added. When using the new style callbacks the <b>context</b> parameter will indicate which message is currently being constructed e.g. for the ClientHello it will be set to <b>SSL_EXT_CLIENT_HELLO</b>.</p>
+
+<p>If the application wishes to include the extension <b>ext_type</b> it should set <b>*out</b> to the extension data, set <b>*outlen</b> to the length of the extension data and return 1.</p>
+
+<p>If the <b>add_cb</b> does not wish to include the extension it must return 0.</p>
+
+<p>If <b>add_cb</b> returns -1 a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>When constructing the ClientHello, if <b>add_cb</b> is set to NULL a zero length extension is added for <b>ext_type</b>. For all other messages if <b>add_cb</b> is set to NULL then no extension is added.</p>
+
+<p>When constructing a Certificate message the callback will be called for each certificate in the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0. The certificates are in the order that they were received in the Certificate message.</p>
+
+<p>For all messages except the ServerHello and EncryptedExtensions every registered <b>add_cb</b> is always called to see if the application wishes to add an extension (as long as all requirements of the specified <b>context</b> are met).</p>
+
+<p>For the ServerHello and EncryptedExtension messages every registered <b>add_cb</b> is called once if and only if the requirements of the specified <b>context</b> are met and the corresponding extension was received in the ClientHello. That is, if no corresponding extension was received in the ClientHello then <b>add_cb</b> will not be called.</p>
+
+<p>If an extension is added (that is <b>add_cb</b> returns 1) <b>free_cb</b> is called (if it is set) with the value of <b>out</b> set by the add callback. It can be used to free up any dynamic extension data set by <b>add_cb</b>. Since <b>out</b> is constant (to permit use of constant data in <b>add_cb</b>) applications may need to cast away const to free the data.</p>
+
+<p>The callback <b>parse_cb</b> receives data for TLS extensions. The callback is only called if the extension is present and relevant for the context (see <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> below).</p>
+
+<p>The extension data consists of <b>inlen</b> bytes in the buffer <b>in</b> for the extension <b>ext_type</b>.</p>
+
+<p>If the message being parsed is a TLSv1.3 compatible Certificate message then <b>parse_cb</b> will be called for each certificate contained within the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0.</p>
+
+<p>If the <b>parse_cb</b> considers the extension data acceptable it must return 1. If it returns 0 or a negative value a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>The buffer <b>in</b> is a temporary internal buffer which will not be valid after the callback returns.</p>
+
+<h1 id="EXTENSION-CONTEXTS">EXTENSION CONTEXTS</h1>
+
+<p>An extension context defines which messages and under which conditions an extension should be added or expected. The context is built up by performing a bitwise OR of multiple pre-defined values together. The valid context values are:</p>
+
+<dl>
+
+<dt id="SSL_EXT_TLS_ONLY">SSL_EXT_TLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in TLS</p>
+
+</dd>
+<dt id="SSL_EXT_DTLS_ONLY">SSL_EXT_DTLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in DTLS</p>
+
+</dd>
+<dt id="SSL_EXT_TLS_IMPLEMENTATION_ONLY">SSL_EXT_TLS_IMPLEMENTATION_ONLY</dt>
+<dd>
+
+<p>The extension is allowed in DTLS, but there is only a TLS implementation available (so it is ignored in DTLS).</p>
+
+</dd>
+<dt id="SSL_EXT_SSL3_ALLOWED">SSL_EXT_SSL3_ALLOWED</dt>
+<dd>
+
+<p>Extensions are not typically defined for SSLv3. Setting this value will allow the extension in SSLv3. Applications will not typically need to use this.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_AND_BELOW_ONLY">SSL_EXT_TLS1_2_AND_BELOW_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLSv1.2/DTLSv1.2 and below. Servers will ignore this extension if it is present in the ClientHello and TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ONLY">SSL_EXT_TLS1_3_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLS1.3 and above. Servers will ignore this extension if it is present in the ClientHello and TLSv1.2 or below is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_IGNORE_ON_RESUMPTION">SSL_EXT_IGNORE_ON_RESUMPTION</dt>
+<dd>
+
+<p>The extension will be ignored during parsing if a previous session is being successfully resumed.</p>
+
+</dd>
+<dt id="SSL_EXT_CLIENT_HELLO">SSL_EXT_CLIENT_HELLO</dt>
+<dd>
+
+<p>The extension may be present in the ClientHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_SERVER_HELLO">SSL_EXT_TLS1_2_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.2 or below compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_SERVER_HELLO">SSL_EXT_TLS1_3_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS">SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS</dt>
+<dd>
+
+<p>The extension may be present in an EncryptedExtensions message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST">SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a HelloRetryRequest message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE">SSL_EXT_TLS1_3_CERTIFICATE</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible Certificate message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_NEW_SESSION_TICKET">SSL_EXT_TLS1_3_NEW_SESSION_TICKET</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible NewSessionTicket message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE_REQUEST">SSL_EXT_TLS1_3_CERTIFICATE_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible CertificateRequest message.</p>
+
+</dd>
+</dl>
+
+<p>The context must include at least one message value (otherwise the extension will never be used).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>add_arg</b> and <b>parse_arg</b> parameters can be set to arbitrary values which will be passed to the corresponding callbacks. They can, for example, be used to store the extension data received in a convenient structure or pass the extension data to be added or freed when adding extensions.</p>
+
+<p>If the same custom extension type is received multiple times a fatal <b>decode_error</b> alert is sent and the handshake aborts. If a custom extension is received in a ServerHello/EncryptedExtensions message which was not sent in the ClientHello a fatal <b>unsupported_extension</b> alert is sent and the handshake is aborted. The ServerHello/EncryptedExtensions <b>add_cb</b> callback is only called if the corresponding extension was received in the ClientHello. This is compliant with the TLS specifications. This behaviour ensures that each callback is called at most once and that an application can never send unsolicited extensions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_custom_ext(), SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 for success and 0 for failure. A failure can occur if an attempt is made to add the same <b>ext_type</b> more than once, if an attempt is made to use an extension type handled internally by OpenSSL or if an internal error occurs (for example a memory allocation failure).</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_add_custom_ext() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_free.html b/msys2/usr/share/doc/openssl/html/man3/SSL_free.html
new file mode 100644
index 000000000..3e5e68cbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_free.html
@@ -0,0 +1,60 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_free</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_free - free an allocated SSL structure</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_free(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_free() decrements the reference count of <b>ssl</b>, and removes the SSL structure pointed to by <b>ssl</b> and frees up the allocated memory if the reference count has reached 0. If <b>ssl</b> is NULL nothing is done.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this <b>ssl</b>, the <b>SSL_SESSION</b>. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure.</p>
+
+<p>The ssl session has reference counts from two users: the SSL object, for which the reference count is removed by SSL_free() and the internal session cache. If the session is considered bad, because <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> was not called for the connection and <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a> was not used to set the SSL_SENT_SHUTDOWN state, the session will also be removed from the session cache as required by RFC2246.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_free() does not provide diagnostic information.</p>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_free_buffers.html b/msys2/usr/share/doc/openssl/html/man3/SSL_free_buffers.html
new file mode 100644
index 000000000..e5c14e771
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_free_buffers.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_alloc_buffers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_free_buffers, SSL_alloc_buffers - manage SSL structure buffers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_free_buffers(SSL *ssl);
+ int SSL_alloc_buffers(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_free_buffers() frees the read and write buffers of the given <b>ssl</b>. SSL_alloc_buffers() allocates the read and write buffers of the given <b>ssl</b>.</p>
+
+<p>The <b>SSL_MODE_RELEASE_BUFFERS</b> mode releases read or write buffers whenever the buffers have been drained. These functions allow applications to manually control when buffers are freed and allocated.</p>
+
+<p>After freeing the buffers, the buffers are automatically reallocated upon a new read or write. The SSL_alloc_buffers() does not need to be called, but can be used to make sure the buffers are pre-allocated. This can be used to avoid allocation during data processing or with CRYPTO_set_mem_functions() to control where and how buffers are allocated.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="Failure">0 (Failure)</dt>
+<dd>
+
+<p>The SSL_free_buffers() function returns 0 when there is pending data to be read or written. The SSL_alloc_buffers() function returns 0 when there is an allocation failure.</p>
+
+</dd>
+<dt id="Success">1 (Success)</dt>
+<dd>
+
+<p>The SSL_free_buffers() function returns 1 if the buffers have been freed. This value is also returned if the buffers had been freed before calling SSL_free_buffers(). The SSL_alloc_buffers() function returns 1 if the buffers have been allocated. This value is also returned if the buffers had been allocated before calling SSL_alloc_buffers().</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a>CRYPTO_set_mem_functions</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_alpn_selected.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_alpn_selected.html
new file mode 100644
index 000000000..2c1cda006
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_alpn_selected.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_alpn_select_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb, SSL_CTX_set_next_protos_advertised_cb, SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated - handle application layer protocol negotiation (ALPN)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                             unsigned int protos_len);
+ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                         unsigned int protos_len);
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                 int (*cb) (SSL *ssl,
+                                            const unsigned char **out,
+                                            unsigned char *outlen,
+                                            const unsigned char *in,
+                                            unsigned int inlen,
+                                            void *arg), void *arg);
+ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                            int (*cb)(SSL *ssl,
+                                                      const unsigned char **out,
+                                                      unsigned int *outlen,
+                                                      void *arg),
+                                            void *arg);
+ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                               int (*cb)(SSL *s,
+                                         unsigned char **out,
+                                         unsigned char *outlen,
+                                         const unsigned char *in,
+                                         unsigned int inlen,
+                                         void *arg),
+                               void *arg);
+ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           const unsigned char *server,
+                           unsigned int server_len,
+                           const unsigned char *client,
+                           unsigned int client_len)
+ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                             unsigned *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to set the list of protocols available to be negotiated. The <b>protos</b> must be in protocol-list format, described below. The length of <b>protos</b> is specified in <b>protos_len</b>.</p>
+
+<p>SSL_CTX_set_alpn_select_cb() sets the application callback <b>cb</b> used by a server to select which protocol to use for the incoming connection. When <b>cb</b> is NULL, ALPN is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p><b>cb</b> is the application defined callback. The <b>in</b>, <b>inlen</b> parameters are a vector in protocol-list format. The value of the <b>out</b>, <b>outlen</b> vector should be set to the value of a single protocol selected from the <b>in</b>, <b>inlen</b> vector. The <b>out</b> buffer may point directly into <b>in</b>, or to a buffer that outlives the handshake. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_alpn_select_cb().</p>
+
+<p>SSL_select_next_proto() is a helper function used to select protocols. It implements the standard protocol selection. It is expected that this function is called from the application callback <b>cb</b>. The protocol data in <b>server</b>, <b>server_len</b> and <b>client</b>, <b>client_len</b> must be in the protocol-list format described below. The first item in the <b>server</b>, <b>server_len</b> list that matches an item in the <b>client</b>, <b>client_len</b> list is selected, and returned in <b>out</b>, <b>outlen</b>. The <b>out</b> value will point into either <b>server</b> or <b>client</b>, so it should be copied immediately. If no match is found, the first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>. This function can also be used in the NPN callback.</p>
+
+<p>SSL_CTX_set_next_proto_select_cb() sets a callback <b>cb</b> that is called when a client needs to select a protocol from the server&#39;s provided list, and a user-defined pointer argument <b>arg</b> which will be passed to this callback. For the callback itself, <b>out</b> must be set to point to the selected protocol (which may be within <b>in</b>). The length of the protocol name must be written into <b>outlen</b>. The server&#39;s advertised protocols are provided in <b>in</b> and <b>inlen</b>. The callback can assume that <b>in</b> is syntactically valid. The client must select a protocol. It is fatal to the connection if this callback returns a value other than <b>SSL_TLSEXT_ERR_OK</b>. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().</p>
+
+<p>SSL_CTX_set_next_protos_advertised_cb() sets a callback <b>cb</b> that is called when a TLS server needs a list of supported protocols for Next Protocol Negotiation. The returned list must be in protocol-list format, described below. The list is returned by setting <b>out</b> to point to it and <b>outlen</b> to its length. This memory will not be modified, but the <b>SSL</b> does keep a reference to it. The callback should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<p>SSL_get0_alpn_selected() returns a pointer to the selected protocol in <b>data</b> with length <b>len</b>. It is not NUL-terminated. <b>data</b> is set to NULL and <b>len</b> is set to 0 if no protocol has been selected. <b>data</b> must not be freed.</p>
+
+<p>SSL_get0_next_proto_negotiated() sets <b>data</b> and <b>len</b> to point to the client&#39;s requested protocol for this connection. If the client did not request any protocol or NPN is not enabled, then <b>data</b> is set to NULL and <b>len</b> to 0. Note that the client can request any protocol it chooses. The value returned from this function need not be a member of the list of supported protocols provided by the callback.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. The length of the vector is not in the vector itself, but in a separate variable.</p>
+
+<p>Example:</p>
+
+<pre><code> unsigned char vector[] = {
+     6, &#39;s&#39;, &#39;p&#39;, &#39;d&#39;, &#39;y&#39;, &#39;/&#39;, &#39;1&#39;,
+     8, &#39;h&#39;, &#39;t&#39;, &#39;t&#39;, &#39;p&#39;, &#39;/&#39;, &#39;1&#39;, &#39;.&#39;, &#39;1&#39;
+ };
+ unsigned int length = sizeof(vector);</code></pre>
+
+<p>The ALPN callback is executed after the servername callback; as that servername callback may update the SSL_CTX, and subsequently, the ALPN callback.</p>
+
+<p>If there is no ALPN proposed in the ClientHello, the ALPN callback is not invoked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and non-0 on failure. WARNING: these functions reverse the return value convention.</p>
+
+<p>SSL_select_next_proto() returns one of the following:</p>
+
+<dl>
+
+<dt id="OPENSSL_NPN_NEGOTIATED">OPENSSL_NPN_NEGOTIATED</dt>
+<dd>
+
+<p>A match was found and is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+<dt id="OPENSSL_NPN_NO_OVERLAP">OPENSSL_NPN_NO_OVERLAP</dt>
+<dd>
+
+<p>No match was found. The first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+</dl>
+
+<p>The ALPN select callback <b>cb</b>, must return one of the following:</p>
+
+<dl>
+
+<dt id="SSL_TLSEXT_ERR_OK">SSL_TLSEXT_ERR_OK</dt>
+<dd>
+
+<p>ALPN protocol selected.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_ALERT_FATAL">SSL_TLSEXT_ERR_ALERT_FATAL</dt>
+<dd>
+
+<p>There was no overlap between the client&#39;s supplied list and the server configuration.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_NOACK">SSL_TLSEXT_ERR_NOACK</dt>
+<dd>
+
+<p>ALPN protocol not selected, e.g., because no ALPN protocols are configured for this connection.</p>
+
+</dd>
+</dl>
+
+<p>The callback set using SSL_CTX_set_next_proto_select_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if successful. Any other value is fatal to the connection.</p>
+
+<p>The callback set using SSL_CTX_set_next_protos_advertised_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_arg.html">SSL_CTX_set_tlsext_servername_arg(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_chain_certs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_chain_certs.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_chain_certs.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_dane_authority.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_dane_authority.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_dane_authority.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_dane_tlsa.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_dane_tlsa.html
new file mode 100644
index 000000000..16d72a2ed
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_dane_tlsa.html
@@ -0,0 +1,252 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_dane_enable</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa, SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_dane_enable(SSL_CTX *ctx);
+ int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+                            uint8_t mtype, uint8_t ord);
+ int SSL_dane_enable(SSL *s, const char *basedomain);
+ int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+                       uint8_t mtype, unsigned const char *data, size_t dlen);
+ int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+ int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+                        uint8_t *mtype, unsigned const char **data,
+                        size_t *dlen);
+ unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+ unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+ unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions implement support for DANE TLSA (RFC6698 and RFC7671) peer authentication.</p>
+
+<p>SSL_CTX_dane_enable() must be called first to initialize the shared state required for DANE support. Individual connections associated with the context can then enable per-connection DANE support as appropriate. DANE authentication is implemented in the <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> function, and applications that override <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> via <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a> are responsible to authenticate the peer chain in whatever manner they see fit.</p>
+
+<p>SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context.</p>
+
+<p>The <b>mtype</b> argument specifies a DANE TLSA matching type and the <b>md</b> argument specifies the associated digest algorithm handle. The <b>ord</b> argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. Specifying a <b>NULL</b> digest algorithm for a matching type disables support for that matching type. Matching type Full(0) cannot be modified or disabled.</p>
+
+<p>By default, matching type <code>SHA2-256(1)</code> (see RFC7218 for definitions of the DANE TLSA parameter acronyms) is mapped to <code>EVP_sha256()</code> with a strength ordinal of <code>1</code> and matching type <code>SHA2-512(2)</code> is mapped to <code>EVP_sha512()</code> with a strength ordinal of <code>2</code>.</p>
+
+<p>SSL_dane_enable() must be called before the SSL handshake is initiated with <a href="../man3/SSL_connect.html">SSL_connect(3)</a> if (and only if) you want to enable DANE for that connection. (The connection must be associated with a DANE-enabled SSL context). The <b>basedomain</b> argument specifies the RFC7671 TLSA base domain, which will be the primary peer reference identifier for certificate name checks. Additional server names can be specified via <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>. The <b>basedomain</b> is used as the default SNI hint if none has yet been specified via <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>.</p>
+
+<p>SSL_dane_tlsa_add() may then be called one or more times, to load each of the TLSA records that apply to the remote TLS peer. (This too must be done prior to the beginning of the SSL handshake). The arguments specify the fields of the TLSA record. The <b>data</b> field is provided in binary (wire RDATA) form, not the hexadecimal ASCII presentation form, with an explicit length passed via <b>dlen</b>. The library takes a copy of the <b>data</b> buffer contents and the caller may free the original <b>data</b> buffer when convenient. A return value of 0 indicates that &quot;unusable&quot; TLSA records (with invalid or unsupported parameters) were provided. A negative return value indicates an internal error in processing the record.</p>
+
+<p>The caller is expected to check the return value of each SSL_dane_tlsa_add() call and take appropriate action if none are usable or an internal error is encountered in processing some records.</p>
+
+<p>If no TLSA records are added successfully, DANE authentication is not enabled, and authentication will be based on any configured traditional trust-anchors; authentication success in this case does not mean that the peer was DANE-authenticated.</p>
+
+<p>SSL_get0_dane_authority() can be used to get more detailed information about the matched DANE trust-anchor after successful connection completion. The return value is negative if DANE verification failed (or was not enabled), 0 if an EE TLSA record directly matched the leaf certificate, or a positive number indicating the depth at which a TA record matched an issuer certificate. The complete verified chain can be retrieved via <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>. The return value is an index into this verified chain, rather than the list of certificates sent by the peer as returned by <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>.</p>
+
+<p>If the <b>mcert</b> argument is not <b>NULL</b> and a TLSA record matched a chain certificate, a pointer to the matching certificate is returned via <b>mcert</b>. The returned address is a short-term internal reference to the certificate and must not be freed by the application. Applications that want to retain access to the certificate can call <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a> to obtain a long-term reference which must then be freed via <a href="../man3/X509_free.html">X509_free(3)</a> once no longer needed.</p>
+
+<p>If no TLSA records directly matched any elements of the certificate chain, but a DANE-TA(2) SPKI(1) Full(0) record provided the public key that signed an element of the chain, then that key is returned via <b>mspki</b> argument (if not NULL). In this case the return value is the depth of the top-most element of the validated certificate chain. As with <b>mcert</b> this is a short-term internal reference, and <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a> and <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a> can be used to acquire and release long-term references respectively.</p>
+
+<p>SSL_get0_dane_tlsa() can be used to retrieve the fields of the TLSA record that matched the peer certificate chain. The return value indicates the match depth or failure to match just as with SSL_get0_dane_authority(). When the return value is non-negative, the storage pointed to by the <b>usage</b>, <b>selector</b>, <b>mtype</b> and <b>data</b> parameters is updated to the corresponding TLSA record fields. The <b>data</b> field is in binary wire form, and is therefore not NUL-terminated, its length is returned via the <b>dlen</b> parameter. If any of these parameters is NULL, the corresponding field is not returned. The <b>data</b> parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content.</p>
+
+<p>SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable optional DANE verification features. SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable the same features. The <b>flags</b> argument is a bitmask of the features to enable or disable. The <b>flags</b> set for an <b>SSL_CTX</b> context are copied to each <b>SSL</b> handle associated with that context at the time the handle is created. Subsequent changes in the context&#39;s <b>flags</b> have no effect on the <b>flags</b> set for the handle.</p>
+
+<p>At present, the only available option is <b>DANE_FLAG_NO_DANE_EE_NAMECHECKS</b> which can be used to disable server name checks when authenticating via DANE-EE(3) TLSA records. For some applications, primarily web browsers, it is not safe to disable name checks due to &quot;unknown key share&quot; attacks, in which a malicious server can convince a client that a connection to a victim server is instead a secure connection to the malicious server. The malicious server may then be able to violate cross-origin scripting restrictions. Thus, despite the text of RFC7671, name checks are by default enabled for DANE-EE(3) TLSA records, and can be disabled in applications where it is safe to do so. In particular, SMTP and XMPP clients should set this option as SRV and MX records already make it possible for a remote domain to redirect client connections to any server of its choice, and in any case SMTP and XMPP clients do not execute scripts downloaded from remote servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), SSL_dane_enable() and SSL_dane_tlsa_add() return a positive value on success. Negative return values indicate resource problems (out of memory, etc.) in the SSL library, while a return value of <b>0</b> indicates incorrect usage or invalid input, such as an unsupported TLSA record certificate usage, selector or matching type. Invalid input also includes malformed data, either a digest length that does not match the digest algorithm, or a <code>Full(0)</code> (binary ASN.1 DER form) certificate or a public key that fails to parse.</p>
+
+<p>The functions SSL_get0_dane_authority() and SSL_get0_dane_tlsa() return a negative value when DANE authentication failed or was not enabled, a non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer.</p>
+
+<p>The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), SSL_dane_set_flags() and SSL_dane_clear_flags() return the <b>flags</b> in effect before they were called.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;, and has DNSSEC-validated TLSA records. The calls below will perform DANE authentication and arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_CTX *ctx;
+ SSL *ssl;
+ int (*verify_cb)(int ok, X509_STORE_CTX *sctx) = NULL;
+ int num_usable = 0;
+ const char *nexthop_domain = &quot;example.com&quot;;
+ const char *dane_tlsa_domain = &quot;smtp.example.com&quot;;
+ uint8_t usage, selector, mtype;
+
+ if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+     /* error */
+ if (SSL_CTX_dane_enable(ctx) &lt;= 0)
+     /* error */
+ if ((ssl = SSL_new(ctx)) == NULL)
+     /* error */
+ if (SSL_dane_enable(ssl, dane_tlsa_domain) &lt;= 0)
+     /* error */
+
+ /*
+  * For many applications it is safe to skip DANE-EE(3) namechecks.  Do not
+  * disable the checks unless &quot;unknown key share&quot; attacks pose no risk for
+  * your application.
+  */
+ SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS);
+
+ if (!SSL_add1_host(ssl, nexthop_domain))
+     /* error */
+ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+
+ for (... each TLSA record ...) {
+     unsigned char *data;
+     size_t len;
+     int ret;
+
+     /* set usage, selector, mtype, data, len */
+
+     /*
+      * Opportunistic DANE TLS clients support only DANE-TA(2) or DANE-EE(3).
+      * They treat all other certificate usages, and in particular PKIX-TA(0)
+      * and PKIX-EE(1), as unusable.
+      */
+     switch (usage) {
+     default:
+     case 0:     /* PKIX-TA(0) */
+     case 1:     /* PKIX-EE(1) */
+         continue;
+     case 2:     /* DANE-TA(2) */
+     case 3:     /* DANE-EE(3) */
+         break;
+     }
+
+     ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len);
+     /* free data as appropriate */
+
+     if (ret &lt; 0)
+         /* handle SSL library internal error */
+     else if (ret == 0)
+         /* handle unusable TLSA record */
+     else
+         ++num_usable;
+ }
+
+ /*
+  * At this point, the verification mode is still the default SSL_VERIFY_NONE.
+  * Opportunistic DANE clients use unauthenticated TLS when all TLSA records
+  * are unusable, so continue the handshake even if authentication fails.
+  */
+ if (num_usable == 0) {
+     /* Log all records unusable? */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+     SSL_set_verify(ssl, SSL_VERIFY_NONE, verify_cb);
+ } else {
+     /* At least one usable record.  We expect to verify the peer */
+
+     /* Optionally set verify_cb to a suitable non-NULL callback. */
+
+     /*
+      * Below we elect to fail the handshake when peer verification fails.
+      * Alternatively, use the permissive SSL_VERIFY_NONE verification mode,
+      * complete the handshake, check the verification status, and if not
+      * verified disconnect gracefully at the application layer, especially if
+      * application protocol supports informing the server that authentication
+      * failed.
+      */
+     SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
+ }
+
+ /*
+  * Load any saved session for resumption, making sure that the previous
+  * session applied the same security and authentication requirements that
+  * would be expected of a fresh connection.
+  */
+
+ /* Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_session_reused(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /*
+          * Resumed session was originally verified, this connection is
+          * authenticated.
+          */
+     } else {
+         /*
+          * Resumed session was not originally verified, this connection is not
+          * authenticated.
+          */
+     }
+ } else if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+     EVP_PKEY *mspki = NULL;
+
+     int depth = SSL_get0_dane_authority(ssl, NULL, &amp;mspki);
+     if (depth &gt;= 0) {
+         (void) SSL_get0_dane_tlsa(ssl, &amp;usage, &amp;selector, &amp;mtype, NULL, NULL);
+         printf(&quot;DANE TLSA %d %d %d %s at depth %d\n&quot;, usage, selector, mtype,
+                (mspki != NULL) ? &quot;TA public key verified certificate&quot; :
+                depth ? &quot;matched TA certificate&quot; : &quot;matched EE certificate&quot;,
+                depth);
+     }
+     if (peername != NULL) {
+         /* Name checks were in scope and matched the peername */
+         printf(&quot;Verified peername: %s\n&quot;, peername);
+     }
+ } else {
+     /*
+      * Not authenticated, presumably all TLSA rrs unusable, but possibly a
+      * callback suppressed connection termination despite the presence of
+      * usable TLSA RRs none of which matched.  Do whatever is appropriate for
+      * fresh unauthenticated connections.
+      */
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>It is expected that the majority of clients employing DANE TLS will be doing &quot;opportunistic DANE TLS&quot; in the sense of RFC7672 and RFC7435. That is, they will use DANE authentication when DNSSEC-validated TLSA records are published for a given peer, and otherwise will use unauthenticated TLS or even cleartext.</p>
+
+<p>Such applications should generally treat any TLSA records published by the peer with usages PKIX-TA(0) and PKIX-EE(1) as &quot;unusable&quot;, and should not include them among the TLSA records used to authenticate peer connections. In addition, some TLSA records with supported usages may be &quot;unusable&quot; as a result of invalid or unsupported parameters.</p>
+
+<p>When a peer has TLSA records, but none are &quot;usable&quot;, an opportunistic application must avoid cleartext, but cannot authenticate the peer, and so should generally proceed with an unauthenticated connection. Opportunistic applications need to note the return value of each call to SSL_dane_tlsa_add(), and if all return 0 (due to invalid or unsupported parameters) disable peer authentication by calling <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> with <b>mode</b> equal to <b>SSL_VERIFY_NONE</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_add1_host.html">SSL_add1_host(3)</a>, <a href="../man3/SSL_set_hostflags.html">SSL_set_hostflags(3)</a>, <a href="../man3/SSL_set_tlsext_host_name.html">SSL_set_tlsext_host_name(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get0_verified_chain.html">SSL_get0_verified_chain(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_get0_peername.html">SSL_get0_peername(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>, <a href="../man3/EVP_get_digestbyname.html">EVP_get_digestbyname(3)</a>, <a href="../man3/EVP_PKEY_up_ref.html">EVP_PKEY_up_ref(3)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_next_proto_negotiated.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_next_proto_negotiated.html
new file mode 100644
index 000000000..2c1cda006
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_next_proto_negotiated.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_alpn_select_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb, SSL_CTX_set_next_protos_advertised_cb, SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated - handle application layer protocol negotiation (ALPN)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                             unsigned int protos_len);
+ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                         unsigned int protos_len);
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                 int (*cb) (SSL *ssl,
+                                            const unsigned char **out,
+                                            unsigned char *outlen,
+                                            const unsigned char *in,
+                                            unsigned int inlen,
+                                            void *arg), void *arg);
+ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                            int (*cb)(SSL *ssl,
+                                                      const unsigned char **out,
+                                                      unsigned int *outlen,
+                                                      void *arg),
+                                            void *arg);
+ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                               int (*cb)(SSL *s,
+                                         unsigned char **out,
+                                         unsigned char *outlen,
+                                         const unsigned char *in,
+                                         unsigned int inlen,
+                                         void *arg),
+                               void *arg);
+ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           const unsigned char *server,
+                           unsigned int server_len,
+                           const unsigned char *client,
+                           unsigned int client_len)
+ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                             unsigned *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to set the list of protocols available to be negotiated. The <b>protos</b> must be in protocol-list format, described below. The length of <b>protos</b> is specified in <b>protos_len</b>.</p>
+
+<p>SSL_CTX_set_alpn_select_cb() sets the application callback <b>cb</b> used by a server to select which protocol to use for the incoming connection. When <b>cb</b> is NULL, ALPN is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p><b>cb</b> is the application defined callback. The <b>in</b>, <b>inlen</b> parameters are a vector in protocol-list format. The value of the <b>out</b>, <b>outlen</b> vector should be set to the value of a single protocol selected from the <b>in</b>, <b>inlen</b> vector. The <b>out</b> buffer may point directly into <b>in</b>, or to a buffer that outlives the handshake. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_alpn_select_cb().</p>
+
+<p>SSL_select_next_proto() is a helper function used to select protocols. It implements the standard protocol selection. It is expected that this function is called from the application callback <b>cb</b>. The protocol data in <b>server</b>, <b>server_len</b> and <b>client</b>, <b>client_len</b> must be in the protocol-list format described below. The first item in the <b>server</b>, <b>server_len</b> list that matches an item in the <b>client</b>, <b>client_len</b> list is selected, and returned in <b>out</b>, <b>outlen</b>. The <b>out</b> value will point into either <b>server</b> or <b>client</b>, so it should be copied immediately. If no match is found, the first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>. This function can also be used in the NPN callback.</p>
+
+<p>SSL_CTX_set_next_proto_select_cb() sets a callback <b>cb</b> that is called when a client needs to select a protocol from the server&#39;s provided list, and a user-defined pointer argument <b>arg</b> which will be passed to this callback. For the callback itself, <b>out</b> must be set to point to the selected protocol (which may be within <b>in</b>). The length of the protocol name must be written into <b>outlen</b>. The server&#39;s advertised protocols are provided in <b>in</b> and <b>inlen</b>. The callback can assume that <b>in</b> is syntactically valid. The client must select a protocol. It is fatal to the connection if this callback returns a value other than <b>SSL_TLSEXT_ERR_OK</b>. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().</p>
+
+<p>SSL_CTX_set_next_protos_advertised_cb() sets a callback <b>cb</b> that is called when a TLS server needs a list of supported protocols for Next Protocol Negotiation. The returned list must be in protocol-list format, described below. The list is returned by setting <b>out</b> to point to it and <b>outlen</b> to its length. This memory will not be modified, but the <b>SSL</b> does keep a reference to it. The callback should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<p>SSL_get0_alpn_selected() returns a pointer to the selected protocol in <b>data</b> with length <b>len</b>. It is not NUL-terminated. <b>data</b> is set to NULL and <b>len</b> is set to 0 if no protocol has been selected. <b>data</b> must not be freed.</p>
+
+<p>SSL_get0_next_proto_negotiated() sets <b>data</b> and <b>len</b> to point to the client&#39;s requested protocol for this connection. If the client did not request any protocol or NPN is not enabled, then <b>data</b> is set to NULL and <b>len</b> to 0. Note that the client can request any protocol it chooses. The value returned from this function need not be a member of the list of supported protocols provided by the callback.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. The length of the vector is not in the vector itself, but in a separate variable.</p>
+
+<p>Example:</p>
+
+<pre><code> unsigned char vector[] = {
+     6, &#39;s&#39;, &#39;p&#39;, &#39;d&#39;, &#39;y&#39;, &#39;/&#39;, &#39;1&#39;,
+     8, &#39;h&#39;, &#39;t&#39;, &#39;t&#39;, &#39;p&#39;, &#39;/&#39;, &#39;1&#39;, &#39;.&#39;, &#39;1&#39;
+ };
+ unsigned int length = sizeof(vector);</code></pre>
+
+<p>The ALPN callback is executed after the servername callback; as that servername callback may update the SSL_CTX, and subsequently, the ALPN callback.</p>
+
+<p>If there is no ALPN proposed in the ClientHello, the ALPN callback is not invoked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and non-0 on failure. WARNING: these functions reverse the return value convention.</p>
+
+<p>SSL_select_next_proto() returns one of the following:</p>
+
+<dl>
+
+<dt id="OPENSSL_NPN_NEGOTIATED">OPENSSL_NPN_NEGOTIATED</dt>
+<dd>
+
+<p>A match was found and is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+<dt id="OPENSSL_NPN_NO_OVERLAP">OPENSSL_NPN_NO_OVERLAP</dt>
+<dd>
+
+<p>No match was found. The first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+</dl>
+
+<p>The ALPN select callback <b>cb</b>, must return one of the following:</p>
+
+<dl>
+
+<dt id="SSL_TLSEXT_ERR_OK">SSL_TLSEXT_ERR_OK</dt>
+<dd>
+
+<p>ALPN protocol selected.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_ALERT_FATAL">SSL_TLSEXT_ERR_ALERT_FATAL</dt>
+<dd>
+
+<p>There was no overlap between the client&#39;s supplied list and the server configuration.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_NOACK">SSL_TLSEXT_ERR_NOACK</dt>
+<dd>
+
+<p>ALPN protocol not selected, e.g., because no ALPN protocols are configured for this connection.</p>
+
+</dd>
+</dl>
+
+<p>The callback set using SSL_CTX_set_next_proto_select_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if successful. Any other value is fatal to the connection.</p>
+
+<p>The callback set using SSL_CTX_set_next_protos_advertised_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_arg.html">SSL_CTX_set_tlsext_servername_arg(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_param.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_param.html
new file mode 100644
index 000000000..8eafcb4e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_param.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get0_param</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get0_param, SSL_get0_param, SSL_CTX_set1_param, SSL_set1_param - get and set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
+ X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+ int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
+ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get0_param() and SSL_get0_param() retrieve an internal pointer to the verification parameters for <b>ctx</b> or <b>ssl</b> respectively. The returned pointer must not be freed by the calling application.</p>
+
+<p>SSL_CTX_set1_param() and SSL_set1_param() set the verification parameters to <b>vpm</b> for <b>ctx</b> or <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Typically parameters are retrieved from an <b>SSL_CTX</b> or <b>SSL</b> structure using SSL_CTX_get0_param() or SSL_get0_param() and an application modifies them to suit its needs: for example to add a hostname check.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Check hostname matches &quot;www.foo.com&quot; in peer certificate:</p>
+
+<pre><code> X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl);
+ X509_VERIFY_PARAM_set1_host(vpm, &quot;www.foo.com&quot;, 0);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get0_param() and SSL_get0_param() return a pointer to an <b>X509_VERIFY_PARAM</b> structure.</p>
+
+<p>SSL_CTX_set1_param() and SSL_set1_param() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peer_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peer_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peer_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peer_scts.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peer_scts.html
new file mode 100644
index 000000000..9fff2b60d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peer_scts.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get0_peer_scts</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get0_peer_scts - get SCTs received</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const STACK_OF(SCT) *SSL_get0_peer_scts(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get0_peer_scts() returns the signed certificate timestamps (SCTs) that have been received. If this is the first time that this function has been called for a given <b>SSL</b> instance, it will examine the TLS extensions, OCSP response and the peer&#39;s certificate for SCTs. Future calls will return the same SCTs.</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>If no Certificate Transparency validation callback has been set (using <b>SSL_CTX_set_ct_validation_callback</b> or <b>SSL_set_ct_validation_callback</b>), this function is not guaranteed to return all of the SCTs that the peer is capable of sending.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get0_peer_scts() returns a list of SCTs found, or NULL if an error occurs.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_ct_validation_callback.html">SSL_CTX_set_ct_validation_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peername.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peername.html
new file mode 100644
index 000000000..84dbeba9e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_peername.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set1_host</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set1_host, SSL_add1_host, SSL_set_hostflags, SSL_get0_peername - SSL server verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set1_host(SSL *s, const char *hostname);
+ int SSL_add1_host(SSL *s, const char *hostname);
+ void SSL_set_hostflags(SSL *s, unsigned int flags);
+ const char *SSL_get0_peername(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions configure server hostname checks in the SSL client.</p>
+
+<p>SSL_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or the empty string the list of hostnames is cleared, and name checks are not performed on the peer certificate. When a non-empty <b>name</b> is specified, certificate verification automatically checks the peer hostname via <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with <b>flags</b> as specified via SSL_set_hostflags(). Clients that enable DANE TLSA authentication via <a href="../man3/SSL_dane_enable.html">SSL_dane_enable(3)</a> should leave it to that function to set the primary reference identifier of the peer, and should not call SSL_set1_host().</p>
+
+<p>SSL_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via SSL_set1_host() or SSL_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches. This function is required for DANE TLSA in the presence of service name indirection via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or RFC7673.</p>
+
+<p>SSL_set_hostflags() sets the <b>flags</b> that will be passed to <a href="../man3/X509_check_host.html">X509_check_host(3)</a> when name checks are applicable, by default the <b>flags</b> value is 0. See <a href="../man3/X509_check_host.html">X509_check_host(3)</a> for the list of available flags and their meaning.</p>
+
+<p>SSL_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, the name matched in the peer certificate may be a wildcard name. When one of the reference identifiers configured via SSL_set1_host() or SSL_add1_host() starts with &quot;.&quot;, which indicates a parent domain prefix rather than a fixed name, the matched peer name may be a sub-domain of the reference identifier. The returned string is allocated by the library and is no longer valid once the associated <b>ssl</b> handle is cleared or freed, or a renegotiation takes place. Applications must not free the return value.</p>
+
+<p>SSL clients are advised to use these functions in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>. Hostname checks may be out of scope with the RFC7671 DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE is enabled.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set1_host() and SSL_add1_host() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peername() returns NULL if peername verification is not applicable (as with RFC7671 DANE-EE(3)), or no trusted peername was matched. Otherwise, it returns the matched peername. To determine whether verification succeeded call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;. The calls below will arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+ if (!SSL_set1_host(ssl, &quot;smtp.example.com&quot;))
+     /* error */
+ if (!SSL_add1_host(ssl, &quot;example.com&quot;))
+     /* error */
+
+ /* XXX: Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+
+     if (peername != NULL)
+         /* Name checks were in scope and matched the peername */
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>. <a href="../man3/SSL_dane_enable.html">SSL_dane_enable(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_security_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_security_ex_data.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_security_ex_data.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_session.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_session.html
new file mode 100644
index 000000000..d9b4c7986
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_session.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_session</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_session, SSL_get0_session, SSL_get1_session - retrieve TLS/SSL session data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *SSL_get_session(const SSL *ssl);
+ SSL_SESSION *SSL_get0_session(const SSL *ssl);
+ SSL_SESSION *SSL_get1_session(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_session() returns a pointer to the <b>SSL_SESSION</b> actually used in <b>ssl</b>. The reference count of the <b>SSL_SESSION</b> is not incremented, so that the pointer can become invalid by other operations.</p>
+
+<p>SSL_get0_session() is the same as SSL_get_session().</p>
+
+<p>SSL_get1_session() is the same as SSL_get_session(), but the reference count of the <b>SSL_SESSION</b> is incremented by one.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ssl session contains all information required to re-establish the connection without a full handshake for SSL versions up to and including TLSv1.2. In TLSv1.3 the same is true, but sessions are established after the main handshake has occurred. The server will send the session information to the client at a time of its choosing, which may be some while after the initial connection is established (or never). Calling these functions on the client side in TLSv1.3 before the session has been established will still return an SSL_SESSION object but that object cannot be used for resuming the session. See <a href="../man3/SSL_SESSION_is_resumable.html">SSL_SESSION_is_resumable(3)</a> for information on how to determine whether an SSL_SESSION object can be used for resumption or not.</p>
+
+<p>Additionally, in TLSv1.3, a server can send multiple messages that establish a session for a single connection. In that case the above functions will only return information on the last session that was received.</p>
+
+<p>The preferred way for applications to obtain a resumable SSL_SESSION object is to use a new session callback as described in <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a>. The new session callback is only invoked when a session is actually established, so this avoids the problem described above where an application obtains an SSL_SESSION object that cannot be used for resumption in TLSv1.3. It also enables applications to obtain information about all sessions sent by the server.</p>
+
+<p>A session will be automatically removed from the session cache and marked as non-resumable if the connection is not closed down cleanly, e.g. if a fatal error occurs on the connection or <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> is not called prior to <a href="../man3/SSL_free.html">SSL_free(3)</a>.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once.</p>
+
+<p>SSL_get0_session() returns a pointer to the actual session. As the reference counter is not incremented, the pointer is only valid while the connection is in use. If <a href="../man3/SSL_clear.html">SSL_clear(3)</a> or <a href="../man3/SSL_free.html">SSL_free(3)</a> is called, the session may be removed completely (if considered bad), and the pointer obtained will become invalid. Even if the session is valid, it can be removed at any time due to timeout during <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>.</p>
+
+<p>If the data is to be kept, SSL_get1_session() will increment the reference count, so that the session will not be implicitly removed by other operations but stays in memory. In order to remove the session <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a> must be explicitly called once to decrement the reference count again.</p>
+
+<p>SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object&#39;s session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>There is no session available in <b>ssl</b>.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_SESSION">Pointer to an SSL_SESSION</dt>
+<dd>
+
+<p>The return value points to the data of an SSL session.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get0_verified_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_verified_chain.html
new file mode 100644
index 000000000..ef0b886fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get0_verified_chain.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_cert_chain</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_cert_chain, SSL_get0_verified_chain - get the X509 certificate chain of the peer</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
+ STACK_OF(X509) *SSL_get0_verified_chain(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certificates forming the certificate chain sent by the peer. If called on the client side, the stack also contains the peer&#39;s certificate; if called on the server side, the peer&#39;s certificate must be obtained separately using <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>. If the peer did not present a certificate, NULL is returned.</p>
+
+<p>NB: SSL_get_peer_cert_chain() returns the peer chain as sent by the peer: it only consists of certificates the peer has sent (in the order the peer has sent them) it is <b>not</b> a verified chain.</p>
+
+<p>SSL_get0_verified_chain() returns the <b>verified</b> certificate chain of the peer including the peer&#39;s end entity certificate. It must be called after a session has been successfully established. If peer verification was not successful (as indicated by SSL_get_verify_result() not returning X509_V_OK) the chain may be incomplete or invalid.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If the session is resumed peers do not send certificates so a NULL pointer is returned by these functions. Applications can call SSL_session_reused() to determine whether a session is resumed.</p>
+
+<p>The reference count of each certificate in the returned STACK_OF(X509) object is not incremented and the returned stack may be invalidated by renegotiation. If applications wish to use any certificates in the returned chain indefinitely they must increase the reference counts using X509_up_ref() or obtain a copy of the whole chain with X509_chain_up_ref().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>No certificate was presented by the peer or no connection was established or the certificate chain is no longer available when a session is reused.</p>
+
+</dd>
+<dt id="Pointer-to-a-STACK_OF-X509">Pointer to a STACK_OF(X509)</dt>
+<dd>
+
+<p>The return value points to the certificate chain presented by the peer.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_chain_up_ref.html">X509_chain_up_ref(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get1_curves.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get1_curves.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get1_curves.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get1_groups.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get1_groups.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get1_groups.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get1_session.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get1_session.html
new file mode 100644
index 000000000..d9b4c7986
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get1_session.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_session</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_session, SSL_get0_session, SSL_get1_session - retrieve TLS/SSL session data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *SSL_get_session(const SSL *ssl);
+ SSL_SESSION *SSL_get0_session(const SSL *ssl);
+ SSL_SESSION *SSL_get1_session(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_session() returns a pointer to the <b>SSL_SESSION</b> actually used in <b>ssl</b>. The reference count of the <b>SSL_SESSION</b> is not incremented, so that the pointer can become invalid by other operations.</p>
+
+<p>SSL_get0_session() is the same as SSL_get_session().</p>
+
+<p>SSL_get1_session() is the same as SSL_get_session(), but the reference count of the <b>SSL_SESSION</b> is incremented by one.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ssl session contains all information required to re-establish the connection without a full handshake for SSL versions up to and including TLSv1.2. In TLSv1.3 the same is true, but sessions are established after the main handshake has occurred. The server will send the session information to the client at a time of its choosing, which may be some while after the initial connection is established (or never). Calling these functions on the client side in TLSv1.3 before the session has been established will still return an SSL_SESSION object but that object cannot be used for resuming the session. See <a href="../man3/SSL_SESSION_is_resumable.html">SSL_SESSION_is_resumable(3)</a> for information on how to determine whether an SSL_SESSION object can be used for resumption or not.</p>
+
+<p>Additionally, in TLSv1.3, a server can send multiple messages that establish a session for a single connection. In that case the above functions will only return information on the last session that was received.</p>
+
+<p>The preferred way for applications to obtain a resumable SSL_SESSION object is to use a new session callback as described in <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a>. The new session callback is only invoked when a session is actually established, so this avoids the problem described above where an application obtains an SSL_SESSION object that cannot be used for resumption in TLSv1.3. It also enables applications to obtain information about all sessions sent by the server.</p>
+
+<p>A session will be automatically removed from the session cache and marked as non-resumable if the connection is not closed down cleanly, e.g. if a fatal error occurs on the connection or <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> is not called prior to <a href="../man3/SSL_free.html">SSL_free(3)</a>.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once.</p>
+
+<p>SSL_get0_session() returns a pointer to the actual session. As the reference counter is not incremented, the pointer is only valid while the connection is in use. If <a href="../man3/SSL_clear.html">SSL_clear(3)</a> or <a href="../man3/SSL_free.html">SSL_free(3)</a> is called, the session may be removed completely (if considered bad), and the pointer obtained will become invalid. Even if the session is valid, it can be removed at any time due to timeout during <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>.</p>
+
+<p>If the data is to be kept, SSL_get1_session() will increment the reference count, so that the session will not be implicitly removed by other operations but stays in memory. In order to remove the session <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a> must be explicitly called once to decrement the reference count again.</p>
+
+<p>SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object&#39;s session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>There is no session available in <b>ssl</b>.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_SESSION">Pointer to an SSL_SESSION</dt>
+<dd>
+
+<p>The return value points to the data of an SSL session.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get1_supported_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get1_supported_ciphers.html
new file mode 100644
index 000000000..4230a6de9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get1_supported_ciphers.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get1_supported_ciphers, SSL_get_client_ciphers, SSL_get_ciphers, SSL_CTX_get_ciphers, SSL_bytes_to_cipher_list, SSL_get_cipher_list, SSL_get_shared_ciphers - get list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+ STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *ssl);
+ int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len,
+                              int isv2format, STACK_OF(SSL_CIPHER) **sk,
+                              STACK_OF(SSL_CIPHER) **scsvs);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ssl</b>, sorted by preference. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_CTX_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ctx</b>.</p>
+
+<p>SSL_get1_supported_ciphers() returns the stack of enabled SSL_CIPHERs for <b>ssl</b> as would be sent in a ClientHello (that is, sorted by preference). The list depends on settings like the cipher list, the supported protocol versions, the security level, and the enabled signature algorithms. SRP and PSK ciphers are only enabled if the appropriate callbacks or settings have been applied. The list of ciphers that would be sent in a ClientHello can differ from the list of ciphers that would be acceptable when acting as a server. For example, additional ciphers may be usable by a server if there is a gap in the list of supported protocols, and some ciphers may not be usable by a server if there is not a suitable certificate configured. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_get_client_ciphers() returns the stack of available SSL_CIPHERs matching the list received from the client on <b>ssl</b>. If <b>ssl</b> is NULL, no ciphers are available, or <b>ssl</b> is not operating in server mode, NULL is returned.</p>
+
+<p>SSL_bytes_to_cipher_list() treats the supplied <b>len</b> octets in <b>bytes</b> as a wire-protocol cipher suite specification (in the three-octet-per-cipher SSLv2 wire format if <b>isv2format</b> is nonzero; otherwise the two-octet SSLv3/TLS wire format), and parses the cipher suites supported by the library into the returned stacks of SSL_CIPHER objects sk and Signalling Cipher-Suite Values scsvs. Unsupported cipher suites are ignored. Returns 1 on success and 0 on failure.</p>
+
+<p>SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER listed for <b>ssl</b> with <b>priority</b>. If <b>ssl</b> is NULL, no ciphers are available, or there are less ciphers than <b>priority</b> available, NULL is returned.</p>
+
+<p>SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of SSL_CIPHER names that are available in both the client and the server. <b>buf</b> is the buffer that should be populated with the list of names and <b>size</b> is the size of that buffer. A pointer to <b>buf</b> is returned on success or NULL on error. If the supplied buffer is not large enough to contain the complete list of names then a truncated list of names will be returned. Note that just because a ciphersuite is available (i.e. it is configured in the cipher list) and shared by both the client and the server it does not mean that it is enabled (see the description of SSL_get1_supported_ciphers() above). This function will return available shared ciphersuites whether or not they are enabled. This is a server side function only and must only be called after the completion of the initial handshake.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers() SSL_get1_supported_ciphers() and SSL_get_client_ciphers() can be obtained using the <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> family of functions.</p>
+
+<p>Call SSL_get_cipher_list() with <b>priority</b> starting from 0 to obtain the sorted list of available ciphers, until NULL is returned.</p>
+
+<p>Note: SSL_get_ciphers(), SSL_CTX_get_ciphers() and SSL_get_client_ciphers() return a pointer to an internal cipher stack, which will be freed later on when the SSL or SSL_SESSION object is freed. Therefore, the calling code <b>MUST NOT</b> free the return value itself.</p>
+
+<p>The stack returned by SSL_get1_supported_ciphers() should be freed using sk_SSL_CIPHER_free().</p>
+
+<p>The stacks returned by SSL_bytes_to_cipher_list() should be freed using sk_SSL_CIPHER_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_SSL_CTX.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_SSL_CTX.html
new file mode 100644
index 000000000..546426e46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_SSL_CTX.html
@@ -0,0 +1,56 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_SSL_CTX</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_SSL_CTX - get the SSL_CTX from which an SSL is created</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_SSL_CTX() returns a pointer to the SSL_CTX object, from which <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The pointer to the SSL_CTX object is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_all_async_fds.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_all_async_fds.html
new file mode 100644
index 000000000..d1d1b3a49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_all_async_fds.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_all_async_fds</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_waiting_for_async, SSL_get_all_async_fds, SSL_get_changed_async_fds - manage asynchronous operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ int SSL_waiting_for_async(SSL *s);
+ int SSL_get_all_async_fds(SSL *s, OSSL_ASYNC_FD *fd, size_t *numfds);
+ int SSL_get_changed_async_fds(SSL *s, OSSL_ASYNC_FD *addfd, size_t *numaddfds,
+                               OSSL_ASYNC_FD *delfd, size_t *numdelfds);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_waiting_for_async() determines whether an SSL connection is currently waiting for asynchronous operations to complete (see the SSL_MODE_ASYNC mode in <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>).</p>
+
+<p>SSL_get_all_async_fds() returns a list of file descriptor which can be used in a call to select() or poll() to determine whether the current asynchronous operation has completed or not. A completed operation will result in data appearing as &quot;read ready&quot; on the file descriptor (no actual data should be read from the file descriptor). This function should only be called if the SSL object is currently waiting for asynchronous work to complete (i.e. SSL_ERROR_WANT_ASYNC has been received - see <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>). Typically the list will only contain one file descriptor. However if multiple asynchronous capable engines are in use then more than one is possible. The number of file descriptors returned is stored in <b>*numfds</b> and the file descriptors themselves are in <b>*fds</b>. The <b>fds</b> parameter may be NULL in which case no file descriptors are returned but <b>*numfds</b> is still populated. It is the callers responsibility to ensure sufficient memory is allocated at <b>*fds</b> so typically this function is called twice (once with a NULL <b>fds</b> parameter and once without).</p>
+
+<p>SSL_get_changed_async_fds() returns a list of the asynchronous file descriptors that have been added and a list that have been deleted since the last SSL_ERROR_WANT_ASYNC was received (or since the SSL object was created if no SSL_ERROR_WANT_ASYNC has been received). Similar to SSL_get_all_async_fds() it is the callers responsibility to ensure that <b>*addfd</b> and <b>*delfd</b> have sufficient memory allocated, although they may be NULL. The number of added fds and the number of deleted fds are stored in <b>*numaddfds</b> and <b>*numdelfds</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_waiting_for_async() will return 1 if the current SSL operation is waiting for an async operation to complete and 0 otherwise.</p>
+
+<p>SSL_get_all_async_fds() and SSL_get_changed_async_fds() return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_waiting_for_async(), SSL_get_all_async_fds() and SSL_get_changed_async_fds() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_changed_async_fds.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_changed_async_fds.html
new file mode 100644
index 000000000..d1d1b3a49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_changed_async_fds.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_all_async_fds</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_waiting_for_async, SSL_get_all_async_fds, SSL_get_changed_async_fds - manage asynchronous operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ int SSL_waiting_for_async(SSL *s);
+ int SSL_get_all_async_fds(SSL *s, OSSL_ASYNC_FD *fd, size_t *numfds);
+ int SSL_get_changed_async_fds(SSL *s, OSSL_ASYNC_FD *addfd, size_t *numaddfds,
+                               OSSL_ASYNC_FD *delfd, size_t *numdelfds);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_waiting_for_async() determines whether an SSL connection is currently waiting for asynchronous operations to complete (see the SSL_MODE_ASYNC mode in <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>).</p>
+
+<p>SSL_get_all_async_fds() returns a list of file descriptor which can be used in a call to select() or poll() to determine whether the current asynchronous operation has completed or not. A completed operation will result in data appearing as &quot;read ready&quot; on the file descriptor (no actual data should be read from the file descriptor). This function should only be called if the SSL object is currently waiting for asynchronous work to complete (i.e. SSL_ERROR_WANT_ASYNC has been received - see <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>). Typically the list will only contain one file descriptor. However if multiple asynchronous capable engines are in use then more than one is possible. The number of file descriptors returned is stored in <b>*numfds</b> and the file descriptors themselves are in <b>*fds</b>. The <b>fds</b> parameter may be NULL in which case no file descriptors are returned but <b>*numfds</b> is still populated. It is the callers responsibility to ensure sufficient memory is allocated at <b>*fds</b> so typically this function is called twice (once with a NULL <b>fds</b> parameter and once without).</p>
+
+<p>SSL_get_changed_async_fds() returns a list of the asynchronous file descriptors that have been added and a list that have been deleted since the last SSL_ERROR_WANT_ASYNC was received (or since the SSL object was created if no SSL_ERROR_WANT_ASYNC has been received). Similar to SSL_get_all_async_fds() it is the callers responsibility to ensure that <b>*addfd</b> and <b>*delfd</b> have sufficient memory allocated, although they may be NULL. The number of added fds and the number of deleted fds are stored in <b>*numaddfds</b> and <b>*numdelfds</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_waiting_for_async() will return 1 if the current SSL operation is waiting for an async operation to complete and 0 otherwise.</p>
+
+<p>SSL_get_all_async_fds() and SSL_get_changed_async_fds() return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_waiting_for_async(), SSL_get_all_async_fds() and SSL_get_changed_async_fds() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher.html
new file mode 100644
index 000000000..877a067d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_current_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_current_cipher, SSL_get_cipher_name, SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, SSL_get_pending_cipher - get SSL_CIPHER of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+ SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl);
+
+ const char *SSL_get_cipher_name(const SSL *s);
+ const char *SSL_get_cipher(const SSL *s);
+ int SSL_get_cipher_bits(const SSL *s, int *np);
+ const char *SSL_get_cipher_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_current_cipher() returns a pointer to an SSL_CIPHER object containing the description of the actually used cipher of a connection established with the <b>ssl</b> object. See <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> for more details.</p>
+
+<p>SSL_get_cipher_name() obtains the name of the currently used cipher. SSL_get_cipher() is identical to SSL_get_cipher_name(). SSL_get_cipher_bits() is a macro to obtain the number of secret/algorithm bits used and SSL_get_cipher_version() returns the protocol name.</p>
+
+<p>SSL_get_pending_cipher() returns a pointer to an SSL_CIPHER object containing the description of the cipher (if any) that has been negotiated for future use on the connection established with the <b>ssl</b> object, but is not yet in use. This may be the case during handshake processing, when control flow can be returned to the application via any of several callback methods. The internal sequencing of handshake processing and callback invocation is not guaranteed to be stable from release to release, and at present only the callback set by SSL_CTX_set_alpn_select_cb() is guaranteed to have a non-NULL return value. Other callbacks may be added to this list over time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_current_cipher() returns the cipher actually used, or NULL if no session has been established.</p>
+
+<p>SSL_get_pending_cipher() returns the cipher to be used at the next change of cipher suite, or NULL if no such cipher is known.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, and SSL_get_cipher_name are implemented as macros.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_bits.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_bits.html
new file mode 100644
index 000000000..877a067d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_bits.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_current_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_current_cipher, SSL_get_cipher_name, SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, SSL_get_pending_cipher - get SSL_CIPHER of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+ SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl);
+
+ const char *SSL_get_cipher_name(const SSL *s);
+ const char *SSL_get_cipher(const SSL *s);
+ int SSL_get_cipher_bits(const SSL *s, int *np);
+ const char *SSL_get_cipher_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_current_cipher() returns a pointer to an SSL_CIPHER object containing the description of the actually used cipher of a connection established with the <b>ssl</b> object. See <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> for more details.</p>
+
+<p>SSL_get_cipher_name() obtains the name of the currently used cipher. SSL_get_cipher() is identical to SSL_get_cipher_name(). SSL_get_cipher_bits() is a macro to obtain the number of secret/algorithm bits used and SSL_get_cipher_version() returns the protocol name.</p>
+
+<p>SSL_get_pending_cipher() returns a pointer to an SSL_CIPHER object containing the description of the cipher (if any) that has been negotiated for future use on the connection established with the <b>ssl</b> object, but is not yet in use. This may be the case during handshake processing, when control flow can be returned to the application via any of several callback methods. The internal sequencing of handshake processing and callback invocation is not guaranteed to be stable from release to release, and at present only the callback set by SSL_CTX_set_alpn_select_cb() is guaranteed to have a non-NULL return value. Other callbacks may be added to this list over time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_current_cipher() returns the cipher actually used, or NULL if no session has been established.</p>
+
+<p>SSL_get_pending_cipher() returns the cipher to be used at the next change of cipher suite, or NULL if no such cipher is known.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, and SSL_get_cipher_name are implemented as macros.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_list.html
new file mode 100644
index 000000000..4230a6de9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_list.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get1_supported_ciphers, SSL_get_client_ciphers, SSL_get_ciphers, SSL_CTX_get_ciphers, SSL_bytes_to_cipher_list, SSL_get_cipher_list, SSL_get_shared_ciphers - get list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+ STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *ssl);
+ int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len,
+                              int isv2format, STACK_OF(SSL_CIPHER) **sk,
+                              STACK_OF(SSL_CIPHER) **scsvs);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ssl</b>, sorted by preference. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_CTX_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ctx</b>.</p>
+
+<p>SSL_get1_supported_ciphers() returns the stack of enabled SSL_CIPHERs for <b>ssl</b> as would be sent in a ClientHello (that is, sorted by preference). The list depends on settings like the cipher list, the supported protocol versions, the security level, and the enabled signature algorithms. SRP and PSK ciphers are only enabled if the appropriate callbacks or settings have been applied. The list of ciphers that would be sent in a ClientHello can differ from the list of ciphers that would be acceptable when acting as a server. For example, additional ciphers may be usable by a server if there is a gap in the list of supported protocols, and some ciphers may not be usable by a server if there is not a suitable certificate configured. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_get_client_ciphers() returns the stack of available SSL_CIPHERs matching the list received from the client on <b>ssl</b>. If <b>ssl</b> is NULL, no ciphers are available, or <b>ssl</b> is not operating in server mode, NULL is returned.</p>
+
+<p>SSL_bytes_to_cipher_list() treats the supplied <b>len</b> octets in <b>bytes</b> as a wire-protocol cipher suite specification (in the three-octet-per-cipher SSLv2 wire format if <b>isv2format</b> is nonzero; otherwise the two-octet SSLv3/TLS wire format), and parses the cipher suites supported by the library into the returned stacks of SSL_CIPHER objects sk and Signalling Cipher-Suite Values scsvs. Unsupported cipher suites are ignored. Returns 1 on success and 0 on failure.</p>
+
+<p>SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER listed for <b>ssl</b> with <b>priority</b>. If <b>ssl</b> is NULL, no ciphers are available, or there are less ciphers than <b>priority</b> available, NULL is returned.</p>
+
+<p>SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of SSL_CIPHER names that are available in both the client and the server. <b>buf</b> is the buffer that should be populated with the list of names and <b>size</b> is the size of that buffer. A pointer to <b>buf</b> is returned on success or NULL on error. If the supplied buffer is not large enough to contain the complete list of names then a truncated list of names will be returned. Note that just because a ciphersuite is available (i.e. it is configured in the cipher list) and shared by both the client and the server it does not mean that it is enabled (see the description of SSL_get1_supported_ciphers() above). This function will return available shared ciphersuites whether or not they are enabled. This is a server side function only and must only be called after the completion of the initial handshake.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers() SSL_get1_supported_ciphers() and SSL_get_client_ciphers() can be obtained using the <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> family of functions.</p>
+
+<p>Call SSL_get_cipher_list() with <b>priority</b> starting from 0 to obtain the sorted list of available ciphers, until NULL is returned.</p>
+
+<p>Note: SSL_get_ciphers(), SSL_CTX_get_ciphers() and SSL_get_client_ciphers() return a pointer to an internal cipher stack, which will be freed later on when the SSL or SSL_SESSION object is freed. Therefore, the calling code <b>MUST NOT</b> free the return value itself.</p>
+
+<p>The stack returned by SSL_get1_supported_ciphers() should be freed using sk_SSL_CIPHER_free().</p>
+
+<p>The stacks returned by SSL_bytes_to_cipher_list() should be freed using sk_SSL_CIPHER_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_name.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_name.html
new file mode 100644
index 000000000..877a067d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_name.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_current_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_current_cipher, SSL_get_cipher_name, SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, SSL_get_pending_cipher - get SSL_CIPHER of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+ SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl);
+
+ const char *SSL_get_cipher_name(const SSL *s);
+ const char *SSL_get_cipher(const SSL *s);
+ int SSL_get_cipher_bits(const SSL *s, int *np);
+ const char *SSL_get_cipher_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_current_cipher() returns a pointer to an SSL_CIPHER object containing the description of the actually used cipher of a connection established with the <b>ssl</b> object. See <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> for more details.</p>
+
+<p>SSL_get_cipher_name() obtains the name of the currently used cipher. SSL_get_cipher() is identical to SSL_get_cipher_name(). SSL_get_cipher_bits() is a macro to obtain the number of secret/algorithm bits used and SSL_get_cipher_version() returns the protocol name.</p>
+
+<p>SSL_get_pending_cipher() returns a pointer to an SSL_CIPHER object containing the description of the cipher (if any) that has been negotiated for future use on the connection established with the <b>ssl</b> object, but is not yet in use. This may be the case during handshake processing, when control flow can be returned to the application via any of several callback methods. The internal sequencing of handshake processing and callback invocation is not guaranteed to be stable from release to release, and at present only the callback set by SSL_CTX_set_alpn_select_cb() is guaranteed to have a non-NULL return value. Other callbacks may be added to this list over time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_current_cipher() returns the cipher actually used, or NULL if no session has been established.</p>
+
+<p>SSL_get_pending_cipher() returns the cipher to be used at the next change of cipher suite, or NULL if no such cipher is known.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, and SSL_get_cipher_name are implemented as macros.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_version.html
new file mode 100644
index 000000000..877a067d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_cipher_version.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_current_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_current_cipher, SSL_get_cipher_name, SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, SSL_get_pending_cipher - get SSL_CIPHER of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+ SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl);
+
+ const char *SSL_get_cipher_name(const SSL *s);
+ const char *SSL_get_cipher(const SSL *s);
+ int SSL_get_cipher_bits(const SSL *s, int *np);
+ const char *SSL_get_cipher_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_current_cipher() returns a pointer to an SSL_CIPHER object containing the description of the actually used cipher of a connection established with the <b>ssl</b> object. See <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> for more details.</p>
+
+<p>SSL_get_cipher_name() obtains the name of the currently used cipher. SSL_get_cipher() is identical to SSL_get_cipher_name(). SSL_get_cipher_bits() is a macro to obtain the number of secret/algorithm bits used and SSL_get_cipher_version() returns the protocol name.</p>
+
+<p>SSL_get_pending_cipher() returns a pointer to an SSL_CIPHER object containing the description of the cipher (if any) that has been negotiated for future use on the connection established with the <b>ssl</b> object, but is not yet in use. This may be the case during handshake processing, when control flow can be returned to the application via any of several callback methods. The internal sequencing of handshake processing and callback invocation is not guaranteed to be stable from release to release, and at present only the callback set by SSL_CTX_set_alpn_select_cb() is guaranteed to have a non-NULL return value. Other callbacks may be added to this list over time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_current_cipher() returns the cipher actually used, or NULL if no session has been established.</p>
+
+<p>SSL_get_pending_cipher() returns the cipher to be used at the next change of cipher suite, or NULL if no such cipher is known.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, and SSL_get_cipher_name are implemented as macros.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_ciphers.html
new file mode 100644
index 000000000..4230a6de9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_ciphers.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get1_supported_ciphers, SSL_get_client_ciphers, SSL_get_ciphers, SSL_CTX_get_ciphers, SSL_bytes_to_cipher_list, SSL_get_cipher_list, SSL_get_shared_ciphers - get list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+ STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *ssl);
+ int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len,
+                              int isv2format, STACK_OF(SSL_CIPHER) **sk,
+                              STACK_OF(SSL_CIPHER) **scsvs);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ssl</b>, sorted by preference. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_CTX_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ctx</b>.</p>
+
+<p>SSL_get1_supported_ciphers() returns the stack of enabled SSL_CIPHERs for <b>ssl</b> as would be sent in a ClientHello (that is, sorted by preference). The list depends on settings like the cipher list, the supported protocol versions, the security level, and the enabled signature algorithms. SRP and PSK ciphers are only enabled if the appropriate callbacks or settings have been applied. The list of ciphers that would be sent in a ClientHello can differ from the list of ciphers that would be acceptable when acting as a server. For example, additional ciphers may be usable by a server if there is a gap in the list of supported protocols, and some ciphers may not be usable by a server if there is not a suitable certificate configured. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_get_client_ciphers() returns the stack of available SSL_CIPHERs matching the list received from the client on <b>ssl</b>. If <b>ssl</b> is NULL, no ciphers are available, or <b>ssl</b> is not operating in server mode, NULL is returned.</p>
+
+<p>SSL_bytes_to_cipher_list() treats the supplied <b>len</b> octets in <b>bytes</b> as a wire-protocol cipher suite specification (in the three-octet-per-cipher SSLv2 wire format if <b>isv2format</b> is nonzero; otherwise the two-octet SSLv3/TLS wire format), and parses the cipher suites supported by the library into the returned stacks of SSL_CIPHER objects sk and Signalling Cipher-Suite Values scsvs. Unsupported cipher suites are ignored. Returns 1 on success and 0 on failure.</p>
+
+<p>SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER listed for <b>ssl</b> with <b>priority</b>. If <b>ssl</b> is NULL, no ciphers are available, or there are less ciphers than <b>priority</b> available, NULL is returned.</p>
+
+<p>SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of SSL_CIPHER names that are available in both the client and the server. <b>buf</b> is the buffer that should be populated with the list of names and <b>size</b> is the size of that buffer. A pointer to <b>buf</b> is returned on success or NULL on error. If the supplied buffer is not large enough to contain the complete list of names then a truncated list of names will be returned. Note that just because a ciphersuite is available (i.e. it is configured in the cipher list) and shared by both the client and the server it does not mean that it is enabled (see the description of SSL_get1_supported_ciphers() above). This function will return available shared ciphersuites whether or not they are enabled. This is a server side function only and must only be called after the completion of the initial handshake.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers() SSL_get1_supported_ciphers() and SSL_get_client_ciphers() can be obtained using the <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> family of functions.</p>
+
+<p>Call SSL_get_cipher_list() with <b>priority</b> starting from 0 to obtain the sorted list of available ciphers, until NULL is returned.</p>
+
+<p>Note: SSL_get_ciphers(), SSL_CTX_get_ciphers() and SSL_get_client_ciphers() return a pointer to an internal cipher stack, which will be freed later on when the SSL or SSL_SESSION object is freed. Therefore, the calling code <b>MUST NOT</b> free the return value itself.</p>
+
+<p>The stack returned by SSL_get1_supported_ciphers() should be freed using sk_SSL_CIPHER_free().</p>
+
+<p>The stacks returned by SSL_bytes_to_cipher_list() should be freed using sk_SSL_CIPHER_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_ciphers.html
new file mode 100644
index 000000000..4230a6de9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_ciphers.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get1_supported_ciphers, SSL_get_client_ciphers, SSL_get_ciphers, SSL_CTX_get_ciphers, SSL_bytes_to_cipher_list, SSL_get_cipher_list, SSL_get_shared_ciphers - get list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+ STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *ssl);
+ int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len,
+                              int isv2format, STACK_OF(SSL_CIPHER) **sk,
+                              STACK_OF(SSL_CIPHER) **scsvs);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ssl</b>, sorted by preference. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_CTX_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ctx</b>.</p>
+
+<p>SSL_get1_supported_ciphers() returns the stack of enabled SSL_CIPHERs for <b>ssl</b> as would be sent in a ClientHello (that is, sorted by preference). The list depends on settings like the cipher list, the supported protocol versions, the security level, and the enabled signature algorithms. SRP and PSK ciphers are only enabled if the appropriate callbacks or settings have been applied. The list of ciphers that would be sent in a ClientHello can differ from the list of ciphers that would be acceptable when acting as a server. For example, additional ciphers may be usable by a server if there is a gap in the list of supported protocols, and some ciphers may not be usable by a server if there is not a suitable certificate configured. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_get_client_ciphers() returns the stack of available SSL_CIPHERs matching the list received from the client on <b>ssl</b>. If <b>ssl</b> is NULL, no ciphers are available, or <b>ssl</b> is not operating in server mode, NULL is returned.</p>
+
+<p>SSL_bytes_to_cipher_list() treats the supplied <b>len</b> octets in <b>bytes</b> as a wire-protocol cipher suite specification (in the three-octet-per-cipher SSLv2 wire format if <b>isv2format</b> is nonzero; otherwise the two-octet SSLv3/TLS wire format), and parses the cipher suites supported by the library into the returned stacks of SSL_CIPHER objects sk and Signalling Cipher-Suite Values scsvs. Unsupported cipher suites are ignored. Returns 1 on success and 0 on failure.</p>
+
+<p>SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER listed for <b>ssl</b> with <b>priority</b>. If <b>ssl</b> is NULL, no ciphers are available, or there are less ciphers than <b>priority</b> available, NULL is returned.</p>
+
+<p>SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of SSL_CIPHER names that are available in both the client and the server. <b>buf</b> is the buffer that should be populated with the list of names and <b>size</b> is the size of that buffer. A pointer to <b>buf</b> is returned on success or NULL on error. If the supplied buffer is not large enough to contain the complete list of names then a truncated list of names will be returned. Note that just because a ciphersuite is available (i.e. it is configured in the cipher list) and shared by both the client and the server it does not mean that it is enabled (see the description of SSL_get1_supported_ciphers() above). This function will return available shared ciphersuites whether or not they are enabled. This is a server side function only and must only be called after the completion of the initial handshake.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers() SSL_get1_supported_ciphers() and SSL_get_client_ciphers() can be obtained using the <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> family of functions.</p>
+
+<p>Call SSL_get_cipher_list() with <b>priority</b> starting from 0 to obtain the sorted list of available ciphers, until NULL is returned.</p>
+
+<p>Note: SSL_get_ciphers(), SSL_CTX_get_ciphers() and SSL_get_client_ciphers() return a pointer to an internal cipher stack, which will be freed later on when the SSL or SSL_SESSION object is freed. Therefore, the calling code <b>MUST NOT</b> free the return value itself.</p>
+
+<p>The stack returned by SSL_get1_supported_ciphers() should be freed using sk_SSL_CIPHER_free().</p>
+
+<p>The stacks returned by SSL_bytes_to_cipher_list() should be freed using sk_SSL_CIPHER_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_random.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_random.html
new file mode 100644
index 000000000..036807b3c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_client_random.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_client_random</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key, SSL_SESSION_set1_master_key - get internal TLS/SSL random values and get/set master key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen);
+ size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen);
+ size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
+                                   unsigned char *out, size_t outlen);
+ int SSL_SESSION_set1_master_key(SSL_SESSION *sess, const unsigned char *in,
+                                 size_t len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_client_random() extracts the random value sent from the client to the server during the initial SSL/TLS handshake. It copies as many bytes as it can of this value into the buffer provided in <b>out</b>, which must have at least <b>outlen</b> bytes available. It returns the total number of bytes that were actually copied. If <b>outlen</b> is zero, SSL_get_client_random() copies nothing, and returns the total size of the client_random value.</p>
+
+<p>SSL_get_server_random() behaves the same, but extracts the random value sent from the server to the client during the initial SSL/TLS handshake.</p>
+
+<p>SSL_SESSION_get_master_key() behaves the same, but extracts the master secret used to guarantee the security of the SSL/TLS session. This one can be dangerous if misused; see NOTES below.</p>
+
+<p>SSL_SESSION_set1_master_key() sets the master key value associated with the SSL_SESSION <b>sess</b>. For example, this could be used to set up a session based PSK (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). The master key of length <b>len</b> should be provided at <b>in</b>. The supplied master key is copied by the function, so the caller is responsible for freeing and cleaning any memory associated with <b>in</b>. The caller must ensure that the length of the key is suitable for the ciphersuite associated with the SSL_SESSION.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>You probably shouldn&#39;t use these functions.</p>
+
+<p>These functions expose internal values from the TLS handshake, for use in low-level protocols. You probably should not use them, unless you are implementing something that needs access to the internal protocol details.</p>
+
+<p>Despite the names of SSL_get_client_random() and SSL_get_server_random(), they ARE NOT random number generators. Instead, they return the mostly-random values that were already generated and used in the TLS protocol. Using them in place of RAND_bytes() would be grossly foolish.</p>
+
+<p>The security of your TLS session depends on keeping the master key secret: do not expose it, or any information about it, to anybody. If you need to calculate another secret value that depends on the master secret, you should probably use SSL_export_keying_material() instead, and forget that you ever saw these functions.</p>
+
+<p>In current versions of the TLS protocols, the length of client_random (and also server_random) is always SSL3_RANDOM_SIZE bytes. Support for other outlen arguments to the SSL_get_*_random() functions is provided in case of the unlikely event that a future version or variant of TLS uses some other length there.</p>
+
+<p>Finally, though the &quot;client_random&quot; and &quot;server_random&quot; values are called &quot;random&quot;, many TLS implementations will generate four bytes of those values based on their view of the current time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_set1_master_key() returns 1 on success or 0 on failure.</p>
+
+<p>For the other functions, if <b>outlen</b> is greater than 0 then these functions return the number of bytes actually copied, which will be less than or equal to <b>outlen</b>. If <b>outlen</b> is 0 then these functions return the maximum number of bytes they would copy -- that is, the length of the underlying field.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_current_cipher.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_current_cipher.html
new file mode 100644
index 000000000..877a067d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_current_cipher.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_current_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_current_cipher, SSL_get_cipher_name, SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, SSL_get_pending_cipher - get SSL_CIPHER of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+ SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl);
+
+ const char *SSL_get_cipher_name(const SSL *s);
+ const char *SSL_get_cipher(const SSL *s);
+ int SSL_get_cipher_bits(const SSL *s, int *np);
+ const char *SSL_get_cipher_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_current_cipher() returns a pointer to an SSL_CIPHER object containing the description of the actually used cipher of a connection established with the <b>ssl</b> object. See <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> for more details.</p>
+
+<p>SSL_get_cipher_name() obtains the name of the currently used cipher. SSL_get_cipher() is identical to SSL_get_cipher_name(). SSL_get_cipher_bits() is a macro to obtain the number of secret/algorithm bits used and SSL_get_cipher_version() returns the protocol name.</p>
+
+<p>SSL_get_pending_cipher() returns a pointer to an SSL_CIPHER object containing the description of the cipher (if any) that has been negotiated for future use on the connection established with the <b>ssl</b> object, but is not yet in use. This may be the case during handshake processing, when control flow can be returned to the application via any of several callback methods. The internal sequencing of handshake processing and callback invocation is not guaranteed to be stable from release to release, and at present only the callback set by SSL_CTX_set_alpn_select_cb() is guaranteed to have a non-NULL return value. Other callbacks may be added to this list over time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_current_cipher() returns the cipher actually used, or NULL if no session has been established.</p>
+
+<p>SSL_get_pending_cipher() returns the cipher to be used at the next change of cipher suite, or NULL if no such cipher is known.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, and SSL_get_cipher_name are implemented as macros.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_passwd_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_passwd_cb.html
new file mode 100644
index 000000000..7351cd5a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_passwd_cb.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_default_passwd_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata, SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata, SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata, SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or get passwd callback for encrypted PEM file handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
+ void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_passwd_cb() sets the default password callback called when loading/storing a PEM certificate with encryption.</p>
+
+<p>SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata, <b>u</b>, which will be provided to the password callback on invocation.</p>
+
+<p>SSL_CTX_get_default_passwd_cb() returns a function pointer to the password callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to the userdata currently set in <b>ctx</b>. If no userdata was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(), SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform the same function as their SSL_CTX counterparts, but using an SSL object.</p>
+
+<p>The password callback, which must be provided by the application, hands back the password to be used during decryption. On invocation a pointer to userdata is provided. The function must store the password into the provided buffer <b>buf</b> which is of size <b>size</b>. The actual length of the password must be returned to the calling function. <b>rwflag</b> indicates whether the callback is used for reading/decryption (rwflag=0) or writing/encryption (rwflag=1). For more details, see <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When loading or storing private keys, a password might be supplied to protect the private key. The way this password can be supplied may depend on the application. If only one private key is handled, it can be practical to have the callback handle the password dialog interactively. If several keys have to be handled, it can be practical to ask for the password once, then keep it in memory and use it several times. In the last case, the password could be stored into the userdata storage and the callback only returns the password already stored.</p>
+
+<p>When asking for the password interactively, the callback can use <b>rwflag</b> to check, whether an item shall be encrypted (rwflag=1). In this case the password dialog may ask for the same password twice for comparison in order to catch typos, that would make decryption impossible.</p>
+
+<p>Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not provide diagnostic information.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example returns the password provided as userdata to the calling function. The password is considered to be a &#39;\0&#39; terminated string. If the password does not fit into the buffer, the password is truncated.</p>
+
+<pre><code> int my_cb(char *buf, int size, int rwflag, void *u)
+ {
+     strncpy(buf, (char *)u, size);
+     buf[size - 1] = &#39;\0&#39;;
+     return strlen(buf);
+ }</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(), SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_passwd_cb_userdata.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_passwd_cb_userdata.html
new file mode 100644
index 000000000..7351cd5a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_passwd_cb_userdata.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_default_passwd_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata, SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata, SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata, SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or get passwd callback for encrypted PEM file handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
+ void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_passwd_cb() sets the default password callback called when loading/storing a PEM certificate with encryption.</p>
+
+<p>SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata, <b>u</b>, which will be provided to the password callback on invocation.</p>
+
+<p>SSL_CTX_get_default_passwd_cb() returns a function pointer to the password callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to the userdata currently set in <b>ctx</b>. If no userdata was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(), SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform the same function as their SSL_CTX counterparts, but using an SSL object.</p>
+
+<p>The password callback, which must be provided by the application, hands back the password to be used during decryption. On invocation a pointer to userdata is provided. The function must store the password into the provided buffer <b>buf</b> which is of size <b>size</b>. The actual length of the password must be returned to the calling function. <b>rwflag</b> indicates whether the callback is used for reading/decryption (rwflag=0) or writing/encryption (rwflag=1). For more details, see <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When loading or storing private keys, a password might be supplied to protect the private key. The way this password can be supplied may depend on the application. If only one private key is handled, it can be practical to have the callback handle the password dialog interactively. If several keys have to be handled, it can be practical to ask for the password once, then keep it in memory and use it several times. In the last case, the password could be stored into the userdata storage and the callback only returns the password already stored.</p>
+
+<p>When asking for the password interactively, the callback can use <b>rwflag</b> to check, whether an item shall be encrypted (rwflag=1). In this case the password dialog may ask for the same password twice for comparison in order to catch typos, that would make decryption impossible.</p>
+
+<p>Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not provide diagnostic information.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example returns the password provided as userdata to the calling function. The password is considered to be a &#39;\0&#39; terminated string. If the password does not fit into the buffer, the password is truncated.</p>
+
+<pre><code> int my_cb(char *buf, int size, int rwflag, void *u)
+ {
+     strncpy(buf, (char *)u, size);
+     buf[size - 1] = &#39;\0&#39;;
+     return strlen(buf);
+ }</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(), SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_timeout.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_timeout.html
new file mode 100644
index 000000000..b0057123c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_default_timeout.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_default_timeout</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_default_timeout - get default session timeout value</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_get_default_timeout(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_default_timeout() returns the default timeout value assigned to SSL_SESSION objects negotiated for the protocol valid for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Whenever a new session is negotiated, it is assigned a timeout value, after which it will not be accepted for session reuse. If the timeout value was not explicitly set using <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, the hardcoded default timeout for the protocol will be used.</p>
+
+<p>SSL_get_default_timeout() return this hardcoded value, which is 300 seconds for all currently supported protocols.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See description.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_early_data_status.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_early_data_status.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_early_data_status.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_error.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_error.html
new file mode 100644
index 000000000..83be5bbd5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_error.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_error - obtain result code for TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_error(const SSL *ssl, int ret);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_error() returns a result code (suitable for the C &quot;switch&quot; statement) for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(), SSL_read_ex(), SSL_read(), SSL_peek_ex(), SSL_peek(), SSL_write_ex() or SSL_write() on <b>ssl</b>. The value returned by that TLS/SSL I/O function must be passed to SSL_get_error() in parameter <b>ret</b>.</p>
+
+<p>In addition to <b>ssl</b> and <b>ret</b>, SSL_get_error() inspects the current thread&#39;s OpenSSL error queue. Thus, SSL_get_error() must be used in the same thread that performed the TLS/SSL I/O operation, and no other OpenSSL function calls should appear in between. The current thread&#39;s error queue must be empty before the TLS/SSL I/O operation is attempted, or SSL_get_error() will not work reliably.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur:</p>
+
+<dl>
+
+<dt id="SSL_ERROR_NONE">SSL_ERROR_NONE</dt>
+<dd>
+
+<p>The TLS/SSL I/O operation completed. This result code is returned if and only if <b>ret &gt; 0</b>.</p>
+
+</dd>
+<dt id="SSL_ERROR_ZERO_RETURN">SSL_ERROR_ZERO_RETURN</dt>
+<dd>
+
+<p>The TLS/SSL peer has closed the connection for writing by sending the close_notify alert. No more data can be read. Note that <b>SSL_ERROR_ZERO_RETURN</b> does not necessarily indicate that the underlying transport has been closed.</p>
+
+</dd>
+<dt id="SSL_ERROR_WANT_READ-SSL_ERROR_WANT_WRITE">SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE</dt>
+<dd>
+
+<p>The operation did not complete and can be retried later.</p>
+
+<p><b>SSL_ERROR_WANT_READ</b> is returned when the last operation was a read operation from a non-blocking <b>BIO</b>. It means that not enough data was available at this time to complete the operation. If at a later time the underlying <b>BIO</b> has data available for reading the same function can be called again.</p>
+
+<p>SSL_read() and SSL_read_ex() can also set <b>SSL_ERROR_WANT_READ</b> when there is still unprocessed data available at either the <b>SSL</b> or the <b>BIO</b> layer, even for a blocking <b>BIO</b>. See <a href="../man3/SSL_read.html">SSL_read(3)</a> for more information.</p>
+
+<p><b>SSL_ERROR_WANT_WRITE</b> is returned when the last operation was a write to a non-blocking <b>BIO</b> and it was unable to sent all data to the <b>BIO</b>. When the <b>BIO</b> is writeable again, the same function can be called again.</p>
+
+<p>Note that the retry may again lead to an <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b> condition. There is no fixed upper limit for the number of iterations that may be necessary until progress becomes visible at application protocol level.</p>
+
+<p>It is safe to call SSL_read() or SSL_read_ex() when more data is available even when the call that set this error was an SSL_write() or SSL_write_ex(). However if the call was an SSL_write() or SSL_write_ex(), it should be called again to continue sending the application data.</p>
+
+<p>For socket <b>BIO</b>s (e.g. when SSL_set_fd() was used), select() or poll() on the underlying socket can be used to find out when the TLS/SSL I/O function should be retried.</p>
+
+<p>Caveat: Any TLS/SSL I/O function can lead to either of <b>SSL_ERROR_WANT_READ</b> and <b>SSL_ERROR_WANT_WRITE</b>. In particular, SSL_read_ex(), SSL_read(), SSL_peek_ex(), or SSL_peek() may want to write data and SSL_write() or SSL_write_ex() may want to read data. This is mainly because TLS/SSL handshakes may occur at any time during the protocol (initiated by either the client or the server); SSL_read_ex(), SSL_read(), SSL_peek_ex(), SSL_peek(), SSL_write_ex(), and SSL_write() will handle any pending handshakes.</p>
+
+</dd>
+<dt id="SSL_ERROR_WANT_CONNECT-SSL_ERROR_WANT_ACCEPT">SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT</dt>
+<dd>
+
+<p>The operation did not complete; the same TLS/SSL I/O function should be called again later. The underlying BIO was not connected yet to the peer and the call would block in connect()/accept(). The SSL function should be called again when the connection is established. These messages can only appear with a BIO_s_connect() or BIO_s_accept() BIO, respectively. In order to find out, when the connection has been successfully established, on many platforms select() or poll() for writing on the socket file descriptor can be used.</p>
+
+</dd>
+<dt id="SSL_ERROR_WANT_X509_LOOKUP">SSL_ERROR_WANT_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. The TLS/SSL I/O function should be called again later. Details depend on the application.</p>
+
+</dd>
+<dt id="SSL_ERROR_WANT_ASYNC">SSL_ERROR_WANT_ASYNC</dt>
+<dd>
+
+<p>The operation did not complete because an asynchronous engine is still processing data. This will only occur if the mode has been set to SSL_MODE_ASYNC using <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> or <a href="../man3/SSL_set_mode.html">SSL_set_mode(3)</a> and an asynchronous capable engine is being used. An application can determine whether the engine has completed its processing using select() or poll() on the asynchronous wait file descriptor. This file descriptor is available by calling <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a> or <a href="../man3/SSL_get_changed_async_fds.html">SSL_get_changed_async_fds(3)</a>. The TLS/SSL I/O function should be called again later. The function <b>must</b> be called from the same thread that the original call was made from.</p>
+
+</dd>
+<dt id="SSL_ERROR_WANT_ASYNC_JOB">SSL_ERROR_WANT_ASYNC_JOB</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). This will only occur if the mode has been set to SSL_MODE_ASYNC using <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> or <a href="../man3/SSL_set_mode.html">SSL_set_mode(3)</a> and a maximum limit has been set on the async job pool through a call to <a href="../man3/ASYNC_init_thread.html">ASYNC_init_thread(3)</a>. The application should retry the operation after a currently executing asynchronous operation for the current thread has completed.</p>
+
+</dd>
+<dt id="SSL_ERROR_WANT_CLIENT_HELLO_CB">SSL_ERROR_WANT_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. The TLS/SSL I/O function should be called again later. Details depend on the application.</p>
+
+</dd>
+<dt id="SSL_ERROR_SYSCALL">SSL_ERROR_SYSCALL</dt>
+<dd>
+
+<p>Some non-recoverable, fatal I/O error occurred. The OpenSSL error queue may contain more information on the error. For socket I/O on Unix systems, consult <b>errno</b> for details. If this error occurs then no further I/O operations should be performed on the connection and SSL_shutdown() must not be called.</p>
+
+<p>This value can also be returned for other errors, check the error queue for details.</p>
+
+</dd>
+<dt id="SSL_ERROR_SSL">SSL_ERROR_SSL</dt>
+<dd>
+
+<p>A non-recoverable, fatal error in the SSL library occurred, usually a protocol error. The OpenSSL error queue contains more information on the error. If this error occurs then no further I/O operations should be performed on the connection and SSL_shutdown() must not be called.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_ERROR_WANT_ASYNC error code was added in OpenSSL 1.1.0. The SSL_ERROR_WANT_CLIENT_HELLO_CB error code was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_ex_data.html
new file mode 100644
index 000000000..4a6cbddd5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_ex_data.html
@@ -0,0 +1,64 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_ex_data, SSL_CTX_set_ex_data, SSL_get_ex_data, SSL_set_ex_data - Store and retrieve extra data from the SSL_CTX, SSL or SSL_SESSION</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);
+
+ int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg);
+
+ void *SSL_get_ex_data(const SSL *s, int idx);
+
+ int SSL_set_ex_data(SSL *s, int idx, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL*_set_ex_data() functions can be used to store arbitrary user data into the <b>SSL_CTX</b>, or <b>SSL</b> object. The user must supply a unique index which they can subsequently use to retrieve the data using SSL*_get_ex_data().</p>
+
+<p>For more detailed information see <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a> and <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a> which implement these functions and <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for generating a unique index.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_ex_data() functions return 1 if the item is successfully stored and 0 if it is not. The SSL*_get_ex_data() functions return the ex_data pointer if successful, otherwise NULL.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_ex_data_X509_STORE_CTX_idx.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_ex_data_X509_STORE_CTX_idx.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_ex_data_X509_STORE_CTX_idx.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_extms_support.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_extms_support.html
new file mode 100644
index 000000000..fc3a6cc48
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_extms_support.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_extms_support</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_extms_support - extended master secret support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_extms_support(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_extms_support() indicates whether the current session used extended master secret.</p>
+
+<p>This function is implemented as a macro.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_extms_support() returns 1 if the current session used extended master secret, 0 if it did not and -1 if a handshake is currently in progress i.e. it is not possible to determine if extended master secret was used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_fd.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_fd.html
new file mode 100644
index 000000000..62a631bdf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_fd.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_fd, SSL_get_rfd, SSL_get_wfd - get file descriptor linked to an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_fd(const SSL *ssl);
+ int SSL_get_rfd(const SSL *ssl);
+ int SSL_get_wfd(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_fd() returns the file descriptor which is linked to <b>ssl</b>. SSL_get_rfd() and SSL_get_wfd() return the file descriptors for the read or the write channel, which can be different. If the read and the write channel are different, SSL_get_fd() will return the file descriptor of the read channel.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod-1">-1</dt>
+<dd>
+
+<p>The operation failed, because the underlying BIO is not of the correct type (suitable for file descriptors).</p>
+
+</dd>
+<dt id="pod-0">&gt;=0</dt>
+<dd>
+
+<p>The file descriptor linked to <b>ssl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_fd.html">SSL_set_fd(3)</a>, <a href="../man7/ssl.html">ssl(7)</a> , <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_info_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_info_callback.html
new file mode 100644
index 000000000..1f7a32dbd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_info_callback.html
@@ -0,0 +1,186 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_info_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL_get_info_callback - handle information callback for SSL connections</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
+ void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
+
+ void SSL_set_info_callback(SSL *ssl, void (*callback)());
+ void (*SSL_get_info_callback(const SSL *ssl))();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_info_callback() sets the <b>callback</b> function, that can be used to obtain state information for SSL objects created from <b>ctx</b> during connection setup and use. The setting for <b>ctx</b> is overridden from the setting for a specific SSL object, if specified. When <b>callback</b> is NULL, no callback function is used.</p>
+
+<p>SSL_set_info_callback() sets the <b>callback</b> function, that can be used to obtain state information for <b>ssl</b> during connection setup and use. When <b>callback</b> is NULL, the callback setting currently valid for <b>ctx</b> is used.</p>
+
+<p>SSL_CTX_get_info_callback() returns a pointer to the currently set information callback function for <b>ctx</b>.</p>
+
+<p>SSL_get_info_callback() returns a pointer to the currently set information callback function for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When setting up a connection and during use, it is possible to obtain state information from the SSL/TLS engine. When set, an information callback function is called whenever a significant event occurs such as: the state changes, an alert appears, or an error occurs.</p>
+
+<p>The callback function is called as <b>callback(SSL *ssl, int where, int ret)</b>. The <b>where</b> argument specifies information about where (in which context) the callback function was called. If <b>ret</b> is 0, an error condition occurred. If an alert is handled, SSL_CB_ALERT is set and <b>ret</b> specifies the alert information.</p>
+
+<p><b>where</b> is a bitmask made up of the following bits:</p>
+
+<dl>
+
+<dt id="SSL_CB_LOOP">SSL_CB_LOOP</dt>
+<dd>
+
+<p>Callback has been called to indicate state change or some other significant state machine event. This may mean that the callback gets invoked more than once per state in some situations.</p>
+
+</dd>
+<dt id="SSL_CB_EXIT">SSL_CB_EXIT</dt>
+<dd>
+
+<p>Callback has been called to indicate exit of a handshake function. This will happen after the end of a handshake, but may happen at other times too such as on error or when IO might otherwise block and non-blocking is being used.</p>
+
+</dd>
+<dt id="SSL_CB_READ">SSL_CB_READ</dt>
+<dd>
+
+<p>Callback has been called during read operation.</p>
+
+</dd>
+<dt id="SSL_CB_WRITE">SSL_CB_WRITE</dt>
+<dd>
+
+<p>Callback has been called during write operation.</p>
+
+</dd>
+<dt id="SSL_CB_ALERT">SSL_CB_ALERT</dt>
+<dd>
+
+<p>Callback has been called due to an alert being sent or received.</p>
+
+</dd>
+<dt id="SSL_CB_READ_ALERT-SSL_CB_ALERT-SSL_CB_READ">SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_WRITE_ALERT-SSL_CB_ALERT-SSL_CB_WRITE">SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_ACCEPT_LOOP-SSL_ST_ACCEPT-SSL_CB_LOOP">SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_ACCEPT_EXIT-SSL_ST_ACCEPT-SSL_CB_EXIT">SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_CONNECT_LOOP-SSL_ST_CONNECT-SSL_CB_LOOP">SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_CONNECT_EXIT-SSL_ST_CONNECT-SSL_CB_EXIT">SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_HANDSHAKE_START">SSL_CB_HANDSHAKE_START</dt>
+<dd>
+
+<p>Callback has been called because a new handshake is started. It also occurs when resuming a handshake following a pause to handle early data.</p>
+
+</dd>
+<dt id="SSL_CB_HANDSHAKE_DONE">SSL_CB_HANDSHAKE_DONE</dt>
+<dd>
+
+<p>Callback has been called because a handshake is finished. It also occurs if the handshake is paused to allow the exchange of early data.</p>
+
+</dd>
+</dl>
+
+<p>The current state information can be obtained using the <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a> family of functions.</p>
+
+<p>The <b>ret</b> information can be evaluated using the <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a> family of functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_info_callback() does not provide diagnostic information.</p>
+
+<p>SSL_get_info_callback() returns the current setting.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example callback function prints state strings, information about alerts being handled and error messages to the <b>bio_err</b> BIO.</p>
+
+<pre><code> void apps_ssl_info_callback(SSL *s, int where, int ret)
+ {
+     const char *str;
+     int w = where &amp; ~SSL_ST_MASK;
+
+     if (w &amp; SSL_ST_CONNECT)
+         str = &quot;SSL_connect&quot;;
+     else if (w &amp; SSL_ST_ACCEPT)
+         str = &quot;SSL_accept&quot;;
+     else
+         str = &quot;undefined&quot;;
+
+     if (where &amp; SSL_CB_LOOP) {
+         BIO_printf(bio_err, &quot;%s:%s\n&quot;, str, SSL_state_string_long(s));
+     } else if (where &amp; SSL_CB_ALERT) {
+         str = (where &amp; SSL_CB_READ) ? &quot;read&quot; : &quot;write&quot;;
+         BIO_printf(bio_err, &quot;SSL3 alert %s:%s:%s\n&quot;, str,
+                    SSL_alert_type_string_long(ret),
+                    SSL_alert_desc_string_long(ret));
+     } else if (where &amp; SSL_CB_EXIT) {
+         if (ret == 0) {
+             BIO_printf(bio_err, &quot;%s:failed in %s\n&quot;,
+                        str, SSL_state_string_long(s));
+         } else if (ret &lt; 0) {
+             BIO_printf(bio_err, &quot;%s:error in %s\n&quot;,
+                        str, SSL_state_string_long(s));
+         }
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a>, <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_key_update_type.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_key_update_type.html
new file mode 100644
index 000000000..bb21045ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_key_update_type.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_key_update</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_key_update, SSL_get_key_update_type, SSL_renegotiate, SSL_renegotiate_abbreviated, SSL_renegotiate_pending - initiate and obtain information about updating connection keys</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_key_update(SSL *s, int updatetype);
+ int SSL_get_key_update_type(const SSL *s);
+
+ int SSL_renegotiate(SSL *s);
+ int SSL_renegotiate_abbreviated(SSL *s);
+ int SSL_renegotiate_pending(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_key_update() schedules an update of the keys for the current TLS connection. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_NOT_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change along with a request for the peer to additionally update its sending keys. It is an error if <b>updatetype</b> is set to <b>SSL_KEY_UPDATE_NONE</b>.</p>
+
+<p>SSL_key_update() must only be called after the initial handshake has been completed and TLSv1.3 has been negotiated. The key update will not take place until the next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection. Alternatively SSL_do_handshake() can be called to force the update to take place immediately.</p>
+
+<p>SSL_get_key_update_type() can be used to determine whether a key update operation has been scheduled but not yet performed. The type of the pending key update operation will be returned if there is one, or SSL_KEY_UPDATE_NONE otherwise.</p>
+
+<p>SSL_renegotiate() and SSL_renegotiate_abbreviated() should only be called for connections that have negotiated TLSv1.2 or less. Calling them on any other connection will result in an error.</p>
+
+<p>When called from the client side, SSL_renegotiate() schedules a completely new handshake over an existing SSL/TLS connection. The next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection a check will be performed to confirm that it is a suitable time to start a renegotiation. If so, then it will be initiated immediately. OpenSSL will not attempt to resume any session associated with the connection in the new handshake.</p>
+
+<p>When called from the client side, SSL_renegotiate_abbreviated() works in the same was as SSL_renegotiate() except that OpenSSL will attempt to resume the session associated with the current connection in the new handshake.</p>
+
+<p>When called from the server side, SSL_renegotiate() and SSL_renegotiate_abbreviated() behave identically. They both schedule a request for a new handshake to be sent to the client. The next time an IO operation is performed then the same checks as on the client side are performed and then, if appropriate, the request is sent. The client may or may not respond with a new handshake and it may or may not attempt to resume an existing session. If a new handshake is started then this will be handled transparently by calling any OpenSSL IO function.</p>
+
+<p>If an OpenSSL client receives a renegotiation request from a server then again this will be handled transparently through calling any OpenSSL IO function. For a TLS connection the client will attempt to resume the current session in the new handshake. For historical reasons, DTLS clients will not attempt to resume the session in the new handshake.</p>
+
+<p>The SSL_renegotiate_pending() function returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_key_update(), SSL_renegotiate() and SSL_renegotiate_abbreviated() return 1 on success or 0 on error.</p>
+
+<p>SSL_get_key_update_type() returns the update type of the pending key update operation or SSL_KEY_UPDATE_NONE if there is none.</p>
+
+<p>SSL_renegotiate_pending() returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_key_update() and SSL_get_key_update_type() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_cert_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_cert_list.html
new file mode 100644
index 000000000..5e23392bb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_cert_list.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_max_cert_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list - manipulate allowed size for the peer&#39;s certificate chain</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_cert_list(SSL_CTX *ctx, long size);
+ long SSL_CTX_get_max_cert_list(SSL_CTX *ctx);
+
+ long SSL_set_max_cert_list(SSL *ssl, long size);
+ long SSL_get_max_cert_list(SSL *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer&#39;s certificate chain for all SSL objects created from <b>ctx</b> to be &lt;size&gt; bytes. The SSL objects inherit the setting valid for <b>ctx</b> at the time <a href="../man3/SSL_new.html">SSL_new(3)</a> is being called.</p>
+
+<p>SSL_CTX_get_max_cert_list() returns the currently set maximum size for <b>ctx</b>.</p>
+
+<p>SSL_set_max_cert_list() sets the maximum size allowed for the peer&#39;s certificate chain for <b>ssl</b> to be &lt;size&gt; bytes. This setting stays valid until a new value is set.</p>
+
+<p>SSL_get_max_cert_list() returns the currently set maximum size for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During the handshake process, the peer may send a certificate chain. The TLS/SSL standard does not give any maximum size of the certificate chain. The OpenSSL library handles incoming data by a dynamically allocated buffer. In order to prevent this buffer from growing without bounds due to data received from a faulty or malicious peer, a maximum size for the certificate chain is set.</p>
+
+<p>The default value for the maximum certificate chain size is 100kB (30kB on the 16bit DOS platform). This should be sufficient for usual certificate chains (OpenSSL&#39;s default maximum chain length is 10, see <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, and certificates without special extensions have a typical size of 1-2kB).</p>
+
+<p>For special applications it can be necessary to extend the maximum certificate chain size allowed to be sent by the peer, see e.g. the work on &quot;Internet X.509 Public Key Infrastructure Proxy Certificate Profile&quot; and &quot;TLS Delegation Protocol&quot; at http://www.ietf.org/ and http://www.globus.org/ .</p>
+
+<p>Under normal conditions it should never be necessary to set a value smaller than the default, as the buffer is handled dynamically and only uses the memory actually required by the data sent by the peer.</p>
+
+<p>If the maximum certificate chain size allowed is exceeded, the handshake will fail with a SSL_R_EXCESSIVE_MESSAGE_SIZE error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_max_cert_list() and SSL_set_max_cert_list() return the previously set value.</p>
+
+<p>SSL_CTX_get_max_cert_list() and SSL_get_max_cert_list() return the currently set value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_proto_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_proto_version.html
new file mode 100644
index 000000000..a5aadff8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_max_proto_version.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_min_proto_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
+ int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
+
+ int SSL_set_min_proto_version(SSL *ssl, int version);
+ int SSL_set_max_proto_version(SSL *ssl, int version);
+ int SSL_get_min_proto_version(SSL *ssl);
+ int SSL_get_max_proto_version(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions get or set the minimum and maximum supported protocol versions for the <b>ctx</b> or <b>ssl</b>. This works in combination with the options set via <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.</p>
+
+<p>Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.</p>
+
+<p>Getters return 0 in case <b>ctx</b> or <b>ssl</b> have been configured to automatically use the lowest or highest version supported by the library.</p>
+
+<p>Currently supported versions are <b>SSL3_VERSION</b>, <b>TLS1_VERSION</b>, <b>TLS1_1_VERSION</b>, <b>TLS1_2_VERSION</b>, <b>TLS1_3_VERSION</b> for TLS and <b>DTLS1_VERSION</b>, <b>DTLS1_2_VERSION</b> for DTLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_min_proto_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_min_proto_version.html
new file mode 100644
index 000000000..a5aadff8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_min_proto_version.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_min_proto_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
+ int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
+
+ int SSL_set_min_proto_version(SSL *ssl, int version);
+ int SSL_set_max_proto_version(SSL *ssl, int version);
+ int SSL_get_min_proto_version(SSL *ssl);
+ int SSL_get_max_proto_version(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions get or set the minimum and maximum supported protocol versions for the <b>ctx</b> or <b>ssl</b>. This works in combination with the options set via <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.</p>
+
+<p>Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.</p>
+
+<p>Getters return 0 in case <b>ctx</b> or <b>ssl</b> have been configured to automatically use the lowest or highest version supported by the library.</p>
+
+<p>Currently supported versions are <b>SSL3_VERSION</b>, <b>TLS1_VERSION</b>, <b>TLS1_1_VERSION</b>, <b>TLS1_2_VERSION</b>, <b>TLS1_3_VERSION</b> for TLS and <b>DTLS1_VERSION</b>, <b>DTLS1_2_VERSION</b> for DTLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_mode.html
new file mode 100644
index 000000000..2e6c33d57
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_mode.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_mode, SSL_CTX_clear_mode, SSL_set_mode, SSL_clear_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
+ long SSL_CTX_clear_mode(SSL_CTX *ctx, long mode);
+ long SSL_set_mode(SSL *ssl, long mode);
+ long SSL_clear_mode(SSL *ssl, long mode);
+
+ long SSL_CTX_get_mode(SSL_CTX *ctx);
+ long SSL_get_mode(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ctx</b>. Options already set before are not cleared. SSL_CTX_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ctx</b>.</p>
+
+<p>SSL_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ssl</b>. Options already set before are not cleared. SSL_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_mode() returns the mode set for <b>ctx</b>.</p>
+
+<p>SSL_get_mode() returns the mode set for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following mode changes are available:</p>
+
+<dl>
+
+<dt id="SSL_MODE_ENABLE_PARTIAL_WRITE">SSL_MODE_ENABLE_PARTIAL_WRITE</dt>
+<dd>
+
+<p>Allow SSL_write_ex(..., n, &amp;r) to return with 0 &lt; r &lt; n (i.e. report success when just a single record has been written). This works in a similar way for SSL_write(). When not set (the default), SSL_write_ex() or SSL_write() will only report success once the complete chunk was written. Once SSL_write_ex() or SSL_write() returns successful, <b>r</b> bytes have been written and the next call to SSL_write_ex() or SSL_write() must only send the n-r bytes left, imitating the behaviour of write().</p>
+
+</dd>
+<dt id="SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER">SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</dt>
+<dd>
+
+<p>Make it possible to retry SSL_write_ex() or SSL_write() with changed buffer location (the buffer contents must stay the same). This is not the default to avoid the misconception that non-blocking SSL_write() behaves like non-blocking write().</p>
+
+</dd>
+<dt id="SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</dt>
+<dd>
+
+<p>During normal operations, non-application data records might need to be sent or received that the application is not aware of. If a non-application data record was processed, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> can return with a failure and indicate the need to retry with <b>SSL_ERROR_WANT_READ</b>. If such a non-application data record was processed, the flag <b>SSL_MODE_AUTO_RETRY</b> causes it to try to process the next record instead of returning.</p>
+
+<p>In a non-blocking environment applications must be prepared to handle incomplete read/write operations. Setting <b>SSL_MODE_AUTO_RETRY</b> for a non-blocking <b>BIO</b> will process non-application data records until either no more data is available or an application data record has been processed.</p>
+
+<p>In a blocking environment, applications are not always prepared to deal with the functions returning intermediate reports such as retry requests, and setting the <b>SSL_MODE_AUTO_RETRY</b> flag will cause the functions to only return after successfully processing an application data record or a failure.</p>
+
+<p>Turning off <b>SSL_MODE_AUTO_RETRY</b> can be useful with blocking <b>BIO</b>s in case they are used in combination with something like select() or poll(). Otherwise the call to SSL_read() or SSL_read_ex() might hang when a non-application record was sent and no application data was sent.</p>
+
+</dd>
+<dt id="SSL_MODE_RELEASE_BUFFERS">SSL_MODE_RELEASE_BUFFERS</dt>
+<dd>
+
+<p>When we no longer need a read buffer or a write buffer for a given SSL, then release the memory we were using to hold it. Using this flag can save around 34k per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections.</p>
+
+</dd>
+<dt id="SSL_MODE_SEND_FALLBACK_SCSV">SSL_MODE_SEND_FALLBACK_SCSV</dt>
+<dd>
+
+<p>Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications that reconnect with a downgraded protocol version; see draft-ietf-tls-downgrade-scsv-00 for details.</p>
+
+<p>DO NOT ENABLE THIS if your application attempts a normal handshake. Only use this in explicit fallback retries, following the guidance in draft-ietf-tls-downgrade-scsv-00.</p>
+
+</dd>
+<dt id="SSL_MODE_ASYNC">SSL_MODE_ASYNC</dt>
+<dd>
+
+<p>Enable asynchronous processing. TLS I/O operations may indicate a retry with SSL_ERROR_WANT_ASYNC with this mode set if an asynchronous capable engine is used to perform cryptographic operations. See <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+</dd>
+<dt id="SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG">SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG</dt>
+<dd>
+
+<p>Older versions of OpenSSL had a bug in the computation of the label length used for computing the endpoint-pair shared secret. The bug was that the terminating zero was included in the length of the label. Setting this option enables this behaviour to allow interoperability with such broken implementations. Please note that setting this option breaks interoperability with correct implementations. This option only applies to DTLS over SCTP.</p>
+
+</dd>
+</dl>
+
+<p>All modes are off by default except for SSL_MODE_AUTO_RETRY which is on by default since 1.1.1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask after adding <b>mode</b>.</p>
+
+<p>SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_MODE_ASYNC was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_num_tickets.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_num_tickets.html
new file mode 100644
index 000000000..94cc9b7e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_num_tickets.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_num_tickets</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_num_tickets, SSL_get_num_tickets, SSL_CTX_set_num_tickets, SSL_CTX_get_num_tickets - control the number of TLSv1.3 session tickets that are issued</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set_num_tickets(SSL *s, size_t num_tickets);
+ size_t SSL_get_num_tickets(SSL *s);
+ int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
+ size_t SSL_CTX_get_num_tickets(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_num_tickets() and SSL_set_num_tickets() can be called for a server application and set the number of TLSv1.3 session tickets that will be sent to the client after a full handshake. Set the desired value (which could be 0) in the <b>num_tickets</b> argument. Typically these functions should be called before the start of the handshake.</p>
+
+<p>The default number of tickets is 2; the default number of tickets sent following a resumption handshake is 1 but this cannot be changed using these functions. The number of tickets following a resumption handshake can be reduced to 0 using custom session ticket callbacks (see <a href="../man3/SSL_CTX_set_session_ticket_cb.html">SSL_CTX_set_session_ticket_cb(3)</a>).</p>
+
+<p>Tickets are also issued on receipt of a post-handshake certificate from the client following a request by the server using <a href="../man3/SSL_verify_client_post_handshake.html">SSL_verify_client_post_handshake(3)</a>. These new tickets will be associated with the updated client identity (i.e. including their certificate and verification status). The number of tickets issued will normally be the same as was used for the initial handshake. If the initial handshake was a full handshake then SSL_set_num_tickets() can be called again prior to calling SSL_verify_client_post_handshake() to update the number of tickets that will be sent.</p>
+
+<p>SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets set by a previous call to SSL_CTX_set_num_tickets() or SSL_set_num_tickets(), or 2 if no such call has been made.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_num_tickets() and SSL_set_num_tickets() return 1 on success or 0 on failure.</p>
+
+<p>SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets that have been previously set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_options.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_options.html
new file mode 100644
index 000000000..b45ee0128
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_options.html
@@ -0,0 +1,350 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_options</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SECURE-RENEGOTIATION">SECURE RENEGOTIATION</a>
+    <ul>
+      <li><a href="#Patched-client-and-server">Patched client and server</a></li>
+      <li><a href="#Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</a></li>
+      <li><a href="#Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_options() adds the options set via bitmask in <b>options</b> to <b>ctx</b>. Options already set before are not cleared!</p>
+
+<p>SSL_set_options() adds the options set via bitmask in <b>options</b> to <b>ssl</b>. Options already set before are not cleared!</p>
+
+<p>SSL_CTX_clear_options() clears the options set via bitmask in <b>options</b> to <b>ctx</b>.</p>
+
+<p>SSL_clear_options() clears the options set via bitmask in <b>options</b> to <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_options() returns the options set for <b>ctx</b>.</p>
+
+<p>SSL_get_options() returns the options set for <b>ssl</b>.</p>
+
+<p>SSL_get_secure_renegotiation_support() indicates whether the peer supports secure renegotiation. Note, this is implemented via a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of the SSL library can be changed by setting several options. The options are coded as bitmasks and can be combined by a bitwise <b>or</b> operation (|).</p>
+
+<p>SSL_CTX_set_options() and SSL_set_options() affect the (external) protocol behaviour of the SSL library. The (internal) behaviour of the API can be changed by using the similar <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> and SSL_set_mode() functions.</p>
+
+<p>During a handshake, the option settings of the SSL object are used. When a new SSL object is created from a context using SSL_new(), the current option setting is copied. Changes to <b>ctx</b> do not affect already created SSL objects. SSL_clear() does not affect the settings.</p>
+
+<p>The following <b>bug workaround</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_SAFARI_ECDHE_ECDSA_BUG">SSL_OP_SAFARI_ECDHE_ECDSA_BUG</dt>
+<dd>
+
+<p>Don&#39;t prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS">SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</dt>
+<dd>
+
+<p>Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_TLSEXT_PADDING">SSL_OP_TLSEXT_PADDING</dt>
+<dd>
+
+<p>Adds a padding extension to ensure the ClientHello size is never between 256 and 511 bytes in length. This is needed as a workaround for some implementations.</p>
+
+</dd>
+<dt id="SSL_OP_ALL">SSL_OP_ALL</dt>
+<dd>
+
+<p>All of the above bug workarounds plus <b>SSL_OP_LEGACY_SERVER_CONNECT</b> as mentioned below.</p>
+
+</dd>
+</dl>
+
+<p>It is usually safe to use <b>SSL_OP_ALL</b> to enable the bug workaround options if compatibility with somewhat broken implementations is desired.</p>
+
+<p>The following <b>modifying</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_TLS_ROLLBACK_BUG">SSL_OP_TLS_ROLLBACK_BUG</dt>
+<dd>
+
+<p>Disable version rollback attack detection.</p>
+
+<p>During the client key exchange, the client must send the same information about acceptable SSL/TLS protocol levels as during the first hello. Some clients violate this rule by adapting to the server&#39;s answer. (Example: the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server only understands up to SSLv3. In this case the client must still use the same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect to the server&#39;s answer and violate the version rollback protection.)</p>
+
+</dd>
+<dt id="SSL_OP_CIPHER_SERVER_PREFERENCE">SSL_OP_CIPHER_SERVER_PREFERENCE</dt>
+<dd>
+
+<p>When choosing a cipher, use the server&#39;s preferences instead of the client preferences. When not set, the SSL server will always follow the clients preferences. When set, the SSL/TLS server will choose following its own preferences.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SSLv3-SSL_OP_NO_TLSv1-SSL_OP_NO_TLSv1_1-SSL_OP_NO_TLSv1_2-SSL_OP_NO_TLSv1_3-SSL_OP_NO_DTLSv1-SSL_OP_NO_DTLSv1_2">SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2</dt>
+<dd>
+
+<p>These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively. As of OpenSSL 1.1.0, these options are deprecated, use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> and <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> instead.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION">SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</dt>
+<dd>
+
+<p>When performing renegotiation as a server, always start a new session (i.e., session resumption requests are only accepted in the initial handshake). This option is not needed for clients.</p>
+
+</dd>
+<dt id="SSL_OP_NO_COMPRESSION">SSL_OP_NO_COMPRESSION</dt>
+<dd>
+
+<p>Do not use compression even if it is supported.</p>
+
+</dd>
+<dt id="SSL_OP_NO_QUERY_MTU">SSL_OP_NO_QUERY_MTU</dt>
+<dd>
+
+<p>Do not query the MTU. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_COOKIE_EXCHANGE">SSL_OP_COOKIE_EXCHANGE</dt>
+<dd>
+
+<p>Turn on Cookie Exchange as described in RFC4347 Section 4.2.1. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_NO_TICKET">SSL_OP_NO_TICKET</dt>
+<dd>
+
+<p>SSL/TLS supports two mechanisms for resuming sessions: session ids and stateless session tickets.</p>
+
+<p>When using session ids a copy of the session information is cached on the server and a unique id is sent to the client. When the client wishes to resume it provides the unique id so that the server can retrieve the session information from its cache.</p>
+
+<p>When using stateless session tickets the server uses a session ticket encryption key to encrypt the session information. This encrypted data is sent to the client as a &quot;ticket&quot;. When the client wishes to resume it sends the encrypted data back to the server. The server uses its key to decrypt the data and resume the session. In this way the server can operate statelessly - no session information needs to be cached locally.</p>
+
+<p>The TLSv1.3 protocol only supports tickets and does not directly support session ids. However OpenSSL allows two modes of ticket operation in TLSv1.3: stateful and stateless. Stateless tickets work the same way as in TLSv1.2 and below. Stateful tickets mimic the session id behaviour available in TLSv1.2 and below. The session information is cached on the server and the session id is wrapped up in a ticket and sent back to the client. When the client wishes to resume, it presents a ticket in the same way as for stateless tickets. The server can then extract the session id from the ticket and retrieve the session information from its cache.</p>
+
+<p>By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET option will cause stateless tickets to not be issued. In TLSv1.2 and below this means no ticket gets sent to the client at all. In TLSv1.3 a stateful ticket will be sent. This is a server-side option only.</p>
+
+<p>In TLSv1.3 it is possible to suppress all tickets (stateful and stateless) from being sent by calling <a href="../man3/SSL_CTX_set_num_tickets.html">SSL_CTX_set_num_tickets(3)</a> or <a href="../man3/SSL_set_num_tickets.html">SSL_set_num_tickets(3)</a>.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION">SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_LEGACY_SERVER_CONNECT">SSL_OP_LEGACY_SERVER_CONNECT</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched servers <b>only</b>: this option is currently set by default. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ENCRYPT_THEN_MAC">SSL_OP_NO_ENCRYPT_THEN_MAC</dt>
+<dd>
+
+<p>Normally clients and servers will transparently attempt to negotiate the RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.</p>
+
+<p>If this option is set, Encrypt-then-MAC is disabled. Clients will not propose, and servers will not accept the extension.</p>
+
+</dd>
+<dt id="SSL_OP_NO_RENEGOTIATION">SSL_OP_NO_RENEGOTIATION</dt>
+<dd>
+
+<p>Disable all renegotiation in TLSv1.2 and earlier. Do not send HelloRequest messages, and ignore renegotiation requests via ClientHello.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_NO_DHE_KEX">SSL_OP_ALLOW_NO_DHE_KEX</dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="SSL_OP_PRIORITIZE_CHACHA">SSL_OP_PRIORITIZE_CHACHA</dt>
+<dd>
+
+<p>When SSL_OP_CIPHER_SERVER_PREFERENCE is set, temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers. Requires <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>.</p>
+
+</dd>
+<dt id="SSL_OP_ENABLE_MIDDLEBOX_COMPAT">SSL_OP_ENABLE_MIDDLEBOX_COMPAT</dt>
+<dd>
+
+<p>If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. Regardless of whether this option is set or not CCS messages received from the peer will always be ignored in TLSv1.3. This option is set by default. To switch it off use SSL_clear_options(). A future version of OpenSSL may not set this by default.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ANTI_REPLAY">SSL_OP_NO_ANTI_REPLAY</dt>
+<dd>
+
+<p>By default, when a server is configured for early data (i.e., max_early_data &gt; 0), OpenSSL will switch on replay protection. See <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a> for a description of the replay protection feature. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built in OpenSSL functionality is not required. Those applications can turn this feature off by setting this option. This is a server-side opton only. It is ignored by clients.</p>
+
+</dd>
+</dl>
+
+<p>The following options no longer have any effect but their identifiers are retained for compatibility purposes:</p>
+
+<dl>
+
+<dt id="SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG">SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER">SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLEAY_080_CLIENT_DH_BUG">SSL_OP_SSLEAY_080_CLIENT_DH_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_D5_BUG">SSL_OP_TLS_D5_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_BLOCK_PADDING_BUG">SSL_OP_TLS_BLOCK_PADDING_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MSIE_SSLV2_RSA_PADDING">SSL_OP_MSIE_SSLV2_RSA_PADDING</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG">SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_SESS_ID_BUG">SSL_OP_MICROSOFT_SESS_ID_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_NETSCAPE_CHALLENGE_BUG">SSL_OP_NETSCAPE_CHALLENGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_1">SSL_OP_PKCS1_CHECK_1</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_2">SSL_OP_PKCS1_CHECK_2</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_DH_USE">SSL_OP_SINGLE_DH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_ECDH_USE">SSL_OP_SINGLE_ECDH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_EPHEMERAL_RSA">SSL_OP_EPHEMERAL_RSA</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h1 id="SECURE-RENEGOTIATION">SECURE RENEGOTIATION</h1>
+
+<p>OpenSSL always attempts to use secure renegotiation as described in RFC5746. This counters the prefix attack described in CVE-2009-3555 and elsewhere.</p>
+
+<p>This attack has far reaching consequences which application writers should be aware of. In the description below an implementation supporting secure renegotiation is referred to as <i>patched</i>. A server not supporting secure renegotiation is referred to as <i>unpatched</i>.</p>
+
+<p>The following sections describe the operations permitted by OpenSSL&#39;s secure renegotiation implementation.</p>
+
+<h2 id="Patched-client-and-server">Patched client and server</h2>
+
+<p>Connections and renegotiation are always permitted by OpenSSL implementations.</p>
+
+<h2 id="Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</h2>
+
+<p>The initial connection succeeds but client renegotiation is denied by the server with a <b>no_renegotiation</b> warning alert if TLS v1.0 is used or a fatal <b>handshake_failure</b> alert in SSL v3.0.</p>
+
+<p>If the patched OpenSSL server attempts to renegotiate a fatal <b>handshake_failure</b> alert is sent. This is because the server code may be unaware of the unpatched nature of the client.</p>
+
+<p>If the option <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then renegotiation <b>always</b> succeeds.</p>
+
+<h2 id="Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</h2>
+
+<p>If the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> or <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then initial connections and renegotiation between patched OpenSSL clients and unpatched servers succeeds. If neither option is set then initial connections to unpatched servers will fail.</p>
+
+<p>The option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> is currently set by default even though it has security implications: otherwise it would be impossible to connect to unpatched servers (i.e. all of them initially) and this is clearly not acceptable. Renegotiation is permitted because this does not add any additional security issues: during an attack clients do not see any renegotiations anyway.</p>
+
+<p>As more servers become patched the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> will <b>not</b> be set by default in a future version of OpenSSL.</p>
+
+<p>OpenSSL client applications wishing to ensure they can connect to unpatched servers should always <b>set</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b></p>
+
+<p>OpenSSL client applications that want to ensure they can <b>not</b> connect to unpatched servers (and thus avoid any security issues) should always <b>clear</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b> using SSL_CTX_clear_options() or SSL_clear_options().</p>
+
+<p>The difference between the <b>SSL_OP_LEGACY_SERVER_CONNECT</b> and <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> options is that <b>SSL_OP_LEGACY_SERVER_CONNECT</b> enables initial connections and secure renegotiation between OpenSSL clients and unpatched servers <b>only</b>, while <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> allows initial connections and renegotiation between OpenSSL and unpatched clients or servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_options() and SSL_set_options() return the new options bitmask after adding <b>options</b>.</p>
+
+<p>SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask after clearing <b>options</b>.</p>
+
+<p>SSL_CTX_get_options() and SSL_get_options() return the current bitmask.</p>
+
+<p>SSL_get_secure_renegotiation_support() returns 1 is the peer supports secure renegotiation and 0 if it does not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The attempt to always try to use secure renegotiation was added in OpenSSL 0.9.8m.</p>
+
+<p>The <b>SSL_OP_PRIORITIZE_CHACHA</b> and <b>SSL_OP_NO_RENEGOTIATION</b> options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_cert_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_cert_chain.html
new file mode 100644
index 000000000..ef0b886fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_cert_chain.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_cert_chain</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_cert_chain, SSL_get0_verified_chain - get the X509 certificate chain of the peer</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
+ STACK_OF(X509) *SSL_get0_verified_chain(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certificates forming the certificate chain sent by the peer. If called on the client side, the stack also contains the peer&#39;s certificate; if called on the server side, the peer&#39;s certificate must be obtained separately using <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>. If the peer did not present a certificate, NULL is returned.</p>
+
+<p>NB: SSL_get_peer_cert_chain() returns the peer chain as sent by the peer: it only consists of certificates the peer has sent (in the order the peer has sent them) it is <b>not</b> a verified chain.</p>
+
+<p>SSL_get0_verified_chain() returns the <b>verified</b> certificate chain of the peer including the peer&#39;s end entity certificate. It must be called after a session has been successfully established. If peer verification was not successful (as indicated by SSL_get_verify_result() not returning X509_V_OK) the chain may be incomplete or invalid.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If the session is resumed peers do not send certificates so a NULL pointer is returned by these functions. Applications can call SSL_session_reused() to determine whether a session is resumed.</p>
+
+<p>The reference count of each certificate in the returned STACK_OF(X509) object is not incremented and the returned stack may be invalidated by renegotiation. If applications wish to use any certificates in the returned chain indefinitely they must increase the reference counts using X509_up_ref() or obtain a copy of the whole chain with X509_chain_up_ref().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>No certificate was presented by the peer or no connection was established or the certificate chain is no longer available when a session is reused.</p>
+
+</dd>
+<dt id="Pointer-to-a-STACK_OF-X509">Pointer to a STACK_OF(X509)</dt>
+<dd>
+
+<p>The return value points to the certificate chain presented by the peer.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_chain_up_ref.html">X509_chain_up_ref(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_certificate.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_certificate.html
new file mode 100644
index 000000000..42a624889
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_certificate.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_certificate - get the X509 certificate of the peer</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ X509 *SSL_get_peer_certificate(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_certificate() returns a pointer to the X509 certificate the peer presented. If the peer did not present a certificate, NULL is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Due to the protocol definition, a TLS/SSL server will always send a certificate, if present. A client will only send a certificate when explicitly requested to do so by the server (see <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>). If an anonymous cipher is used, no certificates are sent.</p>
+
+<p>That a certificate is returned does not indicate information about the verification state, use <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the verification state.</p>
+
+<p>The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer certificate is freed. The X509 object must be explicitly freed using X509_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>No certificate was presented by the peer or no connection was established.</p>
+
+</dd>
+<dt id="Pointer-to-an-X509-certificate">Pointer to an X509 certificate</dt>
+<dd>
+
+<p>The return value points to the certificate presented by the peer.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_signature_nid.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_signature_nid.html
new file mode 100644
index 000000000..e4128afba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_signature_nid.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_signature_nid</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_signature_nid, SSL_get_peer_signature_type_nid, SSL_get_signature_nid, SSL_get_signature_type_nid - get TLS message signing types</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_peer_signature_nid(SSL *ssl, int *psig_nid);
+ int SSL_get_peer_signature_type_nid(const SSL *ssl, int *psigtype_nid);
+ int SSL_get_signature_nid(SSL *ssl, int *psig_nid);
+ int SSL_get_signature_type_nid(const SSL *ssl, int *psigtype_nid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_signature_nid() sets <b>*psig_nid</b> to the NID of the digest used by the peer to sign TLS messages. It is implemented as a macro.</p>
+
+<p>SSL_get_peer_signature_type_nid() sets <b>*psigtype_nid</b> to the signature type used by the peer to sign TLS messages. Currently the signature type is the NID of the public key type used for signing except for PSS signing where it is <b>EVP_PKEY_RSA_PSS</b>. To differentiate between <b>rsa_pss_rsae_*</b> and <b>rsa_pss_pss_*</b> signatures, it&#39;s necessary to check the type of public key in the peer&#39;s certificate.</p>
+
+<p>SSL_get_signature_nid() and SSL_get_signature_type_nid() return the equivalent information for the local end of the connection.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 for success and 0 for failure. There are several possible reasons for failure: the cipher suite has no signature (e.g. it uses RSA key exchange or is anonymous), the TLS version is below 1.2 or the functions were called too early, e.g. before the peer signed a message.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_signature_type_nid.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_signature_type_nid.html
new file mode 100644
index 000000000..e4128afba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_signature_type_nid.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_signature_nid</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_signature_nid, SSL_get_peer_signature_type_nid, SSL_get_signature_nid, SSL_get_signature_type_nid - get TLS message signing types</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_peer_signature_nid(SSL *ssl, int *psig_nid);
+ int SSL_get_peer_signature_type_nid(const SSL *ssl, int *psigtype_nid);
+ int SSL_get_signature_nid(SSL *ssl, int *psig_nid);
+ int SSL_get_signature_type_nid(const SSL *ssl, int *psigtype_nid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_signature_nid() sets <b>*psig_nid</b> to the NID of the digest used by the peer to sign TLS messages. It is implemented as a macro.</p>
+
+<p>SSL_get_peer_signature_type_nid() sets <b>*psigtype_nid</b> to the signature type used by the peer to sign TLS messages. Currently the signature type is the NID of the public key type used for signing except for PSS signing where it is <b>EVP_PKEY_RSA_PSS</b>. To differentiate between <b>rsa_pss_rsae_*</b> and <b>rsa_pss_pss_*</b> signatures, it&#39;s necessary to check the type of public key in the peer&#39;s certificate.</p>
+
+<p>SSL_get_signature_nid() and SSL_get_signature_type_nid() return the equivalent information for the local end of the connection.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 for success and 0 for failure. There are several possible reasons for failure: the cipher suite has no signature (e.g. it uses RSA key exchange or is anonymous), the TLS version is below 1.2 or the functions were called too early, e.g. before the peer signed a message.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_tmp_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_tmp_key.html
new file mode 100644
index 000000000..19ef8a4e9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_peer_tmp_key.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_tmp_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_tmp_key, SSL_get_server_tmp_key, SSL_get_tmp_key - get information about temporary keys used during a handshake</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_get_peer_tmp_key(SSL *ssl, EVP_PKEY **key);
+ long SSL_get_server_tmp_key(SSL *ssl, EVP_PKEY **key);
+ long SSL_get_tmp_key(SSL *ssl, EVP_PKEY **key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_tmp_key() returns the temporary key provided by the peer and used during key exchange. For example, if ECDHE is in use, then this represents the peer&#39;s public ECDHE key. On success a pointer to the key is stored in <b>*key</b>. It is the caller&#39;s responsibility to free this key after use using <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>.</p>
+
+<p>SSL_get_server_tmp_key() is a backwards compatibility alias for SSL_get_peer_tmp_key(). Under that name it worked just on the client side of the connection, its behaviour on the server end is release-dependent.</p>
+
+<p>SSL_get_tmp_key() returns the equivalent information for the local end of the connection.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 on success and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This function is implemented as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_pending_cipher.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_pending_cipher.html
new file mode 100644
index 000000000..877a067d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_pending_cipher.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_current_cipher</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_current_cipher, SSL_get_cipher_name, SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, SSL_get_pending_cipher - get SSL_CIPHER of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+ SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl);
+
+ const char *SSL_get_cipher_name(const SSL *s);
+ const char *SSL_get_cipher(const SSL *s);
+ int SSL_get_cipher_bits(const SSL *s, int *np);
+ const char *SSL_get_cipher_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_current_cipher() returns a pointer to an SSL_CIPHER object containing the description of the actually used cipher of a connection established with the <b>ssl</b> object. See <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> for more details.</p>
+
+<p>SSL_get_cipher_name() obtains the name of the currently used cipher. SSL_get_cipher() is identical to SSL_get_cipher_name(). SSL_get_cipher_bits() is a macro to obtain the number of secret/algorithm bits used and SSL_get_cipher_version() returns the protocol name.</p>
+
+<p>SSL_get_pending_cipher() returns a pointer to an SSL_CIPHER object containing the description of the cipher (if any) that has been negotiated for future use on the connection established with the <b>ssl</b> object, but is not yet in use. This may be the case during handshake processing, when control flow can be returned to the application via any of several callback methods. The internal sequencing of handshake processing and callback invocation is not guaranteed to be stable from release to release, and at present only the callback set by SSL_CTX_set_alpn_select_cb() is guaranteed to have a non-NULL return value. Other callbacks may be added to this list over time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_current_cipher() returns the cipher actually used, or NULL if no session has been established.</p>
+
+<p>SSL_get_pending_cipher() returns the cipher to be used at the next change of cipher suite, or NULL if no such cipher is known.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_get_cipher, SSL_get_cipher_bits, SSL_get_cipher_version, and SSL_get_cipher_name are implemented as macros.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_psk_identity.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_psk_identity.html
new file mode 100644
index 000000000..46f89eead
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_psk_identity.html
@@ -0,0 +1,54 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_psk_identity</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_psk_identity, SSL_get_psk_identity_hint - get PSK client identity and hint</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_get_psk_identity_hint(const SSL *ssl);
+ const char *SSL_get_psk_identity(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_psk_identity_hint() is used to retrieve the PSK identity hint used during the connection setup related to SSL object <b>ssl</b>. Similarly, SSL_get_psk_identity() is used to retrieve the PSK identity used during the connection setup.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If non-<b>NULL</b>, SSL_get_psk_identity_hint() returns the PSK identity hint and SSL_get_psk_identity() returns the PSK identity. Both are <b>NULL</b>-terminated. SSL_get_psk_identity_hint() may return <b>NULL</b> if no PSK identity hint was used during the connection setup.</p>
+
+<p>Note that the return value is valid only during the lifetime of the SSL object <b>ssl</b>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_psk_identity_hint.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_psk_identity_hint.html
new file mode 100644
index 000000000..46f89eead
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_psk_identity_hint.html
@@ -0,0 +1,54 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_psk_identity</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_psk_identity, SSL_get_psk_identity_hint - get PSK client identity and hint</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_get_psk_identity_hint(const SSL *ssl);
+ const char *SSL_get_psk_identity(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_psk_identity_hint() is used to retrieve the PSK identity hint used during the connection setup related to SSL object <b>ssl</b>. Similarly, SSL_get_psk_identity() is used to retrieve the PSK identity used during the connection setup.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If non-<b>NULL</b>, SSL_get_psk_identity_hint() returns the PSK identity hint and SSL_get_psk_identity() returns the PSK identity. Both are <b>NULL</b>-terminated. SSL_get_psk_identity_hint() may return <b>NULL</b> if no PSK identity hint was used during the connection setup.</p>
+
+<p>Note that the return value is valid only during the lifetime of the SSL object <b>ssl</b>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_quiet_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_quiet_shutdown.html
new file mode 100644
index 000000000..7b96fc659
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_quiet_shutdown.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_quiet_shutdown</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown behaviour</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+ int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+
+ void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+ int SSL_get_quiet_shutdown(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_quiet_shutdown() sets the &quot;quiet shutdown&quot; flag for <b>ctx</b> to be <b>mode</b>. SSL objects created from <b>ctx</b> inherit the <b>mode</b> valid at the time <a href="../man3/SSL_new.html">SSL_new(3)</a> is called. <b>mode</b> may be 0 or 1.</p>
+
+<p>SSL_CTX_get_quiet_shutdown() returns the &quot;quiet shutdown&quot; setting of <b>ctx</b>.</p>
+
+<p>SSL_set_quiet_shutdown() sets the &quot;quiet shutdown&quot; flag for <b>ssl</b> to be <b>mode</b>. The setting stays valid until <b>ssl</b> is removed with <a href="../man3/SSL_free.html">SSL_free(3)</a> or SSL_set_quiet_shutdown() is called again. It is not changed when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called. <b>mode</b> may be 0 or 1.</p>
+
+<p>SSL_get_quiet_shutdown() returns the &quot;quiet shutdown&quot; setting of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Normally when a SSL connection is finished, the parties must send out close_notify alert messages using <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> for a clean shutdown.</p>
+
+<p>When setting the &quot;quiet shutdown&quot; flag to 1, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN. (<a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> then behaves like <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a> called with SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.) The session is thus considered to be shutdown, but no close_notify alert is sent to the peer. This behaviour violates the TLS standard.</p>
+
+<p>The default is normal shutdown behaviour as described by the TLS standard.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return diagnostic information.</p>
+
+<p>SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_rbio.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_rbio.html
new file mode 100644
index 000000000..bc928dd69
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_rbio.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_rbio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_rbio, SSL_get_wbio - get BIO linked to an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ BIO *SSL_get_rbio(SSL *ssl);
+ BIO *SSL_get_wbio(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_rbio() and SSL_get_wbio() return pointers to the BIOs for the read or the write channel, which can be different. The reference count of the BIO is not incremented.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>No BIO was connected to the SSL object</p>
+
+</dd>
+<dt id="Any-other-pointer">Any other pointer</dt>
+<dd>
+
+<p>The BIO linked to <b>ssl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a> , <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_read_ahead.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_read_ahead.html
new file mode 100644
index 000000000..ef56bb1b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_read_ahead.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_read_ahead</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_read_ahead, SSL_CTX_get_read_ahead, SSL_set_read_ahead, SSL_get_read_ahead, SSL_CTX_get_default_read_ahead - manage whether to read as many input bytes as possible</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_read_ahead(SSL *s, int yes);
+ int SSL_get_read_ahead(const SSL *s);
+
+ SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes);
+ long SSL_CTX_get_read_ahead(SSL_CTX *ctx);
+ long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_read_ahead() and SSL_set_read_ahead() set whether we should read as many input bytes as possible (for non-blocking reads) or not. For example if <b>x</b> bytes are currently required by OpenSSL, but <b>y</b> bytes are available from the underlying BIO (where <b>y</b> &gt; <b>x</b>), then OpenSSL will read all <b>y</b> bytes into its buffer (providing that the buffer is large enough) if reading ahead is on, or <b>x</b> bytes otherwise. Setting the parameter <b>yes</b> to 0 turns reading ahead is off, other values turn it on. SSL_CTX_set_default_read_ahead() is identical to SSL_CTX_set_read_ahead().</p>
+
+<p>SSL_CTX_get_read_ahead() and SSL_get_read_ahead() indicate whether reading ahead has been set or not. SSL_CTX_get_default_read_ahead() is identical to SSL_CTX_get_read_ahead().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions have no impact when used with DTLS. The return values for SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>Since SSL_read() can return <b>SSL_ERROR_WANT_READ</b> for non-application data records, and SSL_has_pending() can&#39;t tell the difference between processed and unprocessed data, it&#39;s recommended that if read ahead is turned on that <b>SSL_MODE_AUTO_RETRY</b> is not turned off using SSL_CTX_clear_mode(). That will prevent getting <b>SSL_ERROR_WANT_READ</b> when there is still a complete record availale that hasn&#39;t been processed.</p>
+
+<p>If the application wants to continue to use the underlying transport (e.g. TCP connection) after the SSL connection is finished using SSL_shutdown() reading ahead should be turned off. Otherwise the SSL structure might read data that it shouldn&#39;t.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_read_ahead() and SSL_CTX_get_read_ahead() return 0 if reading ahead is off, and non zero otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_record_padding_callback_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_record_padding_callback_arg.html
new file mode 100644
index 000000000..57d5c7c64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_record_padding_callback_arg.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_record_padding_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_record_padding_callback, SSL_set_record_padding_callback, SSL_CTX_set_record_padding_callback_arg, SSL_set_record_padding_callback_arg, SSL_CTX_get_record_padding_callback_arg, SSL_get_record_padding_callback_arg, SSL_CTX_set_block_padding, SSL_set_block_padding - install callback to specify TLS 1.3 record padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+ void SSL_set_record_padding_callback(SSL *ssl, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+
+ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+
+ void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+ void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+
+ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+ int SSL_set_block_padding(SSL *ssl, size_t block_size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_record_padding_callback() or SSL_set_record_padding_callback() can be used to assign a callback function <i>cb</i> to specify the padding for TLS 1.3 records. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_set_record_padding_callback_arg() and SSL_set_record_padding_callback_arg() assign a value <b>arg</b> that is passed to the callback when it is invoked. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() retrieve the <b>arg</b> value that is passed to the callback.</p>
+
+<p>SSL_CTX_set_block_padding() and SSL_set_block_padding() pads the record to a multiple of the <b>block_size</b>. A <b>block_size</b> of 0 or 1 disables block padding. The limit of <b>block_size</b> is SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>The callback is invoked for every record before encryption. The <b>type</b> parameter is the TLS record type that is being processed; may be one of SSL3_RT_APPLICATION_DATA, SSL3_RT_HANDSHAKE, or SSL3_RT_ALERT. The <b>len</b> parameter is the current plaintext length of the record before encryption. The <b>arg</b> parameter is the value set via SSL_CTX_set_record_padding_callback_arg() or SSL_set_record_padding_callback_arg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() functions return the <b>arg</b> value assigned in the corresponding set functions.</p>
+
+<p>The SSL_CTX_set_block_padding() and SSL_set_block_padding() functions return 1 on success or 0 if <b>block_size</b> is too large.</p>
+
+<p>The <b>cb</b> returns the number of padding bytes to add to the record. A return of 0 indicates no padding will be added. A return value that causes the record to exceed the maximum record size (SSL3_RT_MAX_PLAIN_LENGTH) will pad out to the maximum record size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default behavior is to add no padding to the record.</p>
+
+<p>A user-supplied padding callback function will override the behavior set by SSL_set_block_padding() or SSL_CTX_set_block_padding(). Setting the user-supplied callback to NULL will restore the configured block padding behavior.</p>
+
+<p>These functions only apply to TLS 1.3 records being written.</p>
+
+<p>Padding bytes are not added in constant-time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The record padding API was added for TLS 1.3 support in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_recv_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_recv_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_recv_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_rfd.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_rfd.html
new file mode 100644
index 000000000..62a631bdf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_rfd.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_fd, SSL_get_rfd, SSL_get_wfd - get file descriptor linked to an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_fd(const SSL *ssl);
+ int SSL_get_rfd(const SSL *ssl);
+ int SSL_get_wfd(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_fd() returns the file descriptor which is linked to <b>ssl</b>. SSL_get_rfd() and SSL_get_wfd() return the file descriptors for the read or the write channel, which can be different. If the read and the write channel are different, SSL_get_fd() will return the file descriptor of the read channel.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod-1">-1</dt>
+<dd>
+
+<p>The operation failed, because the underlying BIO is not of the correct type (suitable for file descriptors).</p>
+
+</dd>
+<dt id="pod-0">&gt;=0</dt>
+<dd>
+
+<p>The file descriptor linked to <b>ssl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_fd.html">SSL_set_fd(3)</a>, <a href="../man7/ssl.html">ssl(7)</a> , <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_secure_renegotiation_support.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_secure_renegotiation_support.html
new file mode 100644
index 000000000..b45ee0128
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_secure_renegotiation_support.html
@@ -0,0 +1,350 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_options</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SECURE-RENEGOTIATION">SECURE RENEGOTIATION</a>
+    <ul>
+      <li><a href="#Patched-client-and-server">Patched client and server</a></li>
+      <li><a href="#Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</a></li>
+      <li><a href="#Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_options() adds the options set via bitmask in <b>options</b> to <b>ctx</b>. Options already set before are not cleared!</p>
+
+<p>SSL_set_options() adds the options set via bitmask in <b>options</b> to <b>ssl</b>. Options already set before are not cleared!</p>
+
+<p>SSL_CTX_clear_options() clears the options set via bitmask in <b>options</b> to <b>ctx</b>.</p>
+
+<p>SSL_clear_options() clears the options set via bitmask in <b>options</b> to <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_options() returns the options set for <b>ctx</b>.</p>
+
+<p>SSL_get_options() returns the options set for <b>ssl</b>.</p>
+
+<p>SSL_get_secure_renegotiation_support() indicates whether the peer supports secure renegotiation. Note, this is implemented via a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of the SSL library can be changed by setting several options. The options are coded as bitmasks and can be combined by a bitwise <b>or</b> operation (|).</p>
+
+<p>SSL_CTX_set_options() and SSL_set_options() affect the (external) protocol behaviour of the SSL library. The (internal) behaviour of the API can be changed by using the similar <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> and SSL_set_mode() functions.</p>
+
+<p>During a handshake, the option settings of the SSL object are used. When a new SSL object is created from a context using SSL_new(), the current option setting is copied. Changes to <b>ctx</b> do not affect already created SSL objects. SSL_clear() does not affect the settings.</p>
+
+<p>The following <b>bug workaround</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_SAFARI_ECDHE_ECDSA_BUG">SSL_OP_SAFARI_ECDHE_ECDSA_BUG</dt>
+<dd>
+
+<p>Don&#39;t prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS">SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</dt>
+<dd>
+
+<p>Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_TLSEXT_PADDING">SSL_OP_TLSEXT_PADDING</dt>
+<dd>
+
+<p>Adds a padding extension to ensure the ClientHello size is never between 256 and 511 bytes in length. This is needed as a workaround for some implementations.</p>
+
+</dd>
+<dt id="SSL_OP_ALL">SSL_OP_ALL</dt>
+<dd>
+
+<p>All of the above bug workarounds plus <b>SSL_OP_LEGACY_SERVER_CONNECT</b> as mentioned below.</p>
+
+</dd>
+</dl>
+
+<p>It is usually safe to use <b>SSL_OP_ALL</b> to enable the bug workaround options if compatibility with somewhat broken implementations is desired.</p>
+
+<p>The following <b>modifying</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_TLS_ROLLBACK_BUG">SSL_OP_TLS_ROLLBACK_BUG</dt>
+<dd>
+
+<p>Disable version rollback attack detection.</p>
+
+<p>During the client key exchange, the client must send the same information about acceptable SSL/TLS protocol levels as during the first hello. Some clients violate this rule by adapting to the server&#39;s answer. (Example: the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server only understands up to SSLv3. In this case the client must still use the same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect to the server&#39;s answer and violate the version rollback protection.)</p>
+
+</dd>
+<dt id="SSL_OP_CIPHER_SERVER_PREFERENCE">SSL_OP_CIPHER_SERVER_PREFERENCE</dt>
+<dd>
+
+<p>When choosing a cipher, use the server&#39;s preferences instead of the client preferences. When not set, the SSL server will always follow the clients preferences. When set, the SSL/TLS server will choose following its own preferences.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SSLv3-SSL_OP_NO_TLSv1-SSL_OP_NO_TLSv1_1-SSL_OP_NO_TLSv1_2-SSL_OP_NO_TLSv1_3-SSL_OP_NO_DTLSv1-SSL_OP_NO_DTLSv1_2">SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2</dt>
+<dd>
+
+<p>These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively. As of OpenSSL 1.1.0, these options are deprecated, use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> and <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> instead.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION">SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</dt>
+<dd>
+
+<p>When performing renegotiation as a server, always start a new session (i.e., session resumption requests are only accepted in the initial handshake). This option is not needed for clients.</p>
+
+</dd>
+<dt id="SSL_OP_NO_COMPRESSION">SSL_OP_NO_COMPRESSION</dt>
+<dd>
+
+<p>Do not use compression even if it is supported.</p>
+
+</dd>
+<dt id="SSL_OP_NO_QUERY_MTU">SSL_OP_NO_QUERY_MTU</dt>
+<dd>
+
+<p>Do not query the MTU. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_COOKIE_EXCHANGE">SSL_OP_COOKIE_EXCHANGE</dt>
+<dd>
+
+<p>Turn on Cookie Exchange as described in RFC4347 Section 4.2.1. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_NO_TICKET">SSL_OP_NO_TICKET</dt>
+<dd>
+
+<p>SSL/TLS supports two mechanisms for resuming sessions: session ids and stateless session tickets.</p>
+
+<p>When using session ids a copy of the session information is cached on the server and a unique id is sent to the client. When the client wishes to resume it provides the unique id so that the server can retrieve the session information from its cache.</p>
+
+<p>When using stateless session tickets the server uses a session ticket encryption key to encrypt the session information. This encrypted data is sent to the client as a &quot;ticket&quot;. When the client wishes to resume it sends the encrypted data back to the server. The server uses its key to decrypt the data and resume the session. In this way the server can operate statelessly - no session information needs to be cached locally.</p>
+
+<p>The TLSv1.3 protocol only supports tickets and does not directly support session ids. However OpenSSL allows two modes of ticket operation in TLSv1.3: stateful and stateless. Stateless tickets work the same way as in TLSv1.2 and below. Stateful tickets mimic the session id behaviour available in TLSv1.2 and below. The session information is cached on the server and the session id is wrapped up in a ticket and sent back to the client. When the client wishes to resume, it presents a ticket in the same way as for stateless tickets. The server can then extract the session id from the ticket and retrieve the session information from its cache.</p>
+
+<p>By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET option will cause stateless tickets to not be issued. In TLSv1.2 and below this means no ticket gets sent to the client at all. In TLSv1.3 a stateful ticket will be sent. This is a server-side option only.</p>
+
+<p>In TLSv1.3 it is possible to suppress all tickets (stateful and stateless) from being sent by calling <a href="../man3/SSL_CTX_set_num_tickets.html">SSL_CTX_set_num_tickets(3)</a> or <a href="../man3/SSL_set_num_tickets.html">SSL_set_num_tickets(3)</a>.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION">SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_LEGACY_SERVER_CONNECT">SSL_OP_LEGACY_SERVER_CONNECT</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched servers <b>only</b>: this option is currently set by default. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ENCRYPT_THEN_MAC">SSL_OP_NO_ENCRYPT_THEN_MAC</dt>
+<dd>
+
+<p>Normally clients and servers will transparently attempt to negotiate the RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.</p>
+
+<p>If this option is set, Encrypt-then-MAC is disabled. Clients will not propose, and servers will not accept the extension.</p>
+
+</dd>
+<dt id="SSL_OP_NO_RENEGOTIATION">SSL_OP_NO_RENEGOTIATION</dt>
+<dd>
+
+<p>Disable all renegotiation in TLSv1.2 and earlier. Do not send HelloRequest messages, and ignore renegotiation requests via ClientHello.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_NO_DHE_KEX">SSL_OP_ALLOW_NO_DHE_KEX</dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="SSL_OP_PRIORITIZE_CHACHA">SSL_OP_PRIORITIZE_CHACHA</dt>
+<dd>
+
+<p>When SSL_OP_CIPHER_SERVER_PREFERENCE is set, temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers. Requires <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>.</p>
+
+</dd>
+<dt id="SSL_OP_ENABLE_MIDDLEBOX_COMPAT">SSL_OP_ENABLE_MIDDLEBOX_COMPAT</dt>
+<dd>
+
+<p>If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. Regardless of whether this option is set or not CCS messages received from the peer will always be ignored in TLSv1.3. This option is set by default. To switch it off use SSL_clear_options(). A future version of OpenSSL may not set this by default.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ANTI_REPLAY">SSL_OP_NO_ANTI_REPLAY</dt>
+<dd>
+
+<p>By default, when a server is configured for early data (i.e., max_early_data &gt; 0), OpenSSL will switch on replay protection. See <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a> for a description of the replay protection feature. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built in OpenSSL functionality is not required. Those applications can turn this feature off by setting this option. This is a server-side opton only. It is ignored by clients.</p>
+
+</dd>
+</dl>
+
+<p>The following options no longer have any effect but their identifiers are retained for compatibility purposes:</p>
+
+<dl>
+
+<dt id="SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG">SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER">SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLEAY_080_CLIENT_DH_BUG">SSL_OP_SSLEAY_080_CLIENT_DH_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_D5_BUG">SSL_OP_TLS_D5_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_BLOCK_PADDING_BUG">SSL_OP_TLS_BLOCK_PADDING_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MSIE_SSLV2_RSA_PADDING">SSL_OP_MSIE_SSLV2_RSA_PADDING</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG">SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_SESS_ID_BUG">SSL_OP_MICROSOFT_SESS_ID_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_NETSCAPE_CHALLENGE_BUG">SSL_OP_NETSCAPE_CHALLENGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_1">SSL_OP_PKCS1_CHECK_1</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_2">SSL_OP_PKCS1_CHECK_2</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_DH_USE">SSL_OP_SINGLE_DH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_ECDH_USE">SSL_OP_SINGLE_ECDH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_EPHEMERAL_RSA">SSL_OP_EPHEMERAL_RSA</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h1 id="SECURE-RENEGOTIATION">SECURE RENEGOTIATION</h1>
+
+<p>OpenSSL always attempts to use secure renegotiation as described in RFC5746. This counters the prefix attack described in CVE-2009-3555 and elsewhere.</p>
+
+<p>This attack has far reaching consequences which application writers should be aware of. In the description below an implementation supporting secure renegotiation is referred to as <i>patched</i>. A server not supporting secure renegotiation is referred to as <i>unpatched</i>.</p>
+
+<p>The following sections describe the operations permitted by OpenSSL&#39;s secure renegotiation implementation.</p>
+
+<h2 id="Patched-client-and-server">Patched client and server</h2>
+
+<p>Connections and renegotiation are always permitted by OpenSSL implementations.</p>
+
+<h2 id="Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</h2>
+
+<p>The initial connection succeeds but client renegotiation is denied by the server with a <b>no_renegotiation</b> warning alert if TLS v1.0 is used or a fatal <b>handshake_failure</b> alert in SSL v3.0.</p>
+
+<p>If the patched OpenSSL server attempts to renegotiate a fatal <b>handshake_failure</b> alert is sent. This is because the server code may be unaware of the unpatched nature of the client.</p>
+
+<p>If the option <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then renegotiation <b>always</b> succeeds.</p>
+
+<h2 id="Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</h2>
+
+<p>If the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> or <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then initial connections and renegotiation between patched OpenSSL clients and unpatched servers succeeds. If neither option is set then initial connections to unpatched servers will fail.</p>
+
+<p>The option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> is currently set by default even though it has security implications: otherwise it would be impossible to connect to unpatched servers (i.e. all of them initially) and this is clearly not acceptable. Renegotiation is permitted because this does not add any additional security issues: during an attack clients do not see any renegotiations anyway.</p>
+
+<p>As more servers become patched the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> will <b>not</b> be set by default in a future version of OpenSSL.</p>
+
+<p>OpenSSL client applications wishing to ensure they can connect to unpatched servers should always <b>set</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b></p>
+
+<p>OpenSSL client applications that want to ensure they can <b>not</b> connect to unpatched servers (and thus avoid any security issues) should always <b>clear</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b> using SSL_CTX_clear_options() or SSL_clear_options().</p>
+
+<p>The difference between the <b>SSL_OP_LEGACY_SERVER_CONNECT</b> and <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> options is that <b>SSL_OP_LEGACY_SERVER_CONNECT</b> enables initial connections and secure renegotiation between OpenSSL clients and unpatched servers <b>only</b>, while <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> allows initial connections and renegotiation between OpenSSL and unpatched clients or servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_options() and SSL_set_options() return the new options bitmask after adding <b>options</b>.</p>
+
+<p>SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask after clearing <b>options</b>.</p>
+
+<p>SSL_CTX_get_options() and SSL_get_options() return the current bitmask.</p>
+
+<p>SSL_get_secure_renegotiation_support() returns 1 is the peer supports secure renegotiation and 0 if it does not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The attempt to always try to use secure renegotiation was added in OpenSSL 0.9.8m.</p>
+
+<p>The <b>SSL_OP_PRIORITIZE_CHACHA</b> and <b>SSL_OP_NO_RENEGOTIATION</b> options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_security_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_security_callback.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_security_callback.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_security_level.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_security_level.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_security_level.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_selected_srtp_profile.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_selected_srtp_profile.html
new file mode 100644
index 000000000..6f32f070f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_selected_srtp_profile.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_use_srtp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_use_srtp, SSL_set_tlsext_use_srtp, SSL_get_srtp_profiles, SSL_get_selected_srtp_profile - Configure and query SRTP support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/srtp.h&gt;
+
+ int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
+ int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles);
+
+ STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SRTP is the Secure Real-Time Transport Protocol. OpenSSL implements support for the &quot;use_srtp&quot; DTLS extension defined in RFC5764. This provides a mechanism for establishing SRTP keying material, algorithms and parameters using DTLS. This capability may be used as part of an implementation that conforms to RFC5763. OpenSSL does not implement SRTP itself or RFC5763. Note that OpenSSL does not support the use of SRTP Master Key Identifiers (MKIs). Also note that this extension is only supported in DTLS. Any SRTP configuration will be ignored if a TLS connection is attempted.</p>
+
+<p>An OpenSSL client wishing to send the &quot;use_srtp&quot; extension should call SSL_CTX_set_tlsext_use_srtp() to set its use for all SSL objects subsequently created from an SSL_CTX. Alternatively a client may call SSL_set_tlsext_use_srtp() to set its use for an individual SSL object. The <b>profiles</b> parameters should point to a NUL-terminated, colon delimited list of SRTP protection profile names.</p>
+
+<p>The currently supported protection profile names are:</p>
+
+<dl>
+
+<dt id="SRTP_AES128_CM_SHA1_80">SRTP_AES128_CM_SHA1_80</dt>
+<dd>
+
+<p>This corresponds to SRTP_AES128_CM_HMAC_SHA1_80 defined in RFC5764.</p>
+
+</dd>
+<dt id="SRTP_AES128_CM_SHA1_32">SRTP_AES128_CM_SHA1_32</dt>
+<dd>
+
+<p>This corresponds to SRTP_AES128_CM_HMAC_SHA1_32 defined in RFC5764.</p>
+
+</dd>
+<dt id="SRTP_AEAD_AES_128_GCM">SRTP_AEAD_AES_128_GCM</dt>
+<dd>
+
+<p>This corresponds to the profile of the same name defined in RFC7714.</p>
+
+</dd>
+<dt id="SRTP_AEAD_AES_256_GCM">SRTP_AEAD_AES_256_GCM</dt>
+<dd>
+
+<p>This corresponds to the profile of the same name defined in RFC7714.</p>
+
+</dd>
+</dl>
+
+<p>Supplying an unrecognised protection profile name will result in an error.</p>
+
+<p>An OpenSSL server wishing to support the &quot;use_srtp&quot; extension should also call SSL_CTX_set_tlsext_use_srtp() or SSL_set_tlsext_use_srtp() to indicate the protection profiles that it is willing to negotiate.</p>
+
+<p>The currently configured list of protection profiles for either a client or a server can be obtained by calling SSL_get_srtp_profiles(). This returns a stack of SRTP_PROTECTION_PROFILE objects. The memory pointed to in the return value of this function should not be freed by the caller.</p>
+
+<p>After a handshake has been completed the negotiated SRTP protection profile (if any) can be obtained (on the client or the server) by calling SSL_get_selected_srtp_profile(). This function will return NULL if no SRTP protection profile was negotiated. The memory returned from this function should not be freed by the caller.</p>
+
+<p>If an SRTP protection profile has been successfully negotiated then the SRTP keying material (on both the client and server) should be obtained via a call to <a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a>. This call should provide a label value of &quot;EXTRACTOR-dtls_srtp&quot; and a NULL context value (use_context is 0). The total length of keying material obtained should be equal to two times the sum of the master key length and the salt length as defined for the protection profile in use. This provides the client write master key, the server write master key, the client write master salt and the server write master salt in that order.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_use_srtp() and SSL_set_tlsext_use_srtp() return 0 on success or 1 on error.</p>
+
+<p>SSL_get_srtp_profiles() returns a stack of SRTP_PROTECTION_PROFILE objects on success or NULL on error or if no protection profiles have been configured.</p>
+
+<p>SSL_get_selected_srtp_profile() returns a pointer to an SRTP_PROTECTION_PROFILE object if one has been negotiated or NULL otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_server_random.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_server_random.html
new file mode 100644
index 000000000..036807b3c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_server_random.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_client_random</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_client_random, SSL_get_server_random, SSL_SESSION_get_master_key, SSL_SESSION_set1_master_key - get internal TLS/SSL random values and get/set master key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen);
+ size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen);
+ size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
+                                   unsigned char *out, size_t outlen);
+ int SSL_SESSION_set1_master_key(SSL_SESSION *sess, const unsigned char *in,
+                                 size_t len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_client_random() extracts the random value sent from the client to the server during the initial SSL/TLS handshake. It copies as many bytes as it can of this value into the buffer provided in <b>out</b>, which must have at least <b>outlen</b> bytes available. It returns the total number of bytes that were actually copied. If <b>outlen</b> is zero, SSL_get_client_random() copies nothing, and returns the total size of the client_random value.</p>
+
+<p>SSL_get_server_random() behaves the same, but extracts the random value sent from the server to the client during the initial SSL/TLS handshake.</p>
+
+<p>SSL_SESSION_get_master_key() behaves the same, but extracts the master secret used to guarantee the security of the SSL/TLS session. This one can be dangerous if misused; see NOTES below.</p>
+
+<p>SSL_SESSION_set1_master_key() sets the master key value associated with the SSL_SESSION <b>sess</b>. For example, this could be used to set up a session based PSK (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). The master key of length <b>len</b> should be provided at <b>in</b>. The supplied master key is copied by the function, so the caller is responsible for freeing and cleaning any memory associated with <b>in</b>. The caller must ensure that the length of the key is suitable for the ciphersuite associated with the SSL_SESSION.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>You probably shouldn&#39;t use these functions.</p>
+
+<p>These functions expose internal values from the TLS handshake, for use in low-level protocols. You probably should not use them, unless you are implementing something that needs access to the internal protocol details.</p>
+
+<p>Despite the names of SSL_get_client_random() and SSL_get_server_random(), they ARE NOT random number generators. Instead, they return the mostly-random values that were already generated and used in the TLS protocol. Using them in place of RAND_bytes() would be grossly foolish.</p>
+
+<p>The security of your TLS session depends on keeping the master key secret: do not expose it, or any information about it, to anybody. If you need to calculate another secret value that depends on the master secret, you should probably use SSL_export_keying_material() instead, and forget that you ever saw these functions.</p>
+
+<p>In current versions of the TLS protocols, the length of client_random (and also server_random) is always SSL3_RANDOM_SIZE bytes. Support for other outlen arguments to the SSL_get_*_random() functions is provided in case of the unlikely event that a future version or variant of TLS uses some other length there.</p>
+
+<p>Finally, though the &quot;client_random&quot; and &quot;server_random&quot; values are called &quot;random&quot;, many TLS implementations will generate four bytes of those values based on their view of the current time.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_set1_master_key() returns 1 on success or 0 on failure.</p>
+
+<p>For the other functions, if <b>outlen</b> is greater than 0 then these functions return the number of bytes actually copied, which will be less than or equal to <b>outlen</b>. If <b>outlen</b> is 0 then these functions return the maximum number of bytes they would copy -- that is, the length of the underlying field.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_server_tmp_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_server_tmp_key.html
new file mode 100644
index 000000000..19ef8a4e9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_server_tmp_key.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_tmp_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_tmp_key, SSL_get_server_tmp_key, SSL_get_tmp_key - get information about temporary keys used during a handshake</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_get_peer_tmp_key(SSL *ssl, EVP_PKEY **key);
+ long SSL_get_server_tmp_key(SSL *ssl, EVP_PKEY **key);
+ long SSL_get_tmp_key(SSL *ssl, EVP_PKEY **key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_tmp_key() returns the temporary key provided by the peer and used during key exchange. For example, if ECDHE is in use, then this represents the peer&#39;s public ECDHE key. On success a pointer to the key is stored in <b>*key</b>. It is the caller&#39;s responsibility to free this key after use using <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>.</p>
+
+<p>SSL_get_server_tmp_key() is a backwards compatibility alias for SSL_get_peer_tmp_key(). Under that name it worked just on the client side of the connection, its behaviour on the server end is release-dependent.</p>
+
+<p>SSL_get_tmp_key() returns the equivalent information for the local end of the connection.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 on success and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This function is implemented as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_servername.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_servername.html
new file mode 100644
index 000000000..4cf6c16a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_servername.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_servername_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type, SSL_get_servername, SSL_set_tlsext_host_name - handle server name indication (SNI)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
+                                   int (*cb)(SSL *, int *, void *));
+ long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
+
+ const char *SSL_get_servername(const SSL *s, const int type);
+ int SSL_get_servername_type(const SSL *s);
+
+ int SSL_set_tlsext_host_name(const SSL *s, const char *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functionality provided by the servername callback is superseded by the ClientHello callback, which can be set using SSL_CTX_set_client_hello_cb(). The servername callback is retained for historical compatibility.</p>
+
+<p>SSL_CTX_set_tlsext_servername_callback() sets the application callback <b>cb</b> used by a server to perform any actions or configuration required based on the servername extension received in the incoming connection. When <b>cb</b> is NULL, SNI is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p>SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be passed into the callback for this <b>SSL_CTX</b>.</p>
+
+<p>SSL_get_servername() returns a servername extension value of the specified type if provided in the Client Hello or NULL.</p>
+
+<p>SSL_get_servername_type() returns the servername type or -1 if no servername is present. Currently the only supported type (defined in RFC3546) is <b>TLSEXT_NAMETYPE_host_name</b>.</p>
+
+<p>SSL_set_tlsext_host_name() sets the server name indication ClientHello extension to contain the value <b>name</b>. The type of server name indication extension is set to <b>TLSEXT_NAMETYPE_host_name</b> (defined in RFC3546).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Several callbacks are executed during ClientHello processing, including the ClientHello, ALPN, and servername callbacks. The ClientHello callback is executed first, then the servername callback, followed by the ALPN callback.</p>
+
+<p>The SSL_set_tlsext_host_name() function should only be called on SSL objects that will act as clients; otherwise the configured <b>name</b> will be ignored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback() and SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success. SSL_set_tlsext_host_name() returns 1 on success, 0 in case of error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_alpn_select_cb.html">SSL_CTX_set_alpn_select_cb(3)</a>, <a href="../man3/SSL_get0_alpn_selected.html">SSL_get0_alpn_selected(3)</a>, <a href="../man3/SSL_CTX_set_client_hello_cb.html">SSL_CTX_set_client_hello_cb(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_servername_type.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_servername_type.html
new file mode 100644
index 000000000..4cf6c16a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_servername_type.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_servername_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type, SSL_get_servername, SSL_set_tlsext_host_name - handle server name indication (SNI)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
+                                   int (*cb)(SSL *, int *, void *));
+ long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
+
+ const char *SSL_get_servername(const SSL *s, const int type);
+ int SSL_get_servername_type(const SSL *s);
+
+ int SSL_set_tlsext_host_name(const SSL *s, const char *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functionality provided by the servername callback is superseded by the ClientHello callback, which can be set using SSL_CTX_set_client_hello_cb(). The servername callback is retained for historical compatibility.</p>
+
+<p>SSL_CTX_set_tlsext_servername_callback() sets the application callback <b>cb</b> used by a server to perform any actions or configuration required based on the servername extension received in the incoming connection. When <b>cb</b> is NULL, SNI is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p>SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be passed into the callback for this <b>SSL_CTX</b>.</p>
+
+<p>SSL_get_servername() returns a servername extension value of the specified type if provided in the Client Hello or NULL.</p>
+
+<p>SSL_get_servername_type() returns the servername type or -1 if no servername is present. Currently the only supported type (defined in RFC3546) is <b>TLSEXT_NAMETYPE_host_name</b>.</p>
+
+<p>SSL_set_tlsext_host_name() sets the server name indication ClientHello extension to contain the value <b>name</b>. The type of server name indication extension is set to <b>TLSEXT_NAMETYPE_host_name</b> (defined in RFC3546).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Several callbacks are executed during ClientHello processing, including the ClientHello, ALPN, and servername callbacks. The ClientHello callback is executed first, then the servername callback, followed by the ALPN callback.</p>
+
+<p>The SSL_set_tlsext_host_name() function should only be called on SSL objects that will act as clients; otherwise the configured <b>name</b> will be ignored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback() and SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success. SSL_set_tlsext_host_name() returns 1 on success, 0 in case of error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_alpn_select_cb.html">SSL_CTX_set_alpn_select_cb(3)</a>, <a href="../man3/SSL_get0_alpn_selected.html">SSL_get0_alpn_selected(3)</a>, <a href="../man3/SSL_CTX_set_client_hello_cb.html">SSL_CTX_set_client_hello_cb(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_session.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_session.html
new file mode 100644
index 000000000..d9b4c7986
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_session.html
@@ -0,0 +1,97 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_session</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_session, SSL_get0_session, SSL_get1_session - retrieve TLS/SSL session data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *SSL_get_session(const SSL *ssl);
+ SSL_SESSION *SSL_get0_session(const SSL *ssl);
+ SSL_SESSION *SSL_get1_session(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_session() returns a pointer to the <b>SSL_SESSION</b> actually used in <b>ssl</b>. The reference count of the <b>SSL_SESSION</b> is not incremented, so that the pointer can become invalid by other operations.</p>
+
+<p>SSL_get0_session() is the same as SSL_get_session().</p>
+
+<p>SSL_get1_session() is the same as SSL_get_session(), but the reference count of the <b>SSL_SESSION</b> is incremented by one.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The ssl session contains all information required to re-establish the connection without a full handshake for SSL versions up to and including TLSv1.2. In TLSv1.3 the same is true, but sessions are established after the main handshake has occurred. The server will send the session information to the client at a time of its choosing, which may be some while after the initial connection is established (or never). Calling these functions on the client side in TLSv1.3 before the session has been established will still return an SSL_SESSION object but that object cannot be used for resuming the session. See <a href="../man3/SSL_SESSION_is_resumable.html">SSL_SESSION_is_resumable(3)</a> for information on how to determine whether an SSL_SESSION object can be used for resumption or not.</p>
+
+<p>Additionally, in TLSv1.3, a server can send multiple messages that establish a session for a single connection. In that case the above functions will only return information on the last session that was received.</p>
+
+<p>The preferred way for applications to obtain a resumable SSL_SESSION object is to use a new session callback as described in <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a>. The new session callback is only invoked when a session is actually established, so this avoids the problem described above where an application obtains an SSL_SESSION object that cannot be used for resumption in TLSv1.3. It also enables applications to obtain information about all sessions sent by the server.</p>
+
+<p>A session will be automatically removed from the session cache and marked as non-resumable if the connection is not closed down cleanly, e.g. if a fatal error occurs on the connection or <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> is not called prior to <a href="../man3/SSL_free.html">SSL_free(3)</a>.</p>
+
+<p>In TLSv1.3 it is recommended that each SSL_SESSION object is only used for resumption once.</p>
+
+<p>SSL_get0_session() returns a pointer to the actual session. As the reference counter is not incremented, the pointer is only valid while the connection is in use. If <a href="../man3/SSL_clear.html">SSL_clear(3)</a> or <a href="../man3/SSL_free.html">SSL_free(3)</a> is called, the session may be removed completely (if considered bad), and the pointer obtained will become invalid. Even if the session is valid, it can be removed at any time due to timeout during <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>.</p>
+
+<p>If the data is to be kept, SSL_get1_session() will increment the reference count, so that the session will not be implicitly removed by other operations but stays in memory. In order to remove the session <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a> must be explicitly called once to decrement the reference count again.</p>
+
+<p>SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object&#39;s session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>There is no session available in <b>ssl</b>.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_SESSION">Pointer to an SSL_SESSION</dt>
+<dd>
+
+<p>The return value points to the data of an SSL session.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_ciphers.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_ciphers.html
new file mode 100644
index 000000000..4230a6de9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_ciphers.html
@@ -0,0 +1,89 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_ciphers</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get1_supported_ciphers, SSL_get_client_ciphers, SSL_get_ciphers, SSL_CTX_get_ciphers, SSL_bytes_to_cipher_list, SSL_get_cipher_list, SSL_get_shared_ciphers - get list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+ STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *ssl);
+ int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len,
+                              int isv2format, STACK_OF(SSL_CIPHER) **sk,
+                              STACK_OF(SSL_CIPHER) **scsvs);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ssl</b>, sorted by preference. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_CTX_get_ciphers() returns the stack of available SSL_CIPHERs for <b>ctx</b>.</p>
+
+<p>SSL_get1_supported_ciphers() returns the stack of enabled SSL_CIPHERs for <b>ssl</b> as would be sent in a ClientHello (that is, sorted by preference). The list depends on settings like the cipher list, the supported protocol versions, the security level, and the enabled signature algorithms. SRP and PSK ciphers are only enabled if the appropriate callbacks or settings have been applied. The list of ciphers that would be sent in a ClientHello can differ from the list of ciphers that would be acceptable when acting as a server. For example, additional ciphers may be usable by a server if there is a gap in the list of supported protocols, and some ciphers may not be usable by a server if there is not a suitable certificate configured. If <b>ssl</b> is NULL or no ciphers are available, NULL is returned.</p>
+
+<p>SSL_get_client_ciphers() returns the stack of available SSL_CIPHERs matching the list received from the client on <b>ssl</b>. If <b>ssl</b> is NULL, no ciphers are available, or <b>ssl</b> is not operating in server mode, NULL is returned.</p>
+
+<p>SSL_bytes_to_cipher_list() treats the supplied <b>len</b> octets in <b>bytes</b> as a wire-protocol cipher suite specification (in the three-octet-per-cipher SSLv2 wire format if <b>isv2format</b> is nonzero; otherwise the two-octet SSLv3/TLS wire format), and parses the cipher suites supported by the library into the returned stacks of SSL_CIPHER objects sk and Signalling Cipher-Suite Values scsvs. Unsupported cipher suites are ignored. Returns 1 on success and 0 on failure.</p>
+
+<p>SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER listed for <b>ssl</b> with <b>priority</b>. If <b>ssl</b> is NULL, no ciphers are available, or there are less ciphers than <b>priority</b> available, NULL is returned.</p>
+
+<p>SSL_get_shared_ciphers() creates a colon separated and NUL terminated list of SSL_CIPHER names that are available in both the client and the server. <b>buf</b> is the buffer that should be populated with the list of names and <b>size</b> is the size of that buffer. A pointer to <b>buf</b> is returned on success or NULL on error. If the supplied buffer is not large enough to contain the complete list of names then a truncated list of names will be returned. Note that just because a ciphersuite is available (i.e. it is configured in the cipher list) and shared by both the client and the server it does not mean that it is enabled (see the description of SSL_get1_supported_ciphers() above). This function will return available shared ciphersuites whether or not they are enabled. This is a server side function only and must only be called after the completion of the initial handshake.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The details of the ciphers obtained by SSL_get_ciphers(), SSL_CTX_get_ciphers() SSL_get1_supported_ciphers() and SSL_get_client_ciphers() can be obtained using the <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a> family of functions.</p>
+
+<p>Call SSL_get_cipher_list() with <b>priority</b> starting from 0 to obtain the sorted list of available ciphers, until NULL is returned.</p>
+
+<p>Note: SSL_get_ciphers(), SSL_CTX_get_ciphers() and SSL_get_client_ciphers() return a pointer to an internal cipher stack, which will be freed later on when the SSL or SSL_SESSION object is freed. Therefore, the calling code <b>MUST NOT</b> free the return value itself.</p>
+
+<p>The stack returned by SSL_get1_supported_ciphers() should be freed using sk_SSL_CIPHER_free().</p>
+
+<p>The stacks returned by SSL_bytes_to_cipher_list() should be freed using sk_SSL_CIPHER_free().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_curve.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_curve.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_curve.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_group.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_group.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_group.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_sigalgs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_sigalgs.html
new file mode 100644
index 000000000..824a989b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shared_sigalgs.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_shared_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_shared_sigalgs, SSL_get_sigalgs - get supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_shared_sigalgs(SSL *s, int idx,
+                            int *psign, int *phash, int *psignhash,
+                            unsigned char *rsig, unsigned char *rhash);
+
+ int SSL_get_sigalgs(SSL *s, int idx,
+                     int *psign, int *phash, int *psignhash,
+                     unsigned char *rsig, unsigned char *rhash);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_shared_sigalgs() returns information about the shared signature algorithms supported by peer <b>s</b>. The parameter <b>idx</b> indicates the index of the shared signature algorithm to return starting from zero. The signature algorithm NID is written to <b>*psign</b>, the hash NID to <b>*phash</b> and the sign and hash NID to <b>*psignhash</b>. The raw signature and hash values are written to <b>*rsig</b> and <b>*rhash</b>.</p>
+
+<p>SSL_get_sigalgs() is similar to SSL_get_shared_sigalgs() except it returns information about all signature algorithms supported by <b>s</b> in the order they were sent by the peer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_shared_sigalgs() and SSL_get_sigalgs() return the number of signature algorithms or <b>0</b> if the <b>idx</b> parameter is out of range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are typically called for debugging purposes (to report the peer&#39;s preferences) or where an application wants finer control over certificate selection. Most applications will rely on internal handling and will not need to call them.</p>
+
+<p>If an application is only interested in the highest preference shared signature algorithm it can just set <b>idx</b> to zero.</p>
+
+<p>Any or all of the parameters <b>psign</b>, <b>phash</b>, <b>psignhash</b>, <b>rsig</b> or <b>rhash</b> can be set to <b>NULL</b> if the value is not required. By setting them all to <b>NULL</b> and setting <b>idx</b> to zero the total number of signature algorithms can be determined: which can be zero.</p>
+
+<p>These functions must be called after the peer has sent a list of supported signature algorithms: after a client hello (for servers) or a certificate request (for clients). They can (for example) be called in the certificate callback.</p>
+
+<p>Only TLS 1.2, TLS 1.3 and DTLS 1.2 currently support signature algorithms. If these functions are called on an earlier version of TLS or DTLS zero is returned.</p>
+
+<p>The shared signature algorithms returned by SSL_get_shared_sigalgs() are ordered according to configuration and peer preferences.</p>
+
+<p>The raw values correspond to the on the wire form as defined by RFC5246 et al. The NIDs are OpenSSL equivalents. For example if the peer sent sha256(4) and rsa(1) then <b>*rhash</b> would be 4, <b>*rsign</b> 1, <b>*phash</b> NID_sha256, <b>*psig</b> NID_rsaEncryption and <b>*psighash</b> NID_sha256WithRSAEncryption.</p>
+
+<p>If a signature algorithm is not recognised the corresponding NIDs will be set to <b>NID_undef</b>. This may be because the value is not supported, is not an appropriate combination (for example MD5 and DSA) or the signature algorithm does not use a hash (for example Ed25519).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_cert_cb.html">SSL_CTX_set_cert_cb(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shutdown.html
new file mode 100644
index 000000000..fb57a1ee7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_shutdown.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_shutdown</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_shutdown(SSL *ssl, int mode);
+
+ int SSL_get_shutdown(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_shutdown() sets the shutdown state of <b>ssl</b> to <b>mode</b>.</p>
+
+<p>SSL_get_shutdown() returns the shutdown mode of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The shutdown state of an ssl connection is a bitmask of:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>No shutdown setting, yet.</p>
+
+</dd>
+<dt id="SSL_SENT_SHUTDOWN">SSL_SENT_SHUTDOWN</dt>
+<dd>
+
+<p>A close_notify shutdown alert was sent to the peer, the connection is being considered closed and the session is closed and correct.</p>
+
+</dd>
+<dt id="SSL_RECEIVED_SHUTDOWN">SSL_RECEIVED_SHUTDOWN</dt>
+<dd>
+
+<p>A shutdown alert was received form the peer, either a normal close_notify or a fatal error.</p>
+
+</dd>
+</dl>
+
+<p>SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time.</p>
+
+<p>The shutdown state of the connection is used to determine the state of the ssl session. If the session is still open, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> or <a href="../man3/SSL_free.html">SSL_free(3)</a> is called, it is considered bad and removed according to RFC2246. The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN (according to the TLS RFC, it is acceptable to only send the close_notify alert but to not wait for the peer&#39;s answer, when the underlying connection is closed). SSL_set_shutdown() can be used to set this state without sending a close alert to the peer (see <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>).</p>
+
+<p>If a close_notify was received, SSL_RECEIVED_SHUTDOWN will be set, for setting SSL_SENT_SHUTDOWN the application must however still call <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> or SSL_set_shutdown() itself.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_shutdown() does not return diagnostic information.</p>
+
+<p>SSL_get_shutdown() returns the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_CTX_set_quiet_shutdown.html">SSL_CTX_set_quiet_shutdown(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_sigalgs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_sigalgs.html
new file mode 100644
index 000000000..824a989b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_sigalgs.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_shared_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_shared_sigalgs, SSL_get_sigalgs - get supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_shared_sigalgs(SSL *s, int idx,
+                            int *psign, int *phash, int *psignhash,
+                            unsigned char *rsig, unsigned char *rhash);
+
+ int SSL_get_sigalgs(SSL *s, int idx,
+                     int *psign, int *phash, int *psignhash,
+                     unsigned char *rsig, unsigned char *rhash);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_shared_sigalgs() returns information about the shared signature algorithms supported by peer <b>s</b>. The parameter <b>idx</b> indicates the index of the shared signature algorithm to return starting from zero. The signature algorithm NID is written to <b>*psign</b>, the hash NID to <b>*phash</b> and the sign and hash NID to <b>*psignhash</b>. The raw signature and hash values are written to <b>*rsig</b> and <b>*rhash</b>.</p>
+
+<p>SSL_get_sigalgs() is similar to SSL_get_shared_sigalgs() except it returns information about all signature algorithms supported by <b>s</b> in the order they were sent by the peer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_shared_sigalgs() and SSL_get_sigalgs() return the number of signature algorithms or <b>0</b> if the <b>idx</b> parameter is out of range.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are typically called for debugging purposes (to report the peer&#39;s preferences) or where an application wants finer control over certificate selection. Most applications will rely on internal handling and will not need to call them.</p>
+
+<p>If an application is only interested in the highest preference shared signature algorithm it can just set <b>idx</b> to zero.</p>
+
+<p>Any or all of the parameters <b>psign</b>, <b>phash</b>, <b>psignhash</b>, <b>rsig</b> or <b>rhash</b> can be set to <b>NULL</b> if the value is not required. By setting them all to <b>NULL</b> and setting <b>idx</b> to zero the total number of signature algorithms can be determined: which can be zero.</p>
+
+<p>These functions must be called after the peer has sent a list of supported signature algorithms: after a client hello (for servers) or a certificate request (for clients). They can (for example) be called in the certificate callback.</p>
+
+<p>Only TLS 1.2, TLS 1.3 and DTLS 1.2 currently support signature algorithms. If these functions are called on an earlier version of TLS or DTLS zero is returned.</p>
+
+<p>The shared signature algorithms returned by SSL_get_shared_sigalgs() are ordered according to configuration and peer preferences.</p>
+
+<p>The raw values correspond to the on the wire form as defined by RFC5246 et al. The NIDs are OpenSSL equivalents. For example if the peer sent sha256(4) and rsa(1) then <b>*rhash</b> would be 4, <b>*rsign</b> 1, <b>*phash</b> NID_sha256, <b>*psig</b> NID_rsaEncryption and <b>*psighash</b> NID_sha256WithRSAEncryption.</p>
+
+<p>If a signature algorithm is not recognised the corresponding NIDs will be set to <b>NID_undef</b>. This may be because the value is not supported, is not an appropriate combination (for example MD5 and DSA) or the signature algorithm does not use a hash (for example Ed25519).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_cert_cb.html">SSL_CTX_set_cert_cb(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_signature_nid.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_signature_nid.html
new file mode 100644
index 000000000..e4128afba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_signature_nid.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_signature_nid</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_signature_nid, SSL_get_peer_signature_type_nid, SSL_get_signature_nid, SSL_get_signature_type_nid - get TLS message signing types</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_peer_signature_nid(SSL *ssl, int *psig_nid);
+ int SSL_get_peer_signature_type_nid(const SSL *ssl, int *psigtype_nid);
+ int SSL_get_signature_nid(SSL *ssl, int *psig_nid);
+ int SSL_get_signature_type_nid(const SSL *ssl, int *psigtype_nid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_signature_nid() sets <b>*psig_nid</b> to the NID of the digest used by the peer to sign TLS messages. It is implemented as a macro.</p>
+
+<p>SSL_get_peer_signature_type_nid() sets <b>*psigtype_nid</b> to the signature type used by the peer to sign TLS messages. Currently the signature type is the NID of the public key type used for signing except for PSS signing where it is <b>EVP_PKEY_RSA_PSS</b>. To differentiate between <b>rsa_pss_rsae_*</b> and <b>rsa_pss_pss_*</b> signatures, it&#39;s necessary to check the type of public key in the peer&#39;s certificate.</p>
+
+<p>SSL_get_signature_nid() and SSL_get_signature_type_nid() return the equivalent information for the local end of the connection.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 for success and 0 for failure. There are several possible reasons for failure: the cipher suite has no signature (e.g. it uses RSA key exchange or is anonymous), the TLS version is below 1.2 or the functions were called too early, e.g. before the peer signed a message.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_signature_type_nid.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_signature_type_nid.html
new file mode 100644
index 000000000..e4128afba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_signature_type_nid.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_signature_nid</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_signature_nid, SSL_get_peer_signature_type_nid, SSL_get_signature_nid, SSL_get_signature_type_nid - get TLS message signing types</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_peer_signature_nid(SSL *ssl, int *psig_nid);
+ int SSL_get_peer_signature_type_nid(const SSL *ssl, int *psigtype_nid);
+ int SSL_get_signature_nid(SSL *ssl, int *psig_nid);
+ int SSL_get_signature_type_nid(const SSL *ssl, int *psigtype_nid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_signature_nid() sets <b>*psig_nid</b> to the NID of the digest used by the peer to sign TLS messages. It is implemented as a macro.</p>
+
+<p>SSL_get_peer_signature_type_nid() sets <b>*psigtype_nid</b> to the signature type used by the peer to sign TLS messages. Currently the signature type is the NID of the public key type used for signing except for PSS signing where it is <b>EVP_PKEY_RSA_PSS</b>. To differentiate between <b>rsa_pss_rsae_*</b> and <b>rsa_pss_pss_*</b> signatures, it&#39;s necessary to check the type of public key in the peer&#39;s certificate.</p>
+
+<p>SSL_get_signature_nid() and SSL_get_signature_type_nid() return the equivalent information for the local end of the connection.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions return 1 for success and 0 for failure. There are several possible reasons for failure: the cipher suite has no signature (e.g. it uses RSA key exchange or is anonymous), the TLS version is below 1.2 or the functions were called too early, e.g. before the peer signed a message.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_srtp_profiles.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_srtp_profiles.html
new file mode 100644
index 000000000..6f32f070f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_srtp_profiles.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_use_srtp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_use_srtp, SSL_set_tlsext_use_srtp, SSL_get_srtp_profiles, SSL_get_selected_srtp_profile - Configure and query SRTP support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/srtp.h&gt;
+
+ int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
+ int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles);
+
+ STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SRTP is the Secure Real-Time Transport Protocol. OpenSSL implements support for the &quot;use_srtp&quot; DTLS extension defined in RFC5764. This provides a mechanism for establishing SRTP keying material, algorithms and parameters using DTLS. This capability may be used as part of an implementation that conforms to RFC5763. OpenSSL does not implement SRTP itself or RFC5763. Note that OpenSSL does not support the use of SRTP Master Key Identifiers (MKIs). Also note that this extension is only supported in DTLS. Any SRTP configuration will be ignored if a TLS connection is attempted.</p>
+
+<p>An OpenSSL client wishing to send the &quot;use_srtp&quot; extension should call SSL_CTX_set_tlsext_use_srtp() to set its use for all SSL objects subsequently created from an SSL_CTX. Alternatively a client may call SSL_set_tlsext_use_srtp() to set its use for an individual SSL object. The <b>profiles</b> parameters should point to a NUL-terminated, colon delimited list of SRTP protection profile names.</p>
+
+<p>The currently supported protection profile names are:</p>
+
+<dl>
+
+<dt id="SRTP_AES128_CM_SHA1_80">SRTP_AES128_CM_SHA1_80</dt>
+<dd>
+
+<p>This corresponds to SRTP_AES128_CM_HMAC_SHA1_80 defined in RFC5764.</p>
+
+</dd>
+<dt id="SRTP_AES128_CM_SHA1_32">SRTP_AES128_CM_SHA1_32</dt>
+<dd>
+
+<p>This corresponds to SRTP_AES128_CM_HMAC_SHA1_32 defined in RFC5764.</p>
+
+</dd>
+<dt id="SRTP_AEAD_AES_128_GCM">SRTP_AEAD_AES_128_GCM</dt>
+<dd>
+
+<p>This corresponds to the profile of the same name defined in RFC7714.</p>
+
+</dd>
+<dt id="SRTP_AEAD_AES_256_GCM">SRTP_AEAD_AES_256_GCM</dt>
+<dd>
+
+<p>This corresponds to the profile of the same name defined in RFC7714.</p>
+
+</dd>
+</dl>
+
+<p>Supplying an unrecognised protection profile name will result in an error.</p>
+
+<p>An OpenSSL server wishing to support the &quot;use_srtp&quot; extension should also call SSL_CTX_set_tlsext_use_srtp() or SSL_set_tlsext_use_srtp() to indicate the protection profiles that it is willing to negotiate.</p>
+
+<p>The currently configured list of protection profiles for either a client or a server can be obtained by calling SSL_get_srtp_profiles(). This returns a stack of SRTP_PROTECTION_PROFILE objects. The memory pointed to in the return value of this function should not be freed by the caller.</p>
+
+<p>After a handshake has been completed the negotiated SRTP protection profile (if any) can be obtained (on the client or the server) by calling SSL_get_selected_srtp_profile(). This function will return NULL if no SRTP protection profile was negotiated. The memory returned from this function should not be freed by the caller.</p>
+
+<p>If an SRTP protection profile has been successfully negotiated then the SRTP keying material (on both the client and server) should be obtained via a call to <a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a>. This call should provide a label value of &quot;EXTRACTOR-dtls_srtp&quot; and a NULL context value (use_context is 0). The total length of keying material obtained should be equal to two times the sum of the master key length and the salt length as defined for the protection profile in use. This provides the client write master key, the server write master key, the client write master salt and the server write master salt in that order.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_use_srtp() and SSL_set_tlsext_use_srtp() return 0 on success or 1 on error.</p>
+
+<p>SSL_get_srtp_profiles() returns a stack of SRTP_PROTECTION_PROFILE objects on success or NULL on error or if no protection profiles have been configured.</p>
+
+<p>SSL_get_selected_srtp_profile() returns a pointer to an SRTP_PROTECTION_PROFILE object if one has been negotiated or NULL otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_ssl_method.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_ssl_method.html
new file mode 100644
index 000000000..c61545867
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_ssl_method.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ssl_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method - choose a new TLS/SSL method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
+ int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+ const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_ssl_version() sets a new default TLS/SSL <b>method</b> for SSL objects newly created from this <b>ctx</b>. SSL objects already created with <a href="../man3/SSL_new.html">SSL_new(3)</a> are not affected, except when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is being called.</p>
+
+<p>SSL_set_ssl_method() sets a new TLS/SSL <b>method</b> for a particular <b>ssl</b> object. It may be reset, when SSL_clear() is called.</p>
+
+<p>SSL_get_ssl_method() returns a function pointer to the TLS/SSL method set in <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The available <b>method</b> choices are described in <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>.</p>
+
+<p>When <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called and no session is connected to an SSL object, the method of the SSL object is reset to the method currently set in the corresponding SSL_CTX object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur for SSL_CTX_set_ssl_version() and SSL_set_ssl_method():</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The new choice failed, check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_state.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_state.html
new file mode 100644
index 000000000..aeb212890
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_state.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_in_init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_in_before, SSL_in_init, SSL_is_init_finished, SSL_in_connect_init, SSL_in_accept_init, SSL_get_state - retrieve information about the handshake state machine</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_in_init(const SSL *s);
+ int SSL_in_before(const SSL *s);
+ int SSL_is_init_finished(const SSL *s);
+
+ int SSL_in_connect_init(SSL *s);
+ int SSL_in_accept_init(SSL *s);
+
+ OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_in_init() returns 1 if the SSL/TLS state machine is currently processing or awaiting handshake messages, or 0 otherwise.</p>
+
+<p>SSL_in_before() returns 1 if no SSL/TLS handshake has yet been initiated, or 0 otherwise.</p>
+
+<p>SSL_is_init_finished() returns 1 if the SSL/TLS connection is in a state where fully protected application data can be transferred or 0 otherwise.</p>
+
+<p>Note that in some circumstances (such as when early data is being transferred) SSL_in_init(), SSL_in_before() and SSL_is_init_finished() can all return 0.</p>
+
+<p>SSL_in_connect_init() returns 1 if <b>s</b> is acting as a client and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_accept_init() returns 1 if <b>s</b> is acting as a server and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_connect_init() and SSL_in_accept_init() are implemented as macros.</p>
+
+<p>SSL_get_state() returns a value indicating the current state of the handshake state machine. OSSL_HANDSHAKE_STATE is an enumerated type where each value indicates a discrete state machine state. Note that future versions of OpenSSL may define more states so applications should expect to receive unrecognised state values. The naming format is made up of a number of elements as follows:</p>
+
+<p><b>protocol</b>_ST_<b>role</b>_<b>message</b></p>
+
+<p><b>protocol</b> is one of TLS or DTLS. DTLS is used where a state is specific to the DTLS protocol. Otherwise TLS is used.</p>
+
+<p><b>role</b> is one of CR, CW, SR or SW to indicate &quot;client reading&quot;, &quot;client writing&quot;, &quot;server reading&quot; or &quot;server writing&quot; respectively.</p>
+
+<p><b>message</b> is the name of a handshake message that is being or has been sent, or is being or has been processed.</p>
+
+<p>Additionally there are some special states that do not conform to the above format. These are:</p>
+
+<dl>
+
+<dt id="TLS_ST_BEFORE">TLS_ST_BEFORE</dt>
+<dd>
+
+<p>No handshake messages have yet been been sent or received.</p>
+
+</dd>
+<dt id="TLS_ST_OK">TLS_ST_OK</dt>
+<dd>
+
+<p>Handshake message sending/processing has completed.</p>
+
+</dd>
+<dt id="TLS_ST_EARLY_DATA">TLS_ST_EARLY_DATA</dt>
+<dd>
+
+<p>Early data is being processed</p>
+
+</dd>
+<dt id="TLS_ST_PENDING_EARLY_DATA_END">TLS_ST_PENDING_EARLY_DATA_END</dt>
+<dd>
+
+<p>Awaiting the end of early data processing</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_in_init(), SSL_in_before(), SSL_is_init_finished(), SSL_in_connect_init() and SSL_in_accept_init() return values as indicated above.</p>
+
+<p>SSL_get_state() returns the current handshake state.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_time.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_time.html
new file mode 100644
index 000000000..d4c3a8446
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_time.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout, SSL_get_time, SSL_set_time, SSL_get_timeout, SSL_set_timeout - retrieve and manipulate session time and timeout settings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_time() returns the time at which the session <b>s</b> was established. The time is given in seconds since the Epoch and therefore compatible to the time delivered by the time() call.</p>
+
+<p>SSL_SESSION_set_time() replaces the creation time of the session <b>s</b> with the chosen value <b>tm</b>.</p>
+
+<p>SSL_SESSION_get_timeout() returns the timeout value set for session <b>s</b> in seconds.</p>
+
+<p>SSL_SESSION_set_timeout() sets the timeout value for session <b>s</b> in seconds to <b>tm</b>.</p>
+
+<p>The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout() functions are synonyms for the SSL_SESSION_*() counterparts.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are expired by examining the creation time and the timeout value. Both are set at creation time of the session to the actual time and the default timeout value at creation, respectively, as set by <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>. Using these functions it is possible to extend or shorten the lifetime of the session.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently valid values.</p>
+
+<p>SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.</p>
+
+<p>If any of the function is passed the NULL pointer for the session <b>s</b>, 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_timeout.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_timeout.html
new file mode 100644
index 000000000..d4c3a8446
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_timeout.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout, SSL_get_time, SSL_set_time, SSL_get_timeout, SSL_set_timeout - retrieve and manipulate session time and timeout settings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_time() returns the time at which the session <b>s</b> was established. The time is given in seconds since the Epoch and therefore compatible to the time delivered by the time() call.</p>
+
+<p>SSL_SESSION_set_time() replaces the creation time of the session <b>s</b> with the chosen value <b>tm</b>.</p>
+
+<p>SSL_SESSION_get_timeout() returns the timeout value set for session <b>s</b> in seconds.</p>
+
+<p>SSL_SESSION_set_timeout() sets the timeout value for session <b>s</b> in seconds to <b>tm</b>.</p>
+
+<p>The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout() functions are synonyms for the SSL_SESSION_*() counterparts.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are expired by examining the creation time and the timeout value. Both are set at creation time of the session to the actual time and the default timeout value at creation, respectively, as set by <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>. Using these functions it is possible to extend or shorten the lifetime of the session.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently valid values.</p>
+
+<p>SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.</p>
+
+<p>If any of the function is passed the NULL pointer for the session <b>s</b>, 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_tlsext_status_ocsp_resp.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_tlsext_status_ocsp_resp.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_tlsext_status_ocsp_resp.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_tlsext_status_type.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_tlsext_status_type.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_tlsext_status_type.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_tmp_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_tmp_key.html
new file mode 100644
index 000000000..19ef8a4e9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_tmp_key.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_peer_tmp_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_peer_tmp_key, SSL_get_server_tmp_key, SSL_get_tmp_key - get information about temporary keys used during a handshake</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_get_peer_tmp_key(SSL *ssl, EVP_PKEY **key);
+ long SSL_get_server_tmp_key(SSL *ssl, EVP_PKEY **key);
+ long SSL_get_tmp_key(SSL *ssl, EVP_PKEY **key);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_peer_tmp_key() returns the temporary key provided by the peer and used during key exchange. For example, if ECDHE is in use, then this represents the peer&#39;s public ECDHE key. On success a pointer to the key is stored in <b>*key</b>. It is the caller&#39;s responsibility to free this key after use using <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a>.</p>
+
+<p>SSL_get_server_tmp_key() is a backwards compatibility alias for SSL_get_peer_tmp_key(). Under that name it worked just on the client side of the connection, its behaviour on the server end is release-dependent.</p>
+
+<p>SSL_get_tmp_key() returns the equivalent information for the local end of the connection.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 on success and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This function is implemented as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/EVP_PKEY_free.html">EVP_PKEY_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_callback.html
new file mode 100644
index 000000000..7c192f5fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_callback.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get_verify_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+ int SSL_get_verify_mode(const SSL *ssl);
+ int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+ int SSL_get_verify_depth(const SSL *ssl);
+ int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
+ int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get_verify_mode() returns the verification mode currently set in <b>ctx</b>.</p>
+
+<p>SSL_get_verify_mode() returns the verification mode currently set in <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_verify_depth() returns the verification depth limit currently set in <b>ctx</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_get_verify_depth() returns the verification depth limit currently set in <b>ssl</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_CTX_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<p>SSL_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ssl</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_depth.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_depth.html
new file mode 100644
index 000000000..7c192f5fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_depth.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get_verify_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+ int SSL_get_verify_mode(const SSL *ssl);
+ int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+ int SSL_get_verify_depth(const SSL *ssl);
+ int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
+ int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get_verify_mode() returns the verification mode currently set in <b>ctx</b>.</p>
+
+<p>SSL_get_verify_mode() returns the verification mode currently set in <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_verify_depth() returns the verification depth limit currently set in <b>ctx</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_get_verify_depth() returns the verification depth limit currently set in <b>ssl</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_CTX_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<p>SSL_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ssl</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_mode.html
new file mode 100644
index 000000000..7c192f5fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_mode.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get_verify_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+ int SSL_get_verify_mode(const SSL *ssl);
+ int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+ int SSL_get_verify_depth(const SSL *ssl);
+ int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
+ int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get_verify_mode() returns the verification mode currently set in <b>ctx</b>.</p>
+
+<p>SSL_get_verify_mode() returns the verification mode currently set in <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_verify_depth() returns the verification depth limit currently set in <b>ctx</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_get_verify_depth() returns the verification depth limit currently set in <b>ssl</b>. If no limit has been explicitly set, -1 is returned and the default value will be used.</p>
+
+<p>SSL_CTX_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<p>SSL_get_verify_callback() returns a function pointer to the verification callback currently set in <b>ssl</b>. If no callback was explicitly set, the NULL pointer is returned and the default callback will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See DESCRIPTION</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_result.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_result.html
new file mode 100644
index 000000000..d45622d3b
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_verify_result.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_verify_result</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_verify_result - get result of peer certificate verification</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_get_verify_result(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_verify_result() returns the result of the verification of the X509 certificate presented by the peer, if any.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_get_verify_result() can only return one error code while the verification of a certificate can fail because of many reasons at the same time. Only the last verification error that occurred during the processing is available from SSL_get_verify_result().</p>
+
+<p>The verification result is part of the established session and is restored when a session is reused.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>If no peer certificate was presented, the returned result code is X509_V_OK. This is because no verification error occurred, it does however not indicate success. SSL_get_verify_result() is only useful in connection with <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur:</p>
+
+<dl>
+
+<dt id="X509_V_OK">X509_V_OK</dt>
+<dd>
+
+<p>The verification succeeded or no peer certificate was presented.</p>
+
+</dd>
+<dt id="Any-other-value">Any other value</dt>
+<dd>
+
+<p>Documented in <a href="../man1/verify.html">verify(1)</a>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_verify_result.html">SSL_set_verify_result(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man1/verify.html">verify(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_version.html
new file mode 100644
index 000000000..4da1a9eba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_version.html
@@ -0,0 +1,145 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the protocol information of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_client_version(const SSL *s);
+
+ const char *SSL_get_version(const SSL *ssl);
+
+ int SSL_is_dtls(const SSL *ssl);
+
+ int SSL_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_client_version() returns the numeric protocol version advertised by the client in the legacy_version field of the ClientHello when initiating the connection. Note that, for TLS, this value will never indicate a version greater than TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version() returns the name of the protocol used for the connection. SSL_version() returns the numeric protocol version used for the connection. They should only be called after the initial handshake has been completed. Prior to that the results returned from these functions may be unreliable.</p>
+
+<p>SSL_is_dtls() returns one if the connection is using DTLS, zero if not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_version() returns one of the following strings:</p>
+
+<dl>
+
+<dt id="SSLv3">SSLv3</dt>
+<dd>
+
+<p>The connection uses the SSLv3 protocol.</p>
+
+</dd>
+<dt id="TLSv1">TLSv1</dt>
+<dd>
+
+<p>The connection uses the TLSv1.0 protocol.</p>
+
+</dd>
+<dt id="TLSv1.1">TLSv1.1</dt>
+<dd>
+
+<p>The connection uses the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1.2">TLSv1.2</dt>
+<dd>
+
+<p>The connection uses the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1.3">TLSv1.3</dt>
+<dd>
+
+<p>The connection uses the TLSv1.3 protocol.</p>
+
+</dd>
+<dt id="unknown">unknown</dt>
+<dd>
+
+<p>This indicates an unknown protocol version.</p>
+
+</dd>
+</dl>
+
+<p>SSL_version() and SSL_client_version() return an integer which could include any of the following:</p>
+
+<dl>
+
+<dt id="SSL3_VERSION">SSL3_VERSION</dt>
+<dd>
+
+<p>The connection uses the SSLv3 protocol.</p>
+
+</dd>
+<dt id="TLS1_VERSION">TLS1_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.0 protocol.</p>
+
+</dd>
+<dt id="TLS1_1_VERSION">TLS1_1_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLS1_2_VERSION">TLS1_2_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLS1_3_VERSION">TLS1_3_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.3 protocol (never returned for SSL_client_version()).</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_is_dtls() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_wbio.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_wbio.html
new file mode 100644
index 000000000..bc928dd69
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_wbio.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_rbio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_rbio, SSL_get_wbio - get BIO linked to an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ BIO *SSL_get_rbio(SSL *ssl);
+ BIO *SSL_get_wbio(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_rbio() and SSL_get_wbio() return pointers to the BIOs for the read or the write channel, which can be different. The reference count of the BIO is not incremented.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>No BIO was connected to the SSL object</p>
+
+</dd>
+<dt id="Any-other-pointer">Any other pointer</dt>
+<dd>
+
+<p>The BIO linked to <b>ssl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man7/ssl.html">ssl(7)</a> , <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_get_wfd.html b/msys2/usr/share/doc/openssl/html/man3/SSL_get_wfd.html
new file mode 100644
index 000000000..62a631bdf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_get_wfd.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_fd, SSL_get_rfd, SSL_get_wfd - get file descriptor linked to an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_get_fd(const SSL *ssl);
+ int SSL_get_rfd(const SSL *ssl);
+ int SSL_get_wfd(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_get_fd() returns the file descriptor which is linked to <b>ssl</b>. SSL_get_rfd() and SSL_get_wfd() return the file descriptors for the read or the write channel, which can be different. If the read and the write channel are different, SSL_get_fd() will return the file descriptor of the read channel.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod-1">-1</dt>
+<dd>
+
+<p>The operation failed, because the underlying BIO is not of the correct type (suitable for file descriptors).</p>
+
+</dd>
+<dt id="pod-0">&gt;=0</dt>
+<dd>
+
+<p>The file descriptor linked to <b>ssl</b>.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_set_fd.html">SSL_set_fd(3)</a>, <a href="../man7/ssl.html">ssl(7)</a> , <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_has_matching_session_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_has_matching_session_id.html
new file mode 100644
index 000000000..d6315039d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_has_matching_session_id.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_generate_session_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id, GEN_SESSION_CB - manipulate generation of SSL session IDs (server only)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
+                               unsigned int *id_len);
+
+ int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
+ int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb);
+ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+                                 unsigned int id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_generate_session_id() sets the callback function for generating new session ids for SSL/TLS sessions for <b>ctx</b> to be <b>cb</b>.</p>
+
+<p>SSL_set_generate_session_id() sets the callback function for generating new session ids for SSL/TLS sessions for <b>ssl</b> to be <b>cb</b>.</p>
+
+<p>SSL_has_matching_session_id() checks, whether a session with id <b>id</b> (of length <b>id_len</b>) is already contained in the internal session cache of the parent context of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a new session is established between client and server, the server generates a session id. The session id is an arbitrary sequence of bytes. The length of the session id is between 1 and 32 bytes. The session id is not security critical but must be unique for the server. Additionally, the session id is transmitted in the clear when reusing the session so it must not contain sensitive information.</p>
+
+<p>Without a callback being set, an OpenSSL server will generate a unique session id from pseudo random numbers of the maximum possible length. Using the callback function, the session id can be changed to contain additional information like e.g. a host id in order to improve load balancing or external caching techniques.</p>
+
+<p>The callback function receives a pointer to the memory location to put <b>id</b> into and a pointer to the maximum allowed length <b>id_len</b>. The buffer at location <b>id</b> is only guaranteed to have the size <b>id_len</b>. The callback is only allowed to generate a shorter id and reduce <b>id_len</b>; the callback <b>must never</b> increase <b>id_len</b> or write to the location <b>id</b> exceeding the given limit.</p>
+
+<p>The location <b>id</b> is filled with 0x00 before the callback is called, so the callback may only fill part of the possible length and leave <b>id_len</b> untouched while maintaining reproducibility.</p>
+
+<p>Since the sessions must be distinguished, session ids must be unique. Without the callback a random number is used, so that the probability of generating the same session id is extremely small (2^256 for SSLv3/TLSv1). In order to assure the uniqueness of the generated session id, the callback must call SSL_has_matching_session_id() and generate another id if a conflict occurs. If an id conflict is not resolved, the handshake will fail. If the application codes e.g. a unique host id, a unique process number, and a unique sequence number into the session id, uniqueness could easily be achieved without randomness added (it should however be taken care that no confidential information is leaked this way). If the application can not guarantee uniqueness, it is recommended to use the maximum <b>id_len</b> and fill in the bytes not used to code special information with random data to avoid collisions.</p>
+
+<p>SSL_has_matching_session_id() will only query the internal session cache, not the external one. Since the session id is generated before the handshake is completed, it is not immediately added to the cache. If another thread is using the same internal session cache, a race condition can occur in that another thread generates the same session id. Collisions can also occur when using an external session cache, since the external cache is not tested with SSL_has_matching_session_id() and the same race condition applies.</p>
+
+<p>The callback must return 0 if it cannot generate a session id for whatever reason and return 1 on success.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The callback function listed will generate a session id with the server id given, and will fill the rest with pseudo random bytes:</p>
+
+<pre><code> const char session_id_prefix = &quot;www-18&quot;;
+
+ #define MAX_SESSION_ID_ATTEMPTS 10
+ static int generate_session_id(const SSL *ssl, unsigned char *id,
+                                unsigned int *id_len)
+ {
+     unsigned int count = 0;
+
+     do {
+         RAND_pseudo_bytes(id, *id_len);
+         /*
+          * Prefix the session_id with the required prefix. NB: If our
+          * prefix is too long, clip it - but there will be worse effects
+          * anyway, eg. the server could only possibly create 1 session
+          * ID (ie. the prefix!) so all future session negotiations will
+          * fail due to conflicts.
+          */
+         memcpy(id, session_id_prefix, strlen(session_id_prefix) &lt; *id_len ?
+                                       strlen(session_id_prefix) : *id_len);
+     } while (SSL_has_matching_session_id(ssl, id, *id_len)
+               &amp;&amp; ++count &lt; MAX_SESSION_ID_ATTEMPTS);
+     if (count &gt;= MAX_SESSION_ID_ATTEMPTS)
+         return 0;
+     return 1;
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id() always return 1.</p>
+
+<p>SSL_has_matching_session_id() returns 1 if another session with the same id is already in the cache.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_version.html">SSL_get_version(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_has_pending.html b/msys2/usr/share/doc/openssl/html/man3/SSL_has_pending.html
new file mode 100644
index 000000000..65341e765
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_has_pending.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_pending</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_pending, SSL_has_pending - check for readable bytes buffered in an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_pending(const SSL *ssl);
+ int SSL_has_pending(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Data is received in whole blocks known as records from the peer. A whole record is processed (e.g. decrypted) in one go and is buffered by OpenSSL until it is read by the application via a call to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> or <a href="../man3/SSL_read.html">SSL_read(3)</a>.</p>
+
+<p>SSL_pending() returns the number of bytes which have been processed, buffered and are available inside <b>ssl</b> for immediate read.</p>
+
+<p>If the <b>SSL</b> object&#39;s <i>read_ahead</i> flag is set (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>), additional protocol bytes (beyond the current record) may have been read containing more TLS/SSL records. This also applies to DTLS and pipelining (see <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a>). These additional bytes will be buffered by OpenSSL but will remain unprocessed until they are needed. As these bytes are still in an unprocessed state SSL_pending() will ignore them. Therefore it is possible for no more bytes to be readable from the underlying BIO (because OpenSSL has already read them) and for SSL_pending() to return 0, even though readable application data bytes are available (because the data is in unprocessed buffered records).</p>
+
+<p>SSL_has_pending() returns 1 if <b>s</b> has buffered data (whether processed or unprocessed) and 0 otherwise. Note that it is possible for SSL_has_pending() to return 1, and then a subsequent call to SSL_read_ex() or SSL_read() to return no data because the unprocessed buffered data when processed yielded no application data (for example this can happen during renegotiation). It is also possible in this scenario for SSL_has_pending() to continue to return 1 even after an SSL_read_ex() or SSL_read() call because the buffered and unprocessed data is not yet processable (e.g. because OpenSSL has only received a partial record so far).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_pending() returns the number of buffered and processed application data bytes that are pending and are available for immediate read. SSL_has_pending() returns 1 if there is buffered record data in the SSL object and 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_has_pending() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_in_accept_init.html b/msys2/usr/share/doc/openssl/html/man3/SSL_in_accept_init.html
new file mode 100644
index 000000000..aeb212890
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_in_accept_init.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_in_init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_in_before, SSL_in_init, SSL_is_init_finished, SSL_in_connect_init, SSL_in_accept_init, SSL_get_state - retrieve information about the handshake state machine</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_in_init(const SSL *s);
+ int SSL_in_before(const SSL *s);
+ int SSL_is_init_finished(const SSL *s);
+
+ int SSL_in_connect_init(SSL *s);
+ int SSL_in_accept_init(SSL *s);
+
+ OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_in_init() returns 1 if the SSL/TLS state machine is currently processing or awaiting handshake messages, or 0 otherwise.</p>
+
+<p>SSL_in_before() returns 1 if no SSL/TLS handshake has yet been initiated, or 0 otherwise.</p>
+
+<p>SSL_is_init_finished() returns 1 if the SSL/TLS connection is in a state where fully protected application data can be transferred or 0 otherwise.</p>
+
+<p>Note that in some circumstances (such as when early data is being transferred) SSL_in_init(), SSL_in_before() and SSL_is_init_finished() can all return 0.</p>
+
+<p>SSL_in_connect_init() returns 1 if <b>s</b> is acting as a client and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_accept_init() returns 1 if <b>s</b> is acting as a server and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_connect_init() and SSL_in_accept_init() are implemented as macros.</p>
+
+<p>SSL_get_state() returns a value indicating the current state of the handshake state machine. OSSL_HANDSHAKE_STATE is an enumerated type where each value indicates a discrete state machine state. Note that future versions of OpenSSL may define more states so applications should expect to receive unrecognised state values. The naming format is made up of a number of elements as follows:</p>
+
+<p><b>protocol</b>_ST_<b>role</b>_<b>message</b></p>
+
+<p><b>protocol</b> is one of TLS or DTLS. DTLS is used where a state is specific to the DTLS protocol. Otherwise TLS is used.</p>
+
+<p><b>role</b> is one of CR, CW, SR or SW to indicate &quot;client reading&quot;, &quot;client writing&quot;, &quot;server reading&quot; or &quot;server writing&quot; respectively.</p>
+
+<p><b>message</b> is the name of a handshake message that is being or has been sent, or is being or has been processed.</p>
+
+<p>Additionally there are some special states that do not conform to the above format. These are:</p>
+
+<dl>
+
+<dt id="TLS_ST_BEFORE">TLS_ST_BEFORE</dt>
+<dd>
+
+<p>No handshake messages have yet been been sent or received.</p>
+
+</dd>
+<dt id="TLS_ST_OK">TLS_ST_OK</dt>
+<dd>
+
+<p>Handshake message sending/processing has completed.</p>
+
+</dd>
+<dt id="TLS_ST_EARLY_DATA">TLS_ST_EARLY_DATA</dt>
+<dd>
+
+<p>Early data is being processed</p>
+
+</dd>
+<dt id="TLS_ST_PENDING_EARLY_DATA_END">TLS_ST_PENDING_EARLY_DATA_END</dt>
+<dd>
+
+<p>Awaiting the end of early data processing</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_in_init(), SSL_in_before(), SSL_is_init_finished(), SSL_in_connect_init() and SSL_in_accept_init() return values as indicated above.</p>
+
+<p>SSL_get_state() returns the current handshake state.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_in_before.html b/msys2/usr/share/doc/openssl/html/man3/SSL_in_before.html
new file mode 100644
index 000000000..aeb212890
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_in_before.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_in_init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_in_before, SSL_in_init, SSL_is_init_finished, SSL_in_connect_init, SSL_in_accept_init, SSL_get_state - retrieve information about the handshake state machine</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_in_init(const SSL *s);
+ int SSL_in_before(const SSL *s);
+ int SSL_is_init_finished(const SSL *s);
+
+ int SSL_in_connect_init(SSL *s);
+ int SSL_in_accept_init(SSL *s);
+
+ OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_in_init() returns 1 if the SSL/TLS state machine is currently processing or awaiting handshake messages, or 0 otherwise.</p>
+
+<p>SSL_in_before() returns 1 if no SSL/TLS handshake has yet been initiated, or 0 otherwise.</p>
+
+<p>SSL_is_init_finished() returns 1 if the SSL/TLS connection is in a state where fully protected application data can be transferred or 0 otherwise.</p>
+
+<p>Note that in some circumstances (such as when early data is being transferred) SSL_in_init(), SSL_in_before() and SSL_is_init_finished() can all return 0.</p>
+
+<p>SSL_in_connect_init() returns 1 if <b>s</b> is acting as a client and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_accept_init() returns 1 if <b>s</b> is acting as a server and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_connect_init() and SSL_in_accept_init() are implemented as macros.</p>
+
+<p>SSL_get_state() returns a value indicating the current state of the handshake state machine. OSSL_HANDSHAKE_STATE is an enumerated type where each value indicates a discrete state machine state. Note that future versions of OpenSSL may define more states so applications should expect to receive unrecognised state values. The naming format is made up of a number of elements as follows:</p>
+
+<p><b>protocol</b>_ST_<b>role</b>_<b>message</b></p>
+
+<p><b>protocol</b> is one of TLS or DTLS. DTLS is used where a state is specific to the DTLS protocol. Otherwise TLS is used.</p>
+
+<p><b>role</b> is one of CR, CW, SR or SW to indicate &quot;client reading&quot;, &quot;client writing&quot;, &quot;server reading&quot; or &quot;server writing&quot; respectively.</p>
+
+<p><b>message</b> is the name of a handshake message that is being or has been sent, or is being or has been processed.</p>
+
+<p>Additionally there are some special states that do not conform to the above format. These are:</p>
+
+<dl>
+
+<dt id="TLS_ST_BEFORE">TLS_ST_BEFORE</dt>
+<dd>
+
+<p>No handshake messages have yet been been sent or received.</p>
+
+</dd>
+<dt id="TLS_ST_OK">TLS_ST_OK</dt>
+<dd>
+
+<p>Handshake message sending/processing has completed.</p>
+
+</dd>
+<dt id="TLS_ST_EARLY_DATA">TLS_ST_EARLY_DATA</dt>
+<dd>
+
+<p>Early data is being processed</p>
+
+</dd>
+<dt id="TLS_ST_PENDING_EARLY_DATA_END">TLS_ST_PENDING_EARLY_DATA_END</dt>
+<dd>
+
+<p>Awaiting the end of early data processing</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_in_init(), SSL_in_before(), SSL_is_init_finished(), SSL_in_connect_init() and SSL_in_accept_init() return values as indicated above.</p>
+
+<p>SSL_get_state() returns the current handshake state.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_in_connect_init.html b/msys2/usr/share/doc/openssl/html/man3/SSL_in_connect_init.html
new file mode 100644
index 000000000..aeb212890
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_in_connect_init.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_in_init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_in_before, SSL_in_init, SSL_is_init_finished, SSL_in_connect_init, SSL_in_accept_init, SSL_get_state - retrieve information about the handshake state machine</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_in_init(const SSL *s);
+ int SSL_in_before(const SSL *s);
+ int SSL_is_init_finished(const SSL *s);
+
+ int SSL_in_connect_init(SSL *s);
+ int SSL_in_accept_init(SSL *s);
+
+ OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_in_init() returns 1 if the SSL/TLS state machine is currently processing or awaiting handshake messages, or 0 otherwise.</p>
+
+<p>SSL_in_before() returns 1 if no SSL/TLS handshake has yet been initiated, or 0 otherwise.</p>
+
+<p>SSL_is_init_finished() returns 1 if the SSL/TLS connection is in a state where fully protected application data can be transferred or 0 otherwise.</p>
+
+<p>Note that in some circumstances (such as when early data is being transferred) SSL_in_init(), SSL_in_before() and SSL_is_init_finished() can all return 0.</p>
+
+<p>SSL_in_connect_init() returns 1 if <b>s</b> is acting as a client and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_accept_init() returns 1 if <b>s</b> is acting as a server and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_connect_init() and SSL_in_accept_init() are implemented as macros.</p>
+
+<p>SSL_get_state() returns a value indicating the current state of the handshake state machine. OSSL_HANDSHAKE_STATE is an enumerated type where each value indicates a discrete state machine state. Note that future versions of OpenSSL may define more states so applications should expect to receive unrecognised state values. The naming format is made up of a number of elements as follows:</p>
+
+<p><b>protocol</b>_ST_<b>role</b>_<b>message</b></p>
+
+<p><b>protocol</b> is one of TLS or DTLS. DTLS is used where a state is specific to the DTLS protocol. Otherwise TLS is used.</p>
+
+<p><b>role</b> is one of CR, CW, SR or SW to indicate &quot;client reading&quot;, &quot;client writing&quot;, &quot;server reading&quot; or &quot;server writing&quot; respectively.</p>
+
+<p><b>message</b> is the name of a handshake message that is being or has been sent, or is being or has been processed.</p>
+
+<p>Additionally there are some special states that do not conform to the above format. These are:</p>
+
+<dl>
+
+<dt id="TLS_ST_BEFORE">TLS_ST_BEFORE</dt>
+<dd>
+
+<p>No handshake messages have yet been been sent or received.</p>
+
+</dd>
+<dt id="TLS_ST_OK">TLS_ST_OK</dt>
+<dd>
+
+<p>Handshake message sending/processing has completed.</p>
+
+</dd>
+<dt id="TLS_ST_EARLY_DATA">TLS_ST_EARLY_DATA</dt>
+<dd>
+
+<p>Early data is being processed</p>
+
+</dd>
+<dt id="TLS_ST_PENDING_EARLY_DATA_END">TLS_ST_PENDING_EARLY_DATA_END</dt>
+<dd>
+
+<p>Awaiting the end of early data processing</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_in_init(), SSL_in_before(), SSL_is_init_finished(), SSL_in_connect_init() and SSL_in_accept_init() return values as indicated above.</p>
+
+<p>SSL_get_state() returns the current handshake state.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_in_init.html b/msys2/usr/share/doc/openssl/html/man3/SSL_in_init.html
new file mode 100644
index 000000000..aeb212890
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_in_init.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_in_init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_in_before, SSL_in_init, SSL_is_init_finished, SSL_in_connect_init, SSL_in_accept_init, SSL_get_state - retrieve information about the handshake state machine</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_in_init(const SSL *s);
+ int SSL_in_before(const SSL *s);
+ int SSL_is_init_finished(const SSL *s);
+
+ int SSL_in_connect_init(SSL *s);
+ int SSL_in_accept_init(SSL *s);
+
+ OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_in_init() returns 1 if the SSL/TLS state machine is currently processing or awaiting handshake messages, or 0 otherwise.</p>
+
+<p>SSL_in_before() returns 1 if no SSL/TLS handshake has yet been initiated, or 0 otherwise.</p>
+
+<p>SSL_is_init_finished() returns 1 if the SSL/TLS connection is in a state where fully protected application data can be transferred or 0 otherwise.</p>
+
+<p>Note that in some circumstances (such as when early data is being transferred) SSL_in_init(), SSL_in_before() and SSL_is_init_finished() can all return 0.</p>
+
+<p>SSL_in_connect_init() returns 1 if <b>s</b> is acting as a client and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_accept_init() returns 1 if <b>s</b> is acting as a server and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_connect_init() and SSL_in_accept_init() are implemented as macros.</p>
+
+<p>SSL_get_state() returns a value indicating the current state of the handshake state machine. OSSL_HANDSHAKE_STATE is an enumerated type where each value indicates a discrete state machine state. Note that future versions of OpenSSL may define more states so applications should expect to receive unrecognised state values. The naming format is made up of a number of elements as follows:</p>
+
+<p><b>protocol</b>_ST_<b>role</b>_<b>message</b></p>
+
+<p><b>protocol</b> is one of TLS or DTLS. DTLS is used where a state is specific to the DTLS protocol. Otherwise TLS is used.</p>
+
+<p><b>role</b> is one of CR, CW, SR or SW to indicate &quot;client reading&quot;, &quot;client writing&quot;, &quot;server reading&quot; or &quot;server writing&quot; respectively.</p>
+
+<p><b>message</b> is the name of a handshake message that is being or has been sent, or is being or has been processed.</p>
+
+<p>Additionally there are some special states that do not conform to the above format. These are:</p>
+
+<dl>
+
+<dt id="TLS_ST_BEFORE">TLS_ST_BEFORE</dt>
+<dd>
+
+<p>No handshake messages have yet been been sent or received.</p>
+
+</dd>
+<dt id="TLS_ST_OK">TLS_ST_OK</dt>
+<dd>
+
+<p>Handshake message sending/processing has completed.</p>
+
+</dd>
+<dt id="TLS_ST_EARLY_DATA">TLS_ST_EARLY_DATA</dt>
+<dd>
+
+<p>Early data is being processed</p>
+
+</dd>
+<dt id="TLS_ST_PENDING_EARLY_DATA_END">TLS_ST_PENDING_EARLY_DATA_END</dt>
+<dd>
+
+<p>Awaiting the end of early data processing</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_in_init(), SSL_in_before(), SSL_is_init_finished(), SSL_in_connect_init() and SSL_in_accept_init() return values as indicated above.</p>
+
+<p>SSL_get_state() returns the current handshake state.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_is_dtls.html b/msys2/usr/share/doc/openssl/html/man3/SSL_is_dtls.html
new file mode 100644
index 000000000..4da1a9eba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_is_dtls.html
@@ -0,0 +1,145 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the protocol information of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_client_version(const SSL *s);
+
+ const char *SSL_get_version(const SSL *ssl);
+
+ int SSL_is_dtls(const SSL *ssl);
+
+ int SSL_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_client_version() returns the numeric protocol version advertised by the client in the legacy_version field of the ClientHello when initiating the connection. Note that, for TLS, this value will never indicate a version greater than TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version() returns the name of the protocol used for the connection. SSL_version() returns the numeric protocol version used for the connection. They should only be called after the initial handshake has been completed. Prior to that the results returned from these functions may be unreliable.</p>
+
+<p>SSL_is_dtls() returns one if the connection is using DTLS, zero if not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_version() returns one of the following strings:</p>
+
+<dl>
+
+<dt id="SSLv3">SSLv3</dt>
+<dd>
+
+<p>The connection uses the SSLv3 protocol.</p>
+
+</dd>
+<dt id="TLSv1">TLSv1</dt>
+<dd>
+
+<p>The connection uses the TLSv1.0 protocol.</p>
+
+</dd>
+<dt id="TLSv1.1">TLSv1.1</dt>
+<dd>
+
+<p>The connection uses the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1.2">TLSv1.2</dt>
+<dd>
+
+<p>The connection uses the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1.3">TLSv1.3</dt>
+<dd>
+
+<p>The connection uses the TLSv1.3 protocol.</p>
+
+</dd>
+<dt id="unknown">unknown</dt>
+<dd>
+
+<p>This indicates an unknown protocol version.</p>
+
+</dd>
+</dl>
+
+<p>SSL_version() and SSL_client_version() return an integer which could include any of the following:</p>
+
+<dl>
+
+<dt id="SSL3_VERSION">SSL3_VERSION</dt>
+<dd>
+
+<p>The connection uses the SSLv3 protocol.</p>
+
+</dd>
+<dt id="TLS1_VERSION">TLS1_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.0 protocol.</p>
+
+</dd>
+<dt id="TLS1_1_VERSION">TLS1_1_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLS1_2_VERSION">TLS1_2_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLS1_3_VERSION">TLS1_3_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.3 protocol (never returned for SSL_client_version()).</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_is_dtls() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_is_init_finished.html b/msys2/usr/share/doc/openssl/html/man3/SSL_is_init_finished.html
new file mode 100644
index 000000000..aeb212890
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_is_init_finished.html
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_in_init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_in_before, SSL_in_init, SSL_is_init_finished, SSL_in_connect_init, SSL_in_accept_init, SSL_get_state - retrieve information about the handshake state machine</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_in_init(const SSL *s);
+ int SSL_in_before(const SSL *s);
+ int SSL_is_init_finished(const SSL *s);
+
+ int SSL_in_connect_init(SSL *s);
+ int SSL_in_accept_init(SSL *s);
+
+ OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_in_init() returns 1 if the SSL/TLS state machine is currently processing or awaiting handshake messages, or 0 otherwise.</p>
+
+<p>SSL_in_before() returns 1 if no SSL/TLS handshake has yet been initiated, or 0 otherwise.</p>
+
+<p>SSL_is_init_finished() returns 1 if the SSL/TLS connection is in a state where fully protected application data can be transferred or 0 otherwise.</p>
+
+<p>Note that in some circumstances (such as when early data is being transferred) SSL_in_init(), SSL_in_before() and SSL_is_init_finished() can all return 0.</p>
+
+<p>SSL_in_connect_init() returns 1 if <b>s</b> is acting as a client and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_accept_init() returns 1 if <b>s</b> is acting as a server and SSL_in_init() would return 1, or 0 otherwise.</p>
+
+<p>SSL_in_connect_init() and SSL_in_accept_init() are implemented as macros.</p>
+
+<p>SSL_get_state() returns a value indicating the current state of the handshake state machine. OSSL_HANDSHAKE_STATE is an enumerated type where each value indicates a discrete state machine state. Note that future versions of OpenSSL may define more states so applications should expect to receive unrecognised state values. The naming format is made up of a number of elements as follows:</p>
+
+<p><b>protocol</b>_ST_<b>role</b>_<b>message</b></p>
+
+<p><b>protocol</b> is one of TLS or DTLS. DTLS is used where a state is specific to the DTLS protocol. Otherwise TLS is used.</p>
+
+<p><b>role</b> is one of CR, CW, SR or SW to indicate &quot;client reading&quot;, &quot;client writing&quot;, &quot;server reading&quot; or &quot;server writing&quot; respectively.</p>
+
+<p><b>message</b> is the name of a handshake message that is being or has been sent, or is being or has been processed.</p>
+
+<p>Additionally there are some special states that do not conform to the above format. These are:</p>
+
+<dl>
+
+<dt id="TLS_ST_BEFORE">TLS_ST_BEFORE</dt>
+<dd>
+
+<p>No handshake messages have yet been been sent or received.</p>
+
+</dd>
+<dt id="TLS_ST_OK">TLS_ST_OK</dt>
+<dd>
+
+<p>Handshake message sending/processing has completed.</p>
+
+</dd>
+<dt id="TLS_ST_EARLY_DATA">TLS_ST_EARLY_DATA</dt>
+<dd>
+
+<p>Early data is being processed</p>
+
+</dd>
+<dt id="TLS_ST_PENDING_EARLY_DATA_END">TLS_ST_PENDING_EARLY_DATA_END</dt>
+<dd>
+
+<p>Awaiting the end of early data processing</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_in_init(), SSL_in_before(), SSL_is_init_finished(), SSL_in_connect_init() and SSL_in_accept_init() return values as indicated above.</p>
+
+<p>SSL_get_state() returns the current handshake state.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_is_server.html b/msys2/usr/share/doc/openssl/html/man3/SSL_is_server.html
new file mode 100644
index 000000000..be735c533
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_is_server.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_connect_state</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_connect_state, SSL_set_accept_state, SSL_is_server - functions for manipulating and examining the client or server mode of an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_connect_state(SSL *ssl);
+
+ void SSL_set_accept_state(SSL *ssl);
+
+ int SSL_is_server(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_connect_state() sets <b>ssl</b> to work in client mode.</p>
+
+<p>SSL_set_accept_state() sets <b>ssl</b> to work in server mode.</p>
+
+<p>SSL_is_server() checks if <b>ssl</b> is working in server mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When the SSL_CTX object was created with <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, it was either assigned a dedicated client method, a dedicated server method, or a generic method, that can be used for both client and server connections. (The method might have been changed with <a href="../man3/SSL_CTX_set_ssl_version.html">SSL_CTX_set_ssl_version(3)</a> or <a href="../man3/SSL_set_ssl_method.html">SSL_set_ssl_method(3)</a>.)</p>
+
+<p>When beginning a new handshake, the SSL engine must know whether it must call the connect (client) or accept (server) routines. Even though it may be clear from the method chosen, whether client or server mode was requested, the handshake routines must be explicitly set.</p>
+
+<p>When using the <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a> routines, the correct handshake routines are automatically set. When performing a transparent negotiation using <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, or <a href="../man3/SSL_read.html">SSL_read(3)</a>, the handshake routines must be explicitly set in advance using either SSL_set_connect_state() or SSL_set_accept_state().</p>
+
+<p>If SSL_is_server() is called before SSL_set_connect_state() or SSL_set_accept_state() is called (either automatically or explicitly), the result depends on what method was used when SSL_CTX was created with <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>. If a generic method or a dedicated server method was passed to <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, SSL_is_server() returns 1; otherwise, it returns 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_connect_state() and SSL_set_accept_state() do not return diagnostic information.</p>
+
+<p>SSL_is_server() returns 1 if <b>ssl</b> is working in server mode or 0 for client mode.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_ssl_version.html">SSL_CTX_set_ssl_version(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_key_update.html b/msys2/usr/share/doc/openssl/html/man3/SSL_key_update.html
new file mode 100644
index 000000000..bb21045ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_key_update.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_key_update</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_key_update, SSL_get_key_update_type, SSL_renegotiate, SSL_renegotiate_abbreviated, SSL_renegotiate_pending - initiate and obtain information about updating connection keys</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_key_update(SSL *s, int updatetype);
+ int SSL_get_key_update_type(const SSL *s);
+
+ int SSL_renegotiate(SSL *s);
+ int SSL_renegotiate_abbreviated(SSL *s);
+ int SSL_renegotiate_pending(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_key_update() schedules an update of the keys for the current TLS connection. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_NOT_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change along with a request for the peer to additionally update its sending keys. It is an error if <b>updatetype</b> is set to <b>SSL_KEY_UPDATE_NONE</b>.</p>
+
+<p>SSL_key_update() must only be called after the initial handshake has been completed and TLSv1.3 has been negotiated. The key update will not take place until the next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection. Alternatively SSL_do_handshake() can be called to force the update to take place immediately.</p>
+
+<p>SSL_get_key_update_type() can be used to determine whether a key update operation has been scheduled but not yet performed. The type of the pending key update operation will be returned if there is one, or SSL_KEY_UPDATE_NONE otherwise.</p>
+
+<p>SSL_renegotiate() and SSL_renegotiate_abbreviated() should only be called for connections that have negotiated TLSv1.2 or less. Calling them on any other connection will result in an error.</p>
+
+<p>When called from the client side, SSL_renegotiate() schedules a completely new handshake over an existing SSL/TLS connection. The next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection a check will be performed to confirm that it is a suitable time to start a renegotiation. If so, then it will be initiated immediately. OpenSSL will not attempt to resume any session associated with the connection in the new handshake.</p>
+
+<p>When called from the client side, SSL_renegotiate_abbreviated() works in the same was as SSL_renegotiate() except that OpenSSL will attempt to resume the session associated with the current connection in the new handshake.</p>
+
+<p>When called from the server side, SSL_renegotiate() and SSL_renegotiate_abbreviated() behave identically. They both schedule a request for a new handshake to be sent to the client. The next time an IO operation is performed then the same checks as on the client side are performed and then, if appropriate, the request is sent. The client may or may not respond with a new handshake and it may or may not attempt to resume an existing session. If a new handshake is started then this will be handled transparently by calling any OpenSSL IO function.</p>
+
+<p>If an OpenSSL client receives a renegotiation request from a server then again this will be handled transparently through calling any OpenSSL IO function. For a TLS connection the client will attempt to resume the current session in the new handshake. For historical reasons, DTLS clients will not attempt to resume the session in the new handshake.</p>
+
+<p>The SSL_renegotiate_pending() function returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_key_update(), SSL_renegotiate() and SSL_renegotiate_abbreviated() return 1 on success or 0 on error.</p>
+
+<p>SSL_get_key_update_type() returns the update type of the pending key update operation or SSL_KEY_UPDATE_NONE if there is none.</p>
+
+<p>SSL_renegotiate_pending() returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_key_update() and SSL_get_key_update_type() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_library_init.html b/msys2/usr/share/doc/openssl/html/man3/SSL_library_init.html
new file mode 100644
index 000000000..c7e7b8fa7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_library_init.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_library_init</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_library_init, OpenSSL_add_ssl_algorithms - initialize SSL library by registering algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_library_init(void);
+
+ int OpenSSL_add_ssl_algorithms(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_library_init() registers the available SSL/TLS ciphers and digests.</p>
+
+<p>OpenSSL_add_ssl_algorithms() is a synonym for SSL_library_init() and is implemented as a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_library_init() must be called before any other action takes place. SSL_library_init() is not reentrant.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>SSL_library_init() adds ciphers and digests used directly and indirectly by SSL/TLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_library_init() always returns &quot;1&quot;, so it is safe to discard the return value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/RAND_add.html">RAND_add(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_library_init() and OpenSSL_add_ssl_algorithms() functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_ssl().</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_load_client_CA_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_load_client_CA_file.html
new file mode 100644
index 000000000..df9ef77e4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_load_client_CA_file.html
@@ -0,0 +1,93 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_load_client_CA_file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_load_client_CA_file - load certificate names from file</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_load_client_CA_file() reads certificates from <b>file</b> and returns a STACK_OF(X509_NAME) with the subject names found.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_load_client_CA_file() reads a file of PEM formatted certificates and extracts the X509_NAMES of the certificates found. While the name suggests the specific usage as support function for <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, it is not limited to CA certificates.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Load names of CAs from file and use it as a client CA list:</p>
+
+<pre><code> SSL_CTX *ctx;
+ STACK_OF(X509_NAME) *cert_names;
+
+ ...
+ cert_names = SSL_load_client_CA_file(&quot;/path/to/CAfile.pem&quot;);
+ if (cert_names != NULL)
+     SSL_CTX_set_client_CA_list(ctx, cert_names);
+ else
+     /* error */
+ ...</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The operation failed, check out the error stack for the reason.</p>
+
+</dd>
+<dt id="Pointer-to-STACK_OF-X509_NAME">Pointer to STACK_OF(X509_NAME)</dt>
+<dd>
+
+<p>Pointer to the subject names of the successfully read certificates.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_load_error_strings.html b/msys2/usr/share/doc/openssl/html/man3/SSL_load_error_strings.html
new file mode 100644
index 000000000..ff69f12c2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_load_error_strings.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ERR_load_crypto_strings</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings - load and free error strings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>Deprecated:</p>
+
+<pre><code> #include &lt;openssl/err.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void ERR_load_crypto_strings(void);
+ void ERR_free_strings(void);
+ #endif
+
+ #include &lt;openssl/ssl.h&gt;
+
+ #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void SSL_load_error_strings(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>ERR_load_crypto_strings() registers the error strings for all <b>libcrypto</b> functions. SSL_load_error_strings() does the same, but also registers the <b>libssl</b> error strings.</p>
+
+<p>In versions prior to OpenSSL 1.1.0, ERR_free_strings() releases any resources created by the above functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ERR_load_crypto_strings(), SSL_load_error_strings() and ERR_free_strings() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_error_string.html">ERR_error_string(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ERR_load_crypto_strings(), SSL_load_error_strings(), and ERR_free_strings() functions were deprecated in OpenSSL 1.1.0 by OPENSSL_init_crypto() and OPENSSL_init_ssl() and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_new.html b/msys2/usr/share/doc/openssl/html/man3/SSL_new.html
new file mode 100644
index 000000000..1f1f51b25
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_new.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_dup, SSL_new, SSL_up_ref - create an SSL structure for a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL *SSL_dup(SSL *s);
+ SSL *SSL_new(SSL_CTX *ctx);
+ int SSL_up_ref(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_new() creates a new <b>SSL</b> structure which is needed to hold the data for a TLS/SSL connection. The new structure inherits the settings of the underlying context <b>ctx</b>: connection method, options, verification settings, timeout settings. An <b>SSL</b> structure is reference counted. Creating an <b>SSL</b> structure for the first time increments the reference count. Freeing it (using SSL_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL</b> structure are freed.</p>
+
+<p>SSL_up_ref() increments the reference count for an existing <b>SSL</b> structure.</p>
+
+<p>SSL_dup() duplicates an existing <b>SSL</b> structure into a new allocated one. All settings are inherited from the original <b>SSL</b> structure. Dynamic data (i.e. existing connection details) are not copied, the new <b>SSL</b> is set into an initial accept (server) or connect (client) state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL structure failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL-structure">Pointer to an SSL structure</dt>
+<dd>
+
+<p>The return value points to an allocated SSL structure.</p>
+
+<p>SSL_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_get_SSL_CTX.html">SSL_get_SSL_CTX(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_peek.html b/msys2/usr/share/doc/openssl/html/man3/SSL_peek.html
new file mode 100644
index 000000000..eabd49bd2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_peek.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_read_ex, SSL_read, SSL_peek_ex, SSL_peek - read bytes from a TLS/SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+ int SSL_read(SSL *ssl, void *buf, int num);
+
+ int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+ int SSL_peek(SSL *ssl, void *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_read_ex() and SSL_read() try to read <b>num</b> bytes from the specified <b>ssl</b> into the buffer <b>buf</b>. On success SSL_read_ex() will store the number of bytes actually read in <b>*readbytes</b>.</p>
+
+<p>SSL_peek_ex() and SSL_peek() are identical to SSL_read_ex() and SSL_read() respectively except no bytes are actually removed from the underlying BIO during the read, so that a subsequent call to SSL_read_ex() or SSL_read() will yield at least the same bytes.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In the paragraphs below a &quot;read function&quot; is defined as one of SSL_read_ex(), SSL_read(), SSL_peek_ex() or SSL_peek().</p>
+
+<p>If necessary, a read function will negotiate a TLS/SSL session, if not already explicitly performed by <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. If the peer requests a re-negotiation, it will be performed transparently during the read function operation. The behaviour of the read functions depends on the underlying BIO.</p>
+
+<p>For the transparent negotiation to succeed, the <b>ssl</b> must have been initialized to client or server mode. This is being done by calling <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a> or SSL_set_accept_state() before the first invocation of a read function.</p>
+
+<p>The read functions work based on the SSL/TLS records. The data are received in records (with a maximum record size of 16kB). Only when a record has been completely received, can it be processed (decryption and check of integrity). Therefore data that was not retrieved at the last read call can still be buffered inside the SSL layer and will be retrieved on the next read call. If <b>num</b> is higher than the number of bytes buffered then the read functions will return with the bytes buffered. If no more bytes are in the buffer, the read functions will trigger the processing of the next record. Only when the record has been received and processed completely will the read functions return reporting success. At most the contents of one record will be returned. As the size of an SSL/TLS record may exceed the maximum packet size of the underlying transport (e.g. TCP), it may be necessary to read several packets from the transport layer before the record is complete and the read call can succeed.</p>
+
+<p>If <b>SSL_MODE_AUTO_RETRY</b> has been switched off and a non-application data record has been processed, the read function can return and set the error to <b>SSL_ERROR_WANT_READ</b>. In this case there might still be unprocessed data available in the <b>BIO</b>. If read ahead was set using <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, there might also still be unprocessed data available in the <b>SSL</b>. This behaviour can be controlled using the <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> call.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, a read function will only return once the read operation has been finished or an error occurred, except when a non-application data record has been processed and <b>SSL_MODE_AUTO_RETRY</b> is not set. Note that if <b>SSL_MODE_AUTO_RETRY</b> is set and only non-application data is available the call will hang.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b>, a read function will also return when the underlying BIO could not satisfy the needs of the function to continue the operation. In this case a call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value of the read function will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. As at any time it&#39;s possible that non-application data needs to be sent, a read function can also cause write operations. The calling process then must repeat the call after taking appropriate action to satisfy the needs of the read function. The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<p><a href="../man3/SSL_pending.html">SSL_pending(3)</a> can be used to find out whether there are buffered bytes available for immediate retrieval. In this case the read function can be called without blocking or actually receiving new data from the underlying socket.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_read_ex() and SSL_peek_ex() will return 1 for success or 0 for failure. Success means that 1 or more application data bytes have been read from the SSL connection. Failure means that no bytes could be read from the SSL connection. Failures can be retryable (e.g. we are waiting for more bytes to be delivered by the network) or non-retryable (e.g. a fatal network error). In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to find out the reason which indicates whether the call is retryable or not.</p>
+
+<p>For SSL_read() and SSL_peek() the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">&gt; 0</dt>
+<dd>
+
+<p>The read operation was successful. The return value is the number of bytes actually read from the TLS/SSL connection.</p>
+
+</dd>
+<dt id="pod-0">&lt;= 0</dt>
+<dd>
+
+<p>The read operation was not successful, because either the connection was closed, an error occurred or action must be taken by the calling process. Call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value <b>ret</b> to find out the reason.</p>
+
+<p>Old documentation indicated a difference between 0 and -1, and that -1 was retryable. You should instead call SSL_get_error() to find out if it&#39;s retryable.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_read_ex() and SSL_peek_ex() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a> <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_peek_ex.html b/msys2/usr/share/doc/openssl/html/man3/SSL_peek_ex.html
new file mode 100644
index 000000000..eabd49bd2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_peek_ex.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_read_ex, SSL_read, SSL_peek_ex, SSL_peek - read bytes from a TLS/SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+ int SSL_read(SSL *ssl, void *buf, int num);
+
+ int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+ int SSL_peek(SSL *ssl, void *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_read_ex() and SSL_read() try to read <b>num</b> bytes from the specified <b>ssl</b> into the buffer <b>buf</b>. On success SSL_read_ex() will store the number of bytes actually read in <b>*readbytes</b>.</p>
+
+<p>SSL_peek_ex() and SSL_peek() are identical to SSL_read_ex() and SSL_read() respectively except no bytes are actually removed from the underlying BIO during the read, so that a subsequent call to SSL_read_ex() or SSL_read() will yield at least the same bytes.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In the paragraphs below a &quot;read function&quot; is defined as one of SSL_read_ex(), SSL_read(), SSL_peek_ex() or SSL_peek().</p>
+
+<p>If necessary, a read function will negotiate a TLS/SSL session, if not already explicitly performed by <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. If the peer requests a re-negotiation, it will be performed transparently during the read function operation. The behaviour of the read functions depends on the underlying BIO.</p>
+
+<p>For the transparent negotiation to succeed, the <b>ssl</b> must have been initialized to client or server mode. This is being done by calling <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a> or SSL_set_accept_state() before the first invocation of a read function.</p>
+
+<p>The read functions work based on the SSL/TLS records. The data are received in records (with a maximum record size of 16kB). Only when a record has been completely received, can it be processed (decryption and check of integrity). Therefore data that was not retrieved at the last read call can still be buffered inside the SSL layer and will be retrieved on the next read call. If <b>num</b> is higher than the number of bytes buffered then the read functions will return with the bytes buffered. If no more bytes are in the buffer, the read functions will trigger the processing of the next record. Only when the record has been received and processed completely will the read functions return reporting success. At most the contents of one record will be returned. As the size of an SSL/TLS record may exceed the maximum packet size of the underlying transport (e.g. TCP), it may be necessary to read several packets from the transport layer before the record is complete and the read call can succeed.</p>
+
+<p>If <b>SSL_MODE_AUTO_RETRY</b> has been switched off and a non-application data record has been processed, the read function can return and set the error to <b>SSL_ERROR_WANT_READ</b>. In this case there might still be unprocessed data available in the <b>BIO</b>. If read ahead was set using <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, there might also still be unprocessed data available in the <b>SSL</b>. This behaviour can be controlled using the <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> call.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, a read function will only return once the read operation has been finished or an error occurred, except when a non-application data record has been processed and <b>SSL_MODE_AUTO_RETRY</b> is not set. Note that if <b>SSL_MODE_AUTO_RETRY</b> is set and only non-application data is available the call will hang.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b>, a read function will also return when the underlying BIO could not satisfy the needs of the function to continue the operation. In this case a call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value of the read function will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. As at any time it&#39;s possible that non-application data needs to be sent, a read function can also cause write operations. The calling process then must repeat the call after taking appropriate action to satisfy the needs of the read function. The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<p><a href="../man3/SSL_pending.html">SSL_pending(3)</a> can be used to find out whether there are buffered bytes available for immediate retrieval. In this case the read function can be called without blocking or actually receiving new data from the underlying socket.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_read_ex() and SSL_peek_ex() will return 1 for success or 0 for failure. Success means that 1 or more application data bytes have been read from the SSL connection. Failure means that no bytes could be read from the SSL connection. Failures can be retryable (e.g. we are waiting for more bytes to be delivered by the network) or non-retryable (e.g. a fatal network error). In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to find out the reason which indicates whether the call is retryable or not.</p>
+
+<p>For SSL_read() and SSL_peek() the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">&gt; 0</dt>
+<dd>
+
+<p>The read operation was successful. The return value is the number of bytes actually read from the TLS/SSL connection.</p>
+
+</dd>
+<dt id="pod-0">&lt;= 0</dt>
+<dd>
+
+<p>The read operation was not successful, because either the connection was closed, an error occurred or action must be taken by the calling process. Call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value <b>ret</b> to find out the reason.</p>
+
+<p>Old documentation indicated a difference between 0 and -1, and that -1 was retryable. You should instead call SSL_get_error() to find out if it&#39;s retryable.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_read_ex() and SSL_peek_ex() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a> <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_pending.html b/msys2/usr/share/doc/openssl/html/man3/SSL_pending.html
new file mode 100644
index 000000000..65341e765
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_pending.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_pending</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_pending, SSL_has_pending - check for readable bytes buffered in an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_pending(const SSL *ssl);
+ int SSL_has_pending(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Data is received in whole blocks known as records from the peer. A whole record is processed (e.g. decrypted) in one go and is buffered by OpenSSL until it is read by the application via a call to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> or <a href="../man3/SSL_read.html">SSL_read(3)</a>.</p>
+
+<p>SSL_pending() returns the number of bytes which have been processed, buffered and are available inside <b>ssl</b> for immediate read.</p>
+
+<p>If the <b>SSL</b> object&#39;s <i>read_ahead</i> flag is set (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>), additional protocol bytes (beyond the current record) may have been read containing more TLS/SSL records. This also applies to DTLS and pipelining (see <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a>). These additional bytes will be buffered by OpenSSL but will remain unprocessed until they are needed. As these bytes are still in an unprocessed state SSL_pending() will ignore them. Therefore it is possible for no more bytes to be readable from the underlying BIO (because OpenSSL has already read them) and for SSL_pending() to return 0, even though readable application data bytes are available (because the data is in unprocessed buffered records).</p>
+
+<p>SSL_has_pending() returns 1 if <b>s</b> has buffered data (whether processed or unprocessed) and 0 otherwise. Note that it is possible for SSL_has_pending() to return 1, and then a subsequent call to SSL_read_ex() or SSL_read() to return no data because the unprocessed buffered data when processed yielded no application data (for example this can happen during renegotiation). It is also possible in this scenario for SSL_has_pending() to continue to return 1 even after an SSL_read_ex() or SSL_read() call because the buffered and unprocessed data is not yet processable (e.g. because OpenSSL has only received a partial record so far).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_pending() returns the number of buffered and processed application data bytes that are pending and are available for immediate read. SSL_has_pending() returns 1 if there is buffered record data in the SSL object and 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_CTX_set_split_send_fragment.html">SSL_CTX_set_split_send_fragment(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_has_pending() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_psk_client_cb_func.html b/msys2/usr/share/doc/openssl/html/man3/SSL_psk_client_cb_func.html
new file mode 100644
index 000000000..2e073abef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_psk_client_cb_func.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_psk_client_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_client_cb_func, SSL_psk_use_session_cb_func, SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback, SSL_CTX_set_psk_use_session_callback, SSL_set_psk_use_session_callback - set PSK client callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_use_session_cb_func)(SSL *ssl, const EVP_MD *md,
+                                            const unsigned char **id,
+                                            size_t *idlen,
+                                            SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
+                                           SSL_psk_use_session_cb_func cb);
+ void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
+
+
+ typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+                                                const char *hint,
+                                                char *identity,
+                                                unsigned int max_identity_len,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+ void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should use either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate. These functions cannot be used for TLSv1.2 and below PSKs.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b>.</p>
+
+<p>The first time the callback is called for a connection the <b>md</b> parameter is NULL. In some circumstances the callback will be called a second time. In that case the server will have specified a ciphersuite to use already and the PSK must be compatible with the digest for that ciphersuite. The digest will be given in <b>md</b>. The PSK returned by the callback is allowed to be different between the first and second time it is called.</p>
+
+<p>On successful completion the callback must store a pointer to an identifier for the PSK in <b>*id</b>. The identifier length in bytes should be stored in <b>*idlen</b>. The memory pointed to by <b>*id</b> remains owned by the application and should be freed by it as required at any point after the handshake is complete.</p>
+
+<p>Additionally the callback should store a pointer to an SSL_SESSION object in <b>*sess</b>. This is used as the basis for the PSK, and should, at a minimum, have the following fields set:</p>
+
+<dl>
+
+<dt id="The-master-key">The master key</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set1_master_key.html">SSL_SESSION_set1_master_key(3)</a>.</p>
+
+</dd>
+<dt id="A-ciphersuite">A ciphersuite</dt>
+<dd>
+
+<p>Only the handshake digest associated with the ciphersuite is relevant for the PSK (the server may go on to negotiate any ciphersuite which is compatible with the digest). The application can use any TLSv1.3 ciphersuite. If <b>md</b> is not NULL the handshake digest for the ciphersuite should be the same. The ciphersuite can be set via a call to &lt;SSL_SESSION_set_cipher(3)&gt;. The handshake digest of an SSL_CIPHER object can be checked using &lt;SSL_CIPHER_get_handshake_digest(3)&gt;.</p>
+
+</dd>
+<dt id="The-protocol-version">The protocol version</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set_protocol_version.html">SSL_SESSION_set_protocol_version(3)</a> and should be TLS1_3_VERSION.</p>
+
+</dd>
+</dl>
+
+<p>Additionally the maximum early data value should be set via a call to <a href="../man3/SSL_SESSION_set_max_early_data.html">SSL_SESSION_set_max_early_data(3)</a> if the PSK will be used for sending early data.</p>
+
+<p>Alternatively an SSL_SESSION created from a previous non-PSK handshake may also be used as the basis for a PSK.</p>
+
+<p>Ownership of the SSL_SESSION object is passed to the OpenSSL library and so it should not be freed by the application.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be sent to the server but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL. The contents of <b>*id</b> and <b>*idlen</b> will be ignored.</p>
+
+<p>A client application wishing to use PSK ciphersuites for TLSv1.2 and below must provide a different callback function. This function will be called when the client is sending the ClientKeyExchange message to the server.</p>
+
+<p>The purpose of the callback function is to select the PSK identity and the pre-shared key to use during the connection setup phase.</p>
+
+<p>The callback is set using functions SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback(). The callback function is given the connection in parameter <b>ssl</b>, a <b>NULL</b>-terminated PSK identity hint sent by the server in parameter <b>hint</b>, a buffer <b>identity</b> of length <b>max_identity_len</b> bytes where the resulting <b>NUL</b>-terminated identity is to be stored, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the resulting pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback() and use that. In this case the <b>hint</b> value will always be NULL and the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Note that parameter <b>hint</b> given to the callback may be <b>NULL</b>.</p>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Return values from the <b>SSL_psk_client_cb_func</b> callback are interpreted as follows:</p>
+
+<p>On success (callback found a PSK identity and a pre-shared key to use) the length (&gt; 0) of <b>psk</b> in bytes is returned.</p>
+
+<p>Otherwise or on errors the callback should return 0. In this case the connection setup fails.</p>
+
+<p>The SSL_psk_use_session_cb_func callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_find_session_callback.html">SSL_CTX_set_psk_find_session_callback(3)</a>, <a href="../man3/SSL_set_psk_find_session_callback.html">SSL_set_psk_find_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_use_session_callback() and SSL_set_psk_use_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_psk_find_session_cb_func.html b/msys2/usr/share/doc/openssl/html/man3/SSL_psk_find_session_cb_func.html
new file mode 100644
index 000000000..59a43d097
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_psk_find_session_cb_func.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_psk_identity_hint</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_server_cb_func, SSL_psk_find_session_cb_func, SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint, SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback, SSL_CTX_set_psk_find_session_callback, SSL_set_psk_find_session_callback - set PSK identity hint to use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+                                             const unsigned char *identity,
+                                             size_t identity_len,
+                                             SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+                                            SSL_psk_find_session_cb_func cb);
+ void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+
+ typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                                const char *identity,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+ void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should set a callback using either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b> and an identity in <b>identity</b> of length <b>identity_len</b>. The callback function should identify an SSL_SESSION object that provides the PSK details and store it in <b>*sess</b>. The SSL_SESSION object should, as a minimum, set the master key, the ciphersuite and the protocol version. See <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a> for details.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be used but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL.</p>
+
+<p>Identity hints are not relevant for TLSv1.3. A server application wishing to use PSK ciphersuites for TLSv1.2 and below may call SSL_CTX_use_psk_identity_hint() to set the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for SSL context object <b>ctx</b>. SSL_use_psk_identity_hint() sets the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for the SSL connection object <b>ssl</b>. If <b>hint</b> is <b>NULL</b> the current hint from <b>ctx</b> or <b>ssl</b> is deleted.</p>
+
+<p>In the case where PSK identity hint is <b>NULL</b>, the server does not send the ServerKeyExchange message to the client.</p>
+
+<p>A server application wishing to use PSKs for TLSv1.2 and below must provide a callback function which is called when the server receives the ClientKeyExchange message from the client. The purpose of the callback function is to validate the received PSK identity and to fetch the pre-shared key used during the connection setup phase. The callback is set using the functions SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback(). The callback function is given the connection in parameter <b>ssl</b>, <b>NUL</b>-terminated PSK identity sent by the client in parameter <b>identity</b>, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback() and use that. In this case the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>SSL_CTX_use_psk_identity_hint()</b> and <b>SSL_use_psk_identity_hint()</b> return 1 on success, 0 otherwise.</p>
+
+<p>Return values from the TLSv1.2 and below server callback are interpreted as follows:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>PSK identity was not found. An &quot;unknown_psk_identity&quot; alert message will be sent and the connection setup fails.</p>
+
+</dd>
+<dt id="pod01">&gt;0</dt>
+<dd>
+
+<p>PSK identity was found and the server callback has provided the PSK successfully in parameter <b>psk</b>. Return value is the length of <b>psk</b> in bytes. It is an error to return a value greater than <b>max_psk_len</b>.</p>
+
+<p>If the PSK identity was not found but the callback instructs the protocol to continue anyway, the callback must provide some random data to <b>psk</b> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely.</p>
+
+</dd>
+</dl>
+
+<p>The <b>SSL_psk_find_session_cb_func</b> callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man3/SSL_set_psk_use_session_callback.html">SSL_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_find_session_callback() and SSL_set_psk_find_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_psk_server_cb_func.html b/msys2/usr/share/doc/openssl/html/man3/SSL_psk_server_cb_func.html
new file mode 100644
index 000000000..59a43d097
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_psk_server_cb_func.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_psk_identity_hint</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_server_cb_func, SSL_psk_find_session_cb_func, SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint, SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback, SSL_CTX_set_psk_find_session_callback, SSL_set_psk_find_session_callback - set PSK identity hint to use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+                                             const unsigned char *identity,
+                                             size_t identity_len,
+                                             SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+                                            SSL_psk_find_session_cb_func cb);
+ void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+
+ typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                                const char *identity,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+ void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should set a callback using either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b> and an identity in <b>identity</b> of length <b>identity_len</b>. The callback function should identify an SSL_SESSION object that provides the PSK details and store it in <b>*sess</b>. The SSL_SESSION object should, as a minimum, set the master key, the ciphersuite and the protocol version. See <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a> for details.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be used but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL.</p>
+
+<p>Identity hints are not relevant for TLSv1.3. A server application wishing to use PSK ciphersuites for TLSv1.2 and below may call SSL_CTX_use_psk_identity_hint() to set the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for SSL context object <b>ctx</b>. SSL_use_psk_identity_hint() sets the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for the SSL connection object <b>ssl</b>. If <b>hint</b> is <b>NULL</b> the current hint from <b>ctx</b> or <b>ssl</b> is deleted.</p>
+
+<p>In the case where PSK identity hint is <b>NULL</b>, the server does not send the ServerKeyExchange message to the client.</p>
+
+<p>A server application wishing to use PSKs for TLSv1.2 and below must provide a callback function which is called when the server receives the ClientKeyExchange message from the client. The purpose of the callback function is to validate the received PSK identity and to fetch the pre-shared key used during the connection setup phase. The callback is set using the functions SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback(). The callback function is given the connection in parameter <b>ssl</b>, <b>NUL</b>-terminated PSK identity sent by the client in parameter <b>identity</b>, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback() and use that. In this case the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>SSL_CTX_use_psk_identity_hint()</b> and <b>SSL_use_psk_identity_hint()</b> return 1 on success, 0 otherwise.</p>
+
+<p>Return values from the TLSv1.2 and below server callback are interpreted as follows:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>PSK identity was not found. An &quot;unknown_psk_identity&quot; alert message will be sent and the connection setup fails.</p>
+
+</dd>
+<dt id="pod01">&gt;0</dt>
+<dd>
+
+<p>PSK identity was found and the server callback has provided the PSK successfully in parameter <b>psk</b>. Return value is the length of <b>psk</b> in bytes. It is an error to return a value greater than <b>max_psk_len</b>.</p>
+
+<p>If the PSK identity was not found but the callback instructs the protocol to continue anyway, the callback must provide some random data to <b>psk</b> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely.</p>
+
+</dd>
+</dl>
+
+<p>The <b>SSL_psk_find_session_cb_func</b> callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man3/SSL_set_psk_use_session_callback.html">SSL_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_find_session_callback() and SSL_set_psk_find_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_psk_use_session_cb_func.html b/msys2/usr/share/doc/openssl/html/man3/SSL_psk_use_session_cb_func.html
new file mode 100644
index 000000000..2e073abef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_psk_use_session_cb_func.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_psk_client_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_client_cb_func, SSL_psk_use_session_cb_func, SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback, SSL_CTX_set_psk_use_session_callback, SSL_set_psk_use_session_callback - set PSK client callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_use_session_cb_func)(SSL *ssl, const EVP_MD *md,
+                                            const unsigned char **id,
+                                            size_t *idlen,
+                                            SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
+                                           SSL_psk_use_session_cb_func cb);
+ void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
+
+
+ typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+                                                const char *hint,
+                                                char *identity,
+                                                unsigned int max_identity_len,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+ void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should use either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate. These functions cannot be used for TLSv1.2 and below PSKs.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b>.</p>
+
+<p>The first time the callback is called for a connection the <b>md</b> parameter is NULL. In some circumstances the callback will be called a second time. In that case the server will have specified a ciphersuite to use already and the PSK must be compatible with the digest for that ciphersuite. The digest will be given in <b>md</b>. The PSK returned by the callback is allowed to be different between the first and second time it is called.</p>
+
+<p>On successful completion the callback must store a pointer to an identifier for the PSK in <b>*id</b>. The identifier length in bytes should be stored in <b>*idlen</b>. The memory pointed to by <b>*id</b> remains owned by the application and should be freed by it as required at any point after the handshake is complete.</p>
+
+<p>Additionally the callback should store a pointer to an SSL_SESSION object in <b>*sess</b>. This is used as the basis for the PSK, and should, at a minimum, have the following fields set:</p>
+
+<dl>
+
+<dt id="The-master-key">The master key</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set1_master_key.html">SSL_SESSION_set1_master_key(3)</a>.</p>
+
+</dd>
+<dt id="A-ciphersuite">A ciphersuite</dt>
+<dd>
+
+<p>Only the handshake digest associated with the ciphersuite is relevant for the PSK (the server may go on to negotiate any ciphersuite which is compatible with the digest). The application can use any TLSv1.3 ciphersuite. If <b>md</b> is not NULL the handshake digest for the ciphersuite should be the same. The ciphersuite can be set via a call to &lt;SSL_SESSION_set_cipher(3)&gt;. The handshake digest of an SSL_CIPHER object can be checked using &lt;SSL_CIPHER_get_handshake_digest(3)&gt;.</p>
+
+</dd>
+<dt id="The-protocol-version">The protocol version</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set_protocol_version.html">SSL_SESSION_set_protocol_version(3)</a> and should be TLS1_3_VERSION.</p>
+
+</dd>
+</dl>
+
+<p>Additionally the maximum early data value should be set via a call to <a href="../man3/SSL_SESSION_set_max_early_data.html">SSL_SESSION_set_max_early_data(3)</a> if the PSK will be used for sending early data.</p>
+
+<p>Alternatively an SSL_SESSION created from a previous non-PSK handshake may also be used as the basis for a PSK.</p>
+
+<p>Ownership of the SSL_SESSION object is passed to the OpenSSL library and so it should not be freed by the application.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be sent to the server but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL. The contents of <b>*id</b> and <b>*idlen</b> will be ignored.</p>
+
+<p>A client application wishing to use PSK ciphersuites for TLSv1.2 and below must provide a different callback function. This function will be called when the client is sending the ClientKeyExchange message to the server.</p>
+
+<p>The purpose of the callback function is to select the PSK identity and the pre-shared key to use during the connection setup phase.</p>
+
+<p>The callback is set using functions SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback(). The callback function is given the connection in parameter <b>ssl</b>, a <b>NULL</b>-terminated PSK identity hint sent by the server in parameter <b>hint</b>, a buffer <b>identity</b> of length <b>max_identity_len</b> bytes where the resulting <b>NUL</b>-terminated identity is to be stored, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the resulting pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback() and use that. In this case the <b>hint</b> value will always be NULL and the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Note that parameter <b>hint</b> given to the callback may be <b>NULL</b>.</p>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Return values from the <b>SSL_psk_client_cb_func</b> callback are interpreted as follows:</p>
+
+<p>On success (callback found a PSK identity and a pre-shared key to use) the length (&gt; 0) of <b>psk</b> in bytes is returned.</p>
+
+<p>Otherwise or on errors the callback should return 0. In this case the connection setup fails.</p>
+
+<p>The SSL_psk_use_session_cb_func callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_find_session_callback.html">SSL_CTX_set_psk_find_session_callback(3)</a>, <a href="../man3/SSL_set_psk_find_session_callback.html">SSL_set_psk_find_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_use_session_callback() and SSL_set_psk_use_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_read.html b/msys2/usr/share/doc/openssl/html/man3/SSL_read.html
new file mode 100644
index 000000000..eabd49bd2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_read.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_read_ex, SSL_read, SSL_peek_ex, SSL_peek - read bytes from a TLS/SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+ int SSL_read(SSL *ssl, void *buf, int num);
+
+ int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+ int SSL_peek(SSL *ssl, void *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_read_ex() and SSL_read() try to read <b>num</b> bytes from the specified <b>ssl</b> into the buffer <b>buf</b>. On success SSL_read_ex() will store the number of bytes actually read in <b>*readbytes</b>.</p>
+
+<p>SSL_peek_ex() and SSL_peek() are identical to SSL_read_ex() and SSL_read() respectively except no bytes are actually removed from the underlying BIO during the read, so that a subsequent call to SSL_read_ex() or SSL_read() will yield at least the same bytes.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In the paragraphs below a &quot;read function&quot; is defined as one of SSL_read_ex(), SSL_read(), SSL_peek_ex() or SSL_peek().</p>
+
+<p>If necessary, a read function will negotiate a TLS/SSL session, if not already explicitly performed by <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. If the peer requests a re-negotiation, it will be performed transparently during the read function operation. The behaviour of the read functions depends on the underlying BIO.</p>
+
+<p>For the transparent negotiation to succeed, the <b>ssl</b> must have been initialized to client or server mode. This is being done by calling <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a> or SSL_set_accept_state() before the first invocation of a read function.</p>
+
+<p>The read functions work based on the SSL/TLS records. The data are received in records (with a maximum record size of 16kB). Only when a record has been completely received, can it be processed (decryption and check of integrity). Therefore data that was not retrieved at the last read call can still be buffered inside the SSL layer and will be retrieved on the next read call. If <b>num</b> is higher than the number of bytes buffered then the read functions will return with the bytes buffered. If no more bytes are in the buffer, the read functions will trigger the processing of the next record. Only when the record has been received and processed completely will the read functions return reporting success. At most the contents of one record will be returned. As the size of an SSL/TLS record may exceed the maximum packet size of the underlying transport (e.g. TCP), it may be necessary to read several packets from the transport layer before the record is complete and the read call can succeed.</p>
+
+<p>If <b>SSL_MODE_AUTO_RETRY</b> has been switched off and a non-application data record has been processed, the read function can return and set the error to <b>SSL_ERROR_WANT_READ</b>. In this case there might still be unprocessed data available in the <b>BIO</b>. If read ahead was set using <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, there might also still be unprocessed data available in the <b>SSL</b>. This behaviour can be controlled using the <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> call.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, a read function will only return once the read operation has been finished or an error occurred, except when a non-application data record has been processed and <b>SSL_MODE_AUTO_RETRY</b> is not set. Note that if <b>SSL_MODE_AUTO_RETRY</b> is set and only non-application data is available the call will hang.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b>, a read function will also return when the underlying BIO could not satisfy the needs of the function to continue the operation. In this case a call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value of the read function will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. As at any time it&#39;s possible that non-application data needs to be sent, a read function can also cause write operations. The calling process then must repeat the call after taking appropriate action to satisfy the needs of the read function. The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<p><a href="../man3/SSL_pending.html">SSL_pending(3)</a> can be used to find out whether there are buffered bytes available for immediate retrieval. In this case the read function can be called without blocking or actually receiving new data from the underlying socket.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_read_ex() and SSL_peek_ex() will return 1 for success or 0 for failure. Success means that 1 or more application data bytes have been read from the SSL connection. Failure means that no bytes could be read from the SSL connection. Failures can be retryable (e.g. we are waiting for more bytes to be delivered by the network) or non-retryable (e.g. a fatal network error). In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to find out the reason which indicates whether the call is retryable or not.</p>
+
+<p>For SSL_read() and SSL_peek() the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">&gt; 0</dt>
+<dd>
+
+<p>The read operation was successful. The return value is the number of bytes actually read from the TLS/SSL connection.</p>
+
+</dd>
+<dt id="pod-0">&lt;= 0</dt>
+<dd>
+
+<p>The read operation was not successful, because either the connection was closed, an error occurred or action must be taken by the calling process. Call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value <b>ret</b> to find out the reason.</p>
+
+<p>Old documentation indicated a difference between 0 and -1, and that -1 was retryable. You should instead call SSL_get_error() to find out if it&#39;s retryable.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_read_ex() and SSL_peek_ex() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a> <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_read_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_read_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_read_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_read_ex.html b/msys2/usr/share/doc/openssl/html/man3/SSL_read_ex.html
new file mode 100644
index 000000000..eabd49bd2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_read_ex.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_read_ex, SSL_read, SSL_peek_ex, SSL_peek - read bytes from a TLS/SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+ int SSL_read(SSL *ssl, void *buf, int num);
+
+ int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+ int SSL_peek(SSL *ssl, void *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_read_ex() and SSL_read() try to read <b>num</b> bytes from the specified <b>ssl</b> into the buffer <b>buf</b>. On success SSL_read_ex() will store the number of bytes actually read in <b>*readbytes</b>.</p>
+
+<p>SSL_peek_ex() and SSL_peek() are identical to SSL_read_ex() and SSL_read() respectively except no bytes are actually removed from the underlying BIO during the read, so that a subsequent call to SSL_read_ex() or SSL_read() will yield at least the same bytes.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In the paragraphs below a &quot;read function&quot; is defined as one of SSL_read_ex(), SSL_read(), SSL_peek_ex() or SSL_peek().</p>
+
+<p>If necessary, a read function will negotiate a TLS/SSL session, if not already explicitly performed by <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. If the peer requests a re-negotiation, it will be performed transparently during the read function operation. The behaviour of the read functions depends on the underlying BIO.</p>
+
+<p>For the transparent negotiation to succeed, the <b>ssl</b> must have been initialized to client or server mode. This is being done by calling <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a> or SSL_set_accept_state() before the first invocation of a read function.</p>
+
+<p>The read functions work based on the SSL/TLS records. The data are received in records (with a maximum record size of 16kB). Only when a record has been completely received, can it be processed (decryption and check of integrity). Therefore data that was not retrieved at the last read call can still be buffered inside the SSL layer and will be retrieved on the next read call. If <b>num</b> is higher than the number of bytes buffered then the read functions will return with the bytes buffered. If no more bytes are in the buffer, the read functions will trigger the processing of the next record. Only when the record has been received and processed completely will the read functions return reporting success. At most the contents of one record will be returned. As the size of an SSL/TLS record may exceed the maximum packet size of the underlying transport (e.g. TCP), it may be necessary to read several packets from the transport layer before the record is complete and the read call can succeed.</p>
+
+<p>If <b>SSL_MODE_AUTO_RETRY</b> has been switched off and a non-application data record has been processed, the read function can return and set the error to <b>SSL_ERROR_WANT_READ</b>. In this case there might still be unprocessed data available in the <b>BIO</b>. If read ahead was set using <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, there might also still be unprocessed data available in the <b>SSL</b>. This behaviour can be controlled using the <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> call.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, a read function will only return once the read operation has been finished or an error occurred, except when a non-application data record has been processed and <b>SSL_MODE_AUTO_RETRY</b> is not set. Note that if <b>SSL_MODE_AUTO_RETRY</b> is set and only non-application data is available the call will hang.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b>, a read function will also return when the underlying BIO could not satisfy the needs of the function to continue the operation. In this case a call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value of the read function will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. As at any time it&#39;s possible that non-application data needs to be sent, a read function can also cause write operations. The calling process then must repeat the call after taking appropriate action to satisfy the needs of the read function. The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<p><a href="../man3/SSL_pending.html">SSL_pending(3)</a> can be used to find out whether there are buffered bytes available for immediate retrieval. In this case the read function can be called without blocking or actually receiving new data from the underlying socket.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_read_ex() and SSL_peek_ex() will return 1 for success or 0 for failure. Success means that 1 or more application data bytes have been read from the SSL connection. Failure means that no bytes could be read from the SSL connection. Failures can be retryable (e.g. we are waiting for more bytes to be delivered by the network) or non-retryable (e.g. a fatal network error). In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to find out the reason which indicates whether the call is retryable or not.</p>
+
+<p>For SSL_read() and SSL_peek() the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">&gt; 0</dt>
+<dd>
+
+<p>The read operation was successful. The return value is the number of bytes actually read from the TLS/SSL connection.</p>
+
+</dd>
+<dt id="pod-0">&lt;= 0</dt>
+<dd>
+
+<p>The read operation was not successful, because either the connection was closed, an error occurred or action must be taken by the calling process. Call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value <b>ret</b> to find out the reason.</p>
+
+<p>Old documentation indicated a difference between 0 and -1, and that -1 was retryable. You should instead call SSL_get_error() to find out if it&#39;s retryable.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_read_ex() and SSL_peek_ex() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a> <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate.html b/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate.html
new file mode 100644
index 000000000..bb21045ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_key_update</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_key_update, SSL_get_key_update_type, SSL_renegotiate, SSL_renegotiate_abbreviated, SSL_renegotiate_pending - initiate and obtain information about updating connection keys</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_key_update(SSL *s, int updatetype);
+ int SSL_get_key_update_type(const SSL *s);
+
+ int SSL_renegotiate(SSL *s);
+ int SSL_renegotiate_abbreviated(SSL *s);
+ int SSL_renegotiate_pending(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_key_update() schedules an update of the keys for the current TLS connection. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_NOT_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change along with a request for the peer to additionally update its sending keys. It is an error if <b>updatetype</b> is set to <b>SSL_KEY_UPDATE_NONE</b>.</p>
+
+<p>SSL_key_update() must only be called after the initial handshake has been completed and TLSv1.3 has been negotiated. The key update will not take place until the next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection. Alternatively SSL_do_handshake() can be called to force the update to take place immediately.</p>
+
+<p>SSL_get_key_update_type() can be used to determine whether a key update operation has been scheduled but not yet performed. The type of the pending key update operation will be returned if there is one, or SSL_KEY_UPDATE_NONE otherwise.</p>
+
+<p>SSL_renegotiate() and SSL_renegotiate_abbreviated() should only be called for connections that have negotiated TLSv1.2 or less. Calling them on any other connection will result in an error.</p>
+
+<p>When called from the client side, SSL_renegotiate() schedules a completely new handshake over an existing SSL/TLS connection. The next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection a check will be performed to confirm that it is a suitable time to start a renegotiation. If so, then it will be initiated immediately. OpenSSL will not attempt to resume any session associated with the connection in the new handshake.</p>
+
+<p>When called from the client side, SSL_renegotiate_abbreviated() works in the same was as SSL_renegotiate() except that OpenSSL will attempt to resume the session associated with the current connection in the new handshake.</p>
+
+<p>When called from the server side, SSL_renegotiate() and SSL_renegotiate_abbreviated() behave identically. They both schedule a request for a new handshake to be sent to the client. The next time an IO operation is performed then the same checks as on the client side are performed and then, if appropriate, the request is sent. The client may or may not respond with a new handshake and it may or may not attempt to resume an existing session. If a new handshake is started then this will be handled transparently by calling any OpenSSL IO function.</p>
+
+<p>If an OpenSSL client receives a renegotiation request from a server then again this will be handled transparently through calling any OpenSSL IO function. For a TLS connection the client will attempt to resume the current session in the new handshake. For historical reasons, DTLS clients will not attempt to resume the session in the new handshake.</p>
+
+<p>The SSL_renegotiate_pending() function returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_key_update(), SSL_renegotiate() and SSL_renegotiate_abbreviated() return 1 on success or 0 on error.</p>
+
+<p>SSL_get_key_update_type() returns the update type of the pending key update operation or SSL_KEY_UPDATE_NONE if there is none.</p>
+
+<p>SSL_renegotiate_pending() returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_key_update() and SSL_get_key_update_type() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate_abbreviated.html b/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate_abbreviated.html
new file mode 100644
index 000000000..bb21045ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate_abbreviated.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_key_update</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_key_update, SSL_get_key_update_type, SSL_renegotiate, SSL_renegotiate_abbreviated, SSL_renegotiate_pending - initiate and obtain information about updating connection keys</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_key_update(SSL *s, int updatetype);
+ int SSL_get_key_update_type(const SSL *s);
+
+ int SSL_renegotiate(SSL *s);
+ int SSL_renegotiate_abbreviated(SSL *s);
+ int SSL_renegotiate_pending(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_key_update() schedules an update of the keys for the current TLS connection. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_NOT_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change along with a request for the peer to additionally update its sending keys. It is an error if <b>updatetype</b> is set to <b>SSL_KEY_UPDATE_NONE</b>.</p>
+
+<p>SSL_key_update() must only be called after the initial handshake has been completed and TLSv1.3 has been negotiated. The key update will not take place until the next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection. Alternatively SSL_do_handshake() can be called to force the update to take place immediately.</p>
+
+<p>SSL_get_key_update_type() can be used to determine whether a key update operation has been scheduled but not yet performed. The type of the pending key update operation will be returned if there is one, or SSL_KEY_UPDATE_NONE otherwise.</p>
+
+<p>SSL_renegotiate() and SSL_renegotiate_abbreviated() should only be called for connections that have negotiated TLSv1.2 or less. Calling them on any other connection will result in an error.</p>
+
+<p>When called from the client side, SSL_renegotiate() schedules a completely new handshake over an existing SSL/TLS connection. The next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection a check will be performed to confirm that it is a suitable time to start a renegotiation. If so, then it will be initiated immediately. OpenSSL will not attempt to resume any session associated with the connection in the new handshake.</p>
+
+<p>When called from the client side, SSL_renegotiate_abbreviated() works in the same was as SSL_renegotiate() except that OpenSSL will attempt to resume the session associated with the current connection in the new handshake.</p>
+
+<p>When called from the server side, SSL_renegotiate() and SSL_renegotiate_abbreviated() behave identically. They both schedule a request for a new handshake to be sent to the client. The next time an IO operation is performed then the same checks as on the client side are performed and then, if appropriate, the request is sent. The client may or may not respond with a new handshake and it may or may not attempt to resume an existing session. If a new handshake is started then this will be handled transparently by calling any OpenSSL IO function.</p>
+
+<p>If an OpenSSL client receives a renegotiation request from a server then again this will be handled transparently through calling any OpenSSL IO function. For a TLS connection the client will attempt to resume the current session in the new handshake. For historical reasons, DTLS clients will not attempt to resume the session in the new handshake.</p>
+
+<p>The SSL_renegotiate_pending() function returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_key_update(), SSL_renegotiate() and SSL_renegotiate_abbreviated() return 1 on success or 0 on error.</p>
+
+<p>SSL_get_key_update_type() returns the update type of the pending key update operation or SSL_KEY_UPDATE_NONE if there is none.</p>
+
+<p>SSL_renegotiate_pending() returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_key_update() and SSL_get_key_update_type() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate_pending.html b/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate_pending.html
new file mode 100644
index 000000000..bb21045ac
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_renegotiate_pending.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_key_update</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_key_update, SSL_get_key_update_type, SSL_renegotiate, SSL_renegotiate_abbreviated, SSL_renegotiate_pending - initiate and obtain information about updating connection keys</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_key_update(SSL *s, int updatetype);
+ int SSL_get_key_update_type(const SSL *s);
+
+ int SSL_renegotiate(SSL *s);
+ int SSL_renegotiate_abbreviated(SSL *s);
+ int SSL_renegotiate_pending(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_key_update() schedules an update of the keys for the current TLS connection. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_NOT_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change. If the <b>updatetype</b> parameter is set to <b>SSL_KEY_UPDATE_REQUESTED</b> then the sending keys for this connection will be updated and the peer will be informed of the change along with a request for the peer to additionally update its sending keys. It is an error if <b>updatetype</b> is set to <b>SSL_KEY_UPDATE_NONE</b>.</p>
+
+<p>SSL_key_update() must only be called after the initial handshake has been completed and TLSv1.3 has been negotiated. The key update will not take place until the next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection. Alternatively SSL_do_handshake() can be called to force the update to take place immediately.</p>
+
+<p>SSL_get_key_update_type() can be used to determine whether a key update operation has been scheduled but not yet performed. The type of the pending key update operation will be returned if there is one, or SSL_KEY_UPDATE_NONE otherwise.</p>
+
+<p>SSL_renegotiate() and SSL_renegotiate_abbreviated() should only be called for connections that have negotiated TLSv1.2 or less. Calling them on any other connection will result in an error.</p>
+
+<p>When called from the client side, SSL_renegotiate() schedules a completely new handshake over an existing SSL/TLS connection. The next time an IO operation such as SSL_read_ex() or SSL_write_ex() takes place on the connection a check will be performed to confirm that it is a suitable time to start a renegotiation. If so, then it will be initiated immediately. OpenSSL will not attempt to resume any session associated with the connection in the new handshake.</p>
+
+<p>When called from the client side, SSL_renegotiate_abbreviated() works in the same was as SSL_renegotiate() except that OpenSSL will attempt to resume the session associated with the current connection in the new handshake.</p>
+
+<p>When called from the server side, SSL_renegotiate() and SSL_renegotiate_abbreviated() behave identically. They both schedule a request for a new handshake to be sent to the client. The next time an IO operation is performed then the same checks as on the client side are performed and then, if appropriate, the request is sent. The client may or may not respond with a new handshake and it may or may not attempt to resume an existing session. If a new handshake is started then this will be handled transparently by calling any OpenSSL IO function.</p>
+
+<p>If an OpenSSL client receives a renegotiation request from a server then again this will be handled transparently through calling any OpenSSL IO function. For a TLS connection the client will attempt to resume the current session in the new handshake. For historical reasons, DTLS clients will not attempt to resume the session in the new handshake.</p>
+
+<p>The SSL_renegotiate_pending() function returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_key_update(), SSL_renegotiate() and SSL_renegotiate_abbreviated() return 1 on success or 0 on error.</p>
+
+<p>SSL_get_key_update_type() returns the update type of the pending key update operation or SSL_KEY_UPDATE_NONE if there is none.</p>
+
+<p>SSL_renegotiate_pending() returns 1 if a renegotiation or renegotiation request has been scheduled but not yet acted on, or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_key_update() and SSL_get_key_update_type() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_rstate_string.html b/msys2/usr/share/doc/openssl/html/man3/SSL_rstate_string.html
new file mode 100644
index 000000000..8e8bbade3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_rstate_string.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_rstate_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_rstate_string, SSL_rstate_string_long - get textual description of state of an SSL object during read operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_rstate_string(SSL *ssl);
+ const char *SSL_rstate_string_long(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_rstate_string() returns a 2 letter string indicating the current read state of the SSL object <b>ssl</b>.</p>
+
+<p>SSL_rstate_string_long() returns a string indicating the current read state of the SSL object <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When performing a read operation, the SSL/TLS engine must parse the record, consisting of header and body. When working in a blocking environment, SSL_rstate_string[_long]() should always return &quot;RD&quot;/&quot;read done&quot;.</p>
+
+<p>This function should only seldom be needed in applications.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_rstate_string() and SSL_rstate_string_long() can return the following values:</p>
+
+<dl>
+
+<dt id="RH-read-header">&quot;RH&quot;/&quot;read header&quot;</dt>
+<dd>
+
+<p>The header of the record is being evaluated.</p>
+
+</dd>
+<dt id="RB-read-body">&quot;RB&quot;/&quot;read body&quot;</dt>
+<dd>
+
+<p>The body of the record is being evaluated.</p>
+
+</dd>
+<dt id="RD-read-done">&quot;RD&quot;/&quot;read done&quot;</dt>
+<dd>
+
+<p>The record has been completely processed.</p>
+
+</dd>
+<dt id="unknown-unknown">&quot;unknown&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>The read state is unknown. This should never happen.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_rstate_string_long.html b/msys2/usr/share/doc/openssl/html/man3/SSL_rstate_string_long.html
new file mode 100644
index 000000000..8e8bbade3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_rstate_string_long.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_rstate_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_rstate_string, SSL_rstate_string_long - get textual description of state of an SSL object during read operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_rstate_string(SSL *ssl);
+ const char *SSL_rstate_string_long(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_rstate_string() returns a 2 letter string indicating the current read state of the SSL object <b>ssl</b>.</p>
+
+<p>SSL_rstate_string_long() returns a string indicating the current read state of the SSL object <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When performing a read operation, the SSL/TLS engine must parse the record, consisting of header and body. When working in a blocking environment, SSL_rstate_string[_long]() should always return &quot;RD&quot;/&quot;read done&quot;.</p>
+
+<p>This function should only seldom be needed in applications.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_rstate_string() and SSL_rstate_string_long() can return the following values:</p>
+
+<dl>
+
+<dt id="RH-read-header">&quot;RH&quot;/&quot;read header&quot;</dt>
+<dd>
+
+<p>The header of the record is being evaluated.</p>
+
+</dd>
+<dt id="RB-read-body">&quot;RB&quot;/&quot;read body&quot;</dt>
+<dd>
+
+<p>The body of the record is being evaluated.</p>
+
+</dd>
+<dt id="RD-read-done">&quot;RD&quot;/&quot;read done&quot;</dt>
+<dd>
+
+<p>The record has been completely processed.</p>
+
+</dd>
+<dt id="unknown-unknown">&quot;unknown&quot;/&quot;unknown&quot;</dt>
+<dd>
+
+<p>The read state is unknown. This should never happen.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_select_current_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_select_current_cert.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_select_current_cert.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_select_next_proto.html b/msys2/usr/share/doc/openssl/html/man3/SSL_select_next_proto.html
new file mode 100644
index 000000000..2c1cda006
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_select_next_proto.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_alpn_select_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb, SSL_CTX_set_next_protos_advertised_cb, SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated - handle application layer protocol negotiation (ALPN)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                             unsigned int protos_len);
+ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                         unsigned int protos_len);
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                 int (*cb) (SSL *ssl,
+                                            const unsigned char **out,
+                                            unsigned char *outlen,
+                                            const unsigned char *in,
+                                            unsigned int inlen,
+                                            void *arg), void *arg);
+ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                            int (*cb)(SSL *ssl,
+                                                      const unsigned char **out,
+                                                      unsigned int *outlen,
+                                                      void *arg),
+                                            void *arg);
+ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                               int (*cb)(SSL *s,
+                                         unsigned char **out,
+                                         unsigned char *outlen,
+                                         const unsigned char *in,
+                                         unsigned int inlen,
+                                         void *arg),
+                               void *arg);
+ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           const unsigned char *server,
+                           unsigned int server_len,
+                           const unsigned char *client,
+                           unsigned int client_len)
+ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                             unsigned *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to set the list of protocols available to be negotiated. The <b>protos</b> must be in protocol-list format, described below. The length of <b>protos</b> is specified in <b>protos_len</b>.</p>
+
+<p>SSL_CTX_set_alpn_select_cb() sets the application callback <b>cb</b> used by a server to select which protocol to use for the incoming connection. When <b>cb</b> is NULL, ALPN is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p><b>cb</b> is the application defined callback. The <b>in</b>, <b>inlen</b> parameters are a vector in protocol-list format. The value of the <b>out</b>, <b>outlen</b> vector should be set to the value of a single protocol selected from the <b>in</b>, <b>inlen</b> vector. The <b>out</b> buffer may point directly into <b>in</b>, or to a buffer that outlives the handshake. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_alpn_select_cb().</p>
+
+<p>SSL_select_next_proto() is a helper function used to select protocols. It implements the standard protocol selection. It is expected that this function is called from the application callback <b>cb</b>. The protocol data in <b>server</b>, <b>server_len</b> and <b>client</b>, <b>client_len</b> must be in the protocol-list format described below. The first item in the <b>server</b>, <b>server_len</b> list that matches an item in the <b>client</b>, <b>client_len</b> list is selected, and returned in <b>out</b>, <b>outlen</b>. The <b>out</b> value will point into either <b>server</b> or <b>client</b>, so it should be copied immediately. If no match is found, the first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>. This function can also be used in the NPN callback.</p>
+
+<p>SSL_CTX_set_next_proto_select_cb() sets a callback <b>cb</b> that is called when a client needs to select a protocol from the server&#39;s provided list, and a user-defined pointer argument <b>arg</b> which will be passed to this callback. For the callback itself, <b>out</b> must be set to point to the selected protocol (which may be within <b>in</b>). The length of the protocol name must be written into <b>outlen</b>. The server&#39;s advertised protocols are provided in <b>in</b> and <b>inlen</b>. The callback can assume that <b>in</b> is syntactically valid. The client must select a protocol. It is fatal to the connection if this callback returns a value other than <b>SSL_TLSEXT_ERR_OK</b>. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().</p>
+
+<p>SSL_CTX_set_next_protos_advertised_cb() sets a callback <b>cb</b> that is called when a TLS server needs a list of supported protocols for Next Protocol Negotiation. The returned list must be in protocol-list format, described below. The list is returned by setting <b>out</b> to point to it and <b>outlen</b> to its length. This memory will not be modified, but the <b>SSL</b> does keep a reference to it. The callback should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<p>SSL_get0_alpn_selected() returns a pointer to the selected protocol in <b>data</b> with length <b>len</b>. It is not NUL-terminated. <b>data</b> is set to NULL and <b>len</b> is set to 0 if no protocol has been selected. <b>data</b> must not be freed.</p>
+
+<p>SSL_get0_next_proto_negotiated() sets <b>data</b> and <b>len</b> to point to the client&#39;s requested protocol for this connection. If the client did not request any protocol or NPN is not enabled, then <b>data</b> is set to NULL and <b>len</b> to 0. Note that the client can request any protocol it chooses. The value returned from this function need not be a member of the list of supported protocols provided by the callback.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. The length of the vector is not in the vector itself, but in a separate variable.</p>
+
+<p>Example:</p>
+
+<pre><code> unsigned char vector[] = {
+     6, &#39;s&#39;, &#39;p&#39;, &#39;d&#39;, &#39;y&#39;, &#39;/&#39;, &#39;1&#39;,
+     8, &#39;h&#39;, &#39;t&#39;, &#39;t&#39;, &#39;p&#39;, &#39;/&#39;, &#39;1&#39;, &#39;.&#39;, &#39;1&#39;
+ };
+ unsigned int length = sizeof(vector);</code></pre>
+
+<p>The ALPN callback is executed after the servername callback; as that servername callback may update the SSL_CTX, and subsequently, the ALPN callback.</p>
+
+<p>If there is no ALPN proposed in the ClientHello, the ALPN callback is not invoked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and non-0 on failure. WARNING: these functions reverse the return value convention.</p>
+
+<p>SSL_select_next_proto() returns one of the following:</p>
+
+<dl>
+
+<dt id="OPENSSL_NPN_NEGOTIATED">OPENSSL_NPN_NEGOTIATED</dt>
+<dd>
+
+<p>A match was found and is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+<dt id="OPENSSL_NPN_NO_OVERLAP">OPENSSL_NPN_NO_OVERLAP</dt>
+<dd>
+
+<p>No match was found. The first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+</dl>
+
+<p>The ALPN select callback <b>cb</b>, must return one of the following:</p>
+
+<dl>
+
+<dt id="SSL_TLSEXT_ERR_OK">SSL_TLSEXT_ERR_OK</dt>
+<dd>
+
+<p>ALPN protocol selected.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_ALERT_FATAL">SSL_TLSEXT_ERR_ALERT_FATAL</dt>
+<dd>
+
+<p>There was no overlap between the client&#39;s supplied list and the server configuration.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_NOACK">SSL_TLSEXT_ERR_NOACK</dt>
+<dd>
+
+<p>ALPN protocol not selected, e.g., because no ALPN protocols are configured for this connection.</p>
+
+</dd>
+</dl>
+
+<p>The callback set using SSL_CTX_set_next_proto_select_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if successful. Any other value is fatal to the connection.</p>
+
+<p>The callback set using SSL_CTX_set_next_protos_advertised_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_arg.html">SSL_CTX_set_tlsext_servername_arg(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_session_reused.html b/msys2/usr/share/doc/openssl/html/man3/SSL_session_reused.html
new file mode 100644
index 000000000..6bbf2faf4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_session_reused.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_session_reused</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_session_reused - query whether a reused session was negotiated during handshake</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_session_reused(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Query, whether a reused session was negotiated during the handshake.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During the negotiation, a client can propose to reuse a session. The server then looks up the session in its cache. If both client and server agree on the session, it will be reused and a flag is being set that can be queried by the application.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>A new session was negotiated.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>A session was reused.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set0_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set0_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_chain.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_chain.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set0_chain_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_chain_cert_store.html
new file mode 100644
index 000000000..c93b012a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_chain_cert_store.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_verify_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate verification or chain store</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store() set the certificate store used for certificate verification to <b>st</b>.</p>
+
+<p>SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store() set the certificate store used for certificate chain building to <b>st</b>.</p>
+
+<p>SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied store so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied store <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The stores pointers associated with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. As a result SSL structures will not be affected if the parent SSL_CTX store pointer is set to a new value.</p>
+
+<p>The verification store is used to verify the certificate chain sent by the peer: that is an SSL/TLS client will use the verification store to verify the server&#39;s certificate chain and a SSL/TLS server will use it to verify any client certificate chain.</p>
+
+<p>The chain store is used to build the certificate chain.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set or a certificate chain is configured already (for example using the functions such as <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> or <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>) then automatic chain building is disabled.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set then automatic chain building is disabled.</p>
+
+<p>If the chain or the verification store is not set then the store associated with the parent SSL_CTX is used instead to retain compatibility with previous versions of OpenSSL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set0_rbio.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_rbio.html
new file mode 100644
index 000000000..58a67bb62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_rbio.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_bio, SSL_set0_rbio, SSL_set0_wbio - connect the SSL object with a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
+ void SSL_set0_rbio(SSL *s, BIO *rbio);
+ void SSL_set0_wbio(SSL *s, BIO *wbio);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set0_rbio() connects the BIO <b>rbio</b> for the read operations of the <b>ssl</b> object. The SSL engine inherits the behaviour of <b>rbio</b>. If the BIO is non-blocking then the <b>ssl</b> object will also have non-blocking behaviour. This function transfers ownership of <b>rbio</b> to <b>ssl</b>. It will be automatically freed using <a href="../man3/BIO_free_all.html">BIO_free_all(3)</a> when the <b>ssl</b> is freed. On calling this function, any existing <b>rbio</b> that was previously set will also be freed via a call to <a href="../man3/BIO_free_all.html">BIO_free_all(3)</a> (this includes the case where the <b>rbio</b> is set to the same value as previously).</p>
+
+<p>SSL_set0_wbio() works in the same as SSL_set0_rbio() except that it connects the BIO <b>wbio</b> for the write operations of the <b>ssl</b> object. Note that if the rbio and wbio are the same then SSL_set0_rbio() and SSL_set0_wbio() each take ownership of one reference. Therefore it may be necessary to increment the number of references available using <a href="../man3/BIO_up_ref.html">BIO_up_ref(3)</a> before calling the set0 functions.</p>
+
+<p>SSL_set_bio() is similar to SSL_set0_rbio() and SSL_set0_wbio() except that it connects both the <b>rbio</b> and the <b>wbio</b> at the same time, and transfers the ownership of <b>rbio</b> and <b>wbio</b> to <b>ssl</b> according to the following set of rules:</p>
+
+<ul>
+
+<li><p>If neither the <b>rbio</b> or <b>wbio</b> have changed from their previous values then nothing is done.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and both are different to their previously set values then one reference is consumed for the rbio and one reference is consumed for the wbio.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are the same and the <b>rbio</b> is not the same as the previously set value then one reference is consumed.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are the same and the <b>rbio</b> is the same as the previously set value, then no additional references are consumed.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>rbio</b> is the same as the previously set value then one reference is consumed for the <b>wbio</b> and no references are consumed for the <b>rbio</b>.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>wbio</b> is the same as the previously set value and the old <b>rbio</b> and <b>wbio</b> values were the same as each other then one reference is consumed for the <b>rbio</b> and no references are consumed for the <b>wbio</b>.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>wbio</b> is the same as the previously set value and the old <b>rbio</b> and <b>wbio</b> values were different to each other then one reference is consumed for the <b>rbio</b> and one reference is consumed for the <b>wbio</b>.</p>
+
+</li>
+</ul>
+
+<p>Because of this complexity, this function should be avoided; use SSL_set0_rbio() and SSL_set0_wbio() instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_bio(), SSL_set0_rbio() and SSL_set0_wbio() cannot fail.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_rbio.html">SSL_get_rbio(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_set0_rbio() and SSL_set0_wbio() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set0_security_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_security_ex_data.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_security_ex_data.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set0_verify_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_verify_cert_store.html
new file mode 100644
index 000000000..c93b012a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_verify_cert_store.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_verify_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate verification or chain store</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store() set the certificate store used for certificate verification to <b>st</b>.</p>
+
+<p>SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store() set the certificate store used for certificate chain building to <b>st</b>.</p>
+
+<p>SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied store so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied store <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The stores pointers associated with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. As a result SSL structures will not be affected if the parent SSL_CTX store pointer is set to a new value.</p>
+
+<p>The verification store is used to verify the certificate chain sent by the peer: that is an SSL/TLS client will use the verification store to verify the server&#39;s certificate chain and a SSL/TLS server will use it to verify any client certificate chain.</p>
+
+<p>The chain store is used to build the certificate chain.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set or a certificate chain is configured already (for example using the functions such as <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> or <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>) then automatic chain building is disabled.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set then automatic chain building is disabled.</p>
+
+<p>If the chain or the verification store is not set then the store associated with the parent SSL_CTX is used instead to retain compatibility with previous versions of OpenSSL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set0_wbio.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_wbio.html
new file mode 100644
index 000000000..58a67bb62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set0_wbio.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_bio, SSL_set0_rbio, SSL_set0_wbio - connect the SSL object with a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
+ void SSL_set0_rbio(SSL *s, BIO *rbio);
+ void SSL_set0_wbio(SSL *s, BIO *wbio);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set0_rbio() connects the BIO <b>rbio</b> for the read operations of the <b>ssl</b> object. The SSL engine inherits the behaviour of <b>rbio</b>. If the BIO is non-blocking then the <b>ssl</b> object will also have non-blocking behaviour. This function transfers ownership of <b>rbio</b> to <b>ssl</b>. It will be automatically freed using <a href="../man3/BIO_free_all.html">BIO_free_all(3)</a> when the <b>ssl</b> is freed. On calling this function, any existing <b>rbio</b> that was previously set will also be freed via a call to <a href="../man3/BIO_free_all.html">BIO_free_all(3)</a> (this includes the case where the <b>rbio</b> is set to the same value as previously).</p>
+
+<p>SSL_set0_wbio() works in the same as SSL_set0_rbio() except that it connects the BIO <b>wbio</b> for the write operations of the <b>ssl</b> object. Note that if the rbio and wbio are the same then SSL_set0_rbio() and SSL_set0_wbio() each take ownership of one reference. Therefore it may be necessary to increment the number of references available using <a href="../man3/BIO_up_ref.html">BIO_up_ref(3)</a> before calling the set0 functions.</p>
+
+<p>SSL_set_bio() is similar to SSL_set0_rbio() and SSL_set0_wbio() except that it connects both the <b>rbio</b> and the <b>wbio</b> at the same time, and transfers the ownership of <b>rbio</b> and <b>wbio</b> to <b>ssl</b> according to the following set of rules:</p>
+
+<ul>
+
+<li><p>If neither the <b>rbio</b> or <b>wbio</b> have changed from their previous values then nothing is done.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and both are different to their previously set values then one reference is consumed for the rbio and one reference is consumed for the wbio.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are the same and the <b>rbio</b> is not the same as the previously set value then one reference is consumed.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are the same and the <b>rbio</b> is the same as the previously set value, then no additional references are consumed.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>rbio</b> is the same as the previously set value then one reference is consumed for the <b>wbio</b> and no references are consumed for the <b>rbio</b>.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>wbio</b> is the same as the previously set value and the old <b>rbio</b> and <b>wbio</b> values were the same as each other then one reference is consumed for the <b>rbio</b> and no references are consumed for the <b>wbio</b>.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>wbio</b> is the same as the previously set value and the old <b>rbio</b> and <b>wbio</b> values were different to each other then one reference is consumed for the <b>rbio</b> and one reference is consumed for the <b>wbio</b>.</p>
+
+</li>
+</ul>
+
+<p>Because of this complexity, this function should be avoided; use SSL_set0_rbio() and SSL_set0_wbio() instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_bio(), SSL_set0_rbio() and SSL_set0_wbio() cannot fail.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_rbio.html">SSL_get_rbio(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_set0_rbio() and SSL_set0_wbio() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_chain.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_chain.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_chain.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_chain_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_chain_cert_store.html
new file mode 100644
index 000000000..c93b012a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_chain_cert_store.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_verify_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate verification or chain store</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store() set the certificate store used for certificate verification to <b>st</b>.</p>
+
+<p>SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store() set the certificate store used for certificate chain building to <b>st</b>.</p>
+
+<p>SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied store so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied store <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The stores pointers associated with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. As a result SSL structures will not be affected if the parent SSL_CTX store pointer is set to a new value.</p>
+
+<p>The verification store is used to verify the certificate chain sent by the peer: that is an SSL/TLS client will use the verification store to verify the server&#39;s certificate chain and a SSL/TLS server will use it to verify any client certificate chain.</p>
+
+<p>The chain store is used to build the certificate chain.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set or a certificate chain is configured already (for example using the functions such as <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> or <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>) then automatic chain building is disabled.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set then automatic chain building is disabled.</p>
+
+<p>If the chain or the verification store is not set then the store associated with the parent SSL_CTX is used instead to retain compatibility with previous versions of OpenSSL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_client_sigalgs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_client_sigalgs.html
new file mode 100644
index 000000000..ef2aa7d66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_client_sigalgs.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_sigalgs, SSL_set1_sigalgs, SSL_CTX_set1_sigalgs_list, SSL_set1_sigalgs_list, SSL_CTX_set1_client_sigalgs, SSL_set1_client_sigalgs, SSL_CTX_set1_client_sigalgs_list, SSL_set1_client_sigalgs_list - set supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set1_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_sigalgs_list(SSL *ssl, const char *str);
+
+ long SSL_CTX_set1_client_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_client_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_client_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_client_sigalgs_list(SSL *ssl, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The array <b>slist</b> of length <b>slistlen</b> must consist of pairs of NIDs corresponding to digest and public key algorithms.</p>
+
+<p>SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The <b>str</b> parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by <b>+</b>, or a TLS 1.3-style named SignatureScheme such as rsa_pss_pss_sha256.</p>
+
+<p>SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), SSL_CTX_set1_client_sigalgs_list() and SSL_set1_client_sigalgs_list() set signature algorithms related to client authentication, otherwise they are identical to SSL_CTX_set1_sigalgs(), SSL_set1_sigalgs(), SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list().</p>
+
+<p>All these functions are implemented as macros. The signature algorithm parameter (integer array or string) is not freed: the application should free it, if necessary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to allow the setting of signature algorithms as one of many user configurable options it should consider using the more flexible SSL_CONF API instead.</p>
+
+<p>The signature algorithms set by a client are used directly in the supported signature algorithm in the client hello message.</p>
+
+<p>The supported signature algorithms set by a server are not sent to the client but are used to determine the set of shared signature algorithms and (if server preferences are set with SSL_OP_CIPHER_SERVER_PREFERENCE) their order.</p>
+
+<p>The client authentication signature algorithms set by a server are sent in a certificate request message if client authentication is enabled, otherwise they are unused.</p>
+
+<p>Similarly client authentication signature algorithms set by a client are used to determined the set of client authentication shared signature algorithms.</p>
+
+<p>Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).</p>
+
+<p>Currently the NID_md5, NID_sha1, NID_sha224, NID_sha256, NID_sha384 and NID_sha512 digest NIDs are supported and the public key algorithm NIDs EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_DSA and EVP_PKEY_EC.</p>
+
+<p>The short or long name values for digests can be used in a string (for example &quot;MD5&quot;, &quot;SHA1&quot;, &quot;SHA224&quot;, &quot;SHA256&quot;, &quot;SHA384&quot;, &quot;SHA512&quot;) and the public key algorithm strings &quot;RSA&quot;, &quot;RSA-PSS&quot;, &quot;DSA&quot; or &quot;ECDSA&quot;.</p>
+
+<p>The TLS 1.3 signature scheme names (such as &quot;rsa_pss_pss_sha256&quot;) can also be used with the <b>_list</b> forms of the API.</p>
+
+<p>The use of MD5 as a digest is strongly discouraged due to security weaknesses.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using an array:</p>
+
+<pre><code> const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);</code></pre>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using a string:</p>
+
+<pre><code> SSL_CTX_set1_sigalgs_list(ctx, &quot;ECDSA+SHA256:RSA+SHA256&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_shared_sigalgs.html">SSL_get_shared_sigalgs(3)</a>, <a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_client_sigalgs_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_client_sigalgs_list.html
new file mode 100644
index 000000000..ef2aa7d66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_client_sigalgs_list.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_sigalgs, SSL_set1_sigalgs, SSL_CTX_set1_sigalgs_list, SSL_set1_sigalgs_list, SSL_CTX_set1_client_sigalgs, SSL_set1_client_sigalgs, SSL_CTX_set1_client_sigalgs_list, SSL_set1_client_sigalgs_list - set supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set1_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_sigalgs_list(SSL *ssl, const char *str);
+
+ long SSL_CTX_set1_client_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_client_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_client_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_client_sigalgs_list(SSL *ssl, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The array <b>slist</b> of length <b>slistlen</b> must consist of pairs of NIDs corresponding to digest and public key algorithms.</p>
+
+<p>SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The <b>str</b> parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by <b>+</b>, or a TLS 1.3-style named SignatureScheme such as rsa_pss_pss_sha256.</p>
+
+<p>SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), SSL_CTX_set1_client_sigalgs_list() and SSL_set1_client_sigalgs_list() set signature algorithms related to client authentication, otherwise they are identical to SSL_CTX_set1_sigalgs(), SSL_set1_sigalgs(), SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list().</p>
+
+<p>All these functions are implemented as macros. The signature algorithm parameter (integer array or string) is not freed: the application should free it, if necessary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to allow the setting of signature algorithms as one of many user configurable options it should consider using the more flexible SSL_CONF API instead.</p>
+
+<p>The signature algorithms set by a client are used directly in the supported signature algorithm in the client hello message.</p>
+
+<p>The supported signature algorithms set by a server are not sent to the client but are used to determine the set of shared signature algorithms and (if server preferences are set with SSL_OP_CIPHER_SERVER_PREFERENCE) their order.</p>
+
+<p>The client authentication signature algorithms set by a server are sent in a certificate request message if client authentication is enabled, otherwise they are unused.</p>
+
+<p>Similarly client authentication signature algorithms set by a client are used to determined the set of client authentication shared signature algorithms.</p>
+
+<p>Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).</p>
+
+<p>Currently the NID_md5, NID_sha1, NID_sha224, NID_sha256, NID_sha384 and NID_sha512 digest NIDs are supported and the public key algorithm NIDs EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_DSA and EVP_PKEY_EC.</p>
+
+<p>The short or long name values for digests can be used in a string (for example &quot;MD5&quot;, &quot;SHA1&quot;, &quot;SHA224&quot;, &quot;SHA256&quot;, &quot;SHA384&quot;, &quot;SHA512&quot;) and the public key algorithm strings &quot;RSA&quot;, &quot;RSA-PSS&quot;, &quot;DSA&quot; or &quot;ECDSA&quot;.</p>
+
+<p>The TLS 1.3 signature scheme names (such as &quot;rsa_pss_pss_sha256&quot;) can also be used with the <b>_list</b> forms of the API.</p>
+
+<p>The use of MD5 as a digest is strongly discouraged due to security weaknesses.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using an array:</p>
+
+<pre><code> const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);</code></pre>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using a string:</p>
+
+<pre><code> SSL_CTX_set1_sigalgs_list(ctx, &quot;ECDSA+SHA256:RSA+SHA256&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_shared_sigalgs.html">SSL_get_shared_sigalgs(3)</a>, <a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_curves.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_curves.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_curves.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_curves_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_curves_list.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_curves_list.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_groups.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_groups.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_groups.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_groups_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_groups_list.html
new file mode 100644
index 000000000..1661dfb0c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_groups_list.html
@@ -0,0 +1,102 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_curves</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_groups, SSL_CTX_set1_groups_list, SSL_set1_groups, SSL_set1_groups_list, SSL_get1_groups, SSL_get_shared_group, SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve - EC supported curve functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set1_groups(SSL_CTX *ctx, int *glist, int glistlen);
+ int SSL_CTX_set1_groups_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_groups(SSL *ssl, int *glist, int glistlen);
+ int SSL_set1_groups_list(SSL *ssl, char *list);
+
+ int SSL_get1_groups(SSL *ssl, int *groups);
+ int SSL_get_shared_group(SSL *s, int n);
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>For all of the functions below that set the supported groups there must be at least one group in the list.</p>
+
+<p>SSL_CTX_set1_groups() sets the supported groups for <b>ctx</b> to <b>glistlen</b> groups in the array <b>glist</b>. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the supported groups extension. For a TLS server the groups are used to determine the set of shared groups.</p>
+
+<p>SSL_CTX_set1_groups_list() sets the supported groups for <b>ctx</b> to string <b>list</b>. The string is a colon separated list of group NIDs or names, for example &quot;P-521:P-384:P-256&quot;.</p>
+
+<p>SSL_set1_groups() and SSL_set1_groups_list() are similar except they set supported groups for the SSL structure <b>ssl</b>.</p>
+
+<p>SSL_get1_groups() returns the set of supported groups sent by a client in the supported groups extension. It returns the total number of supported groups. The <b>groups</b> parameter can be <b>NULL</b> to simply return the number of groups for memory allocation purposes. The <b>groups</b> array is in the form of a set of group NIDs in preference order. It can return zero if the client did not send a supported groups extension.</p>
+
+<p>SSL_get_shared_group() returns shared group <b>n</b> for a server-side SSL <b>ssl</b>. If <b>n</b> is -1 then the total number of shared groups is returned, which may be zero. Other than for diagnostic purposes, most applications will only be interested in the first shared group so <b>n</b> is normally set to zero. If the value <b>n</b> is out of range, NID_undef is returned.</p>
+
+<p>All these functions are implemented as macros.</p>
+
+<p>The curve functions are synonyms for the equivalently named group functions and are identical in every respect. They exist because, prior to TLS1.3, there was only the concept of supported curves. In TLS1.3 this was renamed to supported groups, and extended to include Diffie Hellman groups. The group functions should be used in preference.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to make use of several of these functions for configuration purposes either on a command line or in a file it should consider using the SSL_CONF interface instead of manually parsing options.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set1_groups(), SSL_CTX_set1_groups_list(), SSL_set1_groups() and SSL_set1_groups_list(), return 1 for success and 0 for failure.</p>
+
+<p>SSL_get1_groups() returns the number of groups, which may be zero.</p>
+
+<p>SSL_get_shared_group() returns the NID of shared group <b>n</b> or NID_undef if there is no shared group <b>n</b>; or the total number of shared groups if <b>n</b> is -1.</p>
+
+<p>When called on a client <b>ssl</b>, SSL_get_shared_group() has no meaning and returns -1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The curve functions were added in OpenSSL 1.0.2. The equivalent group functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_host.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_host.html
new file mode 100644
index 000000000..84dbeba9e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_host.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set1_host</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set1_host, SSL_add1_host, SSL_set_hostflags, SSL_get0_peername - SSL server verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set1_host(SSL *s, const char *hostname);
+ int SSL_add1_host(SSL *s, const char *hostname);
+ void SSL_set_hostflags(SSL *s, unsigned int flags);
+ const char *SSL_get0_peername(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions configure server hostname checks in the SSL client.</p>
+
+<p>SSL_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or the empty string the list of hostnames is cleared, and name checks are not performed on the peer certificate. When a non-empty <b>name</b> is specified, certificate verification automatically checks the peer hostname via <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with <b>flags</b> as specified via SSL_set_hostflags(). Clients that enable DANE TLSA authentication via <a href="../man3/SSL_dane_enable.html">SSL_dane_enable(3)</a> should leave it to that function to set the primary reference identifier of the peer, and should not call SSL_set1_host().</p>
+
+<p>SSL_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via SSL_set1_host() or SSL_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches. This function is required for DANE TLSA in the presence of service name indirection via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or RFC7673.</p>
+
+<p>SSL_set_hostflags() sets the <b>flags</b> that will be passed to <a href="../man3/X509_check_host.html">X509_check_host(3)</a> when name checks are applicable, by default the <b>flags</b> value is 0. See <a href="../man3/X509_check_host.html">X509_check_host(3)</a> for the list of available flags and their meaning.</p>
+
+<p>SSL_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, the name matched in the peer certificate may be a wildcard name. When one of the reference identifiers configured via SSL_set1_host() or SSL_add1_host() starts with &quot;.&quot;, which indicates a parent domain prefix rather than a fixed name, the matched peer name may be a sub-domain of the reference identifier. The returned string is allocated by the library and is no longer valid once the associated <b>ssl</b> handle is cleared or freed, or a renegotiation takes place. Applications must not free the return value.</p>
+
+<p>SSL clients are advised to use these functions in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>. Hostname checks may be out of scope with the RFC7671 DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE is enabled.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set1_host() and SSL_add1_host() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peername() returns NULL if peername verification is not applicable (as with RFC7671 DANE-EE(3)), or no trusted peername was matched. Otherwise, it returns the matched peername. To determine whether verification succeeded call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;. The calls below will arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+ if (!SSL_set1_host(ssl, &quot;smtp.example.com&quot;))
+     /* error */
+ if (!SSL_add1_host(ssl, &quot;example.com&quot;))
+     /* error */
+
+ /* XXX: Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+
+     if (peername != NULL)
+         /* Name checks were in scope and matched the peername */
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>. <a href="../man3/SSL_dane_enable.html">SSL_dane_enable(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_param.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_param.html
new file mode 100644
index 000000000..8eafcb4e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_param.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_get0_param</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get0_param, SSL_get0_param, SSL_CTX_set1_param, SSL_set1_param - get and set verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
+ X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+ int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
+ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_get0_param() and SSL_get0_param() retrieve an internal pointer to the verification parameters for <b>ctx</b> or <b>ssl</b> respectively. The returned pointer must not be freed by the calling application.</p>
+
+<p>SSL_CTX_set1_param() and SSL_set1_param() set the verification parameters to <b>vpm</b> for <b>ctx</b> or <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Typically parameters are retrieved from an <b>SSL_CTX</b> or <b>SSL</b> structure using SSL_CTX_get0_param() or SSL_get0_param() and an application modifies them to suit its needs: for example to add a hostname check.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Check hostname matches &quot;www.foo.com&quot; in peer certificate:</p>
+
+<pre><code> X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl);
+ X509_VERIFY_PARAM_set1_host(vpm, &quot;www.foo.com&quot;, 0);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_get0_param() and SSL_get0_param() return a pointer to an <b>X509_VERIFY_PARAM</b> structure.</p>
+
+<p>SSL_CTX_set1_param() and SSL_set1_param() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_sigalgs.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_sigalgs.html
new file mode 100644
index 000000000..ef2aa7d66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_sigalgs.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_sigalgs, SSL_set1_sigalgs, SSL_CTX_set1_sigalgs_list, SSL_set1_sigalgs_list, SSL_CTX_set1_client_sigalgs, SSL_set1_client_sigalgs, SSL_CTX_set1_client_sigalgs_list, SSL_set1_client_sigalgs_list - set supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set1_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_sigalgs_list(SSL *ssl, const char *str);
+
+ long SSL_CTX_set1_client_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_client_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_client_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_client_sigalgs_list(SSL *ssl, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The array <b>slist</b> of length <b>slistlen</b> must consist of pairs of NIDs corresponding to digest and public key algorithms.</p>
+
+<p>SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The <b>str</b> parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by <b>+</b>, or a TLS 1.3-style named SignatureScheme such as rsa_pss_pss_sha256.</p>
+
+<p>SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), SSL_CTX_set1_client_sigalgs_list() and SSL_set1_client_sigalgs_list() set signature algorithms related to client authentication, otherwise they are identical to SSL_CTX_set1_sigalgs(), SSL_set1_sigalgs(), SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list().</p>
+
+<p>All these functions are implemented as macros. The signature algorithm parameter (integer array or string) is not freed: the application should free it, if necessary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to allow the setting of signature algorithms as one of many user configurable options it should consider using the more flexible SSL_CONF API instead.</p>
+
+<p>The signature algorithms set by a client are used directly in the supported signature algorithm in the client hello message.</p>
+
+<p>The supported signature algorithms set by a server are not sent to the client but are used to determine the set of shared signature algorithms and (if server preferences are set with SSL_OP_CIPHER_SERVER_PREFERENCE) their order.</p>
+
+<p>The client authentication signature algorithms set by a server are sent in a certificate request message if client authentication is enabled, otherwise they are unused.</p>
+
+<p>Similarly client authentication signature algorithms set by a client are used to determined the set of client authentication shared signature algorithms.</p>
+
+<p>Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).</p>
+
+<p>Currently the NID_md5, NID_sha1, NID_sha224, NID_sha256, NID_sha384 and NID_sha512 digest NIDs are supported and the public key algorithm NIDs EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_DSA and EVP_PKEY_EC.</p>
+
+<p>The short or long name values for digests can be used in a string (for example &quot;MD5&quot;, &quot;SHA1&quot;, &quot;SHA224&quot;, &quot;SHA256&quot;, &quot;SHA384&quot;, &quot;SHA512&quot;) and the public key algorithm strings &quot;RSA&quot;, &quot;RSA-PSS&quot;, &quot;DSA&quot; or &quot;ECDSA&quot;.</p>
+
+<p>The TLS 1.3 signature scheme names (such as &quot;rsa_pss_pss_sha256&quot;) can also be used with the <b>_list</b> forms of the API.</p>
+
+<p>The use of MD5 as a digest is strongly discouraged due to security weaknesses.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using an array:</p>
+
+<pre><code> const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);</code></pre>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using a string:</p>
+
+<pre><code> SSL_CTX_set1_sigalgs_list(ctx, &quot;ECDSA+SHA256:RSA+SHA256&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_shared_sigalgs.html">SSL_get_shared_sigalgs(3)</a>, <a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_sigalgs_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_sigalgs_list.html
new file mode 100644
index 000000000..ef2aa7d66
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_sigalgs_list.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_sigalgs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set1_sigalgs, SSL_set1_sigalgs, SSL_CTX_set1_sigalgs_list, SSL_set1_sigalgs_list, SSL_CTX_set1_client_sigalgs, SSL_set1_client_sigalgs, SSL_CTX_set1_client_sigalgs_list, SSL_set1_client_sigalgs_list - set supported signature algorithms</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set1_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_sigalgs_list(SSL *ssl, const char *str);
+
+ long SSL_CTX_set1_client_sigalgs(SSL_CTX *ctx, const int *slist, long slistlen);
+ long SSL_set1_client_sigalgs(SSL *ssl, const int *slist, long slistlen);
+ long SSL_CTX_set1_client_sigalgs_list(SSL_CTX *ctx, const char *str);
+ long SSL_set1_client_sigalgs_list(SSL *ssl, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The array <b>slist</b> of length <b>slistlen</b> must consist of pairs of NIDs corresponding to digest and public key algorithms.</p>
+
+<p>SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list() set the supported signature algorithms for <b>ctx</b> or <b>ssl</b>. The <b>str</b> parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by <b>+</b>, or a TLS 1.3-style named SignatureScheme such as rsa_pss_pss_sha256.</p>
+
+<p>SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), SSL_CTX_set1_client_sigalgs_list() and SSL_set1_client_sigalgs_list() set signature algorithms related to client authentication, otherwise they are identical to SSL_CTX_set1_sigalgs(), SSL_set1_sigalgs(), SSL_CTX_set1_sigalgs_list() and SSL_set1_sigalgs_list().</p>
+
+<p>All these functions are implemented as macros. The signature algorithm parameter (integer array or string) is not freed: the application should free it, if necessary.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an application wishes to allow the setting of signature algorithms as one of many user configurable options it should consider using the more flexible SSL_CONF API instead.</p>
+
+<p>The signature algorithms set by a client are used directly in the supported signature algorithm in the client hello message.</p>
+
+<p>The supported signature algorithms set by a server are not sent to the client but are used to determine the set of shared signature algorithms and (if server preferences are set with SSL_OP_CIPHER_SERVER_PREFERENCE) their order.</p>
+
+<p>The client authentication signature algorithms set by a server are sent in a certificate request message if client authentication is enabled, otherwise they are unused.</p>
+
+<p>Similarly client authentication signature algorithms set by a client are used to determined the set of client authentication shared signature algorithms.</p>
+
+<p>Signature algorithms will neither be advertised nor used if the security level prohibits them (for example SHA1 if the security level is 4 or more).</p>
+
+<p>Currently the NID_md5, NID_sha1, NID_sha224, NID_sha256, NID_sha384 and NID_sha512 digest NIDs are supported and the public key algorithm NIDs EVP_PKEY_RSA, EVP_PKEY_RSA_PSS, EVP_PKEY_DSA and EVP_PKEY_EC.</p>
+
+<p>The short or long name values for digests can be used in a string (for example &quot;MD5&quot;, &quot;SHA1&quot;, &quot;SHA224&quot;, &quot;SHA256&quot;, &quot;SHA384&quot;, &quot;SHA512&quot;) and the public key algorithm strings &quot;RSA&quot;, &quot;RSA-PSS&quot;, &quot;DSA&quot; or &quot;ECDSA&quot;.</p>
+
+<p>The TLS 1.3 signature scheme names (such as &quot;rsa_pss_pss_sha256&quot;) can also be used with the <b>_list</b> forms of the API.</p>
+
+<p>The use of MD5 as a digest is strongly discouraged due to security weaknesses.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using an array:</p>
+
+<pre><code> const int slist[] = {NID_sha256, EVP_PKEY_EC, NID_sha256, EVP_PKEY_RSA};
+
+ SSL_CTX_set1_sigalgs(ctx, slist, 4);</code></pre>
+
+<p>Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA using a string:</p>
+
+<pre><code> SSL_CTX_set1_sigalgs_list(ctx, &quot;ECDSA+SHA256:RSA+SHA256&quot;);</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_shared_sigalgs.html">SSL_get_shared_sigalgs(3)</a>, <a href="../man3/SSL_CONF_CTX_new.html">SSL_CONF_CTX_new(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set1_verify_cert_store.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_verify_cert_store.html
new file mode 100644
index 000000000..c93b012a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set1_verify_cert_store.html
@@ -0,0 +1,90 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set1_verify_cert_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate verification or chain store</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL *ctx, X509_STORE *st);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store() set the certificate store used for certificate verification to <b>st</b>.</p>
+
+<p>SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store() set the certificate store used for certificate chain building to <b>st</b>.</p>
+
+<p>SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied store so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied store <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The stores pointers associated with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. As a result SSL structures will not be affected if the parent SSL_CTX store pointer is set to a new value.</p>
+
+<p>The verification store is used to verify the certificate chain sent by the peer: that is an SSL/TLS client will use the verification store to verify the server&#39;s certificate chain and a SSL/TLS server will use it to verify any client certificate chain.</p>
+
+<p>The chain store is used to build the certificate chain.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set or a certificate chain is configured already (for example using the functions such as <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> or <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>) then automatic chain building is disabled.</p>
+
+<p>If the mode <b>SSL_MODE_NO_AUTO_CHAIN</b> is set then automatic chain building is disabled.</p>
+
+<p>If the chain or the verification store is not set then the store associated with the parent SSL_CTX is used instead to retain compatibility with previous versions of OpenSSL.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All these functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> <a href="../man3/SSL_CTX_set0_chain.html">SSL_CTX_set0_chain(3)</a> <a href="../man3/SSL_CTX_set1_chain.html">SSL_CTX_set1_chain(3)</a> <a href="../man3/SSL_CTX_add0_chain_cert.html">SSL_CTX_add0_chain_cert(3)</a> <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a> <a href="../man3/SSL_set0_chain.html">SSL_set0_chain(3)</a> <a href="../man3/SSL_set1_chain.html">SSL_set1_chain(3)</a> <a href="../man3/SSL_add0_chain_cert.html">SSL_add0_chain_cert(3)</a> <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a> <a href="../man3/SSL_CTX_build_cert_chain.html">SSL_CTX_build_cert_chain(3)</a> <a href="../man3/SSL_build_cert_chain.html">SSL_build_cert_chain(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_accept_state.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_accept_state.html
new file mode 100644
index 000000000..be735c533
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_accept_state.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_connect_state</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_connect_state, SSL_set_accept_state, SSL_is_server - functions for manipulating and examining the client or server mode of an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_connect_state(SSL *ssl);
+
+ void SSL_set_accept_state(SSL *ssl);
+
+ int SSL_is_server(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_connect_state() sets <b>ssl</b> to work in client mode.</p>
+
+<p>SSL_set_accept_state() sets <b>ssl</b> to work in server mode.</p>
+
+<p>SSL_is_server() checks if <b>ssl</b> is working in server mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When the SSL_CTX object was created with <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, it was either assigned a dedicated client method, a dedicated server method, or a generic method, that can be used for both client and server connections. (The method might have been changed with <a href="../man3/SSL_CTX_set_ssl_version.html">SSL_CTX_set_ssl_version(3)</a> or <a href="../man3/SSL_set_ssl_method.html">SSL_set_ssl_method(3)</a>.)</p>
+
+<p>When beginning a new handshake, the SSL engine must know whether it must call the connect (client) or accept (server) routines. Even though it may be clear from the method chosen, whether client or server mode was requested, the handshake routines must be explicitly set.</p>
+
+<p>When using the <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a> routines, the correct handshake routines are automatically set. When performing a transparent negotiation using <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, or <a href="../man3/SSL_read.html">SSL_read(3)</a>, the handshake routines must be explicitly set in advance using either SSL_set_connect_state() or SSL_set_accept_state().</p>
+
+<p>If SSL_is_server() is called before SSL_set_connect_state() or SSL_set_accept_state() is called (either automatically or explicitly), the result depends on what method was used when SSL_CTX was created with <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>. If a generic method or a dedicated server method was passed to <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, SSL_is_server() returns 1; otherwise, it returns 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_connect_state() and SSL_set_accept_state() do not return diagnostic information.</p>
+
+<p>SSL_is_server() returns 1 if <b>ssl</b> is working in server mode or 0 for client mode.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_ssl_version.html">SSL_CTX_set_ssl_version(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_allow_early_data_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_allow_early_data_cb.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_allow_early_data_cb.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_alpn_protos.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_alpn_protos.html
new file mode 100644
index 000000000..2c1cda006
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_alpn_protos.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_alpn_select_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb, SSL_CTX_set_next_protos_advertised_cb, SSL_select_next_proto, SSL_get0_alpn_selected, SSL_get0_next_proto_negotiated - handle application layer protocol negotiation (ALPN)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                             unsigned int protos_len);
+ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                         unsigned int protos_len);
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                 int (*cb) (SSL *ssl,
+                                            const unsigned char **out,
+                                            unsigned char *outlen,
+                                            const unsigned char *in,
+                                            unsigned int inlen,
+                                            void *arg), void *arg);
+ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                            int (*cb)(SSL *ssl,
+                                                      const unsigned char **out,
+                                                      unsigned int *outlen,
+                                                      void *arg),
+                                            void *arg);
+ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                               int (*cb)(SSL *s,
+                                         unsigned char **out,
+                                         unsigned char *outlen,
+                                         const unsigned char *in,
+                                         unsigned int inlen,
+                                         void *arg),
+                               void *arg);
+ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           const unsigned char *server,
+                           unsigned int server_len,
+                           const unsigned char *client,
+                           unsigned int client_len)
+ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                             unsigned *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to set the list of protocols available to be negotiated. The <b>protos</b> must be in protocol-list format, described below. The length of <b>protos</b> is specified in <b>protos_len</b>.</p>
+
+<p>SSL_CTX_set_alpn_select_cb() sets the application callback <b>cb</b> used by a server to select which protocol to use for the incoming connection. When <b>cb</b> is NULL, ALPN is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p><b>cb</b> is the application defined callback. The <b>in</b>, <b>inlen</b> parameters are a vector in protocol-list format. The value of the <b>out</b>, <b>outlen</b> vector should be set to the value of a single protocol selected from the <b>in</b>, <b>inlen</b> vector. The <b>out</b> buffer may point directly into <b>in</b>, or to a buffer that outlives the handshake. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_alpn_select_cb().</p>
+
+<p>SSL_select_next_proto() is a helper function used to select protocols. It implements the standard protocol selection. It is expected that this function is called from the application callback <b>cb</b>. The protocol data in <b>server</b>, <b>server_len</b> and <b>client</b>, <b>client_len</b> must be in the protocol-list format described below. The first item in the <b>server</b>, <b>server_len</b> list that matches an item in the <b>client</b>, <b>client_len</b> list is selected, and returned in <b>out</b>, <b>outlen</b>. The <b>out</b> value will point into either <b>server</b> or <b>client</b>, so it should be copied immediately. If no match is found, the first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>. This function can also be used in the NPN callback.</p>
+
+<p>SSL_CTX_set_next_proto_select_cb() sets a callback <b>cb</b> that is called when a client needs to select a protocol from the server&#39;s provided list, and a user-defined pointer argument <b>arg</b> which will be passed to this callback. For the callback itself, <b>out</b> must be set to point to the selected protocol (which may be within <b>in</b>). The length of the protocol name must be written into <b>outlen</b>. The server&#39;s advertised protocols are provided in <b>in</b> and <b>inlen</b>. The callback can assume that <b>in</b> is syntactically valid. The client must select a protocol. It is fatal to the connection if this callback returns a value other than <b>SSL_TLSEXT_ERR_OK</b>. The <b>arg</b> parameter is the pointer set via SSL_CTX_set_next_proto_select_cb().</p>
+
+<p>SSL_CTX_set_next_protos_advertised_cb() sets a callback <b>cb</b> that is called when a TLS server needs a list of supported protocols for Next Protocol Negotiation. The returned list must be in protocol-list format, described below. The list is returned by setting <b>out</b> to point to it and <b>outlen</b> to its length. This memory will not be modified, but the <b>SSL</b> does keep a reference to it. The callback should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<p>SSL_get0_alpn_selected() returns a pointer to the selected protocol in <b>data</b> with length <b>len</b>. It is not NUL-terminated. <b>data</b> is set to NULL and <b>len</b> is set to 0 if no protocol has been selected. <b>data</b> must not be freed.</p>
+
+<p>SSL_get0_next_proto_negotiated() sets <b>data</b> and <b>len</b> to point to the client&#39;s requested protocol for this connection. If the client did not request any protocol or NPN is not enabled, then <b>data</b> is set to NULL and <b>len</b> to 0. Note that the client can request any protocol it chooses. The value returned from this function need not be a member of the list of supported protocols provided by the callback.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. The length of the vector is not in the vector itself, but in a separate variable.</p>
+
+<p>Example:</p>
+
+<pre><code> unsigned char vector[] = {
+     6, &#39;s&#39;, &#39;p&#39;, &#39;d&#39;, &#39;y&#39;, &#39;/&#39;, &#39;1&#39;,
+     8, &#39;h&#39;, &#39;t&#39;, &#39;t&#39;, &#39;p&#39;, &#39;/&#39;, &#39;1&#39;, &#39;.&#39;, &#39;1&#39;
+ };
+ unsigned int length = sizeof(vector);</code></pre>
+
+<p>The ALPN callback is executed after the servername callback; as that servername callback may update the SSL_CTX, and subsequently, the ALPN callback.</p>
+
+<p>If there is no ALPN proposed in the ClientHello, the ALPN callback is not invoked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and non-0 on failure. WARNING: these functions reverse the return value convention.</p>
+
+<p>SSL_select_next_proto() returns one of the following:</p>
+
+<dl>
+
+<dt id="OPENSSL_NPN_NEGOTIATED">OPENSSL_NPN_NEGOTIATED</dt>
+<dd>
+
+<p>A match was found and is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+<dt id="OPENSSL_NPN_NO_OVERLAP">OPENSSL_NPN_NO_OVERLAP</dt>
+<dd>
+
+<p>No match was found. The first item in <b>client</b>, <b>client_len</b> is returned in <b>out</b>, <b>outlen</b>.</p>
+
+</dd>
+</dl>
+
+<p>The ALPN select callback <b>cb</b>, must return one of the following:</p>
+
+<dl>
+
+<dt id="SSL_TLSEXT_ERR_OK">SSL_TLSEXT_ERR_OK</dt>
+<dd>
+
+<p>ALPN protocol selected.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_ALERT_FATAL">SSL_TLSEXT_ERR_ALERT_FATAL</dt>
+<dd>
+
+<p>There was no overlap between the client&#39;s supplied list and the server configuration.</p>
+
+</dd>
+<dt id="SSL_TLSEXT_ERR_NOACK">SSL_TLSEXT_ERR_NOACK</dt>
+<dd>
+
+<p>ALPN protocol not selected, e.g., because no ALPN protocols are configured for this connection.</p>
+
+</dd>
+</dl>
+
+<p>The callback set using SSL_CTX_set_next_proto_select_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if successful. Any other value is fatal to the connection.</p>
+
+<p>The callback set using SSL_CTX_set_next_protos_advertised_cb() should return <b>SSL_TLSEXT_ERR_OK</b> if it wishes to advertise. Otherwise, no such extension will be included in the ServerHello.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_callback.html">SSL_CTX_set_tlsext_servername_callback(3)</a>, <a href="../man3/SSL_CTX_set_tlsext_servername_arg.html">SSL_CTX_set_tlsext_servername_arg(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_bio.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_bio.html
new file mode 100644
index 000000000..58a67bb62
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_bio.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_bio, SSL_set0_rbio, SSL_set0_wbio - connect the SSL object with a BIO</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
+ void SSL_set0_rbio(SSL *s, BIO *rbio);
+ void SSL_set0_wbio(SSL *s, BIO *wbio);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set0_rbio() connects the BIO <b>rbio</b> for the read operations of the <b>ssl</b> object. The SSL engine inherits the behaviour of <b>rbio</b>. If the BIO is non-blocking then the <b>ssl</b> object will also have non-blocking behaviour. This function transfers ownership of <b>rbio</b> to <b>ssl</b>. It will be automatically freed using <a href="../man3/BIO_free_all.html">BIO_free_all(3)</a> when the <b>ssl</b> is freed. On calling this function, any existing <b>rbio</b> that was previously set will also be freed via a call to <a href="../man3/BIO_free_all.html">BIO_free_all(3)</a> (this includes the case where the <b>rbio</b> is set to the same value as previously).</p>
+
+<p>SSL_set0_wbio() works in the same as SSL_set0_rbio() except that it connects the BIO <b>wbio</b> for the write operations of the <b>ssl</b> object. Note that if the rbio and wbio are the same then SSL_set0_rbio() and SSL_set0_wbio() each take ownership of one reference. Therefore it may be necessary to increment the number of references available using <a href="../man3/BIO_up_ref.html">BIO_up_ref(3)</a> before calling the set0 functions.</p>
+
+<p>SSL_set_bio() is similar to SSL_set0_rbio() and SSL_set0_wbio() except that it connects both the <b>rbio</b> and the <b>wbio</b> at the same time, and transfers the ownership of <b>rbio</b> and <b>wbio</b> to <b>ssl</b> according to the following set of rules:</p>
+
+<ul>
+
+<li><p>If neither the <b>rbio</b> or <b>wbio</b> have changed from their previous values then nothing is done.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and both are different to their previously set values then one reference is consumed for the rbio and one reference is consumed for the wbio.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are the same and the <b>rbio</b> is not the same as the previously set value then one reference is consumed.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are the same and the <b>rbio</b> is the same as the previously set value, then no additional references are consumed.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>rbio</b> is the same as the previously set value then one reference is consumed for the <b>wbio</b> and no references are consumed for the <b>rbio</b>.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>wbio</b> is the same as the previously set value and the old <b>rbio</b> and <b>wbio</b> values were the same as each other then one reference is consumed for the <b>rbio</b> and no references are consumed for the <b>wbio</b>.</p>
+
+</li>
+<li><p>If the <b>rbio</b> and <b>wbio</b> parameters are different and the <b>wbio</b> is the same as the previously set value and the old <b>rbio</b> and <b>wbio</b> values were different to each other then one reference is consumed for the <b>rbio</b> and one reference is consumed for the <b>wbio</b>.</p>
+
+</li>
+</ul>
+
+<p>Because of this complexity, this function should be avoided; use SSL_set0_rbio() and SSL_set0_wbio() instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_bio(), SSL_set0_rbio() and SSL_set0_wbio() cannot fail.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_rbio.html">SSL_get_rbio(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_set0_rbio() and SSL_set0_wbio() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_block_padding.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_block_padding.html
new file mode 100644
index 000000000..57d5c7c64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_block_padding.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_record_padding_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_record_padding_callback, SSL_set_record_padding_callback, SSL_CTX_set_record_padding_callback_arg, SSL_set_record_padding_callback_arg, SSL_CTX_get_record_padding_callback_arg, SSL_get_record_padding_callback_arg, SSL_CTX_set_block_padding, SSL_set_block_padding - install callback to specify TLS 1.3 record padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+ void SSL_set_record_padding_callback(SSL *ssl, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+
+ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+
+ void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+ void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+
+ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+ int SSL_set_block_padding(SSL *ssl, size_t block_size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_record_padding_callback() or SSL_set_record_padding_callback() can be used to assign a callback function <i>cb</i> to specify the padding for TLS 1.3 records. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_set_record_padding_callback_arg() and SSL_set_record_padding_callback_arg() assign a value <b>arg</b> that is passed to the callback when it is invoked. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() retrieve the <b>arg</b> value that is passed to the callback.</p>
+
+<p>SSL_CTX_set_block_padding() and SSL_set_block_padding() pads the record to a multiple of the <b>block_size</b>. A <b>block_size</b> of 0 or 1 disables block padding. The limit of <b>block_size</b> is SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>The callback is invoked for every record before encryption. The <b>type</b> parameter is the TLS record type that is being processed; may be one of SSL3_RT_APPLICATION_DATA, SSL3_RT_HANDSHAKE, or SSL3_RT_ALERT. The <b>len</b> parameter is the current plaintext length of the record before encryption. The <b>arg</b> parameter is the value set via SSL_CTX_set_record_padding_callback_arg() or SSL_set_record_padding_callback_arg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() functions return the <b>arg</b> value assigned in the corresponding set functions.</p>
+
+<p>The SSL_CTX_set_block_padding() and SSL_set_block_padding() functions return 1 on success or 0 if <b>block_size</b> is too large.</p>
+
+<p>The <b>cb</b> returns the number of padding bytes to add to the record. A return of 0 indicates no padding will be added. A return value that causes the record to exceed the maximum record size (SSL3_RT_MAX_PLAIN_LENGTH) will pad out to the maximum record size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default behavior is to add no padding to the record.</p>
+
+<p>A user-supplied padding callback function will override the behavior set by SSL_set_block_padding() or SSL_CTX_set_block_padding(). Setting the user-supplied callback to NULL will restore the configured block padding behavior.</p>
+
+<p>These functions only apply to TLS 1.3 records being written.</p>
+
+<p>Padding bytes are not added in constant-time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The record padding API was added for TLS 1.3 support in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_cert_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_cert_cb.html
new file mode 100644
index 000000000..f6fd39d99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_cert_cb.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cert_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cert_cb, SSL_set_cert_cb - handle certificate callback function</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cert_cb)(SSL *ssl, void *arg),
+                          void *arg);
+ void SSL_set_cert_cb(SSL *s, int (*cert_cb)(SSL *ssl, void *arg), void *arg);
+
+ int (*cert_cb)(SSL *ssl, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cert_cb() and SSL_set_cert_cb() sets the cert_cb() callback, <b>arg</b> value is pointer which is passed to the application callback.</p>
+
+<p>When cert_cb() is NULL, no callback function is used.</p>
+
+<p>cert_cb() is the application defined callback. It is called before a certificate will be used by a client or server. The callback can then inspect the passed <b>ssl</b> structure and set or clear any appropriate certificates. If the callback is successful it <b>MUST</b> return 1 even if no certificates have been set. A zero is returned on error which will abort the handshake with a fatal internal error alert. A negative return value will suspend the handshake and the handshake function will return immediately. <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was suspended. The next call to the handshake function will again lead to the call of cert_cb(). It is the job of the cert_cb() to store information about the state of the last call, if required to continue.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>An application will typically call SSL_use_certificate() and SSL_use_PrivateKey() to set the end entity certificate and private key. It can add intermediate and optionally the root CA certificates using SSL_add1_chain_cert().</p>
+
+<p>It might also call SSL_certs_clear() to delete any certificates associated with the <b>SSL</b> object.</p>
+
+<p>The certificate callback functionality supersedes the (largely broken) functionality provided by the old client certificate callback interface. It is <b>always</b> called even is a certificate is already set so the callback can modify or delete the existing certificate.</p>
+
+<p>A more advanced callback might examine the handshake parameters and set whatever chain is appropriate. For example a legacy client supporting only TLSv1.0 might receive a certificate chain signed using SHA1 whereas a TLSv1.2 or later client which advertises support for SHA256 could receive a chain using SHA256.</p>
+
+<p>Normal server sanity checks are performed on any certificates set by the callback. So if an EC chain is set for a curve the client does not support it will <b>not</b> be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cert_cb() and SSL_set_cert_cb() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_use_certificate.html">SSL_use_certificate(3)</a>, <a href="../man3/SSL_add1_chain_cert.html">SSL_add1_chain_cert(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_cipher_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_cipher_list.html
new file mode 100644
index 000000000..bc7dbdbb3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_cipher_list.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cipher_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cipher_list, SSL_set_cipher_list, SSL_CTX_set_ciphersuites, SSL_set_ciphersuites - choose list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
+ int SSL_set_cipher_list(SSL *ssl, const char *str);
+
+ int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str);
+ int SSL_set_ciphersuites(SSL *s, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cipher_list() sets the list of available ciphers (TLSv1.2 and below) for <b>ctx</b> using the control string <b>str</b>. The format of the string is described in <a href="../man1/ciphers.html">ciphers(1)</a>. The list of ciphers is inherited by all <b>ssl</b> objects created from <b>ctx</b>. This function does not impact TLSv1.3 ciphersuites. Use SSL_CTX_set_ciphersuites() to configure those.</p>
+
+<p>SSL_set_cipher_list() sets the list of ciphers (TLSv1.2 and below) only for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_ciphersuites() is used to configure the available TLSv1.3 ciphersuites for <b>ctx</b>. This is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names in order of perference. Valid TLSv1.3 ciphersuite names are:</p>
+
+<dl>
+
+<dt id="TLS_AES_128_GCM_SHA256">TLS_AES_128_GCM_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_256_GCM_SHA384">TLS_AES_256_GCM_SHA384</dt>
+<dd>
+
+</dd>
+<dt id="TLS_CHACHA20_POLY1305_SHA256">TLS_CHACHA20_POLY1305_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_128_CCM_SHA256">TLS_AES_128_CCM_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_128_CCM_8_SHA256">TLS_AES_128_CCM_8_SHA256</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>An empty list is permissible. The default value for the this setting is:</p>
+
+<p>&quot;TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256&quot;</p>
+
+<p>SSL_set_ciphersuites() is the same as SSL_CTX_set_ciphersuites() except it configures the ciphersuites for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The control string <b>str</b> for SSL_CTX_set_cipher_list() and SSL_set_cipher_list() should be universally usable and not depend on details of the library configuration (ciphers compiled in). Thus no syntax checking takes place. Items that are not recognized, because the corresponding ciphers are not compiled in or because they are mistyped, are simply ignored. Failure is only flagged if no ciphers could be collected at all.</p>
+
+<p>It should be noted, that inclusion of a cipher to be used into the list is a necessary condition. On the client side, the inclusion into the list is also sufficient unless the security level excludes it. On the server side, additional restrictions apply. All ciphers have additional requirements. ADH ciphers don&#39;t need a certificate, but DH-parameters must have been set. All other ciphers need a corresponding certificate and key.</p>
+
+<p>A RSA cipher can only be chosen, when a RSA certificate is available. RSA ciphers using DHE need a certificate and key and additional DH-parameters (see <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>).</p>
+
+<p>A DSA cipher can only be chosen, when a DSA certificate is available. DSA ciphers always use DH key exchange and therefore need DH-parameters (see <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>).</p>
+
+<p>When these conditions are not met for any cipher in the list (e.g. a client only supports export RSA ciphers with an asymmetric key length of 512 bits and the server is not configured to use temporary RSA keys), the &quot;no shared cipher&quot; (SSL_R_NO_SHARED_CIPHER) error is generated and the handshake will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher could be selected and 0 on complete failure.</p>
+
+<p>SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() return 1 if the requested ciphersuite list was configured, and 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_ciphersuites.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_ciphersuites.html
new file mode 100644
index 000000000..bc7dbdbb3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_ciphersuites.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_cipher_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_cipher_list, SSL_set_cipher_list, SSL_CTX_set_ciphersuites, SSL_set_ciphersuites - choose list of available SSL_CIPHERs</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
+ int SSL_set_cipher_list(SSL *ssl, const char *str);
+
+ int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str);
+ int SSL_set_ciphersuites(SSL *s, const char *str);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_cipher_list() sets the list of available ciphers (TLSv1.2 and below) for <b>ctx</b> using the control string <b>str</b>. The format of the string is described in <a href="../man1/ciphers.html">ciphers(1)</a>. The list of ciphers is inherited by all <b>ssl</b> objects created from <b>ctx</b>. This function does not impact TLSv1.3 ciphersuites. Use SSL_CTX_set_ciphersuites() to configure those.</p>
+
+<p>SSL_set_cipher_list() sets the list of ciphers (TLSv1.2 and below) only for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_ciphersuites() is used to configure the available TLSv1.3 ciphersuites for <b>ctx</b>. This is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names in order of perference. Valid TLSv1.3 ciphersuite names are:</p>
+
+<dl>
+
+<dt id="TLS_AES_128_GCM_SHA256">TLS_AES_128_GCM_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_256_GCM_SHA384">TLS_AES_256_GCM_SHA384</dt>
+<dd>
+
+</dd>
+<dt id="TLS_CHACHA20_POLY1305_SHA256">TLS_CHACHA20_POLY1305_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_128_CCM_SHA256">TLS_AES_128_CCM_SHA256</dt>
+<dd>
+
+</dd>
+<dt id="TLS_AES_128_CCM_8_SHA256">TLS_AES_128_CCM_8_SHA256</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>An empty list is permissible. The default value for the this setting is:</p>
+
+<p>&quot;TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256&quot;</p>
+
+<p>SSL_set_ciphersuites() is the same as SSL_CTX_set_ciphersuites() except it configures the ciphersuites for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The control string <b>str</b> for SSL_CTX_set_cipher_list() and SSL_set_cipher_list() should be universally usable and not depend on details of the library configuration (ciphers compiled in). Thus no syntax checking takes place. Items that are not recognized, because the corresponding ciphers are not compiled in or because they are mistyped, are simply ignored. Failure is only flagged if no ciphers could be collected at all.</p>
+
+<p>It should be noted, that inclusion of a cipher to be used into the list is a necessary condition. On the client side, the inclusion into the list is also sufficient unless the security level excludes it. On the server side, additional restrictions apply. All ciphers have additional requirements. ADH ciphers don&#39;t need a certificate, but DH-parameters must have been set. All other ciphers need a corresponding certificate and key.</p>
+
+<p>A RSA cipher can only be chosen, when a RSA certificate is available. RSA ciphers using DHE need a certificate and key and additional DH-parameters (see <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>).</p>
+
+<p>A DSA cipher can only be chosen, when a DSA certificate is available. DSA ciphers always use DH key exchange and therefore need DH-parameters (see <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>).</p>
+
+<p>When these conditions are not met for any cipher in the list (e.g. a client only supports export RSA ciphers with an asymmetric key length of 512 bits and the server is not configured to use temporary RSA keys), the &quot;no shared cipher&quot; (SSL_R_NO_SHARED_CIPHER) error is generated and the handshake will fail.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher could be selected and 0 on complete failure.</p>
+
+<p>SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() return 1 if the requested ciphersuite list was configured, and 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_client_CA_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_client_CA_list.html
new file mode 100644
index 000000000..742fe94a0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_client_CA_list.html
@@ -0,0 +1,130 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set0_CA_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_get_client_CA_list, SSL_CTX_get_client_CA_list, SSL_CTX_add_client_CA, SSL_add_client_CA, SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list, SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list, SSL_get0_peer_CA_list - get or set CA list</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+ void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+ const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+ const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+
+ const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions described here set and manage the list of CA names that are sent between two communicating peers.</p>
+
+<p>For TLS versions 1.2 and earlier the list of CA names is only sent from the server to the client when requesting a client certificate. So any list of CA names set is never sent from client to server and the list of CA names retrieved by SSL_get0_peer_CA_list() is always <b>NULL</b>.</p>
+
+<p>For TLS 1.3 the list of CA names is sent using the <b>certificate_authorities</b> extension and may be sent by a client (in the ClientHello message) or by a server (when requesting a certificate).</p>
+
+<p>In most cases it is not necessary to set CA names on the client side. The list of CA names that are acceptable to the client will be sent in plaintext to the server. This has privacy implications and may also have performance implications if the list is large. This optional capability was introduced as part of TLSv1.3 and therefore setting CA names on the client side will have no impact if that protocol version has been disabled. Most servers do not need this and so this should be avoided unless required.</p>
+
+<p>The &quot;client CA list&quot; functions below only have an effect when called on the server side.</p>
+
+<p>SSL_CTX_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for <b>ctx</b>. Ownership of <b>list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set_client_CA_list() sets the <b>list</b> of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object. Ownership of <b>list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for <b>ctx</b> using SSL_CTX_set_client_CA_list(). The returned list should not be freed by the caller.</p>
+
+<p>SSL_get_client_CA_list() returns the list of client CAs explicitly set for <b>ssl</b> using SSL_set_client_CA_list() or <b>ssl</b>&#39;s SSL_CTX object with SSL_CTX_set_client_CA_list(), when in server mode. In client mode, SSL_get_client_CA_list returns the list of client CAs sent from the server, if any. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for <b>ctx</b>.</p>
+
+<p>SSL_add_client_CA() adds the CA name extracted from <b>cacert</b> to the list of CAs sent to the client when requesting a client certificate for the chosen <b>ssl</b>, overriding the setting valid for <b>ssl</b>&#39;s SSL_CTX object.</p>
+
+<p>SSL_get0_peer_CA_list() retrieves the list of CA names (if any) the peer has sent. This can be called on either the server or the client side. The returned list should not be freed by the caller.</p>
+
+<p>The &quot;generic CA list&quot; functions below are very similar to the &quot;client CA list&quot; functions except that they have an effect on both the server and client sides. The lists of CA names managed are separate - so you cannot (for example) set CA names using the &quot;client CA list&quot; functions and then get them using the &quot;generic CA list&quot; functions. Where a mix of the two types of functions has been used on the server side then the &quot;client CA list&quot; functions take precedence. Typically, on the server side, the &quot;client CA list &quot; functions should be used in preference. As noted above in most cases it is not necessary to set CA names on the client side.</p>
+
+<p>SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b>. Ownership of <b>name_list</b> is transferred to <b>ctx</b> and it should not be freed by the caller.</p>
+
+<p>SSL_set0_CA_list() sets the list of CAs to be sent to the peer to <b>name_list</b> overriding any list set in the parent <b>SSL_CTX</b> of <b>s</b>. Ownership of <b>name_list</b> is transferred to <b>s</b> and it should not be freed by the caller.</p>
+
+<p>SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for <b>ctx</b>. The returned list should not be freed by the caller.</p>
+
+<p>SSL_get0_CA_list() retrieves any previously set list of CAs set for <b>s</b> or if none are set the list from the parent <b>SSL_CTX</b> is retrieved. The returned list should not be freed by the caller.</p>
+
+<p>SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to peer for <b>ctx</b>.</p>
+
+<p>SSL_add1_to_CA_list() appends the CA subject name extracted from <b>x</b> to the list of CAs sent to the peer for <b>s</b>, overriding the setting in the parent <b>SSL_CTX</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a TLS/SSL server requests a client certificate (see <b>SSL_CTX_set_verify(3)</b>), it sends a list of CAs, for which it will accept certificates, to the client.</p>
+
+<p>This list must explicitly be set using SSL_CTX_set_client_CA_list() or SSL_CTX_set0_CA_list() for <b>ctx</b> and SSL_set_client_CA_list() or SSL_set0_CA_list() for the specific <b>ssl</b>. The list specified overrides the previous setting. The CAs listed do not become trusted (<b>list</b> only contains the names, not the complete certificates); use <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> to additionally load them for verification.</p>
+
+<p>If the list of acceptable CAs is compiled in a file, the <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a> function can be used to help to import the necessary data.</p>
+
+<p>SSL_CTX_add_client_CA(), SSL_CTX_add1_to_CA_list(), SSL_add_client_CA() and SSL_add1_to_CA_list() can be used to add additional items the list of CAs. If no list was specified before using SSL_CTX_set_client_CA_list(), SSL_CTX_set0_CA_list(), SSL_set_client_CA_list() or SSL_set0_CA_list(), a new CA list for <b>ctx</b> or <b>ssl</b> (as appropriate) is opened.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set_client_CA_list(), SSL_set_client_CA_list(), SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a value.</p>
+
+<p>SSL_CTX_get_client_CA_list(), SSL_get_client_CA_list(), SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names or <b>NULL</b> is no CA names are set.</p>
+
+<p>SSL_CTX_add_client_CA(),SSL_add_client_CA(), SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or <b>NULL</b> or an empty stack if no list was sent.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Scan all certificates in <b>CAfile</b> and list them as acceptable CAs:</p>
+
+<pre><code> SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_connect_state.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_connect_state.html
new file mode 100644
index 000000000..be735c533
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_connect_state.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_connect_state</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_connect_state, SSL_set_accept_state, SSL_is_server - functions for manipulating and examining the client or server mode of an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_connect_state(SSL *ssl);
+
+ void SSL_set_accept_state(SSL *ssl);
+
+ int SSL_is_server(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_connect_state() sets <b>ssl</b> to work in client mode.</p>
+
+<p>SSL_set_accept_state() sets <b>ssl</b> to work in server mode.</p>
+
+<p>SSL_is_server() checks if <b>ssl</b> is working in server mode.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When the SSL_CTX object was created with <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, it was either assigned a dedicated client method, a dedicated server method, or a generic method, that can be used for both client and server connections. (The method might have been changed with <a href="../man3/SSL_CTX_set_ssl_version.html">SSL_CTX_set_ssl_version(3)</a> or <a href="../man3/SSL_set_ssl_method.html">SSL_set_ssl_method(3)</a>.)</p>
+
+<p>When beginning a new handshake, the SSL engine must know whether it must call the connect (client) or accept (server) routines. Even though it may be clear from the method chosen, whether client or server mode was requested, the handshake routines must be explicitly set.</p>
+
+<p>When using the <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a> routines, the correct handshake routines are automatically set. When performing a transparent negotiation using <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, or <a href="../man3/SSL_read.html">SSL_read(3)</a>, the handshake routines must be explicitly set in advance using either SSL_set_connect_state() or SSL_set_accept_state().</p>
+
+<p>If SSL_is_server() is called before SSL_set_connect_state() or SSL_set_accept_state() is called (either automatically or explicitly), the result depends on what method was used when SSL_CTX was created with <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>. If a generic method or a dedicated server method was passed to <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, SSL_is_server() returns 1; otherwise, it returns 0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_connect_state() and SSL_set_accept_state() do not return diagnostic information.</p>
+
+<p>SSL_is_server() returns 1 if <b>ssl</b> is working in server mode or 0 for client mode.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_ssl_version.html">SSL_CTX_set_ssl_version(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_ct_validation_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_ct_validation_callback.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_ct_validation_callback.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_current_cert.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_current_cert.html
new file mode 100644
index 000000000..9f08318ef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_current_cert.html
@@ -0,0 +1,122 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_add1_chain_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert, SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs, SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert, SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain, SSL_build_cert_chain, SSL_CTX_select_current_cert, SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra chain certificate processing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain associated with the current certificate of <b>ctx</b> to <b>sk</b>.</p>
+
+<p>SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single certificate <b>x509</b> to the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_get0_chain_certs() retrieves the chain associated with the current certificate of <b>ctx</b>.</p>
+
+<p>SSL_CTX_clear_chain_certs() clears any existing chain associated with the current certificate of <b>ctx</b>. (This is implemented by calling SSL_CTX_set0_chain() with <b>sk</b> set to <b>NULL</b>).</p>
+
+<p>SSL_CTX_build_cert_chain() builds the certificate chain for <b>ctx</b> normally this uses the chain store or the verify store if the chain store is not set. If the function is successful the built chain will replace any existing chain. The <b>flags</b> parameter can be set to <b>SSL_BUILD_CHAIN_FLAG_UNTRUSTED</b> to use existing chain certificates as untrusted CAs, <b>SSL_BUILD_CHAIN_FLAG_NO_ROOT</b> to omit the root CA from the built chain, <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to use all existing chain certificates only to build the chain (effectively sanity checking and rearranging them if necessary), the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> ignores any errors during verification: if flag <b>SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR</b> is also set verification errors are cleared from the error queue.</p>
+
+<p>Each of these functions operates on the <i>current</i> end entity (i.e. server or client) certificate. This is the last certificate loaded or selected on the corresponding <b>ctx</b> structure.</p>
+
+<p>SSL_CTX_select_current_cert() selects <b>x509</b> as the current end entity certificate, but only if <b>x509</b> has already been loaded into <b>ctx</b> using a function such as SSL_CTX_use_certificate().</p>
+
+<p>SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(), SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(), SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert() are similar except they apply to SSL structure <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_current_cert() changes the current certificate to a value based on the <b>op</b> argument. Currently <b>op</b> can be <b>SSL_CERT_SET_FIRST</b> to use the first valid certificate or <b>SSL_CERT_SET_NEXT</b> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an <b>SSL_CTX</b> structure.</p>
+
+<p>SSL_set_current_cert() also supports the option <b>SSL_CERT_SET_SERVER</b>. If <b>ssl</b> is a server and has sent a certificate to a connected client this option sets that certificate to the current certificate and returns 1. If the negotiated cipher suite is anonymous (and thus no certificate will be sent) 2 is returned and the current certificate is unchanged. If <b>ssl</b> is not a server or a certificate has not been sent 0 is returned and the current certificate is unchanged.</p>
+
+<p>All these functions are implemented as macros. Those containing a <b>1</b> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a <b>0</b> do not increment reference counts and the supplied certificate or chain <b>MUST NOT</b> be freed after the operation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The chains associate with an SSL_CTX structure are copied to any SSL structures when SSL_new() is called. SSL structures will not be affected by any chains subsequently changed in the parent SSL_CTX.</p>
+
+<p>One chain can be set for each key type supported by a server. So, for example, an RSA and a DSA certificate can (and often will) have different chains.</p>
+
+<p>The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can be used to check application configuration and to ensure any necessary subordinate CAs are sent in the correct order. Misconfigured applications sending incorrect certificate chains often cause problems with peers.</p>
+
+<p>For example an application can add any set of certificates using SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain() with the option <b>SSL_BUILD_CHAIN_FLAG_CHECK</b> to check and reorder them.</p>
+
+<p>Applications can issue non fatal warnings when checking chains by setting the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS</b> and checking the return value.</p>
+
+<p>Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more efficient than the automatic chain building as it is only performed once. Automatic chain building is performed on each new session.</p>
+
+<p>If any certificates are added using these functions no certificates added using SSL_CTX_add_extra_chain_cert() will be used.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_current_cert() with <b>SSL_CERT_SET_SERVER</b> return 1 for success, 2 if no server certificate is used because the cipher suites is anonymous and 0 for failure.</p>
+
+<p>SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success and 0 for failure. If the flag <b>SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR</b> and a verification error occurs then 2 is returned.</p>
+
+<p>All other functions return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_passwd_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_passwd_cb.html
new file mode 100644
index 000000000..7351cd5a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_passwd_cb.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_default_passwd_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata, SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata, SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata, SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or get passwd callback for encrypted PEM file handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
+ void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_passwd_cb() sets the default password callback called when loading/storing a PEM certificate with encryption.</p>
+
+<p>SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata, <b>u</b>, which will be provided to the password callback on invocation.</p>
+
+<p>SSL_CTX_get_default_passwd_cb() returns a function pointer to the password callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to the userdata currently set in <b>ctx</b>. If no userdata was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(), SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform the same function as their SSL_CTX counterparts, but using an SSL object.</p>
+
+<p>The password callback, which must be provided by the application, hands back the password to be used during decryption. On invocation a pointer to userdata is provided. The function must store the password into the provided buffer <b>buf</b> which is of size <b>size</b>. The actual length of the password must be returned to the calling function. <b>rwflag</b> indicates whether the callback is used for reading/decryption (rwflag=0) or writing/encryption (rwflag=1). For more details, see <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When loading or storing private keys, a password might be supplied to protect the private key. The way this password can be supplied may depend on the application. If only one private key is handled, it can be practical to have the callback handle the password dialog interactively. If several keys have to be handled, it can be practical to ask for the password once, then keep it in memory and use it several times. In the last case, the password could be stored into the userdata storage and the callback only returns the password already stored.</p>
+
+<p>When asking for the password interactively, the callback can use <b>rwflag</b> to check, whether an item shall be encrypted (rwflag=1). In this case the password dialog may ask for the same password twice for comparison in order to catch typos, that would make decryption impossible.</p>
+
+<p>Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not provide diagnostic information.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example returns the password provided as userdata to the calling function. The password is considered to be a &#39;\0&#39; terminated string. If the password does not fit into the buffer, the password is truncated.</p>
+
+<pre><code> int my_cb(char *buf, int size, int rwflag, void *u)
+ {
+     strncpy(buf, (char *)u, size);
+     buf[size - 1] = &#39;\0&#39;;
+     return strlen(buf);
+ }</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(), SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_passwd_cb_userdata.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_passwd_cb_userdata.html
new file mode 100644
index 000000000..7351cd5a3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_passwd_cb_userdata.html
@@ -0,0 +1,100 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_default_passwd_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata, SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata, SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata, SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or get passwd callback for encrypted PEM file handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
+ void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_default_passwd_cb() sets the default password callback called when loading/storing a PEM certificate with encryption.</p>
+
+<p>SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata, <b>u</b>, which will be provided to the password callback on invocation.</p>
+
+<p>SSL_CTX_get_default_passwd_cb() returns a function pointer to the password callback currently set in <b>ctx</b>. If no callback was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to the userdata currently set in <b>ctx</b>. If no userdata was explicitly set, the NULL pointer is returned.</p>
+
+<p>SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(), SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform the same function as their SSL_CTX counterparts, but using an SSL object.</p>
+
+<p>The password callback, which must be provided by the application, hands back the password to be used during decryption. On invocation a pointer to userdata is provided. The function must store the password into the provided buffer <b>buf</b> which is of size <b>size</b>. The actual length of the password must be returned to the calling function. <b>rwflag</b> indicates whether the callback is used for reading/decryption (rwflag=0) or writing/encryption (rwflag=1). For more details, see <a href="../man3/pem_password_cb.html">pem_password_cb(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When loading or storing private keys, a password might be supplied to protect the private key. The way this password can be supplied may depend on the application. If only one private key is handled, it can be practical to have the callback handle the password dialog interactively. If several keys have to be handled, it can be practical to ask for the password once, then keep it in memory and use it several times. In the last case, the password could be stored into the userdata storage and the callback only returns the password already stored.</p>
+
+<p>When asking for the password interactively, the callback can use <b>rwflag</b> to check, whether an item shall be encrypted (rwflag=1). In this case the password dialog may ask for the same password twice for comparison in order to catch typos, that would make decryption impossible.</p>
+
+<p>Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These functions do not provide diagnostic information.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example returns the password provided as userdata to the calling function. The password is considered to be a &#39;\0&#39; terminated string. If the password does not fit into the buffer, the password is truncated.</p>
+
+<pre><code> int my_cb(char *buf, int size, int rwflag, void *u)
+ {
+     strncpy(buf, (char *)u, size);
+     buf[size - 1] = &#39;\0&#39;;
+     return strlen(buf);
+ }</code></pre>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(), SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_read_buffer_len.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_read_buffer_len.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_default_read_buffer_len.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_ex_data.html
new file mode 100644
index 000000000..4a6cbddd5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_ex_data.html
@@ -0,0 +1,64 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ex_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_get_ex_data, SSL_CTX_set_ex_data, SSL_get_ex_data, SSL_set_ex_data - Store and retrieve extra data from the SSL_CTX, SSL or SSL_SESSION</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx);
+
+ int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg);
+
+ void *SSL_get_ex_data(const SSL *s, int idx);
+
+ int SSL_set_ex_data(SSL *s, int idx, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL*_set_ex_data() functions can be used to store arbitrary user data into the <b>SSL_CTX</b>, or <b>SSL</b> object. The user must supply a unique index which they can subsequently use to retrieve the data using SSL*_get_ex_data().</p>
+
+<p>For more detailed information see <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a> and <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a> which implement these functions and <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for generating a unique index.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_ex_data() functions return 1 if the item is successfully stored and 0 if it is not. The SSL*_get_ex_data() functions return the ex_data pointer if successful, otherwise NULL.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/CRYPTO_set_ex_data.html">CRYPTO_set_ex_data(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_fd.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_fd.html
new file mode 100644
index 000000000..783cafd6a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_fd.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_fd, SSL_set_rfd, SSL_set_wfd - connect the SSL object with a file descriptor</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set_fd(SSL *ssl, int fd);
+ int SSL_set_rfd(SSL *ssl, int fd);
+ int SSL_set_wfd(SSL *ssl, int fd);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_fd() sets the file descriptor <b>fd</b> as the input/output facility for the TLS/SSL (encrypted) side of <b>ssl</b>. <b>fd</b> will typically be the socket file descriptor of a network connection.</p>
+
+<p>When performing the operation, a <b>socket BIO</b> is automatically created to interface between the <b>ssl</b> and <b>fd</b>. The BIO and hence the SSL engine inherit the behaviour of <b>fd</b>. If <b>fd</b> is non-blocking, the <b>ssl</b> will also have non-blocking behaviour.</p>
+
+<p>If there was already a BIO connected to <b>ssl</b>, BIO_free() will be called (for both the reading and writing side, if different).</p>
+
+<p>SSL_set_rfd() and SSL_set_wfd() perform the respective action, but only for the read channel or the write channel, which can be set independently.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed. Check the error stack to find out why.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_fd.html">SSL_get_fd(3)</a>, <a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a> , <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_generate_session_id.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_generate_session_id.html
new file mode 100644
index 000000000..d6315039d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_generate_session_id.html
@@ -0,0 +1,116 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_generate_session_id</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id, GEN_SESSION_CB - manipulate generation of SSL session IDs (server only)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
+                               unsigned int *id_len);
+
+ int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
+ int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb);
+ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+                                 unsigned int id_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_generate_session_id() sets the callback function for generating new session ids for SSL/TLS sessions for <b>ctx</b> to be <b>cb</b>.</p>
+
+<p>SSL_set_generate_session_id() sets the callback function for generating new session ids for SSL/TLS sessions for <b>ssl</b> to be <b>cb</b>.</p>
+
+<p>SSL_has_matching_session_id() checks, whether a session with id <b>id</b> (of length <b>id_len</b>) is already contained in the internal session cache of the parent context of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When a new session is established between client and server, the server generates a session id. The session id is an arbitrary sequence of bytes. The length of the session id is between 1 and 32 bytes. The session id is not security critical but must be unique for the server. Additionally, the session id is transmitted in the clear when reusing the session so it must not contain sensitive information.</p>
+
+<p>Without a callback being set, an OpenSSL server will generate a unique session id from pseudo random numbers of the maximum possible length. Using the callback function, the session id can be changed to contain additional information like e.g. a host id in order to improve load balancing or external caching techniques.</p>
+
+<p>The callback function receives a pointer to the memory location to put <b>id</b> into and a pointer to the maximum allowed length <b>id_len</b>. The buffer at location <b>id</b> is only guaranteed to have the size <b>id_len</b>. The callback is only allowed to generate a shorter id and reduce <b>id_len</b>; the callback <b>must never</b> increase <b>id_len</b> or write to the location <b>id</b> exceeding the given limit.</p>
+
+<p>The location <b>id</b> is filled with 0x00 before the callback is called, so the callback may only fill part of the possible length and leave <b>id_len</b> untouched while maintaining reproducibility.</p>
+
+<p>Since the sessions must be distinguished, session ids must be unique. Without the callback a random number is used, so that the probability of generating the same session id is extremely small (2^256 for SSLv3/TLSv1). In order to assure the uniqueness of the generated session id, the callback must call SSL_has_matching_session_id() and generate another id if a conflict occurs. If an id conflict is not resolved, the handshake will fail. If the application codes e.g. a unique host id, a unique process number, and a unique sequence number into the session id, uniqueness could easily be achieved without randomness added (it should however be taken care that no confidential information is leaked this way). If the application can not guarantee uniqueness, it is recommended to use the maximum <b>id_len</b> and fill in the bytes not used to code special information with random data to avoid collisions.</p>
+
+<p>SSL_has_matching_session_id() will only query the internal session cache, not the external one. Since the session id is generated before the handshake is completed, it is not immediately added to the cache. If another thread is using the same internal session cache, a race condition can occur in that another thread generates the same session id. Collisions can also occur when using an external session cache, since the external cache is not tested with SSL_has_matching_session_id() and the same race condition applies.</p>
+
+<p>The callback must return 0 if it cannot generate a session id for whatever reason and return 1 on success.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The callback function listed will generate a session id with the server id given, and will fill the rest with pseudo random bytes:</p>
+
+<pre><code> const char session_id_prefix = &quot;www-18&quot;;
+
+ #define MAX_SESSION_ID_ATTEMPTS 10
+ static int generate_session_id(const SSL *ssl, unsigned char *id,
+                                unsigned int *id_len)
+ {
+     unsigned int count = 0;
+
+     do {
+         RAND_pseudo_bytes(id, *id_len);
+         /*
+          * Prefix the session_id with the required prefix. NB: If our
+          * prefix is too long, clip it - but there will be worse effects
+          * anyway, eg. the server could only possibly create 1 session
+          * ID (ie. the prefix!) so all future session negotiations will
+          * fail due to conflicts.
+          */
+         memcpy(id, session_id_prefix, strlen(session_id_prefix) &lt; *id_len ?
+                                       strlen(session_id_prefix) : *id_len);
+     } while (SSL_has_matching_session_id(ssl, id, *id_len)
+               &amp;&amp; ++count &lt; MAX_SESSION_ID_ATTEMPTS);
+     if (count &gt;= MAX_SESSION_ID_ATTEMPTS)
+         return 0;
+     return 1;
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id() always return 1.</p>
+
+<p>SSL_has_matching_session_id() returns 1 if another session with the same id is already in the cache.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_version.html">SSL_get_version(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_hostflags.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_hostflags.html
new file mode 100644
index 000000000..84dbeba9e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_hostflags.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set1_host</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set1_host, SSL_add1_host, SSL_set_hostflags, SSL_get0_peername - SSL server verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set1_host(SSL *s, const char *hostname);
+ int SSL_add1_host(SSL *s, const char *hostname);
+ void SSL_set_hostflags(SSL *s, unsigned int flags);
+ const char *SSL_get0_peername(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions configure server hostname checks in the SSL client.</p>
+
+<p>SSL_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or the empty string the list of hostnames is cleared, and name checks are not performed on the peer certificate. When a non-empty <b>name</b> is specified, certificate verification automatically checks the peer hostname via <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with <b>flags</b> as specified via SSL_set_hostflags(). Clients that enable DANE TLSA authentication via <a href="../man3/SSL_dane_enable.html">SSL_dane_enable(3)</a> should leave it to that function to set the primary reference identifier of the peer, and should not call SSL_set1_host().</p>
+
+<p>SSL_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via SSL_set1_host() or SSL_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches. This function is required for DANE TLSA in the presence of service name indirection via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or RFC7673.</p>
+
+<p>SSL_set_hostflags() sets the <b>flags</b> that will be passed to <a href="../man3/X509_check_host.html">X509_check_host(3)</a> when name checks are applicable, by default the <b>flags</b> value is 0. See <a href="../man3/X509_check_host.html">X509_check_host(3)</a> for the list of available flags and their meaning.</p>
+
+<p>SSL_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, the name matched in the peer certificate may be a wildcard name. When one of the reference identifiers configured via SSL_set1_host() or SSL_add1_host() starts with &quot;.&quot;, which indicates a parent domain prefix rather than a fixed name, the matched peer name may be a sub-domain of the reference identifier. The returned string is allocated by the library and is no longer valid once the associated <b>ssl</b> handle is cleared or freed, or a renegotiation takes place. Applications must not free the return value.</p>
+
+<p>SSL clients are advised to use these functions in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>. Hostname checks may be out of scope with the RFC7671 DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE is enabled.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set1_host() and SSL_add1_host() return 1 for success and 0 for failure.</p>
+
+<p>SSL_get0_peername() returns NULL if peername verification is not applicable (as with RFC7671 DANE-EE(3)), or no trusted peername was matched. Otherwise, it returns the matched peername. To determine whether verification succeeded call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Suppose &quot;smtp.example.com&quot; is the MX host of the domain &quot;example.com&quot;. The calls below will arrange to match either the MX hostname or the destination domain name in the SMTP server certificate. Wildcards are supported, but must match the entire label. The actual name matched in the certificate (which might be a wildcard) is retrieved, and must be copied by the application if it is to be retained beyond the lifetime of the SSL connection.</p>
+
+<pre><code> SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+ if (!SSL_set1_host(ssl, &quot;smtp.example.com&quot;))
+     /* error */
+ if (!SSL_add1_host(ssl, &quot;example.com&quot;))
+     /* error */
+
+ /* XXX: Perform SSL_connect() handshake and handle errors here */
+
+ if (SSL_get_verify_result(ssl) == X509_V_OK) {
+     const char *peername = SSL_get0_peername(ssl);
+
+     if (peername != NULL)
+         /* Name checks were in scope and matched the peername */
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>. <a href="../man3/SSL_dane_enable.html">SSL_dane_enable(3)</a>.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_info_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_info_callback.html
new file mode 100644
index 000000000..1f7a32dbd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_info_callback.html
@@ -0,0 +1,186 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_info_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL_get_info_callback - handle information callback for SSL connections</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
+ void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
+
+ void SSL_set_info_callback(SSL *ssl, void (*callback)());
+ void (*SSL_get_info_callback(const SSL *ssl))();</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_info_callback() sets the <b>callback</b> function, that can be used to obtain state information for SSL objects created from <b>ctx</b> during connection setup and use. The setting for <b>ctx</b> is overridden from the setting for a specific SSL object, if specified. When <b>callback</b> is NULL, no callback function is used.</p>
+
+<p>SSL_set_info_callback() sets the <b>callback</b> function, that can be used to obtain state information for <b>ssl</b> during connection setup and use. When <b>callback</b> is NULL, the callback setting currently valid for <b>ctx</b> is used.</p>
+
+<p>SSL_CTX_get_info_callback() returns a pointer to the currently set information callback function for <b>ctx</b>.</p>
+
+<p>SSL_get_info_callback() returns a pointer to the currently set information callback function for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When setting up a connection and during use, it is possible to obtain state information from the SSL/TLS engine. When set, an information callback function is called whenever a significant event occurs such as: the state changes, an alert appears, or an error occurs.</p>
+
+<p>The callback function is called as <b>callback(SSL *ssl, int where, int ret)</b>. The <b>where</b> argument specifies information about where (in which context) the callback function was called. If <b>ret</b> is 0, an error condition occurred. If an alert is handled, SSL_CB_ALERT is set and <b>ret</b> specifies the alert information.</p>
+
+<p><b>where</b> is a bitmask made up of the following bits:</p>
+
+<dl>
+
+<dt id="SSL_CB_LOOP">SSL_CB_LOOP</dt>
+<dd>
+
+<p>Callback has been called to indicate state change or some other significant state machine event. This may mean that the callback gets invoked more than once per state in some situations.</p>
+
+</dd>
+<dt id="SSL_CB_EXIT">SSL_CB_EXIT</dt>
+<dd>
+
+<p>Callback has been called to indicate exit of a handshake function. This will happen after the end of a handshake, but may happen at other times too such as on error or when IO might otherwise block and non-blocking is being used.</p>
+
+</dd>
+<dt id="SSL_CB_READ">SSL_CB_READ</dt>
+<dd>
+
+<p>Callback has been called during read operation.</p>
+
+</dd>
+<dt id="SSL_CB_WRITE">SSL_CB_WRITE</dt>
+<dd>
+
+<p>Callback has been called during write operation.</p>
+
+</dd>
+<dt id="SSL_CB_ALERT">SSL_CB_ALERT</dt>
+<dd>
+
+<p>Callback has been called due to an alert being sent or received.</p>
+
+</dd>
+<dt id="SSL_CB_READ_ALERT-SSL_CB_ALERT-SSL_CB_READ">SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_WRITE_ALERT-SSL_CB_ALERT-SSL_CB_WRITE">SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_ACCEPT_LOOP-SSL_ST_ACCEPT-SSL_CB_LOOP">SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_ACCEPT_EXIT-SSL_ST_ACCEPT-SSL_CB_EXIT">SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_CONNECT_LOOP-SSL_ST_CONNECT-SSL_CB_LOOP">SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_CONNECT_EXIT-SSL_ST_CONNECT-SSL_CB_EXIT">SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CB_HANDSHAKE_START">SSL_CB_HANDSHAKE_START</dt>
+<dd>
+
+<p>Callback has been called because a new handshake is started. It also occurs when resuming a handshake following a pause to handle early data.</p>
+
+</dd>
+<dt id="SSL_CB_HANDSHAKE_DONE">SSL_CB_HANDSHAKE_DONE</dt>
+<dd>
+
+<p>Callback has been called because a handshake is finished. It also occurs if the handshake is paused to allow the exchange of early data.</p>
+
+</dd>
+</dl>
+
+<p>The current state information can be obtained using the <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a> family of functions.</p>
+
+<p>The <b>ret</b> information can be evaluated using the <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a> family of functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_info_callback() does not provide diagnostic information.</p>
+
+<p>SSL_get_info_callback() returns the current setting.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following example callback function prints state strings, information about alerts being handled and error messages to the <b>bio_err</b> BIO.</p>
+
+<pre><code> void apps_ssl_info_callback(SSL *s, int where, int ret)
+ {
+     const char *str;
+     int w = where &amp; ~SSL_ST_MASK;
+
+     if (w &amp; SSL_ST_CONNECT)
+         str = &quot;SSL_connect&quot;;
+     else if (w &amp; SSL_ST_ACCEPT)
+         str = &quot;SSL_accept&quot;;
+     else
+         str = &quot;undefined&quot;;
+
+     if (where &amp; SSL_CB_LOOP) {
+         BIO_printf(bio_err, &quot;%s:%s\n&quot;, str, SSL_state_string_long(s));
+     } else if (where &amp; SSL_CB_ALERT) {
+         str = (where &amp; SSL_CB_READ) ? &quot;read&quot; : &quot;write&quot;;
+         BIO_printf(bio_err, &quot;SSL3 alert %s:%s:%s\n&quot;, str,
+                    SSL_alert_type_string_long(ret),
+                    SSL_alert_desc_string_long(ret));
+     } else if (where &amp; SSL_CB_EXIT) {
+         if (ret == 0) {
+             BIO_printf(bio_err, &quot;%s:failed in %s\n&quot;,
+                        str, SSL_state_string_long(s));
+         } else if (ret &lt; 0) {
+             BIO_printf(bio_err, &quot;%s:error in %s\n&quot;,
+                        str, SSL_state_string_long(s));
+         }
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a>, <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_cert_list.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_cert_list.html
new file mode 100644
index 000000000..5e23392bb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_cert_list.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_max_cert_list</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list - manipulate allowed size for the peer&#39;s certificate chain</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_cert_list(SSL_CTX *ctx, long size);
+ long SSL_CTX_get_max_cert_list(SSL_CTX *ctx);
+
+ long SSL_set_max_cert_list(SSL *ssl, long size);
+ long SSL_get_max_cert_list(SSL *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer&#39;s certificate chain for all SSL objects created from <b>ctx</b> to be &lt;size&gt; bytes. The SSL objects inherit the setting valid for <b>ctx</b> at the time <a href="../man3/SSL_new.html">SSL_new(3)</a> is being called.</p>
+
+<p>SSL_CTX_get_max_cert_list() returns the currently set maximum size for <b>ctx</b>.</p>
+
+<p>SSL_set_max_cert_list() sets the maximum size allowed for the peer&#39;s certificate chain for <b>ssl</b> to be &lt;size&gt; bytes. This setting stays valid until a new value is set.</p>
+
+<p>SSL_get_max_cert_list() returns the currently set maximum size for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During the handshake process, the peer may send a certificate chain. The TLS/SSL standard does not give any maximum size of the certificate chain. The OpenSSL library handles incoming data by a dynamically allocated buffer. In order to prevent this buffer from growing without bounds due to data received from a faulty or malicious peer, a maximum size for the certificate chain is set.</p>
+
+<p>The default value for the maximum certificate chain size is 100kB (30kB on the 16bit DOS platform). This should be sufficient for usual certificate chains (OpenSSL&#39;s default maximum chain length is 10, see <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, and certificates without special extensions have a typical size of 1-2kB).</p>
+
+<p>For special applications it can be necessary to extend the maximum certificate chain size allowed to be sent by the peer, see e.g. the work on &quot;Internet X.509 Public Key Infrastructure Proxy Certificate Profile&quot; and &quot;TLS Delegation Protocol&quot; at http://www.ietf.org/ and http://www.globus.org/ .</p>
+
+<p>Under normal conditions it should never be necessary to set a value smaller than the default, as the buffer is handled dynamically and only uses the memory actually required by the data sent by the peer.</p>
+
+<p>If the maximum certificate chain size allowed is exceeded, the handshake will fail with a SSL_R_EXCESSIVE_MESSAGE_SIZE error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_max_cert_list() and SSL_set_max_cert_list() return the previously set value.</p>
+
+<p>SSL_CTX_get_max_cert_list() and SSL_get_max_cert_list() return the currently set value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_pipelines.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_pipelines.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_pipelines.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_proto_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_proto_version.html
new file mode 100644
index 000000000..a5aadff8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_proto_version.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_min_proto_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
+ int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
+
+ int SSL_set_min_proto_version(SSL *ssl, int version);
+ int SSL_set_max_proto_version(SSL *ssl, int version);
+ int SSL_get_min_proto_version(SSL *ssl);
+ int SSL_get_max_proto_version(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions get or set the minimum and maximum supported protocol versions for the <b>ctx</b> or <b>ssl</b>. This works in combination with the options set via <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.</p>
+
+<p>Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.</p>
+
+<p>Getters return 0 in case <b>ctx</b> or <b>ssl</b> have been configured to automatically use the lowest or highest version supported by the library.</p>
+
+<p>Currently supported versions are <b>SSL3_VERSION</b>, <b>TLS1_VERSION</b>, <b>TLS1_1_VERSION</b>, <b>TLS1_2_VERSION</b>, <b>TLS1_3_VERSION</b> for TLS and <b>DTLS1_VERSION</b>, <b>DTLS1_2_VERSION</b> for DTLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_send_fragment.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_send_fragment.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_max_send_fragment.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_min_proto_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_min_proto_version.html
new file mode 100644
index 000000000..a5aadff8c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_min_proto_version.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_min_proto_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_min_proto_version, SSL_CTX_set_max_proto_version, SSL_CTX_get_min_proto_version, SSL_CTX_get_max_proto_version, SSL_set_min_proto_version, SSL_set_max_proto_version, SSL_get_min_proto_version, SSL_get_max_proto_version - Get and set minimum and maximum supported protocol version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version);
+ int SSL_CTX_get_min_proto_version(SSL_CTX *ctx);
+ int SSL_CTX_get_max_proto_version(SSL_CTX *ctx);
+
+ int SSL_set_min_proto_version(SSL *ssl, int version);
+ int SSL_set_max_proto_version(SSL *ssl, int version);
+ int SSL_get_min_proto_version(SSL *ssl);
+ int SSL_get_max_proto_version(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions get or set the minimum and maximum supported protocol versions for the <b>ctx</b> or <b>ssl</b>. This works in combination with the options set via <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> that also make it possible to disable specific protocol versions. Use these functions instead of disabling specific protocol versions.</p>
+
+<p>Setting the minimum or maximum version to 0, will enable protocol versions down to the lowest version, or up to the highest version supported by the library, respectively.</p>
+
+<p>Getters return 0 in case <b>ctx</b> or <b>ssl</b> have been configured to automatically use the lowest or highest version supported by the library.</p>
+
+<p>Currently supported versions are <b>SSL3_VERSION</b>, <b>TLS1_VERSION</b>, <b>TLS1_1_VERSION</b>, <b>TLS1_2_VERSION</b>, <b>TLS1_3_VERSION</b> for TLS and <b>DTLS1_VERSION</b>, <b>DTLS1_2_VERSION</b> for DTLS.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>These setter functions return 1 on success and 0 on failure. The getter functions return the configured version or 0 for auto-configuration of lowest or highest protocol, respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The setter functions were added in OpenSSL 1.1.0. The getter functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CONF_cmd.html">SSL_CONF_cmd(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_mode.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_mode.html
new file mode 100644
index 000000000..2e6c33d57
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_mode.html
@@ -0,0 +1,136 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_mode</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_mode, SSL_CTX_clear_mode, SSL_set_mode, SSL_clear_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
+ long SSL_CTX_clear_mode(SSL_CTX *ctx, long mode);
+ long SSL_set_mode(SSL *ssl, long mode);
+ long SSL_clear_mode(SSL *ssl, long mode);
+
+ long SSL_CTX_get_mode(SSL_CTX *ctx);
+ long SSL_get_mode(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ctx</b>. Options already set before are not cleared. SSL_CTX_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ctx</b>.</p>
+
+<p>SSL_set_mode() adds the mode set via bitmask in <b>mode</b> to <b>ssl</b>. Options already set before are not cleared. SSL_clear_mode() removes the mode set via bitmask in <b>mode</b> from <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_mode() returns the mode set for <b>ctx</b>.</p>
+
+<p>SSL_get_mode() returns the mode set for <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The following mode changes are available:</p>
+
+<dl>
+
+<dt id="SSL_MODE_ENABLE_PARTIAL_WRITE">SSL_MODE_ENABLE_PARTIAL_WRITE</dt>
+<dd>
+
+<p>Allow SSL_write_ex(..., n, &amp;r) to return with 0 &lt; r &lt; n (i.e. report success when just a single record has been written). This works in a similar way for SSL_write(). When not set (the default), SSL_write_ex() or SSL_write() will only report success once the complete chunk was written. Once SSL_write_ex() or SSL_write() returns successful, <b>r</b> bytes have been written and the next call to SSL_write_ex() or SSL_write() must only send the n-r bytes left, imitating the behaviour of write().</p>
+
+</dd>
+<dt id="SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER">SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</dt>
+<dd>
+
+<p>Make it possible to retry SSL_write_ex() or SSL_write() with changed buffer location (the buffer contents must stay the same). This is not the default to avoid the misconception that non-blocking SSL_write() behaves like non-blocking write().</p>
+
+</dd>
+<dt id="SSL_MODE_AUTO_RETRY">SSL_MODE_AUTO_RETRY</dt>
+<dd>
+
+<p>During normal operations, non-application data records might need to be sent or received that the application is not aware of. If a non-application data record was processed, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> can return with a failure and indicate the need to retry with <b>SSL_ERROR_WANT_READ</b>. If such a non-application data record was processed, the flag <b>SSL_MODE_AUTO_RETRY</b> causes it to try to process the next record instead of returning.</p>
+
+<p>In a non-blocking environment applications must be prepared to handle incomplete read/write operations. Setting <b>SSL_MODE_AUTO_RETRY</b> for a non-blocking <b>BIO</b> will process non-application data records until either no more data is available or an application data record has been processed.</p>
+
+<p>In a blocking environment, applications are not always prepared to deal with the functions returning intermediate reports such as retry requests, and setting the <b>SSL_MODE_AUTO_RETRY</b> flag will cause the functions to only return after successfully processing an application data record or a failure.</p>
+
+<p>Turning off <b>SSL_MODE_AUTO_RETRY</b> can be useful with blocking <b>BIO</b>s in case they are used in combination with something like select() or poll(). Otherwise the call to SSL_read() or SSL_read_ex() might hang when a non-application record was sent and no application data was sent.</p>
+
+</dd>
+<dt id="SSL_MODE_RELEASE_BUFFERS">SSL_MODE_RELEASE_BUFFERS</dt>
+<dd>
+
+<p>When we no longer need a read buffer or a write buffer for a given SSL, then release the memory we were using to hold it. Using this flag can save around 34k per idle SSL connection. This flag has no effect on SSL v2 connections, or on DTLS connections.</p>
+
+</dd>
+<dt id="SSL_MODE_SEND_FALLBACK_SCSV">SSL_MODE_SEND_FALLBACK_SCSV</dt>
+<dd>
+
+<p>Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications that reconnect with a downgraded protocol version; see draft-ietf-tls-downgrade-scsv-00 for details.</p>
+
+<p>DO NOT ENABLE THIS if your application attempts a normal handshake. Only use this in explicit fallback retries, following the guidance in draft-ietf-tls-downgrade-scsv-00.</p>
+
+</dd>
+<dt id="SSL_MODE_ASYNC">SSL_MODE_ASYNC</dt>
+<dd>
+
+<p>Enable asynchronous processing. TLS I/O operations may indicate a retry with SSL_ERROR_WANT_ASYNC with this mode set if an asynchronous capable engine is used to perform cryptographic operations. See <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+</dd>
+<dt id="SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG">SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG</dt>
+<dd>
+
+<p>Older versions of OpenSSL had a bug in the computation of the label length used for computing the endpoint-pair shared secret. The bug was that the terminating zero was included in the length of the label. Setting this option enables this behaviour to allow interoperability with such broken implementations. Please note that setting this option breaks interoperability with correct implementations. This option only applies to DTLS over SCTP.</p>
+
+</dd>
+</dl>
+
+<p>All modes are off by default except for SSL_MODE_AUTO_RETRY which is on by default since 1.1.1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask after adding <b>mode</b>.</p>
+
+<p>SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_MODE_ASYNC was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_msg_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_msg_callback.html
new file mode 100644
index 000000000..444b63155
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_msg_callback.html
@@ -0,0 +1,142 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_msg_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SSL_set_msg_callback_arg - install callback for observing protocol messages</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+                               void (*cb)(int write_p, int version,
+                                          int content_type, const void *buf,
+                                          size_t len, SSL *ssl, void *arg));
+ void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
+
+ void SSL_set_msg_callback(SSL *ssl,
+                           void (*cb)(int write_p, int version,
+                                      int content_type, const void *buf,
+                                      size_t len, SSL *ssl, void *arg));
+ void SSL_set_msg_callback_arg(SSL *ssl, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_msg_callback() or SSL_set_msg_callback() can be used to define a message callback function <i>cb</i> for observing all SSL/TLS protocol messages (such as handshake messages) that are received or sent, as well as other events that occur during processing. SSL_CTX_set_msg_callback_arg() and SSL_set_msg_callback_arg() can be used to set argument <i>arg</i> to the callback function, which is available for arbitrary application use.</p>
+
+<p>SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify default settings that will be copied to new <b>SSL</b> objects by <a href="../man3/SSL_new.html">SSL_new(3)</a>. SSL_set_msg_callback() and SSL_set_msg_callback_arg() modify the actual settings of an <b>SSL</b> object. Using a <b>NULL</b> pointer for <i>cb</i> disables the message callback.</p>
+
+<p>When <i>cb</i> is called by the SSL/TLS library the function arguments have the following meaning:</p>
+
+<dl>
+
+<dt id="write_p"><i>write_p</i></dt>
+<dd>
+
+<p>This flag is <b>0</b> when a protocol message has been received and <b>1</b> when a protocol message has been sent.</p>
+
+</dd>
+<dt id="version"><i>version</i></dt>
+<dd>
+
+<p>The protocol version according to which the protocol message is interpreted by the library such as <b>TLS1_3_VERSION</b>, <b>TLS1_2_VERSION</b> etc. This is set to 0 for the SSL3_RT_HEADER pseudo content type (see NOTES below).</p>
+
+</dd>
+<dt id="content_type"><i>content_type</i></dt>
+<dd>
+
+<p>This is one of the content type values defined in the protocol specification (<b>SSL3_RT_CHANGE_CIPHER_SPEC</b>, <b>SSL3_RT_ALERT</b>, <b>SSL3_RT_HANDSHAKE</b>; but never <b>SSL3_RT_APPLICATION_DATA</b> because the callback will only be called for protocol messages). Alternatively it may be a &quot;pseudo&quot; content type. These pseudo content types are used to signal some other event in the processing of data (see NOTES below).</p>
+
+</dd>
+<dt id="buf-len"><i>buf</i>, <i>len</i></dt>
+<dd>
+
+<p><i>buf</i> points to a buffer containing the protocol message or other data (in the case of pseudo content types), which consists of <i>len</i> bytes. The buffer is no longer valid after the callback function has returned.</p>
+
+</dd>
+<dt id="ssl"><i>ssl</i></dt>
+<dd>
+
+<p>The <b>SSL</b> object that received or sent the message.</p>
+
+</dd>
+<dt id="arg"><i>arg</i></dt>
+<dd>
+
+<p>The user-defined argument optionally defined by SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg().</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Protocol messages are passed to the callback function after decryption and fragment collection where applicable. (Thus record boundaries are not visible.)</p>
+
+<p>If processing a received protocol message results in an error, the callback function may not be called. For example, the callback function will never see messages that are considered too large to be processed.</p>
+
+<p>Due to automatic protocol version negotiation, <i>version</i> is not necessarily the protocol version used by the sender of the message: If a TLS 1.0 ClientHello message is received by an SSL 3.0-only server, <i>version</i> will be <b>SSL3_VERSION</b>.</p>
+
+<p>Pseudo content type values may be sent at various points during the processing of data. The following pseudo content types are currently defined:</p>
+
+<dl>
+
+<dt id="SSL3_RT_HEADER"><b>SSL3_RT_HEADER</b></dt>
+<dd>
+
+<p>Used when a record is sent or received. The <b>buf</b> contains the record header bytes only.</p>
+
+</dd>
+<dt id="SSL3_RT_INNER_CONTENT_TYPE"><b>SSL3_RT_INNER_CONTENT_TYPE</b></dt>
+<dd>
+
+<p>Used when an encrypted TLSv1.3 record is sent or received. In encrypted TLSv1.3 records the content type in the record header is always SSL3_RT_APPLICATION_DATA. The real content type for the record is contained in an &quot;inner&quot; content type. <b>buf</b> contains the encoded &quot;inner&quot; content type byte.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(), SSL_set_msg_callback() and SSL_set_msg_callback_arg() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The pseudo content type <b>SSL3_RT_INNER_CONTENT_TYPE</b> was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_msg_callback_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_msg_callback_arg.html
new file mode 100644
index 000000000..444b63155
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_msg_callback_arg.html
@@ -0,0 +1,142 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_msg_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SSL_set_msg_callback_arg - install callback for observing protocol messages</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+                               void (*cb)(int write_p, int version,
+                                          int content_type, const void *buf,
+                                          size_t len, SSL *ssl, void *arg));
+ void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
+
+ void SSL_set_msg_callback(SSL *ssl,
+                           void (*cb)(int write_p, int version,
+                                      int content_type, const void *buf,
+                                      size_t len, SSL *ssl, void *arg));
+ void SSL_set_msg_callback_arg(SSL *ssl, void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_msg_callback() or SSL_set_msg_callback() can be used to define a message callback function <i>cb</i> for observing all SSL/TLS protocol messages (such as handshake messages) that are received or sent, as well as other events that occur during processing. SSL_CTX_set_msg_callback_arg() and SSL_set_msg_callback_arg() can be used to set argument <i>arg</i> to the callback function, which is available for arbitrary application use.</p>
+
+<p>SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify default settings that will be copied to new <b>SSL</b> objects by <a href="../man3/SSL_new.html">SSL_new(3)</a>. SSL_set_msg_callback() and SSL_set_msg_callback_arg() modify the actual settings of an <b>SSL</b> object. Using a <b>NULL</b> pointer for <i>cb</i> disables the message callback.</p>
+
+<p>When <i>cb</i> is called by the SSL/TLS library the function arguments have the following meaning:</p>
+
+<dl>
+
+<dt id="write_p"><i>write_p</i></dt>
+<dd>
+
+<p>This flag is <b>0</b> when a protocol message has been received and <b>1</b> when a protocol message has been sent.</p>
+
+</dd>
+<dt id="version"><i>version</i></dt>
+<dd>
+
+<p>The protocol version according to which the protocol message is interpreted by the library such as <b>TLS1_3_VERSION</b>, <b>TLS1_2_VERSION</b> etc. This is set to 0 for the SSL3_RT_HEADER pseudo content type (see NOTES below).</p>
+
+</dd>
+<dt id="content_type"><i>content_type</i></dt>
+<dd>
+
+<p>This is one of the content type values defined in the protocol specification (<b>SSL3_RT_CHANGE_CIPHER_SPEC</b>, <b>SSL3_RT_ALERT</b>, <b>SSL3_RT_HANDSHAKE</b>; but never <b>SSL3_RT_APPLICATION_DATA</b> because the callback will only be called for protocol messages). Alternatively it may be a &quot;pseudo&quot; content type. These pseudo content types are used to signal some other event in the processing of data (see NOTES below).</p>
+
+</dd>
+<dt id="buf-len"><i>buf</i>, <i>len</i></dt>
+<dd>
+
+<p><i>buf</i> points to a buffer containing the protocol message or other data (in the case of pseudo content types), which consists of <i>len</i> bytes. The buffer is no longer valid after the callback function has returned.</p>
+
+</dd>
+<dt id="ssl"><i>ssl</i></dt>
+<dd>
+
+<p>The <b>SSL</b> object that received or sent the message.</p>
+
+</dd>
+<dt id="arg"><i>arg</i></dt>
+<dd>
+
+<p>The user-defined argument optionally defined by SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg().</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Protocol messages are passed to the callback function after decryption and fragment collection where applicable. (Thus record boundaries are not visible.)</p>
+
+<p>If processing a received protocol message results in an error, the callback function may not be called. For example, the callback function will never see messages that are considered too large to be processed.</p>
+
+<p>Due to automatic protocol version negotiation, <i>version</i> is not necessarily the protocol version used by the sender of the message: If a TLS 1.0 ClientHello message is received by an SSL 3.0-only server, <i>version</i> will be <b>SSL3_VERSION</b>.</p>
+
+<p>Pseudo content type values may be sent at various points during the processing of data. The following pseudo content types are currently defined:</p>
+
+<dl>
+
+<dt id="SSL3_RT_HEADER"><b>SSL3_RT_HEADER</b></dt>
+<dd>
+
+<p>Used when a record is sent or received. The <b>buf</b> contains the record header bytes only.</p>
+
+</dd>
+<dt id="SSL3_RT_INNER_CONTENT_TYPE"><b>SSL3_RT_INNER_CONTENT_TYPE</b></dt>
+<dd>
+
+<p>Used when an encrypted TLSv1.3 record is sent or received. In encrypted TLSv1.3 records the content type in the record header is always SSL3_RT_APPLICATION_DATA. The real content type for the record is contained in an &quot;inner&quot; content type. <b>buf</b> contains the encoded &quot;inner&quot; content type byte.</p>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(), SSL_set_msg_callback() and SSL_set_msg_callback_arg() do not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The pseudo content type <b>SSL3_RT_INNER_CONTENT_TYPE</b> was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_num_tickets.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_num_tickets.html
new file mode 100644
index 000000000..94cc9b7e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_num_tickets.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_num_tickets</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_num_tickets, SSL_get_num_tickets, SSL_CTX_set_num_tickets, SSL_CTX_get_num_tickets - control the number of TLSv1.3 session tickets that are issued</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set_num_tickets(SSL *s, size_t num_tickets);
+ size_t SSL_get_num_tickets(SSL *s);
+ int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
+ size_t SSL_CTX_get_num_tickets(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_num_tickets() and SSL_set_num_tickets() can be called for a server application and set the number of TLSv1.3 session tickets that will be sent to the client after a full handshake. Set the desired value (which could be 0) in the <b>num_tickets</b> argument. Typically these functions should be called before the start of the handshake.</p>
+
+<p>The default number of tickets is 2; the default number of tickets sent following a resumption handshake is 1 but this cannot be changed using these functions. The number of tickets following a resumption handshake can be reduced to 0 using custom session ticket callbacks (see <a href="../man3/SSL_CTX_set_session_ticket_cb.html">SSL_CTX_set_session_ticket_cb(3)</a>).</p>
+
+<p>Tickets are also issued on receipt of a post-handshake certificate from the client following a request by the server using <a href="../man3/SSL_verify_client_post_handshake.html">SSL_verify_client_post_handshake(3)</a>. These new tickets will be associated with the updated client identity (i.e. including their certificate and verification status). The number of tickets issued will normally be the same as was used for the initial handshake. If the initial handshake was a full handshake then SSL_set_num_tickets() can be called again prior to calling SSL_verify_client_post_handshake() to update the number of tickets that will be sent.</p>
+
+<p>SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets set by a previous call to SSL_CTX_set_num_tickets() or SSL_set_num_tickets(), or 2 if no such call has been made.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_num_tickets() and SSL_set_num_tickets() return 1 on success or 0 on failure.</p>
+
+<p>SSL_CTX_get_num_tickets() and SSL_get_num_tickets() return the number of tickets that have been previously set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_options.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_options.html
new file mode 100644
index 000000000..b45ee0128
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_options.html
@@ -0,0 +1,350 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_options</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SECURE-RENEGOTIATION">SECURE RENEGOTIATION</a>
+    <ul>
+      <li><a href="#Patched-client-and-server">Patched client and server</a></li>
+      <li><a href="#Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</a></li>
+      <li><a href="#Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_options() adds the options set via bitmask in <b>options</b> to <b>ctx</b>. Options already set before are not cleared!</p>
+
+<p>SSL_set_options() adds the options set via bitmask in <b>options</b> to <b>ssl</b>. Options already set before are not cleared!</p>
+
+<p>SSL_CTX_clear_options() clears the options set via bitmask in <b>options</b> to <b>ctx</b>.</p>
+
+<p>SSL_clear_options() clears the options set via bitmask in <b>options</b> to <b>ssl</b>.</p>
+
+<p>SSL_CTX_get_options() returns the options set for <b>ctx</b>.</p>
+
+<p>SSL_get_options() returns the options set for <b>ssl</b>.</p>
+
+<p>SSL_get_secure_renegotiation_support() indicates whether the peer supports secure renegotiation. Note, this is implemented via a macro.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The behaviour of the SSL library can be changed by setting several options. The options are coded as bitmasks and can be combined by a bitwise <b>or</b> operation (|).</p>
+
+<p>SSL_CTX_set_options() and SSL_set_options() affect the (external) protocol behaviour of the SSL library. The (internal) behaviour of the API can be changed by using the similar <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> and SSL_set_mode() functions.</p>
+
+<p>During a handshake, the option settings of the SSL object are used. When a new SSL object is created from a context using SSL_new(), the current option setting is copied. Changes to <b>ctx</b> do not affect already created SSL objects. SSL_clear() does not affect the settings.</p>
+
+<p>The following <b>bug workaround</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_SAFARI_ECDHE_ECDSA_BUG">SSL_OP_SAFARI_ECDHE_ECDSA_BUG</dt>
+<dd>
+
+<p>Don&#39;t prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS">SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS</dt>
+<dd>
+
+<p>Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers.</p>
+
+</dd>
+<dt id="SSL_OP_TLSEXT_PADDING">SSL_OP_TLSEXT_PADDING</dt>
+<dd>
+
+<p>Adds a padding extension to ensure the ClientHello size is never between 256 and 511 bytes in length. This is needed as a workaround for some implementations.</p>
+
+</dd>
+<dt id="SSL_OP_ALL">SSL_OP_ALL</dt>
+<dd>
+
+<p>All of the above bug workarounds plus <b>SSL_OP_LEGACY_SERVER_CONNECT</b> as mentioned below.</p>
+
+</dd>
+</dl>
+
+<p>It is usually safe to use <b>SSL_OP_ALL</b> to enable the bug workaround options if compatibility with somewhat broken implementations is desired.</p>
+
+<p>The following <b>modifying</b> options are available:</p>
+
+<dl>
+
+<dt id="SSL_OP_TLS_ROLLBACK_BUG">SSL_OP_TLS_ROLLBACK_BUG</dt>
+<dd>
+
+<p>Disable version rollback attack detection.</p>
+
+<p>During the client key exchange, the client must send the same information about acceptable SSL/TLS protocol levels as during the first hello. Some clients violate this rule by adapting to the server&#39;s answer. (Example: the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server only understands up to SSLv3. In this case the client must still use the same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect to the server&#39;s answer and violate the version rollback protection.)</p>
+
+</dd>
+<dt id="SSL_OP_CIPHER_SERVER_PREFERENCE">SSL_OP_CIPHER_SERVER_PREFERENCE</dt>
+<dd>
+
+<p>When choosing a cipher, use the server&#39;s preferences instead of the client preferences. When not set, the SSL server will always follow the clients preferences. When set, the SSL/TLS server will choose following its own preferences.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SSLv3-SSL_OP_NO_TLSv1-SSL_OP_NO_TLSv1_1-SSL_OP_NO_TLSv1_2-SSL_OP_NO_TLSv1_3-SSL_OP_NO_DTLSv1-SSL_OP_NO_DTLSv1_2">SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2</dt>
+<dd>
+
+<p>These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively. As of OpenSSL 1.1.0, these options are deprecated, use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> and <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> instead.</p>
+
+</dd>
+<dt id="SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION">SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION</dt>
+<dd>
+
+<p>When performing renegotiation as a server, always start a new session (i.e., session resumption requests are only accepted in the initial handshake). This option is not needed for clients.</p>
+
+</dd>
+<dt id="SSL_OP_NO_COMPRESSION">SSL_OP_NO_COMPRESSION</dt>
+<dd>
+
+<p>Do not use compression even if it is supported.</p>
+
+</dd>
+<dt id="SSL_OP_NO_QUERY_MTU">SSL_OP_NO_QUERY_MTU</dt>
+<dd>
+
+<p>Do not query the MTU. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_COOKIE_EXCHANGE">SSL_OP_COOKIE_EXCHANGE</dt>
+<dd>
+
+<p>Turn on Cookie Exchange as described in RFC4347 Section 4.2.1. Only affects DTLS connections.</p>
+
+</dd>
+<dt id="SSL_OP_NO_TICKET">SSL_OP_NO_TICKET</dt>
+<dd>
+
+<p>SSL/TLS supports two mechanisms for resuming sessions: session ids and stateless session tickets.</p>
+
+<p>When using session ids a copy of the session information is cached on the server and a unique id is sent to the client. When the client wishes to resume it provides the unique id so that the server can retrieve the session information from its cache.</p>
+
+<p>When using stateless session tickets the server uses a session ticket encryption key to encrypt the session information. This encrypted data is sent to the client as a &quot;ticket&quot;. When the client wishes to resume it sends the encrypted data back to the server. The server uses its key to decrypt the data and resume the session. In this way the server can operate statelessly - no session information needs to be cached locally.</p>
+
+<p>The TLSv1.3 protocol only supports tickets and does not directly support session ids. However OpenSSL allows two modes of ticket operation in TLSv1.3: stateful and stateless. Stateless tickets work the same way as in TLSv1.2 and below. Stateful tickets mimic the session id behaviour available in TLSv1.2 and below. The session information is cached on the server and the session id is wrapped up in a ticket and sent back to the client. When the client wishes to resume, it presents a ticket in the same way as for stateless tickets. The server can then extract the session id from the ticket and retrieve the session information from its cache.</p>
+
+<p>By default OpenSSL will use stateless tickets. The SSL_OP_NO_TICKET option will cause stateless tickets to not be issued. In TLSv1.2 and below this means no ticket gets sent to the client at all. In TLSv1.3 a stateful ticket will be sent. This is a server-side option only.</p>
+
+<p>In TLSv1.3 it is possible to suppress all tickets (stateful and stateless) from being sent by calling <a href="../man3/SSL_CTX_set_num_tickets.html">SSL_CTX_set_num_tickets(3)</a> or <a href="../man3/SSL_set_num_tickets.html">SSL_set_num_tickets(3)</a>.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION">SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched clients or servers. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_LEGACY_SERVER_CONNECT">SSL_OP_LEGACY_SERVER_CONNECT</dt>
+<dd>
+
+<p>Allow legacy insecure renegotiation between OpenSSL and unpatched servers <b>only</b>: this option is currently set by default. See the <b>SECURE RENEGOTIATION</b> section for more details.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ENCRYPT_THEN_MAC">SSL_OP_NO_ENCRYPT_THEN_MAC</dt>
+<dd>
+
+<p>Normally clients and servers will transparently attempt to negotiate the RFC7366 Encrypt-then-MAC option on TLS and DTLS connection.</p>
+
+<p>If this option is set, Encrypt-then-MAC is disabled. Clients will not propose, and servers will not accept the extension.</p>
+
+</dd>
+<dt id="SSL_OP_NO_RENEGOTIATION">SSL_OP_NO_RENEGOTIATION</dt>
+<dd>
+
+<p>Disable all renegotiation in TLSv1.2 and earlier. Do not send HelloRequest messages, and ignore renegotiation requests via ClientHello.</p>
+
+</dd>
+<dt id="SSL_OP_ALLOW_NO_DHE_KEX">SSL_OP_ALLOW_NO_DHE_KEX</dt>
+<dd>
+
+<p>In TLSv1.3 allow a non-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session.</p>
+
+</dd>
+<dt id="SSL_OP_PRIORITIZE_CHACHA">SSL_OP_PRIORITIZE_CHACHA</dt>
+<dd>
+
+<p>When SSL_OP_CIPHER_SERVER_PREFERENCE is set, temporarily reprioritize ChaCha20-Poly1305 ciphers to the top of the server cipher list if a ChaCha20-Poly1305 cipher is at the top of the client cipher list. This helps those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere in the server cipher list; but still allows other clients to use AES and other ciphers. Requires <b>SSL_OP_CIPHER_SERVER_PREFERENCE</b>.</p>
+
+</dd>
+<dt id="SSL_OP_ENABLE_MIDDLEBOX_COMPAT">SSL_OP_ENABLE_MIDDLEBOX_COMPAT</dt>
+<dd>
+
+<p>If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. Regardless of whether this option is set or not CCS messages received from the peer will always be ignored in TLSv1.3. This option is set by default. To switch it off use SSL_clear_options(). A future version of OpenSSL may not set this by default.</p>
+
+</dd>
+<dt id="SSL_OP_NO_ANTI_REPLAY">SSL_OP_NO_ANTI_REPLAY</dt>
+<dd>
+
+<p>By default, when a server is configured for early data (i.e., max_early_data &gt; 0), OpenSSL will switch on replay protection. See <a href="../man3/SSL_read_early_data.html">SSL_read_early_data(3)</a> for a description of the replay protection feature. Anti-replay measures are required to comply with the TLSv1.3 specification. Some applications may be able to mitigate the replay risks in other ways and in such cases the built in OpenSSL functionality is not required. Those applications can turn this feature off by setting this option. This is a server-side opton only. It is ignored by clients.</p>
+
+</dd>
+</dl>
+
+<p>The following options no longer have any effect but their identifiers are retained for compatibility purposes:</p>
+
+<dl>
+
+<dt id="SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG">SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER">SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLEAY_080_CLIENT_DH_BUG">SSL_OP_SSLEAY_080_CLIENT_DH_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_D5_BUG">SSL_OP_TLS_D5_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_TLS_BLOCK_PADDING_BUG">SSL_OP_TLS_BLOCK_PADDING_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MSIE_SSLV2_RSA_PADDING">SSL_OP_MSIE_SSLV2_RSA_PADDING</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG">SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_MICROSOFT_SESS_ID_BUG">SSL_OP_MICROSOFT_SESS_ID_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_NETSCAPE_CHALLENGE_BUG">SSL_OP_NETSCAPE_CHALLENGE_BUG</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_1">SSL_OP_PKCS1_CHECK_1</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_PKCS1_CHECK_2">SSL_OP_PKCS1_CHECK_2</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_DH_USE">SSL_OP_SINGLE_DH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_SINGLE_ECDH_USE">SSL_OP_SINGLE_ECDH_USE</dt>
+<dd>
+
+</dd>
+<dt id="SSL_OP_EPHEMERAL_RSA">SSL_OP_EPHEMERAL_RSA</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h1 id="SECURE-RENEGOTIATION">SECURE RENEGOTIATION</h1>
+
+<p>OpenSSL always attempts to use secure renegotiation as described in RFC5746. This counters the prefix attack described in CVE-2009-3555 and elsewhere.</p>
+
+<p>This attack has far reaching consequences which application writers should be aware of. In the description below an implementation supporting secure renegotiation is referred to as <i>patched</i>. A server not supporting secure renegotiation is referred to as <i>unpatched</i>.</p>
+
+<p>The following sections describe the operations permitted by OpenSSL&#39;s secure renegotiation implementation.</p>
+
+<h2 id="Patched-client-and-server">Patched client and server</h2>
+
+<p>Connections and renegotiation are always permitted by OpenSSL implementations.</p>
+
+<h2 id="Unpatched-client-and-patched-OpenSSL-server">Unpatched client and patched OpenSSL server</h2>
+
+<p>The initial connection succeeds but client renegotiation is denied by the server with a <b>no_renegotiation</b> warning alert if TLS v1.0 is used or a fatal <b>handshake_failure</b> alert in SSL v3.0.</p>
+
+<p>If the patched OpenSSL server attempts to renegotiate a fatal <b>handshake_failure</b> alert is sent. This is because the server code may be unaware of the unpatched nature of the client.</p>
+
+<p>If the option <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then renegotiation <b>always</b> succeeds.</p>
+
+<h2 id="Patched-OpenSSL-client-and-unpatched-server">Patched OpenSSL client and unpatched server.</h2>
+
+<p>If the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> or <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> is set then initial connections and renegotiation between patched OpenSSL clients and unpatched servers succeeds. If neither option is set then initial connections to unpatched servers will fail.</p>
+
+<p>The option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> is currently set by default even though it has security implications: otherwise it would be impossible to connect to unpatched servers (i.e. all of them initially) and this is clearly not acceptable. Renegotiation is permitted because this does not add any additional security issues: during an attack clients do not see any renegotiations anyway.</p>
+
+<p>As more servers become patched the option <b>SSL_OP_LEGACY_SERVER_CONNECT</b> will <b>not</b> be set by default in a future version of OpenSSL.</p>
+
+<p>OpenSSL client applications wishing to ensure they can connect to unpatched servers should always <b>set</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b></p>
+
+<p>OpenSSL client applications that want to ensure they can <b>not</b> connect to unpatched servers (and thus avoid any security issues) should always <b>clear</b> <b>SSL_OP_LEGACY_SERVER_CONNECT</b> using SSL_CTX_clear_options() or SSL_clear_options().</p>
+
+<p>The difference between the <b>SSL_OP_LEGACY_SERVER_CONNECT</b> and <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> options is that <b>SSL_OP_LEGACY_SERVER_CONNECT</b> enables initial connections and secure renegotiation between OpenSSL clients and unpatched servers <b>only</b>, while <b>SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION</b> allows initial connections and renegotiation between OpenSSL and unpatched clients or servers.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_options() and SSL_set_options() return the new options bitmask after adding <b>options</b>.</p>
+
+<p>SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask after clearing <b>options</b>.</p>
+
+<p>SSL_CTX_get_options() and SSL_get_options() return the current bitmask.</p>
+
+<p>SSL_get_secure_renegotiation_support() returns 1 is the peer supports secure renegotiation and 0 if it does not.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The attempt to always try to use secure renegotiation was added in OpenSSL 0.9.8m.</p>
+
+<p>The <b>SSL_OP_PRIORITIZE_CHACHA</b> and <b>SSL_OP_NO_RENEGOTIATION</b> options were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_post_handshake_auth.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_post_handshake_auth.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_post_handshake_auth.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_client_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_client_callback.html
new file mode 100644
index 000000000..2e073abef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_client_callback.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_psk_client_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_client_cb_func, SSL_psk_use_session_cb_func, SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback, SSL_CTX_set_psk_use_session_callback, SSL_set_psk_use_session_callback - set PSK client callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_use_session_cb_func)(SSL *ssl, const EVP_MD *md,
+                                            const unsigned char **id,
+                                            size_t *idlen,
+                                            SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
+                                           SSL_psk_use_session_cb_func cb);
+ void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
+
+
+ typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+                                                const char *hint,
+                                                char *identity,
+                                                unsigned int max_identity_len,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+ void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should use either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate. These functions cannot be used for TLSv1.2 and below PSKs.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b>.</p>
+
+<p>The first time the callback is called for a connection the <b>md</b> parameter is NULL. In some circumstances the callback will be called a second time. In that case the server will have specified a ciphersuite to use already and the PSK must be compatible with the digest for that ciphersuite. The digest will be given in <b>md</b>. The PSK returned by the callback is allowed to be different between the first and second time it is called.</p>
+
+<p>On successful completion the callback must store a pointer to an identifier for the PSK in <b>*id</b>. The identifier length in bytes should be stored in <b>*idlen</b>. The memory pointed to by <b>*id</b> remains owned by the application and should be freed by it as required at any point after the handshake is complete.</p>
+
+<p>Additionally the callback should store a pointer to an SSL_SESSION object in <b>*sess</b>. This is used as the basis for the PSK, and should, at a minimum, have the following fields set:</p>
+
+<dl>
+
+<dt id="The-master-key">The master key</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set1_master_key.html">SSL_SESSION_set1_master_key(3)</a>.</p>
+
+</dd>
+<dt id="A-ciphersuite">A ciphersuite</dt>
+<dd>
+
+<p>Only the handshake digest associated with the ciphersuite is relevant for the PSK (the server may go on to negotiate any ciphersuite which is compatible with the digest). The application can use any TLSv1.3 ciphersuite. If <b>md</b> is not NULL the handshake digest for the ciphersuite should be the same. The ciphersuite can be set via a call to &lt;SSL_SESSION_set_cipher(3)&gt;. The handshake digest of an SSL_CIPHER object can be checked using &lt;SSL_CIPHER_get_handshake_digest(3)&gt;.</p>
+
+</dd>
+<dt id="The-protocol-version">The protocol version</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set_protocol_version.html">SSL_SESSION_set_protocol_version(3)</a> and should be TLS1_3_VERSION.</p>
+
+</dd>
+</dl>
+
+<p>Additionally the maximum early data value should be set via a call to <a href="../man3/SSL_SESSION_set_max_early_data.html">SSL_SESSION_set_max_early_data(3)</a> if the PSK will be used for sending early data.</p>
+
+<p>Alternatively an SSL_SESSION created from a previous non-PSK handshake may also be used as the basis for a PSK.</p>
+
+<p>Ownership of the SSL_SESSION object is passed to the OpenSSL library and so it should not be freed by the application.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be sent to the server but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL. The contents of <b>*id</b> and <b>*idlen</b> will be ignored.</p>
+
+<p>A client application wishing to use PSK ciphersuites for TLSv1.2 and below must provide a different callback function. This function will be called when the client is sending the ClientKeyExchange message to the server.</p>
+
+<p>The purpose of the callback function is to select the PSK identity and the pre-shared key to use during the connection setup phase.</p>
+
+<p>The callback is set using functions SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback(). The callback function is given the connection in parameter <b>ssl</b>, a <b>NULL</b>-terminated PSK identity hint sent by the server in parameter <b>hint</b>, a buffer <b>identity</b> of length <b>max_identity_len</b> bytes where the resulting <b>NUL</b>-terminated identity is to be stored, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the resulting pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback() and use that. In this case the <b>hint</b> value will always be NULL and the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Note that parameter <b>hint</b> given to the callback may be <b>NULL</b>.</p>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Return values from the <b>SSL_psk_client_cb_func</b> callback are interpreted as follows:</p>
+
+<p>On success (callback found a PSK identity and a pre-shared key to use) the length (&gt; 0) of <b>psk</b> in bytes is returned.</p>
+
+<p>Otherwise or on errors the callback should return 0. In this case the connection setup fails.</p>
+
+<p>The SSL_psk_use_session_cb_func callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_find_session_callback.html">SSL_CTX_set_psk_find_session_callback(3)</a>, <a href="../man3/SSL_set_psk_find_session_callback.html">SSL_set_psk_find_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_use_session_callback() and SSL_set_psk_use_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_find_session_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_find_session_callback.html
new file mode 100644
index 000000000..59a43d097
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_find_session_callback.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_psk_identity_hint</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_server_cb_func, SSL_psk_find_session_cb_func, SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint, SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback, SSL_CTX_set_psk_find_session_callback, SSL_set_psk_find_session_callback - set PSK identity hint to use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+                                             const unsigned char *identity,
+                                             size_t identity_len,
+                                             SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+                                            SSL_psk_find_session_cb_func cb);
+ void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+
+ typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                                const char *identity,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+ void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should set a callback using either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b> and an identity in <b>identity</b> of length <b>identity_len</b>. The callback function should identify an SSL_SESSION object that provides the PSK details and store it in <b>*sess</b>. The SSL_SESSION object should, as a minimum, set the master key, the ciphersuite and the protocol version. See <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a> for details.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be used but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL.</p>
+
+<p>Identity hints are not relevant for TLSv1.3. A server application wishing to use PSK ciphersuites for TLSv1.2 and below may call SSL_CTX_use_psk_identity_hint() to set the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for SSL context object <b>ctx</b>. SSL_use_psk_identity_hint() sets the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for the SSL connection object <b>ssl</b>. If <b>hint</b> is <b>NULL</b> the current hint from <b>ctx</b> or <b>ssl</b> is deleted.</p>
+
+<p>In the case where PSK identity hint is <b>NULL</b>, the server does not send the ServerKeyExchange message to the client.</p>
+
+<p>A server application wishing to use PSKs for TLSv1.2 and below must provide a callback function which is called when the server receives the ClientKeyExchange message from the client. The purpose of the callback function is to validate the received PSK identity and to fetch the pre-shared key used during the connection setup phase. The callback is set using the functions SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback(). The callback function is given the connection in parameter <b>ssl</b>, <b>NUL</b>-terminated PSK identity sent by the client in parameter <b>identity</b>, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback() and use that. In this case the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>SSL_CTX_use_psk_identity_hint()</b> and <b>SSL_use_psk_identity_hint()</b> return 1 on success, 0 otherwise.</p>
+
+<p>Return values from the TLSv1.2 and below server callback are interpreted as follows:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>PSK identity was not found. An &quot;unknown_psk_identity&quot; alert message will be sent and the connection setup fails.</p>
+
+</dd>
+<dt id="pod01">&gt;0</dt>
+<dd>
+
+<p>PSK identity was found and the server callback has provided the PSK successfully in parameter <b>psk</b>. Return value is the length of <b>psk</b> in bytes. It is an error to return a value greater than <b>max_psk_len</b>.</p>
+
+<p>If the PSK identity was not found but the callback instructs the protocol to continue anyway, the callback must provide some random data to <b>psk</b> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely.</p>
+
+</dd>
+</dl>
+
+<p>The <b>SSL_psk_find_session_cb_func</b> callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man3/SSL_set_psk_use_session_callback.html">SSL_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_find_session_callback() and SSL_set_psk_find_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_server_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_server_callback.html
new file mode 100644
index 000000000..59a43d097
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_server_callback.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_psk_identity_hint</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_server_cb_func, SSL_psk_find_session_cb_func, SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint, SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback, SSL_CTX_set_psk_find_session_callback, SSL_set_psk_find_session_callback - set PSK identity hint to use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+                                             const unsigned char *identity,
+                                             size_t identity_len,
+                                             SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+                                            SSL_psk_find_session_cb_func cb);
+ void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+
+ typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                                const char *identity,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+ void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should set a callback using either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b> and an identity in <b>identity</b> of length <b>identity_len</b>. The callback function should identify an SSL_SESSION object that provides the PSK details and store it in <b>*sess</b>. The SSL_SESSION object should, as a minimum, set the master key, the ciphersuite and the protocol version. See <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a> for details.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be used but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL.</p>
+
+<p>Identity hints are not relevant for TLSv1.3. A server application wishing to use PSK ciphersuites for TLSv1.2 and below may call SSL_CTX_use_psk_identity_hint() to set the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for SSL context object <b>ctx</b>. SSL_use_psk_identity_hint() sets the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for the SSL connection object <b>ssl</b>. If <b>hint</b> is <b>NULL</b> the current hint from <b>ctx</b> or <b>ssl</b> is deleted.</p>
+
+<p>In the case where PSK identity hint is <b>NULL</b>, the server does not send the ServerKeyExchange message to the client.</p>
+
+<p>A server application wishing to use PSKs for TLSv1.2 and below must provide a callback function which is called when the server receives the ClientKeyExchange message from the client. The purpose of the callback function is to validate the received PSK identity and to fetch the pre-shared key used during the connection setup phase. The callback is set using the functions SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback(). The callback function is given the connection in parameter <b>ssl</b>, <b>NUL</b>-terminated PSK identity sent by the client in parameter <b>identity</b>, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback() and use that. In this case the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>SSL_CTX_use_psk_identity_hint()</b> and <b>SSL_use_psk_identity_hint()</b> return 1 on success, 0 otherwise.</p>
+
+<p>Return values from the TLSv1.2 and below server callback are interpreted as follows:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>PSK identity was not found. An &quot;unknown_psk_identity&quot; alert message will be sent and the connection setup fails.</p>
+
+</dd>
+<dt id="pod01">&gt;0</dt>
+<dd>
+
+<p>PSK identity was found and the server callback has provided the PSK successfully in parameter <b>psk</b>. Return value is the length of <b>psk</b> in bytes. It is an error to return a value greater than <b>max_psk_len</b>.</p>
+
+<p>If the PSK identity was not found but the callback instructs the protocol to continue anyway, the callback must provide some random data to <b>psk</b> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely.</p>
+
+</dd>
+</dl>
+
+<p>The <b>SSL_psk_find_session_cb_func</b> callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man3/SSL_set_psk_use_session_callback.html">SSL_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_find_session_callback() and SSL_set_psk_find_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_use_session_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_use_session_callback.html
new file mode 100644
index 000000000..2e073abef
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_psk_use_session_callback.html
@@ -0,0 +1,143 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_psk_client_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_client_cb_func, SSL_psk_use_session_cb_func, SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback, SSL_CTX_set_psk_use_session_callback, SSL_set_psk_use_session_callback - set PSK client callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_use_session_cb_func)(SSL *ssl, const EVP_MD *md,
+                                            const unsigned char **id,
+                                            size_t *idlen,
+                                            SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
+                                           SSL_psk_use_session_cb_func cb);
+ void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
+
+
+ typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+                                                const char *hint,
+                                                char *identity,
+                                                unsigned int max_identity_len,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+ void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should use either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate. These functions cannot be used for TLSv1.2 and below PSKs.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b>.</p>
+
+<p>The first time the callback is called for a connection the <b>md</b> parameter is NULL. In some circumstances the callback will be called a second time. In that case the server will have specified a ciphersuite to use already and the PSK must be compatible with the digest for that ciphersuite. The digest will be given in <b>md</b>. The PSK returned by the callback is allowed to be different between the first and second time it is called.</p>
+
+<p>On successful completion the callback must store a pointer to an identifier for the PSK in <b>*id</b>. The identifier length in bytes should be stored in <b>*idlen</b>. The memory pointed to by <b>*id</b> remains owned by the application and should be freed by it as required at any point after the handshake is complete.</p>
+
+<p>Additionally the callback should store a pointer to an SSL_SESSION object in <b>*sess</b>. This is used as the basis for the PSK, and should, at a minimum, have the following fields set:</p>
+
+<dl>
+
+<dt id="The-master-key">The master key</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set1_master_key.html">SSL_SESSION_set1_master_key(3)</a>.</p>
+
+</dd>
+<dt id="A-ciphersuite">A ciphersuite</dt>
+<dd>
+
+<p>Only the handshake digest associated with the ciphersuite is relevant for the PSK (the server may go on to negotiate any ciphersuite which is compatible with the digest). The application can use any TLSv1.3 ciphersuite. If <b>md</b> is not NULL the handshake digest for the ciphersuite should be the same. The ciphersuite can be set via a call to &lt;SSL_SESSION_set_cipher(3)&gt;. The handshake digest of an SSL_CIPHER object can be checked using &lt;SSL_CIPHER_get_handshake_digest(3)&gt;.</p>
+
+</dd>
+<dt id="The-protocol-version">The protocol version</dt>
+<dd>
+
+<p>This can be set via a call to <a href="../man3/SSL_SESSION_set_protocol_version.html">SSL_SESSION_set_protocol_version(3)</a> and should be TLS1_3_VERSION.</p>
+
+</dd>
+</dl>
+
+<p>Additionally the maximum early data value should be set via a call to <a href="../man3/SSL_SESSION_set_max_early_data.html">SSL_SESSION_set_max_early_data(3)</a> if the PSK will be used for sending early data.</p>
+
+<p>Alternatively an SSL_SESSION created from a previous non-PSK handshake may also be used as the basis for a PSK.</p>
+
+<p>Ownership of the SSL_SESSION object is passed to the OpenSSL library and so it should not be freed by the application.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be sent to the server but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL. The contents of <b>*id</b> and <b>*idlen</b> will be ignored.</p>
+
+<p>A client application wishing to use PSK ciphersuites for TLSv1.2 and below must provide a different callback function. This function will be called when the client is sending the ClientKeyExchange message to the server.</p>
+
+<p>The purpose of the callback function is to select the PSK identity and the pre-shared key to use during the connection setup phase.</p>
+
+<p>The callback is set using functions SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback(). The callback function is given the connection in parameter <b>ssl</b>, a <b>NULL</b>-terminated PSK identity hint sent by the server in parameter <b>hint</b>, a buffer <b>identity</b> of length <b>max_identity_len</b> bytes where the resulting <b>NUL</b>-terminated identity is to be stored, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the resulting pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback() and use that. In this case the <b>hint</b> value will always be NULL and the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Note that parameter <b>hint</b> given to the callback may be <b>NULL</b>.</p>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Return values from the <b>SSL_psk_client_cb_func</b> callback are interpreted as follows:</p>
+
+<p>On success (callback found a PSK identity and a pre-shared key to use) the length (&gt; 0) of <b>psk</b> in bytes is returned.</p>
+
+<p>Otherwise or on errors the callback should return 0. In this case the connection setup fails.</p>
+
+<p>The SSL_psk_use_session_cb_func callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_find_session_callback.html">SSL_CTX_set_psk_find_session_callback(3)</a>, <a href="../man3/SSL_set_psk_find_session_callback.html">SSL_set_psk_find_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_use_session_callback() and SSL_set_psk_use_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_quiet_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_quiet_shutdown.html
new file mode 100644
index 000000000..7b96fc659
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_quiet_shutdown.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_quiet_shutdown</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown behaviour</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+ int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+
+ void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+ int SSL_get_quiet_shutdown(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_quiet_shutdown() sets the &quot;quiet shutdown&quot; flag for <b>ctx</b> to be <b>mode</b>. SSL objects created from <b>ctx</b> inherit the <b>mode</b> valid at the time <a href="../man3/SSL_new.html">SSL_new(3)</a> is called. <b>mode</b> may be 0 or 1.</p>
+
+<p>SSL_CTX_get_quiet_shutdown() returns the &quot;quiet shutdown&quot; setting of <b>ctx</b>.</p>
+
+<p>SSL_set_quiet_shutdown() sets the &quot;quiet shutdown&quot; flag for <b>ssl</b> to be <b>mode</b>. The setting stays valid until <b>ssl</b> is removed with <a href="../man3/SSL_free.html">SSL_free(3)</a> or SSL_set_quiet_shutdown() is called again. It is not changed when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called. <b>mode</b> may be 0 or 1.</p>
+
+<p>SSL_get_quiet_shutdown() returns the &quot;quiet shutdown&quot; setting of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Normally when a SSL connection is finished, the parties must send out close_notify alert messages using <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> for a clean shutdown.</p>
+
+<p>When setting the &quot;quiet shutdown&quot; flag to 1, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN. (<a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> then behaves like <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a> called with SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.) The session is thus considered to be shutdown, but no close_notify alert is sent to the peer. This behaviour violates the TLS standard.</p>
+
+<p>The default is normal shutdown behaviour as described by the TLS standard.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return diagnostic information.</p>
+
+<p>SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_read_ahead.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_read_ahead.html
new file mode 100644
index 000000000..ef56bb1b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_read_ahead.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_read_ahead</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_read_ahead, SSL_CTX_get_read_ahead, SSL_set_read_ahead, SSL_get_read_ahead, SSL_CTX_get_default_read_ahead - manage whether to read as many input bytes as possible</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_read_ahead(SSL *s, int yes);
+ int SSL_get_read_ahead(const SSL *s);
+
+ SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes);
+ long SSL_CTX_get_read_ahead(SSL_CTX *ctx);
+ long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_read_ahead() and SSL_set_read_ahead() set whether we should read as many input bytes as possible (for non-blocking reads) or not. For example if <b>x</b> bytes are currently required by OpenSSL, but <b>y</b> bytes are available from the underlying BIO (where <b>y</b> &gt; <b>x</b>), then OpenSSL will read all <b>y</b> bytes into its buffer (providing that the buffer is large enough) if reading ahead is on, or <b>x</b> bytes otherwise. Setting the parameter <b>yes</b> to 0 turns reading ahead is off, other values turn it on. SSL_CTX_set_default_read_ahead() is identical to SSL_CTX_set_read_ahead().</p>
+
+<p>SSL_CTX_get_read_ahead() and SSL_get_read_ahead() indicate whether reading ahead has been set or not. SSL_CTX_get_default_read_ahead() is identical to SSL_CTX_get_read_ahead().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions have no impact when used with DTLS. The return values for SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>Since SSL_read() can return <b>SSL_ERROR_WANT_READ</b> for non-application data records, and SSL_has_pending() can&#39;t tell the difference between processed and unprocessed data, it&#39;s recommended that if read ahead is turned on that <b>SSL_MODE_AUTO_RETRY</b> is not turned off using SSL_CTX_clear_mode(). That will prevent getting <b>SSL_ERROR_WANT_READ</b> when there is still a complete record availale that hasn&#39;t been processed.</p>
+
+<p>If the application wants to continue to use the underlying transport (e.g. TCP connection) after the SSL connection is finished using SSL_shutdown() reading ahead should be turned off. Otherwise the SSL structure might read data that it shouldn&#39;t.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_read_ahead() and SSL_CTX_get_read_ahead() return 0 if reading ahead is off, and non zero otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_record_padding_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_record_padding_callback.html
new file mode 100644
index 000000000..57d5c7c64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_record_padding_callback.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_record_padding_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_record_padding_callback, SSL_set_record_padding_callback, SSL_CTX_set_record_padding_callback_arg, SSL_set_record_padding_callback_arg, SSL_CTX_get_record_padding_callback_arg, SSL_get_record_padding_callback_arg, SSL_CTX_set_block_padding, SSL_set_block_padding - install callback to specify TLS 1.3 record padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+ void SSL_set_record_padding_callback(SSL *ssl, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+
+ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+
+ void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+ void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+
+ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+ int SSL_set_block_padding(SSL *ssl, size_t block_size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_record_padding_callback() or SSL_set_record_padding_callback() can be used to assign a callback function <i>cb</i> to specify the padding for TLS 1.3 records. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_set_record_padding_callback_arg() and SSL_set_record_padding_callback_arg() assign a value <b>arg</b> that is passed to the callback when it is invoked. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() retrieve the <b>arg</b> value that is passed to the callback.</p>
+
+<p>SSL_CTX_set_block_padding() and SSL_set_block_padding() pads the record to a multiple of the <b>block_size</b>. A <b>block_size</b> of 0 or 1 disables block padding. The limit of <b>block_size</b> is SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>The callback is invoked for every record before encryption. The <b>type</b> parameter is the TLS record type that is being processed; may be one of SSL3_RT_APPLICATION_DATA, SSL3_RT_HANDSHAKE, or SSL3_RT_ALERT. The <b>len</b> parameter is the current plaintext length of the record before encryption. The <b>arg</b> parameter is the value set via SSL_CTX_set_record_padding_callback_arg() or SSL_set_record_padding_callback_arg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() functions return the <b>arg</b> value assigned in the corresponding set functions.</p>
+
+<p>The SSL_CTX_set_block_padding() and SSL_set_block_padding() functions return 1 on success or 0 if <b>block_size</b> is too large.</p>
+
+<p>The <b>cb</b> returns the number of padding bytes to add to the record. A return of 0 indicates no padding will be added. A return value that causes the record to exceed the maximum record size (SSL3_RT_MAX_PLAIN_LENGTH) will pad out to the maximum record size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default behavior is to add no padding to the record.</p>
+
+<p>A user-supplied padding callback function will override the behavior set by SSL_set_block_padding() or SSL_CTX_set_block_padding(). Setting the user-supplied callback to NULL will restore the configured block padding behavior.</p>
+
+<p>These functions only apply to TLS 1.3 records being written.</p>
+
+<p>Padding bytes are not added in constant-time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The record padding API was added for TLS 1.3 support in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_record_padding_callback_arg.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_record_padding_callback_arg.html
new file mode 100644
index 000000000..57d5c7c64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_record_padding_callback_arg.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_record_padding_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_record_padding_callback, SSL_set_record_padding_callback, SSL_CTX_set_record_padding_callback_arg, SSL_set_record_padding_callback_arg, SSL_CTX_get_record_padding_callback_arg, SSL_get_record_padding_callback_arg, SSL_CTX_set_block_padding, SSL_set_block_padding - install callback to specify TLS 1.3 record padding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+ void SSL_set_record_padding_callback(SSL *ssl, size_t (*cb)(SSL *s, int type, size_t len, void *arg));
+
+ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+ void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+
+ void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+ void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+
+ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+ int SSL_set_block_padding(SSL *ssl, size_t block_size);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_record_padding_callback() or SSL_set_record_padding_callback() can be used to assign a callback function <i>cb</i> to specify the padding for TLS 1.3 records. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_set_record_padding_callback_arg() and SSL_set_record_padding_callback_arg() assign a value <b>arg</b> that is passed to the callback when it is invoked. The value set in <b>ctx</b> is copied to a new SSL by SSL_new().</p>
+
+<p>SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() retrieve the <b>arg</b> value that is passed to the callback.</p>
+
+<p>SSL_CTX_set_block_padding() and SSL_set_block_padding() pads the record to a multiple of the <b>block_size</b>. A <b>block_size</b> of 0 or 1 disables block padding. The limit of <b>block_size</b> is SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>The callback is invoked for every record before encryption. The <b>type</b> parameter is the TLS record type that is being processed; may be one of SSL3_RT_APPLICATION_DATA, SSL3_RT_HANDSHAKE, or SSL3_RT_ALERT. The <b>len</b> parameter is the current plaintext length of the record before encryption. The <b>arg</b> parameter is the value set via SSL_CTX_set_record_padding_callback_arg() or SSL_set_record_padding_callback_arg().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL_CTX_get_record_padding_callback_arg() and SSL_get_record_padding_callback_arg() functions return the <b>arg</b> value assigned in the corresponding set functions.</p>
+
+<p>The SSL_CTX_set_block_padding() and SSL_set_block_padding() functions return 1 on success or 0 if <b>block_size</b> is too large.</p>
+
+<p>The <b>cb</b> returns the number of padding bytes to add to the record. A return of 0 indicates no padding will be added. A return value that causes the record to exceed the maximum record size (SSL3_RT_MAX_PLAIN_LENGTH) will pad out to the maximum record size.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The default behavior is to add no padding to the record.</p>
+
+<p>A user-supplied padding callback function will override the behavior set by SSL_set_block_padding() or SSL_CTX_set_block_padding(). Setting the user-supplied callback to NULL will restore the configured block padding behavior.</p>
+
+<p>These functions only apply to TLS 1.3 records being written.</p>
+
+<p>Padding bytes are not added in constant-time.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The record padding API was added for TLS 1.3 support in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_recv_max_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_recv_max_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_recv_max_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_rfd.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_rfd.html
new file mode 100644
index 000000000..783cafd6a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_rfd.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_fd, SSL_set_rfd, SSL_set_wfd - connect the SSL object with a file descriptor</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set_fd(SSL *ssl, int fd);
+ int SSL_set_rfd(SSL *ssl, int fd);
+ int SSL_set_wfd(SSL *ssl, int fd);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_fd() sets the file descriptor <b>fd</b> as the input/output facility for the TLS/SSL (encrypted) side of <b>ssl</b>. <b>fd</b> will typically be the socket file descriptor of a network connection.</p>
+
+<p>When performing the operation, a <b>socket BIO</b> is automatically created to interface between the <b>ssl</b> and <b>fd</b>. The BIO and hence the SSL engine inherit the behaviour of <b>fd</b>. If <b>fd</b> is non-blocking, the <b>ssl</b> will also have non-blocking behaviour.</p>
+
+<p>If there was already a BIO connected to <b>ssl</b>, BIO_free() will be called (for both the reading and writing side, if different).</p>
+
+<p>SSL_set_rfd() and SSL_set_wfd() perform the respective action, but only for the read channel or the write channel, which can be set independently.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed. Check the error stack to find out why.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_fd.html">SSL_get_fd(3)</a>, <a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a> , <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_security_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_security_callback.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_security_callback.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_security_level.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_security_level.html
new file mode 100644
index 000000000..a853d06fd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_security_level.html
@@ -0,0 +1,167 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_security_level</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</a></li>
+  <li><a href="#APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_security_level, SSL_set_security_level, SSL_CTX_get_security_level, SSL_get_security_level, SSL_CTX_set_security_callback, SSL_set_security_callback, SSL_CTX_get_security_callback, SSL_get_security_callback, SSL_CTX_set0_security_ex_data, SSL_set0_security_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ void SSL_set_security_level(SSL *s, int level);
+
+ int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ int SSL_get_security_level(const SSL *s);
+
+ void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+                                    int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                              int bits, int nid,
+                                              void *other, void *ex));
+
+ void SSL_set_security_callback(SSL *s, int (*cb)(SSL *s, SSL_CTX *ctx, int op,
+                                                  int bits, int nid,
+                                                  void *other, void *ex));
+
+ int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx))(SSL *s, SSL_CTX *ctx, int op,
+                                                          int bits, int nid, void *other,
+                                                          void *ex);
+ int (*SSL_get_security_callback(const SSL *s))(SSL *s, SSL_CTX *ctx, int op,
+                                                int bits, int nid, void *other,
+                                                void *ex);
+
+ void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+ void SSL_set0_security_ex_data(SSL *s, void *ex);
+
+ void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+ void *SSL_get0_security_ex_data(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functions SSL_CTX_set_security_level() and SSL_set_security_level() set the security level to <b>level</b>. If not set the library default security level is used.</p>
+
+<p>The functions SSL_CTX_get_security_level() and SSL_get_security_level() retrieve the current security level.</p>
+
+<p>SSL_CTX_set_security_callback(), SSL_set_security_callback(), SSL_CTX_get_security_callback() and SSL_get_security_callback() get or set the security callback associated with <b>ctx</b> or <b>s</b>. If not set a default security callback is used. The meaning of the parameters and the behaviour of the default callbacks is described below.</p>
+
+<p>SSL_CTX_set0_security_ex_data(), SSL_set0_security_ex_data(), SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() set the extra data pointer passed to the <b>ex</b> parameter of the callback. This value is passed to the callback verbatim and can be set to any convenient application specific value.</p>
+
+<h1 id="DEFAULT-CALLBACK-BEHAVIOUR">DEFAULT CALLBACK BEHAVIOUR</h1>
+
+<p>If an application doesn&#39;t set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below.</p>
+
+<dl>
+
+<dt id="Level-0"><b>Level 0</b></dt>
+<dd>
+
+<p>Everything is permitted. This retains compatibility with previous versions of OpenSSL.</p>
+
+</dd>
+<dt id="Level-1"><b>Level 1</b></dt>
+<dd>
+
+<p>The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.</p>
+
+</dd>
+<dt id="Level-2"><b>Level 2</b></dt>
+<dd>
+
+<p>Security level set to 112 bits of security. As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited. In addition to the level 1 exclusions any cipher suite using RC4 is also prohibited. SSL version 3 is also not allowed. Compression is disabled.</p>
+
+</dd>
+<dt id="Level-3"><b>Level 3</b></dt>
+<dd>
+
+<p>Security level set to 128 bits of security. As a result RSA, DSA and DH keys shorter than 3072 bits and ECC keys shorter than 256 bits are prohibited. In addition to the level 2 exclusions cipher suites not offering forward secrecy are prohibited. TLS versions below 1.1 are not permitted. Session tickets are disabled.</p>
+
+</dd>
+<dt id="Level-4"><b>Level 4</b></dt>
+<dd>
+
+<p>Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.</p>
+
+</dd>
+<dt id="Level-5"><b>Level 5</b></dt>
+<dd>
+
+<p>Security level set to 256 bits of security. As a result RSA, DSA and DH keys shorter than 15360 bits and ECC keys shorter than 512 bits are prohibited.</p>
+
+</dd>
+</dl>
+
+<h1 id="APPLICATION-DEFINED-SECURITY-CALLBACKS">APPLICATION DEFINED SECURITY CALLBACKS</h1>
+
+<p><i>Documentation to be provided.</i></p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>WARNING</b> at this time setting the security level higher than 1 for general internet use is likely to cause <b>considerable</b> interoperability issues and is not recommended. This is because the <b>SHA1</b> algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security.</p>
+
+<p>The default security level can be configured when OpenSSL is compiled by setting <b>-DOPENSSL_TLS_SECURITY_LEVEL=level</b>. If not set then 1 is used.</p>
+
+<p>The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set a number of distinct parameters (supported ciphers, supported curves supported signature algorithms) to achieve this end and some cases (DH parameter size for example) could not be checked at all.</p>
+
+<p>By setting an appropriate security level much of this complexity can be avoided.</p>
+
+<p>The bits of security limits affect all relevant parameters including cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms. This limit applies no matter what other custom settings an application has set: so if the cipher suite is set to <b>ALL</b> then only cipher suites consistent with the security level are permissible.</p>
+
+<p>See SP800-57 for how the security limits are related to individual algorithms.</p>
+
+<p>Some security levels require large key sizes for non-ECC public key algorithms which can severely degrade performance. For example 256 bits of security requires the use of RSA keys of at least 15360 bits in size.</p>
+
+<p>Some restrictions can be gracefully handled: for example cipher suites offering insufficient security are not sent by the client and will not be selected by the server. Other restrictions such as the peer certificate key size or the DH parameter size will abort the handshake with a fatal alert.</p>
+
+<p>Attempts to set certificates or parameters with insufficient security are also blocked. For example trying to set a certificate using a 512 bit RSA key using SSL_CTX_use_certificate() at level 1. Applications which do not check the return values for errors will misbehave: for example it might appear that a certificate is not set at all because it had been rejected.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_security_level() and SSL_set_security_level() do not return values.</p>
+
+<p>SSL_CTX_get_security_level() and SSL_get_security_level() return a integer that represents the security level with <b>SSL_CTX</b> or <b>SSL</b>, respectively.</p>
+
+<p>SSL_CTX_set_security_callback() and SSL_set_security_callback() do not return values.</p>
+
+<p>SSL_CTX_get_security_callback() and SSL_get_security_callback() return the pointer to the security callback or NULL if the callback is not set.</p>
+
+<p>SSL_CTX_get0_security_ex_data() and SSL_get0_security_ex_data() return the extra data pointer or NULL if the ex data is not set.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_session.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_session.html
new file mode 100644
index 000000000..e7c2ea200
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_session.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_session</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_session - set a TLS/SSL session to be used during TLS/SSL connect</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set_session(SSL *ssl, SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_session() sets <b>session</b> to be used when the TLS/SSL connection is to be established. SSL_set_session() is only useful for TLS/SSL clients. When the session is set, the reference count of <b>session</b> is incremented by 1. If the session is not reused, the reference count is decremented again during SSL_connect(). Whether the session was reused can be queried with the <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> call.</p>
+
+<p>If there is already a session set inside <b>ssl</b> (because it was set with SSL_set_session() before or because the same <b>ssl</b> was already used for a connection), SSL_SESSION_free() will be called for that session. If that old session is still <b>open</b>, it is considered bad and will be removed from the session cache (if used). A session is considered open, if <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> was not called for the connection (or at least <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a> was used to set the SSL_SENT_SHUTDOWN state).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object&#39;s session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed; check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_session_id_context.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_session_id_context.html
new file mode 100644
index 000000000..00eadaf08
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_session_id_context.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_session_id_context</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context within which session can be reused (server side only)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+                                    unsigned int sid_ctx_len);
+ int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+                                unsigned int sid_ctx_len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_session_id_context() sets the context <b>sid_ctx</b> of length <b>sid_ctx_len</b> within which a session can be reused for the <b>ctx</b> object.</p>
+
+<p>SSL_set_session_id_context() sets the context <b>sid_ctx</b> of length <b>sid_ctx_len</b> within which a session can be reused for the <b>ssl</b> object.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are generated within a certain context. When exporting/importing sessions with <b>i2d_SSL_SESSION</b>/<b>d2i_SSL_SESSION</b> it would be possible, to re-import a session generated from another context (e.g. another application), which might lead to malfunctions. Therefore each application must set its own session id context <b>sid_ctx</b> which is used to distinguish the contexts and is stored in exported sessions. The <b>sid_ctx</b> can be any kind of binary data with a given length, it is therefore possible to use e.g. the name of the application and/or the hostname and/or service name ...</p>
+
+<p>The session id context becomes part of the session. The session id context is set by the SSL/TLS server. The SSL_CTX_set_session_id_context() and SSL_set_session_id_context() functions are therefore only useful on the server side.</p>
+
+<p>OpenSSL clients will check the session id context returned by the server when reusing a session.</p>
+
+<p>The maximum length of the <b>sid_ctx</b> is limited to <b>SSL_MAX_SSL_SESSION_ID_LENGTH</b>.</p>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>If the session id context is not set on an SSL/TLS server and client certificates are used, stored sessions will not be reused but a fatal error will be flagged and the handshake will fail.</p>
+
+<p>If a server returns a different session id context to an OpenSSL client when reusing a session, an error will be flagged and the handshake will fail. OpenSSL servers will always return the correct session id context, as an OpenSSL server checks the session id context itself before reusing a session as described above.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_session_id_context() and SSL_set_session_id_context() return the following values:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The length <b>sid_ctx_len</b> of the session id context <b>sid_ctx</b> exceeded the maximum allowed length of <b>SSL_MAX_SSL_SESSION_ID_LENGTH</b>. The error is logged to the error stack.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_shutdown.html
new file mode 100644
index 000000000..fb57a1ee7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_shutdown.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_shutdown</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_shutdown(SSL *ssl, int mode);
+
+ int SSL_get_shutdown(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_shutdown() sets the shutdown state of <b>ssl</b> to <b>mode</b>.</p>
+
+<p>SSL_get_shutdown() returns the shutdown mode of <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The shutdown state of an ssl connection is a bitmask of:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>No shutdown setting, yet.</p>
+
+</dd>
+<dt id="SSL_SENT_SHUTDOWN">SSL_SENT_SHUTDOWN</dt>
+<dd>
+
+<p>A close_notify shutdown alert was sent to the peer, the connection is being considered closed and the session is closed and correct.</p>
+
+</dd>
+<dt id="SSL_RECEIVED_SHUTDOWN">SSL_RECEIVED_SHUTDOWN</dt>
+<dd>
+
+<p>A shutdown alert was received form the peer, either a normal close_notify or a fatal error.</p>
+
+</dd>
+</dl>
+
+<p>SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time.</p>
+
+<p>The shutdown state of the connection is used to determine the state of the ssl session. If the session is still open, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> or <a href="../man3/SSL_free.html">SSL_free(3)</a> is called, it is considered bad and removed according to RFC2246. The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN (according to the TLS RFC, it is acceptable to only send the close_notify alert but to not wait for the peer&#39;s answer, when the underlying connection is closed). SSL_set_shutdown() can be used to set this state without sending a close alert to the peer (see <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>).</p>
+
+<p>If a close_notify was received, SSL_RECEIVED_SHUTDOWN will be set, for setting SSL_SENT_SHUTDOWN the application must however still call <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> or SSL_set_shutdown() itself.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_shutdown() does not return diagnostic information.</p>
+
+<p>SSL_get_shutdown() returns the current setting.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_CTX_set_quiet_shutdown.html">SSL_CTX_set_quiet_shutdown(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_split_send_fragment.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_split_send_fragment.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_split_send_fragment.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_ssl_method.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_ssl_method.html
new file mode 100644
index 000000000..c61545867
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_ssl_method.html
@@ -0,0 +1,85 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ssl_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method - choose a new TLS/SSL method</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
+ int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+ const SSL_METHOD *SSL_get_ssl_method(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_ssl_version() sets a new default TLS/SSL <b>method</b> for SSL objects newly created from this <b>ctx</b>. SSL objects already created with <a href="../man3/SSL_new.html">SSL_new(3)</a> are not affected, except when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is being called.</p>
+
+<p>SSL_set_ssl_method() sets a new TLS/SSL <b>method</b> for a particular <b>ssl</b> object. It may be reset, when SSL_clear() is called.</p>
+
+<p>SSL_get_ssl_method() returns a function pointer to the TLS/SSL method set in <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The available <b>method</b> choices are described in <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>.</p>
+
+<p>When <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called and no session is connected to an SSL object, the method of the SSL object is reset to the method currently set in the corresponding SSL_CTX object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur for SSL_CTX_set_ssl_version() and SSL_set_ssl_method():</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The new choice failed, check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_time.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_time.html
new file mode 100644
index 000000000..d4c3a8446
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_time.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout, SSL_get_time, SSL_set_time, SSL_get_timeout, SSL_set_timeout - retrieve and manipulate session time and timeout settings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_time() returns the time at which the session <b>s</b> was established. The time is given in seconds since the Epoch and therefore compatible to the time delivered by the time() call.</p>
+
+<p>SSL_SESSION_set_time() replaces the creation time of the session <b>s</b> with the chosen value <b>tm</b>.</p>
+
+<p>SSL_SESSION_get_timeout() returns the timeout value set for session <b>s</b> in seconds.</p>
+
+<p>SSL_SESSION_set_timeout() sets the timeout value for session <b>s</b> in seconds to <b>tm</b>.</p>
+
+<p>The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout() functions are synonyms for the SSL_SESSION_*() counterparts.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are expired by examining the creation time and the timeout value. Both are set at creation time of the session to the actual time and the default timeout value at creation, respectively, as set by <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>. Using these functions it is possible to extend or shorten the lifetime of the session.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently valid values.</p>
+
+<p>SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.</p>
+
+<p>If any of the function is passed the NULL pointer for the session <b>s</b>, 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_timeout.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_timeout.html
new file mode 100644
index 000000000..d4c3a8446
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_timeout.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_SESSION_get_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout, SSL_get_time, SSL_set_time, SSL_get_timeout, SSL_set_timeout - retrieve and manipulate session time and timeout settings</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_SESSION_get_time() returns the time at which the session <b>s</b> was established. The time is given in seconds since the Epoch and therefore compatible to the time delivered by the time() call.</p>
+
+<p>SSL_SESSION_set_time() replaces the creation time of the session <b>s</b> with the chosen value <b>tm</b>.</p>
+
+<p>SSL_SESSION_get_timeout() returns the timeout value set for session <b>s</b> in seconds.</p>
+
+<p>SSL_SESSION_set_timeout() sets the timeout value for session <b>s</b> in seconds to <b>tm</b>.</p>
+
+<p>The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout() functions are synonyms for the SSL_SESSION_*() counterparts.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Sessions are expired by examining the creation time and the timeout value. Both are set at creation time of the session to the actual time and the default timeout value at creation, respectively, as set by <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>. Using these functions it is possible to extend or shorten the lifetime of the session.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently valid values.</p>
+
+<p>SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.</p>
+
+<p>If any of the function is passed the NULL pointer for the session <b>s</b>, 0 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_host_name.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_host_name.html
new file mode 100644
index 000000000..4cf6c16a9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_host_name.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_servername_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type, SSL_get_servername, SSL_set_tlsext_host_name - handle server name indication (SNI)</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
+                                   int (*cb)(SSL *, int *, void *));
+ long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
+
+ const char *SSL_get_servername(const SSL *s, const int type);
+ int SSL_get_servername_type(const SSL *s);
+
+ int SSL_set_tlsext_host_name(const SSL *s, const char *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The functionality provided by the servername callback is superseded by the ClientHello callback, which can be set using SSL_CTX_set_client_hello_cb(). The servername callback is retained for historical compatibility.</p>
+
+<p>SSL_CTX_set_tlsext_servername_callback() sets the application callback <b>cb</b> used by a server to perform any actions or configuration required based on the servername extension received in the incoming connection. When <b>cb</b> is NULL, SNI is not used. The <b>arg</b> value is a pointer which is passed to the application callback.</p>
+
+<p>SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be passed into the callback for this <b>SSL_CTX</b>.</p>
+
+<p>SSL_get_servername() returns a servername extension value of the specified type if provided in the Client Hello or NULL.</p>
+
+<p>SSL_get_servername_type() returns the servername type or -1 if no servername is present. Currently the only supported type (defined in RFC3546) is <b>TLSEXT_NAMETYPE_host_name</b>.</p>
+
+<p>SSL_set_tlsext_host_name() sets the server name indication ClientHello extension to contain the value <b>name</b>. The type of server name indication extension is set to <b>TLSEXT_NAMETYPE_host_name</b> (defined in RFC3546).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Several callbacks are executed during ClientHello processing, including the ClientHello, ALPN, and servername callbacks. The ClientHello callback is executed first, then the servername callback, followed by the ALPN callback.</p>
+
+<p>The SSL_set_tlsext_host_name() function should only be called on SSL objects that will act as clients; otherwise the configured <b>name</b> will be ignored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_servername_callback() and SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success. SSL_set_tlsext_host_name() returns 1 on success, 0 in case of error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_alpn_select_cb.html">SSL_CTX_set_alpn_select_cb(3)</a>, <a href="../man3/SSL_get0_alpn_selected.html">SSL_get0_alpn_selected(3)</a>, <a href="../man3/SSL_CTX_set_client_hello_cb.html">SSL_CTX_set_client_hello_cb(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_max_fragment_length.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_max_fragment_length.html
new file mode 100644
index 000000000..19be43ed8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_max_fragment_length.html
@@ -0,0 +1,150 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_split_send_fragment</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_max_send_fragment, SSL_set_max_send_fragment, SSL_CTX_set_split_send_fragment, SSL_set_split_send_fragment, SSL_CTX_set_max_pipelines, SSL_set_max_pipelines, SSL_CTX_set_default_read_buffer_len, SSL_set_default_read_buffer_len, SSL_CTX_set_tlsext_max_fragment_length, SSL_set_tlsext_max_fragment_length, SSL_SESSION_get_max_fragment_length - Control fragment size settings and pipelining operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ long SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long);
+ long SSL_set_max_send_fragment(SSL *ssl, long m);
+
+ long SSL_CTX_set_max_pipelines(SSL_CTX *ctx, long m);
+ long SSL_set_max_pipelines(SSL_CTX *ssl, long m);
+
+ long SSL_CTX_set_split_send_fragment(SSL_CTX *ctx, long m);
+ long SSL_set_split_send_fragment(SSL *ssl, long m);
+
+ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+ void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+ int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+ uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Some engines are able to process multiple simultaneous crypto operations. This capability could be utilised to parallelise the processing of a single connection. For example a single write can be split into multiple records and each one encrypted independently and in parallel. Note: this will only work in TLS1.1+. There is no support in SSLv3, TLSv1.0 or DTLS (any version). This capability is known as &quot;pipelining&quot; within OpenSSL.</p>
+
+<p>In order to benefit from the pipelining capability. You need to have an engine that provides ciphers that support this. The OpenSSL &quot;dasync&quot; engine provides AES128-SHA based ciphers that have this capability. However these are for development and test purposes only.</p>
+
+<p>SSL_CTX_set_max_send_fragment() and SSL_set_max_send_fragment() set the <b>max_send_fragment</b> parameter for SSL_CTX and SSL objects respectively. This value restricts the amount of plaintext bytes that will be sent in any one SSL/TLS record. By default its value is SSL3_RT_MAX_PLAIN_LENGTH (16384). These functions will only accept a value in the range 512 - SSL3_RT_MAX_PLAIN_LENGTH.</p>
+
+<p>SSL_CTX_set_max_pipelines() and SSL_set_max_pipelines() set the maximum number of pipelines that will be used at any one time. This value applies to both &quot;read&quot; pipelining and &quot;write&quot; pipelining. By default only one pipeline will be used (i.e. normal non-parallel operation). The number of pipelines set must be in the range 1 - SSL_MAX_PIPELINES (32). Setting this to a value &gt; 1 will also automatically turn on &quot;read_ahead&quot; (see <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>). This is explained further below. OpenSSL will only every use more than one pipeline if a cipher suite is negotiated that uses a pipeline capable cipher provided by an engine.</p>
+
+<p>Pipelining operates slightly differently for reading encrypted data compared to writing encrypted data. SSL_CTX_set_split_send_fragment() and SSL_set_split_send_fragment() define how data is split up into pipelines when writing encrypted data. The number of pipelines used will be determined by the amount of data provided to the SSL_write_ex() or SSL_write() call divided by <b>split_send_fragment</b>.</p>
+
+<p>For example if <b>split_send_fragment</b> is set to 2000 and <b>max_pipelines</b> is 4 then:</p>
+
+<p>SSL_write/SSL_write_ex called with 0-2000 bytes == 1 pipeline used</p>
+
+<p>SSL_write/SSL_write_ex called with 2001-4000 bytes == 2 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 4001-6000 bytes == 3 pipelines used</p>
+
+<p>SSL_write/SSL_write_ex called with 6001+ bytes == 4 pipelines used</p>
+
+<p><b>split_send_fragment</b> must always be less than or equal to <b>max_send_fragment</b>. By default it is set to be equal to <b>max_send_fragment</b>. This will mean that the same number of records will always be created as would have been created in the non-parallel case, although the data will be apportioned differently. In the parallel case data will be spread equally between the pipelines.</p>
+
+<p>Read pipelining is controlled in a slightly different way than with write pipelining. While reading we are constrained by the number of records that the peer (and the network) can provide to us in one go. The more records we can get in one go the more opportunity we have to parallelise the processing. As noted above when setting <b>max_pipelines</b> to a value greater than one, <b>read_ahead</b> is automatically set. The <b>read_ahead</b> parameter causes OpenSSL to attempt to read as much data into the read buffer as the network can provide and will fit into the buffer. Without this set data is read into the read buffer one record at a time. The more data that can be read, the more opportunity there is for parallelising the processing at the cost of increased memory overhead per connection. Setting <b>read_ahead</b> can impact the behaviour of the SSL_pending() function (see <a href="../man3/SSL_pending.html">SSL_pending(3)</a>).</p>
+
+<p>The SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions control the size of the read buffer that will be used. The <b>len</b> parameter sets the size of the buffer. The value will only be used if it is greater than the default that would have been used anyway. The normal default value depends on a number of factors but it will be at least SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD (16704) bytes.</p>
+
+<p>SSL_CTX_set_tlsext_max_fragment_length() sets the default maximum fragment length negotiation mode via value <b>mode</b> to <b>ctx</b>. This setting affects only SSL instances created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_set_tlsext_max_fragment_length() sets the maximum fragment length negotiation mode via value <b>mode</b> to <b>ssl</b>. This setting will be used during a handshake when extensions are exchanged between client and server. So it only affects SSL sessions created after this function is called. It affects the client-side as only its side may initiate this extension use.</p>
+
+<p>SSL_SESSION_get_max_fragment_length() gets the maximum fragment length negotiated in <b>session</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All non-void functions return 1 on success and 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The Maximum Fragment Length extension support is optional on the server side. If the server does not support this extension then SSL_SESSION_get_max_fragment_length() will return: TLSEXT_max_fragment_length_DISABLED.</p>
+
+<p>The following modes are available:</p>
+
+<dl>
+
+<dt id="TLSEXT_max_fragment_length_DISABLED">TLSEXT_max_fragment_length_DISABLED</dt>
+<dd>
+
+<p>Disables Maximum Fragment Length Negotiation (default).</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_512">TLSEXT_max_fragment_length_512</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 512 bytes.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_1024">TLSEXT_max_fragment_length_1024</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 1024.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_2048">TLSEXT_max_fragment_length_2048</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 2048.</p>
+
+</dd>
+<dt id="TLSEXT_max_fragment_length_4096">TLSEXT_max_fragment_length_4096</dt>
+<dd>
+
+<p>Sets Maximum Fragment Length to 4096.</p>
+
+</dd>
+</dl>
+
+<p>With the exception of SSL_CTX_set_default_read_buffer_len() SSL_set_default_read_buffer_len(), SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() all these functions are implemented using macros.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_set_max_pipelines(), SSL_set_max_pipelines(), SSL_CTX_set_split_send_fragment(), SSL_set_split_send_fragment(), SSL_CTX_set_default_read_buffer_len() and SSL_set_default_read_buffer_len() functions were added in OpenSSL 1.1.0.</p>
+
+<p>The SSL_CTX_set_tlsext_max_fragment_length(), SSL_set_tlsext_max_fragment_length() and SSL_SESSION_get_max_fragment_length() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_status_ocsp_resp.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_status_ocsp_resp.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_status_ocsp_resp.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_status_type.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_status_type.html
new file mode 100644
index 000000000..2aabb84c3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_status_type.html
@@ -0,0 +1,87 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_status_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_status_cb, SSL_CTX_get_tlsext_status_cb, SSL_CTX_set_tlsext_status_arg, SSL_CTX_get_tlsext_status_arg, SSL_CTX_set_tlsext_status_type, SSL_CTX_get_tlsext_status_type, SSL_set_tlsext_status_type, SSL_get_tlsext_status_type, SSL_get_tlsext_status_ocsp_resp, SSL_set_tlsext_status_ocsp_resp - OCSP Certificate Status Request functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/tls1.h&gt;
+
+ long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));
+
+ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
+
+ long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
+ long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
+
+ long SSL_set_tlsext_status_type(SSL *s, int type);
+ long SSL_get_tlsext_status_type(SSL *s);
+
+ long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp);
+ long SSL_set_tlsext_status_ocsp_resp(ssl, unsigned char *resp, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application may request that a server send back an OCSP status response (also known as OCSP stapling). To do so the client should call the SSL_CTX_set_tlsext_status_type() function prior to the creation of any SSL objects. Alternatively an application can call the SSL_set_tlsext_status_type() function on an individual SSL object prior to the start of the handshake. Currently the only supported type is <b>TLSEXT_STATUSTYPE_ocsp</b>. This value should be passed in the <b>type</b> argument. Calling SSL_CTX_get_tlsext_status_type() will return the type <b>TLSEXT_STATUSTYPE_ocsp</b> previously set via SSL_CTX_set_tlsext_status_type() or -1 if not set.</p>
+
+<p>The client should additionally provide a callback function to decide what to do with the returned OCSP response by calling SSL_CTX_set_tlsext_status_cb(). The callback function should determine whether the returned OCSP response is acceptable or not. The callback will be passed as an argument the value previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the callback will not be called in the event of a handshake where session resumption occurs (because there are no Certificates exchanged in such a handshake). The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling SSL_CTX_get_tlsext_status_arg().</p>
+
+<p>On the client side SSL_get_tlsext_status_type() can be used to determine whether the client has previously called SSL_set_tlsext_status_type(). It will return <b>TLSEXT_STATUSTYPE_ocsp</b> if it has been called or -1 otherwise. On the server side SSL_get_tlsext_status_type() can be used to determine whether the client requested OCSP stapling. If the client requested it then this function will return <b>TLSEXT_STATUSTYPE_ocsp</b>, or -1 otherwise.</p>
+
+<p>The response returned by the server can be obtained via a call to SSL_get_tlsext_status_ocsp_resp(). The value <b>*resp</b> will be updated to point to the OCSP response data and the return value will be the length of that data. Typically a callback would obtain an OCSP_RESPONSE object from this data via a call to the d2i_OCSP_RESPONSE() function. If the server has not provided any response data then <b>*resp</b> will be NULL and the return value from SSL_get_tlsext_status_ocsp_resp() will be -1.</p>
+
+<p>A server application must also call the SSL_CTX_set_tlsext_status_cb() function if it wants to be able to provide clients with OCSP Certificate Status responses. Typically the server callback would obtain the server certificate that is being sent back to the client via a call to SSL_get_certificate(); obtain the OCSP response to be sent back; and then set that response data by calling SSL_set_tlsext_status_ocsp_resp(). A pointer to the response data should be provided in the <b>resp</b> argument, and the length of that data should be in the <b>len</b> argument.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The callback when used on the client side should return a negative value on error; 0 if the response is not acceptable (in which case the handshake will fail) or a positive value if it is acceptable.</p>
+
+<p>The callback when used on the server side should return with either SSL_TLSEXT_ERR_OK (meaning that the OCSP response that has been set should be returned), SSL_TLSEXT_ERR_NOACK (meaning that an OCSP response should not be returned) or SSL_TLSEXT_ERR_ALERT_FATAL (meaning that a fatal error has occurred).</p>
+
+<p>SSL_CTX_set_tlsext_status_cb(), SSL_CTX_set_tlsext_status_arg(), SSL_CTX_set_tlsext_status_type(), SSL_set_tlsext_status_type() and SSL_set_tlsext_status_ocsp_resp() return 0 on error or 1 on success.</p>
+
+<p>SSL_CTX_get_tlsext_status_type() returns the value previously set by SSL_CTX_set_tlsext_status_type(), or -1 if not set.</p>
+
+<p>SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP response data or -1 if there is no OCSP response data.</p>
+
+<p>SSL_get_tlsext_status_type() returns <b>TLSEXT_STATUSTYPE_ocsp</b> on the client side if SSL_set_tlsext_status_type() was previously called, or on the server side if the client requested OCSP stapling. Otherwise -1 is returned.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_get_tlsext_status_type(), SSL_CTX_get_tlsext_status_type() and SSL_CTX_set_tlsext_status_type() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_use_srtp.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_use_srtp.html
new file mode 100644
index 000000000..6f32f070f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tlsext_use_srtp.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tlsext_use_srtp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tlsext_use_srtp, SSL_set_tlsext_use_srtp, SSL_get_srtp_profiles, SSL_get_selected_srtp_profile - Configure and query SRTP support</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/srtp.h&gt;
+
+ int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
+ int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles);
+
+ STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SRTP is the Secure Real-Time Transport Protocol. OpenSSL implements support for the &quot;use_srtp&quot; DTLS extension defined in RFC5764. This provides a mechanism for establishing SRTP keying material, algorithms and parameters using DTLS. This capability may be used as part of an implementation that conforms to RFC5763. OpenSSL does not implement SRTP itself or RFC5763. Note that OpenSSL does not support the use of SRTP Master Key Identifiers (MKIs). Also note that this extension is only supported in DTLS. Any SRTP configuration will be ignored if a TLS connection is attempted.</p>
+
+<p>An OpenSSL client wishing to send the &quot;use_srtp&quot; extension should call SSL_CTX_set_tlsext_use_srtp() to set its use for all SSL objects subsequently created from an SSL_CTX. Alternatively a client may call SSL_set_tlsext_use_srtp() to set its use for an individual SSL object. The <b>profiles</b> parameters should point to a NUL-terminated, colon delimited list of SRTP protection profile names.</p>
+
+<p>The currently supported protection profile names are:</p>
+
+<dl>
+
+<dt id="SRTP_AES128_CM_SHA1_80">SRTP_AES128_CM_SHA1_80</dt>
+<dd>
+
+<p>This corresponds to SRTP_AES128_CM_HMAC_SHA1_80 defined in RFC5764.</p>
+
+</dd>
+<dt id="SRTP_AES128_CM_SHA1_32">SRTP_AES128_CM_SHA1_32</dt>
+<dd>
+
+<p>This corresponds to SRTP_AES128_CM_HMAC_SHA1_32 defined in RFC5764.</p>
+
+</dd>
+<dt id="SRTP_AEAD_AES_128_GCM">SRTP_AEAD_AES_128_GCM</dt>
+<dd>
+
+<p>This corresponds to the profile of the same name defined in RFC7714.</p>
+
+</dd>
+<dt id="SRTP_AEAD_AES_256_GCM">SRTP_AEAD_AES_256_GCM</dt>
+<dd>
+
+<p>This corresponds to the profile of the same name defined in RFC7714.</p>
+
+</dd>
+</dl>
+
+<p>Supplying an unrecognised protection profile name will result in an error.</p>
+
+<p>An OpenSSL server wishing to support the &quot;use_srtp&quot; extension should also call SSL_CTX_set_tlsext_use_srtp() or SSL_set_tlsext_use_srtp() to indicate the protection profiles that it is willing to negotiate.</p>
+
+<p>The currently configured list of protection profiles for either a client or a server can be obtained by calling SSL_get_srtp_profiles(). This returns a stack of SRTP_PROTECTION_PROFILE objects. The memory pointed to in the return value of this function should not be freed by the caller.</p>
+
+<p>After a handshake has been completed the negotiated SRTP protection profile (if any) can be obtained (on the client or the server) by calling SSL_get_selected_srtp_profile(). This function will return NULL if no SRTP protection profile was negotiated. The memory returned from this function should not be freed by the caller.</p>
+
+<p>If an SRTP protection profile has been successfully negotiated then the SRTP keying material (on both the client and server) should be obtained via a call to <a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a>. This call should provide a label value of &quot;EXTRACTOR-dtls_srtp&quot; and a NULL context value (use_context is 0). The total length of keying material obtained should be equal to two times the sum of the master key length and the salt length as defined for the protection profile in use. This provides the client write master key, the server write master key, the client write master salt and the server write master salt in that order.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tlsext_use_srtp() and SSL_set_tlsext_use_srtp() return 0 on success or 1 on error.</p>
+
+<p>SSL_get_srtp_profiles() returns a stack of SRTP_PROTECTION_PROFILE objects on success or NULL on error or if no protection profiles have been configured.</p>
+
+<p>SSL_get_selected_srtp_profile() returns a pointer to an SRTP_PROTECTION_PROFILE object if one has been negotiated or NULL otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_export_keying_material.html">SSL_export_keying_material(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_tmp_dh.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tmp_dh.html
new file mode 100644
index 000000000..0c5346120
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tmp_dh.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tmp_dh_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+                                  DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+                                                         int keylength));
+ long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
+
+ void SSL_set_tmp_dh_callback(SSL *ctx,
+                              DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+                                                     int keylength));
+ long SSL_set_tmp_dh(SSL *ssl, DH *dh)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback() sets the callback function for <b>ctx</b> to be used when a DH parameters are required to <b>tmp_dh_callback</b>. The callback is inherited by all <b>ssl</b> objects created from <b>ctx</b>.</p>
+
+<p>SSL_CTX_set_tmp_dh() sets DH parameters to be used to be <b>dh</b>. The key is inherited by all <b>ssl</b> objects created from <b>ctx</b>.</p>
+
+<p>SSL_set_tmp_dh_callback() sets the callback only for <b>ssl</b>.</p>
+
+<p>SSL_set_tmp_dh() sets the parameters only for <b>ssl</b>.</p>
+
+<p>These functions apply to SSL/TLS servers only.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When using a cipher with RSA authentication, an ephemeral DH key exchange can take place. Ciphers with DSA keys always use ephemeral DH keys as well. In these cases, the session data are negotiated using the ephemeral/temporary DH key and the key supplied and certified by the certificate chain is only used for signing. Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.</p>
+
+<p>Using ephemeral DH key exchange yields forward secrecy, as the connection can only be decrypted, when the DH key is known. By generating a temporary DH key inside the server application that is lost when the application is left, it becomes impossible for an attacker to decrypt past sessions, even if he gets hold of the normal (certified) key, as this key was only used for signing.</p>
+
+<p>In order to perform a DH key exchange the server must use a DH group (DH parameters) and generate a DH key. The server will always generate a new DH key during the negotiation.</p>
+
+<p>As generating DH parameters is extremely time consuming, an application should not generate the parameters on the fly but supply the parameters. DH parameters can be reused, as the actual key is newly generated during the negotiation. The risk in reusing DH parameters is that an attacker may specialize on a very often used DH group. Applications should therefore generate their own DH parameters during the installation process using the openssl <a href="../man1/dhparam.html">dhparam(1)</a> application. This application guarantees that &quot;strong&quot; primes are used.</p>
+
+<p>Files dh2048.pem, and dh4096.pem in the &#39;apps&#39; directory of the current version of the OpenSSL distribution contain the &#39;SKIP&#39; DH parameters, which use safe primes and were generated verifiably pseudo-randomly. These files can be converted into C code using the <b>-C</b> option of the <a href="../man1/dhparam.html">dhparam(1)</a> application. Generation of custom DH parameters during installation should still be preferred to stop an attacker from specializing on a commonly used group. File dh1024.pem contains old parameters that must not be used by applications.</p>
+
+<p>An application may either directly specify the DH parameters or can supply the DH parameters via a callback function.</p>
+
+<p>Previous versions of the callback used <b>is_export</b> and <b>keylength</b> parameters to control parameter generation for export and non-export cipher suites. Modern servers that do not support export cipher suites are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use the callback but ignore <b>keylength</b> and <b>is_export</b> and simply supply at least 2048-bit parameters in the callback.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Setup DH parameters with a key length of 2048 bits. (Error handling partly left out.)</p>
+
+<p>Command-line parameter generation:</p>
+
+<pre><code> $ openssl dhparam -out dh_param_2048.pem 2048</code></pre>
+
+<p>Code for setting up parameters during server initialization:</p>
+
+<pre><code> SSL_CTX ctx = SSL_CTX_new();
+
+ DH *dh_2048 = NULL;
+ FILE *paramfile = fopen(&quot;dh_param_2048.pem&quot;, &quot;r&quot;);
+
+ if (paramfile) {
+     dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+     fclose(paramfile);
+ } else {
+     /* Error. */
+ }
+ if (dh_2048 == NULL)
+     /* Error. */
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1)
+     /* Error. */
+ ...</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return diagnostic output.</p>
+
+<p>SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0 on failure. Check the error queue to find out the reason of failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_tmp_dh_callback.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tmp_dh_callback.html
new file mode 100644
index 000000000..0c5346120
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_tmp_dh_callback.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_tmp_dh_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+                                  DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+                                                         int keylength));
+ long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
+
+ void SSL_set_tmp_dh_callback(SSL *ctx,
+                              DH *(*tmp_dh_callback)(SSL *ssl, int is_export,
+                                                     int keylength));
+ long SSL_set_tmp_dh(SSL *ssl, DH *dh)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback() sets the callback function for <b>ctx</b> to be used when a DH parameters are required to <b>tmp_dh_callback</b>. The callback is inherited by all <b>ssl</b> objects created from <b>ctx</b>.</p>
+
+<p>SSL_CTX_set_tmp_dh() sets DH parameters to be used to be <b>dh</b>. The key is inherited by all <b>ssl</b> objects created from <b>ctx</b>.</p>
+
+<p>SSL_set_tmp_dh_callback() sets the callback only for <b>ssl</b>.</p>
+
+<p>SSL_set_tmp_dh() sets the parameters only for <b>ssl</b>.</p>
+
+<p>These functions apply to SSL/TLS servers only.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When using a cipher with RSA authentication, an ephemeral DH key exchange can take place. Ciphers with DSA keys always use ephemeral DH keys as well. In these cases, the session data are negotiated using the ephemeral/temporary DH key and the key supplied and certified by the certificate chain is only used for signing. Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.</p>
+
+<p>Using ephemeral DH key exchange yields forward secrecy, as the connection can only be decrypted, when the DH key is known. By generating a temporary DH key inside the server application that is lost when the application is left, it becomes impossible for an attacker to decrypt past sessions, even if he gets hold of the normal (certified) key, as this key was only used for signing.</p>
+
+<p>In order to perform a DH key exchange the server must use a DH group (DH parameters) and generate a DH key. The server will always generate a new DH key during the negotiation.</p>
+
+<p>As generating DH parameters is extremely time consuming, an application should not generate the parameters on the fly but supply the parameters. DH parameters can be reused, as the actual key is newly generated during the negotiation. The risk in reusing DH parameters is that an attacker may specialize on a very often used DH group. Applications should therefore generate their own DH parameters during the installation process using the openssl <a href="../man1/dhparam.html">dhparam(1)</a> application. This application guarantees that &quot;strong&quot; primes are used.</p>
+
+<p>Files dh2048.pem, and dh4096.pem in the &#39;apps&#39; directory of the current version of the OpenSSL distribution contain the &#39;SKIP&#39; DH parameters, which use safe primes and were generated verifiably pseudo-randomly. These files can be converted into C code using the <b>-C</b> option of the <a href="../man1/dhparam.html">dhparam(1)</a> application. Generation of custom DH parameters during installation should still be preferred to stop an attacker from specializing on a commonly used group. File dh1024.pem contains old parameters that must not be used by applications.</p>
+
+<p>An application may either directly specify the DH parameters or can supply the DH parameters via a callback function.</p>
+
+<p>Previous versions of the callback used <b>is_export</b> and <b>keylength</b> parameters to control parameter generation for export and non-export cipher suites. Modern servers that do not support export cipher suites are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use the callback but ignore <b>keylength</b> and <b>is_export</b> and simply supply at least 2048-bit parameters in the callback.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Setup DH parameters with a key length of 2048 bits. (Error handling partly left out.)</p>
+
+<p>Command-line parameter generation:</p>
+
+<pre><code> $ openssl dhparam -out dh_param_2048.pem 2048</code></pre>
+
+<p>Code for setting up parameters during server initialization:</p>
+
+<pre><code> SSL_CTX ctx = SSL_CTX_new();
+
+ DH *dh_2048 = NULL;
+ FILE *paramfile = fopen(&quot;dh_param_2048.pem&quot;, &quot;r&quot;);
+
+ if (paramfile) {
+     dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+     fclose(paramfile);
+ } else {
+     /* Error. */
+ }
+ if (dh_2048 == NULL)
+     /* Error. */
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1)
+     /* Error. */
+ ...</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return diagnostic output.</p>
+
+<p>SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0 on failure. Check the error queue to find out the reason of failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man1/ciphers.html">ciphers(1)</a>, <a href="../man1/dhparam.html">dhparam(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify_depth.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify_depth.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify_depth.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify_result.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify_result.html
new file mode 100644
index 000000000..321a8b152
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_verify_result.html
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_verify_result</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_verify_result - override result of peer certificate verification</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ void SSL_set_verify_result(SSL *ssl, long verify_result);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_verify_result() sets <b>verify_result</b> of the object <b>ssl</b> to be the result of the verification of the X509 certificate presented by the peer, if any.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_set_verify_result() overrides the verification result. It only changes the verification result of the <b>ssl</b> object. It does not become part of the established session, so if the session is to be reused later, the original value will reappear.</p>
+
+<p>The valid codes for <b>verify_result</b> are documented in <a href="../man1/verify.html">verify(1)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_set_verify_result() does not provide a return value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man1/verify.html">verify(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_set_wfd.html b/msys2/usr/share/doc/openssl/html/man3/SSL_set_wfd.html
new file mode 100644
index 000000000..783cafd6a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_set_wfd.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_set_fd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_fd, SSL_set_rfd, SSL_set_wfd - connect the SSL object with a file descriptor</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_set_fd(SSL *ssl, int fd);
+ int SSL_set_rfd(SSL *ssl, int fd);
+ int SSL_set_wfd(SSL *ssl, int fd);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_set_fd() sets the file descriptor <b>fd</b> as the input/output facility for the TLS/SSL (encrypted) side of <b>ssl</b>. <b>fd</b> will typically be the socket file descriptor of a network connection.</p>
+
+<p>When performing the operation, a <b>socket BIO</b> is automatically created to interface between the <b>ssl</b> and <b>fd</b>. The BIO and hence the SSL engine inherit the behaviour of <b>fd</b>. If <b>fd</b> is non-blocking, the <b>ssl</b> will also have non-blocking behaviour.</p>
+
+<p>If there was already a BIO connected to <b>ssl</b>, BIO_free() will be called (for both the reading and writing side, if different).</p>
+
+<p>SSL_set_rfd() and SSL_set_wfd() perform the respective action, but only for the read channel or the write channel, which can be set independently.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The operation failed. Check the error stack to find out why.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The operation succeeded.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_fd.html">SSL_get_fd(3)</a>, <a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man7/ssl.html">ssl(7)</a> , <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/SSL_shutdown.html
new file mode 100644
index 000000000..cc408d897
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_shutdown.html
@@ -0,0 +1,129 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_shutdown</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a>
+    <ul>
+      <li><a href="#First-to-close-the-connection">First to close the connection</a></li>
+      <li><a href="#Peer-closes-the-connection">Peer closes the connection</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_shutdown - shut down a TLS/SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_shutdown(SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_shutdown() shuts down an active TLS/SSL connection. It sends the close_notify shutdown alert to the peer.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_shutdown() tries to send the close_notify shutdown alert to the peer. Whether the operation succeeds or not, the SSL_SENT_SHUTDOWN flag is set and a currently open session is considered closed and good and will be kept in the session cache for further reuse.</p>
+
+<p>Note that SSL_shutdown() must not be called if a previous fatal error has occurred on a connection i.e. if SSL_get_error() has returned SSL_ERROR_SYSCALL or SSL_ERROR_SSL.</p>
+
+<p>The shutdown procedure consists of two steps: sending of the close_notify shutdown alert, and reception of the peer&#39;s close_notify shutdown alert. The order of those two steps depends on the application.</p>
+
+<p>It is acceptable for an application to only send its shutdown alert and then close the underlying connection without waiting for the peer&#39;s response. This way resources can be saved, as the process can already terminate or serve another connection. This should only be done when it is known that the other side will not send more data, otherwise there is a risk of a truncation attack.</p>
+
+<p>When a client only writes and never reads from the connection, and the server has sent a session ticket to establish a session, the client might not be able to resume the session because it did not received and process the session ticket from the server. In case the application wants to be able to resume the session, it is recommended to do a complete shutdown procedure (bidirectional close_notify alerts).</p>
+
+<p>When the underlying connection shall be used for more communications, the complete shutdown procedure must be performed, so that the peers stay synchronized.</p>
+
+<p>SSL_shutdown() only closes the write direction. It is not possible to call SSL_write() after calling SSL_shutdown(). The read direction is closed by the peer.</p>
+
+<h2 id="First-to-close-the-connection">First to close the connection</h2>
+
+<p>When the application is the first party to send the close_notify alert, SSL_shutdown() will only send the alert and then set the SSL_SENT_SHUTDOWN flag (so that the session is considered good and will be kept in the cache). If successful, SSL_shutdown() will return 0.</p>
+
+<p>If a unidirectional shutdown is enough (the underlying connection shall be closed anyway), this first successful call to SSL_shutdown() is sufficient.</p>
+
+<p>In order to complete the bidirectional shutdown handshake, the peer needs to send back a close_notify alert. The SSL_RECEIVED_SHUTDOWN flag will be set after receiving and processing it.</p>
+
+<p>The peer is still allowed to send data after receiving the close_notify event. When it is done sending data, it will send the close_notify alert. SSL_read() should be called until all data is received. SSL_read() will indicate the end of the peer data by returning &lt;= 0 and SSL_get_error() returning SSL_ERROR_ZERO_RETURN.</p>
+
+<h2 id="Peer-closes-the-connection">Peer closes the connection</h2>
+
+<p>If the peer already sent the close_notify alert <b>and</b> it was already processed implicitly inside another function (<a href="../man3/SSL_read.html">SSL_read(3)</a>), the SSL_RECEIVED_SHUTDOWN flag is set. SSL_read() will return &lt;= 0 in that case, and SSL_get_error() will return SSL_ERROR_ZERO_RETURN. SSL_shutdown() will send the close_notify alert, set the SSL_SENT_SHUTDOWN flag. If successful, SSL_shutdown() will return 1.</p>
+
+<p>Whether SSL_RECEIVED_SHUTDOWN is already set can be checked using the SSL_get_shutdown() (see also <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a> call.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>The behaviour of SSL_shutdown() additionally depends on the underlying BIO. If the underlying BIO is <b>blocking</b>, SSL_shutdown() will only return once the handshake step has been finished or an error occurred.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b>, SSL_shutdown() will also return when the underlying BIO could not satisfy the needs of SSL_shutdown() to continue the handshake. In this case a call to SSL_get_error() with the return value of SSL_shutdown() will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. The calling process then must repeat the call after taking appropriate action to satisfy the needs of SSL_shutdown(). The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<p>After SSL_shutdown() returned 0, it is possible to call SSL_shutdown() again to wait for the peer&#39;s close_notify alert. SSL_shutdown() will return 1 in that case. However, it is recommended to wait for it using SSL_read() instead.</p>
+
+<p>SSL_shutdown() can be modified to only set the connection to &quot;shutdown&quot; state but not actually send the close_notify alert messages, see <a href="../man3/SSL_CTX_set_quiet_shutdown.html">SSL_CTX_set_quiet_shutdown(3)</a>. When &quot;quiet shutdown&quot; is enabled, SSL_shutdown() will always succeed and return 1.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>The shutdown is not yet finished: the close_notify was sent but the peer did not send it back yet. Call SSL_read() to do a bidirectional shutdown. The output of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> may be misleading, as an erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.</p>
+
+</dd>
+<dt id="pod1">1</dt>
+<dd>
+
+<p>The shutdown was successfully completed. The close_notify alert was sent and the peer&#39;s close_notify alert was received.</p>
+
+</dd>
+<dt id="pod01">&lt;0</dt>
+<dd>
+
+<p>The shutdown was not successful. Call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value <b>ret</b> to find out the reason. It can occur if an action is needed to continue the operation for non-blocking BIOs.</p>
+
+<p>It can also occur when not all data was read using SSL_read().</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man3/SSL_CTX_set_quiet_shutdown.html">SSL_CTX_set_quiet_shutdown(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_state_string.html b/msys2/usr/share/doc/openssl/html/man3/SSL_state_string.html
new file mode 100644
index 000000000..5183592b6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_state_string.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_state_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_state_string, SSL_state_string_long - get textual description of state of an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_state_string(const SSL *ssl);
+ const char *SSL_state_string_long(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_state_string() returns a 6 letter string indicating the current state of the SSL object <b>ssl</b>.</p>
+
+<p>SSL_state_string_long() returns a string indicating the current state of the SSL object <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During its use, an SSL objects passes several states. The state is internally maintained. Querying the state information is not very informative before or when a connection has been established. It however can be of significant interest during the handshake.</p>
+
+<p>When using non-blocking sockets, the function call performing the handshake may return with SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE condition, so that SSL_state_string[_long]() may be called.</p>
+
+<p>For both blocking or non-blocking sockets, the details state information can be used within the info_callback function set with the SSL_set_info_callback() call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Detailed description of possible states to be included later.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_info_callback.html">SSL_CTX_set_info_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_state_string_long.html b/msys2/usr/share/doc/openssl/html/man3/SSL_state_string_long.html
new file mode 100644
index 000000000..5183592b6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_state_string_long.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_state_string</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_state_string, SSL_state_string_long - get textual description of state of an SSL object</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ const char *SSL_state_string(const SSL *ssl);
+ const char *SSL_state_string_long(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_state_string() returns a 6 letter string indicating the current state of the SSL object <b>ssl</b>.</p>
+
+<p>SSL_state_string_long() returns a string indicating the current state of the SSL object <b>ssl</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>During its use, an SSL objects passes several states. The state is internally maintained. Querying the state information is not very informative before or when a connection has been established. It however can be of significant interest during the handshake.</p>
+
+<p>When using non-blocking sockets, the function call performing the handshake may return with SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE condition, so that SSL_state_string[_long]() may be called.</p>
+
+<p>For both blocking or non-blocking sockets, the details state information can be used within the info_callback function set with the SSL_set_info_callback() call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Detailed description of possible states to be included later.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_CTX_set_info_callback.html">SSL_CTX_set_info_callback(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_stateless.html b/msys2/usr/share/doc/openssl/html/man3/SSL_stateless.html
new file mode 100644
index 000000000..078279aa1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_stateless.html
@@ -0,0 +1,95 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DTLSv1_listen</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_stateless, DTLSv1_listen - Statelessly listen for incoming connections</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_stateless(SSL *s);
+ int DTLSv1_listen(SSL *ssl, BIO_ADDR *peer);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_stateless() statelessly listens for new incoming TLSv1.3 connections. DTLSv1_listen() statelessly listens for new incoming DTLS connections. If a ClientHello is received that does not contain a cookie, then they respond with a request for a new ClientHello that does contain a cookie. If a ClientHello is received with a cookie that is verified then the function returns in order to enable the handshake to be completed (for example by using SSL_accept()).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some transport protocols (such as UDP) can be susceptible to amplification attacks. Unlike TCP there is no initial connection setup in UDP that validates that the client can actually receive messages on its advertised source address. An attacker could forge its source IP address and then send handshake initiation messages to the server. The server would then send its response to the forged source IP. If the response messages are larger than the original message then the amplification attack has succeeded.</p>
+
+<p>If DTLS is used over UDP (or any datagram based protocol that does not validate the source IP) then it is susceptible to this type of attack. TLSv1.3 is designed to operate over a stream-based transport protocol (such as TCP). If TCP is being used then there is no need to use SSL_stateless(). However some stream-based transport protocols (e.g. QUIC) may not validate the source address. In this case a TLSv1.3 application would be susceptible to this attack.</p>
+
+<p>As a countermeasure to this issue TLSv1.3 and DTLS include a stateless cookie mechanism. The idea is that when a client attempts to connect to a server it sends a ClientHello message. The server responds with a HelloRetryRequest (in TLSv1.3) or a HelloVerifyRequest (in DTLS) which contains a unique cookie. The client then resends the ClientHello, but this time includes the cookie in the message thus proving that the client is capable of receiving messages sent to that address. All of this can be done by the server without allocating any state, and thus without consuming expensive resources.</p>
+
+<p>OpenSSL implements this capability via the SSL_stateless() and DTLSv1_listen() functions. The <b>ssl</b> parameter should be a newly allocated SSL object with its read and write BIOs set, in the same way as might be done for a call to SSL_accept(). Typically, for DTLS, the read BIO will be in an &quot;unconnected&quot; state and thus capable of receiving messages from any peer.</p>
+
+<p>When a ClientHello is received that contains a cookie that has been verified, then these functions will return with the <b>ssl</b> parameter updated into a state where the handshake can be continued by a call to (for example) SSL_accept(). Additionally, for DTLSv1_listen(), the <b>BIO_ADDR</b> pointed to by <b>peer</b> will be filled in with details of the peer that sent the ClientHello. If the underlying BIO is unable to obtain the <b>BIO_ADDR</b> of the peer (for example because the BIO does not support this), then <b>*peer</b> will be cleared and the family set to AF_UNSPEC. Typically user code is expected to &quot;connect&quot; the underlying socket to the peer and continue the handshake in a connected state.</p>
+
+<p>Prior to calling DTLSv1_listen() user code must ensure that cookie generation and verification callbacks have been set up using SSL_CTX_set_cookie_generate_cb() and SSL_CTX_set_cookie_verify_cb() respectively. For SSL_stateless(), SSL_CTX_set_stateless_cookie_generate_cb() and SSL_CTX_set_stateless_cookie_verify_cb() must be used instead.</p>
+
+<p>Since DTLSv1_listen() operates entirely statelessly whilst processing incoming ClientHellos it is unable to process fragmented messages (since this would require the allocation of state). An implication of this is that DTLSv1_listen() <b>only</b> supports ClientHellos that fit inside a single datagram.</p>
+
+<p>For SSL_stateless() if an entire ClientHello message cannot be read without the &quot;read&quot; BIO becoming empty then the SSL_stateless() call will fail. It is the application&#39;s responsibility to ensure that data read from the &quot;read&quot; BIO during a single SSL_stateless() call is all from the same peer.</p>
+
+<p>SSL_stateless() will fail (with a 0 return value) if some TLS version less than TLSv1.3 is used.</p>
+
+<p>Both SSL_stateless() and DTLSv1_listen() will clear the error queue when they start.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>For SSL_stateless() a return value of 1 indicates success and the <b>ssl</b> object will be set up ready to continue the handshake. A return value of 0 or -1 indicates failure. If the value is 0 then a HelloRetryRequest was sent. A value of -1 indicates any other error. User code may retry the SSL_stateless() call.</p>
+
+<p>For DTLSv1_listen() a return value of &gt;= 1 indicates success. The <b>ssl</b> object will be set up ready to continue the handshake. the <b>peer</b> value will also be filled in.</p>
+
+<p>A return value of 0 indicates a non-fatal error. This could (for example) be because of non-blocking IO, or some invalid message having been received from a peer. Errors may be placed on the OpenSSL error queue with further information if appropriate. Typically user code is expected to retry the call to DTLSv1_listen() in the event of a non-fatal error.</p>
+
+<p>A return value of &lt;0 indicates a fatal error. This could (for example) be because of a failure to allocate sufficient memory for the operation.</p>
+
+<p>For DTLSv1_listen(), prior to OpenSSL 1.1.0, fatal and non-fatal errors both produce return codes &lt;= 0 (in typical implementations user code treats all errors as non-fatal), whilst return codes &gt;0 indicate success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_stateless() function was added in OpenSSL 1.1.1.</p>
+
+<p>The DTLSv1_listen() return codes were clarified in OpenSSL 1.1.0. The type of &quot;peer&quot; also changed in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/SSL_up_ref.html
new file mode 100644
index 000000000..1f1f51b25
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_up_ref.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_dup, SSL_new, SSL_up_ref - create an SSL structure for a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL *SSL_dup(SSL *s);
+ SSL *SSL_new(SSL_CTX *ctx);
+ int SSL_up_ref(SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_new() creates a new <b>SSL</b> structure which is needed to hold the data for a TLS/SSL connection. The new structure inherits the settings of the underlying context <b>ctx</b>: connection method, options, verification settings, timeout settings. An <b>SSL</b> structure is reference counted. Creating an <b>SSL</b> structure for the first time increments the reference count. Freeing it (using SSL_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL</b> structure are freed.</p>
+
+<p>SSL_up_ref() increments the reference count for an existing <b>SSL</b> structure.</p>
+
+<p>SSL_dup() duplicates an existing <b>SSL</b> structure into a new allocated one. All settings are inherited from the original <b>SSL</b> structure. Dynamic data (i.e. existing connection details) are not copied, the new <b>SSL</b> is set into an initial accept (server) or connect (client) state.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL structure failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL-structure">Pointer to an SSL structure</dt>
+<dd>
+
+<p>The return value points to an allocated SSL structure.</p>
+
+<p>SSL_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_free.html">SSL_free(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_get_SSL_CTX.html">SSL_get_SSL_CTX(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey_ASN1.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey_ASN1.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey_ASN1.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey_file.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_PrivateKey_file.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey_ASN1.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey_ASN1.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey_ASN1.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey_file.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey_file.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_cert_and_key.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_cert_and_key.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_cert_and_key.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_ASN1.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_ASN1.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_ASN1.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_chain_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_chain_file.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_chain_file.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_file.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_file.html
new file mode 100644
index 000000000..d096717c0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_certificate_file.html
@@ -0,0 +1,121 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_certificate</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key, SSL_CTX_use_cert_and_key, SSL_use_cert_and_key - load certificate and key data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+ int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+                                 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+ int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+ int SSL_use_cert_and_key(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions load the certificates and private keys into the SSL_CTX or SSL object, respectively.</p>
+
+<p>The SSL_CTX_* class of functions loads the certificates and keys into the SSL_CTX object <b>ctx</b>. The information is passed to SSL objects <b>ssl</b> created from <b>ctx</b> with <a href="../man3/SSL_new.html">SSL_new(3)</a> by copying, so that changes applied to <b>ctx</b> do not propagate to already existing SSL objects.</p>
+
+<p>The SSL_* class of functions only loads certificates and keys into a specific SSL object. The specific information is kept, when <a href="../man3/SSL_clear.html">SSL_clear(3)</a> is called for this SSL object.</p>
+
+<p>SSL_CTX_use_certificate() loads the certificate <b>x</b> into <b>ctx</b>, SSL_use_certificate() loads <b>x</b> into <b>ssl</b>. The rest of the certificates needed to form the complete certificate chain can be specified using the <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a> function.</p>
+
+<p>SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from the memory location <b>d</b> (with length <b>len</b>) into <b>ctx</b>, SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_certificate_file() loads the first certificate stored in <b>file</b> into <b>ctx</b>. The formatting <b>type</b> of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_use_certificate_file() loads the certificate from <b>file</b> into <b>ssl</b>. See the NOTES section on why SSL_CTX_use_certificate_chain_file() should be preferred.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() loads a certificate chain from <b>file</b> into <b>ctx</b>. The certificates must be in PEM format and must be sorted starting with the subject&#39;s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. SSL_use_certificate_chain_file() is similar except it loads the certificate chain into <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey() adds <b>pkey</b> as private key to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey() adds the private key <b>rsa</b> of type RSA to <b>ctx</b>. SSL_use_PrivateKey() adds <b>pkey</b> as private key to <b>ssl</b>; SSL_use_RSAPrivateKey() adds <b>rsa</b> as private key of type RSA to <b>ssl</b>. If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with SSL_use_certificate() or SSL_CTX_use_certificate() before setting the private key with SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().</p>
+
+<p>SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509 certificate <b>x</b>, private key <b>key</b>, and certificate <b>chain</b> onto the corresponding <b>ssl</b> or <b>ctx</b>. The <b>pkey</b> argument must be the private key of the X.509 certificate <b>x</b>. If the <b>override</b> argument is 0, then <b>x</b>, <b>pkey</b> and <b>chain</b> are set only if all were not previously set. If <b>override</b> is non-0, then the certificate, private key and chain certs are always set. If <b>pkey</b> is NULL, then the public key of <b>x</b> is used as the private key. This is intended to be used with hardware (via the ENGINE interface) that stores the private key securely, such that it cannot be accessed by OpenSSL. The reference count of the public key is incremented (twice if there is no private key); it is not copied nor duplicated. This allows all private key validations checks to succeed without an actual private key being assigned via SSL_CTX_use_PrivateKey(), etc.</p>
+
+<p>SSL_CTX_use_PrivateKey_ASN1() adds the private key of type <b>pk</b> stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA stored at memory location <b>d</b> (length <b>len</b>) to <b>ctx</b>. SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private key to <b>ssl</b>.</p>
+
+<p>SSL_CTX_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ctx</b>. The formatting <b>type</b> of the private key must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in <b>file</b> to <b>ctx</b>. SSL_use_PrivateKey_file() adds the first private key found in <b>file</b> to <b>ssl</b>; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to <b>ssl</b>.</p>
+
+<p>SSL_CTX_check_private_key() checks the consistency of a private key with the corresponding certificate loaded into <b>ctx</b>. If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked. SSL_check_private_key() performs the same check for <b>ssl</b>. If no key/certificate was explicitly added for this <b>ssl</b>, the last item added into <b>ctx</b> will be checked.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The internal certificate store of OpenSSL can hold several private key/certificate pairs at a time. The certificate used depends on the cipher selected, see also <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>.</p>
+
+<p>When reading certificates and private keys from file, files of type SSL_FILETYPE_ASN1 (also known as <b>DER</b>, binary encoding) can only contain one certificate or private key, consequently SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting. Files of type SSL_FILETYPE_PEM can contain more than one item.</p>
+
+<p>SSL_CTX_use_certificate_chain_file() adds the first certificate found in the file to the certificate store. The other certificates are added to the store of chain certificates using <a href="../man3/SSL_CTX_add1_chain_cert.html">SSL_CTX_add1_chain_cert(3)</a>. Note: versions of OpenSSL before 1.0.2 only had a single certificate chain store for all certificate types, OpenSSL 1.0.2 and later have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.</p>
+
+<p>If additional certificates are needed to complete the chain during the TLS negotiation, CA certificates are additionally looked up in the locations of trusted CA certificates, see <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>.</p>
+
+<p>The private keys loaded from file can be encrypted. In order to successfully load encrypted keys, a function returning the passphrase must have been supplied, see <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>. (Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.)</p>
+
+<p>All of the functions to set a new certificate will replace any existing certificate of the same type that has already been set. Similarly all of the functions to set a new private key will replace any private key that has already been set. Applications should call <a href="../man3/SSL_CTX_check_private_key.html">SSL_CTX_check_private_key(3)</a> or <a href="../man3/SSL_check_private_key.html">SSL_check_private_key(3)</a> as appropriate after loading a new certificate and private key to confirm that the certificate and key match.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>On success, the functions return 1. Otherwise check out the error stack to find out the reason.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_use_psk_identity_hint.html b/msys2/usr/share/doc/openssl/html/man3/SSL_use_psk_identity_hint.html
new file mode 100644
index 000000000..59a43d097
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_use_psk_identity_hint.html
@@ -0,0 +1,126 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_use_psk_identity_hint</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES1">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_psk_server_cb_func, SSL_psk_find_session_cb_func, SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint, SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback, SSL_CTX_set_psk_find_session_callback, SSL_set_psk_find_session_callback - set PSK identity hint to use</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+                                             const unsigned char *identity,
+                                             size_t identity_len,
+                                             SSL_SESSION **sess);
+
+
+ void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+                                            SSL_psk_find_session_cb_func cb);
+ void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+
+ typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                                const char *identity,
+                                                unsigned char *psk,
+                                                unsigned int max_psk_len);
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+ void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A client application wishing to use TLSv1.3 PSKs should set a callback using either SSL_CTX_set_psk_use_session_callback() or SSL_set_psk_use_session_callback() as appropriate.</p>
+
+<p>The callback function is given a pointer to the SSL connection in <b>ssl</b> and an identity in <b>identity</b> of length <b>identity_len</b>. The callback function should identify an SSL_SESSION object that provides the PSK details and store it in <b>*sess</b>. The SSL_SESSION object should, as a minimum, set the master key, the ciphersuite and the protocol version. See <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a> for details.</p>
+
+<p>It is also possible for the callback to succeed but not supply a PSK. In this case no PSK will be used but the handshake will continue. To do this the callback should return successfully and ensure that <b>*sess</b> is NULL.</p>
+
+<p>Identity hints are not relevant for TLSv1.3. A server application wishing to use PSK ciphersuites for TLSv1.2 and below may call SSL_CTX_use_psk_identity_hint() to set the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for SSL context object <b>ctx</b>. SSL_use_psk_identity_hint() sets the given <b>NUL</b>-terminated PSK identity hint <b>hint</b> for the SSL connection object <b>ssl</b>. If <b>hint</b> is <b>NULL</b> the current hint from <b>ctx</b> or <b>ssl</b> is deleted.</p>
+
+<p>In the case where PSK identity hint is <b>NULL</b>, the server does not send the ServerKeyExchange message to the client.</p>
+
+<p>A server application wishing to use PSKs for TLSv1.2 and below must provide a callback function which is called when the server receives the ClientKeyExchange message from the client. The purpose of the callback function is to validate the received PSK identity and to fetch the pre-shared key used during the connection setup phase. The callback is set using the functions SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback(). The callback function is given the connection in parameter <b>ssl</b>, <b>NUL</b>-terminated PSK identity sent by the client in parameter <b>identity</b>, and a buffer <b>psk</b> of length <b>max_psk_len</b> bytes where the pre-shared key is to be stored.</p>
+
+<p>The callback for use in TLSv1.2 will also work in TLSv1.3 although it is recommended to use SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has been negotiated then OpenSSL will first check to see if a callback has been set via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback() and it will use that in preference. If no such callback is present then it will check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or SSL_set_psk_server_callback() and use that. In this case the handshake digest will default to SHA-256 for any returned PSK.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a> will return true.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p><b>SSL_CTX_use_psk_identity_hint()</b> and <b>SSL_use_psk_identity_hint()</b> return 1 on success, 0 otherwise.</p>
+
+<p>Return values from the TLSv1.2 and below server callback are interpreted as follows:</p>
+
+<dl>
+
+<dt id="pod0">0</dt>
+<dd>
+
+<p>PSK identity was not found. An &quot;unknown_psk_identity&quot; alert message will be sent and the connection setup fails.</p>
+
+</dd>
+<dt id="pod01">&gt;0</dt>
+<dd>
+
+<p>PSK identity was found and the server callback has provided the PSK successfully in parameter <b>psk</b>. Return value is the length of <b>psk</b> in bytes. It is an error to return a value greater than <b>max_psk_len</b>.</p>
+
+<p>If the PSK identity was not found but the callback instructs the protocol to continue anyway, the callback must provide some random data to <b>psk</b> and return the length of the random data, so the connection will fail with decryption_error before it will be finished completely.</p>
+
+</dd>
+</dl>
+
+<p>The <b>SSL_psk_find_session_cb_func</b> callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails.</p>
+
+<h1 id="NOTES1">NOTES</h1>
+
+<p>There are no known security issues with sharing the same PSK between TLSv1.2 (or below) and TLSv1.3. However the RFC has this note of caution:</p>
+
+<p>&quot;While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2.&quot;</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man3/SSL_set_psk_use_session_callback.html">SSL_set_psk_use_session_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>SSL_CTX_set_psk_find_session_callback() and SSL_set_psk_find_session_callback() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_verify_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_verify_cb.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_verify_cb.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_verify_client_post_handshake.html b/msys2/usr/share/doc/openssl/html/man3/SSL_verify_client_post_handshake.html
new file mode 100644
index 000000000..1a70b5fe4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_verify_client_post_handshake.html
@@ -0,0 +1,264 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_verify</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_get_ex_data_X509_STORE_CTX_idx, SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth, SSL_verify_cb, SSL_verify_client_post_handshake, SSL_set_post_handshake_auth, SSL_CTX_set_post_handshake_auth - set peer certificate verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
+ SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+ void SSL_set_post_handshake_auth(SSL *ssl, int val);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_set_verify() sets the verification flags for <b>ctx</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>.</p>
+
+<p>SSL_set_verify() sets the verification flags for <b>ssl</b> to be <b>mode</b> and specifies the <b>verify_callback</b> function to be used. If no callback function shall be specified, the NULL pointer can be used for <b>verify_callback</b>. In this case last <b>verify_callback</b> set specifically for this <b>ssl</b> remains. If no special <b>callback</b> was set before, the default callback for the underlying <b>ctx</b> is used, that was valid at the time <b>ssl</b> was created with <a href="../man3/SSL_new.html">SSL_new(3)</a>. Within the callback function, <b>SSL_get_ex_data_X509_STORE_CTX_idx</b> can be called to get the data index of the current SSL object that is doing the verification.</p>
+
+<p>SSL_CTX_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ctx</b>.</p>
+
+<p>SSL_set_verify_depth() sets the maximum <b>depth</b> for the certificate chain verification that shall be allowed for <b>ssl</b>.</p>
+
+<p>SSL_CTX_set_post_handshake_auth() and SSL_set_post_handshake_auth() enable the Post-Handshake Authentication extension to be added to the ClientHello such that post-handshake authentication can be requested by the server. If <b>val</b> is 0 then the extension is not sent, otherwise it is. By default the extension is not sent. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.</p>
+
+<p>SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given <b>ssl</b> connection. The SSL_VERIFY_PEER flag must be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification of certificates can be controlled by a set of logically or&#39;ed <b>mode</b> flags:</p>
+
+<dl>
+
+<dt id="SSL_VERIFY_NONE">SSL_VERIFY_NONE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request to the client, so the client will not send a certificate.</p>
+
+<p><b>Client mode:</b> if not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked. The result of the certificate verification process can be checked after the TLS/SSL handshake using the <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> function. The handshake will be continued regardless of the verification result.</p>
+
+</dd>
+<dt id="SSL_VERIFY_PEER">SSL_VERIFY_PEER</dt>
+<dd>
+
+<p><b>Server mode:</b> the server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. The behaviour can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and SSL_VERIFY_POST_HANDSHAKE flags.</p>
+
+<p><b>Client mode:</b> the server certificate is verified. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure. If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored.</p>
+
+</dd>
+<dt id="SSL_VERIFY_FAIL_IF_NO_PEER_CERT">SSL_VERIFY_FAIL_IF_NO_PEER_CERT</dt>
+<dd>
+
+<p><b>Server mode:</b> if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a &quot;handshake failure&quot; alert. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_CLIENT_ONCE">SSL_VERIFY_CLIENT_ONCE</dt>
+<dd>
+
+<p><b>Server mode:</b> only request a client certificate once during the connection. Do not ask for a client certificate again during renegotiation or post-authentication if a certificate was requested during the initial handshake. This flag must be used together with SSL_VERIFY_PEER.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+<dt id="SSL_VERIFY_POST_HANDSHAKE">SSL_VERIFY_POST_HANDSHAKE</dt>
+<dd>
+
+<p><b>Server mode:</b> the server will not send a client certificate request during the initial handshake, but will send the request via SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL to be configured for post-handshake peer verification before the handshake occurs. This flag must be used together with SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.</p>
+
+<p><b>Client mode:</b> ignored</p>
+
+</dd>
+</dl>
+
+<p>If the <b>mode</b> is SSL_VERIFY_NONE none of the other flags may be set.</p>
+
+<p>The actual verification procedure is performed either using the built-in verification procedure or using another application provided verification function set with <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>. The following descriptions apply in the case of the built-in procedure. An application provided procedure also has access to the verify depth information and the verify_callback() function, but the way this information is used may be different.</p>
+
+<p>SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set a limit on the number of certificates between the end-entity and trust-anchor certificates. Neither the end-entity nor the trust-anchor certificates count against <b>depth</b>. If the certificate chain needed to reach a trusted issuer is longer than <b>depth+2</b>, X509_V_ERR_CERT_CHAIN_TOO_LONG will be issued. The depth count is &quot;level 0:peer certificate&quot;, &quot;level 1: CA certificate&quot;, &quot;level 2: higher level CA certificate&quot;, and so on. Setting the maximum depth to 2 allows the levels 0, 1, 2 and 3 (0 being the end-entity and 3 the trust-anchor). The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate.</p>
+
+<p>The <b>verify_callback</b> function is used to control the behaviour when the SSL_VERIFY_PEER flag is set. It must be supplied by the application and receives two arguments: <b>preverify_ok</b> indicates, whether the verification of the certificate in question was passed (preverify_ok=1) or not (preverify_ok=0). <b>x509_ctx</b> is a pointer to the complete context used for the certificate chain verification.</p>
+
+<p>The certificate chain is checked starting with the deepest nesting level (the root CA certificate) and worked upward to the peer&#39;s certificate. At each level signatures and issuer attributes are checked. Whenever a verification error is found, the error number is stored in <b>x509_ctx</b> and <b>verify_callback</b> is called with <b>preverify_ok</b>=0. By applying X509_CTX_store_* functions <b>verify_callback</b> can locate the certificate in question and perform additional steps (see EXAMPLES). If no error is found for a certificate, <b>verify_callback</b> is called with <b>preverify_ok</b>=1 before advancing to the next level.</p>
+
+<p>The return value of <b>verify_callback</b> controls the strategy of the further verification process. If <b>verify_callback</b> returns 0, the verification process is immediately stopped with &quot;verification failed&quot; state. If SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and the TLS/SSL handshake is terminated. If <b>verify_callback</b> returns 1, the verification process is continued. If <b>verify_callback</b> always returns 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The calling process can however retrieve the error code of the last verification error using <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> or by maintaining its own error storage managed by <b>verify_callback</b>.</p>
+
+<p>If no <b>verify_callback</b> is specified, the default callback will be used. Its return value is identical to <b>preverify_ok</b>, so that any verification failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set.</p>
+
+<p>After calling SSL_set_post_handshake_auth(), the client will need to add a certificate or certificate callback to its configuration before it can successfully authenticate. This must be called before SSL_connect().</p>
+
+<p>SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication extension. When the client returns a certificate the verify callback will be invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time.</p>
+
+<p>When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, but whether any flags are set. This can lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as required.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The SSL*_set_verify*() functions do not provide diagnostic information.</p>
+
+<p>The SSL_verify_client_post_handshake() function returns 1 if the request succeeded, and 0 if the request failed. The error stack can be examined to determine the failure reason.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>The following code sequence realizes an example <b>verify_callback</b> function that will always continue the TLS/SSL handshake regardless of verification failure, if wished. The callback realizes a verification depth limit with more informational output.</p>
+
+<p>All verification errors are printed; information about the certificate chain is printed on request. The example is realized for a server that does allow but not require client certificates.</p>
+
+<p>The example makes use of the ex_data technique to store application data into/retrieve application data from the SSL structure (see <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>).</p>
+
+<pre><code> ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+     char    buf[256];
+     X509   *err_cert;
+     int     err, depth;
+     SSL    *ssl;
+     mydata_t *mydata;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     /*
+      * Retrieve the pointer to the SSL of the connection currently treated
+      * and the application specific data stored into the SSL object.
+      */
+     ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+     mydata = SSL_get_ex_data(ssl, mydata_index);
+
+     X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+     /*
+      * Catch a too long certificate chain. The depth limit set using
+      * SSL_CTX_set_verify_depth() is by purpose set to &quot;limit+1&quot; so
+      * that whenever the &quot;depth&gt;verify_depth&quot; condition is met, we
+      * have violated the limit and want to log this error condition.
+      * We must do it here, because the CHAIN_TOO_LONG error would not
+      * be found explicitly; only errors introduced by cutting off the
+      * additional certificates would be logged.
+      */
+     if (depth &gt; mydata-&gt;verify_depth) {
+         preverify_ok = 0;
+         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+         X509_STORE_CTX_set_error(ctx, err);
+     }
+     if (!preverify_ok) {
+         printf(&quot;verify error:num=%d:%s:depth=%d:%s\n&quot;, err,
+                X509_verify_cert_error_string(err), depth, buf);
+     } else if (mydata-&gt;verbose_mode) {
+         printf(&quot;depth=%d:%s\n&quot;, depth, buf);
+     }
+
+     /*
+      * At this point, err contains the last verification error. We can use
+      * it for something special
+      */
+     if (!preverify_ok &amp;&amp; (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
+         X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+         printf(&quot;issuer= %s\n&quot;, buf);
+     }
+
+     if (mydata-&gt;always_continue)
+         return 1;
+     else
+         return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, &quot;mydata index&quot;, NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into &quot;mydata&quot; and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &amp;mydata);
+
+ ...
+ SSL_accept(ssl);       /* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl)) {
+     if (SSL_get_verify_result(ssl) == X509_V_OK) {
+         /* The client sent a certificate which verified OK */
+     }
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake() and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_version.html b/msys2/usr/share/doc/openssl/html/man3/SSL_version.html
new file mode 100644
index 000000000..4da1a9eba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_version.html
@@ -0,0 +1,145 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_client_version, SSL_get_version, SSL_is_dtls, SSL_version - get the protocol information of a connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_client_version(const SSL *s);
+
+ const char *SSL_get_version(const SSL *ssl);
+
+ int SSL_is_dtls(const SSL *ssl);
+
+ int SSL_version(const SSL *s);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_client_version() returns the numeric protocol version advertised by the client in the legacy_version field of the ClientHello when initiating the connection. Note that, for TLS, this value will never indicate a version greater than TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version() returns the name of the protocol used for the connection. SSL_version() returns the numeric protocol version used for the connection. They should only be called after the initial handshake has been completed. Prior to that the results returned from these functions may be unreliable.</p>
+
+<p>SSL_is_dtls() returns one if the connection is using DTLS, zero if not.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_get_version() returns one of the following strings:</p>
+
+<dl>
+
+<dt id="SSLv3">SSLv3</dt>
+<dd>
+
+<p>The connection uses the SSLv3 protocol.</p>
+
+</dd>
+<dt id="TLSv1">TLSv1</dt>
+<dd>
+
+<p>The connection uses the TLSv1.0 protocol.</p>
+
+</dd>
+<dt id="TLSv1.1">TLSv1.1</dt>
+<dd>
+
+<p>The connection uses the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1.2">TLSv1.2</dt>
+<dd>
+
+<p>The connection uses the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1.3">TLSv1.3</dt>
+<dd>
+
+<p>The connection uses the TLSv1.3 protocol.</p>
+
+</dd>
+<dt id="unknown">unknown</dt>
+<dd>
+
+<p>This indicates an unknown protocol version.</p>
+
+</dd>
+</dl>
+
+<p>SSL_version() and SSL_client_version() return an integer which could include any of the following:</p>
+
+<dl>
+
+<dt id="SSL3_VERSION">SSL3_VERSION</dt>
+<dd>
+
+<p>The connection uses the SSLv3 protocol.</p>
+
+</dd>
+<dt id="TLS1_VERSION">TLS1_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.0 protocol.</p>
+
+</dd>
+<dt id="TLS1_1_VERSION">TLS1_1_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLS1_2_VERSION">TLS1_2_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLS1_3_VERSION">TLS1_3_VERSION</dt>
+<dd>
+
+<p>The connection uses the TLSv1.3 protocol (never returned for SSL_client_version()).</p>
+
+</dd>
+</dl>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_is_dtls() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_waiting_for_async.html b/msys2/usr/share/doc/openssl/html/man3/SSL_waiting_for_async.html
new file mode 100644
index 000000000..d1d1b3a49
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_waiting_for_async.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_get_all_async_fds</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_waiting_for_async, SSL_get_all_async_fds, SSL_get_changed_async_fds - manage asynchronous operations</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/async.h&gt;
+ #include &lt;openssl/ssl.h&gt;
+
+ int SSL_waiting_for_async(SSL *s);
+ int SSL_get_all_async_fds(SSL *s, OSSL_ASYNC_FD *fd, size_t *numfds);
+ int SSL_get_changed_async_fds(SSL *s, OSSL_ASYNC_FD *addfd, size_t *numaddfds,
+                               OSSL_ASYNC_FD *delfd, size_t *numdelfds);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_waiting_for_async() determines whether an SSL connection is currently waiting for asynchronous operations to complete (see the SSL_MODE_ASYNC mode in <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>).</p>
+
+<p>SSL_get_all_async_fds() returns a list of file descriptor which can be used in a call to select() or poll() to determine whether the current asynchronous operation has completed or not. A completed operation will result in data appearing as &quot;read ready&quot; on the file descriptor (no actual data should be read from the file descriptor). This function should only be called if the SSL object is currently waiting for asynchronous work to complete (i.e. SSL_ERROR_WANT_ASYNC has been received - see <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>). Typically the list will only contain one file descriptor. However if multiple asynchronous capable engines are in use then more than one is possible. The number of file descriptors returned is stored in <b>*numfds</b> and the file descriptors themselves are in <b>*fds</b>. The <b>fds</b> parameter may be NULL in which case no file descriptors are returned but <b>*numfds</b> is still populated. It is the callers responsibility to ensure sufficient memory is allocated at <b>*fds</b> so typically this function is called twice (once with a NULL <b>fds</b> parameter and once without).</p>
+
+<p>SSL_get_changed_async_fds() returns a list of the asynchronous file descriptors that have been added and a list that have been deleted since the last SSL_ERROR_WANT_ASYNC was received (or since the SSL object was created if no SSL_ERROR_WANT_ASYNC has been received). Similar to SSL_get_all_async_fds() it is the callers responsibility to ensure that <b>*addfd</b> and <b>*delfd</b> have sufficient memory allocated, although they may be NULL. The number of added fds and the number of deleted fds are stored in <b>*numaddfds</b> and <b>*numdelfds</b> respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_waiting_for_async() will return 1 if the current SSL operation is waiting for an async operation to complete and 0 otherwise.</p>
+
+<p>SSL_get_all_async_fds() and SSL_get_changed_async_fds() return 1 on success or 0 on error.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>On Windows platforms the openssl/async.h header is dependent on some of the types customarily made available by including windows.h. The application developer is likely to require control over when the latter is included, commonly as one of the first included headers. Therefore it is defined as an application developer&#39;s responsibility to include windows.h prior to async.h.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_waiting_for_async(), SSL_get_all_async_fds() and SSL_get_changed_async_fds() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_want.html b/msys2/usr/share/doc/openssl/html/man3/SSL_want.html
new file mode 100644
index 000000000..8f9c16cd3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_want.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_want</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup, SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state information TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+ int SSL_want_async(const SSL *ssl);
+ int SSL_want_async_job(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_want() returns state information for the SSL object <b>ssl</b>.</p>
+
+<p>The other SSL_want_*() calls are shortcuts for the possible states returned by SSL_want().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_want() examines the internal state information of the SSL object. Its return values are similar to that of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>. Unlike <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, which also evaluates the error queue, the results are obtained by examining an internal state flag only. The information must therefore only be used for normal operation under non-blocking I/O. Error conditions are not handled and must be treated using <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<p>The result returned by SSL_want() should always be consistent with the result of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur for SSL_want():</p>
+
+<dl>
+
+<dt id="SSL_NOTHING">SSL_NOTHING</dt>
+<dd>
+
+<p>There is no data to be written or to be read.</p>
+
+</dd>
+<dt id="SSL_WRITING">SSL_WRITING</dt>
+<dd>
+
+<p>There are data in the SSL buffer that must be written to the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_WRITE.</p>
+
+</dd>
+<dt id="SSL_READING">SSL_READING</dt>
+<dd>
+
+<p>More data must be read from the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_READ.</p>
+
+</dd>
+<dt id="SSL_X509_LOOKUP">SSL_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_X509_LOOKUP.</p>
+
+</dd>
+<dt id="SSL_ASYNC_PAUSED">SSL_ASYNC_PAUSED</dt>
+<dd>
+
+<p>An asynchronous operation partially completed and was then paused. See <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a>. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC.</p>
+
+</dd>
+<dt id="SSL_ASYNC_NO_JOBS">SSL_ASYNC_NO_JOBS</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC_JOB.</p>
+
+</dd>
+<dt id="SSL_CLIENT_HELLO_CB">SSL_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_CLIENT_HELLO_CB.</p>
+
+</dd>
+</dl>
+
+<p>SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(), SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return 1, when the corresponding condition is true or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_want_client_hello_cb() function and the SSL_CLIENT_HELLO_CB return value were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_want_async.html b/msys2/usr/share/doc/openssl/html/man3/SSL_want_async.html
new file mode 100644
index 000000000..8f9c16cd3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_want_async.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_want</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup, SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state information TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+ int SSL_want_async(const SSL *ssl);
+ int SSL_want_async_job(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_want() returns state information for the SSL object <b>ssl</b>.</p>
+
+<p>The other SSL_want_*() calls are shortcuts for the possible states returned by SSL_want().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_want() examines the internal state information of the SSL object. Its return values are similar to that of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>. Unlike <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, which also evaluates the error queue, the results are obtained by examining an internal state flag only. The information must therefore only be used for normal operation under non-blocking I/O. Error conditions are not handled and must be treated using <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<p>The result returned by SSL_want() should always be consistent with the result of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur for SSL_want():</p>
+
+<dl>
+
+<dt id="SSL_NOTHING">SSL_NOTHING</dt>
+<dd>
+
+<p>There is no data to be written or to be read.</p>
+
+</dd>
+<dt id="SSL_WRITING">SSL_WRITING</dt>
+<dd>
+
+<p>There are data in the SSL buffer that must be written to the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_WRITE.</p>
+
+</dd>
+<dt id="SSL_READING">SSL_READING</dt>
+<dd>
+
+<p>More data must be read from the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_READ.</p>
+
+</dd>
+<dt id="SSL_X509_LOOKUP">SSL_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_X509_LOOKUP.</p>
+
+</dd>
+<dt id="SSL_ASYNC_PAUSED">SSL_ASYNC_PAUSED</dt>
+<dd>
+
+<p>An asynchronous operation partially completed and was then paused. See <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a>. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC.</p>
+
+</dd>
+<dt id="SSL_ASYNC_NO_JOBS">SSL_ASYNC_NO_JOBS</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC_JOB.</p>
+
+</dd>
+<dt id="SSL_CLIENT_HELLO_CB">SSL_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_CLIENT_HELLO_CB.</p>
+
+</dd>
+</dl>
+
+<p>SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(), SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return 1, when the corresponding condition is true or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_want_client_hello_cb() function and the SSL_CLIENT_HELLO_CB return value were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_want_async_job.html b/msys2/usr/share/doc/openssl/html/man3/SSL_want_async_job.html
new file mode 100644
index 000000000..8f9c16cd3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_want_async_job.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_want</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup, SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state information TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+ int SSL_want_async(const SSL *ssl);
+ int SSL_want_async_job(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_want() returns state information for the SSL object <b>ssl</b>.</p>
+
+<p>The other SSL_want_*() calls are shortcuts for the possible states returned by SSL_want().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_want() examines the internal state information of the SSL object. Its return values are similar to that of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>. Unlike <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, which also evaluates the error queue, the results are obtained by examining an internal state flag only. The information must therefore only be used for normal operation under non-blocking I/O. Error conditions are not handled and must be treated using <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<p>The result returned by SSL_want() should always be consistent with the result of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur for SSL_want():</p>
+
+<dl>
+
+<dt id="SSL_NOTHING">SSL_NOTHING</dt>
+<dd>
+
+<p>There is no data to be written or to be read.</p>
+
+</dd>
+<dt id="SSL_WRITING">SSL_WRITING</dt>
+<dd>
+
+<p>There are data in the SSL buffer that must be written to the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_WRITE.</p>
+
+</dd>
+<dt id="SSL_READING">SSL_READING</dt>
+<dd>
+
+<p>More data must be read from the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_READ.</p>
+
+</dd>
+<dt id="SSL_X509_LOOKUP">SSL_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_X509_LOOKUP.</p>
+
+</dd>
+<dt id="SSL_ASYNC_PAUSED">SSL_ASYNC_PAUSED</dt>
+<dd>
+
+<p>An asynchronous operation partially completed and was then paused. See <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a>. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC.</p>
+
+</dd>
+<dt id="SSL_ASYNC_NO_JOBS">SSL_ASYNC_NO_JOBS</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC_JOB.</p>
+
+</dd>
+<dt id="SSL_CLIENT_HELLO_CB">SSL_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_CLIENT_HELLO_CB.</p>
+
+</dd>
+</dl>
+
+<p>SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(), SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return 1, when the corresponding condition is true or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_want_client_hello_cb() function and the SSL_CLIENT_HELLO_CB return value were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_want_client_hello_cb.html b/msys2/usr/share/doc/openssl/html/man3/SSL_want_client_hello_cb.html
new file mode 100644
index 000000000..8f9c16cd3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_want_client_hello_cb.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_want</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup, SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state information TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+ int SSL_want_async(const SSL *ssl);
+ int SSL_want_async_job(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_want() returns state information for the SSL object <b>ssl</b>.</p>
+
+<p>The other SSL_want_*() calls are shortcuts for the possible states returned by SSL_want().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_want() examines the internal state information of the SSL object. Its return values are similar to that of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>. Unlike <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, which also evaluates the error queue, the results are obtained by examining an internal state flag only. The information must therefore only be used for normal operation under non-blocking I/O. Error conditions are not handled and must be treated using <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<p>The result returned by SSL_want() should always be consistent with the result of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur for SSL_want():</p>
+
+<dl>
+
+<dt id="SSL_NOTHING">SSL_NOTHING</dt>
+<dd>
+
+<p>There is no data to be written or to be read.</p>
+
+</dd>
+<dt id="SSL_WRITING">SSL_WRITING</dt>
+<dd>
+
+<p>There are data in the SSL buffer that must be written to the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_WRITE.</p>
+
+</dd>
+<dt id="SSL_READING">SSL_READING</dt>
+<dd>
+
+<p>More data must be read from the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_READ.</p>
+
+</dd>
+<dt id="SSL_X509_LOOKUP">SSL_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_X509_LOOKUP.</p>
+
+</dd>
+<dt id="SSL_ASYNC_PAUSED">SSL_ASYNC_PAUSED</dt>
+<dd>
+
+<p>An asynchronous operation partially completed and was then paused. See <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a>. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC.</p>
+
+</dd>
+<dt id="SSL_ASYNC_NO_JOBS">SSL_ASYNC_NO_JOBS</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC_JOB.</p>
+
+</dd>
+<dt id="SSL_CLIENT_HELLO_CB">SSL_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_CLIENT_HELLO_CB.</p>
+
+</dd>
+</dl>
+
+<p>SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(), SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return 1, when the corresponding condition is true or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_want_client_hello_cb() function and the SSL_CLIENT_HELLO_CB return value were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_want_nothing.html b/msys2/usr/share/doc/openssl/html/man3/SSL_want_nothing.html
new file mode 100644
index 000000000..8f9c16cd3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_want_nothing.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_want</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup, SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state information TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+ int SSL_want_async(const SSL *ssl);
+ int SSL_want_async_job(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_want() returns state information for the SSL object <b>ssl</b>.</p>
+
+<p>The other SSL_want_*() calls are shortcuts for the possible states returned by SSL_want().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_want() examines the internal state information of the SSL object. Its return values are similar to that of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>. Unlike <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, which also evaluates the error queue, the results are obtained by examining an internal state flag only. The information must therefore only be used for normal operation under non-blocking I/O. Error conditions are not handled and must be treated using <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<p>The result returned by SSL_want() should always be consistent with the result of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur for SSL_want():</p>
+
+<dl>
+
+<dt id="SSL_NOTHING">SSL_NOTHING</dt>
+<dd>
+
+<p>There is no data to be written or to be read.</p>
+
+</dd>
+<dt id="SSL_WRITING">SSL_WRITING</dt>
+<dd>
+
+<p>There are data in the SSL buffer that must be written to the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_WRITE.</p>
+
+</dd>
+<dt id="SSL_READING">SSL_READING</dt>
+<dd>
+
+<p>More data must be read from the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_READ.</p>
+
+</dd>
+<dt id="SSL_X509_LOOKUP">SSL_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_X509_LOOKUP.</p>
+
+</dd>
+<dt id="SSL_ASYNC_PAUSED">SSL_ASYNC_PAUSED</dt>
+<dd>
+
+<p>An asynchronous operation partially completed and was then paused. See <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a>. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC.</p>
+
+</dd>
+<dt id="SSL_ASYNC_NO_JOBS">SSL_ASYNC_NO_JOBS</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC_JOB.</p>
+
+</dd>
+<dt id="SSL_CLIENT_HELLO_CB">SSL_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_CLIENT_HELLO_CB.</p>
+
+</dd>
+</dl>
+
+<p>SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(), SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return 1, when the corresponding condition is true or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_want_client_hello_cb() function and the SSL_CLIENT_HELLO_CB return value were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_want_read.html b/msys2/usr/share/doc/openssl/html/man3/SSL_want_read.html
new file mode 100644
index 000000000..8f9c16cd3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_want_read.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_want</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup, SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state information TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+ int SSL_want_async(const SSL *ssl);
+ int SSL_want_async_job(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_want() returns state information for the SSL object <b>ssl</b>.</p>
+
+<p>The other SSL_want_*() calls are shortcuts for the possible states returned by SSL_want().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_want() examines the internal state information of the SSL object. Its return values are similar to that of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>. Unlike <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, which also evaluates the error queue, the results are obtained by examining an internal state flag only. The information must therefore only be used for normal operation under non-blocking I/O. Error conditions are not handled and must be treated using <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<p>The result returned by SSL_want() should always be consistent with the result of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur for SSL_want():</p>
+
+<dl>
+
+<dt id="SSL_NOTHING">SSL_NOTHING</dt>
+<dd>
+
+<p>There is no data to be written or to be read.</p>
+
+</dd>
+<dt id="SSL_WRITING">SSL_WRITING</dt>
+<dd>
+
+<p>There are data in the SSL buffer that must be written to the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_WRITE.</p>
+
+</dd>
+<dt id="SSL_READING">SSL_READING</dt>
+<dd>
+
+<p>More data must be read from the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_READ.</p>
+
+</dd>
+<dt id="SSL_X509_LOOKUP">SSL_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_X509_LOOKUP.</p>
+
+</dd>
+<dt id="SSL_ASYNC_PAUSED">SSL_ASYNC_PAUSED</dt>
+<dd>
+
+<p>An asynchronous operation partially completed and was then paused. See <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a>. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC.</p>
+
+</dd>
+<dt id="SSL_ASYNC_NO_JOBS">SSL_ASYNC_NO_JOBS</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC_JOB.</p>
+
+</dd>
+<dt id="SSL_CLIENT_HELLO_CB">SSL_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_CLIENT_HELLO_CB.</p>
+
+</dd>
+</dl>
+
+<p>SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(), SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return 1, when the corresponding condition is true or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_want_client_hello_cb() function and the SSL_CLIENT_HELLO_CB return value were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_want_write.html b/msys2/usr/share/doc/openssl/html/man3/SSL_want_write.html
new file mode 100644
index 000000000..8f9c16cd3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_want_write.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_want</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup, SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state information TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+ int SSL_want_async(const SSL *ssl);
+ int SSL_want_async_job(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_want() returns state information for the SSL object <b>ssl</b>.</p>
+
+<p>The other SSL_want_*() calls are shortcuts for the possible states returned by SSL_want().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_want() examines the internal state information of the SSL object. Its return values are similar to that of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>. Unlike <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, which also evaluates the error queue, the results are obtained by examining an internal state flag only. The information must therefore only be used for normal operation under non-blocking I/O. Error conditions are not handled and must be treated using <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<p>The result returned by SSL_want() should always be consistent with the result of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur for SSL_want():</p>
+
+<dl>
+
+<dt id="SSL_NOTHING">SSL_NOTHING</dt>
+<dd>
+
+<p>There is no data to be written or to be read.</p>
+
+</dd>
+<dt id="SSL_WRITING">SSL_WRITING</dt>
+<dd>
+
+<p>There are data in the SSL buffer that must be written to the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_WRITE.</p>
+
+</dd>
+<dt id="SSL_READING">SSL_READING</dt>
+<dd>
+
+<p>More data must be read from the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_READ.</p>
+
+</dd>
+<dt id="SSL_X509_LOOKUP">SSL_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_X509_LOOKUP.</p>
+
+</dd>
+<dt id="SSL_ASYNC_PAUSED">SSL_ASYNC_PAUSED</dt>
+<dd>
+
+<p>An asynchronous operation partially completed and was then paused. See <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a>. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC.</p>
+
+</dd>
+<dt id="SSL_ASYNC_NO_JOBS">SSL_ASYNC_NO_JOBS</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC_JOB.</p>
+
+</dd>
+<dt id="SSL_CLIENT_HELLO_CB">SSL_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_CLIENT_HELLO_CB.</p>
+
+</dd>
+</dl>
+
+<p>SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(), SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return 1, when the corresponding condition is true or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_want_client_hello_cb() function and the SSL_CLIENT_HELLO_CB return value were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_want_x509_lookup.html b/msys2/usr/share/doc/openssl/html/man3/SSL_want_x509_lookup.html
new file mode 100644
index 000000000..8f9c16cd3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_want_x509_lookup.html
@@ -0,0 +1,125 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_want</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup, SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state information TLS/SSL I/O operation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+ int SSL_want_async(const SSL *ssl);
+ int SSL_want_async_job(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_want() returns state information for the SSL object <b>ssl</b>.</p>
+
+<p>The other SSL_want_*() calls are shortcuts for the possible states returned by SSL_want().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>SSL_want() examines the internal state information of the SSL object. Its return values are similar to that of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>. Unlike <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, which also evaluates the error queue, the results are obtained by examining an internal state flag only. The information must therefore only be used for normal operation under non-blocking I/O. Error conditions are not handled and must be treated using <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<p>The result returned by SSL_want() should always be consistent with the result of <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can currently occur for SSL_want():</p>
+
+<dl>
+
+<dt id="SSL_NOTHING">SSL_NOTHING</dt>
+<dd>
+
+<p>There is no data to be written or to be read.</p>
+
+</dd>
+<dt id="SSL_WRITING">SSL_WRITING</dt>
+<dd>
+
+<p>There are data in the SSL buffer that must be written to the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_WRITE.</p>
+
+</dd>
+<dt id="SSL_READING">SSL_READING</dt>
+<dd>
+
+<p>More data must be read from the underlying <b>BIO</b> layer in order to complete the actual SSL_*() operation. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_READ.</p>
+
+</dd>
+<dt id="SSL_X509_LOOKUP">SSL_X509_LOOKUP</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_X509_LOOKUP.</p>
+
+</dd>
+<dt id="SSL_ASYNC_PAUSED">SSL_ASYNC_PAUSED</dt>
+<dd>
+
+<p>An asynchronous operation partially completed and was then paused. See <a href="../man3/SSL_get_all_async_fds.html">SSL_get_all_async_fds(3)</a>. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC.</p>
+
+</dd>
+<dt id="SSL_ASYNC_NO_JOBS">SSL_ASYNC_NO_JOBS</dt>
+<dd>
+
+<p>The asynchronous job could not be started because there were no async jobs available in the pool (see ASYNC_init_thread(3)). A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_ASYNC_JOB.</p>
+
+</dd>
+<dt id="SSL_CLIENT_HELLO_CB">SSL_CLIENT_HELLO_CB</dt>
+<dd>
+
+<p>The operation did not complete because an application callback set by SSL_CTX_set_client_hello_cb() has asked to be called again. A call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> should return SSL_ERROR_WANT_CLIENT_HELLO_CB.</p>
+
+</dd>
+</dl>
+
+<p>SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(), SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return 1, when the corresponding condition is true or 0 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_want_client_hello_cb() function and the SSL_CLIENT_HELLO_CB return value were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_write.html b/msys2/usr/share/doc/openssl/html/man3/SSL_write.html
new file mode 100644
index 000000000..307199d4e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_write.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_write</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_write_ex, SSL_write - write bytes to a TLS/SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written);
+ int SSL_write(SSL *ssl, const void *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_write_ex() and SSL_write() write <b>num</b> bytes from the buffer <b>buf</b> into the specified <b>ssl</b> connection. On success SSL_write_ex() will store the number of bytes written in <b>*written</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In the paragraphs below a &quot;write function&quot; is defined as one of either SSL_write_ex(), or SSL_write().</p>
+
+<p>If necessary, a write function will negotiate a TLS/SSL session, if not already explicitly performed by <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. If the peer requests a re-negotiation, it will be performed transparently during the write function operation. The behaviour of the write functions depends on the underlying BIO.</p>
+
+<p>For the transparent negotiation to succeed, the <b>ssl</b> must have been initialized to client or server mode. This is being done by calling <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a> or SSL_set_accept_state() before the first call to a write function.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, the write functions will only return, once the write operation has been finished or an error occurred.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b> the write functions will also return when the underlying BIO could not satisfy the needs of the function to continue the operation. In this case a call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value of the write function will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. As at any time a re-negotiation is possible, a call to a write function can also cause read operations! The calling process then must repeat the call after taking appropriate action to satisfy the needs of the write function. The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<p>The write functions will only return with success when the complete contents of <b>buf</b> of length <b>num</b> has been written. This default behaviour can be changed with the SSL_MODE_ENABLE_PARTIAL_WRITE option of <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>. When this flag is set the write functions will also return with success when a partial write has been successfully completed. In this case the write function operation is considered completed. The bytes are sent and a new write call with a new buffer (with the already sent bytes removed) must be started. A partial write is performed with the size of a message block, which is 16kB.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>When a write function call has to be repeated because <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> returned <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>, it must be repeated with the same arguments. The data that was passed might have been partially processed. When <b>SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</b> was set using <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> the pointer can be different, but the data and length should still be the same.</p>
+
+<p>You should not call SSL_write() with num=0, it will return an error. SSL_write_ex() can be called with num=0, but will not send application data to the peer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_ex() will return 1 for success or 0 for failure. Success means that all requested application data bytes have been written to the SSL connection or, if SSL_MODE_ENABLE_PARTIAL_WRITE is in use, at least 1 application data byte has been written to the SSL connection. Failure means that not all the requested bytes have been written yet (if SSL_MODE_ENABLE_PARTIAL_WRITE is not in use) or no bytes could be written to the SSL connection (if SSL_MODE_ENABLE_PARTIAL_WRITE is in use). Failures can be retryable (e.g. the network write buffer has temporarily filled up) or non-retryable (e.g. a fatal network error). In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to find out the reason which indicates whether the call is retryable or not.</p>
+
+<p>For SSL_write() the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">&gt; 0</dt>
+<dd>
+
+<p>The write operation was successful, the return value is the number of bytes actually written to the TLS/SSL connection.</p>
+
+</dd>
+<dt id="pod-0">&lt;= 0</dt>
+<dd>
+
+<p>The write operation was not successful, because either the connection was closed, an error occurred or action must be taken by the calling process. Call SSL_get_error() with the return value <b>ret</b> to find out the reason.</p>
+
+<p>Old documentation indicated a difference between 0 and -1, and that -1 was retryable. You should instead call SSL_get_error() to find out if it&#39;s retryable.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_write_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a> <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a> <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_write_early_data.html b/msys2/usr/share/doc/openssl/html/man3/SSL_write_early_data.html
new file mode 100644
index 000000000..5b28c01bd
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_write_early_data.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_read_early_data</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#REPLAY-PROTECTION">REPLAY PROTECTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_set_max_early_data, SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_set_recv_max_early_data, SSL_CTX_set_recv_max_early_data, SSL_get_recv_max_early_data, SSL_CTX_get_recv_max_early_data, SSL_SESSION_get_max_early_data, SSL_SESSION_set_max_early_data, SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status, SSL_allow_early_data_cb_fn, SSL_CTX_set_allow_early_data_cb, SSL_set_allow_early_data_cb - functions for sending and receiving early data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+ uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+ uint32_t SSL_get_max_early_data(const SSL *s);
+
+ int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+ uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+ int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+ uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+ uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+ int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data);
+
+ int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written);
+
+ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes);
+
+ int SSL_get_early_data_status(const SSL *s);
+
+
+ typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+
+ void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+                                      SSL_allow_early_data_cb_fn cb,
+                                      void *arg);
+ void SSL_set_allow_early_data_cb(SSL *s,
+                                  SSL_allow_early_data_cb_fn cb,
+                                  void *arg);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are used to send and receive early data where TLSv1.3 has been negotiated. Early data can be sent by the client immediately after its initial ClientHello without having to wait for the server to complete the handshake. Early data can only be sent if a session has previously been established with the server, and the server is known to support it. Additionally these functions can be used to send data from the server to the client when the client has not yet completed the authentication stage of the handshake.</p>
+
+<p>Early data has weaker security properties than other data sent over an SSL/TLS connection. In particular the data does not have forward secrecy. There are also additional considerations around replay attacks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below). For these reasons extreme care should be exercised when using early data. For specific details, consult the TLS 1.3 specification.</p>
+
+<p>When a server receives early data it may opt to immediately respond by sending application data back to the client. Data sent by the server at this stage is done before the full handshake has been completed. Specifically the client&#39;s authentication messages have not yet been received, i.e. the client is unauthenticated at this point and care should be taken when using this capability.</p>
+
+<p>A server or client can determine whether the full handshake has been completed or not by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>.</p>
+
+<p>On the client side, the function SSL_SESSION_get_max_early_data() can be used to determine if a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent.</p>
+
+<p>The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when creating a PSK session file (see <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>). If using a ticket based PSK then this is set automatically to the value provided by the server.</p>
+
+<p>A client uses the function SSL_write_early_data() to send early data. This function is similar to the <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> function, but with the following differences. See <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page describes the differences between SSL_write_early_data() and <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When called by a client, SSL_write_early_data() must be the first IO function called on a new connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call has completed successfully the client may interleave calls to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> and <a href="../man3/SSL_read.html">SSL_read(3)</a> with calls to SSL_write_early_data() as required.</p>
+
+<p>If SSL_write_early_data() fails you should call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action, as for <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>.</p>
+
+<p>When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard write function such as <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, which will transparently complete the connection and write the requested data.</p>
+
+<p>A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or rejected the early data by calling SSL_get_early_data_status(). This will return SSL_EARLY_DATA_ACCEPTED if the data was accepted, SSL_EARLY_DATA_REJECTED if it was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server.</p>
+
+<p>A server uses the SSL_read_early_data() function to receive early data on a connection for which early data has been enabled using SSL_CTX_set_max_early_data() or SSL_set_max_early_data(). As for SSL_write_early_data(), this must be the first IO function called on a connection, i.e. it must occur before any calls to <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, or other similar functions.</p>
+
+<p>SSL_read_early_data() is similar to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> with the following differences. Refer to <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a> for full details.</p>
+
+<p>SSL_read_early_data() may return 3 possible values:</p>
+
+<dl>
+
+<dt id="SSL_READ_EARLY_DATA_ERROR">SSL_READ_EARLY_DATA_ERROR</dt>
+<dd>
+
+<p>This indicates an IO or some other error occurred. This should be treated in the same way as a 0 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_SUCCESS">SSL_READ_EARLY_DATA_SUCCESS</dt>
+<dd>
+
+<p>This indicates that early data was successfully read. This should be treated in the same way as a 1 return value from <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>. You should continue to call SSL_read_early_data() to read more data.</p>
+
+</dd>
+<dt id="SSL_READ_EARLY_DATA_FINISH">SSL_READ_EARLY_DATA_FINISH</dt>
+<dd>
+
+<p>This indicates that no more early data can be read. It may be returned on the first call to SSL_read_early_data() if the client has not sent any early data, or if the early data was rejected.</p>
+
+</dd>
+</dl>
+
+<p>Once the initial SSL_read_early_data() call has completed successfully (i.e. it has returned SSL_READ_EARLY_DATA_SUCCESS or SSL_READ_EARLY_DATA_FINISH) then the server may choose to write data immediately to the unauthenticated client using SSL_write_early_data(). If SSL_read_early_data() returned SSL_READ_EARLY_DATA_FINISH then in some situations (e.g. if the client only supports TLSv1.2) the handshake may have already been completed and calls to SSL_write_early_data() are not allowed. Call <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a> to determine whether the handshake has completed or not. If the handshake is still in progress then the server may interleave calls to SSL_write_early_data() with calls to SSL_read_early_data() as required.</p>
+
+<p>Servers must not call <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> or <a href="../man3/SSL_write.html">SSL_write(3)</a> until SSL_read_early_data() has returned with SSL_READ_EARLY_DATA_FINISH. Once it has done so the connection to the client still needs to be completed. Complete the connection by calling a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>. Alternatively you can call a standard read function such as <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, which will transparently complete the connection and read the requested data. Note that it is an error to attempt to complete the connection before SSL_read_early_data() has returned SSL_READ_EARLY_DATA_FINISH.</p>
+
+<p>Only servers may call SSL_read_early_data().</p>
+
+<p>Calls to SSL_read_early_data() may, in certain circumstances, complete the connection immediately without further need to call a function such as <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. This can happen if the client is using a protocol version less than TLSv1.3. Applications can test for this by calling <a href="../man3/SSL_is_init_finished.html">SSL_is_init_finished(3)</a>. Alternatively, applications may choose to call <a href="../man3/SSL_accept.html">SSL_accept(3)</a> anyway. Such a call will successfully return immediately with no further action taken.</p>
+
+<p>When a session is created between a server and a client the server will specify the maximum amount of any early data that it will accept on any future connection attempt. By default the server does not accept early data; a server may indicate support for early data by calling SSL_CTX_set_max_early_data() or SSL_set_max_early_data() to set it for the whole SSL_CTX or an individual SSL object respectively. The <b>max_early_data</b> parameter specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Similarly the SSL_CTX_get_max_early_data() and SSL_get_max_early_data() functions can be used to obtain the current maximum early data settings for the SSL_CTX and SSL objects respectively. Generally a server application will either use both of SSL_read_early_data() and SSL_CTX_set_max_early_data() (or SSL_set_max_early_data()), or neither of them, since there is no practical benefit from using only one of them. If the maximum early data setting for a server is non-zero then replay protection is automatically enabled (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below).</p>
+
+<p>If the server rejects the early data sent by a client then it will skip over the data that is sent. The maximum amount of received early data that is skipped is controlled by the recv_max_early_data setting. If a client sends more than this then the connection will abort. This value can be set by calling SSL_CTX_set_recv_max_early_data() or SSL_set_recv_max_early_data(). The current value for this setting can be obtained by calling SSL_CTX_get_recv_max_early_data() or SSL_get_recv_max_early_data(). The default value for this setting is 16,384 bytes.</p>
+
+<p>The recv_max_early_data value also has an impact on early data that is accepted. The amount of data that is accepted will always be the lower of the max_early_data for the session and the recv_max_early_data setting for the server. If a client sends more data than this then the connection will abort.</p>
+
+<p>The configured value for max_early_data on a server may change over time as required. However clients may have tickets containing the previously configured max_early_data value. The recv_max_early_data should always be equal to or higher than any recently configured max_early_data value in order to avoid aborted connections. The recv_max_early_data should never be set to less than the current configured max_early_data value.</p>
+
+<p>Some server applications may wish to have more control over whether early data is accepted or not, for example to mitigate replay risks (see <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below) or to decline early_data when the server is heavily loaded. The functions SSL_CTX_set_allow_early_data_cb() and SSL_set_allow_early_data_cb() set a callback which is called at a point in the handshake immediately before a decision is made to accept or reject early data. The callback is provided with a pointer to the user data argument that was provided when the callback was first set. Returning 1 from the callback will allow early data and returning 0 will reject it. Note that the OpenSSL library may reject early data for other reasons in which case this callback will not get called. Notably, the built-in replay protection feature will still be used even if a callback is present unless it has been explicitly disabled using the SSL_OP_NO_ANTI_REPLAY option. See <a href="#REPLAY-PROTECTION">&quot;REPLAY PROTECTION&quot;</a> below.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The whole purpose of early data is to enable a client to start sending data to the server before a full round trip of network traffic has occurred. Application developers should ensure they consider optimisation of the underlying TCP socket to obtain a performant solution. For example Nagle&#39;s algorithm is commonly used by operating systems in an attempt to avoid lots of small TCP packets. In many scenarios this is beneficial for performance, but it does not work well with the early data solution as implemented in OpenSSL. In Nagle&#39;s algorithm the OS will buffer outgoing TCP data if a TCP packet has already been sent which we have not yet received an ACK for from the peer. The buffered data will only be transmitted if enough data to fill an entire TCP packet is accumulated, or if the ACK is received from the peer. The initial ClientHello will be sent in the first TCP packet along with any data from the first call to SSL_write_early_data(). If the amount of data written will exceed the size of a single TCP packet, or if there are more calls to SSL_write_early_data() then that additional data will be sent in subsequent TCP packets which will be buffered by the OS and not sent until an ACK is received for the first packet containing the ClientHello. This means the early data is not actually sent until a complete round trip with the server has occurred which defeats the objective of early data.</p>
+
+<p>In many operating systems the TCP_NODELAY socket option is available to disable Nagle&#39;s algorithm. If an application opts to disable Nagle&#39;s algorithm consideration should be given to turning it back on again after the handshake is complete if appropriate.</p>
+
+<p>In rare circumstances, it may be possible for a client to have a session that reports a max early data value greater than 0, but where the server does not support this. For example, this can occur if a server has had its configuration changed to accept a lower max early data value such as by calling SSL_CTX_set_recv_max_early_data(). Another example is if a server used to support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such a server will cause the connection to abort. Clients that encounter an aborted connection while sending early data may want to retry the connection without sending early data as this does not happen automatically. A client will have to establish a new transport layer connection to the server and attempt the SSL/TLS connection again but without sending early data. Note that it is inadvisable to retry with a lower maximum protocol version.</p>
+
+<h1 id="REPLAY-PROTECTION">REPLAY PROTECTION</h1>
+
+<p>When early data is in use the TLS protocol provides no security guarantees that the same early data was not replayed across multiple connections. As a mitigation for this issue OpenSSL automatically enables replay protection if the server is configured with a non-zero max early data value. With replay protection enabled sessions are forced to be single use only. If a client attempts to reuse a session ticket more than once, then the second and subsequent attempts will fall back to a full handshake (and any early data that was submitted will be ignored). Note that single use tickets are enforced even if a client does not send any early data.</p>
+
+<p>The replay protection mechanism relies on the internal OpenSSL server session cache (see <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>). When replay protection is being used the server will operate as if the SSL_OP_NO_TICKET option had been selected (see <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>). Sessions will be added to the cache whenever a session ticket is issued. When a client attempts to resume the session, OpenSSL will check for its presence in the internal cache. If it exists then the resumption is allowed and the session is removed from the cache. If it does not exist then the resumption is not allowed and a full handshake will occur.</p>
+
+<p>Note that some applications may maintain an external cache of sessions (see <a href="../man3/SSL_CTX_sess_set_new_cb.html">SSL_CTX_sess_set_new_cb(3)</a> and similar functions). It is the application&#39;s responsibility to ensure that any sessions in the external cache are also populated in the internal cache and that once removed from the internal cache they are similarly removed from the external cache. Failing to do this could result in an application becoming vulnerable to replay attacks. Note that OpenSSL will lock the internal cache while a session is removed but that lock is not held when the remove session callback (see <a href="../man3/SSL_CTX_sess_set_remove_cb.html">SSL_CTX_sess_set_remove_cb(3)</a>) is called. This could result in a small amount of time where the session has been removed from the internal cache but is still available in the external cache. Applications should be designed with this in mind in order to minimise the possibility of replay attacks.</p>
+
+<p>The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs) (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore extreme caution should be applied when combining external PSKs with early data.</p>
+
+<p>Some applications may mitigate the replay risks in other ways. For those applications it is possible to turn off the built-in replay protection feature using the <b>SSL_OP_NO_ANTI_REPLAY</b> option. See <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> for details. Applications can also set a callback to make decisions about accepting early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, SSL_READ_EARLY_DATA_SUCCESS for success with more data to read and SSL_READ_EARLY_DATA_FINISH for success with no more to data be read. In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to determine the correct course of action.</p>
+
+<p>SSL_get_max_early_data(), SSL_CTX_get_max_early_data() and SSL_SESSION_get_max_early_data() return the maximum number of early data bytes that may be sent.</p>
+
+<p>SSL_set_max_early_data(), SSL_CTX_set_max_early_data() and SSL_SESSION_set_max_early_data() return 1 for success or 0 for failure.</p>
+
+<p>SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_CTX_set_psk_use_session_callback.html">SSL_CTX_set_psk_use_session_callback(3)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>All of the functions described above were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSL_write_ex.html b/msys2/usr/share/doc/openssl/html/man3/SSL_write_ex.html
new file mode 100644
index 000000000..307199d4e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSL_write_ex.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_write</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_write_ex, SSL_write - write bytes to a TLS/SSL connection</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written);
+ int SSL_write(SSL *ssl, const void *buf, int num);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_write_ex() and SSL_write() write <b>num</b> bytes from the buffer <b>buf</b> into the specified <b>ssl</b> connection. On success SSL_write_ex() will store the number of bytes written in <b>*written</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In the paragraphs below a &quot;write function&quot; is defined as one of either SSL_write_ex(), or SSL_write().</p>
+
+<p>If necessary, a write function will negotiate a TLS/SSL session, if not already explicitly performed by <a href="../man3/SSL_connect.html">SSL_connect(3)</a> or <a href="../man3/SSL_accept.html">SSL_accept(3)</a>. If the peer requests a re-negotiation, it will be performed transparently during the write function operation. The behaviour of the write functions depends on the underlying BIO.</p>
+
+<p>For the transparent negotiation to succeed, the <b>ssl</b> must have been initialized to client or server mode. This is being done by calling <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a> or SSL_set_accept_state() before the first call to a write function.</p>
+
+<p>If the underlying BIO is <b>blocking</b>, the write functions will only return, once the write operation has been finished or an error occurred.</p>
+
+<p>If the underlying BIO is <b>non-blocking</b> the write functions will also return when the underlying BIO could not satisfy the needs of the function to continue the operation. In this case a call to <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> with the return value of the write function will yield <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>. As at any time a re-negotiation is possible, a call to a write function can also cause read operations! The calling process then must repeat the call after taking appropriate action to satisfy the needs of the write function. The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue.</p>
+
+<p>The write functions will only return with success when the complete contents of <b>buf</b> of length <b>num</b> has been written. This default behaviour can be changed with the SSL_MODE_ENABLE_PARTIAL_WRITE option of <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>. When this flag is set the write functions will also return with success when a partial write has been successfully completed. In this case the write function operation is considered completed. The bytes are sent and a new write call with a new buffer (with the already sent bytes removed) must be started. A partial write is performed with the size of a message block, which is 16kB.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>When a write function call has to be repeated because <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> returned <b>SSL_ERROR_WANT_READ</b> or <b>SSL_ERROR_WANT_WRITE</b>, it must be repeated with the same arguments. The data that was passed might have been partially processed. When <b>SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER</b> was set using <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a> the pointer can be different, but the data and length should still be the same.</p>
+
+<p>You should not call SSL_write() with num=0, it will return an error. SSL_write_ex() can be called with num=0, but will not send application data to the peer.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_write_ex() will return 1 for success or 0 for failure. Success means that all requested application data bytes have been written to the SSL connection or, if SSL_MODE_ENABLE_PARTIAL_WRITE is in use, at least 1 application data byte has been written to the SSL connection. Failure means that not all the requested bytes have been written yet (if SSL_MODE_ENABLE_PARTIAL_WRITE is not in use) or no bytes could be written to the SSL connection (if SSL_MODE_ENABLE_PARTIAL_WRITE is in use). Failures can be retryable (e.g. the network write buffer has temporarily filled up) or non-retryable (e.g. a fatal network error). In the event of a failure call <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a> to find out the reason which indicates whether the call is retryable or not.</p>
+
+<p>For SSL_write() the following return values can occur:</p>
+
+<dl>
+
+<dt id="pod0">&gt; 0</dt>
+<dd>
+
+<p>The write operation was successful, the return value is the number of bytes actually written to the TLS/SSL connection.</p>
+
+</dd>
+<dt id="pod-0">&lt;= 0</dt>
+<dd>
+
+<p>The write operation was not successful, because either the connection was closed, an error occurred or action must be taken by the calling process. Call SSL_get_error() with the return value <b>ret</b> to find out the reason.</p>
+
+<p>Old documentation indicated a difference between 0 and -1, and that -1 was retryable. You should instead call SSL_get_error() to find out if it&#39;s retryable.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_write_ex() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a> <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a> <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man7/bio.html">bio(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSLv23_client_method.html b/msys2/usr/share/doc/openssl/html/man3/SSLv23_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSLv23_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSLv23_method.html b/msys2/usr/share/doc/openssl/html/man3/SSLv23_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSLv23_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSLv23_server_method.html b/msys2/usr/share/doc/openssl/html/man3/SSLv23_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSLv23_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSLv3_client_method.html b/msys2/usr/share/doc/openssl/html/man3/SSLv3_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSLv3_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSLv3_method.html b/msys2/usr/share/doc/openssl/html/man3/SSLv3_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSLv3_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SSLv3_server_method.html b/msys2/usr/share/doc/openssl/html/man3/SSLv3_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SSLv3_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SXNETID_free.html b/msys2/usr/share/doc/openssl/html/man3/SXNETID_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SXNETID_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SXNETID_new.html b/msys2/usr/share/doc/openssl/html/man3/SXNETID_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SXNETID_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SXNET_free.html b/msys2/usr/share/doc/openssl/html/man3/SXNET_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SXNET_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/SXNET_new.html b/msys2/usr/share/doc/openssl/html/man3/SXNET_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/SXNET_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLS_FEATURE_free.html b/msys2/usr/share/doc/openssl/html/man3/TLS_FEATURE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLS_FEATURE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLS_FEATURE_new.html b/msys2/usr/share/doc/openssl/html/man3/TLS_FEATURE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLS_FEATURE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLS_client_method.html b/msys2/usr/share/doc/openssl/html/man3/TLS_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLS_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLS_method.html b/msys2/usr/share/doc/openssl/html/man3/TLS_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLS_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLS_server_method.html b/msys2/usr/share/doc/openssl/html/man3/TLS_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLS_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_client_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_server_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_1_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_client_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_server_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_2_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_client_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_client_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_client_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TLSv1_server_method.html b/msys2/usr/share/doc/openssl/html/man3/TLSv1_server_method.html
new file mode 100644
index 000000000..97313de46
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TLSv1_server_method.html
@@ -0,0 +1,205 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, SSL_CTX_new, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, SSLv23_method, SSLv23_server_method, SSLv23_client_method, DTLS_method, DTLS_server_method, DTLS_client_method, DTLSv1_method, DTLSv1_server_method, DTLSv1_client_method, DTLSv1_2_method, DTLSv1_2_server_method, DTLSv1_2_client_method - create a new SSL_CTX object as framework for TLS/SSL or DTLS enabled functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+ int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+ const SSL_METHOD *TLS_method(void);
+ const SSL_METHOD *TLS_server_method(void);
+ const SSL_METHOD *TLS_client_method(void);
+
+ const SSL_METHOD *SSLv23_method(void);
+ const SSL_METHOD *SSLv23_server_method(void);
+ const SSL_METHOD *SSLv23_client_method(void);
+
+ #ifndef OPENSSL_NO_SSL3_METHOD
+ const SSL_METHOD *SSLv3_method(void);
+ const SSL_METHOD *SSLv3_server_method(void);
+ const SSL_METHOD *SSLv3_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_METHOD
+ const SSL_METHOD *TLSv1_method(void);
+ const SSL_METHOD *TLSv1_server_method(void);
+ const SSL_METHOD *TLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
+ const SSL_METHOD *TLSv1_1_method(void);
+ const SSL_METHOD *TLSv1_1_server_method(void);
+ const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
+ const SSL_METHOD *TLSv1_2_method(void);
+ const SSL_METHOD *TLSv1_2_server_method(void);
+ const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
+
+ const SSL_METHOD *DTLS_method(void);
+ const SSL_METHOD *DTLS_server_method(void);
+ const SSL_METHOD *DTLS_client_method(void);
+
+ #ifndef OPENSSL_NO_DTLS1_METHOD
+ const SSL_METHOD *DTLSv1_method(void);
+ const SSL_METHOD *DTLSv1_server_method(void);
+ const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
+
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
+ const SSL_METHOD *DTLSv1_2_method(void);
+ const SSL_METHOD *DTLSv1_2_server_method(void);
+ const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_new() creates a new <b>SSL_CTX</b> object as framework to establish TLS/SSL or DTLS enabled connections. An <b>SSL_CTX</b> object is reference counted. Creating an <b>SSL_CTX</b> object for the first time increments the reference count. Freeing it (using SSL_CTX_free) decrements it. When the reference count drops to zero, any memory or resources allocated to the <b>SSL_CTX</b> object are freed. SSL_CTX_up_ref() increments the reference count for an existing <b>SSL_CTX</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The SSL_CTX object uses <b>method</b> as connection method. The methods exist in a generic type (for client and server use), a server only type, and a client only type. <b>method</b> can be of the following types:</p>
+
+<dl>
+
+<dt id="TLS_method-TLS_server_method-TLS_client_method">TLS_method(), TLS_server_method(), TLS_client_method()</dt>
+<dd>
+
+<p>These are the general-purpose <i>version-flexible</i> SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. Applications should use these methods, and avoid the version-specific methods described below.</p>
+
+</dd>
+<dt id="SSLv23_method-SSLv23_server_method-SSLv23_client_method">SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()</dt>
+<dd>
+
+<p>Use of these functions is deprecated. They have been replaced with the above TLS_method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.</p>
+
+</dd>
+<dt id="TLSv1_2_method-TLSv1_2_server_method-TLSv1_2_client_method">TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.2 protocol.</p>
+
+</dd>
+<dt id="TLSv1_1_method-TLSv1_1_server_method-TLSv1_1_client_method">TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1.1 protocol.</p>
+
+</dd>
+<dt id="TLSv1_method-TLSv1_server_method-TLSv1_client_method">TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the TLSv1 protocol.</p>
+
+</dd>
+<dt id="SSLv3_method-SSLv3_server_method-SSLv3_client_method">SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()</dt>
+<dd>
+
+<p>A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. The SSLv3 protocol is deprecated and should not be used.</p>
+
+</dd>
+<dt id="DTLS_method-DTLS_server_method-DTLS_client_method">DTLS_method(), DTLS_server_method(), DTLS_client_method()</dt>
+<dd>
+
+<p>These are the version-flexible DTLS methods. Currently supported protocols are DTLS 1.0 and DTLS 1.2.</p>
+
+</dd>
+<dt id="DTLSv1_2_method-DTLSv1_2_server_method-DTLSv1_2_client_method">DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.2.</p>
+
+</dd>
+<dt id="DTLSv1_method-DTLSv1_server_method-DTLSv1_client_method">DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()</dt>
+<dd>
+
+<p>These are the version-specific methods for DTLSv1.</p>
+
+</dd>
+</dl>
+
+<p>SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates and the options to their default values.</p>
+
+<p>TLS_method(), TLS_server_method(), TLS_client_method(), DTLS_method(), DTLS_server_method() and DTLS_client_method() are the <i>version-flexible</i> methods. All other methods only support one specific protocol version. Use the <i>version-flexible</i> methods instead of the version specific methods.</p>
+
+<p>If you want to limit the supported protocols for the version flexible methods you can use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man3/SSL_set_min_proto_version.html">SSL_set_min_proto_version(3)</a>, <a href="../man3/SSL_CTX_set_max_proto_version.html">SSL_CTX_set_max_proto_version(3)</a> and <a href="../man3/SSL_set_max_proto_version.html">SSL_set_max_proto_version(3)</a> functions. Using these functions it is possible to choose e.g. TLS_server_method() and be able to negotiate with all possible clients, but to only allow newer protocols like TLS 1.0, TLS 1.1, TLS 1.2 or TLS 1.3.</p>
+
+<p>The list of protocols available can also be limited using the <b>SSL_OP_NO_SSLv3</b>, <b>SSL_OP_NO_TLSv1</b>, <b>SSL_OP_NO_TLSv1_1</b>, <b>SSL_OP_NO_TLSv1_3</b>, <b>SSL_OP_NO_TLSv1_2</b> and <b>SSL_OP_NO_TLSv1_3</b> options of the <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a> or <a href="../man3/SSL_set_options.html">SSL_set_options(3)</a> functions, but this approach is not recommended. Clients should avoid creating &quot;holes&quot; in the set of protocols they support. When disabling a protocol, make sure that you also disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling <i>all</i> previous protocol versions, the effect is to also disable all subsequent protocol versions.</p>
+
+<p>The SSLv3 protocol is deprecated and should generally not be used. Applications should typically use <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a> to set the minimum protocol to at least <b>TLS1_VERSION</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The following return values can occur:</p>
+
+<dl>
+
+<dt id="NULL">NULL</dt>
+<dd>
+
+<p>The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.</p>
+
+</dd>
+<dt id="Pointer-to-an-SSL_CTX-object">Pointer to an SSL_CTX object</dt>
+<dd>
+
+<p>The return value points to an allocated SSL_CTX object.</p>
+
+<p>SSL_CTX_up_ref() returns 1 for success and 0 for failure.</p>
+
+</dd>
+</dl>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Support for SSLv2 and the corresponding SSLv2_method(), SSLv2_server_method() and SSLv2_client_method() functions where removed in OpenSSL 1.1.0.</p>
+
+<p>SSLv23_method(), SSLv23_server_method() and SSLv23_client_method() were deprecated and the preferred TLS_method(), TLS_server_method() and TLS_client_method() functions were introduced in OpenSSL 1.1.0.</p>
+
+<p>All version-specific methods were deprecated in OpenSSL 1.1.0.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_free.html">SSL_CTX_free(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_CTX_set_min_proto_version.html">SSL_CTX_set_min_proto_version(3)</a>, <a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_dup.html b/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_free.html b/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_new.html b/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_ACCURACY_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_dup.html b/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_free.html b/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_new.html b/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_REQ_dup.html b/msys2/usr/share/doc/openssl/html/man3/TS_REQ_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_REQ_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_REQ_free.html b/msys2/usr/share/doc/openssl/html/man3/TS_REQ_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_REQ_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_REQ_new.html b/msys2/usr/share/doc/openssl/html/man3/TS_REQ_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_REQ_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_RESP_dup.html b/msys2/usr/share/doc/openssl/html/man3/TS_RESP_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_RESP_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_RESP_free.html b/msys2/usr/share/doc/openssl/html/man3/TS_RESP_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_RESP_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_RESP_new.html b/msys2/usr/share/doc/openssl/html/man3/TS_RESP_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_RESP_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_dup.html b/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_new.html b/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_STATUS_INFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_dup.html b/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_new.html b/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/TS_TST_INFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI.html b/msys2/usr/share/doc/openssl/html/man3/UI.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_METHOD.html b/msys2/usr/share/doc/openssl/html/man3/UI_METHOD.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_METHOD.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_OpenSSL.html b/msys2/usr/share/doc/openssl/html/man3/UI_OpenSSL.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_OpenSSL.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_STRING.html b/msys2/usr/share/doc/openssl/html/man3/UI_STRING.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_STRING.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_read_pw.html b/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_read_pw.html
new file mode 100644
index 000000000..199c25dcf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_read_pw.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_UTIL_read_pw</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_UTIL_read_pw_string, UI_UTIL_read_pw, UI_UTIL_wrap_read_pem_callback - user interface utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+                            int verify);
+ int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+                     int verify);
+ UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI_UTIL_read_pw_string() asks for a passphrase, using <b>prompt</b> as a prompt, and stores it in <b>buf</b>. The maximum allowed size is given with <b>length</b>, including the terminating NUL byte. If <b>verify</b> is non-zero, the password will be verified as well.</p>
+
+<p>UI_UTIL_read_pw() does the same as UI_UTIL_read_pw_string(), the difference is that you can give it an external buffer <b>buff</b> for the verification passphrase.</p>
+
+<p>UI_UTIL_wrap_read_pem_callback() can be used to create a temporary <b>UI_METHOD</b> that wraps a given PEM password callback <b>cb</b>. <b>rwflag</b> is used to specify if this method will be used for passphrase entry without (0) or with (1) verification. When not used any more, the returned method should be freed with UI_destroy_method().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>UI_UTIL_read_pw_string() and UI_UTIL_read_pw() use default <b>UI_METHOD</b>. See <a href="../man3/UI_get_default_method.html">UI_get_default_method(3)</a> and friends for more information.</p>
+
+<p>The result from the <b>UI_METHOD</b> created by UI_UTIL_wrap_read_pem_callback() will generate password strings in the encoding that the given password callback generates. The default password prompting functions (apart from UI_UTIL_read_pw_string() and UI_UTIL_read_pw(), there is PEM_def_callback(), EVP_read_pw_string() and EVP_read_pw_string_min()) all use the default <b>UI_METHOD</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_UTIL_read_pw_string() and UI_UTIL_read_pw() return 0 on success or a negative value on error.</p>
+
+<p>UI_UTIL_wrap_read_pem_callback() returns a valid <b>UI_METHOD</b> structure or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI_get_default_method.html">UI_get_default_method(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_read_pw_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_read_pw_string.html
new file mode 100644
index 000000000..199c25dcf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_read_pw_string.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_UTIL_read_pw</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_UTIL_read_pw_string, UI_UTIL_read_pw, UI_UTIL_wrap_read_pem_callback - user interface utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+                            int verify);
+ int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+                     int verify);
+ UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI_UTIL_read_pw_string() asks for a passphrase, using <b>prompt</b> as a prompt, and stores it in <b>buf</b>. The maximum allowed size is given with <b>length</b>, including the terminating NUL byte. If <b>verify</b> is non-zero, the password will be verified as well.</p>
+
+<p>UI_UTIL_read_pw() does the same as UI_UTIL_read_pw_string(), the difference is that you can give it an external buffer <b>buff</b> for the verification passphrase.</p>
+
+<p>UI_UTIL_wrap_read_pem_callback() can be used to create a temporary <b>UI_METHOD</b> that wraps a given PEM password callback <b>cb</b>. <b>rwflag</b> is used to specify if this method will be used for passphrase entry without (0) or with (1) verification. When not used any more, the returned method should be freed with UI_destroy_method().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>UI_UTIL_read_pw_string() and UI_UTIL_read_pw() use default <b>UI_METHOD</b>. See <a href="../man3/UI_get_default_method.html">UI_get_default_method(3)</a> and friends for more information.</p>
+
+<p>The result from the <b>UI_METHOD</b> created by UI_UTIL_wrap_read_pem_callback() will generate password strings in the encoding that the given password callback generates. The default password prompting functions (apart from UI_UTIL_read_pw_string() and UI_UTIL_read_pw(), there is PEM_def_callback(), EVP_read_pw_string() and EVP_read_pw_string_min()) all use the default <b>UI_METHOD</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_UTIL_read_pw_string() and UI_UTIL_read_pw() return 0 on success or a negative value on error.</p>
+
+<p>UI_UTIL_wrap_read_pem_callback() returns a valid <b>UI_METHOD</b> structure or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI_get_default_method.html">UI_get_default_method(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_wrap_read_pem_callback.html b/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_wrap_read_pem_callback.html
new file mode 100644
index 000000000..199c25dcf
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_UTIL_wrap_read_pem_callback.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_UTIL_read_pw</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_UTIL_read_pw_string, UI_UTIL_read_pw, UI_UTIL_wrap_read_pem_callback - user interface utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+                            int verify);
+ int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+                     int verify);
+ UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI_UTIL_read_pw_string() asks for a passphrase, using <b>prompt</b> as a prompt, and stores it in <b>buf</b>. The maximum allowed size is given with <b>length</b>, including the terminating NUL byte. If <b>verify</b> is non-zero, the password will be verified as well.</p>
+
+<p>UI_UTIL_read_pw() does the same as UI_UTIL_read_pw_string(), the difference is that you can give it an external buffer <b>buff</b> for the verification passphrase.</p>
+
+<p>UI_UTIL_wrap_read_pem_callback() can be used to create a temporary <b>UI_METHOD</b> that wraps a given PEM password callback <b>cb</b>. <b>rwflag</b> is used to specify if this method will be used for passphrase entry without (0) or with (1) verification. When not used any more, the returned method should be freed with UI_destroy_method().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>UI_UTIL_read_pw_string() and UI_UTIL_read_pw() use default <b>UI_METHOD</b>. See <a href="../man3/UI_get_default_method.html">UI_get_default_method(3)</a> and friends for more information.</p>
+
+<p>The result from the <b>UI_METHOD</b> created by UI_UTIL_wrap_read_pem_callback() will generate password strings in the encoding that the given password callback generates. The default password prompting functions (apart from UI_UTIL_read_pw_string() and UI_UTIL_read_pw(), there is PEM_def_callback(), EVP_read_pw_string() and EVP_read_pw_string_min()) all use the default <b>UI_METHOD</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_UTIL_read_pw_string() and UI_UTIL_read_pw() return 0 on success or a negative value on error.</p>
+
+<p>UI_UTIL_wrap_read_pem_callback() returns a valid <b>UI_METHOD</b> structure or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI_get_default_method.html">UI_get_default_method(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_add_error_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_add_error_string.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_add_error_string.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_add_info_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_add_info_string.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_add_info_string.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_add_input_boolean.html b/msys2/usr/share/doc/openssl/html/man3/UI_add_input_boolean.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_add_input_boolean.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_add_input_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_add_input_string.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_add_input_string.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_add_user_data.html b/msys2/usr/share/doc/openssl/html/man3/UI_add_user_data.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_add_user_data.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_add_verify_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_add_verify_string.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_add_verify_string.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_construct_prompt.html b/msys2/usr/share/doc/openssl/html/man3/UI_construct_prompt.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_construct_prompt.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_create_method.html b/msys2/usr/share/doc/openssl/html/man3/UI_create_method.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_create_method.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/UI_ctrl.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_ctrl.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_destroy_method.html b/msys2/usr/share/doc/openssl/html/man3/UI_destroy_method.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_destroy_method.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_dup_error_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_dup_error_string.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_dup_error_string.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_dup_info_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_dup_info_string.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_dup_info_string.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_dup_input_boolean.html b/msys2/usr/share/doc/openssl/html/man3/UI_dup_input_boolean.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_dup_input_boolean.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_dup_input_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_dup_input_string.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_dup_input_string.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_dup_user_data.html b/msys2/usr/share/doc/openssl/html/man3/UI_dup_user_data.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_dup_user_data.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_dup_verify_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_dup_verify_string.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_dup_verify_string.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_free.html b/msys2/usr/share/doc/openssl/html/man3/UI_free.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_free.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get0_action_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_get0_action_string.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get0_action_string.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get0_output_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_get0_output_string.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get0_output_string.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get0_result.html b/msys2/usr/share/doc/openssl/html/man3/UI_get0_result.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get0_result.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get0_result_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_get0_result_string.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get0_result_string.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get0_test_string.html b/msys2/usr/share/doc/openssl/html/man3/UI_get0_test_string.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get0_test_string.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get0_user_data.html b/msys2/usr/share/doc/openssl/html/man3/UI_get0_user_data.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get0_user_data.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_default_method.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_default_method.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_default_method.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_input_flags.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_input_flags.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_input_flags.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_method.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_method.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_method.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_result_length.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_result_length.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_result_length.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_result_maxsize.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_result_maxsize.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_result_maxsize.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_result_minsize.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_result_minsize.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_result_minsize.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_result_string_length.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_result_string_length.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_result_string_length.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_get_string_type.html b/msys2/usr/share/doc/openssl/html/man3/UI_get_string_type.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_get_string_type.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_closer.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_closer.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_closer.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_data_destructor.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_data_destructor.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_data_destructor.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_data_duplicator.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_data_duplicator.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_data_duplicator.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_ex_data.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_ex_data.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_flusher.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_flusher.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_flusher.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_opener.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_opener.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_opener.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_prompt_constructor.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_prompt_constructor.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_prompt_constructor.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_reader.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_reader.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_reader.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_get_writer.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_writer.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_get_writer.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_set_closer.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_closer.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_closer.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_set_data_duplicator.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_data_duplicator.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_data_duplicator.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_ex_data.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_ex_data.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_set_flusher.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_flusher.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_flusher.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_set_opener.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_opener.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_opener.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_set_prompt_constructor.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_prompt_constructor.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_prompt_constructor.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_set_reader.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_reader.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_reader.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_method_set_writer.html b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_writer.html
new file mode 100644
index 000000000..9cc380404
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_method_set_writer.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_create_method</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_METHOD, UI_create_method, UI_destroy_method, UI_method_set_opener, UI_method_set_writer, UI_method_set_flusher, UI_method_set_reader, UI_method_set_closer, UI_method_set_data_duplicator, UI_method_set_prompt_constructor, UI_method_set_ex_data, UI_method_get_opener, UI_method_get_writer, UI_method_get_flusher, UI_method_get_reader, UI_method_get_closer, UI_method_get_data_duplicator, UI_method_get_data_destructor, UI_method_get_prompt_constructor, UI_method_get_ex_data - user interface method creation and destruction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_method_st UI_METHOD;
+
+ UI_METHOD *UI_create_method(const char *name);
+ void UI_destroy_method(UI_METHOD *ui_method);
+ int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+ int UI_method_set_writer(UI_METHOD *method,
+                          int (*writer) (UI *ui, UI_STRING *uis));
+ int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+ int UI_method_set_reader(UI_METHOD *method,
+                          int (*reader) (UI *ui, UI_STRING *uis));
+ int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+ int UI_method_set_data_duplicator(UI_METHOD *method,
+                                   void *(*duplicator) (UI *ui, void *ui_data),
+                                   void (*destructor)(UI *ui, void *ui_data));
+ int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                      char *(*prompt_constructor) (UI *ui,
+                                                                   const char
+                                                                   *object_desc,
+                                                                   const char
+                                                                   *object_name));
+ int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+ int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+ int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+ int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+ char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+     (UI *, const char *, const char *);
+ void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+ void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+ const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A method contains a few functions that implement the low level of the User Interface. These functions are:</p>
+
+<dl>
+
+<dt id="an-opener">an opener</dt>
+<dd>
+
+<p>This function takes a reference to a UI and starts a session, for example by opening a channel to a tty, or by creating a dialog box.</p>
+
+</dd>
+<dt id="a-writer">a writer</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI String, and writes the string where appropriate, maybe to the tty, maybe added as a field label in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-flusher">a flusher</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and flushes everything that has been output so far. For example, if the method builds up a dialog box, this can be used to actually display it and accepting input ended with a pressed button.</p>
+
+</dd>
+<dt id="a-reader">a reader</dt>
+<dd>
+
+<p>This function takes a reference to a UI and a UI string and reads off the given prompt, maybe from the tty, maybe from a field in a dialog box. Note that this gets fed all strings associated with a UI, one after the other, so care must be taken which ones it actually uses.</p>
+
+</dd>
+<dt id="a-closer">a closer</dt>
+<dd>
+
+<p>This function takes a reference to a UI, and closes the session, maybe by closing the channel to the tty, maybe by destroying a dialog box.</p>
+
+</dd>
+</dl>
+
+<p>All of these functions are expected to return 0 on error, 1 on success, or -1 on out-off-band events, for example if some prompting has been cancelled (by pressing Ctrl-C, for example). Only the flusher or the reader are expected to return -1. If returned by another of the functions, it&#39;s treated as if 0 was returned.</p>
+
+<p>Regarding the writer and the reader, don&#39;t assume the former should only write and don&#39;t assume the latter should only read. This depends on the needs of the method.</p>
+
+<p>For example, a typical tty reader wouldn&#39;t write the prompts in the write, but would rather do so in the reader, because of the sequential nature of prompting on a tty. This is how the UI_OpenSSL() method does it.</p>
+
+<p>In contrast, a method that builds up a dialog box would add all prompt text in the writer, have all input read in the flusher and store the results in some temporary buffer, and finally have the reader just fetch those results.</p>
+
+<p>The central function that uses these method functions is UI_process(), and it does it in five steps:</p>
+
+<ol>
+
+<li><p>Open the session using the opener function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the writer function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Flush everything using the flusher function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>For every UI String associated with the UI, call the reader function if that one&#39;s defined. If an error occurs, jump to 5.</p>
+
+</li>
+<li><p>Close the session using the closer function if that one&#39;s defined.</p>
+
+</li>
+</ol>
+
+<p>UI_create_method() creates a new UI method with a given <b>name</b>.</p>
+
+<p>UI_destroy_method() destroys the given UI method <b>ui_method</b>.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader() and UI_method_set_closer() set the five main method function to the given function pointer.</p>
+
+<p>UI_method_set_data_duplicator() sets the user data duplicator and destructor. See <a href="../man3/UI_dup_user_data.html">UI_dup_user_data(3)</a>.</p>
+
+<p>UI_method_set_prompt_constructor() sets the prompt constructor. See <a href="../man3/UI_construct_prompt.html">UI_construct_prompt(3)</a>.</p>
+
+<p>UI_method_set_ex_data() sets application specific data with a given EX_DATA index. See <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a> for general information on how to get that index.</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the different method functions.</p>
+
+<p>UI_method_get_ex_data() returns the application data previously stored with UI_method_set_ex_data().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_create_method() returns a UI_METHOD pointer on success, NULL on error.</p>
+
+<p>UI_method_set_opener(), UI_method_set_writer(), UI_method_set_flusher(), UI_method_set_reader(), UI_method_set_closer(), UI_method_set_data_duplicator() and UI_method_set_prompt_constructor() return 0 on success, -1 if the given <b>method</b> is NULL.</p>
+
+<p>UI_method_set_ex_data() returns 1 on success and 0 on error (because CRYPTO_set_ex_data() does so).</p>
+
+<p>UI_method_get_opener(), UI_method_get_writer(), UI_method_get_flusher(), UI_method_get_reader(), UI_method_get_closer(), UI_method_get_data_duplicator(), UI_method_get_data_destructor() and UI_method_get_prompt_constructor() return the requested function pointer if it&#39;s set in the method, otherwise NULL.</p>
+
+<p>UI_method_get_ex_data() returns a pointer to the application specific data associated with the method.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a>, <a href="../man3/CRYPTO_get_ex_data.html">CRYPTO_get_ex_data(3)</a>, <a href="../man3/UI_STRING.html">UI_STRING(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_method_set_data_duplicator(), UI_method_get_data_duplicator() and UI_method_get_data_destructor() functions were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_new.html b/msys2/usr/share/doc/openssl/html/man3/UI_new.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_new.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_new_method.html b/msys2/usr/share/doc/openssl/html/man3/UI_new_method.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_new_method.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_null.html b/msys2/usr/share/doc/openssl/html/man3/UI_null.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_null.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_process.html b/msys2/usr/share/doc/openssl/html/man3/UI_process.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_process.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_set_default_method.html b/msys2/usr/share/doc/openssl/html/man3/UI_set_default_method.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_set_default_method.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/UI_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_set_method.html b/msys2/usr/share/doc/openssl/html/man3/UI_set_method.html
new file mode 100644
index 000000000..7f95ad7ba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_set_method.html
@@ -0,0 +1,178 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI, UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string, UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean, UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string, UI_add_error_string, UI_dup_error_string, UI_construct_prompt, UI_add_user_data, UI_dup_user_data, UI_get0_user_data, UI_get0_result, UI_get_result_length, UI_process, UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method, UI_set_method, UI_OpenSSL, UI_null - user interface</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_st UI;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                          char *result_buf, int minsize, int maxsize,
+                          const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                          const char *ok_chars, const char *cancel_chars,
+                          int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ char *UI_construct_prompt(UI *ui_method,
+        const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ int UI_dup_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+ int UI_get_result_length(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+ const UI_METHOD *UI_null(void);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>UI stands for User Interface, and is general purpose set of routines to prompt the user for text-based information. Through user-written methods (see <a href="../man3/UI_create_method.html">UI_create_method(3)</a>), prompting can be done in any way imaginable, be it plain text prompting, through dialog boxes or from a cell phone.</p>
+
+<p>All the functions work through a context of the type UI. This context contains all the information needed to prompt correctly as well as a reference to a UI_METHOD, which is an ordered vector of functions that carry out the actual prompting.</p>
+
+<p>The first thing to do is to create a UI with UI_new() or UI_new_method(), then add information to it with the UI_add or UI_dup functions. Also, user-defined random data can be passed down to the underlying method through calls to UI_add_user_data() or UI_dup_user_data(). The default UI method doesn&#39;t care about these data, but other methods might. Finally, use UI_process() to actually perform the prompting and UI_get0_result() and UI_get_result_length() to find the result to the prompt and its length.</p>
+
+<p>A UI can contain more than one prompt, which are performed in the given sequence. Each prompt gets an index number which is returned by the UI_add and UI_dup functions, and has to be used to get the corresponding result with UI_get0_result() and UI_get_result_length().</p>
+
+<p>UI_process() can be called more than once on the same UI, thereby allowing a UI to have a long lifetime, but can just as well have a short lifetime.</p>
+
+<p>The functions are as follows:</p>
+
+<p>UI_new() creates a new UI using the default UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_new_method() creates a new UI using the given UI method. When done with this UI, it should be freed using UI_free().</p>
+
+<p>UI_OpenSSL() returns the built-in UI method (note: not necessarily the default one, since the default can be changed. See further on). This method is the most machine/OS dependent part of OpenSSL and normally generates the most problems when porting.</p>
+
+<p>UI_null() returns a UI method that does nothing. Its use is to avoid getting internal defaults for passed UI_METHOD pointers.</p>
+
+<p>UI_free() removes a UI from memory, along with all other pieces of memory that&#39;s connected to it, like duplicated input strings, results and others. If <b>ui</b> is NULL nothing is done.</p>
+
+<p>UI_add_input_string() and UI_add_verify_string() add a prompt to the UI, as well as flags and a result buffer and the desired minimum and maximum sizes of the result, not counting the final NUL character. The given information is used to prompt for information, for example a password, and to verify a password (i.e. having the user enter it twice and check that the same string was entered twice). UI_add_verify_string() takes and extra argument that should be a pointer to the result buffer of the input string that it&#39;s supposed to verify, or verification will fail.</p>
+
+<p>UI_add_input_boolean() adds a prompt to the UI that&#39;s supposed to be answered in a boolean way, with a single character for yes and a different character for no. A set of characters that can be used to cancel the prompt is given as well. The prompt itself is divided in two, one part being the descriptive text (given through the <i>prompt</i> argument) and one describing the possible answers (given through the <i>action_desc</i> argument).</p>
+
+<p>UI_add_info_string() and UI_add_error_string() add strings that are shown at the same time as the prompt for extra information or to show an error string. The difference between the two is only conceptual. With the builtin method, there&#39;s no technical difference between them. Other methods may make a difference between them, however.</p>
+
+<p>The flags currently supported are <b>UI_INPUT_FLAG_ECHO</b>, which is relevant for UI_add_input_string() and will have the users response be echoed (when prompting for a password, this flag should obviously not be used, and <b>UI_INPUT_FLAG_DEFAULT_PWD</b>, which means that a default password of some sort will be used (completely depending on the application and the UI method).</p>
+
+<p>UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(), UI_dup_info_string() and UI_dup_error_string() are basically the same as their UI_add counterparts, except that they make their own copies of all strings.</p>
+
+<p>UI_construct_prompt() is a helper function that can be used to create a prompt from two pieces of information: an description and a name. The default constructor (if there is none provided by the method used) creates a string &quot;Enter <i>description</i> for <i>name</i>:&quot;. With the description &quot;pass phrase&quot; and the file name &quot;foo.key&quot;, that becomes &quot;Enter pass phrase for foo.key:&quot;. Other methods may create whatever string and may include encodings that will be processed by the other method functions.</p>
+
+<p>UI_add_user_data() adds a user data pointer for the method to use at any time. The builtin UI method doesn&#39;t care about this info. Note that several calls to this function doesn&#39;t add data, it replaces the previous blob with the one given as argument.</p>
+
+<p>UI_dup_user_data() duplicates the user data and works as an alternative to UI_add_user_data() when the user data needs to be preserved for a longer duration, perhaps even the lifetime of the application. The UI object takes ownership of this duplicate and will free it whenever it gets replaced or the UI is destroyed. UI_dup_user_data() returns 0 on success, or -1 on memory allocation failure or if the method doesn&#39;t have a duplicator function.</p>
+
+<p>UI_get0_user_data() retrieves the data that has last been given to the UI with UI_add_user_data() or UI_dup_user_data.</p>
+
+<p>UI_get0_result() returns a pointer to the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_get_result_length() returns the length of the result buffer associated with the information indexed by <i>i</i>.</p>
+
+<p>UI_process() goes through the information given so far, does all the printing and prompting and returns the final status, which is -2 on out-of-band events (Interrupt, Cancel, ...), -1 on error and 0 on success.</p>
+
+<p>UI_ctrl() adds extra control for the application author. For now, it understands two commands: <b>UI_CTRL_PRINT_ERRORS</b>, which makes UI_process() print the OpenSSL error stack as part of processing the UI, and <b>UI_CTRL_IS_REDOABLE</b>, which returns a flag saying if the used UI can be used again or not.</p>
+
+<p>UI_set_default_method() changes the default UI method to the one given. This function is not thread-safe and should not be called at the same time as other OpenSSL functions.</p>
+
+<p>UI_get_default_method() returns a pointer to the current default UI method.</p>
+
+<p>UI_get_method() returns the UI method associated with a given UI.</p>
+
+<p>UI_set_method() changes the UI method associated with a given UI.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The resulting strings that the built in method UI_OpenSSL() generate are assumed to be encoded according to the current locale or (for Windows) code page. For applications having different demands, these strings need to be converted appropriately by the caller. For Windows, if the OPENSSL_WIN32_UTF8 environment variable is set, the built-in method UI_OpenSSL() will produce UTF-8 encoded strings instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_new() and UI_new_method() return a valid <b>UI</b> structure or NULL if an error occurred.</p>
+
+<p>UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() and UI_dup_error_string() return a positive number on success or a value which is less than or equal to 0 otherwise.</p>
+
+<p>UI_construct_prompt() returns a string or NULL if an error occurred.</p>
+
+<p>UI_dup_user_data() returns 0 on success or -1 on error.</p>
+
+<p>UI_get0_result() returns a string or NULL on error.</p>
+
+<p>UI_get_result_length() returns a positive integer or 0 on success; otherwise it returns -1 on error.</p>
+
+<p>UI_process() returns 0 on success or a negative value on error.</p>
+
+<p>UI_ctrl() returns a mask on success or -1 on error.</p>
+
+<p>UI_get_default_method(), UI_get_method(), UI_OpenSSL(), UI_null() and UI_set_method() return either a valid <b>UI_METHOD</b> structure or NULL respectively.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The UI_dup_user_data() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_set_result.html b/msys2/usr/share/doc/openssl/html/man3/UI_set_result.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_set_result.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_set_result_ex.html b/msys2/usr/share/doc/openssl/html/man3/UI_set_result_ex.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_set_result_ex.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/UI_string_types.html b/msys2/usr/share/doc/openssl/html/man3/UI_string_types.html
new file mode 100644
index 000000000..462089538
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/UI_string_types.html
@@ -0,0 +1,113 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>UI_STRING</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>UI_STRING, UI_string_types, UI_get_string_type, UI_get_input_flags, UI_get0_output_string, UI_get0_action_string, UI_get0_result_string, UI_get_result_string_length, UI_get0_test_string, UI_get_result_minsize, UI_get_result_maxsize, UI_set_result, UI_set_result_ex - User interface string parsing</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ui.h&gt;
+
+ typedef struct ui_string_st UI_STRING;
+
+ enum UI_string_types {
+     UIT_NONE = 0,
+     UIT_PROMPT,                 /* Prompt for a string */
+     UIT_VERIFY,                 /* Prompt for a string and verify */
+     UIT_BOOLEAN,                /* Prompt for a yes/no response */
+     UIT_INFO,                   /* Send info to the user */
+     UIT_ERROR                   /* Send an error message to the user */
+ };
+
+ enum UI_string_types UI_get_string_type(UI_STRING *uis);
+ int UI_get_input_flags(UI_STRING *uis);
+ const char *UI_get0_output_string(UI_STRING *uis);
+ const char *UI_get0_action_string(UI_STRING *uis);
+ const char *UI_get0_result_string(UI_STRING *uis);
+ int UI_get_result_string_length(UI_STRING *uis);
+ const char *UI_get0_test_string(UI_STRING *uis);
+ int UI_get_result_minsize(UI_STRING *uis);
+ int UI_get_result_maxsize(UI_STRING *uis);
+ int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+ int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>UI_STRING</b> gets created internally and added to a <b>UI</b> whenever one of the functions UI_add_input_string(), UI_dup_input_string(), UI_add_verify_string(), UI_dup_verify_string(), UI_add_input_boolean(), UI_dup_input_boolean(), UI_add_info_string(), UI_dup_info_string(), UI_add_error_string() or UI_dup_error_string() is called. For a <b>UI_METHOD</b> user, there&#39;s no need to know more. For a <b>UI_METHOD</b> creator, it is of interest to fetch text from these <b>UI_STRING</b> objects as well as adding results to some of them.</p>
+
+<p>UI_get_string_type() is used to retrieve the type of the given <b>UI_STRING</b>.</p>
+
+<p>UI_get_input_flags() is used to retrieve the flags associated with the given <b>UI_STRING</b>.</p>
+
+<p>UI_get0_output_string() is used to retrieve the actual string to output (prompt, info, error, ...).</p>
+
+<p>UI_get0_action_string() is used to retrieve the action description associated with a <b>UIT_BOOLEAN</b> type <b>UI_STRING</b>. For all other <b>UI_STRING</b> types, NULL is returned. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a>.</p>
+
+<p>UI_get0_result_string() and UI_get_result_string_length() are used to retrieve the result of a prompt and its length. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, UI_get0_result_string() returns NULL and UI_get_result_string_length() returns -1.</p>
+
+<p>UI_get0_test_string() is used to retrieve the string to compare the prompt result with. This is only useful for <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, NULL is returned.</p>
+
+<p>UI_get_result_minsize() and UI_get_result_maxsize() are used to retrieve the minimum and maximum required size of the result. This is only useful for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings. For all other <b>UI_STRING</b> types, -1 is returned.</p>
+
+<p>UI_set_result_ex() is used to set the result value of a prompt and its length. For <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, this sets the result retrievable with UI_get0_result_string() by copying the contents of <b>result</b> if its length fits the minimum and maximum size requirements. For <b>UIT_BOOLEAN</b> type UI strings, this sets the first character of the result retrievable with UI_get0_result_string() to the first <b>ok_char</b> given with UI_add_input_boolean() or UI_dup_input_boolean() if the <b>result</b> matched any of them, or the first of the <b>cancel_chars</b> if the <b>result</b> matched any of them, otherwise it&#39;s set to the NUL char <code>\0</code>. See <a href="../man3/UI_add_input_boolean.html">UI_add_input_boolean(3)</a> for more information on <b>ok_chars</b> and <b>cancel_chars</b>.</p>
+
+<p>UI_set_result() does the same thing as UI_set_result_ex(), but calculates its length internally. It expects the string to be terminated with a NUL byte, and is therefore only useful with normal C strings.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>UI_get_string_type() returns the UI string type.</p>
+
+<p>UI_get_input_flags() returns the UI string flags.</p>
+
+<p>UI_get0_output_string() returns the UI string output string.</p>
+
+<p>UI_get0_action_string() returns the UI string action description string for <b>UIT_BOOLEAN</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get0_result_string() returns the UI string result buffer for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_string_length() returns the UI string result buffer&#39;s content length for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type UI strings, -1 for any other type.</p>
+
+<p>UI_get0_test_string() returns the UI string action description string for <b>UIT_VERIFY</b> type UI strings, NULL for any other type.</p>
+
+<p>UI_get_result_minsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_get_result_maxsize() returns the minimum allowed result size for the UI string for <b>UIT_PROMPT</b> and <b>UIT_VERIFY</b> type strings, -1 for any other type.</p>
+
+<p>UI_set_result() returns 0 on success or when the UI string is of any type other than <b>UIT_PROMPT</b>, <b>UIT_VERIFY</b> or <b>UIT_BOOLEAN</b>, -1 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/UI.html">UI(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/USERNOTICE_free.html b/msys2/usr/share/doc/openssl/html/man3/USERNOTICE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/USERNOTICE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/USERNOTICE_new.html b/msys2/usr/share/doc/openssl/html/man3/USERNOTICE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/USERNOTICE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509V3_EXT_d2i.html b/msys2/usr/share/doc/openssl/html/man3/X509V3_EXT_d2i.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509V3_EXT_d2i.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509V3_EXT_i2d.html b/msys2/usr/share/doc/openssl/html/man3/X509V3_EXT_i2d.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509V3_EXT_i2d.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509V3_add1_i2d.html b/msys2/usr/share/doc/openssl/html/man3/X509V3_add1_i2d.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509V3_add1_i2d.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509V3_get_d2i.html b/msys2/usr/share/doc/openssl/html/man3/X509V3_get_d2i.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509V3_get_d2i.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_cmp.html b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_cmp.html
new file mode 100644
index 000000000..caa91ff0f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_cmp.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_ALGOR_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_ALGOR_dup, X509_ALGOR_set0, X509_ALGOR_get0, X509_ALGOR_set_md, X509_ALGOR_cmp - AlgorithmIdentifier functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *alg);
+ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
+ void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype,
+                      const void **ppval, const X509_ALGOR *alg);
+ void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+ int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_ALGOR_dup() returns a copy of <b>alg</b>.</p>
+
+<p>X509_ALGOR_set0() sets the algorithm OID of <b>alg</b> to <b>aobj</b> and the associated parameter type to <b>ptype</b> with value <b>pval</b>. If <b>ptype</b> is <b>V_ASN1_UNDEF</b> the parameter is omitted, otherwise <b>ptype</b> and <b>pval</b> have the same meaning as the <b>type</b> and <b>value</b> parameters to ASN1_TYPE_set(). All the supplied parameters are used internally so must <b>NOT</b> be freed after this call.</p>
+
+<p>X509_ALGOR_get0() is the inverse of X509_ALGOR_set0(): it returns the algorithm OID in <b>*paobj</b> and the associated parameter in <b>*pptype</b> and <b>*ppval</b> from the <b>AlgorithmIdentifier</b> <b>alg</b>.</p>
+
+<p>X509_ALGOR_set_md() sets the <b>AlgorithmIdentifier</b> <b>alg</b> to appropriate values for the message digest <b>md</b>.</p>
+
+<p>X509_ALGOR_cmp() compares <b>a</b> and <b>b</b> and returns 0 if they have identical encodings and non-zero otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_ALGOR_dup() returns a valid <b>X509_ALGOR</b> structure or NULL if an error occurred.</p>
+
+<p>X509_ALGOR_set0() returns 1 on success or 0 on error.</p>
+
+<p>X509_ALGOR_get0() and X509_ALGOR_set_md() return no values.</p>
+
+<p>X509_ALGOR_cmp() returns 0 if the two parameters have identical encodings and non-zero otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_dup.html
new file mode 100644
index 000000000..caa91ff0f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_dup.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_ALGOR_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_ALGOR_dup, X509_ALGOR_set0, X509_ALGOR_get0, X509_ALGOR_set_md, X509_ALGOR_cmp - AlgorithmIdentifier functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *alg);
+ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
+ void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype,
+                      const void **ppval, const X509_ALGOR *alg);
+ void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+ int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_ALGOR_dup() returns a copy of <b>alg</b>.</p>
+
+<p>X509_ALGOR_set0() sets the algorithm OID of <b>alg</b> to <b>aobj</b> and the associated parameter type to <b>ptype</b> with value <b>pval</b>. If <b>ptype</b> is <b>V_ASN1_UNDEF</b> the parameter is omitted, otherwise <b>ptype</b> and <b>pval</b> have the same meaning as the <b>type</b> and <b>value</b> parameters to ASN1_TYPE_set(). All the supplied parameters are used internally so must <b>NOT</b> be freed after this call.</p>
+
+<p>X509_ALGOR_get0() is the inverse of X509_ALGOR_set0(): it returns the algorithm OID in <b>*paobj</b> and the associated parameter in <b>*pptype</b> and <b>*ppval</b> from the <b>AlgorithmIdentifier</b> <b>alg</b>.</p>
+
+<p>X509_ALGOR_set_md() sets the <b>AlgorithmIdentifier</b> <b>alg</b> to appropriate values for the message digest <b>md</b>.</p>
+
+<p>X509_ALGOR_cmp() compares <b>a</b> and <b>b</b> and returns 0 if they have identical encodings and non-zero otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_ALGOR_dup() returns a valid <b>X509_ALGOR</b> structure or NULL if an error occurred.</p>
+
+<p>X509_ALGOR_set0() returns 1 on success or 0 on error.</p>
+
+<p>X509_ALGOR_get0() and X509_ALGOR_set_md() return no values.</p>
+
+<p>X509_ALGOR_cmp() returns 0 if the two parameters have identical encodings and non-zero otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_get0.html b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_get0.html
new file mode 100644
index 000000000..caa91ff0f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_get0.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_ALGOR_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_ALGOR_dup, X509_ALGOR_set0, X509_ALGOR_get0, X509_ALGOR_set_md, X509_ALGOR_cmp - AlgorithmIdentifier functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *alg);
+ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
+ void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype,
+                      const void **ppval, const X509_ALGOR *alg);
+ void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+ int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_ALGOR_dup() returns a copy of <b>alg</b>.</p>
+
+<p>X509_ALGOR_set0() sets the algorithm OID of <b>alg</b> to <b>aobj</b> and the associated parameter type to <b>ptype</b> with value <b>pval</b>. If <b>ptype</b> is <b>V_ASN1_UNDEF</b> the parameter is omitted, otherwise <b>ptype</b> and <b>pval</b> have the same meaning as the <b>type</b> and <b>value</b> parameters to ASN1_TYPE_set(). All the supplied parameters are used internally so must <b>NOT</b> be freed after this call.</p>
+
+<p>X509_ALGOR_get0() is the inverse of X509_ALGOR_set0(): it returns the algorithm OID in <b>*paobj</b> and the associated parameter in <b>*pptype</b> and <b>*ppval</b> from the <b>AlgorithmIdentifier</b> <b>alg</b>.</p>
+
+<p>X509_ALGOR_set_md() sets the <b>AlgorithmIdentifier</b> <b>alg</b> to appropriate values for the message digest <b>md</b>.</p>
+
+<p>X509_ALGOR_cmp() compares <b>a</b> and <b>b</b> and returns 0 if they have identical encodings and non-zero otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_ALGOR_dup() returns a valid <b>X509_ALGOR</b> structure or NULL if an error occurred.</p>
+
+<p>X509_ALGOR_set0() returns 1 on success or 0 on error.</p>
+
+<p>X509_ALGOR_get0() and X509_ALGOR_set_md() return no values.</p>
+
+<p>X509_ALGOR_cmp() returns 0 if the two parameters have identical encodings and non-zero otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_set0.html b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_set0.html
new file mode 100644
index 000000000..caa91ff0f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_set0.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_ALGOR_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_ALGOR_dup, X509_ALGOR_set0, X509_ALGOR_get0, X509_ALGOR_set_md, X509_ALGOR_cmp - AlgorithmIdentifier functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *alg);
+ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
+ void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype,
+                      const void **ppval, const X509_ALGOR *alg);
+ void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+ int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_ALGOR_dup() returns a copy of <b>alg</b>.</p>
+
+<p>X509_ALGOR_set0() sets the algorithm OID of <b>alg</b> to <b>aobj</b> and the associated parameter type to <b>ptype</b> with value <b>pval</b>. If <b>ptype</b> is <b>V_ASN1_UNDEF</b> the parameter is omitted, otherwise <b>ptype</b> and <b>pval</b> have the same meaning as the <b>type</b> and <b>value</b> parameters to ASN1_TYPE_set(). All the supplied parameters are used internally so must <b>NOT</b> be freed after this call.</p>
+
+<p>X509_ALGOR_get0() is the inverse of X509_ALGOR_set0(): it returns the algorithm OID in <b>*paobj</b> and the associated parameter in <b>*pptype</b> and <b>*ppval</b> from the <b>AlgorithmIdentifier</b> <b>alg</b>.</p>
+
+<p>X509_ALGOR_set_md() sets the <b>AlgorithmIdentifier</b> <b>alg</b> to appropriate values for the message digest <b>md</b>.</p>
+
+<p>X509_ALGOR_cmp() compares <b>a</b> and <b>b</b> and returns 0 if they have identical encodings and non-zero otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_ALGOR_dup() returns a valid <b>X509_ALGOR</b> structure or NULL if an error occurred.</p>
+
+<p>X509_ALGOR_set0() returns 1 on success or 0 on error.</p>
+
+<p>X509_ALGOR_get0() and X509_ALGOR_set_md() return no values.</p>
+
+<p>X509_ALGOR_cmp() returns 0 if the two parameters have identical encodings and non-zero otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_set_md.html b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_set_md.html
new file mode 100644
index 000000000..caa91ff0f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ALGOR_set_md.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_ALGOR_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_ALGOR_dup, X509_ALGOR_set0, X509_ALGOR_get0, X509_ALGOR_set_md, X509_ALGOR_cmp - AlgorithmIdentifier functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *alg);
+ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
+ void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype,
+                      const void **ppval, const X509_ALGOR *alg);
+ void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+ int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_ALGOR_dup() returns a copy of <b>alg</b>.</p>
+
+<p>X509_ALGOR_set0() sets the algorithm OID of <b>alg</b> to <b>aobj</b> and the associated parameter type to <b>ptype</b> with value <b>pval</b>. If <b>ptype</b> is <b>V_ASN1_UNDEF</b> the parameter is omitted, otherwise <b>ptype</b> and <b>pval</b> have the same meaning as the <b>type</b> and <b>value</b> parameters to ASN1_TYPE_set(). All the supplied parameters are used internally so must <b>NOT</b> be freed after this call.</p>
+
+<p>X509_ALGOR_get0() is the inverse of X509_ALGOR_set0(): it returns the algorithm OID in <b>*paobj</b> and the associated parameter in <b>*pptype</b> and <b>*ppval</b> from the <b>AlgorithmIdentifier</b> <b>alg</b>.</p>
+
+<p>X509_ALGOR_set_md() sets the <b>AlgorithmIdentifier</b> <b>alg</b> to appropriate values for the message digest <b>md</b>.</p>
+
+<p>X509_ALGOR_cmp() compares <b>a</b> and <b>b</b> and returns 0 if they have identical encodings and non-zero otherwise.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_ALGOR_dup() returns a valid <b>X509_ALGOR</b> structure or NULL if an error occurred.</p>
+
+<p>X509_ALGOR_set0() returns 1 on success or 0 on error.</p>
+
+<p>X509_ALGOR_get0() and X509_ALGOR_set_md() return no values.</p>
+
+<p>X509_ALGOR_cmp() returns 0 if the two parameters have identical encodings and non-zero otherwise.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CERT_AUX_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_CERT_AUX_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CERT_AUX_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CERT_AUX_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_CERT_AUX_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CERT_AUX_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CINF_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_CINF_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CINF_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CINF_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_CINF_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CINF_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_INFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_INFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_INFO_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_INFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_INFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add0_revoked.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add0_revoked.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add0_revoked.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add1_ext_i2d.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add1_ext_i2d.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add1_ext_i2d.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_add_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_delete_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_delete_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_delete_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_digest.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_digest.html
new file mode 100644
index 000000000..98c8462b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_digest.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_digest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_digest, PKCS7_ISSUER_AND_SERIAL_digest - get digest of various objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
+                 unsigned int *len);
+
+ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
+                     unsigned int *len);
+
+ int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+                        unsigned char *md, unsigned int *len);
+
+ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+                     unsigned char *md, unsigned int *len);
+
+ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+                      unsigned char *md, unsigned int *len);
+
+ #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+                                    const EVP_MD *type, unsigned char *md,
+                                    unsigned int *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_pubkey_digest() returns a digest of the DER representation of the public key in the specified X509 <b>data</b> object. All other functions described here return a digest of the DER representation of their entire <b>data</b> objects.</p>
+
+<p>The <b>type</b> parameter specifies the digest to be used, such as EVP_sha1(). The <b>md</b> is a pointer to the buffer where the digest will be copied and is assumed to be large enough; the constant <b>EVP_MAX_MD_SIZE</b> is suggested. The <b>len</b> parameter, if not NULL, points to a place where the digest size will be stored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions described here return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_sha1.html">EVP_sha1(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_by_cert.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_by_cert.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_by_cert.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_by_serial.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_by_serial.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_by_serial.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_extensions.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_extensions.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_extensions.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_lastUpdate.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_lastUpdate.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_lastUpdate.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_nextUpdate.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_nextUpdate.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_nextUpdate.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_signature.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_signature.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get0_signature.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_REVOKED.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_REVOKED.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_REVOKED.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_NID.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_NID.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_OBJ.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_OBJ.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_critical.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_critical.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_critical.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_count.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_count.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_count.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_d2i.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_d2i.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_ext_d2i.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_issuer.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_issuer.html
new file mode 100644
index 000000000..ae07d6d05
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_issuer.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_subject_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_subject_name, X509_set_subject_name, X509_get_issuer_name, X509_set_issuer_name, X509_REQ_get_subject_name, X509_REQ_set_subject_name, X509_CRL_get_issuer, X509_CRL_set_issuer_name - get and set issuer or subject names</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_NAME *X509_get_subject_name(const X509 *x);
+ int X509_set_subject_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_get_issuer_name(const X509 *x);
+ int X509_set_issuer_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_subject_name() returns the subject name of certificate <b>x</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed.</p>
+
+<p>X509_set_subject_name() sets the issuer name of certificate <b>x</b> to <b>name</b>. The <b>name</b> parameter is copied internally and should be freed up when it is no longer needed.</p>
+
+<p>X509_get_issuer_name() and X509_set_issuer_name() are identical to X509_get_subject_name() and X509_set_subject_name() except the get and set the issuer name of <b>x</b>.</p>
+
+<p>Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an <b>X509_NAME</b> pointer.</p>
+
+<p>X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.</p>
+
+<p>X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_signature_nid.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_signature_nid.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_signature_nid.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_version.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_version.html
new file mode 100644
index 000000000..6cb54a862
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_get_version.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_version, X509_set_version, X509_REQ_get_version, X509_REQ_set_version, X509_CRL_get_version, X509_CRL_set_version - get or set certificate, certificate request or CRL version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ long X509_get_version(const X509 *x);
+ int X509_set_version(X509 *x, long version);
+
+ long X509_REQ_get_version(const X509_REQ *req);
+ int X509_REQ_set_version(X509_REQ *x, long version);
+
+ long X509_CRL_get_version(const X509_CRL *crl);
+ int X509_CRL_set_version(X509_CRL *x, long version);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_version() returns the numerical value of the version field of certificate <b>x</b>. Note: this is defined by standards (X.509 et al) to be one less than the certificate version. So a version 3 certificate will return 2 and a version 1 certificate will return 0.</p>
+
+<p>X509_set_version() sets the numerical value of the version field of certificate <b>x</b> to <b>version</b>.</p>
+
+<p>Similarly X509_REQ_get_version(), X509_REQ_set_version(), X509_CRL_get_version() and X509_CRL_set_version() get and set the version number of certificate requests and CRLs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The version field of certificates, certificate requests and CRLs has a DEFAULT value of <b>v1(0)</b> meaning the field should be omitted for version 1. This is handled transparently by these functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() return the numerical value of the version field.</p>
+
+<p>X509_set_version(), X509_REQ_set_version() and X509_CRL_set_version() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() are functions in OpenSSL 1.1.0, in previous versions they were macros.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set1_lastUpdate.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set1_lastUpdate.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set1_lastUpdate.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set1_nextUpdate.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set1_nextUpdate.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set1_nextUpdate.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set_issuer_name.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set_issuer_name.html
new file mode 100644
index 000000000..ae07d6d05
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set_issuer_name.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_subject_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_subject_name, X509_set_subject_name, X509_get_issuer_name, X509_set_issuer_name, X509_REQ_get_subject_name, X509_REQ_set_subject_name, X509_CRL_get_issuer, X509_CRL_set_issuer_name - get and set issuer or subject names</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_NAME *X509_get_subject_name(const X509 *x);
+ int X509_set_subject_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_get_issuer_name(const X509 *x);
+ int X509_set_issuer_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_subject_name() returns the subject name of certificate <b>x</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed.</p>
+
+<p>X509_set_subject_name() sets the issuer name of certificate <b>x</b> to <b>name</b>. The <b>name</b> parameter is copied internally and should be freed up when it is no longer needed.</p>
+
+<p>X509_get_issuer_name() and X509_set_issuer_name() are identical to X509_get_subject_name() and X509_set_subject_name() except the get and set the issuer name of <b>x</b>.</p>
+
+<p>Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an <b>X509_NAME</b> pointer.</p>
+
+<p>X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.</p>
+
+<p>X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set_version.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set_version.html
new file mode 100644
index 000000000..6cb54a862
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_set_version.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_version, X509_set_version, X509_REQ_get_version, X509_REQ_set_version, X509_CRL_get_version, X509_CRL_set_version - get or set certificate, certificate request or CRL version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ long X509_get_version(const X509 *x);
+ int X509_set_version(X509 *x, long version);
+
+ long X509_REQ_get_version(const X509_REQ *req);
+ int X509_REQ_set_version(X509_REQ *x, long version);
+
+ long X509_CRL_get_version(const X509_CRL *crl);
+ int X509_CRL_set_version(X509_CRL *x, long version);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_version() returns the numerical value of the version field of certificate <b>x</b>. Note: this is defined by standards (X.509 et al) to be one less than the certificate version. So a version 3 certificate will return 2 and a version 1 certificate will return 0.</p>
+
+<p>X509_set_version() sets the numerical value of the version field of certificate <b>x</b> to <b>version</b>.</p>
+
+<p>Similarly X509_REQ_get_version(), X509_REQ_set_version(), X509_CRL_get_version() and X509_CRL_set_version() get and set the version number of certificate requests and CRLs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The version field of certificates, certificate requests and CRLs has a DEFAULT value of <b>v1(0)</b> meaning the field should be omitted for version 1. This is handled transparently by these functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() return the numerical value of the version field.</p>
+
+<p>X509_set_version(), X509_REQ_set_version() and X509_CRL_set_version() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() are functions in OpenSSL 1.1.0, in previous versions they were macros.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sign.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sign.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sign.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sign_ctx.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sign_ctx.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sign_ctx.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sort.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sort.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_sort.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_CRL_verify.html b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_verify.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_CRL_verify.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_create_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_create_by_NID.html
new file mode 100644
index 000000000..e5f46ca5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_create_by_NID.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_EXTENSION_set_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_EXTENSION_set_object, X509_EXTENSION_set_critical, X509_EXTENSION_set_data, X509_EXTENSION_create_by_NID, X509_EXTENSION_create_by_OBJ, X509_EXTENSION_get_object, X509_EXTENSION_get_critical, X509_EXTENSION_get_data - extension utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+
+ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                              int nid, int crit,
+                                              ASN1_OCTET_STRING *data);
+ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                              const ASN1_OBJECT *obj, int crit,
+                                              ASN1_OCTET_STRING *data);
+
+ ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_EXTENSION_set_object() sets the extension type of <b>ex</b> to <b>obj</b>. The <b>obj</b> pointer is duplicated internally so <b>obj</b> should be freed up after use.</p>
+
+<p>X509_EXTENSION_set_critical() sets the criticality of <b>ex</b> to <b>crit</b>. If <b>crit</b> is zero the extension in non-critical otherwise it is critical.</p>
+
+<p>X509_EXTENSION_set_data() sets the data in extension <b>ex</b> to <b>data</b>. The <b>data</b> pointer is duplicated internally.</p>
+
+<p>X509_EXTENSION_create_by_NID() creates an extension of type <b>nid</b>, criticality <b>crit</b> using data <b>data</b>. The created extension is returned and written to <b>*ex</b> reusing or allocating a new extension if necessary so <b>*ex</b> should either be <b>NULL</b> or a valid <b>X509_EXTENSION</b> structure it must <b>not</b> be an uninitialised pointer.</p>
+
+<p>X509_EXTENSION_create_by_OBJ() is identical to X509_EXTENSION_create_by_NID() except it creates and extension using <b>obj</b> instead of a NID.</p>
+
+<p>X509_EXTENSION_get_object() returns the extension type of <b>ex</b> as an <b>ASN1_OBJECT</b> pointer. The returned pointer is an internal value which must not be freed up.</p>
+
+<p>X509_EXTENSION_get_critical() returns the criticality of extension <b>ex</b> it returns <b>1</b> for critical and <b>0</b> for non-critical.</p>
+
+<p>X509_EXTENSION_get_data() returns the data of extension <b>ex</b>. The returned pointer is an internal value which must not be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions manipulate the contents of an extension directly. Most applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>The <b>data</b> associated with an extension is the extension encoding in an <b>ASN1_OCTET_STRING</b> structure.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_EXTENSION_set_object() X509_EXTENSION_set_critical() and X509_EXTENSION_set_data() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>X509_EXTENSION_create_by_NID() and X509_EXTENSION_create_by_OBJ() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_EXTENSION_get_object() returns an <b>ASN1_OBJECT</b> pointer.</p>
+
+<p>X509_EXTENSION_get_critical() returns <b>0</b> for non-critical and <b>1</b> for critical.</p>
+
+<p>X509_EXTENSION_get_data() returns an <b>ASN1_OCTET_STRING</b> pointer.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_create_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_create_by_OBJ.html
new file mode 100644
index 000000000..e5f46ca5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_create_by_OBJ.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_EXTENSION_set_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_EXTENSION_set_object, X509_EXTENSION_set_critical, X509_EXTENSION_set_data, X509_EXTENSION_create_by_NID, X509_EXTENSION_create_by_OBJ, X509_EXTENSION_get_object, X509_EXTENSION_get_critical, X509_EXTENSION_get_data - extension utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+
+ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                              int nid, int crit,
+                                              ASN1_OCTET_STRING *data);
+ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                              const ASN1_OBJECT *obj, int crit,
+                                              ASN1_OCTET_STRING *data);
+
+ ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_EXTENSION_set_object() sets the extension type of <b>ex</b> to <b>obj</b>. The <b>obj</b> pointer is duplicated internally so <b>obj</b> should be freed up after use.</p>
+
+<p>X509_EXTENSION_set_critical() sets the criticality of <b>ex</b> to <b>crit</b>. If <b>crit</b> is zero the extension in non-critical otherwise it is critical.</p>
+
+<p>X509_EXTENSION_set_data() sets the data in extension <b>ex</b> to <b>data</b>. The <b>data</b> pointer is duplicated internally.</p>
+
+<p>X509_EXTENSION_create_by_NID() creates an extension of type <b>nid</b>, criticality <b>crit</b> using data <b>data</b>. The created extension is returned and written to <b>*ex</b> reusing or allocating a new extension if necessary so <b>*ex</b> should either be <b>NULL</b> or a valid <b>X509_EXTENSION</b> structure it must <b>not</b> be an uninitialised pointer.</p>
+
+<p>X509_EXTENSION_create_by_OBJ() is identical to X509_EXTENSION_create_by_NID() except it creates and extension using <b>obj</b> instead of a NID.</p>
+
+<p>X509_EXTENSION_get_object() returns the extension type of <b>ex</b> as an <b>ASN1_OBJECT</b> pointer. The returned pointer is an internal value which must not be freed up.</p>
+
+<p>X509_EXTENSION_get_critical() returns the criticality of extension <b>ex</b> it returns <b>1</b> for critical and <b>0</b> for non-critical.</p>
+
+<p>X509_EXTENSION_get_data() returns the data of extension <b>ex</b>. The returned pointer is an internal value which must not be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions manipulate the contents of an extension directly. Most applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>The <b>data</b> associated with an extension is the extension encoding in an <b>ASN1_OCTET_STRING</b> structure.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_EXTENSION_set_object() X509_EXTENSION_set_critical() and X509_EXTENSION_set_data() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>X509_EXTENSION_create_by_NID() and X509_EXTENSION_create_by_OBJ() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_EXTENSION_get_object() returns an <b>ASN1_OBJECT</b> pointer.</p>
+
+<p>X509_EXTENSION_get_critical() returns <b>0</b> for non-critical and <b>1</b> for critical.</p>
+
+<p>X509_EXTENSION_get_data() returns an <b>ASN1_OCTET_STRING</b> pointer.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_critical.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_critical.html
new file mode 100644
index 000000000..e5f46ca5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_critical.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_EXTENSION_set_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_EXTENSION_set_object, X509_EXTENSION_set_critical, X509_EXTENSION_set_data, X509_EXTENSION_create_by_NID, X509_EXTENSION_create_by_OBJ, X509_EXTENSION_get_object, X509_EXTENSION_get_critical, X509_EXTENSION_get_data - extension utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+
+ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                              int nid, int crit,
+                                              ASN1_OCTET_STRING *data);
+ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                              const ASN1_OBJECT *obj, int crit,
+                                              ASN1_OCTET_STRING *data);
+
+ ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_EXTENSION_set_object() sets the extension type of <b>ex</b> to <b>obj</b>. The <b>obj</b> pointer is duplicated internally so <b>obj</b> should be freed up after use.</p>
+
+<p>X509_EXTENSION_set_critical() sets the criticality of <b>ex</b> to <b>crit</b>. If <b>crit</b> is zero the extension in non-critical otherwise it is critical.</p>
+
+<p>X509_EXTENSION_set_data() sets the data in extension <b>ex</b> to <b>data</b>. The <b>data</b> pointer is duplicated internally.</p>
+
+<p>X509_EXTENSION_create_by_NID() creates an extension of type <b>nid</b>, criticality <b>crit</b> using data <b>data</b>. The created extension is returned and written to <b>*ex</b> reusing or allocating a new extension if necessary so <b>*ex</b> should either be <b>NULL</b> or a valid <b>X509_EXTENSION</b> structure it must <b>not</b> be an uninitialised pointer.</p>
+
+<p>X509_EXTENSION_create_by_OBJ() is identical to X509_EXTENSION_create_by_NID() except it creates and extension using <b>obj</b> instead of a NID.</p>
+
+<p>X509_EXTENSION_get_object() returns the extension type of <b>ex</b> as an <b>ASN1_OBJECT</b> pointer. The returned pointer is an internal value which must not be freed up.</p>
+
+<p>X509_EXTENSION_get_critical() returns the criticality of extension <b>ex</b> it returns <b>1</b> for critical and <b>0</b> for non-critical.</p>
+
+<p>X509_EXTENSION_get_data() returns the data of extension <b>ex</b>. The returned pointer is an internal value which must not be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions manipulate the contents of an extension directly. Most applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>The <b>data</b> associated with an extension is the extension encoding in an <b>ASN1_OCTET_STRING</b> structure.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_EXTENSION_set_object() X509_EXTENSION_set_critical() and X509_EXTENSION_set_data() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>X509_EXTENSION_create_by_NID() and X509_EXTENSION_create_by_OBJ() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_EXTENSION_get_object() returns an <b>ASN1_OBJECT</b> pointer.</p>
+
+<p>X509_EXTENSION_get_critical() returns <b>0</b> for non-critical and <b>1</b> for critical.</p>
+
+<p>X509_EXTENSION_get_data() returns an <b>ASN1_OCTET_STRING</b> pointer.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_data.html
new file mode 100644
index 000000000..e5f46ca5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_data.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_EXTENSION_set_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_EXTENSION_set_object, X509_EXTENSION_set_critical, X509_EXTENSION_set_data, X509_EXTENSION_create_by_NID, X509_EXTENSION_create_by_OBJ, X509_EXTENSION_get_object, X509_EXTENSION_get_critical, X509_EXTENSION_get_data - extension utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+
+ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                              int nid, int crit,
+                                              ASN1_OCTET_STRING *data);
+ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                              const ASN1_OBJECT *obj, int crit,
+                                              ASN1_OCTET_STRING *data);
+
+ ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_EXTENSION_set_object() sets the extension type of <b>ex</b> to <b>obj</b>. The <b>obj</b> pointer is duplicated internally so <b>obj</b> should be freed up after use.</p>
+
+<p>X509_EXTENSION_set_critical() sets the criticality of <b>ex</b> to <b>crit</b>. If <b>crit</b> is zero the extension in non-critical otherwise it is critical.</p>
+
+<p>X509_EXTENSION_set_data() sets the data in extension <b>ex</b> to <b>data</b>. The <b>data</b> pointer is duplicated internally.</p>
+
+<p>X509_EXTENSION_create_by_NID() creates an extension of type <b>nid</b>, criticality <b>crit</b> using data <b>data</b>. The created extension is returned and written to <b>*ex</b> reusing or allocating a new extension if necessary so <b>*ex</b> should either be <b>NULL</b> or a valid <b>X509_EXTENSION</b> structure it must <b>not</b> be an uninitialised pointer.</p>
+
+<p>X509_EXTENSION_create_by_OBJ() is identical to X509_EXTENSION_create_by_NID() except it creates and extension using <b>obj</b> instead of a NID.</p>
+
+<p>X509_EXTENSION_get_object() returns the extension type of <b>ex</b> as an <b>ASN1_OBJECT</b> pointer. The returned pointer is an internal value which must not be freed up.</p>
+
+<p>X509_EXTENSION_get_critical() returns the criticality of extension <b>ex</b> it returns <b>1</b> for critical and <b>0</b> for non-critical.</p>
+
+<p>X509_EXTENSION_get_data() returns the data of extension <b>ex</b>. The returned pointer is an internal value which must not be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions manipulate the contents of an extension directly. Most applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>The <b>data</b> associated with an extension is the extension encoding in an <b>ASN1_OCTET_STRING</b> structure.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_EXTENSION_set_object() X509_EXTENSION_set_critical() and X509_EXTENSION_set_data() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>X509_EXTENSION_create_by_NID() and X509_EXTENSION_create_by_OBJ() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_EXTENSION_get_object() returns an <b>ASN1_OBJECT</b> pointer.</p>
+
+<p>X509_EXTENSION_get_critical() returns <b>0</b> for non-critical and <b>1</b> for critical.</p>
+
+<p>X509_EXTENSION_get_data() returns an <b>ASN1_OCTET_STRING</b> pointer.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_object.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_object.html
new file mode 100644
index 000000000..e5f46ca5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_get_object.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_EXTENSION_set_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_EXTENSION_set_object, X509_EXTENSION_set_critical, X509_EXTENSION_set_data, X509_EXTENSION_create_by_NID, X509_EXTENSION_create_by_OBJ, X509_EXTENSION_get_object, X509_EXTENSION_get_critical, X509_EXTENSION_get_data - extension utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+
+ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                              int nid, int crit,
+                                              ASN1_OCTET_STRING *data);
+ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                              const ASN1_OBJECT *obj, int crit,
+                                              ASN1_OCTET_STRING *data);
+
+ ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_EXTENSION_set_object() sets the extension type of <b>ex</b> to <b>obj</b>. The <b>obj</b> pointer is duplicated internally so <b>obj</b> should be freed up after use.</p>
+
+<p>X509_EXTENSION_set_critical() sets the criticality of <b>ex</b> to <b>crit</b>. If <b>crit</b> is zero the extension in non-critical otherwise it is critical.</p>
+
+<p>X509_EXTENSION_set_data() sets the data in extension <b>ex</b> to <b>data</b>. The <b>data</b> pointer is duplicated internally.</p>
+
+<p>X509_EXTENSION_create_by_NID() creates an extension of type <b>nid</b>, criticality <b>crit</b> using data <b>data</b>. The created extension is returned and written to <b>*ex</b> reusing or allocating a new extension if necessary so <b>*ex</b> should either be <b>NULL</b> or a valid <b>X509_EXTENSION</b> structure it must <b>not</b> be an uninitialised pointer.</p>
+
+<p>X509_EXTENSION_create_by_OBJ() is identical to X509_EXTENSION_create_by_NID() except it creates and extension using <b>obj</b> instead of a NID.</p>
+
+<p>X509_EXTENSION_get_object() returns the extension type of <b>ex</b> as an <b>ASN1_OBJECT</b> pointer. The returned pointer is an internal value which must not be freed up.</p>
+
+<p>X509_EXTENSION_get_critical() returns the criticality of extension <b>ex</b> it returns <b>1</b> for critical and <b>0</b> for non-critical.</p>
+
+<p>X509_EXTENSION_get_data() returns the data of extension <b>ex</b>. The returned pointer is an internal value which must not be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions manipulate the contents of an extension directly. Most applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>The <b>data</b> associated with an extension is the extension encoding in an <b>ASN1_OCTET_STRING</b> structure.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_EXTENSION_set_object() X509_EXTENSION_set_critical() and X509_EXTENSION_set_data() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>X509_EXTENSION_create_by_NID() and X509_EXTENSION_create_by_OBJ() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_EXTENSION_get_object() returns an <b>ASN1_OBJECT</b> pointer.</p>
+
+<p>X509_EXTENSION_get_critical() returns <b>0</b> for non-critical and <b>1</b> for critical.</p>
+
+<p>X509_EXTENSION_get_data() returns an <b>ASN1_OCTET_STRING</b> pointer.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_critical.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_critical.html
new file mode 100644
index 000000000..e5f46ca5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_critical.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_EXTENSION_set_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_EXTENSION_set_object, X509_EXTENSION_set_critical, X509_EXTENSION_set_data, X509_EXTENSION_create_by_NID, X509_EXTENSION_create_by_OBJ, X509_EXTENSION_get_object, X509_EXTENSION_get_critical, X509_EXTENSION_get_data - extension utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+
+ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                              int nid, int crit,
+                                              ASN1_OCTET_STRING *data);
+ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                              const ASN1_OBJECT *obj, int crit,
+                                              ASN1_OCTET_STRING *data);
+
+ ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_EXTENSION_set_object() sets the extension type of <b>ex</b> to <b>obj</b>. The <b>obj</b> pointer is duplicated internally so <b>obj</b> should be freed up after use.</p>
+
+<p>X509_EXTENSION_set_critical() sets the criticality of <b>ex</b> to <b>crit</b>. If <b>crit</b> is zero the extension in non-critical otherwise it is critical.</p>
+
+<p>X509_EXTENSION_set_data() sets the data in extension <b>ex</b> to <b>data</b>. The <b>data</b> pointer is duplicated internally.</p>
+
+<p>X509_EXTENSION_create_by_NID() creates an extension of type <b>nid</b>, criticality <b>crit</b> using data <b>data</b>. The created extension is returned and written to <b>*ex</b> reusing or allocating a new extension if necessary so <b>*ex</b> should either be <b>NULL</b> or a valid <b>X509_EXTENSION</b> structure it must <b>not</b> be an uninitialised pointer.</p>
+
+<p>X509_EXTENSION_create_by_OBJ() is identical to X509_EXTENSION_create_by_NID() except it creates and extension using <b>obj</b> instead of a NID.</p>
+
+<p>X509_EXTENSION_get_object() returns the extension type of <b>ex</b> as an <b>ASN1_OBJECT</b> pointer. The returned pointer is an internal value which must not be freed up.</p>
+
+<p>X509_EXTENSION_get_critical() returns the criticality of extension <b>ex</b> it returns <b>1</b> for critical and <b>0</b> for non-critical.</p>
+
+<p>X509_EXTENSION_get_data() returns the data of extension <b>ex</b>. The returned pointer is an internal value which must not be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions manipulate the contents of an extension directly. Most applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>The <b>data</b> associated with an extension is the extension encoding in an <b>ASN1_OCTET_STRING</b> structure.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_EXTENSION_set_object() X509_EXTENSION_set_critical() and X509_EXTENSION_set_data() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>X509_EXTENSION_create_by_NID() and X509_EXTENSION_create_by_OBJ() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_EXTENSION_get_object() returns an <b>ASN1_OBJECT</b> pointer.</p>
+
+<p>X509_EXTENSION_get_critical() returns <b>0</b> for non-critical and <b>1</b> for critical.</p>
+
+<p>X509_EXTENSION_get_data() returns an <b>ASN1_OCTET_STRING</b> pointer.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_data.html
new file mode 100644
index 000000000..e5f46ca5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_data.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_EXTENSION_set_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_EXTENSION_set_object, X509_EXTENSION_set_critical, X509_EXTENSION_set_data, X509_EXTENSION_create_by_NID, X509_EXTENSION_create_by_OBJ, X509_EXTENSION_get_object, X509_EXTENSION_get_critical, X509_EXTENSION_get_data - extension utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+
+ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                              int nid, int crit,
+                                              ASN1_OCTET_STRING *data);
+ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                              const ASN1_OBJECT *obj, int crit,
+                                              ASN1_OCTET_STRING *data);
+
+ ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_EXTENSION_set_object() sets the extension type of <b>ex</b> to <b>obj</b>. The <b>obj</b> pointer is duplicated internally so <b>obj</b> should be freed up after use.</p>
+
+<p>X509_EXTENSION_set_critical() sets the criticality of <b>ex</b> to <b>crit</b>. If <b>crit</b> is zero the extension in non-critical otherwise it is critical.</p>
+
+<p>X509_EXTENSION_set_data() sets the data in extension <b>ex</b> to <b>data</b>. The <b>data</b> pointer is duplicated internally.</p>
+
+<p>X509_EXTENSION_create_by_NID() creates an extension of type <b>nid</b>, criticality <b>crit</b> using data <b>data</b>. The created extension is returned and written to <b>*ex</b> reusing or allocating a new extension if necessary so <b>*ex</b> should either be <b>NULL</b> or a valid <b>X509_EXTENSION</b> structure it must <b>not</b> be an uninitialised pointer.</p>
+
+<p>X509_EXTENSION_create_by_OBJ() is identical to X509_EXTENSION_create_by_NID() except it creates and extension using <b>obj</b> instead of a NID.</p>
+
+<p>X509_EXTENSION_get_object() returns the extension type of <b>ex</b> as an <b>ASN1_OBJECT</b> pointer. The returned pointer is an internal value which must not be freed up.</p>
+
+<p>X509_EXTENSION_get_critical() returns the criticality of extension <b>ex</b> it returns <b>1</b> for critical and <b>0</b> for non-critical.</p>
+
+<p>X509_EXTENSION_get_data() returns the data of extension <b>ex</b>. The returned pointer is an internal value which must not be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions manipulate the contents of an extension directly. Most applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>The <b>data</b> associated with an extension is the extension encoding in an <b>ASN1_OCTET_STRING</b> structure.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_EXTENSION_set_object() X509_EXTENSION_set_critical() and X509_EXTENSION_set_data() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>X509_EXTENSION_create_by_NID() and X509_EXTENSION_create_by_OBJ() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_EXTENSION_get_object() returns an <b>ASN1_OBJECT</b> pointer.</p>
+
+<p>X509_EXTENSION_get_critical() returns <b>0</b> for non-critical and <b>1</b> for critical.</p>
+
+<p>X509_EXTENSION_get_data() returns an <b>ASN1_OCTET_STRING</b> pointer.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_object.html b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_object.html
new file mode 100644
index 000000000..e5f46ca5c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_EXTENSION_set_object.html
@@ -0,0 +1,96 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_EXTENSION_set_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_EXTENSION_set_object, X509_EXTENSION_set_critical, X509_EXTENSION_set_data, X509_EXTENSION_create_by_NID, X509_EXTENSION_create_by_OBJ, X509_EXTENSION_get_object, X509_EXTENSION_get_critical, X509_EXTENSION_get_data - extension utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+
+ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                              int nid, int crit,
+                                              ASN1_OCTET_STRING *data);
+ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                              const ASN1_OBJECT *obj, int crit,
+                                              ASN1_OCTET_STRING *data);
+
+ ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_EXTENSION_set_object() sets the extension type of <b>ex</b> to <b>obj</b>. The <b>obj</b> pointer is duplicated internally so <b>obj</b> should be freed up after use.</p>
+
+<p>X509_EXTENSION_set_critical() sets the criticality of <b>ex</b> to <b>crit</b>. If <b>crit</b> is zero the extension in non-critical otherwise it is critical.</p>
+
+<p>X509_EXTENSION_set_data() sets the data in extension <b>ex</b> to <b>data</b>. The <b>data</b> pointer is duplicated internally.</p>
+
+<p>X509_EXTENSION_create_by_NID() creates an extension of type <b>nid</b>, criticality <b>crit</b> using data <b>data</b>. The created extension is returned and written to <b>*ex</b> reusing or allocating a new extension if necessary so <b>*ex</b> should either be <b>NULL</b> or a valid <b>X509_EXTENSION</b> structure it must <b>not</b> be an uninitialised pointer.</p>
+
+<p>X509_EXTENSION_create_by_OBJ() is identical to X509_EXTENSION_create_by_NID() except it creates and extension using <b>obj</b> instead of a NID.</p>
+
+<p>X509_EXTENSION_get_object() returns the extension type of <b>ex</b> as an <b>ASN1_OBJECT</b> pointer. The returned pointer is an internal value which must not be freed up.</p>
+
+<p>X509_EXTENSION_get_critical() returns the criticality of extension <b>ex</b> it returns <b>1</b> for critical and <b>0</b> for non-critical.</p>
+
+<p>X509_EXTENSION_get_data() returns the data of extension <b>ex</b>. The returned pointer is an internal value which must not be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions manipulate the contents of an extension directly. Most applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>The <b>data</b> associated with an extension is the extension encoding in an <b>ASN1_OCTET_STRING</b> structure.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_EXTENSION_set_object() X509_EXTENSION_set_critical() and X509_EXTENSION_set_data() return <b>1</b> for success and <b>0</b> for failure.</p>
+
+<p>X509_EXTENSION_create_by_NID() and X509_EXTENSION_create_by_OBJ() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_EXTENSION_get_object() returns an <b>ASN1_OBJECT</b> pointer.</p>
+
+<p>X509_EXTENSION_get_critical() returns <b>0</b> for non-critical and <b>1</b> for critical.</p>
+
+<p>X509_EXTENSION_get_data() returns an <b>ASN1_OCTET_STRING</b> pointer.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_ctrl_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_ctrl_fn.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_ctrl_fn.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_file.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_file.html
new file mode 100644
index 000000000..386450e81
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_file.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_hash_dir</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#File-Method">File Method</a></li>
+      <li><a href="#Hashed-Directory-Method">Hashed Directory Method</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_hash_dir, X509_LOOKUP_file, X509_load_cert_file, X509_load_crl_file, X509_load_cert_crl_file - Default OpenSSL certificate lookup methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+ X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>X509_LOOKUP_hash_dir</b> and <b>X509_LOOKUP_file</b> are two certificate lookup methods to use with <b>X509_STORE</b>, provided by OpenSSL library.</p>
+
+<p>Users of the library typically do not need to create instances of these methods manually, they would be created automatically by <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a> or <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> functions.</p>
+
+<p>Internally loading of certificates and CRLs is implemented via functions <b>X509_load_cert_crl_file</b>, <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b>. These functions support parameter <i>type</i>, which can be one of constants <b>FILETYPE_PEM</b>, <b>FILETYPE_ASN1</b> and <b>FILETYPE_DEFAULT</b>. They load certificates and/or CRLs from specified file into memory cache of <b>X509_STORE</b> objects which given <b>ctx</b> parameter is associated with.</p>
+
+<p>Functions <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b> can load both PEM and DER formats depending of type value. Because DER format cannot contain more than one certificate or CRL object (while PEM can contain several concatenated PEM objects) <b>X509_load_cert_crl_file</b> with <b>FILETYPE_ASN1</b> is equivalent to <b>X509_load_cert_file</b>.</p>
+
+<p>Constant <b>FILETYPE_DEFAULT</b> with NULL filename causes these functions to load default certificate store file (see <a href="../man3/X509_STORE_set_default_paths.html">X509_STORE_set_default_paths(3)</a>.</p>
+
+<p>Functions return number of objects loaded from file or 0 in case of error.</p>
+
+<p>Both methods support adding several certificate locations into one <b>X509_STORE</b>.</p>
+
+<p>This page documents certificate store formats used by these methods and caching policy.</p>
+
+<h2 id="File-Method">File Method</h2>
+
+<p>The <b>X509_LOOKUP_file</b> method loads all the certificates or CRLs present in a file into memory at the time the file is added as a lookup source.</p>
+
+<p>File format is ASCII text which contains concatenated PEM certificates and CRLs.</p>
+
+<p>This method should be used by applications which work with a small set of CAs.</p>
+
+<h2 id="Hashed-Directory-Method">Hashed Directory Method</h2>
+
+<p><b>X509_LOOKUP_hash_dir</b> is a more advanced method, which loads certificates and CRLs on demand, and caches them in memory once they are loaded. As of OpenSSL 1.0.0, it also checks for newer CRLs upon each lookup, so that newer CRLs are as soon as they appear in the directory.</p>
+
+<p>The directory should contain one certificate or CRL per file in PEM format, with a file name of the form <i>hash</i>.<i>N</i> for a certificate, or <i>hash</i>.<b>r</b><i>N</i> for a CRL. The <i>hash</i> is the value returned by the <a href="../man3/X509_NAME_hash.html">X509_NAME_hash(3)</a> function applied to the subject name for certificates or issuer name for CRLs. The hash can also be obtained via the <b>-hash</b> option of the <a href="../man1/x509.html">x509(1)</a> or <a href="../man1/crl.html">crl(1)</a> commands.</p>
+
+<p>The .<i>N</i> or .<b>r</b><i>N</i> suffix is a sequence number that starts at zero, and is incremented consecutively for each certificate or CRL with the same <i>hash</i> value. Gaps in the sequence numbers are not supported, it is assumed that there are no more objects with the same hash beyond the first missing number in the sequence.</p>
+
+<p>Sequence numbers make it possible for the directory to contain multiple certificates with same subject name hash value. For example, it is possible to have in the store several certificates with same subject or several CRLs with same issuer (and, for example, different validity period).</p>
+
+<p>When checking for new CRLs once one CRL for given hash value is loaded, hash_dir lookup method checks only for certificates with sequence number greater than that of the already cached CRL.</p>
+
+<p>Note that the hash algorithm used for subject name hashing changed in OpenSSL 1.0.0, and all certificate stores have to be rehashed when moving from OpenSSL 0.9.8 to 1.0.0.</p>
+
+<p>OpenSSL includes a <a href="../man1/rehash.html">rehash(1)</a> utility which creates symlinks with correct hashed names for all files with .pem suffix in a given directory.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_LOOKUP_hash_dir() and X509_LOOKUP_file() always return a valid <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_load_cert_file(), X509_load_crl_file() and X509_load_cert_crl_file() return the number of loaded objects or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a>, <a href="../man3/X509_store_add_lookup.html">X509_store_add_lookup(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/X509_LOOKUP_meth_new.html">X509_LOOKUP_meth_new(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_alias_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_alias_fn.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_alias_fn.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_fingerprint_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_fingerprint_fn.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_fingerprint_fn.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_issuer_serial_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_issuer_serial_fn.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_issuer_serial_fn.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_subject_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_subject_fn.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_subject_fn.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_method_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_method_data.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_method_data.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_store.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_store.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_get_store.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_hash_dir.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_hash_dir.html
new file mode 100644
index 000000000..386450e81
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_hash_dir.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_hash_dir</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#File-Method">File Method</a></li>
+      <li><a href="#Hashed-Directory-Method">Hashed Directory Method</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_hash_dir, X509_LOOKUP_file, X509_load_cert_file, X509_load_crl_file, X509_load_cert_crl_file - Default OpenSSL certificate lookup methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+ X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>X509_LOOKUP_hash_dir</b> and <b>X509_LOOKUP_file</b> are two certificate lookup methods to use with <b>X509_STORE</b>, provided by OpenSSL library.</p>
+
+<p>Users of the library typically do not need to create instances of these methods manually, they would be created automatically by <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a> or <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> functions.</p>
+
+<p>Internally loading of certificates and CRLs is implemented via functions <b>X509_load_cert_crl_file</b>, <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b>. These functions support parameter <i>type</i>, which can be one of constants <b>FILETYPE_PEM</b>, <b>FILETYPE_ASN1</b> and <b>FILETYPE_DEFAULT</b>. They load certificates and/or CRLs from specified file into memory cache of <b>X509_STORE</b> objects which given <b>ctx</b> parameter is associated with.</p>
+
+<p>Functions <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b> can load both PEM and DER formats depending of type value. Because DER format cannot contain more than one certificate or CRL object (while PEM can contain several concatenated PEM objects) <b>X509_load_cert_crl_file</b> with <b>FILETYPE_ASN1</b> is equivalent to <b>X509_load_cert_file</b>.</p>
+
+<p>Constant <b>FILETYPE_DEFAULT</b> with NULL filename causes these functions to load default certificate store file (see <a href="../man3/X509_STORE_set_default_paths.html">X509_STORE_set_default_paths(3)</a>.</p>
+
+<p>Functions return number of objects loaded from file or 0 in case of error.</p>
+
+<p>Both methods support adding several certificate locations into one <b>X509_STORE</b>.</p>
+
+<p>This page documents certificate store formats used by these methods and caching policy.</p>
+
+<h2 id="File-Method">File Method</h2>
+
+<p>The <b>X509_LOOKUP_file</b> method loads all the certificates or CRLs present in a file into memory at the time the file is added as a lookup source.</p>
+
+<p>File format is ASCII text which contains concatenated PEM certificates and CRLs.</p>
+
+<p>This method should be used by applications which work with a small set of CAs.</p>
+
+<h2 id="Hashed-Directory-Method">Hashed Directory Method</h2>
+
+<p><b>X509_LOOKUP_hash_dir</b> is a more advanced method, which loads certificates and CRLs on demand, and caches them in memory once they are loaded. As of OpenSSL 1.0.0, it also checks for newer CRLs upon each lookup, so that newer CRLs are as soon as they appear in the directory.</p>
+
+<p>The directory should contain one certificate or CRL per file in PEM format, with a file name of the form <i>hash</i>.<i>N</i> for a certificate, or <i>hash</i>.<b>r</b><i>N</i> for a CRL. The <i>hash</i> is the value returned by the <a href="../man3/X509_NAME_hash.html">X509_NAME_hash(3)</a> function applied to the subject name for certificates or issuer name for CRLs. The hash can also be obtained via the <b>-hash</b> option of the <a href="../man1/x509.html">x509(1)</a> or <a href="../man1/crl.html">crl(1)</a> commands.</p>
+
+<p>The .<i>N</i> or .<b>r</b><i>N</i> suffix is a sequence number that starts at zero, and is incremented consecutively for each certificate or CRL with the same <i>hash</i> value. Gaps in the sequence numbers are not supported, it is assumed that there are no more objects with the same hash beyond the first missing number in the sequence.</p>
+
+<p>Sequence numbers make it possible for the directory to contain multiple certificates with same subject name hash value. For example, it is possible to have in the store several certificates with same subject or several CRLs with same issuer (and, for example, different validity period).</p>
+
+<p>When checking for new CRLs once one CRL for given hash value is loaded, hash_dir lookup method checks only for certificates with sequence number greater than that of the already cached CRL.</p>
+
+<p>Note that the hash algorithm used for subject name hashing changed in OpenSSL 1.0.0, and all certificate stores have to be rehashed when moving from OpenSSL 0.9.8 to 1.0.0.</p>
+
+<p>OpenSSL includes a <a href="../man1/rehash.html">rehash(1)</a> utility which creates symlinks with correct hashed names for all files with .pem suffix in a given directory.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_LOOKUP_hash_dir() and X509_LOOKUP_file() always return a valid <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_load_cert_file(), X509_load_crl_file() and X509_load_cert_crl_file() return the number of loaded objects or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a>, <a href="../man3/X509_store_add_lookup.html">X509_store_add_lookup(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/X509_LOOKUP_meth_new.html">X509_LOOKUP_meth_new(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_free.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_free.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_ctrl.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_ctrl.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_free.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_free.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_alias.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_alias.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_alias.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_fingerprint.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_fingerprint.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_fingerprint.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_issuer_serial.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_issuer_serial.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_issuer_serial.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_subject.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_subject.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_subject.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_init.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_init.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_init.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_new_item.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_new_item.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_new_item.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_shutdown.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_shutdown.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_new.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_new.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_ctrl.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_ctrl.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_ctrl.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_free.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_free.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_alias.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_alias.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_alias.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_fingerprint.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_fingerprint.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_fingerprint.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_issuer_serial.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_issuer_serial.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_issuer_serial.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_subject.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_subject.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_subject.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_init.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_init.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_init.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_new_item.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_new_item.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_new_item.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_shutdown.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_shutdown.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_shutdown.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_set_method_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_set_method_data.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_LOOKUP_set_method_data.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_NID.html
new file mode 100644
index 000000000..1fb65a7e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_NID.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_ENTRY_get_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data, X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID, X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                              const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                                const ASN1_OBJECT *obj, int type,
+                                                const unsigned char *bytes, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_ENTRY_get_object() retrieves the field name of <b>ne</b> in and <b>ASN1_OBJECT</b> structure.</p>
+
+<p>X509_NAME_ENTRY_get_data() retrieves the field value of <b>ne</b> in and <b>ASN1_STRING</b> structure.</p>
+
+<p>X509_NAME_ENTRY_set_object() sets the field name of <b>ne</b> to <b>obj</b>.</p>
+
+<p>X509_NAME_ENTRY_set_data() sets the field value of <b>ne</b> to string type <b>type</b> and value determined by <b>bytes</b> and <b>len</b>.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() create and return an <b>X509_NAME_ENTRY</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be used to examine an <b>X509_NAME_ENTRY</b> function as returned by X509_NAME_get_entry() for example.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data() are seldom used in practice because <b>X509_NAME_ENTRY</b> structures are almost always part of <b>X509_NAME</b> structures and the corresponding <b>X509_NAME</b> functions are typically used to create and add new entries in a single operation.</p>
+
+<p>The arguments of these functions support similar options to the similarly named ones of the corresponding <b>X509_NAME</b> functions such as X509_NAME_add_entry_by_txt(). So for example <b>type</b> can be set to <b>MBSTRING_ASC</b> but in the case of X509_set_data() the field name must be set first so the relevant field information can be looked up internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_ENTRY_get_object() returns a valid <b>ASN1_OBJECT</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_get_data() returns a valid <b>ASN1_STRING</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_set_object() and X509_NAME_ENTRY_set_data() return 1 on success or 0 on error.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() return a valid <b>X509_NAME_ENTRY</b> on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_OBJ.html
new file mode 100644
index 000000000..1fb65a7e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_OBJ.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_ENTRY_get_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data, X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID, X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                              const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                                const ASN1_OBJECT *obj, int type,
+                                                const unsigned char *bytes, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_ENTRY_get_object() retrieves the field name of <b>ne</b> in and <b>ASN1_OBJECT</b> structure.</p>
+
+<p>X509_NAME_ENTRY_get_data() retrieves the field value of <b>ne</b> in and <b>ASN1_STRING</b> structure.</p>
+
+<p>X509_NAME_ENTRY_set_object() sets the field name of <b>ne</b> to <b>obj</b>.</p>
+
+<p>X509_NAME_ENTRY_set_data() sets the field value of <b>ne</b> to string type <b>type</b> and value determined by <b>bytes</b> and <b>len</b>.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() create and return an <b>X509_NAME_ENTRY</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be used to examine an <b>X509_NAME_ENTRY</b> function as returned by X509_NAME_get_entry() for example.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data() are seldom used in practice because <b>X509_NAME_ENTRY</b> structures are almost always part of <b>X509_NAME</b> structures and the corresponding <b>X509_NAME</b> functions are typically used to create and add new entries in a single operation.</p>
+
+<p>The arguments of these functions support similar options to the similarly named ones of the corresponding <b>X509_NAME</b> functions such as X509_NAME_add_entry_by_txt(). So for example <b>type</b> can be set to <b>MBSTRING_ASC</b> but in the case of X509_set_data() the field name must be set first so the relevant field information can be looked up internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_ENTRY_get_object() returns a valid <b>ASN1_OBJECT</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_get_data() returns a valid <b>ASN1_STRING</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_set_object() and X509_NAME_ENTRY_set_data() return 1 on success or 0 on error.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() return a valid <b>X509_NAME_ENTRY</b> on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_txt.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_txt.html
new file mode 100644
index 000000000..1fb65a7e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_txt.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_ENTRY_get_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data, X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID, X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                              const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                                const ASN1_OBJECT *obj, int type,
+                                                const unsigned char *bytes, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_ENTRY_get_object() retrieves the field name of <b>ne</b> in and <b>ASN1_OBJECT</b> structure.</p>
+
+<p>X509_NAME_ENTRY_get_data() retrieves the field value of <b>ne</b> in and <b>ASN1_STRING</b> structure.</p>
+
+<p>X509_NAME_ENTRY_set_object() sets the field name of <b>ne</b> to <b>obj</b>.</p>
+
+<p>X509_NAME_ENTRY_set_data() sets the field value of <b>ne</b> to string type <b>type</b> and value determined by <b>bytes</b> and <b>len</b>.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() create and return an <b>X509_NAME_ENTRY</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be used to examine an <b>X509_NAME_ENTRY</b> function as returned by X509_NAME_get_entry() for example.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data() are seldom used in practice because <b>X509_NAME_ENTRY</b> structures are almost always part of <b>X509_NAME</b> structures and the corresponding <b>X509_NAME</b> functions are typically used to create and add new entries in a single operation.</p>
+
+<p>The arguments of these functions support similar options to the similarly named ones of the corresponding <b>X509_NAME</b> functions such as X509_NAME_add_entry_by_txt(). So for example <b>type</b> can be set to <b>MBSTRING_ASC</b> but in the case of X509_set_data() the field name must be set first so the relevant field information can be looked up internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_ENTRY_get_object() returns a valid <b>ASN1_OBJECT</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_get_data() returns a valid <b>ASN1_STRING</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_set_object() and X509_NAME_ENTRY_set_data() return 1 on success or 0 on error.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() return a valid <b>X509_NAME_ENTRY</b> on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_get_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_get_data.html
new file mode 100644
index 000000000..1fb65a7e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_get_data.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_ENTRY_get_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data, X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID, X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                              const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                                const ASN1_OBJECT *obj, int type,
+                                                const unsigned char *bytes, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_ENTRY_get_object() retrieves the field name of <b>ne</b> in and <b>ASN1_OBJECT</b> structure.</p>
+
+<p>X509_NAME_ENTRY_get_data() retrieves the field value of <b>ne</b> in and <b>ASN1_STRING</b> structure.</p>
+
+<p>X509_NAME_ENTRY_set_object() sets the field name of <b>ne</b> to <b>obj</b>.</p>
+
+<p>X509_NAME_ENTRY_set_data() sets the field value of <b>ne</b> to string type <b>type</b> and value determined by <b>bytes</b> and <b>len</b>.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() create and return an <b>X509_NAME_ENTRY</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be used to examine an <b>X509_NAME_ENTRY</b> function as returned by X509_NAME_get_entry() for example.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data() are seldom used in practice because <b>X509_NAME_ENTRY</b> structures are almost always part of <b>X509_NAME</b> structures and the corresponding <b>X509_NAME</b> functions are typically used to create and add new entries in a single operation.</p>
+
+<p>The arguments of these functions support similar options to the similarly named ones of the corresponding <b>X509_NAME</b> functions such as X509_NAME_add_entry_by_txt(). So for example <b>type</b> can be set to <b>MBSTRING_ASC</b> but in the case of X509_set_data() the field name must be set first so the relevant field information can be looked up internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_ENTRY_get_object() returns a valid <b>ASN1_OBJECT</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_get_data() returns a valid <b>ASN1_STRING</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_set_object() and X509_NAME_ENTRY_set_data() return 1 on success or 0 on error.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() return a valid <b>X509_NAME_ENTRY</b> on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_get_object.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_get_object.html
new file mode 100644
index 000000000..1fb65a7e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_get_object.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_ENTRY_get_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data, X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID, X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                              const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                                const ASN1_OBJECT *obj, int type,
+                                                const unsigned char *bytes, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_ENTRY_get_object() retrieves the field name of <b>ne</b> in and <b>ASN1_OBJECT</b> structure.</p>
+
+<p>X509_NAME_ENTRY_get_data() retrieves the field value of <b>ne</b> in and <b>ASN1_STRING</b> structure.</p>
+
+<p>X509_NAME_ENTRY_set_object() sets the field name of <b>ne</b> to <b>obj</b>.</p>
+
+<p>X509_NAME_ENTRY_set_data() sets the field value of <b>ne</b> to string type <b>type</b> and value determined by <b>bytes</b> and <b>len</b>.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() create and return an <b>X509_NAME_ENTRY</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be used to examine an <b>X509_NAME_ENTRY</b> function as returned by X509_NAME_get_entry() for example.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data() are seldom used in practice because <b>X509_NAME_ENTRY</b> structures are almost always part of <b>X509_NAME</b> structures and the corresponding <b>X509_NAME</b> functions are typically used to create and add new entries in a single operation.</p>
+
+<p>The arguments of these functions support similar options to the similarly named ones of the corresponding <b>X509_NAME</b> functions such as X509_NAME_add_entry_by_txt(). So for example <b>type</b> can be set to <b>MBSTRING_ASC</b> but in the case of X509_set_data() the field name must be set first so the relevant field information can be looked up internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_ENTRY_get_object() returns a valid <b>ASN1_OBJECT</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_get_data() returns a valid <b>ASN1_STRING</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_set_object() and X509_NAME_ENTRY_set_data() return 1 on success or 0 on error.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() return a valid <b>X509_NAME_ENTRY</b> on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_set_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_set_data.html
new file mode 100644
index 000000000..1fb65a7e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_set_data.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_ENTRY_get_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data, X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID, X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                              const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                                const ASN1_OBJECT *obj, int type,
+                                                const unsigned char *bytes, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_ENTRY_get_object() retrieves the field name of <b>ne</b> in and <b>ASN1_OBJECT</b> structure.</p>
+
+<p>X509_NAME_ENTRY_get_data() retrieves the field value of <b>ne</b> in and <b>ASN1_STRING</b> structure.</p>
+
+<p>X509_NAME_ENTRY_set_object() sets the field name of <b>ne</b> to <b>obj</b>.</p>
+
+<p>X509_NAME_ENTRY_set_data() sets the field value of <b>ne</b> to string type <b>type</b> and value determined by <b>bytes</b> and <b>len</b>.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() create and return an <b>X509_NAME_ENTRY</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be used to examine an <b>X509_NAME_ENTRY</b> function as returned by X509_NAME_get_entry() for example.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data() are seldom used in practice because <b>X509_NAME_ENTRY</b> structures are almost always part of <b>X509_NAME</b> structures and the corresponding <b>X509_NAME</b> functions are typically used to create and add new entries in a single operation.</p>
+
+<p>The arguments of these functions support similar options to the similarly named ones of the corresponding <b>X509_NAME</b> functions such as X509_NAME_add_entry_by_txt(). So for example <b>type</b> can be set to <b>MBSTRING_ASC</b> but in the case of X509_set_data() the field name must be set first so the relevant field information can be looked up internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_ENTRY_get_object() returns a valid <b>ASN1_OBJECT</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_get_data() returns a valid <b>ASN1_STRING</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_set_object() and X509_NAME_ENTRY_set_data() return 1 on success or 0 on error.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() return a valid <b>X509_NAME_ENTRY</b> on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_set_object.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_set_object.html
new file mode 100644
index 000000000..1fb65a7e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_set_object.html
@@ -0,0 +1,94 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_ENTRY_get_object</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data, X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID, X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                              const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                                int type, const unsigned char *bytes,
+                                                int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                                const ASN1_OBJECT *obj, int type,
+                                                const unsigned char *bytes, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_ENTRY_get_object() retrieves the field name of <b>ne</b> in and <b>ASN1_OBJECT</b> structure.</p>
+
+<p>X509_NAME_ENTRY_get_data() retrieves the field value of <b>ne</b> in and <b>ASN1_STRING</b> structure.</p>
+
+<p>X509_NAME_ENTRY_set_object() sets the field name of <b>ne</b> to <b>obj</b>.</p>
+
+<p>X509_NAME_ENTRY_set_data() sets the field value of <b>ne</b> to string type <b>type</b> and value determined by <b>bytes</b> and <b>len</b>.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() create and return an <b>X509_NAME_ENTRY</b> structure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be used to examine an <b>X509_NAME_ENTRY</b> function as returned by X509_NAME_get_entry() for example.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data() are seldom used in practice because <b>X509_NAME_ENTRY</b> structures are almost always part of <b>X509_NAME</b> structures and the corresponding <b>X509_NAME</b> functions are typically used to create and add new entries in a single operation.</p>
+
+<p>The arguments of these functions support similar options to the similarly named ones of the corresponding <b>X509_NAME</b> functions such as X509_NAME_add_entry_by_txt(). So for example <b>type</b> can be set to <b>MBSTRING_ASC</b> but in the case of X509_set_data() the field name must be set first so the relevant field information can be looked up internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_ENTRY_get_object() returns a valid <b>ASN1_OBJECT</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_get_data() returns a valid <b>ASN1_STRING</b> structure if it is set or NULL if an error occurred.</p>
+
+<p>X509_NAME_ENTRY_set_object() and X509_NAME_ENTRY_set_data() return 1 on success or 0 on error.</p>
+
+<p>X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_create_by_OBJ() return a valid <b>X509_NAME_ENTRY</b> on success or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/OBJ_nid2obj.html">OBJ_nid2obj(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry.html
new file mode 100644
index 000000000..e089b6fca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_add_entry_by_txt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc, int set);
+
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ() and X509_NAME_add_entry_by_NID() add a field whose name is defined by a string <b>field</b>, an object <b>obj</b> or a NID <b>nid</b> respectively. The field value to be added is in <b>bytes</b> of length <b>len</b>. If <b>len</b> is -1 then the field length is calculated internally using strlen(bytes).</p>
+
+<p>The type of field is determined by <b>type</b> which can either be a definition of the type of <b>bytes</b> (such as <b>MBSTRING_ASC</b>) or a standard ASN1 type (such as <b>V_ASN1_IA5STRING</b>). The new entry is added to a position determined by <b>loc</b> and <b>set</b>.</p>
+
+<p>X509_NAME_add_entry() adds a copy of <b>X509_NAME_ENTRY</b> structure <b>ne</b> to <b>name</b>. The new entry is added to a position determined by <b>loc</b> and <b>set</b>. Since a copy of <b>ne</b> is added <b>ne</b> must be freed up after the call.</p>
+
+<p>X509_NAME_delete_entry() deletes an entry from <b>name</b> at position <b>loc</b>. The deleted entry is returned and must be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The use of string types such as <b>MBSTRING_ASC</b> or <b>MBSTRING_UTF8</b> is strongly recommended for the <b>type</b> parameter. This allows the internal code to correctly determine the type of the field and to apply length checks according to the relevant standards. This is done using ASN1_STRING_set_by_NID().</p>
+
+<p>If instead an ASN1 type is used no checks are performed and the supplied data in <b>bytes</b> is used directly.</p>
+
+<p>In X509_NAME_add_entry_by_txt() the <b>field</b> string represents the field name using OBJ_txt2obj(field, 0).</p>
+
+<p>The <b>loc</b> and <b>set</b> parameters determine where a new entry should be added. For almost all applications <b>loc</b> can be set to -1 and <b>set</b> to 0. This adds a new entry to the end of <b>name</b> as a single valued RelativeDistinguishedName (RDN).</p>
+
+<p><b>loc</b> actually determines the index where the new entry is inserted: if it is -1 it is appended.</p>
+
+<p><b>set</b> determines how the new type is added. If it is zero a new RDN is created.</p>
+
+<p>If <b>set</b> is -1 or 1 it is added to the previous or next RDN structure respectively. This will then be a multivalued RDN: since multivalues RDNs are very seldom used <b>set</b> is almost always set to zero.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an <b>X509_NAME</b> structure:</p>
+
+<p>&quot;C=UK, O=Disorganized Organization, CN=Joe Bloggs&quot;</p>
+
+<pre><code> X509_NAME *nm;
+
+ nm = X509_NAME_new();
+ if (nm == NULL)
+     /* Some error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;C&quot;, MBSTRING_ASC,
+                                 &quot;UK&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;O&quot;, MBSTRING_ASC,
+                                 &quot;Disorganized Organization&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;CN&quot;, MBSTRING_ASC,
+                                 &quot;Joe Bloggs&quot;, -1, -1, 0))
+     /* Error */</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for success of 0 if an error occurred.</p>
+
+<p>X509_NAME_delete_entry() returns either the deleted <b>X509_NAME_ENTRY</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>type</b> can still be set to <b>V_ASN1_APP_CHOOSE</b> to use a different algorithm to determine field types. Since this form does not understand multicharacter types, performs no length checks and can result in invalid field types its use is strongly discouraged.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_NID.html
new file mode 100644
index 000000000..e089b6fca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_NID.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_add_entry_by_txt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc, int set);
+
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ() and X509_NAME_add_entry_by_NID() add a field whose name is defined by a string <b>field</b>, an object <b>obj</b> or a NID <b>nid</b> respectively. The field value to be added is in <b>bytes</b> of length <b>len</b>. If <b>len</b> is -1 then the field length is calculated internally using strlen(bytes).</p>
+
+<p>The type of field is determined by <b>type</b> which can either be a definition of the type of <b>bytes</b> (such as <b>MBSTRING_ASC</b>) or a standard ASN1 type (such as <b>V_ASN1_IA5STRING</b>). The new entry is added to a position determined by <b>loc</b> and <b>set</b>.</p>
+
+<p>X509_NAME_add_entry() adds a copy of <b>X509_NAME_ENTRY</b> structure <b>ne</b> to <b>name</b>. The new entry is added to a position determined by <b>loc</b> and <b>set</b>. Since a copy of <b>ne</b> is added <b>ne</b> must be freed up after the call.</p>
+
+<p>X509_NAME_delete_entry() deletes an entry from <b>name</b> at position <b>loc</b>. The deleted entry is returned and must be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The use of string types such as <b>MBSTRING_ASC</b> or <b>MBSTRING_UTF8</b> is strongly recommended for the <b>type</b> parameter. This allows the internal code to correctly determine the type of the field and to apply length checks according to the relevant standards. This is done using ASN1_STRING_set_by_NID().</p>
+
+<p>If instead an ASN1 type is used no checks are performed and the supplied data in <b>bytes</b> is used directly.</p>
+
+<p>In X509_NAME_add_entry_by_txt() the <b>field</b> string represents the field name using OBJ_txt2obj(field, 0).</p>
+
+<p>The <b>loc</b> and <b>set</b> parameters determine where a new entry should be added. For almost all applications <b>loc</b> can be set to -1 and <b>set</b> to 0. This adds a new entry to the end of <b>name</b> as a single valued RelativeDistinguishedName (RDN).</p>
+
+<p><b>loc</b> actually determines the index where the new entry is inserted: if it is -1 it is appended.</p>
+
+<p><b>set</b> determines how the new type is added. If it is zero a new RDN is created.</p>
+
+<p>If <b>set</b> is -1 or 1 it is added to the previous or next RDN structure respectively. This will then be a multivalued RDN: since multivalues RDNs are very seldom used <b>set</b> is almost always set to zero.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an <b>X509_NAME</b> structure:</p>
+
+<p>&quot;C=UK, O=Disorganized Organization, CN=Joe Bloggs&quot;</p>
+
+<pre><code> X509_NAME *nm;
+
+ nm = X509_NAME_new();
+ if (nm == NULL)
+     /* Some error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;C&quot;, MBSTRING_ASC,
+                                 &quot;UK&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;O&quot;, MBSTRING_ASC,
+                                 &quot;Disorganized Organization&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;CN&quot;, MBSTRING_ASC,
+                                 &quot;Joe Bloggs&quot;, -1, -1, 0))
+     /* Error */</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for success of 0 if an error occurred.</p>
+
+<p>X509_NAME_delete_entry() returns either the deleted <b>X509_NAME_ENTRY</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>type</b> can still be set to <b>V_ASN1_APP_CHOOSE</b> to use a different algorithm to determine field types. Since this form does not understand multicharacter types, performs no length checks and can result in invalid field types its use is strongly discouraged.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_OBJ.html
new file mode 100644
index 000000000..e089b6fca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_OBJ.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_add_entry_by_txt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc, int set);
+
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ() and X509_NAME_add_entry_by_NID() add a field whose name is defined by a string <b>field</b>, an object <b>obj</b> or a NID <b>nid</b> respectively. The field value to be added is in <b>bytes</b> of length <b>len</b>. If <b>len</b> is -1 then the field length is calculated internally using strlen(bytes).</p>
+
+<p>The type of field is determined by <b>type</b> which can either be a definition of the type of <b>bytes</b> (such as <b>MBSTRING_ASC</b>) or a standard ASN1 type (such as <b>V_ASN1_IA5STRING</b>). The new entry is added to a position determined by <b>loc</b> and <b>set</b>.</p>
+
+<p>X509_NAME_add_entry() adds a copy of <b>X509_NAME_ENTRY</b> structure <b>ne</b> to <b>name</b>. The new entry is added to a position determined by <b>loc</b> and <b>set</b>. Since a copy of <b>ne</b> is added <b>ne</b> must be freed up after the call.</p>
+
+<p>X509_NAME_delete_entry() deletes an entry from <b>name</b> at position <b>loc</b>. The deleted entry is returned and must be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The use of string types such as <b>MBSTRING_ASC</b> or <b>MBSTRING_UTF8</b> is strongly recommended for the <b>type</b> parameter. This allows the internal code to correctly determine the type of the field and to apply length checks according to the relevant standards. This is done using ASN1_STRING_set_by_NID().</p>
+
+<p>If instead an ASN1 type is used no checks are performed and the supplied data in <b>bytes</b> is used directly.</p>
+
+<p>In X509_NAME_add_entry_by_txt() the <b>field</b> string represents the field name using OBJ_txt2obj(field, 0).</p>
+
+<p>The <b>loc</b> and <b>set</b> parameters determine where a new entry should be added. For almost all applications <b>loc</b> can be set to -1 and <b>set</b> to 0. This adds a new entry to the end of <b>name</b> as a single valued RelativeDistinguishedName (RDN).</p>
+
+<p><b>loc</b> actually determines the index where the new entry is inserted: if it is -1 it is appended.</p>
+
+<p><b>set</b> determines how the new type is added. If it is zero a new RDN is created.</p>
+
+<p>If <b>set</b> is -1 or 1 it is added to the previous or next RDN structure respectively. This will then be a multivalued RDN: since multivalues RDNs are very seldom used <b>set</b> is almost always set to zero.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an <b>X509_NAME</b> structure:</p>
+
+<p>&quot;C=UK, O=Disorganized Organization, CN=Joe Bloggs&quot;</p>
+
+<pre><code> X509_NAME *nm;
+
+ nm = X509_NAME_new();
+ if (nm == NULL)
+     /* Some error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;C&quot;, MBSTRING_ASC,
+                                 &quot;UK&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;O&quot;, MBSTRING_ASC,
+                                 &quot;Disorganized Organization&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;CN&quot;, MBSTRING_ASC,
+                                 &quot;Joe Bloggs&quot;, -1, -1, 0))
+     /* Error */</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for success of 0 if an error occurred.</p>
+
+<p>X509_NAME_delete_entry() returns either the deleted <b>X509_NAME_ENTRY</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>type</b> can still be set to <b>V_ASN1_APP_CHOOSE</b> to use a different algorithm to determine field types. Since this form does not understand multicharacter types, performs no length checks and can result in invalid field types its use is strongly discouraged.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_txt.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_txt.html
new file mode 100644
index 000000000..e089b6fca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_txt.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_add_entry_by_txt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc, int set);
+
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ() and X509_NAME_add_entry_by_NID() add a field whose name is defined by a string <b>field</b>, an object <b>obj</b> or a NID <b>nid</b> respectively. The field value to be added is in <b>bytes</b> of length <b>len</b>. If <b>len</b> is -1 then the field length is calculated internally using strlen(bytes).</p>
+
+<p>The type of field is determined by <b>type</b> which can either be a definition of the type of <b>bytes</b> (such as <b>MBSTRING_ASC</b>) or a standard ASN1 type (such as <b>V_ASN1_IA5STRING</b>). The new entry is added to a position determined by <b>loc</b> and <b>set</b>.</p>
+
+<p>X509_NAME_add_entry() adds a copy of <b>X509_NAME_ENTRY</b> structure <b>ne</b> to <b>name</b>. The new entry is added to a position determined by <b>loc</b> and <b>set</b>. Since a copy of <b>ne</b> is added <b>ne</b> must be freed up after the call.</p>
+
+<p>X509_NAME_delete_entry() deletes an entry from <b>name</b> at position <b>loc</b>. The deleted entry is returned and must be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The use of string types such as <b>MBSTRING_ASC</b> or <b>MBSTRING_UTF8</b> is strongly recommended for the <b>type</b> parameter. This allows the internal code to correctly determine the type of the field and to apply length checks according to the relevant standards. This is done using ASN1_STRING_set_by_NID().</p>
+
+<p>If instead an ASN1 type is used no checks are performed and the supplied data in <b>bytes</b> is used directly.</p>
+
+<p>In X509_NAME_add_entry_by_txt() the <b>field</b> string represents the field name using OBJ_txt2obj(field, 0).</p>
+
+<p>The <b>loc</b> and <b>set</b> parameters determine where a new entry should be added. For almost all applications <b>loc</b> can be set to -1 and <b>set</b> to 0. This adds a new entry to the end of <b>name</b> as a single valued RelativeDistinguishedName (RDN).</p>
+
+<p><b>loc</b> actually determines the index where the new entry is inserted: if it is -1 it is appended.</p>
+
+<p><b>set</b> determines how the new type is added. If it is zero a new RDN is created.</p>
+
+<p>If <b>set</b> is -1 or 1 it is added to the previous or next RDN structure respectively. This will then be a multivalued RDN: since multivalues RDNs are very seldom used <b>set</b> is almost always set to zero.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an <b>X509_NAME</b> structure:</p>
+
+<p>&quot;C=UK, O=Disorganized Organization, CN=Joe Bloggs&quot;</p>
+
+<pre><code> X509_NAME *nm;
+
+ nm = X509_NAME_new();
+ if (nm == NULL)
+     /* Some error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;C&quot;, MBSTRING_ASC,
+                                 &quot;UK&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;O&quot;, MBSTRING_ASC,
+                                 &quot;Disorganized Organization&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;CN&quot;, MBSTRING_ASC,
+                                 &quot;Joe Bloggs&quot;, -1, -1, 0))
+     /* Error */</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for success of 0 if an error occurred.</p>
+
+<p>X509_NAME_delete_entry() returns either the deleted <b>X509_NAME_ENTRY</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>type</b> can still be set to <b>V_ASN1_APP_CHOOSE</b> to use a different algorithm to determine field types. Since this form does not understand multicharacter types, performs no length checks and can result in invalid field types its use is strongly discouraged.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_delete_entry.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_delete_entry.html
new file mode 100644
index 000000000..e089b6fca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_delete_entry.html
@@ -0,0 +1,119 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_add_entry_by_txt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+                                const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc, int set);
+
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ() and X509_NAME_add_entry_by_NID() add a field whose name is defined by a string <b>field</b>, an object <b>obj</b> or a NID <b>nid</b> respectively. The field value to be added is in <b>bytes</b> of length <b>len</b>. If <b>len</b> is -1 then the field length is calculated internally using strlen(bytes).</p>
+
+<p>The type of field is determined by <b>type</b> which can either be a definition of the type of <b>bytes</b> (such as <b>MBSTRING_ASC</b>) or a standard ASN1 type (such as <b>V_ASN1_IA5STRING</b>). The new entry is added to a position determined by <b>loc</b> and <b>set</b>.</p>
+
+<p>X509_NAME_add_entry() adds a copy of <b>X509_NAME_ENTRY</b> structure <b>ne</b> to <b>name</b>. The new entry is added to a position determined by <b>loc</b> and <b>set</b>. Since a copy of <b>ne</b> is added <b>ne</b> must be freed up after the call.</p>
+
+<p>X509_NAME_delete_entry() deletes an entry from <b>name</b> at position <b>loc</b>. The deleted entry is returned and must be freed up.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The use of string types such as <b>MBSTRING_ASC</b> or <b>MBSTRING_UTF8</b> is strongly recommended for the <b>type</b> parameter. This allows the internal code to correctly determine the type of the field and to apply length checks according to the relevant standards. This is done using ASN1_STRING_set_by_NID().</p>
+
+<p>If instead an ASN1 type is used no checks are performed and the supplied data in <b>bytes</b> is used directly.</p>
+
+<p>In X509_NAME_add_entry_by_txt() the <b>field</b> string represents the field name using OBJ_txt2obj(field, 0).</p>
+
+<p>The <b>loc</b> and <b>set</b> parameters determine where a new entry should be added. For almost all applications <b>loc</b> can be set to -1 and <b>set</b> to 0. This adds a new entry to the end of <b>name</b> as a single valued RelativeDistinguishedName (RDN).</p>
+
+<p><b>loc</b> actually determines the index where the new entry is inserted: if it is -1 it is appended.</p>
+
+<p><b>set</b> determines how the new type is added. If it is zero a new RDN is created.</p>
+
+<p>If <b>set</b> is -1 or 1 it is added to the previous or next RDN structure respectively. This will then be a multivalued RDN: since multivalues RDNs are very seldom used <b>set</b> is almost always set to zero.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an <b>X509_NAME</b> structure:</p>
+
+<p>&quot;C=UK, O=Disorganized Organization, CN=Joe Bloggs&quot;</p>
+
+<pre><code> X509_NAME *nm;
+
+ nm = X509_NAME_new();
+ if (nm == NULL)
+     /* Some error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;C&quot;, MBSTRING_ASC,
+                                 &quot;UK&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;O&quot;, MBSTRING_ASC,
+                                 &quot;Disorganized Organization&quot;, -1, -1, 0))
+     /* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, &quot;CN&quot;, MBSTRING_ASC,
+                                 &quot;Joe Bloggs&quot;, -1, -1, 0))
+     /* Error */</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for success of 0 if an error occurred.</p>
+
+<p>X509_NAME_delete_entry() returns either the deleted <b>X509_NAME_ENTRY</b> structure of <b>NULL</b> if an error occurred.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p><b>type</b> can still be set to <b>V_ASN1_APP_CHOOSE</b> to use a different algorithm to determine field types. Since this form does not understand multicharacter types, performs no length checks and can result in invalid field types its use is strongly discouraged.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_digest.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_digest.html
new file mode 100644
index 000000000..98c8462b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_digest.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_digest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_digest, PKCS7_ISSUER_AND_SERIAL_digest - get digest of various objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
+                 unsigned int *len);
+
+ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
+                     unsigned int *len);
+
+ int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+                        unsigned char *md, unsigned int *len);
+
+ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+                     unsigned char *md, unsigned int *len);
+
+ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+                      unsigned char *md, unsigned int *len);
+
+ #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+                                    const EVP_MD *type, unsigned char *md,
+                                    unsigned int *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_pubkey_digest() returns a digest of the DER representation of the public key in the specified X509 <b>data</b> object. All other functions described here return a digest of the DER representation of their entire <b>data</b> objects.</p>
+
+<p>The <b>type</b> parameter specifies the digest to be used, such as EVP_sha1(). The <b>md</b> is a pointer to the buffer where the digest will be copied and is assumed to be large enough; the constant <b>EVP_MAX_MD_SIZE</b> is suggested. The <b>len</b> parameter, if not NULL, points to a place where the digest size will be stored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions described here return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_sha1.html">EVP_sha1(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_entry_count.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_entry_count.html
new file mode 100644
index 000000000..1d1bb06da
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_entry_count.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_get_index_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry, X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ - X509_NAME lookup and enumeration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int lastpos);
+
+ int X509_NAME_entry_count(const X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>X509_NAME</b> structure to be examined. The <b>X509_NAME</b> structure is the same as the <b>Name</b> type defined in RFC2459 (and elsewhere) and used for example in certificate subject and issuer names.</p>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve the next index matching <b>nid</b> or <b>obj</b> after <b>lastpos</b>. <b>lastpos</b> should initially be set to -1. If there are no more entries -1 is returned. If <b>nid</b> is invalid (doesn&#39;t correspond to a valid OID) then -2 is returned.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries in <b>name</b>.</p>
+
+<p>X509_NAME_get_entry() retrieves the <b>X509_NAME_ENTRY</b> from <b>name</b> corresponding to index <b>loc</b>. Acceptable values for <b>loc</b> run from 0 to (X509_NAME_entry_count(name) - 1). The value returned is an internal pointer which must not be freed.</p>
+
+<p>X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve the &quot;text&quot; from the first entry in <b>name</b> which matches <b>nid</b> or <b>obj</b>, if no such entry exists -1 is returned. At most <b>len</b> bytes will be written and the text written to <b>buf</b> will be null terminated. The length of the output string written is returned excluding the terminating null. If <b>buf</b> is &lt;NULL&gt; then the amount of space needed in <b>buf</b> (excluding the final null) is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() should be considered deprecated because they have various limitations which make them of minimal use in practice. They can only find the first matching entry and will copy the contents of the field verbatim: this can be highly confusing if the target is a multicharacter string type like a BMPString or a UTF8String.</p>
+
+<p>For a more general solution X509_NAME_get_index_by_NID() or X509_NAME_get_index_by_OBJ() should be used followed by X509_NAME_get_entry() on any matching indices and then the various <b>X509_NAME_ENTRY</b> utility functions on the result.</p>
+
+<p>The list of all relevant <b>NID_*</b> and <b>OBJ_* codes</b> can be found in the source code header files &lt;openssl/obj_mac.h&gt; and/or &lt;openssl/objects.h&gt;.</p>
+
+<p>Applications which could pass invalid NIDs to X509_NAME_get_index_by_NID() should check for the return value of -2. Alternatively the NID validity can be determined first by checking OBJ_nid2obj(nid) is not NULL.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Process all entries:</p>
+
+<pre><code> int i;
+ X509_NAME_ENTRY *e;
+
+ for (i = 0; i &lt; X509_NAME_entry_count(nm); i++) {
+     e = X509_NAME_get_entry(nm, i);
+     /* Do something with e */
+ }</code></pre>
+
+<p>Process all commonName entries:</p>
+
+<pre><code> int lastpos = -1;
+ X509_NAME_ENTRY *e;
+
+ for (;;) {
+     lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+     if (lastpos == -1)
+         break;
+     e = X509_NAME_get_entry(nm, lastpos);
+     /* Do something with e */
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() return the index of the next matching entry or -1 if not found. X509_NAME_get_index_by_NID() can also return -2 if the supplied NID is invalid.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries.</p>
+
+<p>X509_NAME_get_entry() returns an <b>X509_NAME</b> pointer to the requested entry or <b>NULL</b> if the index is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get0_der.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get0_der.html
new file mode 100644
index 000000000..b2773d207
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get0_der.html
@@ -0,0 +1,57 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_get0_der</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_get0_der - get X509_NAME DER encoding</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder,
+                        size_t *pderlen)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The function X509_NAME_get0_der() returns an internal pointer to the encoding of an <b>X509_NAME</b> structure in <b>*pder</b> and consisting of <b>*pderlen</b> bytes. It is useful for applications that wish to examine the encoding of an <b>X509_NAME</b> structure without copying it.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The function X509_NAME_get0_der() returns 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_entry.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_entry.html
new file mode 100644
index 000000000..1d1bb06da
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_entry.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_get_index_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry, X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ - X509_NAME lookup and enumeration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int lastpos);
+
+ int X509_NAME_entry_count(const X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>X509_NAME</b> structure to be examined. The <b>X509_NAME</b> structure is the same as the <b>Name</b> type defined in RFC2459 (and elsewhere) and used for example in certificate subject and issuer names.</p>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve the next index matching <b>nid</b> or <b>obj</b> after <b>lastpos</b>. <b>lastpos</b> should initially be set to -1. If there are no more entries -1 is returned. If <b>nid</b> is invalid (doesn&#39;t correspond to a valid OID) then -2 is returned.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries in <b>name</b>.</p>
+
+<p>X509_NAME_get_entry() retrieves the <b>X509_NAME_ENTRY</b> from <b>name</b> corresponding to index <b>loc</b>. Acceptable values for <b>loc</b> run from 0 to (X509_NAME_entry_count(name) - 1). The value returned is an internal pointer which must not be freed.</p>
+
+<p>X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve the &quot;text&quot; from the first entry in <b>name</b> which matches <b>nid</b> or <b>obj</b>, if no such entry exists -1 is returned. At most <b>len</b> bytes will be written and the text written to <b>buf</b> will be null terminated. The length of the output string written is returned excluding the terminating null. If <b>buf</b> is &lt;NULL&gt; then the amount of space needed in <b>buf</b> (excluding the final null) is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() should be considered deprecated because they have various limitations which make them of minimal use in practice. They can only find the first matching entry and will copy the contents of the field verbatim: this can be highly confusing if the target is a multicharacter string type like a BMPString or a UTF8String.</p>
+
+<p>For a more general solution X509_NAME_get_index_by_NID() or X509_NAME_get_index_by_OBJ() should be used followed by X509_NAME_get_entry() on any matching indices and then the various <b>X509_NAME_ENTRY</b> utility functions on the result.</p>
+
+<p>The list of all relevant <b>NID_*</b> and <b>OBJ_* codes</b> can be found in the source code header files &lt;openssl/obj_mac.h&gt; and/or &lt;openssl/objects.h&gt;.</p>
+
+<p>Applications which could pass invalid NIDs to X509_NAME_get_index_by_NID() should check for the return value of -2. Alternatively the NID validity can be determined first by checking OBJ_nid2obj(nid) is not NULL.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Process all entries:</p>
+
+<pre><code> int i;
+ X509_NAME_ENTRY *e;
+
+ for (i = 0; i &lt; X509_NAME_entry_count(nm); i++) {
+     e = X509_NAME_get_entry(nm, i);
+     /* Do something with e */
+ }</code></pre>
+
+<p>Process all commonName entries:</p>
+
+<pre><code> int lastpos = -1;
+ X509_NAME_ENTRY *e;
+
+ for (;;) {
+     lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+     if (lastpos == -1)
+         break;
+     e = X509_NAME_get_entry(nm, lastpos);
+     /* Do something with e */
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() return the index of the next matching entry or -1 if not found. X509_NAME_get_index_by_NID() can also return -2 if the supplied NID is invalid.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries.</p>
+
+<p>X509_NAME_get_entry() returns an <b>X509_NAME</b> pointer to the requested entry or <b>NULL</b> if the index is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_index_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_index_by_NID.html
new file mode 100644
index 000000000..1d1bb06da
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_index_by_NID.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_get_index_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry, X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ - X509_NAME lookup and enumeration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int lastpos);
+
+ int X509_NAME_entry_count(const X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>X509_NAME</b> structure to be examined. The <b>X509_NAME</b> structure is the same as the <b>Name</b> type defined in RFC2459 (and elsewhere) and used for example in certificate subject and issuer names.</p>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve the next index matching <b>nid</b> or <b>obj</b> after <b>lastpos</b>. <b>lastpos</b> should initially be set to -1. If there are no more entries -1 is returned. If <b>nid</b> is invalid (doesn&#39;t correspond to a valid OID) then -2 is returned.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries in <b>name</b>.</p>
+
+<p>X509_NAME_get_entry() retrieves the <b>X509_NAME_ENTRY</b> from <b>name</b> corresponding to index <b>loc</b>. Acceptable values for <b>loc</b> run from 0 to (X509_NAME_entry_count(name) - 1). The value returned is an internal pointer which must not be freed.</p>
+
+<p>X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve the &quot;text&quot; from the first entry in <b>name</b> which matches <b>nid</b> or <b>obj</b>, if no such entry exists -1 is returned. At most <b>len</b> bytes will be written and the text written to <b>buf</b> will be null terminated. The length of the output string written is returned excluding the terminating null. If <b>buf</b> is &lt;NULL&gt; then the amount of space needed in <b>buf</b> (excluding the final null) is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() should be considered deprecated because they have various limitations which make them of minimal use in practice. They can only find the first matching entry and will copy the contents of the field verbatim: this can be highly confusing if the target is a multicharacter string type like a BMPString or a UTF8String.</p>
+
+<p>For a more general solution X509_NAME_get_index_by_NID() or X509_NAME_get_index_by_OBJ() should be used followed by X509_NAME_get_entry() on any matching indices and then the various <b>X509_NAME_ENTRY</b> utility functions on the result.</p>
+
+<p>The list of all relevant <b>NID_*</b> and <b>OBJ_* codes</b> can be found in the source code header files &lt;openssl/obj_mac.h&gt; and/or &lt;openssl/objects.h&gt;.</p>
+
+<p>Applications which could pass invalid NIDs to X509_NAME_get_index_by_NID() should check for the return value of -2. Alternatively the NID validity can be determined first by checking OBJ_nid2obj(nid) is not NULL.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Process all entries:</p>
+
+<pre><code> int i;
+ X509_NAME_ENTRY *e;
+
+ for (i = 0; i &lt; X509_NAME_entry_count(nm); i++) {
+     e = X509_NAME_get_entry(nm, i);
+     /* Do something with e */
+ }</code></pre>
+
+<p>Process all commonName entries:</p>
+
+<pre><code> int lastpos = -1;
+ X509_NAME_ENTRY *e;
+
+ for (;;) {
+     lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+     if (lastpos == -1)
+         break;
+     e = X509_NAME_get_entry(nm, lastpos);
+     /* Do something with e */
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() return the index of the next matching entry or -1 if not found. X509_NAME_get_index_by_NID() can also return -2 if the supplied NID is invalid.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries.</p>
+
+<p>X509_NAME_get_entry() returns an <b>X509_NAME</b> pointer to the requested entry or <b>NULL</b> if the index is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_index_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_index_by_OBJ.html
new file mode 100644
index 000000000..1d1bb06da
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_index_by_OBJ.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_get_index_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry, X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ - X509_NAME lookup and enumeration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int lastpos);
+
+ int X509_NAME_entry_count(const X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>X509_NAME</b> structure to be examined. The <b>X509_NAME</b> structure is the same as the <b>Name</b> type defined in RFC2459 (and elsewhere) and used for example in certificate subject and issuer names.</p>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve the next index matching <b>nid</b> or <b>obj</b> after <b>lastpos</b>. <b>lastpos</b> should initially be set to -1. If there are no more entries -1 is returned. If <b>nid</b> is invalid (doesn&#39;t correspond to a valid OID) then -2 is returned.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries in <b>name</b>.</p>
+
+<p>X509_NAME_get_entry() retrieves the <b>X509_NAME_ENTRY</b> from <b>name</b> corresponding to index <b>loc</b>. Acceptable values for <b>loc</b> run from 0 to (X509_NAME_entry_count(name) - 1). The value returned is an internal pointer which must not be freed.</p>
+
+<p>X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve the &quot;text&quot; from the first entry in <b>name</b> which matches <b>nid</b> or <b>obj</b>, if no such entry exists -1 is returned. At most <b>len</b> bytes will be written and the text written to <b>buf</b> will be null terminated. The length of the output string written is returned excluding the terminating null. If <b>buf</b> is &lt;NULL&gt; then the amount of space needed in <b>buf</b> (excluding the final null) is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() should be considered deprecated because they have various limitations which make them of minimal use in practice. They can only find the first matching entry and will copy the contents of the field verbatim: this can be highly confusing if the target is a multicharacter string type like a BMPString or a UTF8String.</p>
+
+<p>For a more general solution X509_NAME_get_index_by_NID() or X509_NAME_get_index_by_OBJ() should be used followed by X509_NAME_get_entry() on any matching indices and then the various <b>X509_NAME_ENTRY</b> utility functions on the result.</p>
+
+<p>The list of all relevant <b>NID_*</b> and <b>OBJ_* codes</b> can be found in the source code header files &lt;openssl/obj_mac.h&gt; and/or &lt;openssl/objects.h&gt;.</p>
+
+<p>Applications which could pass invalid NIDs to X509_NAME_get_index_by_NID() should check for the return value of -2. Alternatively the NID validity can be determined first by checking OBJ_nid2obj(nid) is not NULL.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Process all entries:</p>
+
+<pre><code> int i;
+ X509_NAME_ENTRY *e;
+
+ for (i = 0; i &lt; X509_NAME_entry_count(nm); i++) {
+     e = X509_NAME_get_entry(nm, i);
+     /* Do something with e */
+ }</code></pre>
+
+<p>Process all commonName entries:</p>
+
+<pre><code> int lastpos = -1;
+ X509_NAME_ENTRY *e;
+
+ for (;;) {
+     lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+     if (lastpos == -1)
+         break;
+     e = X509_NAME_get_entry(nm, lastpos);
+     /* Do something with e */
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() return the index of the next matching entry or -1 if not found. X509_NAME_get_index_by_NID() can also return -2 if the supplied NID is invalid.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries.</p>
+
+<p>X509_NAME_get_entry() returns an <b>X509_NAME</b> pointer to the requested entry or <b>NULL</b> if the index is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_text_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_text_by_NID.html
new file mode 100644
index 000000000..1d1bb06da
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_text_by_NID.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_get_index_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry, X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ - X509_NAME lookup and enumeration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int lastpos);
+
+ int X509_NAME_entry_count(const X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>X509_NAME</b> structure to be examined. The <b>X509_NAME</b> structure is the same as the <b>Name</b> type defined in RFC2459 (and elsewhere) and used for example in certificate subject and issuer names.</p>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve the next index matching <b>nid</b> or <b>obj</b> after <b>lastpos</b>. <b>lastpos</b> should initially be set to -1. If there are no more entries -1 is returned. If <b>nid</b> is invalid (doesn&#39;t correspond to a valid OID) then -2 is returned.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries in <b>name</b>.</p>
+
+<p>X509_NAME_get_entry() retrieves the <b>X509_NAME_ENTRY</b> from <b>name</b> corresponding to index <b>loc</b>. Acceptable values for <b>loc</b> run from 0 to (X509_NAME_entry_count(name) - 1). The value returned is an internal pointer which must not be freed.</p>
+
+<p>X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve the &quot;text&quot; from the first entry in <b>name</b> which matches <b>nid</b> or <b>obj</b>, if no such entry exists -1 is returned. At most <b>len</b> bytes will be written and the text written to <b>buf</b> will be null terminated. The length of the output string written is returned excluding the terminating null. If <b>buf</b> is &lt;NULL&gt; then the amount of space needed in <b>buf</b> (excluding the final null) is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() should be considered deprecated because they have various limitations which make them of minimal use in practice. They can only find the first matching entry and will copy the contents of the field verbatim: this can be highly confusing if the target is a multicharacter string type like a BMPString or a UTF8String.</p>
+
+<p>For a more general solution X509_NAME_get_index_by_NID() or X509_NAME_get_index_by_OBJ() should be used followed by X509_NAME_get_entry() on any matching indices and then the various <b>X509_NAME_ENTRY</b> utility functions on the result.</p>
+
+<p>The list of all relevant <b>NID_*</b> and <b>OBJ_* codes</b> can be found in the source code header files &lt;openssl/obj_mac.h&gt; and/or &lt;openssl/objects.h&gt;.</p>
+
+<p>Applications which could pass invalid NIDs to X509_NAME_get_index_by_NID() should check for the return value of -2. Alternatively the NID validity can be determined first by checking OBJ_nid2obj(nid) is not NULL.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Process all entries:</p>
+
+<pre><code> int i;
+ X509_NAME_ENTRY *e;
+
+ for (i = 0; i &lt; X509_NAME_entry_count(nm); i++) {
+     e = X509_NAME_get_entry(nm, i);
+     /* Do something with e */
+ }</code></pre>
+
+<p>Process all commonName entries:</p>
+
+<pre><code> int lastpos = -1;
+ X509_NAME_ENTRY *e;
+
+ for (;;) {
+     lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+     if (lastpos == -1)
+         break;
+     e = X509_NAME_get_entry(nm, lastpos);
+     /* Do something with e */
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() return the index of the next matching entry or -1 if not found. X509_NAME_get_index_by_NID() can also return -2 if the supplied NID is invalid.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries.</p>
+
+<p>X509_NAME_get_entry() returns an <b>X509_NAME</b> pointer to the requested entry or <b>NULL</b> if the index is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_text_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_text_by_OBJ.html
new file mode 100644
index 000000000..1d1bb06da
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_get_text_by_OBJ.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_get_index_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry, X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ - X509_NAME lookup and enumeration functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int lastpos);
+
+ int X509_NAME_entry_count(const X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf, int len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions allow an <b>X509_NAME</b> structure to be examined. The <b>X509_NAME</b> structure is the same as the <b>Name</b> type defined in RFC2459 (and elsewhere) and used for example in certificate subject and issuer names.</p>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve the next index matching <b>nid</b> or <b>obj</b> after <b>lastpos</b>. <b>lastpos</b> should initially be set to -1. If there are no more entries -1 is returned. If <b>nid</b> is invalid (doesn&#39;t correspond to a valid OID) then -2 is returned.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries in <b>name</b>.</p>
+
+<p>X509_NAME_get_entry() retrieves the <b>X509_NAME_ENTRY</b> from <b>name</b> corresponding to index <b>loc</b>. Acceptable values for <b>loc</b> run from 0 to (X509_NAME_entry_count(name) - 1). The value returned is an internal pointer which must not be freed.</p>
+
+<p>X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve the &quot;text&quot; from the first entry in <b>name</b> which matches <b>nid</b> or <b>obj</b>, if no such entry exists -1 is returned. At most <b>len</b> bytes will be written and the text written to <b>buf</b> will be null terminated. The length of the output string written is returned excluding the terminating null. If <b>buf</b> is &lt;NULL&gt; then the amount of space needed in <b>buf</b> (excluding the final null) is returned.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() should be considered deprecated because they have various limitations which make them of minimal use in practice. They can only find the first matching entry and will copy the contents of the field verbatim: this can be highly confusing if the target is a multicharacter string type like a BMPString or a UTF8String.</p>
+
+<p>For a more general solution X509_NAME_get_index_by_NID() or X509_NAME_get_index_by_OBJ() should be used followed by X509_NAME_get_entry() on any matching indices and then the various <b>X509_NAME_ENTRY</b> utility functions on the result.</p>
+
+<p>The list of all relevant <b>NID_*</b> and <b>OBJ_* codes</b> can be found in the source code header files &lt;openssl/obj_mac.h&gt; and/or &lt;openssl/objects.h&gt;.</p>
+
+<p>Applications which could pass invalid NIDs to X509_NAME_get_index_by_NID() should check for the return value of -2. Alternatively the NID validity can be determined first by checking OBJ_nid2obj(nid) is not NULL.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Process all entries:</p>
+
+<pre><code> int i;
+ X509_NAME_ENTRY *e;
+
+ for (i = 0; i &lt; X509_NAME_entry_count(nm); i++) {
+     e = X509_NAME_get_entry(nm, i);
+     /* Do something with e */
+ }</code></pre>
+
+<p>Process all commonName entries:</p>
+
+<pre><code> int lastpos = -1;
+ X509_NAME_ENTRY *e;
+
+ for (;;) {
+     lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+     if (lastpos == -1)
+         break;
+     e = X509_NAME_get_entry(nm, lastpos);
+     /* Do something with e */
+ }</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() return the index of the next matching entry or -1 if not found. X509_NAME_get_index_by_NID() can also return -2 if the supplied NID is invalid.</p>
+
+<p>X509_NAME_entry_count() returns the total number of entries.</p>
+
+<p>X509_NAME_get_entry() returns an <b>X509_NAME</b> pointer to the requested entry or <b>NULL</b> if the index is invalid.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_oneline.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_oneline.html
new file mode 100644
index 000000000..95ba201d4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_oneline.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_print_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_print_ex, X509_NAME_print_ex_fp, X509_NAME_print, X509_NAME_oneline - X509_NAME printing routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, unsigned long flags);
+ int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, unsigned long flags);
+ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
+ int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_print_ex() prints a human readable version of <b>nm</b> to BIO <b>out</b>. Each line (for multiline formats) is indented by <b>indent</b> spaces. The output format can be extensively customised by use of the <b>flags</b> parameter.</p>
+
+<p>X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is written to FILE pointer <b>fp</b>.</p>
+
+<p>X509_NAME_oneline() prints an ASCII version of <b>a</b> to <b>buf</b>. If <b>buf</b> is <b>NULL</b> then a buffer is dynamically allocated and returned, and <b>size</b> is ignored. Otherwise, at most <b>size</b> bytes will be written, including the ending &#39;\0&#39;, and <b>buf</b> is returned.</p>
+
+<p>X509_NAME_print() prints out <b>name</b> to <b>bp</b> indenting each line by <b>obase</b> characters. Multiple lines are used if the output (including indent) exceeds 80 characters.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The functions X509_NAME_oneline() and X509_NAME_print() produce a non standard output form, they don&#39;t handle multi character fields and have various quirks and inconsistencies. Their use is strongly discouraged in new applications and they could be deprecated in a future release.</p>
+
+<p>Although there are a large number of possible flags for most purposes <b>XN_FLAG_ONELINE</b>, <b>XN_FLAG_MULTILINE</b> or <b>XN_FLAG_RFC2253</b> will suffice. As noted on the <a href="../man3/ASN1_STRING_print_ex.html">ASN1_STRING_print_ex(3)</a> manual page for UTF8 terminals the <b>ASN1_STRFLGS_ESC_MSB</b> should be unset: so for example <b>XN_FLAG_ONELINE &amp; ~ASN1_STRFLGS_ESC_MSB</b> would be used.</p>
+
+<p>The complete set of the flags supported by X509_NAME_print_ex() is listed below.</p>
+
+<p>Several options can be ored together.</p>
+
+<p>The options <b>XN_FLAG_SEP_COMMA_PLUS</b>, <b>XN_FLAG_SEP_CPLUS_SPC</b>, <b>XN_FLAG_SEP_SPLUS_SPC</b> and <b>XN_FLAG_SEP_MULTILINE</b> determine the field separators to use. Two distinct separators are used between distinct RelativeDistinguishedName components and separate values in the same RDN for a multi-valued RDN. Multi-valued RDNs are currently very rare so the second separator will hardly ever be used.</p>
+
+<p><b>XN_FLAG_SEP_COMMA_PLUS</b> uses comma and plus as separators. <b>XN_FLAG_SEP_CPLUS_SPC</b> uses comma and plus with spaces: this is more readable that plain comma and plus. <b>XN_FLAG_SEP_SPLUS_SPC</b> uses spaced semicolon and plus. <b>XN_FLAG_SEP_MULTILINE</b> uses spaced newline and plus respectively.</p>
+
+<p>If <b>XN_FLAG_DN_REV</b> is set the whole DN is printed in reversed order.</p>
+
+<p>The fields <b>XN_FLAG_FN_SN</b>, <b>XN_FLAG_FN_LN</b>, <b>XN_FLAG_FN_OID</b>, <b>XN_FLAG_FN_NONE</b> determine how a field name is displayed. It will use the short name (e.g. CN) the long name (e.g. commonName) always use OID numerical form (normally OIDs are only used if the field name is not recognised) and no field name respectively.</p>
+
+<p>If <b>XN_FLAG_SPC_EQ</b> is set then spaces will be placed around the &#39;=&#39; character separating field names and values.</p>
+
+<p>If <b>XN_FLAG_DUMP_UNKNOWN_FIELDS</b> is set then the encoding of unknown fields is printed instead of the values.</p>
+
+<p>If <b>XN_FLAG_FN_ALIGN</b> is set then field names are padded to 20 characters: this is only of use for multiline format.</p>
+
+<p>Additionally all the options supported by ASN1_STRING_print_ex() can be used to control how each field value is displayed.</p>
+
+<p>In addition a number options can be set for commonly used formats.</p>
+
+<p><b>XN_FLAG_RFC2253</b> sets options which produce an output compatible with RFC2253 it is equivalent to: <b>ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS</b></p>
+
+<p><b>XN_FLAG_ONELINE</b> is a more readable one line format which is the same as: <b>ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN</b></p>
+
+<p><b>XN_FLAG_MULTILINE</b> is a multiline format which is the same as: <b>ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN</b></p>
+
+<p><b>XN_FLAG_COMPAT</b> uses a format identical to X509_NAME_print(): in fact it calls X509_NAME_print() internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_oneline() returns a valid string on success or NULL on error.</p>
+
+<p>X509_NAME_print() returns 1 on success or 0 on error.</p>
+
+<p>X509_NAME_print_ex() and X509_NAME_print_ex_fp() return 1 on success or 0 on error if the <b>XN_FLAG_COMPAT</b> is set, which is the same as X509_NAME_print(). Otherwise, it returns -1 on error or other values on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ASN1_STRING_print_ex.html">ASN1_STRING_print_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print.html
new file mode 100644
index 000000000..95ba201d4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_print_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_print_ex, X509_NAME_print_ex_fp, X509_NAME_print, X509_NAME_oneline - X509_NAME printing routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, unsigned long flags);
+ int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, unsigned long flags);
+ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
+ int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_print_ex() prints a human readable version of <b>nm</b> to BIO <b>out</b>. Each line (for multiline formats) is indented by <b>indent</b> spaces. The output format can be extensively customised by use of the <b>flags</b> parameter.</p>
+
+<p>X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is written to FILE pointer <b>fp</b>.</p>
+
+<p>X509_NAME_oneline() prints an ASCII version of <b>a</b> to <b>buf</b>. If <b>buf</b> is <b>NULL</b> then a buffer is dynamically allocated and returned, and <b>size</b> is ignored. Otherwise, at most <b>size</b> bytes will be written, including the ending &#39;\0&#39;, and <b>buf</b> is returned.</p>
+
+<p>X509_NAME_print() prints out <b>name</b> to <b>bp</b> indenting each line by <b>obase</b> characters. Multiple lines are used if the output (including indent) exceeds 80 characters.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The functions X509_NAME_oneline() and X509_NAME_print() produce a non standard output form, they don&#39;t handle multi character fields and have various quirks and inconsistencies. Their use is strongly discouraged in new applications and they could be deprecated in a future release.</p>
+
+<p>Although there are a large number of possible flags for most purposes <b>XN_FLAG_ONELINE</b>, <b>XN_FLAG_MULTILINE</b> or <b>XN_FLAG_RFC2253</b> will suffice. As noted on the <a href="../man3/ASN1_STRING_print_ex.html">ASN1_STRING_print_ex(3)</a> manual page for UTF8 terminals the <b>ASN1_STRFLGS_ESC_MSB</b> should be unset: so for example <b>XN_FLAG_ONELINE &amp; ~ASN1_STRFLGS_ESC_MSB</b> would be used.</p>
+
+<p>The complete set of the flags supported by X509_NAME_print_ex() is listed below.</p>
+
+<p>Several options can be ored together.</p>
+
+<p>The options <b>XN_FLAG_SEP_COMMA_PLUS</b>, <b>XN_FLAG_SEP_CPLUS_SPC</b>, <b>XN_FLAG_SEP_SPLUS_SPC</b> and <b>XN_FLAG_SEP_MULTILINE</b> determine the field separators to use. Two distinct separators are used between distinct RelativeDistinguishedName components and separate values in the same RDN for a multi-valued RDN. Multi-valued RDNs are currently very rare so the second separator will hardly ever be used.</p>
+
+<p><b>XN_FLAG_SEP_COMMA_PLUS</b> uses comma and plus as separators. <b>XN_FLAG_SEP_CPLUS_SPC</b> uses comma and plus with spaces: this is more readable that plain comma and plus. <b>XN_FLAG_SEP_SPLUS_SPC</b> uses spaced semicolon and plus. <b>XN_FLAG_SEP_MULTILINE</b> uses spaced newline and plus respectively.</p>
+
+<p>If <b>XN_FLAG_DN_REV</b> is set the whole DN is printed in reversed order.</p>
+
+<p>The fields <b>XN_FLAG_FN_SN</b>, <b>XN_FLAG_FN_LN</b>, <b>XN_FLAG_FN_OID</b>, <b>XN_FLAG_FN_NONE</b> determine how a field name is displayed. It will use the short name (e.g. CN) the long name (e.g. commonName) always use OID numerical form (normally OIDs are only used if the field name is not recognised) and no field name respectively.</p>
+
+<p>If <b>XN_FLAG_SPC_EQ</b> is set then spaces will be placed around the &#39;=&#39; character separating field names and values.</p>
+
+<p>If <b>XN_FLAG_DUMP_UNKNOWN_FIELDS</b> is set then the encoding of unknown fields is printed instead of the values.</p>
+
+<p>If <b>XN_FLAG_FN_ALIGN</b> is set then field names are padded to 20 characters: this is only of use for multiline format.</p>
+
+<p>Additionally all the options supported by ASN1_STRING_print_ex() can be used to control how each field value is displayed.</p>
+
+<p>In addition a number options can be set for commonly used formats.</p>
+
+<p><b>XN_FLAG_RFC2253</b> sets options which produce an output compatible with RFC2253 it is equivalent to: <b>ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS</b></p>
+
+<p><b>XN_FLAG_ONELINE</b> is a more readable one line format which is the same as: <b>ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN</b></p>
+
+<p><b>XN_FLAG_MULTILINE</b> is a multiline format which is the same as: <b>ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN</b></p>
+
+<p><b>XN_FLAG_COMPAT</b> uses a format identical to X509_NAME_print(): in fact it calls X509_NAME_print() internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_oneline() returns a valid string on success or NULL on error.</p>
+
+<p>X509_NAME_print() returns 1 on success or 0 on error.</p>
+
+<p>X509_NAME_print_ex() and X509_NAME_print_ex_fp() return 1 on success or 0 on error if the <b>XN_FLAG_COMPAT</b> is set, which is the same as X509_NAME_print(). Otherwise, it returns -1 on error or other values on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ASN1_STRING_print_ex.html">ASN1_STRING_print_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print_ex.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print_ex.html
new file mode 100644
index 000000000..95ba201d4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print_ex.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_print_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_print_ex, X509_NAME_print_ex_fp, X509_NAME_print, X509_NAME_oneline - X509_NAME printing routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, unsigned long flags);
+ int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, unsigned long flags);
+ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
+ int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_print_ex() prints a human readable version of <b>nm</b> to BIO <b>out</b>. Each line (for multiline formats) is indented by <b>indent</b> spaces. The output format can be extensively customised by use of the <b>flags</b> parameter.</p>
+
+<p>X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is written to FILE pointer <b>fp</b>.</p>
+
+<p>X509_NAME_oneline() prints an ASCII version of <b>a</b> to <b>buf</b>. If <b>buf</b> is <b>NULL</b> then a buffer is dynamically allocated and returned, and <b>size</b> is ignored. Otherwise, at most <b>size</b> bytes will be written, including the ending &#39;\0&#39;, and <b>buf</b> is returned.</p>
+
+<p>X509_NAME_print() prints out <b>name</b> to <b>bp</b> indenting each line by <b>obase</b> characters. Multiple lines are used if the output (including indent) exceeds 80 characters.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The functions X509_NAME_oneline() and X509_NAME_print() produce a non standard output form, they don&#39;t handle multi character fields and have various quirks and inconsistencies. Their use is strongly discouraged in new applications and they could be deprecated in a future release.</p>
+
+<p>Although there are a large number of possible flags for most purposes <b>XN_FLAG_ONELINE</b>, <b>XN_FLAG_MULTILINE</b> or <b>XN_FLAG_RFC2253</b> will suffice. As noted on the <a href="../man3/ASN1_STRING_print_ex.html">ASN1_STRING_print_ex(3)</a> manual page for UTF8 terminals the <b>ASN1_STRFLGS_ESC_MSB</b> should be unset: so for example <b>XN_FLAG_ONELINE &amp; ~ASN1_STRFLGS_ESC_MSB</b> would be used.</p>
+
+<p>The complete set of the flags supported by X509_NAME_print_ex() is listed below.</p>
+
+<p>Several options can be ored together.</p>
+
+<p>The options <b>XN_FLAG_SEP_COMMA_PLUS</b>, <b>XN_FLAG_SEP_CPLUS_SPC</b>, <b>XN_FLAG_SEP_SPLUS_SPC</b> and <b>XN_FLAG_SEP_MULTILINE</b> determine the field separators to use. Two distinct separators are used between distinct RelativeDistinguishedName components and separate values in the same RDN for a multi-valued RDN. Multi-valued RDNs are currently very rare so the second separator will hardly ever be used.</p>
+
+<p><b>XN_FLAG_SEP_COMMA_PLUS</b> uses comma and plus as separators. <b>XN_FLAG_SEP_CPLUS_SPC</b> uses comma and plus with spaces: this is more readable that plain comma and plus. <b>XN_FLAG_SEP_SPLUS_SPC</b> uses spaced semicolon and plus. <b>XN_FLAG_SEP_MULTILINE</b> uses spaced newline and plus respectively.</p>
+
+<p>If <b>XN_FLAG_DN_REV</b> is set the whole DN is printed in reversed order.</p>
+
+<p>The fields <b>XN_FLAG_FN_SN</b>, <b>XN_FLAG_FN_LN</b>, <b>XN_FLAG_FN_OID</b>, <b>XN_FLAG_FN_NONE</b> determine how a field name is displayed. It will use the short name (e.g. CN) the long name (e.g. commonName) always use OID numerical form (normally OIDs are only used if the field name is not recognised) and no field name respectively.</p>
+
+<p>If <b>XN_FLAG_SPC_EQ</b> is set then spaces will be placed around the &#39;=&#39; character separating field names and values.</p>
+
+<p>If <b>XN_FLAG_DUMP_UNKNOWN_FIELDS</b> is set then the encoding of unknown fields is printed instead of the values.</p>
+
+<p>If <b>XN_FLAG_FN_ALIGN</b> is set then field names are padded to 20 characters: this is only of use for multiline format.</p>
+
+<p>Additionally all the options supported by ASN1_STRING_print_ex() can be used to control how each field value is displayed.</p>
+
+<p>In addition a number options can be set for commonly used formats.</p>
+
+<p><b>XN_FLAG_RFC2253</b> sets options which produce an output compatible with RFC2253 it is equivalent to: <b>ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS</b></p>
+
+<p><b>XN_FLAG_ONELINE</b> is a more readable one line format which is the same as: <b>ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN</b></p>
+
+<p><b>XN_FLAG_MULTILINE</b> is a multiline format which is the same as: <b>ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN</b></p>
+
+<p><b>XN_FLAG_COMPAT</b> uses a format identical to X509_NAME_print(): in fact it calls X509_NAME_print() internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_oneline() returns a valid string on success or NULL on error.</p>
+
+<p>X509_NAME_print() returns 1 on success or 0 on error.</p>
+
+<p>X509_NAME_print_ex() and X509_NAME_print_ex_fp() return 1 on success or 0 on error if the <b>XN_FLAG_COMPAT</b> is set, which is the same as X509_NAME_print(). Otherwise, it returns -1 on error or other values on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ASN1_STRING_print_ex.html">ASN1_STRING_print_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print_ex_fp.html b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print_ex_fp.html
new file mode 100644
index 000000000..95ba201d4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_NAME_print_ex_fp.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_NAME_print_ex</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_NAME_print_ex, X509_NAME_print_ex_fp, X509_NAME_print, X509_NAME_oneline - X509_NAME printing routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, unsigned long flags);
+ int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, unsigned long flags);
+ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
+ int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_NAME_print_ex() prints a human readable version of <b>nm</b> to BIO <b>out</b>. Each line (for multiline formats) is indented by <b>indent</b> spaces. The output format can be extensively customised by use of the <b>flags</b> parameter.</p>
+
+<p>X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is written to FILE pointer <b>fp</b>.</p>
+
+<p>X509_NAME_oneline() prints an ASCII version of <b>a</b> to <b>buf</b>. If <b>buf</b> is <b>NULL</b> then a buffer is dynamically allocated and returned, and <b>size</b> is ignored. Otherwise, at most <b>size</b> bytes will be written, including the ending &#39;\0&#39;, and <b>buf</b> is returned.</p>
+
+<p>X509_NAME_print() prints out <b>name</b> to <b>bp</b> indenting each line by <b>obase</b> characters. Multiple lines are used if the output (including indent) exceeds 80 characters.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The functions X509_NAME_oneline() and X509_NAME_print() produce a non standard output form, they don&#39;t handle multi character fields and have various quirks and inconsistencies. Their use is strongly discouraged in new applications and they could be deprecated in a future release.</p>
+
+<p>Although there are a large number of possible flags for most purposes <b>XN_FLAG_ONELINE</b>, <b>XN_FLAG_MULTILINE</b> or <b>XN_FLAG_RFC2253</b> will suffice. As noted on the <a href="../man3/ASN1_STRING_print_ex.html">ASN1_STRING_print_ex(3)</a> manual page for UTF8 terminals the <b>ASN1_STRFLGS_ESC_MSB</b> should be unset: so for example <b>XN_FLAG_ONELINE &amp; ~ASN1_STRFLGS_ESC_MSB</b> would be used.</p>
+
+<p>The complete set of the flags supported by X509_NAME_print_ex() is listed below.</p>
+
+<p>Several options can be ored together.</p>
+
+<p>The options <b>XN_FLAG_SEP_COMMA_PLUS</b>, <b>XN_FLAG_SEP_CPLUS_SPC</b>, <b>XN_FLAG_SEP_SPLUS_SPC</b> and <b>XN_FLAG_SEP_MULTILINE</b> determine the field separators to use. Two distinct separators are used between distinct RelativeDistinguishedName components and separate values in the same RDN for a multi-valued RDN. Multi-valued RDNs are currently very rare so the second separator will hardly ever be used.</p>
+
+<p><b>XN_FLAG_SEP_COMMA_PLUS</b> uses comma and plus as separators. <b>XN_FLAG_SEP_CPLUS_SPC</b> uses comma and plus with spaces: this is more readable that plain comma and plus. <b>XN_FLAG_SEP_SPLUS_SPC</b> uses spaced semicolon and plus. <b>XN_FLAG_SEP_MULTILINE</b> uses spaced newline and plus respectively.</p>
+
+<p>If <b>XN_FLAG_DN_REV</b> is set the whole DN is printed in reversed order.</p>
+
+<p>The fields <b>XN_FLAG_FN_SN</b>, <b>XN_FLAG_FN_LN</b>, <b>XN_FLAG_FN_OID</b>, <b>XN_FLAG_FN_NONE</b> determine how a field name is displayed. It will use the short name (e.g. CN) the long name (e.g. commonName) always use OID numerical form (normally OIDs are only used if the field name is not recognised) and no field name respectively.</p>
+
+<p>If <b>XN_FLAG_SPC_EQ</b> is set then spaces will be placed around the &#39;=&#39; character separating field names and values.</p>
+
+<p>If <b>XN_FLAG_DUMP_UNKNOWN_FIELDS</b> is set then the encoding of unknown fields is printed instead of the values.</p>
+
+<p>If <b>XN_FLAG_FN_ALIGN</b> is set then field names are padded to 20 characters: this is only of use for multiline format.</p>
+
+<p>Additionally all the options supported by ASN1_STRING_print_ex() can be used to control how each field value is displayed.</p>
+
+<p>In addition a number options can be set for commonly used formats.</p>
+
+<p><b>XN_FLAG_RFC2253</b> sets options which produce an output compatible with RFC2253 it is equivalent to: <b>ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS</b></p>
+
+<p><b>XN_FLAG_ONELINE</b> is a more readable one line format which is the same as: <b>ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN</b></p>
+
+<p><b>XN_FLAG_MULTILINE</b> is a multiline format which is the same as: <b>ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN</b></p>
+
+<p><b>XN_FLAG_COMPAT</b> uses a format identical to X509_NAME_print(): in fact it calls X509_NAME_print() internally.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_NAME_oneline() returns a valid string on success or NULL on error.</p>
+
+<p>X509_NAME_print() returns 1 on success or 0 on error.</p>
+
+<p>X509_NAME_print_ex() and X509_NAME_print_ex_fp() return 1 on success or 0 on error if the <b>XN_FLAG_COMPAT</b> is set, which is the same as X509_NAME_print(). Otherwise, it returns -1 on error or other values on success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ASN1_STRING_print_ex.html">ASN1_STRING_print_ex(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_OBJECT_set1_X509.html b/msys2/usr/share/doc/openssl/html/man3/X509_OBJECT_set1_X509.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_OBJECT_set1_X509.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_OBJECT_set1_X509_CRL.html b/msys2/usr/share/doc/openssl/html/man3/X509_OBJECT_set1_X509_CRL.html
new file mode 100644
index 000000000..33e86d7b7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_OBJECT_set1_X509_CRL.html
@@ -0,0 +1,157 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_meth_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown, X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject, X509_LOOKUP_meth_get_get_by_subject, X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial, X509_LOOKUP_meth_get_get_by_issuer_serial, X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint, X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL - Routines to build up X509_LOOKUP methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+ void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+                                   int (*new_item) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+                               void (*free) (X509_LOOKUP *ctx));
+ void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+                               int (*init) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+                                   int (*shutdown) (X509_LOOKUP *ctx));
+ int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+     (X509_LOOKUP *ctx);
+
+ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+                                    long argl, char **ret);
+ int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_ctrl_fn ctrl_fn);
+ X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+                                              X509_LOOKUP_TYPE type,
+                                              X509_NAME *name,
+                                              X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_subject_fn fn);
+ X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+                                                    X509_LOOKUP_TYPE type,
+                                                    X509_NAME *name,
+                                                    ASN1_INTEGER *serial,
+                                                    X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_issuer_serial(
+     X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
+ X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+                                                  X509_LOOKUP_TYPE type,
+                                                  const unsigned char* bytes,
+                                                  int len,
+                                                  X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_fingerprint_fn fn);
+ X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+     const X509_LOOKUP_METHOD *method);
+
+ typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+                                            X509_LOOKUP_TYPE type,
+                                            const char *str,
+                                            int len,
+                                            X509_OBJECT *ret);
+ int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+     X509_LOOKUP_get_by_alias_fn fn);
+ X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+     const X509_LOOKUP_METHOD *method);
+
+ int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+ void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+
+ X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+
+ int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+ int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_LOOKUP_METHOD</b> type is a structure used for the implementation of new X509_LOOKUP types. It provides a set of functions used by OpenSSL for the implementation of various X509 and X509_CRL lookup capabilities. One instance of an X509_LOOKUP_METHOD can be associated to many instantiations of an <b>X509_LOOKUP</b> structure.</p>
+
+<p>X509_LOOKUP_meth_new() creates a new <b>X509_LOOKUP_METHOD</b> structure. It should be given a human-readable string containing a brief description of the lookup method.</p>
+
+<p>X509_LOOKUP_meth_free() destroys a <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the function that is called when an <b>X509_LOOKUP</b> object is created with X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP specific data, the supplied new_item function should allocate this data and invoke X509_LOOKUP_set_method_data().</p>
+
+<p>X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function that is used to free any method data that was allocated and set from within new_item function.</p>
+
+<p>X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the function that is used to initialize the method data that was set with X509_LOOKUP_set_method_data() as part of the new_item routine.</p>
+
+<p>X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set the function that is used to shut down the method data whose state was previously initialized in the init function.</p>
+
+<p>X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a function to be used to handle arbitrary control commands issued by X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP <b>ctx</b>, along with the arguments passed by X509_LOOKUP_ctrl. <b>cmd</b> is an arbitrary integer that defines some operation. <b>argc</b> is a pointer to an array of characters. <b>argl</b> is an integer. <b>ret</b>, if set, points to a location where any return data should be written to. How <b>argc</b> and <b>argl</b> are used depends entirely on the control function.</p>
+
+<p>X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(), X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set the functions used to retrieve an X509 or X509_CRL object by the object&#39;s subject, issuer, fingerprint, and alias respectively. These functions are given the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters related to the lookup, and an X509_OBJECT that will receive the requested object.</p>
+
+<p>Implementations should use either X509_OBJECT_set1_X509() or X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was created as a result of the new_item function set by X509_LOOKUP_meth_set_new_item() can be accessed with X509_LOOKUP_get_method_data(). The <b>X509_STORE</b> object that owns the X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups should return 1, and unsuccessful lookups should return 0.</p>
+
+<p>X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(), X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve the function set by the corresponding setter.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The <b>X509_LOOKUP_meth_set</b> functions return 1 on success or 0 on error.</p>
+
+<p>The <b>X509_LOOKUP_meth_get</b> functions return the corresponding function pointers.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The functions described here were added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_free.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_free.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get.html b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get0.html b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get0.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get0.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get0_param.html b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get0_param.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_get0_param.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_new.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_new.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_set.html b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_set.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_set.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_set0_param.html b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_set0_param.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_PUBKEY_set0_param.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_INFO_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_INFO_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_INFO_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_INFO_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_INFO_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_INFO_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_check_private_key.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_check_private_key.html
new file mode 100644
index 000000000..8b6b15416
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_check_private_key.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_check_private_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_check_private_key, X509_REQ_check_private_key - check the consistency of a private key with the public key in an X509 certificate or certificate request</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_check_private_key(X509 *x, EVP_PKEY *k);
+
+ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_check_private_key() function checks the consistency of private key <b>k</b> with the public key in <b>x</b>.</p>
+
+<p>X509_REQ_check_private_key() is equivalent to X509_check_private_key() except that <b>x</b> represents a certificate request of structure <b>X509_REQ</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_check_private_key() and X509_REQ_check_private_key() return 1 if the keys match each other, and 0 if not.</p>
+
+<p>If the key is invalid or an error occurred, the reason code can be obtained using <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The <b>check_private_key</b> functions don&#39;t check if <b>k</b> itself is indeed a private key or not. It merely compares the public materials (e.g. exponent and modulus of an RSA key) and/or key parameters (e.g. EC params of an EC key) of a key pair. So if you pass a public key to these functions in <b>k</b>, it will return success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_digest.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_digest.html
new file mode 100644
index 000000000..98c8462b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_digest.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_digest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_digest, PKCS7_ISSUER_AND_SERIAL_digest - get digest of various objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
+                 unsigned int *len);
+
+ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
+                     unsigned int *len);
+
+ int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+                        unsigned char *md, unsigned int *len);
+
+ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+                     unsigned char *md, unsigned int *len);
+
+ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+                      unsigned char *md, unsigned int *len);
+
+ #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+                                    const EVP_MD *type, unsigned char *md,
+                                    unsigned int *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_pubkey_digest() returns a digest of the DER representation of the public key in the specified X509 <b>data</b> object. All other functions described here return a digest of the DER representation of their entire <b>data</b> objects.</p>
+
+<p>The <b>type</b> parameter specifies the digest to be used, such as EVP_sha1(). The <b>md</b> is a pointer to the buffer where the digest will be copied and is assumed to be large enough; the constant <b>EVP_MAX_MD_SIZE</b> is suggested. The <b>len</b> parameter, if not NULL, points to a place where the digest size will be stored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions described here return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_sha1.html">EVP_sha1(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get0_pubkey.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get0_pubkey.html
new file mode 100644
index 000000000..28c43843e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get0_pubkey.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_pubkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request public key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ EVP_PKEY *X509_get_pubkey(X509 *x);
+ EVP_PKEY *X509_get0_pubkey(const X509 *x);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
+
+ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+ EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_pubkey() attempts to decode the public key for certificate <b>x</b>. If successful it returns the public key as an <b>EVP_PKEY</b> pointer with its reference count incremented: this means the returned key must be freed up after use. X509_get0_pubkey() is similar except it does <b>not</b> increment the reference count of the returned <b>EVP_PKEY</b> so it must not be freed up after use.</p>
+
+<p>X509_get_X509_PUBKEY() returns an internal pointer to the <b>X509_PUBKEY</b> structure which encodes the certificate of <b>x</b>. The returned value must not be freed up after use.</p>
+
+<p>X509_set_pubkey() attempts to set the public key for certificate <b>x</b> to <b>pkey</b>. The key <b>pkey</b> should be freed up after use.</p>
+
+<p>X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request <b>req</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The first time a public key is decoded the <b>EVP_PKEY</b> structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_set_pubkey() and X509_REQ_set_pubkey() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get0_signature.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get0_signature.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get0_signature.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_X509_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_X509_PUBKEY.html
new file mode 100644
index 000000000..28c43843e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_X509_PUBKEY.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_pubkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request public key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ EVP_PKEY *X509_get_pubkey(X509 *x);
+ EVP_PKEY *X509_get0_pubkey(const X509 *x);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
+
+ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+ EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_pubkey() attempts to decode the public key for certificate <b>x</b>. If successful it returns the public key as an <b>EVP_PKEY</b> pointer with its reference count incremented: this means the returned key must be freed up after use. X509_get0_pubkey() is similar except it does <b>not</b> increment the reference count of the returned <b>EVP_PKEY</b> so it must not be freed up after use.</p>
+
+<p>X509_get_X509_PUBKEY() returns an internal pointer to the <b>X509_PUBKEY</b> structure which encodes the certificate of <b>x</b>. The returned value must not be freed up after use.</p>
+
+<p>X509_set_pubkey() attempts to set the public key for certificate <b>x</b> to <b>pkey</b>. The key <b>pkey</b> should be freed up after use.</p>
+
+<p>X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request <b>req</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The first time a public key is decoded the <b>EVP_PKEY</b> structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_set_pubkey() and X509_REQ_set_pubkey() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_pubkey.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_pubkey.html
new file mode 100644
index 000000000..28c43843e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_pubkey.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_pubkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request public key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ EVP_PKEY *X509_get_pubkey(X509 *x);
+ EVP_PKEY *X509_get0_pubkey(const X509 *x);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
+
+ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+ EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_pubkey() attempts to decode the public key for certificate <b>x</b>. If successful it returns the public key as an <b>EVP_PKEY</b> pointer with its reference count incremented: this means the returned key must be freed up after use. X509_get0_pubkey() is similar except it does <b>not</b> increment the reference count of the returned <b>EVP_PKEY</b> so it must not be freed up after use.</p>
+
+<p>X509_get_X509_PUBKEY() returns an internal pointer to the <b>X509_PUBKEY</b> structure which encodes the certificate of <b>x</b>. The returned value must not be freed up after use.</p>
+
+<p>X509_set_pubkey() attempts to set the public key for certificate <b>x</b> to <b>pkey</b>. The key <b>pkey</b> should be freed up after use.</p>
+
+<p>X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request <b>req</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The first time a public key is decoded the <b>EVP_PKEY</b> structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_set_pubkey() and X509_REQ_set_pubkey() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_signature_nid.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_signature_nid.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_signature_nid.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_subject_name.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_subject_name.html
new file mode 100644
index 000000000..ae07d6d05
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_subject_name.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_subject_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_subject_name, X509_set_subject_name, X509_get_issuer_name, X509_set_issuer_name, X509_REQ_get_subject_name, X509_REQ_set_subject_name, X509_CRL_get_issuer, X509_CRL_set_issuer_name - get and set issuer or subject names</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_NAME *X509_get_subject_name(const X509 *x);
+ int X509_set_subject_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_get_issuer_name(const X509 *x);
+ int X509_set_issuer_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_subject_name() returns the subject name of certificate <b>x</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed.</p>
+
+<p>X509_set_subject_name() sets the issuer name of certificate <b>x</b> to <b>name</b>. The <b>name</b> parameter is copied internally and should be freed up when it is no longer needed.</p>
+
+<p>X509_get_issuer_name() and X509_set_issuer_name() are identical to X509_get_subject_name() and X509_set_subject_name() except the get and set the issuer name of <b>x</b>.</p>
+
+<p>Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an <b>X509_NAME</b> pointer.</p>
+
+<p>X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.</p>
+
+<p>X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_version.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_version.html
new file mode 100644
index 000000000..6cb54a862
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_get_version.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_version, X509_set_version, X509_REQ_get_version, X509_REQ_set_version, X509_CRL_get_version, X509_CRL_set_version - get or set certificate, certificate request or CRL version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ long X509_get_version(const X509 *x);
+ int X509_set_version(X509 *x, long version);
+
+ long X509_REQ_get_version(const X509_REQ *req);
+ int X509_REQ_set_version(X509_REQ *x, long version);
+
+ long X509_CRL_get_version(const X509_CRL *crl);
+ int X509_CRL_set_version(X509_CRL *x, long version);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_version() returns the numerical value of the version field of certificate <b>x</b>. Note: this is defined by standards (X.509 et al) to be one less than the certificate version. So a version 3 certificate will return 2 and a version 1 certificate will return 0.</p>
+
+<p>X509_set_version() sets the numerical value of the version field of certificate <b>x</b> to <b>version</b>.</p>
+
+<p>Similarly X509_REQ_get_version(), X509_REQ_set_version(), X509_CRL_get_version() and X509_CRL_set_version() get and set the version number of certificate requests and CRLs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The version field of certificates, certificate requests and CRLs has a DEFAULT value of <b>v1(0)</b> meaning the field should be omitted for version 1. This is handled transparently by these functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() return the numerical value of the version field.</p>
+
+<p>X509_set_version(), X509_REQ_set_version() and X509_CRL_set_version() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() are functions in OpenSSL 1.1.0, in previous versions they were macros.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_pubkey.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_pubkey.html
new file mode 100644
index 000000000..28c43843e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_pubkey.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_pubkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request public key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ EVP_PKEY *X509_get_pubkey(X509 *x);
+ EVP_PKEY *X509_get0_pubkey(const X509 *x);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
+
+ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+ EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_pubkey() attempts to decode the public key for certificate <b>x</b>. If successful it returns the public key as an <b>EVP_PKEY</b> pointer with its reference count incremented: this means the returned key must be freed up after use. X509_get0_pubkey() is similar except it does <b>not</b> increment the reference count of the returned <b>EVP_PKEY</b> so it must not be freed up after use.</p>
+
+<p>X509_get_X509_PUBKEY() returns an internal pointer to the <b>X509_PUBKEY</b> structure which encodes the certificate of <b>x</b>. The returned value must not be freed up after use.</p>
+
+<p>X509_set_pubkey() attempts to set the public key for certificate <b>x</b> to <b>pkey</b>. The key <b>pkey</b> should be freed up after use.</p>
+
+<p>X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request <b>req</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The first time a public key is decoded the <b>EVP_PKEY</b> structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_set_pubkey() and X509_REQ_set_pubkey() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_subject_name.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_subject_name.html
new file mode 100644
index 000000000..ae07d6d05
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_subject_name.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_subject_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_subject_name, X509_set_subject_name, X509_get_issuer_name, X509_set_issuer_name, X509_REQ_get_subject_name, X509_REQ_set_subject_name, X509_CRL_get_issuer, X509_CRL_set_issuer_name - get and set issuer or subject names</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_NAME *X509_get_subject_name(const X509 *x);
+ int X509_set_subject_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_get_issuer_name(const X509 *x);
+ int X509_set_issuer_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_subject_name() returns the subject name of certificate <b>x</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed.</p>
+
+<p>X509_set_subject_name() sets the issuer name of certificate <b>x</b> to <b>name</b>. The <b>name</b> parameter is copied internally and should be freed up when it is no longer needed.</p>
+
+<p>X509_get_issuer_name() and X509_set_issuer_name() are identical to X509_get_subject_name() and X509_set_subject_name() except the get and set the issuer name of <b>x</b>.</p>
+
+<p>Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an <b>X509_NAME</b> pointer.</p>
+
+<p>X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.</p>
+
+<p>X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_version.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_version.html
new file mode 100644
index 000000000..6cb54a862
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_set_version.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_version, X509_set_version, X509_REQ_get_version, X509_REQ_set_version, X509_CRL_get_version, X509_CRL_set_version - get or set certificate, certificate request or CRL version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ long X509_get_version(const X509 *x);
+ int X509_set_version(X509 *x, long version);
+
+ long X509_REQ_get_version(const X509_REQ *req);
+ int X509_REQ_set_version(X509_REQ *x, long version);
+
+ long X509_CRL_get_version(const X509_CRL *crl);
+ int X509_CRL_set_version(X509_CRL *x, long version);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_version() returns the numerical value of the version field of certificate <b>x</b>. Note: this is defined by standards (X.509 et al) to be one less than the certificate version. So a version 3 certificate will return 2 and a version 1 certificate will return 0.</p>
+
+<p>X509_set_version() sets the numerical value of the version field of certificate <b>x</b> to <b>version</b>.</p>
+
+<p>Similarly X509_REQ_get_version(), X509_REQ_set_version(), X509_CRL_get_version() and X509_CRL_set_version() get and set the version number of certificate requests and CRLs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The version field of certificates, certificate requests and CRLs has a DEFAULT value of <b>v1(0)</b> meaning the field should be omitted for version 1. This is handled transparently by these functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() return the numerical value of the version field.</p>
+
+<p>X509_set_version(), X509_REQ_set_version() and X509_CRL_set_version() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() are functions in OpenSSL 1.1.0, in previous versions they were macros.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_sign.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_sign.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_sign.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_sign_ctx.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_sign_ctx.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_sign_ctx.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REQ_verify.html b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_verify.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REQ_verify.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_add1_ext_i2d.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_add1_ext_i2d.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_add1_ext_i2d.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_add_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_add_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_add_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_delete_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_delete_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_delete_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_extensions.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_extensions.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_extensions.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_revocationDate.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_revocationDate.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_revocationDate.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_serialNumber.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_serialNumber.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get0_serialNumber.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_NID.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_NID.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_OBJ.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_OBJ.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_critical.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_critical.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_critical.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_count.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_count.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_count.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_d2i.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_d2i.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_d2i.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_set_revocationDate.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_set_revocationDate.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_set_revocationDate.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_set_serialNumber.html b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_set_serialNumber.html
new file mode 100644
index 000000000..01c8afa64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_REVOKED_set_serialNumber.html
@@ -0,0 +1,99 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_CRL_get0_by_serial</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_CRL_get0_by_serial(X509_CRL *crl,
+                             X509_REVOKED **ret, ASN1_INTEGER *serial);
+ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+
+ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
+ const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);
+
+ int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
+ int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+
+ int X509_CRL_sort(X509_CRL *crl);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_CRL_get0_by_serial() attempts to find a revoked entry in <b>crl</b> for serial number <b>serial</b>. If it is successful it sets <b>*ret</b> to the internal pointer of the matching entry, as a result <b>*ret</b> must not be freed up after the call.</p>
+
+<p>X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it looks for a revoked entry using the serial number of certificate <b>x</b>.</p>
+
+<p>X509_CRL_get_REVOKED() returns an internal pointer to a stack of all revoked entries for <b>crl</b>.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of <b>r</b>.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of <b>r</b>.</p>
+
+<p>X509_REVOKED_set_serialNumber() sets the serial number of <b>r</b> to <b>serial</b>. The supplied <b>serial</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_REVOKED_set_revocationDate() sets the revocation date of <b>r</b> to <b>tm</b>. The supplied <b>tm</b> pointer is not used internally so it should be freed up after use.</p>
+
+<p>X509_CRL_add0_revoked() appends revoked entry <b>rev</b> to CRL <b>crl</b>. The pointer <b>rev</b> is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.</p>
+
+<p>X509_CRL_sort() sorts the revoked entries of <b>crl</b> into ascending serial number order.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications can determine the number of revoked entries returned by X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one in turn using sk_X509_REVOKED_value().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, 1 on success except if the revoked entry has the reason <code>removeFromCRL</code> (8), in which case 2 is returned.</p>
+
+<p>X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for failure.</p>
+
+<p>X509_REVOKED_get0_serialNumber() returns an <b>ASN1_INTEGER</b> pointer.</p>
+
+<p>X509_REVOKED_get0_revocationDate() returns an <b>ASN1_TIME</b> value.</p>
+
+<p>X509_CRL_get_REVOKED() returns a STACK of revoked entries.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_SIG_INFO_get.html b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_INFO_get.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_INFO_get.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_SIG_INFO_set.html b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_INFO_set.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_INFO_set.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_SIG_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_SIG_get0.html b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_get0.html
new file mode 100644
index 000000000..35fea10ce
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_get0.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_SIG_get0</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_SIG_get0, X509_SIG_getm - DigestInfo functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **palg,
+                    const ASN1_OCTET_STRING **pdigest);
+ void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg,
+                    ASN1_OCTET_STRING **pdigest,</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_SIG_get0() returns pointers to the algorithm identifier and digest value in <b>sig</b>. X509_SIG_getm() is identical to X509_SIG_get0() except the pointers returned are not constant and can be modified: for example to initialise them.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_SIG_get0() and X509_SIG_getm() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_SIG_getm.html b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_getm.html
new file mode 100644
index 000000000..35fea10ce
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_getm.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_SIG_get0</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_SIG_get0, X509_SIG_getm - DigestInfo functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **palg,
+                    const ASN1_OCTET_STRING **pdigest);
+ void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg,
+                    ASN1_OCTET_STRING **pdigest,</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_SIG_get0() returns pointers to the algorithm identifier and digest value in <b>sig</b>. X509_SIG_getm() is identical to X509_SIG_get0() except the pointers returned are not constant and can be modified: for example to initialise them.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_SIG_get0() and X509_SIG_getm() return no values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_SIG_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_SIG_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cert_crl_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cert_crl_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cert_crl_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_crl_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_crl_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_crl_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_issued_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_issued_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_issued_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_policy_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_policy_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_policy_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_revocation_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_revocation_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_revocation_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cleanup.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cleanup.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cleanup_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cleanup_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_cleanup_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_free.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_free.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_cert.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_cert.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_cert.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_chain.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_chain.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_chain.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_param.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_param.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_param.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_untrusted.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_untrusted.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_untrusted.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get1_chain.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get1_chain.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get1_chain.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_cert_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_cert_crl.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_cert_crl.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_crl.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_crl.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_issued.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_issued.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_issued.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_policy.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_policy.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_policy.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_revocation.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_revocation.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_revocation.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_cleanup.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_cleanup.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_crl_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_crl_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_crl_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_current_cert.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_current_cert.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_current_cert.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_error.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_error.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_error.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_error_depth.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_error_depth.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_error_depth.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_get_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_get_crl.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_get_crl.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_get_issuer.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_get_issuer.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_get_issuer.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_issuer_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_issuer_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_issuer_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_lookup_certs.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_lookup_certs.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_lookup_certs.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_lookup_crls.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_lookup_crls.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_lookup_crls.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_num_untrusted.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_num_untrusted.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_num_untrusted.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_verify.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_verify.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_verify.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_verify_cb.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_verify_cb.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_verify_cb.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_init.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_init.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_init.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_lookup_certs_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_lookup_certs_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_lookup_certs_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_lookup_crls_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_lookup_crls_fn.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_lookup_crls_fn.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_new.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_new.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_crls.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_crls.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_crls.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_param.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_param.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_param.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_trusted_stack.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_trusted_stack.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_trusted_stack.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_untrusted.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_untrusted.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_untrusted.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_verified_chain.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_verified_chain.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_verified_chain.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_cert.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_cert.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_cert.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_current_cert.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_current_cert.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_current_cert.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_default.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_default.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_default.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_error.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_error.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_error.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_error_depth.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_error_depth.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_error_depth.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_verify.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_verify.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_verify.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_verify_cb.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_verify_cb.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_verify_cb.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_verify_cb.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_verify_cb.html
new file mode 100644
index 000000000..5ff17e80f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_verify_cb.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_set_verify_cb</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_cleanup, X509_STORE_CTX_get_lookup_crls, X509_STORE_CTX_get_lookup_certs, X509_STORE_CTX_get_check_policy, X509_STORE_CTX_get_cert_crl, X509_STORE_CTX_get_check_crl, X509_STORE_CTX_get_get_crl, X509_STORE_CTX_get_check_revocation, X509_STORE_CTX_get_check_issued, X509_STORE_CTX_get_get_issuer, X509_STORE_CTX_get_verify_cb, X509_STORE_CTX_set_verify_cb, X509_STORE_CTX_verify_cb - get and set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+
+ X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                   X509_STORE_CTX_verify_cb verify_cb);
+
+ X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx);
+ X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting any existing callback.</p>
+
+<p>The verification callback can be used to customise the operation of certificate verification, either by overriding error conditions or logging errors for debugging purposes.</p>
+
+<p>However a verification callback is <b>not</b> essential and the default operation is often sufficient.</p>
+
+<p>The <b>ok</b> parameter to the callback indicates the value the callback should return to retain the default behaviour. If it is zero then an error condition is indicated. If it is 1 then no error occurred. If the flag <b>X509_V_FLAG_NOTIFY_POLICY</b> is set then <b>ok</b> is set to 2 to indicate the policy checking is complete.</p>
+
+<p>The <b>ctx</b> parameter to the callback is the <b>X509_STORE_CTX</b> structure that is performing the verification operation. A callback can examine this structure and receive additional information about the error, for example by calling X509_STORE_CTX_get_current_cert(). Additional application data can be passed to the callback via the <b>ex_data</b> mechanism.</p>
+
+<p>X509_STORE_CTX_get_verify_cb() returns the value of the current callback for the specific <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() return the function pointers cached from the corresponding <b>X509_STORE</b>, please see <a href="../man3/X509_STORE_set_verify.html">X509_STORE_set_verify(3)</a> for more information.</p>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>In general a verification callback should <b>NOT</b> unconditionally return 1 in all circumstances because this will allow verification to succeed no matter what the error. This effectively removes all security from the application because <b>any</b> certificate (including untrusted generated ones) will be accepted.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The verification callback can be set and inherited from the parent structure performing the operation. In some cases (such as S/MIME verification) the <b>X509_STORE_CTX</b> structure is created and destroyed internally and the only way to set a custom verification callback is by inheriting it from the associated <b>X509_STORE</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_set_verify_cb() does not return a value.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Default callback operation:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     return ok;
+ }</code></pre>
+
+<p>Simple example, suppose a certificate in the chain is expired and we wish to continue after this error:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx) {
+     /* Tolerate certificate expiration */
+     if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+         return 1;
+     /* Otherwise don&#39;t override */
+     return ok;
+ }</code></pre>
+
+<p>More complex example, we don&#39;t wish to continue after <b>any</b> certificate has expired just one specific case:</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     int err = X509_STORE_CTX_get_error(ctx);
+     X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+     if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
+         if (check_is_acceptable_expired_cert(err_cert)
+             return 1;
+     }
+     return ok;
+ }</code></pre>
+
+<p>Full featured logging callback. In this case the <b>bio_err</b> is assumed to be a global logging <b>BIO</b>, an alternative would to store a BIO in <b>ctx</b> using <b>ex_data</b>.</p>
+
+<pre><code> int verify_callback(int ok, X509_STORE_CTX *ctx)
+ {
+     X509 *err_cert;
+     int err, depth;
+
+     err_cert = X509_STORE_CTX_get_current_cert(ctx);
+     err = X509_STORE_CTX_get_error(ctx);
+     depth = X509_STORE_CTX_get_error_depth(ctx);
+
+     BIO_printf(bio_err, &quot;depth=%d &quot;, depth);
+     if (err_cert) {
+         X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+     }
+     else
+         BIO_puts(bio_err, &quot;&lt;no cert&gt;\n&quot;);
+     if (!ok)
+         BIO_printf(bio_err, &quot;verify error:num=%d:%s\n&quot;, err,
+                    X509_verify_cert_error_string(err));
+     switch (err) {
+     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+         BIO_puts(bio_err, &quot;issuer= &quot;);
+         X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                            0, XN_FLAG_ONELINE);
+         BIO_puts(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_NOT_YET_VALID:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+         BIO_printf(bio_err, &quot;notBefore=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_CERT_HAS_EXPIRED:
+     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+         BIO_printf(bio_err, &quot;notAfter=&quot;);
+         ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+         BIO_printf(bio_err, &quot;\n&quot;);
+         break;
+     case X509_V_ERR_NO_EXPLICIT_POLICY:
+         policies_print(bio_err, ctx);
+         break;
+     }
+     if (err == X509_V_OK &amp;&amp; ok == 2)
+         /* print out policies */
+
+     BIO_printf(bio_err, &quot;verify return:%d\n&quot;, ok);
+     return(ok);
+ }</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a> <a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_CTX_get_ex_new_index.html">X509_STORE_CTX_get_ex_new_index(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_get_get_issuer(), X509_STORE_CTX_get_check_issued(), X509_STORE_CTX_get_check_revocation(), X509_STORE_CTX_get_get_crl(), X509_STORE_CTX_get_check_crl(), X509_STORE_CTX_get_cert_crl(), X509_STORE_CTX_get_check_policy(), X509_STORE_CTX_get_lookup_certs(), X509_STORE_CTX_get_lookup_crls() and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_verify_fn.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_verify_fn.html
new file mode 100644
index 000000000..604aa12e1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_CTX_verify_fn.html
@@ -0,0 +1,141 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_set_verify, X509_STORE_CTX_verify_fn - X509_STORE_CTX initialisation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                         X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
+ STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
+ void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+ STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
+
+ typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+ void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions initialise an <b>X509_STORE_CTX</b> structure for subsequent use by X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_new() returns a newly initialised <b>X509_STORE_CTX</b> structure.</p>
+
+<p>X509_STORE_CTX_cleanup() internally cleans up an <b>X509_STORE_CTX</b> structure. The context can then be reused with an new call to X509_STORE_CTX_init().</p>
+
+<p>X509_STORE_CTX_free() completely frees up <b>ctx</b>. After this call <b>ctx</b> is no longer valid. If <b>ctx</b> is NULL nothing is done.</p>
+
+<p>X509_STORE_CTX_init() sets up <b>ctx</b> for a subsequent verification operation. It must be called before each call to X509_verify_cert(), i.e. a <b>ctx</b> is only good for one call to X509_verify_cert(); if you want to verify a second certificate with the same <b>ctx</b> then you must call X509_STORE_CTX_cleanup() and then X509_STORE_CTX_init() again before the second call to X509_verify_cert(). The trusted certificate store is set to <b>store</b>, the end entity certificate to be verified is set to <b>x509</b> and a set of additional certificates (which will be untrusted but may be used to build the chain) in <b>chain</b>. Any or all of the <b>store</b>, <b>x509</b> and <b>chain</b> parameters can be <b>NULL</b>.</p>
+
+<p>X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of <b>ctx</b> to <b>sk</b>. This is an alternative way of specifying trusted certificates instead of using an <b>X509_STORE</b>.</p>
+
+<p>X509_STORE_CTX_set_cert() sets the certificate to be verified in <b>ctx</b> to <b>x</b>.</p>
+
+<p>X509_STORE_CTX_set0_verified_chain() sets the validated chain used by <b>ctx</b> to be <b>chain</b>. Ownership of the chain is transferred to <b>ctx</b> and should not be free&#39;d by the caller. X509_STORE_CTX_get0_chain() returns a the internal pointer used by the <b>ctx</b> that contains the validated chain.</p>
+
+<p>X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate verification to <b>sk</b>. These CRLs will only be used if CRL verification is enabled in the associated <b>X509_VERIFY_PARAM</b> structure. This might be used where additional &quot;useful&quot; CRLs are supplied as part of a protocol, for example in a PKCS#7 structure.</p>
+
+<p>X509_STORE_CTX_get0_param() retrieves an internal pointer to the verification parameters associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certificates associated with <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_set0_untrusted() sets the internal point to the stack of untrusted certificates associated with <b>ctx</b> to <b>sk</b>.</p>
+
+<p>X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to <b>param</b>. After this call <b>param</b> should not be used.</p>
+
+<p>X509_STORE_CTX_set_default() looks up and sets the default verification method to <b>name</b>. This uses the function X509_VERIFY_PARAM_lookup() to find an appropriate set of parameters from <b>name</b>.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates that were used in building the chain following a call to X509_verify_cert().</p>
+
+<p>X509_STORE_CTX_set_verify() provides the capability for overriding the default verify function. This function is responsible for verifying chain signatures and expiration times.</p>
+
+<p>A verify function is defined as an X509_STORE_CTX_verify type which has the following signature:</p>
+
+<pre><code> int (*verify)(X509_STORE_CTX *);</code></pre>
+
+<p>This function should receive the current X509_STORE_CTX as a parameter and return 1 on success or 0 on failure.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The certificates and CRLs in a store are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The certificates and CRLs in a context are used internally and should <b>not</b> be freed up until after the associated <b>X509_STORE_CTX</b> is freed. Copies should be made or reference counts increased instead.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_new() returns an newly allocates context or <b>NULL</b> is an error occurred.</p>
+
+<p>X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_set0_trusted_stack(), X509_STORE_CTX_set_cert(), X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return values.</p>
+
+<p>X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.</p>
+
+<p>X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates used.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> <a href="../man3/X509_VERIFY_PARAM_set_flags.html">X509_VERIFY_PARAM_set_flags(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_add_cert.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_add_cert.html
new file mode 100644
index 000000000..5a5c020fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_add_cert.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_add_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_load_locations, X509_STORE_set_default_paths - X509_STORE manipulation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+
+ int X509_STORE_load_locations(X509_STORE *ctx,
+                               const char *file, const char *dir);
+ int X509_STORE_set_default_paths(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_STORE</b> structure is intended to be a consolidated mechanism for holding information about X.509 certificates and CRLs, and constructing and validating chains of certificates terminating in trusted roots. It admits multiple lookup mechanisms and efficient scaling performance with large numbers of certificates, and a great deal of flexibility in how validation and policy checks are performed.</p>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a> creates an empty <b>X509_STORE</b> structure, which contains no information about trusted certificates or where such certificates are located on disk, and is generally not usable. Normally, trusted certificates will be added to the <b>X509_STORE</b> to prepare it for use, via mechanisms such as X509_STORE_add_lookup() and X509_LOOKUP_file(), or PEM_read_bio_X509_AUX() and X509_STORE_add_cert(). CRLs can also be added, and many behaviors configured as desired.</p>
+
+<p>Once the <b>X509_STORE</b> is suitably configured, X509_STORE_CTX_new() is used to instantiate a single-use <b>X509_STORE_CTX</b> for each chain-building and verification operation. That process includes providing the end-entity certificate to be verified and an additional set of untrusted certificates that may be used in chain-building. As such, it is expected that the certificates included in the <b>X509_STORE</b> are certificates that represent trusted entities such as root certificate authorities (CAs). OpenSSL represents these trusted certificates internally as <b>X509</b> objects with an associated <b>X509_CERT_AUX</b>, as are produced by PEM_read_bio_X509_AUX() and similar routines that refer to X509_AUX. The public interfaces that operate on such trusted certificates still operate on pointers to <b>X509</b> objects, though.</p>
+
+<p>X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object to the <b>X509_STORE</b>&#39;s local storage. Untrusted objects should not be added in this way.</p>
+
+<p>X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values for the corresponding values used in certificate chain validation. Their behavior is documented in the corresponding <b>X509_VERIFY_PARAM</b> manual pages, e.g., <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>.</p>
+
+<p>X509_STORE_load_locations() loads trusted certificate(s) into an <b>X509_STORE</b> from a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. The certificates in the directory must be in hashed form, as documented in <a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>.</p>
+
+<p>X509_STORE_set_default_paths() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the <b>X509_STORE</b> from the hardcoded default paths.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), X509_STORE_load_locations(), and X509_STORE_set_default_paths() return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>. <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>. <a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_add_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_add_crl.html
new file mode 100644
index 000000000..5a5c020fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_add_crl.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_add_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_load_locations, X509_STORE_set_default_paths - X509_STORE manipulation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+
+ int X509_STORE_load_locations(X509_STORE *ctx,
+                               const char *file, const char *dir);
+ int X509_STORE_set_default_paths(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_STORE</b> structure is intended to be a consolidated mechanism for holding information about X.509 certificates and CRLs, and constructing and validating chains of certificates terminating in trusted roots. It admits multiple lookup mechanisms and efficient scaling performance with large numbers of certificates, and a great deal of flexibility in how validation and policy checks are performed.</p>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a> creates an empty <b>X509_STORE</b> structure, which contains no information about trusted certificates or where such certificates are located on disk, and is generally not usable. Normally, trusted certificates will be added to the <b>X509_STORE</b> to prepare it for use, via mechanisms such as X509_STORE_add_lookup() and X509_LOOKUP_file(), or PEM_read_bio_X509_AUX() and X509_STORE_add_cert(). CRLs can also be added, and many behaviors configured as desired.</p>
+
+<p>Once the <b>X509_STORE</b> is suitably configured, X509_STORE_CTX_new() is used to instantiate a single-use <b>X509_STORE_CTX</b> for each chain-building and verification operation. That process includes providing the end-entity certificate to be verified and an additional set of untrusted certificates that may be used in chain-building. As such, it is expected that the certificates included in the <b>X509_STORE</b> are certificates that represent trusted entities such as root certificate authorities (CAs). OpenSSL represents these trusted certificates internally as <b>X509</b> objects with an associated <b>X509_CERT_AUX</b>, as are produced by PEM_read_bio_X509_AUX() and similar routines that refer to X509_AUX. The public interfaces that operate on such trusted certificates still operate on pointers to <b>X509</b> objects, though.</p>
+
+<p>X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object to the <b>X509_STORE</b>&#39;s local storage. Untrusted objects should not be added in this way.</p>
+
+<p>X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values for the corresponding values used in certificate chain validation. Their behavior is documented in the corresponding <b>X509_VERIFY_PARAM</b> manual pages, e.g., <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>.</p>
+
+<p>X509_STORE_load_locations() loads trusted certificate(s) into an <b>X509_STORE</b> from a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. The certificates in the directory must be in hashed form, as documented in <a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>.</p>
+
+<p>X509_STORE_set_default_paths() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the <b>X509_STORE</b> from the hardcoded default paths.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), X509_STORE_load_locations(), and X509_STORE_set_default_paths() return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>. <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>. <a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_free.html
new file mode 100644
index 000000000..a2416716a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_free.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_new, X509_STORE_up_ref, X509_STORE_free, X509_STORE_lock, X509_STORE_unlock - X509_STORE allocation, freeing and locking functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE *X509_STORE_new(void);
+ void X509_STORE_free(X509_STORE *v);
+ int X509_STORE_lock(X509_STORE *v);
+ int X509_STORE_unlock(X509_STORE *v);
+ int X509_STORE_up_ref(X509_STORE *v);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509_STORE_new() function returns a new X509_STORE.</p>
+
+<p>X509_STORE_up_ref() increments the reference count associated with the X509_STORE object.</p>
+
+<p>X509_STORE_lock() locks the store from modification by other threads, X509_STORE_unlock() locks it.</p>
+
+<p>X509_STORE_free() frees up a single X509_STORE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_new() returns a newly created X509_STORE or NULL if the call fails.</p>
+
+<p>X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() return 1 for success and 0 for failure.</p>
+
+<p>X509_STORE_free() does not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get0_objects.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get0_objects.html
new file mode 100644
index 000000000..1cd2b2206
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get0_objects.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_get0_param</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_get0_param, X509_STORE_set1_param, X509_STORE_get0_objects - X509_STORE setter and getter functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
+ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+ STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set1_param() sets the verification parameters to <b>pm</b> for <b>ctx</b>.</p>
+
+<p>X509_STORE_get0_param() retrieves an internal pointer to the verification parameters for <b>ctx</b>. The returned pointer must not be freed by the calling application</p>
+
+<p>X509_STORE_get0_objects() retrieve an internal pointer to the store&#39;s X509 object cache. The cache contains <b>X509</b> and <b>X509_CRL</b> objects. The returned pointer must not be freed by the calling application.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure.</p>
+
+<p>X509_STORE_set1_param() returns 1 for success and 0 for failure.</p>
+
+<p>X509_STORE_get0_objects() returns a pointer to a stack of <b>X509_OBJECT</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>X509_STORE_get0_param</b> and <b>X509_STORE_get0_objects</b> were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get0_param.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get0_param.html
new file mode 100644
index 000000000..1cd2b2206
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get0_param.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_get0_param</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_get0_param, X509_STORE_set1_param, X509_STORE_get0_objects - X509_STORE setter and getter functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
+ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+ STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set1_param() sets the verification parameters to <b>pm</b> for <b>ctx</b>.</p>
+
+<p>X509_STORE_get0_param() retrieves an internal pointer to the verification parameters for <b>ctx</b>. The returned pointer must not be freed by the calling application</p>
+
+<p>X509_STORE_get0_objects() retrieve an internal pointer to the store&#39;s X509 object cache. The cache contains <b>X509</b> and <b>X509_CRL</b> objects. The returned pointer must not be freed by the calling application.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure.</p>
+
+<p>X509_STORE_set1_param() returns 1 for success and 0 for failure.</p>
+
+<p>X509_STORE_get0_objects() returns a pointer to a stack of <b>X509_OBJECT</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>X509_STORE_get0_param</b> and <b>X509_STORE_get0_objects</b> were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_cert_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_cert_crl.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_cert_crl.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_crl.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_crl.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_issued.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_issued.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_issued.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_policy.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_policy.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_policy.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_revocation.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_revocation.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_check_revocation.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_cleanup.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_cleanup.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_get_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_get_crl.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_get_crl.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_get_issuer.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_get_issuer.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_get_issuer.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_lookup_certs.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_lookup_certs.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_lookup_certs.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_lookup_crls.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_lookup_crls.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_lookup_crls.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_verify_cb.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_verify_cb.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_get_verify_cb.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_load_locations.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_load_locations.html
new file mode 100644
index 000000000..5a5c020fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_load_locations.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_add_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_load_locations, X509_STORE_set_default_paths - X509_STORE manipulation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+
+ int X509_STORE_load_locations(X509_STORE *ctx,
+                               const char *file, const char *dir);
+ int X509_STORE_set_default_paths(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_STORE</b> structure is intended to be a consolidated mechanism for holding information about X.509 certificates and CRLs, and constructing and validating chains of certificates terminating in trusted roots. It admits multiple lookup mechanisms and efficient scaling performance with large numbers of certificates, and a great deal of flexibility in how validation and policy checks are performed.</p>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a> creates an empty <b>X509_STORE</b> structure, which contains no information about trusted certificates or where such certificates are located on disk, and is generally not usable. Normally, trusted certificates will be added to the <b>X509_STORE</b> to prepare it for use, via mechanisms such as X509_STORE_add_lookup() and X509_LOOKUP_file(), or PEM_read_bio_X509_AUX() and X509_STORE_add_cert(). CRLs can also be added, and many behaviors configured as desired.</p>
+
+<p>Once the <b>X509_STORE</b> is suitably configured, X509_STORE_CTX_new() is used to instantiate a single-use <b>X509_STORE_CTX</b> for each chain-building and verification operation. That process includes providing the end-entity certificate to be verified and an additional set of untrusted certificates that may be used in chain-building. As such, it is expected that the certificates included in the <b>X509_STORE</b> are certificates that represent trusted entities such as root certificate authorities (CAs). OpenSSL represents these trusted certificates internally as <b>X509</b> objects with an associated <b>X509_CERT_AUX</b>, as are produced by PEM_read_bio_X509_AUX() and similar routines that refer to X509_AUX. The public interfaces that operate on such trusted certificates still operate on pointers to <b>X509</b> objects, though.</p>
+
+<p>X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object to the <b>X509_STORE</b>&#39;s local storage. Untrusted objects should not be added in this way.</p>
+
+<p>X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values for the corresponding values used in certificate chain validation. Their behavior is documented in the corresponding <b>X509_VERIFY_PARAM</b> manual pages, e.g., <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>.</p>
+
+<p>X509_STORE_load_locations() loads trusted certificate(s) into an <b>X509_STORE</b> from a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. The certificates in the directory must be in hashed form, as documented in <a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>.</p>
+
+<p>X509_STORE_set_default_paths() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the <b>X509_STORE</b> from the hardcoded default paths.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), X509_STORE_load_locations(), and X509_STORE_set_default_paths() return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>. <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>. <a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_lock.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_lock.html
new file mode 100644
index 000000000..a2416716a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_lock.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_new, X509_STORE_up_ref, X509_STORE_free, X509_STORE_lock, X509_STORE_unlock - X509_STORE allocation, freeing and locking functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE *X509_STORE_new(void);
+ void X509_STORE_free(X509_STORE *v);
+ int X509_STORE_lock(X509_STORE *v);
+ int X509_STORE_unlock(X509_STORE *v);
+ int X509_STORE_up_ref(X509_STORE *v);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509_STORE_new() function returns a new X509_STORE.</p>
+
+<p>X509_STORE_up_ref() increments the reference count associated with the X509_STORE object.</p>
+
+<p>X509_STORE_lock() locks the store from modification by other threads, X509_STORE_unlock() locks it.</p>
+
+<p>X509_STORE_free() frees up a single X509_STORE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_new() returns a newly created X509_STORE or NULL if the call fails.</p>
+
+<p>X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() return 1 for success and 0 for failure.</p>
+
+<p>X509_STORE_free() does not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_new.html
new file mode 100644
index 000000000..a2416716a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_new.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_new, X509_STORE_up_ref, X509_STORE_free, X509_STORE_lock, X509_STORE_unlock - X509_STORE allocation, freeing and locking functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE *X509_STORE_new(void);
+ void X509_STORE_free(X509_STORE *v);
+ int X509_STORE_lock(X509_STORE *v);
+ int X509_STORE_unlock(X509_STORE *v);
+ int X509_STORE_up_ref(X509_STORE *v);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509_STORE_new() function returns a new X509_STORE.</p>
+
+<p>X509_STORE_up_ref() increments the reference count associated with the X509_STORE object.</p>
+
+<p>X509_STORE_lock() locks the store from modification by other threads, X509_STORE_unlock() locks it.</p>
+
+<p>X509_STORE_free() frees up a single X509_STORE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_new() returns a newly created X509_STORE or NULL if the call fails.</p>
+
+<p>X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() return 1 for success and 0 for failure.</p>
+
+<p>X509_STORE_free() does not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set1_param.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set1_param.html
new file mode 100644
index 000000000..1cd2b2206
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set1_param.html
@@ -0,0 +1,71 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_get0_param</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_get0_param, X509_STORE_set1_param, X509_STORE_get0_objects - X509_STORE setter and getter functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
+ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+ STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set1_param() sets the verification parameters to <b>pm</b> for <b>ctx</b>.</p>
+
+<p>X509_STORE_get0_param() retrieves an internal pointer to the verification parameters for <b>ctx</b>. The returned pointer must not be freed by the calling application</p>
+
+<p>X509_STORE_get0_objects() retrieve an internal pointer to the store&#39;s X509 object cache. The cache contains <b>X509</b> and <b>X509_CRL</b> objects. The returned pointer must not be freed by the calling application.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_get0_param() returns a pointer to an <b>X509_VERIFY_PARAM</b> structure.</p>
+
+<p>X509_STORE_set1_param() returns 1 for success and 0 for failure.</p>
+
+<p>X509_STORE_get0_objects() returns a pointer to a stack of <b>X509_OBJECT</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>X509_STORE_get0_param</b> and <b>X509_STORE_get0_objects</b> were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_cert_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_cert_crl.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_cert_crl.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_crl.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_crl.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_issued.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_issued.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_issued.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_policy.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_policy.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_policy.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_revocation.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_revocation.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_check_revocation.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_cleanup.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_cleanup.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_cleanup.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_default_paths.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_default_paths.html
new file mode 100644
index 000000000..5a5c020fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_default_paths.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_add_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_load_locations, X509_STORE_set_default_paths - X509_STORE manipulation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+
+ int X509_STORE_load_locations(X509_STORE *ctx,
+                               const char *file, const char *dir);
+ int X509_STORE_set_default_paths(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_STORE</b> structure is intended to be a consolidated mechanism for holding information about X.509 certificates and CRLs, and constructing and validating chains of certificates terminating in trusted roots. It admits multiple lookup mechanisms and efficient scaling performance with large numbers of certificates, and a great deal of flexibility in how validation and policy checks are performed.</p>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a> creates an empty <b>X509_STORE</b> structure, which contains no information about trusted certificates or where such certificates are located on disk, and is generally not usable. Normally, trusted certificates will be added to the <b>X509_STORE</b> to prepare it for use, via mechanisms such as X509_STORE_add_lookup() and X509_LOOKUP_file(), or PEM_read_bio_X509_AUX() and X509_STORE_add_cert(). CRLs can also be added, and many behaviors configured as desired.</p>
+
+<p>Once the <b>X509_STORE</b> is suitably configured, X509_STORE_CTX_new() is used to instantiate a single-use <b>X509_STORE_CTX</b> for each chain-building and verification operation. That process includes providing the end-entity certificate to be verified and an additional set of untrusted certificates that may be used in chain-building. As such, it is expected that the certificates included in the <b>X509_STORE</b> are certificates that represent trusted entities such as root certificate authorities (CAs). OpenSSL represents these trusted certificates internally as <b>X509</b> objects with an associated <b>X509_CERT_AUX</b>, as are produced by PEM_read_bio_X509_AUX() and similar routines that refer to X509_AUX. The public interfaces that operate on such trusted certificates still operate on pointers to <b>X509</b> objects, though.</p>
+
+<p>X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object to the <b>X509_STORE</b>&#39;s local storage. Untrusted objects should not be added in this way.</p>
+
+<p>X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values for the corresponding values used in certificate chain validation. Their behavior is documented in the corresponding <b>X509_VERIFY_PARAM</b> manual pages, e.g., <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>.</p>
+
+<p>X509_STORE_load_locations() loads trusted certificate(s) into an <b>X509_STORE</b> from a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. The certificates in the directory must be in hashed form, as documented in <a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>.</p>
+
+<p>X509_STORE_set_default_paths() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the <b>X509_STORE</b> from the hardcoded default paths.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), X509_STORE_load_locations(), and X509_STORE_set_default_paths() return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>. <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>. <a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_depth.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_depth.html
new file mode 100644
index 000000000..5a5c020fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_depth.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_add_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_load_locations, X509_STORE_set_default_paths - X509_STORE manipulation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+
+ int X509_STORE_load_locations(X509_STORE *ctx,
+                               const char *file, const char *dir);
+ int X509_STORE_set_default_paths(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_STORE</b> structure is intended to be a consolidated mechanism for holding information about X.509 certificates and CRLs, and constructing and validating chains of certificates terminating in trusted roots. It admits multiple lookup mechanisms and efficient scaling performance with large numbers of certificates, and a great deal of flexibility in how validation and policy checks are performed.</p>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a> creates an empty <b>X509_STORE</b> structure, which contains no information about trusted certificates or where such certificates are located on disk, and is generally not usable. Normally, trusted certificates will be added to the <b>X509_STORE</b> to prepare it for use, via mechanisms such as X509_STORE_add_lookup() and X509_LOOKUP_file(), or PEM_read_bio_X509_AUX() and X509_STORE_add_cert(). CRLs can also be added, and many behaviors configured as desired.</p>
+
+<p>Once the <b>X509_STORE</b> is suitably configured, X509_STORE_CTX_new() is used to instantiate a single-use <b>X509_STORE_CTX</b> for each chain-building and verification operation. That process includes providing the end-entity certificate to be verified and an additional set of untrusted certificates that may be used in chain-building. As such, it is expected that the certificates included in the <b>X509_STORE</b> are certificates that represent trusted entities such as root certificate authorities (CAs). OpenSSL represents these trusted certificates internally as <b>X509</b> objects with an associated <b>X509_CERT_AUX</b>, as are produced by PEM_read_bio_X509_AUX() and similar routines that refer to X509_AUX. The public interfaces that operate on such trusted certificates still operate on pointers to <b>X509</b> objects, though.</p>
+
+<p>X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object to the <b>X509_STORE</b>&#39;s local storage. Untrusted objects should not be added in this way.</p>
+
+<p>X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values for the corresponding values used in certificate chain validation. Their behavior is documented in the corresponding <b>X509_VERIFY_PARAM</b> manual pages, e.g., <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>.</p>
+
+<p>X509_STORE_load_locations() loads trusted certificate(s) into an <b>X509_STORE</b> from a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. The certificates in the directory must be in hashed form, as documented in <a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>.</p>
+
+<p>X509_STORE_set_default_paths() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the <b>X509_STORE</b> from the hardcoded default paths.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), X509_STORE_load_locations(), and X509_STORE_set_default_paths() return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>. <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>. <a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_flags.html
new file mode 100644
index 000000000..5a5c020fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_flags.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_add_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_load_locations, X509_STORE_set_default_paths - X509_STORE manipulation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+
+ int X509_STORE_load_locations(X509_STORE *ctx,
+                               const char *file, const char *dir);
+ int X509_STORE_set_default_paths(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_STORE</b> structure is intended to be a consolidated mechanism for holding information about X.509 certificates and CRLs, and constructing and validating chains of certificates terminating in trusted roots. It admits multiple lookup mechanisms and efficient scaling performance with large numbers of certificates, and a great deal of flexibility in how validation and policy checks are performed.</p>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a> creates an empty <b>X509_STORE</b> structure, which contains no information about trusted certificates or where such certificates are located on disk, and is generally not usable. Normally, trusted certificates will be added to the <b>X509_STORE</b> to prepare it for use, via mechanisms such as X509_STORE_add_lookup() and X509_LOOKUP_file(), or PEM_read_bio_X509_AUX() and X509_STORE_add_cert(). CRLs can also be added, and many behaviors configured as desired.</p>
+
+<p>Once the <b>X509_STORE</b> is suitably configured, X509_STORE_CTX_new() is used to instantiate a single-use <b>X509_STORE_CTX</b> for each chain-building and verification operation. That process includes providing the end-entity certificate to be verified and an additional set of untrusted certificates that may be used in chain-building. As such, it is expected that the certificates included in the <b>X509_STORE</b> are certificates that represent trusted entities such as root certificate authorities (CAs). OpenSSL represents these trusted certificates internally as <b>X509</b> objects with an associated <b>X509_CERT_AUX</b>, as are produced by PEM_read_bio_X509_AUX() and similar routines that refer to X509_AUX. The public interfaces that operate on such trusted certificates still operate on pointers to <b>X509</b> objects, though.</p>
+
+<p>X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object to the <b>X509_STORE</b>&#39;s local storage. Untrusted objects should not be added in this way.</p>
+
+<p>X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values for the corresponding values used in certificate chain validation. Their behavior is documented in the corresponding <b>X509_VERIFY_PARAM</b> manual pages, e.g., <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>.</p>
+
+<p>X509_STORE_load_locations() loads trusted certificate(s) into an <b>X509_STORE</b> from a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. The certificates in the directory must be in hashed form, as documented in <a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>.</p>
+
+<p>X509_STORE_set_default_paths() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the <b>X509_STORE</b> from the hardcoded default paths.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), X509_STORE_load_locations(), and X509_STORE_set_default_paths() return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>. <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>. <a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_get_crl.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_get_crl.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_get_crl.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_get_issuer.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_get_issuer.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_get_issuer.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_certs.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_certs.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_certs.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_crls.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_crls.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_crls.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_crls_cb.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_crls_cb.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_crls_cb.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_purpose.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_purpose.html
new file mode 100644
index 000000000..5a5c020fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_purpose.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_add_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_load_locations, X509_STORE_set_default_paths - X509_STORE manipulation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+
+ int X509_STORE_load_locations(X509_STORE *ctx,
+                               const char *file, const char *dir);
+ int X509_STORE_set_default_paths(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_STORE</b> structure is intended to be a consolidated mechanism for holding information about X.509 certificates and CRLs, and constructing and validating chains of certificates terminating in trusted roots. It admits multiple lookup mechanisms and efficient scaling performance with large numbers of certificates, and a great deal of flexibility in how validation and policy checks are performed.</p>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a> creates an empty <b>X509_STORE</b> structure, which contains no information about trusted certificates or where such certificates are located on disk, and is generally not usable. Normally, trusted certificates will be added to the <b>X509_STORE</b> to prepare it for use, via mechanisms such as X509_STORE_add_lookup() and X509_LOOKUP_file(), or PEM_read_bio_X509_AUX() and X509_STORE_add_cert(). CRLs can also be added, and many behaviors configured as desired.</p>
+
+<p>Once the <b>X509_STORE</b> is suitably configured, X509_STORE_CTX_new() is used to instantiate a single-use <b>X509_STORE_CTX</b> for each chain-building and verification operation. That process includes providing the end-entity certificate to be verified and an additional set of untrusted certificates that may be used in chain-building. As such, it is expected that the certificates included in the <b>X509_STORE</b> are certificates that represent trusted entities such as root certificate authorities (CAs). OpenSSL represents these trusted certificates internally as <b>X509</b> objects with an associated <b>X509_CERT_AUX</b>, as are produced by PEM_read_bio_X509_AUX() and similar routines that refer to X509_AUX. The public interfaces that operate on such trusted certificates still operate on pointers to <b>X509</b> objects, though.</p>
+
+<p>X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object to the <b>X509_STORE</b>&#39;s local storage. Untrusted objects should not be added in this way.</p>
+
+<p>X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values for the corresponding values used in certificate chain validation. Their behavior is documented in the corresponding <b>X509_VERIFY_PARAM</b> manual pages, e.g., <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>.</p>
+
+<p>X509_STORE_load_locations() loads trusted certificate(s) into an <b>X509_STORE</b> from a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. The certificates in the directory must be in hashed form, as documented in <a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>.</p>
+
+<p>X509_STORE_set_default_paths() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the <b>X509_STORE</b> from the hardcoded default paths.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), X509_STORE_load_locations(), and X509_STORE_set_default_paths() return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>. <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>. <a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_trust.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_trust.html
new file mode 100644
index 000000000..5a5c020fc
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_trust.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_add_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_load_locations, X509_STORE_set_default_paths - X509_STORE manipulation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+ int X509_STORE_set_depth(X509_STORE *store, int depth);
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+
+ int X509_STORE_load_locations(X509_STORE *ctx,
+                               const char *file, const char *dir);
+ int X509_STORE_set_default_paths(X509_STORE *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_STORE</b> structure is intended to be a consolidated mechanism for holding information about X.509 certificates and CRLs, and constructing and validating chains of certificates terminating in trusted roots. It admits multiple lookup mechanisms and efficient scaling performance with large numbers of certificates, and a great deal of flexibility in how validation and policy checks are performed.</p>
+
+<p><a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a> creates an empty <b>X509_STORE</b> structure, which contains no information about trusted certificates or where such certificates are located on disk, and is generally not usable. Normally, trusted certificates will be added to the <b>X509_STORE</b> to prepare it for use, via mechanisms such as X509_STORE_add_lookup() and X509_LOOKUP_file(), or PEM_read_bio_X509_AUX() and X509_STORE_add_cert(). CRLs can also be added, and many behaviors configured as desired.</p>
+
+<p>Once the <b>X509_STORE</b> is suitably configured, X509_STORE_CTX_new() is used to instantiate a single-use <b>X509_STORE_CTX</b> for each chain-building and verification operation. That process includes providing the end-entity certificate to be verified and an additional set of untrusted certificates that may be used in chain-building. As such, it is expected that the certificates included in the <b>X509_STORE</b> are certificates that represent trusted entities such as root certificate authorities (CAs). OpenSSL represents these trusted certificates internally as <b>X509</b> objects with an associated <b>X509_CERT_AUX</b>, as are produced by PEM_read_bio_X509_AUX() and similar routines that refer to X509_AUX. The public interfaces that operate on such trusted certificates still operate on pointers to <b>X509</b> objects, though.</p>
+
+<p>X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object to the <b>X509_STORE</b>&#39;s local storage. Untrusted objects should not be added in this way.</p>
+
+<p>X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values for the corresponding values used in certificate chain validation. Their behavior is documented in the corresponding <b>X509_VERIFY_PARAM</b> manual pages, e.g., <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>.</p>
+
+<p>X509_STORE_load_locations() loads trusted certificate(s) into an <b>X509_STORE</b> from a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. The certificates in the directory must be in hashed form, as documented in <a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>.</p>
+
+<p>X509_STORE_set_default_paths() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the <b>X509_STORE</b> from the hardcoded default paths.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), X509_STORE_load_locations(), and X509_STORE_set_default_paths() return 1 on success or 0 on failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_LOOKUP_hash_dir.html">X509_LOOKUP_hash_dir(3)</a>. <a href="../man3/X509_VERIFY_PARAM_set_depth.html">X509_VERIFY_PARAM_set_depth(3)</a>. <a href="../man3/X509_STORE_new.html">X509_STORE_new(3)</a>, <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_cb.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_cb.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_cb.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_cb_func.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_cb_func.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_cb_func.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_func.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_func.html
new file mode 100644
index 000000000..9281bd562
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_set_verify_func.html
@@ -0,0 +1,169 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_set_verify_cb_func</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_set_lookup_crls_cb, X509_STORE_set_verify_func, X509_STORE_get_cleanup, X509_STORE_set_cleanup, X509_STORE_get_lookup_crls, X509_STORE_set_lookup_crls, X509_STORE_get_lookup_certs, X509_STORE_set_lookup_certs, X509_STORE_get_check_policy, X509_STORE_set_check_policy, X509_STORE_get_cert_crl, X509_STORE_set_cert_crl, X509_STORE_get_check_crl, X509_STORE_set_check_crl, X509_STORE_get_get_crl, X509_STORE_set_get_crl, X509_STORE_get_check_revocation, X509_STORE_set_check_revocation, X509_STORE_get_check_issued, X509_STORE_set_check_issued, X509_STORE_get_get_issuer, X509_STORE_set_get_issuer, X509_STORE_CTX_get_verify, X509_STORE_set_verify, X509_STORE_get_verify_cb, X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb, X509_STORE_CTX_cert_crl_fn, X509_STORE_CTX_check_crl_fn, X509_STORE_CTX_check_issued_fn, X509_STORE_CTX_check_policy_fn, X509_STORE_CTX_check_revocation_fn, X509_STORE_CTX_cleanup_fn, X509_STORE_CTX_get_crl_fn, X509_STORE_CTX_get_issuer_fn, X509_STORE_CTX_lookup_certs_fn, X509_STORE_CTX_lookup_crls_fn - set verification callback</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+                                             X509_STORE_CTX *ctx, X509 *x);
+ typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+                                               X509 *x, X509 *issuer);
+ typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+ typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+                                          X509_CRL **crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+ typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+                                           X509_CRL *crl, X509 *x);
+ typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+ typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+                                                           X509_NAME *nm);
+ typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+                                                              X509_NAME *nm);
+ typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                               X509_STORE_CTX_verify_cb verify_cb);
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+ X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_issuer(X509_STORE *ctx,
+                                X509_STORE_CTX_get_issuer_fn get_issuer);
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_issued(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_issued_fn check_issued);
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_revocation(X509_STORE *ctx,
+                                      X509_STORE_CTX_check_revocation_fn check_revocation);
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_get_crl(X509_STORE *ctx,
+                             X509_STORE_CTX_get_crl_fn get_crl);
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_crl(X509_STORE *ctx,
+                               X509_STORE_CTX_check_crl_fn check_crl);
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cert_crl(X509_STORE *ctx,
+                              X509_STORE_CTX_cert_crl_fn cert_crl);
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_check_policy(X509_STORE *ctx,
+                                  X509_STORE_CTX_check_policy_fn check_policy);
+ X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+                                  X509_STORE_CTX_lookup_certs_fn lookup_certs);
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+                                 X509_STORE_CTX_lookup_crls_fn lookup_crls);
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE_CTX *ctx);
+
+ void X509_STORE_set_cleanup(X509_STORE *ctx,
+                             X509_STORE_CTX_cleanup_fn cleanup);
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE_CTX *ctx);
+
+ /* Aliases */
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+                                    X509_STORE_CTX_verify_cb verify_cb);
+ void X509_STORE_set_verify_func(X509_STORE *ctx,
+                                 X509_STORE_CTX_verify_fn verify);
+ void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                    X509_STORE_CTX_lookup_crls_fn lookup_crls);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_STORE_set_verify_cb() sets the verification callback of <b>ctx</b> to <b>verify_cb</b> overwriting the previous callback. The callback assigned with this function becomes a default for the one that can be assigned directly to the corresponding <b>X509_STORE_CTX</b>, please see <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further information.</p>
+
+<p>X509_STORE_set_verify() sets the final chain verification function for <b>ctx</b> to <b>verify</b>. Its purpose is to go through the chain of certificates and check that all signatures are valid and that the current time is within the limits of each certificate&#39;s first and last validity time. The final chain verification functions must return 0 on failure and 1 on success. <i>If no chain verification function is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_issuer() sets the function to get the issuer certificate that verifies the given certificate <b>x</b>. When found, the issuer certificate must be assigned to <b>*issuer</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_issued() sets the function to check that a given certificate <b>x</b> is issued with the issuer certificate <b>issuer</b>. This function must return 0 on failure (among others if <b>x</b> hasn&#39;t been issued with <b>issuer</b>) and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_revocation() sets the revocation checking function. Its purpose is to look through the final chain and check the revocation status for each certificate. It must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_get_crl() sets the function to get the crl for a given certificate <b>x</b>. When found, the crl must be assigned to <b>*crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_crl() sets the function to check the validity of the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cert_crl() sets the function to check the revocation status of the given certificate <b>x</b> against the given <b>crl</b>. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_check_policy() sets the function to check the policies of all the certificates in the final chain.. This function must return 0 on failure and 1 on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_lookup_certs() and X509_STORE_set_lookup_crls() set the functions to look up all the certs or all the CRLs that match the given name <b>nm</b>. These functions return NULL on failure and a pointer to a stack of certificates (<b>X509</b>) or to a stack of CRLs (<b>X509_CRL</b>) on success. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_set_cleanup() sets the final cleanup function, which is called when the context (<b>X509_STORE_CTX</b>) is being torn down. This function doesn&#39;t return any value. <i>If no function to get the issuer is provided, the internal default function will be used instead.</i></p>
+
+<p>X509_STORE_get_verify_cb(), X509_STORE_CTX_get_verify(), X509_STORE_get_get_issuer(), X509_STORE_get_check_issued(), X509_STORE_get_check_revocation(), X509_STORE_get_get_crl(), X509_STORE_get_check_crl(), X509_STORE_set_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_cert_crl(), X509_STORE_get_check_policy(), X509_STORE_get_lookup_certs(), X509_STORE_get_lookup_crls() and X509_STORE_get_cleanup() all return the function pointer assigned with X509_STORE_set_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_set_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_set_lookup_crls() and X509_STORE_set_cleanup(), or NULL if no assignment has been made.</p>
+
+<p>X509_STORE_set_verify_cb_func(), X509_STORE_set_verify_func() and X509_STORE_set_lookup_crls_cb() are aliases for X509_STORE_set_verify_cb(), X509_STORE_set_verify() and X509_STORE_set_lookup_crls, available as macros for backward compatibility.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All the callbacks from a <b>X509_STORE</b> are inherited by the corresponding <b>X509_STORE_CTX</b> structure when it is initialized. See <a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a> for further details.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The macro version of this function was the only one available before OpenSSL 1.0.0.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The X509_STORE_set_*() functions do not return a value.</p>
+
+<p>The X509_STORE_get_*() functions return a pointer of the appropriate function type.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_set_verify_cb.html">X509_STORE_CTX_set_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_get0_chain.html">X509_STORE_CTX_get0_chain(3)</a>, <a href="../man3/X509_STORE_CTX_verify_cb.html">X509_STORE_CTX_verify_cb(3)</a>, <a href="../man3/X509_STORE_CTX_verify_fn.html">X509_STORE_CTX_verify_fn(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_set_verify_cb() function was added in OpenSSL 1.0.0.</p>
+
+<p>The functions X509_STORE_set_verify_cb(), X509_STORE_get_verify_cb(), X509_STORE_set_verify(), X509_STORE_CTX_get_verify(), X509_STORE_set_get_issuer(), X509_STORE_get_get_issuer(), X509_STORE_set_check_issued(), X509_STORE_get_check_issued(), X509_STORE_set_check_revocation(), X509_STORE_get_check_revocation(), X509_STORE_set_get_crl(), X509_STORE_get_get_crl(), X509_STORE_set_check_crl(), X509_STORE_get_check_crl(), X509_STORE_set_cert_crl(), X509_STORE_get_cert_crl(), X509_STORE_set_check_policy(), X509_STORE_get_check_policy(), X509_STORE_set_lookup_certs(), X509_STORE_get_lookup_certs(), X509_STORE_set_lookup_crls(), X509_STORE_get_lookup_crls(), X509_STORE_set_cleanup() and X509_STORE_get_cleanup() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_unlock.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_unlock.html
new file mode 100644
index 000000000..a2416716a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_unlock.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_new, X509_STORE_up_ref, X509_STORE_free, X509_STORE_lock, X509_STORE_unlock - X509_STORE allocation, freeing and locking functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE *X509_STORE_new(void);
+ void X509_STORE_free(X509_STORE *v);
+ int X509_STORE_lock(X509_STORE *v);
+ int X509_STORE_unlock(X509_STORE *v);
+ int X509_STORE_up_ref(X509_STORE *v);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509_STORE_new() function returns a new X509_STORE.</p>
+
+<p>X509_STORE_up_ref() increments the reference count associated with the X509_STORE object.</p>
+
+<p>X509_STORE_lock() locks the store from modification by other threads, X509_STORE_unlock() locks it.</p>
+
+<p>X509_STORE_free() frees up a single X509_STORE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_new() returns a newly created X509_STORE or NULL if the call fails.</p>
+
+<p>X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() return 1 for success and 0 for failure.</p>
+
+<p>X509_STORE_free() does not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_STORE_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_up_ref.html
new file mode 100644
index 000000000..a2416716a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_STORE_up_ref.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_new, X509_STORE_up_ref, X509_STORE_free, X509_STORE_lock, X509_STORE_unlock - X509_STORE allocation, freeing and locking functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_STORE *X509_STORE_new(void);
+ void X509_STORE_free(X509_STORE *v);
+ int X509_STORE_lock(X509_STORE *v);
+ int X509_STORE_unlock(X509_STORE *v);
+ int X509_STORE_up_ref(X509_STORE *v);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509_STORE_new() function returns a new X509_STORE.</p>
+
+<p>X509_STORE_up_ref() increments the reference count associated with the X509_STORE object.</p>
+
+<p>X509_STORE_lock() locks the store from modification by other threads, X509_STORE_unlock() locks it.</p>
+
+<p>X509_STORE_free() frees up a single X509_STORE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_new() returns a newly created X509_STORE or NULL if the call fails.</p>
+
+<p>X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() return 1 for success and 0 for failure.</p>
+
+<p>X509_STORE_free() does not return values.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_set_verify_cb_func.html">X509_STORE_set_verify_cb_func(3)</a> <a href="../man3/X509_STORE_get0_param.html">X509_STORE_get0_param(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_STORE_up_ref(), X509_STORE_lock() and X509_STORE_unlock() functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VAL_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_VAL_free.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VAL_free.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VAL_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_VAL_new.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VAL_new.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_add0_policy.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_add0_policy.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_add0_policy.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_add1_host.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_add1_host.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_add1_host.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_clear_flags.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_clear_flags.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_clear_flags.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get0_peername.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get0_peername.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get0_peername.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_auth_level.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_auth_level.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_auth_level.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_depth.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_depth.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_depth.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_flags.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_flags.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_flags.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_hostflags.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_hostflags.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_hostflags.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_inh_flags.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_inh_flags.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_inh_flags.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_time.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_time.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_time.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_email.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_email.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_email.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_host.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_host.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_host.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_ip.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_ip.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_ip.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_ip_asc.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_ip_asc.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_ip_asc.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_policies.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_policies.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_policies.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_auth_level.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_auth_level.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_auth_level.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_depth.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_depth.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_depth.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_flags.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_flags.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_flags.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_hostflags.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_hostflags.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_hostflags.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_inh_flags.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_inh_flags.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_inh_flags.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_purpose.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_purpose.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_purpose.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_time.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_time.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_time.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_trust.html b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_trust.html
new file mode 100644
index 000000000..b64e42d17
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_trust.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_VERIFY_PARAM_set_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#VERIFICATION-FLAGS">VERIFICATION FLAGS</a></li>
+  <li><a href="#INHERITANCE-FLAGS">INHERITANCE FLAGS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_get_inh_flags, X509_VERIFY_PARAM_set_inh_flags, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_auth_level, X509_VERIFY_PARAM_get_auth_level, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_get_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                 unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                   unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+                                     uint32_t flags);
+ uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+ time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                   ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                     STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param,
+                                       int auth_level);
+ int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                      unsigned int flags);
+ unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                  const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                               const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions manipulate the <b>X509_VERIFY_PARAM</b> structure associated with a certificate verification operation.</p>
+
+<p>The X509_VERIFY_PARAM_set_flags() function sets the flags in <b>param</b> by oring it with <b>flags</b>. See the <b>VERIFICATION FLAGS</b> section for a complete description of values the <b>flags</b> parameter can take.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the flags in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the inheritance flags in <b>param</b> which specifies how verification flags are copied from one structure to another. X509_VERIFY_PARAM_set_inh_flags() sets the inheritance flags. See the <b>INHERITANCE FLAGS</b> section for a description of these bits.</p>
+
+<p>X509_VERIFY_PARAM_clear_flags() clears the flags <b>flags</b> in <b>param</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_purpose() sets the verification purpose in <b>param</b> to <b>purpose</b>. This determines the acceptable purpose of the certificate chain, for example SSL client or SSL server.</p>
+
+<p>X509_VERIFY_PARAM_set_trust() sets the trust setting in <b>param</b> to <b>trust</b>.</p>
+
+<p>X509_VERIFY_PARAM_set_time() sets the verification time in <b>param</b> to <b>t</b>. Normally the current time is used.</p>
+
+<p>X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled by default) and adds <b>policy</b> to the acceptable policy set.</p>
+
+<p>X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled by default) and sets the acceptable policy set to <b>policies</b>. Any existing policy set is cleared. The <b>policies</b> parameter can be <b>NULL</b> to clear an existing policy set.</p>
+
+<p>X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to <b>depth</b>. That is the maximum number of intermediate CA certificates that can appear in a chain. A maximal depth chain contains 2 more certificates than the limit, since neither the end-entity certificate nor the trust-anchor count against this limit. Thus a <b>depth</b> limit of 0 only allows the end-entity certificate to be signed directly by the trust-anchor, while with a <b>depth</b> limit of 1 there can be one intermediate CA certificate between the trust-anchor and the end-entity certificate.</p>
+
+<p>X509_VERIFY_PARAM_set_auth_level() sets the authentication security level to <b>auth_level</b>. The authentication security level determines the acceptable signature and public key strength when verifying certificate chains. For a certificate chain to validate, the public keys of all the certificates must meet the specified security level. The signature algorithm security level is not enforced for the chain&#39;s <i>trust anchor</i> certificate, which is either directly trusted or validated by means other than its signature. See <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a> for the definitions of the available levels. The default security level is -1, or &quot;not set&quot;. At security level 0 or lower all algorithms are acceptable. Security level 1 requires at least 80-bit-equivalent security and is broadly interoperable, though it will, for example, reject MD5 signatures or RSA keys shorter than 1024 bits.</p>
+
+<p>X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to <b>name</b> clearing any previously specified host name or names. If <b>name</b> is NULL, or empty the list of hostnames is cleared, and name checks are not performed on the peer certificate. If <b>name</b> is NUL-terminated, <b>namelen</b> may be zero, otherwise <b>namelen</b> must be set to the length of <b>name</b>.</p>
+
+<p>When a hostname is specified, certificate verification automatically invokes <a href="../man3/X509_check_host.html">X509_check_host(3)</a> with flags equal to the <b>flags</b> argument given to X509_VERIFY_PARAM_set_hostflags() (default zero). Applications are strongly advised to use this interface in preference to explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, hostname checks may be out of scope with the DANE-EE(3) certificate usage, and the internal check will be suppressed as appropriate when DANE verification is enabled.</p>
+
+<p>When the subject CommonName will not be ignored, whether as a result of the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> host flag, or because no DNS subject alternative names are present in the certificate, any DNS name constraints in issuer certificates apply to the subject CommonName as well as the subject alternative name extension.</p>
+
+<p>When the subject CommonName will be ignored, whether as a result of the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> host flag, or because some DNS subject alternative names are present in the certificate, DNS name constraints in issuer certificates will not be applied to the subject DN. As described in X509_check_host(3) the <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag takes precedence over the <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any host flags previously set via a call to X509_VERIFY_PARAM_set_hostflags().</p>
+
+<p>X509_VERIFY_PARAM_add1_host() adds <b>name</b> as an additional reference identifier that can match the peer&#39;s certificate. Any previous names set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host() are retained, no change is made if <b>name</b> is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches.</p>
+
+<p>X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject CommonName from the peer certificate that matched one of the reference identifiers. When wildcard matching is not disabled, or when a reference identifier specifies a parent domain (starts with &quot;.&quot;) rather than a hostname, the peer name may be a wildcard name or a sub-domain of the reference identifier respectively. The return string is allocated by the library and is no longer valid once the associated <b>param</b> argument is freed. Applications must not free the return value.</p>
+
+<p>X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to <b>email</b>. If <b>email</b> is NUL-terminated, <b>emaillen</b> may be zero, otherwise <b>emaillen</b> must be set to the length of <b>email</b>. When an email address is specified, certificate verification automatically invokes <a href="../man3/X509_check_email.html">X509_check_email(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip() sets the expected IP address to <b>ip</b>. The <b>ip</b> argument is in binary format, in network byte-order and <b>iplen</b> must be set to 4 for IPv4 and 16 for IPv6. When an IP address is specified, certificate verification automatically invokes <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>.</p>
+
+<p>X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to <b>ipasc</b>. The <b>ipasc</b> argument is a NUL-terminal ASCII string: dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. The condensed &quot;::&quot; notation is supported for IPv6 addresses.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), X509_VERIFY_PARAM_set_inh_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(), X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_add1_host(), X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for failure.</p>
+
+<p>X509_VERIFY_PARAM_get_flags() returns the current verification flags.</p>
+
+<p>X509_VERIFY_PARAM_get_hostflags() returns any current host flags.</p>
+
+<p>X509_VERIFY_PARAM_get_inh_flags() returns the current inheritance flags.</p>
+
+<p>X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return values.</p>
+
+<p>X509_VERIFY_PARAM_get_depth() returns the current verification depth.</p>
+
+<p>X509_VERIFY_PARAM_get_auth_level() returns the current authentication security level.</p>
+
+<h1 id="VERIFICATION-FLAGS">VERIFICATION FLAGS</h1>
+
+<p>The verification flags consists of zero or more of the following flags ored together.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK</b> enables CRL checking for the certificate chain leaf certificate. An error occurs if a suitable CRL cannot be found.</p>
+
+<p><b>X509_V_FLAG_CRL_CHECK_ALL</b> enables CRL checking for the entire certificate chain.</p>
+
+<p><b>X509_V_FLAG_IGNORE_CRITICAL</b> disabled critical extension checking. By default any unhandled critical extensions in certificates or (if checked) CRLs results in a fatal error. If this flag is set unhandled critical extensions are ignored. <b>WARNING</b> setting this option for anything other than debugging purposes can be a security risk. Finer control over which extensions are supported can be performed in the verification callback.</p>
+
+<p>The <b>X509_V_FLAG_X509_STRICT</b> flag disables workarounds for some broken certificates and makes the verification strictly apply <b>X509</b> rules.</p>
+
+<p><b>X509_V_FLAG_ALLOW_PROXY_CERTS</b> enables proxy certificate verification.</p>
+
+<p><b>X509_V_FLAG_POLICY_CHECK</b> enables certificate policy checking, by default no policy checking is performed. Additional information is sent to the verification callback relating to policy checking.</p>
+
+<p><b>X509_V_FLAG_EXPLICIT_POLICY</b>, <b>X509_V_FLAG_INHIBIT_ANY</b> and <b>X509_V_FLAG_INHIBIT_MAP</b> set the <b>require explicit policy</b>, <b>inhibit any policy</b> and <b>inhibit policy mapping</b> flags respectively as defined in <b>RFC3280</b>. Policy checking is automatically enabled if any of these flags are set.</p>
+
+<p>If <b>X509_V_FLAG_NOTIFY_POLICY</b> is set and the policy checking is successful a special status code is set to the verification callback. This permits it to examine the valid policy tree and perform additional checks or simply log it for debugging purposes.</p>
+
+<p>By default some additional features such as indirect CRLs and CRLs signed by different keys are disabled. If <b>X509_V_FLAG_EXTENDED_CRL_SUPPORT</b> is set they are enabled.</p>
+
+<p>If <b>X509_V_FLAG_USE_DELTAS</b> is set delta CRLs (if present) are used to determine certificate status. If not set deltas are ignored.</p>
+
+<p><b>X509_V_FLAG_CHECK_SS_SIGNATURE</b> enables checking of the root CA self signed certificate signature. By default this check is disabled because it doesn&#39;t add any additional security but in some cases applications might want to check the signature anyway. A side effect of not checking the root CA signature is that disabled or unsupported message digests on the root CA are not treated as fatal errors.</p>
+
+<p>When <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, construction of the certificate chain in <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a> will search the trust store for issuer certificates before searching the provided untrusted certificates. Local issuer certificates are often more likely to satisfy local security requirements and lead to a locally trusted root. This is especially important when some certificates in the trust store have explicit trust settings (see &quot;TRUST SETTINGS&quot; in <a href="../man1/x509.html">x509(1)</a>). As of OpenSSL 1.1.0 this option is on by default.</p>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag suppresses checking for alternative chains. By default, unless <b>X509_V_FLAG_TRUSTED_FIRST</b> is set, when building a certificate chain, if the first certificate chain found is not trusted, then OpenSSL will attempt to replace untrusted certificates supplied by the peer with certificates from the trust store to see if an alternative chain can be found that is trusted. As of OpenSSL 1.1.0, with <b>X509_V_FLAG_TRUSTED_FIRST</b> always set, this option has no effect.</p>
+
+<p>The <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag causes intermediate certificates in the trust store to be treated as trust-anchors, in the same way as the self-signed root CA certificates. This makes it possible to trust certificates issued by an intermediate CA without having to trust its ancestor root CA. With OpenSSL 1.1.0 and later and &lt;X509_V_FLAG_PARTIAL_CHAIN&gt; set, chain construction stops as soon as the first certificate from the trust store is added to the chain, whether that certificate is a self-signed &quot;root&quot; certificate or a not self-signed intermediate certificate. Thus, when an intermediate certificate is found in the trust store, the verified chain passed to callbacks may be shorter than it otherwise would be without the <b>X509_V_FLAG_PARTIAL_CHAIN</b> flag.</p>
+
+<p>The <b>X509_V_FLAG_NO_CHECK_TIME</b> flag suppresses checking the validity period of certificates and CRLs against the current time. If X509_VERIFY_PARAM_set_time() is used to specify a verification time, the check is not suppressed.</p>
+
+<h1 id="INHERITANCE-FLAGS">INHERITANCE FLAGS</h1>
+
+<p>These flags specify how parameters are &quot;inherited&quot; from one structure to another.</p>
+
+<p>If <b>X509_VP_FLAG_ONCE</b> is set then the current setting is zeroed after the next call.</p>
+
+<p>If <b>X509_VP_FLAG_LOCKED</b> is set then no values are copied. This overrides all of the following flags.</p>
+
+<p>If <b>X509_VP_FLAG_DEFAULT</b> is set then anything set in the source is copied to the destination. Effectively the values in &quot;to&quot; become default values which will be used only if nothing new is set in &quot;from&quot;. This is the default.</p>
+
+<p>If <b>X509_VP_FLAG_OVERWRITE</b> is set then all value are copied across whether they are set or not. Flags is still Ored though.</p>
+
+<p>If <b>X509_VP_FLAG_RESET_FLAGS</b> is set then the flags value is copied instead of ORed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used to manipulate verification parameters instead of functions which work in specific structures such as X509_STORE_CTX_set_flags() which are likely to be deprecated in a future release.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Delta CRL checking is currently primitive. Only a single delta can be used and (partly due to limitations of <b>X509_STORE</b>) constructed CRLs are not maintained.</p>
+
+<p>If CRLs checking is enable CRLs are expected to be available in the corresponding <b>X509_STORE</b> structure. No attempt is made to download CRLs from the CRL distribution points extension.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Enable CRL checking when performing certificate verification during SSL connections associated with an <b>SSL_CTX</b> structure <b>ctx</b>:</p>
+
+<pre><code> X509_VERIFY_PARAM *param;
+
+ param = X509_VERIFY_PARAM_new();
+ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+ SSL_CTX_set1_param(ctx, param);
+ X509_VERIFY_PARAM_free(param);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_host.html">X509_check_host(3)</a>, <a href="../man3/X509_check_email.html">X509_check_email(3)</a>, <a href="../man3/X509_check_ip.html">X509_check_ip(3)</a>, <a href="../man1/x509.html">x509(1)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The <b>X509_V_FLAG_NO_ALT_CHAINS</b> flag was added in OpenSSL 1.1.0. The flag <b>X509_V_FLAG_CB_ISSUER_CHECK</b> was deprecated in OpenSSL 1.1.0 and has no effect.</p>
+
+<p>The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_add1_ext_i2d.html b/msys2/usr/share/doc/openssl/html/man3/X509_add1_ext_i2d.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_add1_ext_i2d.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_add_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_add_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_add_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_chain_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/X509_chain_up_ref.html
new file mode 100644
index 000000000..f14637182
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_chain_up_ref.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_chain_up_ref, X509_new, X509_free, X509_up_ref - X509 certificate ASN1 allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *X509_new(void);
+ void X509_free(X509 *a);
+ int X509_up_ref(X509 *a);
+ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 ASN1 allocation routines, allocate and free an X509 structure, which represents an X509 certificate.</p>
+
+<p>X509_new() allocates and initializes a X509 structure with reference count <b>1</b>.</p>
+
+<p>X509_free() decrements the reference count of <b>X509</b> structure <b>a</b> and frees it up if the reference count is zero. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_up_ref() increments the reference count of <b>a</b>.</p>
+
+<p>X509_chain_up_ref() increases the reference count of all certificates in chain <b>x</b> and returns a copy of the stack.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The function X509_up_ref() if useful if a certificate structure is being used by several different operations each of which will free it up after use: this avoids the need to duplicate the entire certificate structure.</p>
+
+<p>The function X509_chain_up_ref() doesn&#39;t just up the reference count of each certificate it also returns a copy of the stack, using sk_X509_dup(), but it serves a similar purpose: the returned chain persists after the original has been freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_up_ref() returns 1 for success and 0 for failure.</p>
+
+<p>X509_chain_up_ref() returns a copy of the stack or <b>NULL</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_check_ca.html b/msys2/usr/share/doc/openssl/html/man3/X509_check_ca.html
new file mode 100644
index 000000000..87815f459
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_check_ca.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_check_ca</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_check_ca - check if given certificate is CA certificate</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ int X509_check_ca(X509 *cert);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This function checks if given certificate is CA certificate (can be used to sign other certificates).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Function return 0, if it is not CA certificate, 1 if it is proper X509v3 CA certificate with <b>basicConstraints</b> extension CA:TRUE, 3, if it is self-signed X509 v1 certificate, 4, if it is certificate with <b>keyUsage</b> extension with bit <b>keyCertSign</b> set, but without <b>basicConstraints</b>, and 5 if it has outdated Netscape Certificate Type extension telling that it is CA certificate.</p>
+
+<p>Actually, any non-zero value means that this certificate could have been used to sign other certificates.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_issued.html">X509_check_issued(3)</a>, <a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_check_email.html b/msys2/usr/share/doc/openssl/html/man3/X509_check_email.html
new file mode 100644
index 000000000..aa0c77b99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_check_email.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_check_host</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_check_host, X509_check_email, X509_check_ip, X509_check_ip_asc - X.509 certificate matching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ int X509_check_host(X509 *, const char *name, size_t namelen,
+                     unsigned int flags, char **peername);
+ int X509_check_email(X509 *, const char *address, size_t addresslen,
+                      unsigned int flags);
+ int X509_check_ip(X509 *, const unsigned char *address, size_t addresslen,
+                   unsigned int flags);
+ int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The certificate matching functions are used to check whether a certificate matches a given host name, email address, or IP address. The validity of the certificate and its trust level has to be checked by other means.</p>
+
+<p>X509_check_host() checks if the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the specified host name, which must be encoded in the preferred name syntax described in section 3.5 of RFC 1034. By default, wildcards are supported and they match only in the left-most label; but they may match part of that label with an explicit prefix or suffix. For example, by default, the host <b>name</b> &quot;www.example.com&quot; would match a certificate with a SAN or CN value of &quot;*.example.com&quot;, &quot;w*.example.com&quot; or &quot;*w.example.com&quot;.</p>
+
+<p>Per section 6.4.2 of RFC 6125, <b>name</b> values representing international domain names must be given in A-label form. The <b>namelen</b> argument must be the number of characters in the name string or zero in which case the length is calculated with strlen(<b>name</b>). When <b>name</b> starts with a dot (e.g &quot;.example.com&quot;), it will be matched by a certificate valid for any sub-domain of <b>name</b>, (see also <b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b> below).</p>
+
+<p>When the certificate is matched, and <b>peername</b> is not NULL, a pointer to a copy of the matching SAN or CN from the peer certificate is stored at the address passed in <b>peername</b>. The application is responsible for freeing the peername via OPENSSL_free() when it is no longer needed.</p>
+
+<p>X509_check_email() checks if the certificate matches the specified email <b>address</b>. Only the mailbox syntax of RFC 822 is supported, comments are not allowed, and no attempt is made to normalize quoted characters. The <b>addresslen</b> argument must be the number of characters in the address string or zero in which case the length is calculated with strlen(<b>address</b>).</p>
+
+<p>X509_check_ip() checks if the certificate matches a specified IPv4 or IPv6 address. The <b>address</b> array is in binary format, in network byte order. The length is either 4 (IPv4) or 16 (IPv6). Only explicitly marked addresses in the certificates are considered; IP addresses stored in DNS names and Common Names are ignored.</p>
+
+<p>X509_check_ip_asc() is similar, except that the NUL-terminated string <b>address</b> is first converted to the internal representation.</p>
+
+<p>The <b>flags</b> argument is usually 0. It can be the bitwise OR of the flags:</p>
+
+<dl>
+
+<dt id="X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT"><b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NEVER_CHECK_SUBJECT"><b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NO_WILDCARDS"><b>X509_CHECK_FLAG_NO_WILDCARDS</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS"><b>X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS"><b>X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS</b>.</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS"><b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b>.</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>The <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag causes the function to consider the subject DN even if the certificate contains at least one subject alternative name of the right type (DNS name or email address as appropriate); the default is to ignore the subject DN when at least one corresponding subject alternative names is present.</p>
+
+<p>The <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag causes the function to never consider the subject DN even if the certificate contains no subject alternative names of the right type (DNS name or email address as appropriate); the default is to use the subject DN when no corresponding subject alternative names are present. If both <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> and <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> are specified, the latter takes precedence and the subject DN is not checked for matching names.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_NO_WILDCARDS</b> disables wildcard expansion; this only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS</b> suppresses support for &quot;*&quot; as wildcard pattern in labels that have a prefix or suffix, such as: &quot;www*&quot; or &quot;*www&quot;; this only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS</b> allows a &quot;*&quot; that constitutes the complete label of a DNS name (e.g. &quot;*.example.com&quot;) to match more than one label in <b>name</b>; this flag only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b> restricts <b>name</b> values which start with &quot;.&quot;, that would otherwise match any sub-domain in the peer certificate, to only match direct child sub-domains. Thus, for instance, with this flag set a <b>name</b> of &quot;.example.com&quot; would match a peer certificate with a DNS name of &quot;www.example.com&quot;, but would not match a peer certificate with a DNS name of &quot;www.sub.example.com&quot;; this flag only applies to <b>X509_check_host</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 for a successful match, 0 for a failed match and -1 for an internal error: typically a memory allocation failure or an ASN.1 decoding error.</p>
+
+<p>All functions can also return -2 if the input is malformed. For example, X509_check_host() returns -2 if the provided <b>name</b> contains embedded NULs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications are encouraged to use X509_VERIFY_PARAM_set1_host() rather than explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>. Host name checks may be out of scope with the DANE-EE(3) certificate usage, and the internal checks will be suppressed as appropriate when DANE support is enabled.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_host.html">X509_VERIFY_PARAM_set1_host(3)</a>, <a href="../man3/X509_VERIFY_PARAM_add1_host.html">X509_VERIFY_PARAM_add1_host(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_email.html">X509_VERIFY_PARAM_set1_email(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_ip.html">X509_VERIFY_PARAM_set1_ip(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_ipasc.html">X509_VERIFY_PARAM_set1_ipasc(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_check_host.html b/msys2/usr/share/doc/openssl/html/man3/X509_check_host.html
new file mode 100644
index 000000000..aa0c77b99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_check_host.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_check_host</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_check_host, X509_check_email, X509_check_ip, X509_check_ip_asc - X.509 certificate matching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ int X509_check_host(X509 *, const char *name, size_t namelen,
+                     unsigned int flags, char **peername);
+ int X509_check_email(X509 *, const char *address, size_t addresslen,
+                      unsigned int flags);
+ int X509_check_ip(X509 *, const unsigned char *address, size_t addresslen,
+                   unsigned int flags);
+ int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The certificate matching functions are used to check whether a certificate matches a given host name, email address, or IP address. The validity of the certificate and its trust level has to be checked by other means.</p>
+
+<p>X509_check_host() checks if the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the specified host name, which must be encoded in the preferred name syntax described in section 3.5 of RFC 1034. By default, wildcards are supported and they match only in the left-most label; but they may match part of that label with an explicit prefix or suffix. For example, by default, the host <b>name</b> &quot;www.example.com&quot; would match a certificate with a SAN or CN value of &quot;*.example.com&quot;, &quot;w*.example.com&quot; or &quot;*w.example.com&quot;.</p>
+
+<p>Per section 6.4.2 of RFC 6125, <b>name</b> values representing international domain names must be given in A-label form. The <b>namelen</b> argument must be the number of characters in the name string or zero in which case the length is calculated with strlen(<b>name</b>). When <b>name</b> starts with a dot (e.g &quot;.example.com&quot;), it will be matched by a certificate valid for any sub-domain of <b>name</b>, (see also <b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b> below).</p>
+
+<p>When the certificate is matched, and <b>peername</b> is not NULL, a pointer to a copy of the matching SAN or CN from the peer certificate is stored at the address passed in <b>peername</b>. The application is responsible for freeing the peername via OPENSSL_free() when it is no longer needed.</p>
+
+<p>X509_check_email() checks if the certificate matches the specified email <b>address</b>. Only the mailbox syntax of RFC 822 is supported, comments are not allowed, and no attempt is made to normalize quoted characters. The <b>addresslen</b> argument must be the number of characters in the address string or zero in which case the length is calculated with strlen(<b>address</b>).</p>
+
+<p>X509_check_ip() checks if the certificate matches a specified IPv4 or IPv6 address. The <b>address</b> array is in binary format, in network byte order. The length is either 4 (IPv4) or 16 (IPv6). Only explicitly marked addresses in the certificates are considered; IP addresses stored in DNS names and Common Names are ignored.</p>
+
+<p>X509_check_ip_asc() is similar, except that the NUL-terminated string <b>address</b> is first converted to the internal representation.</p>
+
+<p>The <b>flags</b> argument is usually 0. It can be the bitwise OR of the flags:</p>
+
+<dl>
+
+<dt id="X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT"><b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NEVER_CHECK_SUBJECT"><b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NO_WILDCARDS"><b>X509_CHECK_FLAG_NO_WILDCARDS</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS"><b>X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS"><b>X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS</b>.</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS"><b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b>.</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>The <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag causes the function to consider the subject DN even if the certificate contains at least one subject alternative name of the right type (DNS name or email address as appropriate); the default is to ignore the subject DN when at least one corresponding subject alternative names is present.</p>
+
+<p>The <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag causes the function to never consider the subject DN even if the certificate contains no subject alternative names of the right type (DNS name or email address as appropriate); the default is to use the subject DN when no corresponding subject alternative names are present. If both <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> and <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> are specified, the latter takes precedence and the subject DN is not checked for matching names.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_NO_WILDCARDS</b> disables wildcard expansion; this only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS</b> suppresses support for &quot;*&quot; as wildcard pattern in labels that have a prefix or suffix, such as: &quot;www*&quot; or &quot;*www&quot;; this only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS</b> allows a &quot;*&quot; that constitutes the complete label of a DNS name (e.g. &quot;*.example.com&quot;) to match more than one label in <b>name</b>; this flag only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b> restricts <b>name</b> values which start with &quot;.&quot;, that would otherwise match any sub-domain in the peer certificate, to only match direct child sub-domains. Thus, for instance, with this flag set a <b>name</b> of &quot;.example.com&quot; would match a peer certificate with a DNS name of &quot;www.example.com&quot;, but would not match a peer certificate with a DNS name of &quot;www.sub.example.com&quot;; this flag only applies to <b>X509_check_host</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 for a successful match, 0 for a failed match and -1 for an internal error: typically a memory allocation failure or an ASN.1 decoding error.</p>
+
+<p>All functions can also return -2 if the input is malformed. For example, X509_check_host() returns -2 if the provided <b>name</b> contains embedded NULs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications are encouraged to use X509_VERIFY_PARAM_set1_host() rather than explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>. Host name checks may be out of scope with the DANE-EE(3) certificate usage, and the internal checks will be suppressed as appropriate when DANE support is enabled.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_host.html">X509_VERIFY_PARAM_set1_host(3)</a>, <a href="../man3/X509_VERIFY_PARAM_add1_host.html">X509_VERIFY_PARAM_add1_host(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_email.html">X509_VERIFY_PARAM_set1_email(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_ip.html">X509_VERIFY_PARAM_set1_ip(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_ipasc.html">X509_VERIFY_PARAM_set1_ipasc(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_check_ip.html b/msys2/usr/share/doc/openssl/html/man3/X509_check_ip.html
new file mode 100644
index 000000000..aa0c77b99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_check_ip.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_check_host</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_check_host, X509_check_email, X509_check_ip, X509_check_ip_asc - X.509 certificate matching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ int X509_check_host(X509 *, const char *name, size_t namelen,
+                     unsigned int flags, char **peername);
+ int X509_check_email(X509 *, const char *address, size_t addresslen,
+                      unsigned int flags);
+ int X509_check_ip(X509 *, const unsigned char *address, size_t addresslen,
+                   unsigned int flags);
+ int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The certificate matching functions are used to check whether a certificate matches a given host name, email address, or IP address. The validity of the certificate and its trust level has to be checked by other means.</p>
+
+<p>X509_check_host() checks if the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the specified host name, which must be encoded in the preferred name syntax described in section 3.5 of RFC 1034. By default, wildcards are supported and they match only in the left-most label; but they may match part of that label with an explicit prefix or suffix. For example, by default, the host <b>name</b> &quot;www.example.com&quot; would match a certificate with a SAN or CN value of &quot;*.example.com&quot;, &quot;w*.example.com&quot; or &quot;*w.example.com&quot;.</p>
+
+<p>Per section 6.4.2 of RFC 6125, <b>name</b> values representing international domain names must be given in A-label form. The <b>namelen</b> argument must be the number of characters in the name string or zero in which case the length is calculated with strlen(<b>name</b>). When <b>name</b> starts with a dot (e.g &quot;.example.com&quot;), it will be matched by a certificate valid for any sub-domain of <b>name</b>, (see also <b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b> below).</p>
+
+<p>When the certificate is matched, and <b>peername</b> is not NULL, a pointer to a copy of the matching SAN or CN from the peer certificate is stored at the address passed in <b>peername</b>. The application is responsible for freeing the peername via OPENSSL_free() when it is no longer needed.</p>
+
+<p>X509_check_email() checks if the certificate matches the specified email <b>address</b>. Only the mailbox syntax of RFC 822 is supported, comments are not allowed, and no attempt is made to normalize quoted characters. The <b>addresslen</b> argument must be the number of characters in the address string or zero in which case the length is calculated with strlen(<b>address</b>).</p>
+
+<p>X509_check_ip() checks if the certificate matches a specified IPv4 or IPv6 address. The <b>address</b> array is in binary format, in network byte order. The length is either 4 (IPv4) or 16 (IPv6). Only explicitly marked addresses in the certificates are considered; IP addresses stored in DNS names and Common Names are ignored.</p>
+
+<p>X509_check_ip_asc() is similar, except that the NUL-terminated string <b>address</b> is first converted to the internal representation.</p>
+
+<p>The <b>flags</b> argument is usually 0. It can be the bitwise OR of the flags:</p>
+
+<dl>
+
+<dt id="X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT"><b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NEVER_CHECK_SUBJECT"><b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NO_WILDCARDS"><b>X509_CHECK_FLAG_NO_WILDCARDS</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS"><b>X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS"><b>X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS</b>.</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS"><b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b>.</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>The <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag causes the function to consider the subject DN even if the certificate contains at least one subject alternative name of the right type (DNS name or email address as appropriate); the default is to ignore the subject DN when at least one corresponding subject alternative names is present.</p>
+
+<p>The <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag causes the function to never consider the subject DN even if the certificate contains no subject alternative names of the right type (DNS name or email address as appropriate); the default is to use the subject DN when no corresponding subject alternative names are present. If both <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> and <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> are specified, the latter takes precedence and the subject DN is not checked for matching names.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_NO_WILDCARDS</b> disables wildcard expansion; this only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS</b> suppresses support for &quot;*&quot; as wildcard pattern in labels that have a prefix or suffix, such as: &quot;www*&quot; or &quot;*www&quot;; this only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS</b> allows a &quot;*&quot; that constitutes the complete label of a DNS name (e.g. &quot;*.example.com&quot;) to match more than one label in <b>name</b>; this flag only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b> restricts <b>name</b> values which start with &quot;.&quot;, that would otherwise match any sub-domain in the peer certificate, to only match direct child sub-domains. Thus, for instance, with this flag set a <b>name</b> of &quot;.example.com&quot; would match a peer certificate with a DNS name of &quot;www.example.com&quot;, but would not match a peer certificate with a DNS name of &quot;www.sub.example.com&quot;; this flag only applies to <b>X509_check_host</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 for a successful match, 0 for a failed match and -1 for an internal error: typically a memory allocation failure or an ASN.1 decoding error.</p>
+
+<p>All functions can also return -2 if the input is malformed. For example, X509_check_host() returns -2 if the provided <b>name</b> contains embedded NULs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications are encouraged to use X509_VERIFY_PARAM_set1_host() rather than explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>. Host name checks may be out of scope with the DANE-EE(3) certificate usage, and the internal checks will be suppressed as appropriate when DANE support is enabled.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_host.html">X509_VERIFY_PARAM_set1_host(3)</a>, <a href="../man3/X509_VERIFY_PARAM_add1_host.html">X509_VERIFY_PARAM_add1_host(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_email.html">X509_VERIFY_PARAM_set1_email(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_ip.html">X509_VERIFY_PARAM_set1_ip(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_ipasc.html">X509_VERIFY_PARAM_set1_ipasc(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_check_ip_asc.html b/msys2/usr/share/doc/openssl/html/man3/X509_check_ip_asc.html
new file mode 100644
index 000000000..aa0c77b99
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_check_ip_asc.html
@@ -0,0 +1,128 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_check_host</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_check_host, X509_check_email, X509_check_ip, X509_check_ip_asc - X.509 certificate matching</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ int X509_check_host(X509 *, const char *name, size_t namelen,
+                     unsigned int flags, char **peername);
+ int X509_check_email(X509 *, const char *address, size_t addresslen,
+                      unsigned int flags);
+ int X509_check_ip(X509 *, const unsigned char *address, size_t addresslen,
+                   unsigned int flags);
+ int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The certificate matching functions are used to check whether a certificate matches a given host name, email address, or IP address. The validity of the certificate and its trust level has to be checked by other means.</p>
+
+<p>X509_check_host() checks if the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the specified host name, which must be encoded in the preferred name syntax described in section 3.5 of RFC 1034. By default, wildcards are supported and they match only in the left-most label; but they may match part of that label with an explicit prefix or suffix. For example, by default, the host <b>name</b> &quot;www.example.com&quot; would match a certificate with a SAN or CN value of &quot;*.example.com&quot;, &quot;w*.example.com&quot; or &quot;*w.example.com&quot;.</p>
+
+<p>Per section 6.4.2 of RFC 6125, <b>name</b> values representing international domain names must be given in A-label form. The <b>namelen</b> argument must be the number of characters in the name string or zero in which case the length is calculated with strlen(<b>name</b>). When <b>name</b> starts with a dot (e.g &quot;.example.com&quot;), it will be matched by a certificate valid for any sub-domain of <b>name</b>, (see also <b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b> below).</p>
+
+<p>When the certificate is matched, and <b>peername</b> is not NULL, a pointer to a copy of the matching SAN or CN from the peer certificate is stored at the address passed in <b>peername</b>. The application is responsible for freeing the peername via OPENSSL_free() when it is no longer needed.</p>
+
+<p>X509_check_email() checks if the certificate matches the specified email <b>address</b>. Only the mailbox syntax of RFC 822 is supported, comments are not allowed, and no attempt is made to normalize quoted characters. The <b>addresslen</b> argument must be the number of characters in the address string or zero in which case the length is calculated with strlen(<b>address</b>).</p>
+
+<p>X509_check_ip() checks if the certificate matches a specified IPv4 or IPv6 address. The <b>address</b> array is in binary format, in network byte order. The length is either 4 (IPv4) or 16 (IPv6). Only explicitly marked addresses in the certificates are considered; IP addresses stored in DNS names and Common Names are ignored.</p>
+
+<p>X509_check_ip_asc() is similar, except that the NUL-terminated string <b>address</b> is first converted to the internal representation.</p>
+
+<p>The <b>flags</b> argument is usually 0. It can be the bitwise OR of the flags:</p>
+
+<dl>
+
+<dt id="X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT"><b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NEVER_CHECK_SUBJECT"><b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NO_WILDCARDS"><b>X509_CHECK_FLAG_NO_WILDCARDS</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS"><b>X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS</b>,</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS"><b>X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS</b>.</dt>
+<dd>
+
+</dd>
+<dt id="X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS"><b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b>.</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>The <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> flag causes the function to consider the subject DN even if the certificate contains at least one subject alternative name of the right type (DNS name or email address as appropriate); the default is to ignore the subject DN when at least one corresponding subject alternative names is present.</p>
+
+<p>The <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> flag causes the function to never consider the subject DN even if the certificate contains no subject alternative names of the right type (DNS name or email address as appropriate); the default is to use the subject DN when no corresponding subject alternative names are present. If both <b>X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT</b> and <b>X509_CHECK_FLAG_NEVER_CHECK_SUBJECT</b> are specified, the latter takes precedence and the subject DN is not checked for matching names.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_NO_WILDCARDS</b> disables wildcard expansion; this only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS</b> suppresses support for &quot;*&quot; as wildcard pattern in labels that have a prefix or suffix, such as: &quot;www*&quot; or &quot;*www&quot;; this only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS</b> allows a &quot;*&quot; that constitutes the complete label of a DNS name (e.g. &quot;*.example.com&quot;) to match more than one label in <b>name</b>; this flag only applies to <b>X509_check_host</b>.</p>
+
+<p>If set, <b>X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS</b> restricts <b>name</b> values which start with &quot;.&quot;, that would otherwise match any sub-domain in the peer certificate, to only match direct child sub-domains. Thus, for instance, with this flag set a <b>name</b> of &quot;.example.com&quot; would match a peer certificate with a DNS name of &quot;www.example.com&quot;, but would not match a peer certificate with a DNS name of &quot;www.sub.example.com&quot;; this flag only applies to <b>X509_check_host</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The functions return 1 for a successful match, 0 for a failed match and -1 for an internal error: typically a memory allocation failure or an ASN.1 decoding error.</p>
+
+<p>All functions can also return -2 if the input is malformed. For example, X509_check_host() returns -2 if the provided <b>name</b> contains embedded NULs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications are encouraged to use X509_VERIFY_PARAM_set1_host() rather than explicitly calling <a href="../man3/X509_check_host.html">X509_check_host(3)</a>. Host name checks may be out of scope with the DANE-EE(3) certificate usage, and the internal checks will be suppressed as appropriate when DANE support is enabled.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_host.html">X509_VERIFY_PARAM_set1_host(3)</a>, <a href="../man3/X509_VERIFY_PARAM_add1_host.html">X509_VERIFY_PARAM_add1_host(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_email.html">X509_VERIFY_PARAM_set1_email(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_ip.html">X509_VERIFY_PARAM_set1_ip(3)</a>, <a href="../man3/X509_VERIFY_PARAM_set1_ipasc.html">X509_VERIFY_PARAM_set1_ipasc(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.0.2.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_check_issued.html b/msys2/usr/share/doc/openssl/html/man3/X509_check_issued.html
new file mode 100644
index 000000000..1790fa9be
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_check_issued.html
@@ -0,0 +1,56 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_check_issued</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_check_issued - checks if certificate is issued by another certificate</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ int X509_check_issued(X509 *issuer, X509 *subject);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This function checks if certificate <i>subject</i> was issued using CA certificate <i>issuer</i>. This function takes into account not only matching of issuer field of <i>subject</i> with subject field of <i>issuer</i>, but also compares <b>authorityKeyIdentifier</b> extension of <i>subject</i> with <b>subjectKeyIdentifier</b> of <i>issuer</i> if <b>authorityKeyIdentifier</b> present in the <i>subject</i> certificate and checks <b>keyUsage</b> field of <i>issuer</i>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>Function return <b>X509_V_OK</b> if certificate <i>subject</i> is issued by <i>issuer</i> or some <b>X509_V_ERR*</b> constant to indicate an error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_check_ca.html">X509_check_ca(3)</a>, <a href="../man1/verify.html">verify(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_check_private_key.html b/msys2/usr/share/doc/openssl/html/man3/X509_check_private_key.html
new file mode 100644
index 000000000..8b6b15416
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_check_private_key.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_check_private_key</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_check_private_key, X509_REQ_check_private_key - check the consistency of a private key with the public key in an X509 certificate or certificate request</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_check_private_key(X509 *x, EVP_PKEY *k);
+
+ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_check_private_key() function checks the consistency of private key <b>k</b> with the public key in <b>x</b>.</p>
+
+<p>X509_REQ_check_private_key() is equivalent to X509_check_private_key() except that <b>x</b> represents a certificate request of structure <b>X509_REQ</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_check_private_key() and X509_REQ_check_private_key() return 1 if the keys match each other, and 0 if not.</p>
+
+<p>If the key is invalid or an error occurred, the reason code can be obtained using <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The <b>check_private_key</b> functions don&#39;t check if <b>k</b> itself is indeed a private key or not. It merely compares the public materials (e.g. exponent and modulus of an RSA key) and/or key parameters (e.g. EC params of an EC key) of a key pair. So if you pass a public key to these functions in <b>k</b>, it will return success.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_cmp_current_time.html b/msys2/usr/share/doc/openssl/html/man3/X509_cmp_current_time.html
new file mode 100644
index 000000000..4ac261fb8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_cmp_current_time.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_cmp_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_cmp_time, X509_cmp_current_time, X509_time_adj, X509_time_adj_ex - X509 time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_cmp_time(const ASN1_TIME *asn1_time, time_t *in_tm);
+ int X509_cmp_current_time(const ASN1_TIME *asn1_time);
+ ASN1_TIME *X509_time_adj(ASN1_TIME *asn1_time, long offset_sec, time_t *in_tm);
+ ASN1_TIME *X509_time_adj_ex(ASN1_TIME *asn1_time, int offset_day, long
+                             offset_sec, time_t *in_tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_cmp_time() compares the ASN1_TIME in <b>asn1_time</b> with the time in &lt;cmp_time&gt;. X509_cmp_current_time() compares the ASN1_TIME in <b>asn1_time</b> with the current time, expressed as time_t. <b>asn1_time</b> must satisfy the ASN1_TIME format mandated by RFC 5280, i.e., its format must be either YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ.</p>
+
+<p>X509_time_adj_ex() sets the ASN1_TIME structure <b>asn1_time</b> to the time <b>offset_day</b> and <b>offset_sec</b> after <b>in_tm</b>.</p>
+
+<p>X509_time_adj() sets the ASN1_TIME structure <b>asn1_time</b> to the time <b>offset_sec</b> after <b>in_tm</b>. This method can only handle second offsets up to the capacity of long, so the newer X509_time_adj_ex() API should be preferred.</p>
+
+<p>In both methods, if <b>asn1_time</b> is NULL, a new ASN1_TIME structure is allocated and returned.</p>
+
+<p>In all methods, if <b>in_tm</b> is NULL, the current time, expressed as time_t, is used.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Unlike many standard comparison functions, X509_cmp_time() and X509_cmp_current_time() return 0 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_cmp_time() and X509_cmp_current_time() return -1 if <b>asn1_time</b> is earlier than, or equal to, <b>cmp_time</b> (resp. current time), and 1 otherwise. These methods return 0 on error.</p>
+
+<p>X509_time_adj() and X509_time_adj_ex() return a pointer to the updated ASN1_TIME structure, and NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_cmp_time.html b/msys2/usr/share/doc/openssl/html/man3/X509_cmp_time.html
new file mode 100644
index 000000000..4ac261fb8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_cmp_time.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_cmp_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_cmp_time, X509_cmp_current_time, X509_time_adj, X509_time_adj_ex - X509 time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_cmp_time(const ASN1_TIME *asn1_time, time_t *in_tm);
+ int X509_cmp_current_time(const ASN1_TIME *asn1_time);
+ ASN1_TIME *X509_time_adj(ASN1_TIME *asn1_time, long offset_sec, time_t *in_tm);
+ ASN1_TIME *X509_time_adj_ex(ASN1_TIME *asn1_time, int offset_day, long
+                             offset_sec, time_t *in_tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_cmp_time() compares the ASN1_TIME in <b>asn1_time</b> with the time in &lt;cmp_time&gt;. X509_cmp_current_time() compares the ASN1_TIME in <b>asn1_time</b> with the current time, expressed as time_t. <b>asn1_time</b> must satisfy the ASN1_TIME format mandated by RFC 5280, i.e., its format must be either YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ.</p>
+
+<p>X509_time_adj_ex() sets the ASN1_TIME structure <b>asn1_time</b> to the time <b>offset_day</b> and <b>offset_sec</b> after <b>in_tm</b>.</p>
+
+<p>X509_time_adj() sets the ASN1_TIME structure <b>asn1_time</b> to the time <b>offset_sec</b> after <b>in_tm</b>. This method can only handle second offsets up to the capacity of long, so the newer X509_time_adj_ex() API should be preferred.</p>
+
+<p>In both methods, if <b>asn1_time</b> is NULL, a new ASN1_TIME structure is allocated and returned.</p>
+
+<p>In all methods, if <b>in_tm</b> is NULL, the current time, expressed as time_t, is used.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Unlike many standard comparison functions, X509_cmp_time() and X509_cmp_current_time() return 0 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_cmp_time() and X509_cmp_current_time() return -1 if <b>asn1_time</b> is earlier than, or equal to, <b>cmp_time</b> (resp. current time), and 1 otherwise. These methods return 0 on error.</p>
+
+<p>X509_time_adj() and X509_time_adj_ex() return a pointer to the updated ASN1_TIME structure, and NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_delete_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_delete_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_delete_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_digest.html b/msys2/usr/share/doc/openssl/html/man3/X509_digest.html
new file mode 100644
index 000000000..98c8462b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_digest.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_digest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_digest, PKCS7_ISSUER_AND_SERIAL_digest - get digest of various objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
+                 unsigned int *len);
+
+ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
+                     unsigned int *len);
+
+ int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+                        unsigned char *md, unsigned int *len);
+
+ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+                     unsigned char *md, unsigned int *len);
+
+ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+                      unsigned char *md, unsigned int *len);
+
+ #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+                                    const EVP_MD *type, unsigned char *md,
+                                    unsigned int *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_pubkey_digest() returns a digest of the DER representation of the public key in the specified X509 <b>data</b> object. All other functions described here return a digest of the DER representation of their entire <b>data</b> objects.</p>
+
+<p>The <b>type</b> parameter specifies the digest to be used, such as EVP_sha1(). The <b>md</b> is a pointer to the buffer where the digest will be copied and is assumed to be large enough; the constant <b>EVP_MAX_MD_SIZE</b> is suggested. The <b>len</b> parameter, if not NULL, points to a place where the digest size will be stored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions described here return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_sha1.html">EVP_sha1(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_dup.html b/msys2/usr/share/doc/openssl/html/man3/X509_dup.html
new file mode 100644
index 000000000..f26575c27
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_dup.html
@@ -0,0 +1,76 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_dup</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS, ASN1_ITEM, ACCESS_DESCRIPTION_free, ACCESS_DESCRIPTION_new, ADMISSIONS_free, ADMISSIONS_new, ADMISSION_SYNTAX_free, ADMISSION_SYNTAX_new, ASIdOrRange_free, ASIdOrRange_new, ASIdentifierChoice_free, ASIdentifierChoice_new, ASIdentifiers_free, ASIdentifiers_new, ASRange_free, ASRange_new, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS_new, AUTHORITY_KEYID_free, AUTHORITY_KEYID_new, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS_new, CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, CRL_DIST_POINTS_free, CRL_DIST_POINTS_new, DIRECTORYSTRING_free, DIRECTORYSTRING_new, DISPLAYTEXT_free, DISPLAYTEXT_new, DIST_POINT_NAME_free, DIST_POINT_NAME_new, DIST_POINT_free, DIST_POINT_new, DSAparams_dup, ECPARAMETERS_free, ECPARAMETERS_new, ECPKPARAMETERS_free, ECPKPARAMETERS_new, EDIPARTYNAME_free, EDIPARTYNAME_new, ESS_CERT_ID_dup, ESS_CERT_ID_free, ESS_CERT_ID_new, ESS_ISSUER_SERIAL_dup, ESS_ISSUER_SERIAL_free, ESS_ISSUER_SERIAL_new, ESS_SIGNING_CERT_dup, ESS_SIGNING_CERT_free, ESS_SIGNING_CERT_new, EXTENDED_KEY_USAGE_free, EXTENDED_KEY_USAGE_new, GENERAL_NAMES_free, GENERAL_NAMES_new, GENERAL_NAME_dup, GENERAL_NAME_free, GENERAL_NAME_new, GENERAL_SUBTREE_free, GENERAL_SUBTREE_new, IPAddressChoice_free, IPAddressChoice_new, IPAddressFamily_free, IPAddressFamily_new, IPAddressOrRange_free, IPAddressOrRange_new, IPAddressRange_free, IPAddressRange_new, ISSUING_DIST_POINT_free, ISSUING_DIST_POINT_new, NAME_CONSTRAINTS_free, NAME_CONSTRAINTS_new, NAMING_AUTHORITY_free, NAMING_AUTHORITY_new, NETSCAPE_CERT_SEQUENCE_free, NETSCAPE_CERT_SEQUENCE_new, NETSCAPE_SPKAC_free, NETSCAPE_SPKAC_new, NETSCAPE_SPKI_free, NETSCAPE_SPKI_new, NOTICEREF_free, NOTICEREF_new, OCSP_BASICRESP_free, OCSP_BASICRESP_new, OCSP_CERTID_dup, OCSP_CERTID_new, OCSP_CERTSTATUS_free, OCSP_CERTSTATUS_new, OCSP_CRLID_free, OCSP_CRLID_new, OCSP_ONEREQ_free, OCSP_ONEREQ_new, OCSP_REQINFO_free, OCSP_REQINFO_new, OCSP_RESPBYTES_free, OCSP_RESPBYTES_new, OCSP_RESPDATA_free, OCSP_RESPDATA_new, OCSP_RESPID_free, OCSP_RESPID_new, OCSP_RESPONSE_new, OCSP_REVOKEDINFO_free, OCSP_REVOKEDINFO_new, OCSP_SERVICELOC_free, OCSP_SERVICELOC_new, OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, PBE2PARAM_new, PBEPARAM_free, PBEPARAM_new, PBKDF2PARAM_free, PBKDF2PARAM_new, PKCS12_BAGS_free, PKCS12_BAGS_new, PKCS12_MAC_DATA_free, PKCS12_MAC_DATA_new, PKCS12_SAFEBAG_free, PKCS12_SAFEBAG_new, PKCS12_free, PKCS12_new, PKCS7_DIGEST_free, PKCS7_DIGEST_new, PKCS7_ENCRYPT_free, PKCS7_ENCRYPT_new, PKCS7_ENC_CONTENT_free, PKCS7_ENC_CONTENT_new, PKCS7_ENVELOPE_free, PKCS7_ENVELOPE_new, PKCS7_ISSUER_AND_SERIAL_free, PKCS7_ISSUER_AND_SERIAL_new, PKCS7_RECIP_INFO_free, PKCS7_RECIP_INFO_new, PKCS7_SIGNED_free, PKCS7_SIGNED_new, PKCS7_SIGNER_INFO_free, PKCS7_SIGNER_INFO_new, PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, PKCS8_PRIV_KEY_INFO_new, PKEY_USAGE_PERIOD_free, PKEY_USAGE_PERIOD_new, POLICYINFO_free, POLICYINFO_new, POLICYQUALINFO_free, POLICYQUALINFO_new, POLICY_CONSTRAINTS_free, POLICY_CONSTRAINTS_new, POLICY_MAPPING_free, POLICY_MAPPING_new, PROFESSION_INFO_free, PROFESSION_INFO_new, PROFESSION_INFOS_free, PROFESSION_INFOS_new, PROXY_CERT_INFO_EXTENSION_free, PROXY_CERT_INFO_EXTENSION_new, PROXY_POLICY_free, PROXY_POLICY_new, RSAPrivateKey_dup, RSAPublicKey_dup, RSA_OAEP_PARAMS_free, RSA_OAEP_PARAMS_new, RSA_PSS_PARAMS_free, RSA_PSS_PARAMS_new, SCRYPT_PARAMS_free, SCRYPT_PARAMS_new, SXNETID_free, SXNETID_new, SXNET_free, SXNET_new, TLS_FEATURE_free, TLS_FEATURE_new, TS_ACCURACY_dup, TS_ACCURACY_free, TS_ACCURACY_new, TS_MSG_IMPRINT_dup, TS_MSG_IMPRINT_free, TS_MSG_IMPRINT_new, TS_REQ_dup, TS_REQ_free, TS_REQ_new, TS_RESP_dup, TS_RESP_free, TS_RESP_new, TS_STATUS_INFO_dup, TS_STATUS_INFO_free, TS_STATUS_INFO_new, TS_TST_INFO_dup, TS_TST_INFO_free, TS_TST_INFO_new, USERNOTICE_free, USERNOTICE_new, X509_ALGOR_free, X509_ALGOR_new, X509_ATTRIBUTE_dup, X509_ATTRIBUTE_free, X509_ATTRIBUTE_new, X509_CERT_AUX_free, X509_CERT_AUX_new, X509_CINF_free, X509_CINF_new, X509_CRL_INFO_free, X509_CRL_INFO_new, X509_CRL_dup, X509_CRL_free, X509_CRL_new, X509_EXTENSION_dup, X509_EXTENSION_free, X509_EXTENSION_new, X509_NAME_ENTRY_dup, X509_NAME_ENTRY_free, X509_NAME_ENTRY_new, X509_NAME_dup, X509_NAME_free, X509_NAME_new, X509_REQ_INFO_free, X509_REQ_INFO_new, X509_REQ_dup, X509_REQ_free, X509_REQ_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_new, X509_SIG_free, X509_SIG_new, X509_VAL_free, X509_VAL_new, X509_dup, - ASN1 object utilities</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/asn1t.h&gt;
+
+ DECLARE_ASN1_FUNCTIONS(type)
+ IMPLEMENT_ASN1_FUNCTIONS(stname)
+
+ typedef struct ASN1_ITEM_st ASN1_ITEM;
+
+ extern const ASN1_ITEM TYPE_it;
+ TYPE *TYPE_new(void);
+ TYPE *TYPE_dup(TYPE *a);
+ void TYPE_free(TYPE *a);
+ int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description below, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>The OpenSSL ASN1 parsing library templates are like a data-driven bytecode interpreter. Every ASN1 object as a global variable, TYPE_it, that describes the item such as its fields. (On systems which cannot export variables from shared libraries, the global is instead a function which returns a pointer to a static variable.</p>
+
+<p>The macro DECLARE_ASN1_FUNCTIONS() is typically used in header files to generate the function declarations.</p>
+
+<p>The macro IMPLEMENT_ASN1_FUNCTIONS() is used once in a source file to generate the function bodies.</p>
+
+<p>TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free().</p>
+
+<p>TYPE_dup() copies an existing object.</p>
+
+<p>TYPE_free() releases the object and all pointers and sub-objects within it.</p>
+
+<p>TYPE_print_ctx() prints the object <b>a</b> on the specified BIO <b>out</b>. Each line will be prefixed with <b>indent</b> spaces. The <b>pctx</b> specifies the printing context and is for internal use; use NULL to get the default behavior. If a print function is user-defined, then pass in any <b>pctx</b> down to any nested calls.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_new() and TYPE_dup() return a pointer to the object or NULL on failure.</p>
+
+<p>TYPE_print_ctx() returns 1 on success or zero on failure.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_free.html b/msys2/usr/share/doc/openssl/html/man3/X509_free.html
new file mode 100644
index 000000000..f14637182
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_free.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_chain_up_ref, X509_new, X509_free, X509_up_ref - X509 certificate ASN1 allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *X509_new(void);
+ void X509_free(X509 *a);
+ int X509_up_ref(X509 *a);
+ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 ASN1 allocation routines, allocate and free an X509 structure, which represents an X509 certificate.</p>
+
+<p>X509_new() allocates and initializes a X509 structure with reference count <b>1</b>.</p>
+
+<p>X509_free() decrements the reference count of <b>X509</b> structure <b>a</b> and frees it up if the reference count is zero. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_up_ref() increments the reference count of <b>a</b>.</p>
+
+<p>X509_chain_up_ref() increases the reference count of all certificates in chain <b>x</b> and returns a copy of the stack.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The function X509_up_ref() if useful if a certificate structure is being used by several different operations each of which will free it up after use: this avoids the need to duplicate the entire certificate structure.</p>
+
+<p>The function X509_chain_up_ref() doesn&#39;t just up the reference count of each certificate it also returns a copy of the stack, using sk_X509_dup(), but it serves a similar purpose: the returned chain persists after the original has been freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_up_ref() returns 1 for success and 0 for failure.</p>
+
+<p>X509_chain_up_ref() returns a copy of the stack or <b>NULL</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_authority_key_id.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_authority_key_id.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_authority_key_id.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_extensions.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_extensions.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_extensions.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_notAfter.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_notAfter.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_notAfter.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_notBefore.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_notBefore.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_notBefore.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_pubkey.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_pubkey.html
new file mode 100644
index 000000000..28c43843e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_pubkey.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_pubkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request public key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ EVP_PKEY *X509_get_pubkey(X509 *x);
+ EVP_PKEY *X509_get0_pubkey(const X509 *x);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
+
+ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+ EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_pubkey() attempts to decode the public key for certificate <b>x</b>. If successful it returns the public key as an <b>EVP_PKEY</b> pointer with its reference count incremented: this means the returned key must be freed up after use. X509_get0_pubkey() is similar except it does <b>not</b> increment the reference count of the returned <b>EVP_PKEY</b> so it must not be freed up after use.</p>
+
+<p>X509_get_X509_PUBKEY() returns an internal pointer to the <b>X509_PUBKEY</b> structure which encodes the certificate of <b>x</b>. The returned value must not be freed up after use.</p>
+
+<p>X509_set_pubkey() attempts to set the public key for certificate <b>x</b> to <b>pkey</b>. The key <b>pkey</b> should be freed up after use.</p>
+
+<p>X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request <b>req</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The first time a public key is decoded the <b>EVP_PKEY</b> structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_set_pubkey() and X509_REQ_set_pubkey() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_serialNumber.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_serialNumber.html
new file mode 100644
index 000000000..6798259e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_serialNumber.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_serialNumber</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_serialNumber, X509_get0_serialNumber, X509_set_serialNumber - get or set certificate serial number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+ const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x);
+ int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_serialNumber() returns the serial number of certificate <b>x</b> as an <b>ASN1_INTEGER</b> structure which can be examined or initialised. The value returned is an internal pointer which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_serialNumber() is the same as X509_get_serialNumber() except it accepts a const parameter and returns a const result.</p>
+
+<p>X509_set_serialNumber() sets the serial number of certificate <b>x</b> to <b>serial</b>. A copy of the serial number is used internally so <b>serial</b> should be freed up after use.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_serialNumber() and X509_get0_serialNumber() return an <b>ASN1_INTEGER</b> structure.</p>
+
+<p>X509_set_serialNumber() returns 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get_serialNumber() and X509_set_serialNumber() functions are available in all versions of OpenSSL. The X509_get0_serialNumber() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_signature.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_signature.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_signature.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_subject_key_id.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_subject_key_id.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_subject_key_id.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_tbs_sigalg.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_tbs_sigalg.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_tbs_sigalg.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get0_uids.html b/msys2/usr/share/doc/openssl/html/man3/X509_get0_uids.html
new file mode 100644
index 000000000..4df915e58
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get0_uids.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_uids</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_uids - get certificate unique identifiers</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid,
+                     const ASN1_BIT_STRING **psuid);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_uids() sets <b>*piuid</b> and <b>*psuid</b> to the issuer and subject unique identifiers of certificate <b>x</b> or NULL if the fields are not present.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The issuer and subject unique identifier fields are very rarely encountered in practice outside test cases.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_uids() does not return a value.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_X509_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_X509_PUBKEY.html
new file mode 100644
index 000000000..28c43843e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_X509_PUBKEY.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_pubkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request public key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ EVP_PKEY *X509_get_pubkey(X509 *x);
+ EVP_PKEY *X509_get0_pubkey(const X509 *x);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
+
+ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+ EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_pubkey() attempts to decode the public key for certificate <b>x</b>. If successful it returns the public key as an <b>EVP_PKEY</b> pointer with its reference count incremented: this means the returned key must be freed up after use. X509_get0_pubkey() is similar except it does <b>not</b> increment the reference count of the returned <b>EVP_PKEY</b> so it must not be freed up after use.</p>
+
+<p>X509_get_X509_PUBKEY() returns an internal pointer to the <b>X509_PUBKEY</b> structure which encodes the certificate of <b>x</b>. The returned value must not be freed up after use.</p>
+
+<p>X509_set_pubkey() attempts to set the public key for certificate <b>x</b> to <b>pkey</b>. The key <b>pkey</b> should be freed up after use.</p>
+
+<p>X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request <b>req</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The first time a public key is decoded the <b>EVP_PKEY</b> structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_set_pubkey() and X509_REQ_set_pubkey() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_ex_new_index.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_ex_new_index.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_ex_new_index.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_NID.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_NID.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_OBJ.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_OBJ.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_critical.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_critical.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_by_critical.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_count.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_count.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_count.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_d2i.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_d2i.html
new file mode 100644
index 000000000..0564e7b2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_ext_d2i.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509V3_get_d2i</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</a>
+    <ul>
+      <li><a href="#PKIX-Certificate-Extensions">PKIX Certificate Extensions</a></li>
+      <li><a href="#Netscape-Certificate-Extensions">Netscape Certificate Extensions</a></li>
+      <li><a href="#Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</a></li>
+      <li><a href="#PKIX-CRL-Extensions">PKIX CRL Extensions</a></li>
+      <li><a href="#OCSP-Extensions">OCSP Extensions</a></li>
+      <li><a href="#Certificate-Transparency-Extensions">Certificate Transparency Extensions</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions, X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d, X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                      int *idx);
+ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                     int crit, unsigned long flags);
+
+ void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext);
+
+ void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+ int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                       unsigned long flags);
+
+ void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *crit, int *idx);
+ int X509_CRL_add1_ext_i2d(X509_CRL *crl, int nid, void *value, int crit,
+                           unsigned long flags);
+
+ void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *r, int nid, int *crit, int *idx);
+ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
+                               unsigned long flags);
+
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509V3_get_ext_d2i() looks for an extension with OID <b>nid</b> in the extensions <b>x</b> and, if found, decodes it. If <b>idx</b> is <b>NULL</b> then only one occurrence of an extension is permissible otherwise the first extension after index <b>*idx</b> is returned and <b>*idx</b> updated to the location of the extension. If <b>crit</b> is not <b>NULL</b> then <b>*crit</b> is set to a status value: -2 if the extension occurs multiple times (this is only returned if <b>idx</b> is <b>NULL</b>), -1 if the extension could not be found, 0 if the extension is found and is not critical and 1 if critical. A pointer to an extension specific structure or <b>NULL</b> is returned.</p>
+
+<p>X509V3_add1_i2d() adds extension <b>value</b> to STACK <b>*x</b> (allocating a new STACK if necessary) using OID <b>nid</b> and criticality <b>crit</b> according to <b>flags</b>.</p>
+
+<p>X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension <b>ext</b> and returns a pointer to an extension specific structure or <b>NULL</b> if the extension could not be decoded (invalid syntax or not supported).</p>
+
+<p>X509V3_EXT_i2d() encodes the extension specific structure <b>ext</b> with OID <b>ext_nid</b> and criticality <b>crit</b>.</p>
+
+<p>X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of certificate <b>x</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions of CRL <b>crl</b>, they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the extensions of <b>X509_REVOKED</b> structure <b>r</b> (i.e for CRL entry extensions), they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of all the extensions of a certificate a CRL or a CRL entry respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>In almost all cases an extension can occur at most once and multiple occurrences is an error. Therefore the <b>idx</b> parameter is usually <b>NULL</b>.</p>
+
+<p>The <b>flags</b> parameter may be one of the following values.</p>
+
+<p><b>X509V3_ADD_DEFAULT</b> appends a new extension only if the extension does not already exist. An error is returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_APPEND</b> appends a new extension, ignoring whether the extension already exists.</p>
+
+<p><b>X509V3_ADD_REPLACE</b> replaces an extension if it exists otherwise appends a new extension.</p>
+
+<p><b>X509V3_ADD_REPLACE_EXISTING</b> replaces an existing extension if it exists otherwise returns an error.</p>
+
+<p><b>X509V3_ADD_KEEP_EXISTING</b> appends a new extension only if the extension does not already exist. An error <b>is not</b> returned if the extension does already exist.</p>
+
+<p><b>X509V3_ADD_DELETE</b> extension <b>nid</b> is deleted: no new extension is added.</p>
+
+<p>If <b>X509V3_ADD_SILENT</b> is ored with <b>flags</b>: any error returned will not be added to the error queue.</p>
+
+<p>The function X509V3_get_d2i() will return <b>NULL</b> if the extension is not found, occurs multiple times or cannot be decoded. It is possible to determine the precise reason by checking the value of <b>*crit</b>.</p>
+
+<h1 id="SUPPORTED-EXTENSIONS">SUPPORTED EXTENSIONS</h1>
+
+<p>The following sections contain a list of all supported extensions including their name and NID.</p>
+
+<h2 id="PKIX-Certificate-Extensions">PKIX Certificate Extensions</h2>
+
+<p>The following certificate extensions are defined in PKIX standards such as RFC5280.</p>
+
+<pre><code> Basic Constraints                  NID_basic_constraints
+ Key Usage                          NID_key_usage
+ Extended Key Usage                 NID_ext_key_usage
+
+ Subject Key Identifier             NID_subject_key_identifier
+ Authority Key Identifier           NID_authority_key_identifier
+
+ Private Key Usage Period           NID_private_key_usage_period
+
+ Subject Alternative Name           NID_subject_alt_name
+ Issuer Alternative Name            NID_issuer_alt_name
+
+ Authority Information Access       NID_info_access
+ Subject Information Access         NID_sinfo_access
+
+ Name Constraints                   NID_name_constraints
+
+ Certificate Policies               NID_certificate_policies
+ Policy Mappings                    NID_policy_mappings
+ Policy Constraints                 NID_policy_constraints
+ Inhibit Any Policy                 NID_inhibit_any_policy
+
+ TLS Feature                        NID_tlsfeature</code></pre>
+
+<h2 id="Netscape-Certificate-Extensions">Netscape Certificate Extensions</h2>
+
+<p>The following are (largely obsolete) Netscape certificate extensions.</p>
+
+<pre><code> Netscape Cert Type                 NID_netscape_cert_type
+ Netscape Base Url                  NID_netscape_base_url
+ Netscape Revocation Url            NID_netscape_revocation_url
+ Netscape CA Revocation Url         NID_netscape_ca_revocation_url
+ Netscape Renewal Url               NID_netscape_renewal_url
+ Netscape CA Policy Url             NID_netscape_ca_policy_url
+ Netscape SSL Server Name           NID_netscape_ssl_server_name
+ Netscape Comment                   NID_netscape_comment</code></pre>
+
+<h2 id="Miscellaneous-Certificate-Extensions">Miscellaneous Certificate Extensions</h2>
+
+<pre><code> Strong Extranet ID                 NID_sxnet
+ Proxy Certificate Information      NID_proxyCertInfo</code></pre>
+
+<h2 id="PKIX-CRL-Extensions">PKIX CRL Extensions</h2>
+
+<p>The following are CRL extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Number                         NID_crl_number
+ CRL Distribution Points            NID_crl_distribution_points
+ Delta CRL Indicator                NID_delta_crl
+ Freshest CRL                       NID_freshest_crl
+ Invalidity Date                    NID_invalidity_date
+ Issuing Distribution Point         NID_issuing_distribution_point</code></pre>
+
+<p>The following are CRL entry extensions from PKIX standards such as RFC5280.</p>
+
+<pre><code> CRL Reason Code                    NID_crl_reason
+ Certificate Issuer                 NID_certificate_issuer</code></pre>
+
+<h2 id="OCSP-Extensions">OCSP Extensions</h2>
+
+<pre><code> OCSP Nonce                         NID_id_pkix_OCSP_Nonce
+ OCSP CRL ID                        NID_id_pkix_OCSP_CrlID
+ Acceptable OCSP Responses          NID_id_pkix_OCSP_acceptableResponses
+ OCSP No Check                      NID_id_pkix_OCSP_noCheck
+ OCSP Archive Cutoff                NID_id_pkix_OCSP_archiveCutoff
+ OCSP Service Locator               NID_id_pkix_OCSP_serviceLocator
+ Hold Instruction Code              NID_hold_instruction_code</code></pre>
+
+<h2 id="Certificate-Transparency-Extensions">Certificate Transparency Extensions</h2>
+
+<p>The following extensions are used by certificate transparency, RFC6962</p>
+
+<pre><code> CT Precertificate SCTs             NID_ct_precert_scts
+ CT Certificate SCTs                NID_ct_cert_scts</code></pre>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension specific structure of <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_EXT_i2d() returns a pointer to an <b>X509_EXTENSION</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it fails due to a non-fatal error (extension not found, already exists, cannot be encoded) or -1 due to a fatal error such as a memory allocation failure.</p>
+
+<p>X509_get0_extensions(), X509_CRL_get0_extensions() and X509_REVOKED_get0_extensions() return a stack of extensions. They return NULL if no extensions are present.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_extended_key_usage.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_extended_key_usage.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_extended_key_usage.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_extension_flags.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_extension_flags.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_extension_flags.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_issuer_name.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_issuer_name.html
new file mode 100644
index 000000000..ae07d6d05
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_issuer_name.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_subject_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_subject_name, X509_set_subject_name, X509_get_issuer_name, X509_set_issuer_name, X509_REQ_get_subject_name, X509_REQ_set_subject_name, X509_CRL_get_issuer, X509_CRL_set_issuer_name - get and set issuer or subject names</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_NAME *X509_get_subject_name(const X509 *x);
+ int X509_set_subject_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_get_issuer_name(const X509 *x);
+ int X509_set_issuer_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_subject_name() returns the subject name of certificate <b>x</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed.</p>
+
+<p>X509_set_subject_name() sets the issuer name of certificate <b>x</b> to <b>name</b>. The <b>name</b> parameter is copied internally and should be freed up when it is no longer needed.</p>
+
+<p>X509_get_issuer_name() and X509_set_issuer_name() are identical to X509_get_subject_name() and X509_set_subject_name() except the get and set the issuer name of <b>x</b>.</p>
+
+<p>Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an <b>X509_NAME</b> pointer.</p>
+
+<p>X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.</p>
+
+<p>X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_key_usage.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_key_usage.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_key_usage.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_pathlen.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_pathlen.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_pathlen.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_proxy_pathlen.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_proxy_pathlen.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_proxy_pathlen.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_pubkey.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_pubkey.html
new file mode 100644
index 000000000..28c43843e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_pubkey.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_pubkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request public key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ EVP_PKEY *X509_get_pubkey(X509 *x);
+ EVP_PKEY *X509_get0_pubkey(const X509 *x);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
+
+ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+ EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_pubkey() attempts to decode the public key for certificate <b>x</b>. If successful it returns the public key as an <b>EVP_PKEY</b> pointer with its reference count incremented: this means the returned key must be freed up after use. X509_get0_pubkey() is similar except it does <b>not</b> increment the reference count of the returned <b>EVP_PKEY</b> so it must not be freed up after use.</p>
+
+<p>X509_get_X509_PUBKEY() returns an internal pointer to the <b>X509_PUBKEY</b> structure which encodes the certificate of <b>x</b>. The returned value must not be freed up after use.</p>
+
+<p>X509_set_pubkey() attempts to set the public key for certificate <b>x</b> to <b>pkey</b>. The key <b>pkey</b> should be freed up after use.</p>
+
+<p>X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request <b>req</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The first time a public key is decoded the <b>EVP_PKEY</b> structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_set_pubkey() and X509_REQ_set_pubkey() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_serialNumber.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_serialNumber.html
new file mode 100644
index 000000000..6798259e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_serialNumber.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_serialNumber</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_serialNumber, X509_get0_serialNumber, X509_set_serialNumber - get or set certificate serial number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+ const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x);
+ int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_serialNumber() returns the serial number of certificate <b>x</b> as an <b>ASN1_INTEGER</b> structure which can be examined or initialised. The value returned is an internal pointer which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_serialNumber() is the same as X509_get_serialNumber() except it accepts a const parameter and returns a const result.</p>
+
+<p>X509_set_serialNumber() sets the serial number of certificate <b>x</b> to <b>serial</b>. A copy of the serial number is used internally so <b>serial</b> should be freed up after use.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_serialNumber() and X509_get0_serialNumber() return an <b>ASN1_INTEGER</b> structure.</p>
+
+<p>X509_set_serialNumber() returns 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get_serialNumber() and X509_set_serialNumber() functions are available in all versions of OpenSSL. The X509_get0_serialNumber() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_signature_info.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_signature_info.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_signature_info.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_signature_nid.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_signature_nid.html
new file mode 100644
index 000000000..d74071208
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_signature_nid.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_signature</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
+                          const X509 *x);
+ int X509_get_signature_nid(const X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+ void X509_REQ_get0_signature(const X509_REQ *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_REQ_get_signature_nid(const X509_REQ *crl);
+
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
+ int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+ int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+                             uint32_t *flags);
+
+ int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+                      int *secbits, uint32_t *flags);
+ void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+                        int secbits, uint32_t flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_signature() sets <b>*psig</b> to the signature of <b>x</b> and <b>*palg</b> to the signature algorithm of <b>x</b>. The values returned are internal pointers which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of <b>x</b>.</p>
+
+<p>X509_get_signature_nid() returns the NID corresponding to the signature algorithm of <b>x</b>.</p>
+
+<p>X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.</p>
+
+<p>X509_get_signature_info() retrieves information about the signature of certificate <b>x</b>. The NID of the signing digest is written to <b>*mdnid</b>, the public key algorithm to <b>*pknid</b>, the effective security bits to <b>*secbits</b> and flag details to <b>*flags</b>. Any of the parameters can be set to <b>NULL</b> if the information is not required.</p>
+
+<p>X509_SIG_INFO_get() and X509_SIG_INFO_set() get and set information about a signature in an <b>X509_SIG_INFO</b> structure. They are only used by implementations of algorithms which need to set custom signature information: most applications will never need to call them.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).</p>
+
+<p>The security bits returned by X509_get_signature_info() refers to information available from the certificate signature (such as the signing digest). In some cases the actual security of the signature is less because the signing key is less secure: for example a certificate signed using SHA-512 and a 1024 bit RSA key.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.</p>
+
+<p>X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.</p>
+
+<p>X509_get_signature_info() returns 1 if the signature information returned is valid or 0 if the information is not available (e.g. unknown algorithms or malformed parameters).</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get0_signature() and X509_get_signature_nid() functions were added in OpenSSL 1.0.2.</p>
+
+<p>The X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_subject_name.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_subject_name.html
new file mode 100644
index 000000000..ae07d6d05
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_subject_name.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_subject_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_subject_name, X509_set_subject_name, X509_get_issuer_name, X509_set_issuer_name, X509_REQ_get_subject_name, X509_REQ_set_subject_name, X509_CRL_get_issuer, X509_CRL_set_issuer_name - get and set issuer or subject names</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_NAME *X509_get_subject_name(const X509 *x);
+ int X509_set_subject_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_get_issuer_name(const X509 *x);
+ int X509_set_issuer_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_subject_name() returns the subject name of certificate <b>x</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed.</p>
+
+<p>X509_set_subject_name() sets the issuer name of certificate <b>x</b> to <b>name</b>. The <b>name</b> parameter is copied internally and should be freed up when it is no longer needed.</p>
+
+<p>X509_get_issuer_name() and X509_set_issuer_name() are identical to X509_get_subject_name() and X509_set_subject_name() except the get and set the issuer name of <b>x</b>.</p>
+
+<p>Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an <b>X509_NAME</b> pointer.</p>
+
+<p>X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.</p>
+
+<p>X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_get_version.html b/msys2/usr/share/doc/openssl/html/man3/X509_get_version.html
new file mode 100644
index 000000000..6cb54a862
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_get_version.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_version, X509_set_version, X509_REQ_get_version, X509_REQ_set_version, X509_CRL_get_version, X509_CRL_set_version - get or set certificate, certificate request or CRL version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ long X509_get_version(const X509 *x);
+ int X509_set_version(X509 *x, long version);
+
+ long X509_REQ_get_version(const X509_REQ *req);
+ int X509_REQ_set_version(X509_REQ *x, long version);
+
+ long X509_CRL_get_version(const X509_CRL *crl);
+ int X509_CRL_set_version(X509_CRL *x, long version);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_version() returns the numerical value of the version field of certificate <b>x</b>. Note: this is defined by standards (X.509 et al) to be one less than the certificate version. So a version 3 certificate will return 2 and a version 1 certificate will return 0.</p>
+
+<p>X509_set_version() sets the numerical value of the version field of certificate <b>x</b> to <b>version</b>.</p>
+
+<p>Similarly X509_REQ_get_version(), X509_REQ_set_version(), X509_CRL_get_version() and X509_CRL_set_version() get and set the version number of certificate requests and CRLs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The version field of certificates, certificate requests and CRLs has a DEFAULT value of <b>v1(0)</b> meaning the field should be omitted for version 1. This is handled transparently by these functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() return the numerical value of the version field.</p>
+
+<p>X509_set_version(), X509_REQ_set_version() and X509_CRL_set_version() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() are functions in OpenSSL 1.1.0, in previous versions they were macros.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_getm_notAfter.html b/msys2/usr/share/doc/openssl/html/man3/X509_getm_notAfter.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_getm_notAfter.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_getm_notBefore.html b/msys2/usr/share/doc/openssl/html/man3/X509_getm_notBefore.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_getm_notBefore.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_load_cert_crl_file.html b/msys2/usr/share/doc/openssl/html/man3/X509_load_cert_crl_file.html
new file mode 100644
index 000000000..386450e81
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_load_cert_crl_file.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_hash_dir</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#File-Method">File Method</a></li>
+      <li><a href="#Hashed-Directory-Method">Hashed Directory Method</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_hash_dir, X509_LOOKUP_file, X509_load_cert_file, X509_load_crl_file, X509_load_cert_crl_file - Default OpenSSL certificate lookup methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+ X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>X509_LOOKUP_hash_dir</b> and <b>X509_LOOKUP_file</b> are two certificate lookup methods to use with <b>X509_STORE</b>, provided by OpenSSL library.</p>
+
+<p>Users of the library typically do not need to create instances of these methods manually, they would be created automatically by <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a> or <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> functions.</p>
+
+<p>Internally loading of certificates and CRLs is implemented via functions <b>X509_load_cert_crl_file</b>, <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b>. These functions support parameter <i>type</i>, which can be one of constants <b>FILETYPE_PEM</b>, <b>FILETYPE_ASN1</b> and <b>FILETYPE_DEFAULT</b>. They load certificates and/or CRLs from specified file into memory cache of <b>X509_STORE</b> objects which given <b>ctx</b> parameter is associated with.</p>
+
+<p>Functions <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b> can load both PEM and DER formats depending of type value. Because DER format cannot contain more than one certificate or CRL object (while PEM can contain several concatenated PEM objects) <b>X509_load_cert_crl_file</b> with <b>FILETYPE_ASN1</b> is equivalent to <b>X509_load_cert_file</b>.</p>
+
+<p>Constant <b>FILETYPE_DEFAULT</b> with NULL filename causes these functions to load default certificate store file (see <a href="../man3/X509_STORE_set_default_paths.html">X509_STORE_set_default_paths(3)</a>.</p>
+
+<p>Functions return number of objects loaded from file or 0 in case of error.</p>
+
+<p>Both methods support adding several certificate locations into one <b>X509_STORE</b>.</p>
+
+<p>This page documents certificate store formats used by these methods and caching policy.</p>
+
+<h2 id="File-Method">File Method</h2>
+
+<p>The <b>X509_LOOKUP_file</b> method loads all the certificates or CRLs present in a file into memory at the time the file is added as a lookup source.</p>
+
+<p>File format is ASCII text which contains concatenated PEM certificates and CRLs.</p>
+
+<p>This method should be used by applications which work with a small set of CAs.</p>
+
+<h2 id="Hashed-Directory-Method">Hashed Directory Method</h2>
+
+<p><b>X509_LOOKUP_hash_dir</b> is a more advanced method, which loads certificates and CRLs on demand, and caches them in memory once they are loaded. As of OpenSSL 1.0.0, it also checks for newer CRLs upon each lookup, so that newer CRLs are as soon as they appear in the directory.</p>
+
+<p>The directory should contain one certificate or CRL per file in PEM format, with a file name of the form <i>hash</i>.<i>N</i> for a certificate, or <i>hash</i>.<b>r</b><i>N</i> for a CRL. The <i>hash</i> is the value returned by the <a href="../man3/X509_NAME_hash.html">X509_NAME_hash(3)</a> function applied to the subject name for certificates or issuer name for CRLs. The hash can also be obtained via the <b>-hash</b> option of the <a href="../man1/x509.html">x509(1)</a> or <a href="../man1/crl.html">crl(1)</a> commands.</p>
+
+<p>The .<i>N</i> or .<b>r</b><i>N</i> suffix is a sequence number that starts at zero, and is incremented consecutively for each certificate or CRL with the same <i>hash</i> value. Gaps in the sequence numbers are not supported, it is assumed that there are no more objects with the same hash beyond the first missing number in the sequence.</p>
+
+<p>Sequence numbers make it possible for the directory to contain multiple certificates with same subject name hash value. For example, it is possible to have in the store several certificates with same subject or several CRLs with same issuer (and, for example, different validity period).</p>
+
+<p>When checking for new CRLs once one CRL for given hash value is loaded, hash_dir lookup method checks only for certificates with sequence number greater than that of the already cached CRL.</p>
+
+<p>Note that the hash algorithm used for subject name hashing changed in OpenSSL 1.0.0, and all certificate stores have to be rehashed when moving from OpenSSL 0.9.8 to 1.0.0.</p>
+
+<p>OpenSSL includes a <a href="../man1/rehash.html">rehash(1)</a> utility which creates symlinks with correct hashed names for all files with .pem suffix in a given directory.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_LOOKUP_hash_dir() and X509_LOOKUP_file() always return a valid <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_load_cert_file(), X509_load_crl_file() and X509_load_cert_crl_file() return the number of loaded objects or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a>, <a href="../man3/X509_store_add_lookup.html">X509_store_add_lookup(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/X509_LOOKUP_meth_new.html">X509_LOOKUP_meth_new(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_load_cert_file.html b/msys2/usr/share/doc/openssl/html/man3/X509_load_cert_file.html
new file mode 100644
index 000000000..386450e81
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_load_cert_file.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_hash_dir</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#File-Method">File Method</a></li>
+      <li><a href="#Hashed-Directory-Method">Hashed Directory Method</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_hash_dir, X509_LOOKUP_file, X509_load_cert_file, X509_load_crl_file, X509_load_cert_crl_file - Default OpenSSL certificate lookup methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+ X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>X509_LOOKUP_hash_dir</b> and <b>X509_LOOKUP_file</b> are two certificate lookup methods to use with <b>X509_STORE</b>, provided by OpenSSL library.</p>
+
+<p>Users of the library typically do not need to create instances of these methods manually, they would be created automatically by <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a> or <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> functions.</p>
+
+<p>Internally loading of certificates and CRLs is implemented via functions <b>X509_load_cert_crl_file</b>, <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b>. These functions support parameter <i>type</i>, which can be one of constants <b>FILETYPE_PEM</b>, <b>FILETYPE_ASN1</b> and <b>FILETYPE_DEFAULT</b>. They load certificates and/or CRLs from specified file into memory cache of <b>X509_STORE</b> objects which given <b>ctx</b> parameter is associated with.</p>
+
+<p>Functions <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b> can load both PEM and DER formats depending of type value. Because DER format cannot contain more than one certificate or CRL object (while PEM can contain several concatenated PEM objects) <b>X509_load_cert_crl_file</b> with <b>FILETYPE_ASN1</b> is equivalent to <b>X509_load_cert_file</b>.</p>
+
+<p>Constant <b>FILETYPE_DEFAULT</b> with NULL filename causes these functions to load default certificate store file (see <a href="../man3/X509_STORE_set_default_paths.html">X509_STORE_set_default_paths(3)</a>.</p>
+
+<p>Functions return number of objects loaded from file or 0 in case of error.</p>
+
+<p>Both methods support adding several certificate locations into one <b>X509_STORE</b>.</p>
+
+<p>This page documents certificate store formats used by these methods and caching policy.</p>
+
+<h2 id="File-Method">File Method</h2>
+
+<p>The <b>X509_LOOKUP_file</b> method loads all the certificates or CRLs present in a file into memory at the time the file is added as a lookup source.</p>
+
+<p>File format is ASCII text which contains concatenated PEM certificates and CRLs.</p>
+
+<p>This method should be used by applications which work with a small set of CAs.</p>
+
+<h2 id="Hashed-Directory-Method">Hashed Directory Method</h2>
+
+<p><b>X509_LOOKUP_hash_dir</b> is a more advanced method, which loads certificates and CRLs on demand, and caches them in memory once they are loaded. As of OpenSSL 1.0.0, it also checks for newer CRLs upon each lookup, so that newer CRLs are as soon as they appear in the directory.</p>
+
+<p>The directory should contain one certificate or CRL per file in PEM format, with a file name of the form <i>hash</i>.<i>N</i> for a certificate, or <i>hash</i>.<b>r</b><i>N</i> for a CRL. The <i>hash</i> is the value returned by the <a href="../man3/X509_NAME_hash.html">X509_NAME_hash(3)</a> function applied to the subject name for certificates or issuer name for CRLs. The hash can also be obtained via the <b>-hash</b> option of the <a href="../man1/x509.html">x509(1)</a> or <a href="../man1/crl.html">crl(1)</a> commands.</p>
+
+<p>The .<i>N</i> or .<b>r</b><i>N</i> suffix is a sequence number that starts at zero, and is incremented consecutively for each certificate or CRL with the same <i>hash</i> value. Gaps in the sequence numbers are not supported, it is assumed that there are no more objects with the same hash beyond the first missing number in the sequence.</p>
+
+<p>Sequence numbers make it possible for the directory to contain multiple certificates with same subject name hash value. For example, it is possible to have in the store several certificates with same subject or several CRLs with same issuer (and, for example, different validity period).</p>
+
+<p>When checking for new CRLs once one CRL for given hash value is loaded, hash_dir lookup method checks only for certificates with sequence number greater than that of the already cached CRL.</p>
+
+<p>Note that the hash algorithm used for subject name hashing changed in OpenSSL 1.0.0, and all certificate stores have to be rehashed when moving from OpenSSL 0.9.8 to 1.0.0.</p>
+
+<p>OpenSSL includes a <a href="../man1/rehash.html">rehash(1)</a> utility which creates symlinks with correct hashed names for all files with .pem suffix in a given directory.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_LOOKUP_hash_dir() and X509_LOOKUP_file() always return a valid <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_load_cert_file(), X509_load_crl_file() and X509_load_cert_crl_file() return the number of loaded objects or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a>, <a href="../man3/X509_store_add_lookup.html">X509_store_add_lookup(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/X509_LOOKUP_meth_new.html">X509_LOOKUP_meth_new(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_load_crl_file.html b/msys2/usr/share/doc/openssl/html/man3/X509_load_crl_file.html
new file mode 100644
index 000000000..386450e81
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_load_crl_file.html
@@ -0,0 +1,106 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_LOOKUP_hash_dir</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#File-Method">File Method</a></li>
+      <li><a href="#Hashed-Directory-Method">Hashed Directory Method</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_LOOKUP_hash_dir, X509_LOOKUP_file, X509_load_cert_file, X509_load_crl_file, X509_load_cert_crl_file - Default OpenSSL certificate lookup methods</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509_vfy.h&gt;
+
+ X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+ X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p><b>X509_LOOKUP_hash_dir</b> and <b>X509_LOOKUP_file</b> are two certificate lookup methods to use with <b>X509_STORE</b>, provided by OpenSSL library.</p>
+
+<p>Users of the library typically do not need to create instances of these methods manually, they would be created automatically by <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a> or <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> functions.</p>
+
+<p>Internally loading of certificates and CRLs is implemented via functions <b>X509_load_cert_crl_file</b>, <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b>. These functions support parameter <i>type</i>, which can be one of constants <b>FILETYPE_PEM</b>, <b>FILETYPE_ASN1</b> and <b>FILETYPE_DEFAULT</b>. They load certificates and/or CRLs from specified file into memory cache of <b>X509_STORE</b> objects which given <b>ctx</b> parameter is associated with.</p>
+
+<p>Functions <b>X509_load_cert_file</b> and <b>X509_load_crl_file</b> can load both PEM and DER formats depending of type value. Because DER format cannot contain more than one certificate or CRL object (while PEM can contain several concatenated PEM objects) <b>X509_load_cert_crl_file</b> with <b>FILETYPE_ASN1</b> is equivalent to <b>X509_load_cert_file</b>.</p>
+
+<p>Constant <b>FILETYPE_DEFAULT</b> with NULL filename causes these functions to load default certificate store file (see <a href="../man3/X509_STORE_set_default_paths.html">X509_STORE_set_default_paths(3)</a>.</p>
+
+<p>Functions return number of objects loaded from file or 0 in case of error.</p>
+
+<p>Both methods support adding several certificate locations into one <b>X509_STORE</b>.</p>
+
+<p>This page documents certificate store formats used by these methods and caching policy.</p>
+
+<h2 id="File-Method">File Method</h2>
+
+<p>The <b>X509_LOOKUP_file</b> method loads all the certificates or CRLs present in a file into memory at the time the file is added as a lookup source.</p>
+
+<p>File format is ASCII text which contains concatenated PEM certificates and CRLs.</p>
+
+<p>This method should be used by applications which work with a small set of CAs.</p>
+
+<h2 id="Hashed-Directory-Method">Hashed Directory Method</h2>
+
+<p><b>X509_LOOKUP_hash_dir</b> is a more advanced method, which loads certificates and CRLs on demand, and caches them in memory once they are loaded. As of OpenSSL 1.0.0, it also checks for newer CRLs upon each lookup, so that newer CRLs are as soon as they appear in the directory.</p>
+
+<p>The directory should contain one certificate or CRL per file in PEM format, with a file name of the form <i>hash</i>.<i>N</i> for a certificate, or <i>hash</i>.<b>r</b><i>N</i> for a CRL. The <i>hash</i> is the value returned by the <a href="../man3/X509_NAME_hash.html">X509_NAME_hash(3)</a> function applied to the subject name for certificates or issuer name for CRLs. The hash can also be obtained via the <b>-hash</b> option of the <a href="../man1/x509.html">x509(1)</a> or <a href="../man1/crl.html">crl(1)</a> commands.</p>
+
+<p>The .<i>N</i> or .<b>r</b><i>N</i> suffix is a sequence number that starts at zero, and is incremented consecutively for each certificate or CRL with the same <i>hash</i> value. Gaps in the sequence numbers are not supported, it is assumed that there are no more objects with the same hash beyond the first missing number in the sequence.</p>
+
+<p>Sequence numbers make it possible for the directory to contain multiple certificates with same subject name hash value. For example, it is possible to have in the store several certificates with same subject or several CRLs with same issuer (and, for example, different validity period).</p>
+
+<p>When checking for new CRLs once one CRL for given hash value is loaded, hash_dir lookup method checks only for certificates with sequence number greater than that of the already cached CRL.</p>
+
+<p>Note that the hash algorithm used for subject name hashing changed in OpenSSL 1.0.0, and all certificate stores have to be rehashed when moving from OpenSSL 0.9.8 to 1.0.0.</p>
+
+<p>OpenSSL includes a <a href="../man1/rehash.html">rehash(1)</a> utility which creates symlinks with correct hashed names for all files with .pem suffix in a given directory.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_LOOKUP_hash_dir() and X509_LOOKUP_file() always return a valid <b>X509_LOOKUP_METHOD</b> structure.</p>
+
+<p>X509_load_cert_file(), X509_load_crl_file() and X509_load_cert_crl_file() return the number of loaded objects or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man3/X509_STORE_load_locations.html">X509_STORE_load_locations(3)</a>, <a href="../man3/X509_store_add_lookup.html">X509_store_add_lookup(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a>, <a href="../man3/X509_LOOKUP_meth_new.html">X509_LOOKUP_meth_new(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_new.html b/msys2/usr/share/doc/openssl/html/man3/X509_new.html
new file mode 100644
index 000000000..f14637182
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_new.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_chain_up_ref, X509_new, X509_free, X509_up_ref - X509 certificate ASN1 allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *X509_new(void);
+ void X509_free(X509 *a);
+ int X509_up_ref(X509 *a);
+ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 ASN1 allocation routines, allocate and free an X509 structure, which represents an X509 certificate.</p>
+
+<p>X509_new() allocates and initializes a X509 structure with reference count <b>1</b>.</p>
+
+<p>X509_free() decrements the reference count of <b>X509</b> structure <b>a</b> and frees it up if the reference count is zero. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_up_ref() increments the reference count of <b>a</b>.</p>
+
+<p>X509_chain_up_ref() increases the reference count of all certificates in chain <b>x</b> and returns a copy of the stack.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The function X509_up_ref() if useful if a certificate structure is being used by several different operations each of which will free it up after use: this avoids the need to duplicate the entire certificate structure.</p>
+
+<p>The function X509_chain_up_ref() doesn&#39;t just up the reference count of each certificate it also returns a copy of the stack, using sk_X509_dup(), but it serves a similar purpose: the returned chain persists after the original has been freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_up_ref() returns 1 for success and 0 for failure.</p>
+
+<p>X509_chain_up_ref() returns a copy of the stack or <b>NULL</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_pubkey_digest.html b/msys2/usr/share/doc/openssl/html/man3/X509_pubkey_digest.html
new file mode 100644
index 000000000..98c8462b9
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_pubkey_digest.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_digest</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_digest, PKCS7_ISSUER_AND_SERIAL_digest - get digest of various objects</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
+                 unsigned int *len);
+
+ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
+                     unsigned int *len);
+
+ int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+                        unsigned char *md, unsigned int *len);
+
+ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+                     unsigned char *md, unsigned int *len);
+
+ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+                      unsigned char *md, unsigned int *len);
+
+ #include &lt;openssl/pkcs7.h&gt;
+
+ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+                                    const EVP_MD *type, unsigned char *md,
+                                    unsigned int *len);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_pubkey_digest() returns a digest of the DER representation of the public key in the specified X509 <b>data</b> object. All other functions described here return a digest of the DER representation of their entire <b>data</b> objects.</p>
+
+<p>The <b>type</b> parameter specifies the digest to be used, such as EVP_sha1(). The <b>md</b> is a pointer to the buffer where the digest will be copied and is assumed to be large enough; the constant <b>EVP_MAX_MD_SIZE</b> is suggested. The <b>len</b> parameter, if not NULL, points to a place where the digest size will be stored.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All functions described here return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_sha1.html">EVP_sha1(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set1_notAfter.html b/msys2/usr/share/doc/openssl/html/man3/X509_set1_notAfter.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set1_notAfter.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set1_notBefore.html b/msys2/usr/share/doc/openssl/html/man3/X509_set1_notBefore.html
new file mode 100644
index 000000000..c7e82ca36
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set1_notBefore.html
@@ -0,0 +1,88 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get0_notBefore</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_notBefore, X509_getm_notBefore, X509_get0_notAfter, X509_getm_notAfter, X509_set1_notBefore, X509_set1_notAfter, X509_CRL_get0_lastUpdate, X509_CRL_get0_nextUpdate, X509_CRL_set1_lastUpdate, X509_CRL_set1_nextUpdate - get or set certificate or CRL dates</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ const ASN1_TIME *X509_get0_notBefore(const X509 *x);
+ const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get0_notBefore() and X509_get0_notAfter() return the <b>notBefore</b> and <b>notAfter</b> fields of certificate <b>x</b> respectively. The value returned is an internal pointer which must not be freed up after the call.</p>
+
+<p>X509_getm_notBefore() and X509_getm_notAfter() are similar to X509_get0_notBefore() and X509_get0_notAfter() except they return non-constant mutable references to the associated date field of the certificate.</p>
+
+<p>X509_set1_notBefore() and X509_set1_notAfter() set the <b>notBefore</b> and <b>notAfter</b> fields of <b>x</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<p>X509_CRL_get0_lastUpdate() and X509_CRL_get0_nextUpdate() return the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b>. The value returned is an internal pointer which must not be freed up after the call. If the <b>nextUpdate</b> field is absent from <b>crl</b> then <b>NULL</b> is returned.</p>
+
+<p>X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() set the <b>lastUpdate</b> and <b>nextUpdate</b> fields of <b>crl</b> to <b>tm</b>. Ownership of the passed parameter <b>tm</b> is not transferred by these functions so it must be freed up after the call.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get0_notBefore(), X509_get0_notAfter() and X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure.</p>
+
+<p>X509_CRL_get0_lastUpdate() return a pointer to an <b>ASN1_TIME</b> structure or NULL if the <b>lastUpdate</b> field is absent.</p>
+
+<p>X509_set1_notBefore(), X509_set1_notAfter(), X509_CRL_set1_lastUpdate() and X509_CRL_set1_nextUpdate() return 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions are available in all versions of OpenSSL.</p>
+
+<p>X509_get_notBefore() and X509_get_notAfter() were deprecated in OpenSSL 1.1.0</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set_ex_data.html b/msys2/usr/share/doc/openssl/html/man3/X509_set_ex_data.html
new file mode 100644
index 000000000..cbd444d80
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set_ex_data.html
@@ -0,0 +1,75 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>BIO_get_ex_new_index</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, EC_KEY_get_ex_new_index, EC_KEY_set_ex_data, EC_KEY_get_ex_data, RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - application-specific data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int TYPE_get_ex_new_index(long argl, void *argp,
+                           CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+
+ int TYPE_set_ex_data(TYPE *d, int idx, void *arg);
+
+ void *TYPE_get_ex_data(TYPE *d, int idx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes listed in <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<p>These functions handle application-specific data for OpenSSL data structures.</p>
+
+<p>TYPE_get_new_ex_index() is a macro that calls CRYPTO_get_ex_new_index() with the correct <b>index</b> value.</p>
+
+<p>TYPE_set_ex_data() is a function that calls CRYPTO_set_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<p>TYPE_get_ex_data() is a function that calls CRYPTO_get_ex_data() with an offset into the opaque exdata part of the TYPE object.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>TYPE_get_new_ex_index() returns a new index on success or -1 on error.</p>
+
+<p>TYPE_set_ex_data() returns 1 on success or 0 on error.</p>
+
+<p>TYPE_get_ex_data() returns the application data or NULL if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set_issuer_name.html b/msys2/usr/share/doc/openssl/html/man3/X509_set_issuer_name.html
new file mode 100644
index 000000000..ae07d6d05
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set_issuer_name.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_subject_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_subject_name, X509_set_subject_name, X509_get_issuer_name, X509_set_issuer_name, X509_REQ_get_subject_name, X509_REQ_set_subject_name, X509_CRL_get_issuer, X509_CRL_set_issuer_name - get and set issuer or subject names</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_NAME *X509_get_subject_name(const X509 *x);
+ int X509_set_subject_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_get_issuer_name(const X509 *x);
+ int X509_set_issuer_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_subject_name() returns the subject name of certificate <b>x</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed.</p>
+
+<p>X509_set_subject_name() sets the issuer name of certificate <b>x</b> to <b>name</b>. The <b>name</b> parameter is copied internally and should be freed up when it is no longer needed.</p>
+
+<p>X509_get_issuer_name() and X509_set_issuer_name() are identical to X509_get_subject_name() and X509_set_subject_name() except the get and set the issuer name of <b>x</b>.</p>
+
+<p>Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an <b>X509_NAME</b> pointer.</p>
+
+<p>X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.</p>
+
+<p>X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set_proxy_flag.html b/msys2/usr/share/doc/openssl/html/man3/X509_set_proxy_flag.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set_proxy_flag.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set_proxy_pathlen.html b/msys2/usr/share/doc/openssl/html/man3/X509_set_proxy_pathlen.html
new file mode 100644
index 000000000..048f26554
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set_proxy_pathlen.html
@@ -0,0 +1,172 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_extension_flags</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get0_subject_key_id, X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage, X509_set_proxy_flag, X509_set_proxy_pathlen, X509_get_proxy_pathlen - retrieve certificate extension data</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509v3.h&gt;
+
+ long X509_get_pathlen(X509 *x);
+ uint32_t X509_get_extension_flags(X509 *x);
+ uint32_t X509_get_key_usage(X509 *x);
+ uint32_t X509_get_extended_key_usage(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ void X509_set_proxy_flag(X509 *x);
+ void X509_set_proxy_pathlen(int l);
+ long X509_get_proxy_pathlen(X509 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions retrieve information related to commonly used certificate extensions.</p>
+
+<p>X509_get_pathlen() retrieves the path length extension from a certificate. This extension is used to limit the length of a cert chain that may be issued from that CA.</p>
+
+<p>X509_get_extension_flags() retrieves general information about a certificate, it will return one or more of the following flags ored together.</p>
+
+<dl>
+
+<dt id="EXFLAG_V1"><b>EXFLAG_V1</b></dt>
+<dd>
+
+<p>The certificate is an obsolete version 1 certificate.</p>
+
+</dd>
+<dt id="EXFLAG_BCONS"><b>EXFLAG_BCONS</b></dt>
+<dd>
+
+<p>The certificate contains a basic constraints extension.</p>
+
+</dd>
+<dt id="EXFLAG_CA"><b>EXFLAG_CA</b></dt>
+<dd>
+
+<p>The certificate contains basic constraints and asserts the CA flag.</p>
+
+</dd>
+<dt id="EXFLAG_PROXY"><b>EXFLAG_PROXY</b></dt>
+<dd>
+
+<p>The certificate is a valid proxy certificate.</p>
+
+</dd>
+<dt id="EXFLAG_SI"><b>EXFLAG_SI</b></dt>
+<dd>
+
+<p>The certificate is self issued (that is subject and issuer names match).</p>
+
+</dd>
+<dt id="EXFLAG_SS"><b>EXFLAG_SS</b></dt>
+<dd>
+
+<p>The subject and issuer names match and extension values imply it is self signed.</p>
+
+</dd>
+<dt id="EXFLAG_FRESHEST"><b>EXFLAG_FRESHEST</b></dt>
+<dd>
+
+<p>The freshest CRL extension is present in the certificate.</p>
+
+</dd>
+<dt id="EXFLAG_CRITICAL"><b>EXFLAG_CRITICAL</b></dt>
+<dd>
+
+<p>The certificate contains an unhandled critical extension.</p>
+
+</dd>
+<dt id="EXFLAG_INVALID"><b>EXFLAG_INVALID</b></dt>
+<dd>
+
+<p>Some certificate extension values are invalid or inconsistent. The certificate should be rejected.</p>
+
+</dd>
+<dt id="EXFLAG_KUSAGE"><b>EXFLAG_KUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().</p>
+
+</dd>
+<dt id="EXFLAG_XKUSAGE"><b>EXFLAG_XKUSAGE</b></dt>
+<dd>
+
+<p>The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().</p>
+
+</dd>
+</dl>
+
+<p>X509_get_key_usage() returns the value of the key usage extension. If key usage is present will return zero or more of the flags: <b>KU_DIGITAL_SIGNATURE</b>, <b>KU_NON_REPUDIATION</b>, <b>KU_KEY_ENCIPHERMENT</b>, <b>KU_DATA_ENCIPHERMENT</b>, <b>KU_KEY_AGREEMENT</b>, <b>KU_KEY_CERT_SIGN</b>, <b>KU_CRL_SIGN</b>, <b>KU_ENCIPHER_ONLY</b> or <b>KU_DECIPHER_ONLY</b> corresponding to individual key usage bits. If key usage is absent then <b>UINT32_MAX</b> is returned.</p>
+
+<p>X509_get_extended_key_usage() returns the value of the extended key usage extension. If extended key usage is present it will return zero or more of the flags: <b>XKU_SSL_SERVER</b>, <b>XKU_SSL_CLIENT</b>, <b>XKU_SMIME</b>, <b>XKU_CODE_SIGN</b> <b>XKU_OCSP_SIGN</b>, <b>XKU_TIMESTAMP</b>, <b>XKU_DVCS</b> or <b>XKU_ANYEKU</b>. These correspond to the OIDs <b>id-kp-serverAuth</b>, <b>id-kp-clientAuth</b>, <b>id-kp-emailProtection</b>, <b>id-kp-codeSigning</b>, <b>id-kp-OCSPSigning</b>, <b>id-kp-timeStamping</b>, <b>id-kp-dvcs</b> and <b>anyExtendedKeyUsage</b> respectively. Additionally <b>XKU_SGC</b> is set if either Netscape or Microsoft SGC OIDs are present.</p>
+
+<p>X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_get0_authority_key_id() returns an internal pointer to the authority key identifier of <b>x</b> as an <b>ASN1_OCTET_STRING</b> or <b>NULL</b> if the extension is not present or cannot be parsed.</p>
+
+<p>X509_set_proxy_flag() marks the certificate with the <b>EXFLAG_PROXY</b> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_set_proxy_pathlen() sets the proxy certificate path length for the given certificate <b>x</b>. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones.</p>
+
+<p>X509_get_proxy_pathlen() returns the proxy certificate path length for the given certificate <b>x</b> if it is a proxy certificate.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The value of the flags correspond to extension values which are cached in the <b>X509</b> structure. If the flags returned do not provide sufficient information an application should examine extension values directly for example using X509_get_ext_d2i().</p>
+
+<p>If the key usage or extended key usage extension is absent then typically usage is unrestricted. For this reason X509_get_key_usage() and X509_get_extended_key_usage() return <b>UINT32_MAX</b> when the corresponding extension is absent. Applications can additionally check the return value of X509_get_extension_flags() and take appropriate action is an extension is absent.</p>
+
+<p>If X509_get0_subject_key_id() returns <b>NULL</b> then the extension may be absent or malformed. Applications can determine the precise reason using X509_get_ext_d2i().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pathlen() returns the path length value, or -1 if the extension is not present.</p>
+
+<p>X509_get_extension_flags(), X509_get_key_usage() and X509_get_extended_key_usage() return sets of flags corresponding to the certificate extension values.</p>
+
+<p>X509_get0_subject_key_id() returns the subject key identifier as a pointer to an <b>ASN1_OCTET_STRING</b> structure or <b>NULL</b> if the extension is absent or an error occurred during parsing.</p>
+
+<p>X509_get_proxy_pathlen() returns the path length value if the given certificate is a proxy one and has a path length set, and -1 otherwise.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_check_purpose.html">X509_check_purpose(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_pathlen(), X509_set_proxy_flag(), X509_set_proxy_pathlen() and X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set_pubkey.html b/msys2/usr/share/doc/openssl/html/man3/X509_set_pubkey.html
new file mode 100644
index 000000000..28c43843e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set_pubkey.html
@@ -0,0 +1,77 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_pubkey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_REQ_get_pubkey, X509_REQ_get0_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or set certificate or certificate request public key</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ EVP_PKEY *X509_get_pubkey(X509 *x);
+ EVP_PKEY *X509_get0_pubkey(const X509 *x);
+ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
+
+ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+ EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+ X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_pubkey() attempts to decode the public key for certificate <b>x</b>. If successful it returns the public key as an <b>EVP_PKEY</b> pointer with its reference count incremented: this means the returned key must be freed up after use. X509_get0_pubkey() is similar except it does <b>not</b> increment the reference count of the returned <b>EVP_PKEY</b> so it must not be freed up after use.</p>
+
+<p>X509_get_X509_PUBKEY() returns an internal pointer to the <b>X509_PUBKEY</b> structure which encodes the certificate of <b>x</b>. The returned value must not be freed up after use.</p>
+
+<p>X509_set_pubkey() attempts to set the public key for certificate <b>x</b> to <b>pkey</b>. The key <b>pkey</b> should be freed up after use.</p>
+
+<p>X509_REQ_get_pubkey(), X509_REQ_get0_pubkey(), X509_REQ_set_pubkey() and X509_REQ_get_X509_PUBKEY() are similar but operate on certificate request <b>req</b>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The first time a public key is decoded the <b>EVP_PKEY</b> structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or <b>NULL</b> if an error occurred.</p>
+
+<p>X509_set_pubkey() and X509_REQ_set_pubkey() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set_serialNumber.html b/msys2/usr/share/doc/openssl/html/man3/X509_set_serialNumber.html
new file mode 100644
index 000000000..6798259e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set_serialNumber.html
@@ -0,0 +1,69 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_serialNumber</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_serialNumber, X509_get0_serialNumber, X509_set_serialNumber - get or set certificate serial number</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+ const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x);
+ int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_serialNumber() returns the serial number of certificate <b>x</b> as an <b>ASN1_INTEGER</b> structure which can be examined or initialised. The value returned is an internal pointer which <b>MUST NOT</b> be freed up after the call.</p>
+
+<p>X509_get0_serialNumber() is the same as X509_get_serialNumber() except it accepts a const parameter and returns a const result.</p>
+
+<p>X509_set_serialNumber() sets the serial number of certificate <b>x</b> to <b>serial</b>. A copy of the serial number is used internally so <b>serial</b> should be freed up after use.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_serialNumber() and X509_get0_serialNumber() return an <b>ASN1_INTEGER</b> structure.</p>
+
+<p>X509_set_serialNumber() returns 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_get_serialNumber() and X509_set_serialNumber() functions are available in all versions of OpenSSL. The X509_get0_serialNumber() function was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set_subject_name.html b/msys2/usr/share/doc/openssl/html/man3/X509_set_subject_name.html
new file mode 100644
index 000000000..ae07d6d05
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set_subject_name.html
@@ -0,0 +1,81 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_subject_name</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_subject_name, X509_set_subject_name, X509_get_issuer_name, X509_set_issuer_name, X509_REQ_get_subject_name, X509_REQ_set_subject_name, X509_CRL_get_issuer, X509_CRL_set_issuer_name - get and set issuer or subject names</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_NAME *X509_get_subject_name(const X509 *x);
+ int X509_set_subject_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_get_issuer_name(const X509 *x);
+ int X509_set_issuer_name(X509 *x, X509_NAME *name);
+
+ X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_subject_name() returns the subject name of certificate <b>x</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed.</p>
+
+<p>X509_set_subject_name() sets the issuer name of certificate <b>x</b> to <b>name</b>. The <b>name</b> parameter is copied internally and should be freed up when it is no longer needed.</p>
+
+<p>X509_get_issuer_name() and X509_set_issuer_name() are identical to X509_get_subject_name() and X509_set_subject_name() except the get and set the issuer name of <b>x</b>.</p>
+
+<p>Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an <b>X509_NAME</b> pointer.</p>
+
+<p>X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.</p>
+
+<p>X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_set_version.html b/msys2/usr/share/doc/openssl/html/man3/X509_set_version.html
new file mode 100644
index 000000000..6cb54a862
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_set_version.html
@@ -0,0 +1,79 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_get_version</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_get_version, X509_set_version, X509_REQ_get_version, X509_REQ_set_version, X509_CRL_get_version, X509_CRL_set_version - get or set certificate, certificate request or CRL version</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ long X509_get_version(const X509 *x);
+ int X509_set_version(X509 *x, long version);
+
+ long X509_REQ_get_version(const X509_REQ *req);
+ int X509_REQ_set_version(X509_REQ *x, long version);
+
+ long X509_CRL_get_version(const X509_CRL *crl);
+ int X509_CRL_set_version(X509_CRL *x, long version);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_get_version() returns the numerical value of the version field of certificate <b>x</b>. Note: this is defined by standards (X.509 et al) to be one less than the certificate version. So a version 3 certificate will return 2 and a version 1 certificate will return 0.</p>
+
+<p>X509_set_version() sets the numerical value of the version field of certificate <b>x</b> to <b>version</b>.</p>
+
+<p>Similarly X509_REQ_get_version(), X509_REQ_set_version(), X509_CRL_get_version() and X509_CRL_set_version() get and set the version number of certificate requests and CRLs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The version field of certificates, certificate requests and CRLs has a DEFAULT value of <b>v1(0)</b> meaning the field should be omitted for version 1. This is handled transparently by these functions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() return the numerical value of the version field.</p>
+
+<p>X509_set_version(), X509_REQ_set_version() and X509_CRL_set_version() return 1 for success and 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>X509_get_version(), X509_REQ_get_version() and X509_CRL_get_version() are functions in OpenSSL 1.1.0, in previous versions they were macros.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_sign.html b/msys2/usr/share/doc/openssl/html/man3/X509_sign.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_sign.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_sign_ctx.html b/msys2/usr/share/doc/openssl/html/man3/X509_sign_ctx.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_sign_ctx.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_time_adj.html b/msys2/usr/share/doc/openssl/html/man3/X509_time_adj.html
new file mode 100644
index 000000000..4ac261fb8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_time_adj.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_cmp_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_cmp_time, X509_cmp_current_time, X509_time_adj, X509_time_adj_ex - X509 time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_cmp_time(const ASN1_TIME *asn1_time, time_t *in_tm);
+ int X509_cmp_current_time(const ASN1_TIME *asn1_time);
+ ASN1_TIME *X509_time_adj(ASN1_TIME *asn1_time, long offset_sec, time_t *in_tm);
+ ASN1_TIME *X509_time_adj_ex(ASN1_TIME *asn1_time, int offset_day, long
+                             offset_sec, time_t *in_tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_cmp_time() compares the ASN1_TIME in <b>asn1_time</b> with the time in &lt;cmp_time&gt;. X509_cmp_current_time() compares the ASN1_TIME in <b>asn1_time</b> with the current time, expressed as time_t. <b>asn1_time</b> must satisfy the ASN1_TIME format mandated by RFC 5280, i.e., its format must be either YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ.</p>
+
+<p>X509_time_adj_ex() sets the ASN1_TIME structure <b>asn1_time</b> to the time <b>offset_day</b> and <b>offset_sec</b> after <b>in_tm</b>.</p>
+
+<p>X509_time_adj() sets the ASN1_TIME structure <b>asn1_time</b> to the time <b>offset_sec</b> after <b>in_tm</b>. This method can only handle second offsets up to the capacity of long, so the newer X509_time_adj_ex() API should be preferred.</p>
+
+<p>In both methods, if <b>asn1_time</b> is NULL, a new ASN1_TIME structure is allocated and returned.</p>
+
+<p>In all methods, if <b>in_tm</b> is NULL, the current time, expressed as time_t, is used.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Unlike many standard comparison functions, X509_cmp_time() and X509_cmp_current_time() return 0 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_cmp_time() and X509_cmp_current_time() return -1 if <b>asn1_time</b> is earlier than, or equal to, <b>cmp_time</b> (resp. current time), and 1 otherwise. These methods return 0 on error.</p>
+
+<p>X509_time_adj() and X509_time_adj_ex() return a pointer to the updated ASN1_TIME structure, and NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_time_adj_ex.html b/msys2/usr/share/doc/openssl/html/man3/X509_time_adj_ex.html
new file mode 100644
index 000000000..4ac261fb8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_time_adj_ex.html
@@ -0,0 +1,68 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_cmp_time</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_cmp_time, X509_cmp_current_time, X509_time_adj, X509_time_adj_ex - X509 time functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> int X509_cmp_time(const ASN1_TIME *asn1_time, time_t *in_tm);
+ int X509_cmp_current_time(const ASN1_TIME *asn1_time);
+ ASN1_TIME *X509_time_adj(ASN1_TIME *asn1_time, long offset_sec, time_t *in_tm);
+ ASN1_TIME *X509_time_adj_ex(ASN1_TIME *asn1_time, int offset_day, long
+                             offset_sec, time_t *in_tm);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_cmp_time() compares the ASN1_TIME in <b>asn1_time</b> with the time in &lt;cmp_time&gt;. X509_cmp_current_time() compares the ASN1_TIME in <b>asn1_time</b> with the current time, expressed as time_t. <b>asn1_time</b> must satisfy the ASN1_TIME format mandated by RFC 5280, i.e., its format must be either YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ.</p>
+
+<p>X509_time_adj_ex() sets the ASN1_TIME structure <b>asn1_time</b> to the time <b>offset_day</b> and <b>offset_sec</b> after <b>in_tm</b>.</p>
+
+<p>X509_time_adj() sets the ASN1_TIME structure <b>asn1_time</b> to the time <b>offset_sec</b> after <b>in_tm</b>. This method can only handle second offsets up to the capacity of long, so the newer X509_time_adj_ex() API should be preferred.</p>
+
+<p>In both methods, if <b>asn1_time</b> is NULL, a new ASN1_TIME structure is allocated and returned.</p>
+
+<p>In all methods, if <b>in_tm</b> is NULL, the current time, expressed as time_t, is used.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Unlike many standard comparison functions, X509_cmp_time() and X509_cmp_current_time() return 0 on error.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_cmp_time() and X509_cmp_current_time() return -1 if <b>asn1_time</b> is earlier than, or equal to, <b>cmp_time</b> (resp. current time), and 1 otherwise. These methods return 0 on error.</p>
+
+<p>X509_time_adj() and X509_time_adj_ex() return a pointer to the updated ASN1_TIME structure, and NULL on error.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_up_ref.html b/msys2/usr/share/doc/openssl/html/man3/X509_up_ref.html
new file mode 100644
index 000000000..f14637182
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_up_ref.html
@@ -0,0 +1,78 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_chain_up_ref, X509_new, X509_free, X509_up_ref - X509 certificate ASN1 allocation functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *X509_new(void);
+ void X509_free(X509 *a);
+ int X509_up_ref(X509 *a);
+ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 ASN1 allocation routines, allocate and free an X509 structure, which represents an X509 certificate.</p>
+
+<p>X509_new() allocates and initializes a X509 structure with reference count <b>1</b>.</p>
+
+<p>X509_free() decrements the reference count of <b>X509</b> structure <b>a</b> and frees it up if the reference count is zero. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_up_ref() increments the reference count of <b>a</b>.</p>
+
+<p>X509_chain_up_ref() increases the reference count of all certificates in chain <b>x</b> and returns a copy of the stack.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The function X509_up_ref() if useful if a certificate structure is being used by several different operations each of which will free it up after use: this avoids the need to duplicate the entire certificate structure.</p>
+
+<p>The function X509_chain_up_ref() doesn&#39;t just up the reference count of each certificate it also returns a copy of the stack, using sk_X509_dup(), but it serves a similar purpose: the returned chain persists after the original has been freed.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>. Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_up_ref() returns 1 for success and 0 for failure.</p>
+
+<p>X509_chain_up_ref() returns a copy of the stack or <b>NULL</b> if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_verify.html b/msys2/usr/share/doc/openssl/html/man3/X509_verify.html
new file mode 100644
index 000000000..2f90a57e0
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_verify.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_sign</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_sign, X509_sign_ctx, X509_verify, X509_REQ_sign, X509_REQ_sign_ctx, X509_REQ_verify, X509_CRL_sign, X509_CRL_sign_ctx, X509_CRL_verify - sign or verify certificate, certificate request or CRL signature</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+ int X509_verify(X509 *a, EVP_PKEY *r);
+
+ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+
+ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+ int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509_sign() signs certificate <b>x</b> using private key <b>pkey</b> and message digest <b>md</b> and sets the signature in <b>x</b>. X509_sign_ctx() also signs certificate <b>x</b> but uses the parameters contained in digest context <b>ctx</b>.</p>
+
+<p>X509_verify() verifies the signature of certificate <b>x</b> using public key <b>pkey</b>. Only the signature is checked: no other checks (such as certificate chain validity) are performed.</p>
+
+<p>X509_REQ_sign(), X509_REQ_sign_ctx(), X509_REQ_verify(), X509_CRL_sign(), X509_CRL_sign_ctx() and X509_CRL_verify() sign and verify certificate requests and CRLs respectively.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>X509_sign_ctx() is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example.</p>
+
+<p>For efficiency reasons and to work around ASN.1 encoding issues the encoding of the signed portion of a certificate, certificate request and CRL is cached internally. If the signed portion of the structure is modified the encoding is not always updated meaning a stale version is sometimes used. This is not normally a problem because modifying the signed portion will invalidate the signature and signing will always update the encoding.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), X509_CRL_sign() and X509_CRL_sign_ctx() return the size of the signature in bytes for success and zero for failure.</p>
+
+<p>X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The X509_sign(), X509_REQ_sign() and X509_CRL_sign() functions are available in all versions of OpenSSL.</p>
+
+<p>The X509_sign_ctx(), X509_REQ_sign_ctx() and X509_CRL_sign_ctx() functions were added OpenSSL 1.0.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_verify_cert.html b/msys2/usr/share/doc/openssl/html/man3/X509_verify_cert.html
new file mode 100644
index 000000000..48e1c0103
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_verify_cert.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_verify_cert</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_verify_cert - discover and verify X509 certificate chain</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509_verify_cert(X509_STORE_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509_verify_cert() function attempts to discover and validate a certificate chain based on parameters in <b>ctx</b>. A complete description of the process is contained in the <a href="../man1/verify.html">verify(1)</a> manual page.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If a complete chain can be built and validated this function returns 1, otherwise it return zero, in exceptional circumstances it can also return a negative code.</p>
+
+<p>If the function fails additional error information can be obtained by examining <b>ctx</b> using, for example X509_STORE_CTX_get_error().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Applications rarely call this function directly but it is used by OpenSSL internally for certificate validation, in both the S/MIME and SSL/TLS code.</p>
+
+<p>A negative return value from X509_verify_cert() can occur if it is invoked incorrectly, such as with no certificate set in <b>ctx</b>, or when it is called twice in succession without reinitialising <b>ctx</b> for the second call. A negative return value can also happen due to internal resource problems or if a retry operation is requested during internal lookups (which never happens with standard lookup methods). Applications must check for &lt;= 0 return value on error.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>This function uses the header <b>x509.h</b> as opposed to most chain verification functions which use <b>x509_vfy.h</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_STORE_CTX_get_error.html">X509_STORE_CTX_get_error(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509_verify_cert_error_string.html b/msys2/usr/share/doc/openssl/html/man3/X509_verify_cert_error_string.html
new file mode 100644
index 000000000..d9e1e0d7e
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509_verify_cert_error_string.html
@@ -0,0 +1,374 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_STORE_CTX_get_error</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#ERROR-CODES">ERROR CODES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions are typically called after X509_verify_cert() has indicated an error or in a verification callback to determine the nature of an error.</p>
+
+<p>X509_STORE_CTX_get_error() returns the error code of <b>ctx</b>, see the <b>ERROR CODES</b> section for a full description of all error codes.</p>
+
+<p>X509_STORE_CTX_set_error() sets the error code of <b>ctx</b> to <b>s</b>. For example it might be used in a verification callback to set an error based on additional checks.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns the <b>depth</b> of the error. This is a non-negative integer representing where in the certificate chain the error occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on.</p>
+
+<p>X509_STORE_CTX_set_error_depth() sets the error <b>depth</b>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate in <b>ctx</b> which caused the error or <b>NULL</b> if no certificate is relevant.</p>
+
+<p>X509_STORE_CTX_set_current_cert() sets the certificate <b>x</b> in <b>ctx</b> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>. Once such a <i>saved</i> certificate is no longer needed it can be freed with <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<p>X509_STORE_CTX_get0_cert() retrieves an internal pointer to the certificate being verified by the <b>ctx</b>.</p>
+
+<p>X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is <b>not</b> successful the returned chain may be incomplete or invalid. The returned chain persists after the <b>ctx</b> structure is freed, when it is no longer needed it should be free up using:</p>
+
+<pre><code> sk_X509_pop_free(chain, X509_free);</code></pre>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509_STORE_CTX_get_error() returns <b>X509_V_OK</b> or an error code.</p>
+
+<p>X509_STORE_CTX_get_error_depth() returns a non-negative error depth.</p>
+
+<p>X509_STORE_CTX_get_current_cert() returns the certificate which caused the error or <b>NULL</b> if no certificate is relevant to the error.</p>
+
+<p>X509_verify_cert_error_string() returns a human readable error string for verification error <b>n</b>.</p>
+
+<h1 id="ERROR-CODES">ERROR CODES</h1>
+
+<p>A list of error codes and messages is shown below. Some of the error codes are defined but currently never returned: these are described as &quot;unused&quot;.</p>
+
+<dl>
+
+<dt id="X509_V_OK:-ok"><b>X509_V_OK: ok</b></dt>
+<dd>
+
+<p>the operation was successful.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:-unable-to-get-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_CRL:-unable-to-get-certificate-CRL"><b>X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL</b></dt>
+<dd>
+
+<p>the CRL of a certificate could not be found.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:-unable-to-decrypt-certificates-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate&#39;s signature</b></dt>
+<dd>
+
+<p>the certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:-unable-to-decrypt-CRLs-signature"><b>X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL&#39;s signature</b></dt>
+<dd>
+
+<p>the CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:-unable-to-decode-issuer-public-key"><b>X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key</b></dt>
+<dd>
+
+<p>the public key in the certificate SubjectPublicKeyInfo could not be read.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_SIGNATURE_FAILURE:-certificate-signature-failure"><b>X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_SIGNATURE_FAILURE:-CRL-signature-failure"><b>X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure</b></dt>
+<dd>
+
+<p>the signature of the certificate is invalid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_NOT_YET_VALID:-certificate-is-not-yet-valid"><b>X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid</b></dt>
+<dd>
+
+<p>the certificate is not yet valid: the notBefore date is after the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_HAS_EXPIRED:-certificate-has-expired"><b>X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired</b></dt>
+<dd>
+
+<p>the certificate has expired: that is the notAfter date is before the current time.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_NOT_YET_VALID:-CRL-is-not-yet-valid"><b>X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid</b></dt>
+<dd>
+
+<p>the CRL is not yet valid.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_HAS_EXPIRED:-CRL-has-expired"><b>X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired</b></dt>
+<dd>
+
+<p>the CRL has expired.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:-format-error-in-certificates-notBefore-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate&#39;s notBefore field</b></dt>
+<dd>
+
+<p>the certificate notBefore field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:-format-error-in-certificates-notAfter-field"><b>X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate&#39;s notAfter field</b></dt>
+<dd>
+
+<p>the certificate notAfter field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:-format-error-in-CRLs-lastUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL&#39;s lastUpdate field</b></dt>
+<dd>
+
+<p>the CRL lastUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:-format-error-in-CRLs-nextUpdate-field"><b>X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL&#39;s nextUpdate field</b></dt>
+<dd>
+
+<p>the CRL nextUpdate field contains an invalid time.</p>
+
+</dd>
+<dt id="X509_V_ERR_OUT_OF_MEM:-out-of-memory"><b>X509_V_ERR_OUT_OF_MEM: out of memory</b></dt>
+<dd>
+
+<p>an error occurred trying to allocate memory. This should never happen.</p>
+
+</dd>
+<dt id="X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:-self-signed-certificate"><b>X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate</b></dt>
+<dd>
+
+<p>the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.</p>
+
+</dd>
+<dt id="X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:-self-signed-certificate-in-certificate-chain"><b>X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain</b></dt>
+<dd>
+
+<p>the certificate chain could be built up using the untrusted certificates but the root could not be found locally.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:-unable-to-get-local-issuer-certificate"><b>X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate</b></dt>
+<dd>
+
+<p>the issuer certificate of a locally looked up certificate could not be found. This normally means the list of trusted certificates is not complete.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:-unable-to-verify-the-first-certificate"><b>X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate</b></dt>
+<dd>
+
+<p>no signatures could be verified because the chain contains only one certificate and it is not self signed.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_CHAIN_TOO_LONG:-certificate-chain-too-long"><b>X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long</b></dt>
+<dd>
+
+<p>the certificate chain length is greater than the supplied maximum depth. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REVOKED:-certificate-revoked"><b>X509_V_ERR_CERT_REVOKED: certificate revoked</b></dt>
+<dd>
+
+<p>the certificate has been revoked.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_CA:-invalid-CA-certificate"><b>X509_V_ERR_INVALID_CA: invalid CA certificate</b></dt>
+<dd>
+
+<p>a CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_PATH_LENGTH_EXCEEDED:-path-length-constraint-exceeded"><b>X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded</b></dt>
+<dd>
+
+<p>the basicConstraints path-length parameter has been exceeded.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_PURPOSE:-unsupported-certificate-purpose"><b>X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose</b></dt>
+<dd>
+
+<p>the supplied certificate cannot be used for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_UNTRUSTED:-certificate-not-trusted"><b>X509_V_ERR_CERT_UNTRUSTED: certificate not trusted</b></dt>
+<dd>
+
+<p>the root CA is not marked as trusted for the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_CERT_REJECTED:-certificate-rejected"><b>X509_V_ERR_CERT_REJECTED: certificate rejected</b></dt>
+<dd>
+
+<p>the root CA is marked to reject the specified purpose.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBJECT_ISSUER_MISMATCH:-subject-issuer-mismatch"><b>X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_SKID_MISMATCH:-authority-and-subject-key-identifier-mismatch"><b>X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:-authority-and-issuer-serial-number-mismatch"><b>X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key-usage-does-not-include-certificate-signing"><b>X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing</b></dt>
+<dd>
+
+<p>the current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing. This is only set if issuer check debugging is enabled it is used for status notification and is <b>not</b> in itself an error.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_EXTENSION:-invalid-or-inconsistent-certificate-extension"><b>X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension</b></dt>
+<dd>
+
+<p>A certificate extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions.</p>
+
+</dd>
+<dt id="X509_V_ERR_INVALID_POLICY_EXTENSION:-invalid-or-inconsistent-certificate-policy-extension"><b>X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension</b></dt>
+<dd>
+
+<p>A certificate policies extension had an invalid value (for example an incorrect encoding) or some value inconsistent with other extensions. This error only occurs if policy processing is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_NO_EXPLICIT_POLICY:-no-explicit-policy"><b>X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy</b></dt>
+<dd>
+
+<p>The verification flags were set to require and explicit policy but none was present.</p>
+
+</dd>
+<dt id="X509_V_ERR_DIFFERENT_CRL_SCOPE:-Different-CRL-scope"><b>X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope</b></dt>
+<dd>
+
+<p>The only CRLs that could be found did not match the scope of the certificate.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:-Unsupported-extension-feature"><b>X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature</b></dt>
+<dd>
+
+<p>Some feature of a certificate extension is not supported. Unused.</p>
+
+</dd>
+<dt id="X509_V_ERR_PERMITTED_VIOLATION:-permitted-subtree-violation"><b>X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the permitted subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_EXCLUDED_VIOLATION:-excluded-subtree-violation"><b>X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation</b></dt>
+<dd>
+
+<p>A name constraint violation occurred in the excluded subtrees.</p>
+
+</dd>
+<dt id="X509_V_ERR_SUBTREE_MINMAX:-name-constraints-minimum-and-maximum-not-supported"><b>X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported</b></dt>
+<dd>
+
+<p>A certificate name constraints extension included a minimum or maximum field: this is not supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:-unsupported-name-constraint-type"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type</b></dt>
+<dd>
+
+<p>An unsupported name constraint type was encountered. OpenSSL currently only supports directory name, DNS name, email and URI types.</p>
+
+</dd>
+<dt id="X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:-unsupported-or-invalid-name-constraint-syntax"><b>X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax</b></dt>
+<dd>
+
+<p>The format of the name constraint is not recognised: for example an email address format of a form not mentioned in RFC3280. This could be caused by a garbage extension or some new feature not currently supported.</p>
+
+</dd>
+<dt id="X509_V_ERR_CRL_PATH_VALIDATION_ERROR:-CRL-path-validation-error"><b>X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error</b></dt>
+<dd>
+
+<p>An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled.</p>
+
+</dd>
+<dt id="X509_V_ERR_APPLICATION_VERIFICATION:-application-verification-failure"><b>X509_V_ERR_APPLICATION_VERIFICATION: application verification failure</b></dt>
+<dd>
+
+<p>an application specific error. This will never be returned unless explicitly set by an application.</p>
+
+</dd>
+</dl>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The above functions should be used instead of directly referencing the fields in the <b>X509_VERIFY_CTX</b> structure.</p>
+
+<p>In versions of OpenSSL before 1.0 the current certificate returned by X509_STORE_CTX_get_current_cert() was never <b>NULL</b>. Applications should check the return value before printing out any debugging information relating to the current certificate.</p>
+
+<p>If an unrecognised error code is passed to X509_verify_cert_error_string() the numerical value of the unknown code is returned in a static buffer. This is not thread safe but will never happen unless an invalid code is passed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a>, <a href="../man3/X509_up_ref.html">X509_up_ref(3)</a>, <a href="../man3/X509_free.html">X509_free(3)</a>.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509v3_add_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509v3_add_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509v3_add_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509v3_delete_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509v3_delete_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509v3_delete_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext.html b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_NID.html b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_NID.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_NID.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_OBJ.html b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_OBJ.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_OBJ.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_critical.html b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_critical.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_by_critical.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_count.html b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_count.html
new file mode 100644
index 000000000..44ec341d3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/X509v3_get_ext_count.html
@@ -0,0 +1,123 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509v3_get_ext_by_NID</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, X509v3_add_ext, X509_get_ext_count, X509_get_ext, X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, X509_REVOKED_add_ext - extension stack utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+ X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+
+ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                           int nid, int lastpos);
+ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                           const ASN1_OBJECT *obj, int lastpos);
+ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                                int crit, int lastpos);
+ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                          X509_EXTENSION *ex, int loc);
+
+ int X509_get_ext_count(const X509 *x);
+ X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+ int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+ int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+ int X509_CRL_get_ext_count(const X509_CRL *x);
+ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+ int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+ int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
+ int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+ int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+ int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+ int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+ int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+                                 int lastpos);
+ int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
+ X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>X509v3_get_ext_count() retrieves the number of extensions in <b>x</b>.</p>
+
+<p>X509v3_get_ext() retrieves extension <b>loc</b> from <b>x</b>. The index <b>loc</b> can take any value from <b>0</b> to X509_get_ext_count(x) - 1. The returned extension is an internal pointer which <b>must not</b> be freed up by the application.</p>
+
+<p>X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension with <b>nid</b> or <b>obj</b> from extension stack <b>x</b>. The search starts from the extension after <b>lastpos</b> or from the beginning if &lt;lastpos&gt; is <b>-1</b>. If the extension is found its index is returned otherwise <b>-1</b> is returned.</p>
+
+<p>X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it looks for an extension of criticality <b>crit</b>. A zero value for <b>crit</b> looks for a non-critical extension a non-zero value looks for a critical extension.</p>
+
+<p>X509v3_delete_ext() deletes the extension with index <b>loc</b> from <b>x</b>. The deleted extension is returned and must be freed by the caller. If <b>loc</b> is in invalid index value <b>NULL</b> is returned.</p>
+
+<p>X509v3_add_ext() adds extension <b>ex</b> to stack <b>*x</b> at position <b>loc</b>. If <b>loc</b> is <b>-1</b> the new extension is added to the end. If <b>*x</b> is <b>NULL</b> a new stack will be allocated. The passed extension <b>ex</b> is duplicated internally so it must be freed after use.</p>
+
+<p>X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() and X509_add_ext() operate on the extensions of certificate <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of CRL <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<p>X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and X509_REVOKED_add_ext() operate on the extensions of CRL entry <b>x</b> they are otherwise identical to the X509v3 functions.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are used to examine stacks of extensions directly. Many applications will want to parse or encode and add an extension: they should use the extension encode and decode functions instead such as X509_add1_ext_i2d() and X509_get_ext_d2i().</p>
+
+<p>Extension indices start from zero, so a zero index return value is <b>not</b> an error. These search functions start from the extension <b>after</b> the <b>lastpos</b> parameter so it should initially be set to <b>-1</b>, if it is set to zero the initial extension will not be checked.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>X509v3_get_ext_count() returns the extension count.</p>
+
+<p>X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an <b>X509_EXTENSION</b> pointer or <b>NULL</b> if an error occurs.</p>
+
+<p>X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and X509v3_get_ext_by_critical() return the an extension index or <b>-1</b> if an error occurs.</p>
+
+<p>X509v3_add_ext() returns a stack of extensions or <b>NULL</b> on error.</p>
+
+<p>X509_add_ext() returns 1 on success and 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/custom_ext_add_cb.html b/msys2/usr/share/doc/openssl/html/man3/custom_ext_add_cb.html
new file mode 100644
index 000000000..9df0f6450
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/custom_ext_add_cb.html
@@ -0,0 +1,261 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_extension_supported</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#EXTENSION-CALLBACKS">EXTENSION CALLBACKS</a></li>
+  <li><a href="#EXTENSION-CONTEXTS">EXTENSION CONTEXTS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_extension_supported, SSL_CTX_add_custom_ext, SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext, custom_ext_add_cb, custom_ext_free_cb, custom_ext_parse_cb - custom TLS extension handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_custom_ext_add_cb_ex) (SSL *s, unsigned int ext_type,
+                                          unsigned int context,
+                                          const unsigned char **out,
+                                          size_t *outlen, X509 *x,
+                                          size_t chainidx, int *al,
+                                          void *add_arg);
+
+ typedef void (*SSL_custom_ext_free_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *out,
+                                            void *add_arg);
+
+ typedef int (*SSL_custom_ext_parse_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *in,
+                                            size_t inlen, X509 *x,
+                                            size_t chainidx, int *al,
+                                            void *parse_arg);
+
+ int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                            unsigned int context,
+                            SSL_custom_ext_add_cb_ex add_cb,
+                            SSL_custom_ext_free_cb_ex free_cb,
+                            void *add_arg,
+                            SSL_custom_ext_parse_cb_ex parse_cb,
+                            void *parse_arg);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+                                  const unsigned char **out,
+                                  size_t *outlen, int *al,
+                                  void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *out,
+                                    void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *in,
+                                    size_t inlen, int *al,
+                                    void *parse_arg);
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_custom_ext() adds a custom extension for a TLS/DTLS client or server for all supported protocol versions with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b> (see the <a href="#EXTENSION-CALLBACKS">&quot;EXTENSION CALLBACKS&quot;</a> section below). The <b>context</b> value determines which messages and under what conditions the extension will be added/parsed (see the <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> section below).</p>
+
+<p>SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS/DTLS client with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to clients, uses the older style of callbacks, and implicitly sets the <b>context</b> value to:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS/DTLS server with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to servers, uses the older style of callbacks, and implicitly sets the <b>context</b> value to the same as for SSL_CTX_add_client_custom_ext() above.</p>
+
+<p>The <b>ext_type</b> parameter corresponds to the <b>extension_type</b> field of RFC5246 et al. It is <b>not</b> a NID. In all cases the extension type must not be handled by OpenSSL internally or an error occurs.</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="EXTENSION-CALLBACKS">EXTENSION CALLBACKS</h1>
+
+<p>The callback <b>add_cb</b> is called to send custom extension data to be included in various TLS messages. The <b>ext_type</b> parameter is set to the extension type which will be added and <b>add_arg</b> to the value set when the extension handler was added. When using the new style callbacks the <b>context</b> parameter will indicate which message is currently being constructed e.g. for the ClientHello it will be set to <b>SSL_EXT_CLIENT_HELLO</b>.</p>
+
+<p>If the application wishes to include the extension <b>ext_type</b> it should set <b>*out</b> to the extension data, set <b>*outlen</b> to the length of the extension data and return 1.</p>
+
+<p>If the <b>add_cb</b> does not wish to include the extension it must return 0.</p>
+
+<p>If <b>add_cb</b> returns -1 a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>When constructing the ClientHello, if <b>add_cb</b> is set to NULL a zero length extension is added for <b>ext_type</b>. For all other messages if <b>add_cb</b> is set to NULL then no extension is added.</p>
+
+<p>When constructing a Certificate message the callback will be called for each certificate in the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0. The certificates are in the order that they were received in the Certificate message.</p>
+
+<p>For all messages except the ServerHello and EncryptedExtensions every registered <b>add_cb</b> is always called to see if the application wishes to add an extension (as long as all requirements of the specified <b>context</b> are met).</p>
+
+<p>For the ServerHello and EncryptedExtension messages every registered <b>add_cb</b> is called once if and only if the requirements of the specified <b>context</b> are met and the corresponding extension was received in the ClientHello. That is, if no corresponding extension was received in the ClientHello then <b>add_cb</b> will not be called.</p>
+
+<p>If an extension is added (that is <b>add_cb</b> returns 1) <b>free_cb</b> is called (if it is set) with the value of <b>out</b> set by the add callback. It can be used to free up any dynamic extension data set by <b>add_cb</b>. Since <b>out</b> is constant (to permit use of constant data in <b>add_cb</b>) applications may need to cast away const to free the data.</p>
+
+<p>The callback <b>parse_cb</b> receives data for TLS extensions. The callback is only called if the extension is present and relevant for the context (see <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> below).</p>
+
+<p>The extension data consists of <b>inlen</b> bytes in the buffer <b>in</b> for the extension <b>ext_type</b>.</p>
+
+<p>If the message being parsed is a TLSv1.3 compatible Certificate message then <b>parse_cb</b> will be called for each certificate contained within the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0.</p>
+
+<p>If the <b>parse_cb</b> considers the extension data acceptable it must return 1. If it returns 0 or a negative value a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>The buffer <b>in</b> is a temporary internal buffer which will not be valid after the callback returns.</p>
+
+<h1 id="EXTENSION-CONTEXTS">EXTENSION CONTEXTS</h1>
+
+<p>An extension context defines which messages and under which conditions an extension should be added or expected. The context is built up by performing a bitwise OR of multiple pre-defined values together. The valid context values are:</p>
+
+<dl>
+
+<dt id="SSL_EXT_TLS_ONLY">SSL_EXT_TLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in TLS</p>
+
+</dd>
+<dt id="SSL_EXT_DTLS_ONLY">SSL_EXT_DTLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in DTLS</p>
+
+</dd>
+<dt id="SSL_EXT_TLS_IMPLEMENTATION_ONLY">SSL_EXT_TLS_IMPLEMENTATION_ONLY</dt>
+<dd>
+
+<p>The extension is allowed in DTLS, but there is only a TLS implementation available (so it is ignored in DTLS).</p>
+
+</dd>
+<dt id="SSL_EXT_SSL3_ALLOWED">SSL_EXT_SSL3_ALLOWED</dt>
+<dd>
+
+<p>Extensions are not typically defined for SSLv3. Setting this value will allow the extension in SSLv3. Applications will not typically need to use this.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_AND_BELOW_ONLY">SSL_EXT_TLS1_2_AND_BELOW_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLSv1.2/DTLSv1.2 and below. Servers will ignore this extension if it is present in the ClientHello and TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ONLY">SSL_EXT_TLS1_3_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLS1.3 and above. Servers will ignore this extension if it is present in the ClientHello and TLSv1.2 or below is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_IGNORE_ON_RESUMPTION">SSL_EXT_IGNORE_ON_RESUMPTION</dt>
+<dd>
+
+<p>The extension will be ignored during parsing if a previous session is being successfully resumed.</p>
+
+</dd>
+<dt id="SSL_EXT_CLIENT_HELLO">SSL_EXT_CLIENT_HELLO</dt>
+<dd>
+
+<p>The extension may be present in the ClientHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_SERVER_HELLO">SSL_EXT_TLS1_2_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.2 or below compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_SERVER_HELLO">SSL_EXT_TLS1_3_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS">SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS</dt>
+<dd>
+
+<p>The extension may be present in an EncryptedExtensions message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST">SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a HelloRetryRequest message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE">SSL_EXT_TLS1_3_CERTIFICATE</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible Certificate message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_NEW_SESSION_TICKET">SSL_EXT_TLS1_3_NEW_SESSION_TICKET</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible NewSessionTicket message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE_REQUEST">SSL_EXT_TLS1_3_CERTIFICATE_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible CertificateRequest message.</p>
+
+</dd>
+</dl>
+
+<p>The context must include at least one message value (otherwise the extension will never be used).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>add_arg</b> and <b>parse_arg</b> parameters can be set to arbitrary values which will be passed to the corresponding callbacks. They can, for example, be used to store the extension data received in a convenient structure or pass the extension data to be added or freed when adding extensions.</p>
+
+<p>If the same custom extension type is received multiple times a fatal <b>decode_error</b> alert is sent and the handshake aborts. If a custom extension is received in a ServerHello/EncryptedExtensions message which was not sent in the ClientHello a fatal <b>unsupported_extension</b> alert is sent and the handshake is aborted. The ServerHello/EncryptedExtensions <b>add_cb</b> callback is only called if the corresponding extension was received in the ClientHello. This is compliant with the TLS specifications. This behaviour ensures that each callback is called at most once and that an application can never send unsolicited extensions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_custom_ext(), SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 for success and 0 for failure. A failure can occur if an attempt is made to add the same <b>ext_type</b> more than once, if an attempt is made to use an extension type handled internally by OpenSSL or if an internal error occurs (for example a memory allocation failure).</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_add_custom_ext() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/custom_ext_free_cb.html b/msys2/usr/share/doc/openssl/html/man3/custom_ext_free_cb.html
new file mode 100644
index 000000000..9df0f6450
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/custom_ext_free_cb.html
@@ -0,0 +1,261 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_extension_supported</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#EXTENSION-CALLBACKS">EXTENSION CALLBACKS</a></li>
+  <li><a href="#EXTENSION-CONTEXTS">EXTENSION CONTEXTS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_extension_supported, SSL_CTX_add_custom_ext, SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext, custom_ext_add_cb, custom_ext_free_cb, custom_ext_parse_cb - custom TLS extension handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_custom_ext_add_cb_ex) (SSL *s, unsigned int ext_type,
+                                          unsigned int context,
+                                          const unsigned char **out,
+                                          size_t *outlen, X509 *x,
+                                          size_t chainidx, int *al,
+                                          void *add_arg);
+
+ typedef void (*SSL_custom_ext_free_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *out,
+                                            void *add_arg);
+
+ typedef int (*SSL_custom_ext_parse_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *in,
+                                            size_t inlen, X509 *x,
+                                            size_t chainidx, int *al,
+                                            void *parse_arg);
+
+ int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                            unsigned int context,
+                            SSL_custom_ext_add_cb_ex add_cb,
+                            SSL_custom_ext_free_cb_ex free_cb,
+                            void *add_arg,
+                            SSL_custom_ext_parse_cb_ex parse_cb,
+                            void *parse_arg);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+                                  const unsigned char **out,
+                                  size_t *outlen, int *al,
+                                  void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *out,
+                                    void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *in,
+                                    size_t inlen, int *al,
+                                    void *parse_arg);
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_custom_ext() adds a custom extension for a TLS/DTLS client or server for all supported protocol versions with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b> (see the <a href="#EXTENSION-CALLBACKS">&quot;EXTENSION CALLBACKS&quot;</a> section below). The <b>context</b> value determines which messages and under what conditions the extension will be added/parsed (see the <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> section below).</p>
+
+<p>SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS/DTLS client with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to clients, uses the older style of callbacks, and implicitly sets the <b>context</b> value to:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS/DTLS server with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to servers, uses the older style of callbacks, and implicitly sets the <b>context</b> value to the same as for SSL_CTX_add_client_custom_ext() above.</p>
+
+<p>The <b>ext_type</b> parameter corresponds to the <b>extension_type</b> field of RFC5246 et al. It is <b>not</b> a NID. In all cases the extension type must not be handled by OpenSSL internally or an error occurs.</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="EXTENSION-CALLBACKS">EXTENSION CALLBACKS</h1>
+
+<p>The callback <b>add_cb</b> is called to send custom extension data to be included in various TLS messages. The <b>ext_type</b> parameter is set to the extension type which will be added and <b>add_arg</b> to the value set when the extension handler was added. When using the new style callbacks the <b>context</b> parameter will indicate which message is currently being constructed e.g. for the ClientHello it will be set to <b>SSL_EXT_CLIENT_HELLO</b>.</p>
+
+<p>If the application wishes to include the extension <b>ext_type</b> it should set <b>*out</b> to the extension data, set <b>*outlen</b> to the length of the extension data and return 1.</p>
+
+<p>If the <b>add_cb</b> does not wish to include the extension it must return 0.</p>
+
+<p>If <b>add_cb</b> returns -1 a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>When constructing the ClientHello, if <b>add_cb</b> is set to NULL a zero length extension is added for <b>ext_type</b>. For all other messages if <b>add_cb</b> is set to NULL then no extension is added.</p>
+
+<p>When constructing a Certificate message the callback will be called for each certificate in the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0. The certificates are in the order that they were received in the Certificate message.</p>
+
+<p>For all messages except the ServerHello and EncryptedExtensions every registered <b>add_cb</b> is always called to see if the application wishes to add an extension (as long as all requirements of the specified <b>context</b> are met).</p>
+
+<p>For the ServerHello and EncryptedExtension messages every registered <b>add_cb</b> is called once if and only if the requirements of the specified <b>context</b> are met and the corresponding extension was received in the ClientHello. That is, if no corresponding extension was received in the ClientHello then <b>add_cb</b> will not be called.</p>
+
+<p>If an extension is added (that is <b>add_cb</b> returns 1) <b>free_cb</b> is called (if it is set) with the value of <b>out</b> set by the add callback. It can be used to free up any dynamic extension data set by <b>add_cb</b>. Since <b>out</b> is constant (to permit use of constant data in <b>add_cb</b>) applications may need to cast away const to free the data.</p>
+
+<p>The callback <b>parse_cb</b> receives data for TLS extensions. The callback is only called if the extension is present and relevant for the context (see <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> below).</p>
+
+<p>The extension data consists of <b>inlen</b> bytes in the buffer <b>in</b> for the extension <b>ext_type</b>.</p>
+
+<p>If the message being parsed is a TLSv1.3 compatible Certificate message then <b>parse_cb</b> will be called for each certificate contained within the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0.</p>
+
+<p>If the <b>parse_cb</b> considers the extension data acceptable it must return 1. If it returns 0 or a negative value a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>The buffer <b>in</b> is a temporary internal buffer which will not be valid after the callback returns.</p>
+
+<h1 id="EXTENSION-CONTEXTS">EXTENSION CONTEXTS</h1>
+
+<p>An extension context defines which messages and under which conditions an extension should be added or expected. The context is built up by performing a bitwise OR of multiple pre-defined values together. The valid context values are:</p>
+
+<dl>
+
+<dt id="SSL_EXT_TLS_ONLY">SSL_EXT_TLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in TLS</p>
+
+</dd>
+<dt id="SSL_EXT_DTLS_ONLY">SSL_EXT_DTLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in DTLS</p>
+
+</dd>
+<dt id="SSL_EXT_TLS_IMPLEMENTATION_ONLY">SSL_EXT_TLS_IMPLEMENTATION_ONLY</dt>
+<dd>
+
+<p>The extension is allowed in DTLS, but there is only a TLS implementation available (so it is ignored in DTLS).</p>
+
+</dd>
+<dt id="SSL_EXT_SSL3_ALLOWED">SSL_EXT_SSL3_ALLOWED</dt>
+<dd>
+
+<p>Extensions are not typically defined for SSLv3. Setting this value will allow the extension in SSLv3. Applications will not typically need to use this.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_AND_BELOW_ONLY">SSL_EXT_TLS1_2_AND_BELOW_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLSv1.2/DTLSv1.2 and below. Servers will ignore this extension if it is present in the ClientHello and TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ONLY">SSL_EXT_TLS1_3_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLS1.3 and above. Servers will ignore this extension if it is present in the ClientHello and TLSv1.2 or below is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_IGNORE_ON_RESUMPTION">SSL_EXT_IGNORE_ON_RESUMPTION</dt>
+<dd>
+
+<p>The extension will be ignored during parsing if a previous session is being successfully resumed.</p>
+
+</dd>
+<dt id="SSL_EXT_CLIENT_HELLO">SSL_EXT_CLIENT_HELLO</dt>
+<dd>
+
+<p>The extension may be present in the ClientHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_SERVER_HELLO">SSL_EXT_TLS1_2_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.2 or below compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_SERVER_HELLO">SSL_EXT_TLS1_3_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS">SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS</dt>
+<dd>
+
+<p>The extension may be present in an EncryptedExtensions message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST">SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a HelloRetryRequest message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE">SSL_EXT_TLS1_3_CERTIFICATE</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible Certificate message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_NEW_SESSION_TICKET">SSL_EXT_TLS1_3_NEW_SESSION_TICKET</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible NewSessionTicket message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE_REQUEST">SSL_EXT_TLS1_3_CERTIFICATE_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible CertificateRequest message.</p>
+
+</dd>
+</dl>
+
+<p>The context must include at least one message value (otherwise the extension will never be used).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>add_arg</b> and <b>parse_arg</b> parameters can be set to arbitrary values which will be passed to the corresponding callbacks. They can, for example, be used to store the extension data received in a convenient structure or pass the extension data to be added or freed when adding extensions.</p>
+
+<p>If the same custom extension type is received multiple times a fatal <b>decode_error</b> alert is sent and the handshake aborts. If a custom extension is received in a ServerHello/EncryptedExtensions message which was not sent in the ClientHello a fatal <b>unsupported_extension</b> alert is sent and the handshake is aborted. The ServerHello/EncryptedExtensions <b>add_cb</b> callback is only called if the corresponding extension was received in the ClientHello. This is compliant with the TLS specifications. This behaviour ensures that each callback is called at most once and that an application can never send unsolicited extensions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_custom_ext(), SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 for success and 0 for failure. A failure can occur if an attempt is made to add the same <b>ext_type</b> more than once, if an attempt is made to use an extension type handled internally by OpenSSL or if an internal error occurs (for example a memory allocation failure).</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_add_custom_ext() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/custom_ext_parse_cb.html b/msys2/usr/share/doc/openssl/html/man3/custom_ext_parse_cb.html
new file mode 100644
index 000000000..9df0f6450
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/custom_ext_parse_cb.html
@@ -0,0 +1,261 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_extension_supported</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#EXTENSION-CALLBACKS">EXTENSION CALLBACKS</a></li>
+  <li><a href="#EXTENSION-CONTEXTS">EXTENSION CONTEXTS</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SSL_extension_supported, SSL_CTX_add_custom_ext, SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext, custom_ext_add_cb, custom_ext_free_cb, custom_ext_parse_cb - custom TLS extension handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*SSL_custom_ext_add_cb_ex) (SSL *s, unsigned int ext_type,
+                                          unsigned int context,
+                                          const unsigned char **out,
+                                          size_t *outlen, X509 *x,
+                                          size_t chainidx, int *al,
+                                          void *add_arg);
+
+ typedef void (*SSL_custom_ext_free_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *out,
+                                            void *add_arg);
+
+ typedef int (*SSL_custom_ext_parse_cb_ex) (SSL *s, unsigned int ext_type,
+                                            unsigned int context,
+                                            const unsigned char *in,
+                                            size_t inlen, X509 *x,
+                                            size_t chainidx, int *al,
+                                            void *parse_arg);
+
+ int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                            unsigned int context,
+                            SSL_custom_ext_add_cb_ex add_cb,
+                            SSL_custom_ext_free_cb_ex free_cb,
+                            void *add_arg,
+                            SSL_custom_ext_parse_cb_ex parse_cb,
+                            void *parse_arg);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+                                  const unsigned char **out,
+                                  size_t *outlen, int *al,
+                                  void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *out,
+                                    void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+                                    const unsigned char *in,
+                                    size_t inlen, int *al,
+                                    void *parse_arg);
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                   custom_ext_add_cb add_cb,
+                                   custom_ext_free_cb free_cb, void *add_arg,
+                                   custom_ext_parse_cb parse_cb,
+                                   void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_CTX_add_custom_ext() adds a custom extension for a TLS/DTLS client or server for all supported protocol versions with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b> (see the <a href="#EXTENSION-CALLBACKS">&quot;EXTENSION CALLBACKS&quot;</a> section below). The <b>context</b> value determines which messages and under what conditions the extension will be added/parsed (see the <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> section below).</p>
+
+<p>SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS/DTLS client with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to clients, uses the older style of callbacks, and implicitly sets the <b>context</b> value to:</p>
+
+<pre><code> SSL_EXT_TLS1_2_AND_BELOW_ONLY | SSL_EXT_CLIENT_HELLO
+ | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_IGNORE_ON_RESUMPTION</code></pre>
+
+<p>SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS/DTLS server with extension type <b>ext_type</b> and callbacks <b>add_cb</b>, <b>free_cb</b> and <b>parse_cb</b>. This function is similar to SSL_CTX_add_custom_ext() except it only applies to servers, uses the older style of callbacks, and implicitly sets the <b>context</b> value to the same as for SSL_CTX_add_client_custom_ext() above.</p>
+
+<p>The <b>ext_type</b> parameter corresponds to the <b>extension_type</b> field of RFC5246 et al. It is <b>not</b> a NID. In all cases the extension type must not be handled by OpenSSL internally or an error occurs.</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="EXTENSION-CALLBACKS">EXTENSION CALLBACKS</h1>
+
+<p>The callback <b>add_cb</b> is called to send custom extension data to be included in various TLS messages. The <b>ext_type</b> parameter is set to the extension type which will be added and <b>add_arg</b> to the value set when the extension handler was added. When using the new style callbacks the <b>context</b> parameter will indicate which message is currently being constructed e.g. for the ClientHello it will be set to <b>SSL_EXT_CLIENT_HELLO</b>.</p>
+
+<p>If the application wishes to include the extension <b>ext_type</b> it should set <b>*out</b> to the extension data, set <b>*outlen</b> to the length of the extension data and return 1.</p>
+
+<p>If the <b>add_cb</b> does not wish to include the extension it must return 0.</p>
+
+<p>If <b>add_cb</b> returns -1 a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>When constructing the ClientHello, if <b>add_cb</b> is set to NULL a zero length extension is added for <b>ext_type</b>. For all other messages if <b>add_cb</b> is set to NULL then no extension is added.</p>
+
+<p>When constructing a Certificate message the callback will be called for each certificate in the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0. The certificates are in the order that they were received in the Certificate message.</p>
+
+<p>For all messages except the ServerHello and EncryptedExtensions every registered <b>add_cb</b> is always called to see if the application wishes to add an extension (as long as all requirements of the specified <b>context</b> are met).</p>
+
+<p>For the ServerHello and EncryptedExtension messages every registered <b>add_cb</b> is called once if and only if the requirements of the specified <b>context</b> are met and the corresponding extension was received in the ClientHello. That is, if no corresponding extension was received in the ClientHello then <b>add_cb</b> will not be called.</p>
+
+<p>If an extension is added (that is <b>add_cb</b> returns 1) <b>free_cb</b> is called (if it is set) with the value of <b>out</b> set by the add callback. It can be used to free up any dynamic extension data set by <b>add_cb</b>. Since <b>out</b> is constant (to permit use of constant data in <b>add_cb</b>) applications may need to cast away const to free the data.</p>
+
+<p>The callback <b>parse_cb</b> receives data for TLS extensions. The callback is only called if the extension is present and relevant for the context (see <a href="#EXTENSION-CONTEXTS">&quot;EXTENSION CONTEXTS&quot;</a> below).</p>
+
+<p>The extension data consists of <b>inlen</b> bytes in the buffer <b>in</b> for the extension <b>ext_type</b>.</p>
+
+<p>If the message being parsed is a TLSv1.3 compatible Certificate message then <b>parse_cb</b> will be called for each certificate contained within the message. The <b>x</b> parameter will indicate the current certificate and the <b>chainidx</b> parameter will indicate the position of the certificate in the message. The first certificate is always the end entity certificate and has a <b>chainidx</b> value of 0.</p>
+
+<p>If the <b>parse_cb</b> considers the extension data acceptable it must return 1. If it returns 0 or a negative value a fatal handshake error occurs using the TLS alert value specified in <b>*al</b>.</p>
+
+<p>The buffer <b>in</b> is a temporary internal buffer which will not be valid after the callback returns.</p>
+
+<h1 id="EXTENSION-CONTEXTS">EXTENSION CONTEXTS</h1>
+
+<p>An extension context defines which messages and under which conditions an extension should be added or expected. The context is built up by performing a bitwise OR of multiple pre-defined values together. The valid context values are:</p>
+
+<dl>
+
+<dt id="SSL_EXT_TLS_ONLY">SSL_EXT_TLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in TLS</p>
+
+</dd>
+<dt id="SSL_EXT_DTLS_ONLY">SSL_EXT_DTLS_ONLY</dt>
+<dd>
+
+<p>The extension is only allowed in DTLS</p>
+
+</dd>
+<dt id="SSL_EXT_TLS_IMPLEMENTATION_ONLY">SSL_EXT_TLS_IMPLEMENTATION_ONLY</dt>
+<dd>
+
+<p>The extension is allowed in DTLS, but there is only a TLS implementation available (so it is ignored in DTLS).</p>
+
+</dd>
+<dt id="SSL_EXT_SSL3_ALLOWED">SSL_EXT_SSL3_ALLOWED</dt>
+<dd>
+
+<p>Extensions are not typically defined for SSLv3. Setting this value will allow the extension in SSLv3. Applications will not typically need to use this.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_AND_BELOW_ONLY">SSL_EXT_TLS1_2_AND_BELOW_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLSv1.2/DTLSv1.2 and below. Servers will ignore this extension if it is present in the ClientHello and TLSv1.3 is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ONLY">SSL_EXT_TLS1_3_ONLY</dt>
+<dd>
+
+<p>The extension is only defined for TLS1.3 and above. Servers will ignore this extension if it is present in the ClientHello and TLSv1.2 or below is negotiated.</p>
+
+</dd>
+<dt id="SSL_EXT_IGNORE_ON_RESUMPTION">SSL_EXT_IGNORE_ON_RESUMPTION</dt>
+<dd>
+
+<p>The extension will be ignored during parsing if a previous session is being successfully resumed.</p>
+
+</dd>
+<dt id="SSL_EXT_CLIENT_HELLO">SSL_EXT_CLIENT_HELLO</dt>
+<dd>
+
+<p>The extension may be present in the ClientHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_2_SERVER_HELLO">SSL_EXT_TLS1_2_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.2 or below compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_SERVER_HELLO">SSL_EXT_TLS1_3_SERVER_HELLO</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible ServerHello message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS">SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS</dt>
+<dd>
+
+<p>The extension may be present in an EncryptedExtensions message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST">SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a HelloRetryRequest message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE">SSL_EXT_TLS1_3_CERTIFICATE</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible Certificate message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_NEW_SESSION_TICKET">SSL_EXT_TLS1_3_NEW_SESSION_TICKET</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible NewSessionTicket message.</p>
+
+</dd>
+<dt id="SSL_EXT_TLS1_3_CERTIFICATE_REQUEST">SSL_EXT_TLS1_3_CERTIFICATE_REQUEST</dt>
+<dd>
+
+<p>The extension may be present in a TLSv1.3 compatible CertificateRequest message.</p>
+
+</dd>
+</dl>
+
+<p>The context must include at least one message value (otherwise the extension will never be used).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>add_arg</b> and <b>parse_arg</b> parameters can be set to arbitrary values which will be passed to the corresponding callbacks. They can, for example, be used to store the extension data received in a convenient structure or pass the extension data to be added or freed when adding extensions.</p>
+
+<p>If the same custom extension type is received multiple times a fatal <b>decode_error</b> alert is sent and the handshake aborts. If a custom extension is received in a ServerHello/EncryptedExtensions message which was not sent in the ClientHello a fatal <b>unsupported_extension</b> alert is sent and the handshake is aborted. The ServerHello/EncryptedExtensions <b>add_cb</b> callback is only called if the corresponding extension was received in the ClientHello. This is compliant with the TLS specifications. This behaviour ensures that each callback is called at most once and that an application can never send unsolicited extensions.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_CTX_add_custom_ext(), SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 for success and 0 for failure. A failure can occur if an attempt is made to add the same <b>ext_type</b> more than once, if an attempt is made to use an extension type handled internally by OpenSSL or if an internal error occurs (for example a memory allocation failure).</p>
+
+<p>SSL_extension_supported() returns 1 if the extension <b>ext_type</b> is handled internally by OpenSSL and 0 otherwise.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The SSL_CTX_add_custom_ext() function was added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ACCESS_DESCRIPTION.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ACCESS_DESCRIPTION.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ACCESS_DESCRIPTION.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ADMISSIONS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ADMISSIONS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ADMISSIONS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ADMISSION_SYNTAX.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ADMISSION_SYNTAX.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ADMISSION_SYNTAX.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdOrRange.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdOrRange.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdOrRange.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdentifierChoice.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdentifierChoice.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdentifierChoice.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdentifiers.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdentifiers.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASIdentifiers.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_BIT_STRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_BIT_STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_BIT_STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_BMPSTRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_BMPSTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_BMPSTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_ENUMERATED.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_ENUMERATED.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_ENUMERATED.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_GENERALIZEDTIME.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_GENERALIZEDTIME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_GENERALIZEDTIME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_GENERALSTRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_GENERALSTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_GENERALSTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_IA5STRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_IA5STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_IA5STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_INTEGER.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_INTEGER.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_INTEGER.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_NULL.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_NULL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_NULL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_OBJECT.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_OBJECT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_OBJECT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_OCTET_STRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_OCTET_STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_OCTET_STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_PRINTABLE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_PRINTABLE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_PRINTABLE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_PRINTABLESTRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_PRINTABLESTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_PRINTABLESTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_SEQUENCE_ANY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_SEQUENCE_ANY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_SEQUENCE_ANY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_SET_ANY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_SET_ANY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_SET_ANY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_T61STRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_T61STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_T61STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_TIME.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_TIME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_TIME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_TYPE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_TYPE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_TYPE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UINTEGER.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UINTEGER.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UINTEGER.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UNIVERSALSTRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UNIVERSALSTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UNIVERSALSTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UTCTIME.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UTCTIME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UTCTIME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UTF8STRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UTF8STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_UTF8STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_VISIBLESTRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_VISIBLESTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASN1_VISIBLESTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ASRange.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ASRange.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ASRange.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_AUTHORITY_INFO_ACCESS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_AUTHORITY_INFO_ACCESS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_AUTHORITY_INFO_ACCESS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_AUTHORITY_KEYID.html b/msys2/usr/share/doc/openssl/html/man3/d2i_AUTHORITY_KEYID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_AUTHORITY_KEYID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_AutoPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/d2i_AutoPrivateKey.html
new file mode 100644
index 000000000..d1b4757d6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_AutoPrivateKey.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PrivateKey, d2i_PublicKey, d2i_AutoPrivateKey, i2d_PrivateKey, i2d_PublicKey, d2i_PrivateKey_bio, d2i_PrivateKey_fp - decode and encode functions for reading and saving EVP_PKEY structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                          long length);
+ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                         long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+                              long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>d2i_PrivateKey() decodes a private key using algorithm <b>type</b>. It attempts to use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The <b>type</b> parameter should be a public key algorithm constant such as <b>EVP_PKEY_RSA</b>. An error occurs if the decoded key does not match <b>type</b>. d2i_PublicKey() does the same for public keys.</p>
+
+<p>d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to automatically detect the private key format.</p>
+
+<p>i2d_PrivateKey() encodes <b>key</b>. It uses a key specific format or, if none is defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format. i2d_PublicKey() does the same for public keys.</p>
+
+<p>These functions are similar to the d2i_X509() functions; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions use DER format and unencrypted keys. Applications wishing to encrypt or decrypt private keys should use other functions such as d2i_PKCS8PrivateKey() instead.</p>
+
+<p>If the <b>*a</b> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey() (i.e. an existing structure is being reused) and the key format is PKCS#8 then <b>*a</b> will be freed and replaced on a successful call.</p>
+
+<p>To decode a key with type <b>EVP_PKEY_EC</b>, d2i_PublicKey() requires <b>*a</b> to be a non-NULL EVP_PKEY structure assigned an EC_KEY structure referencing the proper EC_GROUP.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The d2i_PrivateKey(), d2i_AutoPrivateKey(), d2i_PrivateKey_bio(), d2i_PrivateKey_fp(), and d2i_PublicKey() functions return a valid <b>EVP_KEY</b> structure or <b>NULL</b> if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>i2d_PrivateKey() and i2d_PublicKey() return the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_BASIC_CONSTRAINTS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_BASIC_CONSTRAINTS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_BASIC_CONSTRAINTS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_CERTIFICATEPOLICIES.html b/msys2/usr/share/doc/openssl/html/man3/d2i_CERTIFICATEPOLICIES.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_CERTIFICATEPOLICIES.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_ContentInfo.html b/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_ContentInfo.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_ContentInfo.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_ReceiptRequest.html b/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_ReceiptRequest.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_ReceiptRequest.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_CMS_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_CRL_DIST_POINTS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_CRL_DIST_POINTS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_CRL_DIST_POINTS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DHparams.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DHparams.html
new file mode 100644
index 000000000..10a7c6dc4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DHparams.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_DHparams</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH *d2i_DHparams(DH **a, unsigned char **pp, long length);
+ int i2d_DHparams(DH *a, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions decode and encode PKCS#3 DH parameters using the DHparameter structure described in PKCS#3.</p>
+
+<p>Otherwise these behave in a similar way to d2i_X509() and i2d_X509() described in the <a href="../man3/d2i_X509.html">d2i_X509(3)</a> manual page.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_DHparams() returns a valid <b>DH</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_DHparams() returns the length of encoded data on success or a value which is less than or equal to 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DHxparams.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DHxparams.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DHxparams.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DIRECTORYSTRING.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DIRECTORYSTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DIRECTORYSTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DISPLAYTEXT.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DISPLAYTEXT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DISPLAYTEXT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DIST_POINT.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DIST_POINT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DIST_POINT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DIST_POINT_NAME.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DIST_POINT_NAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DIST_POINT_NAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPublicKey.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPublicKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAPublicKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_SIG.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_SIG.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSA_SIG.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_DSAparams.html b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAparams.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_DSAparams.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ECDSA_SIG.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ECDSA_SIG.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ECDSA_SIG.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ECPKParameters.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ECPKParameters.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ECPKParameters.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ECParameters.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ECParameters.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ECParameters.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ECPrivateKey_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_EDIPARTYNAME.html b/msys2/usr/share/doc/openssl/html/man3/d2i_EDIPARTYNAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_EDIPARTYNAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_CERT_ID.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_CERT_ID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_CERT_ID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_ISSUER_SERIAL.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_ISSUER_SERIAL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_ISSUER_SERIAL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_SIGNING_CERT.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_SIGNING_CERT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ESS_SIGNING_CERT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_EXTENDED_KEY_USAGE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_EXTENDED_KEY_USAGE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_EXTENDED_KEY_USAGE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_GENERAL_NAME.html b/msys2/usr/share/doc/openssl/html/man3/d2i_GENERAL_NAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_GENERAL_NAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_GENERAL_NAMES.html b/msys2/usr/share/doc/openssl/html/man3/d2i_GENERAL_NAMES.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_GENERAL_NAMES.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressChoice.html b/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressChoice.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressChoice.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressFamily.html b/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressFamily.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressFamily.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressOrRange.html b/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressOrRange.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressOrRange.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressRange.html b/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressRange.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_IPAddressRange.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_ISSUING_DIST_POINT.html b/msys2/usr/share/doc/openssl/html/man3/d2i_ISSUING_DIST_POINT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_ISSUING_DIST_POINT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_NAMING_AUTHORITY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_NAMING_AUTHORITY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_NAMING_AUTHORITY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_CERT_SEQUENCE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_CERT_SEQUENCE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_CERT_SEQUENCE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_SPKAC.html b/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_SPKAC.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_SPKAC.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_SPKI.html b/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_SPKI.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_NETSCAPE_SPKI.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_NOTICEREF.html b/msys2/usr/share/doc/openssl/html/man3/d2i_NOTICEREF.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_NOTICEREF.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_BASICRESP.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_BASICRESP.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_BASICRESP.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CERTID.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CERTID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CERTID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CERTSTATUS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CERTSTATUS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CERTSTATUS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CRLID.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CRLID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_CRLID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_ONEREQ.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_ONEREQ.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_ONEREQ.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REQINFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REQINFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REQINFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REQUEST.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REQUEST.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REQUEST.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPBYTES.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPBYTES.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPBYTES.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPDATA.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPDATA.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPDATA.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPID.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPONSE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPONSE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_RESPONSE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REVOKEDINFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REVOKEDINFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_REVOKEDINFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SERVICELOC.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SERVICELOC.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SERVICELOC.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SIGNATURE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SIGNATURE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SIGNATURE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SINGLERESP.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SINGLERESP.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OCSP_SINGLERESP.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_OTHERNAME.html b/msys2/usr/share/doc/openssl/html/man3/d2i_OTHERNAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_OTHERNAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PBE2PARAM.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PBE2PARAM.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PBE2PARAM.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PBEPARAM.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PBEPARAM.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PBEPARAM.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PBKDF2PARAM.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PBKDF2PARAM.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PBKDF2PARAM.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_BAGS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_BAGS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_BAGS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_MAC_DATA.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_MAC_DATA.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_MAC_DATA.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_SAFEBAG.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_SAFEBAG.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_SAFEBAG.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS12_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_DIGEST.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_DIGEST.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_DIGEST.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENCRYPT.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENCRYPT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENCRYPT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENC_CONTENT.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENC_CONTENT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENC_CONTENT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENVELOPE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENVELOPE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ENVELOPE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ISSUER_AND_SERIAL.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ISSUER_AND_SERIAL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_ISSUER_AND_SERIAL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_RECIP_INFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_RECIP_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_RECIP_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGNED.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGNED.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGNED.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGNER_INFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGNER_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGNER_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGN_ENVELOPE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGN_ENVELOPE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGN_ENVELOPE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS7_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8PrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8PrivateKey_bio.html
new file mode 100644
index 000000000..6b61a9dba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8PrivateKey_bio.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PKCS8PrivateKey_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                             char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                            char *kstr, int klen,
+                            pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+                                 char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+                                char *kstr, int klen,
+                                pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PKCS#8 functions encode and decode private keys in PKCS#8 format using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.</p>
+
+<p>Other than the use of DER as opposed to PEM these functions are identical to the corresponding <b>PEM</b> function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are currently the only way to store encrypted private keys using DER format.</p>
+
+<p>Currently all the functions use BIOs or FILE pointers, there are no functions which work directly on memory: this can be readily worked around by converting the buffers to memory BIOs, see <a href="../man3/BIO_s_mem.html">BIO_s_mem(3)</a> for details.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_PKCS8PrivateKey_bio() and d2i_PKCS8PrivateKey_fp() return a valid <b>EVP_PKEY</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_PKCS8PrivateKey_bio(), i2d_PKCS8PrivateKey_fp(), i2d_PKCS8PrivateKey_nid_bio() and i2d_PKCS8PrivateKey_nid_fp() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8PrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8PrivateKey_fp.html
new file mode 100644
index 000000000..6b61a9dba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8PrivateKey_fp.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PKCS8PrivateKey_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                             char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                            char *kstr, int klen,
+                            pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+                                 char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+                                char *kstr, int klen,
+                                pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PKCS#8 functions encode and decode private keys in PKCS#8 format using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.</p>
+
+<p>Other than the use of DER as opposed to PEM these functions are identical to the corresponding <b>PEM</b> function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are currently the only way to store encrypted private keys using DER format.</p>
+
+<p>Currently all the functions use BIOs or FILE pointers, there are no functions which work directly on memory: this can be readily worked around by converting the buffers to memory BIOs, see <a href="../man3/BIO_s_mem.html">BIO_s_mem(3)</a> for details.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_PKCS8PrivateKey_bio() and d2i_PKCS8PrivateKey_fp() return a valid <b>EVP_PKEY</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_PKCS8PrivateKey_bio(), i2d_PKCS8PrivateKey_fp(), i2d_PKCS8PrivateKey_nid_bio() and i2d_PKCS8PrivateKey_nid_fp() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKCS8_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PKEY_USAGE_PERIOD.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PKEY_USAGE_PERIOD.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PKEY_USAGE_PERIOD.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_POLICYINFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_POLICYINFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_POLICYINFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_POLICYQUALINFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_POLICYQUALINFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_POLICYQUALINFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PROFESSION_INFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PROFESSION_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PROFESSION_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PROXY_CERT_INFO_EXTENSION.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PROXY_CERT_INFO_EXTENSION.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PROXY_CERT_INFO_EXTENSION.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PROXY_POLICY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PROXY_POLICY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PROXY_POLICY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY_bio.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY_bio.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY_fp.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PUBKEY_fp.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey.html
new file mode 100644
index 000000000..d1b4757d6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PrivateKey, d2i_PublicKey, d2i_AutoPrivateKey, i2d_PrivateKey, i2d_PublicKey, d2i_PrivateKey_bio, d2i_PrivateKey_fp - decode and encode functions for reading and saving EVP_PKEY structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                          long length);
+ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                         long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+                              long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>d2i_PrivateKey() decodes a private key using algorithm <b>type</b>. It attempts to use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The <b>type</b> parameter should be a public key algorithm constant such as <b>EVP_PKEY_RSA</b>. An error occurs if the decoded key does not match <b>type</b>. d2i_PublicKey() does the same for public keys.</p>
+
+<p>d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to automatically detect the private key format.</p>
+
+<p>i2d_PrivateKey() encodes <b>key</b>. It uses a key specific format or, if none is defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format. i2d_PublicKey() does the same for public keys.</p>
+
+<p>These functions are similar to the d2i_X509() functions; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions use DER format and unencrypted keys. Applications wishing to encrypt or decrypt private keys should use other functions such as d2i_PKCS8PrivateKey() instead.</p>
+
+<p>If the <b>*a</b> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey() (i.e. an existing structure is being reused) and the key format is PKCS#8 then <b>*a</b> will be freed and replaced on a successful call.</p>
+
+<p>To decode a key with type <b>EVP_PKEY_EC</b>, d2i_PublicKey() requires <b>*a</b> to be a non-NULL EVP_PKEY structure assigned an EC_KEY structure referencing the proper EC_GROUP.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The d2i_PrivateKey(), d2i_AutoPrivateKey(), d2i_PrivateKey_bio(), d2i_PrivateKey_fp(), and d2i_PublicKey() functions return a valid <b>EVP_KEY</b> structure or <b>NULL</b> if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>i2d_PrivateKey() and i2d_PublicKey() return the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey_bio.html
new file mode 100644
index 000000000..d1b4757d6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey_bio.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PrivateKey, d2i_PublicKey, d2i_AutoPrivateKey, i2d_PrivateKey, i2d_PublicKey, d2i_PrivateKey_bio, d2i_PrivateKey_fp - decode and encode functions for reading and saving EVP_PKEY structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                          long length);
+ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                         long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+                              long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>d2i_PrivateKey() decodes a private key using algorithm <b>type</b>. It attempts to use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The <b>type</b> parameter should be a public key algorithm constant such as <b>EVP_PKEY_RSA</b>. An error occurs if the decoded key does not match <b>type</b>. d2i_PublicKey() does the same for public keys.</p>
+
+<p>d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to automatically detect the private key format.</p>
+
+<p>i2d_PrivateKey() encodes <b>key</b>. It uses a key specific format or, if none is defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format. i2d_PublicKey() does the same for public keys.</p>
+
+<p>These functions are similar to the d2i_X509() functions; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions use DER format and unencrypted keys. Applications wishing to encrypt or decrypt private keys should use other functions such as d2i_PKCS8PrivateKey() instead.</p>
+
+<p>If the <b>*a</b> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey() (i.e. an existing structure is being reused) and the key format is PKCS#8 then <b>*a</b> will be freed and replaced on a successful call.</p>
+
+<p>To decode a key with type <b>EVP_PKEY_EC</b>, d2i_PublicKey() requires <b>*a</b> to be a non-NULL EVP_PKEY structure assigned an EC_KEY structure referencing the proper EC_GROUP.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The d2i_PrivateKey(), d2i_AutoPrivateKey(), d2i_PrivateKey_bio(), d2i_PrivateKey_fp(), and d2i_PublicKey() functions return a valid <b>EVP_KEY</b> structure or <b>NULL</b> if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>i2d_PrivateKey() and i2d_PublicKey() return the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey_fp.html
new file mode 100644
index 000000000..d1b4757d6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PrivateKey_fp.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PrivateKey, d2i_PublicKey, d2i_AutoPrivateKey, i2d_PrivateKey, i2d_PublicKey, d2i_PrivateKey_bio, d2i_PrivateKey_fp - decode and encode functions for reading and saving EVP_PKEY structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                          long length);
+ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                         long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+                              long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>d2i_PrivateKey() decodes a private key using algorithm <b>type</b>. It attempts to use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The <b>type</b> parameter should be a public key algorithm constant such as <b>EVP_PKEY_RSA</b>. An error occurs if the decoded key does not match <b>type</b>. d2i_PublicKey() does the same for public keys.</p>
+
+<p>d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to automatically detect the private key format.</p>
+
+<p>i2d_PrivateKey() encodes <b>key</b>. It uses a key specific format or, if none is defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format. i2d_PublicKey() does the same for public keys.</p>
+
+<p>These functions are similar to the d2i_X509() functions; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions use DER format and unencrypted keys. Applications wishing to encrypt or decrypt private keys should use other functions such as d2i_PKCS8PrivateKey() instead.</p>
+
+<p>If the <b>*a</b> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey() (i.e. an existing structure is being reused) and the key format is PKCS#8 then <b>*a</b> will be freed and replaced on a successful call.</p>
+
+<p>To decode a key with type <b>EVP_PKEY_EC</b>, d2i_PublicKey() requires <b>*a</b> to be a non-NULL EVP_PKEY structure assigned an EC_KEY structure referencing the proper EC_GROUP.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The d2i_PrivateKey(), d2i_AutoPrivateKey(), d2i_PrivateKey_bio(), d2i_PrivateKey_fp(), and d2i_PublicKey() functions return a valid <b>EVP_KEY</b> structure or <b>NULL</b> if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>i2d_PrivateKey() and i2d_PublicKey() return the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_PublicKey.html b/msys2/usr/share/doc/openssl/html/man3/d2i_PublicKey.html
new file mode 100644
index 000000000..d1b4757d6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_PublicKey.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PrivateKey, d2i_PublicKey, d2i_AutoPrivateKey, i2d_PrivateKey, i2d_PublicKey, d2i_PrivateKey_bio, d2i_PrivateKey_fp - decode and encode functions for reading and saving EVP_PKEY structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                          long length);
+ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                         long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+                              long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>d2i_PrivateKey() decodes a private key using algorithm <b>type</b>. It attempts to use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The <b>type</b> parameter should be a public key algorithm constant such as <b>EVP_PKEY_RSA</b>. An error occurs if the decoded key does not match <b>type</b>. d2i_PublicKey() does the same for public keys.</p>
+
+<p>d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to automatically detect the private key format.</p>
+
+<p>i2d_PrivateKey() encodes <b>key</b>. It uses a key specific format or, if none is defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format. i2d_PublicKey() does the same for public keys.</p>
+
+<p>These functions are similar to the d2i_X509() functions; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions use DER format and unencrypted keys. Applications wishing to encrypt or decrypt private keys should use other functions such as d2i_PKCS8PrivateKey() instead.</p>
+
+<p>If the <b>*a</b> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey() (i.e. an existing structure is being reused) and the key format is PKCS#8 then <b>*a</b> will be freed and replaced on a successful call.</p>
+
+<p>To decode a key with type <b>EVP_PKEY_EC</b>, d2i_PublicKey() requires <b>*a</b> to be a non-NULL EVP_PKEY structure assigned an EC_KEY structure referencing the proper EC_GROUP.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The d2i_PrivateKey(), d2i_AutoPrivateKey(), d2i_PrivateKey_bio(), d2i_PrivateKey_fp(), and d2i_PublicKey() functions return a valid <b>EVP_KEY</b> structure or <b>NULL</b> if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>i2d_PrivateKey() and i2d_PublicKey() return the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSAPublicKey_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_OAEP_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_OAEP_PARAMS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_OAEP_PARAMS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PSS_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PSS_PARAMS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PSS_PARAMS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_SCRYPT_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_SCRYPT_PARAMS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_SCRYPT_PARAMS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_SCT_LIST.html b/msys2/usr/share/doc/openssl/html/man3/d2i_SCT_LIST.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_SCT_LIST.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_SSL_SESSION.html b/msys2/usr/share/doc/openssl/html/man3/d2i_SSL_SESSION.html
new file mode 100644
index 000000000..06dae2ed5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_SSL_SESSION.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_SSL_SESSION</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_SSL_SESSION, i2d_SSL_SESSION - convert SSL_SESSION object from/to ASN1 representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
+                              long length);
+ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions decode and encode an SSL_SESSION object. For encoding details see <a href="../man3/d2i_X509.html">d2i_X509(3)</a>.</p>
+
+<p>SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object&#39;s session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_SSL_SESSION() returns a pointer to the newly allocated SSL_SESSION object. In case of failure the NULL-pointer is returned and the error message can be retrieved from the error stack.</p>
+
+<p>i2d_SSL_SESSION() returns the size of the ASN1 representation in bytes. When the session is not valid, <b>0</b> is returned and no operation is performed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_SXNET.html b/msys2/usr/share/doc/openssl/html/man3/d2i_SXNET.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_SXNET.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_SXNETID.html b/msys2/usr/share/doc/openssl/html/man3/d2i_SXNETID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_SXNETID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_ACCURACY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_ACCURACY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_ACCURACY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_REQ_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_RESP_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_STATUS_INFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_STATUS_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_STATUS_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_USERNOTICE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_USERNOTICE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_USERNOTICE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ALGOR.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ALGOR.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ALGOR.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ALGORS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ALGORS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ALGORS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ATTRIBUTE.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ATTRIBUTE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_ATTRIBUTE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_AUX.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_AUX.html
new file mode 100644
index 000000000..c1fdcc10c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_AUX.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>i2d_re_X509_tbs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_X509_AUX, i2d_X509_AUX, i2d_re_X509_tbs, i2d_re_X509_CRL_tbs, i2d_re_X509_REQ_tbs - X509 encode and decode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *d2i_X509_AUX(X509 **px, const unsigned char **in, long len);
+ int i2d_X509_AUX(X509 *x, unsigned char **out);
+ int i2d_re_X509_tbs(X509 *x, unsigned char **out);
+ int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp);
+ int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 encode and decode routines encode and parse an <b>X509</b> structure, which represents an X509 certificate.</p>
+
+<p>d2i_X509_AUX() is similar to <a href="../man3/d2i_X509.html">d2i_X509(3)</a> but the input is expected to consist of an X509 certificate followed by auxiliary trust information. This is used by the PEM routines to read &quot;TRUSTED CERTIFICATE&quot; objects. This function should not be called on untrusted input.</p>
+
+<p>i2d_X509_AUX() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a>, but the encoded output contains both the certificate and any auxiliary trust information. This is used by the PEM routines to write &quot;TRUSTED CERTIFICATE&quot; objects. Note that this is a non-standard OpenSSL-specific data format.</p>
+
+<p>i2d_re_X509_tbs() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a> except it encodes only the TBSCertificate portion of the certificate. i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() are analogous for CRL and certificate request, respectively. The &quot;re&quot; in <b>i2d_re_X509_tbs</b> stands for &quot;re-encode&quot;, and ensures that a fresh encoding is generated in case the object has been modified after creation (see the BUGS section).</p>
+
+<p>The encoding of the TBSCertificate portion of a certificate is cached in the <b>X509</b> structure internally to improve encoding performance and to ensure certificate signatures are verified correctly in some certificates with broken (non-DER) encodings.</p>
+
+<p>If, after modification, the <b>X509</b> object is re-signed with X509_sign(), the encoding is automatically renewed. Otherwise, the encoding of the TBSCertificate portion of the <b>X509</b> can be manually renewed by calling i2d_re_X509_tbs().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_X509_AUX() returns a valid <b>X509</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_X509_AUX() returns the length of encoded data or -1 on error.</p>
+
+<p>i2d_re_X509_tbs(), i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() return the length of encoded data or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CERT_AUX.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CERT_AUX.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CERT_AUX.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CINF.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CINF.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CINF.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_INFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_CRL_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_EXTENSION.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_EXTENSION.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_EXTENSION.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_EXTENSIONS.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_EXTENSIONS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_EXTENSIONS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_NAME.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_NAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_NAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_NAME_ENTRY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_NAME_ENTRY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_NAME_ENTRY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_PUBKEY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_PUBKEY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_INFO.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_bio.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_fp.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REQ_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REVOKED.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REVOKED.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_REVOKED.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_SIG.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_SIG.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_SIG.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/d2i_X509_VAL.html b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_VAL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/d2i_X509_VAL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ACCESS_DESCRIPTION.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ACCESS_DESCRIPTION.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ACCESS_DESCRIPTION.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ADMISSIONS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ADMISSIONS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ADMISSIONS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ADMISSION_SYNTAX.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ADMISSION_SYNTAX.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ADMISSION_SYNTAX.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdOrRange.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdOrRange.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdOrRange.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdentifierChoice.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdentifierChoice.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdentifierChoice.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdentifiers.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdentifiers.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASIdentifiers.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_BIT_STRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_BIT_STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_BIT_STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_BMPSTRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_BMPSTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_BMPSTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_ENUMERATED.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_ENUMERATED.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_ENUMERATED.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_GENERALIZEDTIME.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_GENERALIZEDTIME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_GENERALIZEDTIME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_GENERALSTRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_GENERALSTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_GENERALSTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_IA5STRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_IA5STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_IA5STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_INTEGER.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_INTEGER.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_INTEGER.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_NULL.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_NULL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_NULL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_OBJECT.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_OBJECT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_OBJECT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_OCTET_STRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_OCTET_STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_OCTET_STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_PRINTABLE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_PRINTABLE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_PRINTABLE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_PRINTABLESTRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_PRINTABLESTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_PRINTABLESTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_SEQUENCE_ANY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_SEQUENCE_ANY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_SEQUENCE_ANY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_SET_ANY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_SET_ANY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_SET_ANY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_T61STRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_T61STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_T61STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_TIME.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_TIME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_TIME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_TYPE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_TYPE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_TYPE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UNIVERSALSTRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UNIVERSALSTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UNIVERSALSTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UTCTIME.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UTCTIME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UTCTIME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UTF8STRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UTF8STRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_UTF8STRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_VISIBLESTRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_VISIBLESTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_VISIBLESTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_bio_stream.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_bio_stream.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASN1_bio_stream.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ASRange.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ASRange.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ASRange.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_AUTHORITY_INFO_ACCESS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_AUTHORITY_INFO_ACCESS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_AUTHORITY_INFO_ACCESS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_AUTHORITY_KEYID.html b/msys2/usr/share/doc/openssl/html/man3/i2d_AUTHORITY_KEYID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_AUTHORITY_KEYID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_BASIC_CONSTRAINTS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_BASIC_CONSTRAINTS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_BASIC_CONSTRAINTS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_CERTIFICATEPOLICIES.html b/msys2/usr/share/doc/openssl/html/man3/i2d_CERTIFICATEPOLICIES.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_CERTIFICATEPOLICIES.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_ContentInfo.html b/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_ContentInfo.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_ContentInfo.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_ReceiptRequest.html b/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_ReceiptRequest.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_ReceiptRequest.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_bio_stream.html b/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_bio_stream.html
new file mode 100644
index 000000000..f21951954
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_CMS_bio_stream.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>i2d_CMS_bio_stream</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2d_CMS_bio_stream - output CMS_ContentInfo structure in BER format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/cms.h&gt;
+
+ int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>i2d_CMS_bio_stream() outputs a CMS_ContentInfo structure in BER format.</p>
+
+<p>It is otherwise identical to the function SMIME_write_CMS().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This function is effectively a version of the i2d_CMS_bio() supporting streaming.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The prefix &quot;i2d&quot; is arguably wrong because the function outputs BER format.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>i2d_CMS_bio_stream() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/CMS_sign.html">CMS_sign(3)</a>, <a href="../man3/CMS_verify.html">CMS_verify(3)</a>, <a href="../man3/CMS_encrypt.html">CMS_encrypt(3)</a> <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>, <a href="../man3/SMIME_write_CMS.html">SMIME_write_CMS(3)</a>, <a href="../man3/PEM_write_bio_CMS_stream.html">PEM_write_bio_CMS_stream(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The i2d_CMS_bio_stream() function was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_CRL_DIST_POINTS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_CRL_DIST_POINTS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_CRL_DIST_POINTS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DHparams.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DHparams.html
new file mode 100644
index 000000000..10a7c6dc4
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DHparams.html
@@ -0,0 +1,61 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_DHparams</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/dh.h&gt;
+
+ DH *d2i_DHparams(DH **a, unsigned char **pp, long length);
+ int i2d_DHparams(DH *a, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions decode and encode PKCS#3 DH parameters using the DHparameter structure described in PKCS#3.</p>
+
+<p>Otherwise these behave in a similar way to d2i_X509() and i2d_X509() described in the <a href="../man3/d2i_X509.html">d2i_X509(3)</a> manual page.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_DHparams() returns a valid <b>DH</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_DHparams() returns the length of encoded data on success or a value which is less than or equal to 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DHxparams.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DHxparams.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DHxparams.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DIRECTORYSTRING.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DIRECTORYSTRING.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DIRECTORYSTRING.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DISPLAYTEXT.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DISPLAYTEXT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DISPLAYTEXT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DIST_POINT.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DIST_POINT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DIST_POINT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DIST_POINT_NAME.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DIST_POINT_NAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DIST_POINT_NAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPublicKey.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPublicKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAPublicKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_SIG.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_SIG.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSA_SIG.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_DSAparams.html b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAparams.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_DSAparams.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ECDSA_SIG.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ECDSA_SIG.html
new file mode 100644
index 000000000..164654835
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ECDSA_SIG.html
@@ -0,0 +1,184 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ECDSA_SIG_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0, ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA) functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ecdsa.h&gt;
+
+ ECDSA_SIG *ECDSA_SIG_new(void);
+ void ECDSA_SIG_free(ECDSA_SIG *sig);
+ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+ const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+ int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+ int ECDSA_size(const EC_KEY *eckey);
+
+ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+                unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                          EC_KEY *eckey);
+
+ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                  const unsigned char *sig, int siglen, EC_KEY *eckey);
+ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                     const ECDSA_SIG *sig, EC_KEY* eckey);
+
+ ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                             const BIGNUM *kinv, const BIGNUM *rp,
+                             EC_KEY *eckey);
+ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                   unsigned char *sig, unsigned int *siglen,
+                   const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Note: these functions provide a low level interface to ECDSA. Most applications should use the higher level <b>EVP</b> interface such as <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> or <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a> instead.</p>
+
+<p><b>ECDSA_SIG</b> is an opaque structure consisting of two BIGNUMs for the <b>r</b> and <b>s</b> value of an ECDSA signature (see X9.62 or FIPS 186-2).</p>
+
+<p>ECDSA_SIG_new() allocates an empty <b>ECDSA_SIG</b> structure. Note: before OpenSSL 1.1.0 the: the <b>r</b> and <b>s</b> components were initialised.</p>
+
+<p>ECDSA_SIG_free() frees the <b>ECDSA_SIG</b> structure <b>sig</b>.</p>
+
+<p>ECDSA_SIG_get0() returns internal pointers the <b>r</b> and <b>s</b> values contained in <b>sig</b> and stores them in <b>*pr</b> and <b>*ps</b>, respectively. The pointer <b>pr</b> or <b>ps</b> can be NULL, in which case the corresponding value is not returned.</p>
+
+<p>The values <b>r</b>, <b>s</b> can also be retrieved separately by the corresponding function ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s(), respectively.</p>
+
+<p>The <b>r</b> and <b>s</b> values can be set by calling ECDSA_SIG_set0() and passing the new values for <b>r</b> and <b>s</b> as parameters to the function. Calling this function transfers the memory management of the values to the ECDSA_SIG object, and therefore the values that have been passed in should not be freed directly after this function has been called.</p>
+
+<p>i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature <b>sig</b> and writes the encoded signature to <b>*pp</b> (note: if <b>pp</b> is NULL i2d_ECDSA_SIG() returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on error).</p>
+
+<p>d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated <b>ECDSA_SIG</b> structure. <b>*sig</b> points to the buffer containing the DER encoded signature of size <b>len</b>.</p>
+
+<p>ECDSA_size() returns the maximum length of a DER encoded ECDSA signature created with the private EC key <b>eckey</b>.</p>
+
+<p>ECDSA_sign() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b>. The DER encoded signatures is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is currently ignored. ECDSA_sign() is wrapper function for ECDSA_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_do_sign() is similar to ECDSA_sign() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error). ECDSA_do_sign() is a wrapper function for ECDSA_do_sign_ex() with <b>kinv</b> and <b>rp</b> set to NULL.</p>
+
+<p>ECDSA_verify() verifies that the signature in <b>sig</b> of size <b>siglen</b> is a valid ECDSA signature of the hash value <b>dgst</b> of size <b>dgstlen</b> using the public key <b>eckey</b>. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_verify() is similar to ECDSA_verify() except the signature is presented in the form of a pointer to an <b>ECDSA_SIG</b> structure.</p>
+
+<p>The remaining functions utilise the internal <b>kinv</b> and <b>r</b> values used during signature computation. Most applications will never need to call these and some external ECDSA ENGINE implementations may not support them at all if either <b>kinv</b> or <b>r</b> is not <b>NULL</b>.</p>
+
+<p>ECDSA_sign_setup() may be used to precompute parts of the signing operation. <b>eckey</b> is the private EC key and <b>ctx</b> is a pointer to <b>BN_CTX</b> structure (or NULL). The precomputed values or returned in <b>kinv</b> and <b>rp</b> and can be used in a later call to ECDSA_sign_ex() or ECDSA_do_sign_ex().</p>
+
+<p>ECDSA_sign_ex() computes a digital signature of the <b>dgstlen</b> bytes hash value <b>dgst</b> using the private EC key <b>eckey</b> and the optional pre-computed values <b>kinv</b> and <b>rp</b>. The DER encoded signature is stored in <b>sig</b> and its length is returned in <b>sig_len</b>. Note: <b>sig</b> must point to ECDSA_size(eckey) bytes of memory. The parameter <b>type</b> is ignored.</p>
+
+<p>ECDSA_do_sign_ex() is similar to ECDSA_sign_ex() except the signature is returned as a newly allocated <b>ECDSA_SIG</b> structure (or NULL on error).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>ECDSA_SIG_new() returns NULL if the allocation fails.</p>
+
+<p>ECDSA_SIG_set0() returns 1 on success or 0 on failure.</p>
+
+<p>ECDSA_SIG_get0_r() and ECDSA_SIG_get0_s() return the corresponding value, or NULL if it is unset.</p>
+
+<p>ECDSA_size() returns the maximum length signature or 0 on error.</p>
+
+<p>ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful or 0 on error.</p>
+
+<p>ECDSA_do_sign() and ECDSA_do_sign_ex() return a pointer to an allocated <b>ECDSA_SIG</b> structure or NULL on error.</p>
+
+<p>ECDSA_verify() and ECDSA_do_verify() return 1 for a valid signature, 0 for an invalid signature and -1 on error. The error codes can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).</p>
+
+<p>First step: create an EC_KEY object (note: this part is <b>not</b> ECDSA specific)</p>
+
+<pre><code> int ret;
+ ECDSA_SIG *sig;
+ EC_KEY *eckey;
+
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ if (eckey == NULL)
+     /* error */
+ if (EC_KEY_generate_key(eckey) == 0)
+     /* error */</code></pre>
+
+<p>Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():</p>
+
+<pre><code> sig = ECDSA_do_sign(digest, 32, eckey);
+ if (sig == NULL)
+     /* error */</code></pre>
+
+<p>or using ECDSA_sign():</p>
+
+<pre><code> unsigned char *buffer, *pp;
+ int buf_len;
+
+ buf_len = ECDSA_size(eckey);
+ buffer = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (ECDSA_sign(0, dgst, dgstlen, pp, &amp;buf_len, eckey) == 0)
+     /* error */</code></pre>
+
+<p>Third step: verify the created ECDSA signature using ECDSA_do_verify():</p>
+
+<pre><code> ret = ECDSA_do_verify(digest, 32, sig, eckey);</code></pre>
+
+<p>or using ECDSA_verify():</p>
+
+<pre><code> ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);</code></pre>
+
+<p>and finally evaluate the return value:</p>
+
+<pre><code> if (ret == 1)
+     /* signature ok */
+ else if (ret == 0)
+     /* incorrect signature */
+ else
+     /* error */</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>ANSI X9.62, US Federal Information Processing Standard FIPS 186-2 (Digital Signature Standard, DSS)</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/DSA_new.html">DSA_new(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ECPKParameters.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ECPKParameters.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ECPKParameters.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ECParameters.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ECParameters.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ECParameters.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ECPrivateKey_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_EDIPARTYNAME.html b/msys2/usr/share/doc/openssl/html/man3/i2d_EDIPARTYNAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_EDIPARTYNAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_CERT_ID.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_CERT_ID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_CERT_ID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_ISSUER_SERIAL.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_ISSUER_SERIAL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_ISSUER_SERIAL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_SIGNING_CERT.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_SIGNING_CERT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ESS_SIGNING_CERT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_EXTENDED_KEY_USAGE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_EXTENDED_KEY_USAGE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_EXTENDED_KEY_USAGE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_GENERAL_NAME.html b/msys2/usr/share/doc/openssl/html/man3/i2d_GENERAL_NAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_GENERAL_NAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_GENERAL_NAMES.html b/msys2/usr/share/doc/openssl/html/man3/i2d_GENERAL_NAMES.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_GENERAL_NAMES.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressChoice.html b/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressChoice.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressChoice.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressFamily.html b/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressFamily.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressFamily.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressOrRange.html b/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressOrRange.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressOrRange.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressRange.html b/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressRange.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_IPAddressRange.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_ISSUING_DIST_POINT.html b/msys2/usr/share/doc/openssl/html/man3/i2d_ISSUING_DIST_POINT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_ISSUING_DIST_POINT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_NAMING_AUTHORITY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_NAMING_AUTHORITY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_NAMING_AUTHORITY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_CERT_SEQUENCE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_CERT_SEQUENCE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_CERT_SEQUENCE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_SPKAC.html b/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_SPKAC.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_SPKAC.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_SPKI.html b/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_SPKI.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_NETSCAPE_SPKI.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_NOTICEREF.html b/msys2/usr/share/doc/openssl/html/man3/i2d_NOTICEREF.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_NOTICEREF.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_BASICRESP.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_BASICRESP.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_BASICRESP.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CERTID.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CERTID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CERTID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CERTSTATUS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CERTSTATUS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CERTSTATUS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CRLID.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CRLID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_CRLID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_ONEREQ.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_ONEREQ.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_ONEREQ.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REQINFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REQINFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REQINFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REQUEST.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REQUEST.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REQUEST.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPBYTES.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPBYTES.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPBYTES.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPDATA.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPDATA.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPDATA.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPID.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPONSE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPONSE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_RESPONSE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REVOKEDINFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REVOKEDINFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_REVOKEDINFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SERVICELOC.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SERVICELOC.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SERVICELOC.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SIGNATURE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SIGNATURE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SIGNATURE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SINGLERESP.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SINGLERESP.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OCSP_SINGLERESP.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_OTHERNAME.html b/msys2/usr/share/doc/openssl/html/man3/i2d_OTHERNAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_OTHERNAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PBE2PARAM.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PBE2PARAM.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PBE2PARAM.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PBEPARAM.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PBEPARAM.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PBEPARAM.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PBKDF2PARAM.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PBKDF2PARAM.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PBKDF2PARAM.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_BAGS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_BAGS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_BAGS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_MAC_DATA.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_MAC_DATA.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_MAC_DATA.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_SAFEBAG.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_SAFEBAG.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_SAFEBAG.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS12_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_DIGEST.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_DIGEST.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_DIGEST.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENCRYPT.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENCRYPT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENCRYPT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENC_CONTENT.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENC_CONTENT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENC_CONTENT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENVELOPE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENVELOPE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ENVELOPE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ISSUER_AND_SERIAL.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ISSUER_AND_SERIAL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_ISSUER_AND_SERIAL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_NDEF.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_NDEF.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_NDEF.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_RECIP_INFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_RECIP_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_RECIP_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGNED.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGNED.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGNED.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGNER_INFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGNER_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGNER_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGN_ENVELOPE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGN_ENVELOPE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGN_ENVELOPE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_bio_stream.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_bio_stream.html
new file mode 100644
index 000000000..94765a9c1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_bio_stream.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>i2d_PKCS7_bio_stream</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2d_PKCS7_bio_stream - output PKCS7 structure in BER format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pkcs7.h&gt;
+
+ int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>i2d_PKCS7_bio_stream() outputs a PKCS7 structure in BER format.</p>
+
+<p>It is otherwise identical to the function SMIME_write_PKCS7().</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This function is effectively a version of the d2i_PKCS7_bio() supporting streaming.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The prefix &quot;i2d&quot; is arguably wrong because the function outputs BER format.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>i2d_PKCS7_bio_stream() returns 1 for success or 0 for failure.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/PKCS7_sign.html">PKCS7_sign(3)</a>, <a href="../man3/PKCS7_verify.html">PKCS7_verify(3)</a>, <a href="../man3/PKCS7_encrypt.html">PKCS7_encrypt(3)</a> <a href="../man3/PKCS7_decrypt.html">PKCS7_decrypt(3)</a>, <a href="../man3/SMIME_write_PKCS7.html">SMIME_write_PKCS7(3)</a>, <a href="../man3/PEM_write_bio_PKCS7_stream.html">PEM_write_bio_PKCS7_stream(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The i2d_PKCS7_bio_stream() function was added in OpenSSL 1.0.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS7_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKeyInfo_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKeyInfo_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKeyInfo_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKeyInfo_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKeyInfo_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKeyInfo_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_bio.html
new file mode 100644
index 000000000..6b61a9dba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_bio.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PKCS8PrivateKey_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                             char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                            char *kstr, int klen,
+                            pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+                                 char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+                                char *kstr, int klen,
+                                pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PKCS#8 functions encode and decode private keys in PKCS#8 format using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.</p>
+
+<p>Other than the use of DER as opposed to PEM these functions are identical to the corresponding <b>PEM</b> function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are currently the only way to store encrypted private keys using DER format.</p>
+
+<p>Currently all the functions use BIOs or FILE pointers, there are no functions which work directly on memory: this can be readily worked around by converting the buffers to memory BIOs, see <a href="../man3/BIO_s_mem.html">BIO_s_mem(3)</a> for details.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_PKCS8PrivateKey_bio() and d2i_PKCS8PrivateKey_fp() return a valid <b>EVP_PKEY</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_PKCS8PrivateKey_bio(), i2d_PKCS8PrivateKey_fp(), i2d_PKCS8PrivateKey_nid_bio() and i2d_PKCS8PrivateKey_nid_fp() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_fp.html
new file mode 100644
index 000000000..6b61a9dba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_fp.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PKCS8PrivateKey_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                             char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                            char *kstr, int klen,
+                            pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+                                 char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+                                char *kstr, int klen,
+                                pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PKCS#8 functions encode and decode private keys in PKCS#8 format using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.</p>
+
+<p>Other than the use of DER as opposed to PEM these functions are identical to the corresponding <b>PEM</b> function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are currently the only way to store encrypted private keys using DER format.</p>
+
+<p>Currently all the functions use BIOs or FILE pointers, there are no functions which work directly on memory: this can be readily worked around by converting the buffers to memory BIOs, see <a href="../man3/BIO_s_mem.html">BIO_s_mem(3)</a> for details.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_PKCS8PrivateKey_bio() and d2i_PKCS8PrivateKey_fp() return a valid <b>EVP_PKEY</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_PKCS8PrivateKey_bio(), i2d_PKCS8PrivateKey_fp(), i2d_PKCS8PrivateKey_nid_bio() and i2d_PKCS8PrivateKey_nid_fp() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_nid_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_nid_bio.html
new file mode 100644
index 000000000..6b61a9dba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_nid_bio.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PKCS8PrivateKey_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                             char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                            char *kstr, int klen,
+                            pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+                                 char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+                                char *kstr, int klen,
+                                pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PKCS#8 functions encode and decode private keys in PKCS#8 format using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.</p>
+
+<p>Other than the use of DER as opposed to PEM these functions are identical to the corresponding <b>PEM</b> function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are currently the only way to store encrypted private keys using DER format.</p>
+
+<p>Currently all the functions use BIOs or FILE pointers, there are no functions which work directly on memory: this can be readily worked around by converting the buffers to memory BIOs, see <a href="../man3/BIO_s_mem.html">BIO_s_mem(3)</a> for details.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_PKCS8PrivateKey_bio() and d2i_PKCS8PrivateKey_fp() return a valid <b>EVP_PKEY</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_PKCS8PrivateKey_bio(), i2d_PKCS8PrivateKey_fp(), i2d_PKCS8PrivateKey_nid_bio() and i2d_PKCS8PrivateKey_nid_fp() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_nid_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_nid_fp.html
new file mode 100644
index 000000000..6b61a9dba
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_nid_fp.html
@@ -0,0 +1,86 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PKCS8PrivateKey_bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp, i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                             char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                            char *kstr, int klen,
+                            pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+                                 char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+                                char *kstr, int klen,
+                                pem_password_cb *cb, void *u);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PKCS#8 functions encode and decode private keys in PKCS#8 format using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.</p>
+
+<p>Other than the use of DER as opposed to PEM these functions are identical to the corresponding <b>PEM</b> function as described in <a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>These functions are currently the only way to store encrypted private keys using DER format.</p>
+
+<p>Currently all the functions use BIOs or FILE pointers, there are no functions which work directly on memory: this can be readily worked around by converting the buffers to memory BIOs, see <a href="../man3/BIO_s_mem.html">BIO_s_mem(3)</a> for details.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_PKCS8PrivateKey_bio() and d2i_PKCS8PrivateKey_fp() return a valid <b>EVP_PKEY</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_PKCS8PrivateKey_bio(), i2d_PKCS8PrivateKey_fp(), i2d_PKCS8PrivateKey_nid_bio() and i2d_PKCS8PrivateKey_nid_fp() return 1 on success or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/PEM_read_PrivateKey.html">PEM_read_PrivateKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKCS8_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PKEY_USAGE_PERIOD.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PKEY_USAGE_PERIOD.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PKEY_USAGE_PERIOD.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_POLICYINFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_POLICYINFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_POLICYINFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_POLICYQUALINFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_POLICYQUALINFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_POLICYQUALINFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PROFESSION_INFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PROFESSION_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PROFESSION_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PROXY_CERT_INFO_EXTENSION.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PROXY_CERT_INFO_EXTENSION.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PROXY_CERT_INFO_EXTENSION.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PROXY_POLICY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PROXY_POLICY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PROXY_POLICY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY_bio.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY_bio.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY_fp.html
new file mode 100644
index 000000000..b05f234e3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PUBKEY_fp.html
@@ -0,0 +1,110 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X509_PUBKEY_new</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509_PUBKEY *X509_PUBKEY_new(void);
+ void X509_PUBKEY_free(X509_PUBKEY *a);
+
+ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
+ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+ int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+ int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                            int ptype, void *pval,
+                            unsigned char *penc, int penclen);
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                            const unsigned char **pk, int *ppklen,
+                            X509_ALGOR **pa, X509_PUBKEY *pub);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X509_PUBKEY</b> structure represents the ASN.1 <b>SubjectPublicKeyInfo</b> structure defined in RFC5280 and used in certificates and certificate requests.</p>
+
+<p>X509_PUBKEY_new() allocates and initializes an <b>X509_PUBKEY</b> structure.</p>
+
+<p>X509_PUBKEY_free() frees up <b>X509_PUBKEY</b> structure <b>a</b>. If <b>a</b> is NULL nothing is done.</p>
+
+<p>X509_PUBKEY_set() sets the public key in <b>*x</b> to the public key contained in the <b>EVP_PKEY</b> structure <b>pkey</b>. If <b>*x</b> is not NULL any existing public key structure will be freed.</p>
+
+<p>X509_PUBKEY_get0() returns the public key contained in <b>key</b>. The returned value is an internal pointer which <b>MUST NOT</b> be freed after use.</p>
+
+<p>X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference count on the returned key is incremented so it <b>MUST</b> be freed using EVP_PKEY_free() after use.</p>
+
+<p>d2i_PUBKEY() and i2d_PUBKEY() decode and encode an <b>EVP_PKEY</b> structure using <b>SubjectPublicKeyInfo</b> format. They otherwise follow the conventions of other ASN.1 functions such as d2i_X509().</p>
+
+<p>d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a <b>BIO</b> or <b>FILE</b> pointer.</p>
+
+<p>X509_PUBKEY_set0_param() sets the public key parameters of <b>pub</b>. The OID associated with the algorithm is set to <b>aobj</b>. The type of the algorithm parameters is set to <b>type</b> using the structure <b>pval</b>. The encoding of the public key itself is set to the <b>penclen</b> bytes contained in buffer <b>penc</b>. On success ownership of all the supplied parameters is passed to <b>pub</b> so they must not be freed after the call.</p>
+
+<p>X509_PUBKEY_get0_param() retrieves the public key parameters from <b>pub</b>, <b>*ppkalg</b> is set to the associated OID and the encoding consists of <b>*ppklen</b> bytes at <b>*pk</b>, <b>*pa</b> is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required it can be set to <b>NULL</b>. All of the retrieved pointers are internal and must not be freed after the call.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The <b>X509_PUBKEY</b> functions can be used to encode and decode public keys in a standard format.</p>
+
+<p>In many cases applications will not call the <b>X509_PUBKEY</b> functions directly: they will instead call wrapper functions such as X509_get0_pubkey().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>If the allocation fails, X509_PUBKEY_new() returns <b>NULL</b> and sets an error code that can be obtained by <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>Otherwise it returns a pointer to the newly allocated structure.</p>
+
+<p>X509_PUBKEY_free() does not return a value.</p>
+
+<p>X509_PUBKEY_get0() and X509_PUBKEY_get() return a pointer to an <b>EVP_PKEY</b> structure or <b>NULL</b> if an error occurs.</p>
+
+<p>X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() return 1 for success and 0 if an error occurred.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PrivateKey.html
new file mode 100644
index 000000000..d1b4757d6
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PrivateKey.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_PrivateKey, d2i_PublicKey, d2i_AutoPrivateKey, i2d_PrivateKey, i2d_PublicKey, d2i_PrivateKey_bio, d2i_PrivateKey_fp - decode and encode functions for reading and saving EVP_PKEY structures</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                          long length);
+ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                         long length);
+ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+                              long length);
+ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+ EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+ EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>d2i_PrivateKey() decodes a private key using algorithm <b>type</b>. It attempts to use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The <b>type</b> parameter should be a public key algorithm constant such as <b>EVP_PKEY_RSA</b>. An error occurs if the decoded key does not match <b>type</b>. d2i_PublicKey() does the same for public keys.</p>
+
+<p>d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to automatically detect the private key format.</p>
+
+<p>i2d_PrivateKey() encodes <b>key</b>. It uses a key specific format or, if none is defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format. i2d_PublicKey() does the same for public keys.</p>
+
+<p>These functions are similar to the d2i_X509() functions; see <a href="../man3/d2i_X509.html">d2i_X509(3)</a>.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>All these functions use DER format and unencrypted keys. Applications wishing to encrypt or decrypt private keys should use other functions such as d2i_PKCS8PrivateKey() instead.</p>
+
+<p>If the <b>*a</b> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey() (i.e. an existing structure is being reused) and the key format is PKCS#8 then <b>*a</b> will be freed and replaced on a successful call.</p>
+
+<p>To decode a key with type <b>EVP_PKEY_EC</b>, d2i_PublicKey() requires <b>*a</b> to be a non-NULL EVP_PKEY structure assigned an EC_KEY structure referencing the proper EC_GROUP.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The d2i_PrivateKey(), d2i_AutoPrivateKey(), d2i_PrivateKey_bio(), d2i_PrivateKey_fp(), and d2i_PublicKey() functions return a valid <b>EVP_KEY</b> structure or <b>NULL</b> if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<p>i2d_PrivateKey() and i2d_PublicKey() return the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by calling <a href="../man3/ERR_get_error.html">ERR_get_error(3)</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_PublicKey.html b/msys2/usr/share/doc/openssl/html/man3/i2d_PublicKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_PublicKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSAPublicKey_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_OAEP_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_OAEP_PARAMS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_OAEP_PARAMS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PSS_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PSS_PARAMS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PSS_PARAMS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_SCRYPT_PARAMS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_SCRYPT_PARAMS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_SCRYPT_PARAMS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_SCT_LIST.html b/msys2/usr/share/doc/openssl/html/man3/i2d_SCT_LIST.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_SCT_LIST.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_SSL_SESSION.html b/msys2/usr/share/doc/openssl/html/man3/i2d_SSL_SESSION.html
new file mode 100644
index 000000000..06dae2ed5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_SSL_SESSION.html
@@ -0,0 +1,62 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_SSL_SESSION</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_SSL_SESSION, i2d_SSL_SESSION - convert SSL_SESSION object from/to ASN1 representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
+                              long length);
+ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>These functions decode and encode an SSL_SESSION object. For encoding details see <a href="../man3/d2i_X509.html">d2i_X509(3)</a>.</p>
+
+<p>SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object&#39;s session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_SSL_SESSION() returns a pointer to the newly allocated SSL_SESSION object. In case of failure the NULL-pointer is returned and the error message can be retrieved from the error stack.</p>
+
+<p>i2d_SSL_SESSION() returns the size of the ASN1 representation in bytes. When the session is not valid, <b>0</b> is returned and no operation is performed.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_SXNET.html b/msys2/usr/share/doc/openssl/html/man3/i2d_SXNET.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_SXNET.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_SXNETID.html b/msys2/usr/share/doc/openssl/html/man3/i2d_SXNETID.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_SXNETID.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_ACCURACY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_ACCURACY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_ACCURACY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_REQ_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_RESP_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_STATUS_INFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_STATUS_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_STATUS_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_USERNOTICE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_USERNOTICE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_USERNOTICE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ALGOR.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ALGOR.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ALGOR.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ALGORS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ALGORS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ALGORS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ATTRIBUTE.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ATTRIBUTE.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_ATTRIBUTE.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_AUX.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_AUX.html
new file mode 100644
index 000000000..c1fdcc10c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_AUX.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>i2d_re_X509_tbs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_X509_AUX, i2d_X509_AUX, i2d_re_X509_tbs, i2d_re_X509_CRL_tbs, i2d_re_X509_REQ_tbs - X509 encode and decode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *d2i_X509_AUX(X509 **px, const unsigned char **in, long len);
+ int i2d_X509_AUX(X509 *x, unsigned char **out);
+ int i2d_re_X509_tbs(X509 *x, unsigned char **out);
+ int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp);
+ int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 encode and decode routines encode and parse an <b>X509</b> structure, which represents an X509 certificate.</p>
+
+<p>d2i_X509_AUX() is similar to <a href="../man3/d2i_X509.html">d2i_X509(3)</a> but the input is expected to consist of an X509 certificate followed by auxiliary trust information. This is used by the PEM routines to read &quot;TRUSTED CERTIFICATE&quot; objects. This function should not be called on untrusted input.</p>
+
+<p>i2d_X509_AUX() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a>, but the encoded output contains both the certificate and any auxiliary trust information. This is used by the PEM routines to write &quot;TRUSTED CERTIFICATE&quot; objects. Note that this is a non-standard OpenSSL-specific data format.</p>
+
+<p>i2d_re_X509_tbs() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a> except it encodes only the TBSCertificate portion of the certificate. i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() are analogous for CRL and certificate request, respectively. The &quot;re&quot; in <b>i2d_re_X509_tbs</b> stands for &quot;re-encode&quot;, and ensures that a fresh encoding is generated in case the object has been modified after creation (see the BUGS section).</p>
+
+<p>The encoding of the TBSCertificate portion of a certificate is cached in the <b>X509</b> structure internally to improve encoding performance and to ensure certificate signatures are verified correctly in some certificates with broken (non-DER) encodings.</p>
+
+<p>If, after modification, the <b>X509</b> object is re-signed with X509_sign(), the encoding is automatically renewed. Otherwise, the encoding of the TBSCertificate portion of the <b>X509</b> can be manually renewed by calling i2d_re_X509_tbs().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_X509_AUX() returns a valid <b>X509</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_X509_AUX() returns the length of encoded data or -1 on error.</p>
+
+<p>i2d_re_X509_tbs(), i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() return the length of encoded data or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CERT_AUX.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CERT_AUX.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CERT_AUX.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CINF.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CINF.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CINF.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_INFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_CRL_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_EXTENSION.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_EXTENSION.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_EXTENSION.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_EXTENSIONS.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_EXTENSIONS.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_EXTENSIONS.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_NAME.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_NAME.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_NAME.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_NAME_ENTRY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_NAME_ENTRY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_NAME_ENTRY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_PUBKEY.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_PUBKEY.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_PUBKEY.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_INFO.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_INFO.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_INFO.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_bio.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_bio.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_bio.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_fp.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_fp.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REQ_fp.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REVOKED.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REVOKED.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_REVOKED.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_SIG.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_SIG.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_SIG.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_X509_VAL.html b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_VAL.html
new file mode 100644
index 000000000..bbdacff37
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_X509_VAL.html
@@ -0,0 +1,231 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>d2i_X509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#WARNINGS">WARNINGS</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_ACCESS_DESCRIPTION, d2i_ADMISSIONS, d2i_ADMISSION_SYNTAX, d2i_ASIdOrRange, d2i_ASIdentifierChoice, d2i_ASIdentifiers, d2i_ASN1_BIT_STRING, d2i_ASN1_BMPSTRING, d2i_ASN1_ENUMERATED, d2i_ASN1_GENERALIZEDTIME, d2i_ASN1_GENERALSTRING, d2i_ASN1_IA5STRING, d2i_ASN1_INTEGER, d2i_ASN1_NULL, d2i_ASN1_OBJECT, d2i_ASN1_OCTET_STRING, d2i_ASN1_PRINTABLE, d2i_ASN1_PRINTABLESTRING, d2i_ASN1_SEQUENCE_ANY, d2i_ASN1_SET_ANY, d2i_ASN1_T61STRING, d2i_ASN1_TIME, d2i_ASN1_TYPE, d2i_ASN1_UINTEGER, d2i_ASN1_UNIVERSALSTRING, d2i_ASN1_UTCTIME, d2i_ASN1_UTF8STRING, d2i_ASN1_VISIBLESTRING, d2i_ASRange, d2i_AUTHORITY_INFO_ACCESS, d2i_AUTHORITY_KEYID, d2i_BASIC_CONSTRAINTS, d2i_CERTIFICATEPOLICIES, d2i_CMS_ContentInfo, d2i_CMS_ReceiptRequest, d2i_CMS_bio, d2i_CRL_DIST_POINTS, d2i_DHxparams, d2i_DIRECTORYSTRING, d2i_DISPLAYTEXT, d2i_DIST_POINT, d2i_DIST_POINT_NAME, d2i_DSAPrivateKey, d2i_DSAPrivateKey_bio, d2i_DSAPrivateKey_fp, d2i_DSAPublicKey, d2i_DSA_PUBKEY, d2i_DSA_PUBKEY_bio, d2i_DSA_PUBKEY_fp, d2i_DSA_SIG, d2i_DSAparams, d2i_ECPKParameters, d2i_ECParameters, d2i_ECPrivateKey, d2i_ECPrivateKey_bio, d2i_ECPrivateKey_fp, d2i_EC_PUBKEY, d2i_EC_PUBKEY_bio, d2i_EC_PUBKEY_fp, d2i_EDIPARTYNAME, d2i_ESS_CERT_ID, d2i_ESS_ISSUER_SERIAL, d2i_ESS_SIGNING_CERT, d2i_EXTENDED_KEY_USAGE, d2i_GENERAL_NAME, d2i_GENERAL_NAMES, d2i_IPAddressChoice, d2i_IPAddressFamily, d2i_IPAddressOrRange, d2i_IPAddressRange, d2i_ISSUING_DIST_POINT, d2i_NAMING_AUTHORITY, d2i_NETSCAPE_CERT_SEQUENCE, d2i_NETSCAPE_SPKAC, d2i_NETSCAPE_SPKI, d2i_NOTICEREF, d2i_OCSP_BASICRESP, d2i_OCSP_CERTID, d2i_OCSP_CERTSTATUS, d2i_OCSP_CRLID, d2i_OCSP_ONEREQ, d2i_OCSP_REQINFO, d2i_OCSP_REQUEST, d2i_OCSP_RESPBYTES, d2i_OCSP_RESPDATA, d2i_OCSP_RESPID, d2i_OCSP_RESPONSE, d2i_OCSP_REVOKEDINFO, d2i_OCSP_SERVICELOC, d2i_OCSP_SIGNATURE, d2i_OCSP_SINGLERESP, d2i_OTHERNAME, d2i_PBE2PARAM, d2i_PBEPARAM, d2i_PBKDF2PARAM, d2i_PKCS12, d2i_PKCS12_BAGS, d2i_PKCS12_MAC_DATA, d2i_PKCS12_SAFEBAG, d2i_PKCS12_bio, d2i_PKCS12_fp, d2i_PKCS7, d2i_PKCS7_DIGEST, d2i_PKCS7_ENCRYPT, d2i_PKCS7_ENC_CONTENT, d2i_PKCS7_ENVELOPE, d2i_PKCS7_ISSUER_AND_SERIAL, d2i_PKCS7_RECIP_INFO, d2i_PKCS7_SIGNED, d2i_PKCS7_SIGNER_INFO, d2i_PKCS7_SIGN_ENVELOPE, d2i_PKCS7_bio, d2i_PKCS7_fp, d2i_PKCS8_PRIV_KEY_INFO, d2i_PKCS8_PRIV_KEY_INFO_bio, d2i_PKCS8_PRIV_KEY_INFO_fp, d2i_PKCS8_bio, d2i_PKCS8_fp, d2i_PKEY_USAGE_PERIOD, d2i_POLICYINFO, d2i_POLICYQUALINFO, d2i_PROFESSION_INFO, d2i_PROXY_CERT_INFO_EXTENSION, d2i_PROXY_POLICY, d2i_RSAPrivateKey, d2i_RSAPrivateKey_bio, d2i_RSAPrivateKey_fp, d2i_RSAPublicKey, d2i_RSAPublicKey_bio, d2i_RSAPublicKey_fp, d2i_RSA_OAEP_PARAMS, d2i_RSA_PSS_PARAMS, d2i_RSA_PUBKEY, d2i_RSA_PUBKEY_bio, d2i_RSA_PUBKEY_fp, d2i_SCRYPT_PARAMS, d2i_SCT_LIST, d2i_SXNET, d2i_SXNETID, d2i_TS_ACCURACY, d2i_TS_MSG_IMPRINT, d2i_TS_MSG_IMPRINT_bio, d2i_TS_MSG_IMPRINT_fp, d2i_TS_REQ, d2i_TS_REQ_bio, d2i_TS_REQ_fp, d2i_TS_RESP, d2i_TS_RESP_bio, d2i_TS_RESP_fp, d2i_TS_STATUS_INFO, d2i_TS_TST_INFO, d2i_TS_TST_INFO_bio, d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, d2i_X509_CERT_AUX, d2i_X509_CINF, d2i_X509_CRL, d2i_X509_CRL_INFO, d2i_X509_CRL_bio, d2i_X509_CRL_fp, d2i_X509_EXTENSION, d2i_X509_EXTENSIONS, d2i_X509_NAME, d2i_X509_NAME_ENTRY, d2i_X509_PUBKEY, d2i_X509_REQ, d2i_X509_REQ_INFO, d2i_X509_REQ_bio, d2i_X509_REQ_fp, d2i_X509_REVOKED, d2i_X509_SIG, d2i_X509_VAL, i2d_ACCESS_DESCRIPTION, i2d_ADMISSIONS, i2d_ADMISSION_SYNTAX, i2d_ASIdOrRange, i2d_ASIdentifierChoice, i2d_ASIdentifiers, i2d_ASN1_BIT_STRING, i2d_ASN1_BMPSTRING, i2d_ASN1_ENUMERATED, i2d_ASN1_GENERALIZEDTIME, i2d_ASN1_GENERALSTRING, i2d_ASN1_IA5STRING, i2d_ASN1_INTEGER, i2d_ASN1_NULL, i2d_ASN1_OBJECT, i2d_ASN1_OCTET_STRING, i2d_ASN1_PRINTABLE, i2d_ASN1_PRINTABLESTRING, i2d_ASN1_SEQUENCE_ANY, i2d_ASN1_SET_ANY, i2d_ASN1_T61STRING, i2d_ASN1_TIME, i2d_ASN1_TYPE, i2d_ASN1_UNIVERSALSTRING, i2d_ASN1_UTCTIME, i2d_ASN1_UTF8STRING, i2d_ASN1_VISIBLESTRING, i2d_ASN1_bio_stream, i2d_ASRange, i2d_AUTHORITY_INFO_ACCESS, i2d_AUTHORITY_KEYID, i2d_BASIC_CONSTRAINTS, i2d_CERTIFICATEPOLICIES, i2d_CMS_ContentInfo, i2d_CMS_ReceiptRequest, i2d_CMS_bio, i2d_CRL_DIST_POINTS, i2d_DHxparams, i2d_DIRECTORYSTRING, i2d_DISPLAYTEXT, i2d_DIST_POINT, i2d_DIST_POINT_NAME, i2d_DSAPrivateKey, i2d_DSAPrivateKey_bio, i2d_DSAPrivateKey_fp, i2d_DSAPublicKey, i2d_DSA_PUBKEY, i2d_DSA_PUBKEY_bio, i2d_DSA_PUBKEY_fp, i2d_DSA_SIG, i2d_DSAparams, i2d_ECPKParameters, i2d_ECParameters, i2d_ECPrivateKey, i2d_ECPrivateKey_bio, i2d_ECPrivateKey_fp, i2d_EC_PUBKEY, i2d_EC_PUBKEY_bio, i2d_EC_PUBKEY_fp, i2d_EDIPARTYNAME, i2d_ESS_CERT_ID, i2d_ESS_ISSUER_SERIAL, i2d_ESS_SIGNING_CERT, i2d_EXTENDED_KEY_USAGE, i2d_GENERAL_NAME, i2d_GENERAL_NAMES, i2d_IPAddressChoice, i2d_IPAddressFamily, i2d_IPAddressOrRange, i2d_IPAddressRange, i2d_ISSUING_DIST_POINT, i2d_NAMING_AUTHORITY, i2d_NETSCAPE_CERT_SEQUENCE, i2d_NETSCAPE_SPKAC, i2d_NETSCAPE_SPKI, i2d_NOTICEREF, i2d_OCSP_BASICRESP, i2d_OCSP_CERTID, i2d_OCSP_CERTSTATUS, i2d_OCSP_CRLID, i2d_OCSP_ONEREQ, i2d_OCSP_REQINFO, i2d_OCSP_REQUEST, i2d_OCSP_RESPBYTES, i2d_OCSP_RESPDATA, i2d_OCSP_RESPID, i2d_OCSP_RESPONSE, i2d_OCSP_REVOKEDINFO, i2d_OCSP_SERVICELOC, i2d_OCSP_SIGNATURE, i2d_OCSP_SINGLERESP, i2d_OTHERNAME, i2d_PBE2PARAM, i2d_PBEPARAM, i2d_PBKDF2PARAM, i2d_PKCS12, i2d_PKCS12_BAGS, i2d_PKCS12_MAC_DATA, i2d_PKCS12_SAFEBAG, i2d_PKCS12_bio, i2d_PKCS12_fp, i2d_PKCS7, i2d_PKCS7_DIGEST, i2d_PKCS7_ENCRYPT, i2d_PKCS7_ENC_CONTENT, i2d_PKCS7_ENVELOPE, i2d_PKCS7_ISSUER_AND_SERIAL, i2d_PKCS7_NDEF, i2d_PKCS7_RECIP_INFO, i2d_PKCS7_SIGNED, i2d_PKCS7_SIGNER_INFO, i2d_PKCS7_SIGN_ENVELOPE, i2d_PKCS7_bio, i2d_PKCS7_fp, i2d_PKCS8PrivateKeyInfo_bio, i2d_PKCS8PrivateKeyInfo_fp, i2d_PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO_bio, i2d_PKCS8_PRIV_KEY_INFO_fp, i2d_PKCS8_bio, i2d_PKCS8_fp, i2d_PKEY_USAGE_PERIOD, i2d_POLICYINFO, i2d_POLICYQUALINFO, i2d_PROFESSION_INFO, i2d_PROXY_CERT_INFO_EXTENSION, i2d_PROXY_POLICY, i2d_PublicKey, i2d_RSAPrivateKey, i2d_RSAPrivateKey_bio, i2d_RSAPrivateKey_fp, i2d_RSAPublicKey, i2d_RSAPublicKey_bio, i2d_RSAPublicKey_fp, i2d_RSA_OAEP_PARAMS, i2d_RSA_PSS_PARAMS, i2d_RSA_PUBKEY, i2d_RSA_PUBKEY_bio, i2d_RSA_PUBKEY_fp, i2d_SCRYPT_PARAMS, i2d_SCT_LIST, i2d_SXNET, i2d_SXNETID, i2d_TS_ACCURACY, i2d_TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT_bio, i2d_TS_MSG_IMPRINT_fp, i2d_TS_REQ, i2d_TS_REQ_bio, i2d_TS_REQ_fp, i2d_TS_RESP, i2d_TS_RESP_bio, i2d_TS_RESP_fp, i2d_TS_STATUS_INFO, i2d_TS_TST_INFO, i2d_TS_TST_INFO_bio, i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, i2d_X509_CERT_AUX, i2d_X509_CINF, i2d_X509_CRL, i2d_X509_CRL_INFO, i2d_X509_CRL_bio, i2d_X509_CRL_fp, i2d_X509_EXTENSION, i2d_X509_EXTENSIONS, i2d_X509_NAME, i2d_X509_NAME_ENTRY, i2d_X509_PUBKEY, i2d_X509_REQ, i2d_X509_REQ_INFO, i2d_X509_REQ_bio, i2d_X509_REQ_fp, i2d_X509_REVOKED, i2d_X509_SIG, i2d_X509_VAL, - convert objects from/to ASN.1/DER representation</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
+ TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
+ TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
+
+ int i2d_TYPE(TYPE *a, unsigned char **ppout);
+ int i2d_TYPE_fp(FILE *fp, TYPE *a);
+ int i2d_TYPE_bio(BIO *bp, TYPE *a);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>X509_CRL</i>. The function parameters <i>ppin</i> and <i>ppout</i> are generally either both named <i>pp</i> in the headers, or <i>in</i> and <i>out</i>.</p>
+
+<p>These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on.</p>
+
+<p>d2i_TYPE() attempts to decode <b>len</b> bytes at <b>*ppin</b>. If successful a pointer to the <b>TYPE</b> structure is returned and <b>*ppin</b> is incremented to the byte following the parsed data. If <b>a</b> is not <b>NULL</b> then a pointer to the returned structure is also written to <b>*a</b>. If an error occurred then <b>NULL</b> is returned.</p>
+
+<p>On a successful return, if <b>*a</b> is not <b>NULL</b> then it is assumed that <b>*a</b> contains a valid <b>TYPE</b> structure and an attempt is made to reuse it. This &quot;reuse&quot; capability is present for historical compatibility but its use is <b>strongly discouraged</b> (see BUGS below, and the discussion in the RETURN VALUES section).</p>
+
+<p>d2i_TYPE_bio() is similar to d2i_TYPE() except it attempts to parse data from BIO <b>bp</b>.</p>
+
+<p>d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer <b>fp</b>.</p>
+
+<p>i2d_TYPE() encodes the structure pointed to by <b>a</b> into DER format. If <b>ppout</b> is not <b>NULL</b>, it writes the DER encoded data to the buffer at <b>*ppout</b>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data.</p>
+
+<p>If <b>*ppout</b> is <b>NULL</b> memory will be allocated for a buffer and the encoded data written to it. In this case <b>*ppout</b> is not incremented and it points to the start of the data just written.</p>
+
+<p>i2d_TYPE_bio() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>i2d_TYPE_fp() is similar to i2d_TYPE() except it writes the encoding of the structure <b>a</b> to BIO <b>bp</b> and it returns 1 for success and 0 for failure.</p>
+
+<p>These routines do not encrypt private keys and therefore offer no security; use <a href="../man3/PEM_write_PrivateKey.html">PEM_write_PrivateKey(3)</a> or similar for writing to files.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The letters <b>i</b> and <b>d</b> in <b>i2d_TYPE</b> stand for &quot;internal&quot; (that is, an internal C structure) and &quot;DER&quot; respectively. So <b>i2d_TYPE</b> converts from internal to DER.</p>
+
+<p>The functions can also understand <b>BER</b> forms.</p>
+
+<p>The actual TYPE structure passed to i2d_TYPE() must be a valid populated <b>TYPE</b> structure -- it <b>cannot</b> simply be fed with an empty structure such as that returned by TYPE_new().</p>
+
+<p>The encoded data is in binary form and may contain embedded zeroes. Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will <b>not</b> return the correct length of the encoded structure.</p>
+
+<p>The ways that <b>*ppin</b> and <b>*ppout</b> are incremented after the operation can trap the unwary. See the <b>WARNINGS</b> section for some common errors. The reason for this-auto increment behaviour is to reflect a typical usage of ASN1 functions: after one structure is encoded or decoded another will be processed after it.</p>
+
+<p>The following points about the data types might be useful:</p>
+
+<dl>
+
+<dt id="ASN1_OBJECT"><b>ASN1_OBJECT</b></dt>
+<dd>
+
+<p>Represents an ASN1 OBJECT IDENTIFIER.</p>
+
+</dd>
+<dt id="DHparams"><b>DHparams</b></dt>
+<dd>
+
+<p>Represents a PKCS#3 DH parameters structure.</p>
+
+</dd>
+<dt id="DHparamx"><b>DHparamx</b></dt>
+<dd>
+
+<p>Represents an ANSI X9.42 DH parameters structure.</p>
+
+</dd>
+<dt id="DSA_PUBKEY"><b>DSA_PUBKEY</b></dt>
+<dd>
+
+<p>Represents a DSA public key using a <b>SubjectPublicKeyInfo</b> structure.</p>
+
+</dd>
+<dt id="DSAPublicKey-DSAPrivateKey"><b>DSAPublicKey, DSAPrivateKey</b></dt>
+<dd>
+
+<p>Use a non-standard OpenSSL format and should be avoided; use <b>DSA_PUBKEY</b>, <b>PEM_write_PrivateKey(3)</b>, or similar instead.</p>
+
+</dd>
+<dt id="RSAPublicKey"><b>RSAPublicKey</b></dt>
+<dd>
+
+<p>Represents a PKCS#1 RSA public key structure.</p>
+
+</dd>
+<dt id="X509_ALGOR"><b>X509_ALGOR</b></dt>
+<dd>
+
+<p>Represents an <b>AlgorithmIdentifier</b> structure as used in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_Name"><b>X509_Name</b></dt>
+<dd>
+
+<p>Represents a <b>Name</b> type as used for subject and issuer names in IETF RFC 6960 and elsewhere.</p>
+
+</dd>
+<dt id="X509_REQ"><b>X509_REQ</b></dt>
+<dd>
+
+<p>Represents a PKCS#10 certificate request.</p>
+
+</dd>
+<dt id="X509_SIG"><b>X509_SIG</b></dt>
+<dd>
+
+<p>Represents the <b>DigestInfo</b> structure defined in PKCS#1 and PKCS#7.</p>
+
+</dd>
+</dl>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Allocate and encode the DER encoding of an X509 structure:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ buf = NULL;
+ len = i2d_X509(x, &amp;buf);
+ if (len &lt; 0)
+     /* error */</code></pre>
+
+<p>Attempt to decode a buffer:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = d2i_X509(NULL, &amp;p, len);
+ if (x == NULL)
+     /* error */</code></pre>
+
+<p>Alternative technique:</p>
+
+<pre><code> X509 *x;
+ unsigned char *buf, *p;
+ int len;
+
+ /* Set up buf and len to point to the input buffer. */
+ p = buf;
+ x = NULL;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<h1 id="WARNINGS">WARNINGS</h1>
+
+<p>Using a temporary variable is mandatory. A common mistake is to attempt to use a buffer directly as follows:</p>
+
+<pre><code> int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+ buf = OPENSSL_malloc(len);
+ ...
+ i2d_X509(x, &amp;buf);
+ ...
+ OPENSSL_free(buf);</code></pre>
+
+<p>This code will result in <b>buf</b> apparently containing garbage because it was incremented after the call to point after the data just written. Also <b>buf</b> will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.</p>
+
+<p>Another trap to avoid is misuse of the <b>a</b> argument to d2i_TYPE():</p>
+
+<pre><code> X509 *x;
+
+ if (d2i_X509(&amp;x, &amp;p, len) == NULL)
+     /* error */</code></pre>
+
+<p>This will probably crash somewhere in d2i_X509(). The reason for this is that the variable <b>x</b> is uninitialized and an attempt will be made to interpret its (invalid) value as an <b>X509</b> structure, typically causing a segmentation violation. If <b>x</b> is set to NULL first then this will not happen.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>In some versions of OpenSSL the &quot;reuse&quot; behaviour of d2i_TYPE() when <b>*px</b> is valid is broken and some parts of the reused structure may persist if they are not present in the new one. As a result the use of this &quot;reuse&quot; behaviour is strongly discouraged.</p>
+
+<p>i2d_TYPE() will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the fields entirely and will not be parsed by d2i_TYPE(). This may be fixed in future so code should not assume that i2d_TYPE() will always succeed.</p>
+
+<p>Any function which encodes a structure (i2d_TYPE(), i2d_TYPE() or i2d_TYPE()) may return a stale encoding if the structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid <b>TYPE</b> structure or <b>NULL</b> if an error occurs. If the &quot;reuse&quot; capability has been used with a valid structure being passed in via <b>a</b>, then the object is not freed in the event of error but may be in a potentially invalid or inconsistent state.</p>
+
+<p>i2d_TYPE() returns the number of bytes successfully encoded or a negative value if an error occurs.</p>
+
+<p>i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error occurs.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_CRL_tbs.html b/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_CRL_tbs.html
new file mode 100644
index 000000000..c1fdcc10c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_CRL_tbs.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>i2d_re_X509_tbs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_X509_AUX, i2d_X509_AUX, i2d_re_X509_tbs, i2d_re_X509_CRL_tbs, i2d_re_X509_REQ_tbs - X509 encode and decode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *d2i_X509_AUX(X509 **px, const unsigned char **in, long len);
+ int i2d_X509_AUX(X509 *x, unsigned char **out);
+ int i2d_re_X509_tbs(X509 *x, unsigned char **out);
+ int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp);
+ int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 encode and decode routines encode and parse an <b>X509</b> structure, which represents an X509 certificate.</p>
+
+<p>d2i_X509_AUX() is similar to <a href="../man3/d2i_X509.html">d2i_X509(3)</a> but the input is expected to consist of an X509 certificate followed by auxiliary trust information. This is used by the PEM routines to read &quot;TRUSTED CERTIFICATE&quot; objects. This function should not be called on untrusted input.</p>
+
+<p>i2d_X509_AUX() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a>, but the encoded output contains both the certificate and any auxiliary trust information. This is used by the PEM routines to write &quot;TRUSTED CERTIFICATE&quot; objects. Note that this is a non-standard OpenSSL-specific data format.</p>
+
+<p>i2d_re_X509_tbs() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a> except it encodes only the TBSCertificate portion of the certificate. i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() are analogous for CRL and certificate request, respectively. The &quot;re&quot; in <b>i2d_re_X509_tbs</b> stands for &quot;re-encode&quot;, and ensures that a fresh encoding is generated in case the object has been modified after creation (see the BUGS section).</p>
+
+<p>The encoding of the TBSCertificate portion of a certificate is cached in the <b>X509</b> structure internally to improve encoding performance and to ensure certificate signatures are verified correctly in some certificates with broken (non-DER) encodings.</p>
+
+<p>If, after modification, the <b>X509</b> object is re-signed with X509_sign(), the encoding is automatically renewed. Otherwise, the encoding of the TBSCertificate portion of the <b>X509</b> can be manually renewed by calling i2d_re_X509_tbs().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_X509_AUX() returns a valid <b>X509</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_X509_AUX() returns the length of encoded data or -1 on error.</p>
+
+<p>i2d_re_X509_tbs(), i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() return the length of encoded data or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_REQ_tbs.html b/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_REQ_tbs.html
new file mode 100644
index 000000000..c1fdcc10c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_REQ_tbs.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>i2d_re_X509_tbs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_X509_AUX, i2d_X509_AUX, i2d_re_X509_tbs, i2d_re_X509_CRL_tbs, i2d_re_X509_REQ_tbs - X509 encode and decode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *d2i_X509_AUX(X509 **px, const unsigned char **in, long len);
+ int i2d_X509_AUX(X509 *x, unsigned char **out);
+ int i2d_re_X509_tbs(X509 *x, unsigned char **out);
+ int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp);
+ int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 encode and decode routines encode and parse an <b>X509</b> structure, which represents an X509 certificate.</p>
+
+<p>d2i_X509_AUX() is similar to <a href="../man3/d2i_X509.html">d2i_X509(3)</a> but the input is expected to consist of an X509 certificate followed by auxiliary trust information. This is used by the PEM routines to read &quot;TRUSTED CERTIFICATE&quot; objects. This function should not be called on untrusted input.</p>
+
+<p>i2d_X509_AUX() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a>, but the encoded output contains both the certificate and any auxiliary trust information. This is used by the PEM routines to write &quot;TRUSTED CERTIFICATE&quot; objects. Note that this is a non-standard OpenSSL-specific data format.</p>
+
+<p>i2d_re_X509_tbs() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a> except it encodes only the TBSCertificate portion of the certificate. i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() are analogous for CRL and certificate request, respectively. The &quot;re&quot; in <b>i2d_re_X509_tbs</b> stands for &quot;re-encode&quot;, and ensures that a fresh encoding is generated in case the object has been modified after creation (see the BUGS section).</p>
+
+<p>The encoding of the TBSCertificate portion of a certificate is cached in the <b>X509</b> structure internally to improve encoding performance and to ensure certificate signatures are verified correctly in some certificates with broken (non-DER) encodings.</p>
+
+<p>If, after modification, the <b>X509</b> object is re-signed with X509_sign(), the encoding is automatically renewed. Otherwise, the encoding of the TBSCertificate portion of the <b>X509</b> can be manually renewed by calling i2d_re_X509_tbs().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_X509_AUX() returns a valid <b>X509</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_X509_AUX() returns the length of encoded data or -1 on error.</p>
+
+<p>i2d_re_X509_tbs(), i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() return the length of encoded data or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_tbs.html b/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_tbs.html
new file mode 100644
index 000000000..c1fdcc10c
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2d_re_X509_tbs.html
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>i2d_re_X509_tbs</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>d2i_X509_AUX, i2d_X509_AUX, i2d_re_X509_tbs, i2d_re_X509_CRL_tbs, i2d_re_X509_REQ_tbs - X509 encode and decode functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;
+
+ X509 *d2i_X509_AUX(X509 **px, const unsigned char **in, long len);
+ int i2d_X509_AUX(X509 *x, unsigned char **out);
+ int i2d_re_X509_tbs(X509 *x, unsigned char **out);
+ int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp);
+ int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The X509 encode and decode routines encode and parse an <b>X509</b> structure, which represents an X509 certificate.</p>
+
+<p>d2i_X509_AUX() is similar to <a href="../man3/d2i_X509.html">d2i_X509(3)</a> but the input is expected to consist of an X509 certificate followed by auxiliary trust information. This is used by the PEM routines to read &quot;TRUSTED CERTIFICATE&quot; objects. This function should not be called on untrusted input.</p>
+
+<p>i2d_X509_AUX() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a>, but the encoded output contains both the certificate and any auxiliary trust information. This is used by the PEM routines to write &quot;TRUSTED CERTIFICATE&quot; objects. Note that this is a non-standard OpenSSL-specific data format.</p>
+
+<p>i2d_re_X509_tbs() is similar to <a href="../man3/i2d_X509.html">i2d_X509(3)</a> except it encodes only the TBSCertificate portion of the certificate. i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() are analogous for CRL and certificate request, respectively. The &quot;re&quot; in <b>i2d_re_X509_tbs</b> stands for &quot;re-encode&quot;, and ensures that a fresh encoding is generated in case the object has been modified after creation (see the BUGS section).</p>
+
+<p>The encoding of the TBSCertificate portion of a certificate is cached in the <b>X509</b> structure internally to improve encoding performance and to ensure certificate signatures are verified correctly in some certificates with broken (non-DER) encodings.</p>
+
+<p>If, after modification, the <b>X509</b> object is re-signed with X509_sign(), the encoding is automatically renewed. Otherwise, the encoding of the TBSCertificate portion of the <b>X509</b> can be manually renewed by calling i2d_re_X509_tbs().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>d2i_X509_AUX() returns a valid <b>X509</b> structure or NULL if an error occurred.</p>
+
+<p>i2d_X509_AUX() returns the length of encoded data or -1 on error.</p>
+
+<p>i2d_re_X509_tbs(), i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs() return the length of encoded data or 0 on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a> <a href="../man3/X509_CRL_get0_by_serial.html">X509_CRL_get0_by_serial(3)</a>, <a href="../man3/X509_get0_signature.html">X509_get0_signature(3)</a>, <a href="../man3/X509_get_ext_d2i.html">X509_get_ext_d2i(3)</a>, <a href="../man3/X509_get_extension_flags.html">X509_get_extension_flags(3)</a>, <a href="../man3/X509_get_pubkey.html">X509_get_pubkey(3)</a>, <a href="../man3/X509_get_subject_name.html">X509_get_subject_name(3)</a>, <a href="../man3/X509_get_version.html">X509_get_version(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_get_index_by_NID.html">X509_NAME_get_index_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_new.html">X509_new(3)</a>, <a href="../man3/X509_sign.html">X509_sign(3)</a>, <a href="../man3/X509V3_get_d2i.html">X509V3_get_d2i(3)</a>, <a href="../man3/X509_verify_cert.html">X509_verify_cert(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2o_SCT.html b/msys2/usr/share/doc/openssl/html/man3/i2o_SCT.html
new file mode 100644
index 000000000..592e84dd1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2o_SCT.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>o2i_SCT_LIST</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>o2i_SCT_LIST, i2o_SCT_LIST, o2i_SCT, i2o_SCT - decode and encode Signed Certificate Timestamp lists in TLS wire format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+                             size_t len);
+ int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
+ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
+ int i2o_SCT(const SCT *sct, unsigned char **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SCT_LIST and SCT functions are very similar to the i2d and d2i family of functions, except that they convert to and from TLS wire format, as described in RFC 6962. See <a>d2i_SCT_LIST</a> for more information about how the parameters are treated and the return values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All of the functions have return values consistent with those stated for <a>d2i_SCT_LIST</a> and <a>i2d_SCT_LIST</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/d2i_SCT_LIST.html">d2i_SCT_LIST(3)</a>, <a href="../man3/i2d_SCT_LIST.html">i2d_SCT_LIST(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2o_SCT_LIST.html b/msys2/usr/share/doc/openssl/html/man3/i2o_SCT_LIST.html
new file mode 100644
index 000000000..592e84dd1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2o_SCT_LIST.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>o2i_SCT_LIST</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>o2i_SCT_LIST, i2o_SCT_LIST, o2i_SCT, i2o_SCT - decode and encode Signed Certificate Timestamp lists in TLS wire format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+                             size_t len);
+ int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
+ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
+ int i2o_SCT(const SCT *sct, unsigned char **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SCT_LIST and SCT functions are very similar to the i2d and d2i family of functions, except that they convert to and from TLS wire format, as described in RFC 6962. See <a>d2i_SCT_LIST</a> for more information about how the parameters are treated and the return values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All of the functions have return values consistent with those stated for <a>d2i_SCT_LIST</a> and <a>i2d_SCT_LIST</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/d2i_SCT_LIST.html">d2i_SCT_LIST(3)</a>, <a href="../man3/i2d_SCT_LIST.html">i2d_SCT_LIST(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/i2t_ASN1_OBJECT.html b/msys2/usr/share/doc/openssl/html/man3/i2t_ASN1_OBJECT.html
new file mode 100644
index 000000000..d84a629fb
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/i2t_ASN1_OBJECT.html
@@ -0,0 +1,165 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OBJ_nid2obj</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>i2t_ASN1_OBJECT, OBJ_length, OBJ_get0_data, OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/objects.h&gt;
+
+ ASN1_OBJECT *OBJ_nid2obj(int n);
+ const char *OBJ_nid2ln(int n);
+ const char *OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid, const char *sn, const char *ln);
+
+ size_t OBJ_length(const ASN1_OBJECT *obj);
+ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);</code></pre>
+
+<p>Deprecated:</p>
+
+<pre><code> #if OPENSSL_API_COMPAT &lt; 0x10100000L
+ void OBJ_cleanup(void)
+ #endif</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The ASN1 object utility functions process ASN1_OBJECT structures which are a representation of the ASN1 OBJECT IDENTIFIER (OID) type. For convenience, OIDs are usually represented in source code as numeric identifiers, or <b>NID</b>s. OpenSSL has an internal table of OIDs that are generated when the library is built, and their corresponding NIDs are available as defined constants. For the functions below, application code should treat all returned values -- OIDs, NIDs, or names -- as constants.</p>
+
+<p>OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID <b>n</b> to an ASN1_OBJECT structure, its long name and its short name respectively, or <b>NULL</b> if an error occurred.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object <b>o</b>, the long name &lt;ln&gt; or the short name &lt;sn&gt; respectively or NID_undef if an error occurred.</p>
+
+<p>OBJ_txt2nid() returns NID corresponding to text string &lt;s&gt;. <b>s</b> can be a long name, a short name or the numerical representation of an object.</p>
+
+<p>OBJ_txt2obj() converts the text string <b>s</b> into an ASN1_OBJECT structure. If <b>no_name</b> is 0 then long names and short names will be interpreted as well as numerical forms. If <b>no_name</b> is 1 only the numerical form is acceptable.</p>
+
+<p>OBJ_obj2txt() converts the <b>ASN1_OBJECT</b> <b>a</b> into a textual representation. The representation is written as a null terminated string to <b>buf</b> at most <b>buf_len</b> bytes are written, truncating the result if necessary. The total amount of space required is returned. If <b>no_name</b> is 0 then if the object has a long or short name then that will be used, otherwise the numerical form will be used. If <b>no_name</b> is 1 then the numerical form will always be used.</p>
+
+<p>i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the <b>no_name</b> set to zero.</p>
+
+<p>OBJ_cmp() compares <b>a</b> to <b>b</b>. If the two are identical 0 is returned.</p>
+
+<p>OBJ_dup() returns a copy of <b>o</b>.</p>
+
+<p>OBJ_create() adds a new object to the internal table. <b>oid</b> is the numerical form of the object, <b>sn</b> the short name and <b>ln</b> the long name. A new NID is returned for the created object in case of success and NID_undef in case of failure.</p>
+
+<p>OBJ_length() returns the size of the content octets of <b>obj</b>.</p>
+
+<p>OBJ_get0_data() returns a pointer to the content octets of <b>obj</b>. The returned pointer is an internal pointer which <b>must not</b> be freed.</p>
+
+<p>OBJ_cleanup() releases any resources allocated by creating new objects.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Objects in OpenSSL can have a short name, a long name and a numerical identifier (NID) associated with them. A standard set of objects is represented in an internal table. The appropriate values are defined in the header file <b>objects.h</b>.</p>
+
+<p>For example the OID for commonName has the following definitions:</p>
+
+<pre><code> #define SN_commonName                   &quot;CN&quot;
+ #define LN_commonName                   &quot;commonName&quot;
+ #define NID_commonName                  13</code></pre>
+
+<p>New objects can be added by calling OBJ_create().</p>
+
+<p>Table objects have certain advantages over other objects: for example their NIDs can be used in a C language switch statement. They are also static constant structures which are shared: that is there is only a single constant structure for each table object.</p>
+
+<p>Objects which are not in the table have the NID value NID_undef.</p>
+
+<p>Objects do not need to be in the internal tables to be processed, the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical form of an OID.</p>
+
+<p>Some objects are used to represent algorithms which do not have a corresponding ASN.1 OBJECT IDENTIFIER encoding (for example no OID currently exists for a particular algorithm). As a result they <b>cannot</b> be encoded or decoded as part of ASN.1 structures. Applications can determine if there is a corresponding OBJECT IDENTIFIER by checking OBJ_length() is not zero.</p>
+
+<p>These functions cannot return <b>const</b> because an <b>ASN1_OBJECT</b> can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Create an object for <b>commonName</b>:</p>
+
+<pre><code> ASN1_OBJECT *o = OBJ_nid2obj(NID_commonName);</code></pre>
+
+<p>Check if an object is <b>commonName</b></p>
+
+<pre><code> if (OBJ_obj2nid(obj) == NID_commonName)
+     /* Do something */</code></pre>
+
+<p>Create a new NID and initialize an object from it:</p>
+
+<pre><code> int new_nid = OBJ_create(&quot;1.2.3.4&quot;, &quot;NewOID&quot;, &quot;New Object Identifier&quot;);
+ ASN1_OBJECT *obj = OBJ_nid2obj(new_nid);</code></pre>
+
+<p>Create a new object directly:</p>
+
+<pre><code> obj = OBJ_txt2obj(&quot;1.2.3.4&quot;, 1);</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>OBJ_obj2txt() is awkward and messy to use: it doesn&#39;t follow the convention of other OpenSSL functions where the buffer can be set to <b>NULL</b> to determine the amount of data that should be written. Instead <b>buf</b> must point to a valid buffer and <b>buf_len</b> should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>OBJ_nid2obj() returns an <b>ASN1_OBJECT</b> structure or <b>NULL</b> is an error occurred.</p>
+
+<p>OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or <b>NULL</b> on error.</p>
+
+<p>OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return a NID or <b>NID_undef</b> on error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/ERR_get_error.html">ERR_get_error(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>OBJ_cleanup() was deprecated in OpenSSL 1.1.0 by <a href="../man3/OPENSSL_init_crypto.html">OPENSSL_init_crypto(3)</a> and should not be used.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_delete.html b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_delete.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_delete.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_doall.html b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_doall.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_doall.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_doall_arg.html b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_doall_arg.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_doall_arg.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_error.html b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_error.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_error.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_free.html b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_free.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_free.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_insert.html b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_insert.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_insert.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_new.html b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_new.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_new.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_retrieve.html b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_retrieve.html
new file mode 100644
index 000000000..e56e9e3b1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/lh_TYPE_retrieve.html
@@ -0,0 +1,176 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>OPENSSL_LH_COMPFUNC</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#NOTE">NOTE</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>LHASH, DECLARE_LHASH_OF, OPENSSL_LH_COMPFUNC, OPENSSL_LH_HASHFUNC, OPENSSL_LH_DOALL_FUNC, LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/lhash.h&gt;
+
+ DECLARE_LHASH_OF(TYPE);
+
+ LHASH *lh_TYPE_new(OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC compare);
+ void lh_TYPE_free(LHASH_OF(TYPE) *table);
+
+ TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
+ TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
+
+ void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
+ void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
+                        TYPE *arg);
+
+ int lh_TYPE_error(LHASH_OF(TYPE) *table);
+
+ typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *);
+ typedef unsigned long (*OPENSSL_LH_HASHFUNC)(const void *);
+ typedef void (*OPENSSL_LH_DOALL_FUNC)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements type-checked dynamic hash tables. The hash table entries can be arbitrary structures. Usually they consist of key and value fields. In the description here, <i>TYPE</i> is used a placeholder for any of the OpenSSL datatypes, such as <i>SSL_SESSION</i>.</p>
+
+<p>lh_TYPE_new() creates a new <b>LHASH_OF(TYPE)</b> structure to store arbitrary data entries, and specifies the &#39;hash&#39; and &#39;compare&#39; callbacks to be used in organising the table&#39;s entries. The <b>hash</b> callback takes a pointer to a table entry as its argument and returns an unsigned long hash value for its key field. The hash value is normally truncated to a power of 2, so make sure that your hash function returns well mixed low order bits. The <b>compare</b> callback takes two arguments (pointers to two hash table entries), and returns 0 if their keys are equal, non-zero otherwise.</p>
+
+<p>If your hash table will contain items of some particular type and the <b>hash</b> and <b>compare</b> callbacks hash/compare these types, then the <b>IMPLEMENT_LHASH_HASH_FN</b> and <b>IMPLEMENT_LHASH_COMP_FN</b> macros can be used to create callback wrappers of the prototypes required by lh_TYPE_new() as shown in this example:</p>
+
+<pre><code> /*
+  * Implement the hash and compare functions; &quot;stuff&quot; can be any word.
+  */
+ static unsigned long stuff_hash(const TYPE *a)
+ {
+     ...
+ }
+ static int stuff_cmp(const TYPE *a, const TYPE *b)
+ {
+     ...
+ }
+
+ /*
+  * Implement the wrapper functions.
+  */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, TYPE)
+ static IMPLEMENT_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>If the type is going to be used in several places, the following macros can be used in a common header file to declare the function wrappers:</p>
+
+<pre><code> DECLARE_LHASH_HASH_FN(stuff, TYPE)
+ DECLARE_LHASH_COMP_FN(stuff, TYPE)</code></pre>
+
+<p>Then a hash table of TYPE objects can be created using this:</p>
+
+<pre><code> LHASH_OF(TYPE) *htable;
+
+ htable = lh_TYPE_new(LHASH_HASH_FN(stuff), LHASH_COMP_FN(stuff));</code></pre>
+
+<p>lh_TYPE_free() frees the <b>LHASH_OF(TYPE)</b> structure <b>table</b>. Allocated hash table entries will not be freed; consider using lh_TYPE_doall() to deallocate any remaining entries in the hash table (see below).</p>
+
+<p>lh_TYPE_insert() inserts the structure pointed to by <b>data</b> into <b>table</b>. If there already is an entry with the same key, the old value is replaced. Note that lh_TYPE_insert() stores pointers, the data are not copied.</p>
+
+<p>lh_TYPE_delete() deletes an entry from <b>table</b>.</p>
+
+<p>lh_TYPE_retrieve() looks up an entry in <b>table</b>. Normally, <b>data</b> is a structure with the key field(s) set; the function will return a pointer to a fully populated structure.</p>
+
+<p>lh_TYPE_doall() will, for every entry in the hash table, call <b>func</b> with the data item as its parameter. For example:</p>
+
+<pre><code> /* Cleans up resources belonging to &#39;a&#39; (this is implemented elsewhere) */
+ void TYPE_cleanup_doall(TYPE *a);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_cleanup&quot; */
+ IMPLEMENT_LHASH_DOALL_FN(TYPE_cleanup, TYPE)
+
+ /* Call &quot;TYPE_cleanup&quot; against all items in a hash table. */
+ lh_TYPE_doall(hashtable, LHASH_DOALL_FN(TYPE_cleanup));
+
+ /* Then the hash table itself can be deallocated */
+ lh_TYPE_free(hashtable);</code></pre>
+
+<p>When doing this, be careful if you delete entries from the hash table in your callbacks: the table may decrease in size, moving the item that you are currently on down lower in the hash table - this could cause some entries to be skipped during the iteration. The second best solution to this problem is to set hash-&gt;down_load=0 before you start (which will stop the hash table ever decreasing in size). The best solution is probably to avoid deleting items from the hash table inside a &quot;doall&quot; callback!</p>
+
+<p>lh_TYPE_doall_arg() is the same as lh_TYPE_doall() except that <b>func</b> will be called with <b>arg</b> as the second argument and <b>func</b> should be of type <b>LHASH_DOALL_ARG_FN_TYPE</b> (a callback prototype that is passed both the table entry and an extra argument). As with lh_doall(), you can instead choose to declare your callback with a prototype matching the types you are dealing with and use the declare/implement macros to create compatible wrappers that cast variables before calling your type-specific callbacks. An example of this is demonstrated here (printing all hash table entries to a BIO that is provided by the caller):</p>
+
+<pre><code> /* Prints item &#39;a&#39; to &#39;output_bio&#39; (this is implemented elsewhere) */
+ void TYPE_print_doall_arg(const TYPE *a, BIO *output_bio);
+
+ /* Implement a prototype-compatible wrapper for &quot;TYPE_print&quot; */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(TYPE, const TYPE, BIO)
+
+ /* Print out the entire hashtable to a particular BIO */
+ lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO,
+                   logging_bio);</code></pre>
+
+<p>lh_TYPE_error() can be used to determine if an error occurred in the last operation.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>lh_TYPE_new() returns <b>NULL</b> on error, otherwise a pointer to the new <b>LHASH</b> structure.</p>
+
+<p>When a hash table entry is replaced, lh_TYPE_insert() returns the value being replaced. <b>NULL</b> is returned on normal operation and on error.</p>
+
+<p>lh_TYPE_delete() returns the entry being deleted. <b>NULL</b> is returned if there is no such value in the hash table.</p>
+
+<p>lh_TYPE_retrieve() returns the hash table entry if it has been found, <b>NULL</b> otherwise.</p>
+
+<p>lh_TYPE_error() returns 1 if an error occurred in the last operation, 0 otherwise. It&#39;s meaningful only after non-retrieve operations.</p>
+
+<p>lh_TYPE_free(), lh_TYPE_doall() and lh_TYPE_doall_arg() return no values.</p>
+
+<h1 id="NOTE">NOTE</h1>
+
+<p>The LHASH code is not thread safe. All updating operations, as well as lh_TYPE_error call must be performed under a write lock. All retrieve operations should be performed under a read lock, <i>unless</i> accurate usage statistics are desired. In which case, a write lock should be used for retrieve operations as well. For output of the usage statistics, using the functions from <a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a>, a read lock suffices.</p>
+
+<p>The LHASH code regards table entries as constant data. As such, it internally represents lh_insert()&#39;d items with a &quot;const void *&quot; pointer type. This is why callbacks such as those used by lh_doall() and lh_doall_arg() declare their prototypes with &quot;const&quot;, even for the parameters that pass back the table items&#39; data pointers - for consistency, user-provided data is &quot;const&quot; at all times as far as the LHASH code is concerned. However, as callers are themselves providing these pointers, they can choose whether they too should be treating all such parameters as constant.</p>
+
+<p>As an example, a hash table may be maintained by code that, for reasons of encapsulation, has only &quot;const&quot; access to the data being indexed in the hash table (ie. it is returned as &quot;const&quot; from elsewhere in their code) - in this case the LHASH prototypes are appropriate as-is. Conversely, if the caller is responsible for the life-time of the data in question, then they may well wish to make modifications to table item passed back in the lh_doall() or lh_doall_arg() callbacks (see the &quot;TYPE_cleanup&quot; example above). If so, the caller can either cast the &quot;const&quot; away (if they&#39;re providing the raw callbacks themselves) or use the macros to declare/implement the wrapper functions without &quot;const&quot; types.</p>
+
+<p>Callers that only have &quot;const&quot; access to data they&#39;re indexing in a table, yet declare callbacks without constant types (or cast the &quot;const&quot; away themselves), are therefore creating their own risks/bugs without being encouraged to do so by the API. On a related note, those auditing code should pay special attention to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types without any &quot;const&quot; qualifiers.</p>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>lh_TYPE_insert() returns <b>NULL</b> both for success and error.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OPENSSL_LH_stats.html">OPENSSL_LH_stats(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>In OpenSSL 1.0.0, the lhash interface was revamped for better type checking.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/o2i_SCT.html b/msys2/usr/share/doc/openssl/html/man3/o2i_SCT.html
new file mode 100644
index 000000000..592e84dd1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/o2i_SCT.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>o2i_SCT_LIST</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>o2i_SCT_LIST, i2o_SCT_LIST, o2i_SCT, i2o_SCT - decode and encode Signed Certificate Timestamp lists in TLS wire format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+                             size_t len);
+ int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
+ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
+ int i2o_SCT(const SCT *sct, unsigned char **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SCT_LIST and SCT functions are very similar to the i2d and d2i family of functions, except that they convert to and from TLS wire format, as described in RFC 6962. See <a>d2i_SCT_LIST</a> for more information about how the parameters are treated and the return values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All of the functions have return values consistent with those stated for <a>d2i_SCT_LIST</a> and <a>i2d_SCT_LIST</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/d2i_SCT_LIST.html">d2i_SCT_LIST(3)</a>, <a href="../man3/i2d_SCT_LIST.html">i2d_SCT_LIST(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/o2i_SCT_LIST.html b/msys2/usr/share/doc/openssl/html/man3/o2i_SCT_LIST.html
new file mode 100644
index 000000000..592e84dd1
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/o2i_SCT_LIST.html
@@ -0,0 +1,65 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>o2i_SCT_LIST</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>o2i_SCT_LIST, i2o_SCT_LIST, o2i_SCT, i2o_SCT - decode and encode Signed Certificate Timestamp lists in TLS wire format</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;
+
+ STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+                             size_t len);
+ int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
+ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
+ int i2o_SCT(const SCT *sct, unsigned char **out);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The SCT_LIST and SCT functions are very similar to the i2d and d2i family of functions, except that they convert to and from TLS wire format, as described in RFC 6962. See <a>d2i_SCT_LIST</a> for more information about how the parameters are treated and the return values.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>All of the functions have return values consistent with those stated for <a>d2i_SCT_LIST</a> and <a>i2d_SCT_LIST</a>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ct.html">ct(7)</a>, <a href="../man3/d2i_SCT_LIST.html">d2i_SCT_LIST(3)</a>, <a href="../man3/i2d_SCT_LIST.html">i2d_SCT_LIST(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>These functions were added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/pem_password_cb.html b/msys2/usr/share/doc/openssl/html/man3/pem_password_cb.html
new file mode 100644
index 000000000..6b0b4939f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/pem_password_cb.html
@@ -0,0 +1,376 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>PEM_read_bio_PrivateKey</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>pem_password_cb, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_bio_PrivateKey_traditional, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/pem.h&gt;
+
+ typedef int pem_password_cb(char *buf, int size, int rwflag, void *u);
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+                                   pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              unsigned char *kstr, int klen,
+                              pem_password_cb *cb, void *u);
+ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x,
+                                          const EVP_CIPHER *enc,
+                                          unsigned char *kstr, int klen,
+                                          pem_password_cb *cb, void *u);
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                          unsigned char *kstr, int klen,
+                          pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                       char *kstr, int klen,
+                                       pem_password_cb *cb, void *u);
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                   char *kstr, int klen,
+                                   pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+                               pem_password_cb *cb, void *u);
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+                           pem_password_cb *cb, void *u);
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+                                 pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+                                pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+                            pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+                              pem_password_cb *cb, void *u);
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+                                 pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                 unsigned char *kstr, int klen,
+                                 pem_password_cb *cb, void *u);
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+                              pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+                          pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+                                 pem_password_cb *cb, void *u);
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+                                 pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+                             pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The PEM functions read or write structures in PEM format. In this sense PEM format is simply base64 encoded data surrounded by header lines.</p>
+
+<p>For more details about the meaning of arguments see the <b>PEM FUNCTION ARGUMENTS</b> section.</p>
+
+<p>Each operation has four functions associated with it. For brevity the term &quot;<b>TYPE</b> functions&quot; will be used below to collectively refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), PEM_write_bio_TYPE(), and PEM_write_TYPE() functions.</p>
+
+<p>The <b>PrivateKey</b> functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are equivalent to PEM_write_bio_PKCS8PrivateKey().The read functions transparently handle traditional and PKCS#8 format encrypted and unencrypted keys.</p>
+
+<p>PEM_write_bio_PrivateKey_traditional() writes out a private key in the &quot;traditional&quot; format with a simple private key marker and should only be used for compatibility with legacy programs.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey() write a private key in an EVP_PKEY structure in PKCS#8 EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption algorithms. The <b>cipher</b> argument specifies the encryption algorithm to use: unlike some other PEM routines the encryption is applied at the PKCS#8 level and not in the PEM headers. If <b>cipher</b> is NULL then no encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.</p>
+
+<p>PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid() also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm to use is specified in the <b>nid</b> parameter and should be the NID of the corresponding OBJECT IDENTIFIER (see NOTES section).</p>
+
+<p>The <b>PUBKEY</b> functions process a public key using an EVP_PKEY structure. The public key is encoded as a SubjectPublicKeyInfo structure.</p>
+
+<p>The <b>RSAPrivateKey</b> functions process an RSA private key using an RSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not RSA.</p>
+
+<p>The <b>RSAPublicKey</b> functions process an RSA public key using an RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey structure.</p>
+
+<p>The <b>RSA_PUBKEY</b> functions also process an RSA public key using an RSA structure. However the public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not RSA.</p>
+
+<p>The <b>DSAPrivateKey</b> functions process a DSA private key using a DSA structure. The write routines uses traditional format. The read routines handles the same formats as the <b>PrivateKey</b> functions but an error occurs if the private key is not DSA.</p>
+
+<p>The <b>DSA_PUBKEY</b> functions process a DSA public key using a DSA structure. The public key is encoded using a SubjectPublicKeyInfo structure and an error occurs if the public key is not DSA.</p>
+
+<p>The <b>DSAparams</b> functions process DSA parameters using a DSA structure. The parameters are encoded using a Dss-Parms structure as defined in RFC2459.</p>
+
+<p>The <b>DHparams</b> functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter structure.</p>
+
+<p>The <b>X509</b> functions process an X509 certificate using an X509 structure. They will also process a trusted X509 certificate but any trust settings are discarded.</p>
+
+<p>The <b>X509_AUX</b> functions process a trusted X509 certificate using an X509 structure.</p>
+
+<p>The <b>X509_REQ</b> and <b>X509_REQ_NEW</b> functions process a PKCS#10 certificate request using an X509_REQ structure. The <b>X509_REQ</b> write functions use <b>CERTIFICATE REQUEST</b> in the header whereas the <b>X509_REQ_NEW</b> functions use <b>NEW CERTIFICATE REQUEST</b> (as required by some CAs). The <b>X509_REQ</b> read functions will handle either form so there are no <b>X509_REQ_NEW</b> read functions.</p>
+
+<p>The <b>X509_CRL</b> functions process an X509 CRL using an X509_CRL structure.</p>
+
+<p>The <b>PKCS7</b> functions process a PKCS#7 ContentInfo using a PKCS7 structure.</p>
+
+<h1 id="PEM-FUNCTION-ARGUMENTS">PEM FUNCTION ARGUMENTS</h1>
+
+<p>The PEM functions have many common arguments.</p>
+
+<p>The <b>bp</b> BIO parameter (if present) specifies the BIO to read from or write to.</p>
+
+<p>The <b>fp</b> FILE parameter (if present) specifies the FILE pointer to read from or write to.</p>
+
+<p>The PEM read functions all take an argument <b>TYPE **x</b> and return a <b>TYPE *</b> pointer. Where <b>TYPE</b> is whatever structure the function uses. If <b>x</b> is NULL then the parameter is ignored. If <b>x</b> is not NULL but <b>*x</b> is NULL then the structure returned will be written to <b>*x</b>. If neither <b>x</b> nor <b>*x</b> is NULL then an attempt is made to reuse the structure at <b>*x</b> (but see BUGS and EXAMPLES sections). Irrespective of the value of <b>x</b> a pointer to the structure is always returned (or NULL if an error occurred).</p>
+
+<p>The PEM functions which write private keys take an <b>enc</b> parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.</p>
+
+<p>The <b>cb</b> argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).</p>
+
+<p>For the PEM write routines if the <b>kstr</b> parameter is not NULL then <b>klen</b> bytes at <b>kstr</b> are used as the passphrase and <b>cb</b> is ignored.</p>
+
+<p>If the <b>cb</b> parameters is set to NULL and the <b>u</b> parameter is not NULL then the <b>u</b> parameter is interpreted as a null terminated string to use as the passphrase. If both <b>cb</b> and <b>u</b> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.</p>
+
+<p>The default passphrase callback is sometimes inappropriate (for example in a GUI application) so an alternative can be supplied. The callback routine has the following form:</p>
+
+<pre><code> int cb(char *buf, int size, int rwflag, void *u);</code></pre>
+
+<p><b>buf</b> is the buffer to write the passphrase to. <b>size</b> is the maximum length of the passphrase (i.e. the size of buf). <b>rwflag</b> is a flag which is set to 0 when reading and 1 when writing. A typical routine will ask the user to verify the passphrase (for example by prompting for it twice) if <b>rwflag</b> is 1. The <b>u</b> parameter has the same value as the <b>u</b> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback <b>must</b> return the number of characters in the passphrase or -1 if an error occurred.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Although the PEM routines take several arguments in almost all applications most of them are set to 0 or NULL.</p>
+
+<p>Read a certificate in PEM format from a BIO:</p>
+
+<pre><code> X509 *x;
+
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+     /* Error */</code></pre>
+
+<p>Alternative method:</p>
+
+<pre><code> X509 *x = NULL;
+
+ if (!PEM_read_bio_X509(bp, &amp;x, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a certificate to a BIO:</p>
+
+<pre><code> if (!PEM_write_bio_X509(bp, x))
+     /* Error */</code></pre>
+
+<p>Write a private key (using traditional format) to a BIO using triple DES encryption, the pass phrase is prompted for:</p>
+
+<pre><code> if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+     /* Error */</code></pre>
+
+<p>Write a private key (using PKCS#8 format) to a BIO using triple DES encryption, using the pass phrase &quot;hello&quot;:</p>
+
+<pre><code> if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
+                                    NULL, 0, 0, &quot;hello&quot;))
+     /* Error */</code></pre>
+
+<p>Read a private key from a BIO using a pass phrase callback:</p>
+
+<pre><code> key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, &quot;My Private Key&quot;);
+ if (key == NULL)
+     /* Error */</code></pre>
+
+<p>Skeleton pass phrase callback:</p>
+
+<pre><code> int pass_cb(char *buf, int size, int rwflag, void *u)
+ {
+
+     /* We&#39;d probably do something else if &#39;rwflag&#39; is 1 */
+     printf(&quot;Enter pass phrase for \&quot;%s\&quot;\n&quot;, (char *)u);
+
+     /* get pass phrase, length &#39;len&#39; into &#39;tmp&#39; */
+     char *tmp = &quot;hello&quot;;
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
+
+     if (len &gt; size)
+         len = size;
+     memcpy(buf, tmp, len);
+     return len;
+ }</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The old <b>PrivateKey</b> write routines are retained for compatibility. New applications should write private keys using the PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines because they are more secure (they use an iteration count of 2048 whereas the traditional routines use a count of 1) unless compatibility with older versions of OpenSSL is important.</p>
+
+<p>The <b>PrivateKey</b> read routines can be used in all applications because they handle all formats transparently.</p>
+
+<p>A frequent cause of problems is attempting to use the PEM routines like this:</p>
+
+<pre><code> X509 *x;
+
+ PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>this is a bug because an attempt will be made to reuse the data at <b>x</b> which is an uninitialised pointer.</p>
+
+<p>These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.</p>
+
+<h1 id="PEM-ENCRYPTION-FORMAT">PEM ENCRYPTION FORMAT</h1>
+
+<p>These old <b>PrivateKey</b> routines use a non standard technique for encryption.</p>
+
+<p>The private key (or other data) takes the following form:</p>
+
+<pre><code> -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----</code></pre>
+
+<p>The line beginning with <i>Proc-Type</i> contains the version and the protection on the encapsulated data. The line beginning <i>DEK-Info</i> contains two comma separated values: the encryption algorithm name as used by EVP_get_cipherbyname() and an initialization vector used by the cipher encoded as a set of hexadecimal digits. After those two lines is the base64-encoded encrypted data.</p>
+
+<p>The encryption key is derived using EVP_BytesToKey(). The cipher&#39;s initialization vector is passed to EVP_BytesToKey() as the <b>salt</b> parameter. Internally, <b>PKCS5_SALT_LEN</b> bytes of the salt are used (regardless of the size of the initialization vector). The user&#39;s password is passed to EVP_BytesToKey() using the <b>data</b> and <b>datal</b> parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey().</p>
+
+<p>The <b>key</b> derived by EVP_BytesToKey() along with the original initialization vector is then used to decrypt the encrypted data. The <b>iv</b> produced by EVP_BytesToKey() is not utilized or needed, and NULL should be passed to the function.</p>
+
+<p>The pseudo code to derive the key would look similar to:</p>
+
+<pre><code> EVP_CIPHER* cipher = EVP_des_ede3_cbc();
+ EVP_MD* md = EVP_md5();
+
+ unsigned int nkey = EVP_CIPHER_key_length(cipher);
+ unsigned int niv = EVP_CIPHER_iv_length(cipher);
+ unsigned char key[nkey];
+ unsigned char iv[niv];
+
+ memcpy(iv, HexToBin(&quot;3F17F5316E2BAC89&quot;), niv);
+ rc = EVP_BytesToKey(cipher, md, iv /*salt*/, pword, plen, 1, key, NULL /*iv*/);
+ if (rc != nkey)
+     /* Error */
+
+ /* On success, use key and iv to initialize the cipher */</code></pre>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>The PEM read routines in some versions of OpenSSL will not correctly reuse an existing structure. Therefore the following:</p>
+
+<pre><code> PEM_read_bio_X509(bp, &amp;x, 0, NULL);</code></pre>
+
+<p>where <b>x</b> already contains a valid certificate, may not work, whereas:</p>
+
+<pre><code> X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);</code></pre>
+
+<p>is guaranteed to work.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>The read routines return either a pointer to the structure read or NULL if an error occurred.</p>
+
+<p>The write routines return 1 for success or 0 for failure.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The old Netscape certificate sequences were no longer documented in OpenSSL 1.1.0; applications should use the PKCS7 standard instead as they will be formally deprecated in a future releases.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_deep_copy.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_deep_copy.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_deep_copy.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_delete.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_delete.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_delete.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_delete_ptr.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_delete_ptr.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_delete_ptr.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_dup.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_dup.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_dup.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_find.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_find.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_find.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_find_ex.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_find_ex.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_find_ex.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_free.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_free.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_free.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_insert.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_insert.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_insert.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_is_sorted.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_is_sorted.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_is_sorted.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new_null.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new_null.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new_null.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new_reserve.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new_reserve.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_new_reserve.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_num.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_num.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_num.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_pop.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_pop.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_pop.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_pop_free.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_pop_free.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_pop_free.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_push.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_push.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_push.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_reserve.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_reserve.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_reserve.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_set.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_set.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_set.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_set_cmp_func.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_set_cmp_func.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_set_cmp_func.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_shift.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_shift.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_shift.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_sort.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_sort.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_sort.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_unshift.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_unshift.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_unshift.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_value.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_value.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_value.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_zero.html b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_zero.html
new file mode 100644
index 000000000..606dfbb64
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/sk_TYPE_zero.html
@@ -0,0 +1,197 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>DEFINE_STACK_OF</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>DEFINE_STACK_OF, DEFINE_STACK_OF_CONST, DEFINE_SPECIAL_STACK_OF, DEFINE_SPECIAL_STACK_OF_CONST, sk_TYPE_num, sk_TYPE_value, sk_TYPE_new, sk_TYPE_new_null, sk_TYPE_reserve, sk_TYPE_free, sk_TYPE_zero, sk_TYPE_delete, sk_TYPE_delete_ptr, sk_TYPE_push, sk_TYPE_unshift, sk_TYPE_pop, sk_TYPE_shift, sk_TYPE_pop_free, sk_TYPE_insert, sk_TYPE_set, sk_TYPE_find, sk_TYPE_find_ex, sk_TYPE_sort, sk_TYPE_is_sorted, sk_TYPE_dup, sk_TYPE_deep_copy, sk_TYPE_set_cmp_func, sk_TYPE_new_reserve - stack container</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/safestack.h&gt;
+
+ STACK_OF(TYPE)
+ DEFINE_STACK_OF(TYPE)
+ DEFINE_STACK_OF_CONST(TYPE)
+ DEFINE_SPECIAL_STACK_OF(FUNCTYPE, TYPE)
+ DEFINE_SPECIAL_STACK_OF_CONST(FUNCTYPE, TYPE)
+
+ typedef int (*sk_TYPE_compfunc)(const TYPE *const *a, const TYPE *const *b);
+ typedef TYPE * (*sk_TYPE_copyfunc)(const TYPE *a);
+ typedef void (*sk_TYPE_freefunc)(TYPE *a);
+
+ int sk_TYPE_num(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_value(const STACK_OF(TYPE) *sk, int idx);
+ STACK_OF(TYPE) *sk_TYPE_new(sk_TYPE_compfunc compare);
+ STACK_OF(TYPE) *sk_TYPE_new_null(void);
+ int sk_TYPE_reserve(STACK_OF(TYPE) *sk, int n);
+ void sk_TYPE_free(const STACK_OF(TYPE) *sk);
+ void sk_TYPE_zero(const STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_delete(STACK_OF(TYPE) *sk, int i);
+ TYPE *sk_TYPE_delete_ptr(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_push(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ int sk_TYPE_unshift(STACK_OF(TYPE) *sk, const TYPE *ptr);
+ TYPE *sk_TYPE_pop(STACK_OF(TYPE) *sk);
+ TYPE *sk_TYPE_shift(STACK_OF(TYPE) *sk);
+ void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
+ int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
+ TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
+ int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
+ int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
+ void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
+ int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
+ STACK_OF(TYPE) *sk_TYPE_deep_copy(const STACK_OF(TYPE) *sk,
+                                   sk_TYPE_copyfunc copyfunc,
+                                   sk_TYPE_freefunc freefunc);
+ sk_TYPE_compfunc (*sk_TYPE_set_cmp_func(STACK_OF(TYPE) *sk,
+                                         sk_TYPE_compfunc compare));
+ STACK_OF(TYPE) *sk_TYPE_new_reserve(sk_TYPE_compfunc compare, int n);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Applications can create and use their own stacks by placing any of the macros described below in a header file. These macros define typesafe inline functions that wrap around the utility <b>OPENSSL_sk_</b> API. In the description here, <i>TYPE</i> is used as a placeholder for any of the OpenSSL datatypes, such as <i>X509</i>.</p>
+
+<p>STACK_OF() returns the name for a stack of the specified <b>TYPE</b>. DEFINE_STACK_OF() creates set of functions for a stack of <b>TYPE</b>. This will mean that type <b>TYPE</b> is stored in each stack, the type is referenced by STACK_OF(TYPE) and each function name begins with <i>sk_TYPE_</i>. For example:</p>
+
+<pre><code> TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_STACK_OF_CONST() is identical to DEFINE_STACK_OF() except each element is constant. For example:</p>
+
+<pre><code> const TYPE *sk_TYPE_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF() defines a stack of <b>TYPE</b> but each function uses <b>FUNCNAME</b> in the function name. For example:</p>
+
+<pre><code> TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>DEFINE_SPECIAL_STACK_OF_CONST() is similar except that each element is constant:</p>
+
+<pre><code> const TYPE *sk_FUNCNAME_value(STACK_OF(TYPE) *sk, int idx);</code></pre>
+
+<p>sk_TYPE_num() returns the number of elements in <b>sk</b> or -1 if <b>sk</b> is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns element <b>idx</b> in <b>sk</b>, where <b>idx</b> starts at zero. If <b>idx</b> is out of range then <b>NULL</b> is returned.</p>
+
+<p>sk_TYPE_new() allocates a new empty stack using comparison function <b>compare</b>. If <b>compare</b> is <b>NULL</b> then no comparison function is used. This function is equivalent to sk_TYPE_new_reserve(compare, 0).</p>
+
+<p>sk_TYPE_new_null() allocates a new empty stack with no comparison function. This function is equivalent to sk_TYPE_new_reserve(NULL, 0).</p>
+
+<p>sk_TYPE_reserve() allocates additional memory in the <b>sk</b> structure such that the next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero, any excess space allocated in the <b>sk</b> structure is freed. On error <b>sk</b> is unchanged.</p>
+
+<p>sk_TYPE_new_reserve() allocates a new stack. The new stack will have additional memory allocated to hold <b>n</b> elements if <b>n</b> is positive. The next <b>n</b> calls to sk_TYPE_insert(), sk_TYPE_push() or sk_TYPE_unshift() will not fail or cause memory to be allocated or reallocated. If <b>n</b> is zero or less than zero, no memory is allocated. sk_TYPE_new_reserve() also sets the comparison function <b>compare</b> to the newly created stack. If <b>compare</b> is <b>NULL</b> then no comparison function is used.</p>
+
+<p>sk_TYPE_set_cmp_func() sets the comparison function of <b>sk</b> to <b>compare</b>. The previous comparison function is returned or <b>NULL</b> if there was no previous comparison function.</p>
+
+<p>sk_TYPE_free() frees up the <b>sk</b> structure. It does <b>not</b> free up any elements of <b>sk</b>. After this call <b>sk</b> is no longer valid.</p>
+
+<p>sk_TYPE_zero() sets the number of elements in <b>sk</b> to zero. It does not free <b>sk</b> so after this call <b>sk</b> is still valid.</p>
+
+<p>sk_TYPE_pop_free() frees up all elements of <b>sk</b> and <b>sk</b> itself. The free function freefunc() is called on each element to free it.</p>
+
+<p>sk_TYPE_delete() deletes element <b>i</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if <b>i</b> is out of range.</p>
+
+<p>sk_TYPE_delete_ptr() deletes element matching <b>ptr</b> from <b>sk</b>. It returns the deleted element or <b>NULL</b> if no element matching <b>ptr</b> was found.</p>
+
+<p>sk_TYPE_insert() inserts <b>ptr</b> into <b>sk</b> at position <b>idx</b>. Any existing elements at or after <b>idx</b> are moved downwards. If <b>idx</b> is out of range the new element is appended to <b>sk</b>. sk_TYPE_insert() either returns the number of elements in <b>sk</b> after the new element is inserted or zero if an error (such as memory allocation failure) occurred.</p>
+
+<p>sk_TYPE_push() appends <b>ptr</b> to <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, -1);</code></pre>
+
+<p>sk_TYPE_unshift() inserts <b>ptr</b> at the start of <b>sk</b> it is equivalent to:</p>
+
+<pre><code> sk_TYPE_insert(sk, ptr, 0);</code></pre>
+
+<p>sk_TYPE_pop() returns and removes the last element from <b>sk</b>.</p>
+
+<p>sk_TYPE_shift() returns and removes the first element from <b>sk</b>.</p>
+
+<p>sk_TYPE_set() sets element <b>idx</b> of <b>sk</b> to <b>ptr</b> replacing the current element. The new element value is returned or <b>NULL</b> if an error occurred: this will only happen if <b>sk</b> is <b>NULL</b> or <b>idx</b> is out of range.</p>
+
+<p>sk_TYPE_find() searches <b>sk</b> for the element <b>ptr</b>. In the case where no comparison function has been specified, the function performs a linear search for a pointer equal to <b>ptr</b>. The index of the first matching element is returned or <b>-1</b> if there is no match. In the case where a comparison function has been specified, <b>sk</b> is sorted then sk_TYPE_find() returns the index of a matching element or <b>-1</b> if there is no match. Note that, in this case, the matching element returned is not guaranteed to be the first; the comparison function will usually compare the values pointed to rather than the pointers themselves and the order of elements in <b>sk</b> could change.</p>
+
+<p>sk_TYPE_find_ex() operates like sk_TYPE_find() except when a comparison function has been specified and no matching element is found. Instead of returning <b>-1</b>, sk_TYPE_find_ex() returns the index of the element either before or after the location where <b>ptr</b> would be if it were present in <b>sk</b>.</p>
+
+<p>sk_TYPE_sort() sorts <b>sk</b> using the supplied comparison function.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if <b>sk</b> is sorted and <b>0</b> otherwise.</p>
+
+<p>sk_TYPE_dup() returns a copy of <b>sk</b>. Note the pointers in the copy are identical to the original.</p>
+
+<p>sk_TYPE_deep_copy() returns a new stack where each element has been copied. Copying is performed by the supplied copyfunc() and freeing by freefunc(). The function freefunc() is only called if an error occurs.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Care should be taken when accessing stacks in multi-threaded environments. Any operation which increases the size of a stack such as sk_TYPE_insert() or sk_push() can &quot;grow&quot; the size of an internal array and cause race conditions if the same stack is accessed in a different thread. Operations such as sk_find() and sk_sort() can also reorder the stack.</p>
+
+<p>Any comparison function supplied should use a metric suitable for use in a binary search operation. That is it should return zero, a positive or negative value if <b>a</b> is equal to, greater than or less than <b>b</b> respectively.</p>
+
+<p>Care should be taken when checking the return values of the functions sk_TYPE_find() and sk_TYPE_find_ex(). They return an index to the matching element. In particular <b>0</b> indicates a matching first element. A failed search is indicated by a <b>-1</b> return value.</p>
+
+<p>STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and DEFINE_SPECIAL_STACK_OF() are implemented as macros.</p>
+
+<p>The underlying utility <b>OPENSSL_sk_</b> API should not be used directly. It defines these functions: OPENSSL_sk_deep_copy(), OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(), OPENSSL_sk_find(), OPENSSL_sk_find_ex(), OPENSSL_sk_free(), OPENSSL_sk_insert(), OPENSSL_sk_is_sorted(), OPENSSL_sk_new(), OPENSSL_sk_new_null(), OPENSSL_sk_num(), OPENSSL_sk_pop(), OPENSSL_sk_pop_free(), OPENSSL_sk_push(), OPENSSL_sk_reserve(), OPENSSL_sk_set(), OPENSSL_sk_set_cmp_func(), OPENSSL_sk_shift(), OPENSSL_sk_sort(), OPENSSL_sk_unshift(), OPENSSL_sk_value(), OPENSSL_sk_zero().</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>sk_TYPE_num() returns the number of elements in the stack or <b>-1</b> if the passed stack is <b>NULL</b>.</p>
+
+<p>sk_TYPE_value() returns a pointer to a stack element or <b>NULL</b> if the index is out of range.</p>
+
+<p>sk_TYPE_new(), sk_TYPE_new_null() and sk_TYPE_new_reserve() return an empty stack or <b>NULL</b> if an error occurs.</p>
+
+<p>sk_TYPE_reserve() returns <b>1</b> on successful allocation of the required memory or <b>0</b> on error.</p>
+
+<p>sk_TYPE_set_cmp_func() returns the old comparison function or <b>NULL</b> if there was no old comparison function.</p>
+
+<p>sk_TYPE_free(), sk_TYPE_zero(), sk_TYPE_pop_free() and sk_TYPE_sort() do not return values.</p>
+
+<p>sk_TYPE_pop(), sk_TYPE_shift(), sk_TYPE_delete() and sk_TYPE_delete_ptr() return a pointer to the deleted element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total number of elements in the stack and 0 if an error occurred.</p>
+
+<p>sk_TYPE_set() returns a pointer to the replacement element or <b>NULL</b> on error.</p>
+
+<p>sk_TYPE_find() and sk_TYPE_find_ex() return an index to the found element or <b>-1</b> on error.</p>
+
+<p>sk_TYPE_is_sorted() returns <b>1</b> if the stack is sorted and <b>0</b> if it is not.</p>
+
+<p>sk_TYPE_dup() and sk_TYPE_deep_copy() return a pointer to the copy of the stack.</p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>Before OpenSSL 1.1.0, this was implemented via macros and not inline functions and was not a public API.</p>
+
+<p>sk_TYPE_reserve() and sk_TYPE_new_reserve() were added in OpenSSL 1.1.1.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man3/ssl_ct_validation_cb.html b/msys2/usr/share/doc/openssl/html/man3/ssl_ct_validation_cb.html
new file mode 100644
index 000000000..2f4bf6a6f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man3/ssl_ct_validation_cb.html
@@ -0,0 +1,101 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SSL_CTX_set_ct_validation_callback</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl_ct_validation_cb, SSL_enable_ct, SSL_CTX_enable_ct, SSL_disable_ct, SSL_CTX_disable_ct, SSL_set_ct_validation_callback, SSL_CTX_set_ct_validation_callback, SSL_ct_is_enabled, SSL_CTX_ct_is_enabled - control Certificate Transparency policy</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ssl.h&gt;
+
+ typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+                                    const STACK_OF(SCT) *scts, void *arg);
+
+ int SSL_enable_ct(SSL *s, int validation_mode);
+ int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+ int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+                                    void *arg);
+ int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+                                        ssl_ct_validation_cb callback,
+                                        void *arg);
+ void SSL_disable_ct(SSL *s);
+ void SSL_CTX_disable_ct(SSL_CTX *ctx);
+ int SSL_ct_is_enabled(const SSL *s);
+ int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>SSL_enable_ct() and SSL_CTX_enable_ct() enable the processing of signed certificate timestamps (SCTs) either for a given SSL connection or for all connections that share the given SSL context, respectively. This is accomplished by setting a built-in CT validation callback. The behaviour of the callback is determined by the <b>validation_mode</b> argument, which can be either of <b>SSL_CT_VALIDATION_PERMISSIVE</b> or <b>SSL_CT_VALIDATION_STRICT</b> as described below.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_STRICT</b>, then in a full TLS handshake with the verification mode set to <b>SSL_VERIFY_PEER</b>, if the peer presents no valid SCTs the handshake will be aborted. If the verification mode is <b>SSL_VERIFY_NONE</b>, the handshake will continue despite lack of valid SCTs. However, in that case if the verification status before the built-in callback was <b>X509_V_OK</b> it will be set to <b>X509_V_ERR_NO_VALID_SCTS</b> after the callback. Applications can call <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a> to check the status at handshake completion, even after session resumption since the verification status is part of the saved session state. See <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>.</p>
+
+<p>If <b>validation_mode</b> is equal to <b>SSL_CT_VALIDATION_PERMISSIVE</b>, then the handshake continues, and the verification status is not modified, regardless of the validation status of any SCTs. The application can still inspect the validation status of the SCTs at handshake completion. Note that with session resumption there will not be any SCTs presented during the handshake. Therefore, in applications that delay SCT policy enforcement until after handshake completion, such delayed SCT checks should only be performed when the session is not resumed.</p>
+
+<p>SSL_set_ct_validation_callback() and SSL_CTX_set_ct_validation_callback() register a custom callback that may implement a different policy than either of the above. This callback can examine the peer&#39;s SCTs and determine whether they are sufficient to allow the connection to continue. The TLS handshake is aborted if the verification mode is not <b>SSL_VERIFY_NONE</b> and the callback returns a non-positive result.</p>
+
+<p>An arbitrary callback context argument, <b>arg</b>, can be passed in when setting the callback. This will be passed to the callback whenever it is invoked. Ownership of this context remains with the caller.</p>
+
+<p>If no callback is set, SCTs will not be requested and Certificate Transparency validation will not occur.</p>
+
+<p>No callback will be invoked when the peer presents no certificate, e.g. by employing an anonymous (aNULL) cipher suite. In that case the handshake continues as it would had no callback been requested. Callbacks are also not invoked when the peer certificate chain is invalid or validated via DANE-TA(2) or DANE-EE(3) TLSA records which use a private X.509 PKI, or no X.509 PKI at all, respectively. Clients that require SCTs are expected to not have enabled any aNULL ciphers nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA records.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() turn off CT processing, whether enabled via the built-in or the custom callbacks, by setting a NULL callback. These may be implemented as macros.</p>
+
+<p>SSL_ct_is_enabled() and SSL_CTX_ct_is_enabled() return 1 if CT processing is enabled via either SSL_enable_ct() or a non-null custom callback, and 0 otherwise.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When SCT processing is enabled, OCSP stapling will be enabled. This is because one possible source of SCTs is the OCSP response from a server.</p>
+
+<p>The time returned by SSL_SESSION_get_time() will be used to evaluate whether any presented SCTs have timestamps that are in the future (and therefore invalid).</p>
+
+<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
+
+<p>Certificate Transparency validation cannot be enabled and so a callback cannot be set if a custom client extension handler has been registered to handle SCT extensions (<b>TLSEXT_TYPE_signed_certificate_timestamp</b>).</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>SSL_enable_ct(), SSL_CTX_enable_ct(), SSL_CTX_set_ct_validation_callback() and SSL_set_ct_validation_callback() return 1 if the <b>callback</b> is successfully set. They return 0 if an error occurs, e.g. a custom client extension handler has been setup to handle SCTs.</p>
+
+<p>SSL_disable_ct() and SSL_CTX_disable_ct() do not return a result.</p>
+
+<p>SSL_CTX_ct_is_enabled() and SSL_ct_is_enabled() return a 1 if a non-null CT validation callback is set, or 0 if no callback (or equivalently a NULL callback) is set.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ssl.html">ssl(7)</a>, &lt;SSL_get_verify_result(3)&gt;, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man5/config.html b/msys2/usr/share/doc/openssl/html/man5/config.html
new file mode 100644
index 000000000..814383b33
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man5/config.html
@@ -0,0 +1,347 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>config</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OPENSSL-LIBRARY-CONFIGURATION">OPENSSL LIBRARY CONFIGURATION</a>
+    <ul>
+      <li><a href="#ASN1-Object-Configuration-Module">ASN1 Object Configuration Module</a></li>
+      <li><a href="#Engine-Configuration-Module">Engine Configuration Module</a></li>
+      <li><a href="#EVP-Configuration-Module">EVP Configuration Module</a></li>
+      <li><a href="#SSL-Configuration-Module">SSL Configuration Module</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLES">EXAMPLES</a></li>
+  <li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
+  <li><a href="#BUGS">BUGS</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>config - OpenSSL CONF library configuration files</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The OpenSSL CONF library can be used to read configuration files. It is used for the OpenSSL master configuration file <b>openssl.cnf</b> and in a few other places like <b>SPKAC</b> files and certificate extension files for the <b>x509</b> utility. OpenSSL applications can also use the CONF library for their own purposes.</p>
+
+<p>A configuration file is divided into a number of sections. Each section starts with a line <b>[ section_name ]</b> and ends when a new section is started or end of file is reached. A section name can consist of alphanumeric characters and underscores.</p>
+
+<p>The first section of a configuration file is special and is referred to as the <b>default</b> section. This section is usually unnamed and spans from the start of file until the first named section. When a name is being looked up it is first looked up in a named section (if any) and then the default section.</p>
+
+<p>The environment is mapped onto a section called <b>ENV</b>.</p>
+
+<p>Comments can be included by preceding them with the <b>#</b> character</p>
+
+<p>Other files can be included using the <b>.include</b> directive followed by a path. If the path points to a directory all files with names ending with <b>.cnf</b> or <b>.conf</b> are included from the directory. Recursive inclusion of directories from files in such directory is not supported. That means the files in the included directory can also contain <b>.include</b> directives but only inclusion of regular files is supported there. The inclusion of directories is not supported on systems without POSIX IO support.</p>
+
+<p>It is strongly recommended to use absolute paths with the <b>.include</b> directive. Relative paths are evaluated based on the application current working directory so unless the configuration file containing the <b>.include</b> directive is application specific the inclusion will not work as expected.</p>
+
+<p>There can be optional <b>=</b> character and whitespace characters between <b>.include</b> directive and the path which can be useful in cases the configuration file needs to be loaded by old OpenSSL versions which do not support the <b>.include</b> syntax. They would bail out with error if the <b>=</b> character is not present but with it they just ignore the include.</p>
+
+<p>Each section in a configuration file consists of a number of name and value pairs of the form <b>name=value</b></p>
+
+<p>The <b>name</b> string can contain any alphanumeric characters as well as a few punctuation symbols such as <b>.</b> <b>,</b> <b>;</b> and <b>_</b>.</p>
+
+<p>The <b>value</b> string consists of the string following the <b>=</b> character until end of line with any leading and trailing white space removed.</p>
+
+<p>The value string undergoes variable expansion. This can be done by including the form <b>$var</b> or <b>${var}</b>: this will substitute the value of the named variable in the current section. It is also possible to substitute a value from another section using the syntax <b>$section::name</b> or <b>${section::name}</b>. By using the form <b>$ENV::name</b> environment variables can be substituted. It is also possible to assign values to environment variables by using the name <b>ENV::name</b>, this will work if the program looks up environment variables using the <b>CONF</b> library instead of calling getenv() directly. The value string must not exceed 64k in length after variable expansion. Otherwise an error will occur.</p>
+
+<p>It is possible to escape certain characters by using any kind of quote or the <b>\</b> character. By making the last character of a line a <b>\</b> a <b>value</b> string can be spread across multiple lines. In addition the sequences <b>\n</b>, <b>\r</b>, <b>\b</b> and <b>\t</b> are recognized.</p>
+
+<p>All expansion and escape rules as described above that apply to <b>value</b> also apply to the path of the <b>.include</b> directive.</p>
+
+<h1 id="OPENSSL-LIBRARY-CONFIGURATION">OPENSSL LIBRARY CONFIGURATION</h1>
+
+<p>Applications can automatically configure certain aspects of OpenSSL using the master OpenSSL configuration file, or optionally an alternative configuration file. The <b>openssl</b> utility includes this functionality: any sub command uses the master OpenSSL configuration file unless an option is used in the sub command to use an alternative configuration file.</p>
+
+<p>To enable library configuration the default section needs to contain an appropriate line which points to the main configuration section. The default name is <b>openssl_conf</b> which is used by the <b>openssl</b> utility. Other applications may use an alternative name such as <b>myapplication_conf</b>. All library configuration lines appear in the default section at the start of the configuration file.</p>
+
+<p>The configuration section should consist of a set of name value pairs which contain specific module configuration information. The <b>name</b> represents the name of the <i>configuration module</i>. The meaning of the <b>value</b> is module specific: it may, for example, represent a further configuration section containing configuration module specific information. E.g.:</p>
+
+<pre><code> # This must be in the default section
+ openssl_conf = openssl_init
+
+ [openssl_init]
+
+ oid_section = new_oids
+ engines = engine_section
+
+ [new_oids]
+
+ ... new oids here ...
+
+ [engine_section]
+
+ ... engine stuff here ...</code></pre>
+
+<p>The features of each configuration module are described below.</p>
+
+<h2 id="ASN1-Object-Configuration-Module">ASN1 Object Configuration Module</h2>
+
+<p>This module has the name <b>oid_section</b>. The value of this variable points to a section containing name value pairs of OIDs: the name is the OID short and long name, the value is the numerical form of the OID. Although some of the <b>openssl</b> utility sub commands already have their own ASN1 OBJECT section functionality not all do. By using the ASN1 OBJECT configuration module <b>all</b> the <b>openssl</b> utility sub commands can see the new objects as well as any compliant applications. For example:</p>
+
+<pre><code> [new_oids]
+
+ some_new_oid = 1.2.3.4
+ some_other_oid = 1.2.3.5</code></pre>
+
+<p>It is also possible to set the value to the long name followed by a comma and the numerical OID form. For example:</p>
+
+<pre><code> shortName = some object long name, 1.2.3.4</code></pre>
+
+<h2 id="Engine-Configuration-Module">Engine Configuration Module</h2>
+
+<p>This ENGINE configuration module has the name <b>engines</b>. The value of this variable points to a section containing further ENGINE configuration information.</p>
+
+<p>The section pointed to by <b>engines</b> is a table of engine names (though see <b>engine_id</b> below) and further sections containing configuration information specific to each ENGINE.</p>
+
+<p>Each ENGINE specific section is used to set default algorithms, load dynamic, perform initialization and send ctrls. The actual operation performed depends on the <i>command</i> name which is the name of the name value pair. The currently supported commands are listed below.</p>
+
+<p>For example:</p>
+
+<pre><code> [engine_section]
+
+ # Configure ENGINE named &quot;foo&quot;
+ foo = foo_section
+ # Configure ENGINE named &quot;bar&quot;
+ bar = bar_section
+
+ [foo_section]
+ ... foo ENGINE specific commands ...
+
+ [bar_section]
+ ... &quot;bar&quot; ENGINE specific commands ...</code></pre>
+
+<p>The command <b>engine_id</b> is used to give the ENGINE name. If used this command must be first. For example:</p>
+
+<pre><code> [engine_section]
+ # This would normally handle an ENGINE named &quot;foo&quot;
+ foo = foo_section
+
+ [foo_section]
+ # Override default name and use &quot;myfoo&quot; instead.
+ engine_id = myfoo</code></pre>
+
+<p>The command <b>dynamic_path</b> loads and adds an ENGINE from the given path. It is equivalent to sending the ctrls <b>SO_PATH</b> with the path argument followed by <b>LIST_ADD</b> with value 2 and <b>LOAD</b> to the dynamic ENGINE. If this is not the required behaviour then alternative ctrls can be sent directly to the dynamic ENGINE using ctrl commands.</p>
+
+<p>The command <b>init</b> determines whether to initialize the ENGINE. If the value is <b>0</b> the ENGINE will not be initialized, if <b>1</b> and attempt it made to initialized the ENGINE immediately. If the <b>init</b> command is not present then an attempt will be made to initialize the ENGINE after all commands in its section have been processed.</p>
+
+<p>The command <b>default_algorithms</b> sets the default algorithms an ENGINE will supply using the functions ENGINE_set_default_string().</p>
+
+<p>If the name matches none of the above command names it is assumed to be a ctrl command which is sent to the ENGINE. The value of the command is the argument to the ctrl command. If the value is the string <b>EMPTY</b> then no value is sent to the command.</p>
+
+<p>For example:</p>
+
+<pre><code> [engine_section]
+
+ # Configure ENGINE named &quot;foo&quot;
+ foo = foo_section
+
+ [foo_section]
+ # Load engine from DSO
+ dynamic_path = /some/path/fooengine.so
+ # A foo specific ctrl.
+ some_ctrl = some_value
+ # Another ctrl that doesn&#39;t take a value.
+ other_ctrl = EMPTY
+ # Supply all default algorithms
+ default_algorithms = ALL</code></pre>
+
+<h2 id="EVP-Configuration-Module">EVP Configuration Module</h2>
+
+<p>This modules has the name <b>alg_section</b> which points to a section containing algorithm commands.</p>
+
+<p>Currently the only algorithm command supported is <b>fips_mode</b> whose value can only be the boolean string <b>off</b>. If <b>fips_mode</b> is set to <b>on</b>, an error occurs as this library version is not FIPS capable.</p>
+
+<h2 id="SSL-Configuration-Module">SSL Configuration Module</h2>
+
+<p>This module has the name <b>ssl_conf</b> which points to a section containing SSL configurations.</p>
+
+<p>Each line in the SSL configuration section contains the name of the configuration and the section containing it.</p>
+
+<p>Each configuration section consists of command value pairs for <b>SSL_CONF</b>. Each pair will be passed to a <b>SSL_CTX</b> or <b>SSL</b> structure if it calls SSL_CTX_config() or SSL_config() with the appropriate configuration name.</p>
+
+<p>Note: any characters before an initial dot in the configuration section are ignored so the same command can be used multiple times.</p>
+
+<p>For example:</p>
+
+<pre><code> ssl_conf = ssl_sect
+
+ [ssl_sect]
+
+ server = server_section
+
+ [server_section]
+
+ RSA.Certificate = server-rsa.pem
+ ECDSA.Certificate = server-ecdsa.pem
+ Ciphers = ALL:!RC4</code></pre>
+
+<p>The system default configuration with name <b>system_default</b> if present will be applied during any creation of the <b>SSL_CTX</b> structure.</p>
+
+<p>Example of a configuration with the system default:</p>
+
+<pre><code> ssl_conf = ssl_sect
+
+ [ssl_sect]
+
+ system_default = system_default_sect
+
+ [system_default_sect]
+
+ MinProtocol = TLSv1.2</code></pre>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If a configuration file attempts to expand a variable that doesn&#39;t exist then an error is flagged and the file will not load. This can happen if an attempt is made to expand an environment variable that doesn&#39;t exist. For example in a previous version of OpenSSL the default OpenSSL master configuration file used the value of <b>HOME</b> which may not be defined on non Unix systems and would cause an error.</p>
+
+<p>This can be worked around by including a <b>default</b> section to provide a default value: then if the environment lookup fails the default value will be used instead. For this to work properly the default value must be defined earlier in the configuration file than the expansion. See the <b>EXAMPLES</b> section for an example of how to do this.</p>
+
+<p>If the same variable exists in the same section then all but the last value will be silently ignored. In certain circumstances such as with DNs the same field may occur multiple times. This is usually worked around by ignoring any characters before an initial <b>.</b> e.g.</p>
+
+<pre><code> 1.OU=&quot;My first OU&quot;
+ 2.OU=&quot;My Second OU&quot;</code></pre>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<p>Here is a sample configuration file using some of the features mentioned above.</p>
+
+<pre><code> # This is the default section.
+
+ HOME=/temp
+ RANDFILE= ${ENV::HOME}/.rnd
+ configdir=$ENV::HOME/config
+
+ [ section_one ]
+
+ # We are now in section one.
+
+ # Quotes permit leading and trailing whitespace
+ any = &quot; any variable name &quot;
+
+ other = A string that can \
+ cover several lines \
+ by including \\ characters
+
+ message = Hello World\n
+
+ [ section_two ]
+
+ greeting = $section_one::message</code></pre>
+
+<p>This next example shows how to expand environment variables safely.</p>
+
+<p>Suppose you want a variable called <b>tmpfile</b> to refer to a temporary filename. The directory it is placed in can determined by the <b>TEMP</b> or <b>TMP</b> environment variables but they may not be set to any value at all. If you just include the environment variable names and the variable doesn&#39;t exist then this will cause an error when an attempt is made to load the configuration file. By making use of the default section both values can be looked up with <b>TEMP</b> taking priority and <b>/tmp</b> used if neither is defined:</p>
+
+<pre><code> TMP=/tmp
+ # The above value is used if TMP isn&#39;t in the environment
+ TEMP=$ENV::TMP
+ # The above value is used if TEMP isn&#39;t in the environment
+ tmpfile=${ENV::TEMP}/tmp.filename</code></pre>
+
+<p>Simple OpenSSL library configuration example to enter FIPS mode:</p>
+
+<pre><code> # Default appname: should match &quot;appname&quot; parameter (if any)
+ # supplied to CONF_modules_load_file et al.
+ openssl_conf = openssl_conf_section
+
+ [openssl_conf_section]
+ # Configuration module list
+ alg_section = evp_sect
+
+ [evp_sect]
+ # Set to &quot;yes&quot; to enter FIPS mode if supported
+ fips_mode = yes</code></pre>
+
+<p>Note: in the above example you will get an error in non FIPS capable versions of OpenSSL.</p>
+
+<p>More complex OpenSSL library configuration. Add OID and don&#39;t enter FIPS mode:</p>
+
+<pre><code> # Default appname: should match &quot;appname&quot; parameter (if any)
+ # supplied to CONF_modules_load_file et al.
+ openssl_conf = openssl_conf_section
+
+ [openssl_conf_section]
+ # Configuration module list
+ alg_section = evp_sect
+ oid_section = new_oids
+
+ [evp_sect]
+ # This will have no effect as FIPS mode is off by default.
+ # Set to &quot;yes&quot; to enter FIPS mode, if supported
+ fips_mode = no
+
+ [new_oids]
+ # New OID, just short name
+ newoid1 = 1.2.3.4.1
+ # New OID shortname and long name
+ newoid2 = New OID 2 long name, 1.2.3.4.2</code></pre>
+
+<p>The above examples can be used with any application supporting library configuration if &quot;openssl_conf&quot; is modified to match the appropriate &quot;appname&quot;.</p>
+
+<p>For example if the second sample file above is saved to &quot;example.cnf&quot; then the command line:</p>
+
+<pre><code> OPENSSL_CONF=example.cnf openssl asn1parse -genstr OID:1.2.3.4.1</code></pre>
+
+<p>will output:</p>
+
+<pre><code>    0:d=0  hl=2 l=   4 prim: OBJECT            :newoid1</code></pre>
+
+<p>showing that the OID &quot;newoid1&quot; has been added as &quot;1.2.3.4.1&quot;.</p>
+
+<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
+
+<dl>
+
+<dt id="OPENSSL_CONF"><b>OPENSSL_CONF</b></dt>
+<dd>
+
+<p>The path to the config file. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
+<dd>
+
+<p>The path to the engines directory. Ignored in set-user-ID and set-group-ID programs.</p>
+
+</dd>
+</dl>
+
+<h1 id="BUGS">BUGS</h1>
+
+<p>Currently there is no way to include characters using the octal <b>\nnn</b> form. Strings are all null terminated so nulls cannot form part of the value.</p>
+
+<p>The escaping isn&#39;t quite right: if you want to use sequences like <b>\n</b> you can&#39;t use any quote escaping on the same line.</p>
+
+<p>Files are loaded in a single pass. This means that an variable expansion will only work if the variables referenced are defined earlier in the file.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/x509.html">x509(1)</a>, <a href="../man1/req.html">req(1)</a>, <a href="../man1/ca.html">ca(1)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man5/x509v3_config.html b/msys2/usr/share/doc/openssl/html/man5/x509v3_config.html
new file mode 100644
index 000000000..9f262460a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man5/x509v3_config.html
@@ -0,0 +1,464 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>x509v3_config</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#STANDARD-EXTENSIONS">STANDARD EXTENSIONS</a>
+    <ul>
+      <li><a href="#Basic-Constraints">Basic Constraints.</a></li>
+      <li><a href="#Key-Usage">Key Usage.</a></li>
+      <li><a href="#Extended-Key-Usage">Extended Key Usage.</a></li>
+      <li><a href="#Subject-Key-Identifier">Subject Key Identifier.</a></li>
+      <li><a href="#Authority-Key-Identifier">Authority Key Identifier.</a></li>
+      <li><a href="#Subject-Alternative-Name">Subject Alternative Name.</a></li>
+      <li><a href="#Issuer-Alternative-Name">Issuer Alternative Name.</a></li>
+      <li><a href="#Authority-Info-Access">Authority Info Access.</a></li>
+      <li><a href="#CRL-distribution-points">CRL distribution points</a></li>
+      <li><a href="#Issuing-Distribution-Point">Issuing Distribution Point</a></li>
+      <li><a href="#Certificate-Policies">Certificate Policies.</a></li>
+      <li><a href="#Policy-Constraints">Policy Constraints</a></li>
+      <li><a href="#Inhibit-Any-Policy">Inhibit Any Policy</a></li>
+      <li><a href="#Name-Constraints">Name Constraints</a></li>
+      <li><a href="#OCSP-No-Check">OCSP No Check</a></li>
+      <li><a href="#TLS-Feature-aka-Must-Staple">TLS Feature (aka Must Staple)</a></li>
+    </ul>
+  </li>
+  <li><a href="#DEPRECATED-EXTENSIONS">DEPRECATED EXTENSIONS</a>
+    <ul>
+      <li><a href="#Netscape-String-extensions">Netscape String extensions.</a></li>
+      <li><a href="#Netscape-Certificate-Type">Netscape Certificate Type</a></li>
+    </ul>
+  </li>
+  <li><a href="#ARBITRARY-EXTENSIONS">ARBITRARY EXTENSIONS</a></li>
+  <li><a href="#WARNING">WARNING</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>x509v3_config - X509 V3 certificate extension configuration format</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several of the OpenSSL utilities can add extensions to a certificate or certificate request based on the contents of a configuration file.</p>
+
+<p>Typically the application will contain an option to point to an extension section. Each line of the extension section takes the form:</p>
+
+<pre><code> extension_name=[critical,] extension_options</code></pre>
+
+<p>If <b>critical</b> is present then the extension will be critical.</p>
+
+<p>The format of <b>extension_options</b> depends on the value of <b>extension_name</b>.</p>
+
+<p>There are four main types of extension: <i>string</i> extensions, <i>multi-valued</i> extensions, <i>raw</i> and <i>arbitrary</i> extensions.</p>
+
+<p>String extensions simply have a string which contains either the value itself or how it is obtained.</p>
+
+<p>For example:</p>
+
+<pre><code> nsComment=&quot;This is a Comment&quot;</code></pre>
+
+<p>Multi-valued extensions have a short form and a long form. The short form is a list of names and values:</p>
+
+<pre><code> basicConstraints=critical,CA:true,pathlen:1</code></pre>
+
+<p>The long form allows the values to be placed in a separate section:</p>
+
+<pre><code> basicConstraints=critical,@bs_section
+
+ [bs_section]
+
+ CA=true
+ pathlen=1</code></pre>
+
+<p>Both forms are equivalent.</p>
+
+<p>The syntax of raw extensions is governed by the extension code: it can for example contain data in multiple sections. The correct syntax to use is defined by the extension code itself: check out the certificate policies extension for an example.</p>
+
+<p>If an extension type is unsupported then the <i>arbitrary</i> extension syntax must be used, see the <a href="#ARBITRARY-EXTENSIONS">ARBITRARY EXTENSIONS</a> section for more details.</p>
+
+<h1 id="STANDARD-EXTENSIONS">STANDARD EXTENSIONS</h1>
+
+<p>The following sections describe each supported extension in detail.</p>
+
+<h2 id="Basic-Constraints">Basic Constraints.</h2>
+
+<p>This is a multi valued extension which indicates whether a certificate is a CA certificate. The first (mandatory) name is <b>CA</b> followed by <b>TRUE</b> or <b>FALSE</b>. If <b>CA</b> is <b>TRUE</b> then an optional <b>pathlen</b> name followed by an non-negative value can be included.</p>
+
+<p>For example:</p>
+
+<pre><code> basicConstraints=CA:TRUE
+
+ basicConstraints=CA:FALSE
+
+ basicConstraints=critical,CA:TRUE, pathlen:0</code></pre>
+
+<p>A CA certificate <b>must</b> include the basicConstraints value with the CA field set to TRUE. An end user certificate must either set CA to FALSE or exclude the extension entirely. Some software may require the inclusion of basicConstraints with CA set to FALSE for end entity certificates.</p>
+
+<p>The pathlen parameter indicates the maximum number of CAs that can appear below this one in a chain. So if you have a CA with a pathlen of zero it can only be used to sign end user certificates and not further CAs.</p>
+
+<h2 id="Key-Usage">Key Usage.</h2>
+
+<p>Key usage is a multi valued extension consisting of a list of names of the permitted key usages.</p>
+
+<p>The supported names are: digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign, encipherOnly and decipherOnly.</p>
+
+<p>Examples:</p>
+
+<pre><code> keyUsage=digitalSignature, nonRepudiation
+
+ keyUsage=critical, keyCertSign</code></pre>
+
+<h2 id="Extended-Key-Usage">Extended Key Usage.</h2>
+
+<p>This extensions consists of a list of usages indicating purposes for which the certificate public key can be used for,</p>
+
+<p>These can either be object short names or the dotted numerical form of OIDs. While any OID can be used only certain values make sense. In particular the following PKIX, NS and MS values are meaningful:</p>
+
+<pre><code> Value                  Meaning
+ -----                  -------
+ serverAuth             SSL/TLS Web Server Authentication.
+ clientAuth             SSL/TLS Web Client Authentication.
+ codeSigning            Code signing.
+ emailProtection        E-mail Protection (S/MIME).
+ timeStamping           Trusted Timestamping
+ OCSPSigning            OCSP Signing
+ ipsecIKE               ipsec Internet Key Exchange
+ msCodeInd              Microsoft Individual Code Signing (authenticode)
+ msCodeCom              Microsoft Commercial Code Signing (authenticode)
+ msCTLSign              Microsoft Trust List Signing
+ msEFS                  Microsoft Encrypted File System</code></pre>
+
+<p>Examples:</p>
+
+<pre><code> extendedKeyUsage=critical,codeSigning,1.2.3.4
+ extendedKeyUsage=serverAuth,clientAuth</code></pre>
+
+<h2 id="Subject-Key-Identifier">Subject Key Identifier.</h2>
+
+<p>This is really a string extension and can take two possible values. Either the word <b>hash</b> which will automatically follow the guidelines in RFC3280 or a hex string giving the extension value to include. The use of the hex string is strongly discouraged.</p>
+
+<p>Example:</p>
+
+<pre><code> subjectKeyIdentifier=hash</code></pre>
+
+<h2 id="Authority-Key-Identifier">Authority Key Identifier.</h2>
+
+<p>The authority key identifier extension permits two options. keyid and issuer: both can take the optional value &quot;always&quot;.</p>
+
+<p>If the keyid option is present an attempt is made to copy the subject key identifier from the parent certificate. If the value &quot;always&quot; is present then an error is returned if the option fails.</p>
+
+<p>The issuer option copies the issuer and serial number from the issuer certificate. This will only be done if the keyid option fails or is not included unless the &quot;always&quot; flag will always include the value.</p>
+
+<p>Example:</p>
+
+<pre><code> authorityKeyIdentifier=keyid,issuer</code></pre>
+
+<h2 id="Subject-Alternative-Name">Subject Alternative Name.</h2>
+
+<p>The subject alternative name extension allows various literal values to be included in the configuration file. These include <b>email</b> (an email address) <b>URI</b> a uniform resource indicator, <b>DNS</b> (a DNS domain name), <b>RID</b> (a registered ID: OBJECT IDENTIFIER), <b>IP</b> (an IP address), <b>dirName</b> (a distinguished name) and otherName.</p>
+
+<p>The email option include a special &#39;copy&#39; value. This will automatically include any email addresses contained in the certificate subject name in the extension.</p>
+
+<p>The IP address used in the <b>IP</b> options can be in either IPv4 or IPv6 format.</p>
+
+<p>The value of <b>dirName</b> should point to a section containing the distinguished name to use as a set of name value pairs. Multi values AVAs can be formed by prefacing the name with a <b>+</b> character.</p>
+
+<p>otherName can include arbitrary data associated with an OID: the value should be the OID followed by a semicolon and the content in standard <a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a> format.</p>
+
+<p>Examples:</p>
+
+<pre><code> subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
+ subjectAltName=IP:192.168.7.1
+ subjectAltName=IP:13::17
+ subjectAltName=email:my@other.address,RID:1.2.3.4
+ subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
+
+ subjectAltName=dirName:dir_sect
+
+ [dir_sect]
+ C=UK
+ O=My Organization
+ OU=My Unit
+ CN=My Name</code></pre>
+
+<h2 id="Issuer-Alternative-Name">Issuer Alternative Name.</h2>
+
+<p>The issuer alternative name option supports all the literal options of subject alternative name. It does <b>not</b> support the email:copy option because that would not make sense. It does support an additional issuer:copy option that will copy all the subject alternative name values from the issuer certificate (if possible).</p>
+
+<p>Example:</p>
+
+<pre><code> issuerAltName = issuer:copy</code></pre>
+
+<h2 id="Authority-Info-Access">Authority Info Access.</h2>
+
+<p>The authority information access extension gives details about how to access certain information relating to the CA. Its syntax is accessOID;location where <i>location</i> has the same syntax as subject alternative name (except that email:copy is not supported). accessOID can be any valid OID but only certain values are meaningful, for example OCSP and caIssuers.</p>
+
+<p>Example:</p>
+
+<pre><code> authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
+ authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html</code></pre>
+
+<h2 id="CRL-distribution-points">CRL distribution points</h2>
+
+<p>This is a multi-valued extension whose options can be either in name:value pair using the same form as subject alternative name or a single value representing a section name containing all the distribution point fields.</p>
+
+<p>For a name:value pair a new DistributionPoint with the fullName field set to the given value both the cRLissuer and reasons fields are omitted in this case.</p>
+
+<p>In the single option case the section indicated contains values for each field. In this section:</p>
+
+<p>If the name is &quot;fullname&quot; the value field should contain the full name of the distribution point in the same format as subject alternative name.</p>
+
+<p>If the name is &quot;relativename&quot; then the value field should contain a section name whose contents represent a DN fragment to be placed in this field.</p>
+
+<p>The name &quot;CRLIssuer&quot; if present should contain a value for this field in subject alternative name format.</p>
+
+<p>If the name is &quot;reasons&quot; the value field should consist of a comma separated field containing the reasons. Valid reasons are: &quot;keyCompromise&quot;, &quot;CACompromise&quot;, &quot;affiliationChanged&quot;, &quot;superseded&quot;, &quot;cessationOfOperation&quot;, &quot;certificateHold&quot;, &quot;privilegeWithdrawn&quot; and &quot;AACompromise&quot;.</p>
+
+<p>Simple examples:</p>
+
+<pre><code> crlDistributionPoints=URI:http://myhost.com/myca.crl
+ crlDistributionPoints=URI:http://my.com/my.crl,URI:http://oth.com/my.crl</code></pre>
+
+<p>Full distribution point example:</p>
+
+<pre><code> crlDistributionPoints=crldp1_section
+
+ [crldp1_section]
+
+ fullname=URI:http://myhost.com/myca.crl
+ CRLissuer=dirName:issuer_sect
+ reasons=keyCompromise, CACompromise
+
+ [issuer_sect]
+ C=UK
+ O=Organisation
+ CN=Some Name</code></pre>
+
+<h2 id="Issuing-Distribution-Point">Issuing Distribution Point</h2>
+
+<p>This extension should only appear in CRLs. It is a multi valued extension whose syntax is similar to the &quot;section&quot; pointed to by the CRL distribution points extension with a few differences.</p>
+
+<p>The names &quot;reasons&quot; and &quot;CRLissuer&quot; are not recognized.</p>
+
+<p>The name &quot;onlysomereasons&quot; is accepted which sets this field. The value is in the same format as the CRL distribution point &quot;reasons&quot; field.</p>
+
+<p>The names &quot;onlyuser&quot;, &quot;onlyCA&quot;, &quot;onlyAA&quot; and &quot;indirectCRL&quot; are also accepted the values should be a boolean value (TRUE or FALSE) to indicate the value of the corresponding field.</p>
+
+<p>Example:</p>
+
+<pre><code> issuingDistributionPoint=critical, @idp_section
+
+ [idp_section]
+
+ fullname=URI:http://myhost.com/myca.crl
+ indirectCRL=TRUE
+ onlysomereasons=keyCompromise, CACompromise
+
+ [issuer_sect]
+ C=UK
+ O=Organisation
+ CN=Some Name</code></pre>
+
+<h2 id="Certificate-Policies">Certificate Policies.</h2>
+
+<p>This is a <i>raw</i> extension. All the fields of this extension can be set by using the appropriate syntax.</p>
+
+<p>If you follow the PKIX recommendations and just using one OID then you just include the value of that OID. Multiple OIDs can be set separated by commas, for example:</p>
+
+<pre><code> certificatePolicies= 1.2.4.5, 1.1.3.4</code></pre>
+
+<p>If you wish to include qualifiers then the policy OID and qualifiers need to be specified in a separate section: this is done by using the @section syntax instead of a literal OID value.</p>
+
+<p>The section referred to must include the policy OID using the name policyIdentifier, cPSuri qualifiers can be included using the syntax:</p>
+
+<pre><code> CPS.nnn=value</code></pre>
+
+<p>userNotice qualifiers can be set using the syntax:</p>
+
+<pre><code> userNotice.nnn=@notice</code></pre>
+
+<p>The value of the userNotice qualifier is specified in the relevant section. This section can include explicitText, organization and noticeNumbers options. explicitText and organization are text strings, noticeNumbers is a comma separated list of numbers. The organization and noticeNumbers options (if included) must BOTH be present. If you use the userNotice option with IE5 then you need the &#39;ia5org&#39; option at the top level to modify the encoding: otherwise it will not be interpreted properly.</p>
+
+<p>Example:</p>
+
+<pre><code> certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
+
+ [polsect]
+
+ policyIdentifier = 1.3.5.8
+ CPS.1=&quot;http://my.host.name/&quot;
+ CPS.2=&quot;http://my.your.name/&quot;
+ userNotice.1=@notice
+
+ [notice]
+
+ explicitText=&quot;Explicit Text Here&quot;
+ organization=&quot;Organisation Name&quot;
+ noticeNumbers=1,2,3,4</code></pre>
+
+<p>The <b>ia5org</b> option changes the type of the <i>organization</i> field. In RFC2459 it can only be of type DisplayText. In RFC3280 IA5String is also permissible. Some software (for example some versions of MSIE) may require ia5org.</p>
+
+<p>ASN1 type of explicitText can be specified by prepending <b>UTF8</b>, <b>BMP</b> or <b>VISIBLE</b> prefix followed by colon. For example:</p>
+
+<pre><code> [notice]
+ explicitText=&quot;UTF8:Explicit Text Here&quot;</code></pre>
+
+<h2 id="Policy-Constraints">Policy Constraints</h2>
+
+<p>This is a multi-valued extension which consisting of the names <b>requireExplicitPolicy</b> or <b>inhibitPolicyMapping</b> and a non negative integer value. At least one component must be present.</p>
+
+<p>Example:</p>
+
+<pre><code> policyConstraints = requireExplicitPolicy:3</code></pre>
+
+<h2 id="Inhibit-Any-Policy">Inhibit Any Policy</h2>
+
+<p>This is a string extension whose value must be a non negative integer.</p>
+
+<p>Example:</p>
+
+<pre><code> inhibitAnyPolicy = 2</code></pre>
+
+<h2 id="Name-Constraints">Name Constraints</h2>
+
+<p>The name constraints extension is a multi-valued extension. The name should begin with the word <b>permitted</b> or <b>excluded</b> followed by a <b>;</b>. The rest of the name and the value follows the syntax of subjectAltName except email:copy is not supported and the <b>IP</b> form should consist of an IP addresses and subnet mask separated by a <b>/</b>.</p>
+
+<p>Examples:</p>
+
+<pre><code> nameConstraints=permitted;IP:192.168.0.0/255.255.0.0
+
+ nameConstraints=permitted;email:.somedomain.com
+
+ nameConstraints=excluded;email:.com</code></pre>
+
+<h2 id="OCSP-No-Check">OCSP No Check</h2>
+
+<p>The OCSP No Check extension is a string extension but its value is ignored.</p>
+
+<p>Example:</p>
+
+<pre><code> noCheck = ignored</code></pre>
+
+<h2 id="TLS-Feature-aka-Must-Staple">TLS Feature (aka Must Staple)</h2>
+
+<p>This is a multi-valued extension consisting of a list of TLS extension identifiers. Each identifier may be a number (0..65535) or a supported name. When a TLS client sends a listed extension, the TLS server is expected to include that extension in its reply.</p>
+
+<p>The supported names are: <b>status_request</b> and <b>status_request_v2</b>.</p>
+
+<p>Example:</p>
+
+<pre><code> tlsfeature = status_request</code></pre>
+
+<h1 id="DEPRECATED-EXTENSIONS">DEPRECATED EXTENSIONS</h1>
+
+<p>The following extensions are non standard, Netscape specific and largely obsolete. Their use in new applications is discouraged.</p>
+
+<h2 id="Netscape-String-extensions">Netscape String extensions.</h2>
+
+<p>Netscape Comment (<b>nsComment</b>) is a string extension containing a comment which will be displayed when the certificate is viewed in some browsers.</p>
+
+<p>Example:</p>
+
+<pre><code> nsComment = &quot;Some Random Comment&quot;</code></pre>
+
+<p>Other supported extensions in this category are: <b>nsBaseUrl</b>, <b>nsRevocationUrl</b>, <b>nsCaRevocationUrl</b>, <b>nsRenewalUrl</b>, <b>nsCaPolicyUrl</b> and <b>nsSslServerName</b>.</p>
+
+<h2 id="Netscape-Certificate-Type">Netscape Certificate Type</h2>
+
+<p>This is a multi-valued extensions which consists of a list of flags to be included. It was used to indicate the purposes for which a certificate could be used. The basicConstraints, keyUsage and extended key usage extensions are now used instead.</p>
+
+<p>Acceptable values for nsCertType are: <b>client</b>, <b>server</b>, <b>email</b>, <b>objsign</b>, <b>reserved</b>, <b>sslCA</b>, <b>emailCA</b>, <b>objCA</b>.</p>
+
+<h1 id="ARBITRARY-EXTENSIONS">ARBITRARY EXTENSIONS</h1>
+
+<p>If an extension is not supported by the OpenSSL code then it must be encoded using the arbitrary extension format. It is also possible to use the arbitrary format for supported extensions. Extreme care should be taken to ensure that the data is formatted correctly for the given extension type.</p>
+
+<p>There are two ways to encode arbitrary extensions.</p>
+
+<p>The first way is to use the word ASN1 followed by the extension content using the same syntax as <a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a>. For example:</p>
+
+<pre><code> 1.2.3.4=critical,ASN1:UTF8String:Some random data
+
+ 1.2.3.4=ASN1:SEQUENCE:seq_sect
+
+ [seq_sect]
+
+ field1 = UTF8:field1
+ field2 = UTF8:field2</code></pre>
+
+<p>It is also possible to use the word DER to include the raw encoded data in any extension.</p>
+
+<pre><code> 1.2.3.4=critical,DER:01:02:03:04
+ 1.2.3.4=DER:01020304</code></pre>
+
+<p>The value following DER is a hex dump of the DER encoding of the extension Any extension can be placed in this form to override the default behaviour. For example:</p>
+
+<pre><code> basicConstraints=critical,DER:00:01:02:03</code></pre>
+
+<h1 id="WARNING">WARNING</h1>
+
+<p>There is no guarantee that a specific implementation will process a given extension. It may therefore be sometimes possible to use certificates for purposes prohibited by their extensions because a specific application does not recognize or honour the values of the relevant extensions.</p>
+
+<p>The DER and ASN1 options should be used with caution. It is possible to create totally invalid extensions if they are not used carefully.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>If an extension is multi-value and a field value must contain a comma the long form must be used otherwise the comma would be misinterpreted as a field separator. For example:</p>
+
+<pre><code> subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar</code></pre>
+
+<p>will produce an error but the equivalent form:</p>
+
+<pre><code> subjectAltName=@subject_alt_section
+
+ [subject_alt_section]
+ subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar</code></pre>
+
+<p>is valid.</p>
+
+<p>Due to the behaviour of the OpenSSL <b>conf</b> library the same field name can only occur once in a section. This means that:</p>
+
+<pre><code> subjectAltName=@alt_section
+
+ [alt_section]
+
+ email=steve@here
+ email=steve@there</code></pre>
+
+<p>will only recognize the last value. This can be worked around by using the form:</p>
+
+<pre><code> [alt_section]
+
+ email.1=steve@here
+ email.2=steve@there</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/req.html">req(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/x509.html">x509(1)</a>, <a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/Ed25519.html b/msys2/usr/share/doc/openssl/html/man7/Ed25519.html
new file mode 100644
index 000000000..fc8ee9a3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/Ed25519.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Ed25519</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>Ed25519, Ed448 - EVP_PKEY Ed25519 and Ed448 support</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>Ed25519</b> and <b>Ed448</b> EVP_PKEY implementation supports key generation, one-shot digest sign and digest verify using PureEdDSA and <b>Ed25519</b> or <b>Ed448</b> (see RFC8032). It has associated private and public key formats compatible with draft-ietf-curdle-pkix-04.</p>
+
+<p>No additional parameters can be set during key generation, one-shot signing or verification. In particular, because PureEdDSA is used, a digest must <b>NOT</b> be specified when signing or verifying.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PureEdDSA algorithm does not support the streaming mechanism of other signature algorithms using, for example, EVP_DigestUpdate(). The message to sign or verify must be passed using the one-shot EVP_DigestSign() and EVP_DigestVerify() functions.</p>
+
+<p>When calling EVP_DigestSignInit() or EVP_DigestVerifyInit(), the digest <b>type</b> parameter <b>MUST</b> be set to <b>NULL</b>.</p>
+
+<p>Applications wishing to sign certificates (or other structures such as CRLs or certificate requests) using Ed25519 or Ed448 can either use X509_sign() or X509_sign_ctx() in the usual way.</p>
+
+<p>A context for the <b>Ed25519</b> algorithm can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);</code></pre>
+
+<p>For the <b>Ed448</b> algorithm a context can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED448, NULL);</code></pre>
+
+<p>Ed25519 or Ed448 private keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or loaded from a PKCS#8 private key file using <a href="../man3/PEM_read_bio_PrivateKey.html">PEM_read_bio_PrivateKey(3)</a> (or similar function). Completely new keys can also be generated (see the example below). Setting a private key also sets the associated public key.</p>
+
+<p>Ed25519 or Ed448 public keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> or loaded from a SubjectPublicKeyInfo structure in a PEM file using <a href="../man3/PEM_read_bio_PUBKEY.html">PEM_read_bio_PUBKEY(3)</a> (or similar function).</p>
+
+<p>Ed25519 and Ed448 can be tested within <a href="../man1/speed.html">speed(1)</a> application since version 1.1.1. Valid algorithm names are <b>ed25519</b>, <b>ed448</b> and <b>eddsa</b>. If <b>eddsa</b> is specified, then both Ed25519 and Ed448 are benchmarked.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example generates an <b>ED25519</b> private key and writes it to standard output in PEM format:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/pem.h&gt;
+ ...
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
+ EVP_PKEY_keygen_init(pctx);
+ EVP_PKEY_keygen(pctx, &amp;pkey);
+ EVP_PKEY_CTX_free(pctx);
+ PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/Ed448.html b/msys2/usr/share/doc/openssl/html/man7/Ed448.html
new file mode 100644
index 000000000..fc8ee9a3f
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/Ed448.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Ed25519</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>Ed25519, Ed448 - EVP_PKEY Ed25519 and Ed448 support</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>Ed25519</b> and <b>Ed448</b> EVP_PKEY implementation supports key generation, one-shot digest sign and digest verify using PureEdDSA and <b>Ed25519</b> or <b>Ed448</b> (see RFC8032). It has associated private and public key formats compatible with draft-ietf-curdle-pkix-04.</p>
+
+<p>No additional parameters can be set during key generation, one-shot signing or verification. In particular, because PureEdDSA is used, a digest must <b>NOT</b> be specified when signing or verifying.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The PureEdDSA algorithm does not support the streaming mechanism of other signature algorithms using, for example, EVP_DigestUpdate(). The message to sign or verify must be passed using the one-shot EVP_DigestSign() and EVP_DigestVerify() functions.</p>
+
+<p>When calling EVP_DigestSignInit() or EVP_DigestVerifyInit(), the digest <b>type</b> parameter <b>MUST</b> be set to <b>NULL</b>.</p>
+
+<p>Applications wishing to sign certificates (or other structures such as CRLs or certificate requests) using Ed25519 or Ed448 can either use X509_sign() or X509_sign_ctx() in the usual way.</p>
+
+<p>A context for the <b>Ed25519</b> algorithm can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);</code></pre>
+
+<p>For the <b>Ed448</b> algorithm a context can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED448, NULL);</code></pre>
+
+<p>Ed25519 or Ed448 private keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or loaded from a PKCS#8 private key file using <a href="../man3/PEM_read_bio_PrivateKey.html">PEM_read_bio_PrivateKey(3)</a> (or similar function). Completely new keys can also be generated (see the example below). Setting a private key also sets the associated public key.</p>
+
+<p>Ed25519 or Ed448 public keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> or loaded from a SubjectPublicKeyInfo structure in a PEM file using <a href="../man3/PEM_read_bio_PUBKEY.html">PEM_read_bio_PUBKEY(3)</a> (or similar function).</p>
+
+<p>Ed25519 and Ed448 can be tested within <a href="../man1/speed.html">speed(1)</a> application since version 1.1.1. Valid algorithm names are <b>ed25519</b>, <b>ed448</b> and <b>eddsa</b>. If <b>eddsa</b> is specified, then both Ed25519 and Ed448 are benchmarked.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example generates an <b>ED25519</b> private key and writes it to standard output in PEM format:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/pem.h&gt;
+ ...
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
+ EVP_PKEY_keygen_init(pctx);
+ EVP_PKEY_keygen(pctx, &amp;pkey);
+ EVP_PKEY_CTX_free(pctx);
+ PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/RAND.html b/msys2/usr/share/doc/openssl/html/man7/RAND.html
new file mode 100644
index 000000000..44c901364
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/RAND.html
@@ -0,0 +1,64 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND - the OpenSSL random generator</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Random numbers are a vital part of cryptography, they are needed to provide unpredictability for tasks like key generation, creating salts, and many more. Software-based generators must be seeded with external randomness before they can be used as a cryptographically-secure pseudo-random number generator (CSPRNG). The availability of common hardware with special instructions and modern operating systems, which may use items such as interrupt jitter and network packet timings, can be reasonable sources of seeding material.</p>
+
+<p>OpenSSL comes with a default implementation of the RAND API which is based on the deterministic random bit generator (DRBG) model as described in [NIST SP 800-90A Rev. 1]. The default random generator will initialize automatically on first use and will be fully functional without having to be initialized (&#39;seeded&#39;) explicitly. It seeds and reseeds itself automatically using trusted random sources provided by the operating system.</p>
+
+<p>As a normal application developer, you do not have to worry about any details, just use <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> to obtain random data. Having said that, there is one important rule to obey: Always check the error return value of <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and do not take randomness for granted.</p>
+
+<p>For values that should remain secret, you can use <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a> instead. This method does not provide &#39;better&#39; randomness, it uses the same type of CSPRNG. The intention behind using a dedicated CSPRNG exclusively for private values is that none of its output should be visible to an attacker (e.g., used as salt value), in order to reveal as little information as possible about its internal state, and that a compromise of the &quot;public&quot; CSPRNG instance will not affect the secrecy of these private values.</p>
+
+<p>In the rare case where the default implementation does not satisfy your special requirements, there are two options:</p>
+
+<ul>
+
+<li><p>Replace the default RAND method by your own RAND method using <a href="../man3/RAND_set_rand_method.html">RAND_set_rand_method(3)</a>.</p>
+
+</li>
+<li><p>Modify the default settings of the OpenSSL RAND method by modifying the security parameters of the underlying DRBG, which is described in detail in <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a>.</p>
+
+</li>
+</ul>
+
+<p>Changing the default random generator or its default parameters should be necessary only in exceptional cases and is not recommended, unless you have a profound knowledge of cryptographic principles and understand the implications of your changes.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_add.html">RAND_add(3)</a>, <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>, <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, <a href="../man3/RAND_get_rand_method.html">RAND_get_rand_method(3)</a>, <a href="../man3/RAND_set_rand_method.html">RAND_set_rand_method(3)</a>, <a href="../man3/RAND_OpenSSL.html">RAND_OpenSSL(3)</a>, <a href="../man7/RAND_DRBG.html">RAND_DRBG(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/RAND_DRBG.html b/msys2/usr/share/doc/openssl/html/man7/RAND_DRBG.html
new file mode 100644
index 000000000..de3930ff8
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/RAND_DRBG.html
@@ -0,0 +1,224 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RAND_DRBG</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Disclaimer">Disclaimer</a></li>
+      <li><a href="#Typical-Use-Cases">Typical Use Cases</a></li>
+    </ul>
+  </li>
+  <li><a href="#CHAINING">CHAINING</a></li>
+  <li><a href="#THE-THREE-SHARED-DRBG-INSTANCES">THE THREE SHARED DRBG INSTANCES</a>
+    <ul>
+      <li><a href="#The-master-DRBG-instance">The &lt;master&gt; DRBG instance</a></li>
+      <li><a href="#The-public-DRBG-instance">The &lt;public&gt; DRBG instance</a></li>
+      <li><a href="#The-private-DRBG-instance">The &lt;private&gt; DRBG instance</a></li>
+    </ul>
+  </li>
+  <li><a href="#LOCKING">LOCKING</a></li>
+  <li><a href="#THE-OVERALL-PICTURE">THE OVERALL PICTURE</a></li>
+  <li><a href="#RESEEDING">RESEEDING</a>
+    <ul>
+      <li><a href="#Automatic-Reseeding">Automatic Reseeding</a></li>
+      <li><a href="#Manual-Reseeding">Manual Reseeding</a></li>
+      <li><a href="#Entropy-Input-vs.-Additional-Data">Entropy Input vs. Additional Data</a></li>
+      <li><a href="#Configuring-the-Random-Seed-Source">Configuring the Random Seed Source</a></li>
+      <li><a href="#Reseeding-the-master-DRBG-with-automatic-seeding-enabled">Reseeding the master DRBG with automatic seeding enabled</a></li>
+      <li><a href="#Reseeding-the-master-DRBG-with-automatic-seeding-disabled">Reseeding the master DRBG with automatic seeding disabled</a></li>
+    </ul>
+  </li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RAND_DRBG - the deterministic random bit generator</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/rand_drbg.h&gt;</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The default OpenSSL RAND method is based on the RAND_DRBG class, which implements a deterministic random bit generator (DRBG). A DRBG is a certain type of cryptographically-secure pseudo-random number generator (CSPRNG), which is described in [NIST SP 800-90A Rev. 1].</p>
+
+<p>While the RAND API is the &#39;frontend&#39; which is intended to be used by application developers for obtaining random bytes, the RAND_DRBG API serves as the &#39;backend&#39;, connecting the former with the operating systems&#39;s entropy sources and providing access to the DRBG&#39;s configuration parameters.</p>
+
+<h2 id="Disclaimer">Disclaimer</h2>
+
+<p>Unless you have very specific requirements for your random generator, it is in general not necessary to utilize the RAND_DRBG API directly. The usual way to obtain random bytes is to use <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> or <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a>, see also <a href="../man7/RAND.html">RAND(7)</a>.</p>
+
+<h2 id="Typical-Use-Cases">Typical Use Cases</h2>
+
+<p>Typical examples for such special use cases are the following:</p>
+
+<ul>
+
+<li><p>You want to use your own private DRBG instances. Multiple DRBG instances which are accessed only by a single thread provide additional security (because their internal states are independent) and better scalability in multithreaded applications (because they don&#39;t need to be locked).</p>
+
+</li>
+<li><p>You need to integrate a previously unsupported entropy source.</p>
+
+</li>
+<li><p>You need to change the default settings of the standard OpenSSL RAND implementation to meet specific requirements.</p>
+
+</li>
+</ul>
+
+<h1 id="CHAINING">CHAINING</h1>
+
+<p>A DRBG instance can be used as the entropy source of another DRBG instance, provided it has itself access to a valid entropy source. The DRBG instance which acts as entropy source is called the <i>parent</i> DRBG, the other instance the <i>child</i> DRBG.</p>
+
+<p>This is called chaining. A chained DRBG instance is created by passing a pointer to the parent DRBG as argument to the RAND_DRBG_new() call. It is possible to create chains of more than two DRBG in a row.</p>
+
+<h1 id="THE-THREE-SHARED-DRBG-INSTANCES">THE THREE SHARED DRBG INSTANCES</h1>
+
+<p>Currently, there are three shared DRBG instances, the &lt;master&gt;, &lt;public&gt;, and &lt;private&gt; DRBG. While the &lt;master&gt; DRBG is a single global instance, the &lt;public&gt; and &lt;private&gt; DRBG are created per thread and accessed through thread-local storage.</p>
+
+<p>By default, the functions <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a> and <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a> use the thread-local &lt;public&gt; and &lt;private&gt; DRBG instance, respectively.</p>
+
+<h2 id="The-master-DRBG-instance">The &lt;master&gt; DRBG instance</h2>
+
+<p>The &lt;master&gt; DRBG is not used directly by the application, only for reseeding the two other two DRBG instances. It reseeds itself by obtaining randomness either from os entropy sources or by consuming randomness which was added previously by <a href="../man3/RAND_add.html">RAND_add(3)</a>.</p>
+
+<h2 id="The-public-DRBG-instance">The &lt;public&gt; DRBG instance</h2>
+
+<p>This instance is used per default by <a href="../man3/RAND_bytes.html">RAND_bytes(3)</a>.</p>
+
+<h2 id="The-private-DRBG-instance">The &lt;private&gt; DRBG instance</h2>
+
+<p>This instance is used per default by <a href="../man3/RAND_priv_bytes.html">RAND_priv_bytes(3)</a></p>
+
+<h1 id="LOCKING">LOCKING</h1>
+
+<p>The &lt;master&gt; DRBG is intended to be accessed concurrently for reseeding by its child DRBG instances. The necessary locking is done internally. It is <i>not</i> thread-safe to access the &lt;master&gt; DRBG directly via the RAND_DRBG interface. The &lt;public&gt; and &lt;private&gt; DRBG are thread-local, i.e. there is an instance of each per thread. So they can safely be accessed without locking via the RAND_DRBG interface.</p>
+
+<p>Pointers to these DRBG instances can be obtained using RAND_DRBG_get0_master(), RAND_DRBG_get0_public(), and RAND_DRBG_get0_private(), respectively. Note that it is not allowed to store a pointer to one of the thread-local DRBG instances in a variable or other memory location where it will be accessed and used by multiple threads.</p>
+
+<p>All other DRBG instances created by an application don&#39;t support locking, because they are intended to be used by a single thread. Instead of accessing a single DRBG instance concurrently from different threads, it is recommended to instantiate a separate DRBG instance per thread. Using the &lt;master&gt; DRBG as entropy source for multiple DRBG instances on different threads is thread-safe, because the DRBG instance will lock the &lt;master&gt; DRBG automatically for obtaining random input.</p>
+
+<h1 id="THE-OVERALL-PICTURE">THE OVERALL PICTURE</h1>
+
+<p>The following picture gives an overview over how the DRBG instances work together and are being used.</p>
+
+<pre><code>               +--------------------+
+               | os entropy sources |
+               +--------------------+
+                        |
+                        v           +-----------------------------+
+      RAND_add() ==&gt; &lt;master&gt;     &lt;-| shared DRBG (with locking)  |
+                      /   \         +-----------------------------+
+                     /     \              +---------------------------+
+              &lt;public&gt;     &lt;private&gt;   &lt;- | per-thread DRBG instances |
+                 |             |          +---------------------------+
+                 v             v
+               RAND_bytes()   RAND_priv_bytes()
+                    |               ^
+                    |               |
+    +------------------+      +------------------------------------+
+    | general purpose  |      | used for secrets like session keys |
+    | random generator |      | and private keys for certificates  |
+    +------------------+      +------------------------------------+</code></pre>
+
+<p>The usual way to obtain random bytes is to call RAND_bytes(...) or RAND_priv_bytes(...). These calls are roughly equivalent to calling RAND_DRBG_bytes(&lt;public&gt;, ...) and RAND_DRBG_bytes(&lt;private&gt;, ...), respectively. The method <a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a> is a convenience method wrapping the <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a> function, which serves the actual request for random data.</p>
+
+<h1 id="RESEEDING">RESEEDING</h1>
+
+<p>A DRBG instance seeds itself automatically, pulling random input from its entropy source. The entropy source can be either a trusted operating system entropy source, or another DRBG with access to such a source.</p>
+
+<p>Automatic reseeding occurs after a predefined number of generate requests. The selection of the trusted entropy sources is configured at build time using the --with-rand-seed option. The following sections explain the reseeding process in more detail.</p>
+
+<h2 id="Automatic-Reseeding">Automatic Reseeding</h2>
+
+<p>Before satisfying a generate request (<a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>), the DRBG reseeds itself automatically, if one of the following conditions holds:</p>
+
+<p>- the DRBG was not instantiated (=seeded) yet or has been uninstantiated.</p>
+
+<p>- the number of generate requests since the last reseeding exceeds a certain threshold, the so called <i>reseed_interval</i>. This behaviour can be disabled by setting the <i>reseed_interval</i> to 0.</p>
+
+<p>- the time elapsed since the last reseeding exceeds a certain time interval, the so called <i>reseed_time_interval</i>. This can be disabled by setting the <i>reseed_time_interval</i> to 0.</p>
+
+<p>- the DRBG is in an error state.</p>
+
+<p><b>Note</b>: An error state is entered if the entropy source fails while the DRBG is seeding or reseeding. The last case ensures that the DRBG automatically recovers from the error as soon as the entropy source is available again.</p>
+
+<h2 id="Manual-Reseeding">Manual Reseeding</h2>
+
+<p>In addition to automatic reseeding, the caller can request an immediate reseeding of the DRBG with fresh entropy by setting the <i>prediction resistance</i> parameter to 1 when calling <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>.</p>
+
+<p>The document [NIST SP 800-90C] describes prediction resistance requests in detail and imposes strict conditions on the entropy sources that are approved for providing prediction resistance. Since the default DRBG implementation does not have access to such an approved entropy source, a request for prediction resistance will currently always fail. In other words, prediction resistance is currently not supported yet by the DRBG.</p>
+
+<p>For the three shared DRBGs (and only for these) there is another way to reseed them manually: If <a href="../man3/RAND_add.html">RAND_add(3)</a> is called with a positive <i>randomness</i> argument (or <a href="../man3/RAND_seed.html">RAND_seed(3)</a>), then this will immediately reseed the &lt;master&gt; DRBG. The &lt;public&gt; and &lt;private&gt; DRBG will detect this on their next generate call and reseed, pulling randomness from &lt;master&gt;.</p>
+
+<p>The last feature has been added to support the common practice used with previous OpenSSL versions to call RAND_add() before calling RAND_bytes().</p>
+
+<h2 id="Entropy-Input-vs.-Additional-Data">Entropy Input vs. Additional Data</h2>
+
+<p>The DRBG distinguishes two different types of random input: <i>entropy</i>, which comes from a trusted source, and <i>additional input</i>&#39;, which can optionally be added by the user and is considered untrusted. It is possible to add <i>additional input</i> not only during reseeding, but also for every generate request. This is in fact done automatically by <a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a>.</p>
+
+<h2 id="Configuring-the-Random-Seed-Source">Configuring the Random Seed Source</h2>
+
+<p>In most cases OpenSSL will automatically choose a suitable seed source for automatically seeding and reseeding its &lt;master&gt; DRBG. In some cases however, it will be necessary to explicitly specify a seed source during configuration, using the --with-rand-seed option. For more information, see the INSTALL instructions. There are also operating systems where no seed source is available and automatic reseeding is disabled by default.</p>
+
+<p>The following two sections describe the reseeding process of the master DRBG, depending on whether automatic reseeding is available or not.</p>
+
+<h2 id="Reseeding-the-master-DRBG-with-automatic-seeding-enabled">Reseeding the master DRBG with automatic seeding enabled</h2>
+
+<p>Calling RAND_poll() or RAND_add() is not necessary, because the DRBG pulls the necessary entropy from its source automatically. However, both calls are permitted, and do reseed the RNG.</p>
+
+<p>RAND_add() can be used to add both kinds of random input, depending on the value of the <b>randomness</b> argument:</p>
+
+<dl>
+
+<dt id="randomness-0">randomness == 0:</dt>
+<dd>
+
+<p>The random bytes are mixed as additional input into the current state of the DRBG. Mixing in additional input is not considered a full reseeding, hence the reseed counter is not reset.</p>
+
+</dd>
+<dt id="randomness-01">randomness &gt; 0:</dt>
+<dd>
+
+<p>The random bytes are used as entropy input for a full reseeding (resp. reinstantiation) if the DRBG is instantiated (resp. uninstantiated or in an error state). The number of random bits required for reseeding is determined by the security strength of the DRBG. Currently it defaults to 256 bits (32 bytes). It is possible to provide less randomness than required. In this case the missing randomness will be obtained by pulling random input from the trusted entropy sources.</p>
+
+</dd>
+</dl>
+
+<h2 id="Reseeding-the-master-DRBG-with-automatic-seeding-disabled">Reseeding the master DRBG with automatic seeding disabled</h2>
+
+<p>Calling RAND_poll() will always fail.</p>
+
+<p>RAND_add() needs to be called for initial seeding and periodic reseeding. At least 48 bytes (384 bits) of randomness have to be provided, otherwise the (re-)seeding of the DRBG will fail. This corresponds to one and a half times the security strength of the DRBG. The extra half is used for the nonce during instantiation.</p>
+
+<p>More precisely, the number of bytes needed for seeding depend on the <i>security strength</i> of the DRBG, which is set to 256 by default.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/RAND_DRBG_bytes.html">RAND_DRBG_bytes(3)</a>, <a href="../man3/RAND_DRBG_generate.html">RAND_DRBG_generate(3)</a>, <a href="../man3/RAND_DRBG_reseed.html">RAND_DRBG_reseed(3)</a>, <a href="../man3/RAND_DRBG_get0_master.html">RAND_DRBG_get0_master(3)</a>, <a href="../man3/RAND_DRBG_get0_public.html">RAND_DRBG_get0_public(3)</a>, <a href="../man3/RAND_DRBG_get0_private.html">RAND_DRBG_get0_private(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_interval.html">RAND_DRBG_set_reseed_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_time_interval.html">RAND_DRBG_set_reseed_time_interval(3)</a>, <a href="../man3/RAND_DRBG_set_reseed_defaults.html">RAND_DRBG_set_reseed_defaults(3)</a>, <a href="../man7/RAND.html">RAND(7)</a>,</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/RSA-PSS.html b/msys2/usr/share/doc/openssl/html/man7/RSA-PSS.html
new file mode 100644
index 000000000..be7098be2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/RSA-PSS.html
@@ -0,0 +1,73 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>RSA-PSS</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#Signing-and-Verification">Signing and Verification</a></li>
+      <li><a href="#Key-Generation">Key Generation</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>RSA-PSS - EVP_PKEY RSA-PSS algorithm support</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>RSA-PSS</b> EVP_PKEY implementation is a restricted version of the RSA algorithm which only supports signing, verification and key generation using PSS padding modes with optional parameter restrictions.</p>
+
+<p>It has associated private key and public key formats.</p>
+
+<p>This algorithm shares several control operations with the <b>RSA</b> algorithm but with some restrictions described below.</p>
+
+<h2 id="Signing-and-Verification">Signing and Verification</h2>
+
+<p>Signing and verification is similar to the <b>RSA</b> algorithm except the padding mode is always PSS. If the key in use has parameter restrictions then the corresponding signature parameters are set to the restrictions: for example, if the key can only be used with digest SHA256, MGF1 SHA256 and minimum salt length 32 then the digest, MGF1 digest and salt length will be set to SHA256, SHA256 and 32 respectively.</p>
+
+<h2 id="Key-Generation">Key Generation</h2>
+
+<p>By default no parameter restrictions are placed on the generated key.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>The public key format is documented in RFC4055.</p>
+
+<p>The PKCS#8 private key format used for RSA-PSS keys is similar to the RSA format except it uses the <b>id-RSASSA-PSS</b> OID and the parameters field, if present, restricts the key parameters in the same way as the public key.</p>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 4055</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html">EVP_PKEY_CTX_set_rsa_pss_keygen_md(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.html">EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.html">EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(3)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/SM2.html b/msys2/usr/share/doc/openssl/html/man7/SM2.html
new file mode 100644
index 000000000..cbdfbb0da
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/SM2.html
@@ -0,0 +1,84 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>SM2</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>SM2 - Chinese SM2 signature and encryption algorithm support</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>SM2</b> algorithm was first defined by the Chinese national standard GM/T 0003-2012 and was later standardized by ISO as ISO/IEC 14888. <b>SM2</b> is actually an elliptic curve based algorithm. The current implementation in OpenSSL supports both signature and encryption schemes via the EVP interface.</p>
+
+<p>When doing the <b>SM2</b> signature algorithm, it requires a distinguishing identifier to form the message prefix which is hashed before the real message is hashed.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p><b>SM2</b> signatures can be generated by using the &#39;DigestSign&#39; series of APIs, for instance, EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal(). Ditto for the verification process by calling the &#39;DigestVerify&#39; series of APIs.</p>
+
+<p>There are several special steps that need to be done before computing an <b>SM2</b> signature.</p>
+
+<p>The <b>EVP_PKEY</b> structure will default to using ECDSA for signatures when it is created. It should be set to <b>EVP_PKEY_SM2</b> by calling:</p>
+
+<pre><code> EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);</code></pre>
+
+<p>Then an ID should be set by calling:</p>
+
+<pre><code> EVP_PKEY_CTX_set1_id(pctx, id, id_len);</code></pre>
+
+<p>When calling the EVP_DigestSignInit() or EVP_DigestVerifyInit() functions, a pre-allocated <b>EVP_PKEY_CTX</b> should be assigned to the <b>EVP_MD_CTX</b>. This is done by calling:</p>
+
+<pre><code> EVP_MD_CTX_set_pkey_ctx(mctx, pctx);</code></pre>
+
+<p>And normally there is no need to pass a <b>pctx</b> parameter to EVP_DigestSignInit() or EVP_DigestVerifyInit() in such a scenario.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example demonstrates the calling sequence for using an <b>EVP_PKEY</b> to verify a message with the SM2 signature algorithm and the SM3 hash algorithm:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+
+ /* obtain an EVP_PKEY using whatever methods... */
+ EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);
+ mctx = EVP_MD_CTX_new();
+ pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ EVP_PKEY_CTX_set1_id(pctx, id, id_len);
+ EVP_MD_CTX_set_pkey_ctx(mctx, pctx);;
+ EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey);
+ EVP_DigestVerifyUpdate(mctx, msg, msg_len);
+ EVP_DigestVerifyFinal(mctx, sig, sig_len)</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_set_alias_type.html">EVP_PKEY_set_alias_type(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_DigestVerifyInit.html">EVP_DigestVerifyInit(3)</a>, <a href="../man3/EVP_PKEY_CTX_set1_id.html">EVP_PKEY_CTX_set1_id(3)</a>, <a href="../man3/EVP_MD_CTX_set_pkey_ctx.html">EVP_MD_CTX_set_pkey_ctx(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/X25519.html b/msys2/usr/share/doc/openssl/html/man7/X25519.html
new file mode 100644
index 000000000..bc1946fb7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/X25519.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X25519</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X25519, X448 - EVP_PKEY X25519 and X448 support</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X25519</b> and <b>X448</b> EVP_PKEY implementation supports key generation and key derivation using <b>X25519</b> and <b>X448</b>. It has associated private and public key formats compatible with draft-ietf-curdle-pkix-03.</p>
+
+<p>No additional parameters can be set during key generation.</p>
+
+<p>The peer public key must be set using EVP_PKEY_derive_set_peer() when performing key derivation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A context for the <b>X25519</b> algorithm can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);</code></pre>
+
+<p>For the <b>X448</b> algorithm a context can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X448, NULL);</code></pre>
+
+<p>X25519 or X448 private keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or loaded from a PKCS#8 private key file using <a href="../man3/PEM_read_bio_PrivateKey.html">PEM_read_bio_PrivateKey(3)</a> (or similar function). Completely new keys can also be generated (see the example below). Setting a private key also sets the associated public key.</p>
+
+<p>X25519 or X448 public keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> or loaded from a SubjectPublicKeyInfo structure in a PEM file using <a href="../man3/PEM_read_bio_PUBKEY.html">PEM_read_bio_PUBKEY(3)</a> (or similar function).</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example generates an <b>X25519</b> private key and writes it to standard output in PEM format:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/pem.h&gt;
+ ...
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
+ EVP_PKEY_keygen_init(pctx);
+ EVP_PKEY_keygen(pctx, &amp;pkey);
+ EVP_PKEY_CTX_free(pctx);
+ PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);</code></pre>
+
+<p>The key derivation example in <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> can be used with <b>X25519</b> and <b>X448</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_derive_set_peer.html">EVP_PKEY_derive_set_peer(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/X448.html b/msys2/usr/share/doc/openssl/html/man7/X448.html
new file mode 100644
index 000000000..bc1946fb7
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/X448.html
@@ -0,0 +1,80 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>X25519</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>X25519, X448 - EVP_PKEY X25519 and X448 support</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The <b>X25519</b> and <b>X448</b> EVP_PKEY implementation supports key generation and key derivation using <b>X25519</b> and <b>X448</b>. It has associated private and public key formats compatible with draft-ietf-curdle-pkix-03.</p>
+
+<p>No additional parameters can be set during key generation.</p>
+
+<p>The peer public key must be set using EVP_PKEY_derive_set_peer() when performing key derivation.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A context for the <b>X25519</b> algorithm can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);</code></pre>
+
+<p>For the <b>X448</b> algorithm a context can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X448, NULL);</code></pre>
+
+<p>X25519 or X448 private keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_private_key.html">EVP_PKEY_new_raw_private_key(3)</a> or loaded from a PKCS#8 private key file using <a href="../man3/PEM_read_bio_PrivateKey.html">PEM_read_bio_PrivateKey(3)</a> (or similar function). Completely new keys can also be generated (see the example below). Setting a private key also sets the associated public key.</p>
+
+<p>X25519 or X448 public keys can be set directly using <a href="../man3/EVP_PKEY_new_raw_public_key.html">EVP_PKEY_new_raw_public_key(3)</a> or loaded from a SubjectPublicKeyInfo structure in a PEM file using <a href="../man3/PEM_read_bio_PUBKEY.html">PEM_read_bio_PUBKEY(3)</a> (or similar function).</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example generates an <b>X25519</b> private key and writes it to standard output in PEM format:</p>
+
+<pre><code> #include &lt;openssl/evp.h&gt;
+ #include &lt;openssl/pem.h&gt;
+ ...
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
+ EVP_PKEY_keygen_init(pctx);
+ EVP_PKEY_keygen(pctx, &amp;pkey);
+ EVP_PKEY_CTX_free(pctx);
+ PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);</code></pre>
+
+<p>The key derivation example in <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> can be used with <b>X25519</b> and <b>X448</b>.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_PKEY_derive_set_peer.html">EVP_PKEY_derive_set_peer(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/bio.html b/msys2/usr/share/doc/openssl/html/man7/bio.html
new file mode 100644
index 000000000..e61bb01b3
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/bio.html
@@ -0,0 +1,72 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>bio</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>bio - Basic I/O abstraction</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/bio.h&gt;</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>A BIO is an I/O abstraction, it hides many of the underlying I/O details from an application. If an application uses a BIO for its I/O it can transparently handle SSL connections, unencrypted network connections and file I/O.</p>
+
+<p>There are two type of BIO, a source/sink BIO and a filter BIO.</p>
+
+<p>As its name implies a source/sink BIO is a source and/or sink of data, examples include a socket BIO and a file BIO.</p>
+
+<p>A filter BIO takes data from one BIO and passes it through to another, or the application. The data may be left unmodified (for example a message digest BIO) or translated (for example an encryption BIO). The effect of a filter BIO may change according to the I/O operation it is performing: for example an encryption BIO will encrypt data if it is being written to and decrypt data if it is being read from.</p>
+
+<p>BIOs can be joined together to form a chain (a single BIO is a chain with one component). A chain normally consist of one source/sink BIO and one or more filter BIOs. Data read from or written to the first BIO then traverses the chain to the end (normally a source/sink BIO).</p>
+
+<p>Some BIOs (such as memory BIOs) can be used immediately after calling BIO_new(). Others (such as file BIOs) need some additional initialization, and frequently a utility function exists to create and initialize such BIOs.</p>
+
+<p>If BIO_free() is called on a BIO chain it will only free one BIO resulting in a memory leak.</p>
+
+<p>Calling BIO_free_all() on a single BIO has the same effect as calling BIO_free() on it other than the discarded return value.</p>
+
+<p>Normally the <b>type</b> argument is supplied by a function which returns a pointer to a BIO_METHOD. There is a naming convention for such functions: a source/sink BIO is normally called BIO_s_*() and a filter BIO BIO_f_*();</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>Create a memory BIO:</p>
+
+<pre><code> BIO *mem = BIO_new(BIO_s_mem());</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BIO_ctrl.html">BIO_ctrl(3)</a>, <a href="../man3/BIO_f_base64.html">BIO_f_base64(3)</a>, <a href="../man3/BIO_f_buffer.html">BIO_f_buffer(3)</a>, <a href="../man3/BIO_f_cipher.html">BIO_f_cipher(3)</a>, <a href="../man3/BIO_f_md.html">BIO_f_md(3)</a>, <a href="../man3/BIO_f_null.html">BIO_f_null(3)</a>, <a href="../man3/BIO_f_ssl.html">BIO_f_ssl(3)</a>, <a href="../man3/BIO_find_type.html">BIO_find_type(3)</a>, <a href="../man3/BIO_new.html">BIO_new(3)</a>, <a href="../man3/BIO_new_bio_pair.html">BIO_new_bio_pair(3)</a>, <a href="../man3/BIO_push.html">BIO_push(3)</a>, <a href="../man3/BIO_read_ex.html">BIO_read_ex(3)</a>, <a href="../man3/BIO_s_accept.html">BIO_s_accept(3)</a>, <a href="../man3/BIO_s_bio.html">BIO_s_bio(3)</a>, <a href="../man3/BIO_s_connect.html">BIO_s_connect(3)</a>, <a href="../man3/BIO_s_fd.html">BIO_s_fd(3)</a>, <a href="../man3/BIO_s_file.html">BIO_s_file(3)</a>, <a href="../man3/BIO_s_mem.html">BIO_s_mem(3)</a>, <a href="../man3/BIO_s_null.html">BIO_s_null(3)</a>, <a href="../man3/BIO_s_socket.html">BIO_s_socket(3)</a>, <a href="../man3/BIO_set_callback.html">BIO_set_callback(3)</a>, <a href="../man3/BIO_should_retry.html">BIO_should_retry(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/crypto.html b/msys2/usr/share/doc/openssl/html/man7/crypto.html
new file mode 100644
index 000000000..9f0924bca
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/crypto.html
@@ -0,0 +1,70 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>crypto</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>crypto - OpenSSL cryptographic library</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>See the individual manual pages for details.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The OpenSSL <b>crypto</b> library implements a wide range of cryptographic algorithms used in various Internet standards. The services provided by this library are used by the OpenSSL implementations of SSL, TLS and S/MIME, and they have also been used to implement SSH, OpenPGP, and other cryptographic standards.</p>
+
+<p><b>libcrypto</b> consists of a number of sub-libraries that implement the individual algorithms.</p>
+
+<p>The functionality includes symmetric encryption, public key cryptography and key agreement, certificate handling, cryptographic hash functions, cryptographic pseudo-random number generator, and various utilities.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>Some of the newer functions follow a naming convention using the numbers <b>0</b> and <b>1</b>. For example the functions:</p>
+
+<pre><code> int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+ int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj);</code></pre>
+
+<p>The <b>0</b> version uses the supplied structure pointer directly in the parent and it will be freed up when the parent is freed. In the above example <b>crl</b> would be freed but <b>rev</b> would not.</p>
+
+<p>The <b>1</b> function uses a copy of the supplied structure pointer (or in some cases increases its link count) in the parent and so both (<b>x</b> and <b>obj</b> above) should be freed up.</p>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See the individual manual pages for details.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/ct.html b/msys2/usr/share/doc/openssl/html/man7/ct.html
new file mode 100644
index 000000000..fd08c08ad
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/ct.html
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ct</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ct - Certificate Transparency</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/ct.h&gt;</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>This library implements Certificate Transparency (CT) verification for TLS clients, as defined in RFC 6962. This verification can provide some confidence that a certificate has been publicly logged in a set of CT logs.</p>
+
+<p>By default, these checks are disabled. They can be enabled using <a href="../man3/SSL_CTX_enable_ct.html">SSL_CTX_enable_ct(3)</a> or <a href="../man3/SSL_enable_ct.html">SSL_enable_ct(3)</a>.</p>
+
+<p>This library can also be used to parse and examine CT data structures, such as Signed Certificate Timestamps (SCTs), or to read a list of CT logs. There are functions for: - decoding and encoding SCTs in DER and TLS wire format. - printing SCTs. - verifying the authenticity of SCTs. - loading a CT log list from a CONF file.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/d2i_SCT_LIST.html">d2i_SCT_LIST(3)</a>, <a href="../man3/CTLOG_STORE_new.html">CTLOG_STORE_new(3)</a>, <a href="../man3/CTLOG_STORE_get0_log_by_id.html">CTLOG_STORE_get0_log_by_id(3)</a>, <a href="../man3/SCT_new.html">SCT_new(3)</a>, <a href="../man3/SCT_print.html">SCT_print(3)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/SCT_validate.html">SCT_validate(3)</a>, <a href="../man3/CT_POLICY_EVAL_CTX_new.html">CT_POLICY_EVAL_CTX_new(3)</a>, <a href="../man3/SSL_CTX_set_ct_validation_callback.html">SSL_CTX_set_ct_validation_callback(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p>The ct library was added in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/des_modes.html b/msys2/usr/share/doc/openssl/html/man7/des_modes.html
new file mode 100644
index 000000000..01375fc2d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/des_modes.html
@@ -0,0 +1,214 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>des_modes</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#OVERVIEW">OVERVIEW</a>
+    <ul>
+      <li><a href="#Electronic-Codebook-Mode-ECB">Electronic Codebook Mode (ECB)</a></li>
+      <li><a href="#Cipher-Block-Chaining-Mode-CBC">Cipher Block Chaining Mode (CBC)</a></li>
+      <li><a href="#Cipher-Feedback-Mode-CFB">Cipher Feedback Mode (CFB)</a></li>
+      <li><a href="#Output-Feedback-Mode-OFB">Output Feedback Mode (OFB)</a></li>
+      <li><a href="#Triple-ECB-Mode">Triple ECB Mode</a></li>
+      <li><a href="#Triple-CBC-Mode">Triple CBC Mode</a></li>
+    </ul>
+  </li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>des_modes - the variants of DES and other crypto algorithms of OpenSSL</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Several crypto algorithms for OpenSSL can be used in a number of modes. Those are used for using block ciphers in a way similar to stream ciphers, among other things.</p>
+
+<h1 id="OVERVIEW">OVERVIEW</h1>
+
+<h2 id="Electronic-Codebook-Mode-ECB">Electronic Codebook Mode (ECB)</h2>
+
+<p>Normally, this is found as the function <i>algorithm</i>_ecb_encrypt().</p>
+
+<ul>
+
+<li><p>64 bits are enciphered at a time.</p>
+
+</li>
+<li><p>The order of the blocks can be rearranged without detection.</p>
+
+</li>
+<li><p>The same plaintext block always produces the same ciphertext block (for the same key) making it vulnerable to a &#39;dictionary attack&#39;.</p>
+
+</li>
+<li><p>An error will only affect one ciphertext block.</p>
+
+</li>
+</ul>
+
+<h2 id="Cipher-Block-Chaining-Mode-CBC">Cipher Block Chaining Mode (CBC)</h2>
+
+<p>Normally, this is found as the function <i>algorithm</i>_cbc_encrypt(). Be aware that des_cbc_encrypt() is not really DES CBC (it does not update the IV); use des_ncbc_encrypt() instead.</p>
+
+<ul>
+
+<li><p>a multiple of 64 bits are enciphered at a time.</p>
+
+</li>
+<li><p>The CBC mode produces the same ciphertext whenever the same plaintext is encrypted using the same key and starting variable.</p>
+
+</li>
+<li><p>The chaining operation makes the ciphertext blocks dependent on the current and all preceding plaintext blocks and therefore blocks can not be rearranged.</p>
+
+</li>
+<li><p>The use of different starting variables prevents the same plaintext enciphering to the same ciphertext.</p>
+
+</li>
+<li><p>An error will affect the current and the following ciphertext blocks.</p>
+
+</li>
+</ul>
+
+<h2 id="Cipher-Feedback-Mode-CFB">Cipher Feedback Mode (CFB)</h2>
+
+<p>Normally, this is found as the function <i>algorithm</i>_cfb_encrypt().</p>
+
+<ul>
+
+<li><p>a number of bits (j) &lt;= 64 are enciphered at a time.</p>
+
+</li>
+<li><p>The CFB mode produces the same ciphertext whenever the same plaintext is encrypted using the same key and starting variable.</p>
+
+</li>
+<li><p>The chaining operation makes the ciphertext variables dependent on the current and all preceding variables and therefore j-bit variables are chained together and can not be rearranged.</p>
+
+</li>
+<li><p>The use of different starting variables prevents the same plaintext enciphering to the same ciphertext.</p>
+
+</li>
+<li><p>The strength of the CFB mode depends on the size of k (maximal if j == k). In my implementation this is always the case.</p>
+
+</li>
+<li><p>Selection of a small value for j will require more cycles through the encipherment algorithm per unit of plaintext and thus cause greater processing overheads.</p>
+
+</li>
+<li><p>Only multiples of j bits can be enciphered.</p>
+
+</li>
+<li><p>An error will affect the current and the following ciphertext variables.</p>
+
+</li>
+</ul>
+
+<h2 id="Output-Feedback-Mode-OFB">Output Feedback Mode (OFB)</h2>
+
+<p>Normally, this is found as the function <i>algorithm</i>_ofb_encrypt().</p>
+
+<ul>
+
+<li><p>a number of bits (j) &lt;= 64 are enciphered at a time.</p>
+
+</li>
+<li><p>The OFB mode produces the same ciphertext whenever the same plaintext enciphered using the same key and starting variable. More over, in the OFB mode the same key stream is produced when the same key and start variable are used. Consequently, for security reasons a specific start variable should be used only once for a given key.</p>
+
+</li>
+<li><p>The absence of chaining makes the OFB more vulnerable to specific attacks.</p>
+
+</li>
+<li><p>The use of different start variables values prevents the same plaintext enciphering to the same ciphertext, by producing different key streams.</p>
+
+</li>
+<li><p>Selection of a small value for j will require more cycles through the encipherment algorithm per unit of plaintext and thus cause greater processing overheads.</p>
+
+</li>
+<li><p>Only multiples of j bits can be enciphered.</p>
+
+</li>
+<li><p>OFB mode of operation does not extend ciphertext errors in the resultant plaintext output. Every bit error in the ciphertext causes only one bit to be in error in the deciphered plaintext.</p>
+
+</li>
+<li><p>OFB mode is not self-synchronizing. If the two operation of encipherment and decipherment get out of synchronism, the system needs to be re-initialized.</p>
+
+</li>
+<li><p>Each re-initialization should use a value of the start variable different from the start variable values used before with the same key. The reason for this is that an identical bit stream would be produced each time from the same parameters. This would be susceptible to a &#39;known plaintext&#39; attack.</p>
+
+</li>
+</ul>
+
+<h2 id="Triple-ECB-Mode">Triple ECB Mode</h2>
+
+<p>Normally, this is found as the function <i>algorithm</i>_ecb3_encrypt().</p>
+
+<ul>
+
+<li><p>Encrypt with key1, decrypt with key2 and encrypt with key3 again.</p>
+
+</li>
+<li><p>As for ECB encryption but increases the key length to 168 bits. There are theoretic attacks that can be used that make the effective key length 112 bits, but this attack also requires 2^56 blocks of memory, not very likely, even for the NSA.</p>
+
+</li>
+<li><p>If both keys are the same it is equivalent to encrypting once with just one key.</p>
+
+</li>
+<li><p>If the first and last key are the same, the key length is 112 bits. There are attacks that could reduce the effective key strength to only slightly more than 56 bits, but these require a lot of memory.</p>
+
+</li>
+<li><p>If all 3 keys are the same, this is effectively the same as normal ecb mode.</p>
+
+</li>
+</ul>
+
+<h2 id="Triple-CBC-Mode">Triple CBC Mode</h2>
+
+<p>Normally, this is found as the function <i>algorithm</i>_ede3_cbc_encrypt().</p>
+
+<ul>
+
+<li><p>Encrypt with key1, decrypt with key2 and then encrypt with key3.</p>
+
+</li>
+<li><p>As for CBC encryption but increases the key length to 168 bits with the same restrictions as for triple ecb mode.</p>
+
+</li>
+</ul>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>This text was been written in large parts by Eric Young in his original documentation for SSLeay, the predecessor of OpenSSL. In turn, he attributed it to:</p>
+
+<pre><code>        AS 2805.5.2
+        Australian Standard
+        Electronic funds transfer - Requirements for interfaces,
+        Part 5.2: Modes of operation for an n-bit block cipher algorithm
+        Appendix A</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/BF_encrypt.html">BF_encrypt(3)</a>, <a href="../man3/DES_crypt.html">DES_crypt(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/evp.html b/msys2/usr/share/doc/openssl/html/man7/evp.html
new file mode 100644
index 000000000..d5f43a0e2
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/evp.html
@@ -0,0 +1,83 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>evp</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>evp - high-level cryptographic functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/evp.h&gt;</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP library provides a high-level interface to cryptographic functions.</p>
+
+<p>The <a href="../man3/EVP_SealInit.html"><b>EVP_Seal</b><i>XXX</i></a> and <a href="../man3/EVP_OpenInit.html"><b>EVP_Open</b><i>XXX</i></a> functions provide public key encryption and decryption to implement digital &quot;envelopes&quot;.</p>
+
+<p>The <a href="../man3/EVP_DigestSignInit.html"><b>EVP_DigestSign</b><i>XXX</i></a> and <a href="../man3/EVP_DigestVerifyInit.html"><b>EVP_DigestVerify</b><i>XXX</i></a> functions implement digital signatures and Message Authentication Codes (MACs). Also see the older <a href="../man3/EVP_SignInit.html"><b>EVP_Sign</b><i>XXX</i></a> and <a href="../man3/EVP_VerifyInit.html"><b>EVP_Verify</b><i>XXX</i></a> functions.</p>
+
+<p>Symmetric encryption is available with the <a href="../man3/EVP_EncryptInit.html"><b>EVP_Encrypt</b><i>XXX</i></a> functions. The <a href="../man3/EVP_DigestInit.html"><b>EVP_Digest</b><i>XXX</i></a> functions provide message digests.</p>
+
+<p>The <b>EVP_PKEY</b><i>XXX</i> functions provide a high level interface to asymmetric algorithms. To create a new EVP_PKEY see <a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a>. EVP_PKEYs can be associated with a private key of a particular algorithm by using the functions described on the <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a> page, or new keys can be generated using <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>. EVP_PKEYs can be compared using <a href="../man3/EVP_PKEY_cmp.html">EVP_PKEY_cmp(3)</a>, or printed using <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>.</p>
+
+<p>The EVP_PKEY functions support the full range of asymmetric algorithm operations:</p>
+
+<dl>
+
+<dt id="For-key-agreement-see-EVP_PKEY_derive-3">For key agreement see <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></dt>
+<dd>
+
+</dd>
+<dt id="For-signing-and-verifying-see-EVP_PKEY_sign-3-EVP_PKEY_verify-3-and-EVP_PKEY_verify_recover-3-.-However-note-that-these-functions-do-not-perform-a-digest-of-the-data-to-be-signed.-Therefore-normally-you-would-use-the-EVP_DigestSignInit-3-functions-for-this-purpose">For signing and verifying see <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a> and <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>. However, note that these functions do not perform a digest of the data to be signed. Therefore normally you would use the <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a> functions for this purpose.</dt>
+<dd>
+
+</dd>
+<dt id="For-encryption-and-decryption-see-EVP_PKEY_encrypt-3-and-EVP_PKEY_decrypt-3-respectively.-However-note-that-these-functions-perform-encryption-and-decryption-only.-As-public-key-encryption-is-an-expensive-operation-normally-you-would-wrap-an-encrypted-message-in-a-digital-envelope-using-the-EVP_SealInit-3-and-EVP_OpenInit-3-functions">For encryption and decryption see <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a> and <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a> respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a &quot;digital envelope&quot; using the <a href="../man3/EVP_SealInit.html">EVP_SealInit(3)</a> and <a href="../man3/EVP_OpenInit.html">EVP_OpenInit(3)</a> functions.</dt>
+<dd>
+
+</dd>
+</dl>
+
+<p>The <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a> function provides some limited support for password based encryption. Careful selection of the parameters will provide a PKCS#5 PBKDF1 compatible implementation. However, new applications should not typically use this (preferring, for example, PBKDF2 from PCKS#5).</p>
+
+<p>The <a href="../man3/EVP_EncodeInit.html"><b>EVP_Encode</b><i>XXX</i></a> and <a href="../man3/EVP_EncodeInit.html"><b>EVP_Decode</b><i>XXX</i></a> functions implement base 64 encoding and decoding.</p>
+
+<p>All the symmetric algorithms (ciphers), digests and asymmetric algorithms (public key algorithms) can be replaced by ENGINE modules providing alternative implementations. If ENGINE implementations of ciphers or digests are registered as defaults, then the various EVP functions will automatically use those implementations automatically in preference to built in software implementations. For more information, consult the engine(3) man page.</p>
+
+<p>Although low level algorithm specific functions exist for many algorithms their use is discouraged. They cannot be used with an ENGINE and ENGINE versions of new algorithms cannot be accessed using the low level functions. Also makes code harder to adapt to new algorithms and some options are not cleanly supported at the low level and some operations are more efficient using the high level interface.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_DigestInit.html">EVP_DigestInit(3)</a>, <a href="../man3/EVP_EncryptInit.html">EVP_EncryptInit(3)</a>, <a href="../man3/EVP_OpenInit.html">EVP_OpenInit(3)</a>, <a href="../man3/EVP_SealInit.html">EVP_SealInit(3)</a>, <a href="../man3/EVP_DigestSignInit.html">EVP_DigestSignInit(3)</a>, <a href="../man3/EVP_SignInit.html">EVP_SignInit(3)</a>, <a href="../man3/EVP_VerifyInit.html">EVP_VerifyInit(3)</a>, <a href="../man3/EVP_EncodeInit.html">EVP_EncodeInit(3)</a>, <a href="../man3/EVP_PKEY_new.html">EVP_PKEY_new(3)</a>, <a href="../man3/EVP_PKEY_set1_RSA.html">EVP_PKEY_set1_RSA(3)</a>, <a href="../man3/EVP_PKEY_keygen.html">EVP_PKEY_keygen(3)</a>, <a href="../man3/EVP_PKEY_print_private.html">EVP_PKEY_print_private(3)</a>, <a href="../man3/EVP_PKEY_decrypt.html">EVP_PKEY_decrypt(3)</a>, <a href="../man3/EVP_PKEY_encrypt.html">EVP_PKEY_encrypt(3)</a>, <a href="../man3/EVP_PKEY_sign.html">EVP_PKEY_sign(3)</a>, <a href="../man3/EVP_PKEY_verify.html">EVP_PKEY_verify(3)</a>, <a href="../man3/EVP_PKEY_verify_recover.html">EVP_PKEY_verify_recover(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man3/ENGINE_by_id.html">ENGINE_by_id(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/ossl_store-file.html b/msys2/usr/share/doc/openssl/html/man7/ossl_store-file.html
new file mode 100644
index 000000000..195011c32
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/ossl_store-file.html
@@ -0,0 +1,60 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ossl_store-file</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ossl_store-file - The store &#39;file&#39; scheme loader</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>#include &lt;openssl/store.h&gt;</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>Support for the &#39;file&#39; scheme is built into <code>libcrypto</code>. Since files come in all kinds of formats and content types, the &#39;file&#39; scheme has its own layer of functionality called &quot;file handlers&quot;, which are used to try to decode diverse types of file contents.</p>
+
+<p>In case a file is formatted as PEM, each called file handler receives the PEM name (everything following any &#39;<code>-----BEGIN </code>&#39;) as well as possible PEM headers, together with the decoded PEM body. Since PEM formatted files can contain more than one object, the file handlers are called upon for each such object.</p>
+
+<p>If the file isn&#39;t determined to be formatted as PEM, the content is loaded in raw form in its entirety and passed to the available file handlers as is, with no PEM name or headers.</p>
+
+<p>Each file handler is expected to handle PEM and non-PEM content as appropriate. Some may refuse non-PEM content for the sake of determinism (for example, there are keys out in the wild that are represented as an ASN.1 OCTET STRING. In raw form, it&#39;s not easily possible to distinguish those from any other data coming as an ASN.1 OCTET STRING, so such keys would naturally be accepted as PEM files only).</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>When needed, the &#39;file&#39; scheme loader will require a pass phrase by using the <code>UI_METHOD</code> that was passed via OSSL_STORE_open(). This pass phrase is expected to be UTF-8 encoded, anything else will give an undefined result. The files made accessible through this loader are expected to be standard compliant with regards to pass phrase encoding. Files that aren&#39;t should be re-generated with a correctly encoded pass phrase. See <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a> for more information.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man7/passphrase-encoding.html">passphrase-encoding(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/ossl_store.html b/msys2/usr/share/doc/openssl/html/man7/ossl_store.html
new file mode 100644
index 000000000..13a2c690a
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/ossl_store.html
@@ -0,0 +1,105 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ossl_store</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#General">General</a></li>
+      <li><a href="#URI-schemes-and-loaders">URI schemes and loaders</a></li>
+      <li><a href="#UI_METHOD-and-pass-phrases">UI_METHOD and pass phrases</a></li>
+    </ul>
+  </li>
+  <li><a href="#EXAMPLES">EXAMPLES</a>
+    <ul>
+      <li><a href="#A-generic-call">A generic call</a></li>
+    </ul>
+  </li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ossl_store - Store retrieval functions</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>#include &lt;openssl/store.h&gt;</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<h2 id="General">General</h2>
+
+<p>A STORE is a layer of functionality to retrieve a number of supported objects from a repository of any kind, addressable as a file name or as a URI.</p>
+
+<p>The functionality supports the pattern &quot;open a channel to the repository&quot;, &quot;loop and retrieve one object at a time&quot;, and &quot;finish up by closing the channel&quot;.</p>
+
+<p>The retrieved objects are returned as a wrapper type <b>OSSL_STORE_INFO</b>, from which an OpenSSL type can be retrieved.</p>
+
+<h2 id="URI-schemes-and-loaders">URI schemes and loaders</h2>
+
+<p>Support for a URI scheme is called a STORE &quot;loader&quot;, and can be added dynamically from the calling application or from a loadable engine.</p>
+
+<p>Support for the &#39;file&#39; scheme is built into <code>libcrypto</code>. See <a href="../man7/ossl_store-file.html">ossl_store-file(7)</a> for more information.</p>
+
+<h2 id="UI_METHOD-and-pass-phrases">UI_METHOD and pass phrases</h2>
+
+<p>The <b>OSS_STORE</b> API does nothing to enforce any specific format or encoding on the pass phrase that the <b>UI_METHOD</b> provides. However, the pass phrase is expected to be UTF-8 encoded. The result of any other encoding is undefined.</p>
+
+<h1 id="EXAMPLES">EXAMPLES</h1>
+
+<h2 id="A-generic-call">A generic call</h2>
+
+<pre><code> OSSL_STORE_CTX *ctx = OSSL_STORE_open(&quot;file:/foo/bar/data.pem&quot;);
+
+ /*
+  * OSSL_STORE_eof() simulates file semantics for any repository to signal
+  * that no more data can be expected
+  */
+ while (!OSSL_STORE_eof(ctx)) {
+     OSSL_STORE_INFO *info = OSSL_STORE_load(ctx);
+
+     /*
+      * Do whatever is necessary with the OSSL_STORE_INFO,
+      * here just one example
+      */
+     switch (OSSL_STORE_INFO_get_type(info)) {
+     case OSSL_STORE_INFO_X509:
+         /* Print the X.509 certificate text */
+         X509_print_fp(stdout, OSSL_STORE_INFO_get0_CERT(info));
+         /* Print the X.509 certificate PEM output */
+         PEM_write_X509(stdout, OSSL_STORE_INFO_get0_CERT(info));
+         break;
+     }
+ }
+
+ OSSL_STORE_close(ctx);</code></pre>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/OSSL_STORE_INFO.html">OSSL_STORE_INFO(3)</a>, <a href="../man3/OSSL_STORE_LOADER.html">OSSL_STORE_LOADER(3)</a>, <a href="../man3/OSSL_STORE_open.html">OSSL_STORE_open(3)</a>, <a href="../man3/OSSL_STORE_expect.html">OSSL_STORE_expect(3)</a>, <a href="../man3/OSSL_STORE_SEARCH.html">OSSL_STORE_SEARCH(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/passphrase-encoding.html b/msys2/usr/share/doc/openssl/html/man7/passphrase-encoding.html
new file mode 100644
index 000000000..a8e8a0d0d
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/passphrase-encoding.html
@@ -0,0 +1,124 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>passphrase-encoding</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a>
+    <ul>
+      <li><a href="#The-general-case">The general case</a></li>
+      <li><a href="#PKCS-12">PKCS#12</a></li>
+      <li><a href="#OSSL_STORE">OSSL_STORE</a></li>
+    </ul>
+  </li>
+  <li><a href="#RECOMMENDATIONS">RECOMMENDATIONS</a>
+    <ul>
+      <li><a href="#Creating-new-objects">Creating new objects</a></li>
+      <li><a href="#Opening-existing-objects">Opening existing objects</a></li>
+    </ul>
+  </li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>passphrase-encoding - How diverse parts of OpenSSL treat pass phrases character encoding</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>In a modern world with all sorts of character encodings, the treatment of pass phrases has become increasingly complex. This manual page attempts to give an overview over how this problem is currently addressed in different parts of the OpenSSL library.</p>
+
+<h2 id="The-general-case">The general case</h2>
+
+<p>The OpenSSL library doesn&#39;t treat pass phrases in any special way as a general rule, and trusts the application or user to choose a suitable character set and stick to that throughout the lifetime of affected objects. This means that for an object that was encrypted using a pass phrase encoded in ISO-8859-1, that object needs to be decrypted using a pass phrase encoded in ISO-8859-1. Using the wrong encoding is expected to cause a decryption failure.</p>
+
+<h2 id="PKCS-12">PKCS#12</h2>
+
+<p>PKCS#12 is a bit different regarding pass phrase encoding. The standard stipulates that the pass phrase shall be encoded as an ASN.1 BMPString, which consists of the code points of the basic multilingual plane, encoded in big endian (UCS-2 BE).</p>
+
+<p>OpenSSL tries to adapt to this requirements in one of the following manners:</p>
+
+<ol>
+
+<li><p>Treats the received pass phrase as UTF-8 encoded and tries to re-encode it to UTF-16 (which is the same as UCS-2 for characters U+0000 to U+D7FF and U+E000 to U+FFFF, but becomes an expansion for any other character), or failing that, proceeds with step 2.</p>
+
+</li>
+<li><p>Assumes that the pass phrase is encoded in ASCII or ISO-8859-1 and opportunistically prepends each byte with a zero byte to obtain the UCS-2 encoding of the characters, which it stores as a BMPString.</p>
+
+<p>Note that since there is no check of your locale, this may produce UCS-2 / UTF-16 characters that do not correspond to the original pass phrase characters for other character sets, such as any ISO-8859-X encoding other than ISO-8859-1 (or for Windows, CP 1252 with exception for the extra &quot;graphical&quot; characters in the 0x80-0x9F range).</p>
+
+</li>
+</ol>
+
+<p>OpenSSL versions older than 1.1.0 do variant 2 only, and that is the reason why OpenSSL still does this, to be able to read files produced with older versions.</p>
+
+<p>It should be noted that this approach isn&#39;t entirely fault free.</p>
+
+<p>A pass phrase encoded in ISO-8859-2 could very well have a sequence such as 0xC3 0xAF (which is the two characters &quot;LATIN CAPITAL LETTER A WITH BREVE&quot; and &quot;LATIN CAPITAL LETTER Z WITH DOT ABOVE&quot; in ISO-8859-2 encoding), but would be misinterpreted as the perfectly valid UTF-8 encoded code point U+00EF (LATIN SMALL LETTER I WITH DIARESIS) <i>if the pass phrase doesn&#39;t contain anything that would be invalid UTF-8</i>. A pass phrase that contains this kind of byte sequence will give a different outcome in OpenSSL 1.1.0 and newer than in OpenSSL older than 1.1.0.</p>
+
+<pre><code> 0x00 0xC3 0x00 0xAF                    # OpenSSL older than 1.1.0
+ 0x00 0xEF                              # OpenSSL 1.1.0 and newer</code></pre>
+
+<p>On the same accord, anything encoded in UTF-8 that was given to OpenSSL older than 1.1.0 was misinterpreted as ISO-8859-1 sequences.</p>
+
+<h2 id="OSSL_STORE">OSSL_STORE</h2>
+
+<p><a href="../man7/ossl_store.html">ossl_store(7)</a> acts as a general interface to access all kinds of objects, potentially protected with a pass phrase, a PIN or something else. This API stipulates that pass phrases should be UTF-8 encoded, and that any other pass phrase encoding may give undefined results. This API relies on the application to ensure UTF-8 encoding, and doesn&#39;t check that this is the case, so what it gets, it will also pass to the underlying loader.</p>
+
+<h1 id="RECOMMENDATIONS">RECOMMENDATIONS</h1>
+
+<p>This section assumes that you know what pass phrase was used for encryption, but that it may have been encoded in a different character encoding than the one used by your current input method. For example, the pass phrase may have been used at a time when your default encoding was ISO-8859-1 (i.e. &quot;na&iuml;ve&quot; resulting in the byte sequence 0x6E 0x61 0xEF 0x76 0x65), and you&#39;re now in an environment where your default encoding is UTF-8 (i.e. &quot;na&iuml;ve&quot; resulting in the byte sequence 0x6E 0x61 0xC3 0xAF 0x76 0x65). Whenever it&#39;s mentioned that you should use a certain character encoding, it should be understood that you either change the input method to use the mentioned encoding when you type in your pass phrase, or use some suitable tool to convert your pass phrase from your default encoding to the target encoding.</p>
+
+<p>Also note that the sub-sections below discuss human readable pass phrases. This is particularly relevant for PKCS#12 objects, where human readable pass phrases are assumed. For other objects, it&#39;s as legitimate to use any byte sequence (such as a sequence of bytes from `/dev/urandom` that&#39;s been saved away), which makes any character encoding discussion irrelevant; in such cases, simply use the same byte sequence as it is.</p>
+
+<h2 id="Creating-new-objects">Creating new objects</h2>
+
+<p>For creating new pass phrase protected objects, make sure the pass phrase is encoded using UTF-8. This is default on most modern Unixes, but may involve an effort on other platforms. Specifically for Windows, setting the environment variable <code>OPENSSL_WIN32_UTF8</code> will have anything entered on [Windows] console prompt converted to UTF-8 (command line and separately prompted pass phrases alike).</p>
+
+<h2 id="Opening-existing-objects">Opening existing objects</h2>
+
+<p>For opening pass phrase protected objects where you know what character encoding was used for the encryption pass phrase, make sure to use the same encoding again.</p>
+
+<p>For opening pass phrase protected objects where the character encoding that was used is unknown, or where the producing application is unknown, try one of the following:</p>
+
+<ol>
+
+<li><p>Try the pass phrase that you have as it is in the character encoding of your environment. It&#39;s possible that its byte sequence is exactly right.</p>
+
+</li>
+<li><p>Convert the pass phrase to UTF-8 and try with the result. Specifically with PKCS#12, this should open up any object that was created according to the specification.</p>
+
+</li>
+<li><p>Do a na&iuml;ve (i.e. purely mathematical) ISO-8859-1 to UTF-8 conversion and try with the result. This differs from the previous attempt because ISO-8859-1 maps directly to U+0000 to U+00FF, which other non-UTF-8 character sets do not.</p>
+
+<p>This also takes care of the case when a UTF-8 encoded string was used with OpenSSL older than 1.1.0. (for example, <code>&iuml;</code>, which is 0xC3 0xAF when encoded in UTF-8, would become 0xC3 0x83 0xC2 0xAF when re-encoded in the na&iuml;ve manner. The conversion to BMPString would then yield 0x00 0xC3 0x00 0xA4 0x00 0x00, the erroneous/non-compliant encoding used by OpenSSL older than 1.1.0)</p>
+
+</li>
+</ol>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man7/evp.html">evp(7)</a>, <a href="../man7/ossl_store.html">ossl_store(7)</a>, <a href="../man3/EVP_BytesToKey.html">EVP_BytesToKey(3)</a>, <a href="../man3/EVP_DecryptInit.html">EVP_DecryptInit(3)</a>, <a href="../man3/PEM_do_header.html">PEM_do_header(3)</a>, <a href="../man3/PKCS12_parse.html">PKCS12_parse(3)</a>, <a href="../man3/PKCS12_newpass.html">PKCS12_newpass(3)</a>, <a href="../man3/d2i_PKCS8PrivateKey_bio.html">d2i_PKCS8PrivateKey_bio(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/scrypt.html b/msys2/usr/share/doc/openssl/html/man7/scrypt.html
new file mode 100644
index 000000000..35ba62817
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/scrypt.html
@@ -0,0 +1,112 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>scrypt</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#NOTES">NOTES</a></li>
+  <li><a href="#EXAMPLE">EXAMPLE</a></li>
+  <li><a href="#CONFORMING-TO">CONFORMING TO</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>scrypt - EVP_PKEY scrypt KDF support</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The EVP_PKEY_SCRYPT algorithm implements the scrypt password based key derivation function, as described in RFC 7914. It is memory-hard in the sense that it deliberately requires a significant amount of RAM for efficient computation. The intention of this is to render brute forcing of passwords on systems that lack large amounts of main memory (such as GPUs or ASICs) computationally infeasible.</p>
+
+<p>scrypt provides three work factors that can be customized: N, r and p. N, which has to be a positive power of two, is the general work factor and scales CPU time in an approximately linear fashion. r is the block size of the internally used hash function and p is the parallelization factor. Both r and p need to be greater than zero. The amount of RAM that scrypt requires for its computation is roughly (128 * N * r * p) bytes.</p>
+
+<p>In the original paper of Colin Percival (&quot;Stronger Key Derivation via Sequential Memory-Hard Functions&quot;, 2009), the suggested values that give a computation time of less than 5 seconds on a 2.5 GHz Intel Core 2 Duo are N = 2^20 = 1048576, r = 8, p = 1. Consequently, the required amount of memory for this computation is roughly 1 GiB. On a more recent CPU (Intel i7-5930K at 3.5 GHz), this computation takes about 3 seconds. When N, r or p are not specified, they default to 1048576, 8, and 1, respectively. The default amount of RAM that may be used by scrypt defaults to 1025 MiB.</p>
+
+<h1 id="NOTES">NOTES</h1>
+
+<p>A context for scrypt can be obtained by calling:</p>
+
+<pre><code> EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL);</code></pre>
+
+<p>The output length of an scrypt key derivation is specified via the length parameter to the <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a> function.</p>
+
+<h1 id="EXAMPLE">EXAMPLE</h1>
+
+<p>This example derives a 64-byte long test vector using scrypt using the password &quot;password&quot;, salt &quot;NaCl&quot; and N = 1024, r = 8, p = 16.</p>
+
+<pre><code> EVP_PKEY_CTX *pctx;
+ unsigned char out[64];
+
+ size_t outlen = sizeof(out);
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL);
+
+ if (EVP_PKEY_derive_init(pctx) &lt;= 0) {
+     error(&quot;EVP_PKEY_derive_init&quot;);
+ }
+ if (EVP_PKEY_CTX_set1_pbe_pass(pctx, &quot;password&quot;, 8) &lt;= 0) {
+     error(&quot;EVP_PKEY_CTX_set1_pbe_pass&quot;);
+ }
+ if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, &quot;NaCl&quot;, 4) &lt;= 0) {
+     error(&quot;EVP_PKEY_CTX_set1_scrypt_salt&quot;);
+ }
+ if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) &lt;= 0) {
+     error(&quot;EVP_PKEY_CTX_set_scrypt_N&quot;);
+ }
+ if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) &lt;= 0) {
+     error(&quot;EVP_PKEY_CTX_set_scrypt_r&quot;);
+ }
+ if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) &lt;= 0) {
+     error(&quot;EVP_PKEY_CTX_set_scrypt_p&quot;);
+ }
+ if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0) {
+     error(&quot;EVP_PKEY_derive&quot;);
+ }
+
+ {
+     const unsigned char expected[sizeof(out)] = {
+         0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
+         0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
+         0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
+         0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
+         0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
+         0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
+         0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
+         0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
+     };
+
+     assert(!memcmp(out, expected, sizeof(out)));
+ }
+
+ EVP_PKEY_CTX_free(pctx);</code></pre>
+
+<h1 id="CONFORMING-TO">CONFORMING TO</h1>
+
+<p>RFC 7914</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/EVP_PKEY_CTX_set1_scrypt_salt.html">EVP_PKEY_CTX_set1_scrypt_salt(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_scrypt_N.html">EVP_PKEY_CTX_set_scrypt_N(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_scrypt_r.html">EVP_PKEY_CTX_set_scrypt_r(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_scrypt_p.html">EVP_PKEY_CTX_set_scrypt_p(3)</a>, <a href="../man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.html">EVP_PKEY_CTX_set_scrypt_maxmem_bytes(3)</a>, <a href="../man3/EVP_PKEY_CTX_new.html">EVP_PKEY_CTX_new(3)</a>, <a href="../man3/EVP_PKEY_CTX_ctrl_str.html">EVP_PKEY_CTX_ctrl_str(3)</a>, <a href="../man3/EVP_PKEY_derive.html">EVP_PKEY_derive(3)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/ssl.html b/msys2/usr/share/doc/openssl/html/man7/ssl.html
new file mode 100644
index 000000000..0f2be30d5
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/ssl.html
@@ -0,0 +1,1248 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>ssl</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#DATA-STRUCTURES">DATA STRUCTURES</a></li>
+  <li><a href="#HEADER-FILES">HEADER FILES</a></li>
+  <li><a href="#API-FUNCTIONS">API FUNCTIONS</a>
+    <ul>
+      <li><a href="#Dealing-with-Protocol-Methods">Dealing with Protocol Methods</a></li>
+      <li><a href="#Dealing-with-Ciphers">Dealing with Ciphers</a></li>
+      <li><a href="#Dealing-with-Protocol-Contexts">Dealing with Protocol Contexts</a></li>
+      <li><a href="#Dealing-with-Sessions">Dealing with Sessions</a></li>
+      <li><a href="#Dealing-with-Connections">Dealing with Connections</a></li>
+    </ul>
+  </li>
+  <li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#HISTORY">HISTORY</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>ssl - OpenSSL SSL/TLS library</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<p>See the individual manual pages for details.</p>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>The OpenSSL <b>ssl</b> library implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols. It provides a rich API which is documented here.</p>
+
+<p>An <b>SSL_CTX</b> object is created as a framework to establish TLS/SSL enabled connections (see <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>). Various options regarding certificates, algorithms etc. can be set in this object.</p>
+
+<p>When a network connection has been created, it can be assigned to an <b>SSL</b> object. After the <b>SSL</b> object has been created using <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_set_fd.html">SSL_set_fd(3)</a> or <a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a> can be used to associate the network connection with the object.</p>
+
+<p>When the TLS/SSL handshake is performed using <a href="../man3/SSL_accept.html">SSL_accept(3)</a> or <a href="../man3/SSL_connect.html">SSL_connect(3)</a> respectively. <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a> and <a href="../man3/SSL_write.html">SSL_write(3)</a> are used to read and write data on the TLS/SSL connection. <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a> can be used to shut down the TLS/SSL connection.</p>
+
+<h1 id="DATA-STRUCTURES">DATA STRUCTURES</h1>
+
+<p>Currently the OpenSSL <b>ssl</b> library functions deals with the following data structures:</p>
+
+<dl>
+
+<dt id="SSL_METHOD-SSL-Method"><b>SSL_METHOD</b> (SSL Method)</dt>
+<dd>
+
+<p>This is a dispatch structure describing the internal <b>ssl</b> library methods/functions which implement the various protocol versions (SSLv3 TLSv1, ...). It&#39;s needed to create an <b>SSL_CTX</b>.</p>
+
+</dd>
+<dt id="SSL_CIPHER-SSL-Cipher"><b>SSL_CIPHER</b> (SSL Cipher)</dt>
+<dd>
+
+<p>This structure holds the algorithm information for a particular cipher which are a core part of the SSL/TLS protocol. The available ciphers are configured on a <b>SSL_CTX</b> basis and the actual ones used are then part of the <b>SSL_SESSION</b>.</p>
+
+</dd>
+<dt id="SSL_CTX-SSL-Context"><b>SSL_CTX</b> (SSL Context)</dt>
+<dd>
+
+<p>This is the global context structure which is created by a server or client once per program life-time and which holds mainly default values for the <b>SSL</b> structures which are later created for the connections.</p>
+
+</dd>
+<dt id="SSL_SESSION-SSL-Session"><b>SSL_SESSION</b> (SSL Session)</dt>
+<dd>
+
+<p>This is a structure containing the current TLS/SSL session details for a connection: <b>SSL_CIPHER</b>s, client and server certificates, keys, etc.</p>
+
+</dd>
+<dt id="SSL-SSL-Connection"><b>SSL</b> (SSL Connection)</dt>
+<dd>
+
+<p>This is the main SSL/TLS structure which is created by a server or client per established connection. This actually is the core structure in the SSL API. At run-time the application usually deals with this structure which has links to mostly all other structures.</p>
+
+</dd>
+</dl>
+
+<h1 id="HEADER-FILES">HEADER FILES</h1>
+
+<p>Currently the OpenSSL <b>ssl</b> library provides the following C header files containing the prototypes for the data structures and functions:</p>
+
+<dl>
+
+<dt id="ssl.h"><b>ssl.h</b></dt>
+<dd>
+
+<p>This is the common header file for the SSL/TLS API. Include it into your program to make the API of the <b>ssl</b> library available. It internally includes both more private SSL headers and headers from the <b>crypto</b> library. Whenever you need hard-core details on the internals of the SSL API, look inside this header file.</p>
+
+</dd>
+<dt id="ssl2.h"><b>ssl2.h</b></dt>
+<dd>
+
+<p>Unused. Present for backwards compatibility only.</p>
+
+</dd>
+<dt id="ssl3.h"><b>ssl3.h</b></dt>
+<dd>
+
+<p>This is the sub header file dealing with the SSLv3 protocol only. <i>Usually you don&#39;t have to include it explicitly because it&#39;s already included by ssl.h</i>.</p>
+
+</dd>
+<dt id="tls1.h"><b>tls1.h</b></dt>
+<dd>
+
+<p>This is the sub header file dealing with the TLSv1 protocol only. <i>Usually you don&#39;t have to include it explicitly because it&#39;s already included by ssl.h</i>.</p>
+
+</dd>
+</dl>
+
+<h1 id="API-FUNCTIONS">API FUNCTIONS</h1>
+
+<p>Currently the OpenSSL <b>ssl</b> library exports 214 API functions. They are documented in the following:</p>
+
+<h2 id="Dealing-with-Protocol-Methods">Dealing with Protocol Methods</h2>
+
+<p>Here we document the various API functions which deal with the SSL/TLS protocol methods defined in <b>SSL_METHOD</b> structures.</p>
+
+<dl>
+
+<dt id="const-SSL_METHOD-TLS_method-void">const SSL_METHOD *<b>TLS_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the <i>version-flexible</i> SSL_METHOD structure for clients, servers or both. See <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a> for details.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLS_client_method-void">const SSL_METHOD *<b>TLS_client_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the <i>version-flexible</i> SSL_METHOD structure for clients. Must be used to support the TLSv1.3 protocol.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLS_server_method-void">const SSL_METHOD *<b>TLS_server_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the <i>version-flexible</i> SSL_METHOD structure for servers. Must be used to support the TLSv1.3 protocol.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_2_method-void">const SSL_METHOD *<b>TLSv1_2_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1.2 SSL_METHOD structure for clients, servers or both.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_2_client_method-void">const SSL_METHOD *<b>TLSv1_2_client_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1.2 SSL_METHOD structure for clients.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_2_server_method-void">const SSL_METHOD *<b>TLSv1_2_server_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1.2 SSL_METHOD structure for servers.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_1_method-void">const SSL_METHOD *<b>TLSv1_1_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1.1 SSL_METHOD structure for clients, servers or both.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_1_client_method-void">const SSL_METHOD *<b>TLSv1_1_client_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1.1 SSL_METHOD structure for clients.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_1_server_method-void">const SSL_METHOD *<b>TLSv1_1_server_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1.1 SSL_METHOD structure for servers.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_method-void">const SSL_METHOD *<b>TLSv1_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1 SSL_METHOD structure for clients, servers or both.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_client_method-void">const SSL_METHOD *<b>TLSv1_client_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1 SSL_METHOD structure for clients.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-TLSv1_server_method-void">const SSL_METHOD *<b>TLSv1_server_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the TLSv1 SSL_METHOD structure for servers.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-SSLv3_method-void">const SSL_METHOD *<b>SSLv3_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the SSLv3 SSL_METHOD structure for clients, servers or both.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-SSLv3_client_method-void">const SSL_METHOD *<b>SSLv3_client_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the SSLv3 SSL_METHOD structure for clients.</p>
+
+</dd>
+<dt id="const-SSL_METHOD-SSLv3_server_method-void">const SSL_METHOD *<b>SSLv3_server_method</b>(void);</dt>
+<dd>
+
+<p>Constructor for the SSLv3 SSL_METHOD structure for servers.</p>
+
+</dd>
+</dl>
+
+<h2 id="Dealing-with-Ciphers">Dealing with Ciphers</h2>
+
+<p>Here we document the various API functions which deal with the SSL/TLS ciphers defined in <b>SSL_CIPHER</b> structures.</p>
+
+<dl>
+
+<dt id="char-SSL_CIPHER_description-SSL_CIPHER-cipher-char-buf-int-len">char *<b>SSL_CIPHER_description</b>(SSL_CIPHER *cipher, char *buf, int len);</dt>
+<dd>
+
+<p>Write a string to <i>buf</i> (with a maximum size of <i>len</i>) containing a human readable description of <i>cipher</i>. Returns <i>buf</i>.</p>
+
+</dd>
+<dt id="int-SSL_CIPHER_get_bits-SSL_CIPHER-cipher-int-alg_bits">int <b>SSL_CIPHER_get_bits</b>(SSL_CIPHER *cipher, int *alg_bits);</dt>
+<dd>
+
+<p>Determine the number of bits in <i>cipher</i>. Because of export crippled ciphers there are two bits: The bits the algorithm supports in general (stored to <i>alg_bits</i>) and the bits which are actually used (the return value).</p>
+
+</dd>
+<dt id="const-char-SSL_CIPHER_get_name-SSL_CIPHER-cipher">const char *<b>SSL_CIPHER_get_name</b>(SSL_CIPHER *cipher);</dt>
+<dd>
+
+<p>Return the internal name of <i>cipher</i> as a string. These are the various strings defined by the <i>SSL3_TXT_xxx</i> and <i>TLS1_TXT_xxx</i> definitions in the header files.</p>
+
+</dd>
+<dt id="const-char-SSL_CIPHER_get_version-SSL_CIPHER-cipher">const char *<b>SSL_CIPHER_get_version</b>(SSL_CIPHER *cipher);</dt>
+<dd>
+
+<p>Returns a string like &quot;<code>SSLv3</code>&quot; or &quot;<code>TLSv1.2</code>&quot; which indicates the SSL/TLS protocol version to which <i>cipher</i> belongs (i.e. where it was defined in the specification the first time).</p>
+
+</dd>
+</dl>
+
+<h2 id="Dealing-with-Protocol-Contexts">Dealing with Protocol Contexts</h2>
+
+<p>Here we document the various API functions which deal with the SSL/TLS protocol context defined in the <b>SSL_CTX</b> structure.</p>
+
+<dl>
+
+<dt id="int-SSL_CTX_add_client_CA-SSL_CTX-ctx-X509-x">int <b>SSL_CTX_add_client_CA</b>(SSL_CTX *ctx, X509 *x);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_CTX_add_extra_chain_cert-SSL_CTX-ctx-X509-x509">long <b>SSL_CTX_add_extra_chain_cert</b>(SSL_CTX *ctx, X509 *x509);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_add_session-SSL_CTX-ctx-SSL_SESSION-c">int <b>SSL_CTX_add_session</b>(SSL_CTX *ctx, SSL_SESSION *c);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_check_private_key-const-SSL_CTX-ctx">int <b>SSL_CTX_check_private_key</b>(const SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_CTX_ctrl-SSL_CTX-ctx-int-cmd-long-larg-char-parg">long <b>SSL_CTX_ctrl</b>(SSL_CTX *ctx, int cmd, long larg, char *parg);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_flush_sessions-SSL_CTX-s-long-t">void <b>SSL_CTX_flush_sessions</b>(SSL_CTX *s, long t);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_free-SSL_CTX-a">void <b>SSL_CTX_free</b>(SSL_CTX *a);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_CTX_get_app_data-SSL_CTX-ctx">char *<b>SSL_CTX_get_app_data</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="X509_STORE-SSL_CTX_get_cert_store-SSL_CTX-ctx">X509_STORE *<b>SSL_CTX_get_cert_store</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="STACK-SSL_CTX_get_ciphers-const-SSL_CTX-ctx">STACK *<b>SSL_CTX_get_ciphers</b>(const SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="STACK-SSL_CTX_get_client_CA_list-const-SSL_CTX-ctx">STACK *<b>SSL_CTX_get_client_CA_list</b>(const SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_get_client_cert_cb-SSL_CTX-ctx-SSL-ssl-X509-x509-EVP_PKEY-pkey">int (*<b>SSL_CTX_get_client_cert_cb</b>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_get_default_read_ahead-SSL_CTX-ctx">void <b>SSL_CTX_get_default_read_ahead</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_CTX_get_ex_data-const-SSL_CTX-s-int-idx">char *<b>SSL_CTX_get_ex_data</b>(const SSL_CTX *s, int idx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_get_ex_new_index-long-argl-char-argp-int-new_func-void-int-dup_func-void-void-free_func-void">int <b>SSL_CTX_get_ex_new_index</b>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_get_info_callback-SSL_CTX-ctx-SSL-ssl-int-cb-int-ret">void (*<b>SSL_CTX_get_info_callback</b>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_get_quiet_shutdown-const-SSL_CTX-ctx">int <b>SSL_CTX_get_quiet_shutdown</b>(const SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_get_read_ahead-SSL_CTX-ctx">void <b>SSL_CTX_get_read_ahead</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_get_session_cache_mode-SSL_CTX-ctx">int <b>SSL_CTX_get_session_cache_mode</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_CTX_get_timeout-const-SSL_CTX-ctx">long <b>SSL_CTX_get_timeout</b>(const SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_get_verify_callback-const-SSL_CTX-ctx-int-ok-X509_STORE_CTX-ctx">int (*<b>SSL_CTX_get_verify_callback</b>(const SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_get_verify_mode-SSL_CTX-ctx">int <b>SSL_CTX_get_verify_mode</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_load_verify_locations-SSL_CTX-ctx-const-char-CAfile-const-char-CApath">int <b>SSL_CTX_load_verify_locations</b>(SSL_CTX *ctx, const char *CAfile, const char *CApath);</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CTX-SSL_CTX_new-const-SSL_METHOD-meth">SSL_CTX *<b>SSL_CTX_new</b>(const SSL_METHOD *meth);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_up_ref-SSL_CTX-ctx">int SSL_CTX_up_ref(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_remove_session-SSL_CTX-ctx-SSL_SESSION-c">int <b>SSL_CTX_remove_session</b>(SSL_CTX *ctx, SSL_SESSION *c);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_accept-SSL_CTX-ctx">int <b>SSL_CTX_sess_accept</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_accept_good-SSL_CTX-ctx">int <b>SSL_CTX_sess_accept_good</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_accept_renegotiate-SSL_CTX-ctx">int <b>SSL_CTX_sess_accept_renegotiate</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_cache_full-SSL_CTX-ctx">int <b>SSL_CTX_sess_cache_full</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_cb_hits-SSL_CTX-ctx">int <b>SSL_CTX_sess_cb_hits</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_connect-SSL_CTX-ctx">int <b>SSL_CTX_sess_connect</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_connect_good-SSL_CTX-ctx">int <b>SSL_CTX_sess_connect_good</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_connect_renegotiate-SSL_CTX-ctx">int <b>SSL_CTX_sess_connect_renegotiate</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_get_cache_size-SSL_CTX-ctx">int <b>SSL_CTX_sess_get_cache_size</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="SSL_SESSION-SSL_CTX_sess_get_get_cb-SSL_CTX-ctx-SSL-ssl-unsigned-char-data-int-len-int-copy">SSL_SESSION *(*<b>SSL_CTX_sess_get_get_cb</b>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_get_new_cb-SSL_CTX-ctx-SSL-ssl-SSL_SESSION-sess">int (*<b>SSL_CTX_sess_get_new_cb</b>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_sess_get_remove_cb-SSL_CTX-ctx-SSL_CTX-ctx-SSL_SESSION-sess">void (*<b>SSL_CTX_sess_get_remove_cb</b>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_hits-SSL_CTX-ctx">int <b>SSL_CTX_sess_hits</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_misses-SSL_CTX-ctx">int <b>SSL_CTX_sess_misses</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_number-SSL_CTX-ctx">int <b>SSL_CTX_sess_number</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_sess_set_cache_size-SSL_CTX-ctx-t">void <b>SSL_CTX_sess_set_cache_size</b>(SSL_CTX *ctx, t);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_sess_set_get_cb-SSL_CTX-ctx-SSL_SESSION-cb-SSL-ssl-unsigned-char-data-int-len-int-copy">void <b>SSL_CTX_sess_set_get_cb</b>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_sess_set_new_cb-SSL_CTX-ctx-int-cb-SSL-ssl-SSL_SESSION-sess">void <b>SSL_CTX_sess_set_new_cb</b>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_sess_set_remove_cb-SSL_CTX-ctx-void-cb-SSL_CTX-ctx-SSL_SESSION-sess">void <b>SSL_CTX_sess_set_remove_cb</b>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_sess_timeouts-SSL_CTX-ctx">int <b>SSL_CTX_sess_timeouts</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="LHASH-SSL_CTX_sessions-SSL_CTX-ctx">LHASH *<b>SSL_CTX_sessions</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_set_app_data-SSL_CTX-ctx-void-arg">int <b>SSL_CTX_set_app_data</b>(SSL_CTX *ctx, void *arg);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_cert_store-SSL_CTX-ctx-X509_STORE-cs">void <b>SSL_CTX_set_cert_store</b>(SSL_CTX *ctx, X509_STORE *cs);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set1_cert_store-SSL_CTX-ctx-X509_STORE-cs">void <b>SSL_CTX_set1_cert_store</b>(SSL_CTX *ctx, X509_STORE *cs);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_cert_verify_cb-SSL_CTX-ctx-int-cb-char-arg">void <b>SSL_CTX_set_cert_verify_cb</b>(SSL_CTX *ctx, int (*cb)(), char *arg)</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_set_cipher_list-SSL_CTX-ctx-char-str">int <b>SSL_CTX_set_cipher_list</b>(SSL_CTX *ctx, char *str);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_client_CA_list-SSL_CTX-ctx-STACK-list">void <b>SSL_CTX_set_client_CA_list</b>(SSL_CTX *ctx, STACK *list);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_client_cert_cb-SSL_CTX-ctx-int-cb-SSL-ssl-X509-x509-EVP_PKEY-pkey">void <b>SSL_CTX_set_client_cert_cb</b>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_set_ct_validation_callback-SSL_CTX-ctx-ssl_ct_validation_cb-callback-void-arg">int <b>SSL_CTX_set_ct_validation_callback</b>(SSL_CTX *ctx, ssl_ct_validation_cb callback, void *arg);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_default_passwd_cb-SSL_CTX-ctx-int-cb-void">void <b>SSL_CTX_set_default_passwd_cb</b>(SSL_CTX *ctx, int (*cb);(void))</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_default_read_ahead-SSL_CTX-ctx-int-m">void <b>SSL_CTX_set_default_read_ahead</b>(SSL_CTX *ctx, int m);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_set_default_verify_paths-SSL_CTX-ctx">int <b>SSL_CTX_set_default_verify_paths</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+<p>Use the default paths to locate trusted CA certificates. There is one default directory path and one default file path. Both are set via this call.</p>
+
+</dd>
+<dt id="int-SSL_CTX_set_default_verify_dir-SSL_CTX-ctx">int <b>SSL_CTX_set_default_verify_dir</b>(SSL_CTX *ctx)</dt>
+<dd>
+
+<p>Use the default directory path to locate trusted CA certificates.</p>
+
+</dd>
+<dt id="int-SSL_CTX_set_default_verify_file-SSL_CTX-ctx">int <b>SSL_CTX_set_default_verify_file</b>(SSL_CTX *ctx)</dt>
+<dd>
+
+<p>Use the file path to locate trusted CA certificates.</p>
+
+</dd>
+<dt id="int-SSL_CTX_set_ex_data-SSL_CTX-s-int-idx-char-arg">int <b>SSL_CTX_set_ex_data</b>(SSL_CTX *s, int idx, char *arg);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_info_callback-SSL_CTX-ctx-void-cb-SSL-ssl-int-cb-int-ret">void <b>SSL_CTX_set_info_callback</b>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_msg_callback-SSL_CTX-ctx-void-cb-int-write_p-int-version-int-content_type-const-void-buf-size_t-len-SSL-ssl-void-arg">void <b>SSL_CTX_set_msg_callback</b>(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_msg_callback_arg-SSL_CTX-ctx-void-arg">void <b>SSL_CTX_set_msg_callback_arg</b>(SSL_CTX *ctx, void *arg);</dt>
+<dd>
+
+</dd>
+<dt id="unsigned-long-SSL_CTX_clear_options-SSL_CTX-ctx-unsigned-long-op">unsigned long <b>SSL_CTX_clear_options</b>(SSL_CTX *ctx, unsigned long op);</dt>
+<dd>
+
+</dd>
+<dt id="unsigned-long-SSL_CTX_get_options-SSL_CTX-ctx">unsigned long <b>SSL_CTX_get_options</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="unsigned-long-SSL_CTX_set_options-SSL_CTX-ctx-unsigned-long-op">unsigned long <b>SSL_CTX_set_options</b>(SSL_CTX *ctx, unsigned long op);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_quiet_shutdown-SSL_CTX-ctx-int-mode">void <b>SSL_CTX_set_quiet_shutdown</b>(SSL_CTX *ctx, int mode);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_read_ahead-SSL_CTX-ctx-int-m">void <b>SSL_CTX_set_read_ahead</b>(SSL_CTX *ctx, int m);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_session_cache_mode-SSL_CTX-ctx-int-mode">void <b>SSL_CTX_set_session_cache_mode</b>(SSL_CTX *ctx, int mode);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_set_ssl_version-SSL_CTX-ctx-const-SSL_METHOD-meth">int <b>SSL_CTX_set_ssl_version</b>(SSL_CTX *ctx, const SSL_METHOD *meth);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_timeout-SSL_CTX-ctx-long-t">void <b>SSL_CTX_set_timeout</b>(SSL_CTX *ctx, long t);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_CTX_set_tmp_dh-SSL_CTX-ctx-DH-dh">long <b>SSL_CTX_set_tmp_dh</b>(SSL_CTX* ctx, DH *dh);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_CTX_set_tmp_dh_callback-SSL_CTX-ctx-DH-cb-void">long <b>SSL_CTX_set_tmp_dh_callback</b>(SSL_CTX *ctx, DH *(*cb)(void));</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_verify-SSL_CTX-ctx-int-mode-int-cb-void">void <b>SSL_CTX_set_verify</b>(SSL_CTX *ctx, int mode, int (*cb);(void))</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_PrivateKey-SSL_CTX-ctx-EVP_PKEY-pkey">int <b>SSL_CTX_use_PrivateKey</b>(SSL_CTX *ctx, EVP_PKEY *pkey);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_PrivateKey_ASN1-int-type-SSL_CTX-ctx-unsigned-char-d-long-len">int <b>SSL_CTX_use_PrivateKey_ASN1</b>(int type, SSL_CTX *ctx, unsigned char *d, long len);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_PrivateKey_file-SSL_CTX-ctx-const-char-file-int-type">int <b>SSL_CTX_use_PrivateKey_file</b>(SSL_CTX *ctx, const char *file, int type);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_RSAPrivateKey-SSL_CTX-ctx-RSA-rsa">int <b>SSL_CTX_use_RSAPrivateKey</b>(SSL_CTX *ctx, RSA *rsa);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_RSAPrivateKey_ASN1-SSL_CTX-ctx-unsigned-char-d-long-len">int <b>SSL_CTX_use_RSAPrivateKey_ASN1</b>(SSL_CTX *ctx, unsigned char *d, long len);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_RSAPrivateKey_file-SSL_CTX-ctx-const-char-file-int-type">int <b>SSL_CTX_use_RSAPrivateKey_file</b>(SSL_CTX *ctx, const char *file, int type);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_certificate-SSL_CTX-ctx-X509-x">int <b>SSL_CTX_use_certificate</b>(SSL_CTX *ctx, X509 *x);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_certificate_ASN1-SSL_CTX-ctx-int-len-unsigned-char-d">int <b>SSL_CTX_use_certificate_ASN1</b>(SSL_CTX *ctx, int len, unsigned char *d);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_certificate_file-SSL_CTX-ctx-const-char-file-int-type">int <b>SSL_CTX_use_certificate_file</b>(SSL_CTX *ctx, const char *file, int type);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_cert_and_key-SSL_CTX-ctx-X509-x-EVP_PKEY-pkey-STACK_OF-X509-chain-int-override">int <b>SSL_CTX_use_cert_and_key</b>(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</dt>
+<dd>
+
+</dd>
+<dt id="X509-SSL_CTX_get0_certificate-const-SSL_CTX-ctx">X509 *<b>SSL_CTX_get0_certificate</b>(const SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="EVP_PKEY-SSL_CTX_get0_privatekey-const-SSL_CTX-ctx">EVP_PKEY *<b>SSL_CTX_get0_privatekey</b>(const SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_psk_client_callback-SSL_CTX-ctx-unsigned-int-callback-SSL-ssl-const-char-hint-char-identity-unsigned-int-max_identity_len-unsigned-char-psk-unsigned-int-max_psk_len">void <b>SSL_CTX_set_psk_client_callback</b>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_CTX_use_psk_identity_hint-SSL_CTX-ctx-const-char-hint">int <b>SSL_CTX_use_psk_identity_hint</b>(SSL_CTX *ctx, const char *hint);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_CTX_set_psk_server_callback-SSL_CTX-ctx-unsigned-int-callback-SSL-ssl-const-char-identity-unsigned-char-psk-int-max_psk_len">void <b>SSL_CTX_set_psk_server_callback</b>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h2 id="Dealing-with-Sessions">Dealing with Sessions</h2>
+
+<p>Here we document the various API functions which deal with the SSL/TLS sessions defined in the <b>SSL_SESSION</b> structures.</p>
+
+<dl>
+
+<dt id="int-SSL_SESSION_cmp-const-SSL_SESSION-a-const-SSL_SESSION-b">int <b>SSL_SESSION_cmp</b>(const SSL_SESSION *a, const SSL_SESSION *b);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_SESSION_free-SSL_SESSION-ss">void <b>SSL_SESSION_free</b>(SSL_SESSION *ss);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_SESSION_get_app_data-SSL_SESSION-s">char *<b>SSL_SESSION_get_app_data</b>(SSL_SESSION *s);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_SESSION_get_ex_data-const-SSL_SESSION-s-int-idx">char *<b>SSL_SESSION_get_ex_data</b>(const SSL_SESSION *s, int idx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_SESSION_get_ex_new_index-long-argl-char-argp-int-new_func-void-int-dup_func-void-void-free_func-void">int <b>SSL_SESSION_get_ex_new_index</b>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_SESSION_get_time-const-SSL_SESSION-s">long <b>SSL_SESSION_get_time</b>(const SSL_SESSION *s);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_SESSION_get_timeout-const-SSL_SESSION-s">long <b>SSL_SESSION_get_timeout</b>(const SSL_SESSION *s);</dt>
+<dd>
+
+</dd>
+<dt id="unsigned-long-SSL_SESSION_hash-const-SSL_SESSION-a">unsigned long <b>SSL_SESSION_hash</b>(const SSL_SESSION *a);</dt>
+<dd>
+
+</dd>
+<dt id="SSL_SESSION-SSL_SESSION_new-void">SSL_SESSION *<b>SSL_SESSION_new</b>(void);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_SESSION_print-BIO-bp-const-SSL_SESSION-x">int <b>SSL_SESSION_print</b>(BIO *bp, const SSL_SESSION *x);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_SESSION_print_fp-FILE-fp-const-SSL_SESSION-x">int <b>SSL_SESSION_print_fp</b>(FILE *fp, const SSL_SESSION *x);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_SESSION_set_app_data-SSL_SESSION-s-char-a">int <b>SSL_SESSION_set_app_data</b>(SSL_SESSION *s, char *a);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_SESSION_set_ex_data-SSL_SESSION-s-int-idx-char-arg">int <b>SSL_SESSION_set_ex_data</b>(SSL_SESSION *s, int idx, char *arg);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_SESSION_set_time-SSL_SESSION-s-long-t">long <b>SSL_SESSION_set_time</b>(SSL_SESSION *s, long t);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_SESSION_set_timeout-SSL_SESSION-s-long-t">long <b>SSL_SESSION_set_timeout</b>(SSL_SESSION *s, long t);</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h2 id="Dealing-with-Connections">Dealing with Connections</h2>
+
+<p>Here we document the various API functions which deal with the SSL/TLS connection defined in the <b>SSL</b> structure.</p>
+
+<dl>
+
+<dt id="int-SSL_accept-SSL-ssl">int <b>SSL_accept</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_add_dir_cert_subjects_to_stack-STACK-stack-const-char-dir">int <b>SSL_add_dir_cert_subjects_to_stack</b>(STACK *stack, const char *dir);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_add_file_cert_subjects_to_stack-STACK-stack-const-char-file">int <b>SSL_add_file_cert_subjects_to_stack</b>(STACK *stack, const char *file);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_add_client_CA-SSL-ssl-X509-x">int <b>SSL_add_client_CA</b>(SSL *ssl, X509 *x);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_alert_desc_string-int-value">char *<b>SSL_alert_desc_string</b>(int value);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_alert_desc_string_long-int-value">char *<b>SSL_alert_desc_string_long</b>(int value);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_alert_type_string-int-value">char *<b>SSL_alert_type_string</b>(int value);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_alert_type_string_long-int-value">char *<b>SSL_alert_type_string_long</b>(int value);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_check_private_key-const-SSL-ssl">int <b>SSL_check_private_key</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_clear-SSL-ssl">void <b>SSL_clear</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_clear_num_renegotiations-SSL-ssl">long <b>SSL_clear_num_renegotiations</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_connect-SSL-ssl">int <b>SSL_connect</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_copy_session_id-SSL-t-const-SSL-f">int <b>SSL_copy_session_id</b>(SSL *t, const SSL *f);</dt>
+<dd>
+
+<p>Sets the session details for <b>t</b> to be the same as in <b>f</b>. Returns 1 on success or 0 on failure.</p>
+
+</dd>
+<dt id="long-SSL_ctrl-SSL-ssl-int-cmd-long-larg-char-parg">long <b>SSL_ctrl</b>(SSL *ssl, int cmd, long larg, char *parg);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_do_handshake-SSL-ssl">int <b>SSL_do_handshake</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="SSL-SSL_dup-SSL-ssl">SSL *<b>SSL_dup</b>(SSL *ssl);</dt>
+<dd>
+
+<p>SSL_dup() allows applications to configure an SSL handle for use in multiple SSL connections, and then duplicate it prior to initiating each connection with the duplicated handle. Use of SSL_dup() avoids the need to repeat the configuration of the handles for each connection.</p>
+
+<p>For SSL_dup() to work, the connection MUST be in its initial state and MUST NOT have not yet have started the SSL handshake. For connections that are not in their initial state SSL_dup() just increments an internal reference count and returns the <i>same</i> handle. It may be possible to use <a href="../man3/SSL_clear.html">SSL_clear(3)</a> to recycle an SSL handle that is not in its initial state for re-use, but this is best avoided. Instead, save and restore the session, if desired, and construct a fresh handle for each connection.</p>
+
+</dd>
+<dt id="STACK-SSL_dup_CA_list-STACK-sk">STACK *<b>SSL_dup_CA_list</b>(STACK *sk);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_free-SSL-ssl">void <b>SSL_free</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CTX-SSL_get_SSL_CTX-const-SSL-ssl">SSL_CTX *<b>SSL_get_SSL_CTX</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_get_app_data-SSL-ssl">char *<b>SSL_get_app_data</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="X509-SSL_get_certificate-const-SSL-ssl">X509 *<b>SSL_get_certificate</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="const-char-SSL_get_cipher-const-SSL-ssl">const char *<b>SSL_get_cipher</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_is_dtls-const-SSL-ssl">int <b>SSL_is_dtls</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_cipher_bits-const-SSL-ssl-int-alg_bits">int <b>SSL_get_cipher_bits</b>(const SSL *ssl, int *alg_bits);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_get_cipher_list-const-SSL-ssl-int-n">char *<b>SSL_get_cipher_list</b>(const SSL *ssl, int n);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_get_cipher_name-const-SSL-ssl">char *<b>SSL_get_cipher_name</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_get_cipher_version-const-SSL-ssl">char *<b>SSL_get_cipher_version</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="STACK-SSL_get_ciphers-const-SSL-ssl">STACK *<b>SSL_get_ciphers</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="STACK-SSL_get_client_CA_list-const-SSL-ssl">STACK *<b>SSL_get_client_CA_list</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="SSL_CIPHER-SSL_get_current_cipher-SSL-ssl">SSL_CIPHER *<b>SSL_get_current_cipher</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_get_default_timeout-const-SSL-ssl">long <b>SSL_get_default_timeout</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_error-const-SSL-ssl-int-i">int <b>SSL_get_error</b>(const SSL *ssl, int i);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_get_ex_data-const-SSL-ssl-int-idx">char *<b>SSL_get_ex_data</b>(const SSL *ssl, int idx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_ex_data_X509_STORE_CTX_idx-void">int <b>SSL_get_ex_data_X509_STORE_CTX_idx</b>(void);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_ex_new_index-long-argl-char-argp-int-new_func-void-int-dup_func-void-void-free_func-void">int <b>SSL_get_ex_new_index</b>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_fd-const-SSL-ssl">int <b>SSL_get_fd</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_get_info_callback-const-SSL-ssl">void (*<b>SSL_get_info_callback</b>(const SSL *ssl);)()</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_key_update_type-SSL-s">int <b>SSL_get_key_update_type</b>(SSL *s);</dt>
+<dd>
+
+</dd>
+<dt id="STACK-SSL_get_peer_cert_chain-const-SSL-ssl">STACK *<b>SSL_get_peer_cert_chain</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="X509-SSL_get_peer_certificate-const-SSL-ssl">X509 *<b>SSL_get_peer_certificate</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="const-STACK_OF-SCT-SSL_get0_peer_scts-SSL-s">const STACK_OF(SCT) *<b>SSL_get0_peer_scts</b>(SSL *s);</dt>
+<dd>
+
+</dd>
+<dt id="EVP_PKEY-SSL_get_privatekey-const-SSL-ssl">EVP_PKEY *<b>SSL_get_privatekey</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_quiet_shutdown-const-SSL-ssl">int <b>SSL_get_quiet_shutdown</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="BIO-SSL_get_rbio-const-SSL-ssl">BIO *<b>SSL_get_rbio</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_read_ahead-const-SSL-ssl">int <b>SSL_get_read_ahead</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="SSL_SESSION-SSL_get_session-const-SSL-ssl">SSL_SESSION *<b>SSL_get_session</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_get_shared_ciphers-const-SSL-ssl-char-buf-int-size">char *<b>SSL_get_shared_ciphers</b>(const SSL *ssl, char *buf, int size);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_shutdown-const-SSL-ssl">int <b>SSL_get_shutdown</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="const-SSL_METHOD-SSL_get_ssl_method-SSL-ssl">const SSL_METHOD *<b>SSL_get_ssl_method</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_state-const-SSL-ssl">int <b>SSL_get_state</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_get_time-const-SSL-ssl">long <b>SSL_get_time</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_get_timeout-const-SSL-ssl">long <b>SSL_get_timeout</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_verify_callback-const-SSL-ssl-int-X509_STORE_CTX">int (*<b>SSL_get_verify_callback</b>(const SSL *ssl))(int, X509_STORE_CTX *)</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_get_verify_mode-const-SSL-ssl">int <b>SSL_get_verify_mode</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_get_verify_result-const-SSL-ssl">long <b>SSL_get_verify_result</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_get_version-const-SSL-ssl">char *<b>SSL_get_version</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="BIO-SSL_get_wbio-const-SSL-ssl">BIO *<b>SSL_get_wbio</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_in_accept_init-SSL-ssl">int <b>SSL_in_accept_init</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_in_before-SSL-ssl">int <b>SSL_in_before</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_in_connect_init-SSL-ssl">int <b>SSL_in_connect_init</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_in_init-SSL-ssl">int <b>SSL_in_init</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_is_init_finished-SSL-ssl">int <b>SSL_is_init_finished</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_key_update-SSL-s-int-updatetype">int <b>SSL_key_update</b>(SSL *s, int updatetype);</dt>
+<dd>
+
+</dd>
+<dt id="STACK-SSL_load_client_CA_file-const-char-file">STACK *<b>SSL_load_client_CA_file</b>(const char *file);</dt>
+<dd>
+
+</dd>
+<dt id="SSL-SSL_new-SSL_CTX-ctx">SSL *<b>SSL_new</b>(SSL_CTX *ctx);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_up_ref-SSL-s">int SSL_up_ref(SSL *s);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_num_renegotiations-SSL-ssl">long <b>SSL_num_renegotiations</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_peek-SSL-ssl-void-buf-int-num">int <b>SSL_peek</b>(SSL *ssl, void *buf, int num);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_pending-const-SSL-ssl">int <b>SSL_pending</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_read-SSL-ssl-void-buf-int-num">int <b>SSL_read</b>(SSL *ssl, void *buf, int num);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_renegotiate-SSL-ssl">int <b>SSL_renegotiate</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_rstate_string-SSL-ssl">char *<b>SSL_rstate_string</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_rstate_string_long-SSL-ssl">char *<b>SSL_rstate_string_long</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_session_reused-SSL-ssl">long <b>SSL_session_reused</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_accept_state-SSL-ssl">void <b>SSL_set_accept_state</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_app_data-SSL-ssl-char-arg">void <b>SSL_set_app_data</b>(SSL *ssl, char *arg);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_bio-SSL-ssl-BIO-rbio-BIO-wbio">void <b>SSL_set_bio</b>(SSL *ssl, BIO *rbio, BIO *wbio);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_set_cipher_list-SSL-ssl-char-str">int <b>SSL_set_cipher_list</b>(SSL *ssl, char *str);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_client_CA_list-SSL-ssl-STACK-list">void <b>SSL_set_client_CA_list</b>(SSL *ssl, STACK *list);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_connect_state-SSL-ssl">void <b>SSL_set_connect_state</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_set_ct_validation_callback-SSL-ssl-ssl_ct_validation_cb-callback-void-arg">int <b>SSL_set_ct_validation_callback</b>(SSL *ssl, ssl_ct_validation_cb callback, void *arg);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_set_ex_data-SSL-ssl-int-idx-char-arg">int <b>SSL_set_ex_data</b>(SSL *ssl, int idx, char *arg);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_set_fd-SSL-ssl-int-fd">int <b>SSL_set_fd</b>(SSL *ssl, int fd);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_info_callback-SSL-ssl-void-cb-void">void <b>SSL_set_info_callback</b>(SSL *ssl, void (*cb);(void))</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_msg_callback-SSL-ctx-void-cb-int-write_p-int-version-int-content_type-const-void-buf-size_t-len-SSL-ssl-void-arg">void <b>SSL_set_msg_callback</b>(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_msg_callback_arg-SSL-ctx-void-arg">void <b>SSL_set_msg_callback_arg</b>(SSL *ctx, void *arg);</dt>
+<dd>
+
+</dd>
+<dt id="unsigned-long-SSL_clear_options-SSL-ssl-unsigned-long-op">unsigned long <b>SSL_clear_options</b>(SSL *ssl, unsigned long op);</dt>
+<dd>
+
+</dd>
+<dt id="unsigned-long-SSL_get_options-SSL-ssl">unsigned long <b>SSL_get_options</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="unsigned-long-SSL_set_options-SSL-ssl-unsigned-long-op">unsigned long <b>SSL_set_options</b>(SSL *ssl, unsigned long op);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_quiet_shutdown-SSL-ssl-int-mode">void <b>SSL_set_quiet_shutdown</b>(SSL *ssl, int mode);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_read_ahead-SSL-ssl-int-yes">void <b>SSL_set_read_ahead</b>(SSL *ssl, int yes);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_set_rfd-SSL-ssl-int-fd">int <b>SSL_set_rfd</b>(SSL *ssl, int fd);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_set_session-SSL-ssl-SSL_SESSION-session">int <b>SSL_set_session</b>(SSL *ssl, SSL_SESSION *session);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_shutdown-SSL-ssl-int-mode">void <b>SSL_set_shutdown</b>(SSL *ssl, int mode);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_set_ssl_method-SSL-ssl-const-SSL_METHOD-meth">int <b>SSL_set_ssl_method</b>(SSL *ssl, const SSL_METHOD *meth);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_time-SSL-ssl-long-t">void <b>SSL_set_time</b>(SSL *ssl, long t);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_timeout-SSL-ssl-long-t">void <b>SSL_set_timeout</b>(SSL *ssl, long t);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_verify-SSL-ssl-int-mode-int-callback-void">void <b>SSL_set_verify</b>(SSL *ssl, int mode, int (*callback);(void))</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_verify_result-SSL-ssl-long-arg">void <b>SSL_set_verify_result</b>(SSL *ssl, long arg);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_set_wfd-SSL-ssl-int-fd">int <b>SSL_set_wfd</b>(SSL *ssl, int fd);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_shutdown-SSL-ssl">int <b>SSL_shutdown</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="OSSL_HANDSHAKE_STATE-SSL_get_state-const-SSL-ssl">OSSL_HANDSHAKE_STATE <b>SSL_get_state</b>(const SSL *ssl);</dt>
+<dd>
+
+<p>Returns the current handshake state.</p>
+
+</dd>
+<dt id="char-SSL_state_string-const-SSL-ssl">char *<b>SSL_state_string</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="char-SSL_state_string_long-const-SSL-ssl">char *<b>SSL_state_string_long</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="long-SSL_total_renegotiations-SSL-ssl">long <b>SSL_total_renegotiations</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_PrivateKey-SSL-ssl-EVP_PKEY-pkey">int <b>SSL_use_PrivateKey</b>(SSL *ssl, EVP_PKEY *pkey);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_PrivateKey_ASN1-int-type-SSL-ssl-unsigned-char-d-long-len">int <b>SSL_use_PrivateKey_ASN1</b>(int type, SSL *ssl, unsigned char *d, long len);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_PrivateKey_file-SSL-ssl-const-char-file-int-type">int <b>SSL_use_PrivateKey_file</b>(SSL *ssl, const char *file, int type);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_RSAPrivateKey-SSL-ssl-RSA-rsa">int <b>SSL_use_RSAPrivateKey</b>(SSL *ssl, RSA *rsa);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_RSAPrivateKey_ASN1-SSL-ssl-unsigned-char-d-long-len">int <b>SSL_use_RSAPrivateKey_ASN1</b>(SSL *ssl, unsigned char *d, long len);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_RSAPrivateKey_file-SSL-ssl-const-char-file-int-type">int <b>SSL_use_RSAPrivateKey_file</b>(SSL *ssl, const char *file, int type);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_certificate-SSL-ssl-X509-x">int <b>SSL_use_certificate</b>(SSL *ssl, X509 *x);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_certificate_ASN1-SSL-ssl-int-len-unsigned-char-d">int <b>SSL_use_certificate_ASN1</b>(SSL *ssl, int len, unsigned char *d);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_certificate_file-SSL-ssl-const-char-file-int-type">int <b>SSL_use_certificate_file</b>(SSL *ssl, const char *file, int type);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_cert_and_key-SSL-ssl-X509-x-EVP_PKEY-pkey-STACK_OF-X509-chain-int-override">int <b>SSL_use_cert_and_key</b>(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_version-const-SSL-ssl">int <b>SSL_version</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_want-const-SSL-ssl">int <b>SSL_want</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_want_nothing-const-SSL-ssl">int <b>SSL_want_nothing</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_want_read-const-SSL-ssl">int <b>SSL_want_read</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_want_write-const-SSL-ssl">int <b>SSL_want_write</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_want_x509_lookup-const-SSL-ssl">int <b>SSL_want_x509_lookup</b>(const SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_write-SSL-ssl-const-void-buf-int-num">int <b>SSL_write</b>(SSL *ssl, const void *buf, int num);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_psk_client_callback-SSL-ssl-unsigned-int-callback-SSL-ssl-const-char-hint-char-identity-unsigned-int-max_identity_len-unsigned-char-psk-unsigned-int-max_psk_len">void <b>SSL_set_psk_client_callback</b>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));</dt>
+<dd>
+
+</dd>
+<dt id="int-SSL_use_psk_identity_hint-SSL-ssl-const-char-hint">int <b>SSL_use_psk_identity_hint</b>(SSL *ssl, const char *hint);</dt>
+<dd>
+
+</dd>
+<dt id="void-SSL_set_psk_server_callback-SSL-ssl-unsigned-int-callback-SSL-ssl-const-char-identity-unsigned-char-psk-int-max_psk_len">void <b>SSL_set_psk_server_callback</b>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));</dt>
+<dd>
+
+</dd>
+<dt id="const-char-SSL_get_psk_identity_hint-SSL-ssl">const char *<b>SSL_get_psk_identity_hint</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+<dt id="const-char-SSL_get_psk_identity-SSL-ssl">const char *<b>SSL_get_psk_identity</b>(SSL *ssl);</dt>
+<dd>
+
+</dd>
+</dl>
+
+<h1 id="RETURN-VALUES">RETURN VALUES</h1>
+
+<p>See the individual manual pages for details.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man1/openssl.html">openssl(1)</a>, <a href="../man7/crypto.html">crypto(7)</a>, <a href="../man3/CRYPTO_get_ex_new_index.html">CRYPTO_get_ex_new_index(3)</a>, <a href="../man3/SSL_accept.html">SSL_accept(3)</a>, <a href="../man3/SSL_clear.html">SSL_clear(3)</a>, <a href="../man3/SSL_connect.html">SSL_connect(3)</a>, <a href="../man3/SSL_CIPHER_get_name.html">SSL_CIPHER_get_name(3)</a>, <a href="../man3/SSL_COMP_add_compression_method.html">SSL_COMP_add_compression_method(3)</a>, <a href="../man3/SSL_CTX_add_extra_chain_cert.html">SSL_CTX_add_extra_chain_cert(3)</a>, <a href="../man3/SSL_CTX_add_session.html">SSL_CTX_add_session(3)</a>, <a href="../man3/SSL_CTX_ctrl.html">SSL_CTX_ctrl(3)</a>, <a href="../man3/SSL_CTX_flush_sessions.html">SSL_CTX_flush_sessions(3)</a>, <a href="../man3/SSL_CTX_get_verify_mode.html">SSL_CTX_get_verify_mode(3)</a>, <a href="../man3/SSL_CTX_load_verify_locations.html">SSL_CTX_load_verify_locations(3)</a> <a href="../man3/SSL_CTX_new.html">SSL_CTX_new(3)</a>, <a href="../man3/SSL_CTX_sess_number.html">SSL_CTX_sess_number(3)</a>, <a href="../man3/SSL_CTX_sess_set_cache_size.html">SSL_CTX_sess_set_cache_size(3)</a>, <a href="../man3/SSL_CTX_sess_set_get_cb.html">SSL_CTX_sess_set_get_cb(3)</a>, <a href="../man3/SSL_CTX_sessions.html">SSL_CTX_sessions(3)</a>, <a href="../man3/SSL_CTX_set_cert_store.html">SSL_CTX_set_cert_store(3)</a>, <a href="../man3/SSL_CTX_set_cert_verify_callback.html">SSL_CTX_set_cert_verify_callback(3)</a>, <a href="../man3/SSL_CTX_set_cipher_list.html">SSL_CTX_set_cipher_list(3)</a>, <a href="../man3/SSL_CTX_set_client_CA_list.html">SSL_CTX_set_client_CA_list(3)</a>, <a href="../man3/SSL_CTX_set_client_cert_cb.html">SSL_CTX_set_client_cert_cb(3)</a>, <a href="../man3/SSL_CTX_set_default_passwd_cb.html">SSL_CTX_set_default_passwd_cb(3)</a>, <a href="../man3/SSL_CTX_set_generate_session_id.html">SSL_CTX_set_generate_session_id(3)</a>, <a href="../man3/SSL_CTX_set_info_callback.html">SSL_CTX_set_info_callback(3)</a>, <a href="../man3/SSL_CTX_set_max_cert_list.html">SSL_CTX_set_max_cert_list(3)</a>, <a href="../man3/SSL_CTX_set_mode.html">SSL_CTX_set_mode(3)</a>, <a href="../man3/SSL_CTX_set_msg_callback.html">SSL_CTX_set_msg_callback(3)</a>, <a href="../man3/SSL_CTX_set_options.html">SSL_CTX_set_options(3)</a>, <a href="../man3/SSL_CTX_set_quiet_shutdown.html">SSL_CTX_set_quiet_shutdown(3)</a>, <a href="../man3/SSL_CTX_set_read_ahead.html">SSL_CTX_set_read_ahead(3)</a>, <a href="../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level(3)</a>, <a href="../man3/SSL_CTX_set_session_cache_mode.html">SSL_CTX_set_session_cache_mode(3)</a>, <a href="../man3/SSL_CTX_set_session_id_context.html">SSL_CTX_set_session_id_context(3)</a>, <a href="../man3/SSL_CTX_set_ssl_version.html">SSL_CTX_set_ssl_version(3)</a>, <a href="../man3/SSL_CTX_set_timeout.html">SSL_CTX_set_timeout(3)</a>, <a href="../man3/SSL_CTX_set_tmp_dh_callback.html">SSL_CTX_set_tmp_dh_callback(3)</a>, <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a>, <a href="../man3/SSL_CTX_use_certificate.html">SSL_CTX_use_certificate(3)</a>, <a href="../man3/SSL_alert_type_string.html">SSL_alert_type_string(3)</a>, <a href="../man3/SSL_do_handshake.html">SSL_do_handshake(3)</a>, <a href="../man3/SSL_enable_ct.html">SSL_enable_ct(3)</a>, <a href="../man3/SSL_get_SSL_CTX.html">SSL_get_SSL_CTX(3)</a>, <a href="../man3/SSL_get_ciphers.html">SSL_get_ciphers(3)</a>, <a href="../man3/SSL_get_client_CA_list.html">SSL_get_client_CA_list(3)</a>, <a href="../man3/SSL_get_default_timeout.html">SSL_get_default_timeout(3)</a>, <a href="../man3/SSL_get_error.html">SSL_get_error(3)</a>, <a href="../man3/SSL_get_ex_data_X509_STORE_CTX_idx.html">SSL_get_ex_data_X509_STORE_CTX_idx(3)</a>, <a href="../man3/SSL_get_fd.html">SSL_get_fd(3)</a>, <a href="../man3/SSL_get_peer_cert_chain.html">SSL_get_peer_cert_chain(3)</a>, <a href="../man3/SSL_get_rbio.html">SSL_get_rbio(3)</a>, <a href="../man3/SSL_get_session.html">SSL_get_session(3)</a>, <a href="../man3/SSL_get_verify_result.html">SSL_get_verify_result(3)</a>, <a href="../man3/SSL_get_version.html">SSL_get_version(3)</a>, <a href="../man3/SSL_load_client_CA_file.html">SSL_load_client_CA_file(3)</a>, <a href="../man3/SSL_new.html">SSL_new(3)</a>, <a href="../man3/SSL_pending.html">SSL_pending(3)</a>, <a href="../man3/SSL_read_ex.html">SSL_read_ex(3)</a>, <a href="../man3/SSL_read.html">SSL_read(3)</a>, <a href="../man3/SSL_rstate_string.html">SSL_rstate_string(3)</a>, <a href="../man3/SSL_session_reused.html">SSL_session_reused(3)</a>, <a href="../man3/SSL_set_bio.html">SSL_set_bio(3)</a>, <a href="../man3/SSL_set_connect_state.html">SSL_set_connect_state(3)</a>, <a href="../man3/SSL_set_fd.html">SSL_set_fd(3)</a>, <a href="../man3/SSL_set_session.html">SSL_set_session(3)</a>, <a href="../man3/SSL_set_shutdown.html">SSL_set_shutdown(3)</a>, <a href="../man3/SSL_shutdown.html">SSL_shutdown(3)</a>, <a href="../man3/SSL_state_string.html">SSL_state_string(3)</a>, <a href="../man3/SSL_want.html">SSL_want(3)</a>, <a href="../man3/SSL_write_ex.html">SSL_write_ex(3)</a>, <a href="../man3/SSL_write.html">SSL_write(3)</a>, <a href="../man3/SSL_SESSION_free.html">SSL_SESSION_free(3)</a>, <a href="../man3/SSL_SESSION_get_time.html">SSL_SESSION_get_time(3)</a>, <a href="../man3/d2i_SSL_SESSION.html">d2i_SSL_SESSION(3)</a>, <a href="../man3/SSL_CTX_set_psk_client_callback.html">SSL_CTX_set_psk_client_callback(3)</a>, <a href="../man3/SSL_CTX_use_psk_identity_hint.html">SSL_CTX_use_psk_identity_hint(3)</a>, <a href="../man3/SSL_get_psk_identity.html">SSL_get_psk_identity(3)</a>, <a href="../man3/DTLSv1_listen.html">DTLSv1_listen(3)</a></p>
+
+<h1 id="HISTORY">HISTORY</h1>
+
+<p><b>SSLv2_client_method</b>, <b>SSLv2_server_method</b> and <b>SSLv2_method</b> were removed in OpenSSL 1.1.0.</p>
+
+<p>The return type of <b>SSL_copy_session_id</b> was changed from void to int in OpenSSL 1.1.0.</p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/openssl/html/man7/x509.html b/msys2/usr/share/doc/openssl/html/man7/x509.html
new file mode 100644
index 000000000..073261bbe
--- /dev/null
+++ b/msys2/usr/share/doc/openssl/html/man7/x509.html
@@ -0,0 +1,67 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>x509</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:" />
+</head>
+
+<body>
+
+
+
+<ul id="index">
+  <li><a href="#NAME">NAME</a></li>
+  <li><a href="#SYNOPSIS">SYNOPSIS</a></li>
+  <li><a href="#DESCRIPTION">DESCRIPTION</a></li>
+  <li><a href="#SEE-ALSO">SEE ALSO</a></li>
+  <li><a href="#COPYRIGHT">COPYRIGHT</a></li>
+</ul>
+
+<h1 id="NAME">NAME</h1>
+
+<p>x509 - X.509 certificate handling</p>
+
+<h1 id="SYNOPSIS">SYNOPSIS</h1>
+
+<pre><code> #include &lt;openssl/x509.h&gt;</code></pre>
+
+<h1 id="DESCRIPTION">DESCRIPTION</h1>
+
+<p>An X.509 certificate is a structured grouping of information about an individual, a device, or anything one can imagine. A X.509 CRL (certificate revocation list) is a tool to help determine if a certificate is still valid. The exact definition of those can be found in the X.509 document from ITU-T, or in RFC3280 from PKIX. In OpenSSL, the type X509 is used to express such a certificate, and the type X509_CRL is used to express a CRL.</p>
+
+<p>A related structure is a certificate request, defined in PKCS#10 from RSA Security, Inc, also reflected in RFC2896. In OpenSSL, the type X509_REQ is used to express such a certificate request.</p>
+
+<p>To handle some complex parts of a certificate, there are the types X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express a certificate attributes), X509_EXTENSION (to express a certificate extension) and a few more.</p>
+
+<p>Finally, there&#39;s the supertype X509_INFO, which can contain a CRL, a certificate and a corresponding private key.</p>
+
+<p><b>X509_</b><i>XXX</i>, <b>d2i_X509_</b><i>XXX</i>, and <b>i2d_X509_</b><i>XXX</i> functions handle X.509 certificates, with some exceptions, shown below.</p>
+
+<p><b>X509_CRL_</b><i>XXX</i>, <b>d2i_X509_CRL_</b><i>XXX</i>, and <b>i2d_X509_CRL_</b><i>XXX</i> functions handle X.509 CRLs.</p>
+
+<p><b>X509_REQ_</b><i>XXX</i>, <b>d2i_X509_REQ_</b><i>XXX</i>, and <b>i2d_X509_REQ_</b><i>XXX</i> functions handle PKCS#10 certificate requests.</p>
+
+<p><b>X509_NAME_</b><i>XXX</i> functions handle certificate names.</p>
+
+<p><b>X509_ATTRIBUTE_</b><i>XXX</i> functions handle certificate attributes.</p>
+
+<p><b>X509_EXTENSION_</b><i>XXX</i> functions handle certificate extensions.</p>
+
+<h1 id="SEE-ALSO">SEE ALSO</h1>
+
+<p><a href="../man3/X509_NAME_ENTRY_get_object.html">X509_NAME_ENTRY_get_object(3)</a>, <a href="../man3/X509_NAME_add_entry_by_txt.html">X509_NAME_add_entry_by_txt(3)</a>, <a href="../man3/X509_NAME_add_entry_by_NID.html">X509_NAME_add_entry_by_NID(3)</a>, <a href="../man3/X509_NAME_print_ex.html">X509_NAME_print_ex(3)</a>, <a href="../man3/X509_NAME_new.html">X509_NAME_new(3)</a>, <a href="../man3/d2i_X509.html">d2i_X509(3)</a>, <a href="../man3/d2i_X509_ALGOR.html">d2i_X509_ALGOR(3)</a>, <a href="../man3/d2i_X509_CRL.html">d2i_X509_CRL(3)</a>, <a href="../man3/d2i_X509_NAME.html">d2i_X509_NAME(3)</a>, <a href="../man3/d2i_X509_REQ.html">d2i_X509_REQ(3)</a>, <a href="../man3/d2i_X509_SIG.html">d2i_X509_SIG(3)</a>, <a href="../man3/X509v3.html">X509v3(3)</a>, <a href="../man7/crypto.html">crypto(7)</a></p>
+
+<h1 id="COPYRIGHT">COPYRIGHT</h1>
+
+<p>Copyright 2003-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
+
+<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
+
+
+</body>
+
+</html>
+
+
diff --git a/msys2/usr/share/doc/pcre/AUTHORS b/msys2/usr/share/doc/pcre/AUTHORS
index 291657cae..23c005a33 100644
--- a/msys2/usr/share/doc/pcre/AUTHORS
+++ b/msys2/usr/share/doc/pcre/AUTHORS
@@ -8,7 +8,7 @@ Email domain:     cam.ac.uk
 University of Cambridge Computing Service,
 Cambridge, England.
 
-Copyright (c) 1997-2017 University of Cambridge
+Copyright (c) 1997-2019 University of Cambridge
 All rights reserved
 
 
@@ -19,7 +19,7 @@ Written by:       Zoltan Herczeg
 Email local part: hzmester
 Emain domain:     freemail.hu
 
-Copyright(c) 2010-2017 Zoltan Herczeg
+Copyright(c) 2010-2019 Zoltan Herczeg
 All rights reserved.
 
 
@@ -30,7 +30,7 @@ Written by:       Zoltan Herczeg
 Email local part: hzmester
 Emain domain:     freemail.hu
 
-Copyright(c) 2009-2017 Zoltan Herczeg
+Copyright(c) 2009-2019 Zoltan Herczeg
 All rights reserved.
 
 
diff --git a/msys2/usr/share/doc/pcre/ChangeLog b/msys2/usr/share/doc/pcre/ChangeLog
index 01511b132..e4d2d9fa2 100644
--- a/msys2/usr/share/doc/pcre/ChangeLog
+++ b/msys2/usr/share/doc/pcre/ChangeLog
@@ -4,6 +4,149 @@ ChangeLog for PCRE
 Note that the PCRE 8.xx series (PCRE1) is now in a bugfix-only state. All
 development is happening in the PCRE2 10.xx series.
 
+
+Version 8.43 23-February-2019
+-----------------------------
+
+1. Some time ago the config macro SUPPORT_UTF8 was changed to SUPPORT_UTF
+because it also applies to UTF-16 and UTF-32. However, this change was not made
+in the pcre2cpp files; consequently the C++ wrapper has from then been compiled
+with a bug in it, which would have been picked up by the unit test except that
+it also had its UTF8 code cut out. The bug was in a global replace when moving
+forward after matching an empty string.
+
+2. The C++ wrapper got broken a long time ago (version 7.3, August 2007) when
+(*CR) was invented (assuming it was the first such start-of-pattern option).
+The wrapper could never handle such patterns because it wraps patterns in
+(?:...)\z in order to support end anchoring. I have hacked in some code to fix
+this, that is, move the wrapping till after any existing start-of-pattern
+special settings.
+
+3. "pcre2grep" (sic) was accidentally mentioned in an error message (fix was
+ported from PCRE2).
+
+4. Typo LCC_ALL for LC_ALL fixed in pcregrep.
+
+5. In a pattern such as /[^\x{100}-\x{ffff}]*[\x80-\xff]/ which has a repeated
+negative class with no characters less than 0x100 followed by a positive class
+with only characters less than 0x100, the first class was incorrectly being
+auto-possessified, causing incorrect match failures.
+
+6. If the only branch in a conditional subpattern was anchored, the whole
+subpattern was treated as anchored, when it should not have been, since the
+assumed empty second branch cannot be anchored. Demonstrated by test patterns
+such as /(?(1)^())b/ or /(?(?=^))b/.
+
+7. Fix subject buffer overread in JIT when UTF is disabled and \X or \R has
+a greater than 1 fixed quantifier. This issue was found by Yunho Kim.
+
+8. If a pattern started with a subroutine call that had a quantifier with a
+minimum of zero, an incorrect "match must start with this character" could be
+recorded. Example: /(?&xxx)*ABC(?<xxx>XYZ)/ would (incorrectly) expect 'A' to
+be the first character of a match.
+
+9. Improve MAP_JIT flag usage on MacOS. Patch by Rich Siegel.
+
+
+Version 8.42 20-March-2018
+--------------------------
+
+1.  Fixed a MIPS issue in the JIT compiler reported by Joshua Kinard.
+
+2.  Fixed outdated real_pcre definitions in pcre.h.in (patch by Evgeny Kotkov).
+
+3.  pcregrep was truncating components of file names to 128 characters when
+processing files with the -r option, and also (some very odd code) truncating
+path names to 512 characters. There is now a check on the absolute length of
+full path file names, which may be up to 2047 characters long.
+
+4.  Using pcre_dfa_exec(), in UTF mode when UCP support was not defined, there
+was the possibility of a false positive match when caselessly matching a "not
+this character" item such as [^\x{1234}] (with a code point greater than 127)
+because the "other case" variable was not being initialized.
+
+5. Although pcre_jit_exec checks whether the pattern is compiled
+in a given mode, it was also expected that at least one mode is available.
+This is fixed and pcre_jit_exec returns with PCRE_ERROR_JIT_BADOPTION
+when the pattern is not optimized by JIT at all.
+
+6. The line number and related variables such as match counts in pcregrep
+were all int variables, causing overflow when files with more than 2147483647
+lines were processed (assuming 32-bit ints). They have all been changed to
+unsigned long ints.
+
+7. If a backreference with a minimum repeat count of zero was first in a
+pattern, apart from assertions, an incorrect first matching character could be
+recorded. For example, for the pattern /(?=(a))\1?b/, "b" was incorrectly set
+as the first character of a match.
+
+8. Fix out-of-bounds read for partial matching of /./ against an empty string
+when the newline type is CRLF.
+
+9. When matching using the the REG_STARTEND feature of the POSIX API with a
+non-zero starting offset, unset capturing groups with lower numbers than a
+group that did capture something were not being correctly returned as "unset"
+(that is, with offset values of -1).
+
+10. Matching the pattern /(*UTF)\C[^\v]+\x80/ against an 8-bit string
+containing multi-code-unit characters caused bad behaviour and possibly a
+crash. This issue was fixed for other kinds of repeat in release 8.37 by change
+38, but repeating character classes were overlooked.
+
+11. A small fix to pcregrep to avoid compiler warnings for -Wformat-overflow=2.
+
+12. Added --enable-jit=auto support to configure.ac.
+
+13. Fix misleading error message in configure.ac.
+
+
+Version 8.41 05-July-2017
+-------------------------
+
+1.  Fixed typo in CMakeLists.txt (wrong number of arguments for
+PCRE_STATIC_RUNTIME (affects MSVC only).
+
+2.  Issue 1 for 8.40 below was not correctly fixed. If pcregrep in multiline
+mode with --only-matching matched several lines, it restarted scanning at the
+next line instead of moving on to the end of the matched string, which can be
+several lines after the start.
+
+3.  Fix a missing else in the JIT compiler reported by 'idaifish'.
+
+4.  A (?# style comment is now ignored between a basic quantifier and a
+following '+' or '?' (example: /X+(?#comment)?Y/.
+
+5.  Avoid use of a potentially overflowing buffer in pcregrep (patch by Petr
+Pisar).
+
+6.  Fuzzers have reported issues in pcretest. These are NOT serious (it is,
+after all, just a test program). However, to stop the reports, some easy ones
+are fixed:
+
+    (a) Check for values < 256 when calling isprint() in pcretest.
+    (b) Give an error for too big a number after \O.
+
+7.  In the 32-bit library in non-UTF mode, an attempt to find a Unicode
+property for a character with a code point greater than 0x10ffff (the Unicode
+maximum) caused a crash.
+
+8. The alternative matching function, pcre_dfa_exec() misbehaved if it
+encountered a character class with a possessive repeat, for example [a-f]{3}+.
+
+9. When pcretest called pcre_copy_substring() in 32-bit mode, it set the buffer
+length incorrectly, which could result in buffer overflow.
+
+10. Remove redundant line of code (accidentally left in ages ago).
+
+11. Applied C++ patch from Irfan Adilovic to guard 'using std::' directives
+with namespace pcrecpp (Bugzilla #2084).
+
+12. Remove a duplication typo in pcre_tables.c.
+
+13. Fix returned offsets from regexec() when REG_STARTEND is used with a
+starting offset greater than zero.
+
+
 Version 8.40 11-January-2017
 ----------------------------
 
diff --git a/msys2/usr/share/doc/pcre/LICENCE b/msys2/usr/share/doc/pcre/LICENCE
index dd9071a8d..760a6666b 100644
--- a/msys2/usr/share/doc/pcre/LICENCE
+++ b/msys2/usr/share/doc/pcre/LICENCE
@@ -25,7 +25,7 @@ Email domain:     cam.ac.uk
 University of Cambridge Computing Service,
 Cambridge, England.
 
-Copyright (c) 1997-2017 University of Cambridge
+Copyright (c) 1997-2019 University of Cambridge
 All rights reserved.
 
 
@@ -34,9 +34,9 @@ PCRE JUST-IN-TIME COMPILATION SUPPORT
 
 Written by:       Zoltan Herczeg
 Email local part: hzmester
-Emain domain:     freemail.hu
+Email domain:     freemail.hu
 
-Copyright(c) 2010-2017 Zoltan Herczeg
+Copyright(c) 2010-2019 Zoltan Herczeg
 All rights reserved.
 
 
@@ -45,9 +45,9 @@ STACK-LESS JUST-IN-TIME COMPILER
 
 Written by:       Zoltan Herczeg
 Email local part: hzmester
-Emain domain:     freemail.hu
+Email domain:     freemail.hu
 
-Copyright(c) 2009-2017 Zoltan Herczeg
+Copyright(c) 2009-2019 Zoltan Herczeg
 All rights reserved.
 
 
diff --git a/msys2/usr/share/doc/pcre/NEWS b/msys2/usr/share/doc/pcre/NEWS
index b92c4f960..0f1840817 100644
--- a/msys2/usr/share/doc/pcre/NEWS
+++ b/msys2/usr/share/doc/pcre/NEWS
@@ -1,6 +1,28 @@
 News about PCRE releases
 ------------------------
 
+Note that this library (now called PCRE1) is now being maintained for bug fixes
+only. New projects are advised to use the new PCRE2 libraries.
+
+
+Release 8.43 23-February-2019
+-----------------------------
+
+This is a bug-fix release.
+
+
+Release 8.42 20-March-2018
+--------------------------
+
+This is a bug-fix release.
+
+
+Release 8.41 13-June-2017
+-------------------------
+
+This is a bug-fix release.
+
+
 Release 8.40 11-January-2017
 ----------------------------
 
diff --git a/msys2/usr/share/doc/pcre/html/NON-AUTOTOOLS-BUILD.txt b/msys2/usr/share/doc/pcre/html/NON-AUTOTOOLS-BUILD.txt
index 391005910..37f616447 100644
--- a/msys2/usr/share/doc/pcre/html/NON-AUTOTOOLS-BUILD.txt
+++ b/msys2/usr/share/doc/pcre/html/NON-AUTOTOOLS-BUILD.txt
@@ -760,13 +760,14 @@ The character code used is EBCDIC, not ASCII or Unicode. In z/OS, UNIX APIs and
 applications can be supported through UNIX System Services, and in such an
 environment PCRE can be built in the same way as in other systems. However, in
 native z/OS (without UNIX System Services) and in z/VM, special ports are
-required. For details, please see this web site:
+required. PCRE1 version 8.39 is available in file 882 on this site:
 
-  http://www.zaconsultants.net
+  http://www.cbttape.org
 
-You may download PCRE from WWW.CBTTAPE.ORG, file 882.  Everything, source and
-executable, is in EBCDIC and native z/OS file formats and this is the
-recommended download site.
+Everything, source and executable, is in EBCDIC and native z/OS file formats.
+However, this software is not maintained and will not be upgraded. If you are
+new to PCRE you should be looking at PCRE2 (version 10.30 or later).
 
-==========================
-Last Updated: 25 June 2015
+===============================
+Last Updated: 13 September 2017
+===============================
diff --git a/msys2/usr/share/doc/pcre/html/pcrejit.html b/msys2/usr/share/doc/pcre/html/pcrejit.html
index 210f1da02..abb342522 100644
--- a/msys2/usr/share/doc/pcre/html/pcrejit.html
+++ b/msys2/usr/share/doc/pcre/html/pcrejit.html
@@ -79,9 +79,12 @@ API that is JIT-specific.
 </P>
 <P>
 If your program may sometimes be linked with versions of PCRE that are older
-than 8.20, but you want to use JIT when it is available, you can test
-the values of PCRE_MAJOR and PCRE_MINOR, or the existence of a JIT macro such
-as PCRE_CONFIG_JIT, for compile-time control of your code.
+than 8.20, but you want to use JIT when it is available, you can test the
+values of PCRE_MAJOR and PCRE_MINOR, or the existence of a JIT macro such as
+PCRE_CONFIG_JIT, for compile-time control of your code. Also beware that the
+<b>pcre_jit_exec()</b> function was not available at all before 8.32,
+and may not be available at all if PCRE isn't compiled with
+--enable-jit. See the "JIT FAST PATH API" section below for details.
 </P>
 <br><a name="SEC4" href="#TOC1">SIMPLE USE OF JIT</a><br>
 <P>
@@ -119,6 +122,20 @@ when you call <b>pcre_study()</b>:
   PCRE_STUDY_JIT_PARTIAL_HARD_COMPILE
   PCRE_STUDY_JIT_PARTIAL_SOFT_COMPILE
 </pre>
+If using <b>pcre_jit_exec()</b> and supporting a pre-8.32 version of
+PCRE, you can insert:
+<pre>
+   #if PCRE_MAJOR &#62;= 8 && PCRE_MINOR &#62;= 32
+   pcre_jit_exec(...);
+   #else
+   pcre_exec(...)
+   #endif
+</pre>
+but as described in the "JIT FAST PATH API" section below this assumes
+version 8.32 and later are compiled with --enable-jit, which may
+break.
+<br>
+<br>
 The JIT compiler generates different optimized code for each of the three
 modes (normal, soft partial, hard partial). When <b>pcre_exec()</b> is called,
 the appropriate code is run if it is available. Otherwise, the pattern is
@@ -428,6 +445,36 @@ fast path, and if invalid data is passed, the result is undefined.
 Bypassing the sanity checks and the <b>pcre_exec()</b> wrapping can give
 speedups of more than 10%.
 </P>
+<P>
+Note that the <b>pcre_jit_exec()</b> function is not available in versions of
+PCRE before 8.32 (released in November 2012). If you need to support versions
+that old you must either use the slower <b>pcre_exec()</b>, or switch between
+the two codepaths by checking the values of PCRE_MAJOR and PCRE_MINOR.
+</P>
+<P>
+Due to an unfortunate implementation oversight, even in versions 8.32
+and later there will be no <b>pcre_jit_exec()</b> stub function defined
+when PCRE is compiled with --disable-jit, which is the default, and
+there's no way to detect whether PCRE was compiled with --enable-jit
+via a macro.
+</P>
+<P>
+If you need to support versions older than 8.32, or versions that may
+not build with --enable-jit, you must either use the slower
+<b>pcre_exec()</b>, or switch between the two codepaths by checking the
+values of PCRE_MAJOR and PCRE_MINOR.
+</P>
+<P>
+Switching between the two by checking the version assumes that all the
+versions being targeted are built with --enable-jit. To also support
+builds that may use --disable-jit either <b>pcre_exec()</b> must be
+used, or a compile-time check for JIT via <b>pcre_config()</b> (which
+assumes the runtime environment will be the same), or as the Git
+project decided to do, simply assume that <b>pcre_jit_exec()</b> is
+present in 8.32 or later unless a compile-time flag is provided, see
+the "grep: un-break building with PCRE &#62;= 8.32 without --enable-jit"
+commit in git.git for an example of that.
+</P>
 <br><a name="SEC12" href="#TOC1">SEE ALSO</a><br>
 <P>
 <b>pcreapi</b>(3)
@@ -443,9 +490,9 @@ Cambridge CB2 3QH, England.
 </P>
 <br><a name="SEC14" href="#TOC1">REVISION</a><br>
 <P>
-Last updated: 17 March 2013
+Last updated: 05 July 2017
 <br>
-Copyright &copy; 1997-2013 University of Cambridge.
+Copyright &copy; 1997-2017 University of Cambridge.
 <br>
 <p>
 Return to the <a href="index.html">PCRE index page</a>.
diff --git a/msys2/usr/share/doc/pcre/html/pcretest.html b/msys2/usr/share/doc/pcre/html/pcretest.html
index 839fabf18..ba540d3c3 100644
--- a/msys2/usr/share/doc/pcre/html/pcretest.html
+++ b/msys2/usr/share/doc/pcre/html/pcretest.html
@@ -74,6 +74,11 @@ newline as data characters. However, in some Windows environments character 26
 maximum portability, therefore, it is safest to use only ASCII characters in
 <b>pcretest</b> input files.
 </P>
+<P>
+The input is processed using using C's string functions, so must not
+contain binary zeroes, even though in Unix-like environments, <b>fgets()</b>
+treats any bytes other than newline as data characters.
+</P>
 <br><a name="SEC3" href="#TOC1">PCRE's 8-BIT, 16-BIT AND 32-BIT LIBRARIES</a><br>
 <P>
 From release 8.30, two separate PCRE libraries can be built. The original one
@@ -1149,9 +1154,9 @@ Cambridge CB2 3QH, England.
 </P>
 <br><a name="SEC17" href="#TOC1">REVISION</a><br>
 <P>
-Last updated: 09 February 2014
+Last updated: 23 February 2017
 <br>
-Copyright &copy; 1997-2014 University of Cambridge.
+Copyright &copy; 1997-2017 University of Cambridge.
 <br>
 <p>
 Return to the <a href="index.html">PCRE index page</a>.
diff --git a/msys2/usr/share/doc/pcre/pcre.txt b/msys2/usr/share/doc/pcre/pcre.txt
index d68d5033c..c027538f5 100644
--- a/msys2/usr/share/doc/pcre/pcre.txt
+++ b/msys2/usr/share/doc/pcre/pcre.txt
@@ -8365,7 +8365,11 @@ AVAILABILITY OF JIT SUPPORT
        If  your program may sometimes be linked with versions of PCRE that are
        older than 8.20, but you want to use JIT when it is available, you  can
        test the values of PCRE_MAJOR and PCRE_MINOR, or the existence of a JIT
-       macro such as PCRE_CONFIG_JIT, for compile-time control of your code.
+       macro such as PCRE_CONFIG_JIT, for compile-time control of  your  code.
+       Also  beware that the pcre_jit_exec() function was not available at all
+       before 8.32, and may not be available at all  if  PCRE  isn't  compiled
+       with  --enable-jit.  See  the  "JIT  FAST  PATH  API" section below for
+       details.
 
 
 SIMPLE USE OF JIT
@@ -8407,6 +8411,18 @@ SIMPLE USE OF JIT
          PCRE_STUDY_JIT_PARTIAL_HARD_COMPILE
          PCRE_STUDY_JIT_PARTIAL_SOFT_COMPILE
 
+       If using pcre_jit_exec() and supporting a pre-8.32 version of PCRE, you
+       can insert:
+
+          #if PCRE_MAJOR >= 8 && PCRE_MINOR >= 32
+          pcre_jit_exec(...);
+          #else
+          pcre_exec(...)
+          #endif
+
+       but  as described in the "JIT FAST PATH API" section below this assumes
+       version 8.32 and later are compiled with --enable-jit, which may break.
+
        The JIT compiler generates different optimized code  for  each  of  the
        three  modes  (normal, soft partial, hard partial). When pcre_exec() is
        called, the appropriate code is run if it is available. Otherwise,  the
@@ -8696,6 +8712,33 @@ JIT FAST PATH API
        Bypassing  the  sanity  checks  and  the  pcre_exec() wrapping can give
        speedups of more than 10%.
 
+       Note that the pcre_jit_exec() function is not available in versions  of
+       PCRE  before  8.32  (released in November 2012). If you need to support
+       versions that old you must either use the slower pcre_exec(), or switch
+       between  the  two  codepaths  by  checking the values of PCRE_MAJOR and
+       PCRE_MINOR.
+
+       Due to an unfortunate implementation oversight, even in  versions  8.32
+       and  later  there will be no pcre_jit_exec() stub function defined when
+       PCRE is compiled with --disable-jit, which is the default, and  there's
+       no  way  to  detect  whether  PCRE was compiled with --enable-jit via a
+       macro.
+
+       If you need to support versions older than 8.32, or versions  that  may
+       not   build   with   --enable-jit,  you  must  either  use  the  slower
+       pcre_exec(), or switch between the two codepaths by checking the values
+       of PCRE_MAJOR and PCRE_MINOR.
+
+       Switching  between the two by checking the version assumes that all the
+       versions being targeted are built with --enable-jit.  To  also  support
+       builds that may use --disable-jit either pcre_exec() must be used, or a
+       compile-time check for JIT via pcre_config() (which assumes the runtime
+       environment  will  be  the  same), or as the Git project decided to do,
+       simply assume that pcre_jit_exec() is present in 8.32 or later unless a
+       compile-time  flag  is  provided, see the "grep: un-break building with
+       PCRE >= 8.32 without --enable-jit" commit in git.git for an example  of
+       that.
+
 
 SEE ALSO
 
@@ -8711,8 +8754,8 @@ AUTHOR
 
 REVISION
 
-       Last updated: 17 March 2013
-       Copyright (c) 1997-2013 University of Cambridge.
+       Last updated: 05 July 2017
+       Copyright (c) 1997-2017 University of Cambridge.
 ------------------------------------------------------------------------------
 
 
diff --git a/msys2/usr/share/doc/pcre/pcretest.txt b/msys2/usr/share/doc/pcre/pcretest.txt
index 55de50244..6d7305cfe 100644
--- a/msys2/usr/share/doc/pcre/pcretest.txt
+++ b/msys2/usr/share/doc/pcre/pcretest.txt
@@ -39,6 +39,10 @@ INPUT DATA FORMAT
        For  maximum  portability,  therefore,  it  is safest to use only ASCII
        characters in pcretest input files.
 
+       The input is processed using using C's string functions,  so  must  not
+       contain  binary  zeroes, even though in Unix-like environments, fgets()
+       treats any bytes other than newline as data characters.
+
 
 PCRE's 8-BIT, 16-BIT AND 32-BIT LIBRARIES
 
@@ -1083,5 +1087,5 @@ AUTHOR
 
 REVISION
 
-       Last updated: 09 February 2014
-       Copyright (c) 1997-2014 University of Cambridge.
+       Last updated: 23 February 2017
+       Copyright (c) 1997-2017 University of Cambridge.
diff --git a/msys2/usr/share/doc/readline/CHANGES b/msys2/usr/share/doc/readline/CHANGES
index b5e16b716..09eab6ee0 100644
--- a/msys2/usr/share/doc/readline/CHANGES
+++ b/msys2/usr/share/doc/readline/CHANGES
@@ -1,3 +1,145 @@
+This document details the changes between this version, readline-8.0, and the
+previous version, readline-7.0.
+
+1.  Changes to Readline
+
+a. Added a guard to prevent nested macros from causing an infinite expansion
+   loop.
+
+b. Instead of allocating enough history list entries to hold the maximum list
+   size, cap the number allocated initially.
+   
+c. Added a strategy to avoid allocating huge amounts of memory if a block of
+   history entries without timestamps occurs after a block with timestamps.
+
+d. Added support for keyboard timeouts when an ESC character is the last
+   character in a macro.
+
+e. There are several performance improvements when in a UTF-8 locale.
+
+f. Readline does a better job of preserving the original set of blocked
+   signals when using pselect() to wait for input.
+
+g. Fixed a bug that caused multibyte characters in macros to be mishandled.
+
+h. Fixed several bugs in the code that calculates line breaks when expanding
+   prompts that span several lines, contain multibyte characters, and contain
+   invisible character seqeuences.
+
+i. Fixed several bugs in cursor positioning when displaying lines with prompts
+   containing invisible characters and multibyte characters.
+
+j. When performing case-insensitive completion, Readline no longer sorts the
+   list of matches unless directed to do so.
+
+k. Fixed a problem with key sequences ending with a backslash.
+
+l. Fixed out-of-bounds and free memory read errors found via fuzzing.
+
+m. Fixed several cases where the mark was set to an invalid value.
+
+n. Fixed a problem with the case-changing operators in the case where the
+   lower and upper case versions of a character do not have the same number
+   of bytes.
+
+o. Handle incremental and non-incremental search character reads returning EOF.
+
+p. Handle the case where a failing readline command at the end of a multi-key
+   sequence could be misinterpreted.
+
+q. The history library now prints a meaningful error message if the history
+   file isn't a regular file.
+
+r. Fixed a problem with vi-mode redo (`.') on a command when trying to replace
+   a multibyte character.
+
+s. The key binding code now attempts to remove a keymap if a key unbinding
+   leaves it empty.
+
+t. Fixed a line-wrapping issue that caused problems for some terminal
+   emulators.
+
+u. If there is a key bound to the tty's VDISCARD special character, readline
+   disables VDISCARD while it is active.
+
+v. Fixed a problem with exiting bracketed paste mode on terminals that assume
+   the bracketed paste mode character sequence contains visible characters.
+
+w. Fixed a bug that could cause a key binding command to refer to an
+   uninitialized variable.
+
+x. Added more UTF-8-specific versions of multibyte functions, and optimized
+   existing functions if the current locale uses UTF-8 encoding.
+
+y. Fixed a problem with bracketed-paste inserting more than one character and
+   interacting with other readline functions.
+
+z. Fixed a bug that caused the history library to attempt to append a history
+   line to a non-existent history entry.
+
+aa. If using bracketed paste mode, output a newline after the \r that is the
+    last character of the mode disable string to avoid overwriting output.
+
+bb. Fixes to the vi-mode `b', `B', `w', `W', `e', and `E' commands to better
+    handle multibyte characters.
+
+cc. Fixed a redisplay problem that caused an extra newline to be generated on
+    accept-line when the line length is exactly the screenwidth.
+
+dd. Fixed a bug with adding multibyte characters to an incremental search
+    string.
+
+ee. Fixed a bug with redoing text insertions in vi mode.
+
+ff. Fixed a bug with pasting text into an incremental search string if bracketed
+    paste mode is enabled. ESC cannot be one of the incremental search
+    terminator characters for this to work.
+
+gg. Fixed a bug with anchored search patterns when performing searches in vi
+    mode.
+
+2.  New Features in Readline
+
+a. Non-incremental vi-mode search (`N', `n') can search for a shell pattern, as
+   Posix specifies (uses fnmatch(3) if available).
+
+b. There are new `next-screen-line' and `previous-screen-line' bindable
+   commands, which move the cursor to the same column in the next, or previous,
+   physical line, respectively.
+
+c. There are default key bindings for control-arrow-key key combinations.
+
+d. A negative argument (-N) to `quoted-insert' means to insert the next N
+   characters using quoted-insert.
+
+e. New public function: rl_check_signals(), which allows applications to
+   respond to signals that readline catches while waiting for input using
+   a custom read function.
+
+f. There is new support for conditionally testing the readline version in an
+   inputrc file, with a full set of arithmetic comparison operators available.
+
+g. There is a simple variable comparison facility available for use within an
+   inputrc file. Allowable operators are equality and inequality; string
+   variables may be compared to a value; boolean variables must be compared to
+   either `on' or `off'; variable names are separated from the operator by
+   whitespace.
+
+h. The history expansion library now understands command and process
+   substitution and extended globbing and allows them to appear anywhere in a
+   word.
+
+i. The history library has a new variable that allows applications to set the
+   initial quoting state, so quoting state can be inherited from a previous
+   line.
+
+j. Readline now allows application-defined keymap names; there is a new public
+   function, rl_set_keymap_name(), to do that.
+
+k. The "Insert" keypad key, if available, now puts readline into overwrite
+   mode.
+
+-------------------------------------------------------------------------------
 This document details the changes between this version, readline-7.0, and the
 previous version, readline-6.3.
 
diff --git a/msys2/usr/share/doc/readline/INSTALL b/msys2/usr/share/doc/readline/INSTALL
index e1a92d326..afb4d53e8 100644
--- a/msys2/usr/share/doc/readline/INSTALL
+++ b/msys2/usr/share/doc/readline/INSTALL
@@ -1,7 +1,7 @@
 Basic Installation
 ==================
 
-These are installation instructions for Readline-7.0.
+These are installation instructions for Readline-8.0.
 
 The simplest way to compile readline is:
 
diff --git a/msys2/usr/share/doc/readline/README b/msys2/usr/share/doc/readline/README
index 6a9c2b909..4fb0804fc 100644
--- a/msys2/usr/share/doc/readline/README
+++ b/msys2/usr/share/doc/readline/README
@@ -1,7 +1,7 @@
 Introduction
 ============
 
-This is the Gnu Readline library, version 7.0.
+This is the Gnu Readline library, version 8.0.
 
 The Readline library provides a set of functions for use by applications
 that allow users to edit command lines as they are typed in.  Both
diff --git a/msys2/usr/share/doc/util-linux/getopt/getopt-parse.bash b/msys2/usr/share/doc/util-linux/getopt/getopt-parse.bash
index 29e7f6fa9..db8bf6b59 100644
--- a/msys2/usr/share/doc/util-linux/getopt/getopt-parse.bash
+++ b/msys2/usr/share/doc/util-linux/getopt/getopt-parse.bash
@@ -1,47 +1,75 @@
 #!/bin/bash
 
-# A small example program for using the new getopt(1) program.
-# This program will only work with bash(1)
-# An similar program using the tcsh(1) script language can be found
-# as parse.tcsh
+# A small example script for using the getopt(1) program.
+# This script will only work with bash(1).
+# A similar script using the tcsh(1) language can be found
+# as getopt-parse.tcsh.
 
 # Example input and output (from the bash prompt):
-# ./parse.bash -a par1 'another arg' --c-long 'wow!*\?' -cmore -b " very long "
+#
+# ./getopt-parse.bash -a par1 'another arg' --c-long 'wow!*\?' -cmore -b " very long "
 # Option a
 # Option c, no argument
-# Option c, argument `more'
-# Option b, argument ` very long '
+# Option c, argument 'more'
+# Option b, argument ' very long '
 # Remaining arguments:
-# --> `par1'
-# --> `another arg'
-# --> `wow!*\?'
+# --> 'par1'
+# --> 'another arg'
+# --> 'wow!*\?'
 
-# Note that we use `"$@"' to let each command-line parameter expand to a
-# separate word. The quotes around `$@' are essential!
-# We need TEMP as the `eval set --' would nuke the return value of getopt.
-TEMP=`getopt -o ab:c:: --long a-long,b-long:,c-long:: \
-     -n 'example.bash' -- "$@"`
+# Note that we use "$@" to let each command-line parameter expand to a
+# separate word. The quotes around "$@" are essential!
+# We need TEMP as the 'eval set --' would nuke the return value of getopt.
+TEMP=$(getopt -o 'ab:c::' --long 'a-long,b-long:,c-long::' -n 'example.bash' -- "$@")
 
-if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
+if [ $? -ne 0 ]; then
+	echo 'Terminating...' >&2
+	exit 1
+fi
 
-# Note the quotes around `$TEMP': they are essential!
+# Note the quotes around "$TEMP": they are essential!
 eval set -- "$TEMP"
+unset TEMP
 
-while true ; do
+while true; do
 	case "$1" in
-		-a|--a-long) echo "Option a" ; shift ;;
-		-b|--b-long) echo "Option b, argument \`$2'" ; shift 2 ;;
-		-c|--c-long)
+		'-a'|'--a-long')
+			echo 'Option a'
+			shift
+			continue
+		;;
+		'-b'|'--b-long')
+			echo "Option b, argument '$2'"
+			shift 2
+			continue
+		;;
+		'-c'|'--c-long')
 			# c has an optional argument. As we are in quoted mode,
 			# an empty parameter will be generated if its optional
 			# argument is not found.
 			case "$2" in
-				"") echo "Option c, no argument"; shift 2 ;;
-				*)  echo "Option c, argument \`$2'" ; shift 2 ;;
-			esac ;;
-		--) shift ; break ;;
-		*) echo "Internal error!" ; exit 1 ;;
+				'')
+					echo 'Option c, no argument'
+				;;
+				*)
+					echo "Option c, argument '$2'"
+				;;
+			esac
+			shift 2
+			continue
+		;;
+		'--')
+			shift
+			break
+		;;
+		*)
+			echo 'Internal error!' >&2
+			exit 1
+		;;
 	esac
 done
-echo "Remaining arguments:"
-for arg do echo '--> '"\`$arg'" ; done
+
+echo 'Remaining arguments:'
+for arg; do
+	echo "--> '$arg'"
+done
diff --git a/msys2/usr/share/doc/util-linux/getopt/getopt-parse.tcsh b/msys2/usr/share/doc/util-linux/getopt/getopt-parse.tcsh
index 408c4706b..032d7ac08 100644
--- a/msys2/usr/share/doc/util-linux/getopt/getopt-parse.tcsh
+++ b/msys2/usr/share/doc/util-linux/getopt/getopt-parse.tcsh
@@ -1,9 +1,9 @@
 #!/bin/tcsh
 
-# A small example program for using the new getopt(1) program.
-# This program will only work with tcsh(1)
-# An similar program using the bash(1) script language can be found
-# as parse.bash
+# A small example script for using the getopt(1) program.
+# This script will only work with tcsh(1).
+# A similar script using the bash(1) language can be found
+# as getopt-parse.bash.
 
 # Example input and output (from the tcsh prompt):
 # ./parse.tcsh -a par1 'another arg' --c-long 'wow\!*\?' -cmore -b " very long "
diff --git a/msys2/usr/share/doc/xz/COPYING b/msys2/usr/share/doc/xz/COPYING
index 43c90d059..20e60d5b2 100644
--- a/msys2/usr/share/doc/xz/COPYING
+++ b/msys2/usr/share/doc/xz/COPYING
@@ -47,7 +47,7 @@ XZ Utils Licensing
     naturally it is not legally required. Here is an example of a good
     notice to put into "about box" or into documentation:
 
-        This software includes code from XZ Utils <http://tukaani.org/xz/>.
+        This software includes code from XZ Utils <https://tukaani.org/xz/>.
 
     The following license texts are included in the following files:
       - COPYING.LGPLv2.1: GNU Lesser General Public License version 2.1
diff --git a/msys2/usr/share/doc/xz/NEWS b/msys2/usr/share/doc/xz/NEWS
index 261168187..f2a1ad3b5 100644
--- a/msys2/usr/share/doc/xz/NEWS
+++ b/msys2/usr/share/doc/xz/NEWS
@@ -2,6 +2,33 @@
 XZ Utils Release Notes
 ======================
 
+5.2.4 (2018-04-29)
+
+    * liblzma:
+
+        - Allow 0 as memory usage limit instead of returning
+          LZMA_PROG_ERROR. Now 0 is treated as if 1 byte was specified,
+          which effectively is the same as 0.
+
+        - Use "noexcept" keyword instead of "throw()" in the public
+          headers when a C++11 (or newer standard) compiler is used.
+
+        - Added a portability fix for recent Intel C Compilers.
+
+        - Microsoft Visual Studio build files have been moved under
+          windows/vs2013 and windows/vs2017.
+
+    * xz:
+
+        - Fix "xz --list --robot missing_or_bad_file.xz" which would
+          try to print an unitialized string and thus produce garbage
+          output. Since the exit status is non-zero, most uses of such
+          a command won't try to interpret the garbage output.
+
+        - "xz --list foo.xz" could print "Internal error (bug)" in a
+          corner case where a specific memory usage limit had been set.
+
+
 5.2.3 (2016-12-30)
 
     * xz:
diff --git a/msys2/usr/share/doc/xz/README b/msys2/usr/share/doc/xz/README
index ab8aadfb5..720a1a580 100644
--- a/msys2/usr/share/doc/xz/README
+++ b/msys2/usr/share/doc/xz/README
@@ -291,7 +291,7 @@ XZ Utils
     XZ Embedded is a limited implementation written for use in the Linux
     kernel, but it is also suitable for other embedded use.
 
-        http://tukaani.org/xz/embedded.html
+        https://tukaani.org/xz/embedded.html
 
 
 6. Contact information
diff --git a/msys2/usr/share/doc/xz/THANKS b/msys2/usr/share/doc/xz/THANKS
index 1f40c6562..30fbfb6f0 100644
--- a/msys2/usr/share/doc/xz/THANKS
+++ b/msys2/usr/share/doc/xz/THANKS
@@ -11,7 +11,9 @@ has been important. :-) In alphabetical order:
   - Karl Berry
   - Anders F. Björklund
   - Emmanuel Blot
+  - Melanie Blower
   - Martin Blumenstingl
+  - Ben Boeckel
   - Jakub Bogusz
   - Maarten Bosmans
   - Trent W. Buck
@@ -56,6 +58,7 @@ has been important. :-) In alphabetical order:
   - Andraž 'ruskie' Levstik
   - Cary Lewis
   - Wim Lewis
+  - Eric Lindblad
   - Lorenzo De Liso
   - Bela Lubkin
   - Gregory Margo
@@ -93,6 +96,7 @@ has been important. :-) In alphabetical order:
   - Stuart Shelton
   - Sebastian Andrzej Siewior
   - Brad Smith
+  - Pippijn van Steenhoven
   - Jonathan Stott
   - Dan Stromberg
   - Vincent Torri
diff --git a/msys2/usr/share/doc/xz/examples/02_decompress.c b/msys2/usr/share/doc/xz/examples/02_decompress.c
index 4c0f37cbc..98339befa 100644
--- a/msys2/usr/share/doc/xz/examples/02_decompress.c
+++ b/msys2/usr/share/doc/xz/examples/02_decompress.c
@@ -138,7 +138,7 @@ decompress(lzma_stream *strm, const char *inname, FILE *infile, FILE *outfile)
 			// Once the end of the input file has been reached,
 			// we need to tell lzma_code() that no more input
 			// will be coming. As said before, this isn't required
-			// if the LZMA_CONATENATED flag isn't used when
+			// if the LZMA_CONCATENATED flag isn't used when
 			// initializing the decoder.
 			if (feof(infile))
 				action = LZMA_FINISH;
diff --git a/msys2/usr/share/doc/xz/faq.txt b/msys2/usr/share/doc/xz/faq.txt
index 333bee09c..dee7824fb 100644
--- a/msys2/usr/share/doc/xz/faq.txt
+++ b/msys2/usr/share/doc/xz/faq.txt
@@ -206,7 +206,7 @@ Q:  How do I build a program that needs liblzmadec (lzmadec.h)?
 A:  liblzmadec is part of LZMA Utils. XZ Utils has liblzma, but no
     liblzmadec. The code using liblzmadec should be ported to use
     liblzma instead. If you cannot or don't want to do that, download
-    LZMA Utils from <http://tukaani.org/lzma/>.
+    LZMA Utils from <https://tukaani.org/lzma/>.
 
 
 Q:  The default build of liblzma is too big. How can I make it smaller?
@@ -220,5 +220,5 @@ A:  Give --enable-small to the configure script. Use also appropriate
     If the result is still too big, take a look at XZ Embedded. It is
     a separate project, which provides a limited but significantly
     smaller XZ decoder implementation than XZ Utils. You can find it
-    at <http://tukaani.org/xz/embedded.html>.
+    at <https://tukaani.org/xz/embedded.html>.
 
diff --git a/msys2/usr/share/file/magic b/msys2/usr/share/file/magic
index d5e2d3fce..ee39f17c3 100644
--- a/msys2/usr/share/file/magic
+++ b/msys2/usr/share/file/magic
@@ -1,6 +1,6 @@
 
 #------------------------------------------------------------------------------
-# $File: acorn,v 1.6 2017/10/19 16:40:37 christos Exp $
+# $File: acorn,v 1.7 2019/04/19 00:42:27 christos Exp $
 # acorn:  file(1) magic for files found on Acorn systems
 #
 
@@ -83,7 +83,7 @@
 # compression mode y (0 - 4) for GIF LZW with a maximum n bits
 # (y~n,0~12,1~13,2~14,3~15,4~16)
 >>>5	ulelong+12 x	\b, LZW %u-bits compression
-# http://www.filebase.org.uk/filetypes
+# https://www.filebase.org.uk/filetypes
 # !Packdir compressed archive has three hexadecimal digits code 68E
 !:mime	application/x-acorn-68E
 !:ext	pkd/bin
@@ -115,7 +115,7 @@
 >18	lelong		^010		not stripped
 
 #------------------------------------------------------------------------------
-# $File: adventure,v 1.17 2017/07/03 16:03:40 christos Exp $
+# $File: adventure,v 1.18 2019/04/19 00:42:27 christos Exp $
 # adventure: file(1) magic for Adventure game files
 #
 # from Allen Garvin <earendil@faeryland.tamu-commerce.edu>
@@ -136,8 +136,8 @@
 # Updated by Adam Buchbinder <adam.buchbinder@gmail.com>
 #
 #http://www.gnelson.demon.co.uk/zspec/sect11.html
-#http://www.jczorkmid.net/~jpenney/ZSpec11-latest.txt
-#http://en.wikipedia.org/wiki/Z-machine
+#https://www.jczorkmid.net/~jpenney/ZSpec11-latest.txt
+#https://en.wikipedia.org/wiki/Z-machine
 # The first byte is the Z-machine revision; it is always between 1 and 8. We
 # had false matches (for instance, inbig5.ocp from the Omega TeX extension as
 # well as an occasional MP3 file), so we sanity-check the version number.
@@ -226,7 +226,7 @@
 # Danny Milosavljevic <danny.milo@gmx.net>
 # These are ADRIFT (adventure game standard) game files, extension .taf
 # Checked from source at (http://www.adrift.co/) and various taf files
-# found at the Interactive Fiction Archive (http://ifarchive.org/)
+# found at the Interactive Fiction Archive (https://ifarchive.org/)
 0	belong  0x3C423FC9
 >4	belong  0x6A87C2CF	Adrift game file version
 >>8	belong  0x94453661	3.80
@@ -237,18 +237,18 @@
 !:mime	application/x-adrift
 
 #------------------------------------------------------------------------------
-# $File: algol68,v 1.2 2016/10/17 14:17:48 christos Exp $
+# $File: algol68,v 1.3 2018/10/19 01:04:21 christos Exp $
 # algol68:  file(1) magic for Algol 68 source
 #
 0	search/8192	(input,			Algol 68 source text
 !:mime	text/x-Algol68
-0	regex		\^PROC			Algol 68 source text
+0	regex/1024	\^PROC			Algol 68 source text
 !:mime	text/x-Algol68
-0	regex           MODE[\t\ ]		Algol 68 source text
+0	regex/1024	\bMODE[\t\ ]		Algol 68 source text
 !:mime	text/x-Algol68
-0	regex          	REF[\t\ ]		Algol 68 source text
+0	regex/1024	\bREF[\t\ ]		Algol 68 source text
 !:mime	text/x-Algol68
-0	regex          	FLEX[\t\ ]\*\\[		Algol 68 source text
+0	regex/1024	\bFLEX[\t\ ]\*\\[	Algol 68 source text
 !:mime	text/x-Algol68
 #0	regex          	[\t\ ]OD		Algol 68 source text
 #!:mime	text/x-Algol68
@@ -295,7 +295,7 @@
 >>13	string	>\ 			DATE %s
 
 #------------------------------------------------------------------------------
-# $File: amigaos,v 1.16 2017/03/17 21:35:28 christos Exp $
+# $File: amigaos,v 1.17 2018/10/16 18:57:19 christos Exp $
 # amigaos:  file(1) magic for AmigaOS binary formats:
 
 #
@@ -362,8 +362,27 @@
 0	string 		.KEY		AmigaDOS script
 0	string 		.key		AmigaDOS script
 
+# AMOS Basic file formats
+# https://www.exotica.org.uk/wiki/AMOS_file_formats
+0	string		AMOS\040Basic\040 	AMOS Basic source code
+>11	byte		=0x56 			\b, tested
+>11	byte		=0x76 			\b, untested
+0 	string		AMOS\040Pro		AMOS Basic source code
+>11	byte		=0x56 			\b, tested
+>11	byte		=0x76 			\b, untested
+0	string		AmSp			AMOS Basic sprite bank
+>4	beshort		x			\b, %d sprites
+0	string		AmIc			AMOS Basic icon bank
+>4	beshort		x			\b, %d icons
+0	string		AmBk			AMOS Basic memory bank
+>4	beshort		x			\b, bank number %d
+>8	belong&0xFFFFFFF	x		\b, length %d
+>12	regex		.{8}			\b, type %s
+0	string		AmBs			AMOS Basic memory banks
+>4	beshort		x			\b, %d banks
+
 #------------------------------------------------------------
-# $File: android,v 1.10 2017/03/17 21:35:28 christos Exp $
+# $File: android,v 1.12 2019/04/19 00:42:27 christos Exp $
 # Various android related magic entries
 #------------------------------------------------------------
 
@@ -395,33 +414,68 @@
 
 # Android Backup archive
 # From: Ariel Shkedi
-# File extension: .ab
-# No mime-type defined
+# Update: Joerg Jenderek 
 # URL: https://github.com/android/platform_frameworks_base/blob/\
 # 0bacfd2ba68d21a68a3df345b830bc2a1e515b5a/services/java/com/\
 # android/server/BackupManagerService.java#L2367
+# Reference: https://sourceforge.net/projects/adbextractor/
+#            android-backup-extractor/perl/backupencrypt.pl 
+# Note:	only unix line feeds "\n" found
 # After the header comes a tar file
 # If compressed, the entire tar file is compressed with JAVA deflate
 #
 # Include the version number hardcoded with the magic string to avoid
 # false positives
-0	string/b	ANDROID\ BACKUP\n1\n	Android Backup
+0	string/b	ANDROID\ BACKUP\n	Android Backup
+# maybe look for some more characteristics like linefeed '\n' or version
+#>16	string		\n			
+# No mime-type defined offically
+!:mime	application/x-google-ab
+!:ext	ab
+# on 2nd line version (often 1, 2 on kitkat 4.4.3+, 4 on 7.1.2)
+>15	string		>\0			\b, version %s
+# "1" on 3rd line means compressed
 >17	string		0\n			\b, Not-Compressed
 >17	string		1\n			\b, Compressed
+# The 4th line is encryption "none" or "AES-256"
 # any string as long as it's not the word none (which is matched below)
+>19	string		none\n			\b, Not-Encrypted
+# look for backup content after line with encryption info
+#>>19	search/7	\n
+# data part after header for not encrypted Android Backup 
+#>>>&0	ubequad		x	\b, content 0x%16.16llx...
+# look for zlib compressed by ./compress after message with 1 space at end
+#>>>&0	indirect	x	\b; contains 
+# look for tar archive block by ./archive for package name manifest
+>>288	string		ustar	\b; contains
+>>>31	use	tar-file
+# look for zip/jar archive by ./archive ./zip after message with 1 space at end
+#>>2079	search/1025/s	PK\003\004	\b; contains 
+#>>>&0	indirect	x
+>19	string		!none			
 >>19    regex/1l	\^([^n\n]|n[^o]|no[^n]|non[^e]|none.+).*	\b, Encrypted (%s)
->>19	string		none\n			\b, Not-Encrypted
 # Commented out because they don't seem useful to print
 # (but they are part of the header - the tar file comes after them):
+# The 5th line is User Password Salt (128 Hex)
+# string length too high with standard src configuration
+#>>>&1		string	>\0	\b, PASSWORD salt: "%-128.128s"
 #>>>&1		regex/1l .*	\b, Password salt: %s
+# The 6th line is Master Key Checksum Salt (128 Hex)
 #>>>>&1		regex/1l .*	\b, Master salt: %s
+# The 7th line is Number of PBDKF2 Rounds (10000)
 #>>>>>&1	regex/1l .*	\b, PBKDF2 rounds: %s
+# The 8th line is User key Initialization Vector (IV) (32 Hex)
 #>>>>>>&1	regex/1l .*	\b, IV: %s
+#>>>>>>&1	regex/1l .*	\b, IV: %s
+# The 9th line is Master IV+Key+Checksum (192 Hex)
 #>>>>>>>&1	regex/1l .*	\b, Key: %s
+# look for new line separator char after line number 9
+#>>>0x204	ubyte	0x0a	NL found
+#>>>>&1		ubequad	x	\b, Content magic %16.16llx
 
 # *.pit files by Joerg Jenderek
-# http://forum.xda-developers.com/showthread.php?p=9122369
-# http://forum.xda-developers.com/showthread.php?t=816449
+# https://forum.xda-developers.com/showthread.php?p=9122369
+# https://forum.xda-developers.com/showthread.php?t=816449
 # Partition Information Table for Samsung's smartphone with Android
 # used by flash software Odin
 0		ulelong			0x12349876
@@ -508,7 +562,7 @@
 0	lelong	0x00080003	Android binary XML
 
 #------------------------------------------------------------------------------
-# $File: animation,v 1.66 2017/10/06 15:36:38 christos Exp $
+# $File: animation,v 1.71 2019/04/19 00:42:27 christos Exp $
 # animation:  file(1) magic for animation/movie formats
 #
 # animation formats
@@ -540,9 +594,9 @@
 !:mime	application/x-quicktime-player
 4	string/W	jP		JPEG 2000 image
 !:mime	image/jp2
-# http://www.ftyps.com/ with local additions
+# https://www.ftyps.com/ with local additions
 4	string		ftyp		ISO Media
-# http://aeroquartet.com/wordpress/2016/03/05/3-xavc-s/
+# https://aeroquartet.com/wordpress/2016/03/05/3-xavc-s/
 >8	string		XAVC		\b, MPEG v4 system, Sony XAVC Codec
 >>96	string		x		\b, Audio "%.4s"
 >>118	beshort		x		at %dHz
@@ -554,7 +608,7 @@
 >>11	byte		4		\b v4 (H.263/AMR GSM 6.10)
 >>11	byte		5		\b v5 (H.263/AMR GSM 6.10)
 >>11	byte		6		\b v6 (ITU H.264/AMR GSM 6.10)
-# http://www.3gpp2.org/Public_html/Specs/C.S0050-B_v1.0_070521.pdf
+# https://www.3gpp2.org/Public_html/Specs/C.S0050-B_v1.0_070521.pdf
 # Section 8.1.1, corresponds to a, b, c
 >>11	byte		0x61		\b C.S0050-0 V1.0
 >>11	byte		0x62		\b C.S0050-0-A V1.0.0
@@ -1363,6 +1417,7 @@
 # conti_count   4 bit	-
 0	belong&0xFF5FFF10	0x47400010
 >188	byte			0x47		MPEG transport stream data
+!:mime  video/MP2T
 
 # DIF digital video file format <mpruett@sgi.com>
 0	belong&0xffffff00	0x1f070000      DIF
@@ -1400,10 +1455,10 @@
 0	string/w	#VRML\ V2.0\ utf8	ISO/IEC 14772 VRML 97 file
 !:mime	model/vrml
 
-# X3D (Extensible 3D) [http://www.web3d.org/specifications/x3d-3.0.dtd]
+# X3D (Extensible 3D) [https://www.web3d.org/specifications/x3d-3.0.dtd]
 # From Michel Briand <michelbriand@free.fr>
 # mimetype from https://www.iana.org/assignments/media-types/model/x3d+xml
-# Example http://www.web3d.org/x3d/content/examples/Basic/course/CreateX3DFromStringRandomSpheres.x3d
+# Example https://www.web3d.org/x3d/content/examples/Basic/course/CreateX3DFromStringRandomSpheres.x3d
 0	string/w	\<?xml\ version=
 !:strength + 5
 >20	search/1000/w	\<!DOCTYPE\ X3D		X3D (Extensible 3D) model xml text
@@ -1475,7 +1530,7 @@
 
 # Type: Bink Video
 # Extension: .bik
-# URL:  http://wiki.multimedia.cx/index.php?title=Bink_Container
+# URL:  https://wiki.multimedia.cx/index.php?title=Bink_Container
 # From: <hoehle@users.sourceforge.net>  2008-07-18
 0	string		BIK	Bink Video
 >3	regex		=[a-z]	rev.%s
@@ -1496,61 +1551,61 @@
 #>>51	byte&0x10	!0	DCT
 
 # Type:	NUT Container
-# URL:	http://wiki.multimedia.cx/index.php?title=NUT
+# URL:	https://wiki.multimedia.cx/index.php?title=NUT
 # From:	Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string	nut/multimedia\ container\0	NUT multimedia container
 
 # Type: Nullsoft Video (NSV)
-# URL:  http://wiki.multimedia.cx/index.php?title=Nullsoft_Video
+# URL:  https://wiki.multimedia.cx/index.php?title=Nullsoft_Video
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	NSVf	Nullsoft Video
 
 # Type: REDCode Video
-# URL:  http://www.red.com/ ; http://wiki.multimedia.cx/index.php?title=REDCode
+# URL:  https://www.red.com/ ; https://wiki.multimedia.cx/index.php?title=REDCode
 # From: Mike Melanson <mike@multimedia.cx>
 4	string	RED1	REDCode Video
 
 # Type: MTV Multimedia File
-# URL:  http://wiki.multimedia.cx/index.php?title=MTV
+# URL:  https://wiki.multimedia.cx/index.php?title=MTV
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	AMVS	MTV Multimedia File
 
 # Type: ARMovie
-# URL:  http://wiki.multimedia.cx/index.php?title=ARMovie
+# URL:  https://wiki.multimedia.cx/index.php?title=ARMovie
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	ARMovie\012	ARMovie
 
 # Type: Interplay MVE Movie
-# URL:  http://wiki.multimedia.cx/index.php?title=Interplay_MVE
+# URL:  https://wiki.multimedia.cx/index.php?title=Interplay_MVE
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	Interplay\040MVE\040File\032	Interplay MVE Movie
 
 # Type: Windows Television DVR File
-# URL:  http://wiki.multimedia.cx/index.php?title=WTV
+# URL:  https://wiki.multimedia.cx/index.php?title=WTV
 # From: Mike Melanson <mike@mutlimedia.cx>
 # This takes the form of a Windows-style GUID
 0	bequad	0xB7D800203749DA11
 >8	bequad	0xA64E0007E95EAD8D	Windows Television DVR Media
 
 # Type: Sega FILM/CPK Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=Sega_FILM
+# URL:  https://wiki.multimedia.cx/index.php?title=Sega_FILM
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	FILM	Sega FILM/CPK Multimedia,
 >32	belong	x	%d x
 >28	belong	x	%d
 
 # Type: Nintendo THP Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=THP
+# URL:  https://wiki.multimedia.cx/index.php?title=THP
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	THP\0	Nintendo THP Multimedia
 
 # Type: BBC Dirac Video
-# URL:  http://wiki.multimedia.cx/index.php?title=Dirac
+# URL:  https://wiki.multimedia.cx/index.php?title=Dirac
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	BBCD	BBC Dirac Video
 
 # Type: RAD Game Tools Smacker Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=Smacker
+# URL:  https://wiki.multimedia.cx/index.php?title=Smacker
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	SMK	RAD Game Tools Smacker Multimedia
 >3	byte	x	version %c,
@@ -1566,6 +1621,20 @@
 !:ext	mxf
 !:mime	application/mxf
 
+# Recognize LucasArts Smush video files (cf.
+# https://wiki.multimedia.cx/index.php/Smush)
+0	string	ANIM
+>8	string	AHDR	LucasArts Smush Animation Format (SAN) video
+0	string	SANM
+>8	string	SHDR	LucasArts Smush v2 (SANM) video
+
+# Type: Scaleform video
+# Extension: .usm
+# URL:  https://wiki.multimedia.cx/index.php/USM
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string	CRID
+>32	string	@UTF	Scaleform video
+
 #------------------------------------------------------------------------------
 # $File: aout,v 1.1 2013/01/09 22:37:23 christos Exp $
 # aout:  file(1) magic for a.out executable/object/etc entries that
@@ -1648,7 +1717,7 @@
 0	long		0100554		APL workspace (Ken's original?)
 
 #------------------------------------------------------------------------------
-# $File: apple,v 1.39 2018/03/02 15:26:39 christos Exp $
+# $File: apple,v 1.43 2019/04/19 00:42:27 christos Exp $
 # apple:  file(1) magic for Apple file formats
 #
 0	search/1/t	FiLeStArTfIlEsTaRt	binscii (apple ][) text
@@ -1659,22 +1728,97 @@
 0	belong		0x00051600		AppleSingle encoded Macintosh file
 0	belong		0x00051607		AppleDouble encoded Macintosh file
 
+# Type: Apple Emulator WOZ format
+# From: Greg Wildman <greg@apple2.org.za>
+# Ref: https://applesaucefdc.com/woz/reference/
+# Ref: https://applesaucefdc.com/woz/reference2/
+#
+# Note: The following test are mostly identical. I would rather not
+# use a regex to identify the WOZ format number.
+0	string		WOZ1
+>4	string		\xFF\x0A\x0D\x0A	Apple ][ WOZ 1.0 Disk Image
+>12	string		INFO
+>>21	byte		01			\b, 5.25 inch
+>>21	byte		02			\b, 3.5 inch
+>>22	byte		01			\b, write protected
+>>23	byte		01			\b, cross track synchronized
+>>25	string/T	x			\b, %.32s
+0	string		WOZ2
+>4	string		\xFF\x0A\x0D\x0A	Apple ][ WOZ 2.0 Disk Image
+>12	string		INFO
+>>21	byte		01			\b, 5.25 inch
+>>21	byte		02			\b, 3.5 inch
+>>22	byte		01			\b, write protected
+>>23	byte		01			\b, cross track synchronized
+>>25	string/T	x			\b, %.32s
+
+# Type: Apple Emulator disk images
+# From: Greg Wildman <greg@apple2.org.za>
+# ProDOS boot loader?
+0		string	\x01\x38\xB0\x03\x4C	Apple ProDOS Image
+# Detect Volume Directory block ($02)
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	leshort	x			\b, %u Blocks
+# ProDOS ordered ?
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	leshort	x			\b, %u Blocks
+#
+# DOS3.3 boot loader?
+0		string	\x01\xA5\x27\xC9\x09\xD0\x18\xA5\x2B
+>0x11001	string	\x11\x0F\x03	Apple DOS 3.3 Image
+>>0x11006	byte	x		\b, Volume %u
+>>0x11034	byte	x		\b, %u Tracks
+>>0x11035	byte	x		\b, %u Sectors
+>>0x11036	leshort	x		\b, %u bytes per sector
+# DOS3.2 ?
+>0x11001	string	\x11\x0C\x02	Apple DOS 3.2 Image
+>>0x11006	byte	x		\b, Volume %u
+>>0x11034	byte	x		\b, %u Tracks
+>>0x11035	byte	x		\b, %u Sectors
+>>0x11036	leshort	x		\b, %u bytes per sector
+# DOS3.1 ?
+>0x11001	string	\x11\x0C\x01
+>>0x11c00	string	\x00\x11\x0B	Apple DOS 3.1 Image
+#
+# Pascal boot loader?
+0		string	\x01\xE0\x60\xF0\x03\x4C\xE3\x08\xAD
+>0xd6		pstring SYSTEM.APPLE
+>>0xb00		leshort	0x0000
+>>>0xb04	leshort 0x0000		Apple Pascal Image
+>>>>0xb06	pstring x		\b, Volume %s:
+>>>>0xb0e	leshort x		\b, %u Blocks
+>>>>0xb10	leshort x		\b, %u Files
+
 # Type: Apple Emulator 2IMG format
 # From: Radek Vokal <rvokal@redhat.com>
-0	string		2IMG	Apple ][ 2IMG Disk Image
->4	string		XGS!	\b, XGS
->4	string		CTKG	\b, Catakig
->4	string		ShIm	\b, Sheppy's ImageMaker
->4	string		WOOF	\b, Sweet 16
->4	string		B2TR	\b, Bernie ][ the Rescue
->4	string		!nfc	\b, ASIMOV2
->4	string		x	\b, Unknown Format
->0xc	byte		00	\b, DOS 3.3 sector order
->>0x10	byte		00	\b, Volume 254
->>0x10	byte&0x7f	x	\b, Volume %u
->0xc	byte		01	\b, ProDOS sector order
->>0x14	short		x	\b, %u Blocks
->0xc	byte		02	\b, NIB data
+# Update: Greg Wildman <greg@apple2.org.za>
+0	string		2IMG		Apple ][ 2IMG Disk Image
+>4	clear		x
+>4	string		XGS!		\b, XGS
+>4	string		CTKG		\b, Catakig
+>4	string		ShIm		\b, Sheppy's ImageMaker
+>4	string		SHEP		\b, Sheppy's ImageMaker
+>4	string		WOOF		\b, Sweet 16
+>4	string		B2TR		\b, Bernie ][ the Rescue
+>4	string		\!nfc		\b, ASIMOV2
+>4	string		\>BD\<		\b, Brutal Deluxe's Cadius
+>4	string		CdrP		\b, CiderPress
+>4	string		Vi][		\b, Virtual ][
+>4	string		PRFS		\b, ProFUSE
+>4	string		FISH		\b, FishWings
+>4	string		RVLW		\b, Revival for Windows
+>4	default		x
+>>4	string		x		\b, Creator tag "%-4.4s"
+>0xc	byte		00		\b, DOS 3.3 sector order
+>>0x10	byte		00		\b, Volume 254
+>>0x10	byte&0x7f	x		\b, Volume %u
+>0xc	byte		01		\b, ProDOS sector order
+>>0x14	short		x		\b, %u Blocks
+>0xc	byte		02		\b, NIB data
 
 # magic for Newton PDA package formats
 # from Ruda Moura <ruda@helllabs.org>
@@ -1736,7 +1880,7 @@
 # http://home.earthlink.net/~hughhood/appleiiworksenvoy/
 # ('p' + 1-byte ProDOS File Type + 2-byte ProDOS Aux Type')
 # $70 $1A $F8 $FF is this the apple type ?
-#:apple pdospøÿ
+#:apple pdosp^Z\xf8\xff
 !:ext awp
 # minimum version needed to read this files. SFMinVers (0 , 30~3.0 )
 >>>183	ubyte		30	3.0
@@ -2002,7 +2146,7 @@
 >>6	ubeshort	x		\b, type 0x%x
 
 # URL: https://en.wikipedia.org/wiki/Apple_Partition_Map
-# Reference: http://opensource.apple.com/source/IOStorageFamily/IOStorageFamily-116/IOApplePartitionScheme.h
+# Reference: https://opensource.apple.com/source/IOStorageFamily/IOStorageFamily-116/IOApplePartitionScheme.h
 # Update: Joerg Jenderek
 # Yes, the 3rd and 4th bytes pmSigPad are reserved, but we use them to make the
 # magic stronger.
@@ -2044,8 +2188,8 @@
 # is the startup partition APPLE_PS_STARTUP
 >>88	ubelong	&0x80000000		\b, is the startup partition
 
-#http://wiki.mozilla.org/DS_Store_File_Format
-#http://en.wikipedia.org/wiki/.DS_Store
+#https://wiki.mozilla.org/DS_Store_File_Format
+#https://en.wikipedia.org/wiki/.DS_Store
 0	string	\0\0\0\1Bud1\0		Apple Desktop Services Store
 
 # HFS/HFS+ Resource fork files (andrew.roazen@nau.edu Apr 13 2015)
@@ -2168,7 +2312,7 @@
 >>5	ubyte	    	x		\b.%u, little-endian
 >>0	use		\^apt-cache-be
 #------------------------------------------------------------------------------
-# $File: archive,v 1.117 2018/03/17 02:11:04 christos Exp $
+# $File: archive,v 1.129 2019/05/09 18:58:02 christos Exp $
 # archive:  file(1) magic for archive formats (see also "msdos" for self-
 #           extracting compressed archives)
 #
@@ -2180,6 +2324,7 @@
 # Reference: https://www.freebsd.org/cgi/man.cgi?query=tar&sektion=5&manpath=FreeBSD+8-current
 # header mainly padded with nul bytes
 500	quad		0		
+!:strength /2
 # filename or extended attribute printable strings in range space null til umlaut ue
 >0	ubeshort	>0x1F00		
 >>0	ubeshort	<0xFCFD
@@ -2316,7 +2461,7 @@
 >>>257	string		>\0		\b, comment: %-.40s
 
 # Incremental snapshot gnu-tar format from:
-# http://www.gnu.org/software/tar/manual/html_node/Snapshot-Files.html
+# https://www.gnu.org/software/tar/manual/html_node/Snapshot-Files.html
 0	string		GNU\ tar-	GNU tar incremental snapshot data
 >&0	regex		[0-9]\.[0-9]+-[0-9]+	version %s
 
@@ -2394,21 +2539,48 @@
 # a portable archive whose first member has a name beginning with
 # "debian".
 #
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Deb_(file_format)
 0	string		=!<arch>\ndebian
->8	string		debian-split	part of multipart Debian package
+# https://manpages.debian.org/testing/dpkg/dpkg-split.1.en.html
+>14	string		-split	part of multipart Debian package
 !:mime	application/vnd.debian.binary-package
->8	string		debian-binary	Debian binary package
+# udeb is used for stripped down deb file
+!:ext	deb/udeb
+>14	string		-binary	Debian binary package
 !:mime	application/vnd.debian.binary-package
->8	string		!debian
+!:ext	deb/udeb
+# This should not happen
+>14	default		x	Unknown Debian package
+# NL terminated version; for most Debian cases this is 2.0 or 2.1 for splitted
 >68	string		>\0		(format %s)
-# These next two lines do not work, because a bzip2 Debian archive
-# still uses gzip for the control.tar (first in the archive).  Only
-# data.tar varies, and the location of its filename varies too.
-# file/libmagic does not current have support for ascii-string based
-# (offsets) as of 2005-09-15.
-#>81	string		bz2		\b, uses bzip2 compression
-#>84	string		gz		\b, uses gzip compression
-#>136	ledate		x		created: %s
+#>68	string		!2.0\n
+#>>68	string		x		(format %.3s)
+>68	string		=2.0\n
+# 2nd archive name=control archive name like control.tar.gz or control.tar.xz
+>>72	string		>\0		\b, with %.14s
+# look for 3rd archive name=data archive name like data.tar.{gz,xz,bz2,lzma}
+>>0	search/0x93e4f	data.tar.	\b, data compression
+# the above line only works if FILE_BYTES_MAX in ../../src/file.h is raised
+# for example like libreoffice-dev-doc_1%3a5.2.7-1+rpi1+deb9u3_all.deb
+>>>&0	string		x		%.4s
+# splitted debian package case
+>68	string		=2.1\n
+# dpkg-1.18.25/dpkg-split/info.c
+# NL terminated ASCII package name like ckermit
+>>&0	string		x		\b, %s
+# NL terminated package version like 302-5.3
+>>>&1	string		x		%s
+# NL terminated MD5 checksum
+>>>>&1	string		x		\b, MD5 %s
+# NL terminated original package length
+>>>>>&1	string		x		\b, unsplitted size %s
+# NL terminated part length
+>>>>>>&1	string	x		\b, part lenght %s
+# NL terminated package part like n/m
+>>>>>>>&1	string	x		\b, part %s
+# NL terminated package architecture like armhf since dpkg 1.16.1 or later
+>>>>>>>>&1	string	x		\b, %s
 
 #
 # MIPS archive; they're in the portable archive format, and need to go
@@ -2425,15 +2597,35 @@
 >19	string	B			and an EB hash table
 >22	string	X			-- out of date
 
-0	search/1	-h-		Software Tools format archive text
-
 #
 # BSD/SVR2-and-later portable archive formats.
 #
-0	string		=!<arch>		current ar archive
+# Update: Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/AR
+# Reference:	https://www.unix.com/man-page/opensolaris/3HEAD/ar.h/
+# Note:		Mach-O universal binary in ./cafebabe is dependent
+# TODO:		unify current ar archive, MIPS archive, Debian package
+#		distinguish BSD, SVR; 32, 64 bit; HP from other 32-bit SVR;
+#		*.ar packages from *.a libraries. handle empty archive
+0	string		=!<arch>\n		current ar archive
+# print first and possibly second ar_name[16] for debugging purpose
+#>8			string	x	\b, 1st "%.16s"
+#>68			string	x	\b, 2nd "%.16s"
 !:mime	application/x-archive
+# a in most case for libraries; lib for Microsoft libraries; ar else cases
+!:ext	a/lib/ar
 >8	string		__.SYMDEF	random library
+# first member with long marked name __.SYMDEF SORTED implies BSD library
 >68	string		__.SYMDEF\ SORTED	random library
+# Reference: https://parisc.wiki.kernel.org/images-parisc/b/b2/Rad_11_0_32.pdf
+# "archive file" entry moved from ./hp
+# LST header system_id 0210h~PA-RISC 1.1,... identifies the target architecture
+# LST header a_magic 0619h~relocatable library
+>68	belong 		0x020b0619	- PA-RISC1.0 relocatable library
+>68	belong	 	0x02100619	- PA-RISC1.1 relocatable library
+>68	belong 		0x02110619	- PA-RISC1.2 relocatable library
+>68	belong 		0x02140619	- PA-RISC2.0 relocatable library
+#EOF for common ar archives
 
 #
 # "Thin" archive, as can be produced by GNU ar.
@@ -2443,6 +2635,8 @@
 >68	belong		1		%d symbol entry
 >68	belong		>1		%d symbol entries
 
+0	search/1	-h-		Software Tools format archive text
+
 # ARC archiver, from Daniel Quinlan (quinlan@yggdrasil.com)
 #
 # The first byte is the magic (0x1a), byte 2 is the compression type for
@@ -2967,7 +3161,7 @@
 # LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu)
 # Update: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/LHA_(file_format)
-# Reference: http://web.archive.org/web/20021005080911/http://www.osirusoft.com/joejared/lzhformat.html
+# Reference: https://web.archive.org/web/20021005080911/http://www.osirusoft.com/joejared/lzhformat.html
 #
 #	check and display information of lharc (LHa,PMarc) file
 0	name				lharc-file
@@ -3167,7 +3361,7 @@
 !:ext	rar
 
 # Very old RAR archive
-# http://jasonblanks.com/wp-includes/images/papers/KnowyourarchiveRAR.pdf
+# https://jasonblanks.com/wp-includes/images/papers/KnowyourarchiveRAR.pdf
 0	string		RE\x7e\x5e  RAR archive data (<v1.5)
 !:mime	application/x-rar
 !:ext	rar/cbr
@@ -3188,7 +3382,9 @@
 0	string		PK\005\006	Zip archive data (empty)
 !:mime application/zip
 !:ext zip/cbz
+!:strength +1
 0	string		PK\003\004
+!:strength +1
 
 # Specialised zip formats which start with a member named 'mimetype'
 # (stored uncompressed, with no 'extra field') containing the file's MIME type.
@@ -3231,7 +3427,7 @@
 >>>62	string	base			Database file
 
 #   OpenDocument formats (for OpenOffice 2.x / StarOffice >= 8)
-#    http://lists.oasis-open.org/archives/office/200505/msg00006.html
+#    https://lists.oasis-open.org/archives/office/200505/msg00006.html
 #    (mimetype contains "application/vnd.oasis.opendocument.<SUBTYPE>")
 >>50	string	vnd.oasis.opendocument.	OpenDocument
 >>>73	string	text
@@ -3280,7 +3476,7 @@
 !:mime	application/vnd.oasis.opendocument.image-template
 
 #  EPUB (OEBPS) books using OCF (OEBPS Container Format)
-#    http://www.idpf.org/ocf/ocf1.0/download/ocf10.htm, section 4.
+#    https://www.idpf.org/ocf/ocf1.0/download/ocf10.htm, section 4.
 #    From: Ralf Brown <ralf.brown@gmail.com>
 >>50	string	epub+zip	EPUB document
 !:mime application/epub+zip
@@ -3474,6 +3670,16 @@
 >5	byte	x		\b.%d
 >6	belong	x		(%d bytes)
 
+# From:		Joerg Jenderek
+# URL:		https://help.foxitsoftware.com/kb/install-fzip-file.php
+# reference:	http://mark0.net/download/triddefs_xml.7z/
+#		defs/f/fzip.trid.xml
+# Note: unknown compression; No "PK" zip magic; normally in directory like
+#	"%APPDATA%\Foxit Software\Addon\Foxit Reader\Install"
+0	ubequad	0x2506781901010000	Foxit add-on/update
+!:mime	application/x-fzip
+!:ext	fzip
+
 # From: "Robert Dale" <robdale@gmail.com>
 0	belong	123		dar archive,
 >4	belong	x		label "%.8x
@@ -3484,7 +3690,7 @@
 >14	beshort	0x4e53		multi-part, with -S
 
 # Symbian installation files
-#  http://www.thouky.co.uk/software/psifs/sis.html
+#  https://www.thouky.co.uk/software/psifs/sis.html
 #  http://developer.symbian.com/main/downloads/papers/SymbianOSv91/softwareinstallsis.pdf
 8	lelong	0x10000419	Symbian installation file
 !:mime	application/vnd.symbian.install
@@ -3502,24 +3708,74 @@
 >10	string x		with compression level %.1s
 
 # xar (eXtensible ARchiver) archive
-# xar archive format: http://code.google.com/p/xar/
+# URL: https://en.wikipedia.org/wiki/Xar_(archiver)
+# xar archive format: https://code.google.com/p/xar/
 # From: "David Remahl" <dremahl@apple.com>
+# Update: Joerg Jenderek
+# TODO: lzma compression; X509Data for pkg and xip
+# Note: verified by `xar --dump-header -f FullBundleUpdate.xar` or
+# 7z t -txar Xcode_10.2_beta_4.xip`
 0	string	xar!		xar archive
 !:mime	application/x-xar
-#>4	beshort	x		header size %d
->6	beshort	x		version %d,
-#>8	quad	x		compressed TOC: %d,
-#>16	quad	x		uncompressed TOC: %d,
+# pkg for Mac OSX installer package like FullBundleUpdate.pkg
+# xip for signed Apple software like Xcode_10.2_beta_4.xip
+!:ext	xar/pkg/xip
+# always 28 in older archives
+>4	ubeshort >28		\b, header size %u
+# currently there exit only version 1 since about 2014
+>6	ubeshort >1		version %u,
+>8	ubequad	x		compressed TOC: %llu,
+#>16	ubequad	x		uncompressed TOC: %llu,
+# cksum_alg 0-2 in older and also 3-4 in newer
 >24	belong	0		no checksum
 >24	belong	1		SHA-1 checksum
 >24	belong	2		MD5 checksum
+>24	belong	3		SHA-256 checksum
+>24	belong	4		SHA-512 checksum
+>24	belong	>4		unknown 0x%x checksum
+#>24	belong	>4		checksum
+#			For no compression jump 0 bytes
+>24	belong	0
+>>0		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+#>>>>&(8.Q)	ubequad	x	\b, heap data 0x%llx
+>>>>&(8.Q)	ubyte	x
+# look for data by ./compress after message with 1 space at end
+>>>>>&-3	indirect x	\b, contains 
+#			For SHA-1 jump 20 minus 2 bytes
+>24	belong	1
+>>18		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+# data compressed by gzip, bzip, lzma or none
+>>>>>&-1	indirect x	\b, contains 
+#			For SHA-256 jump 32 minus 2 bytes
+>24	belong	3
+>>30		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+>>>>>&-1	indirect x	\b, contains 
+#			For SHA-512 jump 64 minus 2 bytes
+>24	belong	4
+>>62		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+>>>>>&-1	indirect x	\b, contains 
 
 # Type: Parity Archive
 # From: Daniel van Eeden <daniel_e@dds.nl>
 0	string	PAR2		Parity Archive Volume Set
 
 # Bacula volume format. (Volumes always start with a block header.)
-# URL: http://bacula.org/3.0.x-manuals/en/developers/developers/Block_Header.html
+# URL: https://bacula.org/3.0.x-manuals/en/developers/developers/Block_Header.html
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 12	string	BB02		Bacula volume
 >20	bedate	x		\b, started %s
@@ -3534,11 +3790,11 @@
 0	string	zPQ	ZPAQ stream
 >3	byte	x	\b, level %d
 # From: Barry Carter <carter.barry@gmail.com>
-# http://encode.ru/threads/456-zpaq-updates/page32
+# https://encode.ru/threads/456-zpaq-updates/page32
 0	string	7kSt	ZPAQ file
 
 # BBeB ebook, unencrypted (LRF format)
-# URL: http://www.sven.de/librie/Librie/LrfFormat
+# URL: https://www.sven.de/librie/Librie/LrfFormat
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string	L\0R\0F\0\0\0	BBeB ebook data, unencrypted
 >8	beshort	x		\b, version %d
@@ -3548,8 +3804,8 @@
 >44	beshort	x		%d)
 
 # Symantec GHOST image by Joerg Jenderek at May 2014
-# http://us.norton.com/ghost/
-# http://www.garykessler.net/library/file_sigs.html
+# https://us.norton.com/ghost/
+# https://www.garykessler.net/library/file_sigs.html
 0		ubelong&0xFFFFf7f0	0xFEEF0100	Norton GHost image
 # *.GHO
 >2		ubyte&0x08		0x00		\b, first file
@@ -3595,6 +3851,58 @@
 
 # LyNX archive
 56	string	USE\040LYNX\040TO\040DISSOLVE\040THIS\040FILE	 LyNX archive
+
+# From: Joerg Jenderek
+# URL: https://www.acronis.com/
+# Reference: https://en.wikipedia.org/wiki/TIB_(file_format)
+# Note: only tested with True Image 2013 Build 5962 and 2019 Build 14110
+0	ubequad		0xce24b9a220000000	Acronis True Image backup
+!:mime	application/x-acronis-tib
+!:ext	tib
+# 01000000
+#>20	ubelong		x			\b, at 20 0x%x
+# 20000000
+#>28	ubelong		x			\b, at 28 0x%x
+# strings like "Generic- SD/MMC 1.00" "Unknown Disk" "Msft Virtual Disk 1.0"
+# ???
+# strings like "\Device\0000011e" "\Device\0000015a"
+#>0	search/0x6852300/cs	\\Device\\
+#>>&-1	pstring		x			\b, %s
+# "\Device\HarddiskVolume30" "\Device\HarddiskVolume39"
+#>>>&1	search/180/cs	\\Device\\
+#>>>>&-1	pstring		x			\b, %s
+#>>>>>&0	search/29/cs	\0\0\xc8\0
+# disk label
+#>>>>>>&10	lestring16	x		\b, disk label %11.11s
+#>>>>>>&9	plestring16	x		\b, disk label "%11.11s"
+#>>>>>>&10	ubequad	x			%16.16llx
+
+
+# Gentoo XPAK binary package
+# by Michal Gorny <mgorny@gentoo.org>
+# https://gitweb.gentoo.org/proj/portage.git/tree/man/xpak.5
+-4	string	STOP
+>-16	string	XPAKSTOP	Gentoo binary package (XPAK)
+
+# From:		Joerg Jenderek
+# URL:		https://kodi.wiki/view/TexturePacker
+# Reference:	https://mirrors.kodi.tv/releases/source/17.3-Krypton.tar.gz
+# /xbmc-Krypton/xbmc/guilib/XBTF.h
+# /xbmc-Krypton/xbmc/guilib/XBTF.cpp 
+0	string	XBTF
+# skip ASCII text by looking for terminating \0 of path
+>264	ubyte	0		XBMC texture package
+!:mime	application/x-xbmc-xbt
+!:ext	xbt
+# XBTF_VERSION 2
+>>4	string	!2		\b, version %-.1s
+# nofFiles /xbmc-Krypton/xbmc/guilib/XBTFReader.cpp
+>>5	ulelong	x		\b, %u file
+# plural s
+>>5	ulelong	>1		\bs
+# path[CXBTFFile[MaximumPathLength=256]
+>>9	string	x		\b, 1st %s
+
 #------------------------------------------------------------------------------
 # $File: assembler,v 1.6 2013/12/11 14:14:20 christos Exp $
 # make:  file(1) magic for assembler source
@@ -3674,7 +3982,7 @@
 >364	string		>\0		of '%s'
 
 #------------------------------------------------------------------------------
-# $File: audio,v 1.86 2018/03/11 00:53:11 christos Exp $
+# $File: audio,v 1.111 2019/05/08 18:02:45 christos Exp $
 # audio:  file(1) magic for sound formats (see also "iff")
 #
 # Jan Nicolai Langfeldt (janl@ifi.uio.no), Dan Quinlan (quinlan@yggdrasil.com),
@@ -4067,9 +4375,15 @@
 0	string		MED		MED_Song
 0	string		SymM		Symphonie SymMOD music file
 #
+# Track Length (TRL), Tracks (TRK), Samples (SMP), Subsongs (SS)
+# http://lclevy.free.fr/exotica/ahx/ahxformat.txt
 0	string		THX		AHX version
 >3	byte		=0		1 module data
 >3	byte		=1		2 module data
+>10	byte		x		TRL: %u
+>11	byte		x		TRK: %u
+>12	byte		x		SMP: %u
+>13	byte		x		SS: %u
 #
 0	string		OKTASONG	Oktalyzer module data
 #
@@ -4209,6 +4523,18 @@
 
 # adlib sound files
 # From: Alex Myczko <alex@aiei.ch>
+
+# https://github.com/rerrahkr/BambooTracker
+0	string		BambooTrackerMod	BambooTracker module
+>22	byte	x	\b, version %u
+>21	byte	x	\b.%u
+>20	byte	x	\b.%u
+
+0	string		BambooTrackerIst	BambooTracker instrument
+>22	byte	x	\b, version %u
+>21	byte	x	\b.%u
+>20	byte	x	\b.%u
+
 0    	string		RAWADATA	RdosPlay RAW
 
 1068	string		RoR		AMUSIC Adlib Tracker
@@ -4224,6 +4550,14 @@
 
 0	string		ofTAZ!		eXtra Simple Music
 
+0	string		FMK!		FM Kingtracker Song
+
+0	string		DFM		DFM Song
+
+0	string		\<CUD-FM-File\>	CFF Song
+
+0	string		_A2module	A2M Song
+
 # Spectrum 128 tunes (.ay files).
 # From: Emanuel Haupt <ehaupt@critical.ch>
 0	string		ZXAYEMUL	Spectrum 128 tune
@@ -4305,7 +4639,7 @@
 
 # IMY
 # from http://filext.com/detaillist.php?extdetail=IMY
-# http://cellphones.about.com/od/cellularfaqs/f/rf_imelody.htm
+# https://cellphones.about.com/od/cellularfaqs/f/rf_imelody.htm
 # http://download.ncl.ie/doc/api/ie/ncl/media/music/IMelody.html
 # http://www.wx800.com/msg/download/irda/iMelody.pdf
 0	string	BEGIN:IMELODY	iMelody Ringtone Format
@@ -4321,6 +4655,8 @@
 # URL:  http://filext.com/detaillist.php?extdetail=AMR
 # From: Russell Coker <russell@coker.com.au>
 0	string	#!AMR		Adaptive Multi-Rate Codec (GSM telephony)
+!:mime	audio/amr
+!:ext  amr
 
 # Type: SuperCollider 3 Synth Definition File Format
 # From: Mario Lang <mlang@debian.org>
@@ -4328,12 +4664,12 @@
 >4	belong	x	version %d
 
 # Type: True Audio Lossless Audio
-# URL:  http://wiki.multimedia.cx/index.php?title=True_Audio
+# URL:  https://wiki.multimedia.cx/index.php?title=True_Audio
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	TTA1	True Audio Lossless Audio
 
 # Type: WavPack Lossless Audio
-# URL:  http://wiki.multimedia.cx/index.php?title=WavPack
+# URL:  https://wiki.multimedia.cx/index.php?title=WavPack
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	wvpk	WavPack Lossless Audio
 
@@ -4341,6 +4677,8 @@
 # VGM music file
 0	string		Vgm\040
 >9	ubyte		>0	VGM Video Game Music dump v
+!:mime	audio/x-vgm
+!:ext	vgm
 >>9	ubyte/16	>0	\b%d
 >>9	ubyte&0x0F	x	\b%d
 >>8	ubyte/16	x	\b.%d
@@ -4387,6 +4725,54 @@
 >>>>0x78 ubyte		0x03	AY-3-8930,
 >>>>0x78 ubyte		0x10	YM2149,
 >>>>0x78 ubyte		0x11	YM3439,
+# VGM 1.61
+>>0x34	ulelong		>0x4C
+>>>0x80	ulelong		>0	DMG,
+>>0x34	ulelong		>0x50
+>>>0x84	lelong		>0	NES APU,
+>>>0x84	lelong		<0	NES APU with FDS,
+>>0x34	ulelong		>0x54
+>>>0x88	ulelong		>0	MultiPCM,
+>>0x34	ulelong		>0x58
+>>>0x8C	ulelong		>0	uPD7759,
+>>0x34	ulelong		>0x5C
+>>>0x90	ulelong		>0	OKIM6258,
+>>0x34	ulelong		>0x64
+>>>0x98	ulelong		>0	OKIM6295,
+>>0x34	ulelong		>0x68
+>>>0x9C	ulelong		>0	K051649,
+>>0x34	ulelong		>0x6C
+>>>0xA0	ulelong		>0	K054539,
+>>0x34	ulelong		>0x70
+>>>0xA4	ulelong		>0	HuC6280,
+>>0x34	ulelong		>0x74
+>>>0xA8	ulelong		>0	C140,
+>>0x34	ulelong		>0x78
+>>>0xAC	ulelong		>0	K053260,
+>>0x34	ulelong		>0x7C
+>>>0xB0	ulelong		>0	Pokey,
+>>0x34	ulelong		>0x80
+>>>0xB4	ulelong		>0	QSound,
+# VGM 1.71
+>>0x34	ulelong		>0x84
+>>>0xB8	ulelong		>0	SCSP,
+>>0x34	ulelong		>0x8C
+>>>0xC0	ulelong		>0	WonderSwan,
+>>0x34	ulelong		>0x90
+>>>0xC4	ulelong		>0	VSU,
+>>0x34	ulelong		>0x94
+>>>0xC8	ulelong		>0	SAA1099,
+>>0x34	ulelong		>0x98
+>>>0xCC	ulelong		>0	ES5503,
+>>0x34	ulelong		>0x9C
+>>>0xD0	lelong		>0	ES5505,
+>>>0xD0	lelong		<0	ES5506,
+>>0x34	ulelong		>0xA4
+>>>0xD8	ulelong		>0	X1-010,
+>>0x34	ulelong		>0xA8
+>>>0xDC	ulelong		>0	C352,
+>>0x34	ulelong		>0xAC
+>>>0xE0	ulelong		>0	GA20,
 
 # GVOX Encore file format
 # Since this is a proprietary file format and there is no publicly available
@@ -4401,8 +4787,8 @@
 
 # Summary:	Garmin Voice Processing Module (WAVE audios)
 # From:		Joerg Jenderek
-# URL:		http://www.garmin.com/
-# Reference:	http://turboccc.wikispaces.com/share/view/28622555
+# URL:		https://www.garmin.com/
+# Reference:	http://www.poi-factory.com/node/19580
 # NOTE:		there exist 2 other Garmin VPM formats
 0		string	AUDIMG
 # skip text files starting with string "AUDIMG"
@@ -4426,16 +4812,35 @@
 # if you select a language like german on your garmin device
 # you can only select voice modules with corresponding language byte ID like 1
 >>18		ubyte		x	\b, language ID %d
+# structure for phrases/sentences?
+# number of voice sample in the 1st phrase?
+#>>19		uleshort		x	\b, 0x%x samples
+#>>>21		uleshort		>0	\b, at 0x%4.4x
+#>>>(21.s)	ubequad			x	0x%llx
+# 2nd phrase?
+#>>23		uleshort		x	\b, 0x%x samples
+#>>>25		uleshort		>0	\b, at 0x%4.4x
+#>>>(25.s)	ubequad			x	0x%llx
 # pointer to 1st audio WAV sample
 >>16		uleshort	>0
->>>(16.s)	ulelong		>0	\b, at offset 0x%x
+>>>(16.s)	ulelong		>0	\b, at 0x%x
 # WAV length
->>>>(16.s+4)	ulelong		>0	%d Bytes
+# 1 space char after "bytes" to get phrase "bytes RIFF"
+>>>>(16.s+4)	ulelong		>0	%u bytes 
 # look for magic
 >>>>>(&-8.l)	string		RIFF
 # determine type by ./riff
->>>>>>&-4	indirect	x	\b
+>>>>>>&-4	indirect	x
 # 2 - ~ 131 WAV samples following same way
+#
+# Summary:	encrypted Garmin Voice Processing Module
+# From:		Joerg Jenderek
+# URL:		https://www.garmin.com/us/products/ontheroad/voicestudio
+# NOTE:		Encrypted variant used in voices like DrNightmare, Elfred, Yeti.
+#		There exist 2 other Garmin VPM formats
+0	ubequad		0xa141190fecc8ced6	Garmin Voice Processing Module (encrypted)
+!:mime	audio/x-vpm-garmin
+!:ext	vpm
 
 # From Martin Mueller Skarbiniks Pedersen
 0		string		GDM
@@ -4490,7 +4895,7 @@
 >>>0x31		byte&0x0F	x	\b%02d
 >>>>0x4		string		>\0	\b, title: "%s"
 
-# magic for Klystrack, http://kometbomb.github.io/klystrack/
+# magic for Klystrack, https://kometbomb.github.io/klystrack/
 # from Alex Myczko <alex@aiei.ch>
 0	string	cyd!song	Klystrack song
 >8	byte	>0		\b, version %u
@@ -4533,11 +4938,167 @@
 >0	byte	x		\b, version %u
 >1	byte	x		\b.%u
 
+# CRI ADX ADPCM audio
+# Used by various Sega games.
+# https://en.wikipedia.org/wiki/ADX_(file_format)
+# https://wiki.multimedia.cx/index.php/CRI_ADX_file
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0x00		beshort		0x8000
+>(2.S-2)	string		(c)CRI		CRI ADX ADPCM audio
+!:ext adx
+!:mime audio/x-adx
+!:strength +50
+>>0x12		byte		x		v%u
+>>0x04		byte		0x02		\b, pre-set prediction coefficients
+>>0x04		byte		0x03		\b, standard ADX
+>>0x04		byte		0x04		\b, exponential scale
+>>0x04		byte		0x10		\b, AHX (Dreamcast)
+>>0x04		byte		0x11		\b, AHX
+>>0x08		belong		x		\b, %u Hz
+>>0x12		byte		0x03
+>>>0x02		beshort		>0x2B
+>>>>0x18	belong		!0		\b, looping
+>>0x12		byte		0x04
+>>>0x02		beshort		>0x37
+>>>>0x24	belong		!0		\b, looping
+>>0x13		byte&0x08	0x08		\b, encrypted
+
+# Lossless audio (.la) (http://www.lossless-audio.com/)
+0	string	LA
+>2	string	03	Lossless audio version 0.3
+>2	string	04	Lossless audio version 0.4
+
+# Sony PlayStation Audio (.xa)
+0	leshort 0x4158	Sony PlayStation Audio
+
+# Portable Sound Format
+# Used for audio rips for various consoles.
+# http://fileformats.archiveteam.org/wiki/Portable_Sound_Format
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string	PSF	Portable Sound Format
+!:mime	audio/x-psf
+>3	byte	0x01	(Sony PlayStation)
+>3	byte	0x02	(Sony PlayStation 2)
+>3	byte	0x11	(Sega Saturn)
+>3	byte	0x12	(Sega Dreamcast)
+>3	byte	0x13	(Sega Mega Drive)
+>3	byte	0x21	(Nintendo 64)
+>3	byte	0x22	(Game Boy Advance)
+>3	byte	0x23	(Super NES)
+>3	byte	0x41	(Capcom QSound)
+
+# Atari 8-bit SAP audio format
+# http://asap.sourceforge.net/sap-format.html
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		SAP\r\n	Atari 8-bit SAP audio file
+!:mime	audio/x-sap
+!:ext	sap
+>5	search/1024	NAME
+>>&1	string		x	\b: %s
+>>5	search/1024	AUTHOR
+>>>&1	string		x	by %s
+
+# Nintendo Wii BRSTM audio format (fields)
+# NOTE: Assuming HEAD starts at 0x40.
+# FIXME: Replace 0x48 with HEAD offset plus 8.
+0	name	nintendo-wii-brstm-fields
+>(0x10.L)	string	HEAD	\b:
+>>(0x10.L+0x0C)	belong	x
+>>>(&-4.L+0x48)	belong	x
+>>>>&-4		byte	0	PCM, signed 8-bit,
+>>>>&-4		byte	1	PCM, signed 16-bit,
+>>>>&-4		byte	2	THP ADPCM,
+>>>>&-3		byte	!0	looping,
+>>>>&-2		byte	1	mono
+>>>>&-2		byte	2	stereo
+>>>>&-2		byte	3	3 channels
+>>>>&-2		byte	4	quad
+>>>>&-2		byte	>4	%u channels
+>>>>&0		beshort	!0	%u Hz
+
+# Nintendo Wii BRSTM audio format
+# https://wiibrew.org/wiki/BRSTM_file
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		RSTM	Nintendo Wii BRSTM audio file
+!:mime	audio/x-brstm
+!:ext	brstm
+# Wii is big-endian, so default to BE.
+>4	beshort		0xFEFF
+>>0	use		nintendo-wii-brstm-fields
+>4	leshort		0xFEFF
+>>0	use		\^nintendo-wii-brstm-fields
+
+# Nintendo 3DS BCSTM audio format (fields)
+0	name	nintendo-3ds-bcstm-fields
+>(0x18.l)	string	INFO	\b:
+# INFO block: Stream information starts at 0x20 (minus 4 for the 'INFO' magic)
+>>&0x1C		byte	0	PCM, signed 8-bit,
+>>&0x1C		byte	1	PCM, signed 16-bit,
+>>&0x1C		byte	2	DSP ADPCM,
+>>&0x1C		byte	3	IMA ADPCM,
+>>&0x1D		byte	!0	looping,
+>>&0x1E		byte	1	mono
+>>&0x1E		byte	2	stereo
+>>&0x1E		byte	3	3 channels
+>>&0x1E		byte	4	quad
+>>&0x1E		byte	>4	%u channels
+>>&0x20		lelong	!0	%u Hz
+
+# Nintendo 3DS BCSTM audio format
+# https://www.3dbrew.org/wiki/BCSTM
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		CSTM	Nintendo 3DS BCSTM audio file
+!:mime	audio/x-bcstm
+!:ext	bcstm
+# 3DS is little-endian, so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcstm-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcstm-fields
+
+# Nintendo Wii U BFSTM audio format
+# http://mk8.tockdom.com/wiki/BFSTM_(File_Format)
+# NOTE: This format is very similar to BCSTM.
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		FSTM	Nintendo Wii U BFSTM audio file
+!:mime	audio/x-bfstm
+!:ext	bfstm
+# BFSTM is used on both Wii U (BE) and Switch (LE),
+# so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcstm-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcstm-fields
+
+# Nintendo 3DS BCSTM audio format (fields)
+0	name	nintendo-3ds-bcwav-fields
+>(0x18.l)	string	INFO	\b:
+# INFO block (minus 4 for INFO magic)
+>>&0x4		byte	0	PCM, signed 8-bit,
+>>&0x4		byte	1	PCM, signed 16-bit,
+>>&0x4		byte	2	DSP ADPCM,
+>>&0x4		byte	3	IMA ADPCM,
+>>&0x5		byte	!0	looping,
+>>&0x8		lelong	x	stereo
+>>&0x8		lelong	!0	%u Hz
+
+# Nintendo 3DS BCWAV audio format
+# https://www.3dbrew.org/wiki/BCWAV
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		CWAV	Nintendo 3DS BCWAV audio file
+!:mime	audio/x-bcwav
+!:ext	bcwav
+# 3DS is little-endian, so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcwav-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcwav-fields
+
 #----------------------------------------------------------------
-# $File: basis,v 1.4 2009/09/19 16:28:08 christos Exp $
+# $File: basis,v 1.5 2019/04/19 00:42:27 christos Exp $
 # basis: file(1) magic for BBx/Pro5-files
 #      Oliver Dammer <dammer@olida.de>	 2005/11/07
-# http://www.basis.com business-basic-files.
+# https://www.basis.com business-basic-files.
 #
 0	string		\074\074bbx\076\076	BBx
 >7	string		\000			indexed file
@@ -4559,7 +5120,7 @@
 0	string		BEETLE\000	Beetle VM object file
 
 #------------------------------------------------------------------------------
-# $File: ber,v 1.1 2016/06/05 00:21:30 christos Exp $
+# $File: ber,v 1.2 2019/04/19 00:42:27 christos Exp $
 # ber:  file(1) magic for several BER formats used in the mobile
 # telecommunications industry (Georg Sauthoff)
 
@@ -4578,7 +5139,7 @@
 #
 # TAP 3 Files
 # TAP -> Transferred Account Procedure
-# cf. http://www.gsma.com/newsroom/wp-content/uploads/TD.57-v32.31.pdf
+# cf. https://www.gsma.com/newsroom/wp-content/uploads/TD.57-v32.31.pdf
 # TransferBatch short tag
 0	byte	0x61
 # BatchControlInfo short tag
@@ -4606,7 +5167,7 @@
 >>&0	byte	x	NRT 2.%d (TD.35, Near Real Time Roaming Data Exchange)
 
 # RAP Files
-# cf. http://www.gsma.com/newsroom/wp-content/uploads/TD.32-v6.11.pdf
+# cf. https://www.gsma.com/newsroom/wp-content/uploads/TD.32-v6.11.pdf
 # Long ReturnBatch tag
 0	string	\x7f\x84\x16
 # Long RapBatchControlInfo tag
@@ -4648,7 +5209,7 @@
 !:ext   bhl
 
 #------------------------------------------------------------------------------
-# $File: bioinformatics,v 1.4 2016/06/20 16:13:46 christos Exp $
+# $File: bioinformatics,v 1.5 2019/04/19 00:42:27 christos Exp $
 # bioinfomatics:  file(1) magic for Bioinfomatics file formats
 
 ###############################################################################
@@ -4731,7 +5292,7 @@
 
 ###############################################################################
 # BCF (Binary Call Format), version 2.1
-# used by SAMtools (http://samtools.github.io/hts-specs/BCFv2_qref.pdf)
+# used by SAMtools (https://samtools.github.io/hts-specs/BCFv2_qref.pdf)
 # data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
 ###############################################################################
 0		string	   BCF\2\1    Binary Call Format (BCF) version 2.1
@@ -4744,7 +5305,7 @@
 
 ###############################################################################
 # BCF (Binary Call Format), version 2.2
-# used by SAMtools (http://samtools.github.io/hts-specs/BCFv2_qref.pdf)
+# used by SAMtools (https://samtools.github.io/hts-specs/BCFv2_qref.pdf)
 # data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
 ###############################################################################
 0		string	   BCF\2\2    Binary Call Format (BCF) version 2.2
@@ -4777,7 +5338,7 @@
 
 ###############################################################################
 # FASTA
-# used by FASTA (http://fasta.bioch.virginia.edu/fasta_www2/fasta_guide.pdf)
+# used by FASTA (https://fasta.bioch.virginia.edu/fasta_www2/fasta_guide.pdf)
 ###############################################################################
 #0	byte	0x3e
 # q>0	regex	=^[>][!-~\t\ ]+$
@@ -4825,6 +5386,160 @@
 >>>>>>>>>>>0	regex	=^[@]HD\t.*VN:		\b, with header
 >>>>>>>>>>>>&0	regex	=[0-9.]+		\b version %s
 
+##############################################################################
+#
+#    Magic ids for biomedical signal file formats 
+#    Copyright (C) 2018 Alois Schloegl <alois.schloegl@gmail.com>
+#
+#    The list has been derived from biosig projects
+#      http://biosig.sourceforge.net
+#      https://pub.ist.ac.at/~schloegl/matlab/eeg/
+#      https://pub.ist.ac.at/~schloegl/biosig/TESTED
+#
+##############################################################################
+#
+0	string  ABF\x20					Biosig/Axon Binary format
+!:mime biosig/abf2
+0	string  ABF2\0\0				Biosig/Axon Binary format
+!:mime biosig/abf2
+#
+0	string  ATES\x20MEDICA\x20SOFT.\x20EEG\x20for\x20Windows	Biosig/ATES MEDICA SOFT. EEG for Windows
+!:mime biosig/ates
+#
+0	string  ATF\x09					Biosig/Axon Text fomrat
+!:mime biosig/atf
+#
+0	string  ADU1					Biosig/Axona file format
+!:mime biosig/axona
+0	string  ADU2					Biosig/Axona file format
+!:mime biosig/axona
+#
+0	string  ALPHA-TRACE-MEDICAL			Biosig/alpha trace 
+!:mime biosig/alpha
+#
+0       string  AxGr					Biosig/AXG
+0       string  axgx					Biosig/AXG
+!:mime biosig/axg
+#
+0	string  HeaderLen=				Biosig/BCI2000
+0	string  BCI2000V				Biosig/BCI2000
+!:mime biosig/bci2000
+#
+### Specification: https://www.biosemi.com/faq/file_format.htm
+0	string  \xffBIOSEMI				Biosig/Biosemi data format
+!:mime biosig/bdf
+#
+0	string  Brain\x20Vision\x20Data\x20Exchange\x20Header\x20File			Biosig/Brainvision data file
+0	string  Brain\x20Vision\x20V-Amp\x20Data\x20Header\x20File\x20Version		Biosig/Brainvision V-Amp file
+0	string  Brain\x20Vision\x20Data\x20Exchange\x20Marker\x20File,\x20Version	Biosig/Brainvision Marker file
+!:mime biosig/brainvision
+#
+0	string  CEDFILE					Biosig/CFS: Cambridge Electronic devices File format 
+!:mime biosig/ced
+#
+### Specification: https://www.edfplus.info/specs/index.html
+0	string	0\x20\x20\x20\x20\x20\x20\x20		Biosig/EDF: European Data format
+!:mime biosig/edf
+#
+### Specifications: https://arxiv.org/abs/cs/0608052
+0	string  GDF					Biosig/GDF: General data format for biosignals
+!:mime biosig/gdf
+#
+0	string  DATA\0\0\0\0				Biosig/Heka Patchmaster
+0	string  DAT1\0\0\0\0				Biosig/Heka Patchmaster
+0	string  DAT2\0\0\0\0				Biosig/Heka Patchmaster
+!:mime biosig/heka
+#
+0	string  (C)\x20CED\x2087			Biosig/CED SMR 
+!:mime biosig/ced-smr
+#
+0	string  CFWB\1\0\0\0				Biosig/CFWB
+!:mime biosig/cfwb
+#
+0	string  DEMG					Biosig/DEMG
+!:mime biosig/demg
+#
+0	string  EBS\x94\x0a\x13\x1a\x0d			Biosig/EBS
+!:mime biosig/ebs
+#
+0	string  Embla\x20data\x20file			Biosig/Embla
+!:mime biosig/embla
+#
+0	string  Header\r\nFile Version			Biosig/ETG4000
+!:mime biosig/etg4000
+#
+0	string  GALILEO\x20EEG\x20TRACE\x20FILE		Biosig/Galileo 
+!:mime biosig/galileo
+#
+0	string  IGOR					Biosig/IgorPro ITX file
+!:mime biosig/igorpro
+#
+#	Specification: http://www.ampsmedical.com/uploads/2017-12-7/The_ISHNE_Format.pdf
+0	string  ISHNE1.0				Biosig/ISHNE
+!:mime biosig/ishne
+#
+# 	CEN/ISO 11073/22077 series, http://www.mfer.org/en/document.htm
+0	string  @\x20\x20MFER\x20			Biosig/MFER
+0	string  @\x20MFR\x20				Biosig/MFER
+!:mime biosig/mfer
+#
+0	string  NEURALEV				Biosig/NEV
+0	string  N.EV.\0					Biosig/NEV
+!:mime biosig/nev
+#
+0	string  NEX1					Biosig/NEX
+!:mime biosig/nex1
+#
+0	string  PLEX 					Biosig/Plexon v1.0
+10	string  PLEXON 					Biosig/Plexon v2.0
+!:mime biosig/plexon
+#
+0	string  \x02\x27\x91\xC6			Biosig/RHD2000: Intan RHD2000 format
+#
+#	Specification: CEN 1064:2005/ISO 11073:91064
+16	string  SCPECG\0\0 				Biosig/SCP-ECG format CEN 1064:2005/ISO 11073:91064
+!:mime biosig/scpecg
+#
+0	string  IAvSFo									Biosig/SIGIF
+!:mime biosig/sigif
+#
+0	string  POLY\x20SAMPLE\x20FILEversion\x20					Biosig/TMS32
+!:mime biosig/tms32
+#
+0	string  FileId=TMSi\x20PortiLab\x20sample\x20log\x20file\x0a\x0dVersion=	Biosig/TMSiLOG
+!:mime biosig/tmsilog
+#
+4	string	Synergy\0\48\49\50\46\48\48\51\46\48\48\48\46\48\48\48\0\28\0\0\0\2\0\0\0
+>63	string	CRawDataElement
+>>85	string	CRawDataBuffer								Biosig/SYNERGY
+!:mime biosig/synergy
+#
+4	string	\40\0\4\1\44\1\102\2\146\3\44\0\190\3					Biosig/UNIPRO
+!:mime biosig/unipro
+#
+0	string	VER=9\r\nCTIME=								Biosig/WCP
+!:mime biosig/wcp
+#
+0	string	\xAF\xFE\xDA\xDA							Biosig/Walter Graphtek
+0	string	\xDA\xDA\xFE\xAF							Biosig/Walter Graphtek
+0	string	\x55\x55\xFE\xAF							Biosig/Walter Graphtek
+!:mime biosig/walter-graphtek
+#
+0	string  V3.0\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
+>32	string  [PatInfo]								Biosig/Sigma
+!:mime biosig/sigma
+#
+0	string  \067\069\078\013\010\0x1a\04\0x84					Biosig/File exchange format (FEF)
+!:mime biosig/fef
+0	string  \67\69\78\0x13\0x10\0x1a\4\0x84						Biosig/File exchange format (FEF)
+!:mime biosig/fef
+#
+0	string  \0\0\0\x64\0\0\0\x1f\0\0\0\x14\0\0\0\0\0\1
+>36  	string  \0\0\0\x65\0\0\0\3\0\0\0\4\0\0
+>>56	string  \0\0\0\x6a\0\0\0\3\0\0\0\4\0\0\0\0\xff\xff\xff\xff\0\0			Biosig/FIFF
+!:mime biosig/fiff
+#
+
 #------------------------------------------------------------------------------
 # $File: blackberry,v 1.2 2017/03/17 21:35:28 christos Exp $
 # blackberry:  file(1) magic for BlackBerry file formats
@@ -4833,7 +5548,7 @@
 >8	belong  010010010	BlackBerry RIM ETP file
 >>22	string	x		\b for %s
 # Berkeley Lab Checkpoint Restart (BLCR) checkpoint context files
-# http://ftg.lbl.gov/checkpoint
+# https://ftg.lbl.gov/checkpoint
 0	string	C\0\0\0R\0\0\0	BLCR
 >16	lelong	1	x86
 >16	lelong	3	alpha
@@ -4859,11 +5574,11 @@
 #>>&3	byte	x	\b%d
 
 #------------------------------------------------------------------------------
-# $File: blender,v 1.7 2017/03/17 21:35:28 christos Exp $
+# $File: blender,v 1.8 2019/04/19 00:42:27 christos Exp $
 # blender: file(1) magic for Blender 3D related files
 #
 # Native format rule v1.2. For questions use the developers list
-# http://lists.blender.org/mailman/listinfo/bf-committers
+# https://lists.blender.org/mailman/listinfo/bf-committers
 # GLOB chunk was moved near start and provides subversion info since 2.42
 
 0		string	=BLENDER	Blender3D,
@@ -4983,7 +5698,7 @@
 >12	belong		1004			HCI Serial (H5)
 >>12	belong		x			type %d
 #------------------------------------------------------------------------------
-# $File: c-lang,v 1.26 2017/08/14 07:40:38 christos Exp $
+# $File: c-lang,v 1.27 2019/02/27 16:46:23 christos Exp $
 # c-lang:  file(1) magic for C and related languages programs
 #
 # The strength is to beat standard HTML
@@ -4996,31 +5711,41 @@
 
 # C
 # Check for class if include is found, otherwise class is beaten by include becouse of lowered strength
-0	regex	\^#include			C
->0	regex	\^class[[:space:]]+
->>&0	regex 	\\{[\.\*]\\}(;)?$			\b++
->&0	clear	x				source text
+0	search/8192	#include
+>0	regex	\^#include			C
+>>0	regex	\^class[[:space:]]+
+>>>&0	regex 	\\{[\.\*]\\}(;)?$			\b++
+>>&0	clear	x				source text
 !:strength + 13
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*pragma	C source text
+0	search/8192	pragma
+>0	regex	\^#[[:space:]]*pragma	C source text
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*(if\|ifn)def
->&0	regex	\^#[[:space:]]*endif$	C source text
+0	search/8192	endif
+>0	regex	\^#[[:space:]]*(if\|ifn)def
+>>&0	regex	\^#[[:space:]]*endif$	C source text
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*(if\|ifn)def
->&0	regex	\^#[[:space:]]*define	C source text
+0	search/8192	define
+>0	regex	\^#[[:space:]]*(if\|ifn)def
+>>&0	regex	\^#[[:space:]]*define	C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*char(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	char
+>0	regex	\^[[:space:]]*char(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*double(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	double
+>0	regex	\^[[:space:]]*double(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*extern[[:space:]]+		C source text
+0	search/8192	extern
+>0	regex	\^[[:space:]]*extern[[:space:]]+		C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*float(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	float
+>0	regex	\^[[:space:]]*float(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^struct[[:space:]]+		C source text
+0	search/8192	struct
+>0	regex	\^struct[[:space:]]+		C source text
 !:mime	text/x-c
-0	regex	\^union[[:space:]]+		C source text
+0	search/8192	union
+>0	regex	\^union[[:space:]]+		C source text
 !:mime	text/x-c
 0	search/8192	main(
 >&0 regex	\\)[[:space:]]*\\{		C source text
@@ -5028,35 +5753,44 @@
 
 # C++
 # The strength of these rules is increased so they beat the C rules above
-0	regex	\^namespace[[:space:]]+[_[:alpha:]]{1,30}[[:space:]]*\\{	C++ source text
+0	search/8192	namespace
+>0	regex	\^namespace[[:space:]]+[_[:alpha:]]{1,30}[[:space:]]*\\{	C++ source text
 !:strength + 30
 !:mime	text/x-c++
 # using namespace [namespace] or using std::[lib]
-0	regex	\^using[[:space:]]+(namespace\ )?std(::)?[[:alpha:]]*[[:space:]]*;		C++ source text
+0	search/8192	using
+>0	regex	\^using[[:space:]]+(namespace\ )?std(::)?[[:alpha:]]*[[:space:]]*;		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*template[[:space:]]*<.*>[[:space:]]*$	C++ source text
+0	search/8192	template
+>0	regex	\^[[:space:]]*template[[:space:]]*<.*>[[:space:]]*$	C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*virtual[[:space:]]+.*[};][[:space:]]*$		C++ source text
+0	search/8192	virtual
+>0	regex	\^[[:space:]]*virtual[[:space:]]+.*[};][[:space:]]*$		C++ source text
 !:strength + 30
 !:mime	text/x-c++
 # But class alone is reduced to avoid beating php (Jens Schleusener)
-0	regex	\^[[:space:]]*class[[:space:]]+[[:digit:][:alpha:]:_]+[[:space:]]*\\{(.*[\n]*)*\\}(;)?$		C++ source text
+0	search/8192	class
+>0	regex	\^[[:space:]]*class[[:space:]]+[[:digit:][:alpha:]:_]+[[:space:]]*\\{(.*[\n]*)*\\}(;)?$		C++ source text
 !:strength + 13
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*public:		C++ source text
+0	search/8192	public
+>0	regex	\^[[:space:]]*public:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*private:		C++ source text
+0	search/8192	private
+>0	regex	\^[[:space:]]*private:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*protected:		C++ source text
+0	search/8192	protected
+>0	regex	\^[[:space:]]*protected:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
 
 # Objective-C
-0	regex	\^#import			Objective-C source text
+0	search/8192	#import
+>0	regex	\^#import			Objective-C source text
 !:strength + 25
 !:mime	text/x-objective-c
 
@@ -5130,7 +5864,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: cad,v 1.15 2017/06/24 15:24:56 christos Exp $
+# $File: cad,v 1.19 2019/04/19 00:42:27 christos Exp $
 # autocad:  file(1) magic for cad files
 #
 
@@ -5141,12 +5875,12 @@
 # raster underlays to Microstation DGN (vector) drawings.
 #
 # http://www.wotsit.org/search.asp
-# http://filext.com/detaillist.php?extdetail=DGN
-# http://filext.com/detaillist.php?extdetail=CIT
+# https://filext.com/detaillist.php?extdetail=DGN
+# https://filext.com/detaillist.php?extdetail=CIT
 #
-# http://www.bentley.com/products/default.cfm?objectid=97F351F5-9C35-4E5E-89C2
+# https://www.bentley.com/products/default.cfm?objectid=97F351F5-9C35-4E5E-89C2
 # 3F86C928&method=display&p_objectid=97F351F5-9C35-4E5E-89C280A93F86C928
-# http://www.bentley.com/products/default.cfm?objectid=A5C2FD43-3AC9-4C71-B682
+# https://www.bentley.com/products/default.cfm?objectid=A5C2FD43-3AC9-4C71-B682
 # 721C479F&method=display&p_objectid=A5C2FD43-3AC9-4C71-B682C7BE721C479F
 0	string	\010\011\376			Microstation
 >3	string	\002
@@ -5173,8 +5907,8 @@
 >4	string	\030\000\003			CITFile
 
 # AutoCAD
-# Merge of the different contributions and updates from http://en.wikipedia.org/wiki/Dwg
-# and http://www.iana.org/assignments/media-types/image/vnd.dwg
+# Merge of the different contributions and updates from https://en.wikipedia.org/wiki/Dwg
+# and https://www.iana.org/assignments/media-types/image/vnd.dwg
 0	string	MC0.0	DWG AutoDesk AutoCAD Release 1.0
 !:mime image/vnd.dwg
 0	string	AC1.2	DWG AutoDesk AutoCAD Release 1.2
@@ -5219,7 +5953,7 @@
 # Sergey Zaykov (mail_of_sergey@mail.ru, sergey_zaikov@rambler.ru,
 # ICQ 358572321)
 # From various sources like:
-# http://autodesk.blogs.com/between_the_lines/autocad-release-history.html
+# https://autodesk.blogs.com/between_the_lines/autocad-release-history.html
 0	string	AC1018	DWG AutoDesk AutoCAD 2004/2005/2006
 !:mime image/vnd.dwg
 0	string	AC1021	DWG AutoDesk AutoCAD 2007/2008/2009
@@ -5232,13 +5966,13 @@
 # KOMPAS 2D drawing from ASCON
 # This is KOMPAS 2D drawing or fragment of drawing but is not detailed nor
 # gathered nor specification
-# ASCON http://ascon.net/main/ in English,
-#	http://ascon.ru/ main site in Russian
+# ASCON https://ascon.net/main/ in English,
+#	https://ascon.ru/ main site in Russian
 # Extension is CDW for drawing and FRW for fragment of drawing
 # Sergey Zaykov (mail_of_sergey@mail.ru, sergey_zaikov@rambler.ru,
-# ICQ 358572321, http://vkontakte.ru/id16076543)
+# ICQ 358572321, https://vkontakte.ru/id16076543)
 # From:
-# http://sd.ascon.ru/otrs/customer.pl?Action=CustomerFAQ&CategoryID=4&ItemID=292
+# https://sd.ascon.ru/otrs/customer.pl?Action=CustomerFAQ&CategoryID=4&ItemID=292
 # (in russian) and my experiments
 0	string	KF
 >2	belong	0x4E00000C	Kompas drawing 12.0 SP1
@@ -5283,15 +6017,44 @@
 >>8	lelong		0xa
 >>>16	leshort		0x3d3d	3D Studio model
 !:mime	image/x-3ds
-!:extension 3ds
+!:ext 3ds
 
 # MegaCAD 2D/3D drawing (.prt)
-# http://megacad.de/
+# https://megacad.de/
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	string	MegaCad23\0	MegaCAD 2D/3D drawing
 
+# Hoops CAD files
+# https://docs.techsoft3d.com/visualize/3df/latest/build/general/hsf/\
+# HSF_architecture.html
+# Stephane Charette <stephane.charette@gmail.com>
+0	string	;;\020HSF\020V		OpenHSF (Hoops Stream Format)
+>7	regex/9 V[.0-9]{4,5}\020	%s
+!:ext hsf
+
+# AutoCAD Drawing Exchange Format
+0	regex		\^[\ \t]*0\r?\000$
+>1	regex		\^[\ \t]*SECTION\r?$
+>>2	regex		\^[\ \t]*2\r?$
+>>>3	regex		\^[\ \t]*HEADER\r?$	AutoCAD Drawing Exchange Format
+!:mime	application/x-dxf
+!:ext	dxf
+>>>>&1	search/8192	AC1006			\b, R10
+>>>>&1	search/8192	AC1009			\b, R11/R12
+>>>>&1	search/8192	AC1012			\b, R13
+>>>>&1	search/8192	AC1014			\b, R14
+>>>>&1	search/8192	AC1015			\b, version 2000
+>>>>&1	search/8192	AC1018			\b, version 2004
+>>>>&1	search/8192	AC1021			\b, version 2007
+>>>>&1	search/8192	AC1024			\b, version 2010
+
+# The Sketchup 3D model format https://www.sketchup.com/
+0	string	\xff\xfe\xff\x0e\x53\x00\x6b\x00\x65\x00\x74\x00\x63\x00\x68\x00\x55\x00\x70\x00\x20\x00\x4d\x00\x6f\x00\x64\x00\x65\x00\x6c\x00	SketchUp Model
+!:mime application/vnd.sketchup.skp
+!:ext skp
+
 #------------------------------------------------------------------------------
-# $File: cafebabe,v 1.23 2017/05/25 20:07:23 christos Exp $
+# $File: cafebabe,v 1.24 2018/10/01 23:33:15 christos Exp $
 # Cafe Babes unite!
 #
 # Since Java bytecode and Mach-O universal binaries have the same magic number,
@@ -5349,15 +6112,15 @@
 >>4	belong		<20		Mach-O universal binary with %d architectures:
 !:mime application/x-mach-binary
 >>>8	use		mach-o		\b
->>4	belong		2
+>>4	belong		>1
 >>>28	use		mach-o		\b
->>4	belong		3
+>>4	belong		>2
 >>>48	use		mach-o		\b
->>4	belong		4
+>>4	belong		>3
 >>>68	use		mach-o		\b
->>4	belong		5
+>>4	belong		>4
 >>>88	use		mach-o		\b
->>4	belong		6
+>>4	belong		>5
 >>>108	use		mach-o		\b
 
 ### MACH-O END ###
@@ -5569,9 +6332,39 @@
 >54	byte		4		-Cscb
 4	string		pipe		CLIPPER instruction trace
 4	string		prof		CLIPPER instruction profile
+#------------------------------------------------------------------------------
+# file:  file(1) magic for Clojure
+# URL:  https://clojure.org/
+# From: Jason Felice <jason.m.felice@gmail.com>
+
+0	string/w	#!\ /usr/bin/clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/local/bin/clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/bin/clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/local/bin/clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!/usr/bin/env\ clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!/usr/bin/env\ clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!\ /usr/bin/env\ clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!\ /usr/bin/env\ clojure	Clojure script text executable
+!:mime	text/x-clojure
+
+0	regex	\^\\\(ns[[:space:]]+[a-z]	Clojure module source text
+!:mime	text/x-clojure
+
+0	regex	\^\\\(ns[[:space:]]+\\\^\\{:	Clojure module source text
+!:mime	text/x-clojure
+
+0	regex	\^\\\(defn-?[[:space:]]	Clojure module source text
+!:mime	text/x-clojure
 
 #------------------------------------------------------------------------------
-# $File: coff,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: coff,v 1.3 2018/08/01 10:34:03 christos Exp $
 # coff: file(1) magic for Common Object Files not specific to known cpu types or manufactures
 #
 # COFF
@@ -5597,6 +6390,10 @@
 >>0	uleshort	0x0550		Hitachi SH little-endian
 # executable (RISC System/6000 V3.1) or obj module (./ibm6000)
 #>>0	uleshort	0x01DF
+# MS Windows COFF Intel Itanium, AMD64
+# https://msdn.microsoft.com/en-us/library/windows/desktop/ms680313(v=vs.85).aspx
+>>0	uleshort	0x0200		Intel ia64
+>>0	uleshort	0x8664		Intel amd64
 # TODO for other COFFs
 #>>0	uleshort	0xABCD		COFF_TEMPLATE
 >>0	default		x
@@ -5648,7 +6445,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: commands,v 1.59 2017/08/14 07:40:38 christos Exp $
+# $File: commands,v 1.60 2019/04/19 00:42:27 christos Exp $
 # commands:  file(1) magic for various shells and interpreters
 #
 #0	string/w	:			shell archive or script for antique kernel text
@@ -5744,7 +6541,7 @@
 0	search/1/w	#!\ /usr/bin/php	PHP script text executable
 !:strength + 10
 !:mime	text/x-php
-# Smarty compiled template, http://www.smarty.net/
+# Smarty compiled template, https://www.smarty.net/
 # Elan Ruusamae <glen@delfi.ee>
 0	string	=<?php
 >5	regex	[\ \n]
@@ -5757,7 +6554,7 @@
 0	string/t	$!			DCL command file
 
 # Type: Pdmenu
-# URL:  http://packages.debian.org/pdmenu
+# URL:  https://packages.debian.org/pdmenu
 # From: Edward Betts <edward@debian.org>
 0	string		#!/usr/bin/pdmenu	Pdmenu configuration file text
 
@@ -5787,7 +6584,7 @@
 0	string		msc		Message Sequence Chart (chart)
 0	string		submsc		Message Sequence Chart (subchart)
 #------------------------------------------------------------------------------
-# $File: compress,v 1.72 2018/03/27 23:26:41 christos Exp $
+# $File: compress,v 1.75 2019/04/19 00:42:27 christos Exp $
 # compress:  file(1) magic for pure-compression formats (no archives)
 #
 # compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, etc.
@@ -5804,13 +6601,78 @@
 >2	byte&0x1f	x		%d bits
 
 # gzip (GNU zip, not to be confused with Info-ZIP or PKWARE zip archiver)
+# URL: https://en.wikipedia.org/wiki/Gzip
+# Reference: https://tools.ietf.org/html/rfc1952
+# Update: Joerg Jenderek, Apr 2019
 #   Edited by Chris Chittleborough <cchittleborough@yahoo.com.au>, March 2002
 #	* Original filename is only at offset 10 if "extra field" absent
 #	* Produce shorter output - notably, only report compression methods
 #         other than 8 ("deflate", the only method defined in RFC 1952).
-0       string          \037\213        gzip compressed data
-!:mime	application/x-gzip
-!:strength * 2
+# Note: find defs -iname '*.trid.xml' -exec grep -q '<Bytes>1F8B08' {} \; -ls
+# TODO:
+# FBR	Blueberry FlashBack screen Record	https://www.flashbackrecorder.com/
+# KPR	KOffice/Calligra KPresenter		application/x-kpresenter
+# KPT	KOffice/Calligra KPresenter template?	application/x-kpresenter
+# SAV	Diggles Saved Game File			http://www.innonics.com
+# SAV	FarCry (demo) saved game		http://www.farcry-thegame.com
+# DAT	ZOAGZIP game data format		http://en.wikipedia.org/wiki/SD_Gundam_Capsule_Fighter
+0       string          \037\213
+# to display gzip compressed (strength=100=2*50) before other (strength=50)?
+#!:strength * 2
+# no FNAME and FCOMMENT bit implies no file name/comment. That means only binary
+>3	byte&0x18	=0
+# For binary gzipped no ASCII text should occur
+#	mcd-monu-cad.trid.xml
+>>10	string		MCD			Monu-Cad Drawing, Component or Font
+#>>36	string		Created\ with\ MONU-CAD	
+#!:mime	application/octet-stream
+# http://fileformats.archiveteam.org/wiki/Monu-CAD
+#	http://www.monucad.com/downloads/FullDemo-2005.EXE
+#	/HANDS96.MCC	Component
+#	/DEMO_DD01.MCD	Drawing
+#	/MCALF020.FNT	Font
+!:ext	mcc/mcd/fnt
+# http://www.generalcadd.com
+>>10	string		GXD			General CADD, Drawing or Component
+#!:mime	application/octet-stream
+#	/gxc/BUILDINGEDGE.gxc			Component
+#	/gxd/HOCKETT-STPAUL-WRHSE.gxd		Drawing
+#	/gxd/POWERLAND-MILL-ADD-11.gxd		Drawing		v9.1.06
+!:ext	gxc/gxd
+#>>>13	ubyte		0			\b, version 0
+>>>13	string		09			\b, version 9
+# other gzipped binary like gzipped tar, VirtualBox extension package,...
+>>10	default		x		gzip compressed data
+>>>0	use	gzip-info
+# size of the original (uncompressed) input data modulo 2^32
+>>>-4	ulelong		x		\b, original size modulo 2^32 %u
+# gzipped TAR or VirtualBox extension package
+!:mime	application/gzip
+#!:mime	application/x-compressed-tar
+#!:mime	application/x-virtualbox-vbox-extpack
+# https://www.w3.org/TR/SVG/mimereg.html
+#!:mime	image/image/svg+xml-compressed
+#	zlib.3.gz
+#	microcode-20180312.tgz
+#	tpz same as tgz
+#	lua-md5_1.2-1_i386_i486.ipk	https://en.wikipedia.org/wiki/Opkg
+#	Oracle_VM_VirtualBox_Extension_Pack-5.0.12-104815.vbox-extpack
+!:ext	gz/tgz/tpz/ipk/vbox-extpack/svgz
+# FNAME/FCOMMENT bit implies file name/comment as iso-8859-1 text
+>3	byte&0x18	>0		gzip compressed data
+!:mime	application/gzip
+# gzipped tar, gzipped Abiword document
+#!:mime	application/x-compressed-tar
+#!:mime	application/x-abiword-compressed
+#!:mime	image/image/svg+xml-compressed
+#	kleopatra_splashscreen.svgz	gzipped .svg
+!:ext	gz/tgz/tpz/zabw/svgz
+>>0	use	gzip-info
+# size of the original (uncompressed) input data modulo 2^32
+>>-4	ulelong		x		\b, original size modulo 2^32 %u
+#	display information of gzip compressed files
+0	name				gzip-info
+#>2	byte		x		THIS iS GZIP
 >2	byte		<8		\b, reserved method
 >2	byte		>8		\b, unknown method
 >3	byte		&0x01		\b, ASCII
@@ -5837,7 +6699,9 @@
 >9	byte		=0x0B		\b, from NTFS filesystem (NT)
 >9	byte		=0x0C		\b, from QDOS
 >9	byte		=0x0D		\b, from Acorn RISCOS
->-4	lelong		x		\b, original size %d
+# size of the original (uncompressed) input data modulo 2^32
+#>-4	ulelong		x		\b, original size modulo 2^32 %u
+#ERROR: line 114: non zero offset 1048572 at level 1
 
 # packed data, Huffman (minimum redundancy) codes on a byte-by-byte basis
 0	string		\037\036	packed data
@@ -5948,7 +6812,7 @@
 >>17	byte		=0x0E		os: Win32
 
 # 4.3BSD-Quasijarus Strong Compression
-# http://minnie.tuhs.org/Quasijarus/compress.html
+# https://minnie.tuhs.org/Quasijarus/compress.html
 0	string		\037\241	Quasijarus strong compressed data
 
 # From: Cory Dikkers <cdikkers@swbell.net>
@@ -5962,7 +6826,7 @@
 >4	belong		0x090A0C0D	best compression
 
 # 7-zip archiver, from Thomas Klausner (wiz@danbala.tuwien.ac.at)
-# http://www.7-zip.org or DOC/7zFormat.txt
+# https://www.7-zip.org or DOC/7zFormat.txt
 #
 0	string		7z\274\257\047\034	7-zip archive data,
 >6	byte		x			version %d
@@ -5991,7 +6855,7 @@
 >5	byte		x			\b.%d
 !:mime	application/x-lrzip
 
-# http://fastcompression.blogspot.fi/2013/04/lz4-streaming-format-final.html
+# https://fastcompression.blogspot.fi/2013/04/lz4-streaming-format-final.html
 0	lelong		0x184d2204	LZ4 compressed data (v1.4+)
 !:mime	application/x-lz4
 # Added by osm0sis@xda-developers.com
@@ -6080,11 +6944,11 @@
 >0x8	lelong	x		\b, %u entries
 
 # Snappy framing format
-# http://code.google.com/p/snappy/source/browse/trunk/framing_format.txt
+# https://code.google.com/p/snappy/source/browse/trunk/framing_format.txt
 0	string	\377\006\0\0sNaPpY	snappy framed data
 !:mime	application/x-snappy-framed
 
-# qpress, http://www.quicklz.com/
+# qpress, https://www.quicklz.com/
 0	string	qpress10	qpress compressed data
 !:mime	application/x-qpress
 
@@ -6115,15 +6979,15 @@
 0	string	bvxn	lzfse encoded, lzvn compressed
 
 #------------------------------------------------------------------------------
-# $File: console,v 1.35 2017/11/14 15:48:36 christos Exp $
+# $File: console,v 1.45 2019/04/19 00:42:27 christos Exp $
 # Console game magic
 # Toby Deshane <hac@shoelace.digivill.net>
 
 # ines: file(1) magic for Marat's iNES Nintendo Entertainment System ROM dump format
 # Updated by David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://wiki.nesdev.com/w/index.php/INES
-# - http://wiki.nesdev.com/w/index.php/NES_2.0
+# - https://wiki.nesdev.com/w/index.php/INES
+# - https://wiki.nesdev.com/w/index.php/NES_2.0
 
 # Common header for iNES, NES 2.0, and Wii U iNES.
 0	name		nes-rom-image-ines
@@ -6162,15 +7026,17 @@
 
 # Standard iNES ROM header.
 0	string		NES\x1A		NES ROM image (iNES)
+!:mime	application/x-nes-rom
 >0	use		nes-rom-image-ines
 
 # Wii U Virtual Console iNES ROM header.
 0	belong		0x4E455300	NES ROM image (Wii U Virtual Console)
+!:mime	application/x-nes-rom
 >0	use		nes-rom-image-ines
 
 #------------------------------------------------------------------------------
 # unif: file(1) magic for UNIF-format Nintendo Entertainment System ROM images
-# Reference: http://wiki.nesdev.com/w/index.php/UNIF
+# Reference: https://wiki.nesdev.com/w/index.php/UNIF
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 # NOTE: The UNIF format uses chunks instead of a fixed header,
@@ -6178,10 +7044,11 @@
 #
 0	string	UNIF
 >4	lelong	<16	NES ROM image (UNIF v%d format)
+!:mime	application/x-nes-rom
 
 #------------------------------------------------------------------------------
 # fds: file(1) magic for Famciom Disk System disk images
-# Reference: http://wiki.nesdev.com/w/index.php/Family_Computer_Disk_System#.FDS_format
+# Reference: https://wiki.nesdev.com/w/index.php/Family_Computer_Disk_System#.FDS_format
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # TODO: Check "Disk info block" and get info from that in addition to the optional header.
 
@@ -6196,12 +7063,14 @@
 # Headered version.
 0	string	FDS\x1A
 >0x11	string	*NINTENDO-HVC*	Famicom Disk System disk image:
+!:mime	application/x-fds-disk
 >>0x10	use	nintendo-fds-disk-info-block
 >4	byte	1	(%u side)
 >4	byte	!1	(%u sides)
 
 # Unheadered version.
 1	string	*NINTENDO-HVC*	Famicom Disk System disk image:
+!:mime	application/x-fds-disk
 >0	use	nintendo-fds-disk-info-block
 
 #------------------------------------------------------------------------------
@@ -6210,6 +7079,7 @@
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0		string	TNES	NES ROM image (Nintendo 3DS Virtual Console)
+!:mime		application/x-nes-rom
 >4		byte	100	\b: FDS,
 >>0x2010	use	nintendo-fds-disk-info-block
 >4		byte	!100	\b: TNES mapper %u
@@ -6225,6 +7095,8 @@
 # Reference: http://gbdev.gg8.se/wiki/articles/The_Cartridge_Header
 #
 0x104		bequad		0xCEED6666CC0D000B	Game Boy ROM image
+# TODO: application/x-gameboy-color-rom for GBC.
+!:mime		application/x-gameboy-rom
 >0x143		byte&0x80	0x80
 >>0x134		string		>\0			\b: "%.15s"
 >0x143		byte&0x80	!0x80
@@ -6239,6 +7111,7 @@
 >>0x146		byte		!0x03
 >>>0x143	byte&0xC0	0x80	[CGB]
 >>>0x143	byte&0xC0	0xC0	[CGB ONLY]
+>0x14b		byte		!0x33
 
 # Mapper.
 >0x147 byte 0x00  [ROM ONLY]
@@ -6292,7 +7165,7 @@
 # genesis: file(1) magic for various Sega Mega Drive / Genesis ROM image and disc formats
 # Updated by David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://www.retrodev.com/segacd.html
+# - https://www.retrodev.com/segacd.html
 # - http://devster.monkeeh.com/sega/32xguide1.txt
 #
 
@@ -6314,29 +7187,37 @@
 # TODO: Check for 32X CD?
 # Sega Mega CD disc images: 2048-byte sectors.
 0	string	SEGADISCSYSTEM\ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0	use	sega-mega-drive-header
 >0	byte	x			\b, 2048-byte sectors
 0	string	SEGABOOTDISC\ \ \ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0	use	sega-mega-drive-header
 >0	byte	x			\b, 2048-byte sectors
 # Sega Mega CD disc images: 2352-byte sectors.
 0x10	string	SEGADISCSYSTEM\ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0x10	use	sega-mega-drive-header
 >0	byte	x			\b, 2352-byte sectors
 0x10	string	SEGABOOTDISC\ \ \ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0x10	use	sega-mega-drive-header
 >0	byte	x			\b, 2352-byte sectors
 
 # Sega Mega Drive, 32X, Pico, and Mega CD Boot ROM images.
 0x100		string	SEGA
 >0x3C0		bequad	0x4D41525320434845	Sega 32X ROM image
+!:mime		application/x-genesis-32x-rom
 >>0		use	sega-mega-drive-header
 >0x3C0		bequad	!0x4D41525320434845
 >>0x105		belong	0x5049434F	Sega Pico ROM image
+!:mime		application/x-sega-pico-rom
 >>>0		use	sega-mega-drive-header
 >>0x105		belong	!0x5049434F
 >>>0x180	beshort	0x4252		Sega Mega CD Boot ROM image
+!:mime		application/x-genesis-rom
 >>>0x180	beshort	!0x4252		Sega Mega Drive / Genesis ROM image
+!:mime		application/x-genesis-rom
 >>>0		use	sega-mega-drive-header
 
 #------------------------------------------------------------------------------
@@ -6353,11 +7234,13 @@
 # "Sega Genesis" header.
 0x280	string EAGN
 >8	beshort	0xAABB	Sega Mega Drive / Genesis ROM image (SMD format):
+!:mime	application/x-genesis-rom
 >>0	use     sega-genesis-smd-header
 
 # "Sega Mega Drive" header.
 0x280	string EAMG
 >8	beshort	0xAABB	Sega Mega Drive / Genesis ROM image (SMD format):
+!:mime	application/x-genesis-rom
 >>0	use     sega-genesis-smd-header
 
 #------------------------------------------------------------------------------
@@ -6365,7 +7248,7 @@
 # Detects all Game Gear and export Sega Master System ROM images,
 # and some Japanese Sega Master System ROM images.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://www.smspower.org/Development/ROMHeader
+# Reference: https://www.smspower.org/Development/ROMHeader
 #
 
 # General SMS header rule.
@@ -6373,12 +7256,17 @@
 0	name	sega-master-system-rom-header
 # Machine type.
 >0x0F	byte&0xF0	0x30	Sega Master System
+!:mime	application/x-sms-rom
 >0x0F	byte&0xF0	0x40	Sega Master System
+!:mime	application/x-sms-rom
 >0x0F	byte&0xF0	0x50	Sega Game Gear
+!:mime	application/x-gamegear-rom
 >0x0F	byte&0xF0	0x60	Sega Game Gear
+!:mime	application/x-gamegear-rom
 >0x0F	byte&0xF0	0x70	Sega Game Gear
->0x0F	byte&0xF0	<0x30	Sega Master System / Game Gear
->0x0F	byte&0xF0	>0x70	Sega Master System / Game Gear
+!:mime	application/x-gamegear-rom
+>0x0F	default		x	Sega Master System / Game Gear
+!:mime	application/x-sms-rom
 >0	byte		x	ROM image:
 # Product code.
 >0x0E	byte&0xF0	0x10	1
@@ -6438,17 +7326,19 @@
 
 # 2048-byte sector version.
 0	string	SEGA\ SEGASATURN\ 	Sega Saturn disc image
+!:mime	application/x-saturn-rom
 >0	use	sega-saturn-disc-header
 >0	byte	x			(2048-byte sectors)
 # 2352-byte sector version.
 0x10	string	SEGA\ SEGASATURN\ 	Sega Saturn disc image
+!:mime	application/x-saturn-rom
 >0x10	use	sega-saturn-disc-header
 >0	byte	x			(2352-byte sectors)
 
 #------------------------------------------------------------------------------
 # dreamcast: file(1) magic for the Sega Dreamcast disc image format.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://mc.pp.se/dc/ip0000.bin.html
+# Reference: https://mc.pp.se/dc/ip0000.bin.html
 #
 
 # Common Sega Dreamcast disc header format.
@@ -6462,10 +7352,12 @@
 
 # 2048-byte sector version.
 0	string	SEGA\ SEGAKATANA\ 	Sega Dreamcast disc image
+!:mime	application/x-dc-rom
 >0	use	sega-dreamcast-disc-header
 >0	byte	x			(2048-byte sectors)
 # 2352-byte sector version.
 0x10	string	SEGA\ SEGAKATANA\ 	Sega Dreamcast disc image
+!:mime	application/x-dc-rom
 >0x10	use	sega-dreamcast-disc-header
 >0	byte	x			(2352-byte sectors)
 
@@ -6481,6 +7373,7 @@
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0	bequad	0x803712400000000F	Nintendo 64 ROM image
+!:mime	application/x-n64-rom
 >0x20	string	>\0	\b: "%.20s"
 >0x3B	string	x	(%.4s
 >0x3F	byte	x	\b, Rev.%02u)
@@ -6490,39 +7383,44 @@
 # Same as z64 format, but with 16-bit byteswapping.
 #
 0	bequad	0x3780401200000F00	Nintendo 64 ROM image (V64)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # n64-swap2: file(1) magic for the swap2 format N64 ROM dumps
 # Same as z64 format, but with swapped 16-bit words.
 #
 0	bequad	0x12408037000F0000	Nintendo 64 ROM image (wordswapped)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # n64-le32: file(1) magic for the 32-bit byteswapped format N64 ROM dumps
 # Same as z64 format, but with 32-bit byteswapping.
 #
 0	bequad	0x401237800F000000	Nintendo 64 ROM image (32-bit byteswapped)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # gba: file(1) magic for the Nintendo Game Boy Advance raw ROM format
-# Reference: http://problemkaputt.de/gbatek.htm#gbacartridgeheader
+# Reference: https://problemkaputt.de/gbatek.htm#gbacartridgeheader
 #
 # Original version from: "Nelson A. de Oliveira" <naoliv@gmail.com>
 # Updated version from: David Korth <gerbilsoft@gerbilsoft.com>
 #
 4	bequad	0x24FFAE51699AA221	Game Boy Advance ROM image
+!:mime	application/x-gba-rom
 >0xA0	string	>\0	\b: "%.12s"
 >0xAC	string	x	(%.6s
 >0xBC	byte	x	\b, Rev.%02u)
 
 #------------------------------------------------------------------------------
 # nds: file(1) magic for the Nintendo DS(i) raw ROM format
-# Reference: http://problemkaputt.de/gbatek.htm#dscartridgeheader
+# Reference: https://problemkaputt.de/gbatek.htm#dscartridgeheader
 #
 # Original version from: "Nelson A. de Oliveira" <naoliv@gmail.com>
 # Updated version from: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0xC0	bequad	0x24FFAE51699AA221	Nintendo DS ROM image
+!:mime	application/x-nintendo-ds-rom
 >0x00	string	>\0		\b: "%.12s"
 >0x0C	string	x		(%.6s
 >0x1E	byte	x		\b, Rev.%02u)
@@ -6543,15 +7441,17 @@
 # This is also used for loading .nds files using the MSET exploit on 3DS.
 # Reference: https://github.com/devkitPro/ndstool/blob/master/source/ndscreate.cpp
 0xC0	bequad	0xC8604FE201708FE2	Nintendo DS Slot-2 ROM image (PassMe)
+!:mime	application/x-nintendo-ds-rom
 
 #------------------------------------------------------------------------------
 # ngp: file(1) magic for the Neo Geo Pocket (Color) raw ROM format.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # References:
 # - https://neogpc.googlecode.com/svn-history/r10/trunk/src/core/neogpc.cpp
-# - http://www.devrs.com/ngp/files/ngpctech.txt
+# - https://www.devrs.com/ngp/files/ngpctech.txt
 #
 0x0A	string	BY\ SNK\ CORPORATION	Neo Geo Pocket
+!:mime	application/x-neo-geo-pocket-rom
 >0x23	byte	0x10			Color
 >0	byte	x			ROM image
 >0x24	string	>\0			\b: "%.12s"
@@ -6586,7 +7486,21 @@
 
 #------------------------------------------------------------------------------
 # Microsoft Xbox executables .xbe (Esa Hyytia <ehyytia@cc.hut.fi>)
-0       string          XBEH            XBE, Microsoft Xbox executable
+0	string	XBEH	Microsoft Xbox executable
+# expect base address of 0x10000
+>0x0104                 ulelong =0x10000
+>>(0x0118.l-0x0FFF4)    lestring16 x       \b: "%.40s"
+>>(0x0118.l-0x0FFF5)    byte     x         (%c
+>>(0x0118.l-0x0FFF6)    byte     x         \b%c-
+>>(0x0118.l-0x0FFF8)    uleshort x         \b%03u)
+>>(0x0118.l-0x0FF60)    ulelong&0x80000007  0x80000007 \b, all regions
+>>(0x0118.l-0x0FF60)    ulelong&0x80000007  !0x80000007
+>>>(0x0118.l-0x0FF60)   ulelong >0           (regions:
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000001  NA
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000002  Japan
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000004  Rest_of_World
+>>>>(0x0118.l-0x0FF60)  ulelong &0x80000000  Manufacturer
+>>>(0x0118.l-0x0FF60)   ulelong >0           \b)
 # probabilistic checks whether signed or not
 >0x0004 ulelong =0x0
 >>&2    ulelong =0x0
@@ -6594,22 +7508,43 @@
 >0x0004 ulelong >0
 >>&2    ulelong >0
 >>>&2   ulelong >0    \b, signed
-# expect base address of 0x10000
->0x0104               ulelong =0x10000
->>(0x0118-0x0FF60)    ulelong&0x80000007  0x80000007 \b, all regions
->>(0x0118-0x0FF60)    ulelong&0x80000007  !0x80000007
->>>(0x0118-0x0FF60)   ulelong >0           (regions:
->>>>(0x0118-0x0FF60)  ulelong &0x00000001  NA
->>>>(0x0118-0x0FF60)  ulelong &0x00000002  Japan
->>>>(0x0118-0x0FF60)  ulelong &0x00000004  Rest_of_World
->>>>(0x0118-0x0FF60)  ulelong &0x80000000  Manufacturer
->>>(0x0118-0x0FF60)   ulelong >0           \b)
 
 # --------------------------------
 # Microsoft Xbox data file formats
 0       string          XIP0            XIP, Microsoft Xbox data
 0       string          XTF0            XTF, Microsoft Xbox data
 
+#------------------------------------------------------------------------------
+# Microsoft Xbox 360 executables (.xex)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://free60project.github.io/wiki/XEX.html
+# - https://github.com/xenia-project/xenia/blob/HEAD/src/xenia/kernel/util/xex2_info.h
+
+# Title ID (part of Execution ID section)
+0		name	xbox-360-xex-execution-id
+>(0.L+0xC)	byte	x	(%c
+>(0.L+0xD)	byte	x	\b%c
+>(0.L+0xE)	beshort	x	\b-%04u)
+
+0	string	XEX2	Microsoft Xbox 360 executable
+>0x18	search/0x100	\x00\x04\x00\x06
+>>&0	use	xbox-360-xex-execution-id
+>(0x010.L+0x178)	ubelong	0xFFFFFFFF	\b, all regions
+>(0x010.L+0x178)	ubelong	!0xFFFFFFFF
+>>(0x010.L+0x178)	ubelong	>0		(regions:
+>>(0x010.L+0x178)	ubelong&0x000000FF	0x000000FF	USA
+>>(0x010.L+0x178)	ubelong&0x00000100	0x00000100	Japan
+>>(0x010.L+0x178)	ubelong&0x00000200	0x00000200	China
+>>(0x010.L+0x178)	ubelong&0x0000FC00	0x0000FC00	Asia
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00FF0000	PAL
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00FE0000	PAL [except AU/NZ]
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00010000	AU/NZ
+>>(0x010.L+0x178)	ubelong&0xFF000000	0xFF000000	Other
+>>(0x010.L+0x178)	ubelong	>0		\b)
+
+
+
 # Atari Lynx cartridge dump (EXE/BLL header)
 # From: "Stefan A. Haubenthal" <polluks@web.de>
 
@@ -6617,8 +7552,10 @@
 # 8 character OMF-86 object file headers.
 0	beshort		0x8008
 >6	string		BS93		Lynx homebrew cartridge
+!:mime	application/x-atari-lynx-rom
 >>2	beshort		x		\b, RAM start $%04x
 >6	string		LYNX		Lynx cartridge
+!:mime	application/x-atari-lynx-rom
 >>2	beshort		x		\b, RAM start $%04x
 
 # Opera file system that is used on the 3DO console
@@ -6633,14 +7570,14 @@
 # Gameboy%20Sound%20System%20(.gbs).txt
 0	string		GBS		Nintendo Gameboy Music/Audio Data
 #12	string		GameBoy\ Music\ Module	Nintendo Gameboy Music Module
->16	string		>\0	("%s" by
->48	string		>\0	%s, copyright
->80	string		>\0	%s),
->3	byte		x	version %d,
->4	byte		x	%d tracks
+>16	string		>\0	("%.32s" by
+>48	string		>\0	%.32s, copyright
+>80	string		>\0	%.32s),
+>3	byte		x	version %u,
+>4	byte		x	%u tracks
 
 # IPS Patch Files from: From: Thomas Klausner <tk@giga.or.at>
-# see http://zerosoft.zophar.net/ips.php
+# see https://zerosoft.zophar.net/ips.php
 0	string	PATCH			IPS patch file
 
 # Playstations Patch Files from: From: Thomas Klausner <tk@giga.or.at>
@@ -6731,7 +7668,7 @@
 
 # Type: Nintendo GameCube/Wii common disc header data.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0	name	nintendo-gcn-disc-common
 >0x20	string	x	"%.64s"
 >0x00	string	x	(%.6s
@@ -6740,11 +7677,14 @@
 >>0x06	byte	2	\b, Disc 3
 >>0x06	byte	3	\b, Disc 4
 >0x07	byte	x	\b, Rev.%02u)
+>0x18	belong	0x5D1C9EA3
+>>0x60	beshort	0x0101	\b (Unencrypted)
 
 # Type: Nintendo GameCube disc image
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0x1C	belong	0xC2339F3D	Nintendo GameCube disc image:
+!:mime	application/x-gamecube-rom
 >0	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube embedded disc image
@@ -6754,19 +7694,21 @@
 0		belong	0xAE0F38A2
 >0x0C		belong	0x00100000
 >>(8.L+0x1C)	belong	0xC2339F3D	Nintendo GameCube embedded disc image:
+!:mime	application/x-gamecube-rom
 >>>(8.L)	use	nintendo-gcn-disc-common
 
 # Type: Nintendo Wii disc image
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0x18	belong	0x5D1C9EA3	Nintendo Wii disc image:
 >0	use	nintendo-gcn-disc-common
 
 # Type: Nintendo Wii disc image (WBFS format)
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0	string	WBFS
 >0x218	belong	0x5D1C9EA3	Nintendo Wii disc image (WBFS format):
+!:mime	application/x-wii-rom
 >>0x200	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (CISO format)
@@ -6780,41 +7722,63 @@
 >4		lelong	0x200000
 >>8		byte	1
 >>>0x801C	belong	0xC2339F3D	Nintendo GameCube disc image (CISO format):
+!:mime	application/x-wii-rom
 >>>>0x8000	use	nintendo-gcn-disc-common
 >>>0x8018	belong	0x5D1C9EA3	Nintendo Wii disc image (CISO format):
+!:mime	application/x-wii-rom
 >>>>0x8000	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (GCZ format)
 # Due to zlib compression, we can't get the actual disc information.
 0	lelong	0xB10BC001
 >4	lelong	0		Nintendo GameCube disc image (GCZ format)
+!:mime	application/x-gamecube-rom
 >4	lelong	1		Nintendo Wii disc image (GCZ format)
->4	lelong	>1		Nintendo GameCube/Wii disc image (GCZ format)
+!:mime	application/x-wii-rom
+>4	default	x		Nintendo GameCube/Wii disc image (GCZ format)
 
 # Type: Nintendo GameCube/Wii disc image (WDF format)
 0		string	WII\001DISC
 >8		belong	1
 # WDFv1
 >>0x54		belong	0xC2339F3D	Nintendo GameCube disc image (WDFv1 format):
+!:mime	application/x-gamecube-rom
 >>>0x38		use	nintendo-gcn-disc-common
 >>0x58		belong	0x5D1C9EA3	Nintendo Wii disc image (WDFv1 format):
+!:mime	application/x-wii-rom
 >>>0x38		use	nintendo-gcn-disc-common
 >8		belong	2
 # WDFv2
 >>(12.L+0x1C)	belong	0xC2339F3D	Nintendo GameCube disc image (WDFv2 format):
+!:mime	application/x-gamecube-rom
 >>>(12.L)	use	nintendo-gcn-disc-common
 >>(12.L+0x18)	belong	0x5D1C9EA3	Nintendo Wii disc image (WDFv2 format):
+!:mime	application/x-wii-rom
 >>>(12.L)	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (WIA format)
 0	string	WIA\001	Nintendo
->0x48	belong	0	GameCube/Wii
 >0x48	belong	1	GameCube
+!:mime	application/x-gamecube-rom
 >0x48	belong	2	Wii
->0x48	belong	>2	GameCube/Wii
+!:mime	application/x-wii-rom
+>0x48	default	x	GameCube/Wii
 >0x48	belong	x	disc image (WIA format):
 >>0x58	use	nintendo-gcn-disc-common
 
+# Type: Nintendo GameCube/Wii disc image (with SDK header)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://wiibrew.org/wiki/Wii_Disc
+0		belong	0xFFFF0000
+>0x18		belong	0x00000000
+>>0x1C		belong	0x00000000
+>>>0x8018	belong	0x5D1C9EA3	Nintendo Wii SDK disc image:
+!:mime	application/x-wii-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+>>>0x801C	belong	0xC2339F3D	Nintendo GameCube SDK disc image:
+!:mime	application/x-gamecube-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+
 #------------------------------------------------------------------------------
 # Nintendo 3DS file formats.
 #
@@ -6931,6 +7895,7 @@
 0	byte	>0
 >0	byte	<3
 >>1	string	ATARI7800	Atari 7800 ROM image
+!:mime	application/x-atari-7800-rom
 >>>0x11	string	>\0	\b: "%.32s"
 # Display type.
 >>>0x39	byte	0	(NTSC)
@@ -7033,7 +7998,7 @@
 >84	belong&0x18000000	=0x18000000	undefined fpmode
 
 #------------------------------------------------------------------------------
-# $File: coverage,v 1.1 2016/06/05 00:26:32 christos Exp $
+# $File: coverage,v 1.2 2019/04/19 00:42:27 christos Exp $
 # xoverage:  file(1) magic for test coverage data
 
 # File formats used to store test coverage data
@@ -7100,7 +8065,7 @@
 # `clang -fprofile-instr-generate -fcoverage-mapping ...`
 # default name: default.profraw
 # magic is: \xFF lprofr \x81
-# cf. http://llvm.org/docs/doxygen/html/InstrProfData_8inc_source.html
+# cf. https://llvm.org/docs/doxygen/html/InstrProfData_8inc_source.html
 0	lequad	0xff6c70726f667281	LLVM raw profile data,
 >&0	byte	x	version %d
 
@@ -7111,10 +8076,10 @@
 
 # LLVM indexed instruction profile (as generated by llvm-profdata)
 # magic is: reverse(\xFF lprofi \x81)
-# cf. http://llvm.org/docs/CoverageMappingFormat.html
-# http://llvm.org/docs/doxygen/html/namespacellvm_1_1IndexedInstrProf.html
-# http://llvm.org/docs/CommandGuide/llvm-cov.html
-# http://llvm.org/docs/CommandGuide/llvm-profdata.html
+# cf. https://llvm.org/docs/CoverageMappingFormat.html
+# https://llvm.org/docs/doxygen/html/namespacellvm_1_1IndexedInstrProf.html
+# https://llvm.org/docs/CommandGuide/llvm-cov.html
+# https://llvm.org/docs/CommandGuide/llvm-profdata.html
 0	lequad	0x8169666f72706cff	LLVM indexed profile data,
 >&0	byte	x	version %d
 
@@ -7146,7 +8111,7 @@
 #--------------------------------------------------------------
 # ctf:  file(1) magic for CTF (Common Trace Format) trace files
 #
-# Specs. available here: <http://www.efficios.com/ctf>
+# Specs. available here: <https://www.efficios.com/ctf>
 #--------------------------------------------------------------
 
 # CTF trace data
@@ -7175,10 +8140,10 @@
 0	string	MAPZ)	Map file for the Blood Frontier/Red Eclipse FPS games
 
 #------------------------------------------------------------------------------
-# $File: cups,v 1.5 2017/03/17 21:35:28 christos Exp $
+# $File: cups,v 1.6 2019/04/19 00:42:27 christos Exp $
 # Cups: file(1) magic for the cups raster file format
 # From: Laurent Martelli <martellilaurent@gmail.com>
-# http://www.cups.org/documentation.php/spec-raster.html
+# https://www.cups.org/documentation.php/spec-raster.html
 #
 
 0	name		cups-le
@@ -7242,7 +8207,7 @@
 >15	long		>30		$BS, block size: %i bytes
 
 #------------------------------------------------------------------------------
-# $File: database,v 1.52 2017/08/13 00:21:47 christos Exp $
+# $File: database,v 1.55 2019/04/19 00:42:27 christos Exp $
 # database:  file(1) magic for various databases
 #
 # extracted from header/code files by Graeme Wilford (eep2gw@ee.surrey.ac.uk)
@@ -7389,8 +8354,8 @@
 
 ## XBase database files
 # updated by Joerg Jenderek at Feb 2013
-# http://www.dbase.com/Knowledgebase/INT/db7_file_fmt.htm
-# http://www.clicketyclick.dk/databases/xbase/format/dbf.html
+# https://www.dbase.com/Knowledgebase/INT/db7_file_fmt.htm
+# https://www.clicketyclick.dk/databases/xbase/format/dbf.html
 # http://home.f1.htw-berlin.de/scheibl/db/intern/dBase.htm
 # inspect VVYYMMDD , where 1<= MM <= 12 and 1<= DD <= 31
 0	ubelong&0x0000FFFF		<0x00000C20
@@ -7429,13 +8394,13 @@
 >>>>>>>>>>>>4	lelong			>0		\b, %d record
 # plural s appended
 >>>>>>>>>>>>>4	lelong			>1		\bs
-# http://www.clicketyclick.dk/databases/xbase/format/dbf_check.html#CHECK_DBF
+# https://www.clicketyclick.dk/databases/xbase/format/dbf_check.html#CHECK_DBF
 # 1 <= record size <= 4000 (dBase 3,4) or 32 * KB (=0x8000)
 >>>>>>>>>>>>10	uleshort		x		* %d
 # file size = records * record size + header size
 >>>>>>>>>>>>1	ubyte			x		\b, update-date
 >>>>>>>>>>>>1	use			xbase-date
-# http://msdn.microsoft.com/de-de/library/cc483186(v=vs.71).aspx
+# https://msdn.microsoft.com/de-de/library/cc483186(v=vs.71).aspx
 #>>>>>>>>>>>>29	ubyte			=0		\b, codepage ID=0x%x
 # 2~cp850 , 3~cp1252 , 0x1b~?? ; what code page is 0x1b ?
 >>>>>>>>>>>>29	ubyte			>0		\b, codepage ID=0x%x
@@ -7503,13 +8468,13 @@
 # dBASE IV SQL, no memo;dbv memo var size (Flagship)
 >>0	ubyte		0x43		dBase IV, with SQL table
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x62		dBase IV, with SQL table
 #!:mime	application/x-dbf
 # dBASE IV, with memo!!
 >>0	ubyte		0x7b		dBase IV, with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x82		dBase IV, with SQL system
 #!:mime	application/x-dbf
 # FoxBase+/dBaseIII+ with memo .DBT!
@@ -7518,7 +8483,7 @@
 # VISUAL OBJECTS (first 1.0 versions) for the Dbase III files (NTX clipper driver); memo file
 >>0	ubyte		0x87		VISUAL OBJECTS, with memo file
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x8A		FoxBase+/dBase III, with memo .DBT
 #!:mime	application/x-dbf
 # dBASE IV with memo!
@@ -7529,7 +8494,7 @@
 !:mime	application/x-dbf
 # .dbv and .dbt memo (Flagship)?
 >>0	ubyte		0xB3		Flagship
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xCA		dBase IV with memo .DBT
 #!:mime	application/x-dbf
 # dBASE IV with SQL table, with memo .DBT
@@ -7538,12 +8503,12 @@
 # HiPer-Six format;Clipper SIX, with SMT memo file
 >>0	ubyte		0xE5		Clipper SIX with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xF4		dBase IV, with SQL table, with memo
 #!:mime	application/x-dbf
 >>0	ubyte		0xF5		FoxPro with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xFA		FoxPro 2.x, with memo
 #!:mime	application/x-dbf
 # unknown version (should not happen)
@@ -7574,7 +8539,7 @@
 >>>>>2	ubyte		x		\b-%d
 
 #	dBase memo files .DBT or .FPT
-# http://msdn.microsoft.com/en-us/library/8599s21w(v=vs.80).aspx
+# https://msdn.microsoft.com/en-us/library/8599s21w(v=vs.80).aspx
 16		ubyte		<4
 >16		ubyte		!2
 >>16		ubyte		!1
@@ -7737,7 +8702,7 @@
 >>220	ulelong		x		\b.%d
 
 # From: Joerg Jenderek
-# URL: http://forensicswiki.org/wiki/Windows_Application_Compatibility
+# URL: https://forensicswiki.org/wiki/Windows_Application_Compatibility
 # Note: files contain application compatibility fixes, application compatibility modes and application help messages.
 8	string		sdbf
 >7	ubyte		0
@@ -7784,7 +8749,7 @@
 >>7	byte		x		\b-%d
 
 # Type: Advanced Data Format (ADF) database
-# URL:  http://www.grc.nasa.gov/WWW/cgns/adf/
+# URL:  https://www.grc.nasa.gov/WWW/cgns/adf/
 # From: Nicolas Chauvat <nicolas.chauvat@logilab.fr>
 0	string	@(#)ADF\ Database	CGNS Advanced Data Format
 
@@ -7824,7 +8789,7 @@
 0	string		ToKyO\ CaBiNeT\n	TokyoCabinet database
 >14	string		x			(version %s)
 
-# From:  Stephane Blondon http://www.yaal.fr
+# From:  Stephane Blondon https://www.yaal.fr
 # Database file for Zope (done by FileStorage)
 0	string	FS21	Zope Object Database File Storage v3 (data)
 0	string	FS30	Zope Object Database File Storage v4 (data)
@@ -7835,7 +8800,7 @@
 # IDA (Interactive Disassembler) database
 0	string		IDA1	IDA (Interactive Disassembler) database
 
-# Hopper (reverse engineering tool) http://www.hopperapp.com/
+# Hopper (reverse engineering tool) https://www.hopperapp.com/
 0	string		hopperdb	Hopper database
 
 # URL: https://en.wikipedia.org/wiki/Panorama_(database_engine)
@@ -7875,22 +8840,79 @@
 >32	lelong	x		\b, index %d
 >36	lelong	x		\b, seed %#x
 
+#
+# Redis RDB - https://redis.io/topics/persistence
+0	string	REDIS			Redis RDB file,
+>5	regex	[0-9][0-9][0-9][0-9]	version %s
+
+# Mork database.
+# Used by older versions of Mozilla Suite and Firefox,
+# and current versions of Thunderbird.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string	//\ <!--\ <mdb:mork:z\ v="	Mozilla Mork database
+>23	string	x		\b, version %.3s
+
 #------------------------------------------------------------------------------
-# $File: dbpf,v 1.1 2017/10/13 20:47:14 christos Exp $
+# $File: dataone,v 1.2 2019/04/19 00:42:27 christos Exp $
+#
+# DataONE- files from Dave Vieglais <dave.vieglais@gmail.com> &
+#                     Pratik Shrivastava <pratikshrivastava23@gmail.com>
+#
+# file formats:   https://cn.dataone.org/cn/v2/formats
+#------------------------------------------------------------------------------
+
+# EML (Ecological Metadata Language Format)
+0	string	<?xml
+>&0	regex	(eml)-[0-9].[0-9].[0-9]+	eml://ecoinformatics.org/%s
+
+# onedcx (DataONE Dublin Core Extended v1.0)
+>&0	regex	(onedcx/v)[0-9].[0-9]+		https://ns.dataone.org/metadata/schema/onedcx/v1.0
+
+# FGDC-STD-001-1998 (Content Standard for Digital Geospatial Metadata,
+# version 001-1998)
+>&0	regex	fgdc				FGDC-STD-001-1998
+
+# Mercury (Oak Ridge National Lab Mercury Metadata version 1.0)
+>&0	regex	(mercury/terms/v)[0-9].[0-9]	https://purl.org/ornl/schema/mercury/terms/v1.0
+
+# ISOTC211 (Geographic MetaData (GMD) Extensible Markup Language)
+>&0	regex	isotc211
+>>&0	regex	eng;USA				https://www.isotc211.org/2005/gmd
+
+# ISOTC211 (NOAA Variant Geographic MetaData (GMD) Extensible Markup Language)
+>>&0	regex	gov.noaa.nodc:[0-9]+		https://www.isotc211.org/2005/gmd-noaa
+
+# ISOTC211 PANGAEA Variant Geographic MetaData (GMD) Extensible Markup Language
+>>&0	regex	pangaea.dataset[0-9][0-9][0-9][0-9][0-9][0-9]+	https://www.isotc211.org/2005/gmd-pangaea
+!:mime	text/xml
+
+
+# Object Reuse and Exchange Vocabulary
+0	string	<?xml
+>&0	regex	rdf
+>>&0	regex	openarchives	https://www.openarchives.org/ore/terms
+!:mime application/rdf+xml
+
+
+# Dryad Metadata Application Profile Version 3.1
+0	string	<DryadData
+>&0	regex	(dryad-bibo/v)[0-9].[0-9]	https://datadryad.org/profile/v3.1
+!:mime	text/xml
+
+#------------------------------------------------------------------------------
+# $File: dbpf,v 1.3 2019/04/19 00:42:27 christos Exp $
 # dppf:	Maxis Database Packed Files, the stored data file format used by all
 #	Maxis games after the Sims: http://wiki.niotso.org/DBPF
-# 	http://www.wiki.sc4devotion.com/index.php?title=DBPF
+# 	https://www.wiki.sc4devotion.com/index.php?title=DBPF
 #	13 Oct 2017, Kip Warner <kip at thevertigo dot com>
 0	string	DBPF	Maxis Database Packed File
 >4	ulelong	x	\b, version: %u.
 >>8	ulelong	x	\b%u
 >>>36	ulelong	x       \b, files: %u
+>>24	ledate	!0	\b, created: %s
+>>28	ledate	!0	\b, modified: %s
 !:ext	dbpf/package/dat/sc4
 !:mime	application/x-maxis-dbpf
-4	ulelong	1
->8	ulelong	!1
->>24	ledate	!0	\b, created: %s
->>>28	ledate	!0	\b, modified: %s
 #------------------------------------------------------------------------------
 # $File: der,v 1.2 2017/03/17 21:35:28 christos Exp $
 # der: file(1) magic for DER encoded files
@@ -8119,9 +9141,9 @@
 >6	short		0x40		for Alpha
 
 #------------------------------------------------------------------------------
-# $File: dolby,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: dolby,v 1.9 2019/04/19 00:42:27 christos Exp $
 # ATSC A/53 aka AC-3 aka Dolby Digital <ashitaka@gmx.at>
-# from http://www.atsc.org/standards/a_52a.pdf
+# from https://www.atsc.org/standards/a_52a.pdf
 # corrections, additions, etc. are always welcome!
 #
 # syncword
@@ -8188,14 +9210,14 @@
 >4	byte&0x3e = 0x24	\b, 640 kbit/s
 
 #------------------------------------------------------------------------------
-# $File: dump,v 1.16 2017/07/22 19:21:02 christos Exp $
+# $File: dump,v 1.17 2018/06/26 01:07:17 christos Exp $
 # dump:  file(1) magic for dump file format--for new and old dump filesystems
 #
 # We specify both byte orders in order to recognize byte-swapped dumps.
 #
 0	name	new-dump-be
->4	bedate	x		Previous dump %s,
->8	bedate	x		This dump %s,
+>4	bedate	x		This dump %s,
+>8	bedate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8213,8 +9235,8 @@
 >888	belong	>0		Flags %x
 
 0	name	old-dump-be
-#>4	bedate	x		Previous dump %s,
-#>8	bedate	x		This dump %s,
+#>4	bedate	x		This dump %s,
+#>8	bedate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8232,8 +9254,8 @@
 >888	belong	>0		Flags %x
 
 0	name	ufs2-dump-be
->896	beqdate	x		Previous dump %s,
->904	beqdate	x		This dump %s,
+>896	beqdate	x		This dump %s,
+>904	beqdate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8284,12 +9306,12 @@
 >0	leshort	7		end of medium (for floppy).
 
 #------------------------------------------------------------------------------
-# $File: dyadic,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: dyadic,v 1.9 2019/04/19 00:42:27 christos Exp $
 # Dyadic: file(1) magic for Dyalog APL.
 #
 # updated by Joerg Jenderek at Oct 2013
-# http://en.wikipedia.org/wiki/Dyalog_APL
-# http://www.dyalog.com/
+# https://en.wikipedia.org/wiki/Dyalog_APL
+# https://www.dyalog.com/
 # .DXV Dyalog APL External Variable
 # .DIN Dyalog APL Input Table
 # .DOT Dyalog APL Output Table
@@ -8345,13 +9367,24 @@
 0	short		0x6060		Dyalog APL transfer
 
 #------------------------------------------------------------------------------
-# $File: ebml,v 1.1 2010/07/02 00:07:03 christos Exp $
+# $File: ebml,v 1.2 2019/04/19 00:42:27 christos Exp $
 # ebml:  file(1) magic for various Extensible Binary Meta Language
-# http://www.matroska.org/technical/specs/index.html#track
+# https://www.matroska.org/technical/specs/index.html#track
 0	belong	0x1a45dfa3	EBML file
 >4	search/b/100	\102\202
 >>&1	string	x		\b, creator %.8s
 
+#------------------------------------------------------------------------------
+# $File: edid,v 1.1 2019/03/28 12:36:01 christos Exp $
+# edid:  file(1) magic for EDID dump files
+
+0	quad	0x00ffffffffffff00	Extended display identification data dump
+!:mime application/x-edid-dump
+>18	byte	0x01			Version 1
+>>19	byte	<0x04			\b.%d
+>18	byte	0x02			Version 2
+>>19	byte	0x00			\b.0
+
 #------------------------------------------------------------------------------
 # $File: editors,v 1.11 2017/03/17 21:35:28 christos Exp $
 # T602 editor documents
@@ -8407,7 +9440,7 @@
 >4	lelong	>2		Universal EFI binary with %d architectures
 
 #------------------------------------------------------------------------------
-# $File: elf,v 1.72 2018/02/24 19:50:04 christos Exp $
+# $File: elf,v 1.77 2019/01/16 19:33:35 christos Exp $
 # elf:  file(1) magic for ELF executables
 #
 # We have to check the byte order flag to see what byte order all the
@@ -8445,6 +9478,8 @@
 >0	lelong&0x3		2		relaxed memory ordering,
 
 0	name		elf-pa-risc
+>2	leshort		0x0208		1.0
+>2	leshort		0x0210		1.1
 >2	leshort		0x0214		2.0
 >0	leshort		&0x0008		(LP64)
 
@@ -8455,11 +9490,15 @@
 !:mime	application/x-object
 >16	leshort		2		executable,
 !:mime	application/x-executable
->16	leshort		3		${x?pie executable:shared object}
+>16	leshort		3		${x?pie executable:shared object},
 
 !:mime	application/x-${x?pie-executable:sharedlib}
->16	leshort		4		core file
+>16	leshort		4		core file,
 !:mime	application/x-coredump
+# OS-specific
+>7	byte		202
+>>16	leshort		0xFE01		executable,
+!:mime	application/x-executable
 # Core file detection is not reliable.
 #>>>(0x38+0xcc) string	>\0		of '%s'
 #>>>(0x38+0x10) lelong	>0		(signal %d),
@@ -8666,6 +9705,8 @@
 >18	leshort		217		iCelero CoolEngine,
 >18	leshort		218		Nanoradio Optimized RISC,
 >18	leshort		243		UCB RISC-V,
+>18	leshort		247		eBPF,
+>18	leshort		251             NEC VE,
 >18	leshort		0x1057		AVR (unofficial),
 >18	leshort		0x1059		MSP430 (unofficial),
 >18	leshort		0x1223		Adapteva Epiphany (unofficial),
@@ -8728,6 +9769,7 @@
 >7	byte		16		(FenixOS)
 >7	byte		17		(Nuxi CloudABI)
 >7	byte		97		(ARM)
+>7	byte		202		(Cafe OS)
 >7	byte		255		(embedded)
 
 #------------------------------------------------------------------------------
@@ -8815,9 +9857,9 @@
 0	lelong		0x1000007A	Psion Series 5 executable
 
 #------------------------------------------------------------------------------
-# $File: erlang,v 1.6 2010/09/20 19:19:17 rrt Exp $
+# $File: erlang,v 1.7 2019/04/19 00:42:27 christos Exp $
 # erlang:  file(1) magic for Erlang JAM and BEAM files
-# URL:  http://www.erlang.org/faq/x779.html#AEN812
+# URL:  https://www.erlang.org/faq/x779.html#AEN812
 
 # OTP R3-R4
 0	string	\0177BEAM!	Old Erlang BEAM file
@@ -8835,11 +9877,68 @@
 
 0	bequad	0x0000000000ABCDEF	Erlang DETS file
 
+# $File: espressif,v 1.1 2018/11/20 18:57:17 christos Exp $
+# configuration dump of Tasmota firmware for ESP8266 based devices by Espressif
+# URL: https://github.com/arendst/Sonoff-Tasmota/
+# Reference: https://codeload.github.com/arendst/Sonoff-Tasmota/zip/release-6.2/
+# Sonoff-Tasmota-release-6.2.zip/Sonoff-Tasmota-release-6.2/sonoff/settings.h 
+# From: Joerg Jenderek
+#
+# cfg_holder=4617=0x1209
+0		uleshort	4617
+# remainig settings normally 0x5A+offset XORed; free_1D5[20] empty since 5.12.0e
+>0x1D5		ubequad		0x2f30313233343536	configuration of Tasmota firmware (ESP8266)
+!:mime	application/x-tasmota-dmp
+!:ext	dmp
+# version like 6.2.1.0 ~ 0x06020100 XORed to 0x63666262
+>>11		ubyte^0x65	x			\b, version %u
+>>10		ubyte^0x64	x			\b.%u
+>>9		ubyte^0x63	x			\b.%u
+>>8		ubyte^0x62	x			\b.%u
+#>8		ubelong		x			(0x%x)
+# hostname[33] XORed
+>>0x165		ubyte^0x1BF	x			\b, hostname %c
+>>0x166		ubyte^0x1C0	>037			\b%c
+>>0x167		ubyte^0x1C1	>037			\b%c
+>>0x168		ubyte^0x1C2	>037			\b%c
+>>0x169		ubyte^0x1C3	>037			\b%c
+>>0x16A		ubyte^0x1C4	>037			\b%c
+>>0x16B		ubyte^0x1C5	>037			\b%c
+>>0x16C		ubyte^0x1C6	>037			\b%c
+>>0x16D		ubyte^0x1C7	>037			\b%c
+>>0x16E		ubyte^0x1C8	>037			\b%c
+>>0x16F		ubyte^0x1C9	>037			\b%c
+>>0x170		ubyte^0x1CA	>037			\b%c
+>>0x171		ubyte^0x1CB	>037			\b%c
+>>0x172		ubyte^0x1CC 	>037			\b%c
+>>0x173		ubyte^0x1CD	>037			\b%c
+>>0x174		ubyte^0x1CE	>037			\b%c
+>>0x175		ubyte^0x1CF	>037			\b%c
+>>0x176		ubyte^0x1D0	>037			\b%c
+>>0x177		ubyte^0x1D1	>037			\b%c
+>>0x178		ubyte^0x1D2	>037			\b%c
+>>0x179		ubyte^0x1D3	>037			\b%c
+>>0x17A		ubyte^0x1D4	>037			\b%c
+>>0x17B		ubyte^0x1D5	>037			\b%c
+>>0x17C		ubyte^0x1D6	>037			\b%c
+>>0x17D		ubyte^0x1D7	>037			\b%c
+>>0x17E		ubyte^0x1D8	>037			\b%c
+>>0x17F		ubyte^0x1D9	>037			\b%c
+>>0x180		ubyte^0x1DA	>037			\b%c
+>>0x181		ubyte^0x1DB	>037			\b%c
+>>0x182		ubyte^0x1DC	>037			\b%c
+>>0x183		ubyte^0x1DD	>037			\b%c
+>>0x184		ubyte^0x1DE	>037			\b%c
+>>0x185		ubyte^0x1DF	>037			\b%c
+#>>0x165		string		x			(%.33s)
+
+
+
 #------------------------------------------------------------------------------
-# $File: esri,v 1.4 2009/09/19 16:28:09 christos Exp $
+# $File: esri,v 1.5 2019/04/19 00:42:27 christos Exp $
 # ESRI Shapefile format (.shp .shx .dbf=DBaseIII)
 # Based on info from
-# <URL:http://www.esri.com/library/whitepapers/pdfs/shapefile.pdf>
+# <URL:https://www.esri.com/library/whitepapers/pdfs/shapefile.pdf>
 0	belong	9994	ESRI Shapefile
 >4	belong	=0
 >8	belong	=0
@@ -8872,7 +9971,7 @@
 0       string          FCS3.0          Flow Cytometry Standard (FCS) data, version 3.0
 
 #------------------------------------------------------------------------------
-# $File: filesystems,v 1.124 2018/01/12 12:35:30 christos Exp $
+# $File: filesystems,v 1.128 2019/04/23 15:43:27 christos Exp $
 # filesystems:  file(1) magic for different filesystems
 #
 0	name	partid
@@ -9141,21 +10240,21 @@
 # to display information (50) before DOS BPB (strength=70) and after DOS floppy (120) like in old file version
 !:strength +65
 >2		string		OSBS		OS/BS MBR
-# added by Joerg Jenderek at Feb 2013 according to http://thestarman.pcministry.com/asm/mbr/
-# and http://en.wikipedia.org/wiki/Master_Boot_Record
+# added by Joerg Jenderek at Feb 2013 according to https://thestarman.pcministry.com/asm/mbr/
+# and https://en.wikipedia.org/wiki/Master_Boot_Record
 # test for nearly all MS-DOS Master Boot Record initial program loader (IPL) is now done by
 # characteristic assembler instructions: xor ax,ax;mov ss,ax;mov sp,7c00
 >0	search/2	\x33\xc0\x8e\xd0\xbc\x00\x7c	MS-MBR
-# Microsoft Windows 95A and early ( http://thestarman.pcministry.com/asm/mbr/STDMBR.htm )
+# Microsoft Windows 95A and early ( https://thestarman.pcministry.com/asm/mbr/STDMBR.htm )
 # assembler instructions: mov si,sp;push ax;pop es;push ax;pop ds;sti;cld
 >>8	ubequad		0x8bf45007501ffbfc
-# http://thestarman.pcministry.com/asm/mbr/200MBR.htm
+# https://thestarman.pcministry.com/asm/mbr/200MBR.htm
 >>>0x16	ubyte		0xF3				\b,DOS 2
 >>>>219	regex		Author\ -\ 			Author:
 # found "David Litton" , "A Pehrsson  "
 >>>>>&0	string		x				"%s"
 >>>0x16	ubyte		0xF2
-# NEC MS-DOS 3.30 Rev. 3 . See http://thestarman.pcministry.com/asm/mbr/DOS33MBR.htm
+# NEC MS-DOS 3.30 Rev. 3 . See https://thestarman.pcministry.com/asm/mbr/DOS33MBR.htm
 # assembler instructions: mov di,077c;cmp word ptrl[di],a55a;jnz
 >>>>0x22	ubequad	0xbf7c07813d5aa575		\b,NEC 3.3
 # version MS-DOS 3.30 til MS-Windows 95A (WinVer=4.00.1111)
@@ -9187,7 +10286,7 @@
 # "Sistema operativo mancante"				nn=0xe2 for italian version
 >>>>>0x79	ubyte		>0			at offset 0x%x
 >>>>>>(0x79.b)	string		>\0			"%s"
-# Microsoft Windows 95B to XP (http://thestarman.pcministry.com/asm/mbr/95BMEMBR.htm)
+# Microsoft Windows 95B to XP (https://thestarman.pcministry.com/asm/mbr/95BMEMBR.htm)
 # assembler instructions: push ax;pop es;push  ax;pop ds;cld;mov si,7c1b
 >>8	ubequad		0x5007501ffcbe1b7c
 # assembler instructions: rep;movsb;retf;mov si,07be;mov cl,04
@@ -9214,7 +10313,7 @@
 # "\216\257\245\340\240\346\250\256\255\255\240\357 \341\250\341\342\245\254\240 \255\245 \255\240\251\244\245\255\240"	nn=0x156 for russian version
 >>>>0xA9		ubyte	x			at offset 0x1%x
 >>>>(0xA9.b+0x100)	string	>\0			"%s"
-# http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm
+# https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm
 # assembler instructions: rep;movsb;retf;mov BP,07be;mov cl,04
 >>>24		ubequad	0xf3a4cbbdbe07b104		XP
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9235,7 +10334,7 @@
 # Microsoft Windows Vista or 7
 # assembler instructions: ..;mov ds,ax;mov si,7c00;mov di,..00
 >>8	ubequad		0xc08ed8be007cbf00
-# Microsoft Windows Vista (http://thestarman.pcministry.com/asm/mbr/VistaMBR.htm)
+# Microsoft Windows Vista (https://thestarman.pcministry.com/asm/mbr/VistaMBR.htm)
 # assembler instructions: jnz 0729;cmp ebx,"TCPA"
 >>>0xEC		ubequad	0x753b6681fb544350		Vista
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9253,7 +10352,7 @@
 # "Betriebssystem nicht vorhanden"			zz=0x1?? for german version
 >>>>0x1b7	ubyte		>0			at offset 0x1%x
 >>>>(0x1b7.b+0x100)	string	>\0			"%s"
-# Microsoft Windows 7 (http://thestarman.pcministry.com/asm/mbr/W7MBR.htm)
+# Microsoft Windows 7 (https://thestarman.pcministry.com/asm/mbr/W7MBR.htm)
 # assembler instructions: cmp ebx,"TCPA";cmp
 >>>0xEC		ubequad	0x6681fb5443504175		Windows 7
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9271,10 +10370,10 @@
 # "Betriebssystem nicht vorhanden"			zz=0x1?? for german version
 >>>>0x1b7	ubyte		>0			at offset 0x1%x
 >>>>(0x1b7.b+0x100)	string	>\0			"%s"
-# http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DiskSigs
-# http://en.wikipedia.org/wiki/MBR_disk_signature#ID
+# https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DiskSigs
+# https://en.wikipedia.org/wiki/MBR_disk_signature#ID
 >>0x1b8	ulelong		>0				\b, disk signature 0x%-.4x
-# driveID/timestamp for Win 95B,98,98SE and ME. See http://thestarman.pcministry.com/asm/mbr/mystery.htm
+# driveID/timestamp for Win 95B,98,98SE and ME. See https://thestarman.pcministry.com/asm/mbr/mystery.htm
 >>0xDA	uleshort		0
 >>>0xDC 	ulelong		>0			\b, created
 # physical drive number (0x80-0xFF) when the Windows wrote that byte to the drive
@@ -9338,13 +10437,13 @@
 >>>>>420	ubyte		x			\b)
 #
 # SYSLINUX MBR moved
-# http://www.acronis.de/
+# https://www.acronis.de/
 >362	string	MBR\ Error\ \0\r
 >>376	string	ress\ any\ key\ to\040
 >>>392	string	boot\ from\ floppy...\0			\b, Acronis MBR
 # added by Joerg Jenderek
-# http://www.visopsys.org/
-# http://partitionlogic.org.uk/
+# https://www.visopsys.org/
+# https://partitionlogic.org.uk/
 >309	string	No\ bootable\ partition\ found\r
 >>339	string	I/O\ Error\ reading\ boot\ sector\r	\b, Visopsys MBR
 >349	string	No\ bootable\ partition\ found\r
@@ -9363,7 +10462,7 @@
 >>172	string	LILO				\b, version 22.5.8 Debian
 # updated by Joerg Jenderek at Oct 2008
 # variables according to grub-0.97/stage1/stage1.S or
-# http://www.gnu.org/software/grub/manual/grub.html#Embedded-data
+# https://www.gnu.org/software/grub/manual/grub.html#Embedded-data
 # usual values are marked with comments to get only informations of strange GRUB loaders
 >342		search/60	\0Geom\0
 #>0		ulelong		x		%x=0x009048EB ,	0x2a9048EB  0
@@ -9422,7 +10521,7 @@
 # skip FSInfosector
 >>>>>>0		string		!RRaA
 # skip 3rd sector of MS x86 bootloader with assember instructions cli;MOVZX EAX,BYTE PTR [BP+10];MOV ECX,
-# http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm
+# https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm
 >>>>>>>0	ubequad		!0xfa660fb64610668b
 # skip 13rd sector of MS x86 bootloader
 >>>>>>>>0	ubequad		!0x660fb64610668b4e
@@ -9435,7 +10534,7 @@
 >>>>>>>>>>>446	use		partition-table
 # TODO: test for extended bootrecord (ebr) moved and merged with mbr partition table entries
 # mbr partition table entries end
-# http://www.acronis.de/
+# https://www.acronis.de/
 #FAT label=ACRONIS\ SZ
 #OEM-ID=BOOTWIZ0
 >442	string	Non-system\ disk,\040
@@ -9868,8 +10967,8 @@
 >>>>505		ubyte&0xDF	>0
 >>>>>505	string		x 			\b.%-.3s
 # added by Joerg Jenderek
-# http://www.visopsys.org/
-# http://partitionlogic.org.uk/
+# https://www.visopsys.org/
+# https://partitionlogic.org.uk/
 # OEM-ID=Visopsys
 >478		ulelong	0
 >>(1.b+326)	string	I/O\ Error\ reading\040
@@ -9896,8 +10995,8 @@
 #it prints a very short message ("RE") to the screen and hangs the computer.
 # x86 bootloader end
 
-# added by Joerg Jenderek at Feb 2013 according to http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
-# and http://en.wikipedia.org/wiki/File_Allocation_Table#FS_Information_Sector
+# added by Joerg Jenderek at Feb 2013 according to https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
+# and https://en.wikipedia.org/wiki/File_Allocation_Table#FS_Information_Sector
 >0		string		RRaA
 >>0x1E4		string		rrAa		\b, FSInfosector
 #>>0x1FC	uleshort	=0		SHOULD BE ZERO
@@ -9960,7 +11059,7 @@
 >11			ubyte		x		\b+
 >11			use		DOS-filename
 
-# http://en.wikipedia.org/wiki/Master_boot_record#PTE
+# https://en.wikipedia.org/wiki/Master_boot_record#PTE
 # display standard partition table
 0	name				partition-table
 #>0		ubyte		x	PARTITION-TABLE
@@ -10027,20 +11126,20 @@
 0x18b	string	OS/2	OS/2 Boot Manager
 
 # updated by Joerg Jenderek at Oct 2008 and Sep 2012
-# http://syslinux.zytor.com/iso.php
+# https://syslinux.zytor.com/iso.php
 # tested with versions 1.47,1.48,1.49,1.50,1.62,1.76,2.00,2.10;3.00,3.11,3.31,;3.70,3.71,3.73,3.75,3.80,3.82,3.84,3.86,4.01,4.03 and 4.05
 # assembler instructions: cli;jmp 0:7Cyy (yy=0x40,0x5e,0x6c,0x6e,0x77);nop;nop
 0	ulequad&0x909000007cc0eafa	0x909000007c40eafa
 >631	search/689	ISOLINUX\ 	isolinux Loader
 >>&0	string		x		(version %-4.4s)
-# http://syslinux.zytor.com/pxe.php
+# https://syslinux.zytor.com/pxe.php
 # assembler instructions: jmp 7C05
 0	ulelong	0x007c05ea		pxelinux loader (version 2.13 or older)
 # assembler instructions: pushfd;pushad
 0	ulelong	0x60669c66		pxelinux loader
 # assembler instructions: jmp 05
 0	ulelong	0xc00005ea		pxelinux loader (version 3.70 or newer)
-# http://syslinux.zytor.com/wiki/index.php/SYSLINUX
+# https://syslinux.zytor.com/wiki/index.php/SYSLINUX
 0	string	LDLINUX\ SYS\ 		SYSLINUX loader
 >12	string	x			(older version %-4.4s)
 0	string	\r\nSYSLINUX\ 		SYSLINUX loader
@@ -10086,7 +11185,7 @@
 >0004	uleshort	x
 # ERRorTeXT
 >>181	search/166		Error\ \0\r\n				NetBSD mbr
-# NT Drive Serial Number http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DS
+# NT Drive Serial Number https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DS
 >>>0x1B8	ubelong		>0					\b,Serial 0x%-.8x
 # BOOTSEL definitions contains assembler instructions: int 0x13;pop dx;push dx;push dx
 >>>0xbb		search/71	\xcd\x13\x5a\x52\x52			\b,bootselector
@@ -10122,7 +11221,7 @@
 >>>398		string	Disk\ error\r\n\0FDD\0HDD\0
 >>>>419		string	\ EBIOS\r\n\0				AdvanceMAME mbr
 
-# Neil Turton mbr loader variant of http://www.chiark.greenend.org.uk/~neilt/mbr/
+# Neil Turton mbr loader variant of https://www.chiark.greenend.org.uk/~neilt/mbr/
 # added by Joerg Jenderek at Mar 2011 for versions 1.0.0 - 1.1.11
 # for 1st version assembler instructions:	cld;xor ax,ax;mov DS,ax;MOV ES,AX;mov SI,
 # or  	  	  	    			cld;xor ax,ax;mov SS,ax;XOR SP,SP;mov DS,
@@ -10135,7 +11234,7 @@
 >>>(0x1BC.s+9)		ubyte		x			\bVersion<=%u
 #>>>(0x1BC.s+8)		ubyte		x			asm_flag_%x
 >>>(0x1BC.s+8)		ubyte&1		1			\b,Y2K-Fix
-# variant used by testdisk of http://www.cgsecurity.org/wiki/Menu_MBRCode
+# variant used by testdisk of https://www.cgsecurity.org/wiki/Menu_MBRCode
 >>>(0x1BC.s+8)		ubyte&2		2			\b,TestDisk
 #0x1~1,..,0x8~4,0x10~F,0x80~A enabled
 #>>>(0x1BC.s+10)		ubyte		x			\b,flags 0x%x
@@ -10168,7 +11267,7 @@
 # added by Joerg Jenderek
 # In the second sector (+0x200) are variables according to grub-0.97/stage2/asm.S or
 # grub-1.94/kern/i386/pc/startup.S
-# http://www.gnu.org/software/grub/manual/grub.html#Embedded-data
+# https://www.gnu.org/software/grub/manual/grub.html#Embedded-data
 # usual values are marked with comments to get only informations of strange GRUB loaders
 0x200	uleshort		0x70EA
 # found only version 3.{1,2}
@@ -10223,7 +11322,7 @@
 # DOS x86 sector updated and separated from "DOS/MBR boot sector" by Joerg Jenderek at May 2011
 # JuMP short     bootcodeoffset NOP assembler instructions will usually be EB xx 90
 # over BIOS parameter block (BPB)
-# http://thestarman.pcministry.com/asm/2bytejumps.htm#FWD
+# https://thestarman.pcministry.com/asm/2bytejumps.htm#FWD
 # older drives may use Near JuMP instruction E9 xx xx
 # minimal short forward jump found 0x29 for bootloaders or 0x0
 # maximal short forward jump is 0x7f
@@ -10276,7 +11375,7 @@
 >>>>>26		ubyte		=1		\b, heads %u
 # valid only for sector sizes with more then 32 Bytes
 >>>>>11		uleshort	>32
-# http://en.wikipedia.org/wiki/Design_of_the_FAT_file_system#Extended_BIOS_Parameter_Block
+# https://en.wikipedia.org/wiki/Design_of_the_FAT_file_system#Extended_BIOS_Parameter_Block
 # skip for values 2,2Ah,70h,73h,DFh
 # and continue for extended boot signature values 0,28h,29h,80h
 >>>>>>38	ubyte&0x56	=0
@@ -10338,7 +11437,7 @@
 # FAT32 bit specific
 >>>>>82		string/c	fat32		\b, FAT (32 bit)
 >>>>>>36	ulelong		x		\b, sectors/FAT %u
-# http://technet.microsoft.com/en-us/library/cc977221.aspx
+# https://technet.microsoft.com/en-us/library/cc977221.aspx
 >>>>>>40	uleshort	>0		\b, extension flags 0x%x
 #>>>>>>40	uleshort	=0		\b, extension flags %hu
 >>>>>>42	uleshort	>0		\b, fsVersion %u
@@ -10355,7 +11454,7 @@
 #>>>>>>50	uleshort	=6		\b, Backup boot sector %u (usual)
 >>>>>>50	default		x
 >>>>>>>50	uleshort	x		\b, Backup boot sector %u
-# corrected by Joerg Jenderek at Feb 2011 according to http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
+# corrected by Joerg Jenderek at Feb 2011 according to https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
 >>>>>>52	ulelong		>0		\b, reserved1 0x%x
 >>>>>>56	ulelong		>0		\b, reserved2 0x%x
 >>>>>>60	ulelong		>0		\b, reserved3 0x%x
@@ -10381,7 +11480,7 @@
 >>>>>>>(11.s)	ulelong&0x00ffffF0	0x00ffffF0	\b, followed by FAT
 # floppy image
 !:mime application/x-ima
-# NTFS specific added by Joerg Jenderek at Mar 2011 according to http://thestarman.pcministry.com/asm/mbr/NTFSBR.htm
+# NTFS specific added by Joerg Jenderek at Mar 2011 according to https://thestarman.pcministry.com/asm/mbr/NTFSBR.htm
 # and http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/bios-parameter-block.html
 # 0 FATs
 >>>>>16	ubyte		=0
@@ -10412,18 +11511,39 @@
 >>>>>>>>>72	ulequad		x		\b, serial number 0%llx
 >>>>>>>>>80	ulelong		>0		\b, checksum 0x%x
 #>>>>>>>>>80	ulelong		=0		\b, checksum 0x%x=0 (usual)
->>>>>>>>>0x258	ulelong&0x00009090	=0x00009090
->>>>>>>>>>&-92		indirect	x	\b; contains
-# For 2nd NTFS sector added by Joerg Jenderek at Jan 2013
-# http://thestarman.pcministry.com/asm/mbr/NTFSbrHexEd.htm
-# unused assembler instructions JMP y2;NOP;NOP
-0x056		ulelong&0xFFFF0FFF	0x909002EB
-# unicode loadername terminated by CTRL-D
->(0.s*2)	ulelong&0xFFFFFF00	0x00040000
+# unicode loadername size jump
+>>>>>>>>>(0x200.s*2)	ubyte				x
+# in next sector loadername terminated by unicode CTRL-D and $
+>>>>>>>>>>&0x1FF	ulequad&0x0000FFffFFffFF00	0x0000002400040000 \b; contains
+# if 2nd NTFS sectors is found then assume whole filesystem
+#!:mime		application/x-raw-disk-image
+!:ext		img/bin/ntfs
+>>>>>>>>>>>0x200	use				ntfs-sector2
+
+# For 2nd NTFS sector added by Joerg Jenderek at Jan 2013, Mar 2019
+# https://thestarman.pcministry.com/asm/mbr/NTFSbrHexEd.htm
+# unused assembler instructions short JMP y2;NOP;NOP
+0x056		ulelong&0xFFFF0FFF	0x909002EB	NTFS
+#!:mime		application/octet-stream
+!:ext		bin
+>0		use		ntfs-sector2
+# https://memory.dataram.com/products-and-services/software/ramdisk
+# assembler instructions JMP C000;NOP
+0x056		ulelong			0x9000c0e9	NTFS
+#!:mime		application/octet-stream
+!:ext		bin
+>0		use		ntfs-sector2
+# check for characteristics of second NTFS sector and then display loader name
+0		name		ntfs-sector2
+# number of utf16 characters of loadername
+>0		uleshort	<8
+# unused assembler instructions JMP y2;NOP;NOP or JMP C000;NOP
+>>0x056		ulelong&0xFF0000FD	0x900000E9
 # loadernames are NTLDR,CMLDR,PELDR,$LDR$ or BOOTMGR
->>0x002		lestring16	x	Microsoft Windows XP/VISTA bootloader %-5.5s
->>0x12		string		$
->>>0x0c		lestring16	x	\b%-2.2s
+>>>0x002		lestring16	x	bootstrap %-5.5s
+# check for 7 character length of loader name like BOOTMGR
+>>>0		uleshort	7
+>>>>0x0c	lestring16	x	\b%-2.2s
 ### DOS,NTFS boot sectors end
 
 # ntfsclone-image is a special save format for NTFS volumes,
@@ -10562,7 +11682,7 @@
 # ext2/ext3 filesystems - Andreas Dilger <adilger@dilger.ca>
 # ext4 filesystem - Eric Sandeen <sandeen@sandeen.net>
 # volume label and UUID Russell Coker
-# http://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
+# https://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
 0x438   leshort         0xEF53          Linux
 >0x44c  lelong          x               rev %d
 >0x43e  leshort         x               \b.%d
@@ -10674,7 +11794,7 @@
 ############################################################################
 # Minix-ST kernel floppy
 0x800	belong		0x46fc2700	Atari-ST Minix kernel image
-# http://en.wikipedia.org/wiki/BIOS_parameter_block
+# https://en.wikipedia.org/wiki/BIOS_parameter_block
 # floppies with valid BPB and any instruction at beginning
 >19	string		\240\005\371\005\0\011\0\2\0	\b, 720k floppy
 >19	string		\320\002\370\005\0\011\0\1\0	\b, 360k floppy
@@ -10744,7 +11864,7 @@
 #
 
 # all FAT12 (strength=70) floppies with sectorsize 512 added by Joerg Jenderek at Jun 2013
-# http://en.wikipedia.org/wiki/File_Allocation_Table#Exceptions
+# https://en.wikipedia.org/wiki/File_Allocation_Table#Exceptions
 # Too Weak.
 #512		ubelong&0xE0ffff00	0xE0ffff00
 # without valid Media descriptor in place of BPB, cases with are done at other places
@@ -10757,7 +11877,7 @@
 #>>512		ubyte			=0xfa			320k
 #>>512		ubyte			=0xfb			640k
 #>>512		ubyte			=0xfc			180k
-# look like an an old DOS directory entry
+# look like an old DOS directory entry
 #>>>0xA0E	ubequad			0
 #>>>>0xA00	ubequad			!0
 #!:mime application/x-ima
@@ -10788,26 +11908,26 @@
 # only x86 short jump instruction found
 #>>>0		ubyte			=0xEB
 #>>>>1		ubyte			x			\b, code offset 0x%x+2
-# http://thestarman.pcministry.com/DOS/ibm100/Boot.htm
+# https://thestarman.pcministry.com/DOS/ibm100/Boot.htm
 # assembler instructions: CLI;MOV AX,CS;MOV DS,AX;MOV DX,0
 #>>>>(1.b+2)	ubequad			0xfa8cc88ed8ba0000	\b, PC-DOS 1.0 bootloader
 # ibmbio.com+ibmdos.com
 #>>>>>0x176	use			DOS-filename
 #>>>>>0x181	ubyte			x			\b+
 #>>>>>0x182	use			DOS-filename
-# http://thestarman.pcministry.com/DOS/ibm110/Boot.htm
+# https://thestarman.pcministry.com/DOS/ibm110/Boot.htm
 # assembler instructions: CLI;MOV AX,CS;MOV DS,AX;XOR DX,DX;MOV
 #>>>>(1.b+2)	ubequad			0xfa8cc88ed833d28e	\b, PC-DOS 1.1 bootloader
 # ibmbio.com+ibmdos.com
 #>>>>>0x18b	use			DOS-filename
 #>>>>>0x196	ubyte			x			\b+
 #>>>>>0x197	use			DOS-filename
-# http://en.wikipedia.org/wiki/Zenith_Data_Systems
+# https://en.wikipedia.org/wiki/Zenith_Data_Systems
 # assembler instructions: MOV BX,07c0;MOV SS,BX;MOV SP,01c6
 #>>>>(1.b+2)	ubequad			0xbbc0078ed3bcc601	\b, Zenith Data Systems MS-DOS 1.25 bootloader
 # IO.SYS+MSDOS.SYS
 #>>>>>0x20	use			2xDOS-filename
-# http://en.wikipedia.org/wiki/Corona_Data_Systems
+# https://en.wikipedia.org/wiki/Corona_Data_Systems
 # assembler instructions: MOV AX,CS;MOV DS,AX;CLI;MOV SS,AX;
 #>>>>(1.b+2)	ubequad			0x8cc88ed8fa8ed0bc	\b, MS-DOS 1.25 bootloader
 # IO.SYS+MSDOS.SYS
@@ -10860,7 +11980,7 @@
 >307200	use cdrom
 
 # .cso files
-# Reference: http://pismotec.com/ciso/ciso.h
+# Reference: https://pismotec.com/ciso/ciso.h
 # NOTE: There are two other formats with the same magic but
 # completely incompatible specifications:
 # - GameCube/Wii CISO: https://github.com/dolphin-emu/dolphin/blob/master/Source/Core/DiscIO/CISOBlob.h
@@ -10869,10 +11989,13 @@
 # Other fields are used to determine what type of CISO this is:
 # - 0x04 == 0x00200000: GameCube/Wii CISO (block_size)
 # - 0x10 == 0x00000800: PSP CISO (ISO-9660 sector size)
+# - 0x10 == 0x00004000: For >2GB files using maxcso...
+# 			https://github.com/unknownbrackets/maxcso/issues/26
 # - None of the above: Compact ISO.
 >4	lelong	!0
 >>4	lelong	!0x200000
->>>0x10	lelong	!0x800		Compressed ISO CD image
+>>>16	lelong	!0x800
+>>>>16	lelong	!0x4000		Compressed ISO CD image
 
 # cramfs filesystem - russell@coker.com.au
 0       lelong    0x28cd3d45      Linux Compressed ROM File System data, little endian
@@ -11120,7 +12243,7 @@
 >984    string          x               volume label is '%-12.12s'
 
 # From: Thomas Klausner <wiz@NetBSD.org>
-# http://filext.com/file-extension/DAA
+# https://filext.com/file-extension/DAA
 # describes the daa file format. The magic would be:
 0	string		DAA\x0\x0\x0\x0\x0	PowerISO Direct-Access-Archive
 
@@ -11294,12 +12417,12 @@
 !:ext	imgc
 
 #------------------------------------------------------------------------------
-# $File: finger,v 1.2 2015/10/07 02:37:57 christos Exp $
+# $File: finger,v 1.3 2019/04/19 00:42:27 christos Exp $
 # fingerprint:  file(1) magic for fingerprint data
 # XPM bitmaps)
 #
 
-# http://cgit.freedesktop.org/libfprint/libfprint/tree/libfprint/data.c
+# https://cgit.freedesktop.org/libfprint/libfprint/tree/libfprint/data.c
 
 0	string	FP1		libfprint fingerprint data V1
 >3	beshort	x		\b, driver_id %x
@@ -11310,13 +12433,13 @@
 >5	belong	x		\b, devtype %x
 
 #------------------------------------------------------------------------------
-# $File: flash,v 1.14 2017/05/25 20:09:55 christos Exp $
+# $File: flash,v 1.15 2019/04/19 00:42:27 christos Exp $
 # flash:	file(1) magic for Macromedia Flash file format
 #
 # See
 #
-#	http://www.macromedia.com/software/flash/open/
-#	http://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/\
+#	https://www.macromedia.com/software/flash/open/
+#	https://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/\
 #	en/devnet/swf/pdf/swf-file-format-spec.pdf page 27
 #
 
@@ -11408,7 +12531,7 @@
 >>4	string	=d	\b, RGBA, interlaced
 
 #------------------------------------------------------------------------------
-# $File: fonts,v 1.38 2017/11/14 15:48:36 christos Exp $
+# $File: fonts,v 1.41 2019/05/05 16:44:04 christos Exp $
 # fonts:  file(1) magic for font data
 #
 0	search/1	FONT		ASCII vfont text
@@ -11425,7 +12548,7 @@
 
 # Summary:	PostScript Type 1 Printer Font Metrics
 # URL:		https://en.wikipedia.org/wiki/PostScript_fonts
-# Reference:	http://partners.adobe.com/public/developer/en/font/5178.PFM.pdf
+# Reference:	https://partners.adobe.com/public/developer/en/font/5178.PFM.pdf
 # Modified by:	Joerg Jenderek
 # Note:		moved from ./msdos magic
 # dfVersion 256=0100h
@@ -11488,7 +12611,7 @@
 0	search/1	STARTFONT\ 		X11 BDF font text
 
 # From: Joerg Jenderek
-# URL: http://grub.gibibit.com/New_font_format
+# URL: https://grub.gibibit.com/New_font_format
 # Reference: util/grub-mkfont.c
 #		include/grub/fontformat.h
 # FONT_FORMAT_SECTION_NAMES_FILE
@@ -11536,6 +12659,58 @@
 7	belong		0x00564944	DOS code page font data (from Linux?)
 4098	string		DOSFONT		DOSFONT2 encrypted font data
 
+# From: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/GEM_bitmap_font
+# Reference: http://cd.textfiles.com/ataricompendium/BOOK/HTML/APPENDC.HTM#cnt
+#
+# usual case with lightening mask and skewing mask 5555h~UU
+62	ulelong		0x55555555
+>0	use		gdos-font
+# BOX18.GFT COWBOY30.GFT ROYALK30.GFT
+62	ulelong		0
+# skip ISO 9660 CD-ROM ./filesystem by looking for low positive face size
+>2	uleshort	>2
+# skip DOS 2.0 backup id file ./msdos by looking for face size lower/equal 48
+>>2	uleshort	<49
+# skip MS Windows ICO ./msdos by looking for valid face name
+>>>4	ubeshort	>0x1F00
+# skip DOS executable BACKM212.COM by looking for horizontal offset table after header
+#>>>>68	ulelong		>87		OFFSET_OK
+>>>>0	use		gdos-font
+0	name		gdos-font
+>0	uleshort	x		GEM GDOS font
+!:mime	application/x-font-gdos
+# also .eps found like AA070GEP.EPS AI360GEP.EPS
+!:ext	fnt/gtf
+# font name like University Bold
+>4	string		x		%.32s
+# face size in points 3-48
+>2	uleshort	x		%u
+# face ID (must be unique)
+>0	uleshort	x		\b, ID 0x%4.4x
+# lowest character index in face (usually 32 for disk-loaded fonts).
+#>36	uleshort	x		\b, low character index %u
+# width of the widest character
+#>50	uleshort	x		\b, %u char width
+# width of the widest character cell
+#>52	uleshort	x		\b, %u cell width
+# thickening size
+#>58	uleshort	x		\b, %u thick
+# lightening mask to eliminate pixels, usually 5555h
+>62	uleshort	!0x5555		\b, lightening mask 0x%x
+# skewing mask to determine when to perform additional rotation when skewing, usually 5555h
+>64	uleshort	!0x5555		\b, skewing mask 0x%x
+# offset to horizontal offset table 58h~88 5eh
+#>68	ulelong		>88		\b, 0x%x horizontal table offset
+# offset character offset table
+#>72	ulelong		x		\b, 0x%x coffset
+# offset to font data
+#>72	ulelong		x		\b, 0x%x foffset
+# form width in bytes
+#>80	uleshort	x		\b, %u fwidth
+# pointer to the next font, set by GDOS after loading
+#>84	ulelong		x		\b, 0x%x noffset
+
 # downloadable fonts for browser (prints type) anthon@mnt.org
 # https://tools.ietf.org/html/rfc3073
 0	string		PFR1		Portable Font Resource font data (new)
@@ -11575,16 +12750,14 @@
 >>12	regex/4l	\^[A-Za-z][A-Za-z][A-Za-z/][A-Za-z2\ ]	
 #>>>0	ubelong	x	\b, sfnt version 0x%x
 >>>0	ubelong	!0x4f54544f	TrueType
-!:mime	application/font-sfnt
-#!:mime	font/ttf
+!:mime	font/sfnt
 !:apple	????tfil
 # .ttf for TrueType font
 # EUDC.tte created by privat character editor %WINDIR%\system32\eudcedit.exe
 !:ext	ttf/tte
 # sfnt version 4F54544Fh~OTTO
 >>>0	ubelong	=0x4f54544f	OpenType
-!:mime	application/font-sfnt
-#!:mime	font/otf
+!:mime	font/otf
 !:apple	????OTTO
 !:ext	otf
 >>>0	ubelong	x		Font data
@@ -11665,7 +12838,7 @@
 
 # TrueType/OpenType font collections (.ttc)
 # URL: https://en.wikipedia.org/wiki/OpenType
-# http://www.microsoft.com/typography/otspec/otff.htm
+# https://www.microsoft.com/typography/otspec/otff.htm
 # Modified by: Joerg Jenderek
 # Note:	container for TrueType, OpenType font
 0	string		ttcf
@@ -11673,17 +12846,16 @@
 >4	ubyte		0		
 # sfnt version often 0x00010000 of 1st table is TrueType
 >>(12.L)	ubelong	!0x4f54544f	TrueType
-#!:mime	font/ttf
+!:mime	font/ttf
 !:apple	????tfil
 !:ext	ttc
 # sfnt version 4F54544Fh~OTTO of 1st table is OpenType font 
 >>(12.L)	ubelong	=0x4f54544f	OpenType
-#!:mime	font/otf
+!:mime	font/otf
 !:apple	????OTTO
 # no example found for otc
 !:ext	ttc/otc
 >>4	ubyte		x		font collection data
-!:mime	application/font-sfnt
 #!:mime	font/collection
 # TCC version
 >>4	belong		0x00010000	\b, 1.0
@@ -11728,12 +12900,12 @@
 #>14	beshort		x		\b, reserved %d
 #>16	belong		x		\b, totalSfntSize %d
 
-# http://www.w3.org/TR/WOFF/
+# https://www.w3.org/TR/WOFF/
 0	string		wOFF	Web Open Font Format
 >0	use		woff
 >20	beshort		x	\b, version %d
 >22	beshort		x	\b.%d
-# http://www.w3.org/TR/WOFF2/
+# https://www.w3.org/TR/WOFF2/
 0	string		wOF2	Web Open Font Format (Version 2)
 >0	use		woff
 #>20	belong		x	\b, totalCompressedSize %d
@@ -11944,7 +13116,7 @@
 >>11	byte	x		%d chars high
 
 #------------------------------------------------------------------------------
-# $File: fsav,v 1.14 2017/03/17 21:35:28 christos Exp $
+# $File: fsav,v 1.19 2019/04/19 00:42:27 christos Exp $
 # fsav:  file(1) magic for datafellows fsav virus definition files
 # Anthon van der Neut (anthon@mnt.org)
 
@@ -11984,23 +13156,64 @@
 #>>>>>>13	ubyte	x		\b%02x bytes
 
 # Joerg Jenderek: joerg dot jenderek at web dot de
-# http://www.clamav.net/doc/latest/html/node45.html
-# .cvd files start with a 512 bytes colon separated header
+# clamav-0.100.2\docs\html\node60.html 
+# https://github.com/vrtadmin/clamav-faq/raw/master/manual/clamdoc.pdf
+# ClamAV virus database files start with a 512 bytes colon separated header
 # ClamAV-VDB:buildDate:version:signaturesNumbers:functionalityLevelRequired:MD5:Signature:builder:buildTime
-# + gzipped tarball files
-0	string		ClamAV-VDB:
->11	string		>\0		Clam AntiVirus database %-.23s
->>34	string		:
->>>35		string		!:	\b, version
->>>>35		string		x 	\b%-.1s
->>>>>36		string 		!:
->>>>>>36	string		x 	\b%-.1s
->>>>>>>37	string		!:
->>>>>>>>37	string		x 	\b%-.1s
->>>>>>>>>38	string		!:
->>>>>>>>>>38	string		x 	\b%-.1s
->512	string		\037\213	\b, gzipped
->769	string		ustar\0		\b, tarred
+# + gzipped (optional) tarball files
+# output can often be verified by `sigtool --info=FILE`
+0	string		ClamAV-VDB:	Clam AntiVirus
+# padding spaces implies database
+>511	ubyte		=0x20		database
+!:mime	application/x-clamav-database
+# empty build time
+>>10	string		=::		(unsigned)
+# sigtool(1) man page
+!:ext	cud
+# display some text to avoid error like:
+# Magdir/fsav, 78: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files! (No error)
+>>10	default		x		(with buildtime)
+#>>10	default		x
+# clamtmp is used for temporily database like update process
+# for pure tar database only cld extension found
+!:ext	cld/cvd/clamtmp/cud
+>511	default		x		file
+!:mime	application/x-clamav
+!:ext	info
+>11	string		>\0
+# buildDate empty or like "22 Mar 2017 12-57 -0400"; verified by `sigtool -i FILE`
+>>11	regex		\^[^:]{0,23}	\b, %s
+# version like 25170
+>>>&1	regex		\^[^:]{1,6}	\b, version %s
+# signaturesNumbers like 4566249
+>>>>&1	regex		\^[^:]{1,10}	\b, %s signatures
+# functionalityLevelRequired like 60
+>>>>>&1	regex		\^[^:]{1,4}	\b, level %s
+# X for nothing or MD5
+#>>>>>>&1	regex	\^[^:]{1,32}	\b, MD5 "%s"
+>>>>>>&1	regex	\^[^:]{1,32}
+# X for nothing or digital signature starting like AIzk/LYbX
+#>>>>>>>&1	regex	\^[^:]{1,255}	\b, signature "%s"
+>>>>>>>&1	regex	\^[^:]{1,255}
+# builder like neo
+>>>>>>>>&1	regex	\^[^:]{1,32}	\b, builder %s
+# buildTime like 1506611558
+#>>>>>>>>>&1	regex	\^[^:]{1,10}	\b, %s
+>>>>>>>>>&1	regex	\^[^:]{1,10}	
+# padding with spaces
+#>>>>>>>>>>&1	ubequad	x		\b, padding 0x%16.16llx
+>510	ubyte		=0x20
+# inspect real database content
+#>>512	ubeshort	x		\b, database MAGIC 0x%x
+# ./archive handle pure tar archives
+>>1012	quad		=0		\b, with
+>>>512	use		tar-file
+# not pure tar
+>>1012	quad		!0
+# one space at the end of text and then handles gziped archives by ./compress
+>>>512	string		\037\213	\b, with 
+>>>>512	indirect	x
 
 # Type: Grisoft AVG AntiVirus
 # From: David Newgas <david@newgas.net>
@@ -12009,6 +13222,27 @@
 0	string	X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR
 >33	string	-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*	EICAR virus test files
 
+# From: Joerg Jenderek
+# URL: https://www.avira.com/
+# Note: found in directory %ProgramData%\Avira\Antivirus\INFECTED (Windows)
+# tested with version 15.0.43.23 at November 2019
+0	string		AntiVir\ Qua	Avira AntiVir quarantined
+!:mime	application/x-avira-qua
+#!:mime	application/octet-stream
+!:ext	qua
+>156	string		SUSPICIOUS_FILE
+# file path of suspicious file
+>>220	lestring16	x		%s
+>156	string		!SUSPICIOUS_FILE
+# file path of virus file
+>>228	lestring16	x		%s
+# quarantined date
+>60	ldate		x		at %s
+# virus/danger name
+>156	string		!SUSPICIOUS_FILE
+>>156	string		x		\b, category "%s"
+
+
 #------------------------------------------------------------------------------
 # $File: fusecompress,v 1.2 2011/08/08 09:05:55 christos Exp $
 # fusecompress:   file(1) magic for fusecompress
@@ -12022,7 +13256,7 @@
 >4	long	x	uncompressed size: %d
 
 #------------------------------------------------------------------------------
-# $File: games,v 1.16 2017/10/19 16:40:37 christos Exp $
+# $File: games,v 1.17 2019/04/19 00:42:27 christos Exp $
 # games:  file(1) for games
 
 # Fabio Bonelli <fabiobonelli@libero.it>
@@ -12233,7 +13467,7 @@
 
 # Summary: SGF Smart Game Format
 # Extension: .sgf
-# Reference: http://www.red-bean.com/sgf/
+# Reference: https://www.red-bean.com/sgf/
 # Created by: Eduardo Sabbatella <eduardo_sabbatella@yahoo.com.ar>
 # Modified by (1): Abel Cheung (regex, more game format)
 # FIXME: Some games don't have GM (game type)
@@ -12303,7 +13537,7 @@
 >>&0		regex		[0-9a-z.]+				\b, version %s
 
 # Type:	SGF Smart Game Format
-# URL:	http://www.red-bean.com/sgf/
+# URL:	https://www.red-bean.com/sgf/
 # From:	Eduardo Sabbatella <eduardo_sabbatella@yahoo.com.ar>
 2	regex/c	\\(;.*GM\\[[0-9]{1,2}\\]	Smart Game Format
 >2	regex/c	GM\\[1\\]			- Go Game
@@ -12350,7 +13584,7 @@
 0		lelong		0x20010324 	gconv module configuration cache data
 
 #------------------------------------------------------------------------------
-# $File: geo,v 1.6 2018/03/11 00:48:16 christos Exp $
+# $File: geo,v 1.7 2019/04/19 00:42:27 christos Exp $
 # Geo- files from Kurt Schwehr <schwehr@ccom.unh.edu>
 
 ######################################################################
@@ -12399,7 +13633,7 @@
 
 ######################################################################
 #
-# MULTIBEAM SONARS http://www.ldeo.columbia.edu/res/pi/MB-System/formatdoc/
+# MULTIBEAM SONARS https://www.ldeo.columbia.edu/res/pi/MB-System/formatdoc/
 #
 ######################################################################
 
@@ -12417,11 +13651,11 @@
 # format. It is the format of our upgraded SeaBeam 2112 on R/V KNORR.
 0    string $HSF    XSE multibeam
 
-# mb121 http://www.saic.com/maritime/gsf/
+# mb121 https://www.saic.com/maritime/gsf/
 8	string	GSF-v	SAIC generic sensor format (GSF) sonar data,
 >&0	regex [0-9]*\.[0-9]*	version %s
 
-# MGD77 - http://www.ngdc.noaa.gov/mgg/dat/geodas/docs/mgd77.htm
+# MGD77 - https://www.ngdc.noaa.gov/mgg/dat/geodas/docs/mgd77.htm
 # mb161
 9	string MGD77	MGD77 Header, Marine Geophysical Data Exchange Format
 
@@ -12454,7 +13688,7 @@
 # https://midas.psi.ch/elog/
 0	string	$@MID@$	elog journal entry
 
-# Geospatial Designs http://www.geospatialdesigns.com/surfer6_format.htm
+# Geospatial Designs https://www.geospatialdesigns.com/surfer6_format.htm
 0	string		DSBB	Surfer 6 binary grid file
 >4	leshort		x	\b, %d
 >6	leshort		x	\bx%d
@@ -12467,7 +13701,7 @@
 
 # magic for LAS format files
 # alex myczko <alex@aiei.ch>
-# http://www.asprs.org/wp-content/uploads/2010/12/LAS_1_3_r11.pdf
+# https://www.asprs.org/wp-content/uploads/2010/12/LAS_1_3_r11.pdf
 0	string		LASF	LIDAR point data records
 >24	byte		>0	\b, version %u
 >25	byte		>0	\b.%u
@@ -12547,7 +13781,28 @@
 0	string	#\040GIMP\040Curves\040File	GIMP curve file
 
 #------------------------------------------------------------------------------
-# $File: gnome,v 1.5 2014/04/30 21:41:02 christos Exp $
+# $File: glibc,v 1.1 2018/10/11 15:35:43 christos Exp $
+# glibc locale files
+#
+# https://sourceware.org/git/?p=glibc.git;f=locale/localeinfo.h;h=68822a63#l32
+
+0	belong	0x20070920	glibc locale file LC_CTYPE
+0	belong	0x14110320	glibc locale file LC_NUMERIC
+0	belong	0x17110320	glibc locale file LC_TIME
+0	belong	0x17100520	glibc locale file LC_COLLATE
+0	belong	0x11110320	glibc locale file LC_MONETARY
+0	belong	0x10110320	glibc locale file LC_MESSAGES
+0	belong	0x13110320	glibc locale file LC_ALL
+0	belong	0x12110320	glibc locale file LC_PAPER
+0	belong	0x1d110320	glibc locale file LC_NAME
+0	belong	0x1c110320	glibc locale file LC_ADDRESS
+0	belong	0x1f110320	glibc locale file LC_TELEPHONE
+0	belong	0x1e110320	glibc locale file LC_MEASUREMENT
+0	belong	0x19110320	glibc locale file LC_IDENTIFICATION
+
+
+#------------------------------------------------------------------------------
+# $File: gnome,v 1.6 2019/04/19 00:42:27 christos Exp $
 # GNOME related files
 
 # Contributed by Josh Triplett
@@ -12589,7 +13844,7 @@
 # It's always "GVariant", it's byte swapped on incompatible archs
 # See https://github.com/GNOME/gvdb/blob/master/gvdb-builder.c
 # file_builder_serialise()
-# http://developer.gnome.org/glib/2.34/glib-GVariant.html#GVariant
+# https://developer.gnome.org/glib/2.34/glib-GVariant.html#GVariant
 0	string	GVariant	GVariant Database file,
 # version is never filled. probably future extension
 >8	lelong	x		version %d
@@ -12598,7 +13853,7 @@
 #>>>20	lelong	x		end %d
 
 # G-IR database made by gobject-introspect toolset,
-# http://live.gnome.org/GObjectIntrospection
+# https://live.gnome.org/GObjectIntrospection
 0	string		GOBJ\nMETADATA\r\n\032	G-IR binary database
 >16	byte		x			\b, v%d
 >17	byte		x			\b.%d
@@ -12606,7 +13861,7 @@
 >22	leshort		x			\b/%d local
 
 #------------------------------------------------------------------------------
-# $File: gnu,v 1.20 2018/02/24 16:11:23 christos Exp $
+# $File: gnu,v 1.21 2019/04/19 00:42:27 christos Exp $
 # gnu:  file(1) magic for various GNU tools
 #
 # GNU nlsutils message catalog file format
@@ -12754,7 +14009,7 @@
 
 
 # GnuPG Keybox file
-# <http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=kbx/keybox-blob.c;hb=HEAD>
+# <https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=kbx/keybox-blob.c;hb=HEAD>
 # From: Philipp Hahn <hahn@univention.de>
 0	belong	32
 >4	byte	1
@@ -13081,8 +14336,8 @@
 # end of ACE/gr and Grace type files - PLEASE DO NOT REMOVE THIS LINE
 
 #------------------------------------------------------------------------------
-# $File: graphviz,v 1.8 2014/06/03 19:01:34 christos Exp $
-# graphviz:  file(1) magic for http://www.graphviz.org/
+# $File: graphviz,v 1.9 2019/04/30 04:01:40 christos Exp $
+# graphviz:  file(1) magic for https://www.graphviz.org/
 
 # FIXME: These patterns match too generally. For example, the first
 # line matches a LaTeX file containing the word "graph" (with a {
@@ -13141,10 +14396,10 @@
 >3	string		>3		v.%.1s (unknown details)
 
 #------------------------------------------------------------------------------
-# $File: guile,v 1.1 2011/12/16 17:44:33 christos Exp $
+# $File: guile,v 1.2 2019/04/19 00:42:27 christos Exp $
 # Guile file magic from <dalepsmith@gmail.com>
-# http://www.gnu.org/s/guile/
-# http://git.savannah.gnu.org/gitweb/?p=guile.git;f=libguile/_scm.h;hb=HEAD#l250
+# https://www.gnu.org/s/guile/
+# https://git.savannah.gnu.org/gitweb/?p=guile.git;f=libguile/_scm.h;hb=HEAD#l250
 
 0	string	GOOF----	Guile Object
 >8	string	LE		\b, little endian
@@ -13154,7 +14409,19 @@
 >13	regex	.\..		\b, bytecode v%s
 
 #------------------------------------------------------------------------------
-# $File: hitachi-sh,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: hardware,v 1.1 2018/08/02 06:32:52 christos Exp $
+# hardware magic
+
+# EDID
+# https://en.wikipedia.org/wiki/Extended_Display_Identification_Data
+0	string		\x00\xFF\xFF\xFF\xFF\xFF\xFF\x00
+>19	byte		x
+>>18	byte		x	EDID data, version %u.
+>>19	byte		x	\b%u
+#>>17	ubyte+1990	<255	\b, manufactured %u
+
+#------------------------------------------------------------------------------
+# $File: hitachi-sh,v 1.9 2018/08/21 12:48:41 christos Exp $
 # hitach-sh: file(1) magic for Hitachi Super-H
 #
 # Super-H COFF
@@ -13172,6 +14439,7 @@
 # use big endian variant of subroutine to display name+variables+flags
 # for common object formated files
 >>0	use				\^display-coff
+!:strength -10
 
 0	leshort		0x0550
 # test for unused flag bits in f_flags
@@ -13179,10 +14447,11 @@
 # use little endian variant of subroutine to
 # display name+variables+flags for common object formated files
 >>0	use				display-coff
+!:strength -10
 
 
 #------------------------------------------------------------------------------
-# $File: hp,v 1.24 2014/04/30 21:41:02 christos Exp $
+# $File: hp,v 1.25 2019/01/13 00:32:38 christos Exp $
 # hp:  file(1) magic for Hewlett Packard machines (see also "printer")
 #
 # XXX - somebody should figure out whether any byte order needs to be
@@ -13302,12 +14571,6 @@
 0	belong 		0x020b010d	PA-RISC1.0 dynamic load library
 >96	belong		>0		- not stripped
 
-0	belong		0x213c6172	archive file
->68	belong 		0x020b0619	- PA-RISC1.0 relocatable library
->68	belong	 	0x02100619	- PA-RISC1.1 relocatable library
->68	belong 		0x02110619	- PA-RISC1.2 relocatable library
->68	belong 		0x02140619	- PA-RISC2.0 relocatable library
-
 #### 500
 0	long		0x02080106	HP s500 relocatable executable
 >16	long		>0		- version %d
@@ -13695,7 +14958,7 @@
 >24	belong		>0		- version %d
 
 #------------------------------------------------------------------------------
-# $File: ibm6000,v 1.13 2017/03/17 21:35:28 christos Exp $
+# $File: ibm6000,v 1.14 2019/03/07 17:21:54 christos Exp $
 # ibm6000:  file(1) magic for RS/6000 and the RT PC.
 #
 0	beshort		0x01df		executable (RISC System/6000 V3.1) or obj module
@@ -13712,6 +14975,8 @@
 0	belong		0x000001f9	AIX compiled message catalog
 0	string		\<aiaff>	archive
 0	string		\<bigaf>	archive (big format)
+0	belong		0x09006bea	AIX backup/restore format file
+0	belong		0x09006fea	AIX backup/restore format file
 
 0	beshort		0x01f7		64-bit XCOFF executable or object module
 >20	belong		0		not stripped
@@ -14013,7 +15278,7 @@
 !:mime	application/x-blorb
 
 #------------------------------------------------------------------------------
-# $File: images,v 1.131 2018/02/16 15:44:28 christos Exp $
+# $File: images,v 1.160 2019/04/19 00:42:27 christos Exp $
 # images:  file(1) magic for image formats (see also "iff", and "c-lang" for
 # XPM bitmaps)
 #
@@ -14040,23 +15305,25 @@
 # and Image Type 1 2 3 9 10 11 32 33
 # and Color Map Entry Size 0 15 16 24 32
 0	ubequad&0x00FeC400000000C0	0
+# Prevent conflicts with CRI ADX.
+>(2.S-2) belong	!0x28632943
 # skip more garbage like *.iso by looking for positive image type
->2	ubyte			>0
+>>2	ubyte			>0
 # skip some compiled terminfo like xterm+tmux by looking for image type less equal 33
->>2	ubyte			<34
+>>>2	ubyte			<34
 # skip arches.3200 , Finder.Root , Slp.1 by looking for low pixel depth 1 8 15 16 24 32
->>>16	ubyte			1
->>>>0		use		tga-image
->>>16	ubyte			8
->>>>0		use		tga-image
->>>16	ubyte			15
->>>>0		use		tga-image
->>>16	ubyte			16
->>>>0		use		tga-image
->>>16	ubyte			24
->>>>0		use		tga-image
->>>16	ubyte			32
->>>>0		use		tga-image
+>>>>16	ubyte			1
+>>>>>0		use		tga-image
+>>>>16	ubyte			8
+>>>>>0		use		tga-image
+>>>>16	ubyte			15
+>>>>>0		use		tga-image
+>>>>16	ubyte			16
+>>>>>0		use		tga-image
+>>>>16	ubyte			24
+>>>>>0		use		tga-image
+>>>>16	ubyte			32
+>>>>>0		use		tga-image
 #	display tga bitmap image information
 0	name				tga-image
 >2	ubyte		<34		Targa image data
@@ -14187,43 +15454,43 @@
 0	search/1	P1
 >0	regex/4		P1[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, bitmap
-!:strength + 45
+>>0	string		x	\b, bitmap
+!:strength + 65
 !:mime	image/x-portable-bitmap
 
 0	search/1	P2
 >0	regex/4		P2[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, greymap
-!:strength + 45
+>>0	string		x	\b, greymap
+!:strength + 65
 !:mime	image/x-portable-greymap
 
 0	search/1	P3
 >0	regex/4		P3[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, pixmap
-!:strength + 45
+>>0	string		x	\b, pixmap
+!:strength + 65
 !:mime	image/x-portable-pixmap
 
 0	string		P4
 >0	regex/4		P4[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, bitmap
-!:strength + 45
+>>0	string		x	\b, rawbits, bitmap
+!:strength + 65
 !:mime	image/x-portable-bitmap
 
 0	string		P5
 >0	regex/4		P5[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, greymap
-!:strength + 45
+>>0	string		x	\b, rawbits, greymap
+!:strength + 65
 !:mime	image/x-portable-greymap
 
 0	string		P6
 >0	regex/4		P6[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, pixmap
-!:strength + 45
+>>0	string		x	\b, rawbits, pixmap
+!:strength + 65
 !:mime	image/x-portable-pixmap
 
 0	string		P7		Netpbm PAM image file
@@ -14248,7 +15515,7 @@
 # Canon RAW version 1 (CRW) files are a type of Canon Image File Format
 # (CIFF) file. These are apparently all little-endian.
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://www.sno.phy.queensu.ca/~phil/exiftool/canon_raw.html
+# URL: https://www.sno.phy.queensu.ca/~phil/exiftool/canon_raw.html
 0	string		II\x1a\0\0\0HEAPCCDR	Canon CIFF raw image data
 !:mime	image/x-canon-crw
 >16	leshort		x	\b, version %d.
@@ -14258,9 +15525,10 @@
 # number. Put this above the TIFF test to make sure we detect them.
 # These are apparently all little-endian.
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://libopenraw.freedesktop.org/wiki/Canon_CR2
+# URL: https://libopenraw.freedesktop.org/wiki/Canon_CR2
 0	string		II\x2a\0\x10\0\0\0CR	Canon CR2 raw image data
 !:mime	image/x-canon-cr2
+!:strength +80
 >10	byte		x	\b, version %d.
 >11	byte		x	\b%d
 
@@ -14268,10 +15536,12 @@
 # The second word of TIFF files is the TIFF version number, 42, which has
 # never changed.  The TIFF specification recommends testing for it.
 0	string		MM\x00\x2a	TIFF image data, big-endian
+!:strength +70
 !:mime	image/tiff
 >(4.L)	use		\^tiff_ifd
 0	string		II\x2a\x00	TIFF image data, little-endian
 !:mime	image/tiff
+!:strength +70
 >(4.l)	use		tiff_ifd
 
 0	name		tiff_ifd
@@ -14448,6 +15718,7 @@
 # Standard PNG image.
 0	string		\x89PNG\x0d\x0a\x1a\x0a\x00\x00\x00\x0DIHDR	PNG image data
 !:mime	image/png
+!:ext   png
 !:strength +10
 >16	use		png-ihdr
 
@@ -14455,6 +15726,7 @@
 0	string		\x89PNG\x0d\x0a\x1a\x0a\x00\x00\x00\x04CgBI
 >24	string  	\x00\x00\x00\x0DIHDR	PNG image data (CgBI)
 !:mime	image/png
+!:ext   png
 !:strength +10
 >>32	use		png-ihdr
 
@@ -14477,7 +15749,9 @@
 !:mime	image/x-unknown
 
 # GIF
+# Strength set up to beat 0x55AA DOS/MBR signature word lookups (+65)
 0	string		GIF8		GIF image data
+!:strength +80
 !:mime	image/gif
 !:apple	8BIMGIFf
 >4	string		7a		\b, version 8%s,
@@ -14574,7 +15848,7 @@
 # at offset 8 starts imagedata followed by "RGB " marker
 
 # PC bitmaps (OS/2, Windows BMP files)  (Greg Roelofs, newt@uchicago.edu)
-# http://en.wikipedia.org/wiki/BMP_file_format#DIB_header_.\
+# https://en.wikipedia.org/wiki/BMP_file_format#DIB_header_.\
 # 28bitmap_information_header.29
 0	string		BM
 >14	leshort		12		PC bitmap, OS/2 1.x format
@@ -14693,6 +15967,8 @@
 # data and image transfer, storage, etc., for the astronomical community.
 # (FITS floating point formats are big-endian.)
 0	string	SIMPLE\ \ =	FITS image data
+!:mime	image/fits
+!:ext	fits/fts
 >109	string	8		\b, 8-bit, character or unsigned binary integer
 >108	string	16		\b, 16-bit, two's complement binary integer
 >107	string	\ 32		\b, 32-bit, two's complement binary integer
@@ -14762,7 +16038,7 @@
 >5	byte	0xFF		(black background)
 
 # From: Alex Myczko <alex@aiei.ch>
-# http://www.atarimax.com/jindroush.atari.org/afmtatr.html
+# https://www.atarimax.com/jindroush.atari.org/afmtatr.html
 0	leshort	0x0296		Atari ATR image
 
 # XXX:
@@ -14788,8 +16064,8 @@
 
 # PCX image files
 # From: Dan Fandrich <dan@coneharvesters.com>
-# updated by Joerg Jenderek at Feb 2013 by http://de.wikipedia.org/wiki/PCX
-# http://web.archive.org/web/20100206055706/http://www.qzx.com/pc-gpe/pcx.txt
+# updated by Joerg Jenderek at Feb 2013 by https://de.wikipedia.org/wiki/PCX
+# https://web.archive.org/web/20100206055706/http://www.qzx.com/pc-gpe/pcx.txt
 # GRR: original test was still too general as it catches xbase examples T5.DBT,T6.DBT with 0xa000000
 # test for bytes 0x0a,version byte (0,2,3,4,5),compression byte flag(0,1), bit depth (>0) of PCX or T5.DBT,T6.DBT
 0	ubelong&0xffF8fe00	0x0a000000
@@ -14856,7 +16132,7 @@
 # Update: Joerg Jenderek
 # See http://fileformats.archiveteam.org/wiki/GEM_Raster
 # For variations, also see:
-#    http://www.seasip.info/Gem/ff_img.html (Ventura)
+#    https://www.seasip.info/Gem/ff_img.html (Ventura)
 #    http://www.atari-wiki.com/?title=IMG_file (XIMG, STTT)
 #    http://www.fileformat.info/format/gemraster/spec/index.htm (XIMG, STTT)
 #    http://sylvana.net/1stguide/1STGUIDE.ENG (TIMG)
@@ -14884,7 +16160,7 @@
 0   name        gem_info
 # version is 2 for some XIMG and 1 for all others
 >0	beshort		<0x0003		GEM
-# http://www.snowstone.org.uk/riscos/mimeman/mimemap.txt
+# https://www.snowstone.org.uk/riscos/mimeman/mimemap.txt
 !:mime	image/x-gem
 # header_size 24 25 27 59 779 words for colored bitmaps
 >>2	beshort		>9
@@ -15027,8 +16303,8 @@
 # and related image processing software used by biologists.
 # From: Vebjorn Ljosa <vebjorn@ljosa.com>
 # BOOL values are two-byte integers; use them to rule out false positives.
-# http://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt
-# Samples: http://www.loci.wisc.edu/software/sample-data
+# https://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt
+# Samples: https://www.loci.wisc.edu/software/sample-data
 14	leshort <2
 >62	leshort <2
 >>54	leshort 12345		Bio-Rad .PIC Image File
@@ -15059,7 +16335,7 @@
 
 # Originally by Marc Espie
 # Modified by Robert Minsk <robertminsk at yahoo.com>
-# http://www.openexr.com/openexrfilelayout.pdf
+# https://www.openexr.com/openexrfilelayout.pdf
 0	lelong		20000630	OpenEXR image data,
 !:mime image/x-exr
 >4	lelong&0x000000ff x		version %d,
@@ -15123,7 +16399,7 @@
 >768	beshort		7	bottom to top/right to left
 
 # From: Tom Hilinski <tom.hilinski@comcast.net>
-# http://www.unidata.ucar.edu/packages/netcdf/
+# https://www.unidata.ucar.edu/packages/netcdf/
 0	string	CDF\001			NetCDF Data Format data
 
 #-----------------------------------------------------------------------
@@ -15148,7 +16424,7 @@
 # http://www.xara.com/ for Windows and as GPL application for Linux
 0	string	XARA\243\243	Xara graphics file
 
-# http://www.cartesianinc.com/Tech/
+# https://www.cartesianinc.com/Tech/
 0	string	CPC\262		Cartesian Perceptual Compression image
 !:mime	image/x-cpi
 
@@ -15217,8 +16493,8 @@
 # extension is also used for
 # Sony SRF raw image (image/x-sony-srf)
 # SRF map
-# Terragen Surface Map (http://www.planetside.co.uk/terragen)
-# FileLocator Pro search criteria file (http://www.mythicsoft.com/filelocatorpro)
+# Terragen Surface Map (https://www.planetside.co.uk/terragen)
+# FileLocator Pro search criteria file (https://www.mythicsoft.com/filelocatorpro)
 !:ext srf
 #!:mime	image/x-garmin-srf
 # version 1.00,2.00,2.10,2.40,2.50
@@ -15239,7 +16515,7 @@
 0	string	Xcur			X11 cursor
 
 # Type:	Olympus ORF raw images.
-# URL:	http://libopenraw.freedesktop.org/wiki/Olympus_ORF
+# URL:	https://libopenraw.freedesktop.org/wiki/Olympus_ORF
 # From:	Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string		MMOR		Olympus ORF raw image data, big-endian
 !:mime	image/x-olympus-orf
@@ -15260,7 +16536,7 @@
 #!mime	image/vnd.radiance
 
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://www.mpi-inf.mpg.de/resources/pfstools/pfs_format_spec.pdf
+# URL: https://www.mpi-inf.mpg.de/resources/pfstools/pfs_format_spec.pdf
 # Used by the pfstools packages. The regex matches for the image size could
 # probably use some work. The MIME type is made up; if there's one in
 # actual common use, it should replace the one below.
@@ -15270,7 +16546,7 @@
 >>1	regex	\ [0-9]{4}		\bx%s
 
 # Type: Foveon X3F
-# URL:  http://www.photofo.com/downloads/x3f-raw-format.pdf
+# URL:  https://www.photofo.com/downloads/x3f-raw-format.pdf
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 # Note that the MIME type isn't defined anywhere that I can find; if
 # there's a canonical type for this format, it should replace this one.
@@ -15290,8 +16566,8 @@
 # From: "Tano M. Fotang" <mfotang@quanteq.com>
 0	string	\x46\x4d\x52\x00	ISO/IEC 19794-2 Format Minutiae Record (FMR)
 
-# doc: http://www.shikino.co.jp/eng/products/images/FLOWER.jpg.zip
-# example: http://www.shikino.co.jp/eng/products/images/FLOWER.wdp.zip
+# doc: https://www.shikino.co.jp/eng/products/images/FLOWER.jpg.zip
+# example: https://www.shikino.co.jp/eng/products/images/FLOWER.wdp.zip
 90	bequad		0x574D50484F544F00	JPEG-XR Image
 >98	byte&0x08	=0x08			\b, hard tiling
 >99	byte&0x80	=0x80			\b, tiling present
@@ -15343,7 +16619,7 @@
 # From: Johan van der Knijff <johan.vanderknijff@kb.nl>
 #
 # BPG (Better Portable Graphics) format
-# http://bellard.org/bpg/
+# https://bellard.org/bpg/
 # http://fileformats.archiveteam.org/wiki/BPG
 #
 0	string	\x42\x50\x47\xFB	BPG (Better Portable Graphics)
@@ -15405,17 +16681,126 @@
 >8		ubelong		x		%dx
 >12		ubelong		x		\b%d
 
+# Type: Microsoft DirectDraw Surface (common data)
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	name	ms-directdraw-surface
+>0x10	ulelong	x			%u x
+>0x0C	ulelong	x			%u
+# Color depth.
+>0x58	ulelong	>0			\b, %u-bit color
+# Determine the pixel format.
+>0x50	ulelong&0x4	4
+# FIXME: Handle DX10 and XBOX formats.
+>>0x54	string	x			\b, compressed using %.4s
+>0x50	ulelong&0x2	0x2		\b, alpha only
+>0x50	ulelong&0x200	0x200		\b, YUV
+>0x50	ulelong&0x20000	0x20000		\b, luminance
+# RGB pixel format
+>0x50	ulelong&0x40	0x40
+
+# Determine the RGB format using the color masks.
+# ulequad order: 0xGGGGGGGGRRRRRRRR, 0xAAAAAAAABBBBBBBB
+
+>>0x58		ulelong	16
+
+# NOTE: 15-bit color formats usually have 16-bit listed as the color depth.
+>>>0x5C		ulequad	0x000003E000007C00
+>>>>0x64	ulequad 0x000000000000001F	\b, RGB555
+>>>0x5C		ulequad	0x000003E000001F00
+>>>>0x64	ulequad 0x000000000000007C	\b, BGR555
+
+>>>0x5C		ulequad	0x000007E00000F800
+>>>>0x64	ulequad 0x000000000000001F	\b, RGB565
+>>>0x5C		ulequad	0x000007E000001F00
+>>>>0x64	ulequad 0x00000000000000F8	\b, BGR565
+
+>>>0x5C		ulequad	0x000000F000000F00
+>>>>0x64	ulequad 0x0000F0000000000F	\b, ARGB4444
+>>>0x5C		ulequad	0x000000F00000000F
+>>>>0x64	ulequad 0x0000F00000000F00	\b, ABGR4444
+
+>>>0x5C		ulequad	0x00000F000000F000
+>>>>0x64	ulequad 0x0000000F000000F0	\b, RGBA4444
+>>>0x5C		ulequad	0x00000F00000000F0
+>>>>0x64	ulequad 0x0000000F0000F000	\b, BGRA4444
+
+>>>0x5C		ulequad	0x000000F000000F00
+>>>>0x64	ulequad 0x000000000000000F	\b, xRGB4444
+>>>0x5C		ulequad	0x000000F00000000F
+>>>>0x64	ulequad 0x0000000000000F00	\b, xBGR4444
+
+>>>0x5C		ulequad	0x00000F000000F000
+>>>>0x64	ulequad 0x00000000000000F0	\b, RGBx4444
+>>>0x5C		ulequad	0x00000F00000000F0
+>>>>0x64	ulequad 0x000000000000F000	\b, BGRx4444
+
+>>>0x5C		ulequad	0x000003E000007C00
+>>>>0x64	ulequad 0x000080000000001F	\b, ARGB1555
+>>>0x5C		ulequad	0x000003E000001F00
+>>>>0x64	ulequad 0x000080000000007C	\b, ABGR1555
+>>>0x5C		ulequad	0x000007C00000F800
+>>>>0x64	ulequad 0x000000010000003E	\b, RGBA5551
+>>>0x5C		ulequad	0x000007C00000003E
+>>>>0x64	ulequad 0x000000010000F800	\b, BGRA5551
+
+>>88		ulelong 24
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0x00000000000000FF	\b, RGB888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0x0000000000FF0000	\b, BGR888
+
+>>88		ulelong 32
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0xFF000000000000FF	\b, ARGB8888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0xFF00000000FF0000	\b, ABGR8888
+
+>>>0x5C		ulequad	0x00FF0000FF000000
+>>>>0x64	ulequad 0x000000FF0000FF00	\b, RGBA8888
+>>>0x5C		ulequad	0x00FF00000000FF00
+>>>>0x64	ulequad 0x000000FFFF000000	\b, BGBA8888
+
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0x00000000000000FF	\b, xRGB8888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0x0000000000FF0000	\b, xBGR8888
+
+>>>0x5C		ulequad	0x00FF0000FF000000
+>>>>0x64	ulequad 0x000000000000FF00	\b, RGBx8888
+>>>0x5C		ulequad	0x00FF00000000FF00
+>>>>0x64	ulequad 0x00000000FF000000	\b, BGBx8888
+
+# Less common 32-bit color formats.
+>>>0x5C		ulequad	0xFFFF00000000FFFF
+>>>>0x64	ulequad 0x0000000000000000	\b, G16R16
+>>>0x5C		ulequad	0x0000FFFFFFFF0000
+>>>>0x64	ulequad 0x0000000000000000	\b, R16G16
+
+>>>0x5C		ulequad	0x000FFC003FF00000
+>>>>0x64	ulequad 0xC0000000000003FF	\b, A2R10G10B10
+>>>0x5C		ulequad	0x000FFC00000003FF
+>>>>0x64	ulequad 0xC00000003FF00000	\b, A2B10G10R10
+
+# Type: Microsoft DirectDraw Surface
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	string/b	DDS\040\174\000\000\000 Microsoft DirectDraw Surface (DDS):
+>0	use	ms-directdraw-surface
+
 # Type: Sega PVR image.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://fabiensanglard.net/Mykaruga/tools/segaPVRFormat.txt
+# - https://fabiensanglard.net/Mykaruga/tools/segaPVRFormat.txt
 # - https://github.com/yazgoo/pvrx2png
 # - https://github.com/nickworonekin/puyotools
 
 # Sega PVR header.
 0	name	sega-pvr-image-header
->0x0C	leshort	x	%d x
->0x0E	leshort	x	%d
+>0x0C	leshort	x	%u x
+>0x0E	leshort	x	%u
 # Image format.
 >0x08	byte	0	\b, ARGB1555
 >0x08	byte	1	\b, RGB565
@@ -15440,17 +16825,10 @@
 >0x09	byte	0x11	\b, small VQ & mipmap
 >0x09	byte	0x12	\b, square twiddled & mipmap
 
-# Sega PVR (Xbox) image header.
-# Contains an embedded DirectDraw surface instead of PVR data.
-0	name	sega-pvr-xbox-dds-header
->16	lelong	x	%d x
->12	lelong	x	%d,
->84	string	x	%.4s
-
 # Sega PVR image.
 0	string	PVRT
 >0x10	string	DDS\040\174\000\000\000 Sega PVR (Xbox) image:
->>0x20	use	sega-pvr-xbox-dds-header
+>>0x20	use	ms-directdraw-surface
 >0x10	belong	!0x44445320		Sega PVR image:
 >>0	use	sega-pvr-image-header
 
@@ -15458,15 +16836,15 @@
 0	string	GBIX
 >0x10	string	PVRT
 >>0x10	string	DDS\040\174\000\000\000 Sega PVR (Xbox) image:
->>>0x20	use	sega-pvr-xbox-dds-header
+>>>0x20	use	ms-directdraw-surface
 >>0x10	belong	!0x44445320		Sega PVR image:
 >>>0x10	use	sega-pvr-image-header
 >>0x08	lelong	x	\b, global index = %u
 
 # Sega GVR header.
 0	name	sega-gvr-image-header
->0x0C	beshort	x	%d x
->0x0E	beshort	x	%d
+>0x0C	beshort	x	%u x
+>0x0E	beshort	x	%u
 # Image data format.
 >0x0B	byte	0	\b, I4
 >0x0B	byte	1	\b, I8
@@ -15489,6 +16867,12 @@
 >>0x10	use	sega-gvr-image-header
 >>0x08	belong	x	\b, global index = %u
 
+# Sega GVR image with GCIX. (Wii)
+0	string	GCIX
+>0x10	string	GVRT	Sega GVR image:
+>>0x10	use	sega-gvr-image-header
+>>0x08	belong	x	\b, global index = %u
+
 # Light Field Picture
 # Documentation: http://optics.miloush.net/lytro/TheFileFormat.aspx
 # Typical file extensions: .lfp .lfr .lfx
@@ -15525,6 +16909,336 @@
 >20	lelong x 		%dx
 >24	lelong x		\b%d
 
+# Type: Khronos KTX texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://www.khronos.org/opengles/sdk/tools/KTX/file_format_spec/
+
+# glEnum decoding.
+# NOTE: Only the most common formats are listed here.
+0	name	khronos-ktx-glEnum
+>0	lelong	0x1907	\b, RGB
+>0	lelong	0x1908	\b, RGBA
+>0	lelong	0x1909	\b, LUMINANCE
+>0	lelong	0x190A	\b, LUMINANCE_ALPHA
+>0	lelong	0x80E1	\b, BGR
+>0	lelong	0x80E2	\b, BGRA
+>0	lelong	0x83A0	\b, RGB_S3TC
+>0	lelong	0x83A1	\b, RGB4_S3TC
+>0	lelong	0x83A2	\b, RGBA_S3TC
+>0	lelong	0x83A3	\b, RGBA4_S3TC
+>0	lelong	0x83A4	\b, RGBA_DXT5_S3TC
+>0	lelong	0x83A5	\b, RGBA4_DXT5_S3TC
+>0	lelong	0x8D64	\b, ETC1_RGB8_OES
+>0	lelong	0x9270	\b, COMPRESSED_R11_EAC
+>0	lelong	0x9271	\b, COMPRESSED_SIGNED_R11_EAC
+>0	lelong	0x9272	\b, COMPRESSED_RG11_EAC
+>0	lelong	0x9273	\b, COMPRESSED_SIGNED_RG11_EAC
+>0	lelong	0x9274	\b, COMPRESSED_RGB8_ETC2
+>0	lelong	0x9275	\b, COMPRESSED_SRGB8_ETC2
+>0	lelong	0x9276	\b, COMPRESSED_RGB8_PUNCHTHROUGH_ALPHA1_ETC2
+>0	lelong	0x9277	\b, COMPRESSED_SRGB8_PUNCHTHROUGH_ALPHA1_ETC2
+>0	lelong	0x9278	\b, COMPRESSED_RGBA2_ETC2_EAC
+>0	lelong	0x9279	\b, COMPRESSED_SRGB8_ALPHA8_ETC2_EAC
+>0	lelong	0x93B0	\b, COMPRESSED_RGBA_ASTC_4x4_KHR
+>0	lelong	0x93B1	\b, COMPRESSED_RGBA_ASTC_5x4_KHR
+>0	lelong	0x93B2	\b, COMPRESSED_RGBA_ASTC_5x5_KHR
+>0	lelong	0x93B3	\b, COMPRESSED_RGBA_ASTC_6x5_KHR
+>0	lelong	0x93B4	\b, COMPRESSED_RGBA_ASTC_6x6_KHR
+>0	lelong	0x93B5	\b, COMPRESSED_RGBA_ASTC_8x5_KHR
+>0	lelong	0x93B6	\b, COMPRESSED_RGBA_ASTC_8x6_KHR
+>0	lelong	0x93B7	\b, COMPRESSED_RGBA_ASTC_8x8_KHR
+>0	lelong	0x93B8	\b, COMPRESSED_RGBA_ASTC_10x5_KHR
+>0	lelong	0x93B9	\b, COMPRESSED_RGBA_ASTC_10x6_KHR
+>0	lelong	0x93BA	\b, COMPRESSED_RGBA_ASTC_10x8_KHR
+>0	lelong	0x93BB	\b, COMPRESSED_RGBA_ASTC_10x10_KHR
+>0	lelong	0x93BC	\b, COMPRESSED_RGBA_ASTC_12x10_KHR
+>0	lelong	0x93BD	\b, COMPRESSED_RGBA_ASTC_12x12_KHR
+>0	lelong	0x93D0	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_4x4_KHR
+>0	lelong	0x93D1	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_5x4_KHR
+>0	lelong	0x93D2	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_5x5_KHR
+>0	lelong	0x93D3	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_6x5_KHR
+>0	lelong	0x93D4	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_6x6_KHR
+>0	lelong	0x93D5	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x5_KHR
+>0	lelong	0x93D6	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x6_KHR
+>0	lelong	0x93D7	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x8_KHR
+>0	lelong	0x93D8	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x5_KHR
+>0	lelong	0x93D9	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x6_KHR
+>0	lelong	0x93DA	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x8_KHR
+>0	lelong	0x93DB	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x10_KHR
+>0	lelong	0x93DC	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_12x10_KHR
+>0	lelong	0x93DD	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_12x12_KHR
+
+# Endian-specific KTX header.
+# TODO: glType (all textures I've seen so far are GL_UNSIGNED_BYTE)
+0	name	khronos-ktx-endian-header
+>20	lelong	x	\b, %u
+>24	lelong	>1	x %u
+>28	lelong	>1	x %u
+>8	lelong	>0
+>>8	use	khronos-ktx-glEnum
+>8	lelong	0
+>>12	use	khronos-ktx-glEnum
+
+# Main KTX header.
+# Determine endianness, then check the rest of the header.
+0	string	\xABKTX\ 11\xBB\r\n\x1A\n	Khronos KTX texture
+>12	lelong	0x04030201			(little-endian)
+>>16	use	khronos-ktx-endian-header
+>12	belong	0x04030201			(big-endian)
+>>16	use	\^khronos-ktx-endian-header
+
+# Type: Valve VTF texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://developer.valvesoftware.com/wiki/Valve_Texture_Format
+
+# VTF image formats.
+0	name	vtf-image-format
+>0	lelong	0	RGBA8888
+>0	lelong	1	ABGR8888
+>0	lelong	2	RGB888
+>0	lelong	3	BGR888
+>0	lelong	4	RGB565
+>0	lelong	5	I8
+>0	lelong	6	IA88
+>0	lelong	7	P8
+>0	lelong	8	A8
+>0	lelong	9	RGB888 (bluescreen)
+>0	lelong	10	BGR888 (bluescreen)
+>0	lelong	11	ARGB8888
+>0	lelong	12	BGRA8888
+>0	lelong	13	DXT1
+>0	lelong	14	DXT3
+>0	lelong	15	DXT5
+>0	lelong	16	BGRx8888
+>0	lelong	17	BGR565
+>0	lelong	18	BGRx5551
+>0	lelong	19	BGRA4444
+>0	lelong	20	DXT1+A1
+>0	lelong	21	BGRA5551
+>0	lelong	22	UV88
+>0	lelong	23	UVWQ8888
+>0	lelong	24	RGBA16161616F
+>0	lelong	25	RGBA16161616
+>0	lelong	26	UVLX8888
+
+# Main VTF header.
+0	string	VTF\0				Valve Texture Format
+>4	lelong	x				v%u
+>8	lelong	x				\b.%u
+>0x10	leshort	x				\b, %u
+>0x12	leshort	>1				x %u
+>4	lequad	0x0000000700000002
+>>0x3F	leshort	>1				x %u
+>0x18	leshort	>1				\b, %u frames
+>0x38	byte	x				\b, mipmaps: %u
+>0x34	lelong	>-1				\b,
+>>0x34	use	vtf-image-format
+
+# Type: Valve VTF3 (PS3) texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string		VTF3	Valve Texture Format (PS3)
+>0x14	beshort		x	\b, %u
+>0x16	beshort		x	\b x %u
+>0x10	belong&0x2000	0	\b, DXT1
+>0x10	belong&0x2000	0x2000	\b, DXT5
+
+# Type: ASTC texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://stackoverflow.com/questions/22600678/determine-internal-format-of-given-astc-compressed-image-through-its-header
+# - https://stackoverflow.com/a/22682244
+0	lelong	0x5ca1ab13			ASTC
+>4	byte	x				%u
+>5	byte	x				\bx%u
+>6	byte	>1				\bx%u
+# X, Y, and Z dimensions are stored as 24-bit LE.
+# Pretend it's 32-bit and mask off the high byte.
+>7	lelong&0x00FFFFFF	x		texture, %u
+>10	lelong&0x00FFFFFF	x		x %u
+>13	lelong&0x00FFFFFF	>1		x %u
+
+# Zebra Metafile graphic
+# http://www.fileformat.info/format/zbr/egff.htm
+0	beshort	0x9a02	Zebra Metafile graphic
+>2	leshort 1	(version 1.x)
+>2	leshort	2	(version 1.1x or 1.2x)
+>2	leshort	3	(version 1.49)
+>2	leshort	4	(version 1.50)
+>4	string	x	(comment = %s)
+
+# Microsoft Paint graphic
+# http://www.fileformat.info/format/mspaint/egff.htm
+0	string	DanM 	icrosoft Paint image data (version 1.x)
+>4	leshort	x	(%d
+>>6	leshort	x	x %d)
+0	string	LinS 	Microsoft Paint image data (version 2.0)
+>4	leshort	x	(%d
+>>6	leshort	x	x %d)
+
+# reMarkable tablet internal file format (https://www.remarkable.com/)
+# https://github.com/ax3l/lines-are-beautiful
+# https://plasma.ninja/blog/devices/remarkable/binary/format/2017/12/26/\
+#	reMarkable-lines-file-format.html#what-to-do-next
+# from Axel Huebl
+0		string	reMarkable
+>11		string	lines
+>>17		string	with
+>>>22		string	selections
+>>>>33		string	and
+>>>>>37		string	layers
+>>>>>>43	lelong	x	reMarkable tablet notebook lines, 1404 x 1872, %x page(s)
+
+# newer per-page files for the reMarkable
+0		string	reMarkable
+>11		string	.lines
+>>18		string	file,
+>>>24		string	version=
+>>>>32		byte	x	reMarkable tablet page (v%c), 1404 x 1872,
+>>>>>43		lelong	x	%d layer(s)
+
+# Type: PVR3 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - http://cdn.imgtec.com/sdk-documentation/PVR+File+Format.Specification.pdf
+
+# PVR3 pixel formats.
+0	name		pvr3-pixel-format
+>4	ulelong	0
+>>0	ulelong	0	PVRTC 2bpp RGB
+>>0	ulelong	1	PVRTC 2bpp RGBA
+>>0	ulelong	2	PVRTC 4bpp RGB
+>>0	ulelong	3	PVRTC 4bpp RGBA
+>>0	ulelong	4	PVRTC-II 2bpp
+>>0	ulelong	5	PVRTC-II 4bpp
+>>0	ulelong	6	ETC1
+>>0	ulelong	7	DXT1
+>>0	ulelong	8	DXT2
+>>0	ulelong	9	DXT3
+>>0	ulelong	10	DXT4
+>>0	ulelong	11	DXT5
+>>0	ulelong	12	BC4
+>>0	ulelong	13	BC5
+>>0	ulelong	14	BC6
+>>0	ulelong	15	BC7
+>>0	ulelong	16	UYVY
+>>0	ulelong	17	YUY2
+>>0	ulelong	18	BW1bpp
+>>0	ulelong	19	R9G9B9E5 Shared Exponent
+>>0	ulelong	20	RGBG8888
+>>0	ulelong	21	GRGB8888
+>>0	ulelong	22	ETC2 RGB
+>>0	ulelong	23	ETC2 RGBA
+>>0	ulelong	24	ETC2 RGB A1
+>>0	ulelong	25	EAC R11
+>>0	ulelong	26	EAC RG11
+>>0	ulelong	27	ASTC_4x4
+>>0	ulelong	28	ASTC_5x4
+>>0	ulelong	29	ASTC_5x5
+>>0	ulelong	30	ASTC_6x5
+>>0	ulelong	31	ASTC_6x6
+>>0	ulelong	32	ASTC_8x5
+>>0	ulelong	33	ASTC_8x6
+>>0	ulelong	34	ASTC_8x8
+>>0	ulelong	35	ASTC_10x5
+>>0	ulelong	36	ASTC_10x6
+>>0	ulelong	37	ASTC_10x8
+>>0	ulelong	38	ASTC_10x10
+>>0	ulelong	39	ASTC_12x10
+>>0	ulelong	40	ASTC_12x12
+>>0	ulelong	41	ASTC_3x3x3
+>>0	ulelong	42	ASTC_4x3x3
+>>0	ulelong	43	ASTC_4x4x3
+>>0	ulelong	44	ASTC_4x4x4
+>>0	ulelong	45	ASTC_5x4x4
+>>0	ulelong	46	ASTC_5x5x4
+>>0	ulelong	47	ASTC_5x5x5
+>>0	ulelong	48	ASTC_6x5x5
+>>0	ulelong	49	ASTC_6x6x5
+>>0	ulelong	50	ASTC_6x6x6
+>4	ulelong	!0
+>>0	byte	!0	%c
+>>1	byte	!0	\b%c
+>>2	byte	!0	\b%c
+>>3	byte	!0	\b%c
+
+0	string		PVR\x03			PVR 3.0 texture:
+>0x18	ulelong		x	%u x
+>0x1C	ulelong		x	%u
+>0x20	ulelong		>1	x %u
+>0x08	byte		x	\b,
+>0x08	use	pvr3-pixel-format
+>0x10	ulelong		1	\b, sRGB
+>0x04	ulelong&0x02	0x02	\b, premultiplied alpha
+
+# Type: Microsoft Xbox XPR0 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/Cxbx-Reloaded/Cxbx-Reloaded/blob/develop/src/core/hle/D3D8/XbD3D8Types.h
+
+# XPR pixel formats.
+0	name	xbox-xpr-pixel-format
+>0	byte	0x00	L8
+>0	byte	0x01	AL8
+>0	byte	0x02	ARGB1555
+>0	byte	0x03	RGB555
+>0	byte	0x04	ARGB4444
+>0	byte	0x05	RGB565
+>0	byte	0x06	ARGB8888
+>0	byte	0x07	xRGB8888
+>0	byte	0x0B	P8
+>0	byte	0x0C	DXT1
+>0	byte	0x0E	DXT2
+>0	byte	0x0F	DXT4
+>0	byte	0x10	Linear ARGB1555
+>0	byte	0x11	Linear RGB565
+>0	byte	0x12	Linear ARGB8888
+>0	byte	0x13	Linear L8
+>0	byte	0x16	Linear R8B8
+>0	byte	0x17	Linear G8B8
+>0	byte	0x19	A8
+>0	byte	0x1A	A8L8
+>0	byte	0x1B	Linear AL8
+>0	byte	0x1C	Linear RGB555
+>0	byte	0x1D	Linear ARGB4444
+>0	byte	0x1E	Linear xRGB8888
+>0	byte	0x1F	Linear A8
+>0	byte	0x20	Linear A8L8
+>0	byte	0x24	YUY2
+>0	byte	0x25	UYVY
+>0	byte	0x27	L6V5U5
+>0	byte	0x28	V8U8
+>0	byte	0x29	R8B8
+>0	byte	0x2A	D24S8
+>0	byte	0x2B	F24S8
+>0	byte	0x2C	D16
+>0	byte	0x2D	F16
+>0	byte	0x2E	Linear D24S8
+>0	byte	0x2F	Linear F24S8
+>0	byte	0x30	Linear D16
+>0	byte	0x31	Linear F16
+>0	byte	0x32	L16
+>0	byte	0x33	V16U16
+>0	byte	0x35	Linear L16
+>0	byte	0x36	Linear V16U16
+>0	byte	0x37	Linear L6V5U5
+>0	byte	0x38	RGBA5551
+>0	byte	0x39	RGBA4444
+>0	byte	0x3A	QWVU8888
+>0	byte	0x3B	BGRA8888
+>0	byte	0x3C	RGBA8888
+>0	byte	0x3D	Linear RGBA5551
+>0	byte	0x3E	Linear RGBA4444
+>0	byte	0x3F	Linear ABGR8888
+>0	byte	0x40	Linear BGRA8888
+>0	byte	0x41	Linear RGBA8888
+>0	byte	0x64	Vertex Data
+
+0	string		XPR0	Microsoft Xbox XPR0 texture
+>0x19	byte	x	\b, format:
+>>0x19	use	xbox-xpr-pixel-format
+
 #------------------------------------------------------------------------------
 # $File: inform,v 1.5 2009/09/19 16:28:09 christos Exp $
 # inform:  file(1) magic for Inform interactive fiction language
@@ -15535,7 +17249,7 @@
 0	search/100/cW	constant\ story		Inform source text
 
 #------------------------------------------------------------------------------
-# $File: intel,v 1.16 2017/11/14 15:48:36 christos Exp $
+# $File: intel,v 1.17 2018/08/01 10:34:03 christos Exp $
 # intel:  file(1) magic for x86 Unix
 #
 # Various flavors of x86 UNIX executable/object (other than Xenix, which
@@ -15577,6 +17291,10 @@
 #>12	lelong		>0		not stripped
 # no hint found, that at offset 22 is version
 #>22	leshort		>0		- version %d
+0	leshort		0x0200
+>0	use				display-coff
+0	leshort		0x8664
+>0	use				display-coff
 
 # rom: file(1) magic for BIOS ROM Extensions found in intel machines
 #      mapped into memory between 0xC0000 and 0xFFFFF
@@ -15682,9 +17400,9 @@
 >20     long            x               stblsize %d
 
 #------------------------------------------------------------------------------
-# $File: isz,v 1.4 2017/03/17 21:35:28 christos Exp $
+# $File: isz,v 1.5 2019/04/19 00:42:27 christos Exp $
 # ISO Zipped file format
-# http://www.ezbsystems.com/isz/iszspec.txt
+# https://www.ezbsystems.com/isz/iszspec.txt
 0	string	IsZ!	ISO Zipped file
 >4	byte	x	\b, header size %u
 >5	byte	x	\b, version %u
@@ -15697,7 +17415,7 @@
 #>36	lelong	x	\b, block size %u
 
 #------------------------------------------------------------
-# $File: java,v 1.18 2015/11/29 22:08:14 christos Exp $
+# $File: java,v 1.21 2019/02/18 17:58:50 christos Exp $
 # Java ByteCode and Mach-O binaries (e.g., Mac OS X) use the
 # same magic number, 0xcafebabe, so they are both handled
 # in the entry called "cafebabe".
@@ -15719,9 +17437,27 @@
 # Java HPROF dumps
 # https://java.net/downloads/heap-snapshot/hprof-binary-format.html
 0	string		JAVA\x20PROFILE\x201.0.
->0x12	short		0
->>0x11	ushort-0x31	<2      Java HPROF dump,
->>0x17	beqdate/1000	x       created %s
+>0x12	byte		0
+>>0x11	ubyte-0x31	<2      Java HPROF dump,
+>>>0x17	beqdate/1000	x       created %s
+
+# Java jmod module
+# See https://hg.openjdk.java.net/jdk9/jdk9/jdk/file/tip/src/java.base/share/classes/jdk/internal/jmod/JmodFile.java
+# Grr. 2 byte magic "JM", really? In 2019?
+0	belong		0x4a4d0100	Java jmod module version 1.0
+!:mime	application/x-java-jmod
+
+# Java jlinked image
+# See https://hg.openjdk.java.net/jdk9/jdk9/jdk/file/tip/src/java.base/share/native/libjimage/imageFile.hpp
+0	belong	0xcafedada	Java module image (big endian)
+>4	beshort	>0x00	\b, version %d
+>6	beshort	x	\b.%d
+!:mime	application/x-java-image
+
+0	lelong	0xcafedada	Java module image (little endian)
+>6	leshort	>0x00	\b, version %d
+>4	leshort	x	\b.%d
+!:mime	application/x-java-image
 
 #------------------------------------------------------------------------------
 # $File: javascript,v 1.1 2012/06/16 13:30:36 christos Exp $
@@ -15741,7 +17477,7 @@
 !:mime application/javascript
 
 #------------------------------------------------------------------------------
-# $File: jpeg,v 1.31 2017/03/17 21:35:28 christos Exp $
+# $File: jpeg,v 1.32 2018/10/01 18:58:29 christos Exp $
 # JPEG images
 # SunOS 5.5.1 had
 #
@@ -15792,21 +17528,21 @@
 >>4	byte		x		\b, baseline, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 >0	beshort		0xFFC1
 >>(2.S+2)	use			jpeg_segment
 >>4	byte		x		\b, extended sequential, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 >0	beshort		0xFFC2
 >>(2.S+2)	use			jpeg_segment
 >>4	byte		x		\b, progressive, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 # Define Huffman Tables
 >0	beshort		0xFFC4
@@ -15887,13 +17623,13 @@
 !:mime	text/x-xmcd
 
 #------------------------------------------------------------------------------
-# $File: keepass,v 1.1 2012/12/24 22:14:56 christos Exp $
+# $File: keepass,v 1.2 2019/04/19 00:42:27 christos Exp $
 # keepass: file(1) magic for KeePass file
 #
 # Keepass Password Safe:
-#  * original one: http://keepass.info/
-#  * *nix port:    http://www.keepassx.org/
-#  * android port: http://code.google.com/p/keepassdroid/
+#  * original one: https://keepass.info/
+#  * *nix port:    https://www.keepassx.org/
+#  * android port: https://code.google.com/p/keepassdroid/
 
 0	lelong		0x9AA2D903	Keepass password database
 >4	lelong		0xB54BFB65	1.x KDB
@@ -15907,7 +17643,7 @@
 >4	lelong		0xB54BFB67	2.x KDBX
 
 #------------------------------------------------------------------------------
-# $File: kerberos,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: kerberos,v 1.3 2019/04/19 00:42:27 christos Exp $
 # kerberos: MIT kerberos file binary formats
 #
 
@@ -15931,7 +17667,7 @@
 #		can refer to ${name}
 #	- Provide a way to format strings as hex values
 #
-# http://www.gnu.org/software/shishi/manual/html_node/\
+# https://www.gnu.org/software/shishi/manual/html_node/\
 #	The-Keytab-Binary-File-Format.html
 #
 
@@ -15952,15 +17688,84 @@
 >4		use		keytab_entry
 
 #------------------------------------------------------------------------------
-# $File: kml,v 1.4 2017/03/17 21:35:28 christos Exp $
+# $File: kicad,v 1.1 2018/10/01 18:39:21 christos Exp $
+# kicad:  file(1) magic for KiCad files
+#
+# See
+#
+#	http://kicad-pcb.org
+#
+
+# KiCad Schematic Document
+0	    string  EESchema
+>8	    byte    0x20
+>>9	    string  Schematic
+>>>18	    byte    0x20		KiCad Schematic Document
+!:ext sch/bak
+>>>>24	    string  Version
+>>>>>31	    byte    0x20
+>>>>>>32    string  x			(Version %s)
+
+# KiCad Symbol Library
+0	    string  EESchema-LIBRARY
+>16	    byte    0x20		KiCad Symbol Library
+!:ext lib
+>>17	    string  Version
+>>>24	    byte    0x20
+>>>>25	    string  x			(Version %s)
+
+# KiCad Symbol Library Documentation
+0	    string  EESchema-DOCLIB
+>15	    byte    0x20		KiCad Symbol Library Documentation
+!:ext dcm
+>>17	    string  Version
+>>>24	    byte    0x20
+>>>>25	    string  x			(Version %s)
+
+# KiCad Board Layout
+0	    string  (kicad_pcb
+>10	    byte    0x20		KiCad Board Layout
+!:ext kicad_pcb/kicad_pcb-bak
+>>11	    string  (version
+>>>19	    byte    0x20
+>>>>20	    byte    x			(Version %c)
+
+# KiCad Footprint
+0	    string  (module
+>7	    byte    0x20		KiCad Footprint
+!:ext kicad_mod
+
+# KiCad Footprint (Legacy)
+0	    string  PCBNEW-LibModule-V1	    KiCad Footprint (Legacy)
+!:ext mod
+
+# KiCad Netlist
+0	    string  (export
+>7	    byte    0x20		KiCad Netlist
+!:ext net
+
+# KiCad Symbol Library Table
+0	    string  (sym_lib_table
+>14	    byte    0xA			KiCad Symbol Library Table
+>14	    byte    0xD			KiCad Symbol Library Table
+>14	    byte    0x20		KiCad Symbol Library Table
+
+# KiCad Footprint Library Table
+0	    string  (fp_lib_table
+>13	    byte    0xA			KiCad Footprint Library Table
+>13	    byte    0xD			KiCad Footprint Library Table
+>13	    byte    0x20		KiCad Footprint Library Table
+
+#------------------------------------------------------------------------------
+# $File: kml,v 1.5 2019/04/19 00:42:27 christos Exp $
 # Type: Google KML, formerly Keyhole Markup Language
 # Future development of this format has been handed
 # over to the Open Geospatial Consortium.
-# http://www.opengeospatial.org/standards/kml/
+# https://www.opengeospatial.org/standards/kml/
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
 0 string/t    \<?xml
 >20  search/400 \ xmlns=
->>&0 regex ['"]http://earth.google.com/kml Google KML document
+>>&0 regex ['"]https://earth.google.com/kml Google KML document
 !:mime application/vnd.google-earth.kml+xml
 >>>&1 string 2.0' \b, version 2.0
 >>>&1 string 2.1' \b, version 2.1
@@ -15970,15 +17775,15 @@
 # Type: OpenGIS KML, formerly Keyhole Markup Language
 # This standard is maintained by the
 # Open Geospatial Consortium.
-# http://www.opengeospatial.org/standards/kml/
+# https://www.opengeospatial.org/standards/kml/
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
->>&0 regex ['"]http://www.opengis.net/kml OpenGIS KML document
+>>&0 regex ['"]https://www.opengis.net/kml OpenGIS KML document
 !:mime application/vnd.google-earth.kml+xml
 >>>&1 string/t 2.2 \b, version 2.2
 
 #------------------------------------------------------------------------------
 # Type: Google KML Archive (ZIP based)
-# http://code.google.com/apis/kml/documentation/kml_tut.html
+# https://code.google.com/apis/kml/documentation/kml_tut.html
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
 0 string    PK\003\004
 >4  byte    0x14
@@ -16012,7 +17817,7 @@
 0	beshort		0x8000		lif file
 
 #------------------------------------------------------------------------------
-# $File: linux,v 1.64 2017/03/17 21:35:28 christos Exp $
+# $File: linux,v 1.67 2019/04/19 00:42:27 christos Exp $
 # linux:  file(1) magic for Linux files
 #
 # Values for Linux/i386 binaries, from Daniel Quinlan <quinlan@yggdrasil.com>
@@ -16068,7 +17873,7 @@
 #
 # PSF fonts, from H. Peter Anvin <hpa@yggdrasil.com>
 # Updated by Adam Buchbinder <adam.buchbinder@gmail.com>
-# See: http://www.win.tue.nl/~aeb/linux/kbd/font-formats-1.html
+# See: https://www.win.tue.nl/~aeb/linux/kbd/font-formats-1.html
 0	leshort		0x0436		Linux/i386 PC Screen Font v1 data,
 >2	byte&0x01	0		256 characters,
 >2	byte&0x01	!0		512 characters,
@@ -16091,7 +17896,7 @@
 4076    string          SWAPSPACE2LINHIB0001    Linux/i386 swap file (new style) (compressed hibernate)
 # according to man page of mkswap (8) March 1999
 # volume label and UUID Russell Coker
-# http://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
+# https://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
 4086	string		SWAPSPACE2	Linux/i386 swap file (new style),
 >0x400	long		x		version %d (4K pages),
 >0x404	long		x		size %d pages,
@@ -16106,6 +17911,16 @@
 # From Daniel Novotny <dnovotny@redhat.com>
 # swap file for PowerPC
 65526	string		SWAPSPACE2	Linux/ppc swap file
+>0x400	long		x		version %d,
+>0x404	long		x		size %d pages,
+>1052	string		\0		no label,
+>1052	string		>\0		LABEL=%s,
+>0x40c	belong		x		UUID=%08x
+>0x410	beshort		x		\b-%04x
+>0x412	beshort		x		\b-%04x
+>0x414	beshort		x		\b-%04x
+>0x416	belong		x		\b-%08x
+>0x41a	beshort		x		\b%04x
 16374	string		SWAPSPACE2	Linux/ia64 swap file
 #
 # Linux kernel boot images, from Albert Cahalan <acahalan@cs.uml.edu>
@@ -16113,8 +17928,13 @@
 # and Nicolas Lichtmaier <nick@debian.org>
 # All known start with: b8 c0 07 8e d8 b8 00 90 8e c0 b9 00 01 29 f6 29
 # Linux kernel boot images (i386 arch) (Wolfram Kleff)
+# URL: https://www.kernel.org/doc/Documentation/x86/boot.txt
 514	string		HdrS		Linux kernel
 !:strength + 55
+# often no extension like in linux, vmlinuz, bzimage or memdisk but sometimes
+# Acronis Recovery kernel64.dat and Plop Boot Manager plpbtrom.bin
+# DamnSmallLinux 1.5 damnsmll.lnx 
+!:ext	/dat/bin/lnx
 >510	leshort		0xAA55		x86 boot executable
 >>518	leshort		>0x1ff
 >>>529	byte		0		zImage,
@@ -16205,7 +18025,10 @@
 
 # Linux ARM compressed kernel image
 # From: Kevin Cernekee <cernekee@gmail.com>
+# Update: Joerg Jenderek
 36	lelong	0x016f2818	Linux kernel ARM boot executable zImage (little-endian)
+# raspian "kernel7.img", Vu+ Ultimo4K "kernel_auto.bin"
+!:ext	img/bin
 36	belong	0x016f2818	Linux kernel ARM boot executable zImage (big-endian)
 
 ############################################################################
@@ -16234,7 +18057,7 @@
 # 0	lelong&0xFF00FFFF 0x17000301	ld86 SPARC executable
 
 # SYSLINUX boot logo files (from 'ppmtolss16' sources)
-# http://www.syslinux.org/wiki/index.php/SYSLINUX#Display_graphic_from_filename:
+# https://www.syslinux.org/wiki/index.php/SYSLINUX#Display_graphic_from_filename:
 # file extension .lss .16
 0	lelong	=0x1413f33d		SYSLINUX' LSS16 image data
 # syslinux-4.05/mime/image/x-lss16.xml
@@ -16363,7 +18186,7 @@
 >>&1	string		x			%s...)
 
 # Systemd journald files
-# See http://www.freedesktop.org/wiki/Software/systemd/journal-files/.
+# See https://www.freedesktop.org/wiki/Software/systemd/journal-files/.
 # From: Zbigniew Jedrzejewski-Szmek <zbyszek@in.waw.pl>
 
 # check magic
@@ -16455,7 +18278,7 @@
 #              the default version of locate on Arch Linux (and others).
 # File path:   /var/lib/mlocate/mlocate.db by default (but configurable)
 # Site:        https://fedorahosted.org/mlocate/
-# Format docs: http://linux.die.net/man/5/mlocate.db
+# Format docs: https://linux.die.net/man/5/mlocate.db
 # Type: mlocate database file
 # URL:  https://fedorahosted.org/mlocate/
 # From: Wander Nauta <info@wandernauta.nl>
@@ -16471,14 +18294,14 @@
 0		lelong		0x47361222	iproute2 addresses dump
 
 # Image and service files for CRIU tool.
-# URL: http://criu.org
+# URL: https://criu.org
 # From: Pavel Emelyanov <xemul@parallels.com>
 0		lelong		0x54564319	CRIU image file v1.1
 0		lelong		0x55105940	CRIU service file
 0		lelong		0x58313116	CRIU inventory
 
 # Kdump compressed dump files
-# http://sourceforge.net/p/makedumpfile/code/ci/master/tree/IMPLEMENTATION
+# https://sourceforge.net/p/makedumpfile/code/ci/master/tree/IMPLEMENTATION
 
 0		string		KDUMP          	Kdump compressed dump
 >8		long		x		v%d
@@ -16490,7 +18313,7 @@
 >337		string		>\0		\b, domain %s
 
 #------------------------------------------------------------------------------
-# $File: lisp,v 1.25 2017/03/17 21:35:28 christos Exp $
+# $File: lisp,v 1.26 2019/04/19 00:42:27 christos Exp $
 # lisp:  file(1) magic for lisp programs
 #
 # various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
@@ -16517,7 +18340,7 @@
 !:mime	text/x-lisp
 
 # URL: https://en.wikipedia.org/wiki/Emacs_Lisp
-# Reference: http://ftp.gnu.org/old-gnu/emacs/elisp-manual-18-1.03.tar.gz
+# Reference: https://ftp.gnu.org/old-gnu/emacs/elisp-manual-18-1.03.tar.gz
 # Update: Joerg Jenderek
 # Emacs 18 - this is always correct, but not very magical.
 0	string	\012(
@@ -16565,9 +18388,9 @@
 !:mime	text/texmacs
 
 #------------------------------------------------------------------------------
-# $File: llvm,v 1.8 2013/01/12 03:09:51 christos Exp $
+# $File: llvm,v 1.9 2019/04/19 00:42:27 christos Exp $
 # llvm:  file(1) magic for LLVM byte-codes
-# URL:  http://llvm.org/docs/BitCodeFormat.html
+# URL:  https://llvm.org/docs/BitCodeFormat.html
 # From: Al Stone <ahs3@fc.hp.com>
 
 0	string	llvm	LLVM byte-codes, uncompressed
@@ -16586,9 +18409,9 @@
 0	string	BC\xc0\xde	LLVM IR bitcode
 
 #------------------------------------------------------------------------------
-# $File: lua,v 1.6 2013/01/09 16:23:17 christos Exp $
+# $File: lua,v 1.7 2019/04/19 00:42:27 christos Exp $
 # lua:  file(1) magic for Lua scripting language
-# URL:  http://www.lua.org/
+# URL:  https://www.lua.org/
 # From: Reuben Thomas <rrt@sc3d.org>, Seo Sanghyeon <tinuviel@sparcs.kaist.ac.kr>
 
 # Lua scripts
@@ -16620,12 +18443,14 @@
 >72	string		x		%s]
 >168	string		x		UUID: %s
 #------------------------------------------------------------------------------
-# $File: m4,v 1.2 2017/08/14 07:40:38 christos Exp $
+# $File: m4,v 1.3 2019/02/27 16:46:23 christos Exp $
 # make:  file(1) magic for M4 scripts
 #
-0	regex	\^dnl\ 		M4 macro processor script text
+0	search/8192	dnl
+>0	regex	\^dnl\ 		M4 macro processor script text
 !:mime	text/x-m4
-0	regex	\^AC_DEFUN\\(\\[	M4 macro processor script text
+0	search/8192	AC_DEFUN
+>0	regex	\^AC_DEFUN\\(\\[	M4 macro processor script text
 !:strength + 15
 !:mime	text/x-m4
 
@@ -16881,7 +18706,7 @@
 >0	use	mach-o-be
 
 #------------------------------------------------------------------------------
-# $File: macintosh,v 1.28 2017/12/05 02:17:48 christos Exp $
+# $File: macintosh,v 1.29 2019/04/19 00:42:27 christos Exp $
 # macintosh description
 #
 # BinHex is the Macintosh ASCII-encoded file format (see also "apple")
@@ -16943,7 +18768,7 @@
 # MacBinary format (Eric Fischer, enf@pobox.com)
 # Update: Joerg Jenderek 
 # URL: https://en.wikipedia.org/wiki/MacBinary
-# Reference: http://files.stairways.com/other/macbinaryii-standard-info.txt
+# Reference: https://files.stairways.com/other/macbinaryii-standard-info.txt
 #
 # Unfortunately MacBinary doesn't really have a magic number prior
 # to the MacBinary III format.
@@ -17061,8 +18886,8 @@
 
 # Apple Type/Creator Database
 # URL: https://en.wikipedia.org/wiki/Type_code
-# Reference:	http://www.lacikam.co.il/tcdb/
-#		http://www.macdisk.com/macsigen.php
+# Reference:	https://www.lacikam.co.il/tcdb/
+#		https://www.macdisk.com/macsigen.php
 # Note:	classic Mac OS files have two 4 character codes for type and creator.
 #	Thereby the Finder attach documents types to applications.
 
@@ -17260,7 +19085,7 @@
 >0x424	pstring			x		volume name: %s
 
 # *.hfs updated by Joerg Jenderek
-# http://en.wikipedia.org/wiki/Hierarchical_File_System
+# https://en.wikipedia.org/wiki/Hierarchical_File_System
 # "BD" gives many false positives
 0x400	beshort			0x4244
 # ftp://ftp.mars.org/pub/hfs/hfsutils-3.2.6.tar.gz/hfsutils-3.2.6/libhfs/apple.h
@@ -17271,7 +19096,7 @@
 !:mime	application/x-apple-diskimage
 #!:apple	hfsdINIT
 #!:apple	MACSdisk
-# http://www.macdisk.com/macsigen.php
+# https://www.macdisk.com/macsigen.php
 #!:apple	ddskdevi
 !:apple	????devi
 # https://en.wikipedia.org/wiki/Apple_Disk_Image
@@ -17283,7 +19108,7 @@
 >>>0x40a	beshort			&0x0200	(spared blocks)
 >>>0x40a	beshort			&0x0800	(unclean)
 >>>0x47C	beshort			0x482B	(Embedded HFS+ Volume)
-# http://www.epochconverter.com/
+# https://www.epochconverter.com/
 # 0x7C245F00 seconds	~ 2082758400	~ 01 Jan 2036 00:00:00	~ 66 years to 1970
 # 0x7C25B080 seconds	~ 2082844800	~ 02 Jan 2036 00:00:00
 # construct not working
@@ -17339,7 +19164,7 @@
 0		string		BOMStore	Mac OS X bill of materials (BOM) file
 
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://en.wikipedia.org/wiki/Datafork_TrueType
+# URL: https://en.wikipedia.org/wiki/Datafork_TrueType
 # Derived from the 'fondu' and 'ufond' source code (fondu.sf.net). 'sfnt' is
 # TrueType; 'POST' is PostScript. 'FONT' and 'NFNT' sometimes appear, but I
 # don't know what they mean.
@@ -17367,7 +19192,7 @@
 0	belong		0xF11E041C	magic binary file for file(1) cmd
 >4	belong		x		(version %d) (big endian)
 #------------------------------------------------------------------------------
-# $File: mail.news,v 1.23 2015/06/29 14:44:26 christos Exp $
+# $File: mail.news,v 1.24 2019/04/19 00:42:27 christos Exp $
 # mail.news:  file(1) magic for mail and news
 #
 # Unfortunately, saved netnews also has From line added in some news software.
@@ -17425,7 +19250,7 @@
 #0	string		\<!--\ MHonArc		text/html; x-type=mhonarc
 
 # Cyrus: file(1) magic for compiled Cyrus sieve scripts
-# URL: http://www.cyrusimap.org/docs/cyrus-imapd/2.4.6/internal/bytecode.php
+# URL: https://www.cyrusimap.org/docs/cyrus-imapd/2.4.6/internal/bytecode.php
 # URL: http://git.cyrusimap.org/cyrus-imapd/tree/sieve/bytecode.h?h=master
 # From: Philipp Hahn <hahn@univention.de>
 
@@ -17435,7 +19260,7 @@
 >12     lelong =1       version 1, little-endian
 >12     belong x        version %d, network-endian
 #------------------------------------------------------------------------------
-# $File: make,v 1.3 2016/12/10 14:21:29 christos Exp $
+# $File: make,v 1.4 2018/05/29 17:26:02 christos Exp $
 # make:  file(1) magic for makefiles
 #
 # URL: https://en.wikipedia.org/wiki/Make_(software)
@@ -17453,29 +19278,36 @@
 # Reference: https://www.freebsd.org/cgi/man.cgi?make(1)
 # exclude grub-core\lib\libgcrypt\mpi\Makefile.am with "#BEGIN_ASM_LIST"
 # by additional escaping point character
-0	regex/100l	\^\\.BEGIN	BSD makefile script text with "%s"
+0	regex/100l	\^\\.BEGIN	BSD makefile script text
 !:mime	text/x-makefile
 !:ext	/mk
+!:strength +10
 # exclude MS Windows help file CoNtenT with ":include FOOBAR.CNT"
 # and NSIS script with "!include" by additional escaping point character
-0	regex/100l	\^\\.include	BSD makefile script text with "%s"
+0	regex/100l	\^\\.include	BSD makefile script text
 !:mime	text/x-makefile
 !:ext	/mk
+!:strength +10
+0	regex/100l	\^\\.endif	BSD makefile script text
+!:mime	text/x-makefile
+!:ext	/mk
+!:strength +10
 0	regex/100l	\^SUBDIRS	automake makefile script text
 !:mime	text/x-makefile
+!:strength +10
 
 
 #------------------------------------------------------------------------------
-# $File: map,v 1.4 2015/08/10 05:18:27 christos Exp $
+# $File: map,v 1.7 2019/04/30 04:02:04 christos Exp $
 # map:  file(1) magic for Map data
 #
 
-# Garmin .FIT files http://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
+# Garmin .FIT files https://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
 8	string	.FIT		FIT Map data
 >15	byte	0
 >>35	belong	x		\b, unit id %d
 >>39	lelong	x		\b, serial %u
-# http://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
+# https://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
 # 20 years after unix epoch
 # TZ=GMT date -d '1989-12-31 0:00' +%s
 >>43	leldate+631065600	x	\b, %s
@@ -17491,8 +19323,298 @@
 >>53	byte	8		\b (Elevations)
 >>53	byte	10		\b (Totals)
 
+# Summary: Garmin map
+# From:	Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Garmin_.img
+# Reference: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/IMG_File_Format
+# sourceforge.net/projects/garmin-img/files/IMG%20File%20Format/1.0/imgformat-1.0.pdf
+# GRR: similar to MBR boot sector handled by ./filesystems
+0x1FE	leshort		=0xAA55
+# look for valid map signature
+>0x13	string		=IMG\0
+>>0	use		garmin-map
+0	name				garmin-map
+>0	ubyte		x		Garmin
+!:mime	application/x-garmin-map
+# If non-zero, every byte of the entire .img file is to be XORed with this value
+>0	ubyte		!0		\b, 0x%x XORed
+# goto block before FAT
+>(0x40.b*512)	ubyte	x
+# 1st fat name "DLLINFO TXT" only found for vpm
+>>&512 		string	=DLLINFO\ TXT 	map (Voice Processing)
+# there exist 2 other Garmin VPM formats; see ./audio
+!:ext	vpm
+# Deutsch__Yannick_D4481-00_0210.vpm
+#>>>512	search/0x0116da60/s	RIFF	\b; with
+# determine type voice type by ./riff
+#>>>>&0	indirect	x	\b
+>>&512 		string	!DLLINFO\ TXT 	map
+!:ext	img
+# 9 zeros
+>1 	ubelong		!0 		\b, zeroes 0x%x
+# Map's version major
+>8	ubyte		x		v%u
+# Map's version minor
+>9	ubyte		x		\b.%.2u
+# Map description[20], 0x20 padded
+>0x49	string		x		%.20s
+# Map name, continued (0x20 padded, \0 terminated)
+>0x65	string		>\ 		\b%.31s
+# Update year (+1900 for val >= 0x63, +2000 for val <= 0x62)
+>0xB	ubyte		x		\b, updated
+>>0xB	ubyte		>0x62
+>>>0xB	ubyte-100	x		20%.2u
+>>0xB	ubyte		<0x63
+>>>0xB	ubyte		x		20%.2u
+# Update month (0-11)
+>0xA	ubyte		x		\b-%.2u
+# All zeroes
+>0xc 	uleshort	!0 		\b, zeroes 0x%x
+# Mapsource flag, 1 - file created by Mapsource, 0 - Garmin map visible in Basecamp and Homeport 
+#>0xE	ubyte		!0		\b, Mapsource flag 0x%x
+>0xE	ubyte		1		\b, Mapsource
+# Checksum, sum of all bytes modulo 256 should be 0
+#>0xF	ubyte		x		\b, Checksum 0x%x
+# Signature: DSKIMG 0x00 or DSDIMG 0x00 for demo map 
+>0x10	string		!DSKIMG		\b, signature "%.7s"
+>0x39	use		garmin-date
+# Map file identifier like GARMIN\0
+>0x41	string		!GARMIN		\b, id "%.7s"
+# Block size exponent, E1; appears to always be 0x09; minimum block size 512 bytes
+>0x61	ubyte		!0x09		\b, E1=%u
+# Block size exponent, E2 ; file blocksize=2**(E1+E2)
+>>0x62	ubyte		x		\b, E2=%u
+>0x61	ubyte		=0x09		\b, blocksize
+>>0x62	ubyte		0		512
+>>0x62	ubyte		1		1024
+>>0x62	ubyte		2		2048
+>>0x62	ubyte		3		4096
+>>0x62	ubyte		4		8192
+>>0x62	ubyte		5		16384
+>>0x62	default		x
+>>>0x62	ubyte		x		E2=%u
+# MBR signature
+>0x1FE	leshort		!0xAA55		\b, invalid MBR
+# 512 zeros
+>0x200 	uquad		!0		\b, zeroes 0x%llx
+# First sub-file offset (absolute); sometimes NO/UNKNOWN sub file!
+>0x40C	ulelong		>0		\b, at 0x%x
+# sub-file Header length
+#>>(0x40C.l)	uleshort	x	\b, header len 0x%x
+>>(0x40C.l)	uleshort	x	%u bytes
+# sub-file Type[10] like "GARMIN RGN" "GARMIN TRE", "GARMIN TYP", etc.
+>>(0x40C.l+2)	ubyte	>0x1F
+>>>(0x40C.l+2)	ubyte	<0xFF
+>>>>(0x40C.l+2)	string	x		"%.10s"
+# 0x00 for most maps, 0x80 for locked maps (City Nav, City Select, etc.) 
+>>>>(0x40C.l+13)	ubyte	>0		\b, locked 0x%x
+# Block sequence numbers like 0000 0100 0200 ... FFFF
+# >0x420	ubequad		>0	\b, seq. 0x%16.16llx
+# >>0x428	ubequad		>0	\b%16.16llx
+# >>>0x430	ubequad	>0	\b%16.16llx
+# >>>>0x438	ubequad	>0	\b%16.16llx
+# >>>>>0x440	ubequad	>0	\b%16.16llx
+# >>>>>>0x448	ubequad	>0	\b%16.16llx
+# >>>>>>>0x450	ubequad	>0	\b%16.16llx
+# >>>>>>>>0x458	ubequad	>0	\b%16.16llx
+# >>>>>>>>>0x460	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>0x468	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>0x470	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>0x478	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>0x480	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>0x488	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>0x490	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>0x498	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>>0x4A0	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>>>0x4A8	ubequad	>0	\b%16.16llx
+# look for end of FAT
+#>>0x420	search/512/s	\xff\xff	FAT END
+# Physical block number of FAT header
+#>0x40	ubyte		x		\b, FAT at phy. block %u
+>0x40	ubyte		x
+>>(0x40.b*512)	ubyte	x
+# 1st FAT block
+>>>&511 	use	garmin-fat
+# 2nd FAT block
+>>>&1023 	use	garmin-fat
+# 3th FAT block
+>>>&1535 	use	garmin-fat
+# 4th FAT block
+>>>&2047 	use	garmin-fat
+# ... xth FAT block
+#
+# 314 zeros but not in vpm and also gmaptz.img
+>0x84 	uquad		!0		\b, at 0x84 0x%llx
+# display FileAllocationTable block entry in garmin map
+0	name				garmin-fat
+>0	ubyte		x		\b;
+# sub file part; 0x0003 seems to be garbage
+>0x10	uleshort	!0		next 0x%4.4x
+>0x10	uleshort	=0
+# fat flag 0~dummy block 1~true sub file
+>>0	ubyte		!1		flag %u 
+>>0	ubyte		=1
+# sub-file name like MAKEGMAP 12345678
+>>>0x1	string		x		%.8s
+# sub-file typ like RGN TRE MDR LBL
+>>>0x9	string		x		\b.%.3s
+# size of sub file
+>>>0xC	ulelong		x		\b, %u bytes
+# 32-bit block sequence numbers
+#>>>0x20	ubequad		x		\b, seq. 0x%16.16llx
+
+#	display date stored inside Garmin maps like yyyy-mm-dd h:mm:ss
+0	name				garmin-date
+# year like 2018
+>0 	uleshort	x 		\b, created %u
+# month (0-11)
+>2	ubyte		x		\b-%.2u
+# day (1-31)
+>3	ubyte		x		\b-%.2u
+# hour (0-23)
+>4	ubyte		x		%u
+# minute (0-59)
+>5	ubyte		x		\b:%.2u
+# second (0-59)
+>6	ubyte		x		\b:%.2u
+
+# Summary: Garmin Map subfiles
+# From:	Joerg Jenderek
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/IMG_File_Format
+# Garmin Common Header
+2	string	GARMIN\ 
+# skip ASCII text by checking for low header length
+>0	uleshort <0x1000	Garmin map,
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/GMP_Subfile_Format
+>>9	string	GMP				subtile
+!:mime			application/x-garmin-gpm
+!:ext			gmp
+# copyright message
+>>>(0.s)		string		x	%s
+>>>0x0E 		use		garmin-date
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/MDR_Subfile_Format
+# This contains the searchable address table used for finding routing destinations
+>>9	string	MDR				address table
+!:mime			application/x-garmin-mdr
+!:ext			mdr
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/NOD_Subfile_Format
+# http://svn.parabola.me.uk/display/trunk/doc/nod.txt
+# This contains the routing information
+>>9	string	NOD				routing
+!:mime			application/x-garmin-nod
+!:ext			nod
+>>>0x0E 		use		garmin-date
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes NOD1
+#>>>0x25			ulelong		x	\b, at 0x%x
+#>>>0x29			ulelong		x	0x%x bytes NOD2
+#>>>0x31			ulelong		x	\b, at 0x%x
+#>>>0x35			ulelong		x	0x%x bytes NOD3
+# URL: http://www.pinns.co.uk/osm/net.html
+# routable highways (length, direction, allowed speed,house address information)
+>>9	string	NET				highways
+!:mime			application/x-garmin-net
+!:ext			net
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes NET1
+#>>>0x22			ulelong		>0
+#>>>>0x1E		ulelong		x	\b, at 0x%x
+#>>>>0x22		ulelong		x	0x%x bytes NET2
+#>>>0x2B			ulelong		>0
+#>>>>0x27		ulelong		x	\b, at 0x%x
+#>>>>0x2B		ulelong		x	0x%x bytes NET3
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/LBL_Subfile_Format
+>>9	string	LBL				labels
+!:mime			application/x-garmin-lbl
+!:ext			lbl
+>>>(0.s)		string	x	%s
+# Label coding type 6h 9h and ah
+>>>0x1E			ubyte		x	\b, coding type 0x%x
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes LBL1
+#>>>0x1F			ulelong		x	\b, at 0x%x
+#>>>0x23			ulelong		x	0x%x bytes LBL2
+#>>>0x2D			ulelong		x	\b, at 0x%x
+#>>>0x31			ulelong		x	0x%x bytes LBL3
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/SRT_Subfile_Format
+# A lookup table of the chars in the map's codepage, and their collating sequence
+>>9	string	SRT				sort table
+!:mime			application/x-garmin-srt
+!:ext			srt
+>>>0x0E 		use		garmin-date
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/TRE_Subfile_Format
+>>9	string	TRE				tree
+!:mime			application/x-garmin-tre
+!:ext			tre
+# title like City Nav Europe NTU 2019.2 Basemap
+# or OSM Street map
+>>>(0.s)		string		x	%s
+# 2nd title like Copyright 1995-2018 by GARMIN Corporation.
+# or http://www.openstreetmap.org/
+>>>>&1			string		x	%s
+>>>0x0E 		use		garmin-date
+#>>>0x21			ulelong		x	\b, at 0x%x
+#>>>0x25			ulelong		x	0x%x bytes TRE1
+#>>>0x29			ulelong		x	\b, at 0x%x
+#>>>0x2D			ulelong		x	0x%x bytes TRE2
+#>>>0x31			ulelong		x	\b, at 0x%x
+#>>>0x35			ulelong		x	0x%x bytes TRE3
+# Copyright record size
+#>>>0x39			uleshort	x	\b, copyright record size %u
+# Map ID
+>>>0x74			ulelong		x	\b, ID 0x%x
+# URL: https://www.gpspower.net/garmin-tutorials/353310-basecamp-installing-free-desktop-map.html
+# For road traffic information service (RDS/TMS/TMC). Commonly seen in City Navigator maps
+>>9	string	TRF				traffic,
+!:mime			application/x-garmin-trf
+!:ext			trf
+# city/region like Preitenegg
+>>>(0.s+1) 		string		x	1st %s
+# highway part like L606/L148
+>>>>&1			string		x	%s
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/Format
+# Reference: http://www.pinns.co.uk/osm/typformat.html
+# customize the appearance of objects. For GPS and MapSource/Qlandkarte better looking maps
+>>9	string	TYP				types
+!:mime			application/x-garmin-typ
+!:ext			typ
+>>>0x0E 		use		garmin-date
+# character set 1252 65001~UTF8
+>>>0x15			uleshort	x	\b, code page %u
+# POIs
+#>>>0x17			ulelong		x	\b, at 0x%x
+#>>>0x1B			ulelong		x	0x%x bytes TYP1
+# extra pois
+#>>>0x5B			ulelong		x	\b, at 0x%x
+#>>>0x5F			ulelong		x	0x%x bytes TYP8
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/RGN_Subfile_Format
+# http://www.pinns.co.uk/osm/RGN.html
+# region data used by the Garmin software
+>>9	string	RGN				region
+!:mime			application/x-garmin-rgn
+!:ext			rgn
+# POIs,Indexed POIs,Polylines or Polygons or first map level
+#>>>0x15			ulelong	       x	\b, at 0x%x
+#>>>0x19			ulelong	       x	0x%x bytes RGN1
+# polygons with extended types
+#>>>0x21			ulelong	       >0
+#>>>>0x1D		ulelong	       x	\b, at 0x%x
+#>>>>0x21		ulelong	       x	0x%x bytes RGN2
+# polylines with extended types
+#>>>0x3D			ulelong	       >0
+#>>>>0x39		ulelong	       x	\b, at 0x%x
+#>>>>0x3D		ulelong	       x	0x%x bytes RGN3
+# extended POIs
+#>>>0x59			ulelong	       >0
+#>>>>0x55		ulelong	       x	\b, at 0x%x
+#>>>>0x59		ulelong	       x	0x%x bytes RGN3
+#>>9	default		x		unknown map type
+# Header length; GMP:31h 35h 3Dh,MDR:11Eh 238h 2C4h 310h,NOD:3Fh 7Fh,NET:64h,
+# LBL:2A9h,SRT:1Dh 25h 27h,TRE:CFh 135h,TRF:5Ah,TYP:5Bh 6Eh 7Ch AEh,RGN:7Dh
+>>0	uleshort	x		\b, header length 0x%x
+
 # TOM TOM GPS watches ttbin files:
-# http://github.com/ryanbinns/ttwatch/tree/master/ttbin
+# https://github.com/ryanbinns/ttwatch/tree/master/ttbin
 # From: Daniel Lenski
 0	byte	0x20
 >1	leshort	0x0007
@@ -17568,7 +19690,7 @@
 #
 # MARC21 formats are for the representation and communication
 # of bibliographic and related information in machine-readable
-# form.  For more info, see http://www.loc.gov/marc/
+# form.  For more info, see https://www.loc.gov/marc/
 
 
 # leader position 20-21 must be 45
@@ -17682,10 +19804,10 @@
 
 
 #------------------------------------------------------------------------------
-# $File: matroska,v 1.8 2013/02/08 17:25:16 christos Exp $
+# $File: matroska,v 1.9 2019/04/19 00:42:27 christos Exp $
 # matroska:  file(1) magic for Matroska files
 #
-# See http://www.matroska.org/
+# See https://www.matroska.org/
 #
 
 # EBML id:
@@ -17737,7 +19859,7 @@
 >5	byte		3		keymode: MD5 hash
 
 #------------------------------------------------------------------------------
-# $File: measure,v 1.1 2017/11/28 14:01:14 christos Exp $
+# $File: measure,v 1.2 2018/06/23 16:13:15 christos Exp $
 # measure: file(1) magic for measurement data
 
 # DIY-Thermocam raw data
@@ -17745,40 +19867,40 @@
 >0	beshort	x	scale %d-
 >2	beshort x	\b%d,
 >4	lefloat	x	spot sensor temperature %f,
->9	byte	0	unit celsius,
->9	byte	1	unit fahrenheit,
->8	byte	x	color scheme %d
->10	byte	1	\b, show spot sensor
->11	byte	1	\b, show scale bar
->12	byte	&1	\b, minimum point enabled
->12	byte	&2	\b, maximum point enabled
+>9	ubyte	0	unit celsius,
+>9	ubyte	1	unit fahrenheit,
+>8	ubyte	x	color scheme %d
+>10	ubyte	1	\b, show spot sensor
+>11	ubyte	1	\b, show scale bar
+>12	ubyte	&1	\b, minimum point enabled
+>12	ubyte	&2	\b, maximum point enabled
 >13	lefloat	x	\b, calibration: offset %f,
 >17	lefloat x	slope %f
 
 0	name	diy-thermocam-checker
->9	byte	<2
->>10	byte	<2
->>>11	byte	<2
->>>>12	byte	<4
+>9	ubyte	<2
+>>10	ubyte	<2
+>>>11	ubyte	<2
+>>>>12	ubyte	<4
 >>>>>17	lefloat	>0.0001	DIY-Thermocam raw data
 
 # V2 and Leption 3.x:
-38408	byte	<19
+38408	ubyte	<19
 >38400	use	diy-thermocam-checker
 >>38400	default x	(Lepton 3.x),
 >>>38400	use	diy-thermocam-parser
 
 # V1 or Lepton 2.x
-9608	byte	<19
+9608	ubyte	<19
 >9600	use	diy-thermocam-checker
 >>9600	default	x	(Lepton 2.x),
 >>>9600	use	diy-thermocam-parser
 
 
 #------------------------------------------------------------------------------
-# $File: mercurial,v 1.4 2009/09/19 16:28:10 christos Exp $
+# $File: mercurial,v 1.5 2019/04/19 00:42:27 christos Exp $
 # mercurial:  file(1) magic for Mercurial changeset bundles
-# http://www.selenic.com/mercurial/wiki/
+# https://www.selenic.com/mercurial/wiki/
 #
 # Jesse Glick (jesse.glick@sun.com)
 #
@@ -17789,10 +19911,10 @@
 >4	string		BZ		(bzip2 compressed)
 
 #------------------------------------------------------------------------------
-# $File: metastore,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: metastore,v 1.3 2019/04/19 00:42:27 christos Exp $
 # metastore:  file(1) magic for metastore files
 # From: Thomas Wissen
-# see http://david.hardeman.nu/software.php#metastore
+# see https://david.hardeman.nu/software.php#metastore
 0	string		MeTaSt00r3	Metastore data file,
 >10	bequad		x		version %0llx
 
@@ -17846,10 +19968,10 @@
 >7	byte	=2	Gridded binary (GRIB) version 2
 
 #------------------------------------------------------------------------------
-# $File: microfocus,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: microfocus,v 1.3 2019/04/19 00:42:27 christos Exp $
 # Micro Focus COBOL data files.
 
-# http://documentation.microfocus.com/help/index.jsp?topic=\
+# https://documentation.microfocus.com/help/index.jsp?topic=\
 # %2FGUID-0E0191D8-C39A-44D1-BA4C-D67107BAF784%2FHRFLRHFILE05.html
 # http://www.cobolproducts.com/datafile/data-viewer.html
 # https://github.com/miracle2k/mfcobol-export
@@ -18004,7 +20126,7 @@
 0	long	31415		Mirage Assembler m.out executable
 
 #-----------------------------------------------------------------------------
-# $File: misctools,v 1.17 2017/03/17 21:35:28 christos Exp $
+# $File: misctools,v 1.18 2019/04/19 00:42:27 christos Exp $
 # misctools:  file(1) magic for miscellaneous UNIX tools.
 #
 0	search/1	%%!!			X-Post-It-Note text
@@ -18012,7 +20134,7 @@
 !:mime	text/calendar
 # updated by Joerg Jenderek at Apr 2015
 # Extension: .vcf
-# http://en.wikipedia.org/wiki/VCard
+# https://en.wikipedia.org/wiki/VCard
 0	string/c	BEGIN:VCARD		vCard visiting card
 # deprecated
 #!:mime	text/x-vcard
@@ -18040,7 +20162,7 @@
 # "Windows Minidump" by TrID
 # ./misctools (version 5.25) labeled the entry as "MDMP crash report data"
 0	string		MDMP					Mini DuMP crash report
-# http://filext.com/file-extension/DMP
+# https://filext.com/file-extension/DMP
 !:mime	application/x-dmp
 !:ext	dmp/mdmp
 # The high-order word is an internal value that is implementation specific.
@@ -18094,7 +20216,7 @@
 0	string	\001\001\001\001	MMDF mailbox
 
 #------------------------------------------------------------------------------
-# $File: modem,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: modem,v 1.9 2019/04/19 00:42:27 christos Exp $
 # modem:  file(1) magic for modem programs
 #
 # From: Florian La Roche <florian@knorke.saar.de>
@@ -18105,7 +20227,7 @@
 # Summary: CCITT Group 3 Facsimile in "raw" form (i.e. no header).
 # Modified by: Joerg Jenderek
 # URL: https://de.wikipedia.org/wiki/Fax
-# Reference: http://web.archive.org/web/20020628195336/http://www.netnam.vn/unescocourse/computervision/104.htm
+# Reference: https://web.archive.org/web/20020628195336/http://www.netnam.vn/unescocourse/computervision/104.htm
 # GRR: EOL of G3 is too general as it catches also TrueType fonts, Postscript PrinterFontMetric, others
 0	short		0x0100
 # 16 0-bits near beginning like True Type fonts *.ttf, Postscript PrinterFontMetric *.pfm, FTYPE.HYPERCARD, XFER
@@ -18251,14 +20373,29 @@
 >8      beshort         x               (version %04x)
 
 #------------------------------------------------------------------------------
-# $File: mozilla,v 1.8 2018/01/17 12:08:36 christos Exp $
+# $File: mozilla,v 1.10 2019/04/19 00:42:27 christos Exp $
 # mozilla:  file(1) magic for Mozilla XUL fastload files
 # (XUL.mfasl and XPC.mfasl)
-# URL:	http://www.mozilla.org/
+# URL:	https://www.mozilla.org/
 # From:	Josh Triplett <josh@freedesktop.org>
 
 0	string	XPCOM\nMozFASL\r\n\x1A		Mozilla XUL fastload data
+# Probably the next magic line contains misspelled "mozLz40\0"
 0	string	mozLz4a				Mozilla lz4 compressed bookmark data
+# From: Joerg Jenderek
+# URL: https://lz4.github.io/lz4/
+# Reference: https://github.com/avih/dejsonlz4/archive/master.zip/
+# dejsonlz4-master\src\dejsonlz4.c 
+# Note: mostly JSON compressed with a non-standard LZ4 header
+# can be unpacked by dejsonlz4 but not lz4 programm.
+0	string	mozLz40\0			Mozilla lz4 compressed data
+!:mime	application/x-lz4+json
+# mozlz4 extension seems to be used for search/store, while jsonlz4 for bookmarks
+!:ext	jsonlz4/mozlz4
+# decomp_size
+>8	ulelong	x				\b, originally %u bytes
+# lz4 data
+#>12	ubequad	x				\b, lz4 data 0x%16.16llx
 
 # From: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/Firefox_4
@@ -18273,7 +20410,7 @@
 #>4	use	zip-dir-entry
 
 #------------------------------------------------------------------------------
-# $File: msdos,v 1.121 2017/10/27 21:43:23 christos Exp $
+# $File: msdos,v 1.128 2019/04/19 00:42:27 christos Exp $
 # msdos:  file(1) magic for MS-DOS files
 #
 
@@ -18282,12 +20419,16 @@
 0	string/t	@
 >1	string/cW	\ echo\ off	DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	echo\ off	DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	rem		DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	set\ 		DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 
 
 # OS/2 batch files are REXX. the second regex is a bit generic, oh well
@@ -18322,6 +20463,9 @@
 # All non-DOS EXE extensions have the relocation table more than 0x40 bytes into the file.
 >0x18	leshort <0x40 MS-DOS executable
 !:mime	application/x-dosexec
+# Windows and later versions of DOS will allow .EXEs to be named with a .COM
+# extension, mostly for compatibility's sake.
+!:ext	exe/com
 # These traditional tests usually work but not always.  When test quality support is
 # implemented these can be turned on.
 #>>0x18	leshort	0x1c	(Borland compiler)
@@ -18340,9 +20484,33 @@
 >>>(0x3c.l+24)	default		x	Unknown PE signature
 >>>>&0 		leshort		x	0x%x
 >>>(0x3c.l+22)	leshort&0x2000	>0	(DLL)
->>>(0x3c.l+92)	leshort		1	(native)
->>>(0x3c.l+92)	leshort		2	(GUI)
->>>(0x3c.l+92)	leshort		3	(console)
+>>>(0x3c.l+92)	leshort		1
+# Native PEs include ntoskrnl.exe, hal.dll, smss.exe, autochk.exe, and all the
+# drivers in Windows/System32/drivers/*.sys.
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(native)
+!:ext	dll/sys
+>>>>(0x3c.l+22)	leshort&0x2000	0	(native)
+!:ext	exe/sys
+>>>(0x3c.l+92)	leshort		2
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(GUI)
+# These could probably be at least partially distinguished from one another by
+# looking for specific exported functions.
+# CPL: Control Panel item
+# TLB: Type library
+# OCX: OLE/ActiveX control
+# ACM: Audio compression manager codec
+# AX: DirectShow source filter
+# IME: Input method editor
+!:ext	dll/cpl/tlb/ocx/acm/ax/ime
+>>>>(0x3c.l+22)	leshort&0x2000	0	(GUI)
+# Screen savers typically include code from the scrnsave.lib static library, but
+# that's not guaranteed.
+!:ext	exe/scr
+>>>(0x3c.l+92)	leshort		3
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(console)
+!:ext	dll/cpl/tlb/ocx/acm/ax/ime
+>>>>(0x3c.l+22)	leshort&0x2000	0	(console)
+!:ext	exe/com
 >>>(0x3c.l+92)	leshort		7	(POSIX)
 >>>(0x3c.l+92)	leshort		9	(Windows CE)
 >>>(0x3c.l+92)	leshort		10	(EFI application)
@@ -18424,8 +20592,16 @@
 >>>(0x3c.l+0x36)	default		x
 >>>>(0x3c.l+0x36)	byte		x (unknown OS %x)
 >>>(0x3c.l+0x36)	byte		0x81 for MS-DOS, Phar Lap DOS extender
->>>(0x3c.l+0x0c)	leshort&0x8003	0x8002 (DLL)
->>>(0x3c.l+0x0c)	leshort&0x8003	0x8001 (driver)
+>>>(0x3c.l+0x0c)	leshort&0x8000	0x8000 (DLL or font)
+# DRV: Driver
+# 3GR: Grabber device driver
+# CPL: Control Panel Item
+# VBX: Visual Basic Extension
+# FON: Bitmap font
+# FOT: Font resource file
+!:ext	dll/drv/3gr/cpl/vbx/fon/fot
+>>>(0x3c.l+0x0c)	leshort&0x8000	0 (EXE)
+!:ext	exe/scr
 >>>&(&0x24.s-1)		string		ARJSFX \b, ARJ self-extracting archive
 >>>(0x3c.l+0x70)	search/0x80	WinZip(R)\ Self-Extractor \b, ZIP self-extracting archive (WinZip)
 
@@ -18472,6 +20648,11 @@
 >>>(0x3c.l+0x0a)	leshort		2 for MS Windows
 >>>(0x3c.l+0x0a)	leshort		3 for DOS
 >>>(0x3c.l+0x0a)	leshort		4 for MS Windows (VxD)
+# VXD: VxD for Windows 95/98/Me
+# 386: VxD for Windows 2.10, 3.0, 3.1x
+# PDR: Port driver
+# MPD: Miniport driver (?)
+!:ext	vxd/386/pdr/mpd
 >>>(&0x7c.l+0x26)	string		UPX \b, UPX compressed
 >>>&(&0x54.l-3)		string		UNACE \b, ACE self-extracting archive
 
@@ -18480,6 +20661,7 @@
 >>0x3c		lelong	>0x20000000
 >>>(4.s*512)	leshort !0x014c \b, MZ for MS-DOS
 !:mime	application/x-dosexec
+!:ext	exe/com
 # header data too small for extended executable
 >2		long	!0
 >>0x18		leshort <0x40
@@ -18578,8 +20760,8 @@
 >>49824 leshort		=1			\b, 1 file
 >>49824 leshort		>1			\b, %u files
 
-# added by Joerg Jenderek of http://www.freedos.org/software/?prog=kc
-# and http://www.freedos.org/software/?prog=kpdos
+# added by Joerg Jenderek of https://www.freedos.org/software/?prog=kc
+# and https://www.freedos.org/software/?prog=kpdos
 # for FreeDOS files like KEYBOARD.SYS, KEYBRD2.SYS, KEYBRD3.SYS, *.KBD
 0	string/b	KCF		FreeDOS KEYBoard Layout collection
 # only version=0x100 found
@@ -18721,6 +20903,8 @@
 
 0       name    msdos-com
 >0  byte        x               DOS executable (COM)
+!:mime	application/x-dosexec
+!:ext	com
 >6	string		SFX\ of\ LHarc	\b, %s
 >0x1FE leshort	0xAA55		    \b, boot code
 >85	string		UPX		        \b, UPX compressed
@@ -18757,11 +20941,11 @@
 # modified by Joerg Jenderek
 # syslinux COM32 or COM32R executable
 >>1	lelong&0xFFFFFFFe 0x21CD4CFe	COM executable (32-bit COMBOOT
-# http://www.syslinux.org/wiki/index.php/Comboot_API
+# https://www.syslinux.org/wiki/index.php/Comboot_API
 # Since version 5.00 c32 modules switched from the COM32 object format to ELF
 !:mime	application/x-c32-comboot-syslinux-exec
 !:ext c32
-# http://syslinux.zytor.com/comboot.php
+# https://syslinux.zytor.com/comboot.php
 # older syslinux version ( <4 )
 # (32-bit COMBOOT) programs *.C32 contain 32-bit code and run in flat-memory 32-bit protected mode
 # start with assembler instructions mov eax,21cd4cffh
@@ -18787,41 +20971,75 @@
 0	string/b	\x81\xfc
 >4	string	\x77\x02\xcd\x20\xb9
 >>36	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 252	string Must\ have\ DOS\ version DR-DOS executable (COM)
+!:mime	application/x-dosexec
+!:ext	com
 # added by Joerg Jenderek at Oct 2008
 # GRR search is not working
 #34	search/2	UPX!		FREE-DOS executable (COM), UPX compressed
 34	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 35	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 # GRR search is not working
 #2	search/28	\xcd\x21	COM executable for MS-DOS
 #WHICHFAT.cOM
 2	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #DELTREE.cOM DELTREE2.cOM
 4	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #IFMEMDSK.cOM ASSIGN.cOM COMP.cOM
 5	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #DELTMP.COm HASFAT32.cOM
 7	string	\xcd\x21
 >0	byte	!0xb8			COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #COMP.cOM MORE.COm
 10	string	\xcd\x21
 >5	string	!\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #comecho.com
 13	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #HELP.COm EDIT.coM
 18	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #NWRPLTRM.COm
 23	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #LOADFIX.cOm LOADFIX.cOm
 30	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #syslinux.com 3.11
 70	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 # many compressed/converted COMs start with a copy loop instead of a jump
 0x6	search/0xa	\xfc\x57\xf3\xa5\xc3	COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 0x6	search/0xa	\xfc\x57\xf3\xa4\xc3	COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 >0x18	search/0x10	\x50\xa4\xff\xd5\x73	\b, aPack compressed
 0x3c	string		W\ Collis\0\0		COM executable for MS-DOS, Compack compressed
+!:mime	application/x-dosexec
+!:ext	com
 # FIXME: missing diet .com compression
 
 # miscellaneous formats
@@ -19065,10 +21283,16 @@
 #0	string	Nullsoft\ AVS\ Preset\ \060\056\061\032 A plug in for Winamp ms-windows Freeware media player
 0	string/b	Nullsoft\ AVS\ Preset\ 	Winamp plug in
 
-# Windows Metafont .WMF
-0	string/b	\327\315\306\232	ms-windows metafont .wmf
-0	string/b	\002\000\011\000	ms-windows metafont .wmf
-0	string/b	\001\000\011\000	ms-windows metafont .wmf
+# Windows Metafile .WMF
+0	string/b	\327\315\306\232	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
+0	string/b	\002\000\011\000	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
+0	string/b	\001\000\011\000	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
 
 #tz3 files whatever that is (MS Works files)
 0	string/b	\003\001\001\004\070\001\000\000	tz3 ms-works file
@@ -19110,8 +21334,9 @@
 # skip remaining worksheets, because valid only for DIB image (40) or PNG image (\x89PNG)
 >>(18.l)	ulelong		x		MS Windows
 >>>0		ubelong		0x00000100	icon resource
-#!:mime		image/vnd.microsoft.icon
-!:mime		image/x-icon
+# https://www.iana.org/assignments/media-types/image/vnd.microsoft.icon
+!:mime		image/vnd.microsoft.icon
+#!:mime		image/x-icon
 !:ext		ico
 >>>>4 		uleshort	x		- %d icon
 # plural s
@@ -19157,7 +21382,8 @@
 #>12		ulelong		x		\b, offset 0x%x
 # PNG header (\x89PNG)
 >(12.l)		ubelong		=0x89504e47
->>&-4		indirect	x	\b with
+# 1 space char after "with" to get phrase "with PNG image" by magic in ./images
+>>&-4		indirect	x	\b with 
 # DIB image
 >(12.l)		ubelong		!0x89504e47
 #>>&-4		use     	dib-image
@@ -19226,10 +21452,11 @@
 0	lelong		0x4C
 >4	lelong		0x00021401	Windows shortcut file
 
-# .PIF files added by Joerg Jenderek from http://smsoft.ru/en/pifdoc.htm
+# .PIF files added by Joerg Jenderek from https://smsoft.ru/en/pifdoc.htm
 # only for windows versions equal or greater 3.0
 0x171	string	MICROSOFT\ PIFEX\0	Windows Program Information File
 !:mime	application/x-dosexec
+!:ext	pif
 #>2	string	 	>\0		\b, Title:%.30s
 >0x24	string		>\0		\b for %.63s
 >0x65	string		>\0		\b, directory=%.64s
@@ -19277,7 +21504,7 @@
 
 # Norton Guide (.NG , .HLP) files added by Joerg Jenderek from source NG2HTML.C
 # of http://www.davep.org/norton-guides/ng2h-105.tgz
-# http://en.wikipedia.org/wiki/Norton_Guides
+# https://en.wikipedia.org/wiki/Norton_Guides
 0	string		NG\0\001
 # only value 0x100 found at offset 2
 >2	ulelong		0x00000100	Norton Guide
@@ -19289,7 +21516,7 @@
 >>114	string		>\0		%-.66s
 
 # 4DOS help (.HLP) files added by Joerg Jenderek from source TPHELP.PAS
-# of http://www.4dos.info/
+# of https://www.4dos.info/
 # pointer,HelpID[8]=4DHnnnmm
 0	ulelong	0x48443408		4DOS help file
 >4	string	x			\b, version %-4.4s
@@ -19305,12 +21532,246 @@
 
 #------------------------------------------------------------------------------
 # From Stuart Caie <kyzer@4u.net> (developer of cabextract)
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Cabinet_(file_format)
+# Reference: https://msdn.microsoft.com/en-us/library/bb267310.aspx
+# Note: verified by `7z l *.cab`
 # Microsoft Cabinet files
 0	string/b	MSCF\0\0\0\0	Microsoft Cabinet archive data
-!:mime application/vnd.ms-cab-compressed
->8	lelong		x		\b, %u bytes
->28	leshort		1		\b, 1 file
->28	leshort		>1		\b, %u files
+#
+# https://support.microsoft.com/en-us/help/973559/frequently-asked-questions-about-the-microsoft-support-diagnostic-tool
+# CAB with *.{diagcfg,diagpkg} is used by Microsoft Support Diagnostic Tool MSDT.EXE
+# because some archive does not have *.diag* as 1st or 2nd archive member like
+# O15CTRRemove.diagcab or AzureStorageAnalyticsLogs_global.DiagCab
+# brute looking after header for filenames with diagcfg or diagpkg extension in CFFILE section
+>0x2c	search/980/c	.diag		\b, Diagnostic
+!:mime	application/vnd.ms-cab-compressed
+!:ext	diagcab
+# http://fileformats.archiveteam.org/wiki/PUZ
+# Microsoft Publisher version about 2003 has a "Pack and Go" feature that
+# bundles a Publisher document *PNG.pub with all links into a CAB
+>0x2c	search/300/c	png.pub\0		\b, Publisher Packed and Go
+!:mime	application/vnd.ms-cab-compressed
+!:ext	puz
+# ppz variant with Microsoft PowerPoint Viewer ppview32.exe to play PowerPoint presentation
+>0x2c	search/17/c	ppview32.exe\0		\b, PowerPoint Viewer Packed and Go
+!:mime	application/vnd.ms-powerpoint
+#!:mime	application/mspowerpoint
+!:ext	ppz
+# http://www.incredimail.com/
+# IncrediMail CAB contains an initialisation file "content.ini" like in im2.ims
+>0x2c	search/3369/c	content.ini\0	\b, IncrediMail
+!:mime	application/x-incredimail
+# member Flavor.htm implies IncrediMail ecard like in tell_a_friend.imf
+>>0x2c	search/83/c	Flavor.htm\0	ecard
+!:ext	imf
+# member Macromedia Flash data *.swf implies IncrediMail skin like in im2.ims
+>>0x2c	search/211/c	.swf\0		skin
+!:ext	ims
+# member anim.im3 implies IncrediMail animation like in letter_fold.ima 
+>>0x2c	search/92/c	anim.im3\0	animation
+!:ext	ima
+# other IncrediMail cab archive
+>>0x2c	default		x
+>>>0x2c	search/116/c	thumb		ecard, image, notifier or skin
+!:ext	imf/imi/imn/ims
+# http://file-extension.net/seeker/file_extension_ime
+>>>0x2c	default		x		emoticons or sound
+!:ext	ime/imw
+# no Diagnostic and IncrediMail
+>0x2c	default		x
+# look for 1st member name
+>>(16.l+16)	ubyte	x
+# https://en.wikipedia.org/wiki/SNP_file_format
+>>>&-1	string/c 	_accrpt_.snp	\b, Access report snapshot
+!:mime	application/msaccess
+!:ext	snp
+# https://www.cabextract.org.uk/wince_cab_format/
+# extension of DOS 8+3 name with ".000" of 1st archive member name implies Windows CE installer
+>>>&7	string 		=.000		\b, WinCE install
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+
+# https://support.microsoft.com/kb/934307/en-US
+# All inspected MSU contain a file with name WSUSSCAN.cab
+# that is called "Windows Update meta data" by Microsoft
+>>>&-1	string/c 	wsusscan.cab	\b, Microsoft Standalone Update
+!:mime	application/vnd.ms-cab-compressed
+!:ext	msu
+>>>&-1	default		x
+# look at point charcter of 1st archive member name for file name extension
+>>>>&-1	search/255 	.
+# http://www.pptfaq.com/FAQ00164_What_is_a_PPZ_file-.htm
+# PPZ were created using Pack & Go feature of PowerPoint versions 97 - 2002
+# packs optional files, a PowerPoint presentation *.ppt with optional PLAYLIST.LST to CAB
+>>>>>&0	string/c	ppt\0		\b, PowerPoint Packed and Go
+!:mime	application/vnd.ms-powerpoint
+#!:mime	application/mspowerpoint
+!:ext	ppz
+# https://msdn.microsoft.com/en-us/library/windows/desktop/bb773190(v=vs.85).aspx
+# first member *.theme implies Windows 7 Theme Pack like in CommunityShowcaseAqua3.themepack
+# or Windows 8 Desktop Theme Pack like in PanoramicGlaciers.deskthemepack
+>>>>>&0	string/c	theme		\b, Windows
+!:mime	application/x-windows-themepack
+# https://www.drewkeller.com/content/using-theme-both-windows-7-and-windows-8
+# 1st member Panoramic.theme or Panoramas.theme implies Windows 8-10 Theme Pack
+# with MTSM=RJSPBS in [MasterThemeSelector] inside *.theme
+>>>>>>(16.l+16)	string	=Panoram	8
+!:ext	deskthemepack
+>>>>>>(16.l+16)	string	!Panoram	7 or 8
+!:ext	themepack/deskthemepack
+>>>>>>(16.l+16)	ubyte	x		Theme Pack
+>>>>>&0	default		x
+# look for null terminator of 1st member name
+>>>>>>&0	search/255 	\0
+# 2nd member name WSUSSCAN.cab like in Microsoft-Windows-MediaFeaturePack-OOB-Package.msu
+>>>>>>>&16	string/c 	wsusscan.cab	\b, Microsoft Standalone Update
+!:mime	application/vnd.ms-cab-compressed
+!:ext	msu
+>>>>>>>&16	default	x
+# archive with more then one file need some output in version 5.32 to avoid error message like
+# Magdir/msdos, 1138: Warning: Current entry does not yet have a description for adding a MIME type
+# Magdir/msdos, 1139: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files!
+>>>>>>>>28	uleshort	>1	\b, many
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+# remaining archives with just one file
+>>>>>>>>28	uleshort	=1
+# neither extra bytes nor cab chain implies Windows 2000,XP setup files in directory i386
+>>>>>>>>>30	uleshort	=0x0000	\b, Windows 2000/XP setup
+# cut of last char of source extension and add underscore to generate extension
+# TERMCAP._ ... FXSCOUNT.H_ ... L3CODECA.AC_ ... NPDRMV2.ZI_
+!:mime	application/vnd.ms-cab-compressed
+!:ext	_/?_/??_
+# archive need some output like "single" in version 5.32 to avoid error messages
+>>>>>>>>>30	uleshort	!0x0000	\b, single
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+# TODO: additional extensions like
+# .xsn	InfoPath Dynamic Form
+# .xtp	InfoPath Template Part
+# .lvf	Logitech Video Effects Face Accessory
+>8	ulelong		x		\b, %u bytes
+>28	uleshort		1		\b, 1 file
+>28	uleshort		>1		\b, %u files
+# Reserved fields, set to zero
+#>4	belong		!0		\b, reserved1 %x
+#>12	belong		!0		\b, reserved2 %x
+# offset of the first CFFILE entry coffFiles: minimal 2Ch
+>16	ulelong		x		\b, at 0x%x
+>(16.l)	use		cab-file
+# at least also 2nd member
+>28	uleshort		>1
+>>(16.l+16)	ubyte	x
+>>>&0	search/255 	\0
+# second member info
+>>>>&0	use		cab-file
+#>20	belong		!0		\b, reserved %x
+# Cabinet file format version. Currently, versionMajor = 1 and versionMinor = 3
+>24	ubeshort	!0x0301		\b version 0x%x
+# number of CFFOLDER entries
+>26	uleshort	>1		\b, %u cffolders
+# cabinet file option indicators 1~PREVIOUS, 2~NEXT, 4~reserved fields
+# only found for flags 0 1 2 3 4 not 7
+>30	uleshort	>0		\b, flags 0x%x
+# Cabinet files have a 16-bit cabinet setID field that is designed for application use.
+# default is zero, however, the -i option of cabarc can be used to set this field
+>32	uleshort	>0		\b, ID %u
+# iCabinet is number of this cabinet file in a set, where 0 for the first cabinet
+#>34	uleshort	x		\b, iCabinet %u
+# add one for display because humans start numbering by 1 and also fit to name of disk szDisk*
+>34	uleshort+1	x		\b, number %u
+>30	uleshort	&0x0004		\b, extra bytes
+# cbCFHeader optional size of per-cabinet reserved area 14h 1800h
+>>36	uleshort	>0		%u in head
+# cbCFFolder is optional size of per-folder reserved area
+>>38	ubyte		>0		%u in folder
+# cbCFData is optional size of per-datablock reserved area
+>>39	ubyte		>0		%u in data block
+# optional per-cabinet reserved area abReserve[cbCFHeader]
+>>36	uleshort	>0
+# 1st CFFOLDER after reserved area in header
+>>>(36.s+40)	use			cab-folder
+# no reserved area in header
+>30	uleshort	^0x0004
+# no previous and next cab archive
+>>30	uleshort		=0x0000
+>>>36	use				cab-folder
+# only previous cab archive
+>>30	uleshort		=0x0001	\b, previous
+>>>36	use				cab-anchor
+# only next cab archive
+>>30	uleshort		=0x0002	\b, next
+>>>36	use				cab-anchor
+# previous+next cab archive
+# can not use sub routine cab-anchor to display previous and next cabinet together
+#>>>36	use				cab-anchor
+#>>>>&0	use				cab-anchor
+>>30	uleshort		=0x0003	\b, previous
+>>>36	string		x		%s
+# optional name of previous disk szDisk*
+>>>>&1	string		x		disk %s
+>>>>>&1	string		x		\b, next %s
+# optional name of previous disk szDisk*
+>>>>>>&1	string		x	disk %s
+>>>>>>>&1	use			cab-folder
+#	display filename and disk name of previous or next cabinet
+0       name    			cab-anchor
+# optional name of previous/next cabinet file szCabinet*[255]
+>&0	string		x		%s
+# optional name of previous/next disk szDisk*[255]
+>>&1	string		x		disk %s
+#	display folder structure CFFOLDER information like compression of cabinet
+0       name    			cab-folder
+# offset of the CFDATA block in this folder
+#>0	ulelong		x		\b, coffCabStart 0x%x
+# number of CFDATA blocks in folder
+>4	uleshort	x		\b, %u datablock
+# plural s
+>4	uleshort	>1		\bs
+# compression typeCompress: 0~None 1~MSZIP 0x1503~LZX:21 0x1003~LZX:16 0x0f03~LZX:15
+>6	uleshort	x		\b, 0x%x compression
+# optional per-folder reserved area
+#>8	ubequad		x		\b, abReserve 0x%llx
+#	display member structure CFFILE information like member name of cabinet
+0       name    			cab-file
+# cbFile is uncompressed size of file in bytes 
+#>0	ulelong		x		\b, cbFile %u
+# uoffFolderStart is uncompressed offset of file in folder
+#>4	ulelong		>0		\b, uoffFolderStart 0x%x
+# iFolder is index into the CFFOLDER area. 0 indicates first folder in cabinet
+# define ifoldCONTINUED_FROM_PREV      (0xFFFD)
+# define ifoldCONTINUED_TO_NEXT        (0xFFFE)
+# define ifoldCONTINUED_PREV_AND_NEXT  (0xFFFF)
+>8	uleshort	>0		\b, iFolder 0x%x
+# date stamp for file
+#>10	uleshort	x		\b, date 0x%x
+# time stamp for file
+#>12	uleshort	x		\b, time 0x%x
+# attribs is attribute flags for file
+# define  _A_RDONLY       (0x01)  file is read-only
+# define  _A_HIDDEN       (0x02)  file is hidden
+# define  _A_SYSTEM       (0x04)  file is a system file
+# define  _A_ARCH         (0x20)  file modified since last backup
+# example http://sebastien.kirche.free.fr/pebuilder_plugins/depends.cab
+# define  _A_EXEC         (0x40)  run after extraction
+# define  _A_NAME_IS_UTF  (0x80)  szName[] contains UTF
+# define  UNKNOWN       (0x0100)  undocumented or accident
+#>14	uleshort	x		\b, attribs 0x%x
+>14	uleshort	>0		+
+>>14	uleshort	&0x0001		\bR
+>>14	uleshort	&0x0002		\bH
+>>14	uleshort	&0x0004		\bS
+>>14	uleshort	&0x0020		\bA
+>>14	uleshort	&0x0040		\bX
+>>14	uleshort	&0x0080		\bUtf
+# unknown 0x0100 flag found on one XP_CD:\I386\DRIVER.CAB
+>>14	uleshort	&0x0100		\b?
+# szName is name of archive member
+>16	string		x		"%s"
+# next archive member name if more files
+#>>&17	string		>\0		\b, NEXT NAME %-.50s
 
 # InstallShield Cabinet files
 0	string/b	ISc(		InstallShield Cabinet archive data
@@ -19361,16 +21822,8 @@
 >5	byte   <2
 >>48	string x			version %.3s
 
-# Type: Microsoft DirectDraw Surface
-# URL:	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
-# From: Morten Hustveit <morten@debian.org>
-0	string/b	DDS\040\174\000\000\000 Microsoft DirectDraw Surface (DDS),
->16	lelong	>0			%d x
->12	lelong	>0			%d,
->84	string	x			%.4s
-
 # Type: Microsoft Document Imaging Format (.mdi)
-# URL:	http://en.wikipedia.org/wiki/Microsoft_Document_Imaging_Format
+# URL:	https://en.wikipedia.org/wiki/Microsoft_Document_Imaging_Format
 # From: Daniele Sempione <scrows@oziosi.org>
 # Too weak (EP)
 #0	short	0x5045			Microsoft Document Imaging Format
@@ -19384,10 +21837,6 @@
 # From: Dr. Jesus <j@hug.gs>
 0	string/b	B000FF\n	Windows Embedded CE binary image
 
-# Windows Imaging (WIM) Image
-0	string/b	MSWIM\000\000\000	Windows imaging (WIM) image
-0	string/b	WLPWM\000\000\000	Windows imaging (WIM) image, wimlib pipable format
-
 # The second byte of these signatures is a file version; I don't know what,
 # if anything, produced files with version numbers 0-2.
 # From: John Elliott <johne@seasip.demon.co.uk>
@@ -19464,7 +21913,7 @@
 # concatenated.
 
 #------------------------------------------------------------------------------
-# $File: msooxml,v 1.7 2018/03/12 12:38:59 christos Exp $
+# $File: msooxml,v 1.12 2019/04/19 00:42:27 christos Exp $
 # msooxml:  file(1) magic for Microsoft Office XML
 # From: Ralf Brown <ralf.brown@gmail.com>
 
@@ -19488,26 +21937,28 @@
 0		string		PK\003\004
 !:strength +10
 # make sure the first file is correct
->0x1E		regex		\\[Content_Types\\]\\.xml|_rels/\\.rels
+>0x1E		use		msooxml
+>0x1E		regex		\\[Content_Types\\]\\.xml|_rels/\\.rels|docProps
 # skip to the second local file header
 # since some documents include a 520-byte extra field following the file
 # header, we need to scan for the next header
->>(18.l+49)	search/2000	PK\003\004
+>>(18.l+49)	search/6000	PK\003\004
 # now skip to the *third* local file header; again, we need to scan due to a
 # 520-byte extra field following the file header
->>>&26		search/1000	PK\003\004
+>>>&26		search/6000	PK\003\004
 # and check the subdirectory name to determine which type of OOXML
 # file we have.  Correct the mimetype with the registered ones:
-# http://technet.microsoft.com/en-us/library/cc179224.aspx
+# https://technet.microsoft.com/en-us/library/cc179224.aspx
 >>>>&26		use		msooxml	
 >>>>&26		default		x
 # OpenOffice/Libreoffice orders ZIP entry differently, so check the 4th file
->>>>>&26	search/1000	PK\003\004
+>>>>>&26	search/6000	PK\003\004
 >>>>>>&26	use		msooxml	
 >>>>>>&26	default		x		Microsoft OOXML
+>>>>>&26	default		x		Microsoft OOXML
 
 #------------------------------------------------------------------------------
-# $File: msvc,v 1.9 2017/08/02 08:15:20 christos Exp $
+# $File: msvc,v 1.10 2018/10/01 19:14:03 christos Exp $
 # msvc:  file(1) magic for msvc
 # "H. Nanosecond" <aldomel@ix.netcom.com>
 # Microsoft visual C
@@ -19562,7 +22013,7 @@
 >>>0x32	leshort	x	\b*%d bytes
 
 # Reference: https://github.com/Microsoft/vstest/pull/856/commits/fdc7a9f074ca5a8dfeec83b1be9162bf0cf4000d
-0       string/c bsjb\001\000\001\000\000\000\000\000\f\000\000\000pdb\ v1.0     Microsoft Rosyln C# debugging symbols version 1.0
+0       string/c bsjb\001\000\001\000\000\000\000\000\f\000\000\000pdb\ v1.0     Microsoft Roslyn C# debugging symbols version 1.0
 
 #.sbr
 0	string	\000\002\000\007\000	MSVC .sbr
@@ -20006,10 +22457,10 @@
 >22	   beshort		>0	- version %d
 
 #------------------------------------------------------------
-# $File: neko,v 1.1 2009/11/10 20:36:10 christos Exp $
+# $File: neko,v 1.2 2019/04/19 00:42:27 christos Exp $
 
 # From: Mikhail Gusarov <dottedmag@dottedmag.net>
-# NekoVM (http://nekovm.org/) bytecode
+# NekoVM (https://nekovm.org/) bytecode
 0	string		NEKO	NekoVM bytecode
 >4	lelong		x	(%d global symbols,
 >8	lelong		x	%d global fields,
@@ -20018,7 +22469,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: netbsd,v 1.25 2017/09/28 02:37:47 christos Exp $
+# $File: netbsd,v 1.26 2019/01/01 03:11:23 christos Exp $
 # netbsd:  file(1) magic for NetBSD objects
 #
 # All new-style magic numbers are in network byte order.
@@ -20027,184 +22478,149 @@
 # in aout.
 #
 
-0	belong&0377777777	041400413	a.out NetBSD/i386 demand paged
+0	name	netbsd-detail
+>20	lelong	x		@%#x
+>4	lelong	>0		\b+T=%d
+>8	lelong	>0		\b+D=%d
+>12	lelong	>0		\b+B=%d
+>16	lelong	>0		\b+S=%d
+>24	lelong	>0		\b+TR=%d
+>28	lelong	>0		\b+TD=%d
+
+0	name			netbsd-4096
 >0	byte			&0x80
 >>20	lelong			<4096		shared library
 >>20	lelong			=4096		dynamically linked executable
 >>20	lelong			>4096		dynamically linked executable
 >0	byte			^0x80		executable
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400410	a.out NetBSD/i386 pure
->0	byte			&0x80		dynamically linked executable
+
+0	name			netbsd-8192
+>0	byte			&0x80
+>>20	lelong			<8192		shared library
+>>20	lelong			=8192		dynamically linked executable
+>>20	lelong			>8192		dynamically linked executable
 >0	byte			^0x80		executable
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400407	a.out NetBSD/i386
+>0	use			netbsd-detail
+
+0	name			netbsd-normal
 >0	byte			&0x80		dynamically linked executable
 >0	byte			^0x80
 >>0	byte			&0x40		position independent
 >>20	lelong			!0		executable
 >>20	lelong			=0		object file
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400507	a.out NetBSD/i386 core
+>0	use			netbsd-detail
+
+0	name			netbsd-pure
+>0	byte			&0x80		dynamically linked executable
+>0	byte			^0x80		executable
+>16	lelong			>0		not stripped
+>0	use			netbsd-detail
+
+0	name			netbsd-core
 >12	string			>\0		from '%s'
 >32	lelong			!0		(signal %d)
 
+0	belong&0377777777	041400413	a.out NetBSD/i386 demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	041400410	a.out NetBSD/i386 pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	041400407	a.out NetBSD/i386
+>0	use			netbsd-normal
+
+0	belong&0377777777	041400507	a.out NetBSD/i386 core
+>0	use			netbsd-core
+
 0	belong&0377777777	041600413	a.out NetBSD/m68k demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-8192
+
 0	belong&0377777777	041600410	a.out NetBSD/m68k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	041600407	a.out NetBSD/m68k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	041600507	a.out NetBSD/m68k core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042000413	a.out NetBSD/m68k4k demand paged
->0	byte			&0x80
->>20	belong			<4096		shared library
->>20	belong			=4096		dynamically linked executable
->>20	belong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-4096
+
 0	belong&0377777777	042000410	a.out NetBSD/m68k4k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042000407	a.out NetBSD/m68k4k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	042000507	a.out NetBSD/m68k4k core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042200413	a.out NetBSD/ns32532 demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	042200410	a.out NetBSD/ns32532 pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	042200407	a.out NetBSD/ns32532
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	042200507	a.out NetBSD/ns32532 core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	045200507	a.out NetBSD/powerpc core
->12	string			>\0		from '%s'
+>0	use			netbsd-core
 
 0	belong&0377777777	042400413	a.out NetBSD/SPARC demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-8192
+
 0	belong&0377777777	042400410	a.out NetBSD/SPARC pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042400407	a.out NetBSD/SPARC
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	042400507	a.out NetBSD/SPARC core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042600413	a.out NetBSD/pmax demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	042600410	a.out NetBSD/pmax pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042600407	a.out NetBSD/pmax
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	042600507	a.out NetBSD/pmax core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	043000413	a.out NetBSD/vax 1k demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	043000410	a.out NetBSD/vax 1k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043000407	a.out NetBSD/vax 1k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	043000507	a.out NetBSD/vax 1k core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	045400413	a.out NetBSD/vax 4k demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	045400410	a.out NetBSD/vax 4k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	045400407	a.out NetBSD/vax 4k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	045400507	a.out NetBSD/vax 4k core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 # NetBSD/alpha does not support (and has never supported) a.out objects,
 # so no rules are provided for them.  NetBSD/alpha ELF objects are
@@ -20217,50 +22633,31 @@
 >32	lelong			!0		(signal %d)
 
 0	belong&0377777777	043400413	a.out NetBSD/mips demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
+>0	use			\^netbsd-8192
+
 >16	belong			>0		not stripped
 0	belong&0377777777	043400410	a.out NetBSD/mips pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043400407	a.out NetBSD/mips
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	043400507	a.out NetBSD/mips core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	043600413	a.out NetBSD/arm32 demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	043600410	a.out NetBSD/arm32 pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043600407	a.out NetBSD/arm32
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 # NetBSD/arm26 has always used ELF objects, but it shares a core file
 # format with NetBSD/arm32.
 0	belong&0377777777	043600507	a.out NetBSD/arm core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 # Kernel core dump format
 0	belong&0x0000ffff 0x00008fca	NetBSD kernel core file
@@ -20369,9 +22766,9 @@
 8	belong		0x137A2B48	X11/NeWS font family
 
 #------------------------------------------------------------------------------
-# $File: nitpicker,v 1.7 2017/03/17 21:35:28 christos Exp $
+# $File: nitpicker,v 1.8 2019/04/19 00:42:27 christos Exp $
 # nitpicker:  file(1) magic for Flowfiles.
-# From: Christian Jachmann <C.Jachmann@gmx.net> http://www.nitpicker.de
+# From: Christian Jachmann <C.Jachmann@gmx.net> https://www.nitpicker.de
 0	string	NPFF	NItpicker Flow File
 >4	byte	x	V%d.
 >5	byte	x	%d
@@ -20382,6 +22779,15 @@
 >22	belong	x	Flows: %u
 >26	belong	x	Pkts: %u
 
+#------------------------------------------------------------------------------
+# $File: numpy,v 1.1 2019/05/09 16:24:36 christos Exp $
+# numpy: file(1) magic for NumPy array binary serialization format
+# Reference: https://docs.scipy.org/doc/numpy/reference/generated/numpy.lib.format.html
+0	string		\x93NUMPY	NumPy array,
+>6	ubyte		x		version %d
+>7	ubyte		x		\b.%d,
+>8	uleshort	x		header length %d
+
 #------------------------------------------------------------------------------
 # $File: oasis,v 1.2 2014/06/03 19:17:27 christos Exp $
 # OASIS
@@ -20415,7 +22821,7 @@
 0	string		Octave-1-B	Octave binary data (big endian)
 
 #------------------------------------------------------------------------------
-# $File: ole2compounddocs,v 1.5 2017/10/27 21:43:23 christos Exp $
+# $File: ole2compounddocs,v 1.6 2019/04/19 00:42:27 christos Exp $
 # Microsoft OLE 2 Compound Documents : file(1) magic for Microsoft Structured
 # storage (https://en.wikipedia.org/wiki/Compound_File_Binary_Format)
 # Additional tests for OLE 2 Compound Documents should be under this recipe.
@@ -20430,7 +22836,7 @@
 
 # Note: moved & merged Microsoft Office parts from ./msdos Oct 2017
 # Update: Joerg Jenderek
-# from http://filext.com by Derek M Jones <derek@knosof.co.uk>
+# from https://filext.com by Derek M Jones <derek@knosof.co.uk>
 # False positive with PPT (also currently this string is too long)
 #0	string/b	\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x3E\x00\x03\x00\xFE\xFF\x09\x00\x06	Microsoft Installer
 #0	string/b	\320\317\021\340\241\261\032\341	Microsoft Office Document
@@ -20724,7 +23130,7 @@
 0	short		0565	i386 COFF object
 
 #------------------------------------------------------------------------------
-# $File: palm,v 1.13 2014/03/30 21:40:08 christos Exp $
+# $File: palm,v 1.14 2019/04/19 00:42:27 christos Exp $
 # palm:	 file(1) magic for PalmOS {.prc,.pdb}: applications, docfiles, and hacks
 #
 # Brian Lalor <blalor@hcirisc.cs.binghamton.edu>
@@ -20867,8 +23273,8 @@
 # Palm OS .prc file types
 60		string		libr
 # flags, only bit 0 or bit 6
-# http://en.wikipedia.org/wiki/PRC_%28Palm_OS%29
-# http://web.mit.edu/tytso/www/pilot/prc-format.html
+# https://en.wikipedia.org/wiki/PRC_%28Palm_OS%29
+# https://web.mit.edu/tytso/www/pilot/prc-format.html
 >0x20		beshort&0xffbe	0
 >>0		string		>\0		Palm OS dynamic library data "%s"
 60		string		ptch		Palm OS operating system patch data
@@ -20891,9 +23297,9 @@
 >19	byte&0x02	0x00	object
 >19	byte&0x0c	0x00	not stripped
 #------------------------------------------------------------------------------
-# $File: parrot,v 1.1 2010/07/08 20:18:40 christos Exp $
+# $File: parrot,v 1.2 2019/04/19 00:42:27 christos Exp $
 # parrot: file(1) magic for Parrot Virtual Machine
-# URL:	http://www.lua.org/
+# URL:	https://www.lua.org/
 # From: Lubomir Rintel <lkundrak@v3.sk>
 
 # Compiled Parrot byte code
@@ -20924,11 +23330,11 @@
 #!:mime	text/x-pascal
 
 #------------------------------------------------------------------------------
-# $File: pbf,v 1.2 2017/01/18 16:16:21 christos Exp $
+# $File: pbf,v 1.3 2019/04/19 00:42:27 christos Exp $
 # file(1) magic(5) data for OpenStreetMap
 
 # OpenStreetMap Protocolbuffer Binary Format (.osm.pbf)
-# http://wiki.openstreetmap.org/wiki/PBF_Format
+# https://wiki.openstreetmap.org/wiki/PBF_Format
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	belong&0xfffffff0	0
 >4	beshort			0x0A09
@@ -20988,7 +23394,7 @@
 
 # Maki-chan v2 Graphic format
 # http://www.jisyo.com/viewer/faq/mag_tech.htm
-# http://mooncore.eu/bunny/txt/makichan.htm
+# https://mooncore.eu/bunny/txt/makichan.htm
 # http://metanest.jp/mag/mag.xhtml
 0	string/b		MAKI02\ \ 	Maki-chan v2 image,
 >8	byte		x		system ID: %c
@@ -21044,17 +23450,19 @@
 >>>&12	ubeshort	x		\b%d
 
 #------------------------------------------------------------------------------
-# $File: pdf,v 1.9 2017/05/24 17:35:20 christos Exp $
+# $File: pdf,v 1.10 2018/05/23 22:21:01 christos Exp $
 # pdf:  file(1) magic for Portable Document Format
 #
 
 0	string		%PDF-		PDF document
 !:mime	application/pdf
+!:strength +60
 >5	byte		x		\b, version %c
 >7	byte		x		\b.%c
 
 0	string		\012%PDF-	PDF document
 !:mime	application/pdf
+!:strength +60
 >6	byte		x		\b, version %c
 >8	byte		x		\b.%c
 
@@ -21062,11 +23470,13 @@
 # Forms Data Format
 0       string          %FDF-           FDF document
 !:mime application/vnd.fdf
+!:strength +60
 >5      byte            x               \b, version %c
 >7      byte            x               \b.%c
 
 0	search/256	%PDF-		PDF document
 !:mime	application/pdf
+!:strength +60
 >&0	byte		x		\b, version %c
 >&2	byte		x		\b.%c
 
@@ -21265,9 +23675,9 @@
 #>>(4.l+12)	lelong x level 2 size: %d
 
 #------------------------------------------------------------------------------
-# $File: pgp,v 1.15 2018/02/24 16:11:23 christos Exp $
+# $File: pgp,v 1.17 2019/04/19 00:42:27 christos Exp $
 # pgp:  file(1) magic for Pretty Good Privacy
-# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
+# see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
 #
 # Update: Joerg Jenderek
 # Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP`
@@ -21339,7 +23749,7 @@
 # Decode the type of the packet based on it's base64 encoding.
 # Idea from Mark Martinec
 # The specification is in RFC 4880, section 4.2 and 4.3:
-# http://tools.ietf.org/html/rfc4880#section-4.2
+# https://tools.ietf.org/html/rfc4880#section-4.2
 
 0	name		pgp
 >0	byte		0x67		Reserved (old)
@@ -21782,9 +24192,9 @@
 
 # PGP RSA (e=65537) secret (sub-)key header
 
-0	byte	0x95			PGP	Secret Key -
+0	byte	0x95			PGP Secret Key -
 >1	use	pgpkey
-0	byte	0x97			PGP	Secret Sub-key -
+0	byte	0x97			PGP Secret Sub-key -
 >1	use	pgpkey
 0	byte	0x9d
 # Update: Joerg Jenderek
@@ -21869,14 +24279,14 @@
 >15	byte		>0x02		- Bad Flags
 
 #------------------------------------------------------------------------------
-# $File: polyml,v 1.1 2016/02/26 15:52:45 christos Exp $
+# $File: polyml,v 1.2 2019/04/19 00:42:27 christos Exp $
 # polyml:  file(1) magic for PolyML
 #
 # PolyML
 # MPEG, FLI, DL originally from vax@ccwf.cc.utexas.edu (VaX#n8)
 # FLC, SGI, Apple originally from Daniel Quinlan (quinlan@yggdrasil.com)
 
-# [0]: http://www.polyml.org/
+# [0]: https://www.polyml.org/
 # [1]: https://github.com/polyml/polyml/blob/master/\
 #	libpolyml/savestate.cpp#L146-L147
 # [2]: https://github.com/polyml/polyml/blob/master/\
@@ -21892,7 +24302,7 @@
 >8	long	x		version %u
 
 #------------------------------------------------------------------------------
-# $File: printer,v 1.28 2017/03/17 22:20:22 christos Exp $
+# $File: printer,v 1.29 2019/04/19 00:42:27 christos Exp $
 # printer:  file(1) magic for printer-formatted files
 #
 
@@ -21932,7 +24342,7 @@
 
 # Summary: Adobe's PostScript Printer Description File
 # Extension: .ppd
-# Reference: http://partners.adobe.com/public/developer/en/ps/5003.PPD_Spec_v4.3.pdf, Section 3.8
+# Reference: https://partners.adobe.com/public/developer/en/ps/5003.PPD_Spec_v4.3.pdf, Section 3.8
 # Submitted by: Yves Arrouye <arrouye@marin.fdn.fr>
 #
 0	string		*PPD-Adobe:\x20	PPD file
@@ -22066,11 +24476,11 @@
 >>4	string	>\0	from kernel %s
 
 #------------------------------------------------------------------------------
-# $File: psl,v 1.2 2016/07/14 17:34:27 christos Exp $
+# $File: psl,v 1.3 2019/04/19 00:42:27 christos Exp $
 # psl:  file(1) magic for Public Suffix List representations
 # From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 # URL: https://publicsuffix.org
-# see also: http://thread.gmane.org/gmane.network.dns.libpsl.bugs/162/focus=166
+# see also: https://thread.gmane.org/gmane.network.dns.libpsl.bugs/162/focus=166
 
 0	search/512	\n\n//\ ===BEGIN\ ICANN\ DOMAINS===\n\n Public Suffix List data
 
@@ -22093,15 +24503,15 @@
 
 
 #------------------------------------------------------------------------------
-# $File: pwsafe,v 1.1 2012/10/25 00:12:19 christos Exp $
+# $File: pwsafe,v 1.2 2019/04/19 00:42:27 christos Exp $
 # pwsafe: file(1) magic for passwordsafe file
 #
 # Password Safe
 # http://passwordsafe.sourceforge.net/
 # file format specs
-# http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV3.txt
-# V2 http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV2.txt
-# V1 http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/notes.txt
+# https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV3.txt
+# V2 https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV2.txt
+# V1 https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/notes.txt
 # V2 and V1 have no easy identifier that I can find
 # .psafe3
 0	string	PWS3	Password Safe V3 database
@@ -22119,7 +24529,7 @@
 >16	long		>0		not stripped
 
 #------------------------------------------------------------------------------
-# $File: python,v 1.34 2017/08/14 07:40:38 christos Exp $
+# $File: python,v 1.36 2019/04/09 18:28:25 christos Exp $
 # python:  file(1) magic for python
 #
 # Outlook puts """ too for urgent messages
@@ -22146,7 +24556,7 @@
 0	belong		0x160d0d0a	python 3.5.1- byte-compiled
 0	belong		0x170d0d0a	python 3.5.2+ byte-compiled
 0	belong		0x330d0d0a	python 3.6 byte-compiled
-0	belong		0x3e0d0d0a	python 3.7 byte-compiled
+0	belong		0x420d0d0a	python 3.7 byte-compiled
 
 
 0	search/1/w	#!\ /usr/bin/python	Python script text executable
@@ -22164,7 +24574,8 @@
 
 
 # from module.submodule import func1, func2
-0	regex		\^from[\040\t\f\r\n]+([A-Za-z0-9_]|\\.)+[\040\t\f\r\n]+import.*$	Python script text executable
+0	search/8192	import
+>0	regex		\^from[\040\t\f\r\n]+([A-Za-z0-9_]|\\.)+[\040\t\f\r\n]+import.*$	Python script text executable
 !:strength + 15
 !:mime text/x-python
 
@@ -22182,7 +24593,8 @@
 !:mime text/x-python
 
 # import module [as abrev]
-0	regex	\^import\ [_[:alpha:]]+\ as\ [[:alpha:]][[:space:]]*$ Python script text executable
+0	search/8192	import
+>0	regex	\^import\ [_[:alpha:]]+\ as\ [[:alpha:]][[:space:]]*$ Python script text executable
 !:mime text/x-python
 
 # comments
@@ -22205,21 +24617,23 @@
 !:mime text/x-python
 
 # class name[(base classes,)]: [pass]
-0	regex	\^class\ [_[:alpha:]]+(\\(.*\\))?(\ )*:([\ \t]+pass)?$		Python script text executable
+0	search/8192	class
+>0	regex	\^class\ [_[:alpha:]]+(\\(.*\\))?(\ )*:([\ \t]+pass)?$		Python script text executable
 !:strength + 15
 !:mime text/x-python
 
 # def name(*args, **kwargs):
-0	regex	 \^[[:space:]]{0,50}def\ {1,50}[_a-zA-Z]{1,100}
->&0	regex	 \\(([[:alpha:]*_,\ ]){0,255}\\):$ Python script text executable
+0	search/8192	def\ 
+>0	regex	 \^[[:space:]]{0,50}def\ {1,50}[_a-zA-Z]{1,100}
+>>&0	regex	 \\(([[:alpha:]*_,\ ]){0,255}\\):$ Python script text executable
 !:strength + 15
 !:mime text/x-python
 
 #------------------------------------------------------------------------------
-# $File: qt,v 1.2 2014/12/16 19:49:29 christos Exp $
+# $File: qt,v 1.3 2019/04/19 00:42:27 christos Exp $
 # qt:  file(1) magic for Qt
 
-# http://doc.qt.io/qt-5/resources.html
+# https://doc.qt.io/qt-5/resources.html
 0	string		\<!DOCTYPE\040RCC\>	Qt Resource Collection file
 
 # https://qt.gitorious.org/qt/qtbase/source/\
@@ -22235,7 +24649,7 @@
 >8	string		\xcd\x21\x1c\xbf\x60\xa1\xbd\xdd	Qt Translation file
 
 #------------------------------------------------------------------------------
-# $File: revision,v 1.10 2017/10/19 16:40:37 christos Exp $
+# $File: revision,v 1.11 2019/04/19 00:42:27 christos Exp $
 # file(1) magic for revision control files
 # From Hendrik Scholz <hendrik@scholz.net>
 0	string/t	/1\ :pserver:	cvs password text file
@@ -22295,17 +24709,17 @@
 >28	string	>\0				(version: %s)
 
 # Type:	Bazaar revision bundles and merge requests
-# URL:	http://www.bazaar-vcs.org/
+# URL:	https://www.bazaar-vcs.org/
 # From:	Jelmer Vernooij <jelmer@samba.org>
 0	string	#\ Bazaar\ revision\ bundle\ v Bazaar Bundle
 0	string	#\ Bazaar\ merge\ directive\ format Bazaar merge directive
 
 #------------------------------------------------------------------------------
-# $File: riff,v 1.33 2017/10/06 01:11:24 christos Exp $
+# $File: riff,v 1.34 2019/04/19 00:42:27 christos Exp $
 # riff:  file(1) magic for RIFF format
 # See
 #
-#	http://www.seanet.com/users/matts/riffmci/riffmci.htm
+#	https://www.seanet.com/users/matts/riffmci/riffmci.htm
 #	http://www-mmsp.ece.mcgill.ca/Documents/AudioFormats/WAVE/Docs/riffmci.pdf
 #
 
@@ -22374,7 +24788,7 @@
 # RIFF Palette format
 # Update: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/Resource_Interchange_File_Format
-# Reference: http://worms2d.info/Palette_file
+# Reference: https://worms2d.info/Palette_file
 >8	string		PAL\ 		\b, palette
 !:mime	application/x-riff
 # color palette by Microsoft Corporation
@@ -22551,7 +24965,7 @@
 # MPEG-1 wrapped in a RIFF, apparently
 >8      string          CDXA            \b, wrapped MPEG-1 (CDXA)
 >8	string		4XMV		\b, 4X Movie file
-# AMV-type AVI file: http://wiki.multimedia.cx/index.php?title=AMV
+# AMV-type AVI file: https://wiki.multimedia.cx/index.php?title=AMV
 >8	string		AMV\040		\b, AMV
 >8      string          WEBP            \b, Web/P image
 !:mime	image/webp
@@ -22623,7 +25037,7 @@
 
 #------------------------------------------------------------------------------
 # MBWF/RF64
-# see EBU TECH 3306 http://tech.ebu.ch/docs/tech/tech3306-2009.pdf
+# see EBU TECH 3306 https://tech.ebu.ch/docs/tech/tech3306-2009.pdf
 0	string	RF64\xff\xff\xff\xffWAVEds64		MBWF/RF64 audio
 !:mime	audio/x-wav
 >40	search/256	fmt\x20		\b
@@ -22692,6 +25106,13 @@
 >>8	beshort		18		Xtensa
 >>10	string		x		%s
 
+#------------------------------------------------------------------------------
+# $File: rpmsg,v 1.1 2019/04/19 00:40:47 christos Exp $
+# rpmsg: file(1) magic for restricted-permission messages (or "rights-protected" messages)
+# see https://en.wikipedia.org/wiki/Rpmsg
+
+0	string	\x76\xe8\x04\x60\xc4\x11\xe3\x86	rpmsg Restricted Permission Message
+
 #------------------------------------------------------------------------------
 # $File: rtf,v 1.7 2009/09/19 16:28:12 christos Exp $
 # rtf:	file(1) magic for Rich Text Format (RTF)
@@ -22709,9 +25130,9 @@
 >5	default		x		unknown version
 
 #------------------------------------------------------------------------------
-# $File: ruby,v 1.7 2017/08/14 13:39:18 christos Exp $
+# $File: ruby,v 1.9 2019/04/19 00:42:27 christos Exp $
 # ruby:  file(1) magic for Ruby scripting language
-# URL:  http://www.ruby-lang.org/
+# URL:  https://www.ruby-lang.org/
 # From: Reuben Thomas <rrt@sc3d.org>
 
 # Ruby scripts
@@ -22731,9 +25152,10 @@
 # What looks like ruby, but does not have a shebang
 # (modules and such)
 # From: Lubomir Rintel <lkundrak@v3.sk>
-0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'
->0	regex		def\ [a-z]|\ do$
->>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+0	search/8192	require
+>0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'
+>>0	regex		def\ [a-z]|\ do$
+>>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
 !:strength + 30
 !:mime	text/x-ruby
 0	regex		\^[[:space:]]*(class|module)[[:space:]][A-Z]
@@ -22749,14 +25171,17 @@
 # Looks for function definition to balance python magic
 # def name (args)
 # end
-0	regex		\^[[:space:]]*def\ [a-z]|def\ [[:alpha:]]+::[a-z]
->&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+0	search/8192	def\ 
+>0	regex		\^[[:space:]]*def\ [a-z]|def\ [[:alpha:]]+::[a-z]
+>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
 !:strength + 10
 !:mime	text/x-ruby
 
-0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'	Ruby script text
+0	search/8192	require
+>0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'	Ruby script text
 !:mime	text/x-ruby
-0 regex 	\^[[:space:]]*include\ ([A-Z]+[a-z]*(::))+	Ruby script text
+0	search/8192	include
+>0 regex 	\^[[:space:]]*include\ ([A-Z]+[a-z]*(::))+	Ruby script text
 !:mime	text/x-ruby
 
 #------------------------------------------------------------------------------
@@ -22789,7 +25214,7 @@
 8	string		\001s\ 			SCCS archive data
 
 #------------------------------------------------------------------------------
-# $File: scientific,v 1.12 2017/03/17 22:20:22 christos Exp $
+# $File: scientific,v 1.13 2019/04/19 00:42:27 christos Exp $
 # scientific:  file(1) magic for scientific formats
 #
 # From: Joe Krahn <krahn@niehs.nih.gov>
@@ -22864,8 +25289,8 @@
 # PDB: Protein Data Bank files
 # Adam Buchbinder <adam.buchbinder@gmail.com>
 #
-# http://www.wwpdb.org/documentation/format32/sect2.html
-# http://www.ch.ic.ac.uk/chemime/
+# https://www.wwpdb.org/documentation/format32/sect2.html
+# https://www.ch.ic.ac.uk/chemime/
 #
 # The PDB file format is fixed-field, 80 columns. From the spec:
 #
@@ -22906,7 +25331,7 @@
 0	belong	0xedfeedfe	Sun 'jks' Java Keystore File data
 # Type:	SE Linux policy modules *.pp reference policy
 #	for Fedora 5 to 9, RHEL5, and Debian Etch and Lenny.
-# URL:	http://doc.coker.com.au/computers/selinux-magic
+# URL:	https://doc.coker.com.au/computers/selinux-magic
 # From:	Russell Coker <russell@coker.com.au>
 
 0		lelong	0xf97cff8f	SE Linux modular policy
@@ -22930,7 +25355,7 @@
 #0	search	gen_sens(	SE Linux policy MLS constraints source
 
 #------------------------------------------------------------------------------
-# $File: sendmail,v 1.10 2017/08/13 00:21:47 christos Exp $
+# $File: sendmail,v 1.11 2019/04/19 00:42:27 christos Exp $
 # sendmail:  file(1) magic for sendmail config files
 #
 # XXX - byte order?
@@ -22942,7 +25367,7 @@
 # Email_23_f217153422.ts Sendmail frozen configuration
 # - version \330jK\354
 0	byte	046
-# http://www.sendmail.com/sm/open_source/docs/older_release_notes/
+# https://www.sendmail.com/sm/open_source/docs/older_release_notes/
 # freezed configuration file (dbm format?) created from sendmal.cf with -bz
 # by older sendmail. til version 8.6 support for frozen configuration files is removed
 # valid version numbers look like "7.14.4" and should be similar to output of commands
@@ -22967,7 +25392,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sequent,v 1.13 2017/03/17 21:35:28 christos Exp $
+# $File: sequent,v 1.14 2019/04/19 00:42:27 christos Exp $
 # sequent:  file(1) magic for Sequent machines
 #
 # Sequent information updated by Don Dwiggins <atsun!dwiggins>.
@@ -22997,7 +25422,7 @@
 0	leshort	0x32eb		SYMMETRY i386 executable (invalid @ 0)
 >16	lelong	>0		not stripped
 >124	lelong	>0		version %d
-# http://en.wikipedia.org/wiki/Sequent_Computer_Systems
+# https://en.wikipedia.org/wiki/Sequent_Computer_Systems
 # below test line conflicts with MS-DOS 2.11 floppies and Acronis loader
 #0	leshort	0x42eb		SYMMETRY i386 standalone executable
 0	leshort	0x42eb
@@ -23044,7 +25469,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sgi,v 1.22 2015/08/29 07:10:35 christos Exp $
+# $File: sgi,v 1.23 2018/05/29 02:26:56 christos Exp $
 # sgi:  file(1) magic for Silicon Graphics operating systems and applications
 #
 # Executable images are handled either in aout (for old-style a.out
@@ -23114,8 +25539,6 @@
 4	belong	0x00000010		GLS_BINARY_MSB_FIRST
 !:strength -30
 
-#
-#
 # Performance Co-Pilot file types
 0	string	PmNs				PCP compiled namespace (V.0)
 0	string	PmN				PCP compiled namespace
@@ -23158,6 +25581,8 @@
 >16	string	>\0				(V.%1.1s)
 3	string	pmieconf-pmie			PCP pmie config
 >17	string	>\0				(V.%1.1s)
+0	string	MMV				PCP memory mapped values
+>4	long	x				(V.%d)
 
 # SpeedShop data files
 0	lelong	0x13130303			SpeedShop data file
@@ -23182,7 +25607,7 @@
 8	string	DEEP		Alias Maya Image File
 
 #------------------------------------------------------------------------------
-# $File: sgml,v 1.38 2017/10/11 11:40:43 christos Exp $
+# $File: sgml,v 1.39 2019/04/19 00:42:27 christos Exp $
 # Type:	SVG Vectorial Graphics
 # From:	Noel Torres <tecnico@ejerciciosresueltos.com>
 0	string		\<?xml\ version=
@@ -23201,7 +25626,7 @@
 !:mime	application/xml-sitemap
 
 # OpenStreetMap XML (.osm)
-# http://wiki.openstreetmap.org/wiki/OSM_XML
+# https://wiki.openstreetmap.org/wiki/OSM_XML
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	string		\<?xml\ version=
 >14	regex		['"\ \t]*[0-9.]+['"\ \t]*
@@ -23470,7 +25895,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sniffer,v 1.19 2013/01/06 01:11:04 christos Exp $
+# $File: sniffer,v 1.25 2019/05/05 17:03:41 christos Exp $
 # sniffer:  file(1) magic for packet capture files
 #
 # From: guy@alum.mit.edu (Guy Harris)
@@ -23512,7 +25937,7 @@
 # Sorry, make that "Network Associates Sniffer capture files."
 # Sorry, make that "Network General old DOS Sniffer capture files."
 #
-0	string		TRSNIFF\ data\ \ \ \ \032	Sniffer capture file
+0	string		TRSNIFF\040data\040\040\040\040\032	Sniffer capture file
 >33	byte		2		(compressed)
 >23	leshort		x		- version %d
 >25	leshort		x		\b.%d
@@ -23547,6 +25972,7 @@
 
 #
 # "libpcap" capture files.
+# https://www.tcpdump.org/manpages/pcap-savefile.5.html
 # (We call them "tcpdump capture file(s)" for now, as "tcpdump" is
 # the main program that uses that format, but there are other programs
 # that use "libpcap", or that use the same capture file format.)
@@ -23554,6 +25980,8 @@
 0	name		pcap-be
 >4	beshort		x		- version %d
 >6	beshort		x		\b.%d
+# clear that continuation level match
+>20	clear		x
 >20	belong		0		(No link-layer encapsulation
 >20	belong		1		(Ethernet
 >20	belong		2		(3Mb Ethernet
@@ -23584,7 +26012,7 @@
 >20	belong		108		(OpenBSD loopback
 >20	belong		109		(OpenBSD IPsec encrypted
 >20	belong		112		(Cisco HDLC
->20	belong		113		(Linux "cooked"
+>20	belong		113		(Linux cooked v1
 >20	belong		114		(LocalTalk
 >20	belong		117		(OpenBSD PFLOG
 >20	belong		119		(802.11 with Prism header
@@ -23592,13 +26020,21 @@
 >20	belong		123		(SunATM
 >20	belong		127		(802.11 with radiotap header
 >20	belong		129		(Linux ARCNET
+>20	belong		130		(Juniper Multi-Link PPP
+>20	belong		131		(Juniper Multi-Link Frame Relay
+>20	belong		132		(Juniper Encryption Services PIC
+>20	belong		133		(Juniper GGSN PIC
+>20	belong		134		(Juniper FRF.16 Frame Relay
+>20	belong		135		(Juniper ATM2 PIC
+>20	belong		136		(Juniper Advanced Services PIC
+>20	belong		137		(Juniper ATM1 PIC
 >20	belong		138		(Apple IP over IEEE 1394
->20	belong		139		(MTP2 with pseudo-header
->20	belong		140		(MTP2
->20	belong		141		(MTP3
->20	belong		142		(SCCP
+>20	belong		139		(SS7 MTP2 with pseudo-header
+>20	belong		140		(SS7 MTP2
+>20	belong		141		(SS7 MTP3
+>20	belong		142		(SS7 SCCP
 >20	belong		143		(DOCSIS
->20	belong		144		(IrDA
+>20	belong		144		(Linux IrDA
 >20	belong		147		(Private use 0
 >20	belong		148		(Private use 1
 >20	belong		149		(Private use 2
@@ -23616,16 +26052,41 @@
 >20	belong		161		(Private use 14
 >20	belong		162		(Private use 15
 >20	belong		163		(802.11 with AVS header
+>20	belong		164		(Juniper Passive Monitor PIC
 >20	belong		165		(BACnet MS/TP
 >20	belong		166		(PPPD
+>20	belong		167		(Juniper PPPoE
+>20	belong		168		(Juniper PPPoE/ATM
 >20	belong		169		(GPRS LLC
+>20	belong		170		(GPF-T
+>20	belong		171		(GPF-F
+>20	belong		174		(Juniper PIC Peer
+>20	belong		175		(Ethernet with Endace ERF header
+>20	belong		176		(Packet-over-SONET with Endace ERF header
 >20	belong		177		(Linux LAPD
+>20	belong		178		(Juniper Ethernet
+>20	belong		179		(Juniper PPP
+>20	belong		180		(Juniper Frame Relay
+>20	belong		181		(Juniper C-HDLC
+>20	belong		182		(FRF.16 Frame Relay
+>20	belong		183		(Juniper Voice PIC
+>20	belong		184		(Arinc 429
+>20	belong		185		(Arinc 653 Interpartition Communication
+>20	belong		186		(USB with FreeBSD header
 >20	belong		187		(Bluetooth HCI H4
+>20	belong		188		(802.16 MAC Common Part Sublayer
 >20	belong		189		(Linux USB
+>20	belong		190		(Controller Area Network (CAN) v. 2.0B
+>20	belong		191		(802.15.4 with Linux padding
 >20	belong		192		(PPI
->20	belong		195		(802.15.4
+>20	belong		193		(802.16 MAC Common Part Sublayer plus radiotap header
+>20	belong		194		(Juniper Integrated Service Module
+>20	belong		195		(802.15.4 with FCS
 >20	belong		196		(SITA
 >20	belong		197		(Endace ERF
+>20	belong		198		(Ethernet with u10 Networks pseudo-header
+>20	belong		199		(IPMB
+>20	belong		200		(Juniper Secure Tunnel
 >20	belong		201		(Bluetooth HCI H4 with pseudo-header
 >20	belong		202		(AX.25 with KISS header
 >20	belong		203		(LAPD
@@ -23634,7 +26095,12 @@
 >20	belong		206		(Frame Relay with direction pseudo-header
 >20	belong		209		(Linux IPMB
 >20	belong		215		(802.15.4 with non-ASK PHY header
+>20	belong		216		(Linux evdev events
+>20	belong		219		(MPLS with label as link-layer header
 >20	belong		220		(Memory-mapped Linux USB
+>20	belong		221		(DECT
+>20	belong		222		(AOS Space Data Link protocol
+>20	belong		223		(Wireless HART
 >20	belong		224		(Fibre Channel FC-2
 >20	belong		225		(Fibre Channel FC-2 with frame delimiters
 >20	belong		226		(Solaris IPNET
@@ -23643,69 +26109,114 @@
 >20	belong		229		(Raw IPv6
 >20	belong		230		(802.15.4 without FCS
 >20	belong		231		(D-Bus messages
+>20	belong		232		(Juniper Virtual Server
+>20	belong		233		(Juniper SRX E2E
+>20	belong		234		(Juniper Fibre Channel
 >20	belong		235		(DVB-CI
 >20	belong		236		(MUX27010
 >20	belong		237		(STANAG 5066 D_PDUs
->20	belong		239		(Linux netlink NFLOG messages
+>20	belong		238		(Juniper ATM CEMIC
+>20	belong		239		(Linux netfilter log messages
 >20	belong		240		(Hilscher netAnalyzer
 >20	belong		241		(Hilscher netAnalyzer with delimiters
 >20	belong		242		(IP-over-Infiniband
 >20	belong		243		(MPEG-2 Transport Stream packets
 >20	belong		244		(ng4t ng40
 >20	belong		245		(NFC LLCP
->20	belong		247		(Infiniband
+>20	belong		246		(Packet filter state syncing
+>20	belong		247		(InfiniBand
 >20	belong		248		(SCTP
->16	belong		x		\b, capture length %d)
+>20	belong		249		(USB with USBPcap header
+>20	belong		250		(Schweitzer Engineering Laboratories RTAC packets
+>20	belong		251		(Bluetooth Low Energy air interface
+>20	belong		252		(Wireshark Upper PDU export
+>20	belong		253		(Linux netlink
+>20	belong		254		(Bluetooth Linux Monitor
+>20	belong		255		(Bluetooth Basic Rate/Enhanced Data Rate baseband packets
+>20	belong		256		(Bluetooth Low Energy air interface with pseudo-header
+>20	belong		257		(PROFIBUS data link layer
+>20	belong		258		(Apple DLT_PKTAP
+>20	belong		259		(Ethernet with 802.3 Clause 65 EPON preamble
+>20	belong		260		(IPMI trace packets
+>20	belong		261		(Z-Wave RF profile R1 and R2 packets
+>20	belong		262		(Z-Wave RF profile R3 packets
+>20	belong		263		(WattStopper Digital Lighting Mngmt/Legrand Nitoo Open Proto
+>20	belong		264		(ISO 14443 messages
+>20	belong		265		(IEC 62106 Radio Data System groups
+>20	belong		266		(USB with Darwin header
+>20	belong		267		(OpenBSD DLT_OPENFLOW
+>20	belong		268		(IBM SDLC frames
+>20	belong		269		(TI LLN sniffer frames
+>20	belong		271		(Linux vsock
+>20	belong		272		(Nordic Semiconductor Bluetooth LE sniffer frames
+>20	belong		273		(Excentis XRA-31 DOCSIS 3.1 RF sniffer frames
+>20	belong		274		(802.3br mPackets
+>20	belong		275		(DisplayPort AUX channel monitoring data
+>20	belong		276		(Linux cooked v2
+>20	belong		278		(OpenVizsla USB
+>20	belong		279		(Elektrobit High Speed Capture and Replay (EBHSCR)
+>20	belong		281		(Broadcom tag
+>20	belong		282		(Broadcom tag (prepended)
+# print default match
+>20	default		x
+>>20	belong		x		(linktype#%u
+>16	belong		x		\b, capture length %u)
 
-0	ubelong		0xa1b2c3d4	tcpdump capture file (big-endian)
+# packets time stamps in seconds and microseconds.
+0	ubelong		0xa1b2c3d4	pcap capture file, microseconds ts (big-endian)
 !:mime	application/vnd.tcpdump.pcap
 >0	use	pcap-be
-0	ulelong		0xa1b2c3d4	tcpdump capture file (little-endian)
+0	ulelong		0xa1b2c3d4	pcap capture file, microsecond ts (little-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	\^pcap-be
+
+# packets time stamps in seconds and nanoseconds.
+0	ubelong		0xa1b23c4d	pcap capture file, nanosecond ts (big-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	pcap-be
+0	ulelong		0xa1b23c4d	pcap capture file, nanosecond ts (little-endian)
 !:mime	application/vnd.tcpdump.pcap
 >0	use	\^pcap-be
 
 #
 # "libpcap"-with-Alexey-Kuznetsov's-patches capture files.
-# (We call them "tcpdump capture file(s)" for now, as "tcpdump" is
-# the main program that uses that format, but there are other programs
-# that use "libpcap", or that use the same capture file format.)
 #
-0	ubelong		0xa1b2cd34	extended tcpdump capture file (big-endian)
+0	ubelong		0xa1b2cd34	pcap capture file, microsecond ts, extensions (big-endian)
 >0	use	pcap-be
-0	ulelong		0xa1b2cd34	extended tcpdump capture file (little-endian)
+0	ulelong		0xa1b2cd34	pcap capture file, microsecond ts, extensions (little-endian)
 >0	use	\^pcap-be
 
 #
-# "pcap-ng" capture files.
-# http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html
-# Pcap-ng files can contain multiple sections. Printing the endianness,
+# "pcapng" capture files.
+# https://github.com/pcapng/pcapng
+# Pcapng files can contain multiple sections. Printing the endianness,
 # snaplen, or other information from the first SHB may be misleading.
 #
 0	ubelong		0x0a0d0d0a
->8	ubelong		0x1a2b3c4d	pcap-ng capture file
+>8	ubelong		0x1a2b3c4d	pcapng capture file
 >>12	beshort		x		- version %d
 >>14	beshort		x		\b.%d
 0	ulelong		0x0a0d0d0a
->8	ulelong		0x1a2b3c4d	pcap-ng capture file
+>8	ulelong		0x1a2b3c4d	pcapng capture file
 >>12	leshort		x		- version %d
 >>14	leshort		x		\b.%d
 
 #
 # AIX "iptrace" capture files.
 #
-0	string		iptrace\ 1.0	"iptrace" capture file
-0	string		iptrace\ 2.0	"iptrace" capture file
+0	string		iptrace\0401.0	AIX iptrace capture file
+0	string		iptrace\0402.0	AIX iptrace capture file
 
 #
 # Novell LANalyzer capture files.
 #
-0	leshort		0x1001		LANalyzer capture file
-0	leshort		0x1007		LANalyzer capture file
+0	leshort		0x1001		Novell LANalyzer capture file
+0	leshort		0x1007		Novell LANalyzer capture file
 
 #
 # HP-UX "nettl" capture files.
 #
-0	string		\x54\x52\x00\x64\x00	"nettl" capture file
+0	string		\x54\x52\x00\x64\x00	HP/UX nettl capture file
 
 #
 # RADCOM WAN/LAN Analyzer capture files.
@@ -23879,7 +26390,7 @@
 >>>7   byte		1	       (alternate timings)
 
 #------------------------------------------------------------------------------
-# $File: sql,v 1.21 2017/03/17 21:35:28 christos Exp $
+# $File: sql,v 1.22 2019/04/19 00:42:27 christos Exp $
 # sql:  file(1) magic for SQL files
 #
 # From: "Marty Leisner" <mleisner@eng.mc.xerox.com>
@@ -23998,13 +26509,13 @@
 
 
 # SQLite Write-Ahead Log from SQLite version >= 3.7.0
-# http://www.sqlite.org/fileformat.html#walformat
+# https://www.sqlite.org/fileformat.html#walformat
 0	belong&0xfffffffe	0x377f0682	SQLite Write-Ahead Log,
 !:ext sqlite-wal/db-wal
 >4	belong	x	version %d
 
 # SQLite Rollback Journal
-# http://www.sqlite.org/fileformat.html#rollbackjournal
+# https://www.sqlite.org/fileformat.html#rollbackjournal
 0	string	\xd9\xd5\x05\xf9\x20\xa1\x63\xd7	SQLite Rollback Journal
 
 # Panasonic channel list database svl.bin or svl.db added by Joerg Jenderek
@@ -24016,7 +26527,7 @@
 #!:mime	application/x-panasonic-sqlite3
 >>&-15	indirect	x			\b; contains
 
-# H2 Database from http://www.h2database.com/
+# H2 Database from https://www.h2database.com/
 0	string		--\ H2\ 0.5/B\ --\ \n	H2 Database file
 # Type:	OpenSSH key files
 # From:	Nicolas Collignon <tsointsoin@gmail.com>
@@ -24053,7 +26564,7 @@
 0	string U2FsdGVkX1	openssl enc'd data with salted password, base64 encoded
 
 #------------------------------------------------------------------------------
-# $File: sun,v 1.27 2014/04/30 21:41:02 christos Exp $
+# $File: sun,v 1.28 2019/04/19 00:42:27 christos Exp $
 # sun:  file(1) magic for Sun machines
 #
 # Values for big-endian Sun (MC680x0, SPARC) binaries on pre-5.x
@@ -24146,7 +26657,7 @@
 0	string		#SUNPC_CONFIG	SunPC 4.0 Properties Values
 # Sun snoop (see RFC 1761, which describes the capture file format,
 # RFC 3827, which describes some additional datalink types, and
-# http://www.iana.org/assignments/snoop-datalink-types/snoop-datalink-types.xml,
+# https://www.iana.org/assignments/snoop-datalink-types/snoop-datalink-types.xml,
 # which is the IANA registry of Snoop datalink types)
 #
 0	string		snoop		Snoop capture file
@@ -24236,12 +26747,12 @@
 
 
 #------------------------------------------------------------------------
-# $File: sysex,v 1.9 2017/03/17 21:35:28 christos Exp $
+# $File: sysex,v 1.10 2019/04/19 00:42:27 christos Exp $
 # sysex: file(1) magic for MIDI sysex files
 #
 # GRR: original 1 byte test at offset was too general as it catches also many FATs of DOS filesystems
 # where real SYStem EXclusive messages at offset 1 are limited to seven bits
-# http://en.wikipedia.org/wiki/MIDI
+# https://en.wikipedia.org/wiki/MIDI
 0	ubeshort&0xFF80		0xF000		SysEx File -
 
 # North American Group
@@ -24448,7 +26959,7 @@
 >1	byte			0x52		Zoom
 >1	byte			0x54		Matsushita
 >1	byte			0x57		Acoustic tech. lab.
-# http://www.midi.org/techspecs/manid.php
+# https://www.midi.org/techspecs/manid.php
 >1	belong&0xffffff00	0x00007400	Ta Horng
 >1	belong&0xffffff00	0x00007500	e-Tek
 >1	belong&0xffffff00	0x00007600	E-Voice
@@ -24556,7 +27067,7 @@
 0	string			T707		Roland TR-707 Data
 #------------------------------------------------------------------------------
 # file:  file(1) magic for Tcl scripting language
-# URL:  http://www.tcl.tk/
+# URL:  https://www.tcl.tk/
 # From: gustaf neumann
 
 # Tcl scripts
@@ -24591,11 +27102,11 @@
 0       string          #!teapot\012xdr      teapot work sheet (XDR format)
 
 #------------------------------------------------------------------------------
-# $File: terminfo,v 1.10 2018/01/21 03:26:33 christos Exp $
+# $File: terminfo,v 1.11 2019/04/19 00:42:27 christos Exp $
 # terminfo:  file(1) magic for terminfo
 #
-# URL: http://invisible-island.net/ncurses/man/term.5.html
-# URL: http://invisible-island.net/ncurses/man/scr_dump.5.html
+# URL: https://invisible-island.net/ncurses/man/term.5.html
+# URL: https://invisible-island.net/ncurses/man/scr_dump.5.html
 #
 # Workaround for Targa image type by Joerg Jenderek
 # GRR: line below too general as it catches also
@@ -24653,7 +27164,7 @@
 0	string		PDC\001		PDCurses screen image
 
 #------------------------------------------------------------------------------
-# $File: tex,v 1.20 2014/03/16 02:53:03 christos Exp $
+# $File: tex,v 1.21 2019/04/19 00:42:27 christos Exp $
 # tex:  file(1) magic for TeX files
 #
 # XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
@@ -24761,7 +27272,7 @@
 0	string		#LyX		LyX document text
 
 # ConTeXt documents
-#	http://wiki.contextgarden.net/
+#	https://wiki.contextgarden.net/
 0	search/4096	\\setupcolors[		ConTeXt document text
 !:strength + 15
 0	search/4096	\\definecolor[		ConTeXt document text
@@ -25070,18 +27581,20 @@
 0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0	old timezone data
 
 #------------------------------------------------------------------------------
-# $File: tplink,v 1.2 2017/12/14 05:52:56 christos Exp $
+# $File: tplink,v 1.4 2019/04/19 00:42:27 christos Exp $
 # tplink: File magic for openwrt firmware files
 
 # URL: https://wiki.openwrt.org/doc/techref/header
-# Reference: http://git.openwrt.org/?p=openwrt.git;a=blob;f=tools/firmware-utils/src/mktplinkfw.c
+# Reference: https://git.openwrt.org/?p=openwrt.git;a=blob;f=tools/firmware-utils/src/mktplinkfw.c
 # From: Joerg Jenderek
 # check for valid header version 1 or 2
 0		ulelong		<3
 >0		ulelong		!0
 # test for header padding with nulls
 >>0x100		long		0
->>>0		use		firmware-tplink
+# skip Norton Commander Cleanup Utility NCCLEAN.INI by looking for valid vendor
+>>>4		ubelong		>0x1F000000
+>>>>0		use		firmware-tplink
 
 0		name		firmware-tplink
 >0		ubyte		x		firmware
@@ -25133,11 +27646,13 @@
 # look for kernel type (gzip compressed vmlinux.bin by ./compress)
 >(0x80.L)	indirect	x
 # root file system data offset
+# WRONG in 5.35 with above indirect expression
 >0x88		ubelong		x		\b, at 0x%x
 # rootfs data length and 1 space
 >0x8C		ubelong		x		%u bytes 
 # in 5.32 only true for offset ~< FILE_BYTES_MAX=9 MB defined in ../../src/file.h 
 >(0x88.L)	indirect	x
+# 'qshs' for wr940nv1_en_3_13_7_up(111228).bin
 #>(0x88.L)	string		x		\b, file system '%.4s'
 #>(0x88.L)	ubequad		x		\b, file system 0x%llx
 # bootloader data offset
@@ -25206,11 +27721,10 @@
 >>17	string		>\0			%s)
 
 #------------------------------------------------------------------------------
-# $File: unicode,v 1.6 2010/09/20 18:55:20 rrt Exp $
+# $File: unicode,v 1.7 2019/02/19 20:34:42 christos Exp $
 # Unicode:  BOM prefixed text files - Adrian Havill <havill@turbolinux.co.jp>
-# GRR: These types should be recognised in file_ascmagic so these
-# encodings can be treated by text patterns.
-# Missing types are already dealt with internally.
+# These types are recognised in file_ascmagic so these encodings can be
+# treated by text patterns.  Missing types are already dealt with internally.
 #
 0	string	+/v8			Unicode text, UTF-7
 0	string	+/v9			Unicode text, UTF-7
@@ -25402,7 +27916,7 @@
 >4	string		>\0		\b, name '%s'
 
 #------------------------------------------------------------------------------
-# $File: varied.script,v 1.11 2015/03/27 17:59:39 christos Exp $
+# $File: varied.script,v 1.12 2019/04/19 00:42:27 christos Exp $
 # varied.script:  file(1) magic for various interpreter scripts
 
 0	string/t		#!\ /			a
@@ -25448,7 +27962,7 @@
 
 # From: arno <arenevier@fdn.fr>
 # mozilla xpconnect typelib
-# see http://www.mozilla.org/scriptable/typelib_file.html
+# see https://www.mozilla.org/scriptable/typelib_file.html
 0	string 		XPCOM\nTypeLib\r\n\032		XPConnect Typelib
 >0x10  byte        x       version %d
 >>0x11 byte        x      \b.%d
@@ -25498,15 +28012,198 @@
 43	string	SFDU_LABEL	VICAR label file
 
 #------------------------------------------------------------------------------
-# $File: virtual,v 1.6 2014/05/07 21:25:41 christos Exp $
+# $File: virtual,v 1.10 2019/04/19 00:42:27 christos Exp $
 # From: James Nobis <quel@quelrod.net>
 # Microsoft hard disk images for:
 # Virtual Server
 # Virtual PC
-# http://technet.microsoft.com/en-us/virtualserver/bb676673.aspx
-# .vhd
+# VirtualBox
+# URL: http://fileformats.archiveteam.org/wiki/VHD_(Virtual_Hard_Disk)
+# Reference: https://download.microsoft.com/download/f/f/e/ffef50a5-07dd-4cf8-aaa3-442c0673a029/
+# Virtual%20Hard%20Disk%20Format%20Spec_10_18_06.doc
 0	string	conectix	Microsoft Disk Image, Virtual Server or Virtual PC
+# alternative shorter names
+#0	string	conectix	Microsoft Virtual Hard Disk image
+#0	string	conectix	Microsoft Virtual HD image
+!:mime	application/x-virtualbox-vhd
+!:ext   vhd
+# Features is a bit field used to indicate specific feature support
+#>8	ubelong		!0x00000002	\b, Features 0x%x
+# Reserved. This bit must always be set to 1.
+#>8	ubelong		&0x00000002	\b, Reserved 0x%x
+# File Format Version for the current specification 0x00010000
+#>12	ubelong		!0x00010000	\b, Version 0x%8.8x
+# Data Offset only found 0x200
+#>16	ubequad		!0x200		\b, Data Offset 0x%llx
+#>16	ubequad		x		\b, at 0x%llx
+# Dynamic Disk Header cookie like cxsparse
+#>(16.Q)	string		x		"%-.8s"
+# This field contains a Unicode string (UTF-16) of the parent hard disk filename
+#>(16.Q+64)	ubequad	x		\b, parent name 0x%llx
+# Creator Application
+# vpc~Microsoft Virtual PC, vs~Microsoft Virtual Server, vbox~VirtualBox, d2v~disk2vhd
+>28	string		x		\b, Creator %-4.4s
+# Creator Version: 0x00010000~Virtual Server 2004, 0x00050000~Virtual PC 2004
+# holds the major/minor version of the application that created the image
+>32	ubeshort	x		%x
+>34	ubeshort	x		\b.%x
+#>32	ubelong		x		\b, Version 0x%8.8x
+# Creator Host OS: 0x5769326B~Windows (Wi2k), 0x4D616320~Macintosh (Mac)
+>36	ubelong		x		(
+>>36	ubelong		0x5769326B	\bW2k
+>>36	ubelong		0x4D616320	\bMac
+>>36	default		x		\b0x
+>>>36	ubelong		x		\b%8.8x
+# creation Time in seconds since 1 Jan 2000 UTC~946684800 sec. since Unix Epoch
+>24	bedate+946684800	x	\b) %s
+# Original Size
+#>40	ubequad		x		\b, o.-Size 0x%llx
+# Current Size is same as original size, but change when disk is expanded
+#>48	ubequad		x		\b, Size 0x%llx
+>48	ubequad		x		\b, %llu bytes
+# Disk Geometry: cylinder, heads, and sectors/track for hard disk
+#>56	ubeshort	x		\b, Cylinder 0x%x
+>56	ubeshort	x		\b, CHS %u
+# Heads
+#>58	ubyte		x		\b, Heads 0x%x
+>58	ubyte		x		\b/%u
+# Sectors per track
+#>59	ubyte		x		\b, Sectors 0x%x
+>59	ubyte		x		\b/%u
+# Disk Type: 3~Dynamic hard disk
+>60	ubelong		!0x3		\b, type 0x%x
+# Checksum
+#>64	ubelong		x		\b, cksum 0x%x
+# universally unique identifier (UUID) to associate a parent with its differencing image
+#>68	ubequad		x		\b, id 0x%16.16llx
+#>76	ubequad		x		\b-%16.16llx
+# Saved State: 1~Saved State
+>84	ubyte		!0		\b, State 0x%x
+# Reserved 427 bytes with nils
+#>85	ubequad	!0			\b, Reserved 0x%16.16llx
 
+# From: Joerg Jenderek
+# URL: https://msdn.microsoft.com/en-us/library/mt740058.aspx
+# Reference: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/
+# MS-VHDX/[MS-VHDX].pdf
+# Note: extends the VHD format with new capabilities, such as a 16TB maximum size
+# TODO:	find and display values like virtual size, disk size, cluster_size, etc
+#	display id in GUID format
+#
+# VHDX_FILE_IDENTIFIER signature 0x656C696678646876
+0	string			vhdxfile
+# VHDX_HEADER signature. 1 header is stored at offset 64KB and the other at 128KB
+>0x10000	string		head		Microsoft Disk Image eXtended
+#>0x20000	string			head	\b, 2nd header
+#!:mime	application/x-virtualbox-vhdx
+!:ext	vhdx
+# Creator[256] like "QEMU v3.0.0", "Microsoft Windows 6.3.9600.18512"
+>>8		lestring16		x	\b, by %.256s
+# The Checksum field is a CRC-32C hash over the entire 4 KB structure
+#>>0x10004	ulelong			x	\b, CRC 0x%x
+# SequenceNumber
+>>0x10008	ulequad			x	\b, sequence 0x%llx
+# FileWriteGuid
+#>>0x10010	ubequad			x	\b, file id 0x%llx
+#>>>0x10018	ubequad			x	\b-%llx
+# DataWriteGuid
+#>>0x10020	ubequad			x	\b, data id 0x%llx
+#>>>0x10028	ubequad			x	\b-%llx
+# LogGuid. If this field is zero, then the log is empty or has no valid entries 
+>>0x10030	ubequad			>0	\b, log id 0x%llx
+>>>0x10038	ubequad			x	\b-%llx
+# LogVersion. If not 0 there is a log to replay
+>>0x10040	uleshort		>0	\b, LogVersion 0x%x
+# Version. This field must be set to 1
+>>0x10042	uleshort		!1	\b, Version 0x%x
+# LogLength must be multiples of 1 MB
+>>0x10044	ulelong/1048576		>1	\b, LogLength %u MB
+# LogOffset (normally 0x100000 when log direct after header); multiples of 1 MB
+>>0x10048	ulequad			!0x100000 \b, LogOffset 0x%llx
+# Log Entry Signature must be 0x65676F6C~loge
+>>(0x10048.q)	ulelong			!0x65676F6C \b, NO Log Signature
+>>(0x10048.q)	ulelong			=0x65676F6C	\b; LOG
+# Log Entry Checksum
+#>>>(0x10048.q+4)	ulelong		x	\b, Log CRC 0x%x
+# Log Entry Length must be a multiple of 4 KB
+>>>(0x10048.q+8)	ulelong/1024	>4	\b, EntryLength %u KB
+# Log Entry Tail must be a multiple of 4 KB
+#>>>(0x10048.q+12)	ulelong		x	\b, Tail 0x%x
+# Log Entry SequenceNumber
+#>>>(0x10048.q+16)	ulequad		x	\b, # 0x%llx
+# Log Entry DescriptorCount may be zero. only 4 bytes in other docs instead 8
+#>>>(0x10048.q+24)	ulelong		x	\b, DescriptorCount 0x%llx
+# Log Entry Reserved must be set to 0
+>>>(0x10048.q+28)	ulelong		!0	\b, Reserved 0x%x
+# Log Entry LogGuid
+#>>>(0x10048.q+32)	ubequad		x	\b, Log id 0x%llx
+#>>>(0x10048.q+40)	ubequad		x	\b-%llx
+# Log Entry FlushedFileOffset should VHDX size when entry is written.
+#>>>(0x10048.q+48)	ulequad		x	\b, FlushedFileOffset %llu
+# Log Entry LastFileOffset
+#>>>(0x10048.q+56)	ulequad		x	\b, LastFileOffset %llu
+# filling
+#>>>(0x10048.q+64)	ulequad		>0	\b, filling %llx
+# Reserved[4016]
+#>>0x10050	ulequad			>0	\b, Reserved 0x%llx
+# VHDX_REGION_TABLE_HEADER Signature 0x69676572~regi at offset 192 KB and 256 KB
+>0x30000	ulelong			!0x69676572 \b, 1st region INVALID
+>0x30000	ulelong			=0x69676572 \b; region
+# region Checksum. CRC-32C hash over the entire 64-KB table
+#>>0x30004	ulelong			x	\b, CRC 0x%x
+# The EntryCount specifies number of valid entries; Found 2; This must be =< 2047. 
+>>0x30008	ulelong			x	\b, %u entries
+# reserved must be zero
+#>>0x3000C	ulelong			!0	\b, RESERVED 0x%x
+# Region Table Entry starts with identifier for the object. often BAT id
+>>0x30010	use			vhdx-id
+# FileOffset
+>>0x30020	ulequad		x		\b, at 0x%llx
+# Length. Specifies the length of the object within the file
+#>>0x30028	ulelong		x		\b, Length 0x%x
+# 1 means region entry is required. if region not recognized, then REFUSE to load VHDX
+>>0x3002C	ulelong		x		\b, Required %u
+# 2nd region entry often metadata id
+>>0x30030	use			vhdx-id
+# 2nd entry FileOffset
+>>0x30040	ulequad		x		\b, at 0x%llx
+# 1 means region entry is required. if region not recognized, then REFUSE to load VHDX
+>>0x3004C	ulelong		x		\b, Required %u
+# 2nd region
+>>0x40000	ulelong		!0x69676572	\b, 2nd region INVALID
+# check in vhdx images for known id and show names instead hexadecimal
+0	name		vhdx-id
+# https://www.windowstricks.in/online-windows-guid-converter
+# 2DC27766-F623-4200-9D64-115E9BFD4A08		BAT GUID
+# 6677C22D23F600429D64115E9BFD4A08		BAT ID
+>0	ubequad		=0x6677C22D23F60042
+>>8	ubequad		=0x9D64115E9BFD4A08	\b, id BAT
+# no BAT id
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# 8B7CA206-4790-4B9A-B8FE-575F050F886E		Metadata region GUID
+# 06A27C8B90479A4BB8FE575F050F886E		Metadata region ID
+>0	ubequad		=0x06A27C8B90479A4B
+>>8	ubequad		=0xB8FE575F050F886E	\b, id Metadata
+# no Metadata id
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# 2FA54224-CD1B-4876-B211-5DBED83BF4B8		Virtual Disk Size GUID
+# 2442A52F1BCD7648B2115DBED83BF4B8		Virtual Disk Size ID
+# value "virtual size" can be verified by command `qemu-img info `
+>0	ubequad		=0x2442A52F1BCD7648
+>>8	ubequad		=0xB2115DBED83BF4B8	\b, id vsize
+# no Virtual Disk Size ID
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# other ids
+>0	default		x
+>>0	use		vhdx-id-hex
+# in vhdx images show id as hexadecimal
+0	name		vhdx-id-hex
+>0	ubequad		x			\b, ID 0x%16.16llx
+>8	ubequad		x			\b-%16.16llx
+#
 # libvirt
 # From: Philipp Hahn <hahn@univention.de>
 0	string	LibvirtQemudSave	Libvirt QEMU Suspend Image
@@ -25534,15 +28231,16 @@
 # Updated by Adam Buchbinder (adam.buchbinder@gmail.com)
 # Made by reading sources, reading documentation, and doing trial and error
 # on existing QCOW files
-0	string/b	QFI\xFB	QEMU QCOW Image
+0	string/b	QFI\xFB
 
 # Uncomment the following line to display Magic (only used for debugging
 # this magic number)
 #>0	string/b	x	, Magic: %s
 
 # There are currently 2 Versions: "1" and "2".
-# http://www.gnome.org/~markmc/qcow-image-format-version-1.html
->4	belong	1	(v1)
+# https://www.gnome.org/~markmc/qcow-image-format-version-1.html
+>4	belong		!1	QEMU QCOW2 Image
+>4	belong		1	QEMU QCOW Image (v1)
 
 # Using the existence of the Backing File Offset to determine whether
 # to read Backing File Information
@@ -25564,7 +28262,7 @@
 # 1 for AES encryption, 0 for none.
 >>36	belong	1	\b, AES-encrypted
 
-# http://www.gnome.org/~markmc/qcow-image-format.html
+# https://www.gnome.org/~markmc/qcow-image-format.html
 >4	belong	2	(v2)
 # Using the existence of the Backing File Offset to determine whether
 # to read Backing File Information
@@ -25600,7 +28298,7 @@
 0	string/b	QEVM		QEMU suspend to disk image
 
 # QEMU QED Image
-# http://wiki.qemu.org/Features/QED/Specification
+# https://wiki.qemu.org/Features/QED/Specification
 0	string/b	QED\0		QEMU QED Image
 
 # VDI Image
@@ -25870,7 +28568,7 @@
 >0	leshort	>0		schema version no %d
 
 #------------------------------------------------------------------------------
-# $File: warc,v 1.3 2010/11/25 15:05:43 christos Exp $
+# $File: warc,v 1.4 2019/04/19 00:42:27 christos Exp $
 # warc:  file(1) magic for WARC files
 
 0	string	WARC/	WARC Archive
@@ -25879,7 +28577,7 @@
 
 #------------------------------------------------------------------------------
 # Arc File Format from Internet Archive
-# see http://www.archive.org/web/researcher/ArcFileFormat.php
+# see https://www.archive.org/web/researcher/ArcFileFormat.php
 0      string          filedesc://     Internet Archive File
 !:mime application/x-ia-arc
 >11    search/256      \x0A    \b
@@ -25901,14 +28599,14 @@
 
 #0	string		=!!		Bennet Yee's "face" format
 #------------------------------------------------------------------------------
-# $File: webassembly,v 1.2 2017/05/02 14:05:29 christos Exp $
+# $File: webassembly,v 1.3 2019/04/19 00:42:27 christos Exp $
 # webassembly:  file(1) magic for WebAssembly modules
 #
 # WebAssembly is a virtual architecture developed by a W3C Community
-# Group at http://webassembly.org/. The file extension is .wasm, and
+# Group at https://webassembly.org/. The file extension is .wasm, and
 # the MIME type is application/wasm.
 #
-# http://webassembly.org/docs/binary-encoding/ is the main
+# https://webassembly.org/docs/binary-encoding/ is the main
 # document describing the binary format.
 # From: Pip Cet <pipcet@gmail.com> and Joel Martin
 
@@ -25917,7 +28615,7 @@
 >4	lelong	>1	version %#x
 
 #------------------------------------------------------------------------------
-# $File: windows,v 1.22 2018/02/16 15:44:00 christos Exp $
+# $File: windows,v 1.26 2019/05/01 17:55:25 christos Exp $
 # windows:  file(1) magic for Microsoft Windows
 #
 # This file is mainly reserved for files where programs
@@ -25943,8 +28641,8 @@
 
 # Summary: Windows crash dump
 # Extension: .dmp
-# Created by: Andreas Schuster (http://computer.forensikblog.de/)
-# Reference (1): http://computer.forensikblog.de/en/2008/02/64bit_magic.html
+# Created by: Andreas Schuster (https://computer.forensikblog.de/)
+# Reference (1): https://computer.forensikblog.de/en/2008/02/64bit_magic.html
 # Modified by (1): Abel Cheung (Avoid match with first 4 bytes only)
 0	string		PAGE
 >4	string		DUMP		MS Windows 32bit crash dump
@@ -25963,8 +28661,8 @@
 
 # Summary: Vista Event Log
 # Extension: .evtx
-# Created by: Andreas Schuster (http://computer.forensikblog.de/)
-# Reference (1): http://computer.forensikblog.de/en/2007/05/some_magic.html
+# Created by: Andreas Schuster (https://computer.forensikblog.de/)
+# Reference (1): https://computer.forensikblog.de/en/2007/05/some_magic.html
 0	string		ElfFile\0	MS Windows Vista Event Log
 >0x2a	leshort		x		\b, %d chunks
 >>0x10	lelong		x		\b (no. %d in use)
@@ -25973,6 +28671,80 @@
 >0x78	lelong		&1		\b, DIRTY
 >0x78	lelong		&2		\b, FULL
 
+# Summary: Windows System Deployment Image
+# Created by: Joerg Jenderek
+# URL: http://en.wikipedia.org/wiki/System_Deployment_Image
+# Reference: http://skolk.livejournal.com/1320.html
+0	string			$SDI
+>4	string			0001		System Deployment Image
+!:mime	application/x-ms-sdi
+#!:mime	application/octet-stream
+# \Boot\boot.sdi
+!:ext	sdi
+# MDBtype: 0~Unspecified 1~RAM 2~ROM
+>>8	ulequad			!0		\b, MDBtype 0x%llx
+# BootCodeOffset
+>>16	ulequad			!0		\b, BootCodeOffset 0x%llx
+# BootCodeSize
+>>24	ulequad			!0		\b, BootCodeSize 0x%llx
+# VendorID
+>>32	ulequad			!0		\b, VendorID 0x%llx
+# DeviceID
+>>40	ulequad			!0		\b, DeviceID 0x%llx
+# DeviceModel
+>>48	ulequad			!0		\b, DeviceModel 0x%llx
+>>>56	ulequad			!0		\b%llx
+# DeviceRole
+>>64	ulequad			!0		\b, DeviceRole 0x%llx
+# Reserved1; reserved fields and gaps between BLOBs are padded with \0
+#>>72	ulequad			!0		\b, Reserved1 0x%llx
+# RuntimeGUID
+>>80	ulequad			!0		\b, RuntimeGUID 0x%llx
+>>>88	ulequad			!0		\b%llx
+# RuntimeOEMrev
+>>96	ulequad			!0		\b, RuntimeOEMrev 0x%llx
+# Reserved2
+#>>104	ulequad			!0		\b, Reserved2 0x%llx
+# BLOB alignment value in pages, as specified in sdimgr /pack: 1~4K 2~8k
+>>112	ulequad			!0		\b, PageAlignment %llu
+# Reserved3[48]
+#>>120	ulequad			!0		\b, Reserved3 0x%llx
+# SDI checksum 39h
+>>0x1f8	ulequad			x		\b, checksum 0x%llx
+# BLOBtype[8] \0-padded: PART, WIM , BOOT, LOAD, DISK
+>>0x400	string			>\0		\b, type %-3.8s
+# 0~non-filesystem 7~NTFS 6~BIGFAT
+>>>0x420	ulequad		!0		(0x%llx)
+# ATTRibutes
+>>>0x408	ulequad		!0		0x%llx attributes
+# Offset
+>>>0x410	ulequad		x		at 0x%llx
+# print 1 space after size and then handles NTFS boot sector by ./filesystems
+>>>0x418	ulequad		>0		%llu bytes 
+>>>>(0x410.l)	indirect	x
+# 2nd BLOB: WIM
+>>0x440		string		>\0		\b, type %-3.8s
+>>>0x428	ulequad		!0		(0x%llx)
+# ATTRibutes
+>>>0x448	ulequad		!0		0x%llx attributes
+# Offset
+>>>0x450	ulequad		x		at 0x%llx
+>>>0x458	ulequad		>0		%llu bytes 
+>>>>(0x450.l)	indirect	x
+# 3rd BLOB
+>>0x480		string		>\0		\b, type %-3.8s
+
+# Summary:	Windows Error Report text files
+# URL:		https://en.wikipedia.org/wiki/Windows_Error_Reporting
+# Reference:	https://www.nirsoft.net/utils/app_crash_view.html
+# Created by:	Joerg Jenderek
+# Note:		in directories	%ProgramData%\Microsoft\Windows\WER\{ReportArchive,ReportQueue}
+#				%LOCALAPPDATA%\Microsoft\Windows\WER\{ReportArchive,ReportQueue}
+0	lestring16	Version=	
+>22	lestring16	EventType	Windows Error Report
+!:mime	text/plain
+# Report.wer
+!:ext	wer
 
 # Summary: Windows 3.1 group files
 # Extension: .grp
@@ -25982,7 +28754,7 @@
 
 # Summary: Old format help files
 # URL: https://en.wikipedia.org/wiki/WinHelp
-# Reference: http://www.oocities.org/mwinterhoff/helpfile.htm
+# Reference: https://www.oocities.org/mwinterhoff/helpfile.htm
 # Update: Joerg Jenderek
 # Created by: Dirk Jagdmann <doj@cubic.org>
 #
@@ -26130,7 +28902,7 @@
 0	string		HyperTerminal\040
 >15	string		1.0\ --\ HyperTerminal\ data\ file	MS Windows HyperTerminal profile
 
-# http://ithreats.files.wordpress.com/2009/05/\040
+# https://ithreats.files.wordpress.com/2009/05/\040
 # lnk_the_windows_shortcut_file_format.pdf
 # Summary: Windows shortcut
 # Extension: .lnk
@@ -26260,8 +29032,8 @@
 0	name		ini-file
 # look for left bracket in section line
 >0	search/8192	[
-# http://en.wikipedia.org/wiki/Autorun.inf
-# http://msdn.microsoft.com/en-us/library/windows/desktop/cc144200.aspx
+# https://en.wikipedia.org/wiki/Autorun.inf
+# https://msdn.microsoft.com/en-us/library/windows/desktop/cc144200.aspx
 # space after right bracket
 # or AutoRun.Amd64 for 64 bit systems
 # or only NL separator
@@ -26277,7 +29049,7 @@
 >>>&0	string		!]\r\n[					Microsoft Windows Autorun file
 !:mime application/x-setupscript
 !:ext	inf
-# http://msdn.microsoft.com/en-us/library/windows/hardware/ff549520(v=vs.85).aspx
+# https://msdn.microsoft.com/en-us/library/windows/hardware/ff549520(v=vs.85).aspx
 # version strings ASCII coded case-independent for Windows setup information script file
 >>&0	regex/c		\^(version|strings)]				Windows setup INFormation
 !:mime	application/x-setupscript
@@ -26288,24 +29060,24 @@
 !:mime	application/x-setupscript
 !:ext	inf
 # http://www.winfaq.de/faq_html/Content/tip2500/onlinefaq.php?h=tip2653.htm
-# http://msdn.microsoft.com/en-us/library/windows/desktop/cc144102.aspx
+# https://msdn.microsoft.com/en-us/library/windows/desktop/cc144102.aspx
 # .ShellClassInfo DeleteOnCopy LocalizedFileNames ASCII coded case-independent
 >>&0	regex/c	\^(\.ShellClassInfo|DeleteOnCopy|LocalizedFileNames)]	Windows desktop.ini
 !:mime application/x-wine-extension-ini
 #!:mime text/plain
-# http://support.microsoft.com/kb/84709/
+# https://support.microsoft.com/kb/84709/
 >>&0	regex/c		\^(don't\ load)]				Windows CONTROL.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
 >>&0	regex/c		\^(ndishlp\\$|protman\\$|NETBEUI\\$)]		Windows PROTOCOL.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://technet.microsoft.com/en-us/library/cc722567.aspx
+# https://technet.microsoft.com/en-us/library/cc722567.aspx
 # http://www.winfaq.de/faq_html/Content/tip0000/onlinefaq.php?h=tip0137.htm
 >>&0	regex/c		\^(windows|Compatibility|embedding)]		Windows WIN.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/SYSTEM.INI
+# https://en.wikipedia.org/wiki/SYSTEM.INI
 >>&0	regex/c		\^(boot|386enh|drivers)]			Windows SYSTEM.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
@@ -26313,18 +29085,18 @@
 >>&0	regex/c		\^(SafeList)]					Windows IOS.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/NTLDR	Windows Boot Loader information
+# https://en.wikipedia.org/wiki/NTLDR	Windows Boot Loader information
 >>&0	regex/c		\^(boot\x20loader)]				Windows boot.ini
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/CONFIG.SYS
+# https://en.wikipedia.org/wiki/CONFIG.SYS
 >>&0	regex/c		\^(menu)]					MS-DOS CONFIG.SYS
 # @CONFIG.UI configuration file of previous DOS version saved by Caldera OPENDOS INSTALL.EXE
 # CONFIG.PSS saved version of file CONFIG.SYS created by %WINDIR%\SYTEM\MSCONFIG.EXE
 # CONFIG.TSH renamed file CONFIG.SYS.BAT by %WINDIR%\SYTEM\MSCONFIG.EXE
 # dos and w40 used in dual booting scene
 !:ext	sys/dos/w40
-# http://support.microsoft.com/kb/118579/
+# https://support.microsoft.com/kb/118579/
 >>&0	regex/c		\^(Paths)]\r\n					MS-DOS MSDOS.SYS
 !:ext	sys/dos
 # http://chmspec.nongnu.org/latest/INI.html#HHP
@@ -26340,7 +29112,7 @@
 >>>>&0	string/c			version				Windows setup INFormation
 !:mime application/x-setupscript
 !:ext	inf
-# http://en.wikipedia.org/wiki/Initialization_file	Windows Initialization File or other
+# https://en.wikipedia.org/wiki/Initialization_file	Windows Initialization File or other
 >>>>&0	default				x
 >>>>>&0	ubyte				x
 # characters, digits, underscore and white space followed by right bracket
@@ -26477,7 +29249,7 @@
 # Summary: backup file created with utility like NTBACKUP.EXE shipped with Windows NT/2K/XP/2003
 # Extension: .bkf
 # Created by: Joerg Jenderek
-# URL: http://en.wikipedia.org/wiki/NTBackup
+# URL: https://en.wikipedia.org/wiki/NTBackup
 # Reference: http://laytongraphics.com/mtf/MTF_100a.PDF
 # Descriptor BloCK name of Microsoft Tape Format
 0	string			TAPE
@@ -26574,7 +29346,7 @@
 #
 
 # URL: https://en.wikipedia.org/wiki/PaintShop_Pro
-# Reference: http://www.cryer.co.uk/file-types/p/pal.htm
+# Reference: https://www.cryer.co.uk/file-types/p/pal.htm
 # Created by: Joerg Jenderek
 # Note: there exist other color palette formats also with .pal extension
 0	string	JASC-PAL\r\n	PaintShop Pro color palette
@@ -26586,7 +29358,7 @@
 # third line contains the number of colours: 16 256 ...
 >16	string	x		\b, %.3s colors
 
-# URL: http://en.wikipedia.org/wiki/Innosetup
+# URL: https://en.wikipedia.org/wiki/Innosetup
 # Reference: https://github.com/jrsoftware/issrc/blob/master/Projects/Undo.pas
 # Created by: Joerg Jenderek
 # Note:	created by like "InnoSetup self-extracting archive" inside ./msdos
@@ -26633,6 +29405,95 @@
 # directory like C:\Program Files\GIMP 2
 >>>>&0	lestring16	x				\b, %-.42s
 
+# Windows Imaging (WIM) Image
+# Update: Joerg Jenderek at Mar 2019
+# URL: https://en.wikipedia.org/wiki/Windows_Imaging_Format
+# Reference: https://download.microsoft.com/download/f/e/f/
+# fefdc36e-392d-4678-9e4e-771ffa2692ab/Windows%20Imaging%20File%20Format.rtf
+# Note: verified by like `7z t boot.wim` `wiminfo install.esd --header`
+0	string		MSWIM\000\000\000
+>0	use		wim-archive
+# https://wimlib.net/man1/wimoptimize.html
+0	string		WLPWM\000\000\000
+>0	use		wim-archive
+0	name		wim-archive
+# _WIMHEADER_V1_PACKED ImageTag[8]
+>0	string		x			Windows imaging
+!:mime	application/x-ms-wim
+# TO avoid in file version 5.36 error like
+# Magdir/windows, 760: Warning: Current entry does not yet have a description
+# file: could not find any valid magic files! (No error)
+# splitted WIM
+>16	ulelong		&0x00000008		(SWM
+!:ext	swm
+# usPartNumber; 1, unless the file was split into multiple parts
+>>40	uleshort	x			\b %u
+# usTotalParts; The total number of WIM file parts in a spanned set
+>>42	uleshort	x			\b of %u) image
+# non splitted WIM
+>16	ulelong		^0x00000008
+# https://wimlib.net/man1/wimmount.html
+# solid WIMs; version 3584; usually contain LZMS-compressed and the .esd extension
+>>12	ulelong		3584			(ESD) image
+!:ext	esd
+>>12	ulelong		!3584			(WIM) image
+!:ext	wim
+>0	string/b	WLPWM\000\000\000	\b, wimlib pipable format
+# cbSize size of the WIM header in bytes like 208
+#>8	ulelong		x			\b, headersize %u
+# dwVersion version of the WIM file 00010d00h~1.13 00000e00h~0.14
+>14	uleshort	x			v%u
+>13	ubyte		x			\b.%u
+# dwImageCount; The number of images contained in the WIM file
+>44	ulelong		>1			\b, %u images
+# dwBootIndex
+# 1-based index of the bootable image of the WIM, or 0 if no image is bootable
+>0x78	ulelong		>0			\b, bootable no. %u
+# dwFlags
+#>16	ulelong		x			\b, flags 0x%8.8x
+#define FLAG_HEADER_COMPRESSION		0x00000002
+#define FLAG_HEADER_READONLY            0x00000004
+#define FLAG_HEADER_SPANNED		0x00000008
+#define FLAG_HEADER_RESOURCE_ONLY       0x00000010
+#define FLAG_HEADER_METADATA_ONLY       0x00000020
+#define FLAG_HEADER_WRITE_IN_PROGRESS   0x00000040
+#define FLAG_HEADER_RP_FIX		0x00000080 reparse point fixup
+#define FLAG_HEADER_COMPRESS_RESERVED   0x00010000
+#define FLAG_HEADER_COMPRESS_XPRESS     0x00020000
+#define FLAG_HEADER_COMPRESS_LZX	0x00040000
+#define FLAG_HEADER_COMPRESS_LZMS	0x00080000
+#define FLAG_HEADER_COMPRESS_XPRESS2    0x00100000 wimlib-1.13.0\include\wimlib\header.h 
+# XPRESS, with small chunk size
+>16	ulelong		&0x00100000		\b, XPRESS2
+>16	ulelong		&0x00080000		\b, LZMS
+>16	ulelong		&0x00040000		\b, LZX
+>16	ulelong		&0x00020000		\b, XPRESS
+>16	ulelong		&0x00000002		compressed
+>16	ulelong		&0x00000004		\b, read only
+>16	ulelong		&0x00000010		\b, resource only
+>16	ulelong		&0x00000020		\b, metadata only
+>16	ulelong		&0x00000080		\b, reparse point fixup
+#>16	ulelong		&0x00010000		\b, RESERVED
+# dwCompressionSize; Uncompressed chunk size for resources or 0 if uncompressed
+#>20	ulelong		>0			\b, chunk size %u bytes
+# gWIMGuid
+#>24	ubequad		x			\b, GUID 0x%16.16llx
+#>>32	ubequad		x			\b%16.16llx
+# rhOffsetTable; the location of the resource lookup table
+# wim_reshdr_disk[24]= u8 size_in_wim[7] + u8 flags + le64 offset_in_wim + le64 uncompressed_size
+#>48	ubequad		x			\b, rhOffsetTable 0x%16.16llx
+# rhXmlData; the location of the XML data
+#>0x50	ulelong		x			\b, at 0x%8.8x
+# NOT WORKING \xff\xfe<\0W\0I\0M\0
+#>(0x50.l)	ubequad	x			\b, xml=%16.16llx
+# rhBootMetadata; the location of the metadata resource
+#>0x60	ubequad		x			\b, rhBootMetadata 0x%16.16llx
+# rhIntegrity; the location of integrity table used to verify files
+#>0x7c	ubequad		x			\b, rhIntegrity 0x%16.16llx
+# Unused[60]
+#>148	ubequad		!0			\b,unused 0x%16.16llx
+#
+
 
 #------------------------------------------------------------------------------
 # $File: wireless,v 1.2 2009/09/19 16:28:13 christos Exp $
@@ -26642,7 +29503,7 @@
 >4	belong	19	(Version 1)
 
 #------------------------------------------------------------------------------
-# $File: wordprocessors,v 1.19 2015/10/16 15:11:07 christos Exp $
+# $File: wordprocessors,v 1.20 2019/04/19 00:42:27 christos Exp $
 # wordprocessors:  file(1) magic fo word processors.
 #
 ####### PWP file format used on Smith Corona Personal Word Processors:
@@ -26852,7 +29713,7 @@
 >5      string          >\0             version %s
 0       string          \\1cw           ChiWriter file
 
-# Quark Express from http://www.garykessler.net/library/file_sigs.html
+# Quark Express from https://www.garykessler.net/library/file_sigs.html
 2	string	IIXPR3			Intel Quark Express Document (English)
 2	string	IIXPRa			Intel Quark Express Document (Korean)
 2	string	MMXPR3			Motorola Quark Express Document (English)
@@ -26904,11 +29765,11 @@
 0	ulelong&0x8080FFFF	0x00001204	gfxboot compiled html help file
 
 #------------------------------------------------------------------------------
-# $File: wsdl,v 1.3 2013/02/06 14:18:52 christos Exp $
-# wsdl: PHP WSDL Cache, http://www.php.net/manual/en/book.soap.php
+# $File: wsdl,v 1.5 2019/04/19 00:42:27 christos Exp $
+# wsdl: PHP WSDL Cache, https://www.php.net/manual/en/book.soap.php
 # Cache format extracted from source:
-# http://svn.php.net/viewvc/php/php-src/trunk/ext/soap/php_sdl.c?revision=HEAD&view=markup
-# Requires file >= 5.05, see http://mx.gw.com/pipermail/file/2010/000683.html
+# https://svn.php.net/viewvc/php/php-src/trunk/ext/soap/php_sdl.c?revision=HEAD&view=markup
+# Requires file >= 5.05
 # By Elan Ruusamae <glen@delfi.ee>, Patryk Zawadzki <patrys@pld-linux.org>, 2010-2011
 0		string		wsdl		PHP WSDL cache,
 >4		byte		x		version 0x%02x
@@ -27127,7 +29988,7 @@
 >6	leshort&0x0003	=0x0003			alignment 256
 
 #------------------------------------------------------------------------------
-# $File: xwindows,v 1.10 2017/03/17 21:35:28 christos Exp $
+# $File: xwindows,v 1.11 2019/04/19 00:42:27 christos Exp $
 # xwindows:  file(1) magic for various X/Window system file formats.
 
 # Compiled X Keymap
@@ -27154,8 +30015,8 @@
 
 # Xcursor data
 # X11 mouse cursor format defined in libXcursor, see
-# http://www.x.org/archive/X11R6.8.1/doc/Xcursor.3.html
-# http://cgit.freedesktop.org/xorg/lib/libXcursor/tree/include/X11/Xcursor/Xcursor.h
+# https://www.x.org/archive/X11R6.8.1/doc/Xcursor.3.html
+# https://cgit.freedesktop.org/xorg/lib/libXcursor/tree/include/X11/Xcursor/Xcursor.h
 0	string		Xcur		Xcursor data
 !:mime	image/x-xcursor
 >10	leshort		x		version %d
@@ -27163,8 +30024,8 @@
 
 
 #------------------------------------------------------------------------------
-# $File: yara,v 1.2 2017/05/25 20:07:23 christos Exp $
-# yara:  file(1) magic for http://virustotal.github.io/yara/
+# $File: yara,v 1.3 2019/04/19 00:42:27 christos Exp $
+# yara:  file(1) magic for https://virustotal.github.io/yara/
 #
 
 0	string	YARA
@@ -27286,14 +30147,14 @@
 0	long		0xe809		separate object file (z8000 a.out)
 0	long		0xe805		overlay object file (z8000 a.out)
 #------------------------------------------------------------------------------
-# $File: zip,v 1.1 2017/11/03 23:36:17 christos Exp $
+# $File: zip,v 1.2 2019/04/09 18:34:15 christos Exp $
 # zip:  file(1) magic for zip files; this is not use
 # Note the version of magic in archive is currently stronger, this is
 # just an example until negative offsets are supported better
 
 # Zip Central Cirectory record
 0	name		zipcd
->0	string		PK\001\002
+>0	string		PK\001\002	Zip archive data
 >>4	leshort		x		\b, made by
 >>4	use		zipversion
 >>6	leshort		x		\b, extract using at least
@@ -27340,7 +30201,7 @@
 >>0	leshort		x		v?[%#x]
 
 # Zip End Of Central Directory record
--22	string		PK\005\006	Zip archive data
+-22	string		PK\005\006
 #>4	leshort		>1		\b, %d disks
 #>6	leshort		>1		\b, central directory disk %d
 #>8	leshort		>1		\b, %d central directories on this disk
diff --git a/msys2/usr/share/gdb/auto-load/usr/lib/msys-glib-2.0-0.dll-gdb.py b/msys2/usr/share/gdb/auto-load/usr/lib/msys-glib-2.0-0.dll-gdb.py
index 73ab5ba96..9c3c02f34 100644
--- a/msys2/usr/share/gdb/auto-load/usr/lib/msys-glib-2.0-0.dll-gdb.py
+++ b/msys2/usr/share/gdb/auto-load/usr/lib/msys-glib-2.0-0.dll-gdb.py
@@ -6,5 +6,5 @@ dir_ = '/usr/share/glib-2.0/gdb'
 if not dir_ in sys.path:
     sys.path.insert(0, dir_)
 
-from glib import register
+from glib_gdb import register
 register (gdb.current_objfile ())
diff --git a/msys2/usr/share/gdb/auto-load/usr/lib/msys-gobject-2.0-0.dll-gdb.py b/msys2/usr/share/gdb/auto-load/usr/lib/msys-gobject-2.0-0.dll-gdb.py
index 5eb68de0c..e20ac6501 100644
--- a/msys2/usr/share/gdb/auto-load/usr/lib/msys-gobject-2.0-0.dll-gdb.py
+++ b/msys2/usr/share/gdb/auto-load/usr/lib/msys-gobject-2.0-0.dll-gdb.py
@@ -6,5 +6,5 @@ dir_ = '/usr/share/glib-2.0/gdb'
 if not dir_ in sys.path:
     sys.path.insert(0, dir_)
 
-from gobject import register
+from gobject_gdb import register
 register (gdb.current_objfile ())
diff --git a/msys2/usr/share/glib-2.0/gdb/glib.py b/msys2/usr/share/glib-2.0/gdb/glib_gdb.py
similarity index 100%
rename from msys2/usr/share/glib-2.0/gdb/glib.py
rename to msys2/usr/share/glib-2.0/gdb/glib_gdb.py
diff --git a/msys2/usr/share/glib-2.0/gdb/gobject.py b/msys2/usr/share/glib-2.0/gdb/gobject.py
deleted file mode 100644
index 2311d6c83..000000000
--- a/msys2/usr/share/glib-2.0/gdb/gobject.py
+++ /dev/null
@@ -1,295 +0,0 @@
-import os.path
-import gdb
-import glib
-import sys
-
-if sys.version_info[0] >= 3:
-    long = int
-else:
-    import itertools
-    map = itertools.imap
-
-# FrameDecorator is new in gdb 7.7, so we adapt to its absence.
-try:
-    import gdb.FrameDecorator
-    HAVE_GDB_FRAMEDECORATOR = True
-    FrameDecorator = gdb.FrameDecorator.FrameDecorator
-except ImportError:
-    HAVE_GDB_FRAMEDECORATOR = False
-
-# This is not quite right, as local vars may override symname
-def read_global_var (symname):
-    return gdb.selected_frame().read_var(symname)
-
-def g_type_to_name (gtype):
-    def lookup_fundamental_type (typenode):
-        if typenode == 0:
-            return None
-        val = read_global_var ("static_fundamental_type_nodes")
-        if val == None:
-            return None
-        return val[typenode >> 2].address()
-
-    gtype = long(gtype)
-    typenode = gtype - gtype % 4
-    if typenode > (255 << 2):
-        typenode = gdb.Value(typenode).cast (gdb.lookup_type("TypeNode").pointer())
-    else:
-        typenode = lookup_fundamental_type (typenode)
-    if typenode != None:
-        return glib.g_quark_to_string (typenode["qname"])
-    return None
-
-def is_g_type_instance (val):
-    def is_g_type_instance_helper (type):
-        if str(type) == "GTypeInstance":
-            return True
-
-        while type.code == gdb.TYPE_CODE_TYPEDEF:
-            type = type.target()
-
-        if type.code != gdb.TYPE_CODE_STRUCT:
-            return False
-
-        fields = type.fields()
-        if len (fields) < 1:
-            return False
-
-        first_field = fields[0]
-        return is_g_type_instance_helper(first_field.type)
-
-    type = val.type
-    if type.code != gdb.TYPE_CODE_PTR:
-        return False
-    type = type.target()
-    return is_g_type_instance_helper (type)
-
-def g_type_name_from_instance (instance):
-    if long(instance) != 0:
-        try:
-            inst = instance.cast (gdb.lookup_type("GTypeInstance").pointer())
-            klass = inst["g_class"]
-            gtype = klass["g_type"]
-            name = g_type_to_name (gtype)
-            return name
-        except RuntimeError:
-            pass
-    return None
-
-class GTypePrettyPrinter:
-    "Prints a GType instance pointer"
-
-    def __init__ (self, val):
-        self.val = val
-
-    def to_string (self):
-        name = g_type_name_from_instance (self.val)
-        if name:
-            return ("0x%x [%s]")% (long(self.val), name)
-        return  ("0x%x") % (long(self.val))
-
-def pretty_printer_lookup (val):
-    if is_g_type_instance (val):
-        return GTypePrettyPrinter (val)
-
-    return None
-
-def get_signal_name (id):
-    if id == None:
-        return None
-    id = long(id)
-    if id == 0:
-        return None
-    val = read_global_var ("g_signal_nodes")
-    max_s = read_global_var ("g_n_signal_nodes")
-    max_s = long(max_s)
-    if id < max_s:
-        return val[id]["name"].string()
-    return None
-
-def frame_name(frame):
-    return str(frame.function())
-
-def frame_var(frame, var):
-    return frame.inferior_frame().read_var(var)
-
-
-class SignalFrame(FrameDecorator):
-    def __init__ (self, frames):
-        FrameDecorator.__init__(self, frames[-1])
-        self.frame = frames[-1]
-        self.frames = frames
-
-    def name (self):
-        return "signal-emission"
-
-    def read_var (self, frame, name, array = None):
-        try:
-            v = frame_var (frame, name)
-            if v == None or v.is_optimized_out:
-                return None
-            if array != None:
-                array.append (v)
-            return v
-        except ValueError:
-            return None
-
-    def read_object (self, frame, name, array = None):
-        try:
-            v = frame_var (frame, name)
-            if v == None or v.is_optimized_out:
-                return None
-            v = v.cast (gdb.lookup_type("GObject").pointer())
-            # Ensure this is a somewhat correct object pointer
-            if v != None and g_type_name_from_instance (v):
-                if array != None:
-                    array.append (v)
-                return v
-            return None
-        except ValueError:
-            return None
-
-    def append (self, array, obj):
-        if obj != None:
-            array.append (obj)
-
-    def or_join_array (self, array):
-        if len(array) == 0:
-            return "???"
-        else:
-            return ' or '.join(set(map(str, array)))
-
-    def get_detailed_signal_from_frame(self, frame, signal):
-        detail = self.read_var (frame, "detail")
-        detail = glib.g_quark_to_string (detail)
-        if detail is not None:
-            return signal + ":" + detail
-        else:
-            return detail
-
-    def function (self):
-        instances = []
-        signals = []
-
-        for frame in self.frames:
-            name = frame_name(frame)
-            if name == "signal_emit_unlocked_R":
-                self.read_object (frame, "instance", instances)
-                node = self.read_var (frame, "node")
-                if node:
-                    signal = node["name"].string()
-                    signal = self.get_detailed_signal_from_frame(frame, signal)
-                    self.append(signals, signal)
-
-            if name == "g_signal_emitv":
-                instance_and_params = self.read_var (frame, "instance_and_params")
-                if instance_and_params:
-                    instance = instance_and_params[0]["v_pointer"].cast (gdb.Type("GObject").pointer())
-                    self.append (instances, instance)
-                id = self.read_var (frame, "signal_id")
-                signal = get_signal_name (id)
-                if signal:
-                    signal = self.get_detailed_signal_from_frame(frame, signal)
-                    self.append (signals, signal)
-
-            if name == "g_signal_emit_valist" or name == "g_signal_emit":
-                self.read_object (frame, "instance", instances)
-                id = self.read_var (frame, "signal_id")
-                signal = get_signal_name (id)
-                if signal:
-                    signal = self.get_detailed_signal_from_frame(frame, signal)
-                    self.append (signals, signal)
-
-            if name == "g_signal_emit_by_name":
-                self.read_object (frame, "instance", instances)
-                self.read_var (frame, "detailed_signal", signals)
-                break
-
-        instance = self.or_join_array (instances)
-        signal = self.or_join_array (signals)
-
-        return "<emit signal %s on instance %s>" %  (signal, instance)
-
-    def elided (self):
-        return self.frames[0:-1]
-
-    def describe (self, stream, full):
-        stream.write (" " + self.function () + "\n")
-
-class GFrameDecorator:
-    def __init__ (self, iter):
-        self.queue = []
-        self.iter = iter
-
-    def __iter__ (self):
-        return self
-
-    def fill (self):
-        while len(self.queue) <= 8:
-            try:
-                f = next(self.iter)
-                self.queue.append (f)
-            except StopIteration:
-                return
-
-    def find_signal_emission (self):
-        for i in range (min (len(self.queue), 3)):
-            if frame_name(self.queue[i]) == "signal_emit_unlocked_R":
-                return i
-        return -1
-
-    def next (self):
-        # Ensure we have enough frames for a full signal emission
-        self.fill()
-
-        # Are we at the end?
-        if len(self.queue) == 0:
-            raise StopIteration
-
-        emission = self.find_signal_emission ()
-        if emission > 0:
-            start = emission
-            while True:
-                if start == 0:
-                    break
-                prev_name = frame_name(self.queue[start-1])
-                if prev_name.find("_marshal_") >= 0 or prev_name == "g_closure_invoke":
-                    start = start - 1
-                else:
-                    break
-            end = emission + 1
-            while end < len(self.queue):
-                if frame_name(self.queue[end]) in ["g_signal_emitv",
-                                                   "g_signal_emit_valist",
-                                                   "g_signal_emit",
-                                                   "g_signal_emit_by_name",
-                                                   "_g_closure_invoke_va"]:
-                    end = end + 1
-                else:
-                    break
-
-            signal_frames = self.queue[start:end]
-            new_frames = [SignalFrame(signal_frames)]
-            self.queue[start:end] = new_frames
-
-        return self.queue.pop(0)
-
-    def __next__ (self):
-        return self.next()
-
-class GFrameFilter(object):
-    name = 'glib'
-    enabled = True
-    priority = 100
-
-    def filter(self, iterator):
-        return GFrameDecorator(iterator)
-
-def register (obj):
-    if obj == None:
-        obj = gdb
-
-    if HAVE_GDB_FRAMEDECORATOR:
-        filter = GFrameFilter()
-        obj.frame_filters[filter.name] = filter
-    obj.pretty_printers.append(pretty_printer_lookup)
diff --git a/msys2/usr/share/glib-2.0/gdb/gobject_gdb.py b/msys2/usr/share/glib-2.0/gdb/gobject_gdb.py
new file mode 100644
index 000000000..8c3022031
--- /dev/null
+++ b/msys2/usr/share/glib-2.0/gdb/gobject_gdb.py
@@ -0,0 +1,295 @@
+import os.path
+import gdb
+import glib_gdb
+import sys
+
+if sys.version_info[0] >= 3:
+    long = int
+else:
+    import itertools
+    map = itertools.imap
+
+# FrameDecorator is new in gdb 7.7, so we adapt to its absence.
+try:
+    import gdb.FrameDecorator
+    HAVE_GDB_FRAMEDECORATOR = True
+    FrameDecorator = gdb.FrameDecorator.FrameDecorator
+except ImportError:
+    HAVE_GDB_FRAMEDECORATOR = False
+
+# This is not quite right, as local vars may override symname
+def read_global_var (symname):
+    return gdb.selected_frame().read_var(symname)
+
+def g_type_to_name (gtype):
+    def lookup_fundamental_type (typenode):
+        if typenode == 0:
+            return None
+        val = read_global_var ("static_fundamental_type_nodes")
+        if val == None:
+            return None
+        return val[typenode >> 2].address()
+
+    gtype = long(gtype)
+    typenode = gtype - gtype % 4
+    if typenode > (255 << 2):
+        typenode = gdb.Value(typenode).cast (gdb.lookup_type("TypeNode").pointer())
+    else:
+        typenode = lookup_fundamental_type (typenode)
+    if typenode != None:
+        return glib_gdb.g_quark_to_string (typenode["qname"])
+    return None
+
+def is_g_type_instance (val):
+    def is_g_type_instance_helper (type):
+        if str(type) == "GTypeInstance":
+            return True
+
+        while type.code == gdb.TYPE_CODE_TYPEDEF:
+            type = type.target()
+
+        if type.code != gdb.TYPE_CODE_STRUCT:
+            return False
+
+        fields = type.fields()
+        if len (fields) < 1:
+            return False
+
+        first_field = fields[0]
+        return is_g_type_instance_helper(first_field.type)
+
+    type = val.type
+    if type.code != gdb.TYPE_CODE_PTR:
+        return False
+    type = type.target()
+    return is_g_type_instance_helper (type)
+
+def g_type_name_from_instance (instance):
+    if long(instance) != 0:
+        try:
+            inst = instance.cast (gdb.lookup_type("GTypeInstance").pointer())
+            klass = inst["g_class"]
+            gtype = klass["g_type"]
+            name = g_type_to_name (gtype)
+            return name
+        except RuntimeError:
+            pass
+    return None
+
+class GTypePrettyPrinter:
+    "Prints a GType instance pointer"
+
+    def __init__ (self, val):
+        self.val = val
+
+    def to_string (self):
+        name = g_type_name_from_instance (self.val)
+        if name:
+            return ("0x%x [%s]")% (long(self.val), name)
+        return  ("0x%x") % (long(self.val))
+
+def pretty_printer_lookup (val):
+    if is_g_type_instance (val):
+        return GTypePrettyPrinter (val)
+
+    return None
+
+def get_signal_name (id):
+    if id == None:
+        return None
+    id = long(id)
+    if id == 0:
+        return None
+    val = read_global_var ("g_signal_nodes")
+    max_s = read_global_var ("g_n_signal_nodes")
+    max_s = long(max_s)
+    if id < max_s:
+        return val[id]["name"].string()
+    return None
+
+def frame_name(frame):
+    return str(frame.function())
+
+def frame_var(frame, var):
+    return frame.inferior_frame().read_var(var)
+
+
+class SignalFrame(FrameDecorator):
+    def __init__ (self, frames):
+        FrameDecorator.__init__(self, frames[-1])
+        self.frame = frames[-1]
+        self.frames = frames
+
+    def name (self):
+        return "signal-emission"
+
+    def read_var (self, frame, name, array = None):
+        try:
+            v = frame_var (frame, name)
+            if v == None or v.is_optimized_out:
+                return None
+            if array != None:
+                array.append (v)
+            return v
+        except ValueError:
+            return None
+
+    def read_object (self, frame, name, array = None):
+        try:
+            v = frame_var (frame, name)
+            if v == None or v.is_optimized_out:
+                return None
+            v = v.cast (gdb.lookup_type("GObject").pointer())
+            # Ensure this is a somewhat correct object pointer
+            if v != None and g_type_name_from_instance (v):
+                if array != None:
+                    array.append (v)
+                return v
+            return None
+        except ValueError:
+            return None
+
+    def append (self, array, obj):
+        if obj != None:
+            array.append (obj)
+
+    def or_join_array (self, array):
+        if len(array) == 0:
+            return "???"
+        else:
+            return ' or '.join(set(map(str, array)))
+
+    def get_detailed_signal_from_frame(self, frame, signal):
+        detail = self.read_var (frame, "detail")
+        detail = glib_gdb.g_quark_to_string (detail)
+        if detail is not None:
+            return signal + ":" + detail
+        else:
+            return detail
+
+    def function (self):
+        instances = []
+        signals = []
+
+        for frame in self.frames:
+            name = frame_name(frame)
+            if name == "signal_emit_unlocked_R":
+                self.read_object (frame, "instance", instances)
+                node = self.read_var (frame, "node")
+                if node:
+                    signal = node["name"].string()
+                    signal = self.get_detailed_signal_from_frame(frame, signal)
+                    self.append(signals, signal)
+
+            if name == "g_signal_emitv":
+                instance_and_params = self.read_var (frame, "instance_and_params")
+                if instance_and_params:
+                    instance = instance_and_params[0]["v_pointer"].cast (gdb.Type("GObject").pointer())
+                    self.append (instances, instance)
+                id = self.read_var (frame, "signal_id")
+                signal = get_signal_name (id)
+                if signal:
+                    signal = self.get_detailed_signal_from_frame(frame, signal)
+                    self.append (signals, signal)
+
+            if name == "g_signal_emit_valist" or name == "g_signal_emit":
+                self.read_object (frame, "instance", instances)
+                id = self.read_var (frame, "signal_id")
+                signal = get_signal_name (id)
+                if signal:
+                    signal = self.get_detailed_signal_from_frame(frame, signal)
+                    self.append (signals, signal)
+
+            if name == "g_signal_emit_by_name":
+                self.read_object (frame, "instance", instances)
+                self.read_var (frame, "detailed_signal", signals)
+                break
+
+        instance = self.or_join_array (instances)
+        signal = self.or_join_array (signals)
+
+        return "<emit signal %s on instance %s>" %  (signal, instance)
+
+    def elided (self):
+        return self.frames[0:-1]
+
+    def describe (self, stream, full):
+        stream.write (" " + self.function () + "\n")
+
+class GFrameDecorator:
+    def __init__ (self, iter):
+        self.queue = []
+        self.iter = iter
+
+    def __iter__ (self):
+        return self
+
+    def fill (self):
+        while len(self.queue) <= 8:
+            try:
+                f = next(self.iter)
+                self.queue.append (f)
+            except StopIteration:
+                return
+
+    def find_signal_emission (self):
+        for i in range (min (len(self.queue), 3)):
+            if frame_name(self.queue[i]) == "signal_emit_unlocked_R":
+                return i
+        return -1
+
+    def next (self):
+        # Ensure we have enough frames for a full signal emission
+        self.fill()
+
+        # Are we at the end?
+        if len(self.queue) == 0:
+            raise StopIteration
+
+        emission = self.find_signal_emission ()
+        if emission > 0:
+            start = emission
+            while True:
+                if start == 0:
+                    break
+                prev_name = frame_name(self.queue[start-1])
+                if prev_name.find("_marshal_") >= 0 or prev_name == "g_closure_invoke":
+                    start = start - 1
+                else:
+                    break
+            end = emission + 1
+            while end < len(self.queue):
+                if frame_name(self.queue[end]) in ["g_signal_emitv",
+                                                   "g_signal_emit_valist",
+                                                   "g_signal_emit",
+                                                   "g_signal_emit_by_name",
+                                                   "_g_closure_invoke_va"]:
+                    end = end + 1
+                else:
+                    break
+
+            signal_frames = self.queue[start:end]
+            new_frames = [SignalFrame(signal_frames)]
+            self.queue[start:end] = new_frames
+
+        return self.queue.pop(0)
+
+    def __next__ (self):
+        return self.next()
+
+class GFrameFilter(object):
+    name = 'glib'
+    enabled = True
+    priority = 100
+
+    def filter(self, iterator):
+        return GFrameDecorator(iterator)
+
+def register (obj):
+    if obj == None:
+        obj = gdb
+
+    if HAVE_GDB_FRAMEDECORATOR:
+        filter = GFrameFilter()
+        obj.frame_filters[filter.name] = filter
+    obj.pretty_printers.append(pretty_printer_lookup)
diff --git a/msys2/usr/share/glib-2.0/schemas/gschema.dtd b/msys2/usr/share/glib-2.0/schemas/gschema.dtd
index 00e3a1653..8cd552d4a 100644
--- a/msys2/usr/share/glib-2.0/schemas/gschema.dtd
+++ b/msys2/usr/share/glib-2.0/schemas/gschema.dtd
@@ -1,4 +1,4 @@
-<!ELEMENT schemalist (schema|enum)* >
+<!ELEMENT schemalist (schema|enum|flags)* >
 <!ATTLIST schemalist gettext-domain CDATA #IMPLIED >
 
 <!ELEMENT schema (key|child|override)* >
@@ -47,7 +47,8 @@
 
 <!-- range is only allowed for keys with numeric type -->
 <!ELEMENT range EMPTY >
-<!-- min and max must be parseable as values of the key type and min < max -->
+<!-- min and max must be parseable as values of the key type and
+     min must be less than or equal to max -->
 <!ATTLIST range min CDATA #REQUIRED
                 max CDATA #REQUIRED >
 
diff --git a/msys2/usr/share/gnupg/FAQ b/msys2/usr/share/gnupg/FAQ
deleted file mode 100644
index 32d074426..000000000
--- a/msys2/usr/share/gnupg/FAQ
+++ /dev/null
@@ -1,13 +0,0 @@
-GnuPG Frequently Asked Questions
-
-A FAQ is a fast moving target and thus we don't distribute it anymore
-with GnuPG.  You may retrieve the current FAQ in HTML format at
-
-  http://www.gnupg.org/faq/GnuPG-FAQ.html
-
-or in plain text format at the FTP server:
-
-  ftp://ftp.gnupg.org/gcrypt/gnupg/GnuPG-FAQ.txt
-
-
-
diff --git a/msys2/usr/share/gnupg/distsigkey.gpg b/msys2/usr/share/gnupg/distsigkey.gpg
new file mode 100644
index 000000000..219b7edbb
Binary files /dev/null and b/msys2/usr/share/gnupg/distsigkey.gpg differ
diff --git a/msys2/usr/share/gnupg/help.be.txt b/msys2/usr/share/gnupg/help.be.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.be.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.ca.txt b/msys2/usr/share/gnupg/help.ca.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.ca.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.cs.txt b/msys2/usr/share/gnupg/help.cs.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.cs.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.da.txt b/msys2/usr/share/gnupg/help.da.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.da.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.de.txt b/msys2/usr/share/gnupg/help.de.txt
new file mode 100644
index 000000000..ce0ce148f
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.de.txt
@@ -0,0 +1,279 @@
+# help.de.txt - German GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+# Die Datei help.txt beschreibt das verwendete Format.
+# Diese Datei muß UTF-8 kodiert sein.
+
+
+.#pinentry.qualitybar.tooltip
+# Dies ist lediglich eine kommentiertes Beispiel.  Es ist am sinnvolssten
+# einen individuellen Text in /etc/gnupg/help.de.txt zu erstellen.
+Die Qualität der Passphrase, die Sie oben eingegeben haben.  Bitte
+fragen sie Ihren Systembeauftragten nach den Kriterien für die Messung
+der Qualität.
+.
+
+
+
+
+.gpg.edit_ownertrust.value
+Sie müssen selbst entscheiden, welchen Wert Sie hier eintragen; dieser Wert
+wird niemals an eine dritte Seite weitergegeben.  Wir brauchen diesen Wert,
+um das "Netz des Vertrauens" aufzubauen.  Dieses hat nichts mit dem
+(implizit erzeugten) "Netz der Zertifikate" zu tun.
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Um das Web-of-Trust aufzubauen muß GnuPG wissen, welchen Schlüsseln
+ultimativ vertraut wird. Das sind üblicherweise die Schlüssel
+auf deren geheimen Schlüssel Sie Zugruff haben.
+Antworten Sie mit "yes" um diesen Schlüssel ultimativ zu vertrauen
+
+.
+
+.gpg.untrusted_key.override
+Wenn Sie diesen nicht vertrauenswürdigen Schlüssel trotzdem benutzen wollen,
+so antworten Sie mit "ja".
+.
+
+.gpg.pklist.user_id.enter
+Geben Sie die User-ID dessen ein, dem Sie die Botschaft senden wollen.
+.
+
+.gpg.keygen.algo
+Wählen Sie das zu verwendene Verfahren.
+
+DSA (alias DSS) ist der "Digital Signature Algorithm" und kann nur für
+Unterschriften genutzt werden.
+
+Elgamal ist ein Verfahren nur für Verschlüsselung.
+
+RSA kann sowohl für Unterschriften als auch für Verschlüsselung genutzt
+werden.
+
+Der erste Schlüssel (Hauptschlüssel) muß immer ein Schlüssel sein, mit dem
+unterschrieben werden kann.
+.
+
+.gpg.keygen.algo.rsa_se
+Normalerweise ist es nicht gut, denselben Schlüssel zum unterschreiben
+und verschlüsseln zu nutzen.  Dieses Verfahren sollte in speziellen
+Anwendungsgebiten benutzt werden.  Bitte lassen Sie sich zuerst von
+einem Sicherheistexperten beraten.
+.
+
+.gpg.keygen.size
+Wählen Sie die gewünschte Schlüssellänge
+.
+
+.gpg.keygen.size.huge.okay
+Geben Sie "ja" oder "nein" ein
+.
+
+.gpg.keygen.size.large.okay
+Geben Sie "ja" oder "nein" ein
+.
+
+.gpg.keygen.valid
+Geben Sie den benötigten Wert so an, wie er im Prompt erscheint.
+Es ist zwar möglich ein "ISO"-Datum (JJJJ-MM-DD) einzugeben, aber man
+erhält dann ggfs. keine brauchbaren Fehlermeldungen - stattdessen versucht
+der Rechner den Wert als Intervall (von-bis) zu deuten.
+.
+
+.gpg.keygen.valid.okay
+Geben Sie "ja" oder "nein" ein
+.
+
+.gpg.keygen.name
+Geben Sie den Namen des Schlüsselinhabers ein.
+Beispiel: Heinrich Heine.
+.
+
+.gpg.keygen.email
+Geben Sie eine Email-Adresse ein. Dies ist zwar nicht unbedingt notwendig,
+aber sehr empfehlenswert.
+Beispiel: heinrichh@duesseldorf.de
+.
+
+.gpg.keygen.comment
+Geben Sie - bei Bedarf - einen Kommentar ein.
+.
+
+.gpg.keygen.userid.cmd
+N  um den Namen zu ändern.
+K  um den Kommentar zu ändern.
+E  um die Email-Adresse zu ändern.
+F  um mit der Schlüsselerzeugung fortzusetzen.
+B  um die Schlüsselerzeugung abbrechen.
+.
+
+.gpg.keygen.sub.okay
+Geben Sie "ja" (oder nur "j") ein, um den Unterschlüssel zu erzeugen.
+.
+
+.gpg.sign_uid.okay
+Geben Sie "ja" oder "nein" ein
+.
+
+.gpg.sign_uid.class
+Wenn Sie die User-ID eines Schlüssels beglaubigen wollen, sollten Sie zunächst
+sicherstellen, daß der Schlüssel demjenigen gehört, der in der User-ID genannt
+ist. Für Dritte ist es hilfreich zu wissen, wie gut diese Zuordnung überprüft
+wurde.
+
+"0" zeigt, daß Sie keine bestimmte Aussage über die Sorgfalt der
+    Schlüsselzuordnung machen.
+
+"1" Sie glauben, daß der Schlüssel der benannten Person gehört,
+    aber Sie konnten oder nahmen die Überpüfung überhaupt nicht vor.
+    Dies ist hilfreich für eine "persona"-Überprüfung, wobei man den
+    Schlüssel eines Pseudonym-Trägers beglaubigt
+
+"2" Sie nahmen eine flüchtige Überprüfung vor. Das heißt Sie haben z.B.
+    den Schlüsselfingerabdruck kontrolliert und die User-ID des Schlüssels
+    anhand des Fotos geprüft.
+
+"3" Sie haben eine ausführlich Kontrolle des Schlüssels vorgenommen.
+    Das kann z.B. die Kontrolle des Schlüsselfingerabdrucks mit dem
+    Schlüsselinhaber persönlich vorgenommen haben; daß Sie die User-ID des
+    Schlüssel anhand einer schwer zu fälschenden Urkunde mit Foto (wie z.B.
+    einem Paß) abgeglichen haben und schließlich per Email-Verkehr die
+    Email-Adresse als zum Schlüsselbesitzer gehörig erkannt haben.
+
+Beachten Sie, daß diese Beispiele für die Antworten 2 und 3 *nur* Beispiele
+sind.  Schlußendlich ist es Ihre Sache, was Sie unter "flüchtig" oder
+ "ausführlich" verstehen, wenn Sie Schlüssel Dritter beglaubigen.
+
+Wenn Sie nicht wissen, wie Sie antworten sollen, wählen Sie "0".
+.
+
+.gpg.change_passwd.empty.okay
+Geben Sie "ja" oder "nein" ein
+.
+
+.gpg.keyedit.save.okay
+Geben Sie "ja" oder "nein" ein
+.
+
+.gpg.keyedit.cancel.okay
+Geben Sie "ja" oder "nein" ein
+.
+
+.gpg.keyedit.sign_all.okay
+Geben Sie "ja" (oder nur "j") ein, um alle User-IDs zu beglaubigen
+.
+
+.gpg.keyedit.remove.uid.okay
+Geben Sie "ja" (oder nur "j") ein, um diese User-ID zu LÖSCHEN.
+Alle Zertifikate werden dann auch weg sein!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Geben Sie "ja" (oder nur "j") ein, um diesen Unterschlüssel zu löschen
+.
+
+.gpg.keyedit.delsig.valid
+Dies ist eine gültige Beglaubigung für den Schlüssel. Es ist normalerweise
+unnötig sie zu löschen. Sie ist möglicherweise sogar notwendig, um einen
+Trust-Weg zu diesem oder einem durch diesen Schlüssel beglaubigten Schlüssel
+herzustellen.
+.
+
+.gpg.keyedit.delsig.unknown
+Diese Beglaubigung kann nicht geprüft werden, da Sie den passenden Schlüssel
+nicht besitzen. Sie sollten die Löschung der Beglaubigung verschieben, bis
+sie wissen, welcher Schlüssel verwendet wurde. Denn vielleicht würde genau
+diese Beglaubigung den "Trust"-Weg komplettieren.
+.
+
+.gpg.keyedit.delsig.invalid
+Diese Beglaubigung ist ungültig. Es ist sinnvoll sie aus Ihrem
+Schlüsselbund zu entfernen.
+.
+
+.gpg.keyedit.delsig.selfsig
+Diese Beglaubigung bindet die User-ID an den Schlüssel. Normalerweise ist
+es nicht gut, solche Beglaubigungen zu entfernen. Um ehrlich zu sein:
+Es könnte dann sein, daß GnuPG diesen Schlüssel gar nicht mehr benutzen kann.
+Sie sollten diese Eigenbeglaubigung also nur dann entfernen, wenn sie aus
+irgendeinem Grund nicht gültig ist und eine zweite Beglaubigung verfügbar ist.
+.
+
+.gpg.keyedit.updpref.okay
+Ändern der Voreinstellung aller User-IDs (oder nur der ausgewählten)
+auf die aktuelle Liste der Voreinstellung. Die Zeitangaben aller betroffenen
+Eigenbeglaubigungen werden um eine Sekunde vorgestellt.
+
+.
+
+.gpg.passphrase.enter
+Bitte geben Sie die Passphrase ein. Dies ist ein geheimer Satz
+
+.
+
+.gpg.passphrase.repeat
+Um sicher zu gehen, daß Sie sich bei der Eingabe der Passphrase nicht
+vertippt haben, geben Sie diese bitte nochmal ein.  Nur wenn beide Eingaben
+übereinstimmen, wird die Passphrase akzeptiert.
+.
+
+.gpg.detached_signature.filename
+Geben Sie den Namen der Datei an, zu dem die abgetrennte Unterschrift gehört
+.
+
+.gpg.openfile.overwrite.okay
+Geben Sie "ja" ein, wenn Sie die Datei überschreiben möchten
+.
+
+.gpg.openfile.askoutname
+Geben Sie bitte einen neuen Dateinamen ein. Falls Sie nur die
+Eingabetaste betätigen, wird der (in Klammern angezeigte) Standarddateiname
+verwendet.
+.
+
+.gpg.ask_revocation_reason.code
+Sie sollten einen Grund für die Zertifizierung angeben. Je nach
+Zusammenhang können Sie aus dieser Liste auswählen:
+  "Schlüssel wurde kompromitiert"
+      Falls Sie Grund zu der Annahme haben, daß nicht berechtigte Personen
+      Zugriff zu Ihrem geheimen Schlüssel hatten
+  "Schlüssel ist überholt"
+      Falls Sie diesen Schlüssel durch einem neuen ersetzt haben.
+  "Schlüssel wird nicht mehr benutzt"
+      Falls Sie diesen Schlüssel zurückgezogen haben.
+  "User-ID ist nicht mehr gültig"
+      Um bekanntzugeben, daß die User-ID nicht mehr benutzt werden soll.
+      So weist man normalerweise auf eine ungültige Emailadresse hin.
+
+.
+
+.gpg.ask_revocation_reason.text
+Wenn Sie möchten, können Sie hier einen Text eingeben, der darlegt, warum
+Sie diesen Widerruf herausgeben.  Der Text sollte möglichst knapp sein.
+Eine Leerzeile beendet die Eingabe.
+
+.
+
+
+
+# Local variables:
+# mode: default-generic
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.el.txt b/msys2/usr/share/gnupg/help.el.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.el.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.eo.txt b/msys2/usr/share/gnupg/help.eo.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.eo.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.es.txt b/msys2/usr/share/gnupg/help.es.txt
new file mode 100644
index 000000000..d59f2145c
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.es.txt
@@ -0,0 +1,251 @@
+# help.es.txt - es GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Está en su mano asignar un valor aquí. Dicho valor nunca será exportado a
+terceros. Es necesario para implementar la red de confianza, no tiene nada
+que ver con la red de certificados (implícitamente creada).
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Para construir la Red-de-Confianza, GnuPG necesita saber qué claves
+tienen confianza absoluta - normalmente son las claves para las que usted
+puede acceder a la clave secreta. Conteste "sí" para hacer que esta
+clave se considere como de total confianza
+
+.
+
+.gpg.untrusted_key.override
+Si quiere usar esta clave no fiable de todos modos, conteste "sí".
+.
+
+.gpg.pklist.user_id.enter
+Introduzca el ID de usuario al que quiere enviar el mensaje.
+.
+
+.gpg.keygen.algo
+Seleccione el algoritmo que usar.
+
+DSA (alias DSS) es el Algoritmo de Firma Digital y sólo se usa para firmas.
+
+Elgamal es un algoritmo sólo para cifrar.
+
+RSA sirve tanto para firmar como para cifrar.
+
+La primera clave (clave primaria) debe ser siempre de tipo capaz de firmar.
+.
+
+.gpg.keygen.algo.rsa_se
+En general no es una buena idea usar la misma clave para firmar y
+cifrar. Este algoritmo debéria usarse solo en ciertos contextos.
+Por favor consulte primero a un experto en seguridad.
+.
+
+.gpg.keygen.size
+Introduzca la longitud de la clave
+.
+
+.gpg.keygen.size.huge.okay
+Responda "sí" o "no"
+.
+
+.gpg.keygen.size.large.okay
+Responda "sí" o "no"
+.
+
+.gpg.keygen.valid
+Introduzca el valor requerido conforme se muestra.
+Es posible introducir una fecha ISO (AAAA-MM-DD), pero no se obtendrá una
+buena respuesta a los errores; el sistema intentará interpretar el valor
+introducido como un intervalo.
+.
+
+.gpg.keygen.valid.okay
+Responda "sí" o "no"
+.
+
+.gpg.keygen.name
+Introduzca el nombre del dueño de la clave
+.
+
+.gpg.keygen.email
+Introduzca una dirección de correo electrónico (opcional pero muy
+recomendable)
+.
+
+.gpg.keygen.comment
+Introduzca un comentario opcional
+.
+
+.gpg.keygen.userid.cmd
+N  para cambiar el nombre.
+C  para cambiar el comentario.
+E  para cambiar la dirección.
+O  para continuar con la generación de clave.
+S  para interrumpir la generación de clave.
+.
+
+.gpg.keygen.sub.okay
+Responda "sí" (o sólo "s") para generar la subclave.
+.
+
+.gpg.sign_uid.okay
+Responda "sí" o "no"
+.
+
+.gpg.sign_uid.class
+Cuando firme un ID de usuario en una clave, debería verificar que la clave
+pertenece a la persona que se nombra en el ID de usuario. Es útil para
+otros saber cómo de cuidadosamente lo ha verificado.
+
+"0" significa que no hace ninguna declaración concreta sobre como ha
+      comprobado la validez de la clave.
+
+"1" significa que cree que la clave pertenece a la persona que declara
+      poseerla pero no pudo o no verificó la clave en absoluto. Esto es útil
+      para una verificación en persona cuando firmas la clave de un usuario
+      pseudoanónimo.
+
+"2" significa que hizo una comprobación informal de la clave. Por ejemplo
+      podría querer decir que comprobó la huella dactilar de la clave y
+      comprobó el ID de usuario en la clave con un ID fotográfico.
+
+"3" significa que hizo una comprobación exhaustiva de la clave. Por
+      ejemplo verificando la huella dactilar de la clave con el propietario
+      de la clave, y que comprobó, mediante un documento difícil de falsificar
+      con ID fotográfico (como un pasaporte) que el nombre del poseedor de la
+      clave coincide con el ID de usuario en la clave y finalmente que verificó
+      (intercambiando email) que la dirección de email de la clave pertenece
+      al poseedor de la clave.
+
+Observe que los ejemplos dados en los niveles 2 y 3 son *solo* ejemplos.
+En definitiva, usted decide lo que significa "informal" y "exhaustivo"
+para usted cuando firma las claves de otros.
+
+Si no sabe qué contestar, conteste "0".
+.
+
+.gpg.change_passwd.empty.okay
+Responda "sí" o "no"
+.
+
+.gpg.keyedit.save.okay
+Responda "sí" o "no"
+.
+
+.gpg.keyedit.cancel.okay
+Responda "sí" o "no"
+.
+
+.gpg.keyedit.sign_all.okay
+Responda "sí" si quiere firmar TODOS los IDs de usuario
+.
+
+.gpg.keyedit.remove.uid.okay
+Responda "sí" si realmente quiere borrar este ID de usuario.
+¡También se perderán todos los certificados!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Responda "sí" si quiere borrar esta subclave
+.
+
+.gpg.keyedit.delsig.valid
+Esta es una firma válida de esta clave. Normalmente no será deseable
+borrar esta firma ya que puede ser importante para establecer una conexión
+de confianza con la clave o con otra clave certificada por ésta.
+.
+
+.gpg.keyedit.delsig.unknown
+Esta firma no puede ser comprobada porque no tiene Vd. la clave
+correspondiente. Debería posponer su borrado hasta conocer qué clave
+se usó, ya que dicha clave podría establecer una conexión de confianza
+a través de otra clave certificada.
+.
+
+.gpg.keyedit.delsig.invalid
+Esta firma no es válida. Tiene sentido borrarla de su anillo.
+.
+
+.gpg.keyedit.delsig.selfsig
+Esta es una firma que une el ID de usuario a la clave. No suele ser una
+buena idea borrar dichas firmas. De hecho, GnuPG podría no ser capaz de
+volver a usar esta clave. Así que bórrela tan sólo si esta autofirma no
+es válida por alguna razón y hay otra disponible.
+.
+
+.gpg.keyedit.updpref.okay
+Cambiar las preferencias de todos los IDs de usuario (o sólo los 
+seleccionados) a la lista actual de preferencias. El sello de tiempo
+de todas las autofirmas afectadas se avanzará en un segundo.
+
+.
+
+.gpg.passphrase.enter
+Por favor introduzca la contraseña: una frase secreta 
+
+.
+
+.gpg.passphrase.repeat
+Repita la última frase contraseña para asegurarse de lo que tecleó.
+.
+
+.gpg.detached_signature.filename
+Introduzca el nombre del fichero al que corresponde la firma
+.
+
+.gpg.openfile.overwrite.okay
+Responda "sí" para sobreescribir el fichero
+.
+
+.gpg.openfile.askoutname
+Introduzca un nuevo nombre de fichero. Si pulsa INTRO se usará el fichero
+por omisión (mostrado entre corchetes).
+.
+
+.gpg.ask_revocation_reason.code
+Debería especificar un motivo para la certificación. Dependiendo del
+contexto puede elegir una opción de esta lista:
+  "La clave ha sido comprometida"
+      Use esto si tiene razones para pensar que personas no autorizadas
+      tuvieron acceso a su clave secreta.
+  "La clave ha sido sustituida"
+      Use esto si ha reemplazado la clave por otra más nueva.
+  "La clave ya no está en uso"
+      Use esto si ha dejado de usar esta clave.
+  "La identificación de usuario ya no es válida"
+      Use esto para señalar que la identificación de usuario no debería
+      seguir siendo usada; esto se utiliza normalmente para marcar una
+      dirección de correo-e como inválida.
+
+.
+
+.gpg.ask_revocation_reason.text
+Si lo desea puede introducir un texto explicando por qué emite
+este certificado de revocación. Por favor, que el texto sea breve.
+Una línea vacía pone fin al texto.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.et.txt b/msys2/usr/share/gnupg/help.et.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.et.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.fi.txt b/msys2/usr/share/gnupg/help.fi.txt
new file mode 100644
index 000000000..4286cc0d4
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.fi.txt
@@ -0,0 +1,256 @@
+# help.fi.txt - fi GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Tämän arvon määrittäminen on sinun tehtäväsi, tätä arvoa ei koskaan 
+kerrota kolmansille osapuolille. Tarvitsemme sitä toteuttamaan 
+luottamusverkko eikä sillä ei ole mitään tekemistä (epäsuorasti luotujen) 
+varmenneverkkojen kanssa.
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Rakentaakseen luottamusverkon, GnuPG:n täytyy tietää mihin avaimiin 
+luotetaan ehdottomasti - nämä ovat tavallisesti ne avaimet, joiden salainen 
+pari on sinulla.  Vastaa "kyllä" luottaaksesi tähän avaimeen ehdoitta
+
+.
+
+.gpg.untrusted_key.override
+Vastaa "kyllä" jos haluat kaikesta huolimatta käyttää tätä epäluotettavaa
+avainta.
+.
+
+.gpg.pklist.user_id.enter
+Syötä vastaanottajan, jolle haluat lähettää viestin, käyttäjätunnus.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.gpg.keygen.algo.rsa_se
+Yleensä ei ole järkevää käyttää samaa avainta allekirjoitukseen
+ja salaamiseen. Tätä algorimiä tulisi käyttää vain määrätyissä ympäristöissä.
+Ole hyvä ja kysy tietoturva-asiantuntijaltasi ensin
+.
+
+.gpg.keygen.size
+Syötä avaimen koko
+.
+
+.gpg.keygen.size.huge.okay
+Vastaa "kyllä" tai " ei"
+.
+
+.gpg.keygen.size.large.okay
+Vastaa "kyllä" tai " ei"
+.
+
+.gpg.keygen.valid
+Syötä pyydetty arvo kuten näkyy kehotteessa.
+On mahdollista syöttää ISO-muotoinen päivä (VVVV-KK-PP),
+mutta sen seurauksena et saa kunnollista virheilmoitusta 
+vaan järjestelmä yrittää tulkita arvon aikajaksona.
+.
+
+.gpg.keygen.valid.okay
+Vastaa "kyllä" tai " ei"
+.
+
+.gpg.keygen.name
+Anna avaimen haltijan nimi
+.
+
+.gpg.keygen.email
+anna vapaaehtoinen, mutta erittäin suositeltava sähköpostiosoite
+.
+
+.gpg.keygen.comment
+Kirjoita vapaaehtoinen huomautus
+.
+
+.gpg.keygen.userid.cmd
+N   muuta nimeä
+C   muuta kommenttia
+E   muuta sähköpostiosoitetta
+O   jatka avaimen luomista
+L   lopeta
+.
+
+.gpg.keygen.sub.okay
+Vastaa "kyllä" (tai vain "k") jos haluat luoda aliavaimen.
+.
+
+.gpg.sign_uid.okay
+Vastaa "kyllä" tai " ei"
+.
+
+.gpg.sign_uid.class
+Allekirjoittaessasi avaimen käyttäjätunnuksen sinun tulisi varmista, että 
+avain todella kuuluu henkilölle, joka mainitaan käyttäjätunnuksessa.  Muiden 
+on hyvä tietää kuinka huolellisesti olet varmistanut tämän. 
+
+"0" tarkoittaa, että et väitä mitään siitä, kuinka huolellisesti olet
+    varmistanut avaimen.
+
+"1" tarkoittaa, että uskot avaimen kuuluvan henkilölle, joka väittää 
+    hallitsevan sitä, mutta et voinut varmistaa tai et varmistanut avainta 
+    lainkaan.  Tämä on hyödyllinen "persoonan" varmistamiseen, jossa 
+    allekirjoitat pseudonyymin käyttäjän avaimen.
+
+"2" tarkoittaa arkista varmistusta.  Esimerkiksi olet varmistanut 
+    avaimen sormenjäljen ja tarkistanut käyttäjätunnuksen ja 
+    valokuvatunnisteen täsmäävän.
+
+"3" tarkoittaa syvällistä henkilöllisyyden varmistamista.  Esimerkiksi 
+    tämä voi tarkoittaa avaimen sormenjäljen tarkistamista avaimen haltijan 
+    kanssa henkilökohtaisesti, ja että tarkistit nimen avaimessa täsmäävän 
+    vaikeasti väärennettävän kuvallisen henkilöllisyystodistuksen (kuten 
+    passi) kanssa, ja lopuksi varmistit (sähköpostin vaihtamisella), että 
+    sähköpostiosoite kuuluu avaimen haltijalle.
+
+Huomaa, että yllä annetut esimerkit tasoille 2 ja 3 ovat todellakin *vain* 
+esimerkkejä.  Lopullisesti se on sinun päätöksesi mitä "arkinen" ja 
+"syvällinen" tarkoittaa allekirjoittaessasi muita avaimia.
+
+Jos et tiedä mikä olisi sopiva vastaus, vastaa "0".
+.
+
+.gpg.change_passwd.empty.okay
+Vastaa "kyllä" tai " ei"
+.
+
+.gpg.keyedit.save.okay
+Vastaa "kyllä" tai " ei"
+.
+
+.gpg.keyedit.cancel.okay
+Vastaa "kyllä" tai " ei"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.gpg.keyedit.remove.uid.okay
+Vastaa "kyllä", jos haluat poistaa tämän käyttäjätunnuksen.
+Menetät samalla kaikki siihen liittyvät varmenteet!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Vastaa "kyllä", jos aliavaimen voi poistaa
+.
+
+.gpg.keyedit.delsig.valid
+Tämä on voimassa oleva allekirjoitus tälle avaimelle, tavallisesti ei 
+kannata poistaa tätä allekirjoitusta koska se saattaa olla tarpeen
+luottamussuhteen luomiseksi avaimeen tai johonkin toiseen tämän avaimen
+varmentamaan avaimeen.
+.
+
+.gpg.keyedit.delsig.unknown
+Allekirjoitusta ei voida tarkistaa koska sinulla ei ole 
+siihen liittyvää avainta. Lykkää sen poistamista kunnes
+ tiedät mitä avainta on käytetty, koska allekirjoitus 
+avain saattaa luoda luottamusketjun toisen, jo ennalta 
+varmennetun avaimen kautta.
+.
+
+.gpg.keyedit.delsig.invalid
+Allekirjoitus ei ole pätevä.  Järkevintä olisi poistaa se 
+avainrenkaastasi.
+.
+
+.gpg.keyedit.delsig.selfsig
+Tämä allekirjoitus takaa avaimen haltijan henkilöllisyyden. 
+Tällaisen allekirjoituksen poistaminen on tavallisesti huono 
+ajatus.  GnuPG ei kenties voi käyttää avainta enää.  Poista 
+allekirjoitus vain, jos se ei ole jostain syystä pätevä, ja 
+avaimella on jo toinen allekirjoitus.
+.
+
+.gpg.keyedit.updpref.okay
+Muuta valinnat kaikille käyttäjätunnuksille (tai vain valituille)
+nykyiseen luetteloon valinnoista.  Kaikkien muutettujen
+oma-allekirjoitusten aikaleima siirretään yhdellä sekunnilla eteenpäin.
+
+.
+
+.gpg.passphrase.enter
+Ole hyvä ja syötä salasana, tämän on salainen lause 
+
+.
+
+.gpg.passphrase.repeat
+Toista edellinen salasanasi varmistuaksesi siitä, mitä kirjoitit.
+.
+
+.gpg.detached_signature.filename
+Anna allekirjoitetun tiedoston nimi
+.
+
+.gpg.openfile.overwrite.okay
+Vastaa "kyllä", jos tiedoston voi ylikirjoittaa
+.
+
+.gpg.openfile.askoutname
+Syötä uusi tiedostonimi. Jos painat vain RETURN, käytetään
+oletustiedostoa (joka näkyy sulkeissa).
+.
+
+.gpg.ask_revocation_reason.code
+Sinun tulisi määrittää syy varmenteelle. Riippuen asiayhteydestä
+voit valita tästä listasta:
+  "Avain on paljastunut"
+      Käytä tätä, jos sinulla on syytä uskoa, että luvattomat henkilöt 
+      ovat saaneet salaisen avaimesi käsiinsä.
+  "Avain on korvattu"
+      Käytä tätä, jos olet korvannut tämän uudemmalla avaimella.
+  "Avain ei ole enää käytössä"
+      Käytä tätä, jost ole lopettanut tämän avaimen käytön.
+  "Käyttäjätunnus ei ole enää voimassa"
+      Käytä tätä ilmoittamaan, että käyttäjätunnusta ei pitäisi käyttää;
+      tätä normaalisti käytetään merkitsemään sähköpostiosoite vanhenneeksi.
+
+.
+
+.gpg.ask_revocation_reason.text
+Halutessasi voit kirjoittaa tähän kuvauksen miksi julkaiset tämän
+mitätöintivarmenteen.  Kirjoita lyhyesti.
+Tyhjä rivi päättää tekstin.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.fr.txt b/msys2/usr/share/gnupg/help.fr.txt
new file mode 100644
index 000000000..4e4e7da5c
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.fr.txt
@@ -0,0 +1,256 @@
+# help.fr.txt - fr GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+C'est à vous d'assigner une valeur ici; cette valeur ne sera jamais
+envoyée à une tierce personne. Nous en avons besoin pour créer le réseau
+de confiance (web-of-trust); cela n'a rien à voir avec le réseau des
+certificats (créé implicitement)
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Pour mettre en place le Réseau de confiance (Web of Trust), GnuPG a
+besoin de savoir en quelles clés votre confiance est ultime - ce sont
+en général les clés dont vous avez accès à la clé secrète. Répondez
+"oui" pour indiquer que votre confiance en cette clé est ultime
+
+.
+
+.gpg.untrusted_key.override
+Si vous voulez utiliser cette clé peu sûre quand-même, répondez «oui».
+.
+
+.gpg.pklist.user_id.enter
+Entrez le nom d'utilisateur de la personne à qui vous voulez envoyer
+le message.
+.
+
+.gpg.keygen.algo
+Sélectionnez l'algorithme à utiliser.
+
+DSA (connu également sous le nom de DSS) est un algorithme de signature
+digitale et ne peut être utilisé que pour des signatures.
+
+Elgamal est un algorithme pour le chiffrement seul.
+
+RSA peut être utilisé pour les signatures et le chiffrement.
+
+La première clé (clé principale) doit toujours être une clé capable
+de signer.
+.
+
+.gpg.keygen.algo.rsa_se
+En général ce n'est pas une bonne idée d'utiliser la même clé pour
+signer et pour chiffrer. Cet algorithme ne doit être utilisé que
+pour certains domaines.
+Consultez votre expert en sécurité d'abord.
+.
+
+.gpg.keygen.size
+Entrez la taille de la clé
+.
+
+.gpg.keygen.size.huge.okay
+Répondez «oui» ou «non»
+.
+
+.gpg.keygen.size.large.okay
+Répondez «oui» ou «non»
+.
+
+.gpg.keygen.valid
+Entrez la valeur demandée comme indiqué dans la ligne de commande.
+On peut entrer une date ISO (AAAA-MM-JJ) mais le résultat d'erreur sera
+mauvais - le système essaierait d'interpréter la valeur donnée comme un
+intervalle.
+.
+
+.gpg.keygen.valid.okay
+Répondez «oui» ou «non»
+.
+
+.gpg.keygen.name
+Entrez le nom du propriétaire de la clé
+.
+
+.gpg.keygen.email
+entrez une adresse e-mail optionnelle mais hautement recommandée
+.
+
+.gpg.keygen.comment
+Entrez un commentaire optionnel
+.
+
+.gpg.keygen.userid.cmd
+N pour changer le nom.
+C pour changer le commentaire.
+E pour changer l'adresse e-mail.
+O pour continuer à générer la clé.
+Q pour arrêter de générer de clé.
+.
+
+.gpg.keygen.sub.okay
+Répondez «oui» (ou simplement «o») pour générer la sous-clé
+.
+
+.gpg.sign_uid.okay
+Répondez «oui» ou «non»
+.
+
+.gpg.sign_uid.class
+Quand vous signez un nom d'utilisateur d'une clé, vous devriez d'abord
+vérifier que la clé appartient à la personne nommée. Il est utile que
+les autres personnes sachent avec quel soin vous l'avez vérifié.
+
+"0" signifie que vous n'avez pas d'opinon.
+
+"1" signifie que vous croyez que la clé appartient à la personne qui
+dit la posséder mais vous n'avez pas pu vérifier du tout la clé.
+C'est utile lorsque vous signez la clé d'un pseudonyme.
+
+"2" signifie que vous avez un peu vérifié la clé. Par exemple, cela
+pourrait être un vérification de l'empreinte et du nom de
+l'utilisateur avec la photo.
+
+"3" signifie que vous avez complètement vérifié la clé. Par exemple,
+cela pourrait être une vérification de l'empreinte, du nom de
+l'utilisateur avec un document difficile à contrefaire (comme un
+passeport) et de son adresse e-mail (vérifié par un échange de
+courrier électronique).
+
+Notez bien que les exemples donnés ci-dessus pour les niveaux 2 et
+3 ne sont *que* des exemples.
+C'est à vous de décider quelle valeur mettre quand vous signez
+les clés des autres personnes.
+
+Si vous ne savez pas quelle réponse est la bonne, répondez "0".
+.
+
+.gpg.change_passwd.empty.okay
+Répondez «oui» ou «non»
+.
+
+.gpg.keyedit.save.okay
+Répondez «oui» ou «non»
+.
+
+.gpg.keyedit.cancel.okay
+Répondez «oui» ou «non»
+.
+
+.gpg.keyedit.sign_all.okay
+Répondez «oui» si vous voulez signer TOUS les noms d'utilisateurs
+.
+
+.gpg.keyedit.remove.uid.okay
+Répondez «oui» si vous voulez vraiment supprimer ce nom
+d'utilisateur. Tous les certificats seront alors perdus en même temps !
+.
+
+.gpg.keyedit.remove.subkey.okay
+Répondez «oui» s'il faut vraiment supprimer la sous-clé
+.
+
+.gpg.keyedit.delsig.valid
+C'est une signature valide dans la clé; vous n'avez pas normalement
+intérêt à supprimer cette signature car elle peut être importante pour
+établir une connection de confiance vers la clé ou une autre clé certifiée
+par celle-là.
+.
+
+.gpg.keyedit.delsig.unknown
+Cette signature ne peut pas être vérifiée parce que vous n'avez pas la
+clé correspondante. Vous devriez remettre sa supression jusqu'à ce que
+vous soyez sûr de quelle clé a été utilisée car cette clé de signature
+peut établir une connection de confiance vers une autre clé déjà certifiée.
+.
+
+.gpg.keyedit.delsig.invalid
+Cette signature n'est pas valide. Vous devriez la supprimer de votre
+porte-clés.
+.
+
+.gpg.keyedit.delsig.selfsig
+Cette signature relie le nom d'utilisateur à la clé. Habituellement
+enlever une telle signature n'est pas une bonne idée. En fait GnuPG peut
+ne plus être capable d'utiliser cette clé. Donc faites ceci uniquement si
+cette auto-signature est invalide pour une certaine raison et si une autre
+est disponible.
+.
+
+.gpg.keyedit.updpref.okay
+Changer les préférences de tous les noms d'utilisateurs (ou juste
+ceux qui sont sélectionnés) vers la liste actuelle. La date de toutes
+les auto-signatures affectées seront avancées d'une seconde.
+
+.
+
+.gpg.passphrase.enter
+Entrez le mot de passe ; c'est une phrase secrète 
+
+.
+
+.gpg.passphrase.repeat
+Répétez la dernière phrase de passe pour être sûr de ce que vous
+avez tapé.
+.
+
+.gpg.detached_signature.filename
+Donnez le nom du fichier auquel la signature se rapporte
+.
+
+.gpg.openfile.overwrite.okay
+Répondez «oui» s'il faut vraiment réécrire le fichier
+.
+
+.gpg.openfile.askoutname
+Entrez le nouveau nom de fichier. Si vous tapez simplement ENTRÉE le
+fichier par défaut (indiqué entre crochets) sera utilisé.
+.
+
+.gpg.ask_revocation_reason.code
+Vous devriez donner une raison pour la certification. Selon le contexte
+vous pouvez choisir dans cette liste:
+  «La clé a été compromise»
+      Utilisez cette option si vous avez une raison de croire que des
+      personnes ont pu accéder à votre clé secrète sans autorisation.
+  «La clé a été remplacée»
+      Utilisez cette option si vous avez remplacé la clé par une nouvelle.
+  «La clé n'est plus utilisée»
+      Utilisez cette option si cette clé n'a plus d'utilité.
+  «Le nom d'utilisateur n'est plus valide»
+      Utilisez cette option si le nom d'utilisateur ne doit plus être
+      utilisé. Cela sert généralement à indiquer qu'une adresse e-mail
+      est invalide.
+
+.
+
+.gpg.ask_revocation_reason.text
+Si vous le désirez, vous pouvez entrer un texte qui explique pourquoi vous
+avez émis ce certificat de révocation. Essayez de garder ce texte concis.
+Une ligne vide délimite la fin du texte.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.gl.txt b/msys2/usr/share/gnupg/help.gl.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.gl.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.hu.txt b/msys2/usr/share/gnupg/help.hu.txt
new file mode 100644
index 000000000..81b39917b
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.hu.txt
@@ -0,0 +1,257 @@
+# help.hu.txt - hu GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Az Ön döntésén múlik, hogy milyen értéket ad meg itt. Ezt az értéket soha
+nem exportáljuk mások részére. Ez a bizalmak hálózatához (web-of-trust)
+szükséges, semmi köze az igazolások hálózatához (web-of-certificates).
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Hogy a bizalmak hálózatát felépítsük, a GnuPG-nek tudnia kell, hogy
+mely kulcsok alapvetően megbízhatóak - általában ezek azok a kulcsok,
+melyek titkos kulcsához hozzáfér. Válaszoljon "igen"-nel, ha kulcsot
+alapvetően megbízhatónak jelöli!
+
+.
+
+.gpg.untrusted_key.override
+Ha mégis használni akarja ezt a kulcsot, melyben nem bízunk,
+válaszoljon "igen"-nel!
+.
+
+.gpg.pklist.user_id.enter
+Adja meg a címzett felhasználói azonosítóját!
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.gpg.keygen.algo.rsa_se
+�ltalában nem jó ötlet ugyanazt a kulcsot használni aláíráshoz és
+titkosításhoz. Ezt az algoritmust csak bizonyos területeken ajánlatos
+használni. Kérem, először konzultáljon a biztonsági szakértőjével!
+.
+
+.gpg.keygen.size
+Adja meg a kulcs méretét!
+.
+
+.gpg.keygen.size.huge.okay
+Kérem, adjon "igen" vagy "nem" választ!
+.
+
+.gpg.keygen.size.large.okay
+Kérem, adjon "igen" vagy "nem" választ!
+.
+
+.gpg.keygen.valid
+Adja meg a szükséges értéket, ahogy a prompt mutatja!
+Lehetséges ISO dátumot is beírni (ÉÉÉÉ-HH-NN), de nem fog rendes
+hibaüzenetet kapni, hanem a rendszer megpróbálja az értéket
+intervallumként értelmezni.
+.
+
+.gpg.keygen.valid.okay
+Kérem, adjon "igen" vagy "nem" választ!
+.
+
+.gpg.keygen.name
+Adja meg a kulcs tulajdonosának a nevét!
+.
+
+.gpg.keygen.email
+Kérem, adjon meg egy opcionális, de nagyon ajánlott e-mail címet!
+.
+
+.gpg.keygen.comment
+Kérem, adjon meg egy opcionális megjegyzést!
+.
+
+.gpg.keygen.userid.cmd
+N  név változtatása
+M  megjegyzés változtatása
+E  e-mail változtatása
+R  kulcsgenerálás folytatása
+Q  kilépés a kulcsgenerálásból
+.
+
+.gpg.keygen.sub.okay
+Válaszoljon "igen"-nel (vagy csak "i"-vel), ha kezdhetjük az alkulcs
+létrehozását!
+.
+
+.gpg.sign_uid.okay
+Kérem, adjon "igen" vagy "nem" választ!
+.
+
+.gpg.sign_uid.class
+Mielőtt aláír egy felhasználói azonosítót egy kulcson, ellenőriznie kell,
+hogy a kulcs a felhasználói azonosítóban megnevezett személyhez tartozik.
+Mások számára hasznos lehet, ha tudják, hogy milyen gondosan ellenőrizte
+Ön ezt.
+
+"0" azt jelenti, hogy nem tesz az ellenőrzés gondosságára vonatkozó
+    kijelentést.
+
+"1" azt jelenti, hogy Ön hiszi, hogy a kulcs annak a személynek a
+    tulajdona, aki azt állítja, hogy az övé, de Ön nem tudta ezt
+    ellenőrizni, vagy egyszerűen nem ellenőrizte ezt. Ez hasznos egy
+    "persona" típusú ellenőrzéshez, mikor Ön egy pszeudonim felhasználó
+    kulcsát írja alá.
+
+"2" azt jelenti, hogy Ön a kulcsot hétköznapi alapossággal ellenőrizte.
+    Például ez azt jelentheti, hogy ellenőrizte a kulcs ujjlenyomatát, és
+    összevetette a kulcson szereplő felhasználóazonosítót egy fényképes
+    igazolvánnyal.
+
+"3" azt jelenti, hogy alaposan ellenőrizte a kulcsot. Például ez azt
+    jelentheti, hogy a kulcs ujjlenyomatát a tulajdonossal személyesen
+    találkozva ellenőrizte, egy nehezen hamisítható, fényképes igazolvánnyal
+    (mint az útlevél) meggyőződött arról, hogy a személy neve egyezik a
+    kulcson levővel, és végül (e-mail váltással) ellenőrizte, hogy a kulcson
+    szereplő e-mail cím a kulcs tulajdonosához tartozik.
+
+A 2-es és 3-as szintekhez adott példák *csak* példák. Végső soron Ön dönti
+el, hogy mit jelentenek Önnek a "hétköznapi" és "alapos" kifejezések,
+amikor mások kulcsát aláírja.
+
+Ha nem tudja, hogy mit válaszoljon, írjon "0"-t!
+.
+
+.gpg.change_passwd.empty.okay
+Kérem, adjon "igen" vagy "nem" választ!
+.
+
+.gpg.keyedit.save.okay
+Kérem, adjon "igen" vagy "nem" választ!
+.
+
+.gpg.keyedit.cancel.okay
+Kérem, adjon "igen" vagy "nem" választ!
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.gpg.keyedit.remove.uid.okay
+Válaszoljon "igen"-nel, ha valóban törölni akarja ezt a felhasználóazonosítót!
+Minden igazolás törlődik vele együtt!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Válaszoljon "igen"-nel, ha az alkulcs törölhető.
+.
+
+.gpg.keyedit.delsig.valid
+Ez egy érvényes aláírás a kulcson. Normál esetben nincs értelme
+törölni, mert fontos lehet ahhoz, hogy érvényesítse ezt a kulcsot,
+vagy egy másikat, melyet ezzel a kulccsal igazolnak.
+.
+
+.gpg.keyedit.delsig.unknown
+Ezt az aláírást nem tudom ellenőrizni, mert nincs meg a hozzá tartozó
+kulcs. Ajánlatos lenne elhalasztani a törlést addig, amíg meg nem tudja,
+hogy melyik kulcsot használták, mert ez az aláíró kulcs bizalmi
+kapcsolatot hozhat létre egy már hitelesített kulcson keresztül.
+.
+
+.gpg.keyedit.delsig.invalid
+Ez az aláírás nem érvényes. Értelmetlen eltávolítani a kulcskarikáról.
+.
+
+.gpg.keyedit.delsig.selfsig
+Ez egy olyan aláírás, amely összeköti a felhasználóazonosítót
+a kulccsal. �ltalában nem jó ötlet egy ilyen aláírást eltávolítani.
+Az is lehetséges, hogy a GnuPG többé nem tudja használni ezt
+a kulcsot. Csak akkor tegye ezt, ha valami okból ez az önaláírás nem
+érvényes, és rendelkezésre áll egy másik!
+.
+
+.gpg.keyedit.updpref.okay
+Lecseréli az összes felhasználóazonosítóhoz (vagy csak a kijelöltekhez)
+tartozó preferenciákat az aktuális preferenciákra. Minden érintett
+önaláírás időpontját egy másodperccel növeli.
+
+.
+
+.gpg.passphrase.enter
+Kérem, adja meg a jelszót! Ezt egy titkos mondat. 
+
+.
+
+.gpg.passphrase.repeat
+Kérem, ismételje meg az előző jelszót ellenőrzésképpen!
+.
+
+.gpg.detached_signature.filename
+Adja meg az állomány nevét, melyhez az aláírás tartozik!
+.
+
+.gpg.openfile.overwrite.okay
+Válaszoljon "igen"-nel, ha felülírható az állomány!
+.
+
+.gpg.openfile.askoutname
+Kérem, adjon meg egy új fájlnevet! Ha RETURN-t/ENTER-t nyom, akkor
+a szögletes zárójelben levő alapértelmezett nevet használom.
+.
+
+.gpg.ask_revocation_reason.code
+Ajánlatos megadni a visszavonás okát. A helyzettől függően válasszon
+a következő listából:
+  "A kulcs kompromittálódott."
+      Használja ezt akkor, ha oka van azt hinni, hogy titkos kulcsa
+      illetéktelen kezekbe került!
+  "A kulcsot lecserélték."
+      Használja ezt akkor, ha a kulcsot lecserélte egy újabbra!
+  "A kulcs már nem használatos."
+      Használja ezt akkor, ha már nem használja a kulcsot!
+  "A felhasználóazonosító már nem érvényes."
+      Használja ezt akkor, ha azt állítja, hogy a felhasználóazonosító
+      már nem használatos! �ltalában érvénytelen e-mail címet jelent.
+
+.
+
+.gpg.ask_revocation_reason.text
+Ha akarja, megadhat egy szöveget, melyben megindokolja, hogy miért
+adta ki ezt a visszavonó igazolást. Kérem, fogalmazzon tömören!
+Egy üres sor jelzi a szöveg végét.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.id.txt b/msys2/usr/share/gnupg/help.id.txt
new file mode 100644
index 000000000..c07492f3c
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.id.txt
@@ -0,0 +1,251 @@
+# help.id.txt - id GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Terserah anda untuk memberi nilai baru di sini; nilai ini tidak akan diekspor
+ke pihak ketiga. Kami perlu untuk mengimplementasikan web-of-trust; tidak ada
+kaitan dengan (membuat secara implisit) web-of-certificates.
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Untuk membuat Web-of-Trust, GnuPG perlu tahu kunci mana yang
+sangat dipercaya - mereka biasanya adalah kunci yang anda punya
+akses ke kunci rahasia.  Jawab "yes" untuk menset kunci ini ke
+sangat dipercaya
+
+.
+
+.gpg.untrusted_key.override
+Jika anda ingin menggunakan kunci tidak terpercaya ini, jawab "ya".
+.
+
+.gpg.pklist.user_id.enter
+Masukkan ID user penerima pesan.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.gpg.keygen.algo.rsa_se
+Secara umum bukan ide baik untuk menggunakan kunci yang sama untuk menandai dan
+mengenkripsi.  Algoritma ini seharusnya digunakan dalam domain tertentu.
+Silakan berkonsultasi dulu dengan ahli keamanan anda.
+.
+
+.gpg.keygen.size
+Masukkan ukuran kunci
+.
+
+.gpg.keygen.size.huge.okay
+Jawab "ya" atau "tidak"
+.
+
+.gpg.keygen.size.large.okay
+Jawab "ya" atau "tidak"
+.
+
+.gpg.keygen.valid
+Masukkan nilai yang diperlukan seperti pada prompt.
+Dapat digunakan format (YYYY-MM-DD) untuk mengisi tanggal ISO tetapi anda
+tidak akan mendapat respon kesalahan yang baik - sebaiknya sistem akan
+berusaha menginterprestasi nilai yang diberikan sebagai sebuah interval.
+.
+
+.gpg.keygen.valid.okay
+Jawab "ya" atau "tidak"
+.
+
+.gpg.keygen.name
+Masukkan nama pemegang kunci
+.
+
+.gpg.keygen.email
+silakan masukkan alamat email (pilihan namun sangat dianjurkan)
+.
+
+.gpg.keygen.comment
+Silakan masukkan komentar tambahan
+.
+
+.gpg.keygen.userid.cmd
+N  untuk merubah nama.
+K  untuk merubah komentar.
+E  untuk merubah alamat email.
+O  untuk melanjutkan dengan pembuatan kunci.
+K  untuk menghentikan pembuatan kunci.
+.
+
+.gpg.keygen.sub.okay
+Jawab "ya" (atau "y") jika telah siap membuat subkey.
+.
+
+.gpg.sign_uid.okay
+Jawab "ya" atau "tidak"
+.
+
+.gpg.sign_uid.class
+Ketika anda menandai user ID pada kunci, anda perlu memverifikasi bahwa kunci
+milik orang yang disebut dalam user ID.  Ini penting bagi orang lain untuk tahu
+seberapa cermat anda memverifikasi ini.
+
+"0" berarti anda tidak melakukan klaim tentang betapa cermat anda memverifikasi    kunci.
+
+"1" berarti anda percaya bahwa kunci dimiliki oleh orang yang mengklaim memilikinya
+    namun anda tidak dapat, atau tidak memverifikasi kunci sama sekali.  Hal ini bergunabagi
+    verifikasi "persona", yaitu anda menandai kunci user pseudonymous
+
+"2" berarti anda melakukan verifikasi kasual atas kunci.  Sebagai contoh, halini dapat
+    berarti bahwa anda memverifikasi fingerprint kunci dan memeriksa user ID pada kunci
+    dengan photo ID.
+
+"3" berarti anda melakukan verifikasi ekstensif atas kunci.  Sebagai contoh, hal ini
+    dapat berarti anda memverifikasi fingerprint kunci dengan pemilik kunci
+    secara personal, dan anda memeriksa, dengan menggunakan dokumen yang sulit dipalsukan yang memiliki
+    photo ID (seperti paspor) bahwa nama pemilik kunci cocok dengan
+    nama user ID kunci, dan bahwa anda telah memverifikasi (dengan pertukaran
+    email) bahwa alamat email pada kunci milik pemilik kunci.
+
+Contoh-contoh pada level 2 dan 3 hanyalah contoh.
+Pada akhirnya, terserah anda untuk memutuskan apa arti  "kasual" dan "ekstensif"
+bagi anda ketika menandai kunci lain.
+
+Jika anda tidak tahu jawaban yang tepat, jawab "0".
+.
+
+.gpg.change_passwd.empty.okay
+Jawab "ya" atau "tidak"
+.
+
+.gpg.keyedit.save.okay
+Jawab "ya" atau "tidak"
+.
+
+.gpg.keyedit.cancel.okay
+Jawab "ya" atau "tidak"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.gpg.keyedit.remove.uid.okay
+Jawab "ya" jika anda benar-benar ingin menghapus ID user ini.
+Seluruh sertifikat juga akan hilang!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Jawab "ya" jika ingin menghapus subkey
+.
+
+.gpg.keyedit.delsig.valid
+Ini adalah signature valid untuk kunci; anda normalnya tdk ingin menghapus
+signature ini karena mungkin penting membangun koneksi trust ke kunci atau
+ke kunci tersertifikasi lain dengan kunci ini.
+.
+
+.gpg.keyedit.delsig.unknown
+Signature ini tidak dapat diperiksa karena anda tidak memiliki kunci
+korespondennya. Anda perlu menunda penghapusannya hingga anda tahu
+kunci yang digunakan karena kunci penanda ini mungkin membangun suatu
+koneksi trust melalui kunci yang telah tersertifikasi lain.
+.
+
+.gpg.keyedit.delsig.invalid
+Signature tidak valid.  Adalah hal yang masuk akal untuk menghapusnya dari
+keyring anda
+.
+
+.gpg.keyedit.delsig.selfsig
+Ini adalah signature yang menghubungkan ID pemakai ke kunci. Biasanya
+bukan ide yang baik untuk menghapus signature semacam itu. Umumnya
+GnuPG tidak akan dapat menggunakan kunci ini lagi. Sehingga lakukan hal
+ini bila self-signature untuk beberapa alasan tidak valid dan
+tersedia yang kedua.
+.
+
+.gpg.keyedit.updpref.okay
+Rubah preferensi seluruh user ID (atau hanya yang terpilih)
+ke daftar preferensi saat ini.  Timestamp seluruh self-signature
+yang terpengaruh akan bertambah satu detik.
+
+.
+
+.gpg.passphrase.enter
+Silakan masukkan passphrase; ini kalimat rahasia
+
+.
+
+.gpg.passphrase.repeat
+Silakan ulangi passphrase terakhir, sehingga anda yakin yang anda ketikkan.
+.
+
+.gpg.detached_signature.filename
+Beri nama file tempat berlakunya signature
+.
+
+.gpg.openfile.overwrite.okay
+Jawab "ya" jika tidak apa-apa menimpa file
+.
+
+.gpg.openfile.askoutname
+Silakan masukan nama file baru. Jika anda hanya menekan RETURN nama
+file baku (yang diapit tanda kurung) akan dipakai.
+.
+
+.gpg.ask_revocation_reason.code
+Anda harus menspesifikasikan alasan pembatalan. Semua ini tergantung
+konteks, anda dapat memilih dari daftar berikut:
+ "Key has been compromised"
+      Gunakan ini jika anda punya alasan untuk percaya bahwa orang yang tidak berhak
+      memiliki akses ke kunci pribadi anda.
+  "Key is superseded"
+      Gunakan ini bila anda mengganti kunci anda dengan yang baru.
+  "Key is no longer used"
+      Gunakan ini bila anda telah mempensiunkan kunci ini.
+  "User ID is no longer valid"
+      Gunakan ini untuk menyatakan user ID tidak boleh digunakan lagi;
+      normalnya digunakan untuk menandai bahwa alamat email tidak valid lagi.
+
+.
+
+.gpg.ask_revocation_reason.text
+Jika anda suka, anda dapat memasukkan teks menjelaskan mengapa anda
+mengeluarkan sertifikat pembatalan ini. Buatlah ringkas.
+Baris kosong mengakhiri teks.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.it.txt b/msys2/usr/share/gnupg/help.it.txt
new file mode 100644
index 000000000..675f8c081
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.it.txt
@@ -0,0 +1,251 @@
+# help.it.txt - Italian GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+E compito tuo assegnare un valore; questo valore non sarà mai esportato a
+terzi. Ci serve per implementare il web-of-trust; non ha nulla a che fare
+con il web-of-certificates (creato implicitamente).
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Per costruire il Web-Of-Trust, GnuPG ha bisogno di sapere quali chiavi sono
+definitivamente affidabili - di solito quelle per cui hai accesso alla chiave
+segreta.
+Rispondi "sì" per impostare questa chiave come definitivamente affidabile
+
+.
+
+.gpg.untrusted_key.override
+Se vuoi usare comunque questa chiave non fidata, rispondi "si".
+.
+
+.gpg.pklist.user_id.enter
+Inserisci l'user ID del destinatario a cui vuoi mandare il messaggio.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.gpg.keygen.algo.rsa_se
+In generale non è una buona idea usare la stessa chiave per le firme e la
+cifratura. Questo algoritmo dovrebbe solo essere usato in determinati campi.
+Per favore consulta prima il tuo esperto di sicurezza.
+.
+
+.gpg.keygen.size
+Inserisci le dimensioni della chiave
+.
+
+.gpg.keygen.size.huge.okay
+Rispondi "si" o "no"
+.
+
+.gpg.keygen.size.large.okay
+Rispondi "si" o "no"
+.
+
+.gpg.keygen.valid
+Inserisci il valore richiesto come indicato dal prompt.
+È possibile inserire una data in formato ISO (YYYY-MM-DD) ma non avrai un
+messaggio di errore corretto: il sistema cerca di interpretare il valore
+dato come un intervallo.
+.
+
+.gpg.keygen.valid.okay
+Rispondi "si" o "no"
+.
+
+.gpg.keygen.name
+Inserisci il nome del proprietario della chiave
+.
+
+.gpg.keygen.email
+Inserisci un indirizzo di email opzionale (ma fortemente suggerito)
+.
+
+.gpg.keygen.comment
+Inserisci un commento opzionale
+.
+
+.gpg.keygen.userid.cmd
+N  per cambiare il nome.
+C  per cambiare il commento.
+E  per cambiare l'indirizzo di email.
+O  per continuare con la generazione della chiave.
+Q  per abbandonare il processo di generazione della chiave.
+.
+
+.gpg.keygen.sub.okay
+Rispondi "si" (o "y") se va bene generare la subchiave.
+.
+
+.gpg.sign_uid.okay
+Rispondi "si" o "no"
+.
+
+.gpg.sign_uid.class
+Quando firmi l'user ID di una chiave dovresti prima verificare che questa
+appartiene alla persona indicata nell'user ID. È utile agli altri sapere
+con quanta attenzione lo hai verificato.
+
+"0" significa che non fai particolari affermazioni sull'attenzione con cui
+    hai ferificato la chiave.
+
+"1" significa che credi che la chiave sia posseduta dalla persona che dice di
+    possederla, ma non hai o non hai potuto verificare per niente la chiave.
+
+"2" significa che hai fatto una verifica superficiale della chiave. Per esempio
+    potrebbe significare che hai verificato l'impronta digitale e confrontato
+    l'user ID della chiave con un documento di identità con fotografia.
+
+"3" significa che hai fatto una verifica approfondita della chiave. Per esempio
+    potrebbe significare che hai verificato di persona l'impronta digitale con
+    il possessore della chiave e hai controllato, per esempio per mezzo di
+    un documento di identità con fotografia difficile da falsificare (come
+    un passaporto), che il nome del proprietario della chiave corrisponde a
+    quello nell'user ID della chiave, e per finire che hai verificato
+    (scambiando dei messaggi) che l'indirizzo di email sulla chiave appartiene
+    al proprietario.
+
+Nota che gli esempi indicati per i livelli 2 e 3 sono *solo* esempi. Alla fine
+sta a te decidere cosa significano "superficiale" e "approfondita" quando
+firmi chiavi di altri.
+
+Se non sai cosa rispondere, rispondi "0".
+.
+
+.gpg.change_passwd.empty.okay
+Rispondi "si" o "no"
+.
+
+.gpg.keyedit.save.okay
+Rispondi "si" o "no"
+.
+
+.gpg.keyedit.cancel.okay
+Rispondi "si" o "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.gpg.keyedit.remove.uid.okay
+Rispondi "si" se vuoi davvero cancellare questo user ID.
+Tutti i certificati saranno persi!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Rispondi "si" se va bene cancellare la subchiave
+.
+
+.gpg.keyedit.delsig.valid
+Questa è una firma valida per la chiave. Normalmente non vorresti cancellare
+questa firma perchè può essere importante per stabilire una connessione di
+fiducia alla chiave o a un'altra chiave certificata da questa chiave.
+.
+
+.gpg.keyedit.delsig.unknown
+Questa firma non può essere verificata perchè non hai la chiave corrispondente.
+Dovresti rimandare la sua cancellazione finchè non saprai quale chiave è stata
+usata perchè questa chiave potrebbe stabilire una connessione di fiducia
+attraverso una chiave già certificata.
+.
+
+.gpg.keyedit.delsig.invalid
+La firma non è valida. Ha senso rimuoverla dal tuo portachiavi.
+.
+
+.gpg.keyedit.delsig.selfsig
+Questa è una firma che collega l'user id alla chiave. Solitamente non è una
+buona idea rimuovere questo tipo di firma. In realtà GnuPG potrebbe non essere
+più in grado di usare questa chiave. Quindi fallo solo se questa autofirma non
+è valida per qualche ragione e ne è disponibile un'altra.
+.
+
+.gpg.keyedit.updpref.okay
+Cambia le preferenze di tutti gli user ID (o solo di quelli selezionati) con
+la lista di preferenze corrente. L'orario di tutte le autofirme coinvolte
+sarà aumentato di un secondo.
+
+.
+
+.gpg.passphrase.enter
+Inserisci la passphrase, cioè una frase segreta 
+
+.
+
+.gpg.passphrase.repeat
+Ripeti l'ultima passphrase per essere sicuro di cosa hai scritto.
+.
+
+.gpg.detached_signature.filename
+Inserisci il nome del file a cui si riferisce la firma.
+.
+
+.gpg.openfile.overwrite.okay
+Rispondi "si" se va bene sovrascrivere il file.
+.
+
+.gpg.openfile.askoutname
+Inserisci il nuovo nome del file. Se premi INVIO sarà usato il nome
+predefinito (quello indicato tra parentesi).
+.
+
+.gpg.ask_revocation_reason.code
+Dovresti specificare un motivo per questa certificazione. A seconda del
+contesto hai la possibilità di scegliere tra questa lista:
+  "Key has been compromised"
+      Usa questo se hai un motivo per credere che una persona non autorizzata
+      abbia avuto accesso alla tua chiave segreta.
+  "Key is superseded"
+      Usa questo se hai sostituito questa chiave con una più recente.
+  "Key is no longer used"
+      Usa questo se hai mandato in pensione questa chiave.
+  "User ID is no longer valid"
+      Usa questo per affermare che l'user ID non dovrebbe più essere usato;
+      solitamente è usato per indicare un indirizzo di email non valido.
+
+.
+
+.gpg.ask_revocation_reason.text
+Se vuoi, puoi digitare un testo che descrive perché hai emesso
+questo certificato di revoca. Per favore sii conciso.
+Una riga vuota termina il testo.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.ja.txt b/msys2/usr/share/gnupg/help.ja.txt
new file mode 100644
index 000000000..c503de6f7
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.ja.txt
@@ -0,0 +1,335 @@
+# help.ja.txt - Japanese GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+.#pinentry.qualitybar.tooltip
+# [ ��エントリ�有効��る���上記�キー� # を削除������。]
+# �れ�例��。
+���ー��入力�れ�パスフレーズ��質を示�����。
+
+�ー�赤�色�����る場��GnuPG�パスフレーズ�弱��る�判断���
+�付���ん。管�者�パスフレーズ�制��設定����詳細を�����
+�����。
+.
+
+.gnupg.agent-problem
+# There was a problem accessing or starting the agent.
+動作中�Gpg-Agent��接続���������通信��題�発生����。
+
+システム��Gpg-Agent�呼�れる�ックグラウンド・プロセスを利用��秘密
+��パスフレーズ������を処����。��エージェント�通常�ユー
+ザ�ログイン�る���開始�れ�ログイン���る間�動�����。も��
+エージェント�利用�能���場��システム����場�エージェント�起
+動を試�������場��機能�やや制��れ�若干��題��る場���
+り��。
+
+も����ら�管�者�����������題を��よ��解決��ら良�
+����方�良��も�れ��ん。�り����方策�����一度ログアウ
+ト��も�一度ログイン��改善�見られる�試���る����り��。も
+���れ������よ���れ�管�者�報告������。�れ���ら
+��ソフトウェア��グ��る��を示�������。
+.
+
+
+.gnupg.dirmngr-problem
+# There was a problen accessing the dirmngr.
+動作中�Dirmngr��接続���������通信��題�発生����。
+
+証明書失効リスト(CRL)を検索��OCSP�懸賞�LDAPサー�を通���を検索�
+る���システム��Dirmngr�呼�れる外部サービス・プログラムを利用��
+�。Dirmngr�通常�システムサービス(daemon)���実効�れ���一般ユー
+ザ�気��る必���り��ん。�題��る場��システム���求�応���
+Dirmngrを起動�る����り�����れ�対応策��り�性能�制��生�
+��。
+
+���題��る場��システム管�者�連絡����よ��進��ら良���
+���������。�り����解決策�����gpgsm�設定�CRL�検証
+を�止��る���考�られ��。
+.
+
+
+.gpg.edit_ownertrust.value
+����値�指定������任�れ����。��値��第三者�開示�れ
+る���決���り��ん。ウェブ・オブ・トラストを実装�る�����値
+�必���り����(暗黙的�作られる)証明書�網��何も関係���ん。
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+ウェブ・オブ・トラストを構築�る���GnuPG������究極的�信頼��
+る�を知る必���り��。����通常������秘密��アクセス��
+るも���。����究極的�信頼��る場��"yes" �答������。
+.
+
+
+.gpg.untrusted_key.override
+��信頼�れ����を��ら��よ使���場��"yes" �答������。
+.
+
+.gpg.pklist.user_id.enter
+��メッセージを�り��宛先�ユーザIDを入力������。
+.
+
+.gpg.keygen.algo
+使用�るアルゴリズムを�択������。
+
+DSA (別� DSS)�電�署�アルゴリズム��り�署����使���。
+
+Elgamal �暗�化���アルゴリズム��。
+
+RSA �署��暗�化���ら�も使���。
+
+主��常��署���能����る必���り��。
+.
+
+
+.gpg.keygen.algo.rsa_se
+一般的��署��暗�化��一��を用�る���良������り��ん。
+��アルゴリズム��る特定�領域���使�����。���セキュリティ
+�専門家�相談������。
+.
+
+
+.gpg.keygen.size
+��長�を入力������。
+
+�案�れ�デフォルト�通常良��択��。
+
+大���長を使���場������4096ビット���本当��味��る��
+検討������。��ら�ウェブページを見る�も良������:
+http://www.xkcd.com/538/
+.
+
+.gpg.keygen.size.huge.okay
+"yes" � "no" �答������。
+.
+
+
+.gpg.keygen.size.large.okay
+"yes" � "no" �答������。
+.
+
+
+.gpg.keygen.valid
+プロンプト�示�れ�必��値を入力������。ISO形��日付
+(YYYY-MM-DD)�入力��能����良�エラー対応�得られ���も�れ��
+ん。システム�与�られ�値を期間�解釈�る����り��。.
+.
+
+.gpg.keygen.valid.okay
+"yes" � "no" �答������。
+.
+
+
+.gpg.keygen.name
+����主���を入力������。
+文字 "<" � ">" �許�れ����ん。
+例: Heinrich Heine
+.
+
+
+.gpg.keygen.email
+オプション���推奨�れる電�メールアドレスを入力������。
+例: heinrichh@duesseldorf.de
+.
+
+.gpg.keygen.comment
+オプション�コメントを入力������。
+文字 "(" � ")" �許�れ����ん。
+一般的�コメント�必����り��ん。
+.
+
+
+.gpg.keygen.userid.cmd
+# (Keep a leading empty line)
+
+N  ���変更。
+C  コメント�変更。
+E  電�メールアドレス�変更。
+O  �生��進む。
+Q  �生�を止�る。
+.
+
+.gpg.keygen.sub.okay
+副�を生���よ�れ��"yes" (�る���� "y") �答������。
+.
+
+.gpg.sign_uid.okay
+"yes" � "no" �答������。
+.
+
+.gpg.sign_uid.class
+�る��ユーザID�署��る�����������������ユーザID�
+人�属�る����を確����れ��り��ん。�����れ�ら��れを
+慎��確������������人�知る���有用��。
+
+"0" ���れ�ら�慎��確��������特���も主張�����を�味���。
+
+"1" �������主張�る��人�所有�る���る�考�る����������
+    確���������る���������を�味���。�れ��ペン�ーム�
+    ユーザ���署��るよ�� "persona" 確��有用��。
+
+"2" ������対��通常�検証を行����を�味���。������
+    �フィンガープリントを確���写真付�ID�ユーザIDを確�����を
+    �味���。
+
+"3" ������対��広範�検証を行����を�味���。������
+    �フィンガープリントを対��確���パス�ート���造�る���難
+    ��写真付�ID�ユーザIDを確���所有者������ユーザID���
+    ��メール�交���メールアドレス�所有者�属�る��を確����
+    �を�味���。
+
+上記�レベル2�レベル3�示��例����例��る���注�������。
+�局�������署��る�������������「通常������
+「広範��をを決�る������自身�任�れ����。
+
+正��答�������ら����� "0" �答������。
+.
+
+.gpg.change_passwd.empty.okay
+"yes" � "no" �答������。
+.
+
+
+.gpg.keyedit.save.okay
+"yes" � "no" �答������。
+.
+
+
+.gpg.keyedit.cancel.okay
+"yes" � "no" �答������。
+.
+
+.gpg.keyedit.sign_all.okay
+����ユーザID�対��署����場��"yes"�答������。
+.
+
+.gpg.keyedit.remove.uid.okay
+��ユーザIDを本当�削除���場��"yes"�答������。
+���る�全部�証明書�失�れ��!
+.
+
+.gpg.keyedit.remove.subkey.okay
+副�を削除��よ�場��"yes"�答������。
+.
+
+
+.gpg.keyedit.delsig.valid
+�れ������有効�署���。通常���署�を削除�る���望���
+��ょ�。���(��������証明�れ�別��)��信頼�コ�クショ
+ン��立�る�������る場���る�ら��。
+.
+
+.gpg.keyedit.delsig.unknown
+��署��検証����ん���。対応�る�を�������ら��。��
+��使�れ����る����削除を延期�����。��署�����別�
+���証明�れ��を通��信頼�コ�クションを�立�る����る�ら�
+�。
+.
+
+.gpg.keyedit.delsig.invalid
+��署��有効���り��ん。�リング�ら削除�る����味��り��。
+.
+
+.gpg.keyedit.delsig.selfsig
+�れ���ユーザID�����を��署���。通常���よ��署�を削除
+�る���良������り��ん。実際�GnuPG����を使�������
+��������も�れ��ん。���ら���自己署���んら���由�
+よ��無効��り�第二�も��利用�能��る場�����実行�����
+�。
+.
+
+.gpg.keyedit.updpref.okay
+����ユーザID(も������択�れ�一�)�優先指定を�行�優先指定
+�変更���。����関係�る自己署��タイムスタンプ��一秒進ん�も
+���り��。
+.
+
+.gpg.passphrase.enter
+# (keep a leading empty line)
+
+パスフレーズを入力������。秘密�文��。
+.
+
+
+.gpg.passphrase.repeat
+も�一度パスフレーズを入力��間����入力�れ���を確�������。
+.
+
+.gpg.detached_signature.filename
+署���用�れるファイル���を与������。
+.
+
+.gpg.openfile.overwrite.okay
+# openfile.c (overwrite_filep)
+ファイルを上書���よ�れ��"yes"�答������。
+.
+
+.gpg.openfile.askoutname
+# openfile.c (ask_outfile_name)
+新��ファイル�を入力������。��Enterを打���カッコ�示�れ�
+デフォルト�ファイル�使�れ��。
+.
+
+.gpg.ask_revocation_reason.code
+# revoke.c (ask_revocation_reason)
+証明書��由を指定���。下記�リスト�ら�択������:
+  "��������"
+      承������人�����秘密���アクセスを得��考�る�由�
+      �る場����れを指定���。
+  "�を�り替��"
+      新�������を置����場����れを指定���。
+  "��も�使�れ��"
+      ���を使������場����れを指定���。
+  "ユーザID�無効����"
+      ユーザIDをも�や使������場����れを指定���。通常��
+      れ��電�メールアドレス�無効����場���。
+.
+
+
+.gpg.ask_revocation_reason.text
+# revoke.c (ask_revocation_reason)
+必���れ����失効証明書を発行�る�由を記述�る文章を入力�る
+�������。��文章�簡潔�������。空行�文章�終�りを
+�味���。
+.
+
+
+.gpgsm.root-cert-not-trusted
+# This text gets displayed by the audit log if
+# a root certificates was not trusted.
+ルート証明書(信頼�拠り所)�信頼��る��れ����ん。設定�もより�
+�����ルート証明書を信頼��るも��指定�るよ��既���れ��も
+�れ��ん��手動�GnuPG���証明書を信頼��る�扱�よ��設定�る必
+���り��。信頼��る証明書��GnuPG�ホームディレクトリ�ファイル
+trustlist.txt �設定���。疑���る場��システム管�者���証明書
+を信頼��よ�も���������������。
+.
+
+
+.gpgsm.crl-problem
+# This tex is displayed by the audit log for problems with
+# the CRL or OCSP checking.
+設定�より����CRL��得��OCSP検証�際��題�起����。�れ�動
+���場��実�様々��由��り���。解決策��マニュアルを見���
+��。
+.
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.nb.txt b/msys2/usr/share/gnupg/help.nb.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.nb.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.pl.txt b/msys2/usr/share/gnupg/help.pl.txt
new file mode 100644
index 000000000..c5444b632
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.pl.txt
@@ -0,0 +1,250 @@
+# help.pl.txt - pl GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Te wartości użytkownik przydziela wg swojego uznania; nie będą nigdy
+eksportowane poza ten system. Potrzebne sÄ… one do zbudowania sieci
+zaufania, i nie ma to nic wspólnego z tworzoną automatycznie siecią
+certyfikatów.
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Aby zbudować Sieć Zaufania, GnuPG potrzebuje znać klucze do których
+masz absolutne zaufanie. Zwykle są to klucze do których masz klucze
+tajne. Odpowiedz ,,tak'', jeśli chcesz określić ten klucz jako klucz
+do którego masz absolutne zaufanie.
+
+.
+
+.gpg.untrusted_key.override
+Jeśli mimo wszystko chcesz użyć tego klucza, klucza, co do którego nie ma
+żadnej pewności do kogo należy, odpowiedz ,,tak''.
+.
+
+.gpg.pklist.user_id.enter
+Podaj adresatów tej wiadomości.
+.
+
+.gpg.keygen.algo
+Proszę wybrać algorytm.
+
+DSA (znany także jako DSS) to algorytm podpisu cyfrowego (Digital Signature
+Algorithm) i może być używany tylko do podpisów.
+
+Elgamal to algorytm tylko do szyfrowania.
+
+RSA może być używany do podpisów lub szyfrowania.
+
+Pierwszy (główny) klucz zawsze musi być kluczem nadającym się do podpisywania.
+.
+
+.gpg.keygen.algo.rsa_se
+Używanie tego samego klucza do podpisywania i szyfrowania nie jest dobrym
+pomysłem. Można tak postępować tylko w niektórych zastosowaniach. Proszę się
+najpierw skonsultować z ekspertem od bezpieczeństwa. 
+.
+
+.gpg.keygen.size
+Wprowadź rozmiar klucza
+.
+
+.gpg.keygen.size.huge.okay
+Odpowiedz "tak" lub "nie".
+.
+
+.gpg.keygen.size.large.okay
+Odpowiedz "tak" lub "nie".
+.
+
+.gpg.keygen.valid
+Wprowadź żądaną wartość (jak w znaku zachęty).
+Można tu podać datę w formacie ISO (RRRR-MM-DD) ale nie da to
+właściwej obsługi błędów - system próbuje interpretować podaną wartość
+jako okres.
+.
+
+.gpg.keygen.valid.okay
+Odpowiedz "tak" lub "nie".
+.
+
+.gpg.keygen.name
+Nazwa właściciela klucza.
+.
+
+.gpg.keygen.email
+proszę wprowadzić opcjonalny ale wysoce doradzany adres e-mail
+.
+
+.gpg.keygen.comment
+Proszę wprowadzić opcjonalny komentarz
+.
+
+.gpg.keygen.userid.cmd
+N aby zmienić nazwę (nazwisko).
+C aby zmienić komentarz.<
+E aby zmienić adres e-mail.
+O aby kontynuować tworzenie klucza.
+Q aby zrezygnować z tworzenia klucza.
+.
+
+.gpg.keygen.sub.okay
+Jeśli ma zostać wygenerowany podklucz, należy odpowiedzieć "tak".
+.
+
+.gpg.sign_uid.okay
+Odpowiedz "tak" lub "nie".
+.
+
+.gpg.sign_uid.class
+Przy podpisywaniu identyfikatora użytkownika na kluczu należy sprawdzić,
+czy tożsamość użytkownika odpowiada temu, co jest wpisane w identyfikatorze.
+Innym użytkownikom przyda się informacja, jak dogłębnie zostało to przez
+Ciebie sprawdzone.
+
+"0" oznacza, że nie podajesz żadnych informacji na temat tego jak dogłębnie
+    tożsamość użytkownika została przez Ciebie potwierdzona.
+
+"1" oznacza, że masz przekonanie, że tożsamość użytkownika odpowiada
+    identyfikatorowi klucza, ale nie było możliwości sprawdzenia tego.
+    Taka sytuacja występuje też kiedy podpisujesz identyfikator będący
+    pseudonimem.
+
+"2" oznacza, że tożsamość użytkownika została przez Ciebie potwierdzona
+    pobieżnie - sprawdziliście odcisk klucza, sprawdziłaś/eś tożsamość
+    na okazanym dokumencie ze zdjęciem.
+
+"3" to dogłębna weryfikacja tożsamości. Na przykład sprawdzenie odcisku
+    klucza, sprawdzenie tożsamości z okazanego oficjalnego dokumentu ze
+    zdjęciem (np paszportu) i weryfikacja poprawności adresu poczty
+    elektronicznej przez wymianÄ™ poczty z tym adresem.
+
+Zauważ, że podane powyżej przykłady dla poziomów "2" i "3" to *tylko*
+przykłady. Do Ciebie należy decyzja co oznacza "pobieżny" i "dogłębny" w
+kontekście poświadczania i podpisywania kluczy.
+
+Jeśli nie wiesz co odpowiedzieć, podaj "0".
+.
+
+.gpg.change_passwd.empty.okay
+Odpowiedz "tak" lub "nie".
+.
+
+.gpg.keyedit.save.okay
+Odpowiedz "tak" lub "nie".
+.
+
+.gpg.keyedit.cancel.okay
+Odpowiedz "tak" lub "nie".
+.
+
+.gpg.keyedit.sign_all.okay
+Odpowiedz "tak", aby podpisać WSZYSTKIE identyfikatory użytkownika.
+.
+
+.gpg.keyedit.remove.uid.okay
+Aby skasować ten identyfikator użytkownika (co wiąże się ze utratą
+wszystkich jego poświadczeń!) należy odpowiedzieć ,,tak''.
+.
+
+.gpg.keyedit.remove.subkey.okay
+Aby skasować podklucz należy odpowiedzieć "tak".
+.
+
+.gpg.keyedit.delsig.valid
+To jest poprawny podpis na tym kluczu; normalnie nie należy go usuwać
+ponieważ może być ważny dla zestawienia połączenia zaufania do klucza
+którym go złożono lub do innego klucza nim poświadczonego.
+.
+
+.gpg.keyedit.delsig.unknown
+Ten podpis nie może zostać potwierdzony ponieważ nie ma
+odpowiadającego mu klucza publicznego. Należy odłożyć usunięcie tego
+podpisu do czasu, kiedy okaże się który klucz został użyty, ponieważ
+w momencie uzyskania tego klucza może pojawić się ścieżka zaufania
+pomiędzy tym a innym, już poświadczonym kluczem.
+.
+
+.gpg.keyedit.delsig.invalid
+Ten podpis jest niepoprawny. Można usunąć go ze zbioru kluczy.
+.
+
+.gpg.keyedit.delsig.selfsig
+To jest podpis wiążący identyfikator użytkownika z kluczem. Nie należy
+go usuwać - GnuPG może nie móc posługiwać się dalej kluczem bez
+takiego podpisu. Bezpiecznie można go usunąć tylko jeśli ten podpis
+klucza nim samym z jakichÅ› przyczyn nie jest poprawny, i klucz jest
+drugi raz podpisany w ten sam sposób.
+.
+
+.gpg.keyedit.updpref.okay
+Przestawienie wszystkich (lub tylko wybranych) identyfikatorów na aktualne
+ustawienia. Data na odpowiednich podpisach zostane przesunięta do przodu o
+jednÄ… sekundÄ™.
+
+.
+
+.gpg.passphrase.enter
+Podaj długie, skomplikowane hasło, np. całe zdanie.
+
+.
+
+.gpg.passphrase.repeat
+Proszę powtórzyć hasło, aby upewnić się że nie było pomyłki.
+.
+
+.gpg.detached_signature.filename
+Podaj nazwę pliku którego dotyczy ten podpis
+.
+
+.gpg.openfile.overwrite.okay
+Jeśli można nadpisać ten plik, należy odpowiedzieć ,,tak''
+.
+
+.gpg.openfile.askoutname
+Nazwa pliku. Naciśnięcie ENTER potwierdzi nazwę domyślną (w nawiasach).
+.
+
+.gpg.ask_revocation_reason.code
+Nalezy podać powód unieważnienia klucza. W zależności od kontekstu można
+go wybrać z listy:
+  "Klucz został skompromitowany"
+      Masz powody uważać że twój klucz tajny dostał się w niepowołane ręce.
+  "Klucz został zastąpiony"
+      Klucz został zastąpiony nowym.
+  "Klucz nie jest już używany"
+      Klucz został wycofany z użycia.
+  "Identyfikator użytkownika przestał być poprawny"
+      Identyfikator użytkownika (najczęściej adres e-mail przestał być
+      poprawny.
+
+.
+
+.gpg.ask_revocation_reason.text
+Jeśli chcesz, możesz podać opis powodu wystawienia certyfikatu
+unieważnienia. Opis powinien byc zwięzły.
+Pusta linia kończy wprowadzanie tekstu.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.pt.txt b/msys2/usr/share/gnupg/help.pt.txt
new file mode 100644
index 000000000..da9a18153
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.pt.txt
@@ -0,0 +1,253 @@
+# help.pt.txt - pt GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Você decide que valor usar aqui; este valor nunca será exportado para
+terceiros. Precisamos dele implementar a rede de confiança, que não tem
+nada a ver com a rede de certificados (implicitamente criada).
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Para construir a Teia-de-Confiança ('Web-of-Trust'), o GnuPG precisa de
+saber quais são as chaves em que deposita confiança absoluta - normalmente
+estas são as chaves a que tem acesso à chave privada.  Responda "sim" para
+que esta chave seja de confiança absoluta.
+
+.
+
+.gpg.untrusted_key.override
+Se você quiser usar esta chave, não de confiança, assim mesmo, responda "sim".
+.
+
+.gpg.pklist.user_id.enter
+Digite o ID de utilizador do destinatário para quem quer enviar a
+mensagem.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.gpg.keygen.algo.rsa_se
+Em geral não é uma boa ideia utilizar a mesma chave para assinar e para
+cifrar.  Este algoritmo só deve ser utilizado em alguns domínios.
+Por favor consulte primeiro o seu perito em segurança.
+.
+
+.gpg.keygen.size
+Insira o tamanho da chave
+.
+
+.gpg.keygen.size.huge.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keygen.size.large.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keygen.valid
+Digite o valor necessário conforme pedido.
+É possível digitar uma data ISO (AAAA-MM-DD) mas você não terá uma boa
+reacção a erros - o sistema tentará interpretar o valor dado como um intervalo.
+.
+
+.gpg.keygen.valid.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keygen.name
+Digite o nome do possuidor da chave
+.
+
+.gpg.keygen.email
+por favor digite um endereço de email (opcional mas recomendado)
+.
+
+.gpg.keygen.comment
+Por favor digite um comentário (opcional)
+.
+
+.gpg.keygen.userid.cmd
+N  para mudar o nome.
+C  para mudar o comentário.
+E  para mudar o endereço de email
+O  para continuar a geração da chave.
+S  para interromper a geração da chave.
+.
+
+.gpg.keygen.sub.okay
+Responda "sim" (ou apenas "s") se quiser gerar a subchave.
+.
+
+.gpg.sign_uid.okay
+Responda "sim" ou "não"
+.
+
+.gpg.sign_uid.class
+Quando assina uma chave de identificação de um utilizador, deve primeiro
+verificar que a chave pertence realmente à pessoa em questão. É útil para
+terceiros saberem com que cuidado é que efectuou esta verificação.
+
+"0" significa que não deseja declarar a forma com verificou a chave
+
+"1" significa que acredita que a chave pertence à pessoa em questão, mas
+    não conseguiu ou não tentou verificar. Este grau é útil para quando
+    assina a chave de uma utilizador pseudo-anónimo.
+
+"2" significa que efectuou uma verificação normal da chave. Por exemplo,
+    isto pode significar que verificou a impressão digital da chave e
+    verificou o identificador de utilizador da chave contra uma identificação
+    fotográfica.
+
+"3" significa que efectuou uma verificação exaustiva da chave. Por exemplo,
+    isto pode significar que efectuou a verificação pessoalmente, e que 
+    utilizou um documento, com fotografia, difícil de falsificar 
+    (como por exemplo um passaporte) que o nome do dono da chave é o
+    mesmo do que o identificador da chave, e que, finalmente, verificou
+    (através de troca de e-mail) que o endereço de email da chave pertence
+    ao done da chave.
+
+Atenção: os exemplos dados para os níveis 2 e 3 são *apenas* exemplos.
+Compete-lhe a si decidir o que considera, ao assinar chaves, uma verificação
+"normal" e uma verificação "exaustiva".
+
+Se não sabe qual é a resposta correcta, responda "0".
+.
+
+.gpg.change_passwd.empty.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keyedit.save.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keyedit.cancel.okay
+Responda "sim" ou "não"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.gpg.keyedit.remove.uid.okay
+Responda "sim" se quiser realmente remover este ID de utilizador.
+Todos os certificados também serão perdidos!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Responda "sim" se quiser remover a subchave
+.
+
+.gpg.keyedit.delsig.valid
+Esta é uma assinatura válida na chave; normalmente não é desejável
+remover esta assinatura porque ela pode ser importante para estabelecer
+uma conexão de confiança à chave ou a outra chave certificada por esta.
+.
+
+.gpg.keyedit.delsig.unknown
+Esta assinatura não pode ser verificada porque você não tem a chave
+correspondente. Você deve adiar sua remoção até saber que chave foi usada
+porque a chave desta assinatura pode estabelecer uma conexão de confiança
+através de outra chave já certificada.
+.
+
+.gpg.keyedit.delsig.invalid
+A assinatura não é válida. Faz sentido removê-la do seu porta-chaves.
+.
+
+.gpg.keyedit.delsig.selfsig
+Esta é uma assinatura que liga o ID de utilizador à chave. Geralmente
+não é uma boa idéia remover tal assinatura. É possível que o GnuPG
+não consiga mais usar esta chave. Faça isto apenas se por alguma
+razão esta auto-assinatura não for válida e há uma segunda disponível.
+.
+
+.gpg.keyedit.updpref.okay
+Muda as preferências de todos os identificadores de utilizadores
+(ou apenas dos seleccionados) para a lista actual de preferências.
+O 'timestamp' de todas as auto-assinaturas afectuadas será avançado
+em um segundo.
+
+.
+
+.gpg.passphrase.enter
+Por favor digite a frase secreta 
+
+.
+
+.gpg.passphrase.repeat
+Por favor repita a frase secreta, para ter certeza do que digitou.
+.
+
+.gpg.detached_signature.filename
+Dê o nome para o ficheiro ao qual a assinatura se aplica
+.
+
+.gpg.openfile.overwrite.okay
+Responda "sim" se quiser escrever por cima do ficheiro
+.
+
+.gpg.openfile.askoutname
+Por favor digite um novo nome de ficheiro. Se você apenas carregar em RETURN
+o ficheiro por omissão (que é mostrado entre parênteses) será utilizado.
+.
+
+.gpg.ask_revocation_reason.code
+Deve especificar uma razão para a emissão do certificado. Dependendo no
+contexto, pode escolher as seguintes opções desta lista:
+  "A chave foi comprometida"
+     Utilize esta opção se tem razões para acreditar que indivíduos não
+     autorizados obtiveram acesso à sua chave secreta.
+  "A chave foi substituida"
+     Utilize esta opção se substituiu esta chave com uma mais recente.
+  "A chave já não é utilizada"
+     Utilize esta opção se já não utiliza a chave.
+  "O identificador do utilizador já não é válido"
+     Utilize esta opção para comunicar que o identificador do utilizador
+     não deve ser mais utilizado; normalmente utilizada para indicar
+     que um endereço de email é inválido.
+
+.
+
+.gpg.ask_revocation_reason.text
+Se desejar, pode inserir uma texto descrevendo a razão pela qual criou
+este certificado de revogação. Por favor mantenha este texto conciso.
+Uma linha vazia termina o texto.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.pt_BR.txt b/msys2/usr/share/gnupg/help.pt_BR.txt
new file mode 100644
index 000000000..e88265c2e
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.pt_BR.txt
@@ -0,0 +1,253 @@
+# help.pt_BR.txt - Brazilian GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Você decide que valor usar aqui; este valor nunca será exportado para
+terceiros. Precisamos dele implementar a rede de confiança, que não tem
+nada a ver com a rede de certificados (implicitamente criada).
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Para construir a Teia-de-Confiança ('Web-of-Trust'), o GnuPG precisa de
+saber quais são as chaves em que deposita confiança absoluta - normalmente
+estas são as chaves a que tem acesso à chave privada.  Responda "sim" para
+que esta chave seja de confiança absoluta.
+
+.
+
+.gpg.untrusted_key.override
+Se você quiser usar esta chave não confiável assim mesmo, responda "sim".
+.
+
+.gpg.pklist.user_id.enter
+Digite o ID de usuário do destinatário para o qual você quer enviar a
+mensagem.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.gpg.keygen.algo.rsa_se
+Em geral não é uma boa ideia utilizar a mesma chave para assinar e para
+cifrar.  Este algoritmo só deve ser utilizado em alguns domínios.
+Por favor consulte primeiro o seu perito em segurança.
+.
+
+.gpg.keygen.size
+Digite o tamanho da chave
+.
+
+.gpg.keygen.size.huge.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keygen.size.large.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keygen.valid
+Digite o valor necessário conforme pedido.
+É possível digitar uma data ISO (AAAA-MM-DD) mas você não terá uma boa
+reação a erros - o sistema tentará interpretar o valor dado como um intervalo.
+.
+
+.gpg.keygen.valid.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keygen.name
+Digite o nome do possuidor da chave
+.
+
+.gpg.keygen.email
+por favor digite um endereço de email (opcional mas recomendado)
+.
+
+.gpg.keygen.comment
+Por favor digite um comentário (opcional)
+.
+
+.gpg.keygen.userid.cmd
+N  para mudar o nome.
+C  para mudar o comentário.
+E  para mudar o endereço de correio eletrônico.
+O  para continuar a geração da chave.
+S  para interromper a geração da chave.
+.
+
+.gpg.keygen.sub.okay
+Responda "sim" (ou apenas "s") se quiser gerar a subchave.
+.
+
+.gpg.sign_uid.okay
+Responda "sim" ou "não"
+.
+
+.gpg.sign_uid.class
+Quando assina uma chave de identificação de um utilizador, deve primeiro
+verificar que a chave pertence realmente à pessoa em questão. É útil para
+terceiros saberem com que cuidado é que efectuou esta verificação.
+
+"0" significa que não deseja declarar a forma com verificou a chave
+
+"1" significa que acredita que a chave pertence à pessoa em questão, mas
+    não conseguiu ou não tentou verificar. Este grau é útil para quando
+    assina a chave de uma utilizador pseudo-anónimo.
+
+"2" significa que efectuou uma verificação normal da chave. Por exemplo,
+    isto pode significar que verificou a impressão digital da chave e
+    verificou o identificador de utilizador da chave contra uma identificação
+    fotográfica.
+
+"3" significa que efectuou uma verificação exaustiva da chave. Por exemplo,
+    isto pode significar que efectuou a verificação pessoalmente, e que 
+    utilizou um documento, com fotografia, difícil de falsificar 
+    (como por exemplo um passaporte) que o nome do dono da chave é o
+    mesmo do que o identificador da chave, e que, finalmente, verificou
+    (através de troca de e-mail) que o endereço de email da chave pertence
+    ao done da chave.
+
+Atenção: os exemplos dados para os níveis 2 e 3 são *apenas* exemplos.
+Compete-lhe a si decidir o que considera, ao assinar chaves, uma verificação
+"normal" e uma verificação "exaustiva".
+
+Se não sabe qual é a resposta correcta, responda "0".
+.
+
+.gpg.change_passwd.empty.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keyedit.save.okay
+Responda "sim" ou "não"
+.
+
+.gpg.keyedit.cancel.okay
+Responda "sim" ou "não"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.gpg.keyedit.remove.uid.okay
+Responda "sim" se quiser realmente remover este ID de usuário.
+Todos os certificados também serão perdidos!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Responda "sim" se quiser remover a subchave
+.
+
+.gpg.keyedit.delsig.valid
+Esta é uma assinatura válida na chave; normalmente não é desejável
+remover esta assinatura porque ela pode ser importante para estabelecer
+uma conexão de confiança à chave ou a outra chave certificada por esta.
+.
+
+.gpg.keyedit.delsig.unknown
+Esta assinatura não pode ser verificada porque você não tem a chave
+correspondente. Você deve adiar sua remoção até saber que chave foi usada
+porque a chave desta assinatura pode estabelecer uma conexão de confiança
+através de outra chave já certificada.
+.
+
+.gpg.keyedit.delsig.invalid
+A assinatura não é válida. Faz sentido removê-la de seu chaveiro.
+.
+
+.gpg.keyedit.delsig.selfsig
+Esta é uma assinatura que liga o ID de usuário à chave. Geralmente
+não é uma boa idéia remover tal assinatura. É possível que o GnuPG
+não consiga mais usar esta chave. Faça isto apenas se por alguma
+razão esta auto-assinatura não for válida e há uma segunda disponível.
+.
+
+.gpg.keyedit.updpref.okay
+Muda as preferências de todos os identificadores de utilizadores
+(ou apenas dos seleccionados) para a lista actual de preferências.
+O 'timestamp' de todas as auto-assinaturas afectuadas será avançado
+em um segundo.
+
+.
+
+.gpg.passphrase.enter
+Por favor digite a frase secreta 
+
+.
+
+.gpg.passphrase.repeat
+Por favor repita a última frase secreta, para ter certeza do que você digitou.
+.
+
+.gpg.detached_signature.filename
+Dê o nome para o arquivo ao qual a assinatura se aplica
+.
+
+.gpg.openfile.overwrite.okay
+Responda "sim" se quiser sobrescrever o arquivo
+.
+
+.gpg.openfile.askoutname
+Por favor digite um novo nome de arquivo. Se você apenas apertar RETURN o
+arquivo padrão (que é mostrado em colchetes) será usado.
+.
+
+.gpg.ask_revocation_reason.code
+Deve especificar uma razão para a emissão do certificado. Dependendo no
+contexto, pode escolher as seguintes opções desta lista:
+  "A chave foi comprometida"
+     Utilize esta opção se tem razões para acreditar que indivíduos não
+     autorizados obtiveram acesso à sua chave secreta.
+  "A chave foi substituida"
+     Utilize esta opção se substituiu esta chave com uma mais recente.
+  "A chave já não é utilizada"
+     Utilize esta opção se já não utiliza a chave.
+  "O identificador do utilizador já não é válido"
+     Utilize esta opção para comunicar que o identificador do utilizador
+     não deve ser mais utilizado; normalmente utilizada para indicar
+     que um endereço de email é inválido.
+
+.
+
+.gpg.ask_revocation_reason.text
+Se desejar, pode inserir uma texto descrevendo a razão pela qual criou
+este certificado de revogação. Por favor mantenha este texto conciso.
+Uma linha vazia termina o texto.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.ro.txt b/msys2/usr/share/gnupg/help.ro.txt
new file mode 100644
index 000000000..b26dd53ba
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.ro.txt
@@ -0,0 +1,251 @@
+# help.ro.txt - ro GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Este sarcina d-voastră să atribuiţi o valoare aici; această valoare
+nu va fi niciodată exportată pentru o terţă parte.  Trebuie să
+implementăm reţeaua-de-încredere; aceasta nu are nimic în comun cu
+certificatele-de-reţea (create implicit).
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Pentru a construi Reţeaua-de-Încredere, GnuPG trebuie să ştie care chei
+au nivel de încredere suprem - acestea de obicei sunt cheile pentru care
+aveţi acces la cheia secretă.  Răspundeţi "da" pentru a seta
+această cheie cu nivel de încredere suprem
+
+.
+
+.gpg.untrusted_key.override
+Dacă doriţi oricum să folosiţi această cheie fără încredere, răspundeţi "da".
+.
+
+.gpg.pklist.user_id.enter
+Introduceţi ID-ul utilizator al destinatarului mesajului.
+.
+
+.gpg.keygen.algo
+Selectaţi algoritmul de folosit.
+
+DSA (aka DSS) este Digital Signature Algorithm ÅŸi poate fi folosit numai
+pentru semnături.
+
+Elgamal este un algoritm numai pentru cifrare.
+
+RSA poate fi folosit pentru semnături sau cifrare.
+
+Prima cheie (primară) trebuie să fie întotdeauna o cheie cu care se poate semna.
+.
+
+.gpg.keygen.algo.rsa_se
+În general nu este o idee bună să folosiţi aceeaşi cheie şi pentru
+semnare ÅŸi pentru cifrare.  Acest algoritm ar trebui folosit numai
+în anumite domenii.  Vă rugăm consultaţi mai întâi un expert în domeniu.
+.
+
+.gpg.keygen.size
+Introduceţi lungimea cheii
+.
+
+.gpg.keygen.size.huge.okay
+Răspundeţi "da" sau "nu"
+.
+
+.gpg.keygen.size.large.okay
+Răspundeţi "da" sau "nu"
+.
+
+.gpg.keygen.valid
+Introduceţi valoarea cerută precum a arătat la prompt.
+Este posibil să introduceţi o dată ISO (AAAA-LL-ZZ) dar nu veţi
+obţine un răspuns de eroare bun - în loc sistemul încearcă să
+interpreteze valoare dată ca un interval.
+.
+
+.gpg.keygen.valid.okay
+Răspundeţi "da" sau "nu"
+.
+
+.gpg.keygen.name
+Introduceţi numele deţinătorului cheii
+.
+
+.gpg.keygen.email
+vă rugăm introduceţi o adresă de email (opţională dar recomandată)
+.
+
+.gpg.keygen.comment
+Vă rugăm introduceţi un comentriu opţional
+.
+
+.gpg.keygen.userid.cmd
+N  pentru a schimba numele.
+C  pentru a schimba comentariul.
+E  pentru a schimba adresa de email.
+O  pentru a continua cu generarea cheii.
+T  pentru a termina generarea cheii.
+.
+
+.gpg.keygen.sub.okay
+Răspundeţi "da" (sau numai "d") dacă sunteţi OK să generaţi subcheia.
+.
+
+.gpg.sign_uid.okay
+Răspundeţi "da" sau "nu"
+.
+
+.gpg.sign_uid.class
+Când semnaţi un ID utilizator pe o cheie ar trebui să verificaţi mai întâi
+că cheia aparţine persoanei numite în ID-ul utilizator.  Este util şi altora
+să ştie cât de atent aţi verificat acest lucru.
+
+"0" înseamnă că nu pretindeţi nimic despre cât de atent aţi verificat cheia
+"1" înseamnă că credeţi că cheia este a persoanei ce pretinde că este
+    proprietarul ei, dar n-aţi putut, sau nu aţi verificat deloc cheia.
+    Aceasta este utilă pentru verificare "persona", unde semnaţi cheia
+    unui utilizator pseudonim.
+
+"2" înseamnă că aţi făcut o verificare supericială a cheii.  De exemplu,
+    aceasta ar putea însemna că aţi verificat amprenta cheii şi aţi verificat
+    ID-ul utilizator de pe cheie cu un ID cu poză.
+
+"3" înseamnă că aţi făcut o verificare extensivă a cheii.  De exemplu,
+    aceasta ar putea însemna că aţi verificat amprenta cheii cu proprietarul
+    cheii în persoană, că aţi verificat folosind un document dificil de
+    falsificat cu poză (cum ar fi un paşaport) că numele proprietarului cheii
+    este acelaşi cu numele ID-ului utilizator al cheii şi că aţi verificat
+    (schimbând emailuri) că adresa de email de pe cheie aparţine proprietarului
+cheii.
+
+De notat că exemplele date pentru nivelele 2 şi 3 ceva mai sus sunt *numai*
+exemple. La urma urmei, d-voastră decideţi ce înseamnă "superficial" şi
+"extensiv" pentru d-voastră când semnaţi alte chei.
+
+Dacă nu ştiţi care este răspunsul, răspundeţi "0".
+.
+
+.gpg.change_passwd.empty.okay
+Răspundeţi "da" sau "nu"
+.
+
+.gpg.keyedit.save.okay
+Răspundeţi "da" sau "nu"
+.
+
+.gpg.keyedit.cancel.okay
+Răspundeţi "da" sau "nu"
+.
+
+.gpg.keyedit.sign_all.okay
+Răspundeţi "da" dacă doriţi să semnaţi TOATE ID-urile utilizator
+.
+
+.gpg.keyedit.remove.uid.okay
+Răspundeţi "da" dacă într-adevăr doriţi să ştergeţi acest ID utilizator.
+Toate certificatele sunt de asemenea pierdute!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Răspundeţi "da" dacă este OK să ştergeţi subcheia
+.
+
+.gpg.keyedit.delsig.valid
+Aceasta este o semnătură validă pe cheie; în mod normal n-ar trebui
+să ştergeţi această semnătură pentru că aceasta ar putea fi importantăla stabilirea conexiunii de încredere la cheie sau altă cheie certificată
+de această cheie.
+.
+
+.gpg.keyedit.delsig.unknown
+Această semnătură nu poate fi verificată pentru că nu aveţi cheia
+corespunzătoare.  Ar trebui să amânaţi ştergerea sa până ştiţi care
+cheie a fost folosită pentru că această cheie de semnare ar putea
+constitui o conexiune de încredere spre o altă cheie deja certificată.
+.
+
+.gpg.keyedit.delsig.invalid
+Semnătura nu este validă.  Aceasta ar trebui ştearsă de pe inelul
+d-voastră de chei.
+.
+
+.gpg.keyedit.delsig.selfsig
+Aceasta este o semnătură care leagă ID-ul utilizator de cheie.
+De obicei nu este o idee bună să ştergeţi o asemenea semnătură.
+De fapt, GnuPG ar putea să nu mai poată folosi această cheie.
+Aşa că faceţi acest lucru numai dacă această auto-semnătură este
+dintr-o oarecare cauză invalidă şi o a doua este disponibilă.
+.
+
+.gpg.keyedit.updpref.okay
+Schimbaţi toate preferinţele ale tuturor ID-urilor utilizator (sau doar
+cele selectate) conform cu lista curentă de preferinţe.  Timestamp-urile
+tuturor auto-semnăturilor afectate vor fi avansate cu o secundă.
+
+.
+
+.gpg.passphrase.enter
+Vă rugăm introduceţi fraza-parolă; aceasta este o propoziţie secretă 
+
+.
+
+.gpg.passphrase.repeat
+Vă rugăm repetaţi ultima frază-parolă, pentru a fi sigur(ă) ce aţi tastat.
+.
+
+.gpg.detached_signature.filename
+Daţi numele fişierului la care se aplică semnătura
+.
+
+.gpg.openfile.overwrite.okay
+Răspundeţi "da" dacă este OK să suprascrieţi fişierul
+.
+
+.gpg.openfile.askoutname
+Vă rugăm introduceţi un nou nume-fişier. Dacă doar apăsaţi RETURN,
+va fi folosit fişierul implicit (arătat în paranteze).
+.
+
+.gpg.ask_revocation_reason.code
+Ar trebui să specificaţi un motiv pentru certificare.  În funcţie de
+context aveţi posibilitatea să alegeţi din această listă:
+  "Cheia a fost compromisă"
+      Folosiţi această opţiune dacă aveţi un motiv să credeţi că persoane
+      neautorizate au avut acces la cheia d-voastră secretă.
+  "Cheia este înlocuită"
+      Folosiţi această opţiune dacă înlocuiţi cheia cu una nouă.
+  "Cheia nu mai este folosită"
+      Folosiţi această opţiune dacă pensionaţi cheia.
+  "ID-ul utilizator nu mai este valid"
+      Folosiţi această opţiune dacă ID-ul utilizator nu mai trebuie folosit;
+      de obicei folosită pentru a marca o adresă de email ca invalidă.
+
+.
+
+.gpg.ask_revocation_reason.text
+Dacă doriţi, puteţi introduce un text descriind de ce publicaţi acest
+certificat de revocare.  Vă rugăm fiţi concis.
+O linie goală termină textul.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.ru.txt b/msys2/usr/share/gnupg/help.ru.txt
new file mode 100644
index 000000000..b78e1ff92
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.ru.txt
@@ -0,0 +1,369 @@
+# help.ru.txt - Russian GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+# Copyright (C) 2016 Ineiev <ineiev@gnu.org> (translation)
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+# The translated revision was taken from HEAD b8bb16c6c08d3c2947f1ff67
+# which is the same as the revision from STABLE-BRANCH-2-0 776bee6d370
+
+.#pinentry.qualitybar.tooltip
+# [remove the hash mark from the key to enable this text]
+# This entry is just an example on how to customize the tooltip shown
+# when hovering over the quality bar of the pinentry.  We don't
+# install this text so that the hardcoded translation takes
+# precedence.  An administrator should write up a short help to tell
+# the users about the configured passphrase constraints and save that
+# to /etc/gnupg/help.txt.  The help text should not be longer than
+# about 800 characters.
+Этот индикатор показывает каче�тво введенной выше фразы-парол�.
+
+Пока индикатор кра�ный, GnuPG �читает фразу-пароль неприемлемо �лабой.
+Уточните у �воего админи�тратора прин�тые требовани� к фразе-паролю.
+.
+
+
+.gnupg.agent-problem
+# There was a problem accessing or starting the agent.
+К запущенному Gpg-Agent было невозможно подключить��, либо возникла
+проблема �оединени� � ним.
+
+Си�тема и�пользует фоновый проце�� под названием Gpg-Agent
+дл� обработки �екретных ключей и запро�а фраз-паролей. Обычно проце��
+запу�кает�� при входе пользовател� в �и�тему и работает, пока
+пользователь не выйдет. Е�ли проце�� недо�тупен, �и�тема пытает��
+запу�тить его на ходу, но функции �той вер�ий не�колько ограничены,
+�то может приве�ти к небольшим проблемам.
+
+Веро�тно, дл� решени� проблемы нужно обратить�� к админи�тратору.
+В каче�тве временной меры можно выйти и �нова войти в �и�тему;
+может быть, �то поможет. В любом �лучае �ообщите об �том
+админи�тратору, потому что �то указывает на недочет в программе.
+.
+
+
+.gnupg.dirmngr-problem
+# There was a problen accessing the dirmngr.
+К запущенному Dirmngr было невозможно подключить��, либо возникла
+проблема �оединени� � ним.
+
+Дл� про�мотра �пи�ков отзыва �ертификатов во врем� проверки
+�ертификатов и дл� пои�ка ключей на локальных �ерверах �и�тема
+пользует�� внешней �лужебной программой Dirmngr. Обычно она работает
+как �и�темна� �лужба (демон) и не нуждает�� в каких-либо дей�тви�х
+�о �тороны пользовател�. В �лучае проблем �и�тема может запу�кать
+новую копию Dirmngr по каждому запро�у; �то запа�ной вариант
+� ухудшенными характери�тиками.
+
+Е�ли Вы �толкнули�ь � �той проблемой, обратите�ь к �и�темному
+админи�тратору. В каче�тве временного решени� можно попробовать
+отключить проверку �пи�ков отзыва �ертификатов в на�тройках gpgsm.
+.
+
+
+.gpg.edit_ownertrust.value
+# The help identies prefixed with "gpg." used to be hard coded in gpg
+# but may now be overridden by help texts from this file.
+Е�ли хотите, по�тавьте зде�ь значение; оно никогда не будет выводить��
+дл� третьих �торон. �ам оно нужно дл� реализации �ети довери�; оно
+никак не �в�зано � (не�вно �оздаваемой) �етью �ертификатов.
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Дл� по�троени� Сети довери� GnuPG нужно знать, каким ключам довер�ть
+полно�тью - обычно �то ключи, �екретные ча�ти которых у Ва� е�ть.
+Ответ "да" у�тановит полное доверие �тому ключу.
+
+
+.gpg.untrusted_key.override
+Е�ли Вы хотите в�е равно пользовать�� �тим недоверенным ключом,
+ответьте "да".
+.
+
+.gpg.pklist.user_id.enter
+Введите ID пользовател� - получател� Вашего �ообщени�.
+.
+
+.gpg.keygen.algo
+Выберите алгоритм.
+
+DSA (он же DSS) можно примен�ть только дл� подпи�ей.
+
+Elgamal - алгоритм только дл� шифровани�.
+
+RSA можно примен�ть дл� шифровани� или подпи�ей.
+
+Первый (первичный) ключ в�егда должен быть пригоден дл� подпи�ей.
+.
+
+
+.gpg.keygen.algo.rsa_se
+В целом неразумно пользовать�� одним и тем же ключом и дл� подпи�и,
+и дл� шифровани�. Это может быть полезно только в определенных
+�луча�х. Прокон�ультируйте�ь �о �воим �к�пертом по безопа�но�ти.
+.
+
+
+.gpg.keygen.flags
+Помен�ть функции ключа.
+
+Переключать можно только функции, до�тупные дл� выбранного
+алгоритма.
+
+Дл� бы�трой у�тановки �разу в�ех возможно�тей введите �начала '=',
+а за ним �пи�ок букв, задающих набор функций: '1' - подпи�ь, '2' -
+шифрование, '3' - аутентификаци�. �еправильные буквы и функции
+не учитывают��. Сразу по�ле бы�трого ввода �то подменю закрывает��.
+.
+
+
+.gpg.keygen.size
+Введите размер ключа.
+
+Предлагаемое значение обычно хорошо подходит.
+
+Е�ли Вам нужен ключ большого размера, например, 4096 бит, подумайте,
+дей�твительно ли �то дл� Ва� имеет �мы�л. См. комик� на �транице
+http://www.xkcd.com/538/ .
+.
+
+.gpg.keygen.size.huge.okay
+Отвечайте "да" или "нет".
+.
+
+
+.gpg.keygen.size.large.okay
+Отвечайте "да" или "нет".
+.
+
+
+.gpg.keygen.valid
+Введите нужное значение, как показано в приглашении.
+Можно вве�ти дату ИСО (ГГГГ-ММ-ДД), но �ообщени� об ошибках будут
+неудобочитаемыми: �и�тема пытает�� интерпретировать данное значение
+как интервал.
+.
+
+.gpg.keygen.valid.okay
+Отвечайте "да" или "нет".
+.
+
+
+.gpg.keygen.name
+Введите им� владельца ключа.
+Символы "<" и ">" недопу�тимы.
+Пример: Ва�� Пушкин
+.
+
+
+.gpg.keygen.email
+Введите, пожалуй�та, адре� �лектронной почты (необ�зательно,
+но очень рекомендует��).
+Пример: vp@test.ru
+.
+
+.gpg.keygen.comment
+Введите, пожалуй�та, необ�зательное примечание.
+Символы "(" и ")" недопу�тимы.
+В общем и целом оно не нужно.
+.
+
+
+.gpg.keygen.userid.cmd
+# (Keep a leading empty line)
+
+N  �менить им�.
+C  �менить примечание.
+E  �менить адре�.
+O  продолжить �оздание ключа.
+Q  прекратить �оздание ключа.
+.
+
+.gpg.keygen.sub.okay
+Введите "да" (или "y"), чтобы разрешить �оздание ключа.
+.
+
+.gpg.sign_uid.okay
+Отвечайте "да" или "нет".
+.
+
+.gpg.sign_uid.class
+Когда Вы подпи�ываете идентификатор пользовател� в ключе, нужно �начала
+удо�товерить��, что ключ принадлежит указанному в идентификаторе лицу.
+Другим полезно знать, на�колько тщательно Вы �то проверили.
+
+"0" значит, что Вы не указываете, на�колько тщательно вы провер�ли ключ.
+
+"1" значит, что Вы �читаете, что ключ принадлежит за�вленному лицу, но Вы
+    не могли проверить или не провер�ли ключ. Это полезно дл� проверки
+    "инкогнито", когда вы подпи�ываете ключ � п�евдонимом.
+
+"2" значит, что Вы провели ча�тичную проверку ключа. �апример, проверили
+    отпечаток ключа и идентификатор пользовател� из ключа
+    по фотоидентификатору.
+
+"3" значит, что Вы провели тщательную проверку ключа. �апример,
+    Вы проверили отпечаток ключа, а также проверили по удо�товерению
+    лично�ти (такому как па�порт), что им� владельца ключа �овпадает
+    � именем человека, запи�анным в идентификаторе пользовател� ключа;
+    наконец, Вы удо�товерили�ь (обмен�вши�ь �лектронной почтой), что
+    адре� �лектронной почты принадлежит владельцу ключа.
+
+Имейте в виду, что примеры, данные дл� уровней 2 и 3 - �то *только*
+примеры. В конечном �чете Вы �ами решаете, что значит "ча�тична�"
+и "тщательна�" проверка, когда Вы подпи�ываете другие ключи.
+
+Е�ли затрудн�ете�ь � ответом, по�тавьте "0".
+.
+
+.gpg.change_passwd.empty.okay
+Отвечайте "да" или "нет".
+.
+
+
+.gpg.keyedit.save.okay
+Отвечайте "да" или "нет".
+.
+
+
+.gpg.keyedit.cancel.okay
+Отвечайте "да" или "нет".
+.
+
+.gpg.keyedit.sign_all.okay
+Ответьте "да", е�ли хотите подпи�ать ВСЕ идентификаторы пользовател�.
+.
+
+.gpg.keyedit.remove.uid.okay
+Ответьте "да", е�ли дей�твительно хотите удалить �тот идентификатор
+пользовател�.
+В�е �ертификаты будут также удалены!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Ответьте "да", е�ли подключ можно удалить.
+.
+
+
+.gpg.keyedit.delsig.valid
+Это верна� подпи�ь ключа; как правило, ее не нужно удал�ть,
+по�кольку может быть важно у�тановить отношение довери� между
+�тим ключом и другими ключами.
+.
+
+.gpg.keyedit.delsig.unknown
+Эту подпи�ь нельз� проверить, по�кольку от�ут�твует �оответ�твующий
+ключ. Удаление ее нужно отложить до тех пор, пока не �танет
+изве�тно, какой из ключей был и�пользован, так как подпи�ь
+�того ключа могло бы у�тановить отношение довери� через
+другой, уже �ертифицированный ключ.
+.
+
+.gpg.keyedit.delsig.invalid
+Подпи�ь недей�твительна. Имеет �мы�л удалить ее из Вашей таблицы
+ключей.
+.
+
+.gpg.keyedit.delsig.selfsig
+Эта подпи�ь �в�зывает идентификатор пользовател� � ключом. Обычно
+удал�ть такие подпи�и не �ледует. Это может �делать ключ непригодным
+дл� пользовани� � GnuPG. Так что делайте �то только е�ли �та
+�амоподпи�ь по какой-то причине недей�твительна и е�ть друга�.
+.
+
+.gpg.keyedit.updpref.okay
+Изменить предпочтени� дл� в�ех идентификаторов пользовател� (или
+только дл� выбранных) на текущий �пи�ок предпочтений. Дата в�ех
+�амоподпи�ей, которых �то ка�ает��, будет �двинута вперед
+на одну �екунду.
+.
+
+
+.gpg.passphrase.enter
+# (keep a leading empty line)
+
+Введите, пожалуй�та, фразу-пароль (�екретное предложение).
+.
+
+
+.gpg.passphrase.repeat
+Повторите введенную фразу-пароль, чтобы проверить, что Вы не ошибли�ь.
+.
+
+.gpg.detached_signature.filename
+Задайте им� файла, который подпи�ывает��.
+.
+
+.gpg.openfile.overwrite.okay
+# openfile.c (overwrite_filep)
+Ответьте "да", е�ли файл можно перезапи�ать.
+.
+
+.gpg.openfile.askoutname
+# openfile.c (ask_outfile_name)
+Введите новое им� файла. Е�ли про�то нажать "Enter", будет
+и�пользован файл по умолчанию (указан в �кобках).
+.
+
+.gpg.ask_revocation_reason.code
+# revoke.c (ask_revocation_reason)
+�ужно указать причину отзыва. Можно выбрать из �пи�ка:
+  "Ключ был ра�крыт"
+      Е�ть о�новани� полагать, что какие-то лица получили
+      не�анкционированный до�туп к �екретному ключу.
+  "Ключ заменен другим"
+      Вы заменили ключ на новый.
+  "Ключ больше не и�пользует��"
+      Вы дали ключу от�тавку.
+  "ID пользовател� больше не дей�твителен"
+      ID пользовател� больше не должен употребл�ть��; обычно �то значит,
+      что адре� �лектронной почты недей�твителен.
+.
+
+.gpg.ask_revocation_reason.text
+# revoke.c (ask_revocation_reason)
+Е�ли хотите, можете вве�ти тек�т, по��н�ющий причину, по которой
+выпущен �тот �ертификат отзыва. Выражайте�ь, пожалуй�та, ��но.
+Тек�т заканчивает�� пу�той �трокой.
+.
+
+
+
+
+.gpgsm.root-cert-not-trusted
+# This text gets displayed by the audit log if
+# a root certificates was not trusted.
+�ет довери� к корневому �ертификату. В зави�имо�ти от на�троек
+Вам могли предложить пометить �тот корневой �ертификат как доверенный
+или вручную указать GnuPG, что �тому �ертификату нужно довер�ть.
+Доверенные �ертификаты задают�� в файле trustlist.txt в домашнем
+каталоге GnuPG. Е�ли �омневаете�ь, �про�ите �воего �и�темного
+админи�тратора, �ледует ли Вам довер�ть �тому �ертификату.
+
+
+.gpgsm.crl-problem
+# This tex is displayed by the audit log for problems with
+# the CRL or OCSP checking.
+В зави�имо�ти от на�троек возникла проблема в получении �пи�ка
+отозванных �ертификатов или в выполнении проверки по протоколу
+OCSP. Это могло �лучить�� по очень многим причинам. Обратите�ь
+к документации за возможными решени�ми.
+
+
+# Local variables:
+# mode: default-generic
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.sk.txt b/msys2/usr/share/gnupg/help.sk.txt
new file mode 100644
index 000000000..9e50c762f
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.sk.txt
@@ -0,0 +1,254 @@
+# help.sk.txt - sk GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Je na Vás, aby ste sem priradili hodnotu; táto hodnota nebude nikdy
+exportovaná tretej strane. Potrebujeme ju k implementácii "pavu�iny
+dôvery"; nemá to ni� spolo�né s (implicitne vytvorenou) "pavu�inou
+certifikátov".
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Aby bolo možné vybudovať pavu�inu dôvery, musí GnuPG vedieť, ktorým kľú�om
+dôverujete absolútne - oby�ajne sú to tie kľú�e, pre ktoré máte prístup
+k tajným kľú�om. Odpovedzte "ano", aby ste nastavili tieto kľú�e
+ako absolútne dôveryhodné
+
+.
+
+.gpg.untrusted_key.override
+Pokiaľ aj tak chcete použiť tento nedôveryhodný kľú�, odpovedzte "ano".
+.
+
+.gpg.pklist.user_id.enter
+Vložte identifikátor adresáta, ktorému chcete poslať správu.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.gpg.keygen.algo.rsa_se
+Všebecne nemožno odporú�ať používať rovnaký kľú� na šifrovanie a podeisovanie
+Tento algoritmus je vhodné použiť len za ur�itých podmienok.
+Kontaktujte prosím najprv bezpe�nostného špecialistu.
+.
+
+.gpg.keygen.size
+Vložte dĺžku kľú�a
+.
+
+.gpg.keygen.size.huge.okay
+Odpovedzte "ano" alebo "nie"
+.
+
+.gpg.keygen.size.large.okay
+Odpovedzte "ano" alebo "nie"
+.
+
+.gpg.keygen.valid
+Vložte požadovanú hodnotu tak, ako je uvedené v príkazovom riadku.
+Je možné vložiť dátum vo formáte ISO (RRRR-MM-DD), ale nedostanete
+správnu chybovú hlášku - miesto toho systém skúsi interpretovať
+zadanú hodnotu ako interval.
+.
+
+.gpg.keygen.valid.okay
+Odpovedzte "ano" alebo "nie"
+.
+
+.gpg.keygen.name
+Vložte meno držiteľa kľú�a
+.
+
+.gpg.keygen.email
+prosím, vložte e-mailovú adresu (nepovinné, ale veľmi odporú�ané)
+.
+
+.gpg.keygen.comment
+Prosím, vložte nepovinný komentár
+.
+
+.gpg.keygen.userid.cmd
+N  pre zmenu názvu.
+C  pre zmenu komentára.
+E  pre zmenu e-mailovej adresy.
+O  pre pokra�ovanie generovania kľú�a.
+Q  pre ukon�enie generovania kľú�a.
+.
+
+.gpg.keygen.sub.okay
+Ak chcete generovať podkľú�, odpovedzte "ano" (alebo len "a").
+.
+
+.gpg.sign_uid.okay
+Odpovedzte "ano" alebo "nie"
+.
+
+.gpg.sign_uid.class
+Skôr ako podpíšete id užívateľa, mali by ste najprv overiť, �i kľú�
+patrí osobe, ktorej meno je uvedené v identifikátore užívateľa.
+Je veľmi užito�né, ke� ostatní vedia, ako dôsledne ste previedli
+takéto overenie.
+
+"0" znamená, že neuvádzate, ako dôsledne ste pravosť kľú�a overili
+
+"1" znamená, že veríte tomu, že kľú� patrí osobe, ktorá je uvedená,
+    v užívateľskom ID, ale nemohli ste alebo jste nepreverili túto skuto�nosť.
+    To je užito�né pre "osobnú" verifikáciu, ke� podpisujete kľú�e, ktoré
+    používajú pseudonym užívateľa.
+
+"2" znamená, že ste �iasto�ne overili pravosť kľú�a. Napr. ste overili
+    fingerprint kľú�a a skontrolovali identifikátor užívateľa
+    uvedený na kľú�i s fotografickým id.
+
+"3" Znamená, že ste vykonali veľmi dôkladné overenie pravosti kľú�a.
+    To môže napríklad znamenať, že ste overili fingerprint kľú�a 
+    jeho vlastníka osobne a �alej ste pomocou tažko falšovateľného 
+    dokumentu s fotografiou (napríklad pasu) overili, že meno majiteľa
+    kľú�a sa zhoduje s menom uvedeným v užívateľskom ID a �alej ste 
+    overili (výmenou elektronických dopisov), že elektronická adresa uvedená 
+    v ID užívateľa patrí majiteľovi kľú�a.
+
+Prosím nezabúdajte, že príklady uvedené pre úroveň 2 a 3 sú *len*
+príklady.
+Je len na Vašom rozhodnutí, �o "�iasto�né" a "dôkladné" overenie znamená
+ke� budete podpisovať kľú�e iným užívateľom.
+
+Pokiaľ neviete, aká je správna odpove�, odpovedzte "0".
+.
+
+.gpg.change_passwd.empty.okay
+Odpovedzte "ano" alebo "nie"
+.
+
+.gpg.keyedit.save.okay
+Odpovedzte "ano" alebo "nie"
+.
+
+.gpg.keyedit.cancel.okay
+Odpovedzte "ano" alebo "nie"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.gpg.keyedit.remove.uid.okay
+Pokiaľ skuto�ne chcete zmazať tento identifikátor užívateľa, odpovedzte "ano".
+Všetky certifikáty budú tiež stratené!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Odpovedzte "ano", pokiaľ chcete zmazať podkľú�
+.
+
+.gpg.keyedit.delsig.valid
+Toto je platný podpis kľú�a; normálne nechcete tento podpis zmazať,
+pretože môže byť dôležitý pri vytváraní dôvery kľú�a alebo iného kľú�a
+ceritifikovaného týmto kľú�om.
+.
+
+.gpg.keyedit.delsig.unknown
+Tento podpis nemôže byť overený, pretože nemáte zodpovedajúci verejný kľú�.
+Jeho zmazanie by ste mali odložiť do �asu, ke� budete vedieť, ktorý kľú�
+bol použitý, pretože tento podpisovací kľú� môže vytvoriť dôveru
+prostredníctvom iného už certifikovaného kľú�a.
+.
+
+.gpg.keyedit.delsig.invalid
+Podpis je neplatný. Je rozumné ho odstrániť z Vášho súboru kľú�ov.
+.
+
+.gpg.keyedit.delsig.selfsig
+Toto je podpis, ktorý viaže identifikátor užívateľa ku kľú�u. Zvy�ajne
+nie je dobré takýto podpis odstrániť. GnuPG nemôže tento kľú� na�alej
+používať. Urobte to len v prípade, ke� je tento podpis kľú�a
+ním samým z nejakého dôvodu neplatný a ke� je k dispozícii iný kľú�.
+.
+
+.gpg.keyedit.updpref.okay
+Zmeniť predvoľby pre všetky užívateľské ID (alebo len pre ozna�ené)
+na aktuálny zoznam predvolieb. Časové razítka všetkých dotknutých podpisov
+kľú�ov nimi samotnými budú posunuté o jednu sekundu dopredu.
+
+.
+
+.gpg.passphrase.enter
+Prosím, vložte heslo; toto je tajná veta 
+
+.
+
+.gpg.passphrase.repeat
+Prosím, zopakujte posledné heslo, aby ste si boli istý, �o ste napísali.
+.
+
+.gpg.detached_signature.filename
+Zadajte názov súboru, ku ktorému sa podpis vzťahuje
+.
+
+.gpg.openfile.overwrite.okay
+Ak si prajete prepísanie súboru, odpovedzte "ano"
+.
+
+.gpg.openfile.askoutname
+Prosím, vložte nový názov súboru. Ak len stla�íte RETURN, bude
+použitý implicitný súbor (ktorý je zobrazený v zátvorkách).
+.
+
+.gpg.ask_revocation_reason.code
+Mali by ste špecifikovať dôvod certifikácie. V závislosti na kontexte
+máte možnosť si vybrať zo zoznamu:
+  "kľú� bol kompromitovaný"
+      Toto použite, pokiaľ si myslíte, že k Vášmu tajnému kľú�u získali
+       prístup neoprávnené osoby.
+  "kľú� je nahradený"
+      Toto použite, pokiaľ ste tento kľú� nahradili novším kľú�om.
+  "kľú� sa už nepoužíva"
+      Toto použite, pokiaľ tento kľú� už nepoužívate.
+  "Identifikátor užívateľa už nie je platný"
+      Toto použite, pokiaľ by sa identifikátor užívateľa už nemal používať;
+      normálne sa používa na ozna�enie neplatnej e-mailové adresy.
+
+.
+
+.gpg.ask_revocation_reason.text
+Ak chcete, môžete vložiť text popisujúcí pôvod vzniku tohto revoka�ného
+ceritifikátu. Prosím, stru�ne. 
+Text kon�í prázdnym riadkom.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.sv.txt b/msys2/usr/share/gnupg/help.sv.txt
new file mode 100644
index 000000000..0ac3be7ab
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.sv.txt
@@ -0,0 +1,286 @@
+# help..txt -  GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.#gpg.edit_ownertrust.value
+# fixme: Please translate and remove the hash mark from the key line.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.#gpg.edit_ownertrust.set_ultimate.okay
+# fixme: Please translate and remove the hash mark from the key line.
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted
+
+.
+
+.#gpg.untrusted_key.override
+# fixme: Please translate and remove the hash mark from the key line.
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.#gpg.pklist.user_id.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.#gpg.keygen.algo
+# fixme: Please translate and remove the hash mark from the key line.
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+.#gpg.keygen.algo.rsa_se
+# fixme: Please translate and remove the hash mark from the key line.
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+.#gpg.keygen.size
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the size of the key
+.
+
+.#gpg.keygen.size.huge.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.size.large.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.valid
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.#gpg.keygen.valid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keygen.name
+# fixme: Please translate and remove the hash mark from the key line.
+Enter the name of the key holder
+.
+
+.#gpg.keygen.email
+# fixme: Please translate and remove the hash mark from the key line.
+please enter an optional but highly suggested email address
+.
+
+.#gpg.keygen.comment
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter an optional comment
+.
+
+.#gpg.keygen.userid.cmd
+# fixme: Please translate and remove the hash mark from the key line.
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to to quit the key generation.
+.
+
+.#gpg.keygen.sub.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.#gpg.sign_uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.sign_uid.class
+# fixme: Please translate and remove the hash mark from the key line.
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.#gpg.change_passwd.empty.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.save.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.cancel.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" or "no"
+.
+
+.#gpg.keyedit.sign_all.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you want to sign ALL the user IDs
+.
+
+.#gpg.keyedit.remove.uid.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.#gpg.keyedit.remove.subkey.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to delete the subkey
+.
+
+.#gpg.keyedit.delsig.valid
+# fixme: Please translate and remove the hash mark from the key line.
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.#gpg.keyedit.delsig.unknown
+# fixme: Please translate and remove the hash mark from the key line.
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.#gpg.keyedit.delsig.invalid
+# fixme: Please translate and remove the hash mark from the key line.
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.#gpg.keyedit.delsig.selfsig
+# fixme: Please translate and remove the hash mark from the key line.
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.#gpg.keyedit.updpref.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+
+.
+
+.#gpg.passphrase.enter
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter the passphrase; this is a secret sentence
+
+.
+
+.#gpg.passphrase.repeat
+# fixme: Please translate and remove the hash mark from the key line.
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.#gpg.detached_signature.filename
+# fixme: Please translate and remove the hash mark from the key line.
+Give the name of the file to which the signature applies
+.
+
+.#gpg.openfile.overwrite.okay
+# fixme: Please translate and remove the hash mark from the key line.
+Answer "yes" if it is okay to overwrite the file
+.
+
+.#gpg.openfile.askoutname
+# fixme: Please translate and remove the hash mark from the key line.
+Please enter a new filename. If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.#gpg.ask_revocation_reason.code
+# fixme: Please translate and remove the hash mark from the key line.
+You should specify a reason for the certification.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+
+.
+
+.#gpg.ask_revocation_reason.text
+# fixme: Please translate and remove the hash mark from the key line.
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.tr.txt b/msys2/usr/share/gnupg/help.tr.txt
new file mode 100644
index 000000000..086f19163
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.tr.txt
@@ -0,0 +1,242 @@
+# help.tr.txt - tr GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+Bir değeri buraya işaretlemek size kalmış; bu değer herhangi bir 3. şahsa
+gönderilmeyecek. Bir güvence ağı sağlamak için bizim buna ihtiyacımız var;
+bunun (açıkça belirtilmeden oluşturulmuş) sertifikalar ağıyla
+hiçbir alakası yok.
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+Web-of-Trust oluşturulabilmesi için GnuPG'ye hangi anahtarların son derece
+güvenli (bunlar gizli anahtarlarına erişiminiz olan anahtarlardır) olduğunun
+bildirilmesi gerekir. "evet" yanıtı bu anahtarın son derece güvenli
+olduğunun belirtilmesi için yeterlidir.
+
+.
+
+.gpg.untrusted_key.override
+Bu güvencesiz anahtarı yine de kullanmak istiyorsanız cevap olarak
+ "evet" yazın.
+.
+
+.gpg.pklist.user_id.enter
+Bu iletiyi göndereceğiniz adresin kullanıcı kimliğini giriniz.
+.
+
+.gpg.keygen.algo
+Kullanılacak algoritmayı seçiniz.
+
+DSA (nam-ı diğer DSS) Sayısal İmza Algortimasıdır ve
+sadece imzalar için kullanılabilir.
+
+Elgamal sadece şifreleme amacıyla kullanılabilen bir algoritmadır.
+
+RSA hem imzalamak hem de şifrelemek amacıyla kullanılabilir.
+
+İlk (asıl) anahtar daima imzalama yeteneğine sahip bir anahtar olmalıdır.
+.
+
+.gpg.keygen.algo.rsa_se
+Genelde imzalama ve şifreleme için aynı anahtarı kullanmak iyi bir fikir
+değildir. Bu algoritma sadece belli alanlarda kullanılabilir.
+Lütfen güvenlik uzmanınıza danışın.
+.
+
+.gpg.keygen.size
+Anahtar uzunluÄŸunu giriniz
+.
+
+.gpg.keygen.size.huge.okay
+Cevap "evet" ya da "hayır"
+.
+
+.gpg.keygen.size.large.okay
+Cevap "evet" ya da "hayır"
+.
+
+.gpg.keygen.valid
+İstenen değeri girin. ISO tarihi (YYYY-AA-GG) girmeniz mümkündür fakat
+iyi bir hata cevabı alamazsınız -- onun yerine sistem verilen değeri
+bir zaman aralığı olarak çözümlemeyi dener.
+.
+
+.gpg.keygen.valid.okay
+Cevap "evet" ya da "hayır"
+.
+
+.gpg.keygen.name
+Anahtar tutucunun ismini giriniz
+.
+
+.gpg.keygen.email
+lütfen bir E-posta adresi girin (isteğe bağlı ancak kuvvetle tavsiye edilir)
+.
+
+.gpg.keygen.comment
+Lütfen önbilgi girin (isteğe bağlı)
+.
+
+.gpg.keygen.userid.cmd
+S iSim değiştirmek için.
+B önBilgiyi değiştirmek için.
+P e-Posta adresini değiştirmek için.
+D anahtar üretimine Devam etmek için.
+K anahtar üretiminden çıKmak için.
+.
+
+.gpg.keygen.sub.okay
+Yardımcı anahtarı üretmek istiyorsanız "evet" ya da "e" girin.
+.
+
+.gpg.sign_uid.okay
+Cevap "evet" ya da "hayır"
+.
+
+.gpg.sign_uid.class
+Bir anahtarı bir kullanıcı kimlikle imzalamadan önce kullanıcı kimliğin
+içindeki ismin, anahtarın sahibine ait olup olmadığını kontrol etmelisiniz.
+
+"0" bu kontrolu yapmadığınız ve yapmayı da bilmediğiniz anlamındadır.
+"1" anahtar size sahibi tarafından gönderildi ama siz bu anahtarı başka
+      kaynaklardan doğrulamadınız anlamındadır. Bu kişisel doğrulama için
+      yeterlidir. En azında yarı anonim bir anahtar imzalaması yapmış
+      olursunuz.
+"2" ayrıntılı bir inceleme yapıldığı anlamındadır. Örneğin parmakizi ve
+      bir anahtarın foto kimliğiyle kullanıcı kimliğini karşılaştırmak
+      gibi denetimleri yapmışsınızdır.
+"3" inceden inceye bir doğrulama anlatır. Örneğin, şahıstaki anahtarın
+      sahibi ile anahtar parmak izini karşılaştırmışsınızdır ve anahtardaki
+      kullanıcı kimlikte belirtilen isme ait bir basılı kimlik belgesindeki
+      bir fotoğrafla şahsı karşılaştırmışsınızdır ve son olarak anahtar
+      sahibinin e-posta adresini kendisinin kullanmakta olduÄŸunu da
+      denetlemiÅŸsinizdir.
+Burada 2 ve 3 için verilen örnekler *sadece* örnektir.
+Eninde sonunda bir anahtarı imzalarken "ayrıntılı" ve "inceden inceye" kontroller arasındaki ayrıma siz karar vereceksiniz.
+Bu kararı verebilecek durumda değilseniz "0" cevabını verin.
+.
+
+.gpg.change_passwd.empty.okay
+Cevap "evet" ya da "hayır"
+.
+
+.gpg.keyedit.save.okay
+Cevap "evet" ya da "hayır"
+.
+
+.gpg.keyedit.cancel.okay
+Cevap "evet" ya da "hayır"
+.
+
+.gpg.keyedit.sign_all.okay
+Kullanıcı kimliklerinin TÜMünü imzalamak istiyorsanız "evet" ya da "yes" yazın
+.
+
+.gpg.keyedit.remove.uid.okay
+Bu kullanıcı kimliğini gerçekten silmek istiyorsanız "evet" girin.
+Böylece bütün sertifikaları kaybedeceksiniz!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Bu yardımcı anahtarı silme izni vermek istiyorsanız "evet" girin
+.
+
+.gpg.keyedit.delsig.valid
+Bu, anahtar üzerinde geçerli bir imzadır; anahtara ya da bu anahtarla
+sertifikalanmış bir diğer anahtara bir güvence bağlantısı sağlamakta
+önemli olabileceğinden normalde bu imzayı silmek istemezsiniz.
+.
+
+.gpg.keyedit.delsig.unknown
+Bu imza, anahtarına sahip olmadığınızdan, kontrol edilemez. Bu imzanın
+silinmesini hangi anahtarın kullanıldığını bilene kadar
+ertelemelisiniz çünkü bu imzalama anahtarı başka bir sertifikalı
+anahtar vasıtası ile bir güvence bağlantısı sağlayabilir.
+.
+
+.gpg.keyedit.delsig.invalid
+İmza geçersiz. Anahtarlıktan kaldırmak uygun olacak.
+.
+
+.gpg.keyedit.delsig.selfsig
+Bu imza kullanıcı kimliğini anahtara bağlar. Öz-imzayı silmek hiç iyi
+bir fikir değil. GnuPG bu anahtarı bir daha hiç kullanamayabilir.
+Bunu sadece, eğer bu öz-imza bazı durumlarda geçerli değilse ya da
+kullanılabilir bir ikincisi var ise yapın.
+.
+
+.gpg.keyedit.updpref.okay
+Tüm kullanıcı kimlik tercihlerini (ya da seçilen birini) mevcut tercihler
+listesine çevirir. Tüm etkilenen öz-imzaların zaman damgaları bir sonraki
+tarafından öne alınacaktır.
+
+.
+
+.gpg.passphrase.enter
+Lütfen bir anahtar parolası giriniz; yazdıklarınız görünmeyecek
+
+.
+
+.gpg.passphrase.repeat
+Lütfen son parolayı tekrarlayarak ne yazdığınızdan emin olun.
+.
+
+.gpg.detached_signature.filename
+İmzanın uygulanacağı dosyanın ismini verin
+.
+
+.gpg.openfile.overwrite.okay
+Dosyanın üzerine yazılacaksa lütfen "evet" yazın
+.
+
+.gpg.openfile.askoutname
+Lütfen yeni dosya ismini girin. Dosya ismini yazmadan RETURN tuşlarsanız
+parantez içinde gösterilen öntanımlı dosya kullanılacak.
+.
+
+.gpg.ask_revocation_reason.code
+Sertifikalama için bir sebep belirtmelisiniz. İçeriğine bağlı olarak
+bu listeden seçebilirsiniz:
+  "Anahtar tehlikede"
+	Yetkisiz kişilerin gizli anahtarınıza erişebildiğine inanıyorsanız
+	bunu seçin.
+  "Anahtar geçici"
+	Mevcut anahtarı daha yeni bir anahtar ile değiştirmişseniz bunu seçin.
+  "Anahtar artık kullanılmayacak"
+	Anahtarı emekliye ayıracaksanız bunu seçin.
+  "Kullanıcı kimliği artık geçersiz"
+	Kullanıcı kimliği artık kullanılamayacak durumdaysa bunu
+	seçin; genelde Eposta adresi geçersiz olduğunda kullanılır.
+
+.
+
+.gpg.ask_revocation_reason.text
+İsterseniz, neden bu yürürlükten kaldırma sertifikasını
+verdiğinizi açıklayan bir metin girebilirsiniz.
+Lütfen bu metin kısa olsun. Bir boş satır metni bitirir.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.txt b/msys2/usr/share/gnupg/help.txt
new file mode 100644
index 000000000..38f25cd3e
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.txt
@@ -0,0 +1,398 @@
+# help.txt - English GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+# Note that this help file needs to be UTF-8 encoded.  When looking
+# for a help item, GnuPG scans the help files in the following order
+# (assuming a GNU or Unix system):
+#
+#    /etc/gnupg/help.LL_TT.txt
+#    /etc/gnupg/help.LL.txt
+#    /etc/gnupg/help.txt
+#    /usr/share/gnupg/help.LL_TT.txt
+#    /usr/share/gnupg/help.LL.txt
+#    /usr/share/gnupg/help.txt
+#
+# Here LL_TT denotes the full name of the current locale with the
+# territory (.e.g. "de_DE"), LL denotes just the locale name
+# (e.g. "de").  The first matching item is returned.  To put a dot or
+# a hash mark at the beginning of a help text line, it needs to be
+# prefixed with ". ".  A single dot may be used to terminated ahelp
+# entry.
+
+.#pinentry.qualitybar.tooltip
+# [remove the hash mark from the key to enable this text]
+# This entry is just an example on how to customize the tooltip shown
+# when hovering over the quality bar of the pinentry.  We don't
+# install this text so that the hardcoded translation takes
+# precedence.  An administrator should write up a short help to tell
+# the users about the configured passphrase constraints and save that
+# to /etc/gnupg/help.txt.  The help text should not be longer than
+# about 800 characters.
+This bar indicates the quality of the passphrase entered above.
+
+As long as the bar is shown in red, GnuPG considers the passphrase too
+weak to accept.  Please ask your administrator for details about the
+configured passphrase constraints.
+.
+
+
+.gnupg.agent-problem
+# There was a problem accessing or starting the agent.
+It was either not possible to connect to a running Gpg-Agent or a
+communication problem with a running agent occurred.
+
+The system uses a background process, called Gpg-Agent, for processing
+private keys and to ask for passphrases.  The agent is usually started
+when the user logs in and runs as long the user is logged in. In case
+that no agent is available, the system tries to start one on the fly
+but that version of the agent is somewhat limited in functionality and
+thus may lead to little problems.
+
+You probably need to ask your administrator on how to solve the
+problem.  As a workaround you might try to log out and in to your
+session and see whether this helps.  If this helps please tell the
+administrator anyway because this indicates a bug in the software.
+.
+
+
+.gnupg.dirmngr-problem
+# There was a problen accessing the dirmngr.
+It was either not possible to connect to a running Dirmngr or a
+communication problem with a running Dirmngr occurred.
+
+To lookup certificate revocation lists (CRLs), performing OCSP
+validation and to lookup keys through LDAP servers, the system uses an
+external service program named Dirmngr.  The Dirmngr is usually running
+as a system service (daemon) and does not need any attention by the
+user.  In case of problems the system might start its own copy of the
+Dirmngr on a per request base; this is a workaround and yields limited
+performance.
+
+If you encounter this problem, you should ask your system
+administrator how to proceed.  As an interim solution you may try to
+disable CRL checking in gpgsm's configuration.
+.
+
+
+.gpg.edit_ownertrust.value
+# The help identies prefixed with "gpg." used to be hard coded in gpg
+# but may now be overridden by help texts from this file.
+It's up to you to assign a value here; this value will never be exported
+to any 3rd party.  We need it to implement the web-of-trust; it has nothing
+to do with the (implicitly created) web-of-certificates.
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+To build the Web-of-Trust, GnuPG needs to know which keys are
+ultimately trusted - those are usually the keys for which you have
+access to the secret key.  Answer "yes" to set this key to
+ultimately trusted.
+
+
+.gpg.untrusted_key.override
+If you want to use this untrusted key anyway, answer "yes".
+.
+
+.gpg.pklist.user_id.enter
+Enter the user ID of the addressee to whom you want to send the message.
+.
+
+.gpg.keygen.algo
+Select the algorithm to use.
+
+DSA (aka DSS) is the Digital Signature Algorithm and can only be used
+for signatures.
+
+Elgamal is an encrypt-only algorithm.
+
+RSA may be used for signatures or encryption.
+
+The first (primary) key must always be a key which is capable of signing.
+.
+
+
+.gpg.keygen.algo.rsa_se
+In general it is not a good idea to use the same key for signing and
+encryption.  This algorithm should only be used in certain domains.
+Please consult your security expert first.
+.
+
+
+.gpg.keygen.flags
+Toggle the capabilities of the key.
+
+It is only possible to toggle those capabilities which are possible
+for the selected algorithm.
+
+To quickly set the capabilities all at once it is possible to enter a
+'=' as first character followed by a list of letters indicating the
+capability to set: 's' for signing, 'e' for encryption, and 'a' for
+authentication.  Invalid letters and impossible capabilities are
+ignored.  This submenu is immediately closed after using this
+shortcut.
+.
+
+
+.gpg.keygen.size
+Enter the size of the key.
+
+The suggested default is usually a good choice.
+
+If you want to use a large key size, for example 4096 bit, please
+think again whether it really makes sense for you.  You may want
+to view the web page http://www.xkcd.com/538/ .
+.
+
+.gpg.keygen.size.huge.okay
+Answer "yes" or "no".
+.
+
+
+.gpg.keygen.size.large.okay
+Answer "yes" or "no".
+.
+
+
+.gpg.keygen.valid
+Enter the required value as shown in the prompt.
+It is possible to enter a ISO date (YYYY-MM-DD) but you won't
+get a good error response - instead the system tries to interpret
+the given value as an interval.
+.
+
+.gpg.keygen.valid.okay
+Answer "yes" or "no".
+.
+
+
+.gpg.keygen.name
+Enter the name of the key holder.
+The characters "<" and ">" are not allowed.
+Example: Heinrich Heine
+.
+
+
+.gpg.keygen.email
+Please enter an optional but highly suggested email address.
+Example: heinrichh@duesseldorf.de
+.
+
+.gpg.keygen.comment
+Please enter an optional comment.
+The characters "(" and ")" are not allowed.
+In general there is no need for a comment.
+.
+
+
+.gpg.keygen.userid.cmd
+# (Keep a leading empty line)
+
+N  to change the name.
+C  to change the comment.
+E  to change the email address.
+O  to continue with key generation.
+Q  to quit the key generation.
+.
+
+.gpg.keygen.sub.okay
+Answer "yes" (or just "y") if it is okay to generate the sub key.
+.
+
+.gpg.sign_uid.okay
+Answer "yes" or "no".
+.
+
+.gpg.sign_uid.class
+When you sign a user ID on a key, you should first verify that the key
+belongs to the person named in the user ID.  It is useful for others to
+know how carefully you verified this.
+
+"0" means you make no particular claim as to how carefully you verified the
+    key.
+
+"1" means you believe the key is owned by the person who claims to own it
+    but you could not, or did not verify the key at all.  This is useful for
+    a "persona" verification, where you sign the key of a pseudonymous user.
+
+"2" means you did casual verification of the key.  For example, this could
+    mean that you verified the key fingerprint and checked the user ID on the
+    key against a photo ID.
+
+"3" means you did extensive verification of the key.  For example, this could
+    mean that you verified the key fingerprint with the owner of the key in
+    person, and that you checked, by means of a hard to forge document with a
+    photo ID (such as a passport) that the name of the key owner matches the
+    name in the user ID on the key, and finally that you verified (by exchange
+    of email) that the email address on the key belongs to the key owner.
+
+Note that the examples given above for levels 2 and 3 are *only* examples.
+In the end, it is up to you to decide just what "casual" and "extensive"
+mean to you when you sign other keys.
+
+If you don't know what the right answer is, answer "0".
+.
+
+.gpg.change_passwd.empty.okay
+Answer "yes" or "no".
+.
+
+
+.gpg.keyedit.save.okay
+Answer "yes" or "no".
+.
+
+
+.gpg.keyedit.cancel.okay
+Answer "yes" or "no".
+.
+
+.gpg.keyedit.sign_all.okay
+Answer "yes" if you want to sign ALL the user IDs.
+.
+
+.gpg.keyedit.remove.uid.okay
+Answer "yes" if you really want to delete this user ID.
+All certificates are then also lost!
+.
+
+.gpg.keyedit.remove.subkey.okay
+Answer "yes" if it is okay to delete the subkey.
+.
+
+
+.gpg.keyedit.delsig.valid
+This is a valid signature on the key; you normally don't want
+to delete this signature because it may be important to establish a
+trust connection to the key or another key certified by this key.
+.
+
+.gpg.keyedit.delsig.unknown
+This signature can't be checked because you don't have the
+corresponding key.  You should postpone its deletion until you
+know which key was used because this signing key might establish
+a trust connection through another already certified key.
+.
+
+.gpg.keyedit.delsig.invalid
+The signature is not valid.  It does make sense to remove it from
+your keyring.
+.
+
+.gpg.keyedit.delsig.selfsig
+This is a signature which binds the user ID to the key. It is
+usually not a good idea to remove such a signature.  Actually
+GnuPG might not be able to use this key anymore.  So do this
+only if this self-signature is for some reason not valid and
+a second one is available.
+.
+
+.gpg.keyedit.updpref.okay
+Change the preferences of all user IDs (or just of the selected ones)
+to the current list of preferences.  The timestamp of all affected
+self-signatures will be advanced by one second.
+.
+
+
+.gpg.passphrase.enter
+# (keep a leading empty line)
+
+Please enter the passphrase; this is a secret sentence.
+.
+
+
+.gpg.passphrase.repeat
+Please repeat the last passphrase, so you are sure what you typed in.
+.
+
+.gpg.detached_signature.filename
+Give the name of the file to which the signature applies.
+.
+
+.gpg.openfile.overwrite.okay
+# openfile.c (overwrite_filep)
+Answer "yes" if it is okay to overwrite the file.
+.
+
+.gpg.openfile.askoutname
+# openfile.c (ask_outfile_name)
+Please enter a new filename.  If you just hit RETURN the default
+file (which is shown in brackets) will be used.
+.
+
+.gpg.ask_revocation_reason.code
+# revoke.c (ask_revocation_reason)
+You should specify a reason for the revocation.  Depending on the
+context you have the ability to choose from this list:
+  "Key has been compromised"
+      Use this if you have a reason to believe that unauthorized persons
+      got access to your secret key.
+  "Key is superseded"
+      Use this if you have replaced this key with a newer one.
+  "Key is no longer used"
+      Use this if you have retired this key.
+  "User ID is no longer valid"
+      Use this to state that the user ID should not longer be used;
+      this is normally used to mark an email address invalid.
+.
+
+.gpg.ask_revocation_reason.text
+# revoke.c (ask_revocation_reason)
+If you like, you can enter a text describing why you issue this
+revocation certificate.  Please keep this text concise.
+An empty line ends the text.
+.
+
+.gpg.tofu.conflict
+# tofu.c
+TOFU has detected another key with the same (or a very similar) email
+address.  It might be that the user created a new key.  In this case,
+you can safely trust the new key (but, confirm this by asking the
+person).  However, it could also be that the key is a forgery or there
+is an active Man-in-the-Middle (MitM) attack.  In this case, you
+should mark the key as being bad, so that it is untrusted.  Marking a
+key as being untrusted means that any signatures will be considered
+bad and attempts to encrypt to the key will be flagged.  If you are
+unsure and can't currently check, you should select either accept once
+or reject once.
+.
+
+.gpgsm.root-cert-not-trusted
+# This text gets displayed by the audit log if
+# a root certificates was not trusted.
+The root certificate (the trust-anchor) is not trusted.  Depending on
+the configuration you may have been prompted to mark that root
+certificate as trusted or you need to manually tell GnuPG to trust that
+certificate.  Trusted certificates are configured in the file
+trustlist.txt in GnuPG's home directory.  If you are in doubt, ask
+your system administrator whether you should trust this certificate.
+
+
+.gpgsm.crl-problem
+# This text is displayed by the audit log for problems with
+# the CRL or OCSP checking.
+Depending on your configuration a problem retrieving the CRL or
+performing an OCSP check occurred.  There are a great variety of
+reasons why this did not work.  Check the manual for possible
+solutions.
+
+
+# Local variables:
+# mode: default-generic
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.zh_CN.txt b/msys2/usr/share/gnupg/help.zh_CN.txt
new file mode 100644
index 000000000..7b199c2fe
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.zh_CN.txt
@@ -0,0 +1,233 @@
+# help.zh_CN.txt - zh_CN GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+在这里指定的数值完全由您自己决定；这些数值永远�会被输出给任何第三方。
+我们需�它�实现“信任网络�；这跟��建立起�的“验�网络�无关。
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+�建立起信任网络，GnuPG 需�知�哪些密钥是��对信任的――通常
+就是您拥有�钥的那些密钥。回答“yes�将此密钥设���对信任的
+
+.
+
+.gpg.untrusted_key.override
+如果您无论如何�使用这把未被信任的密钥，请回答“yes�。
+.
+
+.gpg.pklist.user_id.enter
+输入您�递�的报文的接收者的用户标识。
+.
+
+.gpg.keygen.algo
+选择使用的算法。
+
+DSA (也� DSS)�“数字签�算法�(美国国家标准)，�能够用作签�。
+
+Elgamal 是一��能用作加密的算法。
+
+RSA �以用作签�或加密。
+
+第一把密钥(主钥)必须具有签�的能力。
+.
+
+.gpg.keygen.algo.rsa_se
+通常�说用�一把密钥签��加密并�是个好主�。这个算法�在特定的情况
+下使用。请先咨询安全方�的专家。
+.
+
+.gpg.keygen.size
+请输入密钥的尺寸
+.
+
+.gpg.keygen.size.huge.okay
+请回答“yes�或“no�
+.
+
+.gpg.keygen.size.large.okay
+请回答“yes�或“no�
+.
+
+.gpg.keygen.valid
+请输入�示所�求的数值。
+您�以输入 ISO 日期格�(YYYY-MM-DD)，但是出错时您�会得到�好的�应
+――系统会�试将给定值解释为时间间隔。
+.
+
+.gpg.keygen.valid.okay
+请回答“yes�或“no�
+.
+
+.gpg.keygen.name
+请输入密钥�有人的�字
+.
+
+.gpg.keygen.email
+请输入电�邮件地�(�选项，但强烈推�使用)
+.
+
+.gpg.keygen.comment
+请输入注释(�选项)
+.
+
+.gpg.keygen.userid.cmd
+N  修改姓�。
+C  修改注释。
+E  修改电�邮件地�。
+O  继续产生密钥。
+Q  中止产生密钥。
+.
+
+.gpg.keygen.sub.okay
+如果您�许生��钥，请回答“yes�(或者“y�)。
+.
+
+.gpg.sign_uid.okay
+请回答“yes�或“no�
+.
+
+.gpg.sign_uid.class
+当您为�把密钥上�个用户标识添加签�时，您必须首先验�这把密钥确实属于
+署�于它的用户标识上的那个人。了解到您曾多么谨慎地对此进行过验�，对其
+他人是�常有用的
+
+“0� 表示您对您有多么仔细地验�这把密钥的问题�表�。
+
+“1� 表示您相信这把密钥属于那个声明是主人的人，但是您�能或根本没有验
+      �过。如果您为一把属于类似虚拟人物的密钥签�，这个选择很有用。
+
+“2� 表示您��地验�了那把密钥。例如，您验�了这把密钥的指纹，或比对
+      照片验�了用户标识。
+
+“3� 表示您�了大�而详尽的验�密钥工作。例如，您�密钥�有人验�了密
+      钥指纹，而且通过查验附带照片而难以伪造的�件(如护照)确认了密钥�
+      有人的姓�与密钥上的用户标识一致，最�您还(通过电�邮件往�)验�
+      了密钥上的电�邮件地�确实属于密钥�有人。
+
+请注�上述关于验�级别 2 和 3 的说明仅是例�而已。最终还是由您自己决定
+当您为其他密钥签�时，什么是“���，而什么是“大�而详尽�。
+
+如果您�知�应该选什么答案的�，就选“0�。
+.
+
+.gpg.change_passwd.empty.okay
+请回答“yes�或“no�
+.
+
+.gpg.keyedit.save.okay
+请回答“yes�或“no�
+.
+
+.gpg.keyedit.cancel.okay
+请回答“yes�或“no�
+.
+
+.gpg.keyedit.sign_all.okay
+如果您想�为所有用户标识签�的�就选“yes�
+.
+
+.gpg.keyedit.remove.uid.okay
+如果您真的想�删除这个用户标识的�就回答“yes�。
+所有相关认�在此之�也会丢失�
+.
+
+.gpg.keyedit.remove.subkey.okay
+如果�以删除这把�钥，请回答“yes�
+.
+
+.gpg.keyedit.delsig.valid
+这是一份在这把密钥上有效的签�；通常您�会想�删除这份签�，
+因为�与这把密钥或拥有这把密钥的签�的密钥建立认�关系�能
+相当��。
+.
+
+.gpg.keyedit.delsig.unknown
+这份签�无法被检验，因为您没有相应的密钥。您应该暂缓删除它，
+直到您知�此签�使用了哪一把密钥；因为用�签�的密钥�能与
+其他已�验�的密钥存在信任关系。
+.
+
+.gpg.keyedit.delsig.invalid
+这份签�无效。应当把它从您的钥匙环里删除。
+.
+
+.gpg.keyedit.delsig.selfsig
+这是一份将密钥与用户标识相�系的签�。通常�应删除这样的签�。
+事实上，一旦删除，GnuPG�能从此就�能�使用这把密钥了。因此，
+�有在这把密钥的第一个自身签�因�些原因失效，而有第二个自身签
+字�用的情况下�这么�。
+.
+
+.gpg.keyedit.updpref.okay
+用现有的首选项更新所有(或选定的)用户标识的首选项。所有�影�的自身签
+字的时间戳都会增加一秒钟。
+
+.
+
+.gpg.passphrase.enter
+请输入密�：这是一个秘密的�� 
+
+.
+
+.gpg.passphrase.repeat
+请�次输入上次的密�，以确定您到底键入了些什么。
+.
+
+.gpg.detached_signature.filename
+请给定�添加签�的文件�
+.
+
+.gpg.openfile.overwrite.okay
+如果�以覆盖这个文件，请回答“yes�
+.
+
+.gpg.openfile.askoutname
+请输入一个新的文件�。如果您直接按下了回车，那么就会使用显示在括
+�中的默认的文件�。
+.
+
+.gpg.ask_revocation_reason.code
+您应该为这份�销�书指定一个原因。根�情境的��，您�以从下列清�中
+选出一项：
+  “密钥已泄��
+      如果您相信有�个未�许�的人已�得了您的�钥，请选此项。
+  “密钥已替��
+      如果您已用一把新密钥代替旧的，请选此项。
+  “密钥��被使用�
+      如果您已决定让这把密钥退休，请选此项
+  “用户标识��有效�
+      如果这个用户标识��被使用了，请选此项；这通常用表明�个电�邮
+      件地�已��有效。
+
+.
+
+.gpg.ask_revocation_reason.text
+您也�以输入一串文字，�述�布这份�销�书的�由。请尽�使这段文
+字简明扼�。
+键入一空行以结�输入。
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/help.zh_TW.txt b/msys2/usr/share/gnupg/help.zh_TW.txt
new file mode 100644
index 000000000..5665b7087
--- /dev/null
+++ b/msys2/usr/share/gnupg/help.zh_TW.txt
@@ -0,0 +1,245 @@
+# help.zh_TW.txt - zh_TW GnuPG online help
+# Copyright (C) 2007 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+.gpg.edit_ownertrust.value
+在這裡指派的數值完全是看妳自己決定; 這些數值永��會被匯出給其他人.
+我們需�它來實施信任網絡; 這跟 (自動建立起的) 憑證網絡一點關係也沒有.
+.
+
+.gpg.edit_ownertrust.set_ultimate.okay
+�建立起信任網絡, GnuPG 需�知�哪些金鑰是被徹底信任的 -
+那些金鑰通常就是妳有辦法存�到�鑰的. 回答 "yes" 來將這些
+金鑰設�被徹底信任的
+
+.
+
+.gpg.untrusted_key.override
+如果妳無論如何想�使用這把未被信任的金鑰, 請回答 "yes".
+.
+
+.gpg.pklist.user_id.enter
+輸入妳���的訊�接收者的使用者 ID.
+.
+
+.gpg.keygen.algo
+請�擇�使用的演算法.
+
+DSA (亦� DSS) 是數�簽章演算法 (Digital Signature Algorithm),
+祇能用於簽署.
+
+Elgamal 是祇能用於加密的演算法.
+
+RSA �以被用來簽署�加密.
+
+第一把 (主�的) 金鑰一定��有能用於簽署的金鑰.
+.
+
+.gpg.keygen.algo.rsa_se
+通常來說用�一把金鑰簽署�加密並�是個好主�.
+這個演算法應該祇被用於特定的情�下.
+請先�絡妳的安全專家.
+.
+
+.gpg.keygen.size
+請輸入金鑰的尺寸
+.
+
+.gpg.keygen.size.huge.okay
+請回答 "yes" 或 "no"
+.
+
+.gpg.keygen.size.large.okay
+請回答 "yes" 或 "no"
+.
+
+.gpg.keygen.valid
+請輸入�示裡所�求的數值.
+妳�以輸入 ISO 日期格� (YYYY-MM-DD), 但是�會得到良好的錯誤回應 -
+�之, 系統會試著把給定的數值中斷�若干片段.
+.
+
+.gpg.keygen.valid.okay
+請回答 "yes" 或 "no"
+.
+
+.gpg.keygen.name
+請輸入金鑰�有人的�字
+.
+
+.gpg.keygen.email
+請輸入�用 (但強烈建議使用) 的電�郵件��
+.
+
+.gpg.keygen.comment
+請輸入�用的註釋
+.
+
+.gpg.keygen.userid.cmd
+N  修改姓�.
+C  修改註釋.
+E  修改電�郵件��.
+O  繼續產生金鑰.
+Q  中止產生金鑰.
+.
+
+.gpg.keygen.sub.okay
+如果妳覺得產生�鑰�以的話, 就回答 "yes" (或者祇� "y").
+.
+
+.gpg.sign_uid.okay
+請回答 "yes" 或 "no"
+.
+
+.gpg.sign_uid.class
+當妳在�把金鑰上簽署�個使用者 ID, 妳首先必須先驗證那把
+金鑰確實屬於那個使用者 ID 上�那個�字的人. 這�那些知�
+妳多�心驗證的人來說很有用.
+
+"0" 表示妳�能�出任何特別的主張來表明
+    妳多仔細驗證那把金鑰
+
+"1" 表示妳相信這把金鑰屬於那個主張是主人的人,
+    但是妳�能或沒有驗證那把金鑰.
+    這�那些祇想� "個人的" 驗證的人來說很有用,
+    因為妳簽署了一把擬似匿�使用者的金鑰.
+
+"2" 表示妳真的仔細驗證了那把金鑰.
+    例如說, 這能表示妳驗證了這把金鑰的指紋和
+    使用者 ID, 並比�了照片 ID.
+
+"3" 表示妳真的�了大�模的驗證金鑰工作.
+    例如說, 這能表示妳�金鑰�有人驗證了金鑰指紋,
+    而且妳��附帶照片而難以�造的文件 (�是護照)
+    確�了金鑰�有人的姓�與金鑰上使用者 ID 的一致,
+    最後妳還 (��電�郵件往來) 驗證了金鑰上的
+    電�郵件��確實屬於金鑰�有人.
+
+請注�上述關於等級 2 和 3 的例� "祇是" 例�而已.
+最後, 還是得由妳自己決定當妳簽署其他金鑰時,
+甚麼是 "漫�經心", 而甚麼是 "超級謹慎".
+
+如果妳�知�應該�甚麼答案的話, 就� "0".
+.
+
+.gpg.change_passwd.empty.okay
+請回答 "yes" 或 "no"
+.
+
+.gpg.keyedit.save.okay
+請回答 "yes" 或 "no"
+.
+
+.gpg.keyedit.cancel.okay
+請回答 "yes" 或 "no"
+.
+
+.gpg.keyedit.sign_all.okay
+如果妳想�簽署 *所有* 使用者 ID 的話就回答 "yes"
+.
+
+.gpg.keyedit.remove.uid.okay
+如果妳真的想�刪除這個使用者 ID 的話就回答 "yes".
+所有的憑證在那之後也都會失去!
+.
+
+.gpg.keyedit.remove.subkey.okay
+如果刪除這把�鑰沒�題的話就回答 "yes"
+.
+
+.gpg.keyedit.delsig.valid
+這是一份在這把金鑰上有效的簽章; 通常妳�會想�刪除這份簽章,
+因為�跟別的金鑰建立起信任連�, 或由這把金鑰所簽署的金鑰憑證
+會是一件相當��的事.
+.
+
+.gpg.keyedit.delsig.unknown
+這份簽章無法被檢驗, 因為妳沒有符�的金鑰. 妳應該延緩刪除它,
+直到妳知�哪一把金鑰被使用了; 因為這把來簽署的金鑰�能��
+其他已經驗證的金鑰建立了一個信任連�.
+.
+
+.gpg.keyedit.delsig.invalid
+這份簽章無效. 把它從妳的鑰匙圈裡移去相當��.
+.
+
+.gpg.keyedit.delsig.selfsig
+這是一份和這個金鑰使用者 ID 相繫的簽章. 通常
+把這樣的簽章移除�會是個好點�. 事實上 GnuPG
+�能從此就�能�使用這把金鑰了. 所以祇有在這
+把金鑰的第一個自我簽章因�些原因無效, 而第二
+個還�用的情�下纔這麼�.
+.
+
+.gpg.keyedit.updpref.okay
+變更所有 (或祇有被��的那幾個) 使用者 ID 的�好��用的�好清單.
+所有�到影響的自我簽章的時間戳記都會增加一秒�.
+
+.
+
+.gpg.passphrase.enter
+請輸入密語; 這是一個秘密的�� 
+
+.
+
+.gpg.passphrase.repeat
+請�次輸入最後的密語, 以確定妳到底�進了些甚麼.
+.
+
+.gpg.detached_signature.filename
+請給定簽章所�套用的檔案�稱
+.
+
+.gpg.openfile.overwrite.okay
+如果覆寫這個檔案沒有�題的話就回答 "yes"
+.
+
+.gpg.openfile.askoutname
+請輸入一個新的檔�. 如果妳直接按下了 Enter, 那麼
+就會使用�設的檔案 (顯示在括號中).
+.
+
+.gpg.ask_revocation_reason.code
+妳應該為這份憑證指定一個原因.
+根據情境的��, 妳應該�以從這個清單中�出一項:
+  "金鑰已經被洩�了"
+      如果妳相信有�個未經許�的傢伙�得了妳的�鑰的話,
+      就�這個.
+  "金鑰被代�了"
+      如果妳把妳的金鑰��新的了, 就�這個.
+  "金鑰��被使用了"
+      如果妳已經撤回了這把金鑰, 就�這個.
+  "使用者 ID ��有效了"
+      如果這個使用者 ID ��被使用了, 就�這個;
+      這通常用來表示�個電�郵件����有效了.
+
+.
+
+.gpg.ask_revocation_reason.text
+妳也�以輸入一串文字來�述為甚麼發佈這份撤銷憑證的�由.
+請讓這段文字��簡明扼�.
+�入空白列以��這段文字.
+
+.
+
+
+
+# Local variables:
+# mode: fundamental
+# coding: utf-8
+# End:
diff --git a/msys2/usr/share/gnupg/options.skel b/msys2/usr/share/gnupg/options.skel
deleted file mode 100644
index 21bd09b93..000000000
--- a/msys2/usr/share/gnupg/options.skel
+++ /dev/null
@@ -1,239 +0,0 @@
-# These first three lines are not copied to the gpg.conf file in
-# the users home directory.
-# $Id$
-# Options for GnuPG
-# Copyright 1998, 1999, 2000, 2001, 2002, 2003,
-#           2010 Free Software Foundation, Inc.
-# 
-# This file is free software; as a special exception the author gives
-# unlimited permission to copy and/or distribute it, with or without
-# modifications, as long as this notice is preserved.
-# 
-# This file is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
-# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-#
-# Unless you specify which option file to use (with the command line
-# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf
-# by default.
-#
-# An options file can contain any long options which are available in
-# GnuPG. If the first non white space character of a line is a '#',
-# this line is ignored.  Empty lines are also ignored.
-#
-# See the man page for a list of options.
-
-# Uncomment the following option to get rid of the copyright notice
-
-#no-greeting
-
-# If you have more than 1 secret key in your keyring, you may want to
-# uncomment the following option and set your preferred keyid.
-
-#default-key 621CC013
-
-# If you do not pass a recipient to gpg, it will ask for one.  Using
-# this option you can encrypt to a default key.  Key validation will
-# not be done in this case.  The second form uses the default key as
-# default recipient.
-
-#default-recipient some-user-id
-#default-recipient-self
-
-# Use --encrypt-to to add the specified key as a recipient to all
-# messages.  This is useful, for example, when sending mail through a
-# mail client that does not automatically encrypt mail to your key.
-# In the example, this option allows you to read your local copy of
-# encrypted mail that you've sent to others.
-
-#encrypt-to some-key-id
-
-# By default GnuPG creates version 4 signatures for data files as
-# specified by OpenPGP.  Some earlier (PGP 6, PGP 7) versions of PGP
-# require the older version 3 signatures.  Setting this option forces
-# GnuPG to create version 3 signatures.
-
-#force-v3-sigs
-
-# Because some mailers change lines starting with "From " to ">From "
-# it is good to handle such lines in a special way when creating
-# cleartext signatures; all other PGP versions do it this way too.
-
-#no-escape-from-lines
-
-# If you do not use the Latin-1 (ISO-8859-1) charset, you should tell
-# GnuPG which is the native character set.  Please check the man page
-# for supported character sets.  This character set is only used for
-# metadata and not for the actual message which does not undergo any
-# translation.  Note that future version of GnuPG will change to UTF-8
-# as default character set.  In most cases this option is not required
-# as GnuPG is able to figure out the correct charset at runtime.
-
-#charset utf-8
-
-# Group names may be defined like this:
-#   group mynames = paige 0x12345678 joe patti
-#
-# Any time "mynames" is a recipient (-r or --recipient), it will be
-# expanded to the names "paige", "joe", and "patti", and the key ID
-# "0x12345678".  Note there is only one level of expansion - you
-# cannot make an group that points to another group.  Note also that
-# if there are spaces in the recipient name, this will appear as two
-# recipients.  In these cases it is better to use the key ID.
-
-#group mynames = paige 0x12345678 joe patti
-
-# Lock the file only once for the lifetime of a process.  If you do
-# not define this, the lock will be obtained and released every time
-# it is needed, which is usually preferable.
-
-#lock-once
-
-# GnuPG can send and receive keys to and from a keyserver.  These
-# servers can be HKP, email, or LDAP (if GnuPG is built with LDAP
-# support).
-#
-# Example HKP keyserver:
-#      hkp://keys.gnupg.net
-#      hkp://subkeys.pgp.net
-#
-# Example email keyserver:
-#      mailto:pgp-public-keys@keys.pgp.net
-#
-# Example LDAP keyservers:
-#      ldap://keyserver.pgp.com
-#
-# Regular URL syntax applies, and you can set an alternate port
-# through the usual method:
-#      hkp://keyserver.example.net:22742
-#
-# Most users just set the name and type of their preferred keyserver.
-# Note that most servers (with the notable exception of
-# ldap://keyserver.pgp.com) synchronize changes with each other.  Note
-# also that a single server name may actually point to multiple
-# servers via DNS round-robin.  hkp://keys.gnupg.net is an example of
-# such a "server", which spreads the load over a number of physical
-# servers.  To see the IP address of the server actually used, you may use
-# the "--keyserver-options debug".
-
-keyserver hkp://keys.gnupg.net
-#keyserver mailto:pgp-public-keys@keys.nl.pgp.net
-#keyserver ldap://keyserver.pgp.com
-
-# Common options for keyserver functions:
-#
-# include-disabled : when searching, include keys marked as "disabled"
-#                    on the keyserver (not all keyservers support this).
-#
-# no-include-revoked : when searching, do not include keys marked as
-#                      "revoked" on the keyserver.
-#
-# verbose : show more information as the keys are fetched.
-#           Can be used more than once to increase the amount
-#           of information shown.
-#
-# use-temp-files : use temporary files instead of a pipe to talk to the
-#                  keyserver.  Some platforms (Win32 for one) always
-#                  have this on.
-#
-# keep-temp-files : do not delete temporary files after using them
-#                   (really only useful for debugging)
-#
-# http-proxy="proxy" : set the proxy to use for HTTP and HKP keyservers.
-#                      This overrides the "http_proxy" environment variable,
-#                      if any.
-#
-# auto-key-retrieve : automatically fetch keys as needed from the keyserver
-#                     when verifying signatures or when importing keys that
-#                     have been revoked by a revocation key that is not
-#                     present on the keyring.
-#
-# no-include-attributes : do not include attribute IDs (aka "photo IDs")
-#                         when sending keys to the keyserver.
-
-#keyserver-options auto-key-retrieve
-
-# Display photo user IDs in key listings
-
-# list-options show-photos
-
-# Display photo user IDs when a signature from a key with a photo is
-# verified
-
-# verify-options show-photos
-
-# Use this program to display photo user IDs
-#
-# %i is expanded to a temporary file that contains the photo.
-# %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
-# %k is expanded to the key ID of the key.
-# %K is expanded to the long OpenPGP key ID of the key.
-# %t is expanded to the extension of the image (e.g. "jpg").
-# %T is expanded to the MIME type of the image (e.g. "image/jpeg").
-# %f is expanded to the fingerprint of the key.
-# %% is %, of course.
-#
-# If %i or %I are not present, then the photo is supplied to the
-# viewer on standard input.  If your platform supports it, standard
-# input is the best way to do this as it avoids the time and effort in
-# generating and then cleaning up a secure temp file.
-#
-# If no photo-viewer is provided, GnuPG will look for xloadimage, eog,
-# or display (ImageMagick).  On Mac OS X and Windows, the default is
-# to use your regular JPEG image viewer.
-#
-# Some other viewers:
-# photo-viewer "qiv %i"
-# photo-viewer "ee %i"
-#
-# This one saves a copy of the photo ID in your home directory:
-# photo-viewer "cat > ~/photoid-for-key-%k.%t"
-#
-# Use your MIME handler to view photos:
-# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG"
-
-# Passphrase agent
-#
-# We support the old experimental passphrase agent protocol as well as
-# the new Assuan based one (currently available in the "newpg" package
-# at ftp.gnupg.org/gcrypt/alpha/aegypten/).  To make use of the agent,
-# you have to run an agent as daemon and use the option
-#
-# use-agent
-# 
-# which tries to use the agent but will fallback to the regular mode
-# if there is a problem connecting to the agent.  The normal way to
-# locate the agent is by looking at the environment variable
-# GPG_AGENT_INFO which should have been set during gpg-agent startup.
-# In certain situations the use of this variable is not possible, thus
-# the option
-# 
-# --gpg-agent-info=<path>:<pid>:1
-#
-# may be used to override it.
-
-# Automatic key location
-#
-# GnuPG can automatically locate and retrieve keys as needed using the
-# auto-key-locate option.  This happens when encrypting to an email
-# address (in the "user@example.com" form), and there are no
-# user@example.com keys on the local keyring.  This option takes the
-# following arguments, in the order they are to be tried:
-# 
-# cert = locate a key using DNS CERT, as specified in RFC-4398.
-#        GnuPG can handle both the PGP (key) and IPGP (URL + fingerprint)
-#        CERT methods.
-#
-# pka = locate a key using DNS PKA.
-#
-# ldap = locate a key using the PGP Universal method of checking
-#        "ldap://keys.(thedomain)".  For example, encrypting to
-#        user@example.com will check ldap://keys.example.com.
-#
-# keyserver = locate a key using whatever keyserver is defined using
-#             the keyserver option.
-#
-# You may also list arbitrary keyservers here by URL.
-#
-# Try CERT, then PKA, then LDAP, then hkp://subkeys.net:
-#auto-key-locate cert pka ldap hkp://subkeys.pgp.net
diff --git a/msys2/usr/share/gnupg/sks-keyservers.netCA.pem b/msys2/usr/share/gnupg/sks-keyservers.netCA.pem
new file mode 100644
index 000000000..24a2ad2e8
--- /dev/null
+++ b/msys2/usr/share/gnupg/sks-keyservers.netCA.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFizCCA3OgAwIBAgIJAK9zyLTPn4CPMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV
+BAYTAk5PMQ0wCwYDVQQIDARPc2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5u
+ZXQgQ0ExHjAcBgNVBAMMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTAeFw0xMjEwMDkw
+MDMzMzdaFw0yMjEwMDcwMDMzMzdaMFwxCzAJBgNVBAYTAk5PMQ0wCwYDVQQIDARP
+c2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5uZXQgQ0ExHjAcBgNVBAMMFXNr
+cy1rZXlzZXJ2ZXJzLm5ldCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBANdsWy4PXWNUCkS3L//nrd0GqN3dVwoBGZ6w94Tw2jPDPifegwxQozFXkG6I
+6A4TK1CJLXPvfz0UP0aBYyPmTNadDinaB9T4jIwd4rnxl+59GiEmqkN3IfPsv5Jj
+MkKUmJnvOT0DEVlEaO1UZIwx5WpfprB3mR81/qm4XkAgmYrmgnLXd/pJDAMk7y1F
+45b5zWofiD5l677lplcIPRbFhpJ6kDTODXh/XEdtF71EAeaOdEGOvyGDmCO0GWqS
+FDkMMPTlieLA/0rgFTcz4xwUYj/cD5e0ZBuSkYsYFAU3hd1cGfBue0cPZaQH2HYx
+Qk4zXD8S3F4690fRhr+tki5gyG6JDR67aKp3BIGLqm7f45WkX1hYp+YXywmEziM4
+aSbGYhx8hoFGfq9UcfPEvp2aoc8u5sdqjDslhyUzM1v3m3ZGbhwEOnVjljY6JJLx
+MxagxnZZSAY424ZZ3t71E/Mn27dm2w+xFRuoy8JEjv1d+BT3eChM5KaNwrj0IO/y
+u8kFIgWYA1vZ/15qMT+tyJTfyrNVV/7Df7TNeWyNqjJ5rBmt0M6NpHG7CrUSkBy9
+p8JhimgjP5r0FlEkgg+lyD+V79H98gQfVgP3pbJICz0SpBQf2F/2tyS4rLm+49rP
+fcOajiXEuyhpcmzgusAj/1FjrtlynH1r9mnNaX4e+rLWzvU5AgMBAAGjUDBOMB0G
+A1UdDgQWBBTkwyoJFGfYTVISTpM8E+igjdq28zAfBgNVHSMEGDAWgBTkwyoJFGfY
+TVISTpM8E+igjdq28zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQAR
+OXnYwu3g1ZjHyley3fZI5aLPsaE17cOImVTehC8DcIphm2HOMR/hYTTL+V0G4P+u
+gH+6xeRLKSHMHZTtSBIa6GDL03434y9CBuwGvAFCMU2GV8w92/Z7apkAhdLToZA/
+X/iWP2jeaVJhxgEcH8uPrnSlqoPBcKC9PrgUzQYfSZJkLmB+3jEa3HKruy1abJP5
+gAdQvwvcPpvYRnIzUc9fZODsVmlHVFBCl2dlu/iHh2h4GmL4Da2rRkUMlbVTdioB
+UYIvMycdOkpH5wJftzw7cpjsudGas0PARDXCFfGyKhwBRFY7Xp7lbjtU5Rz0Gc04
+lPrhDf0pFE98Aw4jJRpFeWMjpXUEaG1cq7D641RpgcMfPFvOHY47rvDTS7XJOaUT
+BwRjmDt896s6vMDcaG/uXJbQjuzmmx3W2Idyh3s5SI0GTHb0IwMKYb4eBUIpQOnB
+cE77VnCYqKvN1NVYAqhWjXbY7XasZvszCRcOG+W3FqNaHOK/n/0ueb0uijdLan+U
+f4p1bjbAox8eAOQS/8a3bzkJzdyBNUKGx1BIK2IBL9bn/HravSDOiNRSnZ/R3l9G
+ZauX0tu7IIDlRCILXSyeazu0aj/vdT3YFQXPcvt5Fkf5wiNTo53f72/jYEJd6qph
+WrpoKqrwGwTpRUCMhYIUt65hsTxCiJJ5nKe39h46sg==
+-----END CERTIFICATE-----
diff --git a/msys2/usr/share/icons/hicolor/16x16/apps/mintty.png b/msys2/usr/share/icons/hicolor/16x16/apps/mintty.png
new file mode 100644
index 000000000..96e121235
Binary files /dev/null and b/msys2/usr/share/icons/hicolor/16x16/apps/mintty.png differ
diff --git a/msys2/usr/share/icons/hicolor/24x24/apps/mintty.png b/msys2/usr/share/icons/hicolor/24x24/apps/mintty.png
new file mode 100644
index 000000000..c913e5ec9
Binary files /dev/null and b/msys2/usr/share/icons/hicolor/24x24/apps/mintty.png differ
diff --git a/msys2/usr/share/icons/hicolor/256x256/apps/mintty.png b/msys2/usr/share/icons/hicolor/256x256/apps/mintty.png
new file mode 100644
index 000000000..b87ab2663
Binary files /dev/null and b/msys2/usr/share/icons/hicolor/256x256/apps/mintty.png differ
diff --git a/msys2/usr/share/icons/hicolor/32x32/apps/mintty.png b/msys2/usr/share/icons/hicolor/32x32/apps/mintty.png
new file mode 100644
index 000000000..d0857a27e
Binary files /dev/null and b/msys2/usr/share/icons/hicolor/32x32/apps/mintty.png differ
diff --git a/msys2/usr/share/icons/hicolor/48x48/apps/mintty.png b/msys2/usr/share/icons/hicolor/48x48/apps/mintty.png
new file mode 100644
index 000000000..ba6ee48ba
Binary files /dev/null and b/msys2/usr/share/icons/hicolor/48x48/apps/mintty.png differ
diff --git a/msys2/usr/share/icons/hicolor/64x64/apps/mintty.png b/msys2/usr/share/icons/hicolor/64x64/apps/mintty.png
new file mode 100644
index 000000000..e3bd038ca
Binary files /dev/null and b/msys2/usr/share/icons/hicolor/64x64/apps/mintty.png differ
diff --git a/msys2/usr/share/info/assuan.info.gz b/msys2/usr/share/info/assuan.info.gz
index 623d536ea..931a0fb36 100644
Binary files a/msys2/usr/share/info/assuan.info.gz and b/msys2/usr/share/info/assuan.info.gz differ
diff --git a/msys2/usr/share/info/bash.info.gz b/msys2/usr/share/info/bash.info.gz
index 208c07360..ffebbd2b9 100644
Binary files a/msys2/usr/share/info/bash.info.gz and b/msys2/usr/share/info/bash.info.gz differ
diff --git a/msys2/usr/share/info/coreutils.info.gz b/msys2/usr/share/info/coreutils.info.gz
index c3440465e..a452d767a 100644
Binary files a/msys2/usr/share/info/coreutils.info.gz and b/msys2/usr/share/info/coreutils.info.gz differ
diff --git a/msys2/usr/share/info/gawk.info.gz b/msys2/usr/share/info/gawk.info.gz
index 1967658fd..dec71b33b 100644
Binary files a/msys2/usr/share/info/gawk.info.gz and b/msys2/usr/share/info/gawk.info.gz differ
diff --git a/msys2/usr/share/info/gawkinet.info.gz b/msys2/usr/share/info/gawkinet.info.gz
index aa4e1b87c..a22de3679 100644
Binary files a/msys2/usr/share/info/gawkinet.info.gz and b/msys2/usr/share/info/gawkinet.info.gz differ
diff --git a/msys2/usr/share/info/gawkworkflow.info.gz b/msys2/usr/share/info/gawkworkflow.info.gz
index 4fb557292..c7dfd0504 100644
Binary files a/msys2/usr/share/info/gawkworkflow.info.gz and b/msys2/usr/share/info/gawkworkflow.info.gz differ
diff --git a/msys2/usr/share/info/gcrypt.info-1.gz b/msys2/usr/share/info/gcrypt.info-1.gz
new file mode 100644
index 000000000..e1deafa9c
Binary files /dev/null and b/msys2/usr/share/info/gcrypt.info-1.gz differ
diff --git a/msys2/usr/share/info/gcrypt.info-2.gz b/msys2/usr/share/info/gcrypt.info-2.gz
new file mode 100644
index 000000000..2d1c77306
Binary files /dev/null and b/msys2/usr/share/info/gcrypt.info-2.gz differ
diff --git a/msys2/usr/share/info/gcrypt.info.gz b/msys2/usr/share/info/gcrypt.info.gz
index f60c187c9..40ccbb164 100644
Binary files a/msys2/usr/share/info/gcrypt.info.gz and b/msys2/usr/share/info/gcrypt.info.gz differ
diff --git a/msys2/usr/share/info/gnupg.info-1.gz b/msys2/usr/share/info/gnupg.info-1.gz
new file mode 100644
index 000000000..ad5b8881a
Binary files /dev/null and b/msys2/usr/share/info/gnupg.info-1.gz differ
diff --git a/msys2/usr/share/info/gnupg.info-2.gz b/msys2/usr/share/info/gnupg.info-2.gz
new file mode 100644
index 000000000..c6fdcb01b
Binary files /dev/null and b/msys2/usr/share/info/gnupg.info-2.gz differ
diff --git a/msys2/usr/share/info/gnupg.info.gz b/msys2/usr/share/info/gnupg.info.gz
new file mode 100644
index 000000000..591e84276
Binary files /dev/null and b/msys2/usr/share/info/gnupg.info.gz differ
diff --git a/msys2/usr/share/info/gnupg1.info.gz b/msys2/usr/share/info/gnupg1.info.gz
deleted file mode 100644
index 249c6bb7e..000000000
Binary files a/msys2/usr/share/info/gnupg1.info.gz and /dev/null differ
diff --git a/msys2/usr/share/info/gnutls-client-server-use-case.png.gz b/msys2/usr/share/info/gnutls-client-server-use-case.png.gz
new file mode 100644
index 000000000..a90d0de53
Binary files /dev/null and b/msys2/usr/share/info/gnutls-client-server-use-case.png.gz differ
diff --git a/msys2/usr/share/info/gnutls-guile.info.gz b/msys2/usr/share/info/gnutls-guile.info.gz
new file mode 100644
index 000000000..4039ab1f9
Binary files /dev/null and b/msys2/usr/share/info/gnutls-guile.info.gz differ
diff --git a/msys2/usr/share/info/gnutls-handshake-sequence.png.gz b/msys2/usr/share/info/gnutls-handshake-sequence.png.gz
new file mode 100644
index 000000000..b0ca98b9e
Binary files /dev/null and b/msys2/usr/share/info/gnutls-handshake-sequence.png.gz differ
diff --git a/msys2/usr/share/info/gnutls-handshake-state.png.gz b/msys2/usr/share/info/gnutls-handshake-state.png.gz
new file mode 100644
index 000000000..5645ef9d4
Binary files /dev/null and b/msys2/usr/share/info/gnutls-handshake-state.png.gz differ
diff --git a/msys2/usr/share/info/gnutls-internals.png.gz b/msys2/usr/share/info/gnutls-internals.png.gz
new file mode 100644
index 000000000..6a4be347c
Binary files /dev/null and b/msys2/usr/share/info/gnutls-internals.png.gz differ
diff --git a/msys2/usr/share/info/gnutls-layers.png.gz b/msys2/usr/share/info/gnutls-layers.png.gz
new file mode 100644
index 000000000..ad164bfb0
Binary files /dev/null and b/msys2/usr/share/info/gnutls-layers.png.gz differ
diff --git a/msys2/usr/share/info/gnutls-logo.png.gz b/msys2/usr/share/info/gnutls-logo.png.gz
new file mode 100644
index 000000000..2b387fa68
Binary files /dev/null and b/msys2/usr/share/info/gnutls-logo.png.gz differ
diff --git a/msys2/usr/share/info/gnutls-modauth.png.gz b/msys2/usr/share/info/gnutls-modauth.png.gz
new file mode 100644
index 000000000..6e5f4aa4b
Binary files /dev/null and b/msys2/usr/share/info/gnutls-modauth.png.gz differ
diff --git a/msys2/usr/share/info/gnutls-x509.png.gz b/msys2/usr/share/info/gnutls-x509.png.gz
new file mode 100644
index 000000000..8675edf58
Binary files /dev/null and b/msys2/usr/share/info/gnutls-x509.png.gz differ
diff --git a/msys2/usr/share/info/gnutls.info-1.gz b/msys2/usr/share/info/gnutls.info-1.gz
new file mode 100644
index 000000000..a75983f2b
Binary files /dev/null and b/msys2/usr/share/info/gnutls.info-1.gz differ
diff --git a/msys2/usr/share/info/gnutls.info-2.gz b/msys2/usr/share/info/gnutls.info-2.gz
new file mode 100644
index 000000000..8d39d740a
Binary files /dev/null and b/msys2/usr/share/info/gnutls.info-2.gz differ
diff --git a/msys2/usr/share/info/gnutls.info-3.gz b/msys2/usr/share/info/gnutls.info-3.gz
new file mode 100644
index 000000000..8e175d32d
Binary files /dev/null and b/msys2/usr/share/info/gnutls.info-3.gz differ
diff --git a/msys2/usr/share/info/gnutls.info-4.gz b/msys2/usr/share/info/gnutls.info-4.gz
new file mode 100644
index 000000000..460a33089
Binary files /dev/null and b/msys2/usr/share/info/gnutls.info-4.gz differ
diff --git a/msys2/usr/share/info/gnutls.info-5.gz b/msys2/usr/share/info/gnutls.info-5.gz
new file mode 100644
index 000000000..0ce7390aa
Binary files /dev/null and b/msys2/usr/share/info/gnutls.info-5.gz differ
diff --git a/msys2/usr/share/info/gnutls.info-6.gz b/msys2/usr/share/info/gnutls.info-6.gz
new file mode 100644
index 000000000..db4593aa0
Binary files /dev/null and b/msys2/usr/share/info/gnutls.info-6.gz differ
diff --git a/msys2/usr/share/info/gnutls.info-7.gz b/msys2/usr/share/info/gnutls.info-7.gz
new file mode 100644
index 000000000..bb897e0ff
Binary files /dev/null and b/msys2/usr/share/info/gnutls.info-7.gz differ
diff --git a/msys2/usr/share/info/gnutls.info.gz b/msys2/usr/share/info/gnutls.info.gz
new file mode 100644
index 000000000..37e09c031
Binary files /dev/null and b/msys2/usr/share/info/gnutls.info.gz differ
diff --git a/msys2/usr/share/info/gpgme.info-1.gz b/msys2/usr/share/info/gpgme.info-1.gz
index 98f80a823..08385a841 100644
Binary files a/msys2/usr/share/info/gpgme.info-1.gz and b/msys2/usr/share/info/gpgme.info-1.gz differ
diff --git a/msys2/usr/share/info/gpgme.info-2.gz b/msys2/usr/share/info/gpgme.info-2.gz
index c674d5b1f..7e475ff97 100644
Binary files a/msys2/usr/share/info/gpgme.info-2.gz and b/msys2/usr/share/info/gpgme.info-2.gz differ
diff --git a/msys2/usr/share/info/gpgme.info.gz b/msys2/usr/share/info/gpgme.info.gz
index 4eb217b64..3883c0f2e 100644
Binary files a/msys2/usr/share/info/gpgme.info.gz and b/msys2/usr/share/info/gpgme.info.gz differ
diff --git a/msys2/usr/share/info/gzip.info.gz b/msys2/usr/share/info/gzip.info.gz
index c81c998d4..d0d978281 100644
Binary files a/msys2/usr/share/info/gzip.info.gz and b/msys2/usr/share/info/gzip.info.gz differ
diff --git a/msys2/usr/share/info/history.info.gz b/msys2/usr/share/info/history.info.gz
index c038df574..19e81d57a 100644
Binary files a/msys2/usr/share/info/history.info.gz and b/msys2/usr/share/info/history.info.gz differ
diff --git a/msys2/usr/share/info/info-stnd.info.gz b/msys2/usr/share/info/info-stnd.info.gz
index 63354f265..dbcb2273d 100644
Binary files a/msys2/usr/share/info/info-stnd.info.gz and b/msys2/usr/share/info/info-stnd.info.gz differ
diff --git a/msys2/usr/share/info/ksba.info.gz b/msys2/usr/share/info/ksba.info.gz
new file mode 100644
index 000000000..f7cf738b2
Binary files /dev/null and b/msys2/usr/share/info/ksba.info.gz differ
diff --git a/msys2/usr/share/info/libgomp.info.gz b/msys2/usr/share/info/libgomp.info.gz
index bed7595a0..e0aa0fe82 100644
Binary files a/msys2/usr/share/info/libgomp.info.gz and b/msys2/usr/share/info/libgomp.info.gz differ
diff --git a/msys2/usr/share/info/libidn2.info.gz b/msys2/usr/share/info/libidn2.info.gz
index d6651fa4c..5f0f9b80d 100644
Binary files a/msys2/usr/share/info/libidn2.info.gz and b/msys2/usr/share/info/libidn2.info.gz differ
diff --git a/msys2/usr/share/info/libquadmath.info.gz b/msys2/usr/share/info/libquadmath.info.gz
index 90c9768e1..eb976eb3e 100644
Binary files a/msys2/usr/share/info/libquadmath.info.gz and b/msys2/usr/share/info/libquadmath.info.gz differ
diff --git a/msys2/usr/share/info/libunistring.info.gz b/msys2/usr/share/info/libunistring.info.gz
index 4db1b1ef1..97757e82d 100644
Binary files a/msys2/usr/share/info/libunistring.info.gz and b/msys2/usr/share/info/libunistring.info.gz differ
diff --git a/msys2/usr/share/info/m4.info-1.gz b/msys2/usr/share/info/m4.info-1.gz
index 9abf8e173..6471fb522 100644
Binary files a/msys2/usr/share/info/m4.info-1.gz and b/msys2/usr/share/info/m4.info-1.gz differ
diff --git a/msys2/usr/share/info/m4.info-2.gz b/msys2/usr/share/info/m4.info-2.gz
index 834fea1e0..5389de046 100644
Binary files a/msys2/usr/share/info/m4.info-2.gz and b/msys2/usr/share/info/m4.info-2.gz differ
diff --git a/msys2/usr/share/info/m4.info.gz b/msys2/usr/share/info/m4.info.gz
index a09f24d4b..7304b5ea3 100644
Binary files a/msys2/usr/share/info/m4.info.gz and b/msys2/usr/share/info/m4.info.gz differ
diff --git a/msys2/usr/share/info/mpfr.info.gz b/msys2/usr/share/info/mpfr.info.gz
index 547803de5..48778ada8 100644
Binary files a/msys2/usr/share/info/mpfr.info.gz and b/msys2/usr/share/info/mpfr.info.gz differ
diff --git a/msys2/usr/share/info/nettle.info.gz b/msys2/usr/share/info/nettle.info.gz
new file mode 100644
index 000000000..ff375d677
Binary files /dev/null and b/msys2/usr/share/info/nettle.info.gz differ
diff --git a/msys2/usr/share/info/pinentry.info.gz b/msys2/usr/share/info/pinentry.info.gz
new file mode 100644
index 000000000..fca61a5e7
Binary files /dev/null and b/msys2/usr/share/info/pinentry.info.gz differ
diff --git a/msys2/usr/share/info/pkcs11-vision.png.gz b/msys2/usr/share/info/pkcs11-vision.png.gz
new file mode 100644
index 000000000..41dd0db17
Binary files /dev/null and b/msys2/usr/share/info/pkcs11-vision.png.gz differ
diff --git a/msys2/usr/share/info/readline.info.gz b/msys2/usr/share/info/readline.info.gz
index 5083ffcb7..a1406b778 100644
Binary files a/msys2/usr/share/info/readline.info.gz and b/msys2/usr/share/info/readline.info.gz differ
diff --git a/msys2/usr/share/info/rluserman.info.gz b/msys2/usr/share/info/rluserman.info.gz
index 62334df3d..4abab3cfd 100644
Binary files a/msys2/usr/share/info/rluserman.info.gz and b/msys2/usr/share/info/rluserman.info.gz differ
diff --git a/msys2/usr/share/info/sed.info.gz b/msys2/usr/share/info/sed.info.gz
index a355e2ec2..0e361aa4d 100644
Binary files a/msys2/usr/share/info/sed.info.gz and b/msys2/usr/share/info/sed.info.gz differ
diff --git a/msys2/usr/share/info/time.info.gz b/msys2/usr/share/info/time.info.gz
index 51f93db44..daac364f3 100644
Binary files a/msys2/usr/share/info/time.info.gz and b/msys2/usr/share/info/time.info.gz differ
diff --git a/msys2/usr/share/info/wget.info.gz b/msys2/usr/share/info/wget.info.gz
index 17e4fbe9f..0432c5d55 100644
Binary files a/msys2/usr/share/info/wget.info.gz and b/msys2/usr/share/info/wget.info.gz differ
diff --git a/msys2/usr/share/licenses/brotli/LICENSE b/msys2/usr/share/licenses/brotli/LICENSE
new file mode 100644
index 000000000..33b7cdd2d
--- /dev/null
+++ b/msys2/usr/share/licenses/brotli/LICENSE
@@ -0,0 +1,19 @@
+Copyright (c) 2009, 2010, 2013-2016 by the Brotli Authors.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
diff --git a/msys2/usr/share/licenses/curl/COPYING b/msys2/usr/share/licenses/curl/COPYING
index 560a49dce..3528bd756 100644
--- a/msys2/usr/share/licenses/curl/COPYING
+++ b/msys2/usr/share/licenses/curl/COPYING
@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
 
-Copyright (c) 1996 - 2018, Daniel Stenberg, <daniel@haxx.se>, and many
+Copyright (c) 1996 - 2019, Daniel Stenberg, <daniel@haxx.se>, and many
 contributors, see the THANKS file.
 
 All rights reserved.
diff --git a/msys2/usr/share/licenses/file/COPYING b/msys2/usr/share/licenses/file/COPYING
index b3db8b23f..16410a17f 100644
--- a/msys2/usr/share/licenses/file/COPYING
+++ b/msys2/usr/share/licenses/file/COPYING
@@ -1,4 +1,4 @@
-$File: COPYING,v 1.1 2008/02/05 19:08:11 christos Exp $
+$File: COPYING,v 1.2 2018/09/09 20:33:28 christos Exp $
 Copyright (c) Ian F. Darwin 1986, 1987, 1989, 1990, 1991, 1992, 1994, 1995.
 Software written by Ian F. Darwin and others;
 maintained 1994- Christos Zoulas.
@@ -15,7 +15,7 @@ are met:
 2. Redistributions in binary form must reproduce the above copyright
    notice, this list of conditions and the following disclaimer in the
    documentation and/or other materials provided with the distribution.
- 
+
 THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
diff --git a/msys2/usr/share/license/libargp/COPYING b/msys2/usr/share/licenses/libargp/COPYING
similarity index 100%
rename from msys2/usr/share/license/libargp/COPYING
rename to msys2/usr/share/licenses/libargp/COPYING
diff --git a/msys2/usr/share/license/libargp/COPYING.LESSER b/msys2/usr/share/licenses/libargp/COPYING.LESSER
similarity index 100%
rename from msys2/usr/share/license/libargp/COPYING.LESSER
rename to msys2/usr/share/licenses/libargp/COPYING.LESSER
diff --git a/msys2/usr/share/licenses/libksba/COPYING b/msys2/usr/share/licenses/libksba/COPYING
new file mode 100644
index 000000000..fad28913b
--- /dev/null
+++ b/msys2/usr/share/licenses/libksba/COPYING
@@ -0,0 +1,7 @@
+KSBA is distributed under mixed GPL and LGPL licenses.  Please see the
+file AUTHOR for details.  The text of the used licenses can be found in
+the files:
+
+COPYING.LGPLv3
+COPYING.GPLv3
+COPYING.GPLv2
diff --git a/msys2/usr/share/licenses/libpsl/COPYING b/msys2/usr/share/licenses/libpsl/COPYING
index 2047187e8..7dcd6264b 100644
--- a/msys2/usr/share/licenses/libpsl/COPYING
+++ b/msys2/usr/share/licenses/libpsl/COPYING
@@ -1,4 +1,4 @@
-Copyright (C) 2014-2015 Tim Rühsen
+Copyright (C) 2014-2018 Tim Rühsen
 
 Permission is hereby granted, free of charge, to any person obtaining a
 copy of this software and associated documentation files (the "Software"),
diff --git a/msys2/usr/share/licenses/mintty/LICENSE b/msys2/usr/share/licenses/mintty/LICENSE
index a152e6348..47124bffe 100644
--- a/msys2/usr/share/licenses/mintty/LICENSE
+++ b/msys2/usr/share/licenses/mintty/LICENSE
@@ -17,6 +17,8 @@ See LICENSE.PuTTY for PuTTY's copyright notice, contributors, and license.
 The sources of PuTTY 0.60 can be downloaded from
 ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-0.60.
 
+The minibidi algorithm is under MIT license as quoted in the source file.
+
 Sixel code (sixel.c) is relicensed under GPL like mintty with the 
 permission of its author (kmiya@culti); Sixel colour conversion code 
 (sixel_hls.c) is licensed by its author Ross Combs under the license 
diff --git a/msys2/usr/share/licenses/openssl/LICENSE b/msys2/usr/share/licenses/openssl/LICENSE
index bdfd985a6..9601ab435 100644
--- a/msys2/usr/share/licenses/openssl/LICENSE
+++ b/msys2/usr/share/licenses/openssl/LICENSE
@@ -4,22 +4,20 @@
 
   The OpenSSL toolkit stays under a double license, i.e. both the conditions of
   the OpenSSL License and the original SSLeay license apply to the toolkit.
-  See below for the actual license texts. Actually both licenses are BSD-style
-  Open Source licenses. In case of any license issues related to OpenSSL
-  please contact openssl-core@openssl.org.
+  See below for the actual license texts.
 
   OpenSSL License
   ---------------
 
 /* ====================================================================
- * Copyright (c) 1998-2017 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2019 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -74,21 +72,21 @@
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -103,10 +101,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -118,7 +116,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
diff --git a/msys2/usr/share/licenses/pcre/LICENSE b/msys2/usr/share/licenses/pcre/LICENSE
index dd9071a8d..760a6666b 100644
--- a/msys2/usr/share/licenses/pcre/LICENSE
+++ b/msys2/usr/share/licenses/pcre/LICENSE
@@ -25,7 +25,7 @@ Email domain:     cam.ac.uk
 University of Cambridge Computing Service,
 Cambridge, England.
 
-Copyright (c) 1997-2017 University of Cambridge
+Copyright (c) 1997-2019 University of Cambridge
 All rights reserved.
 
 
@@ -34,9 +34,9 @@ PCRE JUST-IN-TIME COMPILATION SUPPORT
 
 Written by:       Zoltan Herczeg
 Email local part: hzmester
-Emain domain:     freemail.hu
+Email domain:     freemail.hu
 
-Copyright(c) 2010-2017 Zoltan Herczeg
+Copyright(c) 2010-2019 Zoltan Herczeg
 All rights reserved.
 
 
@@ -45,9 +45,9 @@ STACK-LESS JUST-IN-TIME COMPILER
 
 Written by:       Zoltan Herczeg
 Email local part: hzmester
-Emain domain:     freemail.hu
+Email domain:     freemail.hu
 
-Copyright(c) 2009-2017 Zoltan Herczeg
+Copyright(c) 2009-2019 Zoltan Herczeg
 All rights reserved.
 
 
diff --git a/msys2/usr/share/licenses/pkgfile/LICENSE b/msys2/usr/share/licenses/pkgfile/LICENSE
index 9d1d07773..0f4ac6627 100644
--- a/msys2/usr/share/licenses/pkgfile/LICENSE
+++ b/msys2/usr/share/licenses/pkgfile/LICENSE
@@ -1,21 +1,19 @@
-/*
- * Copyright (C) 2011-2014 by Dave Reisner <dreisner@archlinux.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
+Copyright 2011-2018 by Dave Reisner <d@falconindy.com>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/msys2/usr/share/locale/af/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/af/LC_MESSAGES/coreutils.mo
index a85730877..7722e2a71 100644
Binary files a/msys2/usr/share/locale/af/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/af/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/af/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/af/LC_MESSAGES/sed.mo
index 38d4447ef..fb4b5d192 100644
Binary files a/msys2/usr/share/locale/af/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/af/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/af/LC_TIME/coreutils.mo b/msys2/usr/share/locale/af/LC_TIME/coreutils.mo
index a85730877..7722e2a71 100644
Binary files a/msys2/usr/share/locale/af/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/af/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ar/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/ar/LC_MESSAGES/libalpm.mo
index 367123d27..afd2db14f 100644
Binary files a/msys2/usr/share/locale/ar/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/ar/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/ar/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/ar/LC_MESSAGES/pacman-scripts.mo
deleted file mode 100644
index be47234e5..000000000
Binary files a/msys2/usr/share/locale/ar/LC_MESSAGES/pacman-scripts.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/ar/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/ar/LC_MESSAGES/pacman.mo
index 83cee3a4f..109835b82 100644
Binary files a/msys2/usr/share/locale/ar/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/ar/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/ast/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/ast/LC_MESSAGES/libalpm.mo
new file mode 100644
index 000000000..8946c5908
Binary files /dev/null and b/msys2/usr/share/locale/ast/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/ast/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/ast/LC_MESSAGES/pacman.mo
new file mode 100644
index 000000000..3abc546d2
Binary files /dev/null and b/msys2/usr/share/locale/ast/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/ast/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/ast/LC_MESSAGES/sed.mo
index a6c38e6cd..dc2c614df 100644
Binary files a/msys2/usr/share/locale/ast/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/ast/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/az/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/az/LC_MESSAGES/glib20.mo
index 8edd6d8da..f447353a0 100644
Binary files a/msys2/usr/share/locale/az/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/az/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/az_AZ/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/az_AZ/LC_MESSAGES/pacman-scripts.mo
deleted file mode 100644
index c1bc6fc53..000000000
Binary files a/msys2/usr/share/locale/az_AZ/LC_MESSAGES/pacman-scripts.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/az_AZ/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/az_AZ/LC_MESSAGES/pacman.mo
deleted file mode 100644
index eb65d02b1..000000000
Binary files a/msys2/usr/share/locale/az_AZ/LC_MESSAGES/pacman.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/be/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/be/LC_MESSAGES/coreutils.mo
index af8bc8d9d..152abbbae 100644
Binary files a/msys2/usr/share/locale/be/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/be/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/be/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/be/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index f393bc826..000000000
Binary files a/msys2/usr/share/locale/be/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/be/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/be/LC_MESSAGES/wget.mo
index b72bdccb4..9fd58e800 100644
Binary files a/msys2/usr/share/locale/be/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/be/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/be/LC_TIME/coreutils.mo b/msys2/usr/share/locale/be/LC_TIME/coreutils.mo
index af8bc8d9d..152abbbae 100644
Binary files a/msys2/usr/share/locale/be/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/be/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/be@latin/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/be@latin/LC_MESSAGES/glib20.mo
index 715700b1e..3f8c9a709 100644
Binary files a/msys2/usr/share/locale/be@latin/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/be@latin/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/bg/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/bg/LC_MESSAGES/coreutils.mo
index eb16d00de..cde875b8e 100644
Binary files a/msys2/usr/share/locale/bg/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/bg/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/bg/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/bg/LC_MESSAGES/libalpm.mo
new file mode 100644
index 000000000..d68cd947c
Binary files /dev/null and b/msys2/usr/share/locale/bg/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/bg/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/bg/LC_MESSAGES/pacman-scripts.mo
new file mode 100644
index 000000000..fb14c1e3f
Binary files /dev/null and b/msys2/usr/share/locale/bg/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/bg/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/bg/LC_MESSAGES/pacman.mo
new file mode 100644
index 000000000..5a3fb9b87
Binary files /dev/null and b/msys2/usr/share/locale/bg/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/bg/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/bg/LC_MESSAGES/sed.mo
index 6ef055853..a79a969cd 100644
Binary files a/msys2/usr/share/locale/bg/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/bg/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/bg/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/bg/LC_MESSAGES/wget.mo
index a08af3017..065bd6d07 100644
Binary files a/msys2/usr/share/locale/bg/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/bg/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/bg/LC_TIME/coreutils.mo b/msys2/usr/share/locale/bg/LC_TIME/coreutils.mo
index eb16d00de..cde875b8e 100644
Binary files a/msys2/usr/share/locale/bg/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/bg/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/br/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/br/LC_MESSAGES/libalpm.mo
index c5c82c22e..c09b4e295 100644
Binary files a/msys2/usr/share/locale/br/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/br/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/br/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/br/LC_MESSAGES/pacman-scripts.mo
index e5e918812..b39db0a19 100644
Binary files a/msys2/usr/share/locale/br/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/br/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/br/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/br/LC_MESSAGES/pacman.mo
index 31b14ab0f..201bf5ffd 100644
Binary files a/msys2/usr/share/locale/br/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/br/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/coreutils.mo
index 79c4696bf..a42540130 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/gawk.mo
index 7d3bc856f..99af8ab71 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/glib20.mo
index ef598363a..3a0eec031 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 2e6ed53df..000000000
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..0640f6342
Binary files /dev/null and b/msys2/usr/share/locale/ca/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/libalpm.mo
index 9aef8e42a..13184995d 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/pacman-scripts.mo
index 410fc1b86..7be6cb7a2 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/pacman.mo
index 17a7a651b..e2e33d5b7 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/sed.mo
index ab6f55183..32a87c6fd 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/util-linux.mo
index 82ec56f0d..26b68b73a 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/ca/LC_MESSAGES/wget.mo
index ea919b3e2..08916b3c9 100644
Binary files a/msys2/usr/share/locale/ca/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/ca/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/ca/LC_TIME/coreutils.mo b/msys2/usr/share/locale/ca/LC_TIME/coreutils.mo
index 79c4696bf..a42540130 100644
Binary files a/msys2/usr/share/locale/ca/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/ca/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ca@valencia/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ca@valencia/LC_MESSAGES/glib20.mo
index 675955820..b3bd52c0a 100644
Binary files a/msys2/usr/share/locale/ca@valencia/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ca@valencia/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/coreutils.mo
index 4a597b595..d04a43e3d 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/glib20.mo
index bb19823e0..86cd07d2e 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 1960a724c..000000000
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..95fb8915f
Binary files /dev/null and b/msys2/usr/share/locale/cs/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..ff0192d6a
Binary files /dev/null and b/msys2/usr/share/locale/cs/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/libalpm.mo
index 3457fe248..926f53eea 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/libgpg-error.mo
index aec56de57..b8267d700 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..f52d2b9d6
Binary files /dev/null and b/msys2/usr/share/locale/cs/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/pacman-scripts.mo
index da0cfed0b..1fcce03e2 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/pacman.mo
index 05315eb98..ad3378f88 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/sed.mo
index 3bc2c4c23..47804c8a1 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/util-linux.mo
index 6c4cad7f6..33730d794 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/wget.mo
index cfed33b5c..25d4bf917 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_MESSAGES/xz.mo b/msys2/usr/share/locale/cs/LC_MESSAGES/xz.mo
index 867315140..67c17249b 100644
Binary files a/msys2/usr/share/locale/cs/LC_MESSAGES/xz.mo and b/msys2/usr/share/locale/cs/LC_MESSAGES/xz.mo differ
diff --git a/msys2/usr/share/locale/cs/LC_TIME/coreutils.mo b/msys2/usr/share/locale/cs/LC_TIME/coreutils.mo
index 4a597b595..d04a43e3d 100644
Binary files a/msys2/usr/share/locale/cs/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/cs/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/da/LC_MESSAGES/coreutils.mo
index eba87b586..0c42252d6 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/da/LC_MESSAGES/gawk.mo
index b8f089ca6..83e2e5bdf 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/da/LC_MESSAGES/glib20.mo
index 6c45bef55..7555be15c 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/da/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index cc0d36c1f..000000000
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/da/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..13810ca9b
Binary files /dev/null and b/msys2/usr/share/locale/da/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/da/LC_MESSAGES/libalpm.mo
index 644e0accc..01bec07db 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/da/LC_MESSAGES/libgpg-error.mo
index a302b8427..4040e88fc 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/da/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..9842d2012
Binary files /dev/null and b/msys2/usr/share/locale/da/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/da/LC_MESSAGES/pacman-scripts.mo
index e33730f08..baf23c91e 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/da/LC_MESSAGES/pacman.mo
index 4f53e54ae..fcf39d5ae 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/da/LC_MESSAGES/sed.mo
index a89c1ca7d..93aa303d6 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/da/LC_MESSAGES/util-linux.mo
index b73fa3e49..301c5b4c6 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/da/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/da/LC_MESSAGES/wget.mo
index 564f84d48..6cd22dea5 100644
Binary files a/msys2/usr/share/locale/da/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/da/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/da/LC_TIME/coreutils.mo b/msys2/usr/share/locale/da/LC_TIME/coreutils.mo
index eba87b586..0c42252d6 100644
Binary files a/msys2/usr/share/locale/da/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/da/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/de/LC_MESSAGES/coreutils.mo
index bdda8f0d1..fa9eaee17 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/de/LC_MESSAGES/gawk.mo
index 6f681b011..19658107e 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/de/LC_MESSAGES/glib20.mo
index b236805c9..618703bcb 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/de/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 35ebf4905..000000000
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/de/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..b23ca166a
Binary files /dev/null and b/msys2/usr/share/locale/de/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/de/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..aedf7b76e
Binary files /dev/null and b/msys2/usr/share/locale/de/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/de/LC_MESSAGES/libalpm.mo
index 1a23ab269..0caa76efe 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/de/LC_MESSAGES/libgpg-error.mo
index d044db27f..3a2d702df 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/de/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..6ce5d64bb
Binary files /dev/null and b/msys2/usr/share/locale/de/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/de/LC_MESSAGES/pacman-scripts.mo
index 2dc6fb26d..a3bf4f6dd 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/de/LC_MESSAGES/pacman.mo
index 5077076a6..beb278720 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/de/LC_MESSAGES/sed.mo
index 6e6f5c8dd..f12b44daa 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/de/LC_MESSAGES/util-linux.mo
index a500e5319..5d3c47cf4 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/de/LC_MESSAGES/wget.mo
index b21f350b6..6942b53e9 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/de/LC_MESSAGES/xz.mo b/msys2/usr/share/locale/de/LC_MESSAGES/xz.mo
index d0b7fe126..1f3ebd7f7 100644
Binary files a/msys2/usr/share/locale/de/LC_MESSAGES/xz.mo and b/msys2/usr/share/locale/de/LC_MESSAGES/xz.mo differ
diff --git a/msys2/usr/share/locale/de/LC_TIME/coreutils.mo b/msys2/usr/share/locale/de/LC_TIME/coreutils.mo
index bdda8f0d1..fa9eaee17 100644
Binary files a/msys2/usr/share/locale/de/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/de/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/dz/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/dz/LC_MESSAGES/glib20.mo
index 508fac62a..05b4c4f3c 100644
Binary files a/msys2/usr/share/locale/dz/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/dz/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/el/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/el/LC_MESSAGES/coreutils.mo
index e3af767ed..7745fe0f8 100644
Binary files a/msys2/usr/share/locale/el/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/el/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/el/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/el/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index d9cdfac39..000000000
Binary files a/msys2/usr/share/locale/el/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/el/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/el/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..1609d4751
Binary files /dev/null and b/msys2/usr/share/locale/el/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/el/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/el/LC_MESSAGES/libalpm.mo
index b9e8f3386..aae5dbd4a 100644
Binary files a/msys2/usr/share/locale/el/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/el/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/el/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/el/LC_MESSAGES/pacman-scripts.mo
index 9181f9643..45f4a3a0c 100644
Binary files a/msys2/usr/share/locale/el/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/el/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/el/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/el/LC_MESSAGES/pacman.mo
index 74a8447e5..fd9f854f7 100644
Binary files a/msys2/usr/share/locale/el/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/el/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/el/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/el/LC_MESSAGES/sed.mo
index d5864f877..78a544d1d 100644
Binary files a/msys2/usr/share/locale/el/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/el/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/el/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/el/LC_MESSAGES/wget.mo
index c43ba2e75..71107a1d8 100644
Binary files a/msys2/usr/share/locale/el/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/el/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/el/LC_TIME/coreutils.mo b/msys2/usr/share/locale/el/LC_TIME/coreutils.mo
index e3af767ed..7745fe0f8 100644
Binary files a/msys2/usr/share/locale/el/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/el/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/en@boldquot/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/en@boldquot/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 737caea9e..000000000
Binary files a/msys2/usr/share/locale/en@boldquot/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..2dc2f5b25
Binary files /dev/null and b/msys2/usr/share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/en@quot/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/en@quot/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index c88ca2598..000000000
Binary files a/msys2/usr/share/locale/en@quot/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/en@quot/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/en@quot/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..aaa576a2e
Binary files /dev/null and b/msys2/usr/share/locale/en@quot/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/en@shaw/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/en@shaw/LC_MESSAGES/glib20.mo
index b0c90d723..7472b6564 100644
Binary files a/msys2/usr/share/locale/en@shaw/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/en@shaw/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/en_CA/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/en_CA/LC_MESSAGES/glib20.mo
index bee13bbd8..0a5855b83 100644
Binary files a/msys2/usr/share/locale/en_CA/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/en_CA/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/en_GB/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/en_GB/LC_MESSAGES/glib20.mo
index ec3888f11..d67a61599 100644
Binary files a/msys2/usr/share/locale/en_GB/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/en_GB/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/en_GB/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/en_GB/LC_MESSAGES/libalpm.mo
index 19f5ab4fa..f4871b3a7 100644
Binary files a/msys2/usr/share/locale/en_GB/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/en_GB/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/en_GB/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/en_GB/LC_MESSAGES/pacman-scripts.mo
index 7808ab3a2..3825e1ac8 100644
Binary files a/msys2/usr/share/locale/en_GB/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/en_GB/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/en_GB/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/en_GB/LC_MESSAGES/pacman.mo
index 1e3bc48fc..fe7686317 100644
Binary files a/msys2/usr/share/locale/en_GB/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/en_GB/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/en_GB/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/en_GB/LC_MESSAGES/wget.mo
index 100a90232..71a986a01 100644
Binary files a/msys2/usr/share/locale/en_GB/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/en_GB/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/coreutils.mo
index 8f9a23e18..4308d0547 100644
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/eo/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/glib20.mo
index 9eeed9fb7..d0db97ee8 100644
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/eo/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index d9079cb86..000000000
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..2f7cbd326
Binary files /dev/null and b/msys2/usr/share/locale/eo/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..540efdabc
Binary files /dev/null and b/msys2/usr/share/locale/eo/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/libalpm.mo
index 9b7a30b00..f9ee6276f 100644
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/eo/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/libgpg-error.mo
index 1099c7b0a..9d85248f8 100644
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/eo/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..ec2355387
Binary files /dev/null and b/msys2/usr/share/locale/eo/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/pacman-scripts.mo
index 5fd5f63c2..20d2ac97c 100644
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/eo/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/pacman.mo
index 52c6a9124..8a8f1b1d3 100644
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/eo/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/sed.mo
index ffd3c31ff..96c8251b3 100644
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/eo/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/eo/LC_MESSAGES/wget.mo
index 1ca08993f..74f33234b 100644
Binary files a/msys2/usr/share/locale/eo/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/eo/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/eo/LC_TIME/coreutils.mo b/msys2/usr/share/locale/eo/LC_TIME/coreutils.mo
index 8f9a23e18..4308d0547 100644
Binary files a/msys2/usr/share/locale/eo/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/eo/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/es/LC_MESSAGES/coreutils.mo
index 1b052a6b3..5dd1499a9 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/es/LC_MESSAGES/gawk.mo
index ed939bc4f..85ea9963b 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/es/LC_MESSAGES/glib20.mo
index e423ed689..a091a6159 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/es/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 9bb2b4140..000000000
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/es/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..146502dbd
Binary files /dev/null and b/msys2/usr/share/locale/es/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/es/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..c6dcfc63b
Binary files /dev/null and b/msys2/usr/share/locale/es/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/es/LC_MESSAGES/libalpm.mo
index e62509571..25f582005 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/es/LC_MESSAGES/libgpg-error.mo
new file mode 100644
index 000000000..1483207fe
Binary files /dev/null and b/msys2/usr/share/locale/es/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/es/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..91c01fa53
Binary files /dev/null and b/msys2/usr/share/locale/es/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/es/LC_MESSAGES/pacman-scripts.mo
index c86d53890..05444413d 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/es/LC_MESSAGES/pacman.mo
index e0cfc9609..25e7a3c19 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/es/LC_MESSAGES/sed.mo
index 03a42a0a6..547edf528 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/es/LC_MESSAGES/util-linux.mo
index e64a1c453..9d53b96a4 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/es/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/es/LC_MESSAGES/wget.mo
index c68ed7efe..23cc42d92 100644
Binary files a/msys2/usr/share/locale/es/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/es/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/es/LC_TIME/coreutils.mo b/msys2/usr/share/locale/es/LC_TIME/coreutils.mo
index 1b052a6b3..5dd1499a9 100644
Binary files a/msys2/usr/share/locale/es/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/es/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/es_419/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/es_419/LC_MESSAGES/libalpm.mo
index 4c7eaee92..e58db1417 100644
Binary files a/msys2/usr/share/locale/es_419/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/es_419/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/es_419/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/es_419/LC_MESSAGES/pacman-scripts.mo
index 64cdcd165..50987a744 100644
Binary files a/msys2/usr/share/locale/es_419/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/es_419/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/es_419/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/es_419/LC_MESSAGES/pacman.mo
index 14fe83f36..6a3f20af4 100644
Binary files a/msys2/usr/share/locale/es_419/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/es_419/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/et/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/et/LC_MESSAGES/coreutils.mo
index fefbcf99a..4df3d0f27 100644
Binary files a/msys2/usr/share/locale/et/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/et/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/et/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/et/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 81dcec25a..000000000
Binary files a/msys2/usr/share/locale/et/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/et/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/et/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..cdf8b000c
Binary files /dev/null and b/msys2/usr/share/locale/et/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/et/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/et/LC_MESSAGES/sed.mo
index 71a870df5..d763cf3a2 100644
Binary files a/msys2/usr/share/locale/et/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/et/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/et/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/et/LC_MESSAGES/util-linux.mo
index bd3774cc1..3742f891b 100644
Binary files a/msys2/usr/share/locale/et/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/et/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/et/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/et/LC_MESSAGES/wget.mo
index f3cb41ed5..c95188f0f 100644
Binary files a/msys2/usr/share/locale/et/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/et/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/et/LC_TIME/coreutils.mo b/msys2/usr/share/locale/et/LC_TIME/coreutils.mo
index fefbcf99a..4df3d0f27 100644
Binary files a/msys2/usr/share/locale/et/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/et/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/eu/LC_MESSAGES/coreutils.mo
index e92b540e8..cfb2fec2d 100644
Binary files a/msys2/usr/share/locale/eu/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/eu/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/eu/LC_MESSAGES/glib20.mo
index 4376343cb..d2f2b55c0 100644
Binary files a/msys2/usr/share/locale/eu/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/eu/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/eu/LC_MESSAGES/libalpm.mo
new file mode 100644
index 000000000..a871d89ed
Binary files /dev/null and b/msys2/usr/share/locale/eu/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/eu/LC_MESSAGES/pacman-scripts.mo
new file mode 100644
index 000000000..d8f6430fd
Binary files /dev/null and b/msys2/usr/share/locale/eu/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/eu/LC_MESSAGES/pacman.mo
new file mode 100644
index 000000000..0bff19835
Binary files /dev/null and b/msys2/usr/share/locale/eu/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/eu/LC_MESSAGES/sed.mo
index 04a8817e9..e440052d6 100644
Binary files a/msys2/usr/share/locale/eu/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/eu/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/eu/LC_MESSAGES/util-linux.mo
index 41dab9aa5..7b3fda1e7 100644
Binary files a/msys2/usr/share/locale/eu/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/eu/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/eu/LC_MESSAGES/wget.mo
index 16d8da8de..e56ee2c1f 100644
Binary files a/msys2/usr/share/locale/eu/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/eu/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/eu/LC_TIME/coreutils.mo b/msys2/usr/share/locale/eu/LC_TIME/coreutils.mo
index e92b540e8..cfb2fec2d 100644
Binary files a/msys2/usr/share/locale/eu/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/eu/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/eu_ES/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/eu_ES/LC_MESSAGES/libalpm.mo
new file mode 100644
index 000000000..3f5238bd1
Binary files /dev/null and b/msys2/usr/share/locale/eu_ES/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/eu_ES/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/eu_ES/LC_MESSAGES/pacman-scripts.mo
new file mode 100644
index 000000000..c2fe117ee
Binary files /dev/null and b/msys2/usr/share/locale/eu_ES/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/eu_ES/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/eu_ES/LC_MESSAGES/pacman.mo
new file mode 100644
index 000000000..1320ffae7
Binary files /dev/null and b/msys2/usr/share/locale/eu_ES/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/fa/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/fa/LC_MESSAGES/glib20.mo
index 4510c2ee3..48016a8a6 100644
Binary files a/msys2/usr/share/locale/fa/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/fa/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/fa/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/fa/LC_MESSAGES/pacman.mo
deleted file mode 100644
index aa069063c..000000000
Binary files a/msys2/usr/share/locale/fa/LC_MESSAGES/pacman.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/coreutils.mo
index 81e45e34e..478229a38 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/gawk.mo
index c4eb1a636..7501fcf25 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/glib20.mo
index cfa01d96e..17924a804 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 01404ab76..000000000
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..e87dccc8a
Binary files /dev/null and b/msys2/usr/share/locale/fi/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..416699695
Binary files /dev/null and b/msys2/usr/share/locale/fi/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/libalpm.mo
index 58505f01c..eda0f17a4 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..2ebfacb29
Binary files /dev/null and b/msys2/usr/share/locale/fi/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/pacman-scripts.mo
index ee9be6b6b..97730ec10 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/pacman.mo
index 86e3b28df..1aad7b228 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/sed.mo
index 4ef86e14b..d5b826b64 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/util-linux.mo
index 8b66f35fe..52aa16730 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/fi/LC_MESSAGES/wget.mo
index 8e113f8e7..eb6cf2519 100644
Binary files a/msys2/usr/share/locale/fi/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/fi/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/fi/LC_TIME/coreutils.mo b/msys2/usr/share/locale/fi/LC_TIME/coreutils.mo
index 81e45e34e..478229a38 100644
Binary files a/msys2/usr/share/locale/fi/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/fi/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/coreutils.mo
index f88d65fa1..ea2678605 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/gawk.mo
index 61e902484..01be14162 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/glib20.mo
index 63af1badd..4b81907bf 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 91a98671e..000000000
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..1a3282626
Binary files /dev/null and b/msys2/usr/share/locale/fr/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..13b4c0e03
Binary files /dev/null and b/msys2/usr/share/locale/fr/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/libalpm.mo
index 3733a30ec..97c9c76f5 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/libgpg-error.mo
index d249121d4..573d32450 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..61eace22d
Binary files /dev/null and b/msys2/usr/share/locale/fr/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/pacman-scripts.mo
index 0493efb62..7e393c3d3 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/pacman.mo
index 7c71eac2a..501e6dc45 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/sed.mo
index f59538c70..13864a347 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/util-linux.mo
index ea72d814f..93dcd8d5d 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/wget.mo
index 7fee582b8..005d44848 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_MESSAGES/xz.mo b/msys2/usr/share/locale/fr/LC_MESSAGES/xz.mo
index d3d8476ac..a5f7edadf 100644
Binary files a/msys2/usr/share/locale/fr/LC_MESSAGES/xz.mo and b/msys2/usr/share/locale/fr/LC_MESSAGES/xz.mo differ
diff --git a/msys2/usr/share/locale/fr/LC_TIME/coreutils.mo b/msys2/usr/share/locale/fr/LC_TIME/coreutils.mo
index f88d65fa1..ea2678605 100644
Binary files a/msys2/usr/share/locale/fr/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/fr/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/fur/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/fur/LC_MESSAGES/glib20.mo
new file mode 100644
index 000000000..43c8c1453
Binary files /dev/null and b/msys2/usr/share/locale/fur/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/fur/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/fur/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..8298d6424
Binary files /dev/null and b/msys2/usr/share/locale/fur/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/ga/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/ga/LC_MESSAGES/coreutils.mo
index f9dddbe42..a534af525 100644
Binary files a/msys2/usr/share/locale/ga/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/ga/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ga/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/ga/LC_MESSAGES/sed.mo
index 26ed789fb..5fa2e62b0 100644
Binary files a/msys2/usr/share/locale/ga/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/ga/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/ga/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/ga/LC_MESSAGES/wget.mo
index 68f8caee9..d1284b097 100644
Binary files a/msys2/usr/share/locale/ga/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/ga/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/ga/LC_TIME/coreutils.mo b/msys2/usr/share/locale/ga/LC_TIME/coreutils.mo
index f9dddbe42..a534af525 100644
Binary files a/msys2/usr/share/locale/ga/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/ga/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/coreutils.mo
index 475083f59..ce3f34107 100644
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/gl/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/glib20.mo
index 92b832c81..01d5fe6bb 100644
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/gl/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 83d956153..000000000
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..5f34507e8
Binary files /dev/null and b/msys2/usr/share/locale/gl/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/libalpm.mo
index cc77fd620..491fafc85 100644
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/gl/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/pacman-scripts.mo
index 1dd79ad86..0331ce3d3 100644
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/gl/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/pacman.mo
index 882fbf84c..fad2c9211 100644
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/gl/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/sed.mo
index 026eb0f42..5e4290ad2 100644
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/gl/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/util-linux.mo
index 4f678f00f..85f975ff0 100644
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/gl/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/gl/LC_MESSAGES/wget.mo
index 120948fd6..886a8a753 100644
Binary files a/msys2/usr/share/locale/gl/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/gl/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/gl/LC_TIME/coreutils.mo b/msys2/usr/share/locale/gl/LC_TIME/coreutils.mo
index 475083f59..ce3f34107 100644
Binary files a/msys2/usr/share/locale/gl/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/gl/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/gu/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/gu/LC_MESSAGES/glib20.mo
index 9ba72e983..32ee1014f 100644
Binary files a/msys2/usr/share/locale/gu/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/gu/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/he/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/he/LC_MESSAGES/glib20.mo
index a6c2a4656..9afa0b658 100644
Binary files a/msys2/usr/share/locale/he/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/he/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/he/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/he/LC_MESSAGES/sed.mo
index cafc0834a..06f475e0f 100644
Binary files a/msys2/usr/share/locale/he/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/he/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/he/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/he/LC_MESSAGES/wget.mo
index b00d03ef3..3e174fb22 100644
Binary files a/msys2/usr/share/locale/he/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/he/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/coreutils.mo
index 4fdea246e..c6e35a798 100644
Binary files a/msys2/usr/share/locale/hr/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/hr/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/glib20.mo
index eadb0ab46..a8b2f6df7 100644
Binary files a/msys2/usr/share/locale/hr/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/hr/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/libalpm.mo
index 7781d988e..466183529 100644
Binary files a/msys2/usr/share/locale/hr/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/hr/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..b97f65610
Binary files /dev/null and b/msys2/usr/share/locale/hr/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/pacman-scripts.mo
deleted file mode 100644
index 78a4da73a..000000000
Binary files a/msys2/usr/share/locale/hr/LC_MESSAGES/pacman-scripts.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/pacman.mo
index 2ba294986..0d785306c 100644
Binary files a/msys2/usr/share/locale/hr/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/hr/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/sed.mo
index de3a6bf87..2d4b76088 100644
Binary files a/msys2/usr/share/locale/hr/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/hr/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/util-linux.mo
index 9481e5408..b701aa836 100644
Binary files a/msys2/usr/share/locale/hr/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/hr/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/hr/LC_MESSAGES/wget.mo
index fee14ce9a..784b77a62 100644
Binary files a/msys2/usr/share/locale/hr/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/hr/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/hr/LC_TIME/coreutils.mo b/msys2/usr/share/locale/hr/LC_TIME/coreutils.mo
index 4fdea246e..c6e35a798 100644
Binary files a/msys2/usr/share/locale/hr/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/hr/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/coreutils.mo
index ebad3bbb8..f07b323b8 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/glib20.mo
index 94af1a76b..f0756defa 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 7c35ad0b6..000000000
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..91993c718
Binary files /dev/null and b/msys2/usr/share/locale/hu/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/libalpm.mo
index 0e02813f3..cdb5249ae 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/libgpg-error.mo
index 4b97b2501..0dc263abe 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..45f972069
Binary files /dev/null and b/msys2/usr/share/locale/hu/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/pacman-scripts.mo
index f06b87fc1..ffc06de7c 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/pacman.mo
index 3500917ab..d82743d7b 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/sed.mo
index ea5104ceb..e2ed7115d 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/util-linux.mo
index 0b7c4e201..674abac2e 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/hu/LC_MESSAGES/wget.mo
index 92abe4fd4..e2ff20ee2 100644
Binary files a/msys2/usr/share/locale/hu/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/hu/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/hu/LC_TIME/coreutils.mo b/msys2/usr/share/locale/hu/LC_TIME/coreutils.mo
index ebad3bbb8..f07b323b8 100644
Binary files a/msys2/usr/share/locale/hu/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/hu/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ia/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/ia/LC_MESSAGES/coreutils.mo
index aa36c2d41..647d111c3 100644
Binary files a/msys2/usr/share/locale/ia/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/ia/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ia/LC_TIME/coreutils.mo b/msys2/usr/share/locale/ia/LC_TIME/coreutils.mo
index aa36c2d41..647d111c3 100644
Binary files a/msys2/usr/share/locale/ia/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/ia/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/id/LC_MESSAGES/coreutils.mo
index d4a0bcfe3..ca349f606 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/id/LC_MESSAGES/gawk.mo
index 74e097c4b..1c0a39534 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/id/LC_MESSAGES/glib20.mo
index 005213acb..f6167e16b 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/id/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 8cddd2963..000000000
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/id/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..113d8d081
Binary files /dev/null and b/msys2/usr/share/locale/id/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/id/LC_MESSAGES/libalpm.mo
index c39e19190..01326d148 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/id/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..2ef498d6e
Binary files /dev/null and b/msys2/usr/share/locale/id/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/id/LC_MESSAGES/pacman-scripts.mo
index 76760b125..12c2234bd 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/id/LC_MESSAGES/pacman.mo
index 049bf747e..ddc786317 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/id/LC_MESSAGES/sed.mo
index b3e41b9fa..5f4a25660 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/id/LC_MESSAGES/util-linux.mo
index f432f6c4e..00bc17fd0 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/id/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/id/LC_MESSAGES/wget.mo
index a6b3798a5..c9fe1dcdb 100644
Binary files a/msys2/usr/share/locale/id/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/id/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/id/LC_TIME/coreutils.mo b/msys2/usr/share/locale/id/LC_TIME/coreutils.mo
index d4a0bcfe3..ca349f606 100644
Binary files a/msys2/usr/share/locale/id/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/id/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/is/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/is/LC_MESSAGES/libalpm.mo
deleted file mode 100644
index 3898297c7..000000000
Binary files a/msys2/usr/share/locale/is/LC_MESSAGES/libalpm.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/is/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/is/LC_MESSAGES/pacman-scripts.mo
deleted file mode 100644
index fe4c04e31..000000000
Binary files a/msys2/usr/share/locale/is/LC_MESSAGES/pacman-scripts.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/is/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/is/LC_MESSAGES/pacman.mo
deleted file mode 100644
index f019bbd29..000000000
Binary files a/msys2/usr/share/locale/is/LC_MESSAGES/pacman.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/it/LC_MESSAGES/coreutils.mo
index 24e0710e1..2e9a4b0d3 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/it/LC_MESSAGES/gawk.mo
index 35ab6c058..86e1e9b18 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/it/LC_MESSAGES/glib20.mo
index ec84c051a..e4f5e40e6 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/it/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 33fb49c6b..000000000
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/it/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..2bf83b181
Binary files /dev/null and b/msys2/usr/share/locale/it/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/it/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..828094391
Binary files /dev/null and b/msys2/usr/share/locale/it/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/it/LC_MESSAGES/libalpm.mo
index cfb02b5f7..16d5c58e7 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/it/LC_MESSAGES/libgpg-error.mo
index 7653cfb26..a00e4fa87 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/it/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..cc924ce13
Binary files /dev/null and b/msys2/usr/share/locale/it/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/it/LC_MESSAGES/pacman-scripts.mo
index 507e9b12e..4ce1f5651 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/it/LC_MESSAGES/pacman.mo
index 0bd3afa83..1ce0c7d7b 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/it/LC_MESSAGES/sed.mo
index 1e206c2fe..0785444c9 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/it/LC_MESSAGES/util-linux.mo
index addb01d34..c8be44838 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/it/LC_MESSAGES/wget.mo
index a91665424..29d5d9af3 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/it/LC_MESSAGES/xz.mo b/msys2/usr/share/locale/it/LC_MESSAGES/xz.mo
index 9be60ef2f..498ff1ade 100644
Binary files a/msys2/usr/share/locale/it/LC_MESSAGES/xz.mo and b/msys2/usr/share/locale/it/LC_MESSAGES/xz.mo differ
diff --git a/msys2/usr/share/locale/it/LC_TIME/coreutils.mo b/msys2/usr/share/locale/it/LC_TIME/coreutils.mo
index 24e0710e1..2e9a4b0d3 100644
Binary files a/msys2/usr/share/locale/it/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/it/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/coreutils.mo
index 2d34609da..c70613ff4 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/gawk.mo
index feede1f0c..34dfa1105 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 3c40465d0..000000000
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..d9a1b2574
Binary files /dev/null and b/msys2/usr/share/locale/ja/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/libalpm.mo
index 1d48e2282..753330a00 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/libgpg-error.mo
index 692149865..0e68b65d7 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..7e2e3a5f4
Binary files /dev/null and b/msys2/usr/share/locale/ja/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/pacman-scripts.mo
index 92db7011e..3276bf2f0 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/pacman.mo
index ea2c39fc3..d1b3e7d60 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/sed.mo
index a64facd9f..95bf906c5 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/util-linux.mo
index fa8261e0b..074a46a94 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/ja/LC_MESSAGES/wget.mo
index b58fc0521..ac3bcbbd2 100644
Binary files a/msys2/usr/share/locale/ja/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/ja/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/ja/LC_TIME/coreutils.mo b/msys2/usr/share/locale/ja/LC_TIME/coreutils.mo
index 2d34609da..c70613ff4 100644
Binary files a/msys2/usr/share/locale/ja/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/ja/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ka/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/ka/LC_MESSAGES/libalpm.mo
deleted file mode 100644
index 92f28be30..000000000
Binary files a/msys2/usr/share/locale/ka/LC_MESSAGES/libalpm.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/ka/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/ka/LC_MESSAGES/pacman-scripts.mo
deleted file mode 100644
index 3f09af525..000000000
Binary files a/msys2/usr/share/locale/ka/LC_MESSAGES/pacman-scripts.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/ka/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/ka/LC_MESSAGES/pacman.mo
deleted file mode 100644
index 9d677acca..000000000
Binary files a/msys2/usr/share/locale/ka/LC_MESSAGES/pacman.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/kk/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/kk/LC_MESSAGES/coreutils.mo
index 1b1285800..5b40416b6 100644
Binary files a/msys2/usr/share/locale/kk/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/kk/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/kk/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/kk/LC_MESSAGES/glib20.mo
index fc221b278..f88045f84 100644
Binary files a/msys2/usr/share/locale/kk/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/kk/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/kk/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/kk/LC_MESSAGES/libalpm.mo
index c8924d37d..f497ce8dc 100644
Binary files a/msys2/usr/share/locale/kk/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/kk/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/kk/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/kk/LC_MESSAGES/pacman-scripts.mo
deleted file mode 100644
index 918881ea2..000000000
Binary files a/msys2/usr/share/locale/kk/LC_MESSAGES/pacman-scripts.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/kk/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/kk/LC_MESSAGES/pacman.mo
index 66f6acc22..67d3169b2 100644
Binary files a/msys2/usr/share/locale/kk/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/kk/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/kk/LC_TIME/coreutils.mo b/msys2/usr/share/locale/kk/LC_TIME/coreutils.mo
index 1b1285800..5b40416b6 100644
Binary files a/msys2/usr/share/locale/kk/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/kk/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ko/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/ko/LC_MESSAGES/coreutils.mo
index fa6ef3bb6..3c57d28b5 100644
Binary files a/msys2/usr/share/locale/ko/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/ko/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ko/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/ko/LC_MESSAGES/gawk.mo
new file mode 100644
index 000000000..84f22d93b
Binary files /dev/null and b/msys2/usr/share/locale/ko/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/ko/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ko/LC_MESSAGES/glib20.mo
index 9f3cd2f6a..db53960df 100644
Binary files a/msys2/usr/share/locale/ko/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ko/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ko/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/ko/LC_MESSAGES/libalpm.mo
index f675d22a9..a47412710 100644
Binary files a/msys2/usr/share/locale/ko/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/ko/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/ko/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/ko/LC_MESSAGES/pacman-scripts.mo
index 831d3a29f..fdf08845e 100644
Binary files a/msys2/usr/share/locale/ko/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/ko/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/ko/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/ko/LC_MESSAGES/pacman.mo
index 6273e1b6d..6992f10b9 100644
Binary files a/msys2/usr/share/locale/ko/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/ko/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/ko/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/ko/LC_MESSAGES/sed.mo
index cda2f5c49..bf410bfd5 100644
Binary files a/msys2/usr/share/locale/ko/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/ko/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/ko/LC_TIME/coreutils.mo b/msys2/usr/share/locale/ko/LC_TIME/coreutils.mo
index fa6ef3bb6..3c57d28b5 100644
Binary files a/msys2/usr/share/locale/ko/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/ko/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/lg/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/lg/LC_MESSAGES/coreutils.mo
index 15936785e..88474ba85 100644
Binary files a/msys2/usr/share/locale/lg/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/lg/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/lg/LC_TIME/coreutils.mo b/msys2/usr/share/locale/lg/LC_TIME/coreutils.mo
index 15936785e..88474ba85 100644
Binary files a/msys2/usr/share/locale/lg/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/lg/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/lt/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/lt/LC_MESSAGES/coreutils.mo
index 994968f4e..91aeb876c 100644
Binary files a/msys2/usr/share/locale/lt/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/lt/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/lt/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/lt/LC_MESSAGES/glib20.mo
index 12a3c9001..ebf2285c6 100644
Binary files a/msys2/usr/share/locale/lt/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/lt/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/lt/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/lt/LC_MESSAGES/libalpm.mo
index e89640a41..34ea08a2e 100644
Binary files a/msys2/usr/share/locale/lt/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/lt/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/lt/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/lt/LC_MESSAGES/pacman-scripts.mo
index a4bb53f1a..dc6a5ffa9 100644
Binary files a/msys2/usr/share/locale/lt/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/lt/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/lt/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/lt/LC_MESSAGES/pacman.mo
index 24881ddfa..9e5348cdd 100644
Binary files a/msys2/usr/share/locale/lt/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/lt/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/lt/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/lt/LC_MESSAGES/wget.mo
index 281c1aa0a..dd19b0ca3 100644
Binary files a/msys2/usr/share/locale/lt/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/lt/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/lt/LC_TIME/coreutils.mo b/msys2/usr/share/locale/lt/LC_TIME/coreutils.mo
index 994968f4e..91aeb876c 100644
Binary files a/msys2/usr/share/locale/lt/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/lt/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/lv/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/lv/LC_MESSAGES/glib20.mo
index ee708b1cd..3cabccd93 100644
Binary files a/msys2/usr/share/locale/lv/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/lv/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/mai/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/mai/LC_MESSAGES/glib20.mo
index d11fc6686..674fa2792 100644
Binary files a/msys2/usr/share/locale/mai/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/mai/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/mg/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/mg/LC_MESSAGES/glib20.mo
index dceff01f8..4b007afce 100644
Binary files a/msys2/usr/share/locale/mg/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/mg/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ml/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ml/LC_MESSAGES/glib20.mo
index a935ce544..71e8585f4 100644
Binary files a/msys2/usr/share/locale/ml/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ml/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ms/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/ms/LC_MESSAGES/coreutils.mo
index 0c2868d14..2df429471 100644
Binary files a/msys2/usr/share/locale/ms/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/ms/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ms/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/ms/LC_MESSAGES/gawk.mo
index b082a527e..980363d94 100644
Binary files a/msys2/usr/share/locale/ms/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/ms/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/ms/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ms/LC_MESSAGES/glib20.mo
index ac95642b2..2f707754c 100644
Binary files a/msys2/usr/share/locale/ms/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ms/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ms/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/ms/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..3b820b2cc
Binary files /dev/null and b/msys2/usr/share/locale/ms/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/ms/LC_TIME/coreutils.mo b/msys2/usr/share/locale/ms/LC_TIME/coreutils.mo
index 0c2868d14..2df429471 100644
Binary files a/msys2/usr/share/locale/ms/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/ms/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/coreutils.mo
index bc5212a19..a9d2a9e10 100644
Binary files a/msys2/usr/share/locale/nb/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/nb/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/glib20.mo
index 91866c35c..7866a53ff 100644
Binary files a/msys2/usr/share/locale/nb/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/nb/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 262e7525b..000000000
Binary files a/msys2/usr/share/locale/nb/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..11459b727
Binary files /dev/null and b/msys2/usr/share/locale/nb/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/libalpm.mo
index 00a9ba521..22e4dbbb7 100644
Binary files a/msys2/usr/share/locale/nb/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/nb/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/pacman-scripts.mo
index 3e0169c3d..42db67f78 100644
Binary files a/msys2/usr/share/locale/nb/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/nb/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/pacman.mo
index 43252eb40..d71b2dcf4 100644
Binary files a/msys2/usr/share/locale/nb/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/nb/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/sed.mo
index bc1aa0bb9..f4afba5db 100644
Binary files a/msys2/usr/share/locale/nb/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/nb/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/nb/LC_MESSAGES/wget.mo
index b8b52109d..19c6a82a0 100644
Binary files a/msys2/usr/share/locale/nb/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/nb/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/nb/LC_TIME/coreutils.mo b/msys2/usr/share/locale/nb/LC_TIME/coreutils.mo
index bc5212a19..a9d2a9e10 100644
Binary files a/msys2/usr/share/locale/nb/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/nb/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/nds/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/nds/LC_MESSAGES/glib20.mo
index 6d34550fd..4f4024ec0 100644
Binary files a/msys2/usr/share/locale/nds/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/nds/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ne/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ne/LC_MESSAGES/glib20.mo
index 04bcf5546..c5cc2432f 100644
Binary files a/msys2/usr/share/locale/ne/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ne/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/coreutils.mo
index c4f9cb3fc..4e67b825e 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/gawk.mo
index c8195f3f1..d8b57264b 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 34ee513e5..000000000
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..f856b37f9
Binary files /dev/null and b/msys2/usr/share/locale/nl/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/libalpm.mo
index eea29e441..aeb019623 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/libgpg-error.mo
index 8a32eb1ac..c146dcbc5 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..b6853b046
Binary files /dev/null and b/msys2/usr/share/locale/nl/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/pacman-scripts.mo
index b787b8f2b..05710f37d 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/pacman.mo
index 403ddc1d7..4234c17d8 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/sed.mo
index b0409b9ec..302d5d1d7 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/util-linux.mo
index 24190c035..de5d1084f 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/nl/LC_MESSAGES/wget.mo
index e62dba021..e97b67217 100644
Binary files a/msys2/usr/share/locale/nl/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/nl/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/nl/LC_TIME/coreutils.mo b/msys2/usr/share/locale/nl/LC_TIME/coreutils.mo
index c4f9cb3fc..4e67b825e 100644
Binary files a/msys2/usr/share/locale/nl/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/nl/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/oc/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/oc/LC_MESSAGES/glib20.mo
index b587273b4..f461da365 100644
Binary files a/msys2/usr/share/locale/oc/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/oc/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/coreutils.mo
index 0679a407d..f73e17de5 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/gawk.mo
index 7386ddfaa..47327b6b3 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/glib20.mo
index afdd4a2e0..af6966efc 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index f7a0bc634..000000000
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..78cc4dfd3
Binary files /dev/null and b/msys2/usr/share/locale/pl/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..d74147722
Binary files /dev/null and b/msys2/usr/share/locale/pl/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/libalpm.mo
index 21e13ebcc..31285b5a8 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/libgpg-error.mo
index 8be78a2fb..d4020e6ec 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..ec8217cd9
Binary files /dev/null and b/msys2/usr/share/locale/pl/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/pacman-scripts.mo
index 5530991d9..9ffdd3c2d 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/pacman.mo
index af4cd884b..55278aacf 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/sed.mo
index 970f09897..1891c113c 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/util-linux.mo
index 775828295..cf15ff05e 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/wget.mo
index eb35da6cd..00df6bab6 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_MESSAGES/xz.mo b/msys2/usr/share/locale/pl/LC_MESSAGES/xz.mo
index f778b9a2a..2f532a489 100644
Binary files a/msys2/usr/share/locale/pl/LC_MESSAGES/xz.mo and b/msys2/usr/share/locale/pl/LC_MESSAGES/xz.mo differ
diff --git a/msys2/usr/share/locale/pl/LC_TIME/coreutils.mo b/msys2/usr/share/locale/pl/LC_TIME/coreutils.mo
index 0679a407d..f73e17de5 100644
Binary files a/msys2/usr/share/locale/pl/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/pl/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/coreutils.mo
index aadacdb36..fc58e391a 100644
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/pt/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/glib20.mo
index f6e61abac..6acec0b05 100644
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/pt/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 70b819e5c..000000000
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..f16d09017
Binary files /dev/null and b/msys2/usr/share/locale/pt/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/libalpm.mo
index b5f3e7cbd..f8a765d17 100644
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/pt/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/libgpg-error.mo
index f14c3cc4c..bea1d9b0d 100644
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/pt/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/pacman-scripts.mo
index aaf9d7a1a..52f0d61ad 100644
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/pt/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/pacman.mo
index 49abe1b28..98951b58f 100644
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/pt/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/sed.mo
index b3102fbfa..2ab90c64d 100644
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/pt/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/pt/LC_MESSAGES/wget.mo
index 11a64ed29..8126f8a4a 100644
Binary files a/msys2/usr/share/locale/pt/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/pt/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/pt/LC_TIME/coreutils.mo b/msys2/usr/share/locale/pt/LC_TIME/coreutils.mo
index aadacdb36..fc58e391a 100644
Binary files a/msys2/usr/share/locale/pt/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/pt/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/coreutils.mo
index 30a2950e6..473fda446 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gawk.mo
index 40e50b35a..dbf043d8c 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/glib20.mo
index 6ee537583..406d27d08 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index b884db419..000000000
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..4dafe4e70
Binary files /dev/null and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/libalpm.mo
index 035366729..722159c94 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..d5a147917
Binary files /dev/null and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/pacman-scripts.mo
index d0e6d4fc5..89988b474 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/pacman.mo
index 43812cfbc..e3d4c75e1 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/sed.mo
index f80abc8d8..711d0731a 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/util-linux.mo
index 3ebbd073f..b3e6fac66 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/wget.mo
index 7951fb13a..a1c2249c9 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/pt_BR/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/pt_BR/LC_TIME/coreutils.mo b/msys2/usr/share/locale/pt_BR/LC_TIME/coreutils.mo
index 30a2950e6..473fda446 100644
Binary files a/msys2/usr/share/locale/pt_BR/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/pt_BR/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/coreutils.mo
index b1cc847ca..609e50619 100644
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/ro/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/glib20.mo
index a0e6471d5..8d32f1797 100644
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ro/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 98a7594a9..000000000
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..cd59f2ebf
Binary files /dev/null and b/msys2/usr/share/locale/ro/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/libalpm.mo
index c5f4db651..a73210742 100644
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/ro/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/libgpg-error.mo
index 3ca1ae5dc..ee9915613 100644
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/ro/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..ba6fd34ee
Binary files /dev/null and b/msys2/usr/share/locale/ro/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/pacman-scripts.mo
index 59d107c87..7a4df240e 100644
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/ro/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/pacman.mo
index 3b0b587ce..e447696f7 100644
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/ro/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/sed.mo
index d15927d63..f43f1fc1d 100644
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/ro/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/ro/LC_MESSAGES/wget.mo
index e7ea73a54..873d5c34e 100644
Binary files a/msys2/usr/share/locale/ro/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/ro/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/ro/LC_TIME/coreutils.mo b/msys2/usr/share/locale/ro/LC_TIME/coreutils.mo
index b1cc847ca..609e50619 100644
Binary files a/msys2/usr/share/locale/ro/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/ro/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/coreutils.mo
index 67558cdf5..9ddf9e674 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/glib20.mo
index a09240612..793116c14 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 962ec9151..000000000
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..ef503ea42
Binary files /dev/null and b/msys2/usr/share/locale/ru/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/libalpm.mo
index 480d5e3dc..55a5e1f26 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/libgpg-error.mo
index 0fd2d56f2..1667c3a76 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/pacman-scripts.mo
index 49fd88644..e40fe69d3 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/pacman.mo
index de0d6aaf9..35ebad262 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/sed.mo
index 1058df591..97d2fe681 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/util-linux.mo
index 8e029da7f..6495b69e8 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/ru/LC_MESSAGES/wget.mo
index ab813c17a..b7a4d5438 100644
Binary files a/msys2/usr/share/locale/ru/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/ru/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/ru/LC_TIME/coreutils.mo b/msys2/usr/share/locale/ru/LC_TIME/coreutils.mo
index 67558cdf5..9ddf9e674 100644
Binary files a/msys2/usr/share/locale/ru/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/ru/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/coreutils.mo
index 2a46253e7..a13c1c64a 100644
Binary files a/msys2/usr/share/locale/sk/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/sk/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/glib20.mo
index 2d636615f..7dccc1b28 100644
Binary files a/msys2/usr/share/locale/sk/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/sk/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index cdc44ce35..000000000
Binary files a/msys2/usr/share/locale/sk/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..d160c5fc9
Binary files /dev/null and b/msys2/usr/share/locale/sk/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/libalpm.mo
index 4a88f2afb..1c103c8c3 100644
Binary files a/msys2/usr/share/locale/sk/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/sk/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/pacman-scripts.mo
index 13fd454e4..5f4b48e40 100644
Binary files a/msys2/usr/share/locale/sk/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/sk/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/pacman.mo
index a8316fdf5..3a24a8c70 100644
Binary files a/msys2/usr/share/locale/sk/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/sk/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/sed.mo
index 471a601bb..28f3a22d3 100644
Binary files a/msys2/usr/share/locale/sk/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/sk/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/sk/LC_MESSAGES/wget.mo
index a639f9c8f..b1d6a4b86 100644
Binary files a/msys2/usr/share/locale/sk/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/sk/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/sk/LC_TIME/coreutils.mo b/msys2/usr/share/locale/sk/LC_TIME/coreutils.mo
index 2a46253e7..a13c1c64a 100644
Binary files a/msys2/usr/share/locale/sk/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/sk/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/sl/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/sl/LC_MESSAGES/coreutils.mo
index f538c1665..cfdf2667e 100644
Binary files a/msys2/usr/share/locale/sl/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/sl/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/sl/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/sl/LC_MESSAGES/glib20.mo
index f90a48a8a..4917cb4b6 100644
Binary files a/msys2/usr/share/locale/sl/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/sl/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/sl/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/sl/LC_MESSAGES/libalpm.mo
index e18852915..984a8f980 100644
Binary files a/msys2/usr/share/locale/sl/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/sl/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/sl/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/sl/LC_MESSAGES/pacman-scripts.mo
deleted file mode 100644
index b33b40e89..000000000
Binary files a/msys2/usr/share/locale/sl/LC_MESSAGES/pacman-scripts.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/sl/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/sl/LC_MESSAGES/pacman.mo
index 976c00d5c..373f9b519 100644
Binary files a/msys2/usr/share/locale/sl/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/sl/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/sl/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/sl/LC_MESSAGES/sed.mo
index 021077608..1104e22e5 100644
Binary files a/msys2/usr/share/locale/sl/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/sl/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/sl/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/sl/LC_MESSAGES/util-linux.mo
index a6c83172c..577dfed67 100644
Binary files a/msys2/usr/share/locale/sl/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/sl/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/sl/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/sl/LC_MESSAGES/wget.mo
index 418c133ee..ffca4a480 100644
Binary files a/msys2/usr/share/locale/sl/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/sl/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/sl/LC_TIME/coreutils.mo b/msys2/usr/share/locale/sl/LC_TIME/coreutils.mo
index f538c1665..cfdf2667e 100644
Binary files a/msys2/usr/share/locale/sl/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/sl/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/sq/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/sq/LC_MESSAGES/glib20.mo
index c814c3547..367a7f889 100644
Binary files a/msys2/usr/share/locale/sq/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/sq/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/coreutils.mo
index a747474df..afe0afbc5 100644
Binary files a/msys2/usr/share/locale/sr/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/sr/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/glib20.mo
index 78194d054..a8fe15577 100644
Binary files a/msys2/usr/share/locale/sr/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/sr/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..2803cae57
Binary files /dev/null and b/msys2/usr/share/locale/sr/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/libalpm.mo
index d8d37ffde..57993f90d 100644
Binary files a/msys2/usr/share/locale/sr/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/sr/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/libgpg-error.mo
index bfd475963..9726c2535 100644
Binary files a/msys2/usr/share/locale/sr/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/sr/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..9fab02aa5
Binary files /dev/null and b/msys2/usr/share/locale/sr/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/pacman-scripts.mo
index 0d7f41832..74c19d39f 100644
Binary files a/msys2/usr/share/locale/sr/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/sr/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/pacman.mo
index faf42cd94..255e338f4 100644
Binary files a/msys2/usr/share/locale/sr/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/sr/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/sed.mo
index ae4012dc3..ee9d81603 100644
Binary files a/msys2/usr/share/locale/sr/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/sr/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/sr/LC_MESSAGES/wget.mo
index 03ada5f89..037aee331 100644
Binary files a/msys2/usr/share/locale/sr/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/sr/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/sr/LC_TIME/coreutils.mo b/msys2/usr/share/locale/sr/LC_TIME/coreutils.mo
index a747474df..afe0afbc5 100644
Binary files a/msys2/usr/share/locale/sr/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/sr/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/sr@ije/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/sr@ije/LC_MESSAGES/glib20.mo
index 94da95ccf..d73daae0c 100644
Binary files a/msys2/usr/share/locale/sr@ije/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/sr@ije/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/sr@latin/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/sr@latin/LC_MESSAGES/glib20.mo
index e1ac5aba4..d1022c224 100644
Binary files a/msys2/usr/share/locale/sr@latin/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/sr@latin/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/sr@latin/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/sr@latin/LC_MESSAGES/libalpm.mo
index 174de3a99..007d22425 100644
Binary files a/msys2/usr/share/locale/sr@latin/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/sr@latin/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/sr@latin/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/sr@latin/LC_MESSAGES/pacman-scripts.mo
index 731b05daa..54a4cb37e 100644
Binary files a/msys2/usr/share/locale/sr@latin/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/sr@latin/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/sr@latin/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/sr@latin/LC_MESSAGES/pacman.mo
index 3960e5503..a863a07b7 100644
Binary files a/msys2/usr/share/locale/sr@latin/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/sr@latin/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/coreutils.mo
index 0c518cf46..51e21dd70 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/gawk.mo
index bb9f99b47..b3652a62b 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/glib20.mo
index 01c88b183..c33a9942e 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index b1fffd39d..000000000
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..f11f36927
Binary files /dev/null and b/msys2/usr/share/locale/sv/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..d2aaeea3d
Binary files /dev/null and b/msys2/usr/share/locale/sv/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/libalpm.mo
index 919d0c9ce..377d00010 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/libgpg-error.mo
index a239c6eb9..3e596f020 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..20934abcc
Binary files /dev/null and b/msys2/usr/share/locale/sv/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/pacman-scripts.mo
index 75ce28b48..64844127e 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/pacman.mo
index e83e2312e..135ebf805 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/sed.mo
index 4bb611c9a..788d35ae9 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/util-linux.mo
index 42baa513b..61e2700ce 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/sv/LC_MESSAGES/wget.mo
index 4ab96114c..5c43eeb28 100644
Binary files a/msys2/usr/share/locale/sv/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/sv/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/sv/LC_TIME/coreutils.mo b/msys2/usr/share/locale/sv/LC_TIME/coreutils.mo
index 0c518cf46..51e21dd70 100644
Binary files a/msys2/usr/share/locale/sv/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/sv/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/th/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/th/LC_MESSAGES/glib20.mo
index 26f16283b..db57a8e12 100644
Binary files a/msys2/usr/share/locale/th/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/th/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/th/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/th/LC_MESSAGES/pacman.mo
deleted file mode 100644
index c179432e1..000000000
Binary files a/msys2/usr/share/locale/th/LC_MESSAGES/pacman.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/coreutils.mo
index 777e34034..b9369a9c5 100644
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/tr/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/glib20.mo
index 21461a652..f38abae05 100644
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/tr/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 675b34459..000000000
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..2f1e30370
Binary files /dev/null and b/msys2/usr/share/locale/tr/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/libalpm.mo
index ca3cca8d2..774242675 100644
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/tr/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/pacman-scripts.mo
index 74e1486d0..4b79d0c46 100644
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/tr/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/pacman.mo
index 88e78d2c4..e9000079d 100644
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/tr/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/sed.mo
index ca37e8d3d..1a91fc4df 100644
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/tr/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/util-linux.mo
index 445353556..d70bdbbdc 100644
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/tr/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/tr/LC_MESSAGES/wget.mo
index 200ac7299..0534e5907 100644
Binary files a/msys2/usr/share/locale/tr/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/tr/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/tr/LC_TIME/coreutils.mo b/msys2/usr/share/locale/tr/LC_TIME/coreutils.mo
index 777e34034..b9369a9c5 100644
Binary files a/msys2/usr/share/locale/tr/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/tr/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/tt/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/tt/LC_MESSAGES/glib20.mo
index c6190482d..6b49f1e10 100644
Binary files a/msys2/usr/share/locale/tt/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/tt/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/ug/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/ug/LC_MESSAGES/glib20.mo
index 119f43d68..1e6f83fc7 100644
Binary files a/msys2/usr/share/locale/ug/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/ug/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/coreutils.mo
index 3ef342aa6..2645559b6 100644
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/uk/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index 4ff2313b7..000000000
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..86e62f30b
Binary files /dev/null and b/msys2/usr/share/locale/uk/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..8378c2883
Binary files /dev/null and b/msys2/usr/share/locale/uk/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/libalpm.mo
index ba902cbdf..b2f8f8a20 100644
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/uk/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/libgpg-error.mo
index 55526d85d..28060d987 100644
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/uk/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..5d3bf0c61
Binary files /dev/null and b/msys2/usr/share/locale/uk/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/pacman-scripts.mo
index 4ac910884..b6913e4ef 100644
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/uk/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/pacman.mo
index 635097690..0e287b199 100644
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/uk/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/sed.mo
index 41995f219..c175aff94 100644
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/uk/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/util-linux.mo
index 1761fe921..f74cd66b2 100644
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/uk/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/uk/LC_MESSAGES/wget.mo
index 8dc9cefdf..bcf130ebe 100644
Binary files a/msys2/usr/share/locale/uk/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/uk/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/uk/LC_TIME/coreutils.mo b/msys2/usr/share/locale/uk/LC_TIME/coreutils.mo
index 3ef342aa6..2645559b6 100644
Binary files a/msys2/usr/share/locale/uk/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/uk/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/coreutils.mo
index 2b986649d..27e543913 100644
Binary files a/msys2/usr/share/locale/vi/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/vi/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/gawk.mo
index 4490f7b00..497d6bafc 100644
Binary files a/msys2/usr/share/locale/vi/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/vi/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..dbe62f0dc
Binary files /dev/null and b/msys2/usr/share/locale/vi/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/libgpg-error.mo
index f5976ca27..9cb2a0f35 100644
Binary files a/msys2/usr/share/locale/vi/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/vi/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..76c3b83ba
Binary files /dev/null and b/msys2/usr/share/locale/vi/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/pacman.mo
deleted file mode 100644
index e7089cc67..000000000
Binary files a/msys2/usr/share/locale/vi/LC_MESSAGES/pacman.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/sed.mo
index 6a9e1725d..00584df01 100644
Binary files a/msys2/usr/share/locale/vi/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/vi/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/util-linux.mo
index ca74b99a0..5f59be240 100644
Binary files a/msys2/usr/share/locale/vi/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/vi/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/wget.mo
index cb33d7d03..56916320f 100644
Binary files a/msys2/usr/share/locale/vi/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/vi/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_MESSAGES/xz.mo b/msys2/usr/share/locale/vi/LC_MESSAGES/xz.mo
index 82e3e3f52..d5e4402c5 100644
Binary files a/msys2/usr/share/locale/vi/LC_MESSAGES/xz.mo and b/msys2/usr/share/locale/vi/LC_MESSAGES/xz.mo differ
diff --git a/msys2/usr/share/locale/vi/LC_TIME/coreutils.mo b/msys2/usr/share/locale/vi/LC_TIME/coreutils.mo
index 2b986649d..27e543913 100644
Binary files a/msys2/usr/share/locale/vi/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/vi/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/wa/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/wa/LC_MESSAGES/glib20.mo
index c6053d7fd..346227b60 100644
Binary files a/msys2/usr/share/locale/wa/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/wa/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/coreutils.mo
index 15ab76851..b0a59c46e 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gawk.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gawk.mo
index 468ba3d52..ef367a093 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gawk.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gawk.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/glib20.mo
index 679476e8d..b05452630 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index fef06f273..000000000
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..e401a7028
Binary files /dev/null and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnutls.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnutls.mo
new file mode 100644
index 000000000..b46eb1687
Binary files /dev/null and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/gnutls.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libalpm.mo
index 92037f9b4..2c3423ddf 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo
index fb6b1bb0e..c36881dca 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libidn2.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libidn2.mo
new file mode 100644
index 000000000..8c1c8fe9f
Binary files /dev/null and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/libidn2.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/pacman-scripts.mo
index 9a84969d4..6b614b55c 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/pacman.mo
index d73a1b29b..ad1a26e76 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/sed.mo
index 1688fcbb3..3ac98313e 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/util-linux.mo
index 125604bca..4b7d1bce5 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/wget.mo
index f218cd95f..2352fc717 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/zh_CN/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/zh_CN/LC_TIME/coreutils.mo b/msys2/usr/share/locale/zh_CN/LC_TIME/coreutils.mo
index 15ab76851..b0a59c46e 100644
Binary files a/msys2/usr/share/locale/zh_CN/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/zh_CN/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/locale/zh_HK/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/zh_HK/LC_MESSAGES/glib20.mo
index 048ceb4c4..941817e37 100644
Binary files a/msys2/usr/share/locale/zh_HK/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/zh_HK/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/coreutils.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/coreutils.mo
index 7448cff3b..8963bb4f4 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/coreutils.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/coreutils.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/glib20.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/glib20.mo
index bc9603a71..4d4598f31 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/glib20.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/glib20.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/gnupg.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/gnupg.mo
deleted file mode 100644
index a1a32d52b..000000000
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/gnupg.mo and /dev/null differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/gnupg2.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/gnupg2.mo
new file mode 100644
index 000000000..15833f303
Binary files /dev/null and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/gnupg2.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/libalpm.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/libalpm.mo
index eee35bb82..28582cfdc 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/libalpm.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/libalpm.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo
index 4d664b426..3955506fc 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/pacman-scripts.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/pacman-scripts.mo
index f782ed14a..e5625026d 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/pacman-scripts.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/pacman-scripts.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/pacman.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/pacman.mo
index e25ddd6fd..b37253401 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/pacman.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/pacman.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/sed.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/sed.mo
index c59140f18..573ded32c 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/sed.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/sed.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/util-linux.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/util-linux.mo
index 7955a4a16..d0d353762 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/util-linux.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/util-linux.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/wget.mo b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/wget.mo
index ff1ebd412..1001cb432 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_MESSAGES/wget.mo and b/msys2/usr/share/locale/zh_TW/LC_MESSAGES/wget.mo differ
diff --git a/msys2/usr/share/locale/zh_TW/LC_TIME/coreutils.mo b/msys2/usr/share/locale/zh_TW/LC_TIME/coreutils.mo
index 7448cff3b..8963bb4f4 100644
Binary files a/msys2/usr/share/locale/zh_TW/LC_TIME/coreutils.mo and b/msys2/usr/share/locale/zh_TW/LC_TIME/coreutils.mo differ
diff --git a/msys2/usr/share/magic b/msys2/usr/share/magic
index d5e2d3fce..ee39f17c3 100644
--- a/msys2/usr/share/magic
+++ b/msys2/usr/share/magic
@@ -1,6 +1,6 @@
 
 #------------------------------------------------------------------------------
-# $File: acorn,v 1.6 2017/10/19 16:40:37 christos Exp $
+# $File: acorn,v 1.7 2019/04/19 00:42:27 christos Exp $
 # acorn:  file(1) magic for files found on Acorn systems
 #
 
@@ -83,7 +83,7 @@
 # compression mode y (0 - 4) for GIF LZW with a maximum n bits
 # (y~n,0~12,1~13,2~14,3~15,4~16)
 >>>5	ulelong+12 x	\b, LZW %u-bits compression
-# http://www.filebase.org.uk/filetypes
+# https://www.filebase.org.uk/filetypes
 # !Packdir compressed archive has three hexadecimal digits code 68E
 !:mime	application/x-acorn-68E
 !:ext	pkd/bin
@@ -115,7 +115,7 @@
 >18	lelong		^010		not stripped
 
 #------------------------------------------------------------------------------
-# $File: adventure,v 1.17 2017/07/03 16:03:40 christos Exp $
+# $File: adventure,v 1.18 2019/04/19 00:42:27 christos Exp $
 # adventure: file(1) magic for Adventure game files
 #
 # from Allen Garvin <earendil@faeryland.tamu-commerce.edu>
@@ -136,8 +136,8 @@
 # Updated by Adam Buchbinder <adam.buchbinder@gmail.com>
 #
 #http://www.gnelson.demon.co.uk/zspec/sect11.html
-#http://www.jczorkmid.net/~jpenney/ZSpec11-latest.txt
-#http://en.wikipedia.org/wiki/Z-machine
+#https://www.jczorkmid.net/~jpenney/ZSpec11-latest.txt
+#https://en.wikipedia.org/wiki/Z-machine
 # The first byte is the Z-machine revision; it is always between 1 and 8. We
 # had false matches (for instance, inbig5.ocp from the Omega TeX extension as
 # well as an occasional MP3 file), so we sanity-check the version number.
@@ -226,7 +226,7 @@
 # Danny Milosavljevic <danny.milo@gmx.net>
 # These are ADRIFT (adventure game standard) game files, extension .taf
 # Checked from source at (http://www.adrift.co/) and various taf files
-# found at the Interactive Fiction Archive (http://ifarchive.org/)
+# found at the Interactive Fiction Archive (https://ifarchive.org/)
 0	belong  0x3C423FC9
 >4	belong  0x6A87C2CF	Adrift game file version
 >>8	belong  0x94453661	3.80
@@ -237,18 +237,18 @@
 !:mime	application/x-adrift
 
 #------------------------------------------------------------------------------
-# $File: algol68,v 1.2 2016/10/17 14:17:48 christos Exp $
+# $File: algol68,v 1.3 2018/10/19 01:04:21 christos Exp $
 # algol68:  file(1) magic for Algol 68 source
 #
 0	search/8192	(input,			Algol 68 source text
 !:mime	text/x-Algol68
-0	regex		\^PROC			Algol 68 source text
+0	regex/1024	\^PROC			Algol 68 source text
 !:mime	text/x-Algol68
-0	regex           MODE[\t\ ]		Algol 68 source text
+0	regex/1024	\bMODE[\t\ ]		Algol 68 source text
 !:mime	text/x-Algol68
-0	regex          	REF[\t\ ]		Algol 68 source text
+0	regex/1024	\bREF[\t\ ]		Algol 68 source text
 !:mime	text/x-Algol68
-0	regex          	FLEX[\t\ ]\*\\[		Algol 68 source text
+0	regex/1024	\bFLEX[\t\ ]\*\\[	Algol 68 source text
 !:mime	text/x-Algol68
 #0	regex          	[\t\ ]OD		Algol 68 source text
 #!:mime	text/x-Algol68
@@ -295,7 +295,7 @@
 >>13	string	>\ 			DATE %s
 
 #------------------------------------------------------------------------------
-# $File: amigaos,v 1.16 2017/03/17 21:35:28 christos Exp $
+# $File: amigaos,v 1.17 2018/10/16 18:57:19 christos Exp $
 # amigaos:  file(1) magic for AmigaOS binary formats:
 
 #
@@ -362,8 +362,27 @@
 0	string 		.KEY		AmigaDOS script
 0	string 		.key		AmigaDOS script
 
+# AMOS Basic file formats
+# https://www.exotica.org.uk/wiki/AMOS_file_formats
+0	string		AMOS\040Basic\040 	AMOS Basic source code
+>11	byte		=0x56 			\b, tested
+>11	byte		=0x76 			\b, untested
+0 	string		AMOS\040Pro		AMOS Basic source code
+>11	byte		=0x56 			\b, tested
+>11	byte		=0x76 			\b, untested
+0	string		AmSp			AMOS Basic sprite bank
+>4	beshort		x			\b, %d sprites
+0	string		AmIc			AMOS Basic icon bank
+>4	beshort		x			\b, %d icons
+0	string		AmBk			AMOS Basic memory bank
+>4	beshort		x			\b, bank number %d
+>8	belong&0xFFFFFFF	x		\b, length %d
+>12	regex		.{8}			\b, type %s
+0	string		AmBs			AMOS Basic memory banks
+>4	beshort		x			\b, %d banks
+
 #------------------------------------------------------------
-# $File: android,v 1.10 2017/03/17 21:35:28 christos Exp $
+# $File: android,v 1.12 2019/04/19 00:42:27 christos Exp $
 # Various android related magic entries
 #------------------------------------------------------------
 
@@ -395,33 +414,68 @@
 
 # Android Backup archive
 # From: Ariel Shkedi
-# File extension: .ab
-# No mime-type defined
+# Update: Joerg Jenderek 
 # URL: https://github.com/android/platform_frameworks_base/blob/\
 # 0bacfd2ba68d21a68a3df345b830bc2a1e515b5a/services/java/com/\
 # android/server/BackupManagerService.java#L2367
+# Reference: https://sourceforge.net/projects/adbextractor/
+#            android-backup-extractor/perl/backupencrypt.pl 
+# Note:	only unix line feeds "\n" found
 # After the header comes a tar file
 # If compressed, the entire tar file is compressed with JAVA deflate
 #
 # Include the version number hardcoded with the magic string to avoid
 # false positives
-0	string/b	ANDROID\ BACKUP\n1\n	Android Backup
+0	string/b	ANDROID\ BACKUP\n	Android Backup
+# maybe look for some more characteristics like linefeed '\n' or version
+#>16	string		\n			
+# No mime-type defined offically
+!:mime	application/x-google-ab
+!:ext	ab
+# on 2nd line version (often 1, 2 on kitkat 4.4.3+, 4 on 7.1.2)
+>15	string		>\0			\b, version %s
+# "1" on 3rd line means compressed
 >17	string		0\n			\b, Not-Compressed
 >17	string		1\n			\b, Compressed
+# The 4th line is encryption "none" or "AES-256"
 # any string as long as it's not the word none (which is matched below)
+>19	string		none\n			\b, Not-Encrypted
+# look for backup content after line with encryption info
+#>>19	search/7	\n
+# data part after header for not encrypted Android Backup 
+#>>>&0	ubequad		x	\b, content 0x%16.16llx...
+# look for zlib compressed by ./compress after message with 1 space at end
+#>>>&0	indirect	x	\b; contains 
+# look for tar archive block by ./archive for package name manifest
+>>288	string		ustar	\b; contains
+>>>31	use	tar-file
+# look for zip/jar archive by ./archive ./zip after message with 1 space at end
+#>>2079	search/1025/s	PK\003\004	\b; contains 
+#>>>&0	indirect	x
+>19	string		!none			
 >>19    regex/1l	\^([^n\n]|n[^o]|no[^n]|non[^e]|none.+).*	\b, Encrypted (%s)
->>19	string		none\n			\b, Not-Encrypted
 # Commented out because they don't seem useful to print
 # (but they are part of the header - the tar file comes after them):
+# The 5th line is User Password Salt (128 Hex)
+# string length too high with standard src configuration
+#>>>&1		string	>\0	\b, PASSWORD salt: "%-128.128s"
 #>>>&1		regex/1l .*	\b, Password salt: %s
+# The 6th line is Master Key Checksum Salt (128 Hex)
 #>>>>&1		regex/1l .*	\b, Master salt: %s
+# The 7th line is Number of PBDKF2 Rounds (10000)
 #>>>>>&1	regex/1l .*	\b, PBKDF2 rounds: %s
+# The 8th line is User key Initialization Vector (IV) (32 Hex)
 #>>>>>>&1	regex/1l .*	\b, IV: %s
+#>>>>>>&1	regex/1l .*	\b, IV: %s
+# The 9th line is Master IV+Key+Checksum (192 Hex)
 #>>>>>>>&1	regex/1l .*	\b, Key: %s
+# look for new line separator char after line number 9
+#>>>0x204	ubyte	0x0a	NL found
+#>>>>&1		ubequad	x	\b, Content magic %16.16llx
 
 # *.pit files by Joerg Jenderek
-# http://forum.xda-developers.com/showthread.php?p=9122369
-# http://forum.xda-developers.com/showthread.php?t=816449
+# https://forum.xda-developers.com/showthread.php?p=9122369
+# https://forum.xda-developers.com/showthread.php?t=816449
 # Partition Information Table for Samsung's smartphone with Android
 # used by flash software Odin
 0		ulelong			0x12349876
@@ -508,7 +562,7 @@
 0	lelong	0x00080003	Android binary XML
 
 #------------------------------------------------------------------------------
-# $File: animation,v 1.66 2017/10/06 15:36:38 christos Exp $
+# $File: animation,v 1.71 2019/04/19 00:42:27 christos Exp $
 # animation:  file(1) magic for animation/movie formats
 #
 # animation formats
@@ -540,9 +594,9 @@
 !:mime	application/x-quicktime-player
 4	string/W	jP		JPEG 2000 image
 !:mime	image/jp2
-# http://www.ftyps.com/ with local additions
+# https://www.ftyps.com/ with local additions
 4	string		ftyp		ISO Media
-# http://aeroquartet.com/wordpress/2016/03/05/3-xavc-s/
+# https://aeroquartet.com/wordpress/2016/03/05/3-xavc-s/
 >8	string		XAVC		\b, MPEG v4 system, Sony XAVC Codec
 >>96	string		x		\b, Audio "%.4s"
 >>118	beshort		x		at %dHz
@@ -554,7 +608,7 @@
 >>11	byte		4		\b v4 (H.263/AMR GSM 6.10)
 >>11	byte		5		\b v5 (H.263/AMR GSM 6.10)
 >>11	byte		6		\b v6 (ITU H.264/AMR GSM 6.10)
-# http://www.3gpp2.org/Public_html/Specs/C.S0050-B_v1.0_070521.pdf
+# https://www.3gpp2.org/Public_html/Specs/C.S0050-B_v1.0_070521.pdf
 # Section 8.1.1, corresponds to a, b, c
 >>11	byte		0x61		\b C.S0050-0 V1.0
 >>11	byte		0x62		\b C.S0050-0-A V1.0.0
@@ -1363,6 +1417,7 @@
 # conti_count   4 bit	-
 0	belong&0xFF5FFF10	0x47400010
 >188	byte			0x47		MPEG transport stream data
+!:mime  video/MP2T
 
 # DIF digital video file format <mpruett@sgi.com>
 0	belong&0xffffff00	0x1f070000      DIF
@@ -1400,10 +1455,10 @@
 0	string/w	#VRML\ V2.0\ utf8	ISO/IEC 14772 VRML 97 file
 !:mime	model/vrml
 
-# X3D (Extensible 3D) [http://www.web3d.org/specifications/x3d-3.0.dtd]
+# X3D (Extensible 3D) [https://www.web3d.org/specifications/x3d-3.0.dtd]
 # From Michel Briand <michelbriand@free.fr>
 # mimetype from https://www.iana.org/assignments/media-types/model/x3d+xml
-# Example http://www.web3d.org/x3d/content/examples/Basic/course/CreateX3DFromStringRandomSpheres.x3d
+# Example https://www.web3d.org/x3d/content/examples/Basic/course/CreateX3DFromStringRandomSpheres.x3d
 0	string/w	\<?xml\ version=
 !:strength + 5
 >20	search/1000/w	\<!DOCTYPE\ X3D		X3D (Extensible 3D) model xml text
@@ -1475,7 +1530,7 @@
 
 # Type: Bink Video
 # Extension: .bik
-# URL:  http://wiki.multimedia.cx/index.php?title=Bink_Container
+# URL:  https://wiki.multimedia.cx/index.php?title=Bink_Container
 # From: <hoehle@users.sourceforge.net>  2008-07-18
 0	string		BIK	Bink Video
 >3	regex		=[a-z]	rev.%s
@@ -1496,61 +1551,61 @@
 #>>51	byte&0x10	!0	DCT
 
 # Type:	NUT Container
-# URL:	http://wiki.multimedia.cx/index.php?title=NUT
+# URL:	https://wiki.multimedia.cx/index.php?title=NUT
 # From:	Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string	nut/multimedia\ container\0	NUT multimedia container
 
 # Type: Nullsoft Video (NSV)
-# URL:  http://wiki.multimedia.cx/index.php?title=Nullsoft_Video
+# URL:  https://wiki.multimedia.cx/index.php?title=Nullsoft_Video
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	NSVf	Nullsoft Video
 
 # Type: REDCode Video
-# URL:  http://www.red.com/ ; http://wiki.multimedia.cx/index.php?title=REDCode
+# URL:  https://www.red.com/ ; https://wiki.multimedia.cx/index.php?title=REDCode
 # From: Mike Melanson <mike@multimedia.cx>
 4	string	RED1	REDCode Video
 
 # Type: MTV Multimedia File
-# URL:  http://wiki.multimedia.cx/index.php?title=MTV
+# URL:  https://wiki.multimedia.cx/index.php?title=MTV
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	AMVS	MTV Multimedia File
 
 # Type: ARMovie
-# URL:  http://wiki.multimedia.cx/index.php?title=ARMovie
+# URL:  https://wiki.multimedia.cx/index.php?title=ARMovie
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	ARMovie\012	ARMovie
 
 # Type: Interplay MVE Movie
-# URL:  http://wiki.multimedia.cx/index.php?title=Interplay_MVE
+# URL:  https://wiki.multimedia.cx/index.php?title=Interplay_MVE
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	Interplay\040MVE\040File\032	Interplay MVE Movie
 
 # Type: Windows Television DVR File
-# URL:  http://wiki.multimedia.cx/index.php?title=WTV
+# URL:  https://wiki.multimedia.cx/index.php?title=WTV
 # From: Mike Melanson <mike@mutlimedia.cx>
 # This takes the form of a Windows-style GUID
 0	bequad	0xB7D800203749DA11
 >8	bequad	0xA64E0007E95EAD8D	Windows Television DVR Media
 
 # Type: Sega FILM/CPK Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=Sega_FILM
+# URL:  https://wiki.multimedia.cx/index.php?title=Sega_FILM
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	FILM	Sega FILM/CPK Multimedia,
 >32	belong	x	%d x
 >28	belong	x	%d
 
 # Type: Nintendo THP Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=THP
+# URL:  https://wiki.multimedia.cx/index.php?title=THP
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	THP\0	Nintendo THP Multimedia
 
 # Type: BBC Dirac Video
-# URL:  http://wiki.multimedia.cx/index.php?title=Dirac
+# URL:  https://wiki.multimedia.cx/index.php?title=Dirac
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	BBCD	BBC Dirac Video
 
 # Type: RAD Game Tools Smacker Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=Smacker
+# URL:  https://wiki.multimedia.cx/index.php?title=Smacker
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	SMK	RAD Game Tools Smacker Multimedia
 >3	byte	x	version %c,
@@ -1566,6 +1621,20 @@
 !:ext	mxf
 !:mime	application/mxf
 
+# Recognize LucasArts Smush video files (cf.
+# https://wiki.multimedia.cx/index.php/Smush)
+0	string	ANIM
+>8	string	AHDR	LucasArts Smush Animation Format (SAN) video
+0	string	SANM
+>8	string	SHDR	LucasArts Smush v2 (SANM) video
+
+# Type: Scaleform video
+# Extension: .usm
+# URL:  https://wiki.multimedia.cx/index.php/USM
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string	CRID
+>32	string	@UTF	Scaleform video
+
 #------------------------------------------------------------------------------
 # $File: aout,v 1.1 2013/01/09 22:37:23 christos Exp $
 # aout:  file(1) magic for a.out executable/object/etc entries that
@@ -1648,7 +1717,7 @@
 0	long		0100554		APL workspace (Ken's original?)
 
 #------------------------------------------------------------------------------
-# $File: apple,v 1.39 2018/03/02 15:26:39 christos Exp $
+# $File: apple,v 1.43 2019/04/19 00:42:27 christos Exp $
 # apple:  file(1) magic for Apple file formats
 #
 0	search/1/t	FiLeStArTfIlEsTaRt	binscii (apple ][) text
@@ -1659,22 +1728,97 @@
 0	belong		0x00051600		AppleSingle encoded Macintosh file
 0	belong		0x00051607		AppleDouble encoded Macintosh file
 
+# Type: Apple Emulator WOZ format
+# From: Greg Wildman <greg@apple2.org.za>
+# Ref: https://applesaucefdc.com/woz/reference/
+# Ref: https://applesaucefdc.com/woz/reference2/
+#
+# Note: The following test are mostly identical. I would rather not
+# use a regex to identify the WOZ format number.
+0	string		WOZ1
+>4	string		\xFF\x0A\x0D\x0A	Apple ][ WOZ 1.0 Disk Image
+>12	string		INFO
+>>21	byte		01			\b, 5.25 inch
+>>21	byte		02			\b, 3.5 inch
+>>22	byte		01			\b, write protected
+>>23	byte		01			\b, cross track synchronized
+>>25	string/T	x			\b, %.32s
+0	string		WOZ2
+>4	string		\xFF\x0A\x0D\x0A	Apple ][ WOZ 2.0 Disk Image
+>12	string		INFO
+>>21	byte		01			\b, 5.25 inch
+>>21	byte		02			\b, 3.5 inch
+>>22	byte		01			\b, write protected
+>>23	byte		01			\b, cross track synchronized
+>>25	string/T	x			\b, %.32s
+
+# Type: Apple Emulator disk images
+# From: Greg Wildman <greg@apple2.org.za>
+# ProDOS boot loader?
+0		string	\x01\x38\xB0\x03\x4C	Apple ProDOS Image
+# Detect Volume Directory block ($02)
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	leshort	x			\b, %u Blocks
+# ProDOS ordered ?
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	leshort	x			\b, %u Blocks
+#
+# DOS3.3 boot loader?
+0		string	\x01\xA5\x27\xC9\x09\xD0\x18\xA5\x2B
+>0x11001	string	\x11\x0F\x03	Apple DOS 3.3 Image
+>>0x11006	byte	x		\b, Volume %u
+>>0x11034	byte	x		\b, %u Tracks
+>>0x11035	byte	x		\b, %u Sectors
+>>0x11036	leshort	x		\b, %u bytes per sector
+# DOS3.2 ?
+>0x11001	string	\x11\x0C\x02	Apple DOS 3.2 Image
+>>0x11006	byte	x		\b, Volume %u
+>>0x11034	byte	x		\b, %u Tracks
+>>0x11035	byte	x		\b, %u Sectors
+>>0x11036	leshort	x		\b, %u bytes per sector
+# DOS3.1 ?
+>0x11001	string	\x11\x0C\x01
+>>0x11c00	string	\x00\x11\x0B	Apple DOS 3.1 Image
+#
+# Pascal boot loader?
+0		string	\x01\xE0\x60\xF0\x03\x4C\xE3\x08\xAD
+>0xd6		pstring SYSTEM.APPLE
+>>0xb00		leshort	0x0000
+>>>0xb04	leshort 0x0000		Apple Pascal Image
+>>>>0xb06	pstring x		\b, Volume %s:
+>>>>0xb0e	leshort x		\b, %u Blocks
+>>>>0xb10	leshort x		\b, %u Files
+
 # Type: Apple Emulator 2IMG format
 # From: Radek Vokal <rvokal@redhat.com>
-0	string		2IMG	Apple ][ 2IMG Disk Image
->4	string		XGS!	\b, XGS
->4	string		CTKG	\b, Catakig
->4	string		ShIm	\b, Sheppy's ImageMaker
->4	string		WOOF	\b, Sweet 16
->4	string		B2TR	\b, Bernie ][ the Rescue
->4	string		!nfc	\b, ASIMOV2
->4	string		x	\b, Unknown Format
->0xc	byte		00	\b, DOS 3.3 sector order
->>0x10	byte		00	\b, Volume 254
->>0x10	byte&0x7f	x	\b, Volume %u
->0xc	byte		01	\b, ProDOS sector order
->>0x14	short		x	\b, %u Blocks
->0xc	byte		02	\b, NIB data
+# Update: Greg Wildman <greg@apple2.org.za>
+0	string		2IMG		Apple ][ 2IMG Disk Image
+>4	clear		x
+>4	string		XGS!		\b, XGS
+>4	string		CTKG		\b, Catakig
+>4	string		ShIm		\b, Sheppy's ImageMaker
+>4	string		SHEP		\b, Sheppy's ImageMaker
+>4	string		WOOF		\b, Sweet 16
+>4	string		B2TR		\b, Bernie ][ the Rescue
+>4	string		\!nfc		\b, ASIMOV2
+>4	string		\>BD\<		\b, Brutal Deluxe's Cadius
+>4	string		CdrP		\b, CiderPress
+>4	string		Vi][		\b, Virtual ][
+>4	string		PRFS		\b, ProFUSE
+>4	string		FISH		\b, FishWings
+>4	string		RVLW		\b, Revival for Windows
+>4	default		x
+>>4	string		x		\b, Creator tag "%-4.4s"
+>0xc	byte		00		\b, DOS 3.3 sector order
+>>0x10	byte		00		\b, Volume 254
+>>0x10	byte&0x7f	x		\b, Volume %u
+>0xc	byte		01		\b, ProDOS sector order
+>>0x14	short		x		\b, %u Blocks
+>0xc	byte		02		\b, NIB data
 
 # magic for Newton PDA package formats
 # from Ruda Moura <ruda@helllabs.org>
@@ -1736,7 +1880,7 @@
 # http://home.earthlink.net/~hughhood/appleiiworksenvoy/
 # ('p' + 1-byte ProDOS File Type + 2-byte ProDOS Aux Type')
 # $70 $1A $F8 $FF is this the apple type ?
-#:apple pdospøÿ
+#:apple pdosp^Z\xf8\xff
 !:ext awp
 # minimum version needed to read this files. SFMinVers (0 , 30~3.0 )
 >>>183	ubyte		30	3.0
@@ -2002,7 +2146,7 @@
 >>6	ubeshort	x		\b, type 0x%x
 
 # URL: https://en.wikipedia.org/wiki/Apple_Partition_Map
-# Reference: http://opensource.apple.com/source/IOStorageFamily/IOStorageFamily-116/IOApplePartitionScheme.h
+# Reference: https://opensource.apple.com/source/IOStorageFamily/IOStorageFamily-116/IOApplePartitionScheme.h
 # Update: Joerg Jenderek
 # Yes, the 3rd and 4th bytes pmSigPad are reserved, but we use them to make the
 # magic stronger.
@@ -2044,8 +2188,8 @@
 # is the startup partition APPLE_PS_STARTUP
 >>88	ubelong	&0x80000000		\b, is the startup partition
 
-#http://wiki.mozilla.org/DS_Store_File_Format
-#http://en.wikipedia.org/wiki/.DS_Store
+#https://wiki.mozilla.org/DS_Store_File_Format
+#https://en.wikipedia.org/wiki/.DS_Store
 0	string	\0\0\0\1Bud1\0		Apple Desktop Services Store
 
 # HFS/HFS+ Resource fork files (andrew.roazen@nau.edu Apr 13 2015)
@@ -2168,7 +2312,7 @@
 >>5	ubyte	    	x		\b.%u, little-endian
 >>0	use		\^apt-cache-be
 #------------------------------------------------------------------------------
-# $File: archive,v 1.117 2018/03/17 02:11:04 christos Exp $
+# $File: archive,v 1.129 2019/05/09 18:58:02 christos Exp $
 # archive:  file(1) magic for archive formats (see also "msdos" for self-
 #           extracting compressed archives)
 #
@@ -2180,6 +2324,7 @@
 # Reference: https://www.freebsd.org/cgi/man.cgi?query=tar&sektion=5&manpath=FreeBSD+8-current
 # header mainly padded with nul bytes
 500	quad		0		
+!:strength /2
 # filename or extended attribute printable strings in range space null til umlaut ue
 >0	ubeshort	>0x1F00		
 >>0	ubeshort	<0xFCFD
@@ -2316,7 +2461,7 @@
 >>>257	string		>\0		\b, comment: %-.40s
 
 # Incremental snapshot gnu-tar format from:
-# http://www.gnu.org/software/tar/manual/html_node/Snapshot-Files.html
+# https://www.gnu.org/software/tar/manual/html_node/Snapshot-Files.html
 0	string		GNU\ tar-	GNU tar incremental snapshot data
 >&0	regex		[0-9]\.[0-9]+-[0-9]+	version %s
 
@@ -2394,21 +2539,48 @@
 # a portable archive whose first member has a name beginning with
 # "debian".
 #
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Deb_(file_format)
 0	string		=!<arch>\ndebian
->8	string		debian-split	part of multipart Debian package
+# https://manpages.debian.org/testing/dpkg/dpkg-split.1.en.html
+>14	string		-split	part of multipart Debian package
 !:mime	application/vnd.debian.binary-package
->8	string		debian-binary	Debian binary package
+# udeb is used for stripped down deb file
+!:ext	deb/udeb
+>14	string		-binary	Debian binary package
 !:mime	application/vnd.debian.binary-package
->8	string		!debian
+!:ext	deb/udeb
+# This should not happen
+>14	default		x	Unknown Debian package
+# NL terminated version; for most Debian cases this is 2.0 or 2.1 for splitted
 >68	string		>\0		(format %s)
-# These next two lines do not work, because a bzip2 Debian archive
-# still uses gzip for the control.tar (first in the archive).  Only
-# data.tar varies, and the location of its filename varies too.
-# file/libmagic does not current have support for ascii-string based
-# (offsets) as of 2005-09-15.
-#>81	string		bz2		\b, uses bzip2 compression
-#>84	string		gz		\b, uses gzip compression
-#>136	ledate		x		created: %s
+#>68	string		!2.0\n
+#>>68	string		x		(format %.3s)
+>68	string		=2.0\n
+# 2nd archive name=control archive name like control.tar.gz or control.tar.xz
+>>72	string		>\0		\b, with %.14s
+# look for 3rd archive name=data archive name like data.tar.{gz,xz,bz2,lzma}
+>>0	search/0x93e4f	data.tar.	\b, data compression
+# the above line only works if FILE_BYTES_MAX in ../../src/file.h is raised
+# for example like libreoffice-dev-doc_1%3a5.2.7-1+rpi1+deb9u3_all.deb
+>>>&0	string		x		%.4s
+# splitted debian package case
+>68	string		=2.1\n
+# dpkg-1.18.25/dpkg-split/info.c
+# NL terminated ASCII package name like ckermit
+>>&0	string		x		\b, %s
+# NL terminated package version like 302-5.3
+>>>&1	string		x		%s
+# NL terminated MD5 checksum
+>>>>&1	string		x		\b, MD5 %s
+# NL terminated original package length
+>>>>>&1	string		x		\b, unsplitted size %s
+# NL terminated part length
+>>>>>>&1	string	x		\b, part lenght %s
+# NL terminated package part like n/m
+>>>>>>>&1	string	x		\b, part %s
+# NL terminated package architecture like armhf since dpkg 1.16.1 or later
+>>>>>>>>&1	string	x		\b, %s
 
 #
 # MIPS archive; they're in the portable archive format, and need to go
@@ -2425,15 +2597,35 @@
 >19	string	B			and an EB hash table
 >22	string	X			-- out of date
 
-0	search/1	-h-		Software Tools format archive text
-
 #
 # BSD/SVR2-and-later portable archive formats.
 #
-0	string		=!<arch>		current ar archive
+# Update: Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/AR
+# Reference:	https://www.unix.com/man-page/opensolaris/3HEAD/ar.h/
+# Note:		Mach-O universal binary in ./cafebabe is dependent
+# TODO:		unify current ar archive, MIPS archive, Debian package
+#		distinguish BSD, SVR; 32, 64 bit; HP from other 32-bit SVR;
+#		*.ar packages from *.a libraries. handle empty archive
+0	string		=!<arch>\n		current ar archive
+# print first and possibly second ar_name[16] for debugging purpose
+#>8			string	x	\b, 1st "%.16s"
+#>68			string	x	\b, 2nd "%.16s"
 !:mime	application/x-archive
+# a in most case for libraries; lib for Microsoft libraries; ar else cases
+!:ext	a/lib/ar
 >8	string		__.SYMDEF	random library
+# first member with long marked name __.SYMDEF SORTED implies BSD library
 >68	string		__.SYMDEF\ SORTED	random library
+# Reference: https://parisc.wiki.kernel.org/images-parisc/b/b2/Rad_11_0_32.pdf
+# "archive file" entry moved from ./hp
+# LST header system_id 0210h~PA-RISC 1.1,... identifies the target architecture
+# LST header a_magic 0619h~relocatable library
+>68	belong 		0x020b0619	- PA-RISC1.0 relocatable library
+>68	belong	 	0x02100619	- PA-RISC1.1 relocatable library
+>68	belong 		0x02110619	- PA-RISC1.2 relocatable library
+>68	belong 		0x02140619	- PA-RISC2.0 relocatable library
+#EOF for common ar archives
 
 #
 # "Thin" archive, as can be produced by GNU ar.
@@ -2443,6 +2635,8 @@
 >68	belong		1		%d symbol entry
 >68	belong		>1		%d symbol entries
 
+0	search/1	-h-		Software Tools format archive text
+
 # ARC archiver, from Daniel Quinlan (quinlan@yggdrasil.com)
 #
 # The first byte is the magic (0x1a), byte 2 is the compression type for
@@ -2967,7 +3161,7 @@
 # LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu)
 # Update: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/LHA_(file_format)
-# Reference: http://web.archive.org/web/20021005080911/http://www.osirusoft.com/joejared/lzhformat.html
+# Reference: https://web.archive.org/web/20021005080911/http://www.osirusoft.com/joejared/lzhformat.html
 #
 #	check and display information of lharc (LHa,PMarc) file
 0	name				lharc-file
@@ -3167,7 +3361,7 @@
 !:ext	rar
 
 # Very old RAR archive
-# http://jasonblanks.com/wp-includes/images/papers/KnowyourarchiveRAR.pdf
+# https://jasonblanks.com/wp-includes/images/papers/KnowyourarchiveRAR.pdf
 0	string		RE\x7e\x5e  RAR archive data (<v1.5)
 !:mime	application/x-rar
 !:ext	rar/cbr
@@ -3188,7 +3382,9 @@
 0	string		PK\005\006	Zip archive data (empty)
 !:mime application/zip
 !:ext zip/cbz
+!:strength +1
 0	string		PK\003\004
+!:strength +1
 
 # Specialised zip formats which start with a member named 'mimetype'
 # (stored uncompressed, with no 'extra field') containing the file's MIME type.
@@ -3231,7 +3427,7 @@
 >>>62	string	base			Database file
 
 #   OpenDocument formats (for OpenOffice 2.x / StarOffice >= 8)
-#    http://lists.oasis-open.org/archives/office/200505/msg00006.html
+#    https://lists.oasis-open.org/archives/office/200505/msg00006.html
 #    (mimetype contains "application/vnd.oasis.opendocument.<SUBTYPE>")
 >>50	string	vnd.oasis.opendocument.	OpenDocument
 >>>73	string	text
@@ -3280,7 +3476,7 @@
 !:mime	application/vnd.oasis.opendocument.image-template
 
 #  EPUB (OEBPS) books using OCF (OEBPS Container Format)
-#    http://www.idpf.org/ocf/ocf1.0/download/ocf10.htm, section 4.
+#    https://www.idpf.org/ocf/ocf1.0/download/ocf10.htm, section 4.
 #    From: Ralf Brown <ralf.brown@gmail.com>
 >>50	string	epub+zip	EPUB document
 !:mime application/epub+zip
@@ -3474,6 +3670,16 @@
 >5	byte	x		\b.%d
 >6	belong	x		(%d bytes)
 
+# From:		Joerg Jenderek
+# URL:		https://help.foxitsoftware.com/kb/install-fzip-file.php
+# reference:	http://mark0.net/download/triddefs_xml.7z/
+#		defs/f/fzip.trid.xml
+# Note: unknown compression; No "PK" zip magic; normally in directory like
+#	"%APPDATA%\Foxit Software\Addon\Foxit Reader\Install"
+0	ubequad	0x2506781901010000	Foxit add-on/update
+!:mime	application/x-fzip
+!:ext	fzip
+
 # From: "Robert Dale" <robdale@gmail.com>
 0	belong	123		dar archive,
 >4	belong	x		label "%.8x
@@ -3484,7 +3690,7 @@
 >14	beshort	0x4e53		multi-part, with -S
 
 # Symbian installation files
-#  http://www.thouky.co.uk/software/psifs/sis.html
+#  https://www.thouky.co.uk/software/psifs/sis.html
 #  http://developer.symbian.com/main/downloads/papers/SymbianOSv91/softwareinstallsis.pdf
 8	lelong	0x10000419	Symbian installation file
 !:mime	application/vnd.symbian.install
@@ -3502,24 +3708,74 @@
 >10	string x		with compression level %.1s
 
 # xar (eXtensible ARchiver) archive
-# xar archive format: http://code.google.com/p/xar/
+# URL: https://en.wikipedia.org/wiki/Xar_(archiver)
+# xar archive format: https://code.google.com/p/xar/
 # From: "David Remahl" <dremahl@apple.com>
+# Update: Joerg Jenderek
+# TODO: lzma compression; X509Data for pkg and xip
+# Note: verified by `xar --dump-header -f FullBundleUpdate.xar` or
+# 7z t -txar Xcode_10.2_beta_4.xip`
 0	string	xar!		xar archive
 !:mime	application/x-xar
-#>4	beshort	x		header size %d
->6	beshort	x		version %d,
-#>8	quad	x		compressed TOC: %d,
-#>16	quad	x		uncompressed TOC: %d,
+# pkg for Mac OSX installer package like FullBundleUpdate.pkg
+# xip for signed Apple software like Xcode_10.2_beta_4.xip
+!:ext	xar/pkg/xip
+# always 28 in older archives
+>4	ubeshort >28		\b, header size %u
+# currently there exit only version 1 since about 2014
+>6	ubeshort >1		version %u,
+>8	ubequad	x		compressed TOC: %llu,
+#>16	ubequad	x		uncompressed TOC: %llu,
+# cksum_alg 0-2 in older and also 3-4 in newer
 >24	belong	0		no checksum
 >24	belong	1		SHA-1 checksum
 >24	belong	2		MD5 checksum
+>24	belong	3		SHA-256 checksum
+>24	belong	4		SHA-512 checksum
+>24	belong	>4		unknown 0x%x checksum
+#>24	belong	>4		checksum
+#			For no compression jump 0 bytes
+>24	belong	0
+>>0		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+#>>>>&(8.Q)	ubequad	x	\b, heap data 0x%llx
+>>>>&(8.Q)	ubyte	x
+# look for data by ./compress after message with 1 space at end
+>>>>>&-3	indirect x	\b, contains 
+#			For SHA-1 jump 20 minus 2 bytes
+>24	belong	1
+>>18		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+# data compressed by gzip, bzip, lzma or none
+>>>>>&-1	indirect x	\b, contains 
+#			For SHA-256 jump 32 minus 2 bytes
+>24	belong	3
+>>30		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+>>>>>&-1	indirect x	\b, contains 
+#			For SHA-512 jump 64 minus 2 bytes
+>24	belong	4
+>>62		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+>>>>>&-1	indirect x	\b, contains 
 
 # Type: Parity Archive
 # From: Daniel van Eeden <daniel_e@dds.nl>
 0	string	PAR2		Parity Archive Volume Set
 
 # Bacula volume format. (Volumes always start with a block header.)
-# URL: http://bacula.org/3.0.x-manuals/en/developers/developers/Block_Header.html
+# URL: https://bacula.org/3.0.x-manuals/en/developers/developers/Block_Header.html
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 12	string	BB02		Bacula volume
 >20	bedate	x		\b, started %s
@@ -3534,11 +3790,11 @@
 0	string	zPQ	ZPAQ stream
 >3	byte	x	\b, level %d
 # From: Barry Carter <carter.barry@gmail.com>
-# http://encode.ru/threads/456-zpaq-updates/page32
+# https://encode.ru/threads/456-zpaq-updates/page32
 0	string	7kSt	ZPAQ file
 
 # BBeB ebook, unencrypted (LRF format)
-# URL: http://www.sven.de/librie/Librie/LrfFormat
+# URL: https://www.sven.de/librie/Librie/LrfFormat
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string	L\0R\0F\0\0\0	BBeB ebook data, unencrypted
 >8	beshort	x		\b, version %d
@@ -3548,8 +3804,8 @@
 >44	beshort	x		%d)
 
 # Symantec GHOST image by Joerg Jenderek at May 2014
-# http://us.norton.com/ghost/
-# http://www.garykessler.net/library/file_sigs.html
+# https://us.norton.com/ghost/
+# https://www.garykessler.net/library/file_sigs.html
 0		ubelong&0xFFFFf7f0	0xFEEF0100	Norton GHost image
 # *.GHO
 >2		ubyte&0x08		0x00		\b, first file
@@ -3595,6 +3851,58 @@
 
 # LyNX archive
 56	string	USE\040LYNX\040TO\040DISSOLVE\040THIS\040FILE	 LyNX archive
+
+# From: Joerg Jenderek
+# URL: https://www.acronis.com/
+# Reference: https://en.wikipedia.org/wiki/TIB_(file_format)
+# Note: only tested with True Image 2013 Build 5962 and 2019 Build 14110
+0	ubequad		0xce24b9a220000000	Acronis True Image backup
+!:mime	application/x-acronis-tib
+!:ext	tib
+# 01000000
+#>20	ubelong		x			\b, at 20 0x%x
+# 20000000
+#>28	ubelong		x			\b, at 28 0x%x
+# strings like "Generic- SD/MMC 1.00" "Unknown Disk" "Msft Virtual Disk 1.0"
+# ???
+# strings like "\Device\0000011e" "\Device\0000015a"
+#>0	search/0x6852300/cs	\\Device\\
+#>>&-1	pstring		x			\b, %s
+# "\Device\HarddiskVolume30" "\Device\HarddiskVolume39"
+#>>>&1	search/180/cs	\\Device\\
+#>>>>&-1	pstring		x			\b, %s
+#>>>>>&0	search/29/cs	\0\0\xc8\0
+# disk label
+#>>>>>>&10	lestring16	x		\b, disk label %11.11s
+#>>>>>>&9	plestring16	x		\b, disk label "%11.11s"
+#>>>>>>&10	ubequad	x			%16.16llx
+
+
+# Gentoo XPAK binary package
+# by Michal Gorny <mgorny@gentoo.org>
+# https://gitweb.gentoo.org/proj/portage.git/tree/man/xpak.5
+-4	string	STOP
+>-16	string	XPAKSTOP	Gentoo binary package (XPAK)
+
+# From:		Joerg Jenderek
+# URL:		https://kodi.wiki/view/TexturePacker
+# Reference:	https://mirrors.kodi.tv/releases/source/17.3-Krypton.tar.gz
+# /xbmc-Krypton/xbmc/guilib/XBTF.h
+# /xbmc-Krypton/xbmc/guilib/XBTF.cpp 
+0	string	XBTF
+# skip ASCII text by looking for terminating \0 of path
+>264	ubyte	0		XBMC texture package
+!:mime	application/x-xbmc-xbt
+!:ext	xbt
+# XBTF_VERSION 2
+>>4	string	!2		\b, version %-.1s
+# nofFiles /xbmc-Krypton/xbmc/guilib/XBTFReader.cpp
+>>5	ulelong	x		\b, %u file
+# plural s
+>>5	ulelong	>1		\bs
+# path[CXBTFFile[MaximumPathLength=256]
+>>9	string	x		\b, 1st %s
+
 #------------------------------------------------------------------------------
 # $File: assembler,v 1.6 2013/12/11 14:14:20 christos Exp $
 # make:  file(1) magic for assembler source
@@ -3674,7 +3982,7 @@
 >364	string		>\0		of '%s'
 
 #------------------------------------------------------------------------------
-# $File: audio,v 1.86 2018/03/11 00:53:11 christos Exp $
+# $File: audio,v 1.111 2019/05/08 18:02:45 christos Exp $
 # audio:  file(1) magic for sound formats (see also "iff")
 #
 # Jan Nicolai Langfeldt (janl@ifi.uio.no), Dan Quinlan (quinlan@yggdrasil.com),
@@ -4067,9 +4375,15 @@
 0	string		MED		MED_Song
 0	string		SymM		Symphonie SymMOD music file
 #
+# Track Length (TRL), Tracks (TRK), Samples (SMP), Subsongs (SS)
+# http://lclevy.free.fr/exotica/ahx/ahxformat.txt
 0	string		THX		AHX version
 >3	byte		=0		1 module data
 >3	byte		=1		2 module data
+>10	byte		x		TRL: %u
+>11	byte		x		TRK: %u
+>12	byte		x		SMP: %u
+>13	byte		x		SS: %u
 #
 0	string		OKTASONG	Oktalyzer module data
 #
@@ -4209,6 +4523,18 @@
 
 # adlib sound files
 # From: Alex Myczko <alex@aiei.ch>
+
+# https://github.com/rerrahkr/BambooTracker
+0	string		BambooTrackerMod	BambooTracker module
+>22	byte	x	\b, version %u
+>21	byte	x	\b.%u
+>20	byte	x	\b.%u
+
+0	string		BambooTrackerIst	BambooTracker instrument
+>22	byte	x	\b, version %u
+>21	byte	x	\b.%u
+>20	byte	x	\b.%u
+
 0    	string		RAWADATA	RdosPlay RAW
 
 1068	string		RoR		AMUSIC Adlib Tracker
@@ -4224,6 +4550,14 @@
 
 0	string		ofTAZ!		eXtra Simple Music
 
+0	string		FMK!		FM Kingtracker Song
+
+0	string		DFM		DFM Song
+
+0	string		\<CUD-FM-File\>	CFF Song
+
+0	string		_A2module	A2M Song
+
 # Spectrum 128 tunes (.ay files).
 # From: Emanuel Haupt <ehaupt@critical.ch>
 0	string		ZXAYEMUL	Spectrum 128 tune
@@ -4305,7 +4639,7 @@
 
 # IMY
 # from http://filext.com/detaillist.php?extdetail=IMY
-# http://cellphones.about.com/od/cellularfaqs/f/rf_imelody.htm
+# https://cellphones.about.com/od/cellularfaqs/f/rf_imelody.htm
 # http://download.ncl.ie/doc/api/ie/ncl/media/music/IMelody.html
 # http://www.wx800.com/msg/download/irda/iMelody.pdf
 0	string	BEGIN:IMELODY	iMelody Ringtone Format
@@ -4321,6 +4655,8 @@
 # URL:  http://filext.com/detaillist.php?extdetail=AMR
 # From: Russell Coker <russell@coker.com.au>
 0	string	#!AMR		Adaptive Multi-Rate Codec (GSM telephony)
+!:mime	audio/amr
+!:ext  amr
 
 # Type: SuperCollider 3 Synth Definition File Format
 # From: Mario Lang <mlang@debian.org>
@@ -4328,12 +4664,12 @@
 >4	belong	x	version %d
 
 # Type: True Audio Lossless Audio
-# URL:  http://wiki.multimedia.cx/index.php?title=True_Audio
+# URL:  https://wiki.multimedia.cx/index.php?title=True_Audio
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	TTA1	True Audio Lossless Audio
 
 # Type: WavPack Lossless Audio
-# URL:  http://wiki.multimedia.cx/index.php?title=WavPack
+# URL:  https://wiki.multimedia.cx/index.php?title=WavPack
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	wvpk	WavPack Lossless Audio
 
@@ -4341,6 +4677,8 @@
 # VGM music file
 0	string		Vgm\040
 >9	ubyte		>0	VGM Video Game Music dump v
+!:mime	audio/x-vgm
+!:ext	vgm
 >>9	ubyte/16	>0	\b%d
 >>9	ubyte&0x0F	x	\b%d
 >>8	ubyte/16	x	\b.%d
@@ -4387,6 +4725,54 @@
 >>>>0x78 ubyte		0x03	AY-3-8930,
 >>>>0x78 ubyte		0x10	YM2149,
 >>>>0x78 ubyte		0x11	YM3439,
+# VGM 1.61
+>>0x34	ulelong		>0x4C
+>>>0x80	ulelong		>0	DMG,
+>>0x34	ulelong		>0x50
+>>>0x84	lelong		>0	NES APU,
+>>>0x84	lelong		<0	NES APU with FDS,
+>>0x34	ulelong		>0x54
+>>>0x88	ulelong		>0	MultiPCM,
+>>0x34	ulelong		>0x58
+>>>0x8C	ulelong		>0	uPD7759,
+>>0x34	ulelong		>0x5C
+>>>0x90	ulelong		>0	OKIM6258,
+>>0x34	ulelong		>0x64
+>>>0x98	ulelong		>0	OKIM6295,
+>>0x34	ulelong		>0x68
+>>>0x9C	ulelong		>0	K051649,
+>>0x34	ulelong		>0x6C
+>>>0xA0	ulelong		>0	K054539,
+>>0x34	ulelong		>0x70
+>>>0xA4	ulelong		>0	HuC6280,
+>>0x34	ulelong		>0x74
+>>>0xA8	ulelong		>0	C140,
+>>0x34	ulelong		>0x78
+>>>0xAC	ulelong		>0	K053260,
+>>0x34	ulelong		>0x7C
+>>>0xB0	ulelong		>0	Pokey,
+>>0x34	ulelong		>0x80
+>>>0xB4	ulelong		>0	QSound,
+# VGM 1.71
+>>0x34	ulelong		>0x84
+>>>0xB8	ulelong		>0	SCSP,
+>>0x34	ulelong		>0x8C
+>>>0xC0	ulelong		>0	WonderSwan,
+>>0x34	ulelong		>0x90
+>>>0xC4	ulelong		>0	VSU,
+>>0x34	ulelong		>0x94
+>>>0xC8	ulelong		>0	SAA1099,
+>>0x34	ulelong		>0x98
+>>>0xCC	ulelong		>0	ES5503,
+>>0x34	ulelong		>0x9C
+>>>0xD0	lelong		>0	ES5505,
+>>>0xD0	lelong		<0	ES5506,
+>>0x34	ulelong		>0xA4
+>>>0xD8	ulelong		>0	X1-010,
+>>0x34	ulelong		>0xA8
+>>>0xDC	ulelong		>0	C352,
+>>0x34	ulelong		>0xAC
+>>>0xE0	ulelong		>0	GA20,
 
 # GVOX Encore file format
 # Since this is a proprietary file format and there is no publicly available
@@ -4401,8 +4787,8 @@
 
 # Summary:	Garmin Voice Processing Module (WAVE audios)
 # From:		Joerg Jenderek
-# URL:		http://www.garmin.com/
-# Reference:	http://turboccc.wikispaces.com/share/view/28622555
+# URL:		https://www.garmin.com/
+# Reference:	http://www.poi-factory.com/node/19580
 # NOTE:		there exist 2 other Garmin VPM formats
 0		string	AUDIMG
 # skip text files starting with string "AUDIMG"
@@ -4426,16 +4812,35 @@
 # if you select a language like german on your garmin device
 # you can only select voice modules with corresponding language byte ID like 1
 >>18		ubyte		x	\b, language ID %d
+# structure for phrases/sentences?
+# number of voice sample in the 1st phrase?
+#>>19		uleshort		x	\b, 0x%x samples
+#>>>21		uleshort		>0	\b, at 0x%4.4x
+#>>>(21.s)	ubequad			x	0x%llx
+# 2nd phrase?
+#>>23		uleshort		x	\b, 0x%x samples
+#>>>25		uleshort		>0	\b, at 0x%4.4x
+#>>>(25.s)	ubequad			x	0x%llx
 # pointer to 1st audio WAV sample
 >>16		uleshort	>0
->>>(16.s)	ulelong		>0	\b, at offset 0x%x
+>>>(16.s)	ulelong		>0	\b, at 0x%x
 # WAV length
->>>>(16.s+4)	ulelong		>0	%d Bytes
+# 1 space char after "bytes" to get phrase "bytes RIFF"
+>>>>(16.s+4)	ulelong		>0	%u bytes 
 # look for magic
 >>>>>(&-8.l)	string		RIFF
 # determine type by ./riff
->>>>>>&-4	indirect	x	\b
+>>>>>>&-4	indirect	x
 # 2 - ~ 131 WAV samples following same way
+#
+# Summary:	encrypted Garmin Voice Processing Module
+# From:		Joerg Jenderek
+# URL:		https://www.garmin.com/us/products/ontheroad/voicestudio
+# NOTE:		Encrypted variant used in voices like DrNightmare, Elfred, Yeti.
+#		There exist 2 other Garmin VPM formats
+0	ubequad		0xa141190fecc8ced6	Garmin Voice Processing Module (encrypted)
+!:mime	audio/x-vpm-garmin
+!:ext	vpm
 
 # From Martin Mueller Skarbiniks Pedersen
 0		string		GDM
@@ -4490,7 +4895,7 @@
 >>>0x31		byte&0x0F	x	\b%02d
 >>>>0x4		string		>\0	\b, title: "%s"
 
-# magic for Klystrack, http://kometbomb.github.io/klystrack/
+# magic for Klystrack, https://kometbomb.github.io/klystrack/
 # from Alex Myczko <alex@aiei.ch>
 0	string	cyd!song	Klystrack song
 >8	byte	>0		\b, version %u
@@ -4533,11 +4938,167 @@
 >0	byte	x		\b, version %u
 >1	byte	x		\b.%u
 
+# CRI ADX ADPCM audio
+# Used by various Sega games.
+# https://en.wikipedia.org/wiki/ADX_(file_format)
+# https://wiki.multimedia.cx/index.php/CRI_ADX_file
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0x00		beshort		0x8000
+>(2.S-2)	string		(c)CRI		CRI ADX ADPCM audio
+!:ext adx
+!:mime audio/x-adx
+!:strength +50
+>>0x12		byte		x		v%u
+>>0x04		byte		0x02		\b, pre-set prediction coefficients
+>>0x04		byte		0x03		\b, standard ADX
+>>0x04		byte		0x04		\b, exponential scale
+>>0x04		byte		0x10		\b, AHX (Dreamcast)
+>>0x04		byte		0x11		\b, AHX
+>>0x08		belong		x		\b, %u Hz
+>>0x12		byte		0x03
+>>>0x02		beshort		>0x2B
+>>>>0x18	belong		!0		\b, looping
+>>0x12		byte		0x04
+>>>0x02		beshort		>0x37
+>>>>0x24	belong		!0		\b, looping
+>>0x13		byte&0x08	0x08		\b, encrypted
+
+# Lossless audio (.la) (http://www.lossless-audio.com/)
+0	string	LA
+>2	string	03	Lossless audio version 0.3
+>2	string	04	Lossless audio version 0.4
+
+# Sony PlayStation Audio (.xa)
+0	leshort 0x4158	Sony PlayStation Audio
+
+# Portable Sound Format
+# Used for audio rips for various consoles.
+# http://fileformats.archiveteam.org/wiki/Portable_Sound_Format
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string	PSF	Portable Sound Format
+!:mime	audio/x-psf
+>3	byte	0x01	(Sony PlayStation)
+>3	byte	0x02	(Sony PlayStation 2)
+>3	byte	0x11	(Sega Saturn)
+>3	byte	0x12	(Sega Dreamcast)
+>3	byte	0x13	(Sega Mega Drive)
+>3	byte	0x21	(Nintendo 64)
+>3	byte	0x22	(Game Boy Advance)
+>3	byte	0x23	(Super NES)
+>3	byte	0x41	(Capcom QSound)
+
+# Atari 8-bit SAP audio format
+# http://asap.sourceforge.net/sap-format.html
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		SAP\r\n	Atari 8-bit SAP audio file
+!:mime	audio/x-sap
+!:ext	sap
+>5	search/1024	NAME
+>>&1	string		x	\b: %s
+>>5	search/1024	AUTHOR
+>>>&1	string		x	by %s
+
+# Nintendo Wii BRSTM audio format (fields)
+# NOTE: Assuming HEAD starts at 0x40.
+# FIXME: Replace 0x48 with HEAD offset plus 8.
+0	name	nintendo-wii-brstm-fields
+>(0x10.L)	string	HEAD	\b:
+>>(0x10.L+0x0C)	belong	x
+>>>(&-4.L+0x48)	belong	x
+>>>>&-4		byte	0	PCM, signed 8-bit,
+>>>>&-4		byte	1	PCM, signed 16-bit,
+>>>>&-4		byte	2	THP ADPCM,
+>>>>&-3		byte	!0	looping,
+>>>>&-2		byte	1	mono
+>>>>&-2		byte	2	stereo
+>>>>&-2		byte	3	3 channels
+>>>>&-2		byte	4	quad
+>>>>&-2		byte	>4	%u channels
+>>>>&0		beshort	!0	%u Hz
+
+# Nintendo Wii BRSTM audio format
+# https://wiibrew.org/wiki/BRSTM_file
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		RSTM	Nintendo Wii BRSTM audio file
+!:mime	audio/x-brstm
+!:ext	brstm
+# Wii is big-endian, so default to BE.
+>4	beshort		0xFEFF
+>>0	use		nintendo-wii-brstm-fields
+>4	leshort		0xFEFF
+>>0	use		\^nintendo-wii-brstm-fields
+
+# Nintendo 3DS BCSTM audio format (fields)
+0	name	nintendo-3ds-bcstm-fields
+>(0x18.l)	string	INFO	\b:
+# INFO block: Stream information starts at 0x20 (minus 4 for the 'INFO' magic)
+>>&0x1C		byte	0	PCM, signed 8-bit,
+>>&0x1C		byte	1	PCM, signed 16-bit,
+>>&0x1C		byte	2	DSP ADPCM,
+>>&0x1C		byte	3	IMA ADPCM,
+>>&0x1D		byte	!0	looping,
+>>&0x1E		byte	1	mono
+>>&0x1E		byte	2	stereo
+>>&0x1E		byte	3	3 channels
+>>&0x1E		byte	4	quad
+>>&0x1E		byte	>4	%u channels
+>>&0x20		lelong	!0	%u Hz
+
+# Nintendo 3DS BCSTM audio format
+# https://www.3dbrew.org/wiki/BCSTM
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		CSTM	Nintendo 3DS BCSTM audio file
+!:mime	audio/x-bcstm
+!:ext	bcstm
+# 3DS is little-endian, so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcstm-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcstm-fields
+
+# Nintendo Wii U BFSTM audio format
+# http://mk8.tockdom.com/wiki/BFSTM_(File_Format)
+# NOTE: This format is very similar to BCSTM.
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		FSTM	Nintendo Wii U BFSTM audio file
+!:mime	audio/x-bfstm
+!:ext	bfstm
+# BFSTM is used on both Wii U (BE) and Switch (LE),
+# so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcstm-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcstm-fields
+
+# Nintendo 3DS BCSTM audio format (fields)
+0	name	nintendo-3ds-bcwav-fields
+>(0x18.l)	string	INFO	\b:
+# INFO block (minus 4 for INFO magic)
+>>&0x4		byte	0	PCM, signed 8-bit,
+>>&0x4		byte	1	PCM, signed 16-bit,
+>>&0x4		byte	2	DSP ADPCM,
+>>&0x4		byte	3	IMA ADPCM,
+>>&0x5		byte	!0	looping,
+>>&0x8		lelong	x	stereo
+>>&0x8		lelong	!0	%u Hz
+
+# Nintendo 3DS BCWAV audio format
+# https://www.3dbrew.org/wiki/BCWAV
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		CWAV	Nintendo 3DS BCWAV audio file
+!:mime	audio/x-bcwav
+!:ext	bcwav
+# 3DS is little-endian, so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcwav-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcwav-fields
+
 #----------------------------------------------------------------
-# $File: basis,v 1.4 2009/09/19 16:28:08 christos Exp $
+# $File: basis,v 1.5 2019/04/19 00:42:27 christos Exp $
 # basis: file(1) magic for BBx/Pro5-files
 #      Oliver Dammer <dammer@olida.de>	 2005/11/07
-# http://www.basis.com business-basic-files.
+# https://www.basis.com business-basic-files.
 #
 0	string		\074\074bbx\076\076	BBx
 >7	string		\000			indexed file
@@ -4559,7 +5120,7 @@
 0	string		BEETLE\000	Beetle VM object file
 
 #------------------------------------------------------------------------------
-# $File: ber,v 1.1 2016/06/05 00:21:30 christos Exp $
+# $File: ber,v 1.2 2019/04/19 00:42:27 christos Exp $
 # ber:  file(1) magic for several BER formats used in the mobile
 # telecommunications industry (Georg Sauthoff)
 
@@ -4578,7 +5139,7 @@
 #
 # TAP 3 Files
 # TAP -> Transferred Account Procedure
-# cf. http://www.gsma.com/newsroom/wp-content/uploads/TD.57-v32.31.pdf
+# cf. https://www.gsma.com/newsroom/wp-content/uploads/TD.57-v32.31.pdf
 # TransferBatch short tag
 0	byte	0x61
 # BatchControlInfo short tag
@@ -4606,7 +5167,7 @@
 >>&0	byte	x	NRT 2.%d (TD.35, Near Real Time Roaming Data Exchange)
 
 # RAP Files
-# cf. http://www.gsma.com/newsroom/wp-content/uploads/TD.32-v6.11.pdf
+# cf. https://www.gsma.com/newsroom/wp-content/uploads/TD.32-v6.11.pdf
 # Long ReturnBatch tag
 0	string	\x7f\x84\x16
 # Long RapBatchControlInfo tag
@@ -4648,7 +5209,7 @@
 !:ext   bhl
 
 #------------------------------------------------------------------------------
-# $File: bioinformatics,v 1.4 2016/06/20 16:13:46 christos Exp $
+# $File: bioinformatics,v 1.5 2019/04/19 00:42:27 christos Exp $
 # bioinfomatics:  file(1) magic for Bioinfomatics file formats
 
 ###############################################################################
@@ -4731,7 +5292,7 @@
 
 ###############################################################################
 # BCF (Binary Call Format), version 2.1
-# used by SAMtools (http://samtools.github.io/hts-specs/BCFv2_qref.pdf)
+# used by SAMtools (https://samtools.github.io/hts-specs/BCFv2_qref.pdf)
 # data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
 ###############################################################################
 0		string	   BCF\2\1    Binary Call Format (BCF) version 2.1
@@ -4744,7 +5305,7 @@
 
 ###############################################################################
 # BCF (Binary Call Format), version 2.2
-# used by SAMtools (http://samtools.github.io/hts-specs/BCFv2_qref.pdf)
+# used by SAMtools (https://samtools.github.io/hts-specs/BCFv2_qref.pdf)
 # data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
 ###############################################################################
 0		string	   BCF\2\2    Binary Call Format (BCF) version 2.2
@@ -4777,7 +5338,7 @@
 
 ###############################################################################
 # FASTA
-# used by FASTA (http://fasta.bioch.virginia.edu/fasta_www2/fasta_guide.pdf)
+# used by FASTA (https://fasta.bioch.virginia.edu/fasta_www2/fasta_guide.pdf)
 ###############################################################################
 #0	byte	0x3e
 # q>0	regex	=^[>][!-~\t\ ]+$
@@ -4825,6 +5386,160 @@
 >>>>>>>>>>>0	regex	=^[@]HD\t.*VN:		\b, with header
 >>>>>>>>>>>>&0	regex	=[0-9.]+		\b version %s
 
+##############################################################################
+#
+#    Magic ids for biomedical signal file formats 
+#    Copyright (C) 2018 Alois Schloegl <alois.schloegl@gmail.com>
+#
+#    The list has been derived from biosig projects
+#      http://biosig.sourceforge.net
+#      https://pub.ist.ac.at/~schloegl/matlab/eeg/
+#      https://pub.ist.ac.at/~schloegl/biosig/TESTED
+#
+##############################################################################
+#
+0	string  ABF\x20					Biosig/Axon Binary format
+!:mime biosig/abf2
+0	string  ABF2\0\0				Biosig/Axon Binary format
+!:mime biosig/abf2
+#
+0	string  ATES\x20MEDICA\x20SOFT.\x20EEG\x20for\x20Windows	Biosig/ATES MEDICA SOFT. EEG for Windows
+!:mime biosig/ates
+#
+0	string  ATF\x09					Biosig/Axon Text fomrat
+!:mime biosig/atf
+#
+0	string  ADU1					Biosig/Axona file format
+!:mime biosig/axona
+0	string  ADU2					Biosig/Axona file format
+!:mime biosig/axona
+#
+0	string  ALPHA-TRACE-MEDICAL			Biosig/alpha trace 
+!:mime biosig/alpha
+#
+0       string  AxGr					Biosig/AXG
+0       string  axgx					Biosig/AXG
+!:mime biosig/axg
+#
+0	string  HeaderLen=				Biosig/BCI2000
+0	string  BCI2000V				Biosig/BCI2000
+!:mime biosig/bci2000
+#
+### Specification: https://www.biosemi.com/faq/file_format.htm
+0	string  \xffBIOSEMI				Biosig/Biosemi data format
+!:mime biosig/bdf
+#
+0	string  Brain\x20Vision\x20Data\x20Exchange\x20Header\x20File			Biosig/Brainvision data file
+0	string  Brain\x20Vision\x20V-Amp\x20Data\x20Header\x20File\x20Version		Biosig/Brainvision V-Amp file
+0	string  Brain\x20Vision\x20Data\x20Exchange\x20Marker\x20File,\x20Version	Biosig/Brainvision Marker file
+!:mime biosig/brainvision
+#
+0	string  CEDFILE					Biosig/CFS: Cambridge Electronic devices File format 
+!:mime biosig/ced
+#
+### Specification: https://www.edfplus.info/specs/index.html
+0	string	0\x20\x20\x20\x20\x20\x20\x20		Biosig/EDF: European Data format
+!:mime biosig/edf
+#
+### Specifications: https://arxiv.org/abs/cs/0608052
+0	string  GDF					Biosig/GDF: General data format for biosignals
+!:mime biosig/gdf
+#
+0	string  DATA\0\0\0\0				Biosig/Heka Patchmaster
+0	string  DAT1\0\0\0\0				Biosig/Heka Patchmaster
+0	string  DAT2\0\0\0\0				Biosig/Heka Patchmaster
+!:mime biosig/heka
+#
+0	string  (C)\x20CED\x2087			Biosig/CED SMR 
+!:mime biosig/ced-smr
+#
+0	string  CFWB\1\0\0\0				Biosig/CFWB
+!:mime biosig/cfwb
+#
+0	string  DEMG					Biosig/DEMG
+!:mime biosig/demg
+#
+0	string  EBS\x94\x0a\x13\x1a\x0d			Biosig/EBS
+!:mime biosig/ebs
+#
+0	string  Embla\x20data\x20file			Biosig/Embla
+!:mime biosig/embla
+#
+0	string  Header\r\nFile Version			Biosig/ETG4000
+!:mime biosig/etg4000
+#
+0	string  GALILEO\x20EEG\x20TRACE\x20FILE		Biosig/Galileo 
+!:mime biosig/galileo
+#
+0	string  IGOR					Biosig/IgorPro ITX file
+!:mime biosig/igorpro
+#
+#	Specification: http://www.ampsmedical.com/uploads/2017-12-7/The_ISHNE_Format.pdf
+0	string  ISHNE1.0				Biosig/ISHNE
+!:mime biosig/ishne
+#
+# 	CEN/ISO 11073/22077 series, http://www.mfer.org/en/document.htm
+0	string  @\x20\x20MFER\x20			Biosig/MFER
+0	string  @\x20MFR\x20				Biosig/MFER
+!:mime biosig/mfer
+#
+0	string  NEURALEV				Biosig/NEV
+0	string  N.EV.\0					Biosig/NEV
+!:mime biosig/nev
+#
+0	string  NEX1					Biosig/NEX
+!:mime biosig/nex1
+#
+0	string  PLEX 					Biosig/Plexon v1.0
+10	string  PLEXON 					Biosig/Plexon v2.0
+!:mime biosig/plexon
+#
+0	string  \x02\x27\x91\xC6			Biosig/RHD2000: Intan RHD2000 format
+#
+#	Specification: CEN 1064:2005/ISO 11073:91064
+16	string  SCPECG\0\0 				Biosig/SCP-ECG format CEN 1064:2005/ISO 11073:91064
+!:mime biosig/scpecg
+#
+0	string  IAvSFo									Biosig/SIGIF
+!:mime biosig/sigif
+#
+0	string  POLY\x20SAMPLE\x20FILEversion\x20					Biosig/TMS32
+!:mime biosig/tms32
+#
+0	string  FileId=TMSi\x20PortiLab\x20sample\x20log\x20file\x0a\x0dVersion=	Biosig/TMSiLOG
+!:mime biosig/tmsilog
+#
+4	string	Synergy\0\48\49\50\46\48\48\51\46\48\48\48\46\48\48\48\0\28\0\0\0\2\0\0\0
+>63	string	CRawDataElement
+>>85	string	CRawDataBuffer								Biosig/SYNERGY
+!:mime biosig/synergy
+#
+4	string	\40\0\4\1\44\1\102\2\146\3\44\0\190\3					Biosig/UNIPRO
+!:mime biosig/unipro
+#
+0	string	VER=9\r\nCTIME=								Biosig/WCP
+!:mime biosig/wcp
+#
+0	string	\xAF\xFE\xDA\xDA							Biosig/Walter Graphtek
+0	string	\xDA\xDA\xFE\xAF							Biosig/Walter Graphtek
+0	string	\x55\x55\xFE\xAF							Biosig/Walter Graphtek
+!:mime biosig/walter-graphtek
+#
+0	string  V3.0\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
+>32	string  [PatInfo]								Biosig/Sigma
+!:mime biosig/sigma
+#
+0	string  \067\069\078\013\010\0x1a\04\0x84					Biosig/File exchange format (FEF)
+!:mime biosig/fef
+0	string  \67\69\78\0x13\0x10\0x1a\4\0x84						Biosig/File exchange format (FEF)
+!:mime biosig/fef
+#
+0	string  \0\0\0\x64\0\0\0\x1f\0\0\0\x14\0\0\0\0\0\1
+>36  	string  \0\0\0\x65\0\0\0\3\0\0\0\4\0\0
+>>56	string  \0\0\0\x6a\0\0\0\3\0\0\0\4\0\0\0\0\xff\xff\xff\xff\0\0			Biosig/FIFF
+!:mime biosig/fiff
+#
+
 #------------------------------------------------------------------------------
 # $File: blackberry,v 1.2 2017/03/17 21:35:28 christos Exp $
 # blackberry:  file(1) magic for BlackBerry file formats
@@ -4833,7 +5548,7 @@
 >8	belong  010010010	BlackBerry RIM ETP file
 >>22	string	x		\b for %s
 # Berkeley Lab Checkpoint Restart (BLCR) checkpoint context files
-# http://ftg.lbl.gov/checkpoint
+# https://ftg.lbl.gov/checkpoint
 0	string	C\0\0\0R\0\0\0	BLCR
 >16	lelong	1	x86
 >16	lelong	3	alpha
@@ -4859,11 +5574,11 @@
 #>>&3	byte	x	\b%d
 
 #------------------------------------------------------------------------------
-# $File: blender,v 1.7 2017/03/17 21:35:28 christos Exp $
+# $File: blender,v 1.8 2019/04/19 00:42:27 christos Exp $
 # blender: file(1) magic for Blender 3D related files
 #
 # Native format rule v1.2. For questions use the developers list
-# http://lists.blender.org/mailman/listinfo/bf-committers
+# https://lists.blender.org/mailman/listinfo/bf-committers
 # GLOB chunk was moved near start and provides subversion info since 2.42
 
 0		string	=BLENDER	Blender3D,
@@ -4983,7 +5698,7 @@
 >12	belong		1004			HCI Serial (H5)
 >>12	belong		x			type %d
 #------------------------------------------------------------------------------
-# $File: c-lang,v 1.26 2017/08/14 07:40:38 christos Exp $
+# $File: c-lang,v 1.27 2019/02/27 16:46:23 christos Exp $
 # c-lang:  file(1) magic for C and related languages programs
 #
 # The strength is to beat standard HTML
@@ -4996,31 +5711,41 @@
 
 # C
 # Check for class if include is found, otherwise class is beaten by include becouse of lowered strength
-0	regex	\^#include			C
->0	regex	\^class[[:space:]]+
->>&0	regex 	\\{[\.\*]\\}(;)?$			\b++
->&0	clear	x				source text
+0	search/8192	#include
+>0	regex	\^#include			C
+>>0	regex	\^class[[:space:]]+
+>>>&0	regex 	\\{[\.\*]\\}(;)?$			\b++
+>>&0	clear	x				source text
 !:strength + 13
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*pragma	C source text
+0	search/8192	pragma
+>0	regex	\^#[[:space:]]*pragma	C source text
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*(if\|ifn)def
->&0	regex	\^#[[:space:]]*endif$	C source text
+0	search/8192	endif
+>0	regex	\^#[[:space:]]*(if\|ifn)def
+>>&0	regex	\^#[[:space:]]*endif$	C source text
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*(if\|ifn)def
->&0	regex	\^#[[:space:]]*define	C source text
+0	search/8192	define
+>0	regex	\^#[[:space:]]*(if\|ifn)def
+>>&0	regex	\^#[[:space:]]*define	C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*char(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	char
+>0	regex	\^[[:space:]]*char(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*double(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	double
+>0	regex	\^[[:space:]]*double(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*extern[[:space:]]+		C source text
+0	search/8192	extern
+>0	regex	\^[[:space:]]*extern[[:space:]]+		C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*float(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	float
+>0	regex	\^[[:space:]]*float(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^struct[[:space:]]+		C source text
+0	search/8192	struct
+>0	regex	\^struct[[:space:]]+		C source text
 !:mime	text/x-c
-0	regex	\^union[[:space:]]+		C source text
+0	search/8192	union
+>0	regex	\^union[[:space:]]+		C source text
 !:mime	text/x-c
 0	search/8192	main(
 >&0 regex	\\)[[:space:]]*\\{		C source text
@@ -5028,35 +5753,44 @@
 
 # C++
 # The strength of these rules is increased so they beat the C rules above
-0	regex	\^namespace[[:space:]]+[_[:alpha:]]{1,30}[[:space:]]*\\{	C++ source text
+0	search/8192	namespace
+>0	regex	\^namespace[[:space:]]+[_[:alpha:]]{1,30}[[:space:]]*\\{	C++ source text
 !:strength + 30
 !:mime	text/x-c++
 # using namespace [namespace] or using std::[lib]
-0	regex	\^using[[:space:]]+(namespace\ )?std(::)?[[:alpha:]]*[[:space:]]*;		C++ source text
+0	search/8192	using
+>0	regex	\^using[[:space:]]+(namespace\ )?std(::)?[[:alpha:]]*[[:space:]]*;		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*template[[:space:]]*<.*>[[:space:]]*$	C++ source text
+0	search/8192	template
+>0	regex	\^[[:space:]]*template[[:space:]]*<.*>[[:space:]]*$	C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*virtual[[:space:]]+.*[};][[:space:]]*$		C++ source text
+0	search/8192	virtual
+>0	regex	\^[[:space:]]*virtual[[:space:]]+.*[};][[:space:]]*$		C++ source text
 !:strength + 30
 !:mime	text/x-c++
 # But class alone is reduced to avoid beating php (Jens Schleusener)
-0	regex	\^[[:space:]]*class[[:space:]]+[[:digit:][:alpha:]:_]+[[:space:]]*\\{(.*[\n]*)*\\}(;)?$		C++ source text
+0	search/8192	class
+>0	regex	\^[[:space:]]*class[[:space:]]+[[:digit:][:alpha:]:_]+[[:space:]]*\\{(.*[\n]*)*\\}(;)?$		C++ source text
 !:strength + 13
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*public:		C++ source text
+0	search/8192	public
+>0	regex	\^[[:space:]]*public:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*private:		C++ source text
+0	search/8192	private
+>0	regex	\^[[:space:]]*private:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*protected:		C++ source text
+0	search/8192	protected
+>0	regex	\^[[:space:]]*protected:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
 
 # Objective-C
-0	regex	\^#import			Objective-C source text
+0	search/8192	#import
+>0	regex	\^#import			Objective-C source text
 !:strength + 25
 !:mime	text/x-objective-c
 
@@ -5130,7 +5864,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: cad,v 1.15 2017/06/24 15:24:56 christos Exp $
+# $File: cad,v 1.19 2019/04/19 00:42:27 christos Exp $
 # autocad:  file(1) magic for cad files
 #
 
@@ -5141,12 +5875,12 @@
 # raster underlays to Microstation DGN (vector) drawings.
 #
 # http://www.wotsit.org/search.asp
-# http://filext.com/detaillist.php?extdetail=DGN
-# http://filext.com/detaillist.php?extdetail=CIT
+# https://filext.com/detaillist.php?extdetail=DGN
+# https://filext.com/detaillist.php?extdetail=CIT
 #
-# http://www.bentley.com/products/default.cfm?objectid=97F351F5-9C35-4E5E-89C2
+# https://www.bentley.com/products/default.cfm?objectid=97F351F5-9C35-4E5E-89C2
 # 3F86C928&method=display&p_objectid=97F351F5-9C35-4E5E-89C280A93F86C928
-# http://www.bentley.com/products/default.cfm?objectid=A5C2FD43-3AC9-4C71-B682
+# https://www.bentley.com/products/default.cfm?objectid=A5C2FD43-3AC9-4C71-B682
 # 721C479F&method=display&p_objectid=A5C2FD43-3AC9-4C71-B682C7BE721C479F
 0	string	\010\011\376			Microstation
 >3	string	\002
@@ -5173,8 +5907,8 @@
 >4	string	\030\000\003			CITFile
 
 # AutoCAD
-# Merge of the different contributions and updates from http://en.wikipedia.org/wiki/Dwg
-# and http://www.iana.org/assignments/media-types/image/vnd.dwg
+# Merge of the different contributions and updates from https://en.wikipedia.org/wiki/Dwg
+# and https://www.iana.org/assignments/media-types/image/vnd.dwg
 0	string	MC0.0	DWG AutoDesk AutoCAD Release 1.0
 !:mime image/vnd.dwg
 0	string	AC1.2	DWG AutoDesk AutoCAD Release 1.2
@@ -5219,7 +5953,7 @@
 # Sergey Zaykov (mail_of_sergey@mail.ru, sergey_zaikov@rambler.ru,
 # ICQ 358572321)
 # From various sources like:
-# http://autodesk.blogs.com/between_the_lines/autocad-release-history.html
+# https://autodesk.blogs.com/between_the_lines/autocad-release-history.html
 0	string	AC1018	DWG AutoDesk AutoCAD 2004/2005/2006
 !:mime image/vnd.dwg
 0	string	AC1021	DWG AutoDesk AutoCAD 2007/2008/2009
@@ -5232,13 +5966,13 @@
 # KOMPAS 2D drawing from ASCON
 # This is KOMPAS 2D drawing or fragment of drawing but is not detailed nor
 # gathered nor specification
-# ASCON http://ascon.net/main/ in English,
-#	http://ascon.ru/ main site in Russian
+# ASCON https://ascon.net/main/ in English,
+#	https://ascon.ru/ main site in Russian
 # Extension is CDW for drawing and FRW for fragment of drawing
 # Sergey Zaykov (mail_of_sergey@mail.ru, sergey_zaikov@rambler.ru,
-# ICQ 358572321, http://vkontakte.ru/id16076543)
+# ICQ 358572321, https://vkontakte.ru/id16076543)
 # From:
-# http://sd.ascon.ru/otrs/customer.pl?Action=CustomerFAQ&CategoryID=4&ItemID=292
+# https://sd.ascon.ru/otrs/customer.pl?Action=CustomerFAQ&CategoryID=4&ItemID=292
 # (in russian) and my experiments
 0	string	KF
 >2	belong	0x4E00000C	Kompas drawing 12.0 SP1
@@ -5283,15 +6017,44 @@
 >>8	lelong		0xa
 >>>16	leshort		0x3d3d	3D Studio model
 !:mime	image/x-3ds
-!:extension 3ds
+!:ext 3ds
 
 # MegaCAD 2D/3D drawing (.prt)
-# http://megacad.de/
+# https://megacad.de/
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	string	MegaCad23\0	MegaCAD 2D/3D drawing
 
+# Hoops CAD files
+# https://docs.techsoft3d.com/visualize/3df/latest/build/general/hsf/\
+# HSF_architecture.html
+# Stephane Charette <stephane.charette@gmail.com>
+0	string	;;\020HSF\020V		OpenHSF (Hoops Stream Format)
+>7	regex/9 V[.0-9]{4,5}\020	%s
+!:ext hsf
+
+# AutoCAD Drawing Exchange Format
+0	regex		\^[\ \t]*0\r?\000$
+>1	regex		\^[\ \t]*SECTION\r?$
+>>2	regex		\^[\ \t]*2\r?$
+>>>3	regex		\^[\ \t]*HEADER\r?$	AutoCAD Drawing Exchange Format
+!:mime	application/x-dxf
+!:ext	dxf
+>>>>&1	search/8192	AC1006			\b, R10
+>>>>&1	search/8192	AC1009			\b, R11/R12
+>>>>&1	search/8192	AC1012			\b, R13
+>>>>&1	search/8192	AC1014			\b, R14
+>>>>&1	search/8192	AC1015			\b, version 2000
+>>>>&1	search/8192	AC1018			\b, version 2004
+>>>>&1	search/8192	AC1021			\b, version 2007
+>>>>&1	search/8192	AC1024			\b, version 2010
+
+# The Sketchup 3D model format https://www.sketchup.com/
+0	string	\xff\xfe\xff\x0e\x53\x00\x6b\x00\x65\x00\x74\x00\x63\x00\x68\x00\x55\x00\x70\x00\x20\x00\x4d\x00\x6f\x00\x64\x00\x65\x00\x6c\x00	SketchUp Model
+!:mime application/vnd.sketchup.skp
+!:ext skp
+
 #------------------------------------------------------------------------------
-# $File: cafebabe,v 1.23 2017/05/25 20:07:23 christos Exp $
+# $File: cafebabe,v 1.24 2018/10/01 23:33:15 christos Exp $
 # Cafe Babes unite!
 #
 # Since Java bytecode and Mach-O universal binaries have the same magic number,
@@ -5349,15 +6112,15 @@
 >>4	belong		<20		Mach-O universal binary with %d architectures:
 !:mime application/x-mach-binary
 >>>8	use		mach-o		\b
->>4	belong		2
+>>4	belong		>1
 >>>28	use		mach-o		\b
->>4	belong		3
+>>4	belong		>2
 >>>48	use		mach-o		\b
->>4	belong		4
+>>4	belong		>3
 >>>68	use		mach-o		\b
->>4	belong		5
+>>4	belong		>4
 >>>88	use		mach-o		\b
->>4	belong		6
+>>4	belong		>5
 >>>108	use		mach-o		\b
 
 ### MACH-O END ###
@@ -5569,9 +6332,39 @@
 >54	byte		4		-Cscb
 4	string		pipe		CLIPPER instruction trace
 4	string		prof		CLIPPER instruction profile
+#------------------------------------------------------------------------------
+# file:  file(1) magic for Clojure
+# URL:  https://clojure.org/
+# From: Jason Felice <jason.m.felice@gmail.com>
+
+0	string/w	#!\ /usr/bin/clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/local/bin/clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/bin/clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/local/bin/clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!/usr/bin/env\ clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!/usr/bin/env\ clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!\ /usr/bin/env\ clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!\ /usr/bin/env\ clojure	Clojure script text executable
+!:mime	text/x-clojure
+
+0	regex	\^\\\(ns[[:space:]]+[a-z]	Clojure module source text
+!:mime	text/x-clojure
+
+0	regex	\^\\\(ns[[:space:]]+\\\^\\{:	Clojure module source text
+!:mime	text/x-clojure
+
+0	regex	\^\\\(defn-?[[:space:]]	Clojure module source text
+!:mime	text/x-clojure
 
 #------------------------------------------------------------------------------
-# $File: coff,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: coff,v 1.3 2018/08/01 10:34:03 christos Exp $
 # coff: file(1) magic for Common Object Files not specific to known cpu types or manufactures
 #
 # COFF
@@ -5597,6 +6390,10 @@
 >>0	uleshort	0x0550		Hitachi SH little-endian
 # executable (RISC System/6000 V3.1) or obj module (./ibm6000)
 #>>0	uleshort	0x01DF
+# MS Windows COFF Intel Itanium, AMD64
+# https://msdn.microsoft.com/en-us/library/windows/desktop/ms680313(v=vs.85).aspx
+>>0	uleshort	0x0200		Intel ia64
+>>0	uleshort	0x8664		Intel amd64
 # TODO for other COFFs
 #>>0	uleshort	0xABCD		COFF_TEMPLATE
 >>0	default		x
@@ -5648,7 +6445,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: commands,v 1.59 2017/08/14 07:40:38 christos Exp $
+# $File: commands,v 1.60 2019/04/19 00:42:27 christos Exp $
 # commands:  file(1) magic for various shells and interpreters
 #
 #0	string/w	:			shell archive or script for antique kernel text
@@ -5744,7 +6541,7 @@
 0	search/1/w	#!\ /usr/bin/php	PHP script text executable
 !:strength + 10
 !:mime	text/x-php
-# Smarty compiled template, http://www.smarty.net/
+# Smarty compiled template, https://www.smarty.net/
 # Elan Ruusamae <glen@delfi.ee>
 0	string	=<?php
 >5	regex	[\ \n]
@@ -5757,7 +6554,7 @@
 0	string/t	$!			DCL command file
 
 # Type: Pdmenu
-# URL:  http://packages.debian.org/pdmenu
+# URL:  https://packages.debian.org/pdmenu
 # From: Edward Betts <edward@debian.org>
 0	string		#!/usr/bin/pdmenu	Pdmenu configuration file text
 
@@ -5787,7 +6584,7 @@
 0	string		msc		Message Sequence Chart (chart)
 0	string		submsc		Message Sequence Chart (subchart)
 #------------------------------------------------------------------------------
-# $File: compress,v 1.72 2018/03/27 23:26:41 christos Exp $
+# $File: compress,v 1.75 2019/04/19 00:42:27 christos Exp $
 # compress:  file(1) magic for pure-compression formats (no archives)
 #
 # compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, etc.
@@ -5804,13 +6601,78 @@
 >2	byte&0x1f	x		%d bits
 
 # gzip (GNU zip, not to be confused with Info-ZIP or PKWARE zip archiver)
+# URL: https://en.wikipedia.org/wiki/Gzip
+# Reference: https://tools.ietf.org/html/rfc1952
+# Update: Joerg Jenderek, Apr 2019
 #   Edited by Chris Chittleborough <cchittleborough@yahoo.com.au>, March 2002
 #	* Original filename is only at offset 10 if "extra field" absent
 #	* Produce shorter output - notably, only report compression methods
 #         other than 8 ("deflate", the only method defined in RFC 1952).
-0       string          \037\213        gzip compressed data
-!:mime	application/x-gzip
-!:strength * 2
+# Note: find defs -iname '*.trid.xml' -exec grep -q '<Bytes>1F8B08' {} \; -ls
+# TODO:
+# FBR	Blueberry FlashBack screen Record	https://www.flashbackrecorder.com/
+# KPR	KOffice/Calligra KPresenter		application/x-kpresenter
+# KPT	KOffice/Calligra KPresenter template?	application/x-kpresenter
+# SAV	Diggles Saved Game File			http://www.innonics.com
+# SAV	FarCry (demo) saved game		http://www.farcry-thegame.com
+# DAT	ZOAGZIP game data format		http://en.wikipedia.org/wiki/SD_Gundam_Capsule_Fighter
+0       string          \037\213
+# to display gzip compressed (strength=100=2*50) before other (strength=50)?
+#!:strength * 2
+# no FNAME and FCOMMENT bit implies no file name/comment. That means only binary
+>3	byte&0x18	=0
+# For binary gzipped no ASCII text should occur
+#	mcd-monu-cad.trid.xml
+>>10	string		MCD			Monu-Cad Drawing, Component or Font
+#>>36	string		Created\ with\ MONU-CAD	
+#!:mime	application/octet-stream
+# http://fileformats.archiveteam.org/wiki/Monu-CAD
+#	http://www.monucad.com/downloads/FullDemo-2005.EXE
+#	/HANDS96.MCC	Component
+#	/DEMO_DD01.MCD	Drawing
+#	/MCALF020.FNT	Font
+!:ext	mcc/mcd/fnt
+# http://www.generalcadd.com
+>>10	string		GXD			General CADD, Drawing or Component
+#!:mime	application/octet-stream
+#	/gxc/BUILDINGEDGE.gxc			Component
+#	/gxd/HOCKETT-STPAUL-WRHSE.gxd		Drawing
+#	/gxd/POWERLAND-MILL-ADD-11.gxd		Drawing		v9.1.06
+!:ext	gxc/gxd
+#>>>13	ubyte		0			\b, version 0
+>>>13	string		09			\b, version 9
+# other gzipped binary like gzipped tar, VirtualBox extension package,...
+>>10	default		x		gzip compressed data
+>>>0	use	gzip-info
+# size of the original (uncompressed) input data modulo 2^32
+>>>-4	ulelong		x		\b, original size modulo 2^32 %u
+# gzipped TAR or VirtualBox extension package
+!:mime	application/gzip
+#!:mime	application/x-compressed-tar
+#!:mime	application/x-virtualbox-vbox-extpack
+# https://www.w3.org/TR/SVG/mimereg.html
+#!:mime	image/image/svg+xml-compressed
+#	zlib.3.gz
+#	microcode-20180312.tgz
+#	tpz same as tgz
+#	lua-md5_1.2-1_i386_i486.ipk	https://en.wikipedia.org/wiki/Opkg
+#	Oracle_VM_VirtualBox_Extension_Pack-5.0.12-104815.vbox-extpack
+!:ext	gz/tgz/tpz/ipk/vbox-extpack/svgz
+# FNAME/FCOMMENT bit implies file name/comment as iso-8859-1 text
+>3	byte&0x18	>0		gzip compressed data
+!:mime	application/gzip
+# gzipped tar, gzipped Abiword document
+#!:mime	application/x-compressed-tar
+#!:mime	application/x-abiword-compressed
+#!:mime	image/image/svg+xml-compressed
+#	kleopatra_splashscreen.svgz	gzipped .svg
+!:ext	gz/tgz/tpz/zabw/svgz
+>>0	use	gzip-info
+# size of the original (uncompressed) input data modulo 2^32
+>>-4	ulelong		x		\b, original size modulo 2^32 %u
+#	display information of gzip compressed files
+0	name				gzip-info
+#>2	byte		x		THIS iS GZIP
 >2	byte		<8		\b, reserved method
 >2	byte		>8		\b, unknown method
 >3	byte		&0x01		\b, ASCII
@@ -5837,7 +6699,9 @@
 >9	byte		=0x0B		\b, from NTFS filesystem (NT)
 >9	byte		=0x0C		\b, from QDOS
 >9	byte		=0x0D		\b, from Acorn RISCOS
->-4	lelong		x		\b, original size %d
+# size of the original (uncompressed) input data modulo 2^32
+#>-4	ulelong		x		\b, original size modulo 2^32 %u
+#ERROR: line 114: non zero offset 1048572 at level 1
 
 # packed data, Huffman (minimum redundancy) codes on a byte-by-byte basis
 0	string		\037\036	packed data
@@ -5948,7 +6812,7 @@
 >>17	byte		=0x0E		os: Win32
 
 # 4.3BSD-Quasijarus Strong Compression
-# http://minnie.tuhs.org/Quasijarus/compress.html
+# https://minnie.tuhs.org/Quasijarus/compress.html
 0	string		\037\241	Quasijarus strong compressed data
 
 # From: Cory Dikkers <cdikkers@swbell.net>
@@ -5962,7 +6826,7 @@
 >4	belong		0x090A0C0D	best compression
 
 # 7-zip archiver, from Thomas Klausner (wiz@danbala.tuwien.ac.at)
-# http://www.7-zip.org or DOC/7zFormat.txt
+# https://www.7-zip.org or DOC/7zFormat.txt
 #
 0	string		7z\274\257\047\034	7-zip archive data,
 >6	byte		x			version %d
@@ -5991,7 +6855,7 @@
 >5	byte		x			\b.%d
 !:mime	application/x-lrzip
 
-# http://fastcompression.blogspot.fi/2013/04/lz4-streaming-format-final.html
+# https://fastcompression.blogspot.fi/2013/04/lz4-streaming-format-final.html
 0	lelong		0x184d2204	LZ4 compressed data (v1.4+)
 !:mime	application/x-lz4
 # Added by osm0sis@xda-developers.com
@@ -6080,11 +6944,11 @@
 >0x8	lelong	x		\b, %u entries
 
 # Snappy framing format
-# http://code.google.com/p/snappy/source/browse/trunk/framing_format.txt
+# https://code.google.com/p/snappy/source/browse/trunk/framing_format.txt
 0	string	\377\006\0\0sNaPpY	snappy framed data
 !:mime	application/x-snappy-framed
 
-# qpress, http://www.quicklz.com/
+# qpress, https://www.quicklz.com/
 0	string	qpress10	qpress compressed data
 !:mime	application/x-qpress
 
@@ -6115,15 +6979,15 @@
 0	string	bvxn	lzfse encoded, lzvn compressed
 
 #------------------------------------------------------------------------------
-# $File: console,v 1.35 2017/11/14 15:48:36 christos Exp $
+# $File: console,v 1.45 2019/04/19 00:42:27 christos Exp $
 # Console game magic
 # Toby Deshane <hac@shoelace.digivill.net>
 
 # ines: file(1) magic for Marat's iNES Nintendo Entertainment System ROM dump format
 # Updated by David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://wiki.nesdev.com/w/index.php/INES
-# - http://wiki.nesdev.com/w/index.php/NES_2.0
+# - https://wiki.nesdev.com/w/index.php/INES
+# - https://wiki.nesdev.com/w/index.php/NES_2.0
 
 # Common header for iNES, NES 2.0, and Wii U iNES.
 0	name		nes-rom-image-ines
@@ -6162,15 +7026,17 @@
 
 # Standard iNES ROM header.
 0	string		NES\x1A		NES ROM image (iNES)
+!:mime	application/x-nes-rom
 >0	use		nes-rom-image-ines
 
 # Wii U Virtual Console iNES ROM header.
 0	belong		0x4E455300	NES ROM image (Wii U Virtual Console)
+!:mime	application/x-nes-rom
 >0	use		nes-rom-image-ines
 
 #------------------------------------------------------------------------------
 # unif: file(1) magic for UNIF-format Nintendo Entertainment System ROM images
-# Reference: http://wiki.nesdev.com/w/index.php/UNIF
+# Reference: https://wiki.nesdev.com/w/index.php/UNIF
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 # NOTE: The UNIF format uses chunks instead of a fixed header,
@@ -6178,10 +7044,11 @@
 #
 0	string	UNIF
 >4	lelong	<16	NES ROM image (UNIF v%d format)
+!:mime	application/x-nes-rom
 
 #------------------------------------------------------------------------------
 # fds: file(1) magic for Famciom Disk System disk images
-# Reference: http://wiki.nesdev.com/w/index.php/Family_Computer_Disk_System#.FDS_format
+# Reference: https://wiki.nesdev.com/w/index.php/Family_Computer_Disk_System#.FDS_format
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # TODO: Check "Disk info block" and get info from that in addition to the optional header.
 
@@ -6196,12 +7063,14 @@
 # Headered version.
 0	string	FDS\x1A
 >0x11	string	*NINTENDO-HVC*	Famicom Disk System disk image:
+!:mime	application/x-fds-disk
 >>0x10	use	nintendo-fds-disk-info-block
 >4	byte	1	(%u side)
 >4	byte	!1	(%u sides)
 
 # Unheadered version.
 1	string	*NINTENDO-HVC*	Famicom Disk System disk image:
+!:mime	application/x-fds-disk
 >0	use	nintendo-fds-disk-info-block
 
 #------------------------------------------------------------------------------
@@ -6210,6 +7079,7 @@
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0		string	TNES	NES ROM image (Nintendo 3DS Virtual Console)
+!:mime		application/x-nes-rom
 >4		byte	100	\b: FDS,
 >>0x2010	use	nintendo-fds-disk-info-block
 >4		byte	!100	\b: TNES mapper %u
@@ -6225,6 +7095,8 @@
 # Reference: http://gbdev.gg8.se/wiki/articles/The_Cartridge_Header
 #
 0x104		bequad		0xCEED6666CC0D000B	Game Boy ROM image
+# TODO: application/x-gameboy-color-rom for GBC.
+!:mime		application/x-gameboy-rom
 >0x143		byte&0x80	0x80
 >>0x134		string		>\0			\b: "%.15s"
 >0x143		byte&0x80	!0x80
@@ -6239,6 +7111,7 @@
 >>0x146		byte		!0x03
 >>>0x143	byte&0xC0	0x80	[CGB]
 >>>0x143	byte&0xC0	0xC0	[CGB ONLY]
+>0x14b		byte		!0x33
 
 # Mapper.
 >0x147 byte 0x00  [ROM ONLY]
@@ -6292,7 +7165,7 @@
 # genesis: file(1) magic for various Sega Mega Drive / Genesis ROM image and disc formats
 # Updated by David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://www.retrodev.com/segacd.html
+# - https://www.retrodev.com/segacd.html
 # - http://devster.monkeeh.com/sega/32xguide1.txt
 #
 
@@ -6314,29 +7187,37 @@
 # TODO: Check for 32X CD?
 # Sega Mega CD disc images: 2048-byte sectors.
 0	string	SEGADISCSYSTEM\ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0	use	sega-mega-drive-header
 >0	byte	x			\b, 2048-byte sectors
 0	string	SEGABOOTDISC\ \ \ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0	use	sega-mega-drive-header
 >0	byte	x			\b, 2048-byte sectors
 # Sega Mega CD disc images: 2352-byte sectors.
 0x10	string	SEGADISCSYSTEM\ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0x10	use	sega-mega-drive-header
 >0	byte	x			\b, 2352-byte sectors
 0x10	string	SEGABOOTDISC\ \ \ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0x10	use	sega-mega-drive-header
 >0	byte	x			\b, 2352-byte sectors
 
 # Sega Mega Drive, 32X, Pico, and Mega CD Boot ROM images.
 0x100		string	SEGA
 >0x3C0		bequad	0x4D41525320434845	Sega 32X ROM image
+!:mime		application/x-genesis-32x-rom
 >>0		use	sega-mega-drive-header
 >0x3C0		bequad	!0x4D41525320434845
 >>0x105		belong	0x5049434F	Sega Pico ROM image
+!:mime		application/x-sega-pico-rom
 >>>0		use	sega-mega-drive-header
 >>0x105		belong	!0x5049434F
 >>>0x180	beshort	0x4252		Sega Mega CD Boot ROM image
+!:mime		application/x-genesis-rom
 >>>0x180	beshort	!0x4252		Sega Mega Drive / Genesis ROM image
+!:mime		application/x-genesis-rom
 >>>0		use	sega-mega-drive-header
 
 #------------------------------------------------------------------------------
@@ -6353,11 +7234,13 @@
 # "Sega Genesis" header.
 0x280	string EAGN
 >8	beshort	0xAABB	Sega Mega Drive / Genesis ROM image (SMD format):
+!:mime	application/x-genesis-rom
 >>0	use     sega-genesis-smd-header
 
 # "Sega Mega Drive" header.
 0x280	string EAMG
 >8	beshort	0xAABB	Sega Mega Drive / Genesis ROM image (SMD format):
+!:mime	application/x-genesis-rom
 >>0	use     sega-genesis-smd-header
 
 #------------------------------------------------------------------------------
@@ -6365,7 +7248,7 @@
 # Detects all Game Gear and export Sega Master System ROM images,
 # and some Japanese Sega Master System ROM images.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://www.smspower.org/Development/ROMHeader
+# Reference: https://www.smspower.org/Development/ROMHeader
 #
 
 # General SMS header rule.
@@ -6373,12 +7256,17 @@
 0	name	sega-master-system-rom-header
 # Machine type.
 >0x0F	byte&0xF0	0x30	Sega Master System
+!:mime	application/x-sms-rom
 >0x0F	byte&0xF0	0x40	Sega Master System
+!:mime	application/x-sms-rom
 >0x0F	byte&0xF0	0x50	Sega Game Gear
+!:mime	application/x-gamegear-rom
 >0x0F	byte&0xF0	0x60	Sega Game Gear
+!:mime	application/x-gamegear-rom
 >0x0F	byte&0xF0	0x70	Sega Game Gear
->0x0F	byte&0xF0	<0x30	Sega Master System / Game Gear
->0x0F	byte&0xF0	>0x70	Sega Master System / Game Gear
+!:mime	application/x-gamegear-rom
+>0x0F	default		x	Sega Master System / Game Gear
+!:mime	application/x-sms-rom
 >0	byte		x	ROM image:
 # Product code.
 >0x0E	byte&0xF0	0x10	1
@@ -6438,17 +7326,19 @@
 
 # 2048-byte sector version.
 0	string	SEGA\ SEGASATURN\ 	Sega Saturn disc image
+!:mime	application/x-saturn-rom
 >0	use	sega-saturn-disc-header
 >0	byte	x			(2048-byte sectors)
 # 2352-byte sector version.
 0x10	string	SEGA\ SEGASATURN\ 	Sega Saturn disc image
+!:mime	application/x-saturn-rom
 >0x10	use	sega-saturn-disc-header
 >0	byte	x			(2352-byte sectors)
 
 #------------------------------------------------------------------------------
 # dreamcast: file(1) magic for the Sega Dreamcast disc image format.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://mc.pp.se/dc/ip0000.bin.html
+# Reference: https://mc.pp.se/dc/ip0000.bin.html
 #
 
 # Common Sega Dreamcast disc header format.
@@ -6462,10 +7352,12 @@
 
 # 2048-byte sector version.
 0	string	SEGA\ SEGAKATANA\ 	Sega Dreamcast disc image
+!:mime	application/x-dc-rom
 >0	use	sega-dreamcast-disc-header
 >0	byte	x			(2048-byte sectors)
 # 2352-byte sector version.
 0x10	string	SEGA\ SEGAKATANA\ 	Sega Dreamcast disc image
+!:mime	application/x-dc-rom
 >0x10	use	sega-dreamcast-disc-header
 >0	byte	x			(2352-byte sectors)
 
@@ -6481,6 +7373,7 @@
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0	bequad	0x803712400000000F	Nintendo 64 ROM image
+!:mime	application/x-n64-rom
 >0x20	string	>\0	\b: "%.20s"
 >0x3B	string	x	(%.4s
 >0x3F	byte	x	\b, Rev.%02u)
@@ -6490,39 +7383,44 @@
 # Same as z64 format, but with 16-bit byteswapping.
 #
 0	bequad	0x3780401200000F00	Nintendo 64 ROM image (V64)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # n64-swap2: file(1) magic for the swap2 format N64 ROM dumps
 # Same as z64 format, but with swapped 16-bit words.
 #
 0	bequad	0x12408037000F0000	Nintendo 64 ROM image (wordswapped)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # n64-le32: file(1) magic for the 32-bit byteswapped format N64 ROM dumps
 # Same as z64 format, but with 32-bit byteswapping.
 #
 0	bequad	0x401237800F000000	Nintendo 64 ROM image (32-bit byteswapped)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # gba: file(1) magic for the Nintendo Game Boy Advance raw ROM format
-# Reference: http://problemkaputt.de/gbatek.htm#gbacartridgeheader
+# Reference: https://problemkaputt.de/gbatek.htm#gbacartridgeheader
 #
 # Original version from: "Nelson A. de Oliveira" <naoliv@gmail.com>
 # Updated version from: David Korth <gerbilsoft@gerbilsoft.com>
 #
 4	bequad	0x24FFAE51699AA221	Game Boy Advance ROM image
+!:mime	application/x-gba-rom
 >0xA0	string	>\0	\b: "%.12s"
 >0xAC	string	x	(%.6s
 >0xBC	byte	x	\b, Rev.%02u)
 
 #------------------------------------------------------------------------------
 # nds: file(1) magic for the Nintendo DS(i) raw ROM format
-# Reference: http://problemkaputt.de/gbatek.htm#dscartridgeheader
+# Reference: https://problemkaputt.de/gbatek.htm#dscartridgeheader
 #
 # Original version from: "Nelson A. de Oliveira" <naoliv@gmail.com>
 # Updated version from: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0xC0	bequad	0x24FFAE51699AA221	Nintendo DS ROM image
+!:mime	application/x-nintendo-ds-rom
 >0x00	string	>\0		\b: "%.12s"
 >0x0C	string	x		(%.6s
 >0x1E	byte	x		\b, Rev.%02u)
@@ -6543,15 +7441,17 @@
 # This is also used for loading .nds files using the MSET exploit on 3DS.
 # Reference: https://github.com/devkitPro/ndstool/blob/master/source/ndscreate.cpp
 0xC0	bequad	0xC8604FE201708FE2	Nintendo DS Slot-2 ROM image (PassMe)
+!:mime	application/x-nintendo-ds-rom
 
 #------------------------------------------------------------------------------
 # ngp: file(1) magic for the Neo Geo Pocket (Color) raw ROM format.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # References:
 # - https://neogpc.googlecode.com/svn-history/r10/trunk/src/core/neogpc.cpp
-# - http://www.devrs.com/ngp/files/ngpctech.txt
+# - https://www.devrs.com/ngp/files/ngpctech.txt
 #
 0x0A	string	BY\ SNK\ CORPORATION	Neo Geo Pocket
+!:mime	application/x-neo-geo-pocket-rom
 >0x23	byte	0x10			Color
 >0	byte	x			ROM image
 >0x24	string	>\0			\b: "%.12s"
@@ -6586,7 +7486,21 @@
 
 #------------------------------------------------------------------------------
 # Microsoft Xbox executables .xbe (Esa Hyytia <ehyytia@cc.hut.fi>)
-0       string          XBEH            XBE, Microsoft Xbox executable
+0	string	XBEH	Microsoft Xbox executable
+# expect base address of 0x10000
+>0x0104                 ulelong =0x10000
+>>(0x0118.l-0x0FFF4)    lestring16 x       \b: "%.40s"
+>>(0x0118.l-0x0FFF5)    byte     x         (%c
+>>(0x0118.l-0x0FFF6)    byte     x         \b%c-
+>>(0x0118.l-0x0FFF8)    uleshort x         \b%03u)
+>>(0x0118.l-0x0FF60)    ulelong&0x80000007  0x80000007 \b, all regions
+>>(0x0118.l-0x0FF60)    ulelong&0x80000007  !0x80000007
+>>>(0x0118.l-0x0FF60)   ulelong >0           (regions:
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000001  NA
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000002  Japan
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000004  Rest_of_World
+>>>>(0x0118.l-0x0FF60)  ulelong &0x80000000  Manufacturer
+>>>(0x0118.l-0x0FF60)   ulelong >0           \b)
 # probabilistic checks whether signed or not
 >0x0004 ulelong =0x0
 >>&2    ulelong =0x0
@@ -6594,22 +7508,43 @@
 >0x0004 ulelong >0
 >>&2    ulelong >0
 >>>&2   ulelong >0    \b, signed
-# expect base address of 0x10000
->0x0104               ulelong =0x10000
->>(0x0118-0x0FF60)    ulelong&0x80000007  0x80000007 \b, all regions
->>(0x0118-0x0FF60)    ulelong&0x80000007  !0x80000007
->>>(0x0118-0x0FF60)   ulelong >0           (regions:
->>>>(0x0118-0x0FF60)  ulelong &0x00000001  NA
->>>>(0x0118-0x0FF60)  ulelong &0x00000002  Japan
->>>>(0x0118-0x0FF60)  ulelong &0x00000004  Rest_of_World
->>>>(0x0118-0x0FF60)  ulelong &0x80000000  Manufacturer
->>>(0x0118-0x0FF60)   ulelong >0           \b)
 
 # --------------------------------
 # Microsoft Xbox data file formats
 0       string          XIP0            XIP, Microsoft Xbox data
 0       string          XTF0            XTF, Microsoft Xbox data
 
+#------------------------------------------------------------------------------
+# Microsoft Xbox 360 executables (.xex)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://free60project.github.io/wiki/XEX.html
+# - https://github.com/xenia-project/xenia/blob/HEAD/src/xenia/kernel/util/xex2_info.h
+
+# Title ID (part of Execution ID section)
+0		name	xbox-360-xex-execution-id
+>(0.L+0xC)	byte	x	(%c
+>(0.L+0xD)	byte	x	\b%c
+>(0.L+0xE)	beshort	x	\b-%04u)
+
+0	string	XEX2	Microsoft Xbox 360 executable
+>0x18	search/0x100	\x00\x04\x00\x06
+>>&0	use	xbox-360-xex-execution-id
+>(0x010.L+0x178)	ubelong	0xFFFFFFFF	\b, all regions
+>(0x010.L+0x178)	ubelong	!0xFFFFFFFF
+>>(0x010.L+0x178)	ubelong	>0		(regions:
+>>(0x010.L+0x178)	ubelong&0x000000FF	0x000000FF	USA
+>>(0x010.L+0x178)	ubelong&0x00000100	0x00000100	Japan
+>>(0x010.L+0x178)	ubelong&0x00000200	0x00000200	China
+>>(0x010.L+0x178)	ubelong&0x0000FC00	0x0000FC00	Asia
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00FF0000	PAL
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00FE0000	PAL [except AU/NZ]
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00010000	AU/NZ
+>>(0x010.L+0x178)	ubelong&0xFF000000	0xFF000000	Other
+>>(0x010.L+0x178)	ubelong	>0		\b)
+
+
+
 # Atari Lynx cartridge dump (EXE/BLL header)
 # From: "Stefan A. Haubenthal" <polluks@web.de>
 
@@ -6617,8 +7552,10 @@
 # 8 character OMF-86 object file headers.
 0	beshort		0x8008
 >6	string		BS93		Lynx homebrew cartridge
+!:mime	application/x-atari-lynx-rom
 >>2	beshort		x		\b, RAM start $%04x
 >6	string		LYNX		Lynx cartridge
+!:mime	application/x-atari-lynx-rom
 >>2	beshort		x		\b, RAM start $%04x
 
 # Opera file system that is used on the 3DO console
@@ -6633,14 +7570,14 @@
 # Gameboy%20Sound%20System%20(.gbs).txt
 0	string		GBS		Nintendo Gameboy Music/Audio Data
 #12	string		GameBoy\ Music\ Module	Nintendo Gameboy Music Module
->16	string		>\0	("%s" by
->48	string		>\0	%s, copyright
->80	string		>\0	%s),
->3	byte		x	version %d,
->4	byte		x	%d tracks
+>16	string		>\0	("%.32s" by
+>48	string		>\0	%.32s, copyright
+>80	string		>\0	%.32s),
+>3	byte		x	version %u,
+>4	byte		x	%u tracks
 
 # IPS Patch Files from: From: Thomas Klausner <tk@giga.or.at>
-# see http://zerosoft.zophar.net/ips.php
+# see https://zerosoft.zophar.net/ips.php
 0	string	PATCH			IPS patch file
 
 # Playstations Patch Files from: From: Thomas Klausner <tk@giga.or.at>
@@ -6731,7 +7668,7 @@
 
 # Type: Nintendo GameCube/Wii common disc header data.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0	name	nintendo-gcn-disc-common
 >0x20	string	x	"%.64s"
 >0x00	string	x	(%.6s
@@ -6740,11 +7677,14 @@
 >>0x06	byte	2	\b, Disc 3
 >>0x06	byte	3	\b, Disc 4
 >0x07	byte	x	\b, Rev.%02u)
+>0x18	belong	0x5D1C9EA3
+>>0x60	beshort	0x0101	\b (Unencrypted)
 
 # Type: Nintendo GameCube disc image
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0x1C	belong	0xC2339F3D	Nintendo GameCube disc image:
+!:mime	application/x-gamecube-rom
 >0	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube embedded disc image
@@ -6754,19 +7694,21 @@
 0		belong	0xAE0F38A2
 >0x0C		belong	0x00100000
 >>(8.L+0x1C)	belong	0xC2339F3D	Nintendo GameCube embedded disc image:
+!:mime	application/x-gamecube-rom
 >>>(8.L)	use	nintendo-gcn-disc-common
 
 # Type: Nintendo Wii disc image
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0x18	belong	0x5D1C9EA3	Nintendo Wii disc image:
 >0	use	nintendo-gcn-disc-common
 
 # Type: Nintendo Wii disc image (WBFS format)
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0	string	WBFS
 >0x218	belong	0x5D1C9EA3	Nintendo Wii disc image (WBFS format):
+!:mime	application/x-wii-rom
 >>0x200	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (CISO format)
@@ -6780,41 +7722,63 @@
 >4		lelong	0x200000
 >>8		byte	1
 >>>0x801C	belong	0xC2339F3D	Nintendo GameCube disc image (CISO format):
+!:mime	application/x-wii-rom
 >>>>0x8000	use	nintendo-gcn-disc-common
 >>>0x8018	belong	0x5D1C9EA3	Nintendo Wii disc image (CISO format):
+!:mime	application/x-wii-rom
 >>>>0x8000	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (GCZ format)
 # Due to zlib compression, we can't get the actual disc information.
 0	lelong	0xB10BC001
 >4	lelong	0		Nintendo GameCube disc image (GCZ format)
+!:mime	application/x-gamecube-rom
 >4	lelong	1		Nintendo Wii disc image (GCZ format)
->4	lelong	>1		Nintendo GameCube/Wii disc image (GCZ format)
+!:mime	application/x-wii-rom
+>4	default	x		Nintendo GameCube/Wii disc image (GCZ format)
 
 # Type: Nintendo GameCube/Wii disc image (WDF format)
 0		string	WII\001DISC
 >8		belong	1
 # WDFv1
 >>0x54		belong	0xC2339F3D	Nintendo GameCube disc image (WDFv1 format):
+!:mime	application/x-gamecube-rom
 >>>0x38		use	nintendo-gcn-disc-common
 >>0x58		belong	0x5D1C9EA3	Nintendo Wii disc image (WDFv1 format):
+!:mime	application/x-wii-rom
 >>>0x38		use	nintendo-gcn-disc-common
 >8		belong	2
 # WDFv2
 >>(12.L+0x1C)	belong	0xC2339F3D	Nintendo GameCube disc image (WDFv2 format):
+!:mime	application/x-gamecube-rom
 >>>(12.L)	use	nintendo-gcn-disc-common
 >>(12.L+0x18)	belong	0x5D1C9EA3	Nintendo Wii disc image (WDFv2 format):
+!:mime	application/x-wii-rom
 >>>(12.L)	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (WIA format)
 0	string	WIA\001	Nintendo
->0x48	belong	0	GameCube/Wii
 >0x48	belong	1	GameCube
+!:mime	application/x-gamecube-rom
 >0x48	belong	2	Wii
->0x48	belong	>2	GameCube/Wii
+!:mime	application/x-wii-rom
+>0x48	default	x	GameCube/Wii
 >0x48	belong	x	disc image (WIA format):
 >>0x58	use	nintendo-gcn-disc-common
 
+# Type: Nintendo GameCube/Wii disc image (with SDK header)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://wiibrew.org/wiki/Wii_Disc
+0		belong	0xFFFF0000
+>0x18		belong	0x00000000
+>>0x1C		belong	0x00000000
+>>>0x8018	belong	0x5D1C9EA3	Nintendo Wii SDK disc image:
+!:mime	application/x-wii-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+>>>0x801C	belong	0xC2339F3D	Nintendo GameCube SDK disc image:
+!:mime	application/x-gamecube-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+
 #------------------------------------------------------------------------------
 # Nintendo 3DS file formats.
 #
@@ -6931,6 +7895,7 @@
 0	byte	>0
 >0	byte	<3
 >>1	string	ATARI7800	Atari 7800 ROM image
+!:mime	application/x-atari-7800-rom
 >>>0x11	string	>\0	\b: "%.32s"
 # Display type.
 >>>0x39	byte	0	(NTSC)
@@ -7033,7 +7998,7 @@
 >84	belong&0x18000000	=0x18000000	undefined fpmode
 
 #------------------------------------------------------------------------------
-# $File: coverage,v 1.1 2016/06/05 00:26:32 christos Exp $
+# $File: coverage,v 1.2 2019/04/19 00:42:27 christos Exp $
 # xoverage:  file(1) magic for test coverage data
 
 # File formats used to store test coverage data
@@ -7100,7 +8065,7 @@
 # `clang -fprofile-instr-generate -fcoverage-mapping ...`
 # default name: default.profraw
 # magic is: \xFF lprofr \x81
-# cf. http://llvm.org/docs/doxygen/html/InstrProfData_8inc_source.html
+# cf. https://llvm.org/docs/doxygen/html/InstrProfData_8inc_source.html
 0	lequad	0xff6c70726f667281	LLVM raw profile data,
 >&0	byte	x	version %d
 
@@ -7111,10 +8076,10 @@
 
 # LLVM indexed instruction profile (as generated by llvm-profdata)
 # magic is: reverse(\xFF lprofi \x81)
-# cf. http://llvm.org/docs/CoverageMappingFormat.html
-# http://llvm.org/docs/doxygen/html/namespacellvm_1_1IndexedInstrProf.html
-# http://llvm.org/docs/CommandGuide/llvm-cov.html
-# http://llvm.org/docs/CommandGuide/llvm-profdata.html
+# cf. https://llvm.org/docs/CoverageMappingFormat.html
+# https://llvm.org/docs/doxygen/html/namespacellvm_1_1IndexedInstrProf.html
+# https://llvm.org/docs/CommandGuide/llvm-cov.html
+# https://llvm.org/docs/CommandGuide/llvm-profdata.html
 0	lequad	0x8169666f72706cff	LLVM indexed profile data,
 >&0	byte	x	version %d
 
@@ -7146,7 +8111,7 @@
 #--------------------------------------------------------------
 # ctf:  file(1) magic for CTF (Common Trace Format) trace files
 #
-# Specs. available here: <http://www.efficios.com/ctf>
+# Specs. available here: <https://www.efficios.com/ctf>
 #--------------------------------------------------------------
 
 # CTF trace data
@@ -7175,10 +8140,10 @@
 0	string	MAPZ)	Map file for the Blood Frontier/Red Eclipse FPS games
 
 #------------------------------------------------------------------------------
-# $File: cups,v 1.5 2017/03/17 21:35:28 christos Exp $
+# $File: cups,v 1.6 2019/04/19 00:42:27 christos Exp $
 # Cups: file(1) magic for the cups raster file format
 # From: Laurent Martelli <martellilaurent@gmail.com>
-# http://www.cups.org/documentation.php/spec-raster.html
+# https://www.cups.org/documentation.php/spec-raster.html
 #
 
 0	name		cups-le
@@ -7242,7 +8207,7 @@
 >15	long		>30		$BS, block size: %i bytes
 
 #------------------------------------------------------------------------------
-# $File: database,v 1.52 2017/08/13 00:21:47 christos Exp $
+# $File: database,v 1.55 2019/04/19 00:42:27 christos Exp $
 # database:  file(1) magic for various databases
 #
 # extracted from header/code files by Graeme Wilford (eep2gw@ee.surrey.ac.uk)
@@ -7389,8 +8354,8 @@
 
 ## XBase database files
 # updated by Joerg Jenderek at Feb 2013
-# http://www.dbase.com/Knowledgebase/INT/db7_file_fmt.htm
-# http://www.clicketyclick.dk/databases/xbase/format/dbf.html
+# https://www.dbase.com/Knowledgebase/INT/db7_file_fmt.htm
+# https://www.clicketyclick.dk/databases/xbase/format/dbf.html
 # http://home.f1.htw-berlin.de/scheibl/db/intern/dBase.htm
 # inspect VVYYMMDD , where 1<= MM <= 12 and 1<= DD <= 31
 0	ubelong&0x0000FFFF		<0x00000C20
@@ -7429,13 +8394,13 @@
 >>>>>>>>>>>>4	lelong			>0		\b, %d record
 # plural s appended
 >>>>>>>>>>>>>4	lelong			>1		\bs
-# http://www.clicketyclick.dk/databases/xbase/format/dbf_check.html#CHECK_DBF
+# https://www.clicketyclick.dk/databases/xbase/format/dbf_check.html#CHECK_DBF
 # 1 <= record size <= 4000 (dBase 3,4) or 32 * KB (=0x8000)
 >>>>>>>>>>>>10	uleshort		x		* %d
 # file size = records * record size + header size
 >>>>>>>>>>>>1	ubyte			x		\b, update-date
 >>>>>>>>>>>>1	use			xbase-date
-# http://msdn.microsoft.com/de-de/library/cc483186(v=vs.71).aspx
+# https://msdn.microsoft.com/de-de/library/cc483186(v=vs.71).aspx
 #>>>>>>>>>>>>29	ubyte			=0		\b, codepage ID=0x%x
 # 2~cp850 , 3~cp1252 , 0x1b~?? ; what code page is 0x1b ?
 >>>>>>>>>>>>29	ubyte			>0		\b, codepage ID=0x%x
@@ -7503,13 +8468,13 @@
 # dBASE IV SQL, no memo;dbv memo var size (Flagship)
 >>0	ubyte		0x43		dBase IV, with SQL table
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x62		dBase IV, with SQL table
 #!:mime	application/x-dbf
 # dBASE IV, with memo!!
 >>0	ubyte		0x7b		dBase IV, with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x82		dBase IV, with SQL system
 #!:mime	application/x-dbf
 # FoxBase+/dBaseIII+ with memo .DBT!
@@ -7518,7 +8483,7 @@
 # VISUAL OBJECTS (first 1.0 versions) for the Dbase III files (NTX clipper driver); memo file
 >>0	ubyte		0x87		VISUAL OBJECTS, with memo file
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x8A		FoxBase+/dBase III, with memo .DBT
 #!:mime	application/x-dbf
 # dBASE IV with memo!
@@ -7529,7 +8494,7 @@
 !:mime	application/x-dbf
 # .dbv and .dbt memo (Flagship)?
 >>0	ubyte		0xB3		Flagship
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xCA		dBase IV with memo .DBT
 #!:mime	application/x-dbf
 # dBASE IV with SQL table, with memo .DBT
@@ -7538,12 +8503,12 @@
 # HiPer-Six format;Clipper SIX, with SMT memo file
 >>0	ubyte		0xE5		Clipper SIX with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xF4		dBase IV, with SQL table, with memo
 #!:mime	application/x-dbf
 >>0	ubyte		0xF5		FoxPro with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xFA		FoxPro 2.x, with memo
 #!:mime	application/x-dbf
 # unknown version (should not happen)
@@ -7574,7 +8539,7 @@
 >>>>>2	ubyte		x		\b-%d
 
 #	dBase memo files .DBT or .FPT
-# http://msdn.microsoft.com/en-us/library/8599s21w(v=vs.80).aspx
+# https://msdn.microsoft.com/en-us/library/8599s21w(v=vs.80).aspx
 16		ubyte		<4
 >16		ubyte		!2
 >>16		ubyte		!1
@@ -7737,7 +8702,7 @@
 >>220	ulelong		x		\b.%d
 
 # From: Joerg Jenderek
-# URL: http://forensicswiki.org/wiki/Windows_Application_Compatibility
+# URL: https://forensicswiki.org/wiki/Windows_Application_Compatibility
 # Note: files contain application compatibility fixes, application compatibility modes and application help messages.
 8	string		sdbf
 >7	ubyte		0
@@ -7784,7 +8749,7 @@
 >>7	byte		x		\b-%d
 
 # Type: Advanced Data Format (ADF) database
-# URL:  http://www.grc.nasa.gov/WWW/cgns/adf/
+# URL:  https://www.grc.nasa.gov/WWW/cgns/adf/
 # From: Nicolas Chauvat <nicolas.chauvat@logilab.fr>
 0	string	@(#)ADF\ Database	CGNS Advanced Data Format
 
@@ -7824,7 +8789,7 @@
 0	string		ToKyO\ CaBiNeT\n	TokyoCabinet database
 >14	string		x			(version %s)
 
-# From:  Stephane Blondon http://www.yaal.fr
+# From:  Stephane Blondon https://www.yaal.fr
 # Database file for Zope (done by FileStorage)
 0	string	FS21	Zope Object Database File Storage v3 (data)
 0	string	FS30	Zope Object Database File Storage v4 (data)
@@ -7835,7 +8800,7 @@
 # IDA (Interactive Disassembler) database
 0	string		IDA1	IDA (Interactive Disassembler) database
 
-# Hopper (reverse engineering tool) http://www.hopperapp.com/
+# Hopper (reverse engineering tool) https://www.hopperapp.com/
 0	string		hopperdb	Hopper database
 
 # URL: https://en.wikipedia.org/wiki/Panorama_(database_engine)
@@ -7875,22 +8840,79 @@
 >32	lelong	x		\b, index %d
 >36	lelong	x		\b, seed %#x
 
+#
+# Redis RDB - https://redis.io/topics/persistence
+0	string	REDIS			Redis RDB file,
+>5	regex	[0-9][0-9][0-9][0-9]	version %s
+
+# Mork database.
+# Used by older versions of Mozilla Suite and Firefox,
+# and current versions of Thunderbird.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string	//\ <!--\ <mdb:mork:z\ v="	Mozilla Mork database
+>23	string	x		\b, version %.3s
+
 #------------------------------------------------------------------------------
-# $File: dbpf,v 1.1 2017/10/13 20:47:14 christos Exp $
+# $File: dataone,v 1.2 2019/04/19 00:42:27 christos Exp $
+#
+# DataONE- files from Dave Vieglais <dave.vieglais@gmail.com> &
+#                     Pratik Shrivastava <pratikshrivastava23@gmail.com>
+#
+# file formats:   https://cn.dataone.org/cn/v2/formats
+#------------------------------------------------------------------------------
+
+# EML (Ecological Metadata Language Format)
+0	string	<?xml
+>&0	regex	(eml)-[0-9].[0-9].[0-9]+	eml://ecoinformatics.org/%s
+
+# onedcx (DataONE Dublin Core Extended v1.0)
+>&0	regex	(onedcx/v)[0-9].[0-9]+		https://ns.dataone.org/metadata/schema/onedcx/v1.0
+
+# FGDC-STD-001-1998 (Content Standard for Digital Geospatial Metadata,
+# version 001-1998)
+>&0	regex	fgdc				FGDC-STD-001-1998
+
+# Mercury (Oak Ridge National Lab Mercury Metadata version 1.0)
+>&0	regex	(mercury/terms/v)[0-9].[0-9]	https://purl.org/ornl/schema/mercury/terms/v1.0
+
+# ISOTC211 (Geographic MetaData (GMD) Extensible Markup Language)
+>&0	regex	isotc211
+>>&0	regex	eng;USA				https://www.isotc211.org/2005/gmd
+
+# ISOTC211 (NOAA Variant Geographic MetaData (GMD) Extensible Markup Language)
+>>&0	regex	gov.noaa.nodc:[0-9]+		https://www.isotc211.org/2005/gmd-noaa
+
+# ISOTC211 PANGAEA Variant Geographic MetaData (GMD) Extensible Markup Language
+>>&0	regex	pangaea.dataset[0-9][0-9][0-9][0-9][0-9][0-9]+	https://www.isotc211.org/2005/gmd-pangaea
+!:mime	text/xml
+
+
+# Object Reuse and Exchange Vocabulary
+0	string	<?xml
+>&0	regex	rdf
+>>&0	regex	openarchives	https://www.openarchives.org/ore/terms
+!:mime application/rdf+xml
+
+
+# Dryad Metadata Application Profile Version 3.1
+0	string	<DryadData
+>&0	regex	(dryad-bibo/v)[0-9].[0-9]	https://datadryad.org/profile/v3.1
+!:mime	text/xml
+
+#------------------------------------------------------------------------------
+# $File: dbpf,v 1.3 2019/04/19 00:42:27 christos Exp $
 # dppf:	Maxis Database Packed Files, the stored data file format used by all
 #	Maxis games after the Sims: http://wiki.niotso.org/DBPF
-# 	http://www.wiki.sc4devotion.com/index.php?title=DBPF
+# 	https://www.wiki.sc4devotion.com/index.php?title=DBPF
 #	13 Oct 2017, Kip Warner <kip at thevertigo dot com>
 0	string	DBPF	Maxis Database Packed File
 >4	ulelong	x	\b, version: %u.
 >>8	ulelong	x	\b%u
 >>>36	ulelong	x       \b, files: %u
+>>24	ledate	!0	\b, created: %s
+>>28	ledate	!0	\b, modified: %s
 !:ext	dbpf/package/dat/sc4
 !:mime	application/x-maxis-dbpf
-4	ulelong	1
->8	ulelong	!1
->>24	ledate	!0	\b, created: %s
->>>28	ledate	!0	\b, modified: %s
 #------------------------------------------------------------------------------
 # $File: der,v 1.2 2017/03/17 21:35:28 christos Exp $
 # der: file(1) magic for DER encoded files
@@ -8119,9 +9141,9 @@
 >6	short		0x40		for Alpha
 
 #------------------------------------------------------------------------------
-# $File: dolby,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: dolby,v 1.9 2019/04/19 00:42:27 christos Exp $
 # ATSC A/53 aka AC-3 aka Dolby Digital <ashitaka@gmx.at>
-# from http://www.atsc.org/standards/a_52a.pdf
+# from https://www.atsc.org/standards/a_52a.pdf
 # corrections, additions, etc. are always welcome!
 #
 # syncword
@@ -8188,14 +9210,14 @@
 >4	byte&0x3e = 0x24	\b, 640 kbit/s
 
 #------------------------------------------------------------------------------
-# $File: dump,v 1.16 2017/07/22 19:21:02 christos Exp $
+# $File: dump,v 1.17 2018/06/26 01:07:17 christos Exp $
 # dump:  file(1) magic for dump file format--for new and old dump filesystems
 #
 # We specify both byte orders in order to recognize byte-swapped dumps.
 #
 0	name	new-dump-be
->4	bedate	x		Previous dump %s,
->8	bedate	x		This dump %s,
+>4	bedate	x		This dump %s,
+>8	bedate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8213,8 +9235,8 @@
 >888	belong	>0		Flags %x
 
 0	name	old-dump-be
-#>4	bedate	x		Previous dump %s,
-#>8	bedate	x		This dump %s,
+#>4	bedate	x		This dump %s,
+#>8	bedate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8232,8 +9254,8 @@
 >888	belong	>0		Flags %x
 
 0	name	ufs2-dump-be
->896	beqdate	x		Previous dump %s,
->904	beqdate	x		This dump %s,
+>896	beqdate	x		This dump %s,
+>904	beqdate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8284,12 +9306,12 @@
 >0	leshort	7		end of medium (for floppy).
 
 #------------------------------------------------------------------------------
-# $File: dyadic,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: dyadic,v 1.9 2019/04/19 00:42:27 christos Exp $
 # Dyadic: file(1) magic for Dyalog APL.
 #
 # updated by Joerg Jenderek at Oct 2013
-# http://en.wikipedia.org/wiki/Dyalog_APL
-# http://www.dyalog.com/
+# https://en.wikipedia.org/wiki/Dyalog_APL
+# https://www.dyalog.com/
 # .DXV Dyalog APL External Variable
 # .DIN Dyalog APL Input Table
 # .DOT Dyalog APL Output Table
@@ -8345,13 +9367,24 @@
 0	short		0x6060		Dyalog APL transfer
 
 #------------------------------------------------------------------------------
-# $File: ebml,v 1.1 2010/07/02 00:07:03 christos Exp $
+# $File: ebml,v 1.2 2019/04/19 00:42:27 christos Exp $
 # ebml:  file(1) magic for various Extensible Binary Meta Language
-# http://www.matroska.org/technical/specs/index.html#track
+# https://www.matroska.org/technical/specs/index.html#track
 0	belong	0x1a45dfa3	EBML file
 >4	search/b/100	\102\202
 >>&1	string	x		\b, creator %.8s
 
+#------------------------------------------------------------------------------
+# $File: edid,v 1.1 2019/03/28 12:36:01 christos Exp $
+# edid:  file(1) magic for EDID dump files
+
+0	quad	0x00ffffffffffff00	Extended display identification data dump
+!:mime application/x-edid-dump
+>18	byte	0x01			Version 1
+>>19	byte	<0x04			\b.%d
+>18	byte	0x02			Version 2
+>>19	byte	0x00			\b.0
+
 #------------------------------------------------------------------------------
 # $File: editors,v 1.11 2017/03/17 21:35:28 christos Exp $
 # T602 editor documents
@@ -8407,7 +9440,7 @@
 >4	lelong	>2		Universal EFI binary with %d architectures
 
 #------------------------------------------------------------------------------
-# $File: elf,v 1.72 2018/02/24 19:50:04 christos Exp $
+# $File: elf,v 1.77 2019/01/16 19:33:35 christos Exp $
 # elf:  file(1) magic for ELF executables
 #
 # We have to check the byte order flag to see what byte order all the
@@ -8445,6 +9478,8 @@
 >0	lelong&0x3		2		relaxed memory ordering,
 
 0	name		elf-pa-risc
+>2	leshort		0x0208		1.0
+>2	leshort		0x0210		1.1
 >2	leshort		0x0214		2.0
 >0	leshort		&0x0008		(LP64)
 
@@ -8455,11 +9490,15 @@
 !:mime	application/x-object
 >16	leshort		2		executable,
 !:mime	application/x-executable
->16	leshort		3		${x?pie executable:shared object}
+>16	leshort		3		${x?pie executable:shared object},
 
 !:mime	application/x-${x?pie-executable:sharedlib}
->16	leshort		4		core file
+>16	leshort		4		core file,
 !:mime	application/x-coredump
+# OS-specific
+>7	byte		202
+>>16	leshort		0xFE01		executable,
+!:mime	application/x-executable
 # Core file detection is not reliable.
 #>>>(0x38+0xcc) string	>\0		of '%s'
 #>>>(0x38+0x10) lelong	>0		(signal %d),
@@ -8666,6 +9705,8 @@
 >18	leshort		217		iCelero CoolEngine,
 >18	leshort		218		Nanoradio Optimized RISC,
 >18	leshort		243		UCB RISC-V,
+>18	leshort		247		eBPF,
+>18	leshort		251             NEC VE,
 >18	leshort		0x1057		AVR (unofficial),
 >18	leshort		0x1059		MSP430 (unofficial),
 >18	leshort		0x1223		Adapteva Epiphany (unofficial),
@@ -8728,6 +9769,7 @@
 >7	byte		16		(FenixOS)
 >7	byte		17		(Nuxi CloudABI)
 >7	byte		97		(ARM)
+>7	byte		202		(Cafe OS)
 >7	byte		255		(embedded)
 
 #------------------------------------------------------------------------------
@@ -8815,9 +9857,9 @@
 0	lelong		0x1000007A	Psion Series 5 executable
 
 #------------------------------------------------------------------------------
-# $File: erlang,v 1.6 2010/09/20 19:19:17 rrt Exp $
+# $File: erlang,v 1.7 2019/04/19 00:42:27 christos Exp $
 # erlang:  file(1) magic for Erlang JAM and BEAM files
-# URL:  http://www.erlang.org/faq/x779.html#AEN812
+# URL:  https://www.erlang.org/faq/x779.html#AEN812
 
 # OTP R3-R4
 0	string	\0177BEAM!	Old Erlang BEAM file
@@ -8835,11 +9877,68 @@
 
 0	bequad	0x0000000000ABCDEF	Erlang DETS file
 
+# $File: espressif,v 1.1 2018/11/20 18:57:17 christos Exp $
+# configuration dump of Tasmota firmware for ESP8266 based devices by Espressif
+# URL: https://github.com/arendst/Sonoff-Tasmota/
+# Reference: https://codeload.github.com/arendst/Sonoff-Tasmota/zip/release-6.2/
+# Sonoff-Tasmota-release-6.2.zip/Sonoff-Tasmota-release-6.2/sonoff/settings.h 
+# From: Joerg Jenderek
+#
+# cfg_holder=4617=0x1209
+0		uleshort	4617
+# remainig settings normally 0x5A+offset XORed; free_1D5[20] empty since 5.12.0e
+>0x1D5		ubequad		0x2f30313233343536	configuration of Tasmota firmware (ESP8266)
+!:mime	application/x-tasmota-dmp
+!:ext	dmp
+# version like 6.2.1.0 ~ 0x06020100 XORed to 0x63666262
+>>11		ubyte^0x65	x			\b, version %u
+>>10		ubyte^0x64	x			\b.%u
+>>9		ubyte^0x63	x			\b.%u
+>>8		ubyte^0x62	x			\b.%u
+#>8		ubelong		x			(0x%x)
+# hostname[33] XORed
+>>0x165		ubyte^0x1BF	x			\b, hostname %c
+>>0x166		ubyte^0x1C0	>037			\b%c
+>>0x167		ubyte^0x1C1	>037			\b%c
+>>0x168		ubyte^0x1C2	>037			\b%c
+>>0x169		ubyte^0x1C3	>037			\b%c
+>>0x16A		ubyte^0x1C4	>037			\b%c
+>>0x16B		ubyte^0x1C5	>037			\b%c
+>>0x16C		ubyte^0x1C6	>037			\b%c
+>>0x16D		ubyte^0x1C7	>037			\b%c
+>>0x16E		ubyte^0x1C8	>037			\b%c
+>>0x16F		ubyte^0x1C9	>037			\b%c
+>>0x170		ubyte^0x1CA	>037			\b%c
+>>0x171		ubyte^0x1CB	>037			\b%c
+>>0x172		ubyte^0x1CC 	>037			\b%c
+>>0x173		ubyte^0x1CD	>037			\b%c
+>>0x174		ubyte^0x1CE	>037			\b%c
+>>0x175		ubyte^0x1CF	>037			\b%c
+>>0x176		ubyte^0x1D0	>037			\b%c
+>>0x177		ubyte^0x1D1	>037			\b%c
+>>0x178		ubyte^0x1D2	>037			\b%c
+>>0x179		ubyte^0x1D3	>037			\b%c
+>>0x17A		ubyte^0x1D4	>037			\b%c
+>>0x17B		ubyte^0x1D5	>037			\b%c
+>>0x17C		ubyte^0x1D6	>037			\b%c
+>>0x17D		ubyte^0x1D7	>037			\b%c
+>>0x17E		ubyte^0x1D8	>037			\b%c
+>>0x17F		ubyte^0x1D9	>037			\b%c
+>>0x180		ubyte^0x1DA	>037			\b%c
+>>0x181		ubyte^0x1DB	>037			\b%c
+>>0x182		ubyte^0x1DC	>037			\b%c
+>>0x183		ubyte^0x1DD	>037			\b%c
+>>0x184		ubyte^0x1DE	>037			\b%c
+>>0x185		ubyte^0x1DF	>037			\b%c
+#>>0x165		string		x			(%.33s)
+
+
+
 #------------------------------------------------------------------------------
-# $File: esri,v 1.4 2009/09/19 16:28:09 christos Exp $
+# $File: esri,v 1.5 2019/04/19 00:42:27 christos Exp $
 # ESRI Shapefile format (.shp .shx .dbf=DBaseIII)
 # Based on info from
-# <URL:http://www.esri.com/library/whitepapers/pdfs/shapefile.pdf>
+# <URL:https://www.esri.com/library/whitepapers/pdfs/shapefile.pdf>
 0	belong	9994	ESRI Shapefile
 >4	belong	=0
 >8	belong	=0
@@ -8872,7 +9971,7 @@
 0       string          FCS3.0          Flow Cytometry Standard (FCS) data, version 3.0
 
 #------------------------------------------------------------------------------
-# $File: filesystems,v 1.124 2018/01/12 12:35:30 christos Exp $
+# $File: filesystems,v 1.128 2019/04/23 15:43:27 christos Exp $
 # filesystems:  file(1) magic for different filesystems
 #
 0	name	partid
@@ -9141,21 +10240,21 @@
 # to display information (50) before DOS BPB (strength=70) and after DOS floppy (120) like in old file version
 !:strength +65
 >2		string		OSBS		OS/BS MBR
-# added by Joerg Jenderek at Feb 2013 according to http://thestarman.pcministry.com/asm/mbr/
-# and http://en.wikipedia.org/wiki/Master_Boot_Record
+# added by Joerg Jenderek at Feb 2013 according to https://thestarman.pcministry.com/asm/mbr/
+# and https://en.wikipedia.org/wiki/Master_Boot_Record
 # test for nearly all MS-DOS Master Boot Record initial program loader (IPL) is now done by
 # characteristic assembler instructions: xor ax,ax;mov ss,ax;mov sp,7c00
 >0	search/2	\x33\xc0\x8e\xd0\xbc\x00\x7c	MS-MBR
-# Microsoft Windows 95A and early ( http://thestarman.pcministry.com/asm/mbr/STDMBR.htm )
+# Microsoft Windows 95A and early ( https://thestarman.pcministry.com/asm/mbr/STDMBR.htm )
 # assembler instructions: mov si,sp;push ax;pop es;push ax;pop ds;sti;cld
 >>8	ubequad		0x8bf45007501ffbfc
-# http://thestarman.pcministry.com/asm/mbr/200MBR.htm
+# https://thestarman.pcministry.com/asm/mbr/200MBR.htm
 >>>0x16	ubyte		0xF3				\b,DOS 2
 >>>>219	regex		Author\ -\ 			Author:
 # found "David Litton" , "A Pehrsson  "
 >>>>>&0	string		x				"%s"
 >>>0x16	ubyte		0xF2
-# NEC MS-DOS 3.30 Rev. 3 . See http://thestarman.pcministry.com/asm/mbr/DOS33MBR.htm
+# NEC MS-DOS 3.30 Rev. 3 . See https://thestarman.pcministry.com/asm/mbr/DOS33MBR.htm
 # assembler instructions: mov di,077c;cmp word ptrl[di],a55a;jnz
 >>>>0x22	ubequad	0xbf7c07813d5aa575		\b,NEC 3.3
 # version MS-DOS 3.30 til MS-Windows 95A (WinVer=4.00.1111)
@@ -9187,7 +10286,7 @@
 # "Sistema operativo mancante"				nn=0xe2 for italian version
 >>>>>0x79	ubyte		>0			at offset 0x%x
 >>>>>>(0x79.b)	string		>\0			"%s"
-# Microsoft Windows 95B to XP (http://thestarman.pcministry.com/asm/mbr/95BMEMBR.htm)
+# Microsoft Windows 95B to XP (https://thestarman.pcministry.com/asm/mbr/95BMEMBR.htm)
 # assembler instructions: push ax;pop es;push  ax;pop ds;cld;mov si,7c1b
 >>8	ubequad		0x5007501ffcbe1b7c
 # assembler instructions: rep;movsb;retf;mov si,07be;mov cl,04
@@ -9214,7 +10313,7 @@
 # "\216\257\245\340\240\346\250\256\255\255\240\357 \341\250\341\342\245\254\240 \255\245 \255\240\251\244\245\255\240"	nn=0x156 for russian version
 >>>>0xA9		ubyte	x			at offset 0x1%x
 >>>>(0xA9.b+0x100)	string	>\0			"%s"
-# http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm
+# https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm
 # assembler instructions: rep;movsb;retf;mov BP,07be;mov cl,04
 >>>24		ubequad	0xf3a4cbbdbe07b104		XP
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9235,7 +10334,7 @@
 # Microsoft Windows Vista or 7
 # assembler instructions: ..;mov ds,ax;mov si,7c00;mov di,..00
 >>8	ubequad		0xc08ed8be007cbf00
-# Microsoft Windows Vista (http://thestarman.pcministry.com/asm/mbr/VistaMBR.htm)
+# Microsoft Windows Vista (https://thestarman.pcministry.com/asm/mbr/VistaMBR.htm)
 # assembler instructions: jnz 0729;cmp ebx,"TCPA"
 >>>0xEC		ubequad	0x753b6681fb544350		Vista
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9253,7 +10352,7 @@
 # "Betriebssystem nicht vorhanden"			zz=0x1?? for german version
 >>>>0x1b7	ubyte		>0			at offset 0x1%x
 >>>>(0x1b7.b+0x100)	string	>\0			"%s"
-# Microsoft Windows 7 (http://thestarman.pcministry.com/asm/mbr/W7MBR.htm)
+# Microsoft Windows 7 (https://thestarman.pcministry.com/asm/mbr/W7MBR.htm)
 # assembler instructions: cmp ebx,"TCPA";cmp
 >>>0xEC		ubequad	0x6681fb5443504175		Windows 7
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9271,10 +10370,10 @@
 # "Betriebssystem nicht vorhanden"			zz=0x1?? for german version
 >>>>0x1b7	ubyte		>0			at offset 0x1%x
 >>>>(0x1b7.b+0x100)	string	>\0			"%s"
-# http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DiskSigs
-# http://en.wikipedia.org/wiki/MBR_disk_signature#ID
+# https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DiskSigs
+# https://en.wikipedia.org/wiki/MBR_disk_signature#ID
 >>0x1b8	ulelong		>0				\b, disk signature 0x%-.4x
-# driveID/timestamp for Win 95B,98,98SE and ME. See http://thestarman.pcministry.com/asm/mbr/mystery.htm
+# driveID/timestamp for Win 95B,98,98SE and ME. See https://thestarman.pcministry.com/asm/mbr/mystery.htm
 >>0xDA	uleshort		0
 >>>0xDC 	ulelong		>0			\b, created
 # physical drive number (0x80-0xFF) when the Windows wrote that byte to the drive
@@ -9338,13 +10437,13 @@
 >>>>>420	ubyte		x			\b)
 #
 # SYSLINUX MBR moved
-# http://www.acronis.de/
+# https://www.acronis.de/
 >362	string	MBR\ Error\ \0\r
 >>376	string	ress\ any\ key\ to\040
 >>>392	string	boot\ from\ floppy...\0			\b, Acronis MBR
 # added by Joerg Jenderek
-# http://www.visopsys.org/
-# http://partitionlogic.org.uk/
+# https://www.visopsys.org/
+# https://partitionlogic.org.uk/
 >309	string	No\ bootable\ partition\ found\r
 >>339	string	I/O\ Error\ reading\ boot\ sector\r	\b, Visopsys MBR
 >349	string	No\ bootable\ partition\ found\r
@@ -9363,7 +10462,7 @@
 >>172	string	LILO				\b, version 22.5.8 Debian
 # updated by Joerg Jenderek at Oct 2008
 # variables according to grub-0.97/stage1/stage1.S or
-# http://www.gnu.org/software/grub/manual/grub.html#Embedded-data
+# https://www.gnu.org/software/grub/manual/grub.html#Embedded-data
 # usual values are marked with comments to get only informations of strange GRUB loaders
 >342		search/60	\0Geom\0
 #>0		ulelong		x		%x=0x009048EB ,	0x2a9048EB  0
@@ -9422,7 +10521,7 @@
 # skip FSInfosector
 >>>>>>0		string		!RRaA
 # skip 3rd sector of MS x86 bootloader with assember instructions cli;MOVZX EAX,BYTE PTR [BP+10];MOV ECX,
-# http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm
+# https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm
 >>>>>>>0	ubequad		!0xfa660fb64610668b
 # skip 13rd sector of MS x86 bootloader
 >>>>>>>>0	ubequad		!0x660fb64610668b4e
@@ -9435,7 +10534,7 @@
 >>>>>>>>>>>446	use		partition-table
 # TODO: test for extended bootrecord (ebr) moved and merged with mbr partition table entries
 # mbr partition table entries end
-# http://www.acronis.de/
+# https://www.acronis.de/
 #FAT label=ACRONIS\ SZ
 #OEM-ID=BOOTWIZ0
 >442	string	Non-system\ disk,\040
@@ -9868,8 +10967,8 @@
 >>>>505		ubyte&0xDF	>0
 >>>>>505	string		x 			\b.%-.3s
 # added by Joerg Jenderek
-# http://www.visopsys.org/
-# http://partitionlogic.org.uk/
+# https://www.visopsys.org/
+# https://partitionlogic.org.uk/
 # OEM-ID=Visopsys
 >478		ulelong	0
 >>(1.b+326)	string	I/O\ Error\ reading\040
@@ -9896,8 +10995,8 @@
 #it prints a very short message ("RE") to the screen and hangs the computer.
 # x86 bootloader end
 
-# added by Joerg Jenderek at Feb 2013 according to http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
-# and http://en.wikipedia.org/wiki/File_Allocation_Table#FS_Information_Sector
+# added by Joerg Jenderek at Feb 2013 according to https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
+# and https://en.wikipedia.org/wiki/File_Allocation_Table#FS_Information_Sector
 >0		string		RRaA
 >>0x1E4		string		rrAa		\b, FSInfosector
 #>>0x1FC	uleshort	=0		SHOULD BE ZERO
@@ -9960,7 +11059,7 @@
 >11			ubyte		x		\b+
 >11			use		DOS-filename
 
-# http://en.wikipedia.org/wiki/Master_boot_record#PTE
+# https://en.wikipedia.org/wiki/Master_boot_record#PTE
 # display standard partition table
 0	name				partition-table
 #>0		ubyte		x	PARTITION-TABLE
@@ -10027,20 +11126,20 @@
 0x18b	string	OS/2	OS/2 Boot Manager
 
 # updated by Joerg Jenderek at Oct 2008 and Sep 2012
-# http://syslinux.zytor.com/iso.php
+# https://syslinux.zytor.com/iso.php
 # tested with versions 1.47,1.48,1.49,1.50,1.62,1.76,2.00,2.10;3.00,3.11,3.31,;3.70,3.71,3.73,3.75,3.80,3.82,3.84,3.86,4.01,4.03 and 4.05
 # assembler instructions: cli;jmp 0:7Cyy (yy=0x40,0x5e,0x6c,0x6e,0x77);nop;nop
 0	ulequad&0x909000007cc0eafa	0x909000007c40eafa
 >631	search/689	ISOLINUX\ 	isolinux Loader
 >>&0	string		x		(version %-4.4s)
-# http://syslinux.zytor.com/pxe.php
+# https://syslinux.zytor.com/pxe.php
 # assembler instructions: jmp 7C05
 0	ulelong	0x007c05ea		pxelinux loader (version 2.13 or older)
 # assembler instructions: pushfd;pushad
 0	ulelong	0x60669c66		pxelinux loader
 # assembler instructions: jmp 05
 0	ulelong	0xc00005ea		pxelinux loader (version 3.70 or newer)
-# http://syslinux.zytor.com/wiki/index.php/SYSLINUX
+# https://syslinux.zytor.com/wiki/index.php/SYSLINUX
 0	string	LDLINUX\ SYS\ 		SYSLINUX loader
 >12	string	x			(older version %-4.4s)
 0	string	\r\nSYSLINUX\ 		SYSLINUX loader
@@ -10086,7 +11185,7 @@
 >0004	uleshort	x
 # ERRorTeXT
 >>181	search/166		Error\ \0\r\n				NetBSD mbr
-# NT Drive Serial Number http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DS
+# NT Drive Serial Number https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DS
 >>>0x1B8	ubelong		>0					\b,Serial 0x%-.8x
 # BOOTSEL definitions contains assembler instructions: int 0x13;pop dx;push dx;push dx
 >>>0xbb		search/71	\xcd\x13\x5a\x52\x52			\b,bootselector
@@ -10122,7 +11221,7 @@
 >>>398		string	Disk\ error\r\n\0FDD\0HDD\0
 >>>>419		string	\ EBIOS\r\n\0				AdvanceMAME mbr
 
-# Neil Turton mbr loader variant of http://www.chiark.greenend.org.uk/~neilt/mbr/
+# Neil Turton mbr loader variant of https://www.chiark.greenend.org.uk/~neilt/mbr/
 # added by Joerg Jenderek at Mar 2011 for versions 1.0.0 - 1.1.11
 # for 1st version assembler instructions:	cld;xor ax,ax;mov DS,ax;MOV ES,AX;mov SI,
 # or  	  	  	    			cld;xor ax,ax;mov SS,ax;XOR SP,SP;mov DS,
@@ -10135,7 +11234,7 @@
 >>>(0x1BC.s+9)		ubyte		x			\bVersion<=%u
 #>>>(0x1BC.s+8)		ubyte		x			asm_flag_%x
 >>>(0x1BC.s+8)		ubyte&1		1			\b,Y2K-Fix
-# variant used by testdisk of http://www.cgsecurity.org/wiki/Menu_MBRCode
+# variant used by testdisk of https://www.cgsecurity.org/wiki/Menu_MBRCode
 >>>(0x1BC.s+8)		ubyte&2		2			\b,TestDisk
 #0x1~1,..,0x8~4,0x10~F,0x80~A enabled
 #>>>(0x1BC.s+10)		ubyte		x			\b,flags 0x%x
@@ -10168,7 +11267,7 @@
 # added by Joerg Jenderek
 # In the second sector (+0x200) are variables according to grub-0.97/stage2/asm.S or
 # grub-1.94/kern/i386/pc/startup.S
-# http://www.gnu.org/software/grub/manual/grub.html#Embedded-data
+# https://www.gnu.org/software/grub/manual/grub.html#Embedded-data
 # usual values are marked with comments to get only informations of strange GRUB loaders
 0x200	uleshort		0x70EA
 # found only version 3.{1,2}
@@ -10223,7 +11322,7 @@
 # DOS x86 sector updated and separated from "DOS/MBR boot sector" by Joerg Jenderek at May 2011
 # JuMP short     bootcodeoffset NOP assembler instructions will usually be EB xx 90
 # over BIOS parameter block (BPB)
-# http://thestarman.pcministry.com/asm/2bytejumps.htm#FWD
+# https://thestarman.pcministry.com/asm/2bytejumps.htm#FWD
 # older drives may use Near JuMP instruction E9 xx xx
 # minimal short forward jump found 0x29 for bootloaders or 0x0
 # maximal short forward jump is 0x7f
@@ -10276,7 +11375,7 @@
 >>>>>26		ubyte		=1		\b, heads %u
 # valid only for sector sizes with more then 32 Bytes
 >>>>>11		uleshort	>32
-# http://en.wikipedia.org/wiki/Design_of_the_FAT_file_system#Extended_BIOS_Parameter_Block
+# https://en.wikipedia.org/wiki/Design_of_the_FAT_file_system#Extended_BIOS_Parameter_Block
 # skip for values 2,2Ah,70h,73h,DFh
 # and continue for extended boot signature values 0,28h,29h,80h
 >>>>>>38	ubyte&0x56	=0
@@ -10338,7 +11437,7 @@
 # FAT32 bit specific
 >>>>>82		string/c	fat32		\b, FAT (32 bit)
 >>>>>>36	ulelong		x		\b, sectors/FAT %u
-# http://technet.microsoft.com/en-us/library/cc977221.aspx
+# https://technet.microsoft.com/en-us/library/cc977221.aspx
 >>>>>>40	uleshort	>0		\b, extension flags 0x%x
 #>>>>>>40	uleshort	=0		\b, extension flags %hu
 >>>>>>42	uleshort	>0		\b, fsVersion %u
@@ -10355,7 +11454,7 @@
 #>>>>>>50	uleshort	=6		\b, Backup boot sector %u (usual)
 >>>>>>50	default		x
 >>>>>>>50	uleshort	x		\b, Backup boot sector %u
-# corrected by Joerg Jenderek at Feb 2011 according to http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
+# corrected by Joerg Jenderek at Feb 2011 according to https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
 >>>>>>52	ulelong		>0		\b, reserved1 0x%x
 >>>>>>56	ulelong		>0		\b, reserved2 0x%x
 >>>>>>60	ulelong		>0		\b, reserved3 0x%x
@@ -10381,7 +11480,7 @@
 >>>>>>>(11.s)	ulelong&0x00ffffF0	0x00ffffF0	\b, followed by FAT
 # floppy image
 !:mime application/x-ima
-# NTFS specific added by Joerg Jenderek at Mar 2011 according to http://thestarman.pcministry.com/asm/mbr/NTFSBR.htm
+# NTFS specific added by Joerg Jenderek at Mar 2011 according to https://thestarman.pcministry.com/asm/mbr/NTFSBR.htm
 # and http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/bios-parameter-block.html
 # 0 FATs
 >>>>>16	ubyte		=0
@@ -10412,18 +11511,39 @@
 >>>>>>>>>72	ulequad		x		\b, serial number 0%llx
 >>>>>>>>>80	ulelong		>0		\b, checksum 0x%x
 #>>>>>>>>>80	ulelong		=0		\b, checksum 0x%x=0 (usual)
->>>>>>>>>0x258	ulelong&0x00009090	=0x00009090
->>>>>>>>>>&-92		indirect	x	\b; contains
-# For 2nd NTFS sector added by Joerg Jenderek at Jan 2013
-# http://thestarman.pcministry.com/asm/mbr/NTFSbrHexEd.htm
-# unused assembler instructions JMP y2;NOP;NOP
-0x056		ulelong&0xFFFF0FFF	0x909002EB
-# unicode loadername terminated by CTRL-D
->(0.s*2)	ulelong&0xFFFFFF00	0x00040000
+# unicode loadername size jump
+>>>>>>>>>(0x200.s*2)	ubyte				x
+# in next sector loadername terminated by unicode CTRL-D and $
+>>>>>>>>>>&0x1FF	ulequad&0x0000FFffFFffFF00	0x0000002400040000 \b; contains
+# if 2nd NTFS sectors is found then assume whole filesystem
+#!:mime		application/x-raw-disk-image
+!:ext		img/bin/ntfs
+>>>>>>>>>>>0x200	use				ntfs-sector2
+
+# For 2nd NTFS sector added by Joerg Jenderek at Jan 2013, Mar 2019
+# https://thestarman.pcministry.com/asm/mbr/NTFSbrHexEd.htm
+# unused assembler instructions short JMP y2;NOP;NOP
+0x056		ulelong&0xFFFF0FFF	0x909002EB	NTFS
+#!:mime		application/octet-stream
+!:ext		bin
+>0		use		ntfs-sector2
+# https://memory.dataram.com/products-and-services/software/ramdisk
+# assembler instructions JMP C000;NOP
+0x056		ulelong			0x9000c0e9	NTFS
+#!:mime		application/octet-stream
+!:ext		bin
+>0		use		ntfs-sector2
+# check for characteristics of second NTFS sector and then display loader name
+0		name		ntfs-sector2
+# number of utf16 characters of loadername
+>0		uleshort	<8
+# unused assembler instructions JMP y2;NOP;NOP or JMP C000;NOP
+>>0x056		ulelong&0xFF0000FD	0x900000E9
 # loadernames are NTLDR,CMLDR,PELDR,$LDR$ or BOOTMGR
->>0x002		lestring16	x	Microsoft Windows XP/VISTA bootloader %-5.5s
->>0x12		string		$
->>>0x0c		lestring16	x	\b%-2.2s
+>>>0x002		lestring16	x	bootstrap %-5.5s
+# check for 7 character length of loader name like BOOTMGR
+>>>0		uleshort	7
+>>>>0x0c	lestring16	x	\b%-2.2s
 ### DOS,NTFS boot sectors end
 
 # ntfsclone-image is a special save format for NTFS volumes,
@@ -10562,7 +11682,7 @@
 # ext2/ext3 filesystems - Andreas Dilger <adilger@dilger.ca>
 # ext4 filesystem - Eric Sandeen <sandeen@sandeen.net>
 # volume label and UUID Russell Coker
-# http://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
+# https://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
 0x438   leshort         0xEF53          Linux
 >0x44c  lelong          x               rev %d
 >0x43e  leshort         x               \b.%d
@@ -10674,7 +11794,7 @@
 ############################################################################
 # Minix-ST kernel floppy
 0x800	belong		0x46fc2700	Atari-ST Minix kernel image
-# http://en.wikipedia.org/wiki/BIOS_parameter_block
+# https://en.wikipedia.org/wiki/BIOS_parameter_block
 # floppies with valid BPB and any instruction at beginning
 >19	string		\240\005\371\005\0\011\0\2\0	\b, 720k floppy
 >19	string		\320\002\370\005\0\011\0\1\0	\b, 360k floppy
@@ -10744,7 +11864,7 @@
 #
 
 # all FAT12 (strength=70) floppies with sectorsize 512 added by Joerg Jenderek at Jun 2013
-# http://en.wikipedia.org/wiki/File_Allocation_Table#Exceptions
+# https://en.wikipedia.org/wiki/File_Allocation_Table#Exceptions
 # Too Weak.
 #512		ubelong&0xE0ffff00	0xE0ffff00
 # without valid Media descriptor in place of BPB, cases with are done at other places
@@ -10757,7 +11877,7 @@
 #>>512		ubyte			=0xfa			320k
 #>>512		ubyte			=0xfb			640k
 #>>512		ubyte			=0xfc			180k
-# look like an an old DOS directory entry
+# look like an old DOS directory entry
 #>>>0xA0E	ubequad			0
 #>>>>0xA00	ubequad			!0
 #!:mime application/x-ima
@@ -10788,26 +11908,26 @@
 # only x86 short jump instruction found
 #>>>0		ubyte			=0xEB
 #>>>>1		ubyte			x			\b, code offset 0x%x+2
-# http://thestarman.pcministry.com/DOS/ibm100/Boot.htm
+# https://thestarman.pcministry.com/DOS/ibm100/Boot.htm
 # assembler instructions: CLI;MOV AX,CS;MOV DS,AX;MOV DX,0
 #>>>>(1.b+2)	ubequad			0xfa8cc88ed8ba0000	\b, PC-DOS 1.0 bootloader
 # ibmbio.com+ibmdos.com
 #>>>>>0x176	use			DOS-filename
 #>>>>>0x181	ubyte			x			\b+
 #>>>>>0x182	use			DOS-filename
-# http://thestarman.pcministry.com/DOS/ibm110/Boot.htm
+# https://thestarman.pcministry.com/DOS/ibm110/Boot.htm
 # assembler instructions: CLI;MOV AX,CS;MOV DS,AX;XOR DX,DX;MOV
 #>>>>(1.b+2)	ubequad			0xfa8cc88ed833d28e	\b, PC-DOS 1.1 bootloader
 # ibmbio.com+ibmdos.com
 #>>>>>0x18b	use			DOS-filename
 #>>>>>0x196	ubyte			x			\b+
 #>>>>>0x197	use			DOS-filename
-# http://en.wikipedia.org/wiki/Zenith_Data_Systems
+# https://en.wikipedia.org/wiki/Zenith_Data_Systems
 # assembler instructions: MOV BX,07c0;MOV SS,BX;MOV SP,01c6
 #>>>>(1.b+2)	ubequad			0xbbc0078ed3bcc601	\b, Zenith Data Systems MS-DOS 1.25 bootloader
 # IO.SYS+MSDOS.SYS
 #>>>>>0x20	use			2xDOS-filename
-# http://en.wikipedia.org/wiki/Corona_Data_Systems
+# https://en.wikipedia.org/wiki/Corona_Data_Systems
 # assembler instructions: MOV AX,CS;MOV DS,AX;CLI;MOV SS,AX;
 #>>>>(1.b+2)	ubequad			0x8cc88ed8fa8ed0bc	\b, MS-DOS 1.25 bootloader
 # IO.SYS+MSDOS.SYS
@@ -10860,7 +11980,7 @@
 >307200	use cdrom
 
 # .cso files
-# Reference: http://pismotec.com/ciso/ciso.h
+# Reference: https://pismotec.com/ciso/ciso.h
 # NOTE: There are two other formats with the same magic but
 # completely incompatible specifications:
 # - GameCube/Wii CISO: https://github.com/dolphin-emu/dolphin/blob/master/Source/Core/DiscIO/CISOBlob.h
@@ -10869,10 +11989,13 @@
 # Other fields are used to determine what type of CISO this is:
 # - 0x04 == 0x00200000: GameCube/Wii CISO (block_size)
 # - 0x10 == 0x00000800: PSP CISO (ISO-9660 sector size)
+# - 0x10 == 0x00004000: For >2GB files using maxcso...
+# 			https://github.com/unknownbrackets/maxcso/issues/26
 # - None of the above: Compact ISO.
 >4	lelong	!0
 >>4	lelong	!0x200000
->>>0x10	lelong	!0x800		Compressed ISO CD image
+>>>16	lelong	!0x800
+>>>>16	lelong	!0x4000		Compressed ISO CD image
 
 # cramfs filesystem - russell@coker.com.au
 0       lelong    0x28cd3d45      Linux Compressed ROM File System data, little endian
@@ -11120,7 +12243,7 @@
 >984    string          x               volume label is '%-12.12s'
 
 # From: Thomas Klausner <wiz@NetBSD.org>
-# http://filext.com/file-extension/DAA
+# https://filext.com/file-extension/DAA
 # describes the daa file format. The magic would be:
 0	string		DAA\x0\x0\x0\x0\x0	PowerISO Direct-Access-Archive
 
@@ -11294,12 +12417,12 @@
 !:ext	imgc
 
 #------------------------------------------------------------------------------
-# $File: finger,v 1.2 2015/10/07 02:37:57 christos Exp $
+# $File: finger,v 1.3 2019/04/19 00:42:27 christos Exp $
 # fingerprint:  file(1) magic for fingerprint data
 # XPM bitmaps)
 #
 
-# http://cgit.freedesktop.org/libfprint/libfprint/tree/libfprint/data.c
+# https://cgit.freedesktop.org/libfprint/libfprint/tree/libfprint/data.c
 
 0	string	FP1		libfprint fingerprint data V1
 >3	beshort	x		\b, driver_id %x
@@ -11310,13 +12433,13 @@
 >5	belong	x		\b, devtype %x
 
 #------------------------------------------------------------------------------
-# $File: flash,v 1.14 2017/05/25 20:09:55 christos Exp $
+# $File: flash,v 1.15 2019/04/19 00:42:27 christos Exp $
 # flash:	file(1) magic for Macromedia Flash file format
 #
 # See
 #
-#	http://www.macromedia.com/software/flash/open/
-#	http://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/\
+#	https://www.macromedia.com/software/flash/open/
+#	https://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/\
 #	en/devnet/swf/pdf/swf-file-format-spec.pdf page 27
 #
 
@@ -11408,7 +12531,7 @@
 >>4	string	=d	\b, RGBA, interlaced
 
 #------------------------------------------------------------------------------
-# $File: fonts,v 1.38 2017/11/14 15:48:36 christos Exp $
+# $File: fonts,v 1.41 2019/05/05 16:44:04 christos Exp $
 # fonts:  file(1) magic for font data
 #
 0	search/1	FONT		ASCII vfont text
@@ -11425,7 +12548,7 @@
 
 # Summary:	PostScript Type 1 Printer Font Metrics
 # URL:		https://en.wikipedia.org/wiki/PostScript_fonts
-# Reference:	http://partners.adobe.com/public/developer/en/font/5178.PFM.pdf
+# Reference:	https://partners.adobe.com/public/developer/en/font/5178.PFM.pdf
 # Modified by:	Joerg Jenderek
 # Note:		moved from ./msdos magic
 # dfVersion 256=0100h
@@ -11488,7 +12611,7 @@
 0	search/1	STARTFONT\ 		X11 BDF font text
 
 # From: Joerg Jenderek
-# URL: http://grub.gibibit.com/New_font_format
+# URL: https://grub.gibibit.com/New_font_format
 # Reference: util/grub-mkfont.c
 #		include/grub/fontformat.h
 # FONT_FORMAT_SECTION_NAMES_FILE
@@ -11536,6 +12659,58 @@
 7	belong		0x00564944	DOS code page font data (from Linux?)
 4098	string		DOSFONT		DOSFONT2 encrypted font data
 
+# From: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/GEM_bitmap_font
+# Reference: http://cd.textfiles.com/ataricompendium/BOOK/HTML/APPENDC.HTM#cnt
+#
+# usual case with lightening mask and skewing mask 5555h~UU
+62	ulelong		0x55555555
+>0	use		gdos-font
+# BOX18.GFT COWBOY30.GFT ROYALK30.GFT
+62	ulelong		0
+# skip ISO 9660 CD-ROM ./filesystem by looking for low positive face size
+>2	uleshort	>2
+# skip DOS 2.0 backup id file ./msdos by looking for face size lower/equal 48
+>>2	uleshort	<49
+# skip MS Windows ICO ./msdos by looking for valid face name
+>>>4	ubeshort	>0x1F00
+# skip DOS executable BACKM212.COM by looking for horizontal offset table after header
+#>>>>68	ulelong		>87		OFFSET_OK
+>>>>0	use		gdos-font
+0	name		gdos-font
+>0	uleshort	x		GEM GDOS font
+!:mime	application/x-font-gdos
+# also .eps found like AA070GEP.EPS AI360GEP.EPS
+!:ext	fnt/gtf
+# font name like University Bold
+>4	string		x		%.32s
+# face size in points 3-48
+>2	uleshort	x		%u
+# face ID (must be unique)
+>0	uleshort	x		\b, ID 0x%4.4x
+# lowest character index in face (usually 32 for disk-loaded fonts).
+#>36	uleshort	x		\b, low character index %u
+# width of the widest character
+#>50	uleshort	x		\b, %u char width
+# width of the widest character cell
+#>52	uleshort	x		\b, %u cell width
+# thickening size
+#>58	uleshort	x		\b, %u thick
+# lightening mask to eliminate pixels, usually 5555h
+>62	uleshort	!0x5555		\b, lightening mask 0x%x
+# skewing mask to determine when to perform additional rotation when skewing, usually 5555h
+>64	uleshort	!0x5555		\b, skewing mask 0x%x
+# offset to horizontal offset table 58h~88 5eh
+#>68	ulelong		>88		\b, 0x%x horizontal table offset
+# offset character offset table
+#>72	ulelong		x		\b, 0x%x coffset
+# offset to font data
+#>72	ulelong		x		\b, 0x%x foffset
+# form width in bytes
+#>80	uleshort	x		\b, %u fwidth
+# pointer to the next font, set by GDOS after loading
+#>84	ulelong		x		\b, 0x%x noffset
+
 # downloadable fonts for browser (prints type) anthon@mnt.org
 # https://tools.ietf.org/html/rfc3073
 0	string		PFR1		Portable Font Resource font data (new)
@@ -11575,16 +12750,14 @@
 >>12	regex/4l	\^[A-Za-z][A-Za-z][A-Za-z/][A-Za-z2\ ]	
 #>>>0	ubelong	x	\b, sfnt version 0x%x
 >>>0	ubelong	!0x4f54544f	TrueType
-!:mime	application/font-sfnt
-#!:mime	font/ttf
+!:mime	font/sfnt
 !:apple	????tfil
 # .ttf for TrueType font
 # EUDC.tte created by privat character editor %WINDIR%\system32\eudcedit.exe
 !:ext	ttf/tte
 # sfnt version 4F54544Fh~OTTO
 >>>0	ubelong	=0x4f54544f	OpenType
-!:mime	application/font-sfnt
-#!:mime	font/otf
+!:mime	font/otf
 !:apple	????OTTO
 !:ext	otf
 >>>0	ubelong	x		Font data
@@ -11665,7 +12838,7 @@
 
 # TrueType/OpenType font collections (.ttc)
 # URL: https://en.wikipedia.org/wiki/OpenType
-# http://www.microsoft.com/typography/otspec/otff.htm
+# https://www.microsoft.com/typography/otspec/otff.htm
 # Modified by: Joerg Jenderek
 # Note:	container for TrueType, OpenType font
 0	string		ttcf
@@ -11673,17 +12846,16 @@
 >4	ubyte		0		
 # sfnt version often 0x00010000 of 1st table is TrueType
 >>(12.L)	ubelong	!0x4f54544f	TrueType
-#!:mime	font/ttf
+!:mime	font/ttf
 !:apple	????tfil
 !:ext	ttc
 # sfnt version 4F54544Fh~OTTO of 1st table is OpenType font 
 >>(12.L)	ubelong	=0x4f54544f	OpenType
-#!:mime	font/otf
+!:mime	font/otf
 !:apple	????OTTO
 # no example found for otc
 !:ext	ttc/otc
 >>4	ubyte		x		font collection data
-!:mime	application/font-sfnt
 #!:mime	font/collection
 # TCC version
 >>4	belong		0x00010000	\b, 1.0
@@ -11728,12 +12900,12 @@
 #>14	beshort		x		\b, reserved %d
 #>16	belong		x		\b, totalSfntSize %d
 
-# http://www.w3.org/TR/WOFF/
+# https://www.w3.org/TR/WOFF/
 0	string		wOFF	Web Open Font Format
 >0	use		woff
 >20	beshort		x	\b, version %d
 >22	beshort		x	\b.%d
-# http://www.w3.org/TR/WOFF2/
+# https://www.w3.org/TR/WOFF2/
 0	string		wOF2	Web Open Font Format (Version 2)
 >0	use		woff
 #>20	belong		x	\b, totalCompressedSize %d
@@ -11944,7 +13116,7 @@
 >>11	byte	x		%d chars high
 
 #------------------------------------------------------------------------------
-# $File: fsav,v 1.14 2017/03/17 21:35:28 christos Exp $
+# $File: fsav,v 1.19 2019/04/19 00:42:27 christos Exp $
 # fsav:  file(1) magic for datafellows fsav virus definition files
 # Anthon van der Neut (anthon@mnt.org)
 
@@ -11984,23 +13156,64 @@
 #>>>>>>13	ubyte	x		\b%02x bytes
 
 # Joerg Jenderek: joerg dot jenderek at web dot de
-# http://www.clamav.net/doc/latest/html/node45.html
-# .cvd files start with a 512 bytes colon separated header
+# clamav-0.100.2\docs\html\node60.html 
+# https://github.com/vrtadmin/clamav-faq/raw/master/manual/clamdoc.pdf
+# ClamAV virus database files start with a 512 bytes colon separated header
 # ClamAV-VDB:buildDate:version:signaturesNumbers:functionalityLevelRequired:MD5:Signature:builder:buildTime
-# + gzipped tarball files
-0	string		ClamAV-VDB:
->11	string		>\0		Clam AntiVirus database %-.23s
->>34	string		:
->>>35		string		!:	\b, version
->>>>35		string		x 	\b%-.1s
->>>>>36		string 		!:
->>>>>>36	string		x 	\b%-.1s
->>>>>>>37	string		!:
->>>>>>>>37	string		x 	\b%-.1s
->>>>>>>>>38	string		!:
->>>>>>>>>>38	string		x 	\b%-.1s
->512	string		\037\213	\b, gzipped
->769	string		ustar\0		\b, tarred
+# + gzipped (optional) tarball files
+# output can often be verified by `sigtool --info=FILE`
+0	string		ClamAV-VDB:	Clam AntiVirus
+# padding spaces implies database
+>511	ubyte		=0x20		database
+!:mime	application/x-clamav-database
+# empty build time
+>>10	string		=::		(unsigned)
+# sigtool(1) man page
+!:ext	cud
+# display some text to avoid error like:
+# Magdir/fsav, 78: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files! (No error)
+>>10	default		x		(with buildtime)
+#>>10	default		x
+# clamtmp is used for temporily database like update process
+# for pure tar database only cld extension found
+!:ext	cld/cvd/clamtmp/cud
+>511	default		x		file
+!:mime	application/x-clamav
+!:ext	info
+>11	string		>\0
+# buildDate empty or like "22 Mar 2017 12-57 -0400"; verified by `sigtool -i FILE`
+>>11	regex		\^[^:]{0,23}	\b, %s
+# version like 25170
+>>>&1	regex		\^[^:]{1,6}	\b, version %s
+# signaturesNumbers like 4566249
+>>>>&1	regex		\^[^:]{1,10}	\b, %s signatures
+# functionalityLevelRequired like 60
+>>>>>&1	regex		\^[^:]{1,4}	\b, level %s
+# X for nothing or MD5
+#>>>>>>&1	regex	\^[^:]{1,32}	\b, MD5 "%s"
+>>>>>>&1	regex	\^[^:]{1,32}
+# X for nothing or digital signature starting like AIzk/LYbX
+#>>>>>>>&1	regex	\^[^:]{1,255}	\b, signature "%s"
+>>>>>>>&1	regex	\^[^:]{1,255}
+# builder like neo
+>>>>>>>>&1	regex	\^[^:]{1,32}	\b, builder %s
+# buildTime like 1506611558
+#>>>>>>>>>&1	regex	\^[^:]{1,10}	\b, %s
+>>>>>>>>>&1	regex	\^[^:]{1,10}	
+# padding with spaces
+#>>>>>>>>>>&1	ubequad	x		\b, padding 0x%16.16llx
+>510	ubyte		=0x20
+# inspect real database content
+#>>512	ubeshort	x		\b, database MAGIC 0x%x
+# ./archive handle pure tar archives
+>>1012	quad		=0		\b, with
+>>>512	use		tar-file
+# not pure tar
+>>1012	quad		!0
+# one space at the end of text and then handles gziped archives by ./compress
+>>>512	string		\037\213	\b, with 
+>>>>512	indirect	x
 
 # Type: Grisoft AVG AntiVirus
 # From: David Newgas <david@newgas.net>
@@ -12009,6 +13222,27 @@
 0	string	X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR
 >33	string	-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*	EICAR virus test files
 
+# From: Joerg Jenderek
+# URL: https://www.avira.com/
+# Note: found in directory %ProgramData%\Avira\Antivirus\INFECTED (Windows)
+# tested with version 15.0.43.23 at November 2019
+0	string		AntiVir\ Qua	Avira AntiVir quarantined
+!:mime	application/x-avira-qua
+#!:mime	application/octet-stream
+!:ext	qua
+>156	string		SUSPICIOUS_FILE
+# file path of suspicious file
+>>220	lestring16	x		%s
+>156	string		!SUSPICIOUS_FILE
+# file path of virus file
+>>228	lestring16	x		%s
+# quarantined date
+>60	ldate		x		at %s
+# virus/danger name
+>156	string		!SUSPICIOUS_FILE
+>>156	string		x		\b, category "%s"
+
+
 #------------------------------------------------------------------------------
 # $File: fusecompress,v 1.2 2011/08/08 09:05:55 christos Exp $
 # fusecompress:   file(1) magic for fusecompress
@@ -12022,7 +13256,7 @@
 >4	long	x	uncompressed size: %d
 
 #------------------------------------------------------------------------------
-# $File: games,v 1.16 2017/10/19 16:40:37 christos Exp $
+# $File: games,v 1.17 2019/04/19 00:42:27 christos Exp $
 # games:  file(1) for games
 
 # Fabio Bonelli <fabiobonelli@libero.it>
@@ -12233,7 +13467,7 @@
 
 # Summary: SGF Smart Game Format
 # Extension: .sgf
-# Reference: http://www.red-bean.com/sgf/
+# Reference: https://www.red-bean.com/sgf/
 # Created by: Eduardo Sabbatella <eduardo_sabbatella@yahoo.com.ar>
 # Modified by (1): Abel Cheung (regex, more game format)
 # FIXME: Some games don't have GM (game type)
@@ -12303,7 +13537,7 @@
 >>&0		regex		[0-9a-z.]+				\b, version %s
 
 # Type:	SGF Smart Game Format
-# URL:	http://www.red-bean.com/sgf/
+# URL:	https://www.red-bean.com/sgf/
 # From:	Eduardo Sabbatella <eduardo_sabbatella@yahoo.com.ar>
 2	regex/c	\\(;.*GM\\[[0-9]{1,2}\\]	Smart Game Format
 >2	regex/c	GM\\[1\\]			- Go Game
@@ -12350,7 +13584,7 @@
 0		lelong		0x20010324 	gconv module configuration cache data
 
 #------------------------------------------------------------------------------
-# $File: geo,v 1.6 2018/03/11 00:48:16 christos Exp $
+# $File: geo,v 1.7 2019/04/19 00:42:27 christos Exp $
 # Geo- files from Kurt Schwehr <schwehr@ccom.unh.edu>
 
 ######################################################################
@@ -12399,7 +13633,7 @@
 
 ######################################################################
 #
-# MULTIBEAM SONARS http://www.ldeo.columbia.edu/res/pi/MB-System/formatdoc/
+# MULTIBEAM SONARS https://www.ldeo.columbia.edu/res/pi/MB-System/formatdoc/
 #
 ######################################################################
 
@@ -12417,11 +13651,11 @@
 # format. It is the format of our upgraded SeaBeam 2112 on R/V KNORR.
 0    string $HSF    XSE multibeam
 
-# mb121 http://www.saic.com/maritime/gsf/
+# mb121 https://www.saic.com/maritime/gsf/
 8	string	GSF-v	SAIC generic sensor format (GSF) sonar data,
 >&0	regex [0-9]*\.[0-9]*	version %s
 
-# MGD77 - http://www.ngdc.noaa.gov/mgg/dat/geodas/docs/mgd77.htm
+# MGD77 - https://www.ngdc.noaa.gov/mgg/dat/geodas/docs/mgd77.htm
 # mb161
 9	string MGD77	MGD77 Header, Marine Geophysical Data Exchange Format
 
@@ -12454,7 +13688,7 @@
 # https://midas.psi.ch/elog/
 0	string	$@MID@$	elog journal entry
 
-# Geospatial Designs http://www.geospatialdesigns.com/surfer6_format.htm
+# Geospatial Designs https://www.geospatialdesigns.com/surfer6_format.htm
 0	string		DSBB	Surfer 6 binary grid file
 >4	leshort		x	\b, %d
 >6	leshort		x	\bx%d
@@ -12467,7 +13701,7 @@
 
 # magic for LAS format files
 # alex myczko <alex@aiei.ch>
-# http://www.asprs.org/wp-content/uploads/2010/12/LAS_1_3_r11.pdf
+# https://www.asprs.org/wp-content/uploads/2010/12/LAS_1_3_r11.pdf
 0	string		LASF	LIDAR point data records
 >24	byte		>0	\b, version %u
 >25	byte		>0	\b.%u
@@ -12547,7 +13781,28 @@
 0	string	#\040GIMP\040Curves\040File	GIMP curve file
 
 #------------------------------------------------------------------------------
-# $File: gnome,v 1.5 2014/04/30 21:41:02 christos Exp $
+# $File: glibc,v 1.1 2018/10/11 15:35:43 christos Exp $
+# glibc locale files
+#
+# https://sourceware.org/git/?p=glibc.git;f=locale/localeinfo.h;h=68822a63#l32
+
+0	belong	0x20070920	glibc locale file LC_CTYPE
+0	belong	0x14110320	glibc locale file LC_NUMERIC
+0	belong	0x17110320	glibc locale file LC_TIME
+0	belong	0x17100520	glibc locale file LC_COLLATE
+0	belong	0x11110320	glibc locale file LC_MONETARY
+0	belong	0x10110320	glibc locale file LC_MESSAGES
+0	belong	0x13110320	glibc locale file LC_ALL
+0	belong	0x12110320	glibc locale file LC_PAPER
+0	belong	0x1d110320	glibc locale file LC_NAME
+0	belong	0x1c110320	glibc locale file LC_ADDRESS
+0	belong	0x1f110320	glibc locale file LC_TELEPHONE
+0	belong	0x1e110320	glibc locale file LC_MEASUREMENT
+0	belong	0x19110320	glibc locale file LC_IDENTIFICATION
+
+
+#------------------------------------------------------------------------------
+# $File: gnome,v 1.6 2019/04/19 00:42:27 christos Exp $
 # GNOME related files
 
 # Contributed by Josh Triplett
@@ -12589,7 +13844,7 @@
 # It's always "GVariant", it's byte swapped on incompatible archs
 # See https://github.com/GNOME/gvdb/blob/master/gvdb-builder.c
 # file_builder_serialise()
-# http://developer.gnome.org/glib/2.34/glib-GVariant.html#GVariant
+# https://developer.gnome.org/glib/2.34/glib-GVariant.html#GVariant
 0	string	GVariant	GVariant Database file,
 # version is never filled. probably future extension
 >8	lelong	x		version %d
@@ -12598,7 +13853,7 @@
 #>>>20	lelong	x		end %d
 
 # G-IR database made by gobject-introspect toolset,
-# http://live.gnome.org/GObjectIntrospection
+# https://live.gnome.org/GObjectIntrospection
 0	string		GOBJ\nMETADATA\r\n\032	G-IR binary database
 >16	byte		x			\b, v%d
 >17	byte		x			\b.%d
@@ -12606,7 +13861,7 @@
 >22	leshort		x			\b/%d local
 
 #------------------------------------------------------------------------------
-# $File: gnu,v 1.20 2018/02/24 16:11:23 christos Exp $
+# $File: gnu,v 1.21 2019/04/19 00:42:27 christos Exp $
 # gnu:  file(1) magic for various GNU tools
 #
 # GNU nlsutils message catalog file format
@@ -12754,7 +14009,7 @@
 
 
 # GnuPG Keybox file
-# <http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=kbx/keybox-blob.c;hb=HEAD>
+# <https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=kbx/keybox-blob.c;hb=HEAD>
 # From: Philipp Hahn <hahn@univention.de>
 0	belong	32
 >4	byte	1
@@ -13081,8 +14336,8 @@
 # end of ACE/gr and Grace type files - PLEASE DO NOT REMOVE THIS LINE
 
 #------------------------------------------------------------------------------
-# $File: graphviz,v 1.8 2014/06/03 19:01:34 christos Exp $
-# graphviz:  file(1) magic for http://www.graphviz.org/
+# $File: graphviz,v 1.9 2019/04/30 04:01:40 christos Exp $
+# graphviz:  file(1) magic for https://www.graphviz.org/
 
 # FIXME: These patterns match too generally. For example, the first
 # line matches a LaTeX file containing the word "graph" (with a {
@@ -13141,10 +14396,10 @@
 >3	string		>3		v.%.1s (unknown details)
 
 #------------------------------------------------------------------------------
-# $File: guile,v 1.1 2011/12/16 17:44:33 christos Exp $
+# $File: guile,v 1.2 2019/04/19 00:42:27 christos Exp $
 # Guile file magic from <dalepsmith@gmail.com>
-# http://www.gnu.org/s/guile/
-# http://git.savannah.gnu.org/gitweb/?p=guile.git;f=libguile/_scm.h;hb=HEAD#l250
+# https://www.gnu.org/s/guile/
+# https://git.savannah.gnu.org/gitweb/?p=guile.git;f=libguile/_scm.h;hb=HEAD#l250
 
 0	string	GOOF----	Guile Object
 >8	string	LE		\b, little endian
@@ -13154,7 +14409,19 @@
 >13	regex	.\..		\b, bytecode v%s
 
 #------------------------------------------------------------------------------
-# $File: hitachi-sh,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: hardware,v 1.1 2018/08/02 06:32:52 christos Exp $
+# hardware magic
+
+# EDID
+# https://en.wikipedia.org/wiki/Extended_Display_Identification_Data
+0	string		\x00\xFF\xFF\xFF\xFF\xFF\xFF\x00
+>19	byte		x
+>>18	byte		x	EDID data, version %u.
+>>19	byte		x	\b%u
+#>>17	ubyte+1990	<255	\b, manufactured %u
+
+#------------------------------------------------------------------------------
+# $File: hitachi-sh,v 1.9 2018/08/21 12:48:41 christos Exp $
 # hitach-sh: file(1) magic for Hitachi Super-H
 #
 # Super-H COFF
@@ -13172,6 +14439,7 @@
 # use big endian variant of subroutine to display name+variables+flags
 # for common object formated files
 >>0	use				\^display-coff
+!:strength -10
 
 0	leshort		0x0550
 # test for unused flag bits in f_flags
@@ -13179,10 +14447,11 @@
 # use little endian variant of subroutine to
 # display name+variables+flags for common object formated files
 >>0	use				display-coff
+!:strength -10
 
 
 #------------------------------------------------------------------------------
-# $File: hp,v 1.24 2014/04/30 21:41:02 christos Exp $
+# $File: hp,v 1.25 2019/01/13 00:32:38 christos Exp $
 # hp:  file(1) magic for Hewlett Packard machines (see also "printer")
 #
 # XXX - somebody should figure out whether any byte order needs to be
@@ -13302,12 +14571,6 @@
 0	belong 		0x020b010d	PA-RISC1.0 dynamic load library
 >96	belong		>0		- not stripped
 
-0	belong		0x213c6172	archive file
->68	belong 		0x020b0619	- PA-RISC1.0 relocatable library
->68	belong	 	0x02100619	- PA-RISC1.1 relocatable library
->68	belong 		0x02110619	- PA-RISC1.2 relocatable library
->68	belong 		0x02140619	- PA-RISC2.0 relocatable library
-
 #### 500
 0	long		0x02080106	HP s500 relocatable executable
 >16	long		>0		- version %d
@@ -13695,7 +14958,7 @@
 >24	belong		>0		- version %d
 
 #------------------------------------------------------------------------------
-# $File: ibm6000,v 1.13 2017/03/17 21:35:28 christos Exp $
+# $File: ibm6000,v 1.14 2019/03/07 17:21:54 christos Exp $
 # ibm6000:  file(1) magic for RS/6000 and the RT PC.
 #
 0	beshort		0x01df		executable (RISC System/6000 V3.1) or obj module
@@ -13712,6 +14975,8 @@
 0	belong		0x000001f9	AIX compiled message catalog
 0	string		\<aiaff>	archive
 0	string		\<bigaf>	archive (big format)
+0	belong		0x09006bea	AIX backup/restore format file
+0	belong		0x09006fea	AIX backup/restore format file
 
 0	beshort		0x01f7		64-bit XCOFF executable or object module
 >20	belong		0		not stripped
@@ -14013,7 +15278,7 @@
 !:mime	application/x-blorb
 
 #------------------------------------------------------------------------------
-# $File: images,v 1.131 2018/02/16 15:44:28 christos Exp $
+# $File: images,v 1.160 2019/04/19 00:42:27 christos Exp $
 # images:  file(1) magic for image formats (see also "iff", and "c-lang" for
 # XPM bitmaps)
 #
@@ -14040,23 +15305,25 @@
 # and Image Type 1 2 3 9 10 11 32 33
 # and Color Map Entry Size 0 15 16 24 32
 0	ubequad&0x00FeC400000000C0	0
+# Prevent conflicts with CRI ADX.
+>(2.S-2) belong	!0x28632943
 # skip more garbage like *.iso by looking for positive image type
->2	ubyte			>0
+>>2	ubyte			>0
 # skip some compiled terminfo like xterm+tmux by looking for image type less equal 33
->>2	ubyte			<34
+>>>2	ubyte			<34
 # skip arches.3200 , Finder.Root , Slp.1 by looking for low pixel depth 1 8 15 16 24 32
->>>16	ubyte			1
->>>>0		use		tga-image
->>>16	ubyte			8
->>>>0		use		tga-image
->>>16	ubyte			15
->>>>0		use		tga-image
->>>16	ubyte			16
->>>>0		use		tga-image
->>>16	ubyte			24
->>>>0		use		tga-image
->>>16	ubyte			32
->>>>0		use		tga-image
+>>>>16	ubyte			1
+>>>>>0		use		tga-image
+>>>>16	ubyte			8
+>>>>>0		use		tga-image
+>>>>16	ubyte			15
+>>>>>0		use		tga-image
+>>>>16	ubyte			16
+>>>>>0		use		tga-image
+>>>>16	ubyte			24
+>>>>>0		use		tga-image
+>>>>16	ubyte			32
+>>>>>0		use		tga-image
 #	display tga bitmap image information
 0	name				tga-image
 >2	ubyte		<34		Targa image data
@@ -14187,43 +15454,43 @@
 0	search/1	P1
 >0	regex/4		P1[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, bitmap
-!:strength + 45
+>>0	string		x	\b, bitmap
+!:strength + 65
 !:mime	image/x-portable-bitmap
 
 0	search/1	P2
 >0	regex/4		P2[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, greymap
-!:strength + 45
+>>0	string		x	\b, greymap
+!:strength + 65
 !:mime	image/x-portable-greymap
 
 0	search/1	P3
 >0	regex/4		P3[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, pixmap
-!:strength + 45
+>>0	string		x	\b, pixmap
+!:strength + 65
 !:mime	image/x-portable-pixmap
 
 0	string		P4
 >0	regex/4		P4[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, bitmap
-!:strength + 45
+>>0	string		x	\b, rawbits, bitmap
+!:strength + 65
 !:mime	image/x-portable-bitmap
 
 0	string		P5
 >0	regex/4		P5[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, greymap
-!:strength + 45
+>>0	string		x	\b, rawbits, greymap
+!:strength + 65
 !:mime	image/x-portable-greymap
 
 0	string		P6
 >0	regex/4		P6[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, pixmap
-!:strength + 45
+>>0	string		x	\b, rawbits, pixmap
+!:strength + 65
 !:mime	image/x-portable-pixmap
 
 0	string		P7		Netpbm PAM image file
@@ -14248,7 +15515,7 @@
 # Canon RAW version 1 (CRW) files are a type of Canon Image File Format
 # (CIFF) file. These are apparently all little-endian.
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://www.sno.phy.queensu.ca/~phil/exiftool/canon_raw.html
+# URL: https://www.sno.phy.queensu.ca/~phil/exiftool/canon_raw.html
 0	string		II\x1a\0\0\0HEAPCCDR	Canon CIFF raw image data
 !:mime	image/x-canon-crw
 >16	leshort		x	\b, version %d.
@@ -14258,9 +15525,10 @@
 # number. Put this above the TIFF test to make sure we detect them.
 # These are apparently all little-endian.
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://libopenraw.freedesktop.org/wiki/Canon_CR2
+# URL: https://libopenraw.freedesktop.org/wiki/Canon_CR2
 0	string		II\x2a\0\x10\0\0\0CR	Canon CR2 raw image data
 !:mime	image/x-canon-cr2
+!:strength +80
 >10	byte		x	\b, version %d.
 >11	byte		x	\b%d
 
@@ -14268,10 +15536,12 @@
 # The second word of TIFF files is the TIFF version number, 42, which has
 # never changed.  The TIFF specification recommends testing for it.
 0	string		MM\x00\x2a	TIFF image data, big-endian
+!:strength +70
 !:mime	image/tiff
 >(4.L)	use		\^tiff_ifd
 0	string		II\x2a\x00	TIFF image data, little-endian
 !:mime	image/tiff
+!:strength +70
 >(4.l)	use		tiff_ifd
 
 0	name		tiff_ifd
@@ -14448,6 +15718,7 @@
 # Standard PNG image.
 0	string		\x89PNG\x0d\x0a\x1a\x0a\x00\x00\x00\x0DIHDR	PNG image data
 !:mime	image/png
+!:ext   png
 !:strength +10
 >16	use		png-ihdr
 
@@ -14455,6 +15726,7 @@
 0	string		\x89PNG\x0d\x0a\x1a\x0a\x00\x00\x00\x04CgBI
 >24	string  	\x00\x00\x00\x0DIHDR	PNG image data (CgBI)
 !:mime	image/png
+!:ext   png
 !:strength +10
 >>32	use		png-ihdr
 
@@ -14477,7 +15749,9 @@
 !:mime	image/x-unknown
 
 # GIF
+# Strength set up to beat 0x55AA DOS/MBR signature word lookups (+65)
 0	string		GIF8		GIF image data
+!:strength +80
 !:mime	image/gif
 !:apple	8BIMGIFf
 >4	string		7a		\b, version 8%s,
@@ -14574,7 +15848,7 @@
 # at offset 8 starts imagedata followed by "RGB " marker
 
 # PC bitmaps (OS/2, Windows BMP files)  (Greg Roelofs, newt@uchicago.edu)
-# http://en.wikipedia.org/wiki/BMP_file_format#DIB_header_.\
+# https://en.wikipedia.org/wiki/BMP_file_format#DIB_header_.\
 # 28bitmap_information_header.29
 0	string		BM
 >14	leshort		12		PC bitmap, OS/2 1.x format
@@ -14693,6 +15967,8 @@
 # data and image transfer, storage, etc., for the astronomical community.
 # (FITS floating point formats are big-endian.)
 0	string	SIMPLE\ \ =	FITS image data
+!:mime	image/fits
+!:ext	fits/fts
 >109	string	8		\b, 8-bit, character or unsigned binary integer
 >108	string	16		\b, 16-bit, two's complement binary integer
 >107	string	\ 32		\b, 32-bit, two's complement binary integer
@@ -14762,7 +16038,7 @@
 >5	byte	0xFF		(black background)
 
 # From: Alex Myczko <alex@aiei.ch>
-# http://www.atarimax.com/jindroush.atari.org/afmtatr.html
+# https://www.atarimax.com/jindroush.atari.org/afmtatr.html
 0	leshort	0x0296		Atari ATR image
 
 # XXX:
@@ -14788,8 +16064,8 @@
 
 # PCX image files
 # From: Dan Fandrich <dan@coneharvesters.com>
-# updated by Joerg Jenderek at Feb 2013 by http://de.wikipedia.org/wiki/PCX
-# http://web.archive.org/web/20100206055706/http://www.qzx.com/pc-gpe/pcx.txt
+# updated by Joerg Jenderek at Feb 2013 by https://de.wikipedia.org/wiki/PCX
+# https://web.archive.org/web/20100206055706/http://www.qzx.com/pc-gpe/pcx.txt
 # GRR: original test was still too general as it catches xbase examples T5.DBT,T6.DBT with 0xa000000
 # test for bytes 0x0a,version byte (0,2,3,4,5),compression byte flag(0,1), bit depth (>0) of PCX or T5.DBT,T6.DBT
 0	ubelong&0xffF8fe00	0x0a000000
@@ -14856,7 +16132,7 @@
 # Update: Joerg Jenderek
 # See http://fileformats.archiveteam.org/wiki/GEM_Raster
 # For variations, also see:
-#    http://www.seasip.info/Gem/ff_img.html (Ventura)
+#    https://www.seasip.info/Gem/ff_img.html (Ventura)
 #    http://www.atari-wiki.com/?title=IMG_file (XIMG, STTT)
 #    http://www.fileformat.info/format/gemraster/spec/index.htm (XIMG, STTT)
 #    http://sylvana.net/1stguide/1STGUIDE.ENG (TIMG)
@@ -14884,7 +16160,7 @@
 0   name        gem_info
 # version is 2 for some XIMG and 1 for all others
 >0	beshort		<0x0003		GEM
-# http://www.snowstone.org.uk/riscos/mimeman/mimemap.txt
+# https://www.snowstone.org.uk/riscos/mimeman/mimemap.txt
 !:mime	image/x-gem
 # header_size 24 25 27 59 779 words for colored bitmaps
 >>2	beshort		>9
@@ -15027,8 +16303,8 @@
 # and related image processing software used by biologists.
 # From: Vebjorn Ljosa <vebjorn@ljosa.com>
 # BOOL values are two-byte integers; use them to rule out false positives.
-# http://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt
-# Samples: http://www.loci.wisc.edu/software/sample-data
+# https://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt
+# Samples: https://www.loci.wisc.edu/software/sample-data
 14	leshort <2
 >62	leshort <2
 >>54	leshort 12345		Bio-Rad .PIC Image File
@@ -15059,7 +16335,7 @@
 
 # Originally by Marc Espie
 # Modified by Robert Minsk <robertminsk at yahoo.com>
-# http://www.openexr.com/openexrfilelayout.pdf
+# https://www.openexr.com/openexrfilelayout.pdf
 0	lelong		20000630	OpenEXR image data,
 !:mime image/x-exr
 >4	lelong&0x000000ff x		version %d,
@@ -15123,7 +16399,7 @@
 >768	beshort		7	bottom to top/right to left
 
 # From: Tom Hilinski <tom.hilinski@comcast.net>
-# http://www.unidata.ucar.edu/packages/netcdf/
+# https://www.unidata.ucar.edu/packages/netcdf/
 0	string	CDF\001			NetCDF Data Format data
 
 #-----------------------------------------------------------------------
@@ -15148,7 +16424,7 @@
 # http://www.xara.com/ for Windows and as GPL application for Linux
 0	string	XARA\243\243	Xara graphics file
 
-# http://www.cartesianinc.com/Tech/
+# https://www.cartesianinc.com/Tech/
 0	string	CPC\262		Cartesian Perceptual Compression image
 !:mime	image/x-cpi
 
@@ -15217,8 +16493,8 @@
 # extension is also used for
 # Sony SRF raw image (image/x-sony-srf)
 # SRF map
-# Terragen Surface Map (http://www.planetside.co.uk/terragen)
-# FileLocator Pro search criteria file (http://www.mythicsoft.com/filelocatorpro)
+# Terragen Surface Map (https://www.planetside.co.uk/terragen)
+# FileLocator Pro search criteria file (https://www.mythicsoft.com/filelocatorpro)
 !:ext srf
 #!:mime	image/x-garmin-srf
 # version 1.00,2.00,2.10,2.40,2.50
@@ -15239,7 +16515,7 @@
 0	string	Xcur			X11 cursor
 
 # Type:	Olympus ORF raw images.
-# URL:	http://libopenraw.freedesktop.org/wiki/Olympus_ORF
+# URL:	https://libopenraw.freedesktop.org/wiki/Olympus_ORF
 # From:	Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string		MMOR		Olympus ORF raw image data, big-endian
 !:mime	image/x-olympus-orf
@@ -15260,7 +16536,7 @@
 #!mime	image/vnd.radiance
 
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://www.mpi-inf.mpg.de/resources/pfstools/pfs_format_spec.pdf
+# URL: https://www.mpi-inf.mpg.de/resources/pfstools/pfs_format_spec.pdf
 # Used by the pfstools packages. The regex matches for the image size could
 # probably use some work. The MIME type is made up; if there's one in
 # actual common use, it should replace the one below.
@@ -15270,7 +16546,7 @@
 >>1	regex	\ [0-9]{4}		\bx%s
 
 # Type: Foveon X3F
-# URL:  http://www.photofo.com/downloads/x3f-raw-format.pdf
+# URL:  https://www.photofo.com/downloads/x3f-raw-format.pdf
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 # Note that the MIME type isn't defined anywhere that I can find; if
 # there's a canonical type for this format, it should replace this one.
@@ -15290,8 +16566,8 @@
 # From: "Tano M. Fotang" <mfotang@quanteq.com>
 0	string	\x46\x4d\x52\x00	ISO/IEC 19794-2 Format Minutiae Record (FMR)
 
-# doc: http://www.shikino.co.jp/eng/products/images/FLOWER.jpg.zip
-# example: http://www.shikino.co.jp/eng/products/images/FLOWER.wdp.zip
+# doc: https://www.shikino.co.jp/eng/products/images/FLOWER.jpg.zip
+# example: https://www.shikino.co.jp/eng/products/images/FLOWER.wdp.zip
 90	bequad		0x574D50484F544F00	JPEG-XR Image
 >98	byte&0x08	=0x08			\b, hard tiling
 >99	byte&0x80	=0x80			\b, tiling present
@@ -15343,7 +16619,7 @@
 # From: Johan van der Knijff <johan.vanderknijff@kb.nl>
 #
 # BPG (Better Portable Graphics) format
-# http://bellard.org/bpg/
+# https://bellard.org/bpg/
 # http://fileformats.archiveteam.org/wiki/BPG
 #
 0	string	\x42\x50\x47\xFB	BPG (Better Portable Graphics)
@@ -15405,17 +16681,126 @@
 >8		ubelong		x		%dx
 >12		ubelong		x		\b%d
 
+# Type: Microsoft DirectDraw Surface (common data)
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	name	ms-directdraw-surface
+>0x10	ulelong	x			%u x
+>0x0C	ulelong	x			%u
+# Color depth.
+>0x58	ulelong	>0			\b, %u-bit color
+# Determine the pixel format.
+>0x50	ulelong&0x4	4
+# FIXME: Handle DX10 and XBOX formats.
+>>0x54	string	x			\b, compressed using %.4s
+>0x50	ulelong&0x2	0x2		\b, alpha only
+>0x50	ulelong&0x200	0x200		\b, YUV
+>0x50	ulelong&0x20000	0x20000		\b, luminance
+# RGB pixel format
+>0x50	ulelong&0x40	0x40
+
+# Determine the RGB format using the color masks.
+# ulequad order: 0xGGGGGGGGRRRRRRRR, 0xAAAAAAAABBBBBBBB
+
+>>0x58		ulelong	16
+
+# NOTE: 15-bit color formats usually have 16-bit listed as the color depth.
+>>>0x5C		ulequad	0x000003E000007C00
+>>>>0x64	ulequad 0x000000000000001F	\b, RGB555
+>>>0x5C		ulequad	0x000003E000001F00
+>>>>0x64	ulequad 0x000000000000007C	\b, BGR555
+
+>>>0x5C		ulequad	0x000007E00000F800
+>>>>0x64	ulequad 0x000000000000001F	\b, RGB565
+>>>0x5C		ulequad	0x000007E000001F00
+>>>>0x64	ulequad 0x00000000000000F8	\b, BGR565
+
+>>>0x5C		ulequad	0x000000F000000F00
+>>>>0x64	ulequad 0x0000F0000000000F	\b, ARGB4444
+>>>0x5C		ulequad	0x000000F00000000F
+>>>>0x64	ulequad 0x0000F00000000F00	\b, ABGR4444
+
+>>>0x5C		ulequad	0x00000F000000F000
+>>>>0x64	ulequad 0x0000000F000000F0	\b, RGBA4444
+>>>0x5C		ulequad	0x00000F00000000F0
+>>>>0x64	ulequad 0x0000000F0000F000	\b, BGRA4444
+
+>>>0x5C		ulequad	0x000000F000000F00
+>>>>0x64	ulequad 0x000000000000000F	\b, xRGB4444
+>>>0x5C		ulequad	0x000000F00000000F
+>>>>0x64	ulequad 0x0000000000000F00	\b, xBGR4444
+
+>>>0x5C		ulequad	0x00000F000000F000
+>>>>0x64	ulequad 0x00000000000000F0	\b, RGBx4444
+>>>0x5C		ulequad	0x00000F00000000F0
+>>>>0x64	ulequad 0x000000000000F000	\b, BGRx4444
+
+>>>0x5C		ulequad	0x000003E000007C00
+>>>>0x64	ulequad 0x000080000000001F	\b, ARGB1555
+>>>0x5C		ulequad	0x000003E000001F00
+>>>>0x64	ulequad 0x000080000000007C	\b, ABGR1555
+>>>0x5C		ulequad	0x000007C00000F800
+>>>>0x64	ulequad 0x000000010000003E	\b, RGBA5551
+>>>0x5C		ulequad	0x000007C00000003E
+>>>>0x64	ulequad 0x000000010000F800	\b, BGRA5551
+
+>>88		ulelong 24
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0x00000000000000FF	\b, RGB888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0x0000000000FF0000	\b, BGR888
+
+>>88		ulelong 32
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0xFF000000000000FF	\b, ARGB8888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0xFF00000000FF0000	\b, ABGR8888
+
+>>>0x5C		ulequad	0x00FF0000FF000000
+>>>>0x64	ulequad 0x000000FF0000FF00	\b, RGBA8888
+>>>0x5C		ulequad	0x00FF00000000FF00
+>>>>0x64	ulequad 0x000000FFFF000000	\b, BGBA8888
+
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0x00000000000000FF	\b, xRGB8888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0x0000000000FF0000	\b, xBGR8888
+
+>>>0x5C		ulequad	0x00FF0000FF000000
+>>>>0x64	ulequad 0x000000000000FF00	\b, RGBx8888
+>>>0x5C		ulequad	0x00FF00000000FF00
+>>>>0x64	ulequad 0x00000000FF000000	\b, BGBx8888
+
+# Less common 32-bit color formats.
+>>>0x5C		ulequad	0xFFFF00000000FFFF
+>>>>0x64	ulequad 0x0000000000000000	\b, G16R16
+>>>0x5C		ulequad	0x0000FFFFFFFF0000
+>>>>0x64	ulequad 0x0000000000000000	\b, R16G16
+
+>>>0x5C		ulequad	0x000FFC003FF00000
+>>>>0x64	ulequad 0xC0000000000003FF	\b, A2R10G10B10
+>>>0x5C		ulequad	0x000FFC00000003FF
+>>>>0x64	ulequad 0xC00000003FF00000	\b, A2B10G10R10
+
+# Type: Microsoft DirectDraw Surface
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	string/b	DDS\040\174\000\000\000 Microsoft DirectDraw Surface (DDS):
+>0	use	ms-directdraw-surface
+
 # Type: Sega PVR image.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://fabiensanglard.net/Mykaruga/tools/segaPVRFormat.txt
+# - https://fabiensanglard.net/Mykaruga/tools/segaPVRFormat.txt
 # - https://github.com/yazgoo/pvrx2png
 # - https://github.com/nickworonekin/puyotools
 
 # Sega PVR header.
 0	name	sega-pvr-image-header
->0x0C	leshort	x	%d x
->0x0E	leshort	x	%d
+>0x0C	leshort	x	%u x
+>0x0E	leshort	x	%u
 # Image format.
 >0x08	byte	0	\b, ARGB1555
 >0x08	byte	1	\b, RGB565
@@ -15440,17 +16825,10 @@
 >0x09	byte	0x11	\b, small VQ & mipmap
 >0x09	byte	0x12	\b, square twiddled & mipmap
 
-# Sega PVR (Xbox) image header.
-# Contains an embedded DirectDraw surface instead of PVR data.
-0	name	sega-pvr-xbox-dds-header
->16	lelong	x	%d x
->12	lelong	x	%d,
->84	string	x	%.4s
-
 # Sega PVR image.
 0	string	PVRT
 >0x10	string	DDS\040\174\000\000\000 Sega PVR (Xbox) image:
->>0x20	use	sega-pvr-xbox-dds-header
+>>0x20	use	ms-directdraw-surface
 >0x10	belong	!0x44445320		Sega PVR image:
 >>0	use	sega-pvr-image-header
 
@@ -15458,15 +16836,15 @@
 0	string	GBIX
 >0x10	string	PVRT
 >>0x10	string	DDS\040\174\000\000\000 Sega PVR (Xbox) image:
->>>0x20	use	sega-pvr-xbox-dds-header
+>>>0x20	use	ms-directdraw-surface
 >>0x10	belong	!0x44445320		Sega PVR image:
 >>>0x10	use	sega-pvr-image-header
 >>0x08	lelong	x	\b, global index = %u
 
 # Sega GVR header.
 0	name	sega-gvr-image-header
->0x0C	beshort	x	%d x
->0x0E	beshort	x	%d
+>0x0C	beshort	x	%u x
+>0x0E	beshort	x	%u
 # Image data format.
 >0x0B	byte	0	\b, I4
 >0x0B	byte	1	\b, I8
@@ -15489,6 +16867,12 @@
 >>0x10	use	sega-gvr-image-header
 >>0x08	belong	x	\b, global index = %u
 
+# Sega GVR image with GCIX. (Wii)
+0	string	GCIX
+>0x10	string	GVRT	Sega GVR image:
+>>0x10	use	sega-gvr-image-header
+>>0x08	belong	x	\b, global index = %u
+
 # Light Field Picture
 # Documentation: http://optics.miloush.net/lytro/TheFileFormat.aspx
 # Typical file extensions: .lfp .lfr .lfx
@@ -15525,6 +16909,336 @@
 >20	lelong x 		%dx
 >24	lelong x		\b%d
 
+# Type: Khronos KTX texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://www.khronos.org/opengles/sdk/tools/KTX/file_format_spec/
+
+# glEnum decoding.
+# NOTE: Only the most common formats are listed here.
+0	name	khronos-ktx-glEnum
+>0	lelong	0x1907	\b, RGB
+>0	lelong	0x1908	\b, RGBA
+>0	lelong	0x1909	\b, LUMINANCE
+>0	lelong	0x190A	\b, LUMINANCE_ALPHA
+>0	lelong	0x80E1	\b, BGR
+>0	lelong	0x80E2	\b, BGRA
+>0	lelong	0x83A0	\b, RGB_S3TC
+>0	lelong	0x83A1	\b, RGB4_S3TC
+>0	lelong	0x83A2	\b, RGBA_S3TC
+>0	lelong	0x83A3	\b, RGBA4_S3TC
+>0	lelong	0x83A4	\b, RGBA_DXT5_S3TC
+>0	lelong	0x83A5	\b, RGBA4_DXT5_S3TC
+>0	lelong	0x8D64	\b, ETC1_RGB8_OES
+>0	lelong	0x9270	\b, COMPRESSED_R11_EAC
+>0	lelong	0x9271	\b, COMPRESSED_SIGNED_R11_EAC
+>0	lelong	0x9272	\b, COMPRESSED_RG11_EAC
+>0	lelong	0x9273	\b, COMPRESSED_SIGNED_RG11_EAC
+>0	lelong	0x9274	\b, COMPRESSED_RGB8_ETC2
+>0	lelong	0x9275	\b, COMPRESSED_SRGB8_ETC2
+>0	lelong	0x9276	\b, COMPRESSED_RGB8_PUNCHTHROUGH_ALPHA1_ETC2
+>0	lelong	0x9277	\b, COMPRESSED_SRGB8_PUNCHTHROUGH_ALPHA1_ETC2
+>0	lelong	0x9278	\b, COMPRESSED_RGBA2_ETC2_EAC
+>0	lelong	0x9279	\b, COMPRESSED_SRGB8_ALPHA8_ETC2_EAC
+>0	lelong	0x93B0	\b, COMPRESSED_RGBA_ASTC_4x4_KHR
+>0	lelong	0x93B1	\b, COMPRESSED_RGBA_ASTC_5x4_KHR
+>0	lelong	0x93B2	\b, COMPRESSED_RGBA_ASTC_5x5_KHR
+>0	lelong	0x93B3	\b, COMPRESSED_RGBA_ASTC_6x5_KHR
+>0	lelong	0x93B4	\b, COMPRESSED_RGBA_ASTC_6x6_KHR
+>0	lelong	0x93B5	\b, COMPRESSED_RGBA_ASTC_8x5_KHR
+>0	lelong	0x93B6	\b, COMPRESSED_RGBA_ASTC_8x6_KHR
+>0	lelong	0x93B7	\b, COMPRESSED_RGBA_ASTC_8x8_KHR
+>0	lelong	0x93B8	\b, COMPRESSED_RGBA_ASTC_10x5_KHR
+>0	lelong	0x93B9	\b, COMPRESSED_RGBA_ASTC_10x6_KHR
+>0	lelong	0x93BA	\b, COMPRESSED_RGBA_ASTC_10x8_KHR
+>0	lelong	0x93BB	\b, COMPRESSED_RGBA_ASTC_10x10_KHR
+>0	lelong	0x93BC	\b, COMPRESSED_RGBA_ASTC_12x10_KHR
+>0	lelong	0x93BD	\b, COMPRESSED_RGBA_ASTC_12x12_KHR
+>0	lelong	0x93D0	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_4x4_KHR
+>0	lelong	0x93D1	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_5x4_KHR
+>0	lelong	0x93D2	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_5x5_KHR
+>0	lelong	0x93D3	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_6x5_KHR
+>0	lelong	0x93D4	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_6x6_KHR
+>0	lelong	0x93D5	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x5_KHR
+>0	lelong	0x93D6	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x6_KHR
+>0	lelong	0x93D7	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x8_KHR
+>0	lelong	0x93D8	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x5_KHR
+>0	lelong	0x93D9	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x6_KHR
+>0	lelong	0x93DA	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x8_KHR
+>0	lelong	0x93DB	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x10_KHR
+>0	lelong	0x93DC	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_12x10_KHR
+>0	lelong	0x93DD	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_12x12_KHR
+
+# Endian-specific KTX header.
+# TODO: glType (all textures I've seen so far are GL_UNSIGNED_BYTE)
+0	name	khronos-ktx-endian-header
+>20	lelong	x	\b, %u
+>24	lelong	>1	x %u
+>28	lelong	>1	x %u
+>8	lelong	>0
+>>8	use	khronos-ktx-glEnum
+>8	lelong	0
+>>12	use	khronos-ktx-glEnum
+
+# Main KTX header.
+# Determine endianness, then check the rest of the header.
+0	string	\xABKTX\ 11\xBB\r\n\x1A\n	Khronos KTX texture
+>12	lelong	0x04030201			(little-endian)
+>>16	use	khronos-ktx-endian-header
+>12	belong	0x04030201			(big-endian)
+>>16	use	\^khronos-ktx-endian-header
+
+# Type: Valve VTF texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://developer.valvesoftware.com/wiki/Valve_Texture_Format
+
+# VTF image formats.
+0	name	vtf-image-format
+>0	lelong	0	RGBA8888
+>0	lelong	1	ABGR8888
+>0	lelong	2	RGB888
+>0	lelong	3	BGR888
+>0	lelong	4	RGB565
+>0	lelong	5	I8
+>0	lelong	6	IA88
+>0	lelong	7	P8
+>0	lelong	8	A8
+>0	lelong	9	RGB888 (bluescreen)
+>0	lelong	10	BGR888 (bluescreen)
+>0	lelong	11	ARGB8888
+>0	lelong	12	BGRA8888
+>0	lelong	13	DXT1
+>0	lelong	14	DXT3
+>0	lelong	15	DXT5
+>0	lelong	16	BGRx8888
+>0	lelong	17	BGR565
+>0	lelong	18	BGRx5551
+>0	lelong	19	BGRA4444
+>0	lelong	20	DXT1+A1
+>0	lelong	21	BGRA5551
+>0	lelong	22	UV88
+>0	lelong	23	UVWQ8888
+>0	lelong	24	RGBA16161616F
+>0	lelong	25	RGBA16161616
+>0	lelong	26	UVLX8888
+
+# Main VTF header.
+0	string	VTF\0				Valve Texture Format
+>4	lelong	x				v%u
+>8	lelong	x				\b.%u
+>0x10	leshort	x				\b, %u
+>0x12	leshort	>1				x %u
+>4	lequad	0x0000000700000002
+>>0x3F	leshort	>1				x %u
+>0x18	leshort	>1				\b, %u frames
+>0x38	byte	x				\b, mipmaps: %u
+>0x34	lelong	>-1				\b,
+>>0x34	use	vtf-image-format
+
+# Type: Valve VTF3 (PS3) texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string		VTF3	Valve Texture Format (PS3)
+>0x14	beshort		x	\b, %u
+>0x16	beshort		x	\b x %u
+>0x10	belong&0x2000	0	\b, DXT1
+>0x10	belong&0x2000	0x2000	\b, DXT5
+
+# Type: ASTC texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://stackoverflow.com/questions/22600678/determine-internal-format-of-given-astc-compressed-image-through-its-header
+# - https://stackoverflow.com/a/22682244
+0	lelong	0x5ca1ab13			ASTC
+>4	byte	x				%u
+>5	byte	x				\bx%u
+>6	byte	>1				\bx%u
+# X, Y, and Z dimensions are stored as 24-bit LE.
+# Pretend it's 32-bit and mask off the high byte.
+>7	lelong&0x00FFFFFF	x		texture, %u
+>10	lelong&0x00FFFFFF	x		x %u
+>13	lelong&0x00FFFFFF	>1		x %u
+
+# Zebra Metafile graphic
+# http://www.fileformat.info/format/zbr/egff.htm
+0	beshort	0x9a02	Zebra Metafile graphic
+>2	leshort 1	(version 1.x)
+>2	leshort	2	(version 1.1x or 1.2x)
+>2	leshort	3	(version 1.49)
+>2	leshort	4	(version 1.50)
+>4	string	x	(comment = %s)
+
+# Microsoft Paint graphic
+# http://www.fileformat.info/format/mspaint/egff.htm
+0	string	DanM 	icrosoft Paint image data (version 1.x)
+>4	leshort	x	(%d
+>>6	leshort	x	x %d)
+0	string	LinS 	Microsoft Paint image data (version 2.0)
+>4	leshort	x	(%d
+>>6	leshort	x	x %d)
+
+# reMarkable tablet internal file format (https://www.remarkable.com/)
+# https://github.com/ax3l/lines-are-beautiful
+# https://plasma.ninja/blog/devices/remarkable/binary/format/2017/12/26/\
+#	reMarkable-lines-file-format.html#what-to-do-next
+# from Axel Huebl
+0		string	reMarkable
+>11		string	lines
+>>17		string	with
+>>>22		string	selections
+>>>>33		string	and
+>>>>>37		string	layers
+>>>>>>43	lelong	x	reMarkable tablet notebook lines, 1404 x 1872, %x page(s)
+
+# newer per-page files for the reMarkable
+0		string	reMarkable
+>11		string	.lines
+>>18		string	file,
+>>>24		string	version=
+>>>>32		byte	x	reMarkable tablet page (v%c), 1404 x 1872,
+>>>>>43		lelong	x	%d layer(s)
+
+# Type: PVR3 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - http://cdn.imgtec.com/sdk-documentation/PVR+File+Format.Specification.pdf
+
+# PVR3 pixel formats.
+0	name		pvr3-pixel-format
+>4	ulelong	0
+>>0	ulelong	0	PVRTC 2bpp RGB
+>>0	ulelong	1	PVRTC 2bpp RGBA
+>>0	ulelong	2	PVRTC 4bpp RGB
+>>0	ulelong	3	PVRTC 4bpp RGBA
+>>0	ulelong	4	PVRTC-II 2bpp
+>>0	ulelong	5	PVRTC-II 4bpp
+>>0	ulelong	6	ETC1
+>>0	ulelong	7	DXT1
+>>0	ulelong	8	DXT2
+>>0	ulelong	9	DXT3
+>>0	ulelong	10	DXT4
+>>0	ulelong	11	DXT5
+>>0	ulelong	12	BC4
+>>0	ulelong	13	BC5
+>>0	ulelong	14	BC6
+>>0	ulelong	15	BC7
+>>0	ulelong	16	UYVY
+>>0	ulelong	17	YUY2
+>>0	ulelong	18	BW1bpp
+>>0	ulelong	19	R9G9B9E5 Shared Exponent
+>>0	ulelong	20	RGBG8888
+>>0	ulelong	21	GRGB8888
+>>0	ulelong	22	ETC2 RGB
+>>0	ulelong	23	ETC2 RGBA
+>>0	ulelong	24	ETC2 RGB A1
+>>0	ulelong	25	EAC R11
+>>0	ulelong	26	EAC RG11
+>>0	ulelong	27	ASTC_4x4
+>>0	ulelong	28	ASTC_5x4
+>>0	ulelong	29	ASTC_5x5
+>>0	ulelong	30	ASTC_6x5
+>>0	ulelong	31	ASTC_6x6
+>>0	ulelong	32	ASTC_8x5
+>>0	ulelong	33	ASTC_8x6
+>>0	ulelong	34	ASTC_8x8
+>>0	ulelong	35	ASTC_10x5
+>>0	ulelong	36	ASTC_10x6
+>>0	ulelong	37	ASTC_10x8
+>>0	ulelong	38	ASTC_10x10
+>>0	ulelong	39	ASTC_12x10
+>>0	ulelong	40	ASTC_12x12
+>>0	ulelong	41	ASTC_3x3x3
+>>0	ulelong	42	ASTC_4x3x3
+>>0	ulelong	43	ASTC_4x4x3
+>>0	ulelong	44	ASTC_4x4x4
+>>0	ulelong	45	ASTC_5x4x4
+>>0	ulelong	46	ASTC_5x5x4
+>>0	ulelong	47	ASTC_5x5x5
+>>0	ulelong	48	ASTC_6x5x5
+>>0	ulelong	49	ASTC_6x6x5
+>>0	ulelong	50	ASTC_6x6x6
+>4	ulelong	!0
+>>0	byte	!0	%c
+>>1	byte	!0	\b%c
+>>2	byte	!0	\b%c
+>>3	byte	!0	\b%c
+
+0	string		PVR\x03			PVR 3.0 texture:
+>0x18	ulelong		x	%u x
+>0x1C	ulelong		x	%u
+>0x20	ulelong		>1	x %u
+>0x08	byte		x	\b,
+>0x08	use	pvr3-pixel-format
+>0x10	ulelong		1	\b, sRGB
+>0x04	ulelong&0x02	0x02	\b, premultiplied alpha
+
+# Type: Microsoft Xbox XPR0 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/Cxbx-Reloaded/Cxbx-Reloaded/blob/develop/src/core/hle/D3D8/XbD3D8Types.h
+
+# XPR pixel formats.
+0	name	xbox-xpr-pixel-format
+>0	byte	0x00	L8
+>0	byte	0x01	AL8
+>0	byte	0x02	ARGB1555
+>0	byte	0x03	RGB555
+>0	byte	0x04	ARGB4444
+>0	byte	0x05	RGB565
+>0	byte	0x06	ARGB8888
+>0	byte	0x07	xRGB8888
+>0	byte	0x0B	P8
+>0	byte	0x0C	DXT1
+>0	byte	0x0E	DXT2
+>0	byte	0x0F	DXT4
+>0	byte	0x10	Linear ARGB1555
+>0	byte	0x11	Linear RGB565
+>0	byte	0x12	Linear ARGB8888
+>0	byte	0x13	Linear L8
+>0	byte	0x16	Linear R8B8
+>0	byte	0x17	Linear G8B8
+>0	byte	0x19	A8
+>0	byte	0x1A	A8L8
+>0	byte	0x1B	Linear AL8
+>0	byte	0x1C	Linear RGB555
+>0	byte	0x1D	Linear ARGB4444
+>0	byte	0x1E	Linear xRGB8888
+>0	byte	0x1F	Linear A8
+>0	byte	0x20	Linear A8L8
+>0	byte	0x24	YUY2
+>0	byte	0x25	UYVY
+>0	byte	0x27	L6V5U5
+>0	byte	0x28	V8U8
+>0	byte	0x29	R8B8
+>0	byte	0x2A	D24S8
+>0	byte	0x2B	F24S8
+>0	byte	0x2C	D16
+>0	byte	0x2D	F16
+>0	byte	0x2E	Linear D24S8
+>0	byte	0x2F	Linear F24S8
+>0	byte	0x30	Linear D16
+>0	byte	0x31	Linear F16
+>0	byte	0x32	L16
+>0	byte	0x33	V16U16
+>0	byte	0x35	Linear L16
+>0	byte	0x36	Linear V16U16
+>0	byte	0x37	Linear L6V5U5
+>0	byte	0x38	RGBA5551
+>0	byte	0x39	RGBA4444
+>0	byte	0x3A	QWVU8888
+>0	byte	0x3B	BGRA8888
+>0	byte	0x3C	RGBA8888
+>0	byte	0x3D	Linear RGBA5551
+>0	byte	0x3E	Linear RGBA4444
+>0	byte	0x3F	Linear ABGR8888
+>0	byte	0x40	Linear BGRA8888
+>0	byte	0x41	Linear RGBA8888
+>0	byte	0x64	Vertex Data
+
+0	string		XPR0	Microsoft Xbox XPR0 texture
+>0x19	byte	x	\b, format:
+>>0x19	use	xbox-xpr-pixel-format
+
 #------------------------------------------------------------------------------
 # $File: inform,v 1.5 2009/09/19 16:28:09 christos Exp $
 # inform:  file(1) magic for Inform interactive fiction language
@@ -15535,7 +17249,7 @@
 0	search/100/cW	constant\ story		Inform source text
 
 #------------------------------------------------------------------------------
-# $File: intel,v 1.16 2017/11/14 15:48:36 christos Exp $
+# $File: intel,v 1.17 2018/08/01 10:34:03 christos Exp $
 # intel:  file(1) magic for x86 Unix
 #
 # Various flavors of x86 UNIX executable/object (other than Xenix, which
@@ -15577,6 +17291,10 @@
 #>12	lelong		>0		not stripped
 # no hint found, that at offset 22 is version
 #>22	leshort		>0		- version %d
+0	leshort		0x0200
+>0	use				display-coff
+0	leshort		0x8664
+>0	use				display-coff
 
 # rom: file(1) magic for BIOS ROM Extensions found in intel machines
 #      mapped into memory between 0xC0000 and 0xFFFFF
@@ -15682,9 +17400,9 @@
 >20     long            x               stblsize %d
 
 #------------------------------------------------------------------------------
-# $File: isz,v 1.4 2017/03/17 21:35:28 christos Exp $
+# $File: isz,v 1.5 2019/04/19 00:42:27 christos Exp $
 # ISO Zipped file format
-# http://www.ezbsystems.com/isz/iszspec.txt
+# https://www.ezbsystems.com/isz/iszspec.txt
 0	string	IsZ!	ISO Zipped file
 >4	byte	x	\b, header size %u
 >5	byte	x	\b, version %u
@@ -15697,7 +17415,7 @@
 #>36	lelong	x	\b, block size %u
 
 #------------------------------------------------------------
-# $File: java,v 1.18 2015/11/29 22:08:14 christos Exp $
+# $File: java,v 1.21 2019/02/18 17:58:50 christos Exp $
 # Java ByteCode and Mach-O binaries (e.g., Mac OS X) use the
 # same magic number, 0xcafebabe, so they are both handled
 # in the entry called "cafebabe".
@@ -15719,9 +17437,27 @@
 # Java HPROF dumps
 # https://java.net/downloads/heap-snapshot/hprof-binary-format.html
 0	string		JAVA\x20PROFILE\x201.0.
->0x12	short		0
->>0x11	ushort-0x31	<2      Java HPROF dump,
->>0x17	beqdate/1000	x       created %s
+>0x12	byte		0
+>>0x11	ubyte-0x31	<2      Java HPROF dump,
+>>>0x17	beqdate/1000	x       created %s
+
+# Java jmod module
+# See https://hg.openjdk.java.net/jdk9/jdk9/jdk/file/tip/src/java.base/share/classes/jdk/internal/jmod/JmodFile.java
+# Grr. 2 byte magic "JM", really? In 2019?
+0	belong		0x4a4d0100	Java jmod module version 1.0
+!:mime	application/x-java-jmod
+
+# Java jlinked image
+# See https://hg.openjdk.java.net/jdk9/jdk9/jdk/file/tip/src/java.base/share/native/libjimage/imageFile.hpp
+0	belong	0xcafedada	Java module image (big endian)
+>4	beshort	>0x00	\b, version %d
+>6	beshort	x	\b.%d
+!:mime	application/x-java-image
+
+0	lelong	0xcafedada	Java module image (little endian)
+>6	leshort	>0x00	\b, version %d
+>4	leshort	x	\b.%d
+!:mime	application/x-java-image
 
 #------------------------------------------------------------------------------
 # $File: javascript,v 1.1 2012/06/16 13:30:36 christos Exp $
@@ -15741,7 +17477,7 @@
 !:mime application/javascript
 
 #------------------------------------------------------------------------------
-# $File: jpeg,v 1.31 2017/03/17 21:35:28 christos Exp $
+# $File: jpeg,v 1.32 2018/10/01 18:58:29 christos Exp $
 # JPEG images
 # SunOS 5.5.1 had
 #
@@ -15792,21 +17528,21 @@
 >>4	byte		x		\b, baseline, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 >0	beshort		0xFFC1
 >>(2.S+2)	use			jpeg_segment
 >>4	byte		x		\b, extended sequential, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 >0	beshort		0xFFC2
 >>(2.S+2)	use			jpeg_segment
 >>4	byte		x		\b, progressive, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 # Define Huffman Tables
 >0	beshort		0xFFC4
@@ -15887,13 +17623,13 @@
 !:mime	text/x-xmcd
 
 #------------------------------------------------------------------------------
-# $File: keepass,v 1.1 2012/12/24 22:14:56 christos Exp $
+# $File: keepass,v 1.2 2019/04/19 00:42:27 christos Exp $
 # keepass: file(1) magic for KeePass file
 #
 # Keepass Password Safe:
-#  * original one: http://keepass.info/
-#  * *nix port:    http://www.keepassx.org/
-#  * android port: http://code.google.com/p/keepassdroid/
+#  * original one: https://keepass.info/
+#  * *nix port:    https://www.keepassx.org/
+#  * android port: https://code.google.com/p/keepassdroid/
 
 0	lelong		0x9AA2D903	Keepass password database
 >4	lelong		0xB54BFB65	1.x KDB
@@ -15907,7 +17643,7 @@
 >4	lelong		0xB54BFB67	2.x KDBX
 
 #------------------------------------------------------------------------------
-# $File: kerberos,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: kerberos,v 1.3 2019/04/19 00:42:27 christos Exp $
 # kerberos: MIT kerberos file binary formats
 #
 
@@ -15931,7 +17667,7 @@
 #		can refer to ${name}
 #	- Provide a way to format strings as hex values
 #
-# http://www.gnu.org/software/shishi/manual/html_node/\
+# https://www.gnu.org/software/shishi/manual/html_node/\
 #	The-Keytab-Binary-File-Format.html
 #
 
@@ -15952,15 +17688,84 @@
 >4		use		keytab_entry
 
 #------------------------------------------------------------------------------
-# $File: kml,v 1.4 2017/03/17 21:35:28 christos Exp $
+# $File: kicad,v 1.1 2018/10/01 18:39:21 christos Exp $
+# kicad:  file(1) magic for KiCad files
+#
+# See
+#
+#	http://kicad-pcb.org
+#
+
+# KiCad Schematic Document
+0	    string  EESchema
+>8	    byte    0x20
+>>9	    string  Schematic
+>>>18	    byte    0x20		KiCad Schematic Document
+!:ext sch/bak
+>>>>24	    string  Version
+>>>>>31	    byte    0x20
+>>>>>>32    string  x			(Version %s)
+
+# KiCad Symbol Library
+0	    string  EESchema-LIBRARY
+>16	    byte    0x20		KiCad Symbol Library
+!:ext lib
+>>17	    string  Version
+>>>24	    byte    0x20
+>>>>25	    string  x			(Version %s)
+
+# KiCad Symbol Library Documentation
+0	    string  EESchema-DOCLIB
+>15	    byte    0x20		KiCad Symbol Library Documentation
+!:ext dcm
+>>17	    string  Version
+>>>24	    byte    0x20
+>>>>25	    string  x			(Version %s)
+
+# KiCad Board Layout
+0	    string  (kicad_pcb
+>10	    byte    0x20		KiCad Board Layout
+!:ext kicad_pcb/kicad_pcb-bak
+>>11	    string  (version
+>>>19	    byte    0x20
+>>>>20	    byte    x			(Version %c)
+
+# KiCad Footprint
+0	    string  (module
+>7	    byte    0x20		KiCad Footprint
+!:ext kicad_mod
+
+# KiCad Footprint (Legacy)
+0	    string  PCBNEW-LibModule-V1	    KiCad Footprint (Legacy)
+!:ext mod
+
+# KiCad Netlist
+0	    string  (export
+>7	    byte    0x20		KiCad Netlist
+!:ext net
+
+# KiCad Symbol Library Table
+0	    string  (sym_lib_table
+>14	    byte    0xA			KiCad Symbol Library Table
+>14	    byte    0xD			KiCad Symbol Library Table
+>14	    byte    0x20		KiCad Symbol Library Table
+
+# KiCad Footprint Library Table
+0	    string  (fp_lib_table
+>13	    byte    0xA			KiCad Footprint Library Table
+>13	    byte    0xD			KiCad Footprint Library Table
+>13	    byte    0x20		KiCad Footprint Library Table
+
+#------------------------------------------------------------------------------
+# $File: kml,v 1.5 2019/04/19 00:42:27 christos Exp $
 # Type: Google KML, formerly Keyhole Markup Language
 # Future development of this format has been handed
 # over to the Open Geospatial Consortium.
-# http://www.opengeospatial.org/standards/kml/
+# https://www.opengeospatial.org/standards/kml/
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
 0 string/t    \<?xml
 >20  search/400 \ xmlns=
->>&0 regex ['"]http://earth.google.com/kml Google KML document
+>>&0 regex ['"]https://earth.google.com/kml Google KML document
 !:mime application/vnd.google-earth.kml+xml
 >>>&1 string 2.0' \b, version 2.0
 >>>&1 string 2.1' \b, version 2.1
@@ -15970,15 +17775,15 @@
 # Type: OpenGIS KML, formerly Keyhole Markup Language
 # This standard is maintained by the
 # Open Geospatial Consortium.
-# http://www.opengeospatial.org/standards/kml/
+# https://www.opengeospatial.org/standards/kml/
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
->>&0 regex ['"]http://www.opengis.net/kml OpenGIS KML document
+>>&0 regex ['"]https://www.opengis.net/kml OpenGIS KML document
 !:mime application/vnd.google-earth.kml+xml
 >>>&1 string/t 2.2 \b, version 2.2
 
 #------------------------------------------------------------------------------
 # Type: Google KML Archive (ZIP based)
-# http://code.google.com/apis/kml/documentation/kml_tut.html
+# https://code.google.com/apis/kml/documentation/kml_tut.html
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
 0 string    PK\003\004
 >4  byte    0x14
@@ -16012,7 +17817,7 @@
 0	beshort		0x8000		lif file
 
 #------------------------------------------------------------------------------
-# $File: linux,v 1.64 2017/03/17 21:35:28 christos Exp $
+# $File: linux,v 1.67 2019/04/19 00:42:27 christos Exp $
 # linux:  file(1) magic for Linux files
 #
 # Values for Linux/i386 binaries, from Daniel Quinlan <quinlan@yggdrasil.com>
@@ -16068,7 +17873,7 @@
 #
 # PSF fonts, from H. Peter Anvin <hpa@yggdrasil.com>
 # Updated by Adam Buchbinder <adam.buchbinder@gmail.com>
-# See: http://www.win.tue.nl/~aeb/linux/kbd/font-formats-1.html
+# See: https://www.win.tue.nl/~aeb/linux/kbd/font-formats-1.html
 0	leshort		0x0436		Linux/i386 PC Screen Font v1 data,
 >2	byte&0x01	0		256 characters,
 >2	byte&0x01	!0		512 characters,
@@ -16091,7 +17896,7 @@
 4076    string          SWAPSPACE2LINHIB0001    Linux/i386 swap file (new style) (compressed hibernate)
 # according to man page of mkswap (8) March 1999
 # volume label and UUID Russell Coker
-# http://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
+# https://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
 4086	string		SWAPSPACE2	Linux/i386 swap file (new style),
 >0x400	long		x		version %d (4K pages),
 >0x404	long		x		size %d pages,
@@ -16106,6 +17911,16 @@
 # From Daniel Novotny <dnovotny@redhat.com>
 # swap file for PowerPC
 65526	string		SWAPSPACE2	Linux/ppc swap file
+>0x400	long		x		version %d,
+>0x404	long		x		size %d pages,
+>1052	string		\0		no label,
+>1052	string		>\0		LABEL=%s,
+>0x40c	belong		x		UUID=%08x
+>0x410	beshort		x		\b-%04x
+>0x412	beshort		x		\b-%04x
+>0x414	beshort		x		\b-%04x
+>0x416	belong		x		\b-%08x
+>0x41a	beshort		x		\b%04x
 16374	string		SWAPSPACE2	Linux/ia64 swap file
 #
 # Linux kernel boot images, from Albert Cahalan <acahalan@cs.uml.edu>
@@ -16113,8 +17928,13 @@
 # and Nicolas Lichtmaier <nick@debian.org>
 # All known start with: b8 c0 07 8e d8 b8 00 90 8e c0 b9 00 01 29 f6 29
 # Linux kernel boot images (i386 arch) (Wolfram Kleff)
+# URL: https://www.kernel.org/doc/Documentation/x86/boot.txt
 514	string		HdrS		Linux kernel
 !:strength + 55
+# often no extension like in linux, vmlinuz, bzimage or memdisk but sometimes
+# Acronis Recovery kernel64.dat and Plop Boot Manager plpbtrom.bin
+# DamnSmallLinux 1.5 damnsmll.lnx 
+!:ext	/dat/bin/lnx
 >510	leshort		0xAA55		x86 boot executable
 >>518	leshort		>0x1ff
 >>>529	byte		0		zImage,
@@ -16205,7 +18025,10 @@
 
 # Linux ARM compressed kernel image
 # From: Kevin Cernekee <cernekee@gmail.com>
+# Update: Joerg Jenderek
 36	lelong	0x016f2818	Linux kernel ARM boot executable zImage (little-endian)
+# raspian "kernel7.img", Vu+ Ultimo4K "kernel_auto.bin"
+!:ext	img/bin
 36	belong	0x016f2818	Linux kernel ARM boot executable zImage (big-endian)
 
 ############################################################################
@@ -16234,7 +18057,7 @@
 # 0	lelong&0xFF00FFFF 0x17000301	ld86 SPARC executable
 
 # SYSLINUX boot logo files (from 'ppmtolss16' sources)
-# http://www.syslinux.org/wiki/index.php/SYSLINUX#Display_graphic_from_filename:
+# https://www.syslinux.org/wiki/index.php/SYSLINUX#Display_graphic_from_filename:
 # file extension .lss .16
 0	lelong	=0x1413f33d		SYSLINUX' LSS16 image data
 # syslinux-4.05/mime/image/x-lss16.xml
@@ -16363,7 +18186,7 @@
 >>&1	string		x			%s...)
 
 # Systemd journald files
-# See http://www.freedesktop.org/wiki/Software/systemd/journal-files/.
+# See https://www.freedesktop.org/wiki/Software/systemd/journal-files/.
 # From: Zbigniew Jedrzejewski-Szmek <zbyszek@in.waw.pl>
 
 # check magic
@@ -16455,7 +18278,7 @@
 #              the default version of locate on Arch Linux (and others).
 # File path:   /var/lib/mlocate/mlocate.db by default (but configurable)
 # Site:        https://fedorahosted.org/mlocate/
-# Format docs: http://linux.die.net/man/5/mlocate.db
+# Format docs: https://linux.die.net/man/5/mlocate.db
 # Type: mlocate database file
 # URL:  https://fedorahosted.org/mlocate/
 # From: Wander Nauta <info@wandernauta.nl>
@@ -16471,14 +18294,14 @@
 0		lelong		0x47361222	iproute2 addresses dump
 
 # Image and service files for CRIU tool.
-# URL: http://criu.org
+# URL: https://criu.org
 # From: Pavel Emelyanov <xemul@parallels.com>
 0		lelong		0x54564319	CRIU image file v1.1
 0		lelong		0x55105940	CRIU service file
 0		lelong		0x58313116	CRIU inventory
 
 # Kdump compressed dump files
-# http://sourceforge.net/p/makedumpfile/code/ci/master/tree/IMPLEMENTATION
+# https://sourceforge.net/p/makedumpfile/code/ci/master/tree/IMPLEMENTATION
 
 0		string		KDUMP          	Kdump compressed dump
 >8		long		x		v%d
@@ -16490,7 +18313,7 @@
 >337		string		>\0		\b, domain %s
 
 #------------------------------------------------------------------------------
-# $File: lisp,v 1.25 2017/03/17 21:35:28 christos Exp $
+# $File: lisp,v 1.26 2019/04/19 00:42:27 christos Exp $
 # lisp:  file(1) magic for lisp programs
 #
 # various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
@@ -16517,7 +18340,7 @@
 !:mime	text/x-lisp
 
 # URL: https://en.wikipedia.org/wiki/Emacs_Lisp
-# Reference: http://ftp.gnu.org/old-gnu/emacs/elisp-manual-18-1.03.tar.gz
+# Reference: https://ftp.gnu.org/old-gnu/emacs/elisp-manual-18-1.03.tar.gz
 # Update: Joerg Jenderek
 # Emacs 18 - this is always correct, but not very magical.
 0	string	\012(
@@ -16565,9 +18388,9 @@
 !:mime	text/texmacs
 
 #------------------------------------------------------------------------------
-# $File: llvm,v 1.8 2013/01/12 03:09:51 christos Exp $
+# $File: llvm,v 1.9 2019/04/19 00:42:27 christos Exp $
 # llvm:  file(1) magic for LLVM byte-codes
-# URL:  http://llvm.org/docs/BitCodeFormat.html
+# URL:  https://llvm.org/docs/BitCodeFormat.html
 # From: Al Stone <ahs3@fc.hp.com>
 
 0	string	llvm	LLVM byte-codes, uncompressed
@@ -16586,9 +18409,9 @@
 0	string	BC\xc0\xde	LLVM IR bitcode
 
 #------------------------------------------------------------------------------
-# $File: lua,v 1.6 2013/01/09 16:23:17 christos Exp $
+# $File: lua,v 1.7 2019/04/19 00:42:27 christos Exp $
 # lua:  file(1) magic for Lua scripting language
-# URL:  http://www.lua.org/
+# URL:  https://www.lua.org/
 # From: Reuben Thomas <rrt@sc3d.org>, Seo Sanghyeon <tinuviel@sparcs.kaist.ac.kr>
 
 # Lua scripts
@@ -16620,12 +18443,14 @@
 >72	string		x		%s]
 >168	string		x		UUID: %s
 #------------------------------------------------------------------------------
-# $File: m4,v 1.2 2017/08/14 07:40:38 christos Exp $
+# $File: m4,v 1.3 2019/02/27 16:46:23 christos Exp $
 # make:  file(1) magic for M4 scripts
 #
-0	regex	\^dnl\ 		M4 macro processor script text
+0	search/8192	dnl
+>0	regex	\^dnl\ 		M4 macro processor script text
 !:mime	text/x-m4
-0	regex	\^AC_DEFUN\\(\\[	M4 macro processor script text
+0	search/8192	AC_DEFUN
+>0	regex	\^AC_DEFUN\\(\\[	M4 macro processor script text
 !:strength + 15
 !:mime	text/x-m4
 
@@ -16881,7 +18706,7 @@
 >0	use	mach-o-be
 
 #------------------------------------------------------------------------------
-# $File: macintosh,v 1.28 2017/12/05 02:17:48 christos Exp $
+# $File: macintosh,v 1.29 2019/04/19 00:42:27 christos Exp $
 # macintosh description
 #
 # BinHex is the Macintosh ASCII-encoded file format (see also "apple")
@@ -16943,7 +18768,7 @@
 # MacBinary format (Eric Fischer, enf@pobox.com)
 # Update: Joerg Jenderek 
 # URL: https://en.wikipedia.org/wiki/MacBinary
-# Reference: http://files.stairways.com/other/macbinaryii-standard-info.txt
+# Reference: https://files.stairways.com/other/macbinaryii-standard-info.txt
 #
 # Unfortunately MacBinary doesn't really have a magic number prior
 # to the MacBinary III format.
@@ -17061,8 +18886,8 @@
 
 # Apple Type/Creator Database
 # URL: https://en.wikipedia.org/wiki/Type_code
-# Reference:	http://www.lacikam.co.il/tcdb/
-#		http://www.macdisk.com/macsigen.php
+# Reference:	https://www.lacikam.co.il/tcdb/
+#		https://www.macdisk.com/macsigen.php
 # Note:	classic Mac OS files have two 4 character codes for type and creator.
 #	Thereby the Finder attach documents types to applications.
 
@@ -17260,7 +19085,7 @@
 >0x424	pstring			x		volume name: %s
 
 # *.hfs updated by Joerg Jenderek
-# http://en.wikipedia.org/wiki/Hierarchical_File_System
+# https://en.wikipedia.org/wiki/Hierarchical_File_System
 # "BD" gives many false positives
 0x400	beshort			0x4244
 # ftp://ftp.mars.org/pub/hfs/hfsutils-3.2.6.tar.gz/hfsutils-3.2.6/libhfs/apple.h
@@ -17271,7 +19096,7 @@
 !:mime	application/x-apple-diskimage
 #!:apple	hfsdINIT
 #!:apple	MACSdisk
-# http://www.macdisk.com/macsigen.php
+# https://www.macdisk.com/macsigen.php
 #!:apple	ddskdevi
 !:apple	????devi
 # https://en.wikipedia.org/wiki/Apple_Disk_Image
@@ -17283,7 +19108,7 @@
 >>>0x40a	beshort			&0x0200	(spared blocks)
 >>>0x40a	beshort			&0x0800	(unclean)
 >>>0x47C	beshort			0x482B	(Embedded HFS+ Volume)
-# http://www.epochconverter.com/
+# https://www.epochconverter.com/
 # 0x7C245F00 seconds	~ 2082758400	~ 01 Jan 2036 00:00:00	~ 66 years to 1970
 # 0x7C25B080 seconds	~ 2082844800	~ 02 Jan 2036 00:00:00
 # construct not working
@@ -17339,7 +19164,7 @@
 0		string		BOMStore	Mac OS X bill of materials (BOM) file
 
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://en.wikipedia.org/wiki/Datafork_TrueType
+# URL: https://en.wikipedia.org/wiki/Datafork_TrueType
 # Derived from the 'fondu' and 'ufond' source code (fondu.sf.net). 'sfnt' is
 # TrueType; 'POST' is PostScript. 'FONT' and 'NFNT' sometimes appear, but I
 # don't know what they mean.
@@ -17367,7 +19192,7 @@
 0	belong		0xF11E041C	magic binary file for file(1) cmd
 >4	belong		x		(version %d) (big endian)
 #------------------------------------------------------------------------------
-# $File: mail.news,v 1.23 2015/06/29 14:44:26 christos Exp $
+# $File: mail.news,v 1.24 2019/04/19 00:42:27 christos Exp $
 # mail.news:  file(1) magic for mail and news
 #
 # Unfortunately, saved netnews also has From line added in some news software.
@@ -17425,7 +19250,7 @@
 #0	string		\<!--\ MHonArc		text/html; x-type=mhonarc
 
 # Cyrus: file(1) magic for compiled Cyrus sieve scripts
-# URL: http://www.cyrusimap.org/docs/cyrus-imapd/2.4.6/internal/bytecode.php
+# URL: https://www.cyrusimap.org/docs/cyrus-imapd/2.4.6/internal/bytecode.php
 # URL: http://git.cyrusimap.org/cyrus-imapd/tree/sieve/bytecode.h?h=master
 # From: Philipp Hahn <hahn@univention.de>
 
@@ -17435,7 +19260,7 @@
 >12     lelong =1       version 1, little-endian
 >12     belong x        version %d, network-endian
 #------------------------------------------------------------------------------
-# $File: make,v 1.3 2016/12/10 14:21:29 christos Exp $
+# $File: make,v 1.4 2018/05/29 17:26:02 christos Exp $
 # make:  file(1) magic for makefiles
 #
 # URL: https://en.wikipedia.org/wiki/Make_(software)
@@ -17453,29 +19278,36 @@
 # Reference: https://www.freebsd.org/cgi/man.cgi?make(1)
 # exclude grub-core\lib\libgcrypt\mpi\Makefile.am with "#BEGIN_ASM_LIST"
 # by additional escaping point character
-0	regex/100l	\^\\.BEGIN	BSD makefile script text with "%s"
+0	regex/100l	\^\\.BEGIN	BSD makefile script text
 !:mime	text/x-makefile
 !:ext	/mk
+!:strength +10
 # exclude MS Windows help file CoNtenT with ":include FOOBAR.CNT"
 # and NSIS script with "!include" by additional escaping point character
-0	regex/100l	\^\\.include	BSD makefile script text with "%s"
+0	regex/100l	\^\\.include	BSD makefile script text
 !:mime	text/x-makefile
 !:ext	/mk
+!:strength +10
+0	regex/100l	\^\\.endif	BSD makefile script text
+!:mime	text/x-makefile
+!:ext	/mk
+!:strength +10
 0	regex/100l	\^SUBDIRS	automake makefile script text
 !:mime	text/x-makefile
+!:strength +10
 
 
 #------------------------------------------------------------------------------
-# $File: map,v 1.4 2015/08/10 05:18:27 christos Exp $
+# $File: map,v 1.7 2019/04/30 04:02:04 christos Exp $
 # map:  file(1) magic for Map data
 #
 
-# Garmin .FIT files http://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
+# Garmin .FIT files https://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
 8	string	.FIT		FIT Map data
 >15	byte	0
 >>35	belong	x		\b, unit id %d
 >>39	lelong	x		\b, serial %u
-# http://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
+# https://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
 # 20 years after unix epoch
 # TZ=GMT date -d '1989-12-31 0:00' +%s
 >>43	leldate+631065600	x	\b, %s
@@ -17491,8 +19323,298 @@
 >>53	byte	8		\b (Elevations)
 >>53	byte	10		\b (Totals)
 
+# Summary: Garmin map
+# From:	Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Garmin_.img
+# Reference: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/IMG_File_Format
+# sourceforge.net/projects/garmin-img/files/IMG%20File%20Format/1.0/imgformat-1.0.pdf
+# GRR: similar to MBR boot sector handled by ./filesystems
+0x1FE	leshort		=0xAA55
+# look for valid map signature
+>0x13	string		=IMG\0
+>>0	use		garmin-map
+0	name				garmin-map
+>0	ubyte		x		Garmin
+!:mime	application/x-garmin-map
+# If non-zero, every byte of the entire .img file is to be XORed with this value
+>0	ubyte		!0		\b, 0x%x XORed
+# goto block before FAT
+>(0x40.b*512)	ubyte	x
+# 1st fat name "DLLINFO TXT" only found for vpm
+>>&512 		string	=DLLINFO\ TXT 	map (Voice Processing)
+# there exist 2 other Garmin VPM formats; see ./audio
+!:ext	vpm
+# Deutsch__Yannick_D4481-00_0210.vpm
+#>>>512	search/0x0116da60/s	RIFF	\b; with
+# determine type voice type by ./riff
+#>>>>&0	indirect	x	\b
+>>&512 		string	!DLLINFO\ TXT 	map
+!:ext	img
+# 9 zeros
+>1 	ubelong		!0 		\b, zeroes 0x%x
+# Map's version major
+>8	ubyte		x		v%u
+# Map's version minor
+>9	ubyte		x		\b.%.2u
+# Map description[20], 0x20 padded
+>0x49	string		x		%.20s
+# Map name, continued (0x20 padded, \0 terminated)
+>0x65	string		>\ 		\b%.31s
+# Update year (+1900 for val >= 0x63, +2000 for val <= 0x62)
+>0xB	ubyte		x		\b, updated
+>>0xB	ubyte		>0x62
+>>>0xB	ubyte-100	x		20%.2u
+>>0xB	ubyte		<0x63
+>>>0xB	ubyte		x		20%.2u
+# Update month (0-11)
+>0xA	ubyte		x		\b-%.2u
+# All zeroes
+>0xc 	uleshort	!0 		\b, zeroes 0x%x
+# Mapsource flag, 1 - file created by Mapsource, 0 - Garmin map visible in Basecamp and Homeport 
+#>0xE	ubyte		!0		\b, Mapsource flag 0x%x
+>0xE	ubyte		1		\b, Mapsource
+# Checksum, sum of all bytes modulo 256 should be 0
+#>0xF	ubyte		x		\b, Checksum 0x%x
+# Signature: DSKIMG 0x00 or DSDIMG 0x00 for demo map 
+>0x10	string		!DSKIMG		\b, signature "%.7s"
+>0x39	use		garmin-date
+# Map file identifier like GARMIN\0
+>0x41	string		!GARMIN		\b, id "%.7s"
+# Block size exponent, E1; appears to always be 0x09; minimum block size 512 bytes
+>0x61	ubyte		!0x09		\b, E1=%u
+# Block size exponent, E2 ; file blocksize=2**(E1+E2)
+>>0x62	ubyte		x		\b, E2=%u
+>0x61	ubyte		=0x09		\b, blocksize
+>>0x62	ubyte		0		512
+>>0x62	ubyte		1		1024
+>>0x62	ubyte		2		2048
+>>0x62	ubyte		3		4096
+>>0x62	ubyte		4		8192
+>>0x62	ubyte		5		16384
+>>0x62	default		x
+>>>0x62	ubyte		x		E2=%u
+# MBR signature
+>0x1FE	leshort		!0xAA55		\b, invalid MBR
+# 512 zeros
+>0x200 	uquad		!0		\b, zeroes 0x%llx
+# First sub-file offset (absolute); sometimes NO/UNKNOWN sub file!
+>0x40C	ulelong		>0		\b, at 0x%x
+# sub-file Header length
+#>>(0x40C.l)	uleshort	x	\b, header len 0x%x
+>>(0x40C.l)	uleshort	x	%u bytes
+# sub-file Type[10] like "GARMIN RGN" "GARMIN TRE", "GARMIN TYP", etc.
+>>(0x40C.l+2)	ubyte	>0x1F
+>>>(0x40C.l+2)	ubyte	<0xFF
+>>>>(0x40C.l+2)	string	x		"%.10s"
+# 0x00 for most maps, 0x80 for locked maps (City Nav, City Select, etc.) 
+>>>>(0x40C.l+13)	ubyte	>0		\b, locked 0x%x
+# Block sequence numbers like 0000 0100 0200 ... FFFF
+# >0x420	ubequad		>0	\b, seq. 0x%16.16llx
+# >>0x428	ubequad		>0	\b%16.16llx
+# >>>0x430	ubequad	>0	\b%16.16llx
+# >>>>0x438	ubequad	>0	\b%16.16llx
+# >>>>>0x440	ubequad	>0	\b%16.16llx
+# >>>>>>0x448	ubequad	>0	\b%16.16llx
+# >>>>>>>0x450	ubequad	>0	\b%16.16llx
+# >>>>>>>>0x458	ubequad	>0	\b%16.16llx
+# >>>>>>>>>0x460	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>0x468	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>0x470	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>0x478	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>0x480	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>0x488	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>0x490	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>0x498	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>>0x4A0	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>>>0x4A8	ubequad	>0	\b%16.16llx
+# look for end of FAT
+#>>0x420	search/512/s	\xff\xff	FAT END
+# Physical block number of FAT header
+#>0x40	ubyte		x		\b, FAT at phy. block %u
+>0x40	ubyte		x
+>>(0x40.b*512)	ubyte	x
+# 1st FAT block
+>>>&511 	use	garmin-fat
+# 2nd FAT block
+>>>&1023 	use	garmin-fat
+# 3th FAT block
+>>>&1535 	use	garmin-fat
+# 4th FAT block
+>>>&2047 	use	garmin-fat
+# ... xth FAT block
+#
+# 314 zeros but not in vpm and also gmaptz.img
+>0x84 	uquad		!0		\b, at 0x84 0x%llx
+# display FileAllocationTable block entry in garmin map
+0	name				garmin-fat
+>0	ubyte		x		\b;
+# sub file part; 0x0003 seems to be garbage
+>0x10	uleshort	!0		next 0x%4.4x
+>0x10	uleshort	=0
+# fat flag 0~dummy block 1~true sub file
+>>0	ubyte		!1		flag %u 
+>>0	ubyte		=1
+# sub-file name like MAKEGMAP 12345678
+>>>0x1	string		x		%.8s
+# sub-file typ like RGN TRE MDR LBL
+>>>0x9	string		x		\b.%.3s
+# size of sub file
+>>>0xC	ulelong		x		\b, %u bytes
+# 32-bit block sequence numbers
+#>>>0x20	ubequad		x		\b, seq. 0x%16.16llx
+
+#	display date stored inside Garmin maps like yyyy-mm-dd h:mm:ss
+0	name				garmin-date
+# year like 2018
+>0 	uleshort	x 		\b, created %u
+# month (0-11)
+>2	ubyte		x		\b-%.2u
+# day (1-31)
+>3	ubyte		x		\b-%.2u
+# hour (0-23)
+>4	ubyte		x		%u
+# minute (0-59)
+>5	ubyte		x		\b:%.2u
+# second (0-59)
+>6	ubyte		x		\b:%.2u
+
+# Summary: Garmin Map subfiles
+# From:	Joerg Jenderek
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/IMG_File_Format
+# Garmin Common Header
+2	string	GARMIN\ 
+# skip ASCII text by checking for low header length
+>0	uleshort <0x1000	Garmin map,
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/GMP_Subfile_Format
+>>9	string	GMP				subtile
+!:mime			application/x-garmin-gpm
+!:ext			gmp
+# copyright message
+>>>(0.s)		string		x	%s
+>>>0x0E 		use		garmin-date
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/MDR_Subfile_Format
+# This contains the searchable address table used for finding routing destinations
+>>9	string	MDR				address table
+!:mime			application/x-garmin-mdr
+!:ext			mdr
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/NOD_Subfile_Format
+# http://svn.parabola.me.uk/display/trunk/doc/nod.txt
+# This contains the routing information
+>>9	string	NOD				routing
+!:mime			application/x-garmin-nod
+!:ext			nod
+>>>0x0E 		use		garmin-date
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes NOD1
+#>>>0x25			ulelong		x	\b, at 0x%x
+#>>>0x29			ulelong		x	0x%x bytes NOD2
+#>>>0x31			ulelong		x	\b, at 0x%x
+#>>>0x35			ulelong		x	0x%x bytes NOD3
+# URL: http://www.pinns.co.uk/osm/net.html
+# routable highways (length, direction, allowed speed,house address information)
+>>9	string	NET				highways
+!:mime			application/x-garmin-net
+!:ext			net
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes NET1
+#>>>0x22			ulelong		>0
+#>>>>0x1E		ulelong		x	\b, at 0x%x
+#>>>>0x22		ulelong		x	0x%x bytes NET2
+#>>>0x2B			ulelong		>0
+#>>>>0x27		ulelong		x	\b, at 0x%x
+#>>>>0x2B		ulelong		x	0x%x bytes NET3
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/LBL_Subfile_Format
+>>9	string	LBL				labels
+!:mime			application/x-garmin-lbl
+!:ext			lbl
+>>>(0.s)		string	x	%s
+# Label coding type 6h 9h and ah
+>>>0x1E			ubyte		x	\b, coding type 0x%x
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes LBL1
+#>>>0x1F			ulelong		x	\b, at 0x%x
+#>>>0x23			ulelong		x	0x%x bytes LBL2
+#>>>0x2D			ulelong		x	\b, at 0x%x
+#>>>0x31			ulelong		x	0x%x bytes LBL3
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/SRT_Subfile_Format
+# A lookup table of the chars in the map's codepage, and their collating sequence
+>>9	string	SRT				sort table
+!:mime			application/x-garmin-srt
+!:ext			srt
+>>>0x0E 		use		garmin-date
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/TRE_Subfile_Format
+>>9	string	TRE				tree
+!:mime			application/x-garmin-tre
+!:ext			tre
+# title like City Nav Europe NTU 2019.2 Basemap
+# or OSM Street map
+>>>(0.s)		string		x	%s
+# 2nd title like Copyright 1995-2018 by GARMIN Corporation.
+# or http://www.openstreetmap.org/
+>>>>&1			string		x	%s
+>>>0x0E 		use		garmin-date
+#>>>0x21			ulelong		x	\b, at 0x%x
+#>>>0x25			ulelong		x	0x%x bytes TRE1
+#>>>0x29			ulelong		x	\b, at 0x%x
+#>>>0x2D			ulelong		x	0x%x bytes TRE2
+#>>>0x31			ulelong		x	\b, at 0x%x
+#>>>0x35			ulelong		x	0x%x bytes TRE3
+# Copyright record size
+#>>>0x39			uleshort	x	\b, copyright record size %u
+# Map ID
+>>>0x74			ulelong		x	\b, ID 0x%x
+# URL: https://www.gpspower.net/garmin-tutorials/353310-basecamp-installing-free-desktop-map.html
+# For road traffic information service (RDS/TMS/TMC). Commonly seen in City Navigator maps
+>>9	string	TRF				traffic,
+!:mime			application/x-garmin-trf
+!:ext			trf
+# city/region like Preitenegg
+>>>(0.s+1) 		string		x	1st %s
+# highway part like L606/L148
+>>>>&1			string		x	%s
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/Format
+# Reference: http://www.pinns.co.uk/osm/typformat.html
+# customize the appearance of objects. For GPS and MapSource/Qlandkarte better looking maps
+>>9	string	TYP				types
+!:mime			application/x-garmin-typ
+!:ext			typ
+>>>0x0E 		use		garmin-date
+# character set 1252 65001~UTF8
+>>>0x15			uleshort	x	\b, code page %u
+# POIs
+#>>>0x17			ulelong		x	\b, at 0x%x
+#>>>0x1B			ulelong		x	0x%x bytes TYP1
+# extra pois
+#>>>0x5B			ulelong		x	\b, at 0x%x
+#>>>0x5F			ulelong		x	0x%x bytes TYP8
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/RGN_Subfile_Format
+# http://www.pinns.co.uk/osm/RGN.html
+# region data used by the Garmin software
+>>9	string	RGN				region
+!:mime			application/x-garmin-rgn
+!:ext			rgn
+# POIs,Indexed POIs,Polylines or Polygons or first map level
+#>>>0x15			ulelong	       x	\b, at 0x%x
+#>>>0x19			ulelong	       x	0x%x bytes RGN1
+# polygons with extended types
+#>>>0x21			ulelong	       >0
+#>>>>0x1D		ulelong	       x	\b, at 0x%x
+#>>>>0x21		ulelong	       x	0x%x bytes RGN2
+# polylines with extended types
+#>>>0x3D			ulelong	       >0
+#>>>>0x39		ulelong	       x	\b, at 0x%x
+#>>>>0x3D		ulelong	       x	0x%x bytes RGN3
+# extended POIs
+#>>>0x59			ulelong	       >0
+#>>>>0x55		ulelong	       x	\b, at 0x%x
+#>>>>0x59		ulelong	       x	0x%x bytes RGN3
+#>>9	default		x		unknown map type
+# Header length; GMP:31h 35h 3Dh,MDR:11Eh 238h 2C4h 310h,NOD:3Fh 7Fh,NET:64h,
+# LBL:2A9h,SRT:1Dh 25h 27h,TRE:CFh 135h,TRF:5Ah,TYP:5Bh 6Eh 7Ch AEh,RGN:7Dh
+>>0	uleshort	x		\b, header length 0x%x
+
 # TOM TOM GPS watches ttbin files:
-# http://github.com/ryanbinns/ttwatch/tree/master/ttbin
+# https://github.com/ryanbinns/ttwatch/tree/master/ttbin
 # From: Daniel Lenski
 0	byte	0x20
 >1	leshort	0x0007
@@ -17568,7 +19690,7 @@
 #
 # MARC21 formats are for the representation and communication
 # of bibliographic and related information in machine-readable
-# form.  For more info, see http://www.loc.gov/marc/
+# form.  For more info, see https://www.loc.gov/marc/
 
 
 # leader position 20-21 must be 45
@@ -17682,10 +19804,10 @@
 
 
 #------------------------------------------------------------------------------
-# $File: matroska,v 1.8 2013/02/08 17:25:16 christos Exp $
+# $File: matroska,v 1.9 2019/04/19 00:42:27 christos Exp $
 # matroska:  file(1) magic for Matroska files
 #
-# See http://www.matroska.org/
+# See https://www.matroska.org/
 #
 
 # EBML id:
@@ -17737,7 +19859,7 @@
 >5	byte		3		keymode: MD5 hash
 
 #------------------------------------------------------------------------------
-# $File: measure,v 1.1 2017/11/28 14:01:14 christos Exp $
+# $File: measure,v 1.2 2018/06/23 16:13:15 christos Exp $
 # measure: file(1) magic for measurement data
 
 # DIY-Thermocam raw data
@@ -17745,40 +19867,40 @@
 >0	beshort	x	scale %d-
 >2	beshort x	\b%d,
 >4	lefloat	x	spot sensor temperature %f,
->9	byte	0	unit celsius,
->9	byte	1	unit fahrenheit,
->8	byte	x	color scheme %d
->10	byte	1	\b, show spot sensor
->11	byte	1	\b, show scale bar
->12	byte	&1	\b, minimum point enabled
->12	byte	&2	\b, maximum point enabled
+>9	ubyte	0	unit celsius,
+>9	ubyte	1	unit fahrenheit,
+>8	ubyte	x	color scheme %d
+>10	ubyte	1	\b, show spot sensor
+>11	ubyte	1	\b, show scale bar
+>12	ubyte	&1	\b, minimum point enabled
+>12	ubyte	&2	\b, maximum point enabled
 >13	lefloat	x	\b, calibration: offset %f,
 >17	lefloat x	slope %f
 
 0	name	diy-thermocam-checker
->9	byte	<2
->>10	byte	<2
->>>11	byte	<2
->>>>12	byte	<4
+>9	ubyte	<2
+>>10	ubyte	<2
+>>>11	ubyte	<2
+>>>>12	ubyte	<4
 >>>>>17	lefloat	>0.0001	DIY-Thermocam raw data
 
 # V2 and Leption 3.x:
-38408	byte	<19
+38408	ubyte	<19
 >38400	use	diy-thermocam-checker
 >>38400	default x	(Lepton 3.x),
 >>>38400	use	diy-thermocam-parser
 
 # V1 or Lepton 2.x
-9608	byte	<19
+9608	ubyte	<19
 >9600	use	diy-thermocam-checker
 >>9600	default	x	(Lepton 2.x),
 >>>9600	use	diy-thermocam-parser
 
 
 #------------------------------------------------------------------------------
-# $File: mercurial,v 1.4 2009/09/19 16:28:10 christos Exp $
+# $File: mercurial,v 1.5 2019/04/19 00:42:27 christos Exp $
 # mercurial:  file(1) magic for Mercurial changeset bundles
-# http://www.selenic.com/mercurial/wiki/
+# https://www.selenic.com/mercurial/wiki/
 #
 # Jesse Glick (jesse.glick@sun.com)
 #
@@ -17789,10 +19911,10 @@
 >4	string		BZ		(bzip2 compressed)
 
 #------------------------------------------------------------------------------
-# $File: metastore,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: metastore,v 1.3 2019/04/19 00:42:27 christos Exp $
 # metastore:  file(1) magic for metastore files
 # From: Thomas Wissen
-# see http://david.hardeman.nu/software.php#metastore
+# see https://david.hardeman.nu/software.php#metastore
 0	string		MeTaSt00r3	Metastore data file,
 >10	bequad		x		version %0llx
 
@@ -17846,10 +19968,10 @@
 >7	byte	=2	Gridded binary (GRIB) version 2
 
 #------------------------------------------------------------------------------
-# $File: microfocus,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: microfocus,v 1.3 2019/04/19 00:42:27 christos Exp $
 # Micro Focus COBOL data files.
 
-# http://documentation.microfocus.com/help/index.jsp?topic=\
+# https://documentation.microfocus.com/help/index.jsp?topic=\
 # %2FGUID-0E0191D8-C39A-44D1-BA4C-D67107BAF784%2FHRFLRHFILE05.html
 # http://www.cobolproducts.com/datafile/data-viewer.html
 # https://github.com/miracle2k/mfcobol-export
@@ -18004,7 +20126,7 @@
 0	long	31415		Mirage Assembler m.out executable
 
 #-----------------------------------------------------------------------------
-# $File: misctools,v 1.17 2017/03/17 21:35:28 christos Exp $
+# $File: misctools,v 1.18 2019/04/19 00:42:27 christos Exp $
 # misctools:  file(1) magic for miscellaneous UNIX tools.
 #
 0	search/1	%%!!			X-Post-It-Note text
@@ -18012,7 +20134,7 @@
 !:mime	text/calendar
 # updated by Joerg Jenderek at Apr 2015
 # Extension: .vcf
-# http://en.wikipedia.org/wiki/VCard
+# https://en.wikipedia.org/wiki/VCard
 0	string/c	BEGIN:VCARD		vCard visiting card
 # deprecated
 #!:mime	text/x-vcard
@@ -18040,7 +20162,7 @@
 # "Windows Minidump" by TrID
 # ./misctools (version 5.25) labeled the entry as "MDMP crash report data"
 0	string		MDMP					Mini DuMP crash report
-# http://filext.com/file-extension/DMP
+# https://filext.com/file-extension/DMP
 !:mime	application/x-dmp
 !:ext	dmp/mdmp
 # The high-order word is an internal value that is implementation specific.
@@ -18094,7 +20216,7 @@
 0	string	\001\001\001\001	MMDF mailbox
 
 #------------------------------------------------------------------------------
-# $File: modem,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: modem,v 1.9 2019/04/19 00:42:27 christos Exp $
 # modem:  file(1) magic for modem programs
 #
 # From: Florian La Roche <florian@knorke.saar.de>
@@ -18105,7 +20227,7 @@
 # Summary: CCITT Group 3 Facsimile in "raw" form (i.e. no header).
 # Modified by: Joerg Jenderek
 # URL: https://de.wikipedia.org/wiki/Fax
-# Reference: http://web.archive.org/web/20020628195336/http://www.netnam.vn/unescocourse/computervision/104.htm
+# Reference: https://web.archive.org/web/20020628195336/http://www.netnam.vn/unescocourse/computervision/104.htm
 # GRR: EOL of G3 is too general as it catches also TrueType fonts, Postscript PrinterFontMetric, others
 0	short		0x0100
 # 16 0-bits near beginning like True Type fonts *.ttf, Postscript PrinterFontMetric *.pfm, FTYPE.HYPERCARD, XFER
@@ -18251,14 +20373,29 @@
 >8      beshort         x               (version %04x)
 
 #------------------------------------------------------------------------------
-# $File: mozilla,v 1.8 2018/01/17 12:08:36 christos Exp $
+# $File: mozilla,v 1.10 2019/04/19 00:42:27 christos Exp $
 # mozilla:  file(1) magic for Mozilla XUL fastload files
 # (XUL.mfasl and XPC.mfasl)
-# URL:	http://www.mozilla.org/
+# URL:	https://www.mozilla.org/
 # From:	Josh Triplett <josh@freedesktop.org>
 
 0	string	XPCOM\nMozFASL\r\n\x1A		Mozilla XUL fastload data
+# Probably the next magic line contains misspelled "mozLz40\0"
 0	string	mozLz4a				Mozilla lz4 compressed bookmark data
+# From: Joerg Jenderek
+# URL: https://lz4.github.io/lz4/
+# Reference: https://github.com/avih/dejsonlz4/archive/master.zip/
+# dejsonlz4-master\src\dejsonlz4.c 
+# Note: mostly JSON compressed with a non-standard LZ4 header
+# can be unpacked by dejsonlz4 but not lz4 programm.
+0	string	mozLz40\0			Mozilla lz4 compressed data
+!:mime	application/x-lz4+json
+# mozlz4 extension seems to be used for search/store, while jsonlz4 for bookmarks
+!:ext	jsonlz4/mozlz4
+# decomp_size
+>8	ulelong	x				\b, originally %u bytes
+# lz4 data
+#>12	ubequad	x				\b, lz4 data 0x%16.16llx
 
 # From: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/Firefox_4
@@ -18273,7 +20410,7 @@
 #>4	use	zip-dir-entry
 
 #------------------------------------------------------------------------------
-# $File: msdos,v 1.121 2017/10/27 21:43:23 christos Exp $
+# $File: msdos,v 1.128 2019/04/19 00:42:27 christos Exp $
 # msdos:  file(1) magic for MS-DOS files
 #
 
@@ -18282,12 +20419,16 @@
 0	string/t	@
 >1	string/cW	\ echo\ off	DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	echo\ off	DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	rem		DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	set\ 		DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 
 
 # OS/2 batch files are REXX. the second regex is a bit generic, oh well
@@ -18322,6 +20463,9 @@
 # All non-DOS EXE extensions have the relocation table more than 0x40 bytes into the file.
 >0x18	leshort <0x40 MS-DOS executable
 !:mime	application/x-dosexec
+# Windows and later versions of DOS will allow .EXEs to be named with a .COM
+# extension, mostly for compatibility's sake.
+!:ext	exe/com
 # These traditional tests usually work but not always.  When test quality support is
 # implemented these can be turned on.
 #>>0x18	leshort	0x1c	(Borland compiler)
@@ -18340,9 +20484,33 @@
 >>>(0x3c.l+24)	default		x	Unknown PE signature
 >>>>&0 		leshort		x	0x%x
 >>>(0x3c.l+22)	leshort&0x2000	>0	(DLL)
->>>(0x3c.l+92)	leshort		1	(native)
->>>(0x3c.l+92)	leshort		2	(GUI)
->>>(0x3c.l+92)	leshort		3	(console)
+>>>(0x3c.l+92)	leshort		1
+# Native PEs include ntoskrnl.exe, hal.dll, smss.exe, autochk.exe, and all the
+# drivers in Windows/System32/drivers/*.sys.
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(native)
+!:ext	dll/sys
+>>>>(0x3c.l+22)	leshort&0x2000	0	(native)
+!:ext	exe/sys
+>>>(0x3c.l+92)	leshort		2
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(GUI)
+# These could probably be at least partially distinguished from one another by
+# looking for specific exported functions.
+# CPL: Control Panel item
+# TLB: Type library
+# OCX: OLE/ActiveX control
+# ACM: Audio compression manager codec
+# AX: DirectShow source filter
+# IME: Input method editor
+!:ext	dll/cpl/tlb/ocx/acm/ax/ime
+>>>>(0x3c.l+22)	leshort&0x2000	0	(GUI)
+# Screen savers typically include code from the scrnsave.lib static library, but
+# that's not guaranteed.
+!:ext	exe/scr
+>>>(0x3c.l+92)	leshort		3
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(console)
+!:ext	dll/cpl/tlb/ocx/acm/ax/ime
+>>>>(0x3c.l+22)	leshort&0x2000	0	(console)
+!:ext	exe/com
 >>>(0x3c.l+92)	leshort		7	(POSIX)
 >>>(0x3c.l+92)	leshort		9	(Windows CE)
 >>>(0x3c.l+92)	leshort		10	(EFI application)
@@ -18424,8 +20592,16 @@
 >>>(0x3c.l+0x36)	default		x
 >>>>(0x3c.l+0x36)	byte		x (unknown OS %x)
 >>>(0x3c.l+0x36)	byte		0x81 for MS-DOS, Phar Lap DOS extender
->>>(0x3c.l+0x0c)	leshort&0x8003	0x8002 (DLL)
->>>(0x3c.l+0x0c)	leshort&0x8003	0x8001 (driver)
+>>>(0x3c.l+0x0c)	leshort&0x8000	0x8000 (DLL or font)
+# DRV: Driver
+# 3GR: Grabber device driver
+# CPL: Control Panel Item
+# VBX: Visual Basic Extension
+# FON: Bitmap font
+# FOT: Font resource file
+!:ext	dll/drv/3gr/cpl/vbx/fon/fot
+>>>(0x3c.l+0x0c)	leshort&0x8000	0 (EXE)
+!:ext	exe/scr
 >>>&(&0x24.s-1)		string		ARJSFX \b, ARJ self-extracting archive
 >>>(0x3c.l+0x70)	search/0x80	WinZip(R)\ Self-Extractor \b, ZIP self-extracting archive (WinZip)
 
@@ -18472,6 +20648,11 @@
 >>>(0x3c.l+0x0a)	leshort		2 for MS Windows
 >>>(0x3c.l+0x0a)	leshort		3 for DOS
 >>>(0x3c.l+0x0a)	leshort		4 for MS Windows (VxD)
+# VXD: VxD for Windows 95/98/Me
+# 386: VxD for Windows 2.10, 3.0, 3.1x
+# PDR: Port driver
+# MPD: Miniport driver (?)
+!:ext	vxd/386/pdr/mpd
 >>>(&0x7c.l+0x26)	string		UPX \b, UPX compressed
 >>>&(&0x54.l-3)		string		UNACE \b, ACE self-extracting archive
 
@@ -18480,6 +20661,7 @@
 >>0x3c		lelong	>0x20000000
 >>>(4.s*512)	leshort !0x014c \b, MZ for MS-DOS
 !:mime	application/x-dosexec
+!:ext	exe/com
 # header data too small for extended executable
 >2		long	!0
 >>0x18		leshort <0x40
@@ -18578,8 +20760,8 @@
 >>49824 leshort		=1			\b, 1 file
 >>49824 leshort		>1			\b, %u files
 
-# added by Joerg Jenderek of http://www.freedos.org/software/?prog=kc
-# and http://www.freedos.org/software/?prog=kpdos
+# added by Joerg Jenderek of https://www.freedos.org/software/?prog=kc
+# and https://www.freedos.org/software/?prog=kpdos
 # for FreeDOS files like KEYBOARD.SYS, KEYBRD2.SYS, KEYBRD3.SYS, *.KBD
 0	string/b	KCF		FreeDOS KEYBoard Layout collection
 # only version=0x100 found
@@ -18721,6 +20903,8 @@
 
 0       name    msdos-com
 >0  byte        x               DOS executable (COM)
+!:mime	application/x-dosexec
+!:ext	com
 >6	string		SFX\ of\ LHarc	\b, %s
 >0x1FE leshort	0xAA55		    \b, boot code
 >85	string		UPX		        \b, UPX compressed
@@ -18757,11 +20941,11 @@
 # modified by Joerg Jenderek
 # syslinux COM32 or COM32R executable
 >>1	lelong&0xFFFFFFFe 0x21CD4CFe	COM executable (32-bit COMBOOT
-# http://www.syslinux.org/wiki/index.php/Comboot_API
+# https://www.syslinux.org/wiki/index.php/Comboot_API
 # Since version 5.00 c32 modules switched from the COM32 object format to ELF
 !:mime	application/x-c32-comboot-syslinux-exec
 !:ext c32
-# http://syslinux.zytor.com/comboot.php
+# https://syslinux.zytor.com/comboot.php
 # older syslinux version ( <4 )
 # (32-bit COMBOOT) programs *.C32 contain 32-bit code and run in flat-memory 32-bit protected mode
 # start with assembler instructions mov eax,21cd4cffh
@@ -18787,41 +20971,75 @@
 0	string/b	\x81\xfc
 >4	string	\x77\x02\xcd\x20\xb9
 >>36	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 252	string Must\ have\ DOS\ version DR-DOS executable (COM)
+!:mime	application/x-dosexec
+!:ext	com
 # added by Joerg Jenderek at Oct 2008
 # GRR search is not working
 #34	search/2	UPX!		FREE-DOS executable (COM), UPX compressed
 34	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 35	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 # GRR search is not working
 #2	search/28	\xcd\x21	COM executable for MS-DOS
 #WHICHFAT.cOM
 2	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #DELTREE.cOM DELTREE2.cOM
 4	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #IFMEMDSK.cOM ASSIGN.cOM COMP.cOM
 5	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #DELTMP.COm HASFAT32.cOM
 7	string	\xcd\x21
 >0	byte	!0xb8			COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #COMP.cOM MORE.COm
 10	string	\xcd\x21
 >5	string	!\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #comecho.com
 13	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #HELP.COm EDIT.coM
 18	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #NWRPLTRM.COm
 23	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #LOADFIX.cOm LOADFIX.cOm
 30	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #syslinux.com 3.11
 70	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 # many compressed/converted COMs start with a copy loop instead of a jump
 0x6	search/0xa	\xfc\x57\xf3\xa5\xc3	COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 0x6	search/0xa	\xfc\x57\xf3\xa4\xc3	COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 >0x18	search/0x10	\x50\xa4\xff\xd5\x73	\b, aPack compressed
 0x3c	string		W\ Collis\0\0		COM executable for MS-DOS, Compack compressed
+!:mime	application/x-dosexec
+!:ext	com
 # FIXME: missing diet .com compression
 
 # miscellaneous formats
@@ -19065,10 +21283,16 @@
 #0	string	Nullsoft\ AVS\ Preset\ \060\056\061\032 A plug in for Winamp ms-windows Freeware media player
 0	string/b	Nullsoft\ AVS\ Preset\ 	Winamp plug in
 
-# Windows Metafont .WMF
-0	string/b	\327\315\306\232	ms-windows metafont .wmf
-0	string/b	\002\000\011\000	ms-windows metafont .wmf
-0	string/b	\001\000\011\000	ms-windows metafont .wmf
+# Windows Metafile .WMF
+0	string/b	\327\315\306\232	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
+0	string/b	\002\000\011\000	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
+0	string/b	\001\000\011\000	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
 
 #tz3 files whatever that is (MS Works files)
 0	string/b	\003\001\001\004\070\001\000\000	tz3 ms-works file
@@ -19110,8 +21334,9 @@
 # skip remaining worksheets, because valid only for DIB image (40) or PNG image (\x89PNG)
 >>(18.l)	ulelong		x		MS Windows
 >>>0		ubelong		0x00000100	icon resource
-#!:mime		image/vnd.microsoft.icon
-!:mime		image/x-icon
+# https://www.iana.org/assignments/media-types/image/vnd.microsoft.icon
+!:mime		image/vnd.microsoft.icon
+#!:mime		image/x-icon
 !:ext		ico
 >>>>4 		uleshort	x		- %d icon
 # plural s
@@ -19157,7 +21382,8 @@
 #>12		ulelong		x		\b, offset 0x%x
 # PNG header (\x89PNG)
 >(12.l)		ubelong		=0x89504e47
->>&-4		indirect	x	\b with
+# 1 space char after "with" to get phrase "with PNG image" by magic in ./images
+>>&-4		indirect	x	\b with 
 # DIB image
 >(12.l)		ubelong		!0x89504e47
 #>>&-4		use     	dib-image
@@ -19226,10 +21452,11 @@
 0	lelong		0x4C
 >4	lelong		0x00021401	Windows shortcut file
 
-# .PIF files added by Joerg Jenderek from http://smsoft.ru/en/pifdoc.htm
+# .PIF files added by Joerg Jenderek from https://smsoft.ru/en/pifdoc.htm
 # only for windows versions equal or greater 3.0
 0x171	string	MICROSOFT\ PIFEX\0	Windows Program Information File
 !:mime	application/x-dosexec
+!:ext	pif
 #>2	string	 	>\0		\b, Title:%.30s
 >0x24	string		>\0		\b for %.63s
 >0x65	string		>\0		\b, directory=%.64s
@@ -19277,7 +21504,7 @@
 
 # Norton Guide (.NG , .HLP) files added by Joerg Jenderek from source NG2HTML.C
 # of http://www.davep.org/norton-guides/ng2h-105.tgz
-# http://en.wikipedia.org/wiki/Norton_Guides
+# https://en.wikipedia.org/wiki/Norton_Guides
 0	string		NG\0\001
 # only value 0x100 found at offset 2
 >2	ulelong		0x00000100	Norton Guide
@@ -19289,7 +21516,7 @@
 >>114	string		>\0		%-.66s
 
 # 4DOS help (.HLP) files added by Joerg Jenderek from source TPHELP.PAS
-# of http://www.4dos.info/
+# of https://www.4dos.info/
 # pointer,HelpID[8]=4DHnnnmm
 0	ulelong	0x48443408		4DOS help file
 >4	string	x			\b, version %-4.4s
@@ -19305,12 +21532,246 @@
 
 #------------------------------------------------------------------------------
 # From Stuart Caie <kyzer@4u.net> (developer of cabextract)
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Cabinet_(file_format)
+# Reference: https://msdn.microsoft.com/en-us/library/bb267310.aspx
+# Note: verified by `7z l *.cab`
 # Microsoft Cabinet files
 0	string/b	MSCF\0\0\0\0	Microsoft Cabinet archive data
-!:mime application/vnd.ms-cab-compressed
->8	lelong		x		\b, %u bytes
->28	leshort		1		\b, 1 file
->28	leshort		>1		\b, %u files
+#
+# https://support.microsoft.com/en-us/help/973559/frequently-asked-questions-about-the-microsoft-support-diagnostic-tool
+# CAB with *.{diagcfg,diagpkg} is used by Microsoft Support Diagnostic Tool MSDT.EXE
+# because some archive does not have *.diag* as 1st or 2nd archive member like
+# O15CTRRemove.diagcab or AzureStorageAnalyticsLogs_global.DiagCab
+# brute looking after header for filenames with diagcfg or diagpkg extension in CFFILE section
+>0x2c	search/980/c	.diag		\b, Diagnostic
+!:mime	application/vnd.ms-cab-compressed
+!:ext	diagcab
+# http://fileformats.archiveteam.org/wiki/PUZ
+# Microsoft Publisher version about 2003 has a "Pack and Go" feature that
+# bundles a Publisher document *PNG.pub with all links into a CAB
+>0x2c	search/300/c	png.pub\0		\b, Publisher Packed and Go
+!:mime	application/vnd.ms-cab-compressed
+!:ext	puz
+# ppz variant with Microsoft PowerPoint Viewer ppview32.exe to play PowerPoint presentation
+>0x2c	search/17/c	ppview32.exe\0		\b, PowerPoint Viewer Packed and Go
+!:mime	application/vnd.ms-powerpoint
+#!:mime	application/mspowerpoint
+!:ext	ppz
+# http://www.incredimail.com/
+# IncrediMail CAB contains an initialisation file "content.ini" like in im2.ims
+>0x2c	search/3369/c	content.ini\0	\b, IncrediMail
+!:mime	application/x-incredimail
+# member Flavor.htm implies IncrediMail ecard like in tell_a_friend.imf
+>>0x2c	search/83/c	Flavor.htm\0	ecard
+!:ext	imf
+# member Macromedia Flash data *.swf implies IncrediMail skin like in im2.ims
+>>0x2c	search/211/c	.swf\0		skin
+!:ext	ims
+# member anim.im3 implies IncrediMail animation like in letter_fold.ima 
+>>0x2c	search/92/c	anim.im3\0	animation
+!:ext	ima
+# other IncrediMail cab archive
+>>0x2c	default		x
+>>>0x2c	search/116/c	thumb		ecard, image, notifier or skin
+!:ext	imf/imi/imn/ims
+# http://file-extension.net/seeker/file_extension_ime
+>>>0x2c	default		x		emoticons or sound
+!:ext	ime/imw
+# no Diagnostic and IncrediMail
+>0x2c	default		x
+# look for 1st member name
+>>(16.l+16)	ubyte	x
+# https://en.wikipedia.org/wiki/SNP_file_format
+>>>&-1	string/c 	_accrpt_.snp	\b, Access report snapshot
+!:mime	application/msaccess
+!:ext	snp
+# https://www.cabextract.org.uk/wince_cab_format/
+# extension of DOS 8+3 name with ".000" of 1st archive member name implies Windows CE installer
+>>>&7	string 		=.000		\b, WinCE install
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+
+# https://support.microsoft.com/kb/934307/en-US
+# All inspected MSU contain a file with name WSUSSCAN.cab
+# that is called "Windows Update meta data" by Microsoft
+>>>&-1	string/c 	wsusscan.cab	\b, Microsoft Standalone Update
+!:mime	application/vnd.ms-cab-compressed
+!:ext	msu
+>>>&-1	default		x
+# look at point charcter of 1st archive member name for file name extension
+>>>>&-1	search/255 	.
+# http://www.pptfaq.com/FAQ00164_What_is_a_PPZ_file-.htm
+# PPZ were created using Pack & Go feature of PowerPoint versions 97 - 2002
+# packs optional files, a PowerPoint presentation *.ppt with optional PLAYLIST.LST to CAB
+>>>>>&0	string/c	ppt\0		\b, PowerPoint Packed and Go
+!:mime	application/vnd.ms-powerpoint
+#!:mime	application/mspowerpoint
+!:ext	ppz
+# https://msdn.microsoft.com/en-us/library/windows/desktop/bb773190(v=vs.85).aspx
+# first member *.theme implies Windows 7 Theme Pack like in CommunityShowcaseAqua3.themepack
+# or Windows 8 Desktop Theme Pack like in PanoramicGlaciers.deskthemepack
+>>>>>&0	string/c	theme		\b, Windows
+!:mime	application/x-windows-themepack
+# https://www.drewkeller.com/content/using-theme-both-windows-7-and-windows-8
+# 1st member Panoramic.theme or Panoramas.theme implies Windows 8-10 Theme Pack
+# with MTSM=RJSPBS in [MasterThemeSelector] inside *.theme
+>>>>>>(16.l+16)	string	=Panoram	8
+!:ext	deskthemepack
+>>>>>>(16.l+16)	string	!Panoram	7 or 8
+!:ext	themepack/deskthemepack
+>>>>>>(16.l+16)	ubyte	x		Theme Pack
+>>>>>&0	default		x
+# look for null terminator of 1st member name
+>>>>>>&0	search/255 	\0
+# 2nd member name WSUSSCAN.cab like in Microsoft-Windows-MediaFeaturePack-OOB-Package.msu
+>>>>>>>&16	string/c 	wsusscan.cab	\b, Microsoft Standalone Update
+!:mime	application/vnd.ms-cab-compressed
+!:ext	msu
+>>>>>>>&16	default	x
+# archive with more then one file need some output in version 5.32 to avoid error message like
+# Magdir/msdos, 1138: Warning: Current entry does not yet have a description for adding a MIME type
+# Magdir/msdos, 1139: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files!
+>>>>>>>>28	uleshort	>1	\b, many
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+# remaining archives with just one file
+>>>>>>>>28	uleshort	=1
+# neither extra bytes nor cab chain implies Windows 2000,XP setup files in directory i386
+>>>>>>>>>30	uleshort	=0x0000	\b, Windows 2000/XP setup
+# cut of last char of source extension and add underscore to generate extension
+# TERMCAP._ ... FXSCOUNT.H_ ... L3CODECA.AC_ ... NPDRMV2.ZI_
+!:mime	application/vnd.ms-cab-compressed
+!:ext	_/?_/??_
+# archive need some output like "single" in version 5.32 to avoid error messages
+>>>>>>>>>30	uleshort	!0x0000	\b, single
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+# TODO: additional extensions like
+# .xsn	InfoPath Dynamic Form
+# .xtp	InfoPath Template Part
+# .lvf	Logitech Video Effects Face Accessory
+>8	ulelong		x		\b, %u bytes
+>28	uleshort		1		\b, 1 file
+>28	uleshort		>1		\b, %u files
+# Reserved fields, set to zero
+#>4	belong		!0		\b, reserved1 %x
+#>12	belong		!0		\b, reserved2 %x
+# offset of the first CFFILE entry coffFiles: minimal 2Ch
+>16	ulelong		x		\b, at 0x%x
+>(16.l)	use		cab-file
+# at least also 2nd member
+>28	uleshort		>1
+>>(16.l+16)	ubyte	x
+>>>&0	search/255 	\0
+# second member info
+>>>>&0	use		cab-file
+#>20	belong		!0		\b, reserved %x
+# Cabinet file format version. Currently, versionMajor = 1 and versionMinor = 3
+>24	ubeshort	!0x0301		\b version 0x%x
+# number of CFFOLDER entries
+>26	uleshort	>1		\b, %u cffolders
+# cabinet file option indicators 1~PREVIOUS, 2~NEXT, 4~reserved fields
+# only found for flags 0 1 2 3 4 not 7
+>30	uleshort	>0		\b, flags 0x%x
+# Cabinet files have a 16-bit cabinet setID field that is designed for application use.
+# default is zero, however, the -i option of cabarc can be used to set this field
+>32	uleshort	>0		\b, ID %u
+# iCabinet is number of this cabinet file in a set, where 0 for the first cabinet
+#>34	uleshort	x		\b, iCabinet %u
+# add one for display because humans start numbering by 1 and also fit to name of disk szDisk*
+>34	uleshort+1	x		\b, number %u
+>30	uleshort	&0x0004		\b, extra bytes
+# cbCFHeader optional size of per-cabinet reserved area 14h 1800h
+>>36	uleshort	>0		%u in head
+# cbCFFolder is optional size of per-folder reserved area
+>>38	ubyte		>0		%u in folder
+# cbCFData is optional size of per-datablock reserved area
+>>39	ubyte		>0		%u in data block
+# optional per-cabinet reserved area abReserve[cbCFHeader]
+>>36	uleshort	>0
+# 1st CFFOLDER after reserved area in header
+>>>(36.s+40)	use			cab-folder
+# no reserved area in header
+>30	uleshort	^0x0004
+# no previous and next cab archive
+>>30	uleshort		=0x0000
+>>>36	use				cab-folder
+# only previous cab archive
+>>30	uleshort		=0x0001	\b, previous
+>>>36	use				cab-anchor
+# only next cab archive
+>>30	uleshort		=0x0002	\b, next
+>>>36	use				cab-anchor
+# previous+next cab archive
+# can not use sub routine cab-anchor to display previous and next cabinet together
+#>>>36	use				cab-anchor
+#>>>>&0	use				cab-anchor
+>>30	uleshort		=0x0003	\b, previous
+>>>36	string		x		%s
+# optional name of previous disk szDisk*
+>>>>&1	string		x		disk %s
+>>>>>&1	string		x		\b, next %s
+# optional name of previous disk szDisk*
+>>>>>>&1	string		x	disk %s
+>>>>>>>&1	use			cab-folder
+#	display filename and disk name of previous or next cabinet
+0       name    			cab-anchor
+# optional name of previous/next cabinet file szCabinet*[255]
+>&0	string		x		%s
+# optional name of previous/next disk szDisk*[255]
+>>&1	string		x		disk %s
+#	display folder structure CFFOLDER information like compression of cabinet
+0       name    			cab-folder
+# offset of the CFDATA block in this folder
+#>0	ulelong		x		\b, coffCabStart 0x%x
+# number of CFDATA blocks in folder
+>4	uleshort	x		\b, %u datablock
+# plural s
+>4	uleshort	>1		\bs
+# compression typeCompress: 0~None 1~MSZIP 0x1503~LZX:21 0x1003~LZX:16 0x0f03~LZX:15
+>6	uleshort	x		\b, 0x%x compression
+# optional per-folder reserved area
+#>8	ubequad		x		\b, abReserve 0x%llx
+#	display member structure CFFILE information like member name of cabinet
+0       name    			cab-file
+# cbFile is uncompressed size of file in bytes 
+#>0	ulelong		x		\b, cbFile %u
+# uoffFolderStart is uncompressed offset of file in folder
+#>4	ulelong		>0		\b, uoffFolderStart 0x%x
+# iFolder is index into the CFFOLDER area. 0 indicates first folder in cabinet
+# define ifoldCONTINUED_FROM_PREV      (0xFFFD)
+# define ifoldCONTINUED_TO_NEXT        (0xFFFE)
+# define ifoldCONTINUED_PREV_AND_NEXT  (0xFFFF)
+>8	uleshort	>0		\b, iFolder 0x%x
+# date stamp for file
+#>10	uleshort	x		\b, date 0x%x
+# time stamp for file
+#>12	uleshort	x		\b, time 0x%x
+# attribs is attribute flags for file
+# define  _A_RDONLY       (0x01)  file is read-only
+# define  _A_HIDDEN       (0x02)  file is hidden
+# define  _A_SYSTEM       (0x04)  file is a system file
+# define  _A_ARCH         (0x20)  file modified since last backup
+# example http://sebastien.kirche.free.fr/pebuilder_plugins/depends.cab
+# define  _A_EXEC         (0x40)  run after extraction
+# define  _A_NAME_IS_UTF  (0x80)  szName[] contains UTF
+# define  UNKNOWN       (0x0100)  undocumented or accident
+#>14	uleshort	x		\b, attribs 0x%x
+>14	uleshort	>0		+
+>>14	uleshort	&0x0001		\bR
+>>14	uleshort	&0x0002		\bH
+>>14	uleshort	&0x0004		\bS
+>>14	uleshort	&0x0020		\bA
+>>14	uleshort	&0x0040		\bX
+>>14	uleshort	&0x0080		\bUtf
+# unknown 0x0100 flag found on one XP_CD:\I386\DRIVER.CAB
+>>14	uleshort	&0x0100		\b?
+# szName is name of archive member
+>16	string		x		"%s"
+# next archive member name if more files
+#>>&17	string		>\0		\b, NEXT NAME %-.50s
 
 # InstallShield Cabinet files
 0	string/b	ISc(		InstallShield Cabinet archive data
@@ -19361,16 +21822,8 @@
 >5	byte   <2
 >>48	string x			version %.3s
 
-# Type: Microsoft DirectDraw Surface
-# URL:	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
-# From: Morten Hustveit <morten@debian.org>
-0	string/b	DDS\040\174\000\000\000 Microsoft DirectDraw Surface (DDS),
->16	lelong	>0			%d x
->12	lelong	>0			%d,
->84	string	x			%.4s
-
 # Type: Microsoft Document Imaging Format (.mdi)
-# URL:	http://en.wikipedia.org/wiki/Microsoft_Document_Imaging_Format
+# URL:	https://en.wikipedia.org/wiki/Microsoft_Document_Imaging_Format
 # From: Daniele Sempione <scrows@oziosi.org>
 # Too weak (EP)
 #0	short	0x5045			Microsoft Document Imaging Format
@@ -19384,10 +21837,6 @@
 # From: Dr. Jesus <j@hug.gs>
 0	string/b	B000FF\n	Windows Embedded CE binary image
 
-# Windows Imaging (WIM) Image
-0	string/b	MSWIM\000\000\000	Windows imaging (WIM) image
-0	string/b	WLPWM\000\000\000	Windows imaging (WIM) image, wimlib pipable format
-
 # The second byte of these signatures is a file version; I don't know what,
 # if anything, produced files with version numbers 0-2.
 # From: John Elliott <johne@seasip.demon.co.uk>
@@ -19464,7 +21913,7 @@
 # concatenated.
 
 #------------------------------------------------------------------------------
-# $File: msooxml,v 1.7 2018/03/12 12:38:59 christos Exp $
+# $File: msooxml,v 1.12 2019/04/19 00:42:27 christos Exp $
 # msooxml:  file(1) magic for Microsoft Office XML
 # From: Ralf Brown <ralf.brown@gmail.com>
 
@@ -19488,26 +21937,28 @@
 0		string		PK\003\004
 !:strength +10
 # make sure the first file is correct
->0x1E		regex		\\[Content_Types\\]\\.xml|_rels/\\.rels
+>0x1E		use		msooxml
+>0x1E		regex		\\[Content_Types\\]\\.xml|_rels/\\.rels|docProps
 # skip to the second local file header
 # since some documents include a 520-byte extra field following the file
 # header, we need to scan for the next header
->>(18.l+49)	search/2000	PK\003\004
+>>(18.l+49)	search/6000	PK\003\004
 # now skip to the *third* local file header; again, we need to scan due to a
 # 520-byte extra field following the file header
->>>&26		search/1000	PK\003\004
+>>>&26		search/6000	PK\003\004
 # and check the subdirectory name to determine which type of OOXML
 # file we have.  Correct the mimetype with the registered ones:
-# http://technet.microsoft.com/en-us/library/cc179224.aspx
+# https://technet.microsoft.com/en-us/library/cc179224.aspx
 >>>>&26		use		msooxml	
 >>>>&26		default		x
 # OpenOffice/Libreoffice orders ZIP entry differently, so check the 4th file
->>>>>&26	search/1000	PK\003\004
+>>>>>&26	search/6000	PK\003\004
 >>>>>>&26	use		msooxml	
 >>>>>>&26	default		x		Microsoft OOXML
+>>>>>&26	default		x		Microsoft OOXML
 
 #------------------------------------------------------------------------------
-# $File: msvc,v 1.9 2017/08/02 08:15:20 christos Exp $
+# $File: msvc,v 1.10 2018/10/01 19:14:03 christos Exp $
 # msvc:  file(1) magic for msvc
 # "H. Nanosecond" <aldomel@ix.netcom.com>
 # Microsoft visual C
@@ -19562,7 +22013,7 @@
 >>>0x32	leshort	x	\b*%d bytes
 
 # Reference: https://github.com/Microsoft/vstest/pull/856/commits/fdc7a9f074ca5a8dfeec83b1be9162bf0cf4000d
-0       string/c bsjb\001\000\001\000\000\000\000\000\f\000\000\000pdb\ v1.0     Microsoft Rosyln C# debugging symbols version 1.0
+0       string/c bsjb\001\000\001\000\000\000\000\000\f\000\000\000pdb\ v1.0     Microsoft Roslyn C# debugging symbols version 1.0
 
 #.sbr
 0	string	\000\002\000\007\000	MSVC .sbr
@@ -20006,10 +22457,10 @@
 >22	   beshort		>0	- version %d
 
 #------------------------------------------------------------
-# $File: neko,v 1.1 2009/11/10 20:36:10 christos Exp $
+# $File: neko,v 1.2 2019/04/19 00:42:27 christos Exp $
 
 # From: Mikhail Gusarov <dottedmag@dottedmag.net>
-# NekoVM (http://nekovm.org/) bytecode
+# NekoVM (https://nekovm.org/) bytecode
 0	string		NEKO	NekoVM bytecode
 >4	lelong		x	(%d global symbols,
 >8	lelong		x	%d global fields,
@@ -20018,7 +22469,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: netbsd,v 1.25 2017/09/28 02:37:47 christos Exp $
+# $File: netbsd,v 1.26 2019/01/01 03:11:23 christos Exp $
 # netbsd:  file(1) magic for NetBSD objects
 #
 # All new-style magic numbers are in network byte order.
@@ -20027,184 +22478,149 @@
 # in aout.
 #
 
-0	belong&0377777777	041400413	a.out NetBSD/i386 demand paged
+0	name	netbsd-detail
+>20	lelong	x		@%#x
+>4	lelong	>0		\b+T=%d
+>8	lelong	>0		\b+D=%d
+>12	lelong	>0		\b+B=%d
+>16	lelong	>0		\b+S=%d
+>24	lelong	>0		\b+TR=%d
+>28	lelong	>0		\b+TD=%d
+
+0	name			netbsd-4096
 >0	byte			&0x80
 >>20	lelong			<4096		shared library
 >>20	lelong			=4096		dynamically linked executable
 >>20	lelong			>4096		dynamically linked executable
 >0	byte			^0x80		executable
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400410	a.out NetBSD/i386 pure
->0	byte			&0x80		dynamically linked executable
+
+0	name			netbsd-8192
+>0	byte			&0x80
+>>20	lelong			<8192		shared library
+>>20	lelong			=8192		dynamically linked executable
+>>20	lelong			>8192		dynamically linked executable
 >0	byte			^0x80		executable
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400407	a.out NetBSD/i386
+>0	use			netbsd-detail
+
+0	name			netbsd-normal
 >0	byte			&0x80		dynamically linked executable
 >0	byte			^0x80
 >>0	byte			&0x40		position independent
 >>20	lelong			!0		executable
 >>20	lelong			=0		object file
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400507	a.out NetBSD/i386 core
+>0	use			netbsd-detail
+
+0	name			netbsd-pure
+>0	byte			&0x80		dynamically linked executable
+>0	byte			^0x80		executable
+>16	lelong			>0		not stripped
+>0	use			netbsd-detail
+
+0	name			netbsd-core
 >12	string			>\0		from '%s'
 >32	lelong			!0		(signal %d)
 
+0	belong&0377777777	041400413	a.out NetBSD/i386 demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	041400410	a.out NetBSD/i386 pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	041400407	a.out NetBSD/i386
+>0	use			netbsd-normal
+
+0	belong&0377777777	041400507	a.out NetBSD/i386 core
+>0	use			netbsd-core
+
 0	belong&0377777777	041600413	a.out NetBSD/m68k demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-8192
+
 0	belong&0377777777	041600410	a.out NetBSD/m68k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	041600407	a.out NetBSD/m68k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	041600507	a.out NetBSD/m68k core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042000413	a.out NetBSD/m68k4k demand paged
->0	byte			&0x80
->>20	belong			<4096		shared library
->>20	belong			=4096		dynamically linked executable
->>20	belong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-4096
+
 0	belong&0377777777	042000410	a.out NetBSD/m68k4k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042000407	a.out NetBSD/m68k4k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	042000507	a.out NetBSD/m68k4k core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042200413	a.out NetBSD/ns32532 demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	042200410	a.out NetBSD/ns32532 pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	042200407	a.out NetBSD/ns32532
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	042200507	a.out NetBSD/ns32532 core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	045200507	a.out NetBSD/powerpc core
->12	string			>\0		from '%s'
+>0	use			netbsd-core
 
 0	belong&0377777777	042400413	a.out NetBSD/SPARC demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-8192
+
 0	belong&0377777777	042400410	a.out NetBSD/SPARC pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042400407	a.out NetBSD/SPARC
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	042400507	a.out NetBSD/SPARC core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042600413	a.out NetBSD/pmax demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	042600410	a.out NetBSD/pmax pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042600407	a.out NetBSD/pmax
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	042600507	a.out NetBSD/pmax core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	043000413	a.out NetBSD/vax 1k demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	043000410	a.out NetBSD/vax 1k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043000407	a.out NetBSD/vax 1k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	043000507	a.out NetBSD/vax 1k core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	045400413	a.out NetBSD/vax 4k demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	045400410	a.out NetBSD/vax 4k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	045400407	a.out NetBSD/vax 4k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	045400507	a.out NetBSD/vax 4k core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 # NetBSD/alpha does not support (and has never supported) a.out objects,
 # so no rules are provided for them.  NetBSD/alpha ELF objects are
@@ -20217,50 +22633,31 @@
 >32	lelong			!0		(signal %d)
 
 0	belong&0377777777	043400413	a.out NetBSD/mips demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
+>0	use			\^netbsd-8192
+
 >16	belong			>0		not stripped
 0	belong&0377777777	043400410	a.out NetBSD/mips pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043400407	a.out NetBSD/mips
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	043400507	a.out NetBSD/mips core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	043600413	a.out NetBSD/arm32 demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	043600410	a.out NetBSD/arm32 pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043600407	a.out NetBSD/arm32
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 # NetBSD/arm26 has always used ELF objects, but it shares a core file
 # format with NetBSD/arm32.
 0	belong&0377777777	043600507	a.out NetBSD/arm core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 # Kernel core dump format
 0	belong&0x0000ffff 0x00008fca	NetBSD kernel core file
@@ -20369,9 +22766,9 @@
 8	belong		0x137A2B48	X11/NeWS font family
 
 #------------------------------------------------------------------------------
-# $File: nitpicker,v 1.7 2017/03/17 21:35:28 christos Exp $
+# $File: nitpicker,v 1.8 2019/04/19 00:42:27 christos Exp $
 # nitpicker:  file(1) magic for Flowfiles.
-# From: Christian Jachmann <C.Jachmann@gmx.net> http://www.nitpicker.de
+# From: Christian Jachmann <C.Jachmann@gmx.net> https://www.nitpicker.de
 0	string	NPFF	NItpicker Flow File
 >4	byte	x	V%d.
 >5	byte	x	%d
@@ -20382,6 +22779,15 @@
 >22	belong	x	Flows: %u
 >26	belong	x	Pkts: %u
 
+#------------------------------------------------------------------------------
+# $File: numpy,v 1.1 2019/05/09 16:24:36 christos Exp $
+# numpy: file(1) magic for NumPy array binary serialization format
+# Reference: https://docs.scipy.org/doc/numpy/reference/generated/numpy.lib.format.html
+0	string		\x93NUMPY	NumPy array,
+>6	ubyte		x		version %d
+>7	ubyte		x		\b.%d,
+>8	uleshort	x		header length %d
+
 #------------------------------------------------------------------------------
 # $File: oasis,v 1.2 2014/06/03 19:17:27 christos Exp $
 # OASIS
@@ -20415,7 +22821,7 @@
 0	string		Octave-1-B	Octave binary data (big endian)
 
 #------------------------------------------------------------------------------
-# $File: ole2compounddocs,v 1.5 2017/10/27 21:43:23 christos Exp $
+# $File: ole2compounddocs,v 1.6 2019/04/19 00:42:27 christos Exp $
 # Microsoft OLE 2 Compound Documents : file(1) magic for Microsoft Structured
 # storage (https://en.wikipedia.org/wiki/Compound_File_Binary_Format)
 # Additional tests for OLE 2 Compound Documents should be under this recipe.
@@ -20430,7 +22836,7 @@
 
 # Note: moved & merged Microsoft Office parts from ./msdos Oct 2017
 # Update: Joerg Jenderek
-# from http://filext.com by Derek M Jones <derek@knosof.co.uk>
+# from https://filext.com by Derek M Jones <derek@knosof.co.uk>
 # False positive with PPT (also currently this string is too long)
 #0	string/b	\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x3E\x00\x03\x00\xFE\xFF\x09\x00\x06	Microsoft Installer
 #0	string/b	\320\317\021\340\241\261\032\341	Microsoft Office Document
@@ -20724,7 +23130,7 @@
 0	short		0565	i386 COFF object
 
 #------------------------------------------------------------------------------
-# $File: palm,v 1.13 2014/03/30 21:40:08 christos Exp $
+# $File: palm,v 1.14 2019/04/19 00:42:27 christos Exp $
 # palm:	 file(1) magic for PalmOS {.prc,.pdb}: applications, docfiles, and hacks
 #
 # Brian Lalor <blalor@hcirisc.cs.binghamton.edu>
@@ -20867,8 +23273,8 @@
 # Palm OS .prc file types
 60		string		libr
 # flags, only bit 0 or bit 6
-# http://en.wikipedia.org/wiki/PRC_%28Palm_OS%29
-# http://web.mit.edu/tytso/www/pilot/prc-format.html
+# https://en.wikipedia.org/wiki/PRC_%28Palm_OS%29
+# https://web.mit.edu/tytso/www/pilot/prc-format.html
 >0x20		beshort&0xffbe	0
 >>0		string		>\0		Palm OS dynamic library data "%s"
 60		string		ptch		Palm OS operating system patch data
@@ -20891,9 +23297,9 @@
 >19	byte&0x02	0x00	object
 >19	byte&0x0c	0x00	not stripped
 #------------------------------------------------------------------------------
-# $File: parrot,v 1.1 2010/07/08 20:18:40 christos Exp $
+# $File: parrot,v 1.2 2019/04/19 00:42:27 christos Exp $
 # parrot: file(1) magic for Parrot Virtual Machine
-# URL:	http://www.lua.org/
+# URL:	https://www.lua.org/
 # From: Lubomir Rintel <lkundrak@v3.sk>
 
 # Compiled Parrot byte code
@@ -20924,11 +23330,11 @@
 #!:mime	text/x-pascal
 
 #------------------------------------------------------------------------------
-# $File: pbf,v 1.2 2017/01/18 16:16:21 christos Exp $
+# $File: pbf,v 1.3 2019/04/19 00:42:27 christos Exp $
 # file(1) magic(5) data for OpenStreetMap
 
 # OpenStreetMap Protocolbuffer Binary Format (.osm.pbf)
-# http://wiki.openstreetmap.org/wiki/PBF_Format
+# https://wiki.openstreetmap.org/wiki/PBF_Format
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	belong&0xfffffff0	0
 >4	beshort			0x0A09
@@ -20988,7 +23394,7 @@
 
 # Maki-chan v2 Graphic format
 # http://www.jisyo.com/viewer/faq/mag_tech.htm
-# http://mooncore.eu/bunny/txt/makichan.htm
+# https://mooncore.eu/bunny/txt/makichan.htm
 # http://metanest.jp/mag/mag.xhtml
 0	string/b		MAKI02\ \ 	Maki-chan v2 image,
 >8	byte		x		system ID: %c
@@ -21044,17 +23450,19 @@
 >>>&12	ubeshort	x		\b%d
 
 #------------------------------------------------------------------------------
-# $File: pdf,v 1.9 2017/05/24 17:35:20 christos Exp $
+# $File: pdf,v 1.10 2018/05/23 22:21:01 christos Exp $
 # pdf:  file(1) magic for Portable Document Format
 #
 
 0	string		%PDF-		PDF document
 !:mime	application/pdf
+!:strength +60
 >5	byte		x		\b, version %c
 >7	byte		x		\b.%c
 
 0	string		\012%PDF-	PDF document
 !:mime	application/pdf
+!:strength +60
 >6	byte		x		\b, version %c
 >8	byte		x		\b.%c
 
@@ -21062,11 +23470,13 @@
 # Forms Data Format
 0       string          %FDF-           FDF document
 !:mime application/vnd.fdf
+!:strength +60
 >5      byte            x               \b, version %c
 >7      byte            x               \b.%c
 
 0	search/256	%PDF-		PDF document
 !:mime	application/pdf
+!:strength +60
 >&0	byte		x		\b, version %c
 >&2	byte		x		\b.%c
 
@@ -21265,9 +23675,9 @@
 #>>(4.l+12)	lelong x level 2 size: %d
 
 #------------------------------------------------------------------------------
-# $File: pgp,v 1.15 2018/02/24 16:11:23 christos Exp $
+# $File: pgp,v 1.17 2019/04/19 00:42:27 christos Exp $
 # pgp:  file(1) magic for Pretty Good Privacy
-# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
+# see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
 #
 # Update: Joerg Jenderek
 # Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP`
@@ -21339,7 +23749,7 @@
 # Decode the type of the packet based on it's base64 encoding.
 # Idea from Mark Martinec
 # The specification is in RFC 4880, section 4.2 and 4.3:
-# http://tools.ietf.org/html/rfc4880#section-4.2
+# https://tools.ietf.org/html/rfc4880#section-4.2
 
 0	name		pgp
 >0	byte		0x67		Reserved (old)
@@ -21782,9 +24192,9 @@
 
 # PGP RSA (e=65537) secret (sub-)key header
 
-0	byte	0x95			PGP	Secret Key -
+0	byte	0x95			PGP Secret Key -
 >1	use	pgpkey
-0	byte	0x97			PGP	Secret Sub-key -
+0	byte	0x97			PGP Secret Sub-key -
 >1	use	pgpkey
 0	byte	0x9d
 # Update: Joerg Jenderek
@@ -21869,14 +24279,14 @@
 >15	byte		>0x02		- Bad Flags
 
 #------------------------------------------------------------------------------
-# $File: polyml,v 1.1 2016/02/26 15:52:45 christos Exp $
+# $File: polyml,v 1.2 2019/04/19 00:42:27 christos Exp $
 # polyml:  file(1) magic for PolyML
 #
 # PolyML
 # MPEG, FLI, DL originally from vax@ccwf.cc.utexas.edu (VaX#n8)
 # FLC, SGI, Apple originally from Daniel Quinlan (quinlan@yggdrasil.com)
 
-# [0]: http://www.polyml.org/
+# [0]: https://www.polyml.org/
 # [1]: https://github.com/polyml/polyml/blob/master/\
 #	libpolyml/savestate.cpp#L146-L147
 # [2]: https://github.com/polyml/polyml/blob/master/\
@@ -21892,7 +24302,7 @@
 >8	long	x		version %u
 
 #------------------------------------------------------------------------------
-# $File: printer,v 1.28 2017/03/17 22:20:22 christos Exp $
+# $File: printer,v 1.29 2019/04/19 00:42:27 christos Exp $
 # printer:  file(1) magic for printer-formatted files
 #
 
@@ -21932,7 +24342,7 @@
 
 # Summary: Adobe's PostScript Printer Description File
 # Extension: .ppd
-# Reference: http://partners.adobe.com/public/developer/en/ps/5003.PPD_Spec_v4.3.pdf, Section 3.8
+# Reference: https://partners.adobe.com/public/developer/en/ps/5003.PPD_Spec_v4.3.pdf, Section 3.8
 # Submitted by: Yves Arrouye <arrouye@marin.fdn.fr>
 #
 0	string		*PPD-Adobe:\x20	PPD file
@@ -22066,11 +24476,11 @@
 >>4	string	>\0	from kernel %s
 
 #------------------------------------------------------------------------------
-# $File: psl,v 1.2 2016/07/14 17:34:27 christos Exp $
+# $File: psl,v 1.3 2019/04/19 00:42:27 christos Exp $
 # psl:  file(1) magic for Public Suffix List representations
 # From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 # URL: https://publicsuffix.org
-# see also: http://thread.gmane.org/gmane.network.dns.libpsl.bugs/162/focus=166
+# see also: https://thread.gmane.org/gmane.network.dns.libpsl.bugs/162/focus=166
 
 0	search/512	\n\n//\ ===BEGIN\ ICANN\ DOMAINS===\n\n Public Suffix List data
 
@@ -22093,15 +24503,15 @@
 
 
 #------------------------------------------------------------------------------
-# $File: pwsafe,v 1.1 2012/10/25 00:12:19 christos Exp $
+# $File: pwsafe,v 1.2 2019/04/19 00:42:27 christos Exp $
 # pwsafe: file(1) magic for passwordsafe file
 #
 # Password Safe
 # http://passwordsafe.sourceforge.net/
 # file format specs
-# http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV3.txt
-# V2 http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV2.txt
-# V1 http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/notes.txt
+# https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV3.txt
+# V2 https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV2.txt
+# V1 https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/notes.txt
 # V2 and V1 have no easy identifier that I can find
 # .psafe3
 0	string	PWS3	Password Safe V3 database
@@ -22119,7 +24529,7 @@
 >16	long		>0		not stripped
 
 #------------------------------------------------------------------------------
-# $File: python,v 1.34 2017/08/14 07:40:38 christos Exp $
+# $File: python,v 1.36 2019/04/09 18:28:25 christos Exp $
 # python:  file(1) magic for python
 #
 # Outlook puts """ too for urgent messages
@@ -22146,7 +24556,7 @@
 0	belong		0x160d0d0a	python 3.5.1- byte-compiled
 0	belong		0x170d0d0a	python 3.5.2+ byte-compiled
 0	belong		0x330d0d0a	python 3.6 byte-compiled
-0	belong		0x3e0d0d0a	python 3.7 byte-compiled
+0	belong		0x420d0d0a	python 3.7 byte-compiled
 
 
 0	search/1/w	#!\ /usr/bin/python	Python script text executable
@@ -22164,7 +24574,8 @@
 
 
 # from module.submodule import func1, func2
-0	regex		\^from[\040\t\f\r\n]+([A-Za-z0-9_]|\\.)+[\040\t\f\r\n]+import.*$	Python script text executable
+0	search/8192	import
+>0	regex		\^from[\040\t\f\r\n]+([A-Za-z0-9_]|\\.)+[\040\t\f\r\n]+import.*$	Python script text executable
 !:strength + 15
 !:mime text/x-python
 
@@ -22182,7 +24593,8 @@
 !:mime text/x-python
 
 # import module [as abrev]
-0	regex	\^import\ [_[:alpha:]]+\ as\ [[:alpha:]][[:space:]]*$ Python script text executable
+0	search/8192	import
+>0	regex	\^import\ [_[:alpha:]]+\ as\ [[:alpha:]][[:space:]]*$ Python script text executable
 !:mime text/x-python
 
 # comments
@@ -22205,21 +24617,23 @@
 !:mime text/x-python
 
 # class name[(base classes,)]: [pass]
-0	regex	\^class\ [_[:alpha:]]+(\\(.*\\))?(\ )*:([\ \t]+pass)?$		Python script text executable
+0	search/8192	class
+>0	regex	\^class\ [_[:alpha:]]+(\\(.*\\))?(\ )*:([\ \t]+pass)?$		Python script text executable
 !:strength + 15
 !:mime text/x-python
 
 # def name(*args, **kwargs):
-0	regex	 \^[[:space:]]{0,50}def\ {1,50}[_a-zA-Z]{1,100}
->&0	regex	 \\(([[:alpha:]*_,\ ]){0,255}\\):$ Python script text executable
+0	search/8192	def\ 
+>0	regex	 \^[[:space:]]{0,50}def\ {1,50}[_a-zA-Z]{1,100}
+>>&0	regex	 \\(([[:alpha:]*_,\ ]){0,255}\\):$ Python script text executable
 !:strength + 15
 !:mime text/x-python
 
 #------------------------------------------------------------------------------
-# $File: qt,v 1.2 2014/12/16 19:49:29 christos Exp $
+# $File: qt,v 1.3 2019/04/19 00:42:27 christos Exp $
 # qt:  file(1) magic for Qt
 
-# http://doc.qt.io/qt-5/resources.html
+# https://doc.qt.io/qt-5/resources.html
 0	string		\<!DOCTYPE\040RCC\>	Qt Resource Collection file
 
 # https://qt.gitorious.org/qt/qtbase/source/\
@@ -22235,7 +24649,7 @@
 >8	string		\xcd\x21\x1c\xbf\x60\xa1\xbd\xdd	Qt Translation file
 
 #------------------------------------------------------------------------------
-# $File: revision,v 1.10 2017/10/19 16:40:37 christos Exp $
+# $File: revision,v 1.11 2019/04/19 00:42:27 christos Exp $
 # file(1) magic for revision control files
 # From Hendrik Scholz <hendrik@scholz.net>
 0	string/t	/1\ :pserver:	cvs password text file
@@ -22295,17 +24709,17 @@
 >28	string	>\0				(version: %s)
 
 # Type:	Bazaar revision bundles and merge requests
-# URL:	http://www.bazaar-vcs.org/
+# URL:	https://www.bazaar-vcs.org/
 # From:	Jelmer Vernooij <jelmer@samba.org>
 0	string	#\ Bazaar\ revision\ bundle\ v Bazaar Bundle
 0	string	#\ Bazaar\ merge\ directive\ format Bazaar merge directive
 
 #------------------------------------------------------------------------------
-# $File: riff,v 1.33 2017/10/06 01:11:24 christos Exp $
+# $File: riff,v 1.34 2019/04/19 00:42:27 christos Exp $
 # riff:  file(1) magic for RIFF format
 # See
 #
-#	http://www.seanet.com/users/matts/riffmci/riffmci.htm
+#	https://www.seanet.com/users/matts/riffmci/riffmci.htm
 #	http://www-mmsp.ece.mcgill.ca/Documents/AudioFormats/WAVE/Docs/riffmci.pdf
 #
 
@@ -22374,7 +24788,7 @@
 # RIFF Palette format
 # Update: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/Resource_Interchange_File_Format
-# Reference: http://worms2d.info/Palette_file
+# Reference: https://worms2d.info/Palette_file
 >8	string		PAL\ 		\b, palette
 !:mime	application/x-riff
 # color palette by Microsoft Corporation
@@ -22551,7 +24965,7 @@
 # MPEG-1 wrapped in a RIFF, apparently
 >8      string          CDXA            \b, wrapped MPEG-1 (CDXA)
 >8	string		4XMV		\b, 4X Movie file
-# AMV-type AVI file: http://wiki.multimedia.cx/index.php?title=AMV
+# AMV-type AVI file: https://wiki.multimedia.cx/index.php?title=AMV
 >8	string		AMV\040		\b, AMV
 >8      string          WEBP            \b, Web/P image
 !:mime	image/webp
@@ -22623,7 +25037,7 @@
 
 #------------------------------------------------------------------------------
 # MBWF/RF64
-# see EBU TECH 3306 http://tech.ebu.ch/docs/tech/tech3306-2009.pdf
+# see EBU TECH 3306 https://tech.ebu.ch/docs/tech/tech3306-2009.pdf
 0	string	RF64\xff\xff\xff\xffWAVEds64		MBWF/RF64 audio
 !:mime	audio/x-wav
 >40	search/256	fmt\x20		\b
@@ -22692,6 +25106,13 @@
 >>8	beshort		18		Xtensa
 >>10	string		x		%s
 
+#------------------------------------------------------------------------------
+# $File: rpmsg,v 1.1 2019/04/19 00:40:47 christos Exp $
+# rpmsg: file(1) magic for restricted-permission messages (or "rights-protected" messages)
+# see https://en.wikipedia.org/wiki/Rpmsg
+
+0	string	\x76\xe8\x04\x60\xc4\x11\xe3\x86	rpmsg Restricted Permission Message
+
 #------------------------------------------------------------------------------
 # $File: rtf,v 1.7 2009/09/19 16:28:12 christos Exp $
 # rtf:	file(1) magic for Rich Text Format (RTF)
@@ -22709,9 +25130,9 @@
 >5	default		x		unknown version
 
 #------------------------------------------------------------------------------
-# $File: ruby,v 1.7 2017/08/14 13:39:18 christos Exp $
+# $File: ruby,v 1.9 2019/04/19 00:42:27 christos Exp $
 # ruby:  file(1) magic for Ruby scripting language
-# URL:  http://www.ruby-lang.org/
+# URL:  https://www.ruby-lang.org/
 # From: Reuben Thomas <rrt@sc3d.org>
 
 # Ruby scripts
@@ -22731,9 +25152,10 @@
 # What looks like ruby, but does not have a shebang
 # (modules and such)
 # From: Lubomir Rintel <lkundrak@v3.sk>
-0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'
->0	regex		def\ [a-z]|\ do$
->>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+0	search/8192	require
+>0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'
+>>0	regex		def\ [a-z]|\ do$
+>>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
 !:strength + 30
 !:mime	text/x-ruby
 0	regex		\^[[:space:]]*(class|module)[[:space:]][A-Z]
@@ -22749,14 +25171,17 @@
 # Looks for function definition to balance python magic
 # def name (args)
 # end
-0	regex		\^[[:space:]]*def\ [a-z]|def\ [[:alpha:]]+::[a-z]
->&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+0	search/8192	def\ 
+>0	regex		\^[[:space:]]*def\ [a-z]|def\ [[:alpha:]]+::[a-z]
+>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
 !:strength + 10
 !:mime	text/x-ruby
 
-0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'	Ruby script text
+0	search/8192	require
+>0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'	Ruby script text
 !:mime	text/x-ruby
-0 regex 	\^[[:space:]]*include\ ([A-Z]+[a-z]*(::))+	Ruby script text
+0	search/8192	include
+>0 regex 	\^[[:space:]]*include\ ([A-Z]+[a-z]*(::))+	Ruby script text
 !:mime	text/x-ruby
 
 #------------------------------------------------------------------------------
@@ -22789,7 +25214,7 @@
 8	string		\001s\ 			SCCS archive data
 
 #------------------------------------------------------------------------------
-# $File: scientific,v 1.12 2017/03/17 22:20:22 christos Exp $
+# $File: scientific,v 1.13 2019/04/19 00:42:27 christos Exp $
 # scientific:  file(1) magic for scientific formats
 #
 # From: Joe Krahn <krahn@niehs.nih.gov>
@@ -22864,8 +25289,8 @@
 # PDB: Protein Data Bank files
 # Adam Buchbinder <adam.buchbinder@gmail.com>
 #
-# http://www.wwpdb.org/documentation/format32/sect2.html
-# http://www.ch.ic.ac.uk/chemime/
+# https://www.wwpdb.org/documentation/format32/sect2.html
+# https://www.ch.ic.ac.uk/chemime/
 #
 # The PDB file format is fixed-field, 80 columns. From the spec:
 #
@@ -22906,7 +25331,7 @@
 0	belong	0xedfeedfe	Sun 'jks' Java Keystore File data
 # Type:	SE Linux policy modules *.pp reference policy
 #	for Fedora 5 to 9, RHEL5, and Debian Etch and Lenny.
-# URL:	http://doc.coker.com.au/computers/selinux-magic
+# URL:	https://doc.coker.com.au/computers/selinux-magic
 # From:	Russell Coker <russell@coker.com.au>
 
 0		lelong	0xf97cff8f	SE Linux modular policy
@@ -22930,7 +25355,7 @@
 #0	search	gen_sens(	SE Linux policy MLS constraints source
 
 #------------------------------------------------------------------------------
-# $File: sendmail,v 1.10 2017/08/13 00:21:47 christos Exp $
+# $File: sendmail,v 1.11 2019/04/19 00:42:27 christos Exp $
 # sendmail:  file(1) magic for sendmail config files
 #
 # XXX - byte order?
@@ -22942,7 +25367,7 @@
 # Email_23_f217153422.ts Sendmail frozen configuration
 # - version \330jK\354
 0	byte	046
-# http://www.sendmail.com/sm/open_source/docs/older_release_notes/
+# https://www.sendmail.com/sm/open_source/docs/older_release_notes/
 # freezed configuration file (dbm format?) created from sendmal.cf with -bz
 # by older sendmail. til version 8.6 support for frozen configuration files is removed
 # valid version numbers look like "7.14.4" and should be similar to output of commands
@@ -22967,7 +25392,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sequent,v 1.13 2017/03/17 21:35:28 christos Exp $
+# $File: sequent,v 1.14 2019/04/19 00:42:27 christos Exp $
 # sequent:  file(1) magic for Sequent machines
 #
 # Sequent information updated by Don Dwiggins <atsun!dwiggins>.
@@ -22997,7 +25422,7 @@
 0	leshort	0x32eb		SYMMETRY i386 executable (invalid @ 0)
 >16	lelong	>0		not stripped
 >124	lelong	>0		version %d
-# http://en.wikipedia.org/wiki/Sequent_Computer_Systems
+# https://en.wikipedia.org/wiki/Sequent_Computer_Systems
 # below test line conflicts with MS-DOS 2.11 floppies and Acronis loader
 #0	leshort	0x42eb		SYMMETRY i386 standalone executable
 0	leshort	0x42eb
@@ -23044,7 +25469,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sgi,v 1.22 2015/08/29 07:10:35 christos Exp $
+# $File: sgi,v 1.23 2018/05/29 02:26:56 christos Exp $
 # sgi:  file(1) magic for Silicon Graphics operating systems and applications
 #
 # Executable images are handled either in aout (for old-style a.out
@@ -23114,8 +25539,6 @@
 4	belong	0x00000010		GLS_BINARY_MSB_FIRST
 !:strength -30
 
-#
-#
 # Performance Co-Pilot file types
 0	string	PmNs				PCP compiled namespace (V.0)
 0	string	PmN				PCP compiled namespace
@@ -23158,6 +25581,8 @@
 >16	string	>\0				(V.%1.1s)
 3	string	pmieconf-pmie			PCP pmie config
 >17	string	>\0				(V.%1.1s)
+0	string	MMV				PCP memory mapped values
+>4	long	x				(V.%d)
 
 # SpeedShop data files
 0	lelong	0x13130303			SpeedShop data file
@@ -23182,7 +25607,7 @@
 8	string	DEEP		Alias Maya Image File
 
 #------------------------------------------------------------------------------
-# $File: sgml,v 1.38 2017/10/11 11:40:43 christos Exp $
+# $File: sgml,v 1.39 2019/04/19 00:42:27 christos Exp $
 # Type:	SVG Vectorial Graphics
 # From:	Noel Torres <tecnico@ejerciciosresueltos.com>
 0	string		\<?xml\ version=
@@ -23201,7 +25626,7 @@
 !:mime	application/xml-sitemap
 
 # OpenStreetMap XML (.osm)
-# http://wiki.openstreetmap.org/wiki/OSM_XML
+# https://wiki.openstreetmap.org/wiki/OSM_XML
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	string		\<?xml\ version=
 >14	regex		['"\ \t]*[0-9.]+['"\ \t]*
@@ -23470,7 +25895,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sniffer,v 1.19 2013/01/06 01:11:04 christos Exp $
+# $File: sniffer,v 1.25 2019/05/05 17:03:41 christos Exp $
 # sniffer:  file(1) magic for packet capture files
 #
 # From: guy@alum.mit.edu (Guy Harris)
@@ -23512,7 +25937,7 @@
 # Sorry, make that "Network Associates Sniffer capture files."
 # Sorry, make that "Network General old DOS Sniffer capture files."
 #
-0	string		TRSNIFF\ data\ \ \ \ \032	Sniffer capture file
+0	string		TRSNIFF\040data\040\040\040\040\032	Sniffer capture file
 >33	byte		2		(compressed)
 >23	leshort		x		- version %d
 >25	leshort		x		\b.%d
@@ -23547,6 +25972,7 @@
 
 #
 # "libpcap" capture files.
+# https://www.tcpdump.org/manpages/pcap-savefile.5.html
 # (We call them "tcpdump capture file(s)" for now, as "tcpdump" is
 # the main program that uses that format, but there are other programs
 # that use "libpcap", or that use the same capture file format.)
@@ -23554,6 +25980,8 @@
 0	name		pcap-be
 >4	beshort		x		- version %d
 >6	beshort		x		\b.%d
+# clear that continuation level match
+>20	clear		x
 >20	belong		0		(No link-layer encapsulation
 >20	belong		1		(Ethernet
 >20	belong		2		(3Mb Ethernet
@@ -23584,7 +26012,7 @@
 >20	belong		108		(OpenBSD loopback
 >20	belong		109		(OpenBSD IPsec encrypted
 >20	belong		112		(Cisco HDLC
->20	belong		113		(Linux "cooked"
+>20	belong		113		(Linux cooked v1
 >20	belong		114		(LocalTalk
 >20	belong		117		(OpenBSD PFLOG
 >20	belong		119		(802.11 with Prism header
@@ -23592,13 +26020,21 @@
 >20	belong		123		(SunATM
 >20	belong		127		(802.11 with radiotap header
 >20	belong		129		(Linux ARCNET
+>20	belong		130		(Juniper Multi-Link PPP
+>20	belong		131		(Juniper Multi-Link Frame Relay
+>20	belong		132		(Juniper Encryption Services PIC
+>20	belong		133		(Juniper GGSN PIC
+>20	belong		134		(Juniper FRF.16 Frame Relay
+>20	belong		135		(Juniper ATM2 PIC
+>20	belong		136		(Juniper Advanced Services PIC
+>20	belong		137		(Juniper ATM1 PIC
 >20	belong		138		(Apple IP over IEEE 1394
->20	belong		139		(MTP2 with pseudo-header
->20	belong		140		(MTP2
->20	belong		141		(MTP3
->20	belong		142		(SCCP
+>20	belong		139		(SS7 MTP2 with pseudo-header
+>20	belong		140		(SS7 MTP2
+>20	belong		141		(SS7 MTP3
+>20	belong		142		(SS7 SCCP
 >20	belong		143		(DOCSIS
->20	belong		144		(IrDA
+>20	belong		144		(Linux IrDA
 >20	belong		147		(Private use 0
 >20	belong		148		(Private use 1
 >20	belong		149		(Private use 2
@@ -23616,16 +26052,41 @@
 >20	belong		161		(Private use 14
 >20	belong		162		(Private use 15
 >20	belong		163		(802.11 with AVS header
+>20	belong		164		(Juniper Passive Monitor PIC
 >20	belong		165		(BACnet MS/TP
 >20	belong		166		(PPPD
+>20	belong		167		(Juniper PPPoE
+>20	belong		168		(Juniper PPPoE/ATM
 >20	belong		169		(GPRS LLC
+>20	belong		170		(GPF-T
+>20	belong		171		(GPF-F
+>20	belong		174		(Juniper PIC Peer
+>20	belong		175		(Ethernet with Endace ERF header
+>20	belong		176		(Packet-over-SONET with Endace ERF header
 >20	belong		177		(Linux LAPD
+>20	belong		178		(Juniper Ethernet
+>20	belong		179		(Juniper PPP
+>20	belong		180		(Juniper Frame Relay
+>20	belong		181		(Juniper C-HDLC
+>20	belong		182		(FRF.16 Frame Relay
+>20	belong		183		(Juniper Voice PIC
+>20	belong		184		(Arinc 429
+>20	belong		185		(Arinc 653 Interpartition Communication
+>20	belong		186		(USB with FreeBSD header
 >20	belong		187		(Bluetooth HCI H4
+>20	belong		188		(802.16 MAC Common Part Sublayer
 >20	belong		189		(Linux USB
+>20	belong		190		(Controller Area Network (CAN) v. 2.0B
+>20	belong		191		(802.15.4 with Linux padding
 >20	belong		192		(PPI
->20	belong		195		(802.15.4
+>20	belong		193		(802.16 MAC Common Part Sublayer plus radiotap header
+>20	belong		194		(Juniper Integrated Service Module
+>20	belong		195		(802.15.4 with FCS
 >20	belong		196		(SITA
 >20	belong		197		(Endace ERF
+>20	belong		198		(Ethernet with u10 Networks pseudo-header
+>20	belong		199		(IPMB
+>20	belong		200		(Juniper Secure Tunnel
 >20	belong		201		(Bluetooth HCI H4 with pseudo-header
 >20	belong		202		(AX.25 with KISS header
 >20	belong		203		(LAPD
@@ -23634,7 +26095,12 @@
 >20	belong		206		(Frame Relay with direction pseudo-header
 >20	belong		209		(Linux IPMB
 >20	belong		215		(802.15.4 with non-ASK PHY header
+>20	belong		216		(Linux evdev events
+>20	belong		219		(MPLS with label as link-layer header
 >20	belong		220		(Memory-mapped Linux USB
+>20	belong		221		(DECT
+>20	belong		222		(AOS Space Data Link protocol
+>20	belong		223		(Wireless HART
 >20	belong		224		(Fibre Channel FC-2
 >20	belong		225		(Fibre Channel FC-2 with frame delimiters
 >20	belong		226		(Solaris IPNET
@@ -23643,69 +26109,114 @@
 >20	belong		229		(Raw IPv6
 >20	belong		230		(802.15.4 without FCS
 >20	belong		231		(D-Bus messages
+>20	belong		232		(Juniper Virtual Server
+>20	belong		233		(Juniper SRX E2E
+>20	belong		234		(Juniper Fibre Channel
 >20	belong		235		(DVB-CI
 >20	belong		236		(MUX27010
 >20	belong		237		(STANAG 5066 D_PDUs
->20	belong		239		(Linux netlink NFLOG messages
+>20	belong		238		(Juniper ATM CEMIC
+>20	belong		239		(Linux netfilter log messages
 >20	belong		240		(Hilscher netAnalyzer
 >20	belong		241		(Hilscher netAnalyzer with delimiters
 >20	belong		242		(IP-over-Infiniband
 >20	belong		243		(MPEG-2 Transport Stream packets
 >20	belong		244		(ng4t ng40
 >20	belong		245		(NFC LLCP
->20	belong		247		(Infiniband
+>20	belong		246		(Packet filter state syncing
+>20	belong		247		(InfiniBand
 >20	belong		248		(SCTP
->16	belong		x		\b, capture length %d)
+>20	belong		249		(USB with USBPcap header
+>20	belong		250		(Schweitzer Engineering Laboratories RTAC packets
+>20	belong		251		(Bluetooth Low Energy air interface
+>20	belong		252		(Wireshark Upper PDU export
+>20	belong		253		(Linux netlink
+>20	belong		254		(Bluetooth Linux Monitor
+>20	belong		255		(Bluetooth Basic Rate/Enhanced Data Rate baseband packets
+>20	belong		256		(Bluetooth Low Energy air interface with pseudo-header
+>20	belong		257		(PROFIBUS data link layer
+>20	belong		258		(Apple DLT_PKTAP
+>20	belong		259		(Ethernet with 802.3 Clause 65 EPON preamble
+>20	belong		260		(IPMI trace packets
+>20	belong		261		(Z-Wave RF profile R1 and R2 packets
+>20	belong		262		(Z-Wave RF profile R3 packets
+>20	belong		263		(WattStopper Digital Lighting Mngmt/Legrand Nitoo Open Proto
+>20	belong		264		(ISO 14443 messages
+>20	belong		265		(IEC 62106 Radio Data System groups
+>20	belong		266		(USB with Darwin header
+>20	belong		267		(OpenBSD DLT_OPENFLOW
+>20	belong		268		(IBM SDLC frames
+>20	belong		269		(TI LLN sniffer frames
+>20	belong		271		(Linux vsock
+>20	belong		272		(Nordic Semiconductor Bluetooth LE sniffer frames
+>20	belong		273		(Excentis XRA-31 DOCSIS 3.1 RF sniffer frames
+>20	belong		274		(802.3br mPackets
+>20	belong		275		(DisplayPort AUX channel monitoring data
+>20	belong		276		(Linux cooked v2
+>20	belong		278		(OpenVizsla USB
+>20	belong		279		(Elektrobit High Speed Capture and Replay (EBHSCR)
+>20	belong		281		(Broadcom tag
+>20	belong		282		(Broadcom tag (prepended)
+# print default match
+>20	default		x
+>>20	belong		x		(linktype#%u
+>16	belong		x		\b, capture length %u)
 
-0	ubelong		0xa1b2c3d4	tcpdump capture file (big-endian)
+# packets time stamps in seconds and microseconds.
+0	ubelong		0xa1b2c3d4	pcap capture file, microseconds ts (big-endian)
 !:mime	application/vnd.tcpdump.pcap
 >0	use	pcap-be
-0	ulelong		0xa1b2c3d4	tcpdump capture file (little-endian)
+0	ulelong		0xa1b2c3d4	pcap capture file, microsecond ts (little-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	\^pcap-be
+
+# packets time stamps in seconds and nanoseconds.
+0	ubelong		0xa1b23c4d	pcap capture file, nanosecond ts (big-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	pcap-be
+0	ulelong		0xa1b23c4d	pcap capture file, nanosecond ts (little-endian)
 !:mime	application/vnd.tcpdump.pcap
 >0	use	\^pcap-be
 
 #
 # "libpcap"-with-Alexey-Kuznetsov's-patches capture files.
-# (We call them "tcpdump capture file(s)" for now, as "tcpdump" is
-# the main program that uses that format, but there are other programs
-# that use "libpcap", or that use the same capture file format.)
 #
-0	ubelong		0xa1b2cd34	extended tcpdump capture file (big-endian)
+0	ubelong		0xa1b2cd34	pcap capture file, microsecond ts, extensions (big-endian)
 >0	use	pcap-be
-0	ulelong		0xa1b2cd34	extended tcpdump capture file (little-endian)
+0	ulelong		0xa1b2cd34	pcap capture file, microsecond ts, extensions (little-endian)
 >0	use	\^pcap-be
 
 #
-# "pcap-ng" capture files.
-# http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html
-# Pcap-ng files can contain multiple sections. Printing the endianness,
+# "pcapng" capture files.
+# https://github.com/pcapng/pcapng
+# Pcapng files can contain multiple sections. Printing the endianness,
 # snaplen, or other information from the first SHB may be misleading.
 #
 0	ubelong		0x0a0d0d0a
->8	ubelong		0x1a2b3c4d	pcap-ng capture file
+>8	ubelong		0x1a2b3c4d	pcapng capture file
 >>12	beshort		x		- version %d
 >>14	beshort		x		\b.%d
 0	ulelong		0x0a0d0d0a
->8	ulelong		0x1a2b3c4d	pcap-ng capture file
+>8	ulelong		0x1a2b3c4d	pcapng capture file
 >>12	leshort		x		- version %d
 >>14	leshort		x		\b.%d
 
 #
 # AIX "iptrace" capture files.
 #
-0	string		iptrace\ 1.0	"iptrace" capture file
-0	string		iptrace\ 2.0	"iptrace" capture file
+0	string		iptrace\0401.0	AIX iptrace capture file
+0	string		iptrace\0402.0	AIX iptrace capture file
 
 #
 # Novell LANalyzer capture files.
 #
-0	leshort		0x1001		LANalyzer capture file
-0	leshort		0x1007		LANalyzer capture file
+0	leshort		0x1001		Novell LANalyzer capture file
+0	leshort		0x1007		Novell LANalyzer capture file
 
 #
 # HP-UX "nettl" capture files.
 #
-0	string		\x54\x52\x00\x64\x00	"nettl" capture file
+0	string		\x54\x52\x00\x64\x00	HP/UX nettl capture file
 
 #
 # RADCOM WAN/LAN Analyzer capture files.
@@ -23879,7 +26390,7 @@
 >>>7   byte		1	       (alternate timings)
 
 #------------------------------------------------------------------------------
-# $File: sql,v 1.21 2017/03/17 21:35:28 christos Exp $
+# $File: sql,v 1.22 2019/04/19 00:42:27 christos Exp $
 # sql:  file(1) magic for SQL files
 #
 # From: "Marty Leisner" <mleisner@eng.mc.xerox.com>
@@ -23998,13 +26509,13 @@
 
 
 # SQLite Write-Ahead Log from SQLite version >= 3.7.0
-# http://www.sqlite.org/fileformat.html#walformat
+# https://www.sqlite.org/fileformat.html#walformat
 0	belong&0xfffffffe	0x377f0682	SQLite Write-Ahead Log,
 !:ext sqlite-wal/db-wal
 >4	belong	x	version %d
 
 # SQLite Rollback Journal
-# http://www.sqlite.org/fileformat.html#rollbackjournal
+# https://www.sqlite.org/fileformat.html#rollbackjournal
 0	string	\xd9\xd5\x05\xf9\x20\xa1\x63\xd7	SQLite Rollback Journal
 
 # Panasonic channel list database svl.bin or svl.db added by Joerg Jenderek
@@ -24016,7 +26527,7 @@
 #!:mime	application/x-panasonic-sqlite3
 >>&-15	indirect	x			\b; contains
 
-# H2 Database from http://www.h2database.com/
+# H2 Database from https://www.h2database.com/
 0	string		--\ H2\ 0.5/B\ --\ \n	H2 Database file
 # Type:	OpenSSH key files
 # From:	Nicolas Collignon <tsointsoin@gmail.com>
@@ -24053,7 +26564,7 @@
 0	string U2FsdGVkX1	openssl enc'd data with salted password, base64 encoded
 
 #------------------------------------------------------------------------------
-# $File: sun,v 1.27 2014/04/30 21:41:02 christos Exp $
+# $File: sun,v 1.28 2019/04/19 00:42:27 christos Exp $
 # sun:  file(1) magic for Sun machines
 #
 # Values for big-endian Sun (MC680x0, SPARC) binaries on pre-5.x
@@ -24146,7 +26657,7 @@
 0	string		#SUNPC_CONFIG	SunPC 4.0 Properties Values
 # Sun snoop (see RFC 1761, which describes the capture file format,
 # RFC 3827, which describes some additional datalink types, and
-# http://www.iana.org/assignments/snoop-datalink-types/snoop-datalink-types.xml,
+# https://www.iana.org/assignments/snoop-datalink-types/snoop-datalink-types.xml,
 # which is the IANA registry of Snoop datalink types)
 #
 0	string		snoop		Snoop capture file
@@ -24236,12 +26747,12 @@
 
 
 #------------------------------------------------------------------------
-# $File: sysex,v 1.9 2017/03/17 21:35:28 christos Exp $
+# $File: sysex,v 1.10 2019/04/19 00:42:27 christos Exp $
 # sysex: file(1) magic for MIDI sysex files
 #
 # GRR: original 1 byte test at offset was too general as it catches also many FATs of DOS filesystems
 # where real SYStem EXclusive messages at offset 1 are limited to seven bits
-# http://en.wikipedia.org/wiki/MIDI
+# https://en.wikipedia.org/wiki/MIDI
 0	ubeshort&0xFF80		0xF000		SysEx File -
 
 # North American Group
@@ -24448,7 +26959,7 @@
 >1	byte			0x52		Zoom
 >1	byte			0x54		Matsushita
 >1	byte			0x57		Acoustic tech. lab.
-# http://www.midi.org/techspecs/manid.php
+# https://www.midi.org/techspecs/manid.php
 >1	belong&0xffffff00	0x00007400	Ta Horng
 >1	belong&0xffffff00	0x00007500	e-Tek
 >1	belong&0xffffff00	0x00007600	E-Voice
@@ -24556,7 +27067,7 @@
 0	string			T707		Roland TR-707 Data
 #------------------------------------------------------------------------------
 # file:  file(1) magic for Tcl scripting language
-# URL:  http://www.tcl.tk/
+# URL:  https://www.tcl.tk/
 # From: gustaf neumann
 
 # Tcl scripts
@@ -24591,11 +27102,11 @@
 0       string          #!teapot\012xdr      teapot work sheet (XDR format)
 
 #------------------------------------------------------------------------------
-# $File: terminfo,v 1.10 2018/01/21 03:26:33 christos Exp $
+# $File: terminfo,v 1.11 2019/04/19 00:42:27 christos Exp $
 # terminfo:  file(1) magic for terminfo
 #
-# URL: http://invisible-island.net/ncurses/man/term.5.html
-# URL: http://invisible-island.net/ncurses/man/scr_dump.5.html
+# URL: https://invisible-island.net/ncurses/man/term.5.html
+# URL: https://invisible-island.net/ncurses/man/scr_dump.5.html
 #
 # Workaround for Targa image type by Joerg Jenderek
 # GRR: line below too general as it catches also
@@ -24653,7 +27164,7 @@
 0	string		PDC\001		PDCurses screen image
 
 #------------------------------------------------------------------------------
-# $File: tex,v 1.20 2014/03/16 02:53:03 christos Exp $
+# $File: tex,v 1.21 2019/04/19 00:42:27 christos Exp $
 # tex:  file(1) magic for TeX files
 #
 # XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
@@ -24761,7 +27272,7 @@
 0	string		#LyX		LyX document text
 
 # ConTeXt documents
-#	http://wiki.contextgarden.net/
+#	https://wiki.contextgarden.net/
 0	search/4096	\\setupcolors[		ConTeXt document text
 !:strength + 15
 0	search/4096	\\definecolor[		ConTeXt document text
@@ -25070,18 +27581,20 @@
 0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0	old timezone data
 
 #------------------------------------------------------------------------------
-# $File: tplink,v 1.2 2017/12/14 05:52:56 christos Exp $
+# $File: tplink,v 1.4 2019/04/19 00:42:27 christos Exp $
 # tplink: File magic for openwrt firmware files
 
 # URL: https://wiki.openwrt.org/doc/techref/header
-# Reference: http://git.openwrt.org/?p=openwrt.git;a=blob;f=tools/firmware-utils/src/mktplinkfw.c
+# Reference: https://git.openwrt.org/?p=openwrt.git;a=blob;f=tools/firmware-utils/src/mktplinkfw.c
 # From: Joerg Jenderek
 # check for valid header version 1 or 2
 0		ulelong		<3
 >0		ulelong		!0
 # test for header padding with nulls
 >>0x100		long		0
->>>0		use		firmware-tplink
+# skip Norton Commander Cleanup Utility NCCLEAN.INI by looking for valid vendor
+>>>4		ubelong		>0x1F000000
+>>>>0		use		firmware-tplink
 
 0		name		firmware-tplink
 >0		ubyte		x		firmware
@@ -25133,11 +27646,13 @@
 # look for kernel type (gzip compressed vmlinux.bin by ./compress)
 >(0x80.L)	indirect	x
 # root file system data offset
+# WRONG in 5.35 with above indirect expression
 >0x88		ubelong		x		\b, at 0x%x
 # rootfs data length and 1 space
 >0x8C		ubelong		x		%u bytes 
 # in 5.32 only true for offset ~< FILE_BYTES_MAX=9 MB defined in ../../src/file.h 
 >(0x88.L)	indirect	x
+# 'qshs' for wr940nv1_en_3_13_7_up(111228).bin
 #>(0x88.L)	string		x		\b, file system '%.4s'
 #>(0x88.L)	ubequad		x		\b, file system 0x%llx
 # bootloader data offset
@@ -25206,11 +27721,10 @@
 >>17	string		>\0			%s)
 
 #------------------------------------------------------------------------------
-# $File: unicode,v 1.6 2010/09/20 18:55:20 rrt Exp $
+# $File: unicode,v 1.7 2019/02/19 20:34:42 christos Exp $
 # Unicode:  BOM prefixed text files - Adrian Havill <havill@turbolinux.co.jp>
-# GRR: These types should be recognised in file_ascmagic so these
-# encodings can be treated by text patterns.
-# Missing types are already dealt with internally.
+# These types are recognised in file_ascmagic so these encodings can be
+# treated by text patterns.  Missing types are already dealt with internally.
 #
 0	string	+/v8			Unicode text, UTF-7
 0	string	+/v9			Unicode text, UTF-7
@@ -25402,7 +27916,7 @@
 >4	string		>\0		\b, name '%s'
 
 #------------------------------------------------------------------------------
-# $File: varied.script,v 1.11 2015/03/27 17:59:39 christos Exp $
+# $File: varied.script,v 1.12 2019/04/19 00:42:27 christos Exp $
 # varied.script:  file(1) magic for various interpreter scripts
 
 0	string/t		#!\ /			a
@@ -25448,7 +27962,7 @@
 
 # From: arno <arenevier@fdn.fr>
 # mozilla xpconnect typelib
-# see http://www.mozilla.org/scriptable/typelib_file.html
+# see https://www.mozilla.org/scriptable/typelib_file.html
 0	string 		XPCOM\nTypeLib\r\n\032		XPConnect Typelib
 >0x10  byte        x       version %d
 >>0x11 byte        x      \b.%d
@@ -25498,15 +28012,198 @@
 43	string	SFDU_LABEL	VICAR label file
 
 #------------------------------------------------------------------------------
-# $File: virtual,v 1.6 2014/05/07 21:25:41 christos Exp $
+# $File: virtual,v 1.10 2019/04/19 00:42:27 christos Exp $
 # From: James Nobis <quel@quelrod.net>
 # Microsoft hard disk images for:
 # Virtual Server
 # Virtual PC
-# http://technet.microsoft.com/en-us/virtualserver/bb676673.aspx
-# .vhd
+# VirtualBox
+# URL: http://fileformats.archiveteam.org/wiki/VHD_(Virtual_Hard_Disk)
+# Reference: https://download.microsoft.com/download/f/f/e/ffef50a5-07dd-4cf8-aaa3-442c0673a029/
+# Virtual%20Hard%20Disk%20Format%20Spec_10_18_06.doc
 0	string	conectix	Microsoft Disk Image, Virtual Server or Virtual PC
+# alternative shorter names
+#0	string	conectix	Microsoft Virtual Hard Disk image
+#0	string	conectix	Microsoft Virtual HD image
+!:mime	application/x-virtualbox-vhd
+!:ext   vhd
+# Features is a bit field used to indicate specific feature support
+#>8	ubelong		!0x00000002	\b, Features 0x%x
+# Reserved. This bit must always be set to 1.
+#>8	ubelong		&0x00000002	\b, Reserved 0x%x
+# File Format Version for the current specification 0x00010000
+#>12	ubelong		!0x00010000	\b, Version 0x%8.8x
+# Data Offset only found 0x200
+#>16	ubequad		!0x200		\b, Data Offset 0x%llx
+#>16	ubequad		x		\b, at 0x%llx
+# Dynamic Disk Header cookie like cxsparse
+#>(16.Q)	string		x		"%-.8s"
+# This field contains a Unicode string (UTF-16) of the parent hard disk filename
+#>(16.Q+64)	ubequad	x		\b, parent name 0x%llx
+# Creator Application
+# vpc~Microsoft Virtual PC, vs~Microsoft Virtual Server, vbox~VirtualBox, d2v~disk2vhd
+>28	string		x		\b, Creator %-4.4s
+# Creator Version: 0x00010000~Virtual Server 2004, 0x00050000~Virtual PC 2004
+# holds the major/minor version of the application that created the image
+>32	ubeshort	x		%x
+>34	ubeshort	x		\b.%x
+#>32	ubelong		x		\b, Version 0x%8.8x
+# Creator Host OS: 0x5769326B~Windows (Wi2k), 0x4D616320~Macintosh (Mac)
+>36	ubelong		x		(
+>>36	ubelong		0x5769326B	\bW2k
+>>36	ubelong		0x4D616320	\bMac
+>>36	default		x		\b0x
+>>>36	ubelong		x		\b%8.8x
+# creation Time in seconds since 1 Jan 2000 UTC~946684800 sec. since Unix Epoch
+>24	bedate+946684800	x	\b) %s
+# Original Size
+#>40	ubequad		x		\b, o.-Size 0x%llx
+# Current Size is same as original size, but change when disk is expanded
+#>48	ubequad		x		\b, Size 0x%llx
+>48	ubequad		x		\b, %llu bytes
+# Disk Geometry: cylinder, heads, and sectors/track for hard disk
+#>56	ubeshort	x		\b, Cylinder 0x%x
+>56	ubeshort	x		\b, CHS %u
+# Heads
+#>58	ubyte		x		\b, Heads 0x%x
+>58	ubyte		x		\b/%u
+# Sectors per track
+#>59	ubyte		x		\b, Sectors 0x%x
+>59	ubyte		x		\b/%u
+# Disk Type: 3~Dynamic hard disk
+>60	ubelong		!0x3		\b, type 0x%x
+# Checksum
+#>64	ubelong		x		\b, cksum 0x%x
+# universally unique identifier (UUID) to associate a parent with its differencing image
+#>68	ubequad		x		\b, id 0x%16.16llx
+#>76	ubequad		x		\b-%16.16llx
+# Saved State: 1~Saved State
+>84	ubyte		!0		\b, State 0x%x
+# Reserved 427 bytes with nils
+#>85	ubequad	!0			\b, Reserved 0x%16.16llx
 
+# From: Joerg Jenderek
+# URL: https://msdn.microsoft.com/en-us/library/mt740058.aspx
+# Reference: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/
+# MS-VHDX/[MS-VHDX].pdf
+# Note: extends the VHD format with new capabilities, such as a 16TB maximum size
+# TODO:	find and display values like virtual size, disk size, cluster_size, etc
+#	display id in GUID format
+#
+# VHDX_FILE_IDENTIFIER signature 0x656C696678646876
+0	string			vhdxfile
+# VHDX_HEADER signature. 1 header is stored at offset 64KB and the other at 128KB
+>0x10000	string		head		Microsoft Disk Image eXtended
+#>0x20000	string			head	\b, 2nd header
+#!:mime	application/x-virtualbox-vhdx
+!:ext	vhdx
+# Creator[256] like "QEMU v3.0.0", "Microsoft Windows 6.3.9600.18512"
+>>8		lestring16		x	\b, by %.256s
+# The Checksum field is a CRC-32C hash over the entire 4 KB structure
+#>>0x10004	ulelong			x	\b, CRC 0x%x
+# SequenceNumber
+>>0x10008	ulequad			x	\b, sequence 0x%llx
+# FileWriteGuid
+#>>0x10010	ubequad			x	\b, file id 0x%llx
+#>>>0x10018	ubequad			x	\b-%llx
+# DataWriteGuid
+#>>0x10020	ubequad			x	\b, data id 0x%llx
+#>>>0x10028	ubequad			x	\b-%llx
+# LogGuid. If this field is zero, then the log is empty or has no valid entries 
+>>0x10030	ubequad			>0	\b, log id 0x%llx
+>>>0x10038	ubequad			x	\b-%llx
+# LogVersion. If not 0 there is a log to replay
+>>0x10040	uleshort		>0	\b, LogVersion 0x%x
+# Version. This field must be set to 1
+>>0x10042	uleshort		!1	\b, Version 0x%x
+# LogLength must be multiples of 1 MB
+>>0x10044	ulelong/1048576		>1	\b, LogLength %u MB
+# LogOffset (normally 0x100000 when log direct after header); multiples of 1 MB
+>>0x10048	ulequad			!0x100000 \b, LogOffset 0x%llx
+# Log Entry Signature must be 0x65676F6C~loge
+>>(0x10048.q)	ulelong			!0x65676F6C \b, NO Log Signature
+>>(0x10048.q)	ulelong			=0x65676F6C	\b; LOG
+# Log Entry Checksum
+#>>>(0x10048.q+4)	ulelong		x	\b, Log CRC 0x%x
+# Log Entry Length must be a multiple of 4 KB
+>>>(0x10048.q+8)	ulelong/1024	>4	\b, EntryLength %u KB
+# Log Entry Tail must be a multiple of 4 KB
+#>>>(0x10048.q+12)	ulelong		x	\b, Tail 0x%x
+# Log Entry SequenceNumber
+#>>>(0x10048.q+16)	ulequad		x	\b, # 0x%llx
+# Log Entry DescriptorCount may be zero. only 4 bytes in other docs instead 8
+#>>>(0x10048.q+24)	ulelong		x	\b, DescriptorCount 0x%llx
+# Log Entry Reserved must be set to 0
+>>>(0x10048.q+28)	ulelong		!0	\b, Reserved 0x%x
+# Log Entry LogGuid
+#>>>(0x10048.q+32)	ubequad		x	\b, Log id 0x%llx
+#>>>(0x10048.q+40)	ubequad		x	\b-%llx
+# Log Entry FlushedFileOffset should VHDX size when entry is written.
+#>>>(0x10048.q+48)	ulequad		x	\b, FlushedFileOffset %llu
+# Log Entry LastFileOffset
+#>>>(0x10048.q+56)	ulequad		x	\b, LastFileOffset %llu
+# filling
+#>>>(0x10048.q+64)	ulequad		>0	\b, filling %llx
+# Reserved[4016]
+#>>0x10050	ulequad			>0	\b, Reserved 0x%llx
+# VHDX_REGION_TABLE_HEADER Signature 0x69676572~regi at offset 192 KB and 256 KB
+>0x30000	ulelong			!0x69676572 \b, 1st region INVALID
+>0x30000	ulelong			=0x69676572 \b; region
+# region Checksum. CRC-32C hash over the entire 64-KB table
+#>>0x30004	ulelong			x	\b, CRC 0x%x
+# The EntryCount specifies number of valid entries; Found 2; This must be =< 2047. 
+>>0x30008	ulelong			x	\b, %u entries
+# reserved must be zero
+#>>0x3000C	ulelong			!0	\b, RESERVED 0x%x
+# Region Table Entry starts with identifier for the object. often BAT id
+>>0x30010	use			vhdx-id
+# FileOffset
+>>0x30020	ulequad		x		\b, at 0x%llx
+# Length. Specifies the length of the object within the file
+#>>0x30028	ulelong		x		\b, Length 0x%x
+# 1 means region entry is required. if region not recognized, then REFUSE to load VHDX
+>>0x3002C	ulelong		x		\b, Required %u
+# 2nd region entry often metadata id
+>>0x30030	use			vhdx-id
+# 2nd entry FileOffset
+>>0x30040	ulequad		x		\b, at 0x%llx
+# 1 means region entry is required. if region not recognized, then REFUSE to load VHDX
+>>0x3004C	ulelong		x		\b, Required %u
+# 2nd region
+>>0x40000	ulelong		!0x69676572	\b, 2nd region INVALID
+# check in vhdx images for known id and show names instead hexadecimal
+0	name		vhdx-id
+# https://www.windowstricks.in/online-windows-guid-converter
+# 2DC27766-F623-4200-9D64-115E9BFD4A08		BAT GUID
+# 6677C22D23F600429D64115E9BFD4A08		BAT ID
+>0	ubequad		=0x6677C22D23F60042
+>>8	ubequad		=0x9D64115E9BFD4A08	\b, id BAT
+# no BAT id
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# 8B7CA206-4790-4B9A-B8FE-575F050F886E		Metadata region GUID
+# 06A27C8B90479A4BB8FE575F050F886E		Metadata region ID
+>0	ubequad		=0x06A27C8B90479A4B
+>>8	ubequad		=0xB8FE575F050F886E	\b, id Metadata
+# no Metadata id
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# 2FA54224-CD1B-4876-B211-5DBED83BF4B8		Virtual Disk Size GUID
+# 2442A52F1BCD7648B2115DBED83BF4B8		Virtual Disk Size ID
+# value "virtual size" can be verified by command `qemu-img info `
+>0	ubequad		=0x2442A52F1BCD7648
+>>8	ubequad		=0xB2115DBED83BF4B8	\b, id vsize
+# no Virtual Disk Size ID
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# other ids
+>0	default		x
+>>0	use		vhdx-id-hex
+# in vhdx images show id as hexadecimal
+0	name		vhdx-id-hex
+>0	ubequad		x			\b, ID 0x%16.16llx
+>8	ubequad		x			\b-%16.16llx
+#
 # libvirt
 # From: Philipp Hahn <hahn@univention.de>
 0	string	LibvirtQemudSave	Libvirt QEMU Suspend Image
@@ -25534,15 +28231,16 @@
 # Updated by Adam Buchbinder (adam.buchbinder@gmail.com)
 # Made by reading sources, reading documentation, and doing trial and error
 # on existing QCOW files
-0	string/b	QFI\xFB	QEMU QCOW Image
+0	string/b	QFI\xFB
 
 # Uncomment the following line to display Magic (only used for debugging
 # this magic number)
 #>0	string/b	x	, Magic: %s
 
 # There are currently 2 Versions: "1" and "2".
-# http://www.gnome.org/~markmc/qcow-image-format-version-1.html
->4	belong	1	(v1)
+# https://www.gnome.org/~markmc/qcow-image-format-version-1.html
+>4	belong		!1	QEMU QCOW2 Image
+>4	belong		1	QEMU QCOW Image (v1)
 
 # Using the existence of the Backing File Offset to determine whether
 # to read Backing File Information
@@ -25564,7 +28262,7 @@
 # 1 for AES encryption, 0 for none.
 >>36	belong	1	\b, AES-encrypted
 
-# http://www.gnome.org/~markmc/qcow-image-format.html
+# https://www.gnome.org/~markmc/qcow-image-format.html
 >4	belong	2	(v2)
 # Using the existence of the Backing File Offset to determine whether
 # to read Backing File Information
@@ -25600,7 +28298,7 @@
 0	string/b	QEVM		QEMU suspend to disk image
 
 # QEMU QED Image
-# http://wiki.qemu.org/Features/QED/Specification
+# https://wiki.qemu.org/Features/QED/Specification
 0	string/b	QED\0		QEMU QED Image
 
 # VDI Image
@@ -25870,7 +28568,7 @@
 >0	leshort	>0		schema version no %d
 
 #------------------------------------------------------------------------------
-# $File: warc,v 1.3 2010/11/25 15:05:43 christos Exp $
+# $File: warc,v 1.4 2019/04/19 00:42:27 christos Exp $
 # warc:  file(1) magic for WARC files
 
 0	string	WARC/	WARC Archive
@@ -25879,7 +28577,7 @@
 
 #------------------------------------------------------------------------------
 # Arc File Format from Internet Archive
-# see http://www.archive.org/web/researcher/ArcFileFormat.php
+# see https://www.archive.org/web/researcher/ArcFileFormat.php
 0      string          filedesc://     Internet Archive File
 !:mime application/x-ia-arc
 >11    search/256      \x0A    \b
@@ -25901,14 +28599,14 @@
 
 #0	string		=!!		Bennet Yee's "face" format
 #------------------------------------------------------------------------------
-# $File: webassembly,v 1.2 2017/05/02 14:05:29 christos Exp $
+# $File: webassembly,v 1.3 2019/04/19 00:42:27 christos Exp $
 # webassembly:  file(1) magic for WebAssembly modules
 #
 # WebAssembly is a virtual architecture developed by a W3C Community
-# Group at http://webassembly.org/. The file extension is .wasm, and
+# Group at https://webassembly.org/. The file extension is .wasm, and
 # the MIME type is application/wasm.
 #
-# http://webassembly.org/docs/binary-encoding/ is the main
+# https://webassembly.org/docs/binary-encoding/ is the main
 # document describing the binary format.
 # From: Pip Cet <pipcet@gmail.com> and Joel Martin
 
@@ -25917,7 +28615,7 @@
 >4	lelong	>1	version %#x
 
 #------------------------------------------------------------------------------
-# $File: windows,v 1.22 2018/02/16 15:44:00 christos Exp $
+# $File: windows,v 1.26 2019/05/01 17:55:25 christos Exp $
 # windows:  file(1) magic for Microsoft Windows
 #
 # This file is mainly reserved for files where programs
@@ -25943,8 +28641,8 @@
 
 # Summary: Windows crash dump
 # Extension: .dmp
-# Created by: Andreas Schuster (http://computer.forensikblog.de/)
-# Reference (1): http://computer.forensikblog.de/en/2008/02/64bit_magic.html
+# Created by: Andreas Schuster (https://computer.forensikblog.de/)
+# Reference (1): https://computer.forensikblog.de/en/2008/02/64bit_magic.html
 # Modified by (1): Abel Cheung (Avoid match with first 4 bytes only)
 0	string		PAGE
 >4	string		DUMP		MS Windows 32bit crash dump
@@ -25963,8 +28661,8 @@
 
 # Summary: Vista Event Log
 # Extension: .evtx
-# Created by: Andreas Schuster (http://computer.forensikblog.de/)
-# Reference (1): http://computer.forensikblog.de/en/2007/05/some_magic.html
+# Created by: Andreas Schuster (https://computer.forensikblog.de/)
+# Reference (1): https://computer.forensikblog.de/en/2007/05/some_magic.html
 0	string		ElfFile\0	MS Windows Vista Event Log
 >0x2a	leshort		x		\b, %d chunks
 >>0x10	lelong		x		\b (no. %d in use)
@@ -25973,6 +28671,80 @@
 >0x78	lelong		&1		\b, DIRTY
 >0x78	lelong		&2		\b, FULL
 
+# Summary: Windows System Deployment Image
+# Created by: Joerg Jenderek
+# URL: http://en.wikipedia.org/wiki/System_Deployment_Image
+# Reference: http://skolk.livejournal.com/1320.html
+0	string			$SDI
+>4	string			0001		System Deployment Image
+!:mime	application/x-ms-sdi
+#!:mime	application/octet-stream
+# \Boot\boot.sdi
+!:ext	sdi
+# MDBtype: 0~Unspecified 1~RAM 2~ROM
+>>8	ulequad			!0		\b, MDBtype 0x%llx
+# BootCodeOffset
+>>16	ulequad			!0		\b, BootCodeOffset 0x%llx
+# BootCodeSize
+>>24	ulequad			!0		\b, BootCodeSize 0x%llx
+# VendorID
+>>32	ulequad			!0		\b, VendorID 0x%llx
+# DeviceID
+>>40	ulequad			!0		\b, DeviceID 0x%llx
+# DeviceModel
+>>48	ulequad			!0		\b, DeviceModel 0x%llx
+>>>56	ulequad			!0		\b%llx
+# DeviceRole
+>>64	ulequad			!0		\b, DeviceRole 0x%llx
+# Reserved1; reserved fields and gaps between BLOBs are padded with \0
+#>>72	ulequad			!0		\b, Reserved1 0x%llx
+# RuntimeGUID
+>>80	ulequad			!0		\b, RuntimeGUID 0x%llx
+>>>88	ulequad			!0		\b%llx
+# RuntimeOEMrev
+>>96	ulequad			!0		\b, RuntimeOEMrev 0x%llx
+# Reserved2
+#>>104	ulequad			!0		\b, Reserved2 0x%llx
+# BLOB alignment value in pages, as specified in sdimgr /pack: 1~4K 2~8k
+>>112	ulequad			!0		\b, PageAlignment %llu
+# Reserved3[48]
+#>>120	ulequad			!0		\b, Reserved3 0x%llx
+# SDI checksum 39h
+>>0x1f8	ulequad			x		\b, checksum 0x%llx
+# BLOBtype[8] \0-padded: PART, WIM , BOOT, LOAD, DISK
+>>0x400	string			>\0		\b, type %-3.8s
+# 0~non-filesystem 7~NTFS 6~BIGFAT
+>>>0x420	ulequad		!0		(0x%llx)
+# ATTRibutes
+>>>0x408	ulequad		!0		0x%llx attributes
+# Offset
+>>>0x410	ulequad		x		at 0x%llx
+# print 1 space after size and then handles NTFS boot sector by ./filesystems
+>>>0x418	ulequad		>0		%llu bytes 
+>>>>(0x410.l)	indirect	x
+# 2nd BLOB: WIM
+>>0x440		string		>\0		\b, type %-3.8s
+>>>0x428	ulequad		!0		(0x%llx)
+# ATTRibutes
+>>>0x448	ulequad		!0		0x%llx attributes
+# Offset
+>>>0x450	ulequad		x		at 0x%llx
+>>>0x458	ulequad		>0		%llu bytes 
+>>>>(0x450.l)	indirect	x
+# 3rd BLOB
+>>0x480		string		>\0		\b, type %-3.8s
+
+# Summary:	Windows Error Report text files
+# URL:		https://en.wikipedia.org/wiki/Windows_Error_Reporting
+# Reference:	https://www.nirsoft.net/utils/app_crash_view.html
+# Created by:	Joerg Jenderek
+# Note:		in directories	%ProgramData%\Microsoft\Windows\WER\{ReportArchive,ReportQueue}
+#				%LOCALAPPDATA%\Microsoft\Windows\WER\{ReportArchive,ReportQueue}
+0	lestring16	Version=	
+>22	lestring16	EventType	Windows Error Report
+!:mime	text/plain
+# Report.wer
+!:ext	wer
 
 # Summary: Windows 3.1 group files
 # Extension: .grp
@@ -25982,7 +28754,7 @@
 
 # Summary: Old format help files
 # URL: https://en.wikipedia.org/wiki/WinHelp
-# Reference: http://www.oocities.org/mwinterhoff/helpfile.htm
+# Reference: https://www.oocities.org/mwinterhoff/helpfile.htm
 # Update: Joerg Jenderek
 # Created by: Dirk Jagdmann <doj@cubic.org>
 #
@@ -26130,7 +28902,7 @@
 0	string		HyperTerminal\040
 >15	string		1.0\ --\ HyperTerminal\ data\ file	MS Windows HyperTerminal profile
 
-# http://ithreats.files.wordpress.com/2009/05/\040
+# https://ithreats.files.wordpress.com/2009/05/\040
 # lnk_the_windows_shortcut_file_format.pdf
 # Summary: Windows shortcut
 # Extension: .lnk
@@ -26260,8 +29032,8 @@
 0	name		ini-file
 # look for left bracket in section line
 >0	search/8192	[
-# http://en.wikipedia.org/wiki/Autorun.inf
-# http://msdn.microsoft.com/en-us/library/windows/desktop/cc144200.aspx
+# https://en.wikipedia.org/wiki/Autorun.inf
+# https://msdn.microsoft.com/en-us/library/windows/desktop/cc144200.aspx
 # space after right bracket
 # or AutoRun.Amd64 for 64 bit systems
 # or only NL separator
@@ -26277,7 +29049,7 @@
 >>>&0	string		!]\r\n[					Microsoft Windows Autorun file
 !:mime application/x-setupscript
 !:ext	inf
-# http://msdn.microsoft.com/en-us/library/windows/hardware/ff549520(v=vs.85).aspx
+# https://msdn.microsoft.com/en-us/library/windows/hardware/ff549520(v=vs.85).aspx
 # version strings ASCII coded case-independent for Windows setup information script file
 >>&0	regex/c		\^(version|strings)]				Windows setup INFormation
 !:mime	application/x-setupscript
@@ -26288,24 +29060,24 @@
 !:mime	application/x-setupscript
 !:ext	inf
 # http://www.winfaq.de/faq_html/Content/tip2500/onlinefaq.php?h=tip2653.htm
-# http://msdn.microsoft.com/en-us/library/windows/desktop/cc144102.aspx
+# https://msdn.microsoft.com/en-us/library/windows/desktop/cc144102.aspx
 # .ShellClassInfo DeleteOnCopy LocalizedFileNames ASCII coded case-independent
 >>&0	regex/c	\^(\.ShellClassInfo|DeleteOnCopy|LocalizedFileNames)]	Windows desktop.ini
 !:mime application/x-wine-extension-ini
 #!:mime text/plain
-# http://support.microsoft.com/kb/84709/
+# https://support.microsoft.com/kb/84709/
 >>&0	regex/c		\^(don't\ load)]				Windows CONTROL.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
 >>&0	regex/c		\^(ndishlp\\$|protman\\$|NETBEUI\\$)]		Windows PROTOCOL.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://technet.microsoft.com/en-us/library/cc722567.aspx
+# https://technet.microsoft.com/en-us/library/cc722567.aspx
 # http://www.winfaq.de/faq_html/Content/tip0000/onlinefaq.php?h=tip0137.htm
 >>&0	regex/c		\^(windows|Compatibility|embedding)]		Windows WIN.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/SYSTEM.INI
+# https://en.wikipedia.org/wiki/SYSTEM.INI
 >>&0	regex/c		\^(boot|386enh|drivers)]			Windows SYSTEM.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
@@ -26313,18 +29085,18 @@
 >>&0	regex/c		\^(SafeList)]					Windows IOS.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/NTLDR	Windows Boot Loader information
+# https://en.wikipedia.org/wiki/NTLDR	Windows Boot Loader information
 >>&0	regex/c		\^(boot\x20loader)]				Windows boot.ini
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/CONFIG.SYS
+# https://en.wikipedia.org/wiki/CONFIG.SYS
 >>&0	regex/c		\^(menu)]					MS-DOS CONFIG.SYS
 # @CONFIG.UI configuration file of previous DOS version saved by Caldera OPENDOS INSTALL.EXE
 # CONFIG.PSS saved version of file CONFIG.SYS created by %WINDIR%\SYTEM\MSCONFIG.EXE
 # CONFIG.TSH renamed file CONFIG.SYS.BAT by %WINDIR%\SYTEM\MSCONFIG.EXE
 # dos and w40 used in dual booting scene
 !:ext	sys/dos/w40
-# http://support.microsoft.com/kb/118579/
+# https://support.microsoft.com/kb/118579/
 >>&0	regex/c		\^(Paths)]\r\n					MS-DOS MSDOS.SYS
 !:ext	sys/dos
 # http://chmspec.nongnu.org/latest/INI.html#HHP
@@ -26340,7 +29112,7 @@
 >>>>&0	string/c			version				Windows setup INFormation
 !:mime application/x-setupscript
 !:ext	inf
-# http://en.wikipedia.org/wiki/Initialization_file	Windows Initialization File or other
+# https://en.wikipedia.org/wiki/Initialization_file	Windows Initialization File or other
 >>>>&0	default				x
 >>>>>&0	ubyte				x
 # characters, digits, underscore and white space followed by right bracket
@@ -26477,7 +29249,7 @@
 # Summary: backup file created with utility like NTBACKUP.EXE shipped with Windows NT/2K/XP/2003
 # Extension: .bkf
 # Created by: Joerg Jenderek
-# URL: http://en.wikipedia.org/wiki/NTBackup
+# URL: https://en.wikipedia.org/wiki/NTBackup
 # Reference: http://laytongraphics.com/mtf/MTF_100a.PDF
 # Descriptor BloCK name of Microsoft Tape Format
 0	string			TAPE
@@ -26574,7 +29346,7 @@
 #
 
 # URL: https://en.wikipedia.org/wiki/PaintShop_Pro
-# Reference: http://www.cryer.co.uk/file-types/p/pal.htm
+# Reference: https://www.cryer.co.uk/file-types/p/pal.htm
 # Created by: Joerg Jenderek
 # Note: there exist other color palette formats also with .pal extension
 0	string	JASC-PAL\r\n	PaintShop Pro color palette
@@ -26586,7 +29358,7 @@
 # third line contains the number of colours: 16 256 ...
 >16	string	x		\b, %.3s colors
 
-# URL: http://en.wikipedia.org/wiki/Innosetup
+# URL: https://en.wikipedia.org/wiki/Innosetup
 # Reference: https://github.com/jrsoftware/issrc/blob/master/Projects/Undo.pas
 # Created by: Joerg Jenderek
 # Note:	created by like "InnoSetup self-extracting archive" inside ./msdos
@@ -26633,6 +29405,95 @@
 # directory like C:\Program Files\GIMP 2
 >>>>&0	lestring16	x				\b, %-.42s
 
+# Windows Imaging (WIM) Image
+# Update: Joerg Jenderek at Mar 2019
+# URL: https://en.wikipedia.org/wiki/Windows_Imaging_Format
+# Reference: https://download.microsoft.com/download/f/e/f/
+# fefdc36e-392d-4678-9e4e-771ffa2692ab/Windows%20Imaging%20File%20Format.rtf
+# Note: verified by like `7z t boot.wim` `wiminfo install.esd --header`
+0	string		MSWIM\000\000\000
+>0	use		wim-archive
+# https://wimlib.net/man1/wimoptimize.html
+0	string		WLPWM\000\000\000
+>0	use		wim-archive
+0	name		wim-archive
+# _WIMHEADER_V1_PACKED ImageTag[8]
+>0	string		x			Windows imaging
+!:mime	application/x-ms-wim
+# TO avoid in file version 5.36 error like
+# Magdir/windows, 760: Warning: Current entry does not yet have a description
+# file: could not find any valid magic files! (No error)
+# splitted WIM
+>16	ulelong		&0x00000008		(SWM
+!:ext	swm
+# usPartNumber; 1, unless the file was split into multiple parts
+>>40	uleshort	x			\b %u
+# usTotalParts; The total number of WIM file parts in a spanned set
+>>42	uleshort	x			\b of %u) image
+# non splitted WIM
+>16	ulelong		^0x00000008
+# https://wimlib.net/man1/wimmount.html
+# solid WIMs; version 3584; usually contain LZMS-compressed and the .esd extension
+>>12	ulelong		3584			(ESD) image
+!:ext	esd
+>>12	ulelong		!3584			(WIM) image
+!:ext	wim
+>0	string/b	WLPWM\000\000\000	\b, wimlib pipable format
+# cbSize size of the WIM header in bytes like 208
+#>8	ulelong		x			\b, headersize %u
+# dwVersion version of the WIM file 00010d00h~1.13 00000e00h~0.14
+>14	uleshort	x			v%u
+>13	ubyte		x			\b.%u
+# dwImageCount; The number of images contained in the WIM file
+>44	ulelong		>1			\b, %u images
+# dwBootIndex
+# 1-based index of the bootable image of the WIM, or 0 if no image is bootable
+>0x78	ulelong		>0			\b, bootable no. %u
+# dwFlags
+#>16	ulelong		x			\b, flags 0x%8.8x
+#define FLAG_HEADER_COMPRESSION		0x00000002
+#define FLAG_HEADER_READONLY            0x00000004
+#define FLAG_HEADER_SPANNED		0x00000008
+#define FLAG_HEADER_RESOURCE_ONLY       0x00000010
+#define FLAG_HEADER_METADATA_ONLY       0x00000020
+#define FLAG_HEADER_WRITE_IN_PROGRESS   0x00000040
+#define FLAG_HEADER_RP_FIX		0x00000080 reparse point fixup
+#define FLAG_HEADER_COMPRESS_RESERVED   0x00010000
+#define FLAG_HEADER_COMPRESS_XPRESS     0x00020000
+#define FLAG_HEADER_COMPRESS_LZX	0x00040000
+#define FLAG_HEADER_COMPRESS_LZMS	0x00080000
+#define FLAG_HEADER_COMPRESS_XPRESS2    0x00100000 wimlib-1.13.0\include\wimlib\header.h 
+# XPRESS, with small chunk size
+>16	ulelong		&0x00100000		\b, XPRESS2
+>16	ulelong		&0x00080000		\b, LZMS
+>16	ulelong		&0x00040000		\b, LZX
+>16	ulelong		&0x00020000		\b, XPRESS
+>16	ulelong		&0x00000002		compressed
+>16	ulelong		&0x00000004		\b, read only
+>16	ulelong		&0x00000010		\b, resource only
+>16	ulelong		&0x00000020		\b, metadata only
+>16	ulelong		&0x00000080		\b, reparse point fixup
+#>16	ulelong		&0x00010000		\b, RESERVED
+# dwCompressionSize; Uncompressed chunk size for resources or 0 if uncompressed
+#>20	ulelong		>0			\b, chunk size %u bytes
+# gWIMGuid
+#>24	ubequad		x			\b, GUID 0x%16.16llx
+#>>32	ubequad		x			\b%16.16llx
+# rhOffsetTable; the location of the resource lookup table
+# wim_reshdr_disk[24]= u8 size_in_wim[7] + u8 flags + le64 offset_in_wim + le64 uncompressed_size
+#>48	ubequad		x			\b, rhOffsetTable 0x%16.16llx
+# rhXmlData; the location of the XML data
+#>0x50	ulelong		x			\b, at 0x%8.8x
+# NOT WORKING \xff\xfe<\0W\0I\0M\0
+#>(0x50.l)	ubequad	x			\b, xml=%16.16llx
+# rhBootMetadata; the location of the metadata resource
+#>0x60	ubequad		x			\b, rhBootMetadata 0x%16.16llx
+# rhIntegrity; the location of integrity table used to verify files
+#>0x7c	ubequad		x			\b, rhIntegrity 0x%16.16llx
+# Unused[60]
+#>148	ubequad		!0			\b,unused 0x%16.16llx
+#
+
 
 #------------------------------------------------------------------------------
 # $File: wireless,v 1.2 2009/09/19 16:28:13 christos Exp $
@@ -26642,7 +29503,7 @@
 >4	belong	19	(Version 1)
 
 #------------------------------------------------------------------------------
-# $File: wordprocessors,v 1.19 2015/10/16 15:11:07 christos Exp $
+# $File: wordprocessors,v 1.20 2019/04/19 00:42:27 christos Exp $
 # wordprocessors:  file(1) magic fo word processors.
 #
 ####### PWP file format used on Smith Corona Personal Word Processors:
@@ -26852,7 +29713,7 @@
 >5      string          >\0             version %s
 0       string          \\1cw           ChiWriter file
 
-# Quark Express from http://www.garykessler.net/library/file_sigs.html
+# Quark Express from https://www.garykessler.net/library/file_sigs.html
 2	string	IIXPR3			Intel Quark Express Document (English)
 2	string	IIXPRa			Intel Quark Express Document (Korean)
 2	string	MMXPR3			Motorola Quark Express Document (English)
@@ -26904,11 +29765,11 @@
 0	ulelong&0x8080FFFF	0x00001204	gfxboot compiled html help file
 
 #------------------------------------------------------------------------------
-# $File: wsdl,v 1.3 2013/02/06 14:18:52 christos Exp $
-# wsdl: PHP WSDL Cache, http://www.php.net/manual/en/book.soap.php
+# $File: wsdl,v 1.5 2019/04/19 00:42:27 christos Exp $
+# wsdl: PHP WSDL Cache, https://www.php.net/manual/en/book.soap.php
 # Cache format extracted from source:
-# http://svn.php.net/viewvc/php/php-src/trunk/ext/soap/php_sdl.c?revision=HEAD&view=markup
-# Requires file >= 5.05, see http://mx.gw.com/pipermail/file/2010/000683.html
+# https://svn.php.net/viewvc/php/php-src/trunk/ext/soap/php_sdl.c?revision=HEAD&view=markup
+# Requires file >= 5.05
 # By Elan Ruusamae <glen@delfi.ee>, Patryk Zawadzki <patrys@pld-linux.org>, 2010-2011
 0		string		wsdl		PHP WSDL cache,
 >4		byte		x		version 0x%02x
@@ -27127,7 +29988,7 @@
 >6	leshort&0x0003	=0x0003			alignment 256
 
 #------------------------------------------------------------------------------
-# $File: xwindows,v 1.10 2017/03/17 21:35:28 christos Exp $
+# $File: xwindows,v 1.11 2019/04/19 00:42:27 christos Exp $
 # xwindows:  file(1) magic for various X/Window system file formats.
 
 # Compiled X Keymap
@@ -27154,8 +30015,8 @@
 
 # Xcursor data
 # X11 mouse cursor format defined in libXcursor, see
-# http://www.x.org/archive/X11R6.8.1/doc/Xcursor.3.html
-# http://cgit.freedesktop.org/xorg/lib/libXcursor/tree/include/X11/Xcursor/Xcursor.h
+# https://www.x.org/archive/X11R6.8.1/doc/Xcursor.3.html
+# https://cgit.freedesktop.org/xorg/lib/libXcursor/tree/include/X11/Xcursor/Xcursor.h
 0	string		Xcur		Xcursor data
 !:mime	image/x-xcursor
 >10	leshort		x		version %d
@@ -27163,8 +30024,8 @@
 
 
 #------------------------------------------------------------------------------
-# $File: yara,v 1.2 2017/05/25 20:07:23 christos Exp $
-# yara:  file(1) magic for http://virustotal.github.io/yara/
+# $File: yara,v 1.3 2019/04/19 00:42:27 christos Exp $
+# yara:  file(1) magic for https://virustotal.github.io/yara/
 #
 
 0	string	YARA
@@ -27286,14 +30147,14 @@
 0	long		0xe809		separate object file (z8000 a.out)
 0	long		0xe805		overlay object file (z8000 a.out)
 #------------------------------------------------------------------------------
-# $File: zip,v 1.1 2017/11/03 23:36:17 christos Exp $
+# $File: zip,v 1.2 2019/04/09 18:34:15 christos Exp $
 # zip:  file(1) magic for zip files; this is not use
 # Note the version of magic in archive is currently stronger, this is
 # just an example until negative offsets are supported better
 
 # Zip Central Cirectory record
 0	name		zipcd
->0	string		PK\001\002
+>0	string		PK\001\002	Zip archive data
 >>4	leshort		x		\b, made by
 >>4	use		zipversion
 >>6	leshort		x		\b, extract using at least
@@ -27340,7 +30201,7 @@
 >>0	leshort		x		v?[%#x]
 
 # Zip End Of Central Directory record
--22	string		PK\005\006	Zip archive data
+-22	string		PK\005\006
 #>4	leshort		>1		\b, %d disks
 #>6	leshort		>1		\b, central directory disk %d
 #>8	leshort		>1		\b, %d central directories on this disk
diff --git a/msys2/usr/share/makepkg/integrity.sh b/msys2/usr/share/makepkg/integrity.sh
new file mode 100644
index 000000000..762937a22
--- /dev/null
+++ b/msys2/usr/share/makepkg/integrity.sh
@@ -0,0 +1,45 @@
+#!/usr/bin/bash
+#
+#   integrity.sh - functions relating to source integrity checking
+#
+#   Copyright (c) 2011-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_INTEGRITY_SH" ]] && return
+LIBMAKEPKG_INTEGRITY_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+
+for lib in "$LIBRARY/integrity/"*.sh; do
+	source "$lib"
+done
+
+check_source_integrity() {
+	if (( SKIPCHECKSUMS && SKIPPGPCHECK )); then
+		warning "$(gettext "Skipping all source file integrity checks.")"
+	elif (( SKIPCHECKSUMS )); then
+		warning "$(gettext "Skipping verification of source file checksums.")"
+		check_pgpsigs "$@"
+	elif (( SKIPPGPCHECK )); then
+		warning "$(gettext "Skipping verification of source file PGP signatures.")"
+		check_checksums "$@"
+	else
+		check_checksums "$@"
+		check_pgpsigs "$@"
+	fi
+}
diff --git a/msys2/usr/share/makepkg/integrity/generate_checksum.sh b/msys2/usr/share/makepkg/integrity/generate_checksum.sh
new file mode 100644
index 000000000..505c5c671
--- /dev/null
+++ b/msys2/usr/share/makepkg/integrity/generate_checksum.sh
@@ -0,0 +1,102 @@
+#!/usr/bin/bash
+#
+#   generate_checksum.sh - functions for generating source checksums
+#
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_INTEGRITY_GENERATE_CHECKSUM_SH" ]] && return
+LIBMAKEPKG_INTEGRITY_GENERATE_CHECKSUM_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/pkgbuild.sh"
+
+generate_one_checksum() {
+	local integ=$1 arch=$2 sources numsrc indentsz idx
+
+	if [[ $arch ]]; then
+		array_build sources "source_$arch"
+	else
+		array_build sources 'source'
+	fi
+
+	numsrc=${#sources[*]}
+	if (( numsrc == 0 )); then
+		return
+	fi
+
+	if [[ $arch ]]; then
+		printf "%ssums_%s=(%n" "$integ" "$arch" indentsz
+	else
+		printf "%ssums=(%n" "$integ" indentsz
+	fi
+
+	for (( idx = 0; idx < numsrc; ++idx )); do
+		local netfile=${sources[idx]}
+		local proto sum
+		proto="$(get_protocol "$netfile")"
+
+		case $proto in
+			bzr*|git*|hg*|svn*)
+				sum="SKIP"
+				;;
+			*)
+				if [[ ${netfile%%::*} != *.@(sig?(n)|asc) ]]; then
+					local file
+					file="$(get_filepath "$netfile")" || missing_source_file "$netfile"
+					sum="$("${integ}sum" "$file")"
+					sum=${sum%% *}
+				else
+					sum="SKIP"
+				fi
+				;;
+		esac
+
+		# indent checksum on lines after the first
+		printf "%*s%s" $(( idx ? indentsz : 0 )) '' "'$sum'"
+
+		# print a newline on lines before the last
+		(( idx < (numsrc - 1) )) && echo
+	done
+
+	echo ")"
+}
+
+generate_checksums() {
+	msg "$(gettext "Generating checksums for source files...")"
+
+	local integlist
+	if (( $# == 0 )); then
+		IFS=$'\n' read -rd '' -a integlist < <(get_integlist)
+	else
+		integlist=("$@")
+	fi
+
+	local integ
+	for integ in "${integlist[@]}"; do
+		if ! in_array "$integ" "${known_hash_algos[@]}"; then
+			error "$(gettext "Invalid integrity algorithm '%s' specified.")" "$integ"
+			exit 1 # $E_CONFIG_ERROR
+		fi
+
+		generate_one_checksum "$integ"
+		for a in "${arch[@]}"; do
+			generate_one_checksum "$integ" "$a"
+		done
+	done
+}
diff --git a/msys2/usr/share/makepkg/integrity/generate_signature.sh b/msys2/usr/share/makepkg/integrity/generate_signature.sh
new file mode 100644
index 000000000..608ac7689
--- /dev/null
+++ b/msys2/usr/share/makepkg/integrity/generate_signature.sh
@@ -0,0 +1,74 @@
+#!/usr/bin/bash
+#
+#   generate_signature.sh - functions for generating PGP signatures
+#
+#   Copyright (c) 2008-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_INTEGRITY_GENERATE_SIGNATURE_SH" ]] && return
+LIBMAKEPKG_INTEGRITY_GENERATE_SIGNATURE_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+
+create_signature() {
+	local ret=0
+	local filename="$1"
+
+	local SIGNWITHKEY=""
+	if [[ -n $GPGKEY ]]; then
+		SIGNWITHKEY="-u ${GPGKEY}"
+	fi
+
+	gpg --detach-sign --use-agent ${SIGNWITHKEY} --no-armor "$filename" &>/dev/null || ret=$?
+
+
+	if (( ! ret )); then
+		msg2 "$(gettext "Created signature file %s.")" "${filename##*/}.sig"
+	else
+		warning "$(gettext "Failed to sign package file.")"
+	fi
+
+	return $ret
+}
+
+create_package_signatures() {
+	if [[ $SIGNPKG != 'y' ]]; then
+		return 0
+	fi
+	local pkg pkgarch pkg_file
+	local fullver=$(get_full_version)
+
+	msg "$(gettext "Signing package(s)...")"
+
+	for pkg in "${pkgname[@]}"; do
+		pkgarch=$(get_pkg_arch $pkg)
+		pkg_file="$PKGDEST/${pkg}-${fullver}-${pkgarch}${PKGEXT}"
+
+		create_signature "$pkg_file"
+	done
+
+	# check if debug package needs a signature
+	if check_option "debug" "y" && check_option "strip" "y"; then
+		pkg=$pkgbase-debug
+		pkgarch=$(get_pkg_arch)
+		pkg_file="$PKGDEST/${pkg}-${fullver}-${pkgarch}${PKGEXT}"
+		if [[ -f $pkg_file ]]; then
+			create_signature "$pkg_file"
+		fi
+	fi
+}
diff --git a/msys2/usr/share/makepkg/integrity/verify_checksum.sh b/msys2/usr/share/makepkg/integrity/verify_checksum.sh
new file mode 100644
index 000000000..d17577632
--- /dev/null
+++ b/msys2/usr/share/makepkg/integrity/verify_checksum.sh
@@ -0,0 +1,130 @@
+#!/usr/bin/bash
+#
+#   verify_checksum.sh - functions for checking source checksums
+#
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_INTEGRITY_VERIFY_CHECKSUM_SH" ]] && return
+LIBMAKEPKG_INTEGRITY_CHECKSUM_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/pkgbuild.sh"
+
+check_checksums() {
+	local integ a
+	declare -A correlation
+	(( SKIPCHECKSUMS )) && return 0
+
+	# Initialize a map which we'll use to verify that every source array has at
+	# least some kind of checksum array associated with it.
+	(( ${#source[*]} )) && correlation['source']=1
+	case $1 in
+		all)
+			for a in "${arch[@]}"; do
+				array_build _ source_"$a" && correlation["source_$a"]=1
+			done
+			;;
+		*)
+			array_build _ source_"$CARCH" && correlation["source_$CARCH"]=1
+			;;
+	esac
+
+	for integ in "${known_hash_algos[@]}"; do
+		verify_integrity_sums "$integ" && unset "correlation[source]"
+
+		case $1 in
+			all)
+				for a in "${arch[@]}"; do
+					verify_integrity_sums "$integ" "$a" && unset "correlation[source_$a]"
+				done
+				;;
+			*)
+				verify_integrity_sums "$integ" "$CARCH" && unset "correlation[source_$CARCH]"
+				;;
+		esac
+	done
+
+	if (( ${#correlation[*]} )); then
+		error "$(gettext "Integrity checks are missing for: %s")" "${!correlation[*]}"
+		exit 1 # TODO: error code
+	fi
+}
+
+verify_integrity_one() {
+	local source_name=$1 integ=$2 expectedsum=$3
+
+	local file="$(get_filename "$source_name")"
+	printf '    %s ... ' "$file" >&2
+
+	if [[ $expectedsum = 'SKIP' ]]; then
+		printf '%s\n' "$(gettext "Skipped")" >&2
+		return
+	fi
+
+	if ! file="$(get_filepath "$file")"; then
+		printf '%s\n' "$(gettext "NOT FOUND")" >&2
+		return 1
+	fi
+
+	local realsum="$("${integ}sum" "$file")"
+	realsum="${realsum%% *}"
+	if [[ ${expectedsum,,} = "$realsum" ]]; then
+		printf '%s\n' "$(gettext "Passed")" >&2
+	else
+		printf '%s\n' "$(gettext "FAILED")" >&2
+		return 1
+	fi
+
+	return 0
+}
+
+verify_integrity_sums() {
+	local integ=$1 arch=$2 integrity_sums=() sources=() srcname
+
+	if [[ $arch ]]; then
+		array_build integrity_sums "${integ}sums_$arch"
+		srcname=source_$arch
+	else
+		array_build integrity_sums "${integ}sums"
+		srcname=source
+	fi
+
+	array_build sources "$srcname"
+	if (( ${#integrity_sums[@]} == 0 && ${#sources[@]} == 0 )); then
+		return 1
+	fi
+
+	if (( ${#integrity_sums[@]} == ${#sources[@]} )); then
+		msg "$(gettext "Validating %s files with %s...")" "$srcname" "${integ}sums"
+		local idx errors=0
+		for (( idx = 0; idx < ${#sources[*]}; idx++ )); do
+			verify_integrity_one "${sources[idx]}" "$integ" "${integrity_sums[idx]}" || errors=1
+		done
+
+		if (( errors )); then
+			error "$(gettext "One or more files did not pass the validity check!")"
+			exit 1 # TODO: error code
+		fi
+	elif (( ${#integrity_sums[@]} )); then
+		error "$(gettext "Integrity checks (%s) differ in size from the source array.")" "$integ"
+		exit 1 # TODO: error code
+	else
+		return 1
+	fi
+}
diff --git a/msys2/usr/share/makepkg/integrity/verify_signature.sh b/msys2/usr/share/makepkg/integrity/verify_signature.sh
new file mode 100644
index 000000000..5e2399726
--- /dev/null
+++ b/msys2/usr/share/makepkg/integrity/verify_signature.sh
@@ -0,0 +1,271 @@
+#!/usr/bin/bash
+#
+#   verify_signature.sh - functions for checking PGP signatures
+#
+#   Copyright (c) 2011-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_INTEGRITY_VERIFY_SIGNATURE_SH" ]] && return
+LIBMAKEPKG_INTEGRITY_VERIFY_SIGNATURE_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/pkgbuild.sh"
+
+check_pgpsigs() {
+	(( SKIPPGPCHECK )) && return 0
+	! source_has_signatures && return 0
+
+	msg "$(gettext "Verifying source file signatures with %s...")" "gpg"
+
+	local netfile proto pubkey success status fingerprint trusted
+	local warnings=0
+	local errors=0
+	local statusfile=$(mktemp)
+	local all_sources
+
+	case $1 in
+		all)
+			get_all_sources 'all_sources'
+			;;
+		*)
+			get_all_sources_for_arch 'all_sources'
+			;;
+	esac
+	for netfile in "${all_sources[@]}"; do
+		proto="$(get_protocol "$netfile")"
+
+		if [[ $proto = git* ]]; then
+			verify_git_signature "$netfile" "$statusfile" || continue
+		else
+			verify_file_signature "$netfile" "$statusfile" || continue
+		fi
+
+		# these variables are assigned values in parse_gpg_statusfile
+		success=0
+		status=
+		pubkey=
+		fingerprint=
+		trusted=
+		parse_gpg_statusfile "$statusfile"
+		if (( ! $success )); then
+			printf '%s' "$(gettext "FAILED")" >&2
+			case "$status" in
+				"missingkey")
+					printf ' (%s)' "$(gettext "unknown public key") $pubkey" >&2
+					;;
+				"revokedkey")
+					printf " ($(gettext "public key %s has been revoked"))" "$pubkey" >&2
+					;;
+				"bad")
+					printf ' (%s)' "$(gettext "bad signature from public key") $pubkey" >&2
+					;;
+				"error")
+					printf ' (%s)' "$(gettext "error during signature verification")" >&2
+					;;
+			esac
+			errors=1
+		else
+			if (( ${#validpgpkeys[@]} == 0 && !trusted )); then
+				printf "%s ($(gettext "the public key %s is not trusted"))" $(gettext "FAILED") "$fingerprint" >&2
+				errors=1
+			elif (( ${#validpgpkeys[@]} > 0 )) && ! in_array "$fingerprint" "${validpgpkeys[@]}"; then
+				printf "%s (%s %s)" "$(gettext "FAILED")" "$(gettext "invalid public key")" "$fingerprint" >&2
+				errors=1
+			else
+				printf '%s' "$(gettext "Passed")" >&2
+				case "$status" in
+					"expired")
+						printf ' (%s)' "$(gettext "WARNING:") $(gettext "the signature has expired.")" >&2
+						warnings=1
+						;;
+					"expiredkey")
+						printf ' (%s)' "$(gettext "WARNING:") $(gettext "the key has expired.")" >&2
+						warnings=1
+						;;
+				esac
+			fi
+		fi
+		printf '\n' >&2
+	done
+
+	rm -f "$statusfile"
+
+	if (( errors )); then
+		error "$(gettext "One or more PGP signatures could not be verified!")"
+		exit 1
+	fi
+
+	if (( warnings )); then
+		warning "$(gettext "Warnings have occurred while verifying the signatures.")"
+		plain "$(gettext "Please make sure you really trust them.")"
+	fi
+}
+
+verify_file_signature() {
+	local netfile="$1" statusfile="$2"
+	local file ext decompress found sourcefile
+
+	file="$(get_filename "$netfile")"
+	if [[ $file != *.@(sig?(n)|asc) ]]; then
+		return 1
+	fi
+
+	printf "    %s ... " "${file%.*}" >&2
+
+	if ! file="$(get_filepath "$netfile")"; then
+		printf '%s\n' "$(gettext "SIGNATURE NOT FOUND")" >&2
+		errors=1
+		return 1
+	fi
+
+	found=0
+	for ext in "" gz bz2 xz lrz lzo Z; do
+		if sourcefile="$(get_filepath "${file%.*}${ext:+.$ext}")"; then
+			found=1
+			break;
+		fi
+	done
+	if (( ! found )); then
+		printf '%s\n' "$(gettext "SOURCE FILE NOT FOUND")" >&2
+		errors=1
+		return 1
+	fi
+
+	case "$ext" in
+		gz)  decompress="gzip -c -d -f" ;;
+		bz2) decompress="bzip2 -c -d -f" ;;
+		xz)  decompress="xz -c -d" ;;
+		lrz) decompress="lrzip -q -d" ;;
+		lzo) decompress="lzop -c -d -q" ;;
+		Z)   decompress="uncompress -c -f" ;;
+		"")  decompress="cat" ;;
+	esac
+
+	$decompress < "$sourcefile" | gpg --quiet --batch --status-file "$statusfile" --verify "$file" - 2> /dev/null
+	return 0
+}
+
+verify_git_signature() {
+	local netfile=$1 statusfile=$2
+	local dir fragment query fragtype fragval
+
+	dir=$(get_filepath "$netfile")
+	fragment=$(get_uri_fragment "$netfile")
+	query=$(get_uri_query "$netfile")
+
+	if [[ $query != signed ]]; then
+		return 1
+	fi
+
+	case ${fragment%%=*} in
+		tag)
+			fragtype=tag
+			fragval=${fragment##*=}
+			;;
+		commit|branch)
+			fragtype=commit
+			fragval=${fragment##*=}
+			;;
+		'')
+			fragtype=commit
+			fragval=HEAD
+	esac
+
+	printf "    %s git repo ... " "${dir##*/}" >&2
+
+	git -C "$dir" verify-$fragtype --raw "$fragval" > "$statusfile" 2>&1
+	if ! grep -qs NEWSIG "$statusfile"; then
+		printf '%s\n' "$(gettext "SIGNATURE NOT FOUND")" >&2
+		errors=1
+		return 1
+	fi
+	return 0
+}
+
+parse_gpg_statusfile() {
+	local type arg1 arg6 arg10
+
+	while read -r _ type arg1 _ _ _ _ arg6 _ _ _ arg10 _; do
+		case "$type" in
+			GOODSIG)
+				pubkey=$arg1
+				success=1
+				status="good"
+				;;
+			EXPSIG)
+				pubkey=$arg1
+				success=1
+				status="expired"
+				;;
+			EXPKEYSIG)
+				pubkey=$arg1
+				success=1
+				status="expiredkey"
+				;;
+			REVKEYSIG)
+				pubkey=$arg1
+				success=0
+				status="revokedkey"
+				;;
+			BADSIG)
+				pubkey=$arg1
+				success=0
+				status="bad"
+				;;
+			ERRSIG)
+				pubkey=$arg1
+				success=0
+				if [[ $arg6 == 9 ]]; then
+					status="missingkey"
+				else
+					status="error"
+				fi
+				;;
+			VALIDSIG)
+				if [[ $arg10 ]]; then
+					# If the file was signed with a subkey, arg10 contains
+					# the fingerprint of the primary key
+					fingerprint=$arg10
+				else
+					fingerprint=$arg1
+				fi
+				;;
+			TRUST_UNDEFINED|TRUST_NEVER)
+				trusted=0
+				;;
+			TRUST_MARGINAL|TRUST_FULLY|TRUST_ULTIMATE)
+				trusted=1
+				;;
+		esac
+	done < "$1"
+}
+
+source_has_signatures() {
+	local netfile all_sources proto
+
+	get_all_sources_for_arch 'all_sources'
+	for netfile in "${all_sources[@]}"; do
+		proto="$(get_protocol "$netfile")"
+		query=$(get_uri_query "$netfile")
+
+		if [[ ${netfile%%::*} = *.@(sig?(n)|asc) || ( $proto = git* && $query = signed ) ]]; then
+			return 0
+		fi
+	done
+	return 1
+}
diff --git a/msys2/usr/share/makepkg/lint_config.sh b/msys2/usr/share/makepkg/lint_config.sh
new file mode 100644
index 000000000..bad68bcb3
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_config.sh
@@ -0,0 +1,46 @@
+#!/usr/bin/bash
+#
+#   lint_config.sh - functions for checking for makepkg.conf errors
+#
+#   Copyright (c) 2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_CONFIG_SH" ]] && return
+LIBMAKEPKG_LINT_CONFIG_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/util.sh"
+
+
+declare -a lint_config_functions
+
+for lib in "$LIBRARY/lint_config/"*.sh; do
+	source "$lib"
+done
+
+readonly -a lint_config_functions
+
+
+lint_config() {
+	local ret=0
+
+	for func in ${lint_config_functions[@]}; do
+		$func || ret=1
+	done
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_config/paths.sh b/msys2/usr/share/makepkg/lint_config/paths.sh
new file mode 100644
index 000000000..02fee87df
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_config/paths.sh
@@ -0,0 +1,46 @@
+#!/usr/bin/bash
+#
+#   paths.sh - Check that pathname components do not contain odd characters
+#
+#   Copyright (c) 2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_CONFIG_PATHS_SH" ]] && return
+LIBMAKEPKG_LINT_CONFIG_PATHS_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/pkgbuild.sh"
+
+lint_config_functions+=('lint_paths')
+
+
+lint_paths() {
+	local pathvars=(BUILDDIR PKGDEST SRCDEST SRCPKGDEST LOGDEST PKGEXT SRCEXT)
+
+	local i ret=0
+
+	for i in ${pathvars[@]}; do
+		if [[ ${!i} = *$'\n'* ]]; then
+			error "$(gettext "%s contains invalid characters: '%s'")" \
+					"$i" "${!i//[^$'\n']}"
+			ret=1
+		fi
+	done
+
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_config/variable.sh b/msys2/usr/share/makepkg/lint_config/variable.sh
new file mode 100644
index 000000000..5def87c0f
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_config/variable.sh
@@ -0,0 +1,64 @@
+#!/usr/bin/bash
+#
+#   variable.sh - Check that variables are or are not arrays as appropriate
+#
+#   Copyright (c) 2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_CONFIG_VARIABLE_SH" ]] && return
+LIBMAKEPKG_LINT_CONFIG_VARIABLE_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+
+lint_config_functions+=('lint_config_variables')
+
+
+lint_config_variables() {
+	local array=(DLAGENTS VCSCLIENTS BUILDENV OPTIONS INTEGRITY_CHECK MAN_DIRS
+	             DOC_DIRS PURGE_TARGETS COMPRESSGZ COMPRESSBZ2 COMPRESSXZ
+	             COMPRESSLRZ COMPRESSLZO COMPRESSZ)
+	local string=(CARCH CHOST CPPFLAGS CFLAGS CXXFLAGS LDFLAGS DEBUG_CFLAGS
+	              DEBUG_CXXFLAGS DISTCC_HOSTS BUILDDIR STRIP_BINARIES STRIP_SHARED
+	              STRIP_STATIC PKGDEST SRCDEST SRCPKGDEST LOGDEST PACKAGER GPGKEY
+	              PKGEXT SRCEXT)
+
+	local i keys ret=0
+
+	# global variables
+	for i in ${array[@]}; do
+		eval "keys=(\"\${!$i[@]}\")"
+		if (( ${#keys[*]} > 0 )); then
+			if ! is_array $i; then
+				error "$(gettext "%s should be an array")" "$i"
+				ret=1
+			fi
+		fi
+	done
+
+	for i in ${string[@]}; do
+		eval "keys=(\"\${!$i[@]}\")"
+		if (( ${#keys[*]} > 0 )); then
+			if is_array $i; then
+				error "$(gettext "%s should not be an array")" "$i"
+				ret=1
+			fi
+		fi
+	done
+
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_package.sh b/msys2/usr/share/makepkg/lint_package.sh
index a125f878a..62b3580e3 100644
--- a/msys2/usr/share/makepkg/lint_package.sh
+++ b/msys2/usr/share/makepkg/lint_package.sh
@@ -2,7 +2,7 @@
 #
 #   lint_package.sh - functions for checking for packaging errors
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -38,9 +38,11 @@ readonly -a lint_package_functions
 
 lint_package() {
 	cd_safe "$pkgdir"
-	msg "$(gettext "Checking for packaging issue...")"
+	msg "$(gettext "Checking for packaging issues...")"
 
+	local ret=0
 	for func in ${lint_package_functions[@]}; do
-		$func
+		$func || ret=1
 	done
+	return $ret
 }
diff --git a/msys2/usr/share/makepkg/lint_package/build_references.sh b/msys2/usr/share/makepkg/lint_package/build_references.sh
index 8e9ac4a62..60f9a860b 100644
--- a/msys2/usr/share/makepkg/lint_package/build_references.sh
+++ b/msys2/usr/share/makepkg/lint_package/build_references.sh
@@ -2,7 +2,7 @@
 #
 #   build_references.sh - Warn about files containing references to build directories
 #
-#   Copyright (c) 2013-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2013-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -25,16 +25,18 @@ LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
 
 source "$LIBRARY/util/message.sh"
 
-
 lint_package_functions+=('warn_build_references')
 
 warn_build_references() {
-	if find "${pkgdir}" -type f -print0 | xargs -0 grep -q -I "${srcdir}" ; then
-		warning "$(gettext "Package contains reference to %s")" "\$srcdir"
-	fi
-	if find "${pkgdir}" -type f -print0 | xargs -0 grep -q -I "${pkgdirbase}" ; then
-		warning "$(gettext "Package contains reference to %s")" "\$pkgdir"
-	fi
+	local refs
+
+	for var in srcdir pkgdir; do
+		mapfile -t refs < <(find "$pkgdir" -type f -exec grep -l "${!var}" {} +)
+		if  (( ${#refs} > 0 )); then
+			warning "$(gettext 'Package contains reference to %s')" "\$$var"
+			printf '%s\n' "${refs[@]#"$pkgdir/"}" >&2
+		fi
+	done
 
 	# Check for Windows-style MSYS2 root path
 	if find "${pkgdir}" -type f -print0 | xargs -0 grep -iFqI "$(cygpath -m /)" ; then
@@ -43,4 +45,5 @@ warn_build_references() {
 	if find "${pkgdir}" -type f -print0 | xargs -0 grep -iFqI "$(cygpath -w /)" ; then
 		warning "$(gettext "Package contains reference to %s")" "\$(cygpath -w /)"
 	fi
+	return 0
 }
diff --git a/msys2/usr/share/makepkg/lint_package/dotfiles.sh b/msys2/usr/share/makepkg/lint_package/dotfiles.sh
new file mode 100644
index 000000000..fa625d7c3
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_package/dotfiles.sh
@@ -0,0 +1,38 @@
+#!/usr/bin/bash
+#
+#   dotfiles.sh - check for dotfiles in the package root
+#
+#   Copyright (c) 2016-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_PACKAGE_DOTFILES_SH" ]] && return
+LIBMAKEPKG_LINT_PACKAGE_DOTFILES_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+
+lint_package_functions+=('check_dotfiles')
+
+check_dotfiles() {
+	local ret=0
+	for f in "$pkgdir"/.*; do
+		[[ ${f##*/} == . || ${f##*/} == .. ]] && continue
+		error "$(gettext "Dotfile found in package root '%s'")" "$f"
+		ret=1
+	done
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_package/file_names.sh b/msys2/usr/share/makepkg/lint_package/file_names.sh
new file mode 100644
index 000000000..fcf255b0c
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_package/file_names.sh
@@ -0,0 +1,42 @@
+#!/usr/bin/bash
+#
+#   file_names.sh - check package file names
+#
+#   Copyright (c) 2016-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_PACKAGE_FILE_NAMES_SH" ]] && return
+LIBMAKEPKG_LINT_PACKAGE_FILE_NAMES_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+
+lint_package_functions+=('lint_file_names')
+
+lint_file_names() {
+	local ret=0 paths
+
+	# alpm's local database format does not support newlines in paths
+	mapfile -t paths < <(find "$pkgdir" -name \*$'\n'\*)
+	if  (( ${#paths} > 0 )); then
+		error "$(gettext 'Package contains paths with newlines')"
+		printf '%s\n' "${paths[@]}" >&2
+		ret=1
+	fi
+
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_package/missing_backup.sh b/msys2/usr/share/makepkg/lint_package/missing_backup.sh
index d6287fc8b..249032be2 100644
--- a/msys2/usr/share/makepkg/lint_package/missing_backup.sh
+++ b/msys2/usr/share/makepkg/lint_package/missing_backup.sh
@@ -2,7 +2,7 @@
 #
 #   missing_backup.sh - Warn about missing files in the backup array
 #
-#   Copyright (c) 2013-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2013-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -35,4 +35,5 @@ warn_missing_backup() {
 			warning "$(gettext "%s entry file not in package : %s")" "backup" "$file"
 		fi
 	done
+	return 0
 }
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild.sh b/msys2/usr/share/makepkg/lint_pkgbuild.sh
index 8a7e791fa..5be6858f0 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild.sh
@@ -2,7 +2,7 @@
 #
 #   lint_pkgbuild.sh - functions for detecting PKGBUILD errors
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/arch.sh b/msys2/usr/share/makepkg/lint_pkgbuild/arch.sh
index 09085d6ea..281733734 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/arch.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/arch.sh
@@ -2,7 +2,7 @@
 #
 #   arch.sh - Check the 'arch' array conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/backup.sh b/msys2/usr/share/makepkg/lint_pkgbuild/backup.sh
index 775e3cb6c..e40b5f999 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/backup.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/backup.sh
@@ -2,7 +2,7 @@
 #
 #   backup.sh - Check the 'backup' array conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/changelog.sh b/msys2/usr/share/makepkg/lint_pkgbuild/changelog.sh
index a88ef42fd..abbd0e472 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/changelog.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/changelog.sh
@@ -2,7 +2,7 @@
 #
 #   changelog.sh - Check the files in the 'changelog' array exist.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/checkdepends.sh b/msys2/usr/share/makepkg/lint_pkgbuild/checkdepends.sh
new file mode 100644
index 000000000..c49d1fe1f
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/checkdepends.sh
@@ -0,0 +1,58 @@
+#!/usr/bin/bash
+#
+#   checkdepends.sh - Check the 'checkdepends' array conforms to requirements.
+#
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_PKGBUILD_CHECKDEPENDS_SH" ]] && return
+LIBMAKEPKG_LINT_PKGBUILD_CHECKDEPENDS_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/lint_pkgbuild/pkgname.sh"
+source "$LIBRARY/lint_pkgbuild/pkgver.sh"
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/pkgbuild.sh"
+
+
+lint_pkgbuild_functions+=('lint_checkdepends')
+
+
+lint_checkdepends() {
+	local checkdepends_list checkdepend name ver ret=0
+
+	get_pkgbuild_all_split_attributes checkdepends checkdepends_list
+
+	# this function requires extglob - save current status to restore later
+	local shellopts=$(shopt -p extglob)
+	shopt -s extglob
+
+	for checkdepend in "${checkdepends_list[@]}"; do
+		name=${checkdepend%%@(<|>|=|>=|<=)*}
+		# remove optional epoch in version specifier
+		ver=${checkdepend##$name@(<|>|=|>=|<=)?(+([0-9]):)}
+		lint_one_pkgname checkdepends "$name" || ret=1
+		if [[ $ver != $checkdepend ]]; then
+			# remove optional pkgrel in version specifier
+			check_pkgver "${ver%-+([0-9])?(.+([0-9]))}" checkdepends || ret=1
+		fi
+	done
+
+	eval "$shellopts"
+
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/conflicts.sh b/msys2/usr/share/makepkg/lint_pkgbuild/conflicts.sh
new file mode 100644
index 000000000..0d7f545dc
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/conflicts.sh
@@ -0,0 +1,58 @@
+#!/usr/bin/bash
+#
+#   conflicts.sh - Check the 'conflicts' array conforms to requirements.
+#
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_PKGBUILD_CONFLICTS_SH" ]] && return
+LIBMAKEPKG_LINT_PKGBUILD_CONFLICTS_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/lint_pkgbuild/pkgname.sh"
+source "$LIBRARY/lint_pkgbuild/pkgver.sh"
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/pkgbuild.sh"
+
+
+lint_pkgbuild_functions+=('lint_conflicts')
+
+
+lint_conflicts() {
+	local conflicts_list conflict name ver ret=0
+
+	get_pkgbuild_all_split_attributes conflicts conflicts_list
+
+	# this function requires extglob - save current status to restore later
+	local shellopts=$(shopt -p extglob)
+	shopt -s extglob
+
+	for conflict in "${conflicts_list[@]}"; do
+		name=${conflict%%@(<|>|=|>=|<=)*}
+		# remove optional epoch in version specifier
+		ver=${conflict##$name@(<|>|=|>=|<=)?(+([0-9]):)}
+		lint_one_pkgname conflicts "$name" || ret=1
+		if [[ $ver != $conflict ]]; then
+			# remove optional pkgrel in version specifier
+			check_pkgver "${ver%-+([0-9])?(.+([0-9]))}" conflicts || ret=1
+		fi
+	done
+
+	eval "$shellopts"
+
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/depends.sh b/msys2/usr/share/makepkg/lint_pkgbuild/depends.sh
new file mode 100644
index 000000000..fc988712f
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/depends.sh
@@ -0,0 +1,59 @@
+#!/usr/bin/bash
+#
+#   depends.sh - Check the 'depends' array conforms to requirements.
+#
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_PKGBUILD_DEPENDS_SH" ]] && return
+LIBMAKEPKG_LINT_PKGBUILD_DEPENDS_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/lint_pkgbuild/pkgname.sh"
+source "$LIBRARY/lint_pkgbuild/pkgver.sh"
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/pkgbuild.sh"
+
+
+lint_pkgbuild_functions+=('lint_depends')
+
+
+lint_depends() {
+	local depends_list depend name ver ret=0
+
+	get_pkgbuild_all_split_attributes depends depends_list
+
+	# this function requires extglob - save current status to restore later
+	local shellopts=$(shopt -p extglob)
+	shopt -s extglob
+
+	for depend in "${depends_list[@]}"; do
+		name=${depend%%@(<|>|=|>=|<=)*}
+		# remove optional epoch in version specifier
+		ver=${depend##$name@(<|>|=|>=|<=)?(+([0-9]):)}
+		lint_one_pkgname depends "$name" || ret=1
+		# Don't validate empty version because of https://bugs.archlinux.org/task/58776
+		if [[ $ver != $depend && -n $ver ]]; then
+			# remove optional pkgrel in version specifier
+			check_pkgver "${ver%-+([0-9])?(.+([0-9]))}" depends || ret=1
+		fi
+	done
+
+	eval "$shellopts"
+
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/epoch.sh b/msys2/usr/share/makepkg/lint_pkgbuild/epoch.sh
index 4c7f1cb36..0c15973aa 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/epoch.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/epoch.sh
@@ -2,7 +2,7 @@
 #
 #   epoch.sh - Check the 'epoch' variable conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/install.sh b/msys2/usr/share/makepkg/lint_pkgbuild/install.sh
index 4d0839e0f..76c83e953 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/install.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/install.sh
@@ -2,7 +2,7 @@
 #
 #   install.sh - Check the files in the 'install' array exist.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/makedepends.sh b/msys2/usr/share/makepkg/lint_pkgbuild/makedepends.sh
new file mode 100644
index 000000000..a2a1583b9
--- /dev/null
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/makedepends.sh
@@ -0,0 +1,58 @@
+#!/usr/bin/bash
+#
+#   makedepends.sh - Check the 'makedepends' array conforms to requirements.
+#
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_LINT_PKGBUILD_MAKEDEPENDS_SH" ]] && return
+LIBMAKEPKG_LINT_PKGBUILD_MAKEDEPENDS_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/lint_pkgbuild/pkgname.sh"
+source "$LIBRARY/lint_pkgbuild/pkgver.sh"
+source "$LIBRARY/util/message.sh"
+source "$LIBRARY/util/pkgbuild.sh"
+
+
+lint_pkgbuild_functions+=('lint_makedepends')
+
+
+lint_makedepends() {
+	local makedepends_list makedepend name ver ret=0
+
+	get_pkgbuild_all_split_attributes makedepends makedepends_list
+
+	# this function requires extglob - save current status to restore later
+	local shellopts=$(shopt -p extglob)
+	shopt -s extglob
+
+	for makedepend in "${makedepends_list[@]}"; do
+		name=${makedepend%%@(<|>|=|>=|<=)*}
+		# remove optional epoch in version specifier
+		ver=${makedepend##$name@(<|>|=|>=|<=)?(+([0-9]):)}
+		lint_one_pkgname makedepends "$name" || ret=1
+		if [[ $ver != $makedepend ]]; then
+			# remove optional pkgrel in version specifier
+			check_pkgver "${ver%-+([0-9])?(.+([0-9]))}" makedepends || ret=1
+		fi
+	done
+
+	eval "$shellopts"
+
+	return $ret
+}
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/optdepends.sh b/msys2/usr/share/makepkg/lint_pkgbuild/optdepends.sh
index 936e7fd96..c7f1c0e3a 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/optdepends.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/optdepends.sh
@@ -2,7 +2,7 @@
 #
 #   optdepends.sh - Check the 'optdepends' array conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -31,32 +31,22 @@ lint_pkgbuild_functions+=('lint_optdepends')
 
 
 lint_optdepends() {
-	local a list name optdepends_list ret=0
+	local optdepends_list optdepend name ver ret=0
 
-	optdepends_list=("${optdepends[@]}")
-	for a in "${arch[@]}"; do
-		array_build list "optdepends_$a"
-		optdepends_list+=("${list[@]}")
-	done
+	get_pkgbuild_all_split_attributes optdepends optdepends_list
 
-	for name in "${pkgname[@]}"; do
-		if extract_function_variable "package_$name" optdepends 1 list; then
-			optdepends_list+=("${list[@]}")
-		fi
+	# this function requires extglob - save current status to restore later
+	local shellopts=$(shopt -p extglob)
+	shopt -s extglob
 
-		for a in "${arch[@]}"; do
-			if extract_function_variable "package_$name" "optdepends_$a" 1 list; then
-				optdepends_list+=("${list[@]}")
-			fi
-		done
-	done
-
-	for name in "${optdepends_list[@]}"; do
-		local pkg=${name%%:[[:space:]]*}
-		# the '-' character _must_ be first or last in the character range
-		if [[ $pkg != +([-[:alnum:]><=.+_:]) ]]; then
-			error "$(gettext "Invalid syntax for %s: '%s'")" "optdepend" "$name"
-			ret=1
+	for optdepend in "${optdepends_list[@]%%:[[:space:]]*}"; do
+		name=${optdepend%%@(<|>|=|>=|<=)*}
+		# remove optional epoch in version specifier
+		ver=${optdepend##$name@(<|>|=|>=|<=)?(+([0-9]):)}
+		lint_one_pkgname optdepends "$name" || ret=1
+		if [[ $ver != $optdepend ]]; then
+			# remove optional pkgrel in version specifier
+			check_pkgver "${ver%-+([0-9])?(.+([0-9]))}" optdepends || ret=1
 		fi
 	done
 
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/options.sh b/msys2/usr/share/makepkg/lint_pkgbuild/options.sh
index 220039ae5..eebf5a421 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/options.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/options.sh
@@ -2,7 +2,7 @@
 #
 #   options.sh - Check the 'options' array conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/package_function.sh b/msys2/usr/share/makepkg/lint_pkgbuild/package_function.sh
index ae059ab54..adc250826 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/package_function.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/package_function.sh
@@ -2,7 +2,7 @@
 #
 #   package_function.sh - Check that required package functions exist.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/pkgbase.sh b/msys2/usr/share/makepkg/lint_pkgbuild/pkgbase.sh
index 8ad80a89f..b670d3e5e 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/pkgbase.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/pkgbase.sh
@@ -2,7 +2,7 @@
 #
 #   pkgbase.sh - Check the 'pkgbase' variable conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -23,6 +23,7 @@ LIBMAKEPKG_LINT_PKGBUILD_PKGBASE_SH=1
 
 LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
 
+source "$LIBRARY/lint_pkgbuild/pkgname.sh"
 source "$LIBRARY/util/message.sh"
 
 
@@ -30,21 +31,9 @@ lint_pkgbuild_functions+=('lint_pkgbase')
 
 
 lint_pkgbase() {
-	local ret=0
-
-	if [[ ${pkgbase:0:1} = "-" ]]; then
-		error "$(gettext "%s is not allowed to start with a hyphen.")" "pkgname"
-		return 1
-	fi
-	if [[ ${pkgbase:0:1} = "." ]]; then
-		error "$(gettext "%s is not allowed to start with a dot.")" "pkgbase"
-		ret=1
-	fi
-	if [[ $pkgbase = *[^[:alnum:]+_.@-]* ]]; then
-		error "$(gettext "%s contains invalid characters: '%s'")" \
-				'pkgbase' "${i//[[:alnum:]+_.@-]}"
-		ret=1
+	if [[ -z $pkgbase ]]; then
+		return 0
 	fi
 
-	return $ret
+	lint_one_pkgname "pkgbase" "$pkgbase"
 }
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/pkglist.sh b/msys2/usr/share/makepkg/lint_pkgbuild/pkglist.sh
index 71af2d1b1..ea78bfe62 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/pkglist.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/pkglist.sh
@@ -2,7 +2,7 @@
 #
 #   pkglist.sh - Check the packages selected to build exist.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/pkgname.sh b/msys2/usr/share/makepkg/lint_pkgbuild/pkgname.sh
index 3903dcb00..10792d8cd 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/pkgname.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/pkgname.sh
@@ -2,7 +2,7 @@
 #
 #   pkgname.sh - Check the 'pkgname' variable conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -29,29 +29,42 @@ source "$LIBRARY/util/message.sh"
 lint_pkgbuild_functions+=('lint_pkgname')
 
 
-lint_pkgname() {
-	local ret=0 i
+lint_one_pkgname() {
+	local type=$1 name=$2 ret=0
 
-	for i in "${pkgname[@]}"; do
-		if [[ -z $i ]]; then
-			error "$(gettext "%s is not allowed to be empty.")" "pkgname"
-			ret=1
-			continue
-		fi
-		if [[ ${i:0:1} = "-" ]]; then
-			error "$(gettext "%s is not allowed to start with a hyphen.")" "pkgname"
-			ret=1
-		fi
-		if [[ ${i:0:1} = "." ]]; then
-			error "$(gettext "%s is not allowed to start with a dot.")" "pkgname"
-			ret=1
-		fi
-		if [[ $i = *[^[:alnum:]+_.@-]* ]]; then
-			error "$(gettext "%s contains invalid characters: '%s'")" \
-					'pkgname' "${i//[[:alnum:]+_.@-]}"
-			ret=1
-		fi
-	done
+
+	if [[ -z $name ]]; then
+		error "$(gettext "%s is not allowed to be empty.")" "$type"
+		return 1
+	fi
+	if [[ ${name:0:1} = "-" ]]; then
+		error "$(gettext "%s is not allowed to start with a hyphen.")" "$type"
+		ret=1
+	fi
+	if [[ ${name:0:1} = "." ]]; then
+		error "$(gettext "%s is not allowed to start with a dot.")" "$type"
+		ret=1
+	fi
+	if [[ $name = *[^[:alnum:]+_.@-]* ]]; then
+		error "$(gettext "%s contains invalid characters: '%s'")" \
+				"$type" "${name//[[:alnum:]+_.@-]}"
+		ret=1
+	fi
+
+	return $ret
+}
+
+lint_pkgname() {
+	local ret=0 i
+
+	if [[ -z ${pkgname[@]} ]]; then
+		error "$(gettext "%s is not allowed to be empty.")" "pkgname"
+		ret=1
+	else
+		for i in "${pkgname[@]}"; do
+			lint_one_pkgname "pkgname" "$i" || ret=1
+		done
+	fi
 
 	return $ret
 }
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/pkgrel.sh b/msys2/usr/share/makepkg/lint_pkgbuild/pkgrel.sh
index eaf711362..5467685f1 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/pkgrel.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/pkgrel.sh
@@ -2,7 +2,7 @@
 #
 #   pkgrel.sh - Check the 'pkgrel' variable conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/pkgver.sh b/msys2/usr/share/makepkg/lint_pkgbuild/pkgver.sh
index 8d1ac3cac..76c4d8c19 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/pkgver.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/pkgver.sh
@@ -2,7 +2,7 @@
 #
 #   pkgver.sh - Check the 'pkgver' variable conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -30,13 +30,15 @@ lint_pkgbuild_functions+=('lint_pkgver')
 
 
 check_pkgver() {
-	if [[ -z $1 ]]; then
-		error "$(gettext "%s is not allowed to be empty.")" "pkgver"
+	local ver=$1 type=$2
+
+	if [[ -z $ver ]]; then
+		error "$(gettext "%s is not allowed to be empty.")" "pkgver${type:+ in $type}"
 		return 1
 	fi
 
-	if [[ $1 = *[[:space:]:-]* ]]; then
-		error "$(gettext "%s is not allowed to contain colons, hyphens or whitespace.")" "pkgver"
+	if [[ $ver = *[[:space:]/:-]* ]]; then
+		error "$(gettext "%s is not allowed to contain colons, forward slashes, hyphens or whitespace.")" "pkgver${type:+ in $type}"
 		return 1
 	fi
 }
@@ -47,5 +49,5 @@ lint_pkgver() {
 		return 0
 	fi
 
-	check_pkgver $pkgver
+	check_pkgver "$pkgver"
 }
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/provides.sh b/msys2/usr/share/makepkg/lint_pkgbuild/provides.sh
index c82c009af..6f18142a6 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/provides.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/provides.sh
@@ -2,7 +2,7 @@
 #
 #   provides.sh - Check the 'provides' array conforms to requirements.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -23,6 +23,8 @@ LIBMAKEPKG_LINT_PKGBUILD_PROVIDES_SH=1
 
 LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
 
+source "$LIBRARY/lint_pkgbuild/pkgname.sh"
+source "$LIBRARY/lint_pkgbuild/pkgver.sh"
 source "$LIBRARY/util/message.sh"
 source "$LIBRARY/util/pkgbuild.sh"
 
@@ -31,32 +33,31 @@ lint_pkgbuild_functions+=('lint_provides')
 
 
 lint_provides() {
-	local a list name provides_list ret=0
+	local provides_list provide name ver ret=0
 
-	provides_list=("${provides[@]}")
-	for a in "${arch[@]}"; do
-		array_build list "provides_$a"
-		provides_list+=("${list[@]}")
-	done
+	get_pkgbuild_all_split_attributes provides provides_list
 
-	for name in "${pkgname[@]}"; do
-		if extract_function_variable "package_$name" provides 1 list; then
-			provides_list+=("${list[@]}")
-		fi
-
-		for a in "${arch[@]}"; do
-			if extract_function_variable "package_$name" "provides_$a" 1 list; then
-				provides_list+=("${list[@]}")
-			fi
-		done
-	done
+	# this function requires extglob - save current status to restore later
+	local shellopts=$(shopt -p extglob)
+	shopt -s extglob
 
 	for provide in "${provides_list[@]}"; do
 		if [[ $provide == *['<>']* ]]; then
 			error "$(gettext "%s array cannot contain comparison (< or >) operators.")" "provides"
 			ret=1
+			continue
+		fi
+		name=${provide%=*}
+		# remove optional epoch in version specifier
+		ver=${provide##$name=?(+([0-9]):)}
+		lint_one_pkgname provides "$name" || ret=1
+		if [[ $ver != $provide ]]; then
+			# remove optional pkgrel in version specifier
+			check_pkgver "${ver%-+([0-9])?(.+([0-9]))}" provides || ret=1
 		fi
 	done
 
+	eval "$shellopts"
+
 	return $ret
 }
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/source.sh b/msys2/usr/share/makepkg/lint_pkgbuild/source.sh
index bb306dffe..ddfa0fc5b 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/source.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/source.sh
@@ -2,7 +2,7 @@
 #
 #   source.sh - Check the 'source' array is not sparse.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/util.sh b/msys2/usr/share/makepkg/lint_pkgbuild/util.sh
index 6f301d23b..f0778b637 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/util.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/util.sh
@@ -2,7 +2,7 @@
 #
 #   util.sh - utility functions for pkgbuild linting.
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/lint_pkgbuild/variable.sh b/msys2/usr/share/makepkg/lint_pkgbuild/variable.sh
index e797f7b0b..4e03a0564 100644
--- a/msys2/usr/share/makepkg/lint_pkgbuild/variable.sh
+++ b/msys2/usr/share/makepkg/lint_pkgbuild/variable.sh
@@ -2,7 +2,7 @@
 #
 #   variable.sh - Check that variables are or are not arrays as appropriate
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -34,7 +34,8 @@ lint_variable() {
 	local array=(arch backup checkdepends groups license noextract options
 	             validpgpkeys)
 	local arch_array=(conflicts depends makedepends md5sums optdepends provides
-	                  replaces sha1sums sha256sums sha384sums sha512sums source)
+	                  replaces sha1sums sha224sums sha256sums sha384sums sha512sums
+			  source)
 	local string=(changelog epoch install pkgdesc pkgrel pkgver url)
 
 	local i a v pkg keys out bad ret=0
diff --git a/msys2/usr/share/makepkg/source.sh b/msys2/usr/share/makepkg/source.sh
index 0ff3afa24..b3fce9c5c 100644
--- a/msys2/usr/share/makepkg/source.sh
+++ b/msys2/usr/share/makepkg/source.sh
@@ -2,7 +2,7 @@
 #
 #   source.sh - functions for downloading and extracting sources
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -48,7 +48,7 @@ download_sources() {
 				get_vcs=0
 				;;
 			*)
-				break 2
+				break
 				;;
 		esac
 		shift
diff --git a/msys2/usr/share/makepkg/source/bzr.sh b/msys2/usr/share/makepkg/source/bzr.sh
index 8fd3d8d05..8bae11a6d 100644
--- a/msys2/usr/share/makepkg/source/bzr.sh
+++ b/msys2/usr/share/makepkg/source/bzr.sh
@@ -2,7 +2,7 @@
 #
 #   bzr.sh - function for handling the download and "extraction" of Bazaar sources
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/source/file.sh b/msys2/usr/share/makepkg/source/file.sh
index ef47612d0..85310068a 100644
--- a/msys2/usr/share/makepkg/source/file.sh
+++ b/msys2/usr/share/makepkg/source/file.sh
@@ -2,7 +2,7 @@
 #
 #   file.sh - function for handling the download and extraction of source files
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -96,7 +96,7 @@ extract_file() {
 	fi
 
 	# do not rely on extension for file type
-	local file_type=$(file -bizL "$file")
+	local file_type=$(file -bizL -- "$file")
 	local ext=${file##*.}
 	local cmd=''
 	case "$file_type" in
@@ -132,7 +132,7 @@ extract_file() {
 		$cmd -xf "$file" || ret=$?
 	else
 		rm -f -- "${file%.*}"
-		$cmd -dcf "$file" > "${file%.*}" || ret=$?
+		$cmd -dcf -- "$file" > "${file%.*}" || ret=$?
 	fi
 	if (( ret )); then
 		error "$(gettext "Failed to extract %s")" "$file"
diff --git a/msys2/usr/share/makepkg/source/git.sh b/msys2/usr/share/makepkg/source/git.sh
index 2901acba9..d9dbf2698 100644
--- a/msys2/usr/share/makepkg/source/git.sh
+++ b/msys2/usr/share/makepkg/source/git.sh
@@ -2,7 +2,7 @@
 #
 #   git.sh - function for handling the download and "extraction" of Git sources
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -39,6 +39,7 @@ download_git() {
 	local url=$(get_url "$netfile")
 	url=${url#git+}
 	url=${url%%#*}
+	url=${url%%\?*}
 
 	if [[ ! -d "$dir" ]] || dir_is_empty "$dir" ; then
 		msg2 "$(gettext "Cloning %s %s repo...")" "${repo}" "git"
@@ -64,16 +65,10 @@ download_git() {
 }
 
 extract_git() {
-	local netfile=$1
+	local netfile=$1 tagname
 
-	local fragment=${netfile#*#}
-	if [[ $fragment = "$netfile" ]]; then
-		unset fragment
-	fi
-
-	local repo=${netfile##*/}
-	repo=${repo%%#*}
-	repo=${repo%%.git*}
+	local fragment=$(get_uri_fragment "$netfile")
+	local repo=$(get_filename "$netfile")
 
 	local dir=$(get_filepath "$netfile")
 	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
@@ -115,6 +110,15 @@ extract_git() {
 		esac
 	fi
 
+	if [[ ${fragment%%=*} = tag ]]; then
+		tagname="$(git tag -l --format='%(tag)' "$ref")"
+		if [[ -n $tagname && $tagname != $ref ]]; then
+			error "$(gettext "Failure while checking out version %s, the git tag has been forged")" "$ref"
+			plain "$(gettext "Aborting...")"
+			exit 1
+		fi
+	fi
+
 	if [[ $ref != "origin/HEAD" ]] || (( updating )) ; then
 		if ! git checkout --force --no-track -B makepkg $ref; then
 			error "$(gettext "Failure while creating working copy of %s %s repo")" "${repo}" "git"
diff --git a/msys2/usr/share/makepkg/source/hg.sh b/msys2/usr/share/makepkg/source/hg.sh
index e850bd994..db5b6779b 100644
--- a/msys2/usr/share/makepkg/source/hg.sh
+++ b/msys2/usr/share/makepkg/source/hg.sh
@@ -2,7 +2,7 @@
 #
 #   hg.sh - function for handling the download and "extraction" of Mercurial sources
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/source/local.sh b/msys2/usr/share/makepkg/source/local.sh
index 09f518aa1..a7a63bab3 100644
--- a/msys2/usr/share/makepkg/source/local.sh
+++ b/msys2/usr/share/makepkg/source/local.sh
@@ -2,7 +2,7 @@
 #
 #   local.sh - function for handling the "download" of local sources
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/source/svn.sh b/msys2/usr/share/makepkg/source/svn.sh
index 94d697632..4f8c4ff93 100644
--- a/msys2/usr/share/makepkg/source/svn.sh
+++ b/msys2/usr/share/makepkg/source/svn.sh
@@ -2,7 +2,7 @@
 #
 #   svn.sh - function for handling the download and "extraction" of Subversion sources
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/srcinfo.sh b/msys2/usr/share/makepkg/srcinfo.sh
new file mode 100644
index 000000000..7d70c4140
--- /dev/null
+++ b/msys2/usr/share/makepkg/srcinfo.sh
@@ -0,0 +1,127 @@
+#!/usr/bin/bash
+#
+#   srcinfo.sh - functions for writing .SRCINFO files
+#
+#   Copyright (c) 2014-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_SRCINFO_SH" ]] && return
+LIBMAKEPKG_SRCINFO_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/pkgbuild.sh"
+
+srcinfo_open_section() {
+	printf '%s = %s\n' "$1" "$2"
+}
+
+srcinfo_close_section() {
+	echo
+}
+
+srcinfo_write_attr() {
+	# $1: attr name
+	# $2: attr values
+
+	local attrname=$1 attrvalues=("${@:2}")
+
+	# normalize whitespace, strip leading and trailing
+	attrvalues=("${attrvalues[@]//+([[:space:]])/ }")
+	attrvalues=("${attrvalues[@]#[[:space:]]}")
+	attrvalues=("${attrvalues[@]%[[:space:]]}")
+
+	printf "\t$attrname = %s\n" "${attrvalues[@]}"
+}
+
+pkgbuild_extract_to_srcinfo() {
+	# $1: pkgname
+	# $2: attr name
+	# $3: multivalued
+
+	local pkgname=$1 attrname=$2 isarray=$3 outvalue=
+
+	if get_pkgbuild_attribute "$pkgname" "$attrname" "$isarray" 'outvalue'; then
+		srcinfo_write_attr "$attrname" "${outvalue[@]}"
+	fi
+}
+
+srcinfo_write_section_details() {
+	local attr package_arch a
+	local multivalued_arch_attrs=(source provides conflicts depends replaces
+	                              optdepends makedepends checkdepends
+	                              {md5,sha{1,224,256,384,512}}sums)
+
+	for attr in "${singlevalued[@]}"; do
+		pkgbuild_extract_to_srcinfo "$1" "$attr" 0
+	done
+
+	for attr in "${multivalued[@]}"; do
+		pkgbuild_extract_to_srcinfo "$1" "$attr" 1
+	done
+
+	get_pkgbuild_attribute "$1" 'arch' 1 'package_arch'
+	for a in "${package_arch[@]}"; do
+		# 'any' is special. there's no support for, e.g. depends_any.
+		[[ $a = any ]] && continue
+
+		for attr in "${multivalued_arch_attrs[@]}"; do
+			pkgbuild_extract_to_srcinfo "$1" "${attr}_$a" 1
+		done
+	done
+}
+
+srcinfo_write_global() {
+	local singlevalued=(pkgdesc pkgver pkgrel epoch url install changelog)
+	local multivalued=(arch groups license checkdepends makedepends
+	                   depends optdepends provides conflicts replaces
+	                   noextract options backup
+	                   source validpgpkeys {md5,sha{1,224,256,384,512}}sums)
+
+	srcinfo_open_section 'pkgbase' "${pkgbase:-$pkgname}"
+	srcinfo_write_section_details ''
+	srcinfo_close_section
+}
+
+srcinfo_write_package() {
+	local singlevalued=(pkgdesc url install changelog)
+	local multivalued=(arch groups license checkdepends depends optdepends
+	                   provides conflicts replaces options backup)
+
+	srcinfo_open_section 'pkgname' "$1"
+	srcinfo_write_section_details "$1"
+	srcinfo_close_section
+}
+
+write_srcinfo_header() {
+	printf "# Generated by makepkg %s\n" "$makepkg_version"
+	printf "# %s\n" "$(LC_ALL=C date -u)"
+}
+
+write_srcinfo_content() {
+	local pkg
+
+	srcinfo_write_global
+
+	for pkg in "${pkgname[@]}"; do
+		srcinfo_write_package "$pkg"
+	done
+}
+
+write_srcinfo() {
+	write_srcinfo_header
+	write_srcinfo_content
+}
diff --git a/msys2/usr/share/makepkg/tidy.sh b/msys2/usr/share/makepkg/tidy.sh
index 2b340672b..e72b273e0 100644
--- a/msys2/usr/share/makepkg/tidy.sh
+++ b/msys2/usr/share/makepkg/tidy.sh
@@ -3,7 +3,7 @@
 #   tidy.sh - functions for modifying/removing installed files before
 #   package creation
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/tidy/docs.sh b/msys2/usr/share/makepkg/tidy/docs.sh
index 7899d9b80..3c1a00024 100644
--- a/msys2/usr/share/makepkg/tidy/docs.sh
+++ b/msys2/usr/share/makepkg/tidy/docs.sh
@@ -2,7 +2,7 @@
 #
 #   docs.sh - Remove documentation files from the package
 #
-#   Copyright (c) 2008-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2008-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/tidy/emptydirs.sh b/msys2/usr/share/makepkg/tidy/emptydirs.sh
index 1208889de..c4b5c7a8e 100644
--- a/msys2/usr/share/makepkg/tidy/emptydirs.sh
+++ b/msys2/usr/share/makepkg/tidy/emptydirs.sh
@@ -2,7 +2,7 @@
 #
 #   emptydirs.sh - Remove empty directories from the package
 #
-#   Copyright (c) 2013-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2013-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -33,6 +33,7 @@ tidy_remove+=('tidy_emptydirs')
 tidy_emptydirs() {
 	if check_option "emptydirs" "n"; then
 		msg2 "$(gettext "Removing empty directories...")"
-		find . -depth -type d -exec rmdir '{}' + 2>/dev/null
+		# we are unable to use '-empty' as it is non-POSIX and not support by all find variants
+		find . -depth -type d -exec rmdir '{}' \; 2>/dev/null
 	fi
 }
diff --git a/msys2/usr/share/makepkg/tidy/libtool.sh b/msys2/usr/share/makepkg/tidy/libtool.sh
index 43ae45885..c6a0fc109 100644
--- a/msys2/usr/share/makepkg/tidy/libtool.sh
+++ b/msys2/usr/share/makepkg/tidy/libtool.sh
@@ -2,7 +2,7 @@
 #
 #   libtool.sh - Remove libtool files from the package
 #
-#   Copyright (c) 2013-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2013-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/tidy/optipng.sh b/msys2/usr/share/makepkg/tidy/optipng.sh
deleted file mode 100644
index ea64ee7c7..000000000
--- a/msys2/usr/share/makepkg/tidy/optipng.sh
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/usr/bin/bash
-#
-#   optipng.sh - Compress PNG files using optpng
-#
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
-#
-#   This program is free software; you can redistribute it and/or modify
-#   it under the terms of the GNU General Public License as published by
-#   the Free Software Foundation; either version 2 of the License, or
-#   (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be useful,
-#   but WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#   GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-[[ -n "$LIBMAKEPKG_TIDY_OPTIPNG_SH" ]] && return
-LIBMAKEPKG_TIDY_OPTIPNG_SH=1
-
-LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
-
-source "$LIBRARY/util/message.sh"
-source "$LIBRARY/util/option.sh"
-
-
-packaging_options+=('optipng')
-tidy_modify+=('tidy_optipng')
-
-tidy_optipng() {
-	if check_option "optipng" "y"; then
-		msg2 "$(gettext "Optimizing PNG images...")"
-		local png
-		find . -type f -iname "*.png" 2>/dev/null | while read -r png ; do
-			if [[ $(file --brief --mime-type "$png") = 'image/png' ]]; then
-				optipng "${OPTIPNGFLAGS[@]}" "$png" &>/dev/null ||
-					warning "$(gettext "Could not optimize PNG image : %s")" "${png/$pkgdir\//}"
-			fi
-		done
-	fi
-}
diff --git a/msys2/usr/share/makepkg/tidy/purge.sh b/msys2/usr/share/makepkg/tidy/purge.sh
index 492d9ebf8..3d18bc61d 100644
--- a/msys2/usr/share/makepkg/tidy/purge.sh
+++ b/msys2/usr/share/makepkg/tidy/purge.sh
@@ -2,7 +2,7 @@
 #
 #   purge.sh - Remove unwanted files from the package
 #
-#   Copyright (c) 2008-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2008-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/tidy/staticlibs.sh b/msys2/usr/share/makepkg/tidy/staticlibs.sh
index 33db862db..8f29ef7fc 100644
--- a/msys2/usr/share/makepkg/tidy/staticlibs.sh
+++ b/msys2/usr/share/makepkg/tidy/staticlibs.sh
@@ -2,7 +2,7 @@
 #
 #   staticlibs.sh - Remove static library files from the package
 #
-#   Copyright (c) 2013-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2013-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/tidy/strip.sh b/msys2/usr/share/makepkg/tidy/strip.sh
index 588b86b69..6762c1a86 100644
--- a/msys2/usr/share/makepkg/tidy/strip.sh
+++ b/msys2/usr/share/makepkg/tidy/strip.sh
@@ -2,7 +2,7 @@
 #
 #   strip.sh - Strip debugging symbols from binary files
 #
-#   Copyright (c) 2007-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2007-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -31,17 +31,30 @@ packaging_options+=('strip' 'debug')
 tidy_modify+=('tidy_strip')
 
 
+source_files() {
+	LANG=C readelf "$1" --debug-dump | \
+		awk '/DW_AT_name +:/{name=$8}/DW_AT_comp_dir +:/{{if (name !~ /^\//) {printf "%s/", $8}}{print name}}'
+}
+
 strip_file() {
 	local binary=$1; shift
 
 	case "$(file -bi "$binary")" in
 	*application/x-dosexec*)
 		if check_option "debug" "y"; then
-			
 			if [[ -f "$dbgdir/$binary.debug" ]]; then
 				return
 			fi
 
+			# copy source files to debug directory
+			local f t
+			while read -r t; do
+				f=${t/${dbgsrcdir}/"$srcdir"}
+				mkdir -p "${dbgsrc/"$dbgsrcdir"/}${t%/*}"
+				cp -- "$f" "${dbgsrc/"$dbgsrcdir"/}$t"
+			done < <(source_files "$binary")
+
+			# copy debug symbols to debug directory
 			mkdir -p "$dbgdir/${binary%/*}"
 			msg2 "Separating debug info from $binary into $dbgdir/$binary.debug"
 			# create a dbg file with proper debug info:
@@ -78,6 +91,7 @@ strip_file() {
 	strip $@ "$binary"
 }
 
+
 tidy_strip() {
 	if check_option "strip" "y"; then
 		msg2 "$(gettext "Stripping unneeded symbols from binaries and libraries...")"
@@ -86,8 +100,11 @@ tidy_strip() {
 		[[ -z ${STRIP_STATIC+x} ]] && STRIP_STATIC="-S"
 
 		if check_option "debug" "y"; then
-			dbgdir="$pkgdir-debug"
-			mkdir -p "$dbgdir"
+
+			dbgdir="$pkgdirbase/$pkgbase-debug"
+			dbgsrcdir="${DBGSRCDIR:-/usr/src/debug}"
+			dbgsrc="$pkgdirbase/$pkgbase-debug$dbgsrcdir"
+			mkdir -p "$dbgdir" "$dbgsrc"
 		fi
 
 		local binary strip_flags
@@ -175,6 +192,8 @@ tidy_strip() {
 					esac;;
 				*application/x-executable*) # Binaries
 					strip_flags="$STRIP_BINARIES";;
+				*application/x-pie-executable*)  # Relocatable binaries
+					strip_flags="$STRIP_SHARED";;
 				*)
 					continue ;;
 			esac
diff --git a/msys2/usr/share/makepkg/tidy/upx.sh b/msys2/usr/share/makepkg/tidy/upx.sh
deleted file mode 100644
index 9d39c78ee..000000000
--- a/msys2/usr/share/makepkg/tidy/upx.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/bash
-#
-#   upx.sh - Compress package binaries with UPX
-#
-#   Copyright (c) 2011-2016 Pacman Development Team <pacman-dev@archlinux.org>
-#
-#   This program is free software; you can redistribute it and/or modify
-#   it under the terms of the GNU General Public License as published by
-#   the Free Software Foundation; either version 2 of the License, or
-#   (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be useful,
-#   but WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#   GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-[[ -n "$LIBMAKEPKG_TIDY_UPX_SH" ]] && return
-LIBMAKEPKG_TIDY_UPX_SH=1
-
-LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
-
-source "$LIBRARY/util/message.sh"
-source "$LIBRARY/util/option.sh"
-
-
-packaging_options+=('upx')
-tidy_modify+=('tidy_upx')
-
-tidy_upx() {
-	if check_option "upx" "y"; then
-		msg2 "$(gettext "Compressing binaries with %s...")" "UPX"
-		local binary
-		find . -type f -perm -u+w 2>/dev/null | while read -r binary ; do
-			case "$(file --brief --mime-type "$binary")" in
-				'application/x-executable' | 'application/x-dosexec')
-					upx "${UPXFLAGS[@]}" "$binary" &>/dev/null ||
-						warning "$(gettext "Could not compress binary : %s")" "${binary/$pkgdir\//}"
-					;;
-			esac
-		done
-	fi
-}
diff --git a/msys2/usr/share/makepkg/tidy/zipman.sh b/msys2/usr/share/makepkg/tidy/zipman.sh
index 933948787..5d9f1afb3 100644
--- a/msys2/usr/share/makepkg/tidy/zipman.sh
+++ b/msys2/usr/share/makepkg/tidy/zipman.sh
@@ -2,7 +2,7 @@
 #
 #   zipman.sh - Compress man and info pages
 #
-#   Copyright (c) 2011-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2011-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/util.sh b/msys2/usr/share/makepkg/util.sh
index 378e9f7bd..793ed6fe9 100644
--- a/msys2/usr/share/makepkg/util.sh
+++ b/msys2/usr/share/makepkg/util.sh
@@ -2,7 +2,7 @@
 #
 #   util.sh - utility functions for makepkg
 #
-#   Copyright (c) 2015-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2015-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/util/compress.sh b/msys2/usr/share/makepkg/util/compress.sh
new file mode 100644
index 000000000..8df0ac3e6
--- /dev/null
+++ b/msys2/usr/share/makepkg/util/compress.sh
@@ -0,0 +1,47 @@
+#!/usr/bin/bash
+#
+#   compress.sh - functions to compress archives in a uniform manner
+#
+#   Copyright (c) 2017-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_UTIL_COMPRESS_SH" ]] && return
+LIBMAKEPKG_UTIL_COMPRESS_SH=1
+
+LIBRARY=${LIBRARY:-'/usr/share/makepkg'}
+
+source "$LIBRARY/util/message.sh"
+
+
+# Wrapper around many stream compression formats, for use in the middle of a
+# pipeline. A tar archive is passed on stdin and compressed to stdout.
+compress_as() {
+       # $1: final archive filename extension for compression type detection
+
+	local filename="$1"
+
+	case "$filename" in
+		*tar.gz)  ${COMPRESSGZ[@]:-gzip -c -f -n} ;;
+		*tar.bz2) ${COMPRESSBZ2[@]:-bzip2 -c -f} ;;
+		*tar.xz)  ${COMPRESSXZ[@]:-xz -c -z -T0 -} ;;
+		*tar.lrz) ${COMPRESSLRZ[@]:-lrzip -q} ;;
+		*tar.lzo) ${COMPRESSLZO[@]:-lzop -q} ;;
+		*tar.Z)   ${COMPRESSZ[@]:-compress -c -f} ;;
+		*tar)     cat ;;
+		*) warning "$(gettext "'%s' is not a valid archive extension.")" \
+			"$ext"; cat ;;
+	esac
+}
diff --git a/msys2/usr/share/makepkg/util/error.sh b/msys2/usr/share/makepkg/util/error.sh
new file mode 100644
index 000000000..e89f00fda
--- /dev/null
+++ b/msys2/usr/share/makepkg/util/error.sh
@@ -0,0 +1,41 @@
+#!/usr/bin/bash
+#
+#   error.sh.in - error variable definitions for makepkg
+#
+#   Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n "$LIBMAKEPKG_UTIL_ERROR_SH" ]] && return
+LIBMAKEPKG_UTIL_ERROR_SH=1
+
+E_OK=0
+E_FAIL=1 # Generic error
+E_CONFIG_ERROR=2
+E_INVALID_OPTION=3
+E_USER_FUNCTION_FAILED=4
+E_PACKAGE_FAILED=5
+E_MISSING_FILE=6
+E_MISSING_PKGDIR=7
+E_INSTALL_DEPS_FAILED=8
+E_REMOVE_DEPS_FAILED=9
+E_ROOT=10
+E_FS_PERMISSIONS=11
+E_PKGBUILD_ERROR=12
+E_ALREADY_BUILT=13
+E_INSTALL_FAILED=14
+E_MISSING_MAKEPKG_DEPS=15
+E_PRETTY_BAD_PRIVACY=16
diff --git a/msys2/usr/share/makepkg/util/message.sh b/msys2/usr/share/makepkg/util/message.sh
index 341ccf3f8..811fc23c4 100644
--- a/msys2/usr/share/makepkg/util/message.sh
+++ b/msys2/usr/share/makepkg/util/message.sh
@@ -1,8 +1,8 @@
-#!/bin/bash
+#!/usr/bin/bash
 #
 #   message.sh - functions for outputting messages in makepkg
 #
-#   Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #   Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
diff --git a/msys2/usr/share/makepkg/util/option.sh b/msys2/usr/share/makepkg/util/option.sh
index 54ba47404..a79abe181 100644
--- a/msys2/usr/share/makepkg/util/option.sh
+++ b/msys2/usr/share/makepkg/util/option.sh
@@ -1,8 +1,8 @@
-#!/bin/bash
+#!/usr/bin/bash
 #
 #   option.sh - functions to test if build/packaging options are enabled
 #
-#   Copyright (c) 2009-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2009-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
diff --git a/msys2/usr/share/makepkg/util/parseopts.sh b/msys2/usr/share/makepkg/util/parseopts.sh
new file mode 100644
index 000000000..8e8118ac5
--- /dev/null
+++ b/msys2/usr/share/makepkg/util/parseopts.sh
@@ -0,0 +1,173 @@
+#!/usr/bin/bash
+#
+#   parseopts.sh - getopt_long-like parser
+#
+#   Copyright (c) 2012-2018 Pacman Development Team <pacman-dev@archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+# A getopt_long-like parser which portably supports longopts and
+# shortopts with some GNU extensions. It does not allow for options
+# with optional arguments. For both short and long opts, options
+# requiring an argument should be suffixed with a colon. After the
+# first argument containing the short opts, any number of valid long
+# opts may be be passed. The end of the options delimiter must then be
+# added, followed by the user arguments to the calling program.
+#
+# Recommended Usage:
+#   OPT_SHORT='fb:z'
+#   OPT_LONG=('foo' 'bar:' 'baz')
+#   if ! parseopts "$OPT_SHORT" "${OPT_LONG[@]}" -- "$@"; then
+#     exit 1
+#   fi
+#   set -- "${OPTRET[@]}"
+# Returns:
+#   0: parse success
+#   1: parse failure (error message supplied)
+parseopts() {
+	local opt= optarg= i= shortopts=$1
+	local -a longopts=() unused_argv=()
+
+	shift
+	while [[ $1 && $1 != '--' ]]; do
+		longopts+=("$1")
+		shift
+	done
+	shift
+
+	longoptmatch() {
+		local o longmatch=()
+		for o in "${longopts[@]}"; do
+			if [[ ${o%:} = "$1" ]]; then
+				longmatch=("$o")
+				break
+			fi
+			[[ ${o%:} = "$1"* ]] && longmatch+=("$o")
+		done
+
+		case ${#longmatch[*]} in
+			1)
+				# success, override with opt and return arg req (0 == none, 1 == required)
+				opt=${longmatch%:}
+				if [[ $longmatch = *: ]]; then
+					return 1
+				else
+					return 0
+				fi ;;
+			0)
+				# fail, no match found
+				return 255 ;;
+			*)
+				# fail, ambiguous match
+				printf "${0##*/}: $(gettext "option '%s' is ambiguous; possibilities:")" "--$1"
+				printf " '%s'" "${longmatch[@]%:}"
+				printf '\n'
+				return 254 ;;
+		esac >&2
+	}
+
+	while (( $# )); do
+		case $1 in
+			--) # explicit end of options
+				shift
+				break
+				;;
+			-[!-]*) # short option
+				for (( i = 1; i < ${#1}; i++ )); do
+					opt=${1:i:1}
+
+					# option doesn't exist
+					if [[ $shortopts != *$opt* ]]; then
+						printf "${0##*/}: $(gettext "invalid option") -- '%s'\n" "$opt" >&2
+						OPTRET=(--)
+						return 1
+					fi
+
+					OPTRET+=("-$opt")
+					# option requires optarg
+					if [[ $shortopts = *$opt:* ]]; then
+						# if we're not at the end of the option chunk, the rest is the optarg
+						if (( i < ${#1} - 1 )); then
+							OPTRET+=("${1:i+1}")
+							break
+						# if we're at the end, grab the the next positional, if it exists
+						elif (( i == ${#1} - 1 )) && [[ $2 ]]; then
+							OPTRET+=("$2")
+							shift
+							break
+						# parse failure
+						else
+							printf "${0##*/}: $(gettext "option requires an argument") -- '%s'\n" "$opt" >&2
+							OPTRET=(--)
+							return 1
+						fi
+					fi
+				done
+				;;
+			--?*=*|--?*) # long option
+				IFS='=' read -r opt optarg <<< "${1#--}"
+				longoptmatch "$opt"
+				case $? in
+					0)
+						# parse failure
+						if [[ $optarg ]]; then
+							printf "${0##*/}: $(gettext "option '%s' does not allow an argument")\n" "--$opt" >&2
+							OPTRET=(--)
+							return 1
+						# --longopt
+						else
+							OPTRET+=("--$opt")
+						fi
+						;;
+					1)
+						# --longopt=optarg
+						if [[ $optarg ]]; then
+							OPTRET+=("--$opt" "$optarg")
+						# --longopt optarg
+						elif [[ $2 ]]; then
+							OPTRET+=("--$opt" "$2" )
+							shift
+						# parse failure
+						else
+							printf "${0##*/}: $(gettext "option '%s' requires an argument")\n" "--$opt" >&2
+							OPTRET=(--)
+							return 1
+						fi
+						;;
+					254)
+						# ambiguous option -- error was reported for us by longoptmatch()
+						OPTRET=(--)
+						return 1
+						;;
+					255)
+						# parse failure
+						printf "${0##*/}: $(gettext "invalid option") '--%s'\n" "$opt" >&2
+						OPTRET=(--)
+						return 1
+						;;
+				esac
+				;;
+			*) # non-option arg encountered, add it as a parameter
+				unused_argv+=("$1")
+				;;
+		esac
+		shift
+	done
+
+	# add end-of-opt terminator and any leftover positional parameters
+	OPTRET+=('--' "${unused_argv[@]}" "$@")
+	unset longoptmatch
+
+	return 0
+}
diff --git a/msys2/usr/share/makepkg/util/pkgbuild.sh b/msys2/usr/share/makepkg/util/pkgbuild.sh
index f974e0e8d..aa203a402 100644
--- a/msys2/usr/share/makepkg/util/pkgbuild.sh
+++ b/msys2/usr/share/makepkg/util/pkgbuild.sh
@@ -2,7 +2,7 @@
 #
 #   pkgbuild.sh - functions to extract information from PKGBUILD files
 #
-#   Copyright (c) 2014-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2009-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -80,6 +80,10 @@ extract_function_variable() {
 		printf -v attr_regex '^[[:space:]]* %s\+?=[^(]' "$2"
 	fi
 
+	# this function requires extglob - save current status to restore later
+	local shellopts=$(shopt -p extglob)
+	shopt -s extglob
+
 	while read -r; do
 		# strip leading whitespace and any usage of declare
 		decl=${REPLY##*([[:space:]])}
@@ -89,6 +93,8 @@ extract_function_variable() {
 		r=0
 	done < <(grep_function "$funcname" "$attr_regex")
 
+	eval "$shellopts"
+
 	return $r
 }
 
@@ -100,7 +106,11 @@ get_pkgbuild_attribute() {
 
 	local pkgname=$1 attrname=$2 isarray=$3 outputvar=$4
 
-	printf -v "$outputvar" %s ''
+	if (( isarray )); then
+		eval "$outputvar=()"
+	else
+		printf -v "$outputvar" %s ''
+	fi
 
 	if [[ $pkgname ]]; then
 		extract_global_variable "$attrname" "$isarray" "$outputvar"
@@ -110,6 +120,33 @@ get_pkgbuild_attribute() {
 	fi
 }
 
+get_pkgbuild_all_split_attributes() {
+	local attrname=$1 outputvar=$2 all_list list
+
+	if extract_global_variable "$attrname" 1 list; then
+		all_list+=("${list[@]}")
+	fi
+	for a in "${arch[@]}"; do
+		if extract_global_variable "${attrname}_$a" 1 list; then
+			all_list+=("${list[@]}")
+		fi
+	done
+
+	for name in "${pkgname[@]}"; do
+		if extract_function_variable "package_$name" "$attrname" 1 list; then
+			all_list+=("${list[@]}")
+		fi
+
+		for a in "${arch[@]}"; do
+			if extract_function_variable "package_$name" "${attrname}_$a" 1 list; then
+				all_list+=("${list[@]}")
+			fi
+		done
+	done
+
+	[[ ${all_list[@]} ]] && array_build "$outputvar" all_list
+}
+
 ##
 #  usage : get_full_version()
 # return : full version spec, including epoch (if necessary), pkgver, pkgrel
@@ -153,15 +190,13 @@ print_all_package_names() {
 	local version=$(get_full_version)
 	local architecture pkg opts a
 	for pkg in ${pkgname[@]}; do
-		get_pkgbuild_attribute "$pkg" 'arch' 1 architecture
-		get_pkgbuild_attribute "$pkg" 'options' 1 opts
-		for a in ${architecture[@]}; do
-			printf "%s-%s-%s\n" "$pkg" "$version" "$a"
-			if in_opt_array "debug" ${opts[@]} && in_opt_array "strip" ${opts[@]}; then
-				printf "%s-%s-%s-%s\n" "$pkg" "debug" "$version" "$a"
-			fi
-		done
+		architecture=$(get_pkg_arch $pkg)
+		printf "%s/%s-%s-%s%s\n" "$PKGDEST" "$pkg" "$version" "$architecture" "$PKGEXT"
 	done
+	if check_option "debug" "y" && check_option "strip" "y"; then
+		architecture=$(get_pkg_arch)
+		printf "%s/%s-%s-%s-%s%s\n" "$PKGDEST" "$pkgbase" "debug" "$version" "$architecture" "$PKGEXT"
+	fi
 }
 
 get_all_sources() {
@@ -193,3 +228,32 @@ get_all_sources_for_arch() {
 
 	array_build "$1" "aggregate"
 }
+
+get_integlist() {
+	local integ
+	local integlist=()
+
+	for integ in "${known_hash_algos[@]}"; do
+		# check for e.g. "sha256sums"
+		local sumname="${integ}sums[@]"
+		if [[ -n ${!sumname} ]]; then
+			integlist+=("$integ")
+			continue
+		fi
+
+		# check for e.g. "sha256sums_x86_64"
+		for a in "${arch[@]}"; do
+			local sumname="${integ}sums_${a}[@]"
+			if [[ -n ${!sumname} ]]; then
+				integlist+=("$integ")
+				break
+			fi
+		done
+	done
+
+	if (( ${#integlist[@]} > 0 )); then
+		printf "%s\n" "${integlist[@]}"
+	else
+		printf "%s\n" "${INTEGRITY_CHECK[@]}"
+	fi
+}
diff --git a/msys2/usr/share/makepkg/util/source.sh b/msys2/usr/share/makepkg/util/source.sh
index d39d8da48..4c2c74f40 100644
--- a/msys2/usr/share/makepkg/util/source.sh
+++ b/msys2/usr/share/makepkg/util/source.sh
@@ -2,7 +2,7 @@
 #
 #   source.sh - functions to extract information from source URLs
 #
-#   Copyright (c) 2010-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2010-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
 #   it under the terms of the GNU General Public License as published by
@@ -65,6 +65,7 @@ get_filename() {
 	case $proto in
 		bzr*|git*|hg*|svn*)
 			filename=${netfile%%#*}
+			filename=${filename%%\?*}
 			filename=${filename%/}
 			filename=${filename##*/}
 			if [[ $proto = bzr* ]]; then
@@ -111,6 +112,32 @@ get_filepath() {
 	printf "%s\n" "$file"
 }
 
+# extract the VCS revision/branch specifier from a source entry
+get_uri_fragment() {
+	local netfile=$1
+
+	local fragment=${netfile#*#}
+	if [[ $fragment = "$netfile" ]]; then
+		unset fragment
+	fi
+	fragment=${fragment%\?*}
+
+	printf "%s\n" "$fragment"
+}
+
+# extract the VCS "signed" status from a source entry
+get_uri_query() {
+	local netfile=$1
+
+	local query=${netfile#*\?}
+	if [[ $query = "$netfile" ]]; then
+		unset query
+	fi
+	query=${query%#*}
+
+	printf "%s\n" "$query"
+}
+
 get_downloadclient() {
 	local proto=$1
 
diff --git a/msys2/usr/share/makepkg/util/util.sh b/msys2/usr/share/makepkg/util/util.sh
index 675e75de5..5c8c708be 100644
--- a/msys2/usr/share/makepkg/util/util.sh
+++ b/msys2/usr/share/makepkg/util/util.sh
@@ -1,8 +1,8 @@
-#!/bin/bash
+#!/usr/bin/bash
 #
 #   util.sh - general utility functions
 #
-#   Copyright (c) 2006-2016 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2006-2018 Pacman Development Team <pacman-dev@archlinux.org>
 #   Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
 #
 #   This program is free software; you can redistribute it and/or modify
@@ -42,15 +42,10 @@ is_array() {
 	local v=$1
 	local ret=1
 
-	# this function requires extglob - save current options to restore later
-	local shellopts=$(shopt -p)
-	shopt -s extglob
-
-	if [[ $(declare -p "$i") == declare\ -*([[:alnum:]])a*([[:alnum:]])\ * ]]; then
+	if [[ $(declare -p "$v") == declare\ -*([[:alnum:]])a*([[:alnum:]])\ * ]]; then
 		ret=0
 	fi
 
-	eval "$shellopts"
 	return $ret
 }
 
@@ -83,3 +78,20 @@ cd_safe() {
 		exit 1
 	fi
 }
+
+# Try to create directory if one does not yet exist. Fails if the directory
+# exists but has no write permissions, or if there is an existing file with
+# the same name.
+ensure_writable_dir() {
+	local dirtype="$1" dirpath="$2"
+
+	if ! mkdir -p "$dirpath" 2>/dev/null; then
+		error "$(gettext "Failed to create the directory \$%s (%s).")" "$dirtype" "$dirpath"
+		return 1
+	elif [[ ! -w $dirpath ]]; then
+		error "$(gettext "You do not have write permission for the directory \$%s (%s).")" "$dirtype" "$dirpath"
+		return 1
+	fi
+
+	return 0
+}
diff --git a/msys2/usr/share/man/man1/CA.pl.1ssl.gz b/msys2/usr/share/man/man1/CA.pl.1ssl.gz
index a5622a574..71cf56bee 100644
Binary files a/msys2/usr/share/man/man1/CA.pl.1ssl.gz and b/msys2/usr/share/man/man1/CA.pl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/[.1.gz b/msys2/usr/share/man/man1/[.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/[.1.gz and b/msys2/usr/share/man/man1/[.1.gz differ
diff --git a/msys2/usr/share/man/man1/alias.1.gz b/msys2/usr/share/man/man1/alias.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/alias.1.gz and b/msys2/usr/share/man/man1/alias.1.gz differ
diff --git a/msys2/usr/share/man/man1/arch.1.gz b/msys2/usr/share/man/man1/arch.1.gz
index 4e6ff4c5c..11363c827 100644
Binary files a/msys2/usr/share/man/man1/arch.1.gz and b/msys2/usr/share/man/man1/arch.1.gz differ
diff --git a/msys2/usr/share/man/man1/ash.1.gz b/msys2/usr/share/man/man1/ash.1.gz
index f51e0d3b2..17e3cce6d 100644
Binary files a/msys2/usr/share/man/man1/ash.1.gz and b/msys2/usr/share/man/man1/ash.1.gz differ
diff --git a/msys2/usr/share/man/man1/asn1parse.1ssl.gz b/msys2/usr/share/man/man1/asn1parse.1ssl.gz
index 6a94bdc53..c4a11623c 100644
Binary files a/msys2/usr/share/man/man1/asn1parse.1ssl.gz and b/msys2/usr/share/man/man1/asn1parse.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/b2sum.1.gz b/msys2/usr/share/man/man1/b2sum.1.gz
index a04d736af..9d3c91101 100644
Binary files a/msys2/usr/share/man/man1/b2sum.1.gz and b/msys2/usr/share/man/man1/b2sum.1.gz differ
diff --git a/msys2/usr/share/man/man1/base32.1.gz b/msys2/usr/share/man/man1/base32.1.gz
index 39b544f8a..819e98e8a 100644
Binary files a/msys2/usr/share/man/man1/base32.1.gz and b/msys2/usr/share/man/man1/base32.1.gz differ
diff --git a/msys2/usr/share/man/man1/base64.1.gz b/msys2/usr/share/man/man1/base64.1.gz
index eb31b5737..ccb1a55a8 100644
Binary files a/msys2/usr/share/man/man1/base64.1.gz and b/msys2/usr/share/man/man1/base64.1.gz differ
diff --git a/msys2/usr/share/man/man1/basename.1.gz b/msys2/usr/share/man/man1/basename.1.gz
index add5a98ba..c343b3ff1 100644
Binary files a/msys2/usr/share/man/man1/basename.1.gz and b/msys2/usr/share/man/man1/basename.1.gz differ
diff --git a/msys2/usr/share/man/man1/basenc.1.gz b/msys2/usr/share/man/man1/basenc.1.gz
new file mode 100644
index 000000000..33ab03d87
Binary files /dev/null and b/msys2/usr/share/man/man1/basenc.1.gz differ
diff --git a/msys2/usr/share/man/man1/bg.1.gz b/msys2/usr/share/man/man1/bg.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/bg.1.gz and b/msys2/usr/share/man/man1/bg.1.gz differ
diff --git a/msys2/usr/share/man/man1/bind.1.gz b/msys2/usr/share/man/man1/bind.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/bind.1.gz and b/msys2/usr/share/man/man1/bind.1.gz differ
diff --git a/msys2/usr/share/man/man1/break.1.gz b/msys2/usr/share/man/man1/break.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/break.1.gz and b/msys2/usr/share/man/man1/break.1.gz differ
diff --git a/msys2/usr/share/man/man1/bsdcpio.1.gz b/msys2/usr/share/man/man1/bsdcpio.1.gz
index 78d9fb45f..119d2a3d3 100644
Binary files a/msys2/usr/share/man/man1/bsdcpio.1.gz and b/msys2/usr/share/man/man1/bsdcpio.1.gz differ
diff --git a/msys2/usr/share/man/man1/bsdtar.1.gz b/msys2/usr/share/man/man1/bsdtar.1.gz
index 24f64853c..cada41402 100644
Binary files a/msys2/usr/share/man/man1/bsdtar.1.gz and b/msys2/usr/share/man/man1/bsdtar.1.gz differ
diff --git a/msys2/usr/share/man/man1/builtin.1.gz b/msys2/usr/share/man/man1/builtin.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/builtin.1.gz and b/msys2/usr/share/man/man1/builtin.1.gz differ
diff --git a/msys2/usr/share/man/man1/c_rehash.1ssl.gz b/msys2/usr/share/man/man1/c_rehash.1ssl.gz
index df439b14c..9be2d8385 100644
Binary files a/msys2/usr/share/man/man1/c_rehash.1ssl.gz and b/msys2/usr/share/man/man1/c_rehash.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/ca.1ssl.gz b/msys2/usr/share/man/man1/ca.1ssl.gz
index e95f7526e..8e24f537e 100644
Binary files a/msys2/usr/share/man/man1/ca.1ssl.gz and b/msys2/usr/share/man/man1/ca.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/cal.1.gz b/msys2/usr/share/man/man1/cal.1.gz
index a9a9f53af..8b1d6f98f 100644
Binary files a/msys2/usr/share/man/man1/cal.1.gz and b/msys2/usr/share/man/man1/cal.1.gz differ
diff --git a/msys2/usr/share/man/man1/caller.1.gz b/msys2/usr/share/man/man1/caller.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/caller.1.gz and b/msys2/usr/share/man/man1/caller.1.gz differ
diff --git a/msys2/usr/share/man/man1/captoinfo.1m.gz b/msys2/usr/share/man/man1/captoinfo.1m.gz
index 6696326b5..7d1b67d15 100644
Binary files a/msys2/usr/share/man/man1/captoinfo.1m.gz and b/msys2/usr/share/man/man1/captoinfo.1m.gz differ
diff --git a/msys2/usr/share/man/man1/case.1.gz b/msys2/usr/share/man/man1/case.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/case.1.gz and b/msys2/usr/share/man/man1/case.1.gz differ
diff --git a/msys2/usr/share/man/man1/cat.1.gz b/msys2/usr/share/man/man1/cat.1.gz
index 212ab747f..57133375d 100644
Binary files a/msys2/usr/share/man/man1/cat.1.gz and b/msys2/usr/share/man/man1/cat.1.gz differ
diff --git a/msys2/usr/share/man/man1/cd.1.gz b/msys2/usr/share/man/man1/cd.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/cd.1.gz and b/msys2/usr/share/man/man1/cd.1.gz differ
diff --git a/msys2/usr/share/man/man1/chcon.1.gz b/msys2/usr/share/man/man1/chcon.1.gz
index 0a9714c2f..a09ce86e3 100644
Binary files a/msys2/usr/share/man/man1/chcon.1.gz and b/msys2/usr/share/man/man1/chcon.1.gz differ
diff --git a/msys2/usr/share/man/man1/chgrp.1.gz b/msys2/usr/share/man/man1/chgrp.1.gz
index 4768a0a03..1ec4f4533 100644
Binary files a/msys2/usr/share/man/man1/chgrp.1.gz and b/msys2/usr/share/man/man1/chgrp.1.gz differ
diff --git a/msys2/usr/share/man/man1/chmod.1.gz b/msys2/usr/share/man/man1/chmod.1.gz
index 12b4c5408..c69369f3d 100644
Binary files a/msys2/usr/share/man/man1/chmod.1.gz and b/msys2/usr/share/man/man1/chmod.1.gz differ
diff --git a/msys2/usr/share/man/man1/chown.1.gz b/msys2/usr/share/man/man1/chown.1.gz
index 93a1787cd..30065cc20 100644
Binary files a/msys2/usr/share/man/man1/chown.1.gz and b/msys2/usr/share/man/man1/chown.1.gz differ
diff --git a/msys2/usr/share/man/man1/chroot.1.gz b/msys2/usr/share/man/man1/chroot.1.gz
index 2e3077240..ee7d81741 100644
Binary files a/msys2/usr/share/man/man1/chroot.1.gz and b/msys2/usr/share/man/man1/chroot.1.gz differ
diff --git a/msys2/usr/share/man/man1/ciphers.1ssl.gz b/msys2/usr/share/man/man1/ciphers.1ssl.gz
index 5c1ec30dc..9d1483e40 100644
Binary files a/msys2/usr/share/man/man1/ciphers.1ssl.gz and b/msys2/usr/share/man/man1/ciphers.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/cksum.1.gz b/msys2/usr/share/man/man1/cksum.1.gz
index 755b4146d..04d2d6548 100644
Binary files a/msys2/usr/share/man/man1/cksum.1.gz and b/msys2/usr/share/man/man1/cksum.1.gz differ
diff --git a/msys2/usr/share/man/man1/clear.1.gz b/msys2/usr/share/man/man1/clear.1.gz
index 92287cb19..3e85d1e57 100644
Binary files a/msys2/usr/share/man/man1/clear.1.gz and b/msys2/usr/share/man/man1/clear.1.gz differ
diff --git a/msys2/usr/share/man/man1/cms.1ssl.gz b/msys2/usr/share/man/man1/cms.1ssl.gz
index 33c483a4c..080609cd8 100644
Binary files a/msys2/usr/share/man/man1/cms.1ssl.gz and b/msys2/usr/share/man/man1/cms.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/col.1.gz b/msys2/usr/share/man/man1/col.1.gz
index 55d93a4f7..621202ab1 100644
Binary files a/msys2/usr/share/man/man1/col.1.gz and b/msys2/usr/share/man/man1/col.1.gz differ
diff --git a/msys2/usr/share/man/man1/colcrt.1.gz b/msys2/usr/share/man/man1/colcrt.1.gz
index 34a20dcde..1892d4a94 100644
Binary files a/msys2/usr/share/man/man1/colcrt.1.gz and b/msys2/usr/share/man/man1/colcrt.1.gz differ
diff --git a/msys2/usr/share/man/man1/colrm.1.gz b/msys2/usr/share/man/man1/colrm.1.gz
index e52418528..62fdcc821 100644
Binary files a/msys2/usr/share/man/man1/colrm.1.gz and b/msys2/usr/share/man/man1/colrm.1.gz differ
diff --git a/msys2/usr/share/man/man1/column.1.gz b/msys2/usr/share/man/man1/column.1.gz
index 77d69b001..bce19b570 100644
Binary files a/msys2/usr/share/man/man1/column.1.gz and b/msys2/usr/share/man/man1/column.1.gz differ
diff --git a/msys2/usr/share/man/man1/comm.1.gz b/msys2/usr/share/man/man1/comm.1.gz
index 26e35fdb9..ec8142834 100644
Binary files a/msys2/usr/share/man/man1/comm.1.gz and b/msys2/usr/share/man/man1/comm.1.gz differ
diff --git a/msys2/usr/share/man/man1/command.1.gz b/msys2/usr/share/man/man1/command.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/command.1.gz and b/msys2/usr/share/man/man1/command.1.gz differ
diff --git a/msys2/usr/share/man/man1/compgen.1.gz b/msys2/usr/share/man/man1/compgen.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/compgen.1.gz and b/msys2/usr/share/man/man1/compgen.1.gz differ
diff --git a/msys2/usr/share/man/man1/complete.1.gz b/msys2/usr/share/man/man1/complete.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/complete.1.gz and b/msys2/usr/share/man/man1/complete.1.gz differ
diff --git a/msys2/usr/share/man/man1/continue.1.gz b/msys2/usr/share/man/man1/continue.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/continue.1.gz and b/msys2/usr/share/man/man1/continue.1.gz differ
diff --git a/msys2/usr/share/man/man1/cp.1.gz b/msys2/usr/share/man/man1/cp.1.gz
index b5625edce..e1e827201 100644
Binary files a/msys2/usr/share/man/man1/cp.1.gz and b/msys2/usr/share/man/man1/cp.1.gz differ
diff --git a/msys2/usr/share/man/man1/crl.1ssl.gz b/msys2/usr/share/man/man1/crl.1ssl.gz
index 7a9cbd79d..ce8658926 100644
Binary files a/msys2/usr/share/man/man1/crl.1ssl.gz and b/msys2/usr/share/man/man1/crl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/crl2pkcs7.1ssl.gz b/msys2/usr/share/man/man1/crl2pkcs7.1ssl.gz
index a6b2c5ada..ef594d710 100644
Binary files a/msys2/usr/share/man/man1/crl2pkcs7.1ssl.gz and b/msys2/usr/share/man/man1/crl2pkcs7.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/csplit.1.gz b/msys2/usr/share/man/man1/csplit.1.gz
index 2d1f95699..6957109b1 100644
Binary files a/msys2/usr/share/man/man1/csplit.1.gz and b/msys2/usr/share/man/man1/csplit.1.gz differ
diff --git a/msys2/usr/share/man/man1/curl-config.1.gz b/msys2/usr/share/man/man1/curl-config.1.gz
index c7d153da4..e19042eb8 100644
Binary files a/msys2/usr/share/man/man1/curl-config.1.gz and b/msys2/usr/share/man/man1/curl-config.1.gz differ
diff --git a/msys2/usr/share/man/man1/curl.1.gz b/msys2/usr/share/man/man1/curl.1.gz
index 4dff90480..ce6a9d25a 100644
Binary files a/msys2/usr/share/man/man1/curl.1.gz and b/msys2/usr/share/man/man1/curl.1.gz differ
diff --git a/msys2/usr/share/man/man1/cut.1.gz b/msys2/usr/share/man/man1/cut.1.gz
index a5bd393cc..8bdcd0c0c 100644
Binary files a/msys2/usr/share/man/man1/cut.1.gz and b/msys2/usr/share/man/man1/cut.1.gz differ
diff --git a/msys2/usr/share/man/man1/dash.1.gz b/msys2/usr/share/man/man1/dash.1.gz
index f51e0d3b2..17e3cce6d 100644
Binary files a/msys2/usr/share/man/man1/dash.1.gz and b/msys2/usr/share/man/man1/dash.1.gz differ
diff --git a/msys2/usr/share/man/man1/date.1.gz b/msys2/usr/share/man/man1/date.1.gz
index 12249e672..d83541048 100644
Binary files a/msys2/usr/share/man/man1/date.1.gz and b/msys2/usr/share/man/man1/date.1.gz differ
diff --git a/msys2/usr/share/man/man1/dd.1.gz b/msys2/usr/share/man/man1/dd.1.gz
index 9f6ca103c..490ea5acb 100644
Binary files a/msys2/usr/share/man/man1/dd.1.gz and b/msys2/usr/share/man/man1/dd.1.gz differ
diff --git a/msys2/usr/share/man/man1/declare.1.gz b/msys2/usr/share/man/man1/declare.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/declare.1.gz and b/msys2/usr/share/man/man1/declare.1.gz differ
diff --git a/msys2/usr/share/man/man1/df.1.gz b/msys2/usr/share/man/man1/df.1.gz
index 2f9ae8c05..6589c6490 100644
Binary files a/msys2/usr/share/man/man1/df.1.gz and b/msys2/usr/share/man/man1/df.1.gz differ
diff --git a/msys2/usr/share/man/man1/dgst.1ssl.gz b/msys2/usr/share/man/man1/dgst.1ssl.gz
index b6553717a..2cafb88a6 100644
Binary files a/msys2/usr/share/man/man1/dgst.1ssl.gz and b/msys2/usr/share/man/man1/dgst.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/dhparam.1ssl.gz b/msys2/usr/share/man/man1/dhparam.1ssl.gz
index 0f526bb3f..ae82645ea 100644
Binary files a/msys2/usr/share/man/man1/dhparam.1ssl.gz and b/msys2/usr/share/man/man1/dhparam.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/dir.1.gz b/msys2/usr/share/man/man1/dir.1.gz
index b8b5e9152..37460fca2 100644
Binary files a/msys2/usr/share/man/man1/dir.1.gz and b/msys2/usr/share/man/man1/dir.1.gz differ
diff --git a/msys2/usr/share/man/man1/dircolors.1.gz b/msys2/usr/share/man/man1/dircolors.1.gz
index cf9b0078c..158fb7914 100644
Binary files a/msys2/usr/share/man/man1/dircolors.1.gz and b/msys2/usr/share/man/man1/dircolors.1.gz differ
diff --git a/msys2/usr/share/man/man1/dirmngr-client.1.gz b/msys2/usr/share/man/man1/dirmngr-client.1.gz
new file mode 100644
index 000000000..bb64272ba
Binary files /dev/null and b/msys2/usr/share/man/man1/dirmngr-client.1.gz differ
diff --git a/msys2/usr/share/man/man1/dirname.1.gz b/msys2/usr/share/man/man1/dirname.1.gz
index 26ff453ad..62430b93f 100644
Binary files a/msys2/usr/share/man/man1/dirname.1.gz and b/msys2/usr/share/man/man1/dirname.1.gz differ
diff --git a/msys2/usr/share/man/man1/dirs.1.gz b/msys2/usr/share/man/man1/dirs.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/dirs.1.gz and b/msys2/usr/share/man/man1/dirs.1.gz differ
diff --git a/msys2/usr/share/man/man1/disown.1.gz b/msys2/usr/share/man/man1/disown.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/disown.1.gz and b/msys2/usr/share/man/man1/disown.1.gz differ
diff --git a/msys2/usr/share/man/man1/dnsdomainname.1.gz b/msys2/usr/share/man/man1/dnsdomainname.1.gz
index b48e684f1..ecfcea7f0 100644
Binary files a/msys2/usr/share/man/man1/dnsdomainname.1.gz and b/msys2/usr/share/man/man1/dnsdomainname.1.gz differ
diff --git a/msys2/usr/share/man/man1/do.1.gz b/msys2/usr/share/man/man1/do.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/do.1.gz and b/msys2/usr/share/man/man1/do.1.gz differ
diff --git a/msys2/usr/share/man/man1/done.1.gz b/msys2/usr/share/man/man1/done.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/done.1.gz and b/msys2/usr/share/man/man1/done.1.gz differ
diff --git a/msys2/usr/share/man/man1/dsa.1ssl.gz b/msys2/usr/share/man/man1/dsa.1ssl.gz
index ab1004c92..4898f48aa 100644
Binary files a/msys2/usr/share/man/man1/dsa.1ssl.gz and b/msys2/usr/share/man/man1/dsa.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/dsaparam.1ssl.gz b/msys2/usr/share/man/man1/dsaparam.1ssl.gz
index 02ab6ba9f..6d3cb06c2 100644
Binary files a/msys2/usr/share/man/man1/dsaparam.1ssl.gz and b/msys2/usr/share/man/man1/dsaparam.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/dss1.1ssl.gz b/msys2/usr/share/man/man1/dss1.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/dss1.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/du.1.gz b/msys2/usr/share/man/man1/du.1.gz
index c84f8af26..90e09db09 100644
Binary files a/msys2/usr/share/man/man1/du.1.gz and b/msys2/usr/share/man/man1/du.1.gz differ
diff --git a/msys2/usr/share/man/man1/ec.1ssl.gz b/msys2/usr/share/man/man1/ec.1ssl.gz
index 3b38821dc..9c01a78f8 100644
Binary files a/msys2/usr/share/man/man1/ec.1ssl.gz and b/msys2/usr/share/man/man1/ec.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/echo.1.gz b/msys2/usr/share/man/man1/echo.1.gz
index 9c8f40174..88b7a3b84 100644
Binary files a/msys2/usr/share/man/man1/echo.1.gz and b/msys2/usr/share/man/man1/echo.1.gz differ
diff --git a/msys2/usr/share/man/man1/ecparam.1ssl.gz b/msys2/usr/share/man/man1/ecparam.1ssl.gz
index c81501428..3b787e833 100644
Binary files a/msys2/usr/share/man/man1/ecparam.1ssl.gz and b/msys2/usr/share/man/man1/ecparam.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/elif.1.gz b/msys2/usr/share/man/man1/elif.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/elif.1.gz and b/msys2/usr/share/man/man1/elif.1.gz differ
diff --git a/msys2/usr/share/man/man1/else.1.gz b/msys2/usr/share/man/man1/else.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/else.1.gz and b/msys2/usr/share/man/man1/else.1.gz differ
diff --git a/msys2/usr/share/man/man1/enable.1.gz b/msys2/usr/share/man/man1/enable.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/enable.1.gz and b/msys2/usr/share/man/man1/enable.1.gz differ
diff --git a/msys2/usr/share/man/man1/enc.1ssl.gz b/msys2/usr/share/man/man1/enc.1ssl.gz
index 484502fc6..de3f8c5c5 100644
Binary files a/msys2/usr/share/man/man1/enc.1ssl.gz and b/msys2/usr/share/man/man1/enc.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/engine.1ssl.gz b/msys2/usr/share/man/man1/engine.1ssl.gz
new file mode 100644
index 000000000..463ead61e
Binary files /dev/null and b/msys2/usr/share/man/man1/engine.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/env.1.gz b/msys2/usr/share/man/man1/env.1.gz
index 2f738fa45..9bc14588e 100644
Binary files a/msys2/usr/share/man/man1/env.1.gz and b/msys2/usr/share/man/man1/env.1.gz differ
diff --git a/msys2/usr/share/man/man1/errstr.1ssl.gz b/msys2/usr/share/man/man1/errstr.1ssl.gz
index b3bbe3527..e6bcfd7da 100644
Binary files a/msys2/usr/share/man/man1/errstr.1ssl.gz and b/msys2/usr/share/man/man1/errstr.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/esac.1.gz b/msys2/usr/share/man/man1/esac.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/esac.1.gz and b/msys2/usr/share/man/man1/esac.1.gz differ
diff --git a/msys2/usr/share/man/man1/eval.1.gz b/msys2/usr/share/man/man1/eval.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/eval.1.gz and b/msys2/usr/share/man/man1/eval.1.gz differ
diff --git a/msys2/usr/share/man/man1/exec.1.gz b/msys2/usr/share/man/man1/exec.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/exec.1.gz and b/msys2/usr/share/man/man1/exec.1.gz differ
diff --git a/msys2/usr/share/man/man1/exit.1.gz b/msys2/usr/share/man/man1/exit.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/exit.1.gz and b/msys2/usr/share/man/man1/exit.1.gz differ
diff --git a/msys2/usr/share/man/man1/expand.1.gz b/msys2/usr/share/man/man1/expand.1.gz
index f65a62558..fe78c9164 100644
Binary files a/msys2/usr/share/man/man1/expand.1.gz and b/msys2/usr/share/man/man1/expand.1.gz differ
diff --git a/msys2/usr/share/man/man1/export.1.gz b/msys2/usr/share/man/man1/export.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/export.1.gz and b/msys2/usr/share/man/man1/export.1.gz differ
diff --git a/msys2/usr/share/man/man1/expr.1.gz b/msys2/usr/share/man/man1/expr.1.gz
index bb04d8c0e..89ab3eb54 100644
Binary files a/msys2/usr/share/man/man1/expr.1.gz and b/msys2/usr/share/man/man1/expr.1.gz differ
diff --git a/msys2/usr/share/man/man1/factor.1.gz b/msys2/usr/share/man/man1/factor.1.gz
index 23654df6e..0b6f66dc6 100644
Binary files a/msys2/usr/share/man/man1/factor.1.gz and b/msys2/usr/share/man/man1/factor.1.gz differ
diff --git a/msys2/usr/share/man/man1/false.1.gz b/msys2/usr/share/man/man1/false.1.gz
index 6f582fb1c..4f7175185 100644
Binary files a/msys2/usr/share/man/man1/false.1.gz and b/msys2/usr/share/man/man1/false.1.gz differ
diff --git a/msys2/usr/share/man/man1/fc.1.gz b/msys2/usr/share/man/man1/fc.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/fc.1.gz and b/msys2/usr/share/man/man1/fc.1.gz differ
diff --git a/msys2/usr/share/man/man1/fg.1.gz b/msys2/usr/share/man/man1/fg.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/fg.1.gz and b/msys2/usr/share/man/man1/fg.1.gz differ
diff --git a/msys2/usr/share/man/man1/fi.1.gz b/msys2/usr/share/man/man1/fi.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/fi.1.gz and b/msys2/usr/share/man/man1/fi.1.gz differ
diff --git a/msys2/usr/share/man/man1/file.1.gz b/msys2/usr/share/man/man1/file.1.gz
index 4166fa7f8..6b13fd63b 100644
Binary files a/msys2/usr/share/man/man1/file.1.gz and b/msys2/usr/share/man/man1/file.1.gz differ
diff --git a/msys2/usr/share/man/man1/flock.1.gz b/msys2/usr/share/man/man1/flock.1.gz
index 3f174db3e..b0723fc90 100644
Binary files a/msys2/usr/share/man/man1/flock.1.gz and b/msys2/usr/share/man/man1/flock.1.gz differ
diff --git a/msys2/usr/share/man/man1/fmt.1.gz b/msys2/usr/share/man/man1/fmt.1.gz
index fcc094825..1062989c7 100644
Binary files a/msys2/usr/share/man/man1/fmt.1.gz and b/msys2/usr/share/man/man1/fmt.1.gz differ
diff --git a/msys2/usr/share/man/man1/fold.1.gz b/msys2/usr/share/man/man1/fold.1.gz
index db1dc04d1..4c45998a9 100644
Binary files a/msys2/usr/share/man/man1/fold.1.gz and b/msys2/usr/share/man/man1/fold.1.gz differ
diff --git a/msys2/usr/share/man/man1/for.1.gz b/msys2/usr/share/man/man1/for.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/for.1.gz and b/msys2/usr/share/man/man1/for.1.gz differ
diff --git a/msys2/usr/share/man/man1/ftp.1.gz b/msys2/usr/share/man/man1/ftp.1.gz
index 9845d4b87..240c36e44 100644
Binary files a/msys2/usr/share/man/man1/ftp.1.gz and b/msys2/usr/share/man/man1/ftp.1.gz differ
diff --git a/msys2/usr/share/man/man1/function.1.gz b/msys2/usr/share/man/man1/function.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/function.1.gz and b/msys2/usr/share/man/man1/function.1.gz differ
diff --git a/msys2/usr/share/man/man1/gawk.1.gz b/msys2/usr/share/man/man1/gawk.1.gz
index 115641275..ffb1f4956 100644
Binary files a/msys2/usr/share/man/man1/gawk.1.gz and b/msys2/usr/share/man/man1/gawk.1.gz differ
diff --git a/msys2/usr/share/man/man1/gendsa.1ssl.gz b/msys2/usr/share/man/man1/gendsa.1ssl.gz
index 693026ff5..3106b59aa 100644
Binary files a/msys2/usr/share/man/man1/gendsa.1ssl.gz and b/msys2/usr/share/man/man1/gendsa.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/genpkey.1ssl.gz b/msys2/usr/share/man/man1/genpkey.1ssl.gz
index 96844ebcf..00dd633a3 100644
Binary files a/msys2/usr/share/man/man1/genpkey.1ssl.gz and b/msys2/usr/share/man/man1/genpkey.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/genrsa.1ssl.gz b/msys2/usr/share/man/man1/genrsa.1ssl.gz
index 44242c1bb..62e2bb51a 100644
Binary files a/msys2/usr/share/man/man1/genrsa.1ssl.gz and b/msys2/usr/share/man/man1/genrsa.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/getopt.1.gz b/msys2/usr/share/man/man1/getopt.1.gz
index e5f968f4d..019d38585 100644
Binary files a/msys2/usr/share/man/man1/getopt.1.gz and b/msys2/usr/share/man/man1/getopt.1.gz differ
diff --git a/msys2/usr/share/man/man1/getopts.1.gz b/msys2/usr/share/man/man1/getopts.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/getopts.1.gz and b/msys2/usr/share/man/man1/getopts.1.gz differ
diff --git a/msys2/usr/share/man/man1/gkill.1.gz b/msys2/usr/share/man/man1/gkill.1.gz
index 9c5bf46ba..f9dc17733 100644
Binary files a/msys2/usr/share/man/man1/gkill.1.gz and b/msys2/usr/share/man/man1/gkill.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpg-agent.1.gz b/msys2/usr/share/man/man1/gpg-agent.1.gz
new file mode 100644
index 000000000..2162638f7
Binary files /dev/null and b/msys2/usr/share/man/man1/gpg-agent.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpg-connect-agent.1.gz b/msys2/usr/share/man/man1/gpg-connect-agent.1.gz
new file mode 100644
index 000000000..7d1171293
Binary files /dev/null and b/msys2/usr/share/man/man1/gpg-connect-agent.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpg-preset-passphrase.1.gz b/msys2/usr/share/man/man1/gpg-preset-passphrase.1.gz
new file mode 100644
index 000000000..e7b89a57c
Binary files /dev/null and b/msys2/usr/share/man/man1/gpg-preset-passphrase.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpg-wks-client.1.gz b/msys2/usr/share/man/man1/gpg-wks-client.1.gz
new file mode 100644
index 000000000..0593312fb
Binary files /dev/null and b/msys2/usr/share/man/man1/gpg-wks-client.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpg-wks-server.1.gz b/msys2/usr/share/man/man1/gpg-wks-server.1.gz
new file mode 100644
index 000000000..58d99c7f4
Binary files /dev/null and b/msys2/usr/share/man/man1/gpg-wks-server.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpg-zip.1.gz b/msys2/usr/share/man/man1/gpg-zip.1.gz
deleted file mode 100644
index 26611edc3..000000000
Binary files a/msys2/usr/share/man/man1/gpg-zip.1.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/gpg.1.gz b/msys2/usr/share/man/man1/gpg.1.gz
index aff6bed71..709a85811 100644
Binary files a/msys2/usr/share/man/man1/gpg.1.gz and b/msys2/usr/share/man/man1/gpg.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpgconf.1.gz b/msys2/usr/share/man/man1/gpgconf.1.gz
new file mode 100644
index 000000000..b18f18f69
Binary files /dev/null and b/msys2/usr/share/man/man1/gpgconf.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpgparsemail.1.gz b/msys2/usr/share/man/man1/gpgparsemail.1.gz
new file mode 100644
index 000000000..d761c9a7b
Binary files /dev/null and b/msys2/usr/share/man/man1/gpgparsemail.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpgsm.1.gz b/msys2/usr/share/man/man1/gpgsm.1.gz
new file mode 100644
index 000000000..d6cdc9a44
Binary files /dev/null and b/msys2/usr/share/man/man1/gpgsm.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpgtar.1.gz b/msys2/usr/share/man/man1/gpgtar.1.gz
new file mode 100644
index 000000000..ff91b001d
Binary files /dev/null and b/msys2/usr/share/man/man1/gpgtar.1.gz differ
diff --git a/msys2/usr/share/man/man1/gpgv.1.gz b/msys2/usr/share/man/man1/gpgv.1.gz
index 86ef4b189..8783a89f3 100644
Binary files a/msys2/usr/share/man/man1/gpgv.1.gz and b/msys2/usr/share/man/man1/gpgv.1.gz differ
diff --git a/msys2/usr/share/man/man1/groups.1.gz b/msys2/usr/share/man/man1/groups.1.gz
index 8c321fbf5..b9c3c0fb8 100644
Binary files a/msys2/usr/share/man/man1/groups.1.gz and b/msys2/usr/share/man/man1/groups.1.gz differ
diff --git a/msys2/usr/share/man/man1/hash.1.gz b/msys2/usr/share/man/man1/hash.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/hash.1.gz and b/msys2/usr/share/man/man1/hash.1.gz differ
diff --git a/msys2/usr/share/man/man1/head.1.gz b/msys2/usr/share/man/man1/head.1.gz
index 9e90a763c..4a7af06df 100644
Binary files a/msys2/usr/share/man/man1/head.1.gz and b/msys2/usr/share/man/man1/head.1.gz differ
diff --git a/msys2/usr/share/man/man1/help.1.gz b/msys2/usr/share/man/man1/help.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/help.1.gz and b/msys2/usr/share/man/man1/help.1.gz differ
diff --git a/msys2/usr/share/man/man1/hexdump.1.gz b/msys2/usr/share/man/man1/hexdump.1.gz
index e909c5c7a..b87806aa0 100644
Binary files a/msys2/usr/share/man/man1/hexdump.1.gz and b/msys2/usr/share/man/man1/hexdump.1.gz differ
diff --git a/msys2/usr/share/man/man1/history.1.gz b/msys2/usr/share/man/man1/history.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/history.1.gz and b/msys2/usr/share/man/man1/history.1.gz differ
diff --git a/msys2/usr/share/man/man1/hostid.1.gz b/msys2/usr/share/man/man1/hostid.1.gz
index 3ea1dbe67..091efda56 100644
Binary files a/msys2/usr/share/man/man1/hostid.1.gz and b/msys2/usr/share/man/man1/hostid.1.gz differ
diff --git a/msys2/usr/share/man/man1/hostname.1.gz b/msys2/usr/share/man/man1/hostname.1.gz
index e401f6481..a407b3d73 100644
Binary files a/msys2/usr/share/man/man1/hostname.1.gz and b/msys2/usr/share/man/man1/hostname.1.gz differ
diff --git a/msys2/usr/share/man/man1/id.1.gz b/msys2/usr/share/man/man1/id.1.gz
index 9d6990601..a6141fcc3 100644
Binary files a/msys2/usr/share/man/man1/id.1.gz and b/msys2/usr/share/man/man1/id.1.gz differ
diff --git a/msys2/usr/share/man/man1/idn2.1.gz b/msys2/usr/share/man/man1/idn2.1.gz
index 2ebf06c05..ff3842326 100644
Binary files a/msys2/usr/share/man/man1/idn2.1.gz and b/msys2/usr/share/man/man1/idn2.1.gz differ
diff --git a/msys2/usr/share/man/man1/if.1.gz b/msys2/usr/share/man/man1/if.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/if.1.gz and b/msys2/usr/share/man/man1/if.1.gz differ
diff --git a/msys2/usr/share/man/man1/in.1.gz b/msys2/usr/share/man/man1/in.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/in.1.gz and b/msys2/usr/share/man/man1/in.1.gz differ
diff --git a/msys2/usr/share/man/man1/info.1.gz b/msys2/usr/share/man/man1/info.1.gz
index 904db9f72..5c5bba966 100644
Binary files a/msys2/usr/share/man/man1/info.1.gz and b/msys2/usr/share/man/man1/info.1.gz differ
diff --git a/msys2/usr/share/man/man1/infocmp.1m.gz b/msys2/usr/share/man/man1/infocmp.1m.gz
index 105f9f4e1..9eee5d5cf 100644
Binary files a/msys2/usr/share/man/man1/infocmp.1m.gz and b/msys2/usr/share/man/man1/infocmp.1m.gz differ
diff --git a/msys2/usr/share/man/man1/infotocap.1m.gz b/msys2/usr/share/man/man1/infotocap.1m.gz
index 63ebd4739..b7e7ae2e0 100644
Binary files a/msys2/usr/share/man/man1/infotocap.1m.gz and b/msys2/usr/share/man/man1/infotocap.1m.gz differ
diff --git a/msys2/usr/share/man/man1/install-info.1.gz b/msys2/usr/share/man/man1/install-info.1.gz
index 78fa9432c..f054812ae 100644
Binary files a/msys2/usr/share/man/man1/install-info.1.gz and b/msys2/usr/share/man/man1/install-info.1.gz differ
diff --git a/msys2/usr/share/man/man1/install.1.gz b/msys2/usr/share/man/man1/install.1.gz
index 980c8fc35..bd55fa4a9 100644
Binary files a/msys2/usr/share/man/man1/install.1.gz and b/msys2/usr/share/man/man1/install.1.gz differ
diff --git a/msys2/usr/share/man/man1/ipcmk.1.gz b/msys2/usr/share/man/man1/ipcmk.1.gz
index d9e80c597..c8d536e96 100644
Binary files a/msys2/usr/share/man/man1/ipcmk.1.gz and b/msys2/usr/share/man/man1/ipcmk.1.gz differ
diff --git a/msys2/usr/share/man/man1/jobs.1.gz b/msys2/usr/share/man/man1/jobs.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/jobs.1.gz and b/msys2/usr/share/man/man1/jobs.1.gz differ
diff --git a/msys2/usr/share/man/man1/join.1.gz b/msys2/usr/share/man/man1/join.1.gz
index d1d29a05e..3aa14e575 100644
Binary files a/msys2/usr/share/man/man1/join.1.gz and b/msys2/usr/share/man/man1/join.1.gz differ
diff --git a/msys2/usr/share/man/man1/less.1.gz b/msys2/usr/share/man/man1/less.1.gz
index 48401c177..073158447 100644
Binary files a/msys2/usr/share/man/man1/less.1.gz and b/msys2/usr/share/man/man1/less.1.gz differ
diff --git a/msys2/usr/share/man/man1/lessecho.1.gz b/msys2/usr/share/man/man1/lessecho.1.gz
index 3a1494dbf..c6bca1064 100644
Binary files a/msys2/usr/share/man/man1/lessecho.1.gz and b/msys2/usr/share/man/man1/lessecho.1.gz differ
diff --git a/msys2/usr/share/man/man1/lesskey.1.gz b/msys2/usr/share/man/man1/lesskey.1.gz
index 7f31317ec..3ef0a4430 100644
Binary files a/msys2/usr/share/man/man1/lesskey.1.gz and b/msys2/usr/share/man/man1/lesskey.1.gz differ
diff --git a/msys2/usr/share/man/man1/let.1.gz b/msys2/usr/share/man/man1/let.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/let.1.gz and b/msys2/usr/share/man/man1/let.1.gz differ
diff --git a/msys2/usr/share/man/man1/link.1.gz b/msys2/usr/share/man/man1/link.1.gz
index 5554ae8c1..833581d84 100644
Binary files a/msys2/usr/share/man/man1/link.1.gz and b/msys2/usr/share/man/man1/link.1.gz differ
diff --git a/msys2/usr/share/man/man1/list.1ssl.gz b/msys2/usr/share/man/man1/list.1ssl.gz
new file mode 100644
index 000000000..a6044ae77
Binary files /dev/null and b/msys2/usr/share/man/man1/list.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/ln.1.gz b/msys2/usr/share/man/man1/ln.1.gz
index 67b599e50..35a056ed3 100644
Binary files a/msys2/usr/share/man/man1/ln.1.gz and b/msys2/usr/share/man/man1/ln.1.gz differ
diff --git a/msys2/usr/share/man/man1/local.1.gz b/msys2/usr/share/man/man1/local.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/local.1.gz and b/msys2/usr/share/man/man1/local.1.gz differ
diff --git a/msys2/usr/share/man/man1/logger.1.gz b/msys2/usr/share/man/man1/logger.1.gz
index 7336e5a72..da456cac8 100644
Binary files a/msys2/usr/share/man/man1/logger.1.gz and b/msys2/usr/share/man/man1/logger.1.gz differ
diff --git a/msys2/usr/share/man/man1/logname.1.gz b/msys2/usr/share/man/man1/logname.1.gz
index 48716e478..1e8fdfeed 100644
Binary files a/msys2/usr/share/man/man1/logname.1.gz and b/msys2/usr/share/man/man1/logname.1.gz differ
diff --git a/msys2/usr/share/man/man1/logout.1.gz b/msys2/usr/share/man/man1/logout.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/logout.1.gz and b/msys2/usr/share/man/man1/logout.1.gz differ
diff --git a/msys2/usr/share/man/man1/look.1.gz b/msys2/usr/share/man/man1/look.1.gz
index 165fb8645..e932d5f88 100644
Binary files a/msys2/usr/share/man/man1/look.1.gz and b/msys2/usr/share/man/man1/look.1.gz differ
diff --git a/msys2/usr/share/man/man1/ls.1.gz b/msys2/usr/share/man/man1/ls.1.gz
index e1da5ba9b..5ada9ec03 100644
Binary files a/msys2/usr/share/man/man1/ls.1.gz and b/msys2/usr/share/man/man1/ls.1.gz differ
diff --git a/msys2/usr/share/man/man1/lzcat.1.gz b/msys2/usr/share/man/man1/lzcat.1.gz
index 49b744ca0..360f8cf49 100644
Binary files a/msys2/usr/share/man/man1/lzcat.1.gz and b/msys2/usr/share/man/man1/lzcat.1.gz differ
diff --git a/msys2/usr/share/man/man1/lzma.1.gz b/msys2/usr/share/man/man1/lzma.1.gz
index 49b744ca0..360f8cf49 100644
Binary files a/msys2/usr/share/man/man1/lzma.1.gz and b/msys2/usr/share/man/man1/lzma.1.gz differ
diff --git a/msys2/usr/share/man/man1/lzmadec.1.gz b/msys2/usr/share/man/man1/lzmadec.1.gz
index 8728689d7..90183852d 100644
Binary files a/msys2/usr/share/man/man1/lzmadec.1.gz and b/msys2/usr/share/man/man1/lzmadec.1.gz differ
diff --git a/msys2/usr/share/man/man1/makepkg-template.1.gz b/msys2/usr/share/man/man1/makepkg-template.1.gz
index 35508de01..4728e1b07 100644
Binary files a/msys2/usr/share/man/man1/makepkg-template.1.gz and b/msys2/usr/share/man/man1/makepkg-template.1.gz differ
diff --git a/msys2/usr/share/man/man1/mcookie.1.gz b/msys2/usr/share/man/man1/mcookie.1.gz
index 83a0c917c..f82191b00 100644
Binary files a/msys2/usr/share/man/man1/mcookie.1.gz and b/msys2/usr/share/man/man1/mcookie.1.gz differ
diff --git a/msys2/usr/share/man/man1/md2.1ssl.gz b/msys2/usr/share/man/man1/md2.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/md2.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/md4.1ssl.gz b/msys2/usr/share/man/man1/md4.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/md4.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/md5.1ssl.gz b/msys2/usr/share/man/man1/md5.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/md5.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/md5sum.1.gz b/msys2/usr/share/man/man1/md5sum.1.gz
index aed083f49..8f27c16a1 100644
Binary files a/msys2/usr/share/man/man1/md5sum.1.gz and b/msys2/usr/share/man/man1/md5sum.1.gz differ
diff --git a/msys2/usr/share/man/man1/mdc2.1ssl.gz b/msys2/usr/share/man/man1/mdc2.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/mdc2.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/mintty.1.gz b/msys2/usr/share/man/man1/mintty.1.gz
index e431c79a2..715f2a6ab 100644
Binary files a/msys2/usr/share/man/man1/mintty.1.gz and b/msys2/usr/share/man/man1/mintty.1.gz differ
diff --git a/msys2/usr/share/man/man1/mkdir.1.gz b/msys2/usr/share/man/man1/mkdir.1.gz
index f2b4a87ad..d058f0550 100644
Binary files a/msys2/usr/share/man/man1/mkdir.1.gz and b/msys2/usr/share/man/man1/mkdir.1.gz differ
diff --git a/msys2/usr/share/man/man1/mkfifo.1.gz b/msys2/usr/share/man/man1/mkfifo.1.gz
index b0c2220a4..c7e70c9da 100644
Binary files a/msys2/usr/share/man/man1/mkfifo.1.gz and b/msys2/usr/share/man/man1/mkfifo.1.gz differ
diff --git a/msys2/usr/share/man/man1/mknod.1.gz b/msys2/usr/share/man/man1/mknod.1.gz
index b50efd3c7..11e70319f 100644
Binary files a/msys2/usr/share/man/man1/mknod.1.gz and b/msys2/usr/share/man/man1/mknod.1.gz differ
diff --git a/msys2/usr/share/man/man1/mktemp.1.gz b/msys2/usr/share/man/man1/mktemp.1.gz
index bc6936545..c7f72441d 100644
Binary files a/msys2/usr/share/man/man1/mktemp.1.gz and b/msys2/usr/share/man/man1/mktemp.1.gz differ
diff --git a/msys2/usr/share/man/man1/more.1.gz b/msys2/usr/share/man/man1/more.1.gz
index 4a20ee4bb..6c2d687f5 100644
Binary files a/msys2/usr/share/man/man1/more.1.gz and b/msys2/usr/share/man/man1/more.1.gz differ
diff --git a/msys2/usr/share/man/man1/mv.1.gz b/msys2/usr/share/man/man1/mv.1.gz
index ab71b359a..3182c66b4 100644
Binary files a/msys2/usr/share/man/man1/mv.1.gz and b/msys2/usr/share/man/man1/mv.1.gz differ
diff --git a/msys2/usr/share/man/man1/namei.1.gz b/msys2/usr/share/man/man1/namei.1.gz
index 70cf6fa5a..c99aab7b0 100644
Binary files a/msys2/usr/share/man/man1/namei.1.gz and b/msys2/usr/share/man/man1/namei.1.gz differ
diff --git a/msys2/usr/share/man/man1/ncursesw6-config.1.gz b/msys2/usr/share/man/man1/ncursesw6-config.1.gz
index f3e5b5e64..99094643e 100644
Binary files a/msys2/usr/share/man/man1/ncursesw6-config.1.gz and b/msys2/usr/share/man/man1/ncursesw6-config.1.gz differ
diff --git a/msys2/usr/share/man/man1/nice.1.gz b/msys2/usr/share/man/man1/nice.1.gz
index 46fe3281a..9b2b0949f 100644
Binary files a/msys2/usr/share/man/man1/nice.1.gz and b/msys2/usr/share/man/man1/nice.1.gz differ
diff --git a/msys2/usr/share/man/man1/nl.1.gz b/msys2/usr/share/man/man1/nl.1.gz
index b3dca618a..d483b1a17 100644
Binary files a/msys2/usr/share/man/man1/nl.1.gz and b/msys2/usr/share/man/man1/nl.1.gz differ
diff --git a/msys2/usr/share/man/man1/nohup.1.gz b/msys2/usr/share/man/man1/nohup.1.gz
index 9fc22d5c2..095343471 100644
Binary files a/msys2/usr/share/man/man1/nohup.1.gz and b/msys2/usr/share/man/man1/nohup.1.gz differ
diff --git a/msys2/usr/share/man/man1/nproc.1.gz b/msys2/usr/share/man/man1/nproc.1.gz
index 5d552cf20..5e1e2ab1e 100644
Binary files a/msys2/usr/share/man/man1/nproc.1.gz and b/msys2/usr/share/man/man1/nproc.1.gz differ
diff --git a/msys2/usr/share/man/man1/nseq.1ssl.gz b/msys2/usr/share/man/man1/nseq.1ssl.gz
index d0a8a88cf..b273c007b 100644
Binary files a/msys2/usr/share/man/man1/nseq.1ssl.gz and b/msys2/usr/share/man/man1/nseq.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/numfmt.1.gz b/msys2/usr/share/man/man1/numfmt.1.gz
index 507815c4f..30e3c0b22 100644
Binary files a/msys2/usr/share/man/man1/numfmt.1.gz and b/msys2/usr/share/man/man1/numfmt.1.gz differ
diff --git a/msys2/usr/share/man/man1/ocsp.1ssl.gz b/msys2/usr/share/man/man1/ocsp.1ssl.gz
index f41d99c89..e0cf80199 100644
Binary files a/msys2/usr/share/man/man1/ocsp.1ssl.gz and b/msys2/usr/share/man/man1/ocsp.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/od.1.gz b/msys2/usr/share/man/man1/od.1.gz
index bba139030..587a11edb 100644
Binary files a/msys2/usr/share/man/man1/od.1.gz and b/msys2/usr/share/man/man1/od.1.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-asn1parse.1ssl.gz b/msys2/usr/share/man/man1/openssl-asn1parse.1ssl.gz
index 6a94bdc53..c4a11623c 100644
Binary files a/msys2/usr/share/man/man1/openssl-asn1parse.1ssl.gz and b/msys2/usr/share/man/man1/openssl-asn1parse.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-c_rehash.1ssl.gz b/msys2/usr/share/man/man1/openssl-c_rehash.1ssl.gz
new file mode 100644
index 000000000..9be2d8385
Binary files /dev/null and b/msys2/usr/share/man/man1/openssl-c_rehash.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-ca.1ssl.gz b/msys2/usr/share/man/man1/openssl-ca.1ssl.gz
index e95f7526e..8e24f537e 100644
Binary files a/msys2/usr/share/man/man1/openssl-ca.1ssl.gz and b/msys2/usr/share/man/man1/openssl-ca.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-ciphers.1ssl.gz b/msys2/usr/share/man/man1/openssl-ciphers.1ssl.gz
index 5c1ec30dc..9d1483e40 100644
Binary files a/msys2/usr/share/man/man1/openssl-ciphers.1ssl.gz and b/msys2/usr/share/man/man1/openssl-ciphers.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-cms.1ssl.gz b/msys2/usr/share/man/man1/openssl-cms.1ssl.gz
index 33c483a4c..080609cd8 100644
Binary files a/msys2/usr/share/man/man1/openssl-cms.1ssl.gz and b/msys2/usr/share/man/man1/openssl-cms.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-crl.1ssl.gz b/msys2/usr/share/man/man1/openssl-crl.1ssl.gz
index 7a9cbd79d..ce8658926 100644
Binary files a/msys2/usr/share/man/man1/openssl-crl.1ssl.gz and b/msys2/usr/share/man/man1/openssl-crl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-crl2pkcs7.1ssl.gz b/msys2/usr/share/man/man1/openssl-crl2pkcs7.1ssl.gz
index a6b2c5ada..ef594d710 100644
Binary files a/msys2/usr/share/man/man1/openssl-crl2pkcs7.1ssl.gz and b/msys2/usr/share/man/man1/openssl-crl2pkcs7.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-dgst.1ssl.gz b/msys2/usr/share/man/man1/openssl-dgst.1ssl.gz
index b6553717a..2cafb88a6 100644
Binary files a/msys2/usr/share/man/man1/openssl-dgst.1ssl.gz and b/msys2/usr/share/man/man1/openssl-dgst.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-dhparam.1ssl.gz b/msys2/usr/share/man/man1/openssl-dhparam.1ssl.gz
index 0f526bb3f..ae82645ea 100644
Binary files a/msys2/usr/share/man/man1/openssl-dhparam.1ssl.gz and b/msys2/usr/share/man/man1/openssl-dhparam.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-dsa.1ssl.gz b/msys2/usr/share/man/man1/openssl-dsa.1ssl.gz
index ab1004c92..4898f48aa 100644
Binary files a/msys2/usr/share/man/man1/openssl-dsa.1ssl.gz and b/msys2/usr/share/man/man1/openssl-dsa.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-dsaparam.1ssl.gz b/msys2/usr/share/man/man1/openssl-dsaparam.1ssl.gz
index 02ab6ba9f..6d3cb06c2 100644
Binary files a/msys2/usr/share/man/man1/openssl-dsaparam.1ssl.gz and b/msys2/usr/share/man/man1/openssl-dsaparam.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-ec.1ssl.gz b/msys2/usr/share/man/man1/openssl-ec.1ssl.gz
index 3b38821dc..9c01a78f8 100644
Binary files a/msys2/usr/share/man/man1/openssl-ec.1ssl.gz and b/msys2/usr/share/man/man1/openssl-ec.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-ecparam.1ssl.gz b/msys2/usr/share/man/man1/openssl-ecparam.1ssl.gz
index c81501428..3b787e833 100644
Binary files a/msys2/usr/share/man/man1/openssl-ecparam.1ssl.gz and b/msys2/usr/share/man/man1/openssl-ecparam.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-enc.1ssl.gz b/msys2/usr/share/man/man1/openssl-enc.1ssl.gz
index 484502fc6..de3f8c5c5 100644
Binary files a/msys2/usr/share/man/man1/openssl-enc.1ssl.gz and b/msys2/usr/share/man/man1/openssl-enc.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-engine.1ssl.gz b/msys2/usr/share/man/man1/openssl-engine.1ssl.gz
new file mode 100644
index 000000000..463ead61e
Binary files /dev/null and b/msys2/usr/share/man/man1/openssl-engine.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-errstr.1ssl.gz b/msys2/usr/share/man/man1/openssl-errstr.1ssl.gz
index b3bbe3527..e6bcfd7da 100644
Binary files a/msys2/usr/share/man/man1/openssl-errstr.1ssl.gz and b/msys2/usr/share/man/man1/openssl-errstr.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-gendsa.1ssl.gz b/msys2/usr/share/man/man1/openssl-gendsa.1ssl.gz
index 693026ff5..3106b59aa 100644
Binary files a/msys2/usr/share/man/man1/openssl-gendsa.1ssl.gz and b/msys2/usr/share/man/man1/openssl-gendsa.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-genpkey.1ssl.gz b/msys2/usr/share/man/man1/openssl-genpkey.1ssl.gz
index 96844ebcf..00dd633a3 100644
Binary files a/msys2/usr/share/man/man1/openssl-genpkey.1ssl.gz and b/msys2/usr/share/man/man1/openssl-genpkey.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-genrsa.1ssl.gz b/msys2/usr/share/man/man1/openssl-genrsa.1ssl.gz
index 44242c1bb..62e2bb51a 100644
Binary files a/msys2/usr/share/man/man1/openssl-genrsa.1ssl.gz and b/msys2/usr/share/man/man1/openssl-genrsa.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-list.1ssl.gz b/msys2/usr/share/man/man1/openssl-list.1ssl.gz
new file mode 100644
index 000000000..a6044ae77
Binary files /dev/null and b/msys2/usr/share/man/man1/openssl-list.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-nseq.1ssl.gz b/msys2/usr/share/man/man1/openssl-nseq.1ssl.gz
index d0a8a88cf..b273c007b 100644
Binary files a/msys2/usr/share/man/man1/openssl-nseq.1ssl.gz and b/msys2/usr/share/man/man1/openssl-nseq.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-ocsp.1ssl.gz b/msys2/usr/share/man/man1/openssl-ocsp.1ssl.gz
index f41d99c89..e0cf80199 100644
Binary files a/msys2/usr/share/man/man1/openssl-ocsp.1ssl.gz and b/msys2/usr/share/man/man1/openssl-ocsp.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-passwd.1ssl.gz b/msys2/usr/share/man/man1/openssl-passwd.1ssl.gz
index 73e2264c3..c87832599 100644
Binary files a/msys2/usr/share/man/man1/openssl-passwd.1ssl.gz and b/msys2/usr/share/man/man1/openssl-passwd.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-pkcs12.1ssl.gz b/msys2/usr/share/man/man1/openssl-pkcs12.1ssl.gz
index f9661852d..7055274a0 100644
Binary files a/msys2/usr/share/man/man1/openssl-pkcs12.1ssl.gz and b/msys2/usr/share/man/man1/openssl-pkcs12.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-pkcs7.1ssl.gz b/msys2/usr/share/man/man1/openssl-pkcs7.1ssl.gz
index f146eb00e..d8268da2c 100644
Binary files a/msys2/usr/share/man/man1/openssl-pkcs7.1ssl.gz and b/msys2/usr/share/man/man1/openssl-pkcs7.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-pkcs8.1ssl.gz b/msys2/usr/share/man/man1/openssl-pkcs8.1ssl.gz
index 67783814c..fe6738a99 100644
Binary files a/msys2/usr/share/man/man1/openssl-pkcs8.1ssl.gz and b/msys2/usr/share/man/man1/openssl-pkcs8.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-pkey.1ssl.gz b/msys2/usr/share/man/man1/openssl-pkey.1ssl.gz
index bb7b13841..db38c0eae 100644
Binary files a/msys2/usr/share/man/man1/openssl-pkey.1ssl.gz and b/msys2/usr/share/man/man1/openssl-pkey.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-pkeyparam.1ssl.gz b/msys2/usr/share/man/man1/openssl-pkeyparam.1ssl.gz
index 44c619216..c14a0feaf 100644
Binary files a/msys2/usr/share/man/man1/openssl-pkeyparam.1ssl.gz and b/msys2/usr/share/man/man1/openssl-pkeyparam.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-pkeyutl.1ssl.gz b/msys2/usr/share/man/man1/openssl-pkeyutl.1ssl.gz
index 3372a6827..c1acc8027 100644
Binary files a/msys2/usr/share/man/man1/openssl-pkeyutl.1ssl.gz and b/msys2/usr/share/man/man1/openssl-pkeyutl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-prime.1ssl.gz b/msys2/usr/share/man/man1/openssl-prime.1ssl.gz
new file mode 100644
index 000000000..bfa3e4c72
Binary files /dev/null and b/msys2/usr/share/man/man1/openssl-prime.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-rand.1ssl.gz b/msys2/usr/share/man/man1/openssl-rand.1ssl.gz
index b564a8ff3..7dbfde0c0 100644
Binary files a/msys2/usr/share/man/man1/openssl-rand.1ssl.gz and b/msys2/usr/share/man/man1/openssl-rand.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-rehash.1ssl.gz b/msys2/usr/share/man/man1/openssl-rehash.1ssl.gz
new file mode 100644
index 000000000..9be2d8385
Binary files /dev/null and b/msys2/usr/share/man/man1/openssl-rehash.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-req.1ssl.gz b/msys2/usr/share/man/man1/openssl-req.1ssl.gz
index c58fc8e5c..8ac0d2959 100644
Binary files a/msys2/usr/share/man/man1/openssl-req.1ssl.gz and b/msys2/usr/share/man/man1/openssl-req.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-rsa.1ssl.gz b/msys2/usr/share/man/man1/openssl-rsa.1ssl.gz
index 0cc9c3773..bb71eea2c 100644
Binary files a/msys2/usr/share/man/man1/openssl-rsa.1ssl.gz and b/msys2/usr/share/man/man1/openssl-rsa.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-rsautl.1ssl.gz b/msys2/usr/share/man/man1/openssl-rsautl.1ssl.gz
index e49a981f4..81aa9b005 100644
Binary files a/msys2/usr/share/man/man1/openssl-rsautl.1ssl.gz and b/msys2/usr/share/man/man1/openssl-rsautl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-s_client.1ssl.gz b/msys2/usr/share/man/man1/openssl-s_client.1ssl.gz
index 150a5f916..7bccc3376 100644
Binary files a/msys2/usr/share/man/man1/openssl-s_client.1ssl.gz and b/msys2/usr/share/man/man1/openssl-s_client.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-s_server.1ssl.gz b/msys2/usr/share/man/man1/openssl-s_server.1ssl.gz
index 6da152d3f..7ddc68016 100644
Binary files a/msys2/usr/share/man/man1/openssl-s_server.1ssl.gz and b/msys2/usr/share/man/man1/openssl-s_server.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-s_time.1ssl.gz b/msys2/usr/share/man/man1/openssl-s_time.1ssl.gz
index 7c2c83071..7077e2a7d 100644
Binary files a/msys2/usr/share/man/man1/openssl-s_time.1ssl.gz and b/msys2/usr/share/man/man1/openssl-s_time.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-sess_id.1ssl.gz b/msys2/usr/share/man/man1/openssl-sess_id.1ssl.gz
index 3bfc4096a..76ce09061 100644
Binary files a/msys2/usr/share/man/man1/openssl-sess_id.1ssl.gz and b/msys2/usr/share/man/man1/openssl-sess_id.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-smime.1ssl.gz b/msys2/usr/share/man/man1/openssl-smime.1ssl.gz
index 7a7633b7e..2420bb491 100644
Binary files a/msys2/usr/share/man/man1/openssl-smime.1ssl.gz and b/msys2/usr/share/man/man1/openssl-smime.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-speed.1ssl.gz b/msys2/usr/share/man/man1/openssl-speed.1ssl.gz
index a68d0f907..931fb225d 100644
Binary files a/msys2/usr/share/man/man1/openssl-speed.1ssl.gz and b/msys2/usr/share/man/man1/openssl-speed.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-spkac.1ssl.gz b/msys2/usr/share/man/man1/openssl-spkac.1ssl.gz
index 86d4d5f58..466ac5984 100644
Binary files a/msys2/usr/share/man/man1/openssl-spkac.1ssl.gz and b/msys2/usr/share/man/man1/openssl-spkac.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-srp.1ssl.gz b/msys2/usr/share/man/man1/openssl-srp.1ssl.gz
new file mode 100644
index 000000000..d00174792
Binary files /dev/null and b/msys2/usr/share/man/man1/openssl-srp.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-storeutl.1ssl.gz b/msys2/usr/share/man/man1/openssl-storeutl.1ssl.gz
new file mode 100644
index 000000000..997926626
Binary files /dev/null and b/msys2/usr/share/man/man1/openssl-storeutl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-ts.1ssl.gz b/msys2/usr/share/man/man1/openssl-ts.1ssl.gz
index 53719da7f..8d69222a6 100644
Binary files a/msys2/usr/share/man/man1/openssl-ts.1ssl.gz and b/msys2/usr/share/man/man1/openssl-ts.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-tsget.1ssl.gz b/msys2/usr/share/man/man1/openssl-tsget.1ssl.gz
index 1f25e8fe7..3efb6015b 100644
Binary files a/msys2/usr/share/man/man1/openssl-tsget.1ssl.gz and b/msys2/usr/share/man/man1/openssl-tsget.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-verify.1ssl.gz b/msys2/usr/share/man/man1/openssl-verify.1ssl.gz
index b42b51e1a..73d6595c5 100644
Binary files a/msys2/usr/share/man/man1/openssl-verify.1ssl.gz and b/msys2/usr/share/man/man1/openssl-verify.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-version.1ssl.gz b/msys2/usr/share/man/man1/openssl-version.1ssl.gz
index 5021b9d33..ffe4b401b 100644
Binary files a/msys2/usr/share/man/man1/openssl-version.1ssl.gz and b/msys2/usr/share/man/man1/openssl-version.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl-x509.1ssl.gz b/msys2/usr/share/man/man1/openssl-x509.1ssl.gz
index 0faf33abc..dd82063c2 100644
Binary files a/msys2/usr/share/man/man1/openssl-x509.1ssl.gz and b/msys2/usr/share/man/man1/openssl-x509.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/openssl.1ssl.gz b/msys2/usr/share/man/man1/openssl.1ssl.gz
index 690d6d57f..5ee152c5d 100644
Binary files a/msys2/usr/share/man/man1/openssl.1ssl.gz and b/msys2/usr/share/man/man1/openssl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/passwd.1ssl.gz b/msys2/usr/share/man/man1/passwd.1ssl.gz
index 73e2264c3..c87832599 100644
Binary files a/msys2/usr/share/man/man1/passwd.1ssl.gz and b/msys2/usr/share/man/man1/passwd.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/paste.1.gz b/msys2/usr/share/man/man1/paste.1.gz
index 22a0d1929..f0e403149 100644
Binary files a/msys2/usr/share/man/man1/paste.1.gz and b/msys2/usr/share/man/man1/paste.1.gz differ
diff --git a/msys2/usr/share/man/man1/pathchk.1.gz b/msys2/usr/share/man/man1/pathchk.1.gz
index be8743749..3f95ad57c 100644
Binary files a/msys2/usr/share/man/man1/pathchk.1.gz and b/msys2/usr/share/man/man1/pathchk.1.gz differ
diff --git a/msys2/usr/share/man/man1/pcretest.1.gz b/msys2/usr/share/man/man1/pcretest.1.gz
index 17db17019..c148f158d 100644
Binary files a/msys2/usr/share/man/man1/pcretest.1.gz and b/msys2/usr/share/man/man1/pcretest.1.gz differ
diff --git a/msys2/usr/share/man/man1/pg.1.gz b/msys2/usr/share/man/man1/pg.1.gz
index cb9cdae79..06f7431b3 100644
Binary files a/msys2/usr/share/man/man1/pg.1.gz and b/msys2/usr/share/man/man1/pg.1.gz differ
diff --git a/msys2/usr/share/man/man1/pinky.1.gz b/msys2/usr/share/man/man1/pinky.1.gz
index 2fb2f5f4b..08e99b3e0 100644
Binary files a/msys2/usr/share/man/man1/pinky.1.gz and b/msys2/usr/share/man/man1/pinky.1.gz differ
diff --git a/msys2/usr/share/man/man1/pkcs12.1ssl.gz b/msys2/usr/share/man/man1/pkcs12.1ssl.gz
index f9661852d..7055274a0 100644
Binary files a/msys2/usr/share/man/man1/pkcs12.1ssl.gz and b/msys2/usr/share/man/man1/pkcs12.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/pkcs7.1ssl.gz b/msys2/usr/share/man/man1/pkcs7.1ssl.gz
index f146eb00e..d8268da2c 100644
Binary files a/msys2/usr/share/man/man1/pkcs7.1ssl.gz and b/msys2/usr/share/man/man1/pkcs7.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/pkcs8.1ssl.gz b/msys2/usr/share/man/man1/pkcs8.1ssl.gz
index 67783814c..fe6738a99 100644
Binary files a/msys2/usr/share/man/man1/pkcs8.1ssl.gz and b/msys2/usr/share/man/man1/pkcs8.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/pkey.1ssl.gz b/msys2/usr/share/man/man1/pkey.1ssl.gz
index bb7b13841..db38c0eae 100644
Binary files a/msys2/usr/share/man/man1/pkey.1ssl.gz and b/msys2/usr/share/man/man1/pkey.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/pkeyparam.1ssl.gz b/msys2/usr/share/man/man1/pkeyparam.1ssl.gz
index 44c619216..c14a0feaf 100644
Binary files a/msys2/usr/share/man/man1/pkeyparam.1ssl.gz and b/msys2/usr/share/man/man1/pkeyparam.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/pkeyutl.1ssl.gz b/msys2/usr/share/man/man1/pkeyutl.1ssl.gz
index 3372a6827..c1acc8027 100644
Binary files a/msys2/usr/share/man/man1/pkeyutl.1ssl.gz and b/msys2/usr/share/man/man1/pkeyutl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/pkgfile.1.gz b/msys2/usr/share/man/man1/pkgfile.1.gz
index 6d54faa83..897e6ec5b 100644
Binary files a/msys2/usr/share/man/man1/pkgfile.1.gz and b/msys2/usr/share/man/man1/pkgfile.1.gz differ
diff --git a/msys2/usr/share/man/man1/popd.1.gz b/msys2/usr/share/man/man1/popd.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/popd.1.gz and b/msys2/usr/share/man/man1/popd.1.gz differ
diff --git a/msys2/usr/share/man/man1/pr.1.gz b/msys2/usr/share/man/man1/pr.1.gz
index 63a661462..3137671c4 100644
Binary files a/msys2/usr/share/man/man1/pr.1.gz and b/msys2/usr/share/man/man1/pr.1.gz differ
diff --git a/msys2/usr/share/man/man1/prime.1ssl.gz b/msys2/usr/share/man/man1/prime.1ssl.gz
new file mode 100644
index 000000000..bfa3e4c72
Binary files /dev/null and b/msys2/usr/share/man/man1/prime.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/printenv.1.gz b/msys2/usr/share/man/man1/printenv.1.gz
index b4488fcb9..0a3a0caa9 100644
Binary files a/msys2/usr/share/man/man1/printenv.1.gz and b/msys2/usr/share/man/man1/printenv.1.gz differ
diff --git a/msys2/usr/share/man/man1/printf.1.gz b/msys2/usr/share/man/man1/printf.1.gz
index f4da360db..bb219cf2c 100644
Binary files a/msys2/usr/share/man/man1/printf.1.gz and b/msys2/usr/share/man/man1/printf.1.gz differ
diff --git a/msys2/usr/share/man/man1/psl.1.gz b/msys2/usr/share/man/man1/psl.1.gz
index d3bb283f8..4b1e34681 100644
Binary files a/msys2/usr/share/man/man1/psl.1.gz and b/msys2/usr/share/man/man1/psl.1.gz differ
diff --git a/msys2/usr/share/man/man1/ptx.1.gz b/msys2/usr/share/man/man1/ptx.1.gz
index f3e9dfd1a..e7dc395c2 100644
Binary files a/msys2/usr/share/man/man1/ptx.1.gz and b/msys2/usr/share/man/man1/ptx.1.gz differ
diff --git a/msys2/usr/share/man/man1/pushd.1.gz b/msys2/usr/share/man/man1/pushd.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/pushd.1.gz and b/msys2/usr/share/man/man1/pushd.1.gz differ
diff --git a/msys2/usr/share/man/man1/pwd.1.gz b/msys2/usr/share/man/man1/pwd.1.gz
index 8a0c2aa41..d7684afbf 100644
Binary files a/msys2/usr/share/man/man1/pwd.1.gz and b/msys2/usr/share/man/man1/pwd.1.gz differ
diff --git a/msys2/usr/share/man/man1/rand.1ssl.gz b/msys2/usr/share/man/man1/rand.1ssl.gz
index b564a8ff3..7dbfde0c0 100644
Binary files a/msys2/usr/share/man/man1/rand.1ssl.gz and b/msys2/usr/share/man/man1/rand.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/rcp.1.gz b/msys2/usr/share/man/man1/rcp.1.gz
index 1798d8516..f5f994e2d 100644
Binary files a/msys2/usr/share/man/man1/rcp.1.gz and b/msys2/usr/share/man/man1/rcp.1.gz differ
diff --git a/msys2/usr/share/man/man1/read.1.gz b/msys2/usr/share/man/man1/read.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/read.1.gz and b/msys2/usr/share/man/man1/read.1.gz differ
diff --git a/msys2/usr/share/man/man1/readlink.1.gz b/msys2/usr/share/man/man1/readlink.1.gz
index 63b238abd..8c31b7cbe 100644
Binary files a/msys2/usr/share/man/man1/readlink.1.gz and b/msys2/usr/share/man/man1/readlink.1.gz differ
diff --git a/msys2/usr/share/man/man1/readonly.1.gz b/msys2/usr/share/man/man1/readonly.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/readonly.1.gz and b/msys2/usr/share/man/man1/readonly.1.gz differ
diff --git a/msys2/usr/share/man/man1/realpath.1.gz b/msys2/usr/share/man/man1/realpath.1.gz
index 36bdf8880..6ed8c9d17 100644
Binary files a/msys2/usr/share/man/man1/realpath.1.gz and b/msys2/usr/share/man/man1/realpath.1.gz differ
diff --git a/msys2/usr/share/man/man1/rehash.1ssl.gz b/msys2/usr/share/man/man1/rehash.1ssl.gz
new file mode 100644
index 000000000..9be2d8385
Binary files /dev/null and b/msys2/usr/share/man/man1/rehash.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/rename.1.gz b/msys2/usr/share/man/man1/rename.1.gz
index 04eceadb8..e0a12ee8f 100644
Binary files a/msys2/usr/share/man/man1/rename.1.gz and b/msys2/usr/share/man/man1/rename.1.gz differ
diff --git a/msys2/usr/share/man/man1/renice.1.gz b/msys2/usr/share/man/man1/renice.1.gz
index 43cb05874..17e8214ca 100644
Binary files a/msys2/usr/share/man/man1/renice.1.gz and b/msys2/usr/share/man/man1/renice.1.gz differ
diff --git a/msys2/usr/share/man/man1/req.1ssl.gz b/msys2/usr/share/man/man1/req.1ssl.gz
index c58fc8e5c..8ac0d2959 100644
Binary files a/msys2/usr/share/man/man1/req.1ssl.gz and b/msys2/usr/share/man/man1/req.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/reset.1.gz b/msys2/usr/share/man/man1/reset.1.gz
index ed56c41a0..0e4740bc2 100644
Binary files a/msys2/usr/share/man/man1/reset.1.gz and b/msys2/usr/share/man/man1/reset.1.gz differ
diff --git a/msys2/usr/share/man/man1/return.1.gz b/msys2/usr/share/man/man1/return.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/return.1.gz and b/msys2/usr/share/man/man1/return.1.gz differ
diff --git a/msys2/usr/share/man/man1/rev.1.gz b/msys2/usr/share/man/man1/rev.1.gz
index 8710941a1..a1a22733b 100644
Binary files a/msys2/usr/share/man/man1/rev.1.gz and b/msys2/usr/share/man/man1/rev.1.gz differ
diff --git a/msys2/usr/share/man/man1/ripemd160.1ssl.gz b/msys2/usr/share/man/man1/ripemd160.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/ripemd160.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/rlogin.1.gz b/msys2/usr/share/man/man1/rlogin.1.gz
index 29d98333e..54550572a 100644
Binary files a/msys2/usr/share/man/man1/rlogin.1.gz and b/msys2/usr/share/man/man1/rlogin.1.gz differ
diff --git a/msys2/usr/share/man/man1/rm.1.gz b/msys2/usr/share/man/man1/rm.1.gz
index 1fad4611d..933444942 100644
Binary files a/msys2/usr/share/man/man1/rm.1.gz and b/msys2/usr/share/man/man1/rm.1.gz differ
diff --git a/msys2/usr/share/man/man1/rmdir.1.gz b/msys2/usr/share/man/man1/rmdir.1.gz
index 87b707102..3dbc0a5b9 100644
Binary files a/msys2/usr/share/man/man1/rmdir.1.gz and b/msys2/usr/share/man/man1/rmdir.1.gz differ
diff --git a/msys2/usr/share/man/man1/rsa.1ssl.gz b/msys2/usr/share/man/man1/rsa.1ssl.gz
index 0cc9c3773..bb71eea2c 100644
Binary files a/msys2/usr/share/man/man1/rsa.1ssl.gz and b/msys2/usr/share/man/man1/rsa.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/rsautl.1ssl.gz b/msys2/usr/share/man/man1/rsautl.1ssl.gz
index e49a981f4..81aa9b005 100644
Binary files a/msys2/usr/share/man/man1/rsautl.1ssl.gz and b/msys2/usr/share/man/man1/rsautl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/rsh.1.gz b/msys2/usr/share/man/man1/rsh.1.gz
index 28541b24c..7c7b8a1c4 100644
Binary files a/msys2/usr/share/man/man1/rsh.1.gz and b/msys2/usr/share/man/man1/rsh.1.gz differ
diff --git a/msys2/usr/share/man/man1/runcon.1.gz b/msys2/usr/share/man/man1/runcon.1.gz
index 31216520c..67f17fed9 100644
Binary files a/msys2/usr/share/man/man1/runcon.1.gz and b/msys2/usr/share/man/man1/runcon.1.gz differ
diff --git a/msys2/usr/share/man/man1/s_client.1ssl.gz b/msys2/usr/share/man/man1/s_client.1ssl.gz
index 150a5f916..7bccc3376 100644
Binary files a/msys2/usr/share/man/man1/s_client.1ssl.gz and b/msys2/usr/share/man/man1/s_client.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/s_server.1ssl.gz b/msys2/usr/share/man/man1/s_server.1ssl.gz
index 6da152d3f..7ddc68016 100644
Binary files a/msys2/usr/share/man/man1/s_server.1ssl.gz and b/msys2/usr/share/man/man1/s_server.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/s_time.1ssl.gz b/msys2/usr/share/man/man1/s_time.1ssl.gz
index 7c2c83071..7077e2a7d 100644
Binary files a/msys2/usr/share/man/man1/s_time.1ssl.gz and b/msys2/usr/share/man/man1/s_time.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/scdaemon.1.gz b/msys2/usr/share/man/man1/scdaemon.1.gz
new file mode 100644
index 000000000..94f58dae9
Binary files /dev/null and b/msys2/usr/share/man/man1/scdaemon.1.gz differ
diff --git a/msys2/usr/share/man/man1/script.1.gz b/msys2/usr/share/man/man1/script.1.gz
index 52990d4b1..4aa1487af 100644
Binary files a/msys2/usr/share/man/man1/script.1.gz and b/msys2/usr/share/man/man1/script.1.gz differ
diff --git a/msys2/usr/share/man/man1/scriptreplay.1.gz b/msys2/usr/share/man/man1/scriptreplay.1.gz
index 50875de4f..2a644daf2 100644
Binary files a/msys2/usr/share/man/man1/scriptreplay.1.gz and b/msys2/usr/share/man/man1/scriptreplay.1.gz differ
diff --git a/msys2/usr/share/man/man1/sed.1.gz b/msys2/usr/share/man/man1/sed.1.gz
index 69e97cad6..6156e2746 100644
Binary files a/msys2/usr/share/man/man1/sed.1.gz and b/msys2/usr/share/man/man1/sed.1.gz differ
diff --git a/msys2/usr/share/man/man1/select.1.gz b/msys2/usr/share/man/man1/select.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/select.1.gz and b/msys2/usr/share/man/man1/select.1.gz differ
diff --git a/msys2/usr/share/man/man1/seq.1.gz b/msys2/usr/share/man/man1/seq.1.gz
index 0e304f127..e6da2a2ad 100644
Binary files a/msys2/usr/share/man/man1/seq.1.gz and b/msys2/usr/share/man/man1/seq.1.gz differ
diff --git a/msys2/usr/share/man/man1/sess_id.1ssl.gz b/msys2/usr/share/man/man1/sess_id.1ssl.gz
index 3bfc4096a..76ce09061 100644
Binary files a/msys2/usr/share/man/man1/sess_id.1ssl.gz and b/msys2/usr/share/man/man1/sess_id.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/set.1.gz b/msys2/usr/share/man/man1/set.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/set.1.gz and b/msys2/usr/share/man/man1/set.1.gz differ
diff --git a/msys2/usr/share/man/man1/setsid.1.gz b/msys2/usr/share/man/man1/setsid.1.gz
index e11fb7aea..9ffcf5236 100644
Binary files a/msys2/usr/share/man/man1/setsid.1.gz and b/msys2/usr/share/man/man1/setsid.1.gz differ
diff --git a/msys2/usr/share/man/man1/sha.1ssl.gz b/msys2/usr/share/man/man1/sha.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/sha.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/sha1.1ssl.gz b/msys2/usr/share/man/man1/sha1.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/sha1.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/sha1sum.1.gz b/msys2/usr/share/man/man1/sha1sum.1.gz
index 2a9c7e86a..d5a22025f 100644
Binary files a/msys2/usr/share/man/man1/sha1sum.1.gz and b/msys2/usr/share/man/man1/sha1sum.1.gz differ
diff --git a/msys2/usr/share/man/man1/sha224.1ssl.gz b/msys2/usr/share/man/man1/sha224.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/sha224.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/sha224sum.1.gz b/msys2/usr/share/man/man1/sha224sum.1.gz
index c355e6ea3..a7b62fd60 100644
Binary files a/msys2/usr/share/man/man1/sha224sum.1.gz and b/msys2/usr/share/man/man1/sha224sum.1.gz differ
diff --git a/msys2/usr/share/man/man1/sha256.1ssl.gz b/msys2/usr/share/man/man1/sha256.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/sha256.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/sha256sum.1.gz b/msys2/usr/share/man/man1/sha256sum.1.gz
index 20b6a1054..c35509aab 100644
Binary files a/msys2/usr/share/man/man1/sha256sum.1.gz and b/msys2/usr/share/man/man1/sha256sum.1.gz differ
diff --git a/msys2/usr/share/man/man1/sha384.1ssl.gz b/msys2/usr/share/man/man1/sha384.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/sha384.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/sha384sum.1.gz b/msys2/usr/share/man/man1/sha384sum.1.gz
index 666b9847b..fca4ef19f 100644
Binary files a/msys2/usr/share/man/man1/sha384sum.1.gz and b/msys2/usr/share/man/man1/sha384sum.1.gz differ
diff --git a/msys2/usr/share/man/man1/sha512.1ssl.gz b/msys2/usr/share/man/man1/sha512.1ssl.gz
deleted file mode 100644
index b6553717a..000000000
Binary files a/msys2/usr/share/man/man1/sha512.1ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/sha512sum.1.gz b/msys2/usr/share/man/man1/sha512sum.1.gz
index 3fbf7a5cd..94756ecee 100644
Binary files a/msys2/usr/share/man/man1/sha512sum.1.gz and b/msys2/usr/share/man/man1/sha512sum.1.gz differ
diff --git a/msys2/usr/share/man/man1/shift.1.gz b/msys2/usr/share/man/man1/shift.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/shift.1.gz and b/msys2/usr/share/man/man1/shift.1.gz differ
diff --git a/msys2/usr/share/man/man1/shopt.1.gz b/msys2/usr/share/man/man1/shopt.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/shopt.1.gz and b/msys2/usr/share/man/man1/shopt.1.gz differ
diff --git a/msys2/usr/share/man/man1/shred.1.gz b/msys2/usr/share/man/man1/shred.1.gz
index ee5203753..30e5a8d92 100644
Binary files a/msys2/usr/share/man/man1/shred.1.gz and b/msys2/usr/share/man/man1/shred.1.gz differ
diff --git a/msys2/usr/share/man/man1/shuf.1.gz b/msys2/usr/share/man/man1/shuf.1.gz
index a1aaa3689..791459cfb 100644
Binary files a/msys2/usr/share/man/man1/shuf.1.gz and b/msys2/usr/share/man/man1/shuf.1.gz differ
diff --git a/msys2/usr/share/man/man1/sleep.1.gz b/msys2/usr/share/man/man1/sleep.1.gz
index 3869428b7..083ee331f 100644
Binary files a/msys2/usr/share/man/man1/sleep.1.gz and b/msys2/usr/share/man/man1/sleep.1.gz differ
diff --git a/msys2/usr/share/man/man1/smime.1ssl.gz b/msys2/usr/share/man/man1/smime.1ssl.gz
index 7a7633b7e..2420bb491 100644
Binary files a/msys2/usr/share/man/man1/smime.1ssl.gz and b/msys2/usr/share/man/man1/smime.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/sort.1.gz b/msys2/usr/share/man/man1/sort.1.gz
index e5b88e207..1fad387b6 100644
Binary files a/msys2/usr/share/man/man1/sort.1.gz and b/msys2/usr/share/man/man1/sort.1.gz differ
diff --git a/msys2/usr/share/man/man1/source.1.gz b/msys2/usr/share/man/man1/source.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/source.1.gz and b/msys2/usr/share/man/man1/source.1.gz differ
diff --git a/msys2/usr/share/man/man1/speed.1ssl.gz b/msys2/usr/share/man/man1/speed.1ssl.gz
index a68d0f907..931fb225d 100644
Binary files a/msys2/usr/share/man/man1/speed.1ssl.gz and b/msys2/usr/share/man/man1/speed.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/spkac.1ssl.gz b/msys2/usr/share/man/man1/spkac.1ssl.gz
index 86d4d5f58..466ac5984 100644
Binary files a/msys2/usr/share/man/man1/spkac.1ssl.gz and b/msys2/usr/share/man/man1/spkac.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/split.1.gz b/msys2/usr/share/man/man1/split.1.gz
index 8eba96027..6ca9fc2d0 100644
Binary files a/msys2/usr/share/man/man1/split.1.gz and b/msys2/usr/share/man/man1/split.1.gz differ
diff --git a/msys2/usr/share/man/man1/srp.1ssl.gz b/msys2/usr/share/man/man1/srp.1ssl.gz
new file mode 100644
index 000000000..d00174792
Binary files /dev/null and b/msys2/usr/share/man/man1/srp.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/stat.1.gz b/msys2/usr/share/man/man1/stat.1.gz
index 28ba3305f..12619b883 100644
Binary files a/msys2/usr/share/man/man1/stat.1.gz and b/msys2/usr/share/man/man1/stat.1.gz differ
diff --git a/msys2/usr/share/man/man1/stdbuf.1.gz b/msys2/usr/share/man/man1/stdbuf.1.gz
deleted file mode 100644
index cb35be109..000000000
Binary files a/msys2/usr/share/man/man1/stdbuf.1.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/storeutl.1ssl.gz b/msys2/usr/share/man/man1/storeutl.1ssl.gz
new file mode 100644
index 000000000..997926626
Binary files /dev/null and b/msys2/usr/share/man/man1/storeutl.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/stty.1.gz b/msys2/usr/share/man/man1/stty.1.gz
index 709527b36..f0c91b94e 100644
Binary files a/msys2/usr/share/man/man1/stty.1.gz and b/msys2/usr/share/man/man1/stty.1.gz differ
diff --git a/msys2/usr/share/man/man1/sum.1.gz b/msys2/usr/share/man/man1/sum.1.gz
index dfd736ae1..bd364b05d 100644
Binary files a/msys2/usr/share/man/man1/sum.1.gz and b/msys2/usr/share/man/man1/sum.1.gz differ
diff --git a/msys2/usr/share/man/man1/suspend.1.gz b/msys2/usr/share/man/man1/suspend.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/suspend.1.gz and b/msys2/usr/share/man/man1/suspend.1.gz differ
diff --git a/msys2/usr/share/man/man1/symcryptrun.1.gz b/msys2/usr/share/man/man1/symcryptrun.1.gz
new file mode 100644
index 000000000..46b61d698
Binary files /dev/null and b/msys2/usr/share/man/man1/symcryptrun.1.gz differ
diff --git a/msys2/usr/share/man/man1/sync.1.gz b/msys2/usr/share/man/man1/sync.1.gz
index c3a7d14f5..a24fb2a16 100644
Binary files a/msys2/usr/share/man/man1/sync.1.gz and b/msys2/usr/share/man/man1/sync.1.gz differ
diff --git a/msys2/usr/share/man/man1/tabs.1.gz b/msys2/usr/share/man/man1/tabs.1.gz
index ed5a53280..3ce3e85a4 100644
Binary files a/msys2/usr/share/man/man1/tabs.1.gz and b/msys2/usr/share/man/man1/tabs.1.gz differ
diff --git a/msys2/usr/share/man/man1/tac.1.gz b/msys2/usr/share/man/man1/tac.1.gz
index 867e38881..3dc5db73d 100644
Binary files a/msys2/usr/share/man/man1/tac.1.gz and b/msys2/usr/share/man/man1/tac.1.gz differ
diff --git a/msys2/usr/share/man/man1/tail.1.gz b/msys2/usr/share/man/man1/tail.1.gz
index 09a463b65..669fad581 100644
Binary files a/msys2/usr/share/man/man1/tail.1.gz and b/msys2/usr/share/man/man1/tail.1.gz differ
diff --git a/msys2/usr/share/man/man1/tailf.1.gz b/msys2/usr/share/man/man1/tailf.1.gz
deleted file mode 100644
index dd354ea30..000000000
Binary files a/msys2/usr/share/man/man1/tailf.1.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man1/talk.1.gz b/msys2/usr/share/man/man1/talk.1.gz
index 1ca034af0..8b3776d2d 100644
Binary files a/msys2/usr/share/man/man1/talk.1.gz and b/msys2/usr/share/man/man1/talk.1.gz differ
diff --git a/msys2/usr/share/man/man1/tee.1.gz b/msys2/usr/share/man/man1/tee.1.gz
index 8bffee61b..e891ad36a 100644
Binary files a/msys2/usr/share/man/man1/tee.1.gz and b/msys2/usr/share/man/man1/tee.1.gz differ
diff --git a/msys2/usr/share/man/man1/telnet.1.gz b/msys2/usr/share/man/man1/telnet.1.gz
index 9a9f760e2..75e62e9d4 100644
Binary files a/msys2/usr/share/man/man1/telnet.1.gz and b/msys2/usr/share/man/man1/telnet.1.gz differ
diff --git a/msys2/usr/share/man/man1/test.1.gz b/msys2/usr/share/man/man1/test.1.gz
index 840dddb7e..1f9286c5f 100644
Binary files a/msys2/usr/share/man/man1/test.1.gz and b/msys2/usr/share/man/man1/test.1.gz differ
diff --git a/msys2/usr/share/man/man1/then.1.gz b/msys2/usr/share/man/man1/then.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/then.1.gz and b/msys2/usr/share/man/man1/then.1.gz differ
diff --git a/msys2/usr/share/man/man1/tic.1m.gz b/msys2/usr/share/man/man1/tic.1m.gz
index 80f236f7c..5e2ab0baa 100644
Binary files a/msys2/usr/share/man/man1/tic.1m.gz and b/msys2/usr/share/man/man1/tic.1m.gz differ
diff --git a/msys2/usr/share/man/man1/time.1.gz b/msys2/usr/share/man/man1/time.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/time.1.gz and b/msys2/usr/share/man/man1/time.1.gz differ
diff --git a/msys2/usr/share/man/man1/timeout.1.gz b/msys2/usr/share/man/man1/timeout.1.gz
index 8eb9fd8c6..ac4405e09 100644
Binary files a/msys2/usr/share/man/man1/timeout.1.gz and b/msys2/usr/share/man/man1/timeout.1.gz differ
diff --git a/msys2/usr/share/man/man1/times.1.gz b/msys2/usr/share/man/man1/times.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/times.1.gz and b/msys2/usr/share/man/man1/times.1.gz differ
diff --git a/msys2/usr/share/man/man1/toe.1m.gz b/msys2/usr/share/man/man1/toe.1m.gz
index e84116901..68fd7a4fc 100644
Binary files a/msys2/usr/share/man/man1/toe.1m.gz and b/msys2/usr/share/man/man1/toe.1m.gz differ
diff --git a/msys2/usr/share/man/man1/touch.1.gz b/msys2/usr/share/man/man1/touch.1.gz
index 82baa7878..82a20f091 100644
Binary files a/msys2/usr/share/man/man1/touch.1.gz and b/msys2/usr/share/man/man1/touch.1.gz differ
diff --git a/msys2/usr/share/man/man1/tput.1.gz b/msys2/usr/share/man/man1/tput.1.gz
index 8608c593c..4b3f2b4b0 100644
Binary files a/msys2/usr/share/man/man1/tput.1.gz and b/msys2/usr/share/man/man1/tput.1.gz differ
diff --git a/msys2/usr/share/man/man1/tr.1.gz b/msys2/usr/share/man/man1/tr.1.gz
index 631dbdfd4..27a80f387 100644
Binary files a/msys2/usr/share/man/man1/tr.1.gz and b/msys2/usr/share/man/man1/tr.1.gz differ
diff --git a/msys2/usr/share/man/man1/trap.1.gz b/msys2/usr/share/man/man1/trap.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/trap.1.gz and b/msys2/usr/share/man/man1/trap.1.gz differ
diff --git a/msys2/usr/share/man/man1/true.1.gz b/msys2/usr/share/man/man1/true.1.gz
index d4108d760..2d4fffb77 100644
Binary files a/msys2/usr/share/man/man1/true.1.gz and b/msys2/usr/share/man/man1/true.1.gz differ
diff --git a/msys2/usr/share/man/man1/truncate.1.gz b/msys2/usr/share/man/man1/truncate.1.gz
index b8166143a..3d906ae23 100644
Binary files a/msys2/usr/share/man/man1/truncate.1.gz and b/msys2/usr/share/man/man1/truncate.1.gz differ
diff --git a/msys2/usr/share/man/man1/ts.1ssl.gz b/msys2/usr/share/man/man1/ts.1ssl.gz
index 53719da7f..8d69222a6 100644
Binary files a/msys2/usr/share/man/man1/ts.1ssl.gz and b/msys2/usr/share/man/man1/ts.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/tset.1.gz b/msys2/usr/share/man/man1/tset.1.gz
index ed56c41a0..0e4740bc2 100644
Binary files a/msys2/usr/share/man/man1/tset.1.gz and b/msys2/usr/share/man/man1/tset.1.gz differ
diff --git a/msys2/usr/share/man/man1/tsget.1ssl.gz b/msys2/usr/share/man/man1/tsget.1ssl.gz
index 1f25e8fe7..3efb6015b 100644
Binary files a/msys2/usr/share/man/man1/tsget.1ssl.gz and b/msys2/usr/share/man/man1/tsget.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/tsort.1.gz b/msys2/usr/share/man/man1/tsort.1.gz
index 142ea718f..4d580d68c 100644
Binary files a/msys2/usr/share/man/man1/tsort.1.gz and b/msys2/usr/share/man/man1/tsort.1.gz differ
diff --git a/msys2/usr/share/man/man1/tty.1.gz b/msys2/usr/share/man/man1/tty.1.gz
index 9dc59b0fe..05c9a305c 100644
Binary files a/msys2/usr/share/man/man1/tty.1.gz and b/msys2/usr/share/man/man1/tty.1.gz differ
diff --git a/msys2/usr/share/man/man1/type.1.gz b/msys2/usr/share/man/man1/type.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/type.1.gz and b/msys2/usr/share/man/man1/type.1.gz differ
diff --git a/msys2/usr/share/man/man1/typeset.1.gz b/msys2/usr/share/man/man1/typeset.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/typeset.1.gz and b/msys2/usr/share/man/man1/typeset.1.gz differ
diff --git a/msys2/usr/share/man/man1/ul.1.gz b/msys2/usr/share/man/man1/ul.1.gz
index c1731e371..0eeb0773b 100644
Binary files a/msys2/usr/share/man/man1/ul.1.gz and b/msys2/usr/share/man/man1/ul.1.gz differ
diff --git a/msys2/usr/share/man/man1/ulimit.1.gz b/msys2/usr/share/man/man1/ulimit.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/ulimit.1.gz and b/msys2/usr/share/man/man1/ulimit.1.gz differ
diff --git a/msys2/usr/share/man/man1/umask.1.gz b/msys2/usr/share/man/man1/umask.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/umask.1.gz and b/msys2/usr/share/man/man1/umask.1.gz differ
diff --git a/msys2/usr/share/man/man1/unalias.1.gz b/msys2/usr/share/man/man1/unalias.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/unalias.1.gz and b/msys2/usr/share/man/man1/unalias.1.gz differ
diff --git a/msys2/usr/share/man/man1/uname.1.gz b/msys2/usr/share/man/man1/uname.1.gz
index 64733a21b..fc40e7af0 100644
Binary files a/msys2/usr/share/man/man1/uname.1.gz and b/msys2/usr/share/man/man1/uname.1.gz differ
diff --git a/msys2/usr/share/man/man1/unexpand.1.gz b/msys2/usr/share/man/man1/unexpand.1.gz
index 43e701088..01b70f02a 100644
Binary files a/msys2/usr/share/man/man1/unexpand.1.gz and b/msys2/usr/share/man/man1/unexpand.1.gz differ
diff --git a/msys2/usr/share/man/man1/uniq.1.gz b/msys2/usr/share/man/man1/uniq.1.gz
index 4f399a903..1add860b0 100644
Binary files a/msys2/usr/share/man/man1/uniq.1.gz and b/msys2/usr/share/man/man1/uniq.1.gz differ
diff --git a/msys2/usr/share/man/man1/unlink.1.gz b/msys2/usr/share/man/man1/unlink.1.gz
index 5266e4b09..699889be8 100644
Binary files a/msys2/usr/share/man/man1/unlink.1.gz and b/msys2/usr/share/man/man1/unlink.1.gz differ
diff --git a/msys2/usr/share/man/man1/unlzma.1.gz b/msys2/usr/share/man/man1/unlzma.1.gz
index 49b744ca0..360f8cf49 100644
Binary files a/msys2/usr/share/man/man1/unlzma.1.gz and b/msys2/usr/share/man/man1/unlzma.1.gz differ
diff --git a/msys2/usr/share/man/man1/unset.1.gz b/msys2/usr/share/man/man1/unset.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/unset.1.gz and b/msys2/usr/share/man/man1/unset.1.gz differ
diff --git a/msys2/usr/share/man/man1/until.1.gz b/msys2/usr/share/man/man1/until.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/until.1.gz and b/msys2/usr/share/man/man1/until.1.gz differ
diff --git a/msys2/usr/share/man/man1/unxz.1.gz b/msys2/usr/share/man/man1/unxz.1.gz
index 49b744ca0..360f8cf49 100644
Binary files a/msys2/usr/share/man/man1/unxz.1.gz and b/msys2/usr/share/man/man1/unxz.1.gz differ
diff --git a/msys2/usr/share/man/man1/users.1.gz b/msys2/usr/share/man/man1/users.1.gz
index f03f86d35..1ee6673c5 100644
Binary files a/msys2/usr/share/man/man1/users.1.gz and b/msys2/usr/share/man/man1/users.1.gz differ
diff --git a/msys2/usr/share/man/man1/uuidgen.1.gz b/msys2/usr/share/man/man1/uuidgen.1.gz
index 5b36030c8..869333763 100644
Binary files a/msys2/usr/share/man/man1/uuidgen.1.gz and b/msys2/usr/share/man/man1/uuidgen.1.gz differ
diff --git a/msys2/usr/share/man/man1/uuidparse.1.gz b/msys2/usr/share/man/man1/uuidparse.1.gz
new file mode 100644
index 000000000..29ff07392
Binary files /dev/null and b/msys2/usr/share/man/man1/uuidparse.1.gz differ
diff --git a/msys2/usr/share/man/man1/vdir.1.gz b/msys2/usr/share/man/man1/vdir.1.gz
index 84d746381..fda6ff2d1 100644
Binary files a/msys2/usr/share/man/man1/vdir.1.gz and b/msys2/usr/share/man/man1/vdir.1.gz differ
diff --git a/msys2/usr/share/man/man1/verify.1ssl.gz b/msys2/usr/share/man/man1/verify.1ssl.gz
index b42b51e1a..73d6595c5 100644
Binary files a/msys2/usr/share/man/man1/verify.1ssl.gz and b/msys2/usr/share/man/man1/verify.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/version.1ssl.gz b/msys2/usr/share/man/man1/version.1ssl.gz
index 5021b9d33..ffe4b401b 100644
Binary files a/msys2/usr/share/man/man1/version.1ssl.gz and b/msys2/usr/share/man/man1/version.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/wait.1.gz b/msys2/usr/share/man/man1/wait.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/wait.1.gz and b/msys2/usr/share/man/man1/wait.1.gz differ
diff --git a/msys2/usr/share/man/man1/watchgnupg.1.gz b/msys2/usr/share/man/man1/watchgnupg.1.gz
new file mode 100644
index 000000000..7eb78ee11
Binary files /dev/null and b/msys2/usr/share/man/man1/watchgnupg.1.gz differ
diff --git a/msys2/usr/share/man/man1/wc.1.gz b/msys2/usr/share/man/man1/wc.1.gz
index 3044b1dae..53ca2aa57 100644
Binary files a/msys2/usr/share/man/man1/wc.1.gz and b/msys2/usr/share/man/man1/wc.1.gz differ
diff --git a/msys2/usr/share/man/man1/wget.1.gz b/msys2/usr/share/man/man1/wget.1.gz
index 3b0a34cd2..3eca5c54e 100644
Binary files a/msys2/usr/share/man/man1/wget.1.gz and b/msys2/usr/share/man/man1/wget.1.gz differ
diff --git a/msys2/usr/share/man/man1/whereis.1.gz b/msys2/usr/share/man/man1/whereis.1.gz
index 68bb10b4b..d8d80bf11 100644
Binary files a/msys2/usr/share/man/man1/whereis.1.gz and b/msys2/usr/share/man/man1/whereis.1.gz differ
diff --git a/msys2/usr/share/man/man1/while.1.gz b/msys2/usr/share/man/man1/while.1.gz
index 48276c3a0..d942a11bf 100644
Binary files a/msys2/usr/share/man/man1/while.1.gz and b/msys2/usr/share/man/man1/while.1.gz differ
diff --git a/msys2/usr/share/man/man1/who.1.gz b/msys2/usr/share/man/man1/who.1.gz
index ad5aa6a1e..4f7ad0102 100644
Binary files a/msys2/usr/share/man/man1/who.1.gz and b/msys2/usr/share/man/man1/who.1.gz differ
diff --git a/msys2/usr/share/man/man1/whoami.1.gz b/msys2/usr/share/man/man1/whoami.1.gz
index 609e52a4d..931f0d6da 100644
Binary files a/msys2/usr/share/man/man1/whoami.1.gz and b/msys2/usr/share/man/man1/whoami.1.gz differ
diff --git a/msys2/usr/share/man/man1/x509.1ssl.gz b/msys2/usr/share/man/man1/x509.1ssl.gz
index 0faf33abc..dd82063c2 100644
Binary files a/msys2/usr/share/man/man1/x509.1ssl.gz and b/msys2/usr/share/man/man1/x509.1ssl.gz differ
diff --git a/msys2/usr/share/man/man1/xsltproc.1.gz b/msys2/usr/share/man/man1/xsltproc.1.gz
index 42bb675fd..088dc05dd 100644
Binary files a/msys2/usr/share/man/man1/xsltproc.1.gz and b/msys2/usr/share/man/man1/xsltproc.1.gz differ
diff --git a/msys2/usr/share/man/man1/xz.1.gz b/msys2/usr/share/man/man1/xz.1.gz
index 49b744ca0..360f8cf49 100644
Binary files a/msys2/usr/share/man/man1/xz.1.gz and b/msys2/usr/share/man/man1/xz.1.gz differ
diff --git a/msys2/usr/share/man/man1/xzcat.1.gz b/msys2/usr/share/man/man1/xzcat.1.gz
index 49b744ca0..360f8cf49 100644
Binary files a/msys2/usr/share/man/man1/xzcat.1.gz and b/msys2/usr/share/man/man1/xzcat.1.gz differ
diff --git a/msys2/usr/share/man/man1/xzdec.1.gz b/msys2/usr/share/man/man1/xzdec.1.gz
index 8728689d7..90183852d 100644
Binary files a/msys2/usr/share/man/man1/xzdec.1.gz and b/msys2/usr/share/man/man1/xzdec.1.gz differ
diff --git a/msys2/usr/share/man/man1/yes.1.gz b/msys2/usr/share/man/man1/yes.1.gz
index 2e174b450..1be14ce1e 100644
Binary files a/msys2/usr/share/man/man1/yes.1.gz and b/msys2/usr/share/man/man1/yes.1.gz differ
diff --git a/msys2/usr/share/man/man3/ACCESS_DESCRIPTION_free.3ssl.gz b/msys2/usr/share/man/man3/ACCESS_DESCRIPTION_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ACCESS_DESCRIPTION_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ACCESS_DESCRIPTION_new.3ssl.gz b/msys2/usr/share/man/man3/ACCESS_DESCRIPTION_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ACCESS_DESCRIPTION_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS_free.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS_get0_admissionAuthority.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS_get0_admissionAuthority.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS_get0_admissionAuthority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS_get0_namingAuthority.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS_get0_namingAuthority.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS_get0_namingAuthority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS_get0_professionInfos.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS_get0_professionInfos.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS_get0_professionInfos.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS_new.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS_set0_admissionAuthority.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS_set0_admissionAuthority.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS_set0_admissionAuthority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS_set0_namingAuthority.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS_set0_namingAuthority.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS_set0_namingAuthority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSIONS_set0_professionInfos.3ssl.gz b/msys2/usr/share/man/man3/ADMISSIONS_set0_professionInfos.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSIONS_set0_professionInfos.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSION_SYNTAX.3ssl.gz b/msys2/usr/share/man/man3/ADMISSION_SYNTAX.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSION_SYNTAX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSION_SYNTAX_free.3ssl.gz b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSION_SYNTAX_get0_admissionAuthority.3ssl.gz b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_get0_admissionAuthority.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_get0_admissionAuthority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSION_SYNTAX_get0_contentsOfAdmissions.3ssl.gz b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_get0_contentsOfAdmissions.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_get0_contentsOfAdmissions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSION_SYNTAX_new.3ssl.gz b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSION_SYNTAX_set0_admissionAuthority.3ssl.gz b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_set0_admissionAuthority.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_set0_admissionAuthority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ADMISSION_SYNTAX_set0_contentsOfAdmissions.3ssl.gz b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_set0_contentsOfAdmissions.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/ADMISSION_SYNTAX_set0_contentsOfAdmissions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASIdOrRange_free.3ssl.gz b/msys2/usr/share/man/man3/ASIdOrRange_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASIdOrRange_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASIdOrRange_new.3ssl.gz b/msys2/usr/share/man/man3/ASIdOrRange_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASIdOrRange_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASIdentifierChoice_free.3ssl.gz b/msys2/usr/share/man/man3/ASIdentifierChoice_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASIdentifierChoice_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASIdentifierChoice_new.3ssl.gz b/msys2/usr/share/man/man3/ASIdentifierChoice_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASIdentifierChoice_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASIdentifiers_free.3ssl.gz b/msys2/usr/share/man/man3/ASIdentifiers_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASIdentifiers_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASIdentifiers_new.3ssl.gz b/msys2/usr/share/man/man3/ASIdentifiers_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASIdentifiers_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_ENUMERATED_get.3ssl.gz b/msys2/usr/share/man/man3/ASN1_ENUMERATED_get.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_ENUMERATED_get.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_ENUMERATED_get_int64.3ssl.gz b/msys2/usr/share/man/man3/ASN1_ENUMERATED_get_int64.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_ENUMERATED_get_int64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_ENUMERATED_set.3ssl.gz b/msys2/usr/share/man/man3/ASN1_ENUMERATED_set.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_ENUMERATED_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_ENUMERATED_set_int64.3ssl.gz b/msys2/usr/share/man/man3/ASN1_ENUMERATED_set_int64.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_ENUMERATED_set_int64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_ENUMERATED_to_BN.3ssl.gz b/msys2/usr/share/man/man3/ASN1_ENUMERATED_to_BN.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_ENUMERATED_to_BN.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_adj.3ssl.gz b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_adj.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_adj.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_check.3ssl.gz b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_check.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_print.3ssl.gz b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_print.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_set.3ssl.gz b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_set.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_set_string.3ssl.gz b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_set_string.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_GENERALIZEDTIME_set_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_INTEGER_get.3ssl.gz b/msys2/usr/share/man/man3/ASN1_INTEGER_get.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_INTEGER_get.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_INTEGER_get_int64.3ssl.gz b/msys2/usr/share/man/man3/ASN1_INTEGER_get_int64.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_INTEGER_get_int64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_INTEGER_get_uint64.3ssl.gz b/msys2/usr/share/man/man3/ASN1_INTEGER_get_uint64.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_INTEGER_get_uint64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_INTEGER_set.3ssl.gz b/msys2/usr/share/man/man3/ASN1_INTEGER_set.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_INTEGER_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_INTEGER_set_int64.3ssl.gz b/msys2/usr/share/man/man3/ASN1_INTEGER_set_int64.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_INTEGER_set_int64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_INTEGER_set_uint64.3ssl.gz b/msys2/usr/share/man/man3/ASN1_INTEGER_set_uint64.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_INTEGER_set_uint64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_INTEGER_to_BN.3ssl.gz b/msys2/usr/share/man/man3/ASN1_INTEGER_to_BN.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_INTEGER_to_BN.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_ITEM.3ssl.gz b/msys2/usr/share/man/man3/ASN1_ITEM.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_ITEM.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_ITEM_get.3ssl.gz b/msys2/usr/share/man/man3/ASN1_ITEM_get.3ssl.gz
new file mode 100644
index 000000000..aca4c8f99
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_ITEM_get.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_ITEM_lookup.3ssl.gz b/msys2/usr/share/man/man3/ASN1_ITEM_lookup.3ssl.gz
new file mode 100644
index 000000000..aca4c8f99
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_ITEM_lookup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_OBJECT_free.3ssl.gz b/msys2/usr/share/man/man3/ASN1_OBJECT_free.3ssl.gz
index cd67886a1..0208f35e3 100644
Binary files a/msys2/usr/share/man/man3/ASN1_OBJECT_free.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_OBJECT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_OBJECT_new.3ssl.gz b/msys2/usr/share/man/man3/ASN1_OBJECT_new.3ssl.gz
index cd67886a1..0208f35e3 100644
Binary files a/msys2/usr/share/man/man3/ASN1_OBJECT_new.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_OBJECT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_TABLE.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_TABLE.3ssl.gz
new file mode 100644
index 000000000..38fcb77d4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_STRING_TABLE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_TABLE_add.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_TABLE_add.3ssl.gz
new file mode 100644
index 000000000..38fcb77d4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_STRING_TABLE_add.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_TABLE_cleanup.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_TABLE_cleanup.3ssl.gz
new file mode 100644
index 000000000..38fcb77d4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_STRING_TABLE_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_TABLE_get.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_TABLE_get.3ssl.gz
new file mode 100644
index 000000000..38fcb77d4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_STRING_TABLE_get.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_cmp.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_cmp.3ssl.gz
index e8ae2c32a..aed4d8313 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_cmp.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_data.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_data.3ssl.gz
index e8ae2c32a..aed4d8313 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_data.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_dup.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_dup.3ssl.gz
index e8ae2c32a..aed4d8313 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_dup.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_free.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_free.3ssl.gz
index a7c1d7353..4967b39f5 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_free.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_get0_data.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_get0_data.3ssl.gz
new file mode 100644
index 000000000..aed4d8313
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_STRING_get0_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_length.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_length.3ssl.gz
index e8ae2c32a..aed4d8313 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_length.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_length_set.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_length_set.3ssl.gz
deleted file mode 100644
index e8ae2c32a..000000000
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_length_set.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_new.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_new.3ssl.gz
index a7c1d7353..4967b39f5 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_new.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_print.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_print.3ssl.gz
index 06aeac1e5..01c99c88c 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_print.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_print_ex.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_print_ex.3ssl.gz
index 06aeac1e5..01c99c88c 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_print_ex.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_print_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_print_ex_fp.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_print_ex_fp.3ssl.gz
index 06aeac1e5..01c99c88c 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_print_ex_fp.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_print_ex_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_set.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_set.3ssl.gz
index e8ae2c32a..aed4d8313 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_set.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_to_UTF8.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_to_UTF8.3ssl.gz
index e8ae2c32a..aed4d8313 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_to_UTF8.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_to_UTF8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_type.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_type.3ssl.gz
index e8ae2c32a..aed4d8313 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_type.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_STRING_type_new.3ssl.gz b/msys2/usr/share/man/man3/ASN1_STRING_type_new.3ssl.gz
index a7c1d7353..4967b39f5 100644
Binary files a/msys2/usr/share/man/man3/ASN1_STRING_type_new.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_STRING_type_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_adj.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_adj.3ssl.gz
index 62c035b2d..1e78aa3c2 100644
Binary files a/msys2/usr/share/man/man3/ASN1_TIME_adj.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_TIME_adj.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_check.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_check.3ssl.gz
index 62c035b2d..1e78aa3c2 100644
Binary files a/msys2/usr/share/man/man3/ASN1_TIME_check.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_TIME_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_cmp_time_t.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_cmp_time_t.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TIME_cmp_time_t.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_compare.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_compare.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TIME_compare.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_diff.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_diff.3ssl.gz
index 62c035b2d..1e78aa3c2 100644
Binary files a/msys2/usr/share/man/man3/ASN1_TIME_diff.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_TIME_diff.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_normalize.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_normalize.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TIME_normalize.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_print.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_print.3ssl.gz
index 62c035b2d..1e78aa3c2 100644
Binary files a/msys2/usr/share/man/man3/ASN1_TIME_print.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_TIME_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_set.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_set.3ssl.gz
index 62c035b2d..1e78aa3c2 100644
Binary files a/msys2/usr/share/man/man3/ASN1_TIME_set.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_TIME_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_set_string.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_set_string.3ssl.gz
index 62c035b2d..1e78aa3c2 100644
Binary files a/msys2/usr/share/man/man3/ASN1_TIME_set_string.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_TIME_set_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_set_string_X509.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_set_string_X509.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TIME_set_string_X509.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_to_generalizedtime.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_to_generalizedtime.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TIME_to_generalizedtime.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TIME_to_tm.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TIME_to_tm.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TIME_to_tm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TYPE_cmp.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TYPE_cmp.3ssl.gz
new file mode 100644
index 000000000..820e245f4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TYPE_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TYPE_get.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TYPE_get.3ssl.gz
new file mode 100644
index 000000000..820e245f4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TYPE_get.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TYPE_pack_sequence.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TYPE_pack_sequence.3ssl.gz
new file mode 100644
index 000000000..820e245f4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TYPE_pack_sequence.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TYPE_set.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TYPE_set.3ssl.gz
new file mode 100644
index 000000000..820e245f4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TYPE_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TYPE_set1.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TYPE_set1.3ssl.gz
new file mode 100644
index 000000000..820e245f4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TYPE_set1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_TYPE_unpack_sequence.3ssl.gz b/msys2/usr/share/man/man3/ASN1_TYPE_unpack_sequence.3ssl.gz
new file mode 100644
index 000000000..820e245f4
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_TYPE_unpack_sequence.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_UTCTIME_adj.3ssl.gz b/msys2/usr/share/man/man3/ASN1_UTCTIME_adj.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_UTCTIME_adj.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_UTCTIME_check.3ssl.gz b/msys2/usr/share/man/man3/ASN1_UTCTIME_check.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_UTCTIME_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_UTCTIME_cmp_time_t.3ssl.gz b/msys2/usr/share/man/man3/ASN1_UTCTIME_cmp_time_t.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_UTCTIME_cmp_time_t.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_UTCTIME_print.3ssl.gz b/msys2/usr/share/man/man3/ASN1_UTCTIME_print.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_UTCTIME_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_UTCTIME_set.3ssl.gz b/msys2/usr/share/man/man3/ASN1_UTCTIME_set.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_UTCTIME_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_UTCTIME_set_string.3ssl.gz b/msys2/usr/share/man/man3/ASN1_UTCTIME_set_string.3ssl.gz
new file mode 100644
index 000000000..1e78aa3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_UTCTIME_set_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_add_oid_module.3ssl.gz b/msys2/usr/share/man/man3/ASN1_add_oid_module.3ssl.gz
index 3013a9a0a..dda2837d0 100644
Binary files a/msys2/usr/share/man/man3/ASN1_add_oid_module.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_add_oid_module.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_generate_nconf.3ssl.gz b/msys2/usr/share/man/man3/ASN1_generate_nconf.3ssl.gz
index f8c47995b..d4e8ff0e8 100644
Binary files a/msys2/usr/share/man/man3/ASN1_generate_nconf.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_generate_nconf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_generate_v3.3ssl.gz b/msys2/usr/share/man/man3/ASN1_generate_v3.3ssl.gz
index f8c47995b..d4e8ff0e8 100644
Binary files a/msys2/usr/share/man/man3/ASN1_generate_v3.3ssl.gz and b/msys2/usr/share/man/man3/ASN1_generate_v3.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASN1_tag2str.3ssl.gz b/msys2/usr/share/man/man3/ASN1_tag2str.3ssl.gz
new file mode 100644
index 000000000..01c99c88c
Binary files /dev/null and b/msys2/usr/share/man/man3/ASN1_tag2str.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASRange_free.3ssl.gz b/msys2/usr/share/man/man3/ASRange_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASRange_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASRange_new.3ssl.gz b/msys2/usr/share/man/man3/ASRange_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ASRange_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_clear_fd.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_clear_fd.3ssl.gz
new file mode 100644
index 000000000..40d6d9b55
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_clear_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_free.3ssl.gz
new file mode 100644
index 000000000..40d6d9b55
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_all_fds.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_all_fds.3ssl.gz
new file mode 100644
index 000000000..40d6d9b55
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_all_fds.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_changed_fds.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_changed_fds.3ssl.gz
new file mode 100644
index 000000000..40d6d9b55
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_changed_fds.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_fd.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_fd.3ssl.gz
new file mode 100644
index 000000000..40d6d9b55
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_get_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_new.3ssl.gz
new file mode 100644
index 000000000..40d6d9b55
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_set_wait_fd.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_set_wait_fd.3ssl.gz
new file mode 100644
index 000000000..40d6d9b55
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_WAIT_CTX_set_wait_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_block_pause.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_block_pause.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_block_pause.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_cleanup_thread.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_cleanup_thread.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_cleanup_thread.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_get_current_job.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_get_current_job.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_get_current_job.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_get_wait_ctx.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_get_wait_ctx.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_get_wait_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_init_thread.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_init_thread.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_init_thread.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_is_capable.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_is_capable.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_is_capable.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_pause_job.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_pause_job.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_pause_job.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_start_job.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_start_job.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_start_job.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ASYNC_unblock_pause.3ssl.gz b/msys2/usr/share/man/man3/ASYNC_unblock_pause.3ssl.gz
new file mode 100644
index 000000000..6ed03c970
Binary files /dev/null and b/msys2/usr/share/man/man3/ASYNC_unblock_pause.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/AUTHORITY_INFO_ACCESS_free.3ssl.gz b/msys2/usr/share/man/man3/AUTHORITY_INFO_ACCESS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/AUTHORITY_INFO_ACCESS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/AUTHORITY_INFO_ACCESS_new.3ssl.gz b/msys2/usr/share/man/man3/AUTHORITY_INFO_ACCESS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/AUTHORITY_INFO_ACCESS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/AUTHORITY_KEYID_free.3ssl.gz b/msys2/usr/share/man/man3/AUTHORITY_KEYID_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/AUTHORITY_KEYID_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/AUTHORITY_KEYID_new.3ssl.gz b/msys2/usr/share/man/man3/AUTHORITY_KEYID_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/AUTHORITY_KEYID_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BASIC_CONSTRAINTS_free.3ssl.gz b/msys2/usr/share/man/man3/BASIC_CONSTRAINTS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/BASIC_CONSTRAINTS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BASIC_CONSTRAINTS_new.3ssl.gz b/msys2/usr/share/man/man3/BASIC_CONSTRAINTS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/BASIC_CONSTRAINTS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BC.3x.gz b/msys2/usr/share/man/man3/BC.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/BC.3x.gz and b/msys2/usr/share/man/man3/BC.3x.gz differ
diff --git a/msys2/usr/share/man/man3/BF_cbc_encrypt.3ssl.gz b/msys2/usr/share/man/man3/BF_cbc_encrypt.3ssl.gz
index d9ab10ff1..ea06916c1 100644
Binary files a/msys2/usr/share/man/man3/BF_cbc_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/BF_cbc_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BF_cfb64_encrypt.3ssl.gz b/msys2/usr/share/man/man3/BF_cfb64_encrypt.3ssl.gz
index d9ab10ff1..ea06916c1 100644
Binary files a/msys2/usr/share/man/man3/BF_cfb64_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/BF_cfb64_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BF_decrypt.3ssl.gz b/msys2/usr/share/man/man3/BF_decrypt.3ssl.gz
index d9ab10ff1..ea06916c1 100644
Binary files a/msys2/usr/share/man/man3/BF_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/BF_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BF_ecb_encrypt.3ssl.gz b/msys2/usr/share/man/man3/BF_ecb_encrypt.3ssl.gz
index d9ab10ff1..ea06916c1 100644
Binary files a/msys2/usr/share/man/man3/BF_ecb_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/BF_ecb_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BF_encrypt.3ssl.gz b/msys2/usr/share/man/man3/BF_encrypt.3ssl.gz
index d9ab10ff1..ea06916c1 100644
Binary files a/msys2/usr/share/man/man3/BF_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/BF_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BF_ofb64_encrypt.3ssl.gz b/msys2/usr/share/man/man3/BF_ofb64_encrypt.3ssl.gz
index d9ab10ff1..ea06916c1 100644
Binary files a/msys2/usr/share/man/man3/BF_ofb64_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/BF_ofb64_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BF_options.3ssl.gz b/msys2/usr/share/man/man3/BF_options.3ssl.gz
index d9ab10ff1..ea06916c1 100644
Binary files a/msys2/usr/share/man/man3/BF_options.3ssl.gz and b/msys2/usr/share/man/man3/BF_options.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BF_set_key.3ssl.gz b/msys2/usr/share/man/man3/BF_set_key.3ssl.gz
index d9ab10ff1..ea06916c1 100644
Binary files a/msys2/usr/share/man/man3/BF_set_key.3ssl.gz and b/msys2/usr/share/man/man3/BF_set_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDRINFO.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDRINFO.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDRINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDRINFO_address.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDRINFO_address.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDRINFO_address.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDRINFO_family.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDRINFO_family.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDRINFO_family.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDRINFO_free.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDRINFO_free.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDRINFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDRINFO_next.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDRINFO_next.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDRINFO_next.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDRINFO_protocol.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDRINFO_protocol.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDRINFO_protocol.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDRINFO_socktype.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDRINFO_socktype.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDRINFO_socktype.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_clear.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_clear.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_clear.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_family.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_family.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_family.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_free.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_free.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_hostname_string.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_hostname_string.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_hostname_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_new.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_new.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_path_string.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_path_string.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_path_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_rawaddress.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_rawaddress.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_rawaddress.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_rawmake.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_rawmake.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_rawmake.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_rawport.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_rawport.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_rawport.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ADDR_service_string.3ssl.gz b/msys2/usr/share/man/man3/BIO_ADDR_service_string.3ssl.gz
new file mode 100644
index 000000000..16a6e9443
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_ADDR_service_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_accept_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_accept_ex.3ssl.gz
new file mode 100644
index 000000000..35c5ad23e
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_accept_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_append_filename.3ssl.gz b/msys2/usr/share/man/man3/BIO_append_filename.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_append_filename.3ssl.gz and b/msys2/usr/share/man/man3/BIO_append_filename.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_bind.3ssl.gz b/msys2/usr/share/man/man3/BIO_bind.3ssl.gz
new file mode 100644
index 000000000..35c5ad23e
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_bind.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_callback_ctrl.3ssl.gz b/msys2/usr/share/man/man3/BIO_callback_ctrl.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_callback_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/BIO_callback_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_callback_fn.3ssl.gz b/msys2/usr/share/man/man3/BIO_callback_fn.3ssl.gz
new file mode 100644
index 000000000..5145299b0
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_callback_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_callback_fn_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_callback_fn_ex.3ssl.gz
new file mode 100644
index 000000000..5145299b0
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_callback_fn_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_closesocket.3ssl.gz b/msys2/usr/share/man/man3/BIO_closesocket.3ssl.gz
new file mode 100644
index 000000000..35c5ad23e
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_closesocket.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_connect.3ssl.gz b/msys2/usr/share/man/man3/BIO_connect.3ssl.gz
new file mode 100644
index 000000000..35c5ad23e
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_connect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ctrl.3ssl.gz b/msys2/usr/share/man/man3/BIO_ctrl.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ctrl_get_read_request.3ssl.gz b/msys2/usr/share/man/man3/BIO_ctrl_get_read_request.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_ctrl_get_read_request.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ctrl_get_read_request.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ctrl_get_write_guarantee.3ssl.gz b/msys2/usr/share/man/man3/BIO_ctrl_get_write_guarantee.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_ctrl_get_write_guarantee.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ctrl_get_write_guarantee.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ctrl_pending.3ssl.gz b/msys2/usr/share/man/man3/BIO_ctrl_pending.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_ctrl_pending.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ctrl_pending.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ctrl_reset_read_request.3ssl.gz b/msys2/usr/share/man/man3/BIO_ctrl_reset_read_request.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_ctrl_reset_read_request.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ctrl_reset_read_request.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ctrl_wpending.3ssl.gz b/msys2/usr/share/man/man3/BIO_ctrl_wpending.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_ctrl_wpending.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ctrl_wpending.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_debug_callback.3ssl.gz b/msys2/usr/share/man/man3/BIO_debug_callback.3ssl.gz
index 98159b76b..5145299b0 100644
Binary files a/msys2/usr/share/man/man3/BIO_debug_callback.3ssl.gz and b/msys2/usr/share/man/man3/BIO_debug_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_destroy_bio_pair.3ssl.gz b/msys2/usr/share/man/man3/BIO_destroy_bio_pair.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_destroy_bio_pair.3ssl.gz and b/msys2/usr/share/man/man3/BIO_destroy_bio_pair.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_do_accept.3ssl.gz b/msys2/usr/share/man/man3/BIO_do_accept.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_do_accept.3ssl.gz and b/msys2/usr/share/man/man3/BIO_do_accept.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_do_connect.3ssl.gz b/msys2/usr/share/man/man3/BIO_do_connect.3ssl.gz
index dbf17c7eb..fec4bd12c 100644
Binary files a/msys2/usr/share/man/man3/BIO_do_connect.3ssl.gz and b/msys2/usr/share/man/man3/BIO_do_connect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_do_handshake.3ssl.gz b/msys2/usr/share/man/man3/BIO_do_handshake.3ssl.gz
new file mode 100644
index 000000000..832ce6fa5
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_do_handshake.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_eof.3ssl.gz b/msys2/usr/share/man/man3/BIO_eof.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_eof.3ssl.gz and b/msys2/usr/share/man/man3/BIO_eof.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_f_base64.3ssl.gz b/msys2/usr/share/man/man3/BIO_f_base64.3ssl.gz
index 3337b96a8..ae5fbb973 100644
Binary files a/msys2/usr/share/man/man3/BIO_f_base64.3ssl.gz and b/msys2/usr/share/man/man3/BIO_f_base64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_f_buffer.3ssl.gz b/msys2/usr/share/man/man3/BIO_f_buffer.3ssl.gz
index c7ea5868a..869bd0848 100644
Binary files a/msys2/usr/share/man/man3/BIO_f_buffer.3ssl.gz and b/msys2/usr/share/man/man3/BIO_f_buffer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_f_cipher.3ssl.gz b/msys2/usr/share/man/man3/BIO_f_cipher.3ssl.gz
index f8dcd04b3..5649d7639 100644
Binary files a/msys2/usr/share/man/man3/BIO_f_cipher.3ssl.gz and b/msys2/usr/share/man/man3/BIO_f_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_f_md.3ssl.gz b/msys2/usr/share/man/man3/BIO_f_md.3ssl.gz
index 1e6d71eaf..5c0407030 100644
Binary files a/msys2/usr/share/man/man3/BIO_f_md.3ssl.gz and b/msys2/usr/share/man/man3/BIO_f_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_f_null.3ssl.gz b/msys2/usr/share/man/man3/BIO_f_null.3ssl.gz
index 6fe5895f4..81d08e2cf 100644
Binary files a/msys2/usr/share/man/man3/BIO_f_null.3ssl.gz and b/msys2/usr/share/man/man3/BIO_f_null.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_f_ssl.3ssl.gz b/msys2/usr/share/man/man3/BIO_f_ssl.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_f_ssl.3ssl.gz and b/msys2/usr/share/man/man3/BIO_f_ssl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_find_type.3ssl.gz b/msys2/usr/share/man/man3/BIO_find_type.3ssl.gz
index 54a0c6953..29e2c2053 100644
Binary files a/msys2/usr/share/man/man3/BIO_find_type.3ssl.gz and b/msys2/usr/share/man/man3/BIO_find_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_flush.3ssl.gz b/msys2/usr/share/man/man3/BIO_flush.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_flush.3ssl.gz and b/msys2/usr/share/man/man3/BIO_flush.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_free.3ssl.gz b/msys2/usr/share/man/man3/BIO_free.3ssl.gz
index c694a99c4..52accd2ab 100644
Binary files a/msys2/usr/share/man/man3/BIO_free.3ssl.gz and b/msys2/usr/share/man/man3/BIO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_free_all.3ssl.gz b/msys2/usr/share/man/man3/BIO_free_all.3ssl.gz
index c694a99c4..52accd2ab 100644
Binary files a/msys2/usr/share/man/man3/BIO_free_all.3ssl.gz and b/msys2/usr/share/man/man3/BIO_free_all.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_accept_ip_family.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_accept_ip_family.3ssl.gz
new file mode 100644
index 000000000..a36baacaf
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_accept_ip_family.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_accept_name.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_accept_name.3ssl.gz
new file mode 100644
index 000000000..a36baacaf
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_accept_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_accept_port.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_accept_port.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_accept_port.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_accept_port.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_bind_mode.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_bind_mode.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_bind_mode.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_bind_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_buffer_num_lines.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_buffer_num_lines.3ssl.gz
new file mode 100644
index 000000000..869bd0848
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_buffer_num_lines.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_callback.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_callback.3ssl.gz
index 98159b76b..5145299b0 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_callback.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_callback_arg.3ssl.gz
index 98159b76b..5145299b0 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_callback_arg.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_callback_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_callback_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_callback_ex.3ssl.gz
new file mode 100644
index 000000000..5145299b0
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_callback_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_cipher_ctx.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_cipher_ctx.3ssl.gz
index f8dcd04b3..5649d7639 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_cipher_ctx.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_cipher_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_cipher_status.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_cipher_status.3ssl.gz
index f8dcd04b3..5649d7639 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_cipher_status.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_cipher_status.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_close.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_close.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_close.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_close.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_conn_address.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_conn_address.3ssl.gz
new file mode 100644
index 000000000..fec4bd12c
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_conn_address.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_conn_hostname.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_conn_hostname.3ssl.gz
index dbf17c7eb..fec4bd12c 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_conn_hostname.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_conn_hostname.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_conn_int_port.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_conn_int_port.3ssl.gz
deleted file mode 100644
index dbf17c7eb..000000000
Binary files a/msys2/usr/share/man/man3/BIO_get_conn_int_port.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BIO_get_conn_ip.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_conn_ip.3ssl.gz
deleted file mode 100644
index dbf17c7eb..000000000
Binary files a/msys2/usr/share/man/man3/BIO_get_conn_ip.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BIO_get_conn_ip_family.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_conn_ip_family.3ssl.gz
new file mode 100644
index 000000000..fec4bd12c
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_conn_ip_family.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_conn_port.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_conn_port.3ssl.gz
index dbf17c7eb..fec4bd12c 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_conn_port.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_conn_port.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_data.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_data.3ssl.gz
new file mode 100644
index 000000000..fa4b31354
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_fd.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_fd.3ssl.gz
index 72a9df35d..729f8ddd0 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_fd.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_fp.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_fp.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_fp.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_info_callback.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_info_callback.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_info_callback.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_info_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_init.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_init.3ssl.gz
new file mode 100644
index 000000000..fa4b31354
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_md.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_md.3ssl.gz
index 1e6d71eaf..5c0407030 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_md.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_md_ctx.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_md_ctx.3ssl.gz
index 1e6d71eaf..5c0407030 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_md_ctx.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_md_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_mem_data.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_mem_data.3ssl.gz
index e76b4490a..43fd781a0 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_mem_data.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_mem_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_mem_ptr.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_mem_ptr.3ssl.gz
index e76b4490a..43fd781a0 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_mem_ptr.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_mem_ptr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_new_index.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_new_index.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_num_renegotiates.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_num_renegotiates.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_num_renegotiates.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_num_renegotiates.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_peer_name.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_peer_name.3ssl.gz
new file mode 100644
index 000000000..a36baacaf
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_peer_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_peer_port.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_peer_port.3ssl.gz
new file mode 100644
index 000000000..a36baacaf
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_peer_port.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_read_request.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_read_request.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_read_request.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_read_request.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_retry_BIO.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_retry_BIO.3ssl.gz
index fa826c1aa..68f92c70b 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_retry_BIO.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_retry_BIO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_retry_reason.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_retry_reason.3ssl.gz
index fa826c1aa..68f92c70b 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_retry_reason.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_retry_reason.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_shutdown.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_shutdown.3ssl.gz
new file mode 100644
index 000000000..fa4b31354
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_get_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_ssl.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_ssl.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_ssl.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_ssl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_write_buf_size.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_write_buf_size.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_write_buf_size.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_write_buf_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_get_write_guarantee.3ssl.gz b/msys2/usr/share/man/man3/BIO_get_write_guarantee.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_get_write_guarantee.3ssl.gz and b/msys2/usr/share/man/man3/BIO_get_write_guarantee.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_gets.3ssl.gz b/msys2/usr/share/man/man3/BIO_gets.3ssl.gz
index a16dcdc8d..4f085bb06 100644
Binary files a/msys2/usr/share/man/man3/BIO_gets.3ssl.gz and b/msys2/usr/share/man/man3/BIO_gets.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_hostserv_priorities.3ssl.gz b/msys2/usr/share/man/man3/BIO_hostserv_priorities.3ssl.gz
new file mode 100644
index 000000000..b537de8e3
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_hostserv_priorities.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_info_cb.3ssl.gz b/msys2/usr/share/man/man3/BIO_info_cb.3ssl.gz
new file mode 100644
index 000000000..25f3ae6f9
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_info_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_int_ctrl.3ssl.gz b/msys2/usr/share/man/man3/BIO_int_ctrl.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_int_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/BIO_int_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_listen.3ssl.gz b/msys2/usr/share/man/man3/BIO_listen.3ssl.gz
new file mode 100644
index 000000000..35c5ad23e
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_listen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_lookup.3ssl.gz b/msys2/usr/share/man/man3/BIO_lookup.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_lookup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_lookup_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_lookup_ex.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_lookup_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_lookup_type.3ssl.gz b/msys2/usr/share/man/man3/BIO_lookup_type.3ssl.gz
new file mode 100644
index 000000000..e5398e863
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_lookup_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_make_bio_pair.3ssl.gz b/msys2/usr/share/man/man3/BIO_make_bio_pair.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_make_bio_pair.3ssl.gz and b/msys2/usr/share/man/man3/BIO_make_bio_pair.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_free.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_free.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_callback_ctrl.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_callback_ctrl.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_callback_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_create.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_create.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_create.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_ctrl.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_ctrl.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_destroy.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_destroy.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_destroy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_gets.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_gets.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_gets.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_puts.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_puts.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_puts.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_read.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_read.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_read.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_read_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_read_ex.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_read_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_write.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_write.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_write.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_get_write_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_get_write_ex.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_get_write_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_new.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_new.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_callback_ctrl.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_callback_ctrl.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_callback_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_create.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_create.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_create.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_ctrl.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_ctrl.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_destroy.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_destroy.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_destroy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_gets.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_gets.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_gets.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_puts.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_puts.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_puts.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_read.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_read.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_read.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_read_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_read_ex.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_read_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_write.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_write.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_write.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_meth_set_write_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_meth_set_write_ex.3ssl.gz
new file mode 100644
index 000000000..1e81a5829
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_meth_set_write_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_method_type.3ssl.gz b/msys2/usr/share/man/man3/BIO_method_type.3ssl.gz
index 54a0c6953..29e2c2053 100644
Binary files a/msys2/usr/share/man/man3/BIO_method_type.3ssl.gz and b/msys2/usr/share/man/man3/BIO_method_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new.3ssl.gz b/msys2/usr/share/man/man3/BIO_new.3ssl.gz
index c694a99c4..52accd2ab 100644
Binary files a/msys2/usr/share/man/man3/BIO_new.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_CMS.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_CMS.3ssl.gz
index fe3dc75ea..b491c6d97 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_CMS.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_CMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_accept.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_accept.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_accept.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_accept.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_bio_pair.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_bio_pair.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_bio_pair.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_bio_pair.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_buffer_ssl_connect.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_buffer_ssl_connect.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_buffer_ssl_connect.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_buffer_ssl_connect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_connect.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_connect.3ssl.gz
index dbf17c7eb..fec4bd12c 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_connect.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_connect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_fd.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_fd.3ssl.gz
index 72a9df35d..729f8ddd0 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_fd.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_file.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_file.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_file.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_fp.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_fp.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_fp.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_mem_buf.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_mem_buf.3ssl.gz
index e76b4490a..43fd781a0 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_mem_buf.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_mem_buf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_socket.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_socket.3ssl.gz
index c07d977b0..b4ba14bbd 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_socket.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_socket.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_ssl.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_ssl.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_ssl.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_ssl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_new_ssl_connect.3ssl.gz b/msys2/usr/share/man/man3/BIO_new_ssl_connect.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_new_ssl_connect.3ssl.gz and b/msys2/usr/share/man/man3/BIO_new_ssl_connect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_next.3ssl.gz b/msys2/usr/share/man/man3/BIO_next.3ssl.gz
index 54a0c6953..29e2c2053 100644
Binary files a/msys2/usr/share/man/man3/BIO_next.3ssl.gz and b/msys2/usr/share/man/man3/BIO_next.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_parse_hostserv.3ssl.gz b/msys2/usr/share/man/man3/BIO_parse_hostserv.3ssl.gz
new file mode 100644
index 000000000..b537de8e3
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_parse_hostserv.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_pending.3ssl.gz b/msys2/usr/share/man/man3/BIO_pending.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_pending.3ssl.gz and b/msys2/usr/share/man/man3/BIO_pending.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_pop.3ssl.gz b/msys2/usr/share/man/man3/BIO_pop.3ssl.gz
index eb1bd98d0..2d062fe93 100644
Binary files a/msys2/usr/share/man/man3/BIO_pop.3ssl.gz and b/msys2/usr/share/man/man3/BIO_pop.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_printf.3ssl.gz b/msys2/usr/share/man/man3/BIO_printf.3ssl.gz
new file mode 100644
index 000000000..cdee2d193
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_printf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ptr_ctrl.3ssl.gz b/msys2/usr/share/man/man3/BIO_ptr_ctrl.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_ptr_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ptr_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_push.3ssl.gz b/msys2/usr/share/man/man3/BIO_push.3ssl.gz
index eb1bd98d0..2d062fe93 100644
Binary files a/msys2/usr/share/man/man3/BIO_push.3ssl.gz and b/msys2/usr/share/man/man3/BIO_push.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_puts.3ssl.gz b/msys2/usr/share/man/man3/BIO_puts.3ssl.gz
index a16dcdc8d..4f085bb06 100644
Binary files a/msys2/usr/share/man/man3/BIO_puts.3ssl.gz and b/msys2/usr/share/man/man3/BIO_puts.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_read.3ssl.gz b/msys2/usr/share/man/man3/BIO_read.3ssl.gz
index a16dcdc8d..4f085bb06 100644
Binary files a/msys2/usr/share/man/man3/BIO_read.3ssl.gz and b/msys2/usr/share/man/man3/BIO_read.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_read_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_read_ex.3ssl.gz
new file mode 100644
index 000000000..4f085bb06
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_read_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_read_filename.3ssl.gz b/msys2/usr/share/man/man3/BIO_read_filename.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_read_filename.3ssl.gz and b/msys2/usr/share/man/man3/BIO_read_filename.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_reset.3ssl.gz b/msys2/usr/share/man/man3/BIO_reset.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_reset.3ssl.gz and b/msys2/usr/share/man/man3/BIO_reset.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_retry_type.3ssl.gz b/msys2/usr/share/man/man3/BIO_retry_type.3ssl.gz
index fa826c1aa..68f92c70b 100644
Binary files a/msys2/usr/share/man/man3/BIO_retry_type.3ssl.gz and b/msys2/usr/share/man/man3/BIO_retry_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_rw_filename.3ssl.gz b/msys2/usr/share/man/man3/BIO_rw_filename.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_rw_filename.3ssl.gz and b/msys2/usr/share/man/man3/BIO_rw_filename.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_accept.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_accept.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_s_accept.3ssl.gz and b/msys2/usr/share/man/man3/BIO_s_accept.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_bio.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_bio.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_s_bio.3ssl.gz and b/msys2/usr/share/man/man3/BIO_s_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_connect.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_connect.3ssl.gz
index dbf17c7eb..fec4bd12c 100644
Binary files a/msys2/usr/share/man/man3/BIO_s_connect.3ssl.gz and b/msys2/usr/share/man/man3/BIO_s_connect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_fd.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_fd.3ssl.gz
index 72a9df35d..729f8ddd0 100644
Binary files a/msys2/usr/share/man/man3/BIO_s_fd.3ssl.gz and b/msys2/usr/share/man/man3/BIO_s_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_file.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_file.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_s_file.3ssl.gz and b/msys2/usr/share/man/man3/BIO_s_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_mem.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_mem.3ssl.gz
index e76b4490a..43fd781a0 100644
Binary files a/msys2/usr/share/man/man3/BIO_s_mem.3ssl.gz and b/msys2/usr/share/man/man3/BIO_s_mem.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_null.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_null.3ssl.gz
index 79e85e4cb..077f21a4e 100644
Binary files a/msys2/usr/share/man/man3/BIO_s_null.3ssl.gz and b/msys2/usr/share/man/man3/BIO_s_null.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_secmem.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_secmem.3ssl.gz
new file mode 100644
index 000000000..43fd781a0
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_s_secmem.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_s_socket.3ssl.gz b/msys2/usr/share/man/man3/BIO_s_socket.3ssl.gz
index c07d977b0..b4ba14bbd 100644
Binary files a/msys2/usr/share/man/man3/BIO_s_socket.3ssl.gz and b/msys2/usr/share/man/man3/BIO_s_socket.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_seek.3ssl.gz b/msys2/usr/share/man/man3/BIO_seek.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_seek.3ssl.gz and b/msys2/usr/share/man/man3/BIO_seek.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set.3ssl.gz b/msys2/usr/share/man/man3/BIO_set.3ssl.gz
deleted file mode 100644
index c694a99c4..000000000
Binary files a/msys2/usr/share/man/man3/BIO_set.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BIO_set_accept_bios.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_accept_bios.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_accept_bios.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_accept_bios.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_accept_ip_family.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_accept_ip_family.3ssl.gz
new file mode 100644
index 000000000..a36baacaf
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_accept_ip_family.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_accept_name.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_accept_name.3ssl.gz
new file mode 100644
index 000000000..a36baacaf
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_accept_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_accept_port.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_accept_port.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_accept_port.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_accept_port.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_bind_mode.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_bind_mode.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_bind_mode.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_bind_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_buffer_read_data.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_buffer_read_data.3ssl.gz
new file mode 100644
index 000000000..869bd0848
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_buffer_read_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_buffer_size.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_buffer_size.3ssl.gz
new file mode 100644
index 000000000..869bd0848
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_buffer_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_callback.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_callback.3ssl.gz
index 98159b76b..5145299b0 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_callback.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_callback_arg.3ssl.gz
index 98159b76b..5145299b0 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_callback_arg.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_callback_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_callback_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_callback_ex.3ssl.gz
new file mode 100644
index 000000000..5145299b0
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_callback_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_cipher.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_cipher.3ssl.gz
index f8dcd04b3..5649d7639 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_cipher.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_close.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_close.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_close.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_close.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_conn_address.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_conn_address.3ssl.gz
new file mode 100644
index 000000000..fec4bd12c
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_conn_address.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_conn_hostname.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_conn_hostname.3ssl.gz
index dbf17c7eb..fec4bd12c 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_conn_hostname.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_conn_hostname.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_conn_int_port.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_conn_int_port.3ssl.gz
deleted file mode 100644
index dbf17c7eb..000000000
Binary files a/msys2/usr/share/man/man3/BIO_set_conn_int_port.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BIO_set_conn_ip.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_conn_ip.3ssl.gz
deleted file mode 100644
index dbf17c7eb..000000000
Binary files a/msys2/usr/share/man/man3/BIO_set_conn_ip.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BIO_set_conn_ip_family.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_conn_ip_family.3ssl.gz
new file mode 100644
index 000000000..fec4bd12c
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_conn_ip_family.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_conn_port.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_conn_port.3ssl.gz
index dbf17c7eb..fec4bd12c 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_conn_port.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_conn_port.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_data.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_data.3ssl.gz
new file mode 100644
index 000000000..fa4b31354
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_fd.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_fd.3ssl.gz
index 72a9df35d..729f8ddd0 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_fd.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_fp.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_fp.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_fp.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_info_callback.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_info_callback.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_info_callback.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_info_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_init.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_init.3ssl.gz
new file mode 100644
index 000000000..fa4b31354
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_md.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_md.3ssl.gz
index 1e6d71eaf..5c0407030 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_md.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_mem_buf.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_mem_buf.3ssl.gz
index e76b4490a..43fd781a0 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_mem_buf.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_mem_buf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_mem_eof_return.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_mem_eof_return.3ssl.gz
index e76b4490a..43fd781a0 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_mem_eof_return.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_mem_eof_return.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_nbio.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_nbio.3ssl.gz
index dbf17c7eb..fec4bd12c 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_nbio.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_nbio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_nbio_accept.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_nbio_accept.3ssl.gz
index ebe4f640e..a36baacaf 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_nbio_accept.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_nbio_accept.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_next.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_next.3ssl.gz
new file mode 100644
index 000000000..2d062fe93
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_next.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_read_buffer_size.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_read_buffer_size.3ssl.gz
new file mode 100644
index 000000000..869bd0848
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_read_buffer_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_retry_reason.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_retry_reason.3ssl.gz
new file mode 100644
index 000000000..68f92c70b
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_retry_reason.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_shutdown.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_shutdown.3ssl.gz
new file mode 100644
index 000000000..fa4b31354
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_ssl.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_ssl.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_ssl.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_ssl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_ssl_mode.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_ssl_mode.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_ssl_mode.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_ssl_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_ssl_renegotiate_bytes.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_ssl_renegotiate_bytes.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_ssl_renegotiate_bytes.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_ssl_renegotiate_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_ssl_renegotiate_timeout.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_ssl_renegotiate_timeout.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_ssl_renegotiate_timeout.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_ssl_renegotiate_timeout.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_write_buf_size.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_write_buf_size.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_set_write_buf_size.3ssl.gz and b/msys2/usr/share/man/man3/BIO_set_write_buf_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_set_write_buffer_size.3ssl.gz b/msys2/usr/share/man/man3/BIO_set_write_buffer_size.3ssl.gz
new file mode 100644
index 000000000..869bd0848
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_set_write_buffer_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_should_io_special.3ssl.gz b/msys2/usr/share/man/man3/BIO_should_io_special.3ssl.gz
index fa826c1aa..68f92c70b 100644
Binary files a/msys2/usr/share/man/man3/BIO_should_io_special.3ssl.gz and b/msys2/usr/share/man/man3/BIO_should_io_special.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_should_read.3ssl.gz b/msys2/usr/share/man/man3/BIO_should_read.3ssl.gz
index fa826c1aa..68f92c70b 100644
Binary files a/msys2/usr/share/man/man3/BIO_should_read.3ssl.gz and b/msys2/usr/share/man/man3/BIO_should_read.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_should_retry.3ssl.gz b/msys2/usr/share/man/man3/BIO_should_retry.3ssl.gz
index fa826c1aa..68f92c70b 100644
Binary files a/msys2/usr/share/man/man3/BIO_should_retry.3ssl.gz and b/msys2/usr/share/man/man3/BIO_should_retry.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_should_write.3ssl.gz b/msys2/usr/share/man/man3/BIO_should_write.3ssl.gz
index fa826c1aa..68f92c70b 100644
Binary files a/msys2/usr/share/man/man3/BIO_should_write.3ssl.gz and b/msys2/usr/share/man/man3/BIO_should_write.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_shutdown_wr.3ssl.gz b/msys2/usr/share/man/man3/BIO_shutdown_wr.3ssl.gz
index 176ce9fa9..0fa8f60dc 100644
Binary files a/msys2/usr/share/man/man3/BIO_shutdown_wr.3ssl.gz and b/msys2/usr/share/man/man3/BIO_shutdown_wr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_snprintf.3ssl.gz b/msys2/usr/share/man/man3/BIO_snprintf.3ssl.gz
new file mode 100644
index 000000000..cdee2d193
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_snprintf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_socket.3ssl.gz b/msys2/usr/share/man/man3/BIO_socket.3ssl.gz
new file mode 100644
index 000000000..35c5ad23e
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_socket.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ssl_copy_session_id.3ssl.gz b/msys2/usr/share/man/man3/BIO_ssl_copy_session_id.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_ssl_copy_session_id.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ssl_copy_session_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_ssl_shutdown.3ssl.gz b/msys2/usr/share/man/man3/BIO_ssl_shutdown.3ssl.gz
index be7bf4c45..832ce6fa5 100644
Binary files a/msys2/usr/share/man/man3/BIO_ssl_shutdown.3ssl.gz and b/msys2/usr/share/man/man3/BIO_ssl_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_tell.3ssl.gz b/msys2/usr/share/man/man3/BIO_tell.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_tell.3ssl.gz and b/msys2/usr/share/man/man3/BIO_tell.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_up_ref.3ssl.gz b/msys2/usr/share/man/man3/BIO_up_ref.3ssl.gz
new file mode 100644
index 000000000..52accd2ab
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_vfree.3ssl.gz b/msys2/usr/share/man/man3/BIO_vfree.3ssl.gz
index c694a99c4..52accd2ab 100644
Binary files a/msys2/usr/share/man/man3/BIO_vfree.3ssl.gz and b/msys2/usr/share/man/man3/BIO_vfree.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_vprintf.3ssl.gz b/msys2/usr/share/man/man3/BIO_vprintf.3ssl.gz
new file mode 100644
index 000000000..cdee2d193
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_vprintf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_vsnprintf.3ssl.gz b/msys2/usr/share/man/man3/BIO_vsnprintf.3ssl.gz
new file mode 100644
index 000000000..cdee2d193
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_vsnprintf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_wpending.3ssl.gz b/msys2/usr/share/man/man3/BIO_wpending.3ssl.gz
index 212fc8abd..25f3ae6f9 100644
Binary files a/msys2/usr/share/man/man3/BIO_wpending.3ssl.gz and b/msys2/usr/share/man/man3/BIO_wpending.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_write.3ssl.gz b/msys2/usr/share/man/man3/BIO_write.3ssl.gz
index a16dcdc8d..4f085bb06 100644
Binary files a/msys2/usr/share/man/man3/BIO_write.3ssl.gz and b/msys2/usr/share/man/man3/BIO_write.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_write_ex.3ssl.gz b/msys2/usr/share/man/man3/BIO_write_ex.3ssl.gz
new file mode 100644
index 000000000..4f085bb06
Binary files /dev/null and b/msys2/usr/share/man/man3/BIO_write_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BIO_write_filename.3ssl.gz b/msys2/usr/share/man/man3/BIO_write_filename.3ssl.gz
index b6e15d089..eb9ef543f 100644
Binary files a/msys2/usr/share/man/man3/BIO_write_filename.3ssl.gz and b/msys2/usr/share/man/man3/BIO_write_filename.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_convert.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_convert.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_convert.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_convert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_convert_ex.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_convert_ex.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_convert_ex.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_convert_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_create_param.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_create_param.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_create_param.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_create_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_free.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_free.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_free.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_get_flags.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_get_flags.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_get_flags.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_get_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_get_thread_id.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_get_thread_id.3ssl.gz
deleted file mode 100644
index 63e396aa1..000000000
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_get_thread_id.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_invert.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_invert.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_invert.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_invert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_invert_ex.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_invert_ex.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_invert_ex.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_invert_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_is_current_thread.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_is_current_thread.3ssl.gz
new file mode 100644
index 000000000..234fb4f02
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_BLINDING_is_current_thread.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_lock.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_lock.3ssl.gz
new file mode 100644
index 000000000..234fb4f02
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_BLINDING_lock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_new.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_new.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_new.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_set_current_thread.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_set_current_thread.3ssl.gz
new file mode 100644
index 000000000..234fb4f02
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_BLINDING_set_current_thread.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_set_flags.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_set_flags.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_set_flags.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_set_thread_id.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_set_thread_id.3ssl.gz
deleted file mode 100644
index 63e396aa1..000000000
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_set_thread_id.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_thread_id.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_thread_id.3ssl.gz
deleted file mode 100644
index 63e396aa1..000000000
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_thread_id.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_unlock.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_unlock.3ssl.gz
new file mode 100644
index 000000000..234fb4f02
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_BLINDING_unlock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_BLINDING_update.3ssl.gz b/msys2/usr/share/man/man3/BN_BLINDING_update.3ssl.gz
index 63e396aa1..234fb4f02 100644
Binary files a/msys2/usr/share/man/man3/BN_BLINDING_update.3ssl.gz and b/msys2/usr/share/man/man3/BN_BLINDING_update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_CTX_end.3ssl.gz b/msys2/usr/share/man/man3/BN_CTX_end.3ssl.gz
index 958869213..95adcd748 100644
Binary files a/msys2/usr/share/man/man3/BN_CTX_end.3ssl.gz and b/msys2/usr/share/man/man3/BN_CTX_end.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/BN_CTX_free.3ssl.gz
index 8a2ef39c5..01f9e02ac 100644
Binary files a/msys2/usr/share/man/man3/BN_CTX_free.3ssl.gz and b/msys2/usr/share/man/man3/BN_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_CTX_get.3ssl.gz b/msys2/usr/share/man/man3/BN_CTX_get.3ssl.gz
index 958869213..95adcd748 100644
Binary files a/msys2/usr/share/man/man3/BN_CTX_get.3ssl.gz and b/msys2/usr/share/man/man3/BN_CTX_get.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_CTX_init.3ssl.gz b/msys2/usr/share/man/man3/BN_CTX_init.3ssl.gz
deleted file mode 100644
index 8a2ef39c5..000000000
Binary files a/msys2/usr/share/man/man3/BN_CTX_init.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BN_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/BN_CTX_new.3ssl.gz
index 8a2ef39c5..01f9e02ac 100644
Binary files a/msys2/usr/share/man/man3/BN_CTX_new.3ssl.gz and b/msys2/usr/share/man/man3/BN_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_CTX_secure_new.3ssl.gz b/msys2/usr/share/man/man3/BN_CTX_secure_new.3ssl.gz
new file mode 100644
index 000000000..01f9e02ac
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_CTX_secure_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_CTX_start.3ssl.gz b/msys2/usr/share/man/man3/BN_CTX_start.3ssl.gz
index 958869213..95adcd748 100644
Binary files a/msys2/usr/share/man/man3/BN_CTX_start.3ssl.gz and b/msys2/usr/share/man/man3/BN_CTX_start.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_GENCB_call.3ssl.gz b/msys2/usr/share/man/man3/BN_GENCB_call.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_GENCB_call.3ssl.gz and b/msys2/usr/share/man/man3/BN_GENCB_call.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_GENCB_free.3ssl.gz b/msys2/usr/share/man/man3/BN_GENCB_free.3ssl.gz
new file mode 100644
index 000000000..624b84f52
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_GENCB_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_GENCB_get_arg.3ssl.gz b/msys2/usr/share/man/man3/BN_GENCB_get_arg.3ssl.gz
new file mode 100644
index 000000000..624b84f52
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_GENCB_get_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_GENCB_new.3ssl.gz b/msys2/usr/share/man/man3/BN_GENCB_new.3ssl.gz
new file mode 100644
index 000000000..624b84f52
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_GENCB_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_GENCB_set.3ssl.gz b/msys2/usr/share/man/man3/BN_GENCB_set.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_GENCB_set.3ssl.gz and b/msys2/usr/share/man/man3/BN_GENCB_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_GENCB_set_old.3ssl.gz b/msys2/usr/share/man/man3/BN_GENCB_set_old.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_GENCB_set_old.3ssl.gz and b/msys2/usr/share/man/man3/BN_GENCB_set_old.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_MONT_CTX_copy.3ssl.gz b/msys2/usr/share/man/man3/BN_MONT_CTX_copy.3ssl.gz
index a610517fe..6ed308314 100644
Binary files a/msys2/usr/share/man/man3/BN_MONT_CTX_copy.3ssl.gz and b/msys2/usr/share/man/man3/BN_MONT_CTX_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_MONT_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/BN_MONT_CTX_free.3ssl.gz
index a610517fe..6ed308314 100644
Binary files a/msys2/usr/share/man/man3/BN_MONT_CTX_free.3ssl.gz and b/msys2/usr/share/man/man3/BN_MONT_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_MONT_CTX_init.3ssl.gz b/msys2/usr/share/man/man3/BN_MONT_CTX_init.3ssl.gz
deleted file mode 100644
index a610517fe..000000000
Binary files a/msys2/usr/share/man/man3/BN_MONT_CTX_init.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BN_MONT_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/BN_MONT_CTX_new.3ssl.gz
index a610517fe..6ed308314 100644
Binary files a/msys2/usr/share/man/man3/BN_MONT_CTX_new.3ssl.gz and b/msys2/usr/share/man/man3/BN_MONT_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_MONT_CTX_set.3ssl.gz b/msys2/usr/share/man/man3/BN_MONT_CTX_set.3ssl.gz
index a610517fe..6ed308314 100644
Binary files a/msys2/usr/share/man/man3/BN_MONT_CTX_set.3ssl.gz and b/msys2/usr/share/man/man3/BN_MONT_CTX_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_RECP_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/BN_RECP_CTX_free.3ssl.gz
index de761bbcd..8b2eed9c2 100644
Binary files a/msys2/usr/share/man/man3/BN_RECP_CTX_free.3ssl.gz and b/msys2/usr/share/man/man3/BN_RECP_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_RECP_CTX_init.3ssl.gz b/msys2/usr/share/man/man3/BN_RECP_CTX_init.3ssl.gz
deleted file mode 100644
index de761bbcd..000000000
Binary files a/msys2/usr/share/man/man3/BN_RECP_CTX_init.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BN_RECP_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/BN_RECP_CTX_new.3ssl.gz
index de761bbcd..8b2eed9c2 100644
Binary files a/msys2/usr/share/man/man3/BN_RECP_CTX_new.3ssl.gz and b/msys2/usr/share/man/man3/BN_RECP_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_RECP_CTX_set.3ssl.gz b/msys2/usr/share/man/man3/BN_RECP_CTX_set.3ssl.gz
index de761bbcd..8b2eed9c2 100644
Binary files a/msys2/usr/share/man/man3/BN_RECP_CTX_set.3ssl.gz and b/msys2/usr/share/man/man3/BN_RECP_CTX_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_add.3ssl.gz b/msys2/usr/share/man/man3/BN_add.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_add.3ssl.gz and b/msys2/usr/share/man/man3/BN_add.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_add_word.3ssl.gz b/msys2/usr/share/man/man3/BN_add_word.3ssl.gz
index 29f0121d7..49cf999b3 100644
Binary files a/msys2/usr/share/man/man3/BN_add_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_add_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_bin2bn.3ssl.gz b/msys2/usr/share/man/man3/BN_bin2bn.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_bin2bn.3ssl.gz and b/msys2/usr/share/man/man3/BN_bin2bn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_bn2bin.3ssl.gz b/msys2/usr/share/man/man3/BN_bn2bin.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_bn2bin.3ssl.gz and b/msys2/usr/share/man/man3/BN_bn2bin.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_bn2binpad.3ssl.gz b/msys2/usr/share/man/man3/BN_bn2binpad.3ssl.gz
new file mode 100644
index 000000000..dde9ba3be
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_bn2binpad.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_bn2dec.3ssl.gz b/msys2/usr/share/man/man3/BN_bn2dec.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_bn2dec.3ssl.gz and b/msys2/usr/share/man/man3/BN_bn2dec.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_bn2hex.3ssl.gz b/msys2/usr/share/man/man3/BN_bn2hex.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_bn2hex.3ssl.gz and b/msys2/usr/share/man/man3/BN_bn2hex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_bn2lebinpad.3ssl.gz b/msys2/usr/share/man/man3/BN_bn2lebinpad.3ssl.gz
new file mode 100644
index 000000000..dde9ba3be
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_bn2lebinpad.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_bn2mpi.3ssl.gz b/msys2/usr/share/man/man3/BN_bn2mpi.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_bn2mpi.3ssl.gz and b/msys2/usr/share/man/man3/BN_bn2mpi.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_clear.3ssl.gz b/msys2/usr/share/man/man3/BN_clear.3ssl.gz
index 4d2c60056..3f7dad368 100644
Binary files a/msys2/usr/share/man/man3/BN_clear.3ssl.gz and b/msys2/usr/share/man/man3/BN_clear.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_clear_bit.3ssl.gz b/msys2/usr/share/man/man3/BN_clear_bit.3ssl.gz
index d37a0e40c..5570db62b 100644
Binary files a/msys2/usr/share/man/man3/BN_clear_bit.3ssl.gz and b/msys2/usr/share/man/man3/BN_clear_bit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_clear_free.3ssl.gz b/msys2/usr/share/man/man3/BN_clear_free.3ssl.gz
index 4d2c60056..3f7dad368 100644
Binary files a/msys2/usr/share/man/man3/BN_clear_free.3ssl.gz and b/msys2/usr/share/man/man3/BN_clear_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_cmp.3ssl.gz b/msys2/usr/share/man/man3/BN_cmp.3ssl.gz
index 9b89fafe9..ba4fb6738 100644
Binary files a/msys2/usr/share/man/man3/BN_cmp.3ssl.gz and b/msys2/usr/share/man/man3/BN_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_copy.3ssl.gz b/msys2/usr/share/man/man3/BN_copy.3ssl.gz
index e6c3ed2df..9a1d9b0ed 100644
Binary files a/msys2/usr/share/man/man3/BN_copy.3ssl.gz and b/msys2/usr/share/man/man3/BN_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_dec2bn.3ssl.gz b/msys2/usr/share/man/man3/BN_dec2bn.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_dec2bn.3ssl.gz and b/msys2/usr/share/man/man3/BN_dec2bn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_div.3ssl.gz b/msys2/usr/share/man/man3/BN_div.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_div.3ssl.gz and b/msys2/usr/share/man/man3/BN_div.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_div_recp.3ssl.gz b/msys2/usr/share/man/man3/BN_div_recp.3ssl.gz
index de761bbcd..8b2eed9c2 100644
Binary files a/msys2/usr/share/man/man3/BN_div_recp.3ssl.gz and b/msys2/usr/share/man/man3/BN_div_recp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_div_word.3ssl.gz b/msys2/usr/share/man/man3/BN_div_word.3ssl.gz
index 29f0121d7..49cf999b3 100644
Binary files a/msys2/usr/share/man/man3/BN_div_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_div_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_dup.3ssl.gz b/msys2/usr/share/man/man3/BN_dup.3ssl.gz
index e6c3ed2df..9a1d9b0ed 100644
Binary files a/msys2/usr/share/man/man3/BN_dup.3ssl.gz and b/msys2/usr/share/man/man3/BN_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_exp.3ssl.gz b/msys2/usr/share/man/man3/BN_exp.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_exp.3ssl.gz and b/msys2/usr/share/man/man3/BN_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_free.3ssl.gz b/msys2/usr/share/man/man3/BN_free.3ssl.gz
index 4d2c60056..3f7dad368 100644
Binary files a/msys2/usr/share/man/man3/BN_free.3ssl.gz and b/msys2/usr/share/man/man3/BN_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_from_montgomery.3ssl.gz b/msys2/usr/share/man/man3/BN_from_montgomery.3ssl.gz
index a610517fe..6ed308314 100644
Binary files a/msys2/usr/share/man/man3/BN_from_montgomery.3ssl.gz and b/msys2/usr/share/man/man3/BN_from_montgomery.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_gcd.3ssl.gz b/msys2/usr/share/man/man3/BN_gcd.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_gcd.3ssl.gz and b/msys2/usr/share/man/man3/BN_gcd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_generate_prime.3ssl.gz b/msys2/usr/share/man/man3/BN_generate_prime.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_generate_prime.3ssl.gz and b/msys2/usr/share/man/man3/BN_generate_prime.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_generate_prime_ex.3ssl.gz b/msys2/usr/share/man/man3/BN_generate_prime_ex.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_generate_prime_ex.3ssl.gz and b/msys2/usr/share/man/man3/BN_generate_prime_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get0_nist_prime_192.3ssl.gz b/msys2/usr/share/man/man3/BN_get0_nist_prime_192.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get0_nist_prime_192.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get0_nist_prime_224.3ssl.gz b/msys2/usr/share/man/man3/BN_get0_nist_prime_224.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get0_nist_prime_224.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get0_nist_prime_256.3ssl.gz b/msys2/usr/share/man/man3/BN_get0_nist_prime_256.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get0_nist_prime_256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get0_nist_prime_384.3ssl.gz b/msys2/usr/share/man/man3/BN_get0_nist_prime_384.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get0_nist_prime_384.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get0_nist_prime_521.3ssl.gz b/msys2/usr/share/man/man3/BN_get0_nist_prime_521.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get0_nist_prime_521.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_rfc2409_prime_1024.3ssl.gz b/msys2/usr/share/man/man3/BN_get_rfc2409_prime_1024.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get_rfc2409_prime_1024.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_rfc2409_prime_768.3ssl.gz b/msys2/usr/share/man/man3/BN_get_rfc2409_prime_768.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get_rfc2409_prime_768.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_rfc3526_prime_1536.3ssl.gz b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_1536.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_1536.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_rfc3526_prime_2048.3ssl.gz b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_2048.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_2048.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_rfc3526_prime_3072.3ssl.gz b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_3072.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_3072.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_rfc3526_prime_4096.3ssl.gz b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_4096.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_4096.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_rfc3526_prime_6144.3ssl.gz b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_6144.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_6144.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_rfc3526_prime_8192.3ssl.gz b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_8192.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_get_rfc3526_prime_8192.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_get_word.3ssl.gz b/msys2/usr/share/man/man3/BN_get_word.3ssl.gz
index 6fcc676b0..70bad8885 100644
Binary files a/msys2/usr/share/man/man3/BN_get_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_get_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_hex2bn.3ssl.gz b/msys2/usr/share/man/man3/BN_hex2bn.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_hex2bn.3ssl.gz and b/msys2/usr/share/man/man3/BN_hex2bn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_init.3ssl.gz b/msys2/usr/share/man/man3/BN_init.3ssl.gz
deleted file mode 100644
index 4d2c60056..000000000
Binary files a/msys2/usr/share/man/man3/BN_init.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BN_is_bit_set.3ssl.gz b/msys2/usr/share/man/man3/BN_is_bit_set.3ssl.gz
index d37a0e40c..5570db62b 100644
Binary files a/msys2/usr/share/man/man3/BN_is_bit_set.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_bit_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_is_odd.3ssl.gz b/msys2/usr/share/man/man3/BN_is_odd.3ssl.gz
index 9b89fafe9..ba4fb6738 100644
Binary files a/msys2/usr/share/man/man3/BN_is_odd.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_odd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_is_one.3ssl.gz b/msys2/usr/share/man/man3/BN_is_one.3ssl.gz
index 9b89fafe9..ba4fb6738 100644
Binary files a/msys2/usr/share/man/man3/BN_is_one.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_one.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_is_prime.3ssl.gz b/msys2/usr/share/man/man3/BN_is_prime.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_is_prime.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_prime.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_is_prime_ex.3ssl.gz b/msys2/usr/share/man/man3/BN_is_prime_ex.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_is_prime_ex.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_prime_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_is_prime_fasttest.3ssl.gz b/msys2/usr/share/man/man3/BN_is_prime_fasttest.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_is_prime_fasttest.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_prime_fasttest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_is_prime_fasttest_ex.3ssl.gz b/msys2/usr/share/man/man3/BN_is_prime_fasttest_ex.3ssl.gz
index 0e02a2996..624b84f52 100644
Binary files a/msys2/usr/share/man/man3/BN_is_prime_fasttest_ex.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_prime_fasttest_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_is_word.3ssl.gz b/msys2/usr/share/man/man3/BN_is_word.3ssl.gz
index 9b89fafe9..ba4fb6738 100644
Binary files a/msys2/usr/share/man/man3/BN_is_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_is_zero.3ssl.gz b/msys2/usr/share/man/man3/BN_is_zero.3ssl.gz
index 9b89fafe9..ba4fb6738 100644
Binary files a/msys2/usr/share/man/man3/BN_is_zero.3ssl.gz and b/msys2/usr/share/man/man3/BN_is_zero.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_lebin2bn.3ssl.gz b/msys2/usr/share/man/man3/BN_lebin2bn.3ssl.gz
new file mode 100644
index 000000000..dde9ba3be
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_lebin2bn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_lshift.3ssl.gz b/msys2/usr/share/man/man3/BN_lshift.3ssl.gz
index d37a0e40c..5570db62b 100644
Binary files a/msys2/usr/share/man/man3/BN_lshift.3ssl.gz and b/msys2/usr/share/man/man3/BN_lshift.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_lshift1.3ssl.gz b/msys2/usr/share/man/man3/BN_lshift1.3ssl.gz
index d37a0e40c..5570db62b 100644
Binary files a/msys2/usr/share/man/man3/BN_lshift1.3ssl.gz and b/msys2/usr/share/man/man3/BN_lshift1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mask_bits.3ssl.gz b/msys2/usr/share/man/man3/BN_mask_bits.3ssl.gz
index d37a0e40c..5570db62b 100644
Binary files a/msys2/usr/share/man/man3/BN_mask_bits.3ssl.gz and b/msys2/usr/share/man/man3/BN_mask_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod.3ssl.gz b/msys2/usr/share/man/man3/BN_mod.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_mod.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_add.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_add.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_add.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_add.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_exp.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_exp.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_inverse.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_inverse.3ssl.gz
index 4648c1b8a..4ff22c4e3 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_inverse.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_inverse.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_mul.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_mul.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_mul.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_mul.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_mul_montgomery.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_mul_montgomery.3ssl.gz
index a610517fe..6ed308314 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_mul_montgomery.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_mul_montgomery.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_mul_reciprocal.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_mul_reciprocal.3ssl.gz
index de761bbcd..8b2eed9c2 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_mul_reciprocal.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_mul_reciprocal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_sqr.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_sqr.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_sqr.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_sqr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_sub.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_sub.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_sub.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_sub.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mod_word.3ssl.gz b/msys2/usr/share/man/man3/BN_mod_word.3ssl.gz
index 29f0121d7..49cf999b3 100644
Binary files a/msys2/usr/share/man/man3/BN_mod_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_mod_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mpi2bn.3ssl.gz b/msys2/usr/share/man/man3/BN_mpi2bn.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_mpi2bn.3ssl.gz and b/msys2/usr/share/man/man3/BN_mpi2bn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mul.3ssl.gz b/msys2/usr/share/man/man3/BN_mul.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_mul.3ssl.gz and b/msys2/usr/share/man/man3/BN_mul.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_mul_word.3ssl.gz b/msys2/usr/share/man/man3/BN_mul_word.3ssl.gz
index 29f0121d7..49cf999b3 100644
Binary files a/msys2/usr/share/man/man3/BN_mul_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_mul_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_new.3ssl.gz b/msys2/usr/share/man/man3/BN_new.3ssl.gz
index 4d2c60056..3f7dad368 100644
Binary files a/msys2/usr/share/man/man3/BN_new.3ssl.gz and b/msys2/usr/share/man/man3/BN_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_nnmod.3ssl.gz b/msys2/usr/share/man/man3/BN_nnmod.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_nnmod.3ssl.gz and b/msys2/usr/share/man/man3/BN_nnmod.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_num_bits.3ssl.gz b/msys2/usr/share/man/man3/BN_num_bits.3ssl.gz
index 3fc593dd7..be1b95f12 100644
Binary files a/msys2/usr/share/man/man3/BN_num_bits.3ssl.gz and b/msys2/usr/share/man/man3/BN_num_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_num_bits_word.3ssl.gz b/msys2/usr/share/man/man3/BN_num_bits_word.3ssl.gz
index 3fc593dd7..be1b95f12 100644
Binary files a/msys2/usr/share/man/man3/BN_num_bits_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_num_bits_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_num_bytes.3ssl.gz b/msys2/usr/share/man/man3/BN_num_bytes.3ssl.gz
index 3fc593dd7..be1b95f12 100644
Binary files a/msys2/usr/share/man/man3/BN_num_bytes.3ssl.gz and b/msys2/usr/share/man/man3/BN_num_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_one.3ssl.gz b/msys2/usr/share/man/man3/BN_one.3ssl.gz
index 6fcc676b0..70bad8885 100644
Binary files a/msys2/usr/share/man/man3/BN_one.3ssl.gz and b/msys2/usr/share/man/man3/BN_one.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_print_fp.3ssl.gz b/msys2/usr/share/man/man3/BN_print_fp.3ssl.gz
index 0d5df3767..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/BN_print_fp.3ssl.gz and b/msys2/usr/share/man/man3/BN_print_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_priv_rand.3ssl.gz b/msys2/usr/share/man/man3/BN_priv_rand.3ssl.gz
new file mode 100644
index 000000000..2aac2c3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_priv_rand.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_priv_rand_range.3ssl.gz b/msys2/usr/share/man/man3/BN_priv_rand_range.3ssl.gz
new file mode 100644
index 000000000..2aac2c3c2
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_priv_rand_range.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_pseudo_rand.3ssl.gz b/msys2/usr/share/man/man3/BN_pseudo_rand.3ssl.gz
index f4abb4fe6..2aac2c3c2 100644
Binary files a/msys2/usr/share/man/man3/BN_pseudo_rand.3ssl.gz and b/msys2/usr/share/man/man3/BN_pseudo_rand.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_pseudo_rand_range.3ssl.gz b/msys2/usr/share/man/man3/BN_pseudo_rand_range.3ssl.gz
index f4abb4fe6..2aac2c3c2 100644
Binary files a/msys2/usr/share/man/man3/BN_pseudo_rand_range.3ssl.gz and b/msys2/usr/share/man/man3/BN_pseudo_rand_range.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_rand.3ssl.gz b/msys2/usr/share/man/man3/BN_rand.3ssl.gz
index f4abb4fe6..2aac2c3c2 100644
Binary files a/msys2/usr/share/man/man3/BN_rand.3ssl.gz and b/msys2/usr/share/man/man3/BN_rand.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_rand_range.3ssl.gz b/msys2/usr/share/man/man3/BN_rand_range.3ssl.gz
index f4abb4fe6..2aac2c3c2 100644
Binary files a/msys2/usr/share/man/man3/BN_rand_range.3ssl.gz and b/msys2/usr/share/man/man3/BN_rand_range.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_rshift.3ssl.gz b/msys2/usr/share/man/man3/BN_rshift.3ssl.gz
index d37a0e40c..5570db62b 100644
Binary files a/msys2/usr/share/man/man3/BN_rshift.3ssl.gz and b/msys2/usr/share/man/man3/BN_rshift.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_rshift1.3ssl.gz b/msys2/usr/share/man/man3/BN_rshift1.3ssl.gz
index d37a0e40c..5570db62b 100644
Binary files a/msys2/usr/share/man/man3/BN_rshift1.3ssl.gz and b/msys2/usr/share/man/man3/BN_rshift1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_secure_new.3ssl.gz b/msys2/usr/share/man/man3/BN_secure_new.3ssl.gz
new file mode 100644
index 000000000..3f7dad368
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_secure_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_security_bits.3ssl.gz b/msys2/usr/share/man/man3/BN_security_bits.3ssl.gz
new file mode 100644
index 000000000..b8b7a3edb
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_security_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_set_bit.3ssl.gz b/msys2/usr/share/man/man3/BN_set_bit.3ssl.gz
index d37a0e40c..5570db62b 100644
Binary files a/msys2/usr/share/man/man3/BN_set_bit.3ssl.gz and b/msys2/usr/share/man/man3/BN_set_bit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_set_word.3ssl.gz b/msys2/usr/share/man/man3/BN_set_word.3ssl.gz
index 6fcc676b0..70bad8885 100644
Binary files a/msys2/usr/share/man/man3/BN_set_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_set_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_sqr.3ssl.gz b/msys2/usr/share/man/man3/BN_sqr.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_sqr.3ssl.gz and b/msys2/usr/share/man/man3/BN_sqr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_sub.3ssl.gz b/msys2/usr/share/man/man3/BN_sub.3ssl.gz
index a8604a936..64053cd37 100644
Binary files a/msys2/usr/share/man/man3/BN_sub.3ssl.gz and b/msys2/usr/share/man/man3/BN_sub.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_sub_word.3ssl.gz b/msys2/usr/share/man/man3/BN_sub_word.3ssl.gz
index 29f0121d7..49cf999b3 100644
Binary files a/msys2/usr/share/man/man3/BN_sub_word.3ssl.gz and b/msys2/usr/share/man/man3/BN_sub_word.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_swap.3ssl.gz b/msys2/usr/share/man/man3/BN_swap.3ssl.gz
index b3a33d503..041bf7434 100644
Binary files a/msys2/usr/share/man/man3/BN_swap.3ssl.gz and b/msys2/usr/share/man/man3/BN_swap.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_to_ASN1_ENUMERATED.3ssl.gz b/msys2/usr/share/man/man3/BN_to_ASN1_ENUMERATED.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_to_ASN1_ENUMERATED.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_to_ASN1_INTEGER.3ssl.gz b/msys2/usr/share/man/man3/BN_to_ASN1_INTEGER.3ssl.gz
new file mode 100644
index 000000000..2e5986f26
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_to_ASN1_INTEGER.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_to_montgomery.3ssl.gz b/msys2/usr/share/man/man3/BN_to_montgomery.3ssl.gz
index a610517fe..6ed308314 100644
Binary files a/msys2/usr/share/man/man3/BN_to_montgomery.3ssl.gz and b/msys2/usr/share/man/man3/BN_to_montgomery.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_ucmp.3ssl.gz b/msys2/usr/share/man/man3/BN_ucmp.3ssl.gz
index 9b89fafe9..ba4fb6738 100644
Binary files a/msys2/usr/share/man/man3/BN_ucmp.3ssl.gz and b/msys2/usr/share/man/man3/BN_ucmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_value_one.3ssl.gz b/msys2/usr/share/man/man3/BN_value_one.3ssl.gz
index 6fcc676b0..70bad8885 100644
Binary files a/msys2/usr/share/man/man3/BN_value_one.3ssl.gz and b/msys2/usr/share/man/man3/BN_value_one.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_with_flags.3ssl.gz b/msys2/usr/share/man/man3/BN_with_flags.3ssl.gz
new file mode 100644
index 000000000..9a1d9b0ed
Binary files /dev/null and b/msys2/usr/share/man/man3/BN_with_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BN_zero.3ssl.gz b/msys2/usr/share/man/man3/BN_zero.3ssl.gz
index 6fcc676b0..70bad8885 100644
Binary files a/msys2/usr/share/man/man3/BN_zero.3ssl.gz and b/msys2/usr/share/man/man3/BN_zero.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BUF_MEM_free.3ssl.gz b/msys2/usr/share/man/man3/BUF_MEM_free.3ssl.gz
index 594a44abb..2b2c46a93 100644
Binary files a/msys2/usr/share/man/man3/BUF_MEM_free.3ssl.gz and b/msys2/usr/share/man/man3/BUF_MEM_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BUF_MEM_grow.3ssl.gz b/msys2/usr/share/man/man3/BUF_MEM_grow.3ssl.gz
index 594a44abb..2b2c46a93 100644
Binary files a/msys2/usr/share/man/man3/BUF_MEM_grow.3ssl.gz and b/msys2/usr/share/man/man3/BUF_MEM_grow.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BUF_MEM_grow_clean.3ssl.gz b/msys2/usr/share/man/man3/BUF_MEM_grow_clean.3ssl.gz
new file mode 100644
index 000000000..2b2c46a93
Binary files /dev/null and b/msys2/usr/share/man/man3/BUF_MEM_grow_clean.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BUF_MEM_new.3ssl.gz b/msys2/usr/share/man/man3/BUF_MEM_new.3ssl.gz
index 594a44abb..2b2c46a93 100644
Binary files a/msys2/usr/share/man/man3/BUF_MEM_new.3ssl.gz and b/msys2/usr/share/man/man3/BUF_MEM_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BUF_MEM_new_ex.3ssl.gz b/msys2/usr/share/man/man3/BUF_MEM_new_ex.3ssl.gz
index 594a44abb..2b2c46a93 100644
Binary files a/msys2/usr/share/man/man3/BUF_MEM_new_ex.3ssl.gz and b/msys2/usr/share/man/man3/BUF_MEM_new_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BUF_memdup.3ssl.gz b/msys2/usr/share/man/man3/BUF_memdup.3ssl.gz
deleted file mode 100644
index 594a44abb..000000000
Binary files a/msys2/usr/share/man/man3/BUF_memdup.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BUF_reverse.3ssl.gz b/msys2/usr/share/man/man3/BUF_reverse.3ssl.gz
new file mode 100644
index 000000000..2b2c46a93
Binary files /dev/null and b/msys2/usr/share/man/man3/BUF_reverse.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/BUF_strdup.3ssl.gz b/msys2/usr/share/man/man3/BUF_strdup.3ssl.gz
deleted file mode 100644
index 594a44abb..000000000
Binary files a/msys2/usr/share/man/man3/BUF_strdup.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BUF_strlcat.3ssl.gz b/msys2/usr/share/man/man3/BUF_strlcat.3ssl.gz
deleted file mode 100644
index 594a44abb..000000000
Binary files a/msys2/usr/share/man/man3/BUF_strlcat.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BUF_strlcpy.3ssl.gz b/msys2/usr/share/man/man3/BUF_strlcpy.3ssl.gz
deleted file mode 100644
index 594a44abb..000000000
Binary files a/msys2/usr/share/man/man3/BUF_strlcpy.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/BUF_strndup.3ssl.gz b/msys2/usr/share/man/man3/BUF_strndup.3ssl.gz
deleted file mode 100644
index 594a44abb..000000000
Binary files a/msys2/usr/share/man/man3/BUF_strndup.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CERTIFICATEPOLICIES_free.3ssl.gz b/msys2/usr/share/man/man3/CERTIFICATEPOLICIES_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CERTIFICATEPOLICIES_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CERTIFICATEPOLICIES_new.3ssl.gz b/msys2/usr/share/man/man3/CERTIFICATEPOLICIES_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CERTIFICATEPOLICIES_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_ContentInfo_free.3ssl.gz b/msys2/usr/share/man/man3/CMS_ContentInfo_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CMS_ContentInfo_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_ContentInfo_new.3ssl.gz b/msys2/usr/share/man/man3/CMS_ContentInfo_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CMS_ContentInfo_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_ContentInfo_print_ctx.3ssl.gz b/msys2/usr/share/man/man3/CMS_ContentInfo_print_ctx.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CMS_ContentInfo_print_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_ReceiptRequest_create0.3ssl.gz b/msys2/usr/share/man/man3/CMS_ReceiptRequest_create0.3ssl.gz
index 35c8263e0..4c23bb988 100644
Binary files a/msys2/usr/share/man/man3/CMS_ReceiptRequest_create0.3ssl.gz and b/msys2/usr/share/man/man3/CMS_ReceiptRequest_create0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_ReceiptRequest_free.3ssl.gz b/msys2/usr/share/man/man3/CMS_ReceiptRequest_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CMS_ReceiptRequest_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_ReceiptRequest_get0_values.3ssl.gz b/msys2/usr/share/man/man3/CMS_ReceiptRequest_get0_values.3ssl.gz
index 35c8263e0..4c23bb988 100644
Binary files a/msys2/usr/share/man/man3/CMS_ReceiptRequest_get0_values.3ssl.gz and b/msys2/usr/share/man/man3/CMS_ReceiptRequest_get0_values.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_ReceiptRequest_new.3ssl.gz b/msys2/usr/share/man/man3/CMS_ReceiptRequest_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CMS_ReceiptRequest_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_decrypt.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_decrypt.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_encrypt.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_encrypt.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_kekri_get0_id.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_kekri_get0_id.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_kekri_get0_id.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_kekri_get0_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_kekri_id_cmp.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_kekri_id_cmp.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_kekri_id_cmp.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_kekri_id_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_ktri_cert_cmp.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_ktri_cert_cmp.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_ktri_cert_cmp.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_ktri_cert_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_ktri_get0_signer_id.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_ktri_get0_signer_id.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_ktri_get0_signer_id.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_ktri_get0_signer_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_set0_key.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_set0_key.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_set0_key.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_set0_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_set0_pkey.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_set0_pkey.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_set0_pkey.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_set0_pkey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_RecipientInfo_type.3ssl.gz b/msys2/usr/share/man/man3/CMS_RecipientInfo_type.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_RecipientInfo_type.3ssl.gz and b/msys2/usr/share/man/man3/CMS_RecipientInfo_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_SignerInfo_cert_cmp.3ssl.gz b/msys2/usr/share/man/man3/CMS_SignerInfo_cert_cmp.3ssl.gz
index 95b837030..7e75f9bd3 100644
Binary files a/msys2/usr/share/man/man3/CMS_SignerInfo_cert_cmp.3ssl.gz and b/msys2/usr/share/man/man3/CMS_SignerInfo_cert_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_SignerInfo_get0_signature.3ssl.gz b/msys2/usr/share/man/man3/CMS_SignerInfo_get0_signature.3ssl.gz
index 95b837030..7e75f9bd3 100644
Binary files a/msys2/usr/share/man/man3/CMS_SignerInfo_get0_signature.3ssl.gz and b/msys2/usr/share/man/man3/CMS_SignerInfo_get0_signature.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_SignerInfo_get0_signer_id.3ssl.gz b/msys2/usr/share/man/man3/CMS_SignerInfo_get0_signer_id.3ssl.gz
index 95b837030..7e75f9bd3 100644
Binary files a/msys2/usr/share/man/man3/CMS_SignerInfo_get0_signer_id.3ssl.gz and b/msys2/usr/share/man/man3/CMS_SignerInfo_get0_signer_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_SignerInfo_set1_signer_cert.3ssl.gz b/msys2/usr/share/man/man3/CMS_SignerInfo_set1_signer_cert.3ssl.gz
new file mode 100644
index 000000000..7e75f9bd3
Binary files /dev/null and b/msys2/usr/share/man/man3/CMS_SignerInfo_set1_signer_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_SignerInfo_sign.3ssl.gz b/msys2/usr/share/man/man3/CMS_SignerInfo_sign.3ssl.gz
index 05b26c8a1..4cc04256d 100644
Binary files a/msys2/usr/share/man/man3/CMS_SignerInfo_sign.3ssl.gz and b/msys2/usr/share/man/man3/CMS_SignerInfo_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_add0_cert.3ssl.gz b/msys2/usr/share/man/man3/CMS_add0_cert.3ssl.gz
index 2ebcb0f2d..050e01476 100644
Binary files a/msys2/usr/share/man/man3/CMS_add0_cert.3ssl.gz and b/msys2/usr/share/man/man3/CMS_add0_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_add0_crl.3ssl.gz b/msys2/usr/share/man/man3/CMS_add0_crl.3ssl.gz
index 2ebcb0f2d..050e01476 100644
Binary files a/msys2/usr/share/man/man3/CMS_add0_crl.3ssl.gz and b/msys2/usr/share/man/man3/CMS_add0_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_add0_recipient_key.3ssl.gz b/msys2/usr/share/man/man3/CMS_add0_recipient_key.3ssl.gz
index c0037e9c3..ca6476b69 100644
Binary files a/msys2/usr/share/man/man3/CMS_add0_recipient_key.3ssl.gz and b/msys2/usr/share/man/man3/CMS_add0_recipient_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_add1_ReceiptRequest.3ssl.gz b/msys2/usr/share/man/man3/CMS_add1_ReceiptRequest.3ssl.gz
index 35c8263e0..4c23bb988 100644
Binary files a/msys2/usr/share/man/man3/CMS_add1_ReceiptRequest.3ssl.gz and b/msys2/usr/share/man/man3/CMS_add1_ReceiptRequest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_add1_cert.3ssl.gz b/msys2/usr/share/man/man3/CMS_add1_cert.3ssl.gz
index 2ebcb0f2d..050e01476 100644
Binary files a/msys2/usr/share/man/man3/CMS_add1_cert.3ssl.gz and b/msys2/usr/share/man/man3/CMS_add1_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_add1_crl.3ssl.gz b/msys2/usr/share/man/man3/CMS_add1_crl.3ssl.gz
index 2ebcb0f2d..050e01476 100644
Binary files a/msys2/usr/share/man/man3/CMS_add1_crl.3ssl.gz and b/msys2/usr/share/man/man3/CMS_add1_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_add1_recipient_cert.3ssl.gz b/msys2/usr/share/man/man3/CMS_add1_recipient_cert.3ssl.gz
index c0037e9c3..ca6476b69 100644
Binary files a/msys2/usr/share/man/man3/CMS_add1_recipient_cert.3ssl.gz and b/msys2/usr/share/man/man3/CMS_add1_recipient_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_add1_signer.3ssl.gz b/msys2/usr/share/man/man3/CMS_add1_signer.3ssl.gz
index 05b26c8a1..4cc04256d 100644
Binary files a/msys2/usr/share/man/man3/CMS_add1_signer.3ssl.gz and b/msys2/usr/share/man/man3/CMS_add1_signer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_compress.3ssl.gz b/msys2/usr/share/man/man3/CMS_compress.3ssl.gz
index a271484db..e5d0fa0b0 100644
Binary files a/msys2/usr/share/man/man3/CMS_compress.3ssl.gz and b/msys2/usr/share/man/man3/CMS_compress.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_decrypt.3ssl.gz b/msys2/usr/share/man/man3/CMS_decrypt.3ssl.gz
index aa7726e4f..0dedc5128 100644
Binary files a/msys2/usr/share/man/man3/CMS_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/CMS_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_encrypt.3ssl.gz b/msys2/usr/share/man/man3/CMS_encrypt.3ssl.gz
index 32c730024..fffb59147 100644
Binary files a/msys2/usr/share/man/man3/CMS_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/CMS_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_final.3ssl.gz b/msys2/usr/share/man/man3/CMS_final.3ssl.gz
index fd0b65b22..4c23a74ab 100644
Binary files a/msys2/usr/share/man/man3/CMS_final.3ssl.gz and b/msys2/usr/share/man/man3/CMS_final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get0_RecipientInfos.3ssl.gz b/msys2/usr/share/man/man3/CMS_get0_RecipientInfos.3ssl.gz
index 6758afb70..2e0441c82 100644
Binary files a/msys2/usr/share/man/man3/CMS_get0_RecipientInfos.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get0_RecipientInfos.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get0_SignerInfos.3ssl.gz b/msys2/usr/share/man/man3/CMS_get0_SignerInfos.3ssl.gz
index 95b837030..7e75f9bd3 100644
Binary files a/msys2/usr/share/man/man3/CMS_get0_SignerInfos.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get0_SignerInfos.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get0_content.3ssl.gz b/msys2/usr/share/man/man3/CMS_get0_content.3ssl.gz
index e6b8b6133..ac4afaefe 100644
Binary files a/msys2/usr/share/man/man3/CMS_get0_content.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get0_content.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get0_eContentType.3ssl.gz b/msys2/usr/share/man/man3/CMS_get0_eContentType.3ssl.gz
index e6b8b6133..ac4afaefe 100644
Binary files a/msys2/usr/share/man/man3/CMS_get0_eContentType.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get0_eContentType.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get0_signers.3ssl.gz b/msys2/usr/share/man/man3/CMS_get0_signers.3ssl.gz
index a9d83786f..7e63b64b5 100644
Binary files a/msys2/usr/share/man/man3/CMS_get0_signers.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get0_signers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get0_type.3ssl.gz b/msys2/usr/share/man/man3/CMS_get0_type.3ssl.gz
index e6b8b6133..ac4afaefe 100644
Binary files a/msys2/usr/share/man/man3/CMS_get0_type.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get0_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get1_ReceiptRequest.3ssl.gz b/msys2/usr/share/man/man3/CMS_get1_ReceiptRequest.3ssl.gz
index 35c8263e0..4c23bb988 100644
Binary files a/msys2/usr/share/man/man3/CMS_get1_ReceiptRequest.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get1_ReceiptRequest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get1_certs.3ssl.gz b/msys2/usr/share/man/man3/CMS_get1_certs.3ssl.gz
index 2ebcb0f2d..050e01476 100644
Binary files a/msys2/usr/share/man/man3/CMS_get1_certs.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get1_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_get1_crls.3ssl.gz b/msys2/usr/share/man/man3/CMS_get1_crls.3ssl.gz
index 2ebcb0f2d..050e01476 100644
Binary files a/msys2/usr/share/man/man3/CMS_get1_crls.3ssl.gz and b/msys2/usr/share/man/man3/CMS_get1_crls.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_set1_eContentType.3ssl.gz b/msys2/usr/share/man/man3/CMS_set1_eContentType.3ssl.gz
index e6b8b6133..ac4afaefe 100644
Binary files a/msys2/usr/share/man/man3/CMS_set1_eContentType.3ssl.gz and b/msys2/usr/share/man/man3/CMS_set1_eContentType.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_set1_signer_cert.3ssl.gz b/msys2/usr/share/man/man3/CMS_set1_signer_cert.3ssl.gz
deleted file mode 100644
index 95b837030..000000000
Binary files a/msys2/usr/share/man/man3/CMS_set1_signer_cert.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CMS_sign.3ssl.gz b/msys2/usr/share/man/man3/CMS_sign.3ssl.gz
index 425ddc7ea..b1095f1f4 100644
Binary files a/msys2/usr/share/man/man3/CMS_sign.3ssl.gz and b/msys2/usr/share/man/man3/CMS_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_sign_receipt.3ssl.gz b/msys2/usr/share/man/man3/CMS_sign_receipt.3ssl.gz
index babeaa043..1e8ba75c4 100644
Binary files a/msys2/usr/share/man/man3/CMS_sign_receipt.3ssl.gz and b/msys2/usr/share/man/man3/CMS_sign_receipt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_uncompress.3ssl.gz b/msys2/usr/share/man/man3/CMS_uncompress.3ssl.gz
index f0ca2b636..59b189581 100644
Binary files a/msys2/usr/share/man/man3/CMS_uncompress.3ssl.gz and b/msys2/usr/share/man/man3/CMS_uncompress.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_verify.3ssl.gz b/msys2/usr/share/man/man3/CMS_verify.3ssl.gz
index a9d83786f..7e63b64b5 100644
Binary files a/msys2/usr/share/man/man3/CMS_verify.3ssl.gz and b/msys2/usr/share/man/man3/CMS_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CMS_verify_receipt.3ssl.gz b/msys2/usr/share/man/man3/CMS_verify_receipt.3ssl.gz
index 49c1e1b19..da6d9cfb8 100644
Binary files a/msys2/usr/share/man/man3/CMS_verify_receipt.3ssl.gz and b/msys2/usr/share/man/man3/CMS_verify_receipt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/COLORS.3x.gz b/msys2/usr/share/man/man3/COLORS.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/COLORS.3x.gz and b/msys2/usr/share/man/man3/COLORS.3x.gz differ
diff --git a/msys2/usr/share/man/man3/COLOR_PAIR.3x.gz b/msys2/usr/share/man/man3/COLOR_PAIR.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/COLOR_PAIR.3x.gz and b/msys2/usr/share/man/man3/COLOR_PAIR.3x.gz differ
diff --git a/msys2/usr/share/man/man3/COLOR_PAIRS.3x.gz b/msys2/usr/share/man/man3/COLOR_PAIRS.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/COLOR_PAIRS.3x.gz and b/msys2/usr/share/man/man3/COLOR_PAIRS.3x.gz differ
diff --git a/msys2/usr/share/man/man3/COLS.3x.gz b/msys2/usr/share/man/man3/COLS.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/COLS.3x.gz and b/msys2/usr/share/man/man3/COLS.3x.gz differ
diff --git a/msys2/usr/share/man/man3/CONF_modules_finish.3ssl.gz b/msys2/usr/share/man/man3/CONF_modules_finish.3ssl.gz
index 33375a48c..f0c6cc69e 100644
Binary files a/msys2/usr/share/man/man3/CONF_modules_finish.3ssl.gz and b/msys2/usr/share/man/man3/CONF_modules_finish.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CONF_modules_free.3ssl.gz b/msys2/usr/share/man/man3/CONF_modules_free.3ssl.gz
index 33375a48c..f0c6cc69e 100644
Binary files a/msys2/usr/share/man/man3/CONF_modules_free.3ssl.gz and b/msys2/usr/share/man/man3/CONF_modules_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CONF_modules_load.3ssl.gz b/msys2/usr/share/man/man3/CONF_modules_load.3ssl.gz
index 18f65fffd..4687e270c 100644
Binary files a/msys2/usr/share/man/man3/CONF_modules_load.3ssl.gz and b/msys2/usr/share/man/man3/CONF_modules_load.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CONF_modules_load_file.3ssl.gz b/msys2/usr/share/man/man3/CONF_modules_load_file.3ssl.gz
index 18f65fffd..4687e270c 100644
Binary files a/msys2/usr/share/man/man3/CONF_modules_load_file.3ssl.gz and b/msys2/usr/share/man/man3/CONF_modules_load_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CONF_modules_unload.3ssl.gz b/msys2/usr/share/man/man3/CONF_modules_unload.3ssl.gz
index 33375a48c..f0c6cc69e 100644
Binary files a/msys2/usr/share/man/man3/CONF_modules_unload.3ssl.gz and b/msys2/usr/share/man/man3/CONF_modules_unload.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRL_DIST_POINTS_free.3ssl.gz b/msys2/usr/share/man/man3/CRL_DIST_POINTS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CRL_DIST_POINTS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRL_DIST_POINTS_new.3ssl.gz b/msys2/usr/share/man/man3/CRL_DIST_POINTS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/CRL_DIST_POINTS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_EX_dup.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_EX_dup.3ssl.gz
new file mode 100644
index 000000000..9af83e92b
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_EX_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_EX_free.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_EX_free.3ssl.gz
new file mode 100644
index 000000000..9af83e92b
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_EX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_EX_new.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_EX_new.3ssl.gz
new file mode 100644
index 000000000..9af83e92b
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_EX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREADID_cmp.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREADID_cmp.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_THREADID_cmp.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREADID_cpy.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREADID_cpy.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_THREADID_cpy.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREADID_current.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREADID_current.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_THREADID_current.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREADID_get_callback.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREADID_get_callback.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_THREADID_get_callback.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREADID_hash.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREADID_hash.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_THREADID_hash.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREADID_set_callback.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREADID_set_callback.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_THREADID_set_callback.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREAD_lock_free.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREAD_lock_free.3ssl.gz
new file mode 100644
index 000000000..3e27080cd
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_THREAD_lock_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREAD_lock_new.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREAD_lock_new.3ssl.gz
new file mode 100644
index 000000000..3e27080cd
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_THREAD_lock_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREAD_read_lock.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREAD_read_lock.3ssl.gz
new file mode 100644
index 000000000..3e27080cd
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_THREAD_read_lock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREAD_run_once.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREAD_run_once.3ssl.gz
new file mode 100644
index 000000000..3e27080cd
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_THREAD_run_once.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREAD_unlock.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREAD_unlock.3ssl.gz
new file mode 100644
index 000000000..3e27080cd
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_THREAD_unlock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_THREAD_write_lock.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_THREAD_write_lock.3ssl.gz
new file mode 100644
index 000000000..3e27080cd
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_THREAD_write_lock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_atomic_add.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_atomic_add.3ssl.gz
new file mode 100644
index 000000000..3e27080cd
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_atomic_add.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_clear_free.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_clear_free.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_clear_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_clear_realloc.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_clear_realloc.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_clear_realloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_destroy_dynlockid.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_destroy_dynlockid.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_destroy_dynlockid.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_free.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_free.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_free_ex_data.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_free_ex_data.3ssl.gz
new file mode 100644
index 000000000..9af83e92b
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_free_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_free_ex_index.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_free_ex_index.3ssl.gz
new file mode 100644
index 000000000..9af83e92b
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_free_ex_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_get_alloc_counts.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_get_alloc_counts.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_get_alloc_counts.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_get_ex_data.3ssl.gz
index 67a75b6b6..9af83e92b 100644
Binary files a/msys2/usr/share/man/man3/CRYPTO_get_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/CRYPTO_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..9af83e92b
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_get_mem_functions.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_get_mem_functions.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_get_mem_functions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_get_new_dynlockid.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_get_new_dynlockid.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_get_new_dynlockid.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_lock.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_lock.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_lock.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_malloc.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_malloc.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_malloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_mem_ctrl.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_mem_ctrl.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_mem_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_mem_debug_pop.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_mem_debug_pop.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_mem_debug_pop.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_mem_debug_push.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_mem_debug_push.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_mem_debug_push.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_mem_leaks.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_mem_leaks.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_mem_leaks.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_mem_leaks_cb.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_mem_leaks_cb.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_mem_leaks_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_mem_leaks_fp.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_mem_leaks_fp.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_mem_leaks_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_new_ex_data.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_new_ex_data.3ssl.gz
new file mode 100644
index 000000000..9af83e92b
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_new_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_num_locks.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_num_locks.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_num_locks.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_realloc.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_realloc.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_realloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_secure_clear_free.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_secure_clear_free.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_secure_clear_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_secure_free.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_secure_free.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_secure_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_secure_malloc.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_secure_malloc.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_secure_malloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_secure_malloc_done.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_secure_malloc_done.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_secure_malloc_done.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_secure_malloc_init.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_secure_malloc_init.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_secure_malloc_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_secure_malloc_initialized.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_secure_malloc_initialized.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_secure_malloc_initialized.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_secure_used.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_secure_used.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_secure_used.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_secure_zalloc.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_secure_zalloc.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_secure_zalloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_set_dynlock_create_callback.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_set_dynlock_create_callback.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_set_dynlock_create_callback.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_set_dynlock_destroy_callback.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_set_dynlock_destroy_callback.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_set_dynlock_destroy_callback.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_set_dynlock_lock_callback.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_set_dynlock_lock_callback.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_set_dynlock_lock_callback.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_set_ex_data.3ssl.gz
index 67a75b6b6..9af83e92b 100644
Binary files a/msys2/usr/share/man/man3/CRYPTO_set_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/CRYPTO_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_set_locking_callback.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_set_locking_callback.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/CRYPTO_set_locking_callback.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_set_mem_debug.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_set_mem_debug.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_set_mem_debug.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_set_mem_functions.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_set_mem_functions.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_set_mem_functions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_strdup.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_strdup.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_strdup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_strndup.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_strndup.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_strndup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CRYPTO_zalloc.3ssl.gz b/msys2/usr/share/man/man3/CRYPTO_zalloc.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/CRYPTO_zalloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_STORE_free.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_STORE_free.3ssl.gz
new file mode 100644
index 000000000..82a56eec1
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_STORE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_STORE_get0_log_by_id.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_STORE_get0_log_by_id.3ssl.gz
new file mode 100644
index 000000000..09470672f
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_STORE_get0_log_by_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_STORE_load_default_file.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_STORE_load_default_file.3ssl.gz
new file mode 100644
index 000000000..82a56eec1
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_STORE_load_default_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_STORE_load_file.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_STORE_load_file.3ssl.gz
new file mode 100644
index 000000000..82a56eec1
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_STORE_load_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_STORE_new.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_STORE_new.3ssl.gz
new file mode 100644
index 000000000..82a56eec1
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_STORE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_free.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_free.3ssl.gz
new file mode 100644
index 000000000..1cb69df02
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_get0_log_id.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_get0_log_id.3ssl.gz
new file mode 100644
index 000000000..1cb69df02
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_get0_log_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_get0_name.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_get0_name.3ssl.gz
new file mode 100644
index 000000000..1cb69df02
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_get0_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_get0_public_key.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_get0_public_key.3ssl.gz
new file mode 100644
index 000000000..1cb69df02
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_get0_public_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_new.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_new.3ssl.gz
new file mode 100644
index 000000000..1cb69df02
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CTLOG_new_from_base64.3ssl.gz b/msys2/usr/share/man/man3/CTLOG_new_from_base64.3ssl.gz
new file mode 100644
index 000000000..1cb69df02
Binary files /dev/null and b/msys2/usr/share/man/man3/CTLOG_new_from_base64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_free.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_cert.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_cert.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_issuer.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_issuer.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_issuer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_log_store.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_log_store.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_log_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get_time.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get_time.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_get_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_new.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set1_cert.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set1_cert.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set1_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set1_issuer.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set1_issuer.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set1_issuer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set_time.3ssl.gz b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set_time.3ssl.gz
new file mode 100644
index 000000000..44f1c542e
Binary files /dev/null and b/msys2/usr/share/man/man3/CT_POLICY_EVAL_CTX_set_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_ACTIVESOCKET.3.gz b/msys2/usr/share/man/man3/CURLINFO_ACTIVESOCKET.3.gz
index 81f16338b..ffc403a5e 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_ACTIVESOCKET.3.gz and b/msys2/usr/share/man/man3/CURLINFO_ACTIVESOCKET.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_APPCONNECT_TIME.3.gz b/msys2/usr/share/man/man3/CURLINFO_APPCONNECT_TIME.3.gz
index a59cba43f..22fc88229 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_APPCONNECT_TIME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_APPCONNECT_TIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_APPCONNECT_TIME_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_APPCONNECT_TIME_T.3.gz
new file mode 100644
index 000000000..792a1183b
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLINFO_APPCONNECT_TIME_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CERTINFO.3.gz b/msys2/usr/share/man/man3/CURLINFO_CERTINFO.3.gz
index 86115ce8e..88035c33a 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_CERTINFO.3.gz and b/msys2/usr/share/man/man3/CURLINFO_CERTINFO.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CONDITION_UNMET.3.gz b/msys2/usr/share/man/man3/CURLINFO_CONDITION_UNMET.3.gz
index 7ae10a282..07a5c41c6 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_CONDITION_UNMET.3.gz and b/msys2/usr/share/man/man3/CURLINFO_CONDITION_UNMET.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CONNECT_TIME.3.gz b/msys2/usr/share/man/man3/CURLINFO_CONNECT_TIME.3.gz
index 57fcd10f2..76604129b 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_CONNECT_TIME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_CONNECT_TIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CONNECT_TIME_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_CONNECT_TIME_T.3.gz
new file mode 100644
index 000000000..3af686a44
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLINFO_CONNECT_TIME_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3.gz b/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3.gz
index 9872b0fc4..75fe22f59 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3.gz and b/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3.gz
index 2082c0b34..37927af0b 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3.gz and b/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3.gz b/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3.gz
index 738f24a62..d466dc617 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3.gz and b/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3.gz
index 22dcd4bd2..1f72a44f0 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3.gz and b/msys2/usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_CONTENT_TYPE.3.gz b/msys2/usr/share/man/man3/CURLINFO_CONTENT_TYPE.3.gz
index fa4f03cc7..8dbca3c0a 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_CONTENT_TYPE.3.gz and b/msys2/usr/share/man/man3/CURLINFO_CONTENT_TYPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_COOKIELIST.3.gz b/msys2/usr/share/man/man3/CURLINFO_COOKIELIST.3.gz
index 3783fc0a5..75e9d5aa0 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_COOKIELIST.3.gz and b/msys2/usr/share/man/man3/CURLINFO_COOKIELIST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3.gz b/msys2/usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3.gz
index f2260743f..de2bba626 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3.gz and b/msys2/usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_FILETIME.3.gz b/msys2/usr/share/man/man3/CURLINFO_FILETIME.3.gz
index 392af461c..929760db4 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_FILETIME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_FILETIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_FILETIME_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_FILETIME_T.3.gz
new file mode 100644
index 000000000..7744c47b9
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLINFO_FILETIME_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_FTP_ENTRY_PATH.3.gz b/msys2/usr/share/man/man3/CURLINFO_FTP_ENTRY_PATH.3.gz
index 71c9940e0..a3f732d29 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_FTP_ENTRY_PATH.3.gz and b/msys2/usr/share/man/man3/CURLINFO_FTP_ENTRY_PATH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_HEADER_SIZE.3.gz b/msys2/usr/share/man/man3/CURLINFO_HEADER_SIZE.3.gz
index 76fa6d74a..4ce8e8b1a 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_HEADER_SIZE.3.gz and b/msys2/usr/share/man/man3/CURLINFO_HEADER_SIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_HTTPAUTH_AVAIL.3.gz b/msys2/usr/share/man/man3/CURLINFO_HTTPAUTH_AVAIL.3.gz
index bbf0aef79..f4b29070d 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_HTTPAUTH_AVAIL.3.gz and b/msys2/usr/share/man/man3/CURLINFO_HTTPAUTH_AVAIL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_HTTP_CONNECTCODE.3.gz b/msys2/usr/share/man/man3/CURLINFO_HTTP_CONNECTCODE.3.gz
index 69aed64a0..1c4b15faf 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_HTTP_CONNECTCODE.3.gz and b/msys2/usr/share/man/man3/CURLINFO_HTTP_CONNECTCODE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_HTTP_VERSION.3.gz b/msys2/usr/share/man/man3/CURLINFO_HTTP_VERSION.3.gz
index eaab11856..117c08658 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_HTTP_VERSION.3.gz and b/msys2/usr/share/man/man3/CURLINFO_HTTP_VERSION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_LASTSOCKET.3.gz b/msys2/usr/share/man/man3/CURLINFO_LASTSOCKET.3.gz
index cbb3bf5e5..14eef76b7 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_LASTSOCKET.3.gz and b/msys2/usr/share/man/man3/CURLINFO_LASTSOCKET.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_LOCAL_IP.3.gz b/msys2/usr/share/man/man3/CURLINFO_LOCAL_IP.3.gz
index 3a441d4a6..2e9d1fd8f 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_LOCAL_IP.3.gz and b/msys2/usr/share/man/man3/CURLINFO_LOCAL_IP.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_LOCAL_PORT.3.gz b/msys2/usr/share/man/man3/CURLINFO_LOCAL_PORT.3.gz
index 0d850476b..736c98364 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_LOCAL_PORT.3.gz and b/msys2/usr/share/man/man3/CURLINFO_LOCAL_PORT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME.3.gz b/msys2/usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME.3.gz
index 8d52a4421..fd6e0fda7 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME_T.3.gz
new file mode 100644
index 000000000..390572c6e
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_NUM_CONNECTS.3.gz b/msys2/usr/share/man/man3/CURLINFO_NUM_CONNECTS.3.gz
index 43a161d1b..a905fdd05 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_NUM_CONNECTS.3.gz and b/msys2/usr/share/man/man3/CURLINFO_NUM_CONNECTS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_OS_ERRNO.3.gz b/msys2/usr/share/man/man3/CURLINFO_OS_ERRNO.3.gz
index be3a971a7..99e0cb4ce 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_OS_ERRNO.3.gz and b/msys2/usr/share/man/man3/CURLINFO_OS_ERRNO.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_PRETRANSFER_TIME.3.gz b/msys2/usr/share/man/man3/CURLINFO_PRETRANSFER_TIME.3.gz
index 7890a5e21..24b66b081 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_PRETRANSFER_TIME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_PRETRANSFER_TIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_PRETRANSFER_TIME_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_PRETRANSFER_TIME_T.3.gz
new file mode 100644
index 000000000..7cf4df440
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLINFO_PRETRANSFER_TIME_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_PRIMARY_IP.3.gz b/msys2/usr/share/man/man3/CURLINFO_PRIMARY_IP.3.gz
index 77ec026e3..c5e39f7fe 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_PRIMARY_IP.3.gz and b/msys2/usr/share/man/man3/CURLINFO_PRIMARY_IP.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_PRIMARY_PORT.3.gz b/msys2/usr/share/man/man3/CURLINFO_PRIMARY_PORT.3.gz
index e92052d37..c14715d0f 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_PRIMARY_PORT.3.gz and b/msys2/usr/share/man/man3/CURLINFO_PRIMARY_PORT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_PRIVATE.3.gz b/msys2/usr/share/man/man3/CURLINFO_PRIVATE.3.gz
index b60c6f83e..2ab00d75a 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_PRIVATE.3.gz and b/msys2/usr/share/man/man3/CURLINFO_PRIVATE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_PROTOCOL.3.gz b/msys2/usr/share/man/man3/CURLINFO_PROTOCOL.3.gz
index 77f754a76..f2584fa73 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_PROTOCOL.3.gz and b/msys2/usr/share/man/man3/CURLINFO_PROTOCOL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_PROXYAUTH_AVAIL.3.gz b/msys2/usr/share/man/man3/CURLINFO_PROXYAUTH_AVAIL.3.gz
index 7c7899e80..5f8c070d7 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_PROXYAUTH_AVAIL.3.gz and b/msys2/usr/share/man/man3/CURLINFO_PROXYAUTH_AVAIL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3.gz b/msys2/usr/share/man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3.gz
index be8f01a8a..22a73e036 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3.gz and b/msys2/usr/share/man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_REDIRECT_COUNT.3.gz b/msys2/usr/share/man/man3/CURLINFO_REDIRECT_COUNT.3.gz
index d53c88d65..87898ea6e 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_REDIRECT_COUNT.3.gz and b/msys2/usr/share/man/man3/CURLINFO_REDIRECT_COUNT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_REDIRECT_TIME.3.gz b/msys2/usr/share/man/man3/CURLINFO_REDIRECT_TIME.3.gz
index a685d9da9..3d5f531e8 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_REDIRECT_TIME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_REDIRECT_TIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_REDIRECT_TIME_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_REDIRECT_TIME_T.3.gz
new file mode 100644
index 000000000..b21e83775
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLINFO_REDIRECT_TIME_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_REDIRECT_URL.3.gz b/msys2/usr/share/man/man3/CURLINFO_REDIRECT_URL.3.gz
index 92f02e1e3..cd8582619 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_REDIRECT_URL.3.gz and b/msys2/usr/share/man/man3/CURLINFO_REDIRECT_URL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_REQUEST_SIZE.3.gz b/msys2/usr/share/man/man3/CURLINFO_REQUEST_SIZE.3.gz
index 7012a8455..8faf377c0 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_REQUEST_SIZE.3.gz and b/msys2/usr/share/man/man3/CURLINFO_REQUEST_SIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_RESPONSE_CODE.3.gz b/msys2/usr/share/man/man3/CURLINFO_RESPONSE_CODE.3.gz
index 35395d27d..8e3328aa2 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_RESPONSE_CODE.3.gz and b/msys2/usr/share/man/man3/CURLINFO_RESPONSE_CODE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3.gz b/msys2/usr/share/man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3.gz
index a3970699b..5b26cd860 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3.gz and b/msys2/usr/share/man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3.gz b/msys2/usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3.gz
index 883fcd7e9..6c665674a 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3.gz and b/msys2/usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3.gz b/msys2/usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3.gz
index 9fe93a336..d57ab7edf 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3.gz and b/msys2/usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3.gz b/msys2/usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3.gz
index 1f0f26f34..665289293 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3.gz and b/msys2/usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SCHEME.3.gz b/msys2/usr/share/man/man3/CURLINFO_SCHEME.3.gz
index 36f5f42a9..293be4632 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SCHEME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SCHEME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3.gz b/msys2/usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3.gz
index 73600f13e..63c497b5d 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3.gz
index fde00f44e..8ff5a1931 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3.gz b/msys2/usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3.gz
index e7eb9a7de..5d08e867e 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SIZE_UPLOAD_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_SIZE_UPLOAD_T.3.gz
index 127c8039f..98bbbebc8 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SIZE_UPLOAD_T.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SIZE_UPLOAD_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD.3.gz b/msys2/usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD.3.gz
index c6ff2225a..cfb3ad7d7 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD_T.3.gz
index 0f13148b4..22c19f970 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD_T.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SPEED_UPLOAD.3.gz b/msys2/usr/share/man/man3/CURLINFO_SPEED_UPLOAD.3.gz
index ec2576289..d6d2f0557 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SPEED_UPLOAD.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SPEED_UPLOAD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SPEED_UPLOAD_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_SPEED_UPLOAD_T.3.gz
index 9fb6bbe99..48f4a9764 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SPEED_UPLOAD_T.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SPEED_UPLOAD_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SSL_ENGINES.3.gz b/msys2/usr/share/man/man3/CURLINFO_SSL_ENGINES.3.gz
index 5793a5a3f..3c4bcbbac 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SSL_ENGINES.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SSL_ENGINES.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_SSL_VERIFYRESULT.3.gz b/msys2/usr/share/man/man3/CURLINFO_SSL_VERIFYRESULT.3.gz
index 00a8973c3..8eb7b7d08 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_SSL_VERIFYRESULT.3.gz and b/msys2/usr/share/man/man3/CURLINFO_SSL_VERIFYRESULT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME.3.gz b/msys2/usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME.3.gz
index c757de527..1dcae1c9d 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME_T.3.gz
new file mode 100644
index 000000000..4d436deb0
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_TLS_SESSION.3.gz b/msys2/usr/share/man/man3/CURLINFO_TLS_SESSION.3.gz
index 5c4bbf7da..5b9c8fe15 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_TLS_SESSION.3.gz and b/msys2/usr/share/man/man3/CURLINFO_TLS_SESSION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_TLS_SSL_PTR.3.gz b/msys2/usr/share/man/man3/CURLINFO_TLS_SSL_PTR.3.gz
index 63630551d..df13ad7e3 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_TLS_SSL_PTR.3.gz and b/msys2/usr/share/man/man3/CURLINFO_TLS_SSL_PTR.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_TOTAL_TIME.3.gz b/msys2/usr/share/man/man3/CURLINFO_TOTAL_TIME.3.gz
index 6cd7af2fd..1afd0bbff 100644
Binary files a/msys2/usr/share/man/man3/CURLINFO_TOTAL_TIME.3.gz and b/msys2/usr/share/man/man3/CURLINFO_TOTAL_TIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLINFO_TOTAL_TIME_T.3.gz b/msys2/usr/share/man/man3/CURLINFO_TOTAL_TIME_T.3.gz
new file mode 100644
index 000000000..ec7e03bc8
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLINFO_TOTAL_TIME_T.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3.gz b/msys2/usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3.gz
index 8a9a2e402..8d0061a5c 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3.gz b/msys2/usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3.gz
index 88db89313..e2edf9fbb 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_MAXCONNECTS.3.gz b/msys2/usr/share/man/man3/CURLMOPT_MAXCONNECTS.3.gz
index 6c55726ad..2528850c6 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_MAXCONNECTS.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_MAXCONNECTS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3.gz b/msys2/usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3.gz
index 5c5ff722f..79cf4d1d0 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3.gz b/msys2/usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3.gz
index 68a9a4c10..b5dce6d18 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3.gz b/msys2/usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3.gz
index a20ad53a6..40c111fb1 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_PIPELINING.3.gz b/msys2/usr/share/man/man3/CURLMOPT_PIPELINING.3.gz
index 5fdd92907..36512bbc1 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_PIPELINING.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_PIPELINING.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3.gz b/msys2/usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3.gz
index 456aef9a5..695c41945 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3.gz b/msys2/usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3.gz
index 2f684396f..d5756aa8f 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_PUSHDATA.3.gz b/msys2/usr/share/man/man3/CURLMOPT_PUSHDATA.3.gz
index 700d767c9..93d173d3f 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_PUSHDATA.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_PUSHDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_PUSHFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLMOPT_PUSHFUNCTION.3.gz
index 23b47a011..45584bbab 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_PUSHFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_PUSHFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_SOCKETDATA.3.gz b/msys2/usr/share/man/man3/CURLMOPT_SOCKETDATA.3.gz
index 9ed64d26e..4d64264a1 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_SOCKETDATA.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_SOCKETDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3.gz
index e6d5c60af..8254f81c6 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_TIMERDATA.3.gz b/msys2/usr/share/man/man3/CURLMOPT_TIMERDATA.3.gz
index 87e4194cc..0cc419966 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_TIMERDATA.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_TIMERDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3.gz
index 13a131343..6165e08e2 100644
Binary files a/msys2/usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3.gz b/msys2/usr/share/man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3.gz
index 913d9d3ec..8d628ff62 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3.gz and b/msys2/usr/share/man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3.gz b/msys2/usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3.gz
index 3355c1c35..cdd4bd98a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3.gz b/msys2/usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3.gz
index 4ea09fb29..bb1480383 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3.gz and b/msys2/usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3.gz b/msys2/usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3.gz
index 17529b91a..8cf307dff 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_ALTSVC.3.gz b/msys2/usr/share/man/man3/CURLOPT_ALTSVC.3.gz
new file mode 100644
index 000000000..5ad0517b6
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_ALTSVC.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_ALTSVC_CTRL.3.gz b/msys2/usr/share/man/man3/CURLOPT_ALTSVC_CTRL.3.gz
new file mode 100644
index 000000000..2c2e1218d
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_ALTSVC_CTRL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_APPEND.3.gz b/msys2/usr/share/man/man3/CURLOPT_APPEND.3.gz
index 2d94661c9..7bf832e9a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_APPEND.3.gz and b/msys2/usr/share/man/man3/CURLOPT_APPEND.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_AUTOREFERER.3.gz b/msys2/usr/share/man/man3/CURLOPT_AUTOREFERER.3.gz
index 250eff015..ed96a2bad 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_AUTOREFERER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_AUTOREFERER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_BUFFERSIZE.3.gz b/msys2/usr/share/man/man3/CURLOPT_BUFFERSIZE.3.gz
index ed2b8f5de..bac2e0f1a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_BUFFERSIZE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_BUFFERSIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CAINFO.3.gz b/msys2/usr/share/man/man3/CURLOPT_CAINFO.3.gz
index 291cd9122..fa9db6ac6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CAINFO.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CAINFO.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CAPATH.3.gz b/msys2/usr/share/man/man3/CURLOPT_CAPATH.3.gz
index 79b0c7b76..8622a3a09 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CAPATH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CAPATH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CERTINFO.3.gz b/msys2/usr/share/man/man3/CURLOPT_CERTINFO.3.gz
index 263895f8d..e64c23447 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CERTINFO.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CERTINFO.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3.gz
index c3ea6120b..25a87598f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CHUNK_DATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_CHUNK_DATA.3.gz
index 855443279..c96a5d353 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CHUNK_DATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CHUNK_DATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3.gz
index 4731233b8..ca84f418e 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3.gz
index 9e6e411b5..6854cd3cb 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3.gz
index 7ad219c0a..a39d5f15d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3.gz b/msys2/usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3.gz
index 9ed675726..66d52c188 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3.gz b/msys2/usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3.gz
index c2e6c6cde..4142ea785 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CONNECT_ONLY.3.gz b/msys2/usr/share/man/man3/CURLOPT_CONNECT_ONLY.3.gz
index 2bd5011e3..a58af0fcb 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CONNECT_ONLY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CONNECT_ONLY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CONNECT_TO.3.gz b/msys2/usr/share/man/man3/CURLOPT_CONNECT_TO.3.gz
index 4ae4f3c04..30025096f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CONNECT_TO.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CONNECT_TO.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3.gz
index 33b456faa..b16e01495 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3.gz
index 481e7a835..4d8197f1e 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3.gz
index e8d3aaf1a..46dca038a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_COOKIE.3.gz b/msys2/usr/share/man/man3/CURLOPT_COOKIE.3.gz
index ec3f6863d..41bf81390 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_COOKIE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_COOKIE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_COOKIEFILE.3.gz b/msys2/usr/share/man/man3/CURLOPT_COOKIEFILE.3.gz
index fb0cac7f0..85c76c8cd 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_COOKIEFILE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_COOKIEFILE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_COOKIEJAR.3.gz b/msys2/usr/share/man/man3/CURLOPT_COOKIEJAR.3.gz
index 94dd74009..325f1249d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_COOKIEJAR.3.gz and b/msys2/usr/share/man/man3/CURLOPT_COOKIEJAR.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_COOKIELIST.3.gz b/msys2/usr/share/man/man3/CURLOPT_COOKIELIST.3.gz
index 5e8dd518b..c9f2fd216 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_COOKIELIST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_COOKIELIST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_COOKIESESSION.3.gz b/msys2/usr/share/man/man3/CURLOPT_COOKIESESSION.3.gz
index 2da4caa34..699a79c5e 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_COOKIESESSION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_COOKIESESSION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3.gz b/msys2/usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3.gz
index 85e765e62..04c445c96 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CRLF.3.gz b/msys2/usr/share/man/man3/CURLOPT_CRLF.3.gz
index d467abc1a..437ea45e9 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CRLF.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CRLF.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CRLFILE.3.gz b/msys2/usr/share/man/man3/CURLOPT_CRLFILE.3.gz
index b1272acaa..1dea6ea56 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CRLFILE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CRLFILE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CURLU.3.gz b/msys2/usr/share/man/man3/CURLOPT_CURLU.3.gz
new file mode 100644
index 000000000..4552e7b24
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_CURLU.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3.gz b/msys2/usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3.gz
index ac94a4d0e..484dab8d1 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DEBUGDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_DEBUGDATA.3.gz
index 021c62306..e06dc71cc 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DEBUGDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DEBUGDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3.gz
index 3f072cb3e..d10aac7aa 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DEFAULT_PROTOCOL.3.gz b/msys2/usr/share/man/man3/CURLOPT_DEFAULT_PROTOCOL.3.gz
index c71b36a28..20544416a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DEFAULT_PROTOCOL.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DEFAULT_PROTOCOL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DIRLISTONLY.3.gz b/msys2/usr/share/man/man3/CURLOPT_DIRLISTONLY.3.gz
index ed3dd45ea..99174587b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DIRLISTONLY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DIRLISTONLY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DISALLOW_USERNAME_IN_URL.3.gz b/msys2/usr/share/man/man3/CURLOPT_DISALLOW_USERNAME_IN_URL.3.gz
new file mode 100644
index 000000000..3351e878f
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_DISALLOW_USERNAME_IN_URL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3.gz b/msys2/usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3.gz
index 580364942..c1a1c66f0 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DNS_INTERFACE.3.gz b/msys2/usr/share/man/man3/CURLOPT_DNS_INTERFACE.3.gz
index 2394ac96f..190a391a1 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DNS_INTERFACE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DNS_INTERFACE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3.gz b/msys2/usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3.gz
index 43d58f391..e5c85377d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz b/msys2/usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz
index 124308c20..90558b6f9 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DNS_SERVERS.3.gz b/msys2/usr/share/man/man3/CURLOPT_DNS_SERVERS.3.gz
index 2ee407210..ce6350888 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DNS_SERVERS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DNS_SERVERS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DNS_SHUFFLE_ADDRESSES.3.gz b/msys2/usr/share/man/man3/CURLOPT_DNS_SHUFFLE_ADDRESSES.3.gz
new file mode 100644
index 000000000..eac8ac6ad
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_DNS_SHUFFLE_ADDRESSES.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz b/msys2/usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz
index 45dc16336..a00cda035 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_DOH_URL.3.gz b/msys2/usr/share/man/man3/CURLOPT_DOH_URL.3.gz
new file mode 100644
index 000000000..4fb1046fd
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_DOH_URL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_EGDSOCKET.3.gz b/msys2/usr/share/man/man3/CURLOPT_EGDSOCKET.3.gz
index 663aedf24..8a3da2ee1 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_EGDSOCKET.3.gz and b/msys2/usr/share/man/man3/CURLOPT_EGDSOCKET.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_ERRORBUFFER.3.gz b/msys2/usr/share/man/man3/CURLOPT_ERRORBUFFER.3.gz
index 79f5b8b20..78512fa3b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_ERRORBUFFER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_ERRORBUFFER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3.gz b/msys2/usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3.gz
index 48f87c2a9..12a654900 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FAILONERROR.3.gz b/msys2/usr/share/man/man3/CURLOPT_FAILONERROR.3.gz
index 992368c44..bc0ecb207 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FAILONERROR.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FAILONERROR.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FILETIME.3.gz b/msys2/usr/share/man/man3/CURLOPT_FILETIME.3.gz
index 36cc11a4d..9798a618f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FILETIME.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FILETIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FNMATCH_DATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_FNMATCH_DATA.3.gz
index 38f50a3b3..7c6cd5458 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FNMATCH_DATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FNMATCH_DATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3.gz
index bb60e775a..becbf0ef7 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3.gz b/msys2/usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3.gz
index 4358cbff8..af44b7812 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FORBID_REUSE.3.gz b/msys2/usr/share/man/man3/CURLOPT_FORBID_REUSE.3.gz
index 3cee67c4d..769ca086b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FORBID_REUSE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FORBID_REUSE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FRESH_CONNECT.3.gz b/msys2/usr/share/man/man3/CURLOPT_FRESH_CONNECT.3.gz
index 43ecd0adf..88c96cf56 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FRESH_CONNECT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FRESH_CONNECT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTPPORT.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTPPORT.3.gz
index 708ff8255..85d34542c 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTPPORT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTPPORT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTPSSLAUTH.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTPSSLAUTH.3.gz
index 32cb4b09a..c269aeac9 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTPSSLAUTH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTPSSLAUTH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3.gz
index 4a34b43f3..63b9eeac5 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3.gz
index 08ac76761..d03c4bc0f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3.gz
index 68d2f3675..cc6e60b0b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3.gz
index f34f47cc3..f3ddd7f36 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3.gz
index cb3de3072..9014f142a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3.gz
index fa45e4306..e65c4eb83 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3.gz
index 72ec5ba08..c68341a36 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3.gz
index f24427349..6cfe144a1 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3.gz
index a35e6afbb..a62fe46d9 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_FTP_USE_PRET.3.gz b/msys2/usr/share/man/man3/CURLOPT_FTP_USE_PRET.3.gz
index f8ffeffc8..d0bc84954 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_FTP_USE_PRET.3.gz and b/msys2/usr/share/man/man3/CURLOPT_FTP_USE_PRET.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3.gz b/msys2/usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3.gz
index 84b34fbc3..fe56597a4 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3.gz b/msys2/usr/share/man/man3/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3.gz
new file mode 100644
index 000000000..109314478
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HAPROXYPROTOCOL.3.gz b/msys2/usr/share/man/man3/CURLOPT_HAPROXYPROTOCOL.3.gz
new file mode 100644
index 000000000..325640741
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_HAPROXYPROTOCOL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HEADER.3.gz b/msys2/usr/share/man/man3/CURLOPT_HEADER.3.gz
index b57d05985..4bf089b78 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HEADER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HEADER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HEADERDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_HEADERDATA.3.gz
index 4a28dadd0..7a5d3763b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HEADERDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HEADERDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HEADERFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_HEADERFUNCTION.3.gz
index ff1c8bfd6..ff63695c1 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HEADERFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HEADERFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HEADEROPT.3.gz b/msys2/usr/share/man/man3/CURLOPT_HEADEROPT.3.gz
index 0fe95cc68..ddd63a222 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HEADEROPT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HEADEROPT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTP09_ALLOWED.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTP09_ALLOWED.3.gz
new file mode 100644
index 000000000..ba2b30e60
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_HTTP09_ALLOWED.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTP200ALIASES.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTP200ALIASES.3.gz
index cffda2e3d..e3f0c56e0 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTP200ALIASES.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTP200ALIASES.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTPAUTH.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTPAUTH.3.gz
index 7b17828d7..f75eeb318 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTPAUTH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTPAUTH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTPGET.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTPGET.3.gz
index 1902d63bf..c3f04e68f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTPGET.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTPGET.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTPHEADER.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTPHEADER.3.gz
index 5e4d6aee8..de60beff9 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTPHEADER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTPHEADER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTPPOST.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTPPOST.3.gz
index 0f3b0e763..788afd744 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTPPOST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTPPOST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3.gz
index 739370db2..ae597b28a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3.gz
index 2f23353a6..85026e7bb 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3.gz
index 0b046237b..ebb575ec0 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_HTTP_VERSION.3.gz b/msys2/usr/share/man/man3/CURLOPT_HTTP_VERSION.3.gz
index 16d2f5920..5b6576648 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_HTTP_VERSION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_HTTP_VERSION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3.gz b/msys2/usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3.gz
index a9b574b44..e10b14590 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_INFILESIZE.3.gz b/msys2/usr/share/man/man3/CURLOPT_INFILESIZE.3.gz
index 73cf1d7cf..1ecc8d232 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_INFILESIZE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_INFILESIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3.gz
index 19845a603..c290e5678 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_INTERFACE.3.gz b/msys2/usr/share/man/man3/CURLOPT_INTERFACE.3.gz
index a714984ea..535a89c87 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_INTERFACE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_INTERFACE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3.gz
index ce6583fae..96d58a9c4 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3.gz
index 0798137de..0174cc5b3 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_IOCTLDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_IOCTLDATA.3.gz
index 016ca1259..5505fd181 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_IOCTLDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_IOCTLDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz
index affb3556d..fe0a55dae 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz b/msys2/usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz
index 1cabb42e7..6b611f37c 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz b/msys2/usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz
index 588b1763e..454779808 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz b/msys2/usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz
index 3880311d6..d93586f4f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz and b/msys2/usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz b/msys2/usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz
index 842880e45..0049e708a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz b/msys2/usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz
index 04b7e90c2..a099a69c6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz and b/msys2/usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_LOCALPORT.3.gz b/msys2/usr/share/man/man3/CURLOPT_LOCALPORT.3.gz
index 1deb64f88..b35495afe 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_LOCALPORT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_LOCALPORT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3.gz
index 14652128b..6d4bd02da 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3.gz b/msys2/usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3.gz
index 48d91a0cb..1b4180c88 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3.gz b/msys2/usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3.gz
index 993ab1d53..86262f95c 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3.gz b/msys2/usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3.gz
index 5dc83ac05..b39b50518 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3.gz and b/msys2/usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAIL_AUTH.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAIL_AUTH.3.gz
index da0fee82a..a5bccccc4 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAIL_AUTH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAIL_AUTH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAIL_FROM.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAIL_FROM.3.gz
index 394e31430..bffdee3bd 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAIL_FROM.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAIL_FROM.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAIL_RCPT.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAIL_RCPT.3.gz
index 8a61ca2c7..a2af2576b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAIL_RCPT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAIL_RCPT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAXAGE_CONN.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAXAGE_CONN.3.gz
new file mode 100644
index 000000000..383ab4cf4
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_MAXAGE_CONN.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAXCONNECTS.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAXCONNECTS.3.gz
index 5eb29433e..7820bb0f2 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAXCONNECTS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAXCONNECTS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAXFILESIZE.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAXFILESIZE.3.gz
index 412193e58..16fb5bda6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAXFILESIZE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAXFILESIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3.gz
index 62dc7d553..082655c72 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAXREDIRS.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAXREDIRS.3.gz
index 4d7664dfd..6566f1889 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAXREDIRS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAXREDIRS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3.gz
index 238f02515..05bd5ef05 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3.gz
index 3a3f50677..f2404d7f4 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_MIMEPOST.3.gz b/msys2/usr/share/man/man3/CURLOPT_MIMEPOST.3.gz
index 38c4260d2..4b55e09f5 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_MIMEPOST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_MIMEPOST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_NETRC.3.gz b/msys2/usr/share/man/man3/CURLOPT_NETRC.3.gz
index 52cd9e792..932837bd6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_NETRC.3.gz and b/msys2/usr/share/man/man3/CURLOPT_NETRC.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_NETRC_FILE.3.gz b/msys2/usr/share/man/man3/CURLOPT_NETRC_FILE.3.gz
index 99abff9ac..3acdf0e87 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_NETRC_FILE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_NETRC_FILE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3.gz b/msys2/usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3.gz
index a43ffbec1..4fe7085bd 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3.gz b/msys2/usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3.gz
index 6feb7f777..b1c34afaf 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_NOBODY.3.gz b/msys2/usr/share/man/man3/CURLOPT_NOBODY.3.gz
index e8ee127be..ae2d8d21f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_NOBODY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_NOBODY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_NOPROGRESS.3.gz b/msys2/usr/share/man/man3/CURLOPT_NOPROGRESS.3.gz
index 814a8665c..2651e9a4a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_NOPROGRESS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_NOPROGRESS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_NOPROXY.3.gz b/msys2/usr/share/man/man3/CURLOPT_NOPROXY.3.gz
index 52108c1e1..e8584413a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_NOPROXY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_NOPROXY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_NOSIGNAL.3.gz b/msys2/usr/share/man/man3/CURLOPT_NOSIGNAL.3.gz
index 8d49a8ff1..36335f8e1 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_NOSIGNAL.3.gz and b/msys2/usr/share/man/man3/CURLOPT_NOSIGNAL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3.gz
index fbec608da..eb96fd00b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3.gz
index 5f8911c8e..f852ec961 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PASSWORD.3.gz b/msys2/usr/share/man/man3/CURLOPT_PASSWORD.3.gz
index 61c1882ff..857bf1e7f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PASSWORD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PASSWORD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PATH_AS_IS.3.gz b/msys2/usr/share/man/man3/CURLOPT_PATH_AS_IS.3.gz
index cd40e95dc..47bced70b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PATH_AS_IS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PATH_AS_IS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PINNEDPUBLICKEY.3.gz b/msys2/usr/share/man/man3/CURLOPT_PINNEDPUBLICKEY.3.gz
index 8a7680417..5965f4f73 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PINNEDPUBLICKEY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PINNEDPUBLICKEY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PIPEWAIT.3.gz b/msys2/usr/share/man/man3/CURLOPT_PIPEWAIT.3.gz
index 0a5afc4f9..94baf57c8 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PIPEWAIT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PIPEWAIT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PORT.3.gz b/msys2/usr/share/man/man3/CURLOPT_PORT.3.gz
index 46bd44bc5..4d5bd4317 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PORT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PORT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_POST.3.gz b/msys2/usr/share/man/man3/CURLOPT_POST.3.gz
index b3214fc34..a1480bca0 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_POST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_POST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_POSTFIELDS.3.gz b/msys2/usr/share/man/man3/CURLOPT_POSTFIELDS.3.gz
index 634d41253..258d17224 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_POSTFIELDS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_POSTFIELDS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3.gz b/msys2/usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3.gz
index f0d0538f7..2323f61de 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3.gz
index ba010a9c1..1a31dd2ed 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_POSTQUOTE.3.gz b/msys2/usr/share/man/man3/CURLOPT_POSTQUOTE.3.gz
index ead53a8bc..ef686cdfb 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_POSTQUOTE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_POSTQUOTE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_POSTREDIR.3.gz b/msys2/usr/share/man/man3/CURLOPT_POSTREDIR.3.gz
index a0b73be58..7079fa91b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_POSTREDIR.3.gz and b/msys2/usr/share/man/man3/CURLOPT_POSTREDIR.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PREQUOTE.3.gz b/msys2/usr/share/man/man3/CURLOPT_PREQUOTE.3.gz
index 9c8fee963..94ed8c6f6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PREQUOTE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PREQUOTE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PRE_PROXY.3.gz b/msys2/usr/share/man/man3/CURLOPT_PRE_PROXY.3.gz
index 875738e91..deec1f843 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PRE_PROXY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PRE_PROXY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PRIVATE.3.gz b/msys2/usr/share/man/man3/CURLOPT_PRIVATE.3.gz
index 70d72b115..fe048ecf1 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PRIVATE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PRIVATE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROGRESSDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROGRESSDATA.3.gz
index 91f39c3ab..dbd578c41 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROGRESSDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROGRESSDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3.gz
index 286d713ea..94c6c059d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROTOCOLS.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROTOCOLS.3.gz
index eccdecd3f..699f8b8ad 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROTOCOLS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROTOCOLS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY.3.gz
index 162b706c8..884609ae6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXYAUTH.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXYAUTH.3.gz
index 96796cd7c..c90948a94 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXYAUTH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXYAUTH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXYHEADER.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXYHEADER.3.gz
index 2722104d2..5af205ed3 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXYHEADER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXYHEADER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXYPASSWORD.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXYPASSWORD.3.gz
index ea3b77e75..f1f8ec676 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXYPASSWORD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXYPASSWORD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXYPORT.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXYPORT.3.gz
index 4444fb76c..35751f47a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXYPORT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXYPORT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXYTYPE.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXYTYPE.3.gz
index 484c5052b..6b07f04e6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXYTYPE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXYTYPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXYUSERNAME.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXYUSERNAME.3.gz
index 5ecc27ba0..17eeefac5 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXYUSERNAME.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXYUSERNAME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXYUSERPWD.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXYUSERPWD.3.gz
index 4ecdfe7b1..6f870d907 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXYUSERPWD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXYUSERPWD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_CAINFO.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_CAINFO.3.gz
index 283997982..7d3fb0e77 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_CAINFO.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_CAINFO.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_CAPATH.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_CAPATH.3.gz
index 3683ed226..899f5c3f3 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_CAPATH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_CAPATH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3.gz
index 62aadc748..a82ebfd4d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3.gz
index 8cc25beef..b364a15d9 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3.gz
index d6f5d102c..cae990375 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3.gz
index 416ac612d..f09ca1a14 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3.gz
index 9019840b3..ca17d23e7 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3.gz
index 3cad44c6a..82fda437f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3.gz
index ad8b4b6eb..6d66e7cdd 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3.gz
index 05d663425..160cbf898 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3.gz
index 03f70266b..3a3bf410b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3.gz
index feb5eaab8..651d1a5e5 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3.gz
index 2dfb48a2e..1ca10e36b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3.gz
index e6377aa82..3b7031fb3 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3.gz
index 694bf43e5..a51b7cf3a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_TLS13_CIPHERS.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_TLS13_CIPHERS.3.gz
new file mode 100644
index 000000000..beea5201e
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_PROXY_TLS13_CIPHERS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3.gz
index e0bc6013a..59551591e 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3.gz
index d966c5ab2..c2c750a0a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3.gz
index ceb0ea6f9..88edbd05d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3.gz b/msys2/usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3.gz
index 9332ecc7e..f941a3658 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_PUT.3.gz b/msys2/usr/share/man/man3/CURLOPT_PUT.3.gz
index 7336fb3da..d37cec16f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_PUT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_PUT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_QUOTE.3.gz b/msys2/usr/share/man/man3/CURLOPT_QUOTE.3.gz
index 00562852a..beefe2308 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_QUOTE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_QUOTE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RANDOM_FILE.3.gz b/msys2/usr/share/man/man3/CURLOPT_RANDOM_FILE.3.gz
index 1d221b9e1..97edb725c 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RANDOM_FILE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RANDOM_FILE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RANGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_RANGE.3.gz
index d8dfc385c..9d6e60db7 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RANGE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RANGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_READDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_READDATA.3.gz
index fa6bc434c..ff2a593da 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_READDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_READDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_READFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_READFUNCTION.3.gz
index 53c694066..f0413739d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_READFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_READFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3.gz b/msys2/usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3.gz
index b82fcaad8..cb96465e0 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_REFERER.3.gz b/msys2/usr/share/man/man3/CURLOPT_REFERER.3.gz
index c5228ede6..28663ee5d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_REFERER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_REFERER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_REQUEST_TARGET.3.gz b/msys2/usr/share/man/man3/CURLOPT_REQUEST_TARGET.3.gz
index 67adf85b8..de88fee3c 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_REQUEST_TARGET.3.gz and b/msys2/usr/share/man/man3/CURLOPT_REQUEST_TARGET.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RESOLVE.3.gz b/msys2/usr/share/man/man3/CURLOPT_RESOLVE.3.gz
index 84aecea4c..72dcfa2c9 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RESOLVE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RESOLVE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RESOLVER_START_DATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_RESOLVER_START_DATA.3.gz
new file mode 100644
index 000000000..69cab49aa
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_RESOLVER_START_DATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RESOLVER_START_FUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_RESOLVER_START_FUNCTION.3.gz
new file mode 100644
index 000000000..ef5ce2905
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_RESOLVER_START_FUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RESUME_FROM.3.gz b/msys2/usr/share/man/man3/CURLOPT_RESUME_FROM.3.gz
index 57fb55a54..ecbff128b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RESUME_FROM.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RESUME_FROM.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3.gz
index 48174edde..f08ab3010 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3.gz b/msys2/usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3.gz
index c6b8ab025..77e0db503 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RTSP_REQUEST.3.gz b/msys2/usr/share/man/man3/CURLOPT_RTSP_REQUEST.3.gz
index 47ca47d08..44d398588 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RTSP_REQUEST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RTSP_REQUEST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3.gz b/msys2/usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3.gz
index b739f057b..08fe736db 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3.gz b/msys2/usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3.gz
index ce9c9d242..bc9a64aa8 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3.gz b/msys2/usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3.gz
index 435b17018..677fcd81f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3.gz b/msys2/usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3.gz
index 7e355c9db..83184da3b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SASL_IR.3.gz b/msys2/usr/share/man/man3/CURLOPT_SASL_IR.3.gz
index 063fdc093..25d67a202 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SASL_IR.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SASL_IR.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SEEKDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_SEEKDATA.3.gz
index de86316c3..9910b067d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SEEKDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SEEKDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SEEKFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_SEEKFUNCTION.3.gz
index c8c8212df..30ee5a606 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SEEKFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SEEKFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SERVICE_NAME.3.gz b/msys2/usr/share/man/man3/CURLOPT_SERVICE_NAME.3.gz
index 063d25527..28b308708 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SERVICE_NAME.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SERVICE_NAME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SHARE.3.gz b/msys2/usr/share/man/man3/CURLOPT_SHARE.3.gz
index 4fee64125..71d51f1fa 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SHARE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SHARE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SOCKOPTDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_SOCKOPTDATA.3.gz
index 290dd86c9..6a1c6ac70 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SOCKOPTDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SOCKOPTDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3.gz
index 7ca6a6b66..7a4bc04c5 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SOCKS5_AUTH.3.gz b/msys2/usr/share/man/man3/CURLOPT_SOCKS5_AUTH.3.gz
index 8e5142a0c..c4c55fdc9 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SOCKS5_AUTH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SOCKS5_AUTH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3.gz b/msys2/usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3.gz
index 67ff27823..4180bf0bb 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3.gz b/msys2/usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3.gz
index 59372cca5..98465c56a 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3.gz
index 3574571b8..9283b5ca1 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3.gz
index 009697833..981042901 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3.gz
index 5a412c870..5eb3a94e2 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSH_KEYDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSH_KEYDATA.3.gz
index 9bf59fa02..f6fc8f3de 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSH_KEYDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSH_KEYDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3.gz
index 001e928e4..497bef5f8 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3.gz
index 1e89e33f6..7fea1f638 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3.gz
index 7a9b793de..665ae6c0f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3.gz
index 62d90763c..4718301be 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSLCERT.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSLCERT.3.gz
index 631c87715..8998e213f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSLCERT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSLCERT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSLCERTTYPE.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSLCERTTYPE.3.gz
index 92666c62e..a39898c26 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSLCERTTYPE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSLCERTTYPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSLENGINE.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSLENGINE.3.gz
index f6357197a..827b4b9da 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSLENGINE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSLENGINE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3.gz
index fc9e60568..ac32d22dc 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSLKEY.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSLKEY.3.gz
index 43d6adde4..08d25fd27 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSLKEY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSLKEY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSLKEYTYPE.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSLKEYTYPE.3.gz
index e97900885..8721c6e63 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSLKEYTYPE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSLKEYTYPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSLVERSION.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSLVERSION.3.gz
index 6c4a9bcc2..99442a244 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSLVERSION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSLVERSION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3.gz
index 1204eead4..56182146e 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3.gz
index bdef42df5..8ec35a34f 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3.gz
index 420ff2aba..2cc36722b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3.gz
index 670130599..1636192a8 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3.gz
index 2377d65ea..7c8dbaf48 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_FALSESTART.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_FALSESTART.3.gz
index 78028e670..7a6dc444b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_FALSESTART.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_FALSESTART.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_OPTIONS.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_OPTIONS.3.gz
index e87b2a9b1..b221d6bc0 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_OPTIONS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_OPTIONS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3.gz
index ffc5e202c..96f0ff9c6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3.gz
index 690a86924..bbb1accc7 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3.gz
index 4d8778fa3..21b881891 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYSTATUS.3.gz b/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYSTATUS.3.gz
index 320000b09..31b60fb24 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYSTATUS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SSL_VERIFYSTATUS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_STDERR.3.gz b/msys2/usr/share/man/man3/CURLOPT_STDERR.3.gz
index 9692d5d19..3a3742a45 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_STDERR.3.gz and b/msys2/usr/share/man/man3/CURLOPT_STDERR.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_STREAM_DEPENDS.3.gz b/msys2/usr/share/man/man3/CURLOPT_STREAM_DEPENDS.3.gz
index 153d54054..6b382e502 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_STREAM_DEPENDS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_STREAM_DEPENDS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_STREAM_DEPENDS_E.3.gz b/msys2/usr/share/man/man3/CURLOPT_STREAM_DEPENDS_E.3.gz
index ca4657a8e..bba64dfbc 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_STREAM_DEPENDS_E.3.gz and b/msys2/usr/share/man/man3/CURLOPT_STREAM_DEPENDS_E.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_STREAM_WEIGHT.3.gz b/msys2/usr/share/man/man3/CURLOPT_STREAM_WEIGHT.3.gz
index 0f7a340fe..88ec21ca2 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_STREAM_WEIGHT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_STREAM_WEIGHT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3.gz b/msys2/usr/share/man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3.gz
index d5bb7d466..dab031be6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TCP_FASTOPEN.3.gz b/msys2/usr/share/man/man3/CURLOPT_TCP_FASTOPEN.3.gz
index 9e6fbfced..62194fab2 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TCP_FASTOPEN.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TCP_FASTOPEN.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3.gz b/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3.gz
index 5a3d49181..010305fd8 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3.gz b/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3.gz
index d38e7a692..2c0163190 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3.gz b/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3.gz
index 219fce6d9..8b31eb664 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TCP_NODELAY.3.gz b/msys2/usr/share/man/man3/CURLOPT_TCP_NODELAY.3.gz
index 66a8edd09..b6614e3ac 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TCP_NODELAY.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TCP_NODELAY.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TELNETOPTIONS.3.gz b/msys2/usr/share/man/man3/CURLOPT_TELNETOPTIONS.3.gz
index 02481f279..de2402d19 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TELNETOPTIONS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TELNETOPTIONS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3.gz b/msys2/usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3.gz
index 2ff93fb08..81e48c049 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TFTP_NO_OPTIONS.3.gz b/msys2/usr/share/man/man3/CURLOPT_TFTP_NO_OPTIONS.3.gz
index ff3ae7f6b..8742f2dc2 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TFTP_NO_OPTIONS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TFTP_NO_OPTIONS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TIMECONDITION.3.gz b/msys2/usr/share/man/man3/CURLOPT_TIMECONDITION.3.gz
index b829111d1..4630206aa 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TIMECONDITION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TIMECONDITION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TIMEOUT.3.gz b/msys2/usr/share/man/man3/CURLOPT_TIMEOUT.3.gz
index 950269dac..b9ca41a30 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TIMEOUT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TIMEOUT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TIMEOUT_MS.3.gz b/msys2/usr/share/man/man3/CURLOPT_TIMEOUT_MS.3.gz
index 98419e550..dc62a6d57 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TIMEOUT_MS.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TIMEOUT_MS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TIMEVALUE.3.gz b/msys2/usr/share/man/man3/CURLOPT_TIMEVALUE.3.gz
index abce92b6f..9a35fa615 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TIMEVALUE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TIMEVALUE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TIMEVALUE_LARGE.3.gz b/msys2/usr/share/man/man3/CURLOPT_TIMEVALUE_LARGE.3.gz
new file mode 100644
index 000000000..48fa7f4bc
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_TIMEVALUE_LARGE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TLS13_CIPHERS.3.gz b/msys2/usr/share/man/man3/CURLOPT_TLS13_CIPHERS.3.gz
new file mode 100644
index 000000000..00b536e42
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_TLS13_CIPHERS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3.gz b/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3.gz
index 25d51c7bb..b8fb9d776 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3.gz b/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3.gz
index afa5b5739..f141016ab 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3.gz b/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3.gz
index 2a8efb5bb..3ef4aca84 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TRAILERDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_TRAILERDATA.3.gz
new file mode 100644
index 000000000..a297f1868
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_TRAILERDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TRAILERFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_TRAILERFUNCTION.3.gz
new file mode 100644
index 000000000..a08815784
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_TRAILERFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TRANSFERTEXT.3.gz b/msys2/usr/share/man/man3/CURLOPT_TRANSFERTEXT.3.gz
index 4c9b6c62f..52e044282 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TRANSFERTEXT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TRANSFERTEXT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3.gz b/msys2/usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3.gz
index e8dac942b..8f2566671 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3.gz and b/msys2/usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3.gz b/msys2/usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3.gz
index edac218c1..212a74410 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3.gz b/msys2/usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3.gz
index fedeabd69..5d3713f7b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_UPKEEP_INTERVAL_MS.3.gz b/msys2/usr/share/man/man3/CURLOPT_UPKEEP_INTERVAL_MS.3.gz
new file mode 100644
index 000000000..3b8c16c62
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_UPKEEP_INTERVAL_MS.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_UPLOAD.3.gz b/msys2/usr/share/man/man3/CURLOPT_UPLOAD.3.gz
index 65ba5b46e..ef71b52af 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_UPLOAD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_UPLOAD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_UPLOAD_BUFFERSIZE.3.gz b/msys2/usr/share/man/man3/CURLOPT_UPLOAD_BUFFERSIZE.3.gz
new file mode 100644
index 000000000..4a4b366f1
Binary files /dev/null and b/msys2/usr/share/man/man3/CURLOPT_UPLOAD_BUFFERSIZE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_URL.3.gz b/msys2/usr/share/man/man3/CURLOPT_URL.3.gz
index 4aa76b3e8..3a3f3b3f5 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_URL.3.gz and b/msys2/usr/share/man/man3/CURLOPT_URL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_USERAGENT.3.gz b/msys2/usr/share/man/man3/CURLOPT_USERAGENT.3.gz
index 849a8db03..71bf456b6 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_USERAGENT.3.gz and b/msys2/usr/share/man/man3/CURLOPT_USERAGENT.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_USERNAME.3.gz b/msys2/usr/share/man/man3/CURLOPT_USERNAME.3.gz
index 1c8ff5b91..41f74112e 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_USERNAME.3.gz and b/msys2/usr/share/man/man3/CURLOPT_USERNAME.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_USERPWD.3.gz b/msys2/usr/share/man/man3/CURLOPT_USERPWD.3.gz
index 20a666ac3..c2ee0dbf7 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_USERPWD.3.gz and b/msys2/usr/share/man/man3/CURLOPT_USERPWD.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_USE_SSL.3.gz b/msys2/usr/share/man/man3/CURLOPT_USE_SSL.3.gz
index 60f4a4818..cba58c6fc 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_USE_SSL.3.gz and b/msys2/usr/share/man/man3/CURLOPT_USE_SSL.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_VERBOSE.3.gz b/msys2/usr/share/man/man3/CURLOPT_VERBOSE.3.gz
index 7ae1048a0..09c3eb74d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_VERBOSE.3.gz and b/msys2/usr/share/man/man3/CURLOPT_VERBOSE.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_WILDCARDMATCH.3.gz b/msys2/usr/share/man/man3/CURLOPT_WILDCARDMATCH.3.gz
index 8e088fbb0..90139fc6c 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_WILDCARDMATCH.3.gz and b/msys2/usr/share/man/man3/CURLOPT_WILDCARDMATCH.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_WRITEDATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_WRITEDATA.3.gz
index b72710141..bbddaf0ba 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_WRITEDATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_WRITEDATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_WRITEFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_WRITEFUNCTION.3.gz
index 2b1bad3af..f5d9bd830 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_WRITEFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_WRITEFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_XFERINFODATA.3.gz b/msys2/usr/share/man/man3/CURLOPT_XFERINFODATA.3.gz
index 8b949d657..0e5ed6140 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_XFERINFODATA.3.gz and b/msys2/usr/share/man/man3/CURLOPT_XFERINFODATA.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3.gz b/msys2/usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3.gz
index 5a8dd58ef..0cf4f262d 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3.gz and b/msys2/usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3.gz differ
diff --git a/msys2/usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3.gz b/msys2/usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3.gz
index e2878dcf1..6d650ce8b 100644
Binary files a/msys2/usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3.gz and b/msys2/usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3.gz differ
diff --git a/msys2/usr/share/man/man3/DECLARE_ASN1_FUNCTIONS.3ssl.gz b/msys2/usr/share/man/man3/DECLARE_ASN1_FUNCTIONS.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DECLARE_ASN1_FUNCTIONS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DECLARE_LHASH_OF.3ssl.gz b/msys2/usr/share/man/man3/DECLARE_LHASH_OF.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/DECLARE_LHASH_OF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DECLARE_PEM_rw.3ssl.gz b/msys2/usr/share/man/man3/DECLARE_PEM_rw.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/DECLARE_PEM_rw.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DEFINE_SPECIAL_STACK_OF.3ssl.gz b/msys2/usr/share/man/man3/DEFINE_SPECIAL_STACK_OF.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/DEFINE_SPECIAL_STACK_OF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DEFINE_SPECIAL_STACK_OF_CONST.3ssl.gz b/msys2/usr/share/man/man3/DEFINE_SPECIAL_STACK_OF_CONST.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/DEFINE_SPECIAL_STACK_OF_CONST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DEFINE_STACK_OF.3ssl.gz b/msys2/usr/share/man/man3/DEFINE_STACK_OF.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/DEFINE_STACK_OF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DEFINE_STACK_OF_CONST.3ssl.gz b/msys2/usr/share/man/man3/DEFINE_STACK_OF_CONST.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/DEFINE_STACK_OF_CONST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_cbc_cksum.3ssl.gz b/msys2/usr/share/man/man3/DES_cbc_cksum.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_cbc_cksum.3ssl.gz and b/msys2/usr/share/man/man3/DES_cbc_cksum.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_cfb64_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_cfb64_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_cfb64_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_cfb64_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_cfb_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_cfb_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_cfb_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_cfb_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_crypt.3ssl.gz b/msys2/usr/share/man/man3/DES_crypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_crypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_crypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ecb2_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ecb2_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ecb2_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ecb2_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ecb3_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ecb3_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ecb3_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ecb3_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ecb_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ecb_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ecb_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ecb_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ede2_cbc_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ede2_cbc_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ede2_cbc_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ede2_cbc_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ede2_cfb64_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ede2_cfb64_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ede2_cfb64_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ede2_cfb64_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ede2_ofb64_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ede2_ofb64_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ede2_ofb64_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ede2_ofb64_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ede3_cbc_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ede3_cbc_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ede3_cbc_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ede3_cbc_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ede3_cbcm_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ede3_cbcm_encrypt.3ssl.gz
deleted file mode 100644
index 815ebe554..000000000
Binary files a/msys2/usr/share/man/man3/DES_ede3_cbcm_encrypt.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/DES_ede3_cfb64_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ede3_cfb64_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ede3_cfb64_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ede3_cfb64_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ede3_ofb64_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ede3_ofb64_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ede3_ofb64_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ede3_ofb64_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_enc_read.3ssl.gz b/msys2/usr/share/man/man3/DES_enc_read.3ssl.gz
deleted file mode 100644
index 815ebe554..000000000
Binary files a/msys2/usr/share/man/man3/DES_enc_read.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/DES_enc_write.3ssl.gz b/msys2/usr/share/man/man3/DES_enc_write.3ssl.gz
deleted file mode 100644
index 815ebe554..000000000
Binary files a/msys2/usr/share/man/man3/DES_enc_write.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/DES_fcrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_fcrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_fcrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_fcrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_is_weak_key.3ssl.gz b/msys2/usr/share/man/man3/DES_is_weak_key.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_is_weak_key.3ssl.gz and b/msys2/usr/share/man/man3/DES_is_weak_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_key_sched.3ssl.gz b/msys2/usr/share/man/man3/DES_key_sched.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_key_sched.3ssl.gz and b/msys2/usr/share/man/man3/DES_key_sched.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ncbc_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ncbc_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ncbc_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ncbc_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ofb64_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ofb64_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ofb64_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ofb64_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_ofb_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_ofb_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_ofb_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_ofb_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_pcbc_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_pcbc_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_pcbc_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_pcbc_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_quad_cksum.3ssl.gz b/msys2/usr/share/man/man3/DES_quad_cksum.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_quad_cksum.3ssl.gz and b/msys2/usr/share/man/man3/DES_quad_cksum.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_random_key.3ssl.gz b/msys2/usr/share/man/man3/DES_random_key.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_random_key.3ssl.gz and b/msys2/usr/share/man/man3/DES_random_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_set_key.3ssl.gz b/msys2/usr/share/man/man3/DES_set_key.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_set_key.3ssl.gz and b/msys2/usr/share/man/man3/DES_set_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_set_key_checked.3ssl.gz b/msys2/usr/share/man/man3/DES_set_key_checked.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_set_key_checked.3ssl.gz and b/msys2/usr/share/man/man3/DES_set_key_checked.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_set_key_unchecked.3ssl.gz b/msys2/usr/share/man/man3/DES_set_key_unchecked.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_set_key_unchecked.3ssl.gz and b/msys2/usr/share/man/man3/DES_set_key_unchecked.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_set_odd_parity.3ssl.gz b/msys2/usr/share/man/man3/DES_set_odd_parity.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_set_odd_parity.3ssl.gz and b/msys2/usr/share/man/man3/DES_set_odd_parity.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_string_to_2keys.3ssl.gz b/msys2/usr/share/man/man3/DES_string_to_2keys.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_string_to_2keys.3ssl.gz and b/msys2/usr/share/man/man3/DES_string_to_2keys.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_string_to_key.3ssl.gz b/msys2/usr/share/man/man3/DES_string_to_key.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_string_to_key.3ssl.gz and b/msys2/usr/share/man/man3/DES_string_to_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DES_xcbc_encrypt.3ssl.gz b/msys2/usr/share/man/man3/DES_xcbc_encrypt.3ssl.gz
index 815ebe554..7499a99ea 100644
Binary files a/msys2/usr/share/man/man3/DES_xcbc_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/DES_xcbc_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_OpenSSL.3ssl.gz b/msys2/usr/share/man/man3/DH_OpenSSL.3ssl.gz
index 439a2cc98..b2ef31705 100644
Binary files a/msys2/usr/share/man/man3/DH_OpenSSL.3ssl.gz and b/msys2/usr/share/man/man3/DH_OpenSSL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_bits.3ssl.gz b/msys2/usr/share/man/man3/DH_bits.3ssl.gz
new file mode 100644
index 000000000..7d0705e16
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_check.3ssl.gz b/msys2/usr/share/man/man3/DH_check.3ssl.gz
index 07895ffcd..ce00eafa6 100644
Binary files a/msys2/usr/share/man/man3/DH_check.3ssl.gz and b/msys2/usr/share/man/man3/DH_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_check_ex.3ssl.gz b/msys2/usr/share/man/man3/DH_check_ex.3ssl.gz
new file mode 100644
index 000000000..ce00eafa6
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_check_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_check_params.3ssl.gz b/msys2/usr/share/man/man3/DH_check_params.3ssl.gz
new file mode 100644
index 000000000..ce00eafa6
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_check_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_check_params_ex.3ssl.gz b/msys2/usr/share/man/man3/DH_check_params_ex.3ssl.gz
new file mode 100644
index 000000000..ce00eafa6
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_check_params_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_check_pub_key_ex.3ssl.gz b/msys2/usr/share/man/man3/DH_check_pub_key_ex.3ssl.gz
new file mode 100644
index 000000000..ce00eafa6
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_check_pub_key_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/DH_clear_flags.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_compute_key.3ssl.gz b/msys2/usr/share/man/man3/DH_compute_key.3ssl.gz
index 51e809d0b..54e692d70 100644
Binary files a/msys2/usr/share/man/man3/DH_compute_key.3ssl.gz and b/msys2/usr/share/man/man3/DH_compute_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_free.3ssl.gz b/msys2/usr/share/man/man3/DH_free.3ssl.gz
index 41fe28826..5d4d8a94e 100644
Binary files a/msys2/usr/share/man/man3/DH_free.3ssl.gz and b/msys2/usr/share/man/man3/DH_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_generate_key.3ssl.gz b/msys2/usr/share/man/man3/DH_generate_key.3ssl.gz
index 51e809d0b..54e692d70 100644
Binary files a/msys2/usr/share/man/man3/DH_generate_key.3ssl.gz and b/msys2/usr/share/man/man3/DH_generate_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_generate_parameters.3ssl.gz b/msys2/usr/share/man/man3/DH_generate_parameters.3ssl.gz
index 07895ffcd..ce00eafa6 100644
Binary files a/msys2/usr/share/man/man3/DH_generate_parameters.3ssl.gz and b/msys2/usr/share/man/man3/DH_generate_parameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_generate_parameters_ex.3ssl.gz b/msys2/usr/share/man/man3/DH_generate_parameters_ex.3ssl.gz
index 07895ffcd..ce00eafa6 100644
Binary files a/msys2/usr/share/man/man3/DH_generate_parameters_ex.3ssl.gz and b/msys2/usr/share/man/man3/DH_generate_parameters_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get0_engine.3ssl.gz b/msys2/usr/share/man/man3/DH_get0_engine.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get0_engine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get0_g.3ssl.gz b/msys2/usr/share/man/man3/DH_get0_g.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get0_g.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get0_key.3ssl.gz b/msys2/usr/share/man/man3/DH_get0_key.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get0_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get0_p.3ssl.gz b/msys2/usr/share/man/man3/DH_get0_p.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get0_p.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get0_pqg.3ssl.gz b/msys2/usr/share/man/man3/DH_get0_pqg.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get0_pqg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get0_priv_key.3ssl.gz b/msys2/usr/share/man/man3/DH_get0_priv_key.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get0_priv_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get0_pub_key.3ssl.gz b/msys2/usr/share/man/man3/DH_get0_pub_key.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get0_pub_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get0_q.3ssl.gz b/msys2/usr/share/man/man3/DH_get0_q.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get0_q.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get_1024_160.3ssl.gz b/msys2/usr/share/man/man3/DH_get_1024_160.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get_1024_160.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get_2048_224.3ssl.gz b/msys2/usr/share/man/man3/DH_get_2048_224.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get_2048_224.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get_2048_256.3ssl.gz b/msys2/usr/share/man/man3/DH_get_2048_256.3ssl.gz
new file mode 100644
index 000000000..2668c226a
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get_2048_256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get_default_method.3ssl.gz b/msys2/usr/share/man/man3/DH_get_default_method.3ssl.gz
index 439a2cc98..b2ef31705 100644
Binary files a/msys2/usr/share/man/man3/DH_get_default_method.3ssl.gz and b/msys2/usr/share/man/man3/DH_get_default_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/DH_get_ex_data.3ssl.gz
index ebbf19cb5..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/DH_get_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/DH_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/DH_get_ex_new_index.3ssl.gz
index ebbf19cb5..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/DH_get_ex_new_index.3ssl.gz and b/msys2/usr/share/man/man3/DH_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get_length.3ssl.gz b/msys2/usr/share/man/man3/DH_get_length.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_get_nid.3ssl.gz b/msys2/usr/share/man/man3/DH_get_nid.3ssl.gz
new file mode 100644
index 000000000..7f8640d37
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_get_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_dup.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_dup.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_free.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_free.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get0_app_data.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get0_app_data.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get0_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get0_name.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get0_name.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get0_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get_bn_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get_bn_mod_exp.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get_bn_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get_compute_key.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get_compute_key.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get_compute_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get_finish.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get_finish.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get_finish.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get_flags.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get_flags.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get_generate_key.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get_generate_key.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get_generate_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get_generate_params.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get_generate_params.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get_generate_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_get_init.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_get_init.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_get_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_new.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_new.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set0_app_data.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set0_app_data.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set0_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set1_name.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set1_name.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set1_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set_bn_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set_bn_mod_exp.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set_bn_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set_compute_key.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set_compute_key.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set_compute_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set_finish.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set_finish.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set_finish.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set_flags.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set_flags.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set_generate_key.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set_generate_key.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set_generate_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set_generate_params.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set_generate_params.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set_generate_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_meth_set_init.3ssl.gz b/msys2/usr/share/man/man3/DH_meth_set_init.3ssl.gz
new file mode 100644
index 000000000..40959d9dc
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_meth_set_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_new.3ssl.gz b/msys2/usr/share/man/man3/DH_new.3ssl.gz
index 41fe28826..5d4d8a94e 100644
Binary files a/msys2/usr/share/man/man3/DH_new.3ssl.gz and b/msys2/usr/share/man/man3/DH_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_new_by_nid.3ssl.gz b/msys2/usr/share/man/man3/DH_new_by_nid.3ssl.gz
new file mode 100644
index 000000000..7f8640d37
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_new_by_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_new_method.3ssl.gz b/msys2/usr/share/man/man3/DH_new_method.3ssl.gz
index 439a2cc98..b2ef31705 100644
Binary files a/msys2/usr/share/man/man3/DH_new_method.3ssl.gz and b/msys2/usr/share/man/man3/DH_new_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_security_bits.3ssl.gz b/msys2/usr/share/man/man3/DH_security_bits.3ssl.gz
new file mode 100644
index 000000000..7d0705e16
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_security_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_set0_key.3ssl.gz b/msys2/usr/share/man/man3/DH_set0_key.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_set0_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_set0_pqg.3ssl.gz b/msys2/usr/share/man/man3/DH_set0_pqg.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_set0_pqg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_set_default_method.3ssl.gz b/msys2/usr/share/man/man3/DH_set_default_method.3ssl.gz
index 439a2cc98..b2ef31705 100644
Binary files a/msys2/usr/share/man/man3/DH_set_default_method.3ssl.gz and b/msys2/usr/share/man/man3/DH_set_default_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/DH_set_ex_data.3ssl.gz
index ebbf19cb5..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/DH_set_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/DH_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_set_flags.3ssl.gz b/msys2/usr/share/man/man3/DH_set_flags.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_set_length.3ssl.gz b/msys2/usr/share/man/man3/DH_set_length.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_set_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_set_method.3ssl.gz b/msys2/usr/share/man/man3/DH_set_method.3ssl.gz
index 439a2cc98..b2ef31705 100644
Binary files a/msys2/usr/share/man/man3/DH_set_method.3ssl.gz and b/msys2/usr/share/man/man3/DH_set_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_size.3ssl.gz b/msys2/usr/share/man/man3/DH_size.3ssl.gz
index c7c906196..7d0705e16 100644
Binary files a/msys2/usr/share/man/man3/DH_size.3ssl.gz and b/msys2/usr/share/man/man3/DH_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DH_test_flags.3ssl.gz b/msys2/usr/share/man/man3/DH_test_flags.3ssl.gz
new file mode 100644
index 000000000..1decc9a0c
Binary files /dev/null and b/msys2/usr/share/man/man3/DH_test_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DHparams_print.3ssl.gz b/msys2/usr/share/man/man3/DHparams_print.3ssl.gz
index 5e37a83dd..b52fbe13e 100644
Binary files a/msys2/usr/share/man/man3/DHparams_print.3ssl.gz and b/msys2/usr/share/man/man3/DHparams_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DHparams_print_fp.3ssl.gz b/msys2/usr/share/man/man3/DHparams_print_fp.3ssl.gz
index 5e37a83dd..b52fbe13e 100644
Binary files a/msys2/usr/share/man/man3/DHparams_print_fp.3ssl.gz and b/msys2/usr/share/man/man3/DHparams_print_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DIRECTORYSTRING_free.3ssl.gz b/msys2/usr/share/man/man3/DIRECTORYSTRING_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DIRECTORYSTRING_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DIRECTORYSTRING_new.3ssl.gz b/msys2/usr/share/man/man3/DIRECTORYSTRING_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DIRECTORYSTRING_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DISPLAYTEXT_free.3ssl.gz b/msys2/usr/share/man/man3/DISPLAYTEXT_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DISPLAYTEXT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DISPLAYTEXT_new.3ssl.gz b/msys2/usr/share/man/man3/DISPLAYTEXT_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DISPLAYTEXT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DIST_POINT_NAME_free.3ssl.gz b/msys2/usr/share/man/man3/DIST_POINT_NAME_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DIST_POINT_NAME_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DIST_POINT_NAME_new.3ssl.gz b/msys2/usr/share/man/man3/DIST_POINT_NAME_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DIST_POINT_NAME_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DIST_POINT_free.3ssl.gz b/msys2/usr/share/man/man3/DIST_POINT_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DIST_POINT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DIST_POINT_new.3ssl.gz b/msys2/usr/share/man/man3/DIST_POINT_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DIST_POINT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_OpenSSL.3ssl.gz b/msys2/usr/share/man/man3/DSA_OpenSSL.3ssl.gz
index ade7f4c01..b82bf4e03 100644
Binary files a/msys2/usr/share/man/man3/DSA_OpenSSL.3ssl.gz and b/msys2/usr/share/man/man3/DSA_OpenSSL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_SIG_free.3ssl.gz b/msys2/usr/share/man/man3/DSA_SIG_free.3ssl.gz
index f446dbce5..b1b191f8d 100644
Binary files a/msys2/usr/share/man/man3/DSA_SIG_free.3ssl.gz and b/msys2/usr/share/man/man3/DSA_SIG_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_SIG_get0.3ssl.gz b/msys2/usr/share/man/man3/DSA_SIG_get0.3ssl.gz
new file mode 100644
index 000000000..b1b191f8d
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_SIG_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_SIG_new.3ssl.gz b/msys2/usr/share/man/man3/DSA_SIG_new.3ssl.gz
index f446dbce5..b1b191f8d 100644
Binary files a/msys2/usr/share/man/man3/DSA_SIG_new.3ssl.gz and b/msys2/usr/share/man/man3/DSA_SIG_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_SIG_set0.3ssl.gz b/msys2/usr/share/man/man3/DSA_SIG_set0.3ssl.gz
new file mode 100644
index 000000000..b1b191f8d
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_SIG_set0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_bits.3ssl.gz b/msys2/usr/share/man/man3/DSA_bits.3ssl.gz
new file mode 100644
index 000000000..ef88f49df
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/DSA_clear_flags.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_do_sign.3ssl.gz b/msys2/usr/share/man/man3/DSA_do_sign.3ssl.gz
index 85026d3b9..aeebbef6f 100644
Binary files a/msys2/usr/share/man/man3/DSA_do_sign.3ssl.gz and b/msys2/usr/share/man/man3/DSA_do_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_do_verify.3ssl.gz b/msys2/usr/share/man/man3/DSA_do_verify.3ssl.gz
index 85026d3b9..aeebbef6f 100644
Binary files a/msys2/usr/share/man/man3/DSA_do_verify.3ssl.gz and b/msys2/usr/share/man/man3/DSA_do_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_dup_DH.3ssl.gz b/msys2/usr/share/man/man3/DSA_dup_DH.3ssl.gz
index 1f533c842..c49394893 100644
Binary files a/msys2/usr/share/man/man3/DSA_dup_DH.3ssl.gz and b/msys2/usr/share/man/man3/DSA_dup_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_free.3ssl.gz b/msys2/usr/share/man/man3/DSA_free.3ssl.gz
index 7de429b7f..ce0db0ed4 100644
Binary files a/msys2/usr/share/man/man3/DSA_free.3ssl.gz and b/msys2/usr/share/man/man3/DSA_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_generate_key.3ssl.gz b/msys2/usr/share/man/man3/DSA_generate_key.3ssl.gz
index b637c0582..8239d0f5a 100644
Binary files a/msys2/usr/share/man/man3/DSA_generate_key.3ssl.gz and b/msys2/usr/share/man/man3/DSA_generate_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_generate_parameters.3ssl.gz b/msys2/usr/share/man/man3/DSA_generate_parameters.3ssl.gz
index c76345d90..8b9902068 100644
Binary files a/msys2/usr/share/man/man3/DSA_generate_parameters.3ssl.gz and b/msys2/usr/share/man/man3/DSA_generate_parameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_generate_parameters_ex.3ssl.gz b/msys2/usr/share/man/man3/DSA_generate_parameters_ex.3ssl.gz
index c76345d90..8b9902068 100644
Binary files a/msys2/usr/share/man/man3/DSA_generate_parameters_ex.3ssl.gz and b/msys2/usr/share/man/man3/DSA_generate_parameters_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get0_engine.3ssl.gz b/msys2/usr/share/man/man3/DSA_get0_engine.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_get0_engine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get0_g.3ssl.gz b/msys2/usr/share/man/man3/DSA_get0_g.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_get0_g.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get0_key.3ssl.gz b/msys2/usr/share/man/man3/DSA_get0_key.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_get0_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get0_p.3ssl.gz b/msys2/usr/share/man/man3/DSA_get0_p.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_get0_p.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get0_pqg.3ssl.gz b/msys2/usr/share/man/man3/DSA_get0_pqg.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_get0_pqg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get0_priv_key.3ssl.gz b/msys2/usr/share/man/man3/DSA_get0_priv_key.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_get0_priv_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get0_pub_key.3ssl.gz b/msys2/usr/share/man/man3/DSA_get0_pub_key.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_get0_pub_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get0_q.3ssl.gz b/msys2/usr/share/man/man3/DSA_get0_q.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_get0_q.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get_default_method.3ssl.gz b/msys2/usr/share/man/man3/DSA_get_default_method.3ssl.gz
index ade7f4c01..b82bf4e03 100644
Binary files a/msys2/usr/share/man/man3/DSA_get_default_method.3ssl.gz and b/msys2/usr/share/man/man3/DSA_get_default_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/DSA_get_ex_data.3ssl.gz
index ae49be4de..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/DSA_get_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/DSA_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/DSA_get_ex_new_index.3ssl.gz
index ae49be4de..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/DSA_get_ex_new_index.3ssl.gz and b/msys2/usr/share/man/man3/DSA_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_dup.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_dup.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_free.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_free.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get0_app_data.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get0_app_data.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get0_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get0_name.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get0_name.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get0_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_bn_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_bn_mod_exp.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_bn_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_finish.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_finish.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_finish.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_flags.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_flags.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_init.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_init.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_keygen.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_keygen.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_mod_exp.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_paramgen.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_paramgen.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_paramgen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_sign.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_sign.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_sign_setup.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_sign_setup.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_sign_setup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_get_verify.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_get_verify.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_get_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_new.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_new.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set0_app_data.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set0_app_data.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set0_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set1_name.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set1_name.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set1_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_bn_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_bn_mod_exp.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_bn_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_finish.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_finish.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_finish.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_flags.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_flags.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_init.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_init.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_keygen.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_keygen.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_mod_exp.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_paramgen.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_paramgen.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_paramgen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_sign.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_sign.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_sign_setup.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_sign_setup.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_sign_setup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_meth_set_verify.3ssl.gz b/msys2/usr/share/man/man3/DSA_meth_set_verify.3ssl.gz
new file mode 100644
index 000000000..c6e200e12
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_meth_set_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_new.3ssl.gz b/msys2/usr/share/man/man3/DSA_new.3ssl.gz
index 7de429b7f..ce0db0ed4 100644
Binary files a/msys2/usr/share/man/man3/DSA_new.3ssl.gz and b/msys2/usr/share/man/man3/DSA_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_new_method.3ssl.gz b/msys2/usr/share/man/man3/DSA_new_method.3ssl.gz
index ade7f4c01..b82bf4e03 100644
Binary files a/msys2/usr/share/man/man3/DSA_new_method.3ssl.gz and b/msys2/usr/share/man/man3/DSA_new_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_print.3ssl.gz b/msys2/usr/share/man/man3/DSA_print.3ssl.gz
index 5e37a83dd..b52fbe13e 100644
Binary files a/msys2/usr/share/man/man3/DSA_print.3ssl.gz and b/msys2/usr/share/man/man3/DSA_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_print_fp.3ssl.gz b/msys2/usr/share/man/man3/DSA_print_fp.3ssl.gz
index 5e37a83dd..b52fbe13e 100644
Binary files a/msys2/usr/share/man/man3/DSA_print_fp.3ssl.gz and b/msys2/usr/share/man/man3/DSA_print_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_security_bits.3ssl.gz b/msys2/usr/share/man/man3/DSA_security_bits.3ssl.gz
new file mode 100644
index 000000000..ef88f49df
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_security_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_set0_key.3ssl.gz b/msys2/usr/share/man/man3/DSA_set0_key.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_set0_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_set0_pqg.3ssl.gz b/msys2/usr/share/man/man3/DSA_set0_pqg.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_set0_pqg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_set_default_method.3ssl.gz b/msys2/usr/share/man/man3/DSA_set_default_method.3ssl.gz
index ade7f4c01..b82bf4e03 100644
Binary files a/msys2/usr/share/man/man3/DSA_set_default_method.3ssl.gz and b/msys2/usr/share/man/man3/DSA_set_default_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/DSA_set_ex_data.3ssl.gz
index ae49be4de..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/DSA_set_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/DSA_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_set_flags.3ssl.gz b/msys2/usr/share/man/man3/DSA_set_flags.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_set_method.3ssl.gz b/msys2/usr/share/man/man3/DSA_set_method.3ssl.gz
index ade7f4c01..b82bf4e03 100644
Binary files a/msys2/usr/share/man/man3/DSA_set_method.3ssl.gz and b/msys2/usr/share/man/man3/DSA_set_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_sign.3ssl.gz b/msys2/usr/share/man/man3/DSA_sign.3ssl.gz
index 221bdd2d6..73f36e07d 100644
Binary files a/msys2/usr/share/man/man3/DSA_sign.3ssl.gz and b/msys2/usr/share/man/man3/DSA_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_sign_setup.3ssl.gz b/msys2/usr/share/man/man3/DSA_sign_setup.3ssl.gz
index 221bdd2d6..73f36e07d 100644
Binary files a/msys2/usr/share/man/man3/DSA_sign_setup.3ssl.gz and b/msys2/usr/share/man/man3/DSA_sign_setup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_size.3ssl.gz b/msys2/usr/share/man/man3/DSA_size.3ssl.gz
index 05599f676..ef88f49df 100644
Binary files a/msys2/usr/share/man/man3/DSA_size.3ssl.gz and b/msys2/usr/share/man/man3/DSA_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_test_flags.3ssl.gz b/msys2/usr/share/man/man3/DSA_test_flags.3ssl.gz
new file mode 100644
index 000000000..f57ef7236
Binary files /dev/null and b/msys2/usr/share/man/man3/DSA_test_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSA_verify.3ssl.gz b/msys2/usr/share/man/man3/DSA_verify.3ssl.gz
index 221bdd2d6..73f36e07d 100644
Binary files a/msys2/usr/share/man/man3/DSA_verify.3ssl.gz and b/msys2/usr/share/man/man3/DSA_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSAparams_dup.3ssl.gz b/msys2/usr/share/man/man3/DSAparams_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/DSAparams_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSAparams_print.3ssl.gz b/msys2/usr/share/man/man3/DSAparams_print.3ssl.gz
index 5e37a83dd..b52fbe13e 100644
Binary files a/msys2/usr/share/man/man3/DSAparams_print.3ssl.gz and b/msys2/usr/share/man/man3/DSAparams_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DSAparams_print_fp.3ssl.gz b/msys2/usr/share/man/man3/DSAparams_print_fp.3ssl.gz
index 5e37a83dd..b52fbe13e 100644
Binary files a/msys2/usr/share/man/man3/DSAparams_print_fp.3ssl.gz and b/msys2/usr/share/man/man3/DSAparams_print_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLS_client_method.3ssl.gz b/msys2/usr/share/man/man3/DTLS_client_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLS_client_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLS_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLS_get_data_mtu.3ssl.gz b/msys2/usr/share/man/man3/DTLS_get_data_mtu.3ssl.gz
new file mode 100644
index 000000000..d0397fe33
Binary files /dev/null and b/msys2/usr/share/man/man3/DTLS_get_data_mtu.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLS_method.3ssl.gz b/msys2/usr/share/man/man3/DTLS_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLS_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLS_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLS_server_method.3ssl.gz b/msys2/usr/share/man/man3/DTLS_server_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLS_server_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLS_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLS_set_timer_cb.3ssl.gz b/msys2/usr/share/man/man3/DTLS_set_timer_cb.3ssl.gz
new file mode 100644
index 000000000..12ba10a51
Binary files /dev/null and b/msys2/usr/share/man/man3/DTLS_set_timer_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLS_timer_cb.3ssl.gz b/msys2/usr/share/man/man3/DTLS_timer_cb.3ssl.gz
new file mode 100644
index 000000000..12ba10a51
Binary files /dev/null and b/msys2/usr/share/man/man3/DTLS_timer_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLSv1_2_client_method.3ssl.gz b/msys2/usr/share/man/man3/DTLSv1_2_client_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLSv1_2_client_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLSv1_2_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLSv1_2_method.3ssl.gz b/msys2/usr/share/man/man3/DTLSv1_2_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLSv1_2_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLSv1_2_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLSv1_2_server_method.3ssl.gz b/msys2/usr/share/man/man3/DTLSv1_2_server_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLSv1_2_server_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLSv1_2_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLSv1_client_method.3ssl.gz b/msys2/usr/share/man/man3/DTLSv1_client_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLSv1_client_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLSv1_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLSv1_listen.3ssl.gz b/msys2/usr/share/man/man3/DTLSv1_listen.3ssl.gz
new file mode 100644
index 000000000..a312d56a7
Binary files /dev/null and b/msys2/usr/share/man/man3/DTLSv1_listen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLSv1_method.3ssl.gz b/msys2/usr/share/man/man3/DTLSv1_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLSv1_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLSv1_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/DTLSv1_server_method.3ssl.gz b/msys2/usr/share/man/man3/DTLSv1_server_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/DTLSv1_server_method.3ssl.gz and b/msys2/usr/share/man/man3/DTLSv1_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDH_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/ECDH_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/ECDH_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDH_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/ECDH_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/ECDH_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDH_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/ECDH_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/ECDH_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_SIG_free.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_SIG_free.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_SIG_free.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_SIG_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_SIG_get0.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_SIG_get0.3ssl.gz
new file mode 100644
index 000000000..20b845240
Binary files /dev/null and b/msys2/usr/share/man/man3/ECDSA_SIG_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_SIG_get0_r.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_SIG_get0_r.3ssl.gz
new file mode 100644
index 000000000..20b845240
Binary files /dev/null and b/msys2/usr/share/man/man3/ECDSA_SIG_get0_r.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_SIG_get0_s.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_SIG_get0_s.3ssl.gz
new file mode 100644
index 000000000..20b845240
Binary files /dev/null and b/msys2/usr/share/man/man3/ECDSA_SIG_get0_s.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_SIG_new.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_SIG_new.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_SIG_new.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_SIG_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_SIG_set0.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_SIG_set0.3ssl.gz
new file mode 100644
index 000000000..20b845240
Binary files /dev/null and b/msys2/usr/share/man/man3/ECDSA_SIG_set0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_do_sign.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_do_sign.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_do_sign.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_do_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_do_sign_ex.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_do_sign_ex.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_do_sign_ex.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_do_sign_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_do_verify.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_do_verify.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_do_verify.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_do_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_sign.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_sign.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_sign.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_sign_ex.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_sign_ex.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_sign_ex.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_sign_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_sign_setup.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_sign_setup.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_sign_setup.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_sign_setup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_size.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_size.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_size.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECDSA_verify.3ssl.gz b/msys2/usr/share/man/man3/ECDSA_verify.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/ECDSA_verify.3ssl.gz and b/msys2/usr/share/man/man3/ECDSA_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECPARAMETERS_free.3ssl.gz b/msys2/usr/share/man/man3/ECPARAMETERS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ECPARAMETERS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECPARAMETERS_new.3ssl.gz b/msys2/usr/share/man/man3/ECPARAMETERS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ECPARAMETERS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECPKPARAMETERS_free.3ssl.gz b/msys2/usr/share/man/man3/ECPKPARAMETERS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ECPKPARAMETERS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECPKPARAMETERS_new.3ssl.gz b/msys2/usr/share/man/man3/ECPKPARAMETERS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ECPKPARAMETERS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECPKParameters_print.3ssl.gz b/msys2/usr/share/man/man3/ECPKParameters_print.3ssl.gz
index 8e3be2b34..556bc5f19 100644
Binary files a/msys2/usr/share/man/man3/ECPKParameters_print.3ssl.gz and b/msys2/usr/share/man/man3/ECPKParameters_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ECPKParameters_print_fp.3ssl.gz b/msys2/usr/share/man/man3/ECPKParameters_print_fp.3ssl.gz
index 8e3be2b34..556bc5f19 100644
Binary files a/msys2/usr/share/man/man3/ECPKParameters_print_fp.3ssl.gz and b/msys2/usr/share/man/man3/ECPKParameters_print_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GF2m_simple_method.3ssl.gz b/msys2/usr/share/man/man3/EC_GF2m_simple_method.3ssl.gz
index b9bca7518..10f8dbf3d 100644
Binary files a/msys2/usr/share/man/man3/EC_GF2m_simple_method.3ssl.gz and b/msys2/usr/share/man/man3/EC_GF2m_simple_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GFp_mont_method.3ssl.gz b/msys2/usr/share/man/man3/EC_GFp_mont_method.3ssl.gz
index b9bca7518..10f8dbf3d 100644
Binary files a/msys2/usr/share/man/man3/EC_GFp_mont_method.3ssl.gz and b/msys2/usr/share/man/man3/EC_GFp_mont_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GFp_nist_method.3ssl.gz b/msys2/usr/share/man/man3/EC_GFp_nist_method.3ssl.gz
index b9bca7518..10f8dbf3d 100644
Binary files a/msys2/usr/share/man/man3/EC_GFp_nist_method.3ssl.gz and b/msys2/usr/share/man/man3/EC_GFp_nist_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GFp_nistp224_method.3ssl.gz b/msys2/usr/share/man/man3/EC_GFp_nistp224_method.3ssl.gz
index b9bca7518..10f8dbf3d 100644
Binary files a/msys2/usr/share/man/man3/EC_GFp_nistp224_method.3ssl.gz and b/msys2/usr/share/man/man3/EC_GFp_nistp224_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GFp_nistp256_method.3ssl.gz b/msys2/usr/share/man/man3/EC_GFp_nistp256_method.3ssl.gz
index b9bca7518..10f8dbf3d 100644
Binary files a/msys2/usr/share/man/man3/EC_GFp_nistp256_method.3ssl.gz and b/msys2/usr/share/man/man3/EC_GFp_nistp256_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GFp_nistp521_method.3ssl.gz b/msys2/usr/share/man/man3/EC_GFp_nistp521_method.3ssl.gz
index b9bca7518..10f8dbf3d 100644
Binary files a/msys2/usr/share/man/man3/EC_GFp_nistp521_method.3ssl.gz and b/msys2/usr/share/man/man3/EC_GFp_nistp521_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GFp_simple_method.3ssl.gz b/msys2/usr/share/man/man3/EC_GFp_simple_method.3ssl.gz
index b9bca7518..10f8dbf3d 100644
Binary files a/msys2/usr/share/man/man3/EC_GFp_simple_method.3ssl.gz and b/msys2/usr/share/man/man3/EC_GFp_simple_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_check.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_check.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_check.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_check_discriminant.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_check_discriminant.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_check_discriminant.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_check_discriminant.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_clear_free.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_clear_free.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_clear_free.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_clear_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_cmp.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_cmp.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_cmp.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_copy.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_copy.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_copy.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_dup.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_dup.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_dup.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_free.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_free.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_free.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get0_cofactor.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get0_cofactor.3ssl.gz
new file mode 100644
index 000000000..c98e5331e
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_get0_cofactor.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get0_generator.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get0_generator.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get0_generator.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get0_generator.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get0_order.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get0_order.3ssl.gz
new file mode 100644
index 000000000..c98e5331e
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_get0_order.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get0_seed.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get0_seed.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get0_seed.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get0_seed.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_asn1_flag.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_asn1_flag.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_asn1_flag.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_asn1_flag.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_basis_type.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_basis_type.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_basis_type.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_basis_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_cofactor.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_cofactor.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_cofactor.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_cofactor.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_curve.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_curve.3ssl.gz
new file mode 100644
index 000000000..9827d8225
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_get_curve.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_curve_GF2m.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_curve_GF2m.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_curve_GF2m.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_curve_GF2m.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_curve_GFp.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_curve_GFp.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_curve_GFp.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_curve_GFp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_curve_name.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_curve_name.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_curve_name.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_curve_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_degree.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_degree.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_degree.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_degree.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_ecparameters.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_ecparameters.3ssl.gz
new file mode 100644
index 000000000..9827d8225
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_get_ecparameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_ecpkparameters.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_ecpkparameters.3ssl.gz
new file mode 100644
index 000000000..9827d8225
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_get_ecpkparameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_order.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_order.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_order.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_order.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_pentanomial_basis.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_pentanomial_basis.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_pentanomial_basis.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_pentanomial_basis.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_point_conversion_form.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_point_conversion_form.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_point_conversion_form.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_point_conversion_form.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_seed_len.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_seed_len.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_seed_len.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_seed_len.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_get_trinomial_basis.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_get_trinomial_basis.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_get_trinomial_basis.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_get_trinomial_basis.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_have_precompute_mult.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_have_precompute_mult.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_have_precompute_mult.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_have_precompute_mult.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_method_of.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_method_of.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_method_of.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_method_of.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_new.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_new.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_new.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_new_by_curve_name.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_new_by_curve_name.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_new_by_curve_name.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_new_by_curve_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_new_curve_GF2m.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_new_curve_GF2m.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_new_curve_GF2m.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_new_curve_GF2m.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_new_curve_GFp.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_new_curve_GFp.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_new_curve_GFp.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_new_curve_GFp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_new_from_ecparameters.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_new_from_ecparameters.3ssl.gz
new file mode 100644
index 000000000..9827d8225
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_new_from_ecparameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_new_from_ecpkparameters.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_new_from_ecpkparameters.3ssl.gz
new file mode 100644
index 000000000..9827d8225
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_new_from_ecpkparameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_order_bits.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_order_bits.3ssl.gz
new file mode 100644
index 000000000..c98e5331e
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_order_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_precompute_mult.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_precompute_mult.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_precompute_mult.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_precompute_mult.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_set_asn1_flag.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_set_asn1_flag.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_set_asn1_flag.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_set_asn1_flag.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_set_curve.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_set_curve.3ssl.gz
new file mode 100644
index 000000000..9827d8225
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_GROUP_set_curve.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_set_curve_GF2m.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_set_curve_GF2m.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_set_curve_GF2m.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_set_curve_GF2m.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_set_curve_GFp.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_set_curve_GFp.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_set_curve_GFp.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_set_curve_GFp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_set_curve_name.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_set_curve_name.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_set_curve_name.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_set_curve_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_set_generator.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_set_generator.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_set_generator.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_set_generator.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_set_point_conversion_form.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_set_point_conversion_form.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_set_point_conversion_form.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_set_point_conversion_form.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_GROUP_set_seed.3ssl.gz b/msys2/usr/share/man/man3/EC_GROUP_set_seed.3ssl.gz
index 13dd4b8a0..c98e5331e 100644
Binary files a/msys2/usr/share/man/man3/EC_GROUP_set_seed.3ssl.gz and b/msys2/usr/share/man/man3/EC_GROUP_set_seed.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_check_key.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_check_key.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_check_key.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_check_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_clear_flags.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_clear_flags.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_copy.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_copy.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_copy.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_dup.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_dup.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_dup.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_free.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_free.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_free.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_generate_key.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_generate_key.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_generate_key.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_generate_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get0_engine.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get0_engine.3ssl.gz
new file mode 100644
index 000000000..c8b5acebf
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_get0_engine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get0_group.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get0_group.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_get0_group.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_get0_group.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get0_private_key.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get0_private_key.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_get0_private_key.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_get0_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get0_public_key.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get0_public_key.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_get0_public_key.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_get0_public_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get_conv_form.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get_conv_form.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_get_conv_form.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_get_conv_form.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get_enc_flags.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get_enc_flags.3ssl.gz
index 03af27944..ed80617be 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_get_enc_flags.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_get_enc_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get_flags.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get_flags.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_get_flags.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_get_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get_key_method_data.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get_key_method_data.3ssl.gz
deleted file mode 100644
index 03af27944..000000000
Binary files a/msys2/usr/share/man/man3/EC_KEY_get_key_method_data.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_get_method.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_get_method.3ssl.gz
new file mode 100644
index 000000000..c8b5acebf
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_get_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_insert_key_method_data.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_insert_key_method_data.3ssl.gz
deleted file mode 100644
index 03af27944..000000000
Binary files a/msys2/usr/share/man/man3/EC_KEY_insert_key_method_data.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_key2buf.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_key2buf.3ssl.gz
new file mode 100644
index 000000000..c8b5acebf
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_key2buf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_new.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_new.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_new.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_new_by_curve_name.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_new_by_curve_name.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_new_by_curve_name.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_new_by_curve_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_oct2key.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_oct2key.3ssl.gz
new file mode 100644
index 000000000..c8b5acebf
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_oct2key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_oct2priv.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_oct2priv.3ssl.gz
new file mode 100644
index 000000000..c8b5acebf
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_oct2priv.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_precompute_mult.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_precompute_mult.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_precompute_mult.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_precompute_mult.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_priv2buf.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_priv2buf.3ssl.gz
new file mode 100644
index 000000000..c8b5acebf
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_priv2buf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_priv2oct.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_priv2oct.3ssl.gz
new file mode 100644
index 000000000..c8b5acebf
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_priv2oct.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_asn1_flag.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_asn1_flag.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_set_asn1_flag.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_set_asn1_flag.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_conv_form.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_conv_form.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_set_conv_form.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_set_conv_form.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_enc_flags.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_enc_flags.3ssl.gz
index 03af27944..ed80617be 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_set_enc_flags.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_set_enc_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_flags.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_flags.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_set_flags.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_group.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_group.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_set_group.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_set_group.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_method.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_method.3ssl.gz
new file mode 100644
index 000000000..c8b5acebf
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_KEY_set_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_private_key.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_private_key.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_set_private_key.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_set_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_public_key.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_public_key.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_set_public_key.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_set_public_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_set_public_key_affine_coordinates.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_set_public_key_affine_coordinates.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_set_public_key_affine_coordinates.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_set_public_key_affine_coordinates.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_KEY_up_ref.3ssl.gz b/msys2/usr/share/man/man3/EC_KEY_up_ref.3ssl.gz
index 03af27944..c8b5acebf 100644
Binary files a/msys2/usr/share/man/man3/EC_KEY_up_ref.3ssl.gz and b/msys2/usr/share/man/man3/EC_KEY_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_METHOD_get_field_type.3ssl.gz b/msys2/usr/share/man/man3/EC_METHOD_get_field_type.3ssl.gz
index b9bca7518..10f8dbf3d 100644
Binary files a/msys2/usr/share/man/man3/EC_METHOD_get_field_type.3ssl.gz and b/msys2/usr/share/man/man3/EC_METHOD_get_field_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_add.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_add.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_add.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_add.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_bn2point.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_bn2point.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_bn2point.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_bn2point.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_clear_free.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_clear_free.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_clear_free.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_clear_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_cmp.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_cmp.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_cmp.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_copy.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_copy.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_copy.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_dbl.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_dbl.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_dbl.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_dbl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_dup.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_dup.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_dup.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_free.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_free.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_free.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_get_Jprojective_coordinates_GFp.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_get_Jprojective_coordinates_GFp.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_get_Jprojective_coordinates_GFp.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_get_Jprojective_coordinates_GFp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates.3ssl.gz
new file mode 100644
index 000000000..03dbe1ad8
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates_GF2m.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates_GF2m.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates_GF2m.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates_GF2m.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates_GFp.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates_GFp.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates_GFp.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_get_affine_coordinates_GFp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_hex2point.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_hex2point.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_hex2point.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_hex2point.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_invert.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_invert.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_invert.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_invert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_is_at_infinity.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_is_at_infinity.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_is_at_infinity.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_is_at_infinity.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_is_on_curve.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_is_on_curve.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_is_on_curve.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_is_on_curve.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_make_affine.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_make_affine.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_make_affine.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_make_affine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_method_of.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_method_of.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_method_of.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_method_of.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_mul.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_mul.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_mul.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_mul.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_new.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_new.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_new.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_oct2point.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_oct2point.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_oct2point.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_oct2point.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_point2bn.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_point2bn.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_point2bn.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_point2bn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_point2buf.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_point2buf.3ssl.gz
new file mode 100644
index 000000000..03dbe1ad8
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_POINT_point2buf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_point2hex.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_point2hex.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_point2hex.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_point2hex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_point2oct.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_point2oct.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_point2oct.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_point2oct.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_Jprojective_coordinates.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_Jprojective_coordinates.3ssl.gz
deleted file mode 100644
index fd716ce83..000000000
Binary files a/msys2/usr/share/man/man3/EC_POINT_set_Jprojective_coordinates.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_Jprojective_coordinates_GFp.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_Jprojective_coordinates_GFp.3ssl.gz
new file mode 100644
index 000000000..03dbe1ad8
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_POINT_set_Jprojective_coordinates_GFp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates.3ssl.gz
new file mode 100644
index 000000000..03dbe1ad8
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates_GF2m.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates_GF2m.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates_GF2m.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates_GF2m.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates_GFp.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates_GFp.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates_GFp.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_set_affine_coordinates_GFp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates.3ssl.gz
new file mode 100644
index 000000000..03dbe1ad8
Binary files /dev/null and b/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates_GF2m.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates_GF2m.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates_GF2m.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates_GF2m.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates_GFp.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates_GFp.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates_GFp.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_set_compressed_coordinates_GFp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINT_set_to_infinity.3ssl.gz b/msys2/usr/share/man/man3/EC_POINT_set_to_infinity.3ssl.gz
index fd716ce83..03dbe1ad8 100644
Binary files a/msys2/usr/share/man/man3/EC_POINT_set_to_infinity.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINT_set_to_infinity.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINTs_make_affine.3ssl.gz b/msys2/usr/share/man/man3/EC_POINTs_make_affine.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINTs_make_affine.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINTs_make_affine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_POINTs_mul.3ssl.gz b/msys2/usr/share/man/man3/EC_POINTs_mul.3ssl.gz
index 9dbebd841..66f459bf0 100644
Binary files a/msys2/usr/share/man/man3/EC_POINTs_mul.3ssl.gz and b/msys2/usr/share/man/man3/EC_POINTs_mul.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EC_get_builtin_curves.3ssl.gz b/msys2/usr/share/man/man3/EC_get_builtin_curves.3ssl.gz
index 6d2f2e2a4..9827d8225 100644
Binary files a/msys2/usr/share/man/man3/EC_get_builtin_curves.3ssl.gz and b/msys2/usr/share/man/man3/EC_get_builtin_curves.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EDIPARTYNAME_free.3ssl.gz b/msys2/usr/share/man/man3/EDIPARTYNAME_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/EDIPARTYNAME_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EDIPARTYNAME_new.3ssl.gz b/msys2/usr/share/man/man3/EDIPARTYNAME_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/EDIPARTYNAME_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_add.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_add.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_add.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_add_conf_module.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_add_conf_module.3ssl.gz
index 3013a9a0a..dda2837d0 100644
Binary files a/msys2/usr/share/man/man3/ENGINE_add_conf_module.3ssl.gz and b/msys2/usr/share/man/man3/ENGINE_add_conf_module.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_by_id.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_by_id.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_by_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_cleanup.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_cleanup.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_cmd_is_executable.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_cmd_is_executable.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_cmd_is_executable.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_ctrl.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_ctrl.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_ctrl_cmd.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_ctrl_cmd.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_ctrl_cmd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_ctrl_cmd_string.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_ctrl_cmd_string.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_ctrl_cmd_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_finish.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_finish.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_finish.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_free.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_free.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_DH.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_DH.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_DSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_DSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_RAND.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_RAND.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_RAND.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_RSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_RSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_cipher.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_cipher.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_cipher_engine.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_cipher_engine.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_cipher_engine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_ciphers.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_ciphers.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_cmd_defns.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_cmd_defns.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_cmd_defns.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_ctrl_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_ctrl_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_ctrl_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_default_DH.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_default_DH.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_default_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_default_DSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_default_DSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_default_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_default_RAND.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_default_RAND.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_default_RAND.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_default_RSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_default_RSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_default_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_destroy_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_destroy_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_destroy_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_digest.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_digest.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_digest_engine.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_digest_engine.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_digest_engine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_digests.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_digests.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_digests.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_finish_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_finish_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_finish_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_first.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_first.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_first.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_flags.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_flags.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_id.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_id.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_init_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_init_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_init_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_last.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_last.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_last.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_load_privkey_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_load_privkey_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_load_privkey_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_load_pubkey_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_load_pubkey_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_load_pubkey_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_name.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_name.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_next.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_next.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_next.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_prev.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_prev.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_prev.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_get_table_flags.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_get_table_flags.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_get_table_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_init.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_init.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_load_builtin_engines.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_load_builtin_engines.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_load_builtin_engines.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_load_private_key.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_load_private_key.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_load_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_load_public_key.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_load_public_key.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_load_public_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_new.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_new.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_DH.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_DH.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_DSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_DSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_RAND.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_RAND.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_RAND.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_RSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_RSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_all_DH.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_all_DH.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_all_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_all_DSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_all_DSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_all_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_all_RAND.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_all_RAND.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_all_RAND.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_all_RSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_all_RSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_all_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_all_ciphers.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_all_ciphers.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_all_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_all_complete.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_all_complete.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_all_complete.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_all_digests.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_all_digests.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_all_digests.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_ciphers.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_ciphers.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_complete.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_complete.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_complete.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_register_digests.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_register_digests.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_register_digests.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_remove.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_remove.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_remove.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_DH.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_DH.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_DSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_DSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_RAND.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_RAND.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_RAND.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_RSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_RSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_ciphers.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_ciphers.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_cmd_defns.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_cmd_defns.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_cmd_defns.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_ctrl_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_ctrl_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_ctrl_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_default.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_default.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_default.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_default_DH.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_default_DH.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_default_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_default_DSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_default_DSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_default_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_default_RAND.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_default_RAND.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_default_RAND.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_default_RSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_default_RSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_default_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_default_ciphers.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_default_ciphers.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_default_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_default_digests.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_default_digests.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_default_digests.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_default_string.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_default_string.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_default_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_destroy_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_destroy_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_destroy_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_digests.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_digests.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_digests.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_finish_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_finish_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_finish_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_flags.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_flags.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_id.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_id.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_init_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_init_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_init_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_load_privkey_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_load_privkey_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_load_privkey_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_load_pubkey_function.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_load_pubkey_function.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_load_pubkey_function.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_name.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_name.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_set_table_flags.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_set_table_flags.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_set_table_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_unregister_DH.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_unregister_DH.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_unregister_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_unregister_DSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_unregister_DSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_unregister_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_unregister_RAND.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_unregister_RAND.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_unregister_RAND.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_unregister_RSA.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_unregister_RSA.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_unregister_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_unregister_ciphers.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_unregister_ciphers.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_unregister_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_unregister_digests.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_unregister_digests.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_unregister_digests.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ENGINE_up_ref.3ssl.gz b/msys2/usr/share/man/man3/ENGINE_up_ref.3ssl.gz
new file mode 100644
index 000000000..472c7f9ce
Binary files /dev/null and b/msys2/usr/share/man/man3/ENGINE_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_FATAL_ERROR.3ssl.gz b/msys2/usr/share/man/man3/ERR_FATAL_ERROR.3ssl.gz
new file mode 100644
index 000000000..2862fa835
Binary files /dev/null and b/msys2/usr/share/man/man3/ERR_FATAL_ERROR.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_GET_FUNC.3ssl.gz b/msys2/usr/share/man/man3/ERR_GET_FUNC.3ssl.gz
index 0d602fad7..2862fa835 100644
Binary files a/msys2/usr/share/man/man3/ERR_GET_FUNC.3ssl.gz and b/msys2/usr/share/man/man3/ERR_GET_FUNC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_GET_LIB.3ssl.gz b/msys2/usr/share/man/man3/ERR_GET_LIB.3ssl.gz
index 0d602fad7..2862fa835 100644
Binary files a/msys2/usr/share/man/man3/ERR_GET_LIB.3ssl.gz and b/msys2/usr/share/man/man3/ERR_GET_LIB.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_GET_REASON.3ssl.gz b/msys2/usr/share/man/man3/ERR_GET_REASON.3ssl.gz
index 0d602fad7..2862fa835 100644
Binary files a/msys2/usr/share/man/man3/ERR_GET_REASON.3ssl.gz and b/msys2/usr/share/man/man3/ERR_GET_REASON.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_PACK.3ssl.gz b/msys2/usr/share/man/man3/ERR_PACK.3ssl.gz
index b2f702299..682f39b3e 100644
Binary files a/msys2/usr/share/man/man3/ERR_PACK.3ssl.gz and b/msys2/usr/share/man/man3/ERR_PACK.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_add_error_data.3ssl.gz b/msys2/usr/share/man/man3/ERR_add_error_data.3ssl.gz
index c817a4112..5f9fa16dc 100644
Binary files a/msys2/usr/share/man/man3/ERR_add_error_data.3ssl.gz and b/msys2/usr/share/man/man3/ERR_add_error_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_add_error_vdata.3ssl.gz b/msys2/usr/share/man/man3/ERR_add_error_vdata.3ssl.gz
new file mode 100644
index 000000000..5f9fa16dc
Binary files /dev/null and b/msys2/usr/share/man/man3/ERR_add_error_vdata.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_clear_error.3ssl.gz b/msys2/usr/share/man/man3/ERR_clear_error.3ssl.gz
index 7564702f1..546bb78f3 100644
Binary files a/msys2/usr/share/man/man3/ERR_clear_error.3ssl.gz and b/msys2/usr/share/man/man3/ERR_clear_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_error_string.3ssl.gz b/msys2/usr/share/man/man3/ERR_error_string.3ssl.gz
index da0de6898..a83eb4533 100644
Binary files a/msys2/usr/share/man/man3/ERR_error_string.3ssl.gz and b/msys2/usr/share/man/man3/ERR_error_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_error_string_n.3ssl.gz b/msys2/usr/share/man/man3/ERR_error_string_n.3ssl.gz
index da0de6898..a83eb4533 100644
Binary files a/msys2/usr/share/man/man3/ERR_error_string_n.3ssl.gz and b/msys2/usr/share/man/man3/ERR_error_string_n.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_free_strings.3ssl.gz b/msys2/usr/share/man/man3/ERR_free_strings.3ssl.gz
index 957199dfe..62de363e0 100644
Binary files a/msys2/usr/share/man/man3/ERR_free_strings.3ssl.gz and b/msys2/usr/share/man/man3/ERR_free_strings.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_func_error_string.3ssl.gz b/msys2/usr/share/man/man3/ERR_func_error_string.3ssl.gz
index da0de6898..a83eb4533 100644
Binary files a/msys2/usr/share/man/man3/ERR_func_error_string.3ssl.gz and b/msys2/usr/share/man/man3/ERR_func_error_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_get_error.3ssl.gz b/msys2/usr/share/man/man3/ERR_get_error.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_get_error.3ssl.gz and b/msys2/usr/share/man/man3/ERR_get_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_get_error_line.3ssl.gz b/msys2/usr/share/man/man3/ERR_get_error_line.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_get_error_line.3ssl.gz and b/msys2/usr/share/man/man3/ERR_get_error_line.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_get_error_line_data.3ssl.gz b/msys2/usr/share/man/man3/ERR_get_error_line_data.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_get_error_line_data.3ssl.gz and b/msys2/usr/share/man/man3/ERR_get_error_line_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_get_next_error_library.3ssl.gz b/msys2/usr/share/man/man3/ERR_get_next_error_library.3ssl.gz
index b2f702299..682f39b3e 100644
Binary files a/msys2/usr/share/man/man3/ERR_get_next_error_library.3ssl.gz and b/msys2/usr/share/man/man3/ERR_get_next_error_library.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_lib_error_string.3ssl.gz b/msys2/usr/share/man/man3/ERR_lib_error_string.3ssl.gz
index da0de6898..a83eb4533 100644
Binary files a/msys2/usr/share/man/man3/ERR_lib_error_string.3ssl.gz and b/msys2/usr/share/man/man3/ERR_lib_error_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_load_UI_strings.3ssl.gz b/msys2/usr/share/man/man3/ERR_load_UI_strings.3ssl.gz
deleted file mode 100644
index 91e71e604..000000000
Binary files a/msys2/usr/share/man/man3/ERR_load_UI_strings.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/ERR_load_crypto_strings.3ssl.gz b/msys2/usr/share/man/man3/ERR_load_crypto_strings.3ssl.gz
index 957199dfe..62de363e0 100644
Binary files a/msys2/usr/share/man/man3/ERR_load_crypto_strings.3ssl.gz and b/msys2/usr/share/man/man3/ERR_load_crypto_strings.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_load_strings.3ssl.gz b/msys2/usr/share/man/man3/ERR_load_strings.3ssl.gz
index b2f702299..682f39b3e 100644
Binary files a/msys2/usr/share/man/man3/ERR_load_strings.3ssl.gz and b/msys2/usr/share/man/man3/ERR_load_strings.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_peek_error.3ssl.gz b/msys2/usr/share/man/man3/ERR_peek_error.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_peek_error.3ssl.gz and b/msys2/usr/share/man/man3/ERR_peek_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_peek_error_line.3ssl.gz b/msys2/usr/share/man/man3/ERR_peek_error_line.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_peek_error_line.3ssl.gz and b/msys2/usr/share/man/man3/ERR_peek_error_line.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_peek_error_line_data.3ssl.gz b/msys2/usr/share/man/man3/ERR_peek_error_line_data.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_peek_error_line_data.3ssl.gz and b/msys2/usr/share/man/man3/ERR_peek_error_line_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_peek_last_error.3ssl.gz b/msys2/usr/share/man/man3/ERR_peek_last_error.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_peek_last_error.3ssl.gz and b/msys2/usr/share/man/man3/ERR_peek_last_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_peek_last_error_line.3ssl.gz b/msys2/usr/share/man/man3/ERR_peek_last_error_line.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_peek_last_error_line.3ssl.gz and b/msys2/usr/share/man/man3/ERR_peek_last_error_line.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_peek_last_error_line_data.3ssl.gz b/msys2/usr/share/man/man3/ERR_peek_last_error_line_data.3ssl.gz
index 1527a9c92..eeeb4b51c 100644
Binary files a/msys2/usr/share/man/man3/ERR_peek_last_error_line_data.3ssl.gz and b/msys2/usr/share/man/man3/ERR_peek_last_error_line_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_pop_to_mark.3ssl.gz b/msys2/usr/share/man/man3/ERR_pop_to_mark.3ssl.gz
index c7df17675..8f099f8f7 100644
Binary files a/msys2/usr/share/man/man3/ERR_pop_to_mark.3ssl.gz and b/msys2/usr/share/man/man3/ERR_pop_to_mark.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_print_errors.3ssl.gz b/msys2/usr/share/man/man3/ERR_print_errors.3ssl.gz
index c35a98170..c6ad351ee 100644
Binary files a/msys2/usr/share/man/man3/ERR_print_errors.3ssl.gz and b/msys2/usr/share/man/man3/ERR_print_errors.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_print_errors_cb.3ssl.gz b/msys2/usr/share/man/man3/ERR_print_errors_cb.3ssl.gz
new file mode 100644
index 000000000..c6ad351ee
Binary files /dev/null and b/msys2/usr/share/man/man3/ERR_print_errors_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_print_errors_fp.3ssl.gz b/msys2/usr/share/man/man3/ERR_print_errors_fp.3ssl.gz
index c35a98170..c6ad351ee 100644
Binary files a/msys2/usr/share/man/man3/ERR_print_errors_fp.3ssl.gz and b/msys2/usr/share/man/man3/ERR_print_errors_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_put_error.3ssl.gz b/msys2/usr/share/man/man3/ERR_put_error.3ssl.gz
index c817a4112..5f9fa16dc 100644
Binary files a/msys2/usr/share/man/man3/ERR_put_error.3ssl.gz and b/msys2/usr/share/man/man3/ERR_put_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_reason_error_string.3ssl.gz b/msys2/usr/share/man/man3/ERR_reason_error_string.3ssl.gz
index da0de6898..a83eb4533 100644
Binary files a/msys2/usr/share/man/man3/ERR_reason_error_string.3ssl.gz and b/msys2/usr/share/man/man3/ERR_reason_error_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_remove_state.3ssl.gz b/msys2/usr/share/man/man3/ERR_remove_state.3ssl.gz
index 850ad56e0..f8ffb2253 100644
Binary files a/msys2/usr/share/man/man3/ERR_remove_state.3ssl.gz and b/msys2/usr/share/man/man3/ERR_remove_state.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_remove_thread_state.3ssl.gz b/msys2/usr/share/man/man3/ERR_remove_thread_state.3ssl.gz
index 850ad56e0..f8ffb2253 100644
Binary files a/msys2/usr/share/man/man3/ERR_remove_thread_state.3ssl.gz and b/msys2/usr/share/man/man3/ERR_remove_thread_state.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ERR_set_mark.3ssl.gz b/msys2/usr/share/man/man3/ERR_set_mark.3ssl.gz
index c7df17675..8f099f8f7 100644
Binary files a/msys2/usr/share/man/man3/ERR_set_mark.3ssl.gz and b/msys2/usr/share/man/man3/ERR_set_mark.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESCDELAY.3x.gz b/msys2/usr/share/man/man3/ESCDELAY.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/ESCDELAY.3x.gz and b/msys2/usr/share/man/man3/ESCDELAY.3x.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_CERT_ID_dup.3ssl.gz b/msys2/usr/share/man/man3/ESS_CERT_ID_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_CERT_ID_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_CERT_ID_free.3ssl.gz b/msys2/usr/share/man/man3/ESS_CERT_ID_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_CERT_ID_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_CERT_ID_new.3ssl.gz b/msys2/usr/share/man/man3/ESS_CERT_ID_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_CERT_ID_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_dup.3ssl.gz b/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_free.3ssl.gz b/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_new.3ssl.gz b/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_ISSUER_SERIAL_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_SIGNING_CERT_dup.3ssl.gz b/msys2/usr/share/man/man3/ESS_SIGNING_CERT_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_SIGNING_CERT_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_SIGNING_CERT_free.3ssl.gz b/msys2/usr/share/man/man3/ESS_SIGNING_CERT_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_SIGNING_CERT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ESS_SIGNING_CERT_new.3ssl.gz b/msys2/usr/share/man/man3/ESS_SIGNING_CERT_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ESS_SIGNING_CERT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_BytesToKey.3ssl.gz b/msys2/usr/share/man/man3/EVP_BytesToKey.3ssl.gz
index 74589a7d8..84e94d58e 100644
Binary files a/msys2/usr/share/man/man3/EVP_BytesToKey.3ssl.gz and b/msys2/usr/share/man/man3/EVP_BytesToKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_block_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_block_size.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_block_size.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_block_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_cipher.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_cipher.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_cipher.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_cleanup.3ssl.gz
deleted file mode 100644
index c7ba48f62..000000000
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_cleanup.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_ctrl.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_flags.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_flags.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_flags.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_free.3ssl.gz
new file mode 100644
index 000000000..e7b66ecd4
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_get_app_data.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_get_app_data.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_get_app_data.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_get_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_get_cipher_data.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_get_cipher_data.3ssl.gz
new file mode 100644
index 000000000..0363f00bb
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_get_cipher_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_init.3ssl.gz
deleted file mode 100644
index c7ba48f62..000000000
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_init.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_iv_length.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_iv_length.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_iv_length.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_iv_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_key_length.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_key_length.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_key_length.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_key_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_mode.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_mode.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_mode.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_new.3ssl.gz
new file mode 100644
index 000000000..e7b66ecd4
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_nid.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_nid.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_nid.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_reset.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_reset.3ssl.gz
new file mode 100644
index 000000000..e7b66ecd4
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_reset.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_app_data.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_app_data.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_app_data.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_cipher_data.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_cipher_data.3ssl.gz
new file mode 100644
index 000000000..0363f00bb
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_cipher_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_key_length.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_key_length.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_key_length.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_key_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_padding.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_padding.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_padding.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_set_padding.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_type.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_CTX_type.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_CTX_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_asn1_to_param.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_asn1_to_param.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_asn1_to_param.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_asn1_to_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_block_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_block_size.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_block_size.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_block_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_flags.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_flags.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_flags.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_iv_length.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_iv_length.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_iv_length.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_iv_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_key_length.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_key_length.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_key_length.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_key_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_dup.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_dup.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_free.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_cleanup.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_ctrl.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_do_cipher.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_do_cipher.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_do_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_get_asn1_params.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_get_asn1_params.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_get_asn1_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_init.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_set_asn1_params.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_set_asn1_params.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_get_set_asn1_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_new.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_cleanup.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_ctrl.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_do_cipher.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_do_cipher.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_do_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_flags.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_flags.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_get_asn1_params.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_get_asn1_params.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_get_asn1_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_impl_ctx_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_impl_ctx_size.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_impl_ctx_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_init.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_iv_length.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_iv_length.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_iv_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_set_asn1_params.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_set_asn1_params.3ssl.gz
new file mode 100644
index 000000000..bc05b6edd
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_CIPHER_meth_set_set_asn1_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_mode.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_mode.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_mode.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_nid.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_nid.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_nid.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_param_to_asn1.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_param_to_asn1.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_param_to_asn1.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_param_to_asn1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CIPHER_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_CIPHER_type.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CIPHER_type.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CIPHER_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CipherFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_CipherFinal.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CipherFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CipherFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CipherFinal_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_CipherFinal_ex.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CipherFinal_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CipherFinal_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CipherInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_CipherInit.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CipherInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CipherInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CipherInit_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_CipherInit_ex.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CipherInit_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CipherInit_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_CipherUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_CipherUpdate.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_CipherUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_CipherUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecodeBlock.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecodeBlock.3ssl.gz
index db0d6a453..0dda93518 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecodeBlock.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecodeBlock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecodeFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecodeFinal.3ssl.gz
index db0d6a453..0dda93518 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecodeFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecodeFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecodeInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecodeInit.3ssl.gz
index db0d6a453..0dda93518 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecodeInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecodeInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecodeUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecodeUpdate.3ssl.gz
index db0d6a453..0dda93518 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecodeUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecodeUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecryptFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecryptFinal.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecryptFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecryptFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecryptFinal_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecryptFinal_ex.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecryptFinal_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecryptFinal_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecryptInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecryptInit.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecryptInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecryptInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecryptInit_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecryptInit_ex.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecryptInit_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecryptInit_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DecryptUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_DecryptUpdate.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_DecryptUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DecryptUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestFinal.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestFinalXOF.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestFinalXOF.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_DigestFinalXOF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestFinal_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestFinal_ex.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestFinal_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestFinal_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestInit.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestInit_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestInit_ex.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestInit_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestInit_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestSign.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestSign.3ssl.gz
new file mode 100644
index 000000000..9c1c7b0b7
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_DigestSign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestSignFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestSignFinal.3ssl.gz
index 2dcac2677..9c1c7b0b7 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestSignFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestSignFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestSignInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestSignInit.3ssl.gz
index 2dcac2677..9c1c7b0b7 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestSignInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestSignInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestSignUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestSignUpdate.3ssl.gz
index 2dcac2677..9c1c7b0b7 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestSignUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestSignUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestUpdate.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestVerify.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestVerify.3ssl.gz
new file mode 100644
index 000000000..8f16316b7
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_DigestVerify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestVerifyFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestVerifyFinal.3ssl.gz
index c49bef645..8f16316b7 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestVerifyFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestVerifyFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestVerifyInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestVerifyInit.3ssl.gz
index c49bef645..8f16316b7 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestVerifyInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestVerifyInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_DigestVerifyUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_DigestVerifyUpdate.3ssl.gz
index c49bef645..8f16316b7 100644
Binary files a/msys2/usr/share/man/man3/EVP_DigestVerifyUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_DigestVerifyUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_ENCODE_CTX_copy.3ssl.gz b/msys2/usr/share/man/man3/EVP_ENCODE_CTX_copy.3ssl.gz
new file mode 100644
index 000000000..0dda93518
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_ENCODE_CTX_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_ENCODE_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_ENCODE_CTX_free.3ssl.gz
new file mode 100644
index 000000000..0dda93518
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_ENCODE_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_ENCODE_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_ENCODE_CTX_new.3ssl.gz
new file mode 100644
index 000000000..0dda93518
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_ENCODE_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_ENCODE_CTX_num.3ssl.gz b/msys2/usr/share/man/man3/EVP_ENCODE_CTX_num.3ssl.gz
new file mode 100644
index 000000000..0dda93518
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_ENCODE_CTX_num.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncodeBlock.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncodeBlock.3ssl.gz
index db0d6a453..0dda93518 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncodeBlock.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncodeBlock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncodeFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncodeFinal.3ssl.gz
index db0d6a453..0dda93518 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncodeFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncodeFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncodeInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncodeInit.3ssl.gz
index db0d6a453..0dda93518 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncodeInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncodeInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncodeUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncodeUpdate.3ssl.gz
index db0d6a453..0dda93518 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncodeUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncodeUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncryptFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncryptFinal.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncryptFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncryptFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncryptFinal_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncryptFinal_ex.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncryptFinal_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncryptFinal_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncryptInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncryptInit.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncryptInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncryptInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncryptInit_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncryptInit_ex.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncryptInit_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncryptInit_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_EncryptUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_EncryptUpdate.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_EncryptUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_EncryptUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MAX_MD_SIZE.3ssl.gz b/msys2/usr/share/man/man3/EVP_MAX_MD_SIZE.3ssl.gz
deleted file mode 100644
index d50c1b9ec..000000000
Binary files a/msys2/usr/share/man/man3/EVP_MAX_MD_SIZE.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_block_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_block_size.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_block_size.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_CTX_block_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_cleanup.3ssl.gz
deleted file mode 100644
index d50c1b9ec..000000000
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_cleanup.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_clear_flags.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_copy.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_copy.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_copy.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_CTX_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_copy_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_copy_ex.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_copy_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_CTX_copy_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_create.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_create.3ssl.gz
deleted file mode 100644
index d50c1b9ec..000000000
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_create.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_ctrl.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_destroy.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_destroy.3ssl.gz
deleted file mode 100644
index d50c1b9ec..000000000
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_destroy.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_free.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_init.3ssl.gz
deleted file mode 100644
index d50c1b9ec..000000000
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_init.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_md.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_md.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_CTX_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_md_data.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_md_data.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_md_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_new.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_reset.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_reset.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_reset.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_set_flags.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_set_flags.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_set_pkey_ctx.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_set_pkey_ctx.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_set_pkey_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_size.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_size.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_CTX_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_test_flags.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_test_flags.3ssl.gz
new file mode 100644
index 000000000..22da36504
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_CTX_test_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_CTX_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_CTX_type.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_CTX_type.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_CTX_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_block_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_block_size.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_block_size.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_block_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_dup.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_dup.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_free.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_app_datasize.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_app_datasize.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_app_datasize.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_cleanup.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_copy.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_copy.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_ctrl.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_final.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_final.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_flags.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_flags.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_init.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_input_blocksize.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_input_blocksize.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_input_blocksize.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_result_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_result_size.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_result_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_get_update.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_get_update.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_get_update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_new.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_app_datasize.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_app_datasize.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_app_datasize.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_cleanup.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_copy.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_copy.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_ctrl.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_final.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_final.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_flags.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_flags.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_init.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_input_blocksize.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_input_blocksize.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_input_blocksize.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_result_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_result_size.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_result_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_meth_set_update.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_meth_set_update.3ssl.gz
new file mode 100644
index 000000000..df7a58074
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_MD_meth_set_update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_pkey_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_pkey_type.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_pkey_type.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_pkey_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_size.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_size.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_MD_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_MD_type.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_MD_type.3ssl.gz and b/msys2/usr/share/man/man3/EVP_MD_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_OpenFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_OpenFinal.3ssl.gz
index 41704d5b2..ab69f13cf 100644
Binary files a/msys2/usr/share/man/man3/EVP_OpenFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_OpenFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_OpenInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_OpenInit.3ssl.gz
index 41704d5b2..ab69f13cf 100644
Binary files a/msys2/usr/share/man/man3/EVP_OpenInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_OpenInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_OpenUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_OpenUpdate.3ssl.gz
index 41704d5b2..ab69f13cf 100644
Binary files a/msys2/usr/share/man/man3/EVP_OpenUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_OpenUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEVP_PKEY_CTX_set_app_data.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEVP_PKEY_CTX_set_app_data.3ssl.gz
deleted file mode 100644
index 2fc756a3a..000000000
Binary files a/msys2/usr/share/man/man3/EVP_PKEVP_PKEY_CTX_set_app_data.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_ASN1_METHOD.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_ASN1_METHOD.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_ASN1_METHOD.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_add1_hkdf_info.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_add1_hkdf_info.3ssl.gz
new file mode 100644
index 000000000..c74c520b6
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_add1_hkdf_info.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_add1_tls1_prf_seed.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_add1_tls1_prf_seed.3ssl.gz
new file mode 100644
index 000000000..1b586c9cf
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_add1_tls1_prf_seed.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl_str.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl_str.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl_str.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl_str.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl_uint64.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl_uint64.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_ctrl_uint64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_dup.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_dup.3ssl.gz
index bb19ffd1e..fb5ef3617 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_dup.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_free.3ssl.gz
index bb19ffd1e..fb5ef3617 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_free.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_dh_kdf_oid.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_dh_kdf_oid.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_dh_kdf_oid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_dh_kdf_ukm.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_dh_kdf_ukm.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_dh_kdf_ukm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_ecdh_kdf_ukm.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_ecdh_kdf_ukm.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_ecdh_kdf_ukm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_rsa_oaep_label.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_rsa_oaep_label.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get0_rsa_oaep_label.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get1_id.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get1_id.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get1_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get1_id_len.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get1_id_len.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get1_id_len.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_app_data.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_app_data.3ssl.gz
index 2fc756a3a..1d59c9b79 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_app_data.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_cb.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_cb.3ssl.gz
index 2fc756a3a..1d59c9b79 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_cb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_outlen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_outlen.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_outlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_type.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_cofactor_mode.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_cofactor_mode.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_cofactor_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_outlen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_outlen.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_outlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_type.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_keygen_info.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_keygen_info.3ssl.gz
index 2fc756a3a..1d59c9b79 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_keygen_info.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_keygen_info.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_mgf1_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_mgf1_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_mgf1_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_oaep_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_oaep_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_oaep_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_padding.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_padding.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_padding.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_pss_saltlen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_pss_saltlen.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_rsa_pss_saltlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_signature_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_signature_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_get_signature_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_hkdf_mode.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_hkdf_mode.3ssl.gz
new file mode 100644
index 000000000..c74c520b6
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_hkdf_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_new.3ssl.gz
index bb19ffd1e..fb5ef3617 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_new.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_new_id.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_new_id.3ssl.gz
index bb19ffd1e..fb5ef3617 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_new_id.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_new_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_dh_kdf_oid.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_dh_kdf_oid.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_dh_kdf_oid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_dh_kdf_ukm.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_dh_kdf_ukm.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_dh_kdf_ukm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_ecdh_kdf_ukm.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_ecdh_kdf_ukm.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_ecdh_kdf_ukm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_rsa_oaep_label.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_rsa_oaep_label.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set0_rsa_oaep_label.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_hkdf_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_hkdf_key.3ssl.gz
new file mode 100644
index 000000000..c74c520b6
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_hkdf_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_hkdf_salt.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_hkdf_salt.3ssl.gz
new file mode 100644
index 000000000..c74c520b6
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_hkdf_salt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_id.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_id.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3ssl.gz
new file mode 100644
index 000000000..94895085d
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_scrypt_salt.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_scrypt_salt.3ssl.gz
new file mode 100644
index 000000000..a440a3f96
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_scrypt_salt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_tls1_prf_secret.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_tls1_prf_secret.3ssl.gz
new file mode 100644
index 000000000..1b586c9cf
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set1_tls1_prf_secret.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_app_data.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_app_data.3ssl.gz
new file mode 100644
index 000000000..1d59c9b79
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_cb.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_cb.3ssl.gz
index 2fc756a3a..1d59c9b79 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_cb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_outlen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_outlen.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_outlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_type.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_nid.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_nid.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_pad.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_pad.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_pad.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_subprime_len.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_subprime_len.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_subprime_len.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_type.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_rfc5114.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_rfc5114.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dh_rfc5114.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dhx_rfc5114.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dhx_rfc5114.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dhx_rfc5114.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ec_param_enc.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ec_param_enc.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ec_param_enc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_outlen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_outlen.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_outlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_type.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_hkdf_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_hkdf_md.3ssl.gz
new file mode 100644
index 000000000..c74c520b6
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_hkdf_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_mac_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_mac_key.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_mac_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_bits.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_bits.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_primes.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_primes.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_primes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_mgf1_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_mgf1_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_mgf1_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_oaep_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_oaep_md.3ssl.gz
new file mode 100644
index 000000000..6b6fccc48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_oaep_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_padding.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_padding.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_padding.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_padding.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3ssl.gz
new file mode 100644
index 000000000..f8db05f34
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.3ssl.gz
new file mode 100644
index 000000000..f8db05f34
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.3ssl.gz
new file mode 100644
index 000000000..f8db05f34
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_rsa_keygen_bits.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_rsa_keygen_bits.3ssl.gz
deleted file mode 100644
index 42bdf1011..000000000
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_rsa_rsa_keygen_bits.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_N.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_N.3ssl.gz
new file mode 100644
index 000000000..a440a3f96
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_N.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.3ssl.gz
new file mode 100644
index 000000000..a440a3f96
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_p.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_p.3ssl.gz
new file mode 100644
index 000000000..a440a3f96
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_p.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_r.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_r.3ssl.gz
new file mode 100644
index 000000000..a440a3f96
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_r.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_signature_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_signature_md.3ssl.gz
index 42bdf1011..6b6fccc48 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_signature_md.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_signature_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3ssl.gz
new file mode 100644
index 000000000..1b586c9cf
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_METHOD.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_METHOD.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_METHOD.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_METHOD.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_add0.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_add0.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_add0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_add_alias.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_add_alias.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_add_alias.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_copy.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_copy.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_find.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_find.3ssl.gz
new file mode 100644
index 000000000..19f4abbbe
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_find.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_find_str.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_find_str.3ssl.gz
new file mode 100644
index 000000000..19f4abbbe
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_find_str.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_free.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_get0.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_get0.3ssl.gz
new file mode 100644
index 000000000..19f4abbbe
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_get0_info.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_get0_info.3ssl.gz
new file mode 100644
index 000000000..19f4abbbe
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_get0_info.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_get_count.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_get_count.3ssl.gz
new file mode 100644
index 000000000..19f4abbbe
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_get_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_new.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_check.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_ctrl.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_free.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_get_priv_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_get_priv_key.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_get_priv_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_get_pub_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_get_pub_key.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_get_pub_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_item.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_item.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_item.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_param.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_param.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_param_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_param_check.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_param_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_private.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_private.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_private.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_public.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_public.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_public.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_public_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_public_check.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_public_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_security_bits.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_security_bits.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_security_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_set_priv_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_set_priv_key.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_set_priv_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_set_pub_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_set_pub_key.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_set_pub_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_siginf.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_siginf.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_asn1_set_siginf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_assign_DH.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_assign_DH.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_assign_DH.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_assign_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_assign_DSA.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_assign_DSA.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_assign_DSA.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_assign_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_assign_EC_KEY.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_assign_EC_KEY.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_assign_EC_KEY.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_assign_EC_KEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_assign_POLY1305.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_assign_POLY1305.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_assign_POLY1305.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_assign_RSA.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_assign_RSA.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_assign_RSA.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_assign_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_assign_SIPHASH.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_assign_SIPHASH.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_assign_SIPHASH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_base_id.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_base_id.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_base_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_check.3ssl.gz
new file mode 100644
index 000000000..1d59c9b79
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_cmp.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_cmp.3ssl.gz
index 0c79cb33c..1ccadb510 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_cmp.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_cmp_parameters.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_cmp_parameters.3ssl.gz
index 0c79cb33c..1ccadb510 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_cmp_parameters.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_cmp_parameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_copy_parameters.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_copy_parameters.3ssl.gz
index 0c79cb33c..1ccadb510 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_copy_parameters.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_copy_parameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_decrypt.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_decrypt.3ssl.gz
index 83a801b1d..ea295bb73 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_decrypt_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_decrypt_init.3ssl.gz
index 83a801b1d..ea295bb73 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_decrypt_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_decrypt_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_derive.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_derive.3ssl.gz
index 6f22f6509..83aba1810 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_derive.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_derive.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_derive_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_derive_init.3ssl.gz
index 6f22f6509..83aba1810 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_derive_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_derive_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_derive_set_peer.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_derive_set_peer.3ssl.gz
index 6f22f6509..83aba1810 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_derive_set_peer.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_derive_set_peer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_encrypt.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_encrypt.3ssl.gz
index d4ca5b12d..6fb915618 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_encrypt_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_encrypt_init.3ssl.gz
index d4ca5b12d..6fb915618 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_encrypt_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_encrypt_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_free.3ssl.gz
index cdd2061ad..21c9b36f0 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_free.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_gen_cb.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_gen_cb.3ssl.gz
new file mode 100644
index 000000000..1d59c9b79
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_gen_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get0_DH.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get0_DH.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get0_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get0_DSA.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get0_DSA.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get0_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get0_EC_KEY.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get0_EC_KEY.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get0_EC_KEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get0_RSA.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get0_RSA.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get0_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get0_asn1.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get0_asn1.3ssl.gz
new file mode 100644
index 000000000..280ba1adc
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get0_asn1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get0_hmac.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get0_hmac.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get0_hmac.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get0_poly1305.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get0_poly1305.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get0_poly1305.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get0_siphash.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get0_siphash.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get0_siphash.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get1_DH.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get1_DH.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_get1_DH.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_get1_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get1_DSA.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get1_DSA.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_get1_DSA.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_get1_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get1_EC_KEY.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get1_EC_KEY.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_get1_EC_KEY.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_get1_EC_KEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get1_RSA.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get1_RSA.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_get1_RSA.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_get1_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get_default_digest.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get_default_digest.3ssl.gz
deleted file mode 100644
index ab329a01c..000000000
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_get_default_digest.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get_default_digest_nid.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get_default_digest_nid.3ssl.gz
index ab329a01c..a9b81728a 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_get_default_digest_nid.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_get_default_digest_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get_raw_private_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get_raw_private_key.3ssl.gz
new file mode 100644
index 000000000..21c9b36f0
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get_raw_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_get_raw_public_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_get_raw_public_key.3ssl.gz
new file mode 100644
index 000000000..21c9b36f0
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_get_raw_public_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_id.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_id.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_keygen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_keygen.3ssl.gz
index 2fc756a3a..1d59c9b79 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_keygen.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_keygen_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_keygen_init.3ssl.gz
index 2fc756a3a..1d59c9b79 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_keygen_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_keygen_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_add0.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_add0.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_add0.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_add0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_copy.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_copy.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_copy.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_find.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_find.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_find.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_find.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_free.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_free.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_free.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get0.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get0.3ssl.gz
new file mode 100644
index 000000000..f443f1453
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get0_info.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get0_info.3ssl.gz
new file mode 100644
index 000000000..f443f1453
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get0_info.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_check.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_cleanup.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_cleanup.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_copy.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_copy.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_copy.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_count.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_count.3ssl.gz
new file mode 100644
index 000000000..f443f1453
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_ctrl.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_decrypt.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_decrypt.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_derive.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_derive.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_derive.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_derive.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_digest_custom.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_digest_custom.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_digest_custom.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_encrypt.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_encrypt.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_init.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_keygen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_keygen.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_keygen.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_param_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_param_check.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_param_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_paramgen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_paramgen.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_paramgen.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_paramgen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_public_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_public_check.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_public_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_sign.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_sign.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_sign.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_signctx.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_signctx.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_signctx.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_signctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verify.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verify.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verify.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verify_recover.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verify_recover.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verify_recover.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verify_recover.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verifyctx.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verifyctx.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verifyctx.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_get_verifyctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_new.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_new.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_remove.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_remove.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_remove.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_check.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_cleanup.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_cleanup.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_copy.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_copy.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_copy.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_ctrl.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_ctrl.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_decrypt.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_decrypt.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_derive.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_derive.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_derive.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_derive.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_digest_custom.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_digest_custom.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_digest_custom.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_encrypt.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_encrypt.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_init.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_keygen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_keygen.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_keygen.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_param_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_param_check.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_param_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_paramgen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_paramgen.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_paramgen.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_paramgen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_public_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_public_check.3ssl.gz
new file mode 100644
index 000000000..33a94026b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_public_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_sign.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_sign.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_sign.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_signctx.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_signctx.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_signctx.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_signctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verify.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verify.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verify.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verify_recover.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verify_recover.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verify_recover.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verify_recover.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verifyctx.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verifyctx.3ssl.gz
index ac300fadf..33a94026b 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verifyctx.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_meth_set_verifyctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_missing_parameters.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_missing_parameters.3ssl.gz
index 0c79cb33c..1ccadb510 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_missing_parameters.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_missing_parameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_new.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_new.3ssl.gz
index cdd2061ad..21c9b36f0 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_new.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_new_CMAC_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_new_CMAC_key.3ssl.gz
new file mode 100644
index 000000000..21c9b36f0
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_new_CMAC_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_new_mac_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_new_mac_key.3ssl.gz
new file mode 100644
index 000000000..21c9b36f0
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_new_mac_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_new_raw_private_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_new_raw_private_key.3ssl.gz
new file mode 100644
index 000000000..21c9b36f0
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_new_raw_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_new_raw_public_key.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_new_raw_public_key.3ssl.gz
new file mode 100644
index 000000000..21c9b36f0
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_new_raw_public_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_param_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_param_check.3ssl.gz
new file mode 100644
index 000000000..1d59c9b79
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_param_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_paramgen.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_paramgen.3ssl.gz
index 2fc756a3a..1d59c9b79 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_paramgen.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_paramgen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_paramgen_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_paramgen_init.3ssl.gz
index 2fc756a3a..1d59c9b79 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_paramgen_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_paramgen_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_print_params.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_print_params.3ssl.gz
index 610e5d4c3..9af59b268 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_print_params.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_print_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_print_private.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_print_private.3ssl.gz
index 610e5d4c3..9af59b268 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_print_private.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_print_private.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_print_public.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_print_public.3ssl.gz
index 610e5d4c3..9af59b268 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_print_public.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_print_public.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_public_check.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_public_check.3ssl.gz
new file mode 100644
index 000000000..1d59c9b79
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_public_check.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_security_bits.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_security_bits.3ssl.gz
new file mode 100644
index 000000000..ed9a93330
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_security_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_set1_DH.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_set1_DH.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_set1_DH.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_set1_DH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_set1_DSA.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_set1_DSA.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_set1_DSA.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_set1_DSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_set1_EC_KEY.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_set1_EC_KEY.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_set1_EC_KEY.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_set1_EC_KEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_set1_RSA.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_set1_RSA.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_set1_RSA.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_set1_RSA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_set1_engine.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_set1_engine.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_set1_engine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_set_alias_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_set_alias_type.3ssl.gz
new file mode 100644
index 000000000..f45869c59
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_set_alias_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_sign.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_sign.3ssl.gz
index a16109ee3..beaf99b3e 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_sign.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_sign_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_sign_init.3ssl.gz
index a16109ee3..beaf99b3e 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_sign_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_sign_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_size.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_size.3ssl.gz
new file mode 100644
index 000000000..ed9a93330
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_type.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_type.3ssl.gz
index d1a4d2288..f45869c59 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_type.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_up_ref.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_up_ref.3ssl.gz
new file mode 100644
index 000000000..21c9b36f0
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_PKEY_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_verify.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_verify.3ssl.gz
index 33994b80c..89fb01153 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_verify.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_verify_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_verify_init.3ssl.gz
index 33994b80c..89fb01153 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_verify_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_verify_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_verify_recover.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_verify_recover.3ssl.gz
index f48e4b565..273f5e41f 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_verify_recover.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_verify_recover.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_PKEY_verify_recover_init.3ssl.gz b/msys2/usr/share/man/man3/EVP_PKEY_verify_recover_init.3ssl.gz
index f48e4b565..273f5e41f 100644
Binary files a/msys2/usr/share/man/man3/EVP_PKEY_verify_recover_init.3ssl.gz and b/msys2/usr/share/man/man3/EVP_PKEY_verify_recover_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_SealFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_SealFinal.3ssl.gz
index d67724373..ae82fd593 100644
Binary files a/msys2/usr/share/man/man3/EVP_SealFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_SealFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_SealInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_SealInit.3ssl.gz
index d67724373..ae82fd593 100644
Binary files a/msys2/usr/share/man/man3/EVP_SealInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_SealInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_SealUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_SealUpdate.3ssl.gz
index d67724373..ae82fd593 100644
Binary files a/msys2/usr/share/man/man3/EVP_SealUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_SealUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_SignFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_SignFinal.3ssl.gz
index 8437374f1..ed9a93330 100644
Binary files a/msys2/usr/share/man/man3/EVP_SignFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_SignFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_SignInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_SignInit.3ssl.gz
index 8437374f1..ed9a93330 100644
Binary files a/msys2/usr/share/man/man3/EVP_SignInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_SignInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_SignInit_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_SignInit_ex.3ssl.gz
index 8437374f1..ed9a93330 100644
Binary files a/msys2/usr/share/man/man3/EVP_SignInit_ex.3ssl.gz and b/msys2/usr/share/man/man3/EVP_SignInit_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_SignUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_SignUpdate.3ssl.gz
index 8437374f1..ed9a93330 100644
Binary files a/msys2/usr/share/man/man3/EVP_SignUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_SignUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_VerifyFinal.3ssl.gz b/msys2/usr/share/man/man3/EVP_VerifyFinal.3ssl.gz
index 355048ceb..536738bf8 100644
Binary files a/msys2/usr/share/man/man3/EVP_VerifyFinal.3ssl.gz and b/msys2/usr/share/man/man3/EVP_VerifyFinal.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_VerifyInit.3ssl.gz b/msys2/usr/share/man/man3/EVP_VerifyInit.3ssl.gz
index 355048ceb..536738bf8 100644
Binary files a/msys2/usr/share/man/man3/EVP_VerifyInit.3ssl.gz and b/msys2/usr/share/man/man3/EVP_VerifyInit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_VerifyInit_ex.3ssl.gz b/msys2/usr/share/man/man3/EVP_VerifyInit_ex.3ssl.gz
new file mode 100644
index 000000000..536738bf8
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_VerifyInit_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_VerifyUpdate.3ssl.gz b/msys2/usr/share/man/man3/EVP_VerifyUpdate.3ssl.gz
index 355048ceb..536738bf8 100644
Binary files a/msys2/usr/share/man/man3/EVP_VerifyUpdate.3ssl.gz and b/msys2/usr/share/man/man3/EVP_VerifyUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_cbc.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_cbc_hmac_sha1.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_cbc_hmac_sha1.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_128_cbc_hmac_sha1.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_128_cbc_hmac_sha1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_cbc_hmac_sha256.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_cbc_hmac_sha256.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_128_cbc_hmac_sha256.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_128_cbc_hmac_sha256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_ccm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_ccm.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_128_ccm.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_128_ccm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_cfb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_cfb1.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_cfb128.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_cfb8.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_ctr.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_ecb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_gcm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_gcm.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_128_gcm.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_128_gcm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_ocb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_ocb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_ocb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_ofb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_wrap.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_wrap.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_wrap.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_wrap_pad.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_wrap_pad.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_wrap_pad.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_128_xts.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_128_xts.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_128_xts.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_cbc.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_ccm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_ccm.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_192_ccm.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_192_ccm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_cfb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_cfb1.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_cfb128.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_cfb8.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_ctr.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_ecb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_gcm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_gcm.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_192_gcm.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_192_gcm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_ocb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_ocb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_ocb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_ofb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_wrap.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_wrap.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_wrap.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_192_wrap_pad.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_192_wrap_pad.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_192_wrap_pad.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_cbc.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_cbc_hmac_sha1.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_cbc_hmac_sha1.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_256_cbc_hmac_sha1.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_256_cbc_hmac_sha1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_cbc_hmac_sha256.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_cbc_hmac_sha256.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_256_cbc_hmac_sha256.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_256_cbc_hmac_sha256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_ccm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_ccm.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_256_ccm.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_256_ccm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_cfb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_cfb1.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_cfb128.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_cfb8.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_ctr.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_ecb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_gcm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_gcm.3ssl.gz
index c7ba48f62..287df4985 100644
Binary files a/msys2/usr/share/man/man3/EVP_aes_256_gcm.3ssl.gz and b/msys2/usr/share/man/man3/EVP_aes_256_gcm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_ocb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_ocb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_ocb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_ofb.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_wrap.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_wrap.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_wrap.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_wrap_pad.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_wrap_pad.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_wrap_pad.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aes_256_xts.3ssl.gz b/msys2/usr/share/man/man3/EVP_aes_256_xts.3ssl.gz
new file mode 100644
index 000000000..287df4985
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aes_256_xts.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_cbc.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_ccm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_ccm.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_ccm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_cfb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_cfb1.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_cfb128.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_cfb8.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_ctr.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_ecb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_gcm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_gcm.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_gcm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_128_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_128_ofb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_128_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_cbc.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_ccm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_ccm.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_ccm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_cfb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_cfb1.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_cfb128.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_cfb8.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_ctr.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_ecb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_gcm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_gcm.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_gcm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_192_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_192_ofb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_192_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_cbc.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_ccm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_ccm.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_ccm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_cfb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_cfb1.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_cfb128.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_cfb8.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_ctr.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_ecb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_gcm.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_gcm.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_gcm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_aria_256_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_aria_256_ofb.3ssl.gz
new file mode 100644
index 000000000..a4c5f1470
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_aria_256_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_bf_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_bf_cbc.3ssl.gz
index c7ba48f62..80f1ea698 100644
Binary files a/msys2/usr/share/man/man3/EVP_bf_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_bf_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_bf_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_bf_cfb.3ssl.gz
index c7ba48f62..80f1ea698 100644
Binary files a/msys2/usr/share/man/man3/EVP_bf_cfb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_bf_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_bf_cfb64.3ssl.gz b/msys2/usr/share/man/man3/EVP_bf_cfb64.3ssl.gz
new file mode 100644
index 000000000..80f1ea698
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_bf_cfb64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_bf_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_bf_ecb.3ssl.gz
index c7ba48f62..80f1ea698 100644
Binary files a/msys2/usr/share/man/man3/EVP_bf_ecb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_bf_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_bf_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_bf_ofb.3ssl.gz
index c7ba48f62..80f1ea698 100644
Binary files a/msys2/usr/share/man/man3/EVP_bf_ofb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_bf_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_blake2b512.3ssl.gz b/msys2/usr/share/man/man3/EVP_blake2b512.3ssl.gz
new file mode 100644
index 000000000..e9f26c33f
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_blake2b512.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_blake2s256.3ssl.gz b/msys2/usr/share/man/man3/EVP_blake2s256.3ssl.gz
new file mode 100644
index 000000000..e9f26c33f
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_blake2s256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_128_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_128_cbc.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_128_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_128_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_128_cfb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_128_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_128_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_128_cfb1.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_128_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_128_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_128_cfb128.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_128_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_128_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_128_cfb8.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_128_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_128_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_128_ctr.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_128_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_128_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_128_ecb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_128_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_128_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_128_ofb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_128_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_192_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_192_cbc.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_192_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_192_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_192_cfb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_192_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_192_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_192_cfb1.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_192_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_192_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_192_cfb128.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_192_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_192_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_192_cfb8.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_192_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_192_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_192_ctr.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_192_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_192_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_192_ecb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_192_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_192_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_192_ofb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_192_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_256_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_256_cbc.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_256_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_256_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_256_cfb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_256_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_256_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_256_cfb1.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_256_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_256_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_256_cfb128.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_256_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_256_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_256_cfb8.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_256_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_256_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_256_ctr.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_256_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_256_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_256_ecb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_256_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_camellia_256_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_camellia_256_ofb.3ssl.gz
new file mode 100644
index 000000000..cbcde4313
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_camellia_256_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_cast5_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_cast5_cbc.3ssl.gz
index c7ba48f62..a8109775d 100644
Binary files a/msys2/usr/share/man/man3/EVP_cast5_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_cast5_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_cast5_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_cast5_cfb.3ssl.gz
index c7ba48f62..a8109775d 100644
Binary files a/msys2/usr/share/man/man3/EVP_cast5_cfb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_cast5_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_cast5_cfb64.3ssl.gz b/msys2/usr/share/man/man3/EVP_cast5_cfb64.3ssl.gz
new file mode 100644
index 000000000..a8109775d
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_cast5_cfb64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_cast5_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_cast5_ecb.3ssl.gz
index c7ba48f62..a8109775d 100644
Binary files a/msys2/usr/share/man/man3/EVP_cast5_ecb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_cast5_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_cast5_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_cast5_ofb.3ssl.gz
index c7ba48f62..a8109775d 100644
Binary files a/msys2/usr/share/man/man3/EVP_cast5_ofb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_cast5_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_chacha20.3ssl.gz b/msys2/usr/share/man/man3/EVP_chacha20.3ssl.gz
new file mode 100644
index 000000000..73a0e13c6
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_chacha20.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_chacha20_poly1305.3ssl.gz b/msys2/usr/share/man/man3/EVP_chacha20_poly1305.3ssl.gz
new file mode 100644
index 000000000..73a0e13c6
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_chacha20_poly1305.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_cleanup.3ssl.gz b/msys2/usr/share/man/man3/EVP_cleanup.3ssl.gz
index 93045096f..63534afae 100644
Binary files a/msys2/usr/share/man/man3/EVP_cleanup.3ssl.gz and b/msys2/usr/share/man/man3/EVP_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des.3ssl.gz b/msys2/usr/share/man/man3/EVP_des.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_cbc.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_cfb.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_cfb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_cfb1.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_cfb64.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_cfb64.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_cfb64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_cfb8.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ecb.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ecb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ede.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ede.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ede3.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ede3.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3_cbc.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ede3_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ede3_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3_cfb.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ede3_cfb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ede3_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3_cfb1.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3_cfb1.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_ede3_cfb1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3_cfb64.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3_cfb64.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_ede3_cfb64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3_cfb8.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3_cfb8.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_ede3_cfb8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3_ecb.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_ede3_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3_ofb.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ede3_ofb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ede3_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede3_wrap.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede3_wrap.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_ede3_wrap.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede_cbc.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ede_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ede_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede_cfb.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ede_cfb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ede_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede_cfb64.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede_cfb64.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_ede_cfb64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede_ecb.3ssl.gz
new file mode 100644
index 000000000..948998d62
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_des_ede_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ede_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ede_ofb.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ede_ofb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ede_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_des_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_des_ofb.3ssl.gz
index c7ba48f62..948998d62 100644
Binary files a/msys2/usr/share/man/man3/EVP_des_ofb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_des_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_desx_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_desx_cbc.3ssl.gz
index c7ba48f62..b792fc47d 100644
Binary files a/msys2/usr/share/man/man3/EVP_desx_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_desx_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_dss.3ssl.gz b/msys2/usr/share/man/man3/EVP_dss.3ssl.gz
deleted file mode 100644
index d50c1b9ec..000000000
Binary files a/msys2/usr/share/man/man3/EVP_dss.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_dss1.3ssl.gz b/msys2/usr/share/man/man3/EVP_dss1.3ssl.gz
deleted file mode 100644
index d50c1b9ec..000000000
Binary files a/msys2/usr/share/man/man3/EVP_dss1.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_enc_null.3ssl.gz b/msys2/usr/share/man/man3/EVP_enc_null.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_enc_null.3ssl.gz and b/msys2/usr/share/man/man3/EVP_enc_null.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_get_cipherbyname.3ssl.gz b/msys2/usr/share/man/man3/EVP_get_cipherbyname.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_get_cipherbyname.3ssl.gz and b/msys2/usr/share/man/man3/EVP_get_cipherbyname.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_get_cipherbynid.3ssl.gz b/msys2/usr/share/man/man3/EVP_get_cipherbynid.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_get_cipherbynid.3ssl.gz and b/msys2/usr/share/man/man3/EVP_get_cipherbynid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_get_cipherbyobj.3ssl.gz b/msys2/usr/share/man/man3/EVP_get_cipherbyobj.3ssl.gz
index c7ba48f62..e7b66ecd4 100644
Binary files a/msys2/usr/share/man/man3/EVP_get_cipherbyobj.3ssl.gz and b/msys2/usr/share/man/man3/EVP_get_cipherbyobj.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_get_digestbyname.3ssl.gz b/msys2/usr/share/man/man3/EVP_get_digestbyname.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_get_digestbyname.3ssl.gz and b/msys2/usr/share/man/man3/EVP_get_digestbyname.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_get_digestbynid.3ssl.gz b/msys2/usr/share/man/man3/EVP_get_digestbynid.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_get_digestbynid.3ssl.gz and b/msys2/usr/share/man/man3/EVP_get_digestbynid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_get_digestbyobj.3ssl.gz b/msys2/usr/share/man/man3/EVP_get_digestbyobj.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_get_digestbyobj.3ssl.gz and b/msys2/usr/share/man/man3/EVP_get_digestbyobj.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_idea_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_idea_cbc.3ssl.gz
index c7ba48f62..4f9de356e 100644
Binary files a/msys2/usr/share/man/man3/EVP_idea_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_idea_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_idea_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_idea_cfb.3ssl.gz
index c7ba48f62..4f9de356e 100644
Binary files a/msys2/usr/share/man/man3/EVP_idea_cfb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_idea_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_idea_cfb64.3ssl.gz b/msys2/usr/share/man/man3/EVP_idea_cfb64.3ssl.gz
new file mode 100644
index 000000000..4f9de356e
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_idea_cfb64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_idea_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_idea_ecb.3ssl.gz
index c7ba48f62..4f9de356e 100644
Binary files a/msys2/usr/share/man/man3/EVP_idea_ecb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_idea_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_idea_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_idea_ofb.3ssl.gz
index c7ba48f62..4f9de356e 100644
Binary files a/msys2/usr/share/man/man3/EVP_idea_ofb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_idea_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_md2.3ssl.gz b/msys2/usr/share/man/man3/EVP_md2.3ssl.gz
index d50c1b9ec..5e7352874 100644
Binary files a/msys2/usr/share/man/man3/EVP_md2.3ssl.gz and b/msys2/usr/share/man/man3/EVP_md2.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_md4.3ssl.gz b/msys2/usr/share/man/man3/EVP_md4.3ssl.gz
new file mode 100644
index 000000000..12221163b
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_md4.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_md5.3ssl.gz b/msys2/usr/share/man/man3/EVP_md5.3ssl.gz
index d50c1b9ec..5aab57f9f 100644
Binary files a/msys2/usr/share/man/man3/EVP_md5.3ssl.gz and b/msys2/usr/share/man/man3/EVP_md5.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_md5_sha1.3ssl.gz b/msys2/usr/share/man/man3/EVP_md5_sha1.3ssl.gz
new file mode 100644
index 000000000..5aab57f9f
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_md5_sha1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_md_null.3ssl.gz b/msys2/usr/share/man/man3/EVP_md_null.3ssl.gz
index d50c1b9ec..22da36504 100644
Binary files a/msys2/usr/share/man/man3/EVP_md_null.3ssl.gz and b/msys2/usr/share/man/man3/EVP_md_null.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_mdc2.3ssl.gz b/msys2/usr/share/man/man3/EVP_mdc2.3ssl.gz
index d50c1b9ec..be1d8fb72 100644
Binary files a/msys2/usr/share/man/man3/EVP_mdc2.3ssl.gz and b/msys2/usr/share/man/man3/EVP_mdc2.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc2_40_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc2_40_cbc.3ssl.gz
index c7ba48f62..88b15c2f7 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc2_40_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc2_40_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc2_64_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc2_64_cbc.3ssl.gz
index c7ba48f62..88b15c2f7 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc2_64_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc2_64_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc2_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc2_cbc.3ssl.gz
index c7ba48f62..88b15c2f7 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc2_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc2_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc2_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc2_cfb.3ssl.gz
index c7ba48f62..88b15c2f7 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc2_cfb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc2_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc2_cfb64.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc2_cfb64.3ssl.gz
new file mode 100644
index 000000000..88b15c2f7
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_rc2_cfb64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc2_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc2_ecb.3ssl.gz
index c7ba48f62..88b15c2f7 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc2_ecb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc2_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc2_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc2_ofb.3ssl.gz
index c7ba48f62..88b15c2f7 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc2_ofb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc2_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc4.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc4.3ssl.gz
index c7ba48f62..e6a84f982 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc4.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc4.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc4_40.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc4_40.3ssl.gz
index c7ba48f62..e6a84f982 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc4_40.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc4_40.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc4_hmac_md5.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc4_hmac_md5.3ssl.gz
index c7ba48f62..e6a84f982 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc4_hmac_md5.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc4_hmac_md5.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cbc.3ssl.gz
index c7ba48f62..9b41edb48 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cbc.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cfb.3ssl.gz
index c7ba48f62..9b41edb48 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cfb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cfb64.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cfb64.3ssl.gz
new file mode 100644
index 000000000..9b41edb48
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_cfb64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_ecb.3ssl.gz
index c7ba48f62..9b41edb48 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_ecb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_ofb.3ssl.gz
index c7ba48f62..9b41edb48 100644
Binary files a/msys2/usr/share/man/man3/EVP_rc5_32_12_16_ofb.3ssl.gz and b/msys2/usr/share/man/man3/EVP_rc5_32_12_16_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_ripemd160.3ssl.gz b/msys2/usr/share/man/man3/EVP_ripemd160.3ssl.gz
index d50c1b9ec..7dcbb019b 100644
Binary files a/msys2/usr/share/man/man3/EVP_ripemd160.3ssl.gz and b/msys2/usr/share/man/man3/EVP_ripemd160.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_seed_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_seed_cbc.3ssl.gz
new file mode 100644
index 000000000..51702ef82
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_seed_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_seed_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_seed_cfb.3ssl.gz
new file mode 100644
index 000000000..51702ef82
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_seed_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_seed_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_seed_cfb128.3ssl.gz
new file mode 100644
index 000000000..51702ef82
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_seed_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_seed_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_seed_ecb.3ssl.gz
new file mode 100644
index 000000000..51702ef82
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_seed_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_seed_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_seed_ofb.3ssl.gz
new file mode 100644
index 000000000..51702ef82
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_seed_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha.3ssl.gz
deleted file mode 100644
index d50c1b9ec..000000000
Binary files a/msys2/usr/share/man/man3/EVP_sha.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/EVP_sha1.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha1.3ssl.gz
index d50c1b9ec..7248d4205 100644
Binary files a/msys2/usr/share/man/man3/EVP_sha1.3ssl.gz and b/msys2/usr/share/man/man3/EVP_sha1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha224.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha224.3ssl.gz
index d50c1b9ec..1be6319e2 100644
Binary files a/msys2/usr/share/man/man3/EVP_sha224.3ssl.gz and b/msys2/usr/share/man/man3/EVP_sha224.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha256.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha256.3ssl.gz
index d50c1b9ec..1be6319e2 100644
Binary files a/msys2/usr/share/man/man3/EVP_sha256.3ssl.gz and b/msys2/usr/share/man/man3/EVP_sha256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha384.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha384.3ssl.gz
index d50c1b9ec..1be6319e2 100644
Binary files a/msys2/usr/share/man/man3/EVP_sha384.3ssl.gz and b/msys2/usr/share/man/man3/EVP_sha384.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha3_224.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha3_224.3ssl.gz
new file mode 100644
index 000000000..a944f1c32
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sha3_224.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha3_256.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha3_256.3ssl.gz
new file mode 100644
index 000000000..a944f1c32
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sha3_256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha3_384.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha3_384.3ssl.gz
new file mode 100644
index 000000000..a944f1c32
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sha3_384.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha3_512.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha3_512.3ssl.gz
new file mode 100644
index 000000000..a944f1c32
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sha3_512.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha512.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha512.3ssl.gz
index d50c1b9ec..1be6319e2 100644
Binary files a/msys2/usr/share/man/man3/EVP_sha512.3ssl.gz and b/msys2/usr/share/man/man3/EVP_sha512.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha512_224.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha512_224.3ssl.gz
new file mode 100644
index 000000000..1be6319e2
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sha512_224.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sha512_256.3ssl.gz b/msys2/usr/share/man/man3/EVP_sha512_256.3ssl.gz
new file mode 100644
index 000000000..1be6319e2
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sha512_256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_shake128.3ssl.gz b/msys2/usr/share/man/man3/EVP_shake128.3ssl.gz
new file mode 100644
index 000000000..a944f1c32
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_shake128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_shake256.3ssl.gz b/msys2/usr/share/man/man3/EVP_shake256.3ssl.gz
new file mode 100644
index 000000000..a944f1c32
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_shake256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sm3.3ssl.gz b/msys2/usr/share/man/man3/EVP_sm3.3ssl.gz
new file mode 100644
index 000000000..460c3b4ca
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sm3.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sm4_cbc.3ssl.gz b/msys2/usr/share/man/man3/EVP_sm4_cbc.3ssl.gz
new file mode 100644
index 000000000..0ebd4fe46
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sm4_cbc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sm4_cfb.3ssl.gz b/msys2/usr/share/man/man3/EVP_sm4_cfb.3ssl.gz
new file mode 100644
index 000000000..0ebd4fe46
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sm4_cfb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sm4_cfb128.3ssl.gz b/msys2/usr/share/man/man3/EVP_sm4_cfb128.3ssl.gz
new file mode 100644
index 000000000..0ebd4fe46
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sm4_cfb128.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sm4_ctr.3ssl.gz b/msys2/usr/share/man/man3/EVP_sm4_ctr.3ssl.gz
new file mode 100644
index 000000000..0ebd4fe46
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sm4_ctr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sm4_ecb.3ssl.gz b/msys2/usr/share/man/man3/EVP_sm4_ecb.3ssl.gz
new file mode 100644
index 000000000..0ebd4fe46
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sm4_ecb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_sm4_ofb.3ssl.gz b/msys2/usr/share/man/man3/EVP_sm4_ofb.3ssl.gz
new file mode 100644
index 000000000..0ebd4fe46
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_sm4_ofb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EVP_whirlpool.3ssl.gz b/msys2/usr/share/man/man3/EVP_whirlpool.3ssl.gz
new file mode 100644
index 000000000..44a657f8d
Binary files /dev/null and b/msys2/usr/share/man/man3/EVP_whirlpool.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EXTENDED_KEY_USAGE_free.3ssl.gz b/msys2/usr/share/man/man3/EXTENDED_KEY_USAGE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/EXTENDED_KEY_USAGE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/EXTENDED_KEY_USAGE_new.3ssl.gz b/msys2/usr/share/man/man3/EXTENDED_KEY_USAGE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/EXTENDED_KEY_USAGE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/GENERAL_NAMES_free.3ssl.gz b/msys2/usr/share/man/man3/GENERAL_NAMES_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/GENERAL_NAMES_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/GENERAL_NAMES_new.3ssl.gz b/msys2/usr/share/man/man3/GENERAL_NAMES_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/GENERAL_NAMES_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/GENERAL_NAME_dup.3ssl.gz b/msys2/usr/share/man/man3/GENERAL_NAME_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/GENERAL_NAME_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/GENERAL_NAME_free.3ssl.gz b/msys2/usr/share/man/man3/GENERAL_NAME_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/GENERAL_NAME_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/GENERAL_NAME_new.3ssl.gz b/msys2/usr/share/man/man3/GENERAL_NAME_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/GENERAL_NAME_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/GENERAL_SUBTREE_free.3ssl.gz b/msys2/usr/share/man/man3/GENERAL_SUBTREE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/GENERAL_SUBTREE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/GENERAL_SUBTREE_new.3ssl.gz b/msys2/usr/share/man/man3/GENERAL_SUBTREE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/GENERAL_SUBTREE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/GEN_SESSION_CB.3ssl.gz b/msys2/usr/share/man/man3/GEN_SESSION_CB.3ssl.gz
new file mode 100644
index 000000000..6579348b6
Binary files /dev/null and b/msys2/usr/share/man/man3/GEN_SESSION_CB.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC.3ssl.gz b/msys2/usr/share/man/man3/HMAC.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_CTX_copy.3ssl.gz b/msys2/usr/share/man/man3/HMAC_CTX_copy.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_CTX_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/HMAC_CTX_free.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_CTX_get_md.3ssl.gz b/msys2/usr/share/man/man3/HMAC_CTX_get_md.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_CTX_get_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/HMAC_CTX_new.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_CTX_reset.3ssl.gz b/msys2/usr/share/man/man3/HMAC_CTX_reset.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_CTX_reset.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_CTX_set_flags.3ssl.gz b/msys2/usr/share/man/man3/HMAC_CTX_set_flags.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_CTX_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_Final.3ssl.gz b/msys2/usr/share/man/man3/HMAC_Final.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_Init.3ssl.gz b/msys2/usr/share/man/man3/HMAC_Init.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_Init_ex.3ssl.gz b/msys2/usr/share/man/man3/HMAC_Init_ex.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_Init_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_Update.3ssl.gz b/msys2/usr/share/man/man3/HMAC_Update.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/HMAC_size.3ssl.gz b/msys2/usr/share/man/man3/HMAC_size.3ssl.gz
new file mode 100644
index 000000000..a677679d0
Binary files /dev/null and b/msys2/usr/share/man/man3/HMAC_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IMPLEMENT_ASN1_FUNCTIONS.3ssl.gz b/msys2/usr/share/man/man3/IMPLEMENT_ASN1_FUNCTIONS.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IMPLEMENT_ASN1_FUNCTIONS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IMPLEMENT_LHASH_COMP_FN.3ssl.gz b/msys2/usr/share/man/man3/IMPLEMENT_LHASH_COMP_FN.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/IMPLEMENT_LHASH_COMP_FN.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IMPLEMENT_LHASH_HASH_FN.3ssl.gz b/msys2/usr/share/man/man3/IMPLEMENT_LHASH_HASH_FN.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/IMPLEMENT_LHASH_HASH_FN.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IPAddressChoice_free.3ssl.gz b/msys2/usr/share/man/man3/IPAddressChoice_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IPAddressChoice_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IPAddressChoice_new.3ssl.gz b/msys2/usr/share/man/man3/IPAddressChoice_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IPAddressChoice_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IPAddressFamily_free.3ssl.gz b/msys2/usr/share/man/man3/IPAddressFamily_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IPAddressFamily_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IPAddressFamily_new.3ssl.gz b/msys2/usr/share/man/man3/IPAddressFamily_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IPAddressFamily_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IPAddressOrRange_free.3ssl.gz b/msys2/usr/share/man/man3/IPAddressOrRange_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IPAddressOrRange_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IPAddressOrRange_new.3ssl.gz b/msys2/usr/share/man/man3/IPAddressOrRange_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IPAddressOrRange_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IPAddressRange_free.3ssl.gz b/msys2/usr/share/man/man3/IPAddressRange_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IPAddressRange_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/IPAddressRange_new.3ssl.gz b/msys2/usr/share/man/man3/IPAddressRange_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/IPAddressRange_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ISSUING_DIST_POINT_free.3ssl.gz b/msys2/usr/share/man/man3/ISSUING_DIST_POINT_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ISSUING_DIST_POINT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ISSUING_DIST_POINT_new.3ssl.gz b/msys2/usr/share/man/man3/ISSUING_DIST_POINT_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/ISSUING_DIST_POINT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/LHASH_DOALL_ARG_FN_TYPE.3ssl.gz b/msys2/usr/share/man/man3/LHASH_DOALL_ARG_FN_TYPE.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/LHASH_DOALL_ARG_FN_TYPE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/LINES.3x.gz b/msys2/usr/share/man/man3/LINES.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/LINES.3x.gz and b/msys2/usr/share/man/man3/LINES.3x.gz differ
diff --git a/msys2/usr/share/man/man3/MD2.3ssl.gz b/msys2/usr/share/man/man3/MD2.3ssl.gz
index 6c8ebac2a..3d7304886 100644
Binary files a/msys2/usr/share/man/man3/MD2.3ssl.gz and b/msys2/usr/share/man/man3/MD2.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD2_Final.3ssl.gz b/msys2/usr/share/man/man3/MD2_Final.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD2_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD2_Init.3ssl.gz b/msys2/usr/share/man/man3/MD2_Init.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD2_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD2_Update.3ssl.gz b/msys2/usr/share/man/man3/MD2_Update.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD2_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD4.3ssl.gz b/msys2/usr/share/man/man3/MD4.3ssl.gz
index 6c8ebac2a..3d7304886 100644
Binary files a/msys2/usr/share/man/man3/MD4.3ssl.gz and b/msys2/usr/share/man/man3/MD4.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD4_Final.3ssl.gz b/msys2/usr/share/man/man3/MD4_Final.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD4_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD4_Init.3ssl.gz b/msys2/usr/share/man/man3/MD4_Init.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD4_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD4_Update.3ssl.gz b/msys2/usr/share/man/man3/MD4_Update.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD4_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD5.3ssl.gz b/msys2/usr/share/man/man3/MD5.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD5.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD5_Final.3ssl.gz b/msys2/usr/share/man/man3/MD5_Final.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD5_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD5_Init.3ssl.gz b/msys2/usr/share/man/man3/MD5_Init.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD5_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MD5_Update.3ssl.gz b/msys2/usr/share/man/man3/MD5_Update.3ssl.gz
new file mode 100644
index 000000000..3d7304886
Binary files /dev/null and b/msys2/usr/share/man/man3/MD5_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MDC2.3ssl.gz b/msys2/usr/share/man/man3/MDC2.3ssl.gz
new file mode 100644
index 000000000..965b3e097
Binary files /dev/null and b/msys2/usr/share/man/man3/MDC2.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MDC2_Final.3ssl.gz b/msys2/usr/share/man/man3/MDC2_Final.3ssl.gz
new file mode 100644
index 000000000..965b3e097
Binary files /dev/null and b/msys2/usr/share/man/man3/MDC2_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MDC2_Init.3ssl.gz b/msys2/usr/share/man/man3/MDC2_Init.3ssl.gz
new file mode 100644
index 000000000..965b3e097
Binary files /dev/null and b/msys2/usr/share/man/man3/MDC2_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/MDC2_Update.3ssl.gz b/msys2/usr/share/man/man3/MDC2_Update.3ssl.gz
new file mode 100644
index 000000000..965b3e097
Binary files /dev/null and b/msys2/usr/share/man/man3/MDC2_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAME_CONSTRAINTS_free.3ssl.gz b/msys2/usr/share/man/man3/NAME_CONSTRAINTS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NAME_CONSTRAINTS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAME_CONSTRAINTS_new.3ssl.gz b/msys2/usr/share/man/man3/NAME_CONSTRAINTS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NAME_CONSTRAINTS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY_free.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityId.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityId.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityId.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityText.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityText.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityText.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityURL.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityURL.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY_get0_authorityURL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY_new.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityId.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityId.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityId.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityText.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityText.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityText.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityURL.3ssl.gz b/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityURL.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/NAMING_AUTHORITY_set0_authorityURL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NETSCAPE_CERT_SEQUENCE_free.3ssl.gz b/msys2/usr/share/man/man3/NETSCAPE_CERT_SEQUENCE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NETSCAPE_CERT_SEQUENCE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NETSCAPE_CERT_SEQUENCE_new.3ssl.gz b/msys2/usr/share/man/man3/NETSCAPE_CERT_SEQUENCE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NETSCAPE_CERT_SEQUENCE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NETSCAPE_SPKAC_free.3ssl.gz b/msys2/usr/share/man/man3/NETSCAPE_SPKAC_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NETSCAPE_SPKAC_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NETSCAPE_SPKAC_new.3ssl.gz b/msys2/usr/share/man/man3/NETSCAPE_SPKAC_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NETSCAPE_SPKAC_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NETSCAPE_SPKI_free.3ssl.gz b/msys2/usr/share/man/man3/NETSCAPE_SPKI_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NETSCAPE_SPKI_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NETSCAPE_SPKI_new.3ssl.gz b/msys2/usr/share/man/man3/NETSCAPE_SPKI_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NETSCAPE_SPKI_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NOTICEREF_free.3ssl.gz b/msys2/usr/share/man/man3/NOTICEREF_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NOTICEREF_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/NOTICEREF_new.3ssl.gz b/msys2/usr/share/man/man3/NOTICEREF_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/NOTICEREF_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_cleanup.3ssl.gz b/msys2/usr/share/man/man3/OBJ_cleanup.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_cleanup.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_cmp.3ssl.gz b/msys2/usr/share/man/man3/OBJ_cmp.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_cmp.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_create.3ssl.gz b/msys2/usr/share/man/man3/OBJ_create.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_create.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_create.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_dup.3ssl.gz b/msys2/usr/share/man/man3/OBJ_dup.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_dup.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_get0_data.3ssl.gz b/msys2/usr/share/man/man3/OBJ_get0_data.3ssl.gz
new file mode 100644
index 000000000..4561bb1f2
Binary files /dev/null and b/msys2/usr/share/man/man3/OBJ_get0_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_length.3ssl.gz b/msys2/usr/share/man/man3/OBJ_length.3ssl.gz
new file mode 100644
index 000000000..4561bb1f2
Binary files /dev/null and b/msys2/usr/share/man/man3/OBJ_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_ln2nid.3ssl.gz b/msys2/usr/share/man/man3/OBJ_ln2nid.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_ln2nid.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_ln2nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_nid2ln.3ssl.gz b/msys2/usr/share/man/man3/OBJ_nid2ln.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_nid2ln.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_nid2ln.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_nid2obj.3ssl.gz b/msys2/usr/share/man/man3/OBJ_nid2obj.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_nid2obj.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_nid2obj.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_nid2sn.3ssl.gz b/msys2/usr/share/man/man3/OBJ_nid2sn.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_nid2sn.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_nid2sn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_obj2nid.3ssl.gz b/msys2/usr/share/man/man3/OBJ_obj2nid.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_obj2nid.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_obj2nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_obj2txt.3ssl.gz b/msys2/usr/share/man/man3/OBJ_obj2txt.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_obj2txt.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_obj2txt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_sn2nid.3ssl.gz b/msys2/usr/share/man/man3/OBJ_sn2nid.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_sn2nid.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_sn2nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_txt2nid.3ssl.gz b/msys2/usr/share/man/man3/OBJ_txt2nid.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_txt2nid.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_txt2nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OBJ_txt2obj.3ssl.gz b/msys2/usr/share/man/man3/OBJ_txt2obj.3ssl.gz
index 623dad7b6..4561bb1f2 100644
Binary files a/msys2/usr/share/man/man3/OBJ_txt2obj.3ssl.gz and b/msys2/usr/share/man/man3/OBJ_txt2obj.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_BASICRESP_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_BASICRESP_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_BASICRESP_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_BASICRESP_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_BASICRESP_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_BASICRESP_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_CERTID_dup.3ssl.gz b/msys2/usr/share/man/man3/OCSP_CERTID_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_CERTID_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_CERTID_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_CERTID_free.3ssl.gz
new file mode 100644
index 000000000..c4e397356
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_CERTID_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_CERTID_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_CERTID_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_CERTID_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_CERTSTATUS_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_CERTSTATUS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_CERTSTATUS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_CERTSTATUS_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_CERTSTATUS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_CERTSTATUS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_CRLID_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_CRLID_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_CRLID_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_CRLID_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_CRLID_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_CRLID_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_ONEREQ_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_ONEREQ_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_ONEREQ_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_ONEREQ_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_ONEREQ_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_ONEREQ_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REQINFO_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REQINFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REQINFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REQINFO_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REQINFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REQINFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REQUEST_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REQUEST_free.3ssl.gz
new file mode 100644
index 000000000..9d3503286
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REQUEST_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REQUEST_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REQUEST_new.3ssl.gz
new file mode 100644
index 000000000..9d3503286
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REQUEST_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REQ_CTX_add1_header.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REQ_CTX_add1_header.3ssl.gz
new file mode 100644
index 000000000..721480a93
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REQ_CTX_add1_header.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REQ_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REQ_CTX_free.3ssl.gz
new file mode 100644
index 000000000..721480a93
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REQ_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REQ_CTX_set1_req.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REQ_CTX_set1_req.3ssl.gz
new file mode 100644
index 000000000..721480a93
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REQ_CTX_set1_req.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPBYTES_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPBYTES_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPBYTES_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPBYTES_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPBYTES_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPBYTES_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPDATA_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPDATA_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPDATA_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPDATA_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPDATA_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPDATA_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPID_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPID_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPID_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPID_match.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPID_match.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPID_match.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPID_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPID_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPID_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPID_set_by_key.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPID_set_by_key.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPID_set_by_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPID_set_by_name.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPID_set_by_name.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPID_set_by_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPONSE_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPONSE_free.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPONSE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_RESPONSE_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_RESPONSE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_RESPONSE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REVOKEDINFO_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REVOKEDINFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REVOKEDINFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_REVOKEDINFO_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_REVOKEDINFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_REVOKEDINFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_SERVICELOC_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_SERVICELOC_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_SERVICELOC_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_SERVICELOC_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_SERVICELOC_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_SERVICELOC_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_SIGNATURE_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_SIGNATURE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_SIGNATURE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_SIGNATURE_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_SIGNATURE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_SIGNATURE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_SINGLERESP_free.3ssl.gz b/msys2/usr/share/man/man3/OCSP_SINGLERESP_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_SINGLERESP_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_SINGLERESP_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_SINGLERESP_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_SINGLERESP_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_basic_add1_nonce.3ssl.gz b/msys2/usr/share/man/man3/OCSP_basic_add1_nonce.3ssl.gz
new file mode 100644
index 000000000..61e19a93a
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_basic_add1_nonce.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_basic_sign.3ssl.gz b/msys2/usr/share/man/man3/OCSP_basic_sign.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_basic_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_basic_sign_ctx.3ssl.gz b/msys2/usr/share/man/man3/OCSP_basic_sign_ctx.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_basic_sign_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_basic_verify.3ssl.gz b/msys2/usr/share/man/man3/OCSP_basic_verify.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_basic_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_cert_id_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_cert_id_new.3ssl.gz
new file mode 100644
index 000000000..c4e397356
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_cert_id_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_cert_to_id.3ssl.gz b/msys2/usr/share/man/man3/OCSP_cert_to_id.3ssl.gz
new file mode 100644
index 000000000..c4e397356
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_cert_to_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_check_nonce.3ssl.gz b/msys2/usr/share/man/man3/OCSP_check_nonce.3ssl.gz
new file mode 100644
index 000000000..61e19a93a
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_check_nonce.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_check_validity.3ssl.gz b/msys2/usr/share/man/man3/OCSP_check_validity.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_check_validity.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_copy_nonce.3ssl.gz b/msys2/usr/share/man/man3/OCSP_copy_nonce.3ssl.gz
new file mode 100644
index 000000000..61e19a93a
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_copy_nonce.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_id_cmp.3ssl.gz b/msys2/usr/share/man/man3/OCSP_id_cmp.3ssl.gz
new file mode 100644
index 000000000..c4e397356
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_id_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_id_get0_info.3ssl.gz b/msys2/usr/share/man/man3/OCSP_id_get0_info.3ssl.gz
new file mode 100644
index 000000000..c4e397356
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_id_get0_info.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_id_issuer_cmp.3ssl.gz b/msys2/usr/share/man/man3/OCSP_id_issuer_cmp.3ssl.gz
new file mode 100644
index 000000000..c4e397356
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_id_issuer_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_request_add0_id.3ssl.gz b/msys2/usr/share/man/man3/OCSP_request_add0_id.3ssl.gz
new file mode 100644
index 000000000..9d3503286
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_request_add0_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_request_add1_cert.3ssl.gz b/msys2/usr/share/man/man3/OCSP_request_add1_cert.3ssl.gz
new file mode 100644
index 000000000..9d3503286
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_request_add1_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_request_add1_nonce.3ssl.gz b/msys2/usr/share/man/man3/OCSP_request_add1_nonce.3ssl.gz
new file mode 100644
index 000000000..61e19a93a
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_request_add1_nonce.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_request_onereq_count.3ssl.gz b/msys2/usr/share/man/man3/OCSP_request_onereq_count.3ssl.gz
new file mode 100644
index 000000000..9d3503286
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_request_onereq_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_request_onereq_get0.3ssl.gz b/msys2/usr/share/man/man3/OCSP_request_onereq_get0.3ssl.gz
new file mode 100644
index 000000000..9d3503286
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_request_onereq_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_request_sign.3ssl.gz b/msys2/usr/share/man/man3/OCSP_request_sign.3ssl.gz
new file mode 100644
index 000000000..9d3503286
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_request_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_count.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_count.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_find.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_find.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_find.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_find_status.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_find_status.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_find_status.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get0.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get0.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get0_certs.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get0_certs.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get0_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get0_id.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get0_id.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get0_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get0_produced_at.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get0_produced_at.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get0_produced_at.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get0_respdata.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get0_respdata.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get0_respdata.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get0_signature.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get0_signature.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get0_signature.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get0_signer.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get0_signer.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get0_signer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get0_tbs_sigalg.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get0_tbs_sigalg.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get0_tbs_sigalg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_resp_get1_id.3ssl.gz b/msys2/usr/share/man/man3/OCSP_resp_get1_id.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_resp_get1_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_response_create.3ssl.gz b/msys2/usr/share/man/man3/OCSP_response_create.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_response_create.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_response_get1_basic.3ssl.gz b/msys2/usr/share/man/man3/OCSP_response_get1_basic.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_response_get1_basic.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_response_status.3ssl.gz b/msys2/usr/share/man/man3/OCSP_response_status.3ssl.gz
new file mode 100644
index 000000000..51a48cb66
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_response_status.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_sendreq_bio.3ssl.gz b/msys2/usr/share/man/man3/OCSP_sendreq_bio.3ssl.gz
new file mode 100644
index 000000000..721480a93
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_sendreq_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_sendreq_nbio.3ssl.gz b/msys2/usr/share/man/man3/OCSP_sendreq_nbio.3ssl.gz
new file mode 100644
index 000000000..721480a93
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_sendreq_nbio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_sendreq_new.3ssl.gz b/msys2/usr/share/man/man3/OCSP_sendreq_new.3ssl.gz
new file mode 100644
index 000000000..721480a93
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_sendreq_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_set_max_response_length.3ssl.gz b/msys2/usr/share/man/man3/OCSP_set_max_response_length.3ssl.gz
new file mode 100644
index 000000000..721480a93
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_set_max_response_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OCSP_single_get0_status.3ssl.gz b/msys2/usr/share/man/man3/OCSP_single_get0_status.3ssl.gz
new file mode 100644
index 000000000..7ab7774f7
Binary files /dev/null and b/msys2/usr/share/man/man3/OCSP_single_get0_status.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_Applink.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_Applink.3ssl.gz
index 3c1be5da7..2e66688c0 100644
Binary files a/msys2/usr/share/man/man3/OPENSSL_Applink.3ssl.gz and b/msys2/usr/share/man/man3/OPENSSL_Applink.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_INIT_free.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_INIT_free.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_INIT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_INIT_new.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_INIT_new.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_INIT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_appname.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_appname.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_appname.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_file_flags.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_file_flags.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_file_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_filename.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_filename.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_INIT_set_config_filename.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_COMPFUNC.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_COMPFUNC.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_COMPFUNC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_DOALL_FUNC.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_DOALL_FUNC.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_DOALL_FUNC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_HASHFUNC.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_HASHFUNC.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_HASHFUNC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_node_stats.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_node_stats.3ssl.gz
new file mode 100644
index 000000000..76c2642a1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_node_stats.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_node_stats_bio.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_node_stats_bio.3ssl.gz
new file mode 100644
index 000000000..76c2642a1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_node_stats_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_node_usage_stats.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_node_usage_stats.3ssl.gz
new file mode 100644
index 000000000..76c2642a1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_node_usage_stats.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_node_usage_stats_bio.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_node_usage_stats_bio.3ssl.gz
new file mode 100644
index 000000000..76c2642a1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_node_usage_stats_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_stats.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_stats.3ssl.gz
new file mode 100644
index 000000000..76c2642a1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_stats.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_LH_stats_bio.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_LH_stats_bio.3ssl.gz
new file mode 100644
index 000000000..76c2642a1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_LH_stats_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_MALLOC_FAILURES.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_MALLOC_FAILURES.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_MALLOC_FAILURES.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_MALLOC_FD.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_MALLOC_FD.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_MALLOC_FD.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_VERSION_NUMBER.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_VERSION_NUMBER.3ssl.gz
index 1f59d5148..ee42b392b 100644
Binary files a/msys2/usr/share/man/man3/OPENSSL_VERSION_NUMBER.3ssl.gz and b/msys2/usr/share/man/man3/OPENSSL_VERSION_NUMBER.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_VERSION_TEXT.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_VERSION_TEXT.3ssl.gz
new file mode 100644
index 000000000..ee42b392b
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_VERSION_TEXT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_atexit.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_atexit.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_atexit.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_buf2hexstr.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_buf2hexstr.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_buf2hexstr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_cipher_name.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_cipher_name.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_cipher_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_cleanse.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_cleanse.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_cleanse.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_cleanup.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_cleanup.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_clear_free.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_clear_free.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_clear_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_clear_realloc.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_clear_realloc.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_clear_realloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_config.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_config.3ssl.gz
index ef2002822..baa208891 100644
Binary files a/msys2/usr/share/man/man3/OPENSSL_config.3ssl.gz and b/msys2/usr/share/man/man3/OPENSSL_config.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_fork_child.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_fork_child.3ssl.gz
new file mode 100644
index 000000000..f898a9cc1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_fork_child.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_fork_parent.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_fork_parent.3ssl.gz
new file mode 100644
index 000000000..f898a9cc1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_fork_parent.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_fork_prepare.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_fork_prepare.3ssl.gz
new file mode 100644
index 000000000..f898a9cc1
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_fork_prepare.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_free.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_free.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_hexchar2int.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_hexchar2int.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_hexchar2int.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_hexstr2buf.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_hexstr2buf.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_hexstr2buf.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_ia32cap.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_ia32cap.3ssl.gz
index ba2c7b070..40b905f29 100644
Binary files a/msys2/usr/share/man/man3/OPENSSL_ia32cap.3ssl.gz and b/msys2/usr/share/man/man3/OPENSSL_ia32cap.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_ia32cap_loc.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_ia32cap_loc.3ssl.gz
deleted file mode 100644
index ba2c7b070..000000000
Binary files a/msys2/usr/share/man/man3/OPENSSL_ia32cap_loc.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_init_crypto.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_init_crypto.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_init_crypto.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_init_ssl.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_init_ssl.3ssl.gz
new file mode 100644
index 000000000..a644d380b
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_init_ssl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_instrument_bus.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_instrument_bus.3ssl.gz
index c7ee53029..c658b1bdd 100644
Binary files a/msys2/usr/share/man/man3/OPENSSL_instrument_bus.3ssl.gz and b/msys2/usr/share/man/man3/OPENSSL_instrument_bus.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_instrument_bus2.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_instrument_bus2.3ssl.gz
index c7ee53029..c658b1bdd 100644
Binary files a/msys2/usr/share/man/man3/OPENSSL_instrument_bus2.3ssl.gz and b/msys2/usr/share/man/man3/OPENSSL_instrument_bus2.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_load_builtin_modules.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_load_builtin_modules.3ssl.gz
index 3013a9a0a..dda2837d0 100644
Binary files a/msys2/usr/share/man/man3/OPENSSL_load_builtin_modules.3ssl.gz and b/msys2/usr/share/man/man3/OPENSSL_load_builtin_modules.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_malloc.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_malloc.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_malloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_malloc_init.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_malloc_init.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_malloc_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_mem_debug_pop.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_mem_debug_pop.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_mem_debug_pop.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_mem_debug_push.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_mem_debug_push.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_mem_debug_push.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_memdup.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_memdup.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_memdup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_no_config.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_no_config.3ssl.gz
index ef2002822..baa208891 100644
Binary files a/msys2/usr/share/man/man3/OPENSSL_no_config.3ssl.gz and b/msys2/usr/share/man/man3/OPENSSL_no_config.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_realloc.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_realloc.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_realloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_secure_actual_size.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_secure_actual_size.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_secure_actual_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_secure_clear_free.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_secure_clear_free.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_secure_clear_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_secure_free.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_secure_free.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_secure_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_secure_malloc.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_secure_malloc.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_secure_malloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_secure_zalloc.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_secure_zalloc.3ssl.gz
new file mode 100644
index 000000000..2ee1c9e5d
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_secure_zalloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_strdup.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_strdup.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_strdup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_strlcat.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_strlcat.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_strlcat.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_strlcpy.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_strlcpy.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_strlcpy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_strndup.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_strndup.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_strndup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_thread_stop.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_thread_stop.3ssl.gz
new file mode 100644
index 000000000..51027a661
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_thread_stop.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OPENSSL_zalloc.3ssl.gz b/msys2/usr/share/man/man3/OPENSSL_zalloc.3ssl.gz
new file mode 100644
index 000000000..0ac889d6c
Binary files /dev/null and b/msys2/usr/share/man/man3/OPENSSL_zalloc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_CTX.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_CTX.3ssl.gz
new file mode 100644
index 000000000..db4abcc32
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_CTX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_free.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_CERT.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_CERT.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_CERT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_CRL.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_CRL.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_NAME.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_NAME.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_NAME_description.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_NAME_description.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_NAME_description.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_PARAMS.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_PKEY.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_PKEY.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get0_PKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_CERT.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_CERT.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_CERT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_CRL.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_CRL.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_NAME.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_NAME.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_NAME_description.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_NAME_description.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_NAME_description.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_PARAMS.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_PKEY.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_PKEY.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get1_PKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_get_type.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get_type.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_get_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_CERT.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_CERT.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_CERT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_CRL.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_CRL.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_NAME.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_NAME.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_PARAMS.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_PKEY.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_PKEY.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_new_PKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_set0_NAME_description.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_set0_NAME_description.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_set0_NAME_description.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_INFO_type_string.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_INFO_type_string.3ssl.gz
new file mode 100644
index 000000000..79fe54ceb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_INFO_type_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_CTX.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_CTX.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_CTX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_free.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_free.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_get0_engine.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_get0_engine.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_get0_engine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_get0_scheme.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_get0_scheme.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_get0_scheme.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_new.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_new.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_close.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_close.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_close.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_ctrl.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_ctrl.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_eof.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_eof.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_eof.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_error.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_error.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_expect.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_expect.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_expect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_find.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_find.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_find.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_load.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_load.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_load.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_open.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_open.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_LOADER_set_open.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_alias.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_alias.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_alias.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_issuer_serial.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_issuer_serial.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_issuer_serial.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_key_fingerprint.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_key_fingerprint.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_key_fingerprint.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_name.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_name.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_by_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_free.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_free.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_bytes.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_bytes.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_digest.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_digest.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_name.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_name.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_serial.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_serial.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_serial.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_string.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_string.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get0_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get_type.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get_type.3ssl.gz
new file mode 100644
index 000000000..9fbb6a692
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_SEARCH_get_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_close.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_close.3ssl.gz
new file mode 100644
index 000000000..db4abcc32
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_close.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_close_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_close_fn.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_close_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_ctrl.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_ctrl.3ssl.gz
new file mode 100644
index 000000000..db4abcc32
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_ctrl_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_ctrl_fn.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_ctrl_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_eof.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_eof.3ssl.gz
new file mode 100644
index 000000000..db4abcc32
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_eof.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_eof_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_eof_fn.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_eof_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_error.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_error.3ssl.gz
new file mode 100644
index 000000000..db4abcc32
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_error_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_error_fn.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_error_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_expect.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_expect.3ssl.gz
new file mode 100644
index 000000000..96f1ccabb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_expect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_expect_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_expect_fn.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_expect_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_find.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_find.3ssl.gz
new file mode 100644
index 000000000..96f1ccabb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_find.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_find_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_find_fn.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_find_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_load.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_load.3ssl.gz
new file mode 100644
index 000000000..db4abcc32
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_load.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_load_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_load_fn.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_load_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_open.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_open.3ssl.gz
new file mode 100644
index 000000000..db4abcc32
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_open.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_open_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_open_fn.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_open_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_post_process_info_fn.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_post_process_info_fn.3ssl.gz
new file mode 100644
index 000000000..db4abcc32
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_post_process_info_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_register_loader.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_register_loader.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_register_loader.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_supports_search.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_supports_search.3ssl.gz
new file mode 100644
index 000000000..96f1ccabb
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_supports_search.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OSSL_STORE_unregister_loader.3ssl.gz b/msys2/usr/share/man/man3/OSSL_STORE_unregister_loader.3ssl.gz
new file mode 100644
index 000000000..19725c6c4
Binary files /dev/null and b/msys2/usr/share/man/man3/OSSL_STORE_unregister_loader.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OTHERNAME_free.3ssl.gz b/msys2/usr/share/man/man3/OTHERNAME_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OTHERNAME_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OTHERNAME_new.3ssl.gz b/msys2/usr/share/man/man3/OTHERNAME_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/OTHERNAME_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OpenSSL_add_all_algorithms.3ssl.gz b/msys2/usr/share/man/man3/OpenSSL_add_all_algorithms.3ssl.gz
index 93045096f..63534afae 100644
Binary files a/msys2/usr/share/man/man3/OpenSSL_add_all_algorithms.3ssl.gz and b/msys2/usr/share/man/man3/OpenSSL_add_all_algorithms.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OpenSSL_add_all_ciphers.3ssl.gz b/msys2/usr/share/man/man3/OpenSSL_add_all_ciphers.3ssl.gz
index 93045096f..63534afae 100644
Binary files a/msys2/usr/share/man/man3/OpenSSL_add_all_ciphers.3ssl.gz and b/msys2/usr/share/man/man3/OpenSSL_add_all_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OpenSSL_add_all_digests.3ssl.gz b/msys2/usr/share/man/man3/OpenSSL_add_all_digests.3ssl.gz
index 93045096f..63534afae 100644
Binary files a/msys2/usr/share/man/man3/OpenSSL_add_all_digests.3ssl.gz and b/msys2/usr/share/man/man3/OpenSSL_add_all_digests.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OpenSSL_add_ssl_algorithms.3ssl.gz b/msys2/usr/share/man/man3/OpenSSL_add_ssl_algorithms.3ssl.gz
index 5d8031ad9..11d12f029 100644
Binary files a/msys2/usr/share/man/man3/OpenSSL_add_ssl_algorithms.3ssl.gz and b/msys2/usr/share/man/man3/OpenSSL_add_ssl_algorithms.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OpenSSL_version.3ssl.gz b/msys2/usr/share/man/man3/OpenSSL_version.3ssl.gz
new file mode 100644
index 000000000..ee42b392b
Binary files /dev/null and b/msys2/usr/share/man/man3/OpenSSL_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/OpenSSL_version_num.3ssl.gz b/msys2/usr/share/man/man3/OpenSSL_version_num.3ssl.gz
new file mode 100644
index 000000000..ee42b392b
Binary files /dev/null and b/msys2/usr/share/man/man3/OpenSSL_version_num.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PAIR_NUMBER.3x.gz b/msys2/usr/share/man/man3/PAIR_NUMBER.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/PAIR_NUMBER.3x.gz and b/msys2/usr/share/man/man3/PAIR_NUMBER.3x.gz differ
diff --git a/msys2/usr/share/man/man3/PBE2PARAM_free.3ssl.gz b/msys2/usr/share/man/man3/PBE2PARAM_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PBE2PARAM_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PBE2PARAM_new.3ssl.gz b/msys2/usr/share/man/man3/PBE2PARAM_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PBE2PARAM_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PBEPARAM_free.3ssl.gz b/msys2/usr/share/man/man3/PBEPARAM_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PBEPARAM_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PBEPARAM_new.3ssl.gz b/msys2/usr/share/man/man3/PBEPARAM_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PBEPARAM_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PBKDF2PARAM_free.3ssl.gz b/msys2/usr/share/man/man3/PBKDF2PARAM_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PBKDF2PARAM_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PBKDF2PARAM_new.3ssl.gz b/msys2/usr/share/man/man3/PBKDF2PARAM_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PBKDF2PARAM_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PC.3x.gz b/msys2/usr/share/man/man3/PC.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/PC.3x.gz and b/msys2/usr/share/man/man3/PC.3x.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_FLAG_EAY_COMPATIBLE.3ssl.gz b/msys2/usr/share/man/man3/PEM_FLAG_EAY_COMPATIBLE.3ssl.gz
new file mode 100644
index 000000000..72c29e01d
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_FLAG_EAY_COMPATIBLE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_FLAG_ONLY_B64.3ssl.gz b/msys2/usr/share/man/man3/PEM_FLAG_ONLY_B64.3ssl.gz
new file mode 100644
index 000000000..72c29e01d
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_FLAG_ONLY_B64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_FLAG_SECURE.3ssl.gz b/msys2/usr/share/man/man3/PEM_FLAG_SECURE.3ssl.gz
new file mode 100644
index 000000000..72c29e01d
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_FLAG_SECURE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_bytes_read_bio.3ssl.gz b/msys2/usr/share/man/man3/PEM_bytes_read_bio.3ssl.gz
new file mode 100644
index 000000000..bf72e41eb
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_bytes_read_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_bytes_read_bio_secmem.3ssl.gz b/msys2/usr/share/man/man3/PEM_bytes_read_bio_secmem.3ssl.gz
new file mode 100644
index 000000000..bf72e41eb
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_bytes_read_bio_secmem.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_do_header.3ssl.gz b/msys2/usr/share/man/man3/PEM_do_header.3ssl.gz
new file mode 100644
index 000000000..05736ba42
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_do_header.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_get_EVP_CIPHER_INFO.3ssl.gz b/msys2/usr/share/man/man3/PEM_get_EVP_CIPHER_INFO.3ssl.gz
new file mode 100644
index 000000000..05736ba42
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_get_EVP_CIPHER_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read.3ssl.gz b/msys2/usr/share/man/man3/PEM_read.3ssl.gz
new file mode 100644
index 000000000..05736ba42
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_CMS.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_CMS.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_CMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_DHparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_DHparams.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_DHparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_DSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_DSAPrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_DSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_DSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_DSA_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_DSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_DSAparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_DSAparams.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_DSAparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_ECPKParameters.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_ECPKParameters.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_ECPKParameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_ECPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_ECPrivateKey.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_ECPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_EC_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_EC_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_EC_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_NETSCAPE_CERT_SEQUENCE.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_NETSCAPE_CERT_SEQUENCE.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_NETSCAPE_CERT_SEQUENCE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_PKCS7.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_PKCS7.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_PKCS7.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_PKCS8.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_PKCS8.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_PKCS8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_PKCS8_PRIV_KEY_INFO.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_PKCS8_PRIV_KEY_INFO.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_PKCS8_PRIV_KEY_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_PrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_RSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_RSAPrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_RSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_RSAPublicKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_RSAPublicKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_RSAPublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_RSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_RSA_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_RSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_SSL_SESSION.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_SSL_SESSION.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_SSL_SESSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_X509.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_X509.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_X509.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_X509_AUX.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_X509_AUX.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_X509_AUX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_X509_CRL.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_X509_CRL.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_X509_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_X509_REQ.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_X509_REQ.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_X509_REQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio.3ssl.gz
new file mode 100644
index 000000000..05736ba42
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_CMS.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_CMS.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_CMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_DHparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_DHparams.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_DHparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_DSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_DSAPrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_DSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_DSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_DSA_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_DSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_DSAparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_DSAparams.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_DSAparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_ECPKParameters.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_ECPKParameters.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_ECPKParameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_EC_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_EC_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_EC_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_NETSCAPE_CERT_SEQUENCE.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_NETSCAPE_CERT_SEQUENCE.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_NETSCAPE_CERT_SEQUENCE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_PKCS7.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_PKCS7.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_PKCS7.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_PKCS8.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_PKCS8.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_PKCS8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_PrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_RSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_RSAPrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_RSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_RSAPublicKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_RSAPublicKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_RSAPublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_RSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_RSA_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_RSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_SSL_SESSION.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_SSL_SESSION.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_SSL_SESSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_X509.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_X509.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_X509.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_X509_AUX.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_X509_AUX.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_X509_AUX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_X509_CRL.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_X509_CRL.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_X509_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_X509_REQ.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_X509_REQ.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_X509_REQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_read_bio_ex.3ssl.gz b/msys2/usr/share/man/man3/PEM_read_bio_ex.3ssl.gz
new file mode 100644
index 000000000..72c29e01d
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_read_bio_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write.3ssl.gz b/msys2/usr/share/man/man3/PEM_write.3ssl.gz
new file mode 100644
index 000000000..05736ba42
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_CMS.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_CMS.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_CMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_DHparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_DHparams.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_DHparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_DHxparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_DHxparams.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_DHxparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_DSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_DSAPrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_DSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_DSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_DSA_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_DSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_DSAparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_DSAparams.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_DSAparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_ECPKParameters.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_ECPKParameters.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_ECPKParameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_ECPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_ECPrivateKey.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_ECPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_EC_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_EC_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_EC_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_NETSCAPE_CERT_SEQUENCE.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_NETSCAPE_CERT_SEQUENCE.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_NETSCAPE_CERT_SEQUENCE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_PKCS7.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_PKCS7.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_PKCS7.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_PKCS8.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_PKCS8.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_PKCS8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_PKCS8PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_PKCS8PrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_PKCS8PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_PKCS8PrivateKey_nid.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_PKCS8PrivateKey_nid.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_PKCS8PrivateKey_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_PKCS8_PRIV_KEY_INFO.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_PKCS8_PRIV_KEY_INFO.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_PKCS8_PRIV_KEY_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_PrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_RSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_RSAPrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_RSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_RSAPublicKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_RSAPublicKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_RSAPublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_RSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_RSA_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_RSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_SSL_SESSION.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_SSL_SESSION.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_SSL_SESSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_X509.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_X509.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_X509.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_X509_AUX.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_X509_AUX.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_X509_AUX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_X509_CRL.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_X509_CRL.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_X509_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_X509_REQ.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_X509_REQ.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_X509_REQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_X509_REQ_NEW.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_X509_REQ_NEW.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_X509_REQ_NEW.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio.3ssl.gz
new file mode 100644
index 000000000..05736ba42
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_CMS.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_CMS.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_CMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_CMS_stream.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_CMS_stream.3ssl.gz
index a5050d91f..2834f06c9 100644
Binary files a/msys2/usr/share/man/man3/PEM_write_bio_CMS_stream.3ssl.gz and b/msys2/usr/share/man/man3/PEM_write_bio_CMS_stream.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_DHparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_DHparams.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_DHparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_DHxparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_DHxparams.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_DHxparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_DSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_DSAPrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_DSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_DSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_DSA_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_DSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_DSAparams.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_DSAparams.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_DSAparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_ECPKParameters.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_ECPKParameters.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_ECPKParameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_ECPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_ECPrivateKey.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_ECPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_EC_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_EC_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_EC_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_NETSCAPE_CERT_SEQUENCE.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_NETSCAPE_CERT_SEQUENCE.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_NETSCAPE_CERT_SEQUENCE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PKCS7.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PKCS7.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_PKCS7.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PKCS7_stream.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PKCS7_stream.3ssl.gz
index dc6becbce..e4581039c 100644
Binary files a/msys2/usr/share/man/man3/PEM_write_bio_PKCS7_stream.3ssl.gz and b/msys2/usr/share/man/man3/PEM_write_bio_PKCS7_stream.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PKCS8.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PKCS8.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_PKCS8.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PKCS8PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PKCS8PrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_PKCS8PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PKCS8PrivateKey_nid.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PKCS8PrivateKey_nid.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_PKCS8PrivateKey_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_PrivateKey_traditional.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_PrivateKey_traditional.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_PrivateKey_traditional.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_RSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_RSAPrivateKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_RSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_RSAPublicKey.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_RSAPublicKey.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_RSAPublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_RSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_RSA_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_RSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_SSL_SESSION.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_SSL_SESSION.3ssl.gz
new file mode 100644
index 000000000..6d2c23c40
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_SSL_SESSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_X509.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_X509.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_X509.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_X509_AUX.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_X509_AUX.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_X509_AUX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_X509_CRL.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_X509_CRL.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_X509_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_X509_REQ.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_X509_REQ.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_X509_REQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PEM_write_bio_X509_REQ_NEW.3ssl.gz b/msys2/usr/share/man/man3/PEM_write_bio_X509_REQ_NEW.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/PEM_write_bio_X509_REQ_NEW.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_BAGS_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_BAGS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_BAGS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_BAGS_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_BAGS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_BAGS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_MAC_DATA_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_MAC_DATA_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_MAC_DATA_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_MAC_DATA_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_MAC_DATA_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_MAC_DATA_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_SAFEBAG_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_SAFEBAG_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_SAFEBAG_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_SAFEBAG_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_SAFEBAG_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_SAFEBAG_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_create.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_create.3ssl.gz
index 65633d06d..ee0894a7e 100644
Binary files a/msys2/usr/share/man/man3/PKCS12_create.3ssl.gz and b/msys2/usr/share/man/man3/PKCS12_create.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_newpass.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_newpass.3ssl.gz
new file mode 100644
index 000000000..fba042739
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS12_newpass.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS12_parse.3ssl.gz b/msys2/usr/share/man/man3/PKCS12_parse.3ssl.gz
index 4bb2bffc6..1a95f8bb7 100644
Binary files a/msys2/usr/share/man/man3/PKCS12_parse.3ssl.gz and b/msys2/usr/share/man/man3/PKCS12_parse.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS5_PBKDF2_HMAC.3ssl.gz b/msys2/usr/share/man/man3/PKCS5_PBKDF2_HMAC.3ssl.gz
new file mode 100644
index 000000000..0d011fac4
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS5_PBKDF2_HMAC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3ssl.gz b/msys2/usr/share/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3ssl.gz
new file mode 100644
index 000000000..0d011fac4
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_DIGEST_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_DIGEST_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_DIGEST_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_DIGEST_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_DIGEST_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_DIGEST_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ENCRYPT_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ENCRYPT_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ENCRYPT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ENCRYPT_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ENCRYPT_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ENCRYPT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ENC_CONTENT_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ENC_CONTENT_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ENC_CONTENT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ENC_CONTENT_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ENC_CONTENT_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ENC_CONTENT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ENVELOPE_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ENVELOPE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ENVELOPE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ENVELOPE_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ENVELOPE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ENVELOPE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_digest.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_digest.3ssl.gz
new file mode 100644
index 000000000..c9b6b29b9
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_RECIP_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_RECIP_INFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_RECIP_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_RECIP_INFO_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_RECIP_INFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_RECIP_INFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_SIGNED_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_SIGNED_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_SIGNED_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_SIGNED_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_SIGNED_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_SIGNED_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_SIGNER_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_SIGNER_INFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_SIGNER_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_SIGNER_INFO_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_SIGNER_INFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_SIGNER_INFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_SIGN_ENVELOPE_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_SIGN_ENVELOPE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_SIGN_ENVELOPE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_SIGN_ENVELOPE_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_SIGN_ENVELOPE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_SIGN_ENVELOPE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_decrypt.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_decrypt.3ssl.gz
index f26b81360..7f3d441be 100644
Binary files a/msys2/usr/share/man/man3/PKCS7_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/PKCS7_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_dup.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_encrypt.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_encrypt.3ssl.gz
index 3a4f2d785..1d1d11534 100644
Binary files a/msys2/usr/share/man/man3/PKCS7_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/PKCS7_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_get0_signers.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_get0_signers.3ssl.gz
index d341a6239..e9055c2bd 100644
Binary files a/msys2/usr/share/man/man3/PKCS7_get0_signers.3ssl.gz and b/msys2/usr/share/man/man3/PKCS7_get0_signers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_print_ctx.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_print_ctx.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS7_print_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_sign.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_sign.3ssl.gz
index c52a68c1b..83bce2226 100644
Binary files a/msys2/usr/share/man/man3/PKCS7_sign.3ssl.gz and b/msys2/usr/share/man/man3/PKCS7_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_sign_add_signer.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_sign_add_signer.3ssl.gz
index 2136b9a7a..1cf3920d6 100644
Binary files a/msys2/usr/share/man/man3/PKCS7_sign_add_signer.3ssl.gz and b/msys2/usr/share/man/man3/PKCS7_sign_add_signer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS7_verify.3ssl.gz b/msys2/usr/share/man/man3/PKCS7_verify.3ssl.gz
index d341a6239..e9055c2bd 100644
Binary files a/msys2/usr/share/man/man3/PKCS7_verify.3ssl.gz and b/msys2/usr/share/man/man3/PKCS7_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS8_PRIV_KEY_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/PKCS8_PRIV_KEY_INFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS8_PRIV_KEY_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKCS8_PRIV_KEY_INFO_new.3ssl.gz b/msys2/usr/share/man/man3/PKCS8_PRIV_KEY_INFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKCS8_PRIV_KEY_INFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKEY_USAGE_PERIOD_free.3ssl.gz b/msys2/usr/share/man/man3/PKEY_USAGE_PERIOD_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKEY_USAGE_PERIOD_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PKEY_USAGE_PERIOD_new.3ssl.gz b/msys2/usr/share/man/man3/PKEY_USAGE_PERIOD_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PKEY_USAGE_PERIOD_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/POLICYINFO_free.3ssl.gz b/msys2/usr/share/man/man3/POLICYINFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/POLICYINFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/POLICYINFO_new.3ssl.gz b/msys2/usr/share/man/man3/POLICYINFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/POLICYINFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/POLICYQUALINFO_free.3ssl.gz b/msys2/usr/share/man/man3/POLICYQUALINFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/POLICYQUALINFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/POLICYQUALINFO_new.3ssl.gz b/msys2/usr/share/man/man3/POLICYQUALINFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/POLICYQUALINFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/POLICY_CONSTRAINTS_free.3ssl.gz b/msys2/usr/share/man/man3/POLICY_CONSTRAINTS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/POLICY_CONSTRAINTS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/POLICY_CONSTRAINTS_new.3ssl.gz b/msys2/usr/share/man/man3/POLICY_CONSTRAINTS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/POLICY_CONSTRAINTS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/POLICY_MAPPING_free.3ssl.gz b/msys2/usr/share/man/man3/POLICY_MAPPING_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/POLICY_MAPPING_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/POLICY_MAPPING_new.3ssl.gz b/msys2/usr/share/man/man3/POLICY_MAPPING_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/POLICY_MAPPING_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFOS.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFOS.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFOS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFOS_free.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFOS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFOS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFOS_new.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFOS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFOS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_get0_addProfessionInfo.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_addProfessionInfo.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_addProfessionInfo.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_get0_namingAuthority.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_namingAuthority.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_namingAuthority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_get0_professionItems.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_professionItems.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_professionItems.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_get0_professionOIDs.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_professionOIDs.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_professionOIDs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_get0_registrationNumber.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_registrationNumber.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_get0_registrationNumber.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_new.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_set0_addProfessionInfo.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_addProfessionInfo.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_addProfessionInfo.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_set0_namingAuthority.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_namingAuthority.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_namingAuthority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_set0_professionItems.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_professionItems.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_professionItems.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_set0_professionOIDs.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_professionOIDs.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_professionOIDs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROFESSION_INFO_set0_registrationNumber.3ssl.gz b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_registrationNumber.3ssl.gz
new file mode 100644
index 000000000..0ef397c67
Binary files /dev/null and b/msys2/usr/share/man/man3/PROFESSION_INFO_set0_registrationNumber.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROXY_CERT_INFO_EXTENSION_free.3ssl.gz b/msys2/usr/share/man/man3/PROXY_CERT_INFO_EXTENSION_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PROXY_CERT_INFO_EXTENSION_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROXY_CERT_INFO_EXTENSION_new.3ssl.gz b/msys2/usr/share/man/man3/PROXY_CERT_INFO_EXTENSION_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PROXY_CERT_INFO_EXTENSION_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROXY_POLICY_free.3ssl.gz b/msys2/usr/share/man/man3/PROXY_POLICY_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PROXY_POLICY_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/PROXY_POLICY_new.3ssl.gz b/msys2/usr/share/man/man3/PROXY_POLICY_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/PROXY_POLICY_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_bytes.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_bytes.3ssl.gz
new file mode 100644
index 000000000..f489cf628
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_cleanup_entropy_fn.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_cleanup_entropy_fn.3ssl.gz
new file mode 100644
index 000000000..78f78c856
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_cleanup_entropy_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_cleanup_nonce_fn.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_cleanup_nonce_fn.3ssl.gz
new file mode 100644
index 000000000..78f78c856
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_cleanup_nonce_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_free.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_free.3ssl.gz
new file mode 100644
index 000000000..14a0eb183
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_generate.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_generate.3ssl.gz
new file mode 100644
index 000000000..f489cf628
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_generate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_get0_master.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_get0_master.3ssl.gz
new file mode 100644
index 000000000..cb84fcf6f
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_get0_master.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_get0_private.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_get0_private.3ssl.gz
new file mode 100644
index 000000000..cb84fcf6f
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_get0_private.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_get0_public.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_get0_public.3ssl.gz
new file mode 100644
index 000000000..cb84fcf6f
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_get0_public.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_get_entropy_fn.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_get_entropy_fn.3ssl.gz
new file mode 100644
index 000000000..78f78c856
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_get_entropy_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..3f39d87be
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..3f39d87be
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_get_nonce_fn.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_get_nonce_fn.3ssl.gz
new file mode 100644
index 000000000..78f78c856
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_get_nonce_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_instantiate.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_instantiate.3ssl.gz
new file mode 100644
index 000000000..14a0eb183
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_instantiate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_new.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_new.3ssl.gz
new file mode 100644
index 000000000..14a0eb183
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_reseed.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_reseed.3ssl.gz
new file mode 100644
index 000000000..018d8e218
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_reseed.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_secure_new.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_secure_new.3ssl.gz
new file mode 100644
index 000000000..14a0eb183
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_secure_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_set.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_set.3ssl.gz
new file mode 100644
index 000000000..14a0eb183
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_set_callbacks.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_set_callbacks.3ssl.gz
new file mode 100644
index 000000000..78f78c856
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_set_callbacks.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_set_defaults.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_set_defaults.3ssl.gz
new file mode 100644
index 000000000..14a0eb183
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_set_defaults.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..3f39d87be
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_defaults.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_defaults.3ssl.gz
new file mode 100644
index 000000000..018d8e218
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_defaults.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_interval.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_interval.3ssl.gz
new file mode 100644
index 000000000..018d8e218
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_interval.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_time_interval.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_time_interval.3ssl.gz
new file mode 100644
index 000000000..018d8e218
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_set_reseed_time_interval.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_DRBG_uninstantiate.3ssl.gz b/msys2/usr/share/man/man3/RAND_DRBG_uninstantiate.3ssl.gz
new file mode 100644
index 000000000..14a0eb183
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_DRBG_uninstantiate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_OpenSSL.3ssl.gz b/msys2/usr/share/man/man3/RAND_OpenSSL.3ssl.gz
new file mode 100644
index 000000000..9e7e00a46
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_OpenSSL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_SSLeay.3ssl.gz b/msys2/usr/share/man/man3/RAND_SSLeay.3ssl.gz
deleted file mode 100644
index 205cecc1c..000000000
Binary files a/msys2/usr/share/man/man3/RAND_SSLeay.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/RAND_add.3ssl.gz b/msys2/usr/share/man/man3/RAND_add.3ssl.gz
index 269e7f256..298660c45 100644
Binary files a/msys2/usr/share/man/man3/RAND_add.3ssl.gz and b/msys2/usr/share/man/man3/RAND_add.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_bytes.3ssl.gz b/msys2/usr/share/man/man3/RAND_bytes.3ssl.gz
index bae1015ef..89da35a06 100644
Binary files a/msys2/usr/share/man/man3/RAND_bytes.3ssl.gz and b/msys2/usr/share/man/man3/RAND_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_cleanup.3ssl.gz b/msys2/usr/share/man/man3/RAND_cleanup.3ssl.gz
index c28412a9f..de6ca5b38 100644
Binary files a/msys2/usr/share/man/man3/RAND_cleanup.3ssl.gz and b/msys2/usr/share/man/man3/RAND_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_egd.3ssl.gz b/msys2/usr/share/man/man3/RAND_egd.3ssl.gz
index ae426fe1c..378d956d6 100644
Binary files a/msys2/usr/share/man/man3/RAND_egd.3ssl.gz and b/msys2/usr/share/man/man3/RAND_egd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_egd_bytes.3ssl.gz b/msys2/usr/share/man/man3/RAND_egd_bytes.3ssl.gz
index ae426fe1c..378d956d6 100644
Binary files a/msys2/usr/share/man/man3/RAND_egd_bytes.3ssl.gz and b/msys2/usr/share/man/man3/RAND_egd_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_event.3ssl.gz b/msys2/usr/share/man/man3/RAND_event.3ssl.gz
index 269e7f256..298660c45 100644
Binary files a/msys2/usr/share/man/man3/RAND_event.3ssl.gz and b/msys2/usr/share/man/man3/RAND_event.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_file_name.3ssl.gz b/msys2/usr/share/man/man3/RAND_file_name.3ssl.gz
index 225edba8f..e77787c25 100644
Binary files a/msys2/usr/share/man/man3/RAND_file_name.3ssl.gz and b/msys2/usr/share/man/man3/RAND_file_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_get_rand_method.3ssl.gz b/msys2/usr/share/man/man3/RAND_get_rand_method.3ssl.gz
index 205cecc1c..9e7e00a46 100644
Binary files a/msys2/usr/share/man/man3/RAND_get_rand_method.3ssl.gz and b/msys2/usr/share/man/man3/RAND_get_rand_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_keep_random_devices_open.3ssl.gz b/msys2/usr/share/man/man3/RAND_keep_random_devices_open.3ssl.gz
new file mode 100644
index 000000000..298660c45
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_keep_random_devices_open.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_load_file.3ssl.gz b/msys2/usr/share/man/man3/RAND_load_file.3ssl.gz
index 225edba8f..e77787c25 100644
Binary files a/msys2/usr/share/man/man3/RAND_load_file.3ssl.gz and b/msys2/usr/share/man/man3/RAND_load_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_poll.3ssl.gz b/msys2/usr/share/man/man3/RAND_poll.3ssl.gz
new file mode 100644
index 000000000..298660c45
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_poll.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_priv_bytes.3ssl.gz b/msys2/usr/share/man/man3/RAND_priv_bytes.3ssl.gz
new file mode 100644
index 000000000..89da35a06
Binary files /dev/null and b/msys2/usr/share/man/man3/RAND_priv_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_pseudo_bytes.3ssl.gz b/msys2/usr/share/man/man3/RAND_pseudo_bytes.3ssl.gz
index bae1015ef..89da35a06 100644
Binary files a/msys2/usr/share/man/man3/RAND_pseudo_bytes.3ssl.gz and b/msys2/usr/share/man/man3/RAND_pseudo_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_query_egd_bytes.3ssl.gz b/msys2/usr/share/man/man3/RAND_query_egd_bytes.3ssl.gz
index ae426fe1c..378d956d6 100644
Binary files a/msys2/usr/share/man/man3/RAND_query_egd_bytes.3ssl.gz and b/msys2/usr/share/man/man3/RAND_query_egd_bytes.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_screen.3ssl.gz b/msys2/usr/share/man/man3/RAND_screen.3ssl.gz
index 269e7f256..298660c45 100644
Binary files a/msys2/usr/share/man/man3/RAND_screen.3ssl.gz and b/msys2/usr/share/man/man3/RAND_screen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_seed.3ssl.gz b/msys2/usr/share/man/man3/RAND_seed.3ssl.gz
index 269e7f256..298660c45 100644
Binary files a/msys2/usr/share/man/man3/RAND_seed.3ssl.gz and b/msys2/usr/share/man/man3/RAND_seed.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_set_rand_method.3ssl.gz b/msys2/usr/share/man/man3/RAND_set_rand_method.3ssl.gz
index 205cecc1c..9e7e00a46 100644
Binary files a/msys2/usr/share/man/man3/RAND_set_rand_method.3ssl.gz and b/msys2/usr/share/man/man3/RAND_set_rand_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_status.3ssl.gz b/msys2/usr/share/man/man3/RAND_status.3ssl.gz
index 269e7f256..298660c45 100644
Binary files a/msys2/usr/share/man/man3/RAND_status.3ssl.gz and b/msys2/usr/share/man/man3/RAND_status.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RAND_write_file.3ssl.gz b/msys2/usr/share/man/man3/RAND_write_file.3ssl.gz
index 225edba8f..e77787c25 100644
Binary files a/msys2/usr/share/man/man3/RAND_write_file.3ssl.gz and b/msys2/usr/share/man/man3/RAND_write_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RC4.3ssl.gz b/msys2/usr/share/man/man3/RC4.3ssl.gz
new file mode 100644
index 000000000..084735158
Binary files /dev/null and b/msys2/usr/share/man/man3/RC4.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RC4_set_key.3ssl.gz b/msys2/usr/share/man/man3/RC4_set_key.3ssl.gz
index 1ec1ef9e5..084735158 100644
Binary files a/msys2/usr/share/man/man3/RC4_set_key.3ssl.gz and b/msys2/usr/share/man/man3/RC4_set_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RIPEMD160.3ssl.gz b/msys2/usr/share/man/man3/RIPEMD160.3ssl.gz
index 28d770166..6a950eed9 100644
Binary files a/msys2/usr/share/man/man3/RIPEMD160.3ssl.gz and b/msys2/usr/share/man/man3/RIPEMD160.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RIPEMD160_Final.3ssl.gz b/msys2/usr/share/man/man3/RIPEMD160_Final.3ssl.gz
index 28d770166..6a950eed9 100644
Binary files a/msys2/usr/share/man/man3/RIPEMD160_Final.3ssl.gz and b/msys2/usr/share/man/man3/RIPEMD160_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RIPEMD160_Init.3ssl.gz b/msys2/usr/share/man/man3/RIPEMD160_Init.3ssl.gz
index 28d770166..6a950eed9 100644
Binary files a/msys2/usr/share/man/man3/RIPEMD160_Init.3ssl.gz and b/msys2/usr/share/man/man3/RIPEMD160_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RIPEMD160_Update.3ssl.gz b/msys2/usr/share/man/man3/RIPEMD160_Update.3ssl.gz
index 28d770166..6a950eed9 100644
Binary files a/msys2/usr/share/man/man3/RIPEMD160_Update.3ssl.gz and b/msys2/usr/share/man/man3/RIPEMD160_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSAPrivateKey_dup.3ssl.gz b/msys2/usr/share/man/man3/RSAPrivateKey_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/RSAPrivateKey_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSAPublicKey_dup.3ssl.gz b/msys2/usr/share/man/man3/RSAPublicKey_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/RSAPublicKey_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_OAEP_PARAMS_free.3ssl.gz b/msys2/usr/share/man/man3/RSA_OAEP_PARAMS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_OAEP_PARAMS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_OAEP_PARAMS_new.3ssl.gz b/msys2/usr/share/man/man3/RSA_OAEP_PARAMS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_OAEP_PARAMS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_PKCS1_OpenSSL.3ssl.gz b/msys2/usr/share/man/man3/RSA_PKCS1_OpenSSL.3ssl.gz
new file mode 100644
index 000000000..e497b42d9
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_PKCS1_OpenSSL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_PKCS1_SSLeay.3ssl.gz b/msys2/usr/share/man/man3/RSA_PKCS1_SSLeay.3ssl.gz
deleted file mode 100644
index cf10d8c1c..000000000
Binary files a/msys2/usr/share/man/man3/RSA_PKCS1_SSLeay.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/RSA_PSS_PARAMS_free.3ssl.gz b/msys2/usr/share/man/man3/RSA_PSS_PARAMS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_PSS_PARAMS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_PSS_PARAMS_new.3ssl.gz b/msys2/usr/share/man/man3/RSA_PSS_PARAMS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_PSS_PARAMS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_bits.3ssl.gz b/msys2/usr/share/man/man3/RSA_bits.3ssl.gz
new file mode 100644
index 000000000..4f05da984
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_blinding_off.3ssl.gz b/msys2/usr/share/man/man3/RSA_blinding_off.3ssl.gz
index f16ab4b71..19feb2a11 100644
Binary files a/msys2/usr/share/man/man3/RSA_blinding_off.3ssl.gz and b/msys2/usr/share/man/man3/RSA_blinding_off.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_blinding_on.3ssl.gz b/msys2/usr/share/man/man3/RSA_blinding_on.3ssl.gz
index f16ab4b71..19feb2a11 100644
Binary files a/msys2/usr/share/man/man3/RSA_blinding_on.3ssl.gz and b/msys2/usr/share/man/man3/RSA_blinding_on.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_check_key.3ssl.gz b/msys2/usr/share/man/man3/RSA_check_key.3ssl.gz
index aae3fd9fe..6879bdd12 100644
Binary files a/msys2/usr/share/man/man3/RSA_check_key.3ssl.gz and b/msys2/usr/share/man/man3/RSA_check_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_check_key_ex.3ssl.gz b/msys2/usr/share/man/man3/RSA_check_key_ex.3ssl.gz
new file mode 100644
index 000000000..6879bdd12
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_check_key_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/RSA_clear_flags.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_flags.3ssl.gz b/msys2/usr/share/man/man3/RSA_flags.3ssl.gz
index cf10d8c1c..e497b42d9 100644
Binary files a/msys2/usr/share/man/man3/RSA_flags.3ssl.gz and b/msys2/usr/share/man/man3/RSA_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_free.3ssl.gz b/msys2/usr/share/man/man3/RSA_free.3ssl.gz
index fefb9e02f..401d8ee93 100644
Binary files a/msys2/usr/share/man/man3/RSA_free.3ssl.gz and b/msys2/usr/share/man/man3/RSA_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_generate_key.3ssl.gz b/msys2/usr/share/man/man3/RSA_generate_key.3ssl.gz
index 11f47dd1c..f4eecb0ae 100644
Binary files a/msys2/usr/share/man/man3/RSA_generate_key.3ssl.gz and b/msys2/usr/share/man/man3/RSA_generate_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_generate_key_ex.3ssl.gz b/msys2/usr/share/man/man3/RSA_generate_key_ex.3ssl.gz
index 11f47dd1c..f4eecb0ae 100644
Binary files a/msys2/usr/share/man/man3/RSA_generate_key_ex.3ssl.gz and b/msys2/usr/share/man/man3/RSA_generate_key_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_generate_multi_prime_key.3ssl.gz b/msys2/usr/share/man/man3/RSA_generate_multi_prime_key.3ssl.gz
new file mode 100644
index 000000000..f4eecb0ae
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_generate_multi_prime_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_crt_params.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_crt_params.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_crt_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_d.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_d.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_d.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_dmp1.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_dmp1.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_dmp1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_dmq1.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_dmq1.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_dmq1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_e.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_e.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_e.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_engine.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_engine.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_engine.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_factors.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_factors.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_factors.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_iqmp.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_iqmp.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_iqmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_key.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_key.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_multi_prime_crt_params.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_multi_prime_crt_params.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_multi_prime_crt_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_multi_prime_factors.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_multi_prime_factors.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_multi_prime_factors.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_n.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_n.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_n.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_p.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_p.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_p.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get0_q.3ssl.gz b/msys2/usr/share/man/man3/RSA_get0_q.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get0_q.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get_default_method.3ssl.gz b/msys2/usr/share/man/man3/RSA_get_default_method.3ssl.gz
index cf10d8c1c..e497b42d9 100644
Binary files a/msys2/usr/share/man/man3/RSA_get_default_method.3ssl.gz and b/msys2/usr/share/man/man3/RSA_get_default_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/RSA_get_ex_data.3ssl.gz
index 6f9ab2d39..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/RSA_get_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/RSA_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/RSA_get_ex_new_index.3ssl.gz
index 6f9ab2d39..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/RSA_get_ex_new_index.3ssl.gz and b/msys2/usr/share/man/man3/RSA_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get_method.3ssl.gz b/msys2/usr/share/man/man3/RSA_get_method.3ssl.gz
index cf10d8c1c..e497b42d9 100644
Binary files a/msys2/usr/share/man/man3/RSA_get_method.3ssl.gz and b/msys2/usr/share/man/man3/RSA_get_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get_multi_prime_extra_count.3ssl.gz b/msys2/usr/share/man/man3/RSA_get_multi_prime_extra_count.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get_multi_prime_extra_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_get_version.3ssl.gz b/msys2/usr/share/man/man3/RSA_get_version.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_get_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_dup.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_dup.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_free.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_free.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get0_app_data.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get0_app_data.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get0_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get0_name.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get0_name.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get0_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_bn_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_bn_mod_exp.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_bn_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_finish.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_finish.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_finish.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_flags.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_flags.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_init.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_init.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_keygen.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_keygen.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_mod_exp.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_multi_prime_keygen.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_multi_prime_keygen.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_multi_prime_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_priv_dec.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_priv_dec.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_priv_dec.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_priv_enc.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_priv_enc.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_priv_enc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_pub_dec.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_pub_dec.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_pub_dec.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_pub_enc.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_pub_enc.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_pub_enc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_sign.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_sign.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_get_verify.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_get_verify.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_get_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_new.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_new.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set0_app_data.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set0_app_data.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set0_app_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set1_name.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set1_name.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set1_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_bn_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_bn_mod_exp.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_bn_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_finish.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_finish.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_finish.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_flags.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_flags.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_init.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_init.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_keygen.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_keygen.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_mod_exp.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_mod_exp.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_mod_exp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_multi_prime_keygen.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_multi_prime_keygen.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_multi_prime_keygen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_priv_dec.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_priv_dec.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_priv_dec.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_priv_enc.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_priv_enc.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_priv_enc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_pub_dec.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_pub_dec.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_pub_dec.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_pub_enc.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_pub_enc.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_pub_enc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_sign.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_sign.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_meth_set_verify.3ssl.gz b/msys2/usr/share/man/man3/RSA_meth_set_verify.3ssl.gz
new file mode 100644
index 000000000..a3bc61175
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_meth_set_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_new.3ssl.gz b/msys2/usr/share/man/man3/RSA_new.3ssl.gz
index fefb9e02f..401d8ee93 100644
Binary files a/msys2/usr/share/man/man3/RSA_new.3ssl.gz and b/msys2/usr/share/man/man3/RSA_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_new_method.3ssl.gz b/msys2/usr/share/man/man3/RSA_new_method.3ssl.gz
index cf10d8c1c..e497b42d9 100644
Binary files a/msys2/usr/share/man/man3/RSA_new_method.3ssl.gz and b/msys2/usr/share/man/man3/RSA_new_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_null_method.3ssl.gz b/msys2/usr/share/man/man3/RSA_null_method.3ssl.gz
deleted file mode 100644
index cf10d8c1c..000000000
Binary files a/msys2/usr/share/man/man3/RSA_null_method.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_OAEP.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_OAEP.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_OAEP.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_OAEP.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_type_1.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_type_1.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_type_1.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_type_1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_type_2.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_type_2.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_type_2.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_add_PKCS1_type_2.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_add_SSLv23.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_add_SSLv23.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_add_SSLv23.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_add_SSLv23.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_add_none.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_add_none.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_add_none.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_add_none.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_OAEP.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_OAEP.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_OAEP.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_OAEP.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_type_1.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_type_1.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_type_1.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_type_1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_type_2.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_type_2.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_type_2.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_check_PKCS1_type_2.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_check_SSLv23.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_check_SSLv23.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_check_SSLv23.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_check_SSLv23.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_padding_check_none.3ssl.gz b/msys2/usr/share/man/man3/RSA_padding_check_none.3ssl.gz
index 66dcbe659..ec1cb5e8c 100644
Binary files a/msys2/usr/share/man/man3/RSA_padding_check_none.3ssl.gz and b/msys2/usr/share/man/man3/RSA_padding_check_none.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_print.3ssl.gz b/msys2/usr/share/man/man3/RSA_print.3ssl.gz
index 5e37a83dd..b52fbe13e 100644
Binary files a/msys2/usr/share/man/man3/RSA_print.3ssl.gz and b/msys2/usr/share/man/man3/RSA_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_print_fp.3ssl.gz b/msys2/usr/share/man/man3/RSA_print_fp.3ssl.gz
index 5e37a83dd..b52fbe13e 100644
Binary files a/msys2/usr/share/man/man3/RSA_print_fp.3ssl.gz and b/msys2/usr/share/man/man3/RSA_print_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_private_decrypt.3ssl.gz b/msys2/usr/share/man/man3/RSA_private_decrypt.3ssl.gz
index f5765a933..63eaa65ca 100644
Binary files a/msys2/usr/share/man/man3/RSA_private_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/RSA_private_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_private_encrypt.3ssl.gz b/msys2/usr/share/man/man3/RSA_private_encrypt.3ssl.gz
index db73b4983..f609512ec 100644
Binary files a/msys2/usr/share/man/man3/RSA_private_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/RSA_private_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_public_decrypt.3ssl.gz b/msys2/usr/share/man/man3/RSA_public_decrypt.3ssl.gz
index db73b4983..f609512ec 100644
Binary files a/msys2/usr/share/man/man3/RSA_public_decrypt.3ssl.gz and b/msys2/usr/share/man/man3/RSA_public_decrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_public_encrypt.3ssl.gz b/msys2/usr/share/man/man3/RSA_public_encrypt.3ssl.gz
index f5765a933..63eaa65ca 100644
Binary files a/msys2/usr/share/man/man3/RSA_public_encrypt.3ssl.gz and b/msys2/usr/share/man/man3/RSA_public_encrypt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_security_bits.3ssl.gz b/msys2/usr/share/man/man3/RSA_security_bits.3ssl.gz
new file mode 100644
index 000000000..4f05da984
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_security_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_set0_crt_params.3ssl.gz b/msys2/usr/share/man/man3/RSA_set0_crt_params.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_set0_crt_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_set0_factors.3ssl.gz b/msys2/usr/share/man/man3/RSA_set0_factors.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_set0_factors.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_set0_key.3ssl.gz b/msys2/usr/share/man/man3/RSA_set0_key.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_set0_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_set0_multi_prime_params.3ssl.gz b/msys2/usr/share/man/man3/RSA_set0_multi_prime_params.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_set0_multi_prime_params.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_set_default_method.3ssl.gz b/msys2/usr/share/man/man3/RSA_set_default_method.3ssl.gz
index cf10d8c1c..e497b42d9 100644
Binary files a/msys2/usr/share/man/man3/RSA_set_default_method.3ssl.gz and b/msys2/usr/share/man/man3/RSA_set_default_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/RSA_set_ex_data.3ssl.gz
index 6f9ab2d39..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/RSA_set_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/RSA_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_set_flags.3ssl.gz b/msys2/usr/share/man/man3/RSA_set_flags.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_set_method.3ssl.gz b/msys2/usr/share/man/man3/RSA_set_method.3ssl.gz
index cf10d8c1c..e497b42d9 100644
Binary files a/msys2/usr/share/man/man3/RSA_set_method.3ssl.gz and b/msys2/usr/share/man/man3/RSA_set_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_sign.3ssl.gz b/msys2/usr/share/man/man3/RSA_sign.3ssl.gz
index a55dd2673..003609140 100644
Binary files a/msys2/usr/share/man/man3/RSA_sign.3ssl.gz and b/msys2/usr/share/man/man3/RSA_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_sign_ASN1_OCTET_STRING.3ssl.gz b/msys2/usr/share/man/man3/RSA_sign_ASN1_OCTET_STRING.3ssl.gz
index 89ddc2f33..90391fc22 100644
Binary files a/msys2/usr/share/man/man3/RSA_sign_ASN1_OCTET_STRING.3ssl.gz and b/msys2/usr/share/man/man3/RSA_sign_ASN1_OCTET_STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_size.3ssl.gz b/msys2/usr/share/man/man3/RSA_size.3ssl.gz
index bf08c9193..4f05da984 100644
Binary files a/msys2/usr/share/man/man3/RSA_size.3ssl.gz and b/msys2/usr/share/man/man3/RSA_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_test_flags.3ssl.gz b/msys2/usr/share/man/man3/RSA_test_flags.3ssl.gz
new file mode 100644
index 000000000..d8c2847e3
Binary files /dev/null and b/msys2/usr/share/man/man3/RSA_test_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_verify.3ssl.gz b/msys2/usr/share/man/man3/RSA_verify.3ssl.gz
index a55dd2673..003609140 100644
Binary files a/msys2/usr/share/man/man3/RSA_verify.3ssl.gz and b/msys2/usr/share/man/man3/RSA_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/RSA_verify_ASN1_OCTET_STRING.3ssl.gz b/msys2/usr/share/man/man3/RSA_verify_ASN1_OCTET_STRING.3ssl.gz
index 89ddc2f33..90391fc22 100644
Binary files a/msys2/usr/share/man/man3/RSA_verify_ASN1_OCTET_STRING.3ssl.gz and b/msys2/usr/share/man/man3/RSA_verify_ASN1_OCTET_STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCRYPT_PARAMS_free.3ssl.gz b/msys2/usr/share/man/man3/SCRYPT_PARAMS_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/SCRYPT_PARAMS_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCRYPT_PARAMS_new.3ssl.gz b/msys2/usr/share/man/man3/SCRYPT_PARAMS_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/SCRYPT_PARAMS_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_LIST_free.3ssl.gz b/msys2/usr/share/man/man3/SCT_LIST_free.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_LIST_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_LIST_print.3ssl.gz b/msys2/usr/share/man/man3/SCT_LIST_print.3ssl.gz
new file mode 100644
index 000000000..e7961240e
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_LIST_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_LIST_validate.3ssl.gz b/msys2/usr/share/man/man3/SCT_LIST_validate.3ssl.gz
new file mode 100644
index 000000000..e4babe906
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_LIST_validate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_free.3ssl.gz b/msys2/usr/share/man/man3/SCT_free.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get0_extensions.3ssl.gz b/msys2/usr/share/man/man3/SCT_get0_extensions.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get0_extensions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get0_log_id.3ssl.gz b/msys2/usr/share/man/man3/SCT_get0_log_id.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get0_log_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get0_signature.3ssl.gz b/msys2/usr/share/man/man3/SCT_get0_signature.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get0_signature.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get_log_entry_type.3ssl.gz b/msys2/usr/share/man/man3/SCT_get_log_entry_type.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get_log_entry_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get_signature_nid.3ssl.gz b/msys2/usr/share/man/man3/SCT_get_signature_nid.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get_signature_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get_source.3ssl.gz b/msys2/usr/share/man/man3/SCT_get_source.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get_source.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get_timestamp.3ssl.gz b/msys2/usr/share/man/man3/SCT_get_timestamp.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get_timestamp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get_validation_status.3ssl.gz b/msys2/usr/share/man/man3/SCT_get_validation_status.3ssl.gz
new file mode 100644
index 000000000..e4babe906
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get_validation_status.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_get_version.3ssl.gz b/msys2/usr/share/man/man3/SCT_get_version.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_get_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_new.3ssl.gz b/msys2/usr/share/man/man3/SCT_new.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_new_from_base64.3ssl.gz b/msys2/usr/share/man/man3/SCT_new_from_base64.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_new_from_base64.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_print.3ssl.gz b/msys2/usr/share/man/man3/SCT_print.3ssl.gz
new file mode 100644
index 000000000..e7961240e
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set0_extensions.3ssl.gz b/msys2/usr/share/man/man3/SCT_set0_extensions.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set0_extensions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set0_log_id.3ssl.gz b/msys2/usr/share/man/man3/SCT_set0_log_id.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set0_log_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set0_signature.3ssl.gz b/msys2/usr/share/man/man3/SCT_set0_signature.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set0_signature.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set1_extensions.3ssl.gz b/msys2/usr/share/man/man3/SCT_set1_extensions.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set1_extensions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set1_log_id.3ssl.gz b/msys2/usr/share/man/man3/SCT_set1_log_id.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set1_log_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set1_signature.3ssl.gz b/msys2/usr/share/man/man3/SCT_set1_signature.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set1_signature.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set_log_entry_type.3ssl.gz b/msys2/usr/share/man/man3/SCT_set_log_entry_type.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set_log_entry_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set_signature_nid.3ssl.gz b/msys2/usr/share/man/man3/SCT_set_signature_nid.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set_signature_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set_source.3ssl.gz b/msys2/usr/share/man/man3/SCT_set_source.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set_source.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set_timestamp.3ssl.gz b/msys2/usr/share/man/man3/SCT_set_timestamp.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set_timestamp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_set_version.3ssl.gz b/msys2/usr/share/man/man3/SCT_set_version.3ssl.gz
new file mode 100644
index 000000000..8a6b7f642
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_set_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_validate.3ssl.gz b/msys2/usr/share/man/man3/SCT_validate.3ssl.gz
new file mode 100644
index 000000000..e4babe906
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_validate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SCT_validation_status_string.3ssl.gz b/msys2/usr/share/man/man3/SCT_validation_status_string.3ssl.gz
new file mode 100644
index 000000000..e7961240e
Binary files /dev/null and b/msys2/usr/share/man/man3/SCT_validation_status_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA1.3ssl.gz b/msys2/usr/share/man/man3/SHA1.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA1.3ssl.gz and b/msys2/usr/share/man/man3/SHA1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA1_Final.3ssl.gz b/msys2/usr/share/man/man3/SHA1_Final.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA1_Final.3ssl.gz and b/msys2/usr/share/man/man3/SHA1_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA1_Init.3ssl.gz b/msys2/usr/share/man/man3/SHA1_Init.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA1_Init.3ssl.gz and b/msys2/usr/share/man/man3/SHA1_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA1_Update.3ssl.gz b/msys2/usr/share/man/man3/SHA1_Update.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA1_Update.3ssl.gz and b/msys2/usr/share/man/man3/SHA1_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA224.3ssl.gz b/msys2/usr/share/man/man3/SHA224.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA224.3ssl.gz and b/msys2/usr/share/man/man3/SHA224.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA224_Final.3ssl.gz b/msys2/usr/share/man/man3/SHA224_Final.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA224_Final.3ssl.gz and b/msys2/usr/share/man/man3/SHA224_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA224_Init.3ssl.gz b/msys2/usr/share/man/man3/SHA224_Init.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA224_Init.3ssl.gz and b/msys2/usr/share/man/man3/SHA224_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA224_Update.3ssl.gz b/msys2/usr/share/man/man3/SHA224_Update.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA224_Update.3ssl.gz and b/msys2/usr/share/man/man3/SHA224_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA256.3ssl.gz b/msys2/usr/share/man/man3/SHA256.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA256.3ssl.gz and b/msys2/usr/share/man/man3/SHA256.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA256_Final.3ssl.gz b/msys2/usr/share/man/man3/SHA256_Final.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA256_Final.3ssl.gz and b/msys2/usr/share/man/man3/SHA256_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA256_Init.3ssl.gz b/msys2/usr/share/man/man3/SHA256_Init.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA256_Init.3ssl.gz and b/msys2/usr/share/man/man3/SHA256_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA256_Update.3ssl.gz b/msys2/usr/share/man/man3/SHA256_Update.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA256_Update.3ssl.gz and b/msys2/usr/share/man/man3/SHA256_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA384.3ssl.gz b/msys2/usr/share/man/man3/SHA384.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA384.3ssl.gz and b/msys2/usr/share/man/man3/SHA384.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA384_Final.3ssl.gz b/msys2/usr/share/man/man3/SHA384_Final.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA384_Final.3ssl.gz and b/msys2/usr/share/man/man3/SHA384_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA384_Init.3ssl.gz b/msys2/usr/share/man/man3/SHA384_Init.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA384_Init.3ssl.gz and b/msys2/usr/share/man/man3/SHA384_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA384_Update.3ssl.gz b/msys2/usr/share/man/man3/SHA384_Update.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA384_Update.3ssl.gz and b/msys2/usr/share/man/man3/SHA384_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA512.3ssl.gz b/msys2/usr/share/man/man3/SHA512.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA512.3ssl.gz and b/msys2/usr/share/man/man3/SHA512.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA512_Final.3ssl.gz b/msys2/usr/share/man/man3/SHA512_Final.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA512_Final.3ssl.gz and b/msys2/usr/share/man/man3/SHA512_Final.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA512_Init.3ssl.gz b/msys2/usr/share/man/man3/SHA512_Init.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA512_Init.3ssl.gz and b/msys2/usr/share/man/man3/SHA512_Init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SHA512_Update.3ssl.gz b/msys2/usr/share/man/man3/SHA512_Update.3ssl.gz
index dbfd999e1..3fc602db0 100644
Binary files a/msys2/usr/share/man/man3/SHA512_Update.3ssl.gz and b/msys2/usr/share/man/man3/SHA512_Update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SMIME_read_CMS.3ssl.gz b/msys2/usr/share/man/man3/SMIME_read_CMS.3ssl.gz
index 173907e50..02c6c2e17 100644
Binary files a/msys2/usr/share/man/man3/SMIME_read_CMS.3ssl.gz and b/msys2/usr/share/man/man3/SMIME_read_CMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SMIME_read_PKCS7.3ssl.gz b/msys2/usr/share/man/man3/SMIME_read_PKCS7.3ssl.gz
index 1d447613c..1aad21e77 100644
Binary files a/msys2/usr/share/man/man3/SMIME_read_PKCS7.3ssl.gz and b/msys2/usr/share/man/man3/SMIME_read_PKCS7.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SMIME_write_CMS.3ssl.gz b/msys2/usr/share/man/man3/SMIME_write_CMS.3ssl.gz
index 7440ef9fa..4e986bad6 100644
Binary files a/msys2/usr/share/man/man3/SMIME_write_CMS.3ssl.gz and b/msys2/usr/share/man/man3/SMIME_write_CMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SMIME_write_PKCS7.3ssl.gz b/msys2/usr/share/man/man3/SMIME_write_PKCS7.3ssl.gz
index 387acb474..5518f15d3 100644
Binary files a/msys2/usr/share/man/man3/SMIME_write_PKCS7.3ssl.gz and b/msys2/usr/share/man/man3/SMIME_write_PKCS7.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_description.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_description.3ssl.gz
index a0180f823..626766b8c 100644
Binary files a/msys2/usr/share/man/man3/SSL_CIPHER_description.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CIPHER_description.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_find.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_find.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_find.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_auth_nid.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_auth_nid.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_get_auth_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_bits.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_bits.3ssl.gz
index a0180f823..626766b8c 100644
Binary files a/msys2/usr/share/man/man3/SSL_CIPHER_get_bits.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CIPHER_get_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_cipher_nid.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_cipher_nid.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_get_cipher_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_digest_nid.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_digest_nid.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_get_digest_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_handshake_digest.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_handshake_digest.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_get_handshake_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_id.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_get_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_kx_nid.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_kx_nid.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_get_kx_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_name.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_name.3ssl.gz
index a0180f823..626766b8c 100644
Binary files a/msys2/usr/share/man/man3/SSL_CIPHER_get_name.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CIPHER_get_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_protocol_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_protocol_id.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_get_protocol_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_get_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_get_version.3ssl.gz
index a0180f823..626766b8c 100644
Binary files a/msys2/usr/share/man/man3/SSL_CIPHER_get_version.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CIPHER_get_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_is_aead.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_is_aead.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_is_aead.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CIPHER_standard_name.3ssl.gz b/msys2/usr/share/man/man3/SSL_CIPHER_standard_name.3ssl.gz
new file mode 100644
index 000000000..626766b8c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CIPHER_standard_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_COMP_add_compression_method.3ssl.gz b/msys2/usr/share/man/man3/SSL_COMP_add_compression_method.3ssl.gz
index 86c21adda..9f1833927 100644
Binary files a/msys2/usr/share/man/man3/SSL_COMP_add_compression_method.3ssl.gz and b/msys2/usr/share/man/man3/SSL_COMP_add_compression_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_COMP_free_compression_methods.3ssl.gz b/msys2/usr/share/man/man3/SSL_COMP_free_compression_methods.3ssl.gz
index 86c21adda..9f1833927 100644
Binary files a/msys2/usr/share/man/man3/SSL_COMP_free_compression_methods.3ssl.gz and b/msys2/usr/share/man/man3/SSL_COMP_free_compression_methods.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_COMP_get0_name.3ssl.gz b/msys2/usr/share/man/man3/SSL_COMP_get0_name.3ssl.gz
new file mode 100644
index 000000000..9f1833927
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_COMP_get0_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_COMP_get_compression_methods.3ssl.gz b/msys2/usr/share/man/man3/SSL_COMP_get_compression_methods.3ssl.gz
new file mode 100644
index 000000000..9f1833927
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_COMP_get_compression_methods.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_COMP_get_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_COMP_get_id.3ssl.gz
new file mode 100644
index 000000000..9f1833927
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_COMP_get_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_CTX_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_CTX_clear_flags.3ssl.gz
index 2831b3252..2fee62af8 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_CTX_clear_flags.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_CTX_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_CTX_free.3ssl.gz
index eddd45a27..f8203e2ab 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_CTX_free.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_CTX_new.3ssl.gz
index eddd45a27..f8203e2ab 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_CTX_new.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_CTX_set1_prefix.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_CTX_set1_prefix.3ssl.gz
index 419428b7f..ec5246ee7 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_CTX_set1_prefix.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_CTX_set1_prefix.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_CTX_set_flags.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_CTX_set_flags.3ssl.gz
index 2831b3252..2fee62af8 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_CTX_set_flags.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_CTX_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_CTX_set_ssl.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_CTX_set_ssl.3ssl.gz
index 17765137d..550b8a2cb 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_CTX_set_ssl.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_CTX_set_ssl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_CTX_set_ssl_ctx.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_CTX_set_ssl_ctx.3ssl.gz
index 17765137d..550b8a2cb 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_CTX_set_ssl_ctx.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_CTX_set_ssl_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_cmd.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_cmd.3ssl.gz
index df6690990..53f8bc1a1 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_cmd.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_cmd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_cmd_argv.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_cmd_argv.3ssl.gz
index 34a71cb79..762d9616f 100644
Binary files a/msys2/usr/share/man/man3/SSL_CONF_cmd_argv.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CONF_cmd_argv.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CONF_cmd_value_type.3ssl.gz b/msys2/usr/share/man/man3/SSL_CONF_cmd_value_type.3ssl.gz
new file mode 100644
index 000000000..53f8bc1a1
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CONF_cmd_value_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add0_chain_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add0_chain_cert.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_add0_chain_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_add0_chain_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add1_chain_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add1_chain_cert.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_add1_chain_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_add1_chain_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add1_to_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add1_to_CA_list.3ssl.gz
new file mode 100644
index 000000000..e9333d591
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_add1_to_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add_client_CA.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add_client_CA.3ssl.gz
index 22450240a..e9333d591 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_add_client_CA.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_add_client_CA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add_client_custom_ext.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add_client_custom_ext.3ssl.gz
index b9a8162a8..5b7babf0b 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_add_client_custom_ext.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_add_client_custom_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add_custom_ext.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add_custom_ext.3ssl.gz
new file mode 100644
index 000000000..5b7babf0b
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_add_custom_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add_extra_chain_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add_extra_chain_cert.3ssl.gz
index a3a161bc6..4622d9035 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_add_extra_chain_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_add_extra_chain_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add_server_custom_ext.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add_server_custom_ext.3ssl.gz
index b9a8162a8..5b7babf0b 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_add_server_custom_ext.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_add_server_custom_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_add_session.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_add_session.3ssl.gz
index 9b55ff047..ee28d9701 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_add_session.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_add_session.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_build_cert_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_build_cert_chain.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_build_cert_chain.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_build_cert_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_callback_ctrl.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_callback_ctrl.3ssl.gz
index 911cca063..c9136dd08 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_callback_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_callback_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_check_private_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_check_private_key.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_check_private_key.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_check_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_clear_chain_certs.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_clear_chain_certs.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_clear_chain_certs.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_clear_chain_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_clear_extra_chain_certs.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_clear_extra_chain_certs.3ssl.gz
index a3a161bc6..4622d9035 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_clear_extra_chain_certs.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_clear_extra_chain_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_clear_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_clear_mode.3ssl.gz
new file mode 100644
index 000000000..6296d3584
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_clear_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_clear_options.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_clear_options.3ssl.gz
index caf24aaac..4d8fe0ab3 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_clear_options.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_clear_options.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_config.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_config.3ssl.gz
new file mode 100644
index 000000000..350a2bf14
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_config.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_ct_is_enabled.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_ct_is_enabled.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_ct_is_enabled.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_ctrl.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_ctrl.3ssl.gz
index 911cca063..c9136dd08 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_dane_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_dane_clear_flags.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_dane_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_dane_enable.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_dane_enable.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_dane_enable.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_dane_mtype_set.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_dane_mtype_set.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_dane_mtype_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_dane_set_flags.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_dane_set_flags.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_dane_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_decrypt_session_ticket_fn.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_decrypt_session_ticket_fn.3ssl.gz
new file mode 100644
index 000000000..902dc414a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_decrypt_session_ticket_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_disable_ct.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_disable_ct.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_disable_ct.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_enable_ct.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_enable_ct.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_enable_ct.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_flush_sessions.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_flush_sessions.3ssl.gz
index 0f5847ca5..65decca94 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_flush_sessions.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_flush_sessions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_free.3ssl.gz
index b8523c1b0..a49ea9582 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_free.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_generate_session_ticket_fn.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_generate_session_ticket_fn.3ssl.gz
new file mode 100644
index 000000000..902dc414a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_generate_session_ticket_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get0_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get0_CA_list.3ssl.gz
new file mode 100644
index 000000000..e9333d591
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get0_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get0_chain_certs.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get0_chain_certs.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get0_chain_certs.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get0_chain_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get0_param.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get0_param.3ssl.gz
index 776be455f..444a34cff 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get0_param.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get0_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get0_security_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get0_security_ex_data.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get0_security_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_cert_store.3ssl.gz
index 1fc06d793..b90a53895 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_ciphers.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_ciphers.3ssl.gz
new file mode 100644
index 000000000..f611e032c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_client_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_client_CA_list.3ssl.gz
index 4bcd97ce2..e9333d591 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_client_CA_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_client_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_client_cert_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_client_cert_cb.3ssl.gz
index 995f749e0..3fa115e81 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_client_cert_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_client_cert_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_default_passwd_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_default_passwd_cb.3ssl.gz
new file mode 100644
index 000000000..f23d1290e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_default_passwd_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_default_passwd_cb_userdata.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_default_passwd_cb_userdata.3ssl.gz
new file mode 100644
index 000000000..f23d1290e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_default_passwd_cb_userdata.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_default_read_ahead.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_default_read_ahead.3ssl.gz
index 9baef4367..90d2d126b 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_default_read_ahead.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_default_read_ahead.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_ex_data.3ssl.gz
index 09269bd93..bee92ac46 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_ex_new_index.3ssl.gz
deleted file mode 100644
index 09269bd93..000000000
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_ex_new_index.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_info_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_info_callback.3ssl.gz
index 0de841589..478ceb66a 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_info_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_info_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_keylog_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_keylog_callback.3ssl.gz
new file mode 100644
index 000000000..cb5a06c85
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_keylog_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_max_cert_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_max_cert_list.3ssl.gz
index aaa3e8763..8f119ad61 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_max_cert_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_max_cert_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_max_proto_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_max_proto_version.3ssl.gz
new file mode 100644
index 000000000..2443ff7e6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_max_proto_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_min_proto_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_min_proto_version.3ssl.gz
new file mode 100644
index 000000000..2443ff7e6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_min_proto_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_mode.3ssl.gz
index 82c6a5018..6296d3584 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_mode.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_num_tickets.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_num_tickets.3ssl.gz
new file mode 100644
index 000000000..86564cd3a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_num_tickets.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_options.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_options.3ssl.gz
index caf24aaac..4d8fe0ab3 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_options.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_options.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_quiet_shutdown.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_quiet_shutdown.3ssl.gz
index 6c5fbf455..4526e9626 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_quiet_shutdown.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_quiet_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_read_ahead.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_read_ahead.3ssl.gz
index 9baef4367..90d2d126b 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_read_ahead.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_read_ahead.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_record_padding_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_record_padding_callback_arg.3ssl.gz
new file mode 100644
index 000000000..957eb118f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_record_padding_callback_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_recv_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_recv_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_recv_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_security_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_security_callback.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_security_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_security_level.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_security_level.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_security_level.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_session_cache_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_session_cache_mode.3ssl.gz
index 91d9ffa16..9ff0371df 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_session_cache_mode.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_session_cache_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_timeout.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_timeout.3ssl.gz
index 532a72bcd..fb4ff31e3 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_timeout.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_timeout.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_arg.3ssl.gz
new file mode 100644
index 000000000..dae8217be
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_cb.3ssl.gz
new file mode 100644
index 000000000..dae8217be
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_type.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_type.3ssl.gz
new file mode 100644
index 000000000..dae8217be
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_get_tlsext_status_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_verify_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_verify_callback.3ssl.gz
index 1287bf635..4b3870749 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_verify_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_verify_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_verify_depth.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_verify_depth.3ssl.gz
index 1287bf635..4b3870749 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_verify_depth.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_verify_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_get_verify_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_get_verify_mode.3ssl.gz
index 1287bf635..4b3870749 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_get_verify_mode.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_get_verify_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_has_client_custom_ext.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_has_client_custom_ext.3ssl.gz
new file mode 100644
index 000000000..8eecd7890
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_has_client_custom_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_keylog_cb_func.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_keylog_cb_func.3ssl.gz
new file mode 100644
index 000000000..cb5a06c85
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_keylog_cb_func.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_load_verify_locations.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_load_verify_locations.3ssl.gz
index 2df85e893..c881fc294 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_load_verify_locations.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_load_verify_locations.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_need_tmp_rsa.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_need_tmp_rsa.3ssl.gz
deleted file mode 100644
index c1948ee57..000000000
Binary files a/msys2/usr/share/man/man3/SSL_CTX_need_tmp_rsa.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_new.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_new.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_remove_session.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_remove_session.3ssl.gz
index 9b55ff047..ee28d9701 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_remove_session.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_remove_session.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_select_current_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_select_current_cert.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_select_current_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_select_current_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_accept.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_accept.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_accept.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_accept.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_accept_good.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_accept_good.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_accept_good.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_accept_good.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_accept_renegotiate.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_accept_renegotiate.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_accept_renegotiate.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_accept_renegotiate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_cache_full.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_cache_full.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_cache_full.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_cache_full.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_cb_hits.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_cb_hits.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_cb_hits.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_cb_hits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_connect.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_connect.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_connect.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_connect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_connect_good.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_connect_good.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_connect_good.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_connect_good.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_connect_renegotiate.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_connect_renegotiate.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_connect_renegotiate.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_connect_renegotiate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_get_cache_size.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_get_cache_size.3ssl.gz
index 1eb1a327d..0c68f1f14 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_get_cache_size.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_get_cache_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_get_get_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_get_get_cb.3ssl.gz
index 33201c1b4..7433c15ab 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_get_get_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_get_get_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_get_new_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_get_new_cb.3ssl.gz
index 33201c1b4..7433c15ab 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_get_new_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_get_new_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_get_remove_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_get_remove_cb.3ssl.gz
index 33201c1b4..7433c15ab 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_get_remove_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_get_remove_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_hits.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_hits.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_hits.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_hits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_misses.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_misses.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_misses.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_misses.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_number.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_number.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_number.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_number.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_set_cache_size.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_set_cache_size.3ssl.gz
index 1eb1a327d..0c68f1f14 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_set_cache_size.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_set_cache_size.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_set_get_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_set_get_cb.3ssl.gz
index 33201c1b4..7433c15ab 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_set_get_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_set_get_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_set_new_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_set_new_cb.3ssl.gz
index 33201c1b4..7433c15ab 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_set_new_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_set_new_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_set_remove_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_set_remove_cb.3ssl.gz
index 33201c1b4..7433c15ab 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_set_remove_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_set_remove_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sess_timeouts.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sess_timeouts.3ssl.gz
index 71e40fb29..7c0e672a9 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sess_timeouts.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sess_timeouts.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_sessions.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_sessions.3ssl.gz
index 9428bfab4..13996f761 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_sessions.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_sessions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set0_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set0_CA_list.3ssl.gz
new file mode 100644
index 000000000..e9333d591
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set0_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set0_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set0_chain.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set0_chain.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set0_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set0_chain_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set0_chain_cert_store.3ssl.gz
index 67f1c41d4..b04c4fbfb 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set0_chain_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set0_chain_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set0_security_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set0_security_ex_data.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set0_security_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set0_verify_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set0_verify_cert_store.3ssl.gz
index 67f1c41d4..b04c4fbfb 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set0_verify_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set0_verify_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_cert_store.3ssl.gz
new file mode 100644
index 000000000..b90a53895
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set1_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_chain.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set1_chain.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set1_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_chain_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_chain_cert_store.3ssl.gz
index 67f1c41d4..b04c4fbfb 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set1_chain_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set1_chain_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_client_sigalgs.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_client_sigalgs.3ssl.gz
new file mode 100644
index 000000000..66ee67686
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set1_client_sigalgs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_client_sigalgs_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_client_sigalgs_list.3ssl.gz
new file mode 100644
index 000000000..66ee67686
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set1_client_sigalgs_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_curves.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_curves.3ssl.gz
index c8942081c..7f345c614 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set1_curves.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set1_curves.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_curves_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_curves_list.3ssl.gz
index c8942081c..7f345c614 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set1_curves_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set1_curves_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_groups.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_groups.3ssl.gz
new file mode 100644
index 000000000..7f345c614
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set1_groups.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_groups_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_groups_list.3ssl.gz
new file mode 100644
index 000000000..7f345c614
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set1_groups_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_param.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_param.3ssl.gz
index 776be455f..444a34cff 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set1_param.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set1_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_sigalgs.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_sigalgs.3ssl.gz
new file mode 100644
index 000000000..66ee67686
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set1_sigalgs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_sigalgs_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_sigalgs_list.3ssl.gz
new file mode 100644
index 000000000..66ee67686
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set1_sigalgs_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set1_verify_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set1_verify_cert_store.3ssl.gz
index 67f1c41d4..b04c4fbfb 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set1_verify_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set1_verify_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_allow_early_data_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_allow_early_data_cb.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_allow_early_data_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_alpn_protos.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_alpn_protos.3ssl.gz
index d186fbcac..5423f50bb 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_alpn_protos.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_alpn_protos.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_alpn_select_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_alpn_select_cb.3ssl.gz
index d186fbcac..5423f50bb 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_alpn_select_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_alpn_select_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_block_padding.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_block_padding.3ssl.gz
new file mode 100644
index 000000000..957eb118f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_block_padding.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_cert_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_cert_cb.3ssl.gz
index 4f32445f3..df9993b15 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_cert_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_cert_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_cert_store.3ssl.gz
index 1fc06d793..b90a53895 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_cert_verify_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_cert_verify_callback.3ssl.gz
index 939e2bc9a..d643d7bf0 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_cert_verify_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_cert_verify_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_cipher_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_cipher_list.3ssl.gz
index 1f74f7888..5c116feee 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_cipher_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_cipher_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_ciphersuites.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_ciphersuites.3ssl.gz
new file mode 100644
index 000000000..5c116feee
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_ciphersuites.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_client_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_client_CA_list.3ssl.gz
index 22450240a..e9333d591 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_client_CA_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_client_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_client_cert_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_client_cert_cb.3ssl.gz
index 995f749e0..3fa115e81 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_client_cert_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_client_cert_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_client_hello_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_client_hello_cb.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_client_hello_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_ct_validation_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_ct_validation_callback.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_ct_validation_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_ctlog_list_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_ctlog_list_file.3ssl.gz
new file mode 100644
index 000000000..a3602b1c9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_ctlog_list_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_current_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_current_cert.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_current_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_current_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_custom_cli_ext.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_custom_cli_ext.3ssl.gz
deleted file mode 100644
index b9a8162a8..000000000
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_custom_cli_ext.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_default_ctlog_list_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_default_ctlog_list_file.3ssl.gz
new file mode 100644
index 000000000..a3602b1c9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_default_ctlog_list_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_default_passwd_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_default_passwd_cb.3ssl.gz
index 1ecb05c37..f23d1290e 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_default_passwd_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_default_passwd_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_default_passwd_cb_userdata.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_default_passwd_cb_userdata.3ssl.gz
index 1ecb05c37..f23d1290e 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_default_passwd_cb_userdata.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_default_passwd_cb_userdata.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_default_read_ahead.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_default_read_ahead.3ssl.gz
deleted file mode 100644
index 9baef4367..000000000
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_default_read_ahead.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_default_read_buffer_len.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_default_read_buffer_len.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_default_read_buffer_len.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_dir.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_dir.3ssl.gz
new file mode 100644
index 000000000..c881fc294
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_dir.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_file.3ssl.gz
new file mode 100644
index 000000000..c881fc294
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_paths.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_paths.3ssl.gz
new file mode 100644
index 000000000..c881fc294
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_default_verify_paths.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_ecdh_auto.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_ecdh_auto.3ssl.gz
deleted file mode 100644
index c8942081c..000000000
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_ecdh_auto.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_ex_data.3ssl.gz
index 09269bd93..bee92ac46 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_generate_session_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_generate_session_id.3ssl.gz
index 10171da68..6579348b6 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_generate_session_id.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_generate_session_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_info_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_info_callback.3ssl.gz
index 0de841589..478ceb66a 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_info_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_info_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_keylog_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_keylog_callback.3ssl.gz
new file mode 100644
index 000000000..cb5a06c85
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_keylog_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_max_cert_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_max_cert_list.3ssl.gz
index aaa3e8763..8f119ad61 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_max_cert_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_max_cert_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_max_pipelines.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_max_pipelines.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_max_pipelines.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_max_proto_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_max_proto_version.3ssl.gz
new file mode 100644
index 000000000..2443ff7e6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_max_proto_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_max_send_fragment.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_max_send_fragment.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_max_send_fragment.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_min_proto_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_min_proto_version.3ssl.gz
new file mode 100644
index 000000000..2443ff7e6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_min_proto_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_mode.3ssl.gz
index 82c6a5018..6296d3584 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_mode.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_msg_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_msg_callback.3ssl.gz
index e0287dd3d..29e1507ea 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_msg_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_msg_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_msg_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_msg_callback_arg.3ssl.gz
index e0287dd3d..29e1507ea 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_msg_callback_arg.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_msg_callback_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_next_proto_select_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_next_proto_select_cb.3ssl.gz
new file mode 100644
index 000000000..5423f50bb
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_next_proto_select_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_next_protos_advertised_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_next_protos_advertised_cb.3ssl.gz
new file mode 100644
index 000000000..5423f50bb
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_next_protos_advertised_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_num_tickets.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_num_tickets.3ssl.gz
new file mode 100644
index 000000000..86564cd3a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_num_tickets.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_options.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_options.3ssl.gz
index caf24aaac..4d8fe0ab3 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_options.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_options.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_post_handshake_auth.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_post_handshake_auth.3ssl.gz
new file mode 100644
index 000000000..cfa3927ff
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_post_handshake_auth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_psk_client_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_psk_client_callback.3ssl.gz
index 244bfb86c..4de013d47 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_psk_client_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_psk_client_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_psk_find_session_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_psk_find_session_callback.3ssl.gz
new file mode 100644
index 000000000..1ac87df4f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_psk_find_session_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_psk_server_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_psk_server_callback.3ssl.gz
index fa61c2487..1ac87df4f 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_psk_server_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_psk_server_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_psk_use_session_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_psk_use_session_callback.3ssl.gz
new file mode 100644
index 000000000..4de013d47
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_psk_use_session_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_quiet_shutdown.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_quiet_shutdown.3ssl.gz
index 6c5fbf455..4526e9626 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_quiet_shutdown.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_quiet_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_read_ahead.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_read_ahead.3ssl.gz
index 9baef4367..90d2d126b 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_read_ahead.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_read_ahead.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_record_padding_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_record_padding_callback.3ssl.gz
new file mode 100644
index 000000000..957eb118f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_record_padding_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_record_padding_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_record_padding_callback_arg.3ssl.gz
new file mode 100644
index 000000000..957eb118f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_record_padding_callback_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_recv_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_recv_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_recv_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_security_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_security_callback.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_security_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_security_level.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_security_level.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_security_level.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_session_cache_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_session_cache_mode.3ssl.gz
index 91d9ffa16..9ff0371df 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_session_cache_mode.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_session_cache_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_session_id_context.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_session_id_context.3ssl.gz
index 665ec3a21..ae7dde3a3 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_session_id_context.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_session_id_context.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_session_ticket_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_session_ticket_cb.3ssl.gz
new file mode 100644
index 000000000..902dc414a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_session_ticket_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_split_send_fragment.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_split_send_fragment.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_split_send_fragment.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_ssl_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_ssl_version.3ssl.gz
index a2e9a928b..81f5d8f8e 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_ssl_version.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_ssl_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3ssl.gz
new file mode 100644
index 000000000..92f2f6006
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_stateless_cookie_verify_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_stateless_cookie_verify_cb.3ssl.gz
new file mode 100644
index 000000000..92f2f6006
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_stateless_cookie_verify_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_timeout.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_timeout.3ssl.gz
index 532a72bcd..fb4ff31e3 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_timeout.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_timeout.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_max_fragment_length.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_max_fragment_length.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_max_fragment_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_servername_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_servername_arg.3ssl.gz
index ba472993d..695a1a1f0 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_servername_arg.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_servername_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_servername_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_servername_callback.3ssl.gz
index ba472993d..695a1a1f0 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_servername_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_servername_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_arg.3ssl.gz
index 2bcd830b3..dae8217be 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_arg.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_cb.3ssl.gz
index 2bcd830b3..dae8217be 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_type.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_type.3ssl.gz
new file mode 100644
index 000000000..dae8217be
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_status_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3ssl.gz
index 2eed3481c..e9c4c4d77 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_use_srtp.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_use_srtp.3ssl.gz
new file mode 100644
index 000000000..cbaf39f44
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_set_tlsext_use_srtp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tmp_dh.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tmp_dh.3ssl.gz
index 6deae3ed8..0d50d67e4 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tmp_dh.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_tmp_dh.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tmp_dh_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tmp_dh_callback.3ssl.gz
index 6deae3ed8..0d50d67e4 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tmp_dh_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_tmp_dh_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tmp_rsa.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tmp_rsa.3ssl.gz
deleted file mode 100644
index c1948ee57..000000000
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tmp_rsa.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_tmp_rsa_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_tmp_rsa_callback.3ssl.gz
deleted file mode 100644
index c1948ee57..000000000
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_tmp_rsa_callback.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_verify.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_verify.3ssl.gz
index 70dd2cb6b..cfa3927ff 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_verify.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_set_verify_depth.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_set_verify_depth.3ssl.gz
index 70dd2cb6b..cfa3927ff 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_set_verify_depth.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_set_verify_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_up_ref.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_up_ref.3ssl.gz
new file mode 100644
index 000000000..cfef55c60
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey_ASN1.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey_ASN1.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey_ASN1.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey_ASN1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey_file.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_PrivateKey_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_ASN1.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_ASN1.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_ASN1.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_ASN1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_file.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_cert_and_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_cert_and_key.3ssl.gz
new file mode 100644
index 000000000..e0d257531
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_use_cert_and_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_certificate.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_certificate.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_certificate.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_certificate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_certificate_ASN1.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_certificate_ASN1.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_certificate_ASN1.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_certificate_ASN1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_certificate_chain_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_certificate_chain_file.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_certificate_chain_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_certificate_chain_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_certificate_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_certificate_file.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_certificate_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_certificate_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_psk_identity_hint.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_psk_identity_hint.3ssl.gz
index fa61c2487..1ac87df4f 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_psk_identity_hint.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_psk_identity_hint.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo.3ssl.gz
index fe5bec9be..d10a83ec8 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo_ex.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo_ex.3ssl.gz
new file mode 100644
index 000000000..d10a83ec8
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo_file.3ssl.gz
index fe5bec9be..d10a83ec8 100644
Binary files a/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_CTX_use_serverinfo_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_dup.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_dup.3ssl.gz
new file mode 100644
index 000000000..752203cd5
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_free.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_free.3ssl.gz
index ea3d31c61..752203cd5 100644
Binary files a/msys2/usr/share/man/man3/SSL_SESSION_free.3ssl.gz and b/msys2/usr/share/man/man3/SSL_SESSION_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get0_alpn_selected.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get0_alpn_selected.3ssl.gz
new file mode 100644
index 000000000..34b20daaf
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get0_alpn_selected.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get0_cipher.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get0_cipher.3ssl.gz
new file mode 100644
index 000000000..dd4bc8ad8
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get0_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get0_hostname.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get0_hostname.3ssl.gz
new file mode 100644
index 000000000..34b20daaf
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get0_hostname.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get0_id_context.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get0_id_context.3ssl.gz
new file mode 100644
index 000000000..51c5a9e88
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get0_id_context.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get0_peer.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get0_peer.3ssl.gz
new file mode 100644
index 000000000..12f70bdd0
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get0_peer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get0_ticket.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get0_ticket.3ssl.gz
new file mode 100644
index 000000000..f4676e884
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get0_ticket.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get0_ticket_appdata.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get0_ticket_appdata.3ssl.gz
new file mode 100644
index 000000000..902dc414a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get0_ticket_appdata.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_compress_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_compress_id.3ssl.gz
new file mode 100644
index 000000000..4460df3a4
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get_compress_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_ex_data.3ssl.gz
index f68a76290..cf1f1d9ed 100644
Binary files a/msys2/usr/share/man/man3/SSL_SESSION_get_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/SSL_SESSION_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_ex_new_index.3ssl.gz
deleted file mode 100644
index f68a76290..000000000
Binary files a/msys2/usr/share/man/man3/SSL_SESSION_get_ex_new_index.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_id.3ssl.gz
new file mode 100644
index 000000000..c7f09c9a4
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_master_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_master_key.3ssl.gz
new file mode 100644
index 000000000..ce83386a5
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get_master_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_max_fragment_length.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_max_fragment_length.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get_max_fragment_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_protocol_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_protocol_version.3ssl.gz
new file mode 100644
index 000000000..67c9f04e8
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get_protocol_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_ticket_lifetime_hint.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_ticket_lifetime_hint.3ssl.gz
new file mode 100644
index 000000000..f4676e884
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_get_ticket_lifetime_hint.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_time.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_time.3ssl.gz
index f76e41a8f..8f9247ed2 100644
Binary files a/msys2/usr/share/man/man3/SSL_SESSION_get_time.3ssl.gz and b/msys2/usr/share/man/man3/SSL_SESSION_get_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_get_timeout.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_get_timeout.3ssl.gz
index f76e41a8f..8f9247ed2 100644
Binary files a/msys2/usr/share/man/man3/SSL_SESSION_get_timeout.3ssl.gz and b/msys2/usr/share/man/man3/SSL_SESSION_get_timeout.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_has_ticket.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_has_ticket.3ssl.gz
new file mode 100644
index 000000000..f4676e884
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_has_ticket.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_is_resumable.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_is_resumable.3ssl.gz
new file mode 100644
index 000000000..424d4d956
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_is_resumable.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_new.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_new.3ssl.gz
new file mode 100644
index 000000000..752203cd5
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_print.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_print.3ssl.gz
new file mode 100644
index 000000000..aeff91983
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_print_fp.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_print_fp.3ssl.gz
new file mode 100644
index 000000000..aeff91983
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_print_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_print_keylog.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_print_keylog.3ssl.gz
new file mode 100644
index 000000000..aeff91983
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_print_keylog.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set1_alpn_selected.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set1_alpn_selected.3ssl.gz
new file mode 100644
index 000000000..34b20daaf
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set1_alpn_selected.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set1_hostname.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set1_hostname.3ssl.gz
new file mode 100644
index 000000000..34b20daaf
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set1_hostname.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set1_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set1_id.3ssl.gz
new file mode 100644
index 000000000..c7f09c9a4
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set1_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set1_id_context.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set1_id_context.3ssl.gz
new file mode 100644
index 000000000..51c5a9e88
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set1_id_context.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set1_master_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set1_master_key.3ssl.gz
new file mode 100644
index 000000000..ce83386a5
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set1_master_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set1_ticket_appdata.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set1_ticket_appdata.3ssl.gz
new file mode 100644
index 000000000..902dc414a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set1_ticket_appdata.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set_cipher.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set_cipher.3ssl.gz
new file mode 100644
index 000000000..dd4bc8ad8
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set_ex_data.3ssl.gz
index f68a76290..cf1f1d9ed 100644
Binary files a/msys2/usr/share/man/man3/SSL_SESSION_set_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/SSL_SESSION_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set_protocol_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set_protocol_version.3ssl.gz
new file mode 100644
index 000000000..67c9f04e8
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_set_protocol_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set_time.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set_time.3ssl.gz
index f76e41a8f..8f9247ed2 100644
Binary files a/msys2/usr/share/man/man3/SSL_SESSION_set_time.3ssl.gz and b/msys2/usr/share/man/man3/SSL_SESSION_set_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_set_timeout.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_set_timeout.3ssl.gz
index f76e41a8f..8f9247ed2 100644
Binary files a/msys2/usr/share/man/man3/SSL_SESSION_set_timeout.3ssl.gz and b/msys2/usr/share/man/man3/SSL_SESSION_set_timeout.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_SESSION_up_ref.3ssl.gz b/msys2/usr/share/man/man3/SSL_SESSION_up_ref.3ssl.gz
new file mode 100644
index 000000000..752203cd5
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_SESSION_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_accept.3ssl.gz b/msys2/usr/share/man/man3/SSL_accept.3ssl.gz
index 5ad1dbe52..170181131 100644
Binary files a/msys2/usr/share/man/man3/SSL_accept.3ssl.gz and b/msys2/usr/share/man/man3/SSL_accept.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_add0_chain_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_add0_chain_cert.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_add0_chain_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_add0_chain_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_add1_chain_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_add1_chain_cert.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_add1_chain_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_add1_chain_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_add1_host.3ssl.gz b/msys2/usr/share/man/man3/SSL_add1_host.3ssl.gz
new file mode 100644
index 000000000..ae3a201b1
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_add1_host.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_add1_to_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_add1_to_CA_list.3ssl.gz
new file mode 100644
index 000000000..e9333d591
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_add1_to_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_add_client_CA.3ssl.gz b/msys2/usr/share/man/man3/SSL_add_client_CA.3ssl.gz
index 22450240a..e9333d591 100644
Binary files a/msys2/usr/share/man/man3/SSL_add_client_CA.3ssl.gz and b/msys2/usr/share/man/man3/SSL_add_client_CA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_add_session.3ssl.gz b/msys2/usr/share/man/man3/SSL_add_session.3ssl.gz
deleted file mode 100644
index 9b55ff047..000000000
Binary files a/msys2/usr/share/man/man3/SSL_add_session.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_alert_desc_string.3ssl.gz b/msys2/usr/share/man/man3/SSL_alert_desc_string.3ssl.gz
index 44f2a9a08..2ff248c2e 100644
Binary files a/msys2/usr/share/man/man3/SSL_alert_desc_string.3ssl.gz and b/msys2/usr/share/man/man3/SSL_alert_desc_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_alert_desc_string_long.3ssl.gz b/msys2/usr/share/man/man3/SSL_alert_desc_string_long.3ssl.gz
index 44f2a9a08..2ff248c2e 100644
Binary files a/msys2/usr/share/man/man3/SSL_alert_desc_string_long.3ssl.gz and b/msys2/usr/share/man/man3/SSL_alert_desc_string_long.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_alert_type_string.3ssl.gz b/msys2/usr/share/man/man3/SSL_alert_type_string.3ssl.gz
index 44f2a9a08..2ff248c2e 100644
Binary files a/msys2/usr/share/man/man3/SSL_alert_type_string.3ssl.gz and b/msys2/usr/share/man/man3/SSL_alert_type_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_alert_type_string_long.3ssl.gz b/msys2/usr/share/man/man3/SSL_alert_type_string_long.3ssl.gz
index 44f2a9a08..2ff248c2e 100644
Binary files a/msys2/usr/share/man/man3/SSL_alert_type_string_long.3ssl.gz and b/msys2/usr/share/man/man3/SSL_alert_type_string_long.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_alloc_buffers.3ssl.gz b/msys2/usr/share/man/man3/SSL_alloc_buffers.3ssl.gz
new file mode 100644
index 000000000..417043535
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_alloc_buffers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_allow_early_data_cb_fn.3ssl.gz b/msys2/usr/share/man/man3/SSL_allow_early_data_cb_fn.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_allow_early_data_cb_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_build_cert_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_build_cert_chain.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_build_cert_chain.3ssl.gz and b/msys2/usr/share/man/man3/SSL_build_cert_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_bytes_to_cipher_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_bytes_to_cipher_list.3ssl.gz
new file mode 100644
index 000000000..f611e032c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_bytes_to_cipher_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_callback_ctrl.3ssl.gz b/msys2/usr/share/man/man3/SSL_callback_ctrl.3ssl.gz
index 911cca063..c9136dd08 100644
Binary files a/msys2/usr/share/man/man3/SSL_callback_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/SSL_callback_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_check_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_check_chain.3ssl.gz
index 21faaf2e6..6cd33d136 100644
Binary files a/msys2/usr/share/man/man3/SSL_check_chain.3ssl.gz and b/msys2/usr/share/man/man3/SSL_check_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_check_private_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_check_private_key.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_check_private_key.3ssl.gz and b/msys2/usr/share/man/man3/SSL_check_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_clear.3ssl.gz b/msys2/usr/share/man/man3/SSL_clear.3ssl.gz
index a2f8eb4f7..ddc053921 100644
Binary files a/msys2/usr/share/man/man3/SSL_clear.3ssl.gz and b/msys2/usr/share/man/man3/SSL_clear.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_clear_chain_certs.3ssl.gz b/msys2/usr/share/man/man3/SSL_clear_chain_certs.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_clear_chain_certs.3ssl.gz and b/msys2/usr/share/man/man3/SSL_clear_chain_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_clear_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_clear_mode.3ssl.gz
new file mode 100644
index 000000000..6296d3584
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_clear_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_clear_options.3ssl.gz b/msys2/usr/share/man/man3/SSL_clear_options.3ssl.gz
index caf24aaac..4d8fe0ab3 100644
Binary files a/msys2/usr/share/man/man3/SSL_clear_options.3ssl.gz and b/msys2/usr/share/man/man3/SSL_clear_options.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_cb_fn.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_cb_fn.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_cb_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_get0_ciphers.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_get0_ciphers.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_get0_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_get0_compression_methods.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_get0_compression_methods.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_get0_compression_methods.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_get0_ext.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_get0_ext.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_get0_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_get0_legacy_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_get0_legacy_version.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_get0_legacy_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_get0_random.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_get0_random.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_get0_random.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_get0_session_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_get0_session_id.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_get0_session_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_get1_extensions_present.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_get1_extensions_present.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_get1_extensions_present.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_hello_isv2.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_hello_isv2.3ssl.gz
new file mode 100644
index 000000000..22f847222
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_hello_isv2.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_client_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_client_version.3ssl.gz
new file mode 100644
index 000000000..f7f47905b
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_client_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_config.3ssl.gz b/msys2/usr/share/man/man3/SSL_config.3ssl.gz
new file mode 100644
index 000000000..350a2bf14
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_config.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_connect.3ssl.gz b/msys2/usr/share/man/man3/SSL_connect.3ssl.gz
index 248dcb24f..0ac2db852 100644
Binary files a/msys2/usr/share/man/man3/SSL_connect.3ssl.gz and b/msys2/usr/share/man/man3/SSL_connect.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_ct_is_enabled.3ssl.gz b/msys2/usr/share/man/man3/SSL_ct_is_enabled.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_ct_is_enabled.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_ctrl.3ssl.gz b/msys2/usr/share/man/man3/SSL_ctrl.3ssl.gz
index 911cca063..c9136dd08 100644
Binary files a/msys2/usr/share/man/man3/SSL_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/SSL_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_dane_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/SSL_dane_clear_flags.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_dane_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_dane_enable.3ssl.gz b/msys2/usr/share/man/man3/SSL_dane_enable.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_dane_enable.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_dane_set_flags.3ssl.gz b/msys2/usr/share/man/man3/SSL_dane_set_flags.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_dane_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_dane_tlsa_add.3ssl.gz b/msys2/usr/share/man/man3/SSL_dane_tlsa_add.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_dane_tlsa_add.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_disable_ct.3ssl.gz b/msys2/usr/share/man/man3/SSL_disable_ct.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_disable_ct.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_do_handshake.3ssl.gz b/msys2/usr/share/man/man3/SSL_do_handshake.3ssl.gz
index a6018d741..d45eaa0dd 100644
Binary files a/msys2/usr/share/man/man3/SSL_do_handshake.3ssl.gz and b/msys2/usr/share/man/man3/SSL_do_handshake.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_dup.3ssl.gz b/msys2/usr/share/man/man3/SSL_dup.3ssl.gz
new file mode 100644
index 000000000..3f46046d9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_enable_ct.3ssl.gz b/msys2/usr/share/man/man3/SSL_enable_ct.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_enable_ct.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_export_keying_material.3ssl.gz b/msys2/usr/share/man/man3/SSL_export_keying_material.3ssl.gz
index b0429217f..f66840593 100644
Binary files a/msys2/usr/share/man/man3/SSL_export_keying_material.3ssl.gz and b/msys2/usr/share/man/man3/SSL_export_keying_material.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_export_keying_material_early.3ssl.gz b/msys2/usr/share/man/man3/SSL_export_keying_material_early.3ssl.gz
new file mode 100644
index 000000000..f66840593
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_export_keying_material_early.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_extension_supported.3ssl.gz b/msys2/usr/share/man/man3/SSL_extension_supported.3ssl.gz
new file mode 100644
index 000000000..5b7babf0b
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_extension_supported.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_flush_sessions.3ssl.gz b/msys2/usr/share/man/man3/SSL_flush_sessions.3ssl.gz
deleted file mode 100644
index 0f5847ca5..000000000
Binary files a/msys2/usr/share/man/man3/SSL_flush_sessions.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_free.3ssl.gz b/msys2/usr/share/man/man3/SSL_free.3ssl.gz
index ae3054e30..b0c7007cf 100644
Binary files a/msys2/usr/share/man/man3/SSL_free.3ssl.gz and b/msys2/usr/share/man/man3/SSL_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_free_buffers.3ssl.gz b/msys2/usr/share/man/man3/SSL_free_buffers.3ssl.gz
new file mode 100644
index 000000000..417043535
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_free_buffers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_CA_list.3ssl.gz
new file mode 100644
index 000000000..e9333d591
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_alpn_selected.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_alpn_selected.3ssl.gz
index d186fbcac..5423f50bb 100644
Binary files a/msys2/usr/share/man/man3/SSL_get0_alpn_selected.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get0_alpn_selected.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_chain_certs.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_chain_certs.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_get0_chain_certs.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get0_chain_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_dane_authority.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_dane_authority.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_dane_authority.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_dane_tlsa.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_dane_tlsa.3ssl.gz
new file mode 100644
index 000000000..6c5efd642
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_dane_tlsa.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_next_proto_negotiated.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_next_proto_negotiated.3ssl.gz
new file mode 100644
index 000000000..5423f50bb
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_next_proto_negotiated.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_param.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_param.3ssl.gz
index 776be455f..444a34cff 100644
Binary files a/msys2/usr/share/man/man3/SSL_get0_param.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get0_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_peer_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_peer_CA_list.3ssl.gz
new file mode 100644
index 000000000..e9333d591
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_peer_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_peer_scts.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_peer_scts.3ssl.gz
new file mode 100644
index 000000000..05704d7ca
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_peer_scts.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_peername.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_peername.3ssl.gz
new file mode 100644
index 000000000..ae3a201b1
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_peername.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_security_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_security_ex_data.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_security_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_session.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_session.3ssl.gz
new file mode 100644
index 000000000..b34118ef6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_session.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get0_verified_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_get0_verified_chain.3ssl.gz
new file mode 100644
index 000000000..fd4ed7d45
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get0_verified_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get1_curves.3ssl.gz b/msys2/usr/share/man/man3/SSL_get1_curves.3ssl.gz
index c8942081c..7f345c614 100644
Binary files a/msys2/usr/share/man/man3/SSL_get1_curves.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get1_curves.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get1_groups.3ssl.gz b/msys2/usr/share/man/man3/SSL_get1_groups.3ssl.gz
new file mode 100644
index 000000000..7f345c614
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get1_groups.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get1_session.3ssl.gz b/msys2/usr/share/man/man3/SSL_get1_session.3ssl.gz
new file mode 100644
index 000000000..b34118ef6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get1_session.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get1_supported_ciphers.3ssl.gz b/msys2/usr/share/man/man3/SSL_get1_supported_ciphers.3ssl.gz
new file mode 100644
index 000000000..f611e032c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get1_supported_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_SSL_CTX.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_SSL_CTX.3ssl.gz
index dc384fe0a..719f81c72 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_SSL_CTX.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_SSL_CTX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_accept_state.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_accept_state.3ssl.gz
deleted file mode 100644
index dcac54c53..000000000
Binary files a/msys2/usr/share/man/man3/SSL_get_accept_state.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_get_all_async_fds.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_all_async_fds.3ssl.gz
new file mode 100644
index 000000000..478f2216e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_all_async_fds.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_changed_async_fds.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_changed_async_fds.3ssl.gz
new file mode 100644
index 000000000..478f2216e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_changed_async_fds.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_cipher.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_cipher.3ssl.gz
index aebeb2e69..0bbe29930 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_cipher.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_cipher_bits.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_cipher_bits.3ssl.gz
index aebeb2e69..0bbe29930 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_cipher_bits.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_cipher_bits.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_cipher_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_cipher_list.3ssl.gz
index 88f688c68..f611e032c 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_cipher_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_cipher_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_cipher_name.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_cipher_name.3ssl.gz
index aebeb2e69..0bbe29930 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_cipher_name.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_cipher_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_cipher_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_cipher_version.3ssl.gz
index aebeb2e69..0bbe29930 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_cipher_version.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_cipher_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_ciphers.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_ciphers.3ssl.gz
index 88f688c68..f611e032c 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_ciphers.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_client_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_client_CA_list.3ssl.gz
index 4bcd97ce2..e9333d591 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_client_CA_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_client_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_client_ciphers.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_client_ciphers.3ssl.gz
new file mode 100644
index 000000000..f611e032c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_client_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_client_random.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_client_random.3ssl.gz
new file mode 100644
index 000000000..ce83386a5
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_client_random.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_current_cipher.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_current_cipher.3ssl.gz
index aebeb2e69..0bbe29930 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_current_cipher.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_current_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_default_passwd_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_default_passwd_cb.3ssl.gz
new file mode 100644
index 000000000..f23d1290e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_default_passwd_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_default_passwd_cb_userdata.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_default_passwd_cb_userdata.3ssl.gz
new file mode 100644
index 000000000..f23d1290e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_default_passwd_cb_userdata.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_default_timeout.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_default_timeout.3ssl.gz
index 770ec0ef0..08603c760 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_default_timeout.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_default_timeout.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_early_data_status.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_early_data_status.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_early_data_status.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_error.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_error.3ssl.gz
index ffe867cbc..ae52fb0f2 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_error.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_ex_data.3ssl.gz
index 24b596ce5..bee92ac46 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3ssl.gz
index 71c67abc6..cfa3927ff 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_ex_new_index.3ssl.gz
deleted file mode 100644
index 24b596ce5..000000000
Binary files a/msys2/usr/share/man/man3/SSL_get_ex_new_index.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_get_extms_support.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_extms_support.3ssl.gz
new file mode 100644
index 000000000..6822fdd9e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_extms_support.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_fd.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_fd.3ssl.gz
index c55496a10..23c4144bf 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_fd.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_info_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_info_callback.3ssl.gz
index 0de841589..478ceb66a 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_info_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_info_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_key_update_type.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_key_update_type.3ssl.gz
new file mode 100644
index 000000000..bd8fd318d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_key_update_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_max_cert_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_max_cert_list.3ssl.gz
index aaa3e8763..8f119ad61 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_max_cert_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_max_cert_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_max_proto_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_max_proto_version.3ssl.gz
new file mode 100644
index 000000000..2443ff7e6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_max_proto_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_min_proto_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_min_proto_version.3ssl.gz
new file mode 100644
index 000000000..2443ff7e6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_min_proto_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_mode.3ssl.gz
index 82c6a5018..6296d3584 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_mode.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_msg_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_msg_callback_arg.3ssl.gz
deleted file mode 100644
index e0287dd3d..000000000
Binary files a/msys2/usr/share/man/man3/SSL_get_msg_callback_arg.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_get_num_tickets.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_num_tickets.3ssl.gz
new file mode 100644
index 000000000..86564cd3a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_num_tickets.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_options.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_options.3ssl.gz
index caf24aaac..4d8fe0ab3 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_options.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_options.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_peer_cert_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_peer_cert_chain.3ssl.gz
index 9d182252b..fd4ed7d45 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_peer_cert_chain.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_peer_cert_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_peer_certificate.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_peer_certificate.3ssl.gz
index 5bee53588..102852a54 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_peer_certificate.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_peer_certificate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_peer_signature_nid.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_peer_signature_nid.3ssl.gz
new file mode 100644
index 000000000..817b00715
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_peer_signature_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_peer_signature_type_nid.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_peer_signature_type_nid.3ssl.gz
new file mode 100644
index 000000000..817b00715
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_peer_signature_type_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_peer_tmp_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_peer_tmp_key.3ssl.gz
new file mode 100644
index 000000000..28173e67d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_peer_tmp_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_pending_cipher.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_pending_cipher.3ssl.gz
new file mode 100644
index 000000000..0bbe29930
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_pending_cipher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_psk_identity.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_psk_identity.3ssl.gz
index 6f202a232..ca2140444 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_psk_identity.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_psk_identity.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_psk_identity_hint.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_psk_identity_hint.3ssl.gz
index 6f202a232..ca2140444 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_psk_identity_hint.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_psk_identity_hint.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_quiet_shutdown.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_quiet_shutdown.3ssl.gz
index 6c5fbf455..4526e9626 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_quiet_shutdown.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_quiet_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_rbio.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_rbio.3ssl.gz
index f60b590f2..995e9985a 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_rbio.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_rbio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_read_ahead.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_read_ahead.3ssl.gz
index 9baef4367..90d2d126b 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_read_ahead.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_read_ahead.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_record_padding_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_record_padding_callback_arg.3ssl.gz
new file mode 100644
index 000000000..957eb118f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_record_padding_callback_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_recv_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_recv_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_recv_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_rfd.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_rfd.3ssl.gz
new file mode 100644
index 000000000..23c4144bf
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_rfd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_secure_renegotiation_support.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_secure_renegotiation_support.3ssl.gz
index caf24aaac..4d8fe0ab3 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_secure_renegotiation_support.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_secure_renegotiation_support.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_security_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_security_callback.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_security_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_security_level.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_security_level.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_security_level.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_selected_srtp_profile.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_selected_srtp_profile.3ssl.gz
new file mode 100644
index 000000000..cbaf39f44
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_selected_srtp_profile.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_server_random.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_server_random.3ssl.gz
new file mode 100644
index 000000000..ce83386a5
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_server_random.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_server_tmp_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_server_tmp_key.3ssl.gz
new file mode 100644
index 000000000..28173e67d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_server_tmp_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_servername.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_servername.3ssl.gz
index ba472993d..695a1a1f0 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_servername.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_servername.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_servername_type.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_servername_type.3ssl.gz
index ba472993d..695a1a1f0 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_servername_type.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_servername_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_session.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_session.3ssl.gz
index c320de37c..b34118ef6 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_session.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_session.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_shared_ciphers.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_shared_ciphers.3ssl.gz
new file mode 100644
index 000000000..f611e032c
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_shared_ciphers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_shared_curve.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_shared_curve.3ssl.gz
index c8942081c..7f345c614 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_shared_curve.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_shared_curve.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_shared_group.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_shared_group.3ssl.gz
new file mode 100644
index 000000000..7f345c614
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_shared_group.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_shared_sigalgs.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_shared_sigalgs.3ssl.gz
new file mode 100644
index 000000000..f35d1e021
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_shared_sigalgs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_shutdown.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_shutdown.3ssl.gz
index 89de285a7..e39d483ed 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_shutdown.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_sigalgs.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_sigalgs.3ssl.gz
new file mode 100644
index 000000000..f35d1e021
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_sigalgs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_signature_nid.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_signature_nid.3ssl.gz
new file mode 100644
index 000000000..817b00715
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_signature_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_signature_type_nid.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_signature_type_nid.3ssl.gz
new file mode 100644
index 000000000..817b00715
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_signature_type_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_srtp_profiles.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_srtp_profiles.3ssl.gz
new file mode 100644
index 000000000..cbaf39f44
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_srtp_profiles.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_ssl_method.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_ssl_method.3ssl.gz
index a2e9a928b..81f5d8f8e 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_ssl_method.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_ssl_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_state.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_state.3ssl.gz
new file mode 100644
index 000000000..8b7c5ead9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_state.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_time.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_time.3ssl.gz
new file mode 100644
index 000000000..8f9247ed2
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_timeout.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_timeout.3ssl.gz
new file mode 100644
index 000000000..8f9247ed2
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_timeout.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_tlsext_status_ocsp_resp.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_tlsext_status_ocsp_resp.3ssl.gz
index 2bcd830b3..dae8217be 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_tlsext_status_ocsp_resp.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_tlsext_status_ocsp_resp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_tlsext_status_type.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_tlsext_status_type.3ssl.gz
new file mode 100644
index 000000000..dae8217be
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_tlsext_status_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_tmp_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_tmp_key.3ssl.gz
new file mode 100644
index 000000000..28173e67d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_tmp_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_verify_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_verify_callback.3ssl.gz
index 1287bf635..4b3870749 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_verify_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_verify_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_verify_depth.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_verify_depth.3ssl.gz
index 1287bf635..4b3870749 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_verify_depth.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_verify_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_verify_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_verify_mode.3ssl.gz
index 1287bf635..4b3870749 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_verify_mode.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_verify_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_verify_result.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_verify_result.3ssl.gz
index 11617d04d..4b0b6cdf1 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_verify_result.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_verify_result.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_version.3ssl.gz
index 492e8adea..f7f47905b 100644
Binary files a/msys2/usr/share/man/man3/SSL_get_version.3ssl.gz and b/msys2/usr/share/man/man3/SSL_get_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_wbio.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_wbio.3ssl.gz
new file mode 100644
index 000000000..995e9985a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_wbio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_get_wfd.3ssl.gz b/msys2/usr/share/man/man3/SSL_get_wfd.3ssl.gz
new file mode 100644
index 000000000..23c4144bf
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_get_wfd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_has_matching_session_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_has_matching_session_id.3ssl.gz
index 10171da68..6579348b6 100644
Binary files a/msys2/usr/share/man/man3/SSL_has_matching_session_id.3ssl.gz and b/msys2/usr/share/man/man3/SSL_has_matching_session_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_has_pending.3ssl.gz b/msys2/usr/share/man/man3/SSL_has_pending.3ssl.gz
new file mode 100644
index 000000000..990abc66d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_has_pending.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_in_accept_init.3ssl.gz b/msys2/usr/share/man/man3/SSL_in_accept_init.3ssl.gz
new file mode 100644
index 000000000..8b7c5ead9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_in_accept_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_in_before.3ssl.gz b/msys2/usr/share/man/man3/SSL_in_before.3ssl.gz
new file mode 100644
index 000000000..8b7c5ead9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_in_before.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_in_connect_init.3ssl.gz b/msys2/usr/share/man/man3/SSL_in_connect_init.3ssl.gz
new file mode 100644
index 000000000..8b7c5ead9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_in_connect_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_in_init.3ssl.gz b/msys2/usr/share/man/man3/SSL_in_init.3ssl.gz
new file mode 100644
index 000000000..8b7c5ead9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_in_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_is_dtls.3ssl.gz b/msys2/usr/share/man/man3/SSL_is_dtls.3ssl.gz
new file mode 100644
index 000000000..f7f47905b
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_is_dtls.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_is_init_finished.3ssl.gz b/msys2/usr/share/man/man3/SSL_is_init_finished.3ssl.gz
new file mode 100644
index 000000000..8b7c5ead9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_is_init_finished.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_is_server.3ssl.gz b/msys2/usr/share/man/man3/SSL_is_server.3ssl.gz
new file mode 100644
index 000000000..b3d509a69
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_is_server.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_key_update.3ssl.gz b/msys2/usr/share/man/man3/SSL_key_update.3ssl.gz
new file mode 100644
index 000000000..bd8fd318d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_key_update.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_library_init.3ssl.gz b/msys2/usr/share/man/man3/SSL_library_init.3ssl.gz
index 5d8031ad9..11d12f029 100644
Binary files a/msys2/usr/share/man/man3/SSL_library_init.3ssl.gz and b/msys2/usr/share/man/man3/SSL_library_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_load_client_CA_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_load_client_CA_file.3ssl.gz
index 2f0156d39..f77d7ad01 100644
Binary files a/msys2/usr/share/man/man3/SSL_load_client_CA_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_load_client_CA_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_load_error_strings.3ssl.gz b/msys2/usr/share/man/man3/SSL_load_error_strings.3ssl.gz
index 957199dfe..62de363e0 100644
Binary files a/msys2/usr/share/man/man3/SSL_load_error_strings.3ssl.gz and b/msys2/usr/share/man/man3/SSL_load_error_strings.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_need_tmp_rsa.3ssl.gz b/msys2/usr/share/man/man3/SSL_need_tmp_rsa.3ssl.gz
deleted file mode 100644
index c1948ee57..000000000
Binary files a/msys2/usr/share/man/man3/SSL_need_tmp_rsa.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_new.3ssl.gz b/msys2/usr/share/man/man3/SSL_new.3ssl.gz
index b10840cb5..3f46046d9 100644
Binary files a/msys2/usr/share/man/man3/SSL_new.3ssl.gz and b/msys2/usr/share/man/man3/SSL_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_peek.3ssl.gz b/msys2/usr/share/man/man3/SSL_peek.3ssl.gz
new file mode 100644
index 000000000..32edaeb22
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_peek.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_peek_ex.3ssl.gz b/msys2/usr/share/man/man3/SSL_peek_ex.3ssl.gz
new file mode 100644
index 000000000..32edaeb22
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_peek_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_pending.3ssl.gz b/msys2/usr/share/man/man3/SSL_pending.3ssl.gz
index c7ec5ddce..990abc66d 100644
Binary files a/msys2/usr/share/man/man3/SSL_pending.3ssl.gz and b/msys2/usr/share/man/man3/SSL_pending.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_psk_client_cb_func.3ssl.gz b/msys2/usr/share/man/man3/SSL_psk_client_cb_func.3ssl.gz
new file mode 100644
index 000000000..4de013d47
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_psk_client_cb_func.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_psk_find_session_cb_func.3ssl.gz b/msys2/usr/share/man/man3/SSL_psk_find_session_cb_func.3ssl.gz
new file mode 100644
index 000000000..1ac87df4f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_psk_find_session_cb_func.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_psk_server_cb_func.3ssl.gz b/msys2/usr/share/man/man3/SSL_psk_server_cb_func.3ssl.gz
new file mode 100644
index 000000000..1ac87df4f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_psk_server_cb_func.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_psk_use_session_cb_func.3ssl.gz b/msys2/usr/share/man/man3/SSL_psk_use_session_cb_func.3ssl.gz
new file mode 100644
index 000000000..4de013d47
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_psk_use_session_cb_func.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_read.3ssl.gz b/msys2/usr/share/man/man3/SSL_read.3ssl.gz
index 578c2559b..32edaeb22 100644
Binary files a/msys2/usr/share/man/man3/SSL_read.3ssl.gz and b/msys2/usr/share/man/man3/SSL_read.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_read_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_read_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_read_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_read_ex.3ssl.gz b/msys2/usr/share/man/man3/SSL_read_ex.3ssl.gz
new file mode 100644
index 000000000..32edaeb22
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_read_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_remove_session.3ssl.gz b/msys2/usr/share/man/man3/SSL_remove_session.3ssl.gz
deleted file mode 100644
index 9b55ff047..000000000
Binary files a/msys2/usr/share/man/man3/SSL_remove_session.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_renegotiate.3ssl.gz b/msys2/usr/share/man/man3/SSL_renegotiate.3ssl.gz
new file mode 100644
index 000000000..bd8fd318d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_renegotiate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_renegotiate_abbreviated.3ssl.gz b/msys2/usr/share/man/man3/SSL_renegotiate_abbreviated.3ssl.gz
new file mode 100644
index 000000000..bd8fd318d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_renegotiate_abbreviated.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_renegotiate_pending.3ssl.gz b/msys2/usr/share/man/man3/SSL_renegotiate_pending.3ssl.gz
new file mode 100644
index 000000000..bd8fd318d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_renegotiate_pending.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_rstate_string.3ssl.gz b/msys2/usr/share/man/man3/SSL_rstate_string.3ssl.gz
index 157b056c4..7bd7f07ed 100644
Binary files a/msys2/usr/share/man/man3/SSL_rstate_string.3ssl.gz and b/msys2/usr/share/man/man3/SSL_rstate_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_rstate_string_long.3ssl.gz b/msys2/usr/share/man/man3/SSL_rstate_string_long.3ssl.gz
index 157b056c4..7bd7f07ed 100644
Binary files a/msys2/usr/share/man/man3/SSL_rstate_string_long.3ssl.gz and b/msys2/usr/share/man/man3/SSL_rstate_string_long.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_select_current_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_select_current_cert.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_select_current_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_select_current_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_select_next_proto.3ssl.gz b/msys2/usr/share/man/man3/SSL_select_next_proto.3ssl.gz
index d186fbcac..5423f50bb 100644
Binary files a/msys2/usr/share/man/man3/SSL_select_next_proto.3ssl.gz and b/msys2/usr/share/man/man3/SSL_select_next_proto.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_session_reused.3ssl.gz b/msys2/usr/share/man/man3/SSL_session_reused.3ssl.gz
index 32a42e277..10ab681e2 100644
Binary files a/msys2/usr/share/man/man3/SSL_session_reused.3ssl.gz and b/msys2/usr/share/man/man3/SSL_session_reused.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set0_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_set0_CA_list.3ssl.gz
new file mode 100644
index 000000000..e9333d591
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set0_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set0_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_set0_chain.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_set0_chain.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set0_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set0_chain_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_set0_chain_cert_store.3ssl.gz
index 67f1c41d4..b04c4fbfb 100644
Binary files a/msys2/usr/share/man/man3/SSL_set0_chain_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set0_chain_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set0_rbio.3ssl.gz b/msys2/usr/share/man/man3/SSL_set0_rbio.3ssl.gz
new file mode 100644
index 000000000..1e1bddcb7
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set0_rbio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set0_security_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_set0_security_ex_data.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set0_security_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set0_verify_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_set0_verify_cert_store.3ssl.gz
index 67f1c41d4..b04c4fbfb 100644
Binary files a/msys2/usr/share/man/man3/SSL_set0_verify_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set0_verify_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set0_wbio.3ssl.gz b/msys2/usr/share/man/man3/SSL_set0_wbio.3ssl.gz
new file mode 100644
index 000000000..1e1bddcb7
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set0_wbio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_chain.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_chain.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_set1_chain.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set1_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_chain_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_chain_cert_store.3ssl.gz
index 67f1c41d4..b04c4fbfb 100644
Binary files a/msys2/usr/share/man/man3/SSL_set1_chain_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set1_chain_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_client_sigalgs.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_client_sigalgs.3ssl.gz
new file mode 100644
index 000000000..66ee67686
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set1_client_sigalgs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_client_sigalgs_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_client_sigalgs_list.3ssl.gz
new file mode 100644
index 000000000..66ee67686
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set1_client_sigalgs_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_curves.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_curves.3ssl.gz
index c8942081c..7f345c614 100644
Binary files a/msys2/usr/share/man/man3/SSL_set1_curves.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set1_curves.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_curves_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_curves_list.3ssl.gz
index c8942081c..7f345c614 100644
Binary files a/msys2/usr/share/man/man3/SSL_set1_curves_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set1_curves_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_groups.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_groups.3ssl.gz
new file mode 100644
index 000000000..7f345c614
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set1_groups.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_groups_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_groups_list.3ssl.gz
new file mode 100644
index 000000000..7f345c614
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set1_groups_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_host.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_host.3ssl.gz
new file mode 100644
index 000000000..ae3a201b1
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set1_host.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_param.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_param.3ssl.gz
index 776be455f..444a34cff 100644
Binary files a/msys2/usr/share/man/man3/SSL_set1_param.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set1_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_sigalgs.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_sigalgs.3ssl.gz
new file mode 100644
index 000000000..66ee67686
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set1_sigalgs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_sigalgs_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_sigalgs_list.3ssl.gz
new file mode 100644
index 000000000..66ee67686
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set1_sigalgs_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set1_verify_cert_store.3ssl.gz b/msys2/usr/share/man/man3/SSL_set1_verify_cert_store.3ssl.gz
index 67f1c41d4..b04c4fbfb 100644
Binary files a/msys2/usr/share/man/man3/SSL_set1_verify_cert_store.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set1_verify_cert_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_accept_state.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_accept_state.3ssl.gz
new file mode 100644
index 000000000..b3d509a69
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_accept_state.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_allow_early_data_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_allow_early_data_cb.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_allow_early_data_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_alpn_protos.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_alpn_protos.3ssl.gz
index d186fbcac..5423f50bb 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_alpn_protos.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_alpn_protos.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_bio.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_bio.3ssl.gz
index 8d50458f4..1e1bddcb7 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_bio.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_block_padding.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_block_padding.3ssl.gz
new file mode 100644
index 000000000..957eb118f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_block_padding.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_cert_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_cert_cb.3ssl.gz
index 4f32445f3..df9993b15 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_cert_cb.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_cert_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_cipher_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_cipher_list.3ssl.gz
index 1f74f7888..5c116feee 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_cipher_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_cipher_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_ciphersuites.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_ciphersuites.3ssl.gz
new file mode 100644
index 000000000..5c116feee
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_ciphersuites.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_client_CA_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_client_CA_list.3ssl.gz
index 22450240a..e9333d591 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_client_CA_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_client_CA_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_connect_state.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_connect_state.3ssl.gz
index dcac54c53..b3d509a69 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_connect_state.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_connect_state.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_ct_validation_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_ct_validation_callback.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_ct_validation_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_current_cert.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_current_cert.3ssl.gz
index 1c7776daa..0faeee340 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_current_cert.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_current_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_default_passwd_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_default_passwd_cb.3ssl.gz
new file mode 100644
index 000000000..f23d1290e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_default_passwd_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_default_passwd_cb_userdata.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_default_passwd_cb_userdata.3ssl.gz
new file mode 100644
index 000000000..f23d1290e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_default_passwd_cb_userdata.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_default_read_buffer_len.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_default_read_buffer_len.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_default_read_buffer_len.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_ecdh_auto.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_ecdh_auto.3ssl.gz
deleted file mode 100644
index c8942081c..000000000
Binary files a/msys2/usr/share/man/man3/SSL_set_ecdh_auto.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_ex_data.3ssl.gz
index 24b596ce5..bee92ac46 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_fd.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_fd.3ssl.gz
index de17f1bf1..dcf003530 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_fd.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_fd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_generate_session_id.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_generate_session_id.3ssl.gz
index 10171da68..6579348b6 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_generate_session_id.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_generate_session_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_hostflags.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_hostflags.3ssl.gz
new file mode 100644
index 000000000..ae3a201b1
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_hostflags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_info_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_info_callback.3ssl.gz
index 0de841589..478ceb66a 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_info_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_info_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_max_cert_list.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_max_cert_list.3ssl.gz
index aaa3e8763..8f119ad61 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_max_cert_list.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_max_cert_list.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_max_pipelines.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_max_pipelines.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_max_pipelines.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_max_proto_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_max_proto_version.3ssl.gz
new file mode 100644
index 000000000..2443ff7e6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_max_proto_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_max_send_fragment.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_max_send_fragment.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_max_send_fragment.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_min_proto_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_min_proto_version.3ssl.gz
new file mode 100644
index 000000000..2443ff7e6
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_min_proto_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_mode.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_mode.3ssl.gz
index 82c6a5018..6296d3584 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_mode.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_mode.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_msg_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_msg_callback.3ssl.gz
index e0287dd3d..29e1507ea 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_msg_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_msg_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_msg_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_msg_callback_arg.3ssl.gz
new file mode 100644
index 000000000..29e1507ea
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_msg_callback_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_num_tickets.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_num_tickets.3ssl.gz
new file mode 100644
index 000000000..86564cd3a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_num_tickets.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_options.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_options.3ssl.gz
index caf24aaac..4d8fe0ab3 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_options.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_options.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_post_handshake_auth.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_post_handshake_auth.3ssl.gz
new file mode 100644
index 000000000..cfa3927ff
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_post_handshake_auth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_psk_client_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_psk_client_callback.3ssl.gz
index 244bfb86c..4de013d47 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_psk_client_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_psk_client_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_psk_find_session_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_psk_find_session_callback.3ssl.gz
new file mode 100644
index 000000000..1ac87df4f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_psk_find_session_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_psk_server_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_psk_server_callback.3ssl.gz
index fa61c2487..1ac87df4f 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_psk_server_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_psk_server_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_psk_use_session_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_psk_use_session_callback.3ssl.gz
new file mode 100644
index 000000000..4de013d47
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_psk_use_session_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_quiet_shutdown.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_quiet_shutdown.3ssl.gz
index 6c5fbf455..4526e9626 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_quiet_shutdown.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_quiet_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_read_ahead.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_read_ahead.3ssl.gz
index 9baef4367..90d2d126b 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_read_ahead.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_read_ahead.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_record_padding_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_record_padding_callback.3ssl.gz
new file mode 100644
index 000000000..957eb118f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_record_padding_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_record_padding_callback_arg.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_record_padding_callback_arg.3ssl.gz
new file mode 100644
index 000000000..957eb118f
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_record_padding_callback_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_recv_max_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_recv_max_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_recv_max_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_rfd.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_rfd.3ssl.gz
new file mode 100644
index 000000000..dcf003530
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_rfd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_security_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_security_callback.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_security_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_security_level.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_security_level.3ssl.gz
new file mode 100644
index 000000000..a2906baf3
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_security_level.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_session.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_session.3ssl.gz
index 43a1cc7fc..8321760ce 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_session.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_session.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_session_id_context.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_session_id_context.3ssl.gz
index 665ec3a21..ae7dde3a3 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_session_id_context.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_session_id_context.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_shutdown.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_shutdown.3ssl.gz
index 89de285a7..e39d483ed 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_shutdown.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_split_send_fragment.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_split_send_fragment.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_split_send_fragment.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_ssl_method.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_ssl_method.3ssl.gz
index a2e9a928b..81f5d8f8e 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_ssl_method.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_ssl_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_time.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_time.3ssl.gz
new file mode 100644
index 000000000..8f9247ed2
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_timeout.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_timeout.3ssl.gz
new file mode 100644
index 000000000..8f9247ed2
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_timeout.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tlsext_host_name.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tlsext_host_name.3ssl.gz
new file mode 100644
index 000000000..695a1a1f0
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_tlsext_host_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tlsext_max_fragment_length.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tlsext_max_fragment_length.3ssl.gz
new file mode 100644
index 000000000..ab179699a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_tlsext_max_fragment_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tlsext_status_ocsp_resp.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tlsext_status_ocsp_resp.3ssl.gz
index 2bcd830b3..dae8217be 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_tlsext_status_ocsp_resp.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_tlsext_status_ocsp_resp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tlsext_status_type.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tlsext_status_type.3ssl.gz
index 2bcd830b3..dae8217be 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_tlsext_status_type.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_tlsext_status_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tlsext_use_srtp.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tlsext_use_srtp.3ssl.gz
new file mode 100644
index 000000000..cbaf39f44
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_tlsext_use_srtp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tmp_dh.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tmp_dh.3ssl.gz
index 6deae3ed8..0d50d67e4 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_tmp_dh.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_tmp_dh.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tmp_dh_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tmp_dh_callback.3ssl.gz
index 6deae3ed8..0d50d67e4 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_tmp_dh_callback.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_tmp_dh_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tmp_rsa.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tmp_rsa.3ssl.gz
deleted file mode 100644
index c1948ee57..000000000
Binary files a/msys2/usr/share/man/man3/SSL_set_tmp_rsa.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_set_tmp_rsa_callback.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_tmp_rsa_callback.3ssl.gz
deleted file mode 100644
index c1948ee57..000000000
Binary files a/msys2/usr/share/man/man3/SSL_set_tmp_rsa_callback.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSL_set_verify.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_verify.3ssl.gz
index 70dd2cb6b..cfa3927ff 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_verify.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_verify_depth.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_verify_depth.3ssl.gz
index 70dd2cb6b..cfa3927ff 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_verify_depth.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_verify_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_verify_result.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_verify_result.3ssl.gz
index f841a74ee..31968229c 100644
Binary files a/msys2/usr/share/man/man3/SSL_set_verify_result.3ssl.gz and b/msys2/usr/share/man/man3/SSL_set_verify_result.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_set_wfd.3ssl.gz b/msys2/usr/share/man/man3/SSL_set_wfd.3ssl.gz
new file mode 100644
index 000000000..dcf003530
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_set_wfd.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_shutdown.3ssl.gz b/msys2/usr/share/man/man3/SSL_shutdown.3ssl.gz
index 9bc853692..571e142af 100644
Binary files a/msys2/usr/share/man/man3/SSL_shutdown.3ssl.gz and b/msys2/usr/share/man/man3/SSL_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_state_string.3ssl.gz b/msys2/usr/share/man/man3/SSL_state_string.3ssl.gz
index 0bacac69a..415c453f2 100644
Binary files a/msys2/usr/share/man/man3/SSL_state_string.3ssl.gz and b/msys2/usr/share/man/man3/SSL_state_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_state_string_long.3ssl.gz b/msys2/usr/share/man/man3/SSL_state_string_long.3ssl.gz
index 0bacac69a..415c453f2 100644
Binary files a/msys2/usr/share/man/man3/SSL_state_string_long.3ssl.gz and b/msys2/usr/share/man/man3/SSL_state_string_long.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_stateless.3ssl.gz b/msys2/usr/share/man/man3/SSL_stateless.3ssl.gz
new file mode 100644
index 000000000..a312d56a7
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_stateless.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_up_ref.3ssl.gz b/msys2/usr/share/man/man3/SSL_up_ref.3ssl.gz
new file mode 100644
index 000000000..3f46046d9
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_PrivateKey.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_PrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_PrivateKey_ASN1.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_PrivateKey_ASN1.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_PrivateKey_ASN1.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_PrivateKey_ASN1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_PrivateKey_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_PrivateKey_file.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_PrivateKey_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_PrivateKey_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey_ASN1.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey_ASN1.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey_ASN1.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey_ASN1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey_file.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_RSAPrivateKey_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_cert_and_key.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_cert_and_key.3ssl.gz
new file mode 100644
index 000000000..e0d257531
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_use_cert_and_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_certificate.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_certificate.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_certificate.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_certificate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_certificate_ASN1.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_certificate_ASN1.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_certificate_ASN1.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_certificate_ASN1.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_certificate_chain_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_certificate_chain_file.3ssl.gz
new file mode 100644
index 000000000..e0d257531
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_use_certificate_chain_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_certificate_file.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_certificate_file.3ssl.gz
index 4b2034bc7..e0d257531 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_certificate_file.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_certificate_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_use_psk_identity_hint.3ssl.gz b/msys2/usr/share/man/man3/SSL_use_psk_identity_hint.3ssl.gz
index fa61c2487..1ac87df4f 100644
Binary files a/msys2/usr/share/man/man3/SSL_use_psk_identity_hint.3ssl.gz and b/msys2/usr/share/man/man3/SSL_use_psk_identity_hint.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_verify_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_verify_cb.3ssl.gz
new file mode 100644
index 000000000..cfa3927ff
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_verify_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_verify_client_post_handshake.3ssl.gz b/msys2/usr/share/man/man3/SSL_verify_client_post_handshake.3ssl.gz
new file mode 100644
index 000000000..cfa3927ff
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_verify_client_post_handshake.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_version.3ssl.gz b/msys2/usr/share/man/man3/SSL_version.3ssl.gz
new file mode 100644
index 000000000..f7f47905b
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_waiting_for_async.3ssl.gz b/msys2/usr/share/man/man3/SSL_waiting_for_async.3ssl.gz
new file mode 100644
index 000000000..478f2216e
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_waiting_for_async.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_want.3ssl.gz b/msys2/usr/share/man/man3/SSL_want.3ssl.gz
index 3f111026e..1135e697d 100644
Binary files a/msys2/usr/share/man/man3/SSL_want.3ssl.gz and b/msys2/usr/share/man/man3/SSL_want.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_want_async.3ssl.gz b/msys2/usr/share/man/man3/SSL_want_async.3ssl.gz
new file mode 100644
index 000000000..1135e697d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_want_async.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_want_async_job.3ssl.gz b/msys2/usr/share/man/man3/SSL_want_async_job.3ssl.gz
new file mode 100644
index 000000000..1135e697d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_want_async_job.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_want_client_hello_cb.3ssl.gz b/msys2/usr/share/man/man3/SSL_want_client_hello_cb.3ssl.gz
new file mode 100644
index 000000000..1135e697d
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_want_client_hello_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_want_nothing.3ssl.gz b/msys2/usr/share/man/man3/SSL_want_nothing.3ssl.gz
index 3f111026e..1135e697d 100644
Binary files a/msys2/usr/share/man/man3/SSL_want_nothing.3ssl.gz and b/msys2/usr/share/man/man3/SSL_want_nothing.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_want_read.3ssl.gz b/msys2/usr/share/man/man3/SSL_want_read.3ssl.gz
index 3f111026e..1135e697d 100644
Binary files a/msys2/usr/share/man/man3/SSL_want_read.3ssl.gz and b/msys2/usr/share/man/man3/SSL_want_read.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_want_write.3ssl.gz b/msys2/usr/share/man/man3/SSL_want_write.3ssl.gz
index 3f111026e..1135e697d 100644
Binary files a/msys2/usr/share/man/man3/SSL_want_write.3ssl.gz and b/msys2/usr/share/man/man3/SSL_want_write.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_want_x509_lookup.3ssl.gz b/msys2/usr/share/man/man3/SSL_want_x509_lookup.3ssl.gz
index 3f111026e..1135e697d 100644
Binary files a/msys2/usr/share/man/man3/SSL_want_x509_lookup.3ssl.gz and b/msys2/usr/share/man/man3/SSL_want_x509_lookup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_write.3ssl.gz b/msys2/usr/share/man/man3/SSL_write.3ssl.gz
index bafc74346..c9226d14a 100644
Binary files a/msys2/usr/share/man/man3/SSL_write.3ssl.gz and b/msys2/usr/share/man/man3/SSL_write.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_write_early_data.3ssl.gz b/msys2/usr/share/man/man3/SSL_write_early_data.3ssl.gz
new file mode 100644
index 000000000..4ac6968ef
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_write_early_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSL_write_ex.3ssl.gz b/msys2/usr/share/man/man3/SSL_write_ex.3ssl.gz
new file mode 100644
index 000000000..c9226d14a
Binary files /dev/null and b/msys2/usr/share/man/man3/SSL_write_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSLeay.3ssl.gz b/msys2/usr/share/man/man3/SSLeay.3ssl.gz
deleted file mode 100644
index 1f59d5148..000000000
Binary files a/msys2/usr/share/man/man3/SSLeay.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSLeay_add_ssl_algorithms.3ssl.gz b/msys2/usr/share/man/man3/SSLeay_add_ssl_algorithms.3ssl.gz
deleted file mode 100644
index 5d8031ad9..000000000
Binary files a/msys2/usr/share/man/man3/SSLeay_add_ssl_algorithms.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSLeay_version.3ssl.gz b/msys2/usr/share/man/man3/SSLeay_version.3ssl.gz
deleted file mode 100644
index 7727e1f69..000000000
Binary files a/msys2/usr/share/man/man3/SSLeay_version.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSLv23_client_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv23_client_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/SSLv23_client_method.3ssl.gz and b/msys2/usr/share/man/man3/SSLv23_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSLv23_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv23_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/SSLv23_method.3ssl.gz and b/msys2/usr/share/man/man3/SSLv23_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSLv23_server_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv23_server_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/SSLv23_server_method.3ssl.gz and b/msys2/usr/share/man/man3/SSLv23_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSLv2_client_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv2_client_method.3ssl.gz
deleted file mode 100644
index ba6c9ae80..000000000
Binary files a/msys2/usr/share/man/man3/SSLv2_client_method.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSLv2_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv2_method.3ssl.gz
deleted file mode 100644
index ba6c9ae80..000000000
Binary files a/msys2/usr/share/man/man3/SSLv2_method.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSLv2_server_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv2_server_method.3ssl.gz
deleted file mode 100644
index ba6c9ae80..000000000
Binary files a/msys2/usr/share/man/man3/SSLv2_server_method.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/SSLv3_client_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv3_client_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/SSLv3_client_method.3ssl.gz and b/msys2/usr/share/man/man3/SSLv3_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSLv3_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv3_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/SSLv3_method.3ssl.gz and b/msys2/usr/share/man/man3/SSLv3_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SSLv3_server_method.3ssl.gz b/msys2/usr/share/man/man3/SSLv3_server_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/SSLv3_server_method.3ssl.gz and b/msys2/usr/share/man/man3/SSLv3_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SXNETID_free.3ssl.gz b/msys2/usr/share/man/man3/SXNETID_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/SXNETID_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SXNETID_new.3ssl.gz b/msys2/usr/share/man/man3/SXNETID_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/SXNETID_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SXNET_free.3ssl.gz b/msys2/usr/share/man/man3/SXNET_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/SXNET_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/SXNET_new.3ssl.gz b/msys2/usr/share/man/man3/SXNET_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/SXNET_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TABSIZE.3x.gz b/msys2/usr/share/man/man3/TABSIZE.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/TABSIZE.3x.gz and b/msys2/usr/share/man/man3/TABSIZE.3x.gz differ
diff --git a/msys2/usr/share/man/man3/TLS_FEATURE_free.3ssl.gz b/msys2/usr/share/man/man3/TLS_FEATURE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TLS_FEATURE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLS_FEATURE_new.3ssl.gz b/msys2/usr/share/man/man3/TLS_FEATURE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TLS_FEATURE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLS_client_method.3ssl.gz b/msys2/usr/share/man/man3/TLS_client_method.3ssl.gz
new file mode 100644
index 000000000..cfef55c60
Binary files /dev/null and b/msys2/usr/share/man/man3/TLS_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLS_method.3ssl.gz b/msys2/usr/share/man/man3/TLS_method.3ssl.gz
new file mode 100644
index 000000000..cfef55c60
Binary files /dev/null and b/msys2/usr/share/man/man3/TLS_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLS_server_method.3ssl.gz b/msys2/usr/share/man/man3/TLS_server_method.3ssl.gz
new file mode 100644
index 000000000..cfef55c60
Binary files /dev/null and b/msys2/usr/share/man/man3/TLS_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_1_client_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_1_client_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_1_client_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_1_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_1_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_1_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_1_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_1_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_1_server_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_1_server_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_1_server_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_1_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_2_client_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_2_client_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_2_client_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_2_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_2_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_2_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_2_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_2_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_2_server_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_2_server_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_2_server_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_2_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_client_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_client_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_client_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_client_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TLSv1_server_method.3ssl.gz b/msys2/usr/share/man/man3/TLSv1_server_method.3ssl.gz
index ba6c9ae80..cfef55c60 100644
Binary files a/msys2/usr/share/man/man3/TLSv1_server_method.3ssl.gz and b/msys2/usr/share/man/man3/TLSv1_server_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_ACCURACY_dup.3ssl.gz b/msys2/usr/share/man/man3/TS_ACCURACY_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_ACCURACY_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_ACCURACY_free.3ssl.gz b/msys2/usr/share/man/man3/TS_ACCURACY_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_ACCURACY_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_ACCURACY_new.3ssl.gz b/msys2/usr/share/man/man3/TS_ACCURACY_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_ACCURACY_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_MSG_IMPRINT_dup.3ssl.gz b/msys2/usr/share/man/man3/TS_MSG_IMPRINT_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_MSG_IMPRINT_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_MSG_IMPRINT_free.3ssl.gz b/msys2/usr/share/man/man3/TS_MSG_IMPRINT_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_MSG_IMPRINT_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_MSG_IMPRINT_new.3ssl.gz b/msys2/usr/share/man/man3/TS_MSG_IMPRINT_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_MSG_IMPRINT_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_REQ_dup.3ssl.gz b/msys2/usr/share/man/man3/TS_REQ_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_REQ_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_REQ_free.3ssl.gz b/msys2/usr/share/man/man3/TS_REQ_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_REQ_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_REQ_new.3ssl.gz b/msys2/usr/share/man/man3/TS_REQ_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_REQ_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_RESP_dup.3ssl.gz b/msys2/usr/share/man/man3/TS_RESP_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_RESP_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_RESP_free.3ssl.gz b/msys2/usr/share/man/man3/TS_RESP_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_RESP_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_RESP_new.3ssl.gz b/msys2/usr/share/man/man3/TS_RESP_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_RESP_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_STATUS_INFO_dup.3ssl.gz b/msys2/usr/share/man/man3/TS_STATUS_INFO_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_STATUS_INFO_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_STATUS_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/TS_STATUS_INFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_STATUS_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_STATUS_INFO_new.3ssl.gz b/msys2/usr/share/man/man3/TS_STATUS_INFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_STATUS_INFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_TST_INFO_dup.3ssl.gz b/msys2/usr/share/man/man3/TS_TST_INFO_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_TST_INFO_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_TST_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/TS_TST_INFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_TST_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/TS_TST_INFO_new.3ssl.gz b/msys2/usr/share/man/man3/TS_TST_INFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/TS_TST_INFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_METHOD.3ssl.gz b/msys2/usr/share/man/man3/UI_METHOD.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_METHOD.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_OpenSSL.3ssl.gz b/msys2/usr/share/man/man3/UI_OpenSSL.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_OpenSSL.3ssl.gz and b/msys2/usr/share/man/man3/UI_OpenSSL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_STRING.3ssl.gz b/msys2/usr/share/man/man3/UI_STRING.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_UTIL_read_pw.3ssl.gz b/msys2/usr/share/man/man3/UI_UTIL_read_pw.3ssl.gz
new file mode 100644
index 000000000..b77884a53
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_UTIL_read_pw.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_UTIL_read_pw_string.3ssl.gz b/msys2/usr/share/man/man3/UI_UTIL_read_pw_string.3ssl.gz
new file mode 100644
index 000000000..b77884a53
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_UTIL_read_pw_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_UTIL_wrap_read_pem_callback.3ssl.gz b/msys2/usr/share/man/man3/UI_UTIL_wrap_read_pem_callback.3ssl.gz
new file mode 100644
index 000000000..b77884a53
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_UTIL_wrap_read_pem_callback.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_add_error_string.3ssl.gz b/msys2/usr/share/man/man3/UI_add_error_string.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_add_error_string.3ssl.gz and b/msys2/usr/share/man/man3/UI_add_error_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_add_info_string.3ssl.gz b/msys2/usr/share/man/man3/UI_add_info_string.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_add_info_string.3ssl.gz and b/msys2/usr/share/man/man3/UI_add_info_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_add_input_boolean.3ssl.gz b/msys2/usr/share/man/man3/UI_add_input_boolean.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_add_input_boolean.3ssl.gz and b/msys2/usr/share/man/man3/UI_add_input_boolean.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_add_input_string.3ssl.gz b/msys2/usr/share/man/man3/UI_add_input_string.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_add_input_string.3ssl.gz and b/msys2/usr/share/man/man3/UI_add_input_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_add_user_data.3ssl.gz b/msys2/usr/share/man/man3/UI_add_user_data.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_add_user_data.3ssl.gz and b/msys2/usr/share/man/man3/UI_add_user_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_add_verify_string.3ssl.gz b/msys2/usr/share/man/man3/UI_add_verify_string.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_add_verify_string.3ssl.gz and b/msys2/usr/share/man/man3/UI_add_verify_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_construct_prompt.3ssl.gz b/msys2/usr/share/man/man3/UI_construct_prompt.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_construct_prompt.3ssl.gz and b/msys2/usr/share/man/man3/UI_construct_prompt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_create_method.3ssl.gz b/msys2/usr/share/man/man3/UI_create_method.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_create_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_ctrl.3ssl.gz b/msys2/usr/share/man/man3/UI_ctrl.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_ctrl.3ssl.gz and b/msys2/usr/share/man/man3/UI_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_destroy_method.3ssl.gz b/msys2/usr/share/man/man3/UI_destroy_method.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_destroy_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_dup_error_string.3ssl.gz b/msys2/usr/share/man/man3/UI_dup_error_string.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_dup_error_string.3ssl.gz and b/msys2/usr/share/man/man3/UI_dup_error_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_dup_info_string.3ssl.gz b/msys2/usr/share/man/man3/UI_dup_info_string.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_dup_info_string.3ssl.gz and b/msys2/usr/share/man/man3/UI_dup_info_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_dup_input_boolean.3ssl.gz b/msys2/usr/share/man/man3/UI_dup_input_boolean.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_dup_input_boolean.3ssl.gz and b/msys2/usr/share/man/man3/UI_dup_input_boolean.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_dup_input_string.3ssl.gz b/msys2/usr/share/man/man3/UI_dup_input_string.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_dup_input_string.3ssl.gz and b/msys2/usr/share/man/man3/UI_dup_input_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_dup_user_data.3ssl.gz b/msys2/usr/share/man/man3/UI_dup_user_data.3ssl.gz
new file mode 100644
index 000000000..51be06cf8
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_dup_user_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_dup_verify_string.3ssl.gz b/msys2/usr/share/man/man3/UI_dup_verify_string.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_dup_verify_string.3ssl.gz and b/msys2/usr/share/man/man3/UI_dup_verify_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_free.3ssl.gz b/msys2/usr/share/man/man3/UI_free.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_free.3ssl.gz and b/msys2/usr/share/man/man3/UI_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get0_action_string.3ssl.gz b/msys2/usr/share/man/man3/UI_get0_action_string.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get0_action_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get0_output_string.3ssl.gz b/msys2/usr/share/man/man3/UI_get0_output_string.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get0_output_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get0_result.3ssl.gz b/msys2/usr/share/man/man3/UI_get0_result.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_get0_result.3ssl.gz and b/msys2/usr/share/man/man3/UI_get0_result.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get0_result_string.3ssl.gz b/msys2/usr/share/man/man3/UI_get0_result_string.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get0_result_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get0_test_string.3ssl.gz b/msys2/usr/share/man/man3/UI_get0_test_string.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get0_test_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get0_user_data.3ssl.gz b/msys2/usr/share/man/man3/UI_get0_user_data.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_get0_user_data.3ssl.gz and b/msys2/usr/share/man/man3/UI_get0_user_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_default_method.3ssl.gz b/msys2/usr/share/man/man3/UI_get_default_method.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_get_default_method.3ssl.gz and b/msys2/usr/share/man/man3/UI_get_default_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/UI_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/UI_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_input_flags.3ssl.gz b/msys2/usr/share/man/man3/UI_get_input_flags.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get_input_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_method.3ssl.gz b/msys2/usr/share/man/man3/UI_get_method.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_get_method.3ssl.gz and b/msys2/usr/share/man/man3/UI_get_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_result_length.3ssl.gz b/msys2/usr/share/man/man3/UI_get_result_length.3ssl.gz
new file mode 100644
index 000000000..51be06cf8
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get_result_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_result_maxsize.3ssl.gz b/msys2/usr/share/man/man3/UI_get_result_maxsize.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get_result_maxsize.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_result_minsize.3ssl.gz b/msys2/usr/share/man/man3/UI_get_result_minsize.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get_result_minsize.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_result_string_length.3ssl.gz b/msys2/usr/share/man/man3/UI_get_result_string_length.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get_result_string_length.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_get_string_type.3ssl.gz b/msys2/usr/share/man/man3/UI_get_string_type.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_get_string_type.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_closer.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_closer.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_closer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_data_destructor.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_data_destructor.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_data_destructor.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_data_duplicator.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_data_duplicator.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_data_duplicator.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_flusher.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_flusher.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_flusher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_opener.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_opener.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_opener.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_prompt_constructor.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_prompt_constructor.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_prompt_constructor.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_reader.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_reader.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_reader.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_get_writer.3ssl.gz b/msys2/usr/share/man/man3/UI_method_get_writer.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_get_writer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_set_closer.3ssl.gz b/msys2/usr/share/man/man3/UI_method_set_closer.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_set_closer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_set_data_duplicator.3ssl.gz b/msys2/usr/share/man/man3/UI_method_set_data_duplicator.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_set_data_duplicator.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/UI_method_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_set_flusher.3ssl.gz b/msys2/usr/share/man/man3/UI_method_set_flusher.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_set_flusher.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_set_opener.3ssl.gz b/msys2/usr/share/man/man3/UI_method_set_opener.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_set_opener.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_set_prompt_constructor.3ssl.gz b/msys2/usr/share/man/man3/UI_method_set_prompt_constructor.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_set_prompt_constructor.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_set_reader.3ssl.gz b/msys2/usr/share/man/man3/UI_method_set_reader.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_set_reader.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_method_set_writer.3ssl.gz b/msys2/usr/share/man/man3/UI_method_set_writer.3ssl.gz
new file mode 100644
index 000000000..62e2ba43e
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_method_set_writer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_new.3ssl.gz b/msys2/usr/share/man/man3/UI_new.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_new.3ssl.gz and b/msys2/usr/share/man/man3/UI_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_new_method.3ssl.gz b/msys2/usr/share/man/man3/UI_new_method.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_new_method.3ssl.gz and b/msys2/usr/share/man/man3/UI_new_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_null.3ssl.gz b/msys2/usr/share/man/man3/UI_null.3ssl.gz
new file mode 100644
index 000000000..51be06cf8
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_null.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_process.3ssl.gz b/msys2/usr/share/man/man3/UI_process.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_process.3ssl.gz and b/msys2/usr/share/man/man3/UI_process.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_set_default_method.3ssl.gz b/msys2/usr/share/man/man3/UI_set_default_method.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_set_default_method.3ssl.gz and b/msys2/usr/share/man/man3/UI_set_default_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/UI_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_set_method.3ssl.gz b/msys2/usr/share/man/man3/UI_set_method.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/UI_set_method.3ssl.gz and b/msys2/usr/share/man/man3/UI_set_method.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_set_result.3ssl.gz b/msys2/usr/share/man/man3/UI_set_result.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_set_result.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_set_result_ex.3ssl.gz b/msys2/usr/share/man/man3/UI_set_result_ex.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_set_result_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UI_string_types.3ssl.gz b/msys2/usr/share/man/man3/UI_string_types.3ssl.gz
new file mode 100644
index 000000000..de8d4d6db
Binary files /dev/null and b/msys2/usr/share/man/man3/UI_string_types.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/UP.3x.gz b/msys2/usr/share/man/man3/UP.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/UP.3x.gz and b/msys2/usr/share/man/man3/UP.3x.gz differ
diff --git a/msys2/usr/share/man/man3/USERNOTICE_free.3ssl.gz b/msys2/usr/share/man/man3/USERNOTICE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/USERNOTICE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/USERNOTICE_new.3ssl.gz b/msys2/usr/share/man/man3/USERNOTICE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/USERNOTICE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509V3_EXT_d2i.3ssl.gz b/msys2/usr/share/man/man3/X509V3_EXT_d2i.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509V3_EXT_d2i.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509V3_EXT_i2d.3ssl.gz b/msys2/usr/share/man/man3/X509V3_EXT_i2d.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509V3_EXT_i2d.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509V3_add1_i2d.3ssl.gz b/msys2/usr/share/man/man3/X509V3_add1_i2d.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509V3_add1_i2d.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509V3_get_d2i.3ssl.gz b/msys2/usr/share/man/man3/X509V3_get_d2i.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509V3_get_d2i.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ALGOR_cmp.3ssl.gz b/msys2/usr/share/man/man3/X509_ALGOR_cmp.3ssl.gz
new file mode 100644
index 000000000..edd45694e
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ALGOR_cmp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ALGOR_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_ALGOR_dup.3ssl.gz
new file mode 100644
index 000000000..edd45694e
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ALGOR_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ALGOR_free.3ssl.gz b/msys2/usr/share/man/man3/X509_ALGOR_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ALGOR_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ALGOR_get0.3ssl.gz b/msys2/usr/share/man/man3/X509_ALGOR_get0.3ssl.gz
new file mode 100644
index 000000000..edd45694e
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ALGOR_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ALGOR_new.3ssl.gz b/msys2/usr/share/man/man3/X509_ALGOR_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ALGOR_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ALGOR_set0.3ssl.gz b/msys2/usr/share/man/man3/X509_ALGOR_set0.3ssl.gz
new file mode 100644
index 000000000..edd45694e
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ALGOR_set0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ALGOR_set_md.3ssl.gz b/msys2/usr/share/man/man3/X509_ALGOR_set_md.3ssl.gz
new file mode 100644
index 000000000..edd45694e
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ALGOR_set_md.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ATTRIBUTE_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_ATTRIBUTE_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ATTRIBUTE_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ATTRIBUTE_free.3ssl.gz b/msys2/usr/share/man/man3/X509_ATTRIBUTE_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ATTRIBUTE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_ATTRIBUTE_new.3ssl.gz b/msys2/usr/share/man/man3/X509_ATTRIBUTE_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_ATTRIBUTE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CERT_AUX_free.3ssl.gz b/msys2/usr/share/man/man3/X509_CERT_AUX_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CERT_AUX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CERT_AUX_new.3ssl.gz b/msys2/usr/share/man/man3/X509_CERT_AUX_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CERT_AUX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CINF_free.3ssl.gz b/msys2/usr/share/man/man3/X509_CINF_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CINF_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CINF_new.3ssl.gz b/msys2/usr/share/man/man3/X509_CINF_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CINF_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_INFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_INFO_new.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_INFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_INFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_add0_revoked.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_add0_revoked.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_add0_revoked.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_add1_ext_i2d.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_add1_ext_i2d.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_add1_ext_i2d.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_add_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_add_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_add_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_delete_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_delete_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_delete_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_digest.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_digest.3ssl.gz
new file mode 100644
index 000000000..c9b6b29b9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_free.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get0_by_cert.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get0_by_cert.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get0_by_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get0_by_serial.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get0_by_serial.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get0_by_serial.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get0_extensions.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get0_extensions.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get0_extensions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get0_lastUpdate.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get0_lastUpdate.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get0_lastUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get0_nextUpdate.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get0_nextUpdate.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get0_nextUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get0_signature.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get0_signature.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get0_signature.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_REVOKED.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_REVOKED.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_REVOKED.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_ext_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_ext_by_NID.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_ext_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_ext_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_ext_by_OBJ.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_ext_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_ext_by_critical.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_ext_by_critical.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_ext_by_critical.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_ext_count.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_ext_count.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_ext_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_ext_d2i.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_ext_d2i.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_ext_d2i.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_issuer.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_issuer.3ssl.gz
new file mode 100644
index 000000000..e63f2dd55
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_issuer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_signature_nid.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_signature_nid.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_signature_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_get_version.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_get_version.3ssl.gz
new file mode 100644
index 000000000..6f987a58c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_get_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_new.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_set1_lastUpdate.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_set1_lastUpdate.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_set1_lastUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_set1_nextUpdate.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_set1_nextUpdate.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_set1_nextUpdate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_set_issuer_name.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_set_issuer_name.3ssl.gz
new file mode 100644
index 000000000..e63f2dd55
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_set_issuer_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_set_version.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_set_version.3ssl.gz
new file mode 100644
index 000000000..6f987a58c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_set_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_sign.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_sign.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_sign_ctx.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_sign_ctx.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_sign_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_sort.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_sort.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_sort.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_CRL_verify.3ssl.gz b/msys2/usr/share/man/man3/X509_CRL_verify.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_CRL_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_create_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_create_by_NID.3ssl.gz
new file mode 100644
index 000000000..8d6f6b186
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_create_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_create_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_create_by_OBJ.3ssl.gz
new file mode 100644
index 000000000..8d6f6b186
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_create_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_free.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_get_critical.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_get_critical.3ssl.gz
new file mode 100644
index 000000000..8d6f6b186
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_get_critical.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_get_data.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_get_data.3ssl.gz
new file mode 100644
index 000000000..8d6f6b186
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_get_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_get_object.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_get_object.3ssl.gz
new file mode 100644
index 000000000..8d6f6b186
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_get_object.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_new.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_set_critical.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_set_critical.3ssl.gz
new file mode 100644
index 000000000..8d6f6b186
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_set_critical.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_set_data.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_set_data.3ssl.gz
new file mode 100644
index 000000000..8d6f6b186
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_set_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_EXTENSION_set_object.3ssl.gz b/msys2/usr/share/man/man3/X509_EXTENSION_set_object.3ssl.gz
new file mode 100644
index 000000000..8d6f6b186
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_EXTENSION_set_object.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_ctrl_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_ctrl_fn.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_ctrl_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_file.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_file.3ssl.gz
new file mode 100644
index 000000000..031b2210d
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_get_by_alias_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_get_by_alias_fn.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_get_by_alias_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_get_by_fingerprint_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_get_by_fingerprint_fn.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_get_by_fingerprint_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_get_by_issuer_serial_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_get_by_issuer_serial_fn.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_get_by_issuer_serial_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_get_by_subject_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_get_by_subject_fn.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_get_by_subject_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_get_method_data.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_get_method_data.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_get_method_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_get_store.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_get_store.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_get_store.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_hash_dir.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_hash_dir.3ssl.gz
new file mode 100644
index 000000000..031b2210d
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_hash_dir.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_free.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_free.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_ctrl.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_ctrl.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_free.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_free.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_alias.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_alias.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_alias.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_fingerprint.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_fingerprint.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_fingerprint.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_issuer_serial.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_issuer_serial.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_issuer_serial.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_subject.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_subject.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_get_by_subject.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_init.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_init.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_new_item.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_new_item.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_new_item.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_shutdown.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_shutdown.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_get_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_new.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_new.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_ctrl.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_ctrl.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_ctrl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_free.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_free.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_alias.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_alias.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_alias.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_fingerprint.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_fingerprint.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_fingerprint.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_issuer_serial.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_issuer_serial.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_issuer_serial.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_subject.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_subject.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_get_by_subject.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_init.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_init.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_new_item.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_new_item.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_new_item.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_shutdown.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_shutdown.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_meth_set_shutdown.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_LOOKUP_set_method_data.3ssl.gz b/msys2/usr/share/man/man3/X509_LOOKUP_set_method_data.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_LOOKUP_set_method_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_NID.3ssl.gz
index 29bb47c36..08bd0bbd9 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_NID.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_OBJ.3ssl.gz
index 29bb47c36..08bd0bbd9 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_OBJ.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_txt.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_txt.3ssl.gz
index 29bb47c36..08bd0bbd9 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_txt.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_create_by_txt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_free.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_get_data.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_get_data.3ssl.gz
index 29bb47c36..08bd0bbd9 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_ENTRY_get_data.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_get_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_get_object.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_get_object.3ssl.gz
index 29bb47c36..08bd0bbd9 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_ENTRY_get_object.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_get_object.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_new.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_set_data.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_set_data.3ssl.gz
index 29bb47c36..08bd0bbd9 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_ENTRY_set_data.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_set_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_ENTRY_set_object.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_ENTRY_set_object.3ssl.gz
index 29bb47c36..08bd0bbd9 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_ENTRY_set_object.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_ENTRY_set_object.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_add_entry.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_add_entry.3ssl.gz
index 657e0bd36..b6ea7426c 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_add_entry.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_add_entry.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_add_entry_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_add_entry_by_NID.3ssl.gz
index 657e0bd36..b6ea7426c 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_add_entry_by_NID.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_add_entry_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_add_entry_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_add_entry_by_OBJ.3ssl.gz
index 657e0bd36..b6ea7426c 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_add_entry_by_OBJ.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_add_entry_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_add_entry_by_txt.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_add_entry_by_txt.3ssl.gz
index 657e0bd36..b6ea7426c 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_add_entry_by_txt.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_add_entry_by_txt.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_delete_entry.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_delete_entry.3ssl.gz
index 657e0bd36..b6ea7426c 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_delete_entry.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_delete_entry.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_digest.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_digest.3ssl.gz
new file mode 100644
index 000000000..c9b6b29b9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_NAME_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_NAME_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_entry_count.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_entry_count.3ssl.gz
index a9c2c44af..b38c6f22a 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_entry_count.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_entry_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_free.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_NAME_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_get0_der.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_get0_der.3ssl.gz
new file mode 100644
index 000000000..fe40e377e
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_NAME_get0_der.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_get_entry.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_get_entry.3ssl.gz
index a9c2c44af..b38c6f22a 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_get_entry.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_get_entry.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_get_index_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_get_index_by_NID.3ssl.gz
index a9c2c44af..b38c6f22a 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_get_index_by_NID.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_get_index_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_get_index_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_get_index_by_OBJ.3ssl.gz
index a9c2c44af..b38c6f22a 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_get_index_by_OBJ.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_get_index_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_get_text_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_get_text_by_NID.3ssl.gz
index a9c2c44af..b38c6f22a 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_get_text_by_NID.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_get_text_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_get_text_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_get_text_by_OBJ.3ssl.gz
index a9c2c44af..b38c6f22a 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_get_text_by_OBJ.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_get_text_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_new.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_NAME_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_oneline.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_oneline.3ssl.gz
index da0707cc2..e51a48233 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_oneline.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_oneline.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_print.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_print.3ssl.gz
index da0707cc2..e51a48233 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_print.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_print_ex.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_print_ex.3ssl.gz
index da0707cc2..e51a48233 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_print_ex.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_print_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_NAME_print_ex_fp.3ssl.gz b/msys2/usr/share/man/man3/X509_NAME_print_ex_fp.3ssl.gz
index da0707cc2..e51a48233 100644
Binary files a/msys2/usr/share/man/man3/X509_NAME_print_ex_fp.3ssl.gz and b/msys2/usr/share/man/man3/X509_NAME_print_ex_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_OBJECT_set1_X509.3ssl.gz b/msys2/usr/share/man/man3/X509_OBJECT_set1_X509.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_OBJECT_set1_X509.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_OBJECT_set1_X509_CRL.3ssl.gz b/msys2/usr/share/man/man3/X509_OBJECT_set1_X509_CRL.3ssl.gz
new file mode 100644
index 000000000..5ac71c522
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_OBJECT_set1_X509_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_PUBKEY_free.3ssl.gz b/msys2/usr/share/man/man3/X509_PUBKEY_free.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_PUBKEY_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_PUBKEY_get.3ssl.gz b/msys2/usr/share/man/man3/X509_PUBKEY_get.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_PUBKEY_get.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_PUBKEY_get0.3ssl.gz b/msys2/usr/share/man/man3/X509_PUBKEY_get0.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_PUBKEY_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_PUBKEY_get0_param.3ssl.gz b/msys2/usr/share/man/man3/X509_PUBKEY_get0_param.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_PUBKEY_get0_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_PUBKEY_new.3ssl.gz b/msys2/usr/share/man/man3/X509_PUBKEY_new.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_PUBKEY_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_PUBKEY_set.3ssl.gz b/msys2/usr/share/man/man3/X509_PUBKEY_set.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_PUBKEY_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_PUBKEY_set0_param.3ssl.gz b/msys2/usr/share/man/man3/X509_PUBKEY_set0_param.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_PUBKEY_set0_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_INFO_free.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_INFO_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_INFO_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_INFO_new.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_INFO_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_INFO_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_check_private_key.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_check_private_key.3ssl.gz
index d3ace9e8b..de5d9a97a 100644
Binary files a/msys2/usr/share/man/man3/X509_REQ_check_private_key.3ssl.gz and b/msys2/usr/share/man/man3/X509_REQ_check_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_digest.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_digest.3ssl.gz
new file mode 100644
index 000000000..c9b6b29b9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_free.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_get0_pubkey.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_get0_pubkey.3ssl.gz
new file mode 100644
index 000000000..60e942430
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_get0_pubkey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_get0_signature.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_get0_signature.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_get0_signature.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_get_X509_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_get_X509_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..60e942430
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_get_X509_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_get_pubkey.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_get_pubkey.3ssl.gz
new file mode 100644
index 000000000..60e942430
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_get_pubkey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_get_signature_nid.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_get_signature_nid.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_get_signature_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_get_subject_name.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_get_subject_name.3ssl.gz
new file mode 100644
index 000000000..e63f2dd55
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_get_subject_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_get_version.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_get_version.3ssl.gz
new file mode 100644
index 000000000..6f987a58c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_get_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_new.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_set_pubkey.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_set_pubkey.3ssl.gz
new file mode 100644
index 000000000..60e942430
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_set_pubkey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_set_subject_name.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_set_subject_name.3ssl.gz
new file mode 100644
index 000000000..e63f2dd55
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_set_subject_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_set_version.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_set_version.3ssl.gz
new file mode 100644
index 000000000..6f987a58c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_set_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_sign.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_sign.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_sign_ctx.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_sign_ctx.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_sign_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REQ_verify.3ssl.gz b/msys2/usr/share/man/man3/X509_REQ_verify.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REQ_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_add1_ext_i2d.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_add1_ext_i2d.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_add1_ext_i2d.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_add_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_add_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_add_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_delete_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_delete_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_delete_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_free.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get0_extensions.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get0_extensions.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get0_extensions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get0_revocationDate.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get0_revocationDate.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get0_revocationDate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get0_serialNumber.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get0_serialNumber.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get0_serialNumber.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_NID.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_OBJ.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_critical.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_critical.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_by_critical.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get_ext_count.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_count.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_get_ext_d2i.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_d2i.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_get_ext_d2i.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_new.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_set_revocationDate.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_set_revocationDate.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_set_revocationDate.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_REVOKED_set_serialNumber.3ssl.gz b/msys2/usr/share/man/man3/X509_REVOKED_set_serialNumber.3ssl.gz
new file mode 100644
index 000000000..db64aeae7
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_REVOKED_set_serialNumber.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_SIG_INFO_get.3ssl.gz b/msys2/usr/share/man/man3/X509_SIG_INFO_get.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_SIG_INFO_get.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_SIG_INFO_set.3ssl.gz b/msys2/usr/share/man/man3/X509_SIG_INFO_set.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_SIG_INFO_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_SIG_free.3ssl.gz b/msys2/usr/share/man/man3/X509_SIG_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_SIG_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_SIG_get0.3ssl.gz b/msys2/usr/share/man/man3/X509_SIG_get0.3ssl.gz
new file mode 100644
index 000000000..fcc87922a
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_SIG_get0.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_SIG_getm.3ssl.gz b/msys2/usr/share/man/man3/X509_SIG_getm.3ssl.gz
new file mode 100644
index 000000000..fcc87922a
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_SIG_getm.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_SIG_new.3ssl.gz b/msys2/usr/share/man/man3/X509_SIG_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_SIG_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_cert_crl_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_cert_crl_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_cert_crl_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_check_crl_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_check_crl_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_check_crl_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_check_issued_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_check_issued_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_check_issued_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_check_policy_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_check_policy_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_check_policy_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_check_revocation_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_check_revocation_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_check_revocation_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_cleanup.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_cleanup.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_cleanup.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_cleanup_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_cleanup_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_cleanup_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_free.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_free.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_free.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get0_cert.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get0_cert.3ssl.gz
new file mode 100644
index 000000000..f4f84369b
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get0_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get0_chain.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get0_chain.3ssl.gz
new file mode 100644
index 000000000..134ba99b4
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get0_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get0_param.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get0_param.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_get0_param.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_get0_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get0_untrusted.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get0_untrusted.3ssl.gz
new file mode 100644
index 000000000..134ba99b4
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get0_untrusted.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get1_chain.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get1_chain.3ssl.gz
index 5919c469d..f4f84369b 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_get1_chain.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_get1_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_cert_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_cert_crl.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_cert_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_crl.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_issued.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_issued.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_issued.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_policy.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_policy.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_policy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_revocation.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_revocation.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_check_revocation.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_cleanup.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_cleanup.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_crl_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_crl_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_crl_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_current_cert.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_current_cert.3ssl.gz
index 5919c469d..f4f84369b 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_get_current_cert.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_current_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_error.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_error.3ssl.gz
index 5919c469d..f4f84369b 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_get_error.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_error_depth.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_error_depth.3ssl.gz
index 5919c469d..f4f84369b 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_get_error_depth.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_error_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_ex_data.3ssl.gz
index fa21ac2f1..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_get_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_ex_new_index.3ssl.gz
index fa21ac2f1..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_get_ex_new_index.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_get_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_get_crl.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_get_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_get_issuer.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_get_issuer.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_get_issuer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_issuer_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_issuer_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_issuer_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_lookup_certs.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_lookup_certs.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_lookup_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_lookup_crls.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_lookup_crls.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_lookup_crls.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_num_untrusted.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_num_untrusted.3ssl.gz
new file mode 100644
index 000000000..134ba99b4
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_num_untrusted.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_verify.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_verify.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_get_verify_cb.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_get_verify_cb.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_get_verify_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_init.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_init.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_init.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_init.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_lookup_certs_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_lookup_certs_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_lookup_certs_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_lookup_crls_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_lookup_crls_fn.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_lookup_crls_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_new.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_new.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_new.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set0_crls.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_crls.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_set0_crls.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_crls.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set0_param.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_param.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_set0_param.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set0_trusted_stack.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_trusted_stack.3ssl.gz
new file mode 100644
index 000000000..134ba99b4
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_trusted_stack.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set0_untrusted.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_untrusted.3ssl.gz
new file mode 100644
index 000000000..134ba99b4
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_untrusted.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set0_verified_chain.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_verified_chain.3ssl.gz
new file mode 100644
index 000000000..134ba99b4
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_set0_verified_chain.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_cert.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_cert.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_set_cert.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_set_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_chain.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_chain.3ssl.gz
deleted file mode 100644
index c5eb4580d..000000000
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_set_chain.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_current_cert.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_current_cert.3ssl.gz
new file mode 100644
index 000000000..f4f84369b
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_set_current_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_default.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_default.3ssl.gz
index c5eb4580d..134ba99b4 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_set_default.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_set_default.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_error.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_error.3ssl.gz
index 5919c469d..f4f84369b 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_set_error.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_set_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_error_depth.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_error_depth.3ssl.gz
new file mode 100644
index 000000000..f4f84369b
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_set_error_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_ex_data.3ssl.gz
index fa21ac2f1..cea58f021 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_set_ex_data.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_verify.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_verify.3ssl.gz
new file mode 100644
index 000000000..134ba99b4
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_set_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_set_verify_cb.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_set_verify_cb.3ssl.gz
index 7afe48c8f..2ebac9e66 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_set_verify_cb.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_CTX_set_verify_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_trusted_stack.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_trusted_stack.3ssl.gz
deleted file mode 100644
index c5eb4580d..000000000
Binary files a/msys2/usr/share/man/man3/X509_STORE_CTX_trusted_stack.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_verify_cb.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_verify_cb.3ssl.gz
new file mode 100644
index 000000000..2ebac9e66
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_verify_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_CTX_verify_fn.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_CTX_verify_fn.3ssl.gz
new file mode 100644
index 000000000..134ba99b4
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_CTX_verify_fn.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_add_cert.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_add_cert.3ssl.gz
new file mode 100644
index 000000000..c509d56a3
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_add_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_add_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_add_crl.3ssl.gz
new file mode 100644
index 000000000..c509d56a3
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_add_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_free.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_free.3ssl.gz
new file mode 100644
index 000000000..cb51b0213
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get0_objects.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get0_objects.3ssl.gz
new file mode 100644
index 000000000..f3dd6f5ac
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get0_objects.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get0_param.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get0_param.3ssl.gz
new file mode 100644
index 000000000..f3dd6f5ac
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get0_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_cert_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_cert_crl.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_cert_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_check_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_check_crl.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_check_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_check_issued.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_check_issued.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_check_issued.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_check_policy.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_check_policy.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_check_policy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_check_revocation.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_check_revocation.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_check_revocation.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_cleanup.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_cleanup.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_get_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_get_crl.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_get_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_get_issuer.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_get_issuer.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_get_issuer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_lookup_certs.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_lookup_certs.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_lookup_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_lookup_crls.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_lookup_crls.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_lookup_crls.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_get_verify_cb.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_get_verify_cb.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_get_verify_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_load_locations.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_load_locations.3ssl.gz
new file mode 100644
index 000000000..c509d56a3
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_load_locations.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_lock.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_lock.3ssl.gz
new file mode 100644
index 000000000..cb51b0213
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_lock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_new.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_new.3ssl.gz
new file mode 100644
index 000000000..cb51b0213
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set1_param.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set1_param.3ssl.gz
new file mode 100644
index 000000000..f3dd6f5ac
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set1_param.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_cert_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_cert_crl.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_cert_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_check_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_check_crl.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_check_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_check_issued.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_check_issued.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_check_issued.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_check_policy.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_check_policy.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_check_policy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_check_revocation.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_check_revocation.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_check_revocation.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_cleanup.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_cleanup.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_cleanup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_default_paths.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_default_paths.3ssl.gz
new file mode 100644
index 000000000..c509d56a3
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_default_paths.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_depth.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_depth.3ssl.gz
new file mode 100644
index 000000000..c509d56a3
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_flags.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_flags.3ssl.gz
new file mode 100644
index 000000000..c509d56a3
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_get_crl.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_get_crl.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_get_crl.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_get_issuer.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_get_issuer.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_get_issuer.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_lookup_certs.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_lookup_certs.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_lookup_certs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_lookup_crls.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_lookup_crls.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_lookup_crls.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_lookup_crls_cb.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_lookup_crls_cb.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_lookup_crls_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_purpose.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_purpose.3ssl.gz
new file mode 100644
index 000000000..c509d56a3
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_purpose.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_trust.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_trust.3ssl.gz
new file mode 100644
index 000000000..c509d56a3
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_trust.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_verify.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_verify.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_verify_cb.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_verify_cb.3ssl.gz
index 9f9196ebd..de537f3be 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_set_verify_cb.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_set_verify_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_verify_cb_func.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_verify_cb_func.3ssl.gz
index 9f9196ebd..de537f3be 100644
Binary files a/msys2/usr/share/man/man3/X509_STORE_set_verify_cb_func.3ssl.gz and b/msys2/usr/share/man/man3/X509_STORE_set_verify_cb_func.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_set_verify_func.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_set_verify_func.3ssl.gz
new file mode 100644
index 000000000..de537f3be
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_set_verify_func.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_unlock.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_unlock.3ssl.gz
new file mode 100644
index 000000000..cb51b0213
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_unlock.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_STORE_up_ref.3ssl.gz b/msys2/usr/share/man/man3/X509_STORE_up_ref.3ssl.gz
new file mode 100644
index 000000000..cb51b0213
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_STORE_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VAL_free.3ssl.gz b/msys2/usr/share/man/man3/X509_VAL_free.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_VAL_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VAL_new.3ssl.gz b/msys2/usr/share/man/man3/X509_VAL_new.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_VAL_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_add0_policy.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_add0_policy.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_add0_policy.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_add0_policy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_add1_host.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_add1_host.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_add1_host.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_add1_host.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_clear_flags.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_clear_flags.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_clear_flags.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_clear_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get0_peername.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get0_peername.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get0_peername.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get0_peername.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_auth_level.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_auth_level.3ssl.gz
new file mode 100644
index 000000000..ec640a9a8
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_auth_level.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_depth.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_depth.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_depth.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_flags.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_flags.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_flags.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_hostflags.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_hostflags.3ssl.gz
new file mode 100644
index 000000000..ec640a9a8
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_hostflags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_inh_flags.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_inh_flags.3ssl.gz
new file mode 100644
index 000000000..ec640a9a8
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_inh_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_time.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_time.3ssl.gz
new file mode 100644
index 000000000..ec640a9a8
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_get_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_email.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_email.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_email.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_email.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_host.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_host.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_host.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_host.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_ip.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_ip.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_ip.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_ip.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_ip_asc.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_ip_asc.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_ip_asc.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_ip_asc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_policies.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_policies.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_policies.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set1_policies.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_auth_level.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_auth_level.3ssl.gz
new file mode 100644
index 000000000..ec640a9a8
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_auth_level.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_depth.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_depth.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_depth.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_depth.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_flags.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_flags.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_flags.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_hostflags.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_hostflags.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_hostflags.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_hostflags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_inh_flags.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_inh_flags.3ssl.gz
new file mode 100644
index 000000000..ec640a9a8
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_inh_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_purpose.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_purpose.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_purpose.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_purpose.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_time.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_time.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_time.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_trust.3ssl.gz b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_trust.3ssl.gz
index f9615bb94..ec640a9a8 100644
Binary files a/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_trust.3ssl.gz and b/msys2/usr/share/man/man3/X509_VERIFY_PARAM_set_trust.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_add1_ext_i2d.3ssl.gz b/msys2/usr/share/man/man3/X509_add1_ext_i2d.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_add1_ext_i2d.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_add_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_add_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_add_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_chain_up_ref.3ssl.gz b/msys2/usr/share/man/man3/X509_chain_up_ref.3ssl.gz
new file mode 100644
index 000000000..8473a6e2a
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_chain_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_check_ca.3ssl.gz b/msys2/usr/share/man/man3/X509_check_ca.3ssl.gz
new file mode 100644
index 000000000..d3beaf3e9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_check_ca.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_check_email.3ssl.gz b/msys2/usr/share/man/man3/X509_check_email.3ssl.gz
index 9b3dc2a94..5edb59ad1 100644
Binary files a/msys2/usr/share/man/man3/X509_check_email.3ssl.gz and b/msys2/usr/share/man/man3/X509_check_email.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_check_host.3ssl.gz b/msys2/usr/share/man/man3/X509_check_host.3ssl.gz
index 9b3dc2a94..5edb59ad1 100644
Binary files a/msys2/usr/share/man/man3/X509_check_host.3ssl.gz and b/msys2/usr/share/man/man3/X509_check_host.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_check_ip.3ssl.gz b/msys2/usr/share/man/man3/X509_check_ip.3ssl.gz
index 9b3dc2a94..5edb59ad1 100644
Binary files a/msys2/usr/share/man/man3/X509_check_ip.3ssl.gz and b/msys2/usr/share/man/man3/X509_check_ip.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_check_ip_asc.3ssl.gz b/msys2/usr/share/man/man3/X509_check_ip_asc.3ssl.gz
index 9b3dc2a94..5edb59ad1 100644
Binary files a/msys2/usr/share/man/man3/X509_check_ip_asc.3ssl.gz and b/msys2/usr/share/man/man3/X509_check_ip_asc.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_check_issued.3ssl.gz b/msys2/usr/share/man/man3/X509_check_issued.3ssl.gz
new file mode 100644
index 000000000..a0f233422
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_check_issued.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_check_private_key.3ssl.gz b/msys2/usr/share/man/man3/X509_check_private_key.3ssl.gz
index d3ace9e8b..de5d9a97a 100644
Binary files a/msys2/usr/share/man/man3/X509_check_private_key.3ssl.gz and b/msys2/usr/share/man/man3/X509_check_private_key.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_cmp_current_time.3ssl.gz b/msys2/usr/share/man/man3/X509_cmp_current_time.3ssl.gz
new file mode 100644
index 000000000..bbf06d192
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_cmp_current_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_cmp_time.3ssl.gz b/msys2/usr/share/man/man3/X509_cmp_time.3ssl.gz
new file mode 100644
index 000000000..bbf06d192
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_cmp_time.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_delete_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_delete_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_delete_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_digest.3ssl.gz b/msys2/usr/share/man/man3/X509_digest.3ssl.gz
new file mode 100644
index 000000000..c9b6b29b9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_dup.3ssl.gz b/msys2/usr/share/man/man3/X509_dup.3ssl.gz
new file mode 100644
index 000000000..6c5c22f48
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_free.3ssl.gz b/msys2/usr/share/man/man3/X509_free.3ssl.gz
index 5838a012c..8473a6e2a 100644
Binary files a/msys2/usr/share/man/man3/X509_free.3ssl.gz and b/msys2/usr/share/man/man3/X509_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_authority_key_id.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_authority_key_id.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_authority_key_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_extensions.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_extensions.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_extensions.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_notAfter.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_notAfter.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_notAfter.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_notBefore.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_notBefore.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_notBefore.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_pubkey.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_pubkey.3ssl.gz
new file mode 100644
index 000000000..60e942430
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_pubkey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_serialNumber.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_serialNumber.3ssl.gz
new file mode 100644
index 000000000..88f3fff6c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_serialNumber.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_signature.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_signature.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_signature.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_subject_key_id.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_subject_key_id.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_subject_key_id.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_tbs_sigalg.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_tbs_sigalg.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_tbs_sigalg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get0_uids.3ssl.gz b/msys2/usr/share/man/man3/X509_get0_uids.3ssl.gz
new file mode 100644
index 000000000..fe5b09aff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get0_uids.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_X509_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/X509_get_X509_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..60e942430
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_X509_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_ex_data.3ssl.gz b/msys2/usr/share/man/man3/X509_get_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_ex_new_index.3ssl.gz b/msys2/usr/share/man/man3/X509_get_ex_new_index.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_ex_new_index.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_ext.3ssl.gz b/msys2/usr/share/man/man3/X509_get_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_ext_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509_get_ext_by_NID.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_ext_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_ext_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509_get_ext_by_OBJ.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_ext_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_ext_by_critical.3ssl.gz b/msys2/usr/share/man/man3/X509_get_ext_by_critical.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_ext_by_critical.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_ext_count.3ssl.gz b/msys2/usr/share/man/man3/X509_get_ext_count.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_ext_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_ext_d2i.3ssl.gz b/msys2/usr/share/man/man3/X509_get_ext_d2i.3ssl.gz
new file mode 100644
index 000000000..9111ce773
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_ext_d2i.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_extended_key_usage.3ssl.gz b/msys2/usr/share/man/man3/X509_get_extended_key_usage.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_extended_key_usage.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_extension_flags.3ssl.gz b/msys2/usr/share/man/man3/X509_get_extension_flags.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_extension_flags.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_issuer_name.3ssl.gz b/msys2/usr/share/man/man3/X509_get_issuer_name.3ssl.gz
new file mode 100644
index 000000000..e63f2dd55
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_issuer_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_key_usage.3ssl.gz b/msys2/usr/share/man/man3/X509_get_key_usage.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_key_usage.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_pathlen.3ssl.gz b/msys2/usr/share/man/man3/X509_get_pathlen.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_pathlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_proxy_pathlen.3ssl.gz b/msys2/usr/share/man/man3/X509_get_proxy_pathlen.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_proxy_pathlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_pubkey.3ssl.gz b/msys2/usr/share/man/man3/X509_get_pubkey.3ssl.gz
new file mode 100644
index 000000000..60e942430
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_pubkey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_serialNumber.3ssl.gz b/msys2/usr/share/man/man3/X509_get_serialNumber.3ssl.gz
new file mode 100644
index 000000000..88f3fff6c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_serialNumber.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_signature_info.3ssl.gz b/msys2/usr/share/man/man3/X509_get_signature_info.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_signature_info.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_signature_nid.3ssl.gz b/msys2/usr/share/man/man3/X509_get_signature_nid.3ssl.gz
new file mode 100644
index 000000000..f28db9551
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_signature_nid.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_subject_name.3ssl.gz b/msys2/usr/share/man/man3/X509_get_subject_name.3ssl.gz
new file mode 100644
index 000000000..e63f2dd55
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_subject_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_get_version.3ssl.gz b/msys2/usr/share/man/man3/X509_get_version.3ssl.gz
new file mode 100644
index 000000000..6f987a58c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_get_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_getm_notAfter.3ssl.gz b/msys2/usr/share/man/man3/X509_getm_notAfter.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_getm_notAfter.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_getm_notBefore.3ssl.gz b/msys2/usr/share/man/man3/X509_getm_notBefore.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_getm_notBefore.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_load_cert_crl_file.3ssl.gz b/msys2/usr/share/man/man3/X509_load_cert_crl_file.3ssl.gz
new file mode 100644
index 000000000..031b2210d
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_load_cert_crl_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_load_cert_file.3ssl.gz b/msys2/usr/share/man/man3/X509_load_cert_file.3ssl.gz
new file mode 100644
index 000000000..031b2210d
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_load_cert_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_load_crl_file.3ssl.gz b/msys2/usr/share/man/man3/X509_load_crl_file.3ssl.gz
new file mode 100644
index 000000000..031b2210d
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_load_crl_file.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_new.3ssl.gz b/msys2/usr/share/man/man3/X509_new.3ssl.gz
index 5838a012c..8473a6e2a 100644
Binary files a/msys2/usr/share/man/man3/X509_new.3ssl.gz and b/msys2/usr/share/man/man3/X509_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_pubkey_digest.3ssl.gz b/msys2/usr/share/man/man3/X509_pubkey_digest.3ssl.gz
new file mode 100644
index 000000000..c9b6b29b9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_pubkey_digest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set1_notAfter.3ssl.gz b/msys2/usr/share/man/man3/X509_set1_notAfter.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set1_notAfter.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set1_notBefore.3ssl.gz b/msys2/usr/share/man/man3/X509_set1_notBefore.3ssl.gz
new file mode 100644
index 000000000..7f13a48ff
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set1_notBefore.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set_ex_data.3ssl.gz b/msys2/usr/share/man/man3/X509_set_ex_data.3ssl.gz
new file mode 100644
index 000000000..cea58f021
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set_ex_data.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set_issuer_name.3ssl.gz b/msys2/usr/share/man/man3/X509_set_issuer_name.3ssl.gz
new file mode 100644
index 000000000..e63f2dd55
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set_issuer_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set_proxy_flag.3ssl.gz b/msys2/usr/share/man/man3/X509_set_proxy_flag.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set_proxy_flag.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set_proxy_pathlen.3ssl.gz b/msys2/usr/share/man/man3/X509_set_proxy_pathlen.3ssl.gz
new file mode 100644
index 000000000..dcd840d30
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set_proxy_pathlen.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set_pubkey.3ssl.gz b/msys2/usr/share/man/man3/X509_set_pubkey.3ssl.gz
new file mode 100644
index 000000000..60e942430
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set_pubkey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set_serialNumber.3ssl.gz b/msys2/usr/share/man/man3/X509_set_serialNumber.3ssl.gz
new file mode 100644
index 000000000..88f3fff6c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set_serialNumber.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set_subject_name.3ssl.gz b/msys2/usr/share/man/man3/X509_set_subject_name.3ssl.gz
new file mode 100644
index 000000000..e63f2dd55
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set_subject_name.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_set_version.3ssl.gz b/msys2/usr/share/man/man3/X509_set_version.3ssl.gz
new file mode 100644
index 000000000..6f987a58c
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_set_version.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_sign.3ssl.gz b/msys2/usr/share/man/man3/X509_sign.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_sign.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_sign_ctx.3ssl.gz b/msys2/usr/share/man/man3/X509_sign_ctx.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_sign_ctx.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_time_adj.3ssl.gz b/msys2/usr/share/man/man3/X509_time_adj.3ssl.gz
new file mode 100644
index 000000000..bbf06d192
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_time_adj.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_time_adj_ex.3ssl.gz b/msys2/usr/share/man/man3/X509_time_adj_ex.3ssl.gz
new file mode 100644
index 000000000..bbf06d192
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_time_adj_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_up_ref.3ssl.gz b/msys2/usr/share/man/man3/X509_up_ref.3ssl.gz
new file mode 100644
index 000000000..8473a6e2a
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_up_ref.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_verify.3ssl.gz b/msys2/usr/share/man/man3/X509_verify.3ssl.gz
new file mode 100644
index 000000000..88d54daa9
Binary files /dev/null and b/msys2/usr/share/man/man3/X509_verify.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_verify_cert.3ssl.gz b/msys2/usr/share/man/man3/X509_verify_cert.3ssl.gz
index 7d3e213d6..99eda9e60 100644
Binary files a/msys2/usr/share/man/man3/X509_verify_cert.3ssl.gz and b/msys2/usr/share/man/man3/X509_verify_cert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509_verify_cert_error_string.3ssl.gz b/msys2/usr/share/man/man3/X509_verify_cert_error_string.3ssl.gz
index 5919c469d..f4f84369b 100644
Binary files a/msys2/usr/share/man/man3/X509_verify_cert_error_string.3ssl.gz and b/msys2/usr/share/man/man3/X509_verify_cert_error_string.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509v3_add_ext.3ssl.gz b/msys2/usr/share/man/man3/X509v3_add_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509v3_add_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509v3_delete_ext.3ssl.gz b/msys2/usr/share/man/man3/X509v3_delete_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509v3_delete_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509v3_get_ext.3ssl.gz b/msys2/usr/share/man/man3/X509v3_get_ext.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509v3_get_ext.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509v3_get_ext_by_NID.3ssl.gz b/msys2/usr/share/man/man3/X509v3_get_ext_by_NID.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509v3_get_ext_by_NID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509v3_get_ext_by_OBJ.3ssl.gz b/msys2/usr/share/man/man3/X509v3_get_ext_by_OBJ.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509v3_get_ext_by_OBJ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509v3_get_ext_by_critical.3ssl.gz b/msys2/usr/share/man/man3/X509v3_get_ext_by_critical.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509v3_get_ext_by_critical.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/X509v3_get_ext_count.3ssl.gz b/msys2/usr/share/man/man3/X509v3_get_ext_count.3ssl.gz
new file mode 100644
index 000000000..68dbb68a2
Binary files /dev/null and b/msys2/usr/share/man/man3/X509v3_get_ext_count.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/__alpm_db_t.3.gz b/msys2/usr/share/man/man3/__alpm_db_t.3.gz
index 58e40db0f..002dddf55 100644
Binary files a/msys2/usr/share/man/man3/__alpm_db_t.3.gz and b/msys2/usr/share/man/man3/__alpm_db_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/__alpm_graph_t.3.gz b/msys2/usr/share/man/man3/__alpm_graph_t.3.gz
index b62f5ee81..9d3bc13aa 100644
Binary files a/msys2/usr/share/man/man3/__alpm_graph_t.3.gz and b/msys2/usr/share/man/man3/__alpm_graph_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/__alpm_handle_t.3.gz b/msys2/usr/share/man/man3/__alpm_handle_t.3.gz
index d149fae77..cc64c91eb 100644
Binary files a/msys2/usr/share/man/man3/__alpm_handle_t.3.gz and b/msys2/usr/share/man/man3/__alpm_handle_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/__alpm_list_t.3.gz b/msys2/usr/share/man/man3/__alpm_list_t.3.gz
index 3e1393561..a70f9a58c 100644
Binary files a/msys2/usr/share/man/man3/__alpm_list_t.3.gz and b/msys2/usr/share/man/man3/__alpm_list_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/__alpm_mountpoint_t.3.gz b/msys2/usr/share/man/man3/__alpm_mountpoint_t.3.gz
index 7726039e5..5bc2d1df9 100644
Binary files a/msys2/usr/share/man/man3/__alpm_mountpoint_t.3.gz and b/msys2/usr/share/man/man3/__alpm_mountpoint_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/__alpm_pkg_t.3.gz b/msys2/usr/share/man/man3/__alpm_pkg_t.3.gz
index 9df797286..1509f9a2a 100644
Binary files a/msys2/usr/share/man/man3/__alpm_pkg_t.3.gz and b/msys2/usr/share/man/man3/__alpm_pkg_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/__alpm_pkghash_t.3.gz b/msys2/usr/share/man/man3/__alpm_pkghash_t.3.gz
index d4b2c8e5d..cbd3e0f0c 100644
Binary files a/msys2/usr/share/man/man3/__alpm_pkghash_t.3.gz and b/msys2/usr/share/man/man3/__alpm_pkghash_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/__alpm_trans_t.3.gz b/msys2/usr/share/man/man3/__alpm_trans_t.3.gz
index 8804becda..53287bf90 100644
Binary files a/msys2/usr/share/man/man3/__alpm_trans_t.3.gz and b/msys2/usr/share/man/man3/__alpm_trans_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_backup_t.3.gz b/msys2/usr/share/man/man3/_alpm_backup_t.3.gz
index 1b71be9a8..2d2bce352 100644
Binary files a/msys2/usr/share/man/man3/_alpm_backup_t.3.gz and b/msys2/usr/share/man/man3/_alpm_backup_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_conflict_t.3.gz b/msys2/usr/share/man/man3/_alpm_conflict_t.3.gz
index cc696ab91..05bfd2407 100644
Binary files a/msys2/usr/share/man/man3/_alpm_conflict_t.3.gz and b/msys2/usr/share/man/man3/_alpm_conflict_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_delta_t.3.gz b/msys2/usr/share/man/man3/_alpm_delta_t.3.gz
index 9e3ca5d69..61f365a13 100644
Binary files a/msys2/usr/share/man/man3/_alpm_delta_t.3.gz and b/msys2/usr/share/man/man3/_alpm_delta_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_depend_t.3.gz b/msys2/usr/share/man/man3/_alpm_depend_t.3.gz
index bc691f25b..14a8df792 100644
Binary files a/msys2/usr/share/man/man3/_alpm_depend_t.3.gz and b/msys2/usr/share/man/man3/_alpm_depend_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_depmissing_t.3.gz b/msys2/usr/share/man/man3/_alpm_depmissing_t.3.gz
index dc23d6f20..e6e0cfc3d 100644
Binary files a/msys2/usr/share/man/man3/_alpm_depmissing_t.3.gz and b/msys2/usr/share/man/man3/_alpm_depmissing_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_any_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_any_t.3.gz
index 760d0258c..ec3d0e37f 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_any_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_any_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_database_missing_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_database_missing_t.3.gz
index 0522bd9ca..d54ab30e4 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_database_missing_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_database_missing_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_delta_patch_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_delta_patch_t.3.gz
index 06dd22956..0c0e28184 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_delta_patch_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_delta_patch_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_hook_run_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_hook_run_t.3.gz
index 2285fea95..24b8f63a2 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_hook_run_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_hook_run_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_hook_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_hook_t.3.gz
index 684b711fc..b87caa9d4 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_hook_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_hook_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_optdep_removal_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_optdep_removal_t.3.gz
index ac0c7c1d8..08cd6f1d4 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_optdep_removal_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_optdep_removal_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_package_operation_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_package_operation_t.3.gz
index 04de7f565..c617a60f8 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_package_operation_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_package_operation_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_pacnew_created_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_pacnew_created_t.3.gz
index f0d3c273c..86c35ef19 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_pacnew_created_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_pacnew_created_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_pacsave_created_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_pacsave_created_t.3.gz
index 6d3894b19..008abdf83 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_pacsave_created_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_pacsave_created_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_pkgdownload_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_pkgdownload_t.3.gz
index a583c5629..8d9b1e7da 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_pkgdownload_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_pkgdownload_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_scriptlet_info_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_scriptlet_info_t.3.gz
index 0babb2142..45e106ca5 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_scriptlet_info_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_scriptlet_info_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_event_t.3.gz b/msys2/usr/share/man/man3/_alpm_event_t.3.gz
index 4113a44e7..931027fa8 100644
Binary files a/msys2/usr/share/man/man3/_alpm_event_t.3.gz and b/msys2/usr/share/man/man3/_alpm_event_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_file_t.3.gz b/msys2/usr/share/man/man3/_alpm_file_t.3.gz
index 0ff6fe73f..8e2769164 100644
Binary files a/msys2/usr/share/man/man3/_alpm_file_t.3.gz and b/msys2/usr/share/man/man3/_alpm_file_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_fileconflict_t.3.gz b/msys2/usr/share/man/man3/_alpm_fileconflict_t.3.gz
index c4c8a8a53..376f08524 100644
Binary files a/msys2/usr/share/man/man3/_alpm_fileconflict_t.3.gz and b/msys2/usr/share/man/man3/_alpm_fileconflict_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_filelist_t.3.gz b/msys2/usr/share/man/man3/_alpm_filelist_t.3.gz
index 0243f2261..d5135f104 100644
Binary files a/msys2/usr/share/man/man3/_alpm_filelist_t.3.gz and b/msys2/usr/share/man/man3/_alpm_filelist_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_group_t.3.gz b/msys2/usr/share/man/man3/_alpm_group_t.3.gz
index 4bcdece2f..39eb83c66 100644
Binary files a/msys2/usr/share/man/man3/_alpm_group_t.3.gz and b/msys2/usr/share/man/man3/_alpm_group_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_hook_cb_ctx.3.gz b/msys2/usr/share/man/man3/_alpm_hook_cb_ctx.3.gz
index 581db77c2..28a838387 100644
Binary files a/msys2/usr/share/man/man3/_alpm_hook_cb_ctx.3.gz and b/msys2/usr/share/man/man3/_alpm_hook_cb_ctx.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_hook_t.3.gz b/msys2/usr/share/man/man3/_alpm_hook_t.3.gz
index 10fc93917..97c7666a9 100644
Binary files a/msys2/usr/share/man/man3/_alpm_hook_t.3.gz and b/msys2/usr/share/man/man3/_alpm_hook_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_pgpkey_t.3.gz b/msys2/usr/share/man/man3/_alpm_pgpkey_t.3.gz
index b5dbd9868..c6115e857 100644
Binary files a/msys2/usr/share/man/man3/_alpm_pgpkey_t.3.gz and b/msys2/usr/share/man/man3/_alpm_pgpkey_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_any_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_any_t.3.gz
index 18faf3f9e..bf3749dbf 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_any_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_any_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_conflict_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_conflict_t.3.gz
index ac30a6c05..3bf3e0710 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_conflict_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_conflict_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_corrupted_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_corrupted_t.3.gz
index 42073695f..dae5e6999 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_corrupted_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_corrupted_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_import_key_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_import_key_t.3.gz
index 6b4fcfc42..1d59f62e1 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_import_key_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_import_key_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_install_ignorepkg_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_install_ignorepkg_t.3.gz
index 286e9af10..6cfe0d3a3 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_install_ignorepkg_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_install_ignorepkg_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_remove_pkgs_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_remove_pkgs_t.3.gz
index 07230f48a..5998f2d3a 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_remove_pkgs_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_remove_pkgs_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_replace_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_replace_t.3.gz
index dc278166b..fbe753cb7 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_replace_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_replace_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_select_provider_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_select_provider_t.3.gz
index 8aaf1f7a0..5fabc28fe 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_select_provider_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_select_provider_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_question_t.3.gz b/msys2/usr/share/man/man3/_alpm_question_t.3.gz
index b197548fc..4139434f1 100644
Binary files a/msys2/usr/share/man/man3/_alpm_question_t.3.gz and b/msys2/usr/share/man/man3/_alpm_question_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_siglist_t.3.gz b/msys2/usr/share/man/man3/_alpm_siglist_t.3.gz
index 686e06598..08f608fc1 100644
Binary files a/msys2/usr/share/man/man3/_alpm_siglist_t.3.gz and b/msys2/usr/share/man/man3/_alpm_siglist_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_sigresult_t.3.gz b/msys2/usr/share/man/man3/_alpm_sigresult_t.3.gz
index 51766c742..63e496e02 100644
Binary files a/msys2/usr/share/man/man3/_alpm_sigresult_t.3.gz and b/msys2/usr/share/man/man3/_alpm_sigresult_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_alpm_trigger_t.3.gz b/msys2/usr/share/man/man3/_alpm_trigger_t.3.gz
index 33527c6b4..a8c9ce873 100644
Binary files a/msys2/usr/share/man/man3/_alpm_trigger_t.3.gz and b/msys2/usr/share/man/man3/_alpm_trigger_t.3.gz differ
diff --git a/msys2/usr/share/man/man3/_msys_scripts_pacman_src_pacman-5.0.1_lib_.3.gz b/msys2/usr/share/man/man3/_msys_scripts_pacman_src_pacman-5.0.1_lib_.3.gz
deleted file mode 100644
index b461a9754..000000000
Binary files a/msys2/usr/share/man/man3/_msys_scripts_pacman_src_pacman-5.0.1_lib_.3.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/_msys_scripts_pacman_src_pacman-5.0.1_lib_libalpm_.3.gz b/msys2/usr/share/man/man3/_msys_scripts_pacman_src_pacman-5.0.1_lib_libalpm_.3.gz
deleted file mode 100644
index ce583323f..000000000
Binary files a/msys2/usr/share/man/man3/_msys_scripts_pacman_src_pacman-5.0.1_lib_libalpm_.3.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/addch.3x.gz b/msys2/usr/share/man/man3/addch.3x.gz
index 9380c711b..7222e4e58 100644
Binary files a/msys2/usr/share/man/man3/addch.3x.gz and b/msys2/usr/share/man/man3/addch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/alloc_pair.3x.gz b/msys2/usr/share/man/man3/alloc_pair.3x.gz
index 2882ec13d..c3c541157 100644
Binary files a/msys2/usr/share/man/man3/alloc_pair.3x.gz and b/msys2/usr/share/man/man3/alloc_pair.3x.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_api.3.gz b/msys2/usr/share/man/man3/alpm_api.3.gz
index eb9bf2202..087ed45bc 100644
Binary files a/msys2/usr/share/man/man3/alpm_api.3.gz and b/msys2/usr/share/man/man3/alpm_api.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_api_databases.3.gz b/msys2/usr/share/man/man3/alpm_api_databases.3.gz
index 2f1fe0b8c..30207ef37 100644
Binary files a/msys2/usr/share/man/man3/alpm_api_databases.3.gz and b/msys2/usr/share/man/man3/alpm_api_databases.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_api_depends.3.gz b/msys2/usr/share/man/man3/alpm_api_depends.3.gz
index d191d2c25..30a4d6943 100644
Binary files a/msys2/usr/share/man/man3/alpm_api_depends.3.gz and b/msys2/usr/share/man/man3/alpm_api_depends.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_api_errors.3.gz b/msys2/usr/share/man/man3/alpm_api_errors.3.gz
index db9360d21..97c7ec57e 100644
Binary files a/msys2/usr/share/man/man3/alpm_api_errors.3.gz and b/msys2/usr/share/man/man3/alpm_api_errors.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_api_options.3.gz b/msys2/usr/share/man/man3/alpm_api_options.3.gz
index 52bf66d4b..1a59cfdf6 100644
Binary files a/msys2/usr/share/man/man3/alpm_api_options.3.gz and b/msys2/usr/share/man/man3/alpm_api_options.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_api_packages.3.gz b/msys2/usr/share/man/man3/alpm_api_packages.3.gz
index 20eed7a4c..76129cc9f 100644
Binary files a/msys2/usr/share/man/man3/alpm_api_packages.3.gz and b/msys2/usr/share/man/man3/alpm_api_packages.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_api_trans.3.gz b/msys2/usr/share/man/man3/alpm_api_trans.3.gz
index d73cb3611..15aebeb42 100644
Binary files a/msys2/usr/share/man/man3/alpm_api_trans.3.gz and b/msys2/usr/share/man/man3/alpm_api_trans.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_databases.3.gz b/msys2/usr/share/man/man3/alpm_databases.3.gz
index d03b12b46..49c2fefff 100644
Binary files a/msys2/usr/share/man/man3/alpm_databases.3.gz and b/msys2/usr/share/man/man3/alpm_databases.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_deltas.3.gz b/msys2/usr/share/man/man3/alpm_deltas.3.gz
index 855157c5c..63a3ab291 100644
Binary files a/msys2/usr/share/man/man3/alpm_deltas.3.gz and b/msys2/usr/share/man/man3/alpm_deltas.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_interface.3.gz b/msys2/usr/share/man/man3/alpm_interface.3.gz
index ef3ec8989..33944c5df 100644
Binary files a/msys2/usr/share/man/man3/alpm_interface.3.gz and b/msys2/usr/share/man/man3/alpm_interface.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_list.3.gz b/msys2/usr/share/man/man3/alpm_list.3.gz
index bffa5e87c..dffaed5c3 100644
Binary files a/msys2/usr/share/man/man3/alpm_list.3.gz and b/msys2/usr/share/man/man3/alpm_list.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_log.3.gz b/msys2/usr/share/man/man3/alpm_log.3.gz
index a37b2858a..64166a819 100644
Binary files a/msys2/usr/share/man/man3/alpm_log.3.gz and b/msys2/usr/share/man/man3/alpm_log.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_misc.3.gz b/msys2/usr/share/man/man3/alpm_misc.3.gz
index b5b58dfb8..cd04dea9d 100644
Binary files a/msys2/usr/share/man/man3/alpm_misc.3.gz and b/msys2/usr/share/man/man3/alpm_misc.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_packages.3.gz b/msys2/usr/share/man/man3/alpm_packages.3.gz
index c78857ae0..55fb4cf5e 100644
Binary files a/msys2/usr/share/man/man3/alpm_packages.3.gz and b/msys2/usr/share/man/man3/alpm_packages.3.gz differ
diff --git a/msys2/usr/share/man/man3/alpm_trans.3.gz b/msys2/usr/share/man/man3/alpm_trans.3.gz
index 179be9103..8131a8dd4 100644
Binary files a/msys2/usr/share/man/man3/alpm_trans.3.gz and b/msys2/usr/share/man/man3/alpm_trans.3.gz differ
diff --git a/msys2/usr/share/man/man3/archive_read_buffer.3.gz b/msys2/usr/share/man/man3/archive_read_buffer.3.gz
index fe66ee6d9..1a81b9385 100644
Binary files a/msys2/usr/share/man/man3/archive_read_buffer.3.gz and b/msys2/usr/share/man/man3/archive_read_buffer.3.gz differ
diff --git a/msys2/usr/share/man/man3/assume_default_colors.3x.gz b/msys2/usr/share/man/man3/assume_default_colors.3x.gz
index e9d6c34f2..679fb2766 100644
Binary files a/msys2/usr/share/man/man3/assume_default_colors.3x.gz and b/msys2/usr/share/man/man3/assume_default_colors.3x.gz differ
diff --git a/msys2/usr/share/man/man3/attr_get.3x.gz b/msys2/usr/share/man/man3/attr_get.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/attr_get.3x.gz and b/msys2/usr/share/man/man3/attr_get.3x.gz differ
diff --git a/msys2/usr/share/man/man3/attr_off.3x.gz b/msys2/usr/share/man/man3/attr_off.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/attr_off.3x.gz and b/msys2/usr/share/man/man3/attr_off.3x.gz differ
diff --git a/msys2/usr/share/man/man3/attr_on.3x.gz b/msys2/usr/share/man/man3/attr_on.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/attr_on.3x.gz and b/msys2/usr/share/man/man3/attr_on.3x.gz differ
diff --git a/msys2/usr/share/man/man3/attr_set.3x.gz b/msys2/usr/share/man/man3/attr_set.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/attr_set.3x.gz and b/msys2/usr/share/man/man3/attr_set.3x.gz differ
diff --git a/msys2/usr/share/man/man3/attroff.3x.gz b/msys2/usr/share/man/man3/attroff.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/attroff.3x.gz and b/msys2/usr/share/man/man3/attroff.3x.gz differ
diff --git a/msys2/usr/share/man/man3/attron.3x.gz b/msys2/usr/share/man/man3/attron.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/attron.3x.gz and b/msys2/usr/share/man/man3/attron.3x.gz differ
diff --git a/msys2/usr/share/man/man3/attrset.3x.gz b/msys2/usr/share/man/man3/attrset.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/attrset.3x.gz and b/msys2/usr/share/man/man3/attrset.3x.gz differ
diff --git a/msys2/usr/share/man/man3/base64.h.3.gz b/msys2/usr/share/man/man3/base64.h.3.gz
index b6818572a..864027188 100644
Binary files a/msys2/usr/share/man/man3/base64.h.3.gz and b/msys2/usr/share/man/man3/base64.h.3.gz differ
diff --git a/msys2/usr/share/man/man3/baudrate.3x.gz b/msys2/usr/share/man/man3/baudrate.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/baudrate.3x.gz and b/msys2/usr/share/man/man3/baudrate.3x.gz differ
diff --git a/msys2/usr/share/man/man3/beep.3x.gz b/msys2/usr/share/man/man3/beep.3x.gz
index 27ea34730..1131e2c60 100644
Binary files a/msys2/usr/share/man/man3/beep.3x.gz and b/msys2/usr/share/man/man3/beep.3x.gz differ
diff --git a/msys2/usr/share/man/man3/bio.3ssl.gz b/msys2/usr/share/man/man3/bio.3ssl.gz
deleted file mode 100644
index af44f7d4c..000000000
Binary files a/msys2/usr/share/man/man3/bio.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bkgd.3x.gz b/msys2/usr/share/man/man3/bkgd.3x.gz
index e153a5f7b..da16aa023 100644
Binary files a/msys2/usr/share/man/man3/bkgd.3x.gz and b/msys2/usr/share/man/man3/bkgd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/bkgdset.3x.gz b/msys2/usr/share/man/man3/bkgdset.3x.gz
index e153a5f7b..da16aa023 100644
Binary files a/msys2/usr/share/man/man3/bkgdset.3x.gz and b/msys2/usr/share/man/man3/bkgdset.3x.gz differ
diff --git a/msys2/usr/share/man/man3/bkgrnd.3x.gz b/msys2/usr/share/man/man3/bkgrnd.3x.gz
index 3caaae36d..780272d5c 100644
Binary files a/msys2/usr/share/man/man3/bkgrnd.3x.gz and b/msys2/usr/share/man/man3/bkgrnd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/bkgrndset.3x.gz b/msys2/usr/share/man/man3/bkgrndset.3x.gz
index 3caaae36d..780272d5c 100644
Binary files a/msys2/usr/share/man/man3/bkgrndset.3x.gz and b/msys2/usr/share/man/man3/bkgrndset.3x.gz differ
diff --git a/msys2/usr/share/man/man3/blowfish.3ssl.gz b/msys2/usr/share/man/man3/blowfish.3ssl.gz
deleted file mode 100644
index d9ab10ff1..000000000
Binary files a/msys2/usr/share/man/man3/blowfish.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn.3ssl.gz b/msys2/usr/share/man/man3/bn.3ssl.gz
deleted file mode 100644
index 6f8f8d93e..000000000
Binary files a/msys2/usr/share/man/man3/bn.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_add_words.3ssl.gz b/msys2/usr/share/man/man3/bn_add_words.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_add_words.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_check_top.3ssl.gz b/msys2/usr/share/man/man3/bn_check_top.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_check_top.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_cmp_words.3ssl.gz b/msys2/usr/share/man/man3/bn_cmp_words.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_cmp_words.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_div_words.3ssl.gz b/msys2/usr/share/man/man3/bn_div_words.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_div_words.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_dump.3ssl.gz b/msys2/usr/share/man/man3/bn_dump.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_dump.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_expand.3ssl.gz b/msys2/usr/share/man/man3/bn_expand.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_expand.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_expand2.3ssl.gz b/msys2/usr/share/man/man3/bn_expand2.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_expand2.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_fix_top.3ssl.gz b/msys2/usr/share/man/man3/bn_fix_top.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_fix_top.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_internal.3ssl.gz b/msys2/usr/share/man/man3/bn_internal.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_internal.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_add_words.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_add_words.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_add_words.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_comba4.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_comba4.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_comba4.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_comba8.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_comba8.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_comba8.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_high.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_high.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_high.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_low_normal.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_low_normal.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_low_normal.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_low_recursive.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_low_recursive.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_low_recursive.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_normal.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_normal.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_normal.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_part_recursive.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_part_recursive.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_part_recursive.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_recursive.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_recursive.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_recursive.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_mul_words.3ssl.gz b/msys2/usr/share/man/man3/bn_mul_words.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_mul_words.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_print.3ssl.gz b/msys2/usr/share/man/man3/bn_print.3ssl.gz
index c8512cb0e..dde9ba3be 100644
Binary files a/msys2/usr/share/man/man3/bn_print.3ssl.gz and b/msys2/usr/share/man/man3/bn_print.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/bn_set_high.3ssl.gz b/msys2/usr/share/man/man3/bn_set_high.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_set_high.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_set_low.3ssl.gz b/msys2/usr/share/man/man3/bn_set_low.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_set_low.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_set_max.3ssl.gz b/msys2/usr/share/man/man3/bn_set_max.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_set_max.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_sqr_comba4.3ssl.gz b/msys2/usr/share/man/man3/bn_sqr_comba4.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_sqr_comba4.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_sqr_comba8.3ssl.gz b/msys2/usr/share/man/man3/bn_sqr_comba8.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_sqr_comba8.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_sqr_normal.3ssl.gz b/msys2/usr/share/man/man3/bn_sqr_normal.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_sqr_normal.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_sqr_recursive.3ssl.gz b/msys2/usr/share/man/man3/bn_sqr_recursive.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_sqr_recursive.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_sqr_words.3ssl.gz b/msys2/usr/share/man/man3/bn_sqr_words.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_sqr_words.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_sub_words.3ssl.gz b/msys2/usr/share/man/man3/bn_sub_words.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_sub_words.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/bn_wexpand.3ssl.gz b/msys2/usr/share/man/man3/bn_wexpand.3ssl.gz
deleted file mode 100644
index c8512cb0e..000000000
Binary files a/msys2/usr/share/man/man3/bn_wexpand.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/border.3x.gz b/msys2/usr/share/man/man3/border.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/border.3x.gz and b/msys2/usr/share/man/man3/border.3x.gz differ
diff --git a/msys2/usr/share/man/man3/bottom_panel.3x.gz b/msys2/usr/share/man/man3/bottom_panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/bottom_panel.3x.gz and b/msys2/usr/share/man/man3/bottom_panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/box.3x.gz b/msys2/usr/share/man/man3/box.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/box.3x.gz and b/msys2/usr/share/man/man3/box.3x.gz differ
diff --git a/msys2/usr/share/man/man3/buffer.3ssl.gz b/msys2/usr/share/man/man3/buffer.3ssl.gz
deleted file mode 100644
index 594a44abb..000000000
Binary files a/msys2/usr/share/man/man3/buffer.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/can_change_color.3x.gz b/msys2/usr/share/man/man3/can_change_color.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/can_change_color.3x.gz and b/msys2/usr/share/man/man3/can_change_color.3x.gz differ
diff --git a/msys2/usr/share/man/man3/cbreak.3x.gz b/msys2/usr/share/man/man3/cbreak.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/cbreak.3x.gz and b/msys2/usr/share/man/man3/cbreak.3x.gz differ
diff --git a/msys2/usr/share/man/man3/chgat.3x.gz b/msys2/usr/share/man/man3/chgat.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/chgat.3x.gz and b/msys2/usr/share/man/man3/chgat.3x.gz differ
diff --git a/msys2/usr/share/man/man3/clear.3x.gz b/msys2/usr/share/man/man3/clear.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/clear.3x.gz and b/msys2/usr/share/man/man3/clear.3x.gz differ
diff --git a/msys2/usr/share/man/man3/clearok.3x.gz b/msys2/usr/share/man/man3/clearok.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/clearok.3x.gz and b/msys2/usr/share/man/man3/clearok.3x.gz differ
diff --git a/msys2/usr/share/man/man3/clrtobot.3x.gz b/msys2/usr/share/man/man3/clrtobot.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/clrtobot.3x.gz and b/msys2/usr/share/man/man3/clrtobot.3x.gz differ
diff --git a/msys2/usr/share/man/man3/clrtoeol.3x.gz b/msys2/usr/share/man/man3/clrtoeol.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/clrtoeol.3x.gz and b/msys2/usr/share/man/man3/clrtoeol.3x.gz differ
diff --git a/msys2/usr/share/man/man3/color_content.3x.gz b/msys2/usr/share/man/man3/color_content.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/color_content.3x.gz and b/msys2/usr/share/man/man3/color_content.3x.gz differ
diff --git a/msys2/usr/share/man/man3/color_set.3x.gz b/msys2/usr/share/man/man3/color_set.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/color_set.3x.gz and b/msys2/usr/share/man/man3/color_set.3x.gz differ
diff --git a/msys2/usr/share/man/man3/crypto.3ssl.gz b/msys2/usr/share/man/man3/crypto.3ssl.gz
deleted file mode 100644
index 5f2be927e..000000000
Binary files a/msys2/usr/share/man/man3/crypto.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/curl_easy_cleanup.3.gz b/msys2/usr/share/man/man3/curl_easy_cleanup.3.gz
index 60cb8ace4..41a278484 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_cleanup.3.gz and b/msys2/usr/share/man/man3/curl_easy_cleanup.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_duphandle.3.gz b/msys2/usr/share/man/man3/curl_easy_duphandle.3.gz
index 1887e92c7..6faa7c2ca 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_duphandle.3.gz and b/msys2/usr/share/man/man3/curl_easy_duphandle.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_escape.3.gz b/msys2/usr/share/man/man3/curl_easy_escape.3.gz
index 1c218d9f4..7356f7fdf 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_escape.3.gz and b/msys2/usr/share/man/man3/curl_easy_escape.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_getinfo.3.gz b/msys2/usr/share/man/man3/curl_easy_getinfo.3.gz
index 36115a3b0..5aa774837 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_getinfo.3.gz and b/msys2/usr/share/man/man3/curl_easy_getinfo.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_init.3.gz b/msys2/usr/share/man/man3/curl_easy_init.3.gz
index b4f52fb3f..a9d5fdb07 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_init.3.gz and b/msys2/usr/share/man/man3/curl_easy_init.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_pause.3.gz b/msys2/usr/share/man/man3/curl_easy_pause.3.gz
index 517aa3106..69186dfe0 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_pause.3.gz and b/msys2/usr/share/man/man3/curl_easy_pause.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_perform.3.gz b/msys2/usr/share/man/man3/curl_easy_perform.3.gz
index e59b0452a..5891cfddd 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_perform.3.gz and b/msys2/usr/share/man/man3/curl_easy_perform.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_recv.3.gz b/msys2/usr/share/man/man3/curl_easy_recv.3.gz
index 392e38326..ca050b63d 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_recv.3.gz and b/msys2/usr/share/man/man3/curl_easy_recv.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_reset.3.gz b/msys2/usr/share/man/man3/curl_easy_reset.3.gz
index dbb0eda74..7273efa8a 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_reset.3.gz and b/msys2/usr/share/man/man3/curl_easy_reset.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_send.3.gz b/msys2/usr/share/man/man3/curl_easy_send.3.gz
index 611534f1d..198573645 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_send.3.gz and b/msys2/usr/share/man/man3/curl_easy_send.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_setopt.3.gz b/msys2/usr/share/man/man3/curl_easy_setopt.3.gz
index bb041254c..9b9d4a330 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_setopt.3.gz and b/msys2/usr/share/man/man3/curl_easy_setopt.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_strerror.3.gz b/msys2/usr/share/man/man3/curl_easy_strerror.3.gz
index 081958c2e..dde28e3f9 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_strerror.3.gz and b/msys2/usr/share/man/man3/curl_easy_strerror.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_unescape.3.gz b/msys2/usr/share/man/man3/curl_easy_unescape.3.gz
index fe3360915..396e7bbac 100644
Binary files a/msys2/usr/share/man/man3/curl_easy_unescape.3.gz and b/msys2/usr/share/man/man3/curl_easy_unescape.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_easy_upkeep.3.gz b/msys2/usr/share/man/man3/curl_easy_upkeep.3.gz
new file mode 100644
index 000000000..69fa31b4c
Binary files /dev/null and b/msys2/usr/share/man/man3/curl_easy_upkeep.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_escape.3.gz b/msys2/usr/share/man/man3/curl_escape.3.gz
index c6a62b928..6bcf56b18 100644
Binary files a/msys2/usr/share/man/man3/curl_escape.3.gz and b/msys2/usr/share/man/man3/curl_escape.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_formadd.3.gz b/msys2/usr/share/man/man3/curl_formadd.3.gz
index a42fcd3d1..abf7f9982 100644
Binary files a/msys2/usr/share/man/man3/curl_formadd.3.gz and b/msys2/usr/share/man/man3/curl_formadd.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_formfree.3.gz b/msys2/usr/share/man/man3/curl_formfree.3.gz
index 8c6cadcb8..6ef70144c 100644
Binary files a/msys2/usr/share/man/man3/curl_formfree.3.gz and b/msys2/usr/share/man/man3/curl_formfree.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_formget.3.gz b/msys2/usr/share/man/man3/curl_formget.3.gz
index ac5e4703a..b50e0a766 100644
Binary files a/msys2/usr/share/man/man3/curl_formget.3.gz and b/msys2/usr/share/man/man3/curl_formget.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_free.3.gz b/msys2/usr/share/man/man3/curl_free.3.gz
index 9ed12ef80..15285d93e 100644
Binary files a/msys2/usr/share/man/man3/curl_free.3.gz and b/msys2/usr/share/man/man3/curl_free.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_getdate.3.gz b/msys2/usr/share/man/man3/curl_getdate.3.gz
index 57ae2a883..3330e40c7 100644
Binary files a/msys2/usr/share/man/man3/curl_getdate.3.gz and b/msys2/usr/share/man/man3/curl_getdate.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_getenv.3.gz b/msys2/usr/share/man/man3/curl_getenv.3.gz
index b26277479..884c035b0 100644
Binary files a/msys2/usr/share/man/man3/curl_getenv.3.gz and b/msys2/usr/share/man/man3/curl_getenv.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_global_cleanup.3.gz b/msys2/usr/share/man/man3/curl_global_cleanup.3.gz
index a4aa50523..b3ad65ad8 100644
Binary files a/msys2/usr/share/man/man3/curl_global_cleanup.3.gz and b/msys2/usr/share/man/man3/curl_global_cleanup.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_global_init.3.gz b/msys2/usr/share/man/man3/curl_global_init.3.gz
index da438a252..1be46616b 100644
Binary files a/msys2/usr/share/man/man3/curl_global_init.3.gz and b/msys2/usr/share/man/man3/curl_global_init.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_global_init_mem.3.gz b/msys2/usr/share/man/man3/curl_global_init_mem.3.gz
index c5c30b350..b79b0ebf2 100644
Binary files a/msys2/usr/share/man/man3/curl_global_init_mem.3.gz and b/msys2/usr/share/man/man3/curl_global_init_mem.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_global_sslset.3.gz b/msys2/usr/share/man/man3/curl_global_sslset.3.gz
index adfc4d652..624062b1b 100644
Binary files a/msys2/usr/share/man/man3/curl_global_sslset.3.gz and b/msys2/usr/share/man/man3/curl_global_sslset.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_addpart.3.gz b/msys2/usr/share/man/man3/curl_mime_addpart.3.gz
index 129e1526f..5b7332d22 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_addpart.3.gz and b/msys2/usr/share/man/man3/curl_mime_addpart.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_data.3.gz b/msys2/usr/share/man/man3/curl_mime_data.3.gz
index 128d78789..ad6fee058 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_data.3.gz and b/msys2/usr/share/man/man3/curl_mime_data.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_data_cb.3.gz b/msys2/usr/share/man/man3/curl_mime_data_cb.3.gz
index bdd7ac9b6..41b882327 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_data_cb.3.gz and b/msys2/usr/share/man/man3/curl_mime_data_cb.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_encoder.3.gz b/msys2/usr/share/man/man3/curl_mime_encoder.3.gz
index 86799579f..223623e99 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_encoder.3.gz and b/msys2/usr/share/man/man3/curl_mime_encoder.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_filedata.3.gz b/msys2/usr/share/man/man3/curl_mime_filedata.3.gz
index cda36e5a6..007f8788b 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_filedata.3.gz and b/msys2/usr/share/man/man3/curl_mime_filedata.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_filename.3.gz b/msys2/usr/share/man/man3/curl_mime_filename.3.gz
index ec76f100b..b9073ad8c 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_filename.3.gz and b/msys2/usr/share/man/man3/curl_mime_filename.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_free.3.gz b/msys2/usr/share/man/man3/curl_mime_free.3.gz
index e6c208b4e..fdaa5919d 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_free.3.gz and b/msys2/usr/share/man/man3/curl_mime_free.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_headers.3.gz b/msys2/usr/share/man/man3/curl_mime_headers.3.gz
index a0c629cd9..dcdab68b2 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_headers.3.gz and b/msys2/usr/share/man/man3/curl_mime_headers.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_init.3.gz b/msys2/usr/share/man/man3/curl_mime_init.3.gz
index 428d1ff24..acee72651 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_init.3.gz and b/msys2/usr/share/man/man3/curl_mime_init.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_name.3.gz b/msys2/usr/share/man/man3/curl_mime_name.3.gz
index b3f559a8e..a04fcacd4 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_name.3.gz and b/msys2/usr/share/man/man3/curl_mime_name.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_subparts.3.gz b/msys2/usr/share/man/man3/curl_mime_subparts.3.gz
index 89552b243..4a942ed56 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_subparts.3.gz and b/msys2/usr/share/man/man3/curl_mime_subparts.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mime_type.3.gz b/msys2/usr/share/man/man3/curl_mime_type.3.gz
index 7f319102b..bb88daf65 100644
Binary files a/msys2/usr/share/man/man3/curl_mime_type.3.gz and b/msys2/usr/share/man/man3/curl_mime_type.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_mprintf.3.gz b/msys2/usr/share/man/man3/curl_mprintf.3.gz
index 27db528c8..5b6740369 100644
Binary files a/msys2/usr/share/man/man3/curl_mprintf.3.gz and b/msys2/usr/share/man/man3/curl_mprintf.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_add_handle.3.gz b/msys2/usr/share/man/man3/curl_multi_add_handle.3.gz
index eb0a18005..3f0772b22 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_add_handle.3.gz and b/msys2/usr/share/man/man3/curl_multi_add_handle.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_assign.3.gz b/msys2/usr/share/man/man3/curl_multi_assign.3.gz
index 314895aeb..4916eef52 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_assign.3.gz and b/msys2/usr/share/man/man3/curl_multi_assign.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_cleanup.3.gz b/msys2/usr/share/man/man3/curl_multi_cleanup.3.gz
index fe66c9163..c19d29ad3 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_cleanup.3.gz and b/msys2/usr/share/man/man3/curl_multi_cleanup.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_fdset.3.gz b/msys2/usr/share/man/man3/curl_multi_fdset.3.gz
index 3ce230058..9d932a573 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_fdset.3.gz and b/msys2/usr/share/man/man3/curl_multi_fdset.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_info_read.3.gz b/msys2/usr/share/man/man3/curl_multi_info_read.3.gz
index 51c285eaf..21140f089 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_info_read.3.gz and b/msys2/usr/share/man/man3/curl_multi_info_read.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_init.3.gz b/msys2/usr/share/man/man3/curl_multi_init.3.gz
index 2f88748ab..3eeca396f 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_init.3.gz and b/msys2/usr/share/man/man3/curl_multi_init.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_perform.3.gz b/msys2/usr/share/man/man3/curl_multi_perform.3.gz
index 33c87be46..bb723cac5 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_perform.3.gz and b/msys2/usr/share/man/man3/curl_multi_perform.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_remove_handle.3.gz b/msys2/usr/share/man/man3/curl_multi_remove_handle.3.gz
index 76d1b4e63..efe582741 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_remove_handle.3.gz and b/msys2/usr/share/man/man3/curl_multi_remove_handle.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_setopt.3.gz b/msys2/usr/share/man/man3/curl_multi_setopt.3.gz
index 189449a39..2beb0f862 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_setopt.3.gz and b/msys2/usr/share/man/man3/curl_multi_setopt.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_socket.3.gz b/msys2/usr/share/man/man3/curl_multi_socket.3.gz
index e0c248862..dab7d483f 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_socket.3.gz and b/msys2/usr/share/man/man3/curl_multi_socket.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_socket_action.3.gz b/msys2/usr/share/man/man3/curl_multi_socket_action.3.gz
index b4f26d235..603815fc5 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_socket_action.3.gz and b/msys2/usr/share/man/man3/curl_multi_socket_action.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_strerror.3.gz b/msys2/usr/share/man/man3/curl_multi_strerror.3.gz
index fe2680466..b5897802d 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_strerror.3.gz and b/msys2/usr/share/man/man3/curl_multi_strerror.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_timeout.3.gz b/msys2/usr/share/man/man3/curl_multi_timeout.3.gz
index 1f7c39eb8..b46366918 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_timeout.3.gz and b/msys2/usr/share/man/man3/curl_multi_timeout.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_multi_wait.3.gz b/msys2/usr/share/man/man3/curl_multi_wait.3.gz
index 4eb4253db..67d1d5c99 100644
Binary files a/msys2/usr/share/man/man3/curl_multi_wait.3.gz and b/msys2/usr/share/man/man3/curl_multi_wait.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_share_cleanup.3.gz b/msys2/usr/share/man/man3/curl_share_cleanup.3.gz
index beb9b93fa..3bdc0f6ce 100644
Binary files a/msys2/usr/share/man/man3/curl_share_cleanup.3.gz and b/msys2/usr/share/man/man3/curl_share_cleanup.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_share_init.3.gz b/msys2/usr/share/man/man3/curl_share_init.3.gz
index 08a2a602d..25ebbbe13 100644
Binary files a/msys2/usr/share/man/man3/curl_share_init.3.gz and b/msys2/usr/share/man/man3/curl_share_init.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_share_setopt.3.gz b/msys2/usr/share/man/man3/curl_share_setopt.3.gz
index 2d7212f42..0c83a294a 100644
Binary files a/msys2/usr/share/man/man3/curl_share_setopt.3.gz and b/msys2/usr/share/man/man3/curl_share_setopt.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_share_strerror.3.gz b/msys2/usr/share/man/man3/curl_share_strerror.3.gz
index 7164746e0..12c11e64c 100644
Binary files a/msys2/usr/share/man/man3/curl_share_strerror.3.gz and b/msys2/usr/share/man/man3/curl_share_strerror.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_slist_append.3.gz b/msys2/usr/share/man/man3/curl_slist_append.3.gz
index 21b2acfd7..45fe2a3f8 100644
Binary files a/msys2/usr/share/man/man3/curl_slist_append.3.gz and b/msys2/usr/share/man/man3/curl_slist_append.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_slist_free_all.3.gz b/msys2/usr/share/man/man3/curl_slist_free_all.3.gz
index 9a4fd06a1..6cfb2b0c5 100644
Binary files a/msys2/usr/share/man/man3/curl_slist_free_all.3.gz and b/msys2/usr/share/man/man3/curl_slist_free_all.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_strequal.3.gz b/msys2/usr/share/man/man3/curl_strequal.3.gz
index f131d2cf5..bc13bfdbf 100644
Binary files a/msys2/usr/share/man/man3/curl_strequal.3.gz and b/msys2/usr/share/man/man3/curl_strequal.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_unescape.3.gz b/msys2/usr/share/man/man3/curl_unescape.3.gz
index 964038005..37871b5e6 100644
Binary files a/msys2/usr/share/man/man3/curl_unescape.3.gz and b/msys2/usr/share/man/man3/curl_unescape.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_url.3.gz b/msys2/usr/share/man/man3/curl_url.3.gz
new file mode 100644
index 000000000..923aef372
Binary files /dev/null and b/msys2/usr/share/man/man3/curl_url.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_url_cleanup.3.gz b/msys2/usr/share/man/man3/curl_url_cleanup.3.gz
new file mode 100644
index 000000000..e2c0c95d1
Binary files /dev/null and b/msys2/usr/share/man/man3/curl_url_cleanup.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_url_dup.3.gz b/msys2/usr/share/man/man3/curl_url_dup.3.gz
new file mode 100644
index 000000000..bd24c3b35
Binary files /dev/null and b/msys2/usr/share/man/man3/curl_url_dup.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_url_get.3.gz b/msys2/usr/share/man/man3/curl_url_get.3.gz
new file mode 100644
index 000000000..41ebc5ada
Binary files /dev/null and b/msys2/usr/share/man/man3/curl_url_get.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_url_set.3.gz b/msys2/usr/share/man/man3/curl_url_set.3.gz
new file mode 100644
index 000000000..f0c2a3571
Binary files /dev/null and b/msys2/usr/share/man/man3/curl_url_set.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_version.3.gz b/msys2/usr/share/man/man3/curl_version.3.gz
index 8e4791b11..9afaa12ec 100644
Binary files a/msys2/usr/share/man/man3/curl_version.3.gz and b/msys2/usr/share/man/man3/curl_version.3.gz differ
diff --git a/msys2/usr/share/man/man3/curl_version_info.3.gz b/msys2/usr/share/man/man3/curl_version_info.3.gz
index 27cdcf2bd..a258332ca 100644
Binary files a/msys2/usr/share/man/man3/curl_version_info.3.gz and b/msys2/usr/share/man/man3/curl_version_info.3.gz differ
diff --git a/msys2/usr/share/man/man3/current_field.3x.gz b/msys2/usr/share/man/man3/current_field.3x.gz
index cea209f49..2434be0e5 100644
Binary files a/msys2/usr/share/man/man3/current_field.3x.gz and b/msys2/usr/share/man/man3/current_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/current_item.3x.gz b/msys2/usr/share/man/man3/current_item.3x.gz
index b006d2869..66c4e3957 100644
Binary files a/msys2/usr/share/man/man3/current_item.3x.gz and b/msys2/usr/share/man/man3/current_item.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_addch.3x.gz b/msys2/usr/share/man/man3/curs_addch.3x.gz
index 9380c711b..7222e4e58 100644
Binary files a/msys2/usr/share/man/man3/curs_addch.3x.gz and b/msys2/usr/share/man/man3/curs_addch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_attr.3x.gz b/msys2/usr/share/man/man3/curs_attr.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/curs_attr.3x.gz and b/msys2/usr/share/man/man3/curs_attr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_beep.3x.gz b/msys2/usr/share/man/man3/curs_beep.3x.gz
index 27ea34730..1131e2c60 100644
Binary files a/msys2/usr/share/man/man3/curs_beep.3x.gz and b/msys2/usr/share/man/man3/curs_beep.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_bkgd.3x.gz b/msys2/usr/share/man/man3/curs_bkgd.3x.gz
index e153a5f7b..da16aa023 100644
Binary files a/msys2/usr/share/man/man3/curs_bkgd.3x.gz and b/msys2/usr/share/man/man3/curs_bkgd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_bkgrnd.3x.gz b/msys2/usr/share/man/man3/curs_bkgrnd.3x.gz
index 3caaae36d..780272d5c 100644
Binary files a/msys2/usr/share/man/man3/curs_bkgrnd.3x.gz and b/msys2/usr/share/man/man3/curs_bkgrnd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_border.3x.gz b/msys2/usr/share/man/man3/curs_border.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/curs_border.3x.gz and b/msys2/usr/share/man/man3/curs_border.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_clear.3x.gz b/msys2/usr/share/man/man3/curs_clear.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/curs_clear.3x.gz and b/msys2/usr/share/man/man3/curs_clear.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_color.3x.gz b/msys2/usr/share/man/man3/curs_color.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/curs_color.3x.gz and b/msys2/usr/share/man/man3/curs_color.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_delch.3x.gz b/msys2/usr/share/man/man3/curs_delch.3x.gz
index b3d30bdeb..73bf9762a 100644
Binary files a/msys2/usr/share/man/man3/curs_delch.3x.gz and b/msys2/usr/share/man/man3/curs_delch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_deleteln.3x.gz b/msys2/usr/share/man/man3/curs_deleteln.3x.gz
index bf00f7e8a..9ef2f5321 100644
Binary files a/msys2/usr/share/man/man3/curs_deleteln.3x.gz and b/msys2/usr/share/man/man3/curs_deleteln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_extend.3x.gz b/msys2/usr/share/man/man3/curs_extend.3x.gz
index d5adcfaf5..69867a702 100644
Binary files a/msys2/usr/share/man/man3/curs_extend.3x.gz and b/msys2/usr/share/man/man3/curs_extend.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_get_wch.3x.gz b/msys2/usr/share/man/man3/curs_get_wch.3x.gz
index 0df737a7d..e76d981a0 100644
Binary files a/msys2/usr/share/man/man3/curs_get_wch.3x.gz and b/msys2/usr/share/man/man3/curs_get_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_get_wstr.3x.gz b/msys2/usr/share/man/man3/curs_get_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/curs_get_wstr.3x.gz and b/msys2/usr/share/man/man3/curs_get_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_getch.3x.gz b/msys2/usr/share/man/man3/curs_getch.3x.gz
index e5538d65e..249c9cb35 100644
Binary files a/msys2/usr/share/man/man3/curs_getch.3x.gz and b/msys2/usr/share/man/man3/curs_getch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_getstr.3x.gz b/msys2/usr/share/man/man3/curs_getstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/curs_getstr.3x.gz and b/msys2/usr/share/man/man3/curs_getstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_in_wch.3x.gz b/msys2/usr/share/man/man3/curs_in_wch.3x.gz
index b41bb3f93..924ba1f19 100644
Binary files a/msys2/usr/share/man/man3/curs_in_wch.3x.gz and b/msys2/usr/share/man/man3/curs_in_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_in_wchstr.3x.gz b/msys2/usr/share/man/man3/curs_in_wchstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/curs_in_wchstr.3x.gz and b/msys2/usr/share/man/man3/curs_in_wchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_inch.3x.gz b/msys2/usr/share/man/man3/curs_inch.3x.gz
index d05e54745..20db1f376 100644
Binary files a/msys2/usr/share/man/man3/curs_inch.3x.gz and b/msys2/usr/share/man/man3/curs_inch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_inchstr.3x.gz b/msys2/usr/share/man/man3/curs_inchstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/curs_inchstr.3x.gz and b/msys2/usr/share/man/man3/curs_inchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_initscr.3x.gz b/msys2/usr/share/man/man3/curs_initscr.3x.gz
index 175ffb36e..36f1b5781 100644
Binary files a/msys2/usr/share/man/man3/curs_initscr.3x.gz and b/msys2/usr/share/man/man3/curs_initscr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_inopts.3x.gz b/msys2/usr/share/man/man3/curs_inopts.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/curs_inopts.3x.gz and b/msys2/usr/share/man/man3/curs_inopts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_insch.3x.gz b/msys2/usr/share/man/man3/curs_insch.3x.gz
index 103417d3f..37efb87eb 100644
Binary files a/msys2/usr/share/man/man3/curs_insch.3x.gz and b/msys2/usr/share/man/man3/curs_insch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_instr.3x.gz b/msys2/usr/share/man/man3/curs_instr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/curs_instr.3x.gz and b/msys2/usr/share/man/man3/curs_instr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_inwstr.3x.gz b/msys2/usr/share/man/man3/curs_inwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/curs_inwstr.3x.gz and b/msys2/usr/share/man/man3/curs_inwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_kernel.3x.gz b/msys2/usr/share/man/man3/curs_kernel.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/curs_kernel.3x.gz and b/msys2/usr/share/man/man3/curs_kernel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_mouse.3x.gz b/msys2/usr/share/man/man3/curs_mouse.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/curs_mouse.3x.gz and b/msys2/usr/share/man/man3/curs_mouse.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_move.3x.gz b/msys2/usr/share/man/man3/curs_move.3x.gz
index f454e7a39..df34bee7c 100644
Binary files a/msys2/usr/share/man/man3/curs_move.3x.gz and b/msys2/usr/share/man/man3/curs_move.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_outopts.3x.gz b/msys2/usr/share/man/man3/curs_outopts.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/curs_outopts.3x.gz and b/msys2/usr/share/man/man3/curs_outopts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_pad.3x.gz b/msys2/usr/share/man/man3/curs_pad.3x.gz
index 59834be69..457c4e67f 100644
Binary files a/msys2/usr/share/man/man3/curs_pad.3x.gz and b/msys2/usr/share/man/man3/curs_pad.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_print.3x.gz b/msys2/usr/share/man/man3/curs_print.3x.gz
index 9246380ba..63efc8221 100644
Binary files a/msys2/usr/share/man/man3/curs_print.3x.gz and b/msys2/usr/share/man/man3/curs_print.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_printw.3x.gz b/msys2/usr/share/man/man3/curs_printw.3x.gz
index df4fa0b56..22aaed139 100644
Binary files a/msys2/usr/share/man/man3/curs_printw.3x.gz and b/msys2/usr/share/man/man3/curs_printw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_refresh.3x.gz b/msys2/usr/share/man/man3/curs_refresh.3x.gz
index 9907d050d..263e8feba 100644
Binary files a/msys2/usr/share/man/man3/curs_refresh.3x.gz and b/msys2/usr/share/man/man3/curs_refresh.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_scanw.3x.gz b/msys2/usr/share/man/man3/curs_scanw.3x.gz
index 7455dd6e2..024031d5b 100644
Binary files a/msys2/usr/share/man/man3/curs_scanw.3x.gz and b/msys2/usr/share/man/man3/curs_scanw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_scr_dump.3x.gz b/msys2/usr/share/man/man3/curs_scr_dump.3x.gz
index 3fe98d149..afae2d841 100644
Binary files a/msys2/usr/share/man/man3/curs_scr_dump.3x.gz and b/msys2/usr/share/man/man3/curs_scr_dump.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_scroll.3x.gz b/msys2/usr/share/man/man3/curs_scroll.3x.gz
index f1cc85862..8bf11d7f3 100644
Binary files a/msys2/usr/share/man/man3/curs_scroll.3x.gz and b/msys2/usr/share/man/man3/curs_scroll.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_set.3x.gz b/msys2/usr/share/man/man3/curs_set.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/curs_set.3x.gz and b/msys2/usr/share/man/man3/curs_set.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_slk.3x.gz b/msys2/usr/share/man/man3/curs_slk.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/curs_slk.3x.gz and b/msys2/usr/share/man/man3/curs_slk.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_termattrs.3x.gz b/msys2/usr/share/man/man3/curs_termattrs.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/curs_termattrs.3x.gz and b/msys2/usr/share/man/man3/curs_termattrs.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_termcap.3x.gz b/msys2/usr/share/man/man3/curs_termcap.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/curs_termcap.3x.gz and b/msys2/usr/share/man/man3/curs_termcap.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_terminfo.3x.gz b/msys2/usr/share/man/man3/curs_terminfo.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/curs_terminfo.3x.gz and b/msys2/usr/share/man/man3/curs_terminfo.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_touch.3x.gz b/msys2/usr/share/man/man3/curs_touch.3x.gz
index 1041376b9..9eb226143 100644
Binary files a/msys2/usr/share/man/man3/curs_touch.3x.gz and b/msys2/usr/share/man/man3/curs_touch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_util.3x.gz b/msys2/usr/share/man/man3/curs_util.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/curs_util.3x.gz and b/msys2/usr/share/man/man3/curs_util.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curs_variables.3x.gz b/msys2/usr/share/man/man3/curs_variables.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/curs_variables.3x.gz and b/msys2/usr/share/man/man3/curs_variables.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curscr.3x.gz b/msys2/usr/share/man/man3/curscr.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/curscr.3x.gz and b/msys2/usr/share/man/man3/curscr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curses.3x.gz b/msys2/usr/share/man/man3/curses.3x.gz
index 444663181..a818b1d9c 100644
Binary files a/msys2/usr/share/man/man3/curses.3x.gz and b/msys2/usr/share/man/man3/curses.3x.gz differ
diff --git a/msys2/usr/share/man/man3/curses_version.3x.gz b/msys2/usr/share/man/man3/curses_version.3x.gz
index d5adcfaf5..69867a702 100644
Binary files a/msys2/usr/share/man/man3/curses_version.3x.gz and b/msys2/usr/share/man/man3/curses_version.3x.gz differ
diff --git a/msys2/usr/share/man/man3/custom_ext_add_cb.3ssl.gz b/msys2/usr/share/man/man3/custom_ext_add_cb.3ssl.gz
new file mode 100644
index 000000000..5b7babf0b
Binary files /dev/null and b/msys2/usr/share/man/man3/custom_ext_add_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/custom_ext_free_cb.3ssl.gz b/msys2/usr/share/man/man3/custom_ext_free_cb.3ssl.gz
new file mode 100644
index 000000000..5b7babf0b
Binary files /dev/null and b/msys2/usr/share/man/man3/custom_ext_free_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/custom_ext_parse_cb.3ssl.gz b/msys2/usr/share/man/man3/custom_ext_parse_cb.3ssl.gz
new file mode 100644
index 000000000..5b7babf0b
Binary files /dev/null and b/msys2/usr/share/man/man3/custom_ext_parse_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ACCESS_DESCRIPTION.3ssl.gz b/msys2/usr/share/man/man3/d2i_ACCESS_DESCRIPTION.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ACCESS_DESCRIPTION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ADMISSIONS.3ssl.gz b/msys2/usr/share/man/man3/d2i_ADMISSIONS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ADMISSIONS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ADMISSION_SYNTAX.3ssl.gz b/msys2/usr/share/man/man3/d2i_ADMISSION_SYNTAX.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ADMISSION_SYNTAX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASIdOrRange.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASIdOrRange.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASIdOrRange.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASIdentifierChoice.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASIdentifierChoice.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASIdentifierChoice.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASIdentifiers.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASIdentifiers.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASIdentifiers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_BIT_STRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_BIT_STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_BIT_STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_BMPSTRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_BMPSTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_BMPSTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_ENUMERATED.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_ENUMERATED.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_ENUMERATED.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_GENERALIZEDTIME.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_GENERALIZEDTIME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_GENERALIZEDTIME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_GENERALSTRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_GENERALSTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_GENERALSTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_IA5STRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_IA5STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_IA5STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_INTEGER.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_INTEGER.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_INTEGER.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_NULL.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_NULL.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_NULL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_OBJECT.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_OBJECT.3ssl.gz
index 0fcc4aeb4..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_ASN1_OBJECT.3ssl.gz and b/msys2/usr/share/man/man3/d2i_ASN1_OBJECT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_OCTET_STRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_OCTET_STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_OCTET_STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_PRINTABLE.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_PRINTABLE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_PRINTABLE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_PRINTABLESTRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_PRINTABLESTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_PRINTABLESTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_SEQUENCE_ANY.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_SEQUENCE_ANY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_SEQUENCE_ANY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_SET_ANY.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_SET_ANY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_SET_ANY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_T61STRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_T61STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_T61STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_TIME.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_TIME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_TIME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_TYPE.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_TYPE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_TYPE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_UINTEGER.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_UINTEGER.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_UINTEGER.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_UNIVERSALSTRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_UNIVERSALSTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_UNIVERSALSTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_UTCTIME.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_UTCTIME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_UTCTIME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_UTF8STRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_UTF8STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_UTF8STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASN1_VISIBLESTRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASN1_VISIBLESTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASN1_VISIBLESTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ASRange.3ssl.gz b/msys2/usr/share/man/man3/d2i_ASRange.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ASRange.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_AUTHORITY_INFO_ACCESS.3ssl.gz b/msys2/usr/share/man/man3/d2i_AUTHORITY_INFO_ACCESS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_AUTHORITY_INFO_ACCESS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_AUTHORITY_KEYID.3ssl.gz b/msys2/usr/share/man/man3/d2i_AUTHORITY_KEYID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_AUTHORITY_KEYID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_AutoPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_AutoPrivateKey.3ssl.gz
index cd2668212..76c4d940e 100644
Binary files a/msys2/usr/share/man/man3/d2i_AutoPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/d2i_AutoPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_BASIC_CONSTRAINTS.3ssl.gz b/msys2/usr/share/man/man3/d2i_BASIC_CONSTRAINTS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_BASIC_CONSTRAINTS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_CERTIFICATEPOLICIES.3ssl.gz b/msys2/usr/share/man/man3/d2i_CERTIFICATEPOLICIES.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_CERTIFICATEPOLICIES.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_CMS_ContentInfo.3ssl.gz b/msys2/usr/share/man/man3/d2i_CMS_ContentInfo.3ssl.gz
index f1580dc0f..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_CMS_ContentInfo.3ssl.gz and b/msys2/usr/share/man/man3/d2i_CMS_ContentInfo.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_CMS_ReceiptRequest.3ssl.gz b/msys2/usr/share/man/man3/d2i_CMS_ReceiptRequest.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_CMS_ReceiptRequest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_CMS_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_CMS_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_CMS_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_CRL_DIST_POINTS.3ssl.gz b/msys2/usr/share/man/man3/d2i_CRL_DIST_POINTS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_CRL_DIST_POINTS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DHparams.3ssl.gz b/msys2/usr/share/man/man3/d2i_DHparams.3ssl.gz
index 878a8ffe3..3da122e8f 100644
Binary files a/msys2/usr/share/man/man3/d2i_DHparams.3ssl.gz and b/msys2/usr/share/man/man3/d2i_DHparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DHxparams.3ssl.gz b/msys2/usr/share/man/man3/d2i_DHxparams.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DHxparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DIRECTORYSTRING.3ssl.gz b/msys2/usr/share/man/man3/d2i_DIRECTORYSTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DIRECTORYSTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DISPLAYTEXT.3ssl.gz b/msys2/usr/share/man/man3/d2i_DISPLAYTEXT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DISPLAYTEXT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DIST_POINT.3ssl.gz b/msys2/usr/share/man/man3/d2i_DIST_POINT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DIST_POINT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DIST_POINT_NAME.3ssl.gz b/msys2/usr/share/man/man3/d2i_DIST_POINT_NAME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DIST_POINT_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSAPrivateKey.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_DSAPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/d2i_DSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSAPrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSAPrivateKey_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DSAPrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSAPrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSAPrivateKey_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DSAPrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSAPublicKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSAPublicKey.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_DSAPublicKey.3ssl.gz and b/msys2/usr/share/man/man3/d2i_DSAPublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSA_PUBKEY.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_DSA_PUBKEY.3ssl.gz and b/msys2/usr/share/man/man3/d2i_DSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSA_PUBKEY_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSA_PUBKEY_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DSA_PUBKEY_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSA_PUBKEY_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSA_PUBKEY_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_DSA_PUBKEY_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSA_SIG.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSA_SIG.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_DSA_SIG.3ssl.gz and b/msys2/usr/share/man/man3/d2i_DSA_SIG.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_DSAparams.3ssl.gz b/msys2/usr/share/man/man3/d2i_DSAparams.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_DSAparams.3ssl.gz and b/msys2/usr/share/man/man3/d2i_DSAparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ECDSA_SIG.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECDSA_SIG.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/d2i_ECDSA_SIG.3ssl.gz and b/msys2/usr/share/man/man3/d2i_ECDSA_SIG.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ECPKParameters.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECPKParameters.3ssl.gz
index 8e3be2b34..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_ECPKParameters.3ssl.gz and b/msys2/usr/share/man/man3/d2i_ECPKParameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ECPKParameters_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECPKParameters_bio.3ssl.gz
deleted file mode 100644
index 8e3be2b34..000000000
Binary files a/msys2/usr/share/man/man3/d2i_ECPKParameters_bio.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/d2i_ECPKParameters_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECPKParameters_fp.3ssl.gz
deleted file mode 100644
index 8e3be2b34..000000000
Binary files a/msys2/usr/share/man/man3/d2i_ECPKParameters_fp.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/d2i_ECParameters.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECParameters.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ECParameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ECPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECPrivateKey.3ssl.gz
index 729cf0474..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_ECPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/d2i_ECPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ECPrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECPrivateKey_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ECPrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ECPrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECPrivateKey_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ECPrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ECPrivate_key.3ssl.gz b/msys2/usr/share/man/man3/d2i_ECPrivate_key.3ssl.gz
deleted file mode 100644
index 729cf0474..000000000
Binary files a/msys2/usr/share/man/man3/d2i_ECPrivate_key.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/d2i_EC_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/d2i_EC_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_EC_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_EC_PUBKEY_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_EC_PUBKEY_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_EC_PUBKEY_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_EC_PUBKEY_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_EC_PUBKEY_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_EC_PUBKEY_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_EDIPARTYNAME.3ssl.gz b/msys2/usr/share/man/man3/d2i_EDIPARTYNAME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_EDIPARTYNAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ESS_CERT_ID.3ssl.gz b/msys2/usr/share/man/man3/d2i_ESS_CERT_ID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ESS_CERT_ID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ESS_ISSUER_SERIAL.3ssl.gz b/msys2/usr/share/man/man3/d2i_ESS_ISSUER_SERIAL.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ESS_ISSUER_SERIAL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ESS_SIGNING_CERT.3ssl.gz b/msys2/usr/share/man/man3/d2i_ESS_SIGNING_CERT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ESS_SIGNING_CERT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_EXTENDED_KEY_USAGE.3ssl.gz b/msys2/usr/share/man/man3/d2i_EXTENDED_KEY_USAGE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_EXTENDED_KEY_USAGE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_GENERAL_NAME.3ssl.gz b/msys2/usr/share/man/man3/d2i_GENERAL_NAME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_GENERAL_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_GENERAL_NAMES.3ssl.gz b/msys2/usr/share/man/man3/d2i_GENERAL_NAMES.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_GENERAL_NAMES.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_IPAddressChoice.3ssl.gz b/msys2/usr/share/man/man3/d2i_IPAddressChoice.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_IPAddressChoice.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_IPAddressFamily.3ssl.gz b/msys2/usr/share/man/man3/d2i_IPAddressFamily.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_IPAddressFamily.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_IPAddressOrRange.3ssl.gz b/msys2/usr/share/man/man3/d2i_IPAddressOrRange.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_IPAddressOrRange.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_IPAddressRange.3ssl.gz b/msys2/usr/share/man/man3/d2i_IPAddressRange.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_IPAddressRange.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_ISSUING_DIST_POINT.3ssl.gz b/msys2/usr/share/man/man3/d2i_ISSUING_DIST_POINT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_ISSUING_DIST_POINT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_NAMING_AUTHORITY.3ssl.gz b/msys2/usr/share/man/man3/d2i_NAMING_AUTHORITY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_NAMING_AUTHORITY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_NETSCAPE_CERT_SEQUENCE.3ssl.gz b/msys2/usr/share/man/man3/d2i_NETSCAPE_CERT_SEQUENCE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_NETSCAPE_CERT_SEQUENCE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_NETSCAPE_SPKAC.3ssl.gz b/msys2/usr/share/man/man3/d2i_NETSCAPE_SPKAC.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_NETSCAPE_SPKAC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_NETSCAPE_SPKI.3ssl.gz b/msys2/usr/share/man/man3/d2i_NETSCAPE_SPKI.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_NETSCAPE_SPKI.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_NOTICEREF.3ssl.gz b/msys2/usr/share/man/man3/d2i_NOTICEREF.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_NOTICEREF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_Netscape_RSA.3ssl.gz b/msys2/usr/share/man/man3/d2i_Netscape_RSA.3ssl.gz
deleted file mode 100644
index f897a632d..000000000
Binary files a/msys2/usr/share/man/man3/d2i_Netscape_RSA.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_BASICRESP.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_BASICRESP.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_BASICRESP.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_CERTID.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_CERTID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_CERTID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_CERTSTATUS.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_CERTSTATUS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_CERTSTATUS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_CRLID.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_CRLID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_CRLID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_ONEREQ.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_ONEREQ.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_ONEREQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_REQINFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_REQINFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_REQINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_REQUEST.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_REQUEST.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_REQUEST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_RESPBYTES.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_RESPBYTES.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_RESPBYTES.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_RESPDATA.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_RESPDATA.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_RESPDATA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_RESPID.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_RESPID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_RESPID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_RESPONSE.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_RESPONSE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_RESPONSE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_REVOKEDINFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_REVOKEDINFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_REVOKEDINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_SERVICELOC.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_SERVICELOC.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_SERVICELOC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_SIGNATURE.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_SIGNATURE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_SIGNATURE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OCSP_SINGLERESP.3ssl.gz b/msys2/usr/share/man/man3/d2i_OCSP_SINGLERESP.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OCSP_SINGLERESP.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_OTHERNAME.3ssl.gz b/msys2/usr/share/man/man3/d2i_OTHERNAME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_OTHERNAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PBE2PARAM.3ssl.gz b/msys2/usr/share/man/man3/d2i_PBE2PARAM.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PBE2PARAM.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PBEPARAM.3ssl.gz b/msys2/usr/share/man/man3/d2i_PBEPARAM.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PBEPARAM.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PBKDF2PARAM.3ssl.gz b/msys2/usr/share/man/man3/d2i_PBKDF2PARAM.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PBKDF2PARAM.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS12.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS12.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS12.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS12_BAGS.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS12_BAGS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS12_BAGS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS12_MAC_DATA.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS12_MAC_DATA.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS12_MAC_DATA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS12_SAFEBAG.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS12_SAFEBAG.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS12_SAFEBAG.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS12_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS12_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS12_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS12_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS12_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS12_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_DIGEST.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_DIGEST.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_DIGEST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_ENCRYPT.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_ENCRYPT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_ENCRYPT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_ENC_CONTENT.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_ENC_CONTENT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_ENC_CONTENT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_ENVELOPE.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_ENVELOPE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_ENVELOPE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_ISSUER_AND_SERIAL.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_ISSUER_AND_SERIAL.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_ISSUER_AND_SERIAL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_RECIP_INFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_RECIP_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_RECIP_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_SIGNED.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_SIGNED.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_SIGNED.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_SIGNER_INFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_SIGNER_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_SIGNER_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_SIGN_ENVELOPE.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_SIGN_ENVELOPE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_SIGN_ENVELOPE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS7_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS7_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS7_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey.3ssl.gz
deleted file mode 100644
index cfa004ee5..000000000
Binary files a/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey_bio.3ssl.gz
index cfa004ee5..40072931a 100644
Binary files a/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey_bio.3ssl.gz and b/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey_fp.3ssl.gz
index cfa004ee5..40072931a 100644
Binary files a/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey_fp.3ssl.gz and b/msys2/usr/share/man/man3/d2i_PKCS8PrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS8_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS8_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS8_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKCS8_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKCS8_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKCS8_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PKEY_USAGE_PERIOD.3ssl.gz b/msys2/usr/share/man/man3/d2i_PKEY_USAGE_PERIOD.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PKEY_USAGE_PERIOD.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_POLICYINFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_POLICYINFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_POLICYINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_POLICYQUALINFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_POLICYQUALINFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_POLICYQUALINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PROFESSION_INFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_PROFESSION_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PROFESSION_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PROXY_CERT_INFO_EXTENSION.3ssl.gz b/msys2/usr/share/man/man3/d2i_PROXY_CERT_INFO_EXTENSION.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PROXY_CERT_INFO_EXTENSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PROXY_POLICY.3ssl.gz b/msys2/usr/share/man/man3/d2i_PROXY_POLICY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PROXY_POLICY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/d2i_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PUBKEY_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_PUBKEY_bio.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PUBKEY_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PUBKEY_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_PUBKEY_fp.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PUBKEY_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_PrivateKey.3ssl.gz
index cd2668212..76c4d940e 100644
Binary files a/msys2/usr/share/man/man3/d2i_PrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/d2i_PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_PrivateKey_bio.3ssl.gz
new file mode 100644
index 000000000..76c4d940e
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_PrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_PrivateKey_fp.3ssl.gz
new file mode 100644
index 000000000..76c4d940e
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_Private_key.3ssl.gz b/msys2/usr/share/man/man3/d2i_Private_key.3ssl.gz
deleted file mode 100644
index cd2668212..000000000
Binary files a/msys2/usr/share/man/man3/d2i_Private_key.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/d2i_PublicKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_PublicKey.3ssl.gz
new file mode 100644
index 000000000..76c4d940e
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_PublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSAPrivateKey.3ssl.gz
index f897a632d..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_RSAPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/d2i_RSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSAPrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSAPrivateKey_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_RSAPrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSAPrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSAPrivateKey_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_RSAPrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSAPublicKey.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSAPublicKey.3ssl.gz
index f897a632d..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_RSAPublicKey.3ssl.gz and b/msys2/usr/share/man/man3/d2i_RSAPublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSAPublicKey_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSAPublicKey_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_RSAPublicKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSAPublicKey_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSAPublicKey_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_RSAPublicKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSA_OAEP_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSA_OAEP_PARAMS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_RSA_OAEP_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSA_PSS_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSA_PSS_PARAMS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_RSA_PSS_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSA_PUBKEY.3ssl.gz
index f897a632d..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_RSA_PUBKEY.3ssl.gz and b/msys2/usr/share/man/man3/d2i_RSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSA_PUBKEY_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSA_PUBKEY_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_RSA_PUBKEY_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_RSA_PUBKEY_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_RSA_PUBKEY_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_RSA_PUBKEY_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_SCRYPT_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/d2i_SCRYPT_PARAMS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_SCRYPT_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_SCT_LIST.3ssl.gz b/msys2/usr/share/man/man3/d2i_SCT_LIST.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_SCT_LIST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_SSL_SESSION.3ssl.gz b/msys2/usr/share/man/man3/d2i_SSL_SESSION.3ssl.gz
index 3274fbee8..611243e7b 100644
Binary files a/msys2/usr/share/man/man3/d2i_SSL_SESSION.3ssl.gz and b/msys2/usr/share/man/man3/d2i_SSL_SESSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_SXNET.3ssl.gz b/msys2/usr/share/man/man3/d2i_SXNET.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_SXNET.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_SXNETID.3ssl.gz b/msys2/usr/share/man/man3/d2i_SXNETID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_SXNETID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_ACCURACY.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_ACCURACY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_ACCURACY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_MSG_IMPRINT_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_REQ.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_REQ.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_REQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_REQ_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_REQ_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_REQ_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_REQ_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_REQ_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_REQ_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_RESP.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_RESP.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_RESP.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_RESP_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_RESP_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_RESP_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_RESP_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_RESP_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_RESP_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_STATUS_INFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_STATUS_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_STATUS_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_TST_INFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_TST_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_TST_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_TST_INFO_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_TST_INFO_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_TST_INFO_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_TS_TST_INFO_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_TS_TST_INFO_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_TS_TST_INFO_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_USERNOTICE.3ssl.gz b/msys2/usr/share/man/man3/d2i_USERNOTICE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_USERNOTICE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509.3ssl.gz
index 3c943d447..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_ALGOR.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_ALGOR.3ssl.gz
index c4fb43090..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_ALGOR.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_ALGOR.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_ALGORS.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_ALGORS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_ALGORS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_ATTRIBUTE.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_ATTRIBUTE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_ATTRIBUTE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_AUX.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_AUX.3ssl.gz
new file mode 100644
index 000000000..d515492cb
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_AUX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_CERT_AUX.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_CERT_AUX.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_CERT_AUX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_CINF.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_CINF.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_CINF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_CRL.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_CRL.3ssl.gz
index 208b01eac..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_CRL.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_CRL_INFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_CRL_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_CRL_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_CRL_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_CRL_bio.3ssl.gz
index 208b01eac..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_CRL_bio.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_CRL_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_CRL_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_CRL_fp.3ssl.gz
index 208b01eac..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_CRL_fp.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_CRL_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_EXTENSION.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_EXTENSION.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_EXTENSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_EXTENSIONS.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_EXTENSIONS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_EXTENSIONS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_NAME.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_NAME.3ssl.gz
index 8574a01d8..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_NAME.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_NAME_ENTRY.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_NAME_ENTRY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_NAME_ENTRY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_REQ.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_REQ.3ssl.gz
index b36d068ed..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_REQ.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_REQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_REQ_INFO.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_REQ_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_REQ_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_REQ_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_REQ_bio.3ssl.gz
index b36d068ed..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_REQ_bio.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_REQ_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_REQ_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_REQ_fp.3ssl.gz
index b36d068ed..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_REQ_fp.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_REQ_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_REVOKED.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_REVOKED.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_REVOKED.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_SIG.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_SIG.3ssl.gz
index f321f5a63..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/d2i_X509_SIG.3ssl.gz and b/msys2/usr/share/man/man3/d2i_X509_SIG.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_VAL.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_VAL.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/d2i_X509_VAL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_bio.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_bio.3ssl.gz
deleted file mode 100644
index 3c943d447..000000000
Binary files a/msys2/usr/share/man/man3/d2i_X509_bio.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/d2i_X509_fp.3ssl.gz b/msys2/usr/share/man/man3/d2i_X509_fp.3ssl.gz
deleted file mode 100644
index 3c943d447..000000000
Binary files a/msys2/usr/share/man/man3/d2i_X509_fp.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/data_ahead.3x.gz b/msys2/usr/share/man/man3/data_ahead.3x.gz
index 56a5ff1e1..647a85954 100644
Binary files a/msys2/usr/share/man/man3/data_ahead.3x.gz and b/msys2/usr/share/man/man3/data_ahead.3x.gz differ
diff --git a/msys2/usr/share/man/man3/data_behind.3x.gz b/msys2/usr/share/man/man3/data_behind.3x.gz
index 56a5ff1e1..647a85954 100644
Binary files a/msys2/usr/share/man/man3/data_behind.3x.gz and b/msys2/usr/share/man/man3/data_behind.3x.gz differ
diff --git a/msys2/usr/share/man/man3/db_operations.3.gz b/msys2/usr/share/man/man3/db_operations.3.gz
index 5ce761409..310efcabe 100644
Binary files a/msys2/usr/share/man/man3/db_operations.3.gz and b/msys2/usr/share/man/man3/db_operations.3.gz differ
diff --git a/msys2/usr/share/man/man3/def_prog_mode.3x.gz b/msys2/usr/share/man/man3/def_prog_mode.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/def_prog_mode.3x.gz and b/msys2/usr/share/man/man3/def_prog_mode.3x.gz differ
diff --git a/msys2/usr/share/man/man3/def_shell_mode.3x.gz b/msys2/usr/share/man/man3/def_shell_mode.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/def_shell_mode.3x.gz and b/msys2/usr/share/man/man3/def_shell_mode.3x.gz differ
diff --git a/msys2/usr/share/man/man3/default_colors.3x.gz b/msys2/usr/share/man/man3/default_colors.3x.gz
index e9d6c34f2..679fb2766 100644
Binary files a/msys2/usr/share/man/man3/default_colors.3x.gz and b/msys2/usr/share/man/man3/default_colors.3x.gz differ
diff --git a/msys2/usr/share/man/man3/define_key.3x.gz b/msys2/usr/share/man/man3/define_key.3x.gz
index 18138bb22..423facb26 100644
Binary files a/msys2/usr/share/man/man3/define_key.3x.gz and b/msys2/usr/share/man/man3/define_key.3x.gz differ
diff --git a/msys2/usr/share/man/man3/del_curterm.3x.gz b/msys2/usr/share/man/man3/del_curterm.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/del_curterm.3x.gz and b/msys2/usr/share/man/man3/del_curterm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/del_panel.3x.gz b/msys2/usr/share/man/man3/del_panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/del_panel.3x.gz and b/msys2/usr/share/man/man3/del_panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/delay_output.3x.gz b/msys2/usr/share/man/man3/delay_output.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/delay_output.3x.gz and b/msys2/usr/share/man/man3/delay_output.3x.gz differ
diff --git a/msys2/usr/share/man/man3/delch.3x.gz b/msys2/usr/share/man/man3/delch.3x.gz
index b3d30bdeb..73bf9762a 100644
Binary files a/msys2/usr/share/man/man3/delch.3x.gz and b/msys2/usr/share/man/man3/delch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/deleteln.3x.gz b/msys2/usr/share/man/man3/deleteln.3x.gz
index bf00f7e8a..9ef2f5321 100644
Binary files a/msys2/usr/share/man/man3/deleteln.3x.gz and b/msys2/usr/share/man/man3/deleteln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/delscreen.3x.gz b/msys2/usr/share/man/man3/delscreen.3x.gz
index 175ffb36e..36f1b5781 100644
Binary files a/msys2/usr/share/man/man3/delscreen.3x.gz and b/msys2/usr/share/man/man3/delscreen.3x.gz differ
diff --git a/msys2/usr/share/man/man3/des.3ssl.gz b/msys2/usr/share/man/man3/des.3ssl.gz
deleted file mode 100644
index 815ebe554..000000000
Binary files a/msys2/usr/share/man/man3/des.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/des_read_2passwords.3ssl.gz b/msys2/usr/share/man/man3/des_read_2passwords.3ssl.gz
deleted file mode 100644
index 3ed6d1350..000000000
Binary files a/msys2/usr/share/man/man3/des_read_2passwords.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/des_read_password.3ssl.gz b/msys2/usr/share/man/man3/des_read_password.3ssl.gz
deleted file mode 100644
index 3ed6d1350..000000000
Binary files a/msys2/usr/share/man/man3/des_read_password.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/des_read_pw.3ssl.gz b/msys2/usr/share/man/man3/des_read_pw.3ssl.gz
deleted file mode 100644
index 3ed6d1350..000000000
Binary files a/msys2/usr/share/man/man3/des_read_pw.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/des_read_pw_string.3ssl.gz b/msys2/usr/share/man/man3/des_read_pw_string.3ssl.gz
deleted file mode 100644
index 3ed6d1350..000000000
Binary files a/msys2/usr/share/man/man3/des_read_pw_string.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/dh.3ssl.gz b/msys2/usr/share/man/man3/dh.3ssl.gz
deleted file mode 100644
index ee26545fe..000000000
Binary files a/msys2/usr/share/man/man3/dh.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/dload_payload.3.gz b/msys2/usr/share/man/man3/dload_payload.3.gz
index 45ff23adc..ae077b54e 100644
Binary files a/msys2/usr/share/man/man3/dload_payload.3.gz and b/msys2/usr/share/man/man3/dload_payload.3.gz differ
diff --git a/msys2/usr/share/man/man3/doupdate.3x.gz b/msys2/usr/share/man/man3/doupdate.3x.gz
index 9907d050d..263e8feba 100644
Binary files a/msys2/usr/share/man/man3/doupdate.3x.gz and b/msys2/usr/share/man/man3/doupdate.3x.gz differ
diff --git a/msys2/usr/share/man/man3/dsa.3ssl.gz b/msys2/usr/share/man/man3/dsa.3ssl.gz
deleted file mode 100644
index ab521c366..000000000
Binary files a/msys2/usr/share/man/man3/dsa.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/dup_field.3x.gz b/msys2/usr/share/man/man3/dup_field.3x.gz
index b9a9a240f..2f6e4748e 100644
Binary files a/msys2/usr/share/man/man3/dup_field.3x.gz and b/msys2/usr/share/man/man3/dup_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/dynamic_field_info.3x.gz b/msys2/usr/share/man/man3/dynamic_field_info.3x.gz
index 02602b2de..d0562fdc4 100644
Binary files a/msys2/usr/share/man/man3/dynamic_field_info.3x.gz and b/msys2/usr/share/man/man3/dynamic_field_info.3x.gz differ
diff --git a/msys2/usr/share/man/man3/ec.3ssl.gz b/msys2/usr/share/man/man3/ec.3ssl.gz
deleted file mode 100644
index 6f6a7e71b..000000000
Binary files a/msys2/usr/share/man/man3/ec.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/ecdsa.3ssl.gz b/msys2/usr/share/man/man3/ecdsa.3ssl.gz
deleted file mode 100644
index 6b4fa8993..000000000
Binary files a/msys2/usr/share/man/man3/ecdsa.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/echo.3x.gz b/msys2/usr/share/man/man3/echo.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/echo.3x.gz and b/msys2/usr/share/man/man3/echo.3x.gz differ
diff --git a/msys2/usr/share/man/man3/echochar.3x.gz b/msys2/usr/share/man/man3/echochar.3x.gz
index 9380c711b..7222e4e58 100644
Binary files a/msys2/usr/share/man/man3/echochar.3x.gz and b/msys2/usr/share/man/man3/echochar.3x.gz differ
diff --git a/msys2/usr/share/man/man3/endwin.3x.gz b/msys2/usr/share/man/man3/endwin.3x.gz
index 175ffb36e..36f1b5781 100644
Binary files a/msys2/usr/share/man/man3/endwin.3x.gz and b/msys2/usr/share/man/man3/endwin.3x.gz differ
diff --git a/msys2/usr/share/man/man3/engine.3ssl.gz b/msys2/usr/share/man/man3/engine.3ssl.gz
deleted file mode 100644
index d332c0d99..000000000
Binary files a/msys2/usr/share/man/man3/engine.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/erase.3x.gz b/msys2/usr/share/man/man3/erase.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/erase.3x.gz and b/msys2/usr/share/man/man3/erase.3x.gz differ
diff --git a/msys2/usr/share/man/man3/erasechar.3x.gz b/msys2/usr/share/man/man3/erasechar.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/erasechar.3x.gz and b/msys2/usr/share/man/man3/erasechar.3x.gz differ
diff --git a/msys2/usr/share/man/man3/erasewchar.3x.gz b/msys2/usr/share/man/man3/erasewchar.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/erasewchar.3x.gz and b/msys2/usr/share/man/man3/erasewchar.3x.gz differ
diff --git a/msys2/usr/share/man/man3/err.3ssl.gz b/msys2/usr/share/man/man3/err.3ssl.gz
deleted file mode 100644
index f9d3dce28..000000000
Binary files a/msys2/usr/share/man/man3/err.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/evp.3ssl.gz b/msys2/usr/share/man/man3/evp.3ssl.gz
deleted file mode 100644
index b1fbf3ee6..000000000
Binary files a/msys2/usr/share/man/man3/evp.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/extended_color_content.3x.gz b/msys2/usr/share/man/man3/extended_color_content.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/extended_color_content.3x.gz and b/msys2/usr/share/man/man3/extended_color_content.3x.gz differ
diff --git a/msys2/usr/share/man/man3/extended_pair_content.3x.gz b/msys2/usr/share/man/man3/extended_pair_content.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/extended_pair_content.3x.gz and b/msys2/usr/share/man/man3/extended_pair_content.3x.gz differ
diff --git a/msys2/usr/share/man/man3/extended_slk_color.3x.gz b/msys2/usr/share/man/man3/extended_slk_color.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/extended_slk_color.3x.gz and b/msys2/usr/share/man/man3/extended_slk_color.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_arg.3x.gz b/msys2/usr/share/man/man3/field_arg.3x.gz
index 7a356a18e..01f8882f2 100644
Binary files a/msys2/usr/share/man/man3/field_arg.3x.gz and b/msys2/usr/share/man/man3/field_arg.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_back.3x.gz b/msys2/usr/share/man/man3/field_back.3x.gz
index 18941b469..9daab54bb 100644
Binary files a/msys2/usr/share/man/man3/field_back.3x.gz and b/msys2/usr/share/man/man3/field_back.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_buffer.3x.gz b/msys2/usr/share/man/man3/field_buffer.3x.gz
index 2a1192f18..206d5d9df 100644
Binary files a/msys2/usr/share/man/man3/field_buffer.3x.gz and b/msys2/usr/share/man/man3/field_buffer.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_count.3x.gz b/msys2/usr/share/man/man3/field_count.3x.gz
index c925e242f..db96bac3e 100644
Binary files a/msys2/usr/share/man/man3/field_count.3x.gz and b/msys2/usr/share/man/man3/field_count.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_fore.3x.gz b/msys2/usr/share/man/man3/field_fore.3x.gz
index 18941b469..9daab54bb 100644
Binary files a/msys2/usr/share/man/man3/field_fore.3x.gz and b/msys2/usr/share/man/man3/field_fore.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_index.3x.gz b/msys2/usr/share/man/man3/field_index.3x.gz
index cea209f49..2434be0e5 100644
Binary files a/msys2/usr/share/man/man3/field_index.3x.gz and b/msys2/usr/share/man/man3/field_index.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_info.3x.gz b/msys2/usr/share/man/man3/field_info.3x.gz
index 02602b2de..d0562fdc4 100644
Binary files a/msys2/usr/share/man/man3/field_info.3x.gz and b/msys2/usr/share/man/man3/field_info.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_init.3x.gz b/msys2/usr/share/man/man3/field_init.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/field_init.3x.gz and b/msys2/usr/share/man/man3/field_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_just.3x.gz b/msys2/usr/share/man/man3/field_just.3x.gz
index 568267232..291acab7e 100644
Binary files a/msys2/usr/share/man/man3/field_just.3x.gz and b/msys2/usr/share/man/man3/field_just.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_opts.3x.gz b/msys2/usr/share/man/man3/field_opts.3x.gz
index 160849258..f15b63998 100644
Binary files a/msys2/usr/share/man/man3/field_opts.3x.gz and b/msys2/usr/share/man/man3/field_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_opts_off.3x.gz b/msys2/usr/share/man/man3/field_opts_off.3x.gz
index 160849258..f15b63998 100644
Binary files a/msys2/usr/share/man/man3/field_opts_off.3x.gz and b/msys2/usr/share/man/man3/field_opts_off.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_opts_on.3x.gz b/msys2/usr/share/man/man3/field_opts_on.3x.gz
index 160849258..f15b63998 100644
Binary files a/msys2/usr/share/man/man3/field_opts_on.3x.gz and b/msys2/usr/share/man/man3/field_opts_on.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_pad.3x.gz b/msys2/usr/share/man/man3/field_pad.3x.gz
index 18941b469..9daab54bb 100644
Binary files a/msys2/usr/share/man/man3/field_pad.3x.gz and b/msys2/usr/share/man/man3/field_pad.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_status.3x.gz b/msys2/usr/share/man/man3/field_status.3x.gz
index 2a1192f18..206d5d9df 100644
Binary files a/msys2/usr/share/man/man3/field_status.3x.gz and b/msys2/usr/share/man/man3/field_status.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_term.3x.gz b/msys2/usr/share/man/man3/field_term.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/field_term.3x.gz and b/msys2/usr/share/man/man3/field_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_type.3x.gz b/msys2/usr/share/man/man3/field_type.3x.gz
index 7a356a18e..01f8882f2 100644
Binary files a/msys2/usr/share/man/man3/field_type.3x.gz and b/msys2/usr/share/man/man3/field_type.3x.gz differ
diff --git a/msys2/usr/share/man/man3/field_userptr.3x.gz b/msys2/usr/share/man/man3/field_userptr.3x.gz
index 49ed110f0..7f3518203 100644
Binary files a/msys2/usr/share/man/man3/field_userptr.3x.gz and b/msys2/usr/share/man/man3/field_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/filefuncs.3am.gz b/msys2/usr/share/man/man3/filefuncs.3am.gz
index 5ae33e953..61e3a27d2 100644
Binary files a/msys2/usr/share/man/man3/filefuncs.3am.gz and b/msys2/usr/share/man/man3/filefuncs.3am.gz differ
diff --git a/msys2/usr/share/man/man3/filter.3x.gz b/msys2/usr/share/man/man3/filter.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/filter.3x.gz and b/msys2/usr/share/man/man3/filter.3x.gz differ
diff --git a/msys2/usr/share/man/man3/find_pair.3x.gz b/msys2/usr/share/man/man3/find_pair.3x.gz
index 2882ec13d..c3c541157 100644
Binary files a/msys2/usr/share/man/man3/find_pair.3x.gz and b/msys2/usr/share/man/man3/find_pair.3x.gz differ
diff --git a/msys2/usr/share/man/man3/flash.3x.gz b/msys2/usr/share/man/man3/flash.3x.gz
index 27ea34730..1131e2c60 100644
Binary files a/msys2/usr/share/man/man3/flash.3x.gz and b/msys2/usr/share/man/man3/flash.3x.gz differ
diff --git a/msys2/usr/share/man/man3/flushinp.3x.gz b/msys2/usr/share/man/man3/flushinp.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/flushinp.3x.gz and b/msys2/usr/share/man/man3/flushinp.3x.gz differ
diff --git a/msys2/usr/share/man/man3/fnmatch.3am.gz b/msys2/usr/share/man/man3/fnmatch.3am.gz
index 4d90cc8e1..8ac129fe6 100644
Binary files a/msys2/usr/share/man/man3/fnmatch.3am.gz and b/msys2/usr/share/man/man3/fnmatch.3am.gz differ
diff --git a/msys2/usr/share/man/man3/fork.3am.gz b/msys2/usr/share/man/man3/fork.3am.gz
index 367c9f246..1f4af826a 100644
Binary files a/msys2/usr/share/man/man3/fork.3am.gz and b/msys2/usr/share/man/man3/fork.3am.gz differ
diff --git a/msys2/usr/share/man/man3/form.3x.gz b/msys2/usr/share/man/man3/form.3x.gz
index 9028fe893..609c8c392 100644
Binary files a/msys2/usr/share/man/man3/form.3x.gz and b/msys2/usr/share/man/man3/form.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_cursor.3x.gz b/msys2/usr/share/man/man3/form_cursor.3x.gz
index 3ecdd0e6b..232e3b27e 100644
Binary files a/msys2/usr/share/man/man3/form_cursor.3x.gz and b/msys2/usr/share/man/man3/form_cursor.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_data.3x.gz b/msys2/usr/share/man/man3/form_data.3x.gz
index 56a5ff1e1..647a85954 100644
Binary files a/msys2/usr/share/man/man3/form_data.3x.gz and b/msys2/usr/share/man/man3/form_data.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_driver.3x.gz b/msys2/usr/share/man/man3/form_driver.3x.gz
index 810f412aa..e20390697 100644
Binary files a/msys2/usr/share/man/man3/form_driver.3x.gz and b/msys2/usr/share/man/man3/form_driver.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_driver_w.3x.gz b/msys2/usr/share/man/man3/form_driver_w.3x.gz
index 810f412aa..e20390697 100644
Binary files a/msys2/usr/share/man/man3/form_driver_w.3x.gz and b/msys2/usr/share/man/man3/form_driver_w.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field.3x.gz b/msys2/usr/share/man/man3/form_field.3x.gz
index c925e242f..db96bac3e 100644
Binary files a/msys2/usr/share/man/man3/form_field.3x.gz and b/msys2/usr/share/man/man3/form_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field_attributes.3x.gz b/msys2/usr/share/man/man3/form_field_attributes.3x.gz
index 18941b469..9daab54bb 100644
Binary files a/msys2/usr/share/man/man3/form_field_attributes.3x.gz and b/msys2/usr/share/man/man3/form_field_attributes.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field_buffer.3x.gz b/msys2/usr/share/man/man3/form_field_buffer.3x.gz
index 2a1192f18..206d5d9df 100644
Binary files a/msys2/usr/share/man/man3/form_field_buffer.3x.gz and b/msys2/usr/share/man/man3/form_field_buffer.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field_info.3x.gz b/msys2/usr/share/man/man3/form_field_info.3x.gz
index 02602b2de..d0562fdc4 100644
Binary files a/msys2/usr/share/man/man3/form_field_info.3x.gz and b/msys2/usr/share/man/man3/form_field_info.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field_just.3x.gz b/msys2/usr/share/man/man3/form_field_just.3x.gz
index 568267232..291acab7e 100644
Binary files a/msys2/usr/share/man/man3/form_field_just.3x.gz and b/msys2/usr/share/man/man3/form_field_just.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field_new.3x.gz b/msys2/usr/share/man/man3/form_field_new.3x.gz
index b9a9a240f..2f6e4748e 100644
Binary files a/msys2/usr/share/man/man3/form_field_new.3x.gz and b/msys2/usr/share/man/man3/form_field_new.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field_opts.3x.gz b/msys2/usr/share/man/man3/form_field_opts.3x.gz
index 160849258..f15b63998 100644
Binary files a/msys2/usr/share/man/man3/form_field_opts.3x.gz and b/msys2/usr/share/man/man3/form_field_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field_userptr.3x.gz b/msys2/usr/share/man/man3/form_field_userptr.3x.gz
index 49ed110f0..7f3518203 100644
Binary files a/msys2/usr/share/man/man3/form_field_userptr.3x.gz and b/msys2/usr/share/man/man3/form_field_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_field_validation.3x.gz b/msys2/usr/share/man/man3/form_field_validation.3x.gz
index 7a356a18e..01f8882f2 100644
Binary files a/msys2/usr/share/man/man3/form_field_validation.3x.gz and b/msys2/usr/share/man/man3/form_field_validation.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_fields.3x.gz b/msys2/usr/share/man/man3/form_fields.3x.gz
index c925e242f..db96bac3e 100644
Binary files a/msys2/usr/share/man/man3/form_fields.3x.gz and b/msys2/usr/share/man/man3/form_fields.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_fieldtype.3x.gz b/msys2/usr/share/man/man3/form_fieldtype.3x.gz
index e57648415..f9ae36c34 100644
Binary files a/msys2/usr/share/man/man3/form_fieldtype.3x.gz and b/msys2/usr/share/man/man3/form_fieldtype.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_hook.3x.gz b/msys2/usr/share/man/man3/form_hook.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/form_hook.3x.gz and b/msys2/usr/share/man/man3/form_hook.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_init.3x.gz b/msys2/usr/share/man/man3/form_init.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/form_init.3x.gz and b/msys2/usr/share/man/man3/form_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_new.3x.gz b/msys2/usr/share/man/man3/form_new.3x.gz
index 65cd8052b..68bc8f3f6 100644
Binary files a/msys2/usr/share/man/man3/form_new.3x.gz and b/msys2/usr/share/man/man3/form_new.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_new_page.3x.gz b/msys2/usr/share/man/man3/form_new_page.3x.gz
index b7cd68918..005fdf137 100644
Binary files a/msys2/usr/share/man/man3/form_new_page.3x.gz and b/msys2/usr/share/man/man3/form_new_page.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_opts.3x.gz b/msys2/usr/share/man/man3/form_opts.3x.gz
index 2f4c9ccb9..3b736a6bf 100644
Binary files a/msys2/usr/share/man/man3/form_opts.3x.gz and b/msys2/usr/share/man/man3/form_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_opts_off.3x.gz b/msys2/usr/share/man/man3/form_opts_off.3x.gz
index 2f4c9ccb9..3b736a6bf 100644
Binary files a/msys2/usr/share/man/man3/form_opts_off.3x.gz and b/msys2/usr/share/man/man3/form_opts_off.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_opts_on.3x.gz b/msys2/usr/share/man/man3/form_opts_on.3x.gz
index 2f4c9ccb9..3b736a6bf 100644
Binary files a/msys2/usr/share/man/man3/form_opts_on.3x.gz and b/msys2/usr/share/man/man3/form_opts_on.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_page.3x.gz b/msys2/usr/share/man/man3/form_page.3x.gz
index cea209f49..2434be0e5 100644
Binary files a/msys2/usr/share/man/man3/form_page.3x.gz and b/msys2/usr/share/man/man3/form_page.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_post.3x.gz b/msys2/usr/share/man/man3/form_post.3x.gz
index 7e76615e0..a2f8b2c36 100644
Binary files a/msys2/usr/share/man/man3/form_post.3x.gz and b/msys2/usr/share/man/man3/form_post.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_request_by_name.3x.gz b/msys2/usr/share/man/man3/form_request_by_name.3x.gz
index 62cc3af3a..e4a650c91 100644
Binary files a/msys2/usr/share/man/man3/form_request_by_name.3x.gz and b/msys2/usr/share/man/man3/form_request_by_name.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_request_name.3x.gz b/msys2/usr/share/man/man3/form_request_name.3x.gz
index 62cc3af3a..e4a650c91 100644
Binary files a/msys2/usr/share/man/man3/form_request_name.3x.gz and b/msys2/usr/share/man/man3/form_request_name.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_requestname.3x.gz b/msys2/usr/share/man/man3/form_requestname.3x.gz
index 62cc3af3a..e4a650c91 100644
Binary files a/msys2/usr/share/man/man3/form_requestname.3x.gz and b/msys2/usr/share/man/man3/form_requestname.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_sub.3x.gz b/msys2/usr/share/man/man3/form_sub.3x.gz
index 702529595..9c9819dae 100644
Binary files a/msys2/usr/share/man/man3/form_sub.3x.gz and b/msys2/usr/share/man/man3/form_sub.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_term.3x.gz b/msys2/usr/share/man/man3/form_term.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/form_term.3x.gz and b/msys2/usr/share/man/man3/form_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_userptr.3x.gz b/msys2/usr/share/man/man3/form_userptr.3x.gz
index f83e05cfa..9f562c669 100644
Binary files a/msys2/usr/share/man/man3/form_userptr.3x.gz and b/msys2/usr/share/man/man3/form_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/form_win.3x.gz b/msys2/usr/share/man/man3/form_win.3x.gz
index 702529595..9c9819dae 100644
Binary files a/msys2/usr/share/man/man3/form_win.3x.gz and b/msys2/usr/share/man/man3/form_win.3x.gz differ
diff --git a/msys2/usr/share/man/man3/free_field.3x.gz b/msys2/usr/share/man/man3/free_field.3x.gz
index b9a9a240f..2f6e4748e 100644
Binary files a/msys2/usr/share/man/man3/free_field.3x.gz and b/msys2/usr/share/man/man3/free_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/free_fieldtype.3x.gz b/msys2/usr/share/man/man3/free_fieldtype.3x.gz
index e57648415..f9ae36c34 100644
Binary files a/msys2/usr/share/man/man3/free_fieldtype.3x.gz and b/msys2/usr/share/man/man3/free_fieldtype.3x.gz differ
diff --git a/msys2/usr/share/man/man3/free_form.3x.gz b/msys2/usr/share/man/man3/free_form.3x.gz
index 65cd8052b..68bc8f3f6 100644
Binary files a/msys2/usr/share/man/man3/free_form.3x.gz and b/msys2/usr/share/man/man3/free_form.3x.gz differ
diff --git a/msys2/usr/share/man/man3/free_item.3x.gz b/msys2/usr/share/man/man3/free_item.3x.gz
index 901b51105..ac4cee226 100644
Binary files a/msys2/usr/share/man/man3/free_item.3x.gz and b/msys2/usr/share/man/man3/free_item.3x.gz differ
diff --git a/msys2/usr/share/man/man3/free_menu.3x.gz b/msys2/usr/share/man/man3/free_menu.3x.gz
index 9f39a3d01..a0a13de9c 100644
Binary files a/msys2/usr/share/man/man3/free_menu.3x.gz and b/msys2/usr/share/man/man3/free_menu.3x.gz differ
diff --git a/msys2/usr/share/man/man3/free_pair.3x.gz b/msys2/usr/share/man/man3/free_pair.3x.gz
index 2882ec13d..c3c541157 100644
Binary files a/msys2/usr/share/man/man3/free_pair.3x.gz and b/msys2/usr/share/man/man3/free_pair.3x.gz differ
diff --git a/msys2/usr/share/man/man3/get_wch.3x.gz b/msys2/usr/share/man/man3/get_wch.3x.gz
index 0df737a7d..e76d981a0 100644
Binary files a/msys2/usr/share/man/man3/get_wch.3x.gz and b/msys2/usr/share/man/man3/get_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/get_wstr.3x.gz b/msys2/usr/share/man/man3/get_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/get_wstr.3x.gz and b/msys2/usr/share/man/man3/get_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getbkgd.3x.gz b/msys2/usr/share/man/man3/getbkgd.3x.gz
index e153a5f7b..da16aa023 100644
Binary files a/msys2/usr/share/man/man3/getbkgd.3x.gz and b/msys2/usr/share/man/man3/getbkgd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getbkgrnd.3x.gz b/msys2/usr/share/man/man3/getbkgrnd.3x.gz
index 3caaae36d..780272d5c 100644
Binary files a/msys2/usr/share/man/man3/getbkgrnd.3x.gz and b/msys2/usr/share/man/man3/getbkgrnd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getch.3x.gz b/msys2/usr/share/man/man3/getch.3x.gz
index e5538d65e..249c9cb35 100644
Binary files a/msys2/usr/share/man/man3/getch.3x.gz and b/msys2/usr/share/man/man3/getch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getmouse.3x.gz b/msys2/usr/share/man/man3/getmouse.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/getmouse.3x.gz and b/msys2/usr/share/man/man3/getmouse.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getn_wstr.3x.gz b/msys2/usr/share/man/man3/getn_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/getn_wstr.3x.gz and b/msys2/usr/share/man/man3/getn_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getnstr.3x.gz b/msys2/usr/share/man/man3/getnstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/getnstr.3x.gz and b/msys2/usr/share/man/man3/getnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getstr.3x.gz b/msys2/usr/share/man/man3/getstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/getstr.3x.gz and b/msys2/usr/share/man/man3/getstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getsyx.3x.gz b/msys2/usr/share/man/man3/getsyx.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/getsyx.3x.gz and b/msys2/usr/share/man/man3/getsyx.3x.gz differ
diff --git a/msys2/usr/share/man/man3/getwin.3x.gz b/msys2/usr/share/man/man3/getwin.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/getwin.3x.gz and b/msys2/usr/share/man/man3/getwin.3x.gz differ
diff --git a/msys2/usr/share/man/man3/halfdelay.3x.gz b/msys2/usr/share/man/man3/halfdelay.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/halfdelay.3x.gz and b/msys2/usr/share/man/man3/halfdelay.3x.gz differ
diff --git a/msys2/usr/share/man/man3/has_colors.3x.gz b/msys2/usr/share/man/man3/has_colors.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/has_colors.3x.gz and b/msys2/usr/share/man/man3/has_colors.3x.gz differ
diff --git a/msys2/usr/share/man/man3/has_ic.3x.gz b/msys2/usr/share/man/man3/has_ic.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/has_ic.3x.gz and b/msys2/usr/share/man/man3/has_ic.3x.gz differ
diff --git a/msys2/usr/share/man/man3/has_il.3x.gz b/msys2/usr/share/man/man3/has_il.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/has_il.3x.gz and b/msys2/usr/share/man/man3/has_il.3x.gz differ
diff --git a/msys2/usr/share/man/man3/has_key.3x.gz b/msys2/usr/share/man/man3/has_key.3x.gz
index e5538d65e..249c9cb35 100644
Binary files a/msys2/usr/share/man/man3/has_key.3x.gz and b/msys2/usr/share/man/man3/has_key.3x.gz differ
diff --git a/msys2/usr/share/man/man3/has_mouse.3x.gz b/msys2/usr/share/man/man3/has_mouse.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/has_mouse.3x.gz and b/msys2/usr/share/man/man3/has_mouse.3x.gz differ
diff --git a/msys2/usr/share/man/man3/hide_panel.3x.gz b/msys2/usr/share/man/man3/hide_panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/hide_panel.3x.gz and b/msys2/usr/share/man/man3/hide_panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/history.3.gz b/msys2/usr/share/man/man3/history.3.gz
index 5925d1987..52d65a2ee 100644
Binary files a/msys2/usr/share/man/man3/history.3.gz and b/msys2/usr/share/man/man3/history.3.gz differ
diff --git a/msys2/usr/share/man/man3/hline.3x.gz b/msys2/usr/share/man/man3/hline.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/hline.3x.gz and b/msys2/usr/share/man/man3/hline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ACCESS_DESCRIPTION.3ssl.gz b/msys2/usr/share/man/man3/i2d_ACCESS_DESCRIPTION.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ACCESS_DESCRIPTION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ADMISSIONS.3ssl.gz b/msys2/usr/share/man/man3/i2d_ADMISSIONS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ADMISSIONS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ADMISSION_SYNTAX.3ssl.gz b/msys2/usr/share/man/man3/i2d_ADMISSION_SYNTAX.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ADMISSION_SYNTAX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASIdOrRange.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASIdOrRange.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASIdOrRange.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASIdentifierChoice.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASIdentifierChoice.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASIdentifierChoice.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASIdentifiers.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASIdentifiers.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASIdentifiers.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_BIT_STRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_BIT_STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_BIT_STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_BMPSTRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_BMPSTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_BMPSTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_ENUMERATED.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_ENUMERATED.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_ENUMERATED.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_GENERALIZEDTIME.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_GENERALIZEDTIME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_GENERALIZEDTIME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_GENERALSTRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_GENERALSTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_GENERALSTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_IA5STRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_IA5STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_IA5STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_INTEGER.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_INTEGER.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_INTEGER.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_NULL.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_NULL.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_NULL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_OBJECT.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_OBJECT.3ssl.gz
index 0fcc4aeb4..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_ASN1_OBJECT.3ssl.gz and b/msys2/usr/share/man/man3/i2d_ASN1_OBJECT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_OCTET_STRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_OCTET_STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_OCTET_STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_PRINTABLE.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_PRINTABLE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_PRINTABLE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_PRINTABLESTRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_PRINTABLESTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_PRINTABLESTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_SEQUENCE_ANY.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_SEQUENCE_ANY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_SEQUENCE_ANY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_SET_ANY.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_SET_ANY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_SET_ANY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_T61STRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_T61STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_T61STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_TIME.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_TIME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_TIME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_TYPE.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_TYPE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_TYPE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_UNIVERSALSTRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_UNIVERSALSTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_UNIVERSALSTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_UTCTIME.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_UTCTIME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_UTCTIME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_UTF8STRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_UTF8STRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_UTF8STRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_VISIBLESTRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_VISIBLESTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_VISIBLESTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASN1_bio_stream.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASN1_bio_stream.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASN1_bio_stream.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ASRange.3ssl.gz b/msys2/usr/share/man/man3/i2d_ASRange.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ASRange.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_AUTHORITY_INFO_ACCESS.3ssl.gz b/msys2/usr/share/man/man3/i2d_AUTHORITY_INFO_ACCESS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_AUTHORITY_INFO_ACCESS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_AUTHORITY_KEYID.3ssl.gz b/msys2/usr/share/man/man3/i2d_AUTHORITY_KEYID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_AUTHORITY_KEYID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_BASIC_CONSTRAINTS.3ssl.gz b/msys2/usr/share/man/man3/i2d_BASIC_CONSTRAINTS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_BASIC_CONSTRAINTS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_CERTIFICATEPOLICIES.3ssl.gz b/msys2/usr/share/man/man3/i2d_CERTIFICATEPOLICIES.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_CERTIFICATEPOLICIES.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_CMS_ContentInfo.3ssl.gz b/msys2/usr/share/man/man3/i2d_CMS_ContentInfo.3ssl.gz
index f1580dc0f..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_CMS_ContentInfo.3ssl.gz and b/msys2/usr/share/man/man3/i2d_CMS_ContentInfo.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_CMS_ReceiptRequest.3ssl.gz b/msys2/usr/share/man/man3/i2d_CMS_ReceiptRequest.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_CMS_ReceiptRequest.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_CMS_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_CMS_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_CMS_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_CMS_bio_stream.3ssl.gz b/msys2/usr/share/man/man3/i2d_CMS_bio_stream.3ssl.gz
index e7e9a2c92..2507b41d0 100644
Binary files a/msys2/usr/share/man/man3/i2d_CMS_bio_stream.3ssl.gz and b/msys2/usr/share/man/man3/i2d_CMS_bio_stream.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_CRL_DIST_POINTS.3ssl.gz b/msys2/usr/share/man/man3/i2d_CRL_DIST_POINTS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_CRL_DIST_POINTS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DHparams.3ssl.gz b/msys2/usr/share/man/man3/i2d_DHparams.3ssl.gz
index 878a8ffe3..3da122e8f 100644
Binary files a/msys2/usr/share/man/man3/i2d_DHparams.3ssl.gz and b/msys2/usr/share/man/man3/i2d_DHparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DHxparams.3ssl.gz b/msys2/usr/share/man/man3/i2d_DHxparams.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DHxparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DIRECTORYSTRING.3ssl.gz b/msys2/usr/share/man/man3/i2d_DIRECTORYSTRING.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DIRECTORYSTRING.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DISPLAYTEXT.3ssl.gz b/msys2/usr/share/man/man3/i2d_DISPLAYTEXT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DISPLAYTEXT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DIST_POINT.3ssl.gz b/msys2/usr/share/man/man3/i2d_DIST_POINT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DIST_POINT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DIST_POINT_NAME.3ssl.gz b/msys2/usr/share/man/man3/i2d_DIST_POINT_NAME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DIST_POINT_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSAPrivateKey.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_DSAPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/i2d_DSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSAPrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSAPrivateKey_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DSAPrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSAPrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSAPrivateKey_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DSAPrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSAPublicKey.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSAPublicKey.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_DSAPublicKey.3ssl.gz and b/msys2/usr/share/man/man3/i2d_DSAPublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSA_PUBKEY.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_DSA_PUBKEY.3ssl.gz and b/msys2/usr/share/man/man3/i2d_DSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSA_PUBKEY_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSA_PUBKEY_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DSA_PUBKEY_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSA_PUBKEY_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSA_PUBKEY_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_DSA_PUBKEY_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSA_SIG.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSA_SIG.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_DSA_SIG.3ssl.gz and b/msys2/usr/share/man/man3/i2d_DSA_SIG.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_DSAparams.3ssl.gz b/msys2/usr/share/man/man3/i2d_DSAparams.3ssl.gz
index 2931d7e00..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_DSAparams.3ssl.gz and b/msys2/usr/share/man/man3/i2d_DSAparams.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ECDSA_SIG.3ssl.gz b/msys2/usr/share/man/man3/i2d_ECDSA_SIG.3ssl.gz
index 6b4fa8993..20b845240 100644
Binary files a/msys2/usr/share/man/man3/i2d_ECDSA_SIG.3ssl.gz and b/msys2/usr/share/man/man3/i2d_ECDSA_SIG.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ECPKParameters.3ssl.gz b/msys2/usr/share/man/man3/i2d_ECPKParameters.3ssl.gz
index 8e3be2b34..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_ECPKParameters.3ssl.gz and b/msys2/usr/share/man/man3/i2d_ECPKParameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ECPKParameters_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_ECPKParameters_bio.3ssl.gz
deleted file mode 100644
index 8e3be2b34..000000000
Binary files a/msys2/usr/share/man/man3/i2d_ECPKParameters_bio.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/i2d_ECPKParameters_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_ECPKParameters_fp.3ssl.gz
deleted file mode 100644
index 8e3be2b34..000000000
Binary files a/msys2/usr/share/man/man3/i2d_ECPKParameters_fp.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/i2d_ECParameters.3ssl.gz b/msys2/usr/share/man/man3/i2d_ECParameters.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ECParameters.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ECPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/i2d_ECPrivateKey.3ssl.gz
index 729cf0474..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_ECPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/i2d_ECPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ECPrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_ECPrivateKey_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ECPrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ECPrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_ECPrivateKey_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ECPrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_EC_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/i2d_EC_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_EC_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_EC_PUBKEY_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_EC_PUBKEY_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_EC_PUBKEY_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_EC_PUBKEY_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_EC_PUBKEY_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_EC_PUBKEY_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_EDIPARTYNAME.3ssl.gz b/msys2/usr/share/man/man3/i2d_EDIPARTYNAME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_EDIPARTYNAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ESS_CERT_ID.3ssl.gz b/msys2/usr/share/man/man3/i2d_ESS_CERT_ID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ESS_CERT_ID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ESS_ISSUER_SERIAL.3ssl.gz b/msys2/usr/share/man/man3/i2d_ESS_ISSUER_SERIAL.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ESS_ISSUER_SERIAL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ESS_SIGNING_CERT.3ssl.gz b/msys2/usr/share/man/man3/i2d_ESS_SIGNING_CERT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ESS_SIGNING_CERT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_EXTENDED_KEY_USAGE.3ssl.gz b/msys2/usr/share/man/man3/i2d_EXTENDED_KEY_USAGE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_EXTENDED_KEY_USAGE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_GENERAL_NAME.3ssl.gz b/msys2/usr/share/man/man3/i2d_GENERAL_NAME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_GENERAL_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_GENERAL_NAMES.3ssl.gz b/msys2/usr/share/man/man3/i2d_GENERAL_NAMES.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_GENERAL_NAMES.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_IPAddressChoice.3ssl.gz b/msys2/usr/share/man/man3/i2d_IPAddressChoice.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_IPAddressChoice.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_IPAddressFamily.3ssl.gz b/msys2/usr/share/man/man3/i2d_IPAddressFamily.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_IPAddressFamily.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_IPAddressOrRange.3ssl.gz b/msys2/usr/share/man/man3/i2d_IPAddressOrRange.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_IPAddressOrRange.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_IPAddressRange.3ssl.gz b/msys2/usr/share/man/man3/i2d_IPAddressRange.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_IPAddressRange.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_ISSUING_DIST_POINT.3ssl.gz b/msys2/usr/share/man/man3/i2d_ISSUING_DIST_POINT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_ISSUING_DIST_POINT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_NAMING_AUTHORITY.3ssl.gz b/msys2/usr/share/man/man3/i2d_NAMING_AUTHORITY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_NAMING_AUTHORITY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_NETSCAPE_CERT_SEQUENCE.3ssl.gz b/msys2/usr/share/man/man3/i2d_NETSCAPE_CERT_SEQUENCE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_NETSCAPE_CERT_SEQUENCE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_NETSCAPE_SPKAC.3ssl.gz b/msys2/usr/share/man/man3/i2d_NETSCAPE_SPKAC.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_NETSCAPE_SPKAC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_NETSCAPE_SPKI.3ssl.gz b/msys2/usr/share/man/man3/i2d_NETSCAPE_SPKI.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_NETSCAPE_SPKI.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_NOTICEREF.3ssl.gz b/msys2/usr/share/man/man3/i2d_NOTICEREF.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_NOTICEREF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_Netscape_RSA.3ssl.gz b/msys2/usr/share/man/man3/i2d_Netscape_RSA.3ssl.gz
deleted file mode 100644
index f897a632d..000000000
Binary files a/msys2/usr/share/man/man3/i2d_Netscape_RSA.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_BASICRESP.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_BASICRESP.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_BASICRESP.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_CERTID.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_CERTID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_CERTID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_CERTSTATUS.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_CERTSTATUS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_CERTSTATUS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_CRLID.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_CRLID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_CRLID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_ONEREQ.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_ONEREQ.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_ONEREQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_REQINFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_REQINFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_REQINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_REQUEST.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_REQUEST.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_REQUEST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_RESPBYTES.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_RESPBYTES.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_RESPBYTES.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_RESPDATA.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_RESPDATA.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_RESPDATA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_RESPID.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_RESPID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_RESPID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_RESPONSE.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_RESPONSE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_RESPONSE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_REVOKEDINFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_REVOKEDINFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_REVOKEDINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_SERVICELOC.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_SERVICELOC.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_SERVICELOC.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_SIGNATURE.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_SIGNATURE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_SIGNATURE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OCSP_SINGLERESP.3ssl.gz b/msys2/usr/share/man/man3/i2d_OCSP_SINGLERESP.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OCSP_SINGLERESP.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_OTHERNAME.3ssl.gz b/msys2/usr/share/man/man3/i2d_OTHERNAME.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_OTHERNAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PBE2PARAM.3ssl.gz b/msys2/usr/share/man/man3/i2d_PBE2PARAM.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PBE2PARAM.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PBEPARAM.3ssl.gz b/msys2/usr/share/man/man3/i2d_PBEPARAM.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PBEPARAM.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PBKDF2PARAM.3ssl.gz b/msys2/usr/share/man/man3/i2d_PBKDF2PARAM.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PBKDF2PARAM.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS12.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS12.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS12.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS12_BAGS.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS12_BAGS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS12_BAGS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS12_MAC_DATA.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS12_MAC_DATA.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS12_MAC_DATA.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS12_SAFEBAG.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS12_SAFEBAG.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS12_SAFEBAG.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS12_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS12_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS12_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS12_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS12_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS12_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_DIGEST.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_DIGEST.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_DIGEST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_ENCRYPT.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_ENCRYPT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_ENCRYPT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_ENC_CONTENT.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_ENC_CONTENT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_ENC_CONTENT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_ENVELOPE.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_ENVELOPE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_ENVELOPE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_ISSUER_AND_SERIAL.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_ISSUER_AND_SERIAL.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_ISSUER_AND_SERIAL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_NDEF.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_NDEF.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_NDEF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_RECIP_INFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_RECIP_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_RECIP_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_SIGNED.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_SIGNED.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_SIGNED.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_SIGNER_INFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_SIGNER_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_SIGNER_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_SIGN_ENVELOPE.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_SIGN_ENVELOPE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_SIGN_ENVELOPE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_bio_stream.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_bio_stream.3ssl.gz
index b37a93704..1284475f3 100644
Binary files a/msys2/usr/share/man/man3/i2d_PKCS7_bio_stream.3ssl.gz and b/msys2/usr/share/man/man3/i2d_PKCS7_bio_stream.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS7_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS7_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS7_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKeyInfo_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKeyInfo_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKeyInfo_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKeyInfo_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKeyInfo_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKeyInfo_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_bio.3ssl.gz
index cfa004ee5..40072931a 100644
Binary files a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_bio.3ssl.gz and b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_fp.3ssl.gz
index cfa004ee5..40072931a 100644
Binary files a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_fp.3ssl.gz and b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_nid_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_nid_bio.3ssl.gz
index cfa004ee5..40072931a 100644
Binary files a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_nid_bio.3ssl.gz and b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_nid_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_nid_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_nid_fp.3ssl.gz
index cfa004ee5..40072931a 100644
Binary files a/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_nid_fp.3ssl.gz and b/msys2/usr/share/man/man3/i2d_PKCS8PrivateKey_nid_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS8_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKCS8_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKCS8_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKCS8_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PKEY_USAGE_PERIOD.3ssl.gz b/msys2/usr/share/man/man3/i2d_PKEY_USAGE_PERIOD.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PKEY_USAGE_PERIOD.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_POLICYINFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_POLICYINFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_POLICYINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_POLICYQUALINFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_POLICYQUALINFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_POLICYQUALINFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PROFESSION_INFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_PROFESSION_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PROFESSION_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PROXY_CERT_INFO_EXTENSION.3ssl.gz b/msys2/usr/share/man/man3/i2d_PROXY_CERT_INFO_EXTENSION.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PROXY_CERT_INFO_EXTENSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PROXY_POLICY.3ssl.gz b/msys2/usr/share/man/man3/i2d_PROXY_POLICY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PROXY_POLICY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/i2d_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PUBKEY_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_PUBKEY_bio.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PUBKEY_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PUBKEY_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_PUBKEY_fp.3ssl.gz
new file mode 100644
index 000000000..dfb0b3bc6
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PUBKEY_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PrivateKey.3ssl.gz b/msys2/usr/share/man/man3/i2d_PrivateKey.3ssl.gz
index cd2668212..76c4d940e 100644
Binary files a/msys2/usr/share/man/man3/i2d_PrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/i2d_PrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_PublicKey.3ssl.gz b/msys2/usr/share/man/man3/i2d_PublicKey.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_PublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSAPrivateKey.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSAPrivateKey.3ssl.gz
index f897a632d..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_RSAPrivateKey.3ssl.gz and b/msys2/usr/share/man/man3/i2d_RSAPrivateKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSAPrivateKey_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSAPrivateKey_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_RSAPrivateKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSAPrivateKey_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSAPrivateKey_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_RSAPrivateKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSAPublicKey.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSAPublicKey.3ssl.gz
index f897a632d..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_RSAPublicKey.3ssl.gz and b/msys2/usr/share/man/man3/i2d_RSAPublicKey.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSAPublicKey_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSAPublicKey_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_RSAPublicKey_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSAPublicKey_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSAPublicKey_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_RSAPublicKey_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSA_OAEP_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSA_OAEP_PARAMS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_RSA_OAEP_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSA_PSS_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSA_PSS_PARAMS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_RSA_PSS_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSA_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSA_PUBKEY.3ssl.gz
index f897a632d..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_RSA_PUBKEY.3ssl.gz and b/msys2/usr/share/man/man3/i2d_RSA_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSA_PUBKEY_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSA_PUBKEY_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_RSA_PUBKEY_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_RSA_PUBKEY_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_RSA_PUBKEY_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_RSA_PUBKEY_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_SCRYPT_PARAMS.3ssl.gz b/msys2/usr/share/man/man3/i2d_SCRYPT_PARAMS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_SCRYPT_PARAMS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_SCT_LIST.3ssl.gz b/msys2/usr/share/man/man3/i2d_SCT_LIST.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_SCT_LIST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_SSL_SESSION.3ssl.gz b/msys2/usr/share/man/man3/i2d_SSL_SESSION.3ssl.gz
index 3274fbee8..611243e7b 100644
Binary files a/msys2/usr/share/man/man3/i2d_SSL_SESSION.3ssl.gz and b/msys2/usr/share/man/man3/i2d_SSL_SESSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_SXNET.3ssl.gz b/msys2/usr/share/man/man3/i2d_SXNET.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_SXNET.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_SXNETID.3ssl.gz b/msys2/usr/share/man/man3/i2d_SXNETID.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_SXNETID.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_ACCURACY.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_ACCURACY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_ACCURACY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_MSG_IMPRINT_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_REQ.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_REQ.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_REQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_REQ_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_REQ_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_REQ_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_REQ_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_REQ_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_REQ_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_RESP.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_RESP.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_RESP.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_RESP_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_RESP_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_RESP_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_RESP_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_RESP_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_RESP_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_STATUS_INFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_STATUS_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_STATUS_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_TST_INFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_TST_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_TST_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_TST_INFO_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_TST_INFO_bio.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_TST_INFO_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_TS_TST_INFO_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_TS_TST_INFO_fp.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_TS_TST_INFO_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_USERNOTICE.3ssl.gz b/msys2/usr/share/man/man3/i2d_USERNOTICE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_USERNOTICE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509.3ssl.gz
index 3c943d447..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_ALGOR.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_ALGOR.3ssl.gz
index c4fb43090..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_ALGOR.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_ALGOR.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_ALGORS.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_ALGORS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_ALGORS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_ATTRIBUTE.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_ATTRIBUTE.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_ATTRIBUTE.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_AUX.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_AUX.3ssl.gz
new file mode 100644
index 000000000..d515492cb
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_AUX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_CERT_AUX.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_CERT_AUX.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_CERT_AUX.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_CINF.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_CINF.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_CINF.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_CRL.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_CRL.3ssl.gz
index 208b01eac..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_CRL.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_CRL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_CRL_INFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_CRL_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_CRL_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_CRL_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_CRL_bio.3ssl.gz
index 208b01eac..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_CRL_bio.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_CRL_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_CRL_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_CRL_fp.3ssl.gz
index 208b01eac..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_CRL_fp.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_CRL_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_EXTENSION.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_EXTENSION.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_EXTENSION.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_EXTENSIONS.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_EXTENSIONS.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_EXTENSIONS.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_NAME.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_NAME.3ssl.gz
index 8574a01d8..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_NAME.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_NAME.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_NAME_ENTRY.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_NAME_ENTRY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_NAME_ENTRY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_PUBKEY.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_PUBKEY.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_PUBKEY.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_REQ.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_REQ.3ssl.gz
index b36d068ed..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_REQ.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_REQ.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_REQ_INFO.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_REQ_INFO.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_REQ_INFO.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_REQ_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_REQ_bio.3ssl.gz
index b36d068ed..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_REQ_bio.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_REQ_bio.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_REQ_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_REQ_fp.3ssl.gz
index b36d068ed..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_REQ_fp.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_REQ_fp.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_REVOKED.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_REVOKED.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_REVOKED.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_SIG.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_SIG.3ssl.gz
index f321f5a63..69b77711d 100644
Binary files a/msys2/usr/share/man/man3/i2d_X509_SIG.3ssl.gz and b/msys2/usr/share/man/man3/i2d_X509_SIG.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_VAL.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_VAL.3ssl.gz
new file mode 100644
index 000000000..69b77711d
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_X509_VAL.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_bio.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_bio.3ssl.gz
deleted file mode 100644
index 3c943d447..000000000
Binary files a/msys2/usr/share/man/man3/i2d_X509_bio.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/i2d_X509_fp.3ssl.gz b/msys2/usr/share/man/man3/i2d_X509_fp.3ssl.gz
deleted file mode 100644
index 3c943d447..000000000
Binary files a/msys2/usr/share/man/man3/i2d_X509_fp.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/i2d_re_X509_CRL_tbs.3ssl.gz b/msys2/usr/share/man/man3/i2d_re_X509_CRL_tbs.3ssl.gz
new file mode 100644
index 000000000..d515492cb
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_re_X509_CRL_tbs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_re_X509_REQ_tbs.3ssl.gz b/msys2/usr/share/man/man3/i2d_re_X509_REQ_tbs.3ssl.gz
new file mode 100644
index 000000000..d515492cb
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_re_X509_REQ_tbs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2d_re_X509_tbs.3ssl.gz b/msys2/usr/share/man/man3/i2d_re_X509_tbs.3ssl.gz
new file mode 100644
index 000000000..d515492cb
Binary files /dev/null and b/msys2/usr/share/man/man3/i2d_re_X509_tbs.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2o_SCT.3ssl.gz b/msys2/usr/share/man/man3/i2o_SCT.3ssl.gz
new file mode 100644
index 000000000..a56b7775c
Binary files /dev/null and b/msys2/usr/share/man/man3/i2o_SCT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2o_SCT_LIST.3ssl.gz b/msys2/usr/share/man/man3/i2o_SCT_LIST.3ssl.gz
new file mode 100644
index 000000000..a56b7775c
Binary files /dev/null and b/msys2/usr/share/man/man3/i2o_SCT_LIST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/i2t_ASN1_OBJECT.3ssl.gz b/msys2/usr/share/man/man3/i2t_ASN1_OBJECT.3ssl.gz
new file mode 100644
index 000000000..4561bb1f2
Binary files /dev/null and b/msys2/usr/share/man/man3/i2t_ASN1_OBJECT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/idcok.3x.gz b/msys2/usr/share/man/man3/idcok.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/idcok.3x.gz and b/msys2/usr/share/man/man3/idcok.3x.gz differ
diff --git a/msys2/usr/share/man/man3/idlok.3x.gz b/msys2/usr/share/man/man3/idlok.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/idlok.3x.gz and b/msys2/usr/share/man/man3/idlok.3x.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_lookup_u8.3.gz b/msys2/usr/share/man/man3/idn2_lookup_u8.3.gz
index d818888d1..4989749d7 100644
Binary files a/msys2/usr/share/man/man3/idn2_lookup_u8.3.gz and b/msys2/usr/share/man/man3/idn2_lookup_u8.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_lookup_ul.3.gz b/msys2/usr/share/man/man3/idn2_lookup_ul.3.gz
index 483735324..9b9fc1b68 100644
Binary files a/msys2/usr/share/man/man3/idn2_lookup_ul.3.gz and b/msys2/usr/share/man/man3/idn2_lookup_ul.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_register_u8.3.gz b/msys2/usr/share/man/man3/idn2_register_u8.3.gz
index 19db5fe08..756f9a69e 100644
Binary files a/msys2/usr/share/man/man3/idn2_register_u8.3.gz and b/msys2/usr/share/man/man3/idn2_register_u8.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_register_ul.3.gz b/msys2/usr/share/man/man3/idn2_register_ul.3.gz
index a555a235b..1b0cc388d 100644
Binary files a/msys2/usr/share/man/man3/idn2_register_ul.3.gz and b/msys2/usr/share/man/man3/idn2_register_ul.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_strerror.3.gz b/msys2/usr/share/man/man3/idn2_strerror.3.gz
index cb1aa52e2..5654372cc 100644
Binary files a/msys2/usr/share/man/man3/idn2_strerror.3.gz and b/msys2/usr/share/man/man3/idn2_strerror.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_strerror_name.3.gz b/msys2/usr/share/man/man3/idn2_strerror_name.3.gz
index 4e061f01b..d17805fd7 100644
Binary files a/msys2/usr/share/man/man3/idn2_strerror_name.3.gz and b/msys2/usr/share/man/man3/idn2_strerror_name.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_ascii_4i.3.gz b/msys2/usr/share/man/man3/idn2_to_ascii_4i.3.gz
index 07ccb1516..93d9d003a 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_ascii_4i.3.gz and b/msys2/usr/share/man/man3/idn2_to_ascii_4i.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_ascii_4i2.3.gz b/msys2/usr/share/man/man3/idn2_to_ascii_4i2.3.gz
new file mode 100644
index 000000000..08c58ceb9
Binary files /dev/null and b/msys2/usr/share/man/man3/idn2_to_ascii_4i2.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_ascii_4z.3.gz b/msys2/usr/share/man/man3/idn2_to_ascii_4z.3.gz
index 233eab1f6..e72d2a564 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_ascii_4z.3.gz and b/msys2/usr/share/man/man3/idn2_to_ascii_4z.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_ascii_8z.3.gz b/msys2/usr/share/man/man3/idn2_to_ascii_8z.3.gz
index be124e097..b7606af63 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_ascii_8z.3.gz and b/msys2/usr/share/man/man3/idn2_to_ascii_8z.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_ascii_lz.3.gz b/msys2/usr/share/man/man3/idn2_to_ascii_lz.3.gz
index aab66e31e..7ecb6b024 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_ascii_lz.3.gz and b/msys2/usr/share/man/man3/idn2_to_ascii_lz.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_unicode_44i.3.gz b/msys2/usr/share/man/man3/idn2_to_unicode_44i.3.gz
index 464df51f4..a828fc91a 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_unicode_44i.3.gz and b/msys2/usr/share/man/man3/idn2_to_unicode_44i.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_unicode_4z4z.3.gz b/msys2/usr/share/man/man3/idn2_to_unicode_4z4z.3.gz
index a44ca7937..7dc51f2b7 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_unicode_4z4z.3.gz and b/msys2/usr/share/man/man3/idn2_to_unicode_4z4z.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_unicode_8z4z.3.gz b/msys2/usr/share/man/man3/idn2_to_unicode_8z4z.3.gz
index 3654333eb..8c8ac2529 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_unicode_8z4z.3.gz and b/msys2/usr/share/man/man3/idn2_to_unicode_8z4z.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_unicode_8z8z.3.gz b/msys2/usr/share/man/man3/idn2_to_unicode_8z8z.3.gz
index ac42ef0b2..a314ed1ae 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_unicode_8z8z.3.gz and b/msys2/usr/share/man/man3/idn2_to_unicode_8z8z.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_unicode_8zlz.3.gz b/msys2/usr/share/man/man3/idn2_to_unicode_8zlz.3.gz
index 045b8888d..3b72cd7f2 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_unicode_8zlz.3.gz and b/msys2/usr/share/man/man3/idn2_to_unicode_8zlz.3.gz differ
diff --git a/msys2/usr/share/man/man3/idn2_to_unicode_lzlz.3.gz b/msys2/usr/share/man/man3/idn2_to_unicode_lzlz.3.gz
index 4f319d632..1c5844ec6 100644
Binary files a/msys2/usr/share/man/man3/idn2_to_unicode_lzlz.3.gz and b/msys2/usr/share/man/man3/idn2_to_unicode_lzlz.3.gz differ
diff --git a/msys2/usr/share/man/man3/immedok.3x.gz b/msys2/usr/share/man/man3/immedok.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/immedok.3x.gz and b/msys2/usr/share/man/man3/immedok.3x.gz differ
diff --git a/msys2/usr/share/man/man3/in_wch.3x.gz b/msys2/usr/share/man/man3/in_wch.3x.gz
index b41bb3f93..924ba1f19 100644
Binary files a/msys2/usr/share/man/man3/in_wch.3x.gz and b/msys2/usr/share/man/man3/in_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/in_wchnstr.3x.gz b/msys2/usr/share/man/man3/in_wchnstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/in_wchnstr.3x.gz and b/msys2/usr/share/man/man3/in_wchnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/in_wchstr.3x.gz b/msys2/usr/share/man/man3/in_wchstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/in_wchstr.3x.gz and b/msys2/usr/share/man/man3/in_wchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/inch.3x.gz b/msys2/usr/share/man/man3/inch.3x.gz
index d05e54745..20db1f376 100644
Binary files a/msys2/usr/share/man/man3/inch.3x.gz and b/msys2/usr/share/man/man3/inch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/inchnstr.3x.gz b/msys2/usr/share/man/man3/inchnstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/inchnstr.3x.gz and b/msys2/usr/share/man/man3/inchnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/inchstr.3x.gz b/msys2/usr/share/man/man3/inchstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/inchstr.3x.gz and b/msys2/usr/share/man/man3/inchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/init_color.3x.gz b/msys2/usr/share/man/man3/init_color.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/init_color.3x.gz and b/msys2/usr/share/man/man3/init_color.3x.gz differ
diff --git a/msys2/usr/share/man/man3/init_extended_color.3x.gz b/msys2/usr/share/man/man3/init_extended_color.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/init_extended_color.3x.gz and b/msys2/usr/share/man/man3/init_extended_color.3x.gz differ
diff --git a/msys2/usr/share/man/man3/init_extended_pair.3x.gz b/msys2/usr/share/man/man3/init_extended_pair.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/init_extended_pair.3x.gz and b/msys2/usr/share/man/man3/init_extended_pair.3x.gz differ
diff --git a/msys2/usr/share/man/man3/init_pair.3x.gz b/msys2/usr/share/man/man3/init_pair.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/init_pair.3x.gz and b/msys2/usr/share/man/man3/init_pair.3x.gz differ
diff --git a/msys2/usr/share/man/man3/initscr.3x.gz b/msys2/usr/share/man/man3/initscr.3x.gz
index 175ffb36e..36f1b5781 100644
Binary files a/msys2/usr/share/man/man3/initscr.3x.gz and b/msys2/usr/share/man/man3/initscr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/innstr.3x.gz b/msys2/usr/share/man/man3/innstr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/innstr.3x.gz and b/msys2/usr/share/man/man3/innstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/innwstr.3x.gz b/msys2/usr/share/man/man3/innwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/innwstr.3x.gz and b/msys2/usr/share/man/man3/innwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/inplace.3am.gz b/msys2/usr/share/man/man3/inplace.3am.gz
index f6f7c4147..36b166043 100644
Binary files a/msys2/usr/share/man/man3/inplace.3am.gz and b/msys2/usr/share/man/man3/inplace.3am.gz differ
diff --git a/msys2/usr/share/man/man3/insch.3x.gz b/msys2/usr/share/man/man3/insch.3x.gz
index 103417d3f..37efb87eb 100644
Binary files a/msys2/usr/share/man/man3/insch.3x.gz and b/msys2/usr/share/man/man3/insch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/insdelln.3x.gz b/msys2/usr/share/man/man3/insdelln.3x.gz
index bf00f7e8a..9ef2f5321 100644
Binary files a/msys2/usr/share/man/man3/insdelln.3x.gz and b/msys2/usr/share/man/man3/insdelln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/insertln.3x.gz b/msys2/usr/share/man/man3/insertln.3x.gz
index bf00f7e8a..9ef2f5321 100644
Binary files a/msys2/usr/share/man/man3/insertln.3x.gz and b/msys2/usr/share/man/man3/insertln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/instr.3x.gz b/msys2/usr/share/man/man3/instr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/instr.3x.gz and b/msys2/usr/share/man/man3/instr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/intrflush.3x.gz b/msys2/usr/share/man/man3/intrflush.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/intrflush.3x.gz and b/msys2/usr/share/man/man3/intrflush.3x.gz differ
diff --git a/msys2/usr/share/man/man3/inwstr.3x.gz b/msys2/usr/share/man/man3/inwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/inwstr.3x.gz and b/msys2/usr/share/man/man3/inwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/is_linetouched.3x.gz b/msys2/usr/share/man/man3/is_linetouched.3x.gz
index 1041376b9..9eb226143 100644
Binary files a/msys2/usr/share/man/man3/is_linetouched.3x.gz and b/msys2/usr/share/man/man3/is_linetouched.3x.gz differ
diff --git a/msys2/usr/share/man/man3/is_term_resized.3x.gz b/msys2/usr/share/man/man3/is_term_resized.3x.gz
index bf1e4ebe5..30d71d599 100644
Binary files a/msys2/usr/share/man/man3/is_term_resized.3x.gz and b/msys2/usr/share/man/man3/is_term_resized.3x.gz differ
diff --git a/msys2/usr/share/man/man3/is_wintouched.3x.gz b/msys2/usr/share/man/man3/is_wintouched.3x.gz
index 1041376b9..9eb226143 100644
Binary files a/msys2/usr/share/man/man3/is_wintouched.3x.gz and b/msys2/usr/share/man/man3/is_wintouched.3x.gz differ
diff --git a/msys2/usr/share/man/man3/isendwin.3x.gz b/msys2/usr/share/man/man3/isendwin.3x.gz
index 175ffb36e..36f1b5781 100644
Binary files a/msys2/usr/share/man/man3/isendwin.3x.gz and b/msys2/usr/share/man/man3/isendwin.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_count.3x.gz b/msys2/usr/share/man/man3/item_count.3x.gz
index 1e04f66f4..f3f6563fd 100644
Binary files a/msys2/usr/share/man/man3/item_count.3x.gz and b/msys2/usr/share/man/man3/item_count.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_description.3x.gz b/msys2/usr/share/man/man3/item_description.3x.gz
index ecfd16524..885d9cdfa 100644
Binary files a/msys2/usr/share/man/man3/item_description.3x.gz and b/msys2/usr/share/man/man3/item_description.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_index.3x.gz b/msys2/usr/share/man/man3/item_index.3x.gz
index b006d2869..66c4e3957 100644
Binary files a/msys2/usr/share/man/man3/item_index.3x.gz and b/msys2/usr/share/man/man3/item_index.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_init.3x.gz b/msys2/usr/share/man/man3/item_init.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/item_init.3x.gz and b/msys2/usr/share/man/man3/item_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_name.3x.gz b/msys2/usr/share/man/man3/item_name.3x.gz
index ecfd16524..885d9cdfa 100644
Binary files a/msys2/usr/share/man/man3/item_name.3x.gz and b/msys2/usr/share/man/man3/item_name.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_opts.3x.gz b/msys2/usr/share/man/man3/item_opts.3x.gz
index e5268c807..2af898879 100644
Binary files a/msys2/usr/share/man/man3/item_opts.3x.gz and b/msys2/usr/share/man/man3/item_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_opts_off.3x.gz b/msys2/usr/share/man/man3/item_opts_off.3x.gz
index e5268c807..2af898879 100644
Binary files a/msys2/usr/share/man/man3/item_opts_off.3x.gz and b/msys2/usr/share/man/man3/item_opts_off.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_opts_on.3x.gz b/msys2/usr/share/man/man3/item_opts_on.3x.gz
index e5268c807..2af898879 100644
Binary files a/msys2/usr/share/man/man3/item_opts_on.3x.gz and b/msys2/usr/share/man/man3/item_opts_on.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_term.3x.gz b/msys2/usr/share/man/man3/item_term.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/item_term.3x.gz and b/msys2/usr/share/man/man3/item_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_userptr.3x.gz b/msys2/usr/share/man/man3/item_userptr.3x.gz
index a1085dbeb..06201c70f 100644
Binary files a/msys2/usr/share/man/man3/item_userptr.3x.gz and b/msys2/usr/share/man/man3/item_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_value.3x.gz b/msys2/usr/share/man/man3/item_value.3x.gz
index e4eeeedb6..b5f18cb1f 100644
Binary files a/msys2/usr/share/man/man3/item_value.3x.gz and b/msys2/usr/share/man/man3/item_value.3x.gz differ
diff --git a/msys2/usr/share/man/man3/item_visible.3x.gz b/msys2/usr/share/man/man3/item_visible.3x.gz
index 4f42432e4..a38d88818 100644
Binary files a/msys2/usr/share/man/man3/item_visible.3x.gz and b/msys2/usr/share/man/man3/item_visible.3x.gz differ
diff --git a/msys2/usr/share/man/man3/key_defined.3x.gz b/msys2/usr/share/man/man3/key_defined.3x.gz
index 7299bb542..628c82724 100644
Binary files a/msys2/usr/share/man/man3/key_defined.3x.gz and b/msys2/usr/share/man/man3/key_defined.3x.gz differ
diff --git a/msys2/usr/share/man/man3/key_name.3x.gz b/msys2/usr/share/man/man3/key_name.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/key_name.3x.gz and b/msys2/usr/share/man/man3/key_name.3x.gz differ
diff --git a/msys2/usr/share/man/man3/keybound.3x.gz b/msys2/usr/share/man/man3/keybound.3x.gz
index ea284a3d4..731d1b9f2 100644
Binary files a/msys2/usr/share/man/man3/keybound.3x.gz and b/msys2/usr/share/man/man3/keybound.3x.gz differ
diff --git a/msys2/usr/share/man/man3/keyname.3x.gz b/msys2/usr/share/man/man3/keyname.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/keyname.3x.gz and b/msys2/usr/share/man/man3/keyname.3x.gz differ
diff --git a/msys2/usr/share/man/man3/keyok.3x.gz b/msys2/usr/share/man/man3/keyok.3x.gz
index ce8737e3c..eb0cb7967 100644
Binary files a/msys2/usr/share/man/man3/keyok.3x.gz and b/msys2/usr/share/man/man3/keyok.3x.gz differ
diff --git a/msys2/usr/share/man/man3/keypad.3x.gz b/msys2/usr/share/man/man3/keypad.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/keypad.3x.gz and b/msys2/usr/share/man/man3/keypad.3x.gz differ
diff --git a/msys2/usr/share/man/man3/killchar.3x.gz b/msys2/usr/share/man/man3/killchar.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/killchar.3x.gz and b/msys2/usr/share/man/man3/killchar.3x.gz differ
diff --git a/msys2/usr/share/man/man3/killwchar.3x.gz b/msys2/usr/share/man/man3/killwchar.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/killwchar.3x.gz and b/msys2/usr/share/man/man3/killwchar.3x.gz differ
diff --git a/msys2/usr/share/man/man3/leaveok.3x.gz b/msys2/usr/share/man/man3/leaveok.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/leaveok.3x.gz and b/msys2/usr/share/man/man3/leaveok.3x.gz differ
diff --git a/msys2/usr/share/man/man3/lh_TYPE_delete.3ssl.gz b/msys2/usr/share/man/man3/lh_TYPE_delete.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/lh_TYPE_delete.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/lh_TYPE_doall.3ssl.gz b/msys2/usr/share/man/man3/lh_TYPE_doall.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/lh_TYPE_doall.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/lh_TYPE_doall_arg.3ssl.gz b/msys2/usr/share/man/man3/lh_TYPE_doall_arg.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/lh_TYPE_doall_arg.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/lh_TYPE_error.3ssl.gz b/msys2/usr/share/man/man3/lh_TYPE_error.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/lh_TYPE_error.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/lh_TYPE_free.3ssl.gz b/msys2/usr/share/man/man3/lh_TYPE_free.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/lh_TYPE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/lh_TYPE_insert.3ssl.gz b/msys2/usr/share/man/man3/lh_TYPE_insert.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/lh_TYPE_insert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/lh_TYPE_new.3ssl.gz b/msys2/usr/share/man/man3/lh_TYPE_new.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/lh_TYPE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/lh_TYPE_retrieve.3ssl.gz b/msys2/usr/share/man/man3/lh_TYPE_retrieve.3ssl.gz
new file mode 100644
index 000000000..4352f6c7f
Binary files /dev/null and b/msys2/usr/share/man/man3/lh_TYPE_retrieve.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/lh_delete.3ssl.gz b/msys2/usr/share/man/man3/lh_delete.3ssl.gz
deleted file mode 100644
index 878c21773..000000000
Binary files a/msys2/usr/share/man/man3/lh_delete.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_doall.3ssl.gz b/msys2/usr/share/man/man3/lh_doall.3ssl.gz
deleted file mode 100644
index 878c21773..000000000
Binary files a/msys2/usr/share/man/man3/lh_doall.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_doall_arg.3ssl.gz b/msys2/usr/share/man/man3/lh_doall_arg.3ssl.gz
deleted file mode 100644
index 878c21773..000000000
Binary files a/msys2/usr/share/man/man3/lh_doall_arg.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_error.3ssl.gz b/msys2/usr/share/man/man3/lh_error.3ssl.gz
deleted file mode 100644
index 878c21773..000000000
Binary files a/msys2/usr/share/man/man3/lh_error.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_free.3ssl.gz b/msys2/usr/share/man/man3/lh_free.3ssl.gz
deleted file mode 100644
index 878c21773..000000000
Binary files a/msys2/usr/share/man/man3/lh_free.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_insert.3ssl.gz b/msys2/usr/share/man/man3/lh_insert.3ssl.gz
deleted file mode 100644
index 878c21773..000000000
Binary files a/msys2/usr/share/man/man3/lh_insert.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_new.3ssl.gz b/msys2/usr/share/man/man3/lh_new.3ssl.gz
deleted file mode 100644
index 878c21773..000000000
Binary files a/msys2/usr/share/man/man3/lh_new.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_node_stats.3ssl.gz b/msys2/usr/share/man/man3/lh_node_stats.3ssl.gz
deleted file mode 100644
index 71167bf5c..000000000
Binary files a/msys2/usr/share/man/man3/lh_node_stats.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_node_stats_bio.3ssl.gz b/msys2/usr/share/man/man3/lh_node_stats_bio.3ssl.gz
deleted file mode 100644
index 71167bf5c..000000000
Binary files a/msys2/usr/share/man/man3/lh_node_stats_bio.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_node_usage_stats.3ssl.gz b/msys2/usr/share/man/man3/lh_node_usage_stats.3ssl.gz
deleted file mode 100644
index 71167bf5c..000000000
Binary files a/msys2/usr/share/man/man3/lh_node_usage_stats.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_node_usage_stats_bio.3ssl.gz b/msys2/usr/share/man/man3/lh_node_usage_stats_bio.3ssl.gz
deleted file mode 100644
index 71167bf5c..000000000
Binary files a/msys2/usr/share/man/man3/lh_node_usage_stats_bio.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_retrieve.3ssl.gz b/msys2/usr/share/man/man3/lh_retrieve.3ssl.gz
deleted file mode 100644
index 878c21773..000000000
Binary files a/msys2/usr/share/man/man3/lh_retrieve.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_stats.3ssl.gz b/msys2/usr/share/man/man3/lh_stats.3ssl.gz
deleted file mode 100644
index 71167bf5c..000000000
Binary files a/msys2/usr/share/man/man3/lh_stats.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lh_stats_bio.3ssl.gz b/msys2/usr/share/man/man3/lh_stats_bio.3ssl.gz
deleted file mode 100644
index 71167bf5c..000000000
Binary files a/msys2/usr/share/man/man3/lh_stats_bio.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/lhash.3ssl.gz b/msys2/usr/share/man/man3/lhash.3ssl.gz
index 878c21773..4352f6c7f 100644
Binary files a/msys2/usr/share/man/man3/lhash.3ssl.gz and b/msys2/usr/share/man/man3/lhash.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/libalpm.3.gz b/msys2/usr/share/man/man3/libalpm.3.gz
index 97f3d6b42..daea85404 100644
Binary files a/msys2/usr/share/man/man3/libalpm.3.gz and b/msys2/usr/share/man/man3/libalpm.3.gz differ
diff --git a/msys2/usr/share/man/man3/libblkid.3.gz b/msys2/usr/share/man/man3/libblkid.3.gz
index 143759348..9aeeceabc 100644
Binary files a/msys2/usr/share/man/man3/libblkid.3.gz and b/msys2/usr/share/man/man3/libblkid.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-easy.3.gz b/msys2/usr/share/man/man3/libcurl-easy.3.gz
index dd9e178b7..0e0fc2e2c 100644
Binary files a/msys2/usr/share/man/man3/libcurl-easy.3.gz and b/msys2/usr/share/man/man3/libcurl-easy.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-env.3.gz b/msys2/usr/share/man/man3/libcurl-env.3.gz
index c8c6c6da6..8bc0ad415 100644
Binary files a/msys2/usr/share/man/man3/libcurl-env.3.gz and b/msys2/usr/share/man/man3/libcurl-env.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-errors.3.gz b/msys2/usr/share/man/man3/libcurl-errors.3.gz
index 9e268c5fe..4a49285b4 100644
Binary files a/msys2/usr/share/man/man3/libcurl-errors.3.gz and b/msys2/usr/share/man/man3/libcurl-errors.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-multi.3.gz b/msys2/usr/share/man/man3/libcurl-multi.3.gz
index 8ef101721..51d89768b 100644
Binary files a/msys2/usr/share/man/man3/libcurl-multi.3.gz and b/msys2/usr/share/man/man3/libcurl-multi.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-security.3.gz b/msys2/usr/share/man/man3/libcurl-security.3.gz
new file mode 100644
index 000000000..756f5a13b
Binary files /dev/null and b/msys2/usr/share/man/man3/libcurl-security.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-share.3.gz b/msys2/usr/share/man/man3/libcurl-share.3.gz
index 1e6831918..da44646fc 100644
Binary files a/msys2/usr/share/man/man3/libcurl-share.3.gz and b/msys2/usr/share/man/man3/libcurl-share.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-symbols.3.gz b/msys2/usr/share/man/man3/libcurl-symbols.3.gz
index 92a64e497..d5cd0ce78 100644
Binary files a/msys2/usr/share/man/man3/libcurl-symbols.3.gz and b/msys2/usr/share/man/man3/libcurl-symbols.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-thread.3.gz b/msys2/usr/share/man/man3/libcurl-thread.3.gz
index 12350643c..b4281e393 100644
Binary files a/msys2/usr/share/man/man3/libcurl-thread.3.gz and b/msys2/usr/share/man/man3/libcurl-thread.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-tutorial.3.gz b/msys2/usr/share/man/man3/libcurl-tutorial.3.gz
index ae3416ce1..4a0f5a0b3 100644
Binary files a/msys2/usr/share/man/man3/libcurl-tutorial.3.gz and b/msys2/usr/share/man/man3/libcurl-tutorial.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl-url.3.gz b/msys2/usr/share/man/man3/libcurl-url.3.gz
new file mode 100644
index 000000000..9365b5b01
Binary files /dev/null and b/msys2/usr/share/man/man3/libcurl-url.3.gz differ
diff --git a/msys2/usr/share/man/man3/libcurl.3.gz b/msys2/usr/share/man/man3/libcurl.3.gz
index fe0c2d548..967f364b2 100644
Binary files a/msys2/usr/share/man/man3/libcurl.3.gz and b/msys2/usr/share/man/man3/libcurl.3.gz differ
diff --git a/msys2/usr/share/man/man3/libmagic.3.gz b/msys2/usr/share/man/man3/libmagic.3.gz
index 82ce2b5fc..3394b01b8 100644
Binary files a/msys2/usr/share/man/man3/libmagic.3.gz and b/msys2/usr/share/man/man3/libmagic.3.gz differ
diff --git a/msys2/usr/share/man/man3/link_field.3x.gz b/msys2/usr/share/man/man3/link_field.3x.gz
index b9a9a240f..2f6e4748e 100644
Binary files a/msys2/usr/share/man/man3/link_field.3x.gz and b/msys2/usr/share/man/man3/link_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/link_fieldtype.3x.gz b/msys2/usr/share/man/man3/link_fieldtype.3x.gz
index e57648415..f9ae36c34 100644
Binary files a/msys2/usr/share/man/man3/link_fieldtype.3x.gz and b/msys2/usr/share/man/man3/link_fieldtype.3x.gz differ
diff --git a/msys2/usr/share/man/man3/longname.3x.gz b/msys2/usr/share/man/man3/longname.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/longname.3x.gz and b/msys2/usr/share/man/man3/longname.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mcprint.3x.gz b/msys2/usr/share/man/man3/mcprint.3x.gz
index 9246380ba..63efc8221 100644
Binary files a/msys2/usr/share/man/man3/mcprint.3x.gz and b/msys2/usr/share/man/man3/mcprint.3x.gz differ
diff --git a/msys2/usr/share/man/man3/md5_context.3.gz b/msys2/usr/share/man/man3/md5_context.3.gz
deleted file mode 100644
index f7baf6a8f..000000000
Binary files a/msys2/usr/share/man/man3/md5_context.3.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/menu.3x.gz b/msys2/usr/share/man/man3/menu.3x.gz
index 8594ee453..b88c5df32 100644
Binary files a/msys2/usr/share/man/man3/menu.3x.gz and b/msys2/usr/share/man/man3/menu.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_attributes.3x.gz b/msys2/usr/share/man/man3/menu_attributes.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/menu_attributes.3x.gz and b/msys2/usr/share/man/man3/menu_attributes.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_back.3x.gz b/msys2/usr/share/man/man3/menu_back.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/menu_back.3x.gz and b/msys2/usr/share/man/man3/menu_back.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_cursor.3x.gz b/msys2/usr/share/man/man3/menu_cursor.3x.gz
index 2c3220e36..c32f57c8b 100644
Binary files a/msys2/usr/share/man/man3/menu_cursor.3x.gz and b/msys2/usr/share/man/man3/menu_cursor.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_driver.3x.gz b/msys2/usr/share/man/man3/menu_driver.3x.gz
index 5abaf440a..4f323f1a7 100644
Binary files a/msys2/usr/share/man/man3/menu_driver.3x.gz and b/msys2/usr/share/man/man3/menu_driver.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_fore.3x.gz b/msys2/usr/share/man/man3/menu_fore.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/menu_fore.3x.gz and b/msys2/usr/share/man/man3/menu_fore.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_format.3x.gz b/msys2/usr/share/man/man3/menu_format.3x.gz
index bf22b9f20..766bdc0bf 100644
Binary files a/msys2/usr/share/man/man3/menu_format.3x.gz and b/msys2/usr/share/man/man3/menu_format.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_grey.3x.gz b/msys2/usr/share/man/man3/menu_grey.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/menu_grey.3x.gz and b/msys2/usr/share/man/man3/menu_grey.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_hook.3x.gz b/msys2/usr/share/man/man3/menu_hook.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/menu_hook.3x.gz and b/msys2/usr/share/man/man3/menu_hook.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_init.3x.gz b/msys2/usr/share/man/man3/menu_init.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/menu_init.3x.gz and b/msys2/usr/share/man/man3/menu_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_items.3x.gz b/msys2/usr/share/man/man3/menu_items.3x.gz
index 1e04f66f4..f3f6563fd 100644
Binary files a/msys2/usr/share/man/man3/menu_items.3x.gz and b/msys2/usr/share/man/man3/menu_items.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_mark.3x.gz b/msys2/usr/share/man/man3/menu_mark.3x.gz
index 732f7c4b7..9b4e9746b 100644
Binary files a/msys2/usr/share/man/man3/menu_mark.3x.gz and b/msys2/usr/share/man/man3/menu_mark.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_new.3x.gz b/msys2/usr/share/man/man3/menu_new.3x.gz
index 9f39a3d01..a0a13de9c 100644
Binary files a/msys2/usr/share/man/man3/menu_new.3x.gz and b/msys2/usr/share/man/man3/menu_new.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_opts.3x.gz b/msys2/usr/share/man/man3/menu_opts.3x.gz
index 3b0884151..d74152bf5 100644
Binary files a/msys2/usr/share/man/man3/menu_opts.3x.gz and b/msys2/usr/share/man/man3/menu_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_opts_off.3x.gz b/msys2/usr/share/man/man3/menu_opts_off.3x.gz
index 3b0884151..d74152bf5 100644
Binary files a/msys2/usr/share/man/man3/menu_opts_off.3x.gz and b/msys2/usr/share/man/man3/menu_opts_off.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_opts_on.3x.gz b/msys2/usr/share/man/man3/menu_opts_on.3x.gz
index 3b0884151..d74152bf5 100644
Binary files a/msys2/usr/share/man/man3/menu_opts_on.3x.gz and b/msys2/usr/share/man/man3/menu_opts_on.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_pad.3x.gz b/msys2/usr/share/man/man3/menu_pad.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/menu_pad.3x.gz and b/msys2/usr/share/man/man3/menu_pad.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_pattern.3x.gz b/msys2/usr/share/man/man3/menu_pattern.3x.gz
index a7e388761..ca15c1062 100644
Binary files a/msys2/usr/share/man/man3/menu_pattern.3x.gz and b/msys2/usr/share/man/man3/menu_pattern.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_post.3x.gz b/msys2/usr/share/man/man3/menu_post.3x.gz
index a6d90bff3..05b7af4f5 100644
Binary files a/msys2/usr/share/man/man3/menu_post.3x.gz and b/msys2/usr/share/man/man3/menu_post.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_request_by_name.3x.gz b/msys2/usr/share/man/man3/menu_request_by_name.3x.gz
index 1f8fc7722..cec1d0353 100644
Binary files a/msys2/usr/share/man/man3/menu_request_by_name.3x.gz and b/msys2/usr/share/man/man3/menu_request_by_name.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_request_name.3x.gz b/msys2/usr/share/man/man3/menu_request_name.3x.gz
index 1f8fc7722..cec1d0353 100644
Binary files a/msys2/usr/share/man/man3/menu_request_name.3x.gz and b/msys2/usr/share/man/man3/menu_request_name.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_requestname.3x.gz b/msys2/usr/share/man/man3/menu_requestname.3x.gz
index 1f8fc7722..cec1d0353 100644
Binary files a/msys2/usr/share/man/man3/menu_requestname.3x.gz and b/msys2/usr/share/man/man3/menu_requestname.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_spacing.3x.gz b/msys2/usr/share/man/man3/menu_spacing.3x.gz
index fb888a7ba..aa98488db 100644
Binary files a/msys2/usr/share/man/man3/menu_spacing.3x.gz and b/msys2/usr/share/man/man3/menu_spacing.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_sub.3x.gz b/msys2/usr/share/man/man3/menu_sub.3x.gz
index 85a014e50..78978732f 100644
Binary files a/msys2/usr/share/man/man3/menu_sub.3x.gz and b/msys2/usr/share/man/man3/menu_sub.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_term.3x.gz b/msys2/usr/share/man/man3/menu_term.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/menu_term.3x.gz and b/msys2/usr/share/man/man3/menu_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_userptr.3x.gz b/msys2/usr/share/man/man3/menu_userptr.3x.gz
index 89e2bcda3..7ea574f1d 100644
Binary files a/msys2/usr/share/man/man3/menu_userptr.3x.gz and b/msys2/usr/share/man/man3/menu_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/menu_win.3x.gz b/msys2/usr/share/man/man3/menu_win.3x.gz
index 85a014e50..78978732f 100644
Binary files a/msys2/usr/share/man/man3/menu_win.3x.gz and b/msys2/usr/share/man/man3/menu_win.3x.gz differ
diff --git a/msys2/usr/share/man/man3/meta.3x.gz b/msys2/usr/share/man/man3/meta.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/meta.3x.gz and b/msys2/usr/share/man/man3/meta.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mitem_current.3x.gz b/msys2/usr/share/man/man3/mitem_current.3x.gz
index b006d2869..66c4e3957 100644
Binary files a/msys2/usr/share/man/man3/mitem_current.3x.gz and b/msys2/usr/share/man/man3/mitem_current.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mitem_name.3x.gz b/msys2/usr/share/man/man3/mitem_name.3x.gz
index ecfd16524..885d9cdfa 100644
Binary files a/msys2/usr/share/man/man3/mitem_name.3x.gz and b/msys2/usr/share/man/man3/mitem_name.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mitem_new.3x.gz b/msys2/usr/share/man/man3/mitem_new.3x.gz
index 901b51105..ac4cee226 100644
Binary files a/msys2/usr/share/man/man3/mitem_new.3x.gz and b/msys2/usr/share/man/man3/mitem_new.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mitem_opts.3x.gz b/msys2/usr/share/man/man3/mitem_opts.3x.gz
index e5268c807..2af898879 100644
Binary files a/msys2/usr/share/man/man3/mitem_opts.3x.gz and b/msys2/usr/share/man/man3/mitem_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mitem_userptr.3x.gz b/msys2/usr/share/man/man3/mitem_userptr.3x.gz
index a1085dbeb..06201c70f 100644
Binary files a/msys2/usr/share/man/man3/mitem_userptr.3x.gz and b/msys2/usr/share/man/man3/mitem_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mitem_value.3x.gz b/msys2/usr/share/man/man3/mitem_value.3x.gz
index e4eeeedb6..b5f18cb1f 100644
Binary files a/msys2/usr/share/man/man3/mitem_value.3x.gz and b/msys2/usr/share/man/man3/mitem_value.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mitem_visible.3x.gz b/msys2/usr/share/man/man3/mitem_visible.3x.gz
index 4f42432e4..a38d88818 100644
Binary files a/msys2/usr/share/man/man3/mitem_visible.3x.gz and b/msys2/usr/share/man/man3/mitem_visible.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mouse_trafo.3x.gz b/msys2/usr/share/man/man3/mouse_trafo.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/mouse_trafo.3x.gz and b/msys2/usr/share/man/man3/mouse_trafo.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mouseinterval.3x.gz b/msys2/usr/share/man/man3/mouseinterval.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/mouseinterval.3x.gz and b/msys2/usr/share/man/man3/mouseinterval.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mousemask.3x.gz b/msys2/usr/share/man/man3/mousemask.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/mousemask.3x.gz and b/msys2/usr/share/man/man3/mousemask.3x.gz differ
diff --git a/msys2/usr/share/man/man3/move.3x.gz b/msys2/usr/share/man/man3/move.3x.gz
index f454e7a39..df34bee7c 100644
Binary files a/msys2/usr/share/man/man3/move.3x.gz and b/msys2/usr/share/man/man3/move.3x.gz differ
diff --git a/msys2/usr/share/man/man3/move_field.3x.gz b/msys2/usr/share/man/man3/move_field.3x.gz
index c925e242f..db96bac3e 100644
Binary files a/msys2/usr/share/man/man3/move_field.3x.gz and b/msys2/usr/share/man/man3/move_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/move_panel.3x.gz b/msys2/usr/share/man/man3/move_panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/move_panel.3x.gz and b/msys2/usr/share/man/man3/move_panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvaddch.3x.gz b/msys2/usr/share/man/man3/mvaddch.3x.gz
index 9380c711b..7222e4e58 100644
Binary files a/msys2/usr/share/man/man3/mvaddch.3x.gz and b/msys2/usr/share/man/man3/mvaddch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvchgat.3x.gz b/msys2/usr/share/man/man3/mvchgat.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/mvchgat.3x.gz and b/msys2/usr/share/man/man3/mvchgat.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvcur.3x.gz b/msys2/usr/share/man/man3/mvcur.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/mvcur.3x.gz and b/msys2/usr/share/man/man3/mvcur.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvdelch.3x.gz b/msys2/usr/share/man/man3/mvdelch.3x.gz
index b3d30bdeb..73bf9762a 100644
Binary files a/msys2/usr/share/man/man3/mvdelch.3x.gz and b/msys2/usr/share/man/man3/mvdelch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvget_wch.3x.gz b/msys2/usr/share/man/man3/mvget_wch.3x.gz
index 0df737a7d..e76d981a0 100644
Binary files a/msys2/usr/share/man/man3/mvget_wch.3x.gz and b/msys2/usr/share/man/man3/mvget_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvget_wstr.3x.gz b/msys2/usr/share/man/man3/mvget_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/mvget_wstr.3x.gz and b/msys2/usr/share/man/man3/mvget_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvgetch.3x.gz b/msys2/usr/share/man/man3/mvgetch.3x.gz
index e5538d65e..249c9cb35 100644
Binary files a/msys2/usr/share/man/man3/mvgetch.3x.gz and b/msys2/usr/share/man/man3/mvgetch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvgetn_wstr.3x.gz b/msys2/usr/share/man/man3/mvgetn_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/mvgetn_wstr.3x.gz and b/msys2/usr/share/man/man3/mvgetn_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvgetnstr.3x.gz b/msys2/usr/share/man/man3/mvgetnstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/mvgetnstr.3x.gz and b/msys2/usr/share/man/man3/mvgetnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvgetstr.3x.gz b/msys2/usr/share/man/man3/mvgetstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/mvgetstr.3x.gz and b/msys2/usr/share/man/man3/mvgetstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvhline.3x.gz b/msys2/usr/share/man/man3/mvhline.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/mvhline.3x.gz and b/msys2/usr/share/man/man3/mvhline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvin_wch.3x.gz b/msys2/usr/share/man/man3/mvin_wch.3x.gz
index b41bb3f93..924ba1f19 100644
Binary files a/msys2/usr/share/man/man3/mvin_wch.3x.gz and b/msys2/usr/share/man/man3/mvin_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvin_wchnstr.3x.gz b/msys2/usr/share/man/man3/mvin_wchnstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/mvin_wchnstr.3x.gz and b/msys2/usr/share/man/man3/mvin_wchnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvin_wchstr.3x.gz b/msys2/usr/share/man/man3/mvin_wchstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/mvin_wchstr.3x.gz and b/msys2/usr/share/man/man3/mvin_wchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvinch.3x.gz b/msys2/usr/share/man/man3/mvinch.3x.gz
index d05e54745..20db1f376 100644
Binary files a/msys2/usr/share/man/man3/mvinch.3x.gz and b/msys2/usr/share/man/man3/mvinch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvinchnstr.3x.gz b/msys2/usr/share/man/man3/mvinchnstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/mvinchnstr.3x.gz and b/msys2/usr/share/man/man3/mvinchnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvinchstr.3x.gz b/msys2/usr/share/man/man3/mvinchstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/mvinchstr.3x.gz and b/msys2/usr/share/man/man3/mvinchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvinnstr.3x.gz b/msys2/usr/share/man/man3/mvinnstr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/mvinnstr.3x.gz and b/msys2/usr/share/man/man3/mvinnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvinnwstr.3x.gz b/msys2/usr/share/man/man3/mvinnwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/mvinnwstr.3x.gz and b/msys2/usr/share/man/man3/mvinnwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvinsch.3x.gz b/msys2/usr/share/man/man3/mvinsch.3x.gz
index 103417d3f..37efb87eb 100644
Binary files a/msys2/usr/share/man/man3/mvinsch.3x.gz and b/msys2/usr/share/man/man3/mvinsch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvinstr.3x.gz b/msys2/usr/share/man/man3/mvinstr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/mvinstr.3x.gz and b/msys2/usr/share/man/man3/mvinstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvinwstr.3x.gz b/msys2/usr/share/man/man3/mvinwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/mvinwstr.3x.gz and b/msys2/usr/share/man/man3/mvinwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvprintw.3x.gz b/msys2/usr/share/man/man3/mvprintw.3x.gz
index df4fa0b56..22aaed139 100644
Binary files a/msys2/usr/share/man/man3/mvprintw.3x.gz and b/msys2/usr/share/man/man3/mvprintw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvscanw.3x.gz b/msys2/usr/share/man/man3/mvscanw.3x.gz
index 7455dd6e2..024031d5b 100644
Binary files a/msys2/usr/share/man/man3/mvscanw.3x.gz and b/msys2/usr/share/man/man3/mvscanw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvvline.3x.gz b/msys2/usr/share/man/man3/mvvline.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/mvvline.3x.gz and b/msys2/usr/share/man/man3/mvvline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwaddch.3x.gz b/msys2/usr/share/man/man3/mvwaddch.3x.gz
index 9380c711b..7222e4e58 100644
Binary files a/msys2/usr/share/man/man3/mvwaddch.3x.gz and b/msys2/usr/share/man/man3/mvwaddch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwchgat.3x.gz b/msys2/usr/share/man/man3/mvwchgat.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/mvwchgat.3x.gz and b/msys2/usr/share/man/man3/mvwchgat.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwdelch.3x.gz b/msys2/usr/share/man/man3/mvwdelch.3x.gz
index b3d30bdeb..73bf9762a 100644
Binary files a/msys2/usr/share/man/man3/mvwdelch.3x.gz and b/msys2/usr/share/man/man3/mvwdelch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwget_wch.3x.gz b/msys2/usr/share/man/man3/mvwget_wch.3x.gz
index 0df737a7d..e76d981a0 100644
Binary files a/msys2/usr/share/man/man3/mvwget_wch.3x.gz and b/msys2/usr/share/man/man3/mvwget_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwget_wstr.3x.gz b/msys2/usr/share/man/man3/mvwget_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/mvwget_wstr.3x.gz and b/msys2/usr/share/man/man3/mvwget_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwgetch.3x.gz b/msys2/usr/share/man/man3/mvwgetch.3x.gz
index e5538d65e..249c9cb35 100644
Binary files a/msys2/usr/share/man/man3/mvwgetch.3x.gz and b/msys2/usr/share/man/man3/mvwgetch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwgetn_wstr.3x.gz b/msys2/usr/share/man/man3/mvwgetn_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/mvwgetn_wstr.3x.gz and b/msys2/usr/share/man/man3/mvwgetn_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwgetnstr.3x.gz b/msys2/usr/share/man/man3/mvwgetnstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/mvwgetnstr.3x.gz and b/msys2/usr/share/man/man3/mvwgetnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwgetstr.3x.gz b/msys2/usr/share/man/man3/mvwgetstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/mvwgetstr.3x.gz and b/msys2/usr/share/man/man3/mvwgetstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwhline.3x.gz b/msys2/usr/share/man/man3/mvwhline.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/mvwhline.3x.gz and b/msys2/usr/share/man/man3/mvwhline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwin_wch.3x.gz b/msys2/usr/share/man/man3/mvwin_wch.3x.gz
index b41bb3f93..924ba1f19 100644
Binary files a/msys2/usr/share/man/man3/mvwin_wch.3x.gz and b/msys2/usr/share/man/man3/mvwin_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwin_wchnstr.3x.gz b/msys2/usr/share/man/man3/mvwin_wchnstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/mvwin_wchnstr.3x.gz and b/msys2/usr/share/man/man3/mvwin_wchnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwin_wchstr.3x.gz b/msys2/usr/share/man/man3/mvwin_wchstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/mvwin_wchstr.3x.gz and b/msys2/usr/share/man/man3/mvwin_wchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwinch.3x.gz b/msys2/usr/share/man/man3/mvwinch.3x.gz
index d05e54745..20db1f376 100644
Binary files a/msys2/usr/share/man/man3/mvwinch.3x.gz and b/msys2/usr/share/man/man3/mvwinch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwinchnstr.3x.gz b/msys2/usr/share/man/man3/mvwinchnstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/mvwinchnstr.3x.gz and b/msys2/usr/share/man/man3/mvwinchnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwinchstr.3x.gz b/msys2/usr/share/man/man3/mvwinchstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/mvwinchstr.3x.gz and b/msys2/usr/share/man/man3/mvwinchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwinnstr.3x.gz b/msys2/usr/share/man/man3/mvwinnstr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/mvwinnstr.3x.gz and b/msys2/usr/share/man/man3/mvwinnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwinnwstr.3x.gz b/msys2/usr/share/man/man3/mvwinnwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/mvwinnwstr.3x.gz and b/msys2/usr/share/man/man3/mvwinnwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwinsch.3x.gz b/msys2/usr/share/man/man3/mvwinsch.3x.gz
index 103417d3f..37efb87eb 100644
Binary files a/msys2/usr/share/man/man3/mvwinsch.3x.gz and b/msys2/usr/share/man/man3/mvwinsch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwinstr.3x.gz b/msys2/usr/share/man/man3/mvwinstr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/mvwinstr.3x.gz and b/msys2/usr/share/man/man3/mvwinstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwinwstr.3x.gz b/msys2/usr/share/man/man3/mvwinwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/mvwinwstr.3x.gz and b/msys2/usr/share/man/man3/mvwinwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwprintw.3x.gz b/msys2/usr/share/man/man3/mvwprintw.3x.gz
index df4fa0b56..22aaed139 100644
Binary files a/msys2/usr/share/man/man3/mvwprintw.3x.gz and b/msys2/usr/share/man/man3/mvwprintw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwscanw.3x.gz b/msys2/usr/share/man/man3/mvwscanw.3x.gz
index 7455dd6e2..024031d5b 100644
Binary files a/msys2/usr/share/man/man3/mvwscanw.3x.gz and b/msys2/usr/share/man/man3/mvwscanw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/mvwvline.3x.gz b/msys2/usr/share/man/man3/mvwvline.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/mvwvline.3x.gz and b/msys2/usr/share/man/man3/mvwvline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/napms.3x.gz b/msys2/usr/share/man/man3/napms.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/napms.3x.gz and b/msys2/usr/share/man/man3/napms.3x.gz differ
diff --git a/msys2/usr/share/man/man3/ncurses.3x.gz b/msys2/usr/share/man/man3/ncurses.3x.gz
index 444663181..a818b1d9c 100644
Binary files a/msys2/usr/share/man/man3/ncurses.3x.gz and b/msys2/usr/share/man/man3/ncurses.3x.gz differ
diff --git a/msys2/usr/share/man/man3/new_field.3x.gz b/msys2/usr/share/man/man3/new_field.3x.gz
index b9a9a240f..2f6e4748e 100644
Binary files a/msys2/usr/share/man/man3/new_field.3x.gz and b/msys2/usr/share/man/man3/new_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/new_fieldtype.3x.gz b/msys2/usr/share/man/man3/new_fieldtype.3x.gz
index e57648415..f9ae36c34 100644
Binary files a/msys2/usr/share/man/man3/new_fieldtype.3x.gz and b/msys2/usr/share/man/man3/new_fieldtype.3x.gz differ
diff --git a/msys2/usr/share/man/man3/new_form.3x.gz b/msys2/usr/share/man/man3/new_form.3x.gz
index 65cd8052b..68bc8f3f6 100644
Binary files a/msys2/usr/share/man/man3/new_form.3x.gz and b/msys2/usr/share/man/man3/new_form.3x.gz differ
diff --git a/msys2/usr/share/man/man3/new_item.3x.gz b/msys2/usr/share/man/man3/new_item.3x.gz
index 901b51105..ac4cee226 100644
Binary files a/msys2/usr/share/man/man3/new_item.3x.gz and b/msys2/usr/share/man/man3/new_item.3x.gz differ
diff --git a/msys2/usr/share/man/man3/new_menu.3x.gz b/msys2/usr/share/man/man3/new_menu.3x.gz
index 9f39a3d01..a0a13de9c 100644
Binary files a/msys2/usr/share/man/man3/new_menu.3x.gz and b/msys2/usr/share/man/man3/new_menu.3x.gz differ
diff --git a/msys2/usr/share/man/man3/new_page.3x.gz b/msys2/usr/share/man/man3/new_page.3x.gz
index b7cd68918..005fdf137 100644
Binary files a/msys2/usr/share/man/man3/new_page.3x.gz and b/msys2/usr/share/man/man3/new_page.3x.gz differ
diff --git a/msys2/usr/share/man/man3/new_pair.3x.gz b/msys2/usr/share/man/man3/new_pair.3x.gz
index 2882ec13d..c3c541157 100644
Binary files a/msys2/usr/share/man/man3/new_pair.3x.gz and b/msys2/usr/share/man/man3/new_pair.3x.gz differ
diff --git a/msys2/usr/share/man/man3/new_panel.3x.gz b/msys2/usr/share/man/man3/new_panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/new_panel.3x.gz and b/msys2/usr/share/man/man3/new_panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/newctime.3.gz b/msys2/usr/share/man/man3/newctime.3.gz
index 1b3c52e11..b3295e820 100644
Binary files a/msys2/usr/share/man/man3/newctime.3.gz and b/msys2/usr/share/man/man3/newctime.3.gz differ
diff --git a/msys2/usr/share/man/man3/newpad.3x.gz b/msys2/usr/share/man/man3/newpad.3x.gz
index 59834be69..457c4e67f 100644
Binary files a/msys2/usr/share/man/man3/newpad.3x.gz and b/msys2/usr/share/man/man3/newpad.3x.gz differ
diff --git a/msys2/usr/share/man/man3/newscr.3x.gz b/msys2/usr/share/man/man3/newscr.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/newscr.3x.gz and b/msys2/usr/share/man/man3/newscr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/newterm.3x.gz b/msys2/usr/share/man/man3/newterm.3x.gz
index 175ffb36e..36f1b5781 100644
Binary files a/msys2/usr/share/man/man3/newterm.3x.gz and b/msys2/usr/share/man/man3/newterm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/newtzset.3.gz b/msys2/usr/share/man/man3/newtzset.3.gz
index 9e80518bc..dd94865d5 100644
Binary files a/msys2/usr/share/man/man3/newtzset.3.gz and b/msys2/usr/share/man/man3/newtzset.3.gz differ
diff --git a/msys2/usr/share/man/man3/nl.3x.gz b/msys2/usr/share/man/man3/nl.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/nl.3x.gz and b/msys2/usr/share/man/man3/nl.3x.gz differ
diff --git a/msys2/usr/share/man/man3/nocbreak.3x.gz b/msys2/usr/share/man/man3/nocbreak.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/nocbreak.3x.gz and b/msys2/usr/share/man/man3/nocbreak.3x.gz differ
diff --git a/msys2/usr/share/man/man3/nodelay.3x.gz b/msys2/usr/share/man/man3/nodelay.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/nodelay.3x.gz and b/msys2/usr/share/man/man3/nodelay.3x.gz differ
diff --git a/msys2/usr/share/man/man3/noecho.3x.gz b/msys2/usr/share/man/man3/noecho.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/noecho.3x.gz and b/msys2/usr/share/man/man3/noecho.3x.gz differ
diff --git a/msys2/usr/share/man/man3/nofilter.3x.gz b/msys2/usr/share/man/man3/nofilter.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/nofilter.3x.gz and b/msys2/usr/share/man/man3/nofilter.3x.gz differ
diff --git a/msys2/usr/share/man/man3/nonl.3x.gz b/msys2/usr/share/man/man3/nonl.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/nonl.3x.gz and b/msys2/usr/share/man/man3/nonl.3x.gz differ
diff --git a/msys2/usr/share/man/man3/noqiflush.3x.gz b/msys2/usr/share/man/man3/noqiflush.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/noqiflush.3x.gz and b/msys2/usr/share/man/man3/noqiflush.3x.gz differ
diff --git a/msys2/usr/share/man/man3/noraw.3x.gz b/msys2/usr/share/man/man3/noraw.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/noraw.3x.gz and b/msys2/usr/share/man/man3/noraw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/notimeout.3x.gz b/msys2/usr/share/man/man3/notimeout.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/notimeout.3x.gz and b/msys2/usr/share/man/man3/notimeout.3x.gz differ
diff --git a/msys2/usr/share/man/man3/o2i_SCT.3ssl.gz b/msys2/usr/share/man/man3/o2i_SCT.3ssl.gz
new file mode 100644
index 000000000..a56b7775c
Binary files /dev/null and b/msys2/usr/share/man/man3/o2i_SCT.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/o2i_SCT_LIST.3ssl.gz b/msys2/usr/share/man/man3/o2i_SCT_LIST.3ssl.gz
new file mode 100644
index 000000000..a56b7775c
Binary files /dev/null and b/msys2/usr/share/man/man3/o2i_SCT_LIST.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ordchr.3am.gz b/msys2/usr/share/man/man3/ordchr.3am.gz
index f2173d8ca..93ef66de3 100644
Binary files a/msys2/usr/share/man/man3/ordchr.3am.gz and b/msys2/usr/share/man/man3/ordchr.3am.gz differ
diff --git a/msys2/usr/share/man/man3/ospeed.3x.gz b/msys2/usr/share/man/man3/ospeed.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/ospeed.3x.gz and b/msys2/usr/share/man/man3/ospeed.3x.gz differ
diff --git a/msys2/usr/share/man/man3/package_changelog.3.gz b/msys2/usr/share/man/man3/package_changelog.3.gz
index 902df6b93..6d127661d 100644
Binary files a/msys2/usr/share/man/man3/package_changelog.3.gz and b/msys2/usr/share/man/man3/package_changelog.3.gz differ
diff --git a/msys2/usr/share/man/man3/pair_content.3x.gz b/msys2/usr/share/man/man3/pair_content.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/pair_content.3x.gz and b/msys2/usr/share/man/man3/pair_content.3x.gz differ
diff --git a/msys2/usr/share/man/man3/panel.3x.gz b/msys2/usr/share/man/man3/panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/panel.3x.gz and b/msys2/usr/share/man/man3/panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/panel_above.3x.gz b/msys2/usr/share/man/man3/panel_above.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/panel_above.3x.gz and b/msys2/usr/share/man/man3/panel_above.3x.gz differ
diff --git a/msys2/usr/share/man/man3/panel_below.3x.gz b/msys2/usr/share/man/man3/panel_below.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/panel_below.3x.gz and b/msys2/usr/share/man/man3/panel_below.3x.gz differ
diff --git a/msys2/usr/share/man/man3/panel_hidden.3x.gz b/msys2/usr/share/man/man3/panel_hidden.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/panel_hidden.3x.gz and b/msys2/usr/share/man/man3/panel_hidden.3x.gz differ
diff --git a/msys2/usr/share/man/man3/panel_userptr.3x.gz b/msys2/usr/share/man/man3/panel_userptr.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/panel_userptr.3x.gz and b/msys2/usr/share/man/man3/panel_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/panel_window.3x.gz b/msys2/usr/share/man/man3/panel_window.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/panel_window.3x.gz and b/msys2/usr/share/man/man3/panel_window.3x.gz differ
diff --git a/msys2/usr/share/man/man3/pcrejit.3.gz b/msys2/usr/share/man/man3/pcrejit.3.gz
index b289f5677..caf34b546 100644
Binary files a/msys2/usr/share/man/man3/pcrejit.3.gz and b/msys2/usr/share/man/man3/pcrejit.3.gz differ
diff --git a/msys2/usr/share/man/man3/pecho_wchar.3x.gz b/msys2/usr/share/man/man3/pecho_wchar.3x.gz
index 59834be69..457c4e67f 100644
Binary files a/msys2/usr/share/man/man3/pecho_wchar.3x.gz and b/msys2/usr/share/man/man3/pecho_wchar.3x.gz differ
diff --git a/msys2/usr/share/man/man3/pechochar.3x.gz b/msys2/usr/share/man/man3/pechochar.3x.gz
index 59834be69..457c4e67f 100644
Binary files a/msys2/usr/share/man/man3/pechochar.3x.gz and b/msys2/usr/share/man/man3/pechochar.3x.gz differ
diff --git a/msys2/usr/share/man/man3/pem_password_cb.3ssl.gz b/msys2/usr/share/man/man3/pem_password_cb.3ssl.gz
new file mode 100644
index 000000000..9ff9b03e2
Binary files /dev/null and b/msys2/usr/share/man/man3/pem_password_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/pkg_operations.3.gz b/msys2/usr/share/man/man3/pkg_operations.3.gz
index 859d70639..a730cffa5 100644
Binary files a/msys2/usr/share/man/man3/pkg_operations.3.gz and b/msys2/usr/share/man/man3/pkg_operations.3.gz differ
diff --git a/msys2/usr/share/man/man3/pnoutrefresh.3x.gz b/msys2/usr/share/man/man3/pnoutrefresh.3x.gz
index 59834be69..457c4e67f 100644
Binary files a/msys2/usr/share/man/man3/pnoutrefresh.3x.gz and b/msys2/usr/share/man/man3/pnoutrefresh.3x.gz differ
diff --git a/msys2/usr/share/man/man3/pos_form_cursor.3x.gz b/msys2/usr/share/man/man3/pos_form_cursor.3x.gz
index 3ecdd0e6b..232e3b27e 100644
Binary files a/msys2/usr/share/man/man3/pos_form_cursor.3x.gz and b/msys2/usr/share/man/man3/pos_form_cursor.3x.gz differ
diff --git a/msys2/usr/share/man/man3/pos_menu_cursor.3x.gz b/msys2/usr/share/man/man3/pos_menu_cursor.3x.gz
index 2c3220e36..c32f57c8b 100644
Binary files a/msys2/usr/share/man/man3/pos_menu_cursor.3x.gz and b/msys2/usr/share/man/man3/pos_menu_cursor.3x.gz differ
diff --git a/msys2/usr/share/man/man3/post_form.3x.gz b/msys2/usr/share/man/man3/post_form.3x.gz
index 7e76615e0..a2f8b2c36 100644
Binary files a/msys2/usr/share/man/man3/post_form.3x.gz and b/msys2/usr/share/man/man3/post_form.3x.gz differ
diff --git a/msys2/usr/share/man/man3/post_menu.3x.gz b/msys2/usr/share/man/man3/post_menu.3x.gz
index a6d90bff3..05b7af4f5 100644
Binary files a/msys2/usr/share/man/man3/post_menu.3x.gz and b/msys2/usr/share/man/man3/post_menu.3x.gz differ
diff --git a/msys2/usr/share/man/man3/prefresh.3x.gz b/msys2/usr/share/man/man3/prefresh.3x.gz
index 59834be69..457c4e67f 100644
Binary files a/msys2/usr/share/man/man3/prefresh.3x.gz and b/msys2/usr/share/man/man3/prefresh.3x.gz differ
diff --git a/msys2/usr/share/man/man3/printw.3x.gz b/msys2/usr/share/man/man3/printw.3x.gz
index df4fa0b56..22aaed139 100644
Binary files a/msys2/usr/share/man/man3/printw.3x.gz and b/msys2/usr/share/man/man3/printw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/putp.3x.gz b/msys2/usr/share/man/man3/putp.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/putp.3x.gz and b/msys2/usr/share/man/man3/putp.3x.gz differ
diff --git a/msys2/usr/share/man/man3/putwin.3x.gz b/msys2/usr/share/man/man3/putwin.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/putwin.3x.gz and b/msys2/usr/share/man/man3/putwin.3x.gz differ
diff --git a/msys2/usr/share/man/man3/qiflush.3x.gz b/msys2/usr/share/man/man3/qiflush.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/qiflush.3x.gz and b/msys2/usr/share/man/man3/qiflush.3x.gz differ
diff --git a/msys2/usr/share/man/man3/rand.3ssl.gz b/msys2/usr/share/man/man3/rand.3ssl.gz
deleted file mode 100644
index 54d9ea3ea..000000000
Binary files a/msys2/usr/share/man/man3/rand.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/raw.3x.gz b/msys2/usr/share/man/man3/raw.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/raw.3x.gz and b/msys2/usr/share/man/man3/raw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/readdir.3am.gz b/msys2/usr/share/man/man3/readdir.3am.gz
index e293e8541..8b35cffb2 100644
Binary files a/msys2/usr/share/man/man3/readdir.3am.gz and b/msys2/usr/share/man/man3/readdir.3am.gz differ
diff --git a/msys2/usr/share/man/man3/readfile.3am.gz b/msys2/usr/share/man/man3/readfile.3am.gz
index e99543638..91857f2d3 100644
Binary files a/msys2/usr/share/man/man3/readfile.3am.gz and b/msys2/usr/share/man/man3/readfile.3am.gz differ
diff --git a/msys2/usr/share/man/man3/readline.3.gz b/msys2/usr/share/man/man3/readline.3.gz
index 3c5830b1f..618eaeea0 100644
Binary files a/msys2/usr/share/man/man3/readline.3.gz and b/msys2/usr/share/man/man3/readline.3.gz differ
diff --git a/msys2/usr/share/man/man3/redrawwin.3x.gz b/msys2/usr/share/man/man3/redrawwin.3x.gz
index 9907d050d..263e8feba 100644
Binary files a/msys2/usr/share/man/man3/redrawwin.3x.gz and b/msys2/usr/share/man/man3/redrawwin.3x.gz differ
diff --git a/msys2/usr/share/man/man3/refresh.3x.gz b/msys2/usr/share/man/man3/refresh.3x.gz
index 9907d050d..263e8feba 100644
Binary files a/msys2/usr/share/man/man3/refresh.3x.gz and b/msys2/usr/share/man/man3/refresh.3x.gz differ
diff --git a/msys2/usr/share/man/man3/replace_panel.3x.gz b/msys2/usr/share/man/man3/replace_panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/replace_panel.3x.gz and b/msys2/usr/share/man/man3/replace_panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/reset_color_pairs.3x.gz b/msys2/usr/share/man/man3/reset_color_pairs.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/reset_color_pairs.3x.gz and b/msys2/usr/share/man/man3/reset_color_pairs.3x.gz differ
diff --git a/msys2/usr/share/man/man3/reset_prog_mode.3x.gz b/msys2/usr/share/man/man3/reset_prog_mode.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/reset_prog_mode.3x.gz and b/msys2/usr/share/man/man3/reset_prog_mode.3x.gz differ
diff --git a/msys2/usr/share/man/man3/reset_shell_mode.3x.gz b/msys2/usr/share/man/man3/reset_shell_mode.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/reset_shell_mode.3x.gz and b/msys2/usr/share/man/man3/reset_shell_mode.3x.gz differ
diff --git a/msys2/usr/share/man/man3/resetty.3x.gz b/msys2/usr/share/man/man3/resetty.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/resetty.3x.gz and b/msys2/usr/share/man/man3/resetty.3x.gz differ
diff --git a/msys2/usr/share/man/man3/resize_term.3x.gz b/msys2/usr/share/man/man3/resize_term.3x.gz
index bf1e4ebe5..30d71d599 100644
Binary files a/msys2/usr/share/man/man3/resize_term.3x.gz and b/msys2/usr/share/man/man3/resize_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/resizeterm.3x.gz b/msys2/usr/share/man/man3/resizeterm.3x.gz
index bf1e4ebe5..30d71d599 100644
Binary files a/msys2/usr/share/man/man3/resizeterm.3x.gz and b/msys2/usr/share/man/man3/resizeterm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/restartterm.3x.gz b/msys2/usr/share/man/man3/restartterm.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/restartterm.3x.gz and b/msys2/usr/share/man/man3/restartterm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/revoutput.3am.gz b/msys2/usr/share/man/man3/revoutput.3am.gz
index aa0b93010..15b3a1dd5 100644
Binary files a/msys2/usr/share/man/man3/revoutput.3am.gz and b/msys2/usr/share/man/man3/revoutput.3am.gz differ
diff --git a/msys2/usr/share/man/man3/revtwoway.3am.gz b/msys2/usr/share/man/man3/revtwoway.3am.gz
index cf278ceb8..d98f9efbd 100644
Binary files a/msys2/usr/share/man/man3/revtwoway.3am.gz and b/msys2/usr/share/man/man3/revtwoway.3am.gz differ
diff --git a/msys2/usr/share/man/man3/ripemd.3ssl.gz b/msys2/usr/share/man/man3/ripemd.3ssl.gz
deleted file mode 100644
index 28d770166..000000000
Binary files a/msys2/usr/share/man/man3/ripemd.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/ripoffline.3x.gz b/msys2/usr/share/man/man3/ripoffline.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/ripoffline.3x.gz and b/msys2/usr/share/man/man3/ripoffline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/rsa.3ssl.gz b/msys2/usr/share/man/man3/rsa.3ssl.gz
deleted file mode 100644
index bbbc05896..000000000
Binary files a/msys2/usr/share/man/man3/rsa.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/rwarray.3am.gz b/msys2/usr/share/man/man3/rwarray.3am.gz
index 91a653122..3df5d6db5 100644
Binary files a/msys2/usr/share/man/man3/rwarray.3am.gz and b/msys2/usr/share/man/man3/rwarray.3am.gz differ
diff --git a/msys2/usr/share/man/man3/savetty.3x.gz b/msys2/usr/share/man/man3/savetty.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/savetty.3x.gz and b/msys2/usr/share/man/man3/savetty.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scale_form.3x.gz b/msys2/usr/share/man/man3/scale_form.3x.gz
index 702529595..9c9819dae 100644
Binary files a/msys2/usr/share/man/man3/scale_form.3x.gz and b/msys2/usr/share/man/man3/scale_form.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scale_menu.3x.gz b/msys2/usr/share/man/man3/scale_menu.3x.gz
index 85a014e50..78978732f 100644
Binary files a/msys2/usr/share/man/man3/scale_menu.3x.gz and b/msys2/usr/share/man/man3/scale_menu.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scanw.3x.gz b/msys2/usr/share/man/man3/scanw.3x.gz
index 7455dd6e2..024031d5b 100644
Binary files a/msys2/usr/share/man/man3/scanw.3x.gz and b/msys2/usr/share/man/man3/scanw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scr_dump.3x.gz b/msys2/usr/share/man/man3/scr_dump.3x.gz
index 3fe98d149..afae2d841 100644
Binary files a/msys2/usr/share/man/man3/scr_dump.3x.gz and b/msys2/usr/share/man/man3/scr_dump.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scr_init.3x.gz b/msys2/usr/share/man/man3/scr_init.3x.gz
index 3fe98d149..afae2d841 100644
Binary files a/msys2/usr/share/man/man3/scr_init.3x.gz and b/msys2/usr/share/man/man3/scr_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scr_restore.3x.gz b/msys2/usr/share/man/man3/scr_restore.3x.gz
index 3fe98d149..afae2d841 100644
Binary files a/msys2/usr/share/man/man3/scr_restore.3x.gz and b/msys2/usr/share/man/man3/scr_restore.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scr_set.3x.gz b/msys2/usr/share/man/man3/scr_set.3x.gz
index 3fe98d149..afae2d841 100644
Binary files a/msys2/usr/share/man/man3/scr_set.3x.gz and b/msys2/usr/share/man/man3/scr_set.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scrl.3x.gz b/msys2/usr/share/man/man3/scrl.3x.gz
index f1cc85862..8bf11d7f3 100644
Binary files a/msys2/usr/share/man/man3/scrl.3x.gz and b/msys2/usr/share/man/man3/scrl.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scroll.3x.gz b/msys2/usr/share/man/man3/scroll.3x.gz
index f1cc85862..8bf11d7f3 100644
Binary files a/msys2/usr/share/man/man3/scroll.3x.gz and b/msys2/usr/share/man/man3/scroll.3x.gz differ
diff --git a/msys2/usr/share/man/man3/scrollok.3x.gz b/msys2/usr/share/man/man3/scrollok.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/scrollok.3x.gz and b/msys2/usr/share/man/man3/scrollok.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_current_field.3x.gz b/msys2/usr/share/man/man3/set_current_field.3x.gz
index cea209f49..2434be0e5 100644
Binary files a/msys2/usr/share/man/man3/set_current_field.3x.gz and b/msys2/usr/share/man/man3/set_current_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_current_item.3x.gz b/msys2/usr/share/man/man3/set_current_item.3x.gz
index b006d2869..66c4e3957 100644
Binary files a/msys2/usr/share/man/man3/set_current_item.3x.gz and b/msys2/usr/share/man/man3/set_current_item.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_curterm.3x.gz b/msys2/usr/share/man/man3/set_curterm.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/set_curterm.3x.gz and b/msys2/usr/share/man/man3/set_curterm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_back.3x.gz b/msys2/usr/share/man/man3/set_field_back.3x.gz
index 18941b469..9daab54bb 100644
Binary files a/msys2/usr/share/man/man3/set_field_back.3x.gz and b/msys2/usr/share/man/man3/set_field_back.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_buffer.3x.gz b/msys2/usr/share/man/man3/set_field_buffer.3x.gz
index 2a1192f18..206d5d9df 100644
Binary files a/msys2/usr/share/man/man3/set_field_buffer.3x.gz and b/msys2/usr/share/man/man3/set_field_buffer.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_fore.3x.gz b/msys2/usr/share/man/man3/set_field_fore.3x.gz
index 18941b469..9daab54bb 100644
Binary files a/msys2/usr/share/man/man3/set_field_fore.3x.gz and b/msys2/usr/share/man/man3/set_field_fore.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_init.3x.gz b/msys2/usr/share/man/man3/set_field_init.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/set_field_init.3x.gz and b/msys2/usr/share/man/man3/set_field_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_just.3x.gz b/msys2/usr/share/man/man3/set_field_just.3x.gz
index 568267232..291acab7e 100644
Binary files a/msys2/usr/share/man/man3/set_field_just.3x.gz and b/msys2/usr/share/man/man3/set_field_just.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_opts.3x.gz b/msys2/usr/share/man/man3/set_field_opts.3x.gz
index 160849258..f15b63998 100644
Binary files a/msys2/usr/share/man/man3/set_field_opts.3x.gz and b/msys2/usr/share/man/man3/set_field_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_pad.3x.gz b/msys2/usr/share/man/man3/set_field_pad.3x.gz
index 18941b469..9daab54bb 100644
Binary files a/msys2/usr/share/man/man3/set_field_pad.3x.gz and b/msys2/usr/share/man/man3/set_field_pad.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_status.3x.gz b/msys2/usr/share/man/man3/set_field_status.3x.gz
index 2a1192f18..206d5d9df 100644
Binary files a/msys2/usr/share/man/man3/set_field_status.3x.gz and b/msys2/usr/share/man/man3/set_field_status.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_term.3x.gz b/msys2/usr/share/man/man3/set_field_term.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/set_field_term.3x.gz and b/msys2/usr/share/man/man3/set_field_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_type.3x.gz b/msys2/usr/share/man/man3/set_field_type.3x.gz
index 7a356a18e..01f8882f2 100644
Binary files a/msys2/usr/share/man/man3/set_field_type.3x.gz and b/msys2/usr/share/man/man3/set_field_type.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_field_userptr.3x.gz b/msys2/usr/share/man/man3/set_field_userptr.3x.gz
index 49ed110f0..7f3518203 100644
Binary files a/msys2/usr/share/man/man3/set_field_userptr.3x.gz and b/msys2/usr/share/man/man3/set_field_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_fieldtype_arg.3x.gz b/msys2/usr/share/man/man3/set_fieldtype_arg.3x.gz
index e57648415..f9ae36c34 100644
Binary files a/msys2/usr/share/man/man3/set_fieldtype_arg.3x.gz and b/msys2/usr/share/man/man3/set_fieldtype_arg.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_fieldtype_choice.3x.gz b/msys2/usr/share/man/man3/set_fieldtype_choice.3x.gz
index e57648415..f9ae36c34 100644
Binary files a/msys2/usr/share/man/man3/set_fieldtype_choice.3x.gz and b/msys2/usr/share/man/man3/set_fieldtype_choice.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_form_fields.3x.gz b/msys2/usr/share/man/man3/set_form_fields.3x.gz
index c925e242f..db96bac3e 100644
Binary files a/msys2/usr/share/man/man3/set_form_fields.3x.gz and b/msys2/usr/share/man/man3/set_form_fields.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_form_init.3x.gz b/msys2/usr/share/man/man3/set_form_init.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/set_form_init.3x.gz and b/msys2/usr/share/man/man3/set_form_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_form_opts.3x.gz b/msys2/usr/share/man/man3/set_form_opts.3x.gz
index 2f4c9ccb9..3b736a6bf 100644
Binary files a/msys2/usr/share/man/man3/set_form_opts.3x.gz and b/msys2/usr/share/man/man3/set_form_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_form_page.3x.gz b/msys2/usr/share/man/man3/set_form_page.3x.gz
index cea209f49..2434be0e5 100644
Binary files a/msys2/usr/share/man/man3/set_form_page.3x.gz and b/msys2/usr/share/man/man3/set_form_page.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_form_sub.3x.gz b/msys2/usr/share/man/man3/set_form_sub.3x.gz
index 702529595..9c9819dae 100644
Binary files a/msys2/usr/share/man/man3/set_form_sub.3x.gz and b/msys2/usr/share/man/man3/set_form_sub.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_form_term.3x.gz b/msys2/usr/share/man/man3/set_form_term.3x.gz
index 837d8608f..daa501a2d 100644
Binary files a/msys2/usr/share/man/man3/set_form_term.3x.gz and b/msys2/usr/share/man/man3/set_form_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_form_userptr.3x.gz b/msys2/usr/share/man/man3/set_form_userptr.3x.gz
index f83e05cfa..9f562c669 100644
Binary files a/msys2/usr/share/man/man3/set_form_userptr.3x.gz and b/msys2/usr/share/man/man3/set_form_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_form_win.3x.gz b/msys2/usr/share/man/man3/set_form_win.3x.gz
index 702529595..9c9819dae 100644
Binary files a/msys2/usr/share/man/man3/set_form_win.3x.gz and b/msys2/usr/share/man/man3/set_form_win.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_item_init.3x.gz b/msys2/usr/share/man/man3/set_item_init.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/set_item_init.3x.gz and b/msys2/usr/share/man/man3/set_item_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_item_opts.3x.gz b/msys2/usr/share/man/man3/set_item_opts.3x.gz
index e5268c807..2af898879 100644
Binary files a/msys2/usr/share/man/man3/set_item_opts.3x.gz and b/msys2/usr/share/man/man3/set_item_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_item_term.3x.gz b/msys2/usr/share/man/man3/set_item_term.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/set_item_term.3x.gz and b/msys2/usr/share/man/man3/set_item_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_item_userptr.3x.gz b/msys2/usr/share/man/man3/set_item_userptr.3x.gz
index a1085dbeb..06201c70f 100644
Binary files a/msys2/usr/share/man/man3/set_item_userptr.3x.gz and b/msys2/usr/share/man/man3/set_item_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_item_value.3x.gz b/msys2/usr/share/man/man3/set_item_value.3x.gz
index e4eeeedb6..b5f18cb1f 100644
Binary files a/msys2/usr/share/man/man3/set_item_value.3x.gz and b/msys2/usr/share/man/man3/set_item_value.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_max_field.3x.gz b/msys2/usr/share/man/man3/set_max_field.3x.gz
index 2a1192f18..206d5d9df 100644
Binary files a/msys2/usr/share/man/man3/set_max_field.3x.gz and b/msys2/usr/share/man/man3/set_max_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_back.3x.gz b/msys2/usr/share/man/man3/set_menu_back.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/set_menu_back.3x.gz and b/msys2/usr/share/man/man3/set_menu_back.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_fore.3x.gz b/msys2/usr/share/man/man3/set_menu_fore.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/set_menu_fore.3x.gz and b/msys2/usr/share/man/man3/set_menu_fore.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_format.3x.gz b/msys2/usr/share/man/man3/set_menu_format.3x.gz
index bf22b9f20..766bdc0bf 100644
Binary files a/msys2/usr/share/man/man3/set_menu_format.3x.gz and b/msys2/usr/share/man/man3/set_menu_format.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_grey.3x.gz b/msys2/usr/share/man/man3/set_menu_grey.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/set_menu_grey.3x.gz and b/msys2/usr/share/man/man3/set_menu_grey.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_init.3x.gz b/msys2/usr/share/man/man3/set_menu_init.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/set_menu_init.3x.gz and b/msys2/usr/share/man/man3/set_menu_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_items.3x.gz b/msys2/usr/share/man/man3/set_menu_items.3x.gz
index 1e04f66f4..f3f6563fd 100644
Binary files a/msys2/usr/share/man/man3/set_menu_items.3x.gz and b/msys2/usr/share/man/man3/set_menu_items.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_mark.3x.gz b/msys2/usr/share/man/man3/set_menu_mark.3x.gz
index 732f7c4b7..9b4e9746b 100644
Binary files a/msys2/usr/share/man/man3/set_menu_mark.3x.gz and b/msys2/usr/share/man/man3/set_menu_mark.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_opts.3x.gz b/msys2/usr/share/man/man3/set_menu_opts.3x.gz
index 3b0884151..d74152bf5 100644
Binary files a/msys2/usr/share/man/man3/set_menu_opts.3x.gz and b/msys2/usr/share/man/man3/set_menu_opts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_pad.3x.gz b/msys2/usr/share/man/man3/set_menu_pad.3x.gz
index b8b9ee6da..bf771c360 100644
Binary files a/msys2/usr/share/man/man3/set_menu_pad.3x.gz and b/msys2/usr/share/man/man3/set_menu_pad.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_pattern.3x.gz b/msys2/usr/share/man/man3/set_menu_pattern.3x.gz
index a7e388761..ca15c1062 100644
Binary files a/msys2/usr/share/man/man3/set_menu_pattern.3x.gz and b/msys2/usr/share/man/man3/set_menu_pattern.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_spacing.3x.gz b/msys2/usr/share/man/man3/set_menu_spacing.3x.gz
index fb888a7ba..aa98488db 100644
Binary files a/msys2/usr/share/man/man3/set_menu_spacing.3x.gz and b/msys2/usr/share/man/man3/set_menu_spacing.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_sub.3x.gz b/msys2/usr/share/man/man3/set_menu_sub.3x.gz
index 85a014e50..78978732f 100644
Binary files a/msys2/usr/share/man/man3/set_menu_sub.3x.gz and b/msys2/usr/share/man/man3/set_menu_sub.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_term.3x.gz b/msys2/usr/share/man/man3/set_menu_term.3x.gz
index d3cff20e4..2a379dee4 100644
Binary files a/msys2/usr/share/man/man3/set_menu_term.3x.gz and b/msys2/usr/share/man/man3/set_menu_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_userptr.3x.gz b/msys2/usr/share/man/man3/set_menu_userptr.3x.gz
index 89e2bcda3..7ea574f1d 100644
Binary files a/msys2/usr/share/man/man3/set_menu_userptr.3x.gz and b/msys2/usr/share/man/man3/set_menu_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_menu_win.3x.gz b/msys2/usr/share/man/man3/set_menu_win.3x.gz
index 85a014e50..78978732f 100644
Binary files a/msys2/usr/share/man/man3/set_menu_win.3x.gz and b/msys2/usr/share/man/man3/set_menu_win.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_new_page.3x.gz b/msys2/usr/share/man/man3/set_new_page.3x.gz
index b7cd68918..005fdf137 100644
Binary files a/msys2/usr/share/man/man3/set_new_page.3x.gz and b/msys2/usr/share/man/man3/set_new_page.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_panel_userptr.3x.gz b/msys2/usr/share/man/man3/set_panel_userptr.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/set_panel_userptr.3x.gz and b/msys2/usr/share/man/man3/set_panel_userptr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_term.3x.gz b/msys2/usr/share/man/man3/set_term.3x.gz
index 175ffb36e..36f1b5781 100644
Binary files a/msys2/usr/share/man/man3/set_term.3x.gz and b/msys2/usr/share/man/man3/set_term.3x.gz differ
diff --git a/msys2/usr/share/man/man3/set_top_row.3x.gz b/msys2/usr/share/man/man3/set_top_row.3x.gz
index b006d2869..66c4e3957 100644
Binary files a/msys2/usr/share/man/man3/set_top_row.3x.gz and b/msys2/usr/share/man/man3/set_top_row.3x.gz differ
diff --git a/msys2/usr/share/man/man3/setscrreg.3x.gz b/msys2/usr/share/man/man3/setscrreg.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/setscrreg.3x.gz and b/msys2/usr/share/man/man3/setscrreg.3x.gz differ
diff --git a/msys2/usr/share/man/man3/setsyx.3x.gz b/msys2/usr/share/man/man3/setsyx.3x.gz
index 9df4b5f0e..ed980e52f 100644
Binary files a/msys2/usr/share/man/man3/setsyx.3x.gz and b/msys2/usr/share/man/man3/setsyx.3x.gz differ
diff --git a/msys2/usr/share/man/man3/setterm.3x.gz b/msys2/usr/share/man/man3/setterm.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/setterm.3x.gz and b/msys2/usr/share/man/man3/setterm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/setupterm.3x.gz b/msys2/usr/share/man/man3/setupterm.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/setupterm.3x.gz and b/msys2/usr/share/man/man3/setupterm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/sha.3ssl.gz b/msys2/usr/share/man/man3/sha.3ssl.gz
deleted file mode 100644
index dbfd999e1..000000000
Binary files a/msys2/usr/share/man/man3/sha.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/sha2_context.3.gz b/msys2/usr/share/man/man3/sha2_context.3.gz
deleted file mode 100644
index a5f23b512..000000000
Binary files a/msys2/usr/share/man/man3/sha2_context.3.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/show_panel.3x.gz b/msys2/usr/share/man/man3/show_panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/show_panel.3x.gz and b/msys2/usr/share/man/man3/show_panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_deep_copy.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_deep_copy.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_deep_copy.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_delete.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_delete.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_delete.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_delete_ptr.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_delete_ptr.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_delete_ptr.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_dup.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_dup.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_dup.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_find.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_find.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_find.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_find_ex.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_find_ex.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_find_ex.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_free.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_free.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_insert.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_insert.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_insert.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_is_sorted.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_is_sorted.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_is_sorted.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_new.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_new.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_new.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_new_null.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_new_null.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_new_null.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_new_reserve.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_new_reserve.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_new_reserve.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_num.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_num.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_num.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_pop.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_pop.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_pop.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_pop_free.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_pop_free.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_pop_free.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_push.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_push.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_push.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_reserve.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_reserve.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_reserve.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_set.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_set.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_set.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_set_cmp_func.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_set_cmp_func.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_set_cmp_func.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_shift.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_shift.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_shift.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_sort.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_sort.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_sort.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_unshift.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_unshift.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_unshift.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_value.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_value.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_value.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/sk_TYPE_zero.3ssl.gz b/msys2/usr/share/man/man3/sk_TYPE_zero.3ssl.gz
new file mode 100644
index 000000000..5343603e2
Binary files /dev/null and b/msys2/usr/share/man/man3/sk_TYPE_zero.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/slk_attr.3x.gz b/msys2/usr/share/man/man3/slk_attr.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_attr.3x.gz and b/msys2/usr/share/man/man3/slk_attr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_attr_off.3x.gz b/msys2/usr/share/man/man3/slk_attr_off.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_attr_off.3x.gz and b/msys2/usr/share/man/man3/slk_attr_off.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_attr_on.3x.gz b/msys2/usr/share/man/man3/slk_attr_on.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_attr_on.3x.gz and b/msys2/usr/share/man/man3/slk_attr_on.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_attr_set.3x.gz b/msys2/usr/share/man/man3/slk_attr_set.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_attr_set.3x.gz and b/msys2/usr/share/man/man3/slk_attr_set.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_attroff.3x.gz b/msys2/usr/share/man/man3/slk_attroff.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_attroff.3x.gz and b/msys2/usr/share/man/man3/slk_attroff.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_attron.3x.gz b/msys2/usr/share/man/man3/slk_attron.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_attron.3x.gz and b/msys2/usr/share/man/man3/slk_attron.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_attrset.3x.gz b/msys2/usr/share/man/man3/slk_attrset.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_attrset.3x.gz and b/msys2/usr/share/man/man3/slk_attrset.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_clear.3x.gz b/msys2/usr/share/man/man3/slk_clear.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_clear.3x.gz and b/msys2/usr/share/man/man3/slk_clear.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_color.3x.gz b/msys2/usr/share/man/man3/slk_color.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_color.3x.gz and b/msys2/usr/share/man/man3/slk_color.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_init.3x.gz b/msys2/usr/share/man/man3/slk_init.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_init.3x.gz and b/msys2/usr/share/man/man3/slk_init.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_label.3x.gz b/msys2/usr/share/man/man3/slk_label.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_label.3x.gz and b/msys2/usr/share/man/man3/slk_label.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_noutrefresh.3x.gz b/msys2/usr/share/man/man3/slk_noutrefresh.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_noutrefresh.3x.gz and b/msys2/usr/share/man/man3/slk_noutrefresh.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_refresh.3x.gz b/msys2/usr/share/man/man3/slk_refresh.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_refresh.3x.gz and b/msys2/usr/share/man/man3/slk_refresh.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_restore.3x.gz b/msys2/usr/share/man/man3/slk_restore.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_restore.3x.gz and b/msys2/usr/share/man/man3/slk_restore.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_set.3x.gz b/msys2/usr/share/man/man3/slk_set.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_set.3x.gz and b/msys2/usr/share/man/man3/slk_set.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_touch.3x.gz b/msys2/usr/share/man/man3/slk_touch.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_touch.3x.gz and b/msys2/usr/share/man/man3/slk_touch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/slk_wset.3x.gz b/msys2/usr/share/man/man3/slk_wset.3x.gz
index 5863d8468..073192cf2 100644
Binary files a/msys2/usr/share/man/man3/slk_wset.3x.gz and b/msys2/usr/share/man/man3/slk_wset.3x.gz differ
diff --git a/msys2/usr/share/man/man3/ssl_ct_validation_cb.3ssl.gz b/msys2/usr/share/man/man3/ssl_ct_validation_cb.3ssl.gz
new file mode 100644
index 000000000..c28d109df
Binary files /dev/null and b/msys2/usr/share/man/man3/ssl_ct_validation_cb.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/standend.3x.gz b/msys2/usr/share/man/man3/standend.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/standend.3x.gz and b/msys2/usr/share/man/man3/standend.3x.gz differ
diff --git a/msys2/usr/share/man/man3/standout.3x.gz b/msys2/usr/share/man/man3/standout.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/standout.3x.gz and b/msys2/usr/share/man/man3/standout.3x.gz differ
diff --git a/msys2/usr/share/man/man3/start_color.3x.gz b/msys2/usr/share/man/man3/start_color.3x.gz
index ba90f9c61..f9b77e1f4 100644
Binary files a/msys2/usr/share/man/man3/start_color.3x.gz and b/msys2/usr/share/man/man3/start_color.3x.gz differ
diff --git a/msys2/usr/share/man/man3/stdscr.3x.gz b/msys2/usr/share/man/man3/stdscr.3x.gz
index dbb243c86..767ce7da9 100644
Binary files a/msys2/usr/share/man/man3/stdscr.3x.gz and b/msys2/usr/share/man/man3/stdscr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/subpad.3x.gz b/msys2/usr/share/man/man3/subpad.3x.gz
index 59834be69..457c4e67f 100644
Binary files a/msys2/usr/share/man/man3/subpad.3x.gz and b/msys2/usr/share/man/man3/subpad.3x.gz differ
diff --git a/msys2/usr/share/man/man3/term_attrs.3x.gz b/msys2/usr/share/man/man3/term_attrs.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/term_attrs.3x.gz and b/msys2/usr/share/man/man3/term_attrs.3x.gz differ
diff --git a/msys2/usr/share/man/man3/termattrs.3x.gz b/msys2/usr/share/man/man3/termattrs.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/termattrs.3x.gz and b/msys2/usr/share/man/man3/termattrs.3x.gz differ
diff --git a/msys2/usr/share/man/man3/termname.3x.gz b/msys2/usr/share/man/man3/termname.3x.gz
index f1e1da961..f1503191b 100644
Binary files a/msys2/usr/share/man/man3/termname.3x.gz and b/msys2/usr/share/man/man3/termname.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tgetent.3x.gz b/msys2/usr/share/man/man3/tgetent.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/tgetent.3x.gz and b/msys2/usr/share/man/man3/tgetent.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tgetflag.3x.gz b/msys2/usr/share/man/man3/tgetflag.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/tgetflag.3x.gz and b/msys2/usr/share/man/man3/tgetflag.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tgetnum.3x.gz b/msys2/usr/share/man/man3/tgetnum.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/tgetnum.3x.gz and b/msys2/usr/share/man/man3/tgetnum.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tgetstr.3x.gz b/msys2/usr/share/man/man3/tgetstr.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/tgetstr.3x.gz and b/msys2/usr/share/man/man3/tgetstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tgoto.3x.gz b/msys2/usr/share/man/man3/tgoto.3x.gz
index ef3cb57a5..9a348ec38 100644
Binary files a/msys2/usr/share/man/man3/tgoto.3x.gz and b/msys2/usr/share/man/man3/tgoto.3x.gz differ
diff --git a/msys2/usr/share/man/man3/threads.3ssl.gz b/msys2/usr/share/man/man3/threads.3ssl.gz
deleted file mode 100644
index 89e67583a..000000000
Binary files a/msys2/usr/share/man/man3/threads.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/tigetflag.3x.gz b/msys2/usr/share/man/man3/tigetflag.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/tigetflag.3x.gz and b/msys2/usr/share/man/man3/tigetflag.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tigetnum.3x.gz b/msys2/usr/share/man/man3/tigetnum.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/tigetnum.3x.gz and b/msys2/usr/share/man/man3/tigetnum.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tigetstr.3x.gz b/msys2/usr/share/man/man3/tigetstr.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/tigetstr.3x.gz and b/msys2/usr/share/man/man3/tigetstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/time.3am.gz b/msys2/usr/share/man/man3/time.3am.gz
index 1a8ed59c7..dccffef40 100644
Binary files a/msys2/usr/share/man/man3/time.3am.gz and b/msys2/usr/share/man/man3/time.3am.gz differ
diff --git a/msys2/usr/share/man/man3/timeout.3x.gz b/msys2/usr/share/man/man3/timeout.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/timeout.3x.gz and b/msys2/usr/share/man/man3/timeout.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tiparm.3x.gz b/msys2/usr/share/man/man3/tiparm.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/tiparm.3x.gz and b/msys2/usr/share/man/man3/tiparm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/top_panel.3x.gz b/msys2/usr/share/man/man3/top_panel.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/top_panel.3x.gz and b/msys2/usr/share/man/man3/top_panel.3x.gz differ
diff --git a/msys2/usr/share/man/man3/top_row.3x.gz b/msys2/usr/share/man/man3/top_row.3x.gz
index b006d2869..66c4e3957 100644
Binary files a/msys2/usr/share/man/man3/top_row.3x.gz and b/msys2/usr/share/man/man3/top_row.3x.gz differ
diff --git a/msys2/usr/share/man/man3/touchline.3x.gz b/msys2/usr/share/man/man3/touchline.3x.gz
index 1041376b9..9eb226143 100644
Binary files a/msys2/usr/share/man/man3/touchline.3x.gz and b/msys2/usr/share/man/man3/touchline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/touchwin.3x.gz b/msys2/usr/share/man/man3/touchwin.3x.gz
index 1041376b9..9eb226143 100644
Binary files a/msys2/usr/share/man/man3/touchwin.3x.gz and b/msys2/usr/share/man/man3/touchwin.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tparm.3x.gz b/msys2/usr/share/man/man3/tparm.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/tparm.3x.gz and b/msys2/usr/share/man/man3/tparm.3x.gz differ
diff --git a/msys2/usr/share/man/man3/tputs.3x.gz b/msys2/usr/share/man/man3/tputs.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/tputs.3x.gz and b/msys2/usr/share/man/man3/tputs.3x.gz differ
diff --git a/msys2/usr/share/man/man3/typeahead.3x.gz b/msys2/usr/share/man/man3/typeahead.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/typeahead.3x.gz and b/msys2/usr/share/man/man3/typeahead.3x.gz differ
diff --git a/msys2/usr/share/man/man3/ui.3ssl.gz b/msys2/usr/share/man/man3/ui.3ssl.gz
index 91e71e604..51be06cf8 100644
Binary files a/msys2/usr/share/man/man3/ui.3ssl.gz and b/msys2/usr/share/man/man3/ui.3ssl.gz differ
diff --git a/msys2/usr/share/man/man3/ui_compat.3ssl.gz b/msys2/usr/share/man/man3/ui_compat.3ssl.gz
deleted file mode 100644
index 3ed6d1350..000000000
Binary files a/msys2/usr/share/man/man3/ui_compat.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man3/unctrl.3x.gz b/msys2/usr/share/man/man3/unctrl.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/unctrl.3x.gz and b/msys2/usr/share/man/man3/unctrl.3x.gz differ
diff --git a/msys2/usr/share/man/man3/unfocus_current_field.3x.gz b/msys2/usr/share/man/man3/unfocus_current_field.3x.gz
index cea209f49..2434be0e5 100644
Binary files a/msys2/usr/share/man/man3/unfocus_current_field.3x.gz and b/msys2/usr/share/man/man3/unfocus_current_field.3x.gz differ
diff --git a/msys2/usr/share/man/man3/unget_wch.3x.gz b/msys2/usr/share/man/man3/unget_wch.3x.gz
index 0df737a7d..e76d981a0 100644
Binary files a/msys2/usr/share/man/man3/unget_wch.3x.gz and b/msys2/usr/share/man/man3/unget_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/ungetch.3x.gz b/msys2/usr/share/man/man3/ungetch.3x.gz
index e5538d65e..249c9cb35 100644
Binary files a/msys2/usr/share/man/man3/ungetch.3x.gz and b/msys2/usr/share/man/man3/ungetch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/ungetmouse.3x.gz b/msys2/usr/share/man/man3/ungetmouse.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/ungetmouse.3x.gz and b/msys2/usr/share/man/man3/ungetmouse.3x.gz differ
diff --git a/msys2/usr/share/man/man3/unpost_form.3x.gz b/msys2/usr/share/man/man3/unpost_form.3x.gz
index 7e76615e0..a2f8b2c36 100644
Binary files a/msys2/usr/share/man/man3/unpost_form.3x.gz and b/msys2/usr/share/man/man3/unpost_form.3x.gz differ
diff --git a/msys2/usr/share/man/man3/unpost_menu.3x.gz b/msys2/usr/share/man/man3/unpost_menu.3x.gz
index a6d90bff3..05b7af4f5 100644
Binary files a/msys2/usr/share/man/man3/unpost_menu.3x.gz and b/msys2/usr/share/man/man3/unpost_menu.3x.gz differ
diff --git a/msys2/usr/share/man/man3/untouchwin.3x.gz b/msys2/usr/share/man/man3/untouchwin.3x.gz
index 1041376b9..9eb226143 100644
Binary files a/msys2/usr/share/man/man3/untouchwin.3x.gz and b/msys2/usr/share/man/man3/untouchwin.3x.gz differ
diff --git a/msys2/usr/share/man/man3/update_panels.3x.gz b/msys2/usr/share/man/man3/update_panels.3x.gz
index 545403c68..aa33de9f9 100644
Binary files a/msys2/usr/share/man/man3/update_panels.3x.gz and b/msys2/usr/share/man/man3/update_panels.3x.gz differ
diff --git a/msys2/usr/share/man/man3/use_default_colors.3x.gz b/msys2/usr/share/man/man3/use_default_colors.3x.gz
index e9d6c34f2..679fb2766 100644
Binary files a/msys2/usr/share/man/man3/use_default_colors.3x.gz and b/msys2/usr/share/man/man3/use_default_colors.3x.gz differ
diff --git a/msys2/usr/share/man/man3/use_env.3x.gz b/msys2/usr/share/man/man3/use_env.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/use_env.3x.gz and b/msys2/usr/share/man/man3/use_env.3x.gz differ
diff --git a/msys2/usr/share/man/man3/use_extended_names.3x.gz b/msys2/usr/share/man/man3/use_extended_names.3x.gz
index d5adcfaf5..69867a702 100644
Binary files a/msys2/usr/share/man/man3/use_extended_names.3x.gz and b/msys2/usr/share/man/man3/use_extended_names.3x.gz differ
diff --git a/msys2/usr/share/man/man3/use_tioctl.3x.gz b/msys2/usr/share/man/man3/use_tioctl.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/use_tioctl.3x.gz and b/msys2/usr/share/man/man3/use_tioctl.3x.gz differ
diff --git a/msys2/usr/share/man/man3/uuid.3.gz b/msys2/usr/share/man/man3/uuid.3.gz
index 03175f378..52c5aa09b 100644
Binary files a/msys2/usr/share/man/man3/uuid.3.gz and b/msys2/usr/share/man/man3/uuid.3.gz differ
diff --git a/msys2/usr/share/man/man3/uuid_clear.3.gz b/msys2/usr/share/man/man3/uuid_clear.3.gz
index 9c18f6bd0..3849a7436 100644
Binary files a/msys2/usr/share/man/man3/uuid_clear.3.gz and b/msys2/usr/share/man/man3/uuid_clear.3.gz differ
diff --git a/msys2/usr/share/man/man3/uuid_compare.3.gz b/msys2/usr/share/man/man3/uuid_compare.3.gz
index 93b07de16..c25470476 100644
Binary files a/msys2/usr/share/man/man3/uuid_compare.3.gz and b/msys2/usr/share/man/man3/uuid_compare.3.gz differ
diff --git a/msys2/usr/share/man/man3/uuid_copy.3.gz b/msys2/usr/share/man/man3/uuid_copy.3.gz
index 05518da15..1592845b9 100644
Binary files a/msys2/usr/share/man/man3/uuid_copy.3.gz and b/msys2/usr/share/man/man3/uuid_copy.3.gz differ
diff --git a/msys2/usr/share/man/man3/uuid_generate.3.gz b/msys2/usr/share/man/man3/uuid_generate.3.gz
index b803845f5..545d98532 100644
Binary files a/msys2/usr/share/man/man3/uuid_generate.3.gz and b/msys2/usr/share/man/man3/uuid_generate.3.gz differ
diff --git a/msys2/usr/share/man/man3/uuid_is_null.3.gz b/msys2/usr/share/man/man3/uuid_is_null.3.gz
index d707916b9..45cd29930 100644
Binary files a/msys2/usr/share/man/man3/uuid_is_null.3.gz and b/msys2/usr/share/man/man3/uuid_is_null.3.gz differ
diff --git a/msys2/usr/share/man/man3/uuid_parse.3.gz b/msys2/usr/share/man/man3/uuid_parse.3.gz
index 940bf6266..7378495ef 100644
Binary files a/msys2/usr/share/man/man3/uuid_parse.3.gz and b/msys2/usr/share/man/man3/uuid_parse.3.gz differ
diff --git a/msys2/usr/share/man/man3/uuid_time.3.gz b/msys2/usr/share/man/man3/uuid_time.3.gz
index e45029803..6d0b02d1c 100644
Binary files a/msys2/usr/share/man/man3/uuid_time.3.gz and b/msys2/usr/share/man/man3/uuid_time.3.gz differ
diff --git a/msys2/usr/share/man/man3/uuid_unparse.3.gz b/msys2/usr/share/man/man3/uuid_unparse.3.gz
index 4f2f43a05..43462b58b 100644
Binary files a/msys2/usr/share/man/man3/uuid_unparse.3.gz and b/msys2/usr/share/man/man3/uuid_unparse.3.gz differ
diff --git a/msys2/usr/share/man/man3/vid_attr.3x.gz b/msys2/usr/share/man/man3/vid_attr.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/vid_attr.3x.gz and b/msys2/usr/share/man/man3/vid_attr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/vid_puts.3x.gz b/msys2/usr/share/man/man3/vid_puts.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/vid_puts.3x.gz and b/msys2/usr/share/man/man3/vid_puts.3x.gz differ
diff --git a/msys2/usr/share/man/man3/vidattr.3x.gz b/msys2/usr/share/man/man3/vidattr.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/vidattr.3x.gz and b/msys2/usr/share/man/man3/vidattr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/vidputs.3x.gz b/msys2/usr/share/man/man3/vidputs.3x.gz
index 22ab4de4e..009553134 100644
Binary files a/msys2/usr/share/man/man3/vidputs.3x.gz and b/msys2/usr/share/man/man3/vidputs.3x.gz differ
diff --git a/msys2/usr/share/man/man3/vline.3x.gz b/msys2/usr/share/man/man3/vline.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/vline.3x.gz and b/msys2/usr/share/man/man3/vline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/vw_printw.3x.gz b/msys2/usr/share/man/man3/vw_printw.3x.gz
index df4fa0b56..22aaed139 100644
Binary files a/msys2/usr/share/man/man3/vw_printw.3x.gz and b/msys2/usr/share/man/man3/vw_printw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/vw_scanw.3x.gz b/msys2/usr/share/man/man3/vw_scanw.3x.gz
index 7455dd6e2..024031d5b 100644
Binary files a/msys2/usr/share/man/man3/vw_scanw.3x.gz and b/msys2/usr/share/man/man3/vw_scanw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/vwprintw.3x.gz b/msys2/usr/share/man/man3/vwprintw.3x.gz
index df4fa0b56..22aaed139 100644
Binary files a/msys2/usr/share/man/man3/vwprintw.3x.gz and b/msys2/usr/share/man/man3/vwprintw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/vwscanw.3x.gz b/msys2/usr/share/man/man3/vwscanw.3x.gz
index 7455dd6e2..024031d5b 100644
Binary files a/msys2/usr/share/man/man3/vwscanw.3x.gz and b/msys2/usr/share/man/man3/vwscanw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/waddch.3x.gz b/msys2/usr/share/man/man3/waddch.3x.gz
index 9380c711b..7222e4e58 100644
Binary files a/msys2/usr/share/man/man3/waddch.3x.gz and b/msys2/usr/share/man/man3/waddch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wattr_get.3x.gz b/msys2/usr/share/man/man3/wattr_get.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wattr_get.3x.gz and b/msys2/usr/share/man/man3/wattr_get.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wattr_off.3x.gz b/msys2/usr/share/man/man3/wattr_off.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wattr_off.3x.gz and b/msys2/usr/share/man/man3/wattr_off.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wattr_on.3x.gz b/msys2/usr/share/man/man3/wattr_on.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wattr_on.3x.gz and b/msys2/usr/share/man/man3/wattr_on.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wattr_set.3x.gz b/msys2/usr/share/man/man3/wattr_set.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wattr_set.3x.gz and b/msys2/usr/share/man/man3/wattr_set.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wattroff.3x.gz b/msys2/usr/share/man/man3/wattroff.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wattroff.3x.gz and b/msys2/usr/share/man/man3/wattroff.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wattron.3x.gz b/msys2/usr/share/man/man3/wattron.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wattron.3x.gz and b/msys2/usr/share/man/man3/wattron.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wattrset.3x.gz b/msys2/usr/share/man/man3/wattrset.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wattrset.3x.gz and b/msys2/usr/share/man/man3/wattrset.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wbkgd.3x.gz b/msys2/usr/share/man/man3/wbkgd.3x.gz
index e153a5f7b..da16aa023 100644
Binary files a/msys2/usr/share/man/man3/wbkgd.3x.gz and b/msys2/usr/share/man/man3/wbkgd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wbkgdset.3x.gz b/msys2/usr/share/man/man3/wbkgdset.3x.gz
index e153a5f7b..da16aa023 100644
Binary files a/msys2/usr/share/man/man3/wbkgdset.3x.gz and b/msys2/usr/share/man/man3/wbkgdset.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wbkgrnd.3x.gz b/msys2/usr/share/man/man3/wbkgrnd.3x.gz
index 3caaae36d..780272d5c 100644
Binary files a/msys2/usr/share/man/man3/wbkgrnd.3x.gz and b/msys2/usr/share/man/man3/wbkgrnd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wbkgrndset.3x.gz b/msys2/usr/share/man/man3/wbkgrndset.3x.gz
index 3caaae36d..780272d5c 100644
Binary files a/msys2/usr/share/man/man3/wbkgrndset.3x.gz and b/msys2/usr/share/man/man3/wbkgrndset.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wborder.3x.gz b/msys2/usr/share/man/man3/wborder.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/wborder.3x.gz and b/msys2/usr/share/man/man3/wborder.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wchgat.3x.gz b/msys2/usr/share/man/man3/wchgat.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wchgat.3x.gz and b/msys2/usr/share/man/man3/wchgat.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wclear.3x.gz b/msys2/usr/share/man/man3/wclear.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/wclear.3x.gz and b/msys2/usr/share/man/man3/wclear.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wclrtobot.3x.gz b/msys2/usr/share/man/man3/wclrtobot.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/wclrtobot.3x.gz and b/msys2/usr/share/man/man3/wclrtobot.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wclrtoeol.3x.gz b/msys2/usr/share/man/man3/wclrtoeol.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/wclrtoeol.3x.gz and b/msys2/usr/share/man/man3/wclrtoeol.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wcolor_set.3x.gz b/msys2/usr/share/man/man3/wcolor_set.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wcolor_set.3x.gz and b/msys2/usr/share/man/man3/wcolor_set.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wdelch.3x.gz b/msys2/usr/share/man/man3/wdelch.3x.gz
index b3d30bdeb..73bf9762a 100644
Binary files a/msys2/usr/share/man/man3/wdelch.3x.gz and b/msys2/usr/share/man/man3/wdelch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wdeleteln.3x.gz b/msys2/usr/share/man/man3/wdeleteln.3x.gz
index bf00f7e8a..9ef2f5321 100644
Binary files a/msys2/usr/share/man/man3/wdeleteln.3x.gz and b/msys2/usr/share/man/man3/wdeleteln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wechochar.3x.gz b/msys2/usr/share/man/man3/wechochar.3x.gz
index 9380c711b..7222e4e58 100644
Binary files a/msys2/usr/share/man/man3/wechochar.3x.gz and b/msys2/usr/share/man/man3/wechochar.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wenclose.3x.gz b/msys2/usr/share/man/man3/wenclose.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/wenclose.3x.gz and b/msys2/usr/share/man/man3/wenclose.3x.gz differ
diff --git a/msys2/usr/share/man/man3/werase.3x.gz b/msys2/usr/share/man/man3/werase.3x.gz
index ef449df76..b4027bbcc 100644
Binary files a/msys2/usr/share/man/man3/werase.3x.gz and b/msys2/usr/share/man/man3/werase.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wget_wch.3x.gz b/msys2/usr/share/man/man3/wget_wch.3x.gz
index 0df737a7d..e76d981a0 100644
Binary files a/msys2/usr/share/man/man3/wget_wch.3x.gz and b/msys2/usr/share/man/man3/wget_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wget_wstr.3x.gz b/msys2/usr/share/man/man3/wget_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/wget_wstr.3x.gz and b/msys2/usr/share/man/man3/wget_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wgetbkgrnd.3x.gz b/msys2/usr/share/man/man3/wgetbkgrnd.3x.gz
index 3caaae36d..780272d5c 100644
Binary files a/msys2/usr/share/man/man3/wgetbkgrnd.3x.gz and b/msys2/usr/share/man/man3/wgetbkgrnd.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wgetch.3x.gz b/msys2/usr/share/man/man3/wgetch.3x.gz
index e5538d65e..249c9cb35 100644
Binary files a/msys2/usr/share/man/man3/wgetch.3x.gz and b/msys2/usr/share/man/man3/wgetch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wgetn_wstr.3x.gz b/msys2/usr/share/man/man3/wgetn_wstr.3x.gz
index 0092dc712..fc38215da 100644
Binary files a/msys2/usr/share/man/man3/wgetn_wstr.3x.gz and b/msys2/usr/share/man/man3/wgetn_wstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wgetnstr.3x.gz b/msys2/usr/share/man/man3/wgetnstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/wgetnstr.3x.gz and b/msys2/usr/share/man/man3/wgetnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wgetstr.3x.gz b/msys2/usr/share/man/man3/wgetstr.3x.gz
index 9b8159d85..072b281fe 100644
Binary files a/msys2/usr/share/man/man3/wgetstr.3x.gz and b/msys2/usr/share/man/man3/wgetstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/whline.3x.gz b/msys2/usr/share/man/man3/whline.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/whline.3x.gz and b/msys2/usr/share/man/man3/whline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/win_wch.3x.gz b/msys2/usr/share/man/man3/win_wch.3x.gz
index b41bb3f93..924ba1f19 100644
Binary files a/msys2/usr/share/man/man3/win_wch.3x.gz and b/msys2/usr/share/man/man3/win_wch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/win_wchnstr.3x.gz b/msys2/usr/share/man/man3/win_wchnstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/win_wchnstr.3x.gz and b/msys2/usr/share/man/man3/win_wchnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/win_wchstr.3x.gz b/msys2/usr/share/man/man3/win_wchstr.3x.gz
index 4f47287a5..0d49dee13 100644
Binary files a/msys2/usr/share/man/man3/win_wchstr.3x.gz and b/msys2/usr/share/man/man3/win_wchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winch.3x.gz b/msys2/usr/share/man/man3/winch.3x.gz
index d05e54745..20db1f376 100644
Binary files a/msys2/usr/share/man/man3/winch.3x.gz and b/msys2/usr/share/man/man3/winch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winchnstr.3x.gz b/msys2/usr/share/man/man3/winchnstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/winchnstr.3x.gz and b/msys2/usr/share/man/man3/winchnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winchstr.3x.gz b/msys2/usr/share/man/man3/winchstr.3x.gz
index f2e4b3b76..3ac377f70 100644
Binary files a/msys2/usr/share/man/man3/winchstr.3x.gz and b/msys2/usr/share/man/man3/winchstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winnstr.3x.gz b/msys2/usr/share/man/man3/winnstr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/winnstr.3x.gz and b/msys2/usr/share/man/man3/winnstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winnwstr.3x.gz b/msys2/usr/share/man/man3/winnwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/winnwstr.3x.gz and b/msys2/usr/share/man/man3/winnwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winsch.3x.gz b/msys2/usr/share/man/man3/winsch.3x.gz
index 103417d3f..37efb87eb 100644
Binary files a/msys2/usr/share/man/man3/winsch.3x.gz and b/msys2/usr/share/man/man3/winsch.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winsdelln.3x.gz b/msys2/usr/share/man/man3/winsdelln.3x.gz
index bf00f7e8a..9ef2f5321 100644
Binary files a/msys2/usr/share/man/man3/winsdelln.3x.gz and b/msys2/usr/share/man/man3/winsdelln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winsertln.3x.gz b/msys2/usr/share/man/man3/winsertln.3x.gz
index bf00f7e8a..9ef2f5321 100644
Binary files a/msys2/usr/share/man/man3/winsertln.3x.gz and b/msys2/usr/share/man/man3/winsertln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winstr.3x.gz b/msys2/usr/share/man/man3/winstr.3x.gz
index e545eec9c..561ee23d5 100644
Binary files a/msys2/usr/share/man/man3/winstr.3x.gz and b/msys2/usr/share/man/man3/winstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/winwstr.3x.gz b/msys2/usr/share/man/man3/winwstr.3x.gz
index 7b4cc9fa5..5e7c675a8 100644
Binary files a/msys2/usr/share/man/man3/winwstr.3x.gz and b/msys2/usr/share/man/man3/winwstr.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wmouse_trafo.3x.gz b/msys2/usr/share/man/man3/wmouse_trafo.3x.gz
index 1a2baa9fb..52055cfbd 100644
Binary files a/msys2/usr/share/man/man3/wmouse_trafo.3x.gz and b/msys2/usr/share/man/man3/wmouse_trafo.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wmove.3x.gz b/msys2/usr/share/man/man3/wmove.3x.gz
index f454e7a39..df34bee7c 100644
Binary files a/msys2/usr/share/man/man3/wmove.3x.gz and b/msys2/usr/share/man/man3/wmove.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wnoutrefresh.3x.gz b/msys2/usr/share/man/man3/wnoutrefresh.3x.gz
index 9907d050d..263e8feba 100644
Binary files a/msys2/usr/share/man/man3/wnoutrefresh.3x.gz and b/msys2/usr/share/man/man3/wnoutrefresh.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wprintw.3x.gz b/msys2/usr/share/man/man3/wprintw.3x.gz
index df4fa0b56..22aaed139 100644
Binary files a/msys2/usr/share/man/man3/wprintw.3x.gz and b/msys2/usr/share/man/man3/wprintw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wredrawln.3x.gz b/msys2/usr/share/man/man3/wredrawln.3x.gz
index 9907d050d..263e8feba 100644
Binary files a/msys2/usr/share/man/man3/wredrawln.3x.gz and b/msys2/usr/share/man/man3/wredrawln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wrefresh.3x.gz b/msys2/usr/share/man/man3/wrefresh.3x.gz
index 9907d050d..263e8feba 100644
Binary files a/msys2/usr/share/man/man3/wrefresh.3x.gz and b/msys2/usr/share/man/man3/wrefresh.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wresize.3x.gz b/msys2/usr/share/man/man3/wresize.3x.gz
index 475e66c03..8889be870 100644
Binary files a/msys2/usr/share/man/man3/wresize.3x.gz and b/msys2/usr/share/man/man3/wresize.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wscanw.3x.gz b/msys2/usr/share/man/man3/wscanw.3x.gz
index 7455dd6e2..024031d5b 100644
Binary files a/msys2/usr/share/man/man3/wscanw.3x.gz and b/msys2/usr/share/man/man3/wscanw.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wscrl.3x.gz b/msys2/usr/share/man/man3/wscrl.3x.gz
index f1cc85862..8bf11d7f3 100644
Binary files a/msys2/usr/share/man/man3/wscrl.3x.gz and b/msys2/usr/share/man/man3/wscrl.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wsetscrreg.3x.gz b/msys2/usr/share/man/man3/wsetscrreg.3x.gz
index 767ec5681..9a38c9185 100644
Binary files a/msys2/usr/share/man/man3/wsetscrreg.3x.gz and b/msys2/usr/share/man/man3/wsetscrreg.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wstandend.3x.gz b/msys2/usr/share/man/man3/wstandend.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wstandend.3x.gz and b/msys2/usr/share/man/man3/wstandend.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wstandout.3x.gz b/msys2/usr/share/man/man3/wstandout.3x.gz
index 77982a5c3..269c87273 100644
Binary files a/msys2/usr/share/man/man3/wstandout.3x.gz and b/msys2/usr/share/man/man3/wstandout.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wtimeout.3x.gz b/msys2/usr/share/man/man3/wtimeout.3x.gz
index e7ba056f3..90273a4d7 100644
Binary files a/msys2/usr/share/man/man3/wtimeout.3x.gz and b/msys2/usr/share/man/man3/wtimeout.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wtouchln.3x.gz b/msys2/usr/share/man/man3/wtouchln.3x.gz
index 1041376b9..9eb226143 100644
Binary files a/msys2/usr/share/man/man3/wtouchln.3x.gz and b/msys2/usr/share/man/man3/wtouchln.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wunctrl.3x.gz b/msys2/usr/share/man/man3/wunctrl.3x.gz
index 9de93d746..6b340ae20 100644
Binary files a/msys2/usr/share/man/man3/wunctrl.3x.gz and b/msys2/usr/share/man/man3/wunctrl.3x.gz differ
diff --git a/msys2/usr/share/man/man3/wvline.3x.gz b/msys2/usr/share/man/man3/wvline.3x.gz
index 673385164..1d2c4438c 100644
Binary files a/msys2/usr/share/man/man3/wvline.3x.gz and b/msys2/usr/share/man/man3/wvline.3x.gz differ
diff --git a/msys2/usr/share/man/man3/x509.3ssl.gz b/msys2/usr/share/man/man3/x509.3ssl.gz
deleted file mode 100644
index c213afeff..000000000
Binary files a/msys2/usr/share/man/man3/x509.3ssl.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man5/BUILDINFO.5.gz b/msys2/usr/share/man/man5/BUILDINFO.5.gz
new file mode 100644
index 000000000..fb66f5fe1
Binary files /dev/null and b/msys2/usr/share/man/man5/BUILDINFO.5.gz differ
diff --git a/msys2/usr/share/man/man5/PKGBUILD.5.gz b/msys2/usr/share/man/man5/PKGBUILD.5.gz
index e49f02ada..4928468ba 100644
Binary files a/msys2/usr/share/man/man5/PKGBUILD.5.gz and b/msys2/usr/share/man/man5/PKGBUILD.5.gz differ
diff --git a/msys2/usr/share/man/man5/alpm-hooks.5.gz b/msys2/usr/share/man/man5/alpm-hooks.5.gz
index ded140d7e..31b3f961b 100644
Binary files a/msys2/usr/share/man/man5/alpm-hooks.5.gz and b/msys2/usr/share/man/man5/alpm-hooks.5.gz differ
diff --git a/msys2/usr/share/man/man5/config.5ssl.gz b/msys2/usr/share/man/man5/config.5ssl.gz
index 66b9b98a6..ba91e0fe4 100644
Binary files a/msys2/usr/share/man/man5/config.5ssl.gz and b/msys2/usr/share/man/man5/config.5ssl.gz differ
diff --git a/msys2/usr/share/man/man5/info.5.gz b/msys2/usr/share/man/man5/info.5.gz
index fabec296f..5b4bc38e2 100644
Binary files a/msys2/usr/share/man/man5/info.5.gz and b/msys2/usr/share/man/man5/info.5.gz differ
diff --git a/msys2/usr/share/man/man5/magic.5.gz b/msys2/usr/share/man/man5/magic.5.gz
index ae59a4677..c81774692 100644
Binary files a/msys2/usr/share/man/man5/magic.5.gz and b/msys2/usr/share/man/man5/magic.5.gz differ
diff --git a/msys2/usr/share/man/man5/makepkg.conf.5.gz b/msys2/usr/share/man/man5/makepkg.conf.5.gz
index 63562355a..756b8f8ee 100644
Binary files a/msys2/usr/share/man/man5/makepkg.conf.5.gz and b/msys2/usr/share/man/man5/makepkg.conf.5.gz differ
diff --git a/msys2/usr/share/man/man5/pacman.conf.5.gz b/msys2/usr/share/man/man5/pacman.conf.5.gz
index 006e35279..3c76cbdcd 100644
Binary files a/msys2/usr/share/man/man5/pacman.conf.5.gz and b/msys2/usr/share/man/man5/pacman.conf.5.gz differ
diff --git a/msys2/usr/share/man/man5/scr_dump.5.gz b/msys2/usr/share/man/man5/scr_dump.5.gz
index 50baa2e8b..0bc6a4918 100644
Binary files a/msys2/usr/share/man/man5/scr_dump.5.gz and b/msys2/usr/share/man/man5/scr_dump.5.gz differ
diff --git a/msys2/usr/share/man/man5/term.5.gz b/msys2/usr/share/man/man5/term.5.gz
index 59b8e55b0..d19713425 100644
Binary files a/msys2/usr/share/man/man5/term.5.gz and b/msys2/usr/share/man/man5/term.5.gz differ
diff --git a/msys2/usr/share/man/man5/terminal-colors.d.5.gz b/msys2/usr/share/man/man5/terminal-colors.d.5.gz
index f27172ea7..563131ee0 100644
Binary files a/msys2/usr/share/man/man5/terminal-colors.d.5.gz and b/msys2/usr/share/man/man5/terminal-colors.d.5.gz differ
diff --git a/msys2/usr/share/man/man5/terminfo.5.gz b/msys2/usr/share/man/man5/terminfo.5.gz
index 817f4d53b..e198a6c8b 100644
Binary files a/msys2/usr/share/man/man5/terminfo.5.gz and b/msys2/usr/share/man/man5/terminfo.5.gz differ
diff --git a/msys2/usr/share/man/man5/tzfile.5.gz b/msys2/usr/share/man/man5/tzfile.5.gz
index 95b99cac7..8299fad57 100644
Binary files a/msys2/usr/share/man/man5/tzfile.5.gz and b/msys2/usr/share/man/man5/tzfile.5.gz differ
diff --git a/msys2/usr/share/man/man5/user_caps.5.gz b/msys2/usr/share/man/man5/user_caps.5.gz
index 4f1dc13cc..61f4a0cf7 100644
Binary files a/msys2/usr/share/man/man5/user_caps.5.gz and b/msys2/usr/share/man/man5/user_caps.5.gz differ
diff --git a/msys2/usr/share/man/man5/x509v3_config.5ssl.gz b/msys2/usr/share/man/man5/x509v3_config.5ssl.gz
index b3d3c4ba7..34034e01c 100644
Binary files a/msys2/usr/share/man/man5/x509v3_config.5ssl.gz and b/msys2/usr/share/man/man5/x509v3_config.5ssl.gz differ
diff --git a/msys2/usr/share/man/man7/Ed25519.7ssl.gz b/msys2/usr/share/man/man7/Ed25519.7ssl.gz
new file mode 100644
index 000000000..3767d5eec
Binary files /dev/null and b/msys2/usr/share/man/man7/Ed25519.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/Ed448.7ssl.gz b/msys2/usr/share/man/man7/Ed448.7ssl.gz
new file mode 100644
index 000000000..3767d5eec
Binary files /dev/null and b/msys2/usr/share/man/man7/Ed448.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/RAND.7ssl.gz b/msys2/usr/share/man/man7/RAND.7ssl.gz
new file mode 100644
index 000000000..11719748a
Binary files /dev/null and b/msys2/usr/share/man/man7/RAND.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/RAND_DRBG.7ssl.gz b/msys2/usr/share/man/man7/RAND_DRBG.7ssl.gz
new file mode 100644
index 000000000..d91cca4a0
Binary files /dev/null and b/msys2/usr/share/man/man7/RAND_DRBG.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/RSA-PSS.7ssl.gz b/msys2/usr/share/man/man7/RSA-PSS.7ssl.gz
new file mode 100644
index 000000000..0aaeef08f
Binary files /dev/null and b/msys2/usr/share/man/man7/RSA-PSS.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/SM2.7ssl.gz b/msys2/usr/share/man/man7/SM2.7ssl.gz
new file mode 100644
index 000000000..1aa521abf
Binary files /dev/null and b/msys2/usr/share/man/man7/SM2.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/X25519.7ssl.gz b/msys2/usr/share/man/man7/X25519.7ssl.gz
new file mode 100644
index 000000000..2f767cc1e
Binary files /dev/null and b/msys2/usr/share/man/man7/X25519.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/X448.7ssl.gz b/msys2/usr/share/man/man7/X448.7ssl.gz
new file mode 100644
index 000000000..2f767cc1e
Binary files /dev/null and b/msys2/usr/share/man/man7/X448.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/bio.7ssl.gz b/msys2/usr/share/man/man7/bio.7ssl.gz
new file mode 100644
index 000000000..5a6d0d659
Binary files /dev/null and b/msys2/usr/share/man/man7/bio.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/crypto.7ssl.gz b/msys2/usr/share/man/man7/crypto.7ssl.gz
new file mode 100644
index 000000000..eac80f6d0
Binary files /dev/null and b/msys2/usr/share/man/man7/crypto.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/ct.7ssl.gz b/msys2/usr/share/man/man7/ct.7ssl.gz
new file mode 100644
index 000000000..45be8e64a
Binary files /dev/null and b/msys2/usr/share/man/man7/ct.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/des_modes.7ssl.gz b/msys2/usr/share/man/man7/des_modes.7ssl.gz
index e6ac9a088..78df86ae2 100644
Binary files a/msys2/usr/share/man/man7/des_modes.7ssl.gz and b/msys2/usr/share/man/man7/des_modes.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/evp.7ssl.gz b/msys2/usr/share/man/man7/evp.7ssl.gz
new file mode 100644
index 000000000..848285414
Binary files /dev/null and b/msys2/usr/share/man/man7/evp.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/gnupg.7.gz b/msys2/usr/share/man/man7/gnupg.7.gz
new file mode 100644
index 000000000..9ec47f12b
Binary files /dev/null and b/msys2/usr/share/man/man7/gnupg.7.gz differ
diff --git a/msys2/usr/share/man/man7/ossl_store-file.7ssl.gz b/msys2/usr/share/man/man7/ossl_store-file.7ssl.gz
new file mode 100644
index 000000000..7d7bf6a4d
Binary files /dev/null and b/msys2/usr/share/man/man7/ossl_store-file.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/ossl_store.7ssl.gz b/msys2/usr/share/man/man7/ossl_store.7ssl.gz
new file mode 100644
index 000000000..d639742f3
Binary files /dev/null and b/msys2/usr/share/man/man7/ossl_store.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/passphrase-encoding.7ssl.gz b/msys2/usr/share/man/man7/passphrase-encoding.7ssl.gz
new file mode 100644
index 000000000..4c3ed494f
Binary files /dev/null and b/msys2/usr/share/man/man7/passphrase-encoding.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/scrypt.7ssl.gz b/msys2/usr/share/man/man7/scrypt.7ssl.gz
new file mode 100644
index 000000000..34f7d1fcd
Binary files /dev/null and b/msys2/usr/share/man/man7/scrypt.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/ssl.7ssl.gz b/msys2/usr/share/man/man7/ssl.7ssl.gz
new file mode 100644
index 000000000..77721182f
Binary files /dev/null and b/msys2/usr/share/man/man7/ssl.7ssl.gz differ
diff --git a/msys2/usr/share/man/man7/term.7.gz b/msys2/usr/share/man/man7/term.7.gz
index 0501aa139..01ec89bef 100644
Binary files a/msys2/usr/share/man/man7/term.7.gz and b/msys2/usr/share/man/man7/term.7.gz differ
diff --git a/msys2/usr/share/man/man7/x509.7ssl.gz b/msys2/usr/share/man/man7/x509.7ssl.gz
new file mode 100644
index 000000000..bf9564fd8
Binary files /dev/null and b/msys2/usr/share/man/man7/x509.7ssl.gz differ
diff --git a/msys2/usr/share/man/man8/addgnupghome.8.gz b/msys2/usr/share/man/man8/addgnupghome.8.gz
new file mode 100644
index 000000000..0a428dc70
Binary files /dev/null and b/msys2/usr/share/man/man8/addgnupghome.8.gz differ
diff --git a/msys2/usr/share/man/man8/agetty.8.gz b/msys2/usr/share/man/man8/agetty.8.gz
index 637ddf32b..668c9afe4 100644
Binary files a/msys2/usr/share/man/man8/agetty.8.gz and b/msys2/usr/share/man/man8/agetty.8.gz differ
diff --git a/msys2/usr/share/man/man8/applygnupgdefaults.8.gz b/msys2/usr/share/man/man8/applygnupgdefaults.8.gz
new file mode 100644
index 000000000..e238972b1
Binary files /dev/null and b/msys2/usr/share/man/man8/applygnupgdefaults.8.gz differ
diff --git a/msys2/usr/share/man/man8/blkid.8.gz b/msys2/usr/share/man/man8/blkid.8.gz
index 021ac8da2..4929fa3e5 100644
Binary files a/msys2/usr/share/man/man8/blkid.8.gz and b/msys2/usr/share/man/man8/blkid.8.gz differ
diff --git a/msys2/usr/share/man/man8/cfdisk.8.gz b/msys2/usr/share/man/man8/cfdisk.8.gz
index 0ff0d3038..0e6597491 100644
Binary files a/msys2/usr/share/man/man8/cfdisk.8.gz and b/msys2/usr/share/man/man8/cfdisk.8.gz differ
diff --git a/msys2/usr/share/man/man8/dirmngr.8.gz b/msys2/usr/share/man/man8/dirmngr.8.gz
new file mode 100644
index 000000000..783fe67e9
Binary files /dev/null and b/msys2/usr/share/man/man8/dirmngr.8.gz differ
diff --git a/msys2/usr/share/man/man8/fdisk.8.gz b/msys2/usr/share/man/man8/fdisk.8.gz
index d1a875432..1f84f0798 100644
Binary files a/msys2/usr/share/man/man8/fdisk.8.gz and b/msys2/usr/share/man/man8/fdisk.8.gz differ
diff --git a/msys2/usr/share/man/man8/findfs.8.gz b/msys2/usr/share/man/man8/findfs.8.gz
index 4f8fbb9b2..096b8796c 100644
Binary files a/msys2/usr/share/man/man8/findfs.8.gz and b/msys2/usr/share/man/man8/findfs.8.gz differ
diff --git a/msys2/usr/share/man/man8/fsck.cramfs.8.gz b/msys2/usr/share/man/man8/fsck.cramfs.8.gz
index cbf479357..d70aab63c 100644
Binary files a/msys2/usr/share/man/man8/fsck.cramfs.8.gz and b/msys2/usr/share/man/man8/fsck.cramfs.8.gz differ
diff --git a/msys2/usr/share/man/man8/fsck.minix.8.gz b/msys2/usr/share/man/man8/fsck.minix.8.gz
index ff778719c..25dbaec58 100644
Binary files a/msys2/usr/share/man/man8/fsck.minix.8.gz and b/msys2/usr/share/man/man8/fsck.minix.8.gz differ
diff --git a/msys2/usr/share/man/man8/isosize.8.gz b/msys2/usr/share/man/man8/isosize.8.gz
index 1d5c01ead..21e0d1572 100644
Binary files a/msys2/usr/share/man/man8/isosize.8.gz and b/msys2/usr/share/man/man8/isosize.8.gz differ
diff --git a/msys2/usr/share/man/man8/makepkg.8.gz b/msys2/usr/share/man/man8/makepkg.8.gz
index 0131f1dce..3a148de01 100644
Binary files a/msys2/usr/share/man/man8/makepkg.8.gz and b/msys2/usr/share/man/man8/makepkg.8.gz differ
diff --git a/msys2/usr/share/man/man8/mkfs.8.gz b/msys2/usr/share/man/man8/mkfs.8.gz
index 761714d8d..8ebb5793b 100644
Binary files a/msys2/usr/share/man/man8/mkfs.8.gz and b/msys2/usr/share/man/man8/mkfs.8.gz differ
diff --git a/msys2/usr/share/man/man8/mkfs.bfs.8.gz b/msys2/usr/share/man/man8/mkfs.bfs.8.gz
index e9e2c4b0d..6be3dfbbe 100644
Binary files a/msys2/usr/share/man/man8/mkfs.bfs.8.gz and b/msys2/usr/share/man/man8/mkfs.bfs.8.gz differ
diff --git a/msys2/usr/share/man/man8/mkfs.cramfs.8.gz b/msys2/usr/share/man/man8/mkfs.cramfs.8.gz
index fa528232b..e268b07b4 100644
Binary files a/msys2/usr/share/man/man8/mkfs.cramfs.8.gz and b/msys2/usr/share/man/man8/mkfs.cramfs.8.gz differ
diff --git a/msys2/usr/share/man/man8/mkfs.minix.8.gz b/msys2/usr/share/man/man8/mkfs.minix.8.gz
index 1b396eb7f..eff6112aa 100644
Binary files a/msys2/usr/share/man/man8/mkfs.minix.8.gz and b/msys2/usr/share/man/man8/mkfs.minix.8.gz differ
diff --git a/msys2/usr/share/man/man8/mkswap.8.gz b/msys2/usr/share/man/man8/mkswap.8.gz
index 9314bb6cd..9a8f01891 100644
Binary files a/msys2/usr/share/man/man8/mkswap.8.gz and b/msys2/usr/share/man/man8/mkswap.8.gz differ
diff --git a/msys2/usr/share/man/man8/pacman-key.8.gz b/msys2/usr/share/man/man8/pacman-key.8.gz
index 1bcd09de8..38b06ebb0 100644
Binary files a/msys2/usr/share/man/man8/pacman-key.8.gz and b/msys2/usr/share/man/man8/pacman-key.8.gz differ
diff --git a/msys2/usr/share/man/man8/pacman.8.gz b/msys2/usr/share/man/man8/pacman.8.gz
index 349436802..021adecad 100644
Binary files a/msys2/usr/share/man/man8/pacman.8.gz and b/msys2/usr/share/man/man8/pacman.8.gz differ
diff --git a/msys2/usr/share/man/man8/pactree.8.gz b/msys2/usr/share/man/man8/pactree.8.gz
index 5c716c0e1..eb879e29d 100644
Binary files a/msys2/usr/share/man/man8/pactree.8.gz and b/msys2/usr/share/man/man8/pactree.8.gz differ
diff --git a/msys2/usr/share/man/man8/pkgdelta.8.gz b/msys2/usr/share/man/man8/pkgdelta.8.gz
index 3c0e36284..fcf67f182 100644
Binary files a/msys2/usr/share/man/man8/pkgdelta.8.gz and b/msys2/usr/share/man/man8/pkgdelta.8.gz differ
diff --git a/msys2/usr/share/man/man8/repo-add.8.gz b/msys2/usr/share/man/man8/repo-add.8.gz
index 5cde3f246..d8f52c952 100644
Binary files a/msys2/usr/share/man/man8/repo-add.8.gz and b/msys2/usr/share/man/man8/repo-add.8.gz differ
diff --git a/msys2/usr/share/man/man8/repo-remove.8.gz b/msys2/usr/share/man/man8/repo-remove.8.gz
index 5cde3f246..d8f52c952 100644
Binary files a/msys2/usr/share/man/man8/repo-remove.8.gz and b/msys2/usr/share/man/man8/repo-remove.8.gz differ
diff --git a/msys2/usr/share/man/man8/sfdisk.8.gz b/msys2/usr/share/man/man8/sfdisk.8.gz
index 8c4205320..8aab3a9d4 100644
Binary files a/msys2/usr/share/man/man8/sfdisk.8.gz and b/msys2/usr/share/man/man8/sfdisk.8.gz differ
diff --git a/msys2/usr/share/man/man8/swaplabel.8.gz b/msys2/usr/share/man/man8/swaplabel.8.gz
index 9fcd2dd94..61975ef36 100644
Binary files a/msys2/usr/share/man/man8/swaplabel.8.gz and b/msys2/usr/share/man/man8/swaplabel.8.gz differ
diff --git a/msys2/usr/share/man/man8/tzselect.8.gz b/msys2/usr/share/man/man8/tzselect.8.gz
index 3e8cf0093..256156ef8 100644
Binary files a/msys2/usr/share/man/man8/tzselect.8.gz and b/msys2/usr/share/man/man8/tzselect.8.gz differ
diff --git a/msys2/usr/share/man/man8/uuidd.8.gz b/msys2/usr/share/man/man8/uuidd.8.gz
deleted file mode 100644
index ba4259a10..000000000
Binary files a/msys2/usr/share/man/man8/uuidd.8.gz and /dev/null differ
diff --git a/msys2/usr/share/man/man8/vercmp.8.gz b/msys2/usr/share/man/man8/vercmp.8.gz
index a17a1c5d9..3c06dce9f 100644
Binary files a/msys2/usr/share/man/man8/vercmp.8.gz and b/msys2/usr/share/man/man8/vercmp.8.gz differ
diff --git a/msys2/usr/share/man/man8/wipefs.8.gz b/msys2/usr/share/man/man8/wipefs.8.gz
index e92293b2c..022b87367 100644
Binary files a/msys2/usr/share/man/man8/wipefs.8.gz and b/msys2/usr/share/man/man8/wipefs.8.gz differ
diff --git a/msys2/usr/share/man/man8/zdump.8.gz b/msys2/usr/share/man/man8/zdump.8.gz
index d9c63d4d0..6da46491e 100644
Binary files a/msys2/usr/share/man/man8/zdump.8.gz and b/msys2/usr/share/man/man8/zdump.8.gz differ
diff --git a/msys2/usr/share/man/man8/zic.8.gz b/msys2/usr/share/man/man8/zic.8.gz
index 04077383b..3b4f4d01b 100644
Binary files a/msys2/usr/share/man/man8/zic.8.gz and b/msys2/usr/share/man/man8/zic.8.gz differ
diff --git a/msys2/usr/share/mintty/icon/wsl.ico b/msys2/usr/share/mintty/icon/wsl.ico
new file mode 100644
index 000000000..3d860db74
Binary files /dev/null and b/msys2/usr/share/mintty/icon/wsl.ico differ
diff --git a/msys2/usr/share/mintty/lang/de.po b/msys2/usr/share/mintty/lang/de.po
index 4dbe32bb0..16b1a69f0 100644
--- a/msys2/usr/share/mintty/lang/de.po
+++ b/msys2/usr/share/mintty/lang/de.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: mintty\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-04-11 10:29+0200\n"
+"POT-Creation-Date: 2019-03-28 18:43+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -16,79 +16,79 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: charset.c:213 charset.c:224 winmain.c:3270 winmain.c:3333
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "(Default)"
 msgstr ""
 
-#: charset.c:235
+#: charset.c:253
 msgid "(OEM codepage)"
 msgstr ""
 
-#: charset.c:239
+#: charset.c:257
 msgid "(ANSI codepage)"
 msgstr ""
 
-#: child.c:78
+#: child.c:82
 msgid "There are no available terminals"
 msgstr "Keine verfügbaren Terminals"
 
-#: child.c:153
+#: child.c:157
 msgid "Error: Could not open log file"
 msgstr "Fehler: Konnte Log-Datei nicht öffnen"
 
-#: child.c:225
+#: child.c:229
 msgid "Error: Could not fork child process"
 msgstr "Fehler: Konnte Prozess nicht erzeugen"
 
-#: child.c:227
+#: child.c:231
 msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
 msgstr ""
 "DLL rebasing vielleicht erforderlich; siehe 'rebaseall / rebase --help'"
 
 #. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
-#: child.c:305
+#: child.c:309
 msgid "Failed to run '%s': %s"
 msgstr "Starten von '%s' fehlgeschlagen: %s"
 
 #. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
-#: child.c:422
+#: child.c:426
 msgid "%s: Exit %i"
 msgstr "%s: Beendigung %i"
 
 #. __ default inline notification if ExitWrite=yes
-#: child.c:429
+#: child.c:433
 msgid "TERMINATED"
 msgstr "BEENDET"
 
-#: child.c:836
+#: child.c:984
 msgid "Error: Could not fork child daemon"
 msgstr "Fehler: Konnte Daemon-Prozess nicht starten"
 
 #. __ %s: unknown option name
-#: config.c:552
+#: config.c:603
 msgid "Ignoring unknown option '%s'"
 msgstr "Ignoriere unbekannte Option '%s'"
 
-#: config.c:597 config.c:626
+#: config.c:648 config.c:677
 msgid "Internal error: too many options"
 msgstr "Interner Fehler: zu viele Optionen"
 
-#: config.c:613
+#: config.c:664
 msgid "Internal error: too many options/comments"
 msgstr "Interner Fehler: zu viele Optionen/Kommentare"
 
 #. __ %2$s: option name, %1$s: invalid value
-#: config.c:748
+#: config.c:810
 msgid "Ignoring invalid value '%s' for option '%s'"
 msgstr "Ignoriere ungültigen Wert '%s' für Option '%s'"
 
 #. __ %s: option name
-#: config.c:759
+#: config.c:822
 msgid "Ignoring option '%s' with missing value"
 msgstr "Ignoriere Option '%s' – Wert fehlt"
 
 #. __ %1$s: config file name, %2$s: error message
-#: config.c:1362
+#: config.c:1443
 msgid ""
 "Could not save options to '%s':\n"
 "%s."
@@ -96,162 +96,162 @@ msgstr ""
 "Konnte Option nicht in '%s' schreiben:\n"
 "%s."
 
-#: config.c:1679
+#: config.c:1762
 msgid "â—‡ None (printing disabled) â—‡"
 msgstr "â—‡ Keiner (Drucken deaktiviert) â—‡"
 
-#: config.c:1681
+#: config.c:1764
 msgid "â—† Default printer â—†"
 msgstr "â—† Default-Drucker â—†"
 
 #. __ UI language
-#: config.c:1790
+#: config.c:1873
 msgid "– None –"
 msgstr "– Keine –"
 
-#: config.c:1791
+#: config.c:1874
 msgid "@ Windows language @"
 msgstr "@ Windows-Sprache @"
 
-#: config.c:1792
+#: config.c:1875
 msgid "* Locale environm. *"
 msgstr "* Locale-Umgebung *"
 
-#: config.c:1793
+#: config.c:1876
 msgid "= cfg. Text Locale ="
 msgstr "= kfg. Text-Locale ="
 
-#: config.c:1856
+#: config.c:1939
 msgid "simple beep"
 msgstr "einfacher Piep"
 
-#: config.c:1857
+#: config.c:1940
 msgid "no beep"
 msgstr "kein Piep"
 
-#: config.c:1858
+#: config.c:1941
 msgid "Default Beep"
 msgstr "Default-Piep"
 
-#: config.c:1859
+#: config.c:1942
 msgid "Critical Stop"
 msgstr "Fehler"
 
-#: config.c:1860
+#: config.c:1943
 msgid "Question"
 msgstr "Frage"
 
-#: config.c:1861
+#: config.c:1944
 msgid "Exclamation"
 msgstr "Warnung"
 
-#: config.c:1862
+#: config.c:1945
 msgid "Asterisk"
 msgstr "Hinweis"
 
-#: config.c:1905
+#: config.c:1988
 msgid "â—‡ None (system sound) â—‡"
 msgstr "â—‡ Keine (Systemklang) â—‡"
 
 #. __ terminal theme / colour scheme
-#: config.c:2036
+#: config.c:2119
 msgid "â—‡ None â—‡"
 msgstr "â—‡ Keins â—‡"
 
 #. __ indicator of unsaved downloaded colour scheme
-#: config.c:2039
+#: config.c:2122
 msgid "downloaded / give me a name!"
 msgstr "runtergeladen / Namen geben!"
 
-#: config.c:2128
+#: config.c:2211
 msgid "Could not load web theme"
 msgstr "Konnte Web-Schema nicht laden"
 
-#: config.c:2177
+#: config.c:2260
 msgid "Cannot write theme file"
 msgstr "Kann Schema nicht schreiben"
 
-#: config.c:2182
+#: config.c:2265
 msgid "Cannot store theme file"
 msgstr "Kann Schema nicht speichern"
 
 #. __ Dialog button - show About text
-#: config.c:2542
+#: config.c:2641
 msgid "About..."
 msgstr "Ãœber..."
 
 #. __ Dialog button - save changes
-#: config.c:2545
+#: config.c:2644
 msgid "Save"
 msgstr "Sichern"
 
 #. __ Dialog button - cancel
-#: config.c:2549 winctrls.c:1143 windialog.c:782
+#: config.c:2648 winctrls.c:1143 windialog.c:782
 msgid "Cancel"
 msgstr "Abbruch"
 
 #. __ Dialog button - apply changes
-#: config.c:2553
+#: config.c:2652
 msgid "Apply"
 msgstr "Anwenden"
 
 #. __ Dialog button - take notice
-#: config.c:2557 windialog.c:779
+#: config.c:2656 windialog.c:779
 msgid "I see"
 msgstr "Aha"
 
 #. __ Dialog button - confirm action
-#: config.c:2559 winctrls.c:1142 windialog.c:781
+#: config.c:2658 winctrls.c:1142 windialog.c:781
 msgid "OK"
 msgstr ""
 
 #. __ Options - Looks: treeview label
-#: config.c:2566 config.c:2597 config.c:2638
+#: config.c:2665 config.c:2696 config.c:2737
 msgid "Looks"
 msgstr "Aussehen"
 
 #. __ Options - Looks: panel title
-#: config.c:2568
+#: config.c:2667
 msgid "Looks in Terminal"
 msgstr "Aussehen im Terminal"
 
 #. __ Options - Looks: section title
-#: config.c:2570
+#: config.c:2669
 msgid "Colours"
 msgstr "Farben"
 
 #. __ Options - Looks:
-#: config.c:2574
+#: config.c:2673
 msgid "&Foreground..."
 msgstr "&Vordergrund.."
 
 #. __ Options - Looks:
-#: config.c:2578
+#: config.c:2677
 msgid "&Background..."
 msgstr "&Hintergrund.."
 
 #. __ Options - Looks:
-#: config.c:2582
+#: config.c:2681
 msgid "&Cursor..."
 msgstr "&Zeiger.."
 
 #. __ Options - Looks:
-#: config.c:2586
+#: config.c:2685
 msgid "&Theme"
 msgstr "&Schema"
 
 #. __ Options - Looks: name of web service
-#: config.c:2591
+#: config.c:2690
 msgid "Color Scheme Designer"
 msgstr ""
 
 #. __ Options - Looks: store colour scheme
-#: config.c:2594 winctrls.c:381
+#: config.c:2693 winctrls.c:381
 msgid "Store"
 msgstr "Sichern"
 
 #. __ Options - Looks: section title
-#: config.c:2599
+#: config.c:2698
 msgid "Transparency"
 msgstr "Transparenz"
 
@@ -259,447 +259,457 @@ msgstr "Transparenz"
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2605 config.c:2815 config.c:2899 config.c:2956
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
 msgid "&Off"
 msgstr "A&us"
 
 #. __ Options - Looks: transparency
-#: config.c:2607
+#: config.c:2706
 msgid "&Low"
 msgstr "&Klein"
 
 #. __ Options - Looks: transparency, short form of radio button label "Medium"
-#: config.c:2609
+#: config.c:2708
 msgid "&Med."
 msgstr "&Mittel"
 
 #. __ Options - Looks: transparency
-#: config.c:2611
+#: config.c:2710
 msgid "&Medium"
 msgstr "&Mittel"
 
 #. __ Options - Looks: transparency
-#: config.c:2613
+#: config.c:2712
 msgid "&High"
 msgstr "H&och"
 
 #. __ Options - Looks: transparency
-#: config.c:2615
+#: config.c:2714
 msgid "Gla&ss"
 msgstr "&Glas"
 
 #. __ Options - Looks: transparency
-#: config.c:2622 config.c:2633
+#: config.c:2721 config.c:2732
 msgid "Opa&que when focused"
 msgstr "Undurchsichtig wenn im &Fokus"
 
 #. __ Options - Looks: transparency
-#: config.c:2627
+#: config.c:2726
 msgid "Blu&r"
 msgstr "U&nklar"
 
 #. __ Options - Looks: section title
-#: config.c:2640
+#: config.c:2739
 msgid "Cursor"
 msgstr "Zeiger"
 
 #. __ Options - Looks: cursor type
-#: config.c:2645
+#: config.c:2744
 msgid "Li&ne"
 msgstr "&Linie"
 
 #. __ Options - Looks: cursor type
-#: config.c:2647
+#: config.c:2746
 msgid "Bloc&k"
 msgstr "&Block"
 
 #. __ Options - Looks: cursor type
-#: config.c:2649
+#: config.c:2748
 msgid "&Underscore"
 msgstr "Un&terstrich"
 
 #. __ Options - Looks: cursor feature
-#: config.c:2654
+#: config.c:2753
 msgid "Blinkin&g"
 msgstr "Blinken&d"
 
 #. __ Options - Text: treeview label
-#: config.c:2661 config.c:2683 config.c:2701 config.c:2735
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
 msgid "Text"
 msgstr "Schrift"
 
 #. __ Options - Text: panel title
-#: config.c:2663
+#: config.c:2762
 msgid "Text and Font properties"
 msgstr "Text und Schrift – Eigenschaften"
 
 #. __ Options - Text: section title
-#: config.c:2665
+#: config.c:2764
 msgid "Font"
 msgstr "Schrift"
 
 #. __ Options - Text:
 #. __ Font chooser:
-#: config.c:2673 winctrls.c:1153
+#: config.c:2772 winctrls.c:1153
 msgid "Font st&yle:"
 msgstr "Schriftsch&nitt:"
 
 #. __ Font chooser:
-#: config.c:2678 winctrls.c:1155
+#: config.c:2777 winctrls.c:1155
 msgid "&Size:"
 msgstr "Schr.&grad:"
 
 #. __ Options - Text:
-#: config.c:2687 config.c:2720
+#: config.c:2786 config.c:2819
 msgid "Sho&w bold as font"
 msgstr "Zeige &fett als Schrift"
 
 #. __ Options - Text:
-#: config.c:2692 config.c:2725
+#: config.c:2791 config.c:2824
 msgid "Show &bold as colour"
 msgstr "Zeige fett als F&arbe"
 
 #. __ Options - Text:
-#: config.c:2705
+#: config.c:2804
 msgid "Font smoothing"
 msgstr "Schriftglättung"
 
 #. __ Options - Text:
-#: config.c:2708
+#: config.c:2807 config.c:2951 config.c:2984
 msgid "&Default"
 msgstr "&Default"
 
 #. __ Options - Text:
 #. __ Options - Window: scrollbar
-#: config.c:2710 config.c:2940
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
 msgid "&None"
 msgstr "&Keine"
 
 #. __ Options - Text:
-#: config.c:2712
+#: config.c:2811 config.c:2950 config.c:2983
 msgid "&Partial"
 msgstr "&Teils"
 
 #. __ Options - Text:
-#: config.c:2714
+#: config.c:2813 config.c:2952 config.c:2985
 msgid "&Full"
 msgstr "&Voll"
 
 #. __ Options - Text:
-#: config.c:2730
+#: config.c:2829
 msgid "&Allow blinking"
 msgstr "&Blinken zulassen"
 
-#: config.c:2738
+#: config.c:2837
 msgid "&Locale"
 msgstr ""
 
-#: config.c:2741
+#: config.c:2840
 msgid "&Character set"
 msgstr "&Zeichensatz"
 
 #. __ Options - Keys: treeview label
-#: config.c:2748 config.c:2768 config.c:2802
+#: config.c:2847 config.c:2867 config.c:2901
 msgid "Keys"
 msgstr "Tastatur"
 
 #. __ Options - Keys: panel title
-#: config.c:2750
+#: config.c:2849
 msgid "Keyboard features"
 msgstr "Tastatur-Eigenschaften"
 
 #. __ Options - Keys:
-#: config.c:2754
+#: config.c:2853
 msgid "&Backarrow sends ^H"
 msgstr "&Rücktaste sendet ^H"
 
 #. __ Options - Keys:
-#: config.c:2759
+#: config.c:2858
 msgid "&Delete sends DEL"
 msgstr "&Entf sendet DEL"
 
 #. __ Options - Keys:
-#: config.c:2764
+#: config.c:2863
 msgid "Ctrl+LeftAlt is Alt&Gr"
 msgstr "Strg+LeftAlt ist Alt&Gr"
 
 #. __ Options - Keys: section title
-#: config.c:2770
+#: config.c:2869
 msgid "Shortcuts"
 msgstr "Kürzel"
 
 #. __ Options - Keys:
-#: config.c:2773
+#: config.c:2872
 msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
 msgstr "K&opieren/Einfügen (Strg/Shift+Ins)"
 
 #. __ Options - Keys:
-#: config.c:2778
+#: config.c:2877
 msgid "&Menu and Full Screen (Alt+Space/Enter)"
 msgstr "&Menü und Vollbildschirm (Alt+Space/Enter)"
 
 #. __ Options - Keys:
-#: config.c:2783
+#: config.c:2882
 msgid "&Switch window (Ctrl+[Shift+]Tab)"
 msgstr "&Fenster wechseln (Strg+[Shift+]Tab)"
 
 #. __ Options - Keys:
-#: config.c:2788
+#: config.c:2887
 msgid "&Zoom (Ctrl+plus/minus/zero)"
 msgstr "&Zoomen (Strg+plus/minus/zero)"
 
 #. __ Options - Keys:
-#: config.c:2793
+#: config.c:2892
 msgid "&Alt+Fn shortcuts"
 msgstr "&Alt+Fn Kürzel"
 
 #. __ Options - Keys:
-#: config.c:2798
+#: config.c:2897
 msgid "&Ctrl+Shift+letter shortcuts"
 msgstr "&Strg+Shift+letter Kürzel"
 
 #. __ Options - Keys: section title
-#: config.c:2804
+#: config.c:2903
 msgid "Compose key"
 msgstr "Compose-Taste"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2809 config.c:2893 config.c:2950
+#: config.c:2908 config.c:3046 config.c:3105
 msgid "&Shift"
 msgstr ""
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2811 config.c:2895 config.c:2952
+#: config.c:2910 config.c:3048 config.c:3107
 msgid "&Ctrl"
 msgstr "S&trg"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2813 config.c:2897 config.c:2954
+#: config.c:2912 config.c:3050 config.c:3109
 msgid "&Alt"
 msgstr ""
 
 #. __ Options - Mouse: treeview label
-#: config.c:2823 config.c:2843 config.c:2875
+#: config.c:2922 config.c:2996 config.c:3028
 msgid "Mouse"
 msgstr "Maus"
 
 #. __ Options - Mouse: panel title
-#: config.c:2825
+#: config.c:2924
 msgid "Mouse functions"
 msgstr "Maus-Funktionen"
 
 #. __ Options - Mouse:
-#: config.c:2829
+#: config.c:2929 config.c:2957 config.c:2968
 msgid "Cop&y on select"
 msgstr "K&opieren bei Auswahl"
 
 #. __ Options - Mouse:
-#: config.c:2834
+#: config.c:2934 config.c:2962 config.c:2973
 msgid "Copy as &rich text"
 msgstr "Kopieren als &Rich Text"
 
 #. __ Options - Mouse:
-#: config.c:2839
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr "Kopieren als &HTML"
+
+#. __ Options - Mouse:
+#: config.c:2992
 msgid "Clic&ks place command line cursor"
 msgstr "&Klick platziert in Kommandozeile"
 
 #. __ Options - Mouse: section title
-#: config.c:2845
+#: config.c:2998
 msgid "Click actions"
 msgstr "Klick-Aktionen"
 
 #. __ Options - Mouse:
-#: config.c:2848
+#: config.c:3001
 msgid "Right mouse button"
 msgstr "Rechte Maustaste"
 
 #. __ Options - Mouse:
-#: config.c:2851 config.c:2865
+#: config.c:3004 config.c:3018
 msgid "&Paste"
 msgstr "&Einfügen"
 
 #. __ Options - Mouse:
-#: config.c:2853 config.c:2867
+#: config.c:3006 config.c:3020
 msgid "E&xtend"
 msgstr "&Dehnen"
 
 #. __ Options - Mouse:
-#: config.c:2855
+#: config.c:3008
 msgid "&Menu"
 msgstr "&Menü"
 
 #. __ Options - Mouse:
-#: config.c:2857 config.c:2871
+#: config.c:3010 config.c:3024
 msgid "Ente&r"
 msgstr "Ein&gabe"
 
 #. __ Options - Mouse:
-#: config.c:2862
+#: config.c:3015
 msgid "Middle mouse button"
 msgstr "Mittlere Maustaste"
 
 #. __ Options - Mouse:
-#: config.c:2869
+#: config.c:3022
 msgid "&Nothing"
 msgstr "&Nichts"
 
 #. __ Options - Mouse: section title
-#: config.c:2877
+#: config.c:3030
 msgid "Application mouse mode"
 msgstr "Anwendungs-Maus-Modus"
 
 #. __ Options - Mouse:
-#: config.c:2880
+#: config.c:3033
 msgid "Default click target"
 msgstr "Default-Klickziel"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2883
+#: config.c:3036
 msgid "&Window"
 msgstr "&Fenster"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2885
+#: config.c:3038
 msgid "&Application"
 msgstr "&Anwendung"
 
 #. __ Options - Mouse:
-#: config.c:2890
+#: config.c:3043
 msgid "Modifier for overriding default"
 msgstr "Modifizierer zum Ändern des Defaults"
 
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr ""
+
 #. __ Options - Window: treeview label
-#: config.c:2907 config.c:2926 config.c:2965
+#: config.c:3062 config.c:3081 config.c:3122
 msgid "Window"
 msgstr "Fenster"
 
 #. __ Options - Window: panel title
-#: config.c:2909
+#: config.c:3064
 msgid "Window properties"
 msgstr "Fenster-Eigenschaften"
 
 #. __ Options - Window: section title
-#: config.c:2911
+#: config.c:3066
 msgid "Default size"
 msgstr "Default-Größe"
 
 #. __ Options - Window:
-#: config.c:2915
+#: config.c:3070
 msgid "Colu&mns"
 msgstr "&Spalten"
 
 #. __ Options - Window:
-#: config.c:2919
+#: config.c:3074
 msgid "Ro&ws"
 msgstr "&Zeilen"
 
 #. __ Options - Window:
-#: config.c:2923
+#: config.c:3078
 msgid "C&urrent size"
 msgstr "&Aktuelle"
 
 #. __ Options - Window:
-#: config.c:2930
+#: config.c:3085
 msgid "Scroll&back lines"
 msgstr "Zur&ückroll-Zeilen"
 
 #. __ Options - Window:
-#: config.c:2935
+#: config.c:3090
 msgid "Scrollbar"
 msgstr "Rollbalken"
 
 #. __ Options - Window: scrollbar
-#: config.c:2938
+#: config.c:3093
 msgid "&Left"
 msgstr "&Links"
 
 #. __ Options - Window: scrollbar
-#: config.c:2942
+#: config.c:3097
 msgid "&Right"
 msgstr "&Rechts"
 
 #. __ Options - Window:
-#: config.c:2947
+#: config.c:3102
 msgid "Modifier for scrolling"
 msgstr "Modifizierer für Rollen"
 
 #. __ Options - Window:
-#: config.c:2961
+#: config.c:3118
 msgid "&PgUp and PgDn scroll without modifier"
 msgstr "&Bild↑ und Bild↓ rollen ohne Modifizierer"
 
 #. __ Options - Window: section title
-#: config.c:2967
+#: config.c:3124
 msgid "UI language"
 msgstr "Sprache"
 
 #. __ Options - Terminal: treeview label
-#: config.c:2977 config.c:2990 config.c:3051 config.c:3065
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
 msgid "Terminal"
 msgstr ""
 
 #. __ Options - Terminal: panel title
-#: config.c:2979
+#: config.c:3136
 msgid "Terminal features"
 msgstr "Terminal-Eigenschaften"
 
 #. __ Options - Terminal:
-#: config.c:2983
+#: config.c:3140
 msgid "&Type"
 msgstr "&Typ"
 
 #. __ Options - Terminal:
-#: config.c:2987
+#: config.c:3144
 msgid "&Answerback"
 msgstr "Rück&antwort"
 
 #. __ Options - Terminal: section title
-#: config.c:2992
+#: config.c:3149
 msgid "Bell"
 msgstr "Glocke"
 
 #. __ Options - Terminal: bell
-#: config.c:2999
+#: config.c:3156
 msgid "â–º &Play"
 msgstr "â–º Abs&pielen"
 
 #. __ Options - Terminal: bell
-#: config.c:3005
+#: config.c:3162
 msgid "&Wave"
 msgstr "Klang"
 
 #. __ Options - Terminal: bell
-#: config.c:3027 config.c:3040
+#: config.c:3184 config.c:3197
 msgid "&Flash"
 msgstr "Blit&z"
 
 #. __ Options - Terminal: bell
-#: config.c:3029 config.c:3044
+#: config.c:3186 config.c:3201
 msgid "&Highlight in taskbar"
 msgstr "Blitz in Task&leiste"
 
 #. __ Options - Terminal: bell
-#: config.c:3031 config.c:3048
+#: config.c:3188 config.c:3205
 msgid "&Popup"
 msgstr ""
 
 #. __ Options - Terminal: section title
-#: config.c:3053
+#: config.c:3210
 msgid "Printer"
 msgstr "Drucker"
 
 #. __ Options - Terminal:
-#: config.c:3068
+#: config.c:3225
 msgid "Prompt about running processes on &close"
 msgstr "Vor &Schließen nach laufenden Prozessen fragen"
 
-#: textprint.c:37 textprint.c:101
+#: textprint.c:37 textprint.c:115
 msgid "[Printing...] "
 msgstr "[Druckt...] "
 
@@ -827,176 +837,216 @@ msgstr ""
 msgid "Error"
 msgstr "Fehler"
 
-#. __ Context menu, session switcher ("virtual tabs")
-#: wininput.c:153
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
 msgid "Session switcher"
 msgstr "Sitzungen"
 
-#. __ Context menu, session launcher ("virtual tabs")
-#: wininput.c:254
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
 msgid "Session launcher"
 msgstr "Neue Sitzung"
 
-#: wininput.c:357 wininput.c:363
+#: wininput.c:401 wininput.c:407
 msgid "Ctrl+"
 msgstr "Strg+"
 
-#: wininput.c:358 wininput.c:364
+#: wininput.c:402 wininput.c:408
 msgid "Alt+"
 msgstr ""
 
-#: wininput.c:359 wininput.c:365
+#: wininput.c:403 wininput.c:409
 msgid "Shift+"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:390
+#: wininput.c:434
 msgid "&Restore"
 msgstr "&Wiederherstellen"
 
 #. __ System menu:
-#: wininput.c:392
+#: wininput.c:436
 msgid "&Move"
 msgstr "&Verschieben"
 
 #. __ System menu:
-#: wininput.c:394
+#: wininput.c:438
 msgid "&Size"
 msgstr "&Größe ändern"
 
 #. __ System menu:
-#: wininput.c:396
+#: wininput.c:440
 msgid "Mi&nimize"
 msgstr "M&inimieren"
 
 #. __ System menu:
-#: wininput.c:398
+#: wininput.c:442
 msgid "Ma&ximize"
 msgstr "M&aximieren"
 
 #. __ System menu:
-#: wininput.c:400
+#: wininput.c:444
 msgid "&Close"
 msgstr "&Schließen"
 
 #. __ System menu:
-#: wininput.c:405
+#: wininput.c:449
 msgid "Ne&w"
 msgstr "&Neu"
 
 #. __ Context menu:
-#: wininput.c:412
+#: wininput.c:456
 msgid "&Copy"
 msgstr "&Kopieren"
 
 #. __ Context menu:
-#: wininput.c:422
+#: wininput.c:473
 msgid "&Paste "
 msgstr "&Einfügen"
 
 #. __ Context menu:
-#: wininput.c:427
+#: wininput.c:478
 msgid "Copy → Paste"
 msgstr "Kopieren → Einfügen"
 
 #. __ Context menu:
-#: wininput.c:432
+#: wininput.c:483
 msgid "S&earch"
 msgstr "S&uchen"
 
 #. __ Context menu:
-#: wininput.c:439
+#: wininput.c:490
 msgid "&Log to File"
 msgstr "&Log in Datei"
 
 #. __ Context menu:
-#: wininput.c:445
+#: wininput.c:496
 msgid "Character &Info"
 msgstr "Zeichen-&Info"
 
 #. __ Context menu:
-#: wininput.c:450
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr "VT220-Tastatur"
+
+#. __ Context menu:
+#: wininput.c:507
 msgid "&Reset"
 msgstr "Zu&rücksetzen"
 
 #. __ Context menu:
-#: wininput.c:458
+#: wininput.c:515
 msgid "&Default Size"
 msgstr "Default-Gr&öße"
 
 #. __ Context menu:
-#: wininput.c:464
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr "Roll&balken"
+
+#. __ Context menu:
+#: wininput.c:531
 msgid "&Full Screen"
 msgstr "&Vollbildschirm"
 
 #. __ Context menu:
-#: wininput.c:470
+#: wininput.c:537
 msgid "Flip &Screen"
 msgstr "Anzeige &wechseln"
 
 #. __ System menu:
-#: wininput.c:480 wininput.c:559
+#: wininput.c:547 wininput.c:697
 msgid "Copy &Title"
 msgstr "&Titel kopieren"
 
 #. __ System menu:
 #. __ Context menu:
 #. __ System menu:
-#: wininput.c:482 wininput.c:547 wininput.c:561
+#: wininput.c:549 wininput.c:681 wininput.c:699
 msgid "&Options..."
 msgstr "&Optionen..."
 
-#. __ Context menu, user commands
-#: wininput.c:493
-msgid "User commands"
-msgstr "Benutzer-Kommandos"
-
 #. __ Context menu:
-#: wininput.c:510
+#: wininput.c:624
 msgid "Ope&n"
 msgstr "Ö&ffnen"
 
 #. __ Context menu:
-#: wininput.c:518
+#: wininput.c:629
+msgid "Copy as text"
+msgstr "Kopieren als Text"
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr "Kopieren als RTF"
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr "Kopieren als HTML-Text"
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr "Kopieren als HTML"
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr "Kopieren als HTML-Bild"
+
+#. __ Context menu:
+#: wininput.c:644
 msgid "Select &All"
 msgstr "Alles &auswählen"
 
-#. __ Context menu:
-#: wininput.c:528
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr ""
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
 msgid "Clear Scrollback"
 msgstr "Lösche Scrollback"
 
-#. __ Context menu:
-#: wininput.c:537
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
 msgid "Send Break"
 msgstr "Sende Break"
 
-#: winmain.c:1778
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr "Benutzer-Kommandos"
+
+#: winmain.c:2065
 msgid "Processes are running in session:"
 msgstr "Laufende Prozesse:"
 
-#: winmain.c:1779
+#: winmain.c:2066
 msgid "Close anyway?"
 msgstr "Trotzdem schließen?"
 
-#: winmain.c:2479
+#: winmain.c:2184
 msgid "Try '--help' for more information"
 msgstr "Versuche '--help' für mehr Information"
 
-#: winmain.c:2487
+#: winmain.c:2192
 msgid "Could not load icon"
 msgstr "Konnte Symbol nicht laden"
 
-#: winmain.c:3109
+#: winmain.c:3598
 msgid "Usage:"
 msgstr "Aufruf:"
 
-#: winmain.c:3110
+#: winmain.c:3599
 msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
 msgstr ""
 
 #. __ help text (output of -H / --help), after initial line ("synopsis")
-#: winmain.c:3113
+#: winmain.c:3602
 msgid ""
 "Start a new terminal session running the specified program or the user's "
 "shell.\n"
@@ -1063,39 +1113,39 @@ msgstr ""
 "  -V, --version         Zeige nur Versions-Information\n"
 "Siehe die Manual-Seite für weitere Optionen und Konfiguration.\n"
 
-#: winmain.c:3270 winmain.c:3333
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "WSL distribution '%s' not found"
 msgstr "WSL-Distribution '%s' nicht gefunden"
 
-#: winmain.c:3361
+#: winmain.c:3904
 msgid "Duplicate option '%s'"
 msgstr "Doppelte Option '%s'"
 
-#: winmain.c:3369
+#: winmain.c:3912
 msgid "Unknown option '%s'"
 msgstr "Unbekannte Option '%s'"
 
-#: winmain.c:3371
+#: winmain.c:3914
 msgid "Option '%s' requires an argument"
 msgstr "Option '%s' benötigt einen Parameter"
 
-#: winmain.c:3398
+#: winmain.c:3941
 msgid "Syntax error in position argument '%s'"
 msgstr "Formatfehler in Positionsparameter '%s'"
 
-#: winmain.c:3409
+#: winmain.c:3952
 msgid "Syntax error in size argument '%s'"
 msgstr "Formatfehler in Größenparameter '%s'"
 
-#: winmain.c:3533
+#: winmain.c:4083
 msgid "Syntax error in geometry argument '%s'"
 msgstr "Formatfehler in Größen-/Positionsparameter '%s'"
 
-#: winmain.c:3607
+#: winmain.c:4158
 msgid "Mintty could not detach from caller, starting anyway"
 msgstr "Mintty konnte nicht vom Aufrufer abkoppeln, startet trotzdem"
 
-#: winmain.c:3792
+#: winmain.c:4396
 msgid "Using default title due to invalid characters in program name"
 msgstr "Nehme Default-Titel wegen ungültiger Zeichen im Programmnamen"
 
@@ -1114,34 +1164,34 @@ msgstr ""
 msgid "â–¶"
 msgstr ""
 
-#. __ Options - Text: font properties information ("leading" ("ledding"): add. row spacing)
-#: wintext.c:139
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
 msgid "Leading: %d, Bold: %s, Underline: %s"
 msgstr "Durchschuss: %d, Fett: %s, Unterstrich: %s"
 
 #. __ Options - Text: font properties: value taken from font
-#: wintext.c:141
+#: wintext.c:143
 msgid "font"
 msgstr ""
 
 #. __ Options - Text: font properties: value affected by option
-#: wintext.c:143
+#: wintext.c:145
 msgid "manual"
 msgstr "manuell"
 
-#: wintext.c:387
+#: wintext.c:400
 msgid "Font not found, using system substitute"
 msgstr "Schrift nicht gefunden, nehme System-Ersatz"
 
-#: wintext.c:394
+#: wintext.c:407
 msgid "Font has limited support for character ranges"
 msgstr "Schrift hat beschränkte Unterstützung für Zeichensätze"
 
-#: wintext.c:500
+#: wintext.c:512
 msgid "Font installation corrupt, using system substitute"
 msgstr "Schriftinstallation defekt, nehme System-Ersatz"
 
-#: wintext.c:513
+#: wintext.c:525
 msgid "Font does not support system locale"
 msgstr "Schrift unterstützt System-Zeichensatz nicht"
 
diff --git a/msys2/usr/share/mintty/lang/es.po b/msys2/usr/share/mintty/lang/es.po
index fbd5ddcd0..27f50afbb 100644
--- a/msys2/usr/share/mintty/lang/es.po
+++ b/msys2/usr/share/mintty/lang/es.po
@@ -1,14 +1,14 @@
 # Mintty
-# Copyright (C) 2017
+# Copyright (C) 2019
 # This file is distributed under the same license as the mintty package.
-# JSJ <jsj666@hotmail.com>, 2017.
+# JSJ <jsj666@hotmail.com>, 2019.
 #
 msgid ""
 msgstr ""
 "Project-Id-Version: mintty\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-04-11 10:29+0200\n"
-"PO-Revision-Date: 2017-10-23 18:55+0200\n"
+"POT-Creation-Date: 2019-03-28 18:43+0100\n"
+"PO-Revision-Date: 2019-01-29 16:00+0200\n"
 "Last-Translator: JSJ <jsj666@hotmail.com>\n"
 "Language-Team: JSJ\n"
 "Language: Spanish\n"
@@ -16,79 +16,79 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: charset.c:213 charset.c:224 winmain.c:3270 winmain.c:3333
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "(Default)"
 msgstr "(Defecto)"
 
-#: charset.c:235
+#: charset.c:253
 msgid "(OEM codepage)"
 msgstr "(Codificación OEM)"
 
-#: charset.c:239
+#: charset.c:257
 msgid "(ANSI codepage)"
 msgstr "(Codificación ANSI)"
 
-#: child.c:78
+#: child.c:82
 msgid "There are no available terminals"
 msgstr "No hay terminales disponibles"
 
-#: child.c:153
+#: child.c:157
 msgid "Error: Could not open log file"
 msgstr "Error: No se puede abrir fichero de log"
 
-#: child.c:225
+#: child.c:229
 msgid "Error: Could not fork child process"
 msgstr "Error: No se puede lanzar proceso hijo"
 
-#: child.c:227
+#: child.c:231
 msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
 msgstr ""
 "Se requiere rebasing de la DLL; más información 'rebaseall / rebase --help'"
 
 #. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
-#: child.c:305
+#: child.c:309
 msgid "Failed to run '%s': %s"
 msgstr "Fallo al ejecutar '%s': %s"
 
 #. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
-#: child.c:422
+#: child.c:426
 msgid "%s: Exit %i"
 msgstr "%s: Código de salida %i"
 
 #. __ default inline notification if ExitWrite=yes
-#: child.c:429
+#: child.c:433
 msgid "TERMINATED"
 msgstr "FINALIZÓ"
 
-#: child.c:836
+#: child.c:984
 msgid "Error: Could not fork child daemon"
 msgstr "Error: No se pudo lanzar demonio hijo"
 
 #. __ %s: unknown option name
-#: config.c:552
+#: config.c:603
 msgid "Ignoring unknown option '%s'"
 msgstr "Ignorando opción desconocida '%s'"
 
-#: config.c:597 config.c:626
+#: config.c:648 config.c:677
 msgid "Internal error: too many options"
 msgstr "Error interno: demasiadas opciones"
 
-#: config.c:613
+#: config.c:664
 msgid "Internal error: too many options/comments"
 msgstr "Error interno: demasiadas opciones/comentarios"
 
 #. __ %2$s: option name, %1$s: invalid value
-#: config.c:748
+#: config.c:810
 msgid "Ignoring invalid value '%s' for option '%s'"
 msgstr "Ignorando valor no válido '%s' de la opción '%s'"
 
 #. __ %s: option name
-#: config.c:759
+#: config.c:822
 msgid "Ignoring option '%s' with missing value"
 msgstr "Ignorando opción '%s' sin valor"
 
 #. __ %1$s: config file name, %2$s: error message
-#: config.c:1362
+#: config.c:1443
 msgid ""
 "Could not save options to '%s':\n"
 "%s."
@@ -96,162 +96,162 @@ msgstr ""
 "No se pudieron guardar las opciones en '%s':\n"
 "%s."
 
-#: config.c:1679
+#: config.c:1762
 msgid "â—‡ None (printing disabled) â—‡"
 msgstr "◇ No (impresión desactivada) ◇"
 
-#: config.c:1681
+#: config.c:1764
 msgid "â—† Default printer â—†"
 msgstr "â—† Impresora predeterminada â—†"
 
 #. __ UI language
-#: config.c:1790
+#: config.c:1873
 msgid "– None –"
 msgstr "– Ninguno –"
 
-#: config.c:1791
+#: config.c:1874
 msgid "@ Windows language @"
 msgstr "@ Idioma de Windows @"
 
-#: config.c:1792
+#: config.c:1875
 msgid "* Locale environm. *"
 msgstr "* Entorno local *"
 
-#: config.c:1793
+#: config.c:1876
 msgid "= cfg. Text Locale ="
 msgstr "= cfg. Texto Local ="
 
-#: config.c:1856
+#: config.c:1939
 msgid "simple beep"
 msgstr "Beep simple"
 
-#: config.c:1857
+#: config.c:1940
 msgid "no beep"
 msgstr "Sin sonido"
 
-#: config.c:1858
+#: config.c:1941
 msgid "Default Beep"
 msgstr "Beep predeterminado"
 
-#: config.c:1859
+#: config.c:1942
 msgid "Critical Stop"
 msgstr "Fallo Crítico"
 
-#: config.c:1860
+#: config.c:1943
 msgid "Question"
 msgstr "Pregunta"
 
-#: config.c:1861
+#: config.c:1944
 msgid "Exclamation"
 msgstr "Aviso"
 
-#: config.c:1862
+#: config.c:1945
 msgid "Asterisk"
 msgstr "Importante"
 
-#: config.c:1905
+#: config.c:1988
 msgid "â—‡ None (system sound) â—‡"
 msgstr "â—‡ Ninguno (sonido del sistema) â—‡"
 
 #. __ terminal theme / colour scheme
-#: config.c:2036
+#: config.c:2119
 msgid "â—‡ None â—‡"
 msgstr "â—‡ Ninguno â—‡"
 
 #. __ indicator of unsaved downloaded colour scheme
-#: config.c:2039
+#: config.c:2122
 msgid "downloaded / give me a name!"
-msgstr "descargado / ¡renómbra el tema!"
+msgstr "descargado / ¡renombra el tema!"
 
-#: config.c:2128
+#: config.c:2211
 msgid "Could not load web theme"
 msgstr "No se pudo cargar el tema web"
 
-#: config.c:2177
+#: config.c:2260
 msgid "Cannot write theme file"
 msgstr "No se ha podido escribir en el fichero del tema"
 
-#: config.c:2182
+#: config.c:2265
 msgid "Cannot store theme file"
 msgstr "No se ha podido guardar el tema"
 
 #. __ Dialog button - show About text
-#: config.c:2542
+#: config.c:2641
 msgid "About..."
 msgstr "Acerca de..."
 
 #. __ Dialog button - save changes
-#: config.c:2545
+#: config.c:2644
 msgid "Save"
 msgstr "Guardar"
 
 #. __ Dialog button - cancel
-#: config.c:2549 winctrls.c:1143 windialog.c:782
+#: config.c:2648 winctrls.c:1143 windialog.c:782
 msgid "Cancel"
 msgstr "Cancelar"
 
 #. __ Dialog button - apply changes
-#: config.c:2553
+#: config.c:2652
 msgid "Apply"
 msgstr "Aplicar"
 
 #. __ Dialog button - take notice
-#: config.c:2557 windialog.c:779
+#: config.c:2656 windialog.c:779
 msgid "I see"
 msgstr "Aceptar"
 
 #. __ Dialog button - confirm action
-#: config.c:2559 winctrls.c:1142 windialog.c:781
+#: config.c:2658 winctrls.c:1142 windialog.c:781
 msgid "OK"
 msgstr "Aceptar"
 
 #. __ Options - Looks: treeview label
-#: config.c:2566 config.c:2597 config.c:2638
+#: config.c:2665 config.c:2696 config.c:2737
 msgid "Looks"
 msgstr "Visualización"
 
 #. __ Options - Looks: panel title
-#: config.c:2568
+#: config.c:2667
 msgid "Looks in Terminal"
 msgstr "Visualización de la consola"
 
 #. __ Options - Looks: section title
-#: config.c:2570
+#: config.c:2669
 msgid "Colours"
 msgstr "Colores"
 
 #. __ Options - Looks:
-#: config.c:2574
+#: config.c:2673
 msgid "&Foreground..."
 msgstr "&Tinta..."
 
 #. __ Options - Looks:
-#: config.c:2578
+#: config.c:2677
 msgid "&Background..."
 msgstr "&Fondo..."
 
 #. __ Options - Looks:
-#: config.c:2582
+#: config.c:2681
 msgid "&Cursor..."
 msgstr "&Cursor..."
 
 #. __ Options - Looks:
-#: config.c:2586
+#: config.c:2685
 msgid "&Theme"
 msgstr "&Tema"
 
 #. __ Options - Looks: name of web service
-#: config.c:2591
+#: config.c:2690
 msgid "Color Scheme Designer"
 msgstr "Diseñador de Temas"
 
 #. __ Options - Looks: store colour scheme
-#: config.c:2594 winctrls.c:381
+#: config.c:2693 winctrls.c:381
 msgid "Store"
 msgstr "Guardar"
 
 #. __ Options - Looks: section title
-#: config.c:2599
+#: config.c:2698
 msgid "Transparency"
 msgstr "Transparencia"
 
@@ -259,447 +259,457 @@ msgstr "Transparencia"
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2605 config.c:2815 config.c:2899 config.c:2956
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
 msgid "&Off"
 msgstr "&No"
 
 #. __ Options - Looks: transparency
-#: config.c:2607
+#: config.c:2706
 msgid "&Low"
 msgstr "&Baja"
 
 #. __ Options - Looks: transparency, short form of radio button label "Medium"
-#: config.c:2609
+#: config.c:2708
 msgid "&Med."
 msgstr "&Med."
 
 #. __ Options - Looks: transparency
-#: config.c:2611
+#: config.c:2710
 msgid "&Medium"
 msgstr "&Media"
 
 #. __ Options - Looks: transparency
-#: config.c:2613
+#: config.c:2712
 msgid "&High"
 msgstr "&Alta"
 
 #. __ Options - Looks: transparency
-#: config.c:2615
+#: config.c:2714
 msgid "Gla&ss"
 msgstr "&Cristal"
 
 #. __ Options - Looks: transparency
-#: config.c:2622 config.c:2633
+#: config.c:2721 config.c:2732
 msgid "Opa&que when focused"
 msgstr "&Opaca si seleccionada"
 
 #. __ Options - Looks: transparency
-#: config.c:2627
+#: config.c:2726
 msgid "Blu&r"
 msgstr "&Desenfoque"
 
 #. __ Options - Looks: section title
-#: config.c:2640
+#: config.c:2739
 msgid "Cursor"
 msgstr "Cursor"
 
 #. __ Options - Looks: cursor type
-#: config.c:2645
+#: config.c:2744
 msgid "Li&ne"
 msgstr "&Linea"
 
 #. __ Options - Looks: cursor type
-#: config.c:2647
+#: config.c:2746
 msgid "Bloc&k"
 msgstr "&Bloque"
 
 #. __ Options - Looks: cursor type
-#: config.c:2649
+#: config.c:2748
 msgid "&Underscore"
 msgstr "S&ubrayado"
 
 #. __ Options - Looks: cursor feature
-#: config.c:2654
+#: config.c:2753
 msgid "Blinkin&g"
 msgstr "Parpa&deo"
 
 #. __ Options - Text: treeview label
-#: config.c:2661 config.c:2683 config.c:2701 config.c:2735
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
 msgid "Text"
 msgstr "Texto"
 
 #. __ Options - Text: panel title
-#: config.c:2663
+#: config.c:2762
 msgid "Text and Font properties"
 msgstr "Propiedades del texto"
 
 #. __ Options - Text: section title
-#: config.c:2665
+#: config.c:2764
 msgid "Font"
 msgstr "Tipo letra"
 
 #. __ Options - Text:
 #. __ Font chooser:
-#: config.c:2673 winctrls.c:1153
+#: config.c:2772 winctrls.c:1153
 msgid "Font st&yle:"
 msgstr "Es&tilo de letra:"
 
 #. __ Font chooser:
-#: config.c:2678 winctrls.c:1155
+#: config.c:2777 winctrls.c:1155
 msgid "&Size:"
 msgstr "&Tamaño:"
 
 #. __ Options - Text:
-#: config.c:2687 config.c:2720
+#: config.c:2786 config.c:2819
 msgid "Sho&w bold as font"
 msgstr "&Negrita: tipo letra"
 
 #. __ Options - Text:
-#: config.c:2692 config.c:2725
+#: config.c:2791 config.c:2824
 msgid "Show &bold as colour"
 msgstr "Ne&grita: color"
 
 #. __ Options - Text:
-#: config.c:2705
+#: config.c:2804
 msgid "Font smoothing"
 msgstr "Suavizado"
 
 #. __ Options - Text:
-#: config.c:2708
+#: config.c:2807 config.c:2951 config.c:2984
 msgid "&Default"
 msgstr "&Defecto"
 
 #. __ Options - Text:
 #. __ Options - Window: scrollbar
-#: config.c:2710 config.c:2940
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
 msgid "&None"
 msgstr "&Ninguna"
 
 #. __ Options - Text:
-#: config.c:2712
+#: config.c:2811 config.c:2950 config.c:2983
 msgid "&Partial"
 msgstr "&Parcial"
 
 #. __ Options - Text:
-#: config.c:2714
+#: config.c:2813 config.c:2952 config.c:2985
 msgid "&Full"
 msgstr "&Completo"
 
 #. __ Options - Text:
-#: config.c:2730
+#: config.c:2829
 msgid "&Allow blinking"
 msgstr "&Parpadeo"
 
-#: config.c:2738
+#: config.c:2837
 msgid "&Locale"
 msgstr "&Idioma"
 
-#: config.c:2741
+#: config.c:2840
 msgid "&Character set"
 msgstr "&Juego caracteres"
 
 #. __ Options - Keys: treeview label
-#: config.c:2748 config.c:2768 config.c:2802
+#: config.c:2847 config.c:2867 config.c:2901
 msgid "Keys"
 msgstr "Teclas"
 
 #. __ Options - Keys: panel title
-#: config.c:2750
+#: config.c:2849
 msgid "Keyboard features"
 msgstr "Opciones de teclado"
 
 #. __ Options - Keys:
-#: config.c:2754
+#: config.c:2853
 msgid "&Backarrow sends ^H"
 msgstr "&Borrado envía ^H"
 
 #. __ Options - Keys:
-#: config.c:2759
+#: config.c:2858
 msgid "&Delete sends DEL"
 msgstr "&Supr envía DEL"
 
 #. __ Options - Keys:
-#: config.c:2764
+#: config.c:2863
 msgid "Ctrl+LeftAlt is Alt&Gr"
 msgstr "Ctrl+Alt Izq es AltGr"
 
 #. __ Options - Keys: section title
-#: config.c:2770
+#: config.c:2869
 msgid "Shortcuts"
 msgstr "Atajos"
 
 #. __ Options - Keys:
-#: config.c:2773
+#: config.c:2872
 msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
 msgstr "Co&piar y pegar (Ctrl/Shift+Ins)"
 
 #. __ Options - Keys:
-#: config.c:2778
+#: config.c:2877
 msgid "&Menu and Full Screen (Alt+Space/Enter)"
 msgstr "&Menú y pantalla completa (Alt+Space/Enter)"
 
 #. __ Options - Keys:
-#: config.c:2783
+#: config.c:2882
 msgid "&Switch window (Ctrl+[Shift+]Tab)"
 msgstr "&Cambiar de ventana (Ctrl+[Shift+]Tab)"
 
 #. __ Options - Keys:
-#: config.c:2788
+#: config.c:2887
 msgid "&Zoom (Ctrl+plus/minus/zero)"
 msgstr "&Ampliar (Ctrl+más/menos/cero)"
 
 #. __ Options - Keys:
-#: config.c:2793
+#: config.c:2892
 msgid "&Alt+Fn shortcuts"
 msgstr "Atajos &Alt+Fn"
 
 #. __ Options - Keys:
-#: config.c:2798
+#: config.c:2897
 msgid "&Ctrl+Shift+letter shortcuts"
 msgstr "Atajos &Ctrl+Shift+letra"
 
 #. __ Options - Keys: section title
-#: config.c:2804
+#: config.c:2903
 msgid "Compose key"
 msgstr "Tecla compos."
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2809 config.c:2893 config.c:2950
+#: config.c:2908 config.c:3046 config.c:3105
 msgid "&Shift"
-msgstr ""
+msgstr "&Shift"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2811 config.c:2895 config.c:2952
+#: config.c:2910 config.c:3048 config.c:3107
 msgid "&Ctrl"
 msgstr "&Ctrl"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2813 config.c:2897 config.c:2954
+#: config.c:2912 config.c:3050 config.c:3109
 msgid "&Alt"
 msgstr "&Alt"
 
 #. __ Options - Mouse: treeview label
-#: config.c:2823 config.c:2843 config.c:2875
+#: config.c:2922 config.c:2996 config.c:3028
 msgid "Mouse"
 msgstr "Ratón"
 
 #. __ Options - Mouse: panel title
-#: config.c:2825
+#: config.c:2924
 msgid "Mouse functions"
 msgstr "Funciones del ratón"
 
 #. __ Options - Mouse:
-#: config.c:2829
+#: config.c:2929 config.c:2957 config.c:2968
 msgid "Cop&y on select"
 msgstr "Co&piar al seleccionar"
 
 #. __ Options - Mouse:
-#: config.c:2834
+#: config.c:2934 config.c:2962 config.c:2973
 msgid "Copy as &rich text"
 msgstr "Copiar &formato texto"
 
 #. __ Options - Mouse:
-#: config.c:2839
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr "Copiar formato &HTML"
+
+#. __ Options - Mouse:
+#: config.c:2992
 msgid "Clic&ks place command line cursor"
 msgstr "&Click coloca el cursor en línea"
 
 #. __ Options - Mouse: section title
-#: config.c:2845
+#: config.c:2998
 msgid "Click actions"
 msgstr "Acciones del click"
 
 #. __ Options - Mouse:
-#: config.c:2848
+#: config.c:3001
 msgid "Right mouse button"
 msgstr "Botón derecho"
 
 #. __ Options - Mouse:
-#: config.c:2851 config.c:2865
+#: config.c:3004 config.c:3018
 msgid "&Paste"
 msgstr "&Pegar"
 
 #. __ Options - Mouse:
-#: config.c:2853 config.c:2867
+#: config.c:3006 config.c:3020
 msgid "E&xtend"
 msgstr "E&xtend."
 
 #. __ Options - Mouse:
-#: config.c:2855
+#: config.c:3008
 msgid "&Menu"
 msgstr "&Menú"
 
 #. __ Options - Mouse:
-#: config.c:2857 config.c:2871
+#: config.c:3010 config.c:3024
 msgid "Ente&r"
 msgstr "Ente&r"
 
 #. __ Options - Mouse:
-#: config.c:2862
+#: config.c:3015
 msgid "Middle mouse button"
 msgstr "Botón medio"
 
 #. __ Options - Mouse:
-#: config.c:2869
+#: config.c:3022
 msgid "&Nothing"
 msgstr "&Nada"
 
 #. __ Options - Mouse: section title
-#: config.c:2877
+#: config.c:3030
 msgid "Application mouse mode"
 msgstr "Modo aplicación"
 
 #. __ Options - Mouse:
-#: config.c:2880
+#: config.c:3033
 msgid "Default click target"
 msgstr "Objetivo del click"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2883
+#: config.c:3036
 msgid "&Window"
 msgstr "&Ventana"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2885
+#: config.c:3038
 msgid "&Application"
 msgstr "&Aplicación"
 
 #. __ Options - Mouse:
-#: config.c:2890
+#: config.c:3043
 msgid "Modifier for overriding default"
 msgstr "Modificador ignorar opc. predeterminada"
 
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr ""
+
 #. __ Options - Window: treeview label
-#: config.c:2907 config.c:2926 config.c:2965
+#: config.c:3062 config.c:3081 config.c:3122
 msgid "Window"
 msgstr "Ventana"
 
 #. __ Options - Window: panel title
-#: config.c:2909
+#: config.c:3064
 msgid "Window properties"
 msgstr "Propiedades de ventana"
 
 #. __ Options - Window: section title
-#: config.c:2911
+#: config.c:3066
 msgid "Default size"
 msgstr "Tamaño predeterminado"
 
 #. __ Options - Window:
-#: config.c:2915
+#: config.c:3070
 msgid "Colu&mns"
 msgstr "Colu&mnas"
 
 #. __ Options - Window:
-#: config.c:2919
+#: config.c:3074
 msgid "Ro&ws"
 msgstr "&Filas"
 
 #. __ Options - Window:
-#: config.c:2923
+#: config.c:3078
 msgid "C&urrent size"
 msgstr "&Tam. actual"
 
 #. __ Options - Window:
-#: config.c:2930
+#: config.c:3085
 msgid "Scroll&back lines"
 msgstr "Buffer &scroll"
 
 #. __ Options - Window:
-#: config.c:2935
+#: config.c:3090
 msgid "Scrollbar"
 msgstr "Barra scroll"
 
 #. __ Options - Window: scrollbar
-#: config.c:2938
+#: config.c:3093
 msgid "&Left"
 msgstr "&Izquierda"
 
 #. __ Options - Window: scrollbar
-#: config.c:2942
+#: config.c:3097
 msgid "&Right"
 msgstr "&Derecha"
 
 #. __ Options - Window:
-#: config.c:2947
+#: config.c:3102
 msgid "Modifier for scrolling"
 msgstr "Modificador para scroll"
 
 #. __ Options - Window:
-#: config.c:2961
+#: config.c:3118
 msgid "&PgUp and PgDn scroll without modifier"
 msgstr "Scroll con &AvPag y RePag"
 
 #. __ Options - Window: section title
-#: config.c:2967
+#: config.c:3124
 msgid "UI language"
 msgstr "Idioma UI"
 
 #. __ Options - Terminal: treeview label
-#: config.c:2977 config.c:2990 config.c:3051 config.c:3065
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
 msgid "Terminal"
 msgstr "Consola"
 
 #. __ Options - Terminal: panel title
-#: config.c:2979
+#: config.c:3136
 msgid "Terminal features"
 msgstr "Opciones de consola"
 
 #. __ Options - Terminal:
-#: config.c:2983
+#: config.c:3140
 msgid "&Type"
 msgstr "&Tipo"
 
 #. __ Options - Terminal:
-#: config.c:2987
+#: config.c:3144
 msgid "&Answerback"
 msgstr "&Respuesta"
 
 #. __ Options - Terminal: section title
-#: config.c:2992
+#: config.c:3149
 msgid "Bell"
 msgstr "Sonido"
 
 #. __ Options - Terminal: bell
-#: config.c:2999
+#: config.c:3156
 msgid "â–º &Play"
 msgstr "â–º &Reprod."
 
 #. __ Options - Terminal: bell
-#: config.c:3005
+#: config.c:3162
 msgid "&Wave"
 msgstr "&WAV"
 
 #. __ Options - Terminal: bell
-#: config.c:3027 config.c:3040
+#: config.c:3184 config.c:3197
 msgid "&Flash"
 msgstr "&Parpadeo"
 
 #. __ Options - Terminal: bell
-#: config.c:3029 config.c:3044
+#: config.c:3186 config.c:3201
 msgid "&Highlight in taskbar"
 msgstr "Parpadeo &barra tareas"
 
 #. __ Options - Terminal: bell
-#: config.c:3031 config.c:3048
+#: config.c:3188 config.c:3205
 msgid "&Popup"
 msgstr "&Popup"
 
 #. __ Options - Terminal: section title
-#: config.c:3053
+#: config.c:3210
 msgid "Printer"
 msgstr "Impresora"
 
 #. __ Options - Terminal:
-#: config.c:3068
+#: config.c:3225
 msgid "Prompt about running processes on &close"
 msgstr "Avisar sobre procesos en ejecución al &cerrar"
 
-#: textprint.c:37 textprint.c:101
+#: textprint.c:37 textprint.c:115
 msgid "[Printing...] "
 msgstr "[Imprimiendo...] "
 
@@ -776,7 +786,7 @@ msgstr "|Sólid&o"
 #. __ Colour chooser:
 #: winctrls.c:1231
 msgid "&Hue:"
-msgstr "&Hue:"
+msgstr "&Tint.:"
 
 #. __ Colour chooser:
 #: winctrls.c:1234
@@ -827,176 +837,216 @@ msgstr "100"
 msgid "Error"
 msgstr "Error"
 
-#. __ Context menu, session switcher ("virtual tabs")
-#: wininput.c:153
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
 msgid "Session switcher"
 msgstr "Cambiar sesión"
 
-#. __ Context menu, session launcher ("virtual tabs")
-#: wininput.c:254
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
 msgid "Session launcher"
 msgstr "Lanzar sesión"
 
-#: wininput.c:357 wininput.c:363
+#: wininput.c:401 wininput.c:407
 msgid "Ctrl+"
 msgstr "Ctrl+"
 
-#: wininput.c:358 wininput.c:364
+#: wininput.c:402 wininput.c:408
 msgid "Alt+"
 msgstr "Alt+"
 
-#: wininput.c:359 wininput.c:365
+#: wininput.c:403 wininput.c:409
 msgid "Shift+"
 msgstr "Shift+"
 
 #. __ System menu:
-#: wininput.c:390
+#: wininput.c:434
 msgid "&Restore"
 msgstr "&Cargar"
 
 #. __ System menu:
-#: wininput.c:392
+#: wininput.c:436
 msgid "&Move"
 msgstr "&Mover"
 
 #. __ System menu:
-#: wininput.c:394
+#: wininput.c:438
 msgid "&Size"
 msgstr "&Tam."
 
 #. __ System menu:
-#: wininput.c:396
+#: wininput.c:440
 msgid "Mi&nimize"
 msgstr "Mi&nimizar"
 
 #. __ System menu:
-#: wininput.c:398
+#: wininput.c:442
 msgid "Ma&ximize"
 msgstr "Ma&ximizar"
 
 #. __ System menu:
-#: wininput.c:400
+#: wininput.c:444
 msgid "&Close"
 msgstr "&Cerrar"
 
 #. __ System menu:
-#: wininput.c:405
+#: wininput.c:449
 msgid "Ne&w"
 msgstr "Nue&vo"
 
 #. __ Context menu:
-#: wininput.c:412
+#: wininput.c:456
 msgid "&Copy"
 msgstr "&Copiar"
 
 #. __ Context menu:
-#: wininput.c:422
+#: wininput.c:473
 msgid "&Paste "
 msgstr "&Pegar"
 
 #. __ Context menu:
-#: wininput.c:427
+#: wininput.c:478
 msgid "Copy → Paste"
 msgstr "Copiar → Pegar"
 
 #. __ Context menu:
-#: wininput.c:432
+#: wininput.c:483
 msgid "S&earch"
 msgstr "B&uscar"
 
 #. __ Context menu:
-#: wininput.c:439
+#: wininput.c:490
 msgid "&Log to File"
 msgstr "&Log a fichero"
 
 #. __ Context menu:
-#: wininput.c:445
+#: wininput.c:496
 msgid "Character &Info"
 msgstr "&Info caracter"
 
 #. __ Context menu:
-#: wininput.c:450
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr "Teclado VT220"
+
+#. __ Context menu:
+#: wininput.c:507
 msgid "&Reset"
 msgstr "&Resetear"
 
 #. __ Context menu:
-#: wininput.c:458
+#: wininput.c:515
 msgid "&Default Size"
 msgstr "&Tam. predeterminado"
 
 #. __ Context menu:
-#: wininput.c:464
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr "Barra scroll"
+
+#. __ Context menu:
+#: wininput.c:531
 msgid "&Full Screen"
 msgstr "&Pantalla completa"
 
 #. __ Context menu:
-#: wininput.c:470
+#: wininput.c:537
 msgid "Flip &Screen"
 msgstr "&Cambiar pantalla"
 
 #. __ System menu:
-#: wininput.c:480 wininput.c:559
+#: wininput.c:547 wininput.c:697
 msgid "Copy &Title"
 msgstr "Copiar &título"
 
 #. __ System menu:
 #. __ Context menu:
 #. __ System menu:
-#: wininput.c:482 wininput.c:547 wininput.c:561
+#: wininput.c:549 wininput.c:681 wininput.c:699
 msgid "&Options..."
 msgstr "&Opciones..."
 
-#. __ Context menu, user commands
-#: wininput.c:493
-msgid "User commands"
-msgstr "Comandos especiales"
-
 #. __ Context menu:
-#: wininput.c:510
+#: wininput.c:624
 msgid "Ope&n"
 msgstr "A&brir"
 
 #. __ Context menu:
-#: wininput.c:518
+#: wininput.c:629
+msgid "Copy as text"
+msgstr "Copiar &formato texto"
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr "Copiar formato RTF"
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr "Copiar formato HTML texto"
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr "Copiar formato HTML"
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr "Copiar formato HTML completo"
+
+#. __ Context menu:
+#: wininput.c:644
 msgid "Select &All"
 msgstr "Selecc. &todo"
 
-#. __ Context menu:
-#: wininput.c:528
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr ""
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
 msgid "Clear Scrollback"
 msgstr "Limpiar buffer scroll"
 
-#. __ Context menu:
-#: wininput.c:537
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
 msgid "Send Break"
 msgstr "Enviar Break"
 
-#: winmain.c:1778
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr "Comandos especiales"
+
+#: winmain.c:2065
 msgid "Processes are running in session:"
 msgstr "Hay procesos ejecutándose:"
 
-#: winmain.c:1779
+#: winmain.c:2066
 msgid "Close anyway?"
 msgstr "¿Cerrar?"
 
-#: winmain.c:2479
+#: winmain.c:2184
 msgid "Try '--help' for more information"
 msgstr "Intenta usar '--help' para más información"
 
-#: winmain.c:2487
+#: winmain.c:2192
 msgid "Could not load icon"
 msgstr "No se pudo cargar icono"
 
-#: winmain.c:3109
+#: winmain.c:3598
 msgid "Usage:"
 msgstr "Uso:"
 
-#: winmain.c:3110
+#: winmain.c:3599
 msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
 msgstr "[OPCION]... [ PROGRAMA [ARG]... | - ]"
 
 #. __ help text (output of -H / --help), after initial line ("synopsis")
-#: winmain.c:3113
+#: winmain.c:3602
 msgid ""
 "Start a new terminal session running the specified program or the user's "
 "shell.\n"
@@ -1070,39 +1120,39 @@ msgstr ""
 "Consultar el manual para más opciones de línea de comandos y "
 "configuraciones.\n"
 
-#: winmain.c:3270 winmain.c:3333
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "WSL distribution '%s' not found"
 msgstr "No se ha encontrado la distribución WSL '%s'"
 
-#: winmain.c:3361
+#: winmain.c:3904
 msgid "Duplicate option '%s'"
 msgstr "Opción duplicada '%s'"
 
-#: winmain.c:3369
+#: winmain.c:3912
 msgid "Unknown option '%s'"
 msgstr "Opción desconocida '%s'"
 
-#: winmain.c:3371
+#: winmain.c:3914
 msgid "Option '%s' requires an argument"
 msgstr "Opción '%s' requiere un parámetro"
 
-#: winmain.c:3398
+#: winmain.c:3941
 msgid "Syntax error in position argument '%s'"
 msgstr "Error de sintaxis en arg. posición '%s'"
 
-#: winmain.c:3409
+#: winmain.c:3952
 msgid "Syntax error in size argument '%s'"
 msgstr "Error de sintaxis en arg. tamaño '%s'"
 
-#: winmain.c:3533
+#: winmain.c:4083
 msgid "Syntax error in geometry argument '%s'"
 msgstr "Error de sintaxis en arg. tamaño y posición '%s'"
 
-#: winmain.c:3607
+#: winmain.c:4158
 msgid "Mintty could not detach from caller, starting anyway"
 msgstr "Mintty no se pudo liberar, inciando de todas formas"
 
-#: winmain.c:3792
+#: winmain.c:4396
 msgid "Using default title due to invalid characters in program name"
 msgstr ""
 "Usando título predeterminado porque hay caracteres extraños en el nombre del "
@@ -1123,34 +1173,34 @@ msgstr ""
 msgid "â–¶"
 msgstr ""
 
-#. __ Options - Text: font properties information ("leading" ("ledding"): add. row spacing)
-#: wintext.c:139
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
 msgid "Leading: %d, Bold: %s, Underline: %s"
 msgstr "Lead.: %d, Negrita: %s, Subray.: %s"
 
 #. __ Options - Text: font properties: value taken from font
-#: wintext.c:141
+#: wintext.c:143
 msgid "font"
 msgstr "tipo letra"
 
 #. __ Options - Text: font properties: value affected by option
-#: wintext.c:143
+#: wintext.c:145
 msgid "manual"
 msgstr "manual"
 
-#: wintext.c:387
+#: wintext.c:400
 msgid "Font not found, using system substitute"
 msgstr "Tipo de letra no encontrado, usando sustituto"
 
-#: wintext.c:394
+#: wintext.c:407
 msgid "Font has limited support for character ranges"
 msgstr "Tipo de letra tiene soporte limitado de caracteres"
 
-#: wintext.c:500
+#: wintext.c:512
 msgid "Font installation corrupt, using system substitute"
 msgstr "Tipo de letra corrupto, usando sustituto"
 
-#: wintext.c:513
+#: wintext.c:525
 msgid "Font does not support system locale"
 msgstr "Tipo de letra no soporta idioma del sistema"
 
diff --git a/msys2/usr/share/mintty/lang/fr.po b/msys2/usr/share/mintty/lang/fr.po
index 605f3c75d..1f30dea33 100644
--- a/msys2/usr/share/mintty/lang/fr.po
+++ b/msys2/usr/share/mintty/lang/fr.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: mintty\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-04-11 10:29+0200\n"
+"POT-Creation-Date: 2019-03-28 18:43+0100\n"
 "PO-Revision-Date: 2017-02-07 13:23+0000\n"
 "Last-Translator: Eric Lassauge <lassauge@gmail.com>\n"
 "Language-Team: French <traduc@traduc.org>\n"
@@ -19,80 +19,80 @@ msgstr ""
 "Plural-Forms: nplurals=2; plural=(n > 1);\n"
 "X-Generator: Poedit 1.8.11\n"
 
-#: charset.c:213 charset.c:224 winmain.c:3270 winmain.c:3333
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "(Default)"
 msgstr "(défaut)"
 
-#: charset.c:235
+#: charset.c:253
 msgid "(OEM codepage)"
 msgstr "(codage OEM)"
 
-#: charset.c:239
+#: charset.c:257
 msgid "(ANSI codepage)"
 msgstr "(codage ANSI)"
 
-#: child.c:78
+#: child.c:82
 msgid "There are no available terminals"
 msgstr "Aucun terminal disponible"
 
-#: child.c:153
+#: child.c:157
 msgid "Error: Could not open log file"
 msgstr "Erreur : impossible d’ouvrir le fichier de trace"
 
-#: child.c:225
+#: child.c:229
 msgid "Error: Could not fork child process"
 msgstr "Erreur : impossible de créer un process fils"
 
-#: child.c:227
+#: child.c:231
 msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
 msgstr ""
 "Il peut être nécessaire de rebaser les DLL, voir « rebaseall / rebase --"
 "help »"
 
 #. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
-#: child.c:305
+#: child.c:309
 msgid "Failed to run '%s': %s"
 msgstr "Impossible de lancer « %s » : %s"
 
 #. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
-#: child.c:422
+#: child.c:426
 msgid "%s: Exit %i"
 msgstr "%s : sortie %i"
 
 #. __ default inline notification if ExitWrite=yes
-#: child.c:429
+#: child.c:433
 msgid "TERMINATED"
 msgstr "TERMINÉ"
 
-#: child.c:836
+#: child.c:984
 msgid "Error: Could not fork child daemon"
 msgstr "Erreur : impossible de créer un process démon fils"
 
 #. __ %s: unknown option name
-#: config.c:552
+#: config.c:603
 msgid "Ignoring unknown option '%s'"
 msgstr "Option inconnue « %s » ignorée"
 
-#: config.c:597 config.c:626
+#: config.c:648 config.c:677
 msgid "Internal error: too many options"
 msgstr "Erreur interne : trop d’options"
 
-#: config.c:613
+#: config.c:664
 msgid "Internal error: too many options/comments"
 msgstr "Erreur interne : trop d’options/commentaires"
 
 #. __ %2$s: option name, %1$s: invalid value
-#: config.c:748
+#: config.c:810
 msgid "Ignoring invalid value '%s' for option '%s'"
 msgstr "Value inconnue ignorée « %s » pour l’option inconnue « %s »"
 
 #. __ %s: option name
-#: config.c:759
+#: config.c:822
 msgid "Ignoring option '%s' with missing value"
 msgstr "Option « %s » avec des valeurs manquantes ignorée"
 
 #. __ %1$s: config file name, %2$s: error message
-#: config.c:1362
+#: config.c:1443
 msgid ""
 "Could not save options to '%s':\n"
 "%s."
@@ -100,162 +100,162 @@ msgstr ""
 "Impossible d’enregistrer les options dans « %s » :\n"
 "%s."
 
-#: config.c:1679
+#: config.c:1762
 msgid "â—‡ None (printing disabled) â—‡"
 msgstr "◇ Aucune (pas d’impression) ◇"
 
-#: config.c:1681
+#: config.c:1764
 msgid "â—† Default printer â—†"
 msgstr "◆ Imprimante par défaut ◆"
 
 #. __ UI language
-#: config.c:1790
+#: config.c:1873
 msgid "– None –"
 msgstr "â—‡ Aucun â—‡"
 
-#: config.c:1791
+#: config.c:1874
 msgid "@ Windows language @"
 msgstr "@ Langue système @"
 
-#: config.c:1792
+#: config.c:1875
 msgid "* Locale environm. *"
 msgstr "â—† Locale environ. â—†"
 
-#: config.c:1793
+#: config.c:1876
 msgid "= cfg. Text Locale ="
 msgstr "◆ Langue caractères ◆"
 
-#: config.c:1856
+#: config.c:1939
 msgid "simple beep"
 msgstr "Bip simple"
 
-#: config.c:1857
+#: config.c:1940
 msgid "no beep"
 msgstr "Pas de son"
 
-#: config.c:1858
+#: config.c:1941
 msgid "Default Beep"
 msgstr "Bip par défaut"
 
-#: config.c:1859
+#: config.c:1942
 msgid "Critical Stop"
 msgstr "Arrêt critique"
 
-#: config.c:1860
+#: config.c:1943
 msgid "Question"
 msgstr "Question"
 
-#: config.c:1861
+#: config.c:1944
 msgid "Exclamation"
 msgstr "Exclamation"
 
-#: config.c:1862
+#: config.c:1945
 msgid "Asterisk"
 msgstr "Astérisque"
 
-#: config.c:1905
+#: config.c:1988
 msgid "â—‡ None (system sound) â—‡"
 msgstr "◇ Aucun (son système) ◇"
 
 #. __ terminal theme / colour scheme
-#: config.c:2036
+#: config.c:2119
 msgid "â—‡ None â—‡"
 msgstr "â—‡ Aucun â—‡"
 
 #. __ indicator of unsaved downloaded colour scheme
-#: config.c:2039
+#: config.c:2122
 msgid "downloaded / give me a name!"
 msgstr "téléchargé / donnez-moi un nom !"
 
-#: config.c:2128
+#: config.c:2211
 msgid "Could not load web theme"
 msgstr "Impossible de télécharger le thème"
 
-#: config.c:2177
+#: config.c:2260
 msgid "Cannot write theme file"
 msgstr "Impossible d’écrire le fichier de thème"
 
-#: config.c:2182
+#: config.c:2265
 msgid "Cannot store theme file"
 msgstr "Impossible d’enregistrer le fichier de thème"
 
 #. __ Dialog button - show About text
-#: config.c:2542
+#: config.c:2641
 msgid "About..."
 msgstr "À propos …"
 
 #. __ Dialog button - save changes
-#: config.c:2545
+#: config.c:2644
 msgid "Save"
 msgstr "Enregistrer"
 
 #. __ Dialog button - cancel
-#: config.c:2549 winctrls.c:1143 windialog.c:782
+#: config.c:2648 winctrls.c:1143 windialog.c:782
 msgid "Cancel"
 msgstr "Annuler"
 
 #. __ Dialog button - apply changes
-#: config.c:2553
+#: config.c:2652
 msgid "Apply"
 msgstr "Appliquer"
 
 #. __ Dialog button - take notice
-#: config.c:2557 windialog.c:779
+#: config.c:2656 windialog.c:779
 msgid "I see"
 msgstr "Bien vu"
 
 #. __ Dialog button - confirm action
-#: config.c:2559 winctrls.c:1142 windialog.c:781
+#: config.c:2658 winctrls.c:1142 windialog.c:781
 msgid "OK"
 msgstr "Ok"
 
 #. __ Options - Looks: treeview label
-#: config.c:2566 config.c:2597 config.c:2638
+#: config.c:2665 config.c:2696 config.c:2737
 msgid "Looks"
 msgstr "Apparence"
 
 #. __ Options - Looks: panel title
-#: config.c:2568
+#: config.c:2667
 msgid "Looks in Terminal"
 msgstr "Apparence"
 
 #. __ Options - Looks: section title
-#: config.c:2570
+#: config.c:2669
 msgid "Colours"
 msgstr "Couleurs"
 
 #. __ Options - Looks:
-#: config.c:2574
+#: config.c:2673
 msgid "&Foreground..."
 msgstr "A&vant-plan…"
 
 #. __ Options - Looks:
-#: config.c:2578
+#: config.c:2677
 msgid "&Background..."
 msgstr "A&rrière-plan…"
 
 #. __ Options - Looks:
-#: config.c:2582
+#: config.c:2681
 msgid "&Cursor..."
 msgstr "&Curseur…"
 
 #. __ Options - Looks:
-#: config.c:2586
+#: config.c:2685
 msgid "&Theme"
 msgstr "&Thème"
 
 #. __ Options - Looks: name of web service
-#: config.c:2591
+#: config.c:2690
 msgid "Color Scheme Designer"
 msgstr "Modèle de couleur"
 
 #. __ Options - Looks: store colour scheme
-#: config.c:2594 winctrls.c:381
+#: config.c:2693 winctrls.c:381
 msgid "Store"
 msgstr "Enreg."
 
 #. __ Options - Looks: section title
-#: config.c:2599
+#: config.c:2698
 msgid "Transparency"
 msgstr "Transparence"
 
@@ -263,447 +263,457 @@ msgstr "Transparence"
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2605 config.c:2815 config.c:2899 config.c:2956
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
 msgid "&Off"
 msgstr "A&rrêt"
 
 #. __ Options - Looks: transparency
-#: config.c:2607
+#: config.c:2706
 msgid "&Low"
 msgstr "&Basse"
 
 #. __ Options - Looks: transparency, short form of radio button label "Medium"
-#: config.c:2609
+#: config.c:2708
 msgid "&Med."
 msgstr "&Moy."
 
 #. __ Options - Looks: transparency
-#: config.c:2611
+#: config.c:2710
 msgid "&Medium"
 msgstr "&Moyen"
 
 #. __ Options - Looks: transparency
-#: config.c:2613
+#: config.c:2712
 msgid "&High"
 msgstr "&Haute"
 
 #. __ Options - Looks: transparency
-#: config.c:2615
+#: config.c:2714
 msgid "Gla&ss"
 msgstr "&Verre"
 
 #. __ Options - Looks: transparency
-#: config.c:2622 config.c:2633
+#: config.c:2721 config.c:2732
 msgid "Opa&que when focused"
 msgstr "Opa&que au focus"
 
 #. __ Options - Looks: transparency
-#: config.c:2627
+#: config.c:2726
 msgid "Blu&r"
 msgstr "&Flou"
 
 #. __ Options - Looks: section title
-#: config.c:2640
+#: config.c:2739
 msgid "Cursor"
 msgstr "Curseur"
 
 #. __ Options - Looks: cursor type
-#: config.c:2645
+#: config.c:2744
 msgid "Li&ne"
 msgstr "Lig&ne"
 
 #. __ Options - Looks: cursor type
-#: config.c:2647
+#: config.c:2746
 msgid "Bloc&k"
 msgstr "B&loc"
 
 #. __ Options - Looks: cursor type
-#: config.c:2649
+#: config.c:2748
 msgid "&Underscore"
 msgstr "&Tiret bas"
 
 #. __ Options - Looks: cursor feature
-#: config.c:2654
+#: config.c:2753
 msgid "Blinkin&g"
 msgstr "Cli&gnotant"
 
 #. __ Options - Text: treeview label
-#: config.c:2661 config.c:2683 config.c:2701 config.c:2735
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
 msgid "Text"
 msgstr "Texte"
 
 #. __ Options - Text: panel title
-#: config.c:2663
+#: config.c:2762
 msgid "Text and Font properties"
 msgstr "Taille et propriétés de la police de caractères"
 
 #. __ Options - Text: section title
-#: config.c:2665
+#: config.c:2764
 msgid "Font"
 msgstr "Police de caractères"
 
 #. __ Options - Text:
 #. __ Font chooser:
-#: config.c:2673 winctrls.c:1153
+#: config.c:2772 winctrls.c:1153
 msgid "Font st&yle:"
 msgstr "&Style de police :"
 
 #. __ Font chooser:
-#: config.c:2678 winctrls.c:1155
+#: config.c:2777 winctrls.c:1155
 msgid "&Size:"
 msgstr "&Taille :"
 
 #. __ Options - Text:
-#: config.c:2687 config.c:2720
+#: config.c:2786 config.c:2819
 msgid "Sho&w bold as font"
 msgstr "&Gras comme fonte"
 
 #. __ Options - Text:
-#: config.c:2692 config.c:2725
+#: config.c:2791 config.c:2824
 msgid "Show &bold as colour"
 msgstr "G&ras comme couleur"
 
 #. __ Options - Text:
-#: config.c:2705
+#: config.c:2804
 msgid "Font smoothing"
 msgstr "Lissage des caractères"
 
 #. __ Options - Text:
-#: config.c:2708
+#: config.c:2807 config.c:2951 config.c:2984
 msgid "&Default"
 msgstr "&Défaut"
 
 #. __ Options - Text:
 #. __ Options - Window: scrollbar
-#: config.c:2710 config.c:2940
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
 msgid "&None"
 msgstr "Aucu&n"
 
 #. __ Options - Text:
-#: config.c:2712
+#: config.c:2811 config.c:2950 config.c:2983
 msgid "&Partial"
 msgstr "&Partiel"
 
 #. __ Options - Text:
-#: config.c:2714
+#: config.c:2813 config.c:2952 config.c:2985
 msgid "&Full"
 msgstr "&Complet"
 
 #. __ Options - Text:
-#: config.c:2730
+#: config.c:2829
 msgid "&Allow blinking"
 msgstr "C&lignotement"
 
-#: config.c:2738
+#: config.c:2837
 msgid "&Locale"
 msgstr "&Langue"
 
-#: config.c:2741
+#: config.c:2840
 msgid "&Character set"
 msgstr "&Jeu de caractères"
 
 #. __ Options - Keys: treeview label
-#: config.c:2748 config.c:2768 config.c:2802
+#: config.c:2847 config.c:2867 config.c:2901
 msgid "Keys"
 msgstr "Clavier"
 
 #. __ Options - Keys: panel title
-#: config.c:2750
+#: config.c:2849
 msgid "Keyboard features"
 msgstr "Clavier"
 
 #. __ Options - Keys:
-#: config.c:2754
+#: config.c:2853
 msgid "&Backarrow sends ^H"
 msgstr "&Efface émet ^H"
 
 #. __ Options - Keys:
-#: config.c:2759
+#: config.c:2858
 msgid "&Delete sends DEL"
 msgstr "&Suppr émet DEL"
 
 #. __ Options - Keys:
-#: config.c:2764
+#: config.c:2863
 msgid "Ctrl+LeftAlt is Alt&Gr"
 msgstr "Ctrl+AltGauche émet Alt&Gr"
 
 #. __ Options - Keys: section title
-#: config.c:2770
+#: config.c:2869
 msgid "Shortcuts"
 msgstr "Raccourcis"
 
 #. __ Options - Keys:
-#: config.c:2773
+#: config.c:2872
 msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
 msgstr "Cop&ier et coller (Ctrl/Maj+Inser)"
 
 #. __ Options - Keys:
-#: config.c:2778
+#: config.c:2877
 msgid "&Menu and Full Screen (Alt+Space/Enter)"
 msgstr "&Menu et plein écran (Alt+Espace/Entrée)"
 
 #. __ Options - Keys:
-#: config.c:2783
+#: config.c:2882
 msgid "&Switch window (Ctrl+[Shift+]Tab)"
 msgstr "&Change de fenêtre (Ctrl+[Maj+]Tab)"
 
 #. __ Options - Keys:
-#: config.c:2788
+#: config.c:2887
 msgid "&Zoom (Ctrl+plus/minus/zero)"
 msgstr "&Zoom (Ctrl+plus/moins/zéro)"
 
 #. __ Options - Keys:
-#: config.c:2793
+#: config.c:2892
 msgid "&Alt+Fn shortcuts"
 msgstr "Raccourcis &Alt+Fn"
 
 #. __ Options - Keys:
-#: config.c:2798
+#: config.c:2897
 msgid "&Ctrl+Shift+letter shortcuts"
 msgstr "Raccourcis &Ctrl+Maj+lettre"
 
 #. __ Options - Keys: section title
-#: config.c:2804
+#: config.c:2903
 msgid "Compose key"
 msgstr "Touche compose"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2809 config.c:2893 config.c:2950
+#: config.c:2908 config.c:3046 config.c:3105
 msgid "&Shift"
 msgstr "&Maj"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2811 config.c:2895 config.c:2952
+#: config.c:2910 config.c:3048 config.c:3107
 msgid "&Ctrl"
 msgstr "&Ctrl"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2813 config.c:2897 config.c:2954
+#: config.c:2912 config.c:3050 config.c:3109
 msgid "&Alt"
 msgstr "&Alt"
 
 #. __ Options - Mouse: treeview label
-#: config.c:2823 config.c:2843 config.c:2875
+#: config.c:2922 config.c:2996 config.c:3028
 msgid "Mouse"
 msgstr "Souris"
 
 #. __ Options - Mouse: panel title
-#: config.c:2825
+#: config.c:2924
 msgid "Mouse functions"
 msgstr "Souris"
 
 #. __ Options - Mouse:
-#: config.c:2829
+#: config.c:2929 config.c:2957 config.c:2968
 msgid "Cop&y on select"
 msgstr "Copier sur &sélection"
 
 #. __ Options - Mouse:
-#: config.c:2834
+#: config.c:2934 config.c:2962 config.c:2973
 msgid "Copy as &rich text"
 msgstr "Copier en &Rich Text"
 
 #. __ Options - Mouse:
-#: config.c:2839
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr "Copier en &HTML"
+
+#. __ Options - Mouse:
+#: config.c:2992
 msgid "Clic&ks place command line cursor"
 msgstr "Cli&c positionne le curseur"
 
 #. __ Options - Mouse: section title
-#: config.c:2845
+#: config.c:2998
 msgid "Click actions"
 msgstr "Actions du cllic"
 
 #. __ Options - Mouse:
-#: config.c:2848
+#: config.c:3001
 msgid "Right mouse button"
 msgstr "Bouton droit"
 
 #. __ Options - Mouse:
-#: config.c:2851 config.c:2865
+#: config.c:3004 config.c:3018
 msgid "&Paste"
 msgstr "&Coller"
 
 #. __ Options - Mouse:
-#: config.c:2853 config.c:2867
+#: config.c:3006 config.c:3020
 msgid "E&xtend"
 msgstr "É&tendre"
 
 #. __ Options - Mouse:
-#: config.c:2855
+#: config.c:3008
 msgid "&Menu"
 msgstr "&Menu"
 
 #. __ Options - Mouse:
-#: config.c:2857 config.c:2871
+#: config.c:3010 config.c:3024
 msgid "Ente&r"
 msgstr "Ent&ée"
 
 #. __ Options - Mouse:
-#: config.c:2862
+#: config.c:3015
 msgid "Middle mouse button"
 msgstr "Bouton du milieu"
 
 #. __ Options - Mouse:
-#: config.c:2869
+#: config.c:3022
 msgid "&Nothing"
 msgstr "&Rien"
 
 #. __ Options - Mouse: section title
-#: config.c:2877
+#: config.c:3030
 msgid "Application mouse mode"
 msgstr "Souris en mode appli."
 
 #. __ Options - Mouse:
-#: config.c:2880
+#: config.c:3033
 msgid "Default click target"
 msgstr "&Cible du clic"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2883
+#: config.c:3036
 msgid "&Window"
 msgstr "&Fenêtre"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2885
+#: config.c:3038
 msgid "&Application"
 msgstr "A&pplication"
 
 #. __ Options - Mouse:
-#: config.c:2890
+#: config.c:3043
 msgid "Modifier for overriding default"
 msgstr "Modifieur"
 
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr ""
+
 #. __ Options - Window: treeview label
-#: config.c:2907 config.c:2926 config.c:2965
+#: config.c:3062 config.c:3081 config.c:3122
 msgid "Window"
 msgstr "Fenêtre"
 
 #. __ Options - Window: panel title
-#: config.c:2909
+#: config.c:3064
 msgid "Window properties"
 msgstr "Fenêtre"
 
 #. __ Options - Window: section title
-#: config.c:2911
+#: config.c:3066
 msgid "Default size"
 msgstr "Taille par défaut"
 
 #. __ Options - Window:
-#: config.c:2915
+#: config.c:3070
 msgid "Colu&mns"
 msgstr "Colon&nes"
 
 #. __ Options - Window:
-#: config.c:2919
+#: config.c:3074
 msgid "Ro&ws"
 msgstr "Li&gnes"
 
 #. __ Options - Window:
-#: config.c:2923
+#: config.c:3078
 msgid "C&urrent size"
 msgstr "Taille a&ctuelle"
 
 #. __ Options - Window:
-#: config.c:2930
+#: config.c:3085
 msgid "Scroll&back lines"
 msgstr "&Lignes défilement ar."
 
 #. __ Options - Window:
-#: config.c:2935
+#: config.c:3090
 msgid "Scrollbar"
 msgstr "Barre de défilement"
 
 #. __ Options - Window: scrollbar
-#: config.c:2938
+#: config.c:3093
 msgid "&Left"
 msgstr "&Gauche"
 
 #. __ Options - Window: scrollbar
-#: config.c:2942
+#: config.c:3097
 msgid "&Right"
 msgstr "&Droite"
 
 #. __ Options - Window:
-#: config.c:2947
+#: config.c:3102
 msgid "Modifier for scrolling"
 msgstr "Modifieur pour défilement"
 
 #. __ Options - Window:
-#: config.c:2961
+#: config.c:3118
 msgid "&PgUp and PgDn scroll without modifier"
 msgstr "Défilement par &PgAr et PgAv "
 
 #. __ Options - Window: section title
-#: config.c:2967
+#: config.c:3124
 msgid "UI language"
 msgstr "Langue"
 
 #. __ Options - Terminal: treeview label
-#: config.c:2977 config.c:2990 config.c:3051 config.c:3065
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
 msgid "Terminal"
 msgstr "Terminal"
 
 #. __ Options - Terminal: panel title
-#: config.c:2979
+#: config.c:3136
 msgid "Terminal features"
 msgstr "Terminal"
 
 #. __ Options - Terminal:
-#: config.c:2983
+#: config.c:3140
 msgid "&Type"
 msgstr "&Type"
 
 #. __ Options - Terminal:
-#: config.c:2987
+#: config.c:3144
 msgid "&Answerback"
 msgstr "&Retour"
 
 #. __ Options - Terminal: section title
-#: config.c:2992
+#: config.c:3149
 msgid "Bell"
 msgstr "Son"
 
 #. __ Options - Terminal: bell
-#: config.c:2999
+#: config.c:3156
 msgid "â–º &Play"
 msgstr "â–º &Lire"
 
 #. __ Options - Terminal: bell
-#: config.c:3005
+#: config.c:3162
 msgid "&Wave"
 msgstr "&Fichier"
 
 #. __ Options - Terminal: bell
-#: config.c:3027 config.c:3040
+#: config.c:3184 config.c:3197
 msgid "&Flash"
 msgstr "&Flash"
 
 #. __ Options - Terminal: bell
-#: config.c:3029 config.c:3044
+#: config.c:3186 config.c:3201
 msgid "&Highlight in taskbar"
 msgstr "Flash &tâche"
 
 #. __ Options - Terminal: bell
-#: config.c:3031 config.c:3048
+#: config.c:3188 config.c:3205
 msgid "&Popup"
 msgstr ""
 
 #. __ Options - Terminal: section title
-#: config.c:3053
+#: config.c:3210
 msgid "Printer"
 msgstr "Imprimante"
 
 #. __ Options - Terminal:
-#: config.c:3068
+#: config.c:3225
 msgid "Prompt about running processes on &close"
 msgstr "&Demander si process en cours à la fermeture"
 
-#: textprint.c:37 textprint.c:101
+#: textprint.c:37 textprint.c:115
 msgid "[Printing...] "
 msgstr "[Impression…]"
 
@@ -831,177 +841,217 @@ msgstr ""
 msgid "Error"
 msgstr "Erreur"
 
-#. __ Context menu, session switcher ("virtual tabs")
-#: wininput.c:153
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
 msgid "Session switcher"
 msgstr "Choisir une session"
 
-#. __ Context menu, session launcher ("virtual tabs")
-#: wininput.c:254
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
 msgid "Session launcher"
 msgstr "Lanceur de session"
 
-#: wininput.c:357 wininput.c:363
+#: wininput.c:401 wininput.c:407
 msgid "Ctrl+"
 msgstr ""
 
-#: wininput.c:358 wininput.c:364
+#: wininput.c:402 wininput.c:408
 msgid "Alt+"
 msgstr ""
 
-#: wininput.c:359 wininput.c:365
+#: wininput.c:403 wininput.c:409
 msgid "Shift+"
 msgstr "Maj+"
 
 #. __ System menu:
-#: wininput.c:390
+#: wininput.c:434
 msgid "&Restore"
 msgstr "&Restaurer"
 
 #. __ System menu:
-#: wininput.c:392
+#: wininput.c:436
 msgid "&Move"
 msgstr "&Déplacer"
 
 #. __ System menu:
-#: wininput.c:394
+#: wininput.c:438
 msgid "&Size"
 msgstr "&Taille"
 
 #. __ System menu:
-#: wininput.c:396
+#: wininput.c:440
 msgid "Mi&nimize"
 msgstr "Di&minuer"
 
 #. __ System menu:
-#: wininput.c:398
+#: wininput.c:442
 msgid "Ma&ximize"
 msgstr "Ma&ximiser"
 
 #. __ System menu:
-#: wininput.c:400
+#: wininput.c:444
 msgid "&Close"
 msgstr "&Fermer"
 
 #. __ System menu:
-#: wininput.c:405
+#: wininput.c:449
 msgid "Ne&w"
 msgstr "No&uveau"
 
 #. __ Context menu:
-#: wininput.c:412
+#: wininput.c:456
 msgid "&Copy"
 msgstr "&Copier"
 
 #. __ Context menu:
-#: wininput.c:422
+#: wininput.c:473
 msgid "&Paste "
 msgstr "Co&ller"
 
 #. __ Context menu:
-#: wininput.c:427
+#: wininput.c:478
 msgid "Copy → Paste"
 msgstr "Copier → Coller"
 
 #. __ Context menu:
-#: wininput.c:432
+#: wininput.c:483
 msgid "S&earch"
 msgstr "Ch&ercher"
 
 #. __ Context menu:
-#: wininput.c:439
+#: wininput.c:490
 msgid "&Log to File"
 msgstr "Enregistrer fichier"
 
 #. __ Context menu:
-#: wininput.c:445
+#: wininput.c:496
 msgid "Character &Info"
 msgstr "&Info de caractères"
 
 #. __ Context menu:
-#: wininput.c:450
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr "Clavier VT220"
+
+#. __ Context menu:
+#: wininput.c:507
 msgid "&Reset"
 msgstr "&Reset"
 
 #. __ Context menu:
-#: wininput.c:458
+#: wininput.c:515
 msgid "&Default Size"
 msgstr "Taille &défaut"
 
 #. __ Context menu:
-#: wininput.c:464
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr "Barre de défilement"
+
+#. __ Context menu:
+#: wininput.c:531
 msgid "&Full Screen"
 msgstr "&Plein écran"
 
 #. __ Context menu:
-#: wininput.c:470
+#: wininput.c:537
 msgid "Flip &Screen"
 msgstr "Basculer l'&écran"
 
 #. __ System menu:
-#: wininput.c:480 wininput.c:559
+#: wininput.c:547 wininput.c:697
 msgid "Copy &Title"
 msgstr "&Copier le titre"
 
 #. __ System menu:
 #. __ Context menu:
 #. __ System menu:
-#: wininput.c:482 wininput.c:547 wininput.c:561
+#: wininput.c:549 wininput.c:681 wininput.c:699
 msgid "&Options..."
 msgstr "&Options…"
 
-#. __ Context menu, user commands
-#: wininput.c:493
-msgid "User commands"
-msgstr "Commandes utilisateur"
-
 #. __ Context menu:
-#: wininput.c:510
+#: wininput.c:624
 msgid "Ope&n"
 msgstr "Ouvr&ir"
 
 #. __ Context menu:
-#: wininput.c:518
+#: wininput.c:629
+msgid "Copy as text"
+msgstr "Copier en text"
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr "Copier en RTF"
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr "Copier en HTML text"
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr "Copier en HTML"
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr "Copier en HTML complet"
+
+#. __ Context menu:
+#: wininput.c:644
 msgid "Select &All"
 msgstr "Tout &sélectionner"
 
-#. __ Context menu:
-#: wininput.c:528
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr "Copie écran en HTML"
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
 msgid "Clear Scrollback"
 msgstr "Purger le défilement"
 
-#. __ Context menu:
-#: wininput.c:537
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
 msgid "Send Break"
 msgstr "Émet Break"
 
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr "Commandes utilisateur"
+
 # msgstr "Arrêter le défilement"
-#: winmain.c:1778
+#: winmain.c:2065
 msgid "Processes are running in session:"
 msgstr "Processus en cours dans la session :"
 
-#: winmain.c:1779
+#: winmain.c:2066
 msgid "Close anyway?"
 msgstr "Forcer la fermeture ?"
 
-#: winmain.c:2479
+#: winmain.c:2184
 msgid "Try '--help' for more information"
 msgstr "Essayez « --help » pour plus d’information"
 
-#: winmain.c:2487
+#: winmain.c:2192
 msgid "Could not load icon"
 msgstr "Impossible de charger l’icône"
 
-#: winmain.c:3109
+#: winmain.c:3598
 msgid "Usage:"
 msgstr "Utilisation :"
 
-#: winmain.c:3110
+#: winmain.c:3599
 msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
 msgstr "[OPTION]... [ PROGRAMME [ARG]... | - ]"
 
 #. __ help text (output of -H / --help), after initial line ("synopsis")
-#: winmain.c:3113
+#: winmain.c:3602
 msgid ""
 "Start a new terminal session running the specified program or the user's "
 "shell.\n"
@@ -1076,39 +1126,39 @@ msgstr ""
 "Voir la page de manuel pour les autres options de la ligne de commande et la "
 "configuration.\n"
 
-#: winmain.c:3270 winmain.c:3333
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "WSL distribution '%s' not found"
 msgstr "Distribution WSL « %s » non trouvée"
 
-#: winmain.c:3361
+#: winmain.c:3904
 msgid "Duplicate option '%s'"
 msgstr "Option « %s » en double"
 
-#: winmain.c:3369
+#: winmain.c:3912
 msgid "Unknown option '%s'"
 msgstr "Option inconnue « %s »"
 
-#: winmain.c:3371
+#: winmain.c:3914
 msgid "Option '%s' requires an argument"
 msgstr "L’option « %s » requiert un argument"
 
-#: winmain.c:3398
+#: winmain.c:3941
 msgid "Syntax error in position argument '%s'"
 msgstr "Erreur de syntaxe pour l’argument de position « %s »"
 
-#: winmain.c:3409
+#: winmain.c:3952
 msgid "Syntax error in size argument '%s'"
 msgstr "Erreur de syntaxe pour l’argument de taille « %s »"
 
-#: winmain.c:3533
+#: winmain.c:4083
 msgid "Syntax error in geometry argument '%s'"
 msgstr "Erreur de syntaxe pour l’argument de taille et position « %s »"
 
-#: winmain.c:3607
+#: winmain.c:4158
 msgid "Mintty could not detach from caller, starting anyway"
 msgstr "Mintty ne peut se détacher de l’appelant, on démarre quand même"
 
-#: winmain.c:3792
+#: winmain.c:4396
 msgid "Using default title due to invalid characters in program name"
 msgstr ""
 "Utilisation du titre par défaut à cause d’un caractère invalide dans le nom "
@@ -1129,34 +1179,34 @@ msgstr "â—€"
 msgid "â–¶"
 msgstr "â–¶"
 
-#. __ Options - Text: font properties information ("leading" ("ledding"): add. row spacing)
-#: wintext.c:139
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
 msgid "Leading: %d, Bold: %s, Underline: %s"
 msgstr "Interlignage : %d, Gras : %s, Souligné : %s"
 
 #. __ Options - Text: font properties: value taken from font
-#: wintext.c:141
+#: wintext.c:143
 msgid "font"
 msgstr "police"
 
 #. __ Options - Text: font properties: value affected by option
-#: wintext.c:143
+#: wintext.c:145
 msgid "manual"
 msgstr "manuel"
 
-#: wintext.c:387
+#: wintext.c:400
 msgid "Font not found, using system substitute"
 msgstr "Police non trouvée, utilisation de la police système"
 
-#: wintext.c:394
+#: wintext.c:407
 msgid "Font has limited support for character ranges"
 msgstr "La police a un jeu de caractères limité"
 
-#: wintext.c:500
+#: wintext.c:512
 msgid "Font installation corrupt, using system substitute"
 msgstr "Police corrompue, utilisation de la police système"
 
-#: wintext.c:513
+#: wintext.c:525
 msgid "Font does not support system locale"
 msgstr "Police non supportée pour la langue système"
 
diff --git a/msys2/usr/share/mintty/lang/ja.po b/msys2/usr/share/mintty/lang/ja.po
index abcb2cb3c..82aa5728f 100644
--- a/msys2/usr/share/mintty/lang/ja.po
+++ b/msys2/usr/share/mintty/lang/ja.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: mintty\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-04-11 10:29+0200\n"
+"POT-Creation-Date: 2019-03-28 18:43+0100\n"
 "PO-Revision-Date: 2017-02-27 18:11+0900\n"
 "Last-Translator: Ken Takata <kentkt@csc.jp>\n"
 "Language-Team: \n"
@@ -16,78 +16,78 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: charset.c:213 charset.c:224 winmain.c:3270 winmain.c:3333
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "(Default)"
 msgstr "(既定)"
 
-#: charset.c:235
+#: charset.c:253
 msgid "(OEM codepage)"
 msgstr "(OEMコードページ)"
 
-#: charset.c:239
+#: charset.c:257
 msgid "(ANSI codepage)"
 msgstr "(ANSIコードページ)"
 
-#: child.c:78
+#: child.c:82
 msgid "There are no available terminals"
 msgstr "使用�能�端末��り��ん"
 
-#: child.c:153
+#: child.c:157
 msgid "Error: Could not open log file"
 msgstr "エラー: ログファイルを開���ん"
 
-#: child.c:225
+#: child.c:229
 msgid "Error: Could not fork child process"
 msgstr "エラー: �プロセスをfork����ん"
 
-#: child.c:227
+#: child.c:231
 msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
 msgstr "DLL�リベース�必���; 'rebaseall / rebase --help' を�照"
 
 #. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
-#: child.c:305
+#: child.c:309
 msgid "Failed to run '%s': %s"
 msgstr "実行�失敗 '%s': %s"
 
 #. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
-#: child.c:422
+#: child.c:426
 msgid "%s: Exit %i"
 msgstr "%s: 終了コード %i"
 
 #. __ default inline notification if ExitWrite=yes
-#: child.c:429
+#: child.c:433
 msgid "TERMINATED"
 msgstr "終了����"
 
-#: child.c:836
+#: child.c:984
 msgid "Error: Could not fork child daemon"
 msgstr "エラー: �デーモンをfork����ん"
 
 #. __ %s: unknown option name
-#: config.c:552
+#: config.c:603
 msgid "Ignoring unknown option '%s'"
 msgstr "�明�オプション '%s' を無視���"
 
-#: config.c:597 config.c:626
+#: config.c:648 config.c:677
 msgid "Internal error: too many options"
 msgstr "内部エラー: オプション�多����"
 
-#: config.c:613
+#: config.c:664
 msgid "Internal error: too many options/comments"
 msgstr "内部エラー: オプション/コメント�多����"
 
 #. __ %2$s: option name, %1$s: invalid value
-#: config.c:748
+#: config.c:810
 msgid "Ignoring invalid value '%s' for option '%s'"
 msgstr "オプション '%2$s' 用��正�値 '%1$s' を無視���"
 
 #. __ %s: option name
-#: config.c:759
+#: config.c:822
 msgid "Ignoring option '%s' with missing value"
 msgstr "値���オプション '%s' を無視���"
 
 #. __ %1$s: config file name, %2$s: error message
-#: config.c:1362
+#: config.c:1443
 msgid ""
 "Could not save options to '%s':\n"
 "%s."
@@ -95,162 +95,162 @@ msgstr ""
 "オプションを '%s' ��存����ん:\n"
 "%s。"
 
-#: config.c:1679
+#: config.c:1762
 msgid "â—‡ None (printing disabled) â—‡"
 msgstr "◇ �� (�刷����ん) ◇"
 
-#: config.c:1681
+#: config.c:1764
 msgid "â—† Default printer â—†"
 msgstr "◆ 既定�プリンター ◆"
 
 #. __ UI language
-#: config.c:1790
+#: config.c:1873
 msgid "– None –"
 msgstr "– �� –"
 
-#: config.c:1791
+#: config.c:1874
 msgid "@ Windows language @"
 msgstr "@ Windows�言語 @"
 
-#: config.c:1792
+#: config.c:1875
 msgid "* Locale environm. *"
 msgstr "* ロケール環境変数 *"
 
-#: config.c:1793
+#: config.c:1876
 msgid "= cfg. Text Locale ="
 msgstr "= テキストロケール設定 ="
 
-#: config.c:1856
+#: config.c:1939
 msgid "simple beep"
 msgstr "�純�ビープ"
 
-#: config.c:1857
+#: config.c:1940
 msgid "no beep"
 msgstr "ビープ��"
 
-#: config.c:1858
+#: config.c:1941
 msgid "Default Beep"
 msgstr "既定�ビープ"
 
-#: config.c:1859
+#: config.c:1942
 msgid "Critical Stop"
 msgstr "致命的�止"
 
-#: config.c:1860
+#: config.c:1943
 msgid "Question"
 msgstr "クエス�ョン"
 
-#: config.c:1861
+#: config.c:1944
 msgid "Exclamation"
 msgstr "エクスクラメーション"
 
-#: config.c:1862
+#: config.c:1945
 msgid "Asterisk"
 msgstr "アスタリスク"
 
-#: config.c:1905
+#: config.c:1988
 msgid "â—‡ None (system sound) â—‡"
 msgstr "◇ �� (システム�サウンド) ◇"
 
 #. __ terminal theme / colour scheme
-#: config.c:2036
+#: config.c:2119
 msgid "â—‡ None â—‡"
 msgstr "◇ �� ◇"
 
 #. __ indicator of unsaved downloaded colour scheme
-#: config.c:2039
+#: config.c:2122
 msgid "downloaded / give me a name!"
 msgstr "ダウンロード完了 / ��を指定������!"
 
-#: config.c:2128
+#: config.c:2211
 msgid "Could not load web theme"
 msgstr "webテーマをロード����ん"
 
-#: config.c:2177
+#: config.c:2260
 msgid "Cannot write theme file"
 msgstr "テーマファイルを書�込���ん"
 
-#: config.c:2182
+#: config.c:2265
 msgid "Cannot store theme file"
 msgstr "テーマファイルを�存����ん"
 
 #. __ Dialog button - show About text
-#: config.c:2542
+#: config.c:2641
 msgid "About..."
 msgstr "About..."
 
 #. __ Dialog button - save changes
-#: config.c:2545
+#: config.c:2644
 msgid "Save"
 msgstr "�存"
 
 #. __ Dialog button - cancel
-#: config.c:2549 winctrls.c:1143 windialog.c:782
+#: config.c:2648 winctrls.c:1143 windialog.c:782
 msgid "Cancel"
 msgstr "キャンセル"
 
 #. __ Dialog button - apply changes
-#: config.c:2553
+#: config.c:2652
 msgid "Apply"
 msgstr "�用"
 
 #. __ Dialog button - take notice
-#: config.c:2557 windialog.c:779
+#: config.c:2656 windialog.c:779
 msgid "I see"
 msgstr "了解"
 
 #. __ Dialog button - confirm action
-#: config.c:2559 winctrls.c:1142 windialog.c:781
+#: config.c:2658 winctrls.c:1142 windialog.c:781
 msgid "OK"
 msgstr "OK"
 
 #. __ Options - Looks: treeview label
-#: config.c:2566 config.c:2597 config.c:2638
+#: config.c:2665 config.c:2696 config.c:2737
 msgid "Looks"
 msgstr "外観"
 
 #. __ Options - Looks: panel title
-#: config.c:2568
+#: config.c:2667
 msgid "Looks in Terminal"
 msgstr "端末�外観"
 
 #. __ Options - Looks: section title
-#: config.c:2570
+#: config.c:2669
 msgid "Colours"
 msgstr "色"
 
 #. __ Options - Looks:
-#: config.c:2574
+#: config.c:2673
 msgid "&Foreground..."
 msgstr "�景色(&F)..."
 
 #. __ Options - Looks:
-#: config.c:2578
+#: config.c:2677
 msgid "&Background..."
 msgstr "背景色(&B)..."
 
 #. __ Options - Looks:
-#: config.c:2582
+#: config.c:2681
 msgid "&Cursor..."
 msgstr "カーソル(&C)..."
 
 #. __ Options - Looks:
-#: config.c:2586
+#: config.c:2685
 msgid "&Theme"
 msgstr "テーマ(&T)"
 
 #. __ Options - Looks: name of web service
-#: config.c:2591
+#: config.c:2690
 msgid "Color Scheme Designer"
 msgstr "カラースキームデザイナー"
 
 #. __ Options - Looks: store colour scheme
-#: config.c:2594 winctrls.c:381
+#: config.c:2693 winctrls.c:381
 msgid "Store"
 msgstr "�存"
 
 #. __ Options - Looks: section title
-#: config.c:2599
+#: config.c:2698
 msgid "Transparency"
 msgstr "�明度"
 
@@ -258,447 +258,457 @@ msgstr "�明度"
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2605 config.c:2815 config.c:2899 config.c:2956
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
 msgid "&Off"
 msgstr "オフ(&O)"
 
 #. __ Options - Looks: transparency
-#: config.c:2607
+#: config.c:2706
 msgid "&Low"
 msgstr "低(&L)"
 
 #. __ Options - Looks: transparency, short form of radio button label "Medium"
-#: config.c:2609
+#: config.c:2708
 msgid "&Med."
 msgstr "中(&M)"
 
 #. __ Options - Looks: transparency
-#: config.c:2611
+#: config.c:2710
 msgid "&Medium"
 msgstr "中間(&M)"
 
 #. __ Options - Looks: transparency
-#: config.c:2613
+#: config.c:2712
 msgid "&High"
 msgstr "高(&H)"
 
 #. __ Options - Looks: transparency
-#: config.c:2615
+#: config.c:2714
 msgid "Gla&ss"
 msgstr "Glass(&S)"
 
 #. __ Options - Looks: transparency
-#: config.c:2622 config.c:2633
+#: config.c:2721 config.c:2732
 msgid "Opa&que when focused"
 msgstr "フォーカス時���明(&Q)"
 
 #. __ Options - Looks: transparency
-#: config.c:2627
+#: config.c:2726
 msgid "Blu&r"
 msgstr "���(&R)"
 
 #. __ Options - Looks: section title
-#: config.c:2640
+#: config.c:2739
 msgid "Cursor"
 msgstr "カーソル"
 
 #. __ Options - Looks: cursor type
-#: config.c:2645
+#: config.c:2744
 msgid "Li&ne"
 msgstr "ç·š(&N)"
 
 #. __ Options - Looks: cursor type
-#: config.c:2647
+#: config.c:2746
 msgid "Bloc&k"
 msgstr "四角(&K)"
 
 #. __ Options - Looks: cursor type
-#: config.c:2649
+#: config.c:2748
 msgid "&Underscore"
 msgstr "下線(&U)"
 
 #. __ Options - Looks: cursor feature
-#: config.c:2654
+#: config.c:2753
 msgid "Blinkin&g"
 msgstr "点滅(&G)"
 
 #. __ Options - Text: treeview label
-#: config.c:2661 config.c:2683 config.c:2701 config.c:2735
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
 msgid "Text"
 msgstr "テキスト"
 
 #. __ Options - Text: panel title
-#: config.c:2663
+#: config.c:2762
 msgid "Text and Font properties"
 msgstr "テキスト�フォント�設定"
 
 #. __ Options - Text: section title
-#: config.c:2665
+#: config.c:2764
 msgid "Font"
 msgstr "フォント"
 
 #. __ Options - Text:
 #. __ Font chooser:
-#: config.c:2673 winctrls.c:1153
+#: config.c:2772 winctrls.c:1153
 msgid "Font st&yle:"
 msgstr "フォントスタイル(&Y):"
 
 #. __ Font chooser:
-#: config.c:2678 winctrls.c:1155
+#: config.c:2777 winctrls.c:1155
 msgid "&Size:"
 msgstr "サイズ(&S):"
 
 #. __ Options - Text:
-#: config.c:2687 config.c:2720
+#: config.c:2786 config.c:2819
 msgid "Sho&w bold as font"
 msgstr "ボールドフォントを使用(&W)"
 
 #. __ Options - Text:
-#: config.c:2692 config.c:2725
+#: config.c:2791 config.c:2824
 msgid "Show &bold as colour"
 msgstr "ボールドをカラー表示(&B)"
 
 #. __ Options - Text:
-#: config.c:2705
+#: config.c:2804
 msgid "Font smoothing"
 msgstr "フォントスムージング"
 
 #. __ Options - Text:
-#: config.c:2708
+#: config.c:2807 config.c:2951 config.c:2984
 msgid "&Default"
 msgstr "既定(&D)"
 
 #. __ Options - Text:
 #. __ Options - Window: scrollbar
-#: config.c:2710 config.c:2940
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
 msgid "&None"
 msgstr "��(&N)"
 
 #. __ Options - Text:
-#: config.c:2712
+#: config.c:2811 config.c:2950 config.c:2983
 msgid "&Partial"
 msgstr "部分的(&P)"
 
 #. __ Options - Text:
-#: config.c:2714
+#: config.c:2813 config.c:2952 config.c:2985
 msgid "&Full"
 msgstr "完全(&F)"
 
 #. __ Options - Text:
-#: config.c:2730
+#: config.c:2829
 msgid "&Allow blinking"
 msgstr "点滅を許�(&A)"
 
-#: config.c:2738
+#: config.c:2837
 msgid "&Locale"
 msgstr "ロケール(&L)"
 
-#: config.c:2741
+#: config.c:2840
 msgid "&Character set"
 msgstr "文字セット(&C)"
 
 #. __ Options - Keys: treeview label
-#: config.c:2748 config.c:2768 config.c:2802
+#: config.c:2847 config.c:2867 config.c:2901
 msgid "Keys"
 msgstr "キー"
 
 #. __ Options - Keys: panel title
-#: config.c:2750
+#: config.c:2849
 msgid "Keyboard features"
 msgstr "キーボード設定"
 
 #. __ Options - Keys:
-#: config.c:2754
+#: config.c:2853
 msgid "&Backarrow sends ^H"
 msgstr "BS�^Hを�信(&B)"
 
 #. __ Options - Keys:
-#: config.c:2759
+#: config.c:2858
 msgid "&Delete sends DEL"
 msgstr "Delete�DELを�信(&D)"
 
 #. __ Options - Keys:
-#: config.c:2764
+#: config.c:2863
 msgid "Ctrl+LeftAlt is Alt&Gr"
 msgstr "Ctrl+左Alt�AltGr(&G)"
 
 #. __ Options - Keys: section title
-#: config.c:2770
+#: config.c:2869
 msgid "Shortcuts"
 msgstr "ショートカット"
 
 #. __ Options - Keys:
-#: config.c:2773
+#: config.c:2872
 msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
 msgstr "コピー&&ペースト(&Y) (Ctrl/Shift+Ins)"
 
 #. __ Options - Keys:
-#: config.c:2778
+#: config.c:2877
 msgid "&Menu and Full Screen (Alt+Space/Enter)"
 msgstr "メニュー�全画�(&M) (Alt+Space/Enter)"
 
 #. __ Options - Keys:
-#: config.c:2783
+#: config.c:2882
 msgid "&Switch window (Ctrl+[Shift+]Tab)"
 msgstr "ウィンドウ�切り替�(&S) (Ctrl+[Shift+]Tab)"
 
 #. __ Options - Keys:
-#: config.c:2788
+#: config.c:2887
 msgid "&Zoom (Ctrl+plus/minus/zero)"
 msgstr "ズーム(&Z) (Ctrl+plus/minus/zero)"
 
 #. __ Options - Keys:
-#: config.c:2793
+#: config.c:2892
 msgid "&Alt+Fn shortcuts"
 msgstr "Alt+Fnショートカット(&A)"
 
 #. __ Options - Keys:
-#: config.c:2798
+#: config.c:2897
 msgid "&Ctrl+Shift+letter shortcuts"
 msgstr "Ctrl+Shift+文字 ショートカット(&C)"
 
 #. __ Options - Keys: section title
-#: config.c:2804
+#: config.c:2903
 msgid "Compose key"
 msgstr "組����キー"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2809 config.c:2893 config.c:2950
+#: config.c:2908 config.c:3046 config.c:3105
 msgid "&Shift"
 msgstr "Shift(&S)"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2811 config.c:2895 config.c:2952
+#: config.c:2910 config.c:3048 config.c:3107
 msgid "&Ctrl"
 msgstr "Ctrl(&C)"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2813 config.c:2897 config.c:2954
+#: config.c:2912 config.c:3050 config.c:3109
 msgid "&Alt"
 msgstr "Alt(&A)"
 
 #. __ Options - Mouse: treeview label
-#: config.c:2823 config.c:2843 config.c:2875
+#: config.c:2922 config.c:2996 config.c:3028
 msgid "Mouse"
 msgstr "マウス"
 
 #. __ Options - Mouse: panel title
-#: config.c:2825
+#: config.c:2924
 msgid "Mouse functions"
 msgstr "マウス設定"
 
 #. __ Options - Mouse:
-#: config.c:2829
+#: config.c:2929 config.c:2957 config.c:2968
 msgid "Cop&y on select"
 msgstr "�択時�コピー(&Y)"
 
 #. __ Options - Mouse:
-#: config.c:2834
+#: config.c:2934 config.c:2962 config.c:2973
 msgid "Copy as &rich text"
 msgstr "リッ�テキスト���コピー(&R)"
 
 #. __ Options - Mouse:
-#: config.c:2839
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr "HTML���コピー(&H)"
+
+#. __ Options - Mouse:
+#: config.c:2992
 msgid "Clic&ks place command line cursor"
 msgstr "クリック�コマンドラインカーソルを移動(&K)"
 
 #. __ Options - Mouse: section title
-#: config.c:2845
+#: config.c:2998
 msgid "Click actions"
 msgstr "クリック動作"
 
 #. __ Options - Mouse:
-#: config.c:2848
+#: config.c:3001
 msgid "Right mouse button"
 msgstr "�マウスボタン"
 
 #. __ Options - Mouse:
-#: config.c:2851 config.c:2865
+#: config.c:3004 config.c:3018
 msgid "&Paste"
 msgstr "ペースト(&P)"
 
 #. __ Options - Mouse:
-#: config.c:2853 config.c:2867
+#: config.c:3006 config.c:3020
 msgid "E&xtend"
 msgstr "æ‹¡å¼µ(&X)"
 
 #. __ Options - Mouse:
-#: config.c:2855
+#: config.c:3008
 msgid "&Menu"
 msgstr "メニュー(&M)"
 
 #. __ Options - Mouse:
-#: config.c:2857 config.c:2871
+#: config.c:3010 config.c:3024
 msgid "Ente&r"
 msgstr "Enter(&R)"
 
 #. __ Options - Mouse:
-#: config.c:2862
+#: config.c:3015
 msgid "Middle mouse button"
 msgstr "中マウスボタン"
 
 #. __ Options - Mouse:
-#: config.c:2869
+#: config.c:3022
 msgid "&Nothing"
 msgstr "��(&N)"
 
 #. __ Options - Mouse: section title
-#: config.c:2877
+#: config.c:3030
 msgid "Application mouse mode"
 msgstr "アプリケーションマウスモード"
 
 #. __ Options - Mouse:
-#: config.c:2880
+#: config.c:3033
 msgid "Default click target"
 msgstr "既定�クリック先"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2883
+#: config.c:3036
 msgid "&Window"
 msgstr "ウィンドウ(&W)"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2885
+#: config.c:3038
 msgid "&Application"
 msgstr "アプリケーション(&A)"
 
 #. __ Options - Mouse:
-#: config.c:2890
+#: config.c:3043
 msgid "Modifier for overriding default"
 msgstr "既定を上書��る���修飾�"
 
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr "Win(&W)"
+
 #. __ Options - Window: treeview label
-#: config.c:2907 config.c:2926 config.c:2965
+#: config.c:3062 config.c:3081 config.c:3122
 msgid "Window"
 msgstr "ウィンドウ"
 
 #. __ Options - Window: panel title
-#: config.c:2909
+#: config.c:3064
 msgid "Window properties"
 msgstr "ウィンドウ設定"
 
 #. __ Options - Window: section title
-#: config.c:2911
+#: config.c:3066
 msgid "Default size"
 msgstr "既定�サイズ"
 
 #. __ Options - Window:
-#: config.c:2915
+#: config.c:3070
 msgid "Colu&mns"
 msgstr "�(&M)"
 
 #. __ Options - Window:
-#: config.c:2919
+#: config.c:3074
 msgid "Ro&ws"
 msgstr "行(&W)"
 
 #. __ Options - Window:
-#: config.c:2923
+#: config.c:3078
 msgid "C&urrent size"
 msgstr "�在�サイズ(&U)"
 
 #. __ Options - Window:
-#: config.c:2930
+#: config.c:3085
 msgid "Scroll&back lines"
 msgstr "スクロール行数(&B)"
 
 #. __ Options - Window:
-#: config.c:2935
+#: config.c:3090
 msgid "Scrollbar"
 msgstr "スクロール�ー"
 
 #. __ Options - Window: scrollbar
-#: config.c:2938
+#: config.c:3093
 msgid "&Left"
 msgstr "å·¦(&L)"
 
 #. __ Options - Window: scrollbar
-#: config.c:2942
+#: config.c:3097
 msgid "&Right"
 msgstr "�(&R)"
 
 #. __ Options - Window:
-#: config.c:2947
+#: config.c:3102
 msgid "Modifier for scrolling"
 msgstr "スクロール用修飾�"
 
 #. __ Options - Window:
-#: config.c:2961
+#: config.c:3118
 msgid "&PgUp and PgDn scroll without modifier"
 msgstr "修飾����PgUp�PgDn�スクロール(&P)"
 
 #. __ Options - Window: section title
-#: config.c:2967
+#: config.c:3124
 msgid "UI language"
 msgstr "UI言語"
 
 #. __ Options - Terminal: treeview label
-#: config.c:2977 config.c:2990 config.c:3051 config.c:3065
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
 msgid "Terminal"
 msgstr "端末"
 
 #. __ Options - Terminal: panel title
-#: config.c:2979
+#: config.c:3136
 msgid "Terminal features"
 msgstr "端末設定"
 
 #. __ Options - Terminal:
-#: config.c:2983
+#: config.c:3140
 msgid "&Type"
 msgstr "タイプ(&T)"
 
 #. __ Options - Terminal:
-#: config.c:2987
+#: config.c:3144
 msgid "&Answerback"
 msgstr "応答(&A)"
 
 #. __ Options - Terminal: section title
-#: config.c:2992
+#: config.c:3149
 msgid "Bell"
 msgstr "ベル"
 
 #. __ Options - Terminal: bell
-#: config.c:2999
+#: config.c:3156
 msgid "â–º &Play"
 msgstr "► �生(&P)"
 
 #. __ Options - Terminal: bell
-#: config.c:3005
+#: config.c:3162
 msgid "&Wave"
 msgstr "音声(&S)"
 
 #. __ Options - Terminal: bell
-#: config.c:3027 config.c:3040
+#: config.c:3184 config.c:3197
 msgid "&Flash"
 msgstr "点滅(&F)"
 
 #. __ Options - Terminal: bell
-#: config.c:3029 config.c:3044
+#: config.c:3186 config.c:3201
 msgid "&Highlight in taskbar"
 msgstr "タスク�ー�強調表示(&H)"
 
 #. __ Options - Terminal: bell
-#: config.c:3031 config.c:3048
+#: config.c:3188 config.c:3205
 msgid "&Popup"
 msgstr "�ップアップ(&P)"
 
 #. __ Options - Terminal: section title
-#: config.c:3053
+#: config.c:3210
 msgid "Printer"
 msgstr "プリンター"
 
 #. __ Options - Terminal:
-#: config.c:3068
+#: config.c:3225
 msgid "Prompt about running processes on &close"
 msgstr "クローズ時�動作中�プロセス��る�尋�る(&C)"
 
-#: textprint.c:37 textprint.c:101
+#: textprint.c:37 textprint.c:115
 msgid "[Printing...] "
 msgstr "[�刷中...] "
 
@@ -826,176 +836,216 @@ msgstr "121"
 msgid "Error"
 msgstr "エラー"
 
-#. __ Context menu, session switcher ("virtual tabs")
-#: wininput.c:153
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
 msgid "Session switcher"
 msgstr "セッション切り替�"
 
-#. __ Context menu, session launcher ("virtual tabs")
-#: wininput.c:254
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
 msgid "Session launcher"
 msgstr "セッション立�上�"
 
-#: wininput.c:357 wininput.c:363
+#: wininput.c:401 wininput.c:407
 msgid "Ctrl+"
 msgstr "Ctrl+"
 
-#: wininput.c:358 wininput.c:364
+#: wininput.c:402 wininput.c:408
 msgid "Alt+"
 msgstr "Alt+"
 
-#: wininput.c:359 wininput.c:365
+#: wininput.c:403 wininput.c:409
 msgid "Shift+"
 msgstr "Shift+"
 
 #. __ System menu:
-#: wininput.c:390
+#: wininput.c:434
 msgid "&Restore"
 msgstr "元�サイズ�戻�(&R)"
 
 #. __ System menu:
-#: wininput.c:392
+#: wininput.c:436
 msgid "&Move"
 msgstr "移動(&M)"
 
 #. __ System menu:
-#: wininput.c:394
+#: wininput.c:438
 msgid "&Size"
 msgstr "サイズ変更(&S)"
 
 #. __ System menu:
-#: wininput.c:396
+#: wininput.c:440
 msgid "Mi&nimize"
 msgstr "最�化(&N)"
 
 #. __ System menu:
-#: wininput.c:398
+#: wininput.c:442
 msgid "Ma&ximize"
 msgstr "最大化(&X)"
 
 #. __ System menu:
-#: wininput.c:400
+#: wininput.c:444
 msgid "&Close"
 msgstr "閉�る(&C)"
 
 #. __ System menu:
-#: wininput.c:405
+#: wininput.c:449
 msgid "Ne&w"
 msgstr "新�(&W)"
 
 #. __ Context menu:
-#: wininput.c:412
+#: wininput.c:456
 msgid "&Copy"
 msgstr "コピー(&C)"
 
 #. __ Context menu:
-#: wininput.c:422
+#: wininput.c:473
 msgid "&Paste "
 msgstr "ペースト(&P)"
 
 #. __ Context menu:
-#: wininput.c:427
+#: wininput.c:478
 msgid "Copy → Paste"
 msgstr "コピー → ペースト"
 
 #. __ Context menu:
-#: wininput.c:432
+#: wininput.c:483
 msgid "S&earch"
 msgstr "検索(&E)"
 
 #. __ Context menu:
-#: wininput.c:439
+#: wininput.c:490
 msgid "&Log to File"
 msgstr "ログをファイル�出力(&L)"
 
 #. __ Context menu:
-#: wininput.c:445
+#: wininput.c:496
 msgid "Character &Info"
 msgstr "文字情報(&I)"
 
 #. __ Context menu:
-#: wininput.c:450
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr "VT220キーボード"
+
+#. __ Context menu:
+#: wininput.c:507
 msgid "&Reset"
 msgstr "リセット(&R)"
 
 #. __ Context menu:
-#: wininput.c:458
+#: wininput.c:515
 msgid "&Default Size"
 msgstr "既定�サイズ(&D)"
 
 #. __ Context menu:
-#: wininput.c:464
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr "スクロール�ー(&B)"
+
+#. __ Context menu:
+#: wininput.c:531
 msgid "&Full Screen"
 msgstr "全画�(&F)"
 
 #. __ Context menu:
-#: wininput.c:470
+#: wininput.c:537
 msgid "Flip &Screen"
 msgstr "スクリーン切り替�(&S)"
 
 #. __ System menu:
-#: wininput.c:480 wininput.c:559
+#: wininput.c:547 wininput.c:697
 msgid "Copy &Title"
 msgstr "タイトルをコピー(&T)"
 
 #. __ System menu:
 #. __ Context menu:
 #. __ System menu:
-#: wininput.c:482 wininput.c:547 wininput.c:561
+#: wininput.c:549 wininput.c:681 wininput.c:699
 msgid "&Options..."
 msgstr "オプション(&O)..."
 
-#. __ Context menu, user commands
-#: wininput.c:493
-msgid "User commands"
-msgstr "ユーザーコマンド"
-
 #. __ Context menu:
-#: wininput.c:510
+#: wininput.c:624
 msgid "Ope&n"
 msgstr "開�(&N)"
 
 #. __ Context menu:
-#: wininput.c:518
+#: wininput.c:629
+msgid "Copy as text"
+msgstr "テキスト���コピー"
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr "RTF���コピー"
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr "HTMLテキスト���コピー"
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr "HTML���コピー"
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr "完全�HTML���コピー"
+
+#. __ Context menu:
+#: wininput.c:644
 msgid "Select &All"
 msgstr "���を�択(&A)"
 
-#. __ Context menu:
-#: wininput.c:528
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr "HTML画�ダンプ"
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
 msgid "Clear Scrollback"
 msgstr "スクロール�ックをクリア"
 
-#. __ Context menu:
-#: wininput.c:537
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
 msgid "Send Break"
 msgstr "Breakを�信"
 
-#: winmain.c:1778
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr "ユーザーコマンド"
+
+#: winmain.c:2065
 msgid "Processes are running in session:"
 msgstr "セッション�プロセス�動作中��:"
 
-#: winmain.c:1779
+#: winmain.c:2066
 msgid "Close anyway?"
 msgstr "構��閉����？"
 
-#: winmain.c:2479
+#: winmain.c:2184
 msgid "Try '--help' for more information"
 msgstr "�ら�る情報�� '--help' を試������"
 
-#: winmain.c:2487
+#: winmain.c:2192
 msgid "Could not load icon"
 msgstr "アイコンをロード����ん"
 
-#: winmain.c:3109
+#: winmain.c:3598
 msgid "Usage:"
 msgstr "使用法:"
 
-#: winmain.c:3110
+#: winmain.c:3599
 msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
 msgstr "[オプション]... [ プログラム [引数]... | - ]"
 
 #. __ help text (output of -H / --help), after initial line ("synopsis")
-#: winmain.c:3113
+#: winmain.c:3602
 msgid ""
 "Start a new terminal session running the specified program or the user's "
 "shell.\n"
@@ -1064,39 +1114,39 @@ msgstr ""
 "�ら�るコマンドラインオプション�設定�����マニュアルページを�照���"
 "���。\n"
 
-#: winmain.c:3270 winmain.c:3333
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "WSL distribution '%s' not found"
 msgstr "WSL ディストリビューション '%s' �見��り��ん"
 
-#: winmain.c:3361
+#: winmain.c:3904
 msgid "Duplicate option '%s'"
 msgstr "オプション��複����� '%s'"
 
-#: winmain.c:3369
+#: winmain.c:3912
 msgid "Unknown option '%s'"
 msgstr "未知�オプション�� '%s'"
 
-#: winmain.c:3371
+#: winmain.c:3914
 msgid "Option '%s' requires an argument"
 msgstr "オプション '%s' �引数�必���"
 
-#: winmain.c:3398
+#: winmain.c:3941
 msgid "Syntax error in position argument '%s'"
 msgstr "position引数�文法エラー��り�� '%s'"
 
-#: winmain.c:3409
+#: winmain.c:3952
 msgid "Syntax error in size argument '%s'"
 msgstr "size引数�文法エラー��り�� '%s'"
 
-#: winmain.c:3533
+#: winmain.c:4083
 msgid "Syntax error in geometry argument '%s'"
 msgstr "geometry引数�文法エラー��り�� '%s'"
 
-#: winmain.c:3607
+#: winmain.c:4158
 msgid "Mintty could not detach from caller, starting anyway"
 msgstr "mintty�呼�出�元�らデタッ�����ん�����起動���"
 
-#: winmain.c:3792
+#: winmain.c:4396
 msgid "Using default title due to invalid characters in program name"
 msgstr "プログラム���正�文字��る��既定�タイトルを使用���"
 
@@ -1115,34 +1165,34 @@ msgstr "â—€"
 msgid "â–¶"
 msgstr "â–¶"
 
-#. __ Options - Text: font properties information ("leading" ("ledding"): add. row spacing)
-#: wintext.c:139
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
 msgid "Leading: %d, Bold: %s, Underline: %s"
 msgstr "レディング: %d�ボールド: %s�下線: %s"
 
 #. __ Options - Text: font properties: value taken from font
-#: wintext.c:141
+#: wintext.c:143
 msgid "font"
 msgstr "フォント"
 
 #. __ Options - Text: font properties: value affected by option
-#: wintext.c:143
+#: wintext.c:145
 msgid "manual"
 msgstr "手動"
 
-#: wintext.c:387
+#: wintext.c:400
 msgid "Font not found, using system substitute"
 msgstr "フォント�見��り��ん�システム�代替を利用���"
 
-#: wintext.c:394
+#: wintext.c:407
 msgid "Font has limited support for character ranges"
 msgstr "フォント�文字�範囲�����定的�対応���り��ん"
 
-#: wintext.c:500
+#: wintext.c:512
 msgid "Font installation corrupt, using system substitute"
 msgstr "フォント�インストール�壊れ�����システム�代替を利用���"
 
-#: wintext.c:513
+#: wintext.c:525
 msgid "Font does not support system locale"
 msgstr "フォント�システムロケール�対応�����ん"
 
diff --git a/msys2/usr/share/mintty/lang/messages.pot b/msys2/usr/share/mintty/lang/messages.pot
index 2af6a2de6..8a97266d9 100644
--- a/msys2/usr/share/mintty/lang/messages.pot
+++ b/msys2/usr/share/mintty/lang/messages.pot
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: mintty\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-04-11 18:11+0200\n"
+"POT-Creation-Date: 2019-03-28 19:07+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -17,239 +17,239 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: charset.c:213 charset.c:224 winmain.c:3270 winmain.c:3333
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "(Default)"
 msgstr ""
 
-#: charset.c:235
+#: charset.c:253
 msgid "(OEM codepage)"
 msgstr ""
 
-#: charset.c:239
+#: charset.c:257
 msgid "(ANSI codepage)"
 msgstr ""
 
-#: child.c:78
+#: child.c:82
 msgid "There are no available terminals"
 msgstr ""
 
-#: child.c:153
+#: child.c:157
 msgid "Error: Could not open log file"
 msgstr ""
 
-#: child.c:225
+#: child.c:229
 msgid "Error: Could not fork child process"
 msgstr ""
 
-#: child.c:227
+#: child.c:231
 msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
 msgstr ""
 
 #. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
-#: child.c:305
+#: child.c:309
 msgid "Failed to run '%s': %s"
 msgstr ""
 
 #. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
-#: child.c:422
+#: child.c:426
 msgid "%s: Exit %i"
 msgstr ""
 
 #. __ default inline notification if ExitWrite=yes
-#: child.c:429
+#: child.c:433
 msgid "TERMINATED"
 msgstr ""
 
-#: child.c:836
+#: child.c:984
 msgid "Error: Could not fork child daemon"
 msgstr ""
 
 #. __ %s: unknown option name
-#: config.c:552
+#: config.c:603
 msgid "Ignoring unknown option '%s'"
 msgstr ""
 
-#: config.c:597 config.c:626
+#: config.c:648 config.c:677
 msgid "Internal error: too many options"
 msgstr ""
 
-#: config.c:613
+#: config.c:664
 msgid "Internal error: too many options/comments"
 msgstr ""
 
 #. __ %2$s: option name, %1$s: invalid value
-#: config.c:748
+#: config.c:810
 msgid "Ignoring invalid value '%s' for option '%s'"
 msgstr ""
 
 #. __ %s: option name
-#: config.c:759
+#: config.c:822
 msgid "Ignoring option '%s' with missing value"
 msgstr ""
 
 #. __ %1$s: config file name, %2$s: error message
-#: config.c:1362
+#: config.c:1443
 msgid ""
 "Could not save options to '%s':\n"
 "%s."
 msgstr ""
 
-#: config.c:1679
+#: config.c:1762
 msgid "â—‡ None (printing disabled) â—‡"
 msgstr ""
 
-#: config.c:1681
+#: config.c:1764
 msgid "â—† Default printer â—†"
 msgstr ""
 
 #. __ UI language
-#: config.c:1790
+#: config.c:1873
 msgid "– None –"
 msgstr ""
 
-#: config.c:1791
+#: config.c:1874
 msgid "@ Windows language @"
 msgstr ""
 
-#: config.c:1792
+#: config.c:1875
 msgid "* Locale environm. *"
 msgstr ""
 
-#: config.c:1793
+#: config.c:1876
 msgid "= cfg. Text Locale ="
 msgstr ""
 
-#: config.c:1856
+#: config.c:1939
 msgid "simple beep"
 msgstr ""
 
-#: config.c:1857
+#: config.c:1940
 msgid "no beep"
 msgstr ""
 
-#: config.c:1858
+#: config.c:1941
 msgid "Default Beep"
 msgstr ""
 
-#: config.c:1859
+#: config.c:1942
 msgid "Critical Stop"
 msgstr ""
 
-#: config.c:1860
+#: config.c:1943
 msgid "Question"
 msgstr ""
 
-#: config.c:1861
+#: config.c:1944
 msgid "Exclamation"
 msgstr ""
 
-#: config.c:1862
+#: config.c:1945
 msgid "Asterisk"
 msgstr ""
 
-#: config.c:1905
+#: config.c:1988
 msgid "â—‡ None (system sound) â—‡"
 msgstr ""
 
 #. __ terminal theme / colour scheme
-#: config.c:2036
+#: config.c:2119
 msgid "â—‡ None â—‡"
 msgstr ""
 
 #. __ indicator of unsaved downloaded colour scheme
-#: config.c:2039
+#: config.c:2122
 msgid "downloaded / give me a name!"
 msgstr ""
 
-#: config.c:2128
+#: config.c:2211
 msgid "Could not load web theme"
 msgstr ""
 
-#: config.c:2177
+#: config.c:2260
 msgid "Cannot write theme file"
 msgstr ""
 
-#: config.c:2182
+#: config.c:2265
 msgid "Cannot store theme file"
 msgstr ""
 
 #. __ Dialog button - show About text
-#: config.c:2542
+#: config.c:2641
 msgid "About..."
 msgstr ""
 
 #. __ Dialog button - save changes
-#: config.c:2545
+#: config.c:2644
 msgid "Save"
 msgstr ""
 
 #. __ Dialog button - cancel
-#: config.c:2549 winctrls.c:1143 windialog.c:782
+#: config.c:2648 winctrls.c:1143 windialog.c:782
 msgid "Cancel"
 msgstr ""
 
 #. __ Dialog button - apply changes
-#: config.c:2553
+#: config.c:2652
 msgid "Apply"
 msgstr ""
 
 #. __ Dialog button - take notice
-#: config.c:2557 windialog.c:779
+#: config.c:2656 windialog.c:779
 msgid "I see"
 msgstr ""
 
 #. __ Dialog button - confirm action
-#: config.c:2559 winctrls.c:1142 windialog.c:781
+#: config.c:2658 winctrls.c:1142 windialog.c:781
 msgid "OK"
 msgstr ""
 
 #. __ Options - Looks: treeview label
-#: config.c:2566 config.c:2597 config.c:2638
+#: config.c:2665 config.c:2696 config.c:2737
 msgid "Looks"
 msgstr ""
 
 #. __ Options - Looks: panel title
-#: config.c:2568
+#: config.c:2667
 msgid "Looks in Terminal"
 msgstr ""
 
 #. __ Options - Looks: section title
-#: config.c:2570
+#: config.c:2669
 msgid "Colours"
 msgstr ""
 
 #. __ Options - Looks:
-#: config.c:2574
+#: config.c:2673
 msgid "&Foreground..."
 msgstr ""
 
 #. __ Options - Looks:
-#: config.c:2578
+#: config.c:2677
 msgid "&Background..."
 msgstr ""
 
 #. __ Options - Looks:
-#: config.c:2582
+#: config.c:2681
 msgid "&Cursor..."
 msgstr ""
 
 #. __ Options - Looks:
-#: config.c:2586
+#: config.c:2685
 msgid "&Theme"
 msgstr ""
 
 #. __ Options - Looks: name of web service
-#: config.c:2591
+#: config.c:2690
 msgid "Color Scheme Designer"
 msgstr ""
 
 #. __ Options - Looks: store colour scheme
-#: config.c:2594 winctrls.c:381
+#: config.c:2693 winctrls.c:381
 msgid "Store"
 msgstr ""
 
 #. __ Options - Looks: section title
-#: config.c:2599
+#: config.c:2698
 msgid "Transparency"
 msgstr ""
 
@@ -257,447 +257,457 @@ msgstr ""
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2605 config.c:2815 config.c:2899 config.c:2956
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
 msgid "&Off"
 msgstr ""
 
 #. __ Options - Looks: transparency
-#: config.c:2607
+#: config.c:2706
 msgid "&Low"
 msgstr ""
 
 #. __ Options - Looks: transparency, short form of radio button label "Medium"
-#: config.c:2609
+#: config.c:2708
 msgid "&Med."
 msgstr ""
 
 #. __ Options - Looks: transparency
-#: config.c:2611
+#: config.c:2710
 msgid "&Medium"
 msgstr ""
 
 #. __ Options - Looks: transparency
-#: config.c:2613
+#: config.c:2712
 msgid "&High"
 msgstr ""
 
 #. __ Options - Looks: transparency
-#: config.c:2615
+#: config.c:2714
 msgid "Gla&ss"
 msgstr ""
 
 #. __ Options - Looks: transparency
-#: config.c:2622 config.c:2633
+#: config.c:2721 config.c:2732
 msgid "Opa&que when focused"
 msgstr ""
 
 #. __ Options - Looks: transparency
-#: config.c:2627
+#: config.c:2726
 msgid "Blu&r"
 msgstr ""
 
 #. __ Options - Looks: section title
-#: config.c:2640
+#: config.c:2739
 msgid "Cursor"
 msgstr ""
 
 #. __ Options - Looks: cursor type
-#: config.c:2645
+#: config.c:2744
 msgid "Li&ne"
 msgstr ""
 
 #. __ Options - Looks: cursor type
-#: config.c:2647
+#: config.c:2746
 msgid "Bloc&k"
 msgstr ""
 
 #. __ Options - Looks: cursor type
-#: config.c:2649
+#: config.c:2748
 msgid "&Underscore"
 msgstr ""
 
 #. __ Options - Looks: cursor feature
-#: config.c:2654
+#: config.c:2753
 msgid "Blinkin&g"
 msgstr ""
 
 #. __ Options - Text: treeview label
-#: config.c:2661 config.c:2683 config.c:2701 config.c:2735
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
 msgid "Text"
 msgstr ""
 
 #. __ Options - Text: panel title
-#: config.c:2663
+#: config.c:2762
 msgid "Text and Font properties"
 msgstr ""
 
 #. __ Options - Text: section title
-#: config.c:2665
+#: config.c:2764
 msgid "Font"
 msgstr ""
 
 #. __ Options - Text:
 #. __ Font chooser:
-#: config.c:2673 winctrls.c:1153
+#: config.c:2772 winctrls.c:1153
 msgid "Font st&yle:"
 msgstr ""
 
 #. __ Font chooser:
-#: config.c:2678 winctrls.c:1155
+#: config.c:2777 winctrls.c:1155
 msgid "&Size:"
 msgstr ""
 
 #. __ Options - Text:
-#: config.c:2687 config.c:2720
+#: config.c:2786 config.c:2819
 msgid "Sho&w bold as font"
 msgstr ""
 
 #. __ Options - Text:
-#: config.c:2692 config.c:2725
+#: config.c:2791 config.c:2824
 msgid "Show &bold as colour"
 msgstr ""
 
 #. __ Options - Text:
-#: config.c:2705
+#: config.c:2804
 msgid "Font smoothing"
 msgstr ""
 
 #. __ Options - Text:
-#: config.c:2708
+#: config.c:2807 config.c:2951 config.c:2984
 msgid "&Default"
 msgstr ""
 
 #. __ Options - Text:
 #. __ Options - Window: scrollbar
-#: config.c:2710 config.c:2940
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
 msgid "&None"
 msgstr ""
 
 #. __ Options - Text:
-#: config.c:2712
+#: config.c:2811 config.c:2950 config.c:2983
 msgid "&Partial"
 msgstr ""
 
 #. __ Options - Text:
-#: config.c:2714
+#: config.c:2813 config.c:2952 config.c:2985
 msgid "&Full"
 msgstr ""
 
 #. __ Options - Text:
-#: config.c:2730
+#: config.c:2829
 msgid "&Allow blinking"
 msgstr ""
 
-#: config.c:2738
+#: config.c:2837
 msgid "&Locale"
 msgstr ""
 
-#: config.c:2741
+#: config.c:2840
 msgid "&Character set"
 msgstr ""
 
 #. __ Options - Keys: treeview label
-#: config.c:2748 config.c:2768 config.c:2802
+#: config.c:2847 config.c:2867 config.c:2901
 msgid "Keys"
 msgstr ""
 
 #. __ Options - Keys: panel title
-#: config.c:2750
+#: config.c:2849
 msgid "Keyboard features"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2754
+#: config.c:2853
 msgid "&Backarrow sends ^H"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2759
+#: config.c:2858
 msgid "&Delete sends DEL"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2764
+#: config.c:2863
 msgid "Ctrl+LeftAlt is Alt&Gr"
 msgstr ""
 
 #. __ Options - Keys: section title
-#: config.c:2770
+#: config.c:2869
 msgid "Shortcuts"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2773
+#: config.c:2872
 msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2778
+#: config.c:2877
 msgid "&Menu and Full Screen (Alt+Space/Enter)"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2783
+#: config.c:2882
 msgid "&Switch window (Ctrl+[Shift+]Tab)"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2788
+#: config.c:2887
 msgid "&Zoom (Ctrl+plus/minus/zero)"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2793
+#: config.c:2892
 msgid "&Alt+Fn shortcuts"
 msgstr ""
 
 #. __ Options - Keys:
-#: config.c:2798
+#: config.c:2897
 msgid "&Ctrl+Shift+letter shortcuts"
 msgstr ""
 
 #. __ Options - Keys: section title
-#: config.c:2804
+#: config.c:2903
 msgid "Compose key"
 msgstr ""
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2809 config.c:2893 config.c:2950
+#: config.c:2908 config.c:3046 config.c:3105
 msgid "&Shift"
 msgstr ""
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2811 config.c:2895 config.c:2952
+#: config.c:2910 config.c:3048 config.c:3107
 msgid "&Ctrl"
 msgstr ""
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2813 config.c:2897 config.c:2954
+#: config.c:2912 config.c:3050 config.c:3109
 msgid "&Alt"
 msgstr ""
 
 #. __ Options - Mouse: treeview label
-#: config.c:2823 config.c:2843 config.c:2875
+#: config.c:2922 config.c:2996 config.c:3028
 msgid "Mouse"
 msgstr ""
 
 #. __ Options - Mouse: panel title
-#: config.c:2825
+#: config.c:2924
 msgid "Mouse functions"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2829
+#: config.c:2929 config.c:2957 config.c:2968
 msgid "Cop&y on select"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2834
+#: config.c:2934 config.c:2962 config.c:2973
 msgid "Copy as &rich text"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2839
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr ""
+
+#. __ Options - Mouse:
+#: config.c:2992
 msgid "Clic&ks place command line cursor"
 msgstr ""
 
 #. __ Options - Mouse: section title
-#: config.c:2845
+#: config.c:2998
 msgid "Click actions"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2848
+#: config.c:3001
 msgid "Right mouse button"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2851 config.c:2865
+#: config.c:3004 config.c:3018
 msgid "&Paste"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2853 config.c:2867
+#: config.c:3006 config.c:3020
 msgid "E&xtend"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2855
+#: config.c:3008
 msgid "&Menu"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2857 config.c:2871
+#: config.c:3010 config.c:3024
 msgid "Ente&r"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2862
+#: config.c:3015
 msgid "Middle mouse button"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2869
+#: config.c:3022
 msgid "&Nothing"
 msgstr ""
 
 #. __ Options - Mouse: section title
-#: config.c:2877
+#: config.c:3030
 msgid "Application mouse mode"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2880
+#: config.c:3033
 msgid "Default click target"
 msgstr ""
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2883
+#: config.c:3036
 msgid "&Window"
 msgstr ""
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2885
+#: config.c:3038
 msgid "&Application"
 msgstr ""
 
 #. __ Options - Mouse:
-#: config.c:2890
+#: config.c:3043
 msgid "Modifier for overriding default"
 msgstr ""
 
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr ""
+
 #. __ Options - Window: treeview label
-#: config.c:2907 config.c:2926 config.c:2965
+#: config.c:3062 config.c:3081 config.c:3122
 msgid "Window"
 msgstr ""
 
 #. __ Options - Window: panel title
-#: config.c:2909
+#: config.c:3064
 msgid "Window properties"
 msgstr ""
 
 #. __ Options - Window: section title
-#: config.c:2911
+#: config.c:3066
 msgid "Default size"
 msgstr ""
 
 #. __ Options - Window:
-#: config.c:2915
+#: config.c:3070
 msgid "Colu&mns"
 msgstr ""
 
 #. __ Options - Window:
-#: config.c:2919
+#: config.c:3074
 msgid "Ro&ws"
 msgstr ""
 
 #. __ Options - Window:
-#: config.c:2923
+#: config.c:3078
 msgid "C&urrent size"
 msgstr ""
 
 #. __ Options - Window:
-#: config.c:2930
+#: config.c:3085
 msgid "Scroll&back lines"
 msgstr ""
 
 #. __ Options - Window:
-#: config.c:2935
+#: config.c:3090
 msgid "Scrollbar"
 msgstr ""
 
 #. __ Options - Window: scrollbar
-#: config.c:2938
+#: config.c:3093
 msgid "&Left"
 msgstr ""
 
 #. __ Options - Window: scrollbar
-#: config.c:2942
+#: config.c:3097
 msgid "&Right"
 msgstr ""
 
 #. __ Options - Window:
-#: config.c:2947
+#: config.c:3102
 msgid "Modifier for scrolling"
 msgstr ""
 
 #. __ Options - Window:
-#: config.c:2961
+#: config.c:3118
 msgid "&PgUp and PgDn scroll without modifier"
 msgstr ""
 
 #. __ Options - Window: section title
-#: config.c:2967
+#: config.c:3124
 msgid "UI language"
 msgstr ""
 
 #. __ Options - Terminal: treeview label
-#: config.c:2977 config.c:2990 config.c:3051 config.c:3065
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
 msgid "Terminal"
 msgstr ""
 
 #. __ Options - Terminal: panel title
-#: config.c:2979
+#: config.c:3136
 msgid "Terminal features"
 msgstr ""
 
 #. __ Options - Terminal:
-#: config.c:2983
+#: config.c:3140
 msgid "&Type"
 msgstr ""
 
 #. __ Options - Terminal:
-#: config.c:2987
+#: config.c:3144
 msgid "&Answerback"
 msgstr ""
 
 #. __ Options - Terminal: section title
-#: config.c:2992
+#: config.c:3149
 msgid "Bell"
 msgstr ""
 
 #. __ Options - Terminal: bell
-#: config.c:2999
+#: config.c:3156
 msgid "â–º &Play"
 msgstr ""
 
 #. __ Options - Terminal: bell
-#: config.c:3005
+#: config.c:3162
 msgid "&Wave"
 msgstr ""
 
 #. __ Options - Terminal: bell
-#: config.c:3027 config.c:3040
+#: config.c:3184 config.c:3197
 msgid "&Flash"
 msgstr ""
 
 #. __ Options - Terminal: bell
-#: config.c:3029 config.c:3044
+#: config.c:3186 config.c:3201
 msgid "&Highlight in taskbar"
 msgstr ""
 
 #. __ Options - Terminal: bell
-#: config.c:3031 config.c:3048
+#: config.c:3188 config.c:3205
 msgid "&Popup"
 msgstr ""
 
 #. __ Options - Terminal: section title
-#: config.c:3053
+#: config.c:3210
 msgid "Printer"
 msgstr ""
 
 #. __ Options - Terminal:
-#: config.c:3068
+#: config.c:3225
 msgid "Prompt about running processes on &close"
 msgstr ""
 
-#: textprint.c:37 textprint.c:101
+#: textprint.c:37 textprint.c:115
 msgid "[Printing...] "
 msgstr ""
 
@@ -825,176 +835,216 @@ msgstr ""
 msgid "Error"
 msgstr ""
 
-#. __ Context menu, session switcher ("virtual tabs")
-#: wininput.c:153
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
 msgid "Session switcher"
 msgstr ""
 
-#. __ Context menu, session launcher ("virtual tabs")
-#: wininput.c:254
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
 msgid "Session launcher"
 msgstr ""
 
-#: wininput.c:357 wininput.c:363
+#: wininput.c:401 wininput.c:407
 msgid "Ctrl+"
 msgstr ""
 
-#: wininput.c:358 wininput.c:364
+#: wininput.c:402 wininput.c:408
 msgid "Alt+"
 msgstr ""
 
-#: wininput.c:359 wininput.c:365
+#: wininput.c:403 wininput.c:409
 msgid "Shift+"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:390
+#: wininput.c:434
 msgid "&Restore"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:392
+#: wininput.c:436
 msgid "&Move"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:394
+#: wininput.c:438
 msgid "&Size"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:396
+#: wininput.c:440
 msgid "Mi&nimize"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:398
+#: wininput.c:442
 msgid "Ma&ximize"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:400
+#: wininput.c:444
 msgid "&Close"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:405
+#: wininput.c:449
 msgid "Ne&w"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:412
+#: wininput.c:456
 msgid "&Copy"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:422
+#: wininput.c:473
 msgid "&Paste "
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:427
+#: wininput.c:478
 msgid "Copy → Paste"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:432
+#: wininput.c:483
 msgid "S&earch"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:439
+#: wininput.c:490
 msgid "&Log to File"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:445
+#: wininput.c:496
 msgid "Character &Info"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:450
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr ""
+
+#. __ Context menu:
+#: wininput.c:507
 msgid "&Reset"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:458
+#: wininput.c:515
 msgid "&Default Size"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:464
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr ""
+
+#. __ Context menu:
+#: wininput.c:531
 msgid "&Full Screen"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:470
+#: wininput.c:537
 msgid "Flip &Screen"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:480 wininput.c:559
+#: wininput.c:547 wininput.c:697
 msgid "Copy &Title"
 msgstr ""
 
 #. __ System menu:
 #. __ Context menu:
 #. __ System menu:
-#: wininput.c:482 wininput.c:547 wininput.c:561
+#: wininput.c:549 wininput.c:681 wininput.c:699
 msgid "&Options..."
 msgstr ""
 
-#. __ Context menu, user commands
-#: wininput.c:493
-msgid "User commands"
-msgstr ""
-
 #. __ Context menu:
-#: wininput.c:510
+#: wininput.c:624
 msgid "Ope&n"
 msgstr ""
 
 #. __ Context menu:
-#: wininput.c:518
+#: wininput.c:629
+msgid "Copy as text"
+msgstr ""
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr ""
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr ""
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr ""
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr ""
+
+#. __ Context menu:
+#: wininput.c:644
 msgid "Select &All"
 msgstr ""
 
-#. __ Context menu:
-#: wininput.c:528
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr ""
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
 msgid "Clear Scrollback"
 msgstr ""
 
-#. __ Context menu:
-#: wininput.c:537
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
 msgid "Send Break"
 msgstr ""
 
-#: winmain.c:1778
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr ""
+
+#: winmain.c:2065
 msgid "Processes are running in session:"
 msgstr ""
 
-#: winmain.c:1779
+#: winmain.c:2066
 msgid "Close anyway?"
 msgstr ""
 
-#: winmain.c:2479
+#: winmain.c:2184
 msgid "Try '--help' for more information"
 msgstr ""
 
-#: winmain.c:2487
+#: winmain.c:2192
 msgid "Could not load icon"
 msgstr ""
 
-#: winmain.c:3109
+#: winmain.c:3598
 msgid "Usage:"
 msgstr ""
 
-#: winmain.c:3110
+#: winmain.c:3599
 msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
 msgstr ""
 
 #. __ help text (output of -H / --help), after initial line ("synopsis")
-#: winmain.c:3113
+#: winmain.c:3602
 msgid ""
 "Start a new terminal session running the specified program or the user's "
 "shell.\n"
@@ -1027,39 +1077,39 @@ msgid ""
 "See manual page for further command line options and configuration.\n"
 msgstr ""
 
-#: winmain.c:3270 winmain.c:3333
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "WSL distribution '%s' not found"
 msgstr ""
 
-#: winmain.c:3361
+#: winmain.c:3904
 msgid "Duplicate option '%s'"
 msgstr ""
 
-#: winmain.c:3369
+#: winmain.c:3912
 msgid "Unknown option '%s'"
 msgstr ""
 
-#: winmain.c:3371
+#: winmain.c:3914
 msgid "Option '%s' requires an argument"
 msgstr ""
 
-#: winmain.c:3398
+#: winmain.c:3941
 msgid "Syntax error in position argument '%s'"
 msgstr ""
 
-#: winmain.c:3409
+#: winmain.c:3952
 msgid "Syntax error in size argument '%s'"
 msgstr ""
 
-#: winmain.c:3533
+#: winmain.c:4083
 msgid "Syntax error in geometry argument '%s'"
 msgstr ""
 
-#: winmain.c:3607
+#: winmain.c:4158
 msgid "Mintty could not detach from caller, starting anyway"
 msgstr ""
 
-#: winmain.c:3792
+#: winmain.c:4396
 msgid "Using default title due to invalid characters in program name"
 msgstr ""
 
@@ -1078,34 +1128,34 @@ msgstr ""
 msgid "â–¶"
 msgstr ""
 
-#. __ Options - Text: font properties information ("leading" ("ledding"): add. row spacing)
-#: wintext.c:139
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
 msgid "Leading: %d, Bold: %s, Underline: %s"
 msgstr ""
 
 #. __ Options - Text: font properties: value taken from font
-#: wintext.c:141
+#: wintext.c:143
 msgid "font"
 msgstr ""
 
 #. __ Options - Text: font properties: value affected by option
-#: wintext.c:143
+#: wintext.c:145
 msgid "manual"
 msgstr ""
 
-#: wintext.c:387
+#: wintext.c:400
 msgid "Font not found, using system substitute"
 msgstr ""
 
-#: wintext.c:394
+#: wintext.c:407
 msgid "Font has limited support for character ranges"
 msgstr ""
 
-#: wintext.c:500
+#: wintext.c:512
 msgid "Font installation corrupt, using system substitute"
 msgstr ""
 
-#: wintext.c:513
+#: wintext.c:525
 msgid "Font does not support system locale"
 msgstr ""
 
diff --git a/msys2/usr/share/mintty/lang/pt_BR.po b/msys2/usr/share/mintty/lang/pt_BR.po
new file mode 100644
index 000000000..d18f62794
--- /dev/null
+++ b/msys2/usr/share/mintty/lang/pt_BR.po
@@ -0,0 +1,1222 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the mintty package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: mintty\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-03-28 18:43+0100\n"
+"PO-Revision-Date: 2018-06-24 00:19-0300\n"
+"Last-Translator: \n"
+"Language-Team: \n"
+"Language: pt_BR\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Poedit 2.0.6\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
+msgid "(Default)"
+msgstr "(Padrão)"
+
+#: charset.c:253
+msgid "(OEM codepage)"
+msgstr "(Página de código OEM)"
+
+#: charset.c:257
+msgid "(ANSI codepage)"
+msgstr "(Página de código ANSI)"
+
+#: child.c:82
+msgid "There are no available terminals"
+msgstr "Não há terminais disponíveis"
+
+#: child.c:157
+msgid "Error: Could not open log file"
+msgstr "Erro: Não foi possível abrir o arquivo de log"
+
+#: child.c:229
+msgid "Error: Could not fork child process"
+msgstr "Erro: Não foi possível bifurcar o processo filho"
+
+#: child.c:231
+msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
+msgstr ""
+"Pode ser necessário um rebasing do DLL; veja 'rebaseall / rebase --help'"
+
+#. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
+#: child.c:309
+msgid "Failed to run '%s': %s"
+msgstr "Falha ao executar '%s': %s"
+
+#. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
+#: child.c:426
+msgid "%s: Exit %i"
+msgstr "%s: Saiu com código %i"
+
+#. __ default inline notification if ExitWrite=yes
+#: child.c:433
+msgid "TERMINATED"
+msgstr "FINALIZADO"
+
+#: child.c:984
+msgid "Error: Could not fork child daemon"
+msgstr "Erro: Não foi possível bifurcar o daemon filho"
+
+#. __ %s: unknown option name
+#: config.c:603
+msgid "Ignoring unknown option '%s'"
+msgstr "Ignorando opção desconhecida '%s'"
+
+#: config.c:648 config.c:677
+msgid "Internal error: too many options"
+msgstr "Erro interno: opções em excesso"
+
+#: config.c:664
+msgid "Internal error: too many options/comments"
+msgstr "Erro interno: opções/comentários em excesso"
+
+#. __ %2$s: option name, %1$s: invalid value
+#: config.c:810
+msgid "Ignoring invalid value '%s' for option '%s'"
+msgstr "Ignorando valor inválido '%s' para a opção '%s'"
+
+#. __ %s: option name
+#: config.c:822
+msgid "Ignoring option '%s' with missing value"
+msgstr "Ignorando opção '%s' com valor faltando"
+
+#. __ %1$s: config file name, %2$s: error message
+#: config.c:1443
+msgid ""
+"Could not save options to '%s':\n"
+"%s."
+msgstr ""
+"Não foi possível salvar as opções em '%s':\n"
+"%s."
+
+#: config.c:1762
+msgid "â—‡ None (printing disabled) â—‡"
+msgstr "◇ Nenhuma (impressão desativada) ◇"
+
+#: config.c:1764
+msgid "â—† Default printer â—†"
+msgstr "◆ Impressora padrão ◆"
+
+#. __ UI language
+#: config.c:1873
+msgid "– None –"
+msgstr "– Nenhuma –"
+
+#: config.c:1874
+msgid "@ Windows language @"
+msgstr "@ Idioma do Windows @"
+
+#: config.c:1875
+msgid "* Locale environm. *"
+msgstr "* Variável amb. de locale *"
+
+#: config.c:1876
+msgid "= cfg. Text Locale ="
+msgstr "= Cfg. de locale em Texto ="
+
+#: config.c:1939
+msgid "simple beep"
+msgstr "Bipe simples"
+
+#: config.c:1940
+msgid "no beep"
+msgstr "Sem bipe"
+
+#: config.c:1941
+msgid "Default Beep"
+msgstr "Bipe padrão"
+
+#: config.c:1942
+msgid "Critical Stop"
+msgstr "Parada crítica"
+
+#: config.c:1943
+msgid "Question"
+msgstr "Pergunta"
+
+#: config.c:1944
+msgid "Exclamation"
+msgstr "Exclamação"
+
+#: config.c:1945
+msgid "Asterisk"
+msgstr "Asterisco"
+
+#: config.c:1988
+msgid "â—‡ None (system sound) â—‡"
+msgstr "â—‡ Nenhum (som do sistema) â—‡"
+
+#. __ terminal theme / colour scheme
+#: config.c:2119
+msgid "â—‡ None â—‡"
+msgstr "â—‡ Nenhum â—‡"
+
+#. __ indicator of unsaved downloaded colour scheme
+#: config.c:2122
+msgid "downloaded / give me a name!"
+msgstr "baixado / me dê um nome!"
+
+#: config.c:2211
+msgid "Could not load web theme"
+msgstr "Não foi possível carregar o tema web"
+
+#: config.c:2260
+msgid "Cannot write theme file"
+msgstr "Não é possível gravar o tema web"
+
+#: config.c:2265
+msgid "Cannot store theme file"
+msgstr "Não é possível salvar o tema web"
+
+#. __ Dialog button - show About text
+#: config.c:2641
+msgid "About..."
+msgstr "Sobre..."
+
+#. __ Dialog button - save changes
+#: config.c:2644
+msgid "Save"
+msgstr "Salvar"
+
+#. __ Dialog button - cancel
+#: config.c:2648 winctrls.c:1143 windialog.c:782
+msgid "Cancel"
+msgstr "Cancelar"
+
+#. __ Dialog button - apply changes
+#: config.c:2652
+msgid "Apply"
+msgstr "Aplicar"
+
+#. __ Dialog button - take notice
+#: config.c:2656 windialog.c:779
+msgid "I see"
+msgstr "Entendi"
+
+#. __ Dialog button - confirm action
+#: config.c:2658 winctrls.c:1142 windialog.c:781
+msgid "OK"
+msgstr "OK"
+
+#. __ Options - Looks: treeview label
+#: config.c:2665 config.c:2696 config.c:2737
+msgid "Looks"
+msgstr "Aparência"
+
+#. __ Options - Looks: panel title
+#: config.c:2667
+msgid "Looks in Terminal"
+msgstr "Aparência no terminal"
+
+#. __ Options - Looks: section title
+#: config.c:2669
+msgid "Colours"
+msgstr "Cores"
+
+#. __ Options - Looks:
+#: config.c:2673
+msgid "&Foreground..."
+msgstr "&Prim. plano..."
+
+#. __ Options - Looks:
+#: config.c:2677
+msgid "&Background..."
+msgstr "&Fundo..."
+
+#. __ Options - Looks:
+#: config.c:2681
+msgid "&Cursor..."
+msgstr "&Cursor..."
+
+#. __ Options - Looks:
+#: config.c:2685
+msgid "&Theme"
+msgstr "&Tema"
+
+#. __ Options - Looks: name of web service
+#: config.c:2690
+msgid "Color Scheme Designer"
+msgstr "Criar esquema de cores"
+
+#. __ Options - Looks: store colour scheme
+#: config.c:2693 winctrls.c:381
+msgid "Store"
+msgstr "Salvar"
+
+#. __ Options - Looks: section title
+#: config.c:2698
+msgid "Transparency"
+msgstr "Transparência"
+
+#. __ Options - Looks: transparency
+#. __ Options - Keys:
+#. __ Options - Mouse:
+#. __ Options - Window:
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
+msgid "&Off"
+msgstr "&Desat."
+
+#. __ Options - Looks: transparency
+#: config.c:2706
+msgid "&Low"
+msgstr "&Baixa"
+
+#. __ Options - Looks: transparency, short form of radio button label "Medium"
+#: config.c:2708
+msgid "&Med."
+msgstr "&Méd."
+
+#. __ Options - Looks: transparency
+#: config.c:2710
+msgid "&Medium"
+msgstr "&Média"
+
+#. __ Options - Looks: transparency
+#: config.c:2712
+msgid "&High"
+msgstr "&Alta"
+
+#. __ Options - Looks: transparency
+#: config.c:2714
+msgid "Gla&ss"
+msgstr "&Vidro"
+
+#. __ Options - Looks: transparency
+#: config.c:2721 config.c:2732
+msgid "Opa&que when focused"
+msgstr "&Opaca quando em primeiro plano"
+
+#. __ Options - Looks: transparency
+#: config.c:2726
+msgid "Blu&r"
+msgstr "&Desfoque"
+
+#. __ Options - Looks: section title
+#: config.c:2739
+msgid "Cursor"
+msgstr "Cursor"
+
+#. __ Options - Looks: cursor type
+#: config.c:2744
+msgid "Li&ne"
+msgstr "L&inha"
+
+#. __ Options - Looks: cursor type
+#: config.c:2746
+msgid "Bloc&k"
+msgstr "Blo&co"
+
+#. __ Options - Looks: cursor type
+#: config.c:2748
+msgid "&Underscore"
+msgstr "&Sublinhado"
+
+#. __ Options - Looks: cursor feature
+#: config.c:2753
+msgid "Blinkin&g"
+msgstr "&Piscar"
+
+#. __ Options - Text: treeview label
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
+msgid "Text"
+msgstr "Texto"
+
+#. __ Options - Text: panel title
+#: config.c:2762
+msgid "Text and Font properties"
+msgstr "Propriedades de texto e fonte"
+
+#. __ Options - Text: section title
+#: config.c:2764
+msgid "Font"
+msgstr "Fonte"
+
+#. __ Options - Text:
+#. __ Font chooser:
+#: config.c:2772 winctrls.c:1153
+msgid "Font st&yle:"
+msgstr "E&stilo de fonte:"
+
+#. __ Font chooser:
+#: config.c:2777 winctrls.c:1155
+msgid "&Size:"
+msgstr "&Tamanho:"
+
+#. __ Options - Text:
+#: config.c:2786 config.c:2819
+msgid "Sho&w bold as font"
+msgstr "Most. n&eg. como fonte"
+
+#. __ Options - Text:
+#: config.c:2791 config.c:2824
+msgid "Show &bold as colour"
+msgstr "Most. ne&g. como cor"
+
+#. __ Options - Text:
+#: config.c:2804
+msgid "Font smoothing"
+msgstr "Suavização da fonte"
+
+#. __ Options - Text:
+#: config.c:2807 config.c:2951 config.c:2984
+msgid "&Default"
+msgstr "&Padrão"
+
+#. __ Options - Text:
+#. __ Options - Window: scrollbar
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
+msgid "&None"
+msgstr "&Desat."
+
+#. __ Options - Text:
+#: config.c:2811 config.c:2950 config.c:2983
+msgid "&Partial"
+msgstr "&Parcial"
+
+#. __ Options - Text:
+#: config.c:2813 config.c:2952 config.c:2985
+msgid "&Full"
+msgstr "&Total"
+
+#. __ Options - Text:
+#: config.c:2829
+msgid "&Allow blinking"
+msgstr "Pe&rmitir piscar"
+
+#: config.c:2837
+msgid "&Locale"
+msgstr "&Locale"
+
+#: config.c:2840
+msgid "&Character set"
+msgstr "&Conjunto de caracteres"
+
+#. __ Options - Keys: treeview label
+#: config.c:2847 config.c:2867 config.c:2901
+msgid "Keys"
+msgstr "Teclado"
+
+#. __ Options - Keys: panel title
+#: config.c:2849
+msgid "Keyboard features"
+msgstr "Funcionalidades do teclado"
+
+#. __ Options - Keys:
+#: config.c:2853
+msgid "&Backarrow sends ^H"
+msgstr "&Backspace envia ^H"
+
+#. __ Options - Keys:
+#: config.c:2858
+msgid "&Delete sends DEL"
+msgstr "&Delete envia DEL"
+
+#. __ Options - Keys:
+#: config.c:2863
+msgid "Ctrl+LeftAlt is Alt&Gr"
+msgstr "Ctrl+AltEsq. vira Alt&Gr"
+
+#. __ Options - Keys: section title
+#: config.c:2869
+msgid "Shortcuts"
+msgstr "Atalhos"
+
+#. __ Options - Keys:
+#: config.c:2872
+msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
+msgstr "C&opiar e colar (Ctrl/Shift+Ins)"
+
+#. __ Options - Keys:
+#: config.c:2877
+msgid "&Menu and Full Screen (Alt+Space/Enter)"
+msgstr "&Menu e tela cheia (Alt+Space/Enter)"
+
+#. __ Options - Keys:
+#: config.c:2882
+msgid "&Switch window (Ctrl+[Shift+]Tab)"
+msgstr "&Trocar janela (Ctrl+[Shift+]Tab)"
+
+#. __ Options - Keys:
+#: config.c:2887
+msgid "&Zoom (Ctrl+plus/minus/zero)"
+msgstr "&Zoom (Ctrl+mais/menos/zero)"
+
+#. __ Options - Keys:
+#: config.c:2892
+msgid "&Alt+Fn shortcuts"
+msgstr "Atalhos &Alt+Fn"
+
+#. __ Options - Keys:
+#: config.c:2897
+msgid "&Ctrl+Shift+letter shortcuts"
+msgstr "Atalhos &Ctrl+Shift+letra"
+
+#. __ Options - Keys: section title
+#: config.c:2903
+msgid "Compose key"
+msgstr "Tecla de composição"
+
+#. __ Options - Keys:
+#. __ Options - Mouse:
+#. __ Options - Window:
+#: config.c:2908 config.c:3046 config.c:3105
+msgid "&Shift"
+msgstr "&Shift"
+
+#. __ Options - Keys:
+#. __ Options - Mouse:
+#. __ Options - Window:
+#: config.c:2910 config.c:3048 config.c:3107
+msgid "&Ctrl"
+msgstr "Ct&rl"
+
+#. __ Options - Keys:
+#. __ Options - Mouse:
+#. __ Options - Window:
+#: config.c:2912 config.c:3050 config.c:3109
+msgid "&Alt"
+msgstr "A&lt"
+
+#. __ Options - Mouse: treeview label
+#: config.c:2922 config.c:2996 config.c:3028
+msgid "Mouse"
+msgstr "Mouse"
+
+#. __ Options - Mouse: panel title
+#: config.c:2924
+msgid "Mouse functions"
+msgstr "Funções do mouse"
+
+#. __ Options - Mouse:
+#: config.c:2929 config.c:2957 config.c:2968
+msgid "Cop&y on select"
+msgstr "&Copiar ao selecionar"
+
+#. __ Options - Mouse:
+#: config.c:2934 config.c:2962 config.c:2973
+msgid "Copy as &rich text"
+msgstr "Cop. como texto &rico"
+
+#. __ Options - Mouse:
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr "Copiar como &HTML"
+
+#. __ Options - Mouse:
+#: config.c:2992
+msgid "Clic&ks place command line cursor"
+msgstr "Cliques &posicionam o cursor na linha de com."
+
+#. __ Options - Mouse: section title
+#: config.c:2998
+msgid "Click actions"
+msgstr "Ações de clique"
+
+#. __ Options - Mouse:
+#: config.c:3001
+msgid "Right mouse button"
+msgstr "Botão direito do mouse"
+
+#. __ Options - Mouse:
+#: config.c:3004 config.c:3018
+msgid "&Paste"
+msgstr "C&olar"
+
+#. __ Options - Mouse:
+#: config.c:3006 config.c:3020
+msgid "E&xtend"
+msgstr "E&stender"
+
+#. __ Options - Mouse:
+#: config.c:3008
+msgid "&Menu"
+msgstr "&Menu"
+
+#. __ Options - Mouse:
+#: config.c:3010 config.c:3024
+msgid "Ente&r"
+msgstr "Ente&r"
+
+#. __ Options - Mouse:
+#: config.c:3015
+msgid "Middle mouse button"
+msgstr "Botão do meio do mouse"
+
+#. __ Options - Mouse:
+#: config.c:3022
+msgid "&Nothing"
+msgstr "&Nada"
+
+#. __ Options - Mouse: section title
+#: config.c:3030
+msgid "Application mouse mode"
+msgstr "Modo de mouse de aplicativo"
+
+#. __ Options - Mouse:
+#: config.c:3033
+msgid "Default click target"
+msgstr "Alvo padrão do clique"
+
+#. __ Options - Mouse: application mouse mode click target
+#: config.c:3036
+msgid "&Window"
+msgstr "&Janela"
+
+#. __ Options - Mouse: application mouse mode click target
+#: config.c:3038
+msgid "&Application"
+msgstr "&Aplicativo"
+
+#. __ Options - Mouse:
+#: config.c:3043
+msgid "Modifier for overriding default"
+msgstr "Modificador para sobrescrever o padrão"
+
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr ""
+
+#. __ Options - Window: treeview label
+#: config.c:3062 config.c:3081 config.c:3122
+msgid "Window"
+msgstr "Janela"
+
+#. __ Options - Window: panel title
+#: config.c:3064
+msgid "Window properties"
+msgstr "Propriedades da janela"
+
+#. __ Options - Window: section title
+#: config.c:3066
+msgid "Default size"
+msgstr "Tamanho padrão"
+
+#. __ Options - Window:
+#: config.c:3070
+msgid "Colu&mns"
+msgstr "Col&unas"
+
+#. __ Options - Window:
+#: config.c:3074
+msgid "Ro&ws"
+msgstr "&Linhas"
+
+#. __ Options - Window:
+#: config.c:3078
+msgid "C&urrent size"
+msgstr "&Tam. atual"
+
+#. __ Options - Window:
+#: config.c:3085
+msgid "Scroll&back lines"
+msgstr "Linhas de &rol."
+
+#. __ Options - Window:
+#: config.c:3090
+msgid "Scrollbar"
+msgstr "Barra de rolagem"
+
+#. __ Options - Window: scrollbar
+#: config.c:3093
+msgid "&Left"
+msgstr "&Esquerda"
+
+#. __ Options - Window: scrollbar
+#: config.c:3097
+msgid "&Right"
+msgstr "&Direita"
+
+#. __ Options - Window:
+#: config.c:3102
+msgid "Modifier for scrolling"
+msgstr "Modificador para rolagem"
+
+#. __ Options - Window:
+#: config.c:3118
+msgid "&PgUp and PgDn scroll without modifier"
+msgstr "&PgUp e PgDn rolam sem modificador"
+
+#. __ Options - Window: section title
+#: config.c:3124
+msgid "UI language"
+msgstr "Idioma da interface"
+
+#. __ Options - Terminal: treeview label
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
+msgid "Terminal"
+msgstr "Terminal"
+
+#. __ Options - Terminal: panel title
+#: config.c:3136
+msgid "Terminal features"
+msgstr "Recursos do terminal"
+
+#. __ Options - Terminal:
+#: config.c:3140
+msgid "&Type"
+msgstr "&Tipo"
+
+#. __ Options - Terminal:
+#: config.c:3144
+msgid "&Answerback"
+msgstr "&Answerback"
+
+#. __ Options - Terminal: section title
+#: config.c:3149
+msgid "Bell"
+msgstr "Aviso"
+
+#. __ Options - Terminal: bell
+#: config.c:3156
+msgid "â–º &Play"
+msgstr "â–º T&ocar"
+
+#. __ Options - Terminal: bell
+#: config.c:3162
+msgid "&Wave"
+msgstr "&Wave"
+
+#. __ Options - Terminal: bell
+#: config.c:3184 config.c:3197
+msgid "&Flash"
+msgstr "&Piscar"
+
+#. __ Options - Terminal: bell
+#: config.c:3186 config.c:3201
+msgid "&Highlight in taskbar"
+msgstr "&Destac. na bar. de tar."
+
+#. __ Options - Terminal: bell
+#: config.c:3188 config.c:3205
+msgid "&Popup"
+msgstr "&Saltar"
+
+#. __ Options - Terminal: section title
+#: config.c:3210
+msgid "Printer"
+msgstr "Impressora"
+
+#. __ Options - Terminal:
+#: config.c:3225
+msgid "Prompt about running processes on &close"
+msgstr "Confirmar &fechar com processos ativos"
+
+#: textprint.c:37 textprint.c:115
+msgid "[Printing...] "
+msgstr "[Imprimindo...] "
+
+#. __ Options - Text: font chooser activation button
+#: winctrls.c:812
+msgid "&Select..."
+msgstr "Selec&..."
+
+#. __ Font chooser: title bar label
+#: winctrls.c:1147
+msgid "Font "
+msgstr "Fonte "
+
+#. __ Font chooser: button
+#: winctrls.c:1149
+msgid "&Apply"
+msgstr "&Aplicar"
+
+#. __ Font chooser:
+#: winctrls.c:1151
+msgid "&Font:"
+msgstr "&Fonte:"
+
+#. __ Font chooser:
+#: winctrls.c:1157
+msgid "Sample"
+msgstr "Exemplo"
+
+#. __ Font chooser: text sample ("AaBbYyZz" by default)
+#: winctrls.c:1161 winctrls.c:1399 winctrls.c:1564
+msgid "Ferqœm’4€"
+msgstr "AaBbYyZz"
+
+#. __ Font chooser: this field is only shown with FontMenu=1
+#: winctrls.c:1178
+msgid "Sc&ript:"
+msgstr "Sc&ript:"
+
+#. __ Font chooser: this field is only shown with FontMenu=1
+#: winctrls.c:1180
+msgid "<A>Show more fonts</A>"
+msgstr "<A>Mostrar mais fontes</A>"
+
+#. __ Colour chooser: title bar label
+#: winctrls.c:1185
+msgid "Colour "
+msgstr "Cor "
+
+#. __ Colour chooser:
+#: winctrls.c:1198 winctrls.c:1210
+msgid "B&asic colours:"
+msgstr "Cores &básicas:"
+
+#. __ Colour chooser:
+#: winctrls.c:1217
+msgid "&Custom colours:"
+msgstr "Cores &personalizadas:"
+
+#. __ Colour chooser:
+#: winctrls.c:1224
+msgid "De&fine Custom Colours >>"
+msgstr "De&finir cores personalizadas >>"
+
+#. __ Colour chooser:
+#: winctrls.c:1227
+msgid "Colour"
+msgstr "Cor"
+
+#. __ Colour chooser:
+#: winctrls.c:1229
+msgid "|S&olid"
+msgstr "|Só&lida"
+
+#. __ Colour chooser:
+#: winctrls.c:1231
+msgid "&Hue:"
+msgstr "&Hue:"
+
+#. __ Colour chooser:
+#: winctrls.c:1234
+msgid "&Sat:"
+msgstr "&Sat:"
+
+#. __ Colour chooser:
+#: winctrls.c:1236
+msgid "&Lum:"
+msgstr "&Lum:"
+
+#. __ Colour chooser:
+#: winctrls.c:1238
+msgid "&Red:"
+msgstr "&Vermelho:"
+
+#. __ Colour chooser:
+#: winctrls.c:1240
+msgid "&Green:"
+msgstr "V&erde:"
+
+#. __ Colour chooser:
+#: winctrls.c:1242
+msgid "&Blue:"
+msgstr "&Azul:"
+
+#. __ Colour chooser:
+#: winctrls.c:1245
+msgid "A&dd to Custom Colours"
+msgstr "A&dicionar às cores personalizadas"
+
+#. __ Options: dialog title
+#: windialog.c:243 windialog.c:729
+msgid "Options"
+msgstr "Opções"
+
+#. __ Options: dialog title: "mintty <release> available (for download)"
+#: windialog.c:245
+msgid "available"
+msgstr "disponível"
+
+#. __ Options: dialog width scale factor (80...200)
+#: windialog.c:676
+msgid "100"
+msgstr "100"
+
+#: windialog.c:811 windialog.c:836
+msgid "Error"
+msgstr "Erro"
+
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
+msgid "Session switcher"
+msgstr "Alternar sessão"
+
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
+msgid "Session launcher"
+msgstr "Iniciar sessão"
+
+#: wininput.c:401 wininput.c:407
+msgid "Ctrl+"
+msgstr "Ctrl+"
+
+#: wininput.c:402 wininput.c:408
+msgid "Alt+"
+msgstr "Alt+"
+
+#: wininput.c:403 wininput.c:409
+msgid "Shift+"
+msgstr "Shift+"
+
+#. __ System menu:
+#: wininput.c:434
+msgid "&Restore"
+msgstr "&Restaurar"
+
+#. __ System menu:
+#: wininput.c:436
+msgid "&Move"
+msgstr "Mo&ver"
+
+#. __ System menu:
+#: wininput.c:438
+msgid "&Size"
+msgstr "&Tamanho"
+
+#. __ System menu:
+#: wininput.c:440
+msgid "Mi&nimize"
+msgstr "Mi&nimizar"
+
+#. __ System menu:
+#: wininput.c:442
+msgid "Ma&ximize"
+msgstr "Ma&ximizar"
+
+#. __ System menu:
+#: wininput.c:444
+msgid "&Close"
+msgstr "&Fechar"
+
+#. __ System menu:
+#: wininput.c:449
+msgid "Ne&w"
+msgstr "N&ova"
+
+#. __ Context menu:
+#: wininput.c:456
+msgid "&Copy"
+msgstr "&Copiar"
+
+#. __ Context menu:
+#: wininput.c:473
+msgid "&Paste "
+msgstr "Co&lar "
+
+#. __ Context menu:
+#: wininput.c:478
+msgid "Copy → Paste"
+msgstr "Copiar → Colar"
+
+#. __ Context menu:
+#: wininput.c:483
+msgid "S&earch"
+msgstr "P&rocurar"
+
+#. __ Context menu:
+#: wininput.c:490
+msgid "&Log to File"
+msgstr "&Registrar em arquivo"
+
+#. __ Context menu:
+#: wininput.c:496
+msgid "Character &Info"
+msgstr "In&formações do caractere"
+
+#. __ Context menu:
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr "Teclado VT220"
+
+#. __ Context menu:
+#: wininput.c:507
+msgid "&Reset"
+msgstr "R&edefinir"
+
+#. __ Context menu:
+#: wininput.c:515
+msgid "&Default Size"
+msgstr "&Tamanho padrão"
+
+#. __ Context menu:
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr "&Barra de rolagem"
+
+#. __ Context menu:
+#: wininput.c:531
+msgid "&Full Screen"
+msgstr "Tela &cheia"
+
+#. __ Context menu:
+#: wininput.c:537
+msgid "Flip &Screen"
+msgstr "Al&ternar tela"
+
+#. __ System menu:
+#: wininput.c:547 wininput.c:697
+msgid "Copy &Title"
+msgstr "Copiar tít&ulo"
+
+#. __ System menu:
+#. __ Context menu:
+#. __ System menu:
+#: wininput.c:549 wininput.c:681 wininput.c:699
+msgid "&Options..."
+msgstr "O&pções..."
+
+#. __ Context menu:
+#: wininput.c:624
+msgid "Ope&n"
+msgstr "A&brir"
+
+#. __ Context menu:
+#: wininput.c:629
+msgid "Copy as text"
+msgstr "Copiar como texto"
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr "Copiar como RTF"
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr "Cop. como HTML texto"
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr "Cop. como HTML"
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr "Cop. como HTML total"
+
+#. __ Context menu:
+#: wininput.c:644
+msgid "Select &All"
+msgstr "Se&lecionar tudo"
+
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr "Salvar tela como HTML"
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
+msgid "Clear Scrollback"
+msgstr "Limpar tela"
+
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
+msgid "Send Break"
+msgstr "Enviar break"
+
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr "Comandos do usuário"
+
+#: winmain.c:2065
+msgid "Processes are running in session:"
+msgstr "Processos rodando na sessão:"
+
+#: winmain.c:2066
+msgid "Close anyway?"
+msgstr "Fechar mesmo assim?"
+
+#: winmain.c:2184
+msgid "Try '--help' for more information"
+msgstr "Tente '--help' para mais informações"
+
+#: winmain.c:2192
+msgid "Could not load icon"
+msgstr "Não foi possível carregar o ícone"
+
+#: winmain.c:3598
+msgid "Usage:"
+msgstr "Uso:"
+
+#: winmain.c:3599
+msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
+msgstr "[OPÇÃO]... [ PROGRAMA [ARG]... | - ]"
+
+#. __ help text (output of -H / --help), after initial line ("synopsis")
+#: winmain.c:3602
+msgid ""
+"Start a new terminal session running the specified program or the user's "
+"shell.\n"
+"If a dash is given instead of a program, invoke the shell as a login shell.\n"
+"\n"
+"Options:\n"
+"  -c, --config FILE     Load specified config file (cf. -C or -o ThemeFile)\n"
+"  -e, --exec ...        Treat remaining arguments as the command to execute\n"
+"  -h, --hold never|start|error|always  Keep window open after command "
+"finishes\n"
+"  -p, --position X,Y    Open window at specified coordinates\n"
+"  -p, --position center|left|right|top|bottom  Open window at special "
+"position\n"
+"  -p, --position @N     Open window on monitor N\n"
+"  -s, --size COLS,ROWS  Set screen size in characters (also COLSxROWS)\n"
+"  -s, --size maxwidth|maxheight  Set max screen size in given dimension\n"
+"  -t, --title TITLE     Set window title (default: the invoked command) (cf. "
+"-T)\n"
+"  -w, --window normal|min|max|full|hide  Set initial window state\n"
+"  -i, --icon FILE[,IX]  Load window icon from file, optionally with index\n"
+"  -l, --log FILE|-      Log output to file or stdout\n"
+"      --nobidi|--nortl  Disable bidi (right-to-left support)\n"
+"  -o, --option OPT=VAL  Set/Override config file option with given value\n"
+"  -B, --Border frame|void  Use thin/no window border\n"
+"  -R, --Report s|o      Report window position (short/long) after exit\n"
+"      --nopin           Make this instance not pinnable to taskbar\n"
+"  -D, --daemon          Start new instance with Windows shortcut key\n"
+"  -H, --help            Display help and exit\n"
+"  -V, --version         Print version information and exit\n"
+"See manual page for further command line options and configuration.\n"
+msgstr ""
+"Inicia uma nova sessão de terminal executando o programa especificado na "
+"shell do usuário.\n"
+"Se um hífen foi fornecido ao invés de um programa, invoca a shell como uma "
+"shell de login.\n"
+"\n"
+"Opções:\n"
+"  -c, --config ARQUIVO     Carrega o arquivo de conf. especificado (cf. -C "
+"ou -o ThemeFile)\n"
+"  -e, --exec ...        Trata os argumentos seguintes como o comando a ser "
+"executado\n"
+"  -h, --hold never|start|error|always  Mantém a janela aberta após o comando "
+"terminar\n"
+"  -p, --position X,Y    Abre a janela nas coordenadas especificadas\n"
+"  -p, --position center|left|right|top|bottom  Abre a janela em uma posição "
+"especial\n"
+"  -p, --position @N     Abre a janela no monitor N\n"
+"  -s, --size COLS,LINHAS  Define o tamanho da tela em caracteres (tbm. dá "
+"com COLSxLINHAS)\n"
+"  -s, --size largmax|altmax  Define o tam. máx. da tela nas dimensões "
+"especificadas\n"
+"  -t, --title T�TULO     Define o título da janela (padrão: o comando "
+"invocado) (cf. -T)\n"
+"  -w, --window normal|min|max|full|hide  Define o estado inicial da janela\n"
+"  -i, --icon ARQUIVO[,IND]  Carrega o ícone da janela de um arquivo, opcion. "
+"com o índice\n"
+"  -l, --log ARQUIVO|-      Registra a saída em um arquivo ou no stdout\n"
+"      --nobidi|--nortl  Desativa o bidi (suporte a esquerda-para-direita)\n"
+"  -o, --option OPC=VAL  Define/sobrescreve a opção no arq. de config. com o "
+"valor dado\n"
+"  -B, --Border frame|void  Usar borda fina/nenhuma borda na janela\n"
+"  -R, --Report s|o      Informar posição da janela (curta/longa) após a "
+"saída\n"
+"      --nopin           Impede que essa instância seja afixável na barra de "
+"tarefas\n"
+"  -D, --daemon          Inicia uma nova instância com tecla de atalho "
+"Windows\n"
+"  -H, --help            Mostra a ajuda e encerra\n"
+"  -V, --version         Mostra informações de versão e encerra\n"
+"Veja a página do manual para mais opções de linha de comando e "
+"configurações.\n"
+
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
+msgid "WSL distribution '%s' not found"
+msgstr "Distribuição WSL '%s' não encontrada"
+
+#: winmain.c:3904
+msgid "Duplicate option '%s'"
+msgstr "Opção repetida: '%s'"
+
+#: winmain.c:3912
+msgid "Unknown option '%s'"
+msgstr "Opção desconhecida: '%s'"
+
+#: winmain.c:3914
+msgid "Option '%s' requires an argument"
+msgstr "A opção '%s' precisa de um argumento"
+
+#: winmain.c:3941
+msgid "Syntax error in position argument '%s'"
+msgstr "Erro de sintaxe no argumento de posição '%s'"
+
+#: winmain.c:3952
+msgid "Syntax error in size argument '%s'"
+msgstr "Erro de sintaxe no argumento de tamanho '%s'"
+
+#: winmain.c:4083
+msgid "Syntax error in geometry argument '%s'"
+msgstr "Erro de sintaxe no argumento de geometria '%s'"
+
+#: winmain.c:4158
+msgid "Mintty could not detach from caller, starting anyway"
+msgstr "O Mintty não pôde se desanexar do chamador, iniciando mesmo assim"
+
+#: winmain.c:4396
+msgid "Using default title due to invalid characters in program name"
+msgstr "Usando título padrão devido a caracteres inválidos no nome do programa"
+
+#. __ label of search bar close button; not actually "localization"
+#: winsearch.c:241
+msgid "X"
+msgstr "X"
+
+#. __ label of search bar prev button; not actually "localization"
+#: winsearch.c:245
+msgid "â—€"
+msgstr "â—€"
+
+#. __ label of search bar next button; not actually "localization"
+#: winsearch.c:249
+msgid "â–¶"
+msgstr "â–¶"
+
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
+msgid "Leading: %d, Bold: %s, Underline: %s"
+msgstr "Distância: %d, Negrito: %s, Sublinhado: %s"
+
+#. __ Options - Text: font properties: value taken from font
+#: wintext.c:143
+msgid "font"
+msgstr "fonte"
+
+#. __ Options - Text: font properties: value affected by option
+#: wintext.c:145
+msgid "manual"
+msgstr "manual"
+
+#: wintext.c:400
+msgid "Font not found, using system substitute"
+msgstr "Fonte não encontrada. Usando substituta do sistema."
+
+#: wintext.c:407
+msgid "Font has limited support for character ranges"
+msgstr "A fonte tem suporte limitado a intervalos de caracteres"
+
+#: wintext.c:512
+msgid "Font installation corrupt, using system substitute"
+msgstr "Instalação da fonte está corrompida. Usando substituta do sistema."
+
+#: wintext.c:525
+msgid "Font does not support system locale"
+msgstr "A fonte é incompatível com o idioma do sistema"
+
+#: appinfo.h:61
+msgid "There is no warranty, to the extent permitted by law."
+msgstr "Não há garantia, na medida permitida por lei."
+
+#. __ %s: WEBSITE (URL)
+#: appinfo.h:66
+msgid ""
+"Please report bugs or request enhancements through the issue tracker on the "
+"mintty project page located at\n"
+"%s.\n"
+"See also the Wiki there for further hints, thanks and credits."
+msgstr ""
+"Informe bugs ou sugira melhorias no gerenciador de issues na página do "
+"projeto do Mintty no endereço\n"
+"%s.\n"
+"Veja por lá também a Wiki do projeto para maiores dicas, agradecimentos e "
+"créditos."
diff --git a/msys2/usr/share/mintty/lang/ru.po b/msys2/usr/share/mintty/lang/ru.po
index eaac2c349..64dd082fc 100644
--- a/msys2/usr/share/mintty/lang/ru.po
+++ b/msys2/usr/share/mintty/lang/ru.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: mintty\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-04-11 10:29+0200\n"
+"POT-Creation-Date: 2019-03-28 18:43+0100\n"
 "PO-Revision-Date: 2016-12-19 04:18+0500\n"
 "Last-Translator: \n"
 "Language-Team: \n"
@@ -16,79 +16,79 @@ msgstr ""
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: charset.c:213 charset.c:224 winmain.c:3270 winmain.c:3333
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "(Default)"
 msgstr "(по умолчанию)"
 
-#: charset.c:235
+#: charset.c:253
 msgid "(OEM codepage)"
 msgstr "(OEM ру��ка�)"
 
-#: charset.c:239
+#: charset.c:257
 msgid "(ANSI codepage)"
 msgstr "(ANSI кириллица)"
 
-#: child.c:78
+#: child.c:82
 msgid "There are no available terminals"
 msgstr "�ет до�тупных панелей"
 
-#: child.c:153
+#: child.c:157
 msgid "Error: Could not open log file"
 msgstr "Ошибка: не удало�ь открыть файл журнала"
 
-#: child.c:225
+#: child.c:229
 msgid "Error: Could not fork child process"
 msgstr "Ошибка: не удало�ь запу�тить дочерний проце��"
 
-#: child.c:227
+#: child.c:231
 msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
 msgstr ""
 "Может потребовать�� перебазировка библиотек, �м. 'rebaseall / rebase --help'"
 
 #. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
-#: child.c:305
+#: child.c:309
 msgid "Failed to run '%s': %s"
 msgstr "�е удало�ь выполнить '%s': %s"
 
 #. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
-#: child.c:422
+#: child.c:426
 msgid "%s: Exit %i"
 msgstr "%s о�тановлено: %i"
 
 #. __ default inline notification if ExitWrite=yes
-#: child.c:429
+#: child.c:433
 msgid "TERMINATED"
 msgstr "З�ВЕРШЕ�ИЕ"
 
-#: child.c:836
+#: child.c:984
 msgid "Error: Could not fork child daemon"
 msgstr "Ошибка: не удало�ь запу�тить фоновый дочерний проце��"
 
 #. __ %s: unknown option name
-#: config.c:552
+#: config.c:603
 msgid "Ignoring unknown option '%s'"
 msgstr "Игнорирование неизве�тного параметра '%s'"
 
-#: config.c:597 config.c:626
+#: config.c:648 config.c:677
 msgid "Internal error: too many options"
 msgstr "Внутренн�� ошибка: �лишком много параметров"
 
-#: config.c:613
+#: config.c:664
 msgid "Internal error: too many options/comments"
 msgstr "Внутренн�� ошибка: �лишком много параметров/комментариев"
 
 #. __ %2$s: option name, %1$s: invalid value
-#: config.c:748
+#: config.c:810
 msgid "Ignoring invalid value '%s' for option '%s'"
 msgstr "Игнорирование неправильного значени� '%s' дл� параметра '%s'"
 
 #. __ %s: option name
-#: config.c:759
+#: config.c:822
 msgid "Ignoring option '%s' with missing value"
 msgstr "Игнорирование параметра '%s' от�ут�твует значение"
 
 #. __ %1$s: config file name, %2$s: error message
-#: config.c:1362
+#: config.c:1443
 msgid ""
 "Could not save options to '%s':\n"
 "%s."
@@ -96,162 +96,162 @@ msgstr ""
 "�е удало�ь �охранить параметр '%s':\n"
 "%s."
 
-#: config.c:1679
+#: config.c:1762
 msgid "â—‡ None (printing disabled) â—‡"
 msgstr "◇ �ет (печать выключена) ◇"
 
-#: config.c:1681
+#: config.c:1764
 msgid "â—† Default printer â—†"
 msgstr "◆ Принтер по умолчанию ◆"
 
 #. __ UI language
-#: config.c:1790
+#: config.c:1873
 msgid "– None –"
 msgstr "– От�ут�твует –"
 
-#: config.c:1791
+#: config.c:1874
 msgid "@ Windows language @"
 msgstr "@ Из Windows @"
 
-#: config.c:1792
+#: config.c:1875
 msgid "* Locale environm. *"
 msgstr "* Из окружени� *"
 
-#: config.c:1793
+#: config.c:1876
 msgid "= cfg. Text Locale ="
 msgstr "= Файл конфигурации ="
 
-#: config.c:1856
+#: config.c:1939
 msgid "simple beep"
-msgstr ""
+msgstr "Про�той �игнал"
 
-#: config.c:1857
+#: config.c:1940
 msgid "no beep"
-msgstr ""
+msgstr "Без звука"
 
-#: config.c:1858
+#: config.c:1941
 msgid "Default Beep"
-msgstr ""
+msgstr "Стандартный звук"
 
-#: config.c:1859
+#: config.c:1942
 msgid "Critical Stop"
-msgstr "Критиче�ка� о�тановка"
+msgstr "Критиче�ка� ошибка"
 
-#: config.c:1860
+#: config.c:1943
 msgid "Question"
 msgstr "Вопро�"
 
-#: config.c:1861
+#: config.c:1944
 msgid "Exclamation"
 msgstr "Во�клицание"
 
-#: config.c:1862
+#: config.c:1945
 msgid "Asterisk"
-msgstr "Звездочка (*)"
+msgstr "Звездочка"
 
-#: config.c:1905
+#: config.c:1988
 msgid "â—‡ None (system sound) â—‡"
-msgstr "◇ Стандартный звук ◇"
+msgstr "◇ �ет (�и�темный звук) ◇"
 
 #. __ terminal theme / colour scheme
-#: config.c:2036
+#: config.c:2119
 msgid "â—‡ None â—‡"
 msgstr "◇ От�ут�твует ◇"
 
 #. __ indicator of unsaved downloaded colour scheme
-#: config.c:2039
+#: config.c:2122
 msgid "downloaded / give me a name!"
 msgstr "загружено / �охранить как"
 
-#: config.c:2128
+#: config.c:2211
 msgid "Could not load web theme"
 msgstr "�е удало�ь загрузить веб-тему"
 
-#: config.c:2177
+#: config.c:2260
 msgid "Cannot write theme file"
 msgstr "�евозможно запи�ать файл темы"
 
-#: config.c:2182
+#: config.c:2265
 msgid "Cannot store theme file"
 msgstr "�е удает�� �охранить файл темы"
 
 #. __ Dialog button - show About text
-#: config.c:2542
+#: config.c:2641
 msgid "About..."
 msgstr "О на�"
 
 #. __ Dialog button - save changes
-#: config.c:2545
+#: config.c:2644
 msgid "Save"
 msgstr "Сохранить"
 
 #. __ Dialog button - cancel
-#: config.c:2549 winctrls.c:1143 windialog.c:782
+#: config.c:2648 winctrls.c:1143 windialog.c:782
 msgid "Cancel"
 msgstr "Отмена"
 
 #. __ Dialog button - apply changes
-#: config.c:2553
+#: config.c:2652
 msgid "Apply"
 msgstr "Применить"
 
 #. __ Dialog button - take notice
-#: config.c:2557 windialog.c:779
+#: config.c:2656 windialog.c:779
 msgid "I see"
 msgstr "Хорошо"
 
 #. __ Dialog button - confirm action
-#: config.c:2559 winctrls.c:1142 windialog.c:781
+#: config.c:2658 winctrls.c:1142 windialog.c:781
 msgid "OK"
 msgstr ""
 
 #. __ Options - Looks: treeview label
-#: config.c:2566 config.c:2597 config.c:2638
+#: config.c:2665 config.c:2696 config.c:2737
 msgid "Looks"
 msgstr "Вид"
 
 #. __ Options - Looks: panel title
-#: config.c:2568
+#: config.c:2667
 msgid "Looks in Terminal"
 msgstr "Внешний вид"
 
 #. __ Options - Looks: section title
-#: config.c:2570
+#: config.c:2669
 msgid "Colours"
 msgstr "Цвета"
 
 #. __ Options - Looks:
-#: config.c:2574
+#: config.c:2673
 msgid "&Foreground..."
 msgstr "Тек�т..."
 
 #. __ Options - Looks:
-#: config.c:2578
+#: config.c:2677
 msgid "&Background..."
 msgstr "Фон..."
 
 #. __ Options - Looks:
-#: config.c:2582
+#: config.c:2681
 msgid "&Cursor..."
 msgstr "Каретка..."
 
 #. __ Options - Looks:
-#: config.c:2586
+#: config.c:2685
 msgid "&Theme"
 msgstr "Тема"
 
 #. __ Options - Looks: name of web service
-#: config.c:2591
+#: config.c:2690
 msgid "Color Scheme Designer"
 msgstr "Онлайн генератор тем"
 
 #. __ Options - Looks: store colour scheme
-#: config.c:2594 winctrls.c:381
+#: config.c:2693 winctrls.c:381
 msgid "Store"
 msgstr "В набор"
 
 #. __ Options - Looks: section title
-#: config.c:2599
+#: config.c:2698
 msgid "Transparency"
 msgstr "Прозрачно�ть"
 
@@ -259,449 +259,459 @@ msgstr "Прозрачно�ть"
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2605 config.c:2815 config.c:2899 config.c:2956
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
 msgid "&Off"
 msgstr "�ет"
 
 #. __ Options - Looks: transparency
-#: config.c:2607
+#: config.c:2706
 msgid "&Low"
 msgstr "�из."
 
 #. __ Options - Looks: transparency, short form of radio button label "Medium"
-#: config.c:2609
+#: config.c:2708
 msgid "&Med."
 msgstr "Сред."
 
 #. __ Options - Looks: transparency
-#: config.c:2611
+#: config.c:2710
 msgid "&Medium"
 msgstr "Средн��"
 
 #. __ Options - Looks: transparency
-#: config.c:2613
+#: config.c:2712
 msgid "&High"
 msgstr "Вы�."
 
 #. __ Options - Looks: transparency
-#: config.c:2615
+#: config.c:2714
 msgid "Gla&ss"
 msgstr "Проз."
 
 #. __ Options - Looks: transparency
-#: config.c:2622 config.c:2633
+#: config.c:2721 config.c:2732
 msgid "Opa&que when focused"
 msgstr "�епрозрачно при фоку�ировке"
 
 #. __ Options - Looks: transparency
-#: config.c:2627
+#: config.c:2726
 msgid "Blu&r"
 msgstr "Размытие"
 
 #. __ Options - Looks: section title
-#: config.c:2640
+#: config.c:2739
 msgid "Cursor"
 msgstr "Каретка"
 
 #. __ Options - Looks: cursor type
-#: config.c:2645
+#: config.c:2744
 msgid "Li&ne"
 msgstr "Слеш "
 
 #. __ Options - Looks: cursor type
-#: config.c:2647
+#: config.c:2746
 msgid "Bloc&k"
 msgstr "Блок"
 
 #. __ Options - Looks: cursor type
-#: config.c:2649
+#: config.c:2748
 msgid "&Underscore"
 msgstr "Подчеркивание"
 
 #. __ Options - Looks: cursor feature
-#: config.c:2654
+#: config.c:2753
 msgid "Blinkin&g"
 msgstr "Мерцание"
 
 #. __ Options - Text: treeview label
-#: config.c:2661 config.c:2683 config.c:2701 config.c:2735
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
 msgid "Text"
 msgstr "Тек�т"
 
 #. __ Options - Text: panel title
-#: config.c:2663
+#: config.c:2762
 msgid "Text and Font properties"
 msgstr "Тек�т и шрифт"
 
 #. __ Options - Text: section title
-#: config.c:2665
+#: config.c:2764
 msgid "Font"
 msgstr "Шрифт"
 
 #. __ Options - Text:
 #. __ Font chooser:
-#: config.c:2673 winctrls.c:1153
+#: config.c:2772 winctrls.c:1153
 msgid "Font st&yle:"
 msgstr "�ачертание:"
 
 #. __ Font chooser:
-#: config.c:2678 winctrls.c:1155
+#: config.c:2777 winctrls.c:1155
 msgid "&Size:"
 msgstr "Размер:"
 
 #. __ Options - Text:
-#: config.c:2687 config.c:2720
+#: config.c:2786 config.c:2819
 msgid "Sho&w bold as font"
 msgstr "Разреш. жир. тек�т"
 
 #. __ Options - Text:
-#: config.c:2692 config.c:2725
+#: config.c:2791 config.c:2824
 msgid "Show &bold as colour"
 msgstr "Разреш. цвет. тек�т"
 
 #. __ Options - Text:
-#: config.c:2705
+#: config.c:2804
 msgid "Font smoothing"
 msgstr "Сглаживание шрифта"
 
 #. __ Options - Text:
-#: config.c:2708
+#: config.c:2807 config.c:2951 config.c:2984
 msgid "&Default"
 msgstr "Си�тема"
 
 #. __ Options - Text:
 #. __ Options - Window: scrollbar
-#: config.c:2710 config.c:2940
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
 msgid "&None"
 msgstr "�ет"
 
 #. __ Options - Text:
-#: config.c:2712
+#: config.c:2811 config.c:2950 config.c:2983
 msgid "&Partial"
 msgstr "Среднее"
 
 #. __ Options - Text:
-#: config.c:2714
+#: config.c:2813 config.c:2952 config.c:2985
 msgid "&Full"
 msgstr "Полное"
 
 #. __ Options - Text:
-#: config.c:2730
+#: config.c:2829
 msgid "&Allow blinking"
 msgstr "Разреш. мерцание"
 
-#: config.c:2738
+#: config.c:2837
 msgid "&Locale"
 msgstr "Формат"
 
-#: config.c:2741
+#: config.c:2840
 msgid "&Character set"
 msgstr "�абор �имволов"
 
 #. __ Options - Keys: treeview label
-#: config.c:2748 config.c:2768 config.c:2802
+#: config.c:2847 config.c:2867 config.c:2901
 msgid "Keys"
 msgstr "Клавиатура"
 
 #. __ Options - Keys: panel title
-#: config.c:2750
+#: config.c:2849
 msgid "Keyboard features"
 msgstr "Клавиатура"
 
 #. __ Options - Keys:
-#: config.c:2754
+#: config.c:2853
 msgid "&Backarrow sends ^H"
 msgstr "&Backarrow как ^H"
 
 #. __ Options - Keys:
-#: config.c:2759
+#: config.c:2858
 msgid "&Delete sends DEL"
 msgstr "DEL удал�ет �лева"
 
 #. __ Options - Keys:
-#: config.c:2764
+#: config.c:2863
 msgid "Ctrl+LeftAlt is Alt&Gr"
 msgstr "Ctrl+LeftAlt замен�ет Alt&Gr"
 
 #. __ Options - Keys: section title
-#: config.c:2770
+#: config.c:2869
 msgid "Shortcuts"
 msgstr "Клавиши бы�трого до�тупа"
 
 #. __ Options - Keys:
-#: config.c:2773
+#: config.c:2872
 msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
 msgstr "Копировать и В�тавить (Ctrl/Shift+Ins)"
 
 #. __ Options - Keys:
-#: config.c:2778
+#: config.c:2877
 msgid "&Menu and Full Screen (Alt+Space/Enter)"
 msgstr "Меню и полный �кран (Alt+Space/Enter)"
 
 #. __ Options - Keys:
-#: config.c:2783
+#: config.c:2882
 msgid "&Switch window (Ctrl+[Shift+]Tab)"
 msgstr "Переключить окно (Ctrl+[Shift+]Tab)"
 
 #. __ Options - Keys:
-#: config.c:2788
+#: config.c:2887
 msgid "&Zoom (Ctrl+plus/minus/zero)"
 msgstr "Ма�штаб (Ctrl+plus/minus/zero)"
 
 #. __ Options - Keys:
-#: config.c:2793
+#: config.c:2892
 msgid "&Alt+Fn shortcuts"
 msgstr "&Alt+F(n) �очетани�"
 
 #. __ Options - Keys:
-#: config.c:2798
+#: config.c:2897
 msgid "&Ctrl+Shift+letter shortcuts"
 msgstr "&Ctrl+Shift+(n) �очетани�"
 
 #. __ Options - Keys: section title
-#: config.c:2804
+#: config.c:2903
 msgid "Compose key"
 msgstr "Модификатор клавиатуры"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2809 config.c:2893 config.c:2950
+#: config.c:2908 config.c:3046 config.c:3105
 msgid "&Shift"
 msgstr ""
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2811 config.c:2895 config.c:2952
+#: config.c:2910 config.c:3048 config.c:3107
 msgid "&Ctrl"
 msgstr ""
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2813 config.c:2897 config.c:2954
+#: config.c:2912 config.c:3050 config.c:3109
 msgid "&Alt"
 msgstr ""
 
 #. __ Options - Mouse: treeview label
-#: config.c:2823 config.c:2843 config.c:2875
+#: config.c:2922 config.c:2996 config.c:3028
 msgid "Mouse"
 msgstr "Мышь"
 
 #. __ Options - Mouse: panel title
-#: config.c:2825
+#: config.c:2924
 msgid "Mouse functions"
 msgstr "Свой�тва мыши"
 
 #. __ Options - Mouse:
-#: config.c:2829
+#: config.c:2929 config.c:2957 config.c:2968
 msgid "Cop&y on select"
 msgstr "Копир. выделеное"
 
 #. __ Options - Mouse:
-#: config.c:2834
+#: config.c:2934 config.c:2962 config.c:2973
 msgid "Copy as &rich text"
 msgstr "Копир. как таблицу"
 
 #. __ Options - Mouse:
-#: config.c:2839
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr "Копировать как HTML"
+
+#. __ Options - Mouse:
+#: config.c:2992
 msgid "Clic&ks place command line cursor"
 msgstr "У�танавливать каретку мышкой"
 
 #. __ Options - Mouse: section title
-#: config.c:2845
+#: config.c:2998
 msgid "Click actions"
 msgstr "Дей�тви� при нажатии кнопок"
 
 #. __ Options - Mouse:
-#: config.c:2848
+#: config.c:3001
 msgid "Right mouse button"
 msgstr "Права� кнопка мыши"
 
 #. __ Options - Mouse:
-#: config.c:2851 config.c:2865
+#: config.c:3004 config.c:3018
 msgid "&Paste"
 msgstr "В�тавка"
 
 #. __ Options - Mouse:
-#: config.c:2853 config.c:2867
+#: config.c:3006 config.c:3020
 msgid "E&xtend"
 msgstr "Выбрать"
 
 #. __ Options - Mouse:
-#: config.c:2855
+#: config.c:3008
 msgid "&Menu"
 msgstr "Меню"
 
 #. __ Options - Mouse:
-#: config.c:2857 config.c:2871
+#: config.c:3010 config.c:3024
 msgid "Ente&r"
 msgstr "Запу�к"
 
 #. __ Options - Mouse:
-#: config.c:2862
+#: config.c:3015
 msgid "Middle mouse button"
 msgstr "Средн�� кнопка мыши"
 
 #. __ Options - Mouse:
-#: config.c:2869
+#: config.c:3022
 msgid "&Nothing"
 msgstr "�ет"
 
 #. __ Options - Mouse: section title
-#: config.c:2877
+#: config.c:3030
 msgid "Application mouse mode"
 msgstr "Режим от�леживани� мыши"
 
 #. __ Options - Mouse:
-#: config.c:2880
+#: config.c:3033
 msgid "Default click target"
 msgstr "Событи� мыши передают��"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2883
+#: config.c:3036
 msgid "&Window"
 msgstr "&Window"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2885
+#: config.c:3038
 msgid "&Application"
 msgstr "Приложению"
 
 #. __ Options - Mouse:
-#: config.c:2890
+#: config.c:3043
 msgid "Modifier for overriding default"
 msgstr "Модификатор отмены захвата мыши"
 
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr ""
+
 #. __ Options - Window: treeview label
-#: config.c:2907 config.c:2926 config.c:2965
+#: config.c:3062 config.c:3081 config.c:3122
 msgid "Window"
 msgstr "Окно"
 
 #. __ Options - Window: panel title
-#: config.c:2909
+#: config.c:3064
 msgid "Window properties"
 msgstr "Свой�тва окна"
 
 #. __ Options - Window: section title
-#: config.c:2911
+#: config.c:3066
 msgid "Default size"
 msgstr "Размер по умолчанию"
 
 #. __ Options - Window:
-#: config.c:2915
+#: config.c:3070
 msgid "Colu&mns"
 msgstr "Колонны"
 
 #. __ Options - Window:
-#: config.c:2919
+#: config.c:3074
 msgid "Ro&ws"
 msgstr "Р�ды"
 
 #. __ Options - Window:
-#: config.c:2923
+#: config.c:3078
 msgid "C&urrent size"
 msgstr "Текущие"
 
 #. __ Options - Window:
-#: config.c:2930
+#: config.c:3085
 msgid "Scroll&back lines"
 msgstr "Буфер �трок"
 
 #. __ Options - Window:
-#: config.c:2935
+#: config.c:3090
 msgid "Scrollbar"
 msgstr "Поло�а прокрутки"
 
 #. __ Options - Window: scrollbar
-#: config.c:2938
+#: config.c:3093
 msgid "&Left"
 msgstr "Слева"
 
 #. __ Options - Window: scrollbar
-#: config.c:2942
+#: config.c:3097
 msgid "&Right"
 msgstr "Справа"
 
 #. __ Options - Window:
-#: config.c:2947
+#: config.c:3102
 msgid "Modifier for scrolling"
 msgstr "Модификатор прокрутки"
 
 #. __ Options - Window:
-#: config.c:2961
+#: config.c:3118
 msgid "&PgUp and PgDn scroll without modifier"
 msgstr "&PgUp и PgDn прокрутка без модификатора"
 
 #. __ Options - Window: section title
-#: config.c:2967
+#: config.c:3124
 msgid "UI language"
 msgstr "Язык интерфей�а"
 
 #. __ Options - Terminal: treeview label
-#: config.c:2977 config.c:2990 config.c:3051 config.c:3065
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
 msgid "Terminal"
 msgstr "Кон�оль"
 
 #. __ Options - Terminal: panel title
-#: config.c:2979
+#: config.c:3136
 msgid "Terminal features"
 msgstr "Свой�тва кон�оли"
 
 #. __ Options - Terminal:
-#: config.c:2983
+#: config.c:3140
 msgid "&Type"
 msgstr "Тип"
 
 #. __ Options - Terminal:
-#: config.c:2987
+#: config.c:3144
 msgid "&Answerback"
 msgstr "�втоответ "
 
 #. __ Options - Terminal: section title
-#: config.c:2992
+#: config.c:3149
 msgid "Bell"
 msgstr "Оповещени�"
 
 #. __ Options - Terminal: bell
-#: config.c:2999
+#: config.c:3156
 msgid "â–º &Play"
 msgstr "► Во�пр."
 
 #. __ Options - Terminal: bell
-#: config.c:3005
+#: config.c:3162
 msgid "&Wave"
 msgstr "Звук"
 
 #. __ Options - Terminal: bell
-#: config.c:3027 config.c:3040
+#: config.c:3184 config.c:3197
 msgid "&Flash"
 msgstr "В�пл."
 
 # msgstr "В�плывающее"
 #. __ Options - Terminal: bell
-#: config.c:3029 config.c:3044
+#: config.c:3186 config.c:3201
 msgid "&Highlight in taskbar"
 msgstr "Под�ветка"
 
 # msgstr "Стату� в панели"
 #. __ Options - Terminal: bell
-#: config.c:3031 config.c:3048
+#: config.c:3188 config.c:3205
 msgid "&Popup"
 msgstr "В�плывающее"
 
 #. __ Options - Terminal: section title
-#: config.c:3053
+#: config.c:3210
 msgid "Printer"
 msgstr "Принтер"
 
 #. __ Options - Terminal:
-#: config.c:3068
+#: config.c:3225
 msgid "Prompt about running processes on &close"
 msgstr "При закрытии под�казывать о проце��ах"
 
-#: textprint.c:37 textprint.c:101
+#: textprint.c:37 textprint.c:115
 msgid "[Printing...] "
 msgstr "[Печать ...]"
 
@@ -818,7 +828,7 @@ msgstr "�а�тройки"
 #. __ Options: dialog title: "mintty <release> available (for download)"
 #: windialog.c:245
 msgid "available"
-msgstr "до�тупный"
+msgstr "до�тупен"
 
 #. __ Options: dialog width scale factor (80...200)
 #: windialog.c:676
@@ -829,176 +839,216 @@ msgstr ""
 msgid "Error"
 msgstr "Ошибка"
 
-#. __ Context menu, session switcher ("virtual tabs")
-#: wininput.c:153
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
 msgid "Session switcher"
-msgstr ""
+msgstr "Параллельные �еан�ы"
 
-#. __ Context menu, session launcher ("virtual tabs")
-#: wininput.c:254
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
 msgid "Session launcher"
-msgstr ""
+msgstr "�овый �еан�"
 
-#: wininput.c:357 wininput.c:363
+#: wininput.c:401 wininput.c:407
 msgid "Ctrl+"
 msgstr ""
 
-#: wininput.c:358 wininput.c:364
+#: wininput.c:402 wininput.c:408
 msgid "Alt+"
 msgstr ""
 
-#: wininput.c:359 wininput.c:365
+#: wininput.c:403 wininput.c:409
 msgid "Shift+"
 msgstr ""
 
 #. __ System menu:
-#: wininput.c:390
+#: wininput.c:434
 msgid "&Restore"
 msgstr "Во��тановить"
 
 #. __ System menu:
-#: wininput.c:392
+#: wininput.c:436
 msgid "&Move"
 msgstr "Переме�тить"
 
 #. __ System menu:
-#: wininput.c:394
+#: wininput.c:438
 msgid "&Size"
 msgstr "Размер"
 
 #. __ System menu:
-#: wininput.c:396
+#: wininput.c:440
 msgid "Mi&nimize"
 msgstr "Свернуть"
 
 #. __ System menu:
-#: wininput.c:398
+#: wininput.c:442
 msgid "Ma&ximize"
 msgstr "Развернуть"
 
 #. __ System menu:
-#: wininput.c:400
+#: wininput.c:444
 msgid "&Close"
 msgstr "Закрыть"
 
 #. __ System menu:
-#: wininput.c:405
+#: wininput.c:449
 msgid "Ne&w"
 msgstr "�овое окно"
 
 #. __ Context menu:
-#: wininput.c:412
+#: wininput.c:456
 msgid "&Copy"
 msgstr "Копировать"
 
 #. __ Context menu:
-#: wininput.c:422
+#: wininput.c:473
 msgid "&Paste "
 msgstr "В�тавить"
 
 #. __ Context menu:
-#: wininput.c:427
+#: wininput.c:478
 msgid "Copy → Paste"
 msgstr "Копировать → В�тавить"
 
 #. __ Context menu:
-#: wininput.c:432
+#: wininput.c:483
 msgid "S&earch"
 msgstr "Пои�к"
 
 #. __ Context menu:
-#: wininput.c:439
+#: wininput.c:490
 msgid "&Log to File"
-msgstr "Лог в файл"
+msgstr "Сохран�ть логи в файл"
 
 #. __ Context menu:
-#: wininput.c:445
+#: wininput.c:496
 msgid "Character &Info"
 msgstr "Информаци� �имволов"
 
 #. __ Context menu:
-#: wininput.c:450
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr "VT220 Клавиатура"
+
+#. __ Context menu:
+#: wininput.c:507
 msgid "&Reset"
 msgstr "Сбро�"
 
 #. __ Context menu:
-#: wininput.c:458
+#: wininput.c:515
 msgid "&Default Size"
 msgstr "Стандартный размер"
 
 #. __ Context menu:
-#: wininput.c:464
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr "Поло�а прокрутки"
+
+#. __ Context menu:
+#: wininput.c:531
 msgid "&Full Screen"
 msgstr "�а ве�ь �кран"
 
 #. __ Context menu:
-#: wininput.c:470
+#: wininput.c:537
 msgid "Flip &Screen"
 msgstr "�льтернативный �кран"
 
 #. __ System menu:
-#: wininput.c:480 wininput.c:559
+#: wininput.c:547 wininput.c:697
 msgid "Copy &Title"
 msgstr "Копировать заголовок"
 
 #. __ System menu:
 #. __ Context menu:
 #. __ System menu:
-#: wininput.c:482 wininput.c:547 wininput.c:561
+#: wininput.c:549 wininput.c:681 wininput.c:699
 msgid "&Options..."
 msgstr "�а�тройки ..."
 
-#. __ Context menu, user commands
-#: wininput.c:493
-msgid "User commands"
-msgstr ""
-
 #. __ Context menu:
-#: wininput.c:510
+#: wininput.c:624
 msgid "Ope&n"
 msgstr "Открыть"
 
 #. __ Context menu:
-#: wininput.c:518
+#: wininput.c:629
+msgid "Copy as text"
+msgstr "Копировать как тек�т"
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr "Копировать как RTF"
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr "Копировать тек�т как HTML"
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr "Копировать как HTML"
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr "Копировать в�е как HTML"
+
+#. __ Context menu:
+#: wininput.c:644
 msgid "Select &All"
 msgstr "Выбрать в�е"
 
-#. __ Context menu:
-#: wininput.c:528
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr "Сохранить �нимок �крана в HTML"
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
 msgid "Clear Scrollback"
-msgstr "Очи�тить �кроллинг"
+msgstr "Сбро� поло�ы прокрутки"
 
-#. __ Context menu:
-#: wininput.c:537
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
 msgid "Send Break"
-msgstr ""
+msgstr "Прервать текущую задачу"
 
-#: winmain.c:1778
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr "Пользователь�кие команды"
+
+#: winmain.c:2065
 msgid "Processes are running in session:"
 msgstr "Имеют�� запущенные проце��ы:"
 
-#: winmain.c:1779
+#: winmain.c:2066
 msgid "Close anyway?"
 msgstr "Закрыть в�е равно?"
 
-#: winmain.c:2479
+#: winmain.c:2184
 msgid "Try '--help' for more information"
 msgstr "И�пользуйте '--help' дл� получени� дополнительной информации"
 
-#: winmain.c:2487
+#: winmain.c:2192
 msgid "Could not load icon"
 msgstr "�е удало�ь загрузить иконку"
 
-#: winmain.c:3109
+#: winmain.c:3598
 msgid "Usage:"
 msgstr "Применение:"
 
-#: winmain.c:3110
+#: winmain.c:3599
 msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
 msgstr "[ОПЦИЙ]... [ ПРОГР�ММ� [�РГУМЕ�ТЫ]... | - ]"
 
 #. __ help text (output of -H / --help), after initial line ("synopsis")
-#: winmain.c:3113
+#: winmain.c:3602
 msgid ""
 "Start a new terminal session running the specified program or the user's "
 "shell.\n"
@@ -1066,40 +1116,40 @@ msgstr ""
 "Смотрите �траницу руковод�тва дл� параметров командной �троки и "
 "конфигурации.\n"
 
-#: winmain.c:3270 winmain.c:3333
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "WSL distribution '%s' not found"
-msgstr ""
+msgstr "Под�и�тема WSL '%s' не найдена"
 
-#: winmain.c:3361
+#: winmain.c:3904
 msgid "Duplicate option '%s'"
-msgstr "Дублированный вариант '%s'"
+msgstr "Дублирование параметра '%s'"
 
-#: winmain.c:3369
+#: winmain.c:3912
 msgid "Unknown option '%s'"
 msgstr "�еизве�тный параметр '%s'"
 
-#: winmain.c:3371
+#: winmain.c:3914
 msgid "Option '%s' requires an argument"
 msgstr "Параметр '%s' требует аргумент"
 
-#: winmain.c:3398
+#: winmain.c:3941
 msgid "Syntax error in position argument '%s'"
 msgstr "Ошибка �интак�и�а в позиции аргумента '%s'"
 
-#: winmain.c:3409
+#: winmain.c:3952
 msgid "Syntax error in size argument '%s'"
 msgstr "Ошибка �интак�и�а в размере аргумента '%s'"
 
-#: winmain.c:3533
+#: winmain.c:4083
 msgid "Syntax error in geometry argument '%s'"
 msgstr "Ошибка �интак�и�а в размере аргумента '%s'"
 
-#: winmain.c:3607
+#: winmain.c:4158
 msgid "Mintty could not detach from caller, starting anyway"
 msgstr ""
 "Mintty не может отключит�� от вызывающего метода, запу�к в любом �лучае"
 
-#: winmain.c:3792
+#: winmain.c:4396
 msgid "Using default title due to invalid characters in program name"
 msgstr ""
 "И�пользование заголовка по умолчанию из-за недопу�тимых �имволов в имени "
@@ -1120,34 +1170,34 @@ msgstr ""
 msgid "â–¶"
 msgstr ""
 
-#. __ Options - Text: font properties information ("leading" ("ledding"): add. row spacing)
-#: wintext.c:139
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
 msgid "Leading: %d, Bold: %s, Underline: %s"
-msgstr ""
+msgstr "Интервал:%d жирный:%s андер�кор:%s"
 
 #. __ Options - Text: font properties: value taken from font
-#: wintext.c:141
+#: wintext.c:143
 msgid "font"
-msgstr ""
+msgstr "шрифт"
 
 #. __ Options - Text: font properties: value affected by option
-#: wintext.c:143
+#: wintext.c:145
 msgid "manual"
-msgstr ""
+msgstr "о�обый"
 
-#: wintext.c:387
+#: wintext.c:400
 msgid "Font not found, using system substitute"
 msgstr "Шрифт не найден, и�пользу� �и�тему замены"
 
-#: wintext.c:394
+#: wintext.c:407
 msgid "Font has limited support for character ranges"
 msgstr "Шрифт имеет ограниченную поддержку диапазонов �имволов"
 
-#: wintext.c:500
+#: wintext.c:512
 msgid "Font installation corrupt, using system substitute"
 msgstr "У�тановка шрифта прервана, и�пользу� �и�тему замены"
 
-#: wintext.c:513
+#: wintext.c:525
 msgid "Font does not support system locale"
 msgstr "Шрифт не поддерживает �зык �и�темы"
 
diff --git a/msys2/usr/share/mintty/lang/zh_CN.po b/msys2/usr/share/mintty/lang/zh_CN.po
index 05eaa87b0..70ee0f81c 100644
--- a/msys2/usr/share/mintty/lang/zh_CN.po
+++ b/msys2/usr/share/mintty/lang/zh_CN.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: mintty\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-04-11 10:29+0200\n"
+"POT-Creation-Date: 2019-03-28 18:43+0100\n"
 "PO-Revision-Date: 2017-10-23 17:09+0800\n"
 "Last-Translator: Gore Liu <goreliu@126.com>\n"
 "Language-Team: \n"
@@ -18,78 +18,78 @@ msgstr ""
 "X-Generator: Poedit 2.0.3\n"
 "Plural-Forms: nplurals=1; plural=0;\n"
 
-#: charset.c:213 charset.c:224 winmain.c:3270 winmain.c:3333
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "(Default)"
 msgstr "(默认)"
 
-#: charset.c:235
+#: charset.c:253
 msgid "(OEM codepage)"
 msgstr "(OEM 代�页)"
 
-#: charset.c:239
+#: charset.c:257
 msgid "(ANSI codepage)"
 msgstr "(ANSI 代�页)"
 
-#: child.c:78
+#: child.c:82
 msgid "There are no available terminals"
 msgstr "没有�用的终端"
 
-#: child.c:153
+#: child.c:157
 msgid "Error: Could not open log file"
 msgstr "错误：无法打开日志文件"
 
-#: child.c:225
+#: child.c:229
 msgid "Error: Could not fork child process"
 msgstr "错误：无法创建�进程"
 
-#: child.c:227
+#: child.c:231
 msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
 msgstr "�能需� DLL 地��定�，�行该命令查看 'rebaseall / rebase --help'"
 
 #. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
-#: child.c:305
+#: child.c:309
 msgid "Failed to run '%s': %s"
 msgstr "�行 '%s' 失败：%s"
 
 #. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
-#: child.c:422
+#: child.c:426
 msgid "%s: Exit %i"
 msgstr "%s：退出 %i"
 
 #. __ default inline notification if ExitWrite=yes
-#: child.c:429
+#: child.c:433
 msgid "TERMINATED"
 msgstr "已终止"
 
-#: child.c:836
+#: child.c:984
 msgid "Error: Could not fork child daemon"
 msgstr "错误：无法创建�进程"
 
 #. __ %s: unknown option name
-#: config.c:552
+#: config.c:603
 msgid "Ignoring unknown option '%s'"
 msgstr "忽略未知选项 '%s'"
 
-#: config.c:597 config.c:626
+#: config.c:648 config.c:677
 msgid "Internal error: too many options"
 msgstr "内部错误：过多选项"
 
-#: config.c:613
+#: config.c:664
 msgid "Internal error: too many options/comments"
 msgstr "内部错误：过多选项/注释"
 
 #. __ %2$s: option name, %1$s: invalid value
-#: config.c:748
+#: config.c:810
 msgid "Ignoring invalid value '%s' for option '%s'"
 msgstr "忽略 '%s' 无效值，属于该选项 '%s'"
 
 #. __ %s: option name
-#: config.c:759
+#: config.c:822
 msgid "Ignoring option '%s' with missing value"
 msgstr "忽略 '%s' 选项因为缺失值"
 
 #. __ %1$s: config file name, %2$s: error message
-#: config.c:1362
+#: config.c:1443
 msgid ""
 "Could not save options to '%s':\n"
 "%s."
@@ -97,162 +97,162 @@ msgstr ""
 "�能将选项�存到 '%s'：\n"
 "%s。"
 
-#: config.c:1679
+#: config.c:1762
 msgid "â—‡ None (printing disabled) â—‡"
 msgstr "◇ 无 (�用打�) ◇"
 
-#: config.c:1681
+#: config.c:1764
 msgid "â—† Default printer â—†"
 msgstr "◆ 默认打�机 ◆"
 
 #. __ UI language
-#: config.c:1790
+#: config.c:1873
 msgid "– None –"
 msgstr "– 无 –"
 
-#: config.c:1791
+#: config.c:1874
 msgid "@ Windows language @"
 msgstr "@ Windows 语言 @"
 
-#: config.c:1792
+#: config.c:1875
 msgid "* Locale environm. *"
 msgstr "* Locale 环境�� *"
 
-#: config.c:1793
+#: config.c:1876
 msgid "= cfg. Text Locale ="
 msgstr "= 已�置的 Locale ="
 
-#: config.c:1856
+#: config.c:1939
 msgid "simple beep"
 msgstr "简�的嘟声"
 
-#: config.c:1857
+#: config.c:1940
 msgid "no beep"
 msgstr "无�示音"
 
-#: config.c:1858
+#: config.c:1941
 msgid "Default Beep"
 msgstr "默认的嘟声"
 
-#: config.c:1859
+#: config.c:1942
 msgid "Critical Stop"
 msgstr "错误�示音"
 
-#: config.c:1860
+#: config.c:1943
 msgid "Question"
 msgstr "疑问�示音"
 
-#: config.c:1861
+#: config.c:1944
 msgid "Exclamation"
 msgstr "惊��示音"
 
-#: config.c:1862
+#: config.c:1945
 msgid "Asterisk"
 msgstr "星��示音"
 
-#: config.c:1905
+#: config.c:1988
 msgid "â—‡ None (system sound) â—‡"
 msgstr "◇ 无 (系统声音) ◇"
 
 #. __ terminal theme / colour scheme
-#: config.c:2036
+#: config.c:2119
 msgid "â—‡ None â—‡"
 msgstr "â—‡ æ—  â—‡"
 
 #. __ indicator of unsaved downloaded colour scheme
-#: config.c:2039
+#: config.c:2122
 msgid "downloaded / give me a name!"
 msgstr "已下载 / 给我起��"
 
-#: config.c:2128
+#: config.c:2211
 msgid "Could not load web theme"
 msgstr "�能加载网络主题"
 
-#: config.c:2177
+#: config.c:2260
 msgid "Cannot write theme file"
 msgstr "无法写入主题文件"
 
-#: config.c:2182
+#: config.c:2265
 msgid "Cannot store theme file"
 msgstr "无法储存主题文件"
 
 #. __ Dialog button - show About text
-#: config.c:2542
+#: config.c:2641
 msgid "About..."
 msgstr "关于..."
 
 #. __ Dialog button - save changes
-#: config.c:2545
+#: config.c:2644
 msgid "Save"
 msgstr "�存"
 
 #. __ Dialog button - cancel
-#: config.c:2549 winctrls.c:1143 windialog.c:782
+#: config.c:2648 winctrls.c:1143 windialog.c:782
 msgid "Cancel"
 msgstr "�消"
 
 #. __ Dialog button - apply changes
-#: config.c:2553
+#: config.c:2652
 msgid "Apply"
 msgstr "应用"
 
 #. __ Dialog button - take notice
-#: config.c:2557 windialog.c:779
+#: config.c:2656 windialog.c:779
 msgid "I see"
 msgstr "我了解了"
 
 #. __ Dialog button - confirm action
-#: config.c:2559 winctrls.c:1142 windialog.c:781
+#: config.c:2658 winctrls.c:1142 windialog.c:781
 msgid "OK"
 msgstr "确定"
 
 #. __ Options - Looks: treeview label
-#: config.c:2566 config.c:2597 config.c:2638
+#: config.c:2665 config.c:2696 config.c:2737
 msgid "Looks"
 msgstr "外观"
 
 #. __ Options - Looks: panel title
-#: config.c:2568
+#: config.c:2667
 msgid "Looks in Terminal"
 msgstr "终端外观"
 
 #. __ Options - Looks: section title
-#: config.c:2570
+#: config.c:2669
 msgid "Colours"
 msgstr "颜色"
 
 #. __ Options - Looks:
-#: config.c:2574
+#: config.c:2673
 msgid "&Foreground..."
 msgstr "�景(&F)..."
 
 #. __ Options - Looks:
-#: config.c:2578
+#: config.c:2677
 msgid "&Background..."
 msgstr "背景(&B)..."
 
 #. __ Options - Looks:
-#: config.c:2582
+#: config.c:2681
 msgid "&Cursor..."
 msgstr "光标(&C)..."
 
 #. __ Options - Looks:
-#: config.c:2586
+#: config.c:2685
 msgid "&Theme"
 msgstr "主题(&T)"
 
 #. __ Options - Looks: name of web service
-#: config.c:2591
+#: config.c:2690
 msgid "Color Scheme Designer"
 msgstr "颜色样�设计工具"
 
 #. __ Options - Looks: store colour scheme
-#: config.c:2594 winctrls.c:381
+#: config.c:2693 winctrls.c:381
 msgid "Store"
 msgstr "�存"
 
 #. __ Options - Looks: section title
-#: config.c:2599
+#: config.c:2698
 msgid "Transparency"
 msgstr "�明度"
 
@@ -260,447 +260,457 @@ msgstr "�明度"
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2605 config.c:2815 config.c:2899 config.c:2956
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
 msgid "&Off"
 msgstr "å…³(&O)"
 
 #. __ Options - Looks: transparency
-#: config.c:2607
+#: config.c:2706
 msgid "&Low"
 msgstr "低(&L)"
 
 #. __ Options - Looks: transparency, short form of radio button label "Medium"
-#: config.c:2609
+#: config.c:2708
 msgid "&Med."
 msgstr "中(&M)"
 
 #. __ Options - Looks: transparency
-#: config.c:2611
+#: config.c:2710
 msgid "&Medium"
 msgstr "中间(&M)"
 
 #. __ Options - Looks: transparency
-#: config.c:2613
+#: config.c:2712
 msgid "&High"
 msgstr "高(&H)"
 
 #. __ Options - Looks: transparency
-#: config.c:2615
+#: config.c:2714
 msgid "Gla&ss"
 msgstr "玻璃"
 
 #. __ Options - Looks: transparency
-#: config.c:2622 config.c:2633
+#: config.c:2721 config.c:2732
 msgid "Opa&que when focused"
 msgstr "获得焦点��为��明(&Q)"
 
 #. __ Options - Looks: transparency
-#: config.c:2627
+#: config.c:2726
 msgid "Blu&r"
 msgstr "模糊(&R)"
 
 #. __ Options - Looks: section title
-#: config.c:2640
+#: config.c:2739
 msgid "Cursor"
 msgstr "光标"
 
 #. __ Options - Looks: cursor type
-#: config.c:2645
+#: config.c:2744
 msgid "Li&ne"
 msgstr "竖线"
 
 #. __ Options - Looks: cursor type
-#: config.c:2647
+#: config.c:2746
 msgid "Bloc&k"
 msgstr "方�"
 
 #. __ Options - Looks: cursor type
-#: config.c:2649
+#: config.c:2748
 msgid "&Underscore"
 msgstr "下划线"
 
 #. __ Options - Looks: cursor feature
-#: config.c:2654
+#: config.c:2753
 msgid "Blinkin&g"
 msgstr "闪�(&G)"
 
 #. __ Options - Text: treeview label
-#: config.c:2661 config.c:2683 config.c:2701 config.c:2735
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
 msgid "Text"
 msgstr "文本"
 
 #. __ Options - Text: panel title
-#: config.c:2663
+#: config.c:2762
 msgid "Text and Font properties"
 msgstr "文本和字体属性"
 
 #. __ Options - Text: section title
-#: config.c:2665
+#: config.c:2764
 msgid "Font"
 msgstr "字体"
 
 #. __ Options - Text:
 #. __ Font chooser:
-#: config.c:2673 winctrls.c:1153
+#: config.c:2772 winctrls.c:1153
 msgid "Font st&yle:"
 msgstr "字体样�(&Y)"
 
 #. __ Font chooser:
-#: config.c:2678 winctrls.c:1155
+#: config.c:2777 winctrls.c:1155
 msgid "&Size:"
 msgstr "大�(&S)"
 
 #. __ Options - Text:
-#: config.c:2687 config.c:2720
+#: config.c:2786 config.c:2819
 msgid "Sho&w bold as font"
 msgstr "显示粗字体字形(&W)"
 
 #. __ Options - Text:
-#: config.c:2692 config.c:2725
+#: config.c:2791 config.c:2824
 msgid "Show &bold as colour"
 msgstr "显示粗字体颜色(&B)"
 
 #. __ Options - Text:
-#: config.c:2705
+#: config.c:2804
 msgid "Font smoothing"
 msgstr "字体平滑"
 
 #. __ Options - Text:
-#: config.c:2708
+#: config.c:2807 config.c:2951 config.c:2984
 msgid "&Default"
 msgstr "默认(&D)"
 
 #. __ Options - Text:
 #. __ Options - Window: scrollbar
-#: config.c:2710 config.c:2940
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
 msgid "&None"
 msgstr "æ— (&N)"
 
 #. __ Options - Text:
-#: config.c:2712
+#: config.c:2811 config.c:2950 config.c:2983
 msgid "&Partial"
 msgstr "部分(&P)"
 
 #. __ Options - Text:
-#: config.c:2714
+#: config.c:2813 config.c:2952 config.c:2985
 msgid "&Full"
 msgstr "全部(&F)"
 
 #. __ Options - Text:
-#: config.c:2730
+#: config.c:2829
 msgid "&Allow blinking"
 msgstr "�许闪�(&A)"
 
-#: config.c:2738
+#: config.c:2837
 msgid "&Locale"
 msgstr "本地 &Locale"
 
-#: config.c:2741
+#: config.c:2840
 msgid "&Character set"
 msgstr "字符集(&C)"
 
 #. __ Options - Keys: treeview label
-#: config.c:2748 config.c:2768 config.c:2802
+#: config.c:2847 config.c:2867 config.c:2901
 msgid "Keys"
 msgstr "按键"
 
 #. __ Options - Keys: panel title
-#: config.c:2750
+#: config.c:2849
 msgid "Keyboard features"
 msgstr "键盘特性"
 
 #. __ Options - Keys:
-#: config.c:2754
+#: config.c:2853
 msgid "&Backarrow sends ^H"
 msgstr "退格键�� ^H (&B)"
 
 #. __ Options - Keys:
-#: config.c:2759
+#: config.c:2858
 msgid "&Delete sends DEL"
 msgstr "删除键�� DEL (&D)"
 
 #. __ Options - Keys:
-#: config.c:2764
+#: config.c:2863
 msgid "Ctrl+LeftAlt is Alt&Gr"
 msgstr "将 Ctrl+左Alt 设置为 Alt&Gr"
 
 #. __ Options - Keys: section title
-#: config.c:2770
+#: config.c:2869
 msgid "Shortcuts"
 msgstr "快�键"
 
 #. __ Options - Keys:
-#: config.c:2773
+#: config.c:2872
 msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
 msgstr "�制和粘贴(&Y) (Ctrl/Shift+Ins)"
 
 #. __ Options - Keys:
-#: config.c:2778
+#: config.c:2877
 msgid "&Menu and Full Screen (Alt+Space/Enter)"
 msgstr "显示��和全�(&M) (Alt+Space/Enter)"
 
 #. __ Options - Keys:
-#: config.c:2783
+#: config.c:2882
 msgid "&Switch window (Ctrl+[Shift+]Tab)"
 msgstr "切�窗�(&S) (Ctrl+[Shift+]Tab)"
 
 #. __ Options - Keys:
-#: config.c:2788
+#: config.c:2887
 msgid "&Zoom (Ctrl+plus/minus/zero)"
 msgstr "缩放(&Z) (Ctrl+ +/-/0)"
 
 #. __ Options - Keys:
-#: config.c:2793
+#: config.c:2892
 msgid "&Alt+Fn shortcuts"
 msgstr "Alt+Fn 快�键(&A)"
 
 #. __ Options - Keys:
-#: config.c:2798
+#: config.c:2897
 msgid "&Ctrl+Shift+letter shortcuts"
 msgstr "Ctrl+Shift+字�快�键(&C)"
 
 #. __ Options - Keys: section title
-#: config.c:2804
+#: config.c:2903
 msgid "Compose key"
 msgstr "组�按键"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2809 config.c:2893 config.c:2950
+#: config.c:2908 config.c:3046 config.c:3105
 msgid "&Shift"
 msgstr "&Shift"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2811 config.c:2895 config.c:2952
+#: config.c:2910 config.c:3048 config.c:3107
 msgid "&Ctrl"
 msgstr "&Ctrl"
 
 #. __ Options - Keys:
 #. __ Options - Mouse:
 #. __ Options - Window:
-#: config.c:2813 config.c:2897 config.c:2954
+#: config.c:2912 config.c:3050 config.c:3109
 msgid "&Alt"
 msgstr "&Alt"
 
 #. __ Options - Mouse: treeview label
-#: config.c:2823 config.c:2843 config.c:2875
+#: config.c:2922 config.c:2996 config.c:3028
 msgid "Mouse"
 msgstr "é¼ æ ‡"
 
 #. __ Options - Mouse: panel title
-#: config.c:2825
+#: config.c:2924
 msgid "Mouse functions"
 msgstr "鼠标功能"
 
 #. __ Options - Mouse:
-#: config.c:2829
+#: config.c:2929 config.c:2957 config.c:2968
 msgid "Cop&y on select"
 msgstr "选择时�制(&Y)"
 
 #. __ Options - Mouse:
-#: config.c:2834
+#: config.c:2934 config.c:2962 config.c:2973
 msgid "Copy as &rich text"
 msgstr "以富文本�制(&R)"
 
 #. __ Options - Mouse:
-#: config.c:2839
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr "�制HTML"
+
+#. __ Options - Mouse:
+#: config.c:2992
 msgid "Clic&ks place command line cursor"
 msgstr "用鼠标点击�定�光标(&K)"
 
 #. __ Options - Mouse: section title
-#: config.c:2845
+#: config.c:2998
 msgid "Click actions"
 msgstr "�击动作"
 
 #. __ Options - Mouse:
-#: config.c:2848
+#: config.c:3001
 msgid "Right mouse button"
 msgstr "鼠标�键按钮"
 
 #. __ Options - Mouse:
-#: config.c:2851 config.c:2865
+#: config.c:3004 config.c:3018
 msgid "&Paste"
 msgstr "粘贴(&P)"
 
 #. __ Options - Mouse:
-#: config.c:2853 config.c:2867
+#: config.c:3006 config.c:3020
 msgid "E&xtend"
 msgstr "扩展(&E)"
 
 #. __ Options - Mouse:
-#: config.c:2855
+#: config.c:3008
 msgid "&Menu"
 msgstr "��(&M)"
 
 #. __ Options - Mouse:
-#: config.c:2857 config.c:2871
+#: config.c:3010 config.c:3024
 msgid "Ente&r"
 msgstr "回车(&E)"
 
 #. __ Options - Mouse:
-#: config.c:2862
+#: config.c:3015
 msgid "Middle mouse button"
 msgstr "鼠标中键"
 
 #. __ Options - Mouse:
-#: config.c:2869
+#: config.c:3022
 msgid "&Nothing"
 msgstr "æ— (&N)"
 
 #. __ Options - Mouse: section title
-#: config.c:2877
+#: config.c:3030
 msgid "Application mouse mode"
 msgstr "应用程�鼠标模�"
 
 #. __ Options - Mouse:
-#: config.c:2880
+#: config.c:3033
 msgid "Default click target"
 msgstr "默认点击目标"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2883
+#: config.c:3036
 msgid "&Window"
 msgstr "窗�(&W)"
 
 #. __ Options - Mouse: application mouse mode click target
-#: config.c:2885
+#: config.c:3038
 msgid "&Application"
 msgstr "应用程�(&A)"
 
 #. __ Options - Mouse:
-#: config.c:2890
+#: config.c:3043
 msgid "Modifier for overriding default"
 msgstr "覆盖默认�置的修饰键"
 
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr ""
+
 #. __ Options - Window: treeview label
-#: config.c:2907 config.c:2926 config.c:2965
+#: config.c:3062 config.c:3081 config.c:3122
 msgid "Window"
 msgstr "窗�"
 
 #. __ Options - Window: panel title
-#: config.c:2909
+#: config.c:3064
 msgid "Window properties"
 msgstr "窗�属性"
 
 #. __ Options - Window: section title
-#: config.c:2911
+#: config.c:3066
 msgid "Default size"
 msgstr "默认大�"
 
 #. __ Options - Window:
-#: config.c:2915
+#: config.c:3070
 msgid "Colu&mns"
 msgstr "列数"
 
 #. __ Options - Window:
-#: config.c:2919
+#: config.c:3074
 msgid "Ro&ws"
 msgstr "行数"
 
 #. __ Options - Window:
-#: config.c:2923
+#: config.c:3078
 msgid "C&urrent size"
 msgstr "当�大�(&U)"
 
 #. __ Options - Window:
-#: config.c:2930
+#: config.c:3085
 msgid "Scroll&back lines"
 msgstr "�存历�行数"
 
 #. __ Options - Window:
-#: config.c:2935
+#: config.c:3090
 msgid "Scrollbar"
 msgstr "滚动�"
 
 #. __ Options - Window: scrollbar
-#: config.c:2938
+#: config.c:3093
 msgid "&Left"
 msgstr "å·¦(&L)"
 
 #. __ Options - Window: scrollbar
-#: config.c:2942
+#: config.c:3097
 msgid "&Right"
 msgstr "�(&R)"
 
 #. __ Options - Window:
-#: config.c:2947
+#: config.c:3102
 msgid "Modifier for scrolling"
 msgstr "用于滚动的修饰键"
 
 #. __ Options - Window:
-#: config.c:2961
+#: config.c:3118
 msgid "&PgUp and PgDn scroll without modifier"
 msgstr "�使�按修饰键，也用 PgUp 和 PgDn 滚动"
 
 #. __ Options - Window: section title
-#: config.c:2967
+#: config.c:3124
 msgid "UI language"
 msgstr "界�语言"
 
 #. __ Options - Terminal: treeview label
-#: config.c:2977 config.c:2990 config.c:3051 config.c:3065
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
 msgid "Terminal"
 msgstr "终端"
 
 #. __ Options - Terminal: panel title
-#: config.c:2979
+#: config.c:3136
 msgid "Terminal features"
 msgstr "终端特性"
 
 #. __ Options - Terminal:
-#: config.c:2983
+#: config.c:3140
 msgid "&Type"
 msgstr "终端类型(&T)"
 
 #. __ Options - Terminal:
-#: config.c:2987
+#: config.c:3144
 msgid "&Answerback"
 msgstr "应答(&A)"
 
 #. __ Options - Terminal: section title
-#: config.c:2992
+#: config.c:3149
 msgid "Bell"
 msgstr "�铃"
 
 #. __ Options - Terminal: bell
-#: config.c:2999
+#: config.c:3156
 msgid "â–º &Play"
 msgstr "► 播放(&P)"
 
 #. __ Options - Terminal: bell
-#: config.c:3005
+#: config.c:3162
 msgid "&Wave"
 msgstr "声音"
 
 #. __ Options - Terminal: bell
-#: config.c:3027 config.c:3040
+#: config.c:3184 config.c:3197
 msgid "&Flash"
 msgstr "闪�(&F)"
 
 #. __ Options - Terminal: bell
-#: config.c:3029 config.c:3044
+#: config.c:3186 config.c:3201
 msgid "&Highlight in taskbar"
 msgstr "任务�高亮(&H)"
 
 #. __ Options - Terminal: bell
-#: config.c:3031 config.c:3048
+#: config.c:3188 config.c:3205
 msgid "&Popup"
 msgstr "弹出(&P)"
 
 #. __ Options - Terminal: section title
-#: config.c:3053
+#: config.c:3210
 msgid "Printer"
 msgstr "打�机"
 
 #. __ Options - Terminal:
-#: config.c:3068
+#: config.c:3225
 msgid "Prompt about running processes on &close"
 msgstr "退出时�示还在�行的进程(&C)"
 
-#: textprint.c:37 textprint.c:101
+#: textprint.c:37 textprint.c:115
 msgid "[Printing...] "
 msgstr "[打�中...] "
 
@@ -828,176 +838,216 @@ msgstr "100"
 msgid "Error"
 msgstr "错误"
 
-#. __ Context menu, session switcher ("virtual tabs")
-#: wininput.c:153
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
 msgid "Session switcher"
 msgstr "会�切�器"
 
-#. __ Context menu, session launcher ("virtual tabs")
-#: wininput.c:254
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
 msgid "Session launcher"
 msgstr "会��动器"
 
-#: wininput.c:357 wininput.c:363
+#: wininput.c:401 wininput.c:407
 msgid "Ctrl+"
 msgstr "Ctrl+"
 
-#: wininput.c:358 wininput.c:364
+#: wininput.c:402 wininput.c:408
 msgid "Alt+"
 msgstr "Alt+"
 
-#: wininput.c:359 wininput.c:365
+#: wininput.c:403 wininput.c:409
 msgid "Shift+"
 msgstr "Shift+"
 
 #. __ System menu:
-#: wininput.c:390
+#: wininput.c:434
 msgid "&Restore"
 msgstr "��(&R)"
 
 #. __ System menu:
-#: wininput.c:392
+#: wininput.c:436
 msgid "&Move"
 msgstr "移动(&M)"
 
 #. __ System menu:
-#: wininput.c:394
+#: wininput.c:438
 msgid "&Size"
 msgstr "大�(&S)"
 
 #. __ System menu:
-#: wininput.c:396
+#: wininput.c:440
 msgid "Mi&nimize"
 msgstr "最�化(&N)"
 
 #. __ System menu:
-#: wininput.c:398
+#: wininput.c:442
 msgid "Ma&ximize"
 msgstr "最大化(&X)"
 
 #. __ System menu:
-#: wininput.c:400
+#: wininput.c:444
 msgid "&Close"
 msgstr "关闭(&C)"
 
 #. __ System menu:
-#: wininput.c:405
+#: wininput.c:449
 msgid "Ne&w"
 msgstr "新建(&W)"
 
 #. __ Context menu:
-#: wininput.c:412
+#: wininput.c:456
 msgid "&Copy"
 msgstr "�制(&C)"
 
 #. __ Context menu:
-#: wininput.c:422
+#: wininput.c:473
 msgid "&Paste "
 msgstr "粘贴(&P) "
 
 #. __ Context menu:
-#: wininput.c:427
+#: wininput.c:478
 msgid "Copy → Paste"
 msgstr "�制 → 粘贴"
 
 #. __ Context menu:
-#: wininput.c:432
+#: wininput.c:483
 msgid "S&earch"
 msgstr "�索(&E)"
 
 #. __ Context menu:
-#: wininput.c:439
+#: wininput.c:490
 msgid "&Log to File"
 msgstr "写入到日志文件(&L)"
 
 #. __ Context menu:
-#: wininput.c:445
+#: wininput.c:496
 msgid "Character &Info"
 msgstr "字符详情(&I)"
 
 #. __ Context menu:
-#: wininput.c:450
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr "VT200 键盘"
+
+#. __ Context menu:
+#: wininput.c:507
 msgid "&Reset"
 msgstr "�置(&R)"
 
 #. __ Context menu:
-#: wininput.c:458
+#: wininput.c:515
 msgid "&Default Size"
 msgstr "默认大�(&D)"
 
 #. __ Context menu:
-#: wininput.c:464
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr "滚动�"
+
+#. __ Context menu:
+#: wininput.c:531
 msgid "&Full Screen"
 msgstr "全�(&F)"
 
 #. __ Context menu:
-#: wininput.c:470
+#: wininput.c:537
 msgid "Flip &Screen"
 msgstr "翻转�幕(&S)"
 
 #. __ System menu:
-#: wininput.c:480 wininput.c:559
+#: wininput.c:547 wininput.c:697
 msgid "Copy &Title"
 msgstr "�制标题(&T)"
 
 #. __ System menu:
 #. __ Context menu:
 #. __ System menu:
-#: wininput.c:482 wininput.c:547 wininput.c:561
+#: wininput.c:549 wininput.c:681 wininput.c:699
 msgid "&Options..."
 msgstr "选项(&O)..."
 
-#. __ Context menu, user commands
-#: wininput.c:493
-msgid "User commands"
-msgstr "用户命令"
-
 #. __ Context menu:
-#: wininput.c:510
+#: wininput.c:624
 msgid "Ope&n"
 msgstr "打开(&O)"
 
 #. __ Context menu:
-#: wininput.c:518
+#: wininput.c:629
+msgid "Copy as text"
+msgstr "�制text"
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr "�制RTF"
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr "�制HTML text"
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr "�制HTML"
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr "�制HTML全部"
+
+#. __ Context menu:
+#: wininput.c:644
 msgid "Select &All"
 msgstr "全选(&A)"
 
-#. __ Context menu:
-#: wininput.c:528
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr "HTML �幕转储"
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
 msgid "Clear Scrollback"
 msgstr "清除滚动历�"
 
-#. __ Context menu:
-#: wininput.c:537
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
 msgid "Send Break"
 msgstr "�� Break"
 
-#: winmain.c:1778
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr "用户命令"
+
+#: winmain.c:2065
 msgid "Processes are running in session:"
 msgstr "在当�会��行的进程："
 
-#: winmain.c:1779
+#: winmain.c:2066
 msgid "Close anyway?"
 msgstr "一定�关闭？"
 
-#: winmain.c:2479
+#: winmain.c:2184
 msgid "Try '--help' for more information"
 msgstr "使用 --help �数�行查看更多信�"
 
-#: winmain.c:2487
+#: winmain.c:2192
 msgid "Could not load icon"
 msgstr "无法加载图标"
 
-#: winmain.c:3109
+#: winmain.c:3598
 msgid "Usage:"
 msgstr "用法："
 
-#: winmain.c:3110
+#: winmain.c:3599
 msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
 msgstr "[选项]... [ 程�� [�数]... | - ]"
 
 #. __ help text (output of -H / --help), after initial line ("synopsis")
-#: winmain.c:3113
+#: winmain.c:3602
 msgid ""
 "Start a new terminal session running the specified program or the user's "
 "shell.\n"
@@ -1055,39 +1105,39 @@ msgstr ""
 "  -V, --version         打�版本信�然�退出\n"
 "请查阅 man 手册了解更多命令行选项和�置相关帮助内容。\n"
 
-#: winmain.c:3270 winmain.c:3333
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
 msgid "WSL distribution '%s' not found"
 msgstr "找�到 '%s' WSL �行版"
 
-#: winmain.c:3361
+#: winmain.c:3904
 msgid "Duplicate option '%s'"
 msgstr "��选项 '%s'"
 
-#: winmain.c:3369
+#: winmain.c:3912
 msgid "Unknown option '%s'"
 msgstr "未知选项 '%s'"
 
-#: winmain.c:3371
+#: winmain.c:3914
 msgid "Option '%s' requires an argument"
 msgstr "' %s' 选项需�一个�数"
 
-#: winmain.c:3398
+#: winmain.c:3941
 msgid "Syntax error in position argument '%s'"
 msgstr "position 选项的�数 '%s' 有语法错误"
 
-#: winmain.c:3409
+#: winmain.c:3952
 msgid "Syntax error in size argument '%s'"
 msgstr "size 选项的�数 '%s' 有语法错误"
 
-#: winmain.c:3533
+#: winmain.c:4083
 msgid "Syntax error in geometry argument '%s'"
 msgstr "geometry 选项的�数 '%s' 有语法错误"
 
-#: winmain.c:3607
+#: winmain.c:4158
 msgid "Mintty could not detach from caller, starting anyway"
 msgstr "Mintty �能从调用者分离，但还是�动"
 
-#: winmain.c:3792
+#: winmain.c:4396
 msgid "Using default title due to invalid characters in program name"
 msgstr "使用默认标题�文字，因为程��中有无效字符"
 
@@ -1106,34 +1156,34 @@ msgstr "â—€"
 msgid "â–¶"
 msgstr "â–¶"
 
-#. __ Options - Text: font properties information ("leading" ("ledding"): add. row spacing)
-#: wintext.c:139
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
 msgid "Leading: %d, Bold: %s, Underline: %s"
 msgstr "行间�：%d，粗体：%s，下划线：%s"
 
 #. __ Options - Text: font properties: value taken from font
-#: wintext.c:141
+#: wintext.c:143
 msgid "font"
 msgstr "字体"
 
 #. __ Options - Text: font properties: value affected by option
-#: wintext.c:143
+#: wintext.c:145
 msgid "manual"
 msgstr "手动"
 
-#: wintext.c:387
+#: wintext.c:400
 msgid "Font not found, using system substitute"
 msgstr "找�到字体，使用系统字体替代"
 
-#: wintext.c:394
+#: wintext.c:407
 msgid "Font has limited support for character ranges"
 msgstr "字体对字符范围支�有�"
 
-#: wintext.c:500
+#: wintext.c:512
 msgid "Font installation corrupt, using system substitute"
 msgstr "字体安装错误，使用系统字体替代"
 
-#: wintext.c:513
+#: wintext.c:525
 msgid "Font does not support system locale"
 msgstr "字体�支�系统语言环境"
 
diff --git a/msys2/usr/share/mintty/lang/zh_TW.po b/msys2/usr/share/mintty/lang/zh_TW.po
new file mode 100644
index 000000000..53f9e36fa
--- /dev/null
+++ b/msys2/usr/share/mintty/lang/zh_TW.po
@@ -0,0 +1,1202 @@
+# Traditional Chinese translations for mintty package
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the mintty package.
+# lcy0321 <u900011@gmail.com>, 2018.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: mintty\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-03-28 18:43+0100\n"
+"PO-Revision-Date: 2018-11-12 19:40+0800\n"
+"Last-Translator: lcy0321 <u900011@gmail.com>\n"
+"Language-Team: \n"
+"Language: zh_TW\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: charset.c:231 charset.c:242 winmain.c:3758 winmain.c:3869 winmain.c:3876
+msgid "(Default)"
+msgstr "（�設）"
+
+#: charset.c:253
+msgid "(OEM codepage)"
+msgstr "（OEM codepage）"
+
+#: charset.c:257
+msgid "(ANSI codepage)"
+msgstr "（ANSI codepage）"
+
+#: child.c:82
+msgid "There are no available terminals"
+msgstr "沒有�用的終端機"
+
+#: child.c:157
+msgid "Error: Could not open log file"
+msgstr "錯誤：無法開啟紀錄檔案"
+
+#: child.c:229
+msgid "Error: Could not fork child process"
+msgstr "錯誤：無法建立�程�"
+
+#: child.c:231
+msgid "DLL rebasing may be required; see 'rebaseall / rebase --help'"
+msgstr "�能需�進行 DLL �定�；見「rebaseall / rebase --help�"
+
+#. __ %1$s: client command (e.g. shell) to be run; %2$s: error message
+#: child.c:309
+msgid "Failed to run '%s': %s"
+msgstr "無法執行「%s�：%s"
+
+#. __ %1$s: client command (e.g. shell) terminated, %2$i: exit code
+#: child.c:426
+msgid "%s: Exit %i"
+msgstr "%s：Exit %i"
+
+#. __ default inline notification if ExitWrite=yes
+#: child.c:433
+msgid "TERMINATED"
+msgstr "已終止"
+
+#: child.c:984
+msgid "Error: Could not fork child daemon"
+msgstr "錯誤：無法建立�背景程�"
+
+#. __ %s: unknown option name
+#: config.c:603
+msgid "Ignoring unknown option '%s'"
+msgstr "忽略未知�項「%s�"
+
+#: config.c:648 config.c:677
+msgid "Internal error: too many options"
+msgstr "內部錯誤：�項�多"
+
+#: config.c:664
+msgid "Internal error: too many options/comments"
+msgstr "內部錯誤：�項�註解�多"
+
+#. __ %2$s: option name, %1$s: invalid value
+#: config.c:810
+msgid "Ignoring invalid value '%s' for option '%s'"
+msgstr "忽略無效值「%s�（「%s��項）"
+
+#. __ %s: option name
+#: config.c:822
+msgid "Ignoring option '%s' with missing value"
+msgstr "忽略「%s��項（��值）"
+
+#. __ %1$s: config file name, %2$s: error message
+#: config.c:1443
+msgid ""
+"Could not save options to '%s':\n"
+"%s."
+msgstr ""
+"無法儲存�項至「%s�：\n"
+"%s。"
+
+#: config.c:1762
+msgid "â—‡ None (printing disabled) â—‡"
+msgstr "◇ 無（�用列�） ◇"
+
+#: config.c:1764
+msgid "â—† Default printer â—†"
+msgstr "◆ �設�表機 ◆"
+
+#. __ UI language
+#: config.c:1873
+msgid "– None –"
+msgstr "– 無 –"
+
+#: config.c:1874
+msgid "@ Windows language @"
+msgstr "@ Windows 語言 @"
+
+#: config.c:1875
+msgid "* Locale environm. *"
+msgstr "* Locale 環境變數 *"
+
+#: config.c:1876
+msgid "= cfg. Text Locale ="
+msgstr "= 已設定的語言 ="
+
+#: config.c:1939
+msgid "simple beep"
+msgstr "簡單的嗶�"
+
+#: config.c:1940
+msgid "no beep"
+msgstr "無嗶�"
+
+#: config.c:1941
+msgid "Default Beep"
+msgstr "�設嗶�"
+
+#: config.c:1942
+msgid "Critical Stop"
+msgstr "緊急�止"
+
+#: config.c:1943
+msgid "Question"
+msgstr "�題"
+
+#: config.c:1944
+msgid "Exclamation"
+msgstr "驚嘆�"
+
+#: config.c:1945
+msgid "Asterisk"
+msgstr "星號"
+
+#: config.c:1988
+msgid "â—‡ None (system sound) â—‡"
+msgstr "◇ 無（系統音效） ◇"
+
+#. __ terminal theme / colour scheme
+#: config.c:2119
+msgid "â—‡ None â—‡"
+msgstr "â—‡ ç„¡ â—‡"
+
+#. __ indicator of unsaved downloaded colour scheme
+#: config.c:2122
+msgid "downloaded / give me a name!"
+msgstr "已下載�給我個�字�"
+
+#: config.c:2211
+msgid "Could not load web theme"
+msgstr "無法載入網路主題"
+
+#: config.c:2260
+msgid "Cannot write theme file"
+msgstr "無法寫入主題檔案"
+
+#: config.c:2265
+msgid "Cannot store theme file"
+msgstr "無法儲存主題檔案"
+
+#. __ Dialog button - show About text
+#: config.c:2641
+msgid "About..."
+msgstr "關於..."
+
+#. __ Dialog button - save changes
+#: config.c:2644
+msgid "Save"
+msgstr "儲存"
+
+#. __ Dialog button - cancel
+#: config.c:2648 winctrls.c:1143 windialog.c:782
+msgid "Cancel"
+msgstr "�消"
+
+#. __ Dialog button - apply changes
+#: config.c:2652
+msgid "Apply"
+msgstr "套用"
+
+#. __ Dialog button - take notice
+#: config.c:2656 windialog.c:779
+msgid "I see"
+msgstr "了解"
+
+#. __ Dialog button - confirm action
+#: config.c:2658 winctrls.c:1142 windialog.c:781
+msgid "OK"
+msgstr "確�"
+
+#. __ Options - Looks: treeview label
+#: config.c:2665 config.c:2696 config.c:2737
+msgid "Looks"
+msgstr "外觀"
+
+#. __ Options - Looks: panel title
+#: config.c:2667
+msgid "Looks in Terminal"
+msgstr "終端機外觀"
+
+#. __ Options - Looks: section title
+#: config.c:2669
+msgid "Colours"
+msgstr "色彩"
+
+#. __ Options - Looks:
+#: config.c:2673
+msgid "&Foreground..."
+msgstr "�景(&F)"
+
+#. __ Options - Looks:
+#: config.c:2677
+msgid "&Background..."
+msgstr "背景(&B)"
+
+#. __ Options - Looks:
+#: config.c:2681
+msgid "&Cursor..."
+msgstr "色彩(&C)"
+
+#. __ Options - Looks:
+#: config.c:2685
+msgid "&Theme"
+msgstr "主題(&T)"
+
+#. __ Options - Looks: name of web service
+#: config.c:2690
+msgid "Color Scheme Designer"
+msgstr "色彩樣�設計工具"
+
+#. __ Options - Looks: store colour scheme
+#: config.c:2693 winctrls.c:381
+msgid "Store"
+msgstr "�存"
+
+#. __ Options - Looks: section title
+#: config.c:2698
+msgid "Transparency"
+msgstr "�明度"
+
+#. __ Options - Looks: transparency
+#. __ Options - Keys:
+#. __ Options - Mouse:
+#. __ Options - Window:
+#: config.c:2704 config.c:2914 config.c:3054 config.c:3113
+msgid "&Off"
+msgstr "關(&O)"
+
+#. __ Options - Looks: transparency
+#: config.c:2706
+msgid "&Low"
+msgstr "低(&L)"
+
+#. __ Options - Looks: transparency, short form of radio button label "Medium"
+#: config.c:2708
+msgid "&Med."
+msgstr "中(&M)"
+
+#. __ Options - Looks: transparency
+#: config.c:2710
+msgid "&Medium"
+msgstr "中(&M)"
+
+#. __ Options - Looks: transparency
+#: config.c:2712
+msgid "&High"
+msgstr "高(&H)"
+
+#. __ Options - Looks: transparency
+#: config.c:2714
+msgid "Gla&ss"
+msgstr "玻璃(&S)"
+
+#. __ Options - Looks: transparency
+#: config.c:2721 config.c:2732
+msgid "Opa&que when focused"
+msgstr "使用中��明(&Q)"
+
+#. __ Options - Looks: transparency
+#: config.c:2726
+msgid "Blu&r"
+msgstr "模糊(&R)"
+
+#. __ Options - Looks: section title
+#: config.c:2739
+msgid "Cursor"
+msgstr "游標"
+
+#. __ Options - Looks: cursor type
+#: config.c:2744
+msgid "Li&ne"
+msgstr "豎線(&N)"
+
+#. __ Options - Looks: cursor type
+#: config.c:2746
+msgid "Bloc&k"
+msgstr "方塊(K)"
+
+#. __ Options - Looks: cursor type
+#: config.c:2748
+msgid "&Underscore"
+msgstr "下劃線(&U)"
+
+#. __ Options - Looks: cursor feature
+#: config.c:2753
+msgid "Blinkin&g"
+msgstr "閃�(&G)"
+
+#. __ Options - Text: treeview label
+#: config.c:2760 config.c:2782 config.c:2800 config.c:2834
+msgid "Text"
+msgstr "文字"
+
+#. __ Options - Text: panel title
+#: config.c:2762
+msgid "Text and Font properties"
+msgstr "文字與字型屬性"
+
+#. __ Options - Text: section title
+#: config.c:2764
+msgid "Font"
+msgstr "å­—åž‹"
+
+#. __ Options - Text:
+#. __ Font chooser:
+#: config.c:2772 winctrls.c:1153
+msgid "Font st&yle:"
+msgstr "字型樣�(&Y)"
+
+#. __ Font chooser:
+#: config.c:2777 winctrls.c:1155
+msgid "&Size:"
+msgstr "大�(&S)："
+
+#. __ Options - Text:
+#: config.c:2786 config.c:2819
+msgid "Sho&w bold as font"
+msgstr "以字型顯示粗體字(&W)"
+
+#. __ Options - Text:
+#: config.c:2791 config.c:2824
+msgid "Show &bold as colour"
+msgstr "以�色顯示粗體字(&B)"
+
+#. __ Options - Text:
+#: config.c:2804
+msgid "Font smoothing"
+msgstr "字體平滑"
+
+#. __ Options - Text:
+#: config.c:2807 config.c:2951 config.c:2984
+msgid "&Default"
+msgstr "�設(&D)"
+
+#. __ Options - Text:
+#. __ Options - Window: scrollbar
+#: config.c:2809 config.c:2949 config.c:2982 config.c:3095
+msgid "&None"
+msgstr "ç„¡(&N)"
+
+#. __ Options - Text:
+#: config.c:2811 config.c:2950 config.c:2983
+msgid "&Partial"
+msgstr "部分(&P)"
+
+#. __ Options - Text:
+#: config.c:2813 config.c:2952 config.c:2985
+msgid "&Full"
+msgstr "完整(&F)"
+
+#. __ Options - Text:
+#: config.c:2829
+msgid "&Allow blinking"
+msgstr "�許閃�(&A)"
+
+#: config.c:2837
+msgid "&Locale"
+msgstr "語言(&L)"
+
+#: config.c:2840
+msgid "&Character set"
+msgstr "字元集(C)"
+
+#. __ Options - Keys: treeview label
+#: config.c:2847 config.c:2867 config.c:2901
+msgid "Keys"
+msgstr "按�"
+
+#. __ Options - Keys: panel title
+#: config.c:2849
+msgid "Keyboard features"
+msgstr "�盤功能"
+
+#. __ Options - Keys:
+#: config.c:2853
+msgid "&Backarrow sends ^H"
+msgstr "後退�傳�^H(&B)"
+
+#. __ Options - Keys:
+#: config.c:2858
+msgid "&Delete sends DEL"
+msgstr "刪除�傳�DEL(&D)"
+
+#. __ Options - Keys:
+#: config.c:2863
+msgid "Ctrl+LeftAlt is Alt&Gr"
+msgstr "Ctrl+左Alt為AltGr(&G)"
+
+#. __ Options - Keys: section title
+#: config.c:2869
+msgid "Shortcuts"
+msgstr "快��"
+
+#. __ Options - Keys:
+#: config.c:2872
+msgid "Cop&y and Paste (Ctrl/Shift+Ins)"
+msgstr "複製與貼上（Ctrl/Shift+Ins）(&Y)"
+
+#. __ Options - Keys:
+#: config.c:2877
+msgid "&Menu and Full Screen (Alt+Space/Enter)"
+msgstr "�單與全螢幕（Alt+Space/Enter）(&M)"
+
+#. __ Options - Keys:
+#: config.c:2882
+msgid "&Switch window (Ctrl+[Shift+]Tab)"
+msgstr "切�視窗（Ctrl+[Shift+]Tab）(&S)"
+
+#. __ Options - Keys:
+#: config.c:2887
+msgid "&Zoom (Ctrl+plus/minus/zero)"
+msgstr "縮放（Ctrl+plus/minus/zero）(&Z)"
+
+#. __ Options - Keys:
+#: config.c:2892
+msgid "&Alt+Fn shortcuts"
+msgstr "Alt+Fn 快��(&A)"
+
+#. __ Options - Keys:
+#: config.c:2897
+msgid "&Ctrl+Shift+letter shortcuts"
+msgstr "Ctrl+Shift+字� 快��(&C)"
+
+#. __ Options - Keys: section title
+#: config.c:2903
+msgid "Compose key"
+msgstr "組��"
+
+#. __ Options - Keys:
+#. __ Options - Mouse:
+#. __ Options - Window:
+#: config.c:2908 config.c:3046 config.c:3105
+msgid "&Shift"
+msgstr "&Shift"
+
+#. __ Options - Keys:
+#. __ Options - Mouse:
+#. __ Options - Window:
+#: config.c:2910 config.c:3048 config.c:3107
+msgid "&Ctrl"
+msgstr "&Ctrl"
+
+#. __ Options - Keys:
+#. __ Options - Mouse:
+#. __ Options - Window:
+#: config.c:2912 config.c:3050 config.c:3109
+msgid "&Alt"
+msgstr "&Alt"
+
+#. __ Options - Mouse: treeview label
+#: config.c:2922 config.c:2996 config.c:3028
+msgid "Mouse"
+msgstr "滑鼠"
+
+#. __ Options - Mouse: panel title
+#: config.c:2924
+msgid "Mouse functions"
+msgstr "滑鼠功能"
+
+#. __ Options - Mouse:
+#: config.c:2929 config.c:2957 config.c:2968
+msgid "Cop&y on select"
+msgstr "�擇時複製(&Y)"
+
+#. __ Options - Mouse:
+#: config.c:2934 config.c:2962 config.c:2973
+msgid "Copy as &rich text"
+msgstr "以格�化文字複製(&R)"
+
+#. __ Options - Mouse:
+#: config.c:2940 config.c:2947 config.c:2980
+msgid "Copy as &HTML"
+msgstr "複製&HTML"
+
+#. __ Options - Mouse:
+#: config.c:2992
+msgid "Clic&ks place command line cursor"
+msgstr "點擊定�游標(&K)"
+
+#. __ Options - Mouse: section title
+#: config.c:2998
+msgid "Click actions"
+msgstr "點擊動作"
+
+#. __ Options - Mouse:
+#: config.c:3001
+msgid "Right mouse button"
+msgstr "滑鼠��"
+
+#. __ Options - Mouse:
+#: config.c:3004 config.c:3018
+msgid "&Paste"
+msgstr "貼上(&P)"
+
+#. __ Options - Mouse:
+#: config.c:3006 config.c:3020
+msgid "E&xtend"
+msgstr "擴展(&X)"
+
+#. __ Options - Mouse:
+#: config.c:3008
+msgid "&Menu"
+msgstr "�單(&M)"
+
+#. __ Options - Mouse:
+#: config.c:3010 config.c:3024
+msgid "Ente&r"
+msgstr "Ente&r"
+
+#. __ Options - Mouse:
+#: config.c:3015
+msgid "Middle mouse button"
+msgstr "滑鼠中�"
+
+#. __ Options - Mouse:
+#: config.c:3022
+msgid "&Nothing"
+msgstr "ç„¡(&N)"
+
+#. __ Options - Mouse: section title
+#: config.c:3030
+msgid "Application mouse mode"
+msgstr "應用程�滑鼠模�"
+
+#. __ Options - Mouse:
+#: config.c:3033
+msgid "Default click target"
+msgstr "�設點擊目標"
+
+#. __ Options - Mouse: application mouse mode click target
+#: config.c:3036
+msgid "&Window"
+msgstr "視窗(&W)"
+
+#. __ Options - Mouse: application mouse mode click target
+#: config.c:3038
+msgid "&Application"
+msgstr "應用程�(&A)"
+
+#. __ Options - Mouse:
+#: config.c:3043
+msgid "Modifier for overriding default"
+msgstr "覆蓋�設設定的修飾�"
+
+#. __ Options - Window:
+#: config.c:3052 config.c:3111
+msgid "&Win"
+msgstr ""
+
+#. __ Options - Window: treeview label
+#: config.c:3062 config.c:3081 config.c:3122
+msgid "Window"
+msgstr "視窗"
+
+#. __ Options - Window: panel title
+#: config.c:3064
+msgid "Window properties"
+msgstr "視窗屬性"
+
+#. __ Options - Window: section title
+#: config.c:3066
+msgid "Default size"
+msgstr "�設大�"
+
+#. __ Options - Window:
+#: config.c:3070
+msgid "Colu&mns"
+msgstr "欄(&M)"
+
+#. __ Options - Window:
+#: config.c:3074
+msgid "Ro&ws"
+msgstr "列(&W)"
+
+#. __ Options - Window:
+#: config.c:3078
+msgid "C&urrent size"
+msgstr "目�大�(&U)"
+
+#. __ Options - Window:
+#: config.c:3085
+msgid "Scroll&back lines"
+msgstr "螢幕緩��行數(&B)"
+
+#. __ Options - Window:
+#: config.c:3090
+msgid "Scrollbar"
+msgstr "�軸"
+
+#. __ Options - Window: scrollbar
+#: config.c:3093
+msgid "&Left"
+msgstr "å·¦(&L)"
+
+#. __ Options - Window: scrollbar
+#: config.c:3097
+msgid "&Right"
+msgstr "�(&R)"
+
+#. __ Options - Window:
+#: config.c:3102
+msgid "Modifier for scrolling"
+msgstr "滾動的修飾�"
+
+#. __ Options - Window:
+#: config.c:3118
+msgid "&PgUp and PgDn scroll without modifier"
+msgstr "PgUp 與 PgDn 滾動�需修飾�(&P)"
+
+#. __ Options - Window: section title
+#: config.c:3124
+msgid "UI language"
+msgstr "介�語言"
+
+#. __ Options - Terminal: treeview label
+#: config.c:3134 config.c:3147 config.c:3208 config.c:3222
+msgid "Terminal"
+msgstr "終端機"
+
+#. __ Options - Terminal: panel title
+#: config.c:3136
+msgid "Terminal features"
+msgstr "終端機功能"
+
+#. __ Options - Terminal:
+#: config.c:3140
+msgid "&Type"
+msgstr "é¡žåž‹(&T)"
+
+#. __ Options - Terminal:
+#: config.c:3144
+msgid "&Answerback"
+msgstr "&Answerback"
+
+#. __ Options - Terminal: section title
+#: config.c:3149
+msgid "Bell"
+msgstr "�示音"
+
+#. __ Options - Terminal: bell
+#: config.c:3156
+msgid "â–º &Play"
+msgstr "► 播放(&P)"
+
+#. __ Options - Terminal: bell
+#: config.c:3162
+msgid "&Wave"
+msgstr "�音(&W)"
+
+#. __ Options - Terminal: bell
+#: config.c:3184 config.c:3197
+msgid "&Flash"
+msgstr "閃�(&F)"
+
+#. __ Options - Terminal: bell
+#: config.c:3186 config.c:3201
+msgid "&Highlight in taskbar"
+msgstr "於工作列醒目�示(&H)"
+
+#. __ Options - Terminal: bell
+#: config.c:3188 config.c:3205
+msgid "&Popup"
+msgstr "彈出視窗(&P)"
+
+#. __ Options - Terminal: section title
+#: config.c:3210
+msgid "Printer"
+msgstr "�表機"
+
+#. __ Options - Terminal:
+#: config.c:3225
+msgid "Prompt about running processes on &close"
+msgstr "離開時�示執行中的程�(&C)"
+
+#: textprint.c:37 textprint.c:115
+msgid "[Printing...] "
+msgstr "［列�中...］"
+
+#. __ Options - Text: font chooser activation button
+#: winctrls.c:812
+msgid "&Select..."
+msgstr "�擇(&S)..."
+
+#. __ Font chooser: title bar label
+#: winctrls.c:1147
+msgid "Font "
+msgstr "å­—åž‹"
+
+#. __ Font chooser: button
+#: winctrls.c:1149
+msgid "&Apply"
+msgstr "套用(&A)"
+
+#. __ Font chooser:
+#: winctrls.c:1151
+msgid "&Font:"
+msgstr "字型(&F)："
+
+#. __ Font chooser:
+#: winctrls.c:1157
+msgid "Sample"
+msgstr "範例"
+
+#. __ Font chooser: text sample ("AaBbYyZz" by default)
+#: winctrls.c:1161 winctrls.c:1399 winctrls.c:1564
+msgid "Ferqœm’4€"
+msgstr "ABC abc 文字"
+
+#. __ Font chooser: this field is only shown with FontMenu=1
+#: winctrls.c:1178
+msgid "Sc&ript:"
+msgstr "字符集(&R)"
+
+#. __ Font chooser: this field is only shown with FontMenu=1
+#: winctrls.c:1180
+msgid "<A>Show more fonts</A>"
+msgstr "<A>顯示更多字型</A>"
+
+#. __ Colour chooser: title bar label
+#: winctrls.c:1185
+msgid "Colour "
+msgstr "色彩"
+
+#. __ Colour chooser:
+#: winctrls.c:1198 winctrls.c:1210
+msgid "B&asic colours:"
+msgstr "基本色彩(&A)"
+
+#. __ Colour chooser:
+#: winctrls.c:1217
+msgid "&Custom colours:"
+msgstr "自訂色彩(&C)"
+
+#. __ Colour chooser:
+#: winctrls.c:1224
+msgid "De&fine Custom Colours >>"
+msgstr "定義自訂色彩(&F) >>"
+
+#. __ Colour chooser:
+#: winctrls.c:1227
+msgid "Colour"
+msgstr "色彩"
+
+#. __ Colour chooser:
+#: winctrls.c:1229
+msgid "|S&olid"
+msgstr "|原色(&O)"
+
+#. __ Colour chooser:
+#: winctrls.c:1231
+msgid "&Hue:"
+msgstr "色調(&H):"
+
+#. __ Colour chooser:
+#: winctrls.c:1234
+msgid "&Sat:"
+msgstr "濃度(&S):"
+
+#. __ Colour chooser:
+#: winctrls.c:1236
+msgid "&Lum:"
+msgstr "亮度(&L):"
+
+#. __ Colour chooser:
+#: winctrls.c:1238
+msgid "&Red:"
+msgstr "ç´…(&R):"
+
+#. __ Colour chooser:
+#: winctrls.c:1240
+msgid "&Green:"
+msgstr "綠(&G):"
+
+#. __ Colour chooser:
+#: winctrls.c:1242
+msgid "&Blue:"
+msgstr "è—�(&B):"
+
+#. __ Colour chooser:
+#: winctrls.c:1245
+msgid "A&dd to Custom Colours"
+msgstr "新增自訂色彩(&D)"
+
+#. __ Options: dialog title
+#: windialog.c:243 windialog.c:729
+msgid "Options"
+msgstr "�項"
+
+#. __ Options: dialog title: "mintty <release> available (for download)"
+#: windialog.c:245
+msgid "available"
+msgstr "�用"
+
+#. __ Options: dialog width scale factor (80...200)
+#: windialog.c:676
+msgid "100"
+msgstr "115"
+
+#: windialog.c:811 windialog.c:836
+msgid "Error"
+msgstr "錯誤"
+
+#. __ Context menu, session switcher ("virtual tabs") menu label
+#: wininput.c:273
+msgid "Session switcher"
+msgstr "Session 切�器"
+
+#. __ Context menu, session launcher ("virtual tabs") menu label
+#: wininput.c:292
+msgid "Session launcher"
+msgstr "Session 啟動器"
+
+#: wininput.c:401 wininput.c:407
+msgid "Ctrl+"
+msgstr "Ctrl+"
+
+#: wininput.c:402 wininput.c:408
+msgid "Alt+"
+msgstr "Alt+"
+
+#: wininput.c:403 wininput.c:409
+msgid "Shift+"
+msgstr "Shift+"
+
+#. __ System menu:
+#: wininput.c:434
+msgid "&Restore"
+msgstr "還原(&R)"
+
+#. __ System menu:
+#: wininput.c:436
+msgid "&Move"
+msgstr "移動(&M)"
+
+#. __ System menu:
+#: wininput.c:438
+msgid "&Size"
+msgstr "大�(&S)"
+
+#. __ System menu:
+#: wininput.c:440
+msgid "Mi&nimize"
+msgstr "最�化(&N)"
+
+#. __ System menu:
+#: wininput.c:442
+msgid "Ma&ximize"
+msgstr "最大化(&X)"
+
+#. __ System menu:
+#: wininput.c:444
+msgid "&Close"
+msgstr "關閉(&C)"
+
+#. __ System menu:
+#: wininput.c:449
+msgid "Ne&w"
+msgstr "新增(&W)"
+
+#. __ Context menu:
+#: wininput.c:456
+msgid "&Copy"
+msgstr "複製(&C)"
+
+#. __ Context menu:
+#: wininput.c:473
+msgid "&Paste "
+msgstr "貼上(&P)"
+
+#. __ Context menu:
+#: wininput.c:478
+msgid "Copy → Paste"
+msgstr "複製 → 貼上"
+
+#. __ Context menu:
+#: wininput.c:483
+msgid "S&earch"
+msgstr "�尋(&E)"
+
+#. __ Context menu:
+#: wininput.c:490
+msgid "&Log to File"
+msgstr "記錄至檔案(&L)"
+
+#. __ Context menu:
+#: wininput.c:496
+msgid "Character &Info"
+msgstr "字元資訊(&I)"
+
+#. __ Context menu:
+#: wininput.c:502
+msgid "VT220 Keyboard"
+msgstr "VT220 �盤"
+
+#. __ Context menu:
+#: wininput.c:507
+msgid "&Reset"
+msgstr "�設(&R)"
+
+#. __ Context menu:
+#: wininput.c:515
+msgid "&Default Size"
+msgstr "�設大�(&D)"
+
+#. __ Context menu:
+#: wininput.c:525
+msgid "Scroll&bar"
+msgstr "�軸(&B)"
+
+#. __ Context menu:
+#: wininput.c:531
+msgid "&Full Screen"
+msgstr "全螢幕(&F)"
+
+#. __ Context menu:
+#: wininput.c:537
+msgid "Flip &Screen"
+msgstr "切�螢幕(&S)"
+
+#. __ System menu:
+#: wininput.c:547 wininput.c:697
+msgid "Copy &Title"
+msgstr "複製標題(&T)"
+
+#. __ System menu:
+#. __ Context menu:
+#. __ System menu:
+#: wininput.c:549 wininput.c:681 wininput.c:699
+msgid "&Options..."
+msgstr "�項(&O)..."
+
+#. __ Context menu:
+#: wininput.c:624
+msgid "Ope&n"
+msgstr "é–‹å•Ÿ(&N)"
+
+#. __ Context menu:
+#: wininput.c:629
+msgid "Copy as text"
+msgstr "複製text"
+
+#. __ Context menu:
+#: wininput.c:631
+msgid "Copy as RTF"
+msgstr "複製RTF"
+
+#. __ Context menu:
+#: wininput.c:633
+msgid "Copy as HTML text"
+msgstr "複製HTML text"
+
+#. __ Context menu:
+#: wininput.c:635
+msgid "Copy as HTML"
+msgstr "複製HTML"
+
+#. __ Context menu:
+#: wininput.c:637
+msgid "Copy as HTML full"
+msgstr "複製HTML完整"
+
+#. __ Context menu:
+#: wininput.c:644
+msgid "Select &All"
+msgstr "全�(&A)"
+
+#. __ Context menu: write terminal window contents as HTML file
+#: wininput.c:649
+msgid "HTML Screen Dump"
+msgstr "將螢幕內容存為 HTML"
+
+#. __ Context menu: clear scrollback buffer (lines scrolled off the window)
+#: wininput.c:657
+msgid "Clear Scrollback"
+msgstr "清除螢幕緩��"
+
+#. __ Context menu: generate a TTY BRK condition (tty line interrupt)
+#: wininput.c:667
+msgid "Send Break"
+msgstr "傳� Break"
+
+#. __ Context menu, user commands
+#: wininput.c:758
+msgid "User commands"
+msgstr "使用者指令"
+
+#: winmain.c:2065
+msgid "Processes are running in session:"
+msgstr "有程�正在執行於 Session："
+
+#: winmain.c:2066
+msgid "Close anyway?"
+msgstr "��關閉？"
+
+#: winmain.c:2184
+msgid "Try '--help' for more information"
+msgstr "嘗試「--help�以�得更多資訊"
+
+#: winmain.c:2192
+msgid "Could not load icon"
+msgstr "無法載入圖示"
+
+#: winmain.c:3598
+msgid "Usage:"
+msgstr "使用方�："
+
+#: winmain.c:3599
+msgid "[OPTION]... [ PROGRAM [ARG]... | - ]"
+msgstr "[OPTION]... [ PROGRAM [ARG]... | - ]"
+
+#. __ help text (output of -H / --help), after initial line ("synopsis")
+#: winmain.c:3602
+msgid ""
+"Start a new terminal session running the specified program or the user's "
+"shell.\n"
+"If a dash is given instead of a program, invoke the shell as a login shell.\n"
+"\n"
+"Options:\n"
+"  -c, --config FILE     Load specified config file (cf. -C or -o ThemeFile)\n"
+"  -e, --exec ...        Treat remaining arguments as the command to execute\n"
+"  -h, --hold never|start|error|always  Keep window open after command "
+"finishes\n"
+"  -p, --position X,Y    Open window at specified coordinates\n"
+"  -p, --position center|left|right|top|bottom  Open window at special "
+"position\n"
+"  -p, --position @N     Open window on monitor N\n"
+"  -s, --size COLS,ROWS  Set screen size in characters (also COLSxROWS)\n"
+"  -s, --size maxwidth|maxheight  Set max screen size in given dimension\n"
+"  -t, --title TITLE     Set window title (default: the invoked command) (cf. "
+"-T)\n"
+"  -w, --window normal|min|max|full|hide  Set initial window state\n"
+"  -i, --icon FILE[,IX]  Load window icon from file, optionally with index\n"
+"  -l, --log FILE|-      Log output to file or stdout\n"
+"      --nobidi|--nortl  Disable bidi (right-to-left support)\n"
+"  -o, --option OPT=VAL  Set/Override config file option with given value\n"
+"  -B, --Border frame|void  Use thin/no window border\n"
+"  -R, --Report s|o      Report window position (short/long) after exit\n"
+"      --nopin           Make this instance not pinnable to taskbar\n"
+"  -D, --daemon          Start new instance with Windows shortcut key\n"
+"  -H, --help            Display help and exit\n"
+"  -V, --version         Print version information and exit\n"
+"See manual page for further command line options and configuration.\n"
+msgstr ""
+"開啟一個用於執行指定程�或使用者 shell 的新終端機 session。\n"
+"如果指定的程�為 dash，將該 shell 呼�為一個 login shell。\n"
+"\n"
+"�項：\n"
+"    -c, --config FILE     載入指定的設定檔（�見 -C 或 -o ThemeFile）\n"
+"    -e, --exec ...        將剩餘�數作為命令執行\n"
+"    -h, --hold never|start|error|always  命令執行完後�關閉視窗\n"
+"    -p, --position X,Y    在指定座標開啟視窗\n"
+"    -p, --position center|left|right|top|bottom  在指定�置開啟視窗\n"
+"    -p, --position @N     於螢幕 N 開啟視窗\n"
+"    -s, --size COLS,ROWS  設定螢幕大�（也�用 COLSxROWS）\n"
+"    -s, --size maxwidth|maxheight  指定螢幕最大尺寸\n"
+"    -t, --title TITLE     設定視窗標題（�設：執行的命令）（�見 -T）\n"
+"    -w, --window normal|min|max|full|hide  設定�始的視窗狀態\n"
+"    -i, --icon FILE[,IX]  自檔案載入視窗圖示，�指定 index\n"
+"    -l, --log FILE|-      將記錄輸出至檔案或 stdout\n"
+"        --nobidi|--nortl  �用 bidi（由�至左的支�）\n"
+"    -o, --option OPT=VAL  以指定的�項設定�覆蓋設定檔中的�項\n"
+"    -B, --Border frame|void  使用窄�無邊框\n"
+"    -R, --Report s|o      離開�回報視窗�置（短｜長）\n"
+"        --nopin           令這個執行個體�能被釘�到工作列\n"
+"    -D, --daemon          以 Windows 快��啟動新的執行個體\n"
+"    -H, --help            顯示說明並離開\n"
+"    -V, --version         輸出版本資訊並離開\n"
+"�閱說明��以�得進一步的命令列�項與設定。\n"
+
+#: winmain.c:3758 winmain.c:3869 winmain.c:3876
+msgid "WSL distribution '%s' not found"
+msgstr "找�到 WSL 發行版 %s"
+
+#: winmain.c:3904
+msgid "Duplicate option '%s'"
+msgstr "�複的�項「%s�"
+
+#: winmain.c:3912
+msgid "Unknown option '%s'"
+msgstr "未知的�項「%s�"
+
+#: winmain.c:3914
+msgid "Option '%s' requires an argument"
+msgstr "�項「%s�需�一個�數"
+
+#: winmain.c:3941
+msgid "Syntax error in position argument '%s'"
+msgstr "Position �數「%s�有語法錯誤"
+
+#: winmain.c:3952
+msgid "Syntax error in size argument '%s'"
+msgstr "Size �數「%s�有語法錯誤"
+
+#: winmain.c:4083
+msgid "Syntax error in geometry argument '%s'"
+msgstr "Geometry �數「%s�有語法錯誤"
+
+#: winmain.c:4158
+msgid "Mintty could not detach from caller, starting anyway"
+msgstr "Mintty 無法自 caller 分離，�開始啟動"
+
+#: winmain.c:4396
+msgid "Using default title due to invalid characters in program name"
+msgstr "由於程��稱中有��法的字元，使用�設標題"
+
+#. __ label of search bar close button; not actually "localization"
+#: winsearch.c:241
+msgid "X"
+msgstr "X"
+
+#. __ label of search bar prev button; not actually "localization"
+#: winsearch.c:245
+msgid "â—€"
+msgstr "â—€"
+
+#. __ label of search bar next button; not actually "localization"
+#: winsearch.c:249
+msgid "â–¶"
+msgstr "â–¶"
+
+#. __ Options - Text: font properties information: "Leading": total line padding (see option RowSpacing), Bold/Underline modes (font or manual, see options BoldAsFont/UnderlineManual/UnderlineColour)
+#: wintext.c:141
+msgid "Leading: %d, Bold: %s, Underline: %s"
+msgstr "行�：%d，粗體：%s，底線：%s"
+
+#. __ Options - Text: font properties: value taken from font
+#: wintext.c:143
+msgid "font"
+msgstr "å­—åž‹"
+
+#. __ Options - Text: font properties: value affected by option
+#: wintext.c:145
+msgid "manual"
+msgstr "手動"
+
+#: wintext.c:400
+msgid "Font not found, using system substitute"
+msgstr "找�到字型，改用系統字型"
+
+#: wintext.c:407
+msgid "Font has limited support for character ranges"
+msgstr "字型僅支�部分字元範�"
+
+#: wintext.c:512
+msgid "Font installation corrupt, using system substitute"
+msgstr "字型安�錯誤，改用系統字型"
+
+#: wintext.c:525
+msgid "Font does not support system locale"
+msgstr "字型�支�系統語言"
+
+#: appinfo.h:61
+msgid "There is no warranty, to the extent permitted by law."
+msgstr "除法律�定外，�承擔任何責任"
+
+#. __ %s: WEBSITE (URL)
+#: appinfo.h:66
+msgid ""
+"Please report bugs or request enhancements through the issue tracker on the "
+"mintty project page located at\n"
+"%s.\n"
+"See also the Wiki there for further hints, thanks and credits."
+msgstr ""
+"請回報�題或功能改進至 mintty 專案��的�題追蹤系統：\n"
+"%s\n"
+"��閱 Wiki 以�得更多�示�致�與許�。"
diff --git a/msys2/usr/share/mintty/themes/dracula b/msys2/usr/share/mintty/themes/dracula
index 7abccce96..9b752aba4 100644
--- a/msys2/usr/share/mintty/themes/dracula
+++ b/msys2/usr/share/mintty/themes/dracula
@@ -4,7 +4,7 @@
 ForegroundColour=248,248,242
 BackgroundColour=40,42,54
 Black=0,0,0
-BoldBlack=40,42,53
+BoldBlack=104,104,104
 Red=255,85,85
 BoldRed=255,110,103
 Green=80,250,123
diff --git a/msys2/usr/share/mintty/themes/windows10 b/msys2/usr/share/mintty/themes/windows10
new file mode 100644
index 000000000..413d1b8d3
--- /dev/null
+++ b/msys2/usr/share/mintty/themes/windows10
@@ -0,0 +1,18 @@
+# https://blogs.msdn.microsoft.com/commandline/2017/08/02/updating-the-windows-console-colors/
+
+Black		= 12,12,12
+Blue		= 0,55,218
+Green		= 19,161,14
+Cyan		= 58,150,221
+Red		= 197,15,31
+Magenta		= 136,23,152
+Yellow		= 193,156,0
+White		= 204,204,204
+BoldBlack	= 118,118,118
+BoldBlue	= 59,120,255
+BoldGreen	= 22,198,12
+BoldCyan	= 97,214,214
+BoldRed		= 231,72,86
+BoldMagenta	= 180,0,158
+BoldYellow	= 249,241,165
+BoldWhite	= 242,242,242
diff --git a/msys2/usr/share/misc/magic b/msys2/usr/share/misc/magic
index d5e2d3fce..ee39f17c3 100644
--- a/msys2/usr/share/misc/magic
+++ b/msys2/usr/share/misc/magic
@@ -1,6 +1,6 @@
 
 #------------------------------------------------------------------------------
-# $File: acorn,v 1.6 2017/10/19 16:40:37 christos Exp $
+# $File: acorn,v 1.7 2019/04/19 00:42:27 christos Exp $
 # acorn:  file(1) magic for files found on Acorn systems
 #
 
@@ -83,7 +83,7 @@
 # compression mode y (0 - 4) for GIF LZW with a maximum n bits
 # (y~n,0~12,1~13,2~14,3~15,4~16)
 >>>5	ulelong+12 x	\b, LZW %u-bits compression
-# http://www.filebase.org.uk/filetypes
+# https://www.filebase.org.uk/filetypes
 # !Packdir compressed archive has three hexadecimal digits code 68E
 !:mime	application/x-acorn-68E
 !:ext	pkd/bin
@@ -115,7 +115,7 @@
 >18	lelong		^010		not stripped
 
 #------------------------------------------------------------------------------
-# $File: adventure,v 1.17 2017/07/03 16:03:40 christos Exp $
+# $File: adventure,v 1.18 2019/04/19 00:42:27 christos Exp $
 # adventure: file(1) magic for Adventure game files
 #
 # from Allen Garvin <earendil@faeryland.tamu-commerce.edu>
@@ -136,8 +136,8 @@
 # Updated by Adam Buchbinder <adam.buchbinder@gmail.com>
 #
 #http://www.gnelson.demon.co.uk/zspec/sect11.html
-#http://www.jczorkmid.net/~jpenney/ZSpec11-latest.txt
-#http://en.wikipedia.org/wiki/Z-machine
+#https://www.jczorkmid.net/~jpenney/ZSpec11-latest.txt
+#https://en.wikipedia.org/wiki/Z-machine
 # The first byte is the Z-machine revision; it is always between 1 and 8. We
 # had false matches (for instance, inbig5.ocp from the Omega TeX extension as
 # well as an occasional MP3 file), so we sanity-check the version number.
@@ -226,7 +226,7 @@
 # Danny Milosavljevic <danny.milo@gmx.net>
 # These are ADRIFT (adventure game standard) game files, extension .taf
 # Checked from source at (http://www.adrift.co/) and various taf files
-# found at the Interactive Fiction Archive (http://ifarchive.org/)
+# found at the Interactive Fiction Archive (https://ifarchive.org/)
 0	belong  0x3C423FC9
 >4	belong  0x6A87C2CF	Adrift game file version
 >>8	belong  0x94453661	3.80
@@ -237,18 +237,18 @@
 !:mime	application/x-adrift
 
 #------------------------------------------------------------------------------
-# $File: algol68,v 1.2 2016/10/17 14:17:48 christos Exp $
+# $File: algol68,v 1.3 2018/10/19 01:04:21 christos Exp $
 # algol68:  file(1) magic for Algol 68 source
 #
 0	search/8192	(input,			Algol 68 source text
 !:mime	text/x-Algol68
-0	regex		\^PROC			Algol 68 source text
+0	regex/1024	\^PROC			Algol 68 source text
 !:mime	text/x-Algol68
-0	regex           MODE[\t\ ]		Algol 68 source text
+0	regex/1024	\bMODE[\t\ ]		Algol 68 source text
 !:mime	text/x-Algol68
-0	regex          	REF[\t\ ]		Algol 68 source text
+0	regex/1024	\bREF[\t\ ]		Algol 68 source text
 !:mime	text/x-Algol68
-0	regex          	FLEX[\t\ ]\*\\[		Algol 68 source text
+0	regex/1024	\bFLEX[\t\ ]\*\\[	Algol 68 source text
 !:mime	text/x-Algol68
 #0	regex          	[\t\ ]OD		Algol 68 source text
 #!:mime	text/x-Algol68
@@ -295,7 +295,7 @@
 >>13	string	>\ 			DATE %s
 
 #------------------------------------------------------------------------------
-# $File: amigaos,v 1.16 2017/03/17 21:35:28 christos Exp $
+# $File: amigaos,v 1.17 2018/10/16 18:57:19 christos Exp $
 # amigaos:  file(1) magic for AmigaOS binary formats:
 
 #
@@ -362,8 +362,27 @@
 0	string 		.KEY		AmigaDOS script
 0	string 		.key		AmigaDOS script
 
+# AMOS Basic file formats
+# https://www.exotica.org.uk/wiki/AMOS_file_formats
+0	string		AMOS\040Basic\040 	AMOS Basic source code
+>11	byte		=0x56 			\b, tested
+>11	byte		=0x76 			\b, untested
+0 	string		AMOS\040Pro		AMOS Basic source code
+>11	byte		=0x56 			\b, tested
+>11	byte		=0x76 			\b, untested
+0	string		AmSp			AMOS Basic sprite bank
+>4	beshort		x			\b, %d sprites
+0	string		AmIc			AMOS Basic icon bank
+>4	beshort		x			\b, %d icons
+0	string		AmBk			AMOS Basic memory bank
+>4	beshort		x			\b, bank number %d
+>8	belong&0xFFFFFFF	x		\b, length %d
+>12	regex		.{8}			\b, type %s
+0	string		AmBs			AMOS Basic memory banks
+>4	beshort		x			\b, %d banks
+
 #------------------------------------------------------------
-# $File: android,v 1.10 2017/03/17 21:35:28 christos Exp $
+# $File: android,v 1.12 2019/04/19 00:42:27 christos Exp $
 # Various android related magic entries
 #------------------------------------------------------------
 
@@ -395,33 +414,68 @@
 
 # Android Backup archive
 # From: Ariel Shkedi
-# File extension: .ab
-# No mime-type defined
+# Update: Joerg Jenderek 
 # URL: https://github.com/android/platform_frameworks_base/blob/\
 # 0bacfd2ba68d21a68a3df345b830bc2a1e515b5a/services/java/com/\
 # android/server/BackupManagerService.java#L2367
+# Reference: https://sourceforge.net/projects/adbextractor/
+#            android-backup-extractor/perl/backupencrypt.pl 
+# Note:	only unix line feeds "\n" found
 # After the header comes a tar file
 # If compressed, the entire tar file is compressed with JAVA deflate
 #
 # Include the version number hardcoded with the magic string to avoid
 # false positives
-0	string/b	ANDROID\ BACKUP\n1\n	Android Backup
+0	string/b	ANDROID\ BACKUP\n	Android Backup
+# maybe look for some more characteristics like linefeed '\n' or version
+#>16	string		\n			
+# No mime-type defined offically
+!:mime	application/x-google-ab
+!:ext	ab
+# on 2nd line version (often 1, 2 on kitkat 4.4.3+, 4 on 7.1.2)
+>15	string		>\0			\b, version %s
+# "1" on 3rd line means compressed
 >17	string		0\n			\b, Not-Compressed
 >17	string		1\n			\b, Compressed
+# The 4th line is encryption "none" or "AES-256"
 # any string as long as it's not the word none (which is matched below)
+>19	string		none\n			\b, Not-Encrypted
+# look for backup content after line with encryption info
+#>>19	search/7	\n
+# data part after header for not encrypted Android Backup 
+#>>>&0	ubequad		x	\b, content 0x%16.16llx...
+# look for zlib compressed by ./compress after message with 1 space at end
+#>>>&0	indirect	x	\b; contains 
+# look for tar archive block by ./archive for package name manifest
+>>288	string		ustar	\b; contains
+>>>31	use	tar-file
+# look for zip/jar archive by ./archive ./zip after message with 1 space at end
+#>>2079	search/1025/s	PK\003\004	\b; contains 
+#>>>&0	indirect	x
+>19	string		!none			
 >>19    regex/1l	\^([^n\n]|n[^o]|no[^n]|non[^e]|none.+).*	\b, Encrypted (%s)
->>19	string		none\n			\b, Not-Encrypted
 # Commented out because they don't seem useful to print
 # (but they are part of the header - the tar file comes after them):
+# The 5th line is User Password Salt (128 Hex)
+# string length too high with standard src configuration
+#>>>&1		string	>\0	\b, PASSWORD salt: "%-128.128s"
 #>>>&1		regex/1l .*	\b, Password salt: %s
+# The 6th line is Master Key Checksum Salt (128 Hex)
 #>>>>&1		regex/1l .*	\b, Master salt: %s
+# The 7th line is Number of PBDKF2 Rounds (10000)
 #>>>>>&1	regex/1l .*	\b, PBKDF2 rounds: %s
+# The 8th line is User key Initialization Vector (IV) (32 Hex)
 #>>>>>>&1	regex/1l .*	\b, IV: %s
+#>>>>>>&1	regex/1l .*	\b, IV: %s
+# The 9th line is Master IV+Key+Checksum (192 Hex)
 #>>>>>>>&1	regex/1l .*	\b, Key: %s
+# look for new line separator char after line number 9
+#>>>0x204	ubyte	0x0a	NL found
+#>>>>&1		ubequad	x	\b, Content magic %16.16llx
 
 # *.pit files by Joerg Jenderek
-# http://forum.xda-developers.com/showthread.php?p=9122369
-# http://forum.xda-developers.com/showthread.php?t=816449
+# https://forum.xda-developers.com/showthread.php?p=9122369
+# https://forum.xda-developers.com/showthread.php?t=816449
 # Partition Information Table for Samsung's smartphone with Android
 # used by flash software Odin
 0		ulelong			0x12349876
@@ -508,7 +562,7 @@
 0	lelong	0x00080003	Android binary XML
 
 #------------------------------------------------------------------------------
-# $File: animation,v 1.66 2017/10/06 15:36:38 christos Exp $
+# $File: animation,v 1.71 2019/04/19 00:42:27 christos Exp $
 # animation:  file(1) magic for animation/movie formats
 #
 # animation formats
@@ -540,9 +594,9 @@
 !:mime	application/x-quicktime-player
 4	string/W	jP		JPEG 2000 image
 !:mime	image/jp2
-# http://www.ftyps.com/ with local additions
+# https://www.ftyps.com/ with local additions
 4	string		ftyp		ISO Media
-# http://aeroquartet.com/wordpress/2016/03/05/3-xavc-s/
+# https://aeroquartet.com/wordpress/2016/03/05/3-xavc-s/
 >8	string		XAVC		\b, MPEG v4 system, Sony XAVC Codec
 >>96	string		x		\b, Audio "%.4s"
 >>118	beshort		x		at %dHz
@@ -554,7 +608,7 @@
 >>11	byte		4		\b v4 (H.263/AMR GSM 6.10)
 >>11	byte		5		\b v5 (H.263/AMR GSM 6.10)
 >>11	byte		6		\b v6 (ITU H.264/AMR GSM 6.10)
-# http://www.3gpp2.org/Public_html/Specs/C.S0050-B_v1.0_070521.pdf
+# https://www.3gpp2.org/Public_html/Specs/C.S0050-B_v1.0_070521.pdf
 # Section 8.1.1, corresponds to a, b, c
 >>11	byte		0x61		\b C.S0050-0 V1.0
 >>11	byte		0x62		\b C.S0050-0-A V1.0.0
@@ -1363,6 +1417,7 @@
 # conti_count   4 bit	-
 0	belong&0xFF5FFF10	0x47400010
 >188	byte			0x47		MPEG transport stream data
+!:mime  video/MP2T
 
 # DIF digital video file format <mpruett@sgi.com>
 0	belong&0xffffff00	0x1f070000      DIF
@@ -1400,10 +1455,10 @@
 0	string/w	#VRML\ V2.0\ utf8	ISO/IEC 14772 VRML 97 file
 !:mime	model/vrml
 
-# X3D (Extensible 3D) [http://www.web3d.org/specifications/x3d-3.0.dtd]
+# X3D (Extensible 3D) [https://www.web3d.org/specifications/x3d-3.0.dtd]
 # From Michel Briand <michelbriand@free.fr>
 # mimetype from https://www.iana.org/assignments/media-types/model/x3d+xml
-# Example http://www.web3d.org/x3d/content/examples/Basic/course/CreateX3DFromStringRandomSpheres.x3d
+# Example https://www.web3d.org/x3d/content/examples/Basic/course/CreateX3DFromStringRandomSpheres.x3d
 0	string/w	\<?xml\ version=
 !:strength + 5
 >20	search/1000/w	\<!DOCTYPE\ X3D		X3D (Extensible 3D) model xml text
@@ -1475,7 +1530,7 @@
 
 # Type: Bink Video
 # Extension: .bik
-# URL:  http://wiki.multimedia.cx/index.php?title=Bink_Container
+# URL:  https://wiki.multimedia.cx/index.php?title=Bink_Container
 # From: <hoehle@users.sourceforge.net>  2008-07-18
 0	string		BIK	Bink Video
 >3	regex		=[a-z]	rev.%s
@@ -1496,61 +1551,61 @@
 #>>51	byte&0x10	!0	DCT
 
 # Type:	NUT Container
-# URL:	http://wiki.multimedia.cx/index.php?title=NUT
+# URL:	https://wiki.multimedia.cx/index.php?title=NUT
 # From:	Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string	nut/multimedia\ container\0	NUT multimedia container
 
 # Type: Nullsoft Video (NSV)
-# URL:  http://wiki.multimedia.cx/index.php?title=Nullsoft_Video
+# URL:  https://wiki.multimedia.cx/index.php?title=Nullsoft_Video
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	NSVf	Nullsoft Video
 
 # Type: REDCode Video
-# URL:  http://www.red.com/ ; http://wiki.multimedia.cx/index.php?title=REDCode
+# URL:  https://www.red.com/ ; https://wiki.multimedia.cx/index.php?title=REDCode
 # From: Mike Melanson <mike@multimedia.cx>
 4	string	RED1	REDCode Video
 
 # Type: MTV Multimedia File
-# URL:  http://wiki.multimedia.cx/index.php?title=MTV
+# URL:  https://wiki.multimedia.cx/index.php?title=MTV
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	AMVS	MTV Multimedia File
 
 # Type: ARMovie
-# URL:  http://wiki.multimedia.cx/index.php?title=ARMovie
+# URL:  https://wiki.multimedia.cx/index.php?title=ARMovie
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	ARMovie\012	ARMovie
 
 # Type: Interplay MVE Movie
-# URL:  http://wiki.multimedia.cx/index.php?title=Interplay_MVE
+# URL:  https://wiki.multimedia.cx/index.php?title=Interplay_MVE
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	Interplay\040MVE\040File\032	Interplay MVE Movie
 
 # Type: Windows Television DVR File
-# URL:  http://wiki.multimedia.cx/index.php?title=WTV
+# URL:  https://wiki.multimedia.cx/index.php?title=WTV
 # From: Mike Melanson <mike@mutlimedia.cx>
 # This takes the form of a Windows-style GUID
 0	bequad	0xB7D800203749DA11
 >8	bequad	0xA64E0007E95EAD8D	Windows Television DVR Media
 
 # Type: Sega FILM/CPK Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=Sega_FILM
+# URL:  https://wiki.multimedia.cx/index.php?title=Sega_FILM
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	FILM	Sega FILM/CPK Multimedia,
 >32	belong	x	%d x
 >28	belong	x	%d
 
 # Type: Nintendo THP Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=THP
+# URL:  https://wiki.multimedia.cx/index.php?title=THP
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	THP\0	Nintendo THP Multimedia
 
 # Type: BBC Dirac Video
-# URL:  http://wiki.multimedia.cx/index.php?title=Dirac
+# URL:  https://wiki.multimedia.cx/index.php?title=Dirac
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	BBCD	BBC Dirac Video
 
 # Type: RAD Game Tools Smacker Multimedia
-# URL:  http://wiki.multimedia.cx/index.php?title=Smacker
+# URL:  https://wiki.multimedia.cx/index.php?title=Smacker
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	SMK	RAD Game Tools Smacker Multimedia
 >3	byte	x	version %c,
@@ -1566,6 +1621,20 @@
 !:ext	mxf
 !:mime	application/mxf
 
+# Recognize LucasArts Smush video files (cf.
+# https://wiki.multimedia.cx/index.php/Smush)
+0	string	ANIM
+>8	string	AHDR	LucasArts Smush Animation Format (SAN) video
+0	string	SANM
+>8	string	SHDR	LucasArts Smush v2 (SANM) video
+
+# Type: Scaleform video
+# Extension: .usm
+# URL:  https://wiki.multimedia.cx/index.php/USM
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string	CRID
+>32	string	@UTF	Scaleform video
+
 #------------------------------------------------------------------------------
 # $File: aout,v 1.1 2013/01/09 22:37:23 christos Exp $
 # aout:  file(1) magic for a.out executable/object/etc entries that
@@ -1648,7 +1717,7 @@
 0	long		0100554		APL workspace (Ken's original?)
 
 #------------------------------------------------------------------------------
-# $File: apple,v 1.39 2018/03/02 15:26:39 christos Exp $
+# $File: apple,v 1.43 2019/04/19 00:42:27 christos Exp $
 # apple:  file(1) magic for Apple file formats
 #
 0	search/1/t	FiLeStArTfIlEsTaRt	binscii (apple ][) text
@@ -1659,22 +1728,97 @@
 0	belong		0x00051600		AppleSingle encoded Macintosh file
 0	belong		0x00051607		AppleDouble encoded Macintosh file
 
+# Type: Apple Emulator WOZ format
+# From: Greg Wildman <greg@apple2.org.za>
+# Ref: https://applesaucefdc.com/woz/reference/
+# Ref: https://applesaucefdc.com/woz/reference2/
+#
+# Note: The following test are mostly identical. I would rather not
+# use a regex to identify the WOZ format number.
+0	string		WOZ1
+>4	string		\xFF\x0A\x0D\x0A	Apple ][ WOZ 1.0 Disk Image
+>12	string		INFO
+>>21	byte		01			\b, 5.25 inch
+>>21	byte		02			\b, 3.5 inch
+>>22	byte		01			\b, write protected
+>>23	byte		01			\b, cross track synchronized
+>>25	string/T	x			\b, %.32s
+0	string		WOZ2
+>4	string		\xFF\x0A\x0D\x0A	Apple ][ WOZ 2.0 Disk Image
+>12	string		INFO
+>>21	byte		01			\b, 5.25 inch
+>>21	byte		02			\b, 3.5 inch
+>>22	byte		01			\b, write protected
+>>23	byte		01			\b, cross track synchronized
+>>25	string/T	x			\b, %.32s
+
+# Type: Apple Emulator disk images
+# From: Greg Wildman <greg@apple2.org.za>
+# ProDOS boot loader?
+0		string	\x01\x38\xB0\x03\x4C	Apple ProDOS Image
+# Detect Volume Directory block ($02)
+>0x400		string	\x00\x00\x03\x00
+>>0x404		byte	&0xF0
+>>>0x405	string	x			\b, Volume /%s
+>>>0x429	leshort	x			\b, %u Blocks
+# ProDOS ordered ?
+>0xb00		string	\x00\x00\x03\x00
+>>0xb04		byte	&0xF0
+>>>0xb05	string	x			\b, Volume /%s
+>>>0xb29	leshort	x			\b, %u Blocks
+#
+# DOS3.3 boot loader?
+0		string	\x01\xA5\x27\xC9\x09\xD0\x18\xA5\x2B
+>0x11001	string	\x11\x0F\x03	Apple DOS 3.3 Image
+>>0x11006	byte	x		\b, Volume %u
+>>0x11034	byte	x		\b, %u Tracks
+>>0x11035	byte	x		\b, %u Sectors
+>>0x11036	leshort	x		\b, %u bytes per sector
+# DOS3.2 ?
+>0x11001	string	\x11\x0C\x02	Apple DOS 3.2 Image
+>>0x11006	byte	x		\b, Volume %u
+>>0x11034	byte	x		\b, %u Tracks
+>>0x11035	byte	x		\b, %u Sectors
+>>0x11036	leshort	x		\b, %u bytes per sector
+# DOS3.1 ?
+>0x11001	string	\x11\x0C\x01
+>>0x11c00	string	\x00\x11\x0B	Apple DOS 3.1 Image
+#
+# Pascal boot loader?
+0		string	\x01\xE0\x60\xF0\x03\x4C\xE3\x08\xAD
+>0xd6		pstring SYSTEM.APPLE
+>>0xb00		leshort	0x0000
+>>>0xb04	leshort 0x0000		Apple Pascal Image
+>>>>0xb06	pstring x		\b, Volume %s:
+>>>>0xb0e	leshort x		\b, %u Blocks
+>>>>0xb10	leshort x		\b, %u Files
+
 # Type: Apple Emulator 2IMG format
 # From: Radek Vokal <rvokal@redhat.com>
-0	string		2IMG	Apple ][ 2IMG Disk Image
->4	string		XGS!	\b, XGS
->4	string		CTKG	\b, Catakig
->4	string		ShIm	\b, Sheppy's ImageMaker
->4	string		WOOF	\b, Sweet 16
->4	string		B2TR	\b, Bernie ][ the Rescue
->4	string		!nfc	\b, ASIMOV2
->4	string		x	\b, Unknown Format
->0xc	byte		00	\b, DOS 3.3 sector order
->>0x10	byte		00	\b, Volume 254
->>0x10	byte&0x7f	x	\b, Volume %u
->0xc	byte		01	\b, ProDOS sector order
->>0x14	short		x	\b, %u Blocks
->0xc	byte		02	\b, NIB data
+# Update: Greg Wildman <greg@apple2.org.za>
+0	string		2IMG		Apple ][ 2IMG Disk Image
+>4	clear		x
+>4	string		XGS!		\b, XGS
+>4	string		CTKG		\b, Catakig
+>4	string		ShIm		\b, Sheppy's ImageMaker
+>4	string		SHEP		\b, Sheppy's ImageMaker
+>4	string		WOOF		\b, Sweet 16
+>4	string		B2TR		\b, Bernie ][ the Rescue
+>4	string		\!nfc		\b, ASIMOV2
+>4	string		\>BD\<		\b, Brutal Deluxe's Cadius
+>4	string		CdrP		\b, CiderPress
+>4	string		Vi][		\b, Virtual ][
+>4	string		PRFS		\b, ProFUSE
+>4	string		FISH		\b, FishWings
+>4	string		RVLW		\b, Revival for Windows
+>4	default		x
+>>4	string		x		\b, Creator tag "%-4.4s"
+>0xc	byte		00		\b, DOS 3.3 sector order
+>>0x10	byte		00		\b, Volume 254
+>>0x10	byte&0x7f	x		\b, Volume %u
+>0xc	byte		01		\b, ProDOS sector order
+>>0x14	short		x		\b, %u Blocks
+>0xc	byte		02		\b, NIB data
 
 # magic for Newton PDA package formats
 # from Ruda Moura <ruda@helllabs.org>
@@ -1736,7 +1880,7 @@
 # http://home.earthlink.net/~hughhood/appleiiworksenvoy/
 # ('p' + 1-byte ProDOS File Type + 2-byte ProDOS Aux Type')
 # $70 $1A $F8 $FF is this the apple type ?
-#:apple pdospøÿ
+#:apple pdosp^Z\xf8\xff
 !:ext awp
 # minimum version needed to read this files. SFMinVers (0 , 30~3.0 )
 >>>183	ubyte		30	3.0
@@ -2002,7 +2146,7 @@
 >>6	ubeshort	x		\b, type 0x%x
 
 # URL: https://en.wikipedia.org/wiki/Apple_Partition_Map
-# Reference: http://opensource.apple.com/source/IOStorageFamily/IOStorageFamily-116/IOApplePartitionScheme.h
+# Reference: https://opensource.apple.com/source/IOStorageFamily/IOStorageFamily-116/IOApplePartitionScheme.h
 # Update: Joerg Jenderek
 # Yes, the 3rd and 4th bytes pmSigPad are reserved, but we use them to make the
 # magic stronger.
@@ -2044,8 +2188,8 @@
 # is the startup partition APPLE_PS_STARTUP
 >>88	ubelong	&0x80000000		\b, is the startup partition
 
-#http://wiki.mozilla.org/DS_Store_File_Format
-#http://en.wikipedia.org/wiki/.DS_Store
+#https://wiki.mozilla.org/DS_Store_File_Format
+#https://en.wikipedia.org/wiki/.DS_Store
 0	string	\0\0\0\1Bud1\0		Apple Desktop Services Store
 
 # HFS/HFS+ Resource fork files (andrew.roazen@nau.edu Apr 13 2015)
@@ -2168,7 +2312,7 @@
 >>5	ubyte	    	x		\b.%u, little-endian
 >>0	use		\^apt-cache-be
 #------------------------------------------------------------------------------
-# $File: archive,v 1.117 2018/03/17 02:11:04 christos Exp $
+# $File: archive,v 1.129 2019/05/09 18:58:02 christos Exp $
 # archive:  file(1) magic for archive formats (see also "msdos" for self-
 #           extracting compressed archives)
 #
@@ -2180,6 +2324,7 @@
 # Reference: https://www.freebsd.org/cgi/man.cgi?query=tar&sektion=5&manpath=FreeBSD+8-current
 # header mainly padded with nul bytes
 500	quad		0		
+!:strength /2
 # filename or extended attribute printable strings in range space null til umlaut ue
 >0	ubeshort	>0x1F00		
 >>0	ubeshort	<0xFCFD
@@ -2316,7 +2461,7 @@
 >>>257	string		>\0		\b, comment: %-.40s
 
 # Incremental snapshot gnu-tar format from:
-# http://www.gnu.org/software/tar/manual/html_node/Snapshot-Files.html
+# https://www.gnu.org/software/tar/manual/html_node/Snapshot-Files.html
 0	string		GNU\ tar-	GNU tar incremental snapshot data
 >&0	regex		[0-9]\.[0-9]+-[0-9]+	version %s
 
@@ -2394,21 +2539,48 @@
 # a portable archive whose first member has a name beginning with
 # "debian".
 #
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Deb_(file_format)
 0	string		=!<arch>\ndebian
->8	string		debian-split	part of multipart Debian package
+# https://manpages.debian.org/testing/dpkg/dpkg-split.1.en.html
+>14	string		-split	part of multipart Debian package
 !:mime	application/vnd.debian.binary-package
->8	string		debian-binary	Debian binary package
+# udeb is used for stripped down deb file
+!:ext	deb/udeb
+>14	string		-binary	Debian binary package
 !:mime	application/vnd.debian.binary-package
->8	string		!debian
+!:ext	deb/udeb
+# This should not happen
+>14	default		x	Unknown Debian package
+# NL terminated version; for most Debian cases this is 2.0 or 2.1 for splitted
 >68	string		>\0		(format %s)
-# These next two lines do not work, because a bzip2 Debian archive
-# still uses gzip for the control.tar (first in the archive).  Only
-# data.tar varies, and the location of its filename varies too.
-# file/libmagic does not current have support for ascii-string based
-# (offsets) as of 2005-09-15.
-#>81	string		bz2		\b, uses bzip2 compression
-#>84	string		gz		\b, uses gzip compression
-#>136	ledate		x		created: %s
+#>68	string		!2.0\n
+#>>68	string		x		(format %.3s)
+>68	string		=2.0\n
+# 2nd archive name=control archive name like control.tar.gz or control.tar.xz
+>>72	string		>\0		\b, with %.14s
+# look for 3rd archive name=data archive name like data.tar.{gz,xz,bz2,lzma}
+>>0	search/0x93e4f	data.tar.	\b, data compression
+# the above line only works if FILE_BYTES_MAX in ../../src/file.h is raised
+# for example like libreoffice-dev-doc_1%3a5.2.7-1+rpi1+deb9u3_all.deb
+>>>&0	string		x		%.4s
+# splitted debian package case
+>68	string		=2.1\n
+# dpkg-1.18.25/dpkg-split/info.c
+# NL terminated ASCII package name like ckermit
+>>&0	string		x		\b, %s
+# NL terminated package version like 302-5.3
+>>>&1	string		x		%s
+# NL terminated MD5 checksum
+>>>>&1	string		x		\b, MD5 %s
+# NL terminated original package length
+>>>>>&1	string		x		\b, unsplitted size %s
+# NL terminated part length
+>>>>>>&1	string	x		\b, part lenght %s
+# NL terminated package part like n/m
+>>>>>>>&1	string	x		\b, part %s
+# NL terminated package architecture like armhf since dpkg 1.16.1 or later
+>>>>>>>>&1	string	x		\b, %s
 
 #
 # MIPS archive; they're in the portable archive format, and need to go
@@ -2425,15 +2597,35 @@
 >19	string	B			and an EB hash table
 >22	string	X			-- out of date
 
-0	search/1	-h-		Software Tools format archive text
-
 #
 # BSD/SVR2-and-later portable archive formats.
 #
-0	string		=!<arch>		current ar archive
+# Update: Joerg Jenderek
+# URL:		http://fileformats.archiveteam.org/wiki/AR
+# Reference:	https://www.unix.com/man-page/opensolaris/3HEAD/ar.h/
+# Note:		Mach-O universal binary in ./cafebabe is dependent
+# TODO:		unify current ar archive, MIPS archive, Debian package
+#		distinguish BSD, SVR; 32, 64 bit; HP from other 32-bit SVR;
+#		*.ar packages from *.a libraries. handle empty archive
+0	string		=!<arch>\n		current ar archive
+# print first and possibly second ar_name[16] for debugging purpose
+#>8			string	x	\b, 1st "%.16s"
+#>68			string	x	\b, 2nd "%.16s"
 !:mime	application/x-archive
+# a in most case for libraries; lib for Microsoft libraries; ar else cases
+!:ext	a/lib/ar
 >8	string		__.SYMDEF	random library
+# first member with long marked name __.SYMDEF SORTED implies BSD library
 >68	string		__.SYMDEF\ SORTED	random library
+# Reference: https://parisc.wiki.kernel.org/images-parisc/b/b2/Rad_11_0_32.pdf
+# "archive file" entry moved from ./hp
+# LST header system_id 0210h~PA-RISC 1.1,... identifies the target architecture
+# LST header a_magic 0619h~relocatable library
+>68	belong 		0x020b0619	- PA-RISC1.0 relocatable library
+>68	belong	 	0x02100619	- PA-RISC1.1 relocatable library
+>68	belong 		0x02110619	- PA-RISC1.2 relocatable library
+>68	belong 		0x02140619	- PA-RISC2.0 relocatable library
+#EOF for common ar archives
 
 #
 # "Thin" archive, as can be produced by GNU ar.
@@ -2443,6 +2635,8 @@
 >68	belong		1		%d symbol entry
 >68	belong		>1		%d symbol entries
 
+0	search/1	-h-		Software Tools format archive text
+
 # ARC archiver, from Daniel Quinlan (quinlan@yggdrasil.com)
 #
 # The first byte is the magic (0x1a), byte 2 is the compression type for
@@ -2967,7 +3161,7 @@
 # LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu)
 # Update: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/LHA_(file_format)
-# Reference: http://web.archive.org/web/20021005080911/http://www.osirusoft.com/joejared/lzhformat.html
+# Reference: https://web.archive.org/web/20021005080911/http://www.osirusoft.com/joejared/lzhformat.html
 #
 #	check and display information of lharc (LHa,PMarc) file
 0	name				lharc-file
@@ -3167,7 +3361,7 @@
 !:ext	rar
 
 # Very old RAR archive
-# http://jasonblanks.com/wp-includes/images/papers/KnowyourarchiveRAR.pdf
+# https://jasonblanks.com/wp-includes/images/papers/KnowyourarchiveRAR.pdf
 0	string		RE\x7e\x5e  RAR archive data (<v1.5)
 !:mime	application/x-rar
 !:ext	rar/cbr
@@ -3188,7 +3382,9 @@
 0	string		PK\005\006	Zip archive data (empty)
 !:mime application/zip
 !:ext zip/cbz
+!:strength +1
 0	string		PK\003\004
+!:strength +1
 
 # Specialised zip formats which start with a member named 'mimetype'
 # (stored uncompressed, with no 'extra field') containing the file's MIME type.
@@ -3231,7 +3427,7 @@
 >>>62	string	base			Database file
 
 #   OpenDocument formats (for OpenOffice 2.x / StarOffice >= 8)
-#    http://lists.oasis-open.org/archives/office/200505/msg00006.html
+#    https://lists.oasis-open.org/archives/office/200505/msg00006.html
 #    (mimetype contains "application/vnd.oasis.opendocument.<SUBTYPE>")
 >>50	string	vnd.oasis.opendocument.	OpenDocument
 >>>73	string	text
@@ -3280,7 +3476,7 @@
 !:mime	application/vnd.oasis.opendocument.image-template
 
 #  EPUB (OEBPS) books using OCF (OEBPS Container Format)
-#    http://www.idpf.org/ocf/ocf1.0/download/ocf10.htm, section 4.
+#    https://www.idpf.org/ocf/ocf1.0/download/ocf10.htm, section 4.
 #    From: Ralf Brown <ralf.brown@gmail.com>
 >>50	string	epub+zip	EPUB document
 !:mime application/epub+zip
@@ -3474,6 +3670,16 @@
 >5	byte	x		\b.%d
 >6	belong	x		(%d bytes)
 
+# From:		Joerg Jenderek
+# URL:		https://help.foxitsoftware.com/kb/install-fzip-file.php
+# reference:	http://mark0.net/download/triddefs_xml.7z/
+#		defs/f/fzip.trid.xml
+# Note: unknown compression; No "PK" zip magic; normally in directory like
+#	"%APPDATA%\Foxit Software\Addon\Foxit Reader\Install"
+0	ubequad	0x2506781901010000	Foxit add-on/update
+!:mime	application/x-fzip
+!:ext	fzip
+
 # From: "Robert Dale" <robdale@gmail.com>
 0	belong	123		dar archive,
 >4	belong	x		label "%.8x
@@ -3484,7 +3690,7 @@
 >14	beshort	0x4e53		multi-part, with -S
 
 # Symbian installation files
-#  http://www.thouky.co.uk/software/psifs/sis.html
+#  https://www.thouky.co.uk/software/psifs/sis.html
 #  http://developer.symbian.com/main/downloads/papers/SymbianOSv91/softwareinstallsis.pdf
 8	lelong	0x10000419	Symbian installation file
 !:mime	application/vnd.symbian.install
@@ -3502,24 +3708,74 @@
 >10	string x		with compression level %.1s
 
 # xar (eXtensible ARchiver) archive
-# xar archive format: http://code.google.com/p/xar/
+# URL: https://en.wikipedia.org/wiki/Xar_(archiver)
+# xar archive format: https://code.google.com/p/xar/
 # From: "David Remahl" <dremahl@apple.com>
+# Update: Joerg Jenderek
+# TODO: lzma compression; X509Data for pkg and xip
+# Note: verified by `xar --dump-header -f FullBundleUpdate.xar` or
+# 7z t -txar Xcode_10.2_beta_4.xip`
 0	string	xar!		xar archive
 !:mime	application/x-xar
-#>4	beshort	x		header size %d
->6	beshort	x		version %d,
-#>8	quad	x		compressed TOC: %d,
-#>16	quad	x		uncompressed TOC: %d,
+# pkg for Mac OSX installer package like FullBundleUpdate.pkg
+# xip for signed Apple software like Xcode_10.2_beta_4.xip
+!:ext	xar/pkg/xip
+# always 28 in older archives
+>4	ubeshort >28		\b, header size %u
+# currently there exit only version 1 since about 2014
+>6	ubeshort >1		version %u,
+>8	ubequad	x		compressed TOC: %llu,
+#>16	ubequad	x		uncompressed TOC: %llu,
+# cksum_alg 0-2 in older and also 3-4 in newer
 >24	belong	0		no checksum
 >24	belong	1		SHA-1 checksum
 >24	belong	2		MD5 checksum
+>24	belong	3		SHA-256 checksum
+>24	belong	4		SHA-512 checksum
+>24	belong	>4		unknown 0x%x checksum
+#>24	belong	>4		checksum
+#			For no compression jump 0 bytes
+>24	belong	0
+>>0		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+#>>>>&(8.Q)	ubequad	x	\b, heap data 0x%llx
+>>>>&(8.Q)	ubyte	x
+# look for data by ./compress after message with 1 space at end
+>>>>>&-3	indirect x	\b, contains 
+#			For SHA-1 jump 20 minus 2 bytes
+>24	belong	1
+>>18		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+# data compressed by gzip, bzip, lzma or none
+>>>>>&-1	indirect x	\b, contains 
+#			For SHA-256 jump 32 minus 2 bytes
+>24	belong	3
+>>30		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+>>>>>&-1	indirect x	\b, contains 
+#			For SHA-512 jump 64 minus 2 bytes
+>24	belong	4
+>>62		ubyte	x
+# jump more bytes forward by header size
+>>>&(4.S)	ubyte	x
+# jump more bytes forward by compressed table of contents size
+>>>>&(8.Q)	ubyte	x
+>>>>>&-1	indirect x	\b, contains 
 
 # Type: Parity Archive
 # From: Daniel van Eeden <daniel_e@dds.nl>
 0	string	PAR2		Parity Archive Volume Set
 
 # Bacula volume format. (Volumes always start with a block header.)
-# URL: http://bacula.org/3.0.x-manuals/en/developers/developers/Block_Header.html
+# URL: https://bacula.org/3.0.x-manuals/en/developers/developers/Block_Header.html
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 12	string	BB02		Bacula volume
 >20	bedate	x		\b, started %s
@@ -3534,11 +3790,11 @@
 0	string	zPQ	ZPAQ stream
 >3	byte	x	\b, level %d
 # From: Barry Carter <carter.barry@gmail.com>
-# http://encode.ru/threads/456-zpaq-updates/page32
+# https://encode.ru/threads/456-zpaq-updates/page32
 0	string	7kSt	ZPAQ file
 
 # BBeB ebook, unencrypted (LRF format)
-# URL: http://www.sven.de/librie/Librie/LrfFormat
+# URL: https://www.sven.de/librie/Librie/LrfFormat
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string	L\0R\0F\0\0\0	BBeB ebook data, unencrypted
 >8	beshort	x		\b, version %d
@@ -3548,8 +3804,8 @@
 >44	beshort	x		%d)
 
 # Symantec GHOST image by Joerg Jenderek at May 2014
-# http://us.norton.com/ghost/
-# http://www.garykessler.net/library/file_sigs.html
+# https://us.norton.com/ghost/
+# https://www.garykessler.net/library/file_sigs.html
 0		ubelong&0xFFFFf7f0	0xFEEF0100	Norton GHost image
 # *.GHO
 >2		ubyte&0x08		0x00		\b, first file
@@ -3595,6 +3851,58 @@
 
 # LyNX archive
 56	string	USE\040LYNX\040TO\040DISSOLVE\040THIS\040FILE	 LyNX archive
+
+# From: Joerg Jenderek
+# URL: https://www.acronis.com/
+# Reference: https://en.wikipedia.org/wiki/TIB_(file_format)
+# Note: only tested with True Image 2013 Build 5962 and 2019 Build 14110
+0	ubequad		0xce24b9a220000000	Acronis True Image backup
+!:mime	application/x-acronis-tib
+!:ext	tib
+# 01000000
+#>20	ubelong		x			\b, at 20 0x%x
+# 20000000
+#>28	ubelong		x			\b, at 28 0x%x
+# strings like "Generic- SD/MMC 1.00" "Unknown Disk" "Msft Virtual Disk 1.0"
+# ???
+# strings like "\Device\0000011e" "\Device\0000015a"
+#>0	search/0x6852300/cs	\\Device\\
+#>>&-1	pstring		x			\b, %s
+# "\Device\HarddiskVolume30" "\Device\HarddiskVolume39"
+#>>>&1	search/180/cs	\\Device\\
+#>>>>&-1	pstring		x			\b, %s
+#>>>>>&0	search/29/cs	\0\0\xc8\0
+# disk label
+#>>>>>>&10	lestring16	x		\b, disk label %11.11s
+#>>>>>>&9	plestring16	x		\b, disk label "%11.11s"
+#>>>>>>&10	ubequad	x			%16.16llx
+
+
+# Gentoo XPAK binary package
+# by Michal Gorny <mgorny@gentoo.org>
+# https://gitweb.gentoo.org/proj/portage.git/tree/man/xpak.5
+-4	string	STOP
+>-16	string	XPAKSTOP	Gentoo binary package (XPAK)
+
+# From:		Joerg Jenderek
+# URL:		https://kodi.wiki/view/TexturePacker
+# Reference:	https://mirrors.kodi.tv/releases/source/17.3-Krypton.tar.gz
+# /xbmc-Krypton/xbmc/guilib/XBTF.h
+# /xbmc-Krypton/xbmc/guilib/XBTF.cpp 
+0	string	XBTF
+# skip ASCII text by looking for terminating \0 of path
+>264	ubyte	0		XBMC texture package
+!:mime	application/x-xbmc-xbt
+!:ext	xbt
+# XBTF_VERSION 2
+>>4	string	!2		\b, version %-.1s
+# nofFiles /xbmc-Krypton/xbmc/guilib/XBTFReader.cpp
+>>5	ulelong	x		\b, %u file
+# plural s
+>>5	ulelong	>1		\bs
+# path[CXBTFFile[MaximumPathLength=256]
+>>9	string	x		\b, 1st %s
+
 #------------------------------------------------------------------------------
 # $File: assembler,v 1.6 2013/12/11 14:14:20 christos Exp $
 # make:  file(1) magic for assembler source
@@ -3674,7 +3982,7 @@
 >364	string		>\0		of '%s'
 
 #------------------------------------------------------------------------------
-# $File: audio,v 1.86 2018/03/11 00:53:11 christos Exp $
+# $File: audio,v 1.111 2019/05/08 18:02:45 christos Exp $
 # audio:  file(1) magic for sound formats (see also "iff")
 #
 # Jan Nicolai Langfeldt (janl@ifi.uio.no), Dan Quinlan (quinlan@yggdrasil.com),
@@ -4067,9 +4375,15 @@
 0	string		MED		MED_Song
 0	string		SymM		Symphonie SymMOD music file
 #
+# Track Length (TRL), Tracks (TRK), Samples (SMP), Subsongs (SS)
+# http://lclevy.free.fr/exotica/ahx/ahxformat.txt
 0	string		THX		AHX version
 >3	byte		=0		1 module data
 >3	byte		=1		2 module data
+>10	byte		x		TRL: %u
+>11	byte		x		TRK: %u
+>12	byte		x		SMP: %u
+>13	byte		x		SS: %u
 #
 0	string		OKTASONG	Oktalyzer module data
 #
@@ -4209,6 +4523,18 @@
 
 # adlib sound files
 # From: Alex Myczko <alex@aiei.ch>
+
+# https://github.com/rerrahkr/BambooTracker
+0	string		BambooTrackerMod	BambooTracker module
+>22	byte	x	\b, version %u
+>21	byte	x	\b.%u
+>20	byte	x	\b.%u
+
+0	string		BambooTrackerIst	BambooTracker instrument
+>22	byte	x	\b, version %u
+>21	byte	x	\b.%u
+>20	byte	x	\b.%u
+
 0    	string		RAWADATA	RdosPlay RAW
 
 1068	string		RoR		AMUSIC Adlib Tracker
@@ -4224,6 +4550,14 @@
 
 0	string		ofTAZ!		eXtra Simple Music
 
+0	string		FMK!		FM Kingtracker Song
+
+0	string		DFM		DFM Song
+
+0	string		\<CUD-FM-File\>	CFF Song
+
+0	string		_A2module	A2M Song
+
 # Spectrum 128 tunes (.ay files).
 # From: Emanuel Haupt <ehaupt@critical.ch>
 0	string		ZXAYEMUL	Spectrum 128 tune
@@ -4305,7 +4639,7 @@
 
 # IMY
 # from http://filext.com/detaillist.php?extdetail=IMY
-# http://cellphones.about.com/od/cellularfaqs/f/rf_imelody.htm
+# https://cellphones.about.com/od/cellularfaqs/f/rf_imelody.htm
 # http://download.ncl.ie/doc/api/ie/ncl/media/music/IMelody.html
 # http://www.wx800.com/msg/download/irda/iMelody.pdf
 0	string	BEGIN:IMELODY	iMelody Ringtone Format
@@ -4321,6 +4655,8 @@
 # URL:  http://filext.com/detaillist.php?extdetail=AMR
 # From: Russell Coker <russell@coker.com.au>
 0	string	#!AMR		Adaptive Multi-Rate Codec (GSM telephony)
+!:mime	audio/amr
+!:ext  amr
 
 # Type: SuperCollider 3 Synth Definition File Format
 # From: Mario Lang <mlang@debian.org>
@@ -4328,12 +4664,12 @@
 >4	belong	x	version %d
 
 # Type: True Audio Lossless Audio
-# URL:  http://wiki.multimedia.cx/index.php?title=True_Audio
+# URL:  https://wiki.multimedia.cx/index.php?title=True_Audio
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	TTA1	True Audio Lossless Audio
 
 # Type: WavPack Lossless Audio
-# URL:  http://wiki.multimedia.cx/index.php?title=WavPack
+# URL:  https://wiki.multimedia.cx/index.php?title=WavPack
 # From: Mike Melanson <mike@multimedia.cx>
 0	string	wvpk	WavPack Lossless Audio
 
@@ -4341,6 +4677,8 @@
 # VGM music file
 0	string		Vgm\040
 >9	ubyte		>0	VGM Video Game Music dump v
+!:mime	audio/x-vgm
+!:ext	vgm
 >>9	ubyte/16	>0	\b%d
 >>9	ubyte&0x0F	x	\b%d
 >>8	ubyte/16	x	\b.%d
@@ -4387,6 +4725,54 @@
 >>>>0x78 ubyte		0x03	AY-3-8930,
 >>>>0x78 ubyte		0x10	YM2149,
 >>>>0x78 ubyte		0x11	YM3439,
+# VGM 1.61
+>>0x34	ulelong		>0x4C
+>>>0x80	ulelong		>0	DMG,
+>>0x34	ulelong		>0x50
+>>>0x84	lelong		>0	NES APU,
+>>>0x84	lelong		<0	NES APU with FDS,
+>>0x34	ulelong		>0x54
+>>>0x88	ulelong		>0	MultiPCM,
+>>0x34	ulelong		>0x58
+>>>0x8C	ulelong		>0	uPD7759,
+>>0x34	ulelong		>0x5C
+>>>0x90	ulelong		>0	OKIM6258,
+>>0x34	ulelong		>0x64
+>>>0x98	ulelong		>0	OKIM6295,
+>>0x34	ulelong		>0x68
+>>>0x9C	ulelong		>0	K051649,
+>>0x34	ulelong		>0x6C
+>>>0xA0	ulelong		>0	K054539,
+>>0x34	ulelong		>0x70
+>>>0xA4	ulelong		>0	HuC6280,
+>>0x34	ulelong		>0x74
+>>>0xA8	ulelong		>0	C140,
+>>0x34	ulelong		>0x78
+>>>0xAC	ulelong		>0	K053260,
+>>0x34	ulelong		>0x7C
+>>>0xB0	ulelong		>0	Pokey,
+>>0x34	ulelong		>0x80
+>>>0xB4	ulelong		>0	QSound,
+# VGM 1.71
+>>0x34	ulelong		>0x84
+>>>0xB8	ulelong		>0	SCSP,
+>>0x34	ulelong		>0x8C
+>>>0xC0	ulelong		>0	WonderSwan,
+>>0x34	ulelong		>0x90
+>>>0xC4	ulelong		>0	VSU,
+>>0x34	ulelong		>0x94
+>>>0xC8	ulelong		>0	SAA1099,
+>>0x34	ulelong		>0x98
+>>>0xCC	ulelong		>0	ES5503,
+>>0x34	ulelong		>0x9C
+>>>0xD0	lelong		>0	ES5505,
+>>>0xD0	lelong		<0	ES5506,
+>>0x34	ulelong		>0xA4
+>>>0xD8	ulelong		>0	X1-010,
+>>0x34	ulelong		>0xA8
+>>>0xDC	ulelong		>0	C352,
+>>0x34	ulelong		>0xAC
+>>>0xE0	ulelong		>0	GA20,
 
 # GVOX Encore file format
 # Since this is a proprietary file format and there is no publicly available
@@ -4401,8 +4787,8 @@
 
 # Summary:	Garmin Voice Processing Module (WAVE audios)
 # From:		Joerg Jenderek
-# URL:		http://www.garmin.com/
-# Reference:	http://turboccc.wikispaces.com/share/view/28622555
+# URL:		https://www.garmin.com/
+# Reference:	http://www.poi-factory.com/node/19580
 # NOTE:		there exist 2 other Garmin VPM formats
 0		string	AUDIMG
 # skip text files starting with string "AUDIMG"
@@ -4426,16 +4812,35 @@
 # if you select a language like german on your garmin device
 # you can only select voice modules with corresponding language byte ID like 1
 >>18		ubyte		x	\b, language ID %d
+# structure for phrases/sentences?
+# number of voice sample in the 1st phrase?
+#>>19		uleshort		x	\b, 0x%x samples
+#>>>21		uleshort		>0	\b, at 0x%4.4x
+#>>>(21.s)	ubequad			x	0x%llx
+# 2nd phrase?
+#>>23		uleshort		x	\b, 0x%x samples
+#>>>25		uleshort		>0	\b, at 0x%4.4x
+#>>>(25.s)	ubequad			x	0x%llx
 # pointer to 1st audio WAV sample
 >>16		uleshort	>0
->>>(16.s)	ulelong		>0	\b, at offset 0x%x
+>>>(16.s)	ulelong		>0	\b, at 0x%x
 # WAV length
->>>>(16.s+4)	ulelong		>0	%d Bytes
+# 1 space char after "bytes" to get phrase "bytes RIFF"
+>>>>(16.s+4)	ulelong		>0	%u bytes 
 # look for magic
 >>>>>(&-8.l)	string		RIFF
 # determine type by ./riff
->>>>>>&-4	indirect	x	\b
+>>>>>>&-4	indirect	x
 # 2 - ~ 131 WAV samples following same way
+#
+# Summary:	encrypted Garmin Voice Processing Module
+# From:		Joerg Jenderek
+# URL:		https://www.garmin.com/us/products/ontheroad/voicestudio
+# NOTE:		Encrypted variant used in voices like DrNightmare, Elfred, Yeti.
+#		There exist 2 other Garmin VPM formats
+0	ubequad		0xa141190fecc8ced6	Garmin Voice Processing Module (encrypted)
+!:mime	audio/x-vpm-garmin
+!:ext	vpm
 
 # From Martin Mueller Skarbiniks Pedersen
 0		string		GDM
@@ -4490,7 +4895,7 @@
 >>>0x31		byte&0x0F	x	\b%02d
 >>>>0x4		string		>\0	\b, title: "%s"
 
-# magic for Klystrack, http://kometbomb.github.io/klystrack/
+# magic for Klystrack, https://kometbomb.github.io/klystrack/
 # from Alex Myczko <alex@aiei.ch>
 0	string	cyd!song	Klystrack song
 >8	byte	>0		\b, version %u
@@ -4533,11 +4938,167 @@
 >0	byte	x		\b, version %u
 >1	byte	x		\b.%u
 
+# CRI ADX ADPCM audio
+# Used by various Sega games.
+# https://en.wikipedia.org/wiki/ADX_(file_format)
+# https://wiki.multimedia.cx/index.php/CRI_ADX_file
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0x00		beshort		0x8000
+>(2.S-2)	string		(c)CRI		CRI ADX ADPCM audio
+!:ext adx
+!:mime audio/x-adx
+!:strength +50
+>>0x12		byte		x		v%u
+>>0x04		byte		0x02		\b, pre-set prediction coefficients
+>>0x04		byte		0x03		\b, standard ADX
+>>0x04		byte		0x04		\b, exponential scale
+>>0x04		byte		0x10		\b, AHX (Dreamcast)
+>>0x04		byte		0x11		\b, AHX
+>>0x08		belong		x		\b, %u Hz
+>>0x12		byte		0x03
+>>>0x02		beshort		>0x2B
+>>>>0x18	belong		!0		\b, looping
+>>0x12		byte		0x04
+>>>0x02		beshort		>0x37
+>>>>0x24	belong		!0		\b, looping
+>>0x13		byte&0x08	0x08		\b, encrypted
+
+# Lossless audio (.la) (http://www.lossless-audio.com/)
+0	string	LA
+>2	string	03	Lossless audio version 0.3
+>2	string	04	Lossless audio version 0.4
+
+# Sony PlayStation Audio (.xa)
+0	leshort 0x4158	Sony PlayStation Audio
+
+# Portable Sound Format
+# Used for audio rips for various consoles.
+# http://fileformats.archiveteam.org/wiki/Portable_Sound_Format
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string	PSF	Portable Sound Format
+!:mime	audio/x-psf
+>3	byte	0x01	(Sony PlayStation)
+>3	byte	0x02	(Sony PlayStation 2)
+>3	byte	0x11	(Sega Saturn)
+>3	byte	0x12	(Sega Dreamcast)
+>3	byte	0x13	(Sega Mega Drive)
+>3	byte	0x21	(Nintendo 64)
+>3	byte	0x22	(Game Boy Advance)
+>3	byte	0x23	(Super NES)
+>3	byte	0x41	(Capcom QSound)
+
+# Atari 8-bit SAP audio format
+# http://asap.sourceforge.net/sap-format.html
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		SAP\r\n	Atari 8-bit SAP audio file
+!:mime	audio/x-sap
+!:ext	sap
+>5	search/1024	NAME
+>>&1	string		x	\b: %s
+>>5	search/1024	AUTHOR
+>>>&1	string		x	by %s
+
+# Nintendo Wii BRSTM audio format (fields)
+# NOTE: Assuming HEAD starts at 0x40.
+# FIXME: Replace 0x48 with HEAD offset plus 8.
+0	name	nintendo-wii-brstm-fields
+>(0x10.L)	string	HEAD	\b:
+>>(0x10.L+0x0C)	belong	x
+>>>(&-4.L+0x48)	belong	x
+>>>>&-4		byte	0	PCM, signed 8-bit,
+>>>>&-4		byte	1	PCM, signed 16-bit,
+>>>>&-4		byte	2	THP ADPCM,
+>>>>&-3		byte	!0	looping,
+>>>>&-2		byte	1	mono
+>>>>&-2		byte	2	stereo
+>>>>&-2		byte	3	3 channels
+>>>>&-2		byte	4	quad
+>>>>&-2		byte	>4	%u channels
+>>>>&0		beshort	!0	%u Hz
+
+# Nintendo Wii BRSTM audio format
+# https://wiibrew.org/wiki/BRSTM_file
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		RSTM	Nintendo Wii BRSTM audio file
+!:mime	audio/x-brstm
+!:ext	brstm
+# Wii is big-endian, so default to BE.
+>4	beshort		0xFEFF
+>>0	use		nintendo-wii-brstm-fields
+>4	leshort		0xFEFF
+>>0	use		\^nintendo-wii-brstm-fields
+
+# Nintendo 3DS BCSTM audio format (fields)
+0	name	nintendo-3ds-bcstm-fields
+>(0x18.l)	string	INFO	\b:
+# INFO block: Stream information starts at 0x20 (minus 4 for the 'INFO' magic)
+>>&0x1C		byte	0	PCM, signed 8-bit,
+>>&0x1C		byte	1	PCM, signed 16-bit,
+>>&0x1C		byte	2	DSP ADPCM,
+>>&0x1C		byte	3	IMA ADPCM,
+>>&0x1D		byte	!0	looping,
+>>&0x1E		byte	1	mono
+>>&0x1E		byte	2	stereo
+>>&0x1E		byte	3	3 channels
+>>&0x1E		byte	4	quad
+>>&0x1E		byte	>4	%u channels
+>>&0x20		lelong	!0	%u Hz
+
+# Nintendo 3DS BCSTM audio format
+# https://www.3dbrew.org/wiki/BCSTM
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		CSTM	Nintendo 3DS BCSTM audio file
+!:mime	audio/x-bcstm
+!:ext	bcstm
+# 3DS is little-endian, so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcstm-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcstm-fields
+
+# Nintendo Wii U BFSTM audio format
+# http://mk8.tockdom.com/wiki/BFSTM_(File_Format)
+# NOTE: This format is very similar to BCSTM.
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		FSTM	Nintendo Wii U BFSTM audio file
+!:mime	audio/x-bfstm
+!:ext	bfstm
+# BFSTM is used on both Wii U (BE) and Switch (LE),
+# so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcstm-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcstm-fields
+
+# Nintendo 3DS BCSTM audio format (fields)
+0	name	nintendo-3ds-bcwav-fields
+>(0x18.l)	string	INFO	\b:
+# INFO block (minus 4 for INFO magic)
+>>&0x4		byte	0	PCM, signed 8-bit,
+>>&0x4		byte	1	PCM, signed 16-bit,
+>>&0x4		byte	2	DSP ADPCM,
+>>&0x4		byte	3	IMA ADPCM,
+>>&0x5		byte	!0	looping,
+>>&0x8		lelong	x	stereo
+>>&0x8		lelong	!0	%u Hz
+
+# Nintendo 3DS BCWAV audio format
+# https://www.3dbrew.org/wiki/BCWAV
+# Added by David Korth <gerbilsoft@gerbilsoft.com>
+0	string		CWAV	Nintendo 3DS BCWAV audio file
+!:mime	audio/x-bcwav
+!:ext	bcwav
+# 3DS is little-endian, so default to LE.
+>4	leshort		0xFEFF
+>>0	use		nintendo-3ds-bcwav-fields
+>4	beshort		0xFEFF
+>>0	use		\^nintendo-3ds-bcwav-fields
+
 #----------------------------------------------------------------
-# $File: basis,v 1.4 2009/09/19 16:28:08 christos Exp $
+# $File: basis,v 1.5 2019/04/19 00:42:27 christos Exp $
 # basis: file(1) magic for BBx/Pro5-files
 #      Oliver Dammer <dammer@olida.de>	 2005/11/07
-# http://www.basis.com business-basic-files.
+# https://www.basis.com business-basic-files.
 #
 0	string		\074\074bbx\076\076	BBx
 >7	string		\000			indexed file
@@ -4559,7 +5120,7 @@
 0	string		BEETLE\000	Beetle VM object file
 
 #------------------------------------------------------------------------------
-# $File: ber,v 1.1 2016/06/05 00:21:30 christos Exp $
+# $File: ber,v 1.2 2019/04/19 00:42:27 christos Exp $
 # ber:  file(1) magic for several BER formats used in the mobile
 # telecommunications industry (Georg Sauthoff)
 
@@ -4578,7 +5139,7 @@
 #
 # TAP 3 Files
 # TAP -> Transferred Account Procedure
-# cf. http://www.gsma.com/newsroom/wp-content/uploads/TD.57-v32.31.pdf
+# cf. https://www.gsma.com/newsroom/wp-content/uploads/TD.57-v32.31.pdf
 # TransferBatch short tag
 0	byte	0x61
 # BatchControlInfo short tag
@@ -4606,7 +5167,7 @@
 >>&0	byte	x	NRT 2.%d (TD.35, Near Real Time Roaming Data Exchange)
 
 # RAP Files
-# cf. http://www.gsma.com/newsroom/wp-content/uploads/TD.32-v6.11.pdf
+# cf. https://www.gsma.com/newsroom/wp-content/uploads/TD.32-v6.11.pdf
 # Long ReturnBatch tag
 0	string	\x7f\x84\x16
 # Long RapBatchControlInfo tag
@@ -4648,7 +5209,7 @@
 !:ext   bhl
 
 #------------------------------------------------------------------------------
-# $File: bioinformatics,v 1.4 2016/06/20 16:13:46 christos Exp $
+# $File: bioinformatics,v 1.5 2019/04/19 00:42:27 christos Exp $
 # bioinfomatics:  file(1) magic for Bioinfomatics file formats
 
 ###############################################################################
@@ -4731,7 +5292,7 @@
 
 ###############################################################################
 # BCF (Binary Call Format), version 2.1
-# used by SAMtools (http://samtools.github.io/hts-specs/BCFv2_qref.pdf)
+# used by SAMtools (https://samtools.github.io/hts-specs/BCFv2_qref.pdf)
 # data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
 ###############################################################################
 0		string	   BCF\2\1    Binary Call Format (BCF) version 2.1
@@ -4744,7 +5305,7 @@
 
 ###############################################################################
 # BCF (Binary Call Format), version 2.2
-# used by SAMtools (http://samtools.github.io/hts-specs/BCFv2_qref.pdf)
+# used by SAMtools (https://samtools.github.io/hts-specs/BCFv2_qref.pdf)
 # data is normally present only within compressed BGZF blocks (CDATA), so use file -z to examine it
 ###############################################################################
 0		string	   BCF\2\2    Binary Call Format (BCF) version 2.2
@@ -4777,7 +5338,7 @@
 
 ###############################################################################
 # FASTA
-# used by FASTA (http://fasta.bioch.virginia.edu/fasta_www2/fasta_guide.pdf)
+# used by FASTA (https://fasta.bioch.virginia.edu/fasta_www2/fasta_guide.pdf)
 ###############################################################################
 #0	byte	0x3e
 # q>0	regex	=^[>][!-~\t\ ]+$
@@ -4825,6 +5386,160 @@
 >>>>>>>>>>>0	regex	=^[@]HD\t.*VN:		\b, with header
 >>>>>>>>>>>>&0	regex	=[0-9.]+		\b version %s
 
+##############################################################################
+#
+#    Magic ids for biomedical signal file formats 
+#    Copyright (C) 2018 Alois Schloegl <alois.schloegl@gmail.com>
+#
+#    The list has been derived from biosig projects
+#      http://biosig.sourceforge.net
+#      https://pub.ist.ac.at/~schloegl/matlab/eeg/
+#      https://pub.ist.ac.at/~schloegl/biosig/TESTED
+#
+##############################################################################
+#
+0	string  ABF\x20					Biosig/Axon Binary format
+!:mime biosig/abf2
+0	string  ABF2\0\0				Biosig/Axon Binary format
+!:mime biosig/abf2
+#
+0	string  ATES\x20MEDICA\x20SOFT.\x20EEG\x20for\x20Windows	Biosig/ATES MEDICA SOFT. EEG for Windows
+!:mime biosig/ates
+#
+0	string  ATF\x09					Biosig/Axon Text fomrat
+!:mime biosig/atf
+#
+0	string  ADU1					Biosig/Axona file format
+!:mime biosig/axona
+0	string  ADU2					Biosig/Axona file format
+!:mime biosig/axona
+#
+0	string  ALPHA-TRACE-MEDICAL			Biosig/alpha trace 
+!:mime biosig/alpha
+#
+0       string  AxGr					Biosig/AXG
+0       string  axgx					Biosig/AXG
+!:mime biosig/axg
+#
+0	string  HeaderLen=				Biosig/BCI2000
+0	string  BCI2000V				Biosig/BCI2000
+!:mime biosig/bci2000
+#
+### Specification: https://www.biosemi.com/faq/file_format.htm
+0	string  \xffBIOSEMI				Biosig/Biosemi data format
+!:mime biosig/bdf
+#
+0	string  Brain\x20Vision\x20Data\x20Exchange\x20Header\x20File			Biosig/Brainvision data file
+0	string  Brain\x20Vision\x20V-Amp\x20Data\x20Header\x20File\x20Version		Biosig/Brainvision V-Amp file
+0	string  Brain\x20Vision\x20Data\x20Exchange\x20Marker\x20File,\x20Version	Biosig/Brainvision Marker file
+!:mime biosig/brainvision
+#
+0	string  CEDFILE					Biosig/CFS: Cambridge Electronic devices File format 
+!:mime biosig/ced
+#
+### Specification: https://www.edfplus.info/specs/index.html
+0	string	0\x20\x20\x20\x20\x20\x20\x20		Biosig/EDF: European Data format
+!:mime biosig/edf
+#
+### Specifications: https://arxiv.org/abs/cs/0608052
+0	string  GDF					Biosig/GDF: General data format for biosignals
+!:mime biosig/gdf
+#
+0	string  DATA\0\0\0\0				Biosig/Heka Patchmaster
+0	string  DAT1\0\0\0\0				Biosig/Heka Patchmaster
+0	string  DAT2\0\0\0\0				Biosig/Heka Patchmaster
+!:mime biosig/heka
+#
+0	string  (C)\x20CED\x2087			Biosig/CED SMR 
+!:mime biosig/ced-smr
+#
+0	string  CFWB\1\0\0\0				Biosig/CFWB
+!:mime biosig/cfwb
+#
+0	string  DEMG					Biosig/DEMG
+!:mime biosig/demg
+#
+0	string  EBS\x94\x0a\x13\x1a\x0d			Biosig/EBS
+!:mime biosig/ebs
+#
+0	string  Embla\x20data\x20file			Biosig/Embla
+!:mime biosig/embla
+#
+0	string  Header\r\nFile Version			Biosig/ETG4000
+!:mime biosig/etg4000
+#
+0	string  GALILEO\x20EEG\x20TRACE\x20FILE		Biosig/Galileo 
+!:mime biosig/galileo
+#
+0	string  IGOR					Biosig/IgorPro ITX file
+!:mime biosig/igorpro
+#
+#	Specification: http://www.ampsmedical.com/uploads/2017-12-7/The_ISHNE_Format.pdf
+0	string  ISHNE1.0				Biosig/ISHNE
+!:mime biosig/ishne
+#
+# 	CEN/ISO 11073/22077 series, http://www.mfer.org/en/document.htm
+0	string  @\x20\x20MFER\x20			Biosig/MFER
+0	string  @\x20MFR\x20				Biosig/MFER
+!:mime biosig/mfer
+#
+0	string  NEURALEV				Biosig/NEV
+0	string  N.EV.\0					Biosig/NEV
+!:mime biosig/nev
+#
+0	string  NEX1					Biosig/NEX
+!:mime biosig/nex1
+#
+0	string  PLEX 					Biosig/Plexon v1.0
+10	string  PLEXON 					Biosig/Plexon v2.0
+!:mime biosig/plexon
+#
+0	string  \x02\x27\x91\xC6			Biosig/RHD2000: Intan RHD2000 format
+#
+#	Specification: CEN 1064:2005/ISO 11073:91064
+16	string  SCPECG\0\0 				Biosig/SCP-ECG format CEN 1064:2005/ISO 11073:91064
+!:mime biosig/scpecg
+#
+0	string  IAvSFo									Biosig/SIGIF
+!:mime biosig/sigif
+#
+0	string  POLY\x20SAMPLE\x20FILEversion\x20					Biosig/TMS32
+!:mime biosig/tms32
+#
+0	string  FileId=TMSi\x20PortiLab\x20sample\x20log\x20file\x0a\x0dVersion=	Biosig/TMSiLOG
+!:mime biosig/tmsilog
+#
+4	string	Synergy\0\48\49\50\46\48\48\51\46\48\48\48\46\48\48\48\0\28\0\0\0\2\0\0\0
+>63	string	CRawDataElement
+>>85	string	CRawDataBuffer								Biosig/SYNERGY
+!:mime biosig/synergy
+#
+4	string	\40\0\4\1\44\1\102\2\146\3\44\0\190\3					Biosig/UNIPRO
+!:mime biosig/unipro
+#
+0	string	VER=9\r\nCTIME=								Biosig/WCP
+!:mime biosig/wcp
+#
+0	string	\xAF\xFE\xDA\xDA							Biosig/Walter Graphtek
+0	string	\xDA\xDA\xFE\xAF							Biosig/Walter Graphtek
+0	string	\x55\x55\xFE\xAF							Biosig/Walter Graphtek
+!:mime biosig/walter-graphtek
+#
+0	string  V3.0\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
+>32	string  [PatInfo]								Biosig/Sigma
+!:mime biosig/sigma
+#
+0	string  \067\069\078\013\010\0x1a\04\0x84					Biosig/File exchange format (FEF)
+!:mime biosig/fef
+0	string  \67\69\78\0x13\0x10\0x1a\4\0x84						Biosig/File exchange format (FEF)
+!:mime biosig/fef
+#
+0	string  \0\0\0\x64\0\0\0\x1f\0\0\0\x14\0\0\0\0\0\1
+>36  	string  \0\0\0\x65\0\0\0\3\0\0\0\4\0\0
+>>56	string  \0\0\0\x6a\0\0\0\3\0\0\0\4\0\0\0\0\xff\xff\xff\xff\0\0			Biosig/FIFF
+!:mime biosig/fiff
+#
+
 #------------------------------------------------------------------------------
 # $File: blackberry,v 1.2 2017/03/17 21:35:28 christos Exp $
 # blackberry:  file(1) magic for BlackBerry file formats
@@ -4833,7 +5548,7 @@
 >8	belong  010010010	BlackBerry RIM ETP file
 >>22	string	x		\b for %s
 # Berkeley Lab Checkpoint Restart (BLCR) checkpoint context files
-# http://ftg.lbl.gov/checkpoint
+# https://ftg.lbl.gov/checkpoint
 0	string	C\0\0\0R\0\0\0	BLCR
 >16	lelong	1	x86
 >16	lelong	3	alpha
@@ -4859,11 +5574,11 @@
 #>>&3	byte	x	\b%d
 
 #------------------------------------------------------------------------------
-# $File: blender,v 1.7 2017/03/17 21:35:28 christos Exp $
+# $File: blender,v 1.8 2019/04/19 00:42:27 christos Exp $
 # blender: file(1) magic for Blender 3D related files
 #
 # Native format rule v1.2. For questions use the developers list
-# http://lists.blender.org/mailman/listinfo/bf-committers
+# https://lists.blender.org/mailman/listinfo/bf-committers
 # GLOB chunk was moved near start and provides subversion info since 2.42
 
 0		string	=BLENDER	Blender3D,
@@ -4983,7 +5698,7 @@
 >12	belong		1004			HCI Serial (H5)
 >>12	belong		x			type %d
 #------------------------------------------------------------------------------
-# $File: c-lang,v 1.26 2017/08/14 07:40:38 christos Exp $
+# $File: c-lang,v 1.27 2019/02/27 16:46:23 christos Exp $
 # c-lang:  file(1) magic for C and related languages programs
 #
 # The strength is to beat standard HTML
@@ -4996,31 +5711,41 @@
 
 # C
 # Check for class if include is found, otherwise class is beaten by include becouse of lowered strength
-0	regex	\^#include			C
->0	regex	\^class[[:space:]]+
->>&0	regex 	\\{[\.\*]\\}(;)?$			\b++
->&0	clear	x				source text
+0	search/8192	#include
+>0	regex	\^#include			C
+>>0	regex	\^class[[:space:]]+
+>>>&0	regex 	\\{[\.\*]\\}(;)?$			\b++
+>>&0	clear	x				source text
 !:strength + 13
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*pragma	C source text
+0	search/8192	pragma
+>0	regex	\^#[[:space:]]*pragma	C source text
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*(if\|ifn)def
->&0	regex	\^#[[:space:]]*endif$	C source text
+0	search/8192	endif
+>0	regex	\^#[[:space:]]*(if\|ifn)def
+>>&0	regex	\^#[[:space:]]*endif$	C source text
 !:mime	text/x-c
-0	regex	\^#[[:space:]]*(if\|ifn)def
->&0	regex	\^#[[:space:]]*define	C source text
+0	search/8192	define
+>0	regex	\^#[[:space:]]*(if\|ifn)def
+>>&0	regex	\^#[[:space:]]*define	C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*char(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	char
+>0	regex	\^[[:space:]]*char(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*double(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	double
+>0	regex	\^[[:space:]]*double(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*extern[[:space:]]+		C source text
+0	search/8192	extern
+>0	regex	\^[[:space:]]*extern[[:space:]]+		C source text
 !:mime	text/x-c
-0	regex	\^[[:space:]]*float(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
+0	search/8192	float
+>0	regex	\^[[:space:]]*float(\ \\*|\\*)(.+)(=.*)?;[[:space:]]*$			C source text
 !:mime	text/x-c
-0	regex	\^struct[[:space:]]+		C source text
+0	search/8192	struct
+>0	regex	\^struct[[:space:]]+		C source text
 !:mime	text/x-c
-0	regex	\^union[[:space:]]+		C source text
+0	search/8192	union
+>0	regex	\^union[[:space:]]+		C source text
 !:mime	text/x-c
 0	search/8192	main(
 >&0 regex	\\)[[:space:]]*\\{		C source text
@@ -5028,35 +5753,44 @@
 
 # C++
 # The strength of these rules is increased so they beat the C rules above
-0	regex	\^namespace[[:space:]]+[_[:alpha:]]{1,30}[[:space:]]*\\{	C++ source text
+0	search/8192	namespace
+>0	regex	\^namespace[[:space:]]+[_[:alpha:]]{1,30}[[:space:]]*\\{	C++ source text
 !:strength + 30
 !:mime	text/x-c++
 # using namespace [namespace] or using std::[lib]
-0	regex	\^using[[:space:]]+(namespace\ )?std(::)?[[:alpha:]]*[[:space:]]*;		C++ source text
+0	search/8192	using
+>0	regex	\^using[[:space:]]+(namespace\ )?std(::)?[[:alpha:]]*[[:space:]]*;		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*template[[:space:]]*<.*>[[:space:]]*$	C++ source text
+0	search/8192	template
+>0	regex	\^[[:space:]]*template[[:space:]]*<.*>[[:space:]]*$	C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*virtual[[:space:]]+.*[};][[:space:]]*$		C++ source text
+0	search/8192	virtual
+>0	regex	\^[[:space:]]*virtual[[:space:]]+.*[};][[:space:]]*$		C++ source text
 !:strength + 30
 !:mime	text/x-c++
 # But class alone is reduced to avoid beating php (Jens Schleusener)
-0	regex	\^[[:space:]]*class[[:space:]]+[[:digit:][:alpha:]:_]+[[:space:]]*\\{(.*[\n]*)*\\}(;)?$		C++ source text
+0	search/8192	class
+>0	regex	\^[[:space:]]*class[[:space:]]+[[:digit:][:alpha:]:_]+[[:space:]]*\\{(.*[\n]*)*\\}(;)?$		C++ source text
 !:strength + 13
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*public:		C++ source text
+0	search/8192	public
+>0	regex	\^[[:space:]]*public:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*private:		C++ source text
+0	search/8192	private
+>0	regex	\^[[:space:]]*private:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
-0	regex	\^[[:space:]]*protected:		C++ source text
+0	search/8192	protected
+>0	regex	\^[[:space:]]*protected:		C++ source text
 !:strength + 30
 !:mime	text/x-c++
 
 # Objective-C
-0	regex	\^#import			Objective-C source text
+0	search/8192	#import
+>0	regex	\^#import			Objective-C source text
 !:strength + 25
 !:mime	text/x-objective-c
 
@@ -5130,7 +5864,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: cad,v 1.15 2017/06/24 15:24:56 christos Exp $
+# $File: cad,v 1.19 2019/04/19 00:42:27 christos Exp $
 # autocad:  file(1) magic for cad files
 #
 
@@ -5141,12 +5875,12 @@
 # raster underlays to Microstation DGN (vector) drawings.
 #
 # http://www.wotsit.org/search.asp
-# http://filext.com/detaillist.php?extdetail=DGN
-# http://filext.com/detaillist.php?extdetail=CIT
+# https://filext.com/detaillist.php?extdetail=DGN
+# https://filext.com/detaillist.php?extdetail=CIT
 #
-# http://www.bentley.com/products/default.cfm?objectid=97F351F5-9C35-4E5E-89C2
+# https://www.bentley.com/products/default.cfm?objectid=97F351F5-9C35-4E5E-89C2
 # 3F86C928&method=display&p_objectid=97F351F5-9C35-4E5E-89C280A93F86C928
-# http://www.bentley.com/products/default.cfm?objectid=A5C2FD43-3AC9-4C71-B682
+# https://www.bentley.com/products/default.cfm?objectid=A5C2FD43-3AC9-4C71-B682
 # 721C479F&method=display&p_objectid=A5C2FD43-3AC9-4C71-B682C7BE721C479F
 0	string	\010\011\376			Microstation
 >3	string	\002
@@ -5173,8 +5907,8 @@
 >4	string	\030\000\003			CITFile
 
 # AutoCAD
-# Merge of the different contributions and updates from http://en.wikipedia.org/wiki/Dwg
-# and http://www.iana.org/assignments/media-types/image/vnd.dwg
+# Merge of the different contributions and updates from https://en.wikipedia.org/wiki/Dwg
+# and https://www.iana.org/assignments/media-types/image/vnd.dwg
 0	string	MC0.0	DWG AutoDesk AutoCAD Release 1.0
 !:mime image/vnd.dwg
 0	string	AC1.2	DWG AutoDesk AutoCAD Release 1.2
@@ -5219,7 +5953,7 @@
 # Sergey Zaykov (mail_of_sergey@mail.ru, sergey_zaikov@rambler.ru,
 # ICQ 358572321)
 # From various sources like:
-# http://autodesk.blogs.com/between_the_lines/autocad-release-history.html
+# https://autodesk.blogs.com/between_the_lines/autocad-release-history.html
 0	string	AC1018	DWG AutoDesk AutoCAD 2004/2005/2006
 !:mime image/vnd.dwg
 0	string	AC1021	DWG AutoDesk AutoCAD 2007/2008/2009
@@ -5232,13 +5966,13 @@
 # KOMPAS 2D drawing from ASCON
 # This is KOMPAS 2D drawing or fragment of drawing but is not detailed nor
 # gathered nor specification
-# ASCON http://ascon.net/main/ in English,
-#	http://ascon.ru/ main site in Russian
+# ASCON https://ascon.net/main/ in English,
+#	https://ascon.ru/ main site in Russian
 # Extension is CDW for drawing and FRW for fragment of drawing
 # Sergey Zaykov (mail_of_sergey@mail.ru, sergey_zaikov@rambler.ru,
-# ICQ 358572321, http://vkontakte.ru/id16076543)
+# ICQ 358572321, https://vkontakte.ru/id16076543)
 # From:
-# http://sd.ascon.ru/otrs/customer.pl?Action=CustomerFAQ&CategoryID=4&ItemID=292
+# https://sd.ascon.ru/otrs/customer.pl?Action=CustomerFAQ&CategoryID=4&ItemID=292
 # (in russian) and my experiments
 0	string	KF
 >2	belong	0x4E00000C	Kompas drawing 12.0 SP1
@@ -5283,15 +6017,44 @@
 >>8	lelong		0xa
 >>>16	leshort		0x3d3d	3D Studio model
 !:mime	image/x-3ds
-!:extension 3ds
+!:ext 3ds
 
 # MegaCAD 2D/3D drawing (.prt)
-# http://megacad.de/
+# https://megacad.de/
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	string	MegaCad23\0	MegaCAD 2D/3D drawing
 
+# Hoops CAD files
+# https://docs.techsoft3d.com/visualize/3df/latest/build/general/hsf/\
+# HSF_architecture.html
+# Stephane Charette <stephane.charette@gmail.com>
+0	string	;;\020HSF\020V		OpenHSF (Hoops Stream Format)
+>7	regex/9 V[.0-9]{4,5}\020	%s
+!:ext hsf
+
+# AutoCAD Drawing Exchange Format
+0	regex		\^[\ \t]*0\r?\000$
+>1	regex		\^[\ \t]*SECTION\r?$
+>>2	regex		\^[\ \t]*2\r?$
+>>>3	regex		\^[\ \t]*HEADER\r?$	AutoCAD Drawing Exchange Format
+!:mime	application/x-dxf
+!:ext	dxf
+>>>>&1	search/8192	AC1006			\b, R10
+>>>>&1	search/8192	AC1009			\b, R11/R12
+>>>>&1	search/8192	AC1012			\b, R13
+>>>>&1	search/8192	AC1014			\b, R14
+>>>>&1	search/8192	AC1015			\b, version 2000
+>>>>&1	search/8192	AC1018			\b, version 2004
+>>>>&1	search/8192	AC1021			\b, version 2007
+>>>>&1	search/8192	AC1024			\b, version 2010
+
+# The Sketchup 3D model format https://www.sketchup.com/
+0	string	\xff\xfe\xff\x0e\x53\x00\x6b\x00\x65\x00\x74\x00\x63\x00\x68\x00\x55\x00\x70\x00\x20\x00\x4d\x00\x6f\x00\x64\x00\x65\x00\x6c\x00	SketchUp Model
+!:mime application/vnd.sketchup.skp
+!:ext skp
+
 #------------------------------------------------------------------------------
-# $File: cafebabe,v 1.23 2017/05/25 20:07:23 christos Exp $
+# $File: cafebabe,v 1.24 2018/10/01 23:33:15 christos Exp $
 # Cafe Babes unite!
 #
 # Since Java bytecode and Mach-O universal binaries have the same magic number,
@@ -5349,15 +6112,15 @@
 >>4	belong		<20		Mach-O universal binary with %d architectures:
 !:mime application/x-mach-binary
 >>>8	use		mach-o		\b
->>4	belong		2
+>>4	belong		>1
 >>>28	use		mach-o		\b
->>4	belong		3
+>>4	belong		>2
 >>>48	use		mach-o		\b
->>4	belong		4
+>>4	belong		>3
 >>>68	use		mach-o		\b
->>4	belong		5
+>>4	belong		>4
 >>>88	use		mach-o		\b
->>4	belong		6
+>>4	belong		>5
 >>>108	use		mach-o		\b
 
 ### MACH-O END ###
@@ -5569,9 +6332,39 @@
 >54	byte		4		-Cscb
 4	string		pipe		CLIPPER instruction trace
 4	string		prof		CLIPPER instruction profile
+#------------------------------------------------------------------------------
+# file:  file(1) magic for Clojure
+# URL:  https://clojure.org/
+# From: Jason Felice <jason.m.felice@gmail.com>
+
+0	string/w	#!\ /usr/bin/clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/local/bin/clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/bin/clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/w	#!\ /usr/local/bin/clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!/usr/bin/env\ clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!/usr/bin/env\ clojure	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!\ /usr/bin/env\ clj	Clojure script text executable
+!:mime	text/x-clojure
+0	string/W	#!\ /usr/bin/env\ clojure	Clojure script text executable
+!:mime	text/x-clojure
+
+0	regex	\^\\\(ns[[:space:]]+[a-z]	Clojure module source text
+!:mime	text/x-clojure
+
+0	regex	\^\\\(ns[[:space:]]+\\\^\\{:	Clojure module source text
+!:mime	text/x-clojure
+
+0	regex	\^\\\(defn-?[[:space:]]	Clojure module source text
+!:mime	text/x-clojure
 
 #------------------------------------------------------------------------------
-# $File: coff,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: coff,v 1.3 2018/08/01 10:34:03 christos Exp $
 # coff: file(1) magic for Common Object Files not specific to known cpu types or manufactures
 #
 # COFF
@@ -5597,6 +6390,10 @@
 >>0	uleshort	0x0550		Hitachi SH little-endian
 # executable (RISC System/6000 V3.1) or obj module (./ibm6000)
 #>>0	uleshort	0x01DF
+# MS Windows COFF Intel Itanium, AMD64
+# https://msdn.microsoft.com/en-us/library/windows/desktop/ms680313(v=vs.85).aspx
+>>0	uleshort	0x0200		Intel ia64
+>>0	uleshort	0x8664		Intel amd64
 # TODO for other COFFs
 #>>0	uleshort	0xABCD		COFF_TEMPLATE
 >>0	default		x
@@ -5648,7 +6445,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: commands,v 1.59 2017/08/14 07:40:38 christos Exp $
+# $File: commands,v 1.60 2019/04/19 00:42:27 christos Exp $
 # commands:  file(1) magic for various shells and interpreters
 #
 #0	string/w	:			shell archive or script for antique kernel text
@@ -5744,7 +6541,7 @@
 0	search/1/w	#!\ /usr/bin/php	PHP script text executable
 !:strength + 10
 !:mime	text/x-php
-# Smarty compiled template, http://www.smarty.net/
+# Smarty compiled template, https://www.smarty.net/
 # Elan Ruusamae <glen@delfi.ee>
 0	string	=<?php
 >5	regex	[\ \n]
@@ -5757,7 +6554,7 @@
 0	string/t	$!			DCL command file
 
 # Type: Pdmenu
-# URL:  http://packages.debian.org/pdmenu
+# URL:  https://packages.debian.org/pdmenu
 # From: Edward Betts <edward@debian.org>
 0	string		#!/usr/bin/pdmenu	Pdmenu configuration file text
 
@@ -5787,7 +6584,7 @@
 0	string		msc		Message Sequence Chart (chart)
 0	string		submsc		Message Sequence Chart (subchart)
 #------------------------------------------------------------------------------
-# $File: compress,v 1.72 2018/03/27 23:26:41 christos Exp $
+# $File: compress,v 1.75 2019/04/19 00:42:27 christos Exp $
 # compress:  file(1) magic for pure-compression formats (no archives)
 #
 # compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, etc.
@@ -5804,13 +6601,78 @@
 >2	byte&0x1f	x		%d bits
 
 # gzip (GNU zip, not to be confused with Info-ZIP or PKWARE zip archiver)
+# URL: https://en.wikipedia.org/wiki/Gzip
+# Reference: https://tools.ietf.org/html/rfc1952
+# Update: Joerg Jenderek, Apr 2019
 #   Edited by Chris Chittleborough <cchittleborough@yahoo.com.au>, March 2002
 #	* Original filename is only at offset 10 if "extra field" absent
 #	* Produce shorter output - notably, only report compression methods
 #         other than 8 ("deflate", the only method defined in RFC 1952).
-0       string          \037\213        gzip compressed data
-!:mime	application/x-gzip
-!:strength * 2
+# Note: find defs -iname '*.trid.xml' -exec grep -q '<Bytes>1F8B08' {} \; -ls
+# TODO:
+# FBR	Blueberry FlashBack screen Record	https://www.flashbackrecorder.com/
+# KPR	KOffice/Calligra KPresenter		application/x-kpresenter
+# KPT	KOffice/Calligra KPresenter template?	application/x-kpresenter
+# SAV	Diggles Saved Game File			http://www.innonics.com
+# SAV	FarCry (demo) saved game		http://www.farcry-thegame.com
+# DAT	ZOAGZIP game data format		http://en.wikipedia.org/wiki/SD_Gundam_Capsule_Fighter
+0       string          \037\213
+# to display gzip compressed (strength=100=2*50) before other (strength=50)?
+#!:strength * 2
+# no FNAME and FCOMMENT bit implies no file name/comment. That means only binary
+>3	byte&0x18	=0
+# For binary gzipped no ASCII text should occur
+#	mcd-monu-cad.trid.xml
+>>10	string		MCD			Monu-Cad Drawing, Component or Font
+#>>36	string		Created\ with\ MONU-CAD	
+#!:mime	application/octet-stream
+# http://fileformats.archiveteam.org/wiki/Monu-CAD
+#	http://www.monucad.com/downloads/FullDemo-2005.EXE
+#	/HANDS96.MCC	Component
+#	/DEMO_DD01.MCD	Drawing
+#	/MCALF020.FNT	Font
+!:ext	mcc/mcd/fnt
+# http://www.generalcadd.com
+>>10	string		GXD			General CADD, Drawing or Component
+#!:mime	application/octet-stream
+#	/gxc/BUILDINGEDGE.gxc			Component
+#	/gxd/HOCKETT-STPAUL-WRHSE.gxd		Drawing
+#	/gxd/POWERLAND-MILL-ADD-11.gxd		Drawing		v9.1.06
+!:ext	gxc/gxd
+#>>>13	ubyte		0			\b, version 0
+>>>13	string		09			\b, version 9
+# other gzipped binary like gzipped tar, VirtualBox extension package,...
+>>10	default		x		gzip compressed data
+>>>0	use	gzip-info
+# size of the original (uncompressed) input data modulo 2^32
+>>>-4	ulelong		x		\b, original size modulo 2^32 %u
+# gzipped TAR or VirtualBox extension package
+!:mime	application/gzip
+#!:mime	application/x-compressed-tar
+#!:mime	application/x-virtualbox-vbox-extpack
+# https://www.w3.org/TR/SVG/mimereg.html
+#!:mime	image/image/svg+xml-compressed
+#	zlib.3.gz
+#	microcode-20180312.tgz
+#	tpz same as tgz
+#	lua-md5_1.2-1_i386_i486.ipk	https://en.wikipedia.org/wiki/Opkg
+#	Oracle_VM_VirtualBox_Extension_Pack-5.0.12-104815.vbox-extpack
+!:ext	gz/tgz/tpz/ipk/vbox-extpack/svgz
+# FNAME/FCOMMENT bit implies file name/comment as iso-8859-1 text
+>3	byte&0x18	>0		gzip compressed data
+!:mime	application/gzip
+# gzipped tar, gzipped Abiword document
+#!:mime	application/x-compressed-tar
+#!:mime	application/x-abiword-compressed
+#!:mime	image/image/svg+xml-compressed
+#	kleopatra_splashscreen.svgz	gzipped .svg
+!:ext	gz/tgz/tpz/zabw/svgz
+>>0	use	gzip-info
+# size of the original (uncompressed) input data modulo 2^32
+>>-4	ulelong		x		\b, original size modulo 2^32 %u
+#	display information of gzip compressed files
+0	name				gzip-info
+#>2	byte		x		THIS iS GZIP
 >2	byte		<8		\b, reserved method
 >2	byte		>8		\b, unknown method
 >3	byte		&0x01		\b, ASCII
@@ -5837,7 +6699,9 @@
 >9	byte		=0x0B		\b, from NTFS filesystem (NT)
 >9	byte		=0x0C		\b, from QDOS
 >9	byte		=0x0D		\b, from Acorn RISCOS
->-4	lelong		x		\b, original size %d
+# size of the original (uncompressed) input data modulo 2^32
+#>-4	ulelong		x		\b, original size modulo 2^32 %u
+#ERROR: line 114: non zero offset 1048572 at level 1
 
 # packed data, Huffman (minimum redundancy) codes on a byte-by-byte basis
 0	string		\037\036	packed data
@@ -5948,7 +6812,7 @@
 >>17	byte		=0x0E		os: Win32
 
 # 4.3BSD-Quasijarus Strong Compression
-# http://minnie.tuhs.org/Quasijarus/compress.html
+# https://minnie.tuhs.org/Quasijarus/compress.html
 0	string		\037\241	Quasijarus strong compressed data
 
 # From: Cory Dikkers <cdikkers@swbell.net>
@@ -5962,7 +6826,7 @@
 >4	belong		0x090A0C0D	best compression
 
 # 7-zip archiver, from Thomas Klausner (wiz@danbala.tuwien.ac.at)
-# http://www.7-zip.org or DOC/7zFormat.txt
+# https://www.7-zip.org or DOC/7zFormat.txt
 #
 0	string		7z\274\257\047\034	7-zip archive data,
 >6	byte		x			version %d
@@ -5991,7 +6855,7 @@
 >5	byte		x			\b.%d
 !:mime	application/x-lrzip
 
-# http://fastcompression.blogspot.fi/2013/04/lz4-streaming-format-final.html
+# https://fastcompression.blogspot.fi/2013/04/lz4-streaming-format-final.html
 0	lelong		0x184d2204	LZ4 compressed data (v1.4+)
 !:mime	application/x-lz4
 # Added by osm0sis@xda-developers.com
@@ -6080,11 +6944,11 @@
 >0x8	lelong	x		\b, %u entries
 
 # Snappy framing format
-# http://code.google.com/p/snappy/source/browse/trunk/framing_format.txt
+# https://code.google.com/p/snappy/source/browse/trunk/framing_format.txt
 0	string	\377\006\0\0sNaPpY	snappy framed data
 !:mime	application/x-snappy-framed
 
-# qpress, http://www.quicklz.com/
+# qpress, https://www.quicklz.com/
 0	string	qpress10	qpress compressed data
 !:mime	application/x-qpress
 
@@ -6115,15 +6979,15 @@
 0	string	bvxn	lzfse encoded, lzvn compressed
 
 #------------------------------------------------------------------------------
-# $File: console,v 1.35 2017/11/14 15:48:36 christos Exp $
+# $File: console,v 1.45 2019/04/19 00:42:27 christos Exp $
 # Console game magic
 # Toby Deshane <hac@shoelace.digivill.net>
 
 # ines: file(1) magic for Marat's iNES Nintendo Entertainment System ROM dump format
 # Updated by David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://wiki.nesdev.com/w/index.php/INES
-# - http://wiki.nesdev.com/w/index.php/NES_2.0
+# - https://wiki.nesdev.com/w/index.php/INES
+# - https://wiki.nesdev.com/w/index.php/NES_2.0
 
 # Common header for iNES, NES 2.0, and Wii U iNES.
 0	name		nes-rom-image-ines
@@ -6162,15 +7026,17 @@
 
 # Standard iNES ROM header.
 0	string		NES\x1A		NES ROM image (iNES)
+!:mime	application/x-nes-rom
 >0	use		nes-rom-image-ines
 
 # Wii U Virtual Console iNES ROM header.
 0	belong		0x4E455300	NES ROM image (Wii U Virtual Console)
+!:mime	application/x-nes-rom
 >0	use		nes-rom-image-ines
 
 #------------------------------------------------------------------------------
 # unif: file(1) magic for UNIF-format Nintendo Entertainment System ROM images
-# Reference: http://wiki.nesdev.com/w/index.php/UNIF
+# Reference: https://wiki.nesdev.com/w/index.php/UNIF
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 # NOTE: The UNIF format uses chunks instead of a fixed header,
@@ -6178,10 +7044,11 @@
 #
 0	string	UNIF
 >4	lelong	<16	NES ROM image (UNIF v%d format)
+!:mime	application/x-nes-rom
 
 #------------------------------------------------------------------------------
 # fds: file(1) magic for Famciom Disk System disk images
-# Reference: http://wiki.nesdev.com/w/index.php/Family_Computer_Disk_System#.FDS_format
+# Reference: https://wiki.nesdev.com/w/index.php/Family_Computer_Disk_System#.FDS_format
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # TODO: Check "Disk info block" and get info from that in addition to the optional header.
 
@@ -6196,12 +7063,14 @@
 # Headered version.
 0	string	FDS\x1A
 >0x11	string	*NINTENDO-HVC*	Famicom Disk System disk image:
+!:mime	application/x-fds-disk
 >>0x10	use	nintendo-fds-disk-info-block
 >4	byte	1	(%u side)
 >4	byte	!1	(%u sides)
 
 # Unheadered version.
 1	string	*NINTENDO-HVC*	Famicom Disk System disk image:
+!:mime	application/x-fds-disk
 >0	use	nintendo-fds-disk-info-block
 
 #------------------------------------------------------------------------------
@@ -6210,6 +7079,7 @@
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0		string	TNES	NES ROM image (Nintendo 3DS Virtual Console)
+!:mime		application/x-nes-rom
 >4		byte	100	\b: FDS,
 >>0x2010	use	nintendo-fds-disk-info-block
 >4		byte	!100	\b: TNES mapper %u
@@ -6225,6 +7095,8 @@
 # Reference: http://gbdev.gg8.se/wiki/articles/The_Cartridge_Header
 #
 0x104		bequad		0xCEED6666CC0D000B	Game Boy ROM image
+# TODO: application/x-gameboy-color-rom for GBC.
+!:mime		application/x-gameboy-rom
 >0x143		byte&0x80	0x80
 >>0x134		string		>\0			\b: "%.15s"
 >0x143		byte&0x80	!0x80
@@ -6239,6 +7111,7 @@
 >>0x146		byte		!0x03
 >>>0x143	byte&0xC0	0x80	[CGB]
 >>>0x143	byte&0xC0	0xC0	[CGB ONLY]
+>0x14b		byte		!0x33
 
 # Mapper.
 >0x147 byte 0x00  [ROM ONLY]
@@ -6292,7 +7165,7 @@
 # genesis: file(1) magic for various Sega Mega Drive / Genesis ROM image and disc formats
 # Updated by David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://www.retrodev.com/segacd.html
+# - https://www.retrodev.com/segacd.html
 # - http://devster.monkeeh.com/sega/32xguide1.txt
 #
 
@@ -6314,29 +7187,37 @@
 # TODO: Check for 32X CD?
 # Sega Mega CD disc images: 2048-byte sectors.
 0	string	SEGADISCSYSTEM\ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0	use	sega-mega-drive-header
 >0	byte	x			\b, 2048-byte sectors
 0	string	SEGABOOTDISC\ \ \ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0	use	sega-mega-drive-header
 >0	byte	x			\b, 2048-byte sectors
 # Sega Mega CD disc images: 2352-byte sectors.
 0x10	string	SEGADISCSYSTEM\ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0x10	use	sega-mega-drive-header
 >0	byte	x			\b, 2352-byte sectors
 0x10	string	SEGABOOTDISC\ \ \ \ 	Sega Mega CD disc image
+!:mime	application/x-sega-cd-rom
 >0x10	use	sega-mega-drive-header
 >0	byte	x			\b, 2352-byte sectors
 
 # Sega Mega Drive, 32X, Pico, and Mega CD Boot ROM images.
 0x100		string	SEGA
 >0x3C0		bequad	0x4D41525320434845	Sega 32X ROM image
+!:mime		application/x-genesis-32x-rom
 >>0		use	sega-mega-drive-header
 >0x3C0		bequad	!0x4D41525320434845
 >>0x105		belong	0x5049434F	Sega Pico ROM image
+!:mime		application/x-sega-pico-rom
 >>>0		use	sega-mega-drive-header
 >>0x105		belong	!0x5049434F
 >>>0x180	beshort	0x4252		Sega Mega CD Boot ROM image
+!:mime		application/x-genesis-rom
 >>>0x180	beshort	!0x4252		Sega Mega Drive / Genesis ROM image
+!:mime		application/x-genesis-rom
 >>>0		use	sega-mega-drive-header
 
 #------------------------------------------------------------------------------
@@ -6353,11 +7234,13 @@
 # "Sega Genesis" header.
 0x280	string EAGN
 >8	beshort	0xAABB	Sega Mega Drive / Genesis ROM image (SMD format):
+!:mime	application/x-genesis-rom
 >>0	use     sega-genesis-smd-header
 
 # "Sega Mega Drive" header.
 0x280	string EAMG
 >8	beshort	0xAABB	Sega Mega Drive / Genesis ROM image (SMD format):
+!:mime	application/x-genesis-rom
 >>0	use     sega-genesis-smd-header
 
 #------------------------------------------------------------------------------
@@ -6365,7 +7248,7 @@
 # Detects all Game Gear and export Sega Master System ROM images,
 # and some Japanese Sega Master System ROM images.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://www.smspower.org/Development/ROMHeader
+# Reference: https://www.smspower.org/Development/ROMHeader
 #
 
 # General SMS header rule.
@@ -6373,12 +7256,17 @@
 0	name	sega-master-system-rom-header
 # Machine type.
 >0x0F	byte&0xF0	0x30	Sega Master System
+!:mime	application/x-sms-rom
 >0x0F	byte&0xF0	0x40	Sega Master System
+!:mime	application/x-sms-rom
 >0x0F	byte&0xF0	0x50	Sega Game Gear
+!:mime	application/x-gamegear-rom
 >0x0F	byte&0xF0	0x60	Sega Game Gear
+!:mime	application/x-gamegear-rom
 >0x0F	byte&0xF0	0x70	Sega Game Gear
->0x0F	byte&0xF0	<0x30	Sega Master System / Game Gear
->0x0F	byte&0xF0	>0x70	Sega Master System / Game Gear
+!:mime	application/x-gamegear-rom
+>0x0F	default		x	Sega Master System / Game Gear
+!:mime	application/x-sms-rom
 >0	byte		x	ROM image:
 # Product code.
 >0x0E	byte&0xF0	0x10	1
@@ -6438,17 +7326,19 @@
 
 # 2048-byte sector version.
 0	string	SEGA\ SEGASATURN\ 	Sega Saturn disc image
+!:mime	application/x-saturn-rom
 >0	use	sega-saturn-disc-header
 >0	byte	x			(2048-byte sectors)
 # 2352-byte sector version.
 0x10	string	SEGA\ SEGASATURN\ 	Sega Saturn disc image
+!:mime	application/x-saturn-rom
 >0x10	use	sega-saturn-disc-header
 >0	byte	x			(2352-byte sectors)
 
 #------------------------------------------------------------------------------
 # dreamcast: file(1) magic for the Sega Dreamcast disc image format.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://mc.pp.se/dc/ip0000.bin.html
+# Reference: https://mc.pp.se/dc/ip0000.bin.html
 #
 
 # Common Sega Dreamcast disc header format.
@@ -6462,10 +7352,12 @@
 
 # 2048-byte sector version.
 0	string	SEGA\ SEGAKATANA\ 	Sega Dreamcast disc image
+!:mime	application/x-dc-rom
 >0	use	sega-dreamcast-disc-header
 >0	byte	x			(2048-byte sectors)
 # 2352-byte sector version.
 0x10	string	SEGA\ SEGAKATANA\ 	Sega Dreamcast disc image
+!:mime	application/x-dc-rom
 >0x10	use	sega-dreamcast-disc-header
 >0	byte	x			(2352-byte sectors)
 
@@ -6481,6 +7373,7 @@
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0	bequad	0x803712400000000F	Nintendo 64 ROM image
+!:mime	application/x-n64-rom
 >0x20	string	>\0	\b: "%.20s"
 >0x3B	string	x	(%.4s
 >0x3F	byte	x	\b, Rev.%02u)
@@ -6490,39 +7383,44 @@
 # Same as z64 format, but with 16-bit byteswapping.
 #
 0	bequad	0x3780401200000F00	Nintendo 64 ROM image (V64)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # n64-swap2: file(1) magic for the swap2 format N64 ROM dumps
 # Same as z64 format, but with swapped 16-bit words.
 #
 0	bequad	0x12408037000F0000	Nintendo 64 ROM image (wordswapped)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # n64-le32: file(1) magic for the 32-bit byteswapped format N64 ROM dumps
 # Same as z64 format, but with 32-bit byteswapping.
 #
 0	bequad	0x401237800F000000	Nintendo 64 ROM image (32-bit byteswapped)
+!:mime	application/x-n64-rom
 
 #------------------------------------------------------------------------------
 # gba: file(1) magic for the Nintendo Game Boy Advance raw ROM format
-# Reference: http://problemkaputt.de/gbatek.htm#gbacartridgeheader
+# Reference: https://problemkaputt.de/gbatek.htm#gbacartridgeheader
 #
 # Original version from: "Nelson A. de Oliveira" <naoliv@gmail.com>
 # Updated version from: David Korth <gerbilsoft@gerbilsoft.com>
 #
 4	bequad	0x24FFAE51699AA221	Game Boy Advance ROM image
+!:mime	application/x-gba-rom
 >0xA0	string	>\0	\b: "%.12s"
 >0xAC	string	x	(%.6s
 >0xBC	byte	x	\b, Rev.%02u)
 
 #------------------------------------------------------------------------------
 # nds: file(1) magic for the Nintendo DS(i) raw ROM format
-# Reference: http://problemkaputt.de/gbatek.htm#dscartridgeheader
+# Reference: https://problemkaputt.de/gbatek.htm#dscartridgeheader
 #
 # Original version from: "Nelson A. de Oliveira" <naoliv@gmail.com>
 # Updated version from: David Korth <gerbilsoft@gerbilsoft.com>
 #
 0xC0	bequad	0x24FFAE51699AA221	Nintendo DS ROM image
+!:mime	application/x-nintendo-ds-rom
 >0x00	string	>\0		\b: "%.12s"
 >0x0C	string	x		(%.6s
 >0x1E	byte	x		\b, Rev.%02u)
@@ -6543,15 +7441,17 @@
 # This is also used for loading .nds files using the MSET exploit on 3DS.
 # Reference: https://github.com/devkitPro/ndstool/blob/master/source/ndscreate.cpp
 0xC0	bequad	0xC8604FE201708FE2	Nintendo DS Slot-2 ROM image (PassMe)
+!:mime	application/x-nintendo-ds-rom
 
 #------------------------------------------------------------------------------
 # ngp: file(1) magic for the Neo Geo Pocket (Color) raw ROM format.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # References:
 # - https://neogpc.googlecode.com/svn-history/r10/trunk/src/core/neogpc.cpp
-# - http://www.devrs.com/ngp/files/ngpctech.txt
+# - https://www.devrs.com/ngp/files/ngpctech.txt
 #
 0x0A	string	BY\ SNK\ CORPORATION	Neo Geo Pocket
+!:mime	application/x-neo-geo-pocket-rom
 >0x23	byte	0x10			Color
 >0	byte	x			ROM image
 >0x24	string	>\0			\b: "%.12s"
@@ -6586,7 +7486,21 @@
 
 #------------------------------------------------------------------------------
 # Microsoft Xbox executables .xbe (Esa Hyytia <ehyytia@cc.hut.fi>)
-0       string          XBEH            XBE, Microsoft Xbox executable
+0	string	XBEH	Microsoft Xbox executable
+# expect base address of 0x10000
+>0x0104                 ulelong =0x10000
+>>(0x0118.l-0x0FFF4)    lestring16 x       \b: "%.40s"
+>>(0x0118.l-0x0FFF5)    byte     x         (%c
+>>(0x0118.l-0x0FFF6)    byte     x         \b%c-
+>>(0x0118.l-0x0FFF8)    uleshort x         \b%03u)
+>>(0x0118.l-0x0FF60)    ulelong&0x80000007  0x80000007 \b, all regions
+>>(0x0118.l-0x0FF60)    ulelong&0x80000007  !0x80000007
+>>>(0x0118.l-0x0FF60)   ulelong >0           (regions:
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000001  NA
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000002  Japan
+>>>>(0x0118.l-0x0FF60)  ulelong &0x00000004  Rest_of_World
+>>>>(0x0118.l-0x0FF60)  ulelong &0x80000000  Manufacturer
+>>>(0x0118.l-0x0FF60)   ulelong >0           \b)
 # probabilistic checks whether signed or not
 >0x0004 ulelong =0x0
 >>&2    ulelong =0x0
@@ -6594,22 +7508,43 @@
 >0x0004 ulelong >0
 >>&2    ulelong >0
 >>>&2   ulelong >0    \b, signed
-# expect base address of 0x10000
->0x0104               ulelong =0x10000
->>(0x0118-0x0FF60)    ulelong&0x80000007  0x80000007 \b, all regions
->>(0x0118-0x0FF60)    ulelong&0x80000007  !0x80000007
->>>(0x0118-0x0FF60)   ulelong >0           (regions:
->>>>(0x0118-0x0FF60)  ulelong &0x00000001  NA
->>>>(0x0118-0x0FF60)  ulelong &0x00000002  Japan
->>>>(0x0118-0x0FF60)  ulelong &0x00000004  Rest_of_World
->>>>(0x0118-0x0FF60)  ulelong &0x80000000  Manufacturer
->>>(0x0118-0x0FF60)   ulelong >0           \b)
 
 # --------------------------------
 # Microsoft Xbox data file formats
 0       string          XIP0            XIP, Microsoft Xbox data
 0       string          XTF0            XTF, Microsoft Xbox data
 
+#------------------------------------------------------------------------------
+# Microsoft Xbox 360 executables (.xex)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://free60project.github.io/wiki/XEX.html
+# - https://github.com/xenia-project/xenia/blob/HEAD/src/xenia/kernel/util/xex2_info.h
+
+# Title ID (part of Execution ID section)
+0		name	xbox-360-xex-execution-id
+>(0.L+0xC)	byte	x	(%c
+>(0.L+0xD)	byte	x	\b%c
+>(0.L+0xE)	beshort	x	\b-%04u)
+
+0	string	XEX2	Microsoft Xbox 360 executable
+>0x18	search/0x100	\x00\x04\x00\x06
+>>&0	use	xbox-360-xex-execution-id
+>(0x010.L+0x178)	ubelong	0xFFFFFFFF	\b, all regions
+>(0x010.L+0x178)	ubelong	!0xFFFFFFFF
+>>(0x010.L+0x178)	ubelong	>0		(regions:
+>>(0x010.L+0x178)	ubelong&0x000000FF	0x000000FF	USA
+>>(0x010.L+0x178)	ubelong&0x00000100	0x00000100	Japan
+>>(0x010.L+0x178)	ubelong&0x00000200	0x00000200	China
+>>(0x010.L+0x178)	ubelong&0x0000FC00	0x0000FC00	Asia
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00FF0000	PAL
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00FE0000	PAL [except AU/NZ]
+>>(0x010.L+0x178)	ubelong&0x00FF0000	0x00010000	AU/NZ
+>>(0x010.L+0x178)	ubelong&0xFF000000	0xFF000000	Other
+>>(0x010.L+0x178)	ubelong	>0		\b)
+
+
+
 # Atari Lynx cartridge dump (EXE/BLL header)
 # From: "Stefan A. Haubenthal" <polluks@web.de>
 
@@ -6617,8 +7552,10 @@
 # 8 character OMF-86 object file headers.
 0	beshort		0x8008
 >6	string		BS93		Lynx homebrew cartridge
+!:mime	application/x-atari-lynx-rom
 >>2	beshort		x		\b, RAM start $%04x
 >6	string		LYNX		Lynx cartridge
+!:mime	application/x-atari-lynx-rom
 >>2	beshort		x		\b, RAM start $%04x
 
 # Opera file system that is used on the 3DO console
@@ -6633,14 +7570,14 @@
 # Gameboy%20Sound%20System%20(.gbs).txt
 0	string		GBS		Nintendo Gameboy Music/Audio Data
 #12	string		GameBoy\ Music\ Module	Nintendo Gameboy Music Module
->16	string		>\0	("%s" by
->48	string		>\0	%s, copyright
->80	string		>\0	%s),
->3	byte		x	version %d,
->4	byte		x	%d tracks
+>16	string		>\0	("%.32s" by
+>48	string		>\0	%.32s, copyright
+>80	string		>\0	%.32s),
+>3	byte		x	version %u,
+>4	byte		x	%u tracks
 
 # IPS Patch Files from: From: Thomas Klausner <tk@giga.or.at>
-# see http://zerosoft.zophar.net/ips.php
+# see https://zerosoft.zophar.net/ips.php
 0	string	PATCH			IPS patch file
 
 # Playstations Patch Files from: From: Thomas Klausner <tk@giga.or.at>
@@ -6731,7 +7668,7 @@
 
 # Type: Nintendo GameCube/Wii common disc header data.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0	name	nintendo-gcn-disc-common
 >0x20	string	x	"%.64s"
 >0x00	string	x	(%.6s
@@ -6740,11 +7677,14 @@
 >>0x06	byte	2	\b, Disc 3
 >>0x06	byte	3	\b, Disc 4
 >0x07	byte	x	\b, Rev.%02u)
+>0x18	belong	0x5D1C9EA3
+>>0x60	beshort	0x0101	\b (Unencrypted)
 
 # Type: Nintendo GameCube disc image
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0x1C	belong	0xC2339F3D	Nintendo GameCube disc image:
+!:mime	application/x-gamecube-rom
 >0	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube embedded disc image
@@ -6754,19 +7694,21 @@
 0		belong	0xAE0F38A2
 >0x0C		belong	0x00100000
 >>(8.L+0x1C)	belong	0xC2339F3D	Nintendo GameCube embedded disc image:
+!:mime	application/x-gamecube-rom
 >>>(8.L)	use	nintendo-gcn-disc-common
 
 # Type: Nintendo Wii disc image
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0x18	belong	0x5D1C9EA3	Nintendo Wii disc image:
 >0	use	nintendo-gcn-disc-common
 
 # Type: Nintendo Wii disc image (WBFS format)
 # From: David Korth <gerbilsoft@gerbilsoft.com>
-# Reference: http://wiibrew.org/wiki/Wii_Disc
+# Reference: https://wiibrew.org/wiki/Wii_Disc
 0	string	WBFS
 >0x218	belong	0x5D1C9EA3	Nintendo Wii disc image (WBFS format):
+!:mime	application/x-wii-rom
 >>0x200	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (CISO format)
@@ -6780,41 +7722,63 @@
 >4		lelong	0x200000
 >>8		byte	1
 >>>0x801C	belong	0xC2339F3D	Nintendo GameCube disc image (CISO format):
+!:mime	application/x-wii-rom
 >>>>0x8000	use	nintendo-gcn-disc-common
 >>>0x8018	belong	0x5D1C9EA3	Nintendo Wii disc image (CISO format):
+!:mime	application/x-wii-rom
 >>>>0x8000	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (GCZ format)
 # Due to zlib compression, we can't get the actual disc information.
 0	lelong	0xB10BC001
 >4	lelong	0		Nintendo GameCube disc image (GCZ format)
+!:mime	application/x-gamecube-rom
 >4	lelong	1		Nintendo Wii disc image (GCZ format)
->4	lelong	>1		Nintendo GameCube/Wii disc image (GCZ format)
+!:mime	application/x-wii-rom
+>4	default	x		Nintendo GameCube/Wii disc image (GCZ format)
 
 # Type: Nintendo GameCube/Wii disc image (WDF format)
 0		string	WII\001DISC
 >8		belong	1
 # WDFv1
 >>0x54		belong	0xC2339F3D	Nintendo GameCube disc image (WDFv1 format):
+!:mime	application/x-gamecube-rom
 >>>0x38		use	nintendo-gcn-disc-common
 >>0x58		belong	0x5D1C9EA3	Nintendo Wii disc image (WDFv1 format):
+!:mime	application/x-wii-rom
 >>>0x38		use	nintendo-gcn-disc-common
 >8		belong	2
 # WDFv2
 >>(12.L+0x1C)	belong	0xC2339F3D	Nintendo GameCube disc image (WDFv2 format):
+!:mime	application/x-gamecube-rom
 >>>(12.L)	use	nintendo-gcn-disc-common
 >>(12.L+0x18)	belong	0x5D1C9EA3	Nintendo Wii disc image (WDFv2 format):
+!:mime	application/x-wii-rom
 >>>(12.L)	use	nintendo-gcn-disc-common
 
 # Type: Nintendo GameCube/Wii disc image (WIA format)
 0	string	WIA\001	Nintendo
->0x48	belong	0	GameCube/Wii
 >0x48	belong	1	GameCube
+!:mime	application/x-gamecube-rom
 >0x48	belong	2	Wii
->0x48	belong	>2	GameCube/Wii
+!:mime	application/x-wii-rom
+>0x48	default	x	GameCube/Wii
 >0x48	belong	x	disc image (WIA format):
 >>0x58	use	nintendo-gcn-disc-common
 
+# Type: Nintendo GameCube/Wii disc image (with SDK header)
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# Reference: https://wiibrew.org/wiki/Wii_Disc
+0		belong	0xFFFF0000
+>0x18		belong	0x00000000
+>>0x1C		belong	0x00000000
+>>>0x8018	belong	0x5D1C9EA3	Nintendo Wii SDK disc image:
+!:mime	application/x-wii-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+>>>0x801C	belong	0xC2339F3D	Nintendo GameCube SDK disc image:
+!:mime	application/x-gamecube-rom
+>>>>0x8000	use	nintendo-gcn-disc-common
+
 #------------------------------------------------------------------------------
 # Nintendo 3DS file formats.
 #
@@ -6931,6 +7895,7 @@
 0	byte	>0
 >0	byte	<3
 >>1	string	ATARI7800	Atari 7800 ROM image
+!:mime	application/x-atari-7800-rom
 >>>0x11	string	>\0	\b: "%.32s"
 # Display type.
 >>>0x39	byte	0	(NTSC)
@@ -7033,7 +7998,7 @@
 >84	belong&0x18000000	=0x18000000	undefined fpmode
 
 #------------------------------------------------------------------------------
-# $File: coverage,v 1.1 2016/06/05 00:26:32 christos Exp $
+# $File: coverage,v 1.2 2019/04/19 00:42:27 christos Exp $
 # xoverage:  file(1) magic for test coverage data
 
 # File formats used to store test coverage data
@@ -7100,7 +8065,7 @@
 # `clang -fprofile-instr-generate -fcoverage-mapping ...`
 # default name: default.profraw
 # magic is: \xFF lprofr \x81
-# cf. http://llvm.org/docs/doxygen/html/InstrProfData_8inc_source.html
+# cf. https://llvm.org/docs/doxygen/html/InstrProfData_8inc_source.html
 0	lequad	0xff6c70726f667281	LLVM raw profile data,
 >&0	byte	x	version %d
 
@@ -7111,10 +8076,10 @@
 
 # LLVM indexed instruction profile (as generated by llvm-profdata)
 # magic is: reverse(\xFF lprofi \x81)
-# cf. http://llvm.org/docs/CoverageMappingFormat.html
-# http://llvm.org/docs/doxygen/html/namespacellvm_1_1IndexedInstrProf.html
-# http://llvm.org/docs/CommandGuide/llvm-cov.html
-# http://llvm.org/docs/CommandGuide/llvm-profdata.html
+# cf. https://llvm.org/docs/CoverageMappingFormat.html
+# https://llvm.org/docs/doxygen/html/namespacellvm_1_1IndexedInstrProf.html
+# https://llvm.org/docs/CommandGuide/llvm-cov.html
+# https://llvm.org/docs/CommandGuide/llvm-profdata.html
 0	lequad	0x8169666f72706cff	LLVM indexed profile data,
 >&0	byte	x	version %d
 
@@ -7146,7 +8111,7 @@
 #--------------------------------------------------------------
 # ctf:  file(1) magic for CTF (Common Trace Format) trace files
 #
-# Specs. available here: <http://www.efficios.com/ctf>
+# Specs. available here: <https://www.efficios.com/ctf>
 #--------------------------------------------------------------
 
 # CTF trace data
@@ -7175,10 +8140,10 @@
 0	string	MAPZ)	Map file for the Blood Frontier/Red Eclipse FPS games
 
 #------------------------------------------------------------------------------
-# $File: cups,v 1.5 2017/03/17 21:35:28 christos Exp $
+# $File: cups,v 1.6 2019/04/19 00:42:27 christos Exp $
 # Cups: file(1) magic for the cups raster file format
 # From: Laurent Martelli <martellilaurent@gmail.com>
-# http://www.cups.org/documentation.php/spec-raster.html
+# https://www.cups.org/documentation.php/spec-raster.html
 #
 
 0	name		cups-le
@@ -7242,7 +8207,7 @@
 >15	long		>30		$BS, block size: %i bytes
 
 #------------------------------------------------------------------------------
-# $File: database,v 1.52 2017/08/13 00:21:47 christos Exp $
+# $File: database,v 1.55 2019/04/19 00:42:27 christos Exp $
 # database:  file(1) magic for various databases
 #
 # extracted from header/code files by Graeme Wilford (eep2gw@ee.surrey.ac.uk)
@@ -7389,8 +8354,8 @@
 
 ## XBase database files
 # updated by Joerg Jenderek at Feb 2013
-# http://www.dbase.com/Knowledgebase/INT/db7_file_fmt.htm
-# http://www.clicketyclick.dk/databases/xbase/format/dbf.html
+# https://www.dbase.com/Knowledgebase/INT/db7_file_fmt.htm
+# https://www.clicketyclick.dk/databases/xbase/format/dbf.html
 # http://home.f1.htw-berlin.de/scheibl/db/intern/dBase.htm
 # inspect VVYYMMDD , where 1<= MM <= 12 and 1<= DD <= 31
 0	ubelong&0x0000FFFF		<0x00000C20
@@ -7429,13 +8394,13 @@
 >>>>>>>>>>>>4	lelong			>0		\b, %d record
 # plural s appended
 >>>>>>>>>>>>>4	lelong			>1		\bs
-# http://www.clicketyclick.dk/databases/xbase/format/dbf_check.html#CHECK_DBF
+# https://www.clicketyclick.dk/databases/xbase/format/dbf_check.html#CHECK_DBF
 # 1 <= record size <= 4000 (dBase 3,4) or 32 * KB (=0x8000)
 >>>>>>>>>>>>10	uleshort		x		* %d
 # file size = records * record size + header size
 >>>>>>>>>>>>1	ubyte			x		\b, update-date
 >>>>>>>>>>>>1	use			xbase-date
-# http://msdn.microsoft.com/de-de/library/cc483186(v=vs.71).aspx
+# https://msdn.microsoft.com/de-de/library/cc483186(v=vs.71).aspx
 #>>>>>>>>>>>>29	ubyte			=0		\b, codepage ID=0x%x
 # 2~cp850 , 3~cp1252 , 0x1b~?? ; what code page is 0x1b ?
 >>>>>>>>>>>>29	ubyte			>0		\b, codepage ID=0x%x
@@ -7503,13 +8468,13 @@
 # dBASE IV SQL, no memo;dbv memo var size (Flagship)
 >>0	ubyte		0x43		dBase IV, with SQL table
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x62		dBase IV, with SQL table
 #!:mime	application/x-dbf
 # dBASE IV, with memo!!
 >>0	ubyte		0x7b		dBase IV, with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x82		dBase IV, with SQL system
 #!:mime	application/x-dbf
 # FoxBase+/dBaseIII+ with memo .DBT!
@@ -7518,7 +8483,7 @@
 # VISUAL OBJECTS (first 1.0 versions) for the Dbase III files (NTX clipper driver); memo file
 >>0	ubyte		0x87		VISUAL OBJECTS, with memo file
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0x8A		FoxBase+/dBase III, with memo .DBT
 #!:mime	application/x-dbf
 # dBASE IV with memo!
@@ -7529,7 +8494,7 @@
 !:mime	application/x-dbf
 # .dbv and .dbt memo (Flagship)?
 >>0	ubyte		0xB3		Flagship
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xCA		dBase IV with memo .DBT
 #!:mime	application/x-dbf
 # dBASE IV with SQL table, with memo .DBT
@@ -7538,12 +8503,12 @@
 # HiPer-Six format;Clipper SIX, with SMT memo file
 >>0	ubyte		0xE5		Clipper SIX with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xF4		dBase IV, with SQL table, with memo
 #!:mime	application/x-dbf
 >>0	ubyte		0xF5		FoxPro with memo
 !:mime	application/x-dbf
-# http://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
+# https://msdn.microsoft.com/en-US/library/st4a0s68(v=vs.80).aspx
 #>>0	ubyte		0xFA		FoxPro 2.x, with memo
 #!:mime	application/x-dbf
 # unknown version (should not happen)
@@ -7574,7 +8539,7 @@
 >>>>>2	ubyte		x		\b-%d
 
 #	dBase memo files .DBT or .FPT
-# http://msdn.microsoft.com/en-us/library/8599s21w(v=vs.80).aspx
+# https://msdn.microsoft.com/en-us/library/8599s21w(v=vs.80).aspx
 16		ubyte		<4
 >16		ubyte		!2
 >>16		ubyte		!1
@@ -7737,7 +8702,7 @@
 >>220	ulelong		x		\b.%d
 
 # From: Joerg Jenderek
-# URL: http://forensicswiki.org/wiki/Windows_Application_Compatibility
+# URL: https://forensicswiki.org/wiki/Windows_Application_Compatibility
 # Note: files contain application compatibility fixes, application compatibility modes and application help messages.
 8	string		sdbf
 >7	ubyte		0
@@ -7784,7 +8749,7 @@
 >>7	byte		x		\b-%d
 
 # Type: Advanced Data Format (ADF) database
-# URL:  http://www.grc.nasa.gov/WWW/cgns/adf/
+# URL:  https://www.grc.nasa.gov/WWW/cgns/adf/
 # From: Nicolas Chauvat <nicolas.chauvat@logilab.fr>
 0	string	@(#)ADF\ Database	CGNS Advanced Data Format
 
@@ -7824,7 +8789,7 @@
 0	string		ToKyO\ CaBiNeT\n	TokyoCabinet database
 >14	string		x			(version %s)
 
-# From:  Stephane Blondon http://www.yaal.fr
+# From:  Stephane Blondon https://www.yaal.fr
 # Database file for Zope (done by FileStorage)
 0	string	FS21	Zope Object Database File Storage v3 (data)
 0	string	FS30	Zope Object Database File Storage v4 (data)
@@ -7835,7 +8800,7 @@
 # IDA (Interactive Disassembler) database
 0	string		IDA1	IDA (Interactive Disassembler) database
 
-# Hopper (reverse engineering tool) http://www.hopperapp.com/
+# Hopper (reverse engineering tool) https://www.hopperapp.com/
 0	string		hopperdb	Hopper database
 
 # URL: https://en.wikipedia.org/wiki/Panorama_(database_engine)
@@ -7875,22 +8840,79 @@
 >32	lelong	x		\b, index %d
 >36	lelong	x		\b, seed %#x
 
+#
+# Redis RDB - https://redis.io/topics/persistence
+0	string	REDIS			Redis RDB file,
+>5	regex	[0-9][0-9][0-9][0-9]	version %s
+
+# Mork database.
+# Used by older versions of Mozilla Suite and Firefox,
+# and current versions of Thunderbird.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string	//\ <!--\ <mdb:mork:z\ v="	Mozilla Mork database
+>23	string	x		\b, version %.3s
+
 #------------------------------------------------------------------------------
-# $File: dbpf,v 1.1 2017/10/13 20:47:14 christos Exp $
+# $File: dataone,v 1.2 2019/04/19 00:42:27 christos Exp $
+#
+# DataONE- files from Dave Vieglais <dave.vieglais@gmail.com> &
+#                     Pratik Shrivastava <pratikshrivastava23@gmail.com>
+#
+# file formats:   https://cn.dataone.org/cn/v2/formats
+#------------------------------------------------------------------------------
+
+# EML (Ecological Metadata Language Format)
+0	string	<?xml
+>&0	regex	(eml)-[0-9].[0-9].[0-9]+	eml://ecoinformatics.org/%s
+
+# onedcx (DataONE Dublin Core Extended v1.0)
+>&0	regex	(onedcx/v)[0-9].[0-9]+		https://ns.dataone.org/metadata/schema/onedcx/v1.0
+
+# FGDC-STD-001-1998 (Content Standard for Digital Geospatial Metadata,
+# version 001-1998)
+>&0	regex	fgdc				FGDC-STD-001-1998
+
+# Mercury (Oak Ridge National Lab Mercury Metadata version 1.0)
+>&0	regex	(mercury/terms/v)[0-9].[0-9]	https://purl.org/ornl/schema/mercury/terms/v1.0
+
+# ISOTC211 (Geographic MetaData (GMD) Extensible Markup Language)
+>&0	regex	isotc211
+>>&0	regex	eng;USA				https://www.isotc211.org/2005/gmd
+
+# ISOTC211 (NOAA Variant Geographic MetaData (GMD) Extensible Markup Language)
+>>&0	regex	gov.noaa.nodc:[0-9]+		https://www.isotc211.org/2005/gmd-noaa
+
+# ISOTC211 PANGAEA Variant Geographic MetaData (GMD) Extensible Markup Language
+>>&0	regex	pangaea.dataset[0-9][0-9][0-9][0-9][0-9][0-9]+	https://www.isotc211.org/2005/gmd-pangaea
+!:mime	text/xml
+
+
+# Object Reuse and Exchange Vocabulary
+0	string	<?xml
+>&0	regex	rdf
+>>&0	regex	openarchives	https://www.openarchives.org/ore/terms
+!:mime application/rdf+xml
+
+
+# Dryad Metadata Application Profile Version 3.1
+0	string	<DryadData
+>&0	regex	(dryad-bibo/v)[0-9].[0-9]	https://datadryad.org/profile/v3.1
+!:mime	text/xml
+
+#------------------------------------------------------------------------------
+# $File: dbpf,v 1.3 2019/04/19 00:42:27 christos Exp $
 # dppf:	Maxis Database Packed Files, the stored data file format used by all
 #	Maxis games after the Sims: http://wiki.niotso.org/DBPF
-# 	http://www.wiki.sc4devotion.com/index.php?title=DBPF
+# 	https://www.wiki.sc4devotion.com/index.php?title=DBPF
 #	13 Oct 2017, Kip Warner <kip at thevertigo dot com>
 0	string	DBPF	Maxis Database Packed File
 >4	ulelong	x	\b, version: %u.
 >>8	ulelong	x	\b%u
 >>>36	ulelong	x       \b, files: %u
+>>24	ledate	!0	\b, created: %s
+>>28	ledate	!0	\b, modified: %s
 !:ext	dbpf/package/dat/sc4
 !:mime	application/x-maxis-dbpf
-4	ulelong	1
->8	ulelong	!1
->>24	ledate	!0	\b, created: %s
->>>28	ledate	!0	\b, modified: %s
 #------------------------------------------------------------------------------
 # $File: der,v 1.2 2017/03/17 21:35:28 christos Exp $
 # der: file(1) magic for DER encoded files
@@ -8119,9 +9141,9 @@
 >6	short		0x40		for Alpha
 
 #------------------------------------------------------------------------------
-# $File: dolby,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: dolby,v 1.9 2019/04/19 00:42:27 christos Exp $
 # ATSC A/53 aka AC-3 aka Dolby Digital <ashitaka@gmx.at>
-# from http://www.atsc.org/standards/a_52a.pdf
+# from https://www.atsc.org/standards/a_52a.pdf
 # corrections, additions, etc. are always welcome!
 #
 # syncword
@@ -8188,14 +9210,14 @@
 >4	byte&0x3e = 0x24	\b, 640 kbit/s
 
 #------------------------------------------------------------------------------
-# $File: dump,v 1.16 2017/07/22 19:21:02 christos Exp $
+# $File: dump,v 1.17 2018/06/26 01:07:17 christos Exp $
 # dump:  file(1) magic for dump file format--for new and old dump filesystems
 #
 # We specify both byte orders in order to recognize byte-swapped dumps.
 #
 0	name	new-dump-be
->4	bedate	x		Previous dump %s,
->8	bedate	x		This dump %s,
+>4	bedate	x		This dump %s,
+>8	bedate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8213,8 +9235,8 @@
 >888	belong	>0		Flags %x
 
 0	name	old-dump-be
-#>4	bedate	x		Previous dump %s,
-#>8	bedate	x		This dump %s,
+#>4	bedate	x		This dump %s,
+#>8	bedate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8232,8 +9254,8 @@
 >888	belong	>0		Flags %x
 
 0	name	ufs2-dump-be
->896	beqdate	x		Previous dump %s,
->904	beqdate	x		This dump %s,
+>896	beqdate	x		This dump %s,
+>904	beqdate	x		Previous dump %s,
 >12	belong	>0		Volume %d,
 >692	belong	0		Level zero, type:
 >692	belong	>0		Level %d, type:
@@ -8284,12 +9306,12 @@
 >0	leshort	7		end of medium (for floppy).
 
 #------------------------------------------------------------------------------
-# $File: dyadic,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: dyadic,v 1.9 2019/04/19 00:42:27 christos Exp $
 # Dyadic: file(1) magic for Dyalog APL.
 #
 # updated by Joerg Jenderek at Oct 2013
-# http://en.wikipedia.org/wiki/Dyalog_APL
-# http://www.dyalog.com/
+# https://en.wikipedia.org/wiki/Dyalog_APL
+# https://www.dyalog.com/
 # .DXV Dyalog APL External Variable
 # .DIN Dyalog APL Input Table
 # .DOT Dyalog APL Output Table
@@ -8345,13 +9367,24 @@
 0	short		0x6060		Dyalog APL transfer
 
 #------------------------------------------------------------------------------
-# $File: ebml,v 1.1 2010/07/02 00:07:03 christos Exp $
+# $File: ebml,v 1.2 2019/04/19 00:42:27 christos Exp $
 # ebml:  file(1) magic for various Extensible Binary Meta Language
-# http://www.matroska.org/technical/specs/index.html#track
+# https://www.matroska.org/technical/specs/index.html#track
 0	belong	0x1a45dfa3	EBML file
 >4	search/b/100	\102\202
 >>&1	string	x		\b, creator %.8s
 
+#------------------------------------------------------------------------------
+# $File: edid,v 1.1 2019/03/28 12:36:01 christos Exp $
+# edid:  file(1) magic for EDID dump files
+
+0	quad	0x00ffffffffffff00	Extended display identification data dump
+!:mime application/x-edid-dump
+>18	byte	0x01			Version 1
+>>19	byte	<0x04			\b.%d
+>18	byte	0x02			Version 2
+>>19	byte	0x00			\b.0
+
 #------------------------------------------------------------------------------
 # $File: editors,v 1.11 2017/03/17 21:35:28 christos Exp $
 # T602 editor documents
@@ -8407,7 +9440,7 @@
 >4	lelong	>2		Universal EFI binary with %d architectures
 
 #------------------------------------------------------------------------------
-# $File: elf,v 1.72 2018/02/24 19:50:04 christos Exp $
+# $File: elf,v 1.77 2019/01/16 19:33:35 christos Exp $
 # elf:  file(1) magic for ELF executables
 #
 # We have to check the byte order flag to see what byte order all the
@@ -8445,6 +9478,8 @@
 >0	lelong&0x3		2		relaxed memory ordering,
 
 0	name		elf-pa-risc
+>2	leshort		0x0208		1.0
+>2	leshort		0x0210		1.1
 >2	leshort		0x0214		2.0
 >0	leshort		&0x0008		(LP64)
 
@@ -8455,11 +9490,15 @@
 !:mime	application/x-object
 >16	leshort		2		executable,
 !:mime	application/x-executable
->16	leshort		3		${x?pie executable:shared object}
+>16	leshort		3		${x?pie executable:shared object},
 
 !:mime	application/x-${x?pie-executable:sharedlib}
->16	leshort		4		core file
+>16	leshort		4		core file,
 !:mime	application/x-coredump
+# OS-specific
+>7	byte		202
+>>16	leshort		0xFE01		executable,
+!:mime	application/x-executable
 # Core file detection is not reliable.
 #>>>(0x38+0xcc) string	>\0		of '%s'
 #>>>(0x38+0x10) lelong	>0		(signal %d),
@@ -8666,6 +9705,8 @@
 >18	leshort		217		iCelero CoolEngine,
 >18	leshort		218		Nanoradio Optimized RISC,
 >18	leshort		243		UCB RISC-V,
+>18	leshort		247		eBPF,
+>18	leshort		251             NEC VE,
 >18	leshort		0x1057		AVR (unofficial),
 >18	leshort		0x1059		MSP430 (unofficial),
 >18	leshort		0x1223		Adapteva Epiphany (unofficial),
@@ -8728,6 +9769,7 @@
 >7	byte		16		(FenixOS)
 >7	byte		17		(Nuxi CloudABI)
 >7	byte		97		(ARM)
+>7	byte		202		(Cafe OS)
 >7	byte		255		(embedded)
 
 #------------------------------------------------------------------------------
@@ -8815,9 +9857,9 @@
 0	lelong		0x1000007A	Psion Series 5 executable
 
 #------------------------------------------------------------------------------
-# $File: erlang,v 1.6 2010/09/20 19:19:17 rrt Exp $
+# $File: erlang,v 1.7 2019/04/19 00:42:27 christos Exp $
 # erlang:  file(1) magic for Erlang JAM and BEAM files
-# URL:  http://www.erlang.org/faq/x779.html#AEN812
+# URL:  https://www.erlang.org/faq/x779.html#AEN812
 
 # OTP R3-R4
 0	string	\0177BEAM!	Old Erlang BEAM file
@@ -8835,11 +9877,68 @@
 
 0	bequad	0x0000000000ABCDEF	Erlang DETS file
 
+# $File: espressif,v 1.1 2018/11/20 18:57:17 christos Exp $
+# configuration dump of Tasmota firmware for ESP8266 based devices by Espressif
+# URL: https://github.com/arendst/Sonoff-Tasmota/
+# Reference: https://codeload.github.com/arendst/Sonoff-Tasmota/zip/release-6.2/
+# Sonoff-Tasmota-release-6.2.zip/Sonoff-Tasmota-release-6.2/sonoff/settings.h 
+# From: Joerg Jenderek
+#
+# cfg_holder=4617=0x1209
+0		uleshort	4617
+# remainig settings normally 0x5A+offset XORed; free_1D5[20] empty since 5.12.0e
+>0x1D5		ubequad		0x2f30313233343536	configuration of Tasmota firmware (ESP8266)
+!:mime	application/x-tasmota-dmp
+!:ext	dmp
+# version like 6.2.1.0 ~ 0x06020100 XORed to 0x63666262
+>>11		ubyte^0x65	x			\b, version %u
+>>10		ubyte^0x64	x			\b.%u
+>>9		ubyte^0x63	x			\b.%u
+>>8		ubyte^0x62	x			\b.%u
+#>8		ubelong		x			(0x%x)
+# hostname[33] XORed
+>>0x165		ubyte^0x1BF	x			\b, hostname %c
+>>0x166		ubyte^0x1C0	>037			\b%c
+>>0x167		ubyte^0x1C1	>037			\b%c
+>>0x168		ubyte^0x1C2	>037			\b%c
+>>0x169		ubyte^0x1C3	>037			\b%c
+>>0x16A		ubyte^0x1C4	>037			\b%c
+>>0x16B		ubyte^0x1C5	>037			\b%c
+>>0x16C		ubyte^0x1C6	>037			\b%c
+>>0x16D		ubyte^0x1C7	>037			\b%c
+>>0x16E		ubyte^0x1C8	>037			\b%c
+>>0x16F		ubyte^0x1C9	>037			\b%c
+>>0x170		ubyte^0x1CA	>037			\b%c
+>>0x171		ubyte^0x1CB	>037			\b%c
+>>0x172		ubyte^0x1CC 	>037			\b%c
+>>0x173		ubyte^0x1CD	>037			\b%c
+>>0x174		ubyte^0x1CE	>037			\b%c
+>>0x175		ubyte^0x1CF	>037			\b%c
+>>0x176		ubyte^0x1D0	>037			\b%c
+>>0x177		ubyte^0x1D1	>037			\b%c
+>>0x178		ubyte^0x1D2	>037			\b%c
+>>0x179		ubyte^0x1D3	>037			\b%c
+>>0x17A		ubyte^0x1D4	>037			\b%c
+>>0x17B		ubyte^0x1D5	>037			\b%c
+>>0x17C		ubyte^0x1D6	>037			\b%c
+>>0x17D		ubyte^0x1D7	>037			\b%c
+>>0x17E		ubyte^0x1D8	>037			\b%c
+>>0x17F		ubyte^0x1D9	>037			\b%c
+>>0x180		ubyte^0x1DA	>037			\b%c
+>>0x181		ubyte^0x1DB	>037			\b%c
+>>0x182		ubyte^0x1DC	>037			\b%c
+>>0x183		ubyte^0x1DD	>037			\b%c
+>>0x184		ubyte^0x1DE	>037			\b%c
+>>0x185		ubyte^0x1DF	>037			\b%c
+#>>0x165		string		x			(%.33s)
+
+
+
 #------------------------------------------------------------------------------
-# $File: esri,v 1.4 2009/09/19 16:28:09 christos Exp $
+# $File: esri,v 1.5 2019/04/19 00:42:27 christos Exp $
 # ESRI Shapefile format (.shp .shx .dbf=DBaseIII)
 # Based on info from
-# <URL:http://www.esri.com/library/whitepapers/pdfs/shapefile.pdf>
+# <URL:https://www.esri.com/library/whitepapers/pdfs/shapefile.pdf>
 0	belong	9994	ESRI Shapefile
 >4	belong	=0
 >8	belong	=0
@@ -8872,7 +9971,7 @@
 0       string          FCS3.0          Flow Cytometry Standard (FCS) data, version 3.0
 
 #------------------------------------------------------------------------------
-# $File: filesystems,v 1.124 2018/01/12 12:35:30 christos Exp $
+# $File: filesystems,v 1.128 2019/04/23 15:43:27 christos Exp $
 # filesystems:  file(1) magic for different filesystems
 #
 0	name	partid
@@ -9141,21 +10240,21 @@
 # to display information (50) before DOS BPB (strength=70) and after DOS floppy (120) like in old file version
 !:strength +65
 >2		string		OSBS		OS/BS MBR
-# added by Joerg Jenderek at Feb 2013 according to http://thestarman.pcministry.com/asm/mbr/
-# and http://en.wikipedia.org/wiki/Master_Boot_Record
+# added by Joerg Jenderek at Feb 2013 according to https://thestarman.pcministry.com/asm/mbr/
+# and https://en.wikipedia.org/wiki/Master_Boot_Record
 # test for nearly all MS-DOS Master Boot Record initial program loader (IPL) is now done by
 # characteristic assembler instructions: xor ax,ax;mov ss,ax;mov sp,7c00
 >0	search/2	\x33\xc0\x8e\xd0\xbc\x00\x7c	MS-MBR
-# Microsoft Windows 95A and early ( http://thestarman.pcministry.com/asm/mbr/STDMBR.htm )
+# Microsoft Windows 95A and early ( https://thestarman.pcministry.com/asm/mbr/STDMBR.htm )
 # assembler instructions: mov si,sp;push ax;pop es;push ax;pop ds;sti;cld
 >>8	ubequad		0x8bf45007501ffbfc
-# http://thestarman.pcministry.com/asm/mbr/200MBR.htm
+# https://thestarman.pcministry.com/asm/mbr/200MBR.htm
 >>>0x16	ubyte		0xF3				\b,DOS 2
 >>>>219	regex		Author\ -\ 			Author:
 # found "David Litton" , "A Pehrsson  "
 >>>>>&0	string		x				"%s"
 >>>0x16	ubyte		0xF2
-# NEC MS-DOS 3.30 Rev. 3 . See http://thestarman.pcministry.com/asm/mbr/DOS33MBR.htm
+# NEC MS-DOS 3.30 Rev. 3 . See https://thestarman.pcministry.com/asm/mbr/DOS33MBR.htm
 # assembler instructions: mov di,077c;cmp word ptrl[di],a55a;jnz
 >>>>0x22	ubequad	0xbf7c07813d5aa575		\b,NEC 3.3
 # version MS-DOS 3.30 til MS-Windows 95A (WinVer=4.00.1111)
@@ -9187,7 +10286,7 @@
 # "Sistema operativo mancante"				nn=0xe2 for italian version
 >>>>>0x79	ubyte		>0			at offset 0x%x
 >>>>>>(0x79.b)	string		>\0			"%s"
-# Microsoft Windows 95B to XP (http://thestarman.pcministry.com/asm/mbr/95BMEMBR.htm)
+# Microsoft Windows 95B to XP (https://thestarman.pcministry.com/asm/mbr/95BMEMBR.htm)
 # assembler instructions: push ax;pop es;push  ax;pop ds;cld;mov si,7c1b
 >>8	ubequad		0x5007501ffcbe1b7c
 # assembler instructions: rep;movsb;retf;mov si,07be;mov cl,04
@@ -9214,7 +10313,7 @@
 # "\216\257\245\340\240\346\250\256\255\255\240\357 \341\250\341\342\245\254\240 \255\245 \255\240\251\244\245\255\240"	nn=0x156 for russian version
 >>>>0xA9		ubyte	x			at offset 0x1%x
 >>>>(0xA9.b+0x100)	string	>\0			"%s"
-# http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm
+# https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm
 # assembler instructions: rep;movsb;retf;mov BP,07be;mov cl,04
 >>>24		ubequad	0xf3a4cbbdbe07b104		XP
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9235,7 +10334,7 @@
 # Microsoft Windows Vista or 7
 # assembler instructions: ..;mov ds,ax;mov si,7c00;mov di,..00
 >>8	ubequad		0xc08ed8be007cbf00
-# Microsoft Windows Vista (http://thestarman.pcministry.com/asm/mbr/VistaMBR.htm)
+# Microsoft Windows Vista (https://thestarman.pcministry.com/asm/mbr/VistaMBR.htm)
 # assembler instructions: jnz 0729;cmp ebx,"TCPA"
 >>>0xEC		ubequad	0x753b6681fb544350		Vista
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9253,7 +10352,7 @@
 # "Betriebssystem nicht vorhanden"			zz=0x1?? for german version
 >>>>0x1b7	ubyte		>0			at offset 0x1%x
 >>>>(0x1b7.b+0x100)	string	>\0			"%s"
-# Microsoft Windows 7 (http://thestarman.pcministry.com/asm/mbr/W7MBR.htm)
+# Microsoft Windows 7 (https://thestarman.pcministry.com/asm/mbr/W7MBR.htm)
 # assembler instructions: cmp ebx,"TCPA";cmp
 >>>0xEC		ubequad	0x6681fb5443504175		Windows 7
 # where xxyyzz are lower bits from offsets of error messages varying for different languages
@@ -9271,10 +10370,10 @@
 # "Betriebssystem nicht vorhanden"			zz=0x1?? for german version
 >>>>0x1b7	ubyte		>0			at offset 0x1%x
 >>>>(0x1b7.b+0x100)	string	>\0			"%s"
-# http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DiskSigs
-# http://en.wikipedia.org/wiki/MBR_disk_signature#ID
+# https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DiskSigs
+# https://en.wikipedia.org/wiki/MBR_disk_signature#ID
 >>0x1b8	ulelong		>0				\b, disk signature 0x%-.4x
-# driveID/timestamp for Win 95B,98,98SE and ME. See http://thestarman.pcministry.com/asm/mbr/mystery.htm
+# driveID/timestamp for Win 95B,98,98SE and ME. See https://thestarman.pcministry.com/asm/mbr/mystery.htm
 >>0xDA	uleshort		0
 >>>0xDC 	ulelong		>0			\b, created
 # physical drive number (0x80-0xFF) when the Windows wrote that byte to the drive
@@ -9338,13 +10437,13 @@
 >>>>>420	ubyte		x			\b)
 #
 # SYSLINUX MBR moved
-# http://www.acronis.de/
+# https://www.acronis.de/
 >362	string	MBR\ Error\ \0\r
 >>376	string	ress\ any\ key\ to\040
 >>>392	string	boot\ from\ floppy...\0			\b, Acronis MBR
 # added by Joerg Jenderek
-# http://www.visopsys.org/
-# http://partitionlogic.org.uk/
+# https://www.visopsys.org/
+# https://partitionlogic.org.uk/
 >309	string	No\ bootable\ partition\ found\r
 >>339	string	I/O\ Error\ reading\ boot\ sector\r	\b, Visopsys MBR
 >349	string	No\ bootable\ partition\ found\r
@@ -9363,7 +10462,7 @@
 >>172	string	LILO				\b, version 22.5.8 Debian
 # updated by Joerg Jenderek at Oct 2008
 # variables according to grub-0.97/stage1/stage1.S or
-# http://www.gnu.org/software/grub/manual/grub.html#Embedded-data
+# https://www.gnu.org/software/grub/manual/grub.html#Embedded-data
 # usual values are marked with comments to get only informations of strange GRUB loaders
 >342		search/60	\0Geom\0
 #>0		ulelong		x		%x=0x009048EB ,	0x2a9048EB  0
@@ -9422,7 +10521,7 @@
 # skip FSInfosector
 >>>>>>0		string		!RRaA
 # skip 3rd sector of MS x86 bootloader with assember instructions cli;MOVZX EAX,BYTE PTR [BP+10];MOV ECX,
-# http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm
+# https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm
 >>>>>>>0	ubequad		!0xfa660fb64610668b
 # skip 13rd sector of MS x86 bootloader
 >>>>>>>>0	ubequad		!0x660fb64610668b4e
@@ -9435,7 +10534,7 @@
 >>>>>>>>>>>446	use		partition-table
 # TODO: test for extended bootrecord (ebr) moved and merged with mbr partition table entries
 # mbr partition table entries end
-# http://www.acronis.de/
+# https://www.acronis.de/
 #FAT label=ACRONIS\ SZ
 #OEM-ID=BOOTWIZ0
 >442	string	Non-system\ disk,\040
@@ -9868,8 +10967,8 @@
 >>>>505		ubyte&0xDF	>0
 >>>>>505	string		x 			\b.%-.3s
 # added by Joerg Jenderek
-# http://www.visopsys.org/
-# http://partitionlogic.org.uk/
+# https://www.visopsys.org/
+# https://partitionlogic.org.uk/
 # OEM-ID=Visopsys
 >478		ulelong	0
 >>(1.b+326)	string	I/O\ Error\ reading\040
@@ -9896,8 +10995,8 @@
 #it prints a very short message ("RE") to the screen and hangs the computer.
 # x86 bootloader end
 
-# added by Joerg Jenderek at Feb 2013 according to http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
-# and http://en.wikipedia.org/wiki/File_Allocation_Table#FS_Information_Sector
+# added by Joerg Jenderek at Feb 2013 according to https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
+# and https://en.wikipedia.org/wiki/File_Allocation_Table#FS_Information_Sector
 >0		string		RRaA
 >>0x1E4		string		rrAa		\b, FSInfosector
 #>>0x1FC	uleshort	=0		SHOULD BE ZERO
@@ -9960,7 +11059,7 @@
 >11			ubyte		x		\b+
 >11			use		DOS-filename
 
-# http://en.wikipedia.org/wiki/Master_boot_record#PTE
+# https://en.wikipedia.org/wiki/Master_boot_record#PTE
 # display standard partition table
 0	name				partition-table
 #>0		ubyte		x	PARTITION-TABLE
@@ -10027,20 +11126,20 @@
 0x18b	string	OS/2	OS/2 Boot Manager
 
 # updated by Joerg Jenderek at Oct 2008 and Sep 2012
-# http://syslinux.zytor.com/iso.php
+# https://syslinux.zytor.com/iso.php
 # tested with versions 1.47,1.48,1.49,1.50,1.62,1.76,2.00,2.10;3.00,3.11,3.31,;3.70,3.71,3.73,3.75,3.80,3.82,3.84,3.86,4.01,4.03 and 4.05
 # assembler instructions: cli;jmp 0:7Cyy (yy=0x40,0x5e,0x6c,0x6e,0x77);nop;nop
 0	ulequad&0x909000007cc0eafa	0x909000007c40eafa
 >631	search/689	ISOLINUX\ 	isolinux Loader
 >>&0	string		x		(version %-4.4s)
-# http://syslinux.zytor.com/pxe.php
+# https://syslinux.zytor.com/pxe.php
 # assembler instructions: jmp 7C05
 0	ulelong	0x007c05ea		pxelinux loader (version 2.13 or older)
 # assembler instructions: pushfd;pushad
 0	ulelong	0x60669c66		pxelinux loader
 # assembler instructions: jmp 05
 0	ulelong	0xc00005ea		pxelinux loader (version 3.70 or newer)
-# http://syslinux.zytor.com/wiki/index.php/SYSLINUX
+# https://syslinux.zytor.com/wiki/index.php/SYSLINUX
 0	string	LDLINUX\ SYS\ 		SYSLINUX loader
 >12	string	x			(older version %-4.4s)
 0	string	\r\nSYSLINUX\ 		SYSLINUX loader
@@ -10086,7 +11185,7 @@
 >0004	uleshort	x
 # ERRorTeXT
 >>181	search/166		Error\ \0\r\n				NetBSD mbr
-# NT Drive Serial Number http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DS
+# NT Drive Serial Number https://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#DS
 >>>0x1B8	ubelong		>0					\b,Serial 0x%-.8x
 # BOOTSEL definitions contains assembler instructions: int 0x13;pop dx;push dx;push dx
 >>>0xbb		search/71	\xcd\x13\x5a\x52\x52			\b,bootselector
@@ -10122,7 +11221,7 @@
 >>>398		string	Disk\ error\r\n\0FDD\0HDD\0
 >>>>419		string	\ EBIOS\r\n\0				AdvanceMAME mbr
 
-# Neil Turton mbr loader variant of http://www.chiark.greenend.org.uk/~neilt/mbr/
+# Neil Turton mbr loader variant of https://www.chiark.greenend.org.uk/~neilt/mbr/
 # added by Joerg Jenderek at Mar 2011 for versions 1.0.0 - 1.1.11
 # for 1st version assembler instructions:	cld;xor ax,ax;mov DS,ax;MOV ES,AX;mov SI,
 # or  	  	  	    			cld;xor ax,ax;mov SS,ax;XOR SP,SP;mov DS,
@@ -10135,7 +11234,7 @@
 >>>(0x1BC.s+9)		ubyte		x			\bVersion<=%u
 #>>>(0x1BC.s+8)		ubyte		x			asm_flag_%x
 >>>(0x1BC.s+8)		ubyte&1		1			\b,Y2K-Fix
-# variant used by testdisk of http://www.cgsecurity.org/wiki/Menu_MBRCode
+# variant used by testdisk of https://www.cgsecurity.org/wiki/Menu_MBRCode
 >>>(0x1BC.s+8)		ubyte&2		2			\b,TestDisk
 #0x1~1,..,0x8~4,0x10~F,0x80~A enabled
 #>>>(0x1BC.s+10)		ubyte		x			\b,flags 0x%x
@@ -10168,7 +11267,7 @@
 # added by Joerg Jenderek
 # In the second sector (+0x200) are variables according to grub-0.97/stage2/asm.S or
 # grub-1.94/kern/i386/pc/startup.S
-# http://www.gnu.org/software/grub/manual/grub.html#Embedded-data
+# https://www.gnu.org/software/grub/manual/grub.html#Embedded-data
 # usual values are marked with comments to get only informations of strange GRUB loaders
 0x200	uleshort		0x70EA
 # found only version 3.{1,2}
@@ -10223,7 +11322,7 @@
 # DOS x86 sector updated and separated from "DOS/MBR boot sector" by Joerg Jenderek at May 2011
 # JuMP short     bootcodeoffset NOP assembler instructions will usually be EB xx 90
 # over BIOS parameter block (BPB)
-# http://thestarman.pcministry.com/asm/2bytejumps.htm#FWD
+# https://thestarman.pcministry.com/asm/2bytejumps.htm#FWD
 # older drives may use Near JuMP instruction E9 xx xx
 # minimal short forward jump found 0x29 for bootloaders or 0x0
 # maximal short forward jump is 0x7f
@@ -10276,7 +11375,7 @@
 >>>>>26		ubyte		=1		\b, heads %u
 # valid only for sector sizes with more then 32 Bytes
 >>>>>11		uleshort	>32
-# http://en.wikipedia.org/wiki/Design_of_the_FAT_file_system#Extended_BIOS_Parameter_Block
+# https://en.wikipedia.org/wiki/Design_of_the_FAT_file_system#Extended_BIOS_Parameter_Block
 # skip for values 2,2Ah,70h,73h,DFh
 # and continue for extended boot signature values 0,28h,29h,80h
 >>>>>>38	ubyte&0x56	=0
@@ -10338,7 +11437,7 @@
 # FAT32 bit specific
 >>>>>82		string/c	fat32		\b, FAT (32 bit)
 >>>>>>36	ulelong		x		\b, sectors/FAT %u
-# http://technet.microsoft.com/en-us/library/cc977221.aspx
+# https://technet.microsoft.com/en-us/library/cc977221.aspx
 >>>>>>40	uleshort	>0		\b, extension flags 0x%x
 #>>>>>>40	uleshort	=0		\b, extension flags %hu
 >>>>>>42	uleshort	>0		\b, fsVersion %u
@@ -10355,7 +11454,7 @@
 #>>>>>>50	uleshort	=6		\b, Backup boot sector %u (usual)
 >>>>>>50	default		x
 >>>>>>>50	uleshort	x		\b, Backup boot sector %u
-# corrected by Joerg Jenderek at Feb 2011 according to http://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
+# corrected by Joerg Jenderek at Feb 2011 according to https://thestarman.pcministry.com/asm/mbr/MSWIN41.htm#FSINFO
 >>>>>>52	ulelong		>0		\b, reserved1 0x%x
 >>>>>>56	ulelong		>0		\b, reserved2 0x%x
 >>>>>>60	ulelong		>0		\b, reserved3 0x%x
@@ -10381,7 +11480,7 @@
 >>>>>>>(11.s)	ulelong&0x00ffffF0	0x00ffffF0	\b, followed by FAT
 # floppy image
 !:mime application/x-ima
-# NTFS specific added by Joerg Jenderek at Mar 2011 according to http://thestarman.pcministry.com/asm/mbr/NTFSBR.htm
+# NTFS specific added by Joerg Jenderek at Mar 2011 according to https://thestarman.pcministry.com/asm/mbr/NTFSBR.htm
 # and http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/bios-parameter-block.html
 # 0 FATs
 >>>>>16	ubyte		=0
@@ -10412,18 +11511,39 @@
 >>>>>>>>>72	ulequad		x		\b, serial number 0%llx
 >>>>>>>>>80	ulelong		>0		\b, checksum 0x%x
 #>>>>>>>>>80	ulelong		=0		\b, checksum 0x%x=0 (usual)
->>>>>>>>>0x258	ulelong&0x00009090	=0x00009090
->>>>>>>>>>&-92		indirect	x	\b; contains
-# For 2nd NTFS sector added by Joerg Jenderek at Jan 2013
-# http://thestarman.pcministry.com/asm/mbr/NTFSbrHexEd.htm
-# unused assembler instructions JMP y2;NOP;NOP
-0x056		ulelong&0xFFFF0FFF	0x909002EB
-# unicode loadername terminated by CTRL-D
->(0.s*2)	ulelong&0xFFFFFF00	0x00040000
+# unicode loadername size jump
+>>>>>>>>>(0x200.s*2)	ubyte				x
+# in next sector loadername terminated by unicode CTRL-D and $
+>>>>>>>>>>&0x1FF	ulequad&0x0000FFffFFffFF00	0x0000002400040000 \b; contains
+# if 2nd NTFS sectors is found then assume whole filesystem
+#!:mime		application/x-raw-disk-image
+!:ext		img/bin/ntfs
+>>>>>>>>>>>0x200	use				ntfs-sector2
+
+# For 2nd NTFS sector added by Joerg Jenderek at Jan 2013, Mar 2019
+# https://thestarman.pcministry.com/asm/mbr/NTFSbrHexEd.htm
+# unused assembler instructions short JMP y2;NOP;NOP
+0x056		ulelong&0xFFFF0FFF	0x909002EB	NTFS
+#!:mime		application/octet-stream
+!:ext		bin
+>0		use		ntfs-sector2
+# https://memory.dataram.com/products-and-services/software/ramdisk
+# assembler instructions JMP C000;NOP
+0x056		ulelong			0x9000c0e9	NTFS
+#!:mime		application/octet-stream
+!:ext		bin
+>0		use		ntfs-sector2
+# check for characteristics of second NTFS sector and then display loader name
+0		name		ntfs-sector2
+# number of utf16 characters of loadername
+>0		uleshort	<8
+# unused assembler instructions JMP y2;NOP;NOP or JMP C000;NOP
+>>0x056		ulelong&0xFF0000FD	0x900000E9
 # loadernames are NTLDR,CMLDR,PELDR,$LDR$ or BOOTMGR
->>0x002		lestring16	x	Microsoft Windows XP/VISTA bootloader %-5.5s
->>0x12		string		$
->>>0x0c		lestring16	x	\b%-2.2s
+>>>0x002		lestring16	x	bootstrap %-5.5s
+# check for 7 character length of loader name like BOOTMGR
+>>>0		uleshort	7
+>>>>0x0c	lestring16	x	\b%-2.2s
 ### DOS,NTFS boot sectors end
 
 # ntfsclone-image is a special save format for NTFS volumes,
@@ -10562,7 +11682,7 @@
 # ext2/ext3 filesystems - Andreas Dilger <adilger@dilger.ca>
 # ext4 filesystem - Eric Sandeen <sandeen@sandeen.net>
 # volume label and UUID Russell Coker
-# http://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
+# https://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
 0x438   leshort         0xEF53          Linux
 >0x44c  lelong          x               rev %d
 >0x43e  leshort         x               \b.%d
@@ -10674,7 +11794,7 @@
 ############################################################################
 # Minix-ST kernel floppy
 0x800	belong		0x46fc2700	Atari-ST Minix kernel image
-# http://en.wikipedia.org/wiki/BIOS_parameter_block
+# https://en.wikipedia.org/wiki/BIOS_parameter_block
 # floppies with valid BPB and any instruction at beginning
 >19	string		\240\005\371\005\0\011\0\2\0	\b, 720k floppy
 >19	string		\320\002\370\005\0\011\0\1\0	\b, 360k floppy
@@ -10744,7 +11864,7 @@
 #
 
 # all FAT12 (strength=70) floppies with sectorsize 512 added by Joerg Jenderek at Jun 2013
-# http://en.wikipedia.org/wiki/File_Allocation_Table#Exceptions
+# https://en.wikipedia.org/wiki/File_Allocation_Table#Exceptions
 # Too Weak.
 #512		ubelong&0xE0ffff00	0xE0ffff00
 # without valid Media descriptor in place of BPB, cases with are done at other places
@@ -10757,7 +11877,7 @@
 #>>512		ubyte			=0xfa			320k
 #>>512		ubyte			=0xfb			640k
 #>>512		ubyte			=0xfc			180k
-# look like an an old DOS directory entry
+# look like an old DOS directory entry
 #>>>0xA0E	ubequad			0
 #>>>>0xA00	ubequad			!0
 #!:mime application/x-ima
@@ -10788,26 +11908,26 @@
 # only x86 short jump instruction found
 #>>>0		ubyte			=0xEB
 #>>>>1		ubyte			x			\b, code offset 0x%x+2
-# http://thestarman.pcministry.com/DOS/ibm100/Boot.htm
+# https://thestarman.pcministry.com/DOS/ibm100/Boot.htm
 # assembler instructions: CLI;MOV AX,CS;MOV DS,AX;MOV DX,0
 #>>>>(1.b+2)	ubequad			0xfa8cc88ed8ba0000	\b, PC-DOS 1.0 bootloader
 # ibmbio.com+ibmdos.com
 #>>>>>0x176	use			DOS-filename
 #>>>>>0x181	ubyte			x			\b+
 #>>>>>0x182	use			DOS-filename
-# http://thestarman.pcministry.com/DOS/ibm110/Boot.htm
+# https://thestarman.pcministry.com/DOS/ibm110/Boot.htm
 # assembler instructions: CLI;MOV AX,CS;MOV DS,AX;XOR DX,DX;MOV
 #>>>>(1.b+2)	ubequad			0xfa8cc88ed833d28e	\b, PC-DOS 1.1 bootloader
 # ibmbio.com+ibmdos.com
 #>>>>>0x18b	use			DOS-filename
 #>>>>>0x196	ubyte			x			\b+
 #>>>>>0x197	use			DOS-filename
-# http://en.wikipedia.org/wiki/Zenith_Data_Systems
+# https://en.wikipedia.org/wiki/Zenith_Data_Systems
 # assembler instructions: MOV BX,07c0;MOV SS,BX;MOV SP,01c6
 #>>>>(1.b+2)	ubequad			0xbbc0078ed3bcc601	\b, Zenith Data Systems MS-DOS 1.25 bootloader
 # IO.SYS+MSDOS.SYS
 #>>>>>0x20	use			2xDOS-filename
-# http://en.wikipedia.org/wiki/Corona_Data_Systems
+# https://en.wikipedia.org/wiki/Corona_Data_Systems
 # assembler instructions: MOV AX,CS;MOV DS,AX;CLI;MOV SS,AX;
 #>>>>(1.b+2)	ubequad			0x8cc88ed8fa8ed0bc	\b, MS-DOS 1.25 bootloader
 # IO.SYS+MSDOS.SYS
@@ -10860,7 +11980,7 @@
 >307200	use cdrom
 
 # .cso files
-# Reference: http://pismotec.com/ciso/ciso.h
+# Reference: https://pismotec.com/ciso/ciso.h
 # NOTE: There are two other formats with the same magic but
 # completely incompatible specifications:
 # - GameCube/Wii CISO: https://github.com/dolphin-emu/dolphin/blob/master/Source/Core/DiscIO/CISOBlob.h
@@ -10869,10 +11989,13 @@
 # Other fields are used to determine what type of CISO this is:
 # - 0x04 == 0x00200000: GameCube/Wii CISO (block_size)
 # - 0x10 == 0x00000800: PSP CISO (ISO-9660 sector size)
+# - 0x10 == 0x00004000: For >2GB files using maxcso...
+# 			https://github.com/unknownbrackets/maxcso/issues/26
 # - None of the above: Compact ISO.
 >4	lelong	!0
 >>4	lelong	!0x200000
->>>0x10	lelong	!0x800		Compressed ISO CD image
+>>>16	lelong	!0x800
+>>>>16	lelong	!0x4000		Compressed ISO CD image
 
 # cramfs filesystem - russell@coker.com.au
 0       lelong    0x28cd3d45      Linux Compressed ROM File System data, little endian
@@ -11120,7 +12243,7 @@
 >984    string          x               volume label is '%-12.12s'
 
 # From: Thomas Klausner <wiz@NetBSD.org>
-# http://filext.com/file-extension/DAA
+# https://filext.com/file-extension/DAA
 # describes the daa file format. The magic would be:
 0	string		DAA\x0\x0\x0\x0\x0	PowerISO Direct-Access-Archive
 
@@ -11294,12 +12417,12 @@
 !:ext	imgc
 
 #------------------------------------------------------------------------------
-# $File: finger,v 1.2 2015/10/07 02:37:57 christos Exp $
+# $File: finger,v 1.3 2019/04/19 00:42:27 christos Exp $
 # fingerprint:  file(1) magic for fingerprint data
 # XPM bitmaps)
 #
 
-# http://cgit.freedesktop.org/libfprint/libfprint/tree/libfprint/data.c
+# https://cgit.freedesktop.org/libfprint/libfprint/tree/libfprint/data.c
 
 0	string	FP1		libfprint fingerprint data V1
 >3	beshort	x		\b, driver_id %x
@@ -11310,13 +12433,13 @@
 >5	belong	x		\b, devtype %x
 
 #------------------------------------------------------------------------------
-# $File: flash,v 1.14 2017/05/25 20:09:55 christos Exp $
+# $File: flash,v 1.15 2019/04/19 00:42:27 christos Exp $
 # flash:	file(1) magic for Macromedia Flash file format
 #
 # See
 #
-#	http://www.macromedia.com/software/flash/open/
-#	http://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/\
+#	https://www.macromedia.com/software/flash/open/
+#	https://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/\
 #	en/devnet/swf/pdf/swf-file-format-spec.pdf page 27
 #
 
@@ -11408,7 +12531,7 @@
 >>4	string	=d	\b, RGBA, interlaced
 
 #------------------------------------------------------------------------------
-# $File: fonts,v 1.38 2017/11/14 15:48:36 christos Exp $
+# $File: fonts,v 1.41 2019/05/05 16:44:04 christos Exp $
 # fonts:  file(1) magic for font data
 #
 0	search/1	FONT		ASCII vfont text
@@ -11425,7 +12548,7 @@
 
 # Summary:	PostScript Type 1 Printer Font Metrics
 # URL:		https://en.wikipedia.org/wiki/PostScript_fonts
-# Reference:	http://partners.adobe.com/public/developer/en/font/5178.PFM.pdf
+# Reference:	https://partners.adobe.com/public/developer/en/font/5178.PFM.pdf
 # Modified by:	Joerg Jenderek
 # Note:		moved from ./msdos magic
 # dfVersion 256=0100h
@@ -11488,7 +12611,7 @@
 0	search/1	STARTFONT\ 		X11 BDF font text
 
 # From: Joerg Jenderek
-# URL: http://grub.gibibit.com/New_font_format
+# URL: https://grub.gibibit.com/New_font_format
 # Reference: util/grub-mkfont.c
 #		include/grub/fontformat.h
 # FONT_FORMAT_SECTION_NAMES_FILE
@@ -11536,6 +12659,58 @@
 7	belong		0x00564944	DOS code page font data (from Linux?)
 4098	string		DOSFONT		DOSFONT2 encrypted font data
 
+# From: Joerg Jenderek
+# URL: http://fileformats.archiveteam.org/wiki/GEM_bitmap_font
+# Reference: http://cd.textfiles.com/ataricompendium/BOOK/HTML/APPENDC.HTM#cnt
+#
+# usual case with lightening mask and skewing mask 5555h~UU
+62	ulelong		0x55555555
+>0	use		gdos-font
+# BOX18.GFT COWBOY30.GFT ROYALK30.GFT
+62	ulelong		0
+# skip ISO 9660 CD-ROM ./filesystem by looking for low positive face size
+>2	uleshort	>2
+# skip DOS 2.0 backup id file ./msdos by looking for face size lower/equal 48
+>>2	uleshort	<49
+# skip MS Windows ICO ./msdos by looking for valid face name
+>>>4	ubeshort	>0x1F00
+# skip DOS executable BACKM212.COM by looking for horizontal offset table after header
+#>>>>68	ulelong		>87		OFFSET_OK
+>>>>0	use		gdos-font
+0	name		gdos-font
+>0	uleshort	x		GEM GDOS font
+!:mime	application/x-font-gdos
+# also .eps found like AA070GEP.EPS AI360GEP.EPS
+!:ext	fnt/gtf
+# font name like University Bold
+>4	string		x		%.32s
+# face size in points 3-48
+>2	uleshort	x		%u
+# face ID (must be unique)
+>0	uleshort	x		\b, ID 0x%4.4x
+# lowest character index in face (usually 32 for disk-loaded fonts).
+#>36	uleshort	x		\b, low character index %u
+# width of the widest character
+#>50	uleshort	x		\b, %u char width
+# width of the widest character cell
+#>52	uleshort	x		\b, %u cell width
+# thickening size
+#>58	uleshort	x		\b, %u thick
+# lightening mask to eliminate pixels, usually 5555h
+>62	uleshort	!0x5555		\b, lightening mask 0x%x
+# skewing mask to determine when to perform additional rotation when skewing, usually 5555h
+>64	uleshort	!0x5555		\b, skewing mask 0x%x
+# offset to horizontal offset table 58h~88 5eh
+#>68	ulelong		>88		\b, 0x%x horizontal table offset
+# offset character offset table
+#>72	ulelong		x		\b, 0x%x coffset
+# offset to font data
+#>72	ulelong		x		\b, 0x%x foffset
+# form width in bytes
+#>80	uleshort	x		\b, %u fwidth
+# pointer to the next font, set by GDOS after loading
+#>84	ulelong		x		\b, 0x%x noffset
+
 # downloadable fonts for browser (prints type) anthon@mnt.org
 # https://tools.ietf.org/html/rfc3073
 0	string		PFR1		Portable Font Resource font data (new)
@@ -11575,16 +12750,14 @@
 >>12	regex/4l	\^[A-Za-z][A-Za-z][A-Za-z/][A-Za-z2\ ]	
 #>>>0	ubelong	x	\b, sfnt version 0x%x
 >>>0	ubelong	!0x4f54544f	TrueType
-!:mime	application/font-sfnt
-#!:mime	font/ttf
+!:mime	font/sfnt
 !:apple	????tfil
 # .ttf for TrueType font
 # EUDC.tte created by privat character editor %WINDIR%\system32\eudcedit.exe
 !:ext	ttf/tte
 # sfnt version 4F54544Fh~OTTO
 >>>0	ubelong	=0x4f54544f	OpenType
-!:mime	application/font-sfnt
-#!:mime	font/otf
+!:mime	font/otf
 !:apple	????OTTO
 !:ext	otf
 >>>0	ubelong	x		Font data
@@ -11665,7 +12838,7 @@
 
 # TrueType/OpenType font collections (.ttc)
 # URL: https://en.wikipedia.org/wiki/OpenType
-# http://www.microsoft.com/typography/otspec/otff.htm
+# https://www.microsoft.com/typography/otspec/otff.htm
 # Modified by: Joerg Jenderek
 # Note:	container for TrueType, OpenType font
 0	string		ttcf
@@ -11673,17 +12846,16 @@
 >4	ubyte		0		
 # sfnt version often 0x00010000 of 1st table is TrueType
 >>(12.L)	ubelong	!0x4f54544f	TrueType
-#!:mime	font/ttf
+!:mime	font/ttf
 !:apple	????tfil
 !:ext	ttc
 # sfnt version 4F54544Fh~OTTO of 1st table is OpenType font 
 >>(12.L)	ubelong	=0x4f54544f	OpenType
-#!:mime	font/otf
+!:mime	font/otf
 !:apple	????OTTO
 # no example found for otc
 !:ext	ttc/otc
 >>4	ubyte		x		font collection data
-!:mime	application/font-sfnt
 #!:mime	font/collection
 # TCC version
 >>4	belong		0x00010000	\b, 1.0
@@ -11728,12 +12900,12 @@
 #>14	beshort		x		\b, reserved %d
 #>16	belong		x		\b, totalSfntSize %d
 
-# http://www.w3.org/TR/WOFF/
+# https://www.w3.org/TR/WOFF/
 0	string		wOFF	Web Open Font Format
 >0	use		woff
 >20	beshort		x	\b, version %d
 >22	beshort		x	\b.%d
-# http://www.w3.org/TR/WOFF2/
+# https://www.w3.org/TR/WOFF2/
 0	string		wOF2	Web Open Font Format (Version 2)
 >0	use		woff
 #>20	belong		x	\b, totalCompressedSize %d
@@ -11944,7 +13116,7 @@
 >>11	byte	x		%d chars high
 
 #------------------------------------------------------------------------------
-# $File: fsav,v 1.14 2017/03/17 21:35:28 christos Exp $
+# $File: fsav,v 1.19 2019/04/19 00:42:27 christos Exp $
 # fsav:  file(1) magic for datafellows fsav virus definition files
 # Anthon van der Neut (anthon@mnt.org)
 
@@ -11984,23 +13156,64 @@
 #>>>>>>13	ubyte	x		\b%02x bytes
 
 # Joerg Jenderek: joerg dot jenderek at web dot de
-# http://www.clamav.net/doc/latest/html/node45.html
-# .cvd files start with a 512 bytes colon separated header
+# clamav-0.100.2\docs\html\node60.html 
+# https://github.com/vrtadmin/clamav-faq/raw/master/manual/clamdoc.pdf
+# ClamAV virus database files start with a 512 bytes colon separated header
 # ClamAV-VDB:buildDate:version:signaturesNumbers:functionalityLevelRequired:MD5:Signature:builder:buildTime
-# + gzipped tarball files
-0	string		ClamAV-VDB:
->11	string		>\0		Clam AntiVirus database %-.23s
->>34	string		:
->>>35		string		!:	\b, version
->>>>35		string		x 	\b%-.1s
->>>>>36		string 		!:
->>>>>>36	string		x 	\b%-.1s
->>>>>>>37	string		!:
->>>>>>>>37	string		x 	\b%-.1s
->>>>>>>>>38	string		!:
->>>>>>>>>>38	string		x 	\b%-.1s
->512	string		\037\213	\b, gzipped
->769	string		ustar\0		\b, tarred
+# + gzipped (optional) tarball files
+# output can often be verified by `sigtool --info=FILE`
+0	string		ClamAV-VDB:	Clam AntiVirus
+# padding spaces implies database
+>511	ubyte		=0x20		database
+!:mime	application/x-clamav-database
+# empty build time
+>>10	string		=::		(unsigned)
+# sigtool(1) man page
+!:ext	cud
+# display some text to avoid error like:
+# Magdir/fsav, 78: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files! (No error)
+>>10	default		x		(with buildtime)
+#>>10	default		x
+# clamtmp is used for temporily database like update process
+# for pure tar database only cld extension found
+!:ext	cld/cvd/clamtmp/cud
+>511	default		x		file
+!:mime	application/x-clamav
+!:ext	info
+>11	string		>\0
+# buildDate empty or like "22 Mar 2017 12-57 -0400"; verified by `sigtool -i FILE`
+>>11	regex		\^[^:]{0,23}	\b, %s
+# version like 25170
+>>>&1	regex		\^[^:]{1,6}	\b, version %s
+# signaturesNumbers like 4566249
+>>>>&1	regex		\^[^:]{1,10}	\b, %s signatures
+# functionalityLevelRequired like 60
+>>>>>&1	regex		\^[^:]{1,4}	\b, level %s
+# X for nothing or MD5
+#>>>>>>&1	regex	\^[^:]{1,32}	\b, MD5 "%s"
+>>>>>>&1	regex	\^[^:]{1,32}
+# X for nothing or digital signature starting like AIzk/LYbX
+#>>>>>>>&1	regex	\^[^:]{1,255}	\b, signature "%s"
+>>>>>>>&1	regex	\^[^:]{1,255}
+# builder like neo
+>>>>>>>>&1	regex	\^[^:]{1,32}	\b, builder %s
+# buildTime like 1506611558
+#>>>>>>>>>&1	regex	\^[^:]{1,10}	\b, %s
+>>>>>>>>>&1	regex	\^[^:]{1,10}	
+# padding with spaces
+#>>>>>>>>>>&1	ubequad	x		\b, padding 0x%16.16llx
+>510	ubyte		=0x20
+# inspect real database content
+#>>512	ubeshort	x		\b, database MAGIC 0x%x
+# ./archive handle pure tar archives
+>>1012	quad		=0		\b, with
+>>>512	use		tar-file
+# not pure tar
+>>1012	quad		!0
+# one space at the end of text and then handles gziped archives by ./compress
+>>>512	string		\037\213	\b, with 
+>>>>512	indirect	x
 
 # Type: Grisoft AVG AntiVirus
 # From: David Newgas <david@newgas.net>
@@ -12009,6 +13222,27 @@
 0	string	X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR
 >33	string	-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*	EICAR virus test files
 
+# From: Joerg Jenderek
+# URL: https://www.avira.com/
+# Note: found in directory %ProgramData%\Avira\Antivirus\INFECTED (Windows)
+# tested with version 15.0.43.23 at November 2019
+0	string		AntiVir\ Qua	Avira AntiVir quarantined
+!:mime	application/x-avira-qua
+#!:mime	application/octet-stream
+!:ext	qua
+>156	string		SUSPICIOUS_FILE
+# file path of suspicious file
+>>220	lestring16	x		%s
+>156	string		!SUSPICIOUS_FILE
+# file path of virus file
+>>228	lestring16	x		%s
+# quarantined date
+>60	ldate		x		at %s
+# virus/danger name
+>156	string		!SUSPICIOUS_FILE
+>>156	string		x		\b, category "%s"
+
+
 #------------------------------------------------------------------------------
 # $File: fusecompress,v 1.2 2011/08/08 09:05:55 christos Exp $
 # fusecompress:   file(1) magic for fusecompress
@@ -12022,7 +13256,7 @@
 >4	long	x	uncompressed size: %d
 
 #------------------------------------------------------------------------------
-# $File: games,v 1.16 2017/10/19 16:40:37 christos Exp $
+# $File: games,v 1.17 2019/04/19 00:42:27 christos Exp $
 # games:  file(1) for games
 
 # Fabio Bonelli <fabiobonelli@libero.it>
@@ -12233,7 +13467,7 @@
 
 # Summary: SGF Smart Game Format
 # Extension: .sgf
-# Reference: http://www.red-bean.com/sgf/
+# Reference: https://www.red-bean.com/sgf/
 # Created by: Eduardo Sabbatella <eduardo_sabbatella@yahoo.com.ar>
 # Modified by (1): Abel Cheung (regex, more game format)
 # FIXME: Some games don't have GM (game type)
@@ -12303,7 +13537,7 @@
 >>&0		regex		[0-9a-z.]+				\b, version %s
 
 # Type:	SGF Smart Game Format
-# URL:	http://www.red-bean.com/sgf/
+# URL:	https://www.red-bean.com/sgf/
 # From:	Eduardo Sabbatella <eduardo_sabbatella@yahoo.com.ar>
 2	regex/c	\\(;.*GM\\[[0-9]{1,2}\\]	Smart Game Format
 >2	regex/c	GM\\[1\\]			- Go Game
@@ -12350,7 +13584,7 @@
 0		lelong		0x20010324 	gconv module configuration cache data
 
 #------------------------------------------------------------------------------
-# $File: geo,v 1.6 2018/03/11 00:48:16 christos Exp $
+# $File: geo,v 1.7 2019/04/19 00:42:27 christos Exp $
 # Geo- files from Kurt Schwehr <schwehr@ccom.unh.edu>
 
 ######################################################################
@@ -12399,7 +13633,7 @@
 
 ######################################################################
 #
-# MULTIBEAM SONARS http://www.ldeo.columbia.edu/res/pi/MB-System/formatdoc/
+# MULTIBEAM SONARS https://www.ldeo.columbia.edu/res/pi/MB-System/formatdoc/
 #
 ######################################################################
 
@@ -12417,11 +13651,11 @@
 # format. It is the format of our upgraded SeaBeam 2112 on R/V KNORR.
 0    string $HSF    XSE multibeam
 
-# mb121 http://www.saic.com/maritime/gsf/
+# mb121 https://www.saic.com/maritime/gsf/
 8	string	GSF-v	SAIC generic sensor format (GSF) sonar data,
 >&0	regex [0-9]*\.[0-9]*	version %s
 
-# MGD77 - http://www.ngdc.noaa.gov/mgg/dat/geodas/docs/mgd77.htm
+# MGD77 - https://www.ngdc.noaa.gov/mgg/dat/geodas/docs/mgd77.htm
 # mb161
 9	string MGD77	MGD77 Header, Marine Geophysical Data Exchange Format
 
@@ -12454,7 +13688,7 @@
 # https://midas.psi.ch/elog/
 0	string	$@MID@$	elog journal entry
 
-# Geospatial Designs http://www.geospatialdesigns.com/surfer6_format.htm
+# Geospatial Designs https://www.geospatialdesigns.com/surfer6_format.htm
 0	string		DSBB	Surfer 6 binary grid file
 >4	leshort		x	\b, %d
 >6	leshort		x	\bx%d
@@ -12467,7 +13701,7 @@
 
 # magic for LAS format files
 # alex myczko <alex@aiei.ch>
-# http://www.asprs.org/wp-content/uploads/2010/12/LAS_1_3_r11.pdf
+# https://www.asprs.org/wp-content/uploads/2010/12/LAS_1_3_r11.pdf
 0	string		LASF	LIDAR point data records
 >24	byte		>0	\b, version %u
 >25	byte		>0	\b.%u
@@ -12547,7 +13781,28 @@
 0	string	#\040GIMP\040Curves\040File	GIMP curve file
 
 #------------------------------------------------------------------------------
-# $File: gnome,v 1.5 2014/04/30 21:41:02 christos Exp $
+# $File: glibc,v 1.1 2018/10/11 15:35:43 christos Exp $
+# glibc locale files
+#
+# https://sourceware.org/git/?p=glibc.git;f=locale/localeinfo.h;h=68822a63#l32
+
+0	belong	0x20070920	glibc locale file LC_CTYPE
+0	belong	0x14110320	glibc locale file LC_NUMERIC
+0	belong	0x17110320	glibc locale file LC_TIME
+0	belong	0x17100520	glibc locale file LC_COLLATE
+0	belong	0x11110320	glibc locale file LC_MONETARY
+0	belong	0x10110320	glibc locale file LC_MESSAGES
+0	belong	0x13110320	glibc locale file LC_ALL
+0	belong	0x12110320	glibc locale file LC_PAPER
+0	belong	0x1d110320	glibc locale file LC_NAME
+0	belong	0x1c110320	glibc locale file LC_ADDRESS
+0	belong	0x1f110320	glibc locale file LC_TELEPHONE
+0	belong	0x1e110320	glibc locale file LC_MEASUREMENT
+0	belong	0x19110320	glibc locale file LC_IDENTIFICATION
+
+
+#------------------------------------------------------------------------------
+# $File: gnome,v 1.6 2019/04/19 00:42:27 christos Exp $
 # GNOME related files
 
 # Contributed by Josh Triplett
@@ -12589,7 +13844,7 @@
 # It's always "GVariant", it's byte swapped on incompatible archs
 # See https://github.com/GNOME/gvdb/blob/master/gvdb-builder.c
 # file_builder_serialise()
-# http://developer.gnome.org/glib/2.34/glib-GVariant.html#GVariant
+# https://developer.gnome.org/glib/2.34/glib-GVariant.html#GVariant
 0	string	GVariant	GVariant Database file,
 # version is never filled. probably future extension
 >8	lelong	x		version %d
@@ -12598,7 +13853,7 @@
 #>>>20	lelong	x		end %d
 
 # G-IR database made by gobject-introspect toolset,
-# http://live.gnome.org/GObjectIntrospection
+# https://live.gnome.org/GObjectIntrospection
 0	string		GOBJ\nMETADATA\r\n\032	G-IR binary database
 >16	byte		x			\b, v%d
 >17	byte		x			\b.%d
@@ -12606,7 +13861,7 @@
 >22	leshort		x			\b/%d local
 
 #------------------------------------------------------------------------------
-# $File: gnu,v 1.20 2018/02/24 16:11:23 christos Exp $
+# $File: gnu,v 1.21 2019/04/19 00:42:27 christos Exp $
 # gnu:  file(1) magic for various GNU tools
 #
 # GNU nlsutils message catalog file format
@@ -12754,7 +14009,7 @@
 
 
 # GnuPG Keybox file
-# <http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=kbx/keybox-blob.c;hb=HEAD>
+# <https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=kbx/keybox-blob.c;hb=HEAD>
 # From: Philipp Hahn <hahn@univention.de>
 0	belong	32
 >4	byte	1
@@ -13081,8 +14336,8 @@
 # end of ACE/gr and Grace type files - PLEASE DO NOT REMOVE THIS LINE
 
 #------------------------------------------------------------------------------
-# $File: graphviz,v 1.8 2014/06/03 19:01:34 christos Exp $
-# graphviz:  file(1) magic for http://www.graphviz.org/
+# $File: graphviz,v 1.9 2019/04/30 04:01:40 christos Exp $
+# graphviz:  file(1) magic for https://www.graphviz.org/
 
 # FIXME: These patterns match too generally. For example, the first
 # line matches a LaTeX file containing the word "graph" (with a {
@@ -13141,10 +14396,10 @@
 >3	string		>3		v.%.1s (unknown details)
 
 #------------------------------------------------------------------------------
-# $File: guile,v 1.1 2011/12/16 17:44:33 christos Exp $
+# $File: guile,v 1.2 2019/04/19 00:42:27 christos Exp $
 # Guile file magic from <dalepsmith@gmail.com>
-# http://www.gnu.org/s/guile/
-# http://git.savannah.gnu.org/gitweb/?p=guile.git;f=libguile/_scm.h;hb=HEAD#l250
+# https://www.gnu.org/s/guile/
+# https://git.savannah.gnu.org/gitweb/?p=guile.git;f=libguile/_scm.h;hb=HEAD#l250
 
 0	string	GOOF----	Guile Object
 >8	string	LE		\b, little endian
@@ -13154,7 +14409,19 @@
 >13	regex	.\..		\b, bytecode v%s
 
 #------------------------------------------------------------------------------
-# $File: hitachi-sh,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: hardware,v 1.1 2018/08/02 06:32:52 christos Exp $
+# hardware magic
+
+# EDID
+# https://en.wikipedia.org/wiki/Extended_Display_Identification_Data
+0	string		\x00\xFF\xFF\xFF\xFF\xFF\xFF\x00
+>19	byte		x
+>>18	byte		x	EDID data, version %u.
+>>19	byte		x	\b%u
+#>>17	ubyte+1990	<255	\b, manufactured %u
+
+#------------------------------------------------------------------------------
+# $File: hitachi-sh,v 1.9 2018/08/21 12:48:41 christos Exp $
 # hitach-sh: file(1) magic for Hitachi Super-H
 #
 # Super-H COFF
@@ -13172,6 +14439,7 @@
 # use big endian variant of subroutine to display name+variables+flags
 # for common object formated files
 >>0	use				\^display-coff
+!:strength -10
 
 0	leshort		0x0550
 # test for unused flag bits in f_flags
@@ -13179,10 +14447,11 @@
 # use little endian variant of subroutine to
 # display name+variables+flags for common object formated files
 >>0	use				display-coff
+!:strength -10
 
 
 #------------------------------------------------------------------------------
-# $File: hp,v 1.24 2014/04/30 21:41:02 christos Exp $
+# $File: hp,v 1.25 2019/01/13 00:32:38 christos Exp $
 # hp:  file(1) magic for Hewlett Packard machines (see also "printer")
 #
 # XXX - somebody should figure out whether any byte order needs to be
@@ -13302,12 +14571,6 @@
 0	belong 		0x020b010d	PA-RISC1.0 dynamic load library
 >96	belong		>0		- not stripped
 
-0	belong		0x213c6172	archive file
->68	belong 		0x020b0619	- PA-RISC1.0 relocatable library
->68	belong	 	0x02100619	- PA-RISC1.1 relocatable library
->68	belong 		0x02110619	- PA-RISC1.2 relocatable library
->68	belong 		0x02140619	- PA-RISC2.0 relocatable library
-
 #### 500
 0	long		0x02080106	HP s500 relocatable executable
 >16	long		>0		- version %d
@@ -13695,7 +14958,7 @@
 >24	belong		>0		- version %d
 
 #------------------------------------------------------------------------------
-# $File: ibm6000,v 1.13 2017/03/17 21:35:28 christos Exp $
+# $File: ibm6000,v 1.14 2019/03/07 17:21:54 christos Exp $
 # ibm6000:  file(1) magic for RS/6000 and the RT PC.
 #
 0	beshort		0x01df		executable (RISC System/6000 V3.1) or obj module
@@ -13712,6 +14975,8 @@
 0	belong		0x000001f9	AIX compiled message catalog
 0	string		\<aiaff>	archive
 0	string		\<bigaf>	archive (big format)
+0	belong		0x09006bea	AIX backup/restore format file
+0	belong		0x09006fea	AIX backup/restore format file
 
 0	beshort		0x01f7		64-bit XCOFF executable or object module
 >20	belong		0		not stripped
@@ -14013,7 +15278,7 @@
 !:mime	application/x-blorb
 
 #------------------------------------------------------------------------------
-# $File: images,v 1.131 2018/02/16 15:44:28 christos Exp $
+# $File: images,v 1.160 2019/04/19 00:42:27 christos Exp $
 # images:  file(1) magic for image formats (see also "iff", and "c-lang" for
 # XPM bitmaps)
 #
@@ -14040,23 +15305,25 @@
 # and Image Type 1 2 3 9 10 11 32 33
 # and Color Map Entry Size 0 15 16 24 32
 0	ubequad&0x00FeC400000000C0	0
+# Prevent conflicts with CRI ADX.
+>(2.S-2) belong	!0x28632943
 # skip more garbage like *.iso by looking for positive image type
->2	ubyte			>0
+>>2	ubyte			>0
 # skip some compiled terminfo like xterm+tmux by looking for image type less equal 33
->>2	ubyte			<34
+>>>2	ubyte			<34
 # skip arches.3200 , Finder.Root , Slp.1 by looking for low pixel depth 1 8 15 16 24 32
->>>16	ubyte			1
->>>>0		use		tga-image
->>>16	ubyte			8
->>>>0		use		tga-image
->>>16	ubyte			15
->>>>0		use		tga-image
->>>16	ubyte			16
->>>>0		use		tga-image
->>>16	ubyte			24
->>>>0		use		tga-image
->>>16	ubyte			32
->>>>0		use		tga-image
+>>>>16	ubyte			1
+>>>>>0		use		tga-image
+>>>>16	ubyte			8
+>>>>>0		use		tga-image
+>>>>16	ubyte			15
+>>>>>0		use		tga-image
+>>>>16	ubyte			16
+>>>>>0		use		tga-image
+>>>>16	ubyte			24
+>>>>>0		use		tga-image
+>>>>16	ubyte			32
+>>>>>0		use		tga-image
 #	display tga bitmap image information
 0	name				tga-image
 >2	ubyte		<34		Targa image data
@@ -14187,43 +15454,43 @@
 0	search/1	P1
 >0	regex/4		P1[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, bitmap
-!:strength + 45
+>>0	string		x	\b, bitmap
+!:strength + 65
 !:mime	image/x-portable-bitmap
 
 0	search/1	P2
 >0	regex/4		P2[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, greymap
-!:strength + 45
+>>0	string		x	\b, greymap
+!:strength + 65
 !:mime	image/x-portable-greymap
 
 0	search/1	P3
 >0	regex/4		P3[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, pixmap
-!:strength + 45
+>>0	string		x	\b, pixmap
+!:strength + 65
 !:mime	image/x-portable-pixmap
 
 0	string		P4
 >0	regex/4		P4[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, bitmap
-!:strength + 45
+>>0	string		x	\b, rawbits, bitmap
+!:strength + 65
 !:mime	image/x-portable-bitmap
 
 0	string		P5
 >0	regex/4		P5[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, greymap
-!:strength + 45
+>>0	string		x	\b, rawbits, greymap
+!:strength + 65
 !:mime	image/x-portable-greymap
 
 0	string		P6
 >0	regex/4		P6[\040\t\f\r\n]
 >>0	use		netpbm
->>>0	string		x	\b, rawbits, pixmap
-!:strength + 45
+>>0	string		x	\b, rawbits, pixmap
+!:strength + 65
 !:mime	image/x-portable-pixmap
 
 0	string		P7		Netpbm PAM image file
@@ -14248,7 +15515,7 @@
 # Canon RAW version 1 (CRW) files are a type of Canon Image File Format
 # (CIFF) file. These are apparently all little-endian.
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://www.sno.phy.queensu.ca/~phil/exiftool/canon_raw.html
+# URL: https://www.sno.phy.queensu.ca/~phil/exiftool/canon_raw.html
 0	string		II\x1a\0\0\0HEAPCCDR	Canon CIFF raw image data
 !:mime	image/x-canon-crw
 >16	leshort		x	\b, version %d.
@@ -14258,9 +15525,10 @@
 # number. Put this above the TIFF test to make sure we detect them.
 # These are apparently all little-endian.
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://libopenraw.freedesktop.org/wiki/Canon_CR2
+# URL: https://libopenraw.freedesktop.org/wiki/Canon_CR2
 0	string		II\x2a\0\x10\0\0\0CR	Canon CR2 raw image data
 !:mime	image/x-canon-cr2
+!:strength +80
 >10	byte		x	\b, version %d.
 >11	byte		x	\b%d
 
@@ -14268,10 +15536,12 @@
 # The second word of TIFF files is the TIFF version number, 42, which has
 # never changed.  The TIFF specification recommends testing for it.
 0	string		MM\x00\x2a	TIFF image data, big-endian
+!:strength +70
 !:mime	image/tiff
 >(4.L)	use		\^tiff_ifd
 0	string		II\x2a\x00	TIFF image data, little-endian
 !:mime	image/tiff
+!:strength +70
 >(4.l)	use		tiff_ifd
 
 0	name		tiff_ifd
@@ -14448,6 +15718,7 @@
 # Standard PNG image.
 0	string		\x89PNG\x0d\x0a\x1a\x0a\x00\x00\x00\x0DIHDR	PNG image data
 !:mime	image/png
+!:ext   png
 !:strength +10
 >16	use		png-ihdr
 
@@ -14455,6 +15726,7 @@
 0	string		\x89PNG\x0d\x0a\x1a\x0a\x00\x00\x00\x04CgBI
 >24	string  	\x00\x00\x00\x0DIHDR	PNG image data (CgBI)
 !:mime	image/png
+!:ext   png
 !:strength +10
 >>32	use		png-ihdr
 
@@ -14477,7 +15749,9 @@
 !:mime	image/x-unknown
 
 # GIF
+# Strength set up to beat 0x55AA DOS/MBR signature word lookups (+65)
 0	string		GIF8		GIF image data
+!:strength +80
 !:mime	image/gif
 !:apple	8BIMGIFf
 >4	string		7a		\b, version 8%s,
@@ -14574,7 +15848,7 @@
 # at offset 8 starts imagedata followed by "RGB " marker
 
 # PC bitmaps (OS/2, Windows BMP files)  (Greg Roelofs, newt@uchicago.edu)
-# http://en.wikipedia.org/wiki/BMP_file_format#DIB_header_.\
+# https://en.wikipedia.org/wiki/BMP_file_format#DIB_header_.\
 # 28bitmap_information_header.29
 0	string		BM
 >14	leshort		12		PC bitmap, OS/2 1.x format
@@ -14693,6 +15967,8 @@
 # data and image transfer, storage, etc., for the astronomical community.
 # (FITS floating point formats are big-endian.)
 0	string	SIMPLE\ \ =	FITS image data
+!:mime	image/fits
+!:ext	fits/fts
 >109	string	8		\b, 8-bit, character or unsigned binary integer
 >108	string	16		\b, 16-bit, two's complement binary integer
 >107	string	\ 32		\b, 32-bit, two's complement binary integer
@@ -14762,7 +16038,7 @@
 >5	byte	0xFF		(black background)
 
 # From: Alex Myczko <alex@aiei.ch>
-# http://www.atarimax.com/jindroush.atari.org/afmtatr.html
+# https://www.atarimax.com/jindroush.atari.org/afmtatr.html
 0	leshort	0x0296		Atari ATR image
 
 # XXX:
@@ -14788,8 +16064,8 @@
 
 # PCX image files
 # From: Dan Fandrich <dan@coneharvesters.com>
-# updated by Joerg Jenderek at Feb 2013 by http://de.wikipedia.org/wiki/PCX
-# http://web.archive.org/web/20100206055706/http://www.qzx.com/pc-gpe/pcx.txt
+# updated by Joerg Jenderek at Feb 2013 by https://de.wikipedia.org/wiki/PCX
+# https://web.archive.org/web/20100206055706/http://www.qzx.com/pc-gpe/pcx.txt
 # GRR: original test was still too general as it catches xbase examples T5.DBT,T6.DBT with 0xa000000
 # test for bytes 0x0a,version byte (0,2,3,4,5),compression byte flag(0,1), bit depth (>0) of PCX or T5.DBT,T6.DBT
 0	ubelong&0xffF8fe00	0x0a000000
@@ -14856,7 +16132,7 @@
 # Update: Joerg Jenderek
 # See http://fileformats.archiveteam.org/wiki/GEM_Raster
 # For variations, also see:
-#    http://www.seasip.info/Gem/ff_img.html (Ventura)
+#    https://www.seasip.info/Gem/ff_img.html (Ventura)
 #    http://www.atari-wiki.com/?title=IMG_file (XIMG, STTT)
 #    http://www.fileformat.info/format/gemraster/spec/index.htm (XIMG, STTT)
 #    http://sylvana.net/1stguide/1STGUIDE.ENG (TIMG)
@@ -14884,7 +16160,7 @@
 0   name        gem_info
 # version is 2 for some XIMG and 1 for all others
 >0	beshort		<0x0003		GEM
-# http://www.snowstone.org.uk/riscos/mimeman/mimemap.txt
+# https://www.snowstone.org.uk/riscos/mimeman/mimemap.txt
 !:mime	image/x-gem
 # header_size 24 25 27 59 779 words for colored bitmaps
 >>2	beshort		>9
@@ -15027,8 +16303,8 @@
 # and related image processing software used by biologists.
 # From: Vebjorn Ljosa <vebjorn@ljosa.com>
 # BOOL values are two-byte integers; use them to rule out false positives.
-# http://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt
-# Samples: http://www.loci.wisc.edu/software/sample-data
+# https://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt
+# Samples: https://www.loci.wisc.edu/software/sample-data
 14	leshort <2
 >62	leshort <2
 >>54	leshort 12345		Bio-Rad .PIC Image File
@@ -15059,7 +16335,7 @@
 
 # Originally by Marc Espie
 # Modified by Robert Minsk <robertminsk at yahoo.com>
-# http://www.openexr.com/openexrfilelayout.pdf
+# https://www.openexr.com/openexrfilelayout.pdf
 0	lelong		20000630	OpenEXR image data,
 !:mime image/x-exr
 >4	lelong&0x000000ff x		version %d,
@@ -15123,7 +16399,7 @@
 >768	beshort		7	bottom to top/right to left
 
 # From: Tom Hilinski <tom.hilinski@comcast.net>
-# http://www.unidata.ucar.edu/packages/netcdf/
+# https://www.unidata.ucar.edu/packages/netcdf/
 0	string	CDF\001			NetCDF Data Format data
 
 #-----------------------------------------------------------------------
@@ -15148,7 +16424,7 @@
 # http://www.xara.com/ for Windows and as GPL application for Linux
 0	string	XARA\243\243	Xara graphics file
 
-# http://www.cartesianinc.com/Tech/
+# https://www.cartesianinc.com/Tech/
 0	string	CPC\262		Cartesian Perceptual Compression image
 !:mime	image/x-cpi
 
@@ -15217,8 +16493,8 @@
 # extension is also used for
 # Sony SRF raw image (image/x-sony-srf)
 # SRF map
-# Terragen Surface Map (http://www.planetside.co.uk/terragen)
-# FileLocator Pro search criteria file (http://www.mythicsoft.com/filelocatorpro)
+# Terragen Surface Map (https://www.planetside.co.uk/terragen)
+# FileLocator Pro search criteria file (https://www.mythicsoft.com/filelocatorpro)
 !:ext srf
 #!:mime	image/x-garmin-srf
 # version 1.00,2.00,2.10,2.40,2.50
@@ -15239,7 +16515,7 @@
 0	string	Xcur			X11 cursor
 
 # Type:	Olympus ORF raw images.
-# URL:	http://libopenraw.freedesktop.org/wiki/Olympus_ORF
+# URL:	https://libopenraw.freedesktop.org/wiki/Olympus_ORF
 # From:	Adam Buchbinder <adam.buchbinder@gmail.com>
 0	string		MMOR		Olympus ORF raw image data, big-endian
 !:mime	image/x-olympus-orf
@@ -15260,7 +16536,7 @@
 #!mime	image/vnd.radiance
 
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://www.mpi-inf.mpg.de/resources/pfstools/pfs_format_spec.pdf
+# URL: https://www.mpi-inf.mpg.de/resources/pfstools/pfs_format_spec.pdf
 # Used by the pfstools packages. The regex matches for the image size could
 # probably use some work. The MIME type is made up; if there's one in
 # actual common use, it should replace the one below.
@@ -15270,7 +16546,7 @@
 >>1	regex	\ [0-9]{4}		\bx%s
 
 # Type: Foveon X3F
-# URL:  http://www.photofo.com/downloads/x3f-raw-format.pdf
+# URL:  https://www.photofo.com/downloads/x3f-raw-format.pdf
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
 # Note that the MIME type isn't defined anywhere that I can find; if
 # there's a canonical type for this format, it should replace this one.
@@ -15290,8 +16566,8 @@
 # From: "Tano M. Fotang" <mfotang@quanteq.com>
 0	string	\x46\x4d\x52\x00	ISO/IEC 19794-2 Format Minutiae Record (FMR)
 
-# doc: http://www.shikino.co.jp/eng/products/images/FLOWER.jpg.zip
-# example: http://www.shikino.co.jp/eng/products/images/FLOWER.wdp.zip
+# doc: https://www.shikino.co.jp/eng/products/images/FLOWER.jpg.zip
+# example: https://www.shikino.co.jp/eng/products/images/FLOWER.wdp.zip
 90	bequad		0x574D50484F544F00	JPEG-XR Image
 >98	byte&0x08	=0x08			\b, hard tiling
 >99	byte&0x80	=0x80			\b, tiling present
@@ -15343,7 +16619,7 @@
 # From: Johan van der Knijff <johan.vanderknijff@kb.nl>
 #
 # BPG (Better Portable Graphics) format
-# http://bellard.org/bpg/
+# https://bellard.org/bpg/
 # http://fileformats.archiveteam.org/wiki/BPG
 #
 0	string	\x42\x50\x47\xFB	BPG (Better Portable Graphics)
@@ -15405,17 +16681,126 @@
 >8		ubelong		x		%dx
 >12		ubelong		x		\b%d
 
+# Type: Microsoft DirectDraw Surface (common data)
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	name	ms-directdraw-surface
+>0x10	ulelong	x			%u x
+>0x0C	ulelong	x			%u
+# Color depth.
+>0x58	ulelong	>0			\b, %u-bit color
+# Determine the pixel format.
+>0x50	ulelong&0x4	4
+# FIXME: Handle DX10 and XBOX formats.
+>>0x54	string	x			\b, compressed using %.4s
+>0x50	ulelong&0x2	0x2		\b, alpha only
+>0x50	ulelong&0x200	0x200		\b, YUV
+>0x50	ulelong&0x20000	0x20000		\b, luminance
+# RGB pixel format
+>0x50	ulelong&0x40	0x40
+
+# Determine the RGB format using the color masks.
+# ulequad order: 0xGGGGGGGGRRRRRRRR, 0xAAAAAAAABBBBBBBB
+
+>>0x58		ulelong	16
+
+# NOTE: 15-bit color formats usually have 16-bit listed as the color depth.
+>>>0x5C		ulequad	0x000003E000007C00
+>>>>0x64	ulequad 0x000000000000001F	\b, RGB555
+>>>0x5C		ulequad	0x000003E000001F00
+>>>>0x64	ulequad 0x000000000000007C	\b, BGR555
+
+>>>0x5C		ulequad	0x000007E00000F800
+>>>>0x64	ulequad 0x000000000000001F	\b, RGB565
+>>>0x5C		ulequad	0x000007E000001F00
+>>>>0x64	ulequad 0x00000000000000F8	\b, BGR565
+
+>>>0x5C		ulequad	0x000000F000000F00
+>>>>0x64	ulequad 0x0000F0000000000F	\b, ARGB4444
+>>>0x5C		ulequad	0x000000F00000000F
+>>>>0x64	ulequad 0x0000F00000000F00	\b, ABGR4444
+
+>>>0x5C		ulequad	0x00000F000000F000
+>>>>0x64	ulequad 0x0000000F000000F0	\b, RGBA4444
+>>>0x5C		ulequad	0x00000F00000000F0
+>>>>0x64	ulequad 0x0000000F0000F000	\b, BGRA4444
+
+>>>0x5C		ulequad	0x000000F000000F00
+>>>>0x64	ulequad 0x000000000000000F	\b, xRGB4444
+>>>0x5C		ulequad	0x000000F00000000F
+>>>>0x64	ulequad 0x0000000000000F00	\b, xBGR4444
+
+>>>0x5C		ulequad	0x00000F000000F000
+>>>>0x64	ulequad 0x00000000000000F0	\b, RGBx4444
+>>>0x5C		ulequad	0x00000F00000000F0
+>>>>0x64	ulequad 0x000000000000F000	\b, BGRx4444
+
+>>>0x5C		ulequad	0x000003E000007C00
+>>>>0x64	ulequad 0x000080000000001F	\b, ARGB1555
+>>>0x5C		ulequad	0x000003E000001F00
+>>>>0x64	ulequad 0x000080000000007C	\b, ABGR1555
+>>>0x5C		ulequad	0x000007C00000F800
+>>>>0x64	ulequad 0x000000010000003E	\b, RGBA5551
+>>>0x5C		ulequad	0x000007C00000003E
+>>>>0x64	ulequad 0x000000010000F800	\b, BGRA5551
+
+>>88		ulelong 24
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0x00000000000000FF	\b, RGB888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0x0000000000FF0000	\b, BGR888
+
+>>88		ulelong 32
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0xFF000000000000FF	\b, ARGB8888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0xFF00000000FF0000	\b, ABGR8888
+
+>>>0x5C		ulequad	0x00FF0000FF000000
+>>>>0x64	ulequad 0x000000FF0000FF00	\b, RGBA8888
+>>>0x5C		ulequad	0x00FF00000000FF00
+>>>>0x64	ulequad 0x000000FFFF000000	\b, BGBA8888
+
+>>>0x5C		ulequad	0x0000FF0000FF0000
+>>>>0x64	ulequad 0x00000000000000FF	\b, xRGB8888
+>>>0x5C		ulequad	0x0000FF00000000FF
+>>>>0x64	ulequad 0x0000000000FF0000	\b, xBGR8888
+
+>>>0x5C		ulequad	0x00FF0000FF000000
+>>>>0x64	ulequad 0x000000000000FF00	\b, RGBx8888
+>>>0x5C		ulequad	0x00FF00000000FF00
+>>>>0x64	ulequad 0x00000000FF000000	\b, BGBx8888
+
+# Less common 32-bit color formats.
+>>>0x5C		ulequad	0xFFFF00000000FFFF
+>>>>0x64	ulequad 0x0000000000000000	\b, G16R16
+>>>0x5C		ulequad	0x0000FFFFFFFF0000
+>>>>0x64	ulequad 0x0000000000000000	\b, R16G16
+
+>>>0x5C		ulequad	0x000FFC003FF00000
+>>>>0x64	ulequad 0xC0000000000003FF	\b, A2R10G10B10
+>>>0x5C		ulequad	0x000FFC00000003FF
+>>>>0x64	ulequad 0xC00000003FF00000	\b, A2B10G10R10
+
+# Type: Microsoft DirectDraw Surface
+# URL:	https://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
+# From: Morten Hustveit <morten@debian.org>
+# Updated by: David Korth <gerbilsoft@gerbilsoft.com>
+0	string/b	DDS\040\174\000\000\000 Microsoft DirectDraw Surface (DDS):
+>0	use	ms-directdraw-surface
+
 # Type: Sega PVR image.
 # From: David Korth <gerbilsoft@gerbilsoft.com>
 # References:
-# - http://fabiensanglard.net/Mykaruga/tools/segaPVRFormat.txt
+# - https://fabiensanglard.net/Mykaruga/tools/segaPVRFormat.txt
 # - https://github.com/yazgoo/pvrx2png
 # - https://github.com/nickworonekin/puyotools
 
 # Sega PVR header.
 0	name	sega-pvr-image-header
->0x0C	leshort	x	%d x
->0x0E	leshort	x	%d
+>0x0C	leshort	x	%u x
+>0x0E	leshort	x	%u
 # Image format.
 >0x08	byte	0	\b, ARGB1555
 >0x08	byte	1	\b, RGB565
@@ -15440,17 +16825,10 @@
 >0x09	byte	0x11	\b, small VQ & mipmap
 >0x09	byte	0x12	\b, square twiddled & mipmap
 
-# Sega PVR (Xbox) image header.
-# Contains an embedded DirectDraw surface instead of PVR data.
-0	name	sega-pvr-xbox-dds-header
->16	lelong	x	%d x
->12	lelong	x	%d,
->84	string	x	%.4s
-
 # Sega PVR image.
 0	string	PVRT
 >0x10	string	DDS\040\174\000\000\000 Sega PVR (Xbox) image:
->>0x20	use	sega-pvr-xbox-dds-header
+>>0x20	use	ms-directdraw-surface
 >0x10	belong	!0x44445320		Sega PVR image:
 >>0	use	sega-pvr-image-header
 
@@ -15458,15 +16836,15 @@
 0	string	GBIX
 >0x10	string	PVRT
 >>0x10	string	DDS\040\174\000\000\000 Sega PVR (Xbox) image:
->>>0x20	use	sega-pvr-xbox-dds-header
+>>>0x20	use	ms-directdraw-surface
 >>0x10	belong	!0x44445320		Sega PVR image:
 >>>0x10	use	sega-pvr-image-header
 >>0x08	lelong	x	\b, global index = %u
 
 # Sega GVR header.
 0	name	sega-gvr-image-header
->0x0C	beshort	x	%d x
->0x0E	beshort	x	%d
+>0x0C	beshort	x	%u x
+>0x0E	beshort	x	%u
 # Image data format.
 >0x0B	byte	0	\b, I4
 >0x0B	byte	1	\b, I8
@@ -15489,6 +16867,12 @@
 >>0x10	use	sega-gvr-image-header
 >>0x08	belong	x	\b, global index = %u
 
+# Sega GVR image with GCIX. (Wii)
+0	string	GCIX
+>0x10	string	GVRT	Sega GVR image:
+>>0x10	use	sega-gvr-image-header
+>>0x08	belong	x	\b, global index = %u
+
 # Light Field Picture
 # Documentation: http://optics.miloush.net/lytro/TheFileFormat.aspx
 # Typical file extensions: .lfp .lfr .lfx
@@ -15525,6 +16909,336 @@
 >20	lelong x 		%dx
 >24	lelong x		\b%d
 
+# Type: Khronos KTX texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://www.khronos.org/opengles/sdk/tools/KTX/file_format_spec/
+
+# glEnum decoding.
+# NOTE: Only the most common formats are listed here.
+0	name	khronos-ktx-glEnum
+>0	lelong	0x1907	\b, RGB
+>0	lelong	0x1908	\b, RGBA
+>0	lelong	0x1909	\b, LUMINANCE
+>0	lelong	0x190A	\b, LUMINANCE_ALPHA
+>0	lelong	0x80E1	\b, BGR
+>0	lelong	0x80E2	\b, BGRA
+>0	lelong	0x83A0	\b, RGB_S3TC
+>0	lelong	0x83A1	\b, RGB4_S3TC
+>0	lelong	0x83A2	\b, RGBA_S3TC
+>0	lelong	0x83A3	\b, RGBA4_S3TC
+>0	lelong	0x83A4	\b, RGBA_DXT5_S3TC
+>0	lelong	0x83A5	\b, RGBA4_DXT5_S3TC
+>0	lelong	0x8D64	\b, ETC1_RGB8_OES
+>0	lelong	0x9270	\b, COMPRESSED_R11_EAC
+>0	lelong	0x9271	\b, COMPRESSED_SIGNED_R11_EAC
+>0	lelong	0x9272	\b, COMPRESSED_RG11_EAC
+>0	lelong	0x9273	\b, COMPRESSED_SIGNED_RG11_EAC
+>0	lelong	0x9274	\b, COMPRESSED_RGB8_ETC2
+>0	lelong	0x9275	\b, COMPRESSED_SRGB8_ETC2
+>0	lelong	0x9276	\b, COMPRESSED_RGB8_PUNCHTHROUGH_ALPHA1_ETC2
+>0	lelong	0x9277	\b, COMPRESSED_SRGB8_PUNCHTHROUGH_ALPHA1_ETC2
+>0	lelong	0x9278	\b, COMPRESSED_RGBA2_ETC2_EAC
+>0	lelong	0x9279	\b, COMPRESSED_SRGB8_ALPHA8_ETC2_EAC
+>0	lelong	0x93B0	\b, COMPRESSED_RGBA_ASTC_4x4_KHR
+>0	lelong	0x93B1	\b, COMPRESSED_RGBA_ASTC_5x4_KHR
+>0	lelong	0x93B2	\b, COMPRESSED_RGBA_ASTC_5x5_KHR
+>0	lelong	0x93B3	\b, COMPRESSED_RGBA_ASTC_6x5_KHR
+>0	lelong	0x93B4	\b, COMPRESSED_RGBA_ASTC_6x6_KHR
+>0	lelong	0x93B5	\b, COMPRESSED_RGBA_ASTC_8x5_KHR
+>0	lelong	0x93B6	\b, COMPRESSED_RGBA_ASTC_8x6_KHR
+>0	lelong	0x93B7	\b, COMPRESSED_RGBA_ASTC_8x8_KHR
+>0	lelong	0x93B8	\b, COMPRESSED_RGBA_ASTC_10x5_KHR
+>0	lelong	0x93B9	\b, COMPRESSED_RGBA_ASTC_10x6_KHR
+>0	lelong	0x93BA	\b, COMPRESSED_RGBA_ASTC_10x8_KHR
+>0	lelong	0x93BB	\b, COMPRESSED_RGBA_ASTC_10x10_KHR
+>0	lelong	0x93BC	\b, COMPRESSED_RGBA_ASTC_12x10_KHR
+>0	lelong	0x93BD	\b, COMPRESSED_RGBA_ASTC_12x12_KHR
+>0	lelong	0x93D0	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_4x4_KHR
+>0	lelong	0x93D1	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_5x4_KHR
+>0	lelong	0x93D2	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_5x5_KHR
+>0	lelong	0x93D3	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_6x5_KHR
+>0	lelong	0x93D4	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_6x6_KHR
+>0	lelong	0x93D5	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x5_KHR
+>0	lelong	0x93D6	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x6_KHR
+>0	lelong	0x93D7	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_8x8_KHR
+>0	lelong	0x93D8	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x5_KHR
+>0	lelong	0x93D9	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x6_KHR
+>0	lelong	0x93DA	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x8_KHR
+>0	lelong	0x93DB	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_10x10_KHR
+>0	lelong	0x93DC	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_12x10_KHR
+>0	lelong	0x93DD	\b, COMPRESSED_SRGB8_ALPHA8_ASTC_12x12_KHR
+
+# Endian-specific KTX header.
+# TODO: glType (all textures I've seen so far are GL_UNSIGNED_BYTE)
+0	name	khronos-ktx-endian-header
+>20	lelong	x	\b, %u
+>24	lelong	>1	x %u
+>28	lelong	>1	x %u
+>8	lelong	>0
+>>8	use	khronos-ktx-glEnum
+>8	lelong	0
+>>12	use	khronos-ktx-glEnum
+
+# Main KTX header.
+# Determine endianness, then check the rest of the header.
+0	string	\xABKTX\ 11\xBB\r\n\x1A\n	Khronos KTX texture
+>12	lelong	0x04030201			(little-endian)
+>>16	use	khronos-ktx-endian-header
+>12	belong	0x04030201			(big-endian)
+>>16	use	\^khronos-ktx-endian-header
+
+# Type: Valve VTF texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://developer.valvesoftware.com/wiki/Valve_Texture_Format
+
+# VTF image formats.
+0	name	vtf-image-format
+>0	lelong	0	RGBA8888
+>0	lelong	1	ABGR8888
+>0	lelong	2	RGB888
+>0	lelong	3	BGR888
+>0	lelong	4	RGB565
+>0	lelong	5	I8
+>0	lelong	6	IA88
+>0	lelong	7	P8
+>0	lelong	8	A8
+>0	lelong	9	RGB888 (bluescreen)
+>0	lelong	10	BGR888 (bluescreen)
+>0	lelong	11	ARGB8888
+>0	lelong	12	BGRA8888
+>0	lelong	13	DXT1
+>0	lelong	14	DXT3
+>0	lelong	15	DXT5
+>0	lelong	16	BGRx8888
+>0	lelong	17	BGR565
+>0	lelong	18	BGRx5551
+>0	lelong	19	BGRA4444
+>0	lelong	20	DXT1+A1
+>0	lelong	21	BGRA5551
+>0	lelong	22	UV88
+>0	lelong	23	UVWQ8888
+>0	lelong	24	RGBA16161616F
+>0	lelong	25	RGBA16161616
+>0	lelong	26	UVLX8888
+
+# Main VTF header.
+0	string	VTF\0				Valve Texture Format
+>4	lelong	x				v%u
+>8	lelong	x				\b.%u
+>0x10	leshort	x				\b, %u
+>0x12	leshort	>1				x %u
+>4	lequad	0x0000000700000002
+>>0x3F	leshort	>1				x %u
+>0x18	leshort	>1				\b, %u frames
+>0x38	byte	x				\b, mipmaps: %u
+>0x34	lelong	>-1				\b,
+>>0x34	use	vtf-image-format
+
+# Type: Valve VTF3 (PS3) texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+0	string		VTF3	Valve Texture Format (PS3)
+>0x14	beshort		x	\b, %u
+>0x16	beshort		x	\b x %u
+>0x10	belong&0x2000	0	\b, DXT1
+>0x10	belong&0x2000	0x2000	\b, DXT5
+
+# Type: ASTC texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://stackoverflow.com/questions/22600678/determine-internal-format-of-given-astc-compressed-image-through-its-header
+# - https://stackoverflow.com/a/22682244
+0	lelong	0x5ca1ab13			ASTC
+>4	byte	x				%u
+>5	byte	x				\bx%u
+>6	byte	>1				\bx%u
+# X, Y, and Z dimensions are stored as 24-bit LE.
+# Pretend it's 32-bit and mask off the high byte.
+>7	lelong&0x00FFFFFF	x		texture, %u
+>10	lelong&0x00FFFFFF	x		x %u
+>13	lelong&0x00FFFFFF	>1		x %u
+
+# Zebra Metafile graphic
+# http://www.fileformat.info/format/zbr/egff.htm
+0	beshort	0x9a02	Zebra Metafile graphic
+>2	leshort 1	(version 1.x)
+>2	leshort	2	(version 1.1x or 1.2x)
+>2	leshort	3	(version 1.49)
+>2	leshort	4	(version 1.50)
+>4	string	x	(comment = %s)
+
+# Microsoft Paint graphic
+# http://www.fileformat.info/format/mspaint/egff.htm
+0	string	DanM 	icrosoft Paint image data (version 1.x)
+>4	leshort	x	(%d
+>>6	leshort	x	x %d)
+0	string	LinS 	Microsoft Paint image data (version 2.0)
+>4	leshort	x	(%d
+>>6	leshort	x	x %d)
+
+# reMarkable tablet internal file format (https://www.remarkable.com/)
+# https://github.com/ax3l/lines-are-beautiful
+# https://plasma.ninja/blog/devices/remarkable/binary/format/2017/12/26/\
+#	reMarkable-lines-file-format.html#what-to-do-next
+# from Axel Huebl
+0		string	reMarkable
+>11		string	lines
+>>17		string	with
+>>>22		string	selections
+>>>>33		string	and
+>>>>>37		string	layers
+>>>>>>43	lelong	x	reMarkable tablet notebook lines, 1404 x 1872, %x page(s)
+
+# newer per-page files for the reMarkable
+0		string	reMarkable
+>11		string	.lines
+>>18		string	file,
+>>>24		string	version=
+>>>>32		byte	x	reMarkable tablet page (v%c), 1404 x 1872,
+>>>>>43		lelong	x	%d layer(s)
+
+# Type: PVR3 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - http://cdn.imgtec.com/sdk-documentation/PVR+File+Format.Specification.pdf
+
+# PVR3 pixel formats.
+0	name		pvr3-pixel-format
+>4	ulelong	0
+>>0	ulelong	0	PVRTC 2bpp RGB
+>>0	ulelong	1	PVRTC 2bpp RGBA
+>>0	ulelong	2	PVRTC 4bpp RGB
+>>0	ulelong	3	PVRTC 4bpp RGBA
+>>0	ulelong	4	PVRTC-II 2bpp
+>>0	ulelong	5	PVRTC-II 4bpp
+>>0	ulelong	6	ETC1
+>>0	ulelong	7	DXT1
+>>0	ulelong	8	DXT2
+>>0	ulelong	9	DXT3
+>>0	ulelong	10	DXT4
+>>0	ulelong	11	DXT5
+>>0	ulelong	12	BC4
+>>0	ulelong	13	BC5
+>>0	ulelong	14	BC6
+>>0	ulelong	15	BC7
+>>0	ulelong	16	UYVY
+>>0	ulelong	17	YUY2
+>>0	ulelong	18	BW1bpp
+>>0	ulelong	19	R9G9B9E5 Shared Exponent
+>>0	ulelong	20	RGBG8888
+>>0	ulelong	21	GRGB8888
+>>0	ulelong	22	ETC2 RGB
+>>0	ulelong	23	ETC2 RGBA
+>>0	ulelong	24	ETC2 RGB A1
+>>0	ulelong	25	EAC R11
+>>0	ulelong	26	EAC RG11
+>>0	ulelong	27	ASTC_4x4
+>>0	ulelong	28	ASTC_5x4
+>>0	ulelong	29	ASTC_5x5
+>>0	ulelong	30	ASTC_6x5
+>>0	ulelong	31	ASTC_6x6
+>>0	ulelong	32	ASTC_8x5
+>>0	ulelong	33	ASTC_8x6
+>>0	ulelong	34	ASTC_8x8
+>>0	ulelong	35	ASTC_10x5
+>>0	ulelong	36	ASTC_10x6
+>>0	ulelong	37	ASTC_10x8
+>>0	ulelong	38	ASTC_10x10
+>>0	ulelong	39	ASTC_12x10
+>>0	ulelong	40	ASTC_12x12
+>>0	ulelong	41	ASTC_3x3x3
+>>0	ulelong	42	ASTC_4x3x3
+>>0	ulelong	43	ASTC_4x4x3
+>>0	ulelong	44	ASTC_4x4x4
+>>0	ulelong	45	ASTC_5x4x4
+>>0	ulelong	46	ASTC_5x5x4
+>>0	ulelong	47	ASTC_5x5x5
+>>0	ulelong	48	ASTC_6x5x5
+>>0	ulelong	49	ASTC_6x6x5
+>>0	ulelong	50	ASTC_6x6x6
+>4	ulelong	!0
+>>0	byte	!0	%c
+>>1	byte	!0	\b%c
+>>2	byte	!0	\b%c
+>>3	byte	!0	\b%c
+
+0	string		PVR\x03			PVR 3.0 texture:
+>0x18	ulelong		x	%u x
+>0x1C	ulelong		x	%u
+>0x20	ulelong		>1	x %u
+>0x08	byte		x	\b,
+>0x08	use	pvr3-pixel-format
+>0x10	ulelong		1	\b, sRGB
+>0x04	ulelong&0x02	0x02	\b, premultiplied alpha
+
+# Type: Microsoft Xbox XPR0 texture.
+# From: David Korth <gerbilsoft@gerbilsoft.com>
+# References:
+# - https://github.com/Cxbx-Reloaded/Cxbx-Reloaded/blob/develop/src/core/hle/D3D8/XbD3D8Types.h
+
+# XPR pixel formats.
+0	name	xbox-xpr-pixel-format
+>0	byte	0x00	L8
+>0	byte	0x01	AL8
+>0	byte	0x02	ARGB1555
+>0	byte	0x03	RGB555
+>0	byte	0x04	ARGB4444
+>0	byte	0x05	RGB565
+>0	byte	0x06	ARGB8888
+>0	byte	0x07	xRGB8888
+>0	byte	0x0B	P8
+>0	byte	0x0C	DXT1
+>0	byte	0x0E	DXT2
+>0	byte	0x0F	DXT4
+>0	byte	0x10	Linear ARGB1555
+>0	byte	0x11	Linear RGB565
+>0	byte	0x12	Linear ARGB8888
+>0	byte	0x13	Linear L8
+>0	byte	0x16	Linear R8B8
+>0	byte	0x17	Linear G8B8
+>0	byte	0x19	A8
+>0	byte	0x1A	A8L8
+>0	byte	0x1B	Linear AL8
+>0	byte	0x1C	Linear RGB555
+>0	byte	0x1D	Linear ARGB4444
+>0	byte	0x1E	Linear xRGB8888
+>0	byte	0x1F	Linear A8
+>0	byte	0x20	Linear A8L8
+>0	byte	0x24	YUY2
+>0	byte	0x25	UYVY
+>0	byte	0x27	L6V5U5
+>0	byte	0x28	V8U8
+>0	byte	0x29	R8B8
+>0	byte	0x2A	D24S8
+>0	byte	0x2B	F24S8
+>0	byte	0x2C	D16
+>0	byte	0x2D	F16
+>0	byte	0x2E	Linear D24S8
+>0	byte	0x2F	Linear F24S8
+>0	byte	0x30	Linear D16
+>0	byte	0x31	Linear F16
+>0	byte	0x32	L16
+>0	byte	0x33	V16U16
+>0	byte	0x35	Linear L16
+>0	byte	0x36	Linear V16U16
+>0	byte	0x37	Linear L6V5U5
+>0	byte	0x38	RGBA5551
+>0	byte	0x39	RGBA4444
+>0	byte	0x3A	QWVU8888
+>0	byte	0x3B	BGRA8888
+>0	byte	0x3C	RGBA8888
+>0	byte	0x3D	Linear RGBA5551
+>0	byte	0x3E	Linear RGBA4444
+>0	byte	0x3F	Linear ABGR8888
+>0	byte	0x40	Linear BGRA8888
+>0	byte	0x41	Linear RGBA8888
+>0	byte	0x64	Vertex Data
+
+0	string		XPR0	Microsoft Xbox XPR0 texture
+>0x19	byte	x	\b, format:
+>>0x19	use	xbox-xpr-pixel-format
+
 #------------------------------------------------------------------------------
 # $File: inform,v 1.5 2009/09/19 16:28:09 christos Exp $
 # inform:  file(1) magic for Inform interactive fiction language
@@ -15535,7 +17249,7 @@
 0	search/100/cW	constant\ story		Inform source text
 
 #------------------------------------------------------------------------------
-# $File: intel,v 1.16 2017/11/14 15:48:36 christos Exp $
+# $File: intel,v 1.17 2018/08/01 10:34:03 christos Exp $
 # intel:  file(1) magic for x86 Unix
 #
 # Various flavors of x86 UNIX executable/object (other than Xenix, which
@@ -15577,6 +17291,10 @@
 #>12	lelong		>0		not stripped
 # no hint found, that at offset 22 is version
 #>22	leshort		>0		- version %d
+0	leshort		0x0200
+>0	use				display-coff
+0	leshort		0x8664
+>0	use				display-coff
 
 # rom: file(1) magic for BIOS ROM Extensions found in intel machines
 #      mapped into memory between 0xC0000 and 0xFFFFF
@@ -15682,9 +17400,9 @@
 >20     long            x               stblsize %d
 
 #------------------------------------------------------------------------------
-# $File: isz,v 1.4 2017/03/17 21:35:28 christos Exp $
+# $File: isz,v 1.5 2019/04/19 00:42:27 christos Exp $
 # ISO Zipped file format
-# http://www.ezbsystems.com/isz/iszspec.txt
+# https://www.ezbsystems.com/isz/iszspec.txt
 0	string	IsZ!	ISO Zipped file
 >4	byte	x	\b, header size %u
 >5	byte	x	\b, version %u
@@ -15697,7 +17415,7 @@
 #>36	lelong	x	\b, block size %u
 
 #------------------------------------------------------------
-# $File: java,v 1.18 2015/11/29 22:08:14 christos Exp $
+# $File: java,v 1.21 2019/02/18 17:58:50 christos Exp $
 # Java ByteCode and Mach-O binaries (e.g., Mac OS X) use the
 # same magic number, 0xcafebabe, so they are both handled
 # in the entry called "cafebabe".
@@ -15719,9 +17437,27 @@
 # Java HPROF dumps
 # https://java.net/downloads/heap-snapshot/hprof-binary-format.html
 0	string		JAVA\x20PROFILE\x201.0.
->0x12	short		0
->>0x11	ushort-0x31	<2      Java HPROF dump,
->>0x17	beqdate/1000	x       created %s
+>0x12	byte		0
+>>0x11	ubyte-0x31	<2      Java HPROF dump,
+>>>0x17	beqdate/1000	x       created %s
+
+# Java jmod module
+# See https://hg.openjdk.java.net/jdk9/jdk9/jdk/file/tip/src/java.base/share/classes/jdk/internal/jmod/JmodFile.java
+# Grr. 2 byte magic "JM", really? In 2019?
+0	belong		0x4a4d0100	Java jmod module version 1.0
+!:mime	application/x-java-jmod
+
+# Java jlinked image
+# See https://hg.openjdk.java.net/jdk9/jdk9/jdk/file/tip/src/java.base/share/native/libjimage/imageFile.hpp
+0	belong	0xcafedada	Java module image (big endian)
+>4	beshort	>0x00	\b, version %d
+>6	beshort	x	\b.%d
+!:mime	application/x-java-image
+
+0	lelong	0xcafedada	Java module image (little endian)
+>6	leshort	>0x00	\b, version %d
+>4	leshort	x	\b.%d
+!:mime	application/x-java-image
 
 #------------------------------------------------------------------------------
 # $File: javascript,v 1.1 2012/06/16 13:30:36 christos Exp $
@@ -15741,7 +17477,7 @@
 !:mime application/javascript
 
 #------------------------------------------------------------------------------
-# $File: jpeg,v 1.31 2017/03/17 21:35:28 christos Exp $
+# $File: jpeg,v 1.32 2018/10/01 18:58:29 christos Exp $
 # JPEG images
 # SunOS 5.5.1 had
 #
@@ -15792,21 +17528,21 @@
 >>4	byte		x		\b, baseline, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 >0	beshort		0xFFC1
 >>(2.S+2)	use			jpeg_segment
 >>4	byte		x		\b, extended sequential, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 >0	beshort		0xFFC2
 >>(2.S+2)	use			jpeg_segment
 >>4	byte		x		\b, progressive, precision %d
 >>7	beshort		x		\b, %dx
 >>5	beshort		x		\b%d
->>9	byte		x		\b, frames %d
+>>9	byte		x		\b, components %d
 
 # Define Huffman Tables
 >0	beshort		0xFFC4
@@ -15887,13 +17623,13 @@
 !:mime	text/x-xmcd
 
 #------------------------------------------------------------------------------
-# $File: keepass,v 1.1 2012/12/24 22:14:56 christos Exp $
+# $File: keepass,v 1.2 2019/04/19 00:42:27 christos Exp $
 # keepass: file(1) magic for KeePass file
 #
 # Keepass Password Safe:
-#  * original one: http://keepass.info/
-#  * *nix port:    http://www.keepassx.org/
-#  * android port: http://code.google.com/p/keepassdroid/
+#  * original one: https://keepass.info/
+#  * *nix port:    https://www.keepassx.org/
+#  * android port: https://code.google.com/p/keepassdroid/
 
 0	lelong		0x9AA2D903	Keepass password database
 >4	lelong		0xB54BFB65	1.x KDB
@@ -15907,7 +17643,7 @@
 >4	lelong		0xB54BFB67	2.x KDBX
 
 #------------------------------------------------------------------------------
-# $File: kerberos,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: kerberos,v 1.3 2019/04/19 00:42:27 christos Exp $
 # kerberos: MIT kerberos file binary formats
 #
 
@@ -15931,7 +17667,7 @@
 #		can refer to ${name}
 #	- Provide a way to format strings as hex values
 #
-# http://www.gnu.org/software/shishi/manual/html_node/\
+# https://www.gnu.org/software/shishi/manual/html_node/\
 #	The-Keytab-Binary-File-Format.html
 #
 
@@ -15952,15 +17688,84 @@
 >4		use		keytab_entry
 
 #------------------------------------------------------------------------------
-# $File: kml,v 1.4 2017/03/17 21:35:28 christos Exp $
+# $File: kicad,v 1.1 2018/10/01 18:39:21 christos Exp $
+# kicad:  file(1) magic for KiCad files
+#
+# See
+#
+#	http://kicad-pcb.org
+#
+
+# KiCad Schematic Document
+0	    string  EESchema
+>8	    byte    0x20
+>>9	    string  Schematic
+>>>18	    byte    0x20		KiCad Schematic Document
+!:ext sch/bak
+>>>>24	    string  Version
+>>>>>31	    byte    0x20
+>>>>>>32    string  x			(Version %s)
+
+# KiCad Symbol Library
+0	    string  EESchema-LIBRARY
+>16	    byte    0x20		KiCad Symbol Library
+!:ext lib
+>>17	    string  Version
+>>>24	    byte    0x20
+>>>>25	    string  x			(Version %s)
+
+# KiCad Symbol Library Documentation
+0	    string  EESchema-DOCLIB
+>15	    byte    0x20		KiCad Symbol Library Documentation
+!:ext dcm
+>>17	    string  Version
+>>>24	    byte    0x20
+>>>>25	    string  x			(Version %s)
+
+# KiCad Board Layout
+0	    string  (kicad_pcb
+>10	    byte    0x20		KiCad Board Layout
+!:ext kicad_pcb/kicad_pcb-bak
+>>11	    string  (version
+>>>19	    byte    0x20
+>>>>20	    byte    x			(Version %c)
+
+# KiCad Footprint
+0	    string  (module
+>7	    byte    0x20		KiCad Footprint
+!:ext kicad_mod
+
+# KiCad Footprint (Legacy)
+0	    string  PCBNEW-LibModule-V1	    KiCad Footprint (Legacy)
+!:ext mod
+
+# KiCad Netlist
+0	    string  (export
+>7	    byte    0x20		KiCad Netlist
+!:ext net
+
+# KiCad Symbol Library Table
+0	    string  (sym_lib_table
+>14	    byte    0xA			KiCad Symbol Library Table
+>14	    byte    0xD			KiCad Symbol Library Table
+>14	    byte    0x20		KiCad Symbol Library Table
+
+# KiCad Footprint Library Table
+0	    string  (fp_lib_table
+>13	    byte    0xA			KiCad Footprint Library Table
+>13	    byte    0xD			KiCad Footprint Library Table
+>13	    byte    0x20		KiCad Footprint Library Table
+
+#------------------------------------------------------------------------------
+# $File: kml,v 1.5 2019/04/19 00:42:27 christos Exp $
 # Type: Google KML, formerly Keyhole Markup Language
 # Future development of this format has been handed
 # over to the Open Geospatial Consortium.
-# http://www.opengeospatial.org/standards/kml/
+# https://www.opengeospatial.org/standards/kml/
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
 0 string/t    \<?xml
 >20  search/400 \ xmlns=
->>&0 regex ['"]http://earth.google.com/kml Google KML document
+>>&0 regex ['"]https://earth.google.com/kml Google KML document
 !:mime application/vnd.google-earth.kml+xml
 >>>&1 string 2.0' \b, version 2.0
 >>>&1 string 2.1' \b, version 2.1
@@ -15970,15 +17775,15 @@
 # Type: OpenGIS KML, formerly Keyhole Markup Language
 # This standard is maintained by the
 # Open Geospatial Consortium.
-# http://www.opengeospatial.org/standards/kml/
+# https://www.opengeospatial.org/standards/kml/
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
->>&0 regex ['"]http://www.opengis.net/kml OpenGIS KML document
+>>&0 regex ['"]https://www.opengis.net/kml OpenGIS KML document
 !:mime application/vnd.google-earth.kml+xml
 >>>&1 string/t 2.2 \b, version 2.2
 
 #------------------------------------------------------------------------------
 # Type: Google KML Archive (ZIP based)
-# http://code.google.com/apis/kml/documentation/kml_tut.html
+# https://code.google.com/apis/kml/documentation/kml_tut.html
 # From: Asbjoern Sloth Toennesen <asbjorn@lila.io>
 0 string    PK\003\004
 >4  byte    0x14
@@ -16012,7 +17817,7 @@
 0	beshort		0x8000		lif file
 
 #------------------------------------------------------------------------------
-# $File: linux,v 1.64 2017/03/17 21:35:28 christos Exp $
+# $File: linux,v 1.67 2019/04/19 00:42:27 christos Exp $
 # linux:  file(1) magic for Linux files
 #
 # Values for Linux/i386 binaries, from Daniel Quinlan <quinlan@yggdrasil.com>
@@ -16068,7 +17873,7 @@
 #
 # PSF fonts, from H. Peter Anvin <hpa@yggdrasil.com>
 # Updated by Adam Buchbinder <adam.buchbinder@gmail.com>
-# See: http://www.win.tue.nl/~aeb/linux/kbd/font-formats-1.html
+# See: https://www.win.tue.nl/~aeb/linux/kbd/font-formats-1.html
 0	leshort		0x0436		Linux/i386 PC Screen Font v1 data,
 >2	byte&0x01	0		256 characters,
 >2	byte&0x01	!0		512 characters,
@@ -16091,7 +17896,7 @@
 4076    string          SWAPSPACE2LINHIB0001    Linux/i386 swap file (new style) (compressed hibernate)
 # according to man page of mkswap (8) March 1999
 # volume label and UUID Russell Coker
-# http://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
+# https://etbe.coker.com.au/2008/07/08/label-vs-uuid-vs-device/
 4086	string		SWAPSPACE2	Linux/i386 swap file (new style),
 >0x400	long		x		version %d (4K pages),
 >0x404	long		x		size %d pages,
@@ -16106,6 +17911,16 @@
 # From Daniel Novotny <dnovotny@redhat.com>
 # swap file for PowerPC
 65526	string		SWAPSPACE2	Linux/ppc swap file
+>0x400	long		x		version %d,
+>0x404	long		x		size %d pages,
+>1052	string		\0		no label,
+>1052	string		>\0		LABEL=%s,
+>0x40c	belong		x		UUID=%08x
+>0x410	beshort		x		\b-%04x
+>0x412	beshort		x		\b-%04x
+>0x414	beshort		x		\b-%04x
+>0x416	belong		x		\b-%08x
+>0x41a	beshort		x		\b%04x
 16374	string		SWAPSPACE2	Linux/ia64 swap file
 #
 # Linux kernel boot images, from Albert Cahalan <acahalan@cs.uml.edu>
@@ -16113,8 +17928,13 @@
 # and Nicolas Lichtmaier <nick@debian.org>
 # All known start with: b8 c0 07 8e d8 b8 00 90 8e c0 b9 00 01 29 f6 29
 # Linux kernel boot images (i386 arch) (Wolfram Kleff)
+# URL: https://www.kernel.org/doc/Documentation/x86/boot.txt
 514	string		HdrS		Linux kernel
 !:strength + 55
+# often no extension like in linux, vmlinuz, bzimage or memdisk but sometimes
+# Acronis Recovery kernel64.dat and Plop Boot Manager plpbtrom.bin
+# DamnSmallLinux 1.5 damnsmll.lnx 
+!:ext	/dat/bin/lnx
 >510	leshort		0xAA55		x86 boot executable
 >>518	leshort		>0x1ff
 >>>529	byte		0		zImage,
@@ -16205,7 +18025,10 @@
 
 # Linux ARM compressed kernel image
 # From: Kevin Cernekee <cernekee@gmail.com>
+# Update: Joerg Jenderek
 36	lelong	0x016f2818	Linux kernel ARM boot executable zImage (little-endian)
+# raspian "kernel7.img", Vu+ Ultimo4K "kernel_auto.bin"
+!:ext	img/bin
 36	belong	0x016f2818	Linux kernel ARM boot executable zImage (big-endian)
 
 ############################################################################
@@ -16234,7 +18057,7 @@
 # 0	lelong&0xFF00FFFF 0x17000301	ld86 SPARC executable
 
 # SYSLINUX boot logo files (from 'ppmtolss16' sources)
-# http://www.syslinux.org/wiki/index.php/SYSLINUX#Display_graphic_from_filename:
+# https://www.syslinux.org/wiki/index.php/SYSLINUX#Display_graphic_from_filename:
 # file extension .lss .16
 0	lelong	=0x1413f33d		SYSLINUX' LSS16 image data
 # syslinux-4.05/mime/image/x-lss16.xml
@@ -16363,7 +18186,7 @@
 >>&1	string		x			%s...)
 
 # Systemd journald files
-# See http://www.freedesktop.org/wiki/Software/systemd/journal-files/.
+# See https://www.freedesktop.org/wiki/Software/systemd/journal-files/.
 # From: Zbigniew Jedrzejewski-Szmek <zbyszek@in.waw.pl>
 
 # check magic
@@ -16455,7 +18278,7 @@
 #              the default version of locate on Arch Linux (and others).
 # File path:   /var/lib/mlocate/mlocate.db by default (but configurable)
 # Site:        https://fedorahosted.org/mlocate/
-# Format docs: http://linux.die.net/man/5/mlocate.db
+# Format docs: https://linux.die.net/man/5/mlocate.db
 # Type: mlocate database file
 # URL:  https://fedorahosted.org/mlocate/
 # From: Wander Nauta <info@wandernauta.nl>
@@ -16471,14 +18294,14 @@
 0		lelong		0x47361222	iproute2 addresses dump
 
 # Image and service files for CRIU tool.
-# URL: http://criu.org
+# URL: https://criu.org
 # From: Pavel Emelyanov <xemul@parallels.com>
 0		lelong		0x54564319	CRIU image file v1.1
 0		lelong		0x55105940	CRIU service file
 0		lelong		0x58313116	CRIU inventory
 
 # Kdump compressed dump files
-# http://sourceforge.net/p/makedumpfile/code/ci/master/tree/IMPLEMENTATION
+# https://sourceforge.net/p/makedumpfile/code/ci/master/tree/IMPLEMENTATION
 
 0		string		KDUMP          	Kdump compressed dump
 >8		long		x		v%d
@@ -16490,7 +18313,7 @@
 >337		string		>\0		\b, domain %s
 
 #------------------------------------------------------------------------------
-# $File: lisp,v 1.25 2017/03/17 21:35:28 christos Exp $
+# $File: lisp,v 1.26 2019/04/19 00:42:27 christos Exp $
 # lisp:  file(1) magic for lisp programs
 #
 # various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
@@ -16517,7 +18340,7 @@
 !:mime	text/x-lisp
 
 # URL: https://en.wikipedia.org/wiki/Emacs_Lisp
-# Reference: http://ftp.gnu.org/old-gnu/emacs/elisp-manual-18-1.03.tar.gz
+# Reference: https://ftp.gnu.org/old-gnu/emacs/elisp-manual-18-1.03.tar.gz
 # Update: Joerg Jenderek
 # Emacs 18 - this is always correct, but not very magical.
 0	string	\012(
@@ -16565,9 +18388,9 @@
 !:mime	text/texmacs
 
 #------------------------------------------------------------------------------
-# $File: llvm,v 1.8 2013/01/12 03:09:51 christos Exp $
+# $File: llvm,v 1.9 2019/04/19 00:42:27 christos Exp $
 # llvm:  file(1) magic for LLVM byte-codes
-# URL:  http://llvm.org/docs/BitCodeFormat.html
+# URL:  https://llvm.org/docs/BitCodeFormat.html
 # From: Al Stone <ahs3@fc.hp.com>
 
 0	string	llvm	LLVM byte-codes, uncompressed
@@ -16586,9 +18409,9 @@
 0	string	BC\xc0\xde	LLVM IR bitcode
 
 #------------------------------------------------------------------------------
-# $File: lua,v 1.6 2013/01/09 16:23:17 christos Exp $
+# $File: lua,v 1.7 2019/04/19 00:42:27 christos Exp $
 # lua:  file(1) magic for Lua scripting language
-# URL:  http://www.lua.org/
+# URL:  https://www.lua.org/
 # From: Reuben Thomas <rrt@sc3d.org>, Seo Sanghyeon <tinuviel@sparcs.kaist.ac.kr>
 
 # Lua scripts
@@ -16620,12 +18443,14 @@
 >72	string		x		%s]
 >168	string		x		UUID: %s
 #------------------------------------------------------------------------------
-# $File: m4,v 1.2 2017/08/14 07:40:38 christos Exp $
+# $File: m4,v 1.3 2019/02/27 16:46:23 christos Exp $
 # make:  file(1) magic for M4 scripts
 #
-0	regex	\^dnl\ 		M4 macro processor script text
+0	search/8192	dnl
+>0	regex	\^dnl\ 		M4 macro processor script text
 !:mime	text/x-m4
-0	regex	\^AC_DEFUN\\(\\[	M4 macro processor script text
+0	search/8192	AC_DEFUN
+>0	regex	\^AC_DEFUN\\(\\[	M4 macro processor script text
 !:strength + 15
 !:mime	text/x-m4
 
@@ -16881,7 +18706,7 @@
 >0	use	mach-o-be
 
 #------------------------------------------------------------------------------
-# $File: macintosh,v 1.28 2017/12/05 02:17:48 christos Exp $
+# $File: macintosh,v 1.29 2019/04/19 00:42:27 christos Exp $
 # macintosh description
 #
 # BinHex is the Macintosh ASCII-encoded file format (see also "apple")
@@ -16943,7 +18768,7 @@
 # MacBinary format (Eric Fischer, enf@pobox.com)
 # Update: Joerg Jenderek 
 # URL: https://en.wikipedia.org/wiki/MacBinary
-# Reference: http://files.stairways.com/other/macbinaryii-standard-info.txt
+# Reference: https://files.stairways.com/other/macbinaryii-standard-info.txt
 #
 # Unfortunately MacBinary doesn't really have a magic number prior
 # to the MacBinary III format.
@@ -17061,8 +18886,8 @@
 
 # Apple Type/Creator Database
 # URL: https://en.wikipedia.org/wiki/Type_code
-# Reference:	http://www.lacikam.co.il/tcdb/
-#		http://www.macdisk.com/macsigen.php
+# Reference:	https://www.lacikam.co.il/tcdb/
+#		https://www.macdisk.com/macsigen.php
 # Note:	classic Mac OS files have two 4 character codes for type and creator.
 #	Thereby the Finder attach documents types to applications.
 
@@ -17260,7 +19085,7 @@
 >0x424	pstring			x		volume name: %s
 
 # *.hfs updated by Joerg Jenderek
-# http://en.wikipedia.org/wiki/Hierarchical_File_System
+# https://en.wikipedia.org/wiki/Hierarchical_File_System
 # "BD" gives many false positives
 0x400	beshort			0x4244
 # ftp://ftp.mars.org/pub/hfs/hfsutils-3.2.6.tar.gz/hfsutils-3.2.6/libhfs/apple.h
@@ -17271,7 +19096,7 @@
 !:mime	application/x-apple-diskimage
 #!:apple	hfsdINIT
 #!:apple	MACSdisk
-# http://www.macdisk.com/macsigen.php
+# https://www.macdisk.com/macsigen.php
 #!:apple	ddskdevi
 !:apple	????devi
 # https://en.wikipedia.org/wiki/Apple_Disk_Image
@@ -17283,7 +19108,7 @@
 >>>0x40a	beshort			&0x0200	(spared blocks)
 >>>0x40a	beshort			&0x0800	(unclean)
 >>>0x47C	beshort			0x482B	(Embedded HFS+ Volume)
-# http://www.epochconverter.com/
+# https://www.epochconverter.com/
 # 0x7C245F00 seconds	~ 2082758400	~ 01 Jan 2036 00:00:00	~ 66 years to 1970
 # 0x7C25B080 seconds	~ 2082844800	~ 02 Jan 2036 00:00:00
 # construct not working
@@ -17339,7 +19164,7 @@
 0		string		BOMStore	Mac OS X bill of materials (BOM) file
 
 # From: Adam Buchbinder <adam.buchbinder@gmail.com>
-# URL: http://en.wikipedia.org/wiki/Datafork_TrueType
+# URL: https://en.wikipedia.org/wiki/Datafork_TrueType
 # Derived from the 'fondu' and 'ufond' source code (fondu.sf.net). 'sfnt' is
 # TrueType; 'POST' is PostScript. 'FONT' and 'NFNT' sometimes appear, but I
 # don't know what they mean.
@@ -17367,7 +19192,7 @@
 0	belong		0xF11E041C	magic binary file for file(1) cmd
 >4	belong		x		(version %d) (big endian)
 #------------------------------------------------------------------------------
-# $File: mail.news,v 1.23 2015/06/29 14:44:26 christos Exp $
+# $File: mail.news,v 1.24 2019/04/19 00:42:27 christos Exp $
 # mail.news:  file(1) magic for mail and news
 #
 # Unfortunately, saved netnews also has From line added in some news software.
@@ -17425,7 +19250,7 @@
 #0	string		\<!--\ MHonArc		text/html; x-type=mhonarc
 
 # Cyrus: file(1) magic for compiled Cyrus sieve scripts
-# URL: http://www.cyrusimap.org/docs/cyrus-imapd/2.4.6/internal/bytecode.php
+# URL: https://www.cyrusimap.org/docs/cyrus-imapd/2.4.6/internal/bytecode.php
 # URL: http://git.cyrusimap.org/cyrus-imapd/tree/sieve/bytecode.h?h=master
 # From: Philipp Hahn <hahn@univention.de>
 
@@ -17435,7 +19260,7 @@
 >12     lelong =1       version 1, little-endian
 >12     belong x        version %d, network-endian
 #------------------------------------------------------------------------------
-# $File: make,v 1.3 2016/12/10 14:21:29 christos Exp $
+# $File: make,v 1.4 2018/05/29 17:26:02 christos Exp $
 # make:  file(1) magic for makefiles
 #
 # URL: https://en.wikipedia.org/wiki/Make_(software)
@@ -17453,29 +19278,36 @@
 # Reference: https://www.freebsd.org/cgi/man.cgi?make(1)
 # exclude grub-core\lib\libgcrypt\mpi\Makefile.am with "#BEGIN_ASM_LIST"
 # by additional escaping point character
-0	regex/100l	\^\\.BEGIN	BSD makefile script text with "%s"
+0	regex/100l	\^\\.BEGIN	BSD makefile script text
 !:mime	text/x-makefile
 !:ext	/mk
+!:strength +10
 # exclude MS Windows help file CoNtenT with ":include FOOBAR.CNT"
 # and NSIS script with "!include" by additional escaping point character
-0	regex/100l	\^\\.include	BSD makefile script text with "%s"
+0	regex/100l	\^\\.include	BSD makefile script text
 !:mime	text/x-makefile
 !:ext	/mk
+!:strength +10
+0	regex/100l	\^\\.endif	BSD makefile script text
+!:mime	text/x-makefile
+!:ext	/mk
+!:strength +10
 0	regex/100l	\^SUBDIRS	automake makefile script text
 !:mime	text/x-makefile
+!:strength +10
 
 
 #------------------------------------------------------------------------------
-# $File: map,v 1.4 2015/08/10 05:18:27 christos Exp $
+# $File: map,v 1.7 2019/04/30 04:02:04 christos Exp $
 # map:  file(1) magic for Map data
 #
 
-# Garmin .FIT files http://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
+# Garmin .FIT files https://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
 8	string	.FIT		FIT Map data
 >15	byte	0
 >>35	belong	x		\b, unit id %d
 >>39	lelong	x		\b, serial %u
-# http://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
+# https://pub.ks-and-ks.ne.jp/cycling/edge500_fit.shtml
 # 20 years after unix epoch
 # TZ=GMT date -d '1989-12-31 0:00' +%s
 >>43	leldate+631065600	x	\b, %s
@@ -17491,8 +19323,298 @@
 >>53	byte	8		\b (Elevations)
 >>53	byte	10		\b (Totals)
 
+# Summary: Garmin map
+# From:	Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Garmin_.img
+# Reference: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/IMG_File_Format
+# sourceforge.net/projects/garmin-img/files/IMG%20File%20Format/1.0/imgformat-1.0.pdf
+# GRR: similar to MBR boot sector handled by ./filesystems
+0x1FE	leshort		=0xAA55
+# look for valid map signature
+>0x13	string		=IMG\0
+>>0	use		garmin-map
+0	name				garmin-map
+>0	ubyte		x		Garmin
+!:mime	application/x-garmin-map
+# If non-zero, every byte of the entire .img file is to be XORed with this value
+>0	ubyte		!0		\b, 0x%x XORed
+# goto block before FAT
+>(0x40.b*512)	ubyte	x
+# 1st fat name "DLLINFO TXT" only found for vpm
+>>&512 		string	=DLLINFO\ TXT 	map (Voice Processing)
+# there exist 2 other Garmin VPM formats; see ./audio
+!:ext	vpm
+# Deutsch__Yannick_D4481-00_0210.vpm
+#>>>512	search/0x0116da60/s	RIFF	\b; with
+# determine type voice type by ./riff
+#>>>>&0	indirect	x	\b
+>>&512 		string	!DLLINFO\ TXT 	map
+!:ext	img
+# 9 zeros
+>1 	ubelong		!0 		\b, zeroes 0x%x
+# Map's version major
+>8	ubyte		x		v%u
+# Map's version minor
+>9	ubyte		x		\b.%.2u
+# Map description[20], 0x20 padded
+>0x49	string		x		%.20s
+# Map name, continued (0x20 padded, \0 terminated)
+>0x65	string		>\ 		\b%.31s
+# Update year (+1900 for val >= 0x63, +2000 for val <= 0x62)
+>0xB	ubyte		x		\b, updated
+>>0xB	ubyte		>0x62
+>>>0xB	ubyte-100	x		20%.2u
+>>0xB	ubyte		<0x63
+>>>0xB	ubyte		x		20%.2u
+# Update month (0-11)
+>0xA	ubyte		x		\b-%.2u
+# All zeroes
+>0xc 	uleshort	!0 		\b, zeroes 0x%x
+# Mapsource flag, 1 - file created by Mapsource, 0 - Garmin map visible in Basecamp and Homeport 
+#>0xE	ubyte		!0		\b, Mapsource flag 0x%x
+>0xE	ubyte		1		\b, Mapsource
+# Checksum, sum of all bytes modulo 256 should be 0
+#>0xF	ubyte		x		\b, Checksum 0x%x
+# Signature: DSKIMG 0x00 or DSDIMG 0x00 for demo map 
+>0x10	string		!DSKIMG		\b, signature "%.7s"
+>0x39	use		garmin-date
+# Map file identifier like GARMIN\0
+>0x41	string		!GARMIN		\b, id "%.7s"
+# Block size exponent, E1; appears to always be 0x09; minimum block size 512 bytes
+>0x61	ubyte		!0x09		\b, E1=%u
+# Block size exponent, E2 ; file blocksize=2**(E1+E2)
+>>0x62	ubyte		x		\b, E2=%u
+>0x61	ubyte		=0x09		\b, blocksize
+>>0x62	ubyte		0		512
+>>0x62	ubyte		1		1024
+>>0x62	ubyte		2		2048
+>>0x62	ubyte		3		4096
+>>0x62	ubyte		4		8192
+>>0x62	ubyte		5		16384
+>>0x62	default		x
+>>>0x62	ubyte		x		E2=%u
+# MBR signature
+>0x1FE	leshort		!0xAA55		\b, invalid MBR
+# 512 zeros
+>0x200 	uquad		!0		\b, zeroes 0x%llx
+# First sub-file offset (absolute); sometimes NO/UNKNOWN sub file!
+>0x40C	ulelong		>0		\b, at 0x%x
+# sub-file Header length
+#>>(0x40C.l)	uleshort	x	\b, header len 0x%x
+>>(0x40C.l)	uleshort	x	%u bytes
+# sub-file Type[10] like "GARMIN RGN" "GARMIN TRE", "GARMIN TYP", etc.
+>>(0x40C.l+2)	ubyte	>0x1F
+>>>(0x40C.l+2)	ubyte	<0xFF
+>>>>(0x40C.l+2)	string	x		"%.10s"
+# 0x00 for most maps, 0x80 for locked maps (City Nav, City Select, etc.) 
+>>>>(0x40C.l+13)	ubyte	>0		\b, locked 0x%x
+# Block sequence numbers like 0000 0100 0200 ... FFFF
+# >0x420	ubequad		>0	\b, seq. 0x%16.16llx
+# >>0x428	ubequad		>0	\b%16.16llx
+# >>>0x430	ubequad	>0	\b%16.16llx
+# >>>>0x438	ubequad	>0	\b%16.16llx
+# >>>>>0x440	ubequad	>0	\b%16.16llx
+# >>>>>>0x448	ubequad	>0	\b%16.16llx
+# >>>>>>>0x450	ubequad	>0	\b%16.16llx
+# >>>>>>>>0x458	ubequad	>0	\b%16.16llx
+# >>>>>>>>>0x460	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>0x468	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>0x470	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>0x478	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>0x480	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>0x488	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>0x490	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>0x498	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>>0x4A0	ubequad	>0	\b%16.16llx
+# >>>>>>>>>>>>>>>>>>0x4A8	ubequad	>0	\b%16.16llx
+# look for end of FAT
+#>>0x420	search/512/s	\xff\xff	FAT END
+# Physical block number of FAT header
+#>0x40	ubyte		x		\b, FAT at phy. block %u
+>0x40	ubyte		x
+>>(0x40.b*512)	ubyte	x
+# 1st FAT block
+>>>&511 	use	garmin-fat
+# 2nd FAT block
+>>>&1023 	use	garmin-fat
+# 3th FAT block
+>>>&1535 	use	garmin-fat
+# 4th FAT block
+>>>&2047 	use	garmin-fat
+# ... xth FAT block
+#
+# 314 zeros but not in vpm and also gmaptz.img
+>0x84 	uquad		!0		\b, at 0x84 0x%llx
+# display FileAllocationTable block entry in garmin map
+0	name				garmin-fat
+>0	ubyte		x		\b;
+# sub file part; 0x0003 seems to be garbage
+>0x10	uleshort	!0		next 0x%4.4x
+>0x10	uleshort	=0
+# fat flag 0~dummy block 1~true sub file
+>>0	ubyte		!1		flag %u 
+>>0	ubyte		=1
+# sub-file name like MAKEGMAP 12345678
+>>>0x1	string		x		%.8s
+# sub-file typ like RGN TRE MDR LBL
+>>>0x9	string		x		\b.%.3s
+# size of sub file
+>>>0xC	ulelong		x		\b, %u bytes
+# 32-bit block sequence numbers
+#>>>0x20	ubequad		x		\b, seq. 0x%16.16llx
+
+#	display date stored inside Garmin maps like yyyy-mm-dd h:mm:ss
+0	name				garmin-date
+# year like 2018
+>0 	uleshort	x 		\b, created %u
+# month (0-11)
+>2	ubyte		x		\b-%.2u
+# day (1-31)
+>3	ubyte		x		\b-%.2u
+# hour (0-23)
+>4	ubyte		x		%u
+# minute (0-59)
+>5	ubyte		x		\b:%.2u
+# second (0-59)
+>6	ubyte		x		\b:%.2u
+
+# Summary: Garmin Map subfiles
+# From:	Joerg Jenderek
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/IMG_File_Format
+# Garmin Common Header
+2	string	GARMIN\ 
+# skip ASCII text by checking for low header length
+>0	uleshort <0x1000	Garmin map,
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/GMP_Subfile_Format
+>>9	string	GMP				subtile
+!:mime			application/x-garmin-gpm
+!:ext			gmp
+# copyright message
+>>>(0.s)		string		x	%s
+>>>0x0E 		use		garmin-date
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/MDR_Subfile_Format
+# This contains the searchable address table used for finding routing destinations
+>>9	string	MDR				address table
+!:mime			application/x-garmin-mdr
+!:ext			mdr
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/NOD_Subfile_Format
+# http://svn.parabola.me.uk/display/trunk/doc/nod.txt
+# This contains the routing information
+>>9	string	NOD				routing
+!:mime			application/x-garmin-nod
+!:ext			nod
+>>>0x0E 		use		garmin-date
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes NOD1
+#>>>0x25			ulelong		x	\b, at 0x%x
+#>>>0x29			ulelong		x	0x%x bytes NOD2
+#>>>0x31			ulelong		x	\b, at 0x%x
+#>>>0x35			ulelong		x	0x%x bytes NOD3
+# URL: http://www.pinns.co.uk/osm/net.html
+# routable highways (length, direction, allowed speed,house address information)
+>>9	string	NET				highways
+!:mime			application/x-garmin-net
+!:ext			net
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes NET1
+#>>>0x22			ulelong		>0
+#>>>>0x1E		ulelong		x	\b, at 0x%x
+#>>>>0x22		ulelong		x	0x%x bytes NET2
+#>>>0x2B			ulelong		>0
+#>>>>0x27		ulelong		x	\b, at 0x%x
+#>>>>0x2B		ulelong		x	0x%x bytes NET3
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/LBL_Subfile_Format
+>>9	string	LBL				labels
+!:mime			application/x-garmin-lbl
+!:ext			lbl
+>>>(0.s)		string	x	%s
+# Label coding type 6h 9h and ah
+>>>0x1E			ubyte		x	\b, coding type 0x%x
+#>>>0x15			ulelong		x	\b, at 0x%x
+#>>>0x19			ulelong		x	0x%x bytes LBL1
+#>>>0x1F			ulelong		x	\b, at 0x%x
+#>>>0x23			ulelong		x	0x%x bytes LBL2
+#>>>0x2D			ulelong		x	\b, at 0x%x
+#>>>0x31			ulelong		x	0x%x bytes LBL3
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/SRT_Subfile_Format
+# A lookup table of the chars in the map's codepage, and their collating sequence
+>>9	string	SRT				sort table
+!:mime			application/x-garmin-srt
+!:ext			srt
+>>>0x0E 		use		garmin-date
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/TRE_Subfile_Format
+>>9	string	TRE				tree
+!:mime			application/x-garmin-tre
+!:ext			tre
+# title like City Nav Europe NTU 2019.2 Basemap
+# or OSM Street map
+>>>(0.s)		string		x	%s
+# 2nd title like Copyright 1995-2018 by GARMIN Corporation.
+# or http://www.openstreetmap.org/
+>>>>&1			string		x	%s
+>>>0x0E 		use		garmin-date
+#>>>0x21			ulelong		x	\b, at 0x%x
+#>>>0x25			ulelong		x	0x%x bytes TRE1
+#>>>0x29			ulelong		x	\b, at 0x%x
+#>>>0x2D			ulelong		x	0x%x bytes TRE2
+#>>>0x31			ulelong		x	\b, at 0x%x
+#>>>0x35			ulelong		x	0x%x bytes TRE3
+# Copyright record size
+#>>>0x39			uleshort	x	\b, copyright record size %u
+# Map ID
+>>>0x74			ulelong		x	\b, ID 0x%x
+# URL: https://www.gpspower.net/garmin-tutorials/353310-basecamp-installing-free-desktop-map.html
+# For road traffic information service (RDS/TMS/TMC). Commonly seen in City Navigator maps
+>>9	string	TRF				traffic,
+!:mime			application/x-garmin-trf
+!:ext			trf
+# city/region like Preitenegg
+>>>(0.s+1) 		string		x	1st %s
+# highway part like L606/L148
+>>>>&1			string		x	%s
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/Format
+# Reference: http://www.pinns.co.uk/osm/typformat.html
+# customize the appearance of objects. For GPS and MapSource/Qlandkarte better looking maps
+>>9	string	TYP				types
+!:mime			application/x-garmin-typ
+!:ext			typ
+>>>0x0E 		use		garmin-date
+# character set 1252 65001~UTF8
+>>>0x15			uleshort	x	\b, code page %u
+# POIs
+#>>>0x17			ulelong		x	\b, at 0x%x
+#>>>0x1B			ulelong		x	0x%x bytes TYP1
+# extra pois
+#>>>0x5B			ulelong		x	\b, at 0x%x
+#>>>0x5F			ulelong		x	0x%x bytes TYP8
+# URL: https://wiki.openstreetmap.org/wiki/OSM_Map_On_Garmin/RGN_Subfile_Format
+# http://www.pinns.co.uk/osm/RGN.html
+# region data used by the Garmin software
+>>9	string	RGN				region
+!:mime			application/x-garmin-rgn
+!:ext			rgn
+# POIs,Indexed POIs,Polylines or Polygons or first map level
+#>>>0x15			ulelong	       x	\b, at 0x%x
+#>>>0x19			ulelong	       x	0x%x bytes RGN1
+# polygons with extended types
+#>>>0x21			ulelong	       >0
+#>>>>0x1D		ulelong	       x	\b, at 0x%x
+#>>>>0x21		ulelong	       x	0x%x bytes RGN2
+# polylines with extended types
+#>>>0x3D			ulelong	       >0
+#>>>>0x39		ulelong	       x	\b, at 0x%x
+#>>>>0x3D		ulelong	       x	0x%x bytes RGN3
+# extended POIs
+#>>>0x59			ulelong	       >0
+#>>>>0x55		ulelong	       x	\b, at 0x%x
+#>>>>0x59		ulelong	       x	0x%x bytes RGN3
+#>>9	default		x		unknown map type
+# Header length; GMP:31h 35h 3Dh,MDR:11Eh 238h 2C4h 310h,NOD:3Fh 7Fh,NET:64h,
+# LBL:2A9h,SRT:1Dh 25h 27h,TRE:CFh 135h,TRF:5Ah,TYP:5Bh 6Eh 7Ch AEh,RGN:7Dh
+>>0	uleshort	x		\b, header length 0x%x
+
 # TOM TOM GPS watches ttbin files:
-# http://github.com/ryanbinns/ttwatch/tree/master/ttbin
+# https://github.com/ryanbinns/ttwatch/tree/master/ttbin
 # From: Daniel Lenski
 0	byte	0x20
 >1	leshort	0x0007
@@ -17568,7 +19690,7 @@
 #
 # MARC21 formats are for the representation and communication
 # of bibliographic and related information in machine-readable
-# form.  For more info, see http://www.loc.gov/marc/
+# form.  For more info, see https://www.loc.gov/marc/
 
 
 # leader position 20-21 must be 45
@@ -17682,10 +19804,10 @@
 
 
 #------------------------------------------------------------------------------
-# $File: matroska,v 1.8 2013/02/08 17:25:16 christos Exp $
+# $File: matroska,v 1.9 2019/04/19 00:42:27 christos Exp $
 # matroska:  file(1) magic for Matroska files
 #
-# See http://www.matroska.org/
+# See https://www.matroska.org/
 #
 
 # EBML id:
@@ -17737,7 +19859,7 @@
 >5	byte		3		keymode: MD5 hash
 
 #------------------------------------------------------------------------------
-# $File: measure,v 1.1 2017/11/28 14:01:14 christos Exp $
+# $File: measure,v 1.2 2018/06/23 16:13:15 christos Exp $
 # measure: file(1) magic for measurement data
 
 # DIY-Thermocam raw data
@@ -17745,40 +19867,40 @@
 >0	beshort	x	scale %d-
 >2	beshort x	\b%d,
 >4	lefloat	x	spot sensor temperature %f,
->9	byte	0	unit celsius,
->9	byte	1	unit fahrenheit,
->8	byte	x	color scheme %d
->10	byte	1	\b, show spot sensor
->11	byte	1	\b, show scale bar
->12	byte	&1	\b, minimum point enabled
->12	byte	&2	\b, maximum point enabled
+>9	ubyte	0	unit celsius,
+>9	ubyte	1	unit fahrenheit,
+>8	ubyte	x	color scheme %d
+>10	ubyte	1	\b, show spot sensor
+>11	ubyte	1	\b, show scale bar
+>12	ubyte	&1	\b, minimum point enabled
+>12	ubyte	&2	\b, maximum point enabled
 >13	lefloat	x	\b, calibration: offset %f,
 >17	lefloat x	slope %f
 
 0	name	diy-thermocam-checker
->9	byte	<2
->>10	byte	<2
->>>11	byte	<2
->>>>12	byte	<4
+>9	ubyte	<2
+>>10	ubyte	<2
+>>>11	ubyte	<2
+>>>>12	ubyte	<4
 >>>>>17	lefloat	>0.0001	DIY-Thermocam raw data
 
 # V2 and Leption 3.x:
-38408	byte	<19
+38408	ubyte	<19
 >38400	use	diy-thermocam-checker
 >>38400	default x	(Lepton 3.x),
 >>>38400	use	diy-thermocam-parser
 
 # V1 or Lepton 2.x
-9608	byte	<19
+9608	ubyte	<19
 >9600	use	diy-thermocam-checker
 >>9600	default	x	(Lepton 2.x),
 >>>9600	use	diy-thermocam-parser
 
 
 #------------------------------------------------------------------------------
-# $File: mercurial,v 1.4 2009/09/19 16:28:10 christos Exp $
+# $File: mercurial,v 1.5 2019/04/19 00:42:27 christos Exp $
 # mercurial:  file(1) magic for Mercurial changeset bundles
-# http://www.selenic.com/mercurial/wiki/
+# https://www.selenic.com/mercurial/wiki/
 #
 # Jesse Glick (jesse.glick@sun.com)
 #
@@ -17789,10 +19911,10 @@
 >4	string		BZ		(bzip2 compressed)
 
 #------------------------------------------------------------------------------
-# $File: metastore,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: metastore,v 1.3 2019/04/19 00:42:27 christos Exp $
 # metastore:  file(1) magic for metastore files
 # From: Thomas Wissen
-# see http://david.hardeman.nu/software.php#metastore
+# see https://david.hardeman.nu/software.php#metastore
 0	string		MeTaSt00r3	Metastore data file,
 >10	bequad		x		version %0llx
 
@@ -17846,10 +19968,10 @@
 >7	byte	=2	Gridded binary (GRIB) version 2
 
 #------------------------------------------------------------------------------
-# $File: microfocus,v 1.2 2017/03/17 21:35:28 christos Exp $
+# $File: microfocus,v 1.3 2019/04/19 00:42:27 christos Exp $
 # Micro Focus COBOL data files.
 
-# http://documentation.microfocus.com/help/index.jsp?topic=\
+# https://documentation.microfocus.com/help/index.jsp?topic=\
 # %2FGUID-0E0191D8-C39A-44D1-BA4C-D67107BAF784%2FHRFLRHFILE05.html
 # http://www.cobolproducts.com/datafile/data-viewer.html
 # https://github.com/miracle2k/mfcobol-export
@@ -18004,7 +20126,7 @@
 0	long	31415		Mirage Assembler m.out executable
 
 #-----------------------------------------------------------------------------
-# $File: misctools,v 1.17 2017/03/17 21:35:28 christos Exp $
+# $File: misctools,v 1.18 2019/04/19 00:42:27 christos Exp $
 # misctools:  file(1) magic for miscellaneous UNIX tools.
 #
 0	search/1	%%!!			X-Post-It-Note text
@@ -18012,7 +20134,7 @@
 !:mime	text/calendar
 # updated by Joerg Jenderek at Apr 2015
 # Extension: .vcf
-# http://en.wikipedia.org/wiki/VCard
+# https://en.wikipedia.org/wiki/VCard
 0	string/c	BEGIN:VCARD		vCard visiting card
 # deprecated
 #!:mime	text/x-vcard
@@ -18040,7 +20162,7 @@
 # "Windows Minidump" by TrID
 # ./misctools (version 5.25) labeled the entry as "MDMP crash report data"
 0	string		MDMP					Mini DuMP crash report
-# http://filext.com/file-extension/DMP
+# https://filext.com/file-extension/DMP
 !:mime	application/x-dmp
 !:ext	dmp/mdmp
 # The high-order word is an internal value that is implementation specific.
@@ -18094,7 +20216,7 @@
 0	string	\001\001\001\001	MMDF mailbox
 
 #------------------------------------------------------------------------------
-# $File: modem,v 1.8 2017/03/17 21:35:28 christos Exp $
+# $File: modem,v 1.9 2019/04/19 00:42:27 christos Exp $
 # modem:  file(1) magic for modem programs
 #
 # From: Florian La Roche <florian@knorke.saar.de>
@@ -18105,7 +20227,7 @@
 # Summary: CCITT Group 3 Facsimile in "raw" form (i.e. no header).
 # Modified by: Joerg Jenderek
 # URL: https://de.wikipedia.org/wiki/Fax
-# Reference: http://web.archive.org/web/20020628195336/http://www.netnam.vn/unescocourse/computervision/104.htm
+# Reference: https://web.archive.org/web/20020628195336/http://www.netnam.vn/unescocourse/computervision/104.htm
 # GRR: EOL of G3 is too general as it catches also TrueType fonts, Postscript PrinterFontMetric, others
 0	short		0x0100
 # 16 0-bits near beginning like True Type fonts *.ttf, Postscript PrinterFontMetric *.pfm, FTYPE.HYPERCARD, XFER
@@ -18251,14 +20373,29 @@
 >8      beshort         x               (version %04x)
 
 #------------------------------------------------------------------------------
-# $File: mozilla,v 1.8 2018/01/17 12:08:36 christos Exp $
+# $File: mozilla,v 1.10 2019/04/19 00:42:27 christos Exp $
 # mozilla:  file(1) magic for Mozilla XUL fastload files
 # (XUL.mfasl and XPC.mfasl)
-# URL:	http://www.mozilla.org/
+# URL:	https://www.mozilla.org/
 # From:	Josh Triplett <josh@freedesktop.org>
 
 0	string	XPCOM\nMozFASL\r\n\x1A		Mozilla XUL fastload data
+# Probably the next magic line contains misspelled "mozLz40\0"
 0	string	mozLz4a				Mozilla lz4 compressed bookmark data
+# From: Joerg Jenderek
+# URL: https://lz4.github.io/lz4/
+# Reference: https://github.com/avih/dejsonlz4/archive/master.zip/
+# dejsonlz4-master\src\dejsonlz4.c 
+# Note: mostly JSON compressed with a non-standard LZ4 header
+# can be unpacked by dejsonlz4 but not lz4 programm.
+0	string	mozLz40\0			Mozilla lz4 compressed data
+!:mime	application/x-lz4+json
+# mozlz4 extension seems to be used for search/store, while jsonlz4 for bookmarks
+!:ext	jsonlz4/mozlz4
+# decomp_size
+>8	ulelong	x				\b, originally %u bytes
+# lz4 data
+#>12	ubequad	x				\b, lz4 data 0x%16.16llx
 
 # From: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/Firefox_4
@@ -18273,7 +20410,7 @@
 #>4	use	zip-dir-entry
 
 #------------------------------------------------------------------------------
-# $File: msdos,v 1.121 2017/10/27 21:43:23 christos Exp $
+# $File: msdos,v 1.128 2019/04/19 00:42:27 christos Exp $
 # msdos:  file(1) magic for MS-DOS files
 #
 
@@ -18282,12 +20419,16 @@
 0	string/t	@
 >1	string/cW	\ echo\ off	DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	echo\ off	DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	rem		DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 >1	string/cW	set\ 		DOS batch file text
 !:mime	text/x-msdos-batch
+!:ext	bat
 
 
 # OS/2 batch files are REXX. the second regex is a bit generic, oh well
@@ -18322,6 +20463,9 @@
 # All non-DOS EXE extensions have the relocation table more than 0x40 bytes into the file.
 >0x18	leshort <0x40 MS-DOS executable
 !:mime	application/x-dosexec
+# Windows and later versions of DOS will allow .EXEs to be named with a .COM
+# extension, mostly for compatibility's sake.
+!:ext	exe/com
 # These traditional tests usually work but not always.  When test quality support is
 # implemented these can be turned on.
 #>>0x18	leshort	0x1c	(Borland compiler)
@@ -18340,9 +20484,33 @@
 >>>(0x3c.l+24)	default		x	Unknown PE signature
 >>>>&0 		leshort		x	0x%x
 >>>(0x3c.l+22)	leshort&0x2000	>0	(DLL)
->>>(0x3c.l+92)	leshort		1	(native)
->>>(0x3c.l+92)	leshort		2	(GUI)
->>>(0x3c.l+92)	leshort		3	(console)
+>>>(0x3c.l+92)	leshort		1
+# Native PEs include ntoskrnl.exe, hal.dll, smss.exe, autochk.exe, and all the
+# drivers in Windows/System32/drivers/*.sys.
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(native)
+!:ext	dll/sys
+>>>>(0x3c.l+22)	leshort&0x2000	0	(native)
+!:ext	exe/sys
+>>>(0x3c.l+92)	leshort		2
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(GUI)
+# These could probably be at least partially distinguished from one another by
+# looking for specific exported functions.
+# CPL: Control Panel item
+# TLB: Type library
+# OCX: OLE/ActiveX control
+# ACM: Audio compression manager codec
+# AX: DirectShow source filter
+# IME: Input method editor
+!:ext	dll/cpl/tlb/ocx/acm/ax/ime
+>>>>(0x3c.l+22)	leshort&0x2000	0	(GUI)
+# Screen savers typically include code from the scrnsave.lib static library, but
+# that's not guaranteed.
+!:ext	exe/scr
+>>>(0x3c.l+92)	leshort		3
+>>>>(0x3c.l+22)	leshort&0x2000	>0	(console)
+!:ext	dll/cpl/tlb/ocx/acm/ax/ime
+>>>>(0x3c.l+22)	leshort&0x2000	0	(console)
+!:ext	exe/com
 >>>(0x3c.l+92)	leshort		7	(POSIX)
 >>>(0x3c.l+92)	leshort		9	(Windows CE)
 >>>(0x3c.l+92)	leshort		10	(EFI application)
@@ -18424,8 +20592,16 @@
 >>>(0x3c.l+0x36)	default		x
 >>>>(0x3c.l+0x36)	byte		x (unknown OS %x)
 >>>(0x3c.l+0x36)	byte		0x81 for MS-DOS, Phar Lap DOS extender
->>>(0x3c.l+0x0c)	leshort&0x8003	0x8002 (DLL)
->>>(0x3c.l+0x0c)	leshort&0x8003	0x8001 (driver)
+>>>(0x3c.l+0x0c)	leshort&0x8000	0x8000 (DLL or font)
+# DRV: Driver
+# 3GR: Grabber device driver
+# CPL: Control Panel Item
+# VBX: Visual Basic Extension
+# FON: Bitmap font
+# FOT: Font resource file
+!:ext	dll/drv/3gr/cpl/vbx/fon/fot
+>>>(0x3c.l+0x0c)	leshort&0x8000	0 (EXE)
+!:ext	exe/scr
 >>>&(&0x24.s-1)		string		ARJSFX \b, ARJ self-extracting archive
 >>>(0x3c.l+0x70)	search/0x80	WinZip(R)\ Self-Extractor \b, ZIP self-extracting archive (WinZip)
 
@@ -18472,6 +20648,11 @@
 >>>(0x3c.l+0x0a)	leshort		2 for MS Windows
 >>>(0x3c.l+0x0a)	leshort		3 for DOS
 >>>(0x3c.l+0x0a)	leshort		4 for MS Windows (VxD)
+# VXD: VxD for Windows 95/98/Me
+# 386: VxD for Windows 2.10, 3.0, 3.1x
+# PDR: Port driver
+# MPD: Miniport driver (?)
+!:ext	vxd/386/pdr/mpd
 >>>(&0x7c.l+0x26)	string		UPX \b, UPX compressed
 >>>&(&0x54.l-3)		string		UNACE \b, ACE self-extracting archive
 
@@ -18480,6 +20661,7 @@
 >>0x3c		lelong	>0x20000000
 >>>(4.s*512)	leshort !0x014c \b, MZ for MS-DOS
 !:mime	application/x-dosexec
+!:ext	exe/com
 # header data too small for extended executable
 >2		long	!0
 >>0x18		leshort <0x40
@@ -18578,8 +20760,8 @@
 >>49824 leshort		=1			\b, 1 file
 >>49824 leshort		>1			\b, %u files
 
-# added by Joerg Jenderek of http://www.freedos.org/software/?prog=kc
-# and http://www.freedos.org/software/?prog=kpdos
+# added by Joerg Jenderek of https://www.freedos.org/software/?prog=kc
+# and https://www.freedos.org/software/?prog=kpdos
 # for FreeDOS files like KEYBOARD.SYS, KEYBRD2.SYS, KEYBRD3.SYS, *.KBD
 0	string/b	KCF		FreeDOS KEYBoard Layout collection
 # only version=0x100 found
@@ -18721,6 +20903,8 @@
 
 0       name    msdos-com
 >0  byte        x               DOS executable (COM)
+!:mime	application/x-dosexec
+!:ext	com
 >6	string		SFX\ of\ LHarc	\b, %s
 >0x1FE leshort	0xAA55		    \b, boot code
 >85	string		UPX		        \b, UPX compressed
@@ -18757,11 +20941,11 @@
 # modified by Joerg Jenderek
 # syslinux COM32 or COM32R executable
 >>1	lelong&0xFFFFFFFe 0x21CD4CFe	COM executable (32-bit COMBOOT
-# http://www.syslinux.org/wiki/index.php/Comboot_API
+# https://www.syslinux.org/wiki/index.php/Comboot_API
 # Since version 5.00 c32 modules switched from the COM32 object format to ELF
 !:mime	application/x-c32-comboot-syslinux-exec
 !:ext c32
-# http://syslinux.zytor.com/comboot.php
+# https://syslinux.zytor.com/comboot.php
 # older syslinux version ( <4 )
 # (32-bit COMBOOT) programs *.C32 contain 32-bit code and run in flat-memory 32-bit protected mode
 # start with assembler instructions mov eax,21cd4cffh
@@ -18787,41 +20971,75 @@
 0	string/b	\x81\xfc
 >4	string	\x77\x02\xcd\x20\xb9
 >>36	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 252	string Must\ have\ DOS\ version DR-DOS executable (COM)
+!:mime	application/x-dosexec
+!:ext	com
 # added by Joerg Jenderek at Oct 2008
 # GRR search is not working
 #34	search/2	UPX!		FREE-DOS executable (COM), UPX compressed
 34	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 35	string	UPX!			FREE-DOS executable (COM), UPX compressed
+!:mime	application/x-dosexec
+!:ext	com
 # GRR search is not working
 #2	search/28	\xcd\x21	COM executable for MS-DOS
 #WHICHFAT.cOM
 2	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #DELTREE.cOM DELTREE2.cOM
 4	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #IFMEMDSK.cOM ASSIGN.cOM COMP.cOM
 5	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #DELTMP.COm HASFAT32.cOM
 7	string	\xcd\x21
 >0	byte	!0xb8			COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #COMP.cOM MORE.COm
 10	string	\xcd\x21
 >5	string	!\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #comecho.com
 13	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 #HELP.COm EDIT.coM
 18	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #NWRPLTRM.COm
 23	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #LOADFIX.cOm LOADFIX.cOm
 30	string	\xcd\x21		COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 #syslinux.com 3.11
 70	string	\xcd\x21		COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 # many compressed/converted COMs start with a copy loop instead of a jump
 0x6	search/0xa	\xfc\x57\xf3\xa5\xc3	COM executable for MS-DOS
+!:mime	application/x-dosexec
+!:ext	com
 0x6	search/0xa	\xfc\x57\xf3\xa4\xc3	COM executable for DOS
+!:mime	application/x-dosexec
+!:ext	com
 >0x18	search/0x10	\x50\xa4\xff\xd5\x73	\b, aPack compressed
 0x3c	string		W\ Collis\0\0		COM executable for MS-DOS, Compack compressed
+!:mime	application/x-dosexec
+!:ext	com
 # FIXME: missing diet .com compression
 
 # miscellaneous formats
@@ -19065,10 +21283,16 @@
 #0	string	Nullsoft\ AVS\ Preset\ \060\056\061\032 A plug in for Winamp ms-windows Freeware media player
 0	string/b	Nullsoft\ AVS\ Preset\ 	Winamp plug in
 
-# Windows Metafont .WMF
-0	string/b	\327\315\306\232	ms-windows metafont .wmf
-0	string/b	\002\000\011\000	ms-windows metafont .wmf
-0	string/b	\001\000\011\000	ms-windows metafont .wmf
+# Windows Metafile .WMF
+0	string/b	\327\315\306\232	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
+0	string/b	\002\000\011\000	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
+0	string/b	\001\000\011\000	Windows metafile
+!:mime	image/wmf
+!:ext	wmf
 
 #tz3 files whatever that is (MS Works files)
 0	string/b	\003\001\001\004\070\001\000\000	tz3 ms-works file
@@ -19110,8 +21334,9 @@
 # skip remaining worksheets, because valid only for DIB image (40) or PNG image (\x89PNG)
 >>(18.l)	ulelong		x		MS Windows
 >>>0		ubelong		0x00000100	icon resource
-#!:mime		image/vnd.microsoft.icon
-!:mime		image/x-icon
+# https://www.iana.org/assignments/media-types/image/vnd.microsoft.icon
+!:mime		image/vnd.microsoft.icon
+#!:mime		image/x-icon
 !:ext		ico
 >>>>4 		uleshort	x		- %d icon
 # plural s
@@ -19157,7 +21382,8 @@
 #>12		ulelong		x		\b, offset 0x%x
 # PNG header (\x89PNG)
 >(12.l)		ubelong		=0x89504e47
->>&-4		indirect	x	\b with
+# 1 space char after "with" to get phrase "with PNG image" by magic in ./images
+>>&-4		indirect	x	\b with 
 # DIB image
 >(12.l)		ubelong		!0x89504e47
 #>>&-4		use     	dib-image
@@ -19226,10 +21452,11 @@
 0	lelong		0x4C
 >4	lelong		0x00021401	Windows shortcut file
 
-# .PIF files added by Joerg Jenderek from http://smsoft.ru/en/pifdoc.htm
+# .PIF files added by Joerg Jenderek from https://smsoft.ru/en/pifdoc.htm
 # only for windows versions equal or greater 3.0
 0x171	string	MICROSOFT\ PIFEX\0	Windows Program Information File
 !:mime	application/x-dosexec
+!:ext	pif
 #>2	string	 	>\0		\b, Title:%.30s
 >0x24	string		>\0		\b for %.63s
 >0x65	string		>\0		\b, directory=%.64s
@@ -19277,7 +21504,7 @@
 
 # Norton Guide (.NG , .HLP) files added by Joerg Jenderek from source NG2HTML.C
 # of http://www.davep.org/norton-guides/ng2h-105.tgz
-# http://en.wikipedia.org/wiki/Norton_Guides
+# https://en.wikipedia.org/wiki/Norton_Guides
 0	string		NG\0\001
 # only value 0x100 found at offset 2
 >2	ulelong		0x00000100	Norton Guide
@@ -19289,7 +21516,7 @@
 >>114	string		>\0		%-.66s
 
 # 4DOS help (.HLP) files added by Joerg Jenderek from source TPHELP.PAS
-# of http://www.4dos.info/
+# of https://www.4dos.info/
 # pointer,HelpID[8]=4DHnnnmm
 0	ulelong	0x48443408		4DOS help file
 >4	string	x			\b, version %-4.4s
@@ -19305,12 +21532,246 @@
 
 #------------------------------------------------------------------------------
 # From Stuart Caie <kyzer@4u.net> (developer of cabextract)
+# Update: Joerg Jenderek
+# URL: https://en.wikipedia.org/wiki/Cabinet_(file_format)
+# Reference: https://msdn.microsoft.com/en-us/library/bb267310.aspx
+# Note: verified by `7z l *.cab`
 # Microsoft Cabinet files
 0	string/b	MSCF\0\0\0\0	Microsoft Cabinet archive data
-!:mime application/vnd.ms-cab-compressed
->8	lelong		x		\b, %u bytes
->28	leshort		1		\b, 1 file
->28	leshort		>1		\b, %u files
+#
+# https://support.microsoft.com/en-us/help/973559/frequently-asked-questions-about-the-microsoft-support-diagnostic-tool
+# CAB with *.{diagcfg,diagpkg} is used by Microsoft Support Diagnostic Tool MSDT.EXE
+# because some archive does not have *.diag* as 1st or 2nd archive member like
+# O15CTRRemove.diagcab or AzureStorageAnalyticsLogs_global.DiagCab
+# brute looking after header for filenames with diagcfg or diagpkg extension in CFFILE section
+>0x2c	search/980/c	.diag		\b, Diagnostic
+!:mime	application/vnd.ms-cab-compressed
+!:ext	diagcab
+# http://fileformats.archiveteam.org/wiki/PUZ
+# Microsoft Publisher version about 2003 has a "Pack and Go" feature that
+# bundles a Publisher document *PNG.pub with all links into a CAB
+>0x2c	search/300/c	png.pub\0		\b, Publisher Packed and Go
+!:mime	application/vnd.ms-cab-compressed
+!:ext	puz
+# ppz variant with Microsoft PowerPoint Viewer ppview32.exe to play PowerPoint presentation
+>0x2c	search/17/c	ppview32.exe\0		\b, PowerPoint Viewer Packed and Go
+!:mime	application/vnd.ms-powerpoint
+#!:mime	application/mspowerpoint
+!:ext	ppz
+# http://www.incredimail.com/
+# IncrediMail CAB contains an initialisation file "content.ini" like in im2.ims
+>0x2c	search/3369/c	content.ini\0	\b, IncrediMail
+!:mime	application/x-incredimail
+# member Flavor.htm implies IncrediMail ecard like in tell_a_friend.imf
+>>0x2c	search/83/c	Flavor.htm\0	ecard
+!:ext	imf
+# member Macromedia Flash data *.swf implies IncrediMail skin like in im2.ims
+>>0x2c	search/211/c	.swf\0		skin
+!:ext	ims
+# member anim.im3 implies IncrediMail animation like in letter_fold.ima 
+>>0x2c	search/92/c	anim.im3\0	animation
+!:ext	ima
+# other IncrediMail cab archive
+>>0x2c	default		x
+>>>0x2c	search/116/c	thumb		ecard, image, notifier or skin
+!:ext	imf/imi/imn/ims
+# http://file-extension.net/seeker/file_extension_ime
+>>>0x2c	default		x		emoticons or sound
+!:ext	ime/imw
+# no Diagnostic and IncrediMail
+>0x2c	default		x
+# look for 1st member name
+>>(16.l+16)	ubyte	x
+# https://en.wikipedia.org/wiki/SNP_file_format
+>>>&-1	string/c 	_accrpt_.snp	\b, Access report snapshot
+!:mime	application/msaccess
+!:ext	snp
+# https://www.cabextract.org.uk/wince_cab_format/
+# extension of DOS 8+3 name with ".000" of 1st archive member name implies Windows CE installer
+>>>&7	string 		=.000		\b, WinCE install
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+
+# https://support.microsoft.com/kb/934307/en-US
+# All inspected MSU contain a file with name WSUSSCAN.cab
+# that is called "Windows Update meta data" by Microsoft
+>>>&-1	string/c 	wsusscan.cab	\b, Microsoft Standalone Update
+!:mime	application/vnd.ms-cab-compressed
+!:ext	msu
+>>>&-1	default		x
+# look at point charcter of 1st archive member name for file name extension
+>>>>&-1	search/255 	.
+# http://www.pptfaq.com/FAQ00164_What_is_a_PPZ_file-.htm
+# PPZ were created using Pack & Go feature of PowerPoint versions 97 - 2002
+# packs optional files, a PowerPoint presentation *.ppt with optional PLAYLIST.LST to CAB
+>>>>>&0	string/c	ppt\0		\b, PowerPoint Packed and Go
+!:mime	application/vnd.ms-powerpoint
+#!:mime	application/mspowerpoint
+!:ext	ppz
+# https://msdn.microsoft.com/en-us/library/windows/desktop/bb773190(v=vs.85).aspx
+# first member *.theme implies Windows 7 Theme Pack like in CommunityShowcaseAqua3.themepack
+# or Windows 8 Desktop Theme Pack like in PanoramicGlaciers.deskthemepack
+>>>>>&0	string/c	theme		\b, Windows
+!:mime	application/x-windows-themepack
+# https://www.drewkeller.com/content/using-theme-both-windows-7-and-windows-8
+# 1st member Panoramic.theme or Panoramas.theme implies Windows 8-10 Theme Pack
+# with MTSM=RJSPBS in [MasterThemeSelector] inside *.theme
+>>>>>>(16.l+16)	string	=Panoram	8
+!:ext	deskthemepack
+>>>>>>(16.l+16)	string	!Panoram	7 or 8
+!:ext	themepack/deskthemepack
+>>>>>>(16.l+16)	ubyte	x		Theme Pack
+>>>>>&0	default		x
+# look for null terminator of 1st member name
+>>>>>>&0	search/255 	\0
+# 2nd member name WSUSSCAN.cab like in Microsoft-Windows-MediaFeaturePack-OOB-Package.msu
+>>>>>>>&16	string/c 	wsusscan.cab	\b, Microsoft Standalone Update
+!:mime	application/vnd.ms-cab-compressed
+!:ext	msu
+>>>>>>>&16	default	x
+# archive with more then one file need some output in version 5.32 to avoid error message like
+# Magdir/msdos, 1138: Warning: Current entry does not yet have a description for adding a MIME type
+# Magdir/msdos, 1139: Warning: Current entry does not yet have a description for adding a EXTENSION type
+# file: could not find any valid magic files!
+>>>>>>>>28	uleshort	>1	\b, many
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+# remaining archives with just one file
+>>>>>>>>28	uleshort	=1
+# neither extra bytes nor cab chain implies Windows 2000,XP setup files in directory i386
+>>>>>>>>>30	uleshort	=0x0000	\b, Windows 2000/XP setup
+# cut of last char of source extension and add underscore to generate extension
+# TERMCAP._ ... FXSCOUNT.H_ ... L3CODECA.AC_ ... NPDRMV2.ZI_
+!:mime	application/vnd.ms-cab-compressed
+!:ext	_/?_/??_
+# archive need some output like "single" in version 5.32 to avoid error messages
+>>>>>>>>>30	uleshort	!0x0000	\b, single
+!:mime	application/vnd.ms-cab-compressed
+!:ext	cab
+# TODO: additional extensions like
+# .xsn	InfoPath Dynamic Form
+# .xtp	InfoPath Template Part
+# .lvf	Logitech Video Effects Face Accessory
+>8	ulelong		x		\b, %u bytes
+>28	uleshort		1		\b, 1 file
+>28	uleshort		>1		\b, %u files
+# Reserved fields, set to zero
+#>4	belong		!0		\b, reserved1 %x
+#>12	belong		!0		\b, reserved2 %x
+# offset of the first CFFILE entry coffFiles: minimal 2Ch
+>16	ulelong		x		\b, at 0x%x
+>(16.l)	use		cab-file
+# at least also 2nd member
+>28	uleshort		>1
+>>(16.l+16)	ubyte	x
+>>>&0	search/255 	\0
+# second member info
+>>>>&0	use		cab-file
+#>20	belong		!0		\b, reserved %x
+# Cabinet file format version. Currently, versionMajor = 1 and versionMinor = 3
+>24	ubeshort	!0x0301		\b version 0x%x
+# number of CFFOLDER entries
+>26	uleshort	>1		\b, %u cffolders
+# cabinet file option indicators 1~PREVIOUS, 2~NEXT, 4~reserved fields
+# only found for flags 0 1 2 3 4 not 7
+>30	uleshort	>0		\b, flags 0x%x
+# Cabinet files have a 16-bit cabinet setID field that is designed for application use.
+# default is zero, however, the -i option of cabarc can be used to set this field
+>32	uleshort	>0		\b, ID %u
+# iCabinet is number of this cabinet file in a set, where 0 for the first cabinet
+#>34	uleshort	x		\b, iCabinet %u
+# add one for display because humans start numbering by 1 and also fit to name of disk szDisk*
+>34	uleshort+1	x		\b, number %u
+>30	uleshort	&0x0004		\b, extra bytes
+# cbCFHeader optional size of per-cabinet reserved area 14h 1800h
+>>36	uleshort	>0		%u in head
+# cbCFFolder is optional size of per-folder reserved area
+>>38	ubyte		>0		%u in folder
+# cbCFData is optional size of per-datablock reserved area
+>>39	ubyte		>0		%u in data block
+# optional per-cabinet reserved area abReserve[cbCFHeader]
+>>36	uleshort	>0
+# 1st CFFOLDER after reserved area in header
+>>>(36.s+40)	use			cab-folder
+# no reserved area in header
+>30	uleshort	^0x0004
+# no previous and next cab archive
+>>30	uleshort		=0x0000
+>>>36	use				cab-folder
+# only previous cab archive
+>>30	uleshort		=0x0001	\b, previous
+>>>36	use				cab-anchor
+# only next cab archive
+>>30	uleshort		=0x0002	\b, next
+>>>36	use				cab-anchor
+# previous+next cab archive
+# can not use sub routine cab-anchor to display previous and next cabinet together
+#>>>36	use				cab-anchor
+#>>>>&0	use				cab-anchor
+>>30	uleshort		=0x0003	\b, previous
+>>>36	string		x		%s
+# optional name of previous disk szDisk*
+>>>>&1	string		x		disk %s
+>>>>>&1	string		x		\b, next %s
+# optional name of previous disk szDisk*
+>>>>>>&1	string		x	disk %s
+>>>>>>>&1	use			cab-folder
+#	display filename and disk name of previous or next cabinet
+0       name    			cab-anchor
+# optional name of previous/next cabinet file szCabinet*[255]
+>&0	string		x		%s
+# optional name of previous/next disk szDisk*[255]
+>>&1	string		x		disk %s
+#	display folder structure CFFOLDER information like compression of cabinet
+0       name    			cab-folder
+# offset of the CFDATA block in this folder
+#>0	ulelong		x		\b, coffCabStart 0x%x
+# number of CFDATA blocks in folder
+>4	uleshort	x		\b, %u datablock
+# plural s
+>4	uleshort	>1		\bs
+# compression typeCompress: 0~None 1~MSZIP 0x1503~LZX:21 0x1003~LZX:16 0x0f03~LZX:15
+>6	uleshort	x		\b, 0x%x compression
+# optional per-folder reserved area
+#>8	ubequad		x		\b, abReserve 0x%llx
+#	display member structure CFFILE information like member name of cabinet
+0       name    			cab-file
+# cbFile is uncompressed size of file in bytes 
+#>0	ulelong		x		\b, cbFile %u
+# uoffFolderStart is uncompressed offset of file in folder
+#>4	ulelong		>0		\b, uoffFolderStart 0x%x
+# iFolder is index into the CFFOLDER area. 0 indicates first folder in cabinet
+# define ifoldCONTINUED_FROM_PREV      (0xFFFD)
+# define ifoldCONTINUED_TO_NEXT        (0xFFFE)
+# define ifoldCONTINUED_PREV_AND_NEXT  (0xFFFF)
+>8	uleshort	>0		\b, iFolder 0x%x
+# date stamp for file
+#>10	uleshort	x		\b, date 0x%x
+# time stamp for file
+#>12	uleshort	x		\b, time 0x%x
+# attribs is attribute flags for file
+# define  _A_RDONLY       (0x01)  file is read-only
+# define  _A_HIDDEN       (0x02)  file is hidden
+# define  _A_SYSTEM       (0x04)  file is a system file
+# define  _A_ARCH         (0x20)  file modified since last backup
+# example http://sebastien.kirche.free.fr/pebuilder_plugins/depends.cab
+# define  _A_EXEC         (0x40)  run after extraction
+# define  _A_NAME_IS_UTF  (0x80)  szName[] contains UTF
+# define  UNKNOWN       (0x0100)  undocumented or accident
+#>14	uleshort	x		\b, attribs 0x%x
+>14	uleshort	>0		+
+>>14	uleshort	&0x0001		\bR
+>>14	uleshort	&0x0002		\bH
+>>14	uleshort	&0x0004		\bS
+>>14	uleshort	&0x0020		\bA
+>>14	uleshort	&0x0040		\bX
+>>14	uleshort	&0x0080		\bUtf
+# unknown 0x0100 flag found on one XP_CD:\I386\DRIVER.CAB
+>>14	uleshort	&0x0100		\b?
+# szName is name of archive member
+>16	string		x		"%s"
+# next archive member name if more files
+#>>&17	string		>\0		\b, NEXT NAME %-.50s
 
 # InstallShield Cabinet files
 0	string/b	ISc(		InstallShield Cabinet archive data
@@ -19361,16 +21822,8 @@
 >5	byte   <2
 >>48	string x			version %.3s
 
-# Type: Microsoft DirectDraw Surface
-# URL:	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/directx9_c/directx/graphics/reference/DDSFileReference/ddsfileformat.asp
-# From: Morten Hustveit <morten@debian.org>
-0	string/b	DDS\040\174\000\000\000 Microsoft DirectDraw Surface (DDS),
->16	lelong	>0			%d x
->12	lelong	>0			%d,
->84	string	x			%.4s
-
 # Type: Microsoft Document Imaging Format (.mdi)
-# URL:	http://en.wikipedia.org/wiki/Microsoft_Document_Imaging_Format
+# URL:	https://en.wikipedia.org/wiki/Microsoft_Document_Imaging_Format
 # From: Daniele Sempione <scrows@oziosi.org>
 # Too weak (EP)
 #0	short	0x5045			Microsoft Document Imaging Format
@@ -19384,10 +21837,6 @@
 # From: Dr. Jesus <j@hug.gs>
 0	string/b	B000FF\n	Windows Embedded CE binary image
 
-# Windows Imaging (WIM) Image
-0	string/b	MSWIM\000\000\000	Windows imaging (WIM) image
-0	string/b	WLPWM\000\000\000	Windows imaging (WIM) image, wimlib pipable format
-
 # The second byte of these signatures is a file version; I don't know what,
 # if anything, produced files with version numbers 0-2.
 # From: John Elliott <johne@seasip.demon.co.uk>
@@ -19464,7 +21913,7 @@
 # concatenated.
 
 #------------------------------------------------------------------------------
-# $File: msooxml,v 1.7 2018/03/12 12:38:59 christos Exp $
+# $File: msooxml,v 1.12 2019/04/19 00:42:27 christos Exp $
 # msooxml:  file(1) magic for Microsoft Office XML
 # From: Ralf Brown <ralf.brown@gmail.com>
 
@@ -19488,26 +21937,28 @@
 0		string		PK\003\004
 !:strength +10
 # make sure the first file is correct
->0x1E		regex		\\[Content_Types\\]\\.xml|_rels/\\.rels
+>0x1E		use		msooxml
+>0x1E		regex		\\[Content_Types\\]\\.xml|_rels/\\.rels|docProps
 # skip to the second local file header
 # since some documents include a 520-byte extra field following the file
 # header, we need to scan for the next header
->>(18.l+49)	search/2000	PK\003\004
+>>(18.l+49)	search/6000	PK\003\004
 # now skip to the *third* local file header; again, we need to scan due to a
 # 520-byte extra field following the file header
->>>&26		search/1000	PK\003\004
+>>>&26		search/6000	PK\003\004
 # and check the subdirectory name to determine which type of OOXML
 # file we have.  Correct the mimetype with the registered ones:
-# http://technet.microsoft.com/en-us/library/cc179224.aspx
+# https://technet.microsoft.com/en-us/library/cc179224.aspx
 >>>>&26		use		msooxml	
 >>>>&26		default		x
 # OpenOffice/Libreoffice orders ZIP entry differently, so check the 4th file
->>>>>&26	search/1000	PK\003\004
+>>>>>&26	search/6000	PK\003\004
 >>>>>>&26	use		msooxml	
 >>>>>>&26	default		x		Microsoft OOXML
+>>>>>&26	default		x		Microsoft OOXML
 
 #------------------------------------------------------------------------------
-# $File: msvc,v 1.9 2017/08/02 08:15:20 christos Exp $
+# $File: msvc,v 1.10 2018/10/01 19:14:03 christos Exp $
 # msvc:  file(1) magic for msvc
 # "H. Nanosecond" <aldomel@ix.netcom.com>
 # Microsoft visual C
@@ -19562,7 +22013,7 @@
 >>>0x32	leshort	x	\b*%d bytes
 
 # Reference: https://github.com/Microsoft/vstest/pull/856/commits/fdc7a9f074ca5a8dfeec83b1be9162bf0cf4000d
-0       string/c bsjb\001\000\001\000\000\000\000\000\f\000\000\000pdb\ v1.0     Microsoft Rosyln C# debugging symbols version 1.0
+0       string/c bsjb\001\000\001\000\000\000\000\000\f\000\000\000pdb\ v1.0     Microsoft Roslyn C# debugging symbols version 1.0
 
 #.sbr
 0	string	\000\002\000\007\000	MSVC .sbr
@@ -20006,10 +22457,10 @@
 >22	   beshort		>0	- version %d
 
 #------------------------------------------------------------
-# $File: neko,v 1.1 2009/11/10 20:36:10 christos Exp $
+# $File: neko,v 1.2 2019/04/19 00:42:27 christos Exp $
 
 # From: Mikhail Gusarov <dottedmag@dottedmag.net>
-# NekoVM (http://nekovm.org/) bytecode
+# NekoVM (https://nekovm.org/) bytecode
 0	string		NEKO	NekoVM bytecode
 >4	lelong		x	(%d global symbols,
 >8	lelong		x	%d global fields,
@@ -20018,7 +22469,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: netbsd,v 1.25 2017/09/28 02:37:47 christos Exp $
+# $File: netbsd,v 1.26 2019/01/01 03:11:23 christos Exp $
 # netbsd:  file(1) magic for NetBSD objects
 #
 # All new-style magic numbers are in network byte order.
@@ -20027,184 +22478,149 @@
 # in aout.
 #
 
-0	belong&0377777777	041400413	a.out NetBSD/i386 demand paged
+0	name	netbsd-detail
+>20	lelong	x		@%#x
+>4	lelong	>0		\b+T=%d
+>8	lelong	>0		\b+D=%d
+>12	lelong	>0		\b+B=%d
+>16	lelong	>0		\b+S=%d
+>24	lelong	>0		\b+TR=%d
+>28	lelong	>0		\b+TD=%d
+
+0	name			netbsd-4096
 >0	byte			&0x80
 >>20	lelong			<4096		shared library
 >>20	lelong			=4096		dynamically linked executable
 >>20	lelong			>4096		dynamically linked executable
 >0	byte			^0x80		executable
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400410	a.out NetBSD/i386 pure
->0	byte			&0x80		dynamically linked executable
+
+0	name			netbsd-8192
+>0	byte			&0x80
+>>20	lelong			<8192		shared library
+>>20	lelong			=8192		dynamically linked executable
+>>20	lelong			>8192		dynamically linked executable
 >0	byte			^0x80		executable
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400407	a.out NetBSD/i386
+>0	use			netbsd-detail
+
+0	name			netbsd-normal
 >0	byte			&0x80		dynamically linked executable
 >0	byte			^0x80
 >>0	byte			&0x40		position independent
 >>20	lelong			!0		executable
 >>20	lelong			=0		object file
 >16	lelong			>0		not stripped
-0	belong&0377777777	041400507	a.out NetBSD/i386 core
+>0	use			netbsd-detail
+
+0	name			netbsd-pure
+>0	byte			&0x80		dynamically linked executable
+>0	byte			^0x80		executable
+>16	lelong			>0		not stripped
+>0	use			netbsd-detail
+
+0	name			netbsd-core
 >12	string			>\0		from '%s'
 >32	lelong			!0		(signal %d)
 
+0	belong&0377777777	041400413	a.out NetBSD/i386 demand paged
+>0	use			netbsd-4096
+
+0	belong&0377777777	041400410	a.out NetBSD/i386 pure
+>0	use			netbsd-pure
+
+0	belong&0377777777	041400407	a.out NetBSD/i386
+>0	use			netbsd-normal
+
+0	belong&0377777777	041400507	a.out NetBSD/i386 core
+>0	use			netbsd-core
+
 0	belong&0377777777	041600413	a.out NetBSD/m68k demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-8192
+
 0	belong&0377777777	041600410	a.out NetBSD/m68k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	041600407	a.out NetBSD/m68k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	041600507	a.out NetBSD/m68k core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042000413	a.out NetBSD/m68k4k demand paged
->0	byte			&0x80
->>20	belong			<4096		shared library
->>20	belong			=4096		dynamically linked executable
->>20	belong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-4096
+
 0	belong&0377777777	042000410	a.out NetBSD/m68k4k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042000407	a.out NetBSD/m68k4k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	042000507	a.out NetBSD/m68k4k core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042200413	a.out NetBSD/ns32532 demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	042200410	a.out NetBSD/ns32532 pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	042200407	a.out NetBSD/ns32532
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	042200507	a.out NetBSD/ns32532 core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	045200507	a.out NetBSD/powerpc core
->12	string			>\0		from '%s'
+>0	use			netbsd-core
 
 0	belong&0377777777	042400413	a.out NetBSD/SPARC demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-8192
+
 0	belong&0377777777	042400410	a.out NetBSD/SPARC pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042400407	a.out NetBSD/SPARC
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			\^netbsd-normal
+
 0	belong&0377777777	042400507	a.out NetBSD/SPARC core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			\^netbsd-core
 
 0	belong&0377777777	042600413	a.out NetBSD/pmax demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	042600410	a.out NetBSD/pmax pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			\^netbsd-pure
+
 0	belong&0377777777	042600407	a.out NetBSD/pmax
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	042600507	a.out NetBSD/pmax core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	043000413	a.out NetBSD/vax 1k demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	043000410	a.out NetBSD/vax 1k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043000407	a.out NetBSD/vax 1k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	043000507	a.out NetBSD/vax 1k core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	045400413	a.out NetBSD/vax 4k demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	045400410	a.out NetBSD/vax 4k pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	045400407	a.out NetBSD/vax 4k
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	045400507	a.out NetBSD/vax 4k core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 # NetBSD/alpha does not support (and has never supported) a.out objects,
 # so no rules are provided for them.  NetBSD/alpha ELF objects are
@@ -20217,50 +22633,31 @@
 >32	lelong			!0		(signal %d)
 
 0	belong&0377777777	043400413	a.out NetBSD/mips demand paged
->0	byte			&0x80
->>20	belong			<8192		shared library
->>20	belong			=8192		dynamically linked executable
->>20	belong			>8192		dynamically linked executable
->0	byte			^0x80		executable
+>0	use			\^netbsd-8192
+
 >16	belong			>0		not stripped
 0	belong&0377777777	043400410	a.out NetBSD/mips pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	belong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043400407	a.out NetBSD/mips
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	belong			!0		executable
->>20	belong			=0		object file
->16	belong			>0		not stripped
+>0	use			netbsd-normal
+
 0	belong&0377777777	043400507	a.out NetBSD/mips core
->12	string			>\0		from '%s'
->32	belong			!0		(signal %d)
+>0	use			netbsd-core
 
 0	belong&0377777777	043600413	a.out NetBSD/arm32 demand paged
->0	byte			&0x80
->>20	lelong			<4096		shared library
->>20	lelong			=4096		dynamically linked executable
->>20	lelong			>4096		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-4096
+
 0	belong&0377777777	043600410	a.out NetBSD/arm32 pure
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80		executable
->16	lelong			>0		not stripped
+>0	use			netbsd-pure
+
 0	belong&0377777777	043600407	a.out NetBSD/arm32
->0	byte			&0x80		dynamically linked executable
->0	byte			^0x80
->>0	byte			&0x40		position independent
->>20	lelong			!0		executable
->>20	lelong			=0		object file
->16	lelong			>0		not stripped
+>0	use			netbsd-normal
+
 # NetBSD/arm26 has always used ELF objects, but it shares a core file
 # format with NetBSD/arm32.
 0	belong&0377777777	043600507	a.out NetBSD/arm core
->12	string			>\0		from '%s'
->32	lelong			!0		(signal %d)
+>0	use			netbsd-core
 
 # Kernel core dump format
 0	belong&0x0000ffff 0x00008fca	NetBSD kernel core file
@@ -20369,9 +22766,9 @@
 8	belong		0x137A2B48	X11/NeWS font family
 
 #------------------------------------------------------------------------------
-# $File: nitpicker,v 1.7 2017/03/17 21:35:28 christos Exp $
+# $File: nitpicker,v 1.8 2019/04/19 00:42:27 christos Exp $
 # nitpicker:  file(1) magic for Flowfiles.
-# From: Christian Jachmann <C.Jachmann@gmx.net> http://www.nitpicker.de
+# From: Christian Jachmann <C.Jachmann@gmx.net> https://www.nitpicker.de
 0	string	NPFF	NItpicker Flow File
 >4	byte	x	V%d.
 >5	byte	x	%d
@@ -20382,6 +22779,15 @@
 >22	belong	x	Flows: %u
 >26	belong	x	Pkts: %u
 
+#------------------------------------------------------------------------------
+# $File: numpy,v 1.1 2019/05/09 16:24:36 christos Exp $
+# numpy: file(1) magic for NumPy array binary serialization format
+# Reference: https://docs.scipy.org/doc/numpy/reference/generated/numpy.lib.format.html
+0	string		\x93NUMPY	NumPy array,
+>6	ubyte		x		version %d
+>7	ubyte		x		\b.%d,
+>8	uleshort	x		header length %d
+
 #------------------------------------------------------------------------------
 # $File: oasis,v 1.2 2014/06/03 19:17:27 christos Exp $
 # OASIS
@@ -20415,7 +22821,7 @@
 0	string		Octave-1-B	Octave binary data (big endian)
 
 #------------------------------------------------------------------------------
-# $File: ole2compounddocs,v 1.5 2017/10/27 21:43:23 christos Exp $
+# $File: ole2compounddocs,v 1.6 2019/04/19 00:42:27 christos Exp $
 # Microsoft OLE 2 Compound Documents : file(1) magic for Microsoft Structured
 # storage (https://en.wikipedia.org/wiki/Compound_File_Binary_Format)
 # Additional tests for OLE 2 Compound Documents should be under this recipe.
@@ -20430,7 +22836,7 @@
 
 # Note: moved & merged Microsoft Office parts from ./msdos Oct 2017
 # Update: Joerg Jenderek
-# from http://filext.com by Derek M Jones <derek@knosof.co.uk>
+# from https://filext.com by Derek M Jones <derek@knosof.co.uk>
 # False positive with PPT (also currently this string is too long)
 #0	string/b	\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x3E\x00\x03\x00\xFE\xFF\x09\x00\x06	Microsoft Installer
 #0	string/b	\320\317\021\340\241\261\032\341	Microsoft Office Document
@@ -20724,7 +23130,7 @@
 0	short		0565	i386 COFF object
 
 #------------------------------------------------------------------------------
-# $File: palm,v 1.13 2014/03/30 21:40:08 christos Exp $
+# $File: palm,v 1.14 2019/04/19 00:42:27 christos Exp $
 # palm:	 file(1) magic for PalmOS {.prc,.pdb}: applications, docfiles, and hacks
 #
 # Brian Lalor <blalor@hcirisc.cs.binghamton.edu>
@@ -20867,8 +23273,8 @@
 # Palm OS .prc file types
 60		string		libr
 # flags, only bit 0 or bit 6
-# http://en.wikipedia.org/wiki/PRC_%28Palm_OS%29
-# http://web.mit.edu/tytso/www/pilot/prc-format.html
+# https://en.wikipedia.org/wiki/PRC_%28Palm_OS%29
+# https://web.mit.edu/tytso/www/pilot/prc-format.html
 >0x20		beshort&0xffbe	0
 >>0		string		>\0		Palm OS dynamic library data "%s"
 60		string		ptch		Palm OS operating system patch data
@@ -20891,9 +23297,9 @@
 >19	byte&0x02	0x00	object
 >19	byte&0x0c	0x00	not stripped
 #------------------------------------------------------------------------------
-# $File: parrot,v 1.1 2010/07/08 20:18:40 christos Exp $
+# $File: parrot,v 1.2 2019/04/19 00:42:27 christos Exp $
 # parrot: file(1) magic for Parrot Virtual Machine
-# URL:	http://www.lua.org/
+# URL:	https://www.lua.org/
 # From: Lubomir Rintel <lkundrak@v3.sk>
 
 # Compiled Parrot byte code
@@ -20924,11 +23330,11 @@
 #!:mime	text/x-pascal
 
 #------------------------------------------------------------------------------
-# $File: pbf,v 1.2 2017/01/18 16:16:21 christos Exp $
+# $File: pbf,v 1.3 2019/04/19 00:42:27 christos Exp $
 # file(1) magic(5) data for OpenStreetMap
 
 # OpenStreetMap Protocolbuffer Binary Format (.osm.pbf)
-# http://wiki.openstreetmap.org/wiki/PBF_Format
+# https://wiki.openstreetmap.org/wiki/PBF_Format
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	belong&0xfffffff0	0
 >4	beshort			0x0A09
@@ -20988,7 +23394,7 @@
 
 # Maki-chan v2 Graphic format
 # http://www.jisyo.com/viewer/faq/mag_tech.htm
-# http://mooncore.eu/bunny/txt/makichan.htm
+# https://mooncore.eu/bunny/txt/makichan.htm
 # http://metanest.jp/mag/mag.xhtml
 0	string/b		MAKI02\ \ 	Maki-chan v2 image,
 >8	byte		x		system ID: %c
@@ -21044,17 +23450,19 @@
 >>>&12	ubeshort	x		\b%d
 
 #------------------------------------------------------------------------------
-# $File: pdf,v 1.9 2017/05/24 17:35:20 christos Exp $
+# $File: pdf,v 1.10 2018/05/23 22:21:01 christos Exp $
 # pdf:  file(1) magic for Portable Document Format
 #
 
 0	string		%PDF-		PDF document
 !:mime	application/pdf
+!:strength +60
 >5	byte		x		\b, version %c
 >7	byte		x		\b.%c
 
 0	string		\012%PDF-	PDF document
 !:mime	application/pdf
+!:strength +60
 >6	byte		x		\b, version %c
 >8	byte		x		\b.%c
 
@@ -21062,11 +23470,13 @@
 # Forms Data Format
 0       string          %FDF-           FDF document
 !:mime application/vnd.fdf
+!:strength +60
 >5      byte            x               \b, version %c
 >7      byte            x               \b.%c
 
 0	search/256	%PDF-		PDF document
 !:mime	application/pdf
+!:strength +60
 >&0	byte		x		\b, version %c
 >&2	byte		x		\b.%c
 
@@ -21265,9 +23675,9 @@
 #>>(4.l+12)	lelong x level 2 size: %d
 
 #------------------------------------------------------------------------------
-# $File: pgp,v 1.15 2018/02/24 16:11:23 christos Exp $
+# $File: pgp,v 1.17 2019/04/19 00:42:27 christos Exp $
 # pgp:  file(1) magic for Pretty Good Privacy
-# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
+# see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
 #
 # Update: Joerg Jenderek
 # Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP`
@@ -21339,7 +23749,7 @@
 # Decode the type of the packet based on it's base64 encoding.
 # Idea from Mark Martinec
 # The specification is in RFC 4880, section 4.2 and 4.3:
-# http://tools.ietf.org/html/rfc4880#section-4.2
+# https://tools.ietf.org/html/rfc4880#section-4.2
 
 0	name		pgp
 >0	byte		0x67		Reserved (old)
@@ -21782,9 +24192,9 @@
 
 # PGP RSA (e=65537) secret (sub-)key header
 
-0	byte	0x95			PGP	Secret Key -
+0	byte	0x95			PGP Secret Key -
 >1	use	pgpkey
-0	byte	0x97			PGP	Secret Sub-key -
+0	byte	0x97			PGP Secret Sub-key -
 >1	use	pgpkey
 0	byte	0x9d
 # Update: Joerg Jenderek
@@ -21869,14 +24279,14 @@
 >15	byte		>0x02		- Bad Flags
 
 #------------------------------------------------------------------------------
-# $File: polyml,v 1.1 2016/02/26 15:52:45 christos Exp $
+# $File: polyml,v 1.2 2019/04/19 00:42:27 christos Exp $
 # polyml:  file(1) magic for PolyML
 #
 # PolyML
 # MPEG, FLI, DL originally from vax@ccwf.cc.utexas.edu (VaX#n8)
 # FLC, SGI, Apple originally from Daniel Quinlan (quinlan@yggdrasil.com)
 
-# [0]: http://www.polyml.org/
+# [0]: https://www.polyml.org/
 # [1]: https://github.com/polyml/polyml/blob/master/\
 #	libpolyml/savestate.cpp#L146-L147
 # [2]: https://github.com/polyml/polyml/blob/master/\
@@ -21892,7 +24302,7 @@
 >8	long	x		version %u
 
 #------------------------------------------------------------------------------
-# $File: printer,v 1.28 2017/03/17 22:20:22 christos Exp $
+# $File: printer,v 1.29 2019/04/19 00:42:27 christos Exp $
 # printer:  file(1) magic for printer-formatted files
 #
 
@@ -21932,7 +24342,7 @@
 
 # Summary: Adobe's PostScript Printer Description File
 # Extension: .ppd
-# Reference: http://partners.adobe.com/public/developer/en/ps/5003.PPD_Spec_v4.3.pdf, Section 3.8
+# Reference: https://partners.adobe.com/public/developer/en/ps/5003.PPD_Spec_v4.3.pdf, Section 3.8
 # Submitted by: Yves Arrouye <arrouye@marin.fdn.fr>
 #
 0	string		*PPD-Adobe:\x20	PPD file
@@ -22066,11 +24476,11 @@
 >>4	string	>\0	from kernel %s
 
 #------------------------------------------------------------------------------
-# $File: psl,v 1.2 2016/07/14 17:34:27 christos Exp $
+# $File: psl,v 1.3 2019/04/19 00:42:27 christos Exp $
 # psl:  file(1) magic for Public Suffix List representations
 # From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 # URL: https://publicsuffix.org
-# see also: http://thread.gmane.org/gmane.network.dns.libpsl.bugs/162/focus=166
+# see also: https://thread.gmane.org/gmane.network.dns.libpsl.bugs/162/focus=166
 
 0	search/512	\n\n//\ ===BEGIN\ ICANN\ DOMAINS===\n\n Public Suffix List data
 
@@ -22093,15 +24503,15 @@
 
 
 #------------------------------------------------------------------------------
-# $File: pwsafe,v 1.1 2012/10/25 00:12:19 christos Exp $
+# $File: pwsafe,v 1.2 2019/04/19 00:42:27 christos Exp $
 # pwsafe: file(1) magic for passwordsafe file
 #
 # Password Safe
 # http://passwordsafe.sourceforge.net/
 # file format specs
-# http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV3.txt
-# V2 http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV2.txt
-# V1 http://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/notes.txt
+# https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV3.txt
+# V2 https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/formatV2.txt
+# V1 https://passwordsafe.svn.sourceforge.net/viewvc/passwordsafe/trunk/pwsafe/pwsafe/docs/notes.txt
 # V2 and V1 have no easy identifier that I can find
 # .psafe3
 0	string	PWS3	Password Safe V3 database
@@ -22119,7 +24529,7 @@
 >16	long		>0		not stripped
 
 #------------------------------------------------------------------------------
-# $File: python,v 1.34 2017/08/14 07:40:38 christos Exp $
+# $File: python,v 1.36 2019/04/09 18:28:25 christos Exp $
 # python:  file(1) magic for python
 #
 # Outlook puts """ too for urgent messages
@@ -22146,7 +24556,7 @@
 0	belong		0x160d0d0a	python 3.5.1- byte-compiled
 0	belong		0x170d0d0a	python 3.5.2+ byte-compiled
 0	belong		0x330d0d0a	python 3.6 byte-compiled
-0	belong		0x3e0d0d0a	python 3.7 byte-compiled
+0	belong		0x420d0d0a	python 3.7 byte-compiled
 
 
 0	search/1/w	#!\ /usr/bin/python	Python script text executable
@@ -22164,7 +24574,8 @@
 
 
 # from module.submodule import func1, func2
-0	regex		\^from[\040\t\f\r\n]+([A-Za-z0-9_]|\\.)+[\040\t\f\r\n]+import.*$	Python script text executable
+0	search/8192	import
+>0	regex		\^from[\040\t\f\r\n]+([A-Za-z0-9_]|\\.)+[\040\t\f\r\n]+import.*$	Python script text executable
 !:strength + 15
 !:mime text/x-python
 
@@ -22182,7 +24593,8 @@
 !:mime text/x-python
 
 # import module [as abrev]
-0	regex	\^import\ [_[:alpha:]]+\ as\ [[:alpha:]][[:space:]]*$ Python script text executable
+0	search/8192	import
+>0	regex	\^import\ [_[:alpha:]]+\ as\ [[:alpha:]][[:space:]]*$ Python script text executable
 !:mime text/x-python
 
 # comments
@@ -22205,21 +24617,23 @@
 !:mime text/x-python
 
 # class name[(base classes,)]: [pass]
-0	regex	\^class\ [_[:alpha:]]+(\\(.*\\))?(\ )*:([\ \t]+pass)?$		Python script text executable
+0	search/8192	class
+>0	regex	\^class\ [_[:alpha:]]+(\\(.*\\))?(\ )*:([\ \t]+pass)?$		Python script text executable
 !:strength + 15
 !:mime text/x-python
 
 # def name(*args, **kwargs):
-0	regex	 \^[[:space:]]{0,50}def\ {1,50}[_a-zA-Z]{1,100}
->&0	regex	 \\(([[:alpha:]*_,\ ]){0,255}\\):$ Python script text executable
+0	search/8192	def\ 
+>0	regex	 \^[[:space:]]{0,50}def\ {1,50}[_a-zA-Z]{1,100}
+>>&0	regex	 \\(([[:alpha:]*_,\ ]){0,255}\\):$ Python script text executable
 !:strength + 15
 !:mime text/x-python
 
 #------------------------------------------------------------------------------
-# $File: qt,v 1.2 2014/12/16 19:49:29 christos Exp $
+# $File: qt,v 1.3 2019/04/19 00:42:27 christos Exp $
 # qt:  file(1) magic for Qt
 
-# http://doc.qt.io/qt-5/resources.html
+# https://doc.qt.io/qt-5/resources.html
 0	string		\<!DOCTYPE\040RCC\>	Qt Resource Collection file
 
 # https://qt.gitorious.org/qt/qtbase/source/\
@@ -22235,7 +24649,7 @@
 >8	string		\xcd\x21\x1c\xbf\x60\xa1\xbd\xdd	Qt Translation file
 
 #------------------------------------------------------------------------------
-# $File: revision,v 1.10 2017/10/19 16:40:37 christos Exp $
+# $File: revision,v 1.11 2019/04/19 00:42:27 christos Exp $
 # file(1) magic for revision control files
 # From Hendrik Scholz <hendrik@scholz.net>
 0	string/t	/1\ :pserver:	cvs password text file
@@ -22295,17 +24709,17 @@
 >28	string	>\0				(version: %s)
 
 # Type:	Bazaar revision bundles and merge requests
-# URL:	http://www.bazaar-vcs.org/
+# URL:	https://www.bazaar-vcs.org/
 # From:	Jelmer Vernooij <jelmer@samba.org>
 0	string	#\ Bazaar\ revision\ bundle\ v Bazaar Bundle
 0	string	#\ Bazaar\ merge\ directive\ format Bazaar merge directive
 
 #------------------------------------------------------------------------------
-# $File: riff,v 1.33 2017/10/06 01:11:24 christos Exp $
+# $File: riff,v 1.34 2019/04/19 00:42:27 christos Exp $
 # riff:  file(1) magic for RIFF format
 # See
 #
-#	http://www.seanet.com/users/matts/riffmci/riffmci.htm
+#	https://www.seanet.com/users/matts/riffmci/riffmci.htm
 #	http://www-mmsp.ece.mcgill.ca/Documents/AudioFormats/WAVE/Docs/riffmci.pdf
 #
 
@@ -22374,7 +24788,7 @@
 # RIFF Palette format
 # Update: Joerg Jenderek
 # URL: https://en.wikipedia.org/wiki/Resource_Interchange_File_Format
-# Reference: http://worms2d.info/Palette_file
+# Reference: https://worms2d.info/Palette_file
 >8	string		PAL\ 		\b, palette
 !:mime	application/x-riff
 # color palette by Microsoft Corporation
@@ -22551,7 +24965,7 @@
 # MPEG-1 wrapped in a RIFF, apparently
 >8      string          CDXA            \b, wrapped MPEG-1 (CDXA)
 >8	string		4XMV		\b, 4X Movie file
-# AMV-type AVI file: http://wiki.multimedia.cx/index.php?title=AMV
+# AMV-type AVI file: https://wiki.multimedia.cx/index.php?title=AMV
 >8	string		AMV\040		\b, AMV
 >8      string          WEBP            \b, Web/P image
 !:mime	image/webp
@@ -22623,7 +25037,7 @@
 
 #------------------------------------------------------------------------------
 # MBWF/RF64
-# see EBU TECH 3306 http://tech.ebu.ch/docs/tech/tech3306-2009.pdf
+# see EBU TECH 3306 https://tech.ebu.ch/docs/tech/tech3306-2009.pdf
 0	string	RF64\xff\xff\xff\xffWAVEds64		MBWF/RF64 audio
 !:mime	audio/x-wav
 >40	search/256	fmt\x20		\b
@@ -22692,6 +25106,13 @@
 >>8	beshort		18		Xtensa
 >>10	string		x		%s
 
+#------------------------------------------------------------------------------
+# $File: rpmsg,v 1.1 2019/04/19 00:40:47 christos Exp $
+# rpmsg: file(1) magic for restricted-permission messages (or "rights-protected" messages)
+# see https://en.wikipedia.org/wiki/Rpmsg
+
+0	string	\x76\xe8\x04\x60\xc4\x11\xe3\x86	rpmsg Restricted Permission Message
+
 #------------------------------------------------------------------------------
 # $File: rtf,v 1.7 2009/09/19 16:28:12 christos Exp $
 # rtf:	file(1) magic for Rich Text Format (RTF)
@@ -22709,9 +25130,9 @@
 >5	default		x		unknown version
 
 #------------------------------------------------------------------------------
-# $File: ruby,v 1.7 2017/08/14 13:39:18 christos Exp $
+# $File: ruby,v 1.9 2019/04/19 00:42:27 christos Exp $
 # ruby:  file(1) magic for Ruby scripting language
-# URL:  http://www.ruby-lang.org/
+# URL:  https://www.ruby-lang.org/
 # From: Reuben Thomas <rrt@sc3d.org>
 
 # Ruby scripts
@@ -22731,9 +25152,10 @@
 # What looks like ruby, but does not have a shebang
 # (modules and such)
 # From: Lubomir Rintel <lkundrak@v3.sk>
-0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'
->0	regex		def\ [a-z]|\ do$
->>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+0	search/8192	require
+>0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'
+>>0	regex		def\ [a-z]|\ do$
+>>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
 !:strength + 30
 !:mime	text/x-ruby
 0	regex		\^[[:space:]]*(class|module)[[:space:]][A-Z]
@@ -22749,14 +25171,17 @@
 # Looks for function definition to balance python magic
 # def name (args)
 # end
-0	regex		\^[[:space:]]*def\ [a-z]|def\ [[:alpha:]]+::[a-z]
->&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
+0	search/8192	def\ 
+>0	regex		\^[[:space:]]*def\ [a-z]|def\ [[:alpha:]]+::[a-z]
+>>&0	regex		\^[[:space:]]*end([[:space:]]+[;#].*)?$		Ruby script text
 !:strength + 10
 !:mime	text/x-ruby
 
-0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'	Ruby script text
+0	search/8192	require
+>0	regex		\^[[:space:]]*require[[:space:]]'[A-Za-z_/]+'	Ruby script text
 !:mime	text/x-ruby
-0 regex 	\^[[:space:]]*include\ ([A-Z]+[a-z]*(::))+	Ruby script text
+0	search/8192	include
+>0 regex 	\^[[:space:]]*include\ ([A-Z]+[a-z]*(::))+	Ruby script text
 !:mime	text/x-ruby
 
 #------------------------------------------------------------------------------
@@ -22789,7 +25214,7 @@
 8	string		\001s\ 			SCCS archive data
 
 #------------------------------------------------------------------------------
-# $File: scientific,v 1.12 2017/03/17 22:20:22 christos Exp $
+# $File: scientific,v 1.13 2019/04/19 00:42:27 christos Exp $
 # scientific:  file(1) magic for scientific formats
 #
 # From: Joe Krahn <krahn@niehs.nih.gov>
@@ -22864,8 +25289,8 @@
 # PDB: Protein Data Bank files
 # Adam Buchbinder <adam.buchbinder@gmail.com>
 #
-# http://www.wwpdb.org/documentation/format32/sect2.html
-# http://www.ch.ic.ac.uk/chemime/
+# https://www.wwpdb.org/documentation/format32/sect2.html
+# https://www.ch.ic.ac.uk/chemime/
 #
 # The PDB file format is fixed-field, 80 columns. From the spec:
 #
@@ -22906,7 +25331,7 @@
 0	belong	0xedfeedfe	Sun 'jks' Java Keystore File data
 # Type:	SE Linux policy modules *.pp reference policy
 #	for Fedora 5 to 9, RHEL5, and Debian Etch and Lenny.
-# URL:	http://doc.coker.com.au/computers/selinux-magic
+# URL:	https://doc.coker.com.au/computers/selinux-magic
 # From:	Russell Coker <russell@coker.com.au>
 
 0		lelong	0xf97cff8f	SE Linux modular policy
@@ -22930,7 +25355,7 @@
 #0	search	gen_sens(	SE Linux policy MLS constraints source
 
 #------------------------------------------------------------------------------
-# $File: sendmail,v 1.10 2017/08/13 00:21:47 christos Exp $
+# $File: sendmail,v 1.11 2019/04/19 00:42:27 christos Exp $
 # sendmail:  file(1) magic for sendmail config files
 #
 # XXX - byte order?
@@ -22942,7 +25367,7 @@
 # Email_23_f217153422.ts Sendmail frozen configuration
 # - version \330jK\354
 0	byte	046
-# http://www.sendmail.com/sm/open_source/docs/older_release_notes/
+# https://www.sendmail.com/sm/open_source/docs/older_release_notes/
 # freezed configuration file (dbm format?) created from sendmal.cf with -bz
 # by older sendmail. til version 8.6 support for frozen configuration files is removed
 # valid version numbers look like "7.14.4" and should be similar to output of commands
@@ -22967,7 +25392,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sequent,v 1.13 2017/03/17 21:35:28 christos Exp $
+# $File: sequent,v 1.14 2019/04/19 00:42:27 christos Exp $
 # sequent:  file(1) magic for Sequent machines
 #
 # Sequent information updated by Don Dwiggins <atsun!dwiggins>.
@@ -22997,7 +25422,7 @@
 0	leshort	0x32eb		SYMMETRY i386 executable (invalid @ 0)
 >16	lelong	>0		not stripped
 >124	lelong	>0		version %d
-# http://en.wikipedia.org/wiki/Sequent_Computer_Systems
+# https://en.wikipedia.org/wiki/Sequent_Computer_Systems
 # below test line conflicts with MS-DOS 2.11 floppies and Acronis loader
 #0	leshort	0x42eb		SYMMETRY i386 standalone executable
 0	leshort	0x42eb
@@ -23044,7 +25469,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sgi,v 1.22 2015/08/29 07:10:35 christos Exp $
+# $File: sgi,v 1.23 2018/05/29 02:26:56 christos Exp $
 # sgi:  file(1) magic for Silicon Graphics operating systems and applications
 #
 # Executable images are handled either in aout (for old-style a.out
@@ -23114,8 +25539,6 @@
 4	belong	0x00000010		GLS_BINARY_MSB_FIRST
 !:strength -30
 
-#
-#
 # Performance Co-Pilot file types
 0	string	PmNs				PCP compiled namespace (V.0)
 0	string	PmN				PCP compiled namespace
@@ -23158,6 +25581,8 @@
 >16	string	>\0				(V.%1.1s)
 3	string	pmieconf-pmie			PCP pmie config
 >17	string	>\0				(V.%1.1s)
+0	string	MMV				PCP memory mapped values
+>4	long	x				(V.%d)
 
 # SpeedShop data files
 0	lelong	0x13130303			SpeedShop data file
@@ -23182,7 +25607,7 @@
 8	string	DEEP		Alias Maya Image File
 
 #------------------------------------------------------------------------------
-# $File: sgml,v 1.38 2017/10/11 11:40:43 christos Exp $
+# $File: sgml,v 1.39 2019/04/19 00:42:27 christos Exp $
 # Type:	SVG Vectorial Graphics
 # From:	Noel Torres <tecnico@ejerciciosresueltos.com>
 0	string		\<?xml\ version=
@@ -23201,7 +25626,7 @@
 !:mime	application/xml-sitemap
 
 # OpenStreetMap XML (.osm)
-# http://wiki.openstreetmap.org/wiki/OSM_XML
+# https://wiki.openstreetmap.org/wiki/OSM_XML
 # From: Markus Heidelberg <markus.heidelberg@web.de>
 0	string		\<?xml\ version=
 >14	regex		['"\ \t]*[0-9.]+['"\ \t]*
@@ -23470,7 +25895,7 @@
 
 
 #------------------------------------------------------------------------------
-# $File: sniffer,v 1.19 2013/01/06 01:11:04 christos Exp $
+# $File: sniffer,v 1.25 2019/05/05 17:03:41 christos Exp $
 # sniffer:  file(1) magic for packet capture files
 #
 # From: guy@alum.mit.edu (Guy Harris)
@@ -23512,7 +25937,7 @@
 # Sorry, make that "Network Associates Sniffer capture files."
 # Sorry, make that "Network General old DOS Sniffer capture files."
 #
-0	string		TRSNIFF\ data\ \ \ \ \032	Sniffer capture file
+0	string		TRSNIFF\040data\040\040\040\040\032	Sniffer capture file
 >33	byte		2		(compressed)
 >23	leshort		x		- version %d
 >25	leshort		x		\b.%d
@@ -23547,6 +25972,7 @@
 
 #
 # "libpcap" capture files.
+# https://www.tcpdump.org/manpages/pcap-savefile.5.html
 # (We call them "tcpdump capture file(s)" for now, as "tcpdump" is
 # the main program that uses that format, but there are other programs
 # that use "libpcap", or that use the same capture file format.)
@@ -23554,6 +25980,8 @@
 0	name		pcap-be
 >4	beshort		x		- version %d
 >6	beshort		x		\b.%d
+# clear that continuation level match
+>20	clear		x
 >20	belong		0		(No link-layer encapsulation
 >20	belong		1		(Ethernet
 >20	belong		2		(3Mb Ethernet
@@ -23584,7 +26012,7 @@
 >20	belong		108		(OpenBSD loopback
 >20	belong		109		(OpenBSD IPsec encrypted
 >20	belong		112		(Cisco HDLC
->20	belong		113		(Linux "cooked"
+>20	belong		113		(Linux cooked v1
 >20	belong		114		(LocalTalk
 >20	belong		117		(OpenBSD PFLOG
 >20	belong		119		(802.11 with Prism header
@@ -23592,13 +26020,21 @@
 >20	belong		123		(SunATM
 >20	belong		127		(802.11 with radiotap header
 >20	belong		129		(Linux ARCNET
+>20	belong		130		(Juniper Multi-Link PPP
+>20	belong		131		(Juniper Multi-Link Frame Relay
+>20	belong		132		(Juniper Encryption Services PIC
+>20	belong		133		(Juniper GGSN PIC
+>20	belong		134		(Juniper FRF.16 Frame Relay
+>20	belong		135		(Juniper ATM2 PIC
+>20	belong		136		(Juniper Advanced Services PIC
+>20	belong		137		(Juniper ATM1 PIC
 >20	belong		138		(Apple IP over IEEE 1394
->20	belong		139		(MTP2 with pseudo-header
->20	belong		140		(MTP2
->20	belong		141		(MTP3
->20	belong		142		(SCCP
+>20	belong		139		(SS7 MTP2 with pseudo-header
+>20	belong		140		(SS7 MTP2
+>20	belong		141		(SS7 MTP3
+>20	belong		142		(SS7 SCCP
 >20	belong		143		(DOCSIS
->20	belong		144		(IrDA
+>20	belong		144		(Linux IrDA
 >20	belong		147		(Private use 0
 >20	belong		148		(Private use 1
 >20	belong		149		(Private use 2
@@ -23616,16 +26052,41 @@
 >20	belong		161		(Private use 14
 >20	belong		162		(Private use 15
 >20	belong		163		(802.11 with AVS header
+>20	belong		164		(Juniper Passive Monitor PIC
 >20	belong		165		(BACnet MS/TP
 >20	belong		166		(PPPD
+>20	belong		167		(Juniper PPPoE
+>20	belong		168		(Juniper PPPoE/ATM
 >20	belong		169		(GPRS LLC
+>20	belong		170		(GPF-T
+>20	belong		171		(GPF-F
+>20	belong		174		(Juniper PIC Peer
+>20	belong		175		(Ethernet with Endace ERF header
+>20	belong		176		(Packet-over-SONET with Endace ERF header
 >20	belong		177		(Linux LAPD
+>20	belong		178		(Juniper Ethernet
+>20	belong		179		(Juniper PPP
+>20	belong		180		(Juniper Frame Relay
+>20	belong		181		(Juniper C-HDLC
+>20	belong		182		(FRF.16 Frame Relay
+>20	belong		183		(Juniper Voice PIC
+>20	belong		184		(Arinc 429
+>20	belong		185		(Arinc 653 Interpartition Communication
+>20	belong		186		(USB with FreeBSD header
 >20	belong		187		(Bluetooth HCI H4
+>20	belong		188		(802.16 MAC Common Part Sublayer
 >20	belong		189		(Linux USB
+>20	belong		190		(Controller Area Network (CAN) v. 2.0B
+>20	belong		191		(802.15.4 with Linux padding
 >20	belong		192		(PPI
->20	belong		195		(802.15.4
+>20	belong		193		(802.16 MAC Common Part Sublayer plus radiotap header
+>20	belong		194		(Juniper Integrated Service Module
+>20	belong		195		(802.15.4 with FCS
 >20	belong		196		(SITA
 >20	belong		197		(Endace ERF
+>20	belong		198		(Ethernet with u10 Networks pseudo-header
+>20	belong		199		(IPMB
+>20	belong		200		(Juniper Secure Tunnel
 >20	belong		201		(Bluetooth HCI H4 with pseudo-header
 >20	belong		202		(AX.25 with KISS header
 >20	belong		203		(LAPD
@@ -23634,7 +26095,12 @@
 >20	belong		206		(Frame Relay with direction pseudo-header
 >20	belong		209		(Linux IPMB
 >20	belong		215		(802.15.4 with non-ASK PHY header
+>20	belong		216		(Linux evdev events
+>20	belong		219		(MPLS with label as link-layer header
 >20	belong		220		(Memory-mapped Linux USB
+>20	belong		221		(DECT
+>20	belong		222		(AOS Space Data Link protocol
+>20	belong		223		(Wireless HART
 >20	belong		224		(Fibre Channel FC-2
 >20	belong		225		(Fibre Channel FC-2 with frame delimiters
 >20	belong		226		(Solaris IPNET
@@ -23643,69 +26109,114 @@
 >20	belong		229		(Raw IPv6
 >20	belong		230		(802.15.4 without FCS
 >20	belong		231		(D-Bus messages
+>20	belong		232		(Juniper Virtual Server
+>20	belong		233		(Juniper SRX E2E
+>20	belong		234		(Juniper Fibre Channel
 >20	belong		235		(DVB-CI
 >20	belong		236		(MUX27010
 >20	belong		237		(STANAG 5066 D_PDUs
->20	belong		239		(Linux netlink NFLOG messages
+>20	belong		238		(Juniper ATM CEMIC
+>20	belong		239		(Linux netfilter log messages
 >20	belong		240		(Hilscher netAnalyzer
 >20	belong		241		(Hilscher netAnalyzer with delimiters
 >20	belong		242		(IP-over-Infiniband
 >20	belong		243		(MPEG-2 Transport Stream packets
 >20	belong		244		(ng4t ng40
 >20	belong		245		(NFC LLCP
->20	belong		247		(Infiniband
+>20	belong		246		(Packet filter state syncing
+>20	belong		247		(InfiniBand
 >20	belong		248		(SCTP
->16	belong		x		\b, capture length %d)
+>20	belong		249		(USB with USBPcap header
+>20	belong		250		(Schweitzer Engineering Laboratories RTAC packets
+>20	belong		251		(Bluetooth Low Energy air interface
+>20	belong		252		(Wireshark Upper PDU export
+>20	belong		253		(Linux netlink
+>20	belong		254		(Bluetooth Linux Monitor
+>20	belong		255		(Bluetooth Basic Rate/Enhanced Data Rate baseband packets
+>20	belong		256		(Bluetooth Low Energy air interface with pseudo-header
+>20	belong		257		(PROFIBUS data link layer
+>20	belong		258		(Apple DLT_PKTAP
+>20	belong		259		(Ethernet with 802.3 Clause 65 EPON preamble
+>20	belong		260		(IPMI trace packets
+>20	belong		261		(Z-Wave RF profile R1 and R2 packets
+>20	belong		262		(Z-Wave RF profile R3 packets
+>20	belong		263		(WattStopper Digital Lighting Mngmt/Legrand Nitoo Open Proto
+>20	belong		264		(ISO 14443 messages
+>20	belong		265		(IEC 62106 Radio Data System groups
+>20	belong		266		(USB with Darwin header
+>20	belong		267		(OpenBSD DLT_OPENFLOW
+>20	belong		268		(IBM SDLC frames
+>20	belong		269		(TI LLN sniffer frames
+>20	belong		271		(Linux vsock
+>20	belong		272		(Nordic Semiconductor Bluetooth LE sniffer frames
+>20	belong		273		(Excentis XRA-31 DOCSIS 3.1 RF sniffer frames
+>20	belong		274		(802.3br mPackets
+>20	belong		275		(DisplayPort AUX channel monitoring data
+>20	belong		276		(Linux cooked v2
+>20	belong		278		(OpenVizsla USB
+>20	belong		279		(Elektrobit High Speed Capture and Replay (EBHSCR)
+>20	belong		281		(Broadcom tag
+>20	belong		282		(Broadcom tag (prepended)
+# print default match
+>20	default		x
+>>20	belong		x		(linktype#%u
+>16	belong		x		\b, capture length %u)
 
-0	ubelong		0xa1b2c3d4	tcpdump capture file (big-endian)
+# packets time stamps in seconds and microseconds.
+0	ubelong		0xa1b2c3d4	pcap capture file, microseconds ts (big-endian)
 !:mime	application/vnd.tcpdump.pcap
 >0	use	pcap-be
-0	ulelong		0xa1b2c3d4	tcpdump capture file (little-endian)
+0	ulelong		0xa1b2c3d4	pcap capture file, microsecond ts (little-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	\^pcap-be
+
+# packets time stamps in seconds and nanoseconds.
+0	ubelong		0xa1b23c4d	pcap capture file, nanosecond ts (big-endian)
+!:mime	application/vnd.tcpdump.pcap
+>0	use	pcap-be
+0	ulelong		0xa1b23c4d	pcap capture file, nanosecond ts (little-endian)
 !:mime	application/vnd.tcpdump.pcap
 >0	use	\^pcap-be
 
 #
 # "libpcap"-with-Alexey-Kuznetsov's-patches capture files.
-# (We call them "tcpdump capture file(s)" for now, as "tcpdump" is
-# the main program that uses that format, but there are other programs
-# that use "libpcap", or that use the same capture file format.)
 #
-0	ubelong		0xa1b2cd34	extended tcpdump capture file (big-endian)
+0	ubelong		0xa1b2cd34	pcap capture file, microsecond ts, extensions (big-endian)
 >0	use	pcap-be
-0	ulelong		0xa1b2cd34	extended tcpdump capture file (little-endian)
+0	ulelong		0xa1b2cd34	pcap capture file, microsecond ts, extensions (little-endian)
 >0	use	\^pcap-be
 
 #
-# "pcap-ng" capture files.
-# http://www.winpcap.org/ntar/draft/PCAP-DumpFileFormat.html
-# Pcap-ng files can contain multiple sections. Printing the endianness,
+# "pcapng" capture files.
+# https://github.com/pcapng/pcapng
+# Pcapng files can contain multiple sections. Printing the endianness,
 # snaplen, or other information from the first SHB may be misleading.
 #
 0	ubelong		0x0a0d0d0a
->8	ubelong		0x1a2b3c4d	pcap-ng capture file
+>8	ubelong		0x1a2b3c4d	pcapng capture file
 >>12	beshort		x		- version %d
 >>14	beshort		x		\b.%d
 0	ulelong		0x0a0d0d0a
->8	ulelong		0x1a2b3c4d	pcap-ng capture file
+>8	ulelong		0x1a2b3c4d	pcapng capture file
 >>12	leshort		x		- version %d
 >>14	leshort		x		\b.%d
 
 #
 # AIX "iptrace" capture files.
 #
-0	string		iptrace\ 1.0	"iptrace" capture file
-0	string		iptrace\ 2.0	"iptrace" capture file
+0	string		iptrace\0401.0	AIX iptrace capture file
+0	string		iptrace\0402.0	AIX iptrace capture file
 
 #
 # Novell LANalyzer capture files.
 #
-0	leshort		0x1001		LANalyzer capture file
-0	leshort		0x1007		LANalyzer capture file
+0	leshort		0x1001		Novell LANalyzer capture file
+0	leshort		0x1007		Novell LANalyzer capture file
 
 #
 # HP-UX "nettl" capture files.
 #
-0	string		\x54\x52\x00\x64\x00	"nettl" capture file
+0	string		\x54\x52\x00\x64\x00	HP/UX nettl capture file
 
 #
 # RADCOM WAN/LAN Analyzer capture files.
@@ -23879,7 +26390,7 @@
 >>>7   byte		1	       (alternate timings)
 
 #------------------------------------------------------------------------------
-# $File: sql,v 1.21 2017/03/17 21:35:28 christos Exp $
+# $File: sql,v 1.22 2019/04/19 00:42:27 christos Exp $
 # sql:  file(1) magic for SQL files
 #
 # From: "Marty Leisner" <mleisner@eng.mc.xerox.com>
@@ -23998,13 +26509,13 @@
 
 
 # SQLite Write-Ahead Log from SQLite version >= 3.7.0
-# http://www.sqlite.org/fileformat.html#walformat
+# https://www.sqlite.org/fileformat.html#walformat
 0	belong&0xfffffffe	0x377f0682	SQLite Write-Ahead Log,
 !:ext sqlite-wal/db-wal
 >4	belong	x	version %d
 
 # SQLite Rollback Journal
-# http://www.sqlite.org/fileformat.html#rollbackjournal
+# https://www.sqlite.org/fileformat.html#rollbackjournal
 0	string	\xd9\xd5\x05\xf9\x20\xa1\x63\xd7	SQLite Rollback Journal
 
 # Panasonic channel list database svl.bin or svl.db added by Joerg Jenderek
@@ -24016,7 +26527,7 @@
 #!:mime	application/x-panasonic-sqlite3
 >>&-15	indirect	x			\b; contains
 
-# H2 Database from http://www.h2database.com/
+# H2 Database from https://www.h2database.com/
 0	string		--\ H2\ 0.5/B\ --\ \n	H2 Database file
 # Type:	OpenSSH key files
 # From:	Nicolas Collignon <tsointsoin@gmail.com>
@@ -24053,7 +26564,7 @@
 0	string U2FsdGVkX1	openssl enc'd data with salted password, base64 encoded
 
 #------------------------------------------------------------------------------
-# $File: sun,v 1.27 2014/04/30 21:41:02 christos Exp $
+# $File: sun,v 1.28 2019/04/19 00:42:27 christos Exp $
 # sun:  file(1) magic for Sun machines
 #
 # Values for big-endian Sun (MC680x0, SPARC) binaries on pre-5.x
@@ -24146,7 +26657,7 @@
 0	string		#SUNPC_CONFIG	SunPC 4.0 Properties Values
 # Sun snoop (see RFC 1761, which describes the capture file format,
 # RFC 3827, which describes some additional datalink types, and
-# http://www.iana.org/assignments/snoop-datalink-types/snoop-datalink-types.xml,
+# https://www.iana.org/assignments/snoop-datalink-types/snoop-datalink-types.xml,
 # which is the IANA registry of Snoop datalink types)
 #
 0	string		snoop		Snoop capture file
@@ -24236,12 +26747,12 @@
 
 
 #------------------------------------------------------------------------
-# $File: sysex,v 1.9 2017/03/17 21:35:28 christos Exp $
+# $File: sysex,v 1.10 2019/04/19 00:42:27 christos Exp $
 # sysex: file(1) magic for MIDI sysex files
 #
 # GRR: original 1 byte test at offset was too general as it catches also many FATs of DOS filesystems
 # where real SYStem EXclusive messages at offset 1 are limited to seven bits
-# http://en.wikipedia.org/wiki/MIDI
+# https://en.wikipedia.org/wiki/MIDI
 0	ubeshort&0xFF80		0xF000		SysEx File -
 
 # North American Group
@@ -24448,7 +26959,7 @@
 >1	byte			0x52		Zoom
 >1	byte			0x54		Matsushita
 >1	byte			0x57		Acoustic tech. lab.
-# http://www.midi.org/techspecs/manid.php
+# https://www.midi.org/techspecs/manid.php
 >1	belong&0xffffff00	0x00007400	Ta Horng
 >1	belong&0xffffff00	0x00007500	e-Tek
 >1	belong&0xffffff00	0x00007600	E-Voice
@@ -24556,7 +27067,7 @@
 0	string			T707		Roland TR-707 Data
 #------------------------------------------------------------------------------
 # file:  file(1) magic for Tcl scripting language
-# URL:  http://www.tcl.tk/
+# URL:  https://www.tcl.tk/
 # From: gustaf neumann
 
 # Tcl scripts
@@ -24591,11 +27102,11 @@
 0       string          #!teapot\012xdr      teapot work sheet (XDR format)
 
 #------------------------------------------------------------------------------
-# $File: terminfo,v 1.10 2018/01/21 03:26:33 christos Exp $
+# $File: terminfo,v 1.11 2019/04/19 00:42:27 christos Exp $
 # terminfo:  file(1) magic for terminfo
 #
-# URL: http://invisible-island.net/ncurses/man/term.5.html
-# URL: http://invisible-island.net/ncurses/man/scr_dump.5.html
+# URL: https://invisible-island.net/ncurses/man/term.5.html
+# URL: https://invisible-island.net/ncurses/man/scr_dump.5.html
 #
 # Workaround for Targa image type by Joerg Jenderek
 # GRR: line below too general as it catches also
@@ -24653,7 +27164,7 @@
 0	string		PDC\001		PDCurses screen image
 
 #------------------------------------------------------------------------------
-# $File: tex,v 1.20 2014/03/16 02:53:03 christos Exp $
+# $File: tex,v 1.21 2019/04/19 00:42:27 christos Exp $
 # tex:  file(1) magic for TeX files
 #
 # XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
@@ -24761,7 +27272,7 @@
 0	string		#LyX		LyX document text
 
 # ConTeXt documents
-#	http://wiki.contextgarden.net/
+#	https://wiki.contextgarden.net/
 0	search/4096	\\setupcolors[		ConTeXt document text
 !:strength + 15
 0	search/4096	\\definecolor[		ConTeXt document text
@@ -25070,18 +27581,20 @@
 0	string	\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0	old timezone data
 
 #------------------------------------------------------------------------------
-# $File: tplink,v 1.2 2017/12/14 05:52:56 christos Exp $
+# $File: tplink,v 1.4 2019/04/19 00:42:27 christos Exp $
 # tplink: File magic for openwrt firmware files
 
 # URL: https://wiki.openwrt.org/doc/techref/header
-# Reference: http://git.openwrt.org/?p=openwrt.git;a=blob;f=tools/firmware-utils/src/mktplinkfw.c
+# Reference: https://git.openwrt.org/?p=openwrt.git;a=blob;f=tools/firmware-utils/src/mktplinkfw.c
 # From: Joerg Jenderek
 # check for valid header version 1 or 2
 0		ulelong		<3
 >0		ulelong		!0
 # test for header padding with nulls
 >>0x100		long		0
->>>0		use		firmware-tplink
+# skip Norton Commander Cleanup Utility NCCLEAN.INI by looking for valid vendor
+>>>4		ubelong		>0x1F000000
+>>>>0		use		firmware-tplink
 
 0		name		firmware-tplink
 >0		ubyte		x		firmware
@@ -25133,11 +27646,13 @@
 # look for kernel type (gzip compressed vmlinux.bin by ./compress)
 >(0x80.L)	indirect	x
 # root file system data offset
+# WRONG in 5.35 with above indirect expression
 >0x88		ubelong		x		\b, at 0x%x
 # rootfs data length and 1 space
 >0x8C		ubelong		x		%u bytes 
 # in 5.32 only true for offset ~< FILE_BYTES_MAX=9 MB defined in ../../src/file.h 
 >(0x88.L)	indirect	x
+# 'qshs' for wr940nv1_en_3_13_7_up(111228).bin
 #>(0x88.L)	string		x		\b, file system '%.4s'
 #>(0x88.L)	ubequad		x		\b, file system 0x%llx
 # bootloader data offset
@@ -25206,11 +27721,10 @@
 >>17	string		>\0			%s)
 
 #------------------------------------------------------------------------------
-# $File: unicode,v 1.6 2010/09/20 18:55:20 rrt Exp $
+# $File: unicode,v 1.7 2019/02/19 20:34:42 christos Exp $
 # Unicode:  BOM prefixed text files - Adrian Havill <havill@turbolinux.co.jp>
-# GRR: These types should be recognised in file_ascmagic so these
-# encodings can be treated by text patterns.
-# Missing types are already dealt with internally.
+# These types are recognised in file_ascmagic so these encodings can be
+# treated by text patterns.  Missing types are already dealt with internally.
 #
 0	string	+/v8			Unicode text, UTF-7
 0	string	+/v9			Unicode text, UTF-7
@@ -25402,7 +27916,7 @@
 >4	string		>\0		\b, name '%s'
 
 #------------------------------------------------------------------------------
-# $File: varied.script,v 1.11 2015/03/27 17:59:39 christos Exp $
+# $File: varied.script,v 1.12 2019/04/19 00:42:27 christos Exp $
 # varied.script:  file(1) magic for various interpreter scripts
 
 0	string/t		#!\ /			a
@@ -25448,7 +27962,7 @@
 
 # From: arno <arenevier@fdn.fr>
 # mozilla xpconnect typelib
-# see http://www.mozilla.org/scriptable/typelib_file.html
+# see https://www.mozilla.org/scriptable/typelib_file.html
 0	string 		XPCOM\nTypeLib\r\n\032		XPConnect Typelib
 >0x10  byte        x       version %d
 >>0x11 byte        x      \b.%d
@@ -25498,15 +28012,198 @@
 43	string	SFDU_LABEL	VICAR label file
 
 #------------------------------------------------------------------------------
-# $File: virtual,v 1.6 2014/05/07 21:25:41 christos Exp $
+# $File: virtual,v 1.10 2019/04/19 00:42:27 christos Exp $
 # From: James Nobis <quel@quelrod.net>
 # Microsoft hard disk images for:
 # Virtual Server
 # Virtual PC
-# http://technet.microsoft.com/en-us/virtualserver/bb676673.aspx
-# .vhd
+# VirtualBox
+# URL: http://fileformats.archiveteam.org/wiki/VHD_(Virtual_Hard_Disk)
+# Reference: https://download.microsoft.com/download/f/f/e/ffef50a5-07dd-4cf8-aaa3-442c0673a029/
+# Virtual%20Hard%20Disk%20Format%20Spec_10_18_06.doc
 0	string	conectix	Microsoft Disk Image, Virtual Server or Virtual PC
+# alternative shorter names
+#0	string	conectix	Microsoft Virtual Hard Disk image
+#0	string	conectix	Microsoft Virtual HD image
+!:mime	application/x-virtualbox-vhd
+!:ext   vhd
+# Features is a bit field used to indicate specific feature support
+#>8	ubelong		!0x00000002	\b, Features 0x%x
+# Reserved. This bit must always be set to 1.
+#>8	ubelong		&0x00000002	\b, Reserved 0x%x
+# File Format Version for the current specification 0x00010000
+#>12	ubelong		!0x00010000	\b, Version 0x%8.8x
+# Data Offset only found 0x200
+#>16	ubequad		!0x200		\b, Data Offset 0x%llx
+#>16	ubequad		x		\b, at 0x%llx
+# Dynamic Disk Header cookie like cxsparse
+#>(16.Q)	string		x		"%-.8s"
+# This field contains a Unicode string (UTF-16) of the parent hard disk filename
+#>(16.Q+64)	ubequad	x		\b, parent name 0x%llx
+# Creator Application
+# vpc~Microsoft Virtual PC, vs~Microsoft Virtual Server, vbox~VirtualBox, d2v~disk2vhd
+>28	string		x		\b, Creator %-4.4s
+# Creator Version: 0x00010000~Virtual Server 2004, 0x00050000~Virtual PC 2004
+# holds the major/minor version of the application that created the image
+>32	ubeshort	x		%x
+>34	ubeshort	x		\b.%x
+#>32	ubelong		x		\b, Version 0x%8.8x
+# Creator Host OS: 0x5769326B~Windows (Wi2k), 0x4D616320~Macintosh (Mac)
+>36	ubelong		x		(
+>>36	ubelong		0x5769326B	\bW2k
+>>36	ubelong		0x4D616320	\bMac
+>>36	default		x		\b0x
+>>>36	ubelong		x		\b%8.8x
+# creation Time in seconds since 1 Jan 2000 UTC~946684800 sec. since Unix Epoch
+>24	bedate+946684800	x	\b) %s
+# Original Size
+#>40	ubequad		x		\b, o.-Size 0x%llx
+# Current Size is same as original size, but change when disk is expanded
+#>48	ubequad		x		\b, Size 0x%llx
+>48	ubequad		x		\b, %llu bytes
+# Disk Geometry: cylinder, heads, and sectors/track for hard disk
+#>56	ubeshort	x		\b, Cylinder 0x%x
+>56	ubeshort	x		\b, CHS %u
+# Heads
+#>58	ubyte		x		\b, Heads 0x%x
+>58	ubyte		x		\b/%u
+# Sectors per track
+#>59	ubyte		x		\b, Sectors 0x%x
+>59	ubyte		x		\b/%u
+# Disk Type: 3~Dynamic hard disk
+>60	ubelong		!0x3		\b, type 0x%x
+# Checksum
+#>64	ubelong		x		\b, cksum 0x%x
+# universally unique identifier (UUID) to associate a parent with its differencing image
+#>68	ubequad		x		\b, id 0x%16.16llx
+#>76	ubequad		x		\b-%16.16llx
+# Saved State: 1~Saved State
+>84	ubyte		!0		\b, State 0x%x
+# Reserved 427 bytes with nils
+#>85	ubequad	!0			\b, Reserved 0x%16.16llx
 
+# From: Joerg Jenderek
+# URL: https://msdn.microsoft.com/en-us/library/mt740058.aspx
+# Reference: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/
+# MS-VHDX/[MS-VHDX].pdf
+# Note: extends the VHD format with new capabilities, such as a 16TB maximum size
+# TODO:	find and display values like virtual size, disk size, cluster_size, etc
+#	display id in GUID format
+#
+# VHDX_FILE_IDENTIFIER signature 0x656C696678646876
+0	string			vhdxfile
+# VHDX_HEADER signature. 1 header is stored at offset 64KB and the other at 128KB
+>0x10000	string		head		Microsoft Disk Image eXtended
+#>0x20000	string			head	\b, 2nd header
+#!:mime	application/x-virtualbox-vhdx
+!:ext	vhdx
+# Creator[256] like "QEMU v3.0.0", "Microsoft Windows 6.3.9600.18512"
+>>8		lestring16		x	\b, by %.256s
+# The Checksum field is a CRC-32C hash over the entire 4 KB structure
+#>>0x10004	ulelong			x	\b, CRC 0x%x
+# SequenceNumber
+>>0x10008	ulequad			x	\b, sequence 0x%llx
+# FileWriteGuid
+#>>0x10010	ubequad			x	\b, file id 0x%llx
+#>>>0x10018	ubequad			x	\b-%llx
+# DataWriteGuid
+#>>0x10020	ubequad			x	\b, data id 0x%llx
+#>>>0x10028	ubequad			x	\b-%llx
+# LogGuid. If this field is zero, then the log is empty or has no valid entries 
+>>0x10030	ubequad			>0	\b, log id 0x%llx
+>>>0x10038	ubequad			x	\b-%llx
+# LogVersion. If not 0 there is a log to replay
+>>0x10040	uleshort		>0	\b, LogVersion 0x%x
+# Version. This field must be set to 1
+>>0x10042	uleshort		!1	\b, Version 0x%x
+# LogLength must be multiples of 1 MB
+>>0x10044	ulelong/1048576		>1	\b, LogLength %u MB
+# LogOffset (normally 0x100000 when log direct after header); multiples of 1 MB
+>>0x10048	ulequad			!0x100000 \b, LogOffset 0x%llx
+# Log Entry Signature must be 0x65676F6C~loge
+>>(0x10048.q)	ulelong			!0x65676F6C \b, NO Log Signature
+>>(0x10048.q)	ulelong			=0x65676F6C	\b; LOG
+# Log Entry Checksum
+#>>>(0x10048.q+4)	ulelong		x	\b, Log CRC 0x%x
+# Log Entry Length must be a multiple of 4 KB
+>>>(0x10048.q+8)	ulelong/1024	>4	\b, EntryLength %u KB
+# Log Entry Tail must be a multiple of 4 KB
+#>>>(0x10048.q+12)	ulelong		x	\b, Tail 0x%x
+# Log Entry SequenceNumber
+#>>>(0x10048.q+16)	ulequad		x	\b, # 0x%llx
+# Log Entry DescriptorCount may be zero. only 4 bytes in other docs instead 8
+#>>>(0x10048.q+24)	ulelong		x	\b, DescriptorCount 0x%llx
+# Log Entry Reserved must be set to 0
+>>>(0x10048.q+28)	ulelong		!0	\b, Reserved 0x%x
+# Log Entry LogGuid
+#>>>(0x10048.q+32)	ubequad		x	\b, Log id 0x%llx
+#>>>(0x10048.q+40)	ubequad		x	\b-%llx
+# Log Entry FlushedFileOffset should VHDX size when entry is written.
+#>>>(0x10048.q+48)	ulequad		x	\b, FlushedFileOffset %llu
+# Log Entry LastFileOffset
+#>>>(0x10048.q+56)	ulequad		x	\b, LastFileOffset %llu
+# filling
+#>>>(0x10048.q+64)	ulequad		>0	\b, filling %llx
+# Reserved[4016]
+#>>0x10050	ulequad			>0	\b, Reserved 0x%llx
+# VHDX_REGION_TABLE_HEADER Signature 0x69676572~regi at offset 192 KB and 256 KB
+>0x30000	ulelong			!0x69676572 \b, 1st region INVALID
+>0x30000	ulelong			=0x69676572 \b; region
+# region Checksum. CRC-32C hash over the entire 64-KB table
+#>>0x30004	ulelong			x	\b, CRC 0x%x
+# The EntryCount specifies number of valid entries; Found 2; This must be =< 2047. 
+>>0x30008	ulelong			x	\b, %u entries
+# reserved must be zero
+#>>0x3000C	ulelong			!0	\b, RESERVED 0x%x
+# Region Table Entry starts with identifier for the object. often BAT id
+>>0x30010	use			vhdx-id
+# FileOffset
+>>0x30020	ulequad		x		\b, at 0x%llx
+# Length. Specifies the length of the object within the file
+#>>0x30028	ulelong		x		\b, Length 0x%x
+# 1 means region entry is required. if region not recognized, then REFUSE to load VHDX
+>>0x3002C	ulelong		x		\b, Required %u
+# 2nd region entry often metadata id
+>>0x30030	use			vhdx-id
+# 2nd entry FileOffset
+>>0x30040	ulequad		x		\b, at 0x%llx
+# 1 means region entry is required. if region not recognized, then REFUSE to load VHDX
+>>0x3004C	ulelong		x		\b, Required %u
+# 2nd region
+>>0x40000	ulelong		!0x69676572	\b, 2nd region INVALID
+# check in vhdx images for known id and show names instead hexadecimal
+0	name		vhdx-id
+# https://www.windowstricks.in/online-windows-guid-converter
+# 2DC27766-F623-4200-9D64-115E9BFD4A08		BAT GUID
+# 6677C22D23F600429D64115E9BFD4A08		BAT ID
+>0	ubequad		=0x6677C22D23F60042
+>>8	ubequad		=0x9D64115E9BFD4A08	\b, id BAT
+# no BAT id
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# 8B7CA206-4790-4B9A-B8FE-575F050F886E		Metadata region GUID
+# 06A27C8B90479A4BB8FE575F050F886E		Metadata region ID
+>0	ubequad		=0x06A27C8B90479A4B
+>>8	ubequad		=0xB8FE575F050F886E	\b, id Metadata
+# no Metadata id
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# 2FA54224-CD1B-4876-B211-5DBED83BF4B8		Virtual Disk Size GUID
+# 2442A52F1BCD7648B2115DBED83BF4B8		Virtual Disk Size ID
+# value "virtual size" can be verified by command `qemu-img info `
+>0	ubequad		=0x2442A52F1BCD7648
+>>8	ubequad		=0xB2115DBED83BF4B8	\b, id vsize
+# no Virtual Disk Size ID
+>>8	default		x
+>>>0	use		vhdx-id-hex
+# other ids
+>0	default		x
+>>0	use		vhdx-id-hex
+# in vhdx images show id as hexadecimal
+0	name		vhdx-id-hex
+>0	ubequad		x			\b, ID 0x%16.16llx
+>8	ubequad		x			\b-%16.16llx
+#
 # libvirt
 # From: Philipp Hahn <hahn@univention.de>
 0	string	LibvirtQemudSave	Libvirt QEMU Suspend Image
@@ -25534,15 +28231,16 @@
 # Updated by Adam Buchbinder (adam.buchbinder@gmail.com)
 # Made by reading sources, reading documentation, and doing trial and error
 # on existing QCOW files
-0	string/b	QFI\xFB	QEMU QCOW Image
+0	string/b	QFI\xFB
 
 # Uncomment the following line to display Magic (only used for debugging
 # this magic number)
 #>0	string/b	x	, Magic: %s
 
 # There are currently 2 Versions: "1" and "2".
-# http://www.gnome.org/~markmc/qcow-image-format-version-1.html
->4	belong	1	(v1)
+# https://www.gnome.org/~markmc/qcow-image-format-version-1.html
+>4	belong		!1	QEMU QCOW2 Image
+>4	belong		1	QEMU QCOW Image (v1)
 
 # Using the existence of the Backing File Offset to determine whether
 # to read Backing File Information
@@ -25564,7 +28262,7 @@
 # 1 for AES encryption, 0 for none.
 >>36	belong	1	\b, AES-encrypted
 
-# http://www.gnome.org/~markmc/qcow-image-format.html
+# https://www.gnome.org/~markmc/qcow-image-format.html
 >4	belong	2	(v2)
 # Using the existence of the Backing File Offset to determine whether
 # to read Backing File Information
@@ -25600,7 +28298,7 @@
 0	string/b	QEVM		QEMU suspend to disk image
 
 # QEMU QED Image
-# http://wiki.qemu.org/Features/QED/Specification
+# https://wiki.qemu.org/Features/QED/Specification
 0	string/b	QED\0		QEMU QED Image
 
 # VDI Image
@@ -25870,7 +28568,7 @@
 >0	leshort	>0		schema version no %d
 
 #------------------------------------------------------------------------------
-# $File: warc,v 1.3 2010/11/25 15:05:43 christos Exp $
+# $File: warc,v 1.4 2019/04/19 00:42:27 christos Exp $
 # warc:  file(1) magic for WARC files
 
 0	string	WARC/	WARC Archive
@@ -25879,7 +28577,7 @@
 
 #------------------------------------------------------------------------------
 # Arc File Format from Internet Archive
-# see http://www.archive.org/web/researcher/ArcFileFormat.php
+# see https://www.archive.org/web/researcher/ArcFileFormat.php
 0      string          filedesc://     Internet Archive File
 !:mime application/x-ia-arc
 >11    search/256      \x0A    \b
@@ -25901,14 +28599,14 @@
 
 #0	string		=!!		Bennet Yee's "face" format
 #------------------------------------------------------------------------------
-# $File: webassembly,v 1.2 2017/05/02 14:05:29 christos Exp $
+# $File: webassembly,v 1.3 2019/04/19 00:42:27 christos Exp $
 # webassembly:  file(1) magic for WebAssembly modules
 #
 # WebAssembly is a virtual architecture developed by a W3C Community
-# Group at http://webassembly.org/. The file extension is .wasm, and
+# Group at https://webassembly.org/. The file extension is .wasm, and
 # the MIME type is application/wasm.
 #
-# http://webassembly.org/docs/binary-encoding/ is the main
+# https://webassembly.org/docs/binary-encoding/ is the main
 # document describing the binary format.
 # From: Pip Cet <pipcet@gmail.com> and Joel Martin
 
@@ -25917,7 +28615,7 @@
 >4	lelong	>1	version %#x
 
 #------------------------------------------------------------------------------
-# $File: windows,v 1.22 2018/02/16 15:44:00 christos Exp $
+# $File: windows,v 1.26 2019/05/01 17:55:25 christos Exp $
 # windows:  file(1) magic for Microsoft Windows
 #
 # This file is mainly reserved for files where programs
@@ -25943,8 +28641,8 @@
 
 # Summary: Windows crash dump
 # Extension: .dmp
-# Created by: Andreas Schuster (http://computer.forensikblog.de/)
-# Reference (1): http://computer.forensikblog.de/en/2008/02/64bit_magic.html
+# Created by: Andreas Schuster (https://computer.forensikblog.de/)
+# Reference (1): https://computer.forensikblog.de/en/2008/02/64bit_magic.html
 # Modified by (1): Abel Cheung (Avoid match with first 4 bytes only)
 0	string		PAGE
 >4	string		DUMP		MS Windows 32bit crash dump
@@ -25963,8 +28661,8 @@
 
 # Summary: Vista Event Log
 # Extension: .evtx
-# Created by: Andreas Schuster (http://computer.forensikblog.de/)
-# Reference (1): http://computer.forensikblog.de/en/2007/05/some_magic.html
+# Created by: Andreas Schuster (https://computer.forensikblog.de/)
+# Reference (1): https://computer.forensikblog.de/en/2007/05/some_magic.html
 0	string		ElfFile\0	MS Windows Vista Event Log
 >0x2a	leshort		x		\b, %d chunks
 >>0x10	lelong		x		\b (no. %d in use)
@@ -25973,6 +28671,80 @@
 >0x78	lelong		&1		\b, DIRTY
 >0x78	lelong		&2		\b, FULL
 
+# Summary: Windows System Deployment Image
+# Created by: Joerg Jenderek
+# URL: http://en.wikipedia.org/wiki/System_Deployment_Image
+# Reference: http://skolk.livejournal.com/1320.html
+0	string			$SDI
+>4	string			0001		System Deployment Image
+!:mime	application/x-ms-sdi
+#!:mime	application/octet-stream
+# \Boot\boot.sdi
+!:ext	sdi
+# MDBtype: 0~Unspecified 1~RAM 2~ROM
+>>8	ulequad			!0		\b, MDBtype 0x%llx
+# BootCodeOffset
+>>16	ulequad			!0		\b, BootCodeOffset 0x%llx
+# BootCodeSize
+>>24	ulequad			!0		\b, BootCodeSize 0x%llx
+# VendorID
+>>32	ulequad			!0		\b, VendorID 0x%llx
+# DeviceID
+>>40	ulequad			!0		\b, DeviceID 0x%llx
+# DeviceModel
+>>48	ulequad			!0		\b, DeviceModel 0x%llx
+>>>56	ulequad			!0		\b%llx
+# DeviceRole
+>>64	ulequad			!0		\b, DeviceRole 0x%llx
+# Reserved1; reserved fields and gaps between BLOBs are padded with \0
+#>>72	ulequad			!0		\b, Reserved1 0x%llx
+# RuntimeGUID
+>>80	ulequad			!0		\b, RuntimeGUID 0x%llx
+>>>88	ulequad			!0		\b%llx
+# RuntimeOEMrev
+>>96	ulequad			!0		\b, RuntimeOEMrev 0x%llx
+# Reserved2
+#>>104	ulequad			!0		\b, Reserved2 0x%llx
+# BLOB alignment value in pages, as specified in sdimgr /pack: 1~4K 2~8k
+>>112	ulequad			!0		\b, PageAlignment %llu
+# Reserved3[48]
+#>>120	ulequad			!0		\b, Reserved3 0x%llx
+# SDI checksum 39h
+>>0x1f8	ulequad			x		\b, checksum 0x%llx
+# BLOBtype[8] \0-padded: PART, WIM , BOOT, LOAD, DISK
+>>0x400	string			>\0		\b, type %-3.8s
+# 0~non-filesystem 7~NTFS 6~BIGFAT
+>>>0x420	ulequad		!0		(0x%llx)
+# ATTRibutes
+>>>0x408	ulequad		!0		0x%llx attributes
+# Offset
+>>>0x410	ulequad		x		at 0x%llx
+# print 1 space after size and then handles NTFS boot sector by ./filesystems
+>>>0x418	ulequad		>0		%llu bytes 
+>>>>(0x410.l)	indirect	x
+# 2nd BLOB: WIM
+>>0x440		string		>\0		\b, type %-3.8s
+>>>0x428	ulequad		!0		(0x%llx)
+# ATTRibutes
+>>>0x448	ulequad		!0		0x%llx attributes
+# Offset
+>>>0x450	ulequad		x		at 0x%llx
+>>>0x458	ulequad		>0		%llu bytes 
+>>>>(0x450.l)	indirect	x
+# 3rd BLOB
+>>0x480		string		>\0		\b, type %-3.8s
+
+# Summary:	Windows Error Report text files
+# URL:		https://en.wikipedia.org/wiki/Windows_Error_Reporting
+# Reference:	https://www.nirsoft.net/utils/app_crash_view.html
+# Created by:	Joerg Jenderek
+# Note:		in directories	%ProgramData%\Microsoft\Windows\WER\{ReportArchive,ReportQueue}
+#				%LOCALAPPDATA%\Microsoft\Windows\WER\{ReportArchive,ReportQueue}
+0	lestring16	Version=	
+>22	lestring16	EventType	Windows Error Report
+!:mime	text/plain
+# Report.wer
+!:ext	wer
 
 # Summary: Windows 3.1 group files
 # Extension: .grp
@@ -25982,7 +28754,7 @@
 
 # Summary: Old format help files
 # URL: https://en.wikipedia.org/wiki/WinHelp
-# Reference: http://www.oocities.org/mwinterhoff/helpfile.htm
+# Reference: https://www.oocities.org/mwinterhoff/helpfile.htm
 # Update: Joerg Jenderek
 # Created by: Dirk Jagdmann <doj@cubic.org>
 #
@@ -26130,7 +28902,7 @@
 0	string		HyperTerminal\040
 >15	string		1.0\ --\ HyperTerminal\ data\ file	MS Windows HyperTerminal profile
 
-# http://ithreats.files.wordpress.com/2009/05/\040
+# https://ithreats.files.wordpress.com/2009/05/\040
 # lnk_the_windows_shortcut_file_format.pdf
 # Summary: Windows shortcut
 # Extension: .lnk
@@ -26260,8 +29032,8 @@
 0	name		ini-file
 # look for left bracket in section line
 >0	search/8192	[
-# http://en.wikipedia.org/wiki/Autorun.inf
-# http://msdn.microsoft.com/en-us/library/windows/desktop/cc144200.aspx
+# https://en.wikipedia.org/wiki/Autorun.inf
+# https://msdn.microsoft.com/en-us/library/windows/desktop/cc144200.aspx
 # space after right bracket
 # or AutoRun.Amd64 for 64 bit systems
 # or only NL separator
@@ -26277,7 +29049,7 @@
 >>>&0	string		!]\r\n[					Microsoft Windows Autorun file
 !:mime application/x-setupscript
 !:ext	inf
-# http://msdn.microsoft.com/en-us/library/windows/hardware/ff549520(v=vs.85).aspx
+# https://msdn.microsoft.com/en-us/library/windows/hardware/ff549520(v=vs.85).aspx
 # version strings ASCII coded case-independent for Windows setup information script file
 >>&0	regex/c		\^(version|strings)]				Windows setup INFormation
 !:mime	application/x-setupscript
@@ -26288,24 +29060,24 @@
 !:mime	application/x-setupscript
 !:ext	inf
 # http://www.winfaq.de/faq_html/Content/tip2500/onlinefaq.php?h=tip2653.htm
-# http://msdn.microsoft.com/en-us/library/windows/desktop/cc144102.aspx
+# https://msdn.microsoft.com/en-us/library/windows/desktop/cc144102.aspx
 # .ShellClassInfo DeleteOnCopy LocalizedFileNames ASCII coded case-independent
 >>&0	regex/c	\^(\.ShellClassInfo|DeleteOnCopy|LocalizedFileNames)]	Windows desktop.ini
 !:mime application/x-wine-extension-ini
 #!:mime text/plain
-# http://support.microsoft.com/kb/84709/
+# https://support.microsoft.com/kb/84709/
 >>&0	regex/c		\^(don't\ load)]				Windows CONTROL.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
 >>&0	regex/c		\^(ndishlp\\$|protman\\$|NETBEUI\\$)]		Windows PROTOCOL.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://technet.microsoft.com/en-us/library/cc722567.aspx
+# https://technet.microsoft.com/en-us/library/cc722567.aspx
 # http://www.winfaq.de/faq_html/Content/tip0000/onlinefaq.php?h=tip0137.htm
 >>&0	regex/c		\^(windows|Compatibility|embedding)]		Windows WIN.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/SYSTEM.INI
+# https://en.wikipedia.org/wiki/SYSTEM.INI
 >>&0	regex/c		\^(boot|386enh|drivers)]			Windows SYSTEM.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
@@ -26313,18 +29085,18 @@
 >>&0	regex/c		\^(SafeList)]					Windows IOS.INI
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/NTLDR	Windows Boot Loader information
+# https://en.wikipedia.org/wiki/NTLDR	Windows Boot Loader information
 >>&0	regex/c		\^(boot\x20loader)]				Windows boot.ini
 !:mime application/x-wine-extension-ini
 !:ext	ini
-# http://en.wikipedia.org/wiki/CONFIG.SYS
+# https://en.wikipedia.org/wiki/CONFIG.SYS
 >>&0	regex/c		\^(menu)]					MS-DOS CONFIG.SYS
 # @CONFIG.UI configuration file of previous DOS version saved by Caldera OPENDOS INSTALL.EXE
 # CONFIG.PSS saved version of file CONFIG.SYS created by %WINDIR%\SYTEM\MSCONFIG.EXE
 # CONFIG.TSH renamed file CONFIG.SYS.BAT by %WINDIR%\SYTEM\MSCONFIG.EXE
 # dos and w40 used in dual booting scene
 !:ext	sys/dos/w40
-# http://support.microsoft.com/kb/118579/
+# https://support.microsoft.com/kb/118579/
 >>&0	regex/c		\^(Paths)]\r\n					MS-DOS MSDOS.SYS
 !:ext	sys/dos
 # http://chmspec.nongnu.org/latest/INI.html#HHP
@@ -26340,7 +29112,7 @@
 >>>>&0	string/c			version				Windows setup INFormation
 !:mime application/x-setupscript
 !:ext	inf
-# http://en.wikipedia.org/wiki/Initialization_file	Windows Initialization File or other
+# https://en.wikipedia.org/wiki/Initialization_file	Windows Initialization File or other
 >>>>&0	default				x
 >>>>>&0	ubyte				x
 # characters, digits, underscore and white space followed by right bracket
@@ -26477,7 +29249,7 @@
 # Summary: backup file created with utility like NTBACKUP.EXE shipped with Windows NT/2K/XP/2003
 # Extension: .bkf
 # Created by: Joerg Jenderek
-# URL: http://en.wikipedia.org/wiki/NTBackup
+# URL: https://en.wikipedia.org/wiki/NTBackup
 # Reference: http://laytongraphics.com/mtf/MTF_100a.PDF
 # Descriptor BloCK name of Microsoft Tape Format
 0	string			TAPE
@@ -26574,7 +29346,7 @@
 #
 
 # URL: https://en.wikipedia.org/wiki/PaintShop_Pro
-# Reference: http://www.cryer.co.uk/file-types/p/pal.htm
+# Reference: https://www.cryer.co.uk/file-types/p/pal.htm
 # Created by: Joerg Jenderek
 # Note: there exist other color palette formats also with .pal extension
 0	string	JASC-PAL\r\n	PaintShop Pro color palette
@@ -26586,7 +29358,7 @@
 # third line contains the number of colours: 16 256 ...
 >16	string	x		\b, %.3s colors
 
-# URL: http://en.wikipedia.org/wiki/Innosetup
+# URL: https://en.wikipedia.org/wiki/Innosetup
 # Reference: https://github.com/jrsoftware/issrc/blob/master/Projects/Undo.pas
 # Created by: Joerg Jenderek
 # Note:	created by like "InnoSetup self-extracting archive" inside ./msdos
@@ -26633,6 +29405,95 @@
 # directory like C:\Program Files\GIMP 2
 >>>>&0	lestring16	x				\b, %-.42s
 
+# Windows Imaging (WIM) Image
+# Update: Joerg Jenderek at Mar 2019
+# URL: https://en.wikipedia.org/wiki/Windows_Imaging_Format
+# Reference: https://download.microsoft.com/download/f/e/f/
+# fefdc36e-392d-4678-9e4e-771ffa2692ab/Windows%20Imaging%20File%20Format.rtf
+# Note: verified by like `7z t boot.wim` `wiminfo install.esd --header`
+0	string		MSWIM\000\000\000
+>0	use		wim-archive
+# https://wimlib.net/man1/wimoptimize.html
+0	string		WLPWM\000\000\000
+>0	use		wim-archive
+0	name		wim-archive
+# _WIMHEADER_V1_PACKED ImageTag[8]
+>0	string		x			Windows imaging
+!:mime	application/x-ms-wim
+# TO avoid in file version 5.36 error like
+# Magdir/windows, 760: Warning: Current entry does not yet have a description
+# file: could not find any valid magic files! (No error)
+# splitted WIM
+>16	ulelong		&0x00000008		(SWM
+!:ext	swm
+# usPartNumber; 1, unless the file was split into multiple parts
+>>40	uleshort	x			\b %u
+# usTotalParts; The total number of WIM file parts in a spanned set
+>>42	uleshort	x			\b of %u) image
+# non splitted WIM
+>16	ulelong		^0x00000008
+# https://wimlib.net/man1/wimmount.html
+# solid WIMs; version 3584; usually contain LZMS-compressed and the .esd extension
+>>12	ulelong		3584			(ESD) image
+!:ext	esd
+>>12	ulelong		!3584			(WIM) image
+!:ext	wim
+>0	string/b	WLPWM\000\000\000	\b, wimlib pipable format
+# cbSize size of the WIM header in bytes like 208
+#>8	ulelong		x			\b, headersize %u
+# dwVersion version of the WIM file 00010d00h~1.13 00000e00h~0.14
+>14	uleshort	x			v%u
+>13	ubyte		x			\b.%u
+# dwImageCount; The number of images contained in the WIM file
+>44	ulelong		>1			\b, %u images
+# dwBootIndex
+# 1-based index of the bootable image of the WIM, or 0 if no image is bootable
+>0x78	ulelong		>0			\b, bootable no. %u
+# dwFlags
+#>16	ulelong		x			\b, flags 0x%8.8x
+#define FLAG_HEADER_COMPRESSION		0x00000002
+#define FLAG_HEADER_READONLY            0x00000004
+#define FLAG_HEADER_SPANNED		0x00000008
+#define FLAG_HEADER_RESOURCE_ONLY       0x00000010
+#define FLAG_HEADER_METADATA_ONLY       0x00000020
+#define FLAG_HEADER_WRITE_IN_PROGRESS   0x00000040
+#define FLAG_HEADER_RP_FIX		0x00000080 reparse point fixup
+#define FLAG_HEADER_COMPRESS_RESERVED   0x00010000
+#define FLAG_HEADER_COMPRESS_XPRESS     0x00020000
+#define FLAG_HEADER_COMPRESS_LZX	0x00040000
+#define FLAG_HEADER_COMPRESS_LZMS	0x00080000
+#define FLAG_HEADER_COMPRESS_XPRESS2    0x00100000 wimlib-1.13.0\include\wimlib\header.h 
+# XPRESS, with small chunk size
+>16	ulelong		&0x00100000		\b, XPRESS2
+>16	ulelong		&0x00080000		\b, LZMS
+>16	ulelong		&0x00040000		\b, LZX
+>16	ulelong		&0x00020000		\b, XPRESS
+>16	ulelong		&0x00000002		compressed
+>16	ulelong		&0x00000004		\b, read only
+>16	ulelong		&0x00000010		\b, resource only
+>16	ulelong		&0x00000020		\b, metadata only
+>16	ulelong		&0x00000080		\b, reparse point fixup
+#>16	ulelong		&0x00010000		\b, RESERVED
+# dwCompressionSize; Uncompressed chunk size for resources or 0 if uncompressed
+#>20	ulelong		>0			\b, chunk size %u bytes
+# gWIMGuid
+#>24	ubequad		x			\b, GUID 0x%16.16llx
+#>>32	ubequad		x			\b%16.16llx
+# rhOffsetTable; the location of the resource lookup table
+# wim_reshdr_disk[24]= u8 size_in_wim[7] + u8 flags + le64 offset_in_wim + le64 uncompressed_size
+#>48	ubequad		x			\b, rhOffsetTable 0x%16.16llx
+# rhXmlData; the location of the XML data
+#>0x50	ulelong		x			\b, at 0x%8.8x
+# NOT WORKING \xff\xfe<\0W\0I\0M\0
+#>(0x50.l)	ubequad	x			\b, xml=%16.16llx
+# rhBootMetadata; the location of the metadata resource
+#>0x60	ubequad		x			\b, rhBootMetadata 0x%16.16llx
+# rhIntegrity; the location of integrity table used to verify files
+#>0x7c	ubequad		x			\b, rhIntegrity 0x%16.16llx
+# Unused[60]
+#>148	ubequad		!0			\b,unused 0x%16.16llx
+#
+
 
 #------------------------------------------------------------------------------
 # $File: wireless,v 1.2 2009/09/19 16:28:13 christos Exp $
@@ -26642,7 +29503,7 @@
 >4	belong	19	(Version 1)
 
 #------------------------------------------------------------------------------
-# $File: wordprocessors,v 1.19 2015/10/16 15:11:07 christos Exp $
+# $File: wordprocessors,v 1.20 2019/04/19 00:42:27 christos Exp $
 # wordprocessors:  file(1) magic fo word processors.
 #
 ####### PWP file format used on Smith Corona Personal Word Processors:
@@ -26852,7 +29713,7 @@
 >5      string          >\0             version %s
 0       string          \\1cw           ChiWriter file
 
-# Quark Express from http://www.garykessler.net/library/file_sigs.html
+# Quark Express from https://www.garykessler.net/library/file_sigs.html
 2	string	IIXPR3			Intel Quark Express Document (English)
 2	string	IIXPRa			Intel Quark Express Document (Korean)
 2	string	MMXPR3			Motorola Quark Express Document (English)
@@ -26904,11 +29765,11 @@
 0	ulelong&0x8080FFFF	0x00001204	gfxboot compiled html help file
 
 #------------------------------------------------------------------------------
-# $File: wsdl,v 1.3 2013/02/06 14:18:52 christos Exp $
-# wsdl: PHP WSDL Cache, http://www.php.net/manual/en/book.soap.php
+# $File: wsdl,v 1.5 2019/04/19 00:42:27 christos Exp $
+# wsdl: PHP WSDL Cache, https://www.php.net/manual/en/book.soap.php
 # Cache format extracted from source:
-# http://svn.php.net/viewvc/php/php-src/trunk/ext/soap/php_sdl.c?revision=HEAD&view=markup
-# Requires file >= 5.05, see http://mx.gw.com/pipermail/file/2010/000683.html
+# https://svn.php.net/viewvc/php/php-src/trunk/ext/soap/php_sdl.c?revision=HEAD&view=markup
+# Requires file >= 5.05
 # By Elan Ruusamae <glen@delfi.ee>, Patryk Zawadzki <patrys@pld-linux.org>, 2010-2011
 0		string		wsdl		PHP WSDL cache,
 >4		byte		x		version 0x%02x
@@ -27127,7 +29988,7 @@
 >6	leshort&0x0003	=0x0003			alignment 256
 
 #------------------------------------------------------------------------------
-# $File: xwindows,v 1.10 2017/03/17 21:35:28 christos Exp $
+# $File: xwindows,v 1.11 2019/04/19 00:42:27 christos Exp $
 # xwindows:  file(1) magic for various X/Window system file formats.
 
 # Compiled X Keymap
@@ -27154,8 +30015,8 @@
 
 # Xcursor data
 # X11 mouse cursor format defined in libXcursor, see
-# http://www.x.org/archive/X11R6.8.1/doc/Xcursor.3.html
-# http://cgit.freedesktop.org/xorg/lib/libXcursor/tree/include/X11/Xcursor/Xcursor.h
+# https://www.x.org/archive/X11R6.8.1/doc/Xcursor.3.html
+# https://cgit.freedesktop.org/xorg/lib/libXcursor/tree/include/X11/Xcursor/Xcursor.h
 0	string		Xcur		Xcursor data
 !:mime	image/x-xcursor
 >10	leshort		x		version %d
@@ -27163,8 +30024,8 @@
 
 
 #------------------------------------------------------------------------------
-# $File: yara,v 1.2 2017/05/25 20:07:23 christos Exp $
-# yara:  file(1) magic for http://virustotal.github.io/yara/
+# $File: yara,v 1.3 2019/04/19 00:42:27 christos Exp $
+# yara:  file(1) magic for https://virustotal.github.io/yara/
 #
 
 0	string	YARA
@@ -27286,14 +30147,14 @@
 0	long		0xe809		separate object file (z8000 a.out)
 0	long		0xe805		overlay object file (z8000 a.out)
 #------------------------------------------------------------------------------
-# $File: zip,v 1.1 2017/11/03 23:36:17 christos Exp $
+# $File: zip,v 1.2 2019/04/09 18:34:15 christos Exp $
 # zip:  file(1) magic for zip files; this is not use
 # Note the version of magic in archive is currently stronger, this is
 # just an example until negative offsets are supported better
 
 # Zip Central Cirectory record
 0	name		zipcd
->0	string		PK\001\002
+>0	string		PK\001\002	Zip archive data
 >>4	leshort		x		\b, made by
 >>4	use		zipversion
 >>6	leshort		x		\b, extract using at least
@@ -27340,7 +30201,7 @@
 >>0	leshort		x		v?[%#x]
 
 # Zip End Of Central Directory record
--22	string		PK\005\006	Zip archive data
+-22	string		PK\005\006
 #>4	leshort		>1		\b, %d disks
 #>6	leshort		>1		\b, central directory disk %d
 #>8	leshort		>1		\b, %d central directories on this disk
diff --git a/msys2/usr/share/misc/magic.mgc b/msys2/usr/share/misc/magic.mgc
index f3b3c3fc8..4a935e7ea 100644
Binary files a/msys2/usr/share/misc/magic.mgc and b/msys2/usr/share/misc/magic.mgc differ
diff --git a/msys2/usr/share/p11-kit/modules/p11-kit-trust.module b/msys2/usr/share/p11-kit/modules/p11-kit-trust.module
index 2f53ef6e0..a2a33066c 100644
--- a/msys2/usr/share/p11-kit/modules/p11-kit-trust.module
+++ b/msys2/usr/share/p11-kit/modules/p11-kit-trust.module
@@ -15,3 +15,10 @@ trust-policy: yes
 # projects used this non-standard attribute to denote slots to use to
 # retrieve trust information.
 x-trust-lookup: pkcs11:library-description=PKCS%2311%20Kit%20Trust%20Module
+
+# Prevent this module being loaded by the proxy module
+disable-in: p11-kit-proxy
+
+# This will be overwritten by appending "verbose=yes", if the trust
+# command is called with the -v option.
+x-init-reserved:
diff --git a/msys2/usr/share/pki/ca-trust-source/ca-bundle.trust.crt b/msys2/usr/share/pki/ca-trust-source/ca-bundle.trust.crt
index 1ebcc16a7..4cba84ff0 100644
--- a/msys2/usr/share/pki/ca-trust-source/ca-bundle.trust.crt
+++ b/msys2/usr/share/pki/ca-trust-source/ca-bundle.trust.crt
@@ -7,13 +7,13 @@
 # Source: nss/lib/ckfw/builtins/nssckbi.h
 #
 # Generated from:
-# NSS_BUILTINS_LIBRARY_VERSION "2.14"
+# NSS_BUILTINS_LIBRARY_VERSION "2.22"
 #
 [p11-kit-object-v1]
 label: "ACCVRAIZ1"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAm6mrv2FKl68vl2aadF/Q
@@ -188,161 +188,6 @@ pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7
 #         61:37:c9:c2:58:80:1b:a0:97:a1:fc:59:8d:e9:11:f6:d1:0f:
 #         4b:55:34:46:2a:8b:86:3b
 
-[p11-kit-object-v1]
-label: "ACEDICOM Root"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA/5KV4WgGdrQsyFhIyv2A
-VClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn709gtn70yN78sFW2+tfQh0hOR
-2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7XBZXehuDYAQ6PmXDzQHe3qTW
-DLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5PGrjm6gSSrj0RuVFCPYewMYWv
-eVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAKt0SdE3QrwqXrIhWYENiLxQSf
-HY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+YbX79nuIQZ1RXve8uQNjFiybwC
-q0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28MHTLOO7VbKvU/PQAtwBbhTIW
-djPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQUfecyuB+81fFOvW8XAjnXDpVC
-OscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI2Sf23EgbsCTBheN3nZqk8wwR
-HQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyHK9caUPgn6C9D4zq92Fdx/c6m
-Ulv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEaeZAwUswdbxcJzbPEHXEUkFDWu
-g/FqTYl6+rPYLWbwNof1K1MCAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "ACEDICOM Root"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
-AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
-CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
-MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
-RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
-AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
-09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
-XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
-Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
-t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
-X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
-MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
-fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
-2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
-K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
-ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
-BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
-MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
-RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
-fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
-gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
-I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
-5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
-ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
-MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
-o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
-zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
-GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
-r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
-Z05phkOTOPu220+DkdRgfks+KzgHVZhepA==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            61:8d:c7:86:3b:01:82:05
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: CN=ACEDICOM Root, OU=PKI, O=EDICOM, C=ES
-#        Validity
-#            Not Before: Apr 18 16:24:22 2008 GMT
-#            Not After : Apr 13 16:24:22 2028 GMT
-#        Subject: CN=ACEDICOM Root, OU=PKI, O=EDICOM, C=ES
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:ff:92:95:e1:68:06:76:b4:2c:c8:58:48:ca:fd:
-#                    80:54:29:55:63:24:ff:90:65:9b:10:75:7b:c3:6a:
-#                    db:62:02:01:f2:18:86:b5:7c:5a:38:b1:e4:58:b9:
-#                    fb:d3:d8:2d:9f:bd:32:37:bf:2c:15:6d:be:b5:f4:
-#                    21:d2:13:91:d9:07:ad:01:05:d6:f3:bd:77:ce:5f:
-#                    42:81:0a:f9:6a:e3:83:00:a8:2b:2e:55:13:63:81:
-#                    ca:47:1c:7b:5c:16:57:7a:1b:83:60:04:3a:3e:65:
-#                    c3:cd:01:de:de:a4:d6:0c:ba:8e:de:d9:04:ee:17:
-#                    56:22:9b:8f:63:fd:4d:16:0b:b7:7b:77:8c:f9:25:
-#                    b5:d1:6d:99:12:2e:4f:1a:b8:e6:ea:04:92:ae:3d:
-#                    11:b9:51:42:3d:87:b0:31:85:af:79:5a:9c:fe:e7:
-#                    4e:5e:92:4f:43:fc:ab:3a:ad:a5:12:26:66:b9:e2:
-#                    0c:d7:98:ce:d4:58:a5:95:40:0a:b7:44:9d:13:74:
-#                    2b:c2:a5:eb:22:15:98:10:d8:8b:c5:04:9f:1d:8f:
-#                    60:e5:06:1b:9b:cf:b9:79:a0:3d:a2:23:3f:42:3f:
-#                    6b:fa:1c:03:7b:30:8d:ce:6c:c0:bf:e6:1b:5f:bf:
-#                    67:b8:84:19:d5:15:ef:7b:cb:90:36:31:62:c9:bc:
-#                    02:ab:46:5f:9b:fe:1a:68:94:34:3d:90:8e:ad:f6:
-#                    e4:1d:09:7f:4a:88:38:3f:be:67:fd:34:96:f5:1d:
-#                    bc:30:74:cb:38:ee:d5:6c:ab:d4:fc:f4:00:b7:00:
-#                    5b:85:32:16:76:33:e9:d8:a3:99:9d:05:00:aa:16:
-#                    e6:f3:81:7d:6f:7d:aa:86:6d:ad:15:74:d3:c4:a2:
-#                    71:aa:f4:14:7d:e7:32:b8:1f:bc:d5:f1:4e:bd:6f:
-#                    17:02:39:d7:0e:95:42:3a:c7:00:3e:e9:26:63:11:
-#                    ea:0b:d1:4a:ff:18:9d:b2:d7:7b:2f:3a:d9:96:fb:
-#                    e8:1e:92:ae:13:55:c8:d9:27:f6:dc:48:1b:b0:24:
-#                    c1:85:e3:77:9d:9a:a4:f3:0c:11:1d:0d:c8:b4:14:
-#                    ee:b5:82:57:09:bf:20:58:7f:2f:22:23:d8:70:cb:
-#                    79:6c:c9:4b:f2:a9:2a:c8:fc:87:2b:d7:1a:50:f8:
-#                    27:e8:2f:43:e3:3a:bd:d8:57:71:fd:ce:a6:52:5b:
-#                    f9:dd:4d:ed:e5:f6:6f:89:ed:bb:93:9c:76:21:75:
-#                    f0:92:4c:29:f7:2f:9c:01:2e:fe:50:46:9e:64:0c:
-#                    14:b3:07:5b:c5:c2:73:6c:f1:07:5c:45:24:14:35:
-#                    ae:83:f1:6a:4d:89:7a:fa:b3:d8:2d:66:f0:36:87:
-#                    f5:2b:53
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Authority Key Identifier: 
-#                keyid:A6:B3:E1:2B:2B:49:B6:D7:73:A1:AA:94:F5:01:E7:73:65:4C:AC:50
-#
-#            X509v3 Key Usage: critical
-#                Digital Signature, Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                A6:B3:E1:2B:2B:49:B6:D7:73:A1:AA:94:F5:01:E7:73:65:4C:AC:50
-#            X509v3 Certificate Policies: 
-#                Policy: X509v3 Any Policy
-#                  CPS: http://acedicom.edicomgroup.com/doc
-#
-#    Signature Algorithm: sha1WithRSAEncryption
-#         ce:2c:0b:52:51:62:26:7d:0c:27:83:8f:c5:f6:da:a0:68:7b:
-#         4f:92:5e:ea:a4:73:32:11:53:44:b2:44:cb:9d:ec:0f:79:42:
-#         b3:10:a6:c7:0d:9d:cb:b6:fa:3f:3a:7c:ea:bf:88:53:1b:3c:
-#         f7:82:fa:05:35:33:e1:35:a8:57:c0:e7:fd:8d:4f:3f:93:32:
-#         4f:78:66:03:77:07:58:e9:95:c8:7e:3e:d0:79:00:8c:f2:1b:
-#         51:33:9b:bc:94:e9:3a:7b:6e:52:2d:32:9e:23:a4:45:fb:b6:
-#         2e:13:b0:8b:18:b1:dd:ce:d5:1d:a7:42:7f:55:be:fb:5b:bb:
-#         47:d4:fc:24:cd:04:ae:96:05:15:d6:ac:ce:30:f3:ca:0b:c5:
-#         ba:e2:22:e0:a6:ad:22:e4:02:ee:74:11:7f:4c:ff:78:1d:35:
-#         da:e6:02:34:eb:18:12:61:77:06:09:16:63:ea:18:ad:a2:87:
-#         1f:f2:c7:80:09:09:75:4e:10:a8:8f:3d:86:b8:75:11:c0:24:
-#         62:8a:96:7b:4a:45:e9:ec:59:c5:be:6b:83:e6:e1:e8:ac:b5:
-#         30:1e:fe:05:07:80:f9:e1:23:0d:50:8f:05:98:ff:2c:5f:e8:
-#         3b:b6:ad:cf:81:b5:21:87:ca:08:2a:23:27:30:20:2b:cf:ed:
-#         94:5b:ac:b2:7a:d2:c7:28:a1:8a:0b:9b:4d:4a:2c:6d:85:3f:
-#         09:72:3c:67:e2:d9:dc:07:ba:eb:65:7b:5a:01:63:d6:90:5b:
-#         4f:17:66:3d:7f:0b:19:a3:93:63:10:52:2a:9f:14:16:58:e2:
-#         dc:a5:f4:a1:16:8b:0e:91:8b:81:ca:9b:59:fa:d8:6b:91:07:
-#         65:55:5f:52:1f:af:3a:fb:90:dd:69:a5:5b:9c:6d:0e:2c:b6:
-#         fa:ce:ac:a5:7c:32:4a:67:40:dc:30:34:23:dd:d7:04:23:66:
-#         f0:fc:55:80:a7:fb:66:19:82:35:67:62:70:39:5e:6f:c7:ea:
-#         90:40:44:08:1e:b8:b2:d6:db:ee:59:a7:0d:18:79:34:bc:54:
-#         18:5e:53:ca:34:51:ed:45:0a:e6:8e:c7:82:36:3e:a7:38:63:
-#         a9:30:2c:17:10:60:92:9f:55:87:12:59:10:c2:0f:67:69:11:
-#         cc:4e:1e:7e:4a:9a:ad:af:40:a8:75:ac:56:90:74:b8:a0:9c:
-#         a5:79:6f:dc:e9:1a:c8:69:05:e9:ba:fa:03:b3:7c:e4:e0:4e:
-#         c2:ce:9d:e8:b6:46:0d:6e:7e:57:3a:67:94:c2:cb:1f:9c:77:
-#         4a:67:4e:69:86:43:93:38:fb:b6:db:4f:83:91:d4:60:7e:4b:
-#         3e:2b:38:07:55:98:5e:a4
-
 [p11-kit-object-v1]
 label: "AC RAIZ FNMT-RCM"
 class: x-certificate-extension
@@ -498,7 +343,7 @@ uu8wd+RU4riEmViAqhOLUTpPSPaLtrM=
 label: "AC Ra\xC3\xADz Certic\xC3\xA1mara S.A."
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%04"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYI
@@ -656,7 +501,7 @@ BYn8eNZcLCZDqQ==
 label: "Actalis Authentication Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv
@@ -807,7 +652,7 @@ LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
 label: "AddTrust External Root"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/caM+byAAQtOeBOW+0f
@@ -915,7 +760,7 @@ mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
 label: "AddTrust Low-Value Services Root"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%04"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpbUIUlg4mvoQQcM3sTg
@@ -1018,221 +863,6 @@ WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
 #         20:44:08:c0:7a:b6:40:fd:c4:e4:35:e1:1d:16:1c:d0:bc:2b:
 #         8e:d6:71:d9
 
-[p11-kit-object-v1]
-label: "AddTrust Public Services Root"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+
-A3S72mnTRqX4jsIMEZBRpS9mVEBV6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLs
-poH4IcUkzBEMP9smcnrHAZcHF/nXGCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c4
-2TkfYNVRknMDtABp4/MUTu7R3AnPdzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2I
-l+tmzV7R/9x98oTaunet3IAIx6eH1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD
-9tVIkNAwHM+A+WD+eeSI8t0A65RF62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg
-/QIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "AddTrust Public Services Root"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1 (0x1)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=SE, O=AddTrust AB, OU=AddTrust TTP Network, CN=AddTrust Public CA Root
-#        Validity
-#            Not Before: May 30 10:41:50 2000 GMT
-#            Not After : May 30 10:41:50 2020 GMT
-#        Subject: C=SE, O=AddTrust AB, OU=AddTrust TTP Network, CN=AddTrust Public CA Root
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:e9:1a:30:8f:83:88:14:c1:20:d8:3c:9b:8f:1b:
-#                    7e:03:74:bb:da:69:d3:46:a5:f8:8e:c2:0c:11:90:
-#                    51:a5:2f:66:54:40:55:ea:db:1f:4a:56:ee:9f:23:
-#                    6e:f4:39:cb:a1:b9:6f:f2:7e:f9:5d:87:26:61:9e:
-#                    1c:f8:e2:ec:a6:81:f8:21:c5:24:cc:11:0c:3f:db:
-#                    26:72:7a:c7:01:97:07:17:f9:d7:18:2c:30:7d:0e:
-#                    7a:1e:62:1e:c6:4b:c0:fd:7d:62:77:d3:44:1e:27:
-#                    f6:3f:4b:44:b3:b7:38:d9:39:1f:60:d5:51:92:73:
-#                    03:b4:00:69:e3:f3:14:4e:ee:d1:dc:09:cf:77:34:
-#                    46:50:b0:f8:11:f2:fe:38:79:f7:07:39:fe:51:92:
-#                    97:0b:5b:08:5f:34:86:01:ad:88:97:eb:66:cd:5e:
-#                    d1:ff:dc:7d:f2:84:da:ba:77:ad:dc:80:08:c7:a7:
-#                    87:d6:55:9f:97:6a:e8:c8:11:64:ba:e7:19:29:3f:
-#                    11:b3:78:90:84:20:52:5b:11:ef:78:d0:83:f6:d5:
-#                    48:90:d0:30:1c:cf:80:f9:60:fe:79:e4:88:f2:dd:
-#                    00:eb:94:45:eb:65:94:69:40:ba:c0:d5:b4:b8:ba:
-#                    7d:04:11:a8:eb:31:05:96:94:4e:58:21:8e:9f:d0:
-#                    60:fd
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Subject Key Identifier: 
-#                81:3E:37:D8:92:B0:1F:77:9F:5C:B4:AB:73:AA:E7:F6:34:60:2F:FA
-#            X509v3 Key Usage: 
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Authority Key Identifier: 
-#                keyid:81:3E:37:D8:92:B0:1F:77:9F:5C:B4:AB:73:AA:E7:F6:34:60:2F:FA
-#                DirName:/C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Public CA Root
-#                serial:01
-#
-#    Signature Algorithm: sha1WithRSAEncryption
-#         03:f7:15:4a:f8:24:da:23:56:16:93:76:dd:36:28:b9:ae:1b:
-#         b8:c3:f1:64:ba:20:18:78:95:29:27:57:05:bc:7c:2a:f4:b9:
-#         51:55:da:87:02:de:0f:16:17:31:f8:aa:79:2e:09:13:bb:af:
-#         b2:20:19:12:e5:93:f9:4b:f9:83:e8:44:d5:b2:41:25:bf:88:
-#         75:6f:ff:10:fc:4a:54:d0:5f:f0:fa:ef:36:73:7d:1b:36:45:
-#         c6:21:6d:b4:15:b8:4e:cf:9c:5c:a5:3d:5a:00:8e:06:e3:3c:
-#         6b:32:7b:f2:9f:f0:b6:fd:df:f0:28:18:48:f0:c6:bc:d0:bf:
-#         34:80:96:c2:4a:b1:6d:8e:c7:90:45:de:2f:67:ac:45:04:a3:
-#         7a:dc:55:92:c9:47:66:d8:1a:8c:c7:ed:9c:4e:9a:e0:12:bb:
-#         b5:6a:4c:84:e1:e1:22:0d:87:00:64:fe:8c:7d:62:39:65:a6:
-#         ef:42:b6:80:25:12:61:01:a8:24:13:70:00:11:26:5f:fa:35:
-#         50:c5:48:cc:06:47:e8:27:d8:70:8d:5f:64:e6:a1:44:26:5e:
-#         22:ec:92:cd:ff:42:9a:44:21:6d:5c:c5:e3:22:1d:5f:47:12:
-#         e7:ce:5f:5d:fa:d8:aa:b1:33:2d:d9:76:f2:4e:3a:33:0c:2b:
-#         b3:2d:90:06
-
-[p11-kit-object-v1]
-label: "AddTrust Qualified Certificates Root"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+v
-hDTbYjx5eLfpMLXsDBwqxBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKa
-uY5cLwjPcWqzZwFZ8V1G87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg
-+1jxGaBvcCV+PmlKfw8i2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28
-FSXx1s6rosAx1i+f4P8UWfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GR
-wVY18BTcZTYJbqukB8c10cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY
-6QIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "AddTrust Qualified Certificates Root"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqE=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1 (0x1)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=SE, O=AddTrust AB, OU=AddTrust TTP Network, CN=AddTrust Qualified CA Root
-#        Validity
-#            Not Before: May 30 10:44:50 2000 GMT
-#            Not After : May 30 10:44:50 2020 GMT
-#        Subject: C=SE, O=AddTrust AB, OU=AddTrust TTP Network, CN=AddTrust Qualified CA Root
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:e4:1e:9a:fe:dc:09:5a:87:a4:9f:47:be:11:5f:
-#                    af:84:34:db:62:3c:79:78:b7:e9:30:b5:ec:0c:1c:
-#                    2a:c4:16:ff:e0:ec:71:eb:8a:f5:11:6e:ed:4f:0d:
-#                    91:d2:12:18:2d:49:15:01:c2:a4:22:13:c7:11:64:
-#                    ff:22:12:9a:b9:8e:5c:2f:08:cf:71:6a:b3:67:01:
-#                    59:f1:5d:46:f3:b0:78:a5:f6:0e:42:7a:e3:7f:1b:
-#                    cc:d0:f0:b7:28:fd:2a:ea:9e:b3:b0:b9:04:aa:fd:
-#                    f6:c7:b4:b1:b8:2a:a0:fb:58:f1:19:a0:6f:70:25:
-#                    7e:3e:69:4a:7f:0f:22:d8:ef:ad:08:11:9a:29:99:
-#                    e1:aa:44:45:9a:12:5e:3e:9d:6d:52:fc:e7:a0:3d:
-#                    68:2f:f0:4b:70:7c:13:38:ad:bc:15:25:f1:d6:ce:
-#                    ab:a2:c0:31:d6:2f:9f:e0:ff:14:59:fc:84:93:d9:
-#                    87:7c:4c:54:13:eb:9f:d1:2d:11:f8:18:3a:3a:de:
-#                    25:d9:f7:d3:40:ed:a4:06:12:c4:3b:e1:91:c1:56:
-#                    35:f0:14:dc:65:36:09:6e:ab:a4:07:c7:35:d1:c2:
-#                    03:33:36:5b:75:26:6d:42:f1:12:6b:43:6f:4b:71:
-#                    94:fa:34:1d:ed:13:6e:ca:80:7f:98:2f:6c:b9:65:
-#                    d8:e9
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Subject Key Identifier: 
-#                39:95:8B:62:8B:5C:C9:D4:80:BA:58:0F:97:3F:15:08:43:CC:98:A7
-#            X509v3 Key Usage: 
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Authority Key Identifier: 
-#                keyid:39:95:8B:62:8B:5C:C9:D4:80:BA:58:0F:97:3F:15:08:43:CC:98:A7
-#                DirName:/C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Qualified CA Root
-#                serial:01
-#
-#    Signature Algorithm: sha1WithRSAEncryption
-#         19:ab:75:ea:f8:8b:65:61:95:13:ba:69:04:ef:86:ca:13:a0:
-#         c7:aa:4f:64:1b:3f:18:f6:a8:2d:2c:55:8f:05:b7:30:ea:42:
-#         6a:1d:c0:25:51:2d:a7:bf:0c:b3:ed:ef:08:7f:6c:3c:46:1a:
-#         ea:18:43:df:76:cc:f9:66:86:9c:2c:68:f5:e9:17:f8:31:b3:
-#         18:c4:d6:48:7d:23:4c:68:c1:7e:bb:01:14:6f:c5:d9:6e:de:
-#         bb:04:42:6a:f8:f6:5c:7d:e5:da:fa:87:eb:0d:35:52:67:d0:
-#         9e:97:76:05:93:3f:95:c7:01:e6:69:55:38:7f:10:61:99:c9:
-#         e3:5f:a6:ca:3e:82:63:48:aa:e2:08:48:3e:aa:f2:b2:85:62:
-#         a6:b4:a7:d9:bd:37:9c:68:b5:2d:56:7d:b0:b7:3f:a0:b1:07:
-#         d6:e9:4f:dc:de:45:71:30:32:7f:1b:2e:09:f9:bf:52:a1:ee:
-#         c2:80:3e:06:5c:2e:55:40:c1:1b:f5:70:45:b0:dc:5d:fa:f6:
-#         72:5a:77:d2:63:cd:cf:58:89:00:42:63:3f:79:39:d0:44:b0:
-#         82:6e:41:19:e8:dd:e0:c1:88:5a:d1:1e:71:93:1f:24:30:74:
-#         e5:1e:a8:de:3c:27:37:7f:83:ae:9e:77:cf:f0:30:b1:ff:4b:
-#         99:e8:c6:a1
-
 [p11-kit-object-v1]
 label: "AffirmTrust Commercial"
 class: x-certificate-extension
@@ -2027,7 +1657,7 @@ CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW
 label: "Atos TrustedRoot 2011"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYU7l28qOy47z6bzKTW+
@@ -2133,7 +1763,7 @@ KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed
 label: "Autoridad de Certificacion Firmaprofesional CIF A62634068"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAypZrjur4+/GiNeB/TNrg
@@ -2384,1397 +2014,6 @@ R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
 #         fe:81:dc:32:6a:1e:b5:ee:3c:d5:fc:e7:81:1d:19:c3:24:42:
 #         ea:63:39:a9
 
-[p11-kit-object-v1]
-label: "Bogus GMail"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHPw8gTuwqJGyjQqqrtg
-I9ERdh8fOtBlg06aRahDcIV28B+HAAIfbjsXF8S16RlGopIljWIqtGMwH7mF+DXh
-Flp2ScxQSFM5WYnWhAL7muwbx1HVdpWQ1DoquKbeAk0G+83tpUZBX1V05ex+QNxQ
-nLXkNV0eaCD46d6jaii/QdKhs+IljQwbyj2TDBiu38W8/byCumgA1xYycZ9ltRHa
-aFnQpldkG8n+mOX1pWXq4dvu9LOds47qh64W0h6gfHxpPykWhQFTp2zxYKvdovwl
-R9Qy0RLd90gS4PyconeY6YmZuPg48YwGwnojNm2bnc0wyMc0Fx67fULIq+cVFvZz
-tQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus GMail"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHPw8gTuwqJGyjQqqrtg
-I9ERdh8fOtBlg06aRahDcIV28B+HAAIfbjsXF8S16RlGopIljWIqtGMwH7mF+DXh
-Flp2ScxQSFM5WYnWhAL7muwbx1HVdpWQ1DoquKbeAk0G+83tpUZBX1V05ex+QNxQ
-nLXkNV0eaCD46d6jaii/QdKhs+IljQwbyj2TDBiu38W8/byCumgA1xYycZ9ltRHa
-aFnQpldkG8n+mOX1pWXq4dvu9LOds47qh64W0h6gfHxpPykWhQFTp2zxYKvdovwl
-R9Qy0RLd90gS4PyconeY6YmZuPg48YwGwnojNm2bnc0wyMc0Fx67fULIq+cVFvZz
-tQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus GMail"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF7jCCBNagAwIBAgIQBH7L6fylX3vQnq424QyuHjANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9tYWlsLmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCwc/DyBO7CokbKNCqqu2Aj0RF2Hx860GWDTppFqENwhXbwH4cA
-Ah9uOxcXxLXpGUaikiWNYiq0YzAfuYX4NeEWWnZJzFBIUzlZidaEAvua7BvHUdV2
-lZDUOiq4pt4CTQb7ze2lRkFfVXTl7H5A3FCcteQ1XR5oIPjp3qNqKL9B0qGz4iWN
-DBvKPZMMGK7fxbz9vIK6aADXFjJxn2W1EdpoWdCmV2Qbyf6Y5fWlZerh2+70s52z
-juqHrhbSHqB8fGk/KRaFAVOnbPFgq92i/CVH1DLREt33SBLg/Jyid5jpiZm4+Djx
-jAbCeiM2bZudzTDIxzQXHrt9Qsir5xUW9nO1AgMBAAGjggHqMIIB5jAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUGCqiyNR6P3utBIu9
-b54QRhN4cZ0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMC8G
-A1UdEQQoMCaCD21haWwuZ29vZ2xlLmNvbYITd3d3Lm1haWwuZ29vZ2xlLmNvbTAN
-BgkqhkiG9w0BAQUFAAOCAQEAZwYICifFk24C8t4XP9DTG3z/tc16x3fHvt8Syhne
-sBNXDAORxHlSz3+3XlUghEnd9dApLw4E2lmeDhOf9MAym/+hESQql6PyPz0qa6it
-jBl1lQ4dJf1PxHoVwx3HE0DIDb6XYHKm/iW+j+zVpobDIVxZUtlqC1yfS961+ezi
-9MXMYlN2iWXkKdq3v5bgYI0NtwlV1kBVHcHyliF1r4mGH12BlykoHinXlsEgAzJ7
-ADtqNxdao7MabzI7bvGjXaurzCrLMAwfNSOLaURc6qwoYO2ra2Oe9pK8vZpaJkzF
-mLgOGT78BTHjFtn9kAUDhsZXAR9/eKDPM2qqZmsi0KdJIw==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            04:7e:cb:e9:fc:a5:5f:7b:d0:9e:ae:36:e1:0c:ae:1e
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=English/street=Sea Village 10, O=Google Ltd., OU=Tech Dept., OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=mail.google.com
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:b0:73:f0:f2:04:ee:c2:a2:46:ca:34:2a:aa:bb:
-#                    60:23:d1:11:76:1f:1f:3a:d0:65:83:4e:9a:45:a8:
-#                    43:70:85:76:f0:1f:87:00:02:1f:6e:3b:17:17:c4:
-#                    b5:e9:19:46:a2:92:25:8d:62:2a:b4:63:30:1f:b9:
-#                    85:f8:35:e1:16:5a:76:49:cc:50:48:53:39:59:89:
-#                    d6:84:02:fb:9a:ec:1b:c7:51:d5:76:95:90:d4:3a:
-#                    2a:b8:a6:de:02:4d:06:fb:cd:ed:a5:46:41:5f:55:
-#                    74:e5:ec:7e:40:dc:50:9c:b5:e4:35:5d:1e:68:20:
-#                    f8:e9:de:a3:6a:28:bf:41:d2:a1:b3:e2:25:8d:0c:
-#                    1b:ca:3d:93:0c:18:ae:df:c5:bc:fd:bc:82:ba:68:
-#                    00:d7:16:32:71:9f:65:b5:11:da:68:59:d0:a6:57:
-#                    64:1b:c9:fe:98:e5:f5:a5:65:ea:e1:db:ee:f4:b3:
-#                    9d:b3:8e:ea:87:ae:16:d2:1e:a0:7c:7c:69:3f:29:
-#                    16:85:01:53:a7:6c:f1:60:ab:dd:a2:fc:25:47:d4:
-#                    32:d1:12:dd:f7:48:12:e0:fc:9c:a2:77:98:e9:89:
-#                    99:b8:f8:38:f1:8c:06:c2:7a:23:36:6d:9b:9d:cd:
-#                    30:c8:c7:34:17:1e:bb:7d:42:c8:ab:e7:15:16:f6:
-#                    73:b5
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                18:2A:A2:C8:D4:7A:3F:7B:AD:04:8B:BD:6F:9E:10:46:13:78:71:9D
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:mail.google.com, DNS:www.mail.google.com
-#    Signature Algorithm: sha1WithRSAEncryption
-#         67:06:08:0a:27:c5:93:6e:02:f2:de:17:3f:d0:d3:1b:7c:ff:
-#         b5:cd:7a:c7:77:c7:be:df:12:ca:19:de:b0:13:57:0c:03:91:
-#         c4:79:52:cf:7f:b7:5e:55:20:84:49:dd:f5:d0:29:2f:0e:04:
-#         da:59:9e:0e:13:9f:f4:c0:32:9b:ff:a1:11:24:2a:97:a3:f2:
-#         3f:3d:2a:6b:a8:ad:8c:19:75:95:0e:1d:25:fd:4f:c4:7a:15:
-#         c3:1d:c7:13:40:c8:0d:be:97:60:72:a6:fe:25:be:8f:ec:d5:
-#         a6:86:c3:21:5c:59:52:d9:6a:0b:5c:9f:4b:de:b5:f9:ec:e2:
-#         f4:c5:cc:62:53:76:89:65:e4:29:da:b7:bf:96:e0:60:8d:0d:
-#         b7:09:55:d6:40:55:1d:c1:f2:96:21:75:af:89:86:1f:5d:81:
-#         97:29:28:1e:29:d7:96:c1:20:03:32:7b:00:3b:6a:37:17:5a:
-#         a3:b3:1a:6f:32:3b:6e:f1:a3:5d:ab:ab:cc:2a:cb:30:0c:1f:
-#         35:23:8b:69:44:5c:ea:ac:28:60:ed:ab:6b:63:9e:f6:92:bc:
-#         bd:9a:5a:26:4c:c5:98:b8:0e:19:3e:fc:05:31:e3:16:d9:fd:
-#         90:05:03:86:c6:57:01:1f:7f:78:a0:cf:33:6a:aa:66:6b:22:
-#         d0:a7:49:23
-
-[p11-kit-object-v1]
-label: "Bogus Global Trustee"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2XTyqkEd3/XCFkNJXCm/
-tol0KbycjQxGT1l+skEXZjQMZYnhbCXjhgqeIkUijN2d5qOV3tyIAlVc41uRdesm
-aWO5LsbKLiffiLoCIG7+uQsp16fW10gaHM7dH6knDmJPoZYe3VQ6NGNKdvV3fVln
-2BDUtQ86QyKY2/QJxApwzt2Q1C/vdBPDzcKJOWIVneZ0qOib8GNunIm2Dq2b98yC
-6OgtuAvaIuxJhQeImZg/9HSpCfeBfJcLWZkYcovblIIrp+iqa5e/iH51sItFRQzH
-qAnqG0FYMDtfeGUVNNLkPDQNHdhkPIqlVkmZKC1L8s/N2W5JZJupeZB3VakIG60a
-dJ7gA5MKCbetp7Rc74Nst5q0xmhAgB1C0W55m6kZIZqc+YYtANE0/uC2+VW29SbF
-lRalfHOfCimJrDqY95t0Z7eQt10JI2pq7SwQ7lMKEPAWH1ezsQ15kRmw680wP6AU
-X7PG/Vwzp7D/mLBVjLml8m9HJEkhacxColEAQIWMgoKrMqXLmtzQ2RgN3xn0r4MN
-wT4x2yRItnWAoeHJd2Qep+WLfxVNS6fC0O15lV6RMewY/06fSBTqdbohzil26R9O
-UYcus8wEYLojHx9lsgq41W6PS0KJR6mBkFsrsrau5qBwe3iQCnrF5efF+wr2L2mM
-jB9X4AaZ/xHVUjIglyeY7mUCAwEAAQ==
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus Global Trustee"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2XTyqkEd3/XCFkNJXCm/
-tol0KbycjQxGT1l+skEXZjQMZYnhbCXjhgqeIkUijN2d5qOV3tyIAlVc41uRdesm
-aWO5LsbKLiffiLoCIG7+uQsp16fW10gaHM7dH6knDmJPoZYe3VQ6NGNKdvV3fVln
-2BDUtQ86QyKY2/QJxApwzt2Q1C/vdBPDzcKJOWIVneZ0qOib8GNunIm2Dq2b98yC
-6OgtuAvaIuxJhQeImZg/9HSpCfeBfJcLWZkYcovblIIrp+iqa5e/iH51sItFRQzH
-qAnqG0FYMDtfeGUVNNLkPDQNHdhkPIqlVkmZKC1L8s/N2W5JZJupeZB3VakIG60a
-dJ7gA5MKCbetp7Rc74Nst5q0xmhAgB1C0W55m6kZIZqc+YYtANE0/uC2+VW29SbF
-lRalfHOfCimJrDqY95t0Z7eQt10JI2pq7SwQ7lMKEPAWH1ezsQ15kRmw680wP6AU
-X7PG/Vwzp7D/mLBVjLml8m9HJEkhacxColEAQIWMgoKrMqXLmtzQ2RgN3xn0r4MN
-wT4x2yRItnWAoeHJd2Qep+WLfxVNS6fC0O15lV6RMewY/06fSBTqdbohzil26R9O
-UYcus8wEYLojHx9lsgq41W6PS0KJR6mBkFsrsrau5qBwe3iQCnrF5efF+wr2L2mM
-jB9X4AaZ/xHVUjIglyeY7mUCAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus Global Trustee"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIG3TCCBcWgAwIBAgIRANjzX063hystqwaS4xU4L7AwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgeMxCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEOMAwG
-A1UEBxMFVGFtcGExFzAVBgNVBAkTDlNlYSBWaWxsYWdlIDEwMRcwFQYDVQQKEw5H
-bG9iYWwgVHJ1c3RlZTEXMBUGA1UECxMOR2xvYmFsIFRydXN0ZWUxKDAmBgNVBAsT
-H0hvc3RlZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRp
-bnVtU1NMMRcwFQYDVQQDEw5nbG9iYWwgdHJ1c3RlZTCCAiIwDQYJKoZIhvcNAQEB
-BQADggIPADCCAgoCggIBANl08qpBHd/1whZDSVwpv7aJdCm8nI0MRk9ZfrJBF2Y0
-DGWJ4Wwl44YKniJFIozdneajld7ciAJVXONbkXXrJmljuS7Gyi4n34i6AiBu/rkL
-Kden1tdIGhzO3R+pJw5iT6GWHt1UOjRjSnb1d31ZZ9gQ1LUPOkMimNv0CcQKcM7d
-kNQv73QTw83CiTliFZ3mdKjom/BjbpyJtg6tm/fMgujoLbgL2iLsSYUHiJmYP/R0
-qQn3gXyXC1mZGHKL25SCK6foqmuXv4h+dbCLRUUMx6gJ6htBWDA7X3hlFTTS5Dw0
-DR3YZDyKpVZJmSgtS/LPzdluSWSbqXmQd1WpCButGnSe4AOTCgm3rae0XO+DbLea
-tMZoQIAdQtFueZupGSGanPmGLQDRNP7gtvlVtvUmxZUWpXxznwopiaw6mPebdGe3
-kLddCSNqau0sEO5TChDwFh9Xs7ENeZEZsOvNMD+gFF+zxv1cM6ew/5iwVYy5pfJv
-RyRJIWnMQqJRAECFjIKCqzKly5rc0NkYDd8Z9K+DDcE+MdskSLZ1gKHhyXdkHqfl
-i38VTUunwtDteZVekTHsGP9On0gU6nW6Ic4pdukfTlGHLrPMBGC6Ix8fZbIKuNVu
-j0tCiUepgZBbK7K2ruagcHt4kAp6xeXnxfsK9i9pjIwfV+AGmf8R1VIyIJcnmO5l
-AgMBAAGjggHUMIIB0DAfBgNVHSMEGDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAd
-BgNVHQ4EFgQUt8PeGkPtQZepjyl4nAO5rEBCAKwwDgYDVR0PAQH/BAQDAgWgMAwG
-A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1Ud
-IAQ/MD0wOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2Vj
-dXJlLmNvbW9kby5jb20vQ1BTMHsGA1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwu
-Y29tb2RvY2EuY29tL1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmww
-cQYIKwYBBQUHAQEEZTBjMDsGCCsGAQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2Nh
-LmNvbS9VVE5BZGRUcnVzdFNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDov
-L29jc3AuY29tb2RvY2EuY29tMBkGA1UdEQQSMBCCDmdsb2JhbCB0cnVzdGVlMA0G
-CSqGSIb3DQEBBQUAA4IBAQCPunW6OdQm03APxLMCp8USI3HJ/mPpo2J4JERP1LkR
-Ph/HKOdVa+704QCRhorJCWufLqRFOdFhYl6TpQVFeJ9gEiz0bGVlDcxGNIsouqDG
-9JlxZPMidqxP82LJpzNaBx89yYaA3NsEL4cn6L9IRIHA8Ekjbh/l5AOGJBOihWJ8
-WATK5o0Tcgq6VkSiD7z7oD0NKn/7nqkJPbda1IqN4SXopAmEcK0SRLnPuTN6ulzm
-S6a7BQaY//KYUnt3gCdK2eL6uVLU+/vm1i2ej8EVRI2bdC/ulFpO08SLiqxDnXP2
-rgyHia2HycnH3boUYHr4tTWdwo3GloENqVKKKUAE6Rm0
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            d8:f3:5f:4e:b7:87:2b:2d:ab:06:92:e3:15:38:2f:b0
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=Tampa/street=Sea Village 10, O=Global Trustee, OU=Global Trustee, OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=global trustee
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:d9:74:f2:aa:41:1d:df:f5:c2:16:43:49:5c:29:
-#                    bf:b6:89:74:29:bc:9c:8d:0c:46:4f:59:7e:b2:41:
-#                    17:66:34:0c:65:89:e1:6c:25:e3:86:0a:9e:22:45:
-#                    22:8c:dd:9d:e6:a3:95:de:dc:88:02:55:5c:e3:5b:
-#                    91:75:eb:26:69:63:b9:2e:c6:ca:2e:27:df:88:ba:
-#                    02:20:6e:fe:b9:0b:29:d7:a7:d6:d7:48:1a:1c:ce:
-#                    dd:1f:a9:27:0e:62:4f:a1:96:1e:dd:54:3a:34:63:
-#                    4a:76:f5:77:7d:59:67:d8:10:d4:b5:0f:3a:43:22:
-#                    98:db:f4:09:c4:0a:70:ce:dd:90:d4:2f:ef:74:13:
-#                    c3:cd:c2:89:39:62:15:9d:e6:74:a8:e8:9b:f0:63:
-#                    6e:9c:89:b6:0e:ad:9b:f7:cc:82:e8:e8:2d:b8:0b:
-#                    da:22:ec:49:85:07:88:99:98:3f:f4:74:a9:09:f7:
-#                    81:7c:97:0b:59:99:18:72:8b:db:94:82:2b:a7:e8:
-#                    aa:6b:97:bf:88:7e:75:b0:8b:45:45:0c:c7:a8:09:
-#                    ea:1b:41:58:30:3b:5f:78:65:15:34:d2:e4:3c:34:
-#                    0d:1d:d8:64:3c:8a:a5:56:49:99:28:2d:4b:f2:cf:
-#                    cd:d9:6e:49:64:9b:a9:79:90:77:55:a9:08:1b:ad:
-#                    1a:74:9e:e0:03:93:0a:09:b7:ad:a7:b4:5c:ef:83:
-#                    6c:b7:9a:b4:c6:68:40:80:1d:42:d1:6e:79:9b:a9:
-#                    19:21:9a:9c:f9:86:2d:00:d1:34:fe:e0:b6:f9:55:
-#                    b6:f5:26:c5:95:16:a5:7c:73:9f:0a:29:89:ac:3a:
-#                    98:f7:9b:74:67:b7:90:b7:5d:09:23:6a:6a:ed:2c:
-#                    10:ee:53:0a:10:f0:16:1f:57:b3:b1:0d:79:91:19:
-#                    b0:eb:cd:30:3f:a0:14:5f:b3:c6:fd:5c:33:a7:b0:
-#                    ff:98:b0:55:8c:b9:a5:f2:6f:47:24:49:21:69:cc:
-#                    42:a2:51:00:40:85:8c:82:82:ab:32:a5:cb:9a:dc:
-#                    d0:d9:18:0d:df:19:f4:af:83:0d:c1:3e:31:db:24:
-#                    48:b6:75:80:a1:e1:c9:77:64:1e:a7:e5:8b:7f:15:
-#                    4d:4b:a7:c2:d0:ed:79:95:5e:91:31:ec:18:ff:4e:
-#                    9f:48:14:ea:75:ba:21:ce:29:76:e9:1f:4e:51:87:
-#                    2e:b3:cc:04:60:ba:23:1f:1f:65:b2:0a:b8:d5:6e:
-#                    8f:4b:42:89:47:a9:81:90:5b:2b:b2:b6:ae:e6:a0:
-#                    70:7b:78:90:0a:7a:c5:e5:e7:c5:fb:0a:f6:2f:69:
-#                    8c:8c:1f:57:e0:06:99:ff:11:d5:52:32:20:97:27:
-#                    98:ee:65
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                B7:C3:DE:1A:43:ED:41:97:A9:8F:29:78:9C:03:B9:AC:40:42:00:AC
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:global trustee
-#    Signature Algorithm: sha1WithRSAEncryption
-#         8f:ba:75:ba:39:d4:26:d3:70:0f:c4:b3:02:a7:c5:12:23:71:
-#         c9:fe:63:e9:a3:62:78:24:44:4f:d4:b9:11:3e:1f:c7:28:e7:
-#         55:6b:ee:f4:e1:00:91:86:8a:c9:09:6b:9f:2e:a4:45:39:d1:
-#         61:62:5e:93:a5:05:45:78:9f:60:12:2c:f4:6c:65:65:0d:cc:
-#         46:34:8b:28:ba:a0:c6:f4:99:71:64:f3:22:76:ac:4f:f3:62:
-#         c9:a7:33:5a:07:1f:3d:c9:86:80:dc:db:04:2f:87:27:e8:bf:
-#         48:44:81:c0:f0:49:23:6e:1f:e5:e4:03:86:24:13:a2:85:62:
-#         7c:58:04:ca:e6:8d:13:72:0a:ba:56:44:a2:0f:bc:fb:a0:3d:
-#         0d:2a:7f:fb:9e:a9:09:3d:b7:5a:d4:8a:8d:e1:25:e8:a4:09:
-#         84:70:ad:12:44:b9:cf:b9:33:7a:ba:5c:e6:4b:a6:bb:05:06:
-#         98:ff:f2:98:52:7b:77:80:27:4a:d9:e2:fa:b9:52:d4:fb:fb:
-#         e6:d6:2d:9e:8f:c1:15:44:8d:9b:74:2f:ee:94:5a:4e:d3:c4:
-#         8b:8a:ac:43:9d:73:f6:ae:0c:87:89:ad:87:c9:c9:c7:dd:ba:
-#         14:60:7a:f8:b5:35:9d:c2:8d:c6:96:81:0d:a9:52:8a:29:40:
-#         04:e9:19:b4
-
-[p11-kit-object-v1]
-label: "Bogus Google"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHPw8gTuwqJGyjQqqrtg
-I9ERdh8fOtBlg06aRahDcIV28B+HAAIfbjsXF8S16RlGopIljWIqtGMwH7mF+DXh
-Flp2ScxQSFM5WYnWhAL7muwbx1HVdpWQ1DoquKbeAk0G+83tpUZBX1V05ex+QNxQ
-nLXkNV0eaCD46d6jaii/QdKhs+IljQwbyj2TDBiu38W8/byCumgA1xYycZ9ltRHa
-aFnQpldkG8n+mOX1pWXq4dvu9LOds47qh64W0h6gfHxpPykWhQFTp2zxYKvdovwl
-R9Qy0RLd90gS4PyconeY6YmZuPg48YwGwnojNm2bnc0wyMc0Fx67fULIq+cVFvZz
-tQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus Google"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHPw8gTuwqJGyjQqqrtg
-I9ERdh8fOtBlg06aRahDcIV28B+HAAIfbjsXF8S16RlGopIljWIqtGMwH7mF+DXh
-Flp2ScxQSFM5WYnWhAL7muwbx1HVdpWQ1DoquKbeAk0G+83tpUZBX1V05ex+QNxQ
-nLXkNV0eaCD46d6jaii/QdKhs+IljQwbyj2TDBiu38W8/byCumgA1xYycZ9ltRHa
-aFnQpldkG8n+mOX1pWXq4dvu9LOds47qh64W0h6gfHxpPykWhQFTp2zxYKvdovwl
-R9Qy0RLd90gS4PyconeY6YmZuPg48YwGwnojNm2bnc0wyMc0Fx67fULIq+cVFvZz
-tQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus Google"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF5DCCBMygAwIBAgIRAPXIavNhYvE6ZPVPbclYfAYwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd4xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEXMBUGA1UEAxMOd3d3Lmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCwc/DyBO7CokbKNCqqu2Aj0RF2Hx860GWDTppFqENwhXbwH4cA
-Ah9uOxcXxLXpGUaikiWNYiq0YzAfuYX4NeEWWnZJzFBIUzlZidaEAvua7BvHUdV2
-lZDUOiq4pt4CTQb7ze2lRkFfVXTl7H5A3FCcteQ1XR5oIPjp3qNqKL9B0qGz4iWN
-DBvKPZMMGK7fxbz9vIK6aADXFjJxn2W1EdpoWdCmV2Qbyf6Y5fWlZerh2+70s52z
-juqHrhbSHqB8fGk/KRaFAVOnbPFgq92i/CVH1DLREt33SBLg/Jyid5jpiZm4+Djx
-jAbCeiM2bZudzTDIxzQXHrt9Qsir5xUW9nO1AgMBAAGjggHgMIIB3DAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUGCqiyNR6P3utBIu9
-b54QRhN4cZ0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMCUG
-A1UdEQQeMByCDnd3dy5nb29nbGUuY29tggpnb29nbGUuY29tMA0GCSqGSIb3DQEB
-BQUAA4IBAQBxwJk/Xva9M/+eFsuov91w+dJTOzauyRfIrl5N3WL3t9M+d6P+wHsy
-tcmUBVJQ8l89eYRJT11ssNdZvdRsiPr8xWWG6yhSokL2fLxqxwcuJdGQYiDGjVHC
-LEU5TgPa9xjozAo62UXYbG40i2KcThX5Q+7ll8A/rTUTxSsGx0H94vd+Ra2b0eFm
-7fh6S5Q5ei/r6D9D2DXWVvp0523m7axlhP7QTQYS3tpZADwJXM+IS+g9tBUhksxt
-plHijpfx9IJGy8RTXtpcnWWSAWWJAOW2mf8mQPEvGTEIGrFnVYYNrjUzhryXSJLX
-lmD4zvyW64fEc8yUm1hb83qkJxPWT/Rp
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            f5:c8:6a:f3:61:62:f1:3a:64:f5:4f:6d:c9:58:7c:06
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=English/street=Sea Village 10, O=Google Ltd., OU=Tech Dept., OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=www.google.com
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:b0:73:f0:f2:04:ee:c2:a2:46:ca:34:2a:aa:bb:
-#                    60:23:d1:11:76:1f:1f:3a:d0:65:83:4e:9a:45:a8:
-#                    43:70:85:76:f0:1f:87:00:02:1f:6e:3b:17:17:c4:
-#                    b5:e9:19:46:a2:92:25:8d:62:2a:b4:63:30:1f:b9:
-#                    85:f8:35:e1:16:5a:76:49:cc:50:48:53:39:59:89:
-#                    d6:84:02:fb:9a:ec:1b:c7:51:d5:76:95:90:d4:3a:
-#                    2a:b8:a6:de:02:4d:06:fb:cd:ed:a5:46:41:5f:55:
-#                    74:e5:ec:7e:40:dc:50:9c:b5:e4:35:5d:1e:68:20:
-#                    f8:e9:de:a3:6a:28:bf:41:d2:a1:b3:e2:25:8d:0c:
-#                    1b:ca:3d:93:0c:18:ae:df:c5:bc:fd:bc:82:ba:68:
-#                    00:d7:16:32:71:9f:65:b5:11:da:68:59:d0:a6:57:
-#                    64:1b:c9:fe:98:e5:f5:a5:65:ea:e1:db:ee:f4:b3:
-#                    9d:b3:8e:ea:87:ae:16:d2:1e:a0:7c:7c:69:3f:29:
-#                    16:85:01:53:a7:6c:f1:60:ab:dd:a2:fc:25:47:d4:
-#                    32:d1:12:dd:f7:48:12:e0:fc:9c:a2:77:98:e9:89:
-#                    99:b8:f8:38:f1:8c:06:c2:7a:23:36:6d:9b:9d:cd:
-#                    30:c8:c7:34:17:1e:bb:7d:42:c8:ab:e7:15:16:f6:
-#                    73:b5
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                18:2A:A2:C8:D4:7A:3F:7B:AD:04:8B:BD:6F:9E:10:46:13:78:71:9D
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:www.google.com, DNS:google.com
-#    Signature Algorithm: sha1WithRSAEncryption
-#         71:c0:99:3f:5e:f6:bd:33:ff:9e:16:cb:a8:bf:dd:70:f9:d2:
-#         53:3b:36:ae:c9:17:c8:ae:5e:4d:dd:62:f7:b7:d3:3e:77:a3:
-#         fe:c0:7b:32:b5:c9:94:05:52:50:f2:5f:3d:79:84:49:4f:5d:
-#         6c:b0:d7:59:bd:d4:6c:88:fa:fc:c5:65:86:eb:28:52:a2:42:
-#         f6:7c:bc:6a:c7:07:2e:25:d1:90:62:20:c6:8d:51:c2:2c:45:
-#         39:4e:03:da:f7:18:e8:cc:0a:3a:d9:45:d8:6c:6e:34:8b:62:
-#         9c:4e:15:f9:43:ee:e5:97:c0:3f:ad:35:13:c5:2b:06:c7:41:
-#         fd:e2:f7:7e:45:ad:9b:d1:e1:66:ed:f8:7a:4b:94:39:7a:2f:
-#         eb:e8:3f:43:d8:35:d6:56:fa:74:e7:6d:e6:ed:ac:65:84:fe:
-#         d0:4d:06:12:de:da:59:00:3c:09:5c:cf:88:4b:e8:3d:b4:15:
-#         21:92:cc:6d:a6:51:e2:8e:97:f1:f4:82:46:cb:c4:53:5e:da:
-#         5c:9d:65:92:01:65:89:00:e5:b6:99:ff:26:40:f1:2f:19:31:
-#         08:1a:b1:67:55:86:0d:ae:35:33:86:bc:97:48:92:d7:96:60:
-#         f8:ce:fc:96:eb:87:c4:73:cc:94:9b:58:5b:f3:7a:a4:27:13:
-#         d6:4f:f4:69
-
-[p11-kit-object-v1]
-label: "Bogus Mozilla Addons"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8ZtNvMVc3iDc850hdWu
-7LLw4CQfE4O4IKy7mv6Iu6uhHQsfRQCqSbc1Nwxq70dMudG+41cSBI2Sx7bsAby2
-2seBOCCtcoXmDvyBbAetaHY4xUTXzMZKxZc+ZPRR5vB+suxW9yWCTUmYyxaY3SPx
-iZHRF5dAmSbW4qIrXt+9ifIbGlMtzFBBetA9KgxVcBQB6VhJEHoLk4KL4R7tOoAQ
-gs6WijTwzNfTubRQh1VUCbidQihVAOWMNVS/3SWRRrcN5V2DqOWL+4TkPK522sRD
-K1t0C/i+XWjxeFu1zn3xXZlA2sruOIFQvpihbLgkrfOvjA/XESgshBhMfbXZjzC1
-GwIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus Mozilla Addons"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8ZtNvMVc3iDc850hdWu
-7LLw4CQfE4O4IKy7mv6Iu6uhHQsfRQCqSbc1Nwxq70dMudG+41cSBI2Sx7bsAby2
-2seBOCCtcoXmDvyBbAetaHY4xUTXzMZKxZc+ZPRR5vB+suxW9yWCTUmYyxaY3SPx
-iZHRF5dAmSbW4qIrXt+9ifIbGlMtzFBBetA9KgxVcBQB6VhJEHoLk4KL4R7tOoAQ
-gs6WijTwzNfTubRQh1VUCbidQihVAOWMNVS/3SWRRrcN5V2DqOWL+4TkPK522sRD
-K1t0C/i+XWjxeFu1zn3xXZlA2sruOIFQvpihbLgkrfOvjA/XESgshBhMfbXZjzC1
-GwIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus Mozilla Addons"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF+DCCBOCgAwIBAgIRAJI51TSPQNFpWnRUcOHyP0MwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgeIxCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEbMBkGA1UEAxMSYWRkb25zLm1vemlsbGEub3JnMIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEAq8ZtNvMVc3iDc850hdWu7LLw4CQfE4O4IKy7mv6Iu6uh
-HQsfRQCqSbc1Nwxq70dMudG+41cSBI2Sx7bsAby22seBOCCtcoXmDvyBbAetaHY4
-xUTXzMZKxZc+ZPRR5vB+suxW9yWCTUmYyxaY3SPxiZHRF5dAmSbW4qIrXt+9ifIb
-GlMtzFBBetA9KgxVcBQB6VhJEHoLk4KL4R7tOoAQgs6WijTwzNfTubRQh1VUCbid
-QihVAOWMNVS/3SWRRrcN5V2DqOWL+4TkPK522sRDK1t0C/i+XWjxeFu1zn3xXZlA
-2sruOIFQvpihbLgkrfOvjA/XESgshBhMfbXZjzC1GwIDAQABo4IB8DCCAewwHwYD
-VR0jBBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFN2A0lQ990xw
-yqOw3TR6MuToO1o7MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
-JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEB
-AgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQ
-UzB7BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4t
-VVNFUkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8u
-bmV0L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7
-BggrBgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RT
-ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv
-bTA1BgNVHREELjAsghJhZGRvbnMubW96aWxsYS5vcmeCFnd3dy5hZGRvbnMubW96
-aWxsYS5vcmcwDQYJKoZIhvcNAQEFBQADggEBADM7YxX8sewULJPddZTegVrZTpm+
-+0qkOVVNoUB63hMqh6k3z+jV+63Re21vjCCHglTmV0m8ICiEzdYB2ZOLF24jZuWE
-yIA/xqFwgOTsTR35/JFac2IpmvcgHGHgizmfyrx+jd282bHjn57fFVORIVIL2Roj
-D2Y226yTlkqjpSLPKfeimaj2ttlArtl+tvZYLpusNspkj2VS3IacgqtuUEvaX/oF
-AIgwDt6NVr+BR409BuKyYpJnj57ImrLlBrhwJLh3fCMKOMN5CNixUZ2slRHHQBee
-oxyP8hGnaCfaSQWEGHxYLQFnXOWfoSm7SjlFL78Rqnmi7bTUtWVDt5NGitM=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            92:39:d5:34:8f:40:d1:69:5a:74:54:70:e1:f2:3f:43
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=English/street=Sea Village 10, O=Google Ltd., OU=Tech Dept., OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=addons.mozilla.org
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:ab:c6:6d:36:f3:15:73:78:83:73:ce:74:85:d5:
-#                    ae:ec:b2:f0:e0:24:1f:13:83:b8:20:ac:bb:9a:fe:
-#                    88:bb:ab:a1:1d:0b:1f:45:00:aa:49:b7:35:37:0c:
-#                    6a:ef:47:4c:b9:d1:be:e3:57:12:04:8d:92:c7:b6:
-#                    ec:01:bc:b6:da:c7:81:38:20:ad:72:85:e6:0e:fc:
-#                    81:6c:07:ad:68:76:38:c5:44:d7:cc:c6:4a:c5:97:
-#                    3e:64:f4:51:e6:f0:7e:b2:ec:56:f7:25:82:4d:49:
-#                    98:cb:16:98:dd:23:f1:89:91:d1:17:97:40:99:26:
-#                    d6:e2:a2:2b:5e:df:bd:89:f2:1b:1a:53:2d:cc:50:
-#                    41:7a:d0:3d:2a:0c:55:70:14:01:e9:58:49:10:7a:
-#                    0b:93:82:8b:e1:1e:ed:3a:80:10:82:ce:96:8a:34:
-#                    f0:cc:d7:d3:b9:b4:50:87:55:54:09:b8:9d:42:28:
-#                    55:00:e5:8c:35:54:bf:dd:25:91:46:b7:0d:e5:5d:
-#                    83:a8:e5:8b:fb:84:e4:3c:ae:76:da:c4:43:2b:5b:
-#                    74:0b:f8:be:5d:68:f1:78:5b:b5:ce:7d:f1:5d:99:
-#                    40:da:ca:ee:38:81:50:be:98:a1:6c:b8:24:ad:f3:
-#                    af:8c:0f:d7:11:28:2c:84:18:4c:7d:b5:d9:8f:30:
-#                    b5:1b
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                DD:80:D2:54:3D:F7:4C:70:CA:A3:B0:DD:34:7A:32:E4:E8:3B:5A:3B
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:addons.mozilla.org, DNS:www.addons.mozilla.org
-#    Signature Algorithm: sha1WithRSAEncryption
-#         33:3b:63:15:fc:b1:ec:14:2c:93:dd:75:94:de:81:5a:d9:4e:
-#         99:be:fb:4a:a4:39:55:4d:a1:40:7a:de:13:2a:87:a9:37:cf:
-#         e8:d5:fb:ad:d1:7b:6d:6f:8c:20:87:82:54:e6:57:49:bc:20:
-#         28:84:cd:d6:01:d9:93:8b:17:6e:23:66:e5:84:c8:80:3f:c6:
-#         a1:70:80:e4:ec:4d:1d:f9:fc:91:5a:73:62:29:9a:f7:20:1c:
-#         61:e0:8b:39:9f:ca:bc:7e:8d:dd:bc:d9:b1:e3:9f:9e:df:15:
-#         53:91:21:52:0b:d9:1a:23:0f:66:36:db:ac:93:96:4a:a3:a5:
-#         22:cf:29:f7:a2:99:a8:f6:b6:d9:40:ae:d9:7e:b6:f6:58:2e:
-#         9b:ac:36:ca:64:8f:65:52:dc:86:9c:82:ab:6e:50:4b:da:5f:
-#         fa:05:00:88:30:0e:de:8d:56:bf:81:47:8d:3d:06:e2:b2:62:
-#         92:67:8f:9e:c8:9a:b2:e5:06:b8:70:24:b8:77:7c:23:0a:38:
-#         c3:79:08:d8:b1:51:9d:ac:95:11:c7:40:17:9e:a3:1c:8f:f2:
-#         11:a7:68:27:da:49:05:84:18:7c:58:2d:01:67:5c:e5:9f:a1:
-#         29:bb:4a:39:45:2f:bf:11:aa:79:a2:ed:b4:d4:b5:65:43:b7:
-#         93:46:8a:d3
-
-[p11-kit-object-v1]
-label: "Bogus Skype"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHiZhg6icyPUWsNJ67E2
-jHzKhK48rziIKJmNLVgTsZd4PlIgZ6xbc5hsMlXJcNHZqhXoLiaFgbxW5LyAY9tO
-1/UCvlFjHjzb39cAXVq55Xtq6jggsju27nVUhPmmyjhw3b+w/6WFXbRB/t092Srh
-MEMamHmToF/gZ2yV+j56rnF7422IQj8l1O6+aGisraxg4CCjOYO5Wyijk22hvXYK
-4+uuhycOVI+0SAyaVPRdjjdQ3F6ki2tL3KbzNL53WSKI/xkrbXZkc9oMhwcrmjc6
-0OKM9jYya5p5zNI7k28aTWzmwZ1ArC10w77qXHNlASmxKr9wWcHOxsOiyEVfumc9
-DwIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus Skype"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHiZhg6icyPUWsNJ67E2
-jHzKhK48rziIKJmNLVgTsZd4PlIgZ6xbc5hsMlXJcNHZqhXoLiaFgbxW5LyAY9tO
-1/UCvlFjHjzb39cAXVq55Xtq6jggsju27nVUhPmmyjhw3b+w/6WFXbRB/t092Srh
-MEMamHmToF/gZ2yV+j56rnF7422IQj8l1O6+aGisraxg4CCjOYO5Wyijk22hvXYK
-4+uuhycOVI+0SAyaVPRdjjdQ3F6ki2tL3KbzNL53WSKI/xkrbXZkc9oMhwcrmjc6
-0OKM9jYya5p5zNI7k28aTWzmwZ1ArC10w77qXHNlASmxKr9wWcHOxsOiyEVfumc9
-DwIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus Skype"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF7zCCBNegAwIBAgIRAOkCi5V45BXcGnEKK4gVREcwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd8xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEYMBYGA1UEAxMPbG9naW4uc2t5cGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAsHiZhg6icyPUWsNJ67E2jHzKhK48rziIKJmNLVgTsZd4PlIg
-Z6xbc5hsMlXJcNHZqhXoLiaFgbxW5LyAY9tO1/UCvlFjHjzb39cAXVq55Xtq6jgg
-sju27nVUhPmmyjhw3b+w/6WFXbRB/t092SrhMEMamHmToF/gZ2yV+j56rnF7422I
-Qj8l1O6+aGisraxg4CCjOYO5Wyijk22hvXYK4+uuhycOVI+0SAyaVPRdjjdQ3F6k
-i2tL3KbzNL53WSKI/xkrbXZkc9oMhwcrmjc60OKM9jYya5p5zNI7k28aTWzmwZ1A
-rC10w77qXHNlASmxKr9wWcHOxsOiyEVfumc9DwIDAQABo4IB6jCCAeYwHwYDVR0j
-BBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFNWOWlETtCkNMbYc
-jT5RUTEKM6qBMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
-MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgED
-BDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzB7
-BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4tVVNF
-UkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0
-L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7Bggr
-BgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RTZXJ2
-ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAv
-BgNVHREEKDAmgg9sb2dpbi5za3lwZS5jb22CE3d3dy5sb2dpbi5za3lwZS5jb20w
-DQYJKoZIhvcNAQEFBQADggEBAAjygXWRu84SBBjCTVr7RpAKVET08t0HgfAfpnpv
-n8+4DixPnMSa9aj2uqTJel2x4lrKPPpgqGg+y7ot4s3WtuSSPGmtV+qoLzgQhHLl
-aHHtvutuGO9jer7nJP/AY/1YO0yBktgpq441XdfTCWuF09VzBUTi5buDUxDL8s+3
-buFpt6GSZMXPzYK7NqA4rdck31P8P2K3t9XHV+OTMXCOJImGymMrObpd2Wpg7KFO
-iv5T+F6S3y9cJhdtA30CDw+qQ2dtsGK/flPdzOx4c5XlpfYAowT9PwQqs5jFtwMc
-28lQq7AFHR6+VrTPPkITlJ755wGBpXhvDHp2rAWG7KzCEaw=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            e9:02:8b:95:78:e4:15:dc:1a:71:0a:2b:88:15:44:47
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=English/street=Sea Village 10, O=Google Ltd., OU=Tech Dept., OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=login.skype.com
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:b0:78:99:86:0e:a2:73:23:d4:5a:c3:49:eb:b1:
-#                    36:8c:7c:ca:84:ae:3c:af:38:88:28:99:8d:2d:58:
-#                    13:b1:97:78:3e:52:20:67:ac:5b:73:98:6c:32:55:
-#                    c9:70:d1:d9:aa:15:e8:2e:26:85:81:bc:56:e4:bc:
-#                    80:63:db:4e:d7:f5:02:be:51:63:1e:3c:db:df:d7:
-#                    00:5d:5a:b9:e5:7b:6a:ea:38:20:b2:3b:b6:ee:75:
-#                    54:84:f9:a6:ca:38:70:dd:bf:b0:ff:a5:85:5d:b4:
-#                    41:fe:dd:3d:d9:2a:e1:30:43:1a:98:79:93:a0:5f:
-#                    e0:67:6c:95:fa:3e:7a:ae:71:7b:e3:6d:88:42:3f:
-#                    25:d4:ee:be:68:68:ac:ad:ac:60:e0:20:a3:39:83:
-#                    b9:5b:28:a3:93:6d:a1:bd:76:0a:e3:eb:ae:87:27:
-#                    0e:54:8f:b4:48:0c:9a:54:f4:5d:8e:37:50:dc:5e:
-#                    a4:8b:6b:4b:dc:a6:f3:34:be:77:59:22:88:ff:19:
-#                    2b:6d:76:64:73:da:0c:87:07:2b:9a:37:3a:d0:e2:
-#                    8c:f6:36:32:6b:9a:79:cc:d2:3b:93:6f:1a:4d:6c:
-#                    e6:c1:9d:40:ac:2d:74:c3:be:ea:5c:73:65:01:29:
-#                    b1:2a:bf:70:59:c1:ce:c6:c3:a2:c8:45:5f:ba:67:
-#                    3d:0f
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                D5:8E:5A:51:13:B4:29:0D:31:B6:1C:8D:3E:51:51:31:0A:33:AA:81
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:login.skype.com, DNS:www.login.skype.com
-#    Signature Algorithm: sha1WithRSAEncryption
-#         08:f2:81:75:91:bb:ce:12:04:18:c2:4d:5a:fb:46:90:0a:54:
-#         44:f4:f2:dd:07:81:f0:1f:a6:7a:6f:9f:cf:b8:0e:2c:4f:9c:
-#         c4:9a:f5:a8:f6:ba:a4:c9:7a:5d:b1:e2:5a:ca:3c:fa:60:a8:
-#         68:3e:cb:ba:2d:e2:cd:d6:b6:e4:92:3c:69:ad:57:ea:a8:2f:
-#         38:10:84:72:e5:68:71:ed:be:eb:6e:18:ef:63:7a:be:e7:24:
-#         ff:c0:63:fd:58:3b:4c:81:92:d8:29:ab:8e:35:5d:d7:d3:09:
-#         6b:85:d3:d5:73:05:44:e2:e5:bb:83:53:10:cb:f2:cf:b7:6e:
-#         e1:69:b7:a1:92:64:c5:cf:cd:82:bb:36:a0:38:ad:d7:24:df:
-#         53:fc:3f:62:b7:b7:d5:c7:57:e3:93:31:70:8e:24:89:86:ca:
-#         63:2b:39:ba:5d:d9:6a:60:ec:a1:4e:8a:fe:53:f8:5e:92:df:
-#         2f:5c:26:17:6d:03:7d:02:0f:0f:aa:43:67:6d:b0:62:bf:7e:
-#         53:dd:cc:ec:78:73:95:e5:a5:f6:00:a3:04:fd:3f:04:2a:b3:
-#         98:c5:b7:03:1c:db:c9:50:ab:b0:05:1d:1e:be:56:b4:cf:3e:
-#         42:13:94:9e:f9:e7:01:81:a5:78:6f:0c:7a:76:ac:05:86:ec:
-#         ac:c2:11:ac
-
-[p11-kit-object-v1]
-label: "Bogus Yahoo 1"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX
-4kB38Bzr0BnfIl0If9EHPEGJRhejCfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5i
-Prw/bCHuk43LDaAfmpbQj631k5OC7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/
-N1LQ8XxvkNhFCqw5cmph1bvDjPnCzN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8
-/eIxxd/KwdiPLL/wDltx4DRxw8VNfXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2
-eYQajmwCtoblv1FqZvjznNNZDHulmXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRb
-VQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus Yahoo 1"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX
-4kB38Bzr0BnfIl0If9EHPEGJRhejCfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5i
-Prw/bCHuk43LDaAfmpbQj631k5OC7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/
-N1LQ8XxvkNhFCqw5cmph1bvDjPnCzN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8
-/eIxxd/KwdiPLL/wDltx4DRxw8VNfXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2
-eYQajmwCtoblv1FqZvjznNNZDHulmXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRb
-VQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus Yahoo 1"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF7zCCBNegAwIBAgIRANdVj9r18RBbshMoK3B3KaMwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd8xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEYMBYGA1UEAxMPbG9naW4ueWFob28uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX4kB38Bzr0BnfIl0If9EHPEGJRhej
-Cfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5iPrw/bCHuk43LDaAfmpbQj631k5OC
-7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/N1LQ8XxvkNhFCqw5cmph1bvDjPnC
-zN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8/eIxxd/KwdiPLL/wDltx4DRxw8VN
-fXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2eYQajmwCtoblv1FqZvjznNNZDHul
-mXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRbVQIDAQABo4IB6jCCAeYwHwYDVR0j
-BBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFIZJRfwzGTPUBO0n
-Ye7oAckMfy9+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
-MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgED
-BDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzB7
-BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4tVVNF
-UkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0
-L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7Bggr
-BgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RTZXJ2
-ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAv
-BgNVHREEKDAmgg9sb2dpbi55YWhvby5jb22CE3d3dy5sb2dpbi55YWhvby5jb20w
-DQYJKoZIhvcNAQEFBQADggEBAD1XyUgkXO5kgfWuvlUpFv8qL4Tt2fijA8gwZrvI
-1IEtIfcI96yWQppBdXq6XRAjy5JCYfqK2m1lNBnlqdYtE3jXgUSSqW6AYxXL/jUf
-AtGKFLCozJQgO6ga8F02UNsNrulk5PaNaX0wyBQXAErlpjX7fQ0inXl2Uiy8lwaI
-mhX0c+bx9ZilzQdEkbinaGdF0nIRYOJxt1BV4oqpDdaS7gQqizCgogVGNG2Sxjuq
-TaDQqwEZCjK36OPP8dKXSXuspJf38FeuY3eaf5baTf2+3Ac24yW9iXmOKRITi4gH
-+2vbpM2zLSfp1Mpg14VT+3TGXDWMcB/5sreSJyDHlNVnFDA=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            d7:55:8f:da:f5:f1:10:5b:b2:13:28:2b:70:77:29:a3
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=English/street=Sea Village 10, O=Google Ltd., OU=Tech Dept., OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=login.yahoo.com
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:a1:a4:05:3d:ed:85:45:93:8a:18:4d:c6:03:00:
-#                    57:e2:40:77:f0:1c:eb:d0:19:df:22:5d:08:7f:d1:
-#                    07:3c:41:89:46:17:a3:09:fa:fc:f8:a9:04:d1:96:
-#                    8f:ab:d7:4f:3c:f9:ad:18:a9:74:81:c4:57:0a:3a:
-#                    26:16:ce:62:3e:bc:3f:6c:21:ee:93:8d:cb:0d:a0:
-#                    1f:9a:96:d0:8f:ad:f5:93:93:82:ee:72:0c:a1:75:
-#                    15:a3:7b:84:56:b8:ad:ff:52:11:71:84:bc:3a:30:
-#                    0b:7e:98:a8:e1:a8:3f:37:52:d0:f1:7c:6f:90:d8:
-#                    45:0a:ac:39:72:6a:61:d5:bb:c3:8c:f9:c2:cc:df:
-#                    fd:3a:71:b9:af:bc:dc:3a:dc:0c:b6:b1:d2:d1:89:
-#                    bb:41:b6:f2:de:57:d5:15:df:fc:fd:e2:31:c5:df:
-#                    ca:c1:d8:8f:2c:bf:f0:0e:5b:71:e0:34:71:c3:c5:
-#                    4d:7d:7a:d4:fa:ed:30:4b:2f:ea:b6:2e:9e:93:3c:
-#                    e2:3a:f8:42:a2:1a:ee:dc:df:cd:0f:a9:f6:79:84:
-#                    1a:8e:6c:02:b6:86:e5:bf:51:6a:66:f8:f3:9c:d3:
-#                    59:0c:7b:a5:99:78:cd:7c:99:fa:c6:96:47:d8:32:
-#                    d4:74:76:0e:77:4b:20:74:a4:b7:89:75:92:4a:b4:
-#                    5b:55
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                86:49:45:FC:33:19:33:D4:04:ED:27:61:EE:E8:01:C9:0C:7F:2F:7E
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:login.yahoo.com, DNS:www.login.yahoo.com
-#    Signature Algorithm: sha1WithRSAEncryption
-#         3d:57:c9:48:24:5c:ee:64:81:f5:ae:be:55:29:16:ff:2a:2f:
-#         84:ed:d9:f8:a3:03:c8:30:66:bb:c8:d4:81:2d:21:f7:08:f7:
-#         ac:96:42:9a:41:75:7a:ba:5d:10:23:cb:92:42:61:fa:8a:da:
-#         6d:65:34:19:e5:a9:d6:2d:13:78:d7:81:44:92:a9:6e:80:63:
-#         15:cb:fe:35:1f:02:d1:8a:14:b0:a8:cc:94:20:3b:a8:1a:f0:
-#         5d:36:50:db:0d:ae:e9:64:e4:f6:8d:69:7d:30:c8:14:17:00:
-#         4a:e5:a6:35:fb:7d:0d:22:9d:79:76:52:2c:bc:97:06:88:9a:
-#         15:f4:73:e6:f1:f5:98:a5:cd:07:44:91:b8:a7:68:67:45:d2:
-#         72:11:60:e2:71:b7:50:55:e2:8a:a9:0d:d6:92:ee:04:2a:8b:
-#         30:a0:a2:05:46:34:6d:92:c6:3b:aa:4d:a0:d0:ab:01:19:0a:
-#         32:b7:e8:e3:cf:f1:d2:97:49:7b:ac:a4:97:f7:f0:57:ae:63:
-#         77:9a:7f:96:da:4d:fd:be:dc:07:36:e3:25:bd:89:79:8e:29:
-#         12:13:8b:88:07:fb:6b:db:a4:cd:b3:2d:27:e9:d4:ca:60:d7:
-#         85:53:fb:74:c6:5c:35:8c:70:1f:f9:b2:b7:92:27:20:c7:94:
-#         d5:67:14:30
-
-[p11-kit-object-v1]
-label: "Bogus Yahoo 2"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX
-4kB38Bzr0BnfIl0If9EHPEGJRhejCfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5i
-Prw/bCHuk43LDaAfmpbQj631k5OC7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/
-N1LQ8XxvkNhFCqw5cmph1bvDjPnCzN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8
-/eIxxd/KwdiPLL/wDltx4DRxw8VNfXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2
-eYQajmwCtoblv1FqZvjznNNZDHulmXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRb
-VQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus Yahoo 2"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX
-4kB38Bzr0BnfIl0If9EHPEGJRhejCfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5i
-Prw/bCHuk43LDaAfmpbQj631k5OC7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/
-N1LQ8XxvkNhFCqw5cmph1bvDjPnCzN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8
-/eIxxd/KwdiPLL/wDltx4DRxw8VNfXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2
-eYQajmwCtoblv1FqZvjznNNZDHulmXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRb
-VQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus Yahoo 2"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF2TCCBMGgAwIBAgIQOSpDTw4H3x+KowXeNODCKTANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQChpAU97YVFk4oYTcYDAFfiQHfwHOvQGd8iXQh/0Qc8QYlGF6MJ
-+vz4qQTRlo+r1088+a0YqXSBxFcKOiYWzmI+vD9sIe6TjcsNoB+altCPrfWTk4Lu
-cgyhdRWje4RWuK3/UhFxhLw6MAt+mKjhqD83UtDxfG+Q2EUKrDlyamHVu8OM+cLM
-3/06cbmvvNw63Ay2sdLRibtBtvLeV9UV3/z94jHF38rB2I8sv/AOW3HgNHHDxU19
-etT67TBLL+q2Lp6TPOI6+EKiGu7c380PqfZ5hBqObAK2huW/UWpm+POc01kMe6WZ
-eM18mfrGlkfYMtR0dg53SyB0pLeJdZJKtFtVAgMBAAGjggHVMIIB0TAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUhklF/DMZM9QE7Sdh
-7ugByQx/L34wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBoG
-A1UdEQQTMBGCD2xvZ2luLnlhaG9vLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAV2Lh
-d+v8H7+IU69Y09TWbWcwF0C+4B9k3ocVzOCkVqnRn/kB/gKxseriX+5xFjH5CNXC
-15qbslo416l/6YdrMfkLrNn9UHHg24KSD4GcjXfp6y7q1CNBh+wtsnizjrFn0u5x
-AwgSmbMCKW/ei97BqQMKWjMcPREDxkgMmJwVLtmmhVLnBYquMCPr7ShsYOktf49H
-iy/Q3Oa7D35f8kiBjlAEY7FRgHWaqbYQHBBfbxhv4A6WRc7u8bUg2+/absiV4/ZF
-/cr8pV9JbQYe0t5hPRV9N+UcNY4Gwmv3tKgoLDHLqrSnl0+divavfje5ez3fkmaL
-j06dxjbnXKarEg/Wzw==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            39:2a:43:4f:0e:07:df:1f:8a:a3:05:de:34:e0:c2:29
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=English/street=Sea Village 10, O=Google Ltd., OU=Tech Dept., OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=login.yahoo.com
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:a1:a4:05:3d:ed:85:45:93:8a:18:4d:c6:03:00:
-#                    57:e2:40:77:f0:1c:eb:d0:19:df:22:5d:08:7f:d1:
-#                    07:3c:41:89:46:17:a3:09:fa:fc:f8:a9:04:d1:96:
-#                    8f:ab:d7:4f:3c:f9:ad:18:a9:74:81:c4:57:0a:3a:
-#                    26:16:ce:62:3e:bc:3f:6c:21:ee:93:8d:cb:0d:a0:
-#                    1f:9a:96:d0:8f:ad:f5:93:93:82:ee:72:0c:a1:75:
-#                    15:a3:7b:84:56:b8:ad:ff:52:11:71:84:bc:3a:30:
-#                    0b:7e:98:a8:e1:a8:3f:37:52:d0:f1:7c:6f:90:d8:
-#                    45:0a:ac:39:72:6a:61:d5:bb:c3:8c:f9:c2:cc:df:
-#                    fd:3a:71:b9:af:bc:dc:3a:dc:0c:b6:b1:d2:d1:89:
-#                    bb:41:b6:f2:de:57:d5:15:df:fc:fd:e2:31:c5:df:
-#                    ca:c1:d8:8f:2c:bf:f0:0e:5b:71:e0:34:71:c3:c5:
-#                    4d:7d:7a:d4:fa:ed:30:4b:2f:ea:b6:2e:9e:93:3c:
-#                    e2:3a:f8:42:a2:1a:ee:dc:df:cd:0f:a9:f6:79:84:
-#                    1a:8e:6c:02:b6:86:e5:bf:51:6a:66:f8:f3:9c:d3:
-#                    59:0c:7b:a5:99:78:cd:7c:99:fa:c6:96:47:d8:32:
-#                    d4:74:76:0e:77:4b:20:74:a4:b7:89:75:92:4a:b4:
-#                    5b:55
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                86:49:45:FC:33:19:33:D4:04:ED:27:61:EE:E8:01:C9:0C:7F:2F:7E
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:login.yahoo.com
-#    Signature Algorithm: sha1WithRSAEncryption
-#         57:62:e1:77:eb:fc:1f:bf:88:53:af:58:d3:d4:d6:6d:67:30:
-#         17:40:be:e0:1f:64:de:87:15:cc:e0:a4:56:a9:d1:9f:f9:01:
-#         fe:02:b1:b1:ea:e2:5f:ee:71:16:31:f9:08:d5:c2:d7:9a:9b:
-#         b2:5a:38:d7:a9:7f:e9:87:6b:31:f9:0b:ac:d9:fd:50:71:e0:
-#         db:82:92:0f:81:9c:8d:77:e9:eb:2e:ea:d4:23:41:87:ec:2d:
-#         b2:78:b3:8e:b1:67:d2:ee:71:03:08:12:99:b3:02:29:6f:de:
-#         8b:de:c1:a9:03:0a:5a:33:1c:3d:11:03:c6:48:0c:98:9c:15:
-#         2e:d9:a6:85:52:e7:05:8a:ae:30:23:eb:ed:28:6c:60:e9:2d:
-#         7f:8f:47:8b:2f:d0:dc:e6:bb:0f:7e:5f:f2:48:81:8e:50:04:
-#         63:b1:51:80:75:9a:a9:b6:10:1c:10:5f:6f:18:6f:e0:0e:96:
-#         45:ce:ee:f1:b5:20:db:ef:da:6e:c8:95:e3:f6:45:fd:ca:fc:
-#         a5:5f:49:6d:06:1e:d2:de:61:3d:15:7d:37:e5:1c:35:8e:06:
-#         c2:6b:f7:b4:a8:28:2c:31:cb:aa:b4:a7:97:4f:9d:8a:f6:af:
-#         7e:37:b9:7b:3d:df:92:66:8b:8f:4e:9d:c6:36:e7:5c:a6:ab:
-#         12:0f:d6:cf
-
-[p11-kit-object-v1]
-label: "Bogus Yahoo 3"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX
-4kB38Bzr0BnfIl0If9EHPEGJRhejCfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5i
-Prw/bCHuk43LDaAfmpbQj631k5OC7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/
-N1LQ8XxvkNhFCqw5cmph1bvDjPnCzN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8
-/eIxxd/KwdiPLL/wDltx4DRxw8VNfXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2
-eYQajmwCtoblv1FqZvjznNNZDHulmXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRb
-VQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus Yahoo 3"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX
-4kB38Bzr0BnfIl0If9EHPEGJRhejCfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5i
-Prw/bCHuk43LDaAfmpbQj631k5OC7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/
-N1LQ8XxvkNhFCqw5cmph1bvDjPnCzN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8
-/eIxxd/KwdiPLL/wDltx4DRxw8VNfXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2
-eYQajmwCtoblv1FqZvjznNNZDHulmXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRb
-VQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus Yahoo 3"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF2TCCBMGgAwIBAgIQPnXO1GtpMCEhiDCuhqgqcTANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQChpAU97YVFk4oYTcYDAFfiQHfwHOvQGd8iXQh/0Qc8QYlGF6MJ
-+vz4qQTRlo+r1088+a0YqXSBxFcKOiYWzmI+vD9sIe6TjcsNoB+altCPrfWTk4Lu
-cgyhdRWje4RWuK3/UhFxhLw6MAt+mKjhqD83UtDxfG+Q2EUKrDlyamHVu8OM+cLM
-3/06cbmvvNw63Ay2sdLRibtBtvLeV9UV3/z94jHF38rB2I8sv/AOW3HgNHHDxU19
-etT67TBLL+q2Lp6TPOI6+EKiGu7c380PqfZ5hBqObAK2huW/UWpm+POc01kMe6WZ
-eM18mfrGlkfYMtR0dg53SyB0pLeJdZJKtFtVAgMBAAGjggHVMIIB0TAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUhklF/DMZM9QE7Sdh
-7ugByQx/L34wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBoG
-A1UdEQQTMBGCD2xvZ2luLnlhaG9vLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAU2mY
-jihOnCtbHcxrdyg9u/qlTn5WKaTqEOL05i0G0YTbI86X82i2DzreFQskHZHjbC4w
-t+lwsMNGgPDTsVG/T9Z4oPysxs8xBGPiNFUFSj32MLrzM+W60pbz1bG2k4kapGi+
-fu1jtBpIwFPko/A5DDKSx0MNGnHt0EaTv5NibDNLzTYNaV67bJaZIWnES2dy22xq
-uPdo7cWPrWNllQpM4PkPfjc9qtSTumcJw6WkDQNabdUL/vBAFLT2uGl8bcIyS5+1
-GudGrkxaK6p6XpBXlfrbZgIgHmppZhWcwrb1vFC1/UXHH2i0R1msxBsok05SUxID
-WEtxg59m5qx5SP7+Rw==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            3e:75:ce:d4:6b:69:30:21:21:88:30:ae:86:a8:2a:71
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=English/street=Sea Village 10, O=Google Ltd., OU=Tech Dept., OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=login.yahoo.com
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:a1:a4:05:3d:ed:85:45:93:8a:18:4d:c6:03:00:
-#                    57:e2:40:77:f0:1c:eb:d0:19:df:22:5d:08:7f:d1:
-#                    07:3c:41:89:46:17:a3:09:fa:fc:f8:a9:04:d1:96:
-#                    8f:ab:d7:4f:3c:f9:ad:18:a9:74:81:c4:57:0a:3a:
-#                    26:16:ce:62:3e:bc:3f:6c:21:ee:93:8d:cb:0d:a0:
-#                    1f:9a:96:d0:8f:ad:f5:93:93:82:ee:72:0c:a1:75:
-#                    15:a3:7b:84:56:b8:ad:ff:52:11:71:84:bc:3a:30:
-#                    0b:7e:98:a8:e1:a8:3f:37:52:d0:f1:7c:6f:90:d8:
-#                    45:0a:ac:39:72:6a:61:d5:bb:c3:8c:f9:c2:cc:df:
-#                    fd:3a:71:b9:af:bc:dc:3a:dc:0c:b6:b1:d2:d1:89:
-#                    bb:41:b6:f2:de:57:d5:15:df:fc:fd:e2:31:c5:df:
-#                    ca:c1:d8:8f:2c:bf:f0:0e:5b:71:e0:34:71:c3:c5:
-#                    4d:7d:7a:d4:fa:ed:30:4b:2f:ea:b6:2e:9e:93:3c:
-#                    e2:3a:f8:42:a2:1a:ee:dc:df:cd:0f:a9:f6:79:84:
-#                    1a:8e:6c:02:b6:86:e5:bf:51:6a:66:f8:f3:9c:d3:
-#                    59:0c:7b:a5:99:78:cd:7c:99:fa:c6:96:47:d8:32:
-#                    d4:74:76:0e:77:4b:20:74:a4:b7:89:75:92:4a:b4:
-#                    5b:55
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                86:49:45:FC:33:19:33:D4:04:ED:27:61:EE:E8:01:C9:0C:7F:2F:7E
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:login.yahoo.com
-#    Signature Algorithm: sha1WithRSAEncryption
-#         53:69:98:8e:28:4e:9c:2b:5b:1d:cc:6b:77:28:3d:bb:fa:a5:
-#         4e:7e:56:29:a4:ea:10:e2:f4:e6:2d:06:d1:84:db:23:ce:97:
-#         f3:68:b6:0f:3a:de:15:0b:24:1d:91:e3:6c:2e:30:b7:e9:70:
-#         b0:c3:46:80:f0:d3:b1:51:bf:4f:d6:78:a0:fc:ac:c6:cf:31:
-#         04:63:e2:34:55:05:4a:3d:f6:30:ba:f3:33:e5:ba:d2:96:f3:
-#         d5:b1:b6:93:89:1a:a4:68:be:7e:ed:63:b4:1a:48:c0:53:e4:
-#         a3:f0:39:0c:32:92:c7:43:0d:1a:71:ed:d0:46:93:bf:93:62:
-#         6c:33:4b:cd:36:0d:69:5e:bb:6c:96:99:21:69:c4:4b:67:72:
-#         db:6c:6a:b8:f7:68:ed:c5:8f:ad:63:65:95:0a:4c:e0:f9:0f:
-#         7e:37:3d:aa:d4:93:ba:67:09:c3:a5:a4:0d:03:5a:6d:d5:0b:
-#         fe:f0:40:14:b4:f6:b8:69:7c:6d:c2:32:4b:9f:b5:1a:e7:46:
-#         ae:4c:5a:2b:aa:7a:5e:90:57:95:fa:db:66:02:20:1e:6a:69:
-#         66:15:9c:c2:b6:f5:bc:50:b5:fd:45:c7:1f:68:b4:47:59:ac:
-#         c4:1b:28:93:4e:52:53:12:03:58:4b:71:83:9f:66:e6:ac:79:
-#         48:fe:fe:47
-
-[p11-kit-object-v1]
-label: "Bogus live.com"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8/wrL+/hrVnwQjzC8YK/
-LEGT0faYM5VMvGLxlVgItul7d0iw09wXP7xu5uwe7I0X/hwkxj5nPZKVojDAp1cg
-z3CIl0oFk3mTQpcvPv/EFBQoohM2tPjuvh28eF1hk1/riNfR5CuazVjiB0WfT7i5
-QGozLFshA1pKlPJ6l1kbqLVC2IMAqjTMp3bQRwNfBa874bmhNCW3bF+aMISYwsLX
-8rhCShBVvfpTgV2NaGZFLFJ+5cQEw1TnwznaekrFuZiCIOEsYFe/uvJGALxfOtzj
-M5f4Spi57DNPLWBsFZKmgUoL6ex2cDQxF3DmcEuOi9N1y3hJq2abhp+PqcQB6Mob
-5wIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Bogus live.com"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8/wrL+/hrVnwQjzC8YK/
-LEGT0faYM5VMvGLxlVgItul7d0iw09wXP7xu5uwe7I0X/hwkxj5nPZKVojDAp1cg
-z3CIl0oFk3mTQpcvPv/EFBQoohM2tPjuvh28eF1hk1/riNfR5CuazVjiB0WfT7i5
-QGozLFshA1pKlPJ6l1kbqLVC2IMAqjTMp3bQRwNfBa874bmhNCW3bF+aMISYwsLX
-8rhCShBVvfpTgV2NaGZFLFJ+5cQEw1TnwznaekrFuZiCIOEsYFe/uvJGALxfOtzj
-M5f4Spi57DNPLWBsFZKmgUoL6ex2cDQxF3DmcEuOi9N1y3hJq2abhp+PqcQB6Mob
-5wIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Bogus live.com"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF7DCCBNSgAwIBAgIRALC3Ez7Qlvm1b66RyHS9OsAwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd4xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEXMBUGA1UEAxMObG9naW4ubGl2ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDz/Csv7+GtWfBCPMLxgr8sQZPR9pgzlUy8YvGVWAi26Xt3SLDT
-3Bc/vG7m7B7sjRf+HCTGPmc9kpWiMMCnVyDPcIiXSgWTeZNCly8+/8QUFCiiEza0
-+O6+Hbx4XWGTX+uI19HkK5rNWOIHRZ9PuLlAajMsWyEDWkqU8nqXWRuotULYgwCq
-NMyndtBHA18FrzvhuaE0JbdsX5owhJjCwtfyuEJKEFW9+lOBXY1oZkUsUn7lxATD
-VOfDOdp6SsW5mIIg4SxgV7+68kYAvF863OMzl/hKmLnsM08tYGwVkqaBSgvp7HZw
-NDEXcOZwS46L03XLeEmrZpuGn4+pxAHoyhvnAgMBAAGjggHoMIIB5DAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQU1GT2qeilfte/Y1ID
-g1PbxUGN6oAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMC0G
-A1UdEQQmMCSCDmxvZ2luLmxpdmUuY29tghJ3d3cubG9naW4ubGl2ZS5jb20wDQYJ
-KoZIhvcNAQEFBQADggEBAFTjpJok0vMdQq0b8B6r+9rVqunPWrMeV3sx8m5XSzGv
-M7u2DRXHXlkBzkS1t78JydXcaYTpxRq38D7UwCS9KV+06dZY60URiTQ00xHrNM4q
-TwA99nLvaWbAn5qsfnBQrFVH2r5DW+yLyMUjhMmftlIIz5EbL4Bp5jQz5rOfpOUN
-mhX5V/wLqUEL9f9YQZIiJ2YSBscq2Fmnxt9EEk/AqH+nQcjIaf+6BS6XrTvQ6/MV
-bX4b5brdNL4iEexomDOBAmoLE1V5MXVOOsi2E72XbzcKCy2IDt5nkMKzyiDKmlH0
-ZD7b9C5F8sdHF6j0+pBaf4CmgqzkbIFGu1KFICT4gOo=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            b0:b7:13:3e:d0:96:f9:b5:6f:ae:91:c8:74:bd:3a:c0
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Mar 15 00:00:00 2011 GMT
-#            Not After : Mar 14 23:59:59 2014 GMT
-#        Subject: C=US/postalCode=38477, ST=Florida, L=English/street=Sea Village 10, O=Google Ltd., OU=Tech Dept., OU=Hosted by GTI Group Corporation, OU=PlatinumSSL, CN=login.live.com
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:f3:fc:2b:2f:ef:e1:ad:59:f0:42:3c:c2:f1:82:
-#                    bf:2c:41:93:d1:f6:98:33:95:4c:bc:62:f1:95:58:
-#                    08:b6:e9:7b:77:48:b0:d3:dc:17:3f:bc:6e:e6:ec:
-#                    1e:ec:8d:17:fe:1c:24:c6:3e:67:3d:92:95:a2:30:
-#                    c0:a7:57:20:cf:70:88:97:4a:05:93:79:93:42:97:
-#                    2f:3e:ff:c4:14:14:28:a2:13:36:b4:f8:ee:be:1d:
-#                    bc:78:5d:61:93:5f:eb:88:d7:d1:e4:2b:9a:cd:58:
-#                    e2:07:45:9f:4f:b8:b9:40:6a:33:2c:5b:21:03:5a:
-#                    4a:94:f2:7a:97:59:1b:a8:b5:42:d8:83:00:aa:34:
-#                    cc:a7:76:d0:47:03:5f:05:af:3b:e1:b9:a1:34:25:
-#                    b7:6c:5f:9a:30:84:98:c2:c2:d7:f2:b8:42:4a:10:
-#                    55:bd:fa:53:81:5d:8d:68:66:45:2c:52:7e:e5:c4:
-#                    04:c3:54:e7:c3:39:da:7a:4a:c5:b9:98:82:20:e1:
-#                    2c:60:57:bf:ba:f2:46:00:bc:5f:3a:dc:e3:33:97:
-#                    f8:4a:98:b9:ec:33:4f:2d:60:6c:15:92:a6:81:4a:
-#                    0b:e9:ec:76:70:34:31:17:70:e6:70:4b:8e:8b:d3:
-#                    75:cb:78:49:ab:66:9b:86:9f:8f:a9:c4:01:e8:ca:
-#                    1b:e7
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#
-#            X509v3 Subject Key Identifier: 
-#                D4:64:F6:A9:E8:A5:7E:D7:BF:63:52:03:83:53:DB:C5:41:8D:EA:80
-#            X509v3 Key Usage: critical
-#                Digital Signature, Key Encipherment
-#            X509v3 Basic Constraints: critical
-#                CA:FALSE
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
-#                  CPS: https://secure.comodo.com/CPS
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
-#
-#            Authority Information Access: 
-#                CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
-#                OCSP - URI:http://ocsp.comodoca.com
-#
-#            X509v3 Subject Alternative Name: 
-#                DNS:login.live.com, DNS:www.login.live.com
-#    Signature Algorithm: sha1WithRSAEncryption
-#         54:e3:a4:9a:24:d2:f3:1d:42:ad:1b:f0:1e:ab:fb:da:d5:aa:
-#         e9:cf:5a:b3:1e:57:7b:31:f2:6e:57:4b:31:af:33:bb:b6:0d:
-#         15:c7:5e:59:01:ce:44:b5:b7:bf:09:c9:d5:dc:69:84:e9:c5:
-#         1a:b7:f0:3e:d4:c0:24:bd:29:5f:b4:e9:d6:58:eb:45:11:89:
-#         34:34:d3:11:eb:34:ce:2a:4f:00:3d:f6:72:ef:69:66:c0:9f:
-#         9a:ac:7e:70:50:ac:55:47:da:be:43:5b:ec:8b:c8:c5:23:84:
-#         c9:9f:b6:52:08:cf:91:1b:2f:80:69:e6:34:33:e6:b3:9f:a4:
-#         e5:0d:9a:15:f9:57:fc:0b:a9:41:0b:f5:ff:58:41:92:22:27:
-#         66:12:06:c7:2a:d8:59:a7:c6:df:44:12:4f:c0:a8:7f:a7:41:
-#         c8:c8:69:ff:ba:05:2e:97:ad:3b:d0:eb:f3:15:6d:7e:1b:e5:
-#         ba:dd:34:be:22:11:ec:68:98:33:81:02:6a:0b:13:55:79:31:
-#         75:4e:3a:c8:b6:13:bd:97:6f:37:0a:0b:2d:88:0e:de:67:90:
-#         c2:b3:ca:20:ca:9a:51:f4:64:3e:db:f4:2e:45:f2:c7:47:17:
-#         a8:f4:fa:90:5a:7f:80:a6:82:ac:e4:6c:81:46:bb:52:85:20:
-#         24:f8:80:ea
-
 [p11-kit-object-v1]
 label: "Buypass Class 2 Root CA"
 class: x-certificate-extension
@@ -4065,157 +2304,11 @@ u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq
 #         bb:dc:4d:d7:64:f2:51:be:e6:aa:ab:5a:e9:31:ee:06:bc:73:
 #         bf:13:62:0a:9f:c7:b9:97
 
-[p11-kit-object-v1]
-label: "CA Disig Root R1"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqsN499yYo6daXncYst0E
-ZA9j/ZuWCYDV6Kql4pwmlDromXOMnd/X34PzeE9A4X/Sp9LlyhOT5+3Gd182tZSv
-6DiO25vlfLvMjet1c+EkzeanLRku2NaKaxTrCGIK2NyzAE3DI3xfQwgjMhLc7Qyt
-wH0PpXpC2Vpw2b+n1wEc9purjrdKhnigHlYxru+CCoBB9xvJrqsyJtQsa+19a+Ti
-XiIKRcuEMU2s/tvRR7r5YJc5sWXH3vuZ5AoisS1N5UgmaaviqvP7/JIpMumzPk0f
-J6HNjrkX+yU+yW7zd9oNEvZdx7s2ENVU1vPg4kdI5t4U2mFSrya09XFPydfSBt9j
-yv8h6FkG4AjVhBVT90PlfMWgiZhrc8ZozmXevX8F97Hu9lehYJXFzOqTOr6ZrpsC
-o63JFrXO3V6ZeH4aOX6ywAWkwIKlo0eejOpctrxn2+YqTdIE3KOuRfe8i5wcp9bV
-A9wIyy4WylxAM+hnwy7npkTqEUUcNWUtHkVhJBuCLqWdM11l+EH5LsuUPx+jDDEk
-RO3HXq1QusZBm6zwF2XA+F1vW6AKNDzu1+qIn5j5r04k+peyZHbaq/Tt48Ng79X5
-Asgtn4OvZ2kGpzFV1c9Lb/8EBcdYrF8WG+XSo+sx2x8zFU3Q8qVT9cvhPU5oLdgS
-3ary5k2bSeXFKKG6sFrGoLUCAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "CA Disig Root R1"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
-MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
-D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
-OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
-fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
-IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
-oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
-/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
-rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
-3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
-7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
-yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
-qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
-hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
-SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
-HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
-emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
-AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
-7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
-DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
-F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
-a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
-Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOL
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            c3:03:9a:ee:50:90:6e:28
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R1
-#        Validity
-#            Not Before: Jul 19 09:06:56 2012 GMT
-#            Not After : Jul 19 09:06:56 2042 GMT
-#        Subject: C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R1
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:aa:c3:78:f7:dc:98:a3:a7:5a:5e:77:18:b2:dd:
-#                    04:64:0f:63:fd:9b:96:09:80:d5:e8:aa:a5:e2:9c:
-#                    26:94:3a:e8:99:73:8c:9d:df:d7:df:83:f3:78:4f:
-#                    40:e1:7f:d2:a7:d2:e5:ca:13:93:e7:ed:c6:77:5f:
-#                    36:b5:94:af:e8:38:8e:db:9b:e5:7c:bb:cc:8d:eb:
-#                    75:73:e1:24:cd:e6:a7:2d:19:2e:d8:d6:8a:6b:14:
-#                    eb:08:62:0a:d8:dc:b3:00:4d:c3:23:7c:5f:43:08:
-#                    23:32:12:dc:ed:0c:ad:c0:7d:0f:a5:7a:42:d9:5a:
-#                    70:d9:bf:a7:d7:01:1c:f6:9b:ab:8e:b7:4a:86:78:
-#                    a0:1e:56:31:ae:ef:82:0a:80:41:f7:1b:c9:ae:ab:
-#                    32:26:d4:2c:6b:ed:7d:6b:e4:e2:5e:22:0a:45:cb:
-#                    84:31:4d:ac:fe:db:d1:47:ba:f9:60:97:39:b1:65:
-#                    c7:de:fb:99:e4:0a:22:b1:2d:4d:e5:48:26:69:ab:
-#                    e2:aa:f3:fb:fc:92:29:32:e9:b3:3e:4d:1f:27:a1:
-#                    cd:8e:b9:17:fb:25:3e:c9:6e:f3:77:da:0d:12:f6:
-#                    5d:c7:bb:36:10:d5:54:d6:f3:e0:e2:47:48:e6:de:
-#                    14:da:61:52:af:26:b4:f5:71:4f:c9:d7:d2:06:df:
-#                    63:ca:ff:21:e8:59:06:e0:08:d5:84:15:53:f7:43:
-#                    e5:7c:c5:a0:89:98:6b:73:c6:68:ce:65:de:bd:7f:
-#                    05:f7:b1:ee:f6:57:a1:60:95:c5:cc:ea:93:3a:be:
-#                    99:ae:9b:02:a3:ad:c9:16:b5:ce:dd:5e:99:78:7e:
-#                    1a:39:7e:b2:c0:05:a4:c0:82:a5:a3:47:9e:8c:ea:
-#                    5c:b6:bc:67:db:e6:2a:4d:d2:04:dc:a3:ae:45:f7:
-#                    bc:8b:9c:1c:a7:d6:d5:03:dc:08:cb:2e:16:ca:5c:
-#                    40:33:e8:67:c3:2e:e7:a6:44:ea:11:45:1c:35:65:
-#                    2d:1e:45:61:24:1b:82:2e:a5:9d:33:5d:65:f8:41:
-#                    f9:2e:cb:94:3f:1f:a3:0c:31:24:44:ed:c7:5e:ad:
-#                    50:ba:c6:41:9b:ac:f0:17:65:c0:f8:5d:6f:5b:a0:
-#                    0a:34:3c:ee:d7:ea:88:9f:98:f9:af:4e:24:fa:97:
-#                    b2:64:76:da:ab:f4:ed:e3:c3:60:ef:d5:f9:02:c8:
-#                    2d:9f:83:af:67:69:06:a7:31:55:d5:cf:4b:6f:ff:
-#                    04:05:c7:58:ac:5f:16:1b:e5:d2:a3:eb:31:db:1f:
-#                    33:15:4d:d0:f2:a5:53:f5:cb:e1:3d:4e:68:2d:d8:
-#                    12:dd:aa:f2:e6:4d:9b:49:e5:c5:28:a1:ba:b0:5a:
-#                    c6:a0:b5
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                89:0A:B4:38:93:1A:E6:AB:EE:9B:91:18:F9:F5:3C:3E:35:D0:D3:82
-#    Signature Algorithm: sha1WithRSAEncryption
-#         32:8b:f6:9d:4a:c9:be:14:e5:8c:ac:38:ca:3a:09:d4:1b:ce:
-#         86:b3:dd:eb:d4:ba:28:be:12:ae:45:2c:04:74:ac:13:51:c5:
-#         58:18:66:4d:82:da:d5:dc:93:c0:27:e1:be:7c:9f:52:9e:12:
-#         56:f6:d5:9c:a9:f4:75:9c:fa:37:12:8f:1c:93:ec:57:fe:07:
-#         0f:ab:d5:12:f7:0f:ae:61:5e:56:80:49:f5:fc:30:f5:9b:4f:
-#         1f:41:2f:1c:84:d3:89:c7:e2:da:02:76:ed:09:cf:6c:c1:b8:
-#         1c:83:1c:16:fa:94:cd:7d:a0:c8:18:d2:c8:9d:6e:f5:bd:69:
-#         d4:6d:3d:35:e8:1e:a2:4f:60:d7:07:29:fc:b2:a3:a4:9d:6e:
-#         15:92:56:19:4c:0a:b0:e9:7c:d2:19:4d:42:46:ec:bd:fd:f6:
-#         57:5b:dd:98:7e:a4:4d:cc:72:03:83:58:5d:ef:93:3a:41:7a:
-#         63:aa:7c:3a:a8:f5:ac:a4:d1:dd:a2:2d:b6:2a:fc:9f:01:8e:
-#         e2:10:b1:c4:ca:e4:67:db:55:25:19:3f:fd:e8:36:7e:b3:e1:
-#         e1:81:af:11:16:8b:50:97:60:19:82:00:c0:6b:4d:73:b8:d1:
-#         13:07:3e:ea:b6:31:4f:f0:42:9a:6d:e2:11:74:e5:94:ac:8d:
-#         84:95:3c:21:af:c5:da:47:c8:df:39:62:62:cb:5b:50:0b:d7:
-#         81:40:05:9c:9b:ed:ba:b6:8b:1e:04:6f:96:20:39:ed:a4:7d:
-#         29:db:48:ce:82:dc:d4:02:8d:1d:04:31:5a:c7:4b:f0:6c:61:
-#         52:d7:b4:51:c2:81:6c:cd:e1:fb:a7:a1:d2:92:76:cf:b1:0f:
-#         37:58:a4:f2:52:71:67:3f:0c:88:78:80:89:c1:c8:b5:1f:92:
-#         63:be:a7:7a:8a:56:2c:1a:a8:a6:9c:b5:5d:b3:63:d0:13:20:
-#         a1:eb:91:6c:d0:8d:7d:af:df:0b:e4:17:b9:86:9e:38:b1:94:
-#         0c:58:8c:e0:55:aa:3b:63:6d:9a:89:60:b8:64:2a:92:c6:37:
-#         f4:7e:43:43:b7:73:e8:01:e7:7f:97:0f:d7:f2:7b:19:fd:1a:
-#         d7:8f:c9:fa:85:6b:7a:9d:9e:89:b6:a6:28:99:93:88:40:f7:
-#         3e:cd:51:a3:ca:ea:ef:79:47:21:b5:fe:32:e2:c7:c3:51:6f:
-#         be:80:74:f0:a4:c3:3a:f2:4f:e9:5f:df:19:0a:f2:3b:13:43:
-#         ac:31:a4:b3:e7:eb:fc:18:d6:01:a9:f3:2a:8f:36:0e:eb:b4:
-#         b1:bc:b7:4c:c9:6b:bf:a1:f3:d9:f4:ed:e2:f0:e3:ed:64:9e:
-#         3d:2f:96:52:4f:80:53:8b
-
 [p11-kit-object-v1]
 label: "CA Disig Root R2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoqPEAAnWhV0tbRT2wsNz
@@ -4357,75 +2450,6 @@ L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL
 #         19:e9:1e:29:15:ef:e6:6d:b0:7f:2d:67:fd:f3:6c:1b:75:46:
 #         a3:e5:4a:17:e9:a4:d7:0b
 
-[p11-kit-object-v1]
-label: "CA WoSign ECC Root"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6I
-Osq/Srj57ywvr1FQPEd1bPiUt5v8KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCL
-elTOA7WRf6qU0NGKSMyCBSah1VES1ns2
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "CA WoSign ECC Root"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
-CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
-EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
-NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
-MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
-KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
-1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
-1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
-aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            68:4a:58:70:80:6b:f0:8f:02:fa:f6:de:e8:b0:90:90
-#    Signature Algorithm: ecdsa-with-SHA384
-#        Issuer: C=CN, O=WoSign CA Limited, CN=CA WoSign ECC Root
-#        Validity
-#            Not Before: Nov  8 00:58:58 2014 GMT
-#            Not After : Nov  8 00:58:58 2044 GMT
-#        Subject: C=CN, O=WoSign CA Limited, CN=CA WoSign ECC Root
-#        Subject Public Key Info:
-#            Public Key Algorithm: id-ecPublicKey
-#                Public-Key: (384 bit)
-#                pub: 
-#                    04:e1:fd:8e:b8:43:24:ab:96:7b:85:c2:ba:0b:ad:
-#                    8d:e0:3a:e3:24:b9:d2:b1:be:88:3a:ca:bf:4a:b8:
-#                    f9:ef:2c:2f:af:51:50:3c:47:75:6c:f8:94:b7:9b:
-#                    fc:28:1e:c5:54:cc:63:9d:16:4b:53:c1:e7:20:ab:
-#                    cd:ac:25:d2:7f:8f:c2:c1:5a:82:5e:30:8b:7a:54:
-#                    ce:03:b5:91:7f:aa:94:d0:d1:8a:48:cc:82:05:26:
-#                    a1:d5:51:12:d6:7b:36
-#                ASN1 OID: secp384r1
-#                NIST CURVE: P-384
-#        X509v3 extensions:
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Subject Key Identifier: 
-#                AA:FD:D5:5A:A3:F6:87:8B:32:85:FD:D1:32:5B:80:45:93:F3:03:B8
-#    Signature Algorithm: ecdsa-with-SHA384
-#         30:65:02:31:00:e4:a4:84:b0:81:d5:3d:b0:74:ac:94:a4:e8:
-#         0e:3d:00:74:4c:a1:97:6b:f9:0d:51:3c:a1:d9:3b:f4:0d:ab:
-#         a9:9f:be:4e:72:ca:85:d4:d9:ec:b5:32:45:18:6f:ab:ad:02:
-#         30:7d:c7:f7:69:63:2f:a1:e1:98:ef:13:10:d1:79:3f:d1:fe:
-#         ea:3b:7f:de:56:f4:90:b1:15:11:d8:b2:22:15:d0:2f:c3:26:
-#         2e:6b:f1:91:b2:90:65:f4:9a:e6:90:ee:4a
-
 [p11-kit-object-v1]
 label: "CFCA EV ROOT"
 class: x-certificate-extension
@@ -4575,114 +2599,11 @@ AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
 #         a9:79:b3:d5:02:29:cd:89:a3:96:0f:4a:35:e7:4e:42:c0:75:
 #         cd:07:cf:e6:2c:eb:7b:2e
 
-[p11-kit-object-v1]
-label: "CNNIC ROOT"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zX3P3N3rehbcxfC0W/t
-Vbxu6uikebJsw6Pv4Z+xO0iF9ZpcISIQLMWCztrjmm434Ycs3LkMWrqIVd/9qtsf
-MeoB8d85AcET/UhSIcRV39rYs1R2unSxt33XwOj2WcVNyL2tHxTa31hEJTIZKsd+
-fo6uOLAwe0dyCTHwMNvDG3Ypu2l2Tlf5G2Sik1a3b5lu2woEnBHjgB/LY5QQCqnh
-ZIIx+Ywn7aaZAPZwkxj4oTSGo916whh59nplNc+Q670zk59Tq3M75ps0IC8d76kd
-YxqggNsDL/kmGobSjbupvlI6h2dIDb+0oNgmviNfczd/JuaSBKN/zyCnt/M6ysuZ
-ywIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "CNNIC ROOT"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2
-MDcwOTE0WhcNMjcwNDE2MDcwOTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMF
-Q05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzDo+/hn7E7SIX1mlwh
-IhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tizVHa6
-dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZO
-V/kbZKKTVrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrC
-GHn2emU1z5DrvTOTn1OrczvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gN
-v7Sg2Ca+I19zN38m5pIEo3/PIKe38zrKy5nLAgMBAAGjczBxMBEGCWCGSAGG+EIB
-AQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscCwQ7vptU7ETAPBgNVHRMB
-Af8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991SlgrHAsEO
-76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnK
-OOK5Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvH
-ugDnuL8BV8F3RTIMO/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7Hgvi
-yJA/qIYM/PmLXoXLT1tLYhFHxUV8BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fL
-buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
-2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxE=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1228079105 (0x49330001)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=CN, O=CNNIC, CN=CNNIC ROOT
-#        Validity
-#            Not Before: Apr 16 07:09:14 2007 GMT
-#            Not After : Apr 16 07:09:14 2027 GMT
-#        Subject: C=CN, O=CNNIC, CN=CNNIC ROOT
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:d3:35:f7:3f:73:77:ad:e8:5b:73:17:c2:d1:6f:
-#                    ed:55:bc:6e:ea:e8:a4:79:b2:6c:c3:a3:ef:e1:9f:
-#                    b1:3b:48:85:f5:9a:5c:21:22:10:2c:c5:82:ce:da:
-#                    e3:9a:6e:37:e1:87:2c:dc:b9:0c:5a:ba:88:55:df:
-#                    fd:aa:db:1f:31:ea:01:f1:df:39:01:c1:13:fd:48:
-#                    52:21:c4:55:df:da:d8:b3:54:76:ba:74:b1:b7:7d:
-#                    d7:c0:e8:f6:59:c5:4d:c8:bd:ad:1f:14:da:df:58:
-#                    44:25:32:19:2a:c7:7e:7e:8e:ae:38:b0:30:7b:47:
-#                    72:09:31:f0:30:db:c3:1b:76:29:bb:69:76:4e:57:
-#                    f9:1b:64:a2:93:56:b7:6f:99:6e:db:0a:04:9c:11:
-#                    e3:80:1f:cb:63:94:10:0a:a9:e1:64:82:31:f9:8c:
-#                    27:ed:a6:99:00:f6:70:93:18:f8:a1:34:86:a3:dd:
-#                    7a:c2:18:79:f6:7a:65:35:cf:90:eb:bd:33:93:9f:
-#                    53:ab:73:3b:e6:9b:34:20:2f:1d:ef:a9:1d:63:1a:
-#                    a0:80:db:03:2f:f9:26:1a:86:d2:8d:bb:a9:be:52:
-#                    3a:87:67:48:0d:bf:b4:a0:d8:26:be:23:5f:73:37:
-#                    7f:26:e6:92:04:a3:7f:cf:20:a7:b7:f3:3a:ca:cb:
-#                    99:cb
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            Netscape Cert Type: 
-#                SSL CA, S/MIME CA, Object Signing CA
-#            X509v3 Authority Key Identifier: 
-#                keyid:65:F2:31:AD:2A:F7:F7:DD:52:96:0A:C7:02:C1:0E:EF:A6:D5:3B:11
-#
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Key Usage: 
-#                Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement, Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                65:F2:31:AD:2A:F7:F7:DD:52:96:0A:C7:02:C1:0E:EF:A6:D5:3B:11
-#    Signature Algorithm: sha1WithRSAEncryption
-#         4b:35:ee:cc:e4:ae:bf:c3:6e:ad:9f:95:3b:4b:3f:5b:1e:df:
-#         57:29:a2:59:ca:38:e2:b9:1a:ff:9e:e6:6e:32:dd:1e:ae:ea:
-#         35:b7:f5:93:91:4e:da:42:e1:c3:17:60:50:f2:d1:5c:26:b9:
-#         82:b7:ea:6d:e4:9c:84:e7:03:79:17:af:98:3d:94:db:c7:ba:
-#         00:e7:b8:bf:01:57:c1:77:45:32:0c:3b:f1:b4:1c:08:b0:fd:
-#         51:a0:a1:dd:9a:1d:13:36:9a:6d:b7:c7:3c:b9:e1:c5:d9:17:
-#         fa:83:d5:3d:15:a0:3c:bb:1e:0b:e2:c8:90:3f:a8:86:0c:fc:
-#         f9:8b:5e:85:cb:4f:5b:4b:62:11:47:c5:45:7c:05:2f:41:b1:
-#         9e:10:69:1b:99:96:e0:55:79:fb:4e:86:99:b8:94:da:86:38:
-#         6a:93:a3:e7:cb:6e:e5:df:ea:21:55:89:9c:7d:7d:7f:98:f5:
-#         00:89:ee:e3:84:c0:5c:96:b5:c5:46:ea:46:e0:85:55:b6:1b:
-#         c9:12:d6:c1:cd:cd:80:f3:02:01:3c:c8:69:cb:45:48:63:d8:
-#         94:d0:ec:85:0e:3b:4e:11:65:f4:82:8c:a6:3d:ae:2e:22:94:
-#         09:c8:5c:ea:3c:81:5d:16:2a:03:97:16:55:09:db:8a:41:82:
-#         9e:66:9b:11
-
 [p11-kit-object-v1]
 label: "COMODO Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3UcEbVASY
@@ -4791,7 +2712,7 @@ ZQ==
 label: "COMODO ECC Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEA0d7L3XJghWF+3XkkRbUq2KZ9T5SCwbO
@@ -4863,7 +2784,7 @@ GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
 label: "COMODO RSA Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9E
@@ -5012,7 +2933,7 @@ NVOFBkpdn627G190
 label: "Camerfirma Chambers of Commerce Root"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%04"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzI
@@ -5133,7 +3054,7 @@ tGWaIZDgqtCYvDi1czyL+Nw=
 label: "Camerfirma Global Chambersign Root"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%04"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAonCi0J9CrlsXx9h9zxSD
@@ -5250,106 +3171,6 @@ AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
 #         5a:93:be:a1:c1:ff:f8:e7:0e:67:a4:47:49:76:5d:75:90:1a:
 #         f5:26:8f:f0
 
-[p11-kit-object-v1]
-label: "Certification Authority of WoSign G2"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsXEoCKASU+/2YcRxlPh
-uw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPXJYY1kBaiXW8wGQiHC38Gsp1i
-j96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgOgHzKtB0TiGsOqCR3A9DuW/PK
-aZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg5PGurLtzaaNjOg9FD6FKmsLR
-Y6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9nfwB6jdKgGlxNIuG12t12s9R2
-3164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt52eJ+na2fmKEG/HgUYFf47oB3
-sQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Certification Authority of WoSign G2"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
-BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
-MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
-JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
-gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
-5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
-fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
-2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
-KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
-fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
-3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
-SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
-LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
-XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            6b:25:da:8a:88:9d:7c:bc:0f:05:b3:b1:7a:61:45:44
-#    Signature Algorithm: sha256WithRSAEncryption
-#        Issuer: C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign G2
-#        Validity
-#            Not Before: Nov  8 00:58:58 2014 GMT
-#            Not After : Nov  8 00:58:58 2044 GMT
-#        Subject: C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign G2
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:be:c5:c4:a0:22:80:49:4f:bf:d9:87:11:c6:53:
-#                    e1:bb:0f:bd:60:7f:af:f6:82:0e:1f:dc:b0:8e:3d:
-#                    97:e0:50:3c:8f:3a:ef:66:3b:45:07:9b:20:f8:e3:
-#                    d7:25:86:35:90:16:a2:5d:6f:30:19:08:87:0b:7f:
-#                    06:b2:9d:62:8f:de:af:92:a5:60:d4:2b:80:9a:52:
-#                    3f:f5:9a:83:e9:34:5a:cb:d9:d5:62:5c:e6:0e:e0:
-#                    df:06:98:0e:80:7c:ca:b4:1d:13:88:6b:0e:a8:24:
-#                    77:03:d0:ee:5b:f3:ca:69:91:35:39:56:c5:6d:e3:
-#                    f7:3d:4f:5e:93:38:24:ca:18:e9:24:cb:92:03:dd:
-#                    cc:1c:3d:09:70:e4:20:e4:f1:ae:ac:bb:73:69:a3:
-#                    63:3a:0f:45:0f:a1:4a:9a:c2:d1:63:ac:cb:10:f8:
-#                    3d:e6:4e:28:b7:eb:c4:95:b1:ac:fd:5e:ab:fa:41:
-#                    cb:5d:9d:4b:dc:f4:7c:76:ef:67:7f:00:7a:8d:d2:
-#                    a0:1a:5c:4d:22:e1:b5:da:dd:76:b3:d4:76:df:5e:
-#                    b8:8b:98:c8:14:54:cc:6b:17:92:b7:e0:4a:bf:49:
-#                    94:61:0b:38:90:8f:5d:24:6c:25:7b:3b:79:d9:e2:
-#                    7e:9d:ad:9f:98:a1:06:fc:78:14:60:57:f8:ee:80:
-#                    77:b1
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Subject Key Identifier: 
-#                FA:60:A9:EB:65:C5:DD:16:14:08:4E:0C:0F:8D:9B:E0:F7:64:AF:67
-#    Signature Algorithm: sha256WithRSAEncryption
-#         57:c3:7a:36:82:9c:8d:98:e2:ab:40:aa:47:8f:c7:a7:5b:ed:
-#         7c:e7:3d:66:5a:3b:31:bb:df:f3:16:33:91:fc:7c:7b:a5:c2:
-#         a6:66:e3:aa:b0:b7:27:98:3f:49:d7:60:67:67:3f:36:4f:4a:
-#         cb:f1:14:fa:5a:87:28:1c:ed:8f:41:32:c6:95:f9:7d:da:bd:
-#         7b:5b:c2:b0:21:e3:8f:46:dc:21:38:43:74:4c:fb:30:f8:17:
-#         72:c1:32:fc:c8:91:17:c4:cc:58:37:4e:0b:cc:5a:f7:21:35:
-#         28:83:6c:60:2d:44:eb:52:8c:50:3d:b5:6c:12:d7:fa:09:bb:
-#         6c:b2:4a:b1:c5:89:e4:fc:d3:52:d8:61:17:fe:7a:94:84:8f:
-#         79:b6:33:59:ba:0f:c4:0b:e2:70:a0:4b:78:2e:fa:c8:9f:fd:
-#         af:91:65:0a:78:38:15:e5:97:17:14:dd:f9:e0:2c:34:f8:38:
-#         d0:84:22:00:c0:14:51:18:2b:02:dc:30:5a:f0:e8:01:7c:35:
-#         3a:23:af:08:e4:af:aa:8e:28:42:49:2e:f0:f5:99:34:be:ed:
-#         0f:4b:18:e1:d2:24:3c:bb:5d:47:b7:21:f2:8d:d1:0a:99:8e:
-#         e3:6e:3e:ad:70:e0:8f:b9:ca:cc:6e:81:31:f6:7b:9c:7a:79:
-#         e4:67:71:18
-
 [p11-kit-object-v1]
 label: "Certigna"
 class: x-certificate-extension
@@ -5458,155 +3279,6 @@ WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg==
 #         be:41:ef:7b:9d:97:75:ff:97:95:c0:96:58:2f:ea:bb:46:d7:
 #         bb:e4:d9:2e
 
-[p11-kit-object-v1]
-label: "Certinomis - Autorité Racine"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnYWfhtPjr8eya24z4J63
-QjRVnfmBvmPYI3YOl1TNmUwa8TnHiNgXUAyeYdrATlXe51q4ek53hw3luOv6nl57
-HsTPKHTHk/UUxiIoBPmRw6snc2oOLk3zLigfcN9VL07tx3FvCXIu7dUyl9DxWHfR
-YLxOXtuahPZHYUUr9lCmf2pxJ0iENZ6s/mmpnnpeNSX6tKdJNXeWpzZb4c3fI3DY
-XUylCIPxpiQ4E6jsL6ihZ8emLYZH7or87JsOdPQrSQJ7kHWM/Jk5ATnWSonlnnar
-PpYoOCaL3Y2MwPYBHm+lMRI4fZXCce7tdK7kNqJDddXxAJvi5NfMQgNLeHrlfbu4
-ri4gk9PkYd9x4XZnlz+232pzWmQi5ULbz4EDk9j04xDgcvYAcKzwwXoPBX/PNGlF
-tZPkGdtSFiMFiQ6NSOQlb7N4v2L1B/qVJMKWsuijI8JdA/zD0+V8yXUj1/T1vN7k
-382Av5GIfacTtDm6LLq90WvM86Uo7USefVKjb5YuGX4c81vHFo67YH13ZkdUggAR
-YGwywag4G+tumBPW7jj18J8O7/4xgcHSJJUvU3ppovAPhkWOWIIrTCLUXqDnfSYn
-SN8lRo1KKHyGnvmbGlm5Zb8F3bZCXT3mAEiCXiD3EYLeytif5jdHJh7rePdhw0Fk
-WAJB+drg0fj56P1SOLb1id8CAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Certinomis - Autorité Racine"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjET
-MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAk
-BgNVBAMMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4
-Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNl
-cnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYwJAYDVQQDDB1DZXJ0
-aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jY
-F1AMnmHawE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N
-8y4oH3DfVS9O7cdxbwlyLu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWe
-rP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K
-/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92NjMD2AR5vpTESOH2VwnHu
-7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9qc1pkIuVC
-28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6
-lSTClrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1E
-nn1So2+WLhl+HPNbxxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB
-0iSVL1N6aaLwD4ZFjliCK0wi1F6g530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql09
-5gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna4NH4+ej9Uji29YnfAgMBAAGj
-WzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQN
-jLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
-KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9s
-ov3/4gbIOZ/xWqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZM
-OH8oMDX/nyNTt7buFHAAQCvaR6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q
-619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40nJ+U8/aGH88bc62UeYdocMMzpXDn
-2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1BCxMjidPJC+iKunqj
-o3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjvJL1v
-nxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG
-5ERQL1TEqkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWq
-pdEdnV1j6CTmNhTih60bWfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZb
-dsLLO7XSAPCjDuGtbkD326C00EauFddEwk01+dIL8hf2rGbVJLJP0RyZwG71fet0
-BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/vgt2Fl43N+bYdJeimUV5
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1 (0x1)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=FR, O=Certinomis, OU=0002 433998903, CN=Certinomis - Autorit\xC3\xA9 Racine
-#        Validity
-#            Not Before: Sep 17 08:28:59 2008 GMT
-#            Not After : Sep 17 08:28:59 2028 GMT
-#        Subject: C=FR, O=Certinomis, OU=0002 433998903, CN=Certinomis - Autorit\xC3\xA9 Racine
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:9d:85:9f:86:d3:e3:af:c7:b2:6b:6e:33:e0:9e:
-#                    b7:42:34:55:9d:f9:81:be:63:d8:23:76:0e:97:54:
-#                    cd:99:4c:1a:f1:39:c7:88:d8:17:50:0c:9e:61:da:
-#                    c0:4e:55:de:e7:5a:b8:7a:4e:77:87:0d:e5:b8:eb:
-#                    fa:9e:5e:7b:1e:c4:cf:28:74:c7:93:f5:14:c6:22:
-#                    28:04:f9:91:c3:ab:27:73:6a:0e:2e:4d:f3:2e:28:
-#                    1f:70:df:55:2f:4e:ed:c7:71:6f:09:72:2e:ed:d5:
-#                    32:97:d0:f1:58:77:d1:60:bc:4e:5e:db:9a:84:f6:
-#                    47:61:45:2b:f6:50:a6:7f:6a:71:27:48:84:35:9e:
-#                    ac:fe:69:a9:9e:7a:5e:35:25:fa:b4:a7:49:35:77:
-#                    96:a7:36:5b:e1:cd:df:23:70:d8:5d:4c:a5:08:83:
-#                    f1:a6:24:38:13:a8:ec:2f:a8:a1:67:c7:a6:2d:86:
-#                    47:ee:8a:fc:ec:9b:0e:74:f4:2b:49:02:7b:90:75:
-#                    8c:fc:99:39:01:39:d6:4a:89:e5:9e:76:ab:3e:96:
-#                    28:38:26:8b:dd:8d:8c:c0:f6:01:1e:6f:a5:31:12:
-#                    38:7d:95:c2:71:ee:ed:74:ae:e4:36:a2:43:75:d5:
-#                    f1:00:9b:e2:e4:d7:cc:42:03:4b:78:7a:e5:7d:bb:
-#                    b8:ae:2e:20:93:d3:e4:61:df:71:e1:76:67:97:3f:
-#                    b6:df:6a:73:5a:64:22:e5:42:db:cf:81:03:93:d8:
-#                    f4:e3:10:e0:72:f6:00:70:ac:f0:c1:7a:0f:05:7f:
-#                    cf:34:69:45:b5:93:e4:19:db:52:16:23:05:89:0e:
-#                    8d:48:e4:25:6f:b3:78:bf:62:f5:07:fa:95:24:c2:
-#                    96:b2:e8:a3:23:c2:5d:03:fc:c3:d3:e5:7c:c9:75:
-#                    23:d7:f4:f5:bc:de:e4:df:cd:80:bf:91:88:7d:a7:
-#                    13:b4:39:ba:2c:ba:bd:d1:6b:cc:f3:a5:28:ed:44:
-#                    9e:7d:52:a3:6f:96:2e:19:7e:1c:f3:5b:c7:16:8e:
-#                    bb:60:7d:77:66:47:54:82:00:11:60:6c:32:c1:a8:
-#                    38:1b:eb:6e:98:13:d6:ee:38:f5:f0:9f:0e:ef:fe:
-#                    31:81:c1:d2:24:95:2f:53:7a:69:a2:f0:0f:86:45:
-#                    8e:58:82:2b:4c:22:d4:5e:a0:e7:7d:26:27:48:df:
-#                    25:46:8d:4a:28:7c:86:9e:f9:9b:1a:59:b9:65:bf:
-#                    05:dd:b6:42:5d:3d:e6:00:48:82:5e:20:f7:11:82:
-#                    de:ca:d8:9f:e6:37:47:26:1e:eb:78:f7:61:c3:41:
-#                    64:58:02:41:f9:da:e0:d1:f8:f9:e8:fd:52:38:b6:
-#                    f5:89:df
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                0D:8C:B6:61:DA:44:B8:D1:14:7D:C3:BE:7D:5E:48:F0:CE:CA:6A:B0
-#            X509v3 Certificate Policies: 
-#                Policy: 1.2.250.1.86.2.2.0.1.1
-#
-#    Signature Algorithm: sha1WithRSAEncryption
-#         24:3e:60:06:7e:1d:ef:3a:3e:db:ea:af:1c:9a:2c:01:0b:f4:
-#         c5:b5:d9:49:31:f4:5d:41:8d:89:0c:4e:ff:6c:a2:fd:ff:e2:
-#         06:c8:39:9f:f1:5a:a9:dd:22:58:15:a8:8a:d3:b1:e6:32:09:
-#         82:03:6c:d7:3f:08:c7:f8:b9:ba:00:6d:b9:d6:fc:52:32:5d:
-#         a4:7f:a4:31:94:bb:b6:4c:38:7f:28:30:35:ff:9f:23:53:b7:
-#         b6:ee:14:70:00:40:2b:da:47:ab:34:7e:5e:a7:56:30:61:2b:
-#         8b:43:ac:fd:b6:88:28:f5:6b:b6:3e:60:4a:ba:42:90:34:67:
-#         8d:ea:eb:5f:45:54:3b:17:ac:8b:e4:c6:65:0f:ee:d0:8c:5d:
-#         66:39:ce:32:a7:d8:10:97:c0:7e:34:9c:9f:94:f3:f6:86:1f:
-#         cf:1b:73:ad:94:79:87:68:70:c3:33:a5:70:e7:d8:d5:38:94:
-#         6f:63:79:eb:bf:0a:0e:08:e7:c5:2f:0f:42:a0:2b:14:40:ff:
-#         21:e0:05:c5:27:e1:84:11:13:ba:d6:86:1d:41:0b:13:23:89:
-#         d3:c9:0b:e8:8a:ba:7a:a3:a3:73:37:35:80:7d:12:b8:33:77:
-#         40:38:c0:fa:5e:30:d2:f2:b6:a3:b1:d6:a2:95:97:81:9b:52:
-#         ed:69:4c:ff:80:e4:53:db:54:5b:03:6d:54:5f:b1:b8:ef:24:
-#         bd:6f:9f:11:c3:c7:64:c2:0f:28:62:85:66:5e:1a:7b:b2:b7:
-#         ef:ae:35:c9:19:33:a8:b8:27:db:33:55:bf:68:e1:75:48:44:
-#         56:fb:cd:d3:48:bb:47:89:3a:ac:69:f5:80:c6:e4:44:50:2f:
-#         54:c4:aa:43:c5:31:31:58:bd:96:c5:ea:75:6c:9a:75:b1:4d:
-#         f8:f7:97:ff:96:16:f2:97:4d:e8:f6:f3:11:f9:3a:7d:8a:38:
-#         6e:04:cb:e1:d3:45:15:aa:a5:d1:1d:9d:5d:63:e8:24:e6:36:
-#         14:e2:87:ad:1b:59:f5:44:9b:fb:d7:77:7c:1f:01:70:62:a1:
-#         20:1a:a2:c5:1a:28:f4:21:03:ee:2e:d9:c1:80:ea:b9:d9:82:
-#         d6:5b:76:c2:cb:3b:b5:d2:00:f0:a3:0e:e1:ad:6e:40:f7:db:
-#         a0:b4:d0:46:ae:15:d7:44:c2:4d:35:f9:d2:0b:f2:17:f6:ac:
-#         66:d5:24:b2:4f:d1:1c:99:c0:6e:f5:7d:eb:74:04:b8:f9:4d:
-#         77:09:d7:b4:cf:07:30:09:f1:b8:00:56:d9:17:16:16:0a:2b:
-#         86:df:8f:01:19:1a:e5:bb:82:63:ff:be:0b:76:16:5e:37:37:
-#         e6:d8:74:97:a2:99:45:79
-
 [p11-kit-object-v1]
 label: "Certinomis - Root CA"
 class: x-certificate-extension
@@ -6090,7 +3762,7 @@ U5ORGpOucGpnutee5WEaXw==
 label: "Certum Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%04"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrHBLtNPfM0lzhg+T8SM
@@ -6183,7 +3855,7 @@ O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
 label: "Certum Trusted Network CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO
@@ -6432,7 +4104,7 @@ DrW5viSP
 label: "Chambers of Commerce Root - 2008"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArwDLcDcrgFpKOmx4lH2j
@@ -6594,111 +4266,6 @@ d0jQ
 #         0d:7b:2e:87:e2:0c:a6:06:bc:26:10:6d:37:9d:ec:dd:78:8c:
 #         7c:80:c5:f0:d9:77:48:d0
 
-[p11-kit-object-v1]
-label: "China Internet Network Information Center EV Certificates Root"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z7r07eKpkQ0H1UN+U
-8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//DdmEEbK40ctb3B75
-aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1VxzUOFsUcW9SxTgHbP
-0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8hBouXJE0bhlffxdp
-xWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs4qpnHkWnjQRmQvaP
-K++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54ugQEC7c+WXmPbqOY4
-twIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "China Internet Network Information Center EV Certificates Root"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
-Q04xMjAwBgNVBAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24g
-Q2VudGVyMUcwRQYDVQQDDD5DaGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0
-aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMgUm9vdDAeFw0xMDA4MzEwNzExMjVa
-Fw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAGA1UECgwpQ2hpbmEg
-SW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMMPkNo
-aW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRp
-ZmljYXRlcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z
-7r07eKpkQ0H1UN+U8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//
-DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1Vx
-zUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8
-hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs
-4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54u
-gQEC7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oY
-NJKiyoOCWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
-FgQUfHJLOcfA22KlT5uqGDSSosqDglkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3
-j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd50XPFtQO3WKwMVC/GVhMPMdoG
-52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM7+czV0I664zB
-echNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
-ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrI
-zo9uoV1/A3U05K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATy
-wy39FCqQmbkHzJ8=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1218379777 (0x489f0001)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=CN, O=China Internet Network Information Center, CN=China Internet Network Information Center EV Certificates Root
-#        Validity
-#            Not Before: Aug 31 07:11:25 2010 GMT
-#            Not After : Aug 31 07:11:25 2030 GMT
-#        Subject: C=CN, O=China Internet Network Information Center, CN=China Internet Network Information Center EV Certificates Root
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:9b:7e:73:ee:bd:3b:78:aa:64:43:41:f5:50:df:
-#                    94:f2:2e:b2:8d:4a:8e:46:54:d2:21:12:c8:39:32:
-#                    42:06:e9:83:d5:9f:52:ed:e5:67:03:3b:54:c1:8c:
-#                    99:99:cc:e9:c0:0f:ff:0d:d9:84:11:b2:b8:d1:cb:
-#                    5b:dc:1e:f9:68:31:64:e1:9b:fa:74:eb:68:b9:20:
-#                    95:f7:c6:0f:8d:47:ac:5a:06:dd:61:ab:e2:ec:d8:
-#                    9f:17:2d:9c:ca:3c:35:97:55:71:cd:43:85:b1:47:
-#                    16:f5:2c:53:80:76:cf:d3:00:64:bd:40:99:dd:cc:
-#                    d8:db:c4:9f:d6:13:5f:41:83:8b:f9:0d:87:92:56:
-#                    34:6c:1a:10:0b:17:d5:5a:1c:97:58:84:3c:84:1a:
-#                    2e:5c:91:34:6e:19:5f:7f:17:69:c5:65:ef:6b:21:
-#                    c6:d5:50:3a:bf:61:b9:05:8d:ef:6f:34:3a:b2:6f:
-#                    14:63:bf:16:3b:9b:a9:2a:fd:b7:2b:38:66:06:c5:
-#                    2c:e2:aa:67:1e:45:a7:8d:04:66:42:f6:8f:2b:ef:
-#                    88:20:69:8f:32:8c:14:73:da:2b:86:91:63:22:9a:
-#                    f2:a7:db:ce:89:8b:ab:5d:c7:14:c1:5b:30:6a:1f:
-#                    b1:b7:9e:2e:81:01:02:ed:cf:96:5e:63:db:a8:e6:
-#                    38:b7
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Authority Key Identifier: 
-#                keyid:7C:72:4B:39:C7:C0:DB:62:A5:4F:9B:AA:18:34:92:A2:CA:83:82:59
-#
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                7C:72:4B:39:C7:C0:DB:62:A5:4F:9B:AA:18:34:92:A2:CA:83:82:59
-#    Signature Algorithm: sha1WithRSAEncryption
-#         2a:c3:c7:43:37:8f:dd:ad:a4:b2:0c:ee:dc:14:6d:8f:28:a4:
-#         98:49:cb:0c:80:ea:f3:ed:23:66:75:7d:c5:d3:21:67:79:d1:
-#         73:c5:b5:03:b7:58:ac:0c:54:2f:c6:56:13:0f:31:da:06:e7:
-#         65:3b:1d:6f:36:db:c8:1d:f9:fd:80:06:ca:a3:3d:66:16:a8:
-#         9d:4c:16:7d:c0:95:46:b5:51:e4:e2:1f:d7:ea:06:4d:63:8d:
-#         96:8c:ef:e7:33:57:42:3a:eb:8c:c1:79:c8:4d:76:7d:de:f6:
-#         b1:b7:81:e0:a0:f9:a1:78:46:17:1a:56:98:f0:4e:3d:ab:1c:
-#         ed:ec:39:dc:07:48:f7:63:fe:06:ae:c2:a4:5c:6a:5b:32:88:
-#         c5:c7:33:85:ac:66:42:47:c2:58:24:99:e1:e5:3e:e5:75:2c:
-#         8e:43:d6:5d:3c:78:1e:a8:95:82:29:50:d1:d1:16:ba:ef:c1:
-#         be:7a:d9:b4:d8:cc:1e:4c:46:e1:77:b1:31:ab:bd:2a:c8:ce:
-#         8f:6e:a1:5d:7f:03:75:34:e4:ad:89:45:54:5e:be:ae:28:a5:
-#         bb:3f:78:79:eb:73:b3:0a:0d:fd:be:c9:f7:56:ac:f6:b7:ed:
-#         2f:9b:21:29:c7:38:b6:95:c4:04:f2:c3:2d:fd:14:2a:90:99:
-#         b9:07:cc:9f
-
 [p11-kit-object-v1]
 label: "ComSign CA"
 class: x-certificate-extension
@@ -6808,120 +4375,11 @@ AGegcQCCSA==
 #         70:a8:df:65:32:f4:a4:40:8c:a1:c2:44:03:0e:94:00:67:a0:
 #         71:00:82:48
 
-[p11-kit-object-v1]
-label: "ComSign Secured CA"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrVoXx2UFcOkCFUt46BX
-eu/pdCq7uXxXSRoRXk8phwxI1mrnj9R+VyS5BonkHDzqrOPaIYBzIQrveZhsHwj/
-oVB98pgbyVRvPqUo7CEED0W7Bz2hwPoqmB1OBpP79Yg7q1/LFr/m855Kh+0Z6sKf
-Q+TxgaV/EE8+0UpirVMby4P/B2Wlki1mqVu4WvQdtCGRShd7njL+ViQ5slSEQ/WE
-wti8QZDMndZo2umCUKk7aM+1XQKUYBaxQ9lDXd1dh27qu7PJa/YDlAlw3hYReivo
-do9JEJh3uWNcizOXdfYLjLKrW950ICU/4/MR+YdohjVxwx2MLevlGqwPc9WCWUCA
-0wIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "ComSign Secured CA"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIDqzCCApOgAwIBAgIRAMcoRwmzuGxFjB36JPU2TukwDQYJKoZIhvcNAQEFBQAw
-PDEbMBkGA1UEAxMSQ29tU2lnbiBTZWN1cmVkIENBMRAwDgYDVQQKEwdDb21TaWdu
-MQswCQYDVQQGEwJJTDAeFw0wNDAzMjQxMTM3MjBaFw0yOTAzMTYxNTA0NTZaMDwx
-GzAZBgNVBAMTEkNvbVNpZ24gU2VjdXJlZCBDQTEQMA4GA1UEChMHQ29tU2lnbjEL
-MAkGA1UEBhMCSUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGtWhf
-HZQVw6QIVS3joFd67+l0Kru5fFdJGhFeTymHDEjWaueP1H5XJLkGieQcPOqs49oh
-gHMhCu95mGwfCP+hUH3ymBvJVG8+pSjsIQQPRbsHPaHA+iqYHU4Gk/v1iDurX8sW
-v+bznkqH7Rnqwp9D5PGBpX8QTz7RSmKtUxvLg/8HZaWSLWapW7ha9B20IZFKF3ue
-Mv5WJDmyVIRD9YTC2LxBkMyd1mja6YJQqTtoz7VdApRgFrFD2UNd3V2Hbuq7s8lr
-9gOUCXDeFhF6K+h2j0kQmHe5Y1yLM5d19guMsqtb3nQgJT/j8xH5h2iGNXHDHYwt
-6+UarA9z1YJZQIDTAgMBAAGjgacwgaQwDAYDVR0TBAUwAwEB/zBEBgNVHR8EPTA7
-MDmgN6A1hjNodHRwOi8vZmVkaXIuY29tc2lnbi5jby5pbC9jcmwvQ29tU2lnblNl
-Y3VyZWRDQS5jcmwwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFMFL7XC29z58
-ADsAj8c+DkWfHl3sMB0GA1UdDgQWBBTBS+1wtvc+fAA7AI/HPg5Fnx5d7DANBgkq
-hkiG9w0BAQUFAAOCAQEAFs/ukhNQq3sUnjO2QiBq1BW9Cav8cujvR3qQrFHBZE7p
-iL1DRYHjZiM/EoZNGeQFsOY3wo3aBijJD4mkU6l1P7CW+6tMM1X5eCZGbxs2mPtC
-dsGCuY7e+0X5YxtiOzkGynd6qDwJz2w2PQ8KRUtpFhpFfTMDZflScZAmlaxMDPWL
-kz/MdXSFmLr/YnpNH4n+rr2UAJm/EaXc4HnFFgt9AmEd6oX5AhVP51qJThRv4zdL
-hfXBPGHg/QVBspJ/wx2g0K5SZGBrGMYmnNj1ZOQ2GmKfig8+/21OGVZOIJFsnzQz
-OjRXUDpvgV4GxvU+fE6OK85lBi5d0ipTdF7Tbieejw==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            c7:28:47:09:b3:b8:6c:45:8c:1d:fa:24:f5:36:4e:e9
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: CN=ComSign Secured CA, O=ComSign, C=IL
-#        Validity
-#            Not Before: Mar 24 11:37:20 2004 GMT
-#            Not After : Mar 16 15:04:56 2029 GMT
-#        Subject: CN=ComSign Secured CA, O=ComSign, C=IL
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:c6:b5:68:5f:1d:94:15:c3:a4:08:55:2d:e3:a0:
-#                    57:7a:ef:e9:74:2a:bb:b9:7c:57:49:1a:11:5e:4f:
-#                    29:87:0c:48:d6:6a:e7:8f:d4:7e:57:24:b9:06:89:
-#                    e4:1c:3c:ea:ac:e3:da:21:80:73:21:0a:ef:79:98:
-#                    6c:1f:08:ff:a1:50:7d:f2:98:1b:c9:54:6f:3e:a5:
-#                    28:ec:21:04:0f:45:bb:07:3d:a1:c0:fa:2a:98:1d:
-#                    4e:06:93:fb:f5:88:3b:ab:5f:cb:16:bf:e6:f3:9e:
-#                    4a:87:ed:19:ea:c2:9f:43:e4:f1:81:a5:7f:10:4f:
-#                    3e:d1:4a:62:ad:53:1b:cb:83:ff:07:65:a5:92:2d:
-#                    66:a9:5b:b8:5a:f4:1d:b4:21:91:4a:17:7b:9e:32:
-#                    fe:56:24:39:b2:54:84:43:f5:84:c2:d8:bc:41:90:
-#                    cc:9d:d6:68:da:e9:82:50:a9:3b:68:cf:b5:5d:02:
-#                    94:60:16:b1:43:d9:43:5d:dd:5d:87:6e:ea:bb:b3:
-#                    c9:6b:f6:03:94:09:70:de:16:11:7a:2b:e8:76:8f:
-#                    49:10:98:77:b9:63:5c:8b:33:97:75:f6:0b:8c:b2:
-#                    ab:5b:de:74:20:25:3f:e3:f3:11:f9:87:68:86:35:
-#                    71:c3:1d:8c:2d:eb:e5:1a:ac:0f:73:d5:82:59:40:
-#                    80:d3
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: 
-#                CA:TRUE
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://fedir.comsign.co.il/crl/ComSignSecuredCA.crl
-#
-#            X509v3 Key Usage: critical
-#                Digital Signature, Certificate Sign, CRL Sign
-#            X509v3 Authority Key Identifier: 
-#                keyid:C1:4B:ED:70:B6:F7:3E:7C:00:3B:00:8F:C7:3E:0E:45:9F:1E:5D:EC
-#
-#            X509v3 Subject Key Identifier: 
-#                C1:4B:ED:70:B6:F7:3E:7C:00:3B:00:8F:C7:3E:0E:45:9F:1E:5D:EC
-#    Signature Algorithm: sha1WithRSAEncryption
-#         16:cf:ee:92:13:50:ab:7b:14:9e:33:b6:42:20:6a:d4:15:bd:
-#         09:ab:fc:72:e8:ef:47:7a:90:ac:51:c1:64:4e:e9:88:bd:43:
-#         45:81:e3:66:23:3f:12:86:4d:19:e4:05:b0:e6:37:c2:8d:da:
-#         06:28:c9:0f:89:a4:53:a9:75:3f:b0:96:fb:ab:4c:33:55:f9:
-#         78:26:46:6f:1b:36:98:fb:42:76:c1:82:b9:8e:de:fb:45:f9:
-#         63:1b:62:3b:39:06:ca:77:7a:a8:3c:09:cf:6c:36:3d:0f:0a:
-#         45:4b:69:16:1a:45:7d:33:03:65:f9:52:71:90:26:95:ac:4c:
-#         0c:f5:8b:93:3f:cc:75:74:85:98:ba:ff:62:7a:4d:1f:89:fe:
-#         ae:bd:94:00:99:bf:11:a5:dc:e0:79:c5:16:0b:7d:02:61:1d:
-#         ea:85:f9:02:15:4f:e7:5a:89:4e:14:6f:e3:37:4b:85:f5:c1:
-#         3c:61:e0:fd:05:41:b2:92:7f:c3:1d:a0:d0:ae:52:64:60:6b:
-#         18:c6:26:9c:d8:f5:64:e4:36:1a:62:9f:8a:0f:3e:ff:6d:4e:
-#         19:56:4e:20:91:6c:9f:34:33:3a:34:57:50:3a:6f:81:5e:06:
-#         c6:f5:3e:7c:4e:8e:2b:ce:65:06:2e:5d:d2:2a:53:74:5e:d3:
-#         6e:27:9e:8f
-
 [p11-kit-object-v1]
 label: "Comodo AAA Services root"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkCd9G7h6naHHE1FRI6+
@@ -7028,228 +4486,6 @@ smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
 #         b2:63:e2:f5:62:2c:82:d4:6a:00:41:50:f1:39:83:9f:95:e9:
 #         36:96:98:6e
 
-[p11-kit-object-v1]
-label: "Comodo Secure Services root"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHEzgorQcOtzh4JA1R3k
-y8kOQpD53jS5oboR9CWF88xybfJ7l2uzB/F3JJFfJY/2dD3kgML4PA3zv0Dq98hS
-0XJv78irQbhuLhcqlWkMzdIelHstlB2qddezmMusvGRTQLyPrKw2y1ytu93glBfs
-0VzQv++llcmQxbCs+xtD33oIXbe48kAbKyeeUM5eZYKIjF7TTgx66giRtjaqK0L7
-6sKjOeXbJjitiwruGWPHHCTfA3ja5urBRxoLC0YJ3QL83suHX9cwY2ihrtwyobq+
-/kSraLalFxX9vdWnp5rkRDPpiI787VHrk3FOrQHnRI6rLcuo/gFJSPDA3cdo2JL+
-PQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Comodo Secure Services root"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1 (0x1)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=Secure Certificate Services
-#        Validity
-#            Not Before: Jan  1 00:00:00 2004 GMT
-#            Not After : Dec 31 23:59:59 2028 GMT
-#        Subject: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=Secure Certificate Services
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:c0:71:33:82:8a:d0:70:eb:73:87:82:40:d5:1d:
-#                    e4:cb:c9:0e:42:90:f9:de:34:b9:a1:ba:11:f4:25:
-#                    85:f3:cc:72:6d:f2:7b:97:6b:b3:07:f1:77:24:91:
-#                    5f:25:8f:f6:74:3d:e4:80:c2:f8:3c:0d:f3:bf:40:
-#                    ea:f7:c8:52:d1:72:6f:ef:c8:ab:41:b8:6e:2e:17:
-#                    2a:95:69:0c:cd:d2:1e:94:7b:2d:94:1d:aa:75:d7:
-#                    b3:98:cb:ac:bc:64:53:40:bc:8f:ac:ac:36:cb:5c:
-#                    ad:bb:dd:e0:94:17:ec:d1:5c:d0:bf:ef:a5:95:c9:
-#                    90:c5:b0:ac:fb:1b:43:df:7a:08:5d:b7:b8:f2:40:
-#                    1b:2b:27:9e:50:ce:5e:65:82:88:8c:5e:d3:4e:0c:
-#                    7a:ea:08:91:b6:36:aa:2b:42:fb:ea:c2:a3:39:e5:
-#                    db:26:38:ad:8b:0a:ee:19:63:c7:1c:24:df:03:78:
-#                    da:e6:ea:c1:47:1a:0b:0b:46:09:dd:02:fc:de:cb:
-#                    87:5f:d7:30:63:68:a1:ae:dc:32:a1:ba:be:fe:44:
-#                    ab:68:b6:a5:17:15:fd:bd:d5:a7:a7:9a:e4:44:33:
-#                    e9:88:8e:fc:ed:51:eb:93:71:4e:ad:01:e7:44:8e:
-#                    ab:2d:cb:a8:fe:01:49:48:f0:c0:dd:c7:68:d8:92:
-#                    fe:3d
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Subject Key Identifier: 
-#                3C:D8:93:88:C2:C0:82:09:CC:01:99:06:93:20:E9:9E:70:09:63:4F
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/SecureCertificateServices.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/SecureCertificateServices.crl
-#
-#    Signature Algorithm: sha1WithRSAEncryption
-#         87:01:6d:23:1d:7e:5b:17:7d:c1:61:32:cf:8f:e7:f3:8a:94:
-#         59:66:e0:9e:28:a8:5e:d3:b7:f4:34:e6:aa:39:b2:97:16:c5:
-#         82:6f:32:a4:e9:8c:e7:af:fd:ef:c2:e8:b9:4b:aa:a3:f4:e6:
-#         da:8d:65:21:fb:ba:80:eb:26:28:85:1a:fe:39:8c:de:5b:04:
-#         04:b4:54:f9:a3:67:9e:41:fa:09:52:cc:05:48:a8:c9:3f:21:
-#         04:1e:ce:48:6b:fc:85:e8:c2:7b:af:7f:b7:cc:f8:5f:3a:fd:
-#         35:c6:0d:ef:97:dc:4c:ab:11:e1:6b:cb:31:d1:6c:fb:48:80:
-#         ab:dc:9c:37:b8:21:14:4b:0d:71:3d:ec:83:33:6e:d1:6e:32:
-#         16:ec:98:c7:16:8b:59:a6:34:ab:05:57:2d:93:f7:aa:13:cb:
-#         d2:13:e2:b7:2e:3b:cd:6b:50:17:09:68:3e:b5:26:57:ee:b6:
-#         e0:b6:dd:b9:29:80:79:7d:8f:a3:f0:a4:28:a4:15:c4:85:f4:
-#         27:d4:6b:bf:e5:5c:e4:65:02:76:54:b4:e3:37:66:24:d3:19:
-#         61:c8:52:10:e5:8b:37:9a:b9:a9:f9:1d:bf:ea:99:92:61:96:
-#         ff:01:cd:a1:5f:0d:bc:71:bc:0e:ac:0b:1d:47:45:1d:c1:ec:
-#         7c:ec:fd:29
-
-[p11-kit-object-v1]
-label: "Comodo Trusted Services root"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQI
-IO0Yfyod5jWaHiWsnOWWfnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQa
-Z7jPM8yoMa+j49d/vzMtTGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw
-+spwtOpZqqPOSC+pw7ILfhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6
-juljatEPmsbS9Is6FARW1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAE
-Atdbtz6SrGsSivnkBbA7kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt
-6wIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Comodo Trusted Services root"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1 (0x1)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=Trusted Certificate Services
-#        Validity
-#            Not Before: Jan  1 00:00:00 2004 GMT
-#            Not After : Dec 31 23:59:59 2028 GMT
-#        Subject: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=Trusted Certificate Services
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:df:71:6f:36:58:53:5a:f2:36:54:57:80:c4:74:
-#                    08:20:ed:18:7f:2a:1d:e6:35:9a:1e:25:ac:9c:e5:
-#                    96:7e:72:52:a0:15:42:db:59:dd:64:7a:1a:d0:b8:
-#                    7b:dd:39:15:bc:55:48:c4:ed:3a:00:ea:31:11:ba:
-#                    f2:71:74:1a:67:b8:cf:33:cc:a8:31:af:a3:e3:d7:
-#                    7f:bf:33:2d:4c:6a:3c:ec:8b:c3:92:d2:53:77:24:
-#                    74:9c:07:6e:70:fc:bd:0b:5b:76:ba:5f:f2:ff:d7:
-#                    37:4b:4a:60:78:f7:f0:fa:ca:70:b4:ea:59:aa:a3:
-#                    ce:48:2f:a9:c3:b2:0b:7e:17:72:16:0c:a6:07:0c:
-#                    1b:38:cf:c9:62:b7:3f:a0:93:a5:87:41:f2:b7:70:
-#                    40:77:d8:be:14:7c:e3:a8:c0:7a:8e:e9:63:6a:d1:
-#                    0f:9a:c6:d2:f4:8b:3a:14:04:56:d4:ed:b8:cc:6e:
-#                    f5:fb:e2:2c:58:bd:7f:4f:6b:2b:f7:60:24:58:24:
-#                    ce:26:ef:34:91:3a:d5:e3:81:d0:b2:f0:04:02:d7:
-#                    5b:b7:3e:92:ac:6b:12:8a:f9:e4:05:b0:3b:91:49:
-#                    5c:b2:eb:53:ea:f8:9f:47:86:ee:bf:95:c0:c0:06:
-#                    9f:d2:5b:5e:11:1b:f4:c7:04:35:29:d2:55:5c:e4:
-#                    ed:eb
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Subject Key Identifier: 
-#                C5:7B:58:BD:ED:DA:25:69:D2:F7:59:16:A8:B3:32:C0:7B:27:5B:F4
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.comodoca.com/TrustedCertificateServices.crl
-#
-#                Full Name:
-#                  URI:http://crl.comodo.net/TrustedCertificateServices.crl
-#
-#    Signature Algorithm: sha1WithRSAEncryption
-#         c8:93:81:3b:89:b4:af:b8:84:12:4c:8d:d2:f0:db:70:ba:57:
-#         86:15:34:10:b9:2f:7f:1e:b0:a8:89:60:a1:8a:c2:77:0c:50:
-#         4a:9b:00:8b:d8:8b:f4:41:e2:d0:83:8a:4a:1c:14:06:b0:a3:
-#         68:05:70:31:30:a7:53:9b:0e:e9:4a:a0:58:69:67:0e:ae:9d:
-#         f6:a5:2c:41:bf:3c:06:6b:e4:59:cc:6d:10:f1:96:6f:1f:df:
-#         f4:04:02:a4:9f:45:3e:c8:d8:fa:36:46:44:50:3f:82:97:91:
-#         1f:28:db:18:11:8c:2a:e4:65:83:57:12:12:8c:17:3f:94:36:
-#         fe:5d:b0:c0:04:77:13:b8:f4:15:d5:3f:38:cc:94:3a:55:d0:
-#         ac:98:f5:ba:00:5f:e0:86:19:81:78:2f:28:c0:7e:d3:cc:42:
-#         0a:f5:ae:50:a0:d1:3e:c6:a1:71:ec:3f:a0:20:8c:66:3a:89:
-#         b4:8e:d4:d8:b1:4d:25:47:ee:2f:88:c8:b5:e1:05:45:c0:be:
-#         14:71:de:7a:fd:8e:7b:7d:4d:08:96:a5:12:73:f0:2d:ca:37:
-#         27:74:12:27:4c:cb:b6:97:e9:d9:ae:08:6d:5a:39:40:dd:05:
-#         47:75:6a:5a:21:b3:a3:18:cf:4e:f7:2e:57:b7:98:70:5e:c8:
-#         c4:78:b0:62
-
 [p11-kit-object-v1]
 label: "Cybertrust Global Root"
 class: x-certificate-extension
@@ -7691,115 +4927,6 @@ KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1
 #         d3:2e:a3:15:bc:a8:e6:26:e5:6f:c3:dc:b8:03:21:ea:9f:16:
 #         f1:2c:54:b5
 
-[p11-kit-object-v1]
-label: "DST ACES CA X6"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3
-dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPuktKe1jzIDZBfZIGxqAgNTNj50wUoUrQB
-JcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7gLFViYsx+tC3dr5BPTCapCIlF3PoHuLT
-rCq9Wzgh1SpL11V94zpVvddtawJXa+ZHfAjIgrrep4c9oW24MFbCswKBXy314pow
-GCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4aahELfrd755jWjHZvwTvbUJN+5dCOHze4
-vbrGn2zpfDPyMjwmR/onJALJfh1biEITajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJ
-ywIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "DST ACES CA X6"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
-ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
-MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
-VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
-FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
-ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
-gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
-fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
-ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
-ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
-c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
-dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
-aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
-hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
-QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
-h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
-nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
-rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
-9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6mis=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            0d:5e:99:0a:d6:9d:b7:78:ec:d8:07:56:3b:86:15:d9
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, O=Digital Signature Trust, OU=DST ACES, CN=DST ACES CA X6
-#        Validity
-#            Not Before: Nov 20 21:19:58 2003 GMT
-#            Not After : Nov 20 21:19:58 2017 GMT
-#        Subject: C=US, O=Digital Signature Trust, OU=DST ACES, CN=DST ACES CA X6
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:b9:3d:f5:2c:c9:94:dc:75:8a:95:5d:63:e8:84:
-#                    77:76:66:b9:59:91:5c:46:dd:92:3e:9f:f9:0e:03:
-#                    b4:3d:61:92:bd:23:26:b5:63:ee:92:d2:9e:d6:3c:
-#                    c8:0d:90:5f:64:81:b1:a8:08:0d:4c:d8:f9:d3:05:
-#                    28:52:b4:01:25:c5:95:1c:0c:7e:3e:10:84:75:cf:
-#                    c1:19:91:63:cf:e8:a8:91:88:b9:43:52:bb:80:b1:
-#                    55:89:8b:31:fa:d0:b7:76:be:41:3d:30:9a:a4:22:
-#                    25:17:73:e8:1e:e2:d3:ac:2a:bd:5b:38:21:d5:2a:
-#                    4b:d7:55:7d:e3:3a:55:bd:d7:6d:6b:02:57:6b:e6:
-#                    47:7c:08:c8:82:ba:de:a7:87:3d:a1:6d:b8:30:56:
-#                    c2:b3:02:81:5f:2d:f5:e2:9a:30:18:28:b8:66:d3:
-#                    cb:01:96:6f:ea:8a:45:55:d6:e0:9d:ff:67:2b:17:
-#                    02:a6:4e:1a:6a:11:0b:7e:b7:7b:e7:98:d6:8c:76:
-#                    6f:c1:3b:db:50:93:7e:e5:d0:8e:1f:37:b8:bd:ba:
-#                    c6:9f:6c:e9:7c:33:f2:32:3c:26:47:fa:27:24:02:
-#                    c9:7e:1d:5b:88:42:13:6a:35:7c:7d:35:e9:2e:66:
-#                    91:72:93:d5:32:26:c4:74:f5:53:a3:b3:5d:9a:f6:
-#                    09:cb
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Key Usage: critical
-#                Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
-#            X509v3 Subject Alternative Name: 
-#                email:pki-ops@trustdst.com
-#            X509v3 Certificate Policies: 
-#                Policy: 2.16.840.1.101.3.2.1.1.1
-#                  CPS: http://www.trustdst.com/certificates/policy/ACES-index.html
-#
-#            X509v3 Subject Key Identifier: 
-#                09:72:06:4E:18:43:0F:E5:D6:CC:C3:6A:8B:31:7B:78:8F:A8:83:B8
-#    Signature Algorithm: sha1WithRSAEncryption
-#         a3:d8:8e:d6:b2:db:ce:05:e7:32:cd:01:d3:04:03:e5:76:e4:
-#         56:2b:9c:99:90:e8:08:30:6c:df:7d:3d:ee:e5:bf:b5:24:40:
-#         84:49:e1:d1:28:ae:c4:c2:3a:53:30:88:f1:f5:77:6e:51:ca:
-#         fa:ff:99:af:24:5f:1b:a0:fd:f2:ac:84:ca:df:a9:f0:5f:04:
-#         2e:ad:16:bf:21:97:10:81:3d:e3:ff:87:8d:32:dc:94:e5:47:
-#         8a:5e:6a:13:c9:94:95:3d:d2:ee:c8:34:95:d0:80:d4:ad:32:
-#         08:80:54:3c:e0:bd:52:53:d7:52:7c:b2:69:3f:7f:7a:cf:6a:
-#         74:ca:fa:04:2a:9c:4c:5a:06:a5:e9:20:ad:45:66:0f:69:f1:
-#         dd:bf:e9:e3:32:8b:fa:e0:c1:86:4d:72:3c:2e:d8:93:78:0a:
-#         2a:f8:d8:d2:27:3d:19:89:5f:5a:7b:8a:3b:cc:0c:da:51:ae:
-#         c7:0b:f7:2b:b0:37:05:ec:bc:57:23:e2:38:d2:9b:68:f3:56:
-#         12:88:4f:42:7c:b8:31:c4:b5:db:e4:c8:21:34:e9:48:11:35:
-#         ee:fa:c7:92:57:c5:9f:34:e4:c7:f6:f7:0e:0b:4c:9c:68:78:
-#         7b:71:31:c7:eb:1e:e0:67:41:f3:b7:a0:a7:cd:e5:7a:33:36:
-#         6a:fa:9a:2b
-
 [p11-kit-object-v1]
 label: "DST Root CA X3"
 class: x-certificate-extension
@@ -7903,7 +5030,7 @@ Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
 label: "Deutsche Telekom Root CA 2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwujNeCLKRSxFIWvPBDk
@@ -8003,7 +5130,7 @@ Cm26OWMohpLzGITY+9HPBVZkVw==
 label: "DigiCert Assured ID Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ4VzuRDgFyxh/O3YPlx
@@ -8107,7 +5234,7 @@ H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
 label: "DigiCert Assured ID Root G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ecoL1I/NnJJiJM08/hq
@@ -8208,7 +5335,7 @@ IhNzbM8m9Yop5w==
 label: "DigiCert Assured ID Root G3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGee8rERl7c24P1j7jbFXqUQtBRXy7wv/
@@ -8279,7 +5406,7 @@ JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
 label: "DigiCert Global Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKP
@@ -8383,7 +5510,7 @@ CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 label: "DigiCert Global Root G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/
@@ -8484,7 +5611,7 @@ MrY=
 label: "DigiCert Global Root G3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOre
@@ -8555,7 +5682,7 @@ sycX
 label: "DigiCert High Assurance EV Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxszlc+b71LvlLS0ypt/l
@@ -8660,7 +5787,7 @@ vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
 label: "DigiCert Trusted Root G4"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv+aQc2jeu+RdSjwwIjBp
@@ -8833,31 +5960,11 @@ serial-number: "%02%10%12%BD%26%A2%AE3%C0%7F%24%7BjXi%F2%0Av"
 x-distrusted: true
 
 
-[p11-kit-object-v1]
-label: "Distrust a pb.com certificate that does not comply with the baseline requirements."
-class: certificate
-certificate-type: x-509
-modifiable: false
-issuer: "0N1%0B0%09%06%03U%04%06%13%02US1%100%0E%06%03U%04%0A%13%07Equifax1-0%2B%06%03U%04%0B%13%24Equifax%20Secure%20Certificate%20Authority"
-serial-number: "%02%03%15y%14"
-x-distrusted: true
-
-
-[p11-kit-object-v1]
-label: "Distrusted AC DG Tresor SSL"
-class: certificate
-certificate-type: x-509
-modifiable: false
-issuer: "0K1%0B0%09%06%03U%04%06%13%02FR1%0E0%0C%06%03U%04%0A%13%05DGTPE1%2C0%2A%06%03U%04%03%13%23AC%20DGTPE%20Signature%20Authentification"
-serial-number: "%02%03%03%1D%A7"
-x-distrusted: true
-
-
 [p11-kit-object-v1]
 label: "E-Tugra Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY
@@ -9129,7 +6236,7 @@ nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI=
 label: "EE Certification Centre Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCDA7ODFS6sHeJXzRO77
@@ -9234,7 +6341,7 @@ GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0=
 label: "Entrust.net Premium 2048 Secure Server CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq
@@ -9337,7 +6444,7 @@ fF6adulZkMV8gzURZVE=
 label: "Entrust Root Certification Authority - EC1"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEhBPJ0LptQXvibNDrVV9mAhok9FuJaUfj
@@ -9411,7 +6518,7 @@ hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
 label: "Entrust Root Certification Authority - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoS2ctueDGvimekwAad2
@@ -9622,320 +6729,6 @@ eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
 #         66:d2:f7:57:70:36:b3:bf:fc:28:af:71:25:85:5b:13:fe:1e:
 #         7f:5a:b4:3c
 
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Cyber CA"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2oXoRnrf2+70bH
-yLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71StKesckUXxvCJ
-67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE724sIN2qqylLe
-tTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJpnaA/Ud8LQZEN
-peGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj9JIg1wOmPaMe
-Z8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRuLktktSdlt3Ul
-CbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFUZ5iMh9XJ02zL
-01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVkvEdgv2DjdosT
-Vd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX63o6NGyEU1zeL
-NHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIteFAgmv15LyR/
-8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4iBCenQPGpaqi
-JFH3SRTFse5ZQ5Xfq2goMD8CAwEAAQ==
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Cyber CA"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2oXoRnrf2+70bH
-yLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71StKesckUXxvCJ
-67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE724sIN2qqylLe
-tTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJpnaA/Ud8LQZEN
-peGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj9JIg1wOmPaMe
-Z8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRuLktktSdlt3Ul
-CbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFUZ5iMh9XJ02zL
-01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVkvEdgv2DjdosT
-Vd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX63o6NGyEU1zeL
-NHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIteFAgmv15LyR/
-8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4iBCenQPGpaqi
-JFH3SRTFse5ZQ5Xfq2goMD8CAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Cyber CA"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFRTCCBK6gAwIBAgIED////zANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0ExIDAeBgkqhkiG9w0BCQEWEWluZm9AZGlnaW5vdGFyLm5sMB4XDTA2MTAwNDEw
-NTQxMloXDTExMTAwNDEwNTMxMlowYDELMAkGA1UEBhMCTkwxEjAQBgNVBAoTCURp
-Z2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFyIEN5YmVyIENBMSAwHgYJKoZIhvcN
-AQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
-AgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P89DS5+SxD52ATPXrjss87Z2yQrcC5
-P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXyXUte0dmHutZ9fPXOMp8QM8WxSrte
-kTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCIA6U/i5kTYUO1m4Kz7iBvz6FEouov
-a0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpcSQhdvd5wQbEPyWNr0380dAIvNFp4
-dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtBpcmM5r3qSLYFFgizNxJa92E89zhv
-Lpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2VVgIKgmCyc0XgMyZRdJq51FAc9k1b
-W1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJNEH3gW8/nsl8dVWw58Gzd+jDxAA1
-lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6uc8kpmp/3mQiRFhogmoQ+T3lPhu5
-vfwi9GAEibtVbShV+t6OjRshFNc3izR7TfayshDPM7F9HGKZSMsrbHaWVb8ZDR0f
-u2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0fc1zvrPtTsHR7VJej/e4142HrbLZ
-G1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kUxbHuWUOV36toKDA/AgMBAAGjggGG
-MIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMGA1UdIARMMEowSAYJKwYBBAGxPgEA
-MDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cucHVibGljLXRydXN0LmNvbS9DUFMv
-T21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMCAQYwgaAGA1UdIwSBmDCBlYAUpgwd
-n2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9H
-VEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNvbHV0aW9u
-cywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJvb3SCAgGl
-MEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0LmNvbS9j
-Z2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFKv5aN/PSjfXe0WMX3Le
-QETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9oa6VbB7pEZg4cqFwwezPkCiYE/O+e
-GjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4BJ98UAHV42mv7xXSRZskCSpmBU8l
-gcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE9r1TgSOWPbT6MopTZkQloiXGpjwl
-jPDgKAYityZB
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 268435455 (0xfffffff)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=NL, O=DigiNotar, CN=DigiNotar Cyber CA/emailAddress=info@diginotar.nl
-#        Validity
-#            Not Before: Oct  4 10:54:12 2006 GMT
-#            Not After : Oct  4 10:53:12 2011 GMT
-#        Subject: C=NL, O=DigiNotar, CN=DigiNotar Cyber CA/emailAddress=info@diginotar.nl
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:d2:ce:15:0a:2d:a8:5e:84:67:ad:fd:be:ef:46:
-#                    c7:c8:b9:cf:73:fc:f4:34:b9:f9:2c:43:e7:60:13:
-#                    3d:7a:e3:b2:cf:3b:67:6c:90:ad:c0:b9:3f:84:52:
-#                    f0:35:42:dc:74:dc:28:3b:bd:52:b4:a7:ac:72:45:
-#                    17:c6:f0:89:eb:b4:aa:25:f2:5d:4b:5e:d1:d9:87:
-#                    ba:d6:7d:7c:f5:ce:32:9f:10:33:c5:b1:4a:bb:5e:
-#                    91:31:c2:d0:e9:41:c2:91:64:7e:09:41:3b:db:8b:
-#                    08:37:6a:aa:ca:52:de:b5:39:1e:c0:88:03:a5:3f:
-#                    8b:99:13:61:43:b5:9b:82:b3:ee:20:6f:cf:a1:44:
-#                    a2:ea:2f:6b:40:9f:8f:2b:57:ad:a1:53:c2:85:22:
-#                    69:9d:a0:3f:51:df:0b:41:91:0d:a5:e1:a8:aa:5c:
-#                    49:08:5d:bd:de:70:41:b1:0f:c9:63:6b:d3:7f:34:
-#                    74:02:2f:34:5a:78:75:1c:68:7a:81:67:8a:f3:da:
-#                    40:f0:60:63:f4:92:20:d7:03:a6:3d:a3:1e:67:c4:
-#                    84:1b:41:a5:c9:8c:e6:bd:ea:48:b6:05:16:08:b3:
-#                    37:12:5a:f7:61:3c:f7:38:6f:2e:97:e0:6f:56:38:
-#                    54:d3:28:b5:ad:14:6e:2e:4b:64:b5:27:65:b7:75:
-#                    25:09:b6:07:3d:95:56:02:0a:82:60:b2:73:45:e0:
-#                    33:26:51:74:9a:b9:d4:50:1c:f6:4d:5b:5b:52:52:
-#                    13:5a:a6:7f:a7:0e:e1:e8:41:54:67:98:8c:87:d5:
-#                    c9:d3:6c:cb:d3:54:92:06:09:34:41:f7:81:6f:3f:
-#                    9e:c9:7c:75:55:b0:e7:c1:b3:77:e8:c3:c4:00:35:
-#                    95:40:70:10:4a:05:de:25:bb:9f:59:a5:64:bc:47:
-#                    60:bf:60:e3:76:8b:13:55:dd:e1:74:7a:b9:cf:24:
-#                    a6:6a:7f:de:64:22:44:58:68:82:6a:10:f9:3d:e5:
-#                    3e:1b:b9:bd:fc:22:f4:60:04:89:bb:55:6d:28:55:
-#                    fa:de:8e:8d:1b:21:14:d7:37:8b:34:7b:4d:f6:b2:
-#                    b2:10:cf:33:b1:7d:1c:62:99:48:cb:2b:6c:76:96:
-#                    55:bf:19:0d:1d:1f:bb:65:aa:1b:8e:99:b5:c6:28:
-#                    90:e5:82:2d:78:50:20:9a:fd:79:2f:24:7f:f0:89:
-#                    29:69:f4:7d:cd:73:be:b3:ed:4e:c1:d1:ed:52:5e:
-#                    8f:f7:b8:d7:8d:87:ad:b2:d9:1b:51:12:ff:56:b3:
-#                    e1:af:34:7d:5c:a4:78:88:10:9e:9d:03:c6:a5:aa:
-#                    a2:24:51:f7:49:14:c5:b1:ee:59:43:95:df:ab:68:
-#                    28:30:3f
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:1
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6334.1.0
-#                  CPS: http://www.public-trust.com/CPS/OmniRoot.html
-#
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Authority Key Identifier: 
-#                keyid:A6:0C:1D:9F:61:FF:07:17:B5:BF:38:46:DB:43:30:D5:8E:B0:52:06
-#                DirName:/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
-#                serial:01:A5
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl
-#
-#            X509v3 Subject Key Identifier: 
-#                AB:F9:68:DF:CF:4A:37:D7:7B:45:8C:5F:72:DE:40:44:C3:65:BB:C2
-#    Signature Algorithm: sha1WithRSAEncryption
-#         8f:68:6b:a5:5b:07:ba:44:66:0e:1c:a8:5c:30:7b:33:e4:0a:
-#         26:04:fc:ef:9e:1a:38:d6:2e:a1:1f:d0:99:47:c2:75:64:24:
-#         fd:9e:3b:28:76:b9:26:28:61:91:0c:6d:2c:f8:04:9f:7c:50:
-#         01:d5:e3:69:af:ef:15:d2:45:9b:24:09:2a:66:05:4f:25:81:
-#         ca:5d:be:aa:c1:59:27:ae:33:8e:82:f7:df:74:b0:55:b3:8e:
-#         f8:e7:37:c8:6e:aa:56:44:f6:bd:53:81:23:96:3d:b4:fa:32:
-#         8a:53:66:44:25:a2:25:c6:a6:3c:25:8c:f0:e0:28:06:22:b7:
-#         26:41
-
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Cyber CA 2nd"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2oXoRnrf2+70bH
-yLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71StKesckUXxvCJ
-67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE724sIN2qqylLe
-tTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJpnaA/Ud8LQZEN
-peGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj9JIg1wOmPaMe
-Z8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRuLktktSdlt3Ul
-CbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFUZ5iMh9XJ02zL
-01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVkvEdgv2DjdosT
-Vd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX63o6NGyEU1zeL
-NHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIteFAgmv15LyR/
-8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4iBCenQPGpaqi
-JFH3SRTFse5ZQ5Xfq2goMD8CAwEAAQ==
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Cyber CA 2nd"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2oXoRnrf2+70bH
-yLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71StKesckUXxvCJ
-67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE724sIN2qqylLe
-tTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJpnaA/Ud8LQZEN
-peGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj9JIg1wOmPaMe
-Z8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRuLktktSdlt3Ul
-CbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFUZ5iMh9XJ02zL
-01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVkvEdgv2DjdosT
-Vd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX63o6NGyEU1zeL
-NHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIteFAgmv15LyR/
-8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4iBCenQPGpaqi
-JFH3SRTFse5ZQ5Xfq2goMD8CAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Cyber CA 2nd"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFATCCBGqgAwIBAgIED////zANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0EwHhcNMDYwOTI3MTA1MzUzWhcNMTMwOTIwMDk0NDA3WjA+MQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDSzhUKLahehGet/b7v
-RsfIuc9z/PQ0ufksQ+dgEz1647LPO2dskK3AuT+EUvA1Qtx03Cg7vVK0p6xyRRfG
-8InrtKol8l1LXtHZh7rWfXz1zjKfEDPFsUq7XpExwtDpQcKRZH4JQTvbiwg3aqrK
-Ut61OR7AiAOlP4uZE2FDtZuCs+4gb8+hRKLqL2tAn48rV62hU8KFImmdoD9R3wtB
-kQ2l4aiqXEkIXb3ecEGxD8lja9N/NHQCLzRaeHUcaHqBZ4rz2kDwYGP0kiDXA6Y9
-ox5nxIQbQaXJjOa96ki2BRYIszcSWvdhPPc4by6X4G9WOFTTKLWtFG4uS2S1J2W3
-dSUJtgc9lVYCCoJgsnNF4DMmUXSaudRQHPZNW1tSUhNapn+nDuHoQVRnmIyH1cnT
-bMvTVJIGCTRB94FvP57JfHVVsOfBs3fow8QANZVAcBBKBd4lu59ZpWS8R2C/YON2
-ixNV3eF0ernPJKZqf95kIkRYaIJqEPk95T4bub38IvRgBIm7VW0oVfrejo0bIRTX
-N4s0e032srIQzzOxfRximUjLK2x2llW/GQ0dH7tlqhuOmbXGKJDlgi14UCCa/Xkv
-JH/wiSlp9H3Nc76z7U7B0e1SXo/3uNeNh62y2RtREv9Ws+GvNH1cpHiIEJ6dA8al
-qqIkUfdJFMWx7llDld+raCgwPwIDAQABo4IBhjCCAYIwEgYDVR0TAQH/BAgwBgEB
-/wIBATBTBgNVHSAETDBKMEgGCSsGAQQBsT4BADA7MDkGCCsGAQUFBwIBFi1odHRw
-Oi8vd3d3LnB1YmxpYy10cnVzdC5jb20vQ1BTL09tbmlSb290Lmh0bWwwDgYDVR0P
-AQH/BAQDAgEGMIGgBgNVHSMEgZgwgZWAFKYMHZ9h/wcXtb84RttDMNWOsFIGoXmk
-dzB1MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYD
-VQQLEx5HVEUgQ3liZXJUcnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdU
-RSBDeWJlclRydXN0IEdsb2JhbCBSb290ggIBpTBFBgNVHR8EPjA8MDqgOKA2hjRo
-dHRwOi8vd3d3LnB1YmxpYy10cnVzdC5jb20vY2dpLWJpbi9DUkwvMjAxOC9jZHAu
-Y3JsMB0GA1UdDgQWBBSr+Wjfz0o313tFjF9y3kBEw2W7wjANBgkqhkiG9w0BAQUF
-AAOBgQAJymIPjbtK4NR6NSsGLdEoYbasAfuDSbyu1C8thq4Zg6XWHRPiF77+MnTp
-ehQ4ypRe9ykBaXEbkRr9o7uqHcp74hb9oaMO8wxfsuEgMZQrXpJ27frptSOmvwo7
-A6lvUmBUzV/pty98oif9QYN1tg37eCbzsUXpMpUqGjUhlcWidQ==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 268435455 (0xfffffff)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=NL, O=DigiNotar, CN=DigiNotar Cyber CA
-#        Validity
-#            Not Before: Sep 27 10:53:53 2006 GMT
-#            Not After : Sep 20 09:44:07 2013 GMT
-#        Subject: C=NL, O=DigiNotar, CN=DigiNotar Cyber CA
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:d2:ce:15:0a:2d:a8:5e:84:67:ad:fd:be:ef:46:
-#                    c7:c8:b9:cf:73:fc:f4:34:b9:f9:2c:43:e7:60:13:
-#                    3d:7a:e3:b2:cf:3b:67:6c:90:ad:c0:b9:3f:84:52:
-#                    f0:35:42:dc:74:dc:28:3b:bd:52:b4:a7:ac:72:45:
-#                    17:c6:f0:89:eb:b4:aa:25:f2:5d:4b:5e:d1:d9:87:
-#                    ba:d6:7d:7c:f5:ce:32:9f:10:33:c5:b1:4a:bb:5e:
-#                    91:31:c2:d0:e9:41:c2:91:64:7e:09:41:3b:db:8b:
-#                    08:37:6a:aa:ca:52:de:b5:39:1e:c0:88:03:a5:3f:
-#                    8b:99:13:61:43:b5:9b:82:b3:ee:20:6f:cf:a1:44:
-#                    a2:ea:2f:6b:40:9f:8f:2b:57:ad:a1:53:c2:85:22:
-#                    69:9d:a0:3f:51:df:0b:41:91:0d:a5:e1:a8:aa:5c:
-#                    49:08:5d:bd:de:70:41:b1:0f:c9:63:6b:d3:7f:34:
-#                    74:02:2f:34:5a:78:75:1c:68:7a:81:67:8a:f3:da:
-#                    40:f0:60:63:f4:92:20:d7:03:a6:3d:a3:1e:67:c4:
-#                    84:1b:41:a5:c9:8c:e6:bd:ea:48:b6:05:16:08:b3:
-#                    37:12:5a:f7:61:3c:f7:38:6f:2e:97:e0:6f:56:38:
-#                    54:d3:28:b5:ad:14:6e:2e:4b:64:b5:27:65:b7:75:
-#                    25:09:b6:07:3d:95:56:02:0a:82:60:b2:73:45:e0:
-#                    33:26:51:74:9a:b9:d4:50:1c:f6:4d:5b:5b:52:52:
-#                    13:5a:a6:7f:a7:0e:e1:e8:41:54:67:98:8c:87:d5:
-#                    c9:d3:6c:cb:d3:54:92:06:09:34:41:f7:81:6f:3f:
-#                    9e:c9:7c:75:55:b0:e7:c1:b3:77:e8:c3:c4:00:35:
-#                    95:40:70:10:4a:05:de:25:bb:9f:59:a5:64:bc:47:
-#                    60:bf:60:e3:76:8b:13:55:dd:e1:74:7a:b9:cf:24:
-#                    a6:6a:7f:de:64:22:44:58:68:82:6a:10:f9:3d:e5:
-#                    3e:1b:b9:bd:fc:22:f4:60:04:89:bb:55:6d:28:55:
-#                    fa:de:8e:8d:1b:21:14:d7:37:8b:34:7b:4d:f6:b2:
-#                    b2:10:cf:33:b1:7d:1c:62:99:48:cb:2b:6c:76:96:
-#                    55:bf:19:0d:1d:1f:bb:65:aa:1b:8e:99:b5:c6:28:
-#                    90:e5:82:2d:78:50:20:9a:fd:79:2f:24:7f:f0:89:
-#                    29:69:f4:7d:cd:73:be:b3:ed:4e:c1:d1:ed:52:5e:
-#                    8f:f7:b8:d7:8d:87:ad:b2:d9:1b:51:12:ff:56:b3:
-#                    e1:af:34:7d:5c:a4:78:88:10:9e:9d:03:c6:a5:aa:
-#                    a2:24:51:f7:49:14:c5:b1:ee:59:43:95:df:ab:68:
-#                    28:30:3f
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:1
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6334.1.0
-#                  CPS: http://www.public-trust.com/CPS/OmniRoot.html
-#
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Authority Key Identifier: 
-#                keyid:A6:0C:1D:9F:61:FF:07:17:B5:BF:38:46:DB:43:30:D5:8E:B0:52:06
-#                DirName:/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
-#                serial:01:A5
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl
-#
-#            X509v3 Subject Key Identifier: 
-#                AB:F9:68:DF:CF:4A:37:D7:7B:45:8C:5F:72:DE:40:44:C3:65:BB:C2
-#    Signature Algorithm: sha1WithRSAEncryption
-#         09:ca:62:0f:8d:bb:4a:e0:d4:7a:35:2b:06:2d:d1:28:61:b6:
-#         ac:01:fb:83:49:bc:ae:d4:2f:2d:86:ae:19:83:a5:d6:1d:13:
-#         e2:17:be:fe:32:74:e9:7a:14:38:ca:94:5e:f7:29:01:69:71:
-#         1b:91:1a:fd:a3:bb:aa:1d:ca:7b:e2:16:fd:a1:a3:0e:f3:0c:
-#         5f:b2:e1:20:31:94:2b:5e:92:76:ed:fa:e9:b5:23:a6:bf:0a:
-#         3b:03:a9:6f:52:60:54:cd:5f:e9:b7:2f:7c:a2:27:fd:41:83:
-#         75:b6:0d:fb:78:26:f3:b1:45:e9:32:95:2a:1a:35:21:95:c5:
-#         a2:75
-
 [p11-kit-object-v1]
 label: "Explicitly Distrust DigiNotar Root CA"
 class: x-certificate-extension
@@ -10103,251 +6896,6 @@ j6BkOSQNPXuHr2ZcdBtLc7LljPCGmbjlxd+Ewbfr
 #         24:0d:3d:7b:87:af:66:5c:74:1b:4b:73:b2:e5:8c:f0:86:99:
 #         b8:e5:c5:df:84:c1:b7:eb
 
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Services 1024 CA"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDam01dPPnR4ovGxgggxdkeSOxm
-WGd5YitBY/SJjWjar7iUNosZJKSgk9KZD7KtLTVNzS9q4fmbGSu8BBp+LT1SZM3x
-PmcPiS7o8k+upgihhf6hqQnmxqs+Q/yvegOR2qY5pmHumE8YqNOzr2aC6Z+83XL5
-BgS9EtkYJOerk1OLWQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Services 1024 CA"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDam01dPPnR4ovGxgggxdkeSOxm
-WGd5YitBY/SJjWjar7iUNosZJKSgk9KZD7KtLTVNzS9q4fmbGSu8BBp+LT1SZM3x
-PmcPiS7o8k+upgihhf6hqQnmxqs+Q/yvegOR2qY5pmHumE8YqNOzr2aC6Z+83XL5
-BgS9EtkYJOerk1OLWQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Explicitly Distrust DigiNotar Services 1024 CA"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIDcTCCAtqgAwIBAgIED////zANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMSMwIQYDVQQDExpEaWdpTm90YXIgU2Vydmlj
-ZXMgMTAyNCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwHhcN
-MDcwNzI2MTU1OTAxWhcNMTMwODI2MTYyOTAxWjBoMQswCQYDVQQGEwJOTDESMBAG
-A1UEChMJRGlnaU5vdGFyMSMwIQYDVQQDExpEaWdpTm90YXIgU2VydmljZXMgMTAy
-NCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwgZ8wDQYJKoZI
-hvcNAQEBBQADgY0AMIGJAoGBANqbTV08+dHii8bGCCDF2R5I7GZYZ3liK0Fj9ImN
-aNqvuJQ2ixkkpKCT0pkPsq0tNU3NL2rh+ZsZK7wEGn4tPVJkzfE+Zw+JLujyT66m
-CKGF/qGpCebGqz5D/K96A5HapjmmYe6YTxio07OvZoLpn7zdcvkGBL0S2Rgk56uT
-U4tZAgMBAAGjggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4G
-CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAA
-MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
-dC5uZXQwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9z
-ZXJ2ZXIxLmNybDAdBgNVHQ4EFgQU/tyUSQxv71x/xvESmU8WSa37gmUwCwYDVR0P
-BAQDAgEGMB8GA1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2
-fQdBAAQMMAobBFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAGN0ajepP5acZshY
-rAnJ7/VllH+jAsQ4Mb1dI4fs1FayybJu5AUG/Oz1+ohwWdTu5t21eqCjYC8CDKve
-El2v8DVLqopHkRr1hSxCxx3vlUOzXriVk6XaxSiqrXItMa2Za2z/jCEnr62akSvH
-3VjDbgfFn3nSx4xVv0zHJ15RFis+
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 268435455 (0xfffffff)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=NL, O=DigiNotar, CN=DigiNotar Services 1024 CA/emailAddress=info@diginotar.nl
-#        Validity
-#            Not Before: Jul 26 15:59:01 2007 GMT
-#            Not After : Aug 26 16:29:01 2013 GMT
-#        Subject: C=NL, O=DigiNotar, CN=DigiNotar Services 1024 CA/emailAddress=info@diginotar.nl
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (1024 bit)
-#                Modulus:
-#                    00:da:9b:4d:5d:3c:f9:d1:e2:8b:c6:c6:08:20:c5:
-#                    d9:1e:48:ec:66:58:67:79:62:2b:41:63:f4:89:8d:
-#                    68:da:af:b8:94:36:8b:19:24:a4:a0:93:d2:99:0f:
-#                    b2:ad:2d:35:4d:cd:2f:6a:e1:f9:9b:19:2b:bc:04:
-#                    1a:7e:2d:3d:52:64:cd:f1:3e:67:0f:89:2e:e8:f2:
-#                    4f:ae:a6:08:a1:85:fe:a1:a9:09:e6:c6:ab:3e:43:
-#                    fc:af:7a:03:91:da:a6:39:a6:61:ee:98:4f:18:a8:
-#                    d3:b3:af:66:82:e9:9f:bc:dd:72:f9:06:04:bd:12:
-#                    d9:18:24:e7:ab:93:53:8b:59
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:0
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication, E-mail Protection
-#            X509v3 Certificate Policies: 
-#                Policy: X509v3 Any Policy
-#
-#            Authority Information Access: 
-#                OCSP - URI:http://ocsp.entrust.net
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.entrust.net/server1.crl
-#
-#            X509v3 Subject Key Identifier: 
-#                FE:DC:94:49:0C:6F:EF:5C:7F:C6:F1:12:99:4F:16:49:AD:FB:82:65
-#            X509v3 Key Usage: 
-#                Certificate Sign, CRL Sign
-#            X509v3 Authority Key Identifier: 
-#                keyid:F0:17:62:13:55:3D:B3:FF:0A:00:6B:FB:50:84:97:F3:ED:62:D0:1A
-#
-#            1.2.840.113533.7.65.0: 
-#                0
-#..V7.1....
-#    Signature Algorithm: sha1WithRSAEncryption
-#         63:74:6a:37:a9:3f:96:9c:66:c8:58:ac:09:c9:ef:f5:65:94:
-#         7f:a3:02:c4:38:31:bd:5d:23:87:ec:d4:56:b2:c9:b2:6e:e4:
-#         05:06:fc:ec:f5:fa:88:70:59:d4:ee:e6:dd:b5:7a:a0:a3:60:
-#         2f:02:0c:ab:de:12:5d:af:f0:35:4b:aa:8a:47:91:1a:f5:85:
-#         2c:42:c7:1d:ef:95:43:b3:5e:b8:95:93:a5:da:c5:28:aa:ad:
-#         72:2d:31:ad:99:6b:6c:ff:8c:21:27:af:ad:9a:91:2b:c7:dd:
-#         58:c3:6e:07:c5:9f:79:d2:c7:8c:55:bf:4c:c7:27:5e:51:16:
-#         2b:3e
-
-[p11-kit-object-v1]
-label: "Explicitly Distrusted DigiNotar PKIoverheid"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3L3Sp05qCrs7ooXhfwCt
-vrQwaJgHzaB6xJTPcfmKN+RT61d2zIvmbP7uh1XIPrsEOQCngHisW09+9L24VLhx
-OwcxSTmTVHwgO3krj7thkH2xrOYfkC6dRQGpZC1Nwy+551DVTipcq3Z2N0bXeexC
-mfei7KSJcNw4K4emqiTmnZIkG772/dQvGRd65jIHlFQFU0PpbLyvR8u8y/29O0QS
-gfFrS7vttM+rJU8Y0swC/KNPtUIzy1nNCdzTUP2gdoysfmaKQvatHJLztvsURutN
-1y8w4G3uWza+RHS3IAVXhU3oABmi9gzmrqHAQt+nrIJdx2i3GOaJS5pr+s55+fMs
-pwIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Explicitly Distrusted DigiNotar PKIoverheid"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3L3Sp05qCrs7ooXhfwCt
-vrQwaJgHzaB6xJTPcfmKN+RT61d2zIvmbP7uh1XIPrsEOQCngHisW09+9L24VLhx
-OwcxSTmTVHwgO3krj7thkH2xrOYfkC6dRQGpZC1Nwy+551DVTipcq3Z2N0bXeexC
-mfei7KSJcNw4K4emqiTmnZIkG772/dQvGRd65jIHlFQFU0PpbLyvR8u8y/29O0QS
-gfFrS7vttM+rJU8Y0swC/KNPtUIzy1nNCdzTUP2gdoysfmaKQvatHJLztvsURutN
-1y8w4G3uWza+RHS3IAVXhU3oABmi9gzmrqHAQt+nrIJdx2i3GOaJS5pr+s55+fMs
-pwIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Explicitly Distrusted DigiNotar PKIoverheid"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEjjCCA3agAwIBAgIED////zANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJO
-TDEXMBUGA1UEChMORGlnaU5vdGFyIEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQ
-S0lvdmVyaGVpZCBDQSBPdmVyaGVpZCBlbiBCZWRyaWp2ZW4wHhcNMDcwNzA1MDg0
-MjA4WhcNMTUwNzI3MDgzOTQ3WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGln
-aU5vdGFyIEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBP
-dmVyaGVpZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQDcvdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6H
-Vcg+uwQ5AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalk
-LU3DL7nnUNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rm
-MgeUVAVTQ+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ
-/aB2jKx+ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC
-36esgl3HaLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0G
-BFUdIAAwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3Bz
-L3BraW92ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGA
-BgNVHSMEeTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMC
-TkwxHjAcBgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3Rh
-YXQgZGVyIE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCg
-LoYsaHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmww
-HQYDVR0OBBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IB
-AQAMlIcav03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+m
-riXiRWsiD7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X
-5HNhIxMmcUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZ
-hzizDXMU5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro
-5Ij76eUvBjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkeg
-llYOQJBRRKwa/fHuhR/3Qlpl
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 268435455 (0xfffffff)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=NL, O=DigiNotar B.V., CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
-#        Validity
-#            Not Before: Jul  5 08:42:08 2007 GMT
-#            Not After : Jul 27 08:39:47 2015 GMT
-#        Subject: C=NL, O=DigiNotar B.V., CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:dc:bd:d2:a7:4e:6a:0a:bb:3b:a2:85:e1:7f:00:
-#                    ad:be:b4:30:68:98:07:cd:a0:7a:c4:94:cf:71:f9:
-#                    8a:37:e4:53:eb:57:76:cc:8b:e6:6c:fe:ee:87:55:
-#                    c8:3e:bb:04:39:00:a7:80:78:ac:5b:4f:7e:f4:bd:
-#                    b8:54:b8:71:3b:07:31:49:39:93:54:7c:20:3b:79:
-#                    2b:8f:bb:61:90:7d:b1:ac:e6:1f:90:2e:9d:45:01:
-#                    a9:64:2d:4d:c3:2f:b9:e7:50:d5:4e:2a:5c:ab:76:
-#                    76:37:46:d7:79:ec:42:99:f7:a2:ec:a4:89:70:dc:
-#                    38:2b:87:a6:aa:24:e6:9d:92:24:1b:be:f6:fd:d4:
-#                    2f:19:17:7a:e6:32:07:94:54:05:53:43:e9:6c:bc:
-#                    af:47:cb:bc:cb:fd:bd:3b:44:12:81:f1:6b:4b:bb:
-#                    ed:b4:cf:ab:25:4f:18:d2:cc:02:fc:a3:4f:b5:42:
-#                    33:cb:59:cd:09:dc:d3:50:fd:a0:76:8c:ac:7e:66:
-#                    8a:42:f6:ad:1c:92:f3:b6:fb:14:46:eb:4d:d7:2f:
-#                    30:e0:6d:ee:5b:36:be:44:74:b7:20:05:57:85:4d:
-#                    e8:00:19:a2:f6:0c:e6:ae:a1:c0:42:df:a7:ac:82:
-#                    5d:c7:68:b7:18:e6:89:4b:9a:6b:fa:ce:79:f9:f3:
-#                    2c:a7
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Certificate Policies: 
-#                Policy: X509v3 Any Policy
-#                  CPS: http://www.diginotar.nl/cps/pkioverheid
-#
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Authority Key Identifier: 
-#                keyid:0B:86:D6:0F:77:A3:68:B1:FB:64:09:C3:88:6E:5C:04:1C:57:E9:3D
-#                DirName:/C=NL/O=Staat der Nederlanden/CN=Staat der Nederlanden Root CA
-#                serial:98:9A:79
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.pkioverheid.nl/DomOvLatestCRL.crl
-#
-#            X509v3 Subject Key Identifier: 
-#                4C:08:C9:8D:76:F1:98:C7:3E:DF:3C:D7:2F:75:0D:B1:76:79:97:CC
-#    Signature Algorithm: sha1WithRSAEncryption
-#         0c:94:87:1a:bf:4d:e3:85:e2:ee:d7:d8:63:79:0e:50:df:c6:
-#         84:5b:d2:bb:d9:f5:31:0a:1a:35:97:74:df:14:fa:2a:0f:3e:
-#         ed:a0:e3:08:f6:d5:4e:5b:af:a6:ae:25:e2:45:6b:22:0f:b7:
-#         54:28:7e:92:de:8d:14:6c:d1:1c:e5:6e:74:04:9c:b7:ef:34:
-#         44:45:df:c9:83:1d:19:1f:c0:29:69:df:89:d5:3f:c2:b0:53:
-#         6d:e5:4e:17:e4:73:61:23:13:26:71:43:fd:4c:59:cb:c3:df:
-#         22:aa:21:2b:d9:bf:95:11:1a:8a:a4:e2:ab:a7:5d:4b:6f:29:
-#         f5:52:d1:e4:d2:15:b1:8b:fe:f0:03:cf:a7:7d:e9:99:87:38:
-#         b3:0d:73:14:e4:72:2c:e1:ce:f5:ad:06:48:64:fa:d3:29:b9:
-#         a2:d8:bb:f4:d5:0b:a5:40:44:43:8e:a0:bf:ce:5a:a5:52:4c:
-#         64:d3:17:31:61:cc:e8:a4:8a:e8:e4:88:fb:e9:e5:2f:06:33:
-#         33:9b:94:66:66:b1:ab:50:3a:a1:09:81:74:53:5a:27:b9:a6:
-#         d2:25:cf:d3:c3:a7:ff:96:d0:2f:ea:e0:1e:8d:52:e9:18:1c:
-#         20:0a:47:a0:96:56:0e:40:90:51:44:ac:1a:fd:f1:ee:85:1f:
-#         f7:42:5a:65
-
 [p11-kit-object-v1]
 label: "Explicitly Distrusted DigiNotar PKIoverheid G2"
 class: x-certificate-extension
@@ -10535,397 +7083,157 @@ pPNOujeYe4K5
 #         f3:4e:ba:37:98:7b:82:b9
 
 [p11-kit-object-v1]
-label: "Explicitly Distrusted MCSHOLDING CA"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfl1DAau7gwRzZYzTWvO
-wEoMPV3r0ksJf+dHLKxxAPkIrzTxo2rH/OarztC+ys0qmJi50I4zSQdhINFaNM6D
-FAZ5jhq/2+SgODrulLmjoFg6iRSsYD4D1MfNOxywmogaSRCpsLL95ejhBOLqgm3+
-DFFFka11Iq7/T5ALwFNldz4ewla1NsbWhcwOgxozH3aZWyuXK4vX0RQVTJ1Z14Av
-pKKF1Yg2AmBVyljfk/xKYgeW08T6v40BJ5cvplx08TpCbl15FDAxGjzZsldN4Lg/
-D2kxop1lmdnWMYe1mCbf8Mu7FcAkE2JSGmvLRQeX48SUXskNRyzpz+n0j/414TLn
-MQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Explicitly Distrusted MCSHOLDING CA"
+label: "GDCA TrustAUTH R5 ROOT"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfl1DAau7gwRzZYzTWvO
-wEoMPV3r0ksJf+dHLKxxAPkIrzTxo2rH/OarztC+ys0qmJi50I4zSQdhINFaNM6D
-FAZ5jhq/2+SgODrulLmjoFg6iRSsYD4D1MfNOxywmogaSRCpsLL95ejhBOLqgm3+
-DFFFka11Iq7/T5ALwFNldz4ewla1NsbWhcwOgxozH3aZWyuXK4vX0RQVTJ1Z14Av
-pKKF1Yg2AmBVyljfk/xKYgeW08T6v40BJ5cvplx08TpCbl15FDAxGjzZsldN4Lg/
-D2kxop1lmdnWMYe1mCbf8Mu7FcAkE2JSGmvLRQeX48SUXskNRyzpz+n0j/414TLn
-MQIDAQAB
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+
+Vfy1YI92hhJCfVZmPoiC7XJjDp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcu
+EVe6ghWinI9tsJlKCvLriXBjTnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00
+mxqriCZ7VqKChh/rNYmDf1+uKU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfr
+lYwiOXnhLQiPzLyRuEH3FMEjqcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqw
+TTQJ9Cy5WmYqsBebnh52nUpmMUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeS
+N72+ahsmUPI2JgaQxXABZG12ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8myS
+lwnNR30YwPO7ng/Wi64HtloPzgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmV
+diBnaM8Nvd/WHwlqmuLMc3GkL30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo7
+0e0gmu9lZJIQDSri3nDxGGeCjGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILn
+sn8JuLwwoC8N9VKejveSswoAHQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx
+9hoh49pwBiFYFIeFd3mqgnkCAwEAAQ==
 -----END PUBLIC KEY-----
 
 [p11-kit-object-v1]
-label: "Explicitly Distrusted MCSHOLDING CA"
-x-distrusted: true
+label: "GDCA TrustAUTH R5 ROOT"
+trusted: true
 nss-mozilla-ca-policy: true
 modifiable: false
 -----BEGIN CERTIFICATE-----
-MIIEkjCCA3qgAwIBAgIESTMAjjANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMTUwMzE5
-MDYyMDA5WhcNMTUwNDAzMDYyMDA5WjA8MQswCQYDVQQGEwJFRzETMBEGA1UECgwK
-TUNTSE9MRElORzEYMBYGA1UEAwwPTUNTSE9MRElORyBURVNUMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfl1DAau7gwRzZYzTWvOwEoMPV3r0ksJf+dH
-LKxxAPkIrzTxo2rH/OarztC+ys0qmJi50I4zSQdhINFaNM6DFAZ5jhq/2+SgODru
-lLmjoFg6iRSsYD4D1MfNOxywmogaSRCpsLL95ejhBOLqgm3+DFFFka11Iq7/T5AL
-wFNldz4ewla1NsbWhcwOgxozH3aZWyuXK4vX0RQVTJ1Z14AvpKKF1Yg2AmBVyljf
-k/xKYgeW08T6v40BJ5cvplx08TpCbl15FDAxGjzZsldN4Lg/D2kxop1lmdnWMYe1
-mCbf8Mu7FcAkE2JSGmvLRQeX48SUXskNRyzpz+n0j/414TLnMQIDAQABo4IBpDCC
-AaAwdgYIKwYBBQUHAQEEajBoMCkGCCsGAQUFBzABhh1odHRwOi8vb2NzcGNubmlj
-cm9vdC5jbm5pYy5jbjA7BggrBgEFBQcwAoYvaHR0cDovL3d3dy5jbm5pYy5jbi9k
-b3dubG9hZC9jZXJ0L0NOTklDUk9PVC5jZXIwHwYDVR0jBBgwFoAUZfIxrSr3991S
-lgrHAsEO76bVOxEwDwYDVR0TAQH/BAUwAwEB/zA/BgNVHSAEODA2MDQGCisGAQQB
-gekMAQYwJjAkBggrBgEFBQcCARYYaHR0cDovL3d3dy5jbm5pYy5jbi9jcHMvMIGG
-BgNVHR8EfzB9MEKgQKA+pDwwOjELMAkGA1UEBhMCQ04xDjAMBgNVBAoMBUNOTklD
-MQwwCgYDVQQLDANjcmwxDTALBgNVBAMMBGNybDEwN6A1oDOGMWh0dHA6Ly9jcmwu
-Y25uaWMuY24vZG93bmxvYWQvcm9vdHNoYTJjcmwvQ1JMMS5jcmwwCwYDVR0PBAQD
-AgEGMB0GA1UdDgQWBBREpImrFF89byA8qnz6Ga70SGAFtTANBgkqhkiG9w0BAQsF
-AAOCAQEAXLT1U5tPueCEiTG+ni7qniFLpY9toabzL0jr6dutHjGA0Hk7EO+aJPeT
-GzXzGsLHwiwKf29b8V9zkQT7DXkN6RoG1oP9TmCdbJJDTOpkmESr1/tH0K8fZEzi
-3XdoFsIsoaCBlwBCH34geOjGUB0LfxWTWVhAFITwp5BrNgVn6n8ibbvRpSZNszCk
-WNRbtRqMUIy4DeGgB7MPWM7XBbV9NXlvotsMACpoJIx+nMF2Sbp8ZhHe8kfO/tDO
-Vb4I2vJ5JioVOc5rGKbf2IcomZQOLWihms5SNpwr7LRos2wVrMtwQvLEQaXI/CF4
-U3cyIKkhTHLi07LJdhsYWEILQpKz5A==
+MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w
+HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj
+Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj
+TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u
+KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj
+qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm
+MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12
+ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP
+zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk
+L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC
+jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA
+HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC
+AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg
+p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm
+DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5
+COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry
+L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf
+JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg
+IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io
+2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV
+09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ
+XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq
+T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe
+MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g==
 -----END CERTIFICATE-----
 #Certificate:
 #    Data:
 #        Version: 3 (0x2)
-#        Serial Number: 1228079246 (0x4933008e)
+#        Serial Number:
+#            7d:09:97:fe:f0:47:ea:7a
 #    Signature Algorithm: sha256WithRSAEncryption
-#        Issuer: C=CN, O=CNNIC, CN=CNNIC ROOT
+#        Issuer: C=CN, O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD., CN=GDCA TrustAUTH R5 ROOT
 #        Validity
-#            Not Before: Mar 19 06:20:09 2015 GMT
-#            Not After : Apr  3 06:20:09 2015 GMT
-#        Subject: C=EG, O=MCSHOLDING, CN=MCSHOLDING TEST
+#            Not Before: Nov 26 05:13:15 2014 GMT
+#            Not After : Dec 31 15:59:59 2040 GMT
+#        Subject: C=CN, O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD., CN=GDCA TrustAUTH R5 ROOT
 #        Subject Public Key Info:
 #            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
+#                Public-Key: (4096 bit)
 #                Modulus:
-#                    00:a5:f9:75:0c:06:ae:ee:0c:11:cd:96:33:4d:6b:
-#                    ce:c0:4a:0c:3d:5d:eb:d2:4b:09:7f:e7:47:2c:ac:
-#                    71:00:f9:08:af:34:f1:a3:6a:c7:fc:e6:ab:ce:d0:
-#                    be:ca:cd:2a:98:98:b9:d0:8e:33:49:07:61:20:d1:
-#                    5a:34:ce:83:14:06:79:8e:1a:bf:db:e4:a0:38:3a:
-#                    ee:94:b9:a3:a0:58:3a:89:14:ac:60:3e:03:d4:c7:
-#                    cd:3b:1c:b0:9a:88:1a:49:10:a9:b0:b2:fd:e5:e8:
-#                    e1:04:e2:ea:82:6d:fe:0c:51:45:91:ad:75:22:ae:
-#                    ff:4f:90:0b:c0:53:65:77:3e:1e:c2:56:b5:36:c6:
-#                    d6:85:cc:0e:83:1a:33:1f:76:99:5b:2b:97:2b:8b:
-#                    d7:d1:14:15:4c:9d:59:d7:80:2f:a4:a2:85:d5:88:
-#                    36:02:60:55:ca:58:df:93:fc:4a:62:07:96:d3:c4:
-#                    fa:bf:8d:01:27:97:2f:a6:5c:74:f1:3a:42:6e:5d:
-#                    79:14:30:31:1a:3c:d9:b2:57:4d:e0:b8:3f:0f:69:
-#                    31:a2:9d:65:99:d9:d6:31:87:b5:98:26:df:f0:cb:
-#                    bb:15:c0:24:13:62:52:1a:6b:cb:45:07:97:e3:c4:
-#                    94:5e:c9:0d:47:2c:e9:cf:e9:f4:8f:fe:35:e1:32:
-#                    e7:31
+#                    00:d9:a3:16:f0:c8:74:74:77:9b:ef:33:0d:3b:06:
+#                    7e:55:fc:b5:60:8f:76:86:12:42:7d:56:66:3e:88:
+#                    82:ed:72:63:0e:9e:8b:dd:34:2c:02:51:51:c3:19:
+#                    fd:59:54:84:c9:f1:6b:b3:4c:b0:e9:e8:46:5d:38:
+#                    c6:a2:a7:2e:11:57:ba:82:15:a2:9c:8f:6d:b0:99:
+#                    4a:0a:f2:eb:89:70:63:4e:79:c4:b7:5b:bd:a2:5d:
+#                    b1:f2:41:02:2b:ad:a9:3a:a3:ec:79:0a:ec:5f:3a:
+#                    e3:fd:ef:80:3c:ad:34:9b:1a:ab:88:26:7b:56:a2:
+#                    82:86:1f:eb:35:89:83:7f:5f:ae:29:4e:3d:b6:6e:
+#                    ec:ae:c1:f0:27:9b:ae:e3:f4:ec:ef:ae:7f:f7:86:
+#                    3d:72:7a:eb:a5:fb:59:4e:a7:eb:95:8c:22:39:79:
+#                    e1:2d:08:8f:cc:bc:91:b8:41:f7:14:c1:23:a9:c3:
+#                    ad:9a:45:44:b3:b2:d7:2c:cd:c6:29:e2:50:10:ae:
+#                    5c:cb:82:8e:17:18:36:7d:97:e6:88:9a:b0:4d:34:
+#                    09:f4:2c:b9:5a:66:2a:b0:17:9b:9e:1e:76:9d:4a:
+#                    66:31:41:df:3f:fb:c5:06:ef:1b:b6:7e:1a:46:36:
+#                    f7:64:63:3b:e3:39:18:23:e7:67:75:14:d5:75:57:
+#                    92:37:bd:be:6a:1b:26:50:f2:36:26:06:90:c5:70:
+#                    01:64:6d:76:66:e1:91:db:6e:07:c0:61:80:2e:b2:
+#                    2e:2f:8c:70:a7:d1:3b:3c:b3:91:e4:6e:b6:c4:3b:
+#                    70:f2:6c:92:97:09:cd:47:7d:18:c0:f3:bb:9e:0f:
+#                    d6:8b:ae:07:b6:5a:0f:ce:0b:0c:47:a7:e5:3e:b8:
+#                    bd:7d:c7:9b:35:a0:61:97:3a:41:75:17:cc:2b:96:
+#                    77:2a:92:21:1e:d9:95:76:20:67:68:cf:0d:bd:df:
+#                    d6:1f:09:6a:9a:e2:cc:73:71:a4:2f:7d:12:80:b7:
+#                    53:30:46:5e:4b:54:99:0f:67:c9:a5:c8:f2:20:c1:
+#                    82:ec:9d:11:df:c2:02:fb:1a:3b:d1:ed:20:9a:ef:
+#                    65:64:92:10:0d:2a:e2:de:70:f1:18:67:82:8c:61:
+#                    de:b8:bc:d1:2f:9c:fb:0f:d0:2b:ed:1b:76:b9:e4:
+#                    39:55:f8:f8:a1:1d:b8:aa:80:00:4c:82:e7:b2:7f:
+#                    09:b8:bc:30:a0:2f:0d:f5:52:9e:8e:f7:92:b3:0a:
+#                    00:1d:00:54:97:06:e0:b1:07:d9:c7:0f:5c:65:7d:
+#                    3c:6d:59:57:e4:ed:a5:8d:e9:40:53:9f:15:4b:a0:
+#                    71:f6:1a:21:e3:da:70:06:21:58:14:87:85:77:79:
+#                    aa:82:79
 #                Exponent: 65537 (0x10001)
 #        X509v3 extensions:
-#            Authority Information Access: 
-#                OCSP - URI:http://ocspcnnicroot.cnnic.cn
-#                CA Issuers - URI:http://www.cnnic.cn/download/cert/CNNICROOT.cer
-#
-#            X509v3 Authority Key Identifier: 
-#                keyid:65:F2:31:AD:2A:F7:F7:DD:52:96:0A:C7:02:C1:0E:EF:A6:D5:3B:11
-#
+#            X509v3 Subject Key Identifier: 
+#                E2:C9:40:9F:4D:CE:E8:9A:A1:7C:CF:0E:3F:65:C5:29:88:6A:19:51
 #            X509v3 Basic Constraints: critical
 #                CA:TRUE
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.29836.1.6
-#                  CPS: http://www.cnnic.cn/cps/
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  DirName: C = CN, O = CNNIC, OU = crl, CN = crl1
-#
-#                Full Name:
-#                  URI:http://crl.cnnic.cn/download/rootsha2crl/CRL1.crl
-#
-#            X509v3 Key Usage: 
-#                Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                44:A4:89:AB:14:5F:3D:6F:20:3C:AA:7C:FA:19:AE:F4:48:60:05:B5
+#            X509v3 Key Usage: critical
+#                Digital Signature, Certificate Sign, CRL Sign
 #    Signature Algorithm: sha256WithRSAEncryption
-#         5c:b4:f5:53:9b:4f:b9:e0:84:89:31:be:9e:2e:ea:9e:21:4b:
-#         a5:8f:6d:a1:a6:f3:2f:48:eb:e9:db:ad:1e:31:80:d0:79:3b:
-#         10:ef:9a:24:f7:93:1b:35:f3:1a:c2:c7:c2:2c:0a:7f:6f:5b:
-#         f1:5f:73:91:04:fb:0d:79:0d:e9:1a:06:d6:83:fd:4e:60:9d:
-#         6c:92:43:4c:ea:64:98:44:ab:d7:fb:47:d0:af:1f:64:4c:e2:
-#         dd:77:68:16:c2:2c:a1:a0:81:97:00:42:1f:7e:20:78:e8:c6:
-#         50:1d:0b:7f:15:93:59:58:40:14:84:f0:a7:90:6b:36:05:67:
-#         ea:7f:22:6d:bb:d1:a5:26:4d:b3:30:a4:58:d4:5b:b5:1a:8c:
-#         50:8c:b8:0d:e1:a0:07:b3:0f:58:ce:d7:05:b5:7d:35:79:6f:
-#         a2:db:0c:00:2a:68:24:8c:7e:9c:c1:76:49:ba:7c:66:11:de:
-#         f2:47:ce:fe:d0:ce:55:be:08:da:f2:79:26:2a:15:39:ce:6b:
-#         18:a6:df:d8:87:28:99:94:0e:2d:68:a1:9a:ce:52:36:9c:2b:
-#         ec:b4:68:b3:6c:15:ac:cb:70:42:f2:c4:41:a5:c8:fc:21:78:
-#         53:77:32:20:a9:21:4c:72:e2:d3:b2:c9:76:1b:18:58:42:0b:
-#         42:92:b3:e4
-
-[p11-kit-object-v1]
-label: "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtqGRLTYfHhFm5+5BGoKaJwPH+
-1dpUgjcNmStFJgroVrB/yqj0jkeEAYIp47NqtZHz+5WFvHKoZOgKQJzF9HGue3tq
-B+qQFE+Nia+Uq7IG1AJqe5gfWbk6zVT6IN+yKgrpuN1pkMAp007Ql+1mzMUZSQZ/
-+l4sfHuFGzJC33uVJQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtqGRLTYfHhFm5+5BGoKaJwPH+
-1dpUgjcNmStFJgroVrB/yqj0jkeEAYIp47NqtZHz+5WFvHKoZOgKQJzF9HGue3tq
-B+qQFE+Nia+Uq7IG1AJqe5gfWbk6zVT6IN+yKgrpuN1pkMAp007Ql+1mzMUZSQZ/
-+l4sfHuFGzJC33uVJQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIDzTCCAzagAwIBAgIGB///////MA0GCSqGSIb3DQEBBQUAMHUxCzAJBgNVBAYT
-AlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJl
-clRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3Qg
-R2xvYmFsIFJvb3QwHhcNMDcwNzE3MTUxNzQ5WhcNMTIwNzE3MTUxNjU1WjBjMQsw
-CQYDVQQGEwJNWTEbMBkGA1UEChMSRGlnaWNlcnQgU2RuLiBCaGQuMREwDwYDVQQL
-Ewg0NTc2MDgtSzEkMCIGA1UEAxMbRGlnaXNpZ24gU2VydmVyIElEIChFbnJpY2gp
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtqGRLTYfHhFm5+5BGoKaJwPH+
-1dpUgjcNmStFJgroVrB/yqj0jkeEAYIp47NqtZHz+5WFvHKoZOgKQJzF9HGue3tq
-B+qQFE+Nia+Uq7IG1AJqe5gfWbk6zVT6IN+yKgrpuN1pkMAp007Ql+1mzMUZSQZ/
-+l4sfHuFGzJC33uVJQIDAQABo4IBeDCCAXQwEgYDVR0TAQH/BAgwBgEB/wIBADBc
-BgNVHSAEVTBTMEgGCSsGAQQBsT4BADA7MDkGCCsGAQUFBwIBFi1odHRwOi8vY3li
-ZXJ0cnVzdC5vbW5pcm9vdC5jb20vcmVwb3NpdG9yeS5jZm0wBwYFYINKAQEwDgYD
-VR0PAQH/BAQDAgHmMIGJBgNVHSMEgYEwf6F5pHcwdTELMAkGA1UEBhMCVVMxGDAW
-BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
-U29sdXRpb25zLCBJbmMuMSMwIQYDVQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwg
-Um9vdIICAaUwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1
-c3QuY29tL2NnaS1iaW4vQ1JMLzIwMTgvY2RwLmNybDAdBgNVHQ4EFgQUxhaTThYX
-7BaujJR284ZtxXRuhHcwDQYJKoZIhvcNAQEFBQADgYEAdgB7pngrZh2OXjbGpI4F
-8iOSfJNn0/TACn2LLdnq1W8a8+FKKVoihE1QL0sM8v+FwntV1ESCvm2sZ468tB+S
-nFGAGhT2bqthiAutHH/3S1BR1mUbpkdxFV6wcfM1FPI3vWPI1fCTWjRf2D3oXffF
-HsDlzx+GJKk8B2bNwdI2Y1k=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            07:ff:ff:ff:ff:ff
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
-#        Validity
-#            Not Before: Jul 17 15:17:49 2007 GMT
-#            Not After : Jul 17 15:16:55 2012 GMT
-#        Subject: C=MY, O=Digicert Sdn. Bhd., OU=457608-K, CN=Digisign Server ID (Enrich)
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (1024 bit)
-#                Modulus:
-#                    00:ad:a8:64:4b:4d:87:c7:84:59:b9:fb:90:46:a0:
-#                    a6:89:c0:f1:fe:d5:da:54:82:37:0d:99:2b:45:26:
-#                    0a:e8:56:b0:7f:ca:a8:f4:8e:47:84:01:82:29:e3:
-#                    b3:6a:b5:91:f3:fb:95:85:bc:72:a8:64:e8:0a:40:
-#                    9c:c5:f4:71:ae:7b:7b:6a:07:ea:90:14:4f:8d:89:
-#                    af:94:ab:b2:06:d4:02:6a:7b:98:1f:59:b9:3a:cd:
-#                    54:fa:20:df:b2:2a:0a:e9:b8:dd:69:90:c0:29:d3:
-#                    4e:d0:97:ed:66:cc:c5:19:49:06:7f:fa:5e:2c:7c:
-#                    7b:85:1b:32:42:df:7b:95:25
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:0
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.6334.1.0
-#                  CPS: http://cybertrust.omniroot.com/repository.cfm
-#                Policy: 2.16.458.1.1
-#
-#            X509v3 Key Usage: critical
-#                Digital Signature, Non Repudiation, Key Encipherment, Certificate Sign, CRL Sign
-#            X509v3 Authority Key Identifier: 
-#                DirName:/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
-#                serial:01:A5
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl
-#
-#            X509v3 Subject Key Identifier: 
-#                C6:16:93:4E:16:17:EC:16:AE:8C:94:76:F3:86:6D:C5:74:6E:84:77
-#    Signature Algorithm: sha1WithRSAEncryption
-#         76:00:7b:a6:78:2b:66:1d:8e:5e:36:c6:a4:8e:05:f2:23:92:
-#         7c:93:67:d3:f4:c0:0a:7d:8b:2d:d9:ea:d5:6f:1a:f3:e1:4a:
-#         29:5a:22:84:4d:50:2f:4b:0c:f2:ff:85:c2:7b:55:d4:44:82:
-#         be:6d:ac:67:8e:bc:b4:1f:92:9c:51:80:1a:14:f6:6e:ab:61:
-#         88:0b:ad:1c:7f:f7:4b:50:51:d6:65:1b:a6:47:71:15:5e:b0:
-#         71:f3:35:14:f2:37:bd:63:c8:d5:f0:93:5a:34:5f:d8:3d:e8:
-#         5d:f7:c5:1e:c0:e5:cf:1f:86:24:a9:3c:07:66:cd:c1:d2:36:
-#         63:59
-
-[p11-kit-object-v1]
-label: "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYnk9A0GQJJZxxqzNdEO
-TCoz+fivyp5/7rmnbWD0VOhv1ZvzG2MxBGhy0TQWjLQXLJfec8XYkBWgGiv1y7NI
-hkTwHYhMzkFCGu/1DN7+QNo5IPcGVTpqnUbB0m+lsshXPimjnODphXdm6JinJH6+
-wFkg5URvtlfYvs7CZXdYxmFB0XQEyH9JQsVyqXIW7ozdEl20StTRr1C32Kp1dmit
-Pl2qMG1hqKsQWz4TvzPgr0SdOCJb70wvpnEmFSbKKIzZ+o6OqaIUNeKbJIi09H+F
-nYNPB6G2FJA2xDQcjSZhbRNveL7ojyfHS4SWo4ZoDCO+C+yMlACpBIoTkPffhWwM
-sQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYnk9A0GQJJZxxqzNdEO
-TCoz+fivyp5/7rmnbWD0VOhv1ZvzG2MxBGhy0TQWjLQXLJfec8XYkBWgGiv1y7NI
-hkTwHYhMzkFCGu/1DN7+QNo5IPcGVTpqnUbB0m+lsshXPimjnODphXdm6JinJH6+
-wFkg5URvtlfYvs7CZXdYxmFB0XQEyH9JQsVyqXIW7ozdEl20StTRr1C32Kp1dmit
-Pl2qMG1hqKsQWz4TvzPgr0SdOCJb70wvpnEmFSbKKIzZ+o6OqaIUNeKbJIi09H+F
-nYNPB6G2FJA2xDQcjSZhbRNveL7ojyfHS4SWo4ZoDCO+C+yMlACpBIoTkPffhWwM
-sQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIE0DCCA7igAwIBAgIGB///////MA0GCSqGSIb3DQEBBQUAMIG0MRQwEgYDVQQK
-EwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4
-IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5
-OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2Vy
-dGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMB4XDTEwMDcxNjE3MjMzOFoXDTE1
-MDcxNjE3NTMzOFowZTELMAkGA1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNk
-bi4gQmhkLjERMA8GA1UECxMINDU3NjA4LUsxJjAkBgNVBAMTHURpZ2lzaWduIFNl
-cnZlciBJRCAtIChFbnJpY2gpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAxYnk9A0GQJJZxxqzNdEOTCoz+fivyp5/7rmnbWD0VOhv1ZvzG2MxBGhy0TQW
-jLQXLJfec8XYkBWgGiv1y7NIhkTwHYhMzkFCGu/1DN7+QNo5IPcGVTpqnUbB0m+l
-sshXPimjnODphXdm6JinJH6+wFkg5URvtlfYvs7CZXdYxmFB0XQEyH9JQsVyqXIW
-7ozdEl20StTRr1C32Kp1dmitPl2qMG1hqKsQWz4TvzPgr0SdOCJb70wvpnEmFSbK
-KIzZ+o6OqaIUNeKbJIi09H+FnYNPB6G2FJA2xDQcjSZhbRNveL7ojyfHS4SWo4Zo
-DCO+C+yMlACpBIoTkPffhWwMsQIDAQABo4IBNDCCATAwDgYDVR0PAQH/BAQDAgEG
-MBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUF
-BwMCBggrBgEFBQcDBDAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6
-Ly9vY3NwLmVudHJ1c3QubmV0MEQGA1UdIAQ9MDswOQYFYINKAQEwMDAuBggrBgEF
-BQcCARYiaHR0cDovL3d3dy5kaWdpY2VydC5jb20ubXkvY3BzLmh0bTAyBgNVHR8E
-KzApMCegJaAjhiFodHRwOi8vY3JsLmVudHJ1c3QubmV0LzIwNDhjYS5jcmwwEQYD
-VR0OBAoECExOzCUoAymBMB8GA1UdIwQYMBaAFFXkgdERgL7YibkIozH5oSQJFrlw
-MA0GCSqGSIb3DQEBBQUAA4IBAQCXTO9KOkmscvwwIGu0KVunxZUEkPky1cKFat4D
-oTf5iQCwWqxVfttDNf/JAfhRvswmyshqpMRUPiYe5wyjzZdnlN2mQutczY85eWsz
-eSEGefqCRBWZzMG3OdNGYnyycOtvziCqPhm36XSCnLSlS01hADfkh9LyFDpkfLip
-e2HgkyLn1Z8+R+Y2dqBT2AADOg+1M/6WytPSgjou3ddI4eSnacwc6ZlK58pwRdcL
-Bw6adRvQL5Jv9qQHw70cS6aEtn2omqnSpynxC1dpHpdXJuwrQ6zURYMFAOnj8EZA
-B/rqsVFzkxyl3VMRN8gqpxUnHbSqzH+qMTD8uEWfSAntEOLF
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            07:ff:ff:ff:ff:ff
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
-#        Validity
-#            Not Before: Jul 16 17:23:38 2010 GMT
-#            Not After : Jul 16 17:53:38 2015 GMT
-#        Subject: C=MY, O=Digicert Sdn. Bhd., OU=457608-K, CN=Digisign Server ID - (Enrich)
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:c5:89:e4:f4:0d:06:40:92:59:c7:1a:b3:35:d1:
-#                    0e:4c:2a:33:f9:f8:af:ca:9e:7f:ee:b9:a7:6d:60:
-#                    f4:54:e8:6f:d5:9b:f3:1b:63:31:04:68:72:d1:34:
-#                    16:8c:b4:17:2c:97:de:73:c5:d8:90:15:a0:1a:2b:
-#                    f5:cb:b3:48:86:44:f0:1d:88:4c:ce:41:42:1a:ef:
-#                    f5:0c:de:fe:40:da:39:20:f7:06:55:3a:6a:9d:46:
-#                    c1:d2:6f:a5:b2:c8:57:3e:29:a3:9c:e0:e9:85:77:
-#                    66:e8:98:a7:24:7e:be:c0:59:20:e5:44:6f:b6:57:
-#                    d8:be:ce:c2:65:77:58:c6:61:41:d1:74:04:c8:7f:
-#                    49:42:c5:72:a9:72:16:ee:8c:dd:12:5d:b4:4a:d4:
-#                    d1:af:50:b7:d8:aa:75:76:68:ad:3e:5d:aa:30:6d:
-#                    61:a8:ab:10:5b:3e:13:bf:33:e0:af:44:9d:38:22:
-#                    5b:ef:4c:2f:a6:71:26:15:26:ca:28:8c:d9:fa:8e:
-#                    8e:a9:a2:14:35:e2:9b:24:88:b4:f4:7f:85:9d:83:
-#                    4f:07:a1:b6:14:90:36:c4:34:1c:8d:26:61:6d:13:
-#                    6f:78:be:e8:8f:27:c7:4b:84:96:a3:86:68:0c:23:
-#                    be:0b:ec:8c:94:00:a9:04:8a:13:90:f7:df:85:6c:
-#                    0c:b1
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:0
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, TLS Web Client Authentication, E-mail Protection
-#            Authority Information Access: 
-#                OCSP - URI:http://ocsp.entrust.net
-#
-#            X509v3 Certificate Policies: 
-#                Policy: 2.16.458.1.1
-#                  CPS: http://www.digicert.com.my/cps.htm
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.entrust.net/2048ca.crl
-#
-#            X509v3 Subject Key Identifier: 
-#                4C:4E:CC:25:28:03:29:81
-#            X509v3 Authority Key Identifier: 
-#                keyid:55:E4:81:D1:11:80:BE:D8:89:B9:08:A3:31:F9:A1:24:09:16:B9:70
-#
-#    Signature Algorithm: sha1WithRSAEncryption
-#         97:4c:ef:4a:3a:49:ac:72:fc:30:20:6b:b4:29:5b:a7:c5:95:
-#         04:90:f9:32:d5:c2:85:6a:de:03:a1:37:f9:89:00:b0:5a:ac:
-#         55:7e:db:43:35:ff:c9:01:f8:51:be:cc:26:ca:c8:6a:a4:c4:
-#         54:3e:26:1e:e7:0c:a3:cd:97:67:94:dd:a6:42:eb:5c:cd:8f:
-#         39:79:6b:33:79:21:06:79:fa:82:44:15:99:cc:c1:b7:39:d3:
-#         46:62:7c:b2:70:eb:6f:ce:20:aa:3e:19:b7:e9:74:82:9c:b4:
-#         a5:4b:4d:61:00:37:e4:87:d2:f2:14:3a:64:7c:b8:a9:7b:61:
-#         e0:93:22:e7:d5:9f:3e:47:e6:36:76:a0:53:d8:00:03:3a:0f:
-#         b5:33:fe:96:ca:d3:d2:82:3a:2e:dd:d7:48:e1:e4:a7:69:cc:
-#         1c:e9:99:4a:e7:ca:70:45:d7:0b:07:0e:9a:75:1b:d0:2f:92:
-#         6f:f6:a4:07:c3:bd:1c:4b:a6:84:b6:7d:a8:9a:a9:d2:a7:29:
-#         f1:0b:57:69:1e:97:57:26:ec:2b:43:ac:d4:45:83:05:00:e9:
-#         e3:f0:46:40:07:fa:ea:b1:51:73:93:1c:a5:dd:53:11:37:c8:
-#         2a:a7:15:27:1d:b4:aa:cc:7f:aa:31:30:fc:b8:45:9f:48:09:
-#         ed:10:e2:c5
+#         d1:49:57:e0:a7:cc:68:58:ba:01:0f:2b:19:cd:8d:b0:61:45:
+#         ac:11:ed:63:50:69:f8:1f:7f:be:16:8f:fd:9d:eb:0b:aa:32:
+#         47:76:d2:67:24:ed:bd:7c:33:32:97:2a:c7:05:86:66:0d:17:
+#         7d:14:15:1b:d4:eb:fd:1f:9a:f6:5e:97:69:b7:1a:25:a4:0a:
+#         b3:91:3f:5f:36:ac:8b:ec:57:a8:3e:e7:81:8a:18:57:39:85:
+#         74:1a:42:c7:e9:5b:13:5f:8f:f9:08:e9:92:74:8d:f5:47:d2:
+#         ab:3b:d6:fb:78:66:4e:36:7d:f9:e9:92:e9:04:de:fd:49:63:
+#         fc:6d:fb:14:71:93:67:2f:47:4a:b7:b9:ff:1e:2a:73:70:46:
+#         30:bf:5a:f2:2f:79:a5:e1:8d:0c:d9:f9:b2:63:37:8c:37:65:
+#         85:70:6a:5c:5b:09:72:b9:ad:63:3c:b1:dd:f8:fc:32:bf:37:
+#         86:e4:bb:8e:98:27:7e:ba:1f:16:e1:70:11:f2:03:df:25:62:
+#         32:27:26:18:32:84:9f:ff:00:3a:13:ba:9a:4d:f4:4f:b8:14:
+#         70:22:b1:ca:2b:90:ce:29:c1:70:f4:2f:9d:7f:f2:90:1e:d6:
+#         5a:df:b7:46:fc:e6:86:fa:cb:e0:20:76:7a:ba:a6:cb:f5:7c:
+#         de:62:a5:b1:8b:ee:de:82:66:8a:4e:3a:30:1f:3f:80:cb:ad:
+#         27:ba:0c:5e:d7:d0:b1:56:ca:77:71:b2:b5:75:a1:50:a9:40:
+#         43:17:c2:28:d9:cf:52:8b:5b:c8:63:d4:42:3e:a0:33:7a:46:
+#         2e:f7:0a:20:46:54:7e:6a:4f:31:f1:81:7e:42:74:38:65:73:
+#         27:ee:c6:7c:b8:8e:d7:a5:3a:d7:98:a1:9c:8c:10:55:d3:db:
+#         4b:ec:40:90:f2:cd:6e:57:d2:62:0e:7c:57:93:b1:a7:6d:cd:
+#         9d:83:bb:2a:e7:e5:b6:3b:71:58:ad:fd:d1:45:bc:5a:91:ee:
+#         53:15:6f:d3:45:09:75:6e:ba:90:5d:1e:04:cf:37:df:1e:a8:
+#         66:b1:8c:e6:20:6a:ef:fc:48:4e:74:98:42:af:29:6f:2e:6a:
+#         c7:fb:7d:d1:66:31:22:cc:86:00:7e:66:83:0c:42:f4:bd:34:
+#         92:c3:1a:ea:4f:ca:7e:72:4d:0b:70:8c:a6:48:bb:a6:a1:14:
+#         f6:fb:58:44:99:14:ae:aa:0b:93:69:a0:29:25:4a:a5:cb:2b:
+#         dd:8a:66:07:16:78:15:57:71:1b:ec:f5:47:84:f3:9e:31:37:
+#         7a:d5:7f:24:ad:e4:bc:fd:fd:cc:6e:83:e8:0c:a8:b7:41:6c:
+#         07:dd:bd:3c:86:97:2f:d2
 
 [p11-kit-object-v1]
 label: "GeoTrust Global CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD99BcjGlZ+W988
@@ -11020,113 +7328,11 @@ hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
 #         b4:d1:e3:51:2b:5e:75:e8:d5:d0:dc:4f:34:ed:c2:05:66:80:
 #         a1:cb:e6:33
 
-[p11-kit-object-v1]
-label: "GeoTrust Global CA 2"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7zxNQD0Q3ztTAOFn/pRg
-FT6FiPGJDZDIKCOZBegrIJ3G82BG2MGy1Ywx2dwgeSSBvzUy/GNp27Eqa+4hWPII
-6XjLb8v8FlLIkcT/PXPesT6nwn1mwfV+UiQa4tVnkdCCENd4S08rQjm9ZC1AoLAQ
-0zhIRoihDLs6MypimPsAnRNZf287cqrupg+G+QVh6md/DDeWi+ZpFkcRwidZA7Om
-YMIhQFb6oMd9OhPj7FfHs9aunYmA9wHnLPaWKxMNeSzZwOSGe0uMDHKCivsXzQBs
-OhM8sISHSxZ6KbJP2x3UC/NmN73Y9le7XiR6uDyLufqSGhqEnth0j6obf170/kUi
-IQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "GeoTrust Global CA 2"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bA==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1 (0x1)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust Global CA 2
-#        Validity
-#            Not Before: Mar  4 05:00:00 2004 GMT
-#            Not After : Mar  4 05:00:00 2019 GMT
-#        Subject: C=US, O=GeoTrust Inc., CN=GeoTrust Global CA 2
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:ef:3c:4d:40:3d:10:df:3b:53:00:e1:67:fe:94:
-#                    60:15:3e:85:88:f1:89:0d:90:c8:28:23:99:05:e8:
-#                    2b:20:9d:c6:f3:60:46:d8:c1:b2:d5:8c:31:d9:dc:
-#                    20:79:24:81:bf:35:32:fc:63:69:db:b1:2a:6b:ee:
-#                    21:58:f2:08:e9:78:cb:6f:cb:fc:16:52:c8:91:c4:
-#                    ff:3d:73:de:b1:3e:a7:c2:7d:66:c1:f5:7e:52:24:
-#                    1a:e2:d5:67:91:d0:82:10:d7:78:4b:4f:2b:42:39:
-#                    bd:64:2d:40:a0:b0:10:d3:38:48:46:88:a1:0c:bb:
-#                    3a:33:2a:62:98:fb:00:9d:13:59:7f:6f:3b:72:aa:
-#                    ee:a6:0f:86:f9:05:61:ea:67:7f:0c:37:96:8b:e6:
-#                    69:16:47:11:c2:27:59:03:b3:a6:60:c2:21:40:56:
-#                    fa:a0:c7:7d:3a:13:e3:ec:57:c7:b3:d6:ae:9d:89:
-#                    80:f7:01:e7:2c:f6:96:2b:13:0d:79:2c:d9:c0:e4:
-#                    86:7b:4b:8c:0c:72:82:8a:fb:17:cd:00:6c:3a:13:
-#                    3c:b0:84:87:4b:16:7a:29:b2:4f:db:1d:d4:0b:f3:
-#                    66:37:bd:d8:f6:57:bb:5e:24:7a:b8:3c:8b:b9:fa:
-#                    92:1a:1a:84:9e:d8:74:8f:aa:1b:7f:5e:f4:fe:45:
-#                    22:21
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Subject Key Identifier: 
-#                71:38:36:F2:02:31:53:47:2B:6E:BA:65:46:A9:10:15:58:20:05:09
-#            X509v3 Authority Key Identifier: 
-#                keyid:71:38:36:F2:02:31:53:47:2B:6E:BA:65:46:A9:10:15:58:20:05:09
-#
-#            X509v3 Key Usage: critical
-#                Digital Signature, Certificate Sign, CRL Sign
-#    Signature Algorithm: sha1WithRSAEncryption
-#         03:f7:b5:2b:ab:5d:10:fc:7b:b2:b2:5e:ac:9b:0e:7e:53:78:
-#         59:3e:42:04:fe:75:a3:ad:ac:81:4e:d7:02:8b:5e:c4:2d:c8:
-#         52:76:c7:2c:1f:fc:81:32:98:d1:4b:c6:92:93:33:35:31:2f:
-#         fc:d8:1d:44:dd:e0:81:7f:9d:e9:8b:e1:64:91:62:0b:39:08:
-#         8c:ac:74:9d:59:d9:7a:59:52:97:11:b9:16:7b:6f:45:d3:96:
-#         d9:31:7d:02:36:0f:9c:3b:6e:cf:2c:0d:03:46:45:eb:a0:f4:
-#         7f:48:44:c6:08:40:cc:de:1b:70:b5:29:ad:ba:8b:3b:34:65:
-#         75:1b:71:21:1d:2c:14:0a:b0:96:95:b8:d6:ea:f2:65:fb:29:
-#         ba:4f:ea:91:93:74:69:b6:f2:ff:e1:1a:d0:0c:d1:76:85:cb:
-#         8a:25:bd:97:5e:2c:6f:15:99:26:e7:b6:29:ff:22:ec:c9:02:
-#         c7:56:00:cd:49:b9:b3:6c:7b:53:04:1a:e2:a8:c9:aa:12:05:
-#         23:c2:ce:e7:bb:04:02:cc:c0:47:a2:e4:c4:29:2f:5b:45:57:
-#         89:51:ee:3c:eb:52:08:ff:07:35:1e:9f:35:6a:47:4a:56:98:
-#         d1:5a:85:1f:8c:f5:22:bf:ab:ce:83:f3:e2:22:29:ae:7d:83:
-#         40:a8:ba:6c
-
 [p11-kit-object-v1]
 label: "GeoTrust Primary Certification Authority - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEFbHo/QMVQ+Ws64c3EWLv0oM2Un1FVwtK
@@ -11199,7 +7405,7 @@ rD6ogRLQy7rQkgu2npaqBA+K
 label: "GeoTrust Primary Certification Authority - G3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OJeYlgdM1c5MjP668uH
@@ -11402,7 +7608,7 @@ AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk=
 label: "GeoTrust Universal CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAphVVoKPG4B+MnSFQ18G+
@@ -11550,7 +7756,7 @@ bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
 label: "GeoTrust Universal CA 2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs1RSwck+8tncsVMaWSnn
@@ -11698,7 +7904,7 @@ QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
 label: "GlobalSign ECC Root CA - R4"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ
@@ -11762,7 +7968,7 @@ ewv4n4Q=
 label: "GlobalSign ECC Root CA - R5"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc
@@ -11832,7 +8038,7 @@ xwy8p2Fp8fc74SrL+SvzZpA3
 label: "GlobalSign Root CA - R2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps8kDr4ubyiZRULEqz4h
@@ -11941,7 +8147,7 @@ TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
 label: "GlobalSign Root CA - R3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCV2kHkGeCIW9cCDtoTK
@@ -12041,7 +8247,7 @@ WD9f
 label: "GlobalSign Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g7mmY3Oo+NPin778YuD
@@ -12141,7 +8347,7 @@ HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
 label: "Global Chambersign Root - 2008"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwN9W0+Q6m3ZFtBPb/8G2
@@ -12306,7 +8512,7 @@ v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
 label: "Go Daddy Class 2 CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEA3p3X6lcYSaFb69dfSIbq
@@ -12411,7 +8617,7 @@ ReYNnyicsbkqWletNw+vHX/bvZ8=
 label: "Go Daddy Root Certificate Authority - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3FiCPH6WTT3G8kYo/eA
@@ -12584,7 +8790,7 @@ TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR
 label: "Hellenic Academic and Research Institutions RootCA 2011"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVMA4y6m9o76YNgtlT74
@@ -13381,7 +9587,7 @@ GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
 label: "Izenpe.com"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAydN6yg8erKeG6BZlarHC
@@ -13683,107 +9889,6 @@ oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr
 #         e8:85:55:dc:36:2a:e1:94:68:93:c7:66:72:44:0f:80:21:32:
 #         6c:25:c7:23:80:83:0a:eb
 
-[p11-kit-object-v1]
-label: "MD5 Collisions Forged Rogue CA 25c3"
-class: x-certificate-extension
-object-id: 1.3.6.1.4.1.3319.6.10.1
-value: "0.%06%0a%2b%06%01%04%01%99w%06%0a%01%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6plnJLCjWKrD47Z9GpKQ37g4Z
-aFnRswOZUdYWml43axXgDkv1hGT4o9tBbzXVmxUf28Q4UnCBl16PoLX3fjnwMqwe
-rUTSs/pIw86Rm+z0nHzhWvXIN2uag97nyiCXMUJzFZFo9Iiv+SgoxekPc7AXSxNM
-mXXQROZ+CGwa8k8bQQIDAQAB
------END PUBLIC KEY-----
-[p11-kit-object-v1]
-label: "MD5 Collisions Forged Rogue CA 25c3"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%18%06%03U%1d%25%01%01%ff%04%0e0%0c%06%0a%2b%06%01%04%01%99w%06%0a%10"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6plnJLCjWKrD47Z9GpKQ37g4Z
-aFnRswOZUdYWml43axXgDkv1hGT4o9tBbzXVmxUf28Q4UnCBl16PoLX3fjnwMqwe
-rUTSs/pIw86Rm+z0nHzhWvXIN2uag97nyiCXMUJzFZFo9Iiv+SgoxekPc7AXSxNM
-mXXQROZ+CGwa8k8bQQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "MD5 Collisions Forged Rogue CA 25c3"
-x-distrusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEMjCCA5ugAwIBAgIBQjANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEc
-MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBT
-ZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTA0MDczMTAwMDAwMVoXDTA0
-MDkwMjAwMDAwMVowPDE6MDgGA1UEAxMxTUQ1IENvbGxpc2lvbnMgSW5jLiAoaHR0
-cDovL3d3dy5waHJlZWRvbS5vcmcvbWQ1KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
-gYkCgYEAuqZZySwo1iqw+O2fRqSkN+4OGWhZ0bMDmVHWFppeN2sV4A5L9YRk+KPb
-QW811ZsVH9vEOFJwgZdej6C193458DKsHq1E0rP6SMPOkZvs9Jx84Vr1yDdrmoPe
-58oglzFCcxWRaPSIr/koKMXpD3OwF0sTTJl10ETmfghsGvJPG0ECAwEAAaOCAiQw
-ggIgMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSnBGAf
-q3JDCMV/CJBVVhzWzuY46zAfBgNVHSMEGDAWgBS+qKB0clBrRLfJI9j7qP+zV2to
-bDCCAb4GCWCGSAGG+EIBDQSCAa8WggGrMwAAACdeOeCJYQ9Oo8VFCza7AdFTqsMI
-j2/4Tz6Hh0QR3GDg35JV+bhzG1STxZ/QRsRgtjVizbmvHKhpGslbPJY3wO1n77v+
-wIucUC8pvYMino4I+qwTcKJYf2JiihH3ifbftmdZcxb7YxaKtJE4zi71tr5MpJRJ
-5GURCkIVycEw4mnVRX2lJru5YexiZPA54ee8aNhQUZ4dYNPRo6cK+AMgoXABF5E2
-TwJwMYaD3fcP2AcdEbMTBKXc8K5QsSgOY2kqDIJvj0cz32yiBpLxT0W+2TA2oyuM
-1neuNWN/Tkyak0g22Z8CAwEAAaOBvTCBujAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0O
-BBYEFM2mg/qlYDf3ljcXKd5BePGHiVXnMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6
-Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybHMvZ2xvYmFsY2ExLmNybDAfBgNVHSMEGDAW
-gBS+qKB0clBrRLfJI9j7qP+zV2tobDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
-BQUHAwIwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQCnIQKN0Q6igHcl
-/UNgFY/s75BH1IRCFSYRHM3CPBApqbbfq1d1kdrlK7OQRRwwY1Y/itlQ+u1YbMBl
-rGZX3hzGdjv1AA6ORc5/TJDsK8bNs7SPYtD+t8UmckTt9phbrsvRlfXaCL5oRrF1
-yOwdjx56lPGqU3iiRa5U6tGedMh2Zw==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 66 (0x42)
-#    Signature Algorithm: md5WithRSAEncryption
-#        Issuer: C=US, O=Equifax Secure Inc., CN=Equifax Secure Global eBusiness CA-1
-#        Validity
-#            Not Before: Jul 31 00:00:01 2004 GMT
-#            Not After : Sep  2 00:00:01 2004 GMT
-#        Subject: CN=MD5 Collisions Inc. (http://www.phreedom.org/md5)
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (1024 bit)
-#                Modulus:
-#                    00:ba:a6:59:c9:2c:28:d6:2a:b0:f8:ed:9f:46:a4:
-#                    a4:37:ee:0e:19:68:59:d1:b3:03:99:51:d6:16:9a:
-#                    5e:37:6b:15:e0:0e:4b:f5:84:64:f8:a3:db:41:6f:
-#                    35:d5:9b:15:1f:db:c4:38:52:70:81:97:5e:8f:a0:
-#                    b5:f7:7e:39:f0:32:ac:1e:ad:44:d2:b3:fa:48:c3:
-#                    ce:91:9b:ec:f4:9c:7c:e1:5a:f5:c8:37:6b:9a:83:
-#                    de:e7:ca:20:97:31:42:73:15:91:68:f4:88:af:f9:
-#                    28:28:c5:e9:0f:73:b0:17:4b:13:4c:99:75:d0:44:
-#                    e6:7e:08:6c:1a:f2:4f:1b:41
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: 
-#                Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Subject Key Identifier: 
-#                A7:04:60:1F:AB:72:43:08:C5:7F:08:90:55:56:1C:D6:CE:E6:38:EB
-#            X509v3 Authority Key Identifier: 
-#                keyid:BE:A8:A0:74:72:50:6B:44:B7:C9:23:D8:FB:A8:FF:B3:57:6B:68:6C
-#
-#            Netscape Comment: 
-#                3
-#    Signature Algorithm: md5WithRSAEncryption
-#         a7:21:02:8d:d1:0e:a2:80:77:25:fd:43:60:15:8f:ec:ef:90:
-#         47:d4:84:42:15:26:11:1c:cd:c2:3c:10:29:a9:b6:df:ab:57:
-#         75:91:da:e5:2b:b3:90:45:1c:30:63:56:3f:8a:d9:50:fa:ed:
-#         58:6c:c0:65:ac:66:57:de:1c:c6:76:3b:f5:00:0e:8e:45:ce:
-#         7f:4c:90:ec:2b:c6:cd:b3:b4:8f:62:d0:fe:b7:c5:26:72:44:
-#         ed:f6:98:5b:ae:cb:d1:95:f5:da:08:be:68:46:b1:75:c8:ec:
-#         1d:8f:1e:7a:94:f1:aa:53:78:a2:45:ae:54:ea:d1:9e:74:c8:
-#         76:67
-
 [p11-kit-object-v1]
 label: "MITM subCA 1 issued by Trustwave"
 class: certificate
@@ -13808,7 +9913,7 @@ x-distrusted: true
 label: "Microsec e-Szigno Root CA 2009"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fiP82Ot2obYp+BC+8+R
@@ -13916,7 +10021,7 @@ HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
 label: "NetLock Arany (Class Gold) Főtanúsítvány"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCRec75LbRTDofTjl5Bu
@@ -14231,7 +10336,7 @@ Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
 label: "OISTE WISeKey Global Root GB CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3HEokKtaXscriHvt9
@@ -14703,202 +10808,11 @@ j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx
 #         0b:b0:00:21:25:ef:8f:a7:04:26:71:e2:7c:69:e5:5d:9a:f8:
 #         41:1f:3b:39:93:93:9d:55:ea:cd:8d:f1:fb:c1
 
-[p11-kit-object-v1]
-label: "PSCProcert"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1bf0o5QzoUapVWFJDaiH
-c16RLXDBBhqU2j3sFULB9Yyuahfxiq38gJXqg0SiW3pVzk+npdW6uB+gJ8BQUz6N
-ucAOuBXc1mz4nvgEJd+AjxCF3X0ve4DdVwBkI/huyb6VT+F17OB+XpXNse++ekLY
-ySzT6xoaIou3fwaJ5Tz1EsC70wuZX5B8ji0vdzOSSiFGqKkIrPH2EQLZlRaejS+W
-5gLddcIUKlrWyX0lwsH8qmeF4uy+0Xw8+q/Vbv9TQdT1Mjix4l/E+Y4Q7wapAon/
-4wxul+Dfndsh0PQ+CGls2NTkNviDtrI2j5zvOjcWfb+iadc7W3LQr6o/XGaTrAoi
-YbbSoJnIVJNdqLbRvV0KXneUoi3Ago68ygMqNK5z8dS1DL2+Z5tU6+H6oFrsOH4+
-wcyix0Qxdeo/5QfSq6Ellvbm5KBdNxg5YQAzXUbUAMS0yjzxoqM+8zr/aTAuQN32
-n5wmyZY3rec5or/qadtVIpVTKpS1360WOIF1ZuPHLBuTnKqMo8rZbDwXbZzcfFPg
-ICdDNvkS4TxcvWa/omkjOLiZYJkOVlM6nH4UjLAGb/GGdpCv/a/+kMaPn3+LkiOc
-5xV2j9WLlBNyafsrYWOI7+akXuajF2pYR8txTxQLXsgCCCaiy+mva4oZx8sUVvXh
-2rXZ/L9zONr5569upDfiBycCAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "PSCProcert"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
-YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
-dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
-aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
-IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
-KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
-MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
-b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
-KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
-A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
-aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
-7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
-BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
-ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
-JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
-PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
-0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
-6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
-v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
-K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
-bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
-MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
-MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
-gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
-b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
-bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
-cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
-ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
-ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
-hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
-AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
-MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
-RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
-UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
-cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
-AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
-AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
-1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
-3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
-Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
-HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
-pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
-sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
-qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
-mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
-opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
-YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 11 (0xb)
-#    Signature Algorithm: sha256WithRSAEncryption
-#        Issuer: CN=Autoridad de Certificacion Raiz del Estado Venezolano, C=VE, L=Caracas, ST=Distrito Capital, O=Sistema Nacional de Certificacion Electronica, OU=Superintendencia de Servicios de Certificacion Electronica/emailAddress=acraiz@suscerte.gob.ve
-#        Validity
-#            Not Before: Dec 28 16:51:00 2010 GMT
-#            Not After : Dec 25 23:59:59 2020 GMT
-#        Subject: emailAddress=contacto@procert.net.ve, L=Chacao, ST=Miranda, OU=Proveedor de Certificados PROCERT, O=Sistema Nacional de Certificacion Electronica, C=VE, CN=PSCProcert
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:d5:b7:f4:a3:94:33:a1:46:a9:55:61:49:0d:a8:
-#                    87:73:5e:91:2d:70:c1:06:1a:94:da:3d:ec:15:42:
-#                    c1:f5:8c:ae:6a:17:f1:8a:ad:fc:80:95:ea:83:44:
-#                    a2:5b:7a:55:ce:4f:a7:a5:d5:ba:b8:1f:a0:27:c0:
-#                    50:53:3e:8d:b9:c0:0e:b8:15:dc:d6:6c:f8:9e:f8:
-#                    04:25:df:80:8f:10:85:dd:7d:2f:7b:80:dd:57:00:
-#                    64:23:f8:6e:c9:be:95:4f:e1:75:ec:e0:7e:5e:95:
-#                    cd:b1:ef:be:7a:42:d8:c9:2c:d3:eb:1a:1a:22:8b:
-#                    b7:7f:06:89:e5:3c:f5:12:c0:bb:d3:0b:99:5f:90:
-#                    7c:8e:2d:2f:77:33:92:4a:21:46:a8:a9:08:ac:f1:
-#                    f6:11:02:d9:95:16:9e:8d:2f:96:e6:02:dd:75:c2:
-#                    14:2a:5a:d6:c9:7d:25:c2:c1:fc:aa:67:85:e2:ec:
-#                    be:d1:7c:3c:fa:af:d5:6e:ff:53:41:d4:f5:32:38:
-#                    b1:e2:5f:c4:f9:8e:10:ef:06:a9:02:89:ff:e3:0c:
-#                    6e:97:e0:df:9d:db:21:d0:f4:3e:08:69:6c:d8:d4:
-#                    e4:36:f8:83:b6:b2:36:8f:9c:ef:3a:37:16:7d:bf:
-#                    a2:69:d7:3b:5b:72:d0:af:aa:3f:5c:66:93:ac:0a:
-#                    22:61:b6:d2:a0:99:c8:54:93:5d:a8:b6:d1:bd:5d:
-#                    0a:5e:77:94:a2:2d:c0:82:8e:bc:ca:03:2a:34:ae:
-#                    73:f1:d4:b5:0c:bd:be:67:9b:54:eb:e1:fa:a0:5a:
-#                    ec:38:7e:3e:c1:cc:a2:c7:44:31:75:ea:3f:e5:07:
-#                    d2:ab:a1:25:96:f6:e6:e4:a0:5d:37:18:39:61:00:
-#                    33:5d:46:d4:00:c4:b4:ca:3c:f1:a2:a3:3e:f3:3a:
-#                    ff:69:30:2e:40:dd:f6:9f:9c:26:c9:96:37:ad:e7:
-#                    39:a2:bf:ea:69:db:55:22:95:53:2a:94:b5:df:ad:
-#                    16:38:81:75:66:e3:c7:2c:1b:93:9c:aa:8c:a3:ca:
-#                    d9:6c:3c:17:6d:9c:dc:7c:53:e0:20:27:43:36:f9:
-#                    12:e1:3c:5c:bd:66:bf:a2:69:23:38:b8:99:60:99:
-#                    0e:56:53:3a:9c:7e:14:8c:b0:06:6f:f1:86:76:90:
-#                    af:fd:af:fe:90:c6:8f:9f:7f:8b:92:23:9c:e7:15:
-#                    76:8f:d5:8b:94:13:72:69:fb:2b:61:63:88:ef:e6:
-#                    a4:5e:e6:a3:17:6a:58:47:cb:71:4f:14:0b:5e:c8:
-#                    02:08:26:a2:cb:e9:af:6b:8a:19:c7:cb:14:56:f5:
-#                    e1:da:b5:d9:fc:bf:73:38:da:f9:e7:af:6e:a4:37:
-#                    e2:07:27
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:1
-#            X509v3 Issuer Alternative Name: 
-#                DNS:suscerte.gob.ve, othername:<unsupported>
-#            X509v3 Subject Key Identifier: 
-#                41:0F:19:38:AA:99:7F:42:0B:A4:D7:27:98:54:A2:17:4C:2D:51:54
-#            X509v3 Authority Key Identifier: 
-#                keyid:AD:BB:22:1D:C6:E0:D2:01:A8:FD:76:50:52:93:ED:98:C1:4D:AE:D3
-#                DirName:/CN=Autoridad de Certificacion Raiz del Estado Venezolano/C=VE/L=Caracas/ST=Distrito Capital/O=Sistema Nacional de Certificacion Electronica/OU=Superintendencia de Servicios de Certificacion Electronica/emailAddress=acraiz@suscerte.gob.ve
-#                serial:0A
-#
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Subject Alternative Name: 
-#                DNS:procert.net.ve, othername:<unsupported>, othername:<unsupported>
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://www.suscerte.gob.ve/lcr/CERTIFICADO-RAIZ-SHA384CRLDER.crl
-#
-#                Full Name:
-#                  URI:ldap://acraiz.suscerte.gob.ve
-#
-#            Authority Information Access: 
-#                OCSP - URI:http://ocsp.suscerte.gob.ve
-#
-#            X509v3 Certificate Policies: 
-#                Policy: 2.16.862.3.1.2
-#                  CPS: http://www.suscerte.gob.ve/dpc
-#
-#    Signature Algorithm: sha256WithRSAEncryption
-#         2b:59:eb:22:99:bb:84:aa:4f:de:90:c6:d1:86:71:23:9e:4b:
-#         03:91:47:70:bb:c0:92:60:ec:e0:d4:e7:6d:c6:d3:ed:67:83:
-#         77:52:d5:f2:e5:77:a7:36:b2:e3:54:be:d9:bb:0a:9b:11:ef:
-#         61:f4:c6:99:33:99:f5:af:00:39:8d:83:bf:a6:bd:35:7e:2c:
-#         5c:31:34:6f:6c:db:f3:64:01:98:aa:94:2c:41:dd:15:86:ca:
-#         6b:29:4e:16:c0:49:fc:d7:83:48:13:07:51:84:31:52:88:bb:
-#         86:17:c7:6b:2f:8a:20:ad:c5:0b:8f:70:3e:2a:bb:1b:71:8f:
-#         b9:a4:a0:fd:d8:95:d9:af:59:bf:25:2b:98:e9:63:93:2f:60:
-#         1e:c4:aa:f8:77:f5:8b:6c:2f:ed:7e:2e:b5:4f:40:0d:ee:bc:
-#         57:77:e7:d9:b6:d4:3f:95:27:3a:20:d5:e5:ae:ab:6c:35:9f:
-#         c1:a1:1d:59:dc:84:81:ee:4d:07:e2:48:b6:9e:4b:95:2d:41:
-#         b1:e1:e8:de:7e:2f:05:1e:68:ee:bf:bb:90:65:3a:c8:ee:ea:
-#         b1:18:37:1c:62:93:a4:a0:31:ec:71:6c:91:e6:a4:79:89:5a:
-#         14:a7:14:50:05:4c:a4:00:57:30:2c:c1:b5:61:96:dc:3e:1e:
-#         84:af:39:42:cf:e5:d0:2c:b1:24:bc:df:40:c3:ed:7f:63:4a:
-#         bd:e1:4f:12:64:86:95:f3:b0:e7:c8:b7:e1:53:bd:92:e6:f3:
-#         0c:96:b9:eb:e8:e6:92:ed:a7:81:09:14:0b:fc:95:7a:cf:8f:
-#         d6:34:4f:36:12:dc:5e:d1:34:75:c6:46:80:2f:95:04:8c:c7:
-#         86:c4:a8:26:89:a8:3f:19:9b:81:bb:51:a4:4a:86:ab:0b:11:
-#         0f:b1:ae:63:53:6d:28:ea:dd:33:56:38:1c:b2:ad:80:d3:d7:
-#         72:bd:9a:6c:99:63:e8:00:bb:41:76:05:b7:5b:99:18:8a:c3:
-#         b8:12:5c:56:cf:56:0c:7d:e8:e2:cf:ed:bc:74:47:fb:ee:d3:
-#         17:4e:22:4f:56:ff:50:f3:2e:e6:39:a6:82:d6:71:ca:de:b7:
-#         d5:ba:68:08:ed:99:cc:fd:a2:92:cb:69:b8:9d:f9:0a:a4:a6:
-#         3e:4f:93:28:2a:61:6c:07:26:00:ff:96:5f:68:86:b8:b8:ce:
-#         ca:55:e0:ab:b1:3d:7f:98:d7:33:0e:5a:3d:d8:78:c2:c4:60:
-#         2f:c7:62:f0:61:91:d2:38:b0:f6:9e:55:db:40:80:05:12:33:
-#         ce:1d:92:9b:d1:69:b3:ff:bf:f1:92:0a:61:35:3f:dd:fe:86:
-#         f4:bc:e0:1a:71:b3:62:a6
-
 [p11-kit-object-v1]
 label: "QuoVadis Root CA 1 G3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoL5QEI7p8mxAtASchbkx
@@ -15044,7 +10958,7 @@ nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD
 label: "QuoVadis Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrf
@@ -15170,7 +11084,7 @@ SnQ2+Q==
 label: "QuoVadis Root CA 2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmhjKS5QNAC2vAymK8A+B
@@ -15322,7 +11236,7 @@ ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
 label: "QuoVadis Root CA 2 G3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoa4lsgEY3FeIP0br+a/i
@@ -15468,7 +11382,7 @@ WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M
 label: "QuoVadis Root CA 3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzFdCFlSc5pjT003u/u3H
@@ -15631,7 +11545,7 @@ mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
 label: "QuoVadis Root CA 3 G3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs8sOEGeO6hSXpzIqClY2
@@ -15875,6 +11789,460 @@ KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg==
 #         d1:10:20:22:39:7d:34:45:6f:71:3b:c3:1d:fc:ff:b2:4f:a8:
 #         e2:f6:30:1e
 
+[p11-kit-object-v1]
+label: "SSL.com EV Root Certification Authority ECC"
+class: x-certificate-extension
+object-id: 2.5.29.37
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
+modifiable: false
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqhJHkJgb++/DQAeDIE7xMIKiBtHykoZh
+8vYhaMoAxMfqQwBUhtz9H98AuEFiXNxwFjLeH5nUzMUHyAgfYRYHUT19XAdT4zU4
+jN/Nn9kuDUq2GS5acFoG7b7wobDK0Akp
+-----END PUBLIC KEY-----
+
+[p11-kit-object-v1]
+label: "SSL.com EV Root Certification Authority ECC"
+trusted: true
+nss-mozilla-ca-policy: true
+modifiable: false
+-----BEGIN CERTIFICATE-----
+MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx
+NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv
+bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA
+VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku
+WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX
+5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ
+ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg
+h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg==
+-----END CERTIFICATE-----
+#Certificate:
+#    Data:
+#        Version: 3 (0x2)
+#        Serial Number:
+#            2c:29:9c:5b:16:ed:05:95
+#    Signature Algorithm: ecdsa-with-SHA256
+#        Issuer: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority ECC
+#        Validity
+#            Not Before: Feb 12 18:15:23 2016 GMT
+#            Not After : Feb 12 18:15:23 2041 GMT
+#        Subject: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority ECC
+#        Subject Public Key Info:
+#            Public Key Algorithm: id-ecPublicKey
+#                Public-Key: (384 bit)
+#                pub: 
+#                    04:aa:12:47:90:98:1b:fb:ef:c3:40:07:83:20:4e:
+#                    f1:30:82:a2:06:d1:f2:92:86:61:f2:f6:21:68:ca:
+#                    00:c4:c7:ea:43:00:54:86:dc:fd:1f:df:00:b8:41:
+#                    62:5c:dc:70:16:32:de:1f:99:d4:cc:c5:07:c8:08:
+#                    1f:61:16:07:51:3d:7d:5c:07:53:e3:35:38:8c:df:
+#                    cd:9f:d9:2e:0d:4a:b6:19:2e:5a:70:5a:06:ed:be:
+#                    f0:a1:b0:ca:d0:09:29
+#                ASN1 OID: secp384r1
+#                NIST CURVE: P-384
+#        X509v3 extensions:
+#            X509v3 Subject Key Identifier: 
+#                5B:CA:5E:E5:DE:D2:81:AA:CD:A8:2D:64:51:B6:D9:72:9B:97:E6:4F
+#            X509v3 Basic Constraints: critical
+#                CA:TRUE
+#            X509v3 Authority Key Identifier: 
+#                keyid:5B:CA:5E:E5:DE:D2:81:AA:CD:A8:2D:64:51:B6:D9:72:9B:97:E6:4F
+#
+#            X509v3 Key Usage: critical
+#                Digital Signature, Certificate Sign, CRL Sign
+#    Signature Algorithm: ecdsa-with-SHA256
+#         30:65:02:31:00:8a:e6:40:89:37:eb:e9:d5:13:d9:ca:d4:6b:
+#         24:f3:b0:3d:87:46:58:1a:ec:b1:df:6f:fb:56:ba:70:6b:c7:
+#         38:cc:e8:b1:8c:4f:0f:f7:f1:67:76:0e:83:d0:1e:51:8f:02:
+#         30:3d:f6:23:28:26:4c:c6:60:87:93:26:9b:b2:35:1e:ba:d6:
+#         f7:3c:d1:1c:ce:fa:25:3c:a6:1a:81:15:5b:f3:12:0f:6c:ee:
+#         65:8a:c9:87:a8:f9:07:e0:62:9a:8c:5c:4a
+
+[p11-kit-object-v1]
+label: "SSL.com EV Root Certification Authority RSA R2"
+class: x-certificate-extension
+object-id: 2.5.29.37
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
+modifiable: false
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAQ==
+-----END PUBLIC KEY-----
+
+[p11-kit-object-v1]
+label: "SSL.com EV Root Certification Authority RSA R2"
+trusted: true
+nss-mozilla-ca-policy: true
+modifiable: false
+-----BEGIN CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy
+MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD
+DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4
+9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW
+s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5
+Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg
+cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM
+79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz
+/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt
+ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm
+Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK
+QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ
+w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi
+S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07
+mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w==
+-----END CERTIFICATE-----
+#Certificate:
+#    Data:
+#        Version: 3 (0x2)
+#        Serial Number:
+#            56:b6:29:cd:34:bc:78:f6
+#    Signature Algorithm: sha256WithRSAEncryption
+#        Issuer: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority RSA R2
+#        Validity
+#            Not Before: May 31 18:14:37 2017 GMT
+#            Not After : May 30 18:14:37 2042 GMT
+#        Subject: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority RSA R2
+#        Subject Public Key Info:
+#            Public Key Algorithm: rsaEncryption
+#                Public-Key: (4096 bit)
+#                Modulus:
+#                    00:8f:36:65:40:e1:d6:4d:c0:d7:b4:e9:46:da:6b:
+#                    ea:33:47:cd:4c:f9:7d:7d:be:bd:2d:3d:f0:db:78:
+#                    e1:86:a5:d9:ba:09:57:68:ed:57:3e:a0:d0:08:41:
+#                    83:e7:28:41:24:1f:e3:72:15:d0:01:1a:fb:5e:70:
+#                    23:b2:cb:9f:39:e3:cf:c5:4e:c6:92:6d:26:c6:7b:
+#                    bb:b3:da:27:9d:0a:86:e9:81:37:05:fe:f0:71:71:
+#                    ec:c3:1c:e9:63:a2:17:14:9d:ef:1b:67:d3:85:55:
+#                    02:02:d6:49:c9:cc:5a:e1:b1:f7:6f:32:9f:c9:d4:
+#                    3b:88:41:a8:9c:bd:cb:ab:db:6d:7b:09:1f:a2:4c:
+#                    72:90:da:2b:08:fc:cf:3c:54:ce:67:0f:a8:cf:5d:
+#                    96:19:0b:c4:e3:72:eb:ad:d1:7d:1d:27:ef:92:eb:
+#                    10:bf:5b:eb:3b:af:cf:80:dd:c1:d2:96:04:5b:7a:
+#                    7e:a4:a9:3c:38:76:a4:62:8e:a0:39:5e:ea:77:cf:
+#                    5d:00:59:8f:66:2c:3e:07:a2:a3:05:26:11:69:97:
+#                    ea:85:b7:0f:96:0b:4b:c8:40:e1:50:ba:2e:8a:cb:
+#                    f7:0f:9a:22:e7:7f:9a:37:13:cd:f2:4d:13:6b:21:
+#                    d1:c0:cc:22:f2:a1:46:f6:44:69:9c:ca:61:35:07:
+#                    00:6f:d6:61:08:11:ea:ba:b8:f6:e9:b3:60:e5:4d:
+#                    b9:ec:9f:14:66:c9:57:58:db:cd:87:69:f8:8a:86:
+#                    12:03:47:bf:66:13:76:ac:77:7d:34:24:85:83:cd:
+#                    d7:aa:9c:90:1a:9f:21:2c:7f:78:b7:64:b8:d8:e8:
+#                    a6:f4:78:b3:55:cb:84:d2:32:c4:78:ae:a3:8f:61:
+#                    dd:ce:08:53:ad:ec:88:fc:15:e4:9a:0d:e6:9f:1a:
+#                    77:ce:4c:8f:b8:14:15:3d:62:9c:86:38:06:00:66:
+#                    12:e4:59:76:5a:53:c0:02:98:a2:10:2b:68:44:7b:
+#                    8e:79:ce:33:4a:76:aa:5b:81:16:1b:b5:8a:d8:d0:
+#                    00:7b:5e:62:b4:09:d6:86:63:0e:a6:05:95:49:ba:
+#                    28:8b:88:93:b2:34:1c:d8:a4:55:6e:b7:1c:d0:de:
+#                    99:55:3b:23:f4:22:e0:f9:29:66:26:ec:20:50:77:
+#                    db:4a:0b:8f:be:e5:02:60:70:41:5e:d4:ae:50:39:
+#                    22:14:26:cb:b2:3b:73:74:55:47:07:79:81:39:a8:
+#                    30:13:44:e5:04:8a:ae:96:13:25:42:0f:b9:53:c4:
+#                    9b:fc:cd:e4:1c:de:3c:fa:ab:d6:06:4a:1f:67:a6:
+#                    98:30:1c:dd:2c:db:dc:18:95:57:66:c6:ff:5c:8b:
+#                    56:f5:77
+#                Exponent: 65537 (0x10001)
+#        X509v3 extensions:
+#            X509v3 Basic Constraints: critical
+#                CA:TRUE
+#            X509v3 Authority Key Identifier: 
+#                keyid:F9:60:BB:D4:E3:D5:34:F6:B8:F5:06:80:25:A7:73:DB:46:69:A8:9E
+#
+#            X509v3 Subject Key Identifier: 
+#                F9:60:BB:D4:E3:D5:34:F6:B8:F5:06:80:25:A7:73:DB:46:69:A8:9E
+#            X509v3 Key Usage: critical
+#                Digital Signature, Certificate Sign, CRL Sign
+#    Signature Algorithm: sha256WithRSAEncryption
+#         56:b3:8e:cb:0a:9d:49:8e:bf:a4:c4:91:bb:66:17:05:51:98:
+#         75:fb:e5:50:2c:7a:9e:f1:14:fa:ab:d3:8a:3e:ff:91:29:8f:
+#         63:8b:d8:b4:a9:54:01:0d:be:93:86:2f:f9:4a:6d:c7:5e:f5:
+#         57:f9:ca:55:1c:12:be:47:0f:36:c5:df:6a:b7:db:75:c2:47:
+#         25:7f:b9:f1:63:f8:68:2d:55:04:d1:f2:8d:b0:a4:cf:bc:3c:
+#         5e:1f:78:e7:a5:a0:20:70:b0:04:c5:b7:f7:72:a7:de:22:0d:
+#         bd:33:25:46:8c:64:92:26:e3:3e:2e:63:96:da:9b:8c:3d:f8:
+#         18:09:d7:03:cc:7d:86:82:e0:ca:04:07:51:50:d7:ff:92:d5:
+#         0c:ef:da:86:9f:99:d7:eb:b7:af:68:e2:39:26:94:ba:68:b7:
+#         bf:83:d3:ea:7a:67:3d:62:67:ae:25:e5:72:e8:e2:e4:ec:ae:
+#         12:f6:4b:2b:3c:9f:e9:b0:40:f3:38:54:b3:fd:b7:68:c8:da:
+#         c6:8f:51:3c:b2:fb:91:dc:1c:e7:9b:9d:e1:b7:0d:72:8f:e2:
+#         a4:c4:a9:78:f9:eb:14:ac:c6:43:05:c2:65:39:28:18:02:c3:
+#         82:b2:9d:05:be:65:ed:96:5f:65:74:3c:fb:09:35:2e:7b:9c:
+#         13:fd:1b:0f:5d:c7:6d:81:3a:56:0f:cc:3b:e1:af:02:2f:22:
+#         ac:46:ca:46:3c:a0:1c:4c:d6:44:b4:5e:2e:5c:15:66:09:e1:
+#         26:29:fe:c6:52:61:ba:b1:73:ff:c3:0c:9c:e5:6c:6a:94:3f:
+#         14:ca:40:16:95:84:f3:59:a9:ac:5f:4c:61:93:6d:d1:3b:cc:
+#         a2:95:0c:22:a6:67:67:44:2e:b9:d9:d2:8a:41:b3:66:0b:5a:
+#         fb:7d:23:a5:f2:1a:b0:ff:de:9b:83:94:2e:d1:3f:df:92:b7:
+#         91:af:05:3b:65:c7:a0:6c:b1:cd:62:12:c3:90:1b:e3:25:ce:
+#         34:bc:6f:77:76:b1:10:c3:f7:05:1a:c0:d6:af:74:62:48:17:
+#         77:92:69:90:61:1c:de:95:80:74:54:8f:18:1c:c3:f3:03:d0:
+#         bf:a4:43:75:86:53:18:7a:0a:2e:09:1c:36:9f:91:fd:82:8a:
+#         22:4b:d1:0e:50:25:dd:cb:03:0c:17:c9:83:00:08:4e:35:4d:
+#         8a:8b:ed:f0:02:94:66:2c:44:7f:cb:95:27:96:17:ad:09:30:
+#         ac:b6:71:17:6e:8b:17:f6:1c:09:d4:2d:3b:98:a5:71:d3:54:
+#         13:d9:60:f3:f5:4b:66:4f:fa:f1:ee:20:12:8d:b4:ac:57:b1:
+#         45:63:a1:ac:76:a9:c2:fb
+
+[p11-kit-object-v1]
+label: "SSL.com Root Certification Authority ECC"
+class: x-certificate-extension
+object-id: 2.5.29.37
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
+modifiable: false
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAERW6pUMSmIzaeXyiNF8uWImQ/3HqOHcwI
+s6JxJLqOSbkEG0eWWKstlcjtngg1yCfriYxTWOtiiv7wWw9rMVJjQTuJzezsto0Z
+0zQH3LvGBn/CRZXsy3+oI+AJ6YH680fT
+-----END PUBLIC KEY-----
+
+[p11-kit-object-v1]
+label: "SSL.com Root Certification Authority ECC"
+trusted: true
+nss-mozilla-ca-policy: true
+modifiable: false
+-----BEGIN CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz
+WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0
+b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI
+7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg
+CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud
+EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD
+VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T
+kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+
+gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl
+-----END CERTIFICATE-----
+#Certificate:
+#    Data:
+#        Version: 3 (0x2)
+#        Serial Number:
+#            75:e6:df:cb:c1:68:5b:a8
+#    Signature Algorithm: ecdsa-with-SHA256
+#        Issuer: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority ECC
+#        Validity
+#            Not Before: Feb 12 18:14:03 2016 GMT
+#            Not After : Feb 12 18:14:03 2041 GMT
+#        Subject: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority ECC
+#        Subject Public Key Info:
+#            Public Key Algorithm: id-ecPublicKey
+#                Public-Key: (384 bit)
+#                pub: 
+#                    04:45:6e:a9:50:c4:a6:23:36:9e:5f:28:8d:17:cb:
+#                    96:22:64:3f:dc:7a:8e:1d:cc:08:b3:a2:71:24:ba:
+#                    8e:49:b9:04:1b:47:96:58:ab:2d:95:c8:ed:9e:08:
+#                    35:c8:27:eb:89:8c:53:58:eb:62:8a:fe:f0:5b:0f:
+#                    6b:31:52:63:41:3b:89:cd:ec:ec:b6:8d:19:d3:34:
+#                    07:dc:bb:c6:06:7f:c2:45:95:ec:cb:7f:a8:23:e0:
+#                    09:e9:81:fa:f3:47:d3
+#                ASN1 OID: secp384r1
+#                NIST CURVE: P-384
+#        X509v3 extensions:
+#            X509v3 Subject Key Identifier: 
+#                82:D1:85:73:30:E7:35:04:D3:8E:02:92:FB:E5:A4:D1:C4:21:E8:CD
+#            X509v3 Basic Constraints: critical
+#                CA:TRUE
+#            X509v3 Authority Key Identifier: 
+#                keyid:82:D1:85:73:30:E7:35:04:D3:8E:02:92:FB:E5:A4:D1:C4:21:E8:CD
+#
+#            X509v3 Key Usage: critical
+#                Digital Signature, Certificate Sign, CRL Sign
+#    Signature Algorithm: ecdsa-with-SHA256
+#         30:64:02:30:6f:e7:eb:59:11:a4:60:cf:61:b0:96:7b:ed:05:
+#         f9:2f:13:91:dc:ed:e5:fc:50:6b:11:46:46:b3:1c:21:00:62:
+#         bb:be:c3:e7:e8:cd:07:99:f9:0d:0b:5d:72:3e:c4:aa:02:30:
+#         1f:bc:ba:0b:e2:30:24:fb:7c:6d:80:55:0a:99:3e:80:0d:33:
+#         e5:66:a3:b3:a3:bb:a5:d5:8b:8f:09:2c:a6:5d:7e:e2:f0:07:
+#         08:68:6d:d2:7c:69:6e:5f:df:e5:6a:65
+
+[p11-kit-object-v1]
+label: "SSL.com Root Certification Authority RSA"
+class: x-certificate-extension
+object-id: 2.5.29.37
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
+modifiable: false
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA+Q/doyt9y9Aq/uxnhabn
+Lhu6d+Hj9a+k7PpKXZHEV0drGHdrdvL9k+Q9D8IWngtmw1aUnheDhc5W7/IW/QBi
+9SIJVOhlF05BueBPRpeqG8i4bmJeabFf2yoCfvxsyvNB2O3Q6Pw/YUjtsAMUHRAO
+Sxngu07shmX/NvNeZwILnYZVYf16OO3+4hkAt2+hUGJ1dDyg+sglkrRueiLH+B6h
+47LdkTGrKx0E/6VKBDfphaQzK/3i1lU0fBmkSmjHsqjTt8qhk4jrwZe8jPkd2SKE
+JHTHBD1qqSmTzOu4W+H+XyWqNFjIwSNUnRuYEcM4nH49hmylD0CGfAL0XAJPKMuu
+cZ8POsgz/hElNer8usVgPdl8GNWyqdN1eANyIso6wx/vLOUuqfqeLLZRRv2vA9bq
+YGjqhRY2a4XpHsCz3cQk3IAqgUFtlD7I4MmBQQCeXr9/xQiYohgsQkCz+W84J0tO
+gPQ9gUfgiHzqHM61dVxRLhwrfxpyKOcAtdF0xtfkn60Hk7ZTNTX8N+TD9l0WviFz
+3pIK+KBjaryWkmo++LxlVZve9Q2JJgT8JRqmJWnLwm3KfOJZX5es6+8uyLzXG1k8
+K8zyGciTaydjGc/86Sb4ynGbf5P+NGeETpnr/LN4CTNwumamdu0bc+sapQ3EIhMg
+lFYKTixsTrH9z5wJuqIz7YcCAwEAAQ==
+-----END PUBLIC KEY-----
+
+[p11-kit-object-v1]
+label: "SSL.com Root Certification Authority RSA"
+trusted: true
+nss-mozilla-ca-policy: true
+modifiable: false
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz
+OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R
+xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX
+qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC
+C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3
+6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh
+/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF
+YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E
+JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc
+US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8
+ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm
++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi
+M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV
+cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc
+Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs
+PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/
+q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0
+cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr
+a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I
+H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y
+K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu
+nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf
+oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY
+Ic2wBlX7Jz9TkHCpBB5XJ7k=
+-----END CERTIFICATE-----
+#Certificate:
+#    Data:
+#        Version: 3 (0x2)
+#        Serial Number:
+#            7b:2c:9b:d3:16:80:32:99
+#    Signature Algorithm: sha256WithRSAEncryption
+#        Issuer: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA
+#        Validity
+#            Not Before: Feb 12 17:39:39 2016 GMT
+#            Not After : Feb 12 17:39:39 2041 GMT
+#        Subject: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA
+#        Subject Public Key Info:
+#            Public Key Algorithm: rsaEncryption
+#                Public-Key: (4096 bit)
+#                Modulus:
+#                    00:f9:0f:dd:a3:2b:7d:cb:d0:2a:fe:ec:67:85:a6:
+#                    e7:2e:1b:ba:77:e1:e3:f5:af:a4:ec:fa:4a:5d:91:
+#                    c4:57:47:6b:18:77:6b:76:f2:fd:93:e4:3d:0f:c2:
+#                    16:9e:0b:66:c3:56:94:9e:17:83:85:ce:56:ef:f2:
+#                    16:fd:00:62:f5:22:09:54:e8:65:17:4e:41:b9:e0:
+#                    4f:46:97:aa:1b:c8:b8:6e:62:5e:69:b1:5f:db:2a:
+#                    02:7e:fc:6c:ca:f3:41:d8:ed:d0:e8:fc:3f:61:48:
+#                    ed:b0:03:14:1d:10:0e:4b:19:e0:bb:4e:ec:86:65:
+#                    ff:36:f3:5e:67:02:0b:9d:86:55:61:fd:7a:38:ed:
+#                    fe:e2:19:00:b7:6f:a1:50:62:75:74:3c:a0:fa:c8:
+#                    25:92:b4:6e:7a:22:c7:f8:1e:a1:e3:b2:dd:91:31:
+#                    ab:2b:1d:04:ff:a5:4a:04:37:e9:85:a4:33:2b:fd:
+#                    e2:d6:55:34:7c:19:a4:4a:68:c7:b2:a8:d3:b7:ca:
+#                    a1:93:88:eb:c1:97:bc:8c:f9:1d:d9:22:84:24:74:
+#                    c7:04:3d:6a:a9:29:93:cc:eb:b8:5b:e1:fe:5f:25:
+#                    aa:34:58:c8:c1:23:54:9d:1b:98:11:c3:38:9c:7e:
+#                    3d:86:6c:a5:0f:40:86:7c:02:f4:5c:02:4f:28:cb:
+#                    ae:71:9f:0f:3a:c8:33:fe:11:25:35:ea:fc:ba:c5:
+#                    60:3d:d9:7c:18:d5:b2:a9:d3:75:78:03:72:22:ca:
+#                    3a:c3:1f:ef:2c:e5:2e:a9:fa:9e:2c:b6:51:46:fd:
+#                    af:03:d6:ea:60:68:ea:85:16:36:6b:85:e9:1e:c0:
+#                    b3:dd:c4:24:dc:80:2a:81:41:6d:94:3e:c8:e0:c9:
+#                    81:41:00:9e:5e:bf:7f:c5:08:98:a2:18:2c:42:40:
+#                    b3:f9:6f:38:27:4b:4e:80:f4:3d:81:47:e0:88:7c:
+#                    ea:1c:ce:b5:75:5c:51:2e:1c:2b:7f:1a:72:28:e7:
+#                    00:b5:d1:74:c6:d7:e4:9f:ad:07:93:b6:53:35:35:
+#                    fc:37:e4:c3:f6:5d:16:be:21:73:de:92:0a:f8:a0:
+#                    63:6a:bc:96:92:6a:3e:f8:bc:65:55:9b:de:f5:0d:
+#                    89:26:04:fc:25:1a:a6:25:69:cb:c2:6d:ca:7c:e2:
+#                    59:5f:97:ac:eb:ef:2e:c8:bc:d7:1b:59:3c:2b:cc:
+#                    f2:19:c8:93:6b:27:63:19:cf:fc:e9:26:f8:ca:71:
+#                    9b:7f:93:fe:34:67:84:4e:99:eb:fc:b3:78:09:33:
+#                    70:ba:66:a6:76:ed:1b:73:eb:1a:a5:0d:c4:22:13:
+#                    20:94:56:0a:4e:2c:6c:4e:b1:fd:cf:9c:09:ba:a2:
+#                    33:ed:87
+#                Exponent: 65537 (0x10001)
+#        X509v3 extensions:
+#            X509v3 Subject Key Identifier: 
+#                DD:04:09:07:A2:F5:7A:7D:52:53:12:92:95:EE:38:80:25:0D:A6:59
+#            X509v3 Basic Constraints: critical
+#                CA:TRUE
+#            X509v3 Authority Key Identifier: 
+#                keyid:DD:04:09:07:A2:F5:7A:7D:52:53:12:92:95:EE:38:80:25:0D:A6:59
+#
+#            X509v3 Key Usage: critical
+#                Digital Signature, Certificate Sign, CRL Sign
+#    Signature Algorithm: sha256WithRSAEncryption
+#         20:18:11:94:29:fb:26:9d:1c:1e:1e:70:61:f1:95:72:93:71:
+#         24:ad:68:93:58:8e:32:af:1b:b3:70:03:fc:25:2b:74:85:90:
+#         3d:78:6a:f4:b9:8b:a5:97:3b:b5:18:91:bb:1e:a7:f9:40:5b:
+#         91:f9:55:99:af:1e:11:d0:5c:1d:a7:66:e3:b1:94:07:0c:32:
+#         39:a6:ea:1b:b0:79:d8:1d:9c:70:44:e3:8a:dd:c4:f9:95:1f:
+#         8a:38:43:3f:01:85:a5:47:a7:3d:46:b2:bc:e5:22:68:f7:7b:
+#         9c:d8:2c:3e:0a:21:c8:2d:33:ac:bf:c5:81:99:31:74:c1:75:
+#         71:c5:be:b1:f0:23:45:f4:9d:6b:fc:19:63:9d:a3:bc:04:c6:
+#         18:0b:25:bb:53:89:0f:b3:80:50:de:45:ee:44:7f:ab:94:78:
+#         64:98:d3:f6:28:dd:87:d8:70:65:74:fb:0e:b9:13:eb:a7:0f:
+#         61:a9:32:96:cc:de:bb:ed:63:4c:18:bb:a9:40:f7:a0:54:6e:
+#         20:88:71:75:18:ea:7a:b4:34:72:e0:23:27:77:5c:b6:90:ea:
+#         86:25:40:ab:ef:33:0f:cb:9f:82:be:a2:20:fb:f6:b5:2d:1a:
+#         e6:c2:85:b1:74:0f:fb:c8:65:02:a4:52:01:47:dd:49:22:c1:
+#         bf:d8:eb:6b:ac:7e:de:ec:63:33:15:b7:23:08:8f:c6:0f:8d:
+#         41:5a:dd:8e:c5:b9:8f:e5:45:3f:78:db:ba:d2:1b:40:b1:fe:
+#         71:4d:3f:e0:81:a2:ba:5e:b4:ec:15:e0:93:dd:08:1f:7e:e1:
+#         55:99:0b:21:de:93:9e:0a:fb:e6:a3:49:bd:36:30:fe:e7:77:
+#         b2:a0:75:97:b5:2d:81:88:17:65:20:f7:da:90:00:9f:c9:52:
+#         cc:32:ca:35:7c:f5:3d:0f:d8:2b:d7:f5:26:6c:c9:06:34:96:
+#         16:ea:70:59:1a:32:79:79:0b:b6:88:7f:0f:52:48:3d:bf:6c:
+#         d8:a2:44:2e:d1:4e:b7:72:58:d3:89:13:95:fe:44:ab:f8:d7:
+#         8b:1b:6e:9c:bc:2c:a0:5b:d5:6a:00:af:5f:37:e1:d5:fa:10:
+#         0b:98:9c:86:e7:26:8f:ce:f0:ec:6e:8a:57:0b:80:e3:4e:b2:
+#         c0:a0:63:61:90:ba:55:68:37:74:6a:b6:92:db:9f:a1:86:22:
+#         b6:65:27:0e:ec:b6:9f:42:60:e4:67:c2:b5:da:41:0b:c4:d3:
+#         8b:61:1b:bc:fa:1f:91:2b:d7:44:07:5e:ba:29:ac:d9:c5:e9:
+#         ef:53:48:5a:eb:80:f1:28:58:21:cd:b0:06:55:fb:27:3f:53:
+#         90:70:a9:04:1e:57:27:b9
+
 [p11-kit-object-v1]
 label: "SZAFIR ROOT CA2"
 class: x-certificate-extension
@@ -16078,7 +12446,7 @@ QSdJQO7e5iNEOdyhIta6A/I=
 label: "SecureTrust CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6SB5ZXN9fYUjsJPytTi
@@ -16188,7 +12556,7 @@ CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
 label: "Secure Global CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzUu2KxsVWkGceUTaCSz
@@ -16294,110 +12662,11 @@ f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
 #         b9:f1:b4:50:29:f2:4f:23:1f:da:6c:ac:1f:44:e1:dd:23:78:
 #         51:5b:c7:16
 
-[p11-kit-object-v1]
-label: "Security Communication EV RootCA1"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH/sV5sk4P6cukJ5qYiK
-+oDg9QcpQ+qOCjQ2jRz6p7U5eP+Xdfcv5KprBIREyqbiaI79VVBiD6RxDs4HOC1C
-hVCtPJZvi9WiDs/eSYk91mQuOOUebLVXip7vSA7NemkWh0S1kOQGna6hBJdYee8g
-SoJrjCK/7B8P6YRx7fEO5LgYE8xWNl3Rmh5RazluYHaINAvzs9Gwncph4mQdwUYH
-uGPdHjNls44JVVI9tb3/B+utYVUYLKlpmEqqQMUzFGV0APmR3q8DSMVAVNwPhJBo
-IMWSltwu5QJFqsBfVPht6knPXWxLr++awlZcxjVWQmowX8Kr9uI9P7PJEY8xTNef
-SQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Security Communication EV RootCA1"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDEl
-MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMh
-U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIz
-MloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09N
-IFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNlY3VyaXR5IENvbW11
-bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSE
-RMqm4miO/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gO
-zXppFodEtZDkBp2uoQSXWHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5
-bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4zZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDF
-MxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4bepJz11sS6/vmsJWXMY1
-VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK9U2vP9eC
-OKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HW
-tWS3irO4G8za+6xmiEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZ
-q51ihPZRwSzJIxXYKLerJRO1RuGGAv8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDb
-EJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnWmHyojf6GPgcWkuF75x3sM3Z+
-Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEWT1MKZPlO9L9O
-VL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 0 (0x0)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication EV RootCA1
-#        Validity
-#            Not Before: Jun  6 02:12:32 2007 GMT
-#            Not After : Jun  6 02:12:32 2037 GMT
-#        Subject: C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication EV RootCA1
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:bc:7f:ec:57:9b:24:e0:fe:9c:ba:42:79:a9:88:
-#                    8a:fa:80:e0:f5:07:29:43:ea:8e:0a:34:36:8d:1c:
-#                    fa:a7:b5:39:78:ff:97:75:f7:2f:e4:aa:6b:04:84:
-#                    44:ca:a6:e2:68:8e:fd:55:50:62:0f:a4:71:0e:ce:
-#                    07:38:2d:42:85:50:ad:3c:96:6f:8b:d5:a2:0e:cf:
-#                    de:49:89:3d:d6:64:2e:38:e5:1e:6c:b5:57:8a:9e:
-#                    ef:48:0e:cd:7a:69:16:87:44:b5:90:e4:06:9d:ae:
-#                    a1:04:97:58:79:ef:20:4a:82:6b:8c:22:bf:ec:1f:
-#                    0f:e9:84:71:ed:f1:0e:e4:b8:18:13:cc:56:36:5d:
-#                    d1:9a:1e:51:6b:39:6e:60:76:88:34:0b:f3:b3:d1:
-#                    b0:9d:ca:61:e2:64:1d:c1:46:07:b8:63:dd:1e:33:
-#                    65:b3:8e:09:55:52:3d:b5:bd:ff:07:eb:ad:61:55:
-#                    18:2c:a9:69:98:4a:aa:40:c5:33:14:65:74:00:f9:
-#                    91:de:af:03:48:c5:40:54:dc:0f:84:90:68:20:c5:
-#                    92:96:dc:2e:e5:02:45:aa:c0:5f:54:f8:6d:ea:49:
-#                    cf:5d:6c:4b:af:ef:9a:c2:56:5c:c6:35:56:42:6a:
-#                    30:5f:c2:ab:f6:e2:3d:3f:b3:c9:11:8f:31:4c:d7:
-#                    9f:49
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Subject Key Identifier: 
-#                35:4A:F5:4D:AF:3F:D7:82:38:AC:AB:71:65:17:75:8C:9D:55:93:E6
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#    Signature Algorithm: sha1WithRSAEncryption
-#         a8:87:e9:ec:f8:40:67:5d:c3:c1:66:c7:40:4b:97:fc:87:13:
-#         90:5a:c4:ef:a0:ca:5f:8b:b7:a7:b7:f1:d6:b5:64:b7:8a:b3:
-#         b8:1b:cc:da:fb:ac:66:88:41:ce:e8:fc:e4:db:1e:88:a6:ed:
-#         27:50:1b:02:30:24:46:79:fe:04:87:70:97:40:73:d1:c0:c1:
-#         57:19:9a:69:a5:27:99:ab:9d:62:84:f6:51:c1:2c:c9:23:15:
-#         d8:28:b7:ab:25:13:b5:46:e1:86:02:ff:26:8c:c4:88:92:1d:
-#         56:fe:19:67:f2:55:e4:80:a3:6b:9c:ab:77:e1:51:71:0d:20:
-#         db:10:9a:db:bd:76:79:07:77:99:28:ad:9a:5e:da:b1:4f:44:
-#         2c:35:8e:a5:96:c7:fd:83:f0:58:c6:79:d6:98:7c:a8:8d:fe:
-#         86:3e:07:16:92:e1:7b:e7:1d:ec:33:76:7e:42:2e:4a:85:f9:
-#         91:89:68:84:03:81:a5:9b:9a:be:e3:37:c5:54:ab:56:3b:18:
-#         2d:41:a4:0c:f8:42:db:99:a0:e0:72:6f:bb:5d:e1:16:4f:53:
-#         0a:64:f9:4e:f4:bf:4e:54:bd:78:6c:88:ea:bf:9c:13:24:c2:
-#         70:69:a2:7f:0f:c8:3c:ad:08:c9:b0:98:40:a3:2a:e7:88:83:
-#         ed:77:8f:74
-
 [p11-kit-object-v1]
 label: "Security Communication RootCA2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BU5UrFSs7rFWYLEXVKu
@@ -16496,7 +12765,7 @@ SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03
 label: "Security Communication Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7P+f9Ntse8WfFelDG12
@@ -16837,7 +13106,7 @@ FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
 label: "Staat der Nederlanden Root CA - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxVnnb3WqPkuctbisngvk
@@ -17134,7 +13403,7 @@ QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
 label: "Starfield Class 2 CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAtzLI/ulxpgSFrQwRZN/O
@@ -17239,7 +13508,7 @@ WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
 label: "Starfield Root Certificate Authority - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve3BA/z2j/wCsW9bn0jZ
@@ -17340,7 +13609,7 @@ mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0
 label: "Starfield Services Root Certificate Authority - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qw6xCr5TuL1vhmXX46I
@@ -17438,508 +13707,11 @@ sSi6
 #         e9:d8:a8:6f:02:8b:67:0d:4d:26:57:71:da:20:fc:c1:4a:50:
 #         8d:b1:28:ba
 
-[p11-kit-object-v1]
-label: "StartCom Certification Authority"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwYjbCbxsRnx4n5V7tTOQ
-8nJi1sE2ICIkXs7pd/JDCqIGZKTMjjb4OOYj8G5tsTzdcqOFHKHTPbQzK9Mvr/7q
-sEFZZ7bEBn0KnnSF1nlMgDd63zkFUln39BtGQ6TShYXSw3HzdWI0uiyKfx6P7u00
-0BHHls1SPboz1t1N3gs7SkufwiYv+rUWHHI1d8o8XebK4SaLGjZ2XAHbdBQl/u21
-oIgP3XjKLR8HlzABLXJ5+kbWEyqouaarg0kd5fLv3eQBjhgKj2NTFoViqQ4ZOsy1
-ZqbCa3QH5Cvhdj60bdj2ROFzYh87xL6gU1YlbFEJ96qryr92/W2b853bvz1mvAxW
-qq+YSJU6S9+nWFDZOHWpW+pDDAL/mevobE1wWyllnN2qXcyvATHsDOvSjejqnHvm
-bvcnZgwaSNduQuM/3iE+e+ENcPtjqqhsGlS0XCV6yaLJixamuyx+F14FTVhuEh0B
-7hIQDcYyfxj//PT6zW6R6DZJvhpIaYvClk0aErJpF8EKkNb6eSJIv7p7afhwx/p6
-N9jYDdJ2T1f/kLfjkdLd78Jgt2c63f6qnPDUi39yIs7Gn5e2+K+KoBCo2fsYxra1
-XFI8ibYZKnMBCg8DsxJg8novgdujbv8mMJf1i92JV7atPbOvK8W3dgLwpdYrmoYU
-KnL24zOMXQlLE9+7jHQTUksCAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "StartCom Certification Authority"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1 (0x1)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
-#        Validity
-#            Not Before: Sep 17 19:46:36 2006 GMT
-#            Not After : Sep 17 19:46:36 2036 GMT
-#        Subject: C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:c1:88:db:09:bc:6c:46:7c:78:9f:95:7b:b5:33:
-#                    90:f2:72:62:d6:c1:36:20:22:24:5e:ce:e9:77:f2:
-#                    43:0a:a2:06:64:a4:cc:8e:36:f8:38:e6:23:f0:6e:
-#                    6d:b1:3c:dd:72:a3:85:1c:a1:d3:3d:b4:33:2b:d3:
-#                    2f:af:fe:ea:b0:41:59:67:b6:c4:06:7d:0a:9e:74:
-#                    85:d6:79:4c:80:37:7a:df:39:05:52:59:f7:f4:1b:
-#                    46:43:a4:d2:85:85:d2:c3:71:f3:75:62:34:ba:2c:
-#                    8a:7f:1e:8f:ee:ed:34:d0:11:c7:96:cd:52:3d:ba:
-#                    33:d6:dd:4d:de:0b:3b:4a:4b:9f:c2:26:2f:fa:b5:
-#                    16:1c:72:35:77:ca:3c:5d:e6:ca:e1:26:8b:1a:36:
-#                    76:5c:01:db:74:14:25:fe:ed:b5:a0:88:0f:dd:78:
-#                    ca:2d:1f:07:97:30:01:2d:72:79:fa:46:d6:13:2a:
-#                    a8:b9:a6:ab:83:49:1d:e5:f2:ef:dd:e4:01:8e:18:
-#                    0a:8f:63:53:16:85:62:a9:0e:19:3a:cc:b5:66:a6:
-#                    c2:6b:74:07:e4:2b:e1:76:3e:b4:6d:d8:f6:44:e1:
-#                    73:62:1f:3b:c4:be:a0:53:56:25:6c:51:09:f7:aa:
-#                    ab:ca:bf:76:fd:6d:9b:f3:9d:db:bf:3d:66:bc:0c:
-#                    56:aa:af:98:48:95:3a:4b:df:a7:58:50:d9:38:75:
-#                    a9:5b:ea:43:0c:02:ff:99:eb:e8:6c:4d:70:5b:29:
-#                    65:9c:dd:aa:5d:cc:af:01:31:ec:0c:eb:d2:8d:e8:
-#                    ea:9c:7b:e6:6e:f7:27:66:0c:1a:48:d7:6e:42:e3:
-#                    3f:de:21:3e:7b:e1:0d:70:fb:63:aa:a8:6c:1a:54:
-#                    b4:5c:25:7a:c9:a2:c9:8b:16:a6:bb:2c:7e:17:5e:
-#                    05:4d:58:6e:12:1d:01:ee:12:10:0d:c6:32:7f:18:
-#                    ff:fc:f4:fa:cd:6e:91:e8:36:49:be:1a:48:69:8b:
-#                    c2:96:4d:1a:12:b2:69:17:c1:0a:90:d6:fa:79:22:
-#                    48:bf:ba:7b:69:f8:70:c7:fa:7a:37:d8:d8:0d:d2:
-#                    76:4f:57:ff:90:b7:e3:91:d2:dd:ef:c2:60:b7:67:
-#                    3a:dd:fe:aa:9c:f0:d4:8b:7f:72:22:ce:c6:9f:97:
-#                    b6:f8:af:8a:a0:10:a8:d9:fb:18:c6:b6:b5:5c:52:
-#                    3c:89:b6:19:2a:73:01:0a:0f:03:b3:12:60:f2:7a:
-#                    2f:81:db:a3:6e:ff:26:30:97:f5:8b:dd:89:57:b6:
-#                    ad:3d:b3:af:2b:c5:b7:76:02:f0:a5:d6:2b:9a:86:
-#                    14:2a:72:f6:e3:33:8c:5d:09:4b:13:df:bb:8c:74:
-#                    13:52:4b
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: 
-#                CA:TRUE
-#            X509v3 Key Usage: 
-#                Digital Signature, Key Encipherment, Key Agreement, Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                4E:0B:EF:1A:A4:40:5B:A5:17:69:87:30:CA:34:68:43:D0:41:AE:F2
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://cert.startcom.org/sfsca-crl.crl
-#
-#                Full Name:
-#                  URI:http://crl.startcom.org/sfsca-crl.crl
-#
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.23223.1.1.1
-#                  CPS: http://cert.startcom.org/policy.pdf
-#                  CPS: http://cert.startcom.org/intermediate.pdf
-#                  User Notice:
-#                    Organization: Start Commercial (StartCom) Ltd.
-#                    Number: 1
-#                    Explicit Text: Limited Liability, read the section *Legal Limitations* of the StartCom Certification Authority Policy available at http://cert.startcom.org/policy.pdf
-#
-#            Netscape Cert Type: 
-#                SSL CA, S/MIME CA, Object Signing CA
-#            Netscape Comment: 
-#                StartCom Free SSL Certification Authority
-#    Signature Algorithm: sha1WithRSAEncryption
-#         16:6c:99:f4:66:0c:34:f5:d0:85:5e:7d:0a:ec:da:10:4e:38:
-#         1c:5e:df:a6:25:05:4b:91:32:c1:e8:3b:f1:3d:dd:44:09:5b:
-#         07:49:8a:29:cb:66:02:b7:b1:9a:f7:25:98:09:3c:8e:1b:e1:
-#         dd:36:87:2b:4b:bb:68:d3:39:66:3d:a0:26:c7:f2:39:91:1d:
-#         51:ab:82:7b:7e:d5:ce:5a:e4:e2:03:57:70:69:97:08:f9:5e:
-#         58:a6:0a:df:8c:06:9a:45:16:16:38:0a:5e:57:f6:62:c7:7a:
-#         02:05:e6:bc:1e:b5:f2:9e:f4:a9:29:83:f8:b2:14:e3:6e:28:
-#         87:44:c3:90:1a:de:38:a9:3c:ac:43:4d:64:45:ce:dd:28:a9:
-#         5c:f2:73:7b:04:f8:17:e8:ab:b1:f3:2e:5c:64:6e:73:31:3a:
-#         12:b8:bc:b3:11:e4:7d:8f:81:51:9a:3b:8d:89:f4:4d:93:66:
-#         7b:3c:03:ed:d3:9a:1d:9a:f3:65:50:f5:a0:d0:75:9f:2f:af:
-#         f0:ea:82:43:98:f8:69:9c:89:79:c4:43:8e:46:72:e3:64:36:
-#         12:af:f7:25:1e:38:89:90:77:7e:c3:6b:6a:b9:c3:cb:44:4b:
-#         ac:78:90:8b:e7:c7:2c:1e:4b:11:44:c8:34:52:27:cd:0a:5d:
-#         9f:85:c1:89:d5:1a:78:f2:95:10:53:32:dd:80:84:66:75:d9:
-#         b5:68:28:fb:61:2e:be:84:a8:38:c0:99:12:86:a5:1e:67:64:
-#         ad:06:2e:2f:a9:70:85:c7:96:0f:7c:89:65:f5:8e:43:54:0e:
-#         ab:dd:a5:80:39:94:60:c0:34:c9:96:70:2c:a3:12:f5:1f:48:
-#         7b:bd:1c:7e:6b:b7:9d:90:f4:22:3b:ae:f8:fc:2a:ca:fa:82:
-#         52:a0:ef:af:4b:55:93:eb:c1:b5:f0:22:8b:ac:34:4e:26:22:
-#         04:a1:87:2c:75:4a:b7:e5:7d:13:d7:b8:0c:64:c0:36:d2:c9:
-#         2f:86:12:8c:23:09:c1:1b:82:3b:73:49:a3:6a:57:87:94:e5:
-#         d6:78:c5:99:43:63:e3:4d:e0:77:2d:e1:65:99:72:69:04:1a:
-#         47:09:e6:0f:01:56:24:fb:1f:bf:0e:79:a9:58:2e:b9:c4:09:
-#         01:7e:95:ba:6d:00:06:3e:b2:ea:4a:10:39:d8:d0:2b:f5:bf:
-#         ec:75:bf:97:02:c5:09:1b:08:dc:55:37:e2:81:fb:37:84:43:
-#         62:20:ca:e7:56:4b:65:ea:fe:6c:c1:24:93:24:a1:34:eb:05:
-#         ff:9a:22:ae:9b:7d:3f:f1:65:51:0a:a6:30:6a:b3:f4:88:1c:
-#         80:0d:fc:72:8a:e8:83:5e
-
-[p11-kit-object-v1]
-label: "StartCom Certification Authority"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwYjbCbxsRnx4n5V7tTOQ
-8nJi1sE2ICIkXs7pd/JDCqIGZKTMjjb4OOYj8G5tsTzdcqOFHKHTPbQzK9Mvr/7q
-sEFZZ7bEBn0KnnSF1nlMgDd63zkFUln39BtGQ6TShYXSw3HzdWI0uiyKfx6P7u00
-0BHHls1SPboz1t1N3gs7SkufwiYv+rUWHHI1d8o8XebK4SaLGjZ2XAHbdBQl/u21
-oIgP3XjKLR8HlzABLXJ5+kbWEyqouaarg0kd5fLv3eQBjhgKj2NTFoViqQ4ZOsy1
-ZqbCa3QH5Cvhdj60bdj2ROFzYh87xL6gU1YlbFEJ96qryr92/W2b853bvz1mvAxW
-qq+YSJU6S9+nWFDZOHWpW+pDDAL/mevobE1wWyllnN2qXcyvATHsDOvSjejqnHvm
-bvcnZgwaSNduQuM/3iE+e+ENcPtjqqhsGlS0XCV6yaLJixamuyx+F14FTVhuEh0B
-7hIQDcYyfxj//PT6zW6R6DZJvhpIaYvClk0aErJpF8EKkNb6eSJIv7p7afhwx/p6
-N9jYDdJ2T1f/kLfjkdLd78Jgt2c63f6qnPDUi39yIs7Gn5e2+K+KoBCo2fsYxra1
-XFI8ibYZKnMBCg8DsxJg8novgdujbv8mMJf1i92JV7atPbOvK8W3dgLwpdYrmoYU
-KnL24zOMXQlLE9+7jHQTUksCAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "StartCom Certification Authority"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
-F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
-ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
-ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
-aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
-YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
-c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
-d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
-CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
-dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
-wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
-Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
-0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
-pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
-CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
-P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
-1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
-KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
-8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
-fyWl8kgAwKQB2j8=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 45 (0x2d)
-#    Signature Algorithm: sha256WithRSAEncryption
-#        Issuer: C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
-#        Validity
-#            Not Before: Sep 17 19:46:37 2006 GMT
-#            Not After : Sep 17 19:46:36 2036 GMT
-#        Subject: C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:c1:88:db:09:bc:6c:46:7c:78:9f:95:7b:b5:33:
-#                    90:f2:72:62:d6:c1:36:20:22:24:5e:ce:e9:77:f2:
-#                    43:0a:a2:06:64:a4:cc:8e:36:f8:38:e6:23:f0:6e:
-#                    6d:b1:3c:dd:72:a3:85:1c:a1:d3:3d:b4:33:2b:d3:
-#                    2f:af:fe:ea:b0:41:59:67:b6:c4:06:7d:0a:9e:74:
-#                    85:d6:79:4c:80:37:7a:df:39:05:52:59:f7:f4:1b:
-#                    46:43:a4:d2:85:85:d2:c3:71:f3:75:62:34:ba:2c:
-#                    8a:7f:1e:8f:ee:ed:34:d0:11:c7:96:cd:52:3d:ba:
-#                    33:d6:dd:4d:de:0b:3b:4a:4b:9f:c2:26:2f:fa:b5:
-#                    16:1c:72:35:77:ca:3c:5d:e6:ca:e1:26:8b:1a:36:
-#                    76:5c:01:db:74:14:25:fe:ed:b5:a0:88:0f:dd:78:
-#                    ca:2d:1f:07:97:30:01:2d:72:79:fa:46:d6:13:2a:
-#                    a8:b9:a6:ab:83:49:1d:e5:f2:ef:dd:e4:01:8e:18:
-#                    0a:8f:63:53:16:85:62:a9:0e:19:3a:cc:b5:66:a6:
-#                    c2:6b:74:07:e4:2b:e1:76:3e:b4:6d:d8:f6:44:e1:
-#                    73:62:1f:3b:c4:be:a0:53:56:25:6c:51:09:f7:aa:
-#                    ab:ca:bf:76:fd:6d:9b:f3:9d:db:bf:3d:66:bc:0c:
-#                    56:aa:af:98:48:95:3a:4b:df:a7:58:50:d9:38:75:
-#                    a9:5b:ea:43:0c:02:ff:99:eb:e8:6c:4d:70:5b:29:
-#                    65:9c:dd:aa:5d:cc:af:01:31:ec:0c:eb:d2:8d:e8:
-#                    ea:9c:7b:e6:6e:f7:27:66:0c:1a:48:d7:6e:42:e3:
-#                    3f:de:21:3e:7b:e1:0d:70:fb:63:aa:a8:6c:1a:54:
-#                    b4:5c:25:7a:c9:a2:c9:8b:16:a6:bb:2c:7e:17:5e:
-#                    05:4d:58:6e:12:1d:01:ee:12:10:0d:c6:32:7f:18:
-#                    ff:fc:f4:fa:cd:6e:91:e8:36:49:be:1a:48:69:8b:
-#                    c2:96:4d:1a:12:b2:69:17:c1:0a:90:d6:fa:79:22:
-#                    48:bf:ba:7b:69:f8:70:c7:fa:7a:37:d8:d8:0d:d2:
-#                    76:4f:57:ff:90:b7:e3:91:d2:dd:ef:c2:60:b7:67:
-#                    3a:dd:fe:aa:9c:f0:d4:8b:7f:72:22:ce:c6:9f:97:
-#                    b6:f8:af:8a:a0:10:a8:d9:fb:18:c6:b6:b5:5c:52:
-#                    3c:89:b6:19:2a:73:01:0a:0f:03:b3:12:60:f2:7a:
-#                    2f:81:db:a3:6e:ff:26:30:97:f5:8b:dd:89:57:b6:
-#                    ad:3d:b3:af:2b:c5:b7:76:02:f0:a5:d6:2b:9a:86:
-#                    14:2a:72:f6:e3:33:8c:5d:09:4b:13:df:bb:8c:74:
-#                    13:52:4b
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                4E:0B:EF:1A:A4:40:5B:A5:17:69:87:30:CA:34:68:43:D0:41:AE:F2
-#            X509v3 Authority Key Identifier: 
-#                keyid:4E:0B:EF:1A:A4:40:5B:A5:17:69:87:30:CA:34:68:43:D0:41:AE:F2
-#
-#            X509v3 Certificate Policies: 
-#                Policy: 1.3.6.1.4.1.23223.1.1.1
-#                  CPS: http://www.startssl.com/policy.pdf
-#                  CPS: http://www.startssl.com/intermediate.pdf
-#                  User Notice:
-#                    Organization: Start Commercial (StartCom) Ltd.
-#                    Number: 1
-#                    Explicit Text: Limited Liability, read the section *Legal Limitations* of the StartCom Certification Authority Policy available at http://www.startssl.com/policy.pdf
-#
-#            Netscape Cert Type: 
-#                SSL CA, S/MIME CA, Object Signing CA
-#            Netscape Comment: 
-#                StartCom Free SSL Certification Authority
-#    Signature Algorithm: sha256WithRSAEncryption
-#         8e:8f:e7:dc:94:79:7c:f1:85:7f:9f:49:6f:6b:ca:5d:fb:8c:
-#         fe:04:c5:c1:62:d1:7d:42:8a:bc:53:b7:94:03:66:30:3f:b1:
-#         e7:0a:a7:50:20:55:25:7f:76:7a:14:0d:eb:04:0e:40:e6:3e:
-#         d8:88:ab:07:27:83:a9:75:a6:37:73:c7:fd:4b:d2:4d:ad:17:
-#         40:c8:46:be:3b:7f:51:fc:c3:b6:05:31:dc:cd:85:22:4e:71:
-#         b7:f2:71:5e:b0:1a:c6:ba:93:8b:78:92:4a:85:f8:78:0f:83:
-#         fe:2f:ad:2c:f7:e4:a4:bb:2d:d0:e7:0d:3a:b8:3e:ce:f6:78:
-#         f6:ae:47:24:ca:a3:35:36:ce:c7:c6:87:98:da:ec:fb:e9:b2:
-#         ce:27:9b:88:c3:04:a1:f6:0b:59:68:af:c9:db:10:0f:4d:f6:
-#         64:63:5c:a5:12:6f:92:b2:93:94:c7:88:17:0e:93:b6:7e:62:
-#         8b:90:7f:ab:4e:9f:fc:e3:75:14:4f:2a:32:df:5b:0d:e0:f5:
-#         7b:93:0d:ab:a1:cf:87:e1:a5:04:45:e8:3c:12:a5:09:c5:b0:
-#         d1:b7:53:f3:60:14:ba:85:69:6a:21:7c:1f:75:61:17:20:17:
-#         7b:6c:3b:41:29:5c:e1:ac:5a:d1:cd:8c:9b:eb:60:1d:19:ec:
-#         f7:e5:b0:da:f9:79:18:a5:45:3f:49:43:57:d2:dd:24:d5:2c:
-#         a3:fd:91:8d:27:b5:e5:eb:14:06:9a:4c:7b:21:bb:3a:ad:30:
-#         06:18:c0:d8:c1:6b:2c:7f:59:5c:5d:91:b1:70:22:57:eb:8a:
-#         6b:48:4a:d5:0f:29:ec:c6:40:c0:2f:88:4c:68:01:17:77:f4:
-#         24:19:4f:bd:fa:e1:b2:20:21:4b:dd:1a:d8:29:7d:aa:b8:de:
-#         54:ec:21:55:80:6c:1e:f5:30:c8:a3:10:e5:b2:e6:2a:14:31:
-#         c3:85:2d:8c:98:b1:86:5a:4f:89:59:2d:b9:c7:f7:1c:c8:8a:
-#         7f:c0:9d:05:4a:e6:42:4f:62:a3:6d:29:a4:1f:85:ab:db:e5:
-#         81:c8:ad:2a:3d:4c:5d:5b:84:26:71:c4:85:5e:71:24:ca:a5:
-#         1b:6c:d8:61:d3:1a:e0:54:db:ce:ba:a9:32:b5:22:f6:73:41:
-#         09:5d:b8:17:5d:0e:0f:99:90:d6:47:da:6f:0a:3a:62:28:14:
-#         67:82:d9:f1:d0:80:59:9b:cb:31:d8:9b:0f:8c:77:4e:b5:68:
-#         8a:f2:6c:f6:24:0e:2d:6c:70:c5:73:d1:de:14:d0:71:8f:b6:
-#         d3:7b:02:f6:e3:b8:d4:09:6e:6b:9e:75:84:39:e6:7f:25:a5:
-#         f2:48:00:c0:a4:01:da:3f
-
-[p11-kit-object-v1]
-label: "StartCom Certification Authority G2"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtok2Wwe3IDa9grvhFiAD
-lXqvDqNVySWZSsXQVkGHkE0hYKQUhzvN/bI+tGcDau3hD0vAkYVwReBCnt4pI9QB
-DaAQebjbA73zqS/RxuAPy56KFAq4vfZWYvHFcrYyJdmy871lxQ0sbtWSbxiLAEEU
-gm9AICZ6KA/1Hn8n95SxNz23x5H34gHs/ZSJ4cxu0zbWChl5rtc0gmX/fEK7tt0L
-pjSvS2D+f0NJBouMQ7hW8tl/IUMX6qdIlQF1deorpUOV6hWEnQiNJm5Vm6vc0jnS
-MR1g4qzMVkUk9RxUq+6G3ZYyhfhMT+iVdrYF3TYjZ7z/FeLKO+am7DvsJhE0SI32
-gCsaIwLrihw6dip7VhYcciqzquNgpQCfBJvibx4UWFulbItYPMO6Tjpc9+GWKz7v
-B7yk5V3MTZ8N4dyqu+FuGuyP4bZMTXlyXRc1Cx3XwUfaliTg0HKoWl9mLRDcLyoT
-rib+ChwZzNA+C5zICS75W5Z6R5zpevMFUHSVc54wCfOXgl7mjzkIHlnlNRRCE/8A
-nPe+qlDP4lFI17hvr/hOfjOYkhRiOnVjz3v63oI7qbs54sS9LAAOyBesE+9NJY7Y
-s5AvqdopfR2vdDqyJ8DBHj51oxapr3oiXZ8TGs+noOvjhgrT/eaWldcjyDfdxHyq
-NqyYGhKx4E7osTv11m/xMNcCAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "StartCom Certification Authority G2"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
-OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
-A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
-JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
-vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
-D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
-Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
-RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
-HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
-nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
-0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
-UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
-Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
-TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
-BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
-UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
-6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
-9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
-HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
-wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
-XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
-IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
-hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
-so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddI
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 59 (0x3b)
-#    Signature Algorithm: sha256WithRSAEncryption
-#        Issuer: C=IL, O=StartCom Ltd., CN=StartCom Certification Authority G2
-#        Validity
-#            Not Before: Jan  1 01:00:01 2010 GMT
-#            Not After : Dec 31 23:59:01 2039 GMT
-#        Subject: C=IL, O=StartCom Ltd., CN=StartCom Certification Authority G2
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:b6:89:36:5b:07:b7:20:36:bd:82:bb:e1:16:20:
-#                    03:95:7a:af:0e:a3:55:c9:25:99:4a:c5:d0:56:41:
-#                    87:90:4d:21:60:a4:14:87:3b:cd:fd:b2:3e:b4:67:
-#                    03:6a:ed:e1:0f:4b:c0:91:85:70:45:e0:42:9e:de:
-#                    29:23:d4:01:0d:a0:10:79:b8:db:03:bd:f3:a9:2f:
-#                    d1:c6:e0:0f:cb:9e:8a:14:0a:b8:bd:f6:56:62:f1:
-#                    c5:72:b6:32:25:d9:b2:f3:bd:65:c5:0d:2c:6e:d5:
-#                    92:6f:18:8b:00:41:14:82:6f:40:20:26:7a:28:0f:
-#                    f5:1e:7f:27:f7:94:b1:37:3d:b7:c7:91:f7:e2:01:
-#                    ec:fd:94:89:e1:cc:6e:d3:36:d6:0a:19:79:ae:d7:
-#                    34:82:65:ff:7c:42:bb:b6:dd:0b:a6:34:af:4b:60:
-#                    fe:7f:43:49:06:8b:8c:43:b8:56:f2:d9:7f:21:43:
-#                    17:ea:a7:48:95:01:75:75:ea:2b:a5:43:95:ea:15:
-#                    84:9d:08:8d:26:6e:55:9b:ab:dc:d2:39:d2:31:1d:
-#                    60:e2:ac:cc:56:45:24:f5:1c:54:ab:ee:86:dd:96:
-#                    32:85:f8:4c:4f:e8:95:76:b6:05:dd:36:23:67:bc:
-#                    ff:15:e2:ca:3b:e6:a6:ec:3b:ec:26:11:34:48:8d:
-#                    f6:80:2b:1a:23:02:eb:8a:1c:3a:76:2a:7b:56:16:
-#                    1c:72:2a:b3:aa:e3:60:a5:00:9f:04:9b:e2:6f:1e:
-#                    14:58:5b:a5:6c:8b:58:3c:c3:ba:4e:3a:5c:f7:e1:
-#                    96:2b:3e:ef:07:bc:a4:e5:5d:cc:4d:9f:0d:e1:dc:
-#                    aa:bb:e1:6e:1a:ec:8f:e1:b6:4c:4d:79:72:5d:17:
-#                    35:0b:1d:d7:c1:47:da:96:24:e0:d0:72:a8:5a:5f:
-#                    66:2d:10:dc:2f:2a:13:ae:26:fe:0a:1c:19:cc:d0:
-#                    3e:0b:9c:c8:09:2e:f9:5b:96:7a:47:9c:e9:7a:f3:
-#                    05:50:74:95:73:9e:30:09:f3:97:82:5e:e6:8f:39:
-#                    08:1e:59:e5:35:14:42:13:ff:00:9c:f7:be:aa:50:
-#                    cf:e2:51:48:d7:b8:6f:af:f8:4e:7e:33:98:92:14:
-#                    62:3a:75:63:cf:7b:fa:de:82:3b:a9:bb:39:e2:c4:
-#                    bd:2c:00:0e:c8:17:ac:13:ef:4d:25:8e:d8:b3:90:
-#                    2f:a9:da:29:7d:1d:af:74:3a:b2:27:c0:c1:1e:3e:
-#                    75:a3:16:a9:af:7a:22:5d:9f:13:1a:cf:a7:a0:eb:
-#                    e3:86:0a:d3:fd:e6:96:95:d7:23:c8:37:dd:c4:7c:
-#                    aa:36:ac:98:1a:12:b1:e0:4e:e8:b1:3b:f5:d6:6f:
-#                    f1:30:d7
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Subject Key Identifier: 
-#                4B:C5:B4:40:6B:AD:1C:B3:A5:1C:65:6E:46:36:89:87:05:0C:0E:B6
-#    Signature Algorithm: sha256WithRSAEncryption
-#         73:57:3f:2c:d5:95:32:7e:37:db:96:92:eb:19:5e:7e:53:e7:
-#         41:ec:11:b6:47:ef:b5:de:ed:74:5c:c5:f1:8e:49:e0:fc:6e:
-#         99:13:cd:9f:8a:da:cd:3a:0a:d8:3a:5a:09:3f:5f:34:d0:2f:
-#         03:d2:66:1d:1a:bd:9c:90:37:c8:0c:8e:07:5a:94:45:46:2a:
-#         e6:be:7a:da:a1:a9:a4:69:12:92:b0:7d:36:d4:44:87:d7:51:
-#         f1:29:63:d6:75:cd:16:e4:27:89:1d:f8:c2:32:48:fd:db:99:
-#         d0:8f:5f:54:74:cc:ac:67:34:11:62:d9:0c:0a:37:87:d1:a3:
-#         17:48:8e:d2:17:1d:f6:d7:fd:db:65:eb:fd:a8:d4:f5:d6:4f:
-#         a4:5b:75:e8:c5:d2:60:b2:db:09:7e:25:8b:7b:ba:52:92:9e:
-#         3e:e8:c5:77:a1:3c:e0:4a:73:6b:61:cf:86:dc:43:ff:ff:21:
-#         fe:23:5d:24:4a:f5:d3:6d:0f:62:04:05:57:82:da:6e:a4:33:
-#         25:79:4b:2e:54:19:8b:cc:2c:3d:30:e9:d1:06:ff:e8:32:46:
-#         be:b5:33:76:77:a8:01:5d:96:c1:c1:d5:be:ae:25:c0:c9:1e:
-#         0a:09:20:88:a1:0e:c9:f3:6f:4d:82:54:00:20:a7:d2:8f:e4:
-#         39:54:17:2e:8d:1e:b8:1b:bb:1b:bd:9a:4e:3b:10:34:dc:9c:
-#         88:53:ef:a2:31:5b:58:4f:91:62:c8:c2:9a:9a:cd:15:5d:38:
-#         a9:d6:be:f8:13:b5:9f:12:69:f2:50:62:ac:fb:17:37:f4:ee:
-#         b8:75:67:60:10:fb:83:50:f9:44:b5:75:9c:40:17:b2:fe:fd:
-#         79:5d:6e:58:58:5f:30:fc:00:ae:af:33:c1:0e:4e:6c:ba:a7:
-#         a6:a1:7f:32:db:38:e0:b1:72:17:0a:2b:91:ec:6a:63:26:ed:
-#         89:d4:78:cc:74:1e:05:f8:6b:fe:8c:6a:76:39:29:ae:65:23:
-#         12:95:08:22:1c:97:ce:5b:06:ee:0c:e2:bb:bc:1f:44:93:f6:
-#         d8:38:45:05:21:ed:e4:ad:ab:12:b6:03:a4:42:2e:2d:c4:09:
-#         3a:03:67:69:84:9a:e1:59:90:8a:28:85:d5:5d:74:b1:d1:0e:
-#         20:58:9b:13:a5:b0:63:a6:ed:7b:47:fd:45:55:30:a4:ee:9a:
-#         d4:e6:e2:87:ef:98:c9:32:82:11:29:22:bc:00:0a:31:5e:2d:
-#         0f:c0:8e:e9:6b:b2:8f:2e:06:d8:d1:91:c7:c6:12:f4:4c:fd:
-#         30:17:c3:c1:da:38:5b:e3:a9:ea:e6:a1:ba:79:ef:73:d8:b6:
-#         53:57:2d:f6:d0:e1:d7:48
-
 [p11-kit-object-v1]
 label: "SwissSign Gold CA - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr+TufoskDhJuqVAtFkQ7
@@ -18094,7 +13866,7 @@ Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
 label: "SwissSign Platinum CA - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%04"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyt+iAuLa+PwHFrHeYKre
@@ -18249,7 +14021,7 @@ Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g==
 label: "SwissSign Silver CA - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8
@@ -18400,165 +14172,11 @@ tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
 #         8c:83:f5:ce:ea:07:d8:9a:6a:1e:ec:e4:0a:bb:2a:4c:eb:09:
 #         60:39:ce:ca:62:d8:2e:6e
 
-[p11-kit-object-v1]
-label: "Swisscom Root CA 1"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OA
-FmUgdbI9m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrW
-W/oLJdihFvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/Lc
-qfmdmUc/TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeq
-DFdvpG3FEzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTe
-Byy2dbcokdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn
-7uHbHaBuHYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD
-+SpYVUNFvJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQM
-wtI89Tbo19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv
-/0bSKzjCL3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCj
-igoIlmJWbjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p
-/r+D5kNXJLrvRjSq1xIBOO0CAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Swisscom Root CA 1"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHA==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            5c:0b:85:5c:0b:e7:59:41:df:57:cc:3f:7f:9d:a8:36
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=ch, O=Swisscom, OU=Digital Certificate Services, CN=Swisscom Root CA 1
-#        Validity
-#            Not Before: Aug 18 12:06:20 2005 GMT
-#            Not After : Aug 18 22:06:20 2025 GMT
-#        Subject: C=ch, O=Swisscom, OU=Digital Certificate Services, CN=Swisscom Root CA 1
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:d0:b9:b0:a8:0c:d9:bb:3f:21:f8:1b:d5:33:93:
-#                    80:16:65:20:75:b2:3d:9b:60:6d:46:c8:8c:31:6f:
-#                    17:c3:fa:9a:6c:56:ed:3c:c5:91:57:c3:cd:ab:96:
-#                    49:90:2a:19:4b:1e:a3:6d:57:dd:f1:2b:62:28:75:
-#                    45:5e:aa:d6:5b:fa:0b:25:d8:a1:16:f9:1c:c4:2e:
-#                    e6:95:2a:67:cc:d0:29:6e:3c:85:34:38:61:49:b1:
-#                    00:9f:d6:3a:71:5f:4d:6d:ce:5f:b9:a9:e4:89:7f:
-#                    6a:52:fa:ca:9b:f2:dc:a9:f9:9d:99:47:3f:4e:29:
-#                    5f:b4:a6:8d:5d:7b:0b:99:11:03:03:fe:e7:db:db:
-#                    a3:ff:1d:a5:cd:90:1e:01:1f:35:b0:7f:00:db:90:
-#                    6f:c6:7e:7b:d1:ee:7a:7a:a7:aa:0c:57:6f:a4:6d:
-#                    c5:13:3b:b0:a5:d9:ed:32:1c:b4:5e:67:8b:54:dc:
-#                    73:87:e5:d3:17:7c:66:50:72:5d:d4:1a:58:c1:d9:
-#                    cf:d8:89:02:6f:a7:49:b4:36:5d:d0:a4:de:07:2c:
-#                    b6:75:b7:28:91:d6:97:be:28:f5:98:1e:ea:5b:26:
-#                    c9:bd:b0:97:73:da:ae:91:26:eb:68:c1:f9:39:15:
-#                    d6:67:4b:0a:6d:4f:cb:cf:b0:e4:42:71:8c:53:79:
-#                    e7:ee:e1:db:1d:a0:6e:1d:8c:1a:77:35:5c:16:1e:
-#                    2b:53:1f:34:8b:d1:6c:fc:f2:67:07:7a:f5:ad:ed:
-#                    d6:9a:ab:a1:b1:4b:e1:cc:37:5f:fd:7f:cd:4d:ae:
-#                    b8:1f:9c:43:f9:2a:58:55:43:45:bc:96:cd:70:0e:
-#                    fc:c9:e3:66:ba:4e:8d:3b:81:cb:15:64:7b:b9:94:
-#                    e8:5d:33:52:85:71:2e:4f:8e:a2:06:11:51:c9:e3:
-#                    cb:a1:6e:31:08:64:0c:c2:d2:3c:f5:36:e8:d7:d0:
-#                    0e:78:23:20:91:c9:24:2a:65:29:5b:22:f7:21:ce:
-#                    83:5e:a4:f3:de:4b:d3:68:8f:46:75:5c:83:09:6e:
-#                    29:6b:c4:70:8c:f5:9d:d7:20:2f:ff:46:d2:2b:38:
-#                    c2:2f:75:1c:3d:7e:da:a5:ef:1e:60:85:69:42:d3:
-#                    cc:f8:63:fe:1e:43:39:85:a6:b6:63:41:10:b3:73:
-#                    1e:bc:d3:fa:ca:7d:16:47:e2:a7:d5:d0:a3:8a:0a:
-#                    08:96:62:56:6e:34:db:d9:02:b9:30:75:e3:04:d2:
-#                    e7:8f:c2:b0:11:40:0a:ac:d5:71:02:62:8b:31:be:
-#                    dd:c6:23:58:31:42:43:2d:74:f9:c6:9e:a6:8a:0f:
-#                    e9:fe:bf:83:e6:43:57:24:ba:ef:46:34:aa:d7:12:
-#                    01:38:ed
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: critical
-#                Digital Signature, Certificate Sign, CRL Sign
-#            X509v3 Policy Mappings: 
-#                2.16.756.1.83.0.1:2.16.756.1.83.0.1
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:7
-#            X509v3 Authority Key Identifier: 
-#                keyid:03:25:2F:DE:6F:82:01:3A:5C:2C:DC:2B:A1:69:B5:67:D4:8C:D3:FD
-#
-#            X509v3 Subject Key Identifier: 
-#                03:25:2F:DE:6F:82:01:3A:5C:2C:DC:2B:A1:69:B5:67:D4:8C:D3:FD
-#    Signature Algorithm: sha1WithRSAEncryption
-#         35:10:cb:ec:a6:04:0d:0d:0f:cd:c0:db:ab:a8:f2:88:97:0c:
-#         df:93:2f:4d:7c:40:56:31:7a:eb:a4:0f:60:cd:7a:f3:be:c3:
-#         27:8e:03:3e:a4:dd:12:ef:7e:1e:74:06:3c:3f:31:f2:1c:7b:
-#         91:31:21:b4:f0:d0:6c:97:d4:e9:97:b2:24:56:1e:56:c3:35:
-#         bd:88:05:0f:5b:10:1a:64:e1:c7:82:30:f9:32:ad:9e:50:2c:
-#         e7:78:05:d0:31:b1:5a:98:8a:75:4e:90:5c:6a:14:2a:e0:52:
-#         47:82:60:e6:1e:da:81:b1:fb:14:0b:5a:f1:9f:d2:95:ba:3e:
-#         d0:1b:d6:15:1d:a3:be:86:d5:db:0f:c0:49:64:bb:2e:50:19:
-#         4b:d2:24:f8:dd:1e:07:56:d0:38:a0:95:70:20:76:8c:d7:dd:
-#         1e:de:9f:71:c4:23:ef:83:13:5c:a3:24:15:4d:29:40:3c:6a:
-#         c4:a9:d8:b7:a6:44:a5:0d:f4:e0:9d:77:1e:40:70:26:fc:da:
-#         d9:36:e4:79:e4:b5:3f:bc:9b:65:be:bb:11:96:cf:db:c6:28:
-#         39:3a:08:ce:47:5b:53:5a:c5:99:fe:5d:a9:dd:ef:4c:d4:c6:
-#         a5:ad:02:e6:8c:07:12:1e:6f:03:d1:6f:a0:a3:f3:29:bd:12:
-#         c7:50:a2:b0:7f:88:a9:99:77:9a:b1:c0:a5:39:2e:5c:7c:69:
-#         e2:2c:b0:ea:37:6a:a4:e1:5a:e1:f5:50:e5:83:ef:a5:bb:2a:
-#         88:e7:8c:db:fd:6d:5e:97:19:a8:7e:66:75:6b:71:ea:bf:b1:
-#         c7:6f:a0:f4:8e:a4:ec:34:51:5b:8c:26:03:70:a1:77:d5:01:
-#         12:57:00:35:db:23:de:0e:8a:28:99:fd:b1:10:6f:4b:ff:38:
-#         2d:60:4e:2c:9c:eb:67:b5:ad:49:ee:4b:1f:ac:af:fb:0d:90:
-#         5a:66:60:70:5d:aa:cd:78:d4:24:ee:c8:41:a0:93:01:92:9c:
-#         6a:9e:fc:b9:24:c5:b3:15:82:7e:be:ae:95:2b:eb:b1:c0:da:
-#         e3:01:60:0b:5e:69:ac:84:56:61:be:71:17:fe:1d:13:0f:fe:
-#         c6:87:45:e9:fe:32:a0:1a:0d:13:a4:94:55:71:a5:16:8b:ba:
-#         ca:89:b0:b2:c7:fc:8f:d8:54:b5:93:62:9d:ce:cf:59:fb:3d:
-#         18:ce:2a:cb:35:15:82:5d:ff:54:22:5b:71:52:fb:b7:c9:fe:
-#         60:9b:00:41:64:f0:aa:2a:ec:b6:42:43:ce:89:66:81:c8:8b:
-#         9f:39:54:03:25:d3:16:35:8e:84:d0:5f:fa:30:1a:f5:9a:6c:
-#         f4:0e:53:f9:3a:5b:d1:1c
-
 [p11-kit-object-v1]
 label: "Swisscom Root CA 2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%04"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nb
@@ -18708,160 +14326,6 @@ wSsSnqaeG8XmDtkx2Q==
 #         53:9c:26:45:aa:13:17:e4:e7:cd:78:e2:39:c1:2b:12:9e:a6:
 #         9e:1b:c5:e6:0e:d9:31:d9
 
-[p11-kit-object-v1]
-label: "Swisscom Root EV CA 2"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxPcdL1fqV2z3cF1jsHFS
-CWBEKDOjek4K+tjqbItRFhpVrlQmxMxFB0FPEHl/cdJ6Tj84TrMAxpXKW83BKoPX
-Jx8xDiMWtyXLHLS5gDJeGp2T8eg8YCynXlcZWFFevCxWC7jY74uCtDy4wiSoE8eg
-ITYbelcpKKcuv3ElkPNEg2lQpOThG2IZlAmj88O87/S97NsTnc+dSAlSZ8A3KREe
-+9IRp4UYdHnkT4UU61I34rFF2MwNQ3+uE9JrKz+nwuKobXZbQ5++tJ2zJoY7H3/l
-8uhmKBYl0EuXOKfkzwnRNsMLvto7RFiNvvGeCWs+8zLHK4fG7F6c9odlrTMpxC+J
-2bnLyQOd+2yUUZcQG4YLGhs/9gJ+e9TFUWQonfXTrIOBiNN0tFmdwethM1pF0cs5
-0AZqU2Adr/b7abxq3AHPvfmP2b1bwTpfjtoPS6mbnSooaxoKfDyrIgvldy1x9oI1
-ga74e4Hm6v6s9BqbdFzojyT2XZ1GxCzSHishaoMnZ1VKpOPIMpdmkHLa49RkLl/j
-oWr2YNTnNc3KxGiN13HI0yQzc7Fs+WrhKNtfxj3ovlXmNxvtJNkPGY9fYxhYUIFR
-ZW/yn35qBOc0JHG6dktYHhm9FWBFqgwSQAGdEOLHOAdyCmXAtrslKdoWnos1i2Ht
-5XFXg7U8cZ/jT79+HoGfQZcCAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "Swisscom Root EV CA 2"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
-ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
-dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
-IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
-VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
-dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
-MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
-UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
-1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
-oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
-HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
-5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
-idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
-OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
-NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
-46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
-UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
-7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
-A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
-MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
-bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
-XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
-PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
-Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
-WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
-Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
-7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
-nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
-vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
-WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
-fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
-I+2ksx0WckNLIOFZfsLorSa/ovc=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            f2:fa:64:e2:74:63:d3:8d:fd:10:1d:04:1f:76:ca:58
-#    Signature Algorithm: sha256WithRSAEncryption
-#        Issuer: C=ch, O=Swisscom, OU=Digital Certificate Services, CN=Swisscom Root EV CA 2
-#        Validity
-#            Not Before: Jun 24 09:45:08 2011 GMT
-#            Not After : Jun 25 08:45:08 2031 GMT
-#        Subject: C=ch, O=Swisscom, OU=Digital Certificate Services, CN=Swisscom Root EV CA 2
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:c4:f7:1d:2f:57:ea:57:6c:f7:70:5d:63:b0:71:
-#                    52:09:60:44:28:33:a3:7a:4e:0a:fa:d8:ea:6c:8b:
-#                    51:16:1a:55:ae:54:26:c4:cc:45:07:41:4f:10:79:
-#                    7f:71:d2:7a:4e:3f:38:4e:b3:00:c6:95:ca:5b:cd:
-#                    c1:2a:83:d7:27:1f:31:0e:23:16:b7:25:cb:1c:b4:
-#                    b9:80:32:5e:1a:9d:93:f1:e8:3c:60:2c:a7:5e:57:
-#                    19:58:51:5e:bc:2c:56:0b:b8:d8:ef:8b:82:b4:3c:
-#                    b8:c2:24:a8:13:c7:a0:21:36:1b:7a:57:29:28:a7:
-#                    2e:bf:71:25:90:f3:44:83:69:50:a4:e4:e1:1b:62:
-#                    19:94:09:a3:f3:c3:bc:ef:f4:bd:ec:db:13:9d:cf:
-#                    9d:48:09:52:67:c0:37:29:11:1e:fb:d2:11:a7:85:
-#                    18:74:79:e4:4f:85:14:eb:52:37:e2:b1:45:d8:cc:
-#                    0d:43:7f:ae:13:d2:6b:2b:3f:a7:c2:e2:a8:6d:76:
-#                    5b:43:9f:be:b4:9d:b3:26:86:3b:1f:7f:e5:f2:e8:
-#                    66:28:16:25:d0:4b:97:38:a7:e4:cf:09:d1:36:c3:
-#                    0b:be:da:3b:44:58:8d:be:f1:9e:09:6b:3e:f3:32:
-#                    c7:2b:87:c6:ec:5e:9c:f6:87:65:ad:33:29:c4:2f:
-#                    89:d9:b9:cb:c9:03:9d:fb:6c:94:51:97:10:1b:86:
-#                    0b:1a:1b:3f:f6:02:7e:7b:d4:c5:51:64:28:9d:f5:
-#                    d3:ac:83:81:88:d3:74:b4:59:9d:c1:eb:61:33:5a:
-#                    45:d1:cb:39:d0:06:6a:53:60:1d:af:f6:fb:69:bc:
-#                    6a:dc:01:cf:bd:f9:8f:d9:bd:5b:c1:3a:5f:8e:da:
-#                    0f:4b:a9:9b:9d:2a:28:6b:1a:0a:7c:3c:ab:22:0b:
-#                    e5:77:2d:71:f6:82:35:81:ae:f8:7b:81:e6:ea:fe:
-#                    ac:f4:1a:9b:74:5c:e8:8f:24:f6:5d:9d:46:c4:2c:
-#                    d2:1e:2b:21:6a:83:27:67:55:4a:a4:e3:c8:32:97:
-#                    66:90:72:da:e3:d4:64:2e:5f:e3:a1:6a:f6:60:d4:
-#                    e7:35:cd:ca:c4:68:8d:d7:71:c8:d3:24:33:73:b1:
-#                    6c:f9:6a:e1:28:db:5f:c6:3d:e8:be:55:e6:37:1b:
-#                    ed:24:d9:0f:19:8f:5f:63:18:58:50:81:51:65:6f:
-#                    f2:9f:7e:6a:04:e7:34:24:71:ba:76:4b:58:1e:19:
-#                    bd:15:60:45:aa:0c:12:40:01:9d:10:e2:c7:38:07:
-#                    72:0a:65:c0:b6:bb:25:29:da:16:9e:8b:35:8b:61:
-#                    ed:e5:71:57:83:b5:3c:71:9f:e3:4f:bf:7e:1e:81:
-#                    9f:41:97
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: critical
-#                Digital Signature, Certificate Sign, CRL Sign
-#            X509v3 Policy Mappings: 
-#                2.16.756.1.83.2.2:2.16.756.1.83.2.2
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:3
-#            X509v3 Subject Key Identifier: 
-#                45:D9:A5:81:6E:3D:88:4D:8D:71:D2:46:C1:6E:45:1E:F3:C4:80:9D
-#            X509v3 Authority Key Identifier: 
-#                keyid:45:D9:A5:81:6E:3D:88:4D:8D:71:D2:46:C1:6E:45:1E:F3:C4:80:9D
-#
-#    Signature Algorithm: sha256WithRSAEncryption
-#         94:3a:73:06:9f:52:4b:30:5c:d4:fe:b1:5c:25:f9:d7:8e:6f:
-#         f5:87:64:9f:ed:14:8e:b8:04:8e:28:4b:8f:aa:7b:8e:39:b4:
-#         d9:58:f6:7b:a1:35:0a:a1:9d:8a:f7:63:e5:eb:bd:39:82:d4:
-#         e3:7a:2d:6f:df:13:3c:ba:fe:7e:56:98:0b:f3:54:9f:cd:44:
-#         4e:6e:3c:e1:3e:15:bf:06:26:9d:e4:f0:90:b6:d4:c2:9e:30:
-#         2e:1f:ef:c7:7a:c4:50:c7:ea:7b:da:50:cb:7a:26:cb:00:b4:
-#         5a:ab:b5:93:1f:80:89:84:04:95:8d:8d:7f:09:93:bf:d4:a8:
-#         a8:e4:63:6d:d9:64:e4:b8:29:5a:08:bf:50:e1:84:0f:55:7b:
-#         5f:08:22:1b:f5:bd:99:1e:14:f6:ce:f4:58:10:82:b3:0a:3d:
-#         19:c1:bf:5b:ab:aa:99:d8:f2:31:bd:e5:38:66:dc:58:05:c7:
-#         ed:63:1a:2e:0a:97:7c:87:93:2b:b2:8a:e3:f1:ec:18:e5:75:
-#         b6:29:87:e7:dc:8b:1a:7e:b4:d8:c9:d3:8a:17:6c:7d:29:44:
-#         be:8a:aa:f5:7e:3a:2e:68:31:93:b9:6a:da:9a:e0:db:e9:2e:
-#         a5:84:cd:1c:0a:b8:4a:08:f9:9c:f1:61:26:98:93:b7:7b:66:
-#         ec:91:5e:dd:51:3f:db:73:0f:ad:04:58:09:dd:04:02:95:0a:
-#         3e:d3:76:df:a6:10:1e:80:3d:e8:cd:a4:64:d1:33:c7:92:c7:
-#         e2:4e:44:e3:09:c9:4e:c2:5d:87:0e:12:9e:bf:0f:c9:05:10:
-#         de:7a:a3:b1:3c:f2:3f:a5:aa:27:79:ad:31:7d:1f:fd:fc:19:
-#         69:c5:dd:b9:3f:7c:cd:c6:b4:c2:30:1e:7e:6e:92:d7:7f:61:
-#         76:5a:8f:eb:95:4d:bc:11:6e:21:7c:59:37:99:d0:06:bc:f9:
-#         06:6d:32:16:a5:d9:69:a8:e1:dc:3c:80:1e:60:51:dc:d7:54:
-#         21:1e:ca:62:77:4f:fa:d8:8f:b3:2b:3a:0d:78:72:c9:68:41:
-#         5a:47:4a:c2:a3:eb:1a:d7:0a:ab:3c:32:55:c8:0a:11:9c:df:
-#         74:d6:f0:40:15:1d:c8:b9:8f:b5:36:c5:af:f8:22:b8:ca:1d:
-#         f3:d6:b6:19:0f:9f:61:65:6a:ea:74:c8:7c:8f:c3:4f:5d:65:
-#         82:1f:d9:0d:89:da:75:72:fb:ef:f1:47:67:13:b3:c8:d1:19:
-#         88:27:26:9a:99:79:7f:1e:e4:2c:3f:7b:ee:f1:de:4d:8b:96:
-#         97:c3:d5:3f:7c:1b:23:ed:a4:b3:1d:16:72:43:4b:20:e1:59:
-#         7e:c2:e8:ad:26:bf:a2:f7
-
 [p11-kit-object-v1]
 label: "Symantec Class 1 Public Primary Certification Authority - G4"
 class: x-certificate-extension
@@ -19632,109 +15096,6 @@ lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM=
 #         8d:cf:b6:fd:00:9d:5a:14:9a:bf:02:44:f5:c1:c2:9f:22:5e:
 #         a2:0f:a1:e3
 
-[p11-kit-object-v1]
-label: "TURKTRUST Certificate Services Provider Root 2007"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7c+CozIpVgV5orvJz1K
-tOgl080zwiDcGe6IP01i8N0Td49hqSq11PK5MVgpOy8/apxvc3Yl7jQggO7qt/DE
-Cs0rhpTJ42CxRFKyWim0kZeD2LemFC8pSaLzBQb7tE/aoWyaZp/wQwnK6nKP6wDX
-NTnXVhdHFzD0vr8/wmivNkDBqfSpp+gQawiK94Ye3JoqFQb2o/D04McU1FF/z7Tb
-ba9Hlhebd3HYp3GdJAz2lD+FMRJPuu5Ogri5Po8jN17Moqp19xhvCdOup1QoNPvh
-4DtgfaC+eYmGyJ8t+QpLxFCi5/15Fsd6CxjPzkzvfdYHb5jxr7HBeteBNbiqF7Tg
-ywIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "TURKTRUST Certificate Services Provider Root 2007"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
-S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
-SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
-OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
-b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
-VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
-sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
-ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
-KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
-+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
-HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
-IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
-733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
-Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
-AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
-aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
-mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
-XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
-qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 1 (0x1)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1, C=TR, L=Ankara, O=T\xC3\x9CRKTRUST Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi Hizmetleri A.\xC5\x9E. (c) Aral\xC4\xB1k 2007
-#        Validity
-#            Not Before: Dec 25 18:37:19 2007 GMT
-#            Not After : Dec 22 18:37:19 2017 GMT
-#        Subject: CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1, C=TR, L=Ankara, O=T\xC3\x9CRKTRUST Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi Hizmetleri A.\xC5\x9E. (c) Aral\xC4\xB1k 2007
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:ab:b7:3e:0a:8c:c8:a5:58:15:e6:8a:ef:27:3d:
-#                    4a:b4:e8:25:d3:cd:33:c2:20:dc:19:ee:88:3f:4d:
-#                    62:f0:dd:13:77:8f:61:a9:2a:b5:d4:f2:b9:31:58:
-#                    29:3b:2f:3f:6a:9c:6f:73:76:25:ee:34:20:80:ee:
-#                    ea:b7:f0:c4:0a:cd:2b:86:94:c9:e3:60:b1:44:52:
-#                    b2:5a:29:b4:91:97:83:d8:b7:a6:14:2f:29:49:a2:
-#                    f3:05:06:fb:b4:4f:da:a1:6c:9a:66:9f:f0:43:09:
-#                    ca:ea:72:8f:eb:00:d7:35:39:d7:56:17:47:17:30:
-#                    f4:be:bf:3f:c2:68:af:36:40:c1:a9:f4:a9:a7:e8:
-#                    10:6b:08:8a:f7:86:1e:dc:9a:2a:15:06:f6:a3:f0:
-#                    f4:e0:c7:14:d4:51:7f:cf:b4:db:6d:af:47:96:17:
-#                    9b:77:71:d8:a7:71:9d:24:0c:f6:94:3f:85:31:12:
-#                    4f:ba:ee:4e:82:b8:b9:3e:8f:23:37:5e:cc:a2:aa:
-#                    75:f7:18:6f:09:d3:ae:a7:54:28:34:fb:e1:e0:3b:
-#                    60:7d:a0:be:79:89:86:c8:9f:2d:f9:0a:4b:c4:50:
-#                    a2:e7:fd:79:16:c7:7a:0b:18:cf:ce:4c:ef:7d:d6:
-#                    07:6f:98:f1:af:b1:c1:7a:d7:81:35:b8:aa:17:b4:
-#                    e0:cb
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Subject Key Identifier: 
-#                29:C5:90:AB:25:AF:11:E4:61:BF:A3:FF:88:61:91:E6:0E:FE:9C:81
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#    Signature Algorithm: sha1WithRSAEncryption
-#         10:0d:da:f8:3a:ec:28:d1:14:95:82:b1:12:2c:51:7a:41:25:
-#         36:4c:9f:ec:3f:1f:84:9d:65:54:5c:a8:16:02:40:fa:6e:1a:
-#         37:84:ef:72:9d:86:0a:55:9d:56:28:ac:66:2c:d0:3a:56:93:
-#         34:07:25:ad:08:b0:8f:c8:0f:09:59:ca:9d:98:1c:e5:54:f8:
-#         b9:45:7f:6a:97:6f:88:68:4d:4a:06:26:37:88:02:0e:b6:c6:
-#         d6:72:99:ce:6b:77:da:62:31:a4:56:1f:ae:5f:8d:77:da:5d:
-#         f6:88:fc:1a:d9:9e:b5:81:f0:32:b8:e3:88:d0:9c:f3:6a:a0:
-#         b9:9b:14:59:35:36:4f:cf:f3:8e:5e:5d:17:ad:15:95:d8:dd:
-#         b2:d5:15:6e:00:4e:b3:4b:cf:66:94:e4:e0:cd:b5:05:da:63:
-#         57:8b:e5:b3:aa:db:c0:2e:1c:90:44:db:1a:5d:18:a4:ee:be:
-#         04:5b:99:d5:71:5f:55:65:64:62:d5:a2:9b:04:59:86:c8:62:
-#         77:e7:7c:82:45:6a:3d:17:bf:ec:9d:75:0c:ae:a3:6f:5a:d3:
-#         2f:98:36:f4:f0:f5:19:ab:11:5d:c8:a6:e3:2a:58:6a:42:09:
-#         c3:bd:92:26:66:32:0d:5d:08:55:74:ff:8c:98:d0:0a:a6:84:
-#         6a:d1:39:7d
-
 [p11-kit-object-v1]
 label: "TURKTRUST Mis-issued Intermediate CA 1"
 class: certificate
@@ -19759,7 +15120,7 @@ x-distrusted: true
 label: "TWCA Global Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsAXbyOuMxG6KIe+OTZxx
@@ -19902,7 +15263,7 @@ KwbQBM0=
 label: "TWCA Root Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH5yuKQDlOan3gk4kUoR
@@ -20001,7 +15362,7 @@ YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw==
 label: "Taiwan GRCA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmiW47Myidah7985bWYrJ
@@ -20289,6 +15650,374 @@ SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY=
 #         c8:1c:ba:ca:c1:ca:e1:b9:20:4c:8f:3a:93:89:a5:a0:cc:bf:
 #         d3:f6:75:a4:75:96:6d:56
 
+[p11-kit-object-v1]
+label: "TrustCor ECA-1"
+class: x-certificate-extension
+object-id: 2.5.29.37
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
+modifiable: false
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4/gEbWfqHZ2298PVO9z
+YymCrUfGo2vt/l8z+ENR6RozkTEXoHTE1KcB5rKSPmqd7Q75dJhA0z8DgAaCQOix
+4qdRpx2DJmur3voXkSvYxqwesZ4ZAdWXpuoNt8RVHyd80gjVdh8pFYdAOd04RRF1
+0JqnNOC/zchSHblHfg24u8YM9nNXFlp+Q5EfVTrGbUQEqpypnKdMiReDrqMEXlKA
+ix4SJREZ1wx9fTFEQerbr7Ac74HQLMWaIZs97UI7UCby7M5xYQZiIVROf8GdPn8g
+jIDLKtiXYsiDM5F9sKJaD1foO8zyJbLUfC/sTcahOhV657ZdNfX2SEo2RWbUuphY
+wQIDAQAB
+-----END PUBLIC KEY-----
+
+[p11-kit-object-v1]
+label: "TrustCor ECA-1"
+trusted: true
+nss-mozilla-ca-policy: true
+modifiable: false
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig
+RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb
+3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA
+BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5
+3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou
+owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/
+wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF
+ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf
+BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv
+civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2
+AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50
+soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI
+WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi
+tJ/X5g==
+-----END CERTIFICATE-----
+#Certificate:
+#    Data:
+#        Version: 3 (0x2)
+#        Serial Number:
+#            84:82:2c:5f:1c:62:d0:40
+#    Signature Algorithm: sha256WithRSAEncryption
+#        Issuer: C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor ECA-1
+#        Validity
+#            Not Before: Feb  4 12:32:33 2016 GMT
+#            Not After : Dec 31 17:28:07 2029 GMT
+#        Subject: C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor ECA-1
+#        Subject Public Key Info:
+#            Public Key Algorithm: rsaEncryption
+#                Public-Key: (2048 bit)
+#                Modulus:
+#                    00:cf:8f:e0:11:b5:9f:a8:76:76:db:df:0f:54:ef:
+#                    73:63:29:82:ad:47:c6:a3:6b:ed:fe:5f:33:f8:43:
+#                    51:e9:1a:33:91:31:17:a0:74:c4:d4:a7:01:e6:b2:
+#                    92:3e:6a:9d:ed:0e:f9:74:98:40:d3:3f:03:80:06:
+#                    82:40:e8:b1:e2:a7:51:a7:1d:83:26:6b:ab:de:fa:
+#                    17:91:2b:d8:c6:ac:1e:b1:9e:19:01:d5:97:a6:ea:
+#                    0d:b7:c4:55:1f:27:7c:d2:08:d5:76:1f:29:15:87:
+#                    40:39:dd:38:45:11:75:d0:9a:a7:34:e0:bf:cd:c8:
+#                    52:1d:b9:47:7e:0d:b8:bb:c6:0c:f6:73:57:16:5a:
+#                    7e:43:91:1f:55:3a:c6:6d:44:04:aa:9c:a9:9c:a7:
+#                    4c:89:17:83:ae:a3:04:5e:52:80:8b:1e:12:25:11:
+#                    19:d7:0c:7d:7d:31:44:41:ea:db:af:b0:1c:ef:81:
+#                    d0:2c:c5:9a:21:9b:3d:ed:42:3b:50:26:f2:ec:ce:
+#                    71:61:06:62:21:54:4e:7f:c1:9d:3e:7f:20:8c:80:
+#                    cb:2a:d8:97:62:c8:83:33:91:7d:b0:a2:5a:0f:57:
+#                    e8:3b:cc:f2:25:b2:d4:7c:2f:ec:4d:c6:a1:3a:15:
+#                    7a:e7:b6:5d:35:f5:f6:48:4a:36:45:66:d4:ba:98:
+#                    58:c1
+#                Exponent: 65537 (0x10001)
+#        X509v3 extensions:
+#            X509v3 Subject Key Identifier: 
+#                44:9E:48:F5:CC:6D:48:D4:A0:4B:7F:FE:59:24:2F:83:97:99:9A:86
+#            X509v3 Authority Key Identifier: 
+#                keyid:44:9E:48:F5:CC:6D:48:D4:A0:4B:7F:FE:59:24:2F:83:97:99:9A:86
+#
+#            X509v3 Basic Constraints: critical
+#                CA:TRUE
+#            X509v3 Key Usage: critical
+#                Digital Signature, Certificate Sign, CRL Sign
+#    Signature Algorithm: sha256WithRSAEncryption
+#         05:3e:35:5c:15:70:9b:c9:c7:73:61:6f:72:2b:d4:c2:8f:f2:
+#         43:5d:02:ce:c4:94:b9:94:11:83:67:5d:e2:67:6c:75:76:bf:
+#         bb:0c:aa:36:c6:ad:47:93:63:dc:1e:7e:d6:de:2e:fe:e9:19:
+#         32:38:03:7f:14:f6:00:73:2c:59:b1:21:06:e1:fb:ac:18:95:
+#         0c:a3:ff:99:96:f7:2b:27:9b:d5:24:cc:1d:dd:c1:3a:e0:98:
+#         44:b0:c4:e4:3e:77:b1:73:a9:64:2c:f6:1c:01:7c:3f:5d:45:
+#         85:c0:85:e7:25:8f:95:dc:17:f3:3c:9f:1a:6e:b0:ca:e3:1d:
+#         2a:e9:4c:63:fa:24:61:62:d6:da:7e:b6:1c:6c:f5:02:1d:d4:
+#         2a:dd:55:90:eb:2a:11:47:3c:2e:5e:74:b2:82:22:a5:7d:53:
+#         1f:45:ec:27:91:7d:e7:22:16:e8:c0:68:36:d8:c6:f1:4f:80:
+#         44:32:f9:e1:d1:d1:1d:aa:de:a8:ab:9c:04:af:ad:20:0e:64:
+#         98:4d:a5:6b:c0:48:58:96:69:4d:dc:07:8c:51:93:a2:df:9f:
+#         0f:3d:8b:60:b4:82:8d:aa:08:4e:62:45:e0:f9:0b:d2:e0:e0:
+#         3c:5b:de:5c:71:27:25:c2:e6:03:81:8b:10:53:e3:c7:55:a2:
+#         b4:9f:d7:e6
+
+[p11-kit-object-v1]
+label: "TrustCor RootCert CA-1"
+class: x-certificate-extension
+object-id: 2.5.29.37
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
+modifiable: false
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv463leLCJhJrMxnHQFgK
+q1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpidRtLByZ5OGy4sDjjzGiVoHKZaBeYe
+i0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3Vseq0iWEk8xoT26nPUu0MJLq5nux+
+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme9J7+wH5COucLlVPat2gOkEz7cD+P
+SiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CVEY4hgLW9oHPY0LJ3xEXqWib7ZnZ2
++AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorWhnAbJN7+KIor0Gqw/Hqi3LJ5Dotl
+DwIDAQAB
+-----END PUBLIC KEY-----
+
+[p11-kit-object-v1]
+label: "TrustCor RootCert CA-1"
+trusted: true
+nss-mozilla-ca-policy: true
+modifiable: false
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB
+pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h
+IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG
+A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU
+cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid
+RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V
+seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme
+9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV
+EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW
+hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I
+/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ
+yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts
+L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN
+zl/HHk484IkzlQsPpTLWPFp5LBk=
+-----END CERTIFICATE-----
+#Certificate:
+#    Data:
+#        Version: 3 (0x2)
+#        Serial Number:
+#            da:9b:ec:71:f3:03:b0:19
+#    Signature Algorithm: sha256WithRSAEncryption
+#        Issuer: C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-1
+#        Validity
+#            Not Before: Feb  4 12:32:16 2016 GMT
+#            Not After : Dec 31 17:23:16 2029 GMT
+#        Subject: C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-1
+#        Subject Public Key Info:
+#            Public Key Algorithm: rsaEncryption
+#                Public-Key: (2048 bit)
+#                Modulus:
+#                    00:bf:8e:b7:95:e2:c2:26:12:6b:33:19:c7:40:58:
+#                    0a:ab:59:aa:8d:00:a3:fc:80:c7:50:7b:8e:d4:20:
+#                    26:ba:32:12:d8:23:54:49:25:10:22:98:9d:46:d2:
+#                    c1:c9:9e:4e:1b:2e:2c:0e:38:f3:1a:25:68:1c:a6:
+#                    5a:05:e6:1e:8b:48:bf:98:96:74:3e:69:ca:e9:b5:
+#                    78:a5:06:bc:d5:00:5e:09:0a:f2:27:7a:52:fc:2d:
+#                    d5:b1:ea:b4:89:61:24:f3:1a:13:db:a9:cf:52:ed:
+#                    0c:24:ba:b9:9e:ec:7e:00:74:fa:93:ad:6c:29:92:
+#                    ae:51:b4:bb:d3:57:bf:b3:f3:a8:8d:9c:f4:24:4b:
+#                    2a:d6:99:9e:f4:9e:fe:c0:7e:42:3a:e7:0b:95:53:
+#                    da:b7:68:0e:90:4c:fb:70:3f:8f:4a:2c:94:f3:26:
+#                    dd:63:69:a9:94:d8:10:4e:c5:47:08:90:99:1b:17:
+#                    4d:b9:6c:6e:ef:60:95:11:8e:21:80:b5:bd:a0:73:
+#                    d8:d0:b2:77:c4:45:ea:5a:26:fb:66:76:76:f8:06:
+#                    1f:61:6d:0f:55:c5:83:b7:10:56:72:06:07:a5:f3:
+#                    b1:1a:03:05:64:0e:9d:5a:8a:d6:86:70:1b:24:de:
+#                    fe:28:8a:2b:d0:6a:b0:fc:7a:a2:dc:b2:79:0e:8b:
+#                    65:0f
+#                Exponent: 65537 (0x10001)
+#        X509v3 extensions:
+#            X509v3 Subject Key Identifier: 
+#                EE:6B:49:3C:7A:3F:0D:E3:B1:09:B7:8A:C8:AB:19:9F:73:33:50:E7
+#            X509v3 Authority Key Identifier: 
+#                keyid:EE:6B:49:3C:7A:3F:0D:E3:B1:09:B7:8A:C8:AB:19:9F:73:33:50:E7
+#
+#            X509v3 Basic Constraints: critical
+#                CA:TRUE
+#            X509v3 Key Usage: critical
+#                Digital Signature, Certificate Sign, CRL Sign
+#    Signature Algorithm: sha256WithRSAEncryption
+#         25:18:d4:91:8f:13:ee:8f:1e:1d:11:53:da:2d:44:29:19:a0:
+#         1e:6b:31:9e:4d:0e:9e:ad:3d:5c:41:6f:95:2b:24:a1:79:98:
+#         3a:38:36:fb:bb:66:9e:48:ff:90:90:ef:3d:d4:b8:9b:b4:87:
+#         75:3f:20:9b:ce:72:cf:a1:55:c1:4d:64:a2:19:06:a1:07:33:
+#         0c:0b:29:e5:f1:ea:ab:a3:ec:b5:0a:74:90:c7:7d:72:f2:d7:
+#         5c:9f:91:ef:91:8b:b7:dc:ed:66:a2:cf:8e:66:3b:bc:9f:3a:
+#         02:e0:27:dd:16:98:c0:95:d4:0a:a4:e4:81:9a:75:94:35:9c:
+#         90:5f:88:37:06:ad:59:95:0a:b0:d1:67:d3:19:ca:89:e7:32:
+#         5a:36:1c:3e:82:a8:5a:93:be:c6:d0:64:91:b6:cf:d9:b6:18:
+#         cf:db:7e:d2:65:a3:a6:c4:8e:17:31:c1:fb:7e:76:db:d3:85:
+#         e3:58:b2:77:7a:76:3b:6c:2f:50:1c:e7:db:f6:67:79:1f:f5:
+#         82:95:9a:07:a7:14:af:8f:dc:28:21:67:09:d2:d6:4d:5a:1c:
+#         19:1c:8e:77:5c:c3:94:24:3d:32:6b:4b:7e:d4:78:94:83:be:
+#         37:4d:ce:5f:c7:1e:4e:3c:e0:89:33:95:0b:0f:a5:32:d6:3c:
+#         5a:79:2c:19
+
+[p11-kit-object-v1]
+label: "TrustCor RootCert CA-2"
+class: x-certificate-extension
+object-id: 2.5.29.37
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
+modifiable: false
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApyBuwiqiYiSVkHbIOH6A
+0qvBm2UFlPTBChDVAqztn5PHh8iwJytCDD0KPkFannXdjcrgm+xoMqRpkmiMC4EO
+VqA+Gt0sJRSCL5fTZEb0VKncOlQtMSuZgvLZKtfvcQC4MaS+eiQHw0Ig8orUkgQb
+ZVZMbNT7tmFaRyO02Gm0tzrQdDwMdaGMTnah6dsqpTv6zrD/fmoo/SccyLHpKfFX
+bmS00MEVbQ6+Lg5GyF70Uf7vDmM6O3G6z29Zygzjm11JuEziV7GYikJXnHbv773R
+aKjS9Am7dzW+JYIIxBYsRCBWqUQRd+9dtB2qXms+izL2By9XBJLK9f6dwunos45M
+SwIx2eQ8SIIn9xiCdkg6cbEToTnVLsU0wh1ihd8D/k30rz3fXFuN+nDhpX4nx4Yu
+ao8SxoReQ1FQnBmbeOb89u1Hfns9Zu8TE4hfPKFj+/mshzWf84KepD8KnDFpi5mk
+iEqObmZN7xbED3koIWANhRZ911Q48ZJW/bUzTIPc1xCfS/3G+EK9unxzAuD/fc1b
+4dSsYXtX1Up7W9SFWCddv/grYKygJq4UISfGd5ozgDxeRj/3w7GjhjPG6F4NuTUs
+qkbBhQJ1gKDrJPsVquRnf253P/QEii98e+MXYfDdCakgyL4JpNB+RMOyMEo4qqns
+GJoHgivbuJwYrdrgRhesz10CAwEAAQ==
+-----END PUBLIC KEY-----
+
+[p11-kit-object-v1]
+label: "TrustCor RootCert CA-2"
+trusted: true
+nss-mozilla-ca-policy: true
+modifiable: false
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg
+Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD
+VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+
+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq
+1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp
+2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK
+DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape
+az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF
+3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88
+oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM
+g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3
+mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd
+BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U
+nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
+dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+
+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL
+/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX
+CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa
+ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW
+2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7
+N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3
+Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB
+As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp
+5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu
+1uwJ
+-----END CERTIFICATE-----
+#Certificate:
+#    Data:
+#        Version: 3 (0x2)
+#        Serial Number:
+#            25:a1:df:ca:33:cb:59:02
+#    Signature Algorithm: sha256WithRSAEncryption
+#        Issuer: C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-2
+#        Validity
+#            Not Before: Feb  4 12:32:23 2016 GMT
+#            Not After : Dec 31 17:26:39 2034 GMT
+#        Subject: C=PA, ST=Panama, L=Panama City, O=TrustCor Systems S. de R.L., OU=TrustCor Certificate Authority, CN=TrustCor RootCert CA-2
+#        Subject Public Key Info:
+#            Public Key Algorithm: rsaEncryption
+#                Public-Key: (4096 bit)
+#                Modulus:
+#                    00:a7:20:6e:c2:2a:a2:62:24:95:90:76:c8:38:7e:
+#                    80:d2:ab:c1:9b:65:05:94:f4:c1:0a:10:d5:02:ac:
+#                    ed:9f:93:c7:87:c8:b0:27:2b:42:0c:3d:0a:3e:41:
+#                    5a:9e:75:dd:8d:ca:e0:9b:ec:68:32:a4:69:92:68:
+#                    8c:0b:81:0e:56:a0:3e:1a:dd:2c:25:14:82:2f:97:
+#                    d3:64:46:f4:54:a9:dc:3a:54:2d:31:2b:99:82:f2:
+#                    d9:2a:d7:ef:71:00:b8:31:a4:be:7a:24:07:c3:42:
+#                    20:f2:8a:d4:92:04:1b:65:56:4c:6c:d4:fb:b6:61:
+#                    5a:47:23:b4:d8:69:b4:b7:3a:d0:74:3c:0c:75:a1:
+#                    8c:4e:76:a1:e9:db:2a:a5:3b:fa:ce:b0:ff:7e:6a:
+#                    28:fd:27:1c:c8:b1:e9:29:f1:57:6e:64:b4:d0:c1:
+#                    15:6d:0e:be:2e:0e:46:c8:5e:f4:51:fe:ef:0e:63:
+#                    3a:3b:71:ba:cf:6f:59:ca:0c:e3:9b:5d:49:b8:4c:
+#                    e2:57:b1:98:8a:42:57:9c:76:ef:ef:bd:d1:68:a8:
+#                    d2:f4:09:bb:77:35:be:25:82:08:c4:16:2c:44:20:
+#                    56:a9:44:11:77:ef:5d:b4:1d:aa:5e:6b:3e:8b:32:
+#                    f6:07:2f:57:04:92:ca:f5:fe:9d:c2:e9:e8:b3:8e:
+#                    4c:4b:02:31:d9:e4:3c:48:82:27:f7:18:82:76:48:
+#                    3a:71:b1:13:a1:39:d5:2e:c5:34:c2:1d:62:85:df:
+#                    03:fe:4d:f4:af:3d:df:5c:5b:8d:fa:70:e1:a5:7e:
+#                    27:c7:86:2e:6a:8f:12:c6:84:5e:43:51:50:9c:19:
+#                    9b:78:e6:fc:f6:ed:47:7e:7b:3d:66:ef:13:13:88:
+#                    5f:3c:a1:63:fb:f9:ac:87:35:9f:f3:82:9e:a4:3f:
+#                    0a:9c:31:69:8b:99:a4:88:4a:8e:6e:66:4d:ef:16:
+#                    c4:0f:79:28:21:60:0d:85:16:7d:d7:54:38:f1:92:
+#                    56:fd:b5:33:4c:83:dc:d7:10:9f:4b:fd:c6:f8:42:
+#                    bd:ba:7c:73:02:e0:ff:7d:cd:5b:e1:d4:ac:61:7b:
+#                    57:d5:4a:7b:5b:d4:85:58:27:5d:bf:f8:2b:60:ac:
+#                    a0:26:ae:14:21:27:c6:77:9a:33:80:3c:5e:46:3f:
+#                    f7:c3:b1:a3:86:33:c6:e8:5e:0d:b9:35:2c:aa:46:
+#                    c1:85:02:75:80:a0:eb:24:fb:15:aa:e4:67:7f:6e:
+#                    77:3f:f4:04:8a:2f:7c:7b:e3:17:61:f0:dd:09:a9:
+#                    20:c8:be:09:a4:d0:7e:44:c3:b2:30:4a:38:aa:a9:
+#                    ec:18:9a:07:82:2b:db:b8:9c:18:ad:da:e0:46:17:
+#                    ac:cf:5d
+#                Exponent: 65537 (0x10001)
+#        X509v3 extensions:
+#            X509v3 Subject Key Identifier: 
+#                D9:FE:21:40:6E:94:9E:BC:9B:3D:9C:7D:98:20:19:E5:8C:30:62:B2
+#            X509v3 Authority Key Identifier: 
+#                keyid:D9:FE:21:40:6E:94:9E:BC:9B:3D:9C:7D:98:20:19:E5:8C:30:62:B2
+#
+#            X509v3 Basic Constraints: critical
+#                CA:TRUE
+#            X509v3 Key Usage: critical
+#                Digital Signature, Certificate Sign, CRL Sign
+#    Signature Algorithm: sha256WithRSAEncryption
+#         9e:45:9e:0c:3b:b6:ef:e1:3a:c8:7c:d1:00:3d:cf:e2:ea:06:
+#         b5:b2:3a:bb:06:4b:68:7a:d0:23:97:74:a7:2c:f0:08:d8:79:
+#         5a:d7:5a:84:8a:d8:12:9a:1b:d9:7d:5c:4d:70:c5:a5:f9:ab:
+#         e5:a3:89:89:dd:01:fa:ec:dd:f9:e9:92:97:db:b0:46:42:f3:
+#         d3:62:aa:95:fe:31:67:14:69:58:90:0a:aa:0b:ee:37:23:c7:
+#         50:51:b4:f5:7e:9e:e3:7b:f7:e4:cc:42:32:2d:49:0c:cb:ff:
+#         49:0c:9b:1e:34:fd:6e:6e:96:8a:79:03:b6:6f:db:09:cb:fd:
+#         5f:65:14:37:e1:38:f5:f3:61:16:58:e4:b5:6d:0d:0b:04:1b:
+#         3f:50:2d:7f:b3:c7:7a:1a:16:80:60:f8:8a:1f:e9:1b:2a:c6:
+#         f9:ba:01:1a:69:bf:d2:58:c7:54:57:08:8f:e1:39:60:77:4b:
+#         ac:59:84:1a:88:f1:dd:cb:4f:78:d7:e7:e1:33:2d:fc:ee:41:
+#         fa:20:b0:be:cb:f7:38:94:c0:e1:d0:85:0f:bb:ed:2c:73:ab:
+#         ed:fe:92:76:1a:64:7f:5b:0d:33:09:07:33:7b:06:3f:11:a4:
+#         5c:70:3c:85:c0:cf:e3:90:a8:83:77:fa:db:e6:c5:8c:68:67:
+#         10:67:a5:52:2d:f0:c4:99:8f:7f:bf:d1:6b:e2:b5:47:d6:d9:
+#         d0:85:99:4d:94:9b:0f:4b:8d:ee:00:5a:47:1d:11:03:ac:41:
+#         18:af:87:b7:6f:0c:3a:8f:ca:cf:dc:03:c1:a2:09:c8:e5:fd:
+#         80:5e:c8:60:42:01:1b:1a:53:5a:bb:37:a6:b7:bc:ba:84:e9:
+#         1e:6c:1a:d4:64:da:d4:43:fe:93:8b:4b:f2:2c:79:16:10:d4:
+#         93:0b:88:8f:a1:d8:86:14:46:91:47:9b:28:24:ef:57:52:4e:
+#         5c:42:9c:aa:f7:49:ec:27:e8:40:1e:b3:a6:89:22:72:9c:f5:
+#         0d:33:b4:58:a3:30:3b:dd:d4:6a:54:93:be:1a:4d:f3:93:94:
+#         f7:fc:84:0b:3f:84:20:5c:34:03:44:c5:da:ad:bc:0a:c1:02:
+#         cf:1e:e5:94:d9:f3:8e:5b:d8:4c:f0:9d:ec:61:17:bb:14:32:
+#         54:0c:02:29:93:1e:92:86:f6:7f:ef:e7:92:05:0e:59:dd:99:
+#         08:2e:2e:fa:9c:00:52:d3:c5:66:29:e4:a7:97:44:a4:0e:28:
+#         81:13:35:c5:f6:6f:64:e6:41:c4:d5:2f:cc:34:45:25:cf:41:
+#         00:96:3d:4a:2e:c2:96:98:4f:4e:4a:9c:97:b7:db:1f:92:32:
+#         c8:ff:0f:51:6e:d6:ec:09
+
 [p11-kit-object-v1]
 label: "Trustis FPS Root CA"
 class: x-certificate-extension
@@ -20390,119 +16119,11 @@ ZetX2fNXlrtIzYE=
 #         f6:25:88:1e:97:cc:21:9c:29:01:0d:65:eb:57:d9:f3:57:96:
 #         bb:48:cd:81
 
-[p11-kit-object-v1]
-label: "T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBk
-cK4hgb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGH
-V2yKO7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEh
-TsXOfJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1
-jmKwlZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmP
-i+oLhmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNA
-gQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
-MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
-bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
-VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
-YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
-dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
-ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
-Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
-GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
-aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
-QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
-xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
-aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
-IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
-gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
-O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
-fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
-lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
-hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
-AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
-NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
-wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
-7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
-gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
-oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
-yZyQ2uypQjyttgI=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number: 17 (0x11)
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=TR, L=Gebze - Kocaeli, O=T\xC3\xBCrkiye Bilimsel ve Teknolojik Ara\xC5\x9Ft\xC4\xB1rma Kurumu - T\xC3\x9CB\xC4\xB0TAK, OU=Ulusal Elektronik ve Kriptoloji Ara\xC5\x9Ft\xC4\xB1rma Enstit\xC3\xBCs\xC3\xBC - UEKAE, OU=Kamu Sertifikasyon Merkezi, CN=T\xC3\x9CB\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1 - S\xC3\xBCr\xC3\xBCm 3
-#        Validity
-#            Not Before: Aug 24 11:37:07 2007 GMT
-#            Not After : Aug 21 11:37:07 2017 GMT
-#        Subject: C=TR, L=Gebze - Kocaeli, O=T\xC3\xBCrkiye Bilimsel ve Teknolojik Ara\xC5\x9Ft\xC4\xB1rma Kurumu - T\xC3\x9CB\xC4\xB0TAK, OU=Ulusal Elektronik ve Kriptoloji Ara\xC5\x9Ft\xC4\xB1rma Enstit\xC3\xBCs\xC3\xBC - UEKAE, OU=Kamu Sertifikasyon Merkezi, CN=T\xC3\x9CB\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1 - S\xC3\xBCr\xC3\xBCm 3
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:8a:6d:4b:ff:10:88:3a:c3:f6:7e:94:e8:ea:20:
-#                    64:70:ae:21:81:be:3a:7b:3c:db:f1:1d:52:7f:59:
-#                    fa:f3:22:4c:95:a0:90:bc:48:4e:11:ab:fb:b7:b5:
-#                    8d:7a:83:28:8c:26:46:d8:4e:95:40:87:61:9f:c5:
-#                    9e:6d:81:87:57:6c:8a:3b:b4:66:ea:cc:40:fc:e3:
-#                    aa:6c:b2:cb:01:db:32:bf:d2:eb:85:cf:a1:0d:55:
-#                    c3:5b:38:57:70:b8:75:c6:79:d1:14:30:ed:1b:58:
-#                    5b:6b:ef:35:f2:a1:21:4e:c5:ce:7c:99:5f:6c:b9:
-#                    b8:22:93:50:a7:cd:4c:70:6a:be:6a:05:7f:13:9c:
-#                    2b:1e:ea:fe:47:ce:04:a5:6f:ac:93:2e:7c:2b:9f:
-#                    9e:79:13:91:e8:ea:9e:ca:38:75:8e:62:b0:95:93:
-#                    2a:e5:df:e9:5e:97:6e:20:5f:5f:84:7a:44:39:19:
-#                    40:1c:ba:55:2b:fb:30:b2:81:ef:84:e3:dc:ec:98:
-#                    38:39:03:85:08:a9:54:03:05:29:f0:c9:8f:8b:ea:
-#                    0b:86:65:19:11:d3:e9:09:23:de:68:93:03:c9:36:
-#                    1c:21:6e:ce:8c:66:f1:99:30:d8:d7:b3:c3:1d:f8:
-#                    81:2e:a8:bd:82:0b:66:fe:82:cb:e1:e0:1a:82:c3:
-#                    40:81
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Subject Key Identifier: 
-#                BD:88:87:C9:8F:F6:A4:0A:0B:AA:EB:C5:FE:91:23:9D:AB:4A:8A:32
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#    Signature Algorithm: sha1WithRSAEncryption
-#         1d:7c:fa:49:8f:34:e9:b7:26:92:16:9a:05:74:e7:4b:d0:6d:
-#         39:6c:c3:26:f6:ce:b8:31:bc:c4:df:bc:2a:f8:37:91:18:dc:
-#         04:c8:64:99:2b:18:6d:80:03:59:c9:ae:f8:58:d0:3e:ed:c3:
-#         23:9f:69:3c:86:38:1c:9e:ef:da:27:78:d1:84:37:71:8a:3c:
-#         4b:39:cf:7e:45:06:d6:2d:d8:8a:4d:78:12:d6:ad:c2:d3:cb:
-#         d2:d0:41:f3:26:36:4a:9b:95:6c:0c:ee:e5:d1:43:27:66:c1:
-#         88:f7:7a:b3:20:6c:ea:b0:69:2b:c7:20:e8:0c:03:c4:41:05:
-#         99:e2:3f:e4:6b:f8:a0:86:81:c7:84:c6:1f:d5:4b:81:12:b2:
-#         16:21:2c:13:a1:80:b2:5e:0c:4a:13:9e:20:d8:62:40:ab:90:
-#         ea:64:4a:2f:ac:0d:01:12:79:45:a8:2f:87:19:68:c8:e2:85:
-#         c7:30:b2:75:f9:38:3f:b2:c0:93:b4:6b:e2:03:44:ce:67:a0:
-#         df:89:d6:ad:8c:76:a3:13:c3:94:61:2b:6b:d9:6c:c1:07:0a:
-#         22:07:85:6c:85:24:46:a9:be:3f:8b:78:84:82:7e:24:0c:9d:
-#         fd:81:37:e3:25:a8:ed:36:4e:95:2c:c9:9c:90:da:ec:a9:42:
-#         3c:ad:b6:02
-
 [p11-kit-object-v1]
 label: "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHw
@@ -20606,7 +16227,7 @@ Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
 label: "USERTrust ECC Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGqxUWqn5aCPnetUkb1PGWthLq8bVttHm
@@ -20678,7 +16299,7 @@ RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg=
 label: "USERTrust RSA Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sIs9CsVw12
@@ -20936,345 +16557,11 @@ USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ=
 #         f8:d0:8e:f2:f3:c6:ae:28:5b:a7:f0:f3:36:17:fc:c3:05:d3:
 #         ca:03:4a:54
 
-[p11-kit-object-v1]
-label: "UTN USERFirst Hardware Root CA"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsffDOD+0qH/POYJRZ9Bt
-n9L/WPPnnyvsDYlUmbk4mRb34CF5SMK7YXQSlh08anLVPBBnOjntKxPNZuuVCTOk
-bJex6MbswXV5nEZejavQav25KlUXEFSzGfCa9vGxXbanbfvgcRdrooj7AN/+GjF3
-DJoBerEy4ysBBzhuw6VeI7xFm3tQwckwj9vlK3rTW/szQB6g1ZgXvIuHw4nTXaCO
-sqqq9o5piAbF+okh8widaS4JM5spDUYPjMxJNLBpUb35Bs1orWZMvD6sYb0KiA7I
-3z3ufARMnQpea5HW7sftKI2rTYeJc9BupNAeFosU4XZEA39jrOTNSZzFkvSrMqFI
-WwIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "UTN USERFirst Hardware Root CA"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
-A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
-MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
-d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
-cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
-0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
-M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
-MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
-oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
-DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
-oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
-dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
-bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
-BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
-CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
-CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
-3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
-KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Validity
-#            Not Before: Jul  9 18:10:42 1999 GMT
-#            Not After : Jul  9 18:19:22 2019 GMT
-#        Subject: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:b1:f7:c3:38:3f:b4:a8:7f:cf:39:82:51:67:d0:
-#                    6d:9f:d2:ff:58:f3:e7:9f:2b:ec:0d:89:54:99:b9:
-#                    38:99:16:f7:e0:21:79:48:c2:bb:61:74:12:96:1d:
-#                    3c:6a:72:d5:3c:10:67:3a:39:ed:2b:13:cd:66:eb:
-#                    95:09:33:a4:6c:97:b1:e8:c6:ec:c1:75:79:9c:46:
-#                    5e:8d:ab:d0:6a:fd:b9:2a:55:17:10:54:b3:19:f0:
-#                    9a:f6:f1:b1:5d:b6:a7:6d:fb:e0:71:17:6b:a2:88:
-#                    fb:00:df:fe:1a:31:77:0c:9a:01:7a:b1:32:e3:2b:
-#                    01:07:38:6e:c3:a5:5e:23:bc:45:9b:7b:50:c1:c9:
-#                    30:8f:db:e5:2b:7a:d3:5b:fb:33:40:1e:a0:d5:98:
-#                    17:bc:8b:87:c3:89:d3:5d:a0:8e:b2:aa:aa:f6:8e:
-#                    69:88:06:c5:fa:89:21:f3:08:9d:69:2e:09:33:9b:
-#                    29:0d:46:0f:8c:cc:49:34:b0:69:51:bd:f9:06:cd:
-#                    68:ad:66:4c:bc:3e:ac:61:bd:0a:88:0e:c8:df:3d:
-#                    ee:7c:04:4c:9d:0a:5e:6b:91:d6:ee:c7:ed:28:8d:
-#                    ab:4d:87:89:73:d0:6e:a4:d0:1e:16:8b:14:e1:76:
-#                    44:03:7f:63:ac:e4:cd:49:9c:c5:92:f4:ab:32:a1:
-#                    48:5b
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: 
-#                Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Subject Key Identifier: 
-#                A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.usertrust.com/UTN-USERFirst-Hardware.crl
-#
-#            X509v3 Extended Key Usage: 
-#                TLS Web Server Authentication, IPSec End System, IPSec Tunnel, IPSec User
-#    Signature Algorithm: sha1WithRSAEncryption
-#         47:19:0f:de:74:c6:99:97:af:fc:ad:28:5e:75:8e:eb:2d:67:
-#         ee:4e:7b:2b:d7:0c:ff:f6:de:cb:55:a2:0a:e1:4c:54:65:93:
-#         60:6b:9f:12:9c:ad:5e:83:2c:eb:5a:ae:c0:e4:2d:f4:00:63:
-#         1d:b8:c0:6c:f2:cf:49:bb:4d:93:6f:06:a6:0a:22:b2:49:62:
-#         08:4e:ff:c8:c8:14:b2:88:16:5d:e7:01:e4:12:95:e5:45:34:
-#         b3:8b:69:bd:cf:b4:85:8f:75:51:9e:7d:3a:38:3a:14:48:12:
-#         c6:fb:a7:3b:1a:8d:0d:82:40:07:e8:04:08:90:a1:89:cb:19:
-#         50:df:ca:1c:01:bc:1d:04:19:7b:10:76:97:3b:ee:90:90:ca:
-#         c4:0e:1f:16:6e:75:ef:33:f8:d3:6f:5b:1e:96:e3:e0:74:77:
-#         74:7b:8a:a2:6e:2d:dd:76:d6:39:30:82:f0:ab:9c:52:f2:2a:
-#         c7:af:49:5e:7e:c7:68:e5:82:81:c8:6a:27:f9:27:88:2a:d5:
-#         58:50:95:1f:f0:3b:1c:57:bb:7d:14:39:62:2b:9a:c9:94:92:
-#         2a:a3:22:0c:ff:89:26:7d:5f:23:2b:47:d7:15:1d:a9:6a:9e:
-#         51:0d:2a:51:9e:81:f9:d4:3b:5e:70:12:7f:10:32:9c:1e:bb:
-#         9d:f8:66:a8
-
-[p11-kit-object-v1]
-label: "UTN USERFirst Object Root CA"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqqBP6OjYXiqMQBVlRGe
-Jw8fHN86m4JoMMBKYR3xLw76vnn3pSPvVVGWhM3b47luPjHYCiBnx/TZv5TrRwQ+
-As4qol2HBAn2MJ0Yipeyqhz8QdKhNsv7PZG659lwNfrk55DDm6Ob0zz1Epl3sbcJ
-4GjmHLjzlGOIamr+C3bJvvQi5Ge5qxped8GFB90NbL/uBsd3akGepw/X++6UF7f8
-hb6kq8QcMd3XttHk8O/fFo+yUpPXodSJoQcuv+EBEkIeGuHYlTTbZHko/7ouEcLl
-6FuSSPtHC8Js2q0yg0HzpeVBcP1lkG36+lHE+b2WKxkELNNtp9zwf2+DZeJqq4eG
-dQIDAQAB
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "UTN USERFirst Object Root CA"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIEZjCCA06gAwIBAgIQRL4Mi1AAJLQR0zYt4LNfGzANBgkqhkiG9w0BAQUFADCB
-lTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3Qt
-T2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAzNlowgZUxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAc
-BgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3
-dy51c2VydHJ1c3QuY29tMR0wGwYDVQQDExRVVE4tVVNFUkZpcnN0LU9iamVjdDCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6qgT+jo2F4qjEAVZURnicP
-HxzfOpuCaDDASmEd8S8O+r5596Uj71VRloTN2+O5bj4x2AogZ8f02b+U60cEPgLO
-KqJdhwQJ9jCdGIqXsqoc/EHSoTbL+z2RuufZcDX65OeQw5ujm9M89RKZd7G3CeBo
-5hy485RjiGpq/gt2yb70IuRnuasaXnfBhQfdDWy/7gbHd2pBnqcP1/vulBe3/IW+
-pKvEHDHd17bR5PDv3xaPslKT16HUiaEHLr/hARJCHhrh2JU022R5KP+6LhHC5ehb
-kkj7RwvCbNqtMoNB86XlQXD9ZZBt+vpRxPm9lisZBCzTbafc8H9vg2XiaquHhnUC
-AwEAAaOBrzCBrDALBgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQU2u1kdBScFDyr3ZmpvVsoTYs8ydgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
-L2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VSRmlyc3QtT2JqZWN0LmNybDApBgNV
-HSUEIjAgBggrBgEFBQcDAwYIKwYBBQUHAwgGCisGAQQBgjcKAwQwDQYJKoZIhvcN
-AQEFBQADggEBAAgfUrE3RHjb/c652pWWmKpVZIC1WkDdIaXFwfNfLEzIR1pp6ujw
-NTX00CXzyKakh0q9G7FzCL3Uw8q2NbtZhncxzaeAFK4T7/yxSPlrJSUtUbYsbUXB
-mMiKVl0+7kNOPmsnjtA6S4ULX9Ptaqd1y9Fahy85dRNacrACgZ++8A+EVCBibGnU
-4U3GDZlDAQ0Slox4nb9QorFEqmrPF3rPbw/U+CRVX/A0FklmPlBGyWNxODFiuGK5
-81OtbLUrohKqGU8J2l7nk8aOFAj+8DCAGKCGhU3IfdeLA/5u1fedFqySLKAj5ZyR
-Uh+U3xeUc8OzwcFxBSAAeL0TUh2oPs0AH8g=
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
-#        Validity
-#            Not Before: Jul  9 18:31:20 1999 GMT
-#            Not After : Jul  9 18:40:36 2019 GMT
-#        Subject: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:ce:aa:81:3f:a3:a3:61:78:aa:31:00:55:95:11:
-#                    9e:27:0f:1f:1c:df:3a:9b:82:68:30:c0:4a:61:1d:
-#                    f1:2f:0e:fa:be:79:f7:a5:23:ef:55:51:96:84:cd:
-#                    db:e3:b9:6e:3e:31:d8:0a:20:67:c7:f4:d9:bf:94:
-#                    eb:47:04:3e:02:ce:2a:a2:5d:87:04:09:f6:30:9d:
-#                    18:8a:97:b2:aa:1c:fc:41:d2:a1:36:cb:fb:3d:91:
-#                    ba:e7:d9:70:35:fa:e4:e7:90:c3:9b:a3:9b:d3:3c:
-#                    f5:12:99:77:b1:b7:09:e0:68:e6:1c:b8:f3:94:63:
-#                    88:6a:6a:fe:0b:76:c9:be:f4:22:e4:67:b9:ab:1a:
-#                    5e:77:c1:85:07:dd:0d:6c:bf:ee:06:c7:77:6a:41:
-#                    9e:a7:0f:d7:fb:ee:94:17:b7:fc:85:be:a4:ab:c4:
-#                    1c:31:dd:d7:b6:d1:e4:f0:ef:df:16:8f:b2:52:93:
-#                    d7:a1:d4:89:a1:07:2e:bf:e1:01:12:42:1e:1a:e1:
-#                    d8:95:34:db:64:79:28:ff:ba:2e:11:c2:e5:e8:5b:
-#                    92:48:fb:47:0b:c2:6c:da:ad:32:83:41:f3:a5:e5:
-#                    41:70:fd:65:90:6d:fa:fa:51:c4:f9:bd:96:2b:19:
-#                    04:2c:d3:6d:a7:dc:f0:7f:6f:83:65:e2:6a:ab:87:
-#                    86:75
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: 
-#                Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Subject Key Identifier: 
-#                DA:ED:64:74:14:9C:14:3C:AB:DD:99:A9:BD:5B:28:4D:8B:3C:C9:D8
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://crl.usertrust.com/UTN-USERFirst-Object.crl
-#
-#            X509v3 Extended Key Usage: 
-#                Code Signing, Time Stamping, Microsoft Encrypted File System
-#    Signature Algorithm: sha1WithRSAEncryption
-#         08:1f:52:b1:37:44:78:db:fd:ce:b9:da:95:96:98:aa:55:64:
-#         80:b5:5a:40:dd:21:a5:c5:c1:f3:5f:2c:4c:c8:47:5a:69:ea:
-#         e8:f0:35:35:f4:d0:25:f3:c8:a6:a4:87:4a:bd:1b:b1:73:08:
-#         bd:d4:c3:ca:b6:35:bb:59:86:77:31:cd:a7:80:14:ae:13:ef:
-#         fc:b1:48:f9:6b:25:25:2d:51:b6:2c:6d:45:c1:98:c8:8a:56:
-#         5d:3e:ee:43:4e:3e:6b:27:8e:d0:3a:4b:85:0b:5f:d3:ed:6a:
-#         a7:75:cb:d1:5a:87:2f:39:75:13:5a:72:b0:02:81:9f:be:f0:
-#         0f:84:54:20:62:6c:69:d4:e1:4d:c6:0d:99:43:01:0d:12:96:
-#         8c:78:9d:bf:50:a2:b1:44:aa:6a:cf:17:7a:cf:6f:0f:d4:f8:
-#         24:55:5f:f0:34:16:49:66:3e:50:46:c9:63:71:38:31:62:b8:
-#         62:b9:f3:53:ad:6c:b5:2b:a2:12:aa:19:4f:09:da:5e:e7:93:
-#         c6:8e:14:08:fe:f0:30:80:18:a0:86:85:4d:c8:7d:d7:8b:03:
-#         fe:6e:d5:f7:9d:16:ac:92:2c:a0:23:e5:9c:91:52:1f:94:df:
-#         17:94:73:c3:b3:c1:c1:71:05:20:00:78:bd:13:52:1d:a8:3e:
-#         cd:00:1f:c8
-
-
-[p11-kit-object-v1]
-label: "VeriSign-C3SSA-G2-temporary-intermediate-after-1024bit-removal"
-trusted: false
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFOTCCBCGgAwIBAgIQLwBuzRdwZudfo4IKeR8FrjANBgkqhkiG9w0BAQUFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMDkwMzI2MDAwMDAwWhcNMTkwMzI0MjM1OTU5WjCBtTEL
-MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
-ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg
-aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwOTEvMC0GA1UEAxMmVmVy
-aVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzIwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQDUVo9XOzcopkBj0pXVBXTatRlqltZxVy/iwDSM
-oJWzjOE3JPMu7UNFBY6J1/raSrX4Po1Ox/lJUEU3QJ90qqBRVWHxYISJpZ6AjS+w
-IapFgsTPtBR/RxUgKIKwaBLArlwH1/ZZzMtiVlxNSf8miKtUUTovStoOmOKJcrn8
-92g8xB85essXgfMMrQ/cYWIbEAsEHikYcV5iy0PevjG6cQIZTiapUdqMZGkD3pz9
-ff17Ybz8hHyIXLTDe+1fK0YS8f0AAZqLW+mjBS6PLlve8xt4+GaRCMBeztWwNsrU
-qHugffkwer/43RlRKyC6/qfPoU6wZ/WAqiuDLtKOVImOHikLAgMBAAGjggEsMIIB
-KDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjApBgNVHREEIjAg
-pB4wHDEaMBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNTIwHQYDVR0OBBYEFKXvCxHO
-wEEDo0plkEiyHOBXLX1HMGYGA1UdIARfMF0wWwYLYIZIAYb4RQEHFwMwTDAjBggr
-BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
-aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDov
-L3Muc3ltY2IuY29tL3BjYTMtZzUuY3JsMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ
-80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQArjhTM7IYIYDeLbGWJJSHeL1Ki
-B55Y07MWeAGZUZW0E3fMd90LXIE31r72YtYENwsYc5rT9sGiHm2cu4wR5j4SXgdf
-C4NcdALgUPSxJhttxujpv025ARUZ7FCa+RHwgVhDLE0RQLNaRgimXnOhiBI1jP8D
-Or3Wnfrn3Ja5GmQ+xP3ZCrZlnrqlqFj8OyLwolfuildHnHfHJeGsNAVN84J+QSO6
-tFfz58YBZddNiZkcaU1eePbrcnE9ssSVAZ9dDLcvJaZceUHvnsRnPKGdf3E60JWX
-7HhCdJhuvj5oTFc8qJNBhwvkua+R+1BMDLrAJCfRFdtlSCEKL9fcfqDMZX55
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            2f:00:6e:cd:17:70:66:e7:5f:a3:82:0a:79:1f:05:ae
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
-#        Validity
-#            Not Before: Mar 26 00:00:00 2009 GMT
-#            Not After : Mar 24 23:59:59 2019 GMT
-#        Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Secure Server CA - G2
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (2048 bit)
-#                Modulus:
-#                    00:d4:56:8f:57:3b:37:28:a6:40:63:d2:95:d5:05:
-#                    74:da:b5:19:6a:96:d6:71:57:2f:e2:c0:34:8c:a0:
-#                    95:b3:8c:e1:37:24:f3:2e:ed:43:45:05:8e:89:d7:
-#                    fa:da:4a:b5:f8:3e:8d:4e:c7:f9:49:50:45:37:40:
-#                    9f:74:aa:a0:51:55:61:f1:60:84:89:a5:9e:80:8d:
-#                    2f:b0:21:aa:45:82:c4:cf:b4:14:7f:47:15:20:28:
-#                    82:b0:68:12:c0:ae:5c:07:d7:f6:59:cc:cb:62:56:
-#                    5c:4d:49:ff:26:88:ab:54:51:3a:2f:4a:da:0e:98:
-#                    e2:89:72:b9:fc:f7:68:3c:c4:1f:39:7a:cb:17:81:
-#                    f3:0c:ad:0f:dc:61:62:1b:10:0b:04:1e:29:18:71:
-#                    5e:62:cb:43:de:be:31:ba:71:02:19:4e:26:a9:51:
-#                    da:8c:64:69:03:de:9c:fd:7d:fd:7b:61:bc:fc:84:
-#                    7c:88:5c:b4:c3:7b:ed:5f:2b:46:12:f1:fd:00:01:
-#                    9a:8b:5b:e9:a3:05:2e:8f:2e:5b:de:f3:1b:78:f8:
-#                    66:91:08:c0:5e:ce:d5:b0:36:ca:d4:a8:7b:a0:7d:
-#                    f9:30:7a:bf:f8:dd:19:51:2b:20:ba:fe:a7:cf:a1:
-#                    4e:b0:67:f5:80:aa:2b:83:2e:d2:8e:54:89:8e:1e:
-#                    29:0b
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE, pathlen:0
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Subject Alternative Name: 
-#                DirName:/CN=Class3CA2048-1-52
-#            X509v3 Subject Key Identifier: 
-#                A5:EF:0B:11:CE:C0:41:03:A3:4A:65:90:48:B2:1C:E0:57:2D:7D:47
-#            X509v3 Certificate Policies: 
-#                Policy: 2.16.840.1.113733.1.7.23.3
-#                  CPS: https://d.symcb.com/cps
-#                  User Notice:
-#                    Explicit Text: https://d.symcb.com/rpa
-#
-#            X509v3 CRL Distribution Points: 
-#
-#                Full Name:
-#                  URI:http://s.symcb.com/pca3-g5.crl
-#
-#            X509v3 Authority Key Identifier: 
-#                keyid:7F:D3:65:A7:C2:DD:EC:BB:F0:30:09:F3:43:39:FA:02:AF:33:31:33
-#
-#    Signature Algorithm: sha1WithRSAEncryption
-#         2b:8e:14:cc:ec:86:08:60:37:8b:6c:65:89:25:21:de:2f:52:
-#         a2:07:9e:58:d3:b3:16:78:01:99:51:95:b4:13:77:cc:77:dd:
-#         0b:5c:81:37:d6:be:f6:62:d6:04:37:0b:18:73:9a:d3:f6:c1:
-#         a2:1e:6d:9c:bb:8c:11:e6:3e:12:5e:07:5f:0b:83:5c:74:02:
-#         e0:50:f4:b1:26:1b:6d:c6:e8:e9:bf:4d:b9:01:15:19:ec:50:
-#         9a:f9:11:f0:81:58:43:2c:4d:11:40:b3:5a:46:08:a6:5e:73:
-#         a1:88:12:35:8c:ff:03:3a:bd:d6:9d:fa:e7:dc:96:b9:1a:64:
-#         3e:c4:fd:d9:0a:b6:65:9e:ba:a5:a8:58:fc:3b:22:f0:a2:57:
-#         ee:8a:57:47:9c:77:c7:25:e1:ac:34:05:4d:f3:82:7e:41:23:
-#         ba:b4:57:f3:e7:c6:01:65:d7:4d:89:99:1c:69:4d:5e:78:f6:
-#         eb:72:71:3d:b2:c4:95:01:9f:5d:0c:b7:2f:25:a6:5c:79:41:
-#         ef:9e:c4:67:3c:a1:9d:7f:71:3a:d0:95:97:ec:78:42:74:98:
-#         6e:be:3e:68:4c:57:3c:a8:93:41:87:0b:e4:b9:af:91:fb:50:
-#         4c:0c:ba:c0:24:27:d1:15:db:65:48:21:0a:2f:d7:dc:7e:a0:
-#         cc:65:7e:79
-
 [p11-kit-object-v1]
 label: "VeriSign Class 3 Public Primary Certification Authority - G4"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEp1Z6fFLaZJsOLVzYXqySPf4B5hlKPRQD
@@ -21353,7 +16640,7 @@ FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
 label: "VeriSign Class 3 Public Primary Certification Authority - G5"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryQICCl6NZ5gDKrnSztO
@@ -21462,7 +16749,7 @@ hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
 label: "VeriSign Universal Root Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1ha
@@ -21763,7 +17050,7 @@ cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q
 label: "Verisign Class 3 Public Primary Certification Authority - G3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7qcUvx4Hxoebxs3c734
@@ -21859,7 +17146,7 @@ TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
 label: "Visa eCommerce Root"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1feVh5uodpgsZQnyxfb
@@ -21956,304 +17243,11 @@ LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
 #         df:df:33:9c:cf:e3:ad:ae:8e:d4:8e:e6:4f:51:af:16:92:e0:
 #         5c:f6:07:0f
 
-[p11-kit-object-v1]
-label: "WoSign"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqNrLiRFVaXe2tcesLe
-a9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1UfcIiePyOCbiohdfM
-lZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcSccf+Hb0v1naMQFXQoO
-XXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2ZjC1vt7tj/id07sB
-MOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4Mx1wdC34FMr5esAkq
-QtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpRaG53/Ma/UkpmRqGy
-Zxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjchzDBwyYaYD8xYTYO7
-feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDaruHqklWJqbrDKaiFa
-afPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221KmYo0SLwX3OSACCK2
-8jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvASh0JWzko/amrzgD5
-LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWvHYG3Dy+MwwbMLyej
-SuQOmbp8HkUff6oZRZb9/D0CAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "WoSign"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
-BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
-MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
-b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
-rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
-fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
-f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
-ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
-x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
-aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
-zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
-uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
-mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
-Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
-HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
-EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
-MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
-JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
-g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
-dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
-R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
-PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
-xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
-J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
-OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
-ee5Ehr7XHuQe+w==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
-#    Signature Algorithm: sha1WithRSAEncryption
-#        Issuer: C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
-#        Validity
-#            Not Before: Aug  8 01:00:01 2009 GMT
-#            Not After : Aug  8 01:00:01 2039 GMT
-#        Subject: C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:bd:ca:8d:ac:b8:91:15:56:97:7b:6b:5c:7a:c2:
-#                    de:6b:d9:a1:b0:c3:10:23:fa:a7:a1:b2:cc:31:fa:
-#                    3e:d9:a6:29:6f:16:3d:e0:6b:f8:b8:40:5f:db:39:
-#                    a8:00:7a:8b:a0:4d:54:7d:c2:22:78:fc:8e:09:b8:
-#                    a8:85:d7:cc:95:97:4b:74:d8:9e:7e:f0:00:e4:0e:
-#                    89:ae:49:28:44:1a:10:99:32:0f:25:88:53:a4:0d:
-#                    b3:0f:12:08:16:0b:03:71:27:1c:7f:e1:db:d2:fd:
-#                    67:68:c4:05:5d:0a:0e:5d:70:d7:d8:97:a0:bc:53:
-#                    41:9a:91:8d:f4:9e:36:66:7a:7e:56:c1:90:5f:e6:
-#                    b1:68:20:36:a4:8c:24:2c:2c:47:0b:59:76:66:30:
-#                    b5:be:de:ed:8f:f8:9d:d3:bb:01:30:e6:f2:f3:0e:
-#                    e0:2c:92:80:f3:85:f9:28:8a:b4:54:2e:9a:ed:f7:
-#                    76:fc:15:68:16:eb:4a:6c:eb:2e:12:8f:d4:cf:fe:
-#                    0c:c7:5c:1d:0b:7e:05:32:be:5e:b0:09:2a:42:d5:
-#                    c9:4e:90:b3:59:0d:bb:7a:7e:cd:d5:08:5a:b4:7f:
-#                    d8:1c:69:11:f9:27:0f:7b:06:af:54:83:18:7b:e1:
-#                    dd:54:7a:51:68:6e:77:fc:c6:bf:52:4a:66:46:a1:
-#                    b2:67:1a:bb:a3:4f:77:a0:be:5d:ff:fc:56:0b:43:
-#                    72:77:90:ca:9e:f9:f2:39:f5:0d:a9:f4:ea:d7:e7:
-#                    b3:10:2f:30:42:37:21:cc:30:70:c9:86:98:0f:cc:
-#                    58:4d:83:bb:7d:e5:1a:a5:37:8d:b6:ac:32:97:00:
-#                    3a:63:71:24:1e:9e:37:c4:ff:74:d4:37:c0:e2:fe:
-#                    88:46:60:11:dd:08:3f:50:36:ab:b8:7a:a4:95:62:
-#                    6a:6e:b0:ca:6a:21:5a:69:f3:f3:fb:1d:70:39:95:
-#                    f3:a7:6e:a6:81:89:a1:88:c5:3b:71:ca:a3:52:ee:
-#                    83:bb:fd:a0:77:f4:e4:6f:e7:42:db:6d:4a:99:8a:
-#                    34:48:bc:17:dc:e4:80:08:22:b6:f2:31:c0:3f:04:
-#                    3e:eb:9f:20:79:d6:b8:06:64:64:02:31:d7:a9:cd:
-#                    52:fb:84:45:69:09:00:2a:dc:55:8b:c4:06:46:4b:
-#                    c0:4a:1d:09:5b:39:28:fd:a9:ab:ce:00:f9:2e:48:
-#                    4b:26:e6:30:4c:a5:58:ca:b4:44:82:4f:e7:91:1e:
-#                    33:c3:b0:93:ff:11:fc:81:d2:ca:1f:71:29:dd:76:
-#                    4f:92:25:af:1d:81:b7:0f:2f:8c:c3:06:cc:2f:27:
-#                    a3:4a:e4:0e:99:ba:7c:1e:45:1f:7f:aa:19:45:96:
-#                    fd:fc:3d
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Subject Key Identifier: 
-#                E1:66:CF:0E:D1:F1:B3:4B:B7:06:20:14:FE:87:12:D5:F6:FE:FB:3E
-#    Signature Algorithm: sha1WithRSAEncryption
-#         a8:cb:72:40:b2:76:c1:7e:7b:fc:ad:64:e3:32:7b:cc:3c:b6:
-#         5d:46:d3:f5:2c:e2:70:5d:c8:2e:d8:06:7d:98:d1:0b:21:a0:
-#         89:59:24:01:9d:f9:af:09:7d:0a:23:82:34:d5:fc:7c:72:99:
-#         b9:a3:d7:54:f4:ea:52:70:0e:c5:f5:d6:3b:e1:3a:09:32:e6:
-#         21:39:93:bd:b3:15:ea:4f:6a:f4:f5:8b:3f:2f:7c:8d:58:2e:
-#         c5:e1:39:a0:3e:c7:3d:4a:73:9e:40:7a:c0:2b:61:a9:67:c9:
-#         f3:24:b9:b3:6d:55:2c:5a:1d:9e:25:72:ce:0b:ad:aa:c7:55:
-#         62:0b:be:fb:63:b3:61:44:23:a3:cb:e1:1a:0e:f7:9a:06:4d:
-#         de:d4:23:4e:21:96:5b:39:5b:57:1d:2f:5d:08:5e:09:79:ff:
-#         7c:97:b5:4d:83:ae:0d:d6:e6:a3:79:e0:33:d0:99:96:02:30:
-#         a7:3e:ff:d2:a3:43:3f:05:5a:06:ea:44:02:da:7c:f8:48:d0:
-#         33:a9:f9:07:c7:95:e1:f5:3e:f5:5d:71:ba:f2:95:a9:74:88:
-#         61:59:e3:bf:ca:5a:13:ba:72:b4:8c:5d:36:87:e9:a6:c5:3c:
-#         13:bf:de:d0:44:26:ee:b7:ec:2e:70:fa:d7:9d:b7:ac:e5:c5:
-#         40:5a:e6:d7:6c:7b:2c:c3:56:9b:47:cd:0b:ce:fa:1b:b4:21:
-#         d7:b7:66:b8:f4:25:30:8b:5c:0d:b9:ea:67:b2:f4:6d:ae:d5:
-#         a1:9e:4f:d8:9f:e9:27:02:b0:1d:06:d6:8f:e3:fb:48:12:9f:
-#         7f:11:a1:10:3e:4c:51:3a:96:b0:d1:13:f1:c7:d8:26:ae:3a:
-#         ca:91:c4:69:9d:df:01:29:64:51:6f:68:da:14:ec:08:41:97:
-#         90:8d:d0:b2:80:f2:cf:c2:3d:bf:91:68:c5:80:67:1e:c4:60:
-#         13:55:d5:61:99:57:7c:ba:95:0f:61:49:3a:ca:75:bc:c9:0a:
-#         93:3f:67:0e:12:f2:28:e2:31:1b:c0:57:16:df:08:7c:19:c1:
-#         7e:0f:1f:85:1e:0a:36:7c:5b:7e:27:bc:7a:bf:e0:db:f4:da:
-#         52:bd:de:0c:54:70:31:91:43:95:c8:bc:f0:3e:dd:09:7e:30:
-#         64:50:ed:7f:01:a4:33:67:4d:68:4f:be:15:ef:b0:f6:02:11:
-#         a2:1b:13:25:3a:dc:c2:59:f1:e3:5c:46:bb:67:2c:02:46:ea:
-#         1e:48:a6:e6:5b:d9:b5:bc:51:a2:92:96:db:aa:c6:37:22:a6:
-#         fe:cc:20:74:a3:2d:a9:2e:6b:cb:c0:82:11:21:b5:93:79:ee:
-#         44:86:be:d7:1e:e4:1e:fb
-
-[p11-kit-object-v1]
-label: "WoSign China"
-class: x-certificate-extension
-object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
-modifiable: false
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYG
-TufQdDTc7WU1/FDWiD+k8H/rD195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvx
-UNUqKaqoGXqW5pWOdO2XCld19AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P
-/4eDrv8FAxNXUDf+jJZSEExfv5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Q
-d5Nx2UQIsYo06Yms25tO4dnkUkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4Veg
-G63XX9Gv2ystP9Bojg/qnw+LNVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BN
-deFyb7Ao65vh4YOhn0pdr8yb+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk
-3Kgtn3R46MGiCWOc76DbT52VqyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2L
-BcLmc272idX10kaO6m1jGx6KyX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/Hp
-elmjbX7FF+Ynxu8b22/8DU0GAbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53
-oWprfi1tWFxK1I5nuPHa1UaKJ/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8Ir
-C6KVkLn9YDxOiT7nnO4fuwECAwEAAQ==
------END PUBLIC KEY-----
-
-[p11-kit-object-v1]
-label: "WoSign China"
-trusted: true
-nss-mozilla-ca-policy: true
-modifiable: false
------BEGIN CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
-BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
-MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
-ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
-D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
-9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
-v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
-UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
-NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
-+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
-qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
-yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
-AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
-J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
-WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
-/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
-jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
-ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
-X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
-FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
-u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
-O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
-ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
-2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ==
------END CERTIFICATE-----
-#Certificate:
-#    Data:
-#        Version: 3 (0x2)
-#        Serial Number:
-#            50:70:6b:cd:d8:13:fc:1b:4e:3b:33:72:d2:11:48:8d
-#    Signature Algorithm: sha256WithRSAEncryption
-#        Issuer: C=CN, O=WoSign CA Limited, CN=CA \xE6\xB2\x83\xE9\x80\x9A\xE6\xA0\xB9\xE8\xAF\x81\xE4\xB9\xA6
-#        Validity
-#            Not Before: Aug  8 01:00:01 2009 GMT
-#            Not After : Aug  8 01:00:01 2039 GMT
-#        Subject: C=CN, O=WoSign CA Limited, CN=CA \xE6\xB2\x83\xE9\x80\x9A\xE6\xA0\xB9\xE8\xAF\x81\xE4\xB9\xA6
-#        Subject Public Key Info:
-#            Public Key Algorithm: rsaEncryption
-#                Public-Key: (4096 bit)
-#                Modulus:
-#                    00:d0:49:21:1e:25:fc:87:c1:2a:c2:ac:db:76:86:
-#                    06:4e:e7:d0:74:34:dc:ed:65:35:fc:50:d6:88:3f:
-#                    a4:f0:7f:eb:0f:5f:79:2f:89:b1:fd:bc:63:58:37:
-#                    93:9b:38:f8:b7:5b:a9:fa:d8:71:c7:b4:bc:80:97:
-#                    8d:6c:4b:f1:50:d5:2a:29:aa:a8:19:7a:96:e6:95:
-#                    8e:74:ed:97:0a:57:75:f4:05:db:6d:0b:39:b9:01:
-#                    7f:aa:f6:d6:da:6c:e6:05:e0:a4:4d:52:fc:db:d0:
-#                    74:b7:11:8c:7b:8d:4f:ff:87:83:ae:ff:05:03:13:
-#                    57:50:37:fe:8c:96:52:10:4c:5f:bf:94:71:69:d9:
-#                    96:3e:0c:43:4f:be:30:c0:9f:39:74:4f:06:45:5d:
-#                    a3:d6:56:39:68:07:cc:87:4f:50:77:93:71:d9:44:
-#                    08:b1:8a:34:e9:89:ac:db:9b:4e:e1:d9:e4:52:45:
-#                    8c:2e:14:1f:91:6b:19:1d:68:29:2c:56:c4:e2:1e:
-#                    13:57:64:f0:61:e3:b9:11:df:b0:e1:57:a0:1b:ad:
-#                    d7:5f:d1:af:db:2b:2d:3f:d0:68:8e:0f:ea:9f:0f:
-#                    8b:35:58:1b:13:1c:f4:de:35:a1:0a:5d:d6:ea:df:
-#                    12:6f:c0:fb:69:07:46:72:dc:81:f6:04:23:17:e0:
-#                    4d:75:e1:72:6f:b0:28:eb:9b:e1:e1:83:a1:9f:4a:
-#                    5d:af:cc:9b:fa:02:20:b6:18:62:77:91:3b:a3:d5:
-#                    65:ad:dc:7c:90:77:1c:44:41:a4:4a:8b:eb:95:72:
-#                    e9:f6:09:64:dc:a8:2d:9f:74:78:e8:c1:a2:09:63:
-#                    9c:ef:a0:db:4f:9d:95:ab:20:4f:b7:b0:f7:87:5c:
-#                    a6:a0:e4:37:38:c7:5c:e3:35:0f:2c:ad:a3:80:a2:
-#                    ec:2e:5d:c0:cf:ed:8b:05:c2:e6:73:6e:f6:89:d5:
-#                    f5:d2:46:8e:ea:6d:63:1b:1e:8a:c9:7d:a6:f8:9c:
-#                    eb:e5:d5:63:85:4d:73:66:69:11:fe:c8:0e:f4:c1:
-#                    c7:66:49:53:7e:e4:19:6b:f1:e9:7a:59:a3:6d:7e:
-#                    c5:17:e6:27:c6:ef:1b:db:6f:fc:0d:4d:06:01:b4:
-#                    0e:5c:30:46:55:60:af:38:65:3a:ca:47:ba:ac:2c:
-#                    cc:46:1f:b2:46:96:3f:f3:ed:26:05:ee:77:a1:6a:
-#                    6b:7e:2d:6d:58:5c:4a:d4:8e:67:b8:f1:da:d5:46:
-#                    8a:27:f9:11:f2:c9:42:fe:4e:de:df:1f:5c:c4:a4:
-#                    86:87:16:33:a1:a7:17:18:a5:0d:e4:05:e5:2b:c2:
-#                    2b:0b:a2:95:90:b9:fd:60:3c:4e:89:3e:e7:9c:ee:
-#                    1f:bb:01
-#                Exponent: 65537 (0x10001)
-#        X509v3 extensions:
-#            X509v3 Key Usage: critical
-#                Certificate Sign, CRL Sign
-#            X509v3 Basic Constraints: critical
-#                CA:TRUE
-#            X509v3 Subject Key Identifier: 
-#                E0:4D:BF:DC:9B:41:5D:13:E8:64:F0:A7:E9:15:A4:E1:81:C1:BA:31
-#    Signature Algorithm: sha256WithRSAEncryption
-#         6a:8a:70:38:59:b6:da:8b:18:c8:be:2a:d3:b6:19:d5:66:29:
-#         7a:5d:cd:5b:2f:73:1c:26:4e:a3:7d:6f:ab:b7:29:4d:a6:e9:
-#         a5:11:83:a7:39:73:af:10:44:92:e6:25:5d:4f:61:fa:c8:06:
-#         be:4e:4b:ef:fe:f3:31:fe:c6:7c:70:0a:41:58:da:e8:99:4b:
-#         96:c9:78:bc:98:7c:02:29:ed:09:80:e6:0a:3a:82:02:2a:e2:
-#         c9:2f:c8:56:19:26:ee:78:1c:23:fd:f7:93:65:4e:e7:f3:98:
-#         98:af:cd:dd:d9:9e:40:88:31:28:3a:ab:2e:0b:b0:ac:0c:24:
-#         fa:7a:26:98:f3:12:61:10:f4:5d:17:f7:7e:e2:78:97:54:e2:
-#         8c:e8:29:ba:8c:10:32:bd:dd:33:6b:38:86:7e:39:3d:0e:03:
-#         72:a7:5d:79:8f:45:8a:59:ae:5b:21:6e:31:46:d5:59:8d:cf:
-#         15:5f:dd:31:25:cf:db:60:d6:81:44:72:29:02:57:f6:96:d4:
-#         d6:ff:ea:29:db:39:c5:b8:2c:8a:1a:8d:ce:cb:e7:42:31:86:
-#         05:68:0e:9e:14:dd:00:90:ba:69:45:08:db:6e:90:81:86:a7:
-#         2a:05:3f:e6:84:39:f8:b7:f9:57:5f:4c:a4:79:5a:10:0c:5e:
-#         d5:6b:ff:35:5f:05:51:1e:6c:a3:75:a9:cf:50:83:d3:7c:f4:
-#         66:f7:82:8d:3d:0c:7d:e8:df:7b:a8:0e:1b:2c:9c:ae:40:70:
-#         87:da:ed:a7:16:82:5a:be:35:6c:20:4e:22:61:d9:bc:51:7a:
-#         cd:7a:61:dc:4b:11:f9:fe:67:34:cf:2e:04:66:61:5c:57:97:
-#         23:8c:f3:86:1b:48:df:2a:af:a7:c1:ff:d8:8e:3e:03:bb:d8:
-#         2a:b0:fa:14:25:b2:51:6b:86:43:85:2e:07:23:16:80:8d:4c:
-#         fb:b4:63:3b:cc:c3:74:ed:1b:a3:1e:fe:35:0f:5f:7c:1d:16:
-#         86:f5:0e:c3:95:f1:2f:af:5d:25:3b:51:e6:d7:76:41:38:d1:
-#         4b:03:39:28:a5:1e:91:72:d4:7d:ab:97:33:c4:d3:3e:e0:69:
-#         b6:28:79:a0:09:8d:1c:d1:ff:41:72:48:06:fc:9a:2e:e7:20:
-#         f9:9b:a2:de:89:ed:ae:3c:09:af:ca:57:b3:92:89:70:40:e4:
-#         2f:4f:c2:70:83:40:d7:24:2c:6b:e7:09:1f:d3:d5:c7:c1:08:
-#         f4:db:0e:3b:1c:07:0b:43:11:84:21:86:e9:80:d4:75:d8:ab:
-#         f1:02:62:c1:b1:7e:55:61:cf:13:d7:26:b0:d7:9c:cb:29:8b:
-#         38:4a:0b:0e:90:8d:ba:a1
-
 [p11-kit-object-v1]
 label: "XRamp Global CA Root"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCQevRW0ut/HjKUntjgL
@@ -22366,7 +17360,7 @@ O+7ETPTsJ3xCwnR8gooJybQDJbw=
 label: "certSIGN ROOT CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzO5fsglSo6127QoG6pX
@@ -22465,7 +17459,7 @@ i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
 label: "ePKI Root Certification Authority"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0%2a%06%03U%1d%25%01%01%ff%04 0%1e%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%04%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306
@@ -22614,7 +17608,7 @@ hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
 label: "thawte Primary Root CA - G2"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/BebfowJPDQfG
@@ -22686,7 +17680,7 @@ XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg==
 label: "thawte Primary Root CA - G3"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm
@@ -22790,7 +17784,7 @@ MdRAGmI0Nj81Aa6sY6A=
 label: "thawte Primary Root CA"
 class: x-certificate-extension
 object-id: 2.5.29.37
-value: "0 %06%03U%1d%25%01%01%ff%04%160%14%06%08%2b%06%01%05%05%07%03%01%06%08%2b%06%01%05%05%07%03%03"
+value: "0%16%06%03U%1d%25%01%01%ff%04%0c0%0a%06%08%2b%06%01%05%05%07%03%01"
 modifiable: false
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKDw+4BZ1JzHpM+doVlz
diff --git a/msys2/usr/share/readline/hist_erasedups.c b/msys2/usr/share/readline/hist_erasedups.c
index 2ecee899c..f820eba6a 100644
--- a/msys2/usr/share/readline/hist_erasedups.c
+++ b/msys2/usr/share/readline/hist_erasedups.c
@@ -38,6 +38,8 @@
 #define STREQN(a, b, n) ((n == 0) ? (1) \
                                   : ((a)[0] == (b)[0] && strncmp(a, b, n) == 0))
 
+int hist_erasedups (void);
+
 static void
 usage()
 {
diff --git a/msys2/usr/share/readline/hist_purgecmd.c b/msys2/usr/share/readline/hist_purgecmd.c
index d836d146e..7992d810d 100644
--- a/msys2/usr/share/readline/hist_purgecmd.c
+++ b/msys2/usr/share/readline/hist_purgecmd.c
@@ -43,6 +43,8 @@
 
 #define PURGE_REGEXP	0x01
 
+int hist_purgecmd (char *, int);
+
 static void
 usage()
 {
diff --git a/msys2/usr/share/readline/histexamp.c b/msys2/usr/share/readline/histexamp.c
index 3b43674f7..309d769b3 100644
--- a/msys2/usr/share/readline/histexamp.c
+++ b/msys2/usr/share/readline/histexamp.c
@@ -27,8 +27,11 @@
 #  include <readline/history.h>
 #endif
 
+#include <unistd.h>
+#include <stdlib.h>
 #include <string.h>
 
+int
 main (argc, argv)
      int argc;
      char **argv;
diff --git a/msys2/usr/share/readline/rlcat.c b/msys2/usr/share/readline/rlcat.c
index fa9e06ff7..b4942413f 100644
--- a/msys2/usr/share/readline/rlcat.c
+++ b/msys2/usr/share/readline/rlcat.c
@@ -137,7 +137,7 @@ fcopy(fp)
       if (vflag && isascii ((unsigned char)c) && isprint((unsigned char)c) == 0)
 	{
 	  x = rl_untranslate_keyseq (c);
-	  if (fputs (x, stdout) != 0)
+	  if (fputs (x, stdout) == EOF)
 	    return 1;
 	}
       else if (putchar (c) == EOF)
diff --git a/msys2/usr/share/readline/rlevent.c b/msys2/usr/share/readline/rlevent.c
index 77f1887ad..8143cb02a 100644
--- a/msys2/usr/share/readline/rlevent.c
+++ b/msys2/usr/share/readline/rlevent.c
@@ -28,6 +28,13 @@
 #  include <config.h>
 #endif
 
+#ifdef HAVE_UNISTD_H
+#  include <unistd.h>
+#else
+extern int getopt();
+extern int sleep();
+#endif
+
 #include <stdio.h>
 #include <sys/types.h>
 
diff --git a/msys2/usr/share/readline/rlkeymaps.c b/msys2/usr/share/readline/rlkeymaps.c
new file mode 100644
index 000000000..fef77b35a
--- /dev/null
+++ b/msys2/usr/share/readline/rlkeymaps.c
@@ -0,0 +1,61 @@
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+
+#if defined (READLINE_LIBRARY)
+#  include "readline.h"
+#  include "history.h"
+#else
+#  include <readline/readline.h>
+#  include <readline/history.h>
+#endif
+
+int
+main (int c, char **v)
+{
+  Keymap nmap, emacsmap, newemacs;
+  int r, errs;
+
+  errs = 0;
+  nmap = rl_make_keymap ();
+
+  r = rl_set_keymap_name ("emacs", nmap);
+  if (r >= 0)
+    {
+      fprintf (stderr, "rlkeymaps: error: able to rename `emacs' keymap\n");
+      errs++;
+    }
+
+  emacsmap = rl_get_keymap_by_name ("emacs");
+  r = rl_set_keymap_name ("newemacs", emacsmap);
+  if (r >= 0)
+    {
+      fprintf (stderr, "rlkeymaps: error: able to set new name for emacs keymap\n");
+      errs++;
+    }
+
+  r = rl_set_keymap_name ("newemacs", nmap);
+  if (r < 0)
+    {
+      fprintf (stderr, "rlkeymaps: error: newemacs: could not set keymap name\n");
+      errs++;
+    }
+
+  newemacs = rl_copy_keymap (emacsmap);
+  r = rl_set_keymap_name ("newemacs", newemacs);
+  if (r < 0)
+    {
+      fprintf (stderr, "rlkeymaps: error: newemacs: could not set `newemacs' keymap to new map\n");
+      errs++;
+    }
+
+  r = rl_set_keymap_name ("emacscopy", newemacs);
+  if (r < 0)
+    {
+      fprintf (stderr, "rlkeymaps: error: emacscopy: could not rename created keymap\n");
+      errs++;
+    }
+
+  exit (errs);
+}
diff --git a/msys2/usr/share/readline/rltest.c b/msys2/usr/share/readline/rltest.c
index 78e260868..65abe87cc 100644
--- a/msys2/usr/share/readline/rltest.c
+++ b/msys2/usr/share/readline/rltest.c
@@ -46,6 +46,7 @@ extern void exit();
 
 extern HIST_ENTRY **history_list ();
 
+int
 main ()
 {
   char *temp, *prompt;
diff --git a/msys2/usr/share/terminfo/61/alt4 b/msys2/usr/share/terminfo/61/alt4
index 6ec5bb481..5071cf44b 100644
Binary files a/msys2/usr/share/terminfo/61/alt4 and b/msys2/usr/share/terminfo/61/alt4 differ
diff --git a/msys2/usr/share/terminfo/61/altos-4 b/msys2/usr/share/terminfo/61/altos-4
index 6ec5bb481..5071cf44b 100644
Binary files a/msys2/usr/share/terminfo/61/altos-4 and b/msys2/usr/share/terminfo/61/altos-4 differ
diff --git a/msys2/usr/share/terminfo/61/altos4 b/msys2/usr/share/terminfo/61/altos4
index 6ec5bb481..5071cf44b 100644
Binary files a/msys2/usr/share/terminfo/61/altos4 and b/msys2/usr/share/terminfo/61/altos4 differ
diff --git a/msys2/usr/share/terminfo/69/interix b/msys2/usr/share/terminfo/69/interix
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/share/terminfo/69/interix and b/msys2/usr/share/terminfo/69/interix differ
diff --git a/msys2/usr/share/terminfo/69/interix-nti b/msys2/usr/share/terminfo/69/interix-nti
index 98afea791..a9c1fbe9c 100644
Binary files a/msys2/usr/share/terminfo/69/interix-nti and b/msys2/usr/share/terminfo/69/interix-nti differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole b/msys2/usr/share/terminfo/6e/ntconsole
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole and b/msys2/usr/share/terminfo/6e/ntconsole differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-100 b/msys2/usr/share/terminfo/6e/ntconsole-100
index 4ebcea10b..b2d88c541 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-100 and b/msys2/usr/share/terminfo/6e/ntconsole-100 differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-100-nti b/msys2/usr/share/terminfo/6e/ntconsole-100-nti
index 5791cf881..eeb8897f8 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-100-nti and b/msys2/usr/share/terminfo/6e/ntconsole-100-nti differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-25 b/msys2/usr/share/terminfo/6e/ntconsole-25
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-25 and b/msys2/usr/share/terminfo/6e/ntconsole-25 differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-25-nti b/msys2/usr/share/terminfo/6e/ntconsole-25-nti
index 98afea791..a9c1fbe9c 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-25-nti and b/msys2/usr/share/terminfo/6e/ntconsole-25-nti differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-25-w b/msys2/usr/share/terminfo/6e/ntconsole-25-w
index b58d7ea10..740ed010d 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-25-w and b/msys2/usr/share/terminfo/6e/ntconsole-25-w differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-25-w-vt b/msys2/usr/share/terminfo/6e/ntconsole-25-w-vt
index 4b694571e..c65a8188e 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-25-w-vt and b/msys2/usr/share/terminfo/6e/ntconsole-25-w-vt differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-35 b/msys2/usr/share/terminfo/6e/ntconsole-35
index cdcbfa131..2332b3ab8 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-35 and b/msys2/usr/share/terminfo/6e/ntconsole-35 differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-35-nti b/msys2/usr/share/terminfo/6e/ntconsole-35-nti
index dcd4c37b2..1544b68f3 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-35-nti and b/msys2/usr/share/terminfo/6e/ntconsole-35-nti differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-35-w b/msys2/usr/share/terminfo/6e/ntconsole-35-w
index 2d34f3a7f..de7086a86 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-35-w and b/msys2/usr/share/terminfo/6e/ntconsole-35-w differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-50 b/msys2/usr/share/terminfo/6e/ntconsole-50
index 54e344af8..696833c54 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-50 and b/msys2/usr/share/terminfo/6e/ntconsole-50 differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-50-nti b/msys2/usr/share/terminfo/6e/ntconsole-50-nti
index c6388bf3a..b9f8ed758 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-50-nti and b/msys2/usr/share/terminfo/6e/ntconsole-50-nti differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-50-w b/msys2/usr/share/terminfo/6e/ntconsole-50-w
index 8d7d8b974..d46c9741d 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-50-w and b/msys2/usr/share/terminfo/6e/ntconsole-50-w differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-60 b/msys2/usr/share/terminfo/6e/ntconsole-60
index 758921475..9f6d4f8ee 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-60 and b/msys2/usr/share/terminfo/6e/ntconsole-60 differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-60-nti b/msys2/usr/share/terminfo/6e/ntconsole-60-nti
index 801fcc4ae..ea50793cc 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-60-nti and b/msys2/usr/share/terminfo/6e/ntconsole-60-nti differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-60-w b/msys2/usr/share/terminfo/6e/ntconsole-60-w
index 08d54c19a..5e1297b04 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-60-w and b/msys2/usr/share/terminfo/6e/ntconsole-60-w differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-w b/msys2/usr/share/terminfo/6e/ntconsole-w
index b58d7ea10..740ed010d 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-w and b/msys2/usr/share/terminfo/6e/ntconsole-w differ
diff --git a/msys2/usr/share/terminfo/6e/ntconsole-w-vt b/msys2/usr/share/terminfo/6e/ntconsole-w-vt
index 4b694571e..c65a8188e 100644
Binary files a/msys2/usr/share/terminfo/6e/ntconsole-w-vt and b/msys2/usr/share/terminfo/6e/ntconsole-w-vt differ
diff --git a/msys2/usr/share/terminfo/6f/opennt b/msys2/usr/share/terminfo/6f/opennt
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt and b/msys2/usr/share/terminfo/6f/opennt differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-100 b/msys2/usr/share/terminfo/6f/opennt-100
index 4ebcea10b..b2d88c541 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-100 and b/msys2/usr/share/terminfo/6f/opennt-100 differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-100-nti b/msys2/usr/share/terminfo/6f/opennt-100-nti
index 5791cf881..eeb8897f8 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-100-nti and b/msys2/usr/share/terminfo/6f/opennt-100-nti differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-25 b/msys2/usr/share/terminfo/6f/opennt-25
index a627e5629..afbcc420c 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-25 and b/msys2/usr/share/terminfo/6f/opennt-25 differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-25-nti b/msys2/usr/share/terminfo/6f/opennt-25-nti
index 98afea791..a9c1fbe9c 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-25-nti and b/msys2/usr/share/terminfo/6f/opennt-25-nti differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-25-w b/msys2/usr/share/terminfo/6f/opennt-25-w
index b58d7ea10..740ed010d 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-25-w and b/msys2/usr/share/terminfo/6f/opennt-25-w differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-25-w-vt b/msys2/usr/share/terminfo/6f/opennt-25-w-vt
index 4b694571e..c65a8188e 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-25-w-vt and b/msys2/usr/share/terminfo/6f/opennt-25-w-vt differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-35 b/msys2/usr/share/terminfo/6f/opennt-35
index cdcbfa131..2332b3ab8 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-35 and b/msys2/usr/share/terminfo/6f/opennt-35 differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-35-nti b/msys2/usr/share/terminfo/6f/opennt-35-nti
index dcd4c37b2..1544b68f3 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-35-nti and b/msys2/usr/share/terminfo/6f/opennt-35-nti differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-35-w b/msys2/usr/share/terminfo/6f/opennt-35-w
index 2d34f3a7f..de7086a86 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-35-w and b/msys2/usr/share/terminfo/6f/opennt-35-w differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-50 b/msys2/usr/share/terminfo/6f/opennt-50
index 54e344af8..696833c54 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-50 and b/msys2/usr/share/terminfo/6f/opennt-50 differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-50-nti b/msys2/usr/share/terminfo/6f/opennt-50-nti
index c6388bf3a..b9f8ed758 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-50-nti and b/msys2/usr/share/terminfo/6f/opennt-50-nti differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-50-w b/msys2/usr/share/terminfo/6f/opennt-50-w
index 8d7d8b974..d46c9741d 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-50-w and b/msys2/usr/share/terminfo/6f/opennt-50-w differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-60 b/msys2/usr/share/terminfo/6f/opennt-60
index 758921475..9f6d4f8ee 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-60 and b/msys2/usr/share/terminfo/6f/opennt-60 differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-60-nti b/msys2/usr/share/terminfo/6f/opennt-60-nti
index 801fcc4ae..ea50793cc 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-60-nti and b/msys2/usr/share/terminfo/6f/opennt-60-nti differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-60-w b/msys2/usr/share/terminfo/6f/opennt-60-w
index 08d54c19a..5e1297b04 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-60-w and b/msys2/usr/share/terminfo/6f/opennt-60-w differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-nti b/msys2/usr/share/terminfo/6f/opennt-nti
index 98afea791..a9c1fbe9c 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-nti and b/msys2/usr/share/terminfo/6f/opennt-nti differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-w b/msys2/usr/share/terminfo/6f/opennt-w
index b58d7ea10..740ed010d 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-w and b/msys2/usr/share/terminfo/6f/opennt-w differ
diff --git a/msys2/usr/share/terminfo/6f/opennt-w-vt b/msys2/usr/share/terminfo/6f/opennt-w-vt
index 4b694571e..c65a8188e 100644
Binary files a/msys2/usr/share/terminfo/6f/opennt-w-vt and b/msys2/usr/share/terminfo/6f/opennt-w-vt differ
diff --git a/msys2/usr/share/terminfo/76/vi200 b/msys2/usr/share/terminfo/76/vi200
index 18952138e..cd853af8a 100644
Binary files a/msys2/usr/share/terminfo/76/vi200 and b/msys2/usr/share/terminfo/76/vi200 differ
diff --git a/msys2/usr/share/terminfo/76/vi200-f b/msys2/usr/share/terminfo/76/vi200-f
index bda3aa6b4..18de6cf0b 100644
Binary files a/msys2/usr/share/terminfo/76/vi200-f and b/msys2/usr/share/terminfo/76/vi200-f differ
diff --git a/msys2/usr/share/terminfo/76/vi200-rv b/msys2/usr/share/terminfo/76/vi200-rv
index 95fe92244..b6be96150 100644
Binary files a/msys2/usr/share/terminfo/76/vi200-rv and b/msys2/usr/share/terminfo/76/vi200-rv differ
diff --git a/msys2/usr/share/terminfo/77/wy50 b/msys2/usr/share/terminfo/77/wy50
index afd1bd784..7c72366d8 100644
Binary files a/msys2/usr/share/terminfo/77/wy50 and b/msys2/usr/share/terminfo/77/wy50 differ
diff --git a/msys2/usr/share/terminfo/77/wy50-mc b/msys2/usr/share/terminfo/77/wy50-mc
index dbdc54caa..affa0c957 100644
Binary files a/msys2/usr/share/terminfo/77/wy50-mc and b/msys2/usr/share/terminfo/77/wy50-mc differ
diff --git a/msys2/usr/share/terminfo/77/wy50-vb b/msys2/usr/share/terminfo/77/wy50-vb
index ba38e0b8f..951721ae6 100644
Binary files a/msys2/usr/share/terminfo/77/wy50-vb and b/msys2/usr/share/terminfo/77/wy50-vb differ
diff --git a/msys2/usr/share/terminfo/77/wy50-w b/msys2/usr/share/terminfo/77/wy50-w
index 4f959119a..9cf4630b6 100644
Binary files a/msys2/usr/share/terminfo/77/wy50-w and b/msys2/usr/share/terminfo/77/wy50-w differ
diff --git a/msys2/usr/share/terminfo/77/wy50-wvb b/msys2/usr/share/terminfo/77/wy50-wvb
index ebcdc9bf4..37113c340 100644
Binary files a/msys2/usr/share/terminfo/77/wy50-wvb and b/msys2/usr/share/terminfo/77/wy50-wvb differ
diff --git a/msys2/usr/share/terminfo/77/wy60 b/msys2/usr/share/terminfo/77/wy60
index ea2501c27..7f0b76100 100644
Binary files a/msys2/usr/share/terminfo/77/wy60 and b/msys2/usr/share/terminfo/77/wy60 differ
diff --git a/msys2/usr/share/terminfo/77/wy60-25 b/msys2/usr/share/terminfo/77/wy60-25
index d5578c45d..76922e1ae 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-25 and b/msys2/usr/share/terminfo/77/wy60-25 differ
diff --git a/msys2/usr/share/terminfo/77/wy60-25-w b/msys2/usr/share/terminfo/77/wy60-25-w
index de4a38278..d15a5622e 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-25-w and b/msys2/usr/share/terminfo/77/wy60-25-w differ
diff --git a/msys2/usr/share/terminfo/77/wy60-42 b/msys2/usr/share/terminfo/77/wy60-42
index 69f5679e1..71e30f87f 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-42 and b/msys2/usr/share/terminfo/77/wy60-42 differ
diff --git a/msys2/usr/share/terminfo/77/wy60-42-w b/msys2/usr/share/terminfo/77/wy60-42-w
index a63a00516..fc8da2389 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-42-w and b/msys2/usr/share/terminfo/77/wy60-42-w differ
diff --git a/msys2/usr/share/terminfo/77/wy60-43 b/msys2/usr/share/terminfo/77/wy60-43
index 149a5fb29..219047cb7 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-43 and b/msys2/usr/share/terminfo/77/wy60-43 differ
diff --git a/msys2/usr/share/terminfo/77/wy60-43-w b/msys2/usr/share/terminfo/77/wy60-43-w
index c2bd2b871..c1cfac7eb 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-43-w and b/msys2/usr/share/terminfo/77/wy60-43-w differ
diff --git a/msys2/usr/share/terminfo/77/wy60-vb b/msys2/usr/share/terminfo/77/wy60-vb
index 3d221968b..cb70b612b 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-vb and b/msys2/usr/share/terminfo/77/wy60-vb differ
diff --git a/msys2/usr/share/terminfo/77/wy60-w b/msys2/usr/share/terminfo/77/wy60-w
index 06b86ba63..82c951b3e 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-w and b/msys2/usr/share/terminfo/77/wy60-w differ
diff --git a/msys2/usr/share/terminfo/77/wy60-w-vb b/msys2/usr/share/terminfo/77/wy60-w-vb
index 92450a2d4..b8632fddb 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-w-vb and b/msys2/usr/share/terminfo/77/wy60-w-vb differ
diff --git a/msys2/usr/share/terminfo/77/wy60-wvb b/msys2/usr/share/terminfo/77/wy60-wvb
index 92450a2d4..b8632fddb 100644
Binary files a/msys2/usr/share/terminfo/77/wy60-wvb and b/msys2/usr/share/terminfo/77/wy60-wvb differ
diff --git a/msys2/usr/share/terminfo/77/wy99gt b/msys2/usr/share/terminfo/77/wy99gt
index 50f485531..5bcb66079 100644
Binary files a/msys2/usr/share/terminfo/77/wy99gt and b/msys2/usr/share/terminfo/77/wy99gt differ
diff --git a/msys2/usr/share/terminfo/77/wy99gt-25 b/msys2/usr/share/terminfo/77/wy99gt-25
index 514632fd5..e9c98d4e3 100644
Binary files a/msys2/usr/share/terminfo/77/wy99gt-25 and b/msys2/usr/share/terminfo/77/wy99gt-25 differ
diff --git a/msys2/usr/share/terminfo/77/wy99gt-25-w b/msys2/usr/share/terminfo/77/wy99gt-25-w
index 60b133bbd..7d5e4f6f8 100644
Binary files a/msys2/usr/share/terminfo/77/wy99gt-25-w and b/msys2/usr/share/terminfo/77/wy99gt-25-w differ
diff --git a/msys2/usr/share/terminfo/77/wy99gt-vb b/msys2/usr/share/terminfo/77/wy99gt-vb
index 824372f9b..8ce9af008 100644
Binary files a/msys2/usr/share/terminfo/77/wy99gt-vb and b/msys2/usr/share/terminfo/77/wy99gt-vb differ
diff --git a/msys2/usr/share/terminfo/77/wy99gt-w b/msys2/usr/share/terminfo/77/wy99gt-w
index e4d889849..b173bd0c6 100644
Binary files a/msys2/usr/share/terminfo/77/wy99gt-w and b/msys2/usr/share/terminfo/77/wy99gt-w differ
diff --git a/msys2/usr/share/terminfo/77/wy99gt-w-vb b/msys2/usr/share/terminfo/77/wy99gt-w-vb
index 77733a7e1..17c79a35c 100644
Binary files a/msys2/usr/share/terminfo/77/wy99gt-w-vb and b/msys2/usr/share/terminfo/77/wy99gt-w-vb differ
diff --git a/msys2/usr/share/terminfo/77/wy99gt-wvb b/msys2/usr/share/terminfo/77/wy99gt-wvb
index 77733a7e1..17c79a35c 100644
Binary files a/msys2/usr/share/terminfo/77/wy99gt-wvb and b/msys2/usr/share/terminfo/77/wy99gt-wvb differ
diff --git a/msys2/usr/share/terminfo/77/wyse50 b/msys2/usr/share/terminfo/77/wyse50
index afd1bd784..7c72366d8 100644
Binary files a/msys2/usr/share/terminfo/77/wyse50 and b/msys2/usr/share/terminfo/77/wyse50 differ
diff --git a/msys2/usr/share/terminfo/77/wyse50-mc b/msys2/usr/share/terminfo/77/wyse50-mc
index dbdc54caa..affa0c957 100644
Binary files a/msys2/usr/share/terminfo/77/wyse50-mc and b/msys2/usr/share/terminfo/77/wyse50-mc differ
diff --git a/msys2/usr/share/terminfo/77/wyse50-vb b/msys2/usr/share/terminfo/77/wyse50-vb
index ba38e0b8f..951721ae6 100644
Binary files a/msys2/usr/share/terminfo/77/wyse50-vb and b/msys2/usr/share/terminfo/77/wyse50-vb differ
diff --git a/msys2/usr/share/terminfo/77/wyse50-w b/msys2/usr/share/terminfo/77/wyse50-w
index 4f959119a..9cf4630b6 100644
Binary files a/msys2/usr/share/terminfo/77/wyse50-w and b/msys2/usr/share/terminfo/77/wyse50-w differ
diff --git a/msys2/usr/share/terminfo/77/wyse50-wvb b/msys2/usr/share/terminfo/77/wyse50-wvb
index ebcdc9bf4..37113c340 100644
Binary files a/msys2/usr/share/terminfo/77/wyse50-wvb and b/msys2/usr/share/terminfo/77/wyse50-wvb differ
diff --git a/msys2/usr/share/terminfo/77/wyse60 b/msys2/usr/share/terminfo/77/wyse60
index ea2501c27..7f0b76100 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60 and b/msys2/usr/share/terminfo/77/wyse60 differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-25 b/msys2/usr/share/terminfo/77/wyse60-25
index d5578c45d..76922e1ae 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-25 and b/msys2/usr/share/terminfo/77/wyse60-25 differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-25-w b/msys2/usr/share/terminfo/77/wyse60-25-w
index de4a38278..d15a5622e 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-25-w and b/msys2/usr/share/terminfo/77/wyse60-25-w differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-42 b/msys2/usr/share/terminfo/77/wyse60-42
index 69f5679e1..71e30f87f 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-42 and b/msys2/usr/share/terminfo/77/wyse60-42 differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-42-w b/msys2/usr/share/terminfo/77/wyse60-42-w
index a63a00516..fc8da2389 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-42-w and b/msys2/usr/share/terminfo/77/wyse60-42-w differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-43 b/msys2/usr/share/terminfo/77/wyse60-43
index 149a5fb29..219047cb7 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-43 and b/msys2/usr/share/terminfo/77/wyse60-43 differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-43-w b/msys2/usr/share/terminfo/77/wyse60-43-w
index c2bd2b871..c1cfac7eb 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-43-w and b/msys2/usr/share/terminfo/77/wyse60-43-w differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-vb b/msys2/usr/share/terminfo/77/wyse60-vb
index 3d221968b..cb70b612b 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-vb and b/msys2/usr/share/terminfo/77/wyse60-vb differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-w b/msys2/usr/share/terminfo/77/wyse60-w
index 06b86ba63..82c951b3e 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-w and b/msys2/usr/share/terminfo/77/wyse60-w differ
diff --git a/msys2/usr/share/terminfo/77/wyse60-wvb b/msys2/usr/share/terminfo/77/wyse60-wvb
index 92450a2d4..b8632fddb 100644
Binary files a/msys2/usr/share/terminfo/77/wyse60-wvb and b/msys2/usr/share/terminfo/77/wyse60-wvb differ
diff --git a/msys2/usr/share/terminfo/77/wyse99gt b/msys2/usr/share/terminfo/77/wyse99gt
index 50f485531..5bcb66079 100644
Binary files a/msys2/usr/share/terminfo/77/wyse99gt and b/msys2/usr/share/terminfo/77/wyse99gt differ
diff --git a/msys2/usr/share/terminfo/77/wyse99gt-25 b/msys2/usr/share/terminfo/77/wyse99gt-25
index 514632fd5..e9c98d4e3 100644
Binary files a/msys2/usr/share/terminfo/77/wyse99gt-25 and b/msys2/usr/share/terminfo/77/wyse99gt-25 differ
diff --git a/msys2/usr/share/terminfo/77/wyse99gt-25-w b/msys2/usr/share/terminfo/77/wyse99gt-25-w
index 60b133bbd..7d5e4f6f8 100644
Binary files a/msys2/usr/share/terminfo/77/wyse99gt-25-w and b/msys2/usr/share/terminfo/77/wyse99gt-25-w differ
diff --git a/msys2/usr/share/terminfo/77/wyse99gt-vb b/msys2/usr/share/terminfo/77/wyse99gt-vb
index 824372f9b..8ce9af008 100644
Binary files a/msys2/usr/share/terminfo/77/wyse99gt-vb and b/msys2/usr/share/terminfo/77/wyse99gt-vb differ
diff --git a/msys2/usr/share/terminfo/77/wyse99gt-w b/msys2/usr/share/terminfo/77/wyse99gt-w
index e4d889849..b173bd0c6 100644
Binary files a/msys2/usr/share/terminfo/77/wyse99gt-w and b/msys2/usr/share/terminfo/77/wyse99gt-w differ
diff --git a/msys2/usr/share/terminfo/77/wyse99gt-wvb b/msys2/usr/share/terminfo/77/wyse99gt-wvb
index 77733a7e1..17c79a35c 100644
Binary files a/msys2/usr/share/terminfo/77/wyse99gt-wvb and b/msys2/usr/share/terminfo/77/wyse99gt-wvb differ
diff --git a/msys2/usr/share/vim/vimfiles/ftdetect/PKGBUILD.vim b/msys2/usr/share/vim/vimfiles/ftdetect/PKGBUILD.vim
new file mode 100644
index 000000000..cc84ccba8
--- /dev/null
+++ b/msys2/usr/share/vim/vimfiles/ftdetect/PKGBUILD.vim
@@ -0,0 +1 @@
+au BufNewFile,BufRead PKGBUILD set filetype=PKGBUILD
diff --git a/msys2/usr/share/vim/vimfiles/syntax/PKGBUILD.vim b/msys2/usr/share/vim/vimfiles/syntax/PKGBUILD.vim
new file mode 100644
index 000000000..110bbc713
--- /dev/null
+++ b/msys2/usr/share/vim/vimfiles/syntax/PKGBUILD.vim
@@ -0,0 +1,320 @@
+" Vim syntax file
+" Language:     PKGBUILD
+" Maintainer:   Alessio 'mOLOk' Bolognino <themolok at gmail.com>
+" Last Change:  2007/05/08
+" Version Info: PKGBUILD-0.2 (colorphobic)
+
+" For version 5.x: Clear all syntax items
+" For version 6.x: Quit when a syntax file was already loaded
+if version < 600
+	syntax clear
+elseif exists("b:current_syntax")
+	finish
+endif
+
+let b:main_syntax = "sh"
+let b:is_bash = 1
+runtime! syntax/sh.vim
+
+" case on
+syn case match
+
+" pkgname
+" FIXME if '=' is in pkgname/pkgver, it highlights whole string, not just '='
+syn keyword pb_k_pkgname pkgname contained
+syn match pbValidPkgname /\([[:alnum:]]\|+\|-\|_\){,32}/ contained contains=pbIllegalPkgname
+syn match pbIllegalPkgname /[[:upper:]]\|[^[:alnum:]-+_=]\|=.*=\|=['"]\?.\{33,\}['"]\?/ contained
+syn match pbPkgnameGroup /^pkgname=.*/ contains=pbIllegalPkgname,pb_k_pkgname,shDoubleQuote,shSingleQuote
+
+" pkgbase
+" FIXME if '=' is in pkgbase/pkgname/pkgver, it highlights whole string, not just '='
+syn keyword pb_k_pkgbase pkgbase contained
+syn match pbValidPkgbase /\([[:alnum:]]\|+\|-\|_\){,32}/ contained contains=pbIllegalPkgbase
+syn match pbIllegalPkgbase /[[:upper:]]\|[^[:alnum:]-+_=]\|=.*=\|=['"]\?.\{33,\}['"]\?/ contained
+syn match pbPkgbaseGroup /^pkgbase=.*/ contains=pbIllegalPkgbase,pb_k_pkgbase,shDoubleQuote,shSingleQuote
+
+" pkgver
+syn keyword pb_k_pkgver pkgver contained
+syn match pbValidPkgver /\([[:alnum:]]\|\.\|+\|_\)/ contained contains=pbIllegalPkgver
+syn match pbIllegalPkgver /[^[:alnum:]+=\.\_]\|=.*=/ contained
+syn match pbPkgverGroup /^pkgver=.*/ contains=pbIllegalPkgver,pbValidPkgver,pb_k_pkgver,shDoubleQuote,shSingleQuote
+
+" pkgrel
+syn keyword pb_k_pkgrel pkgrel contained
+syn match pbValidPkgrel /[[:digit:]]*/ contained contains=pbIllegalPkgrel
+syn match pbIllegalPkgrel /[^[:digit:]=]\|=.*=/ contained
+syn match pbPkgrelGroup /^pkgrel=.*/ contains=pbIllegalPkgrel,pbValidPkgrel,pb_k_pkgrel,shDoubleQuote,shSingleQuote
+
+" pkgdesc
+syn keyword pb_k_desc pkgdesc contained
+" 90 chars: 80 for description, 8 for pkgdesc and 2 for ''
+syn match pbIllegalPkgdesc /.\{90,}\|=['"]\?.*['" ]\+[iI][sS] [aA]/ contained contains=pbPkgdescSign
+syn match pbValidPkgdesc /[^='"]\.\{,80}/ contained contains=pbIllegalPkgdesc
+syn match pbPkgdescGroup /^pkgdesc=.*/ contains=pbIllegalPkgdesc,pb_k_desc,pbValidPkgdesc,shDoubleQuote,shSingleQuote
+syn match pbPkgdescSign /[='"]/ contained
+
+" epoch
+syn keyword pb_k_epoch epoch contained
+syn match pbValidEpoch /[[:digit:]]*/ contained contains=pbIllegalEpoch
+syn match pbIllegalEpoch /[^[:digit:]=]\|=.*=/ contained
+syn match pbEpochGroup /^epoch=.*/ contains=pbIllegalEpoch,pbValidEpoch,pb_k_epoch,shDoubleQuote,shSingleQuote
+
+" url
+syn keyword pb_k_url url contained
+syn match pbValidUrl /['"]*\(https\|http\|ftp\)\:\/.*\.\+.*/ contained
+
+syn match pbIllegalUrl /[^=]/ contained contains=pbValidUrl
+syn match pbUrlGroup /^url=.*/ contains=pbValidUrl,pb_k_url,pbIllegalUrl,shDoubleQuote,shSingleQuote
+
+" license
+syn keyword pb_k_license license contained
+" echo $(pacman -Ql licenses | grep '/usr/share/licenses/common/' | cut -d'/' -f6 | sort -u)
+syn keyword pbLicense  AGPL AGPL3 Apache APACHE Artistic2.0 CCPL CDDL CPL EPL FDL FDL1.2 FDL1.3 GPL GPL2 GPL3 LGPL LGPL2.1 LGPL3 LPPL MPL PerlArtistic PHP PSF RUBY W3C ZPL contained
+" special cases from https://wiki.archlinux.org/index.php/Arch_Packaging_Standards
+syn keyword pbLicenseSpecial  BSD MIT ZLIB Python contained
+syn match pbLicenseCustom /custom\(:[[:alnum:]]*\)*/ contained
+syn match pbIllegalLicense /[^='"() ]/ contained contains=pbLicenseCustom,pbLicenseSpecial,pbLicense
+syn region pbLicenseGroup start=/^license=(/ end=/)/ contains=pb_k_license,pbLicenseCustom,pbLicenseSpecial,pbLicense,pbIllegalLicense
+
+" backup
+syn keyword pb_k_backup backup contained
+syn match pbValidBackup   /\.\?[[:alpha:]]*\/[[:alnum:]\{\}+._$-]*]*/ contained
+syn region pbBackupGroup start=/^backup=(/ end=/)/ contains=pb_k_backup,pbValidBackup,shDoubleQuote,shSingleQuote
+
+" arch
+syn keyword pb_k_arch arch contained
+syn keyword pbArch i686 x86_64 ppc any contained
+syn match pbIllegalArch /[^='"() ]/ contained contains=pbArch
+syn region pbArchGroup start=/^arch=(/ end=/)/ contains=pb_k_arch,pbArch,pbIllegalArch
+
+" groups
+syn keyword pb_k_groups groups contained
+syn match pbValidGroups /\([[:alnum:]]\|+\|-\|_\)*/ contained
+syn region pbGroupsGroup start=/^groups=(/ end=/)/ contains=pb_k_groups,pbValidGroups,shDoubleQuote,shSingleQuote
+
+" depends
+syn keyword pb_k_depends depends contained
+syn match pbValidDepends /\([[:alnum:]]\|+\|-\|_\)*/ contained
+syn region pbDependsGroup start=/^depends=(/ end=/)/ contains=pb_k_depends,pbValidDepends,shDoubleQuote,shSingleQuote
+
+" makedepends
+syn keyword pb_k_makedepends makedepends contained
+syn match pbValidMakedepends /\([[:alnum:]]\|+\|-\|_\)*/ contained
+syn region pbMakedependsGroup start=/^makedepends=(/ end=/)/ contains=pb_k_makedepends,pbValidMakedepends,shDoubleQuote,shSingleQuote
+
+" optdepends
+syn keyword pb_k_optdepends optdepends contained
+syn match pbValidOptdepends /\([[:alnum:]]\|+\|-\|_\)*/ contained
+syn region pbOptdependsGroup start=/^optdepends=(/ end=/)/ contains=pb_k_optdepends,pbValidOptdepends,shDoubleQuote,shSingleQuote
+
+" checkdepends
+syn keyword pb_k_ckdepends checkdepends contained
+syn match pbValidCkdepends /\([[:alnum:]]\|+\|-\|_\)*/ contained
+syn region pbCkdependsGroup start=/^checkdepends=(/ end=/)/ contains=pb_k_ckdepends,pbValidCkdepends,shDoubleQuote,shSingleQuote
+
+" conflicts
+syn keyword pb_k_conflicts conflicts contained
+syn match pbValidConflicts /\([[:alnum:]]\|+\|-\|_\)*/ contained
+syn region pbConflictsGroup start=/^conflicts=(/ end=/)/ contains=pb_k_conflicts,pbValidConflicts,shDoubleQuote,shSingleQuote
+
+" provides
+syn keyword pb_k_provides provides contained
+syn match pbValidProvides /\([[:alnum:]]\|+\|-\|_\)*/ contained
+syn region pbProvidesGroup start=/^provides=(/ end=/)/ contains=pb_k_provides,pbValidProvides,shDoubleQuote,shSingleQuote
+
+" replaces
+syn keyword pb_k_replaces replaces contained
+syn match pbValidReplaces /\([[:alnum:]]\|+\|-\|_\)*/ contained
+syn region pbReplacesGroup start=/^replaces=(/  end=/)/ contains=pb_k_replaces,pbValidReplaces,shDoubleQuote,shSingleQuote
+
+" install
+" XXX remove install from bashStatement, fix strange bug
+syn clear bashStatement
+syn keyword bashStatement chmod clear complete du egrep expr fgrep find gnufind gnugrep grep less ls mkdir mv rm rmdir rpm sed sleep sort strip tail touch
+
+syn keyword pb_k_install install contained
+syn match pbValidInstall /\([[:alnum:]]\|\$\|+\|-\|_\)*\.install/ contained
+syn match pbIllegalInstall /[^=]/ contained contains=pbValidInstall
+syn match pbInstallGroup /^install=.*/ contains=pb_k_install,pbValidInstall,pbIllegalInstall,shDeref,shDoubleQuote,shSingleQuote
+
+" changelog
+syn keyword pb_k_changelog changelog contained
+syn match pbValidChangelog /\([[:alnum:]]\|\$\|+\|-\|_\)*/ contained
+syn match pbIllegalChangelog /[^=]/ contained contains=pbValidChangelog
+syn match pbChangelogGroup /^changelog=.*/ contains=pb_k_changelog,pbValidChangelog,pbIllegalChangelog,shDeref,shDoubleQuote,shSingleQuote
+
+" source:
+" XXX remove source from shStatement, fix strange bug
+syn clear shStatement
+syn keyword shStatement xxx wait getopts return autoload whence printf true popd nohup enable r trap readonly fc fg kill ulimit umask disown stop pushd read history logout times local exit test pwd time eval integer suspend dirs shopt hash false newgrp bg print jobs continue functions exec help cd break unalias chdir type shift builtin let bind
+
+syn keyword pb_k_source source contained
+syn match pbIllegalSource /\(http\|ftp\|https\).*\.\+\(dl\|download.\?\)\.\(sourceforge\|sf\).net/
+syn region pbSourceGroup  start=/^source=(/ end=/)/ contains=pb_k_source,pbIllegalSource,shNumber,shDoubleQuote,shSingleQuote,pbDerefEmulation
+syn match pbDerefEmulation /\$[{]\?[[:alnum:]_]*[}]\?/ contained
+hi def link pbDerefEmulation PreProc
+
+" md5sums
+syn keyword pb_k_md5sums md5sums contained
+syn match pbIllegalMd5sums /[^='"()\/ ]/ contained contains=pbValidMd5sums
+syn match pbValidMd5sums /\x\{32\}/ contained
+syn region pbMd5sumsGroup start=/^md5sums/ end=/)/ contains=pb_k_md5sums,pbMd5Quotes,pbMd5Hash,pbIllegalMd5sums keepend
+syn match pbMd5Quotes /'.*'\|".*"/ contained contains=pbMd5Hash,pbIllegalMd5sums
+syn match pbMd5Hash /\x\+/ contained contains=pbValidMd5sums
+hi def link pbMd5Quotes Keyword
+hi def link pbMd5Hash Error
+hi def link pbValidMd5sums  Number
+
+" sha1sums
+syn keyword pb_k_sha1sums sha1sums contained
+syn match pbIllegalSha1sums /[^='"()\/ ]/ contained contains=pbValidSha1sums
+syn match pbValidSha1sums /\x\{40\}/ contained
+syn region pbSha1sumsGroup start=/^sha1sums/ end=/)/ contains=pb_k_sha1sums,pbSha1Quotes,pbSha1Hash,pbIllegalSha1sums keepend
+syn match pbSha1Quotes /'.*'\|".*"/ contained contains=pbSha1Hash,pbIllegalSha1sums
+syn match pbSha1Hash /\x\+/ contained contains=pbValidSha1sums
+hi def link pbSha1Quotes Keyword
+hi def link pbSha1Hash Error
+hi def link pbValidSha1sums  Number
+
+" sha256sums
+syn keyword pb_k_sha256sums sha256sums contained
+syn match pbIllegalSha256sums /[^='"()\/ ]/ contained contains=pbValidSha256sums
+syn match pbValidSha256sums /\x\{64\}/ contained
+syn region pbSha256sumsGroup start=/^sha256sums/ end=/)/ contains=pb_k_sha256sums,pbSha256Quotes,pbSha256Hash,pbIllegalSha256sums keepend
+syn match pbSha256Quotes /'.*'\|".*"/ contained contains=pbSha256Hash,pbIllegalSha256sums
+syn match pbSha256Hash /\x\+/ contained contains=pbValidSha256sums
+hi def link pbSha256Quotes Keyword
+hi def link pbSha256Hash Error
+hi def link pbValidSha256sums  Number
+
+" sha384sums
+syn keyword pb_k_sha384sums sha384sums contained
+syn match pbIllegalSha384sums /[^='"()\/ ]/ contained contains=pbValidSha384sums
+syn match pbValidSha384sums /\x\{96\}/ contained
+syn region pbSha384sumsGroup start=/^sha384sums/ end=/)/ contains=pb_k_sha384sums,pbSha384Quotes,pbSha384Hash,pbIllegalSha384sums keepend
+syn match pbSha384Quotes /'.*'\|".*"/ contained contains=pbSha384Hash,pbIllegalSha384sums
+syn match pbSha384Hash /\x\+/ contained contains=pbValidSha384sums
+hi def link pbSha384Quotes Keyword
+hi def link pbSha384Hash Error
+hi def link pbValidSha384sums  Number
+
+" sha512sums
+syn keyword pb_k_sha512sums sha512sums contained
+syn match pbIllegalSha512sums /[^='"()\/ ]/ contained contains=pbValidSha512sums
+syn match pbValidSha512sums /\x\{128\}/ contained
+syn region pbSha512sumsGroup start=/^sha512sums/ end=/)/ contains=pb_k_sha512sums,pbSha512Quotes,pbSha512Hash,pbIllegalSha512sums keepend
+syn match pbSha512Quotes /'.*'\|".*"/ contained contains=pbSha512Hash,pbIllegalSha512sums
+syn match pbSha512Hash /\x\+/ contained contains=pbValidSha512sums
+hi def link pbSha512Quotes Keyword
+hi def link pbSha512Hash Error
+hi def link pbValidSha512sums  Number
+
+" options
+syn keyword pb_k_options options contained
+syn match pbOptions /\(no\)\?\(strip\|docs\|libtool\|emptydirs\|zipman\|purge\|distcc\|color\|ccache\|check\|sign\|makeflags\|buildflags\)/ contained
+syn match   pbOptionsNeg     /\!/ contained
+syn match   pbOptionsDeprec  /no/ contained
+syn region pbOptionsGroup start=/^options=(/ end=/)/ contains=pb_k_options,pbOptions,pbOptionsNeg,pbOptionsDeprec,pbIllegalOption
+syn match pbIllegalOption /[^!"'()= ]/ contained contains=pbOptionsDeprec,pbOptions
+
+" noextract
+syn match pbNoextract /[[:alnum:]+._${}-]\+/ contained
+syn keyword pb_k_noextract noextract  contained
+syn region pbNoextractGroup  start=/^noextract=(/ end=/)/ contains=pb_k_noextract,pbNoextract,shDoubleQuote,shSingleQuote
+
+" comments
+syn keyword    pb_k_maintainer Maintainer Contributor contained
+syn match      pbMaintainerGroup /Maintainer.*/ contains=pbMaintainer contained
+
+syn match pbDate /[0-9]\{4}\/[0-9]\{2}\/[0-9]\{2}/ contained
+
+syn cluster    pbCommentGroup	contains=pbTodo,pb_k_maintainer,pbMaintainerGroup,pbDate
+syn keyword    pbTodo	contained	COMBAK FIXME TODO XXX
+syn match      pbComment	"^#.*$"	contains=@pbCommentGroup
+syn match      pbComment	"[^0-9]#.*$"	contains=@pbCommentGroup
+
+" quotes are handled by sh.vim
+
+hi def link pbComment Comment
+hi def link pbTodo Todo
+
+hi def link pbIllegalPkgname Error
+hi def link pb_k_pkgname pbKeywords
+
+hi def link pbIllegalPkgbase Error
+hi def link pb_k_pkgbase pbKeywords
+
+hi def link pbIllegalPkgver Error
+hi def link pb_k_pkgver pbKeywords
+
+hi def link pbIllegalPkgrel Error
+hi def link pb_k_pkgrel pbKeywords
+
+hi def link pbIllegalPkgdesc Error
+hi def link pb_k_desc pbKeywords
+
+hi def link pbIllegalEpoch Error
+hi def link pb_k_epoch pbKeywords
+
+hi def link pbIllegalUrl Error
+hi def link pb_k_url pbKeywords
+
+hi def link pb_k_license pbKeywords
+hi def link pbIllegalLicense Error
+
+hi def link pb_k_backup pbKeywords
+
+hi def link pb_k_arch pbKeywords
+hi def link pbIllegalArch Error
+
+hi def link pb_k_groups pbKeywords
+hi def link pb_k_makedepends pbKeywords
+hi def link pb_k_optdepends pbKeywords
+hi def link pb_k_ckdepends pbKeywords
+hi def link pb_k_depends pbKeywords
+hi def link pb_k_replaces pbKeywords
+hi def link pb_k_conflicts pbKeywords
+hi def link pb_k_provides pbKeywords
+
+hi def link pbIllegalInstall Error
+hi def link pb_k_install pbKeywords
+
+hi def link pbIllegalChangelog Error
+hi def link pb_k_changelog pbKeywords
+
+hi def link pb_k_source pbKeywords
+hi def link pbIllegalSource Error
+
+hi def link pb_k_md5sums pbKeywords
+hi def link pbIllegalMd5sums Error
+
+hi def link pb_k_sha1sums pbKeywords
+hi def link pbIllegalSha1sums Error
+
+hi def link pb_k_sha256sums pbKeywords
+hi def link pbIllegalSha256sums Error
+
+hi def link pb_k_sha384sums pbKeywords
+hi def link pbIllegalSha384sums Error
+
+hi def link pb_k_sha512sums pbKeywords
+hi def link pbIllegalSha512sums Error
+
+hi def link pb_k_options pbKeywords
+hi def link pbOptionsDeprec Todo
+hi def link pbIllegalOption Error
+
+hi def link pb_k_noextract pbKeywords
+hi def link pbNoextract Normal
+
+hi def link pb_k_maintainer pbKeywords
+
+hi def link pbKeywords Keyword
+
+hi def link pbDate Special
+
+"syntax include @SHELL syntax/sh.vim
+"syntax region BUILD start=/^build()/ end=/^}/ contains=@SHELL
+"let b:current_syntax = "PKGBUILD"
+
+" vim: ft=vim
diff --git a/msys2/usr/share/zoneinfo/Africa/Abidjan b/msys2/usr/share/zoneinfo/Africa/Abidjan
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Abidjan and b/msys2/usr/share/zoneinfo/Africa/Abidjan differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Accra b/msys2/usr/share/zoneinfo/Africa/Accra
index 8726e80df..eaaa818f8 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Accra and b/msys2/usr/share/zoneinfo/Africa/Accra differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Addis_Ababa b/msys2/usr/share/zoneinfo/Africa/Addis_Ababa
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Addis_Ababa and b/msys2/usr/share/zoneinfo/Africa/Addis_Ababa differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Algiers b/msys2/usr/share/zoneinfo/Africa/Algiers
index 2a25f3ac2..a5867a672 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Algiers and b/msys2/usr/share/zoneinfo/Africa/Algiers differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Asmara b/msys2/usr/share/zoneinfo/Africa/Asmara
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Asmara and b/msys2/usr/share/zoneinfo/Africa/Asmara differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Asmera b/msys2/usr/share/zoneinfo/Africa/Asmera
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Asmera and b/msys2/usr/share/zoneinfo/Africa/Asmera differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Bamako b/msys2/usr/share/zoneinfo/Africa/Bamako
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Bamako and b/msys2/usr/share/zoneinfo/Africa/Bamako differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Bangui b/msys2/usr/share/zoneinfo/Africa/Bangui
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Bangui and b/msys2/usr/share/zoneinfo/Africa/Bangui differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Banjul b/msys2/usr/share/zoneinfo/Africa/Banjul
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Banjul and b/msys2/usr/share/zoneinfo/Africa/Banjul differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Bissau b/msys2/usr/share/zoneinfo/Africa/Bissau
index 4e6fbe103..82ea5aaf0 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Bissau and b/msys2/usr/share/zoneinfo/Africa/Bissau differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Blantyre b/msys2/usr/share/zoneinfo/Africa/Blantyre
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Blantyre and b/msys2/usr/share/zoneinfo/Africa/Blantyre differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Brazzaville b/msys2/usr/share/zoneinfo/Africa/Brazzaville
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Brazzaville and b/msys2/usr/share/zoneinfo/Africa/Brazzaville differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Bujumbura b/msys2/usr/share/zoneinfo/Africa/Bujumbura
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Bujumbura and b/msys2/usr/share/zoneinfo/Africa/Bujumbura differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Cairo b/msys2/usr/share/zoneinfo/Africa/Cairo
index ba0975044..0272fa1ba 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Cairo and b/msys2/usr/share/zoneinfo/Africa/Cairo differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Casablanca b/msys2/usr/share/zoneinfo/Africa/Casablanca
index 65de34457..4c5705480 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Casablanca and b/msys2/usr/share/zoneinfo/Africa/Casablanca differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Ceuta b/msys2/usr/share/zoneinfo/Africa/Ceuta
index aaa657ffd..dd75e3e6e 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Ceuta and b/msys2/usr/share/zoneinfo/Africa/Ceuta differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Conakry b/msys2/usr/share/zoneinfo/Africa/Conakry
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Conakry and b/msys2/usr/share/zoneinfo/Africa/Conakry differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Dakar b/msys2/usr/share/zoneinfo/Africa/Dakar
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Dakar and b/msys2/usr/share/zoneinfo/Africa/Dakar differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Dar_es_Salaam b/msys2/usr/share/zoneinfo/Africa/Dar_es_Salaam
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Dar_es_Salaam and b/msys2/usr/share/zoneinfo/Africa/Dar_es_Salaam differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Djibouti b/msys2/usr/share/zoneinfo/Africa/Djibouti
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Djibouti and b/msys2/usr/share/zoneinfo/Africa/Djibouti differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Douala b/msys2/usr/share/zoneinfo/Africa/Douala
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Douala and b/msys2/usr/share/zoneinfo/Africa/Douala differ
diff --git a/msys2/usr/share/zoneinfo/Africa/El_Aaiun b/msys2/usr/share/zoneinfo/Africa/El_Aaiun
index f5f8ffbc6..0ea025354 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/El_Aaiun and b/msys2/usr/share/zoneinfo/Africa/El_Aaiun differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Freetown b/msys2/usr/share/zoneinfo/Africa/Freetown
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Freetown and b/msys2/usr/share/zoneinfo/Africa/Freetown differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Gaborone b/msys2/usr/share/zoneinfo/Africa/Gaborone
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Gaborone and b/msys2/usr/share/zoneinfo/Africa/Gaborone differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Harare b/msys2/usr/share/zoneinfo/Africa/Harare
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Harare and b/msys2/usr/share/zoneinfo/Africa/Harare differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Johannesburg b/msys2/usr/share/zoneinfo/Africa/Johannesburg
index ddf3652e1..b8b9270a1 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Johannesburg and b/msys2/usr/share/zoneinfo/Africa/Johannesburg differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Juba b/msys2/usr/share/zoneinfo/Africa/Juba
index 9fa711904..83eca03ab 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Juba and b/msys2/usr/share/zoneinfo/Africa/Juba differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Kampala b/msys2/usr/share/zoneinfo/Africa/Kampala
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Kampala and b/msys2/usr/share/zoneinfo/Africa/Kampala differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Khartoum b/msys2/usr/share/zoneinfo/Africa/Khartoum
index f2c9e3037..549dae276 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Khartoum and b/msys2/usr/share/zoneinfo/Africa/Khartoum differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Kigali b/msys2/usr/share/zoneinfo/Africa/Kigali
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Kigali and b/msys2/usr/share/zoneinfo/Africa/Kigali differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Kinshasa b/msys2/usr/share/zoneinfo/Africa/Kinshasa
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Kinshasa and b/msys2/usr/share/zoneinfo/Africa/Kinshasa differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Lagos b/msys2/usr/share/zoneinfo/Africa/Lagos
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Lagos and b/msys2/usr/share/zoneinfo/Africa/Lagos differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Libreville b/msys2/usr/share/zoneinfo/Africa/Libreville
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Libreville and b/msys2/usr/share/zoneinfo/Africa/Libreville differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Lome b/msys2/usr/share/zoneinfo/Africa/Lome
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Lome and b/msys2/usr/share/zoneinfo/Africa/Lome differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Luanda b/msys2/usr/share/zoneinfo/Africa/Luanda
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Luanda and b/msys2/usr/share/zoneinfo/Africa/Luanda differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Lubumbashi b/msys2/usr/share/zoneinfo/Africa/Lubumbashi
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Lubumbashi and b/msys2/usr/share/zoneinfo/Africa/Lubumbashi differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Lusaka b/msys2/usr/share/zoneinfo/Africa/Lusaka
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Lusaka and b/msys2/usr/share/zoneinfo/Africa/Lusaka differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Malabo b/msys2/usr/share/zoneinfo/Africa/Malabo
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Malabo and b/msys2/usr/share/zoneinfo/Africa/Malabo differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Maputo b/msys2/usr/share/zoneinfo/Africa/Maputo
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Maputo and b/msys2/usr/share/zoneinfo/Africa/Maputo differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Maseru b/msys2/usr/share/zoneinfo/Africa/Maseru
index ddf3652e1..b8b9270a1 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Maseru and b/msys2/usr/share/zoneinfo/Africa/Maseru differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Mbabane b/msys2/usr/share/zoneinfo/Africa/Mbabane
index ddf3652e1..b8b9270a1 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Mbabane and b/msys2/usr/share/zoneinfo/Africa/Mbabane differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Mogadishu b/msys2/usr/share/zoneinfo/Africa/Mogadishu
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Mogadishu and b/msys2/usr/share/zoneinfo/Africa/Mogadishu differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Monrovia b/msys2/usr/share/zoneinfo/Africa/Monrovia
index b434c67fa..2a154f464 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Monrovia and b/msys2/usr/share/zoneinfo/Africa/Monrovia differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Nairobi b/msys2/usr/share/zoneinfo/Africa/Nairobi
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Nairobi and b/msys2/usr/share/zoneinfo/Africa/Nairobi differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Ndjamena b/msys2/usr/share/zoneinfo/Africa/Ndjamena
index bbfe19d60..8779590e0 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Ndjamena and b/msys2/usr/share/zoneinfo/Africa/Ndjamena differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Niamey b/msys2/usr/share/zoneinfo/Africa/Niamey
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Niamey and b/msys2/usr/share/zoneinfo/Africa/Niamey differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Nouakchott b/msys2/usr/share/zoneinfo/Africa/Nouakchott
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Nouakchott and b/msys2/usr/share/zoneinfo/Africa/Nouakchott differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Ouagadougou b/msys2/usr/share/zoneinfo/Africa/Ouagadougou
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Ouagadougou and b/msys2/usr/share/zoneinfo/Africa/Ouagadougou differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Porto-Novo b/msys2/usr/share/zoneinfo/Africa/Porto-Novo
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Porto-Novo and b/msys2/usr/share/zoneinfo/Africa/Porto-Novo differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Sao_Tome b/msys2/usr/share/zoneinfo/Africa/Sao_Tome
index 3c0d33b0c..59f3759c4 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Sao_Tome and b/msys2/usr/share/zoneinfo/Africa/Sao_Tome differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Timbuktu b/msys2/usr/share/zoneinfo/Africa/Timbuktu
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Timbuktu and b/msys2/usr/share/zoneinfo/Africa/Timbuktu differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Tripoli b/msys2/usr/share/zoneinfo/Africa/Tripoli
index b32e2202f..bd885315f 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Tripoli and b/msys2/usr/share/zoneinfo/Africa/Tripoli differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Tunis b/msys2/usr/share/zoneinfo/Africa/Tunis
index 4bd3885a9..0cd8ffbae 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Tunis and b/msys2/usr/share/zoneinfo/Africa/Tunis differ
diff --git a/msys2/usr/share/zoneinfo/Africa/Windhoek b/msys2/usr/share/zoneinfo/Africa/Windhoek
index 358f11e32..676618568 100644
Binary files a/msys2/usr/share/zoneinfo/Africa/Windhoek and b/msys2/usr/share/zoneinfo/Africa/Windhoek differ
diff --git a/msys2/usr/share/zoneinfo/America/Adak b/msys2/usr/share/zoneinfo/America/Adak
index 5696e0f8b..43236498f 100644
Binary files a/msys2/usr/share/zoneinfo/America/Adak and b/msys2/usr/share/zoneinfo/America/Adak differ
diff --git a/msys2/usr/share/zoneinfo/America/Anchorage b/msys2/usr/share/zoneinfo/America/Anchorage
index 6c8bdf226..9bbb2fd3b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Anchorage and b/msys2/usr/share/zoneinfo/America/Anchorage differ
diff --git a/msys2/usr/share/zoneinfo/America/Anguilla b/msys2/usr/share/zoneinfo/America/Anguilla
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Anguilla and b/msys2/usr/share/zoneinfo/America/Anguilla differ
diff --git a/msys2/usr/share/zoneinfo/America/Antigua b/msys2/usr/share/zoneinfo/America/Antigua
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Antigua and b/msys2/usr/share/zoneinfo/America/Antigua differ
diff --git a/msys2/usr/share/zoneinfo/America/Araguaina b/msys2/usr/share/zoneinfo/America/Araguaina
index 8b295a98b..bc9a52283 100644
Binary files a/msys2/usr/share/zoneinfo/America/Araguaina and b/msys2/usr/share/zoneinfo/America/Araguaina differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Buenos_Aires b/msys2/usr/share/zoneinfo/America/Argentina/Buenos_Aires
index e4866ce17..dfebfb99a 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Buenos_Aires and b/msys2/usr/share/zoneinfo/America/Argentina/Buenos_Aires differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Catamarca b/msys2/usr/share/zoneinfo/America/Argentina/Catamarca
index 9fe9ad647..b798105e0 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Catamarca and b/msys2/usr/share/zoneinfo/America/Argentina/Catamarca differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/ComodRivadavia b/msys2/usr/share/zoneinfo/America/Argentina/ComodRivadavia
index 9fe9ad647..b798105e0 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/ComodRivadavia and b/msys2/usr/share/zoneinfo/America/Argentina/ComodRivadavia differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Cordoba b/msys2/usr/share/zoneinfo/America/Argentina/Cordoba
index 8c58f8c23..5df3cf6e6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Cordoba and b/msys2/usr/share/zoneinfo/America/Argentina/Cordoba differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Jujuy b/msys2/usr/share/zoneinfo/America/Argentina/Jujuy
index a74ba0462..7d2ba91c6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Jujuy and b/msys2/usr/share/zoneinfo/America/Argentina/Jujuy differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/La_Rioja b/msys2/usr/share/zoneinfo/America/Argentina/La_Rioja
index cb184d6a8..7654aebf0 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/La_Rioja and b/msys2/usr/share/zoneinfo/America/Argentina/La_Rioja differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Mendoza b/msys2/usr/share/zoneinfo/America/Argentina/Mendoza
index 5e8c44c89..103235643 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Mendoza and b/msys2/usr/share/zoneinfo/America/Argentina/Mendoza differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Rio_Gallegos b/msys2/usr/share/zoneinfo/America/Argentina/Rio_Gallegos
index 966a529ba..3c849fce2 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Rio_Gallegos and b/msys2/usr/share/zoneinfo/America/Argentina/Rio_Gallegos differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Salta b/msys2/usr/share/zoneinfo/America/Argentina/Salta
index b19aa222f..a4b71c1ff 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Salta and b/msys2/usr/share/zoneinfo/America/Argentina/Salta differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/San_Juan b/msys2/usr/share/zoneinfo/America/Argentina/San_Juan
index 9e5ade610..948a39010 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/San_Juan and b/msys2/usr/share/zoneinfo/America/Argentina/San_Juan differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/San_Luis b/msys2/usr/share/zoneinfo/America/Argentina/San_Luis
index af8aa9986..acfbbe434 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/San_Luis and b/msys2/usr/share/zoneinfo/America/Argentina/San_Luis differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Tucuman b/msys2/usr/share/zoneinfo/America/Argentina/Tucuman
index bbb03a0c7..085fc9cc9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Tucuman and b/msys2/usr/share/zoneinfo/America/Argentina/Tucuman differ
diff --git a/msys2/usr/share/zoneinfo/America/Argentina/Ushuaia b/msys2/usr/share/zoneinfo/America/Argentina/Ushuaia
index 07e4e9f0b..1fc325677 100644
Binary files a/msys2/usr/share/zoneinfo/America/Argentina/Ushuaia and b/msys2/usr/share/zoneinfo/America/Argentina/Ushuaia differ
diff --git a/msys2/usr/share/zoneinfo/America/Aruba b/msys2/usr/share/zoneinfo/America/Aruba
index d308336be..d3b318d2d 100644
Binary files a/msys2/usr/share/zoneinfo/America/Aruba and b/msys2/usr/share/zoneinfo/America/Aruba differ
diff --git a/msys2/usr/share/zoneinfo/America/Asuncion b/msys2/usr/share/zoneinfo/America/Asuncion
index 3c61ddb5a..831bf843f 100644
Binary files a/msys2/usr/share/zoneinfo/America/Asuncion and b/msys2/usr/share/zoneinfo/America/Asuncion differ
diff --git a/msys2/usr/share/zoneinfo/America/Atikokan b/msys2/usr/share/zoneinfo/America/Atikokan
index 5708b55ac..629ed4231 100644
Binary files a/msys2/usr/share/zoneinfo/America/Atikokan and b/msys2/usr/share/zoneinfo/America/Atikokan differ
diff --git a/msys2/usr/share/zoneinfo/America/Atka b/msys2/usr/share/zoneinfo/America/Atka
index 5696e0f8b..43236498f 100644
Binary files a/msys2/usr/share/zoneinfo/America/Atka and b/msys2/usr/share/zoneinfo/America/Atka differ
diff --git a/msys2/usr/share/zoneinfo/America/Bahia b/msys2/usr/share/zoneinfo/America/Bahia
index 6008a5749..143eafc2c 100644
Binary files a/msys2/usr/share/zoneinfo/America/Bahia and b/msys2/usr/share/zoneinfo/America/Bahia differ
diff --git a/msys2/usr/share/zoneinfo/America/Bahia_Banderas b/msys2/usr/share/zoneinfo/America/Bahia_Banderas
index 21e2b719f..cd531078d 100644
Binary files a/msys2/usr/share/zoneinfo/America/Bahia_Banderas and b/msys2/usr/share/zoneinfo/America/Bahia_Banderas differ
diff --git a/msys2/usr/share/zoneinfo/America/Barbados b/msys2/usr/share/zoneinfo/America/Barbados
index 633993601..7bb7ac4d6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Barbados and b/msys2/usr/share/zoneinfo/America/Barbados differ
diff --git a/msys2/usr/share/zoneinfo/America/Belem b/msys2/usr/share/zoneinfo/America/Belem
index b8e13b02f..ab3c8a67f 100644
Binary files a/msys2/usr/share/zoneinfo/America/Belem and b/msys2/usr/share/zoneinfo/America/Belem differ
diff --git a/msys2/usr/share/zoneinfo/America/Belize b/msys2/usr/share/zoneinfo/America/Belize
index 7dcc4fc5b..fd6932140 100644
Binary files a/msys2/usr/share/zoneinfo/America/Belize and b/msys2/usr/share/zoneinfo/America/Belize differ
diff --git a/msys2/usr/share/zoneinfo/America/Blanc-Sablon b/msys2/usr/share/zoneinfo/America/Blanc-Sablon
index abcde7d98..f9f13a167 100644
Binary files a/msys2/usr/share/zoneinfo/America/Blanc-Sablon and b/msys2/usr/share/zoneinfo/America/Blanc-Sablon differ
diff --git a/msys2/usr/share/zoneinfo/America/Boa_Vista b/msys2/usr/share/zoneinfo/America/Boa_Vista
index f7769048c..69e17a00e 100644
Binary files a/msys2/usr/share/zoneinfo/America/Boa_Vista and b/msys2/usr/share/zoneinfo/America/Boa_Vista differ
diff --git a/msys2/usr/share/zoneinfo/America/Bogota b/msys2/usr/share/zoneinfo/America/Bogota
index d8934466b..b7ded8e64 100644
Binary files a/msys2/usr/share/zoneinfo/America/Bogota and b/msys2/usr/share/zoneinfo/America/Bogota differ
diff --git a/msys2/usr/share/zoneinfo/America/Boise b/msys2/usr/share/zoneinfo/America/Boise
index ada6d64b1..f8d54e274 100644
Binary files a/msys2/usr/share/zoneinfo/America/Boise and b/msys2/usr/share/zoneinfo/America/Boise differ
diff --git a/msys2/usr/share/zoneinfo/America/Buenos_Aires b/msys2/usr/share/zoneinfo/America/Buenos_Aires
index e4866ce17..dfebfb99a 100644
Binary files a/msys2/usr/share/zoneinfo/America/Buenos_Aires and b/msys2/usr/share/zoneinfo/America/Buenos_Aires differ
diff --git a/msys2/usr/share/zoneinfo/America/Cambridge_Bay b/msys2/usr/share/zoneinfo/America/Cambridge_Bay
index d322f01ed..f8db4b6eb 100644
Binary files a/msys2/usr/share/zoneinfo/America/Cambridge_Bay and b/msys2/usr/share/zoneinfo/America/Cambridge_Bay differ
diff --git a/msys2/usr/share/zoneinfo/America/Campo_Grande b/msys2/usr/share/zoneinfo/America/Campo_Grande
index de52bb681..495ef4568 100644
Binary files a/msys2/usr/share/zoneinfo/America/Campo_Grande and b/msys2/usr/share/zoneinfo/America/Campo_Grande differ
diff --git a/msys2/usr/share/zoneinfo/America/Cancun b/msys2/usr/share/zoneinfo/America/Cancun
index 7e69f73de..de6930cd8 100644
Binary files a/msys2/usr/share/zoneinfo/America/Cancun and b/msys2/usr/share/zoneinfo/America/Cancun differ
diff --git a/msys2/usr/share/zoneinfo/America/Caracas b/msys2/usr/share/zoneinfo/America/Caracas
index c8cab1af2..9abd028f9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Caracas and b/msys2/usr/share/zoneinfo/America/Caracas differ
diff --git a/msys2/usr/share/zoneinfo/America/Catamarca b/msys2/usr/share/zoneinfo/America/Catamarca
index 9fe9ad647..b798105e0 100644
Binary files a/msys2/usr/share/zoneinfo/America/Catamarca and b/msys2/usr/share/zoneinfo/America/Catamarca differ
diff --git a/msys2/usr/share/zoneinfo/America/Cayenne b/msys2/usr/share/zoneinfo/America/Cayenne
index 6db640981..ff5965782 100644
Binary files a/msys2/usr/share/zoneinfo/America/Cayenne and b/msys2/usr/share/zoneinfo/America/Cayenne differ
diff --git a/msys2/usr/share/zoneinfo/America/Cayman b/msys2/usr/share/zoneinfo/America/Cayman
index 5c1c06372..55b083463 100644
Binary files a/msys2/usr/share/zoneinfo/America/Cayman and b/msys2/usr/share/zoneinfo/America/Cayman differ
diff --git a/msys2/usr/share/zoneinfo/America/Chicago b/msys2/usr/share/zoneinfo/America/Chicago
index 3dd8f0fa8..a5b1617c7 100644
Binary files a/msys2/usr/share/zoneinfo/America/Chicago and b/msys2/usr/share/zoneinfo/America/Chicago differ
diff --git a/msys2/usr/share/zoneinfo/America/Chihuahua b/msys2/usr/share/zoneinfo/America/Chihuahua
index e3adbdbfb..b2687241c 100644
Binary files a/msys2/usr/share/zoneinfo/America/Chihuahua and b/msys2/usr/share/zoneinfo/America/Chihuahua differ
diff --git a/msys2/usr/share/zoneinfo/America/Coral_Harbour b/msys2/usr/share/zoneinfo/America/Coral_Harbour
index 5708b55ac..629ed4231 100644
Binary files a/msys2/usr/share/zoneinfo/America/Coral_Harbour and b/msys2/usr/share/zoneinfo/America/Coral_Harbour differ
diff --git a/msys2/usr/share/zoneinfo/America/Cordoba b/msys2/usr/share/zoneinfo/America/Cordoba
index 8c58f8c23..5df3cf6e6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Cordoba and b/msys2/usr/share/zoneinfo/America/Cordoba differ
diff --git a/msys2/usr/share/zoneinfo/America/Costa_Rica b/msys2/usr/share/zoneinfo/America/Costa_Rica
index c247133e3..525a67ea7 100644
Binary files a/msys2/usr/share/zoneinfo/America/Costa_Rica and b/msys2/usr/share/zoneinfo/America/Costa_Rica differ
diff --git a/msys2/usr/share/zoneinfo/America/Creston b/msys2/usr/share/zoneinfo/America/Creston
index 798f627a8..0fba74173 100644
Binary files a/msys2/usr/share/zoneinfo/America/Creston and b/msys2/usr/share/zoneinfo/America/Creston differ
diff --git a/msys2/usr/share/zoneinfo/America/Cuiaba b/msys2/usr/share/zoneinfo/America/Cuiaba
index 145c89e0f..8a4ee7d08 100644
Binary files a/msys2/usr/share/zoneinfo/America/Cuiaba and b/msys2/usr/share/zoneinfo/America/Cuiaba differ
diff --git a/msys2/usr/share/zoneinfo/America/Curacao b/msys2/usr/share/zoneinfo/America/Curacao
index d308336be..d3b318d2d 100644
Binary files a/msys2/usr/share/zoneinfo/America/Curacao and b/msys2/usr/share/zoneinfo/America/Curacao differ
diff --git a/msys2/usr/share/zoneinfo/America/Danmarkshavn b/msys2/usr/share/zoneinfo/America/Danmarkshavn
index ad68c722f..9549adcb6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Danmarkshavn and b/msys2/usr/share/zoneinfo/America/Danmarkshavn differ
diff --git a/msys2/usr/share/zoneinfo/America/Dawson b/msys2/usr/share/zoneinfo/America/Dawson
index 61c96889b..db9ceadd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Dawson and b/msys2/usr/share/zoneinfo/America/Dawson differ
diff --git a/msys2/usr/share/zoneinfo/America/Dawson_Creek b/msys2/usr/share/zoneinfo/America/Dawson_Creek
index 78f907630..db9e33965 100644
Binary files a/msys2/usr/share/zoneinfo/America/Dawson_Creek and b/msys2/usr/share/zoneinfo/America/Dawson_Creek differ
diff --git a/msys2/usr/share/zoneinfo/America/Denver b/msys2/usr/share/zoneinfo/America/Denver
index 7fc669171..5fbe26b1d 100644
Binary files a/msys2/usr/share/zoneinfo/America/Denver and b/msys2/usr/share/zoneinfo/America/Denver differ
diff --git a/msys2/usr/share/zoneinfo/America/Detroit b/msys2/usr/share/zoneinfo/America/Detroit
index e3ea5c3ef..5e0226057 100644
Binary files a/msys2/usr/share/zoneinfo/America/Detroit and b/msys2/usr/share/zoneinfo/America/Detroit differ
diff --git a/msys2/usr/share/zoneinfo/America/Dominica b/msys2/usr/share/zoneinfo/America/Dominica
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Dominica and b/msys2/usr/share/zoneinfo/America/Dominica differ
diff --git a/msys2/usr/share/zoneinfo/America/Edmonton b/msys2/usr/share/zoneinfo/America/Edmonton
index d02fbcd47..3fa057989 100644
Binary files a/msys2/usr/share/zoneinfo/America/Edmonton and b/msys2/usr/share/zoneinfo/America/Edmonton differ
diff --git a/msys2/usr/share/zoneinfo/America/Eirunepe b/msys2/usr/share/zoneinfo/America/Eirunepe
index 41047f290..99b7d06ea 100644
Binary files a/msys2/usr/share/zoneinfo/America/Eirunepe and b/msys2/usr/share/zoneinfo/America/Eirunepe differ
diff --git a/msys2/usr/share/zoneinfo/America/El_Salvador b/msys2/usr/share/zoneinfo/America/El_Salvador
index 9b8bc7a87..ac774e83f 100644
Binary files a/msys2/usr/share/zoneinfo/America/El_Salvador and b/msys2/usr/share/zoneinfo/America/El_Salvador differ
diff --git a/msys2/usr/share/zoneinfo/America/Ensenada b/msys2/usr/share/zoneinfo/America/Ensenada
index 29c83e71f..ada6bf78b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Ensenada and b/msys2/usr/share/zoneinfo/America/Ensenada differ
diff --git a/msys2/usr/share/zoneinfo/America/Fort_Nelson b/msys2/usr/share/zoneinfo/America/Fort_Nelson
index 5923cc688..5a0b7f1ca 100644
Binary files a/msys2/usr/share/zoneinfo/America/Fort_Nelson and b/msys2/usr/share/zoneinfo/America/Fort_Nelson differ
diff --git a/msys2/usr/share/zoneinfo/America/Fort_Wayne b/msys2/usr/share/zoneinfo/America/Fort_Wayne
index 4a92c0659..09511ccdc 100644
Binary files a/msys2/usr/share/zoneinfo/America/Fort_Wayne and b/msys2/usr/share/zoneinfo/America/Fort_Wayne differ
diff --git a/msys2/usr/share/zoneinfo/America/Fortaleza b/msys2/usr/share/zoneinfo/America/Fortaleza
index 22396bb51..e637170a6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Fortaleza and b/msys2/usr/share/zoneinfo/America/Fortaleza differ
diff --git a/msys2/usr/share/zoneinfo/America/Glace_Bay b/msys2/usr/share/zoneinfo/America/Glace_Bay
index f58522b67..48412a4cb 100644
Binary files a/msys2/usr/share/zoneinfo/America/Glace_Bay and b/msys2/usr/share/zoneinfo/America/Glace_Bay differ
diff --git a/msys2/usr/share/zoneinfo/America/Godthab b/msys2/usr/share/zoneinfo/America/Godthab
index ea293cc40..0160308bf 100644
Binary files a/msys2/usr/share/zoneinfo/America/Godthab and b/msys2/usr/share/zoneinfo/America/Godthab differ
diff --git a/msys2/usr/share/zoneinfo/America/Goose_Bay b/msys2/usr/share/zoneinfo/America/Goose_Bay
index b4b945e8d..a3f299079 100644
Binary files a/msys2/usr/share/zoneinfo/America/Goose_Bay and b/msys2/usr/share/zoneinfo/America/Goose_Bay differ
diff --git a/msys2/usr/share/zoneinfo/America/Grand_Turk b/msys2/usr/share/zoneinfo/America/Grand_Turk
index a9740dae6..4597a621d 100644
Binary files a/msys2/usr/share/zoneinfo/America/Grand_Turk and b/msys2/usr/share/zoneinfo/America/Grand_Turk differ
diff --git a/msys2/usr/share/zoneinfo/America/Grenada b/msys2/usr/share/zoneinfo/America/Grenada
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Grenada and b/msys2/usr/share/zoneinfo/America/Grenada differ
diff --git a/msys2/usr/share/zoneinfo/America/Guadeloupe b/msys2/usr/share/zoneinfo/America/Guadeloupe
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Guadeloupe and b/msys2/usr/share/zoneinfo/America/Guadeloupe differ
diff --git a/msys2/usr/share/zoneinfo/America/Guatemala b/msys2/usr/share/zoneinfo/America/Guatemala
index abf943be0..6118b5ce2 100644
Binary files a/msys2/usr/share/zoneinfo/America/Guatemala and b/msys2/usr/share/zoneinfo/America/Guatemala differ
diff --git a/msys2/usr/share/zoneinfo/America/Guayaquil b/msys2/usr/share/zoneinfo/America/Guayaquil
index 92de38bed..bf087a0eb 100644
Binary files a/msys2/usr/share/zoneinfo/America/Guayaquil and b/msys2/usr/share/zoneinfo/America/Guayaquil differ
diff --git a/msys2/usr/share/zoneinfo/America/Guyana b/msys2/usr/share/zoneinfo/America/Guyana
index 7d2987677..d1dd2fafc 100644
Binary files a/msys2/usr/share/zoneinfo/America/Guyana and b/msys2/usr/share/zoneinfo/America/Guyana differ
diff --git a/msys2/usr/share/zoneinfo/America/Halifax b/msys2/usr/share/zoneinfo/America/Halifax
index f86ece4c4..756099abe 100644
Binary files a/msys2/usr/share/zoneinfo/America/Halifax and b/msys2/usr/share/zoneinfo/America/Halifax differ
diff --git a/msys2/usr/share/zoneinfo/America/Havana b/msys2/usr/share/zoneinfo/America/Havana
index 1a58fcdc9..8186060a4 100644
Binary files a/msys2/usr/share/zoneinfo/America/Havana and b/msys2/usr/share/zoneinfo/America/Havana differ
diff --git a/msys2/usr/share/zoneinfo/America/Hermosillo b/msys2/usr/share/zoneinfo/America/Hermosillo
index ec435c23b..26c269d96 100644
Binary files a/msys2/usr/share/zoneinfo/America/Hermosillo and b/msys2/usr/share/zoneinfo/America/Hermosillo differ
diff --git a/msys2/usr/share/zoneinfo/America/Indiana/Indianapolis b/msys2/usr/share/zoneinfo/America/Indiana/Indianapolis
index 4a92c0659..09511ccdc 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indiana/Indianapolis and b/msys2/usr/share/zoneinfo/America/Indiana/Indianapolis differ
diff --git a/msys2/usr/share/zoneinfo/America/Indiana/Knox b/msys2/usr/share/zoneinfo/America/Indiana/Knox
index cc785da97..fcd408d74 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indiana/Knox and b/msys2/usr/share/zoneinfo/America/Indiana/Knox differ
diff --git a/msys2/usr/share/zoneinfo/America/Indiana/Marengo b/msys2/usr/share/zoneinfo/America/Indiana/Marengo
index a23d7b759..1abf75e7e 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indiana/Marengo and b/msys2/usr/share/zoneinfo/America/Indiana/Marengo differ
diff --git a/msys2/usr/share/zoneinfo/America/Indiana/Petersburg b/msys2/usr/share/zoneinfo/America/Indiana/Petersburg
index f16cb3040..0133548ec 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indiana/Petersburg and b/msys2/usr/share/zoneinfo/America/Indiana/Petersburg differ
diff --git a/msys2/usr/share/zoneinfo/America/Indiana/Tell_City b/msys2/usr/share/zoneinfo/America/Indiana/Tell_City
index 0250bf90f..4ce95c152 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indiana/Tell_City and b/msys2/usr/share/zoneinfo/America/Indiana/Tell_City differ
diff --git a/msys2/usr/share/zoneinfo/America/Indiana/Vevay b/msys2/usr/share/zoneinfo/America/Indiana/Vevay
index e934de61a..d236b7c07 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indiana/Vevay and b/msys2/usr/share/zoneinfo/America/Indiana/Vevay differ
diff --git a/msys2/usr/share/zoneinfo/America/Indiana/Vincennes b/msys2/usr/share/zoneinfo/America/Indiana/Vincennes
index adbdbeee6..c818929d1 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indiana/Vincennes and b/msys2/usr/share/zoneinfo/America/Indiana/Vincennes differ
diff --git a/msys2/usr/share/zoneinfo/America/Indiana/Winamac b/msys2/usr/share/zoneinfo/America/Indiana/Winamac
index b34f7b27e..630935c1e 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indiana/Winamac and b/msys2/usr/share/zoneinfo/America/Indiana/Winamac differ
diff --git a/msys2/usr/share/zoneinfo/America/Indianapolis b/msys2/usr/share/zoneinfo/America/Indianapolis
index 4a92c0659..09511ccdc 100644
Binary files a/msys2/usr/share/zoneinfo/America/Indianapolis and b/msys2/usr/share/zoneinfo/America/Indianapolis differ
diff --git a/msys2/usr/share/zoneinfo/America/Inuvik b/msys2/usr/share/zoneinfo/America/Inuvik
index 1388e8a4d..e107dc44c 100644
Binary files a/msys2/usr/share/zoneinfo/America/Inuvik and b/msys2/usr/share/zoneinfo/America/Inuvik differ
diff --git a/msys2/usr/share/zoneinfo/America/Iqaluit b/msys2/usr/share/zoneinfo/America/Iqaluit
index 0785ac576..c8138bdbb 100644
Binary files a/msys2/usr/share/zoneinfo/America/Iqaluit and b/msys2/usr/share/zoneinfo/America/Iqaluit differ
diff --git a/msys2/usr/share/zoneinfo/America/Jamaica b/msys2/usr/share/zoneinfo/America/Jamaica
index 006689bc8..162306f88 100644
Binary files a/msys2/usr/share/zoneinfo/America/Jamaica and b/msys2/usr/share/zoneinfo/America/Jamaica differ
diff --git a/msys2/usr/share/zoneinfo/America/Jujuy b/msys2/usr/share/zoneinfo/America/Jujuy
index a74ba0462..7d2ba91c6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Jujuy and b/msys2/usr/share/zoneinfo/America/Jujuy differ
diff --git a/msys2/usr/share/zoneinfo/America/Juneau b/msys2/usr/share/zoneinfo/America/Juneau
index d00668ad1..451f34900 100644
Binary files a/msys2/usr/share/zoneinfo/America/Juneau and b/msys2/usr/share/zoneinfo/America/Juneau differ
diff --git a/msys2/usr/share/zoneinfo/America/Kentucky/Louisville b/msys2/usr/share/zoneinfo/America/Kentucky/Louisville
index fdf2e88b4..f4c4cf966 100644
Binary files a/msys2/usr/share/zoneinfo/America/Kentucky/Louisville and b/msys2/usr/share/zoneinfo/America/Kentucky/Louisville differ
diff --git a/msys2/usr/share/zoneinfo/America/Kentucky/Monticello b/msys2/usr/share/zoneinfo/America/Kentucky/Monticello
index 60991aa38..438e3eab4 100644
Binary files a/msys2/usr/share/zoneinfo/America/Kentucky/Monticello and b/msys2/usr/share/zoneinfo/America/Kentucky/Monticello differ
diff --git a/msys2/usr/share/zoneinfo/America/Knox_IN b/msys2/usr/share/zoneinfo/America/Knox_IN
index cc785da97..fcd408d74 100644
Binary files a/msys2/usr/share/zoneinfo/America/Knox_IN and b/msys2/usr/share/zoneinfo/America/Knox_IN differ
diff --git a/msys2/usr/share/zoneinfo/America/Kralendijk b/msys2/usr/share/zoneinfo/America/Kralendijk
index d308336be..d3b318d2d 100644
Binary files a/msys2/usr/share/zoneinfo/America/Kralendijk and b/msys2/usr/share/zoneinfo/America/Kralendijk differ
diff --git a/msys2/usr/share/zoneinfo/America/La_Paz b/msys2/usr/share/zoneinfo/America/La_Paz
index bc3df5235..5e5fec56f 100644
Binary files a/msys2/usr/share/zoneinfo/America/La_Paz and b/msys2/usr/share/zoneinfo/America/La_Paz differ
diff --git a/msys2/usr/share/zoneinfo/America/Lima b/msys2/usr/share/zoneinfo/America/Lima
index 44280a5c1..d9fec3716 100644
Binary files a/msys2/usr/share/zoneinfo/America/Lima and b/msys2/usr/share/zoneinfo/America/Lima differ
diff --git a/msys2/usr/share/zoneinfo/America/Los_Angeles b/msys2/usr/share/zoneinfo/America/Los_Angeles
index c0ce4402f..9dad4f4c7 100644
Binary files a/msys2/usr/share/zoneinfo/America/Los_Angeles and b/msys2/usr/share/zoneinfo/America/Los_Angeles differ
diff --git a/msys2/usr/share/zoneinfo/America/Louisville b/msys2/usr/share/zoneinfo/America/Louisville
index fdf2e88b4..f4c4cf966 100644
Binary files a/msys2/usr/share/zoneinfo/America/Louisville and b/msys2/usr/share/zoneinfo/America/Louisville differ
diff --git a/msys2/usr/share/zoneinfo/America/Lower_Princes b/msys2/usr/share/zoneinfo/America/Lower_Princes
index d308336be..d3b318d2d 100644
Binary files a/msys2/usr/share/zoneinfo/America/Lower_Princes and b/msys2/usr/share/zoneinfo/America/Lower_Princes differ
diff --git a/msys2/usr/share/zoneinfo/America/Maceio b/msys2/usr/share/zoneinfo/America/Maceio
index 54442dc73..fec8a8bf1 100644
Binary files a/msys2/usr/share/zoneinfo/America/Maceio and b/msys2/usr/share/zoneinfo/America/Maceio differ
diff --git a/msys2/usr/share/zoneinfo/America/Managua b/msys2/usr/share/zoneinfo/America/Managua
index c543ffd47..69256c635 100644
Binary files a/msys2/usr/share/zoneinfo/America/Managua and b/msys2/usr/share/zoneinfo/America/Managua differ
diff --git a/msys2/usr/share/zoneinfo/America/Manaus b/msys2/usr/share/zoneinfo/America/Manaus
index 855cb02c4..b10241e68 100644
Binary files a/msys2/usr/share/zoneinfo/America/Manaus and b/msys2/usr/share/zoneinfo/America/Manaus differ
diff --git a/msys2/usr/share/zoneinfo/America/Marigot b/msys2/usr/share/zoneinfo/America/Marigot
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Marigot and b/msys2/usr/share/zoneinfo/America/Marigot differ
diff --git a/msys2/usr/share/zoneinfo/America/Martinique b/msys2/usr/share/zoneinfo/America/Martinique
index f9e2399c9..79716de53 100644
Binary files a/msys2/usr/share/zoneinfo/America/Martinique and b/msys2/usr/share/zoneinfo/America/Martinique differ
diff --git a/msys2/usr/share/zoneinfo/America/Matamoros b/msys2/usr/share/zoneinfo/America/Matamoros
index 5671d2581..5c59984de 100644
Binary files a/msys2/usr/share/zoneinfo/America/Matamoros and b/msys2/usr/share/zoneinfo/America/Matamoros differ
diff --git a/msys2/usr/share/zoneinfo/America/Mazatlan b/msys2/usr/share/zoneinfo/America/Mazatlan
index afa94c2ac..43ee12d84 100644
Binary files a/msys2/usr/share/zoneinfo/America/Mazatlan and b/msys2/usr/share/zoneinfo/America/Mazatlan differ
diff --git a/msys2/usr/share/zoneinfo/America/Mendoza b/msys2/usr/share/zoneinfo/America/Mendoza
index 5e8c44c89..103235643 100644
Binary files a/msys2/usr/share/zoneinfo/America/Mendoza and b/msys2/usr/share/zoneinfo/America/Mendoza differ
diff --git a/msys2/usr/share/zoneinfo/America/Menominee b/msys2/usr/share/zoneinfo/America/Menominee
index 55d6e3266..314613866 100644
Binary files a/msys2/usr/share/zoneinfo/America/Menominee and b/msys2/usr/share/zoneinfo/America/Menominee differ
diff --git a/msys2/usr/share/zoneinfo/America/Merida b/msys2/usr/share/zoneinfo/America/Merida
index ecc1856e1..b46298e1f 100644
Binary files a/msys2/usr/share/zoneinfo/America/Merida and b/msys2/usr/share/zoneinfo/America/Merida differ
diff --git a/msys2/usr/share/zoneinfo/America/Metlakatla b/msys2/usr/share/zoneinfo/America/Metlakatla
index c03359704..1e94be3d5 100644
Binary files a/msys2/usr/share/zoneinfo/America/Metlakatla and b/msys2/usr/share/zoneinfo/America/Metlakatla differ
diff --git a/msys2/usr/share/zoneinfo/America/Mexico_City b/msys2/usr/share/zoneinfo/America/Mexico_City
index f11e3d2d6..1434ab088 100644
Binary files a/msys2/usr/share/zoneinfo/America/Mexico_City and b/msys2/usr/share/zoneinfo/America/Mexico_City differ
diff --git a/msys2/usr/share/zoneinfo/America/Miquelon b/msys2/usr/share/zoneinfo/America/Miquelon
index 75bbcf2bc..06ceaadff 100644
Binary files a/msys2/usr/share/zoneinfo/America/Miquelon and b/msys2/usr/share/zoneinfo/America/Miquelon differ
diff --git a/msys2/usr/share/zoneinfo/America/Moncton b/msys2/usr/share/zoneinfo/America/Moncton
index 51cb1ba3d..9df8d0f2e 100644
Binary files a/msys2/usr/share/zoneinfo/America/Moncton and b/msys2/usr/share/zoneinfo/America/Moncton differ
diff --git a/msys2/usr/share/zoneinfo/America/Monterrey b/msys2/usr/share/zoneinfo/America/Monterrey
index dcac92bad..7dc505777 100644
Binary files a/msys2/usr/share/zoneinfo/America/Monterrey and b/msys2/usr/share/zoneinfo/America/Monterrey differ
diff --git a/msys2/usr/share/zoneinfo/America/Montevideo b/msys2/usr/share/zoneinfo/America/Montevideo
index 9c6abeb93..0d1e565c0 100644
Binary files a/msys2/usr/share/zoneinfo/America/Montevideo and b/msys2/usr/share/zoneinfo/America/Montevideo differ
diff --git a/msys2/usr/share/zoneinfo/America/Montreal b/msys2/usr/share/zoneinfo/America/Montreal
index 7b4682a39..6752c5b05 100644
Binary files a/msys2/usr/share/zoneinfo/America/Montreal and b/msys2/usr/share/zoneinfo/America/Montreal differ
diff --git a/msys2/usr/share/zoneinfo/America/Montserrat b/msys2/usr/share/zoneinfo/America/Montserrat
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Montserrat and b/msys2/usr/share/zoneinfo/America/Montserrat differ
diff --git a/msys2/usr/share/zoneinfo/America/Nassau b/msys2/usr/share/zoneinfo/America/Nassau
index e5d0289b5..5091eb5d8 100644
Binary files a/msys2/usr/share/zoneinfo/America/Nassau and b/msys2/usr/share/zoneinfo/America/Nassau differ
diff --git a/msys2/usr/share/zoneinfo/America/New_York b/msys2/usr/share/zoneinfo/America/New_York
index 7553fee37..2f75480e0 100644
Binary files a/msys2/usr/share/zoneinfo/America/New_York and b/msys2/usr/share/zoneinfo/America/New_York differ
diff --git a/msys2/usr/share/zoneinfo/America/Nipigon b/msys2/usr/share/zoneinfo/America/Nipigon
index f8a0292b2..f6a856e69 100644
Binary files a/msys2/usr/share/zoneinfo/America/Nipigon and b/msys2/usr/share/zoneinfo/America/Nipigon differ
diff --git a/msys2/usr/share/zoneinfo/America/Nome b/msys2/usr/share/zoneinfo/America/Nome
index c886c9bc0..10998df3b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Nome and b/msys2/usr/share/zoneinfo/America/Nome differ
diff --git a/msys2/usr/share/zoneinfo/America/Noronha b/msys2/usr/share/zoneinfo/America/Noronha
index 6d91f9145..95ff8a257 100644
Binary files a/msys2/usr/share/zoneinfo/America/Noronha and b/msys2/usr/share/zoneinfo/America/Noronha differ
diff --git a/msys2/usr/share/zoneinfo/America/North_Dakota/Beulah b/msys2/usr/share/zoneinfo/America/North_Dakota/Beulah
index 8174c8828..246345dde 100644
Binary files a/msys2/usr/share/zoneinfo/America/North_Dakota/Beulah and b/msys2/usr/share/zoneinfo/America/North_Dakota/Beulah differ
diff --git a/msys2/usr/share/zoneinfo/America/North_Dakota/Center b/msys2/usr/share/zoneinfo/America/North_Dakota/Center
index 8035b24fa..1fa070377 100644
Binary files a/msys2/usr/share/zoneinfo/America/North_Dakota/Center and b/msys2/usr/share/zoneinfo/America/North_Dakota/Center differ
diff --git a/msys2/usr/share/zoneinfo/America/North_Dakota/New_Salem b/msys2/usr/share/zoneinfo/America/North_Dakota/New_Salem
index 5b630ee66..123f2aeec 100644
Binary files a/msys2/usr/share/zoneinfo/America/North_Dakota/New_Salem and b/msys2/usr/share/zoneinfo/America/North_Dakota/New_Salem differ
diff --git a/msys2/usr/share/zoneinfo/America/Ojinaga b/msys2/usr/share/zoneinfo/America/Ojinaga
index 190c5c86d..37d78301b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Ojinaga and b/msys2/usr/share/zoneinfo/America/Ojinaga differ
diff --git a/msys2/usr/share/zoneinfo/America/Panama b/msys2/usr/share/zoneinfo/America/Panama
index 5c1c06372..55b083463 100644
Binary files a/msys2/usr/share/zoneinfo/America/Panama and b/msys2/usr/share/zoneinfo/America/Panama differ
diff --git a/msys2/usr/share/zoneinfo/America/Pangnirtung b/msys2/usr/share/zoneinfo/America/Pangnirtung
index df78b6268..3e4e0db6a 100644
Binary files a/msys2/usr/share/zoneinfo/America/Pangnirtung and b/msys2/usr/share/zoneinfo/America/Pangnirtung differ
diff --git a/msys2/usr/share/zoneinfo/America/Paramaribo b/msys2/usr/share/zoneinfo/America/Paramaribo
index 1b608b3e5..b95c78423 100644
Binary files a/msys2/usr/share/zoneinfo/America/Paramaribo and b/msys2/usr/share/zoneinfo/America/Paramaribo differ
diff --git a/msys2/usr/share/zoneinfo/America/Phoenix b/msys2/usr/share/zoneinfo/America/Phoenix
index adf28236a..4d51271a1 100644
Binary files a/msys2/usr/share/zoneinfo/America/Phoenix and b/msys2/usr/share/zoneinfo/America/Phoenix differ
diff --git a/msys2/usr/share/zoneinfo/America/Port-au-Prince b/msys2/usr/share/zoneinfo/America/Port-au-Prince
index 7306caeff..d9590103b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Port-au-Prince and b/msys2/usr/share/zoneinfo/America/Port-au-Prince differ
diff --git a/msys2/usr/share/zoneinfo/America/Port_of_Spain b/msys2/usr/share/zoneinfo/America/Port_of_Spain
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Port_of_Spain and b/msys2/usr/share/zoneinfo/America/Port_of_Spain differ
diff --git a/msys2/usr/share/zoneinfo/America/Porto_Acre b/msys2/usr/share/zoneinfo/America/Porto_Acre
index b612ac235..16b7f923b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Porto_Acre and b/msys2/usr/share/zoneinfo/America/Porto_Acre differ
diff --git a/msys2/usr/share/zoneinfo/America/Porto_Velho b/msys2/usr/share/zoneinfo/America/Porto_Velho
index 2423fc19a..10cb02b8b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Porto_Velho and b/msys2/usr/share/zoneinfo/America/Porto_Velho differ
diff --git a/msys2/usr/share/zoneinfo/America/Puerto_Rico b/msys2/usr/share/zoneinfo/America/Puerto_Rico
index d4525a68a..a662a5713 100644
Binary files a/msys2/usr/share/zoneinfo/America/Puerto_Rico and b/msys2/usr/share/zoneinfo/America/Puerto_Rico differ
diff --git a/msys2/usr/share/zoneinfo/America/Punta_Arenas b/msys2/usr/share/zoneinfo/America/Punta_Arenas
index 4d84eed4e..a5a8af52c 100644
Binary files a/msys2/usr/share/zoneinfo/America/Punta_Arenas and b/msys2/usr/share/zoneinfo/America/Punta_Arenas differ
diff --git a/msys2/usr/share/zoneinfo/America/Rainy_River b/msys2/usr/share/zoneinfo/America/Rainy_River
index 70dcd2d80..ea6609915 100644
Binary files a/msys2/usr/share/zoneinfo/America/Rainy_River and b/msys2/usr/share/zoneinfo/America/Rainy_River differ
diff --git a/msys2/usr/share/zoneinfo/America/Rankin_Inlet b/msys2/usr/share/zoneinfo/America/Rankin_Inlet
index 9f50f36ef..61ff6fcb7 100644
Binary files a/msys2/usr/share/zoneinfo/America/Rankin_Inlet and b/msys2/usr/share/zoneinfo/America/Rankin_Inlet differ
diff --git a/msys2/usr/share/zoneinfo/America/Recife b/msys2/usr/share/zoneinfo/America/Recife
index fe55739dd..c6d99b3ac 100644
Binary files a/msys2/usr/share/zoneinfo/America/Recife and b/msys2/usr/share/zoneinfo/America/Recife differ
diff --git a/msys2/usr/share/zoneinfo/America/Regina b/msys2/usr/share/zoneinfo/America/Regina
index 5fe8d6b61..20c9c84df 100644
Binary files a/msys2/usr/share/zoneinfo/America/Regina and b/msys2/usr/share/zoneinfo/America/Regina differ
diff --git a/msys2/usr/share/zoneinfo/America/Resolute b/msys2/usr/share/zoneinfo/America/Resolute
index 884b1f647..4365a5c81 100644
Binary files a/msys2/usr/share/zoneinfo/America/Resolute and b/msys2/usr/share/zoneinfo/America/Resolute differ
diff --git a/msys2/usr/share/zoneinfo/America/Rio_Branco b/msys2/usr/share/zoneinfo/America/Rio_Branco
index b612ac235..16b7f923b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Rio_Branco and b/msys2/usr/share/zoneinfo/America/Rio_Branco differ
diff --git a/msys2/usr/share/zoneinfo/America/Rosario b/msys2/usr/share/zoneinfo/America/Rosario
index 8c58f8c23..5df3cf6e6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Rosario and b/msys2/usr/share/zoneinfo/America/Rosario differ
diff --git a/msys2/usr/share/zoneinfo/America/Santa_Isabel b/msys2/usr/share/zoneinfo/America/Santa_Isabel
index 29c83e71f..ada6bf78b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Santa_Isabel and b/msys2/usr/share/zoneinfo/America/Santa_Isabel differ
diff --git a/msys2/usr/share/zoneinfo/America/Santarem b/msys2/usr/share/zoneinfo/America/Santarem
index d776a4387..8080efabf 100644
Binary files a/msys2/usr/share/zoneinfo/America/Santarem and b/msys2/usr/share/zoneinfo/America/Santarem differ
diff --git a/msys2/usr/share/zoneinfo/America/Santiago b/msys2/usr/share/zoneinfo/America/Santiago
index ab766a41b..816a04281 100644
Binary files a/msys2/usr/share/zoneinfo/America/Santiago and b/msys2/usr/share/zoneinfo/America/Santiago differ
diff --git a/msys2/usr/share/zoneinfo/America/Santo_Domingo b/msys2/usr/share/zoneinfo/America/Santo_Domingo
index cc2cbf2b1..4e5eba52b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Santo_Domingo and b/msys2/usr/share/zoneinfo/America/Santo_Domingo differ
diff --git a/msys2/usr/share/zoneinfo/America/Sao_Paulo b/msys2/usr/share/zoneinfo/America/Sao_Paulo
index 308a545ce..c417ba1da 100644
Binary files a/msys2/usr/share/zoneinfo/America/Sao_Paulo and b/msys2/usr/share/zoneinfo/America/Sao_Paulo differ
diff --git a/msys2/usr/share/zoneinfo/America/Scoresbysund b/msys2/usr/share/zoneinfo/America/Scoresbysund
index 8e1366ca3..e20e9e1c4 100644
Binary files a/msys2/usr/share/zoneinfo/America/Scoresbysund and b/msys2/usr/share/zoneinfo/America/Scoresbysund differ
diff --git a/msys2/usr/share/zoneinfo/America/Shiprock b/msys2/usr/share/zoneinfo/America/Shiprock
index 7fc669171..5fbe26b1d 100644
Binary files a/msys2/usr/share/zoneinfo/America/Shiprock and b/msys2/usr/share/zoneinfo/America/Shiprock differ
diff --git a/msys2/usr/share/zoneinfo/America/Sitka b/msys2/usr/share/zoneinfo/America/Sitka
index 662b8b67e..31f706137 100644
Binary files a/msys2/usr/share/zoneinfo/America/Sitka and b/msys2/usr/share/zoneinfo/America/Sitka differ
diff --git a/msys2/usr/share/zoneinfo/America/St_Barthelemy b/msys2/usr/share/zoneinfo/America/St_Barthelemy
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/St_Barthelemy and b/msys2/usr/share/zoneinfo/America/St_Barthelemy differ
diff --git a/msys2/usr/share/zoneinfo/America/St_Johns b/msys2/usr/share/zoneinfo/America/St_Johns
index a1d14854a..65a5b0c72 100644
Binary files a/msys2/usr/share/zoneinfo/America/St_Johns and b/msys2/usr/share/zoneinfo/America/St_Johns differ
diff --git a/msys2/usr/share/zoneinfo/America/St_Kitts b/msys2/usr/share/zoneinfo/America/St_Kitts
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/St_Kitts and b/msys2/usr/share/zoneinfo/America/St_Kitts differ
diff --git a/msys2/usr/share/zoneinfo/America/St_Lucia b/msys2/usr/share/zoneinfo/America/St_Lucia
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/St_Lucia and b/msys2/usr/share/zoneinfo/America/St_Lucia differ
diff --git a/msys2/usr/share/zoneinfo/America/St_Thomas b/msys2/usr/share/zoneinfo/America/St_Thomas
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/St_Thomas and b/msys2/usr/share/zoneinfo/America/St_Thomas differ
diff --git a/msys2/usr/share/zoneinfo/America/St_Vincent b/msys2/usr/share/zoneinfo/America/St_Vincent
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/St_Vincent and b/msys2/usr/share/zoneinfo/America/St_Vincent differ
diff --git a/msys2/usr/share/zoneinfo/America/Swift_Current b/msys2/usr/share/zoneinfo/America/Swift_Current
index 4db1300a2..8e9ef255e 100644
Binary files a/msys2/usr/share/zoneinfo/America/Swift_Current and b/msys2/usr/share/zoneinfo/America/Swift_Current differ
diff --git a/msys2/usr/share/zoneinfo/America/Tegucigalpa b/msys2/usr/share/zoneinfo/America/Tegucigalpa
index 7aea8f998..477e93950 100644
Binary files a/msys2/usr/share/zoneinfo/America/Tegucigalpa and b/msys2/usr/share/zoneinfo/America/Tegucigalpa differ
diff --git a/msys2/usr/share/zoneinfo/America/Thule b/msys2/usr/share/zoneinfo/America/Thule
index deefcc8df..2969ebe59 100644
Binary files a/msys2/usr/share/zoneinfo/America/Thule and b/msys2/usr/share/zoneinfo/America/Thule differ
diff --git a/msys2/usr/share/zoneinfo/America/Thunder_Bay b/msys2/usr/share/zoneinfo/America/Thunder_Bay
index aa1d48609..e504c9acf 100644
Binary files a/msys2/usr/share/zoneinfo/America/Thunder_Bay and b/msys2/usr/share/zoneinfo/America/Thunder_Bay differ
diff --git a/msys2/usr/share/zoneinfo/America/Tijuana b/msys2/usr/share/zoneinfo/America/Tijuana
index 29c83e71f..ada6bf78b 100644
Binary files a/msys2/usr/share/zoneinfo/America/Tijuana and b/msys2/usr/share/zoneinfo/America/Tijuana differ
diff --git a/msys2/usr/share/zoneinfo/America/Toronto b/msys2/usr/share/zoneinfo/America/Toronto
index 7b4682a39..6752c5b05 100644
Binary files a/msys2/usr/share/zoneinfo/America/Toronto and b/msys2/usr/share/zoneinfo/America/Toronto differ
diff --git a/msys2/usr/share/zoneinfo/America/Tortola b/msys2/usr/share/zoneinfo/America/Tortola
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Tortola and b/msys2/usr/share/zoneinfo/America/Tortola differ
diff --git a/msys2/usr/share/zoneinfo/America/Vancouver b/msys2/usr/share/zoneinfo/America/Vancouver
index 9b5d92417..0f9f83282 100644
Binary files a/msys2/usr/share/zoneinfo/America/Vancouver and b/msys2/usr/share/zoneinfo/America/Vancouver differ
diff --git a/msys2/usr/share/zoneinfo/America/Virgin b/msys2/usr/share/zoneinfo/America/Virgin
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/America/Virgin and b/msys2/usr/share/zoneinfo/America/Virgin differ
diff --git a/msys2/usr/share/zoneinfo/America/Whitehorse b/msys2/usr/share/zoneinfo/America/Whitehorse
index 6b62e2d3c..fb3cd71a6 100644
Binary files a/msys2/usr/share/zoneinfo/America/Whitehorse and b/msys2/usr/share/zoneinfo/America/Whitehorse differ
diff --git a/msys2/usr/share/zoneinfo/America/Winnipeg b/msys2/usr/share/zoneinfo/America/Winnipeg
index 2ffe3d8d8..3718d47da 100644
Binary files a/msys2/usr/share/zoneinfo/America/Winnipeg and b/msys2/usr/share/zoneinfo/America/Winnipeg differ
diff --git a/msys2/usr/share/zoneinfo/America/Yakutat b/msys2/usr/share/zoneinfo/America/Yakutat
index 523b0a108..da209f9f0 100644
Binary files a/msys2/usr/share/zoneinfo/America/Yakutat and b/msys2/usr/share/zoneinfo/America/Yakutat differ
diff --git a/msys2/usr/share/zoneinfo/America/Yellowknife b/msys2/usr/share/zoneinfo/America/Yellowknife
index d9d6eff70..e6afa390e 100644
Binary files a/msys2/usr/share/zoneinfo/America/Yellowknife and b/msys2/usr/share/zoneinfo/America/Yellowknife differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Casey b/msys2/usr/share/zoneinfo/Antarctica/Casey
index 676f06da4..f100f4746 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Casey and b/msys2/usr/share/zoneinfo/Antarctica/Casey differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Davis b/msys2/usr/share/zoneinfo/Antarctica/Davis
index 40a992664..916f2c259 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Davis and b/msys2/usr/share/zoneinfo/Antarctica/Davis differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/DumontDUrville b/msys2/usr/share/zoneinfo/Antarctica/DumontDUrville
index 06863534c..bd6563ec8 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/DumontDUrville and b/msys2/usr/share/zoneinfo/Antarctica/DumontDUrville differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Macquarie b/msys2/usr/share/zoneinfo/Antarctica/Macquarie
index aea2be77c..83c308add 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Macquarie and b/msys2/usr/share/zoneinfo/Antarctica/Macquarie differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Mawson b/msys2/usr/share/zoneinfo/Antarctica/Mawson
index 5197dd97b..e1f0b09b9 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Mawson and b/msys2/usr/share/zoneinfo/Antarctica/Mawson differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/McMurdo b/msys2/usr/share/zoneinfo/Antarctica/McMurdo
index a5f5b6d5e..60bcef686 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/McMurdo and b/msys2/usr/share/zoneinfo/Antarctica/McMurdo differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Palmer b/msys2/usr/share/zoneinfo/Antarctica/Palmer
index 43a01d3e6..3dd85f84f 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Palmer and b/msys2/usr/share/zoneinfo/Antarctica/Palmer differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Rothera b/msys2/usr/share/zoneinfo/Antarctica/Rothera
index 56913f8a1..7940e6efa 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Rothera and b/msys2/usr/share/zoneinfo/Antarctica/Rothera differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/South_Pole b/msys2/usr/share/zoneinfo/Antarctica/South_Pole
index a5f5b6d5e..60bcef686 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/South_Pole and b/msys2/usr/share/zoneinfo/Antarctica/South_Pole differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Syowa b/msys2/usr/share/zoneinfo/Antarctica/Syowa
index 94a9d5a28..4bb041a26 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Syowa and b/msys2/usr/share/zoneinfo/Antarctica/Syowa differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Troll b/msys2/usr/share/zoneinfo/Antarctica/Troll
index 3757faccb..5e565da2f 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Troll and b/msys2/usr/share/zoneinfo/Antarctica/Troll differ
diff --git a/msys2/usr/share/zoneinfo/Antarctica/Vostok b/msys2/usr/share/zoneinfo/Antarctica/Vostok
index 9fa335c44..5696abf51 100644
Binary files a/msys2/usr/share/zoneinfo/Antarctica/Vostok and b/msys2/usr/share/zoneinfo/Antarctica/Vostok differ
diff --git a/msys2/usr/share/zoneinfo/Arctic/Longyearbyen b/msys2/usr/share/zoneinfo/Arctic/Longyearbyen
index 239c0174d..c6842af88 100644
Binary files a/msys2/usr/share/zoneinfo/Arctic/Longyearbyen and b/msys2/usr/share/zoneinfo/Arctic/Longyearbyen differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Aden b/msys2/usr/share/zoneinfo/Asia/Aden
index e71bc4e80..b2f9a2559 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Aden and b/msys2/usr/share/zoneinfo/Asia/Aden differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Almaty b/msys2/usr/share/zoneinfo/Asia/Almaty
index 49a4b4de7..d93201cfc 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Almaty and b/msys2/usr/share/zoneinfo/Asia/Almaty differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Amman b/msys2/usr/share/zoneinfo/Asia/Amman
index c3f0994a7..281b304e2 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Amman and b/msys2/usr/share/zoneinfo/Asia/Amman differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Anadyr b/msys2/usr/share/zoneinfo/Asia/Anadyr
index 0e623cf74..6a966013d 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Anadyr and b/msys2/usr/share/zoneinfo/Asia/Anadyr differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Aqtau b/msys2/usr/share/zoneinfo/Asia/Aqtau
index 5803a3d3e..78cbcf0ef 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Aqtau and b/msys2/usr/share/zoneinfo/Asia/Aqtau differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Aqtobe b/msys2/usr/share/zoneinfo/Asia/Aqtobe
index 808a50261..7504052a7 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Aqtobe and b/msys2/usr/share/zoneinfo/Asia/Aqtobe differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Ashgabat b/msys2/usr/share/zoneinfo/Asia/Ashgabat
index 046c47282..8d9e03c13 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Ashgabat and b/msys2/usr/share/zoneinfo/Asia/Ashgabat differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Ashkhabad b/msys2/usr/share/zoneinfo/Asia/Ashkhabad
index 046c47282..8d9e03c13 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Ashkhabad and b/msys2/usr/share/zoneinfo/Asia/Ashkhabad differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Atyrau b/msys2/usr/share/zoneinfo/Asia/Atyrau
index 27072eb51..317466d14 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Atyrau and b/msys2/usr/share/zoneinfo/Asia/Atyrau differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Baghdad b/msys2/usr/share/zoneinfo/Asia/Baghdad
index 3aacd78b1..97fa6c73c 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Baghdad and b/msys2/usr/share/zoneinfo/Asia/Baghdad differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Bahrain b/msys2/usr/share/zoneinfo/Asia/Bahrain
index a0c5f6696..f5140926a 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Bahrain and b/msys2/usr/share/zoneinfo/Asia/Bahrain differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Baku b/msys2/usr/share/zoneinfo/Asia/Baku
index a17d1ad8c..8a090d77d 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Baku and b/msys2/usr/share/zoneinfo/Asia/Baku differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Bangkok b/msys2/usr/share/zoneinfo/Asia/Bangkok
index 8db5e8a61..724964029 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Bangkok and b/msys2/usr/share/zoneinfo/Asia/Bangkok differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Barnaul b/msys2/usr/share/zoneinfo/Asia/Barnaul
index 60efb41b4..82cc49c48 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Barnaul and b/msys2/usr/share/zoneinfo/Asia/Barnaul differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Beirut b/msys2/usr/share/zoneinfo/Asia/Beirut
index 72f089634..efb24c27f 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Beirut and b/msys2/usr/share/zoneinfo/Asia/Beirut differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Bishkek b/msys2/usr/share/zoneinfo/Asia/Bishkek
index e3f81ee33..f7a7d5480 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Bishkek and b/msys2/usr/share/zoneinfo/Asia/Bishkek differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Brunei b/msys2/usr/share/zoneinfo/Asia/Brunei
index cad16b0df..8624c7ae1 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Brunei and b/msys2/usr/share/zoneinfo/Asia/Brunei differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Calcutta b/msys2/usr/share/zoneinfo/Asia/Calcutta
index b57972dd8..e1cfcb8d0 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Calcutta and b/msys2/usr/share/zoneinfo/Asia/Calcutta differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Chita b/msys2/usr/share/zoneinfo/Asia/Chita
index 95f56456e..3baf75282 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Chita and b/msys2/usr/share/zoneinfo/Asia/Chita differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Choibalsan b/msys2/usr/share/zoneinfo/Asia/Choibalsan
index 15b358f2f..79b9d3c82 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Choibalsan and b/msys2/usr/share/zoneinfo/Asia/Choibalsan differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Chongqing b/msys2/usr/share/zoneinfo/Asia/Chongqing
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Chongqing and b/msys2/usr/share/zoneinfo/Asia/Chongqing differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Chungking b/msys2/usr/share/zoneinfo/Asia/Chungking
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Chungking and b/msys2/usr/share/zoneinfo/Asia/Chungking differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Colombo b/msys2/usr/share/zoneinfo/Asia/Colombo
index 28fe4307d..4fc96c898 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Colombo and b/msys2/usr/share/zoneinfo/Asia/Colombo differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Dacca b/msys2/usr/share/zoneinfo/Asia/Dacca
index 98881f093..776f27dac 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Dacca and b/msys2/usr/share/zoneinfo/Asia/Dacca differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Damascus b/msys2/usr/share/zoneinfo/Asia/Damascus
index ac457646b..4b610b5a0 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Damascus and b/msys2/usr/share/zoneinfo/Asia/Damascus differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Dhaka b/msys2/usr/share/zoneinfo/Asia/Dhaka
index 98881f093..776f27dac 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Dhaka and b/msys2/usr/share/zoneinfo/Asia/Dhaka differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Dili b/msys2/usr/share/zoneinfo/Asia/Dili
index c94fa610f..f6ce91a15 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Dili and b/msys2/usr/share/zoneinfo/Asia/Dili differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Dubai b/msys2/usr/share/zoneinfo/Asia/Dubai
index c12f31a14..7880d5d7c 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Dubai and b/msys2/usr/share/zoneinfo/Asia/Dubai differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Dushanbe b/msys2/usr/share/zoneinfo/Asia/Dushanbe
index 67c772b4d..694f6e6aa 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Dushanbe and b/msys2/usr/share/zoneinfo/Asia/Dushanbe differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Famagusta b/msys2/usr/share/zoneinfo/Asia/Famagusta
index 021f8a2dd..653b146a6 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Famagusta and b/msys2/usr/share/zoneinfo/Asia/Famagusta differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Gaza b/msys2/usr/share/zoneinfo/Asia/Gaza
index 1818affb5..32b4ed659 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Gaza and b/msys2/usr/share/zoneinfo/Asia/Gaza differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Harbin b/msys2/usr/share/zoneinfo/Asia/Harbin
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Harbin and b/msys2/usr/share/zoneinfo/Asia/Harbin differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Hebron b/msys2/usr/share/zoneinfo/Asia/Hebron
index 286a93513..0ed8b0d4b 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Hebron and b/msys2/usr/share/zoneinfo/Asia/Hebron differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Ho_Chi_Minh b/msys2/usr/share/zoneinfo/Asia/Ho_Chi_Minh
index 92642679c..eab94fe89 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Ho_Chi_Minh and b/msys2/usr/share/zoneinfo/Asia/Ho_Chi_Minh differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Hong_Kong b/msys2/usr/share/zoneinfo/Asia/Hong_Kong
index dc9058e4b..91eaff488 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Hong_Kong and b/msys2/usr/share/zoneinfo/Asia/Hong_Kong differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Hovd b/msys2/usr/share/zoneinfo/Asia/Hovd
index f367a550f..8eb5f6479 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Hovd and b/msys2/usr/share/zoneinfo/Asia/Hovd differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Irkutsk b/msys2/usr/share/zoneinfo/Asia/Irkutsk
index 84136366d..e8c53c0d6 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Irkutsk and b/msys2/usr/share/zoneinfo/Asia/Irkutsk differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Istanbul b/msys2/usr/share/zoneinfo/Asia/Istanbul
index 9a53b3a39..833d4eba3 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Istanbul and b/msys2/usr/share/zoneinfo/Asia/Istanbul differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Jakarta b/msys2/usr/share/zoneinfo/Asia/Jakarta
index 37b4edded..673d48010 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Jakarta and b/msys2/usr/share/zoneinfo/Asia/Jakarta differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Jayapura b/msys2/usr/share/zoneinfo/Asia/Jayapura
index 39ddc8436..a4c082972 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Jayapura and b/msys2/usr/share/zoneinfo/Asia/Jayapura differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Jerusalem b/msys2/usr/share/zoneinfo/Asia/Jerusalem
index df5119935..93e9f19c7 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Jerusalem and b/msys2/usr/share/zoneinfo/Asia/Jerusalem differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Kabul b/msys2/usr/share/zoneinfo/Asia/Kabul
index 80429ec40..a22cf5925 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Kabul and b/msys2/usr/share/zoneinfo/Asia/Kabul differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Kamchatka b/msys2/usr/share/zoneinfo/Asia/Kamchatka
index fab27defa..b9ed49cac 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Kamchatka and b/msys2/usr/share/zoneinfo/Asia/Kamchatka differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Karachi b/msys2/usr/share/zoneinfo/Asia/Karachi
index b7dcaab8f..337e1d586 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Karachi and b/msys2/usr/share/zoneinfo/Asia/Karachi differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Kashgar b/msys2/usr/share/zoneinfo/Asia/Kashgar
index b44a1e19e..0342b4331 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Kashgar and b/msys2/usr/share/zoneinfo/Asia/Kashgar differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Kathmandu b/msys2/usr/share/zoneinfo/Asia/Kathmandu
index 0cbd2952b..2f810b120 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Kathmandu and b/msys2/usr/share/zoneinfo/Asia/Kathmandu differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Katmandu b/msys2/usr/share/zoneinfo/Asia/Katmandu
index 0cbd2952b..2f810b120 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Katmandu and b/msys2/usr/share/zoneinfo/Asia/Katmandu differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Khandyga b/msys2/usr/share/zoneinfo/Asia/Khandyga
index 918369539..2b2f5bfae 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Khandyga and b/msys2/usr/share/zoneinfo/Asia/Khandyga differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Kolkata b/msys2/usr/share/zoneinfo/Asia/Kolkata
index b57972dd8..e1cfcb8d0 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Kolkata and b/msys2/usr/share/zoneinfo/Asia/Kolkata differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Krasnoyarsk b/msys2/usr/share/zoneinfo/Asia/Krasnoyarsk
index faec35d30..59efd24ca 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Krasnoyarsk and b/msys2/usr/share/zoneinfo/Asia/Krasnoyarsk differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Kuala_Lumpur b/msys2/usr/share/zoneinfo/Asia/Kuala_Lumpur
index 5c95ebcdc..6d7d47b9d 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Kuala_Lumpur and b/msys2/usr/share/zoneinfo/Asia/Kuala_Lumpur differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Kuching b/msys2/usr/share/zoneinfo/Asia/Kuching
index 62b538922..4878622dd 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Kuching and b/msys2/usr/share/zoneinfo/Asia/Kuching differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Kuwait b/msys2/usr/share/zoneinfo/Asia/Kuwait
index e71bc4e80..b2f9a2559 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Kuwait and b/msys2/usr/share/zoneinfo/Asia/Kuwait differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Macao b/msys2/usr/share/zoneinfo/Asia/Macao
index 46c1bad54..d801000dc 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Macao and b/msys2/usr/share/zoneinfo/Asia/Macao differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Macau b/msys2/usr/share/zoneinfo/Asia/Macau
index 46c1bad54..d801000dc 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Macau and b/msys2/usr/share/zoneinfo/Asia/Macau differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Magadan b/msys2/usr/share/zoneinfo/Asia/Magadan
index 2db063560..b20cc57ef 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Magadan and b/msys2/usr/share/zoneinfo/Asia/Magadan differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Makassar b/msys2/usr/share/zoneinfo/Asia/Makassar
index 3a5dcb270..ed55442e2 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Makassar and b/msys2/usr/share/zoneinfo/Asia/Makassar differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Manila b/msys2/usr/share/zoneinfo/Asia/Manila
index 06859a70d..2c9220c99 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Manila and b/msys2/usr/share/zoneinfo/Asia/Manila differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Muscat b/msys2/usr/share/zoneinfo/Asia/Muscat
index c12f31a14..7880d5d7c 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Muscat and b/msys2/usr/share/zoneinfo/Asia/Muscat differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Nicosia b/msys2/usr/share/zoneinfo/Asia/Nicosia
index 3e663b215..f7f10ab76 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Nicosia and b/msys2/usr/share/zoneinfo/Asia/Nicosia differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Novokuznetsk b/msys2/usr/share/zoneinfo/Asia/Novokuznetsk
index ed4b24827..2576a3b01 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Novokuznetsk and b/msys2/usr/share/zoneinfo/Asia/Novokuznetsk differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Novosibirsk b/msys2/usr/share/zoneinfo/Asia/Novosibirsk
index a5d39dffc..95e3c73bc 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Novosibirsk and b/msys2/usr/share/zoneinfo/Asia/Novosibirsk differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Omsk b/msys2/usr/share/zoneinfo/Asia/Omsk
index 5e0d9b67a..d805e4f74 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Omsk and b/msys2/usr/share/zoneinfo/Asia/Omsk differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Oral b/msys2/usr/share/zoneinfo/Asia/Oral
index b8eb58d13..e36aec475 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Oral and b/msys2/usr/share/zoneinfo/Asia/Oral differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Phnom_Penh b/msys2/usr/share/zoneinfo/Asia/Phnom_Penh
index 8db5e8a61..724964029 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Phnom_Penh and b/msys2/usr/share/zoneinfo/Asia/Phnom_Penh differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Pontianak b/msys2/usr/share/zoneinfo/Asia/Pontianak
index ec98c62ba..9377d0383 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Pontianak and b/msys2/usr/share/zoneinfo/Asia/Pontianak differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Pyongyang b/msys2/usr/share/zoneinfo/Asia/Pyongyang
index de5c2b156..dd54989fa 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Pyongyang and b/msys2/usr/share/zoneinfo/Asia/Pyongyang differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Qatar b/msys2/usr/share/zoneinfo/Asia/Qatar
index a0c5f6696..f5140926a 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Qatar and b/msys2/usr/share/zoneinfo/Asia/Qatar differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Qostanay b/msys2/usr/share/zoneinfo/Asia/Qostanay
new file mode 100644
index 000000000..cb6e2d90f
Binary files /dev/null and b/msys2/usr/share/zoneinfo/Asia/Qostanay differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Qyzylorda b/msys2/usr/share/zoneinfo/Asia/Qyzylorda
index 0fc7fada6..fc636b3b8 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Qyzylorda and b/msys2/usr/share/zoneinfo/Asia/Qyzylorda differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Rangoon b/msys2/usr/share/zoneinfo/Asia/Rangoon
index 3cc2aafac..a00282de3 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Rangoon and b/msys2/usr/share/zoneinfo/Asia/Rangoon differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Riyadh b/msys2/usr/share/zoneinfo/Asia/Riyadh
index e71bc4e80..b2f9a2559 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Riyadh and b/msys2/usr/share/zoneinfo/Asia/Riyadh differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Saigon b/msys2/usr/share/zoneinfo/Asia/Saigon
index 92642679c..eab94fe89 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Saigon and b/msys2/usr/share/zoneinfo/Asia/Saigon differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Sakhalin b/msys2/usr/share/zoneinfo/Asia/Sakhalin
index 8d6b4dfe2..9c94900ce 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Sakhalin and b/msys2/usr/share/zoneinfo/Asia/Sakhalin differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Samarkand b/msys2/usr/share/zoneinfo/Asia/Samarkand
index 10c7af7fe..a5d1e9700 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Samarkand and b/msys2/usr/share/zoneinfo/Asia/Samarkand differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Seoul b/msys2/usr/share/zoneinfo/Asia/Seoul
index 312ec40a1..fa1cbd395 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Seoul and b/msys2/usr/share/zoneinfo/Asia/Seoul differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Shanghai b/msys2/usr/share/zoneinfo/Asia/Shanghai
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Shanghai and b/msys2/usr/share/zoneinfo/Asia/Shanghai differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Singapore b/msys2/usr/share/zoneinfo/Asia/Singapore
index 785836666..ebc4b0d9d 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Singapore and b/msys2/usr/share/zoneinfo/Asia/Singapore differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Srednekolymsk b/msys2/usr/share/zoneinfo/Asia/Srednekolymsk
index 16b1cd8f9..f8b7bb212 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Srednekolymsk and b/msys2/usr/share/zoneinfo/Asia/Srednekolymsk differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Taipei b/msys2/usr/share/zoneinfo/Asia/Taipei
index 748873bed..f9cbe672a 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Taipei and b/msys2/usr/share/zoneinfo/Asia/Taipei differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Tashkent b/msys2/usr/share/zoneinfo/Asia/Tashkent
index 6f7dea4ab..e75bb365a 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Tashkent and b/msys2/usr/share/zoneinfo/Asia/Tashkent differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Tbilisi b/msys2/usr/share/zoneinfo/Asia/Tbilisi
index 4b2d2e296..09bb06eba 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Tbilisi and b/msys2/usr/share/zoneinfo/Asia/Tbilisi differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Tehran b/msys2/usr/share/zoneinfo/Asia/Tehran
index 3157f806b..0ae2f65fc 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Tehran and b/msys2/usr/share/zoneinfo/Asia/Tehran differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Tel_Aviv b/msys2/usr/share/zoneinfo/Asia/Tel_Aviv
index df5119935..93e9f19c7 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Tel_Aviv and b/msys2/usr/share/zoneinfo/Asia/Tel_Aviv differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Thimbu b/msys2/usr/share/zoneinfo/Asia/Thimbu
index a8bddb9fa..06d3324d0 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Thimbu and b/msys2/usr/share/zoneinfo/Asia/Thimbu differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Thimphu b/msys2/usr/share/zoneinfo/Asia/Thimphu
index a8bddb9fa..06d3324d0 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Thimphu and b/msys2/usr/share/zoneinfo/Asia/Thimphu differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Tokyo b/msys2/usr/share/zoneinfo/Asia/Tokyo
index 8ad44ba98..26f4d34d6 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Tokyo and b/msys2/usr/share/zoneinfo/Asia/Tokyo differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Tomsk b/msys2/usr/share/zoneinfo/Asia/Tomsk
index 919b0031d..28da9c901 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Tomsk and b/msys2/usr/share/zoneinfo/Asia/Tomsk differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Ujung_Pandang b/msys2/usr/share/zoneinfo/Asia/Ujung_Pandang
index 3a5dcb270..ed55442e2 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Ujung_Pandang and b/msys2/usr/share/zoneinfo/Asia/Ujung_Pandang differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Ulaanbaatar b/msys2/usr/share/zoneinfo/Asia/Ulaanbaatar
index 94ddfea5f..82fd47609 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Ulaanbaatar and b/msys2/usr/share/zoneinfo/Asia/Ulaanbaatar differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Ulan_Bator b/msys2/usr/share/zoneinfo/Asia/Ulan_Bator
index 94ddfea5f..82fd47609 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Ulan_Bator and b/msys2/usr/share/zoneinfo/Asia/Ulan_Bator differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Urumqi b/msys2/usr/share/zoneinfo/Asia/Urumqi
index b44a1e19e..0342b4331 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Urumqi and b/msys2/usr/share/zoneinfo/Asia/Urumqi differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Ust-Nera b/msys2/usr/share/zoneinfo/Asia/Ust-Nera
index 7431eb97f..c0c3767e3 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Ust-Nera and b/msys2/usr/share/zoneinfo/Asia/Ust-Nera differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Vientiane b/msys2/usr/share/zoneinfo/Asia/Vientiane
index 8db5e8a61..724964029 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Vientiane and b/msys2/usr/share/zoneinfo/Asia/Vientiane differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Vladivostok b/msys2/usr/share/zoneinfo/Asia/Vladivostok
index 80b170bca..15731abc8 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Vladivostok and b/msys2/usr/share/zoneinfo/Asia/Vladivostok differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Yakutsk b/msys2/usr/share/zoneinfo/Asia/Yakutsk
index 220ad3db5..1f86e77f5 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Yakutsk and b/msys2/usr/share/zoneinfo/Asia/Yakutsk differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Yangon b/msys2/usr/share/zoneinfo/Asia/Yangon
index 3cc2aafac..a00282de3 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Yangon and b/msys2/usr/share/zoneinfo/Asia/Yangon differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Yekaterinburg b/msys2/usr/share/zoneinfo/Asia/Yekaterinburg
index c1abb935c..fff9f3b14 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Yekaterinburg and b/msys2/usr/share/zoneinfo/Asia/Yekaterinburg differ
diff --git a/msys2/usr/share/zoneinfo/Asia/Yerevan b/msys2/usr/share/zoneinfo/Asia/Yerevan
index 4c4e045bd..409c3b171 100644
Binary files a/msys2/usr/share/zoneinfo/Asia/Yerevan and b/msys2/usr/share/zoneinfo/Asia/Yerevan differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Azores b/msys2/usr/share/zoneinfo/Atlantic/Azores
index 37218e127..56593dbff 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Azores and b/msys2/usr/share/zoneinfo/Atlantic/Azores differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Bermuda b/msys2/usr/share/zoneinfo/Atlantic/Bermuda
index 548d979bd..3a5c6dbf7 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Bermuda and b/msys2/usr/share/zoneinfo/Atlantic/Bermuda differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Canary b/msys2/usr/share/zoneinfo/Atlantic/Canary
index 544f443a0..f3192156f 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Canary and b/msys2/usr/share/zoneinfo/Atlantic/Canary differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Cape_Verde b/msys2/usr/share/zoneinfo/Atlantic/Cape_Verde
index 1c012da59..e2a49d248 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Cape_Verde and b/msys2/usr/share/zoneinfo/Atlantic/Cape_Verde differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Faeroe b/msys2/usr/share/zoneinfo/Atlantic/Faeroe
index c4865186b..4dab7ef08 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Faeroe and b/msys2/usr/share/zoneinfo/Atlantic/Faeroe differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Faroe b/msys2/usr/share/zoneinfo/Atlantic/Faroe
index c4865186b..4dab7ef08 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Faroe and b/msys2/usr/share/zoneinfo/Atlantic/Faroe differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Jan_Mayen b/msys2/usr/share/zoneinfo/Atlantic/Jan_Mayen
index 239c0174d..c6842af88 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Jan_Mayen and b/msys2/usr/share/zoneinfo/Atlantic/Jan_Mayen differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Madeira b/msys2/usr/share/zoneinfo/Atlantic/Madeira
index 9c60071e4..5213761f8 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Madeira and b/msys2/usr/share/zoneinfo/Atlantic/Madeira differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Reykjavik b/msys2/usr/share/zoneinfo/Atlantic/Reykjavik
index dc49c3247..ac6bd6973 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Reykjavik and b/msys2/usr/share/zoneinfo/Atlantic/Reykjavik differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/South_Georgia b/msys2/usr/share/zoneinfo/Atlantic/South_Georgia
index 56b383b16..b3311b633 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/South_Georgia and b/msys2/usr/share/zoneinfo/Atlantic/South_Georgia differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/St_Helena b/msys2/usr/share/zoneinfo/Atlantic/St_Helena
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/St_Helena and b/msys2/usr/share/zoneinfo/Atlantic/St_Helena differ
diff --git a/msys2/usr/share/zoneinfo/Atlantic/Stanley b/msys2/usr/share/zoneinfo/Atlantic/Stanley
index 3649415bd..2fd42a2c3 100644
Binary files a/msys2/usr/share/zoneinfo/Atlantic/Stanley and b/msys2/usr/share/zoneinfo/Atlantic/Stanley differ
diff --git a/msys2/usr/share/zoneinfo/Australia/ACT b/msys2/usr/share/zoneinfo/Australia/ACT
index aaed12ca2..4ed4467ff 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/ACT and b/msys2/usr/share/zoneinfo/Australia/ACT differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Adelaide b/msys2/usr/share/zoneinfo/Australia/Adelaide
index 4f331a87d..190b0e33f 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Adelaide and b/msys2/usr/share/zoneinfo/Australia/Adelaide differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Brisbane b/msys2/usr/share/zoneinfo/Australia/Brisbane
index a327d83b7..26ffd9acb 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Brisbane and b/msys2/usr/share/zoneinfo/Australia/Brisbane differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Broken_Hill b/msys2/usr/share/zoneinfo/Australia/Broken_Hill
index 768b16785..874c86505 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Broken_Hill and b/msys2/usr/share/zoneinfo/Australia/Broken_Hill differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Canberra b/msys2/usr/share/zoneinfo/Australia/Canberra
index aaed12ca2..4ed4467ff 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Canberra and b/msys2/usr/share/zoneinfo/Australia/Canberra differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Currie b/msys2/usr/share/zoneinfo/Australia/Currie
index a3f6f29a4..865801e5e 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Currie and b/msys2/usr/share/zoneinfo/Australia/Currie differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Darwin b/msys2/usr/share/zoneinfo/Australia/Darwin
index c6ae9a7ba..cf42d1d87 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Darwin and b/msys2/usr/share/zoneinfo/Australia/Darwin differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Eucla b/msys2/usr/share/zoneinfo/Australia/Eucla
index 99f07a9fe..c49d499cd 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Eucla and b/msys2/usr/share/zoneinfo/Australia/Eucla differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Hobart b/msys2/usr/share/zoneinfo/Australia/Hobart
index 07784ce5d..92d1215d6 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Hobart and b/msys2/usr/share/zoneinfo/Australia/Hobart differ
diff --git a/msys2/usr/share/zoneinfo/Australia/LHI b/msys2/usr/share/zoneinfo/Australia/LHI
index 57597b0b9..8c6c7dd0b 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/LHI and b/msys2/usr/share/zoneinfo/Australia/LHI differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Lindeman b/msys2/usr/share/zoneinfo/Australia/Lindeman
index 71ca143f2..8ee1a6f54 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Lindeman and b/msys2/usr/share/zoneinfo/Australia/Lindeman differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Lord_Howe b/msys2/usr/share/zoneinfo/Australia/Lord_Howe
index 57597b0b9..8c6c7dd0b 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Lord_Howe and b/msys2/usr/share/zoneinfo/Australia/Lord_Howe differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Melbourne b/msys2/usr/share/zoneinfo/Australia/Melbourne
index ec8dfe038..3f2d3d7f1 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Melbourne and b/msys2/usr/share/zoneinfo/Australia/Melbourne differ
diff --git a/msys2/usr/share/zoneinfo/Australia/NSW b/msys2/usr/share/zoneinfo/Australia/NSW
index aaed12ca2..4ed4467ff 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/NSW and b/msys2/usr/share/zoneinfo/Australia/NSW differ
diff --git a/msys2/usr/share/zoneinfo/Australia/North b/msys2/usr/share/zoneinfo/Australia/North
index c6ae9a7ba..cf42d1d87 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/North and b/msys2/usr/share/zoneinfo/Australia/North differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Perth b/msys2/usr/share/zoneinfo/Australia/Perth
index 85c26d509..d38b67e2f 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Perth and b/msys2/usr/share/zoneinfo/Australia/Perth differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Queensland b/msys2/usr/share/zoneinfo/Australia/Queensland
index a327d83b7..26ffd9acb 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Queensland and b/msys2/usr/share/zoneinfo/Australia/Queensland differ
diff --git a/msys2/usr/share/zoneinfo/Australia/South b/msys2/usr/share/zoneinfo/Australia/South
index 4f331a87d..190b0e33f 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/South and b/msys2/usr/share/zoneinfo/Australia/South differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Sydney b/msys2/usr/share/zoneinfo/Australia/Sydney
index aaed12ca2..4ed4467ff 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Sydney and b/msys2/usr/share/zoneinfo/Australia/Sydney differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Tasmania b/msys2/usr/share/zoneinfo/Australia/Tasmania
index 07784ce5d..92d1215d6 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Tasmania and b/msys2/usr/share/zoneinfo/Australia/Tasmania differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Victoria b/msys2/usr/share/zoneinfo/Australia/Victoria
index ec8dfe038..3f2d3d7f1 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Victoria and b/msys2/usr/share/zoneinfo/Australia/Victoria differ
diff --git a/msys2/usr/share/zoneinfo/Australia/West b/msys2/usr/share/zoneinfo/Australia/West
index 85c26d509..d38b67e2f 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/West and b/msys2/usr/share/zoneinfo/Australia/West differ
diff --git a/msys2/usr/share/zoneinfo/Australia/Yancowinna b/msys2/usr/share/zoneinfo/Australia/Yancowinna
index 768b16785..874c86505 100644
Binary files a/msys2/usr/share/zoneinfo/Australia/Yancowinna and b/msys2/usr/share/zoneinfo/Australia/Yancowinna differ
diff --git a/msys2/usr/share/zoneinfo/Brazil/Acre b/msys2/usr/share/zoneinfo/Brazil/Acre
index b612ac235..16b7f923b 100644
Binary files a/msys2/usr/share/zoneinfo/Brazil/Acre and b/msys2/usr/share/zoneinfo/Brazil/Acre differ
diff --git a/msys2/usr/share/zoneinfo/Brazil/DeNoronha b/msys2/usr/share/zoneinfo/Brazil/DeNoronha
index 6d91f9145..95ff8a257 100644
Binary files a/msys2/usr/share/zoneinfo/Brazil/DeNoronha and b/msys2/usr/share/zoneinfo/Brazil/DeNoronha differ
diff --git a/msys2/usr/share/zoneinfo/Brazil/East b/msys2/usr/share/zoneinfo/Brazil/East
index 308a545ce..c417ba1da 100644
Binary files a/msys2/usr/share/zoneinfo/Brazil/East and b/msys2/usr/share/zoneinfo/Brazil/East differ
diff --git a/msys2/usr/share/zoneinfo/Brazil/West b/msys2/usr/share/zoneinfo/Brazil/West
index 855cb02c4..b10241e68 100644
Binary files a/msys2/usr/share/zoneinfo/Brazil/West and b/msys2/usr/share/zoneinfo/Brazil/West differ
diff --git a/msys2/usr/share/zoneinfo/CET b/msys2/usr/share/zoneinfo/CET
index 4c4f8ef9a..d585656f8 100644
Binary files a/msys2/usr/share/zoneinfo/CET and b/msys2/usr/share/zoneinfo/CET differ
diff --git a/msys2/usr/share/zoneinfo/CST6CDT b/msys2/usr/share/zoneinfo/CST6CDT
index 5c8a1d9a3..41c4136fe 100644
Binary files a/msys2/usr/share/zoneinfo/CST6CDT and b/msys2/usr/share/zoneinfo/CST6CDT differ
diff --git a/msys2/usr/share/zoneinfo/Canada/Atlantic b/msys2/usr/share/zoneinfo/Canada/Atlantic
index f86ece4c4..756099abe 100644
Binary files a/msys2/usr/share/zoneinfo/Canada/Atlantic and b/msys2/usr/share/zoneinfo/Canada/Atlantic differ
diff --git a/msys2/usr/share/zoneinfo/Canada/Central b/msys2/usr/share/zoneinfo/Canada/Central
index 2ffe3d8d8..3718d47da 100644
Binary files a/msys2/usr/share/zoneinfo/Canada/Central and b/msys2/usr/share/zoneinfo/Canada/Central differ
diff --git a/msys2/usr/share/zoneinfo/Canada/Eastern b/msys2/usr/share/zoneinfo/Canada/Eastern
index 7b4682a39..6752c5b05 100644
Binary files a/msys2/usr/share/zoneinfo/Canada/Eastern and b/msys2/usr/share/zoneinfo/Canada/Eastern differ
diff --git a/msys2/usr/share/zoneinfo/Canada/Mountain b/msys2/usr/share/zoneinfo/Canada/Mountain
index d02fbcd47..3fa057989 100644
Binary files a/msys2/usr/share/zoneinfo/Canada/Mountain and b/msys2/usr/share/zoneinfo/Canada/Mountain differ
diff --git a/msys2/usr/share/zoneinfo/Canada/Newfoundland b/msys2/usr/share/zoneinfo/Canada/Newfoundland
index a1d14854a..65a5b0c72 100644
Binary files a/msys2/usr/share/zoneinfo/Canada/Newfoundland and b/msys2/usr/share/zoneinfo/Canada/Newfoundland differ
diff --git a/msys2/usr/share/zoneinfo/Canada/Pacific b/msys2/usr/share/zoneinfo/Canada/Pacific
index 9b5d92417..0f9f83282 100644
Binary files a/msys2/usr/share/zoneinfo/Canada/Pacific and b/msys2/usr/share/zoneinfo/Canada/Pacific differ
diff --git a/msys2/usr/share/zoneinfo/Canada/Saskatchewan b/msys2/usr/share/zoneinfo/Canada/Saskatchewan
index 5fe8d6b61..20c9c84df 100644
Binary files a/msys2/usr/share/zoneinfo/Canada/Saskatchewan and b/msys2/usr/share/zoneinfo/Canada/Saskatchewan differ
diff --git a/msys2/usr/share/zoneinfo/Canada/Yukon b/msys2/usr/share/zoneinfo/Canada/Yukon
index 6b62e2d3c..fb3cd71a6 100644
Binary files a/msys2/usr/share/zoneinfo/Canada/Yukon and b/msys2/usr/share/zoneinfo/Canada/Yukon differ
diff --git a/msys2/usr/share/zoneinfo/Chile/Continental b/msys2/usr/share/zoneinfo/Chile/Continental
index ab766a41b..816a04281 100644
Binary files a/msys2/usr/share/zoneinfo/Chile/Continental and b/msys2/usr/share/zoneinfo/Chile/Continental differ
diff --git a/msys2/usr/share/zoneinfo/Chile/EasterIsland b/msys2/usr/share/zoneinfo/Chile/EasterIsland
index 060bef818..cae374409 100644
Binary files a/msys2/usr/share/zoneinfo/Chile/EasterIsland and b/msys2/usr/share/zoneinfo/Chile/EasterIsland differ
diff --git a/msys2/usr/share/zoneinfo/Cuba b/msys2/usr/share/zoneinfo/Cuba
index 1a58fcdc9..8186060a4 100644
Binary files a/msys2/usr/share/zoneinfo/Cuba and b/msys2/usr/share/zoneinfo/Cuba differ
diff --git a/msys2/usr/share/zoneinfo/EET b/msys2/usr/share/zoneinfo/EET
index beb273a24..d2f54c9ba 100644
Binary files a/msys2/usr/share/zoneinfo/EET and b/msys2/usr/share/zoneinfo/EET differ
diff --git a/msys2/usr/share/zoneinfo/EST b/msys2/usr/share/zoneinfo/EST
index ae346633c..074a4fc76 100644
Binary files a/msys2/usr/share/zoneinfo/EST and b/msys2/usr/share/zoneinfo/EST differ
diff --git a/msys2/usr/share/zoneinfo/EST5EDT b/msys2/usr/share/zoneinfo/EST5EDT
index 54541fc27..087b641d2 100644
Binary files a/msys2/usr/share/zoneinfo/EST5EDT and b/msys2/usr/share/zoneinfo/EST5EDT differ
diff --git a/msys2/usr/share/zoneinfo/Egypt b/msys2/usr/share/zoneinfo/Egypt
index ba0975044..0272fa1ba 100644
Binary files a/msys2/usr/share/zoneinfo/Egypt and b/msys2/usr/share/zoneinfo/Egypt differ
diff --git a/msys2/usr/share/zoneinfo/Eire b/msys2/usr/share/zoneinfo/Eire
index df3ecddd0..5c5a7a3b8 100644
Binary files a/msys2/usr/share/zoneinfo/Eire and b/msys2/usr/share/zoneinfo/Eire differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT b/msys2/usr/share/zoneinfo/Etc/GMT
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT and b/msys2/usr/share/zoneinfo/Etc/GMT differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+0 b/msys2/usr/share/zoneinfo/Etc/GMT+0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+0 and b/msys2/usr/share/zoneinfo/Etc/GMT+0 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+1 b/msys2/usr/share/zoneinfo/Etc/GMT+1
index 082986e76..087d1f925 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+1 and b/msys2/usr/share/zoneinfo/Etc/GMT+1 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+10 b/msys2/usr/share/zoneinfo/Etc/GMT+10
index 23276cd13..6437c684f 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+10 and b/msys2/usr/share/zoneinfo/Etc/GMT+10 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+11 b/msys2/usr/share/zoneinfo/Etc/GMT+11
index 28c579dca..72a912e05 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+11 and b/msys2/usr/share/zoneinfo/Etc/GMT+11 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+12 b/msys2/usr/share/zoneinfo/Etc/GMT+12
index c74060396..6938a1aff 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+12 and b/msys2/usr/share/zoneinfo/Etc/GMT+12 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+2 b/msys2/usr/share/zoneinfo/Etc/GMT+2
index 721cde2f3..a31557770 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+2 and b/msys2/usr/share/zoneinfo/Etc/GMT+2 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+3 b/msys2/usr/share/zoneinfo/Etc/GMT+3
index ae06bcb65..ee776199a 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+3 and b/msys2/usr/share/zoneinfo/Etc/GMT+3 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+4 b/msys2/usr/share/zoneinfo/Etc/GMT+4
index 5a7f878c9..1ea7da29d 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+4 and b/msys2/usr/share/zoneinfo/Etc/GMT+4 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+5 b/msys2/usr/share/zoneinfo/Etc/GMT+5
index 18cbf1fe2..dda1a9e11 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+5 and b/msys2/usr/share/zoneinfo/Etc/GMT+5 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+6 b/msys2/usr/share/zoneinfo/Etc/GMT+6
index 1aa4be883..f4a038556 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+6 and b/msys2/usr/share/zoneinfo/Etc/GMT+6 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+7 b/msys2/usr/share/zoneinfo/Etc/GMT+7
index cd8ed49af..2d2ccd005 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+7 and b/msys2/usr/share/zoneinfo/Etc/GMT+7 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+8 b/msys2/usr/share/zoneinfo/Etc/GMT+8
index e0ba6b889..826c77001 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+8 and b/msys2/usr/share/zoneinfo/Etc/GMT+8 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT+9 b/msys2/usr/share/zoneinfo/Etc/GMT+9
index eee1bcb70..b125ad2bc 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT+9 and b/msys2/usr/share/zoneinfo/Etc/GMT+9 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-0 b/msys2/usr/share/zoneinfo/Etc/GMT-0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-0 and b/msys2/usr/share/zoneinfo/Etc/GMT-0 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-1 b/msys2/usr/share/zoneinfo/Etc/GMT-1
index 4ff870140..dde682d83 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-1 and b/msys2/usr/share/zoneinfo/Etc/GMT-1 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-10 b/msys2/usr/share/zoneinfo/Etc/GMT-10
index e12e461d5..352ec08a1 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-10 and b/msys2/usr/share/zoneinfo/Etc/GMT-10 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-11 b/msys2/usr/share/zoneinfo/Etc/GMT-11
index 37f273974..dfa27fec7 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-11 and b/msys2/usr/share/zoneinfo/Etc/GMT-11 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-12 b/msys2/usr/share/zoneinfo/Etc/GMT-12
index 09297f1bc..eef949df2 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-12 and b/msys2/usr/share/zoneinfo/Etc/GMT-12 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-13 b/msys2/usr/share/zoneinfo/Etc/GMT-13
index 97ae1e140..f9363b24f 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-13 and b/msys2/usr/share/zoneinfo/Etc/GMT-13 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-14 b/msys2/usr/share/zoneinfo/Etc/GMT-14
index 58d6d1b2a..35add05a6 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-14 and b/msys2/usr/share/zoneinfo/Etc/GMT-14 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-2 b/msys2/usr/share/zoneinfo/Etc/GMT-2
index f0dc70625..315cae4f9 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-2 and b/msys2/usr/share/zoneinfo/Etc/GMT-2 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-3 b/msys2/usr/share/zoneinfo/Etc/GMT-3
index a0790fe9c..7489a153d 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-3 and b/msys2/usr/share/zoneinfo/Etc/GMT-3 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-4 b/msys2/usr/share/zoneinfo/Etc/GMT-4
index a75a173dc..560243e84 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-4 and b/msys2/usr/share/zoneinfo/Etc/GMT-4 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-5 b/msys2/usr/share/zoneinfo/Etc/GMT-5
index 85ebf22e8..b2bbe977d 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-5 and b/msys2/usr/share/zoneinfo/Etc/GMT-5 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-6 b/msys2/usr/share/zoneinfo/Etc/GMT-6
index 95def1f9e..b979dbbc5 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-6 and b/msys2/usr/share/zoneinfo/Etc/GMT-6 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-7 b/msys2/usr/share/zoneinfo/Etc/GMT-7
index c6a776e95..365ab1f64 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-7 and b/msys2/usr/share/zoneinfo/Etc/GMT-7 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-8 b/msys2/usr/share/zoneinfo/Etc/GMT-8
index f74a16f98..742082fcd 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-8 and b/msys2/usr/share/zoneinfo/Etc/GMT-8 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT-9 b/msys2/usr/share/zoneinfo/Etc/GMT-9
index 9b647c0fa..abc0b2758 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT-9 and b/msys2/usr/share/zoneinfo/Etc/GMT-9 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/GMT0 b/msys2/usr/share/zoneinfo/Etc/GMT0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/GMT0 and b/msys2/usr/share/zoneinfo/Etc/GMT0 differ
diff --git a/msys2/usr/share/zoneinfo/Etc/Greenwich b/msys2/usr/share/zoneinfo/Etc/Greenwich
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/Greenwich and b/msys2/usr/share/zoneinfo/Etc/Greenwich differ
diff --git a/msys2/usr/share/zoneinfo/Etc/UCT b/msys2/usr/share/zoneinfo/Etc/UCT
index 40147b9e8..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/UCT and b/msys2/usr/share/zoneinfo/Etc/UCT differ
diff --git a/msys2/usr/share/zoneinfo/Etc/UTC b/msys2/usr/share/zoneinfo/Etc/UTC
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/UTC and b/msys2/usr/share/zoneinfo/Etc/UTC differ
diff --git a/msys2/usr/share/zoneinfo/Etc/Universal b/msys2/usr/share/zoneinfo/Etc/Universal
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/Universal and b/msys2/usr/share/zoneinfo/Etc/Universal differ
diff --git a/msys2/usr/share/zoneinfo/Etc/Zulu b/msys2/usr/share/zoneinfo/Etc/Zulu
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/Etc/Zulu and b/msys2/usr/share/zoneinfo/Etc/Zulu differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Amsterdam b/msys2/usr/share/zoneinfo/Europe/Amsterdam
index 6dae5e470..ed064ed4a 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Amsterdam and b/msys2/usr/share/zoneinfo/Europe/Amsterdam differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Andorra b/msys2/usr/share/zoneinfo/Europe/Andorra
index b06de7a59..596255039 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Andorra and b/msys2/usr/share/zoneinfo/Europe/Andorra differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Astrakhan b/msys2/usr/share/zoneinfo/Europe/Astrakhan
index 90d7c2a81..5e069ea5b 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Astrakhan and b/msys2/usr/share/zoneinfo/Europe/Astrakhan differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Athens b/msys2/usr/share/zoneinfo/Europe/Athens
index 0001602fd..9f3a0678d 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Athens and b/msys2/usr/share/zoneinfo/Europe/Athens differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Belfast b/msys2/usr/share/zoneinfo/Europe/Belfast
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Belfast and b/msys2/usr/share/zoneinfo/Europe/Belfast differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Belgrade b/msys2/usr/share/zoneinfo/Europe/Belgrade
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Belgrade and b/msys2/usr/share/zoneinfo/Europe/Belgrade differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Berlin b/msys2/usr/share/zoneinfo/Europe/Berlin
index b4f2a2af6..7ddd510ec 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Berlin and b/msys2/usr/share/zoneinfo/Europe/Berlin differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Bratislava b/msys2/usr/share/zoneinfo/Europe/Bratislava
index 4eabe5c81..85036de35 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Bratislava and b/msys2/usr/share/zoneinfo/Europe/Bratislava differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Brussels b/msys2/usr/share/zoneinfo/Europe/Brussels
index d8f19a631..d0d0a08a2 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Brussels and b/msys2/usr/share/zoneinfo/Europe/Brussels differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Bucharest b/msys2/usr/share/zoneinfo/Europe/Bucharest
index e0eac4ce3..4eb7ed0df 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Bucharest and b/msys2/usr/share/zoneinfo/Europe/Bucharest differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Budapest b/msys2/usr/share/zoneinfo/Europe/Budapest
index 3ddf6a528..dfdc6d247 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Budapest and b/msys2/usr/share/zoneinfo/Europe/Budapest differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Busingen b/msys2/usr/share/zoneinfo/Europe/Busingen
index 9c2b600b1..ad6cf5928 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Busingen and b/msys2/usr/share/zoneinfo/Europe/Busingen differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Chisinau b/msys2/usr/share/zoneinfo/Europe/Chisinau
index 2109b52a7..5bc1bfeba 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Chisinau and b/msys2/usr/share/zoneinfo/Europe/Chisinau differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Copenhagen b/msys2/usr/share/zoneinfo/Europe/Copenhagen
index be87cf162..cb2ec0671 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Copenhagen and b/msys2/usr/share/zoneinfo/Europe/Copenhagen differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Dublin b/msys2/usr/share/zoneinfo/Europe/Dublin
index df3ecddd0..5c5a7a3b8 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Dublin and b/msys2/usr/share/zoneinfo/Europe/Dublin differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Gibraltar b/msys2/usr/share/zoneinfo/Europe/Gibraltar
index a7105faae..117aadb83 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Gibraltar and b/msys2/usr/share/zoneinfo/Europe/Gibraltar differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Guernsey b/msys2/usr/share/zoneinfo/Europe/Guernsey
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Guernsey and b/msys2/usr/share/zoneinfo/Europe/Guernsey differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Helsinki b/msys2/usr/share/zoneinfo/Europe/Helsinki
index 29b3c817f..b4f8f9cbb 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Helsinki and b/msys2/usr/share/zoneinfo/Europe/Helsinki differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Isle_of_Man b/msys2/usr/share/zoneinfo/Europe/Isle_of_Man
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Isle_of_Man and b/msys2/usr/share/zoneinfo/Europe/Isle_of_Man differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Istanbul b/msys2/usr/share/zoneinfo/Europe/Istanbul
index 9a53b3a39..833d4eba3 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Istanbul and b/msys2/usr/share/zoneinfo/Europe/Istanbul differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Jersey b/msys2/usr/share/zoneinfo/Europe/Jersey
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Jersey and b/msys2/usr/share/zoneinfo/Europe/Jersey differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Kaliningrad b/msys2/usr/share/zoneinfo/Europe/Kaliningrad
index 37280d05f..982d82a3a 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Kaliningrad and b/msys2/usr/share/zoneinfo/Europe/Kaliningrad differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Kiev b/msys2/usr/share/zoneinfo/Europe/Kiev
index b3e20a7e3..9337c9ea2 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Kiev and b/msys2/usr/share/zoneinfo/Europe/Kiev differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Kirov b/msys2/usr/share/zoneinfo/Europe/Kirov
index 40b558f82..a3b5320a0 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Kirov and b/msys2/usr/share/zoneinfo/Europe/Kirov differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Lisbon b/msys2/usr/share/zoneinfo/Europe/Lisbon
index b9aff3a51..355817b52 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Lisbon and b/msys2/usr/share/zoneinfo/Europe/Lisbon differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Ljubljana b/msys2/usr/share/zoneinfo/Europe/Ljubljana
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Ljubljana and b/msys2/usr/share/zoneinfo/Europe/Ljubljana differ
diff --git a/msys2/usr/share/zoneinfo/Europe/London b/msys2/usr/share/zoneinfo/Europe/London
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/London and b/msys2/usr/share/zoneinfo/Europe/London differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Luxembourg b/msys2/usr/share/zoneinfo/Europe/Luxembourg
index 6fae86c53..6c194a5cd 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Luxembourg and b/msys2/usr/share/zoneinfo/Europe/Luxembourg differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Madrid b/msys2/usr/share/zoneinfo/Europe/Madrid
index 9b51a73bd..ccc9d8575 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Madrid and b/msys2/usr/share/zoneinfo/Europe/Madrid differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Malta b/msys2/usr/share/zoneinfo/Europe/Malta
index c1208e2d2..bf2452da4 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Malta and b/msys2/usr/share/zoneinfo/Europe/Malta differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Mariehamn b/msys2/usr/share/zoneinfo/Europe/Mariehamn
index 29b3c817f..b4f8f9cbb 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Mariehamn and b/msys2/usr/share/zoneinfo/Europe/Mariehamn differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Minsk b/msys2/usr/share/zoneinfo/Europe/Minsk
index 60041a418..801aead7d 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Minsk and b/msys2/usr/share/zoneinfo/Europe/Minsk differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Monaco b/msys2/usr/share/zoneinfo/Europe/Monaco
index 0b40f1ec9..686ae8831 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Monaco and b/msys2/usr/share/zoneinfo/Europe/Monaco differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Moscow b/msys2/usr/share/zoneinfo/Europe/Moscow
index 906bd05f3..ddb3f4e99 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Moscow and b/msys2/usr/share/zoneinfo/Europe/Moscow differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Nicosia b/msys2/usr/share/zoneinfo/Europe/Nicosia
index 3e663b215..f7f10ab76 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Nicosia and b/msys2/usr/share/zoneinfo/Europe/Nicosia differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Oslo b/msys2/usr/share/zoneinfo/Europe/Oslo
index 239c0174d..c6842af88 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Oslo and b/msys2/usr/share/zoneinfo/Europe/Oslo differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Paris b/msys2/usr/share/zoneinfo/Europe/Paris
index cf6e2e2ee..ca8543516 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Paris and b/msys2/usr/share/zoneinfo/Europe/Paris differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Podgorica b/msys2/usr/share/zoneinfo/Europe/Podgorica
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Podgorica and b/msys2/usr/share/zoneinfo/Europe/Podgorica differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Prague b/msys2/usr/share/zoneinfo/Europe/Prague
index 4eabe5c81..85036de35 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Prague and b/msys2/usr/share/zoneinfo/Europe/Prague differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Riga b/msys2/usr/share/zoneinfo/Europe/Riga
index b729ee8c2..8495c506e 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Riga and b/msys2/usr/share/zoneinfo/Europe/Riga differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Rome b/msys2/usr/share/zoneinfo/Europe/Rome
index bdd3449e7..78a131b9f 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Rome and b/msys2/usr/share/zoneinfo/Europe/Rome differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Samara b/msys2/usr/share/zoneinfo/Europe/Samara
index 0539acfd7..97d5dd9e6 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Samara and b/msys2/usr/share/zoneinfo/Europe/Samara differ
diff --git a/msys2/usr/share/zoneinfo/Europe/San_Marino b/msys2/usr/share/zoneinfo/Europe/San_Marino
index bdd3449e7..78a131b9f 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/San_Marino and b/msys2/usr/share/zoneinfo/Europe/San_Marino differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Sarajevo b/msys2/usr/share/zoneinfo/Europe/Sarajevo
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Sarajevo and b/msys2/usr/share/zoneinfo/Europe/Sarajevo differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Saratov b/msys2/usr/share/zoneinfo/Europe/Saratov
index e8cd6b10e..8fd5f6d4b 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Saratov and b/msys2/usr/share/zoneinfo/Europe/Saratov differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Simferopol b/msys2/usr/share/zoneinfo/Europe/Simferopol
index f3b42b004..e82dbbc78 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Simferopol and b/msys2/usr/share/zoneinfo/Europe/Simferopol differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Skopje b/msys2/usr/share/zoneinfo/Europe/Skopje
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Skopje and b/msys2/usr/share/zoneinfo/Europe/Skopje differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Sofia b/msys2/usr/share/zoneinfo/Europe/Sofia
index 763e07479..dcfdd0822 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Sofia and b/msys2/usr/share/zoneinfo/Europe/Sofia differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Stockholm b/msys2/usr/share/zoneinfo/Europe/Stockholm
index 43c7f2e23..f3e0c7f0f 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Stockholm and b/msys2/usr/share/zoneinfo/Europe/Stockholm differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Tallinn b/msys2/usr/share/zoneinfo/Europe/Tallinn
index 18f903fa6..3a744cc6f 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Tallinn and b/msys2/usr/share/zoneinfo/Europe/Tallinn differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Tirane b/msys2/usr/share/zoneinfo/Europe/Tirane
index 52c16a42b..0b86017d2 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Tirane and b/msys2/usr/share/zoneinfo/Europe/Tirane differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Tiraspol b/msys2/usr/share/zoneinfo/Europe/Tiraspol
index 2109b52a7..5bc1bfeba 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Tiraspol and b/msys2/usr/share/zoneinfo/Europe/Tiraspol differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Ulyanovsk b/msys2/usr/share/zoneinfo/Europe/Ulyanovsk
index c280f430f..7b61bdc52 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Ulyanovsk and b/msys2/usr/share/zoneinfo/Europe/Ulyanovsk differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Uzhgorod b/msys2/usr/share/zoneinfo/Europe/Uzhgorod
index 8ddba9097..677f0887b 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Uzhgorod and b/msys2/usr/share/zoneinfo/Europe/Uzhgorod differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Vaduz b/msys2/usr/share/zoneinfo/Europe/Vaduz
index 9c2b600b1..ad6cf5928 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Vaduz and b/msys2/usr/share/zoneinfo/Europe/Vaduz differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Vatican b/msys2/usr/share/zoneinfo/Europe/Vatican
index bdd3449e7..78a131b9f 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Vatican and b/msys2/usr/share/zoneinfo/Europe/Vatican differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Vienna b/msys2/usr/share/zoneinfo/Europe/Vienna
index 9c0fac536..9e2d0c948 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Vienna and b/msys2/usr/share/zoneinfo/Europe/Vienna differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Vilnius b/msys2/usr/share/zoneinfo/Europe/Vilnius
index da380af0e..46ce484fb 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Vilnius and b/msys2/usr/share/zoneinfo/Europe/Vilnius differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Volgograd b/msys2/usr/share/zoneinfo/Europe/Volgograd
index f4cb64f16..8f170dd97 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Volgograd and b/msys2/usr/share/zoneinfo/Europe/Volgograd differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Warsaw b/msys2/usr/share/zoneinfo/Europe/Warsaw
index 5cbba412e..d6bb1561d 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Warsaw and b/msys2/usr/share/zoneinfo/Europe/Warsaw differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Zagreb b/msys2/usr/share/zoneinfo/Europe/Zagreb
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Zagreb and b/msys2/usr/share/zoneinfo/Europe/Zagreb differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Zaporozhye b/msys2/usr/share/zoneinfo/Europe/Zaporozhye
index 6f148505b..e42edfc85 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Zaporozhye and b/msys2/usr/share/zoneinfo/Europe/Zaporozhye differ
diff --git a/msys2/usr/share/zoneinfo/Europe/Zurich b/msys2/usr/share/zoneinfo/Europe/Zurich
index 9c2b600b1..ad6cf5928 100644
Binary files a/msys2/usr/share/zoneinfo/Europe/Zurich and b/msys2/usr/share/zoneinfo/Europe/Zurich differ
diff --git a/msys2/usr/share/zoneinfo/Factory b/msys2/usr/share/zoneinfo/Factory
index afeeb88d0..95bc3a3b1 100644
Binary files a/msys2/usr/share/zoneinfo/Factory and b/msys2/usr/share/zoneinfo/Factory differ
diff --git a/msys2/usr/share/zoneinfo/GB b/msys2/usr/share/zoneinfo/GB
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/GB and b/msys2/usr/share/zoneinfo/GB differ
diff --git a/msys2/usr/share/zoneinfo/GB-Eire b/msys2/usr/share/zoneinfo/GB-Eire
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/GB-Eire and b/msys2/usr/share/zoneinfo/GB-Eire differ
diff --git a/msys2/usr/share/zoneinfo/GMT b/msys2/usr/share/zoneinfo/GMT
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/GMT and b/msys2/usr/share/zoneinfo/GMT differ
diff --git a/msys2/usr/share/zoneinfo/GMT+0 b/msys2/usr/share/zoneinfo/GMT+0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/GMT+0 and b/msys2/usr/share/zoneinfo/GMT+0 differ
diff --git a/msys2/usr/share/zoneinfo/GMT-0 b/msys2/usr/share/zoneinfo/GMT-0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/GMT-0 and b/msys2/usr/share/zoneinfo/GMT-0 differ
diff --git a/msys2/usr/share/zoneinfo/GMT0 b/msys2/usr/share/zoneinfo/GMT0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/GMT0 and b/msys2/usr/share/zoneinfo/GMT0 differ
diff --git a/msys2/usr/share/zoneinfo/Greenwich b/msys2/usr/share/zoneinfo/Greenwich
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/Greenwich and b/msys2/usr/share/zoneinfo/Greenwich differ
diff --git a/msys2/usr/share/zoneinfo/HST b/msys2/usr/share/zoneinfo/HST
index 03e4db076..616c31bc5 100644
Binary files a/msys2/usr/share/zoneinfo/HST and b/msys2/usr/share/zoneinfo/HST differ
diff --git a/msys2/usr/share/zoneinfo/Hongkong b/msys2/usr/share/zoneinfo/Hongkong
index dc9058e4b..91eaff488 100644
Binary files a/msys2/usr/share/zoneinfo/Hongkong and b/msys2/usr/share/zoneinfo/Hongkong differ
diff --git a/msys2/usr/share/zoneinfo/Iceland b/msys2/usr/share/zoneinfo/Iceland
index dc49c3247..ac6bd6973 100644
Binary files a/msys2/usr/share/zoneinfo/Iceland and b/msys2/usr/share/zoneinfo/Iceland differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Antananarivo b/msys2/usr/share/zoneinfo/Indian/Antananarivo
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Antananarivo and b/msys2/usr/share/zoneinfo/Indian/Antananarivo differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Chagos b/msys2/usr/share/zoneinfo/Indian/Chagos
index 0e5e71927..f609611c8 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Chagos and b/msys2/usr/share/zoneinfo/Indian/Chagos differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Christmas b/msys2/usr/share/zoneinfo/Indian/Christmas
index 066c1e9fa..6babdeead 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Christmas and b/msys2/usr/share/zoneinfo/Indian/Christmas differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Cocos b/msys2/usr/share/zoneinfo/Indian/Cocos
index 34a2457be..58f80514e 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Cocos and b/msys2/usr/share/zoneinfo/Indian/Cocos differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Comoro b/msys2/usr/share/zoneinfo/Indian/Comoro
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Comoro and b/msys2/usr/share/zoneinfo/Indian/Comoro differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Kerguelen b/msys2/usr/share/zoneinfo/Indian/Kerguelen
index e7d4d3d06..2cb6f3e35 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Kerguelen and b/msys2/usr/share/zoneinfo/Indian/Kerguelen differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Mahe b/msys2/usr/share/zoneinfo/Indian/Mahe
index db8ac6875..49e23e5a0 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Mahe and b/msys2/usr/share/zoneinfo/Indian/Mahe differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Maldives b/msys2/usr/share/zoneinfo/Indian/Maldives
index 3f1a76e55..ffa336584 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Maldives and b/msys2/usr/share/zoneinfo/Indian/Maldives differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Mauritius b/msys2/usr/share/zoneinfo/Indian/Mauritius
index fd8d91112..b23e2cee1 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Mauritius and b/msys2/usr/share/zoneinfo/Indian/Mauritius differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Mayotte b/msys2/usr/share/zoneinfo/Indian/Mayotte
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Mayotte and b/msys2/usr/share/zoneinfo/Indian/Mayotte differ
diff --git a/msys2/usr/share/zoneinfo/Indian/Reunion b/msys2/usr/share/zoneinfo/Indian/Reunion
index d5f9aa49d..11c6002e2 100644
Binary files a/msys2/usr/share/zoneinfo/Indian/Reunion and b/msys2/usr/share/zoneinfo/Indian/Reunion differ
diff --git a/msys2/usr/share/zoneinfo/Iran b/msys2/usr/share/zoneinfo/Iran
index 3157f806b..0ae2f65fc 100644
Binary files a/msys2/usr/share/zoneinfo/Iran and b/msys2/usr/share/zoneinfo/Iran differ
diff --git a/msys2/usr/share/zoneinfo/Israel b/msys2/usr/share/zoneinfo/Israel
index df5119935..93e9f19c7 100644
Binary files a/msys2/usr/share/zoneinfo/Israel and b/msys2/usr/share/zoneinfo/Israel differ
diff --git a/msys2/usr/share/zoneinfo/Jamaica b/msys2/usr/share/zoneinfo/Jamaica
index 006689bc8..162306f88 100644
Binary files a/msys2/usr/share/zoneinfo/Jamaica and b/msys2/usr/share/zoneinfo/Jamaica differ
diff --git a/msys2/usr/share/zoneinfo/Japan b/msys2/usr/share/zoneinfo/Japan
index 8ad44ba98..26f4d34d6 100644
Binary files a/msys2/usr/share/zoneinfo/Japan and b/msys2/usr/share/zoneinfo/Japan differ
diff --git a/msys2/usr/share/zoneinfo/Kwajalein b/msys2/usr/share/zoneinfo/Kwajalein
index 1a27122ee..d6413577f 100644
Binary files a/msys2/usr/share/zoneinfo/Kwajalein and b/msys2/usr/share/zoneinfo/Kwajalein differ
diff --git a/msys2/usr/share/zoneinfo/Libya b/msys2/usr/share/zoneinfo/Libya
index b32e2202f..bd885315f 100644
Binary files a/msys2/usr/share/zoneinfo/Libya and b/msys2/usr/share/zoneinfo/Libya differ
diff --git a/msys2/usr/share/zoneinfo/MET b/msys2/usr/share/zoneinfo/MET
index 71963d533..388dd7442 100644
Binary files a/msys2/usr/share/zoneinfo/MET and b/msys2/usr/share/zoneinfo/MET differ
diff --git a/msys2/usr/share/zoneinfo/MST b/msys2/usr/share/zoneinfo/MST
index a1bee7c6f..da3e926d2 100644
Binary files a/msys2/usr/share/zoneinfo/MST and b/msys2/usr/share/zoneinfo/MST differ
diff --git a/msys2/usr/share/zoneinfo/MST7MDT b/msys2/usr/share/zoneinfo/MST7MDT
index 726a7e571..ddca8d196 100644
Binary files a/msys2/usr/share/zoneinfo/MST7MDT and b/msys2/usr/share/zoneinfo/MST7MDT differ
diff --git a/msys2/usr/share/zoneinfo/Mexico/BajaNorte b/msys2/usr/share/zoneinfo/Mexico/BajaNorte
index 29c83e71f..ada6bf78b 100644
Binary files a/msys2/usr/share/zoneinfo/Mexico/BajaNorte and b/msys2/usr/share/zoneinfo/Mexico/BajaNorte differ
diff --git a/msys2/usr/share/zoneinfo/Mexico/BajaSur b/msys2/usr/share/zoneinfo/Mexico/BajaSur
index afa94c2ac..43ee12d84 100644
Binary files a/msys2/usr/share/zoneinfo/Mexico/BajaSur and b/msys2/usr/share/zoneinfo/Mexico/BajaSur differ
diff --git a/msys2/usr/share/zoneinfo/Mexico/General b/msys2/usr/share/zoneinfo/Mexico/General
index f11e3d2d6..1434ab088 100644
Binary files a/msys2/usr/share/zoneinfo/Mexico/General and b/msys2/usr/share/zoneinfo/Mexico/General differ
diff --git a/msys2/usr/share/zoneinfo/NZ b/msys2/usr/share/zoneinfo/NZ
index a5f5b6d5e..60bcef686 100644
Binary files a/msys2/usr/share/zoneinfo/NZ and b/msys2/usr/share/zoneinfo/NZ differ
diff --git a/msys2/usr/share/zoneinfo/NZ-CHAT b/msys2/usr/share/zoneinfo/NZ-CHAT
index 957c80b79..abe09cb91 100644
Binary files a/msys2/usr/share/zoneinfo/NZ-CHAT and b/msys2/usr/share/zoneinfo/NZ-CHAT differ
diff --git a/msys2/usr/share/zoneinfo/Navajo b/msys2/usr/share/zoneinfo/Navajo
index 7fc669171..5fbe26b1d 100644
Binary files a/msys2/usr/share/zoneinfo/Navajo and b/msys2/usr/share/zoneinfo/Navajo differ
diff --git a/msys2/usr/share/zoneinfo/PRC b/msys2/usr/share/zoneinfo/PRC
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/PRC and b/msys2/usr/share/zoneinfo/PRC differ
diff --git a/msys2/usr/share/zoneinfo/PST8PDT b/msys2/usr/share/zoneinfo/PST8PDT
index 6242ac04c..d773e28f1 100644
Binary files a/msys2/usr/share/zoneinfo/PST8PDT and b/msys2/usr/share/zoneinfo/PST8PDT differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Apia b/msys2/usr/share/zoneinfo/Pacific/Apia
index 4091a85f3..fd03ff765 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Apia and b/msys2/usr/share/zoneinfo/Pacific/Apia differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Auckland b/msys2/usr/share/zoneinfo/Pacific/Auckland
index a5f5b6d5e..60bcef686 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Auckland and b/msys2/usr/share/zoneinfo/Pacific/Auckland differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Bougainville b/msys2/usr/share/zoneinfo/Pacific/Bougainville
index dc5a7d73c..6a6c2da28 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Bougainville and b/msys2/usr/share/zoneinfo/Pacific/Bougainville differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Chatham b/msys2/usr/share/zoneinfo/Pacific/Chatham
index 957c80b79..abe09cb91 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Chatham and b/msys2/usr/share/zoneinfo/Pacific/Chatham differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Chuuk b/msys2/usr/share/zoneinfo/Pacific/Chuuk
index 289b795a8..8004d65bb 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Chuuk and b/msys2/usr/share/zoneinfo/Pacific/Chuuk differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Easter b/msys2/usr/share/zoneinfo/Pacific/Easter
index 060bef818..cae374409 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Easter and b/msys2/usr/share/zoneinfo/Pacific/Easter differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Efate b/msys2/usr/share/zoneinfo/Pacific/Efate
index 5cee55df3..d650a056d 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Efate and b/msys2/usr/share/zoneinfo/Pacific/Efate differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Enderbury b/msys2/usr/share/zoneinfo/Pacific/Enderbury
index b729b256a..80873503f 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Enderbury and b/msys2/usr/share/zoneinfo/Pacific/Enderbury differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Fakaofo b/msys2/usr/share/zoneinfo/Pacific/Fakaofo
index 6e4b8afdb..4fa169f3c 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Fakaofo and b/msys2/usr/share/zoneinfo/Pacific/Fakaofo differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Fiji b/msys2/usr/share/zoneinfo/Pacific/Fiji
index 912db1894..61a669535 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Fiji and b/msys2/usr/share/zoneinfo/Pacific/Fiji differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Funafuti b/msys2/usr/share/zoneinfo/Pacific/Funafuti
index 3289094a2..e6a154474 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Funafuti and b/msys2/usr/share/zoneinfo/Pacific/Funafuti differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Galapagos b/msys2/usr/share/zoneinfo/Pacific/Galapagos
index 76b2b3a12..859b76d94 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Galapagos and b/msys2/usr/share/zoneinfo/Pacific/Galapagos differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Gambier b/msys2/usr/share/zoneinfo/Pacific/Gambier
index 625016d51..4e9e36c5a 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Gambier and b/msys2/usr/share/zoneinfo/Pacific/Gambier differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Guadalcanal b/msys2/usr/share/zoneinfo/Pacific/Guadalcanal
index 0c24095bf..908ccc144 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Guadalcanal and b/msys2/usr/share/zoneinfo/Pacific/Guadalcanal differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Guam b/msys2/usr/share/zoneinfo/Pacific/Guam
index 4286e6bac..e22424758 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Guam and b/msys2/usr/share/zoneinfo/Pacific/Guam differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Honolulu b/msys2/usr/share/zoneinfo/Pacific/Honolulu
index bd8557720..c7cd06015 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Honolulu and b/msys2/usr/share/zoneinfo/Pacific/Honolulu differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Johnston b/msys2/usr/share/zoneinfo/Pacific/Johnston
index bd8557720..c7cd06015 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Johnston and b/msys2/usr/share/zoneinfo/Pacific/Johnston differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Kiritimati b/msys2/usr/share/zoneinfo/Pacific/Kiritimati
index 94384558c..cf5b3bd34 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Kiritimati and b/msys2/usr/share/zoneinfo/Pacific/Kiritimati differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Kosrae b/msys2/usr/share/zoneinfo/Pacific/Kosrae
index f8222e66b..11583b13e 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Kosrae and b/msys2/usr/share/zoneinfo/Pacific/Kosrae differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Kwajalein b/msys2/usr/share/zoneinfo/Pacific/Kwajalein
index 1a27122ee..d6413577f 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Kwajalein and b/msys2/usr/share/zoneinfo/Pacific/Kwajalein differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Majuro b/msys2/usr/share/zoneinfo/Pacific/Majuro
index b3a8c1844..65990cbba 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Majuro and b/msys2/usr/share/zoneinfo/Pacific/Majuro differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Marquesas b/msys2/usr/share/zoneinfo/Pacific/Marquesas
index 10c5c9bc1..5fad0e1b2 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Marquesas and b/msys2/usr/share/zoneinfo/Pacific/Marquesas differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Midway b/msys2/usr/share/zoneinfo/Pacific/Midway
index 3e38e97c9..72707b5e1 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Midway and b/msys2/usr/share/zoneinfo/Pacific/Midway differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Nauru b/msys2/usr/share/zoneinfo/Pacific/Nauru
index 6092119f6..86d3b7d1e 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Nauru and b/msys2/usr/share/zoneinfo/Pacific/Nauru differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Niue b/msys2/usr/share/zoneinfo/Pacific/Niue
index df6110dd1..1d58fe36f 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Niue and b/msys2/usr/share/zoneinfo/Pacific/Niue differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Norfolk b/msys2/usr/share/zoneinfo/Pacific/Norfolk
index d0b9607ed..f630a65d5 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Norfolk and b/msys2/usr/share/zoneinfo/Pacific/Norfolk differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Noumea b/msys2/usr/share/zoneinfo/Pacific/Noumea
index d9c68f88a..99f6bca20 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Noumea and b/msys2/usr/share/zoneinfo/Pacific/Noumea differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Pago_Pago b/msys2/usr/share/zoneinfo/Pacific/Pago_Pago
index 3e38e97c9..72707b5e1 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Pago_Pago and b/msys2/usr/share/zoneinfo/Pacific/Pago_Pago differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Palau b/msys2/usr/share/zoneinfo/Pacific/Palau
index e1bbea561..05633b88e 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Palau and b/msys2/usr/share/zoneinfo/Pacific/Palau differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Pitcairn b/msys2/usr/share/zoneinfo/Pacific/Pitcairn
index 54783cf62..9092e4816 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Pitcairn and b/msys2/usr/share/zoneinfo/Pacific/Pitcairn differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Pohnpei b/msys2/usr/share/zoneinfo/Pacific/Pohnpei
index 9743bc3c9..090429c09 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Pohnpei and b/msys2/usr/share/zoneinfo/Pacific/Pohnpei differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Ponape b/msys2/usr/share/zoneinfo/Pacific/Ponape
index 9743bc3c9..090429c09 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Ponape and b/msys2/usr/share/zoneinfo/Pacific/Ponape differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Port_Moresby b/msys2/usr/share/zoneinfo/Pacific/Port_Moresby
index 3fa1f7fa8..f6fd51cb9 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Port_Moresby and b/msys2/usr/share/zoneinfo/Pacific/Port_Moresby differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Rarotonga b/msys2/usr/share/zoneinfo/Pacific/Rarotonga
index ace1ce4b7..9708b8707 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Rarotonga and b/msys2/usr/share/zoneinfo/Pacific/Rarotonga differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Saipan b/msys2/usr/share/zoneinfo/Pacific/Saipan
index 4286e6bac..e22424758 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Saipan and b/msys2/usr/share/zoneinfo/Pacific/Saipan differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Samoa b/msys2/usr/share/zoneinfo/Pacific/Samoa
index 3e38e97c9..72707b5e1 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Samoa and b/msys2/usr/share/zoneinfo/Pacific/Samoa differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Tahiti b/msys2/usr/share/zoneinfo/Pacific/Tahiti
index 7867d8bd6..37e4e8833 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Tahiti and b/msys2/usr/share/zoneinfo/Pacific/Tahiti differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Tarawa b/msys2/usr/share/zoneinfo/Pacific/Tarawa
index 334041388..e23c0cd2c 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Tarawa and b/msys2/usr/share/zoneinfo/Pacific/Tarawa differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Tongatapu b/msys2/usr/share/zoneinfo/Pacific/Tongatapu
index b3a5a89b6..35c9e2c64 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Tongatapu and b/msys2/usr/share/zoneinfo/Pacific/Tongatapu differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Truk b/msys2/usr/share/zoneinfo/Pacific/Truk
index 289b795a8..8004d65bb 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Truk and b/msys2/usr/share/zoneinfo/Pacific/Truk differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Wake b/msys2/usr/share/zoneinfo/Pacific/Wake
index 2dc630c60..837ce1f5c 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Wake and b/msys2/usr/share/zoneinfo/Pacific/Wake differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Wallis b/msys2/usr/share/zoneinfo/Pacific/Wallis
index b4f0f9bfb..8be9ac4d3 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Wallis and b/msys2/usr/share/zoneinfo/Pacific/Wallis differ
diff --git a/msys2/usr/share/zoneinfo/Pacific/Yap b/msys2/usr/share/zoneinfo/Pacific/Yap
index 289b795a8..8004d65bb 100644
Binary files a/msys2/usr/share/zoneinfo/Pacific/Yap and b/msys2/usr/share/zoneinfo/Pacific/Yap differ
diff --git a/msys2/usr/share/zoneinfo/Poland b/msys2/usr/share/zoneinfo/Poland
index 5cbba412e..d6bb1561d 100644
Binary files a/msys2/usr/share/zoneinfo/Poland and b/msys2/usr/share/zoneinfo/Poland differ
diff --git a/msys2/usr/share/zoneinfo/Portugal b/msys2/usr/share/zoneinfo/Portugal
index b9aff3a51..355817b52 100644
Binary files a/msys2/usr/share/zoneinfo/Portugal and b/msys2/usr/share/zoneinfo/Portugal differ
diff --git a/msys2/usr/share/zoneinfo/ROC b/msys2/usr/share/zoneinfo/ROC
index 748873bed..f9cbe672a 100644
Binary files a/msys2/usr/share/zoneinfo/ROC and b/msys2/usr/share/zoneinfo/ROC differ
diff --git a/msys2/usr/share/zoneinfo/ROK b/msys2/usr/share/zoneinfo/ROK
index 312ec40a1..fa1cbd395 100644
Binary files a/msys2/usr/share/zoneinfo/ROK and b/msys2/usr/share/zoneinfo/ROK differ
diff --git a/msys2/usr/share/zoneinfo/Singapore b/msys2/usr/share/zoneinfo/Singapore
index 785836666..ebc4b0d9d 100644
Binary files a/msys2/usr/share/zoneinfo/Singapore and b/msys2/usr/share/zoneinfo/Singapore differ
diff --git a/msys2/usr/share/zoneinfo/Turkey b/msys2/usr/share/zoneinfo/Turkey
index 9a53b3a39..833d4eba3 100644
Binary files a/msys2/usr/share/zoneinfo/Turkey and b/msys2/usr/share/zoneinfo/Turkey differ
diff --git a/msys2/usr/share/zoneinfo/UCT b/msys2/usr/share/zoneinfo/UCT
index 40147b9e8..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/UCT and b/msys2/usr/share/zoneinfo/UCT differ
diff --git a/msys2/usr/share/zoneinfo/US/Alaska b/msys2/usr/share/zoneinfo/US/Alaska
index 6c8bdf226..9bbb2fd3b 100644
Binary files a/msys2/usr/share/zoneinfo/US/Alaska and b/msys2/usr/share/zoneinfo/US/Alaska differ
diff --git a/msys2/usr/share/zoneinfo/US/Aleutian b/msys2/usr/share/zoneinfo/US/Aleutian
index 5696e0f8b..43236498f 100644
Binary files a/msys2/usr/share/zoneinfo/US/Aleutian and b/msys2/usr/share/zoneinfo/US/Aleutian differ
diff --git a/msys2/usr/share/zoneinfo/US/Arizona b/msys2/usr/share/zoneinfo/US/Arizona
index adf28236a..4d51271a1 100644
Binary files a/msys2/usr/share/zoneinfo/US/Arizona and b/msys2/usr/share/zoneinfo/US/Arizona differ
diff --git a/msys2/usr/share/zoneinfo/US/Central b/msys2/usr/share/zoneinfo/US/Central
index 3dd8f0fa8..a5b1617c7 100644
Binary files a/msys2/usr/share/zoneinfo/US/Central and b/msys2/usr/share/zoneinfo/US/Central differ
diff --git a/msys2/usr/share/zoneinfo/US/East-Indiana b/msys2/usr/share/zoneinfo/US/East-Indiana
index 4a92c0659..09511ccdc 100644
Binary files a/msys2/usr/share/zoneinfo/US/East-Indiana and b/msys2/usr/share/zoneinfo/US/East-Indiana differ
diff --git a/msys2/usr/share/zoneinfo/US/Eastern b/msys2/usr/share/zoneinfo/US/Eastern
index 7553fee37..2f75480e0 100644
Binary files a/msys2/usr/share/zoneinfo/US/Eastern and b/msys2/usr/share/zoneinfo/US/Eastern differ
diff --git a/msys2/usr/share/zoneinfo/US/Hawaii b/msys2/usr/share/zoneinfo/US/Hawaii
index bd8557720..c7cd06015 100644
Binary files a/msys2/usr/share/zoneinfo/US/Hawaii and b/msys2/usr/share/zoneinfo/US/Hawaii differ
diff --git a/msys2/usr/share/zoneinfo/US/Indiana-Starke b/msys2/usr/share/zoneinfo/US/Indiana-Starke
index cc785da97..fcd408d74 100644
Binary files a/msys2/usr/share/zoneinfo/US/Indiana-Starke and b/msys2/usr/share/zoneinfo/US/Indiana-Starke differ
diff --git a/msys2/usr/share/zoneinfo/US/Michigan b/msys2/usr/share/zoneinfo/US/Michigan
index e3ea5c3ef..5e0226057 100644
Binary files a/msys2/usr/share/zoneinfo/US/Michigan and b/msys2/usr/share/zoneinfo/US/Michigan differ
diff --git a/msys2/usr/share/zoneinfo/US/Mountain b/msys2/usr/share/zoneinfo/US/Mountain
index 7fc669171..5fbe26b1d 100644
Binary files a/msys2/usr/share/zoneinfo/US/Mountain and b/msys2/usr/share/zoneinfo/US/Mountain differ
diff --git a/msys2/usr/share/zoneinfo/US/Pacific b/msys2/usr/share/zoneinfo/US/Pacific
index c0ce4402f..9dad4f4c7 100644
Binary files a/msys2/usr/share/zoneinfo/US/Pacific and b/msys2/usr/share/zoneinfo/US/Pacific differ
diff --git a/msys2/usr/share/zoneinfo/US/Pacific-New b/msys2/usr/share/zoneinfo/US/Pacific-New
index c0ce4402f..9dad4f4c7 100644
Binary files a/msys2/usr/share/zoneinfo/US/Pacific-New and b/msys2/usr/share/zoneinfo/US/Pacific-New differ
diff --git a/msys2/usr/share/zoneinfo/US/Samoa b/msys2/usr/share/zoneinfo/US/Samoa
index 3e38e97c9..72707b5e1 100644
Binary files a/msys2/usr/share/zoneinfo/US/Samoa and b/msys2/usr/share/zoneinfo/US/Samoa differ
diff --git a/msys2/usr/share/zoneinfo/UTC b/msys2/usr/share/zoneinfo/UTC
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/UTC and b/msys2/usr/share/zoneinfo/UTC differ
diff --git a/msys2/usr/share/zoneinfo/Universal b/msys2/usr/share/zoneinfo/Universal
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/Universal and b/msys2/usr/share/zoneinfo/Universal differ
diff --git a/msys2/usr/share/zoneinfo/W-SU b/msys2/usr/share/zoneinfo/W-SU
index 906bd05f3..ddb3f4e99 100644
Binary files a/msys2/usr/share/zoneinfo/W-SU and b/msys2/usr/share/zoneinfo/W-SU differ
diff --git a/msys2/usr/share/zoneinfo/WET b/msys2/usr/share/zoneinfo/WET
index 444a1933d..9b03a17f4 100644
Binary files a/msys2/usr/share/zoneinfo/WET and b/msys2/usr/share/zoneinfo/WET differ
diff --git a/msys2/usr/share/zoneinfo/Zulu b/msys2/usr/share/zoneinfo/Zulu
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/Zulu and b/msys2/usr/share/zoneinfo/Zulu differ
diff --git a/msys2/usr/share/zoneinfo/iso3166.tab b/msys2/usr/share/zoneinfo/iso3166.tab
index c2e0f8eaf..a4ff61a4d 100644
--- a/msys2/usr/share/zoneinfo/iso3166.tab
+++ b/msys2/usr/share/zoneinfo/iso3166.tab
@@ -9,8 +9,8 @@
 # All text uses UTF-8 encoding.  The columns of the table are as follows:
 #
 # 1.  ISO 3166-1 alpha-2 country code, current as of
-#     ISO 3166-1 N905 (2016-11-15).  See: Updates on ISO 3166-1
-#     http://isotc.iso.org/livelink/livelink/Open/16944257
+#     ISO 3166-1 N976 (2018-11-06).  See: Updates on ISO 3166-1
+#     https://isotc.iso.org/livelink/livelink/Open/16944257
 # 2.  The usual English name for the coded region,
 #     chosen so that alphabetic sorting of subsets produces helpful lists.
 #     This is not the same as the English name in the ISO 3166 tables.
@@ -166,7 +166,7 @@ ME	Montenegro
 MF	St Martin (French)
 MG	Madagascar
 MH	Marshall Islands
-MK	Macedonia
+MK	North Macedonia
 ML	Mali
 MM	Myanmar (Burma)
 MN	Mongolia
@@ -235,7 +235,7 @@ ST	Sao Tome & Principe
 SV	El Salvador
 SX	St Maarten (Dutch)
 SY	Syria
-SZ	Swaziland
+SZ	Eswatini (Swaziland)
 TC	Turks & Caicos Is
 TD	Chad
 TF	French Southern & Antarctic Lands
diff --git a/msys2/usr/share/zoneinfo/leapseconds b/msys2/usr/share/zoneinfo/leapseconds
index 358e74105..886ae273e 100644
--- a/msys2/usr/share/zoneinfo/leapseconds
+++ b/msys2/usr/share/zoneinfo/leapseconds
@@ -3,21 +3,28 @@
 # This file is in the public domain.
 
 # This file is generated automatically from the data in the public-domain
-# leap-seconds.list file, which is copied from:
-# ftp://ftp.nist.gov/pub/time/leap-seconds.list
+# leap-seconds.list file, which can be copied from
+# <ftp://ftp.nist.gov/pub/time/leap-seconds.list>
+# or <ftp://ftp.boulder.nist.gov/pub/time/leap-seconds.list>
+# or <ftp://tycho.usno.navy.mil/pub/ntp/leap-seconds.list>.
 # For more about leap-seconds.list, please see
 # The NTP Timescale and Leap Seconds
-# https://www.eecis.udel.edu/~mills/leap.html
+# <https://www.eecis.udel.edu/~mills/leap.html>.
 
 # The International Earth Rotation and Reference Systems Service
 # periodically uses leap seconds to keep UTC to within 0.9 s of UT1
-# (which measures the true angular orientation of the earth in space); see
-# Levine J. Coordinated Universal Time and the leap second.
+# (which measures the true angular orientation of the earth in space)
+# and publishes leap second data in a copyrighted file
+# <https://hpiers.obspm.fr/iers/bul/bulc/Leap_Second.dat>.
+# See: Levine J. Coordinated Universal Time and the leap second.
 # URSI Radio Sci Bull. 2016;89(4):30-6. doi:10.23919/URSIRSB.2016.7909995
-# http://ieeexplore.ieee.org/document/7909995/
+# <https://ieeexplore.ieee.org/document/7909995>.
+
 # There were no leap seconds before 1972, because the official mechanism
 # accounting for the discrepancy between atomic time and the earth's rotation
-# did not exist until the early 1970s.
+# did not exist.  The first ("1 Jan 1972") data line in leap-seconds.list
+# does not denote a leap second; it denotes the start of the current definition
+# of UTC.
 
 # The correction (+ or -) is made at the given time, so lines
 # will typically look like:
@@ -25,10 +32,7 @@
 # or
 #	Leap	YEAR	MON	DAY	23:59:59	-	R/S
 
-# If the leapsecond is Rolling (R) the given time is local time.
-# If the leapsecond is Stationary (S) the given time is UTC.
-
-# Leap	YEAR	MONTH	DAY	HH:MM:SS	CORR	R/S
+# If the leap second is Rolling (R) the given time is local time (unused here).
 Leap	1972	Jun	30	23:59:60	+	S
 Leap	1972	Dec	31	23:59:60	+	S
 Leap	1973	Dec	31	23:59:60	+	S
@@ -57,5 +61,9 @@ Leap	2012	Jun	30	23:59:60	+	S
 Leap	2015	Jun	30	23:59:60	+	S
 Leap	2016	Dec	31	23:59:60	+	S
 
-#	Updated through IERS Bulletin C55
-#	File expires on:  28 December 2018
+# POSIX timestamps for the data in this file:
+#updated 1467936000
+#expires 1577491200
+
+#	Updated through IERS Bulletin C57
+#	File expires on:  28 December 2019
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Abidjan b/msys2/usr/share/zoneinfo/posix/Africa/Abidjan
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Abidjan and b/msys2/usr/share/zoneinfo/posix/Africa/Abidjan differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Accra b/msys2/usr/share/zoneinfo/posix/Africa/Accra
index 8726e80df..eaaa818f8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Accra and b/msys2/usr/share/zoneinfo/posix/Africa/Accra differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Addis_Ababa b/msys2/usr/share/zoneinfo/posix/Africa/Addis_Ababa
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Addis_Ababa and b/msys2/usr/share/zoneinfo/posix/Africa/Addis_Ababa differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Algiers b/msys2/usr/share/zoneinfo/posix/Africa/Algiers
index 2a25f3ac2..a5867a672 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Algiers and b/msys2/usr/share/zoneinfo/posix/Africa/Algiers differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Asmara b/msys2/usr/share/zoneinfo/posix/Africa/Asmara
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Asmara and b/msys2/usr/share/zoneinfo/posix/Africa/Asmara differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Asmera b/msys2/usr/share/zoneinfo/posix/Africa/Asmera
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Asmera and b/msys2/usr/share/zoneinfo/posix/Africa/Asmera differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Bamako b/msys2/usr/share/zoneinfo/posix/Africa/Bamako
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Bamako and b/msys2/usr/share/zoneinfo/posix/Africa/Bamako differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Bangui b/msys2/usr/share/zoneinfo/posix/Africa/Bangui
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Bangui and b/msys2/usr/share/zoneinfo/posix/Africa/Bangui differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Banjul b/msys2/usr/share/zoneinfo/posix/Africa/Banjul
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Banjul and b/msys2/usr/share/zoneinfo/posix/Africa/Banjul differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Bissau b/msys2/usr/share/zoneinfo/posix/Africa/Bissau
index 4e6fbe103..82ea5aaf0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Bissau and b/msys2/usr/share/zoneinfo/posix/Africa/Bissau differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Blantyre b/msys2/usr/share/zoneinfo/posix/Africa/Blantyre
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Blantyre and b/msys2/usr/share/zoneinfo/posix/Africa/Blantyre differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Brazzaville b/msys2/usr/share/zoneinfo/posix/Africa/Brazzaville
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Brazzaville and b/msys2/usr/share/zoneinfo/posix/Africa/Brazzaville differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Bujumbura b/msys2/usr/share/zoneinfo/posix/Africa/Bujumbura
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Bujumbura and b/msys2/usr/share/zoneinfo/posix/Africa/Bujumbura differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Cairo b/msys2/usr/share/zoneinfo/posix/Africa/Cairo
index ba0975044..0272fa1ba 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Cairo and b/msys2/usr/share/zoneinfo/posix/Africa/Cairo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Casablanca b/msys2/usr/share/zoneinfo/posix/Africa/Casablanca
index 65de34457..4c5705480 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Casablanca and b/msys2/usr/share/zoneinfo/posix/Africa/Casablanca differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Ceuta b/msys2/usr/share/zoneinfo/posix/Africa/Ceuta
index aaa657ffd..dd75e3e6e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Ceuta and b/msys2/usr/share/zoneinfo/posix/Africa/Ceuta differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Conakry b/msys2/usr/share/zoneinfo/posix/Africa/Conakry
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Conakry and b/msys2/usr/share/zoneinfo/posix/Africa/Conakry differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Dakar b/msys2/usr/share/zoneinfo/posix/Africa/Dakar
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Dakar and b/msys2/usr/share/zoneinfo/posix/Africa/Dakar differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Dar_es_Salaam b/msys2/usr/share/zoneinfo/posix/Africa/Dar_es_Salaam
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Dar_es_Salaam and b/msys2/usr/share/zoneinfo/posix/Africa/Dar_es_Salaam differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Djibouti b/msys2/usr/share/zoneinfo/posix/Africa/Djibouti
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Djibouti and b/msys2/usr/share/zoneinfo/posix/Africa/Djibouti differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Douala b/msys2/usr/share/zoneinfo/posix/Africa/Douala
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Douala and b/msys2/usr/share/zoneinfo/posix/Africa/Douala differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/El_Aaiun b/msys2/usr/share/zoneinfo/posix/Africa/El_Aaiun
index f5f8ffbc6..0ea025354 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/El_Aaiun and b/msys2/usr/share/zoneinfo/posix/Africa/El_Aaiun differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Freetown b/msys2/usr/share/zoneinfo/posix/Africa/Freetown
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Freetown and b/msys2/usr/share/zoneinfo/posix/Africa/Freetown differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Gaborone b/msys2/usr/share/zoneinfo/posix/Africa/Gaborone
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Gaborone and b/msys2/usr/share/zoneinfo/posix/Africa/Gaborone differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Harare b/msys2/usr/share/zoneinfo/posix/Africa/Harare
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Harare and b/msys2/usr/share/zoneinfo/posix/Africa/Harare differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Johannesburg b/msys2/usr/share/zoneinfo/posix/Africa/Johannesburg
index ddf3652e1..b8b9270a1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Johannesburg and b/msys2/usr/share/zoneinfo/posix/Africa/Johannesburg differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Juba b/msys2/usr/share/zoneinfo/posix/Africa/Juba
index 9fa711904..83eca03ab 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Juba and b/msys2/usr/share/zoneinfo/posix/Africa/Juba differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Kampala b/msys2/usr/share/zoneinfo/posix/Africa/Kampala
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Kampala and b/msys2/usr/share/zoneinfo/posix/Africa/Kampala differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Khartoum b/msys2/usr/share/zoneinfo/posix/Africa/Khartoum
index f2c9e3037..549dae276 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Khartoum and b/msys2/usr/share/zoneinfo/posix/Africa/Khartoum differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Kigali b/msys2/usr/share/zoneinfo/posix/Africa/Kigali
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Kigali and b/msys2/usr/share/zoneinfo/posix/Africa/Kigali differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Kinshasa b/msys2/usr/share/zoneinfo/posix/Africa/Kinshasa
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Kinshasa and b/msys2/usr/share/zoneinfo/posix/Africa/Kinshasa differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Lagos b/msys2/usr/share/zoneinfo/posix/Africa/Lagos
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Lagos and b/msys2/usr/share/zoneinfo/posix/Africa/Lagos differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Libreville b/msys2/usr/share/zoneinfo/posix/Africa/Libreville
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Libreville and b/msys2/usr/share/zoneinfo/posix/Africa/Libreville differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Lome b/msys2/usr/share/zoneinfo/posix/Africa/Lome
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Lome and b/msys2/usr/share/zoneinfo/posix/Africa/Lome differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Luanda b/msys2/usr/share/zoneinfo/posix/Africa/Luanda
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Luanda and b/msys2/usr/share/zoneinfo/posix/Africa/Luanda differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Lubumbashi b/msys2/usr/share/zoneinfo/posix/Africa/Lubumbashi
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Lubumbashi and b/msys2/usr/share/zoneinfo/posix/Africa/Lubumbashi differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Lusaka b/msys2/usr/share/zoneinfo/posix/Africa/Lusaka
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Lusaka and b/msys2/usr/share/zoneinfo/posix/Africa/Lusaka differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Malabo b/msys2/usr/share/zoneinfo/posix/Africa/Malabo
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Malabo and b/msys2/usr/share/zoneinfo/posix/Africa/Malabo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Maputo b/msys2/usr/share/zoneinfo/posix/Africa/Maputo
index 5b871dbaa..31cfad771 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Maputo and b/msys2/usr/share/zoneinfo/posix/Africa/Maputo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Maseru b/msys2/usr/share/zoneinfo/posix/Africa/Maseru
index ddf3652e1..b8b9270a1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Maseru and b/msys2/usr/share/zoneinfo/posix/Africa/Maseru differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Mbabane b/msys2/usr/share/zoneinfo/posix/Africa/Mbabane
index ddf3652e1..b8b9270a1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Mbabane and b/msys2/usr/share/zoneinfo/posix/Africa/Mbabane differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Mogadishu b/msys2/usr/share/zoneinfo/posix/Africa/Mogadishu
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Mogadishu and b/msys2/usr/share/zoneinfo/posix/Africa/Mogadishu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Monrovia b/msys2/usr/share/zoneinfo/posix/Africa/Monrovia
index b434c67fa..2a154f464 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Monrovia and b/msys2/usr/share/zoneinfo/posix/Africa/Monrovia differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Nairobi b/msys2/usr/share/zoneinfo/posix/Africa/Nairobi
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Nairobi and b/msys2/usr/share/zoneinfo/posix/Africa/Nairobi differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Ndjamena b/msys2/usr/share/zoneinfo/posix/Africa/Ndjamena
index bbfe19d60..8779590e0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Ndjamena and b/msys2/usr/share/zoneinfo/posix/Africa/Ndjamena differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Niamey b/msys2/usr/share/zoneinfo/posix/Africa/Niamey
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Niamey and b/msys2/usr/share/zoneinfo/posix/Africa/Niamey differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Nouakchott b/msys2/usr/share/zoneinfo/posix/Africa/Nouakchott
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Nouakchott and b/msys2/usr/share/zoneinfo/posix/Africa/Nouakchott differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Ouagadougou b/msys2/usr/share/zoneinfo/posix/Africa/Ouagadougou
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Ouagadougou and b/msys2/usr/share/zoneinfo/posix/Africa/Ouagadougou differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Porto-Novo b/msys2/usr/share/zoneinfo/posix/Africa/Porto-Novo
index b1c97cc5a..cbdc0450f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Porto-Novo and b/msys2/usr/share/zoneinfo/posix/Africa/Porto-Novo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Sao_Tome b/msys2/usr/share/zoneinfo/posix/Africa/Sao_Tome
index 3c0d33b0c..59f3759c4 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Sao_Tome and b/msys2/usr/share/zoneinfo/posix/Africa/Sao_Tome differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Timbuktu b/msys2/usr/share/zoneinfo/posix/Africa/Timbuktu
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Timbuktu and b/msys2/usr/share/zoneinfo/posix/Africa/Timbuktu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Tripoli b/msys2/usr/share/zoneinfo/posix/Africa/Tripoli
index b32e2202f..bd885315f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Tripoli and b/msys2/usr/share/zoneinfo/posix/Africa/Tripoli differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Tunis b/msys2/usr/share/zoneinfo/posix/Africa/Tunis
index 4bd3885a9..0cd8ffbae 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Tunis and b/msys2/usr/share/zoneinfo/posix/Africa/Tunis differ
diff --git a/msys2/usr/share/zoneinfo/posix/Africa/Windhoek b/msys2/usr/share/zoneinfo/posix/Africa/Windhoek
index 358f11e32..676618568 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Africa/Windhoek and b/msys2/usr/share/zoneinfo/posix/Africa/Windhoek differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Adak b/msys2/usr/share/zoneinfo/posix/America/Adak
index 5696e0f8b..43236498f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Adak and b/msys2/usr/share/zoneinfo/posix/America/Adak differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Anchorage b/msys2/usr/share/zoneinfo/posix/America/Anchorage
index 6c8bdf226..9bbb2fd3b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Anchorage and b/msys2/usr/share/zoneinfo/posix/America/Anchorage differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Anguilla b/msys2/usr/share/zoneinfo/posix/America/Anguilla
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Anguilla and b/msys2/usr/share/zoneinfo/posix/America/Anguilla differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Antigua b/msys2/usr/share/zoneinfo/posix/America/Antigua
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Antigua and b/msys2/usr/share/zoneinfo/posix/America/Antigua differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Araguaina b/msys2/usr/share/zoneinfo/posix/America/Araguaina
index 8b295a98b..bc9a52283 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Araguaina and b/msys2/usr/share/zoneinfo/posix/America/Araguaina differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Buenos_Aires b/msys2/usr/share/zoneinfo/posix/America/Argentina/Buenos_Aires
index e4866ce17..dfebfb99a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Buenos_Aires and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Buenos_Aires differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Catamarca b/msys2/usr/share/zoneinfo/posix/America/Argentina/Catamarca
index 9fe9ad647..b798105e0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Catamarca and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Catamarca differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/ComodRivadavia b/msys2/usr/share/zoneinfo/posix/America/Argentina/ComodRivadavia
index 9fe9ad647..b798105e0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/ComodRivadavia and b/msys2/usr/share/zoneinfo/posix/America/Argentina/ComodRivadavia differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Cordoba b/msys2/usr/share/zoneinfo/posix/America/Argentina/Cordoba
index 8c58f8c23..5df3cf6e6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Cordoba and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Cordoba differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Jujuy b/msys2/usr/share/zoneinfo/posix/America/Argentina/Jujuy
index a74ba0462..7d2ba91c6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Jujuy and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Jujuy differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/La_Rioja b/msys2/usr/share/zoneinfo/posix/America/Argentina/La_Rioja
index cb184d6a8..7654aebf0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/La_Rioja and b/msys2/usr/share/zoneinfo/posix/America/Argentina/La_Rioja differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Mendoza b/msys2/usr/share/zoneinfo/posix/America/Argentina/Mendoza
index 5e8c44c89..103235643 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Mendoza and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Mendoza differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Rio_Gallegos b/msys2/usr/share/zoneinfo/posix/America/Argentina/Rio_Gallegos
index 966a529ba..3c849fce2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Rio_Gallegos and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Rio_Gallegos differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Salta b/msys2/usr/share/zoneinfo/posix/America/Argentina/Salta
index b19aa222f..a4b71c1ff 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Salta and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Salta differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/San_Juan b/msys2/usr/share/zoneinfo/posix/America/Argentina/San_Juan
index 9e5ade610..948a39010 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/San_Juan and b/msys2/usr/share/zoneinfo/posix/America/Argentina/San_Juan differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/San_Luis b/msys2/usr/share/zoneinfo/posix/America/Argentina/San_Luis
index af8aa9986..acfbbe434 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/San_Luis and b/msys2/usr/share/zoneinfo/posix/America/Argentina/San_Luis differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Tucuman b/msys2/usr/share/zoneinfo/posix/America/Argentina/Tucuman
index bbb03a0c7..085fc9cc9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Tucuman and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Tucuman differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Argentina/Ushuaia b/msys2/usr/share/zoneinfo/posix/America/Argentina/Ushuaia
index 07e4e9f0b..1fc325677 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Argentina/Ushuaia and b/msys2/usr/share/zoneinfo/posix/America/Argentina/Ushuaia differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Aruba b/msys2/usr/share/zoneinfo/posix/America/Aruba
index d308336be..d3b318d2d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Aruba and b/msys2/usr/share/zoneinfo/posix/America/Aruba differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Asuncion b/msys2/usr/share/zoneinfo/posix/America/Asuncion
index 3c61ddb5a..831bf843f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Asuncion and b/msys2/usr/share/zoneinfo/posix/America/Asuncion differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Atikokan b/msys2/usr/share/zoneinfo/posix/America/Atikokan
index 5708b55ac..629ed4231 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Atikokan and b/msys2/usr/share/zoneinfo/posix/America/Atikokan differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Atka b/msys2/usr/share/zoneinfo/posix/America/Atka
index 5696e0f8b..43236498f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Atka and b/msys2/usr/share/zoneinfo/posix/America/Atka differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Bahia b/msys2/usr/share/zoneinfo/posix/America/Bahia
index 6008a5749..143eafc2c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Bahia and b/msys2/usr/share/zoneinfo/posix/America/Bahia differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Bahia_Banderas b/msys2/usr/share/zoneinfo/posix/America/Bahia_Banderas
index 21e2b719f..cd531078d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Bahia_Banderas and b/msys2/usr/share/zoneinfo/posix/America/Bahia_Banderas differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Barbados b/msys2/usr/share/zoneinfo/posix/America/Barbados
index 633993601..7bb7ac4d6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Barbados and b/msys2/usr/share/zoneinfo/posix/America/Barbados differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Belem b/msys2/usr/share/zoneinfo/posix/America/Belem
index b8e13b02f..ab3c8a67f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Belem and b/msys2/usr/share/zoneinfo/posix/America/Belem differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Belize b/msys2/usr/share/zoneinfo/posix/America/Belize
index 7dcc4fc5b..fd6932140 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Belize and b/msys2/usr/share/zoneinfo/posix/America/Belize differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Blanc-Sablon b/msys2/usr/share/zoneinfo/posix/America/Blanc-Sablon
index abcde7d98..f9f13a167 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Blanc-Sablon and b/msys2/usr/share/zoneinfo/posix/America/Blanc-Sablon differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Boa_Vista b/msys2/usr/share/zoneinfo/posix/America/Boa_Vista
index f7769048c..69e17a00e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Boa_Vista and b/msys2/usr/share/zoneinfo/posix/America/Boa_Vista differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Bogota b/msys2/usr/share/zoneinfo/posix/America/Bogota
index d8934466b..b7ded8e64 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Bogota and b/msys2/usr/share/zoneinfo/posix/America/Bogota differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Boise b/msys2/usr/share/zoneinfo/posix/America/Boise
index ada6d64b1..f8d54e274 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Boise and b/msys2/usr/share/zoneinfo/posix/America/Boise differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Buenos_Aires b/msys2/usr/share/zoneinfo/posix/America/Buenos_Aires
index e4866ce17..dfebfb99a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Buenos_Aires and b/msys2/usr/share/zoneinfo/posix/America/Buenos_Aires differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Cambridge_Bay b/msys2/usr/share/zoneinfo/posix/America/Cambridge_Bay
index d322f01ed..f8db4b6eb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Cambridge_Bay and b/msys2/usr/share/zoneinfo/posix/America/Cambridge_Bay differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Campo_Grande b/msys2/usr/share/zoneinfo/posix/America/Campo_Grande
index de52bb681..495ef4568 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Campo_Grande and b/msys2/usr/share/zoneinfo/posix/America/Campo_Grande differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Cancun b/msys2/usr/share/zoneinfo/posix/America/Cancun
index 7e69f73de..de6930cd8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Cancun and b/msys2/usr/share/zoneinfo/posix/America/Cancun differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Caracas b/msys2/usr/share/zoneinfo/posix/America/Caracas
index c8cab1af2..9abd028f9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Caracas and b/msys2/usr/share/zoneinfo/posix/America/Caracas differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Catamarca b/msys2/usr/share/zoneinfo/posix/America/Catamarca
index 9fe9ad647..b798105e0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Catamarca and b/msys2/usr/share/zoneinfo/posix/America/Catamarca differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Cayenne b/msys2/usr/share/zoneinfo/posix/America/Cayenne
index 6db640981..ff5965782 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Cayenne and b/msys2/usr/share/zoneinfo/posix/America/Cayenne differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Cayman b/msys2/usr/share/zoneinfo/posix/America/Cayman
index 5c1c06372..55b083463 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Cayman and b/msys2/usr/share/zoneinfo/posix/America/Cayman differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Chicago b/msys2/usr/share/zoneinfo/posix/America/Chicago
index 3dd8f0fa8..a5b1617c7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Chicago and b/msys2/usr/share/zoneinfo/posix/America/Chicago differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Chihuahua b/msys2/usr/share/zoneinfo/posix/America/Chihuahua
index e3adbdbfb..b2687241c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Chihuahua and b/msys2/usr/share/zoneinfo/posix/America/Chihuahua differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Coral_Harbour b/msys2/usr/share/zoneinfo/posix/America/Coral_Harbour
index 5708b55ac..629ed4231 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Coral_Harbour and b/msys2/usr/share/zoneinfo/posix/America/Coral_Harbour differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Cordoba b/msys2/usr/share/zoneinfo/posix/America/Cordoba
index 8c58f8c23..5df3cf6e6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Cordoba and b/msys2/usr/share/zoneinfo/posix/America/Cordoba differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Costa_Rica b/msys2/usr/share/zoneinfo/posix/America/Costa_Rica
index c247133e3..525a67ea7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Costa_Rica and b/msys2/usr/share/zoneinfo/posix/America/Costa_Rica differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Creston b/msys2/usr/share/zoneinfo/posix/America/Creston
index 798f627a8..0fba74173 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Creston and b/msys2/usr/share/zoneinfo/posix/America/Creston differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Cuiaba b/msys2/usr/share/zoneinfo/posix/America/Cuiaba
index 145c89e0f..8a4ee7d08 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Cuiaba and b/msys2/usr/share/zoneinfo/posix/America/Cuiaba differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Curacao b/msys2/usr/share/zoneinfo/posix/America/Curacao
index d308336be..d3b318d2d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Curacao and b/msys2/usr/share/zoneinfo/posix/America/Curacao differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Danmarkshavn b/msys2/usr/share/zoneinfo/posix/America/Danmarkshavn
index ad68c722f..9549adcb6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Danmarkshavn and b/msys2/usr/share/zoneinfo/posix/America/Danmarkshavn differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Dawson b/msys2/usr/share/zoneinfo/posix/America/Dawson
index 61c96889b..db9ceadd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Dawson and b/msys2/usr/share/zoneinfo/posix/America/Dawson differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Dawson_Creek b/msys2/usr/share/zoneinfo/posix/America/Dawson_Creek
index 78f907630..db9e33965 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Dawson_Creek and b/msys2/usr/share/zoneinfo/posix/America/Dawson_Creek differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Denver b/msys2/usr/share/zoneinfo/posix/America/Denver
index 7fc669171..5fbe26b1d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Denver and b/msys2/usr/share/zoneinfo/posix/America/Denver differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Detroit b/msys2/usr/share/zoneinfo/posix/America/Detroit
index e3ea5c3ef..5e0226057 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Detroit and b/msys2/usr/share/zoneinfo/posix/America/Detroit differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Dominica b/msys2/usr/share/zoneinfo/posix/America/Dominica
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Dominica and b/msys2/usr/share/zoneinfo/posix/America/Dominica differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Edmonton b/msys2/usr/share/zoneinfo/posix/America/Edmonton
index d02fbcd47..3fa057989 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Edmonton and b/msys2/usr/share/zoneinfo/posix/America/Edmonton differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Eirunepe b/msys2/usr/share/zoneinfo/posix/America/Eirunepe
index 41047f290..99b7d06ea 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Eirunepe and b/msys2/usr/share/zoneinfo/posix/America/Eirunepe differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/El_Salvador b/msys2/usr/share/zoneinfo/posix/America/El_Salvador
index 9b8bc7a87..ac774e83f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/El_Salvador and b/msys2/usr/share/zoneinfo/posix/America/El_Salvador differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Ensenada b/msys2/usr/share/zoneinfo/posix/America/Ensenada
index 29c83e71f..ada6bf78b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Ensenada and b/msys2/usr/share/zoneinfo/posix/America/Ensenada differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Fort_Nelson b/msys2/usr/share/zoneinfo/posix/America/Fort_Nelson
index 5923cc688..5a0b7f1ca 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Fort_Nelson and b/msys2/usr/share/zoneinfo/posix/America/Fort_Nelson differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Fort_Wayne b/msys2/usr/share/zoneinfo/posix/America/Fort_Wayne
index 4a92c0659..09511ccdc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Fort_Wayne and b/msys2/usr/share/zoneinfo/posix/America/Fort_Wayne differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Fortaleza b/msys2/usr/share/zoneinfo/posix/America/Fortaleza
index 22396bb51..e637170a6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Fortaleza and b/msys2/usr/share/zoneinfo/posix/America/Fortaleza differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Glace_Bay b/msys2/usr/share/zoneinfo/posix/America/Glace_Bay
index f58522b67..48412a4cb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Glace_Bay and b/msys2/usr/share/zoneinfo/posix/America/Glace_Bay differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Godthab b/msys2/usr/share/zoneinfo/posix/America/Godthab
index ea293cc40..0160308bf 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Godthab and b/msys2/usr/share/zoneinfo/posix/America/Godthab differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Goose_Bay b/msys2/usr/share/zoneinfo/posix/America/Goose_Bay
index b4b945e8d..a3f299079 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Goose_Bay and b/msys2/usr/share/zoneinfo/posix/America/Goose_Bay differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Grand_Turk b/msys2/usr/share/zoneinfo/posix/America/Grand_Turk
index a9740dae6..4597a621d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Grand_Turk and b/msys2/usr/share/zoneinfo/posix/America/Grand_Turk differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Grenada b/msys2/usr/share/zoneinfo/posix/America/Grenada
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Grenada and b/msys2/usr/share/zoneinfo/posix/America/Grenada differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Guadeloupe b/msys2/usr/share/zoneinfo/posix/America/Guadeloupe
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Guadeloupe and b/msys2/usr/share/zoneinfo/posix/America/Guadeloupe differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Guatemala b/msys2/usr/share/zoneinfo/posix/America/Guatemala
index abf943be0..6118b5ce2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Guatemala and b/msys2/usr/share/zoneinfo/posix/America/Guatemala differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Guayaquil b/msys2/usr/share/zoneinfo/posix/America/Guayaquil
index 92de38bed..bf087a0eb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Guayaquil and b/msys2/usr/share/zoneinfo/posix/America/Guayaquil differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Guyana b/msys2/usr/share/zoneinfo/posix/America/Guyana
index 7d2987677..d1dd2fafc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Guyana and b/msys2/usr/share/zoneinfo/posix/America/Guyana differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Halifax b/msys2/usr/share/zoneinfo/posix/America/Halifax
index f86ece4c4..756099abe 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Halifax and b/msys2/usr/share/zoneinfo/posix/America/Halifax differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Havana b/msys2/usr/share/zoneinfo/posix/America/Havana
index 1a58fcdc9..8186060a4 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Havana and b/msys2/usr/share/zoneinfo/posix/America/Havana differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Hermosillo b/msys2/usr/share/zoneinfo/posix/America/Hermosillo
index ec435c23b..26c269d96 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Hermosillo and b/msys2/usr/share/zoneinfo/posix/America/Hermosillo differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indiana/Indianapolis b/msys2/usr/share/zoneinfo/posix/America/Indiana/Indianapolis
index 4a92c0659..09511ccdc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indiana/Indianapolis and b/msys2/usr/share/zoneinfo/posix/America/Indiana/Indianapolis differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indiana/Knox b/msys2/usr/share/zoneinfo/posix/America/Indiana/Knox
index cc785da97..fcd408d74 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indiana/Knox and b/msys2/usr/share/zoneinfo/posix/America/Indiana/Knox differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indiana/Marengo b/msys2/usr/share/zoneinfo/posix/America/Indiana/Marengo
index a23d7b759..1abf75e7e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indiana/Marengo and b/msys2/usr/share/zoneinfo/posix/America/Indiana/Marengo differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indiana/Petersburg b/msys2/usr/share/zoneinfo/posix/America/Indiana/Petersburg
index f16cb3040..0133548ec 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indiana/Petersburg and b/msys2/usr/share/zoneinfo/posix/America/Indiana/Petersburg differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indiana/Tell_City b/msys2/usr/share/zoneinfo/posix/America/Indiana/Tell_City
index 0250bf90f..4ce95c152 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indiana/Tell_City and b/msys2/usr/share/zoneinfo/posix/America/Indiana/Tell_City differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indiana/Vevay b/msys2/usr/share/zoneinfo/posix/America/Indiana/Vevay
index e934de61a..d236b7c07 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indiana/Vevay and b/msys2/usr/share/zoneinfo/posix/America/Indiana/Vevay differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indiana/Vincennes b/msys2/usr/share/zoneinfo/posix/America/Indiana/Vincennes
index adbdbeee6..c818929d1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indiana/Vincennes and b/msys2/usr/share/zoneinfo/posix/America/Indiana/Vincennes differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indiana/Winamac b/msys2/usr/share/zoneinfo/posix/America/Indiana/Winamac
index b34f7b27e..630935c1e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indiana/Winamac and b/msys2/usr/share/zoneinfo/posix/America/Indiana/Winamac differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Indianapolis b/msys2/usr/share/zoneinfo/posix/America/Indianapolis
index 4a92c0659..09511ccdc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Indianapolis and b/msys2/usr/share/zoneinfo/posix/America/Indianapolis differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Inuvik b/msys2/usr/share/zoneinfo/posix/America/Inuvik
index 1388e8a4d..e107dc44c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Inuvik and b/msys2/usr/share/zoneinfo/posix/America/Inuvik differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Iqaluit b/msys2/usr/share/zoneinfo/posix/America/Iqaluit
index 0785ac576..c8138bdbb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Iqaluit and b/msys2/usr/share/zoneinfo/posix/America/Iqaluit differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Jamaica b/msys2/usr/share/zoneinfo/posix/America/Jamaica
index 006689bc8..162306f88 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Jamaica and b/msys2/usr/share/zoneinfo/posix/America/Jamaica differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Jujuy b/msys2/usr/share/zoneinfo/posix/America/Jujuy
index a74ba0462..7d2ba91c6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Jujuy and b/msys2/usr/share/zoneinfo/posix/America/Jujuy differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Juneau b/msys2/usr/share/zoneinfo/posix/America/Juneau
index d00668ad1..451f34900 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Juneau and b/msys2/usr/share/zoneinfo/posix/America/Juneau differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Kentucky/Louisville b/msys2/usr/share/zoneinfo/posix/America/Kentucky/Louisville
index fdf2e88b4..f4c4cf966 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Kentucky/Louisville and b/msys2/usr/share/zoneinfo/posix/America/Kentucky/Louisville differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Kentucky/Monticello b/msys2/usr/share/zoneinfo/posix/America/Kentucky/Monticello
index 60991aa38..438e3eab4 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Kentucky/Monticello and b/msys2/usr/share/zoneinfo/posix/America/Kentucky/Monticello differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Knox_IN b/msys2/usr/share/zoneinfo/posix/America/Knox_IN
index cc785da97..fcd408d74 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Knox_IN and b/msys2/usr/share/zoneinfo/posix/America/Knox_IN differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Kralendijk b/msys2/usr/share/zoneinfo/posix/America/Kralendijk
index d308336be..d3b318d2d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Kralendijk and b/msys2/usr/share/zoneinfo/posix/America/Kralendijk differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/La_Paz b/msys2/usr/share/zoneinfo/posix/America/La_Paz
index bc3df5235..5e5fec56f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/La_Paz and b/msys2/usr/share/zoneinfo/posix/America/La_Paz differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Lima b/msys2/usr/share/zoneinfo/posix/America/Lima
index 44280a5c1..d9fec3716 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Lima and b/msys2/usr/share/zoneinfo/posix/America/Lima differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Los_Angeles b/msys2/usr/share/zoneinfo/posix/America/Los_Angeles
index c0ce4402f..9dad4f4c7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Los_Angeles and b/msys2/usr/share/zoneinfo/posix/America/Los_Angeles differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Louisville b/msys2/usr/share/zoneinfo/posix/America/Louisville
index fdf2e88b4..f4c4cf966 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Louisville and b/msys2/usr/share/zoneinfo/posix/America/Louisville differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Lower_Princes b/msys2/usr/share/zoneinfo/posix/America/Lower_Princes
index d308336be..d3b318d2d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Lower_Princes and b/msys2/usr/share/zoneinfo/posix/America/Lower_Princes differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Maceio b/msys2/usr/share/zoneinfo/posix/America/Maceio
index 54442dc73..fec8a8bf1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Maceio and b/msys2/usr/share/zoneinfo/posix/America/Maceio differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Managua b/msys2/usr/share/zoneinfo/posix/America/Managua
index c543ffd47..69256c635 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Managua and b/msys2/usr/share/zoneinfo/posix/America/Managua differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Manaus b/msys2/usr/share/zoneinfo/posix/America/Manaus
index 855cb02c4..b10241e68 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Manaus and b/msys2/usr/share/zoneinfo/posix/America/Manaus differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Marigot b/msys2/usr/share/zoneinfo/posix/America/Marigot
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Marigot and b/msys2/usr/share/zoneinfo/posix/America/Marigot differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Martinique b/msys2/usr/share/zoneinfo/posix/America/Martinique
index f9e2399c9..79716de53 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Martinique and b/msys2/usr/share/zoneinfo/posix/America/Martinique differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Matamoros b/msys2/usr/share/zoneinfo/posix/America/Matamoros
index 5671d2581..5c59984de 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Matamoros and b/msys2/usr/share/zoneinfo/posix/America/Matamoros differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Mazatlan b/msys2/usr/share/zoneinfo/posix/America/Mazatlan
index afa94c2ac..43ee12d84 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Mazatlan and b/msys2/usr/share/zoneinfo/posix/America/Mazatlan differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Mendoza b/msys2/usr/share/zoneinfo/posix/America/Mendoza
index 5e8c44c89..103235643 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Mendoza and b/msys2/usr/share/zoneinfo/posix/America/Mendoza differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Menominee b/msys2/usr/share/zoneinfo/posix/America/Menominee
index 55d6e3266..314613866 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Menominee and b/msys2/usr/share/zoneinfo/posix/America/Menominee differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Merida b/msys2/usr/share/zoneinfo/posix/America/Merida
index ecc1856e1..b46298e1f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Merida and b/msys2/usr/share/zoneinfo/posix/America/Merida differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Metlakatla b/msys2/usr/share/zoneinfo/posix/America/Metlakatla
index c03359704..1e94be3d5 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Metlakatla and b/msys2/usr/share/zoneinfo/posix/America/Metlakatla differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Mexico_City b/msys2/usr/share/zoneinfo/posix/America/Mexico_City
index f11e3d2d6..1434ab088 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Mexico_City and b/msys2/usr/share/zoneinfo/posix/America/Mexico_City differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Miquelon b/msys2/usr/share/zoneinfo/posix/America/Miquelon
index 75bbcf2bc..06ceaadff 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Miquelon and b/msys2/usr/share/zoneinfo/posix/America/Miquelon differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Moncton b/msys2/usr/share/zoneinfo/posix/America/Moncton
index 51cb1ba3d..9df8d0f2e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Moncton and b/msys2/usr/share/zoneinfo/posix/America/Moncton differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Monterrey b/msys2/usr/share/zoneinfo/posix/America/Monterrey
index dcac92bad..7dc505777 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Monterrey and b/msys2/usr/share/zoneinfo/posix/America/Monterrey differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Montevideo b/msys2/usr/share/zoneinfo/posix/America/Montevideo
index 9c6abeb93..0d1e565c0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Montevideo and b/msys2/usr/share/zoneinfo/posix/America/Montevideo differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Montreal b/msys2/usr/share/zoneinfo/posix/America/Montreal
index 7b4682a39..6752c5b05 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Montreal and b/msys2/usr/share/zoneinfo/posix/America/Montreal differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Montserrat b/msys2/usr/share/zoneinfo/posix/America/Montserrat
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Montserrat and b/msys2/usr/share/zoneinfo/posix/America/Montserrat differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Nassau b/msys2/usr/share/zoneinfo/posix/America/Nassau
index e5d0289b5..5091eb5d8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Nassau and b/msys2/usr/share/zoneinfo/posix/America/Nassau differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/New_York b/msys2/usr/share/zoneinfo/posix/America/New_York
index 7553fee37..2f75480e0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/New_York and b/msys2/usr/share/zoneinfo/posix/America/New_York differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Nipigon b/msys2/usr/share/zoneinfo/posix/America/Nipigon
index f8a0292b2..f6a856e69 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Nipigon and b/msys2/usr/share/zoneinfo/posix/America/Nipigon differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Nome b/msys2/usr/share/zoneinfo/posix/America/Nome
index c886c9bc0..10998df3b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Nome and b/msys2/usr/share/zoneinfo/posix/America/Nome differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Noronha b/msys2/usr/share/zoneinfo/posix/America/Noronha
index 6d91f9145..95ff8a257 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Noronha and b/msys2/usr/share/zoneinfo/posix/America/Noronha differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/North_Dakota/Beulah b/msys2/usr/share/zoneinfo/posix/America/North_Dakota/Beulah
index 8174c8828..246345dde 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/North_Dakota/Beulah and b/msys2/usr/share/zoneinfo/posix/America/North_Dakota/Beulah differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/North_Dakota/Center b/msys2/usr/share/zoneinfo/posix/America/North_Dakota/Center
index 8035b24fa..1fa070377 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/North_Dakota/Center and b/msys2/usr/share/zoneinfo/posix/America/North_Dakota/Center differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/North_Dakota/New_Salem b/msys2/usr/share/zoneinfo/posix/America/North_Dakota/New_Salem
index 5b630ee66..123f2aeec 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/North_Dakota/New_Salem and b/msys2/usr/share/zoneinfo/posix/America/North_Dakota/New_Salem differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Ojinaga b/msys2/usr/share/zoneinfo/posix/America/Ojinaga
index 190c5c86d..37d78301b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Ojinaga and b/msys2/usr/share/zoneinfo/posix/America/Ojinaga differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Panama b/msys2/usr/share/zoneinfo/posix/America/Panama
index 5c1c06372..55b083463 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Panama and b/msys2/usr/share/zoneinfo/posix/America/Panama differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Pangnirtung b/msys2/usr/share/zoneinfo/posix/America/Pangnirtung
index df78b6268..3e4e0db6a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Pangnirtung and b/msys2/usr/share/zoneinfo/posix/America/Pangnirtung differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Paramaribo b/msys2/usr/share/zoneinfo/posix/America/Paramaribo
index 1b608b3e5..b95c78423 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Paramaribo and b/msys2/usr/share/zoneinfo/posix/America/Paramaribo differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Phoenix b/msys2/usr/share/zoneinfo/posix/America/Phoenix
index adf28236a..4d51271a1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Phoenix and b/msys2/usr/share/zoneinfo/posix/America/Phoenix differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Port-au-Prince b/msys2/usr/share/zoneinfo/posix/America/Port-au-Prince
index 7306caeff..d9590103b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Port-au-Prince and b/msys2/usr/share/zoneinfo/posix/America/Port-au-Prince differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Port_of_Spain b/msys2/usr/share/zoneinfo/posix/America/Port_of_Spain
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Port_of_Spain and b/msys2/usr/share/zoneinfo/posix/America/Port_of_Spain differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Porto_Acre b/msys2/usr/share/zoneinfo/posix/America/Porto_Acre
index b612ac235..16b7f923b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Porto_Acre and b/msys2/usr/share/zoneinfo/posix/America/Porto_Acre differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Porto_Velho b/msys2/usr/share/zoneinfo/posix/America/Porto_Velho
index 2423fc19a..10cb02b8b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Porto_Velho and b/msys2/usr/share/zoneinfo/posix/America/Porto_Velho differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Puerto_Rico b/msys2/usr/share/zoneinfo/posix/America/Puerto_Rico
index d4525a68a..a662a5713 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Puerto_Rico and b/msys2/usr/share/zoneinfo/posix/America/Puerto_Rico differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Punta_Arenas b/msys2/usr/share/zoneinfo/posix/America/Punta_Arenas
index 4d84eed4e..a5a8af52c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Punta_Arenas and b/msys2/usr/share/zoneinfo/posix/America/Punta_Arenas differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Rainy_River b/msys2/usr/share/zoneinfo/posix/America/Rainy_River
index 70dcd2d80..ea6609915 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Rainy_River and b/msys2/usr/share/zoneinfo/posix/America/Rainy_River differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Rankin_Inlet b/msys2/usr/share/zoneinfo/posix/America/Rankin_Inlet
index 9f50f36ef..61ff6fcb7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Rankin_Inlet and b/msys2/usr/share/zoneinfo/posix/America/Rankin_Inlet differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Recife b/msys2/usr/share/zoneinfo/posix/America/Recife
index fe55739dd..c6d99b3ac 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Recife and b/msys2/usr/share/zoneinfo/posix/America/Recife differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Regina b/msys2/usr/share/zoneinfo/posix/America/Regina
index 5fe8d6b61..20c9c84df 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Regina and b/msys2/usr/share/zoneinfo/posix/America/Regina differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Resolute b/msys2/usr/share/zoneinfo/posix/America/Resolute
index 884b1f647..4365a5c81 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Resolute and b/msys2/usr/share/zoneinfo/posix/America/Resolute differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Rio_Branco b/msys2/usr/share/zoneinfo/posix/America/Rio_Branco
index b612ac235..16b7f923b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Rio_Branco and b/msys2/usr/share/zoneinfo/posix/America/Rio_Branco differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Rosario b/msys2/usr/share/zoneinfo/posix/America/Rosario
index 8c58f8c23..5df3cf6e6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Rosario and b/msys2/usr/share/zoneinfo/posix/America/Rosario differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Santa_Isabel b/msys2/usr/share/zoneinfo/posix/America/Santa_Isabel
index 29c83e71f..ada6bf78b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Santa_Isabel and b/msys2/usr/share/zoneinfo/posix/America/Santa_Isabel differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Santarem b/msys2/usr/share/zoneinfo/posix/America/Santarem
index d776a4387..8080efabf 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Santarem and b/msys2/usr/share/zoneinfo/posix/America/Santarem differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Santiago b/msys2/usr/share/zoneinfo/posix/America/Santiago
index ab766a41b..816a04281 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Santiago and b/msys2/usr/share/zoneinfo/posix/America/Santiago differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Santo_Domingo b/msys2/usr/share/zoneinfo/posix/America/Santo_Domingo
index cc2cbf2b1..4e5eba52b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Santo_Domingo and b/msys2/usr/share/zoneinfo/posix/America/Santo_Domingo differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Sao_Paulo b/msys2/usr/share/zoneinfo/posix/America/Sao_Paulo
index 308a545ce..c417ba1da 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Sao_Paulo and b/msys2/usr/share/zoneinfo/posix/America/Sao_Paulo differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Scoresbysund b/msys2/usr/share/zoneinfo/posix/America/Scoresbysund
index 8e1366ca3..e20e9e1c4 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Scoresbysund and b/msys2/usr/share/zoneinfo/posix/America/Scoresbysund differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Shiprock b/msys2/usr/share/zoneinfo/posix/America/Shiprock
index 7fc669171..5fbe26b1d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Shiprock and b/msys2/usr/share/zoneinfo/posix/America/Shiprock differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Sitka b/msys2/usr/share/zoneinfo/posix/America/Sitka
index 662b8b67e..31f706137 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Sitka and b/msys2/usr/share/zoneinfo/posix/America/Sitka differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/St_Barthelemy b/msys2/usr/share/zoneinfo/posix/America/St_Barthelemy
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/St_Barthelemy and b/msys2/usr/share/zoneinfo/posix/America/St_Barthelemy differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/St_Johns b/msys2/usr/share/zoneinfo/posix/America/St_Johns
index a1d14854a..65a5b0c72 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/St_Johns and b/msys2/usr/share/zoneinfo/posix/America/St_Johns differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/St_Kitts b/msys2/usr/share/zoneinfo/posix/America/St_Kitts
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/St_Kitts and b/msys2/usr/share/zoneinfo/posix/America/St_Kitts differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/St_Lucia b/msys2/usr/share/zoneinfo/posix/America/St_Lucia
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/St_Lucia and b/msys2/usr/share/zoneinfo/posix/America/St_Lucia differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/St_Thomas b/msys2/usr/share/zoneinfo/posix/America/St_Thomas
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/St_Thomas and b/msys2/usr/share/zoneinfo/posix/America/St_Thomas differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/St_Vincent b/msys2/usr/share/zoneinfo/posix/America/St_Vincent
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/St_Vincent and b/msys2/usr/share/zoneinfo/posix/America/St_Vincent differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Swift_Current b/msys2/usr/share/zoneinfo/posix/America/Swift_Current
index 4db1300a2..8e9ef255e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Swift_Current and b/msys2/usr/share/zoneinfo/posix/America/Swift_Current differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Tegucigalpa b/msys2/usr/share/zoneinfo/posix/America/Tegucigalpa
index 7aea8f998..477e93950 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Tegucigalpa and b/msys2/usr/share/zoneinfo/posix/America/Tegucigalpa differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Thule b/msys2/usr/share/zoneinfo/posix/America/Thule
index deefcc8df..2969ebe59 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Thule and b/msys2/usr/share/zoneinfo/posix/America/Thule differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Thunder_Bay b/msys2/usr/share/zoneinfo/posix/America/Thunder_Bay
index aa1d48609..e504c9acf 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Thunder_Bay and b/msys2/usr/share/zoneinfo/posix/America/Thunder_Bay differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Tijuana b/msys2/usr/share/zoneinfo/posix/America/Tijuana
index 29c83e71f..ada6bf78b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Tijuana and b/msys2/usr/share/zoneinfo/posix/America/Tijuana differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Toronto b/msys2/usr/share/zoneinfo/posix/America/Toronto
index 7b4682a39..6752c5b05 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Toronto and b/msys2/usr/share/zoneinfo/posix/America/Toronto differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Tortola b/msys2/usr/share/zoneinfo/posix/America/Tortola
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Tortola and b/msys2/usr/share/zoneinfo/posix/America/Tortola differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Vancouver b/msys2/usr/share/zoneinfo/posix/America/Vancouver
index 9b5d92417..0f9f83282 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Vancouver and b/msys2/usr/share/zoneinfo/posix/America/Vancouver differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Virgin b/msys2/usr/share/zoneinfo/posix/America/Virgin
index 447efbe2c..bdedd1bd9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Virgin and b/msys2/usr/share/zoneinfo/posix/America/Virgin differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Whitehorse b/msys2/usr/share/zoneinfo/posix/America/Whitehorse
index 6b62e2d3c..fb3cd71a6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Whitehorse and b/msys2/usr/share/zoneinfo/posix/America/Whitehorse differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Winnipeg b/msys2/usr/share/zoneinfo/posix/America/Winnipeg
index 2ffe3d8d8..3718d47da 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Winnipeg and b/msys2/usr/share/zoneinfo/posix/America/Winnipeg differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Yakutat b/msys2/usr/share/zoneinfo/posix/America/Yakutat
index 523b0a108..da209f9f0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Yakutat and b/msys2/usr/share/zoneinfo/posix/America/Yakutat differ
diff --git a/msys2/usr/share/zoneinfo/posix/America/Yellowknife b/msys2/usr/share/zoneinfo/posix/America/Yellowknife
index d9d6eff70..e6afa390e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/America/Yellowknife and b/msys2/usr/share/zoneinfo/posix/America/Yellowknife differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Casey b/msys2/usr/share/zoneinfo/posix/Antarctica/Casey
index 676f06da4..f100f4746 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Casey and b/msys2/usr/share/zoneinfo/posix/Antarctica/Casey differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Davis b/msys2/usr/share/zoneinfo/posix/Antarctica/Davis
index 40a992664..916f2c259 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Davis and b/msys2/usr/share/zoneinfo/posix/Antarctica/Davis differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/DumontDUrville b/msys2/usr/share/zoneinfo/posix/Antarctica/DumontDUrville
index 06863534c..bd6563ec8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/DumontDUrville and b/msys2/usr/share/zoneinfo/posix/Antarctica/DumontDUrville differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Macquarie b/msys2/usr/share/zoneinfo/posix/Antarctica/Macquarie
index aea2be77c..83c308add 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Macquarie and b/msys2/usr/share/zoneinfo/posix/Antarctica/Macquarie differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Mawson b/msys2/usr/share/zoneinfo/posix/Antarctica/Mawson
index 5197dd97b..e1f0b09b9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Mawson and b/msys2/usr/share/zoneinfo/posix/Antarctica/Mawson differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/McMurdo b/msys2/usr/share/zoneinfo/posix/Antarctica/McMurdo
index a5f5b6d5e..60bcef686 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/McMurdo and b/msys2/usr/share/zoneinfo/posix/Antarctica/McMurdo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Palmer b/msys2/usr/share/zoneinfo/posix/Antarctica/Palmer
index 43a01d3e6..3dd85f84f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Palmer and b/msys2/usr/share/zoneinfo/posix/Antarctica/Palmer differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Rothera b/msys2/usr/share/zoneinfo/posix/Antarctica/Rothera
index 56913f8a1..7940e6efa 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Rothera and b/msys2/usr/share/zoneinfo/posix/Antarctica/Rothera differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/South_Pole b/msys2/usr/share/zoneinfo/posix/Antarctica/South_Pole
index a5f5b6d5e..60bcef686 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/South_Pole and b/msys2/usr/share/zoneinfo/posix/Antarctica/South_Pole differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Syowa b/msys2/usr/share/zoneinfo/posix/Antarctica/Syowa
index 94a9d5a28..4bb041a26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Syowa and b/msys2/usr/share/zoneinfo/posix/Antarctica/Syowa differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Troll b/msys2/usr/share/zoneinfo/posix/Antarctica/Troll
index 3757faccb..5e565da2f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Troll and b/msys2/usr/share/zoneinfo/posix/Antarctica/Troll differ
diff --git a/msys2/usr/share/zoneinfo/posix/Antarctica/Vostok b/msys2/usr/share/zoneinfo/posix/Antarctica/Vostok
index 9fa335c44..5696abf51 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Antarctica/Vostok and b/msys2/usr/share/zoneinfo/posix/Antarctica/Vostok differ
diff --git a/msys2/usr/share/zoneinfo/posix/Arctic/Longyearbyen b/msys2/usr/share/zoneinfo/posix/Arctic/Longyearbyen
index 239c0174d..c6842af88 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Arctic/Longyearbyen and b/msys2/usr/share/zoneinfo/posix/Arctic/Longyearbyen differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Aden b/msys2/usr/share/zoneinfo/posix/Asia/Aden
index e71bc4e80..b2f9a2559 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Aden and b/msys2/usr/share/zoneinfo/posix/Asia/Aden differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Almaty b/msys2/usr/share/zoneinfo/posix/Asia/Almaty
index 49a4b4de7..d93201cfc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Almaty and b/msys2/usr/share/zoneinfo/posix/Asia/Almaty differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Amman b/msys2/usr/share/zoneinfo/posix/Asia/Amman
index c3f0994a7..281b304e2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Amman and b/msys2/usr/share/zoneinfo/posix/Asia/Amman differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Anadyr b/msys2/usr/share/zoneinfo/posix/Asia/Anadyr
index 0e623cf74..6a966013d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Anadyr and b/msys2/usr/share/zoneinfo/posix/Asia/Anadyr differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Aqtau b/msys2/usr/share/zoneinfo/posix/Asia/Aqtau
index 5803a3d3e..78cbcf0ef 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Aqtau and b/msys2/usr/share/zoneinfo/posix/Asia/Aqtau differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Aqtobe b/msys2/usr/share/zoneinfo/posix/Asia/Aqtobe
index 808a50261..7504052a7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Aqtobe and b/msys2/usr/share/zoneinfo/posix/Asia/Aqtobe differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Ashgabat b/msys2/usr/share/zoneinfo/posix/Asia/Ashgabat
index 046c47282..8d9e03c13 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Ashgabat and b/msys2/usr/share/zoneinfo/posix/Asia/Ashgabat differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Ashkhabad b/msys2/usr/share/zoneinfo/posix/Asia/Ashkhabad
index 046c47282..8d9e03c13 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Ashkhabad and b/msys2/usr/share/zoneinfo/posix/Asia/Ashkhabad differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Atyrau b/msys2/usr/share/zoneinfo/posix/Asia/Atyrau
index 27072eb51..317466d14 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Atyrau and b/msys2/usr/share/zoneinfo/posix/Asia/Atyrau differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Baghdad b/msys2/usr/share/zoneinfo/posix/Asia/Baghdad
index 3aacd78b1..97fa6c73c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Baghdad and b/msys2/usr/share/zoneinfo/posix/Asia/Baghdad differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Bahrain b/msys2/usr/share/zoneinfo/posix/Asia/Bahrain
index a0c5f6696..f5140926a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Bahrain and b/msys2/usr/share/zoneinfo/posix/Asia/Bahrain differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Baku b/msys2/usr/share/zoneinfo/posix/Asia/Baku
index a17d1ad8c..8a090d77d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Baku and b/msys2/usr/share/zoneinfo/posix/Asia/Baku differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Bangkok b/msys2/usr/share/zoneinfo/posix/Asia/Bangkok
index 8db5e8a61..724964029 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Bangkok and b/msys2/usr/share/zoneinfo/posix/Asia/Bangkok differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Barnaul b/msys2/usr/share/zoneinfo/posix/Asia/Barnaul
index 60efb41b4..82cc49c48 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Barnaul and b/msys2/usr/share/zoneinfo/posix/Asia/Barnaul differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Beirut b/msys2/usr/share/zoneinfo/posix/Asia/Beirut
index 72f089634..efb24c27f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Beirut and b/msys2/usr/share/zoneinfo/posix/Asia/Beirut differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Bishkek b/msys2/usr/share/zoneinfo/posix/Asia/Bishkek
index e3f81ee33..f7a7d5480 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Bishkek and b/msys2/usr/share/zoneinfo/posix/Asia/Bishkek differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Brunei b/msys2/usr/share/zoneinfo/posix/Asia/Brunei
index cad16b0df..8624c7ae1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Brunei and b/msys2/usr/share/zoneinfo/posix/Asia/Brunei differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Calcutta b/msys2/usr/share/zoneinfo/posix/Asia/Calcutta
index b57972dd8..e1cfcb8d0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Calcutta and b/msys2/usr/share/zoneinfo/posix/Asia/Calcutta differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Chita b/msys2/usr/share/zoneinfo/posix/Asia/Chita
index 95f56456e..3baf75282 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Chita and b/msys2/usr/share/zoneinfo/posix/Asia/Chita differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Choibalsan b/msys2/usr/share/zoneinfo/posix/Asia/Choibalsan
index 15b358f2f..79b9d3c82 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Choibalsan and b/msys2/usr/share/zoneinfo/posix/Asia/Choibalsan differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Chongqing b/msys2/usr/share/zoneinfo/posix/Asia/Chongqing
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Chongqing and b/msys2/usr/share/zoneinfo/posix/Asia/Chongqing differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Chungking b/msys2/usr/share/zoneinfo/posix/Asia/Chungking
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Chungking and b/msys2/usr/share/zoneinfo/posix/Asia/Chungking differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Colombo b/msys2/usr/share/zoneinfo/posix/Asia/Colombo
index 28fe4307d..4fc96c898 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Colombo and b/msys2/usr/share/zoneinfo/posix/Asia/Colombo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Dacca b/msys2/usr/share/zoneinfo/posix/Asia/Dacca
index 98881f093..776f27dac 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Dacca and b/msys2/usr/share/zoneinfo/posix/Asia/Dacca differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Damascus b/msys2/usr/share/zoneinfo/posix/Asia/Damascus
index ac457646b..4b610b5a0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Damascus and b/msys2/usr/share/zoneinfo/posix/Asia/Damascus differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Dhaka b/msys2/usr/share/zoneinfo/posix/Asia/Dhaka
index 98881f093..776f27dac 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Dhaka and b/msys2/usr/share/zoneinfo/posix/Asia/Dhaka differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Dili b/msys2/usr/share/zoneinfo/posix/Asia/Dili
index c94fa610f..f6ce91a15 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Dili and b/msys2/usr/share/zoneinfo/posix/Asia/Dili differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Dubai b/msys2/usr/share/zoneinfo/posix/Asia/Dubai
index c12f31a14..7880d5d7c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Dubai and b/msys2/usr/share/zoneinfo/posix/Asia/Dubai differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Dushanbe b/msys2/usr/share/zoneinfo/posix/Asia/Dushanbe
index 67c772b4d..694f6e6aa 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Dushanbe and b/msys2/usr/share/zoneinfo/posix/Asia/Dushanbe differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Famagusta b/msys2/usr/share/zoneinfo/posix/Asia/Famagusta
index 021f8a2dd..653b146a6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Famagusta and b/msys2/usr/share/zoneinfo/posix/Asia/Famagusta differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Gaza b/msys2/usr/share/zoneinfo/posix/Asia/Gaza
index 1818affb5..32b4ed659 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Gaza and b/msys2/usr/share/zoneinfo/posix/Asia/Gaza differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Harbin b/msys2/usr/share/zoneinfo/posix/Asia/Harbin
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Harbin and b/msys2/usr/share/zoneinfo/posix/Asia/Harbin differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Hebron b/msys2/usr/share/zoneinfo/posix/Asia/Hebron
index 286a93513..0ed8b0d4b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Hebron and b/msys2/usr/share/zoneinfo/posix/Asia/Hebron differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Ho_Chi_Minh b/msys2/usr/share/zoneinfo/posix/Asia/Ho_Chi_Minh
index 92642679c..eab94fe89 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Ho_Chi_Minh and b/msys2/usr/share/zoneinfo/posix/Asia/Ho_Chi_Minh differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Hong_Kong b/msys2/usr/share/zoneinfo/posix/Asia/Hong_Kong
index dc9058e4b..91eaff488 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Hong_Kong and b/msys2/usr/share/zoneinfo/posix/Asia/Hong_Kong differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Hovd b/msys2/usr/share/zoneinfo/posix/Asia/Hovd
index f367a550f..8eb5f6479 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Hovd and b/msys2/usr/share/zoneinfo/posix/Asia/Hovd differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Irkutsk b/msys2/usr/share/zoneinfo/posix/Asia/Irkutsk
index 84136366d..e8c53c0d6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Irkutsk and b/msys2/usr/share/zoneinfo/posix/Asia/Irkutsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Istanbul b/msys2/usr/share/zoneinfo/posix/Asia/Istanbul
index 9a53b3a39..833d4eba3 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Istanbul and b/msys2/usr/share/zoneinfo/posix/Asia/Istanbul differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Jakarta b/msys2/usr/share/zoneinfo/posix/Asia/Jakarta
index 37b4edded..673d48010 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Jakarta and b/msys2/usr/share/zoneinfo/posix/Asia/Jakarta differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Jayapura b/msys2/usr/share/zoneinfo/posix/Asia/Jayapura
index 39ddc8436..a4c082972 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Jayapura and b/msys2/usr/share/zoneinfo/posix/Asia/Jayapura differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Jerusalem b/msys2/usr/share/zoneinfo/posix/Asia/Jerusalem
index df5119935..93e9f19c7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Jerusalem and b/msys2/usr/share/zoneinfo/posix/Asia/Jerusalem differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Kabul b/msys2/usr/share/zoneinfo/posix/Asia/Kabul
index 80429ec40..a22cf5925 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Kabul and b/msys2/usr/share/zoneinfo/posix/Asia/Kabul differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Kamchatka b/msys2/usr/share/zoneinfo/posix/Asia/Kamchatka
index fab27defa..b9ed49cac 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Kamchatka and b/msys2/usr/share/zoneinfo/posix/Asia/Kamchatka differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Karachi b/msys2/usr/share/zoneinfo/posix/Asia/Karachi
index b7dcaab8f..337e1d586 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Karachi and b/msys2/usr/share/zoneinfo/posix/Asia/Karachi differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Kashgar b/msys2/usr/share/zoneinfo/posix/Asia/Kashgar
index b44a1e19e..0342b4331 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Kashgar and b/msys2/usr/share/zoneinfo/posix/Asia/Kashgar differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Kathmandu b/msys2/usr/share/zoneinfo/posix/Asia/Kathmandu
index 0cbd2952b..2f810b120 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Kathmandu and b/msys2/usr/share/zoneinfo/posix/Asia/Kathmandu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Katmandu b/msys2/usr/share/zoneinfo/posix/Asia/Katmandu
index 0cbd2952b..2f810b120 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Katmandu and b/msys2/usr/share/zoneinfo/posix/Asia/Katmandu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Khandyga b/msys2/usr/share/zoneinfo/posix/Asia/Khandyga
index 918369539..2b2f5bfae 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Khandyga and b/msys2/usr/share/zoneinfo/posix/Asia/Khandyga differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Kolkata b/msys2/usr/share/zoneinfo/posix/Asia/Kolkata
index b57972dd8..e1cfcb8d0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Kolkata and b/msys2/usr/share/zoneinfo/posix/Asia/Kolkata differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Krasnoyarsk b/msys2/usr/share/zoneinfo/posix/Asia/Krasnoyarsk
index faec35d30..59efd24ca 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Krasnoyarsk and b/msys2/usr/share/zoneinfo/posix/Asia/Krasnoyarsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Kuala_Lumpur b/msys2/usr/share/zoneinfo/posix/Asia/Kuala_Lumpur
index 5c95ebcdc..6d7d47b9d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Kuala_Lumpur and b/msys2/usr/share/zoneinfo/posix/Asia/Kuala_Lumpur differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Kuching b/msys2/usr/share/zoneinfo/posix/Asia/Kuching
index 62b538922..4878622dd 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Kuching and b/msys2/usr/share/zoneinfo/posix/Asia/Kuching differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Kuwait b/msys2/usr/share/zoneinfo/posix/Asia/Kuwait
index e71bc4e80..b2f9a2559 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Kuwait and b/msys2/usr/share/zoneinfo/posix/Asia/Kuwait differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Macao b/msys2/usr/share/zoneinfo/posix/Asia/Macao
index 46c1bad54..d801000dc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Macao and b/msys2/usr/share/zoneinfo/posix/Asia/Macao differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Macau b/msys2/usr/share/zoneinfo/posix/Asia/Macau
index 46c1bad54..d801000dc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Macau and b/msys2/usr/share/zoneinfo/posix/Asia/Macau differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Magadan b/msys2/usr/share/zoneinfo/posix/Asia/Magadan
index 2db063560..b20cc57ef 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Magadan and b/msys2/usr/share/zoneinfo/posix/Asia/Magadan differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Makassar b/msys2/usr/share/zoneinfo/posix/Asia/Makassar
index 3a5dcb270..ed55442e2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Makassar and b/msys2/usr/share/zoneinfo/posix/Asia/Makassar differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Manila b/msys2/usr/share/zoneinfo/posix/Asia/Manila
index 06859a70d..2c9220c99 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Manila and b/msys2/usr/share/zoneinfo/posix/Asia/Manila differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Muscat b/msys2/usr/share/zoneinfo/posix/Asia/Muscat
index c12f31a14..7880d5d7c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Muscat and b/msys2/usr/share/zoneinfo/posix/Asia/Muscat differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Nicosia b/msys2/usr/share/zoneinfo/posix/Asia/Nicosia
index 3e663b215..f7f10ab76 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Nicosia and b/msys2/usr/share/zoneinfo/posix/Asia/Nicosia differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Novokuznetsk b/msys2/usr/share/zoneinfo/posix/Asia/Novokuznetsk
index ed4b24827..2576a3b01 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Novokuznetsk and b/msys2/usr/share/zoneinfo/posix/Asia/Novokuznetsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Novosibirsk b/msys2/usr/share/zoneinfo/posix/Asia/Novosibirsk
index a5d39dffc..95e3c73bc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Novosibirsk and b/msys2/usr/share/zoneinfo/posix/Asia/Novosibirsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Omsk b/msys2/usr/share/zoneinfo/posix/Asia/Omsk
index 5e0d9b67a..d805e4f74 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Omsk and b/msys2/usr/share/zoneinfo/posix/Asia/Omsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Oral b/msys2/usr/share/zoneinfo/posix/Asia/Oral
index b8eb58d13..e36aec475 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Oral and b/msys2/usr/share/zoneinfo/posix/Asia/Oral differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Phnom_Penh b/msys2/usr/share/zoneinfo/posix/Asia/Phnom_Penh
index 8db5e8a61..724964029 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Phnom_Penh and b/msys2/usr/share/zoneinfo/posix/Asia/Phnom_Penh differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Pontianak b/msys2/usr/share/zoneinfo/posix/Asia/Pontianak
index ec98c62ba..9377d0383 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Pontianak and b/msys2/usr/share/zoneinfo/posix/Asia/Pontianak differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Pyongyang b/msys2/usr/share/zoneinfo/posix/Asia/Pyongyang
index de5c2b156..dd54989fa 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Pyongyang and b/msys2/usr/share/zoneinfo/posix/Asia/Pyongyang differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Qatar b/msys2/usr/share/zoneinfo/posix/Asia/Qatar
index a0c5f6696..f5140926a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Qatar and b/msys2/usr/share/zoneinfo/posix/Asia/Qatar differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Qostanay b/msys2/usr/share/zoneinfo/posix/Asia/Qostanay
new file mode 100644
index 000000000..cb6e2d90f
Binary files /dev/null and b/msys2/usr/share/zoneinfo/posix/Asia/Qostanay differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Qyzylorda b/msys2/usr/share/zoneinfo/posix/Asia/Qyzylorda
index 0fc7fada6..fc636b3b8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Qyzylorda and b/msys2/usr/share/zoneinfo/posix/Asia/Qyzylorda differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Rangoon b/msys2/usr/share/zoneinfo/posix/Asia/Rangoon
index 3cc2aafac..a00282de3 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Rangoon and b/msys2/usr/share/zoneinfo/posix/Asia/Rangoon differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Riyadh b/msys2/usr/share/zoneinfo/posix/Asia/Riyadh
index e71bc4e80..b2f9a2559 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Riyadh and b/msys2/usr/share/zoneinfo/posix/Asia/Riyadh differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Saigon b/msys2/usr/share/zoneinfo/posix/Asia/Saigon
index 92642679c..eab94fe89 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Saigon and b/msys2/usr/share/zoneinfo/posix/Asia/Saigon differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Sakhalin b/msys2/usr/share/zoneinfo/posix/Asia/Sakhalin
index 8d6b4dfe2..9c94900ce 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Sakhalin and b/msys2/usr/share/zoneinfo/posix/Asia/Sakhalin differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Samarkand b/msys2/usr/share/zoneinfo/posix/Asia/Samarkand
index 10c7af7fe..a5d1e9700 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Samarkand and b/msys2/usr/share/zoneinfo/posix/Asia/Samarkand differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Seoul b/msys2/usr/share/zoneinfo/posix/Asia/Seoul
index 312ec40a1..fa1cbd395 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Seoul and b/msys2/usr/share/zoneinfo/posix/Asia/Seoul differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Shanghai b/msys2/usr/share/zoneinfo/posix/Asia/Shanghai
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Shanghai and b/msys2/usr/share/zoneinfo/posix/Asia/Shanghai differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Singapore b/msys2/usr/share/zoneinfo/posix/Asia/Singapore
index 785836666..ebc4b0d9d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Singapore and b/msys2/usr/share/zoneinfo/posix/Asia/Singapore differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Srednekolymsk b/msys2/usr/share/zoneinfo/posix/Asia/Srednekolymsk
index 16b1cd8f9..f8b7bb212 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Srednekolymsk and b/msys2/usr/share/zoneinfo/posix/Asia/Srednekolymsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Taipei b/msys2/usr/share/zoneinfo/posix/Asia/Taipei
index 748873bed..f9cbe672a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Taipei and b/msys2/usr/share/zoneinfo/posix/Asia/Taipei differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Tashkent b/msys2/usr/share/zoneinfo/posix/Asia/Tashkent
index 6f7dea4ab..e75bb365a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Tashkent and b/msys2/usr/share/zoneinfo/posix/Asia/Tashkent differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Tbilisi b/msys2/usr/share/zoneinfo/posix/Asia/Tbilisi
index 4b2d2e296..09bb06eba 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Tbilisi and b/msys2/usr/share/zoneinfo/posix/Asia/Tbilisi differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Tehran b/msys2/usr/share/zoneinfo/posix/Asia/Tehran
index 3157f806b..0ae2f65fc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Tehran and b/msys2/usr/share/zoneinfo/posix/Asia/Tehran differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Tel_Aviv b/msys2/usr/share/zoneinfo/posix/Asia/Tel_Aviv
index df5119935..93e9f19c7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Tel_Aviv and b/msys2/usr/share/zoneinfo/posix/Asia/Tel_Aviv differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Thimbu b/msys2/usr/share/zoneinfo/posix/Asia/Thimbu
index a8bddb9fa..06d3324d0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Thimbu and b/msys2/usr/share/zoneinfo/posix/Asia/Thimbu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Thimphu b/msys2/usr/share/zoneinfo/posix/Asia/Thimphu
index a8bddb9fa..06d3324d0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Thimphu and b/msys2/usr/share/zoneinfo/posix/Asia/Thimphu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Tokyo b/msys2/usr/share/zoneinfo/posix/Asia/Tokyo
index 8ad44ba98..26f4d34d6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Tokyo and b/msys2/usr/share/zoneinfo/posix/Asia/Tokyo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Tomsk b/msys2/usr/share/zoneinfo/posix/Asia/Tomsk
index 919b0031d..28da9c901 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Tomsk and b/msys2/usr/share/zoneinfo/posix/Asia/Tomsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Ujung_Pandang b/msys2/usr/share/zoneinfo/posix/Asia/Ujung_Pandang
index 3a5dcb270..ed55442e2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Ujung_Pandang and b/msys2/usr/share/zoneinfo/posix/Asia/Ujung_Pandang differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Ulaanbaatar b/msys2/usr/share/zoneinfo/posix/Asia/Ulaanbaatar
index 94ddfea5f..82fd47609 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Ulaanbaatar and b/msys2/usr/share/zoneinfo/posix/Asia/Ulaanbaatar differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Ulan_Bator b/msys2/usr/share/zoneinfo/posix/Asia/Ulan_Bator
index 94ddfea5f..82fd47609 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Ulan_Bator and b/msys2/usr/share/zoneinfo/posix/Asia/Ulan_Bator differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Urumqi b/msys2/usr/share/zoneinfo/posix/Asia/Urumqi
index b44a1e19e..0342b4331 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Urumqi and b/msys2/usr/share/zoneinfo/posix/Asia/Urumqi differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Ust-Nera b/msys2/usr/share/zoneinfo/posix/Asia/Ust-Nera
index 7431eb97f..c0c3767e3 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Ust-Nera and b/msys2/usr/share/zoneinfo/posix/Asia/Ust-Nera differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Vientiane b/msys2/usr/share/zoneinfo/posix/Asia/Vientiane
index 8db5e8a61..724964029 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Vientiane and b/msys2/usr/share/zoneinfo/posix/Asia/Vientiane differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Vladivostok b/msys2/usr/share/zoneinfo/posix/Asia/Vladivostok
index 80b170bca..15731abc8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Vladivostok and b/msys2/usr/share/zoneinfo/posix/Asia/Vladivostok differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Yakutsk b/msys2/usr/share/zoneinfo/posix/Asia/Yakutsk
index 220ad3db5..1f86e77f5 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Yakutsk and b/msys2/usr/share/zoneinfo/posix/Asia/Yakutsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Yangon b/msys2/usr/share/zoneinfo/posix/Asia/Yangon
index 3cc2aafac..a00282de3 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Yangon and b/msys2/usr/share/zoneinfo/posix/Asia/Yangon differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Yekaterinburg b/msys2/usr/share/zoneinfo/posix/Asia/Yekaterinburg
index c1abb935c..fff9f3b14 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Yekaterinburg and b/msys2/usr/share/zoneinfo/posix/Asia/Yekaterinburg differ
diff --git a/msys2/usr/share/zoneinfo/posix/Asia/Yerevan b/msys2/usr/share/zoneinfo/posix/Asia/Yerevan
index 4c4e045bd..409c3b171 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Asia/Yerevan and b/msys2/usr/share/zoneinfo/posix/Asia/Yerevan differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Azores b/msys2/usr/share/zoneinfo/posix/Atlantic/Azores
index 37218e127..56593dbff 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Azores and b/msys2/usr/share/zoneinfo/posix/Atlantic/Azores differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Bermuda b/msys2/usr/share/zoneinfo/posix/Atlantic/Bermuda
index 548d979bd..3a5c6dbf7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Bermuda and b/msys2/usr/share/zoneinfo/posix/Atlantic/Bermuda differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Canary b/msys2/usr/share/zoneinfo/posix/Atlantic/Canary
index 544f443a0..f3192156f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Canary and b/msys2/usr/share/zoneinfo/posix/Atlantic/Canary differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Cape_Verde b/msys2/usr/share/zoneinfo/posix/Atlantic/Cape_Verde
index 1c012da59..e2a49d248 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Cape_Verde and b/msys2/usr/share/zoneinfo/posix/Atlantic/Cape_Verde differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Faeroe b/msys2/usr/share/zoneinfo/posix/Atlantic/Faeroe
index c4865186b..4dab7ef08 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Faeroe and b/msys2/usr/share/zoneinfo/posix/Atlantic/Faeroe differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Faroe b/msys2/usr/share/zoneinfo/posix/Atlantic/Faroe
index c4865186b..4dab7ef08 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Faroe and b/msys2/usr/share/zoneinfo/posix/Atlantic/Faroe differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Jan_Mayen b/msys2/usr/share/zoneinfo/posix/Atlantic/Jan_Mayen
index 239c0174d..c6842af88 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Jan_Mayen and b/msys2/usr/share/zoneinfo/posix/Atlantic/Jan_Mayen differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Madeira b/msys2/usr/share/zoneinfo/posix/Atlantic/Madeira
index 9c60071e4..5213761f8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Madeira and b/msys2/usr/share/zoneinfo/posix/Atlantic/Madeira differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Reykjavik b/msys2/usr/share/zoneinfo/posix/Atlantic/Reykjavik
index dc49c3247..ac6bd6973 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Reykjavik and b/msys2/usr/share/zoneinfo/posix/Atlantic/Reykjavik differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/South_Georgia b/msys2/usr/share/zoneinfo/posix/Atlantic/South_Georgia
index 56b383b16..b3311b633 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/South_Georgia and b/msys2/usr/share/zoneinfo/posix/Atlantic/South_Georgia differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/St_Helena b/msys2/usr/share/zoneinfo/posix/Atlantic/St_Helena
index 6fd1af32d..65d19ec26 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/St_Helena and b/msys2/usr/share/zoneinfo/posix/Atlantic/St_Helena differ
diff --git a/msys2/usr/share/zoneinfo/posix/Atlantic/Stanley b/msys2/usr/share/zoneinfo/posix/Atlantic/Stanley
index 3649415bd..2fd42a2c3 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Atlantic/Stanley and b/msys2/usr/share/zoneinfo/posix/Atlantic/Stanley differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/ACT b/msys2/usr/share/zoneinfo/posix/Australia/ACT
index aaed12ca2..4ed4467ff 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/ACT and b/msys2/usr/share/zoneinfo/posix/Australia/ACT differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Adelaide b/msys2/usr/share/zoneinfo/posix/Australia/Adelaide
index 4f331a87d..190b0e33f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Adelaide and b/msys2/usr/share/zoneinfo/posix/Australia/Adelaide differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Brisbane b/msys2/usr/share/zoneinfo/posix/Australia/Brisbane
index a327d83b7..26ffd9acb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Brisbane and b/msys2/usr/share/zoneinfo/posix/Australia/Brisbane differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Broken_Hill b/msys2/usr/share/zoneinfo/posix/Australia/Broken_Hill
index 768b16785..874c86505 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Broken_Hill and b/msys2/usr/share/zoneinfo/posix/Australia/Broken_Hill differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Canberra b/msys2/usr/share/zoneinfo/posix/Australia/Canberra
index aaed12ca2..4ed4467ff 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Canberra and b/msys2/usr/share/zoneinfo/posix/Australia/Canberra differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Currie b/msys2/usr/share/zoneinfo/posix/Australia/Currie
index a3f6f29a4..865801e5e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Currie and b/msys2/usr/share/zoneinfo/posix/Australia/Currie differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Darwin b/msys2/usr/share/zoneinfo/posix/Australia/Darwin
index c6ae9a7ba..cf42d1d87 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Darwin and b/msys2/usr/share/zoneinfo/posix/Australia/Darwin differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Eucla b/msys2/usr/share/zoneinfo/posix/Australia/Eucla
index 99f07a9fe..c49d499cd 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Eucla and b/msys2/usr/share/zoneinfo/posix/Australia/Eucla differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Hobart b/msys2/usr/share/zoneinfo/posix/Australia/Hobart
index 07784ce5d..92d1215d6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Hobart and b/msys2/usr/share/zoneinfo/posix/Australia/Hobart differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/LHI b/msys2/usr/share/zoneinfo/posix/Australia/LHI
index 57597b0b9..8c6c7dd0b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/LHI and b/msys2/usr/share/zoneinfo/posix/Australia/LHI differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Lindeman b/msys2/usr/share/zoneinfo/posix/Australia/Lindeman
index 71ca143f2..8ee1a6f54 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Lindeman and b/msys2/usr/share/zoneinfo/posix/Australia/Lindeman differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Lord_Howe b/msys2/usr/share/zoneinfo/posix/Australia/Lord_Howe
index 57597b0b9..8c6c7dd0b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Lord_Howe and b/msys2/usr/share/zoneinfo/posix/Australia/Lord_Howe differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Melbourne b/msys2/usr/share/zoneinfo/posix/Australia/Melbourne
index ec8dfe038..3f2d3d7f1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Melbourne and b/msys2/usr/share/zoneinfo/posix/Australia/Melbourne differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/NSW b/msys2/usr/share/zoneinfo/posix/Australia/NSW
index aaed12ca2..4ed4467ff 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/NSW and b/msys2/usr/share/zoneinfo/posix/Australia/NSW differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/North b/msys2/usr/share/zoneinfo/posix/Australia/North
index c6ae9a7ba..cf42d1d87 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/North and b/msys2/usr/share/zoneinfo/posix/Australia/North differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Perth b/msys2/usr/share/zoneinfo/posix/Australia/Perth
index 85c26d509..d38b67e2f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Perth and b/msys2/usr/share/zoneinfo/posix/Australia/Perth differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Queensland b/msys2/usr/share/zoneinfo/posix/Australia/Queensland
index a327d83b7..26ffd9acb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Queensland and b/msys2/usr/share/zoneinfo/posix/Australia/Queensland differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/South b/msys2/usr/share/zoneinfo/posix/Australia/South
index 4f331a87d..190b0e33f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/South and b/msys2/usr/share/zoneinfo/posix/Australia/South differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Sydney b/msys2/usr/share/zoneinfo/posix/Australia/Sydney
index aaed12ca2..4ed4467ff 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Sydney and b/msys2/usr/share/zoneinfo/posix/Australia/Sydney differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Tasmania b/msys2/usr/share/zoneinfo/posix/Australia/Tasmania
index 07784ce5d..92d1215d6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Tasmania and b/msys2/usr/share/zoneinfo/posix/Australia/Tasmania differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Victoria b/msys2/usr/share/zoneinfo/posix/Australia/Victoria
index ec8dfe038..3f2d3d7f1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Victoria and b/msys2/usr/share/zoneinfo/posix/Australia/Victoria differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/West b/msys2/usr/share/zoneinfo/posix/Australia/West
index 85c26d509..d38b67e2f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/West and b/msys2/usr/share/zoneinfo/posix/Australia/West differ
diff --git a/msys2/usr/share/zoneinfo/posix/Australia/Yancowinna b/msys2/usr/share/zoneinfo/posix/Australia/Yancowinna
index 768b16785..874c86505 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Australia/Yancowinna and b/msys2/usr/share/zoneinfo/posix/Australia/Yancowinna differ
diff --git a/msys2/usr/share/zoneinfo/posix/Brazil/Acre b/msys2/usr/share/zoneinfo/posix/Brazil/Acre
index b612ac235..16b7f923b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Brazil/Acre and b/msys2/usr/share/zoneinfo/posix/Brazil/Acre differ
diff --git a/msys2/usr/share/zoneinfo/posix/Brazil/DeNoronha b/msys2/usr/share/zoneinfo/posix/Brazil/DeNoronha
index 6d91f9145..95ff8a257 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Brazil/DeNoronha and b/msys2/usr/share/zoneinfo/posix/Brazil/DeNoronha differ
diff --git a/msys2/usr/share/zoneinfo/posix/Brazil/East b/msys2/usr/share/zoneinfo/posix/Brazil/East
index 308a545ce..c417ba1da 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Brazil/East and b/msys2/usr/share/zoneinfo/posix/Brazil/East differ
diff --git a/msys2/usr/share/zoneinfo/posix/Brazil/West b/msys2/usr/share/zoneinfo/posix/Brazil/West
index 855cb02c4..b10241e68 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Brazil/West and b/msys2/usr/share/zoneinfo/posix/Brazil/West differ
diff --git a/msys2/usr/share/zoneinfo/posix/CET b/msys2/usr/share/zoneinfo/posix/CET
index 4c4f8ef9a..d585656f8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/CET and b/msys2/usr/share/zoneinfo/posix/CET differ
diff --git a/msys2/usr/share/zoneinfo/posix/CST6CDT b/msys2/usr/share/zoneinfo/posix/CST6CDT
index 5c8a1d9a3..41c4136fe 100644
Binary files a/msys2/usr/share/zoneinfo/posix/CST6CDT and b/msys2/usr/share/zoneinfo/posix/CST6CDT differ
diff --git a/msys2/usr/share/zoneinfo/posix/Canada/Atlantic b/msys2/usr/share/zoneinfo/posix/Canada/Atlantic
index f86ece4c4..756099abe 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Canada/Atlantic and b/msys2/usr/share/zoneinfo/posix/Canada/Atlantic differ
diff --git a/msys2/usr/share/zoneinfo/posix/Canada/Central b/msys2/usr/share/zoneinfo/posix/Canada/Central
index 2ffe3d8d8..3718d47da 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Canada/Central and b/msys2/usr/share/zoneinfo/posix/Canada/Central differ
diff --git a/msys2/usr/share/zoneinfo/posix/Canada/Eastern b/msys2/usr/share/zoneinfo/posix/Canada/Eastern
index 7b4682a39..6752c5b05 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Canada/Eastern and b/msys2/usr/share/zoneinfo/posix/Canada/Eastern differ
diff --git a/msys2/usr/share/zoneinfo/posix/Canada/Mountain b/msys2/usr/share/zoneinfo/posix/Canada/Mountain
index d02fbcd47..3fa057989 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Canada/Mountain and b/msys2/usr/share/zoneinfo/posix/Canada/Mountain differ
diff --git a/msys2/usr/share/zoneinfo/posix/Canada/Newfoundland b/msys2/usr/share/zoneinfo/posix/Canada/Newfoundland
index a1d14854a..65a5b0c72 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Canada/Newfoundland and b/msys2/usr/share/zoneinfo/posix/Canada/Newfoundland differ
diff --git a/msys2/usr/share/zoneinfo/posix/Canada/Pacific b/msys2/usr/share/zoneinfo/posix/Canada/Pacific
index 9b5d92417..0f9f83282 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Canada/Pacific and b/msys2/usr/share/zoneinfo/posix/Canada/Pacific differ
diff --git a/msys2/usr/share/zoneinfo/posix/Canada/Saskatchewan b/msys2/usr/share/zoneinfo/posix/Canada/Saskatchewan
index 5fe8d6b61..20c9c84df 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Canada/Saskatchewan and b/msys2/usr/share/zoneinfo/posix/Canada/Saskatchewan differ
diff --git a/msys2/usr/share/zoneinfo/posix/Canada/Yukon b/msys2/usr/share/zoneinfo/posix/Canada/Yukon
index 6b62e2d3c..fb3cd71a6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Canada/Yukon and b/msys2/usr/share/zoneinfo/posix/Canada/Yukon differ
diff --git a/msys2/usr/share/zoneinfo/posix/Chile/Continental b/msys2/usr/share/zoneinfo/posix/Chile/Continental
index ab766a41b..816a04281 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Chile/Continental and b/msys2/usr/share/zoneinfo/posix/Chile/Continental differ
diff --git a/msys2/usr/share/zoneinfo/posix/Chile/EasterIsland b/msys2/usr/share/zoneinfo/posix/Chile/EasterIsland
index 060bef818..cae374409 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Chile/EasterIsland and b/msys2/usr/share/zoneinfo/posix/Chile/EasterIsland differ
diff --git a/msys2/usr/share/zoneinfo/posix/Cuba b/msys2/usr/share/zoneinfo/posix/Cuba
index 1a58fcdc9..8186060a4 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Cuba and b/msys2/usr/share/zoneinfo/posix/Cuba differ
diff --git a/msys2/usr/share/zoneinfo/posix/EET b/msys2/usr/share/zoneinfo/posix/EET
index beb273a24..d2f54c9ba 100644
Binary files a/msys2/usr/share/zoneinfo/posix/EET and b/msys2/usr/share/zoneinfo/posix/EET differ
diff --git a/msys2/usr/share/zoneinfo/posix/EST b/msys2/usr/share/zoneinfo/posix/EST
index ae346633c..074a4fc76 100644
Binary files a/msys2/usr/share/zoneinfo/posix/EST and b/msys2/usr/share/zoneinfo/posix/EST differ
diff --git a/msys2/usr/share/zoneinfo/posix/EST5EDT b/msys2/usr/share/zoneinfo/posix/EST5EDT
index 54541fc27..087b641d2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/EST5EDT and b/msys2/usr/share/zoneinfo/posix/EST5EDT differ
diff --git a/msys2/usr/share/zoneinfo/posix/Egypt b/msys2/usr/share/zoneinfo/posix/Egypt
index ba0975044..0272fa1ba 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Egypt and b/msys2/usr/share/zoneinfo/posix/Egypt differ
diff --git a/msys2/usr/share/zoneinfo/posix/Eire b/msys2/usr/share/zoneinfo/posix/Eire
index df3ecddd0..5c5a7a3b8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Eire and b/msys2/usr/share/zoneinfo/posix/Eire differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT b/msys2/usr/share/zoneinfo/posix/Etc/GMT
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT and b/msys2/usr/share/zoneinfo/posix/Etc/GMT differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+0 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+0 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+0 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+1 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+1
index 082986e76..087d1f925 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+1 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+1 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+10 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+10
index 23276cd13..6437c684f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+10 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+10 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+11 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+11
index 28c579dca..72a912e05 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+11 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+11 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+12 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+12
index c74060396..6938a1aff 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+12 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+12 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+2 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+2
index 721cde2f3..a31557770 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+2 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+2 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+3 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+3
index ae06bcb65..ee776199a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+3 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+3 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+4 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+4
index 5a7f878c9..1ea7da29d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+4 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+4 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+5 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+5
index 18cbf1fe2..dda1a9e11 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+5 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+5 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+6 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+6
index 1aa4be883..f4a038556 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+6 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+6 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+7 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+7
index cd8ed49af..2d2ccd005 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+7 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+7 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+8 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+8
index e0ba6b889..826c77001 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+8 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+8 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT+9 b/msys2/usr/share/zoneinfo/posix/Etc/GMT+9
index eee1bcb70..b125ad2bc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT+9 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT+9 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-0 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-0 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-0 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-1 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-1
index 4ff870140..dde682d83 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-1 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-1 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-10 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-10
index e12e461d5..352ec08a1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-10 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-10 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-11 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-11
index 37f273974..dfa27fec7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-11 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-11 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-12 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-12
index 09297f1bc..eef949df2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-12 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-12 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-13 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-13
index 97ae1e140..f9363b24f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-13 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-13 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-14 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-14
index 58d6d1b2a..35add05a6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-14 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-14 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-2 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-2
index f0dc70625..315cae4f9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-2 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-2 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-3 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-3
index a0790fe9c..7489a153d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-3 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-3 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-4 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-4
index a75a173dc..560243e84 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-4 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-4 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-5 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-5
index 85ebf22e8..b2bbe977d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-5 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-5 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-6 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-6
index 95def1f9e..b979dbbc5 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-6 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-6 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-7 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-7
index c6a776e95..365ab1f64 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-7 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-7 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-8 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-8
index f74a16f98..742082fcd 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-8 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-8 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT-9 b/msys2/usr/share/zoneinfo/posix/Etc/GMT-9
index 9b647c0fa..abc0b2758 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT-9 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT-9 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/GMT0 b/msys2/usr/share/zoneinfo/posix/Etc/GMT0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/GMT0 and b/msys2/usr/share/zoneinfo/posix/Etc/GMT0 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/Greenwich b/msys2/usr/share/zoneinfo/posix/Etc/Greenwich
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/Greenwich and b/msys2/usr/share/zoneinfo/posix/Etc/Greenwich differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/UCT b/msys2/usr/share/zoneinfo/posix/Etc/UCT
index 40147b9e8..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/UCT and b/msys2/usr/share/zoneinfo/posix/Etc/UCT differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/UTC b/msys2/usr/share/zoneinfo/posix/Etc/UTC
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/UTC and b/msys2/usr/share/zoneinfo/posix/Etc/UTC differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/Universal b/msys2/usr/share/zoneinfo/posix/Etc/Universal
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/Universal and b/msys2/usr/share/zoneinfo/posix/Etc/Universal differ
diff --git a/msys2/usr/share/zoneinfo/posix/Etc/Zulu b/msys2/usr/share/zoneinfo/posix/Etc/Zulu
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Etc/Zulu and b/msys2/usr/share/zoneinfo/posix/Etc/Zulu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Amsterdam b/msys2/usr/share/zoneinfo/posix/Europe/Amsterdam
index 6dae5e470..ed064ed4a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Amsterdam and b/msys2/usr/share/zoneinfo/posix/Europe/Amsterdam differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Andorra b/msys2/usr/share/zoneinfo/posix/Europe/Andorra
index b06de7a59..596255039 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Andorra and b/msys2/usr/share/zoneinfo/posix/Europe/Andorra differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Astrakhan b/msys2/usr/share/zoneinfo/posix/Europe/Astrakhan
index 90d7c2a81..5e069ea5b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Astrakhan and b/msys2/usr/share/zoneinfo/posix/Europe/Astrakhan differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Athens b/msys2/usr/share/zoneinfo/posix/Europe/Athens
index 0001602fd..9f3a0678d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Athens and b/msys2/usr/share/zoneinfo/posix/Europe/Athens differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Belfast b/msys2/usr/share/zoneinfo/posix/Europe/Belfast
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Belfast and b/msys2/usr/share/zoneinfo/posix/Europe/Belfast differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Belgrade b/msys2/usr/share/zoneinfo/posix/Europe/Belgrade
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Belgrade and b/msys2/usr/share/zoneinfo/posix/Europe/Belgrade differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Berlin b/msys2/usr/share/zoneinfo/posix/Europe/Berlin
index b4f2a2af6..7ddd510ec 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Berlin and b/msys2/usr/share/zoneinfo/posix/Europe/Berlin differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Bratislava b/msys2/usr/share/zoneinfo/posix/Europe/Bratislava
index 4eabe5c81..85036de35 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Bratislava and b/msys2/usr/share/zoneinfo/posix/Europe/Bratislava differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Brussels b/msys2/usr/share/zoneinfo/posix/Europe/Brussels
index d8f19a631..d0d0a08a2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Brussels and b/msys2/usr/share/zoneinfo/posix/Europe/Brussels differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Bucharest b/msys2/usr/share/zoneinfo/posix/Europe/Bucharest
index e0eac4ce3..4eb7ed0df 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Bucharest and b/msys2/usr/share/zoneinfo/posix/Europe/Bucharest differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Budapest b/msys2/usr/share/zoneinfo/posix/Europe/Budapest
index 3ddf6a528..dfdc6d247 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Budapest and b/msys2/usr/share/zoneinfo/posix/Europe/Budapest differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Busingen b/msys2/usr/share/zoneinfo/posix/Europe/Busingen
index 9c2b600b1..ad6cf5928 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Busingen and b/msys2/usr/share/zoneinfo/posix/Europe/Busingen differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Chisinau b/msys2/usr/share/zoneinfo/posix/Europe/Chisinau
index 2109b52a7..5bc1bfeba 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Chisinau and b/msys2/usr/share/zoneinfo/posix/Europe/Chisinau differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Copenhagen b/msys2/usr/share/zoneinfo/posix/Europe/Copenhagen
index be87cf162..cb2ec0671 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Copenhagen and b/msys2/usr/share/zoneinfo/posix/Europe/Copenhagen differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Dublin b/msys2/usr/share/zoneinfo/posix/Europe/Dublin
index df3ecddd0..5c5a7a3b8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Dublin and b/msys2/usr/share/zoneinfo/posix/Europe/Dublin differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Gibraltar b/msys2/usr/share/zoneinfo/posix/Europe/Gibraltar
index a7105faae..117aadb83 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Gibraltar and b/msys2/usr/share/zoneinfo/posix/Europe/Gibraltar differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Guernsey b/msys2/usr/share/zoneinfo/posix/Europe/Guernsey
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Guernsey and b/msys2/usr/share/zoneinfo/posix/Europe/Guernsey differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Helsinki b/msys2/usr/share/zoneinfo/posix/Europe/Helsinki
index 29b3c817f..b4f8f9cbb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Helsinki and b/msys2/usr/share/zoneinfo/posix/Europe/Helsinki differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Isle_of_Man b/msys2/usr/share/zoneinfo/posix/Europe/Isle_of_Man
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Isle_of_Man and b/msys2/usr/share/zoneinfo/posix/Europe/Isle_of_Man differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Istanbul b/msys2/usr/share/zoneinfo/posix/Europe/Istanbul
index 9a53b3a39..833d4eba3 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Istanbul and b/msys2/usr/share/zoneinfo/posix/Europe/Istanbul differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Jersey b/msys2/usr/share/zoneinfo/posix/Europe/Jersey
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Jersey and b/msys2/usr/share/zoneinfo/posix/Europe/Jersey differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Kaliningrad b/msys2/usr/share/zoneinfo/posix/Europe/Kaliningrad
index 37280d05f..982d82a3a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Kaliningrad and b/msys2/usr/share/zoneinfo/posix/Europe/Kaliningrad differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Kiev b/msys2/usr/share/zoneinfo/posix/Europe/Kiev
index b3e20a7e3..9337c9ea2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Kiev and b/msys2/usr/share/zoneinfo/posix/Europe/Kiev differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Kirov b/msys2/usr/share/zoneinfo/posix/Europe/Kirov
index 40b558f82..a3b5320a0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Kirov and b/msys2/usr/share/zoneinfo/posix/Europe/Kirov differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Lisbon b/msys2/usr/share/zoneinfo/posix/Europe/Lisbon
index b9aff3a51..355817b52 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Lisbon and b/msys2/usr/share/zoneinfo/posix/Europe/Lisbon differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Ljubljana b/msys2/usr/share/zoneinfo/posix/Europe/Ljubljana
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Ljubljana and b/msys2/usr/share/zoneinfo/posix/Europe/Ljubljana differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/London b/msys2/usr/share/zoneinfo/posix/Europe/London
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/London and b/msys2/usr/share/zoneinfo/posix/Europe/London differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Luxembourg b/msys2/usr/share/zoneinfo/posix/Europe/Luxembourg
index 6fae86c53..6c194a5cd 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Luxembourg and b/msys2/usr/share/zoneinfo/posix/Europe/Luxembourg differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Madrid b/msys2/usr/share/zoneinfo/posix/Europe/Madrid
index 9b51a73bd..ccc9d8575 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Madrid and b/msys2/usr/share/zoneinfo/posix/Europe/Madrid differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Malta b/msys2/usr/share/zoneinfo/posix/Europe/Malta
index c1208e2d2..bf2452da4 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Malta and b/msys2/usr/share/zoneinfo/posix/Europe/Malta differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Mariehamn b/msys2/usr/share/zoneinfo/posix/Europe/Mariehamn
index 29b3c817f..b4f8f9cbb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Mariehamn and b/msys2/usr/share/zoneinfo/posix/Europe/Mariehamn differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Minsk b/msys2/usr/share/zoneinfo/posix/Europe/Minsk
index 60041a418..801aead7d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Minsk and b/msys2/usr/share/zoneinfo/posix/Europe/Minsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Monaco b/msys2/usr/share/zoneinfo/posix/Europe/Monaco
index 0b40f1ec9..686ae8831 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Monaco and b/msys2/usr/share/zoneinfo/posix/Europe/Monaco differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Moscow b/msys2/usr/share/zoneinfo/posix/Europe/Moscow
index 906bd05f3..ddb3f4e99 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Moscow and b/msys2/usr/share/zoneinfo/posix/Europe/Moscow differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Nicosia b/msys2/usr/share/zoneinfo/posix/Europe/Nicosia
index 3e663b215..f7f10ab76 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Nicosia and b/msys2/usr/share/zoneinfo/posix/Europe/Nicosia differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Oslo b/msys2/usr/share/zoneinfo/posix/Europe/Oslo
index 239c0174d..c6842af88 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Oslo and b/msys2/usr/share/zoneinfo/posix/Europe/Oslo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Paris b/msys2/usr/share/zoneinfo/posix/Europe/Paris
index cf6e2e2ee..ca8543516 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Paris and b/msys2/usr/share/zoneinfo/posix/Europe/Paris differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Podgorica b/msys2/usr/share/zoneinfo/posix/Europe/Podgorica
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Podgorica and b/msys2/usr/share/zoneinfo/posix/Europe/Podgorica differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Prague b/msys2/usr/share/zoneinfo/posix/Europe/Prague
index 4eabe5c81..85036de35 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Prague and b/msys2/usr/share/zoneinfo/posix/Europe/Prague differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Riga b/msys2/usr/share/zoneinfo/posix/Europe/Riga
index b729ee8c2..8495c506e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Riga and b/msys2/usr/share/zoneinfo/posix/Europe/Riga differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Rome b/msys2/usr/share/zoneinfo/posix/Europe/Rome
index bdd3449e7..78a131b9f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Rome and b/msys2/usr/share/zoneinfo/posix/Europe/Rome differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Samara b/msys2/usr/share/zoneinfo/posix/Europe/Samara
index 0539acfd7..97d5dd9e6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Samara and b/msys2/usr/share/zoneinfo/posix/Europe/Samara differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/San_Marino b/msys2/usr/share/zoneinfo/posix/Europe/San_Marino
index bdd3449e7..78a131b9f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/San_Marino and b/msys2/usr/share/zoneinfo/posix/Europe/San_Marino differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Sarajevo b/msys2/usr/share/zoneinfo/posix/Europe/Sarajevo
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Sarajevo and b/msys2/usr/share/zoneinfo/posix/Europe/Sarajevo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Saratov b/msys2/usr/share/zoneinfo/posix/Europe/Saratov
index e8cd6b10e..8fd5f6d4b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Saratov and b/msys2/usr/share/zoneinfo/posix/Europe/Saratov differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Simferopol b/msys2/usr/share/zoneinfo/posix/Europe/Simferopol
index f3b42b004..e82dbbc78 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Simferopol and b/msys2/usr/share/zoneinfo/posix/Europe/Simferopol differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Skopje b/msys2/usr/share/zoneinfo/posix/Europe/Skopje
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Skopje and b/msys2/usr/share/zoneinfo/posix/Europe/Skopje differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Sofia b/msys2/usr/share/zoneinfo/posix/Europe/Sofia
index 763e07479..dcfdd0822 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Sofia and b/msys2/usr/share/zoneinfo/posix/Europe/Sofia differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Stockholm b/msys2/usr/share/zoneinfo/posix/Europe/Stockholm
index 43c7f2e23..f3e0c7f0f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Stockholm and b/msys2/usr/share/zoneinfo/posix/Europe/Stockholm differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Tallinn b/msys2/usr/share/zoneinfo/posix/Europe/Tallinn
index 18f903fa6..3a744cc6f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Tallinn and b/msys2/usr/share/zoneinfo/posix/Europe/Tallinn differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Tirane b/msys2/usr/share/zoneinfo/posix/Europe/Tirane
index 52c16a42b..0b86017d2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Tirane and b/msys2/usr/share/zoneinfo/posix/Europe/Tirane differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Tiraspol b/msys2/usr/share/zoneinfo/posix/Europe/Tiraspol
index 2109b52a7..5bc1bfeba 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Tiraspol and b/msys2/usr/share/zoneinfo/posix/Europe/Tiraspol differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Ulyanovsk b/msys2/usr/share/zoneinfo/posix/Europe/Ulyanovsk
index c280f430f..7b61bdc52 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Ulyanovsk and b/msys2/usr/share/zoneinfo/posix/Europe/Ulyanovsk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Uzhgorod b/msys2/usr/share/zoneinfo/posix/Europe/Uzhgorod
index 8ddba9097..677f0887b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Uzhgorod and b/msys2/usr/share/zoneinfo/posix/Europe/Uzhgorod differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Vaduz b/msys2/usr/share/zoneinfo/posix/Europe/Vaduz
index 9c2b600b1..ad6cf5928 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Vaduz and b/msys2/usr/share/zoneinfo/posix/Europe/Vaduz differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Vatican b/msys2/usr/share/zoneinfo/posix/Europe/Vatican
index bdd3449e7..78a131b9f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Vatican and b/msys2/usr/share/zoneinfo/posix/Europe/Vatican differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Vienna b/msys2/usr/share/zoneinfo/posix/Europe/Vienna
index 9c0fac536..9e2d0c948 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Vienna and b/msys2/usr/share/zoneinfo/posix/Europe/Vienna differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Vilnius b/msys2/usr/share/zoneinfo/posix/Europe/Vilnius
index da380af0e..46ce484fb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Vilnius and b/msys2/usr/share/zoneinfo/posix/Europe/Vilnius differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Volgograd b/msys2/usr/share/zoneinfo/posix/Europe/Volgograd
index f4cb64f16..8f170dd97 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Volgograd and b/msys2/usr/share/zoneinfo/posix/Europe/Volgograd differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Warsaw b/msys2/usr/share/zoneinfo/posix/Europe/Warsaw
index 5cbba412e..d6bb1561d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Warsaw and b/msys2/usr/share/zoneinfo/posix/Europe/Warsaw differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Zagreb b/msys2/usr/share/zoneinfo/posix/Europe/Zagreb
index 79c25d70e..32a572233 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Zagreb and b/msys2/usr/share/zoneinfo/posix/Europe/Zagreb differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Zaporozhye b/msys2/usr/share/zoneinfo/posix/Europe/Zaporozhye
index 6f148505b..e42edfc85 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Zaporozhye and b/msys2/usr/share/zoneinfo/posix/Europe/Zaporozhye differ
diff --git a/msys2/usr/share/zoneinfo/posix/Europe/Zurich b/msys2/usr/share/zoneinfo/posix/Europe/Zurich
index 9c2b600b1..ad6cf5928 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Europe/Zurich and b/msys2/usr/share/zoneinfo/posix/Europe/Zurich differ
diff --git a/msys2/usr/share/zoneinfo/posix/Factory b/msys2/usr/share/zoneinfo/posix/Factory
index afeeb88d0..95bc3a3b1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Factory and b/msys2/usr/share/zoneinfo/posix/Factory differ
diff --git a/msys2/usr/share/zoneinfo/posix/GB b/msys2/usr/share/zoneinfo/posix/GB
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/GB and b/msys2/usr/share/zoneinfo/posix/GB differ
diff --git a/msys2/usr/share/zoneinfo/posix/GB-Eire b/msys2/usr/share/zoneinfo/posix/GB-Eire
index 4527515ca..a340326e8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/GB-Eire and b/msys2/usr/share/zoneinfo/posix/GB-Eire differ
diff --git a/msys2/usr/share/zoneinfo/posix/GMT b/msys2/usr/share/zoneinfo/posix/GMT
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/GMT and b/msys2/usr/share/zoneinfo/posix/GMT differ
diff --git a/msys2/usr/share/zoneinfo/posix/GMT+0 b/msys2/usr/share/zoneinfo/posix/GMT+0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/GMT+0 and b/msys2/usr/share/zoneinfo/posix/GMT+0 differ
diff --git a/msys2/usr/share/zoneinfo/posix/GMT-0 b/msys2/usr/share/zoneinfo/posix/GMT-0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/GMT-0 and b/msys2/usr/share/zoneinfo/posix/GMT-0 differ
diff --git a/msys2/usr/share/zoneinfo/posix/GMT0 b/msys2/usr/share/zoneinfo/posix/GMT0
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/GMT0 and b/msys2/usr/share/zoneinfo/posix/GMT0 differ
diff --git a/msys2/usr/share/zoneinfo/posix/Greenwich b/msys2/usr/share/zoneinfo/posix/Greenwich
index c05e45fdd..2ee14295f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Greenwich and b/msys2/usr/share/zoneinfo/posix/Greenwich differ
diff --git a/msys2/usr/share/zoneinfo/posix/HST b/msys2/usr/share/zoneinfo/posix/HST
index 03e4db076..616c31bc5 100644
Binary files a/msys2/usr/share/zoneinfo/posix/HST and b/msys2/usr/share/zoneinfo/posix/HST differ
diff --git a/msys2/usr/share/zoneinfo/posix/Hongkong b/msys2/usr/share/zoneinfo/posix/Hongkong
index dc9058e4b..91eaff488 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Hongkong and b/msys2/usr/share/zoneinfo/posix/Hongkong differ
diff --git a/msys2/usr/share/zoneinfo/posix/Iceland b/msys2/usr/share/zoneinfo/posix/Iceland
index dc49c3247..ac6bd6973 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Iceland and b/msys2/usr/share/zoneinfo/posix/Iceland differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Antananarivo b/msys2/usr/share/zoneinfo/posix/Indian/Antananarivo
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Antananarivo and b/msys2/usr/share/zoneinfo/posix/Indian/Antananarivo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Chagos b/msys2/usr/share/zoneinfo/posix/Indian/Chagos
index 0e5e71927..f609611c8 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Chagos and b/msys2/usr/share/zoneinfo/posix/Indian/Chagos differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Christmas b/msys2/usr/share/zoneinfo/posix/Indian/Christmas
index 066c1e9fa..6babdeead 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Christmas and b/msys2/usr/share/zoneinfo/posix/Indian/Christmas differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Cocos b/msys2/usr/share/zoneinfo/posix/Indian/Cocos
index 34a2457be..58f80514e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Cocos and b/msys2/usr/share/zoneinfo/posix/Indian/Cocos differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Comoro b/msys2/usr/share/zoneinfo/posix/Indian/Comoro
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Comoro and b/msys2/usr/share/zoneinfo/posix/Indian/Comoro differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Kerguelen b/msys2/usr/share/zoneinfo/posix/Indian/Kerguelen
index e7d4d3d06..2cb6f3e35 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Kerguelen and b/msys2/usr/share/zoneinfo/posix/Indian/Kerguelen differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Mahe b/msys2/usr/share/zoneinfo/posix/Indian/Mahe
index db8ac6875..49e23e5a0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Mahe and b/msys2/usr/share/zoneinfo/posix/Indian/Mahe differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Maldives b/msys2/usr/share/zoneinfo/posix/Indian/Maldives
index 3f1a76e55..ffa336584 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Maldives and b/msys2/usr/share/zoneinfo/posix/Indian/Maldives differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Mauritius b/msys2/usr/share/zoneinfo/posix/Indian/Mauritius
index fd8d91112..b23e2cee1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Mauritius and b/msys2/usr/share/zoneinfo/posix/Indian/Mauritius differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Mayotte b/msys2/usr/share/zoneinfo/posix/Indian/Mayotte
index 39631f214..6e19601f7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Mayotte and b/msys2/usr/share/zoneinfo/posix/Indian/Mayotte differ
diff --git a/msys2/usr/share/zoneinfo/posix/Indian/Reunion b/msys2/usr/share/zoneinfo/posix/Indian/Reunion
index d5f9aa49d..11c6002e2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Indian/Reunion and b/msys2/usr/share/zoneinfo/posix/Indian/Reunion differ
diff --git a/msys2/usr/share/zoneinfo/posix/Iran b/msys2/usr/share/zoneinfo/posix/Iran
index 3157f806b..0ae2f65fc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Iran and b/msys2/usr/share/zoneinfo/posix/Iran differ
diff --git a/msys2/usr/share/zoneinfo/posix/Israel b/msys2/usr/share/zoneinfo/posix/Israel
index df5119935..93e9f19c7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Israel and b/msys2/usr/share/zoneinfo/posix/Israel differ
diff --git a/msys2/usr/share/zoneinfo/posix/Jamaica b/msys2/usr/share/zoneinfo/posix/Jamaica
index 006689bc8..162306f88 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Jamaica and b/msys2/usr/share/zoneinfo/posix/Jamaica differ
diff --git a/msys2/usr/share/zoneinfo/posix/Japan b/msys2/usr/share/zoneinfo/posix/Japan
index 8ad44ba98..26f4d34d6 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Japan and b/msys2/usr/share/zoneinfo/posix/Japan differ
diff --git a/msys2/usr/share/zoneinfo/posix/Kwajalein b/msys2/usr/share/zoneinfo/posix/Kwajalein
index 1a27122ee..d6413577f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Kwajalein and b/msys2/usr/share/zoneinfo/posix/Kwajalein differ
diff --git a/msys2/usr/share/zoneinfo/posix/Libya b/msys2/usr/share/zoneinfo/posix/Libya
index b32e2202f..bd885315f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Libya and b/msys2/usr/share/zoneinfo/posix/Libya differ
diff --git a/msys2/usr/share/zoneinfo/posix/MET b/msys2/usr/share/zoneinfo/posix/MET
index 71963d533..388dd7442 100644
Binary files a/msys2/usr/share/zoneinfo/posix/MET and b/msys2/usr/share/zoneinfo/posix/MET differ
diff --git a/msys2/usr/share/zoneinfo/posix/MST b/msys2/usr/share/zoneinfo/posix/MST
index a1bee7c6f..da3e926d2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/MST and b/msys2/usr/share/zoneinfo/posix/MST differ
diff --git a/msys2/usr/share/zoneinfo/posix/MST7MDT b/msys2/usr/share/zoneinfo/posix/MST7MDT
index 726a7e571..ddca8d196 100644
Binary files a/msys2/usr/share/zoneinfo/posix/MST7MDT and b/msys2/usr/share/zoneinfo/posix/MST7MDT differ
diff --git a/msys2/usr/share/zoneinfo/posix/Mexico/BajaNorte b/msys2/usr/share/zoneinfo/posix/Mexico/BajaNorte
index 29c83e71f..ada6bf78b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Mexico/BajaNorte and b/msys2/usr/share/zoneinfo/posix/Mexico/BajaNorte differ
diff --git a/msys2/usr/share/zoneinfo/posix/Mexico/BajaSur b/msys2/usr/share/zoneinfo/posix/Mexico/BajaSur
index afa94c2ac..43ee12d84 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Mexico/BajaSur and b/msys2/usr/share/zoneinfo/posix/Mexico/BajaSur differ
diff --git a/msys2/usr/share/zoneinfo/posix/Mexico/General b/msys2/usr/share/zoneinfo/posix/Mexico/General
index f11e3d2d6..1434ab088 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Mexico/General and b/msys2/usr/share/zoneinfo/posix/Mexico/General differ
diff --git a/msys2/usr/share/zoneinfo/posix/NZ b/msys2/usr/share/zoneinfo/posix/NZ
index a5f5b6d5e..60bcef686 100644
Binary files a/msys2/usr/share/zoneinfo/posix/NZ and b/msys2/usr/share/zoneinfo/posix/NZ differ
diff --git a/msys2/usr/share/zoneinfo/posix/NZ-CHAT b/msys2/usr/share/zoneinfo/posix/NZ-CHAT
index 957c80b79..abe09cb91 100644
Binary files a/msys2/usr/share/zoneinfo/posix/NZ-CHAT and b/msys2/usr/share/zoneinfo/posix/NZ-CHAT differ
diff --git a/msys2/usr/share/zoneinfo/posix/Navajo b/msys2/usr/share/zoneinfo/posix/Navajo
index 7fc669171..5fbe26b1d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Navajo and b/msys2/usr/share/zoneinfo/posix/Navajo differ
diff --git a/msys2/usr/share/zoneinfo/posix/PRC b/msys2/usr/share/zoneinfo/posix/PRC
index dbd132f2b..ce9e00a5d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/PRC and b/msys2/usr/share/zoneinfo/posix/PRC differ
diff --git a/msys2/usr/share/zoneinfo/posix/PST8PDT b/msys2/usr/share/zoneinfo/posix/PST8PDT
index 6242ac04c..d773e28f1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/PST8PDT and b/msys2/usr/share/zoneinfo/posix/PST8PDT differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Apia b/msys2/usr/share/zoneinfo/posix/Pacific/Apia
index 4091a85f3..fd03ff765 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Apia and b/msys2/usr/share/zoneinfo/posix/Pacific/Apia differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Auckland b/msys2/usr/share/zoneinfo/posix/Pacific/Auckland
index a5f5b6d5e..60bcef686 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Auckland and b/msys2/usr/share/zoneinfo/posix/Pacific/Auckland differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Bougainville b/msys2/usr/share/zoneinfo/posix/Pacific/Bougainville
index dc5a7d73c..6a6c2da28 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Bougainville and b/msys2/usr/share/zoneinfo/posix/Pacific/Bougainville differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Chatham b/msys2/usr/share/zoneinfo/posix/Pacific/Chatham
index 957c80b79..abe09cb91 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Chatham and b/msys2/usr/share/zoneinfo/posix/Pacific/Chatham differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Chuuk b/msys2/usr/share/zoneinfo/posix/Pacific/Chuuk
index 289b795a8..8004d65bb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Chuuk and b/msys2/usr/share/zoneinfo/posix/Pacific/Chuuk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Easter b/msys2/usr/share/zoneinfo/posix/Pacific/Easter
index 060bef818..cae374409 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Easter and b/msys2/usr/share/zoneinfo/posix/Pacific/Easter differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Efate b/msys2/usr/share/zoneinfo/posix/Pacific/Efate
index 5cee55df3..d650a056d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Efate and b/msys2/usr/share/zoneinfo/posix/Pacific/Efate differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Enderbury b/msys2/usr/share/zoneinfo/posix/Pacific/Enderbury
index b729b256a..80873503f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Enderbury and b/msys2/usr/share/zoneinfo/posix/Pacific/Enderbury differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Fakaofo b/msys2/usr/share/zoneinfo/posix/Pacific/Fakaofo
index 6e4b8afdb..4fa169f3c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Fakaofo and b/msys2/usr/share/zoneinfo/posix/Pacific/Fakaofo differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Fiji b/msys2/usr/share/zoneinfo/posix/Pacific/Fiji
index 912db1894..61a669535 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Fiji and b/msys2/usr/share/zoneinfo/posix/Pacific/Fiji differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Funafuti b/msys2/usr/share/zoneinfo/posix/Pacific/Funafuti
index 3289094a2..e6a154474 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Funafuti and b/msys2/usr/share/zoneinfo/posix/Pacific/Funafuti differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Galapagos b/msys2/usr/share/zoneinfo/posix/Pacific/Galapagos
index 76b2b3a12..859b76d94 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Galapagos and b/msys2/usr/share/zoneinfo/posix/Pacific/Galapagos differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Gambier b/msys2/usr/share/zoneinfo/posix/Pacific/Gambier
index 625016d51..4e9e36c5a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Gambier and b/msys2/usr/share/zoneinfo/posix/Pacific/Gambier differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Guadalcanal b/msys2/usr/share/zoneinfo/posix/Pacific/Guadalcanal
index 0c24095bf..908ccc144 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Guadalcanal and b/msys2/usr/share/zoneinfo/posix/Pacific/Guadalcanal differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Guam b/msys2/usr/share/zoneinfo/posix/Pacific/Guam
index 4286e6bac..e22424758 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Guam and b/msys2/usr/share/zoneinfo/posix/Pacific/Guam differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Honolulu b/msys2/usr/share/zoneinfo/posix/Pacific/Honolulu
index bd8557720..c7cd06015 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Honolulu and b/msys2/usr/share/zoneinfo/posix/Pacific/Honolulu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Johnston b/msys2/usr/share/zoneinfo/posix/Pacific/Johnston
index bd8557720..c7cd06015 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Johnston and b/msys2/usr/share/zoneinfo/posix/Pacific/Johnston differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Kiritimati b/msys2/usr/share/zoneinfo/posix/Pacific/Kiritimati
index 94384558c..cf5b3bd34 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Kiritimati and b/msys2/usr/share/zoneinfo/posix/Pacific/Kiritimati differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Kosrae b/msys2/usr/share/zoneinfo/posix/Pacific/Kosrae
index f8222e66b..11583b13e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Kosrae and b/msys2/usr/share/zoneinfo/posix/Pacific/Kosrae differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Kwajalein b/msys2/usr/share/zoneinfo/posix/Pacific/Kwajalein
index 1a27122ee..d6413577f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Kwajalein and b/msys2/usr/share/zoneinfo/posix/Pacific/Kwajalein differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Majuro b/msys2/usr/share/zoneinfo/posix/Pacific/Majuro
index b3a8c1844..65990cbba 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Majuro and b/msys2/usr/share/zoneinfo/posix/Pacific/Majuro differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Marquesas b/msys2/usr/share/zoneinfo/posix/Pacific/Marquesas
index 10c5c9bc1..5fad0e1b2 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Marquesas and b/msys2/usr/share/zoneinfo/posix/Pacific/Marquesas differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Midway b/msys2/usr/share/zoneinfo/posix/Pacific/Midway
index 3e38e97c9..72707b5e1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Midway and b/msys2/usr/share/zoneinfo/posix/Pacific/Midway differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Nauru b/msys2/usr/share/zoneinfo/posix/Pacific/Nauru
index 6092119f6..86d3b7d1e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Nauru and b/msys2/usr/share/zoneinfo/posix/Pacific/Nauru differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Niue b/msys2/usr/share/zoneinfo/posix/Pacific/Niue
index df6110dd1..1d58fe36f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Niue and b/msys2/usr/share/zoneinfo/posix/Pacific/Niue differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Norfolk b/msys2/usr/share/zoneinfo/posix/Pacific/Norfolk
index d0b9607ed..f630a65d5 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Norfolk and b/msys2/usr/share/zoneinfo/posix/Pacific/Norfolk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Noumea b/msys2/usr/share/zoneinfo/posix/Pacific/Noumea
index d9c68f88a..99f6bca20 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Noumea and b/msys2/usr/share/zoneinfo/posix/Pacific/Noumea differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Pago_Pago b/msys2/usr/share/zoneinfo/posix/Pacific/Pago_Pago
index 3e38e97c9..72707b5e1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Pago_Pago and b/msys2/usr/share/zoneinfo/posix/Pacific/Pago_Pago differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Palau b/msys2/usr/share/zoneinfo/posix/Pacific/Palau
index e1bbea561..05633b88e 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Palau and b/msys2/usr/share/zoneinfo/posix/Pacific/Palau differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Pitcairn b/msys2/usr/share/zoneinfo/posix/Pacific/Pitcairn
index 54783cf62..9092e4816 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Pitcairn and b/msys2/usr/share/zoneinfo/posix/Pacific/Pitcairn differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Pohnpei b/msys2/usr/share/zoneinfo/posix/Pacific/Pohnpei
index 9743bc3c9..090429c09 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Pohnpei and b/msys2/usr/share/zoneinfo/posix/Pacific/Pohnpei differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Ponape b/msys2/usr/share/zoneinfo/posix/Pacific/Ponape
index 9743bc3c9..090429c09 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Ponape and b/msys2/usr/share/zoneinfo/posix/Pacific/Ponape differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Port_Moresby b/msys2/usr/share/zoneinfo/posix/Pacific/Port_Moresby
index 3fa1f7fa8..f6fd51cb9 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Port_Moresby and b/msys2/usr/share/zoneinfo/posix/Pacific/Port_Moresby differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Rarotonga b/msys2/usr/share/zoneinfo/posix/Pacific/Rarotonga
index ace1ce4b7..9708b8707 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Rarotonga and b/msys2/usr/share/zoneinfo/posix/Pacific/Rarotonga differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Saipan b/msys2/usr/share/zoneinfo/posix/Pacific/Saipan
index 4286e6bac..e22424758 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Saipan and b/msys2/usr/share/zoneinfo/posix/Pacific/Saipan differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Samoa b/msys2/usr/share/zoneinfo/posix/Pacific/Samoa
index 3e38e97c9..72707b5e1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Samoa and b/msys2/usr/share/zoneinfo/posix/Pacific/Samoa differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Tahiti b/msys2/usr/share/zoneinfo/posix/Pacific/Tahiti
index 7867d8bd6..37e4e8833 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Tahiti and b/msys2/usr/share/zoneinfo/posix/Pacific/Tahiti differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Tarawa b/msys2/usr/share/zoneinfo/posix/Pacific/Tarawa
index 334041388..e23c0cd2c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Tarawa and b/msys2/usr/share/zoneinfo/posix/Pacific/Tarawa differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Tongatapu b/msys2/usr/share/zoneinfo/posix/Pacific/Tongatapu
index b3a5a89b6..35c9e2c64 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Tongatapu and b/msys2/usr/share/zoneinfo/posix/Pacific/Tongatapu differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Truk b/msys2/usr/share/zoneinfo/posix/Pacific/Truk
index 289b795a8..8004d65bb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Truk and b/msys2/usr/share/zoneinfo/posix/Pacific/Truk differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Wake b/msys2/usr/share/zoneinfo/posix/Pacific/Wake
index 2dc630c60..837ce1f5c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Wake and b/msys2/usr/share/zoneinfo/posix/Pacific/Wake differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Wallis b/msys2/usr/share/zoneinfo/posix/Pacific/Wallis
index b4f0f9bfb..8be9ac4d3 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Wallis and b/msys2/usr/share/zoneinfo/posix/Pacific/Wallis differ
diff --git a/msys2/usr/share/zoneinfo/posix/Pacific/Yap b/msys2/usr/share/zoneinfo/posix/Pacific/Yap
index 289b795a8..8004d65bb 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Pacific/Yap and b/msys2/usr/share/zoneinfo/posix/Pacific/Yap differ
diff --git a/msys2/usr/share/zoneinfo/posix/Poland b/msys2/usr/share/zoneinfo/posix/Poland
index 5cbba412e..d6bb1561d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Poland and b/msys2/usr/share/zoneinfo/posix/Poland differ
diff --git a/msys2/usr/share/zoneinfo/posix/Portugal b/msys2/usr/share/zoneinfo/posix/Portugal
index b9aff3a51..355817b52 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Portugal and b/msys2/usr/share/zoneinfo/posix/Portugal differ
diff --git a/msys2/usr/share/zoneinfo/posix/ROC b/msys2/usr/share/zoneinfo/posix/ROC
index 748873bed..f9cbe672a 100644
Binary files a/msys2/usr/share/zoneinfo/posix/ROC and b/msys2/usr/share/zoneinfo/posix/ROC differ
diff --git a/msys2/usr/share/zoneinfo/posix/ROK b/msys2/usr/share/zoneinfo/posix/ROK
index 312ec40a1..fa1cbd395 100644
Binary files a/msys2/usr/share/zoneinfo/posix/ROK and b/msys2/usr/share/zoneinfo/posix/ROK differ
diff --git a/msys2/usr/share/zoneinfo/posix/Singapore b/msys2/usr/share/zoneinfo/posix/Singapore
index 785836666..ebc4b0d9d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Singapore and b/msys2/usr/share/zoneinfo/posix/Singapore differ
diff --git a/msys2/usr/share/zoneinfo/posix/Turkey b/msys2/usr/share/zoneinfo/posix/Turkey
index 9a53b3a39..833d4eba3 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Turkey and b/msys2/usr/share/zoneinfo/posix/Turkey differ
diff --git a/msys2/usr/share/zoneinfo/posix/UCT b/msys2/usr/share/zoneinfo/posix/UCT
index 40147b9e8..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/UCT and b/msys2/usr/share/zoneinfo/posix/UCT differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Alaska b/msys2/usr/share/zoneinfo/posix/US/Alaska
index 6c8bdf226..9bbb2fd3b 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Alaska and b/msys2/usr/share/zoneinfo/posix/US/Alaska differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Aleutian b/msys2/usr/share/zoneinfo/posix/US/Aleutian
index 5696e0f8b..43236498f 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Aleutian and b/msys2/usr/share/zoneinfo/posix/US/Aleutian differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Arizona b/msys2/usr/share/zoneinfo/posix/US/Arizona
index adf28236a..4d51271a1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Arizona and b/msys2/usr/share/zoneinfo/posix/US/Arizona differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Central b/msys2/usr/share/zoneinfo/posix/US/Central
index 3dd8f0fa8..a5b1617c7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Central and b/msys2/usr/share/zoneinfo/posix/US/Central differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/East-Indiana b/msys2/usr/share/zoneinfo/posix/US/East-Indiana
index 4a92c0659..09511ccdc 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/East-Indiana and b/msys2/usr/share/zoneinfo/posix/US/East-Indiana differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Eastern b/msys2/usr/share/zoneinfo/posix/US/Eastern
index 7553fee37..2f75480e0 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Eastern and b/msys2/usr/share/zoneinfo/posix/US/Eastern differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Hawaii b/msys2/usr/share/zoneinfo/posix/US/Hawaii
index bd8557720..c7cd06015 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Hawaii and b/msys2/usr/share/zoneinfo/posix/US/Hawaii differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Indiana-Starke b/msys2/usr/share/zoneinfo/posix/US/Indiana-Starke
index cc785da97..fcd408d74 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Indiana-Starke and b/msys2/usr/share/zoneinfo/posix/US/Indiana-Starke differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Michigan b/msys2/usr/share/zoneinfo/posix/US/Michigan
index e3ea5c3ef..5e0226057 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Michigan and b/msys2/usr/share/zoneinfo/posix/US/Michigan differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Mountain b/msys2/usr/share/zoneinfo/posix/US/Mountain
index 7fc669171..5fbe26b1d 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Mountain and b/msys2/usr/share/zoneinfo/posix/US/Mountain differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Pacific b/msys2/usr/share/zoneinfo/posix/US/Pacific
index c0ce4402f..9dad4f4c7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Pacific and b/msys2/usr/share/zoneinfo/posix/US/Pacific differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Pacific-New b/msys2/usr/share/zoneinfo/posix/US/Pacific-New
index c0ce4402f..9dad4f4c7 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Pacific-New and b/msys2/usr/share/zoneinfo/posix/US/Pacific-New differ
diff --git a/msys2/usr/share/zoneinfo/posix/US/Samoa b/msys2/usr/share/zoneinfo/posix/US/Samoa
index 3e38e97c9..72707b5e1 100644
Binary files a/msys2/usr/share/zoneinfo/posix/US/Samoa and b/msys2/usr/share/zoneinfo/posix/US/Samoa differ
diff --git a/msys2/usr/share/zoneinfo/posix/UTC b/msys2/usr/share/zoneinfo/posix/UTC
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/UTC and b/msys2/usr/share/zoneinfo/posix/UTC differ
diff --git a/msys2/usr/share/zoneinfo/posix/Universal b/msys2/usr/share/zoneinfo/posix/Universal
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Universal and b/msys2/usr/share/zoneinfo/posix/Universal differ
diff --git a/msys2/usr/share/zoneinfo/posix/W-SU b/msys2/usr/share/zoneinfo/posix/W-SU
index 906bd05f3..ddb3f4e99 100644
Binary files a/msys2/usr/share/zoneinfo/posix/W-SU and b/msys2/usr/share/zoneinfo/posix/W-SU differ
diff --git a/msys2/usr/share/zoneinfo/posix/WET b/msys2/usr/share/zoneinfo/posix/WET
index 444a1933d..9b03a17f4 100644
Binary files a/msys2/usr/share/zoneinfo/posix/WET and b/msys2/usr/share/zoneinfo/posix/WET differ
diff --git a/msys2/usr/share/zoneinfo/posix/Zulu b/msys2/usr/share/zoneinfo/posix/Zulu
index c3b97f1a1..5583f5b0c 100644
Binary files a/msys2/usr/share/zoneinfo/posix/Zulu and b/msys2/usr/share/zoneinfo/posix/Zulu differ
diff --git a/msys2/usr/share/zoneinfo/posixrules b/msys2/usr/share/zoneinfo/posixrules
index 7553fee37..2f75480e0 100644
Binary files a/msys2/usr/share/zoneinfo/posixrules and b/msys2/usr/share/zoneinfo/posixrules differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Abidjan b/msys2/usr/share/zoneinfo/right/Africa/Abidjan
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Abidjan and b/msys2/usr/share/zoneinfo/right/Africa/Abidjan differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Accra b/msys2/usr/share/zoneinfo/right/Africa/Accra
index 93e1241de..c10408fc9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Accra and b/msys2/usr/share/zoneinfo/right/Africa/Accra differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Addis_Ababa b/msys2/usr/share/zoneinfo/right/Africa/Addis_Ababa
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Addis_Ababa and b/msys2/usr/share/zoneinfo/right/Africa/Addis_Ababa differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Algiers b/msys2/usr/share/zoneinfo/right/Africa/Algiers
index 728199134..169bd11fe 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Algiers and b/msys2/usr/share/zoneinfo/right/Africa/Algiers differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Asmara b/msys2/usr/share/zoneinfo/right/Africa/Asmara
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Asmara and b/msys2/usr/share/zoneinfo/right/Africa/Asmara differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Asmera b/msys2/usr/share/zoneinfo/right/Africa/Asmera
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Asmera and b/msys2/usr/share/zoneinfo/right/Africa/Asmera differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Bamako b/msys2/usr/share/zoneinfo/right/Africa/Bamako
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Bamako and b/msys2/usr/share/zoneinfo/right/Africa/Bamako differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Bangui b/msys2/usr/share/zoneinfo/right/Africa/Bangui
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Bangui and b/msys2/usr/share/zoneinfo/right/Africa/Bangui differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Banjul b/msys2/usr/share/zoneinfo/right/Africa/Banjul
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Banjul and b/msys2/usr/share/zoneinfo/right/Africa/Banjul differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Bissau b/msys2/usr/share/zoneinfo/right/Africa/Bissau
index eab385439..c77899327 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Bissau and b/msys2/usr/share/zoneinfo/right/Africa/Bissau differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Blantyre b/msys2/usr/share/zoneinfo/right/Africa/Blantyre
index d33e1e5fc..842604d47 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Blantyre and b/msys2/usr/share/zoneinfo/right/Africa/Blantyre differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Brazzaville b/msys2/usr/share/zoneinfo/right/Africa/Brazzaville
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Brazzaville and b/msys2/usr/share/zoneinfo/right/Africa/Brazzaville differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Bujumbura b/msys2/usr/share/zoneinfo/right/Africa/Bujumbura
index d33e1e5fc..842604d47 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Bujumbura and b/msys2/usr/share/zoneinfo/right/Africa/Bujumbura differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Cairo b/msys2/usr/share/zoneinfo/right/Africa/Cairo
index 8efe9ee1f..b6d09628c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Cairo and b/msys2/usr/share/zoneinfo/right/Africa/Cairo differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Casablanca b/msys2/usr/share/zoneinfo/right/Africa/Casablanca
index d75714a6d..bde993970 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Casablanca and b/msys2/usr/share/zoneinfo/right/Africa/Casablanca differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Ceuta b/msys2/usr/share/zoneinfo/right/Africa/Ceuta
index 202e1cc76..45ca60d08 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Ceuta and b/msys2/usr/share/zoneinfo/right/Africa/Ceuta differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Conakry b/msys2/usr/share/zoneinfo/right/Africa/Conakry
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Conakry and b/msys2/usr/share/zoneinfo/right/Africa/Conakry differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Dakar b/msys2/usr/share/zoneinfo/right/Africa/Dakar
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Dakar and b/msys2/usr/share/zoneinfo/right/Africa/Dakar differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Dar_es_Salaam b/msys2/usr/share/zoneinfo/right/Africa/Dar_es_Salaam
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Dar_es_Salaam and b/msys2/usr/share/zoneinfo/right/Africa/Dar_es_Salaam differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Djibouti b/msys2/usr/share/zoneinfo/right/Africa/Djibouti
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Djibouti and b/msys2/usr/share/zoneinfo/right/Africa/Djibouti differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Douala b/msys2/usr/share/zoneinfo/right/Africa/Douala
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Douala and b/msys2/usr/share/zoneinfo/right/Africa/Douala differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/El_Aaiun b/msys2/usr/share/zoneinfo/right/Africa/El_Aaiun
index dceaf036d..fcad7dc57 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/El_Aaiun and b/msys2/usr/share/zoneinfo/right/Africa/El_Aaiun differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Freetown b/msys2/usr/share/zoneinfo/right/Africa/Freetown
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Freetown and b/msys2/usr/share/zoneinfo/right/Africa/Freetown differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Gaborone b/msys2/usr/share/zoneinfo/right/Africa/Gaborone
index d33e1e5fc..842604d47 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Gaborone and b/msys2/usr/share/zoneinfo/right/Africa/Gaborone differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Harare b/msys2/usr/share/zoneinfo/right/Africa/Harare
index d33e1e5fc..842604d47 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Harare and b/msys2/usr/share/zoneinfo/right/Africa/Harare differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Johannesburg b/msys2/usr/share/zoneinfo/right/Africa/Johannesburg
index 449542508..2e6a0fece 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Johannesburg and b/msys2/usr/share/zoneinfo/right/Africa/Johannesburg differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Juba b/msys2/usr/share/zoneinfo/right/Africa/Juba
index b5972e6da..a7fdff215 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Juba and b/msys2/usr/share/zoneinfo/right/Africa/Juba differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Kampala b/msys2/usr/share/zoneinfo/right/Africa/Kampala
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Kampala and b/msys2/usr/share/zoneinfo/right/Africa/Kampala differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Khartoum b/msys2/usr/share/zoneinfo/right/Africa/Khartoum
index babd8d7de..e7164729c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Khartoum and b/msys2/usr/share/zoneinfo/right/Africa/Khartoum differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Kigali b/msys2/usr/share/zoneinfo/right/Africa/Kigali
index d33e1e5fc..842604d47 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Kigali and b/msys2/usr/share/zoneinfo/right/Africa/Kigali differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Kinshasa b/msys2/usr/share/zoneinfo/right/Africa/Kinshasa
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Kinshasa and b/msys2/usr/share/zoneinfo/right/Africa/Kinshasa differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Lagos b/msys2/usr/share/zoneinfo/right/Africa/Lagos
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Lagos and b/msys2/usr/share/zoneinfo/right/Africa/Lagos differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Libreville b/msys2/usr/share/zoneinfo/right/Africa/Libreville
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Libreville and b/msys2/usr/share/zoneinfo/right/Africa/Libreville differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Lome b/msys2/usr/share/zoneinfo/right/Africa/Lome
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Lome and b/msys2/usr/share/zoneinfo/right/Africa/Lome differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Luanda b/msys2/usr/share/zoneinfo/right/Africa/Luanda
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Luanda and b/msys2/usr/share/zoneinfo/right/Africa/Luanda differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Lubumbashi b/msys2/usr/share/zoneinfo/right/Africa/Lubumbashi
index d33e1e5fc..842604d47 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Lubumbashi and b/msys2/usr/share/zoneinfo/right/Africa/Lubumbashi differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Lusaka b/msys2/usr/share/zoneinfo/right/Africa/Lusaka
index d33e1e5fc..842604d47 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Lusaka and b/msys2/usr/share/zoneinfo/right/Africa/Lusaka differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Malabo b/msys2/usr/share/zoneinfo/right/Africa/Malabo
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Malabo and b/msys2/usr/share/zoneinfo/right/Africa/Malabo differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Maputo b/msys2/usr/share/zoneinfo/right/Africa/Maputo
index d33e1e5fc..842604d47 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Maputo and b/msys2/usr/share/zoneinfo/right/Africa/Maputo differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Maseru b/msys2/usr/share/zoneinfo/right/Africa/Maseru
index 449542508..2e6a0fece 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Maseru and b/msys2/usr/share/zoneinfo/right/Africa/Maseru differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Mbabane b/msys2/usr/share/zoneinfo/right/Africa/Mbabane
index 449542508..2e6a0fece 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Mbabane and b/msys2/usr/share/zoneinfo/right/Africa/Mbabane differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Mogadishu b/msys2/usr/share/zoneinfo/right/Africa/Mogadishu
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Mogadishu and b/msys2/usr/share/zoneinfo/right/Africa/Mogadishu differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Monrovia b/msys2/usr/share/zoneinfo/right/Africa/Monrovia
index e9bd52374..a85833cdb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Monrovia and b/msys2/usr/share/zoneinfo/right/Africa/Monrovia differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Nairobi b/msys2/usr/share/zoneinfo/right/Africa/Nairobi
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Nairobi and b/msys2/usr/share/zoneinfo/right/Africa/Nairobi differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Ndjamena b/msys2/usr/share/zoneinfo/right/Africa/Ndjamena
index 2834b7170..a671db9c2 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Ndjamena and b/msys2/usr/share/zoneinfo/right/Africa/Ndjamena differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Niamey b/msys2/usr/share/zoneinfo/right/Africa/Niamey
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Niamey and b/msys2/usr/share/zoneinfo/right/Africa/Niamey differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Nouakchott b/msys2/usr/share/zoneinfo/right/Africa/Nouakchott
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Nouakchott and b/msys2/usr/share/zoneinfo/right/Africa/Nouakchott differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Ouagadougou b/msys2/usr/share/zoneinfo/right/Africa/Ouagadougou
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Ouagadougou and b/msys2/usr/share/zoneinfo/right/Africa/Ouagadougou differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Porto-Novo b/msys2/usr/share/zoneinfo/right/Africa/Porto-Novo
index c4da41cae..b90125773 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Porto-Novo and b/msys2/usr/share/zoneinfo/right/Africa/Porto-Novo differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Sao_Tome b/msys2/usr/share/zoneinfo/right/Africa/Sao_Tome
index 1d20700ab..888fce343 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Sao_Tome and b/msys2/usr/share/zoneinfo/right/Africa/Sao_Tome differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Timbuktu b/msys2/usr/share/zoneinfo/right/Africa/Timbuktu
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Timbuktu and b/msys2/usr/share/zoneinfo/right/Africa/Timbuktu differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Tripoli b/msys2/usr/share/zoneinfo/right/Africa/Tripoli
index 86780069c..fd3d1706a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Tripoli and b/msys2/usr/share/zoneinfo/right/Africa/Tripoli differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Tunis b/msys2/usr/share/zoneinfo/right/Africa/Tunis
index 2ff555792..649343231 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Tunis and b/msys2/usr/share/zoneinfo/right/Africa/Tunis differ
diff --git a/msys2/usr/share/zoneinfo/right/Africa/Windhoek b/msys2/usr/share/zoneinfo/right/Africa/Windhoek
index e15f8e6cf..31558b558 100644
Binary files a/msys2/usr/share/zoneinfo/right/Africa/Windhoek and b/msys2/usr/share/zoneinfo/right/Africa/Windhoek differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Adak b/msys2/usr/share/zoneinfo/right/America/Adak
index 49111a008..f2ab522bf 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Adak and b/msys2/usr/share/zoneinfo/right/America/Adak differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Anchorage b/msys2/usr/share/zoneinfo/right/America/Anchorage
index 39c8614d9..ceeeec2a5 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Anchorage and b/msys2/usr/share/zoneinfo/right/America/Anchorage differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Anguilla b/msys2/usr/share/zoneinfo/right/America/Anguilla
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Anguilla and b/msys2/usr/share/zoneinfo/right/America/Anguilla differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Antigua b/msys2/usr/share/zoneinfo/right/America/Antigua
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Antigua and b/msys2/usr/share/zoneinfo/right/America/Antigua differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Araguaina b/msys2/usr/share/zoneinfo/right/America/Araguaina
index fa6556240..ccc875466 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Araguaina and b/msys2/usr/share/zoneinfo/right/America/Araguaina differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Buenos_Aires b/msys2/usr/share/zoneinfo/right/America/Argentina/Buenos_Aires
index 6261be6bd..9d008e5c7 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Buenos_Aires and b/msys2/usr/share/zoneinfo/right/America/Argentina/Buenos_Aires differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Catamarca b/msys2/usr/share/zoneinfo/right/America/Argentina/Catamarca
index 5bb711b64..32df7c816 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Catamarca and b/msys2/usr/share/zoneinfo/right/America/Argentina/Catamarca differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/ComodRivadavia b/msys2/usr/share/zoneinfo/right/America/Argentina/ComodRivadavia
index 5bb711b64..32df7c816 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/ComodRivadavia and b/msys2/usr/share/zoneinfo/right/America/Argentina/ComodRivadavia differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Cordoba b/msys2/usr/share/zoneinfo/right/America/Argentina/Cordoba
index 51dd6ad5e..0c08d1249 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Cordoba and b/msys2/usr/share/zoneinfo/right/America/Argentina/Cordoba differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Jujuy b/msys2/usr/share/zoneinfo/right/America/Argentina/Jujuy
index 4ce085b66..09c694766 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Jujuy and b/msys2/usr/share/zoneinfo/right/America/Argentina/Jujuy differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/La_Rioja b/msys2/usr/share/zoneinfo/right/America/Argentina/La_Rioja
index 101bbd84a..34161da53 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/La_Rioja and b/msys2/usr/share/zoneinfo/right/America/Argentina/La_Rioja differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Mendoza b/msys2/usr/share/zoneinfo/right/America/Argentina/Mendoza
index 25ce2c8dc..f178de3db 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Mendoza and b/msys2/usr/share/zoneinfo/right/America/Argentina/Mendoza differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Rio_Gallegos b/msys2/usr/share/zoneinfo/right/America/Argentina/Rio_Gallegos
index 834c8d733..57d7b7aa7 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Rio_Gallegos and b/msys2/usr/share/zoneinfo/right/America/Argentina/Rio_Gallegos differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Salta b/msys2/usr/share/zoneinfo/right/America/Argentina/Salta
index 96ffa0257..542e4d522 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Salta and b/msys2/usr/share/zoneinfo/right/America/Argentina/Salta differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/San_Juan b/msys2/usr/share/zoneinfo/right/America/Argentina/San_Juan
index f5052204e..0d7667245 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/San_Juan and b/msys2/usr/share/zoneinfo/right/America/Argentina/San_Juan differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/San_Luis b/msys2/usr/share/zoneinfo/right/America/Argentina/San_Luis
index e41bd6fe7..3d402233f 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/San_Luis and b/msys2/usr/share/zoneinfo/right/America/Argentina/San_Luis differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Tucuman b/msys2/usr/share/zoneinfo/right/America/Argentina/Tucuman
index 42b1f7f46..8ea1e17e1 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Tucuman and b/msys2/usr/share/zoneinfo/right/America/Argentina/Tucuman differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Argentina/Ushuaia b/msys2/usr/share/zoneinfo/right/America/Argentina/Ushuaia
index f3d2139c9..14ece6d94 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Argentina/Ushuaia and b/msys2/usr/share/zoneinfo/right/America/Argentina/Ushuaia differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Aruba b/msys2/usr/share/zoneinfo/right/America/Aruba
index e573b296f..e6555e2cb 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Aruba and b/msys2/usr/share/zoneinfo/right/America/Aruba differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Asuncion b/msys2/usr/share/zoneinfo/right/America/Asuncion
index 3de397ddf..9a64a5c00 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Asuncion and b/msys2/usr/share/zoneinfo/right/America/Asuncion differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Atikokan b/msys2/usr/share/zoneinfo/right/America/Atikokan
index fc0d704ed..c4d7e224e 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Atikokan and b/msys2/usr/share/zoneinfo/right/America/Atikokan differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Atka b/msys2/usr/share/zoneinfo/right/America/Atka
index 49111a008..f2ab522bf 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Atka and b/msys2/usr/share/zoneinfo/right/America/Atka differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Bahia b/msys2/usr/share/zoneinfo/right/America/Bahia
index fb04bb6a6..bff61069a 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Bahia and b/msys2/usr/share/zoneinfo/right/America/Bahia differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Bahia_Banderas b/msys2/usr/share/zoneinfo/right/America/Bahia_Banderas
index 715e5fd4e..799c76372 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Bahia_Banderas and b/msys2/usr/share/zoneinfo/right/America/Bahia_Banderas differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Barbados b/msys2/usr/share/zoneinfo/right/America/Barbados
index b19f8e8b4..701f4066a 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Barbados and b/msys2/usr/share/zoneinfo/right/America/Barbados differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Belem b/msys2/usr/share/zoneinfo/right/America/Belem
index 5155f3975..60811c5d0 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Belem and b/msys2/usr/share/zoneinfo/right/America/Belem differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Belize b/msys2/usr/share/zoneinfo/right/America/Belize
index 8e64068a7..30b4b13e9 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Belize and b/msys2/usr/share/zoneinfo/right/America/Belize differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Blanc-Sablon b/msys2/usr/share/zoneinfo/right/America/Blanc-Sablon
index 7dbbfb4fc..2ce318c0b 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Blanc-Sablon and b/msys2/usr/share/zoneinfo/right/America/Blanc-Sablon differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Boa_Vista b/msys2/usr/share/zoneinfo/right/America/Boa_Vista
index 664d3b8b3..3753ffb01 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Boa_Vista and b/msys2/usr/share/zoneinfo/right/America/Boa_Vista differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Bogota b/msys2/usr/share/zoneinfo/right/America/Bogota
index a39a9055a..d4624d94a 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Bogota and b/msys2/usr/share/zoneinfo/right/America/Bogota differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Boise b/msys2/usr/share/zoneinfo/right/America/Boise
index ec4f19aa6..3fcd93f8d 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Boise and b/msys2/usr/share/zoneinfo/right/America/Boise differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Buenos_Aires b/msys2/usr/share/zoneinfo/right/America/Buenos_Aires
index 6261be6bd..9d008e5c7 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Buenos_Aires and b/msys2/usr/share/zoneinfo/right/America/Buenos_Aires differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Cambridge_Bay b/msys2/usr/share/zoneinfo/right/America/Cambridge_Bay
index e75157d95..daf5c05ac 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Cambridge_Bay and b/msys2/usr/share/zoneinfo/right/America/Cambridge_Bay differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Campo_Grande b/msys2/usr/share/zoneinfo/right/America/Campo_Grande
index d8b20eb66..279bcfde9 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Campo_Grande and b/msys2/usr/share/zoneinfo/right/America/Campo_Grande differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Cancun b/msys2/usr/share/zoneinfo/right/America/Cancun
index 7d022fb71..4e5354738 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Cancun and b/msys2/usr/share/zoneinfo/right/America/Cancun differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Caracas b/msys2/usr/share/zoneinfo/right/America/Caracas
index e5c819b27..27f614ebd 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Caracas and b/msys2/usr/share/zoneinfo/right/America/Caracas differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Catamarca b/msys2/usr/share/zoneinfo/right/America/Catamarca
index 5bb711b64..32df7c816 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Catamarca and b/msys2/usr/share/zoneinfo/right/America/Catamarca differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Cayenne b/msys2/usr/share/zoneinfo/right/America/Cayenne
index b1ecc18b1..4bc07a2ee 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Cayenne and b/msys2/usr/share/zoneinfo/right/America/Cayenne differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Cayman b/msys2/usr/share/zoneinfo/right/America/Cayman
index 4c8f404b6..878860b36 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Cayman and b/msys2/usr/share/zoneinfo/right/America/Cayman differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Chicago b/msys2/usr/share/zoneinfo/right/America/Chicago
index 291306c36..8595210ef 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Chicago and b/msys2/usr/share/zoneinfo/right/America/Chicago differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Chihuahua b/msys2/usr/share/zoneinfo/right/America/Chihuahua
index 5b08d078c..39c336790 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Chihuahua and b/msys2/usr/share/zoneinfo/right/America/Chihuahua differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Coral_Harbour b/msys2/usr/share/zoneinfo/right/America/Coral_Harbour
index fc0d704ed..c4d7e224e 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Coral_Harbour and b/msys2/usr/share/zoneinfo/right/America/Coral_Harbour differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Cordoba b/msys2/usr/share/zoneinfo/right/America/Cordoba
index 51dd6ad5e..0c08d1249 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Cordoba and b/msys2/usr/share/zoneinfo/right/America/Cordoba differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Costa_Rica b/msys2/usr/share/zoneinfo/right/America/Costa_Rica
index 2b6b1edde..f3045c2ae 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Costa_Rica and b/msys2/usr/share/zoneinfo/right/America/Costa_Rica differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Creston b/msys2/usr/share/zoneinfo/right/America/Creston
index bee13c4f7..9fb40502d 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Creston and b/msys2/usr/share/zoneinfo/right/America/Creston differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Cuiaba b/msys2/usr/share/zoneinfo/right/America/Cuiaba
index b7cc05dd5..a1567a6ee 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Cuiaba and b/msys2/usr/share/zoneinfo/right/America/Cuiaba differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Curacao b/msys2/usr/share/zoneinfo/right/America/Curacao
index e573b296f..e6555e2cb 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Curacao and b/msys2/usr/share/zoneinfo/right/America/Curacao differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Danmarkshavn b/msys2/usr/share/zoneinfo/right/America/Danmarkshavn
index df481bda9..6894b9d4f 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Danmarkshavn and b/msys2/usr/share/zoneinfo/right/America/Danmarkshavn differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Dawson b/msys2/usr/share/zoneinfo/right/America/Dawson
index 7c2c41afd..76a727b12 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Dawson and b/msys2/usr/share/zoneinfo/right/America/Dawson differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Dawson_Creek b/msys2/usr/share/zoneinfo/right/America/Dawson_Creek
index 483228f5b..6a0f46572 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Dawson_Creek and b/msys2/usr/share/zoneinfo/right/America/Dawson_Creek differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Denver b/msys2/usr/share/zoneinfo/right/America/Denver
index d482f3910..155b296ee 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Denver and b/msys2/usr/share/zoneinfo/right/America/Denver differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Detroit b/msys2/usr/share/zoneinfo/right/America/Detroit
index 3ab92ff34..9e063e187 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Detroit and b/msys2/usr/share/zoneinfo/right/America/Detroit differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Dominica b/msys2/usr/share/zoneinfo/right/America/Dominica
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Dominica and b/msys2/usr/share/zoneinfo/right/America/Dominica differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Edmonton b/msys2/usr/share/zoneinfo/right/America/Edmonton
index 25c58306f..8057b3151 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Edmonton and b/msys2/usr/share/zoneinfo/right/America/Edmonton differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Eirunepe b/msys2/usr/share/zoneinfo/right/America/Eirunepe
index c36c7acb5..7dd8424de 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Eirunepe and b/msys2/usr/share/zoneinfo/right/America/Eirunepe differ
diff --git a/msys2/usr/share/zoneinfo/right/America/El_Salvador b/msys2/usr/share/zoneinfo/right/America/El_Salvador
index e8a23176c..f9c8c2c32 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/El_Salvador and b/msys2/usr/share/zoneinfo/right/America/El_Salvador differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Ensenada b/msys2/usr/share/zoneinfo/right/America/Ensenada
index b89adf4d7..54e9d3ba1 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Ensenada and b/msys2/usr/share/zoneinfo/right/America/Ensenada differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Fort_Nelson b/msys2/usr/share/zoneinfo/right/America/Fort_Nelson
index dd514bd03..e3a928232 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Fort_Nelson and b/msys2/usr/share/zoneinfo/right/America/Fort_Nelson differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Fort_Wayne b/msys2/usr/share/zoneinfo/right/America/Fort_Wayne
index facb528e2..df3e99933 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Fort_Wayne and b/msys2/usr/share/zoneinfo/right/America/Fort_Wayne differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Fortaleza b/msys2/usr/share/zoneinfo/right/America/Fortaleza
index e886c6927..f3d709a94 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Fortaleza and b/msys2/usr/share/zoneinfo/right/America/Fortaleza differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Glace_Bay b/msys2/usr/share/zoneinfo/right/America/Glace_Bay
index 5b9a01255..4ce4c6c54 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Glace_Bay and b/msys2/usr/share/zoneinfo/right/America/Glace_Bay differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Godthab b/msys2/usr/share/zoneinfo/right/America/Godthab
index a12fafdcb..01f720f25 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Godthab and b/msys2/usr/share/zoneinfo/right/America/Godthab differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Goose_Bay b/msys2/usr/share/zoneinfo/right/America/Goose_Bay
index dded3a355..ac210486f 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Goose_Bay and b/msys2/usr/share/zoneinfo/right/America/Goose_Bay differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Grand_Turk b/msys2/usr/share/zoneinfo/right/America/Grand_Turk
index 542832b7c..ac311ac1e 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Grand_Turk and b/msys2/usr/share/zoneinfo/right/America/Grand_Turk differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Grenada b/msys2/usr/share/zoneinfo/right/America/Grenada
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Grenada and b/msys2/usr/share/zoneinfo/right/America/Grenada differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Guadeloupe b/msys2/usr/share/zoneinfo/right/America/Guadeloupe
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Guadeloupe and b/msys2/usr/share/zoneinfo/right/America/Guadeloupe differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Guatemala b/msys2/usr/share/zoneinfo/right/America/Guatemala
index 487ec181f..21a7f3749 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Guatemala and b/msys2/usr/share/zoneinfo/right/America/Guatemala differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Guayaquil b/msys2/usr/share/zoneinfo/right/America/Guayaquil
index f0a9a1201..619cc9208 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Guayaquil and b/msys2/usr/share/zoneinfo/right/America/Guayaquil differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Guyana b/msys2/usr/share/zoneinfo/right/America/Guyana
index b06b32ab3..099d8fd97 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Guyana and b/msys2/usr/share/zoneinfo/right/America/Guyana differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Halifax b/msys2/usr/share/zoneinfo/right/America/Halifax
index 7e687bded..907433594 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Halifax and b/msys2/usr/share/zoneinfo/right/America/Halifax differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Havana b/msys2/usr/share/zoneinfo/right/America/Havana
index 76ead1997..5ced0a034 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Havana and b/msys2/usr/share/zoneinfo/right/America/Havana differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Hermosillo b/msys2/usr/share/zoneinfo/right/America/Hermosillo
index e295e2c8f..c0fa20dc5 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Hermosillo and b/msys2/usr/share/zoneinfo/right/America/Hermosillo differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indiana/Indianapolis b/msys2/usr/share/zoneinfo/right/America/Indiana/Indianapolis
index facb528e2..df3e99933 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indiana/Indianapolis and b/msys2/usr/share/zoneinfo/right/America/Indiana/Indianapolis differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indiana/Knox b/msys2/usr/share/zoneinfo/right/America/Indiana/Knox
index 3780e2a70..9945994e2 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indiana/Knox and b/msys2/usr/share/zoneinfo/right/America/Indiana/Knox differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indiana/Marengo b/msys2/usr/share/zoneinfo/right/America/Indiana/Marengo
index 6751ee6e6..7e9991a34 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indiana/Marengo and b/msys2/usr/share/zoneinfo/right/America/Indiana/Marengo differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indiana/Petersburg b/msys2/usr/share/zoneinfo/right/America/Indiana/Petersburg
index 3f04dc04b..797d0ab49 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indiana/Petersburg and b/msys2/usr/share/zoneinfo/right/America/Indiana/Petersburg differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indiana/Tell_City b/msys2/usr/share/zoneinfo/right/America/Indiana/Tell_City
index 9fa1e4cba..2ae225ded 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indiana/Tell_City and b/msys2/usr/share/zoneinfo/right/America/Indiana/Tell_City differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indiana/Vevay b/msys2/usr/share/zoneinfo/right/America/Indiana/Vevay
index c036795aa..22f46a0f7 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indiana/Vevay and b/msys2/usr/share/zoneinfo/right/America/Indiana/Vevay differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indiana/Vincennes b/msys2/usr/share/zoneinfo/right/America/Indiana/Vincennes
index 1127391ee..f6a03ad72 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indiana/Vincennes and b/msys2/usr/share/zoneinfo/right/America/Indiana/Vincennes differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indiana/Winamac b/msys2/usr/share/zoneinfo/right/America/Indiana/Winamac
index 6fbfb9612..f8f6f744d 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indiana/Winamac and b/msys2/usr/share/zoneinfo/right/America/Indiana/Winamac differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Indianapolis b/msys2/usr/share/zoneinfo/right/America/Indianapolis
index facb528e2..df3e99933 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Indianapolis and b/msys2/usr/share/zoneinfo/right/America/Indianapolis differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Inuvik b/msys2/usr/share/zoneinfo/right/America/Inuvik
index d96d53802..b90472545 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Inuvik and b/msys2/usr/share/zoneinfo/right/America/Inuvik differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Iqaluit b/msys2/usr/share/zoneinfo/right/America/Iqaluit
index d474c6bb8..ccb2234f3 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Iqaluit and b/msys2/usr/share/zoneinfo/right/America/Iqaluit differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Jamaica b/msys2/usr/share/zoneinfo/right/America/Jamaica
index 0ea55bf4b..3c1a2c3dc 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Jamaica and b/msys2/usr/share/zoneinfo/right/America/Jamaica differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Jujuy b/msys2/usr/share/zoneinfo/right/America/Jujuy
index 4ce085b66..09c694766 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Jujuy and b/msys2/usr/share/zoneinfo/right/America/Jujuy differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Juneau b/msys2/usr/share/zoneinfo/right/America/Juneau
index 74ea138f6..cc0368083 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Juneau and b/msys2/usr/share/zoneinfo/right/America/Juneau differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Kentucky/Louisville b/msys2/usr/share/zoneinfo/right/America/Kentucky/Louisville
index d7ae2db6d..afd7289f5 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Kentucky/Louisville and b/msys2/usr/share/zoneinfo/right/America/Kentucky/Louisville differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Kentucky/Monticello b/msys2/usr/share/zoneinfo/right/America/Kentucky/Monticello
index 42570d9f2..6d26e943c 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Kentucky/Monticello and b/msys2/usr/share/zoneinfo/right/America/Kentucky/Monticello differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Knox_IN b/msys2/usr/share/zoneinfo/right/America/Knox_IN
index 3780e2a70..9945994e2 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Knox_IN and b/msys2/usr/share/zoneinfo/right/America/Knox_IN differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Kralendijk b/msys2/usr/share/zoneinfo/right/America/Kralendijk
index e573b296f..e6555e2cb 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Kralendijk and b/msys2/usr/share/zoneinfo/right/America/Kralendijk differ
diff --git a/msys2/usr/share/zoneinfo/right/America/La_Paz b/msys2/usr/share/zoneinfo/right/America/La_Paz
index ae88df2c8..0998cf03c 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/La_Paz and b/msys2/usr/share/zoneinfo/right/America/La_Paz differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Lima b/msys2/usr/share/zoneinfo/right/America/Lima
index 06ecb9b55..c4fc445ec 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Lima and b/msys2/usr/share/zoneinfo/right/America/Lima differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Los_Angeles b/msys2/usr/share/zoneinfo/right/America/Los_Angeles
index 7488b09d6..298070976 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Los_Angeles and b/msys2/usr/share/zoneinfo/right/America/Los_Angeles differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Louisville b/msys2/usr/share/zoneinfo/right/America/Louisville
index d7ae2db6d..afd7289f5 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Louisville and b/msys2/usr/share/zoneinfo/right/America/Louisville differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Lower_Princes b/msys2/usr/share/zoneinfo/right/America/Lower_Princes
index e573b296f..e6555e2cb 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Lower_Princes and b/msys2/usr/share/zoneinfo/right/America/Lower_Princes differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Maceio b/msys2/usr/share/zoneinfo/right/America/Maceio
index 39c937dd6..9bb71a5a2 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Maceio and b/msys2/usr/share/zoneinfo/right/America/Maceio differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Managua b/msys2/usr/share/zoneinfo/right/America/Managua
index d1fc89e68..1bae63aad 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Managua and b/msys2/usr/share/zoneinfo/right/America/Managua differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Manaus b/msys2/usr/share/zoneinfo/right/America/Manaus
index 98a2f2b56..cc5a5beef 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Manaus and b/msys2/usr/share/zoneinfo/right/America/Manaus differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Marigot b/msys2/usr/share/zoneinfo/right/America/Marigot
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Marigot and b/msys2/usr/share/zoneinfo/right/America/Marigot differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Martinique b/msys2/usr/share/zoneinfo/right/America/Martinique
index 81b7fad7d..36bf9f695 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Martinique and b/msys2/usr/share/zoneinfo/right/America/Martinique differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Matamoros b/msys2/usr/share/zoneinfo/right/America/Matamoros
index 2683c8559..b7cc4ef9c 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Matamoros and b/msys2/usr/share/zoneinfo/right/America/Matamoros differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Mazatlan b/msys2/usr/share/zoneinfo/right/America/Mazatlan
index 7e0968597..1090c774f 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Mazatlan and b/msys2/usr/share/zoneinfo/right/America/Mazatlan differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Mendoza b/msys2/usr/share/zoneinfo/right/America/Mendoza
index 25ce2c8dc..f178de3db 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Mendoza and b/msys2/usr/share/zoneinfo/right/America/Mendoza differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Menominee b/msys2/usr/share/zoneinfo/right/America/Menominee
index 3f34dd07f..4e6f4e1b0 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Menominee and b/msys2/usr/share/zoneinfo/right/America/Menominee differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Merida b/msys2/usr/share/zoneinfo/right/America/Merida
index d8667daac..eb5356ffc 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Merida and b/msys2/usr/share/zoneinfo/right/America/Merida differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Metlakatla b/msys2/usr/share/zoneinfo/right/America/Metlakatla
index 60e38dbed..d8be3b94b 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Metlakatla and b/msys2/usr/share/zoneinfo/right/America/Metlakatla differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Mexico_City b/msys2/usr/share/zoneinfo/right/America/Mexico_City
index fab49cba9..fa5cedeea 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Mexico_City and b/msys2/usr/share/zoneinfo/right/America/Mexico_City differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Miquelon b/msys2/usr/share/zoneinfo/right/America/Miquelon
index 743d0849a..0bf5a5c6a 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Miquelon and b/msys2/usr/share/zoneinfo/right/America/Miquelon differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Moncton b/msys2/usr/share/zoneinfo/right/America/Moncton
index be32542ef..755dadcdd 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Moncton and b/msys2/usr/share/zoneinfo/right/America/Moncton differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Monterrey b/msys2/usr/share/zoneinfo/right/America/Monterrey
index 5a8a596ec..fd3b096c3 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Monterrey and b/msys2/usr/share/zoneinfo/right/America/Monterrey differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Montevideo b/msys2/usr/share/zoneinfo/right/America/Montevideo
index 67a9bccce..436f0557d 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Montevideo and b/msys2/usr/share/zoneinfo/right/America/Montevideo differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Montreal b/msys2/usr/share/zoneinfo/right/America/Montreal
index 4feb7e6c8..bc61d6373 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Montreal and b/msys2/usr/share/zoneinfo/right/America/Montreal differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Montserrat b/msys2/usr/share/zoneinfo/right/America/Montserrat
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Montserrat and b/msys2/usr/share/zoneinfo/right/America/Montserrat differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Nassau b/msys2/usr/share/zoneinfo/right/America/Nassau
index 1ed8d74ac..df9238077 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Nassau and b/msys2/usr/share/zoneinfo/right/America/Nassau differ
diff --git a/msys2/usr/share/zoneinfo/right/America/New_York b/msys2/usr/share/zoneinfo/right/America/New_York
index 1436d6473..6a058e9bd 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/New_York and b/msys2/usr/share/zoneinfo/right/America/New_York differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Nipigon b/msys2/usr/share/zoneinfo/right/America/Nipigon
index 6afbf5ffb..d7dc00f8c 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Nipigon and b/msys2/usr/share/zoneinfo/right/America/Nipigon differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Nome b/msys2/usr/share/zoneinfo/right/America/Nome
index cedd74186..08987c28d 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Nome and b/msys2/usr/share/zoneinfo/right/America/Nome differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Noronha b/msys2/usr/share/zoneinfo/right/America/Noronha
index eb1f79978..be0979aa8 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Noronha and b/msys2/usr/share/zoneinfo/right/America/Noronha differ
diff --git a/msys2/usr/share/zoneinfo/right/America/North_Dakota/Beulah b/msys2/usr/share/zoneinfo/right/America/North_Dakota/Beulah
index dccbb56ce..b817da420 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/North_Dakota/Beulah and b/msys2/usr/share/zoneinfo/right/America/North_Dakota/Beulah differ
diff --git a/msys2/usr/share/zoneinfo/right/America/North_Dakota/Center b/msys2/usr/share/zoneinfo/right/America/North_Dakota/Center
index 83968b9db..f61672890 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/North_Dakota/Center and b/msys2/usr/share/zoneinfo/right/America/North_Dakota/Center differ
diff --git a/msys2/usr/share/zoneinfo/right/America/North_Dakota/New_Salem b/msys2/usr/share/zoneinfo/right/America/North_Dakota/New_Salem
index a91af6c9e..d84f59ff1 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/North_Dakota/New_Salem and b/msys2/usr/share/zoneinfo/right/America/North_Dakota/New_Salem differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Ojinaga b/msys2/usr/share/zoneinfo/right/America/Ojinaga
index 6c677b28e..b18414d3b 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Ojinaga and b/msys2/usr/share/zoneinfo/right/America/Ojinaga differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Panama b/msys2/usr/share/zoneinfo/right/America/Panama
index 4c8f404b6..878860b36 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Panama and b/msys2/usr/share/zoneinfo/right/America/Panama differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Pangnirtung b/msys2/usr/share/zoneinfo/right/America/Pangnirtung
index 52a3d1ef9..a66c11129 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Pangnirtung and b/msys2/usr/share/zoneinfo/right/America/Pangnirtung differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Paramaribo b/msys2/usr/share/zoneinfo/right/America/Paramaribo
index 2aa5ade0a..1d9c4525d 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Paramaribo and b/msys2/usr/share/zoneinfo/right/America/Paramaribo differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Phoenix b/msys2/usr/share/zoneinfo/right/America/Phoenix
index 06394ba06..e89241146 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Phoenix and b/msys2/usr/share/zoneinfo/right/America/Phoenix differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Port-au-Prince b/msys2/usr/share/zoneinfo/right/America/Port-au-Prince
index 1dbcea92f..1306bbbbb 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Port-au-Prince and b/msys2/usr/share/zoneinfo/right/America/Port-au-Prince differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Port_of_Spain b/msys2/usr/share/zoneinfo/right/America/Port_of_Spain
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Port_of_Spain and b/msys2/usr/share/zoneinfo/right/America/Port_of_Spain differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Porto_Acre b/msys2/usr/share/zoneinfo/right/America/Porto_Acre
index 432bc2bee..e20b73384 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Porto_Acre and b/msys2/usr/share/zoneinfo/right/America/Porto_Acre differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Porto_Velho b/msys2/usr/share/zoneinfo/right/America/Porto_Velho
index 709758ae9..f3e6767ec 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Porto_Velho and b/msys2/usr/share/zoneinfo/right/America/Porto_Velho differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Puerto_Rico b/msys2/usr/share/zoneinfo/right/America/Puerto_Rico
index 8d099a8b5..85937cbde 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Puerto_Rico and b/msys2/usr/share/zoneinfo/right/America/Puerto_Rico differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Punta_Arenas b/msys2/usr/share/zoneinfo/right/America/Punta_Arenas
index e8993d51e..56d9ab1d0 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Punta_Arenas and b/msys2/usr/share/zoneinfo/right/America/Punta_Arenas differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Rainy_River b/msys2/usr/share/zoneinfo/right/America/Rainy_River
index 0dcd43fcb..298fbda4f 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Rainy_River and b/msys2/usr/share/zoneinfo/right/America/Rainy_River differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Rankin_Inlet b/msys2/usr/share/zoneinfo/right/America/Rankin_Inlet
index 514dd080c..cce004e99 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Rankin_Inlet and b/msys2/usr/share/zoneinfo/right/America/Rankin_Inlet differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Recife b/msys2/usr/share/zoneinfo/right/America/Recife
index b5d651c82..235e212ce 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Recife and b/msys2/usr/share/zoneinfo/right/America/Recife differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Regina b/msys2/usr/share/zoneinfo/right/America/Regina
index 7089b1469..a30dc8bc9 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Regina and b/msys2/usr/share/zoneinfo/right/America/Regina differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Resolute b/msys2/usr/share/zoneinfo/right/America/Resolute
index 2bf02034a..2c304b7ed 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Resolute and b/msys2/usr/share/zoneinfo/right/America/Resolute differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Rio_Branco b/msys2/usr/share/zoneinfo/right/America/Rio_Branco
index 432bc2bee..e20b73384 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Rio_Branco and b/msys2/usr/share/zoneinfo/right/America/Rio_Branco differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Rosario b/msys2/usr/share/zoneinfo/right/America/Rosario
index 51dd6ad5e..0c08d1249 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Rosario and b/msys2/usr/share/zoneinfo/right/America/Rosario differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Santa_Isabel b/msys2/usr/share/zoneinfo/right/America/Santa_Isabel
index b89adf4d7..54e9d3ba1 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Santa_Isabel and b/msys2/usr/share/zoneinfo/right/America/Santa_Isabel differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Santarem b/msys2/usr/share/zoneinfo/right/America/Santarem
index dbd7151c3..7d478a8bf 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Santarem and b/msys2/usr/share/zoneinfo/right/America/Santarem differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Santiago b/msys2/usr/share/zoneinfo/right/America/Santiago
index a3c8230e3..48ff2f47d 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Santiago and b/msys2/usr/share/zoneinfo/right/America/Santiago differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Santo_Domingo b/msys2/usr/share/zoneinfo/right/America/Santo_Domingo
index 94d2461c0..be6099eeb 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Santo_Domingo and b/msys2/usr/share/zoneinfo/right/America/Santo_Domingo differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Sao_Paulo b/msys2/usr/share/zoneinfo/right/America/Sao_Paulo
index bac29b4ed..da6b0020d 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Sao_Paulo and b/msys2/usr/share/zoneinfo/right/America/Sao_Paulo differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Scoresbysund b/msys2/usr/share/zoneinfo/right/America/Scoresbysund
index 89d2d8565..24719895a 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Scoresbysund and b/msys2/usr/share/zoneinfo/right/America/Scoresbysund differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Shiprock b/msys2/usr/share/zoneinfo/right/America/Shiprock
index d482f3910..155b296ee 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Shiprock and b/msys2/usr/share/zoneinfo/right/America/Shiprock differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Sitka b/msys2/usr/share/zoneinfo/right/America/Sitka
index e6e740773..06bf3fc87 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Sitka and b/msys2/usr/share/zoneinfo/right/America/Sitka differ
diff --git a/msys2/usr/share/zoneinfo/right/America/St_Barthelemy b/msys2/usr/share/zoneinfo/right/America/St_Barthelemy
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/St_Barthelemy and b/msys2/usr/share/zoneinfo/right/America/St_Barthelemy differ
diff --git a/msys2/usr/share/zoneinfo/right/America/St_Johns b/msys2/usr/share/zoneinfo/right/America/St_Johns
index 6968b2b3a..fed29a72a 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/St_Johns and b/msys2/usr/share/zoneinfo/right/America/St_Johns differ
diff --git a/msys2/usr/share/zoneinfo/right/America/St_Kitts b/msys2/usr/share/zoneinfo/right/America/St_Kitts
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/St_Kitts and b/msys2/usr/share/zoneinfo/right/America/St_Kitts differ
diff --git a/msys2/usr/share/zoneinfo/right/America/St_Lucia b/msys2/usr/share/zoneinfo/right/America/St_Lucia
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/St_Lucia and b/msys2/usr/share/zoneinfo/right/America/St_Lucia differ
diff --git a/msys2/usr/share/zoneinfo/right/America/St_Thomas b/msys2/usr/share/zoneinfo/right/America/St_Thomas
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/St_Thomas and b/msys2/usr/share/zoneinfo/right/America/St_Thomas differ
diff --git a/msys2/usr/share/zoneinfo/right/America/St_Vincent b/msys2/usr/share/zoneinfo/right/America/St_Vincent
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/St_Vincent and b/msys2/usr/share/zoneinfo/right/America/St_Vincent differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Swift_Current b/msys2/usr/share/zoneinfo/right/America/Swift_Current
index 65f35540a..4f183ba8a 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Swift_Current and b/msys2/usr/share/zoneinfo/right/America/Swift_Current differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Tegucigalpa b/msys2/usr/share/zoneinfo/right/America/Tegucigalpa
index f7c589a00..80d5165f9 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Tegucigalpa and b/msys2/usr/share/zoneinfo/right/America/Tegucigalpa differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Thule b/msys2/usr/share/zoneinfo/right/America/Thule
index 24684de30..2f8df9dcc 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Thule and b/msys2/usr/share/zoneinfo/right/America/Thule differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Thunder_Bay b/msys2/usr/share/zoneinfo/right/America/Thunder_Bay
index 44ac1b613..a48018dc9 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Thunder_Bay and b/msys2/usr/share/zoneinfo/right/America/Thunder_Bay differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Tijuana b/msys2/usr/share/zoneinfo/right/America/Tijuana
index b89adf4d7..54e9d3ba1 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Tijuana and b/msys2/usr/share/zoneinfo/right/America/Tijuana differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Toronto b/msys2/usr/share/zoneinfo/right/America/Toronto
index 4feb7e6c8..bc61d6373 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Toronto and b/msys2/usr/share/zoneinfo/right/America/Toronto differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Tortola b/msys2/usr/share/zoneinfo/right/America/Tortola
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Tortola and b/msys2/usr/share/zoneinfo/right/America/Tortola differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Vancouver b/msys2/usr/share/zoneinfo/right/America/Vancouver
index ed712335d..71250196b 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Vancouver and b/msys2/usr/share/zoneinfo/right/America/Vancouver differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Virgin b/msys2/usr/share/zoneinfo/right/America/Virgin
index 4a1ced608..5ed386544 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Virgin and b/msys2/usr/share/zoneinfo/right/America/Virgin differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Whitehorse b/msys2/usr/share/zoneinfo/right/America/Whitehorse
index 633759a9b..e1f18af6f 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Whitehorse and b/msys2/usr/share/zoneinfo/right/America/Whitehorse differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Winnipeg b/msys2/usr/share/zoneinfo/right/America/Winnipeg
index bc1537c15..1451f68fa 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Winnipeg and b/msys2/usr/share/zoneinfo/right/America/Winnipeg differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Yakutat b/msys2/usr/share/zoneinfo/right/America/Yakutat
index 6e0c64f1f..da5aaa9b4 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Yakutat and b/msys2/usr/share/zoneinfo/right/America/Yakutat differ
diff --git a/msys2/usr/share/zoneinfo/right/America/Yellowknife b/msys2/usr/share/zoneinfo/right/America/Yellowknife
index 5471ed420..8643f0450 100644
Binary files a/msys2/usr/share/zoneinfo/right/America/Yellowknife and b/msys2/usr/share/zoneinfo/right/America/Yellowknife differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Casey b/msys2/usr/share/zoneinfo/right/Antarctica/Casey
index 1cde60eb0..4061a2127 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Casey and b/msys2/usr/share/zoneinfo/right/Antarctica/Casey differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Davis b/msys2/usr/share/zoneinfo/right/Antarctica/Davis
index cd1cf7a60..662aa0098 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Davis and b/msys2/usr/share/zoneinfo/right/Antarctica/Davis differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/DumontDUrville b/msys2/usr/share/zoneinfo/right/Antarctica/DumontDUrville
index 9688b639a..ab2e6165b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/DumontDUrville and b/msys2/usr/share/zoneinfo/right/Antarctica/DumontDUrville differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Macquarie b/msys2/usr/share/zoneinfo/right/Antarctica/Macquarie
index dcf419145..b35c8e015 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Macquarie and b/msys2/usr/share/zoneinfo/right/Antarctica/Macquarie differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Mawson b/msys2/usr/share/zoneinfo/right/Antarctica/Mawson
index 4adfd569d..215c8b772 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Mawson and b/msys2/usr/share/zoneinfo/right/Antarctica/Mawson differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/McMurdo b/msys2/usr/share/zoneinfo/right/Antarctica/McMurdo
index ad08d4055..cd612425a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/McMurdo and b/msys2/usr/share/zoneinfo/right/Antarctica/McMurdo differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Palmer b/msys2/usr/share/zoneinfo/right/Antarctica/Palmer
index 2f7470383..6a2276261 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Palmer and b/msys2/usr/share/zoneinfo/right/Antarctica/Palmer differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Rothera b/msys2/usr/share/zoneinfo/right/Antarctica/Rothera
index 9ee21748f..a0ee18b87 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Rothera and b/msys2/usr/share/zoneinfo/right/Antarctica/Rothera differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/South_Pole b/msys2/usr/share/zoneinfo/right/Antarctica/South_Pole
index ad08d4055..cd612425a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/South_Pole and b/msys2/usr/share/zoneinfo/right/Antarctica/South_Pole differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Syowa b/msys2/usr/share/zoneinfo/right/Antarctica/Syowa
index cf897933f..2403c650c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Syowa and b/msys2/usr/share/zoneinfo/right/Antarctica/Syowa differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Troll b/msys2/usr/share/zoneinfo/right/Antarctica/Troll
index df6e91cd7..f7d366815 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Troll and b/msys2/usr/share/zoneinfo/right/Antarctica/Troll differ
diff --git a/msys2/usr/share/zoneinfo/right/Antarctica/Vostok b/msys2/usr/share/zoneinfo/right/Antarctica/Vostok
index 69ebf7898..ae700054d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Antarctica/Vostok and b/msys2/usr/share/zoneinfo/right/Antarctica/Vostok differ
diff --git a/msys2/usr/share/zoneinfo/right/Arctic/Longyearbyen b/msys2/usr/share/zoneinfo/right/Arctic/Longyearbyen
index 3d519c11d..4a8cdd1ed 100644
Binary files a/msys2/usr/share/zoneinfo/right/Arctic/Longyearbyen and b/msys2/usr/share/zoneinfo/right/Arctic/Longyearbyen differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Aden b/msys2/usr/share/zoneinfo/right/Asia/Aden
index dd8de6d61..09ecca5cc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Aden and b/msys2/usr/share/zoneinfo/right/Asia/Aden differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Almaty b/msys2/usr/share/zoneinfo/right/Asia/Almaty
index 26bf07b19..8ea586a7f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Almaty and b/msys2/usr/share/zoneinfo/right/Asia/Almaty differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Amman b/msys2/usr/share/zoneinfo/right/Asia/Amman
index 1e414d055..7b81993ec 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Amman and b/msys2/usr/share/zoneinfo/right/Asia/Amman differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Anadyr b/msys2/usr/share/zoneinfo/right/Asia/Anadyr
index 1a09506f8..6f94af56c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Anadyr and b/msys2/usr/share/zoneinfo/right/Asia/Anadyr differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Aqtau b/msys2/usr/share/zoneinfo/right/Asia/Aqtau
index 09272cd2e..9d9d18d66 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Aqtau and b/msys2/usr/share/zoneinfo/right/Asia/Aqtau differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Aqtobe b/msys2/usr/share/zoneinfo/right/Asia/Aqtobe
index d4caf702d..3263e6fd5 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Aqtobe and b/msys2/usr/share/zoneinfo/right/Asia/Aqtobe differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Ashgabat b/msys2/usr/share/zoneinfo/right/Asia/Ashgabat
index 7fc6edba2..a4802d743 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Ashgabat and b/msys2/usr/share/zoneinfo/right/Asia/Ashgabat differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Ashkhabad b/msys2/usr/share/zoneinfo/right/Asia/Ashkhabad
index 7fc6edba2..a4802d743 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Ashkhabad and b/msys2/usr/share/zoneinfo/right/Asia/Ashkhabad differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Atyrau b/msys2/usr/share/zoneinfo/right/Asia/Atyrau
index 239573065..b1c4ecff3 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Atyrau and b/msys2/usr/share/zoneinfo/right/Asia/Atyrau differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Baghdad b/msys2/usr/share/zoneinfo/right/Asia/Baghdad
index 0fa118ef6..8e6267be5 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Baghdad and b/msys2/usr/share/zoneinfo/right/Asia/Baghdad differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Bahrain b/msys2/usr/share/zoneinfo/right/Asia/Bahrain
index c5685e517..ad220750d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Bahrain and b/msys2/usr/share/zoneinfo/right/Asia/Bahrain differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Baku b/msys2/usr/share/zoneinfo/right/Asia/Baku
index 02fc5053b..ace4e224c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Baku and b/msys2/usr/share/zoneinfo/right/Asia/Baku differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Bangkok b/msys2/usr/share/zoneinfo/right/Asia/Bangkok
index 26de81d5c..a1da7bb4a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Bangkok and b/msys2/usr/share/zoneinfo/right/Asia/Bangkok differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Barnaul b/msys2/usr/share/zoneinfo/right/Asia/Barnaul
index d56d28bd2..510d5880a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Barnaul and b/msys2/usr/share/zoneinfo/right/Asia/Barnaul differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Beirut b/msys2/usr/share/zoneinfo/right/Asia/Beirut
index af284eb51..19b0eee1b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Beirut and b/msys2/usr/share/zoneinfo/right/Asia/Beirut differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Bishkek b/msys2/usr/share/zoneinfo/right/Asia/Bishkek
index 3cf5c1270..6f13fb3fb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Bishkek and b/msys2/usr/share/zoneinfo/right/Asia/Bishkek differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Brunei b/msys2/usr/share/zoneinfo/right/Asia/Brunei
index ea7aa0bd6..bbeb954bb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Brunei and b/msys2/usr/share/zoneinfo/right/Asia/Brunei differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Calcutta b/msys2/usr/share/zoneinfo/right/Asia/Calcutta
index 270614773..9d0828d90 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Calcutta and b/msys2/usr/share/zoneinfo/right/Asia/Calcutta differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Chita b/msys2/usr/share/zoneinfo/right/Asia/Chita
index c66eb799c..665b9dc83 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Chita and b/msys2/usr/share/zoneinfo/right/Asia/Chita differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Choibalsan b/msys2/usr/share/zoneinfo/right/Asia/Choibalsan
index 925131c09..691769364 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Choibalsan and b/msys2/usr/share/zoneinfo/right/Asia/Choibalsan differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Chongqing b/msys2/usr/share/zoneinfo/right/Asia/Chongqing
index 20e548b77..27f6760b4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Chongqing and b/msys2/usr/share/zoneinfo/right/Asia/Chongqing differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Chungking b/msys2/usr/share/zoneinfo/right/Asia/Chungking
index 20e548b77..27f6760b4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Chungking and b/msys2/usr/share/zoneinfo/right/Asia/Chungking differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Colombo b/msys2/usr/share/zoneinfo/right/Asia/Colombo
index 89f4cae4b..3674c7c2f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Colombo and b/msys2/usr/share/zoneinfo/right/Asia/Colombo differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Dacca b/msys2/usr/share/zoneinfo/right/Asia/Dacca
index 0b289c3de..7742858c4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Dacca and b/msys2/usr/share/zoneinfo/right/Asia/Dacca differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Damascus b/msys2/usr/share/zoneinfo/right/Asia/Damascus
index 4893776ba..328c01683 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Damascus and b/msys2/usr/share/zoneinfo/right/Asia/Damascus differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Dhaka b/msys2/usr/share/zoneinfo/right/Asia/Dhaka
index 0b289c3de..7742858c4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Dhaka and b/msys2/usr/share/zoneinfo/right/Asia/Dhaka differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Dili b/msys2/usr/share/zoneinfo/right/Asia/Dili
index bcbe0e2a8..7afb391bf 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Dili and b/msys2/usr/share/zoneinfo/right/Asia/Dili differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Dubai b/msys2/usr/share/zoneinfo/right/Asia/Dubai
index 947e01674..2210f172d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Dubai and b/msys2/usr/share/zoneinfo/right/Asia/Dubai differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Dushanbe b/msys2/usr/share/zoneinfo/right/Asia/Dushanbe
index 52ac0453d..55d6b61a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Dushanbe and b/msys2/usr/share/zoneinfo/right/Asia/Dushanbe differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Famagusta b/msys2/usr/share/zoneinfo/right/Asia/Famagusta
index 9f26f03c7..8534132d6 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Famagusta and b/msys2/usr/share/zoneinfo/right/Asia/Famagusta differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Gaza b/msys2/usr/share/zoneinfo/right/Asia/Gaza
index af96a690b..ed73b208e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Gaza and b/msys2/usr/share/zoneinfo/right/Asia/Gaza differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Harbin b/msys2/usr/share/zoneinfo/right/Asia/Harbin
index 20e548b77..27f6760b4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Harbin and b/msys2/usr/share/zoneinfo/right/Asia/Harbin differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Hebron b/msys2/usr/share/zoneinfo/right/Asia/Hebron
index b092de682..a438557a4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Hebron and b/msys2/usr/share/zoneinfo/right/Asia/Hebron differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Ho_Chi_Minh b/msys2/usr/share/zoneinfo/right/Asia/Ho_Chi_Minh
index a537f7a71..198567d69 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Ho_Chi_Minh and b/msys2/usr/share/zoneinfo/right/Asia/Ho_Chi_Minh differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Hong_Kong b/msys2/usr/share/zoneinfo/right/Asia/Hong_Kong
index 1a1101341..64496dc68 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Hong_Kong and b/msys2/usr/share/zoneinfo/right/Asia/Hong_Kong differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Hovd b/msys2/usr/share/zoneinfo/right/Asia/Hovd
index 86c9df857..0159038ea 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Hovd and b/msys2/usr/share/zoneinfo/right/Asia/Hovd differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Irkutsk b/msys2/usr/share/zoneinfo/right/Asia/Irkutsk
index f53830505..f429ac8f1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Irkutsk and b/msys2/usr/share/zoneinfo/right/Asia/Irkutsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Istanbul b/msys2/usr/share/zoneinfo/right/Asia/Istanbul
index 27933a5ce..b1c5be3a9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Istanbul and b/msys2/usr/share/zoneinfo/right/Asia/Istanbul differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Jakarta b/msys2/usr/share/zoneinfo/right/Asia/Jakarta
index 7ce771f7f..2f8d60373 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Jakarta and b/msys2/usr/share/zoneinfo/right/Asia/Jakarta differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Jayapura b/msys2/usr/share/zoneinfo/right/Asia/Jayapura
index a17112b1f..4c139bac7 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Jayapura and b/msys2/usr/share/zoneinfo/right/Asia/Jayapura differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Jerusalem b/msys2/usr/share/zoneinfo/right/Asia/Jerusalem
index 5cc48a386..235cd34a2 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Jerusalem and b/msys2/usr/share/zoneinfo/right/Asia/Jerusalem differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Kabul b/msys2/usr/share/zoneinfo/right/Asia/Kabul
index 16e9d5134..1c4e43b05 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Kabul and b/msys2/usr/share/zoneinfo/right/Asia/Kabul differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Kamchatka b/msys2/usr/share/zoneinfo/right/Asia/Kamchatka
index 19e2bb07e..ba205a197 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Kamchatka and b/msys2/usr/share/zoneinfo/right/Asia/Kamchatka differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Karachi b/msys2/usr/share/zoneinfo/right/Asia/Karachi
index e3264974e..74ad21d7b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Karachi and b/msys2/usr/share/zoneinfo/right/Asia/Karachi differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Kashgar b/msys2/usr/share/zoneinfo/right/Asia/Kashgar
index 4b7571e93..3e1b731dc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Kashgar and b/msys2/usr/share/zoneinfo/right/Asia/Kashgar differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Kathmandu b/msys2/usr/share/zoneinfo/right/Asia/Kathmandu
index 39c6dc77d..2be6d340c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Kathmandu and b/msys2/usr/share/zoneinfo/right/Asia/Kathmandu differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Katmandu b/msys2/usr/share/zoneinfo/right/Asia/Katmandu
index 39c6dc77d..2be6d340c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Katmandu and b/msys2/usr/share/zoneinfo/right/Asia/Katmandu differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Khandyga b/msys2/usr/share/zoneinfo/right/Asia/Khandyga
index 4da50189a..36c7f3bfb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Khandyga and b/msys2/usr/share/zoneinfo/right/Asia/Khandyga differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Kolkata b/msys2/usr/share/zoneinfo/right/Asia/Kolkata
index 270614773..9d0828d90 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Kolkata and b/msys2/usr/share/zoneinfo/right/Asia/Kolkata differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Krasnoyarsk b/msys2/usr/share/zoneinfo/right/Asia/Krasnoyarsk
index 9bd2f5009..983cd4b85 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Krasnoyarsk and b/msys2/usr/share/zoneinfo/right/Asia/Krasnoyarsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Kuala_Lumpur b/msys2/usr/share/zoneinfo/right/Asia/Kuala_Lumpur
index 65c291115..473e50fcb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Kuala_Lumpur and b/msys2/usr/share/zoneinfo/right/Asia/Kuala_Lumpur differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Kuching b/msys2/usr/share/zoneinfo/right/Asia/Kuching
index 58b739298..1ebd10978 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Kuching and b/msys2/usr/share/zoneinfo/right/Asia/Kuching differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Kuwait b/msys2/usr/share/zoneinfo/right/Asia/Kuwait
index dd8de6d61..09ecca5cc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Kuwait and b/msys2/usr/share/zoneinfo/right/Asia/Kuwait differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Macao b/msys2/usr/share/zoneinfo/right/Asia/Macao
index cab29481d..b526f790c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Macao and b/msys2/usr/share/zoneinfo/right/Asia/Macao differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Macau b/msys2/usr/share/zoneinfo/right/Asia/Macau
index cab29481d..b526f790c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Macau and b/msys2/usr/share/zoneinfo/right/Asia/Macau differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Magadan b/msys2/usr/share/zoneinfo/right/Asia/Magadan
index 0ffaaf362..981b4c6e8 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Magadan and b/msys2/usr/share/zoneinfo/right/Asia/Magadan differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Makassar b/msys2/usr/share/zoneinfo/right/Asia/Makassar
index d8ff592ba..70746e503 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Makassar and b/msys2/usr/share/zoneinfo/right/Asia/Makassar differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Manila b/msys2/usr/share/zoneinfo/right/Asia/Manila
index 778476f46..125f71a8b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Manila and b/msys2/usr/share/zoneinfo/right/Asia/Manila differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Muscat b/msys2/usr/share/zoneinfo/right/Asia/Muscat
index 947e01674..2210f172d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Muscat and b/msys2/usr/share/zoneinfo/right/Asia/Muscat differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Nicosia b/msys2/usr/share/zoneinfo/right/Asia/Nicosia
index 8cd89a3a1..d3aafd2de 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Nicosia and b/msys2/usr/share/zoneinfo/right/Asia/Nicosia differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Novokuznetsk b/msys2/usr/share/zoneinfo/right/Asia/Novokuznetsk
index 71d99bbbf..be4442527 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Novokuznetsk and b/msys2/usr/share/zoneinfo/right/Asia/Novokuznetsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Novosibirsk b/msys2/usr/share/zoneinfo/right/Asia/Novosibirsk
index e625fd399..11d9b1db6 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Novosibirsk and b/msys2/usr/share/zoneinfo/right/Asia/Novosibirsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Omsk b/msys2/usr/share/zoneinfo/right/Asia/Omsk
index 83df54d0c..1ccda4698 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Omsk and b/msys2/usr/share/zoneinfo/right/Asia/Omsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Oral b/msys2/usr/share/zoneinfo/right/Asia/Oral
index 4b62ab298..7c5e5431d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Oral and b/msys2/usr/share/zoneinfo/right/Asia/Oral differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Phnom_Penh b/msys2/usr/share/zoneinfo/right/Asia/Phnom_Penh
index 26de81d5c..a1da7bb4a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Phnom_Penh and b/msys2/usr/share/zoneinfo/right/Asia/Phnom_Penh differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Pontianak b/msys2/usr/share/zoneinfo/right/Asia/Pontianak
index 355686ab7..0c4dfb2b1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Pontianak and b/msys2/usr/share/zoneinfo/right/Asia/Pontianak differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Pyongyang b/msys2/usr/share/zoneinfo/right/Asia/Pyongyang
index b1711bfff..9b0b633af 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Pyongyang and b/msys2/usr/share/zoneinfo/right/Asia/Pyongyang differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Qatar b/msys2/usr/share/zoneinfo/right/Asia/Qatar
index c5685e517..ad220750d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Qatar and b/msys2/usr/share/zoneinfo/right/Asia/Qatar differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Qostanay b/msys2/usr/share/zoneinfo/right/Asia/Qostanay
new file mode 100644
index 000000000..a9069033e
Binary files /dev/null and b/msys2/usr/share/zoneinfo/right/Asia/Qostanay differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Qyzylorda b/msys2/usr/share/zoneinfo/right/Asia/Qyzylorda
index d7136fe3e..f686580dd 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Qyzylorda and b/msys2/usr/share/zoneinfo/right/Asia/Qyzylorda differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Rangoon b/msys2/usr/share/zoneinfo/right/Asia/Rangoon
index c694e1a40..7a33287f3 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Rangoon and b/msys2/usr/share/zoneinfo/right/Asia/Rangoon differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Riyadh b/msys2/usr/share/zoneinfo/right/Asia/Riyadh
index dd8de6d61..09ecca5cc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Riyadh and b/msys2/usr/share/zoneinfo/right/Asia/Riyadh differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Saigon b/msys2/usr/share/zoneinfo/right/Asia/Saigon
index a537f7a71..198567d69 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Saigon and b/msys2/usr/share/zoneinfo/right/Asia/Saigon differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Sakhalin b/msys2/usr/share/zoneinfo/right/Asia/Sakhalin
index 731503f90..d1a29e70f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Sakhalin and b/msys2/usr/share/zoneinfo/right/Asia/Sakhalin differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Samarkand b/msys2/usr/share/zoneinfo/right/Asia/Samarkand
index f670f0392..308fc06c3 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Samarkand and b/msys2/usr/share/zoneinfo/right/Asia/Samarkand differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Seoul b/msys2/usr/share/zoneinfo/right/Asia/Seoul
index ed91b228f..c5161584e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Seoul and b/msys2/usr/share/zoneinfo/right/Asia/Seoul differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Shanghai b/msys2/usr/share/zoneinfo/right/Asia/Shanghai
index 20e548b77..27f6760b4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Shanghai and b/msys2/usr/share/zoneinfo/right/Asia/Shanghai differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Singapore b/msys2/usr/share/zoneinfo/right/Asia/Singapore
index 8a2df894d..ee7925857 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Singapore and b/msys2/usr/share/zoneinfo/right/Asia/Singapore differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Srednekolymsk b/msys2/usr/share/zoneinfo/right/Asia/Srednekolymsk
index 8768478d8..895f6945e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Srednekolymsk and b/msys2/usr/share/zoneinfo/right/Asia/Srednekolymsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Taipei b/msys2/usr/share/zoneinfo/right/Asia/Taipei
index 7a92255d5..505d81f27 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Taipei and b/msys2/usr/share/zoneinfo/right/Asia/Taipei differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Tashkent b/msys2/usr/share/zoneinfo/right/Asia/Tashkent
index c30552ee9..d1c000431 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Tashkent and b/msys2/usr/share/zoneinfo/right/Asia/Tashkent differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Tbilisi b/msys2/usr/share/zoneinfo/right/Asia/Tbilisi
index c7f128946..536b1b795 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Tbilisi and b/msys2/usr/share/zoneinfo/right/Asia/Tbilisi differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Tehran b/msys2/usr/share/zoneinfo/right/Asia/Tehran
index f5f0059bc..9b45bdb64 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Tehran and b/msys2/usr/share/zoneinfo/right/Asia/Tehran differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Tel_Aviv b/msys2/usr/share/zoneinfo/right/Asia/Tel_Aviv
index 5cc48a386..235cd34a2 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Tel_Aviv and b/msys2/usr/share/zoneinfo/right/Asia/Tel_Aviv differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Thimbu b/msys2/usr/share/zoneinfo/right/Asia/Thimbu
index d9f92a6dd..df66ddfeb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Thimbu and b/msys2/usr/share/zoneinfo/right/Asia/Thimbu differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Thimphu b/msys2/usr/share/zoneinfo/right/Asia/Thimphu
index d9f92a6dd..df66ddfeb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Thimphu and b/msys2/usr/share/zoneinfo/right/Asia/Thimphu differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Tokyo b/msys2/usr/share/zoneinfo/right/Asia/Tokyo
index b9a8a151e..f757c2b8f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Tokyo and b/msys2/usr/share/zoneinfo/right/Asia/Tokyo differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Tomsk b/msys2/usr/share/zoneinfo/right/Asia/Tomsk
index 85bd633bc..794915ed3 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Tomsk and b/msys2/usr/share/zoneinfo/right/Asia/Tomsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Ujung_Pandang b/msys2/usr/share/zoneinfo/right/Asia/Ujung_Pandang
index d8ff592ba..70746e503 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Ujung_Pandang and b/msys2/usr/share/zoneinfo/right/Asia/Ujung_Pandang differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Ulaanbaatar b/msys2/usr/share/zoneinfo/right/Asia/Ulaanbaatar
index 93d16b901..310784be9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Ulaanbaatar and b/msys2/usr/share/zoneinfo/right/Asia/Ulaanbaatar differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Ulan_Bator b/msys2/usr/share/zoneinfo/right/Asia/Ulan_Bator
index 93d16b901..310784be9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Ulan_Bator and b/msys2/usr/share/zoneinfo/right/Asia/Ulan_Bator differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Urumqi b/msys2/usr/share/zoneinfo/right/Asia/Urumqi
index 4b7571e93..3e1b731dc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Urumqi and b/msys2/usr/share/zoneinfo/right/Asia/Urumqi differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Ust-Nera b/msys2/usr/share/zoneinfo/right/Asia/Ust-Nera
index 9fbb4a228..6ecd04941 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Ust-Nera and b/msys2/usr/share/zoneinfo/right/Asia/Ust-Nera differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Vientiane b/msys2/usr/share/zoneinfo/right/Asia/Vientiane
index 26de81d5c..a1da7bb4a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Vientiane and b/msys2/usr/share/zoneinfo/right/Asia/Vientiane differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Vladivostok b/msys2/usr/share/zoneinfo/right/Asia/Vladivostok
index 25f46dd0c..2a0169cde 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Vladivostok and b/msys2/usr/share/zoneinfo/right/Asia/Vladivostok differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Yakutsk b/msys2/usr/share/zoneinfo/right/Asia/Yakutsk
index 44bbe4b97..54e15e232 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Yakutsk and b/msys2/usr/share/zoneinfo/right/Asia/Yakutsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Yangon b/msys2/usr/share/zoneinfo/right/Asia/Yangon
index c694e1a40..7a33287f3 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Yangon and b/msys2/usr/share/zoneinfo/right/Asia/Yangon differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Yekaterinburg b/msys2/usr/share/zoneinfo/right/Asia/Yekaterinburg
index af43c6e77..7c3bcd58a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Yekaterinburg and b/msys2/usr/share/zoneinfo/right/Asia/Yekaterinburg differ
diff --git a/msys2/usr/share/zoneinfo/right/Asia/Yerevan b/msys2/usr/share/zoneinfo/right/Asia/Yerevan
index 892a88c17..ca0cee218 100644
Binary files a/msys2/usr/share/zoneinfo/right/Asia/Yerevan and b/msys2/usr/share/zoneinfo/right/Asia/Yerevan differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Azores b/msys2/usr/share/zoneinfo/right/Atlantic/Azores
index e078dc53b..e9dbc22bb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Azores and b/msys2/usr/share/zoneinfo/right/Atlantic/Azores differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Bermuda b/msys2/usr/share/zoneinfo/right/Atlantic/Bermuda
index a979cd59a..5563f0582 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Bermuda and b/msys2/usr/share/zoneinfo/right/Atlantic/Bermuda differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Canary b/msys2/usr/share/zoneinfo/right/Atlantic/Canary
index 8d5834270..93901bbfd 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Canary and b/msys2/usr/share/zoneinfo/right/Atlantic/Canary differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Cape_Verde b/msys2/usr/share/zoneinfo/right/Atlantic/Cape_Verde
index a84b4165a..fb30fb91a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Cape_Verde and b/msys2/usr/share/zoneinfo/right/Atlantic/Cape_Verde differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Faeroe b/msys2/usr/share/zoneinfo/right/Atlantic/Faeroe
index 25adec091..272ca2c34 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Faeroe and b/msys2/usr/share/zoneinfo/right/Atlantic/Faeroe differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Faroe b/msys2/usr/share/zoneinfo/right/Atlantic/Faroe
index 25adec091..272ca2c34 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Faroe and b/msys2/usr/share/zoneinfo/right/Atlantic/Faroe differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Jan_Mayen b/msys2/usr/share/zoneinfo/right/Atlantic/Jan_Mayen
index 3d519c11d..4a8cdd1ed 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Jan_Mayen and b/msys2/usr/share/zoneinfo/right/Atlantic/Jan_Mayen differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Madeira b/msys2/usr/share/zoneinfo/right/Atlantic/Madeira
index 2e35aaf7a..137eb600d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Madeira and b/msys2/usr/share/zoneinfo/right/Atlantic/Madeira differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Reykjavik b/msys2/usr/share/zoneinfo/right/Atlantic/Reykjavik
index d3079a80c..35106c260 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Reykjavik and b/msys2/usr/share/zoneinfo/right/Atlantic/Reykjavik differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/South_Georgia b/msys2/usr/share/zoneinfo/right/Atlantic/South_Georgia
index a50ba11d2..e5b0264a8 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/South_Georgia and b/msys2/usr/share/zoneinfo/right/Atlantic/South_Georgia differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/St_Helena b/msys2/usr/share/zoneinfo/right/Atlantic/St_Helena
index a762e1ad8..7793d79a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/St_Helena and b/msys2/usr/share/zoneinfo/right/Atlantic/St_Helena differ
diff --git a/msys2/usr/share/zoneinfo/right/Atlantic/Stanley b/msys2/usr/share/zoneinfo/right/Atlantic/Stanley
index c5049fdd5..6ebba130d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Atlantic/Stanley and b/msys2/usr/share/zoneinfo/right/Atlantic/Stanley differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/ACT b/msys2/usr/share/zoneinfo/right/Australia/ACT
index 0afeeb1f0..bf5b0df58 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/ACT and b/msys2/usr/share/zoneinfo/right/Australia/ACT differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Adelaide b/msys2/usr/share/zoneinfo/right/Australia/Adelaide
index 4d85ae601..04b40c6da 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Adelaide and b/msys2/usr/share/zoneinfo/right/Australia/Adelaide differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Brisbane b/msys2/usr/share/zoneinfo/right/Australia/Brisbane
index fee86a48c..89ce8a12d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Brisbane and b/msys2/usr/share/zoneinfo/right/Australia/Brisbane differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Broken_Hill b/msys2/usr/share/zoneinfo/right/Australia/Broken_Hill
index b55feb498..805998e5a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Broken_Hill and b/msys2/usr/share/zoneinfo/right/Australia/Broken_Hill differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Canberra b/msys2/usr/share/zoneinfo/right/Australia/Canberra
index 0afeeb1f0..bf5b0df58 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Canberra and b/msys2/usr/share/zoneinfo/right/Australia/Canberra differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Currie b/msys2/usr/share/zoneinfo/right/Australia/Currie
index adf573128..940d67499 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Currie and b/msys2/usr/share/zoneinfo/right/Australia/Currie differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Darwin b/msys2/usr/share/zoneinfo/right/Australia/Darwin
index 260b78600..f84d04cee 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Darwin and b/msys2/usr/share/zoneinfo/right/Australia/Darwin differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Eucla b/msys2/usr/share/zoneinfo/right/Australia/Eucla
index 72bb8a5f0..76ee2a8d1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Eucla and b/msys2/usr/share/zoneinfo/right/Australia/Eucla differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Hobart b/msys2/usr/share/zoneinfo/right/Australia/Hobart
index 595ef9511..3c1a92930 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Hobart and b/msys2/usr/share/zoneinfo/right/Australia/Hobart differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/LHI b/msys2/usr/share/zoneinfo/right/Australia/LHI
index 031e07f8e..f1e10e6af 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/LHI and b/msys2/usr/share/zoneinfo/right/Australia/LHI differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Lindeman b/msys2/usr/share/zoneinfo/right/Australia/Lindeman
index 2b851cfc2..7837ad042 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Lindeman and b/msys2/usr/share/zoneinfo/right/Australia/Lindeman differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Lord_Howe b/msys2/usr/share/zoneinfo/right/Australia/Lord_Howe
index 031e07f8e..f1e10e6af 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Lord_Howe and b/msys2/usr/share/zoneinfo/right/Australia/Lord_Howe differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Melbourne b/msys2/usr/share/zoneinfo/right/Australia/Melbourne
index 20b7ce0dc..190e882f5 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Melbourne and b/msys2/usr/share/zoneinfo/right/Australia/Melbourne differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/NSW b/msys2/usr/share/zoneinfo/right/Australia/NSW
index 0afeeb1f0..bf5b0df58 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/NSW and b/msys2/usr/share/zoneinfo/right/Australia/NSW differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/North b/msys2/usr/share/zoneinfo/right/Australia/North
index 260b78600..f84d04cee 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/North and b/msys2/usr/share/zoneinfo/right/Australia/North differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Perth b/msys2/usr/share/zoneinfo/right/Australia/Perth
index 77b2dba93..e9809780c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Perth and b/msys2/usr/share/zoneinfo/right/Australia/Perth differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Queensland b/msys2/usr/share/zoneinfo/right/Australia/Queensland
index fee86a48c..89ce8a12d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Queensland and b/msys2/usr/share/zoneinfo/right/Australia/Queensland differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/South b/msys2/usr/share/zoneinfo/right/Australia/South
index 4d85ae601..04b40c6da 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/South and b/msys2/usr/share/zoneinfo/right/Australia/South differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Sydney b/msys2/usr/share/zoneinfo/right/Australia/Sydney
index 0afeeb1f0..bf5b0df58 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Sydney and b/msys2/usr/share/zoneinfo/right/Australia/Sydney differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Tasmania b/msys2/usr/share/zoneinfo/right/Australia/Tasmania
index 595ef9511..3c1a92930 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Tasmania and b/msys2/usr/share/zoneinfo/right/Australia/Tasmania differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Victoria b/msys2/usr/share/zoneinfo/right/Australia/Victoria
index 20b7ce0dc..190e882f5 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Victoria and b/msys2/usr/share/zoneinfo/right/Australia/Victoria differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/West b/msys2/usr/share/zoneinfo/right/Australia/West
index 77b2dba93..e9809780c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/West and b/msys2/usr/share/zoneinfo/right/Australia/West differ
diff --git a/msys2/usr/share/zoneinfo/right/Australia/Yancowinna b/msys2/usr/share/zoneinfo/right/Australia/Yancowinna
index b55feb498..805998e5a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Australia/Yancowinna and b/msys2/usr/share/zoneinfo/right/Australia/Yancowinna differ
diff --git a/msys2/usr/share/zoneinfo/right/Brazil/Acre b/msys2/usr/share/zoneinfo/right/Brazil/Acre
index 432bc2bee..e20b73384 100644
Binary files a/msys2/usr/share/zoneinfo/right/Brazil/Acre and b/msys2/usr/share/zoneinfo/right/Brazil/Acre differ
diff --git a/msys2/usr/share/zoneinfo/right/Brazil/DeNoronha b/msys2/usr/share/zoneinfo/right/Brazil/DeNoronha
index eb1f79978..be0979aa8 100644
Binary files a/msys2/usr/share/zoneinfo/right/Brazil/DeNoronha and b/msys2/usr/share/zoneinfo/right/Brazil/DeNoronha differ
diff --git a/msys2/usr/share/zoneinfo/right/Brazil/East b/msys2/usr/share/zoneinfo/right/Brazil/East
index bac29b4ed..da6b0020d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Brazil/East and b/msys2/usr/share/zoneinfo/right/Brazil/East differ
diff --git a/msys2/usr/share/zoneinfo/right/Brazil/West b/msys2/usr/share/zoneinfo/right/Brazil/West
index 98a2f2b56..cc5a5beef 100644
Binary files a/msys2/usr/share/zoneinfo/right/Brazil/West and b/msys2/usr/share/zoneinfo/right/Brazil/West differ
diff --git a/msys2/usr/share/zoneinfo/right/CET b/msys2/usr/share/zoneinfo/right/CET
index 6577640b3..068845cfb 100644
Binary files a/msys2/usr/share/zoneinfo/right/CET and b/msys2/usr/share/zoneinfo/right/CET differ
diff --git a/msys2/usr/share/zoneinfo/right/CST6CDT b/msys2/usr/share/zoneinfo/right/CST6CDT
index e563376b6..c7464cee3 100644
Binary files a/msys2/usr/share/zoneinfo/right/CST6CDT and b/msys2/usr/share/zoneinfo/right/CST6CDT differ
diff --git a/msys2/usr/share/zoneinfo/right/Canada/Atlantic b/msys2/usr/share/zoneinfo/right/Canada/Atlantic
index 7e687bded..907433594 100644
Binary files a/msys2/usr/share/zoneinfo/right/Canada/Atlantic and b/msys2/usr/share/zoneinfo/right/Canada/Atlantic differ
diff --git a/msys2/usr/share/zoneinfo/right/Canada/Central b/msys2/usr/share/zoneinfo/right/Canada/Central
index bc1537c15..1451f68fa 100644
Binary files a/msys2/usr/share/zoneinfo/right/Canada/Central and b/msys2/usr/share/zoneinfo/right/Canada/Central differ
diff --git a/msys2/usr/share/zoneinfo/right/Canada/Eastern b/msys2/usr/share/zoneinfo/right/Canada/Eastern
index 4feb7e6c8..bc61d6373 100644
Binary files a/msys2/usr/share/zoneinfo/right/Canada/Eastern and b/msys2/usr/share/zoneinfo/right/Canada/Eastern differ
diff --git a/msys2/usr/share/zoneinfo/right/Canada/Mountain b/msys2/usr/share/zoneinfo/right/Canada/Mountain
index 25c58306f..8057b3151 100644
Binary files a/msys2/usr/share/zoneinfo/right/Canada/Mountain and b/msys2/usr/share/zoneinfo/right/Canada/Mountain differ
diff --git a/msys2/usr/share/zoneinfo/right/Canada/Newfoundland b/msys2/usr/share/zoneinfo/right/Canada/Newfoundland
index 6968b2b3a..fed29a72a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Canada/Newfoundland and b/msys2/usr/share/zoneinfo/right/Canada/Newfoundland differ
diff --git a/msys2/usr/share/zoneinfo/right/Canada/Pacific b/msys2/usr/share/zoneinfo/right/Canada/Pacific
index ed712335d..71250196b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Canada/Pacific and b/msys2/usr/share/zoneinfo/right/Canada/Pacific differ
diff --git a/msys2/usr/share/zoneinfo/right/Canada/Saskatchewan b/msys2/usr/share/zoneinfo/right/Canada/Saskatchewan
index 7089b1469..a30dc8bc9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Canada/Saskatchewan and b/msys2/usr/share/zoneinfo/right/Canada/Saskatchewan differ
diff --git a/msys2/usr/share/zoneinfo/right/Canada/Yukon b/msys2/usr/share/zoneinfo/right/Canada/Yukon
index 633759a9b..e1f18af6f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Canada/Yukon and b/msys2/usr/share/zoneinfo/right/Canada/Yukon differ
diff --git a/msys2/usr/share/zoneinfo/right/Chile/Continental b/msys2/usr/share/zoneinfo/right/Chile/Continental
index a3c8230e3..48ff2f47d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Chile/Continental and b/msys2/usr/share/zoneinfo/right/Chile/Continental differ
diff --git a/msys2/usr/share/zoneinfo/right/Chile/EasterIsland b/msys2/usr/share/zoneinfo/right/Chile/EasterIsland
index c4e9f924b..8cdb84c98 100644
Binary files a/msys2/usr/share/zoneinfo/right/Chile/EasterIsland and b/msys2/usr/share/zoneinfo/right/Chile/EasterIsland differ
diff --git a/msys2/usr/share/zoneinfo/right/Cuba b/msys2/usr/share/zoneinfo/right/Cuba
index 76ead1997..5ced0a034 100644
Binary files a/msys2/usr/share/zoneinfo/right/Cuba and b/msys2/usr/share/zoneinfo/right/Cuba differ
diff --git a/msys2/usr/share/zoneinfo/right/EET b/msys2/usr/share/zoneinfo/right/EET
index a41188a22..744848028 100644
Binary files a/msys2/usr/share/zoneinfo/right/EET and b/msys2/usr/share/zoneinfo/right/EET differ
diff --git a/msys2/usr/share/zoneinfo/right/EST b/msys2/usr/share/zoneinfo/right/EST
index 5be05370a..9de3e52b1 100644
Binary files a/msys2/usr/share/zoneinfo/right/EST and b/msys2/usr/share/zoneinfo/right/EST differ
diff --git a/msys2/usr/share/zoneinfo/right/EST5EDT b/msys2/usr/share/zoneinfo/right/EST5EDT
index 4cc678a12..acc0dfc60 100644
Binary files a/msys2/usr/share/zoneinfo/right/EST5EDT and b/msys2/usr/share/zoneinfo/right/EST5EDT differ
diff --git a/msys2/usr/share/zoneinfo/right/Egypt b/msys2/usr/share/zoneinfo/right/Egypt
index 8efe9ee1f..b6d09628c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Egypt and b/msys2/usr/share/zoneinfo/right/Egypt differ
diff --git a/msys2/usr/share/zoneinfo/right/Eire b/msys2/usr/share/zoneinfo/right/Eire
index 0a6764d21..7e1c15cfc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Eire and b/msys2/usr/share/zoneinfo/right/Eire differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT b/msys2/usr/share/zoneinfo/right/Etc/GMT
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT and b/msys2/usr/share/zoneinfo/right/Etc/GMT differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+0 b/msys2/usr/share/zoneinfo/right/Etc/GMT+0
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+0 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+0 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+1 b/msys2/usr/share/zoneinfo/right/Etc/GMT+1
index 002fed356..bd7610c8a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+1 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+1 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+10 b/msys2/usr/share/zoneinfo/right/Etc/GMT+10
index ec2d028c4..8e62a367e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+10 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+10 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+11 b/msys2/usr/share/zoneinfo/right/Etc/GMT+11
index 3ef6a433d..512107170 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+11 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+11 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+12 b/msys2/usr/share/zoneinfo/right/Etc/GMT+12
index b834412fa..1eb2b9a63 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+12 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+12 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+2 b/msys2/usr/share/zoneinfo/right/Etc/GMT+2
index c70c0569b..b2f42179e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+2 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+2 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+3 b/msys2/usr/share/zoneinfo/right/Etc/GMT+3
index 3d965f4d4..4f052dff9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+3 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+3 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+4 b/msys2/usr/share/zoneinfo/right/Etc/GMT+4
index 33c30c304..f226f6889 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+4 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+4 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+5 b/msys2/usr/share/zoneinfo/right/Etc/GMT+5
index 39bbcb31e..fbe1fdc85 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+5 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+5 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+6 b/msys2/usr/share/zoneinfo/right/Etc/GMT+6
index ce1510bbd..d0da4b1f2 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+6 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+6 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+7 b/msys2/usr/share/zoneinfo/right/Etc/GMT+7
index 851275844..03cf43742 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+7 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+7 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+8 b/msys2/usr/share/zoneinfo/right/Etc/GMT+8
index 2c0ec4405..0d70ef0a9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+8 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+8 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT+9 b/msys2/usr/share/zoneinfo/right/Etc/GMT+9
index c2dbf0210..dcb9f0ac4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT+9 and b/msys2/usr/share/zoneinfo/right/Etc/GMT+9 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-0 b/msys2/usr/share/zoneinfo/right/Etc/GMT-0
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-0 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-0 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-1 b/msys2/usr/share/zoneinfo/right/Etc/GMT-1
index 9eb1df8a6..1e653ab7e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-1 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-1 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-10 b/msys2/usr/share/zoneinfo/right/Etc/GMT-10
index b4b4a42f2..3087f65d7 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-10 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-10 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-11 b/msys2/usr/share/zoneinfo/right/Etc/GMT-11
index 20cf68188..11d464d97 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-11 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-11 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-12 b/msys2/usr/share/zoneinfo/right/Etc/GMT-12
index a8b1c444b..12bca43db 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-12 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-12 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-13 b/msys2/usr/share/zoneinfo/right/Etc/GMT-13
index 7805a27d6..04d5e0c1e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-13 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-13 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-14 b/msys2/usr/share/zoneinfo/right/Etc/GMT-14
index a5006878d..9c2be780d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-14 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-14 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-2 b/msys2/usr/share/zoneinfo/right/Etc/GMT-2
index 44d2886cb..5782a3238 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-2 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-2 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-3 b/msys2/usr/share/zoneinfo/right/Etc/GMT-3
index ca8b9398e..b71230bfa 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-3 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-3 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-4 b/msys2/usr/share/zoneinfo/right/Etc/GMT-4
index baefe4965..f53089076 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-4 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-4 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-5 b/msys2/usr/share/zoneinfo/right/Etc/GMT-5
index d1974ea34..06bb0d709 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-5 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-5 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-6 b/msys2/usr/share/zoneinfo/right/Etc/GMT-6
index b6afbe064..cf2c263c5 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-6 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-6 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-7 b/msys2/usr/share/zoneinfo/right/Etc/GMT-7
index f97fd5362..aaacb0bb0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-7 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-7 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-8 b/msys2/usr/share/zoneinfo/right/Etc/GMT-8
index 3a308848d..43f79d6be 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-8 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-8 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT-9 b/msys2/usr/share/zoneinfo/right/Etc/GMT-9
index 1bf7bee4c..6e0118df6 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT-9 and b/msys2/usr/share/zoneinfo/right/Etc/GMT-9 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/GMT0 b/msys2/usr/share/zoneinfo/right/Etc/GMT0
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/GMT0 and b/msys2/usr/share/zoneinfo/right/Etc/GMT0 differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/Greenwich b/msys2/usr/share/zoneinfo/right/Etc/Greenwich
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/Greenwich and b/msys2/usr/share/zoneinfo/right/Etc/Greenwich differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/UCT b/msys2/usr/share/zoneinfo/right/Etc/UCT
index e58d30cc8..18f8b3ca9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/UCT and b/msys2/usr/share/zoneinfo/right/Etc/UCT differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/UTC b/msys2/usr/share/zoneinfo/right/Etc/UTC
index 0ac68dd47..18f8b3ca9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/UTC and b/msys2/usr/share/zoneinfo/right/Etc/UTC differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/Universal b/msys2/usr/share/zoneinfo/right/Etc/Universal
index 0ac68dd47..18f8b3ca9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/Universal and b/msys2/usr/share/zoneinfo/right/Etc/Universal differ
diff --git a/msys2/usr/share/zoneinfo/right/Etc/Zulu b/msys2/usr/share/zoneinfo/right/Etc/Zulu
index 0ac68dd47..18f8b3ca9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Etc/Zulu and b/msys2/usr/share/zoneinfo/right/Etc/Zulu differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Amsterdam b/msys2/usr/share/zoneinfo/right/Europe/Amsterdam
index 586cb7f4a..9f38dddac 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Amsterdam and b/msys2/usr/share/zoneinfo/right/Europe/Amsterdam differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Andorra b/msys2/usr/share/zoneinfo/right/Europe/Andorra
index 919071c62..34117d603 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Andorra and b/msys2/usr/share/zoneinfo/right/Europe/Andorra differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Astrakhan b/msys2/usr/share/zoneinfo/right/Europe/Astrakhan
index aceb310ad..761dbb0ee 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Astrakhan and b/msys2/usr/share/zoneinfo/right/Europe/Astrakhan differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Athens b/msys2/usr/share/zoneinfo/right/Europe/Athens
index 28666e4cf..611e70a6a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Athens and b/msys2/usr/share/zoneinfo/right/Europe/Athens differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Belfast b/msys2/usr/share/zoneinfo/right/Europe/Belfast
index 2b895bdb5..1a14e7816 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Belfast and b/msys2/usr/share/zoneinfo/right/Europe/Belfast differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Belgrade b/msys2/usr/share/zoneinfo/right/Europe/Belgrade
index 3deee9731..88425c029 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Belgrade and b/msys2/usr/share/zoneinfo/right/Europe/Belgrade differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Berlin b/msys2/usr/share/zoneinfo/right/Europe/Berlin
index 8e6c5d262..df8a0db7e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Berlin and b/msys2/usr/share/zoneinfo/right/Europe/Berlin differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Bratislava b/msys2/usr/share/zoneinfo/right/Europe/Bratislava
index 3c4790603..394851733 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Bratislava and b/msys2/usr/share/zoneinfo/right/Europe/Bratislava differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Brussels b/msys2/usr/share/zoneinfo/right/Europe/Brussels
index 991d457ac..3e7306dd7 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Brussels and b/msys2/usr/share/zoneinfo/right/Europe/Brussels differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Bucharest b/msys2/usr/share/zoneinfo/right/Europe/Bucharest
index 37de6ede3..6e9e85771 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Bucharest and b/msys2/usr/share/zoneinfo/right/Europe/Bucharest differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Budapest b/msys2/usr/share/zoneinfo/right/Europe/Budapest
index e14b17da5..bce3b3986 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Budapest and b/msys2/usr/share/zoneinfo/right/Europe/Budapest differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Busingen b/msys2/usr/share/zoneinfo/right/Europe/Busingen
index 49c87a1dd..91dfca09e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Busingen and b/msys2/usr/share/zoneinfo/right/Europe/Busingen differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Chisinau b/msys2/usr/share/zoneinfo/right/Europe/Chisinau
index c0e114157..13a9470ed 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Chisinau and b/msys2/usr/share/zoneinfo/right/Europe/Chisinau differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Copenhagen b/msys2/usr/share/zoneinfo/right/Europe/Copenhagen
index 04c2cb6ad..912d2860d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Copenhagen and b/msys2/usr/share/zoneinfo/right/Europe/Copenhagen differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Dublin b/msys2/usr/share/zoneinfo/right/Europe/Dublin
index 0a6764d21..7e1c15cfc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Dublin and b/msys2/usr/share/zoneinfo/right/Europe/Dublin differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Gibraltar b/msys2/usr/share/zoneinfo/right/Europe/Gibraltar
index 810e3f998..a9f8abc07 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Gibraltar and b/msys2/usr/share/zoneinfo/right/Europe/Gibraltar differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Guernsey b/msys2/usr/share/zoneinfo/right/Europe/Guernsey
index 2b895bdb5..1a14e7816 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Guernsey and b/msys2/usr/share/zoneinfo/right/Europe/Guernsey differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Helsinki b/msys2/usr/share/zoneinfo/right/Europe/Helsinki
index b7cf668f2..ad409c10e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Helsinki and b/msys2/usr/share/zoneinfo/right/Europe/Helsinki differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Isle_of_Man b/msys2/usr/share/zoneinfo/right/Europe/Isle_of_Man
index 2b895bdb5..1a14e7816 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Isle_of_Man and b/msys2/usr/share/zoneinfo/right/Europe/Isle_of_Man differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Istanbul b/msys2/usr/share/zoneinfo/right/Europe/Istanbul
index 27933a5ce..b1c5be3a9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Istanbul and b/msys2/usr/share/zoneinfo/right/Europe/Istanbul differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Jersey b/msys2/usr/share/zoneinfo/right/Europe/Jersey
index 2b895bdb5..1a14e7816 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Jersey and b/msys2/usr/share/zoneinfo/right/Europe/Jersey differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Kaliningrad b/msys2/usr/share/zoneinfo/right/Europe/Kaliningrad
index 5600e1121..81ef190f1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Kaliningrad and b/msys2/usr/share/zoneinfo/right/Europe/Kaliningrad differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Kiev b/msys2/usr/share/zoneinfo/right/Europe/Kiev
index b8b8d36cc..60bbaabf6 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Kiev and b/msys2/usr/share/zoneinfo/right/Europe/Kiev differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Kirov b/msys2/usr/share/zoneinfo/right/Europe/Kirov
index 6b222c2b7..2e1b6f8ed 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Kirov and b/msys2/usr/share/zoneinfo/right/Europe/Kirov differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Lisbon b/msys2/usr/share/zoneinfo/right/Europe/Lisbon
index f4edfff20..28118d80a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Lisbon and b/msys2/usr/share/zoneinfo/right/Europe/Lisbon differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Ljubljana b/msys2/usr/share/zoneinfo/right/Europe/Ljubljana
index 3deee9731..88425c029 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Ljubljana and b/msys2/usr/share/zoneinfo/right/Europe/Ljubljana differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/London b/msys2/usr/share/zoneinfo/right/Europe/London
index 2b895bdb5..1a14e7816 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/London and b/msys2/usr/share/zoneinfo/right/Europe/London differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Luxembourg b/msys2/usr/share/zoneinfo/right/Europe/Luxembourg
index cbbc96691..83766c2b8 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Luxembourg and b/msys2/usr/share/zoneinfo/right/Europe/Luxembourg differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Madrid b/msys2/usr/share/zoneinfo/right/Europe/Madrid
index 592d1e600..973d98133 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Madrid and b/msys2/usr/share/zoneinfo/right/Europe/Madrid differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Malta b/msys2/usr/share/zoneinfo/right/Europe/Malta
index c114f8490..2aea76be8 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Malta and b/msys2/usr/share/zoneinfo/right/Europe/Malta differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Mariehamn b/msys2/usr/share/zoneinfo/right/Europe/Mariehamn
index b7cf668f2..ad409c10e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Mariehamn and b/msys2/usr/share/zoneinfo/right/Europe/Mariehamn differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Minsk b/msys2/usr/share/zoneinfo/right/Europe/Minsk
index 8c3cc1718..49fd2f8bd 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Minsk and b/msys2/usr/share/zoneinfo/right/Europe/Minsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Monaco b/msys2/usr/share/zoneinfo/right/Europe/Monaco
index d87cd5726..df05ee43a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Monaco and b/msys2/usr/share/zoneinfo/right/Europe/Monaco differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Moscow b/msys2/usr/share/zoneinfo/right/Europe/Moscow
index 41dc43fe2..609f89c59 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Moscow and b/msys2/usr/share/zoneinfo/right/Europe/Moscow differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Nicosia b/msys2/usr/share/zoneinfo/right/Europe/Nicosia
index 8cd89a3a1..d3aafd2de 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Nicosia and b/msys2/usr/share/zoneinfo/right/Europe/Nicosia differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Oslo b/msys2/usr/share/zoneinfo/right/Europe/Oslo
index 3d519c11d..4a8cdd1ed 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Oslo and b/msys2/usr/share/zoneinfo/right/Europe/Oslo differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Paris b/msys2/usr/share/zoneinfo/right/Europe/Paris
index 23be38404..aea3dacaa 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Paris and b/msys2/usr/share/zoneinfo/right/Europe/Paris differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Podgorica b/msys2/usr/share/zoneinfo/right/Europe/Podgorica
index 3deee9731..88425c029 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Podgorica and b/msys2/usr/share/zoneinfo/right/Europe/Podgorica differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Prague b/msys2/usr/share/zoneinfo/right/Europe/Prague
index 3c4790603..394851733 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Prague and b/msys2/usr/share/zoneinfo/right/Europe/Prague differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Riga b/msys2/usr/share/zoneinfo/right/Europe/Riga
index bd5d5f919..1ae914b18 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Riga and b/msys2/usr/share/zoneinfo/right/Europe/Riga differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Rome b/msys2/usr/share/zoneinfo/right/Europe/Rome
index e12051c20..6e6d59f53 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Rome and b/msys2/usr/share/zoneinfo/right/Europe/Rome differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Samara b/msys2/usr/share/zoneinfo/right/Europe/Samara
index 9aa2777e0..8f0f45b57 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Samara and b/msys2/usr/share/zoneinfo/right/Europe/Samara differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/San_Marino b/msys2/usr/share/zoneinfo/right/Europe/San_Marino
index e12051c20..6e6d59f53 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/San_Marino and b/msys2/usr/share/zoneinfo/right/Europe/San_Marino differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Sarajevo b/msys2/usr/share/zoneinfo/right/Europe/Sarajevo
index 3deee9731..88425c029 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Sarajevo and b/msys2/usr/share/zoneinfo/right/Europe/Sarajevo differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Saratov b/msys2/usr/share/zoneinfo/right/Europe/Saratov
index 354f36506..3798cb309 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Saratov and b/msys2/usr/share/zoneinfo/right/Europe/Saratov differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Simferopol b/msys2/usr/share/zoneinfo/right/Europe/Simferopol
index be29f9973..1fde63081 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Simferopol and b/msys2/usr/share/zoneinfo/right/Europe/Simferopol differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Skopje b/msys2/usr/share/zoneinfo/right/Europe/Skopje
index 3deee9731..88425c029 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Skopje and b/msys2/usr/share/zoneinfo/right/Europe/Skopje differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Sofia b/msys2/usr/share/zoneinfo/right/Europe/Sofia
index fc7845793..d29c0c45d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Sofia and b/msys2/usr/share/zoneinfo/right/Europe/Sofia differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Stockholm b/msys2/usr/share/zoneinfo/right/Europe/Stockholm
index 9d9c236b5..59ec94b14 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Stockholm and b/msys2/usr/share/zoneinfo/right/Europe/Stockholm differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Tallinn b/msys2/usr/share/zoneinfo/right/Europe/Tallinn
index dee81af1b..aeab882ef 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Tallinn and b/msys2/usr/share/zoneinfo/right/Europe/Tallinn differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Tirane b/msys2/usr/share/zoneinfo/right/Europe/Tirane
index f5d07fb7d..796c28b7a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Tirane and b/msys2/usr/share/zoneinfo/right/Europe/Tirane differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Tiraspol b/msys2/usr/share/zoneinfo/right/Europe/Tiraspol
index c0e114157..13a9470ed 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Tiraspol and b/msys2/usr/share/zoneinfo/right/Europe/Tiraspol differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Ulyanovsk b/msys2/usr/share/zoneinfo/right/Europe/Ulyanovsk
index 7f19ce0cd..44ef4e502 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Ulyanovsk and b/msys2/usr/share/zoneinfo/right/Europe/Ulyanovsk differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Uzhgorod b/msys2/usr/share/zoneinfo/right/Europe/Uzhgorod
index 2f8366ddc..2c66e22b9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Uzhgorod and b/msys2/usr/share/zoneinfo/right/Europe/Uzhgorod differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Vaduz b/msys2/usr/share/zoneinfo/right/Europe/Vaduz
index 49c87a1dd..91dfca09e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Vaduz and b/msys2/usr/share/zoneinfo/right/Europe/Vaduz differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Vatican b/msys2/usr/share/zoneinfo/right/Europe/Vatican
index e12051c20..6e6d59f53 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Vatican and b/msys2/usr/share/zoneinfo/right/Europe/Vatican differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Vienna b/msys2/usr/share/zoneinfo/right/Europe/Vienna
index 1e93209a8..e7b42a76b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Vienna and b/msys2/usr/share/zoneinfo/right/Europe/Vienna differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Vilnius b/msys2/usr/share/zoneinfo/right/Europe/Vilnius
index d1b53cf78..68a8a0922 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Vilnius and b/msys2/usr/share/zoneinfo/right/Europe/Vilnius differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Volgograd b/msys2/usr/share/zoneinfo/right/Europe/Volgograd
index 9df5e03ac..968575cfc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Volgograd and b/msys2/usr/share/zoneinfo/right/Europe/Volgograd differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Warsaw b/msys2/usr/share/zoneinfo/right/Europe/Warsaw
index 4b849f7ae..10a67967b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Warsaw and b/msys2/usr/share/zoneinfo/right/Europe/Warsaw differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Zagreb b/msys2/usr/share/zoneinfo/right/Europe/Zagreb
index 3deee9731..88425c029 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Zagreb and b/msys2/usr/share/zoneinfo/right/Europe/Zagreb differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Zaporozhye b/msys2/usr/share/zoneinfo/right/Europe/Zaporozhye
index 7c6df8f87..585355a29 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Zaporozhye and b/msys2/usr/share/zoneinfo/right/Europe/Zaporozhye differ
diff --git a/msys2/usr/share/zoneinfo/right/Europe/Zurich b/msys2/usr/share/zoneinfo/right/Europe/Zurich
index 49c87a1dd..91dfca09e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Europe/Zurich and b/msys2/usr/share/zoneinfo/right/Europe/Zurich differ
diff --git a/msys2/usr/share/zoneinfo/right/Factory b/msys2/usr/share/zoneinfo/right/Factory
index 1c47ada5a..8a11b1318 100644
Binary files a/msys2/usr/share/zoneinfo/right/Factory and b/msys2/usr/share/zoneinfo/right/Factory differ
diff --git a/msys2/usr/share/zoneinfo/right/GB b/msys2/usr/share/zoneinfo/right/GB
index 2b895bdb5..1a14e7816 100644
Binary files a/msys2/usr/share/zoneinfo/right/GB and b/msys2/usr/share/zoneinfo/right/GB differ
diff --git a/msys2/usr/share/zoneinfo/right/GB-Eire b/msys2/usr/share/zoneinfo/right/GB-Eire
index 2b895bdb5..1a14e7816 100644
Binary files a/msys2/usr/share/zoneinfo/right/GB-Eire and b/msys2/usr/share/zoneinfo/right/GB-Eire differ
diff --git a/msys2/usr/share/zoneinfo/right/GMT b/msys2/usr/share/zoneinfo/right/GMT
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/GMT and b/msys2/usr/share/zoneinfo/right/GMT differ
diff --git a/msys2/usr/share/zoneinfo/right/GMT+0 b/msys2/usr/share/zoneinfo/right/GMT+0
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/GMT+0 and b/msys2/usr/share/zoneinfo/right/GMT+0 differ
diff --git a/msys2/usr/share/zoneinfo/right/GMT-0 b/msys2/usr/share/zoneinfo/right/GMT-0
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/GMT-0 and b/msys2/usr/share/zoneinfo/right/GMT-0 differ
diff --git a/msys2/usr/share/zoneinfo/right/GMT0 b/msys2/usr/share/zoneinfo/right/GMT0
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/GMT0 and b/msys2/usr/share/zoneinfo/right/GMT0 differ
diff --git a/msys2/usr/share/zoneinfo/right/Greenwich b/msys2/usr/share/zoneinfo/right/Greenwich
index a0d762f65..59038a359 100644
Binary files a/msys2/usr/share/zoneinfo/right/Greenwich and b/msys2/usr/share/zoneinfo/right/Greenwich differ
diff --git a/msys2/usr/share/zoneinfo/right/HST b/msys2/usr/share/zoneinfo/right/HST
index 0c343be50..098a1ab09 100644
Binary files a/msys2/usr/share/zoneinfo/right/HST and b/msys2/usr/share/zoneinfo/right/HST differ
diff --git a/msys2/usr/share/zoneinfo/right/Hongkong b/msys2/usr/share/zoneinfo/right/Hongkong
index 1a1101341..64496dc68 100644
Binary files a/msys2/usr/share/zoneinfo/right/Hongkong and b/msys2/usr/share/zoneinfo/right/Hongkong differ
diff --git a/msys2/usr/share/zoneinfo/right/Iceland b/msys2/usr/share/zoneinfo/right/Iceland
index d3079a80c..35106c260 100644
Binary files a/msys2/usr/share/zoneinfo/right/Iceland and b/msys2/usr/share/zoneinfo/right/Iceland differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Antananarivo b/msys2/usr/share/zoneinfo/right/Indian/Antananarivo
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Antananarivo and b/msys2/usr/share/zoneinfo/right/Indian/Antananarivo differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Chagos b/msys2/usr/share/zoneinfo/right/Indian/Chagos
index 7abf38da3..0ba80da65 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Chagos and b/msys2/usr/share/zoneinfo/right/Indian/Chagos differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Christmas b/msys2/usr/share/zoneinfo/right/Indian/Christmas
index 798acb966..7848d46a1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Christmas and b/msys2/usr/share/zoneinfo/right/Indian/Christmas differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Cocos b/msys2/usr/share/zoneinfo/right/Indian/Cocos
index 0a913fc85..4de53d50f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Cocos and b/msys2/usr/share/zoneinfo/right/Indian/Cocos differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Comoro b/msys2/usr/share/zoneinfo/right/Indian/Comoro
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Comoro and b/msys2/usr/share/zoneinfo/right/Indian/Comoro differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Kerguelen b/msys2/usr/share/zoneinfo/right/Indian/Kerguelen
index de40b5c11..80b636a9a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Kerguelen and b/msys2/usr/share/zoneinfo/right/Indian/Kerguelen differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Mahe b/msys2/usr/share/zoneinfo/right/Indian/Mahe
index fde4700bb..af5a50b83 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Mahe and b/msys2/usr/share/zoneinfo/right/Indian/Mahe differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Maldives b/msys2/usr/share/zoneinfo/right/Indian/Maldives
index 7fe90701c..d7f9ff141 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Maldives and b/msys2/usr/share/zoneinfo/right/Indian/Maldives differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Mauritius b/msys2/usr/share/zoneinfo/right/Indian/Mauritius
index b8be056af..a26440882 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Mauritius and b/msys2/usr/share/zoneinfo/right/Indian/Mauritius differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Mayotte b/msys2/usr/share/zoneinfo/right/Indian/Mayotte
index c1c5e4c2f..3c6917de0 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Mayotte and b/msys2/usr/share/zoneinfo/right/Indian/Mayotte differ
diff --git a/msys2/usr/share/zoneinfo/right/Indian/Reunion b/msys2/usr/share/zoneinfo/right/Indian/Reunion
index aaba49a92..e41ef56b2 100644
Binary files a/msys2/usr/share/zoneinfo/right/Indian/Reunion and b/msys2/usr/share/zoneinfo/right/Indian/Reunion differ
diff --git a/msys2/usr/share/zoneinfo/right/Iran b/msys2/usr/share/zoneinfo/right/Iran
index f5f0059bc..9b45bdb64 100644
Binary files a/msys2/usr/share/zoneinfo/right/Iran and b/msys2/usr/share/zoneinfo/right/Iran differ
diff --git a/msys2/usr/share/zoneinfo/right/Israel b/msys2/usr/share/zoneinfo/right/Israel
index 5cc48a386..235cd34a2 100644
Binary files a/msys2/usr/share/zoneinfo/right/Israel and b/msys2/usr/share/zoneinfo/right/Israel differ
diff --git a/msys2/usr/share/zoneinfo/right/Jamaica b/msys2/usr/share/zoneinfo/right/Jamaica
index 0ea55bf4b..3c1a2c3dc 100644
Binary files a/msys2/usr/share/zoneinfo/right/Jamaica and b/msys2/usr/share/zoneinfo/right/Jamaica differ
diff --git a/msys2/usr/share/zoneinfo/right/Japan b/msys2/usr/share/zoneinfo/right/Japan
index b9a8a151e..f757c2b8f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Japan and b/msys2/usr/share/zoneinfo/right/Japan differ
diff --git a/msys2/usr/share/zoneinfo/right/Kwajalein b/msys2/usr/share/zoneinfo/right/Kwajalein
index 6c81e9a79..8c01c2be7 100644
Binary files a/msys2/usr/share/zoneinfo/right/Kwajalein and b/msys2/usr/share/zoneinfo/right/Kwajalein differ
diff --git a/msys2/usr/share/zoneinfo/right/Libya b/msys2/usr/share/zoneinfo/right/Libya
index 86780069c..fd3d1706a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Libya and b/msys2/usr/share/zoneinfo/right/Libya differ
diff --git a/msys2/usr/share/zoneinfo/right/MET b/msys2/usr/share/zoneinfo/right/MET
index 358d24477..e7ba91016 100644
Binary files a/msys2/usr/share/zoneinfo/right/MET and b/msys2/usr/share/zoneinfo/right/MET differ
diff --git a/msys2/usr/share/zoneinfo/right/MST b/msys2/usr/share/zoneinfo/right/MST
index f5942c184..317723cdf 100644
Binary files a/msys2/usr/share/zoneinfo/right/MST and b/msys2/usr/share/zoneinfo/right/MST differ
diff --git a/msys2/usr/share/zoneinfo/right/MST7MDT b/msys2/usr/share/zoneinfo/right/MST7MDT
index fe559d4e7..a5f173413 100644
Binary files a/msys2/usr/share/zoneinfo/right/MST7MDT and b/msys2/usr/share/zoneinfo/right/MST7MDT differ
diff --git a/msys2/usr/share/zoneinfo/right/Mexico/BajaNorte b/msys2/usr/share/zoneinfo/right/Mexico/BajaNorte
index b89adf4d7..54e9d3ba1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Mexico/BajaNorte and b/msys2/usr/share/zoneinfo/right/Mexico/BajaNorte differ
diff --git a/msys2/usr/share/zoneinfo/right/Mexico/BajaSur b/msys2/usr/share/zoneinfo/right/Mexico/BajaSur
index 7e0968597..1090c774f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Mexico/BajaSur and b/msys2/usr/share/zoneinfo/right/Mexico/BajaSur differ
diff --git a/msys2/usr/share/zoneinfo/right/Mexico/General b/msys2/usr/share/zoneinfo/right/Mexico/General
index fab49cba9..fa5cedeea 100644
Binary files a/msys2/usr/share/zoneinfo/right/Mexico/General and b/msys2/usr/share/zoneinfo/right/Mexico/General differ
diff --git a/msys2/usr/share/zoneinfo/right/NZ b/msys2/usr/share/zoneinfo/right/NZ
index ad08d4055..cd612425a 100644
Binary files a/msys2/usr/share/zoneinfo/right/NZ and b/msys2/usr/share/zoneinfo/right/NZ differ
diff --git a/msys2/usr/share/zoneinfo/right/NZ-CHAT b/msys2/usr/share/zoneinfo/right/NZ-CHAT
index dae8fc837..7a244746e 100644
Binary files a/msys2/usr/share/zoneinfo/right/NZ-CHAT and b/msys2/usr/share/zoneinfo/right/NZ-CHAT differ
diff --git a/msys2/usr/share/zoneinfo/right/Navajo b/msys2/usr/share/zoneinfo/right/Navajo
index d482f3910..155b296ee 100644
Binary files a/msys2/usr/share/zoneinfo/right/Navajo and b/msys2/usr/share/zoneinfo/right/Navajo differ
diff --git a/msys2/usr/share/zoneinfo/right/PRC b/msys2/usr/share/zoneinfo/right/PRC
index 20e548b77..27f6760b4 100644
Binary files a/msys2/usr/share/zoneinfo/right/PRC and b/msys2/usr/share/zoneinfo/right/PRC differ
diff --git a/msys2/usr/share/zoneinfo/right/PST8PDT b/msys2/usr/share/zoneinfo/right/PST8PDT
index 97a74b86c..b9c46d4a5 100644
Binary files a/msys2/usr/share/zoneinfo/right/PST8PDT and b/msys2/usr/share/zoneinfo/right/PST8PDT differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Apia b/msys2/usr/share/zoneinfo/right/Pacific/Apia
index f31f99dea..7af7c102f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Apia and b/msys2/usr/share/zoneinfo/right/Pacific/Apia differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Auckland b/msys2/usr/share/zoneinfo/right/Pacific/Auckland
index ad08d4055..cd612425a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Auckland and b/msys2/usr/share/zoneinfo/right/Pacific/Auckland differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Bougainville b/msys2/usr/share/zoneinfo/right/Pacific/Bougainville
index b329a0905..a4da9c037 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Bougainville and b/msys2/usr/share/zoneinfo/right/Pacific/Bougainville differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Chatham b/msys2/usr/share/zoneinfo/right/Pacific/Chatham
index dae8fc837..7a244746e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Chatham and b/msys2/usr/share/zoneinfo/right/Pacific/Chatham differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Chuuk b/msys2/usr/share/zoneinfo/right/Pacific/Chuuk
index a08376a52..3a5d8cd28 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Chuuk and b/msys2/usr/share/zoneinfo/right/Pacific/Chuuk differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Easter b/msys2/usr/share/zoneinfo/right/Pacific/Easter
index c4e9f924b..8cdb84c98 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Easter and b/msys2/usr/share/zoneinfo/right/Pacific/Easter differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Efate b/msys2/usr/share/zoneinfo/right/Pacific/Efate
index 712844702..7de80622c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Efate and b/msys2/usr/share/zoneinfo/right/Pacific/Efate differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Enderbury b/msys2/usr/share/zoneinfo/right/Pacific/Enderbury
index 11276a32a..905fc6cfa 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Enderbury and b/msys2/usr/share/zoneinfo/right/Pacific/Enderbury differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Fakaofo b/msys2/usr/share/zoneinfo/right/Pacific/Fakaofo
index b7dbda944..a8340465c 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Fakaofo and b/msys2/usr/share/zoneinfo/right/Pacific/Fakaofo differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Fiji b/msys2/usr/share/zoneinfo/right/Pacific/Fiji
index 99d11f8d1..f49588196 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Fiji and b/msys2/usr/share/zoneinfo/right/Pacific/Fiji differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Funafuti b/msys2/usr/share/zoneinfo/right/Pacific/Funafuti
index 66b5b029e..72494eb6b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Funafuti and b/msys2/usr/share/zoneinfo/right/Pacific/Funafuti differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Galapagos b/msys2/usr/share/zoneinfo/right/Pacific/Galapagos
index d004b75e4..58f6b75b2 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Galapagos and b/msys2/usr/share/zoneinfo/right/Pacific/Galapagos differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Gambier b/msys2/usr/share/zoneinfo/right/Pacific/Gambier
index 8b5a5a0e1..9dccfd746 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Gambier and b/msys2/usr/share/zoneinfo/right/Pacific/Gambier differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Guadalcanal b/msys2/usr/share/zoneinfo/right/Pacific/Guadalcanal
index 5926b01d7..90c3f1416 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Guadalcanal and b/msys2/usr/share/zoneinfo/right/Pacific/Guadalcanal differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Guam b/msys2/usr/share/zoneinfo/right/Pacific/Guam
index ac222f705..c13eacdb1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Guam and b/msys2/usr/share/zoneinfo/right/Pacific/Guam differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Honolulu b/msys2/usr/share/zoneinfo/right/Pacific/Honolulu
index 93b237769..fa10ea3e9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Honolulu and b/msys2/usr/share/zoneinfo/right/Pacific/Honolulu differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Johnston b/msys2/usr/share/zoneinfo/right/Pacific/Johnston
index 93b237769..fa10ea3e9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Johnston and b/msys2/usr/share/zoneinfo/right/Pacific/Johnston differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Kiritimati b/msys2/usr/share/zoneinfo/right/Pacific/Kiritimati
index af87ab862..1de1df92d 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Kiritimati and b/msys2/usr/share/zoneinfo/right/Pacific/Kiritimati differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Kosrae b/msys2/usr/share/zoneinfo/right/Pacific/Kosrae
index 1e76ee200..e42fba604 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Kosrae and b/msys2/usr/share/zoneinfo/right/Pacific/Kosrae differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Kwajalein b/msys2/usr/share/zoneinfo/right/Pacific/Kwajalein
index 6c81e9a79..8c01c2be7 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Kwajalein and b/msys2/usr/share/zoneinfo/right/Pacific/Kwajalein differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Majuro b/msys2/usr/share/zoneinfo/right/Pacific/Majuro
index c7bd19f09..cad3009ae 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Majuro and b/msys2/usr/share/zoneinfo/right/Pacific/Majuro differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Marquesas b/msys2/usr/share/zoneinfo/right/Pacific/Marquesas
index 6480dc2e5..064886f9b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Marquesas and b/msys2/usr/share/zoneinfo/right/Pacific/Marquesas differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Midway b/msys2/usr/share/zoneinfo/right/Pacific/Midway
index c3c184410..496e6c6c4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Midway and b/msys2/usr/share/zoneinfo/right/Pacific/Midway differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Nauru b/msys2/usr/share/zoneinfo/right/Pacific/Nauru
index 7619e4858..430897351 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Nauru and b/msys2/usr/share/zoneinfo/right/Pacific/Nauru differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Niue b/msys2/usr/share/zoneinfo/right/Pacific/Niue
index 82fbee71b..2b5abbdd7 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Niue and b/msys2/usr/share/zoneinfo/right/Pacific/Niue differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Norfolk b/msys2/usr/share/zoneinfo/right/Pacific/Norfolk
index 6fd1f8103..7e2a2b12f 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Norfolk and b/msys2/usr/share/zoneinfo/right/Pacific/Norfolk differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Noumea b/msys2/usr/share/zoneinfo/right/Pacific/Noumea
index adc68c164..7f3286c97 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Noumea and b/msys2/usr/share/zoneinfo/right/Pacific/Noumea differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Pago_Pago b/msys2/usr/share/zoneinfo/right/Pacific/Pago_Pago
index c3c184410..496e6c6c4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Pago_Pago and b/msys2/usr/share/zoneinfo/right/Pacific/Pago_Pago differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Palau b/msys2/usr/share/zoneinfo/right/Pacific/Palau
index 912b7b4de..fab263968 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Palau and b/msys2/usr/share/zoneinfo/right/Pacific/Palau differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Pitcairn b/msys2/usr/share/zoneinfo/right/Pacific/Pitcairn
index 987470516..d43855c50 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Pitcairn and b/msys2/usr/share/zoneinfo/right/Pacific/Pitcairn differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Pohnpei b/msys2/usr/share/zoneinfo/right/Pacific/Pohnpei
index d5df0ab6c..e877f0bbb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Pohnpei and b/msys2/usr/share/zoneinfo/right/Pacific/Pohnpei differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Ponape b/msys2/usr/share/zoneinfo/right/Pacific/Ponape
index d5df0ab6c..e877f0bbb 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Ponape and b/msys2/usr/share/zoneinfo/right/Pacific/Ponape differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Port_Moresby b/msys2/usr/share/zoneinfo/right/Pacific/Port_Moresby
index 5fe92a8e6..596a36085 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Port_Moresby and b/msys2/usr/share/zoneinfo/right/Pacific/Port_Moresby differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Rarotonga b/msys2/usr/share/zoneinfo/right/Pacific/Rarotonga
index a09bf78ed..cee2394f9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Rarotonga and b/msys2/usr/share/zoneinfo/right/Pacific/Rarotonga differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Saipan b/msys2/usr/share/zoneinfo/right/Pacific/Saipan
index ac222f705..c13eacdb1 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Saipan and b/msys2/usr/share/zoneinfo/right/Pacific/Saipan differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Samoa b/msys2/usr/share/zoneinfo/right/Pacific/Samoa
index c3c184410..496e6c6c4 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Samoa and b/msys2/usr/share/zoneinfo/right/Pacific/Samoa differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Tahiti b/msys2/usr/share/zoneinfo/right/Pacific/Tahiti
index ce24a7287..0f49dbc1e 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Tahiti and b/msys2/usr/share/zoneinfo/right/Pacific/Tahiti differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Tarawa b/msys2/usr/share/zoneinfo/right/Pacific/Tarawa
index 4d307a4d1..b2b2b6fa3 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Tarawa and b/msys2/usr/share/zoneinfo/right/Pacific/Tarawa differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Tongatapu b/msys2/usr/share/zoneinfo/right/Pacific/Tongatapu
index 903291a94..74988dfff 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Tongatapu and b/msys2/usr/share/zoneinfo/right/Pacific/Tongatapu differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Truk b/msys2/usr/share/zoneinfo/right/Pacific/Truk
index a08376a52..3a5d8cd28 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Truk and b/msys2/usr/share/zoneinfo/right/Pacific/Truk differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Wake b/msys2/usr/share/zoneinfo/right/Pacific/Wake
index 83bd9096e..8bc834a0b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Wake and b/msys2/usr/share/zoneinfo/right/Pacific/Wake differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Wallis b/msys2/usr/share/zoneinfo/right/Pacific/Wallis
index 4908e1204..e450ced98 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Wallis and b/msys2/usr/share/zoneinfo/right/Pacific/Wallis differ
diff --git a/msys2/usr/share/zoneinfo/right/Pacific/Yap b/msys2/usr/share/zoneinfo/right/Pacific/Yap
index a08376a52..3a5d8cd28 100644
Binary files a/msys2/usr/share/zoneinfo/right/Pacific/Yap and b/msys2/usr/share/zoneinfo/right/Pacific/Yap differ
diff --git a/msys2/usr/share/zoneinfo/right/Poland b/msys2/usr/share/zoneinfo/right/Poland
index 4b849f7ae..10a67967b 100644
Binary files a/msys2/usr/share/zoneinfo/right/Poland and b/msys2/usr/share/zoneinfo/right/Poland differ
diff --git a/msys2/usr/share/zoneinfo/right/Portugal b/msys2/usr/share/zoneinfo/right/Portugal
index f4edfff20..28118d80a 100644
Binary files a/msys2/usr/share/zoneinfo/right/Portugal and b/msys2/usr/share/zoneinfo/right/Portugal differ
diff --git a/msys2/usr/share/zoneinfo/right/ROC b/msys2/usr/share/zoneinfo/right/ROC
index 7a92255d5..505d81f27 100644
Binary files a/msys2/usr/share/zoneinfo/right/ROC and b/msys2/usr/share/zoneinfo/right/ROC differ
diff --git a/msys2/usr/share/zoneinfo/right/ROK b/msys2/usr/share/zoneinfo/right/ROK
index ed91b228f..c5161584e 100644
Binary files a/msys2/usr/share/zoneinfo/right/ROK and b/msys2/usr/share/zoneinfo/right/ROK differ
diff --git a/msys2/usr/share/zoneinfo/right/Singapore b/msys2/usr/share/zoneinfo/right/Singapore
index 8a2df894d..ee7925857 100644
Binary files a/msys2/usr/share/zoneinfo/right/Singapore and b/msys2/usr/share/zoneinfo/right/Singapore differ
diff --git a/msys2/usr/share/zoneinfo/right/Turkey b/msys2/usr/share/zoneinfo/right/Turkey
index 27933a5ce..b1c5be3a9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Turkey and b/msys2/usr/share/zoneinfo/right/Turkey differ
diff --git a/msys2/usr/share/zoneinfo/right/UCT b/msys2/usr/share/zoneinfo/right/UCT
index e58d30cc8..18f8b3ca9 100644
Binary files a/msys2/usr/share/zoneinfo/right/UCT and b/msys2/usr/share/zoneinfo/right/UCT differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Alaska b/msys2/usr/share/zoneinfo/right/US/Alaska
index 39c8614d9..ceeeec2a5 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Alaska and b/msys2/usr/share/zoneinfo/right/US/Alaska differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Aleutian b/msys2/usr/share/zoneinfo/right/US/Aleutian
index 49111a008..f2ab522bf 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Aleutian and b/msys2/usr/share/zoneinfo/right/US/Aleutian differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Arizona b/msys2/usr/share/zoneinfo/right/US/Arizona
index 06394ba06..e89241146 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Arizona and b/msys2/usr/share/zoneinfo/right/US/Arizona differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Central b/msys2/usr/share/zoneinfo/right/US/Central
index 291306c36..8595210ef 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Central and b/msys2/usr/share/zoneinfo/right/US/Central differ
diff --git a/msys2/usr/share/zoneinfo/right/US/East-Indiana b/msys2/usr/share/zoneinfo/right/US/East-Indiana
index facb528e2..df3e99933 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/East-Indiana and b/msys2/usr/share/zoneinfo/right/US/East-Indiana differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Eastern b/msys2/usr/share/zoneinfo/right/US/Eastern
index 1436d6473..6a058e9bd 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Eastern and b/msys2/usr/share/zoneinfo/right/US/Eastern differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Hawaii b/msys2/usr/share/zoneinfo/right/US/Hawaii
index 93b237769..fa10ea3e9 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Hawaii and b/msys2/usr/share/zoneinfo/right/US/Hawaii differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Indiana-Starke b/msys2/usr/share/zoneinfo/right/US/Indiana-Starke
index 3780e2a70..9945994e2 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Indiana-Starke and b/msys2/usr/share/zoneinfo/right/US/Indiana-Starke differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Michigan b/msys2/usr/share/zoneinfo/right/US/Michigan
index 3ab92ff34..9e063e187 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Michigan and b/msys2/usr/share/zoneinfo/right/US/Michigan differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Mountain b/msys2/usr/share/zoneinfo/right/US/Mountain
index d482f3910..155b296ee 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Mountain and b/msys2/usr/share/zoneinfo/right/US/Mountain differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Pacific b/msys2/usr/share/zoneinfo/right/US/Pacific
index 7488b09d6..298070976 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Pacific and b/msys2/usr/share/zoneinfo/right/US/Pacific differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Pacific-New b/msys2/usr/share/zoneinfo/right/US/Pacific-New
index 7488b09d6..298070976 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Pacific-New and b/msys2/usr/share/zoneinfo/right/US/Pacific-New differ
diff --git a/msys2/usr/share/zoneinfo/right/US/Samoa b/msys2/usr/share/zoneinfo/right/US/Samoa
index c3c184410..496e6c6c4 100644
Binary files a/msys2/usr/share/zoneinfo/right/US/Samoa and b/msys2/usr/share/zoneinfo/right/US/Samoa differ
diff --git a/msys2/usr/share/zoneinfo/right/UTC b/msys2/usr/share/zoneinfo/right/UTC
index 0ac68dd47..18f8b3ca9 100644
Binary files a/msys2/usr/share/zoneinfo/right/UTC and b/msys2/usr/share/zoneinfo/right/UTC differ
diff --git a/msys2/usr/share/zoneinfo/right/Universal b/msys2/usr/share/zoneinfo/right/Universal
index 0ac68dd47..18f8b3ca9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Universal and b/msys2/usr/share/zoneinfo/right/Universal differ
diff --git a/msys2/usr/share/zoneinfo/right/W-SU b/msys2/usr/share/zoneinfo/right/W-SU
index 41dc43fe2..609f89c59 100644
Binary files a/msys2/usr/share/zoneinfo/right/W-SU and b/msys2/usr/share/zoneinfo/right/W-SU differ
diff --git a/msys2/usr/share/zoneinfo/right/WET b/msys2/usr/share/zoneinfo/right/WET
index 50dbdddc9..9c3226438 100644
Binary files a/msys2/usr/share/zoneinfo/right/WET and b/msys2/usr/share/zoneinfo/right/WET differ
diff --git a/msys2/usr/share/zoneinfo/right/Zulu b/msys2/usr/share/zoneinfo/right/Zulu
index 0ac68dd47..18f8b3ca9 100644
Binary files a/msys2/usr/share/zoneinfo/right/Zulu and b/msys2/usr/share/zoneinfo/right/Zulu differ
diff --git a/msys2/usr/share/zoneinfo/tzdata.zi b/msys2/usr/share/zoneinfo/tzdata.zi
index 0b938fce9..428f440d3 100644
--- a/msys2/usr/share/zoneinfo/tzdata.zi
+++ b/msys2/usr/share/zoneinfo/tzdata.zi
@@ -1,38 +1,38 @@
 # version unknown
 # This zic input file is in the public domain.
-R A 1916 o - Jun 14 23s 1 S
-R A 1916 1919 - O Sun>=1 23s 0 -
-R A 1917 o - Mar 24 23s 1 S
-R A 1918 o - Mar 9 23s 1 S
-R A 1919 o - Mar 1 23s 1 S
-R A 1920 o - F 14 23s 1 S
-R A 1920 o - O 23 23s 0 -
-R A 1921 o - Mar 14 23s 1 S
-R A 1921 o - Jun 21 23s 0 -
-R A 1939 o - S 11 23s 1 S
-R A 1939 o - N 19 1 0 -
-R A 1944 1945 - Ap M>=1 2 1 S
-R A 1944 o - O 8 2 0 -
-R A 1945 o - S 16 1 0 -
-R A 1971 o - Ap 25 23s 1 S
-R A 1971 o - S 26 23s 0 -
-R A 1977 o - May 6 0 1 S
-R A 1977 o - O 21 0 0 -
-R A 1978 o - Mar 24 1 1 S
-R A 1978 o - S 22 3 0 -
-R A 1980 o - Ap 25 0 1 S
-R A 1980 o - O 31 2 0 -
+R d 1916 o - Jun 14 23s 1 S
+R d 1916 1919 - O Sun>=1 23s 0 -
+R d 1917 o - Mar 24 23s 1 S
+R d 1918 o - Mar 9 23s 1 S
+R d 1919 o - Mar 1 23s 1 S
+R d 1920 o - F 14 23s 1 S
+R d 1920 o - O 23 23s 0 -
+R d 1921 o - Mar 14 23s 1 S
+R d 1921 o - Jun 21 23s 0 -
+R d 1939 o - S 11 23s 1 S
+R d 1939 o - N 19 1 0 -
+R d 1944 1945 - Ap M>=1 2 1 S
+R d 1944 o - O 8 2 0 -
+R d 1945 o - S 16 1 0 -
+R d 1971 o - Ap 25 23s 1 S
+R d 1971 o - S 26 23s 0 -
+R d 1977 o - May 6 0 1 S
+R d 1977 o - O 21 0 0 -
+R d 1978 o - Mar 24 1 1 S
+R d 1978 o - S 22 3 0 -
+R d 1980 o - Ap 25 0 1 S
+R d 1980 o - O 31 2 0 -
 Z Africa/Algiers 0:12:12 - LMT 1891 Mar 15 0:1
 0:9:21 - PMT 1911 Mar 11
-0 A WE%sT 1940 F 25 2
-1 A CE%sT 1946 O 7
+0 d WE%sT 1940 F 25 2
+1 d CE%sT 1946 O 7
 0 - WET 1956 Ja 29
 1 - CET 1963 Ap 14
-0 A WE%sT 1977 O 21
-1 A CE%sT 1979 O 26
-0 A WE%sT 1981 May
+0 d WE%sT 1977 O 21
+1 d CE%sT 1979 O 26
+0 d WE%sT 1981 May
 1 - CET
-Z Atlantic/Cape_Verde -1:34:4 - LMT 1907
+Z Atlantic/Cape_Verde -1:34:4 - LMT 1912 Ja 1 2u
 -2 - -02 1942 S
 -2 1 -01 1945 O 15
 -2 - -02 1975 N 25 2
@@ -52,45 +52,45 @@ Li Africa/Abidjan Africa/Lome
 Li Africa/Abidjan Africa/Nouakchott
 Li Africa/Abidjan Africa/Ouagadougou
 Li Africa/Abidjan Atlantic/St_Helena
-R B 1940 o - Jul 15 0 1 S
-R B 1940 o - O 1 0 0 -
-R B 1941 o - Ap 15 0 1 S
-R B 1941 o - S 16 0 0 -
-R B 1942 1944 - Ap 1 0 1 S
-R B 1942 o - O 27 0 0 -
-R B 1943 1945 - N 1 0 0 -
-R B 1945 o - Ap 16 0 1 S
-R B 1957 o - May 10 0 1 S
-R B 1957 1958 - O 1 0 0 -
-R B 1958 o - May 1 0 1 S
-R B 1959 1981 - May 1 1 1 S
-R B 1959 1965 - S 30 3 0 -
-R B 1966 1994 - O 1 3 0 -
-R B 1982 o - Jul 25 1 1 S
-R B 1983 o - Jul 12 1 1 S
-R B 1984 1988 - May 1 1 1 S
-R B 1989 o - May 6 1 1 S
-R B 1990 1994 - May 1 1 1 S
-R B 1995 2010 - Ap lastF 0s 1 S
-R B 1995 2005 - S lastTh 24 0 -
-R B 2006 o - S 21 24 0 -
-R B 2007 o - S Th>=1 24 0 -
-R B 2008 o - Au lastTh 24 0 -
-R B 2009 o - Au 20 24 0 -
-R B 2010 o - Au 10 24 0 -
-R B 2010 o - S 9 24 1 S
-R B 2010 o - S lastTh 24 0 -
-R B 2014 o - May 15 24 1 S
-R B 2014 o - Jun 26 24 0 -
-R B 2014 o - Jul 31 24 1 S
-R B 2014 o - S lastTh 24 0 -
+R K 1940 o - Jul 15 0 1 S
+R K 1940 o - O 1 0 0 -
+R K 1941 o - Ap 15 0 1 S
+R K 1941 o - S 16 0 0 -
+R K 1942 1944 - Ap 1 0 1 S
+R K 1942 o - O 27 0 0 -
+R K 1943 1945 - N 1 0 0 -
+R K 1945 o - Ap 16 0 1 S
+R K 1957 o - May 10 0 1 S
+R K 1957 1958 - O 1 0 0 -
+R K 1958 o - May 1 0 1 S
+R K 1959 1981 - May 1 1 1 S
+R K 1959 1965 - S 30 3 0 -
+R K 1966 1994 - O 1 3 0 -
+R K 1982 o - Jul 25 1 1 S
+R K 1983 o - Jul 12 1 1 S
+R K 1984 1988 - May 1 1 1 S
+R K 1989 o - May 6 1 1 S
+R K 1990 1994 - May 1 1 1 S
+R K 1995 2010 - Ap lastF 0s 1 S
+R K 1995 2005 - S lastTh 24 0 -
+R K 2006 o - S 21 24 0 -
+R K 2007 o - S Th>=1 24 0 -
+R K 2008 o - Au lastTh 24 0 -
+R K 2009 o - Au 20 24 0 -
+R K 2010 o - Au 10 24 0 -
+R K 2010 o - S 9 24 1 S
+R K 2010 o - S lastTh 24 0 -
+R K 2014 o - May 15 24 1 S
+R K 2014 o - Jun 26 24 0 -
+R K 2014 o - Jul 31 24 1 S
+R K 2014 o - S lastTh 24 0 -
 Z Africa/Cairo 2:5:9 - LMT 1900 O
-2 B EE%sT
-R C 1920 1942 - S 1 0 0:20 GHST
-R C 1920 1942 - D 31 0 0 GMT
+2 K EE%sT
+R GH 1920 1942 - S 1 0 0:20 -
+R GH 1920 1942 - D 31 0 0 -
 Z Africa/Accra -0:0:52 - LMT 1918
-0 C GMT/+0020
-Z Africa/Bissau -1:2:20 - LMT 1912
+0 GH GMT/+0020
+Z Africa/Bissau -1:2:20 - LMT 1912 Ja 1 1u
 -1 - -01 1975
 0 - GMT
 Z Africa/Nairobi 2:27:16 - LMT 1928 Jul
@@ -111,99 +111,128 @@ Z Africa/Monrovia -0:43:8 - LMT 1882
 -0:43:8 - MMT 1919 Mar
 -0:44:30 - MMT 1972 Ja 7
 0 - GMT
-R D 1951 o - O 14 2 1 S
-R D 1952 o - Ja 1 0 0 -
-R D 1953 o - O 9 2 1 S
-R D 1954 o - Ja 1 0 0 -
-R D 1955 o - S 30 0 1 S
-R D 1956 o - Ja 1 0 0 -
-R D 1982 1984 - Ap 1 0 1 S
-R D 1982 1985 - O 1 0 0 -
-R D 1985 o - Ap 6 0 1 S
-R D 1986 o - Ap 4 0 1 S
-R D 1986 o - O 3 0 0 -
-R D 1987 1989 - Ap 1 0 1 S
-R D 1987 1989 - O 1 0 0 -
-R D 1997 o - Ap 4 0 1 S
-R D 1997 o - O 4 0 0 -
-R D 2013 o - Mar lastF 1 1 S
-R D 2013 o - O lastF 2 0 -
+R L 1951 o - O 14 2 1 S
+R L 1952 o - Ja 1 0 0 -
+R L 1953 o - O 9 2 1 S
+R L 1954 o - Ja 1 0 0 -
+R L 1955 o - S 30 0 1 S
+R L 1956 o - Ja 1 0 0 -
+R L 1982 1984 - Ap 1 0 1 S
+R L 1982 1985 - O 1 0 0 -
+R L 1985 o - Ap 6 0 1 S
+R L 1986 o - Ap 4 0 1 S
+R L 1986 o - O 3 0 0 -
+R L 1987 1989 - Ap 1 0 1 S
+R L 1987 1989 - O 1 0 0 -
+R L 1997 o - Ap 4 0 1 S
+R L 1997 o - O 4 0 0 -
+R L 2013 o - Mar lastF 1 1 S
+R L 2013 o - O lastF 2 0 -
 Z Africa/Tripoli 0:52:44 - LMT 1920
-1 D CE%sT 1959
+1 L CE%sT 1959
 2 - EET 1982
-1 D CE%sT 1990 May 4
+1 L CE%sT 1990 May 4
 2 - EET 1996 S 30
-1 D CE%sT 1997 O 4
+1 L CE%sT 1997 O 4
 2 - EET 2012 N 10 2
-1 D CE%sT 2013 O 25 2
+1 L CE%sT 2013 O 25 2
 2 - EET
-R E 1982 o - O 10 0 1 S
-R E 1983 o - Mar 21 0 0 -
-R E 2008 o - O lastSun 2 1 S
-R E 2009 o - Mar lastSun 2 0 -
+R MU 1982 o - O 10 0 1 -
+R MU 1983 o - Mar 21 0 0 -
+R MU 2008 o - O lastSun 2 1 -
+R MU 2009 o - Mar lastSun 2 0 -
 Z Indian/Mauritius 3:50 - LMT 1907
-4 E +04/+05
-R F 1939 o - S 12 0 1 S
-R F 1939 o - N 19 0 0 -
-R F 1940 o - F 25 0 1 S
-R F 1945 o - N 18 0 0 -
-R F 1950 o - Jun 11 0 1 S
-R F 1950 o - O 29 0 0 -
-R F 1967 o - Jun 3 12 1 S
-R F 1967 o - O 1 0 0 -
-R F 1974 o - Jun 24 0 1 S
-R F 1974 o - S 1 0 0 -
-R F 1976 1977 - May 1 0 1 S
-R F 1976 o - Au 1 0 0 -
-R F 1977 o - S 28 0 0 -
-R F 1978 o - Jun 1 0 1 S
-R F 1978 o - Au 4 0 0 -
-R F 2008 o - Jun 1 0 1 S
-R F 2008 o - S 1 0 0 -
-R F 2009 o - Jun 1 0 1 S
-R F 2009 o - Au 21 0 0 -
-R F 2010 o - May 2 0 1 S
-R F 2010 o - Au 8 0 0 -
-R F 2011 o - Ap 3 0 1 S
-R F 2011 o - Jul 31 0 0 -
-R F 2012 2013 - Ap lastSun 2 1 S
-R F 2012 o - Jul 20 3 0 -
-R F 2012 o - Au 20 2 1 S
-R F 2012 o - S 30 3 0 -
-R F 2013 o - Jul 7 3 0 -
-R F 2013 o - Au 10 2 1 S
-R F 2013 ma - O lastSun 3 0 -
-R F 2014 2021 - Mar lastSun 2 1 S
-R F 2014 o - Jun 28 3 0 -
-R F 2014 o - Au 2 2 1 S
-R F 2015 o - Jun 14 3 0 -
-R F 2015 o - Jul 19 2 1 S
-R F 2016 o - Jun 5 3 0 -
-R F 2016 o - Jul 10 2 1 S
-R F 2017 o - May 21 3 0 -
-R F 2017 o - Jul 2 2 1 S
-R F 2018 o - May 13 3 0 -
-R F 2018 o - Jun 17 2 1 S
-R F 2019 o - May 5 3 0 -
-R F 2019 o - Jun 9 2 1 S
-R F 2020 o - Ap 19 3 0 -
-R F 2020 o - May 24 2 1 S
-R F 2021 o - Ap 11 3 0 -
-R F 2021 o - May 16 2 1 S
-R F 2022 o - May 8 2 1 S
-R F 2023 o - Ap 23 2 1 S
-R F 2024 o - Ap 14 2 1 S
-R F 2025 o - Ap 6 2 1 S
-R F 2026 ma - Mar lastSun 2 1 S
-R F 2036 o - O 19 3 0 -
-R F 2037 o - O 4 3 0 -
+4 MU +04/+05
+R M 1939 o - S 12 0 1 -
+R M 1939 o - N 19 0 0 -
+R M 1940 o - F 25 0 1 -
+R M 1945 o - N 18 0 0 -
+R M 1950 o - Jun 11 0 1 -
+R M 1950 o - O 29 0 0 -
+R M 1967 o - Jun 3 12 1 -
+R M 1967 o - O 1 0 0 -
+R M 1974 o - Jun 24 0 1 -
+R M 1974 o - S 1 0 0 -
+R M 1976 1977 - May 1 0 1 -
+R M 1976 o - Au 1 0 0 -
+R M 1977 o - S 28 0 0 -
+R M 1978 o - Jun 1 0 1 -
+R M 1978 o - Au 4 0 0 -
+R M 2008 o - Jun 1 0 1 -
+R M 2008 o - S 1 0 0 -
+R M 2009 o - Jun 1 0 1 -
+R M 2009 o - Au 21 0 0 -
+R M 2010 o - May 2 0 1 -
+R M 2010 o - Au 8 0 0 -
+R M 2011 o - Ap 3 0 1 -
+R M 2011 o - Jul 31 0 0 -
+R M 2012 2013 - Ap lastSun 2 1 -
+R M 2012 o - Jul 20 3 0 -
+R M 2012 o - Au 20 2 1 -
+R M 2012 o - S 30 3 0 -
+R M 2013 o - Jul 7 3 0 -
+R M 2013 o - Au 10 2 1 -
+R M 2013 2018 - O lastSun 3 0 -
+R M 2014 2018 - Mar lastSun 2 1 -
+R M 2014 o - Jun 28 3 0 -
+R M 2014 o - Au 2 2 1 -
+R M 2015 o - Jun 14 3 0 -
+R M 2015 o - Jul 19 2 1 -
+R M 2016 o - Jun 5 3 0 -
+R M 2016 o - Jul 10 2 1 -
+R M 2017 o - May 21 3 0 -
+R M 2017 o - Jul 2 2 1 -
+R M 2018 o - May 13 3 0 -
+R M 2018 o - Jun 17 2 1 -
+R M 2019 o - May 5 3 -1 -
+R M 2019 o - Jun 9 2 0 -
+R M 2020 o - Ap 19 3 -1 -
+R M 2020 o - May 24 2 0 -
+R M 2021 o - Ap 11 3 -1 -
+R M 2021 o - May 16 2 0 -
+R M 2022 o - Mar 27 3 -1 -
+R M 2022 o - May 8 2 0 -
+R M 2023 o - Mar 19 3 -1 -
+R M 2023 o - Ap 23 2 0 -
+R M 2024 o - Mar 10 3 -1 -
+R M 2024 o - Ap 14 2 0 -
+R M 2025 o - F 23 3 -1 -
+R M 2025 o - Ap 6 2 0 -
+R M 2026 o - F 15 3 -1 -
+R M 2026 o - Mar 22 2 0 -
+R M 2027 o - F 7 3 -1 -
+R M 2027 o - Mar 14 2 0 -
+R M 2028 o - Ja 23 3 -1 -
+R M 2028 o - F 27 2 0 -
+R M 2029 o - Ja 14 3 -1 -
+R M 2029 o - F 18 2 0 -
+R M 2029 o - D 30 3 -1 -
+R M 2030 o - F 10 2 0 -
+R M 2030 o - D 22 3 -1 -
+R M 2031 o - Ja 26 2 0 -
+R M 2031 o - D 14 3 -1 -
+R M 2032 o - Ja 18 2 0 -
+R M 2032 o - N 28 3 -1 -
+R M 2033 o - Ja 9 2 0 -
+R M 2033 o - N 20 3 -1 -
+R M 2033 o - D 25 2 0 -
+R M 2034 o - N 5 3 -1 -
+R M 2034 o - D 17 2 0 -
+R M 2035 o - O 28 3 -1 -
+R M 2035 o - D 2 2 0 -
+R M 2036 o - O 19 3 -1 -
+R M 2036 o - N 23 2 0 -
+R M 2037 o - O 4 3 -1 -
+R M 2037 o - N 15 2 0 -
 Z Africa/Casablanca -0:30:20 - LMT 1913 O 26
-0 F WE%sT 1984 Mar 16
-1 - CET 1986
-0 F WE%sT
+0 M +00/+01 1984 Mar 16
+1 - +01 1986
+0 M +00/+01 2018 O 28 3
+1 M +01/+00
 Z Africa/El_Aaiun -0:52:48 - LMT 1934
 -1 - -01 1976 Ap 14
-0 F WE%sT
+0 M +00/+01 2018 O 28 3
+1 M +01/+00
 Z Africa/Maputo 2:10:20 - LMT 1903 Mar
 2 - CAT
 Li Africa/Maputo Africa/Blantyre
@@ -213,17 +242,15 @@ Li Africa/Maputo Africa/Harare
 Li Africa/Maputo Africa/Kigali
 Li Africa/Maputo Africa/Lubumbashi
 Li Africa/Maputo Africa/Lusaka
-R G 1994 o - Mar 21 0 0 -
-R G 1994 2016 - S Sun>=1 2 1 S
-R G 1995 2017 - Ap Sun>=1 2 0 -
+R NA 1994 o - Mar 21 0 -1 WAT
+R NA 1994 2017 - S Sun>=1 2 0 CAT
+R NA 1995 2017 - Ap Sun>=1 2 -1 WAT
 Z Africa/Windhoek 1:8:24 - LMT 1892 F 8
 1:30 - +0130 1903 Mar
 2 - SAST 1942 S 20 2
 2 1 SAST 1943 Mar 21 2
 2 - SAST 1990 Mar 21
-2 - CAT 1994 Mar 21
-1 G WA%sT 2017 S 3 2
-2 - CAT
+2 NA %s
 Z Africa/Lagos 0:13:36 - LMT 1919 S
 1 - WAT
 Li Africa/Lagos Africa/Bangui
@@ -238,64 +265,66 @@ Li Africa/Lagos Africa/Porto-Novo
 Z Indian/Reunion 3:41:52 - LMT 1911 Jun
 4 - +04
 Z Africa/Sao_Tome 0:26:56 - LMT 1884
--0:36:45 - LMT 1912
+-0:36:45 - LMT 1912 Ja 1 0u
 0 - GMT 2018 Ja 1 1
-1 - WAT
+1 - WAT 2019 Ja 1 2
+0 - GMT
 Z Indian/Mahe 3:41:48 - LMT 1906 Jun
 4 - +04
-R H 1942 1943 - S Sun>=15 2 1 -
-R H 1943 1944 - Mar Sun>=15 2 0 -
+R SA 1942 1943 - S Sun>=15 2 1 -
+R SA 1943 1944 - Mar Sun>=15 2 0 -
 Z Africa/Johannesburg 1:52 - LMT 1892 F 8
 1:30 - SAST 1903 Mar
-2 H SAST
+2 SA SAST
 Li Africa/Johannesburg Africa/Maseru
 Li Africa/Johannesburg Africa/Mbabane
-R I 1970 o - May 1 0 1 S
-R I 1970 1985 - O 15 0 0 -
-R I 1971 o - Ap 30 0 1 S
-R I 1972 1985 - Ap lastSun 0 1 S
+R SD 1970 o - May 1 0 1 S
+R SD 1970 1985 - O 15 0 0 -
+R SD 1971 o - Ap 30 0 1 S
+R SD 1972 1985 - Ap lastSun 0 1 S
 Z Africa/Khartoum 2:10:8 - LMT 1931
-2 I CA%sT 2000 Ja 15 12
+2 SD CA%sT 2000 Ja 15 12
 3 - EAT 2017 N
 2 - CAT
 Z Africa/Juba 2:6:28 - LMT 1931
-2 I CA%sT 2000 Ja 15 12
+2 SD CA%sT 2000 Ja 15 12
 3 - EAT
-R J 1939 o - Ap 15 23s 1 S
-R J 1939 o - N 18 23s 0 -
-R J 1940 o - F 25 23s 1 S
-R J 1941 o - O 6 0 0 -
-R J 1942 o - Mar 9 0 1 S
-R J 1942 o - N 2 3 0 -
-R J 1943 o - Mar 29 2 1 S
-R J 1943 o - Ap 17 2 0 -
-R J 1943 o - Ap 25 2 1 S
-R J 1943 o - O 4 2 0 -
-R J 1944 1945 - Ap M>=1 2 1 S
-R J 1944 o - O 8 0 0 -
-R J 1945 o - S 16 0 0 -
-R J 1977 o - Ap 30 0s 1 S
-R J 1977 o - S 24 0s 0 -
-R J 1978 o - May 1 0s 1 S
-R J 1978 o - O 1 0s 0 -
-R J 1988 o - Jun 1 0s 1 S
-R J 1988 1990 - S lastSun 0s 0 -
-R J 1989 o - Mar 26 0s 1 S
-R J 1990 o - May 1 0s 1 S
-R J 2005 o - May 1 0s 1 S
-R J 2005 o - S 30 1s 0 -
-R J 2006 2008 - Mar lastSun 2s 1 S
-R J 2006 2008 - O lastSun 2s 0 -
+R n 1939 o - Ap 15 23s 1 S
+R n 1939 o - N 18 23s 0 -
+R n 1940 o - F 25 23s 1 S
+R n 1941 o - O 6 0 0 -
+R n 1942 o - Mar 9 0 1 S
+R n 1942 o - N 2 3 0 -
+R n 1943 o - Mar 29 2 1 S
+R n 1943 o - Ap 17 2 0 -
+R n 1943 o - Ap 25 2 1 S
+R n 1943 o - O 4 2 0 -
+R n 1944 1945 - Ap M>=1 2 1 S
+R n 1944 o - O 8 0 0 -
+R n 1945 o - S 16 0 0 -
+R n 1977 o - Ap 30 0s 1 S
+R n 1977 o - S 24 0s 0 -
+R n 1978 o - May 1 0s 1 S
+R n 1978 o - O 1 0s 0 -
+R n 1988 o - Jun 1 0s 1 S
+R n 1988 1990 - S lastSun 0s 0 -
+R n 1989 o - Mar 26 0s 1 S
+R n 1990 o - May 1 0s 1 S
+R n 2005 o - May 1 0s 1 S
+R n 2005 o - S 30 1s 0 -
+R n 2006 2008 - Mar lastSun 2s 1 S
+R n 2006 2008 - O lastSun 2s 0 -
 Z Africa/Tunis 0:40:44 - LMT 1881 May 12
 0:9:21 - PMT 1911 Mar 11
-1 J CE%sT
+1 n CE%sT
 Z Antarctica/Casey 0 - -00 1969
 8 - +08 2009 O 18 2
 11 - +11 2010 Mar 5 2
 8 - +08 2011 O 28 2
 11 - +11 2012 F 21 17u
 8 - +08 2016 O 22
-11 - +11
+11 - +11 2018 Mar 11 4
+8 - +08
 Z Antarctica/Davis 0 - -00 1957 Ja 13
 7 - +07 1964 N
 0 - -00 1969 F
@@ -315,10 +344,10 @@ Z Antarctica/DumontDUrville 0 - -00 1947
 10 - +10
 Z Antarctica/Syowa 0 - -00 1957 Ja 29
 3 - +03
-R K 2005 ma - Mar lastSun 1u 2 +02
-R K 2004 ma - O lastSun 1u 0 +00
+R Tr 2005 ma - Mar lastSun 1u 2 +02
+R Tr 2004 ma - O lastSun 1u 0 +00
 Z Antarctica/Troll 0 - -00 2005 F 12
-0 K %s
+0 Tr %s
 Z Antarctica/Vostok 0 - -00 1957 D 16
 6 - +06
 Z Antarctica/Rothera 0 - -00 1976 D
@@ -326,33 +355,33 @@ Z Antarctica/Rothera 0 - -00 1976 D
 Z Asia/Kabul 4:36:48 - LMT 1890
 4 - +04 1945
 4:30 - +0430
-R L 2011 o - Mar lastSun 2s 1 S
-R L 2011 o - O lastSun 2s 0 -
+R AM 2011 o - Mar lastSun 2s 1 -
+R AM 2011 o - O lastSun 2s 0 -
 Z Asia/Yerevan 2:58 - LMT 1924 May 2
 3 - +03 1957 Mar
-4 M +04/+05 1991 Mar 31 2s
-3 M +03/+04 1995 S 24 2s
+4 R +04/+05 1991 Mar 31 2s
+3 R +03/+04 1995 S 24 2s
 4 - +04 1997
-4 M +04/+05 2011
-4 L +04/+05
-R N 1997 2015 - Mar lastSun 4 1 S
-R N 1997 2015 - O lastSun 5 0 -
+4 R +04/+05 2011
+4 AM +04/+05
+R AZ 1997 2015 - Mar lastSun 4 1 -
+R AZ 1997 2015 - O lastSun 5 0 -
 Z Asia/Baku 3:19:24 - LMT 1924 May 2
 3 - +03 1957 Mar
-4 M +04/+05 1991 Mar 31 2s
-3 M +03/+04 1992 S lastSun 2s
+4 R +04/+05 1991 Mar 31 2s
+3 R +03/+04 1992 S lastSun 2s
 4 - +04 1996
-4 O +04/+05 1997
-4 N +04/+05
-R P 2009 o - Jun 19 23 1 S
-R P 2009 o - D 31 24 0 -
+4 E +04/+05 1997
+4 AZ +04/+05
+R BD 2009 o - Jun 19 23 1 -
+R BD 2009 o - D 31 24 0 -
 Z Asia/Dhaka 6:1:40 - LMT 1890
 5:53:20 - HMT 1941 O
 6:30 - +0630 1942 May 15
 5:30 - +0530 1942 S
 6:30 - +0630 1951 S 30
 6 - +06 2009
-6 P +06/+07
+6 BD +06/+07
 Z Asia/Thimphu 5:58:36 - LMT 1947 Au 15
 5:30 - +0530 1987 O
 6 - +06
@@ -367,103 +396,126 @@ Z Asia/Yangon 6:24:47 - LMT 1880
 6:30 - +0630 1942 May
 9 - +09 1945 May 3
 6:30 - +0630
-R Q 1940 o - Jun 3 0 1 D
-R Q 1940 1941 - O 1 0 0 S
-R Q 1941 o - Mar 16 0 1 D
-R R 1986 o - May 4 0 1 D
-R R 1986 1991 - S Sun>=11 0 0 S
-R R 1987 1991 - Ap Sun>=10 0 1 D
+R Sh 1940 o - Jun 1 0 1 D
+R Sh 1940 o - O 12 24 0 S
+R Sh 1941 o - Mar 15 0 1 D
+R Sh 1941 o - N 1 24 0 S
+R Sh 1942 o - Ja 31 0 1 D
+R Sh 1945 o - S 1 24 0 S
+R Sh 1946 o - May 15 0 1 D
+R Sh 1946 o - S 30 24 0 S
+R Sh 1947 o - Ap 15 0 1 D
+R Sh 1947 o - O 31 24 0 S
+R Sh 1948 1949 - May 1 0 1 D
+R Sh 1948 1949 - S 30 24 0 S
+R CN 1986 o - May 4 2 1 D
+R CN 1986 1991 - S Sun>=11 2 0 S
+R CN 1987 1991 - Ap Sun>=11 2 1 D
 Z Asia/Shanghai 8:5:43 - LMT 1901
-8 Q C%sT 1949
-8 R C%sT
+8 Sh C%sT 1949 May 28
+8 CN C%sT
 Z Asia/Urumqi 5:50:20 - LMT 1928
 6 - +06
-R S 1941 o - Ap 1 3:30 1 S
-R S 1941 o - S 30 3:30 0 -
-R S 1946 o - Ap 20 3:30 1 S
-R S 1946 o - D 1 3:30 0 -
-R S 1947 o - Ap 13 3:30 1 S
-R S 1947 o - D 30 3:30 0 -
-R S 1948 o - May 2 3:30 1 S
-R S 1948 1951 - O lastSun 3:30 0 -
-R S 1952 o - O 25 3:30 0 -
-R S 1949 1953 - Ap Sun>=1 3:30 1 S
-R S 1953 o - N 1 3:30 0 -
-R S 1954 1964 - Mar Sun>=18 3:30 1 S
-R S 1954 o - O 31 3:30 0 -
-R S 1955 1964 - N Sun>=1 3:30 0 -
-R S 1965 1976 - Ap Sun>=16 3:30 1 S
-R S 1965 1976 - O Sun>=16 3:30 0 -
-R S 1973 o - D 30 3:30 1 S
-R S 1979 o - May Sun>=8 3:30 1 S
-R S 1979 o - O Sun>=16 3:30 0 -
-Z Asia/Hong_Kong 7:36:42 - LMT 1904 O 30
-8 S HK%sT 1941 D 25
-9 - JST 1945 S 15
-8 S HK%sT
-R T 1946 o - May 15 0 1 D
-R T 1946 o - O 1 0 0 S
-R T 1947 o - Ap 15 0 1 D
-R T 1947 o - N 1 0 0 S
-R T 1948 1951 - May 1 0 1 D
-R T 1948 1951 - O 1 0 0 S
-R T 1952 o - Mar 1 0 1 D
-R T 1952 1954 - N 1 0 0 S
-R T 1953 1959 - Ap 1 0 1 D
-R T 1955 1961 - O 1 0 0 S
-R T 1960 1961 - Jun 1 0 1 D
-R T 1974 1975 - Ap 1 0 1 D
-R T 1974 1975 - O 1 0 0 S
-R T 1979 o - Jul 1 0 1 D
-R T 1979 o - O 1 0 0 S
+R HK 1946 o - Ap 20 3:30 1 S
+R HK 1946 o - D 1 3:30 0 -
+R HK 1947 o - Ap 13 3:30 1 S
+R HK 1947 o - D 30 3:30 0 -
+R HK 1948 o - May 2 3:30 1 S
+R HK 1948 1951 - O lastSun 3:30 0 -
+R HK 1952 1953 - N Sun>=1 3:30 0 -
+R HK 1949 1953 - Ap Sun>=1 3:30 1 S
+R HK 1954 1964 - Mar Sun>=18 3:30 1 S
+R HK 1954 o - O 31 3:30 0 -
+R HK 1955 1964 - N Sun>=1 3:30 0 -
+R HK 1965 1976 - Ap Sun>=16 3:30 1 S
+R HK 1965 1976 - O Sun>=16 3:30 0 -
+R HK 1973 o - D 30 3:30 1 S
+R HK 1979 o - May Sun>=8 3:30 1 S
+R HK 1979 o - O Sun>=16 3:30 0 -
+Z Asia/Hong_Kong 7:36:42 - LMT 1904 O 30 0:36:42
+8 - HKT 1941 Jun 15 3:30
+8 1 HKST 1941 O 1 4
+8:30 - HKT 1941 D 25
+9 - JST 1945 S 16
+8 HK HK%sT
+R f 1946 o - May 15 0 1 D
+R f 1946 o - O 1 0 0 S
+R f 1947 o - Ap 15 0 1 D
+R f 1947 o - N 1 0 0 S
+R f 1948 1951 - May 1 0 1 D
+R f 1948 1951 - O 1 0 0 S
+R f 1952 o - Mar 1 0 1 D
+R f 1952 1954 - N 1 0 0 S
+R f 1953 1959 - Ap 1 0 1 D
+R f 1955 1961 - O 1 0 0 S
+R f 1960 1961 - Jun 1 0 1 D
+R f 1974 1975 - Ap 1 0 1 D
+R f 1974 1975 - O 1 0 0 S
+R f 1979 o - Jul 1 0 1 D
+R f 1979 o - O 1 0 0 S
 Z Asia/Taipei 8:6 - LMT 1896
 8 - CST 1937 O
 9 - JST 1945 S 21 1
-8 T C%sT
-R U 1961 1962 - Mar Sun>=16 3:30 1 D
-R U 1961 1964 - N Sun>=1 3:30 0 S
-R U 1963 o - Mar Sun>=16 0 1 D
-R U 1964 o - Mar Sun>=16 3:30 1 D
-R U 1965 o - Mar Sun>=16 0 1 D
-R U 1965 o - O 31 0 0 S
-R U 1966 1971 - Ap Sun>=16 3:30 1 D
-R U 1966 1971 - O Sun>=16 3:30 0 S
-R U 1972 1974 - Ap Sun>=15 0 1 D
-R U 1972 1973 - O Sun>=15 0 0 S
-R U 1974 1977 - O Sun>=15 3:30 0 S
-R U 1975 1977 - Ap Sun>=15 3:30 1 D
-R U 1978 1980 - Ap Sun>=15 0 1 D
-R U 1978 1980 - O Sun>=15 0 0 S
-Z Asia/Macau 7:34:20 - LMT 1912
-8 U C%sT
-R V 1975 o - Ap 13 0 1 S
-R V 1975 o - O 12 0 0 -
-R V 1976 o - May 15 0 1 S
-R V 1976 o - O 11 0 0 -
-R V 1977 1980 - Ap Sun>=1 0 1 S
-R V 1977 o - S 25 0 0 -
-R V 1978 o - O 2 0 0 -
-R V 1979 1997 - S lastSun 0 0 -
-R V 1981 1998 - Mar lastSun 0 1 S
+8 f C%sT
+R _ 1942 1943 - Ap 30 23 1 -
+R _ 1942 o - N 17 23 0 -
+R _ 1943 o - S 30 23 0 S
+R _ 1946 o - Ap 30 23s 1 D
+R _ 1946 o - S 30 23s 0 S
+R _ 1947 o - Ap 19 23s 1 D
+R _ 1947 o - N 30 23s 0 S
+R _ 1948 o - May 2 23s 1 D
+R _ 1948 o - O 31 23s 0 S
+R _ 1949 1950 - Ap Sat>=1 23s 1 D
+R _ 1949 1950 - O lastSat 23s 0 S
+R _ 1951 o - Mar 31 23s 1 D
+R _ 1951 o - O 28 23s 0 S
+R _ 1952 1953 - Ap Sat>=1 23s 1 D
+R _ 1952 o - N 1 23s 0 S
+R _ 1953 1954 - O lastSat 23s 0 S
+R _ 1954 1956 - Mar Sat>=17 23s 1 D
+R _ 1955 o - N 5 23s 0 S
+R _ 1956 1964 - N Sun>=1 3:30 0 S
+R _ 1957 1964 - Mar Sun>=18 3:30 1 D
+R _ 1965 1973 - Ap Sun>=16 3:30 1 D
+R _ 1965 1966 - O Sun>=16 2:30 0 S
+R _ 1967 1976 - O Sun>=16 3:30 0 S
+R _ 1973 o - D 30 3:30 1 D
+R _ 1975 1976 - Ap Sun>=16 3:30 1 D
+R _ 1979 o - May 13 3:30 1 D
+R _ 1979 o - O Sun>=16 3:30 0 S
+Z Asia/Macau 7:34:10 - LMT 1904 O 30
+8 - CST 1941 D 21 23
+9 _ +09/+10 1945 S 30 24
+8 _ C%sT
+R CY 1975 o - Ap 13 0 1 S
+R CY 1975 o - O 12 0 0 -
+R CY 1976 o - May 15 0 1 S
+R CY 1976 o - O 11 0 0 -
+R CY 1977 1980 - Ap Sun>=1 0 1 S
+R CY 1977 o - S 25 0 0 -
+R CY 1978 o - O 2 0 0 -
+R CY 1979 1997 - S lastSun 0 0 -
+R CY 1981 1998 - Mar lastSun 0 1 S
 Z Asia/Nicosia 2:13:28 - LMT 1921 N 14
-2 V EE%sT 1998 S
-2 O EE%sT
+2 CY EE%sT 1998 S
+2 E EE%sT
 Z Asia/Famagusta 2:15:48 - LMT 1921 N 14
-2 V EE%sT 1998 S
-2 O EE%sT 2016 S 8
+2 CY EE%sT 1998 S
+2 E EE%sT 2016 S 8
 3 - +03 2017 O 29 1u
-2 O EE%sT
+2 E EE%sT
 Li Asia/Nicosia Europe/Nicosia
 Z Asia/Tbilisi 2:59:11 - LMT 1880
 2:59:11 - TBMT 1924 May 2
 3 - +03 1957 Mar
-4 M +04/+05 1991 Mar 31 2s
-3 M +03/+04 1992
-3 W +03/+04 1994 S lastSun
-4 W +04/+05 1996 O lastSun
+4 R +04/+05 1991 Mar 31 2s
+3 R +03/+04 1992
+3 e +03/+04 1994 S lastSun
+4 e +04/+05 1996 O lastSun
 4 1 +05 1997 Mar lastSun
-4 W +04/+05 2004 Jun 27
-3 M +03/+04 2005 Mar lastSun 2
+4 e +04/+05 2004 Jun 27
+3 R +03/+04 2005 Mar lastSun 2
 4 - +04
 Z Asia/Dili 8:22:20 - LMT 1912
 8 - +08 1942 F 21 23
@@ -505,72 +557,124 @@ Z Asia/Jayapura 9:22:48 - LMT 1932 N
 9 - +09 1944 S
 9:30 - +0930 1964
 9 - WIT
-R X 1978 1980 - Mar 21 0 1 D
-R X 1978 o - O 21 0 0 S
-R X 1979 o - S 19 0 0 S
-R X 1980 o - S 23 0 0 S
-R X 1991 o - May 3 0 1 D
-R X 1992 1995 - Mar 22 0 1 D
-R X 1991 1995 - S 22 0 0 S
-R X 1996 o - Mar 21 0 1 D
-R X 1996 o - S 21 0 0 S
-R X 1997 1999 - Mar 22 0 1 D
-R X 1997 1999 - S 22 0 0 S
-R X 2000 o - Mar 21 0 1 D
-R X 2000 o - S 21 0 0 S
-R X 2001 2003 - Mar 22 0 1 D
-R X 2001 2003 - S 22 0 0 S
-R X 2004 o - Mar 21 0 1 D
-R X 2004 o - S 21 0 0 S
-R X 2005 o - Mar 22 0 1 D
-R X 2005 o - S 22 0 0 S
-R X 2008 o - Mar 21 0 1 D
-R X 2008 o - S 21 0 0 S
-R X 2009 2011 - Mar 22 0 1 D
-R X 2009 2011 - S 22 0 0 S
-R X 2012 o - Mar 21 0 1 D
-R X 2012 o - S 21 0 0 S
-R X 2013 2015 - Mar 22 0 1 D
-R X 2013 2015 - S 22 0 0 S
-R X 2016 o - Mar 21 0 1 D
-R X 2016 o - S 21 0 0 S
-R X 2017 2019 - Mar 22 0 1 D
-R X 2017 2019 - S 22 0 0 S
-R X 2020 o - Mar 21 0 1 D
-R X 2020 o - S 21 0 0 S
-R X 2021 2023 - Mar 22 0 1 D
-R X 2021 2023 - S 22 0 0 S
-R X 2024 o - Mar 21 0 1 D
-R X 2024 o - S 21 0 0 S
-R X 2025 2027 - Mar 22 0 1 D
-R X 2025 2027 - S 22 0 0 S
-R X 2028 2029 - Mar 21 0 1 D
-R X 2028 2029 - S 21 0 0 S
-R X 2030 2031 - Mar 22 0 1 D
-R X 2030 2031 - S 22 0 0 S
-R X 2032 2033 - Mar 21 0 1 D
-R X 2032 2033 - S 21 0 0 S
-R X 2034 2035 - Mar 22 0 1 D
-R X 2034 2035 - S 22 0 0 S
-R X 2036 ma - Mar 21 0 1 D
-R X 2036 ma - S 21 0 0 S
+R i 1978 1980 - Mar 20 24 1 -
+R i 1978 o - O 20 24 0 -
+R i 1979 o - S 18 24 0 -
+R i 1980 o - S 22 24 0 -
+R i 1991 o - May 2 24 1 -
+R i 1992 1995 - Mar 21 24 1 -
+R i 1991 1995 - S 21 24 0 -
+R i 1996 o - Mar 20 24 1 -
+R i 1996 o - S 20 24 0 -
+R i 1997 1999 - Mar 21 24 1 -
+R i 1997 1999 - S 21 24 0 -
+R i 2000 o - Mar 20 24 1 -
+R i 2000 o - S 20 24 0 -
+R i 2001 2003 - Mar 21 24 1 -
+R i 2001 2003 - S 21 24 0 -
+R i 2004 o - Mar 20 24 1 -
+R i 2004 o - S 20 24 0 -
+R i 2005 o - Mar 21 24 1 -
+R i 2005 o - S 21 24 0 -
+R i 2008 o - Mar 20 24 1 -
+R i 2008 o - S 20 24 0 -
+R i 2009 2011 - Mar 21 24 1 -
+R i 2009 2011 - S 21 24 0 -
+R i 2012 o - Mar 20 24 1 -
+R i 2012 o - S 20 24 0 -
+R i 2013 2015 - Mar 21 24 1 -
+R i 2013 2015 - S 21 24 0 -
+R i 2016 o - Mar 20 24 1 -
+R i 2016 o - S 20 24 0 -
+R i 2017 2019 - Mar 21 24 1 -
+R i 2017 2019 - S 21 24 0 -
+R i 2020 o - Mar 20 24 1 -
+R i 2020 o - S 20 24 0 -
+R i 2021 2023 - Mar 21 24 1 -
+R i 2021 2023 - S 21 24 0 -
+R i 2024 o - Mar 20 24 1 -
+R i 2024 o - S 20 24 0 -
+R i 2025 2027 - Mar 21 24 1 -
+R i 2025 2027 - S 21 24 0 -
+R i 2028 2029 - Mar 20 24 1 -
+R i 2028 2029 - S 20 24 0 -
+R i 2030 2031 - Mar 21 24 1 -
+R i 2030 2031 - S 21 24 0 -
+R i 2032 2033 - Mar 20 24 1 -
+R i 2032 2033 - S 20 24 0 -
+R i 2034 2035 - Mar 21 24 1 -
+R i 2034 2035 - S 21 24 0 -
+R i 2036 2037 - Mar 20 24 1 -
+R i 2036 2037 - S 20 24 0 -
+R i 2038 2039 - Mar 21 24 1 -
+R i 2038 2039 - S 21 24 0 -
+R i 2040 2041 - Mar 20 24 1 -
+R i 2040 2041 - S 20 24 0 -
+R i 2042 2043 - Mar 21 24 1 -
+R i 2042 2043 - S 21 24 0 -
+R i 2044 2045 - Mar 20 24 1 -
+R i 2044 2045 - S 20 24 0 -
+R i 2046 2047 - Mar 21 24 1 -
+R i 2046 2047 - S 21 24 0 -
+R i 2048 2049 - Mar 20 24 1 -
+R i 2048 2049 - S 20 24 0 -
+R i 2050 2051 - Mar 21 24 1 -
+R i 2050 2051 - S 21 24 0 -
+R i 2052 2053 - Mar 20 24 1 -
+R i 2052 2053 - S 20 24 0 -
+R i 2054 2055 - Mar 21 24 1 -
+R i 2054 2055 - S 21 24 0 -
+R i 2056 2057 - Mar 20 24 1 -
+R i 2056 2057 - S 20 24 0 -
+R i 2058 2059 - Mar 21 24 1 -
+R i 2058 2059 - S 21 24 0 -
+R i 2060 2062 - Mar 20 24 1 -
+R i 2060 2062 - S 20 24 0 -
+R i 2063 o - Mar 21 24 1 -
+R i 2063 o - S 21 24 0 -
+R i 2064 2066 - Mar 20 24 1 -
+R i 2064 2066 - S 20 24 0 -
+R i 2067 o - Mar 21 24 1 -
+R i 2067 o - S 21 24 0 -
+R i 2068 2070 - Mar 20 24 1 -
+R i 2068 2070 - S 20 24 0 -
+R i 2071 o - Mar 21 24 1 -
+R i 2071 o - S 21 24 0 -
+R i 2072 2074 - Mar 20 24 1 -
+R i 2072 2074 - S 20 24 0 -
+R i 2075 o - Mar 21 24 1 -
+R i 2075 o - S 21 24 0 -
+R i 2076 2078 - Mar 20 24 1 -
+R i 2076 2078 - S 20 24 0 -
+R i 2079 o - Mar 21 24 1 -
+R i 2079 o - S 21 24 0 -
+R i 2080 2082 - Mar 20 24 1 -
+R i 2080 2082 - S 20 24 0 -
+R i 2083 o - Mar 21 24 1 -
+R i 2083 o - S 21 24 0 -
+R i 2084 2086 - Mar 20 24 1 -
+R i 2084 2086 - S 20 24 0 -
+R i 2087 o - Mar 21 24 1 -
+R i 2087 o - S 21 24 0 -
+R i 2088 ma - Mar 20 24 1 -
+R i 2088 ma - S 20 24 0 -
 Z Asia/Tehran 3:25:44 - LMT 1916
 3:25:44 - TMT 1946
 3:30 - +0330 1977 N
-4 X +04/+05 1979
-3:30 X +0330/+0430
-R Y 1982 o - May 1 0 1 D
-R Y 1982 1984 - O 1 0 0 S
-R Y 1983 o - Mar 31 0 1 D
-R Y 1984 1985 - Ap 1 0 1 D
-R Y 1985 1990 - S lastSun 1s 0 S
-R Y 1986 1990 - Mar lastSun 1s 1 D
-R Y 1991 2007 - Ap 1 3s 1 D
-R Y 1991 2007 - O 1 3s 0 S
+4 i +04/+05 1979
+3:30 i +0330/+0430
+R IQ 1982 o - May 1 0 1 -
+R IQ 1982 1984 - O 1 0 0 -
+R IQ 1983 o - Mar 31 0 1 -
+R IQ 1984 1985 - Ap 1 0 1 -
+R IQ 1985 1990 - S lastSun 1s 0 -
+R IQ 1986 1990 - Mar lastSun 1s 1 -
+R IQ 1991 2007 - Ap 1 3s 1 -
+R IQ 1991 2007 - O 1 3s 0 -
 Z Asia/Baghdad 2:57:40 - LMT 1890
 2:57:36 - BMT 1918
 3 - +03 1982 May
-3 Y +03/+04
+3 IQ +03/+04
 R Z 1940 o - Jun 1 0 1 D
 R Z 1942 1944 - N 1 0 0 S
 R Z 1943 o - Ap 1 2 1 D
@@ -603,6 +707,10 @@ R Z 1974 o - Jul 7 0 1 D
 R Z 1974 o - O 13 0 0 S
 R Z 1975 o - Ap 20 0 1 D
 R Z 1975 o - Au 31 0 0 S
+R Z 1980 o - Au 2 0 1 D
+R Z 1980 o - S 13 1 0 S
+R Z 1984 o - May 5 0 1 D
+R Z 1984 o - Au 25 1 0 S
 R Z 1985 o - Ap 14 0 1 D
 R Z 1985 o - S 15 0 0 S
 R Z 1986 o - May 18 0 1 D
@@ -660,162 +768,173 @@ R Z 2013 ma - O lastSun 2 0 S
 Z Asia/Jerusalem 2:20:54 - LMT 1880
 2:20:40 - JMT 1918
 2 Z I%sT
-R a 1948 o - May Sat>=1 24 1 D
-R a 1948 1951 - S Sun>=9 0 0 S
-R a 1949 o - Ap Sat>=1 24 1 D
-R a 1950 1951 - May Sat>=1 24 1 D
+R JP 1948 o - May Sat>=1 24 1 D
+R JP 1948 1951 - S Sat>=8 25 0 S
+R JP 1949 o - Ap Sat>=1 24 1 D
+R JP 1950 1951 - May Sat>=1 24 1 D
 Z Asia/Tokyo 9:18:59 - LMT 1887 D 31 15u
-9 a J%sT
-R b 1973 o - Jun 6 0 1 S
-R b 1973 1975 - O 1 0 0 -
-R b 1974 1977 - May 1 0 1 S
-R b 1976 o - N 1 0 0 -
-R b 1977 o - O 1 0 0 -
-R b 1978 o - Ap 30 0 1 S
-R b 1978 o - S 30 0 0 -
-R b 1985 o - Ap 1 0 1 S
-R b 1985 o - O 1 0 0 -
-R b 1986 1988 - Ap F>=1 0 1 S
-R b 1986 1990 - O F>=1 0 0 -
-R b 1989 o - May 8 0 1 S
-R b 1990 o - Ap 27 0 1 S
-R b 1991 o - Ap 17 0 1 S
-R b 1991 o - S 27 0 0 -
-R b 1992 o - Ap 10 0 1 S
-R b 1992 1993 - O F>=1 0 0 -
-R b 1993 1998 - Ap F>=1 0 1 S
-R b 1994 o - S F>=15 0 0 -
-R b 1995 1998 - S F>=15 0s 0 -
-R b 1999 o - Jul 1 0s 1 S
-R b 1999 2002 - S lastF 0s 0 -
-R b 2000 2001 - Mar lastTh 0s 1 S
-R b 2002 2012 - Mar lastTh 24 1 S
-R b 2003 o - O 24 0s 0 -
-R b 2004 o - O 15 0s 0 -
-R b 2005 o - S lastF 0s 0 -
-R b 2006 2011 - O lastF 0s 0 -
-R b 2013 o - D 20 0 0 -
-R b 2014 ma - Mar lastTh 24 1 S
-R b 2014 ma - O lastF 0s 0 -
+9 JP J%sT
+R J 1973 o - Jun 6 0 1 S
+R J 1973 1975 - O 1 0 0 -
+R J 1974 1977 - May 1 0 1 S
+R J 1976 o - N 1 0 0 -
+R J 1977 o - O 1 0 0 -
+R J 1978 o - Ap 30 0 1 S
+R J 1978 o - S 30 0 0 -
+R J 1985 o - Ap 1 0 1 S
+R J 1985 o - O 1 0 0 -
+R J 1986 1988 - Ap F>=1 0 1 S
+R J 1986 1990 - O F>=1 0 0 -
+R J 1989 o - May 8 0 1 S
+R J 1990 o - Ap 27 0 1 S
+R J 1991 o - Ap 17 0 1 S
+R J 1991 o - S 27 0 0 -
+R J 1992 o - Ap 10 0 1 S
+R J 1992 1993 - O F>=1 0 0 -
+R J 1993 1998 - Ap F>=1 0 1 S
+R J 1994 o - S F>=15 0 0 -
+R J 1995 1998 - S F>=15 0s 0 -
+R J 1999 o - Jul 1 0s 1 S
+R J 1999 2002 - S lastF 0s 0 -
+R J 2000 2001 - Mar lastTh 0s 1 S
+R J 2002 2012 - Mar lastTh 24 1 S
+R J 2003 o - O 24 0s 0 -
+R J 2004 o - O 15 0s 0 -
+R J 2005 o - S lastF 0s 0 -
+R J 2006 2011 - O lastF 0s 0 -
+R J 2013 o - D 20 0 0 -
+R J 2014 ma - Mar lastTh 24 1 S
+R J 2014 ma - O lastF 0s 0 -
 Z Asia/Amman 2:23:44 - LMT 1931
-2 b EE%sT
+2 J EE%sT
 Z Asia/Almaty 5:7:48 - LMT 1924 May 2
 5 - +05 1930 Jun 21
-6 M +06/+07 1991 Mar 31 2s
-5 M +05/+06 1992 Ja 19 2s
-6 M +06/+07 2004 O 31 2s
+6 R +06/+07 1991 Mar 31 2s
+5 R +05/+06 1992 Ja 19 2s
+6 R +06/+07 2004 O 31 2s
 6 - +06
 Z Asia/Qyzylorda 4:21:52 - LMT 1924 May 2
 4 - +04 1930 Jun 21
 5 - +05 1981 Ap
 5 1 +06 1981 O
 6 - +06 1982 Ap
-5 M +05/+06 1991 Mar 31 2s
-4 M +04/+05 1991 S 29 2s
-5 M +05/+06 1992 Ja 19 2s
-6 M +06/+07 1992 Mar 29 2s
-5 M +05/+06 2004 O 31 2s
+5 R +05/+06 1991 Mar 31 2s
+4 R +04/+05 1991 S 29 2s
+5 R +05/+06 1992 Ja 19 2s
+6 R +06/+07 1992 Mar 29 2s
+5 R +05/+06 2004 O 31 2s
+6 - +06 2018 D 21
+5 - +05
+Z Asia/Qostanay 4:14:28 - LMT 1924 May 2
+4 - +04 1930 Jun 21
+5 - +05 1981 Ap
+5 1 +06 1981 O
+6 - +06 1982 Ap
+5 R +05/+06 1991 Mar 31 2s
+4 R +04/+05 1992 Ja 19 2s
+5 R +05/+06 2004 O 31 2s
 6 - +06
 Z Asia/Aqtobe 3:48:40 - LMT 1924 May 2
 4 - +04 1930 Jun 21
 5 - +05 1981 Ap
 5 1 +06 1981 O
 6 - +06 1982 Ap
-5 M +05/+06 1991 Mar 31 2s
-4 M +04/+05 1992 Ja 19 2s
-5 M +05/+06 2004 O 31 2s
+5 R +05/+06 1991 Mar 31 2s
+4 R +04/+05 1992 Ja 19 2s
+5 R +05/+06 2004 O 31 2s
 5 - +05
 Z Asia/Aqtau 3:21:4 - LMT 1924 May 2
 4 - +04 1930 Jun 21
 5 - +05 1981 O
 6 - +06 1982 Ap
-5 M +05/+06 1991 Mar 31 2s
-4 M +04/+05 1992 Ja 19 2s
-5 M +05/+06 1994 S 25 2s
-4 M +04/+05 2004 O 31 2s
+5 R +05/+06 1991 Mar 31 2s
+4 R +04/+05 1992 Ja 19 2s
+5 R +05/+06 1994 S 25 2s
+4 R +04/+05 2004 O 31 2s
 5 - +05
 Z Asia/Atyrau 3:27:44 - LMT 1924 May 2
 3 - +03 1930 Jun 21
 5 - +05 1981 O
 6 - +06 1982 Ap
-5 M +05/+06 1991 Mar 31 2s
-4 M +04/+05 1992 Ja 19 2s
-5 M +05/+06 1999 Mar 28 2s
-4 M +04/+05 2004 O 31 2s
+5 R +05/+06 1991 Mar 31 2s
+4 R +04/+05 1992 Ja 19 2s
+5 R +05/+06 1999 Mar 28 2s
+4 R +04/+05 2004 O 31 2s
 5 - +05
 Z Asia/Oral 3:25:24 - LMT 1924 May 2
 3 - +03 1930 Jun 21
 5 - +05 1981 Ap
 5 1 +06 1981 O
 6 - +06 1982 Ap
-5 M +05/+06 1989 Mar 26 2s
-4 M +04/+05 1992 Ja 19 2s
-5 M +05/+06 1992 Mar 29 2s
-4 M +04/+05 2004 O 31 2s
+5 R +05/+06 1989 Mar 26 2s
+4 R +04/+05 1992 Ja 19 2s
+5 R +05/+06 1992 Mar 29 2s
+4 R +04/+05 2004 O 31 2s
 5 - +05
-R c 1992 1996 - Ap Sun>=7 0s 1 S
-R c 1992 1996 - S lastSun 0 0 -
-R c 1997 2005 - Mar lastSun 2:30 1 S
-R c 1997 2004 - O lastSun 2:30 0 -
+R KG 1992 1996 - Ap Sun>=7 0s 1 -
+R KG 1992 1996 - S lastSun 0 0 -
+R KG 1997 2005 - Mar lastSun 2:30 1 -
+R KG 1997 2004 - O lastSun 2:30 0 -
 Z Asia/Bishkek 4:58:24 - LMT 1924 May 2
 5 - +05 1930 Jun 21
-6 M +06/+07 1991 Mar 31 2s
-5 M +05/+06 1991 Au 31 2
-5 c +05/+06 2005 Au 12
+6 R +06/+07 1991 Mar 31 2s
+5 R +05/+06 1991 Au 31 2
+5 KG +05/+06 2005 Au 12
 6 - +06
-R d 1948 o - Jun 1 0 1 D
-R d 1948 o - S 13 0 0 S
-R d 1949 o - Ap 3 0 1 D
-R d 1949 1951 - S Sun>=8 0 0 S
-R d 1950 o - Ap 1 0 1 D
-R d 1951 o - May 6 0 1 D
-R d 1955 o - May 5 0 1 D
-R d 1955 o - S 9 0 0 S
-R d 1956 o - May 20 0 1 D
-R d 1956 o - S 30 0 0 S
-R d 1957 1960 - May Sun>=1 0 1 D
-R d 1957 1960 - S Sun>=18 0 0 S
-R d 1987 1988 - May Sun>=8 2 1 D
-R d 1987 1988 - O Sun>=8 3 0 S
+R KR 1948 o - Jun 1 0 1 D
+R KR 1948 o - S 12 24 0 S
+R KR 1949 o - Ap 3 0 1 D
+R KR 1949 1951 - S Sat>=7 24 0 S
+R KR 1950 o - Ap 1 0 1 D
+R KR 1951 o - May 6 0 1 D
+R KR 1955 o - May 5 0 1 D
+R KR 1955 o - S 8 24 0 S
+R KR 1956 o - May 20 0 1 D
+R KR 1956 o - S 29 24 0 S
+R KR 1957 1960 - May Sun>=1 0 1 D
+R KR 1957 1960 - S Sat>=17 24 0 S
+R KR 1987 1988 - May Sun>=8 2 1 D
+R KR 1987 1988 - O Sun>=8 3 0 S
 Z Asia/Seoul 8:27:52 - LMT 1908 Ap
 8:30 - KST 1912
 9 - JST 1945 S 8
 9 - KST 1954 Mar 21
-8:30 d K%sT 1961 Au 10
-9 d K%sT
+8:30 KR K%sT 1961 Au 10
+9 KR K%sT
 Z Asia/Pyongyang 8:23 - LMT 1908 Ap
 8:30 - KST 1912
 9 - JST 1945 Au 24
 9 - KST 2015 Au 15
-8:30 - KST
-R e 1920 o - Mar 28 0 1 S
-R e 1920 o - O 25 0 0 -
-R e 1921 o - Ap 3 0 1 S
-R e 1921 o - O 3 0 0 -
-R e 1922 o - Mar 26 0 1 S
-R e 1922 o - O 8 0 0 -
-R e 1923 o - Ap 22 0 1 S
-R e 1923 o - S 16 0 0 -
-R e 1957 1961 - May 1 0 1 S
-R e 1957 1961 - O 1 0 0 -
-R e 1972 o - Jun 22 0 1 S
-R e 1972 1977 - O 1 0 0 -
-R e 1973 1977 - May 1 0 1 S
-R e 1978 o - Ap 30 0 1 S
-R e 1978 o - S 30 0 0 -
-R e 1984 1987 - May 1 0 1 S
-R e 1984 1991 - O 16 0 0 -
-R e 1988 o - Jun 1 0 1 S
-R e 1989 o - May 10 0 1 S
-R e 1990 1992 - May 1 0 1 S
-R e 1992 o - O 4 0 0 -
-R e 1993 ma - Mar lastSun 0 1 S
-R e 1993 1998 - S lastSun 0 0 -
-R e 1999 ma - O lastSun 0 0 -
+8:30 - KST 2018 May 4 23:30
+9 - KST
+R l 1920 o - Mar 28 0 1 S
+R l 1920 o - O 25 0 0 -
+R l 1921 o - Ap 3 0 1 S
+R l 1921 o - O 3 0 0 -
+R l 1922 o - Mar 26 0 1 S
+R l 1922 o - O 8 0 0 -
+R l 1923 o - Ap 22 0 1 S
+R l 1923 o - S 16 0 0 -
+R l 1957 1961 - May 1 0 1 S
+R l 1957 1961 - O 1 0 0 -
+R l 1972 o - Jun 22 0 1 S
+R l 1972 1977 - O 1 0 0 -
+R l 1973 1977 - May 1 0 1 S
+R l 1978 o - Ap 30 0 1 S
+R l 1978 o - S 30 0 0 -
+R l 1984 1987 - May 1 0 1 S
+R l 1984 1991 - O 16 0 0 -
+R l 1988 o - Jun 1 0 1 S
+R l 1989 o - May 10 0 1 S
+R l 1990 1992 - May 1 0 1 S
+R l 1992 o - O 4 0 0 -
+R l 1993 ma - Mar lastSun 0 1 S
+R l 1993 1998 - S lastSun 0 0 -
+R l 1999 ma - O lastSun 0 0 -
 Z Asia/Beirut 2:22 - LMT 1880
-2 e EE%sT
-R f 1935 1941 - S 14 0 0:20 TS
-R f 1935 1941 - D 14 0 0 -
+2 l EE%sT
+R NB 1935 1941 - S 14 0 0:20 -
+R NB 1935 1941 - D 14 0 0 -
 Z Asia/Kuala_Lumpur 6:46:46 - LMT 1901
 6:55:25 - SMT 1905 Jun
 7 - +07 1933
@@ -827,98 +946,98 @@ Z Asia/Kuala_Lumpur 6:46:46 - LMT 1901
 8 - +08
 Z Asia/Kuching 7:21:20 - LMT 1926 Mar
 7:30 - +0730 1933
-8 f +08/+0820 1942 F 16
+8 NB +08/+0820 1942 F 16
 9 - +09 1945 S 12
 8 - +08
 Z Indian/Maldives 4:54 - LMT 1880
 4:54 - MMT 1960
 5 - +05
-R g 1983 1984 - Ap 1 0 1 S
-R g 1983 o - O 1 0 0 -
-R g 1985 1998 - Mar lastSun 0 1 S
-R g 1984 1998 - S lastSun 0 0 -
-R g 2001 o - Ap lastSat 2 1 S
-R g 2001 2006 - S lastSat 2 0 -
-R g 2002 2006 - Mar lastSat 2 1 S
-R g 2015 2016 - Mar lastSat 2 1 S
-R g 2015 2016 - S lastSat 0 0 -
+R X 1983 1984 - Ap 1 0 1 -
+R X 1983 o - O 1 0 0 -
+R X 1985 1998 - Mar lastSun 0 1 -
+R X 1984 1998 - S lastSun 0 0 -
+R X 2001 o - Ap lastSat 2 1 -
+R X 2001 2006 - S lastSat 2 0 -
+R X 2002 2006 - Mar lastSat 2 1 -
+R X 2015 2016 - Mar lastSat 2 1 -
+R X 2015 2016 - S lastSat 0 0 -
 Z Asia/Hovd 6:6:36 - LMT 1905 Au
 6 - +06 1978
-7 g +07/+08
+7 X +07/+08
 Z Asia/Ulaanbaatar 7:7:32 - LMT 1905 Au
 7 - +07 1978
-8 g +08/+09
+8 X +08/+09
 Z Asia/Choibalsan 7:38 - LMT 1905 Au
 7 - +07 1978
 8 - +08 1983 Ap
-9 g +09/+10 2008 Mar 31
-8 g +08/+09
+9 X +09/+10 2008 Mar 31
+8 X +08/+09
 Z Asia/Kathmandu 5:41:16 - LMT 1920
 5:30 - +0530 1986
 5:45 - +0545
-R h 2002 o - Ap Sun>=2 0 1 S
-R h 2002 o - O Sun>=2 0 0 -
-R h 2008 o - Jun 1 0 1 S
-R h 2008 2009 - N 1 0 0 -
-R h 2009 o - Ap 15 0 1 S
+R PK 2002 o - Ap Sun>=2 0 1 S
+R PK 2002 o - O Sun>=2 0 0 -
+R PK 2008 o - Jun 1 0 1 S
+R PK 2008 2009 - N 1 0 0 -
+R PK 2009 o - Ap 15 0 1 S
 Z Asia/Karachi 4:28:12 - LMT 1907
 5:30 - +0530 1942 S
 5:30 1 +0630 1945 O 15
 5:30 - +0530 1951 S 30
 5 - +05 1971 Mar 26
-5 h PK%sT
-R i 1999 2005 - Ap F>=15 0 1 S
-R i 1999 2003 - O F>=15 0 0 -
-R i 2004 o - O 1 1 0 -
-R i 2005 o - O 4 2 0 -
-R i 2006 2007 - Ap 1 0 1 S
-R i 2006 o - S 22 0 0 -
-R i 2007 o - S Th>=8 2 0 -
-R i 2008 2009 - Mar lastF 0 1 S
-R i 2008 o - S 1 0 0 -
-R i 2009 o - S F>=1 1 0 -
-R i 2010 o - Mar 26 0 1 S
-R i 2010 o - Au 11 0 0 -
-R i 2011 o - Ap 1 0:1 1 S
-R i 2011 o - Au 1 0 0 -
-R i 2011 o - Au 30 0 1 S
-R i 2011 o - S 30 0 0 -
-R i 2012 2014 - Mar lastTh 24 1 S
-R i 2012 o - S 21 1 0 -
-R i 2013 o - S F>=21 0 0 -
-R i 2014 2015 - O F>=21 0 0 -
-R i 2015 o - Mar lastF 24 1 S
-R i 2016 ma - Mar lastSat 1 1 S
-R i 2016 ma - O lastSat 1 0 -
+5 PK PK%sT
+R P 1999 2005 - Ap F>=15 0 1 S
+R P 1999 2003 - O F>=15 0 0 -
+R P 2004 o - O 1 1 0 -
+R P 2005 o - O 4 2 0 -
+R P 2006 2007 - Ap 1 0 1 S
+R P 2006 o - S 22 0 0 -
+R P 2007 o - S Th>=8 2 0 -
+R P 2008 2009 - Mar lastF 0 1 S
+R P 2008 o - S 1 0 0 -
+R P 2009 o - S F>=1 1 0 -
+R P 2010 o - Mar 26 0 1 S
+R P 2010 o - Au 11 0 0 -
+R P 2011 o - Ap 1 0:1 1 S
+R P 2011 o - Au 1 0 0 -
+R P 2011 o - Au 30 0 1 S
+R P 2011 o - S 30 0 0 -
+R P 2012 2014 - Mar lastTh 24 1 S
+R P 2012 o - S 21 1 0 -
+R P 2013 o - S F>=21 0 0 -
+R P 2014 2015 - O F>=21 0 0 -
+R P 2015 o - Mar lastF 24 1 S
+R P 2016 ma - Mar Sat>=24 1 1 S
+R P 2016 ma - O lastSat 1 0 -
 Z Asia/Gaza 2:17:52 - LMT 1900 O
 2 Z EET/EEST 1948 May 15
-2 B EE%sT 1967 Jun 5
+2 K EE%sT 1967 Jun 5
 2 Z I%sT 1996
-2 b EE%sT 1999
-2 i EE%sT 2008 Au 29
+2 J EE%sT 1999
+2 P EE%sT 2008 Au 29
 2 - EET 2008 S
-2 i EE%sT 2010
+2 P EE%sT 2010
 2 - EET 2010 Mar 27 0:1
-2 i EE%sT 2011 Au
+2 P EE%sT 2011 Au
 2 - EET 2012
-2 i EE%sT
+2 P EE%sT
 Z Asia/Hebron 2:20:23 - LMT 1900 O
 2 Z EET/EEST 1948 May 15
-2 B EE%sT 1967 Jun 5
+2 K EE%sT 1967 Jun 5
 2 Z I%sT 1996
-2 b EE%sT 1999
-2 i EE%sT
-R j 1936 o - N 1 0 1 S
-R j 1937 o - F 1 0 0 -
-R j 1954 o - Ap 12 0 1 S
-R j 1954 o - Jul 1 0 0 -
-R j 1978 o - Mar 22 0 1 S
-R j 1978 o - S 21 0 0 -
+2 J EE%sT 1999
+2 P EE%sT
+R PH 1936 o - N 1 0 1 D
+R PH 1937 o - F 1 0 0 S
+R PH 1954 o - Ap 12 0 1 D
+R PH 1954 o - Jul 1 0 0 S
+R PH 1978 o - Mar 22 0 1 D
+R PH 1978 o - S 21 0 0 S
 Z Asia/Manila -15:56 - LMT 1844 D 31
 8:4 - LMT 1899 May 11
-8 j +08/+09 1942 May
-9 - +09 1944 N
-8 j +08/+09
+8 PH P%sT 1942 May
+9 - JST 1944 N
+8 PH P%sT
 Z Asia/Qatar 3:26:8 - LMT 1920
 4 - +04 1972 Jun
 3 - +03
@@ -945,52 +1064,52 @@ Z Asia/Colombo 5:19:24 - LMT 1880
 6:30 - +0630 1996 O 26 0:30
 6 - +06 2006 Ap 15 0:30
 5:30 - +0530
-R k 1920 1923 - Ap Sun>=15 2 1 S
-R k 1920 1923 - O Sun>=1 2 0 -
-R k 1962 o - Ap 29 2 1 S
-R k 1962 o - O 1 2 0 -
-R k 1963 1965 - May 1 2 1 S
-R k 1963 o - S 30 2 0 -
-R k 1964 o - O 1 2 0 -
-R k 1965 o - S 30 2 0 -
-R k 1966 o - Ap 24 2 1 S
-R k 1966 1976 - O 1 2 0 -
-R k 1967 1978 - May 1 2 1 S
-R k 1977 1978 - S 1 2 0 -
-R k 1983 1984 - Ap 9 2 1 S
-R k 1983 1984 - O 1 2 0 -
-R k 1986 o - F 16 2 1 S
-R k 1986 o - O 9 2 0 -
-R k 1987 o - Mar 1 2 1 S
-R k 1987 1988 - O 31 2 0 -
-R k 1988 o - Mar 15 2 1 S
-R k 1989 o - Mar 31 2 1 S
-R k 1989 o - O 1 2 0 -
-R k 1990 o - Ap 1 2 1 S
-R k 1990 o - S 30 2 0 -
-R k 1991 o - Ap 1 0 1 S
-R k 1991 1992 - O 1 0 0 -
-R k 1992 o - Ap 8 0 1 S
-R k 1993 o - Mar 26 0 1 S
-R k 1993 o - S 25 0 0 -
-R k 1994 1996 - Ap 1 0 1 S
-R k 1994 2005 - O 1 0 0 -
-R k 1997 1998 - Mar lastM 0 1 S
-R k 1999 2006 - Ap 1 0 1 S
-R k 2006 o - S 22 0 0 -
-R k 2007 o - Mar lastF 0 1 S
-R k 2007 o - N F>=1 0 0 -
-R k 2008 o - Ap F>=1 0 1 S
-R k 2008 o - N 1 0 0 -
-R k 2009 o - Mar lastF 0 1 S
-R k 2010 2011 - Ap F>=1 0 1 S
-R k 2012 ma - Mar lastF 0 1 S
-R k 2009 ma - O lastF 0 0 -
+R S 1920 1923 - Ap Sun>=15 2 1 S
+R S 1920 1923 - O Sun>=1 2 0 -
+R S 1962 o - Ap 29 2 1 S
+R S 1962 o - O 1 2 0 -
+R S 1963 1965 - May 1 2 1 S
+R S 1963 o - S 30 2 0 -
+R S 1964 o - O 1 2 0 -
+R S 1965 o - S 30 2 0 -
+R S 1966 o - Ap 24 2 1 S
+R S 1966 1976 - O 1 2 0 -
+R S 1967 1978 - May 1 2 1 S
+R S 1977 1978 - S 1 2 0 -
+R S 1983 1984 - Ap 9 2 1 S
+R S 1983 1984 - O 1 2 0 -
+R S 1986 o - F 16 2 1 S
+R S 1986 o - O 9 2 0 -
+R S 1987 o - Mar 1 2 1 S
+R S 1987 1988 - O 31 2 0 -
+R S 1988 o - Mar 15 2 1 S
+R S 1989 o - Mar 31 2 1 S
+R S 1989 o - O 1 2 0 -
+R S 1990 o - Ap 1 2 1 S
+R S 1990 o - S 30 2 0 -
+R S 1991 o - Ap 1 0 1 S
+R S 1991 1992 - O 1 0 0 -
+R S 1992 o - Ap 8 0 1 S
+R S 1993 o - Mar 26 0 1 S
+R S 1993 o - S 25 0 0 -
+R S 1994 1996 - Ap 1 0 1 S
+R S 1994 2005 - O 1 0 0 -
+R S 1997 1998 - Mar lastM 0 1 S
+R S 1999 2006 - Ap 1 0 1 S
+R S 2006 o - S 22 0 0 -
+R S 2007 o - Mar lastF 0 1 S
+R S 2007 o - N F>=1 0 0 -
+R S 2008 o - Ap F>=1 0 1 S
+R S 2008 o - N 1 0 0 -
+R S 2009 o - Mar lastF 0 1 S
+R S 2010 2011 - Ap F>=1 0 1 S
+R S 2012 ma - Mar lastF 0 1 S
+R S 2009 ma - O lastF 0 0 -
 Z Asia/Damascus 2:25:12 - LMT 1920
-2 k EE%sT
+2 S EE%sT
 Z Asia/Dushanbe 4:35:12 - LMT 1924 May 2
 5 - +05 1930 Jun 21
-6 M +06/+07 1991 Mar 31 2s
+6 R +06/+07 1991 Mar 31 2s
 5 1 +05/+06 1991 S 9 2s
 5 - +05
 Z Asia/Bangkok 6:42:4 - LMT 1880
@@ -1000,8 +1119,8 @@ Li Asia/Bangkok Asia/Phnom_Penh
 Li Asia/Bangkok Asia/Vientiane
 Z Asia/Ashgabat 3:53:32 - LMT 1924 May 2
 4 - +04 1930 Jun 21
-5 M +05/+06 1991 Mar 31 2
-4 M +04/+05 1992 Ja 19 2
+5 R +05/+06 1991 Mar 31 2
+4 R +04/+05 1992 Ja 19 2
 5 - +05
 Z Asia/Dubai 3:41:12 - LMT 1920
 4 - +04
@@ -1011,12 +1130,12 @@ Z Asia/Samarkand 4:27:53 - LMT 1924 May 2
 5 - +05 1981 Ap
 5 1 +06 1981 O
 6 - +06 1982 Ap
-5 M +05/+06 1992
+5 R +05/+06 1992
 5 - +05
 Z Asia/Tashkent 4:37:11 - LMT 1924 May 2
 5 - +05 1930 Jun 21
-6 M +06/+07 1991 Mar 31 2
-5 M +05/+06 1992
+6 R +06/+07 1991 Mar 31 2
+5 R +05/+06 1992
 5 - +05
 Z Asia/Ho_Chi_Minh 7:6:40 - LMT 1906 Jul
 7:6:30 - PLMT 1911 May
@@ -1028,261 +1147,302 @@ Z Asia/Ho_Chi_Minh 7:6:40 - LMT 1906 Jul
 7 - +07 1959 D 31 23
 8 - +08 1975 Jun 13
 7 - +07
-R l 1917 o - Ja 1 0:1 1 D
-R l 1917 o - Mar 25 2 0 S
-R l 1942 o - Ja 1 2 1 D
-R l 1942 o - Mar 29 2 0 S
-R l 1942 o - S 27 2 1 D
-R l 1943 1944 - Mar lastSun 2 0 S
-R l 1943 o - O 3 2 1 D
+R AU 1917 o - Ja 1 0:1 1 D
+R AU 1917 o - Mar 25 2 0 S
+R AU 1942 o - Ja 1 2 1 D
+R AU 1942 o - Mar 29 2 0 S
+R AU 1942 o - S 27 2 1 D
+R AU 1943 1944 - Mar lastSun 2 0 S
+R AU 1943 o - O 3 2 1 D
 Z Australia/Darwin 8:43:20 - LMT 1895 F
 9 - ACST 1899 May
-9:30 l AC%sT
-R m 1974 o - O lastSun 2s 1 D
-R m 1975 o - Mar Sun>=1 2s 0 S
-R m 1983 o - O lastSun 2s 1 D
-R m 1984 o - Mar Sun>=1 2s 0 S
-R m 1991 o - N 17 2s 1 D
-R m 1992 o - Mar Sun>=1 2s 0 S
-R m 2006 o - D 3 2s 1 D
-R m 2007 2009 - Mar lastSun 2s 0 S
-R m 2007 2008 - O lastSun 2s 1 D
+9:30 AU AC%sT
+R AW 1974 o - O lastSun 2s 1 D
+R AW 1975 o - Mar Sun>=1 2s 0 S
+R AW 1983 o - O lastSun 2s 1 D
+R AW 1984 o - Mar Sun>=1 2s 0 S
+R AW 1991 o - N 17 2s 1 D
+R AW 1992 o - Mar Sun>=1 2s 0 S
+R AW 2006 o - D 3 2s 1 D
+R AW 2007 2009 - Mar lastSun 2s 0 S
+R AW 2007 2008 - O lastSun 2s 1 D
 Z Australia/Perth 7:43:24 - LMT 1895 D
-8 l AW%sT 1943 Jul
-8 m AW%sT
+8 AU AW%sT 1943 Jul
+8 AW AW%sT
 Z Australia/Eucla 8:35:28 - LMT 1895 D
-8:45 l +0845/+0945 1943 Jul
-8:45 m +0845/+0945
-R n 1971 o - O lastSun 2s 1 D
-R n 1972 o - F lastSun 2s 0 S
-R n 1989 1991 - O lastSun 2s 1 D
-R n 1990 1992 - Mar Sun>=1 2s 0 S
-R o 1992 1993 - O lastSun 2s 1 D
-R o 1993 1994 - Mar Sun>=1 2s 0 S
+8:45 AU +0845/+0945 1943 Jul
+8:45 AW +0845/+0945
+R AQ 1971 o - O lastSun 2s 1 D
+R AQ 1972 o - F lastSun 2s 0 S
+R AQ 1989 1991 - O lastSun 2s 1 D
+R AQ 1990 1992 - Mar Sun>=1 2s 0 S
+R Ho 1992 1993 - O lastSun 2s 1 D
+R Ho 1993 1994 - Mar Sun>=1 2s 0 S
 Z Australia/Brisbane 10:12:8 - LMT 1895
-10 l AE%sT 1971
-10 n AE%sT
+10 AU AE%sT 1971
+10 AQ AE%sT
 Z Australia/Lindeman 9:55:56 - LMT 1895
-10 l AE%sT 1971
-10 n AE%sT 1992 Jul
-10 o AE%sT
-R p 1971 1985 - O lastSun 2s 1 D
-R p 1986 o - O 19 2s 1 D
-R p 1987 2007 - O lastSun 2s 1 D
-R p 1972 o - F 27 2s 0 S
-R p 1973 1985 - Mar Sun>=1 2s 0 S
-R p 1986 1990 - Mar Sun>=15 2s 0 S
-R p 1991 o - Mar 3 2s 0 S
-R p 1992 o - Mar 22 2s 0 S
-R p 1993 o - Mar 7 2s 0 S
-R p 1994 o - Mar 20 2s 0 S
-R p 1995 2005 - Mar lastSun 2s 0 S
-R p 2006 o - Ap 2 2s 0 S
-R p 2007 o - Mar lastSun 2s 0 S
-R p 2008 ma - Ap Sun>=1 2s 0 S
-R p 2008 ma - O Sun>=1 2s 1 D
+10 AU AE%sT 1971
+10 AQ AE%sT 1992 Jul
+10 Ho AE%sT
+R AS 1971 1985 - O lastSun 2s 1 D
+R AS 1986 o - O 19 2s 1 D
+R AS 1987 2007 - O lastSun 2s 1 D
+R AS 1972 o - F 27 2s 0 S
+R AS 1973 1985 - Mar Sun>=1 2s 0 S
+R AS 1986 1990 - Mar Sun>=15 2s 0 S
+R AS 1991 o - Mar 3 2s 0 S
+R AS 1992 o - Mar 22 2s 0 S
+R AS 1993 o - Mar 7 2s 0 S
+R AS 1994 o - Mar 20 2s 0 S
+R AS 1995 2005 - Mar lastSun 2s 0 S
+R AS 2006 o - Ap 2 2s 0 S
+R AS 2007 o - Mar lastSun 2s 0 S
+R AS 2008 ma - Ap Sun>=1 2s 0 S
+R AS 2008 ma - O Sun>=1 2s 1 D
 Z Australia/Adelaide 9:14:20 - LMT 1895 F
 9 - ACST 1899 May
-9:30 l AC%sT 1971
-9:30 p AC%sT
-R q 1967 o - O Sun>=1 2s 1 D
-R q 1968 o - Mar lastSun 2s 0 S
-R q 1968 1985 - O lastSun 2s 1 D
-R q 1969 1971 - Mar Sun>=8 2s 0 S
-R q 1972 o - F lastSun 2s 0 S
-R q 1973 1981 - Mar Sun>=1 2s 0 S
-R q 1982 1983 - Mar lastSun 2s 0 S
-R q 1984 1986 - Mar Sun>=1 2s 0 S
-R q 1986 o - O Sun>=15 2s 1 D
-R q 1987 1990 - Mar Sun>=15 2s 0 S
-R q 1987 o - O Sun>=22 2s 1 D
-R q 1988 1990 - O lastSun 2s 1 D
-R q 1991 1999 - O Sun>=1 2s 1 D
-R q 1991 2005 - Mar lastSun 2s 0 S
-R q 2000 o - Au lastSun 2s 1 D
-R q 2001 ma - O Sun>=1 2s 1 D
-R q 2006 o - Ap Sun>=1 2s 0 S
-R q 2007 o - Mar lastSun 2s 0 S
-R q 2008 ma - Ap Sun>=1 2s 0 S
+9:30 AU AC%sT 1971
+9:30 AS AC%sT
+R AT 1967 o - O Sun>=1 2s 1 D
+R AT 1968 o - Mar lastSun 2s 0 S
+R AT 1968 1985 - O lastSun 2s 1 D
+R AT 1969 1971 - Mar Sun>=8 2s 0 S
+R AT 1972 o - F lastSun 2s 0 S
+R AT 1973 1981 - Mar Sun>=1 2s 0 S
+R AT 1982 1983 - Mar lastSun 2s 0 S
+R AT 1984 1986 - Mar Sun>=1 2s 0 S
+R AT 1986 o - O Sun>=15 2s 1 D
+R AT 1987 1990 - Mar Sun>=15 2s 0 S
+R AT 1987 o - O Sun>=22 2s 1 D
+R AT 1988 1990 - O lastSun 2s 1 D
+R AT 1991 1999 - O Sun>=1 2s 1 D
+R AT 1991 2005 - Mar lastSun 2s 0 S
+R AT 2000 o - Au lastSun 2s 1 D
+R AT 2001 ma - O Sun>=1 2s 1 D
+R AT 2006 o - Ap Sun>=1 2s 0 S
+R AT 2007 o - Mar lastSun 2s 0 S
+R AT 2008 ma - Ap Sun>=1 2s 0 S
 Z Australia/Hobart 9:49:16 - LMT 1895 S
 10 - AEST 1916 O 1 2
 10 1 AEDT 1917 F
-10 l AE%sT 1967
-10 q AE%sT
+10 AU AE%sT 1967
+10 AT AE%sT
 Z Australia/Currie 9:35:28 - LMT 1895 S
 10 - AEST 1916 O 1 2
 10 1 AEDT 1917 F
-10 l AE%sT 1971 Jul
-10 q AE%sT
-R r 1971 1985 - O lastSun 2s 1 D
-R r 1972 o - F lastSun 2s 0 S
-R r 1973 1985 - Mar Sun>=1 2s 0 S
-R r 1986 1990 - Mar Sun>=15 2s 0 S
-R r 1986 1987 - O Sun>=15 2s 1 D
-R r 1988 1999 - O lastSun 2s 1 D
-R r 1991 1994 - Mar Sun>=1 2s 0 S
-R r 1995 2005 - Mar lastSun 2s 0 S
-R r 2000 o - Au lastSun 2s 1 D
-R r 2001 2007 - O lastSun 2s 1 D
-R r 2006 o - Ap Sun>=1 2s 0 S
-R r 2007 o - Mar lastSun 2s 0 S
-R r 2008 ma - Ap Sun>=1 2s 0 S
-R r 2008 ma - O Sun>=1 2s 1 D
+10 AU AE%sT 1971 Jul
+10 AT AE%sT
+R AV 1971 1985 - O lastSun 2s 1 D
+R AV 1972 o - F lastSun 2s 0 S
+R AV 1973 1985 - Mar Sun>=1 2s 0 S
+R AV 1986 1990 - Mar Sun>=15 2s 0 S
+R AV 1986 1987 - O Sun>=15 2s 1 D
+R AV 1988 1999 - O lastSun 2s 1 D
+R AV 1991 1994 - Mar Sun>=1 2s 0 S
+R AV 1995 2005 - Mar lastSun 2s 0 S
+R AV 2000 o - Au lastSun 2s 1 D
+R AV 2001 2007 - O lastSun 2s 1 D
+R AV 2006 o - Ap Sun>=1 2s 0 S
+R AV 2007 o - Mar lastSun 2s 0 S
+R AV 2008 ma - Ap Sun>=1 2s 0 S
+R AV 2008 ma - O Sun>=1 2s 1 D
 Z Australia/Melbourne 9:39:52 - LMT 1895 F
-10 l AE%sT 1971
-10 r AE%sT
-R s 1971 1985 - O lastSun 2s 1 D
-R s 1972 o - F 27 2s 0 S
-R s 1973 1981 - Mar Sun>=1 2s 0 S
-R s 1982 o - Ap Sun>=1 2s 0 S
-R s 1983 1985 - Mar Sun>=1 2s 0 S
-R s 1986 1989 - Mar Sun>=15 2s 0 S
-R s 1986 o - O 19 2s 1 D
-R s 1987 1999 - O lastSun 2s 1 D
-R s 1990 1995 - Mar Sun>=1 2s 0 S
-R s 1996 2005 - Mar lastSun 2s 0 S
-R s 2000 o - Au lastSun 2s 1 D
-R s 2001 2007 - O lastSun 2s 1 D
-R s 2006 o - Ap Sun>=1 2s 0 S
-R s 2007 o - Mar lastSun 2s 0 S
-R s 2008 ma - Ap Sun>=1 2s 0 S
-R s 2008 ma - O Sun>=1 2s 1 D
+10 AU AE%sT 1971
+10 AV AE%sT
+R AN 1971 1985 - O lastSun 2s 1 D
+R AN 1972 o - F 27 2s 0 S
+R AN 1973 1981 - Mar Sun>=1 2s 0 S
+R AN 1982 o - Ap Sun>=1 2s 0 S
+R AN 1983 1985 - Mar Sun>=1 2s 0 S
+R AN 1986 1989 - Mar Sun>=15 2s 0 S
+R AN 1986 o - O 19 2s 1 D
+R AN 1987 1999 - O lastSun 2s 1 D
+R AN 1990 1995 - Mar Sun>=1 2s 0 S
+R AN 1996 2005 - Mar lastSun 2s 0 S
+R AN 2000 o - Au lastSun 2s 1 D
+R AN 2001 2007 - O lastSun 2s 1 D
+R AN 2006 o - Ap Sun>=1 2s 0 S
+R AN 2007 o - Mar lastSun 2s 0 S
+R AN 2008 ma - Ap Sun>=1 2s 0 S
+R AN 2008 ma - O Sun>=1 2s 1 D
 Z Australia/Sydney 10:4:52 - LMT 1895 F
-10 l AE%sT 1971
-10 s AE%sT
+10 AU AE%sT 1971
+10 AN AE%sT
 Z Australia/Broken_Hill 9:25:48 - LMT 1895 F
 10 - AEST 1896 Au 23
 9 - ACST 1899 May
-9:30 l AC%sT 1971
-9:30 s AC%sT 2000
-9:30 p AC%sT
-R t 1981 1984 - O lastSun 2 1 D
-R t 1982 1985 - Mar Sun>=1 2 0 S
-R t 1985 o - O lastSun 2 0:30 D
-R t 1986 1989 - Mar Sun>=15 2 0 S
-R t 1986 o - O 19 2 0:30 D
-R t 1987 1999 - O lastSun 2 0:30 D
-R t 1990 1995 - Mar Sun>=1 2 0 S
-R t 1996 2005 - Mar lastSun 2 0 S
-R t 2000 o - Au lastSun 2 0:30 D
-R t 2001 2007 - O lastSun 2 0:30 D
-R t 2006 o - Ap Sun>=1 2 0 S
-R t 2007 o - Mar lastSun 2 0 S
-R t 2008 ma - Ap Sun>=1 2 0 S
-R t 2008 ma - O Sun>=1 2 0:30 D
+9:30 AU AC%sT 1971
+9:30 AN AC%sT 2000
+9:30 AS AC%sT
+R LH 1981 1984 - O lastSun 2 1 -
+R LH 1982 1985 - Mar Sun>=1 2 0 -
+R LH 1985 o - O lastSun 2 0:30 -
+R LH 1986 1989 - Mar Sun>=15 2 0 -
+R LH 1986 o - O 19 2 0:30 -
+R LH 1987 1999 - O lastSun 2 0:30 -
+R LH 1990 1995 - Mar Sun>=1 2 0 -
+R LH 1996 2005 - Mar lastSun 2 0 -
+R LH 2000 o - Au lastSun 2 0:30 -
+R LH 2001 2007 - O lastSun 2 0:30 -
+R LH 2006 o - Ap Sun>=1 2 0 -
+R LH 2007 o - Mar lastSun 2 0 -
+R LH 2008 ma - Ap Sun>=1 2 0 -
+R LH 2008 ma - O Sun>=1 2 0:30 -
 Z Australia/Lord_Howe 10:36:20 - LMT 1895 F
 10 - AEST 1981 Mar
-10:30 t +1030/+1130 1985 Jul
-10:30 t +1030/+11
+10:30 LH +1030/+1130 1985 Jul
+10:30 LH +1030/+11
 Z Antarctica/Macquarie 0 - -00 1899 N
 10 - AEST 1916 O 1 2
 10 1 AEDT 1917 F
-10 l AE%sT 1919 Ap 1 0s
+10 AU AE%sT 1919 Ap 1 0s
 0 - -00 1948 Mar 25
-10 l AE%sT 1967
-10 q AE%sT 2010 Ap 4 3
+10 AU AE%sT 1967
+10 AT AE%sT 2010 Ap 4 3
 11 - +11
 Z Indian/Christmas 7:2:52 - LMT 1895 F
 7 - +07
 Z Indian/Cocos 6:27:40 - LMT 1900
 6:30 - +0630
-R u 1998 1999 - N Sun>=1 2 1 S
-R u 1999 2000 - F lastSun 3 0 -
-R u 2009 o - N 29 2 1 S
-R u 2010 o - Mar lastSun 3 0 -
-R u 2010 2013 - O Sun>=21 2 1 S
-R u 2011 o - Mar Sun>=1 3 0 -
-R u 2012 2013 - Ja Sun>=18 3 0 -
-R u 2014 o - Ja Sun>=18 2 0 -
-R u 2014 ma - N Sun>=1 2 1 S
-R u 2015 ma - Ja Sun>=14 3 0 -
+R FJ 1998 1999 - N Sun>=1 2 1 -
+R FJ 1999 2000 - F lastSun 3 0 -
+R FJ 2009 o - N 29 2 1 -
+R FJ 2010 o - Mar lastSun 3 0 -
+R FJ 2010 2013 - O Sun>=21 2 1 -
+R FJ 2011 o - Mar Sun>=1 3 0 -
+R FJ 2012 2013 - Ja Sun>=18 3 0 -
+R FJ 2014 o - Ja Sun>=18 2 0 -
+R FJ 2014 ma - N Sun>=1 2 1 -
+R FJ 2015 ma - Ja Sun>=13 3 0 -
 Z Pacific/Fiji 11:55:44 - LMT 1915 O 26
-12 u +12/+13
+12 FJ +12/+13
 Z Pacific/Gambier -8:59:48 - LMT 1912 O
 -9 - -09
 Z Pacific/Marquesas -9:18 - LMT 1912 O
 -9:30 - -0930
 Z Pacific/Tahiti -9:58:16 - LMT 1912 O
 -10 - -10
+R Gu 1959 o - Jun 27 2 1 D
+R Gu 1961 o - Ja 29 2 0 S
+R Gu 1967 o - S 1 2 1 D
+R Gu 1969 o - Ja 26 0:1 0 S
+R Gu 1969 o - Jun 22 2 1 D
+R Gu 1969 o - Au 31 2 0 S
+R Gu 1970 1971 - Ap lastSun 2 1 D
+R Gu 1970 1971 - S Sun>=1 2 0 S
+R Gu 1973 o - D 16 2 1 D
+R Gu 1974 o - F 24 2 0 S
+R Gu 1976 o - May 26 2 1 D
+R Gu 1976 o - Au 22 2:1 0 S
+R Gu 1977 o - Ap 24 2 1 D
+R Gu 1977 o - Au 28 2 0 S
 Z Pacific/Guam -14:21 - LMT 1844 D 31
 9:39 - LMT 1901
-10 - GST 2000 D 23
+10 - GST 1941 D 10
+9 - +09 1944 Jul 31
+10 Gu G%sT 2000 D 23
 10 - ChST
 Li Pacific/Guam Pacific/Saipan
 Z Pacific/Tarawa 11:32:4 - LMT 1901
 12 - +12
 Z Pacific/Enderbury -11:24:20 - LMT 1901
 -12 - -12 1979 O
--11 - -11 1995
+-11 - -11 1994 D 31
 13 - +13
 Z Pacific/Kiritimati -10:29:20 - LMT 1901
 -10:40 - -1040 1979 O
--10 - -10 1995
+-10 - -10 1994 D 31
 14 - +14
 Z Pacific/Majuro 11:24:48 - LMT 1901
+11 - +11 1914 O
+9 - +09 1919 F
+11 - +11 1937
+10 - +10 1941 Ap
+9 - +09 1944 Ja 30
 11 - +11 1969 O
 12 - +12
 Z Pacific/Kwajalein 11:9:20 - LMT 1901
+11 - +11 1937
+10 - +10 1941 Ap
+9 - +09 1944 F 6
 11 - +11 1969 O
--12 - -12 1993 Au 20
+-12 - -12 1993 Au 20 24
 12 - +12
-Z Pacific/Chuuk 10:7:8 - LMT 1901
+Z Pacific/Chuuk -13:52:52 - LMT 1844 D 31
+10:7:8 - LMT 1901
+10 - +10 1914 O
+9 - +09 1919 F
+10 - +10 1941 Ap
+9 - +09 1945 Au
 10 - +10
-Z Pacific/Pohnpei 10:32:52 - LMT 1901
+Z Pacific/Pohnpei -13:27:8 - LMT 1844 D 31
+10:32:52 - LMT 1901
+11 - +11 1914 O
+9 - +09 1919 F
+11 - +11 1937
+10 - +10 1941 Ap
+9 - +09 1945 Au
 11 - +11
-Z Pacific/Kosrae 10:51:56 - LMT 1901
+Z Pacific/Kosrae -13:8:4 - LMT 1844 D 31
+10:51:56 - LMT 1901
+11 - +11 1914 O
+9 - +09 1919 F
+11 - +11 1937
+10 - +10 1941 Ap
+9 - +09 1945 Au
 11 - +11 1969 O
 12 - +12 1999
 11 - +11
 Z Pacific/Nauru 11:7:40 - LMT 1921 Ja 15
-11:30 - +1130 1942 Mar 15
-9 - +09 1944 Au 15
-11:30 - +1130 1979 May
+11:30 - +1130 1942 Au 29
+9 - +09 1945 S 8
+11:30 - +1130 1979 F 10 2
 12 - +12
-R v 1977 1978 - D Sun>=1 0 1 S
-R v 1978 1979 - F 27 0 0 -
-R v 1996 o - D 1 2s 1 S
-R v 1997 o - Mar 2 2s 0 -
+R NC 1977 1978 - D Sun>=1 0 1 -
+R NC 1978 1979 - F 27 0 0 -
+R NC 1996 o - D 1 2s 1 -
+R NC 1997 o - Mar 2 2s 0 -
 Z Pacific/Noumea 11:5:48 - LMT 1912 Ja 13
-11 v +11/+12
-R w 1927 o - N 6 2 1 S
-R w 1928 o - Mar 4 2 0 M
-R w 1928 1933 - O Sun>=8 2 0:30 S
-R w 1929 1933 - Mar Sun>=15 2 0 M
-R w 1934 1940 - Ap lastSun 2 0 M
-R w 1934 1940 - S lastSun 2 0:30 S
-R w 1946 o - Ja 1 0 0 S
-R w 1974 o - N Sun>=1 2s 1 D
-R x 1974 o - N Sun>=1 2:45s 1 D
-R w 1975 o - F lastSun 2s 0 S
-R x 1975 o - F lastSun 2:45s 0 S
-R w 1975 1988 - O lastSun 2s 1 D
-R x 1975 1988 - O lastSun 2:45s 1 D
-R w 1976 1989 - Mar Sun>=1 2s 0 S
-R x 1976 1989 - Mar Sun>=1 2:45s 0 S
-R w 1989 o - O Sun>=8 2s 1 D
-R x 1989 o - O Sun>=8 2:45s 1 D
-R w 1990 2006 - O Sun>=1 2s 1 D
-R x 1990 2006 - O Sun>=1 2:45s 1 D
-R w 1990 2007 - Mar Sun>=15 2s 0 S
-R x 1990 2007 - Mar Sun>=15 2:45s 0 S
-R w 2007 ma - S lastSun 2s 1 D
-R x 2007 ma - S lastSun 2:45s 1 D
-R w 2008 ma - Ap Sun>=1 2s 0 S
-R x 2008 ma - Ap Sun>=1 2:45s 0 S
+11 NC +11/+12
+R NZ 1927 o - N 6 2 1 S
+R NZ 1928 o - Mar 4 2 0 M
+R NZ 1928 1933 - O Sun>=8 2 0:30 S
+R NZ 1929 1933 - Mar Sun>=15 2 0 M
+R NZ 1934 1940 - Ap lastSun 2 0 M
+R NZ 1934 1940 - S lastSun 2 0:30 S
+R NZ 1946 o - Ja 1 0 0 S
+R NZ 1974 o - N Sun>=1 2s 1 D
+R k 1974 o - N Sun>=1 2:45s 1 -
+R NZ 1975 o - F lastSun 2s 0 S
+R k 1975 o - F lastSun 2:45s 0 -
+R NZ 1975 1988 - O lastSun 2s 1 D
+R k 1975 1988 - O lastSun 2:45s 1 -
+R NZ 1976 1989 - Mar Sun>=1 2s 0 S
+R k 1976 1989 - Mar Sun>=1 2:45s 0 -
+R NZ 1989 o - O Sun>=8 2s 1 D
+R k 1989 o - O Sun>=8 2:45s 1 -
+R NZ 1990 2006 - O Sun>=1 2s 1 D
+R k 1990 2006 - O Sun>=1 2:45s 1 -
+R NZ 1990 2007 - Mar Sun>=15 2s 0 S
+R k 1990 2007 - Mar Sun>=15 2:45s 0 -
+R NZ 2007 ma - S lastSun 2s 1 D
+R k 2007 ma - S lastSun 2:45s 1 -
+R NZ 2008 ma - Ap Sun>=1 2s 0 S
+R k 2008 ma - Ap Sun>=1 2:45s 0 -
 Z Pacific/Auckland 11:39:4 - LMT 1868 N 2
-11:30 w NZ%sT 1946
-12 w NZ%sT
+11:30 NZ NZ%sT 1946
+12 NZ NZ%sT
 Z Pacific/Chatham 12:13:48 - LMT 1868 N 2
 12:15 - +1215 1946
-12:45 x +1245/+1345
+12:45 k +1245/+1345
 Li Pacific/Auckland Antarctica/McMurdo
-R y 1978 o - N 12 0 0:30 HS
-R y 1979 1991 - Mar Sun>=1 0 0 -
-R y 1979 1990 - O lastSun 0 0:30 HS
+R CK 1978 o - N 12 0 0:30 -
+R CK 1979 1991 - Mar Sun>=1 0 0 -
+R CK 1979 1990 - O lastSun 0 0:30 -
 Z Pacific/Rarotonga -10:39:4 - LMT 1901
 -10:30 - -1030 1978 N 12
--10 y -10/-0930
+-10 CK -10/-0930
 Z Pacific/Niue -11:19:40 - LMT 1901
 -11:20 - -1120 1951
 -11:30 - -1130 1978 O
@@ -1293,7 +1453,8 @@ Z Pacific/Norfolk 11:11:52 - LMT 1901
 11:30 1 +1230 1975 Mar 2 2
 11:30 - +1130 2015 O 4 2
 11 - +11
-Z Pacific/Palau 8:57:56 - LMT 1901
+Z Pacific/Palau -15:2:4 - LMT 1844 D 31
+8:57:56 - LMT 1901
 9 - +09
 Z Pacific/Port_Moresby 9:48:40 - LMT 1880
 9:48:32 - PMMT 1895
@@ -1311,564 +1472,570 @@ Z Pacific/Pago_Pago 12:37:12 - LMT 1892 Jul 5
 -11:22:48 - LMT 1911
 -11 - SST
 Li Pacific/Pago_Pago Pacific/Midway
-R z 2010 o - S lastSun 0 1 D
-R z 2011 o - Ap Sat>=1 4 0 S
-R z 2011 o - S lastSat 3 1 D
-R z 2012 ma - Ap Sun>=1 4 0 S
-R z 2012 ma - S lastSun 3 1 D
+R WS 2010 o - S lastSun 0 1 -
+R WS 2011 o - Ap Sat>=1 4 0 -
+R WS 2011 o - S lastSat 3 1 -
+R WS 2012 ma - Ap Sun>=1 4 0 -
+R WS 2012 ma - S lastSun 3 1 -
 Z Pacific/Apia 12:33:4 - LMT 1892 Jul 5
 -11:26:56 - LMT 1911
 -11:30 - -1130 1950
--11 z -11/-10 2011 D 29 24
-13 z +13/+14
+-11 WS -11/-10 2011 D 29 24
+13 WS +13/+14
 Z Pacific/Guadalcanal 10:39:48 - LMT 1912 O
 11 - +11
 Z Pacific/Fakaofo -11:24:56 - LMT 1901
 -11 - -11 2011 D 30
 13 - +13
-R ! 1999 o - O 7 2s 1 S
-R ! 2000 o - Mar 19 2s 0 -
-R ! 2000 2001 - N Sun>=1 2 1 S
-R ! 2001 2002 - Ja lastSun 2 0 -
-R ! 2016 o - N Sun>=1 2 1 S
-R ! 2017 o - Ja Sun>=15 3 0 -
+R TO 1999 o - O 7 2s 1 -
+R TO 2000 o - Mar 19 2s 0 -
+R TO 2000 2001 - N Sun>=1 2 1 -
+R TO 2001 2002 - Ja lastSun 2 0 -
+R TO 2016 o - N Sun>=1 2 1 -
+R TO 2017 o - Ja Sun>=15 3 0 -
 Z Pacific/Tongatapu 12:19:20 - LMT 1901
 12:20 - +1220 1941
 13 - +13 1999
-13 ! +13/+14
+13 TO +13/+14
 Z Pacific/Funafuti 11:56:52 - LMT 1901
 12 - +12
 Z Pacific/Wake 11:6:28 - LMT 1901
 12 - +12
-R $ 1983 o - S 25 0 1 S
-R $ 1984 1991 - Mar Sun>=23 0 0 -
-R $ 1984 o - O 23 0 1 S
-R $ 1985 1991 - S Sun>=23 0 1 S
-R $ 1992 1993 - Ja Sun>=23 0 0 -
-R $ 1992 o - O Sun>=23 0 1 S
+R VU 1983 o - S 25 0 1 -
+R VU 1984 1991 - Mar Sun>=23 0 0 -
+R VU 1984 o - O 23 0 1 -
+R VU 1985 1991 - S Sun>=23 0 1 -
+R VU 1992 1993 - Ja Sun>=23 0 0 -
+R VU 1992 o - O Sun>=23 0 1 -
 Z Pacific/Efate 11:13:16 - LMT 1912 Ja 13
-11 $ +11/+12
+11 VU +11/+12
 Z Pacific/Wallis 12:15:20 - LMT 1901
 12 - +12
-R % 1916 o - May 21 2s 1 BST
-R % 1916 o - O 1 2s 0 GMT
-R % 1917 o - Ap 8 2s 1 BST
-R % 1917 o - S 17 2s 0 GMT
-R % 1918 o - Mar 24 2s 1 BST
-R % 1918 o - S 30 2s 0 GMT
-R % 1919 o - Mar 30 2s 1 BST
-R % 1919 o - S 29 2s 0 GMT
-R % 1920 o - Mar 28 2s 1 BST
-R % 1920 o - O 25 2s 0 GMT
-R % 1921 o - Ap 3 2s 1 BST
-R % 1921 o - O 3 2s 0 GMT
-R % 1922 o - Mar 26 2s 1 BST
-R % 1922 o - O 8 2s 0 GMT
-R % 1923 o - Ap Sun>=16 2s 1 BST
-R % 1923 1924 - S Sun>=16 2s 0 GMT
-R % 1924 o - Ap Sun>=9 2s 1 BST
-R % 1925 1926 - Ap Sun>=16 2s 1 BST
-R % 1925 1938 - O Sun>=2 2s 0 GMT
-R % 1927 o - Ap Sun>=9 2s 1 BST
-R % 1928 1929 - Ap Sun>=16 2s 1 BST
-R % 1930 o - Ap Sun>=9 2s 1 BST
-R % 1931 1932 - Ap Sun>=16 2s 1 BST
-R % 1933 o - Ap Sun>=9 2s 1 BST
-R % 1934 o - Ap Sun>=16 2s 1 BST
-R % 1935 o - Ap Sun>=9 2s 1 BST
-R % 1936 1937 - Ap Sun>=16 2s 1 BST
-R % 1938 o - Ap Sun>=9 2s 1 BST
-R % 1939 o - Ap Sun>=16 2s 1 BST
-R % 1939 o - N Sun>=16 2s 0 GMT
-R % 1940 o - F Sun>=23 2s 1 BST
-R % 1941 o - May Sun>=2 1s 2 BDST
-R % 1941 1943 - Au Sun>=9 1s 1 BST
-R % 1942 1944 - Ap Sun>=2 1s 2 BDST
-R % 1944 o - S Sun>=16 1s 1 BST
-R % 1945 o - Ap M>=2 1s 2 BDST
-R % 1945 o - Jul Sun>=9 1s 1 BST
-R % 1945 1946 - O Sun>=2 2s 0 GMT
-R % 1946 o - Ap Sun>=9 2s 1 BST
-R % 1947 o - Mar 16 2s 1 BST
-R % 1947 o - Ap 13 1s 2 BDST
-R % 1947 o - Au 10 1s 1 BST
-R % 1947 o - N 2 2s 0 GMT
-R % 1948 o - Mar 14 2s 1 BST
-R % 1948 o - O 31 2s 0 GMT
-R % 1949 o - Ap 3 2s 1 BST
-R % 1949 o - O 30 2s 0 GMT
-R % 1950 1952 - Ap Sun>=14 2s 1 BST
-R % 1950 1952 - O Sun>=21 2s 0 GMT
-R % 1953 o - Ap Sun>=16 2s 1 BST
-R % 1953 1960 - O Sun>=2 2s 0 GMT
-R % 1954 o - Ap Sun>=9 2s 1 BST
-R % 1955 1956 - Ap Sun>=16 2s 1 BST
-R % 1957 o - Ap Sun>=9 2s 1 BST
-R % 1958 1959 - Ap Sun>=16 2s 1 BST
-R % 1960 o - Ap Sun>=9 2s 1 BST
-R % 1961 1963 - Mar lastSun 2s 1 BST
-R % 1961 1968 - O Sun>=23 2s 0 GMT
-R % 1964 1967 - Mar Sun>=19 2s 1 BST
-R % 1968 o - F 18 2s 1 BST
-R % 1972 1980 - Mar Sun>=16 2s 1 BST
-R % 1972 1980 - O Sun>=23 2s 0 GMT
-R % 1981 1995 - Mar lastSun 1u 1 BST
-R % 1981 1989 - O Sun>=23 1u 0 GMT
-R % 1990 1995 - O Sun>=22 1u 0 GMT
+R G 1916 o - May 21 2s 1 BST
+R G 1916 o - O 1 2s 0 GMT
+R G 1917 o - Ap 8 2s 1 BST
+R G 1917 o - S 17 2s 0 GMT
+R G 1918 o - Mar 24 2s 1 BST
+R G 1918 o - S 30 2s 0 GMT
+R G 1919 o - Mar 30 2s 1 BST
+R G 1919 o - S 29 2s 0 GMT
+R G 1920 o - Mar 28 2s 1 BST
+R G 1920 o - O 25 2s 0 GMT
+R G 1921 o - Ap 3 2s 1 BST
+R G 1921 o - O 3 2s 0 GMT
+R G 1922 o - Mar 26 2s 1 BST
+R G 1922 o - O 8 2s 0 GMT
+R G 1923 o - Ap Sun>=16 2s 1 BST
+R G 1923 1924 - S Sun>=16 2s 0 GMT
+R G 1924 o - Ap Sun>=9 2s 1 BST
+R G 1925 1926 - Ap Sun>=16 2s 1 BST
+R G 1925 1938 - O Sun>=2 2s 0 GMT
+R G 1927 o - Ap Sun>=9 2s 1 BST
+R G 1928 1929 - Ap Sun>=16 2s 1 BST
+R G 1930 o - Ap Sun>=9 2s 1 BST
+R G 1931 1932 - Ap Sun>=16 2s 1 BST
+R G 1933 o - Ap Sun>=9 2s 1 BST
+R G 1934 o - Ap Sun>=16 2s 1 BST
+R G 1935 o - Ap Sun>=9 2s 1 BST
+R G 1936 1937 - Ap Sun>=16 2s 1 BST
+R G 1938 o - Ap Sun>=9 2s 1 BST
+R G 1939 o - Ap Sun>=16 2s 1 BST
+R G 1939 o - N Sun>=16 2s 0 GMT
+R G 1940 o - F Sun>=23 2s 1 BST
+R G 1941 o - May Sun>=2 1s 2 BDST
+R G 1941 1943 - Au Sun>=9 1s 1 BST
+R G 1942 1944 - Ap Sun>=2 1s 2 BDST
+R G 1944 o - S Sun>=16 1s 1 BST
+R G 1945 o - Ap M>=2 1s 2 BDST
+R G 1945 o - Jul Sun>=9 1s 1 BST
+R G 1945 1946 - O Sun>=2 2s 0 GMT
+R G 1946 o - Ap Sun>=9 2s 1 BST
+R G 1947 o - Mar 16 2s 1 BST
+R G 1947 o - Ap 13 1s 2 BDST
+R G 1947 o - Au 10 1s 1 BST
+R G 1947 o - N 2 2s 0 GMT
+R G 1948 o - Mar 14 2s 1 BST
+R G 1948 o - O 31 2s 0 GMT
+R G 1949 o - Ap 3 2s 1 BST
+R G 1949 o - O 30 2s 0 GMT
+R G 1950 1952 - Ap Sun>=14 2s 1 BST
+R G 1950 1952 - O Sun>=21 2s 0 GMT
+R G 1953 o - Ap Sun>=16 2s 1 BST
+R G 1953 1960 - O Sun>=2 2s 0 GMT
+R G 1954 o - Ap Sun>=9 2s 1 BST
+R G 1955 1956 - Ap Sun>=16 2s 1 BST
+R G 1957 o - Ap Sun>=9 2s 1 BST
+R G 1958 1959 - Ap Sun>=16 2s 1 BST
+R G 1960 o - Ap Sun>=9 2s 1 BST
+R G 1961 1963 - Mar lastSun 2s 1 BST
+R G 1961 1968 - O Sun>=23 2s 0 GMT
+R G 1964 1967 - Mar Sun>=19 2s 1 BST
+R G 1968 o - F 18 2s 1 BST
+R G 1972 1980 - Mar Sun>=16 2s 1 BST
+R G 1972 1980 - O Sun>=23 2s 0 GMT
+R G 1981 1995 - Mar lastSun 1u 1 BST
+R G 1981 1989 - O Sun>=23 1u 0 GMT
+R G 1990 1995 - O Sun>=22 1u 0 GMT
 Z Europe/London -0:1:15 - LMT 1847 D 1 0s
-0 % %s 1968 O 27
+0 G %s 1968 O 27
 1 - BST 1971 O 31 2u
-0 % %s 1996
-0 O GMT/BST
+0 G %s 1996
+0 E GMT/BST
 Li Europe/London Europe/Jersey
 Li Europe/London Europe/Guernsey
 Li Europe/London Europe/Isle_of_Man
+R IE 1971 o - O 31 2u -1 -
+R IE 1972 1980 - Mar Sun>=16 2u 0 -
+R IE 1972 1980 - O Sun>=23 2u -1 -
+R IE 1981 ma - Mar lastSun 1u 0 -
+R IE 1981 1989 - O Sun>=23 1u -1 -
+R IE 1990 1995 - O Sun>=22 1u -1 -
+R IE 1996 ma - O lastSun 1u -1 -
 Z Europe/Dublin -0:25 - LMT 1880 Au 2
 -0:25:21 - DMT 1916 May 21 2s
 -0:25:21 1 IST 1916 O 1 2s
-0 % %s 1921 D 6
-0 % GMT/IST 1940 F 25 2s
+0 G %s 1921 D 6
+0 G GMT/IST 1940 F 25 2s
 0 1 IST 1946 O 6 2s
 0 - GMT 1947 Mar 16 2s
 0 1 IST 1947 N 2 2s
 0 - GMT 1948 Ap 18 2s
-0 % GMT/IST 1968 O 27
-1 - IST 1971 O 31 2u
-0 % GMT/IST 1996
-0 O GMT/IST
-R O 1977 1980 - Ap Sun>=1 1u 1 S
-R O 1977 o - S lastSun 1u 0 -
-R O 1978 o - O 1 1u 0 -
-R O 1979 1995 - S lastSun 1u 0 -
-R O 1981 ma - Mar lastSun 1u 1 S
-R O 1996 ma - O lastSun 1u 0 -
-R & 1977 1980 - Ap Sun>=1 1s 1 S
-R & 1977 o - S lastSun 1s 0 -
-R & 1978 o - O 1 1s 0 -
-R & 1979 1995 - S lastSun 1s 0 -
-R & 1981 ma - Mar lastSun 1s 1 S
-R & 1996 ma - O lastSun 1s 0 -
-R ' 1916 o - Ap 30 23 1 S
-R ' 1916 o - O 1 1 0 -
-R ' 1917 1918 - Ap M>=15 2s 1 S
-R ' 1917 1918 - S M>=15 2s 0 -
-R ' 1940 o - Ap 1 2s 1 S
-R ' 1942 o - N 2 2s 0 -
-R ' 1943 o - Mar 29 2s 1 S
-R ' 1943 o - O 4 2s 0 -
-R ' 1944 1945 - Ap M>=1 2s 1 S
-R ' 1944 o - O 2 2s 0 -
-R ' 1945 o - S 16 2s 0 -
-R ' 1977 1980 - Ap Sun>=1 2s 1 S
-R ' 1977 o - S lastSun 2s 0 -
-R ' 1978 o - O 1 2s 0 -
-R ' 1979 1995 - S lastSun 2s 0 -
-R ' 1981 ma - Mar lastSun 2s 1 S
-R ' 1996 ma - O lastSun 2s 0 -
-R W 1977 1980 - Ap Sun>=1 0 1 S
-R W 1977 o - S lastSun 0 0 -
-R W 1978 o - O 1 0 0 -
-R W 1979 1995 - S lastSun 0 0 -
-R W 1981 ma - Mar lastSun 0 1 S
-R W 1996 ma - O lastSun 0 0 -
-R M 1917 o - Jul 1 23 1 MST
-R M 1917 o - D 28 0 0 MMT
-R M 1918 o - May 31 22 2 MDST
-R M 1918 o - S 16 1 1 MST
-R M 1919 o - May 31 23 2 MDST
-R M 1919 o - Jul 1 0u 1 MSD
-R M 1919 o - Au 16 0 0 MSK
-R M 1921 o - F 14 23 1 MSD
-R M 1921 o - Mar 20 23 2 +05
-R M 1921 o - S 1 0 1 MSD
-R M 1921 o - O 1 0 0 -
-R M 1981 1984 - Ap 1 0 1 S
-R M 1981 1983 - O 1 0 0 -
-R M 1984 1995 - S lastSun 2s 0 -
-R M 1985 2010 - Mar lastSun 2s 1 S
-R M 1996 2010 - O lastSun 2s 0 -
-Z WET 0 O WE%sT
-Z CET 1 ' CE%sT
-Z MET 1 ' ME%sT
-Z EET 2 O EE%sT
-R ( 1940 o - Jun 16 0 1 S
-R ( 1942 o - N 2 3 0 -
-R ( 1943 o - Mar 29 2 1 S
-R ( 1943 o - Ap 10 3 0 -
-R ( 1974 o - May 4 0 1 S
-R ( 1974 o - O 2 0 0 -
-R ( 1975 o - May 1 0 1 S
-R ( 1975 o - O 2 0 0 -
-R ( 1976 o - May 2 0 1 S
-R ( 1976 o - O 3 0 0 -
-R ( 1977 o - May 8 0 1 S
-R ( 1977 o - O 2 0 0 -
-R ( 1978 o - May 6 0 1 S
-R ( 1978 o - O 1 0 0 -
-R ( 1979 o - May 5 0 1 S
-R ( 1979 o - S 30 0 0 -
-R ( 1980 o - May 3 0 1 S
-R ( 1980 o - O 4 0 0 -
-R ( 1981 o - Ap 26 0 1 S
-R ( 1981 o - S 27 0 0 -
-R ( 1982 o - May 2 0 1 S
-R ( 1982 o - O 3 0 0 -
-R ( 1983 o - Ap 18 0 1 S
-R ( 1983 o - O 1 0 0 -
-R ( 1984 o - Ap 1 0 1 S
+0 G GMT/IST 1968 O 27
+1 IE IST/GMT
+R E 1977 1980 - Ap Sun>=1 1u 1 S
+R E 1977 o - S lastSun 1u 0 -
+R E 1978 o - O 1 1u 0 -
+R E 1979 1995 - S lastSun 1u 0 -
+R E 1981 ma - Mar lastSun 1u 1 S
+R E 1996 ma - O lastSun 1u 0 -
+R W- 1977 1980 - Ap Sun>=1 1s 1 S
+R W- 1977 o - S lastSun 1s 0 -
+R W- 1978 o - O 1 1s 0 -
+R W- 1979 1995 - S lastSun 1s 0 -
+R W- 1981 ma - Mar lastSun 1s 1 S
+R W- 1996 ma - O lastSun 1s 0 -
+R c 1916 o - Ap 30 23 1 S
+R c 1916 o - O 1 1 0 -
+R c 1917 1918 - Ap M>=15 2s 1 S
+R c 1917 1918 - S M>=15 2s 0 -
+R c 1940 o - Ap 1 2s 1 S
+R c 1942 o - N 2 2s 0 -
+R c 1943 o - Mar 29 2s 1 S
+R c 1943 o - O 4 2s 0 -
+R c 1944 1945 - Ap M>=1 2s 1 S
+R c 1944 o - O 2 2s 0 -
+R c 1945 o - S 16 2s 0 -
+R c 1977 1980 - Ap Sun>=1 2s 1 S
+R c 1977 o - S lastSun 2s 0 -
+R c 1978 o - O 1 2s 0 -
+R c 1979 1995 - S lastSun 2s 0 -
+R c 1981 ma - Mar lastSun 2s 1 S
+R c 1996 ma - O lastSun 2s 0 -
+R e 1977 1980 - Ap Sun>=1 0 1 S
+R e 1977 o - S lastSun 0 0 -
+R e 1978 o - O 1 0 0 -
+R e 1979 1995 - S lastSun 0 0 -
+R e 1981 ma - Mar lastSun 0 1 S
+R e 1996 ma - O lastSun 0 0 -
+R R 1917 o - Jul 1 23 1 MST
+R R 1917 o - D 28 0 0 MMT
+R R 1918 o - May 31 22 2 MDST
+R R 1918 o - S 16 1 1 MST
+R R 1919 o - May 31 23 2 MDST
+R R 1919 o - Jul 1 0u 1 MSD
+R R 1919 o - Au 16 0 0 MSK
+R R 1921 o - F 14 23 1 MSD
+R R 1921 o - Mar 20 23 2 +05
+R R 1921 o - S 1 0 1 MSD
+R R 1921 o - O 1 0 0 -
+R R 1981 1984 - Ap 1 0 1 S
+R R 1981 1983 - O 1 0 0 -
+R R 1984 1995 - S lastSun 2s 0 -
+R R 1985 2010 - Mar lastSun 2s 1 S
+R R 1996 2010 - O lastSun 2s 0 -
+Z WET 0 E WE%sT
+Z CET 1 c CE%sT
+Z MET 1 c ME%sT
+Z EET 2 E EE%sT
+R q 1940 o - Jun 16 0 1 S
+R q 1942 o - N 2 3 0 -
+R q 1943 o - Mar 29 2 1 S
+R q 1943 o - Ap 10 3 0 -
+R q 1974 o - May 4 0 1 S
+R q 1974 o - O 2 0 0 -
+R q 1975 o - May 1 0 1 S
+R q 1975 o - O 2 0 0 -
+R q 1976 o - May 2 0 1 S
+R q 1976 o - O 3 0 0 -
+R q 1977 o - May 8 0 1 S
+R q 1977 o - O 2 0 0 -
+R q 1978 o - May 6 0 1 S
+R q 1978 o - O 1 0 0 -
+R q 1979 o - May 5 0 1 S
+R q 1979 o - S 30 0 0 -
+R q 1980 o - May 3 0 1 S
+R q 1980 o - O 4 0 0 -
+R q 1981 o - Ap 26 0 1 S
+R q 1981 o - S 27 0 0 -
+R q 1982 o - May 2 0 1 S
+R q 1982 o - O 3 0 0 -
+R q 1983 o - Ap 18 0 1 S
+R q 1983 o - O 1 0 0 -
+R q 1984 o - Ap 1 0 1 S
 Z Europe/Tirane 1:19:20 - LMT 1914
 1 - CET 1940 Jun 16
-1 ( CE%sT 1984 Jul
-1 O CE%sT
+1 q CE%sT 1984 Jul
+1 E CE%sT
 Z Europe/Andorra 0:6:4 - LMT 1901
 0 - WET 1946 S 30
 1 - CET 1985 Mar 31 2
-1 O CE%sT
-R ) 1920 o - Ap 5 2s 1 S
-R ) 1920 o - S 13 2s 0 -
-R ) 1946 o - Ap 14 2s 1 S
-R ) 1946 1948 - O Sun>=1 2s 0 -
-R ) 1947 o - Ap 6 2s 1 S
-R ) 1948 o - Ap 18 2s 1 S
-R ) 1980 o - Ap 6 0 1 S
-R ) 1980 o - S 28 0 0 -
+1 E CE%sT
+R a 1920 o - Ap 5 2s 1 S
+R a 1920 o - S 13 2s 0 -
+R a 1946 o - Ap 14 2s 1 S
+R a 1946 1948 - O Sun>=1 2s 0 -
+R a 1947 o - Ap 6 2s 1 S
+R a 1948 o - Ap 18 2s 1 S
+R a 1980 o - Ap 6 0 1 S
+R a 1980 o - S 28 0 0 -
 Z Europe/Vienna 1:5:21 - LMT 1893 Ap
-1 ' CE%sT 1920
-1 ) CE%sT 1940 Ap 1 2s
-1 ' CE%sT 1945 Ap 2 2s
+1 c CE%sT 1920
+1 a CE%sT 1940 Ap 1 2s
+1 c CE%sT 1945 Ap 2 2s
 1 1 CEST 1945 Ap 12 2s
 1 - CET 1946
-1 ) CE%sT 1981
-1 O CE%sT
+1 a CE%sT 1981
+1 E CE%sT
 Z Europe/Minsk 1:50:16 - LMT 1880
 1:50 - MMT 1924 May 2
 2 - EET 1930 Jun 21
 3 - MSK 1941 Jun 28
-1 ' CE%sT 1944 Jul 3
-3 M MSK/MSD 1990
+1 c CE%sT 1944 Jul 3
+3 R MSK/MSD 1990
 3 - MSK 1991 Mar 31 2s
-2 M EE%sT 2011 Mar 27 2s
+2 R EE%sT 2011 Mar 27 2s
 3 - +03
-R * 1918 o - Mar 9 0s 1 S
-R * 1918 1919 - O Sat>=1 23s 0 -
-R * 1919 o - Mar 1 23s 1 S
-R * 1920 o - F 14 23s 1 S
-R * 1920 o - O 23 23s 0 -
-R * 1921 o - Mar 14 23s 1 S
-R * 1921 o - O 25 23s 0 -
-R * 1922 o - Mar 25 23s 1 S
-R * 1922 1927 - O Sat>=1 23s 0 -
-R * 1923 o - Ap 21 23s 1 S
-R * 1924 o - Mar 29 23s 1 S
-R * 1925 o - Ap 4 23s 1 S
-R * 1926 o - Ap 17 23s 1 S
-R * 1927 o - Ap 9 23s 1 S
-R * 1928 o - Ap 14 23s 1 S
-R * 1928 1938 - O Sun>=2 2s 0 -
-R * 1929 o - Ap 21 2s 1 S
-R * 1930 o - Ap 13 2s 1 S
-R * 1931 o - Ap 19 2s 1 S
-R * 1932 o - Ap 3 2s 1 S
-R * 1933 o - Mar 26 2s 1 S
-R * 1934 o - Ap 8 2s 1 S
-R * 1935 o - Mar 31 2s 1 S
-R * 1936 o - Ap 19 2s 1 S
-R * 1937 o - Ap 4 2s 1 S
-R * 1938 o - Mar 27 2s 1 S
-R * 1939 o - Ap 16 2s 1 S
-R * 1939 o - N 19 2s 0 -
-R * 1940 o - F 25 2s 1 S
-R * 1944 o - S 17 2s 0 -
-R * 1945 o - Ap 2 2s 1 S
-R * 1945 o - S 16 2s 0 -
-R * 1946 o - May 19 2s 1 S
-R * 1946 o - O 7 2s 0 -
+R b 1918 o - Mar 9 0s 1 S
+R b 1918 1919 - O Sat>=1 23s 0 -
+R b 1919 o - Mar 1 23s 1 S
+R b 1920 o - F 14 23s 1 S
+R b 1920 o - O 23 23s 0 -
+R b 1921 o - Mar 14 23s 1 S
+R b 1921 o - O 25 23s 0 -
+R b 1922 o - Mar 25 23s 1 S
+R b 1922 1927 - O Sat>=1 23s 0 -
+R b 1923 o - Ap 21 23s 1 S
+R b 1924 o - Mar 29 23s 1 S
+R b 1925 o - Ap 4 23s 1 S
+R b 1926 o - Ap 17 23s 1 S
+R b 1927 o - Ap 9 23s 1 S
+R b 1928 o - Ap 14 23s 1 S
+R b 1928 1938 - O Sun>=2 2s 0 -
+R b 1929 o - Ap 21 2s 1 S
+R b 1930 o - Ap 13 2s 1 S
+R b 1931 o - Ap 19 2s 1 S
+R b 1932 o - Ap 3 2s 1 S
+R b 1933 o - Mar 26 2s 1 S
+R b 1934 o - Ap 8 2s 1 S
+R b 1935 o - Mar 31 2s 1 S
+R b 1936 o - Ap 19 2s 1 S
+R b 1937 o - Ap 4 2s 1 S
+R b 1938 o - Mar 27 2s 1 S
+R b 1939 o - Ap 16 2s 1 S
+R b 1939 o - N 19 2s 0 -
+R b 1940 o - F 25 2s 1 S
+R b 1944 o - S 17 2s 0 -
+R b 1945 o - Ap 2 2s 1 S
+R b 1945 o - S 16 2s 0 -
+R b 1946 o - May 19 2s 1 S
+R b 1946 o - O 7 2s 0 -
 Z Europe/Brussels 0:17:30 - LMT 1880
 0:17:30 - BMT 1892 May 1 12
 0 - WET 1914 N 8
 1 - CET 1916 May
-1 ' CE%sT 1918 N 11 11u
-0 * WE%sT 1940 May 20 2s
-1 ' CE%sT 1944 S 3
-1 * CE%sT 1977
-1 O CE%sT
-R + 1979 o - Mar 31 23 1 S
-R + 1979 o - O 1 1 0 -
-R + 1980 1982 - Ap Sat>=1 23 1 S
-R + 1980 o - S 29 1 0 -
-R + 1981 o - S 27 2 0 -
+1 c CE%sT 1918 N 11 11u
+0 b WE%sT 1940 May 20 2s
+1 c CE%sT 1944 S 3
+1 b CE%sT 1977
+1 E CE%sT
+R BG 1979 o - Mar 31 23 1 S
+R BG 1979 o - O 1 1 0 -
+R BG 1980 1982 - Ap Sat>=1 23 1 S
+R BG 1980 o - S 29 1 0 -
+R BG 1981 o - S 27 2 0 -
 Z Europe/Sofia 1:33:16 - LMT 1880
 1:56:56 - IMT 1894 N 30
 2 - EET 1942 N 2 3
-1 ' CE%sT 1945
+1 c CE%sT 1945
 1 - CET 1945 Ap 2 3
 2 - EET 1979 Mar 31 23
-2 + EE%sT 1982 S 26 3
-2 ' EE%sT 1991
-2 W EE%sT 1997
-2 O EE%sT
-R , 1945 o - Ap 8 2s 1 S
-R , 1945 o - N 18 2s 0 -
-R , 1946 o - May 6 2s 1 S
-R , 1946 1949 - O Sun>=1 2s 0 -
-R , 1947 o - Ap 20 2s 1 S
-R , 1948 o - Ap 18 2s 1 S
-R , 1949 o - Ap 9 2s 1 S
+2 BG EE%sT 1982 S 26 3
+2 c EE%sT 1991
+2 e EE%sT 1997
+2 E EE%sT
+R CZ 1945 o - Ap M>=1 2s 1 S
+R CZ 1945 o - O 1 2s 0 -
+R CZ 1946 o - May 6 2s 1 S
+R CZ 1946 1949 - O Sun>=1 2s 0 -
+R CZ 1947 1948 - Ap Sun>=15 2s 1 S
+R CZ 1949 o - Ap 9 2s 1 S
 Z Europe/Prague 0:57:44 - LMT 1850
 0:57:44 - PMT 1891 O
-1 ' CE%sT 1944 S 17 2s
-1 , CE%sT 1979
-1 O CE%sT
-R . 1916 o - May 14 23 1 S
-R . 1916 o - S 30 23 0 -
-R . 1940 o - May 15 0 1 S
-R . 1945 o - Ap 2 2s 1 S
-R . 1945 o - Au 15 2s 0 -
-R . 1946 o - May 1 2s 1 S
-R . 1946 o - S 1 2s 0 -
-R . 1947 o - May 4 2s 1 S
-R . 1947 o - Au 10 2s 0 -
-R . 1948 o - May 9 2s 1 S
-R . 1948 o - Au 8 2s 0 -
+1 c CE%sT 1945 May 9
+1 CZ CE%sT 1946 D 1 3
+1 -1 GMT 1947 F 23 2
+1 CZ CE%sT 1979
+1 E CE%sT
+R D 1916 o - May 14 23 1 S
+R D 1916 o - S 30 23 0 -
+R D 1940 o - May 15 0 1 S
+R D 1945 o - Ap 2 2s 1 S
+R D 1945 o - Au 15 2s 0 -
+R D 1946 o - May 1 2s 1 S
+R D 1946 o - S 1 2s 0 -
+R D 1947 o - May 4 2s 1 S
+R D 1947 o - Au 10 2s 0 -
+R D 1948 o - May 9 2s 1 S
+R D 1948 o - Au 8 2s 0 -
 Z Europe/Copenhagen 0:50:20 - LMT 1890
 0:50:20 - CMT 1894
-1 . CE%sT 1942 N 2 2s
-1 ' CE%sT 1945 Ap 2 2
-1 . CE%sT 1980
-1 O CE%sT
+1 D CE%sT 1942 N 2 2s
+1 c CE%sT 1945 Ap 2 2
+1 D CE%sT 1980
+1 E CE%sT
 Z Atlantic/Faroe -0:27:4 - LMT 1908 Ja 11
 0 - WET 1981
-0 O WE%sT
-R / 1991 1992 - Mar lastSun 2 1 D
-R / 1991 1992 - S lastSun 2 0 S
-R / 1993 2006 - Ap Sun>=1 2 1 D
-R / 1993 2006 - O lastSun 2 0 S
-R / 2007 ma - Mar Sun>=8 2 1 D
-R / 2007 ma - N Sun>=1 2 0 S
+0 E WE%sT
+R Th 1991 1992 - Mar lastSun 2 1 D
+R Th 1991 1992 - S lastSun 2 0 S
+R Th 1993 2006 - Ap Sun>=1 2 1 D
+R Th 1993 2006 - O lastSun 2 0 S
+R Th 2007 ma - Mar Sun>=8 2 1 D
+R Th 2007 ma - N Sun>=1 2 0 S
 Z America/Danmarkshavn -1:14:40 - LMT 1916 Jul 28
 -3 - -03 1980 Ap 6 2
--3 O -03/-02 1996
+-3 E -03/-02 1996
 0 - GMT
 Z America/Scoresbysund -1:27:52 - LMT 1916 Jul 28
 -2 - -02 1980 Ap 6 2
--2 ' -02/-01 1981 Mar 29
--1 O -01/+00
+-2 c -02/-01 1981 Mar 29
+-1 E -01/+00
 Z America/Godthab -3:26:56 - LMT 1916 Jul 28
 -3 - -03 1980 Ap 6 2
--3 O -03/-02
+-3 E -03/-02
 Z America/Thule -4:35:8 - LMT 1916 Jul 28
--4 / A%sT
+-4 Th A%sT
 Z Europe/Tallinn 1:39 - LMT 1880
 1:39 - TMT 1918 F
-1 ' CE%sT 1919 Jul
+1 c CE%sT 1919 Jul
 1:39 - TMT 1921 May
 2 - EET 1940 Au 6
 3 - MSK 1941 S 15
-1 ' CE%sT 1944 S 22
-3 M MSK/MSD 1989 Mar 26 2s
+1 c CE%sT 1944 S 22
+3 R MSK/MSD 1989 Mar 26 2s
 2 1 EEST 1989 S 24 2s
-2 ' EE%sT 1998 S 22
-2 O EE%sT 1999 O 31 4
+2 c EE%sT 1998 S 22
+2 E EE%sT 1999 O 31 4
 2 - EET 2002 F 21
-2 O EE%sT
-R : 1942 o - Ap 2 24 1 S
-R : 1942 o - O 4 1 0 -
-R : 1981 1982 - Mar lastSun 2 1 S
-R : 1981 1982 - S lastSun 3 0 -
+2 E EE%sT
+R FI 1942 o - Ap 2 24 1 S
+R FI 1942 o - O 4 1 0 -
+R FI 1981 1982 - Mar lastSun 2 1 S
+R FI 1981 1982 - S lastSun 3 0 -
 Z Europe/Helsinki 1:39:49 - LMT 1878 May 31
 1:39:49 - HMT 1921 May
-2 : EE%sT 1983
-2 O EE%sT
+2 FI EE%sT 1983
+2 E EE%sT
 Li Europe/Helsinki Europe/Mariehamn
-R ; 1916 o - Jun 14 23s 1 S
-R ; 1916 1919 - O Sun>=1 23s 0 -
-R ; 1917 o - Mar 24 23s 1 S
-R ; 1918 o - Mar 9 23s 1 S
-R ; 1919 o - Mar 1 23s 1 S
-R ; 1920 o - F 14 23s 1 S
-R ; 1920 o - O 23 23s 0 -
-R ; 1921 o - Mar 14 23s 1 S
-R ; 1921 o - O 25 23s 0 -
-R ; 1922 o - Mar 25 23s 1 S
-R ; 1922 1938 - O Sat>=1 23s 0 -
-R ; 1923 o - May 26 23s 1 S
-R ; 1924 o - Mar 29 23s 1 S
-R ; 1925 o - Ap 4 23s 1 S
-R ; 1926 o - Ap 17 23s 1 S
-R ; 1927 o - Ap 9 23s 1 S
-R ; 1928 o - Ap 14 23s 1 S
-R ; 1929 o - Ap 20 23s 1 S
-R ; 1930 o - Ap 12 23s 1 S
-R ; 1931 o - Ap 18 23s 1 S
-R ; 1932 o - Ap 2 23s 1 S
-R ; 1933 o - Mar 25 23s 1 S
-R ; 1934 o - Ap 7 23s 1 S
-R ; 1935 o - Mar 30 23s 1 S
-R ; 1936 o - Ap 18 23s 1 S
-R ; 1937 o - Ap 3 23s 1 S
-R ; 1938 o - Mar 26 23s 1 S
-R ; 1939 o - Ap 15 23s 1 S
-R ; 1939 o - N 18 23s 0 -
-R ; 1940 o - F 25 2 1 S
-R ; 1941 o - May 5 0 2 M
-R ; 1941 o - O 6 0 1 S
-R ; 1942 o - Mar 9 0 2 M
-R ; 1942 o - N 2 3 1 S
-R ; 1943 o - Mar 29 2 2 M
-R ; 1943 o - O 4 3 1 S
-R ; 1944 o - Ap 3 2 2 M
-R ; 1944 o - O 8 1 1 S
-R ; 1945 o - Ap 2 2 2 M
-R ; 1945 o - S 16 3 0 -
-R ; 1976 o - Mar 28 1 1 S
-R ; 1976 o - S 26 1 0 -
+R F 1916 o - Jun 14 23s 1 S
+R F 1916 1919 - O Sun>=1 23s 0 -
+R F 1917 o - Mar 24 23s 1 S
+R F 1918 o - Mar 9 23s 1 S
+R F 1919 o - Mar 1 23s 1 S
+R F 1920 o - F 14 23s 1 S
+R F 1920 o - O 23 23s 0 -
+R F 1921 o - Mar 14 23s 1 S
+R F 1921 o - O 25 23s 0 -
+R F 1922 o - Mar 25 23s 1 S
+R F 1922 1938 - O Sat>=1 23s 0 -
+R F 1923 o - May 26 23s 1 S
+R F 1924 o - Mar 29 23s 1 S
+R F 1925 o - Ap 4 23s 1 S
+R F 1926 o - Ap 17 23s 1 S
+R F 1927 o - Ap 9 23s 1 S
+R F 1928 o - Ap 14 23s 1 S
+R F 1929 o - Ap 20 23s 1 S
+R F 1930 o - Ap 12 23s 1 S
+R F 1931 o - Ap 18 23s 1 S
+R F 1932 o - Ap 2 23s 1 S
+R F 1933 o - Mar 25 23s 1 S
+R F 1934 o - Ap 7 23s 1 S
+R F 1935 o - Mar 30 23s 1 S
+R F 1936 o - Ap 18 23s 1 S
+R F 1937 o - Ap 3 23s 1 S
+R F 1938 o - Mar 26 23s 1 S
+R F 1939 o - Ap 15 23s 1 S
+R F 1939 o - N 18 23s 0 -
+R F 1940 o - F 25 2 1 S
+R F 1941 o - May 5 0 2 M
+R F 1941 o - O 6 0 1 S
+R F 1942 o - Mar 9 0 2 M
+R F 1942 o - N 2 3 1 S
+R F 1943 o - Mar 29 2 2 M
+R F 1943 o - O 4 3 1 S
+R F 1944 o - Ap 3 2 2 M
+R F 1944 o - O 8 1 1 S
+R F 1945 o - Ap 2 2 2 M
+R F 1945 o - S 16 3 0 -
+R F 1976 o - Mar 28 1 1 S
+R F 1976 o - S 26 1 0 -
 Z Europe/Paris 0:9:21 - LMT 1891 Mar 15 0:1
 0:9:21 - PMT 1911 Mar 11 0:1
-0 ; WE%sT 1940 Jun 14 23
-1 ' CE%sT 1944 Au 25
-0 ; WE%sT 1945 S 16 3
-1 ; CE%sT 1977
-1 O CE%sT
-R < 1946 o - Ap 14 2s 1 S
-R < 1946 o - O 7 2s 0 -
-R < 1947 1949 - O Sun>=1 2s 0 -
-R < 1947 o - Ap 6 3s 1 S
-R < 1947 o - May 11 2s 2 M
-R < 1947 o - Jun 29 3 1 S
-R < 1948 o - Ap 18 2s 1 S
-R < 1949 o - Ap 10 2s 1 S
-R = 1945 o - May 24 2 2 M
-R = 1945 o - S 24 3 1 S
-R = 1945 o - N 18 2s 0 -
+0 F WE%sT 1940 Jun 14 23
+1 c CE%sT 1944 Au 25
+0 F WE%sT 1945 S 16 3
+1 F CE%sT 1977
+1 E CE%sT
+R DE 1946 o - Ap 14 2s 1 S
+R DE 1946 o - O 7 2s 0 -
+R DE 1947 1949 - O Sun>=1 2s 0 -
+R DE 1947 o - Ap 6 3s 1 S
+R DE 1947 o - May 11 2s 2 M
+R DE 1947 o - Jun 29 3 1 S
+R DE 1948 o - Ap 18 2s 1 S
+R DE 1949 o - Ap 10 2s 1 S
+R So 1945 o - May 24 2 2 M
+R So 1945 o - S 24 3 1 S
+R So 1945 o - N 18 2s 0 -
 Z Europe/Berlin 0:53:28 - LMT 1893 Ap
-1 ' CE%sT 1945 May 24 2
-1 = CE%sT 1946
-1 < CE%sT 1980
-1 O CE%sT
+1 c CE%sT 1945 May 24 2
+1 So CE%sT 1946
+1 DE CE%sT 1980
+1 E CE%sT
 Li Europe/Zurich Europe/Busingen
 Z Europe/Gibraltar -0:21:24 - LMT 1880 Au 2 0s
-0 % %s 1957 Ap 14 2
+0 G %s 1957 Ap 14 2
 1 - CET 1982
-1 O CE%sT
-R > 1932 o - Jul 7 0 1 S
-R > 1932 o - S 1 0 0 -
-R > 1941 o - Ap 7 0 1 S
-R > 1942 o - N 2 3 0 -
-R > 1943 o - Mar 30 0 1 S
-R > 1943 o - O 4 0 0 -
-R > 1952 o - Jul 1 0 1 S
-R > 1952 o - N 2 0 0 -
-R > 1975 o - Ap 12 0s 1 S
-R > 1975 o - N 26 0s 0 -
-R > 1976 o - Ap 11 2s 1 S
-R > 1976 o - O 10 2s 0 -
-R > 1977 1978 - Ap Sun>=1 2s 1 S
-R > 1977 o - S 26 2s 0 -
-R > 1978 o - S 24 4 0 -
-R > 1979 o - Ap 1 9 1 S
-R > 1979 o - S 29 2 0 -
-R > 1980 o - Ap 1 0 1 S
-R > 1980 o - S 28 0 0 -
+1 E CE%sT
+R g 1932 o - Jul 7 0 1 S
+R g 1932 o - S 1 0 0 -
+R g 1941 o - Ap 7 0 1 S
+R g 1942 o - N 2 3 0 -
+R g 1943 o - Mar 30 0 1 S
+R g 1943 o - O 4 0 0 -
+R g 1952 o - Jul 1 0 1 S
+R g 1952 o - N 2 0 0 -
+R g 1975 o - Ap 12 0s 1 S
+R g 1975 o - N 26 0s 0 -
+R g 1976 o - Ap 11 2s 1 S
+R g 1976 o - O 10 2s 0 -
+R g 1977 1978 - Ap Sun>=1 2s 1 S
+R g 1977 o - S 26 2s 0 -
+R g 1978 o - S 24 4 0 -
+R g 1979 o - Ap 1 9 1 S
+R g 1979 o - S 29 2 0 -
+R g 1980 o - Ap 1 0 1 S
+R g 1980 o - S 28 0 0 -
 Z Europe/Athens 1:34:52 - LMT 1895 S 14
 1:34:52 - AMT 1916 Jul 28 0:1
-2 > EE%sT 1941 Ap 30
-1 > CE%sT 1944 Ap 4
-2 > EE%sT 1981
-2 O EE%sT
-R ? 1918 o - Ap 1 3 1 S
-R ? 1918 o - S 16 3 0 -
-R ? 1919 o - Ap 15 3 1 S
-R ? 1919 o - N 24 3 0 -
-R ? 1945 o - May 1 23 1 S
-R ? 1945 o - N 1 0 0 -
-R ? 1946 o - Mar 31 2s 1 S
-R ? 1946 1949 - O Sun>=1 2s 0 -
-R ? 1947 1949 - Ap Sun>=4 2s 1 S
-R ? 1950 o - Ap 17 2s 1 S
-R ? 1950 o - O 23 2s 0 -
-R ? 1954 1955 - May 23 0 1 S
-R ? 1954 1955 - O 3 0 0 -
-R ? 1956 o - Jun Sun>=1 0 1 S
-R ? 1956 o - S lastSun 0 0 -
-R ? 1957 o - Jun Sun>=1 1 1 S
-R ? 1957 o - S lastSun 3 0 -
-R ? 1980 o - Ap 6 1 1 S
+2 g EE%sT 1941 Ap 30
+1 g CE%sT 1944 Ap 4
+2 g EE%sT 1981
+2 E EE%sT
+R h 1918 o - Ap 1 3 1 S
+R h 1918 o - S 16 3 0 -
+R h 1919 o - Ap 15 3 1 S
+R h 1919 o - N 24 3 0 -
+R h 1945 o - May 1 23 1 S
+R h 1945 o - N 1 0 0 -
+R h 1946 o - Mar 31 2s 1 S
+R h 1946 1949 - O Sun>=1 2s 0 -
+R h 1947 1949 - Ap Sun>=4 2s 1 S
+R h 1950 o - Ap 17 2s 1 S
+R h 1950 o - O 23 2s 0 -
+R h 1954 1955 - May 23 0 1 S
+R h 1954 1955 - O 3 0 0 -
+R h 1956 o - Jun Sun>=1 0 1 S
+R h 1956 o - S lastSun 0 0 -
+R h 1957 o - Jun Sun>=1 1 1 S
+R h 1957 o - S lastSun 3 0 -
+R h 1980 o - Ap 6 1 1 S
 Z Europe/Budapest 1:16:20 - LMT 1890 O
-1 ' CE%sT 1918
-1 ? CE%sT 1941 Ap 8
-1 ' CE%sT 1945
-1 ? CE%sT 1980 S 28 2s
-1 O CE%sT
-R @ 1917 1919 - F 19 23 1 S
-R @ 1917 o - O 21 1 0 -
-R @ 1918 1919 - N 16 1 0 -
-R @ 1921 o - Mar 19 23 1 S
-R @ 1921 o - Jun 23 1 0 -
-R @ 1939 o - Ap 29 23 1 S
-R @ 1939 o - O 29 2 0 -
-R @ 1940 o - F 25 2 1 S
-R @ 1940 1941 - N Sun>=2 1s 0 -
-R @ 1941 1942 - Mar Sun>=2 1s 1 S
-R @ 1943 1946 - Mar Sun>=1 1s 1 S
-R @ 1942 1948 - O Sun>=22 1s 0 -
-R @ 1947 1967 - Ap Sun>=1 1s 1 S
-R @ 1949 o - O 30 1s 0 -
-R @ 1950 1966 - O Sun>=22 1s 0 -
-R @ 1967 o - O 29 1s 0 -
+1 c CE%sT 1918
+1 h CE%sT 1941 Ap 8
+1 c CE%sT 1945
+1 h CE%sT 1980 S 28 2s
+1 E CE%sT
+R w 1917 1919 - F 19 23 1 -
+R w 1917 o - O 21 1 0 -
+R w 1918 1919 - N 16 1 0 -
+R w 1921 o - Mar 19 23 1 -
+R w 1921 o - Jun 23 1 0 -
+R w 1939 o - Ap 29 23 1 -
+R w 1939 o - O 29 2 0 -
+R w 1940 o - F 25 2 1 -
+R w 1940 1941 - N Sun>=2 1s 0 -
+R w 1941 1942 - Mar Sun>=2 1s 1 -
+R w 1943 1946 - Mar Sun>=1 1s 1 -
+R w 1942 1948 - O Sun>=22 1s 0 -
+R w 1947 1967 - Ap Sun>=1 1s 1 -
+R w 1949 o - O 30 1s 0 -
+R w 1950 1966 - O Sun>=22 1s 0 -
+R w 1967 o - O 29 1s 0 -
 Z Atlantic/Reykjavik -1:28 - LMT 1908
--1 @ -01/+00 1968 Ap 7 1s
+-1 w -01/+00 1968 Ap 7 1s
 0 - GMT
-R [ 1916 o - Jun 3 24 1 S
-R [ 1916 1917 - S 30 24 0 -
-R [ 1917 o - Mar 31 24 1 S
-R [ 1918 o - Mar 9 24 1 S
-R [ 1918 o - O 6 24 0 -
-R [ 1919 o - Mar 1 24 1 S
-R [ 1919 o - O 4 24 0 -
-R [ 1920 o - Mar 20 24 1 S
-R [ 1920 o - S 18 24 0 -
-R [ 1940 o - Jun 14 24 1 S
-R [ 1942 o - N 2 2s 0 -
-R [ 1943 o - Mar 29 2s 1 S
-R [ 1943 o - O 4 2s 0 -
-R [ 1944 o - Ap 2 2s 1 S
-R [ 1944 o - S 17 2s 0 -
-R [ 1945 o - Ap 2 2 1 S
-R [ 1945 o - S 15 1 0 -
-R [ 1946 o - Mar 17 2s 1 S
-R [ 1946 o - O 6 2s 0 -
-R [ 1947 o - Mar 16 0s 1 S
-R [ 1947 o - O 5 0s 0 -
-R [ 1948 o - F 29 2s 1 S
-R [ 1948 o - O 3 2s 0 -
-R [ 1966 1968 - May Sun>=22 0s 1 S
-R [ 1966 o - S 24 24 0 -
-R [ 1967 1969 - S Sun>=22 0s 0 -
-R [ 1969 o - Jun 1 0s 1 S
-R [ 1970 o - May 31 0s 1 S
-R [ 1970 o - S lastSun 0s 0 -
-R [ 1971 1972 - May Sun>=22 0s 1 S
-R [ 1971 o - S lastSun 0s 0 -
-R [ 1972 o - O 1 0s 0 -
-R [ 1973 o - Jun 3 0s 1 S
-R [ 1973 1974 - S lastSun 0s 0 -
-R [ 1974 o - May 26 0s 1 S
-R [ 1975 o - Jun 1 0s 1 S
-R [ 1975 1977 - S lastSun 0s 0 -
-R [ 1976 o - May 30 0s 1 S
-R [ 1977 1979 - May Sun>=22 0s 1 S
-R [ 1978 o - O 1 0s 0 -
-R [ 1979 o - S 30 0s 0 -
+R I 1916 o - Jun 3 24 1 S
+R I 1916 1917 - S 30 24 0 -
+R I 1917 o - Mar 31 24 1 S
+R I 1918 o - Mar 9 24 1 S
+R I 1918 o - O 6 24 0 -
+R I 1919 o - Mar 1 24 1 S
+R I 1919 o - O 4 24 0 -
+R I 1920 o - Mar 20 24 1 S
+R I 1920 o - S 18 24 0 -
+R I 1940 o - Jun 14 24 1 S
+R I 1942 o - N 2 2s 0 -
+R I 1943 o - Mar 29 2s 1 S
+R I 1943 o - O 4 2s 0 -
+R I 1944 o - Ap 2 2s 1 S
+R I 1944 o - S 17 2s 0 -
+R I 1945 o - Ap 2 2 1 S
+R I 1945 o - S 15 1 0 -
+R I 1946 o - Mar 17 2s 1 S
+R I 1946 o - O 6 2s 0 -
+R I 1947 o - Mar 16 0s 1 S
+R I 1947 o - O 5 0s 0 -
+R I 1948 o - F 29 2s 1 S
+R I 1948 o - O 3 2s 0 -
+R I 1966 1968 - May Sun>=22 0s 1 S
+R I 1966 o - S 24 24 0 -
+R I 1967 1969 - S Sun>=22 0s 0 -
+R I 1969 o - Jun 1 0s 1 S
+R I 1970 o - May 31 0s 1 S
+R I 1970 o - S lastSun 0s 0 -
+R I 1971 1972 - May Sun>=22 0s 1 S
+R I 1971 o - S lastSun 0s 0 -
+R I 1972 o - O 1 0s 0 -
+R I 1973 o - Jun 3 0s 1 S
+R I 1973 1974 - S lastSun 0s 0 -
+R I 1974 o - May 26 0s 1 S
+R I 1975 o - Jun 1 0s 1 S
+R I 1975 1977 - S lastSun 0s 0 -
+R I 1976 o - May 30 0s 1 S
+R I 1977 1979 - May Sun>=22 0s 1 S
+R I 1978 o - O 1 0s 0 -
+R I 1979 o - S 30 0s 0 -
 Z Europe/Rome 0:49:56 - LMT 1866 S 22
 0:49:56 - RMT 1893 O 31 23:49:56
-1 [ CE%sT 1943 S 10
-1 ' CE%sT 1944 Jun 4
-1 [ CE%sT 1980
-1 O CE%sT
+1 I CE%sT 1943 S 10
+1 c CE%sT 1944 Jun 4
+1 I CE%sT 1980
+1 E CE%sT
 Li Europe/Rome Europe/Vatican
 Li Europe/Rome Europe/San_Marino
-R \ 1989 1996 - Mar lastSun 2s 1 S
-R \ 1989 1996 - S lastSun 2s 0 -
+R LV 1989 1996 - Mar lastSun 2s 1 S
+R LV 1989 1996 - S lastSun 2s 0 -
 Z Europe/Riga 1:36:34 - LMT 1880
 1:36:34 - RMT 1918 Ap 15 2
 1:36:34 1 LST 1918 S 16 3
@@ -1877,13 +2044,13 @@ Z Europe/Riga 1:36:34 - LMT 1880
 1:36:34 - RMT 1926 May 11
 2 - EET 1940 Au 5
 3 - MSK 1941 Jul
-1 ' CE%sT 1944 O 13
-3 M MSK/MSD 1989 Mar lastSun 2s
+1 c CE%sT 1944 O 13
+3 R MSK/MSD 1989 Mar lastSun 2s
 2 1 EEST 1989 S lastSun 2s
-2 \ EE%sT 1997 Ja 21
-2 O EE%sT 2000 F 29
+2 LV EE%sT 1997 Ja 21
+2 E EE%sT 2000 F 29
 2 - EET 2001 Ja 2
-2 O EE%sT
+2 E EE%sT
 Li Europe/Zurich Europe/Vaduz
 Z Europe/Vilnius 1:41:16 - LMT 1880
 1:24 - WMT 1917
@@ -1892,1316 +2059,1318 @@ Z Europe/Vilnius 1:41:16 - LMT 1880
 2 - EET 1920 O 9
 1 - CET 1940 Au 3
 3 - MSK 1941 Jun 24
-1 ' CE%sT 1944 Au
-3 M MSK/MSD 1989 Mar 26 2s
-2 M EE%sT 1991 S 29 2s
-2 ' EE%sT 1998
+1 c CE%sT 1944 Au
+3 R MSK/MSD 1989 Mar 26 2s
+2 R EE%sT 1991 S 29 2s
+2 c EE%sT 1998
 2 - EET 1998 Mar 29 1u
-1 O CE%sT 1999 O 31 1u
+1 E CE%sT 1999 O 31 1u
 2 - EET 2003
-2 O EE%sT
-R ] 1916 o - May 14 23 1 S
-R ] 1916 o - O 1 1 0 -
-R ] 1917 o - Ap 28 23 1 S
-R ] 1917 o - S 17 1 0 -
-R ] 1918 o - Ap M>=15 2s 1 S
-R ] 1918 o - S M>=15 2s 0 -
-R ] 1919 o - Mar 1 23 1 S
-R ] 1919 o - O 5 3 0 -
-R ] 1920 o - F 14 23 1 S
-R ] 1920 o - O 24 2 0 -
-R ] 1921 o - Mar 14 23 1 S
-R ] 1921 o - O 26 2 0 -
-R ] 1922 o - Mar 25 23 1 S
-R ] 1922 o - O Sun>=2 1 0 -
-R ] 1923 o - Ap 21 23 1 S
-R ] 1923 o - O Sun>=2 2 0 -
-R ] 1924 o - Mar 29 23 1 S
-R ] 1924 1928 - O Sun>=2 1 0 -
-R ] 1925 o - Ap 5 23 1 S
-R ] 1926 o - Ap 17 23 1 S
-R ] 1927 o - Ap 9 23 1 S
-R ] 1928 o - Ap 14 23 1 S
-R ] 1929 o - Ap 20 23 1 S
+2 E EE%sT
+R LX 1916 o - May 14 23 1 S
+R LX 1916 o - O 1 1 0 -
+R LX 1917 o - Ap 28 23 1 S
+R LX 1917 o - S 17 1 0 -
+R LX 1918 o - Ap M>=15 2s 1 S
+R LX 1918 o - S M>=15 2s 0 -
+R LX 1919 o - Mar 1 23 1 S
+R LX 1919 o - O 5 3 0 -
+R LX 1920 o - F 14 23 1 S
+R LX 1920 o - O 24 2 0 -
+R LX 1921 o - Mar 14 23 1 S
+R LX 1921 o - O 26 2 0 -
+R LX 1922 o - Mar 25 23 1 S
+R LX 1922 o - O Sun>=2 1 0 -
+R LX 1923 o - Ap 21 23 1 S
+R LX 1923 o - O Sun>=2 2 0 -
+R LX 1924 o - Mar 29 23 1 S
+R LX 1924 1928 - O Sun>=2 1 0 -
+R LX 1925 o - Ap 5 23 1 S
+R LX 1926 o - Ap 17 23 1 S
+R LX 1927 o - Ap 9 23 1 S
+R LX 1928 o - Ap 14 23 1 S
+R LX 1929 o - Ap 20 23 1 S
 Z Europe/Luxembourg 0:24:36 - LMT 1904 Jun
-1 ] CE%sT 1918 N 25
-0 ] WE%sT 1929 O 6 2s
-0 * WE%sT 1940 May 14 3
-1 ' WE%sT 1944 S 18 3
-1 * CE%sT 1977
-1 O CE%sT
-R ^ 1973 o - Mar 31 0s 1 S
-R ^ 1973 o - S 29 0s 0 -
-R ^ 1974 o - Ap 21 0s 1 S
-R ^ 1974 o - S 16 0s 0 -
-R ^ 1975 1979 - Ap Sun>=15 2 1 S
-R ^ 1975 1980 - S Sun>=15 2 0 -
-R ^ 1980 o - Mar 31 2 1 S
+1 LX CE%sT 1918 N 25
+0 LX WE%sT 1929 O 6 2s
+0 b WE%sT 1940 May 14 3
+1 c WE%sT 1944 S 18 3
+1 b CE%sT 1977
+1 E CE%sT
+R MT 1973 o - Mar 31 0s 1 S
+R MT 1973 o - S 29 0s 0 -
+R MT 1974 o - Ap 21 0s 1 S
+R MT 1974 o - S 16 0s 0 -
+R MT 1975 1979 - Ap Sun>=15 2 1 S
+R MT 1975 1980 - S Sun>=15 2 0 -
+R MT 1980 o - Mar 31 2 1 S
 Z Europe/Malta 0:58:4 - LMT 1893 N 2 0s
-1 [ CE%sT 1973 Mar 31
-1 ^ CE%sT 1981
-1 O CE%sT
-R _ 1997 ma - Mar lastSun 2 1 S
-R _ 1997 ma - O lastSun 3 0 -
+1 I CE%sT 1973 Mar 31
+1 MT CE%sT 1981
+1 E CE%sT
+R MD 1997 ma - Mar lastSun 2 1 S
+R MD 1997 ma - O lastSun 3 0 -
 Z Europe/Chisinau 1:55:20 - LMT 1880
 1:55 - CMT 1918 F 15
 1:44:24 - BMT 1931 Jul 24
-2 ` EE%sT 1940 Au 15
+2 z EE%sT 1940 Au 15
 2 1 EEST 1941 Jul 17
-1 ' CE%sT 1944 Au 24
-3 M MSK/MSD 1990 May 6 2
-2 M EE%sT 1992
-2 W EE%sT 1997
-2 _ EE%sT
+1 c CE%sT 1944 Au 24
+3 R MSK/MSD 1990 May 6 2
+2 R EE%sT 1992
+2 e EE%sT 1997
+2 MD EE%sT
 Z Europe/Monaco 0:29:32 - LMT 1891 Mar 15
 0:9:21 - PMT 1911 Mar 11
-0 ; WE%sT 1945 S 16 3
-1 ; CE%sT 1977
-1 O CE%sT
-R { 1916 o - May 1 0 1 NST
-R { 1916 o - O 1 0 0 AMT
-R { 1917 o - Ap 16 2s 1 NST
-R { 1917 o - S 17 2s 0 AMT
-R { 1918 1921 - Ap M>=1 2s 1 NST
-R { 1918 1921 - S lastM 2s 0 AMT
-R { 1922 o - Mar lastSun 2s 1 NST
-R { 1922 1936 - O Sun>=2 2s 0 AMT
-R { 1923 o - Jun F>=1 2s 1 NST
-R { 1924 o - Mar lastSun 2s 1 NST
-R { 1925 o - Jun F>=1 2s 1 NST
-R { 1926 1931 - May 15 2s 1 NST
-R { 1932 o - May 22 2s 1 NST
-R { 1933 1936 - May 15 2s 1 NST
-R { 1937 o - May 22 2s 1 NST
-R { 1937 o - Jul 1 0 1 S
-R { 1937 1939 - O Sun>=2 2s 0 -
-R { 1938 1939 - May 15 2s 1 S
-R { 1945 o - Ap 2 2s 1 S
-R { 1945 o - S 16 2s 0 -
+0 F WE%sT 1945 S 16 3
+1 F CE%sT 1977
+1 E CE%sT
+R N 1916 o - May 1 0 1 NST
+R N 1916 o - O 1 0 0 AMT
+R N 1917 o - Ap 16 2s 1 NST
+R N 1917 o - S 17 2s 0 AMT
+R N 1918 1921 - Ap M>=1 2s 1 NST
+R N 1918 1921 - S lastM 2s 0 AMT
+R N 1922 o - Mar lastSun 2s 1 NST
+R N 1922 1936 - O Sun>=2 2s 0 AMT
+R N 1923 o - Jun F>=1 2s 1 NST
+R N 1924 o - Mar lastSun 2s 1 NST
+R N 1925 o - Jun F>=1 2s 1 NST
+R N 1926 1931 - May 15 2s 1 NST
+R N 1932 o - May 22 2s 1 NST
+R N 1933 1936 - May 15 2s 1 NST
+R N 1937 o - May 22 2s 1 NST
+R N 1937 o - Jul 1 0 1 S
+R N 1937 1939 - O Sun>=2 2s 0 -
+R N 1938 1939 - May 15 2s 1 S
+R N 1945 o - Ap 2 2s 1 S
+R N 1945 o - S 16 2s 0 -
 Z Europe/Amsterdam 0:19:32 - LMT 1835
-0:19:32 { %s 1937 Jul
-0:20 { +0020/+0120 1940 May 16
-1 ' CE%sT 1945 Ap 2 2
-1 { CE%sT 1977
-1 O CE%sT
-R | 1916 o - May 22 1 1 S
-R | 1916 o - S 30 0 0 -
-R | 1945 o - Ap 2 2s 1 S
-R | 1945 o - O 1 2s 0 -
-R | 1959 1964 - Mar Sun>=15 2s 1 S
-R | 1959 1965 - S Sun>=15 2s 0 -
-R | 1965 o - Ap 25 2s 1 S
+0:19:32 N %s 1937 Jul
+0:20 N +0020/+0120 1940 May 16
+1 c CE%sT 1945 Ap 2 2
+1 N CE%sT 1977
+1 E CE%sT
+R NO 1916 o - May 22 1 1 S
+R NO 1916 o - S 30 0 0 -
+R NO 1945 o - Ap 2 2s 1 S
+R NO 1945 o - O 1 2s 0 -
+R NO 1959 1964 - Mar Sun>=15 2s 1 S
+R NO 1959 1965 - S Sun>=15 2s 0 -
+R NO 1965 o - Ap 25 2s 1 S
 Z Europe/Oslo 0:43 - LMT 1895
-1 | CE%sT 1940 Au 10 23
-1 ' CE%sT 1945 Ap 2 2
-1 | CE%sT 1980
-1 O CE%sT
+1 NO CE%sT 1940 Au 10 23
+1 c CE%sT 1945 Ap 2 2
+1 NO CE%sT 1980
+1 E CE%sT
 Li Europe/Oslo Arctic/Longyearbyen
-R } 1918 1919 - S 16 2s 0 -
-R } 1919 o - Ap 15 2s 1 S
-R } 1944 o - Ap 3 2s 1 S
-R } 1944 o - O 4 2 0 -
-R } 1945 o - Ap 29 0 1 S
-R } 1945 o - N 1 0 0 -
-R } 1946 o - Ap 14 0s 1 S
-R } 1946 o - O 7 2s 0 -
-R } 1947 o - May 4 2s 1 S
-R } 1947 1949 - O Sun>=1 2s 0 -
-R } 1948 o - Ap 18 2s 1 S
-R } 1949 o - Ap 10 2s 1 S
-R } 1957 o - Jun 2 1s 1 S
-R } 1957 1958 - S lastSun 1s 0 -
-R } 1958 o - Mar 30 1s 1 S
-R } 1959 o - May 31 1s 1 S
-R } 1959 1961 - O Sun>=1 1s 0 -
-R } 1960 o - Ap 3 1s 1 S
-R } 1961 1964 - May lastSun 1s 1 S
-R } 1962 1964 - S lastSun 1s 0 -
+R O 1918 1919 - S 16 2s 0 -
+R O 1919 o - Ap 15 2s 1 S
+R O 1944 o - Ap 3 2s 1 S
+R O 1944 o - O 4 2 0 -
+R O 1945 o - Ap 29 0 1 S
+R O 1945 o - N 1 0 0 -
+R O 1946 o - Ap 14 0s 1 S
+R O 1946 o - O 7 2s 0 -
+R O 1947 o - May 4 2s 1 S
+R O 1947 1949 - O Sun>=1 2s 0 -
+R O 1948 o - Ap 18 2s 1 S
+R O 1949 o - Ap 10 2s 1 S
+R O 1957 o - Jun 2 1s 1 S
+R O 1957 1958 - S lastSun 1s 0 -
+R O 1958 o - Mar 30 1s 1 S
+R O 1959 o - May 31 1s 1 S
+R O 1959 1961 - O Sun>=1 1s 0 -
+R O 1960 o - Ap 3 1s 1 S
+R O 1961 1964 - May lastSun 1s 1 S
+R O 1962 1964 - S lastSun 1s 0 -
 Z Europe/Warsaw 1:24 - LMT 1880
 1:24 - WMT 1915 Au 5
-1 ' CE%sT 1918 S 16 3
-2 } EE%sT 1922 Jun
-1 } CE%sT 1940 Jun 23 2
-1 ' CE%sT 1944 O
-1 } CE%sT 1977
-1 & CE%sT 1988
-1 O CE%sT
-R ~ 1916 o - Jun 17 23 1 S
-R ~ 1916 o - N 1 1 0 -
-R ~ 1917 o - F 28 23s 1 S
-R ~ 1917 1921 - O 14 23s 0 -
-R ~ 1918 o - Mar 1 23s 1 S
-R ~ 1919 o - F 28 23s 1 S
-R ~ 1920 o - F 29 23s 1 S
-R ~ 1921 o - F 28 23s 1 S
-R ~ 1924 o - Ap 16 23s 1 S
-R ~ 1924 o - O 14 23s 0 -
-R ~ 1926 o - Ap 17 23s 1 S
-R ~ 1926 1929 - O Sat>=1 23s 0 -
-R ~ 1927 o - Ap 9 23s 1 S
-R ~ 1928 o - Ap 14 23s 1 S
-R ~ 1929 o - Ap 20 23s 1 S
-R ~ 1931 o - Ap 18 23s 1 S
-R ~ 1931 1932 - O Sat>=1 23s 0 -
-R ~ 1932 o - Ap 2 23s 1 S
-R ~ 1934 o - Ap 7 23s 1 S
-R ~ 1934 1938 - O Sat>=1 23s 0 -
-R ~ 1935 o - Mar 30 23s 1 S
-R ~ 1936 o - Ap 18 23s 1 S
-R ~ 1937 o - Ap 3 23s 1 S
-R ~ 1938 o - Mar 26 23s 1 S
-R ~ 1939 o - Ap 15 23s 1 S
-R ~ 1939 o - N 18 23s 0 -
-R ~ 1940 o - F 24 23s 1 S
-R ~ 1940 1941 - O 5 23s 0 -
-R ~ 1941 o - Ap 5 23s 1 S
-R ~ 1942 1945 - Mar Sat>=8 23s 1 S
-R ~ 1942 o - Ap 25 22s 2 M
-R ~ 1942 o - Au 15 22s 1 S
-R ~ 1942 1945 - O Sat>=24 23s 0 -
-R ~ 1943 o - Ap 17 22s 2 M
-R ~ 1943 1945 - Au Sat>=25 22s 1 S
-R ~ 1944 1945 - Ap Sat>=21 22s 2 M
-R ~ 1946 o - Ap Sat>=1 23s 1 S
-R ~ 1946 o - O Sat>=1 23s 0 -
-R ~ 1947 1949 - Ap Sun>=1 2s 1 S
-R ~ 1947 1949 - O Sun>=1 2s 0 -
-R ~ 1951 1965 - Ap Sun>=1 2s 1 S
-R ~ 1951 1965 - O Sun>=1 2s 0 -
-R ~ 1977 o - Mar 27 0s 1 S
-R ~ 1977 o - S 25 0s 0 -
-R ~ 1978 1979 - Ap Sun>=1 0s 1 S
-R ~ 1978 o - O 1 0s 0 -
-R ~ 1979 1982 - S lastSun 1s 0 -
-R ~ 1980 o - Mar lastSun 0s 1 S
-R ~ 1981 1982 - Mar lastSun 1s 1 S
-R ~ 1983 o - Mar lastSun 2s 1 S
+1 c CE%sT 1918 S 16 3
+2 O EE%sT 1922 Jun
+1 O CE%sT 1940 Jun 23 2
+1 c CE%sT 1944 O
+1 O CE%sT 1977
+1 W- CE%sT 1988
+1 E CE%sT
+R p 1916 o - Jun 17 23 1 S
+R p 1916 o - N 1 1 0 -
+R p 1917 o - F 28 23s 1 S
+R p 1917 1921 - O 14 23s 0 -
+R p 1918 o - Mar 1 23s 1 S
+R p 1919 o - F 28 23s 1 S
+R p 1920 o - F 29 23s 1 S
+R p 1921 o - F 28 23s 1 S
+R p 1924 o - Ap 16 23s 1 S
+R p 1924 o - O 14 23s 0 -
+R p 1926 o - Ap 17 23s 1 S
+R p 1926 1929 - O Sat>=1 23s 0 -
+R p 1927 o - Ap 9 23s 1 S
+R p 1928 o - Ap 14 23s 1 S
+R p 1929 o - Ap 20 23s 1 S
+R p 1931 o - Ap 18 23s 1 S
+R p 1931 1932 - O Sat>=1 23s 0 -
+R p 1932 o - Ap 2 23s 1 S
+R p 1934 o - Ap 7 23s 1 S
+R p 1934 1938 - O Sat>=1 23s 0 -
+R p 1935 o - Mar 30 23s 1 S
+R p 1936 o - Ap 18 23s 1 S
+R p 1937 o - Ap 3 23s 1 S
+R p 1938 o - Mar 26 23s 1 S
+R p 1939 o - Ap 15 23s 1 S
+R p 1939 o - N 18 23s 0 -
+R p 1940 o - F 24 23s 1 S
+R p 1940 1941 - O 5 23s 0 -
+R p 1941 o - Ap 5 23s 1 S
+R p 1942 1945 - Mar Sat>=8 23s 1 S
+R p 1942 o - Ap 25 22s 2 M
+R p 1942 o - Au 15 22s 1 S
+R p 1942 1945 - O Sat>=24 23s 0 -
+R p 1943 o - Ap 17 22s 2 M
+R p 1943 1945 - Au Sat>=25 22s 1 S
+R p 1944 1945 - Ap Sat>=21 22s 2 M
+R p 1946 o - Ap Sat>=1 23s 1 S
+R p 1946 o - O Sat>=1 23s 0 -
+R p 1947 1949 - Ap Sun>=1 2s 1 S
+R p 1947 1949 - O Sun>=1 2s 0 -
+R p 1951 1965 - Ap Sun>=1 2s 1 S
+R p 1951 1965 - O Sun>=1 2s 0 -
+R p 1977 o - Mar 27 0s 1 S
+R p 1977 o - S 25 0s 0 -
+R p 1978 1979 - Ap Sun>=1 0s 1 S
+R p 1978 o - O 1 0s 0 -
+R p 1979 1982 - S lastSun 1s 0 -
+R p 1980 o - Mar lastSun 0s 1 S
+R p 1981 1982 - Mar lastSun 1s 1 S
+R p 1983 o - Mar lastSun 2s 1 S
 Z Europe/Lisbon -0:36:45 - LMT 1884
--0:36:45 - LMT 1912
-0 ~ WE%sT 1966 Ap 3 2
+-0:36:45 - LMT 1912 Ja 1 0u
+0 p WE%sT 1966 Ap 3 2
 1 - CET 1976 S 26 1
-0 ~ WE%sT 1983 S 25 1s
-0 & WE%sT 1992 S 27 1s
-1 O CE%sT 1996 Mar 31 1u
-0 O WE%sT
+0 p WE%sT 1983 S 25 1s
+0 W- WE%sT 1992 S 27 1s
+1 E CE%sT 1996 Mar 31 1u
+0 E WE%sT
 Z Atlantic/Azores -1:42:40 - LMT 1884
--1:54:32 - HMT 1912
--2 ~ -02/-01 1942 Ap 25 22s
--2 ~ +00 1942 Au 15 22s
--2 ~ -02/-01 1943 Ap 17 22s
--2 ~ +00 1943 Au 28 22s
--2 ~ -02/-01 1944 Ap 22 22s
--2 ~ +00 1944 Au 26 22s
--2 ~ -02/-01 1945 Ap 21 22s
--2 ~ +00 1945 Au 25 22s
--2 ~ -02/-01 1966 Ap 3 2
--1 ~ -01/+00 1983 S 25 1s
--1 & -01/+00 1992 S 27 1s
-0 O WE%sT 1993 Mar 28 1u
--1 O -01/+00
+-1:54:32 - HMT 1912 Ja 1 2u
+-2 p -02/-01 1942 Ap 25 22s
+-2 p +00 1942 Au 15 22s
+-2 p -02/-01 1943 Ap 17 22s
+-2 p +00 1943 Au 28 22s
+-2 p -02/-01 1944 Ap 22 22s
+-2 p +00 1944 Au 26 22s
+-2 p -02/-01 1945 Ap 21 22s
+-2 p +00 1945 Au 25 22s
+-2 p -02/-01 1966 Ap 3 2
+-1 p -01/+00 1983 S 25 1s
+-1 W- -01/+00 1992 S 27 1s
+0 E WE%sT 1993 Mar 28 1u
+-1 E -01/+00
 Z Atlantic/Madeira -1:7:36 - LMT 1884
--1:7:36 - FMT 1912
--1 ~ -01/+00 1942 Ap 25 22s
--1 ~ +01 1942 Au 15 22s
--1 ~ -01/+00 1943 Ap 17 22s
--1 ~ +01 1943 Au 28 22s
--1 ~ -01/+00 1944 Ap 22 22s
--1 ~ +01 1944 Au 26 22s
--1 ~ -01/+00 1945 Ap 21 22s
--1 ~ +01 1945 Au 25 22s
--1 ~ -01/+00 1966 Ap 3 2
-0 ~ WE%sT 1983 S 25 1s
-0 O WE%sT
-R ` 1932 o - May 21 0s 1 S
-R ` 1932 1939 - O Sun>=1 0s 0 -
-R ` 1933 1939 - Ap Sun>=2 0s 1 S
-R ` 1979 o - May 27 0 1 S
-R ` 1979 o - S lastSun 0 0 -
-R ` 1980 o - Ap 5 23 1 S
-R ` 1980 o - S lastSun 1 0 -
-R ` 1991 1993 - Mar lastSun 0s 1 S
-R ` 1991 1993 - S lastSun 0s 0 -
+-1:7:36 - FMT 1912 Ja 1 1u
+-1 p -01/+00 1942 Ap 25 22s
+-1 p +01 1942 Au 15 22s
+-1 p -01/+00 1943 Ap 17 22s
+-1 p +01 1943 Au 28 22s
+-1 p -01/+00 1944 Ap 22 22s
+-1 p +01 1944 Au 26 22s
+-1 p -01/+00 1945 Ap 21 22s
+-1 p +01 1945 Au 25 22s
+-1 p -01/+00 1966 Ap 3 2
+0 p WE%sT 1983 S 25 1s
+0 E WE%sT
+R z 1932 o - May 21 0s 1 S
+R z 1932 1939 - O Sun>=1 0s 0 -
+R z 1933 1939 - Ap Sun>=2 0s 1 S
+R z 1979 o - May 27 0 1 S
+R z 1979 o - S lastSun 0 0 -
+R z 1980 o - Ap 5 23 1 S
+R z 1980 o - S lastSun 1 0 -
+R z 1991 1993 - Mar lastSun 0s 1 S
+R z 1991 1993 - S lastSun 0s 0 -
 Z Europe/Bucharest 1:44:24 - LMT 1891 O
 1:44:24 - BMT 1931 Jul 24
-2 ` EE%sT 1981 Mar 29 2s
-2 ' EE%sT 1991
-2 ` EE%sT 1994
-2 W EE%sT 1997
-2 O EE%sT
+2 z EE%sT 1981 Mar 29 2s
+2 c EE%sT 1991
+2 z EE%sT 1994
+2 e EE%sT 1997
+2 E EE%sT
 Z Europe/Kaliningrad 1:22 - LMT 1893 Ap
-1 ' CE%sT 1945
-2 } CE%sT 1946
-3 M MSK/MSD 1989 Mar 26 2s
-2 M EE%sT 2011 Mar 27 2s
+1 c CE%sT 1945
+2 O CE%sT 1946
+3 R MSK/MSD 1989 Mar 26 2s
+2 R EE%sT 2011 Mar 27 2s
 3 - +03 2014 O 26 2s
 2 - EET
 Z Europe/Moscow 2:30:17 - LMT 1880
 2:30:17 - MMT 1916 Jul 3
-2:31:19 M %s 1919 Jul 1 0u
-3 M %s 1921 O
-3 M MSK/MSD 1922 O
+2:31:19 R %s 1919 Jul 1 0u
+3 R %s 1921 O
+3 R MSK/MSD 1922 O
 2 - EET 1930 Jun 21
-3 M MSK/MSD 1991 Mar 31 2s
-2 M EE%sT 1992 Ja 19 2s
-3 M MSK/MSD 2011 Mar 27 2s
+3 R MSK/MSD 1991 Mar 31 2s
+2 R EE%sT 1992 Ja 19 2s
+3 R MSK/MSD 2011 Mar 27 2s
 4 - MSK 2014 O 26 2s
 3 - MSK
 Z Europe/Simferopol 2:16:24 - LMT 1880
 2:16 - SMT 1924 May 2
 2 - EET 1930 Jun 21
 3 - MSK 1941 N
-1 ' CE%sT 1944 Ap 13
-3 M MSK/MSD 1990
+1 c CE%sT 1944 Ap 13
+3 R MSK/MSD 1990
 3 - MSK 1990 Jul 1 2
 2 - EET 1992
-2 W EE%sT 1994 May
-3 W MSK/MSD 1996 Mar 31 0s
+2 e EE%sT 1994 May
+3 e MSK/MSD 1996 Mar 31 0s
 3 1 MSD 1996 O 27 3s
-3 M MSK/MSD 1997
+3 R MSK/MSD 1997
 3 - MSK 1997 Mar lastSun 1u
-2 O EE%sT 2014 Mar 30 2
+2 E EE%sT 2014 Mar 30 2
 4 - MSK 2014 O 26 2s
 3 - MSK
 Z Europe/Astrakhan 3:12:12 - LMT 1924 May
 3 - +03 1930 Jun 21
-4 M +04/+05 1989 Mar 26 2s
-3 M +03/+04 1991 Mar 31 2s
+4 R +04/+05 1989 Mar 26 2s
+3 R +03/+04 1991 Mar 31 2s
 4 - +04 1992 Mar 29 2s
-3 M +03/+04 2011 Mar 27 2s
+3 R +03/+04 2011 Mar 27 2s
 4 - +04 2014 O 26 2s
 3 - +03 2016 Mar 27 2s
 4 - +04
 Z Europe/Volgograd 2:57:40 - LMT 1920 Ja 3
 3 - +03 1930 Jun 21
 4 - +04 1961 N 11
-4 M +04/+05 1988 Mar 27 2s
-3 M +03/+04 1991 Mar 31 2s
+4 R +04/+05 1988 Mar 27 2s
+3 R +03/+04 1991 Mar 31 2s
 4 - +04 1992 Mar 29 2s
-3 M +03/+04 2011 Mar 27 2s
+3 R +03/+04 2011 Mar 27 2s
 4 - +04 2014 O 26 2s
-3 - +03
+3 - +03 2018 O 28 2s
+4 - +04
 Z Europe/Saratov 3:4:18 - LMT 1919 Jul 1 0u
 3 - +03 1930 Jun 21
-4 M +04/+05 1988 Mar 27 2s
-3 M +03/+04 1991 Mar 31 2s
+4 R +04/+05 1988 Mar 27 2s
+3 R +03/+04 1991 Mar 31 2s
 4 - +04 1992 Mar 29 2s
-3 M +03/+04 2011 Mar 27 2s
+3 R +03/+04 2011 Mar 27 2s
 4 - +04 2014 O 26 2s
 3 - +03 2016 D 4 2s
 4 - +04
 Z Europe/Kirov 3:18:48 - LMT 1919 Jul 1 0u
 3 - +03 1930 Jun 21
-4 M +04/+05 1989 Mar 26 2s
-3 M +03/+04 1991 Mar 31 2s
+4 R +04/+05 1989 Mar 26 2s
+3 R +03/+04 1991 Mar 31 2s
 4 - +04 1992 Mar 29 2s
-3 M +03/+04 2011 Mar 27 2s
+3 R +03/+04 2011 Mar 27 2s
 4 - +04 2014 O 26 2s
 3 - +03
 Z Europe/Samara 3:20:20 - LMT 1919 Jul 1 0u
 3 - +03 1930 Jun 21
 4 - +04 1935 Ja 27
-4 M +04/+05 1989 Mar 26 2s
-3 M +03/+04 1991 Mar 31 2s
-2 M +02/+03 1991 S 29 2s
+4 R +04/+05 1989 Mar 26 2s
+3 R +03/+04 1991 Mar 31 2s
+2 R +02/+03 1991 S 29 2s
 3 - +03 1991 O 20 3
-4 M +04/+05 2010 Mar 28 2s
-3 M +03/+04 2011 Mar 27 2s
+4 R +04/+05 2010 Mar 28 2s
+3 R +03/+04 2011 Mar 27 2s
 4 - +04
 Z Europe/Ulyanovsk 3:13:36 - LMT 1919 Jul 1 0u
 3 - +03 1930 Jun 21
-4 M +04/+05 1989 Mar 26 2s
-3 M +03/+04 1991 Mar 31 2s
-2 M +02/+03 1992 Ja 19 2s
-3 M +03/+04 2011 Mar 27 2s
+4 R +04/+05 1989 Mar 26 2s
+3 R +03/+04 1991 Mar 31 2s
+2 R +02/+03 1992 Ja 19 2s
+3 R +03/+04 2011 Mar 27 2s
 4 - +04 2014 O 26 2s
 3 - +03 2016 Mar 27 2s
 4 - +04
 Z Asia/Yekaterinburg 4:2:33 - LMT 1916 Jul 3
 3:45:5 - PMT 1919 Jul 15 4
 4 - +04 1930 Jun 21
-5 M +05/+06 1991 Mar 31 2s
-4 M +04/+05 1992 Ja 19 2s
-5 M +05/+06 2011 Mar 27 2s
+5 R +05/+06 1991 Mar 31 2s
+4 R +04/+05 1992 Ja 19 2s
+5 R +05/+06 2011 Mar 27 2s
 6 - +06 2014 O 26 2s
 5 - +05
 Z Asia/Omsk 4:53:30 - LMT 1919 N 14
 5 - +05 1930 Jun 21
-6 M +06/+07 1991 Mar 31 2s
-5 M +05/+06 1992 Ja 19 2s
-6 M +06/+07 2011 Mar 27 2s
+6 R +06/+07 1991 Mar 31 2s
+5 R +05/+06 1992 Ja 19 2s
+6 R +06/+07 2011 Mar 27 2s
 7 - +07 2014 O 26 2s
 6 - +06
 Z Asia/Barnaul 5:35 - LMT 1919 D 10
 6 - +06 1930 Jun 21
-7 M +07/+08 1991 Mar 31 2s
-6 M +06/+07 1992 Ja 19 2s
-7 M +07/+08 1995 May 28
-6 M +06/+07 2011 Mar 27 2s
+7 R +07/+08 1991 Mar 31 2s
+6 R +06/+07 1992 Ja 19 2s
+7 R +07/+08 1995 May 28
+6 R +06/+07 2011 Mar 27 2s
 7 - +07 2014 O 26 2s
 6 - +06 2016 Mar 27 2s
 7 - +07
 Z Asia/Novosibirsk 5:31:40 - LMT 1919 D 14 6
 6 - +06 1930 Jun 21
-7 M +07/+08 1991 Mar 31 2s
-6 M +06/+07 1992 Ja 19 2s
-7 M +07/+08 1993 May 23
-6 M +06/+07 2011 Mar 27 2s
+7 R +07/+08 1991 Mar 31 2s
+6 R +06/+07 1992 Ja 19 2s
+7 R +07/+08 1993 May 23
+6 R +06/+07 2011 Mar 27 2s
 7 - +07 2014 O 26 2s
 6 - +06 2016 Jul 24 2s
 7 - +07
 Z Asia/Tomsk 5:39:51 - LMT 1919 D 22
 6 - +06 1930 Jun 21
-7 M +07/+08 1991 Mar 31 2s
-6 M +06/+07 1992 Ja 19 2s
-7 M +07/+08 2002 May 1 3
-6 M +06/+07 2011 Mar 27 2s
+7 R +07/+08 1991 Mar 31 2s
+6 R +06/+07 1992 Ja 19 2s
+7 R +07/+08 2002 May 1 3
+6 R +06/+07 2011 Mar 27 2s
 7 - +07 2014 O 26 2s
 6 - +06 2016 May 29 2s
 7 - +07
 Z Asia/Novokuznetsk 5:48:48 - LMT 1924 May
 6 - +06 1930 Jun 21
-7 M +07/+08 1991 Mar 31 2s
-6 M +06/+07 1992 Ja 19 2s
-7 M +07/+08 2010 Mar 28 2s
-6 M +06/+07 2011 Mar 27 2s
+7 R +07/+08 1991 Mar 31 2s
+6 R +06/+07 1992 Ja 19 2s
+7 R +07/+08 2010 Mar 28 2s
+6 R +06/+07 2011 Mar 27 2s
 7 - +07
 Z Asia/Krasnoyarsk 6:11:26 - LMT 1920 Ja 6
 6 - +06 1930 Jun 21
-7 M +07/+08 1991 Mar 31 2s
-6 M +06/+07 1992 Ja 19 2s
-7 M +07/+08 2011 Mar 27 2s
+7 R +07/+08 1991 Mar 31 2s
+6 R +06/+07 1992 Ja 19 2s
+7 R +07/+08 2011 Mar 27 2s
 8 - +08 2014 O 26 2s
 7 - +07
 Z Asia/Irkutsk 6:57:5 - LMT 1880
 6:57:5 - IMT 1920 Ja 25
 7 - +07 1930 Jun 21
-8 M +08/+09 1991 Mar 31 2s
-7 M +07/+08 1992 Ja 19 2s
-8 M +08/+09 2011 Mar 27 2s
+8 R +08/+09 1991 Mar 31 2s
+7 R +07/+08 1992 Ja 19 2s
+8 R +08/+09 2011 Mar 27 2s
 9 - +09 2014 O 26 2s
 8 - +08
 Z Asia/Chita 7:33:52 - LMT 1919 D 15
 8 - +08 1930 Jun 21
-9 M +09/+10 1991 Mar 31 2s
-8 M +08/+09 1992 Ja 19 2s
-9 M +09/+10 2011 Mar 27 2s
+9 R +09/+10 1991 Mar 31 2s
+8 R +08/+09 1992 Ja 19 2s
+9 R +09/+10 2011 Mar 27 2s
 10 - +10 2014 O 26 2s
 8 - +08 2016 Mar 27 2
 9 - +09
 Z Asia/Yakutsk 8:38:58 - LMT 1919 D 15
 8 - +08 1930 Jun 21
-9 M +09/+10 1991 Mar 31 2s
-8 M +08/+09 1992 Ja 19 2s
-9 M +09/+10 2011 Mar 27 2s
+9 R +09/+10 1991 Mar 31 2s
+8 R +08/+09 1992 Ja 19 2s
+9 R +09/+10 2011 Mar 27 2s
 10 - +10 2014 O 26 2s
 9 - +09
 Z Asia/Vladivostok 8:47:31 - LMT 1922 N 15
 9 - +09 1930 Jun 21
-10 M +10/+11 1991 Mar 31 2s
-9 M +09/+10 1992 Ja 19 2s
-10 M +10/+11 2011 Mar 27 2s
+10 R +10/+11 1991 Mar 31 2s
+9 R +09/+10 1992 Ja 19 2s
+10 R +10/+11 2011 Mar 27 2s
 11 - +11 2014 O 26 2s
 10 - +10
 Z Asia/Khandyga 9:2:13 - LMT 1919 D 15
 8 - +08 1930 Jun 21
-9 M +09/+10 1991 Mar 31 2s
-8 M +08/+09 1992 Ja 19 2s
-9 M +09/+10 2004
-10 M +10/+11 2011 Mar 27 2s
+9 R +09/+10 1991 Mar 31 2s
+8 R +08/+09 1992 Ja 19 2s
+9 R +09/+10 2004
+10 R +10/+11 2011 Mar 27 2s
 11 - +11 2011 S 13 0s
 10 - +10 2014 O 26 2s
 9 - +09
 Z Asia/Sakhalin 9:30:48 - LMT 1905 Au 23
 9 - +09 1945 Au 25
-11 M +11/+12 1991 Mar 31 2s
-10 M +10/+11 1992 Ja 19 2s
-11 M +11/+12 1997 Mar lastSun 2s
-10 M +10/+11 2011 Mar 27 2s
+11 R +11/+12 1991 Mar 31 2s
+10 R +10/+11 1992 Ja 19 2s
+11 R +11/+12 1997 Mar lastSun 2s
+10 R +10/+11 2011 Mar 27 2s
 11 - +11 2014 O 26 2s
 10 - +10 2016 Mar 27 2s
 11 - +11
 Z Asia/Magadan 10:3:12 - LMT 1924 May 2
 10 - +10 1930 Jun 21
-11 M +11/+12 1991 Mar 31 2s
-10 M +10/+11 1992 Ja 19 2s
-11 M +11/+12 2011 Mar 27 2s
+11 R +11/+12 1991 Mar 31 2s
+10 R +10/+11 1992 Ja 19 2s
+11 R +11/+12 2011 Mar 27 2s
 12 - +12 2014 O 26 2s
 10 - +10 2016 Ap 24 2s
 11 - +11
 Z Asia/Srednekolymsk 10:14:52 - LMT 1924 May 2
 10 - +10 1930 Jun 21
-11 M +11/+12 1991 Mar 31 2s
-10 M +10/+11 1992 Ja 19 2s
-11 M +11/+12 2011 Mar 27 2s
+11 R +11/+12 1991 Mar 31 2s
+10 R +10/+11 1992 Ja 19 2s
+11 R +11/+12 2011 Mar 27 2s
 12 - +12 2014 O 26 2s
 11 - +11
 Z Asia/Ust-Nera 9:32:54 - LMT 1919 D 15
 8 - +08 1930 Jun 21
-9 M +09/+10 1981 Ap
-11 M +11/+12 1991 Mar 31 2s
-10 M +10/+11 1992 Ja 19 2s
-11 M +11/+12 2011 Mar 27 2s
+9 R +09/+10 1981 Ap
+11 R +11/+12 1991 Mar 31 2s
+10 R +10/+11 1992 Ja 19 2s
+11 R +11/+12 2011 Mar 27 2s
 12 - +12 2011 S 13 0s
 11 - +11 2014 O 26 2s
 10 - +10
 Z Asia/Kamchatka 10:34:36 - LMT 1922 N 10
 11 - +11 1930 Jun 21
-12 M +12/+13 1991 Mar 31 2s
-11 M +11/+12 1992 Ja 19 2s
-12 M +12/+13 2010 Mar 28 2s
-11 M +11/+12 2011 Mar 27 2s
+12 R +12/+13 1991 Mar 31 2s
+11 R +11/+12 1992 Ja 19 2s
+12 R +12/+13 2010 Mar 28 2s
+11 R +11/+12 2011 Mar 27 2s
 12 - +12
 Z Asia/Anadyr 11:49:56 - LMT 1924 May 2
 12 - +12 1930 Jun 21
-13 M +13/+14 1982 Ap 1 0s
-12 M +12/+13 1991 Mar 31 2s
-11 M +11/+12 1992 Ja 19 2s
-12 M +12/+13 2010 Mar 28 2s
-11 M +11/+12 2011 Mar 27 2s
+13 R +13/+14 1982 Ap 1 0s
+12 R +12/+13 1991 Mar 31 2s
+11 R +11/+12 1992 Ja 19 2s
+12 R +12/+13 2010 Mar 28 2s
+11 R +11/+12 2011 Mar 27 2s
 12 - +12
 Z Europe/Belgrade 1:22 - LMT 1884
 1 - CET 1941 Ap 18 23
-1 ' CE%sT 1945
+1 c CE%sT 1945
 1 - CET 1945 May 8 2s
 1 1 CEST 1945 S 16 2s
 1 - CET 1982 N 27
-1 O CE%sT
+1 E CE%sT
 Li Europe/Belgrade Europe/Ljubljana
 Li Europe/Belgrade Europe/Podgorica
 Li Europe/Belgrade Europe/Sarajevo
 Li Europe/Belgrade Europe/Skopje
 Li Europe/Belgrade Europe/Zagreb
 Li Europe/Prague Europe/Bratislava
-R AA 1918 o - Ap 15 23 1 S
-R AA 1918 1919 - O 6 24s 0 -
-R AA 1919 o - Ap 6 23 1 S
-R AA 1924 o - Ap 16 23 1 S
-R AA 1924 o - O 4 24s 0 -
-R AA 1926 o - Ap 17 23 1 S
-R AA 1926 1929 - O Sat>=1 24s 0 -
-R AA 1927 o - Ap 9 23 1 S
-R AA 1928 o - Ap 15 0 1 S
-R AA 1929 o - Ap 20 23 1 S
-R AA 1937 o - Jun 16 23 1 S
-R AA 1937 o - O 2 24s 0 -
-R AA 1938 o - Ap 2 23 1 S
-R AA 1938 o - Ap 30 23 2 M
-R AA 1938 o - O 2 24 1 S
-R AA 1939 o - O 7 24s 0 -
-R AA 1942 o - May 2 23 1 S
-R AA 1942 o - S 1 1 0 -
-R AA 1943 1946 - Ap Sat>=13 23 1 S
-R AA 1943 1944 - O Sun>=1 1 0 -
-R AA 1945 1946 - S lastSun 1 0 -
-R AA 1949 o - Ap 30 23 1 S
-R AA 1949 o - O 2 1 0 -
-R AA 1974 1975 - Ap Sat>=12 23 1 S
-R AA 1974 1975 - O Sun>=1 1 0 -
-R AA 1976 o - Mar 27 23 1 S
-R AA 1976 1977 - S lastSun 1 0 -
-R AA 1977 o - Ap 2 23 1 S
-R AA 1978 o - Ap 2 2s 1 S
-R AA 1978 o - O 1 2s 0 -
-R AB 1967 o - Jun 3 12 1 S
-R AB 1967 o - O 1 0 0 -
-R AB 1974 o - Jun 24 0 1 S
-R AB 1974 o - S 1 0 0 -
-R AB 1976 1977 - May 1 0 1 S
-R AB 1976 o - Au 1 0 0 -
-R AB 1977 o - S 28 0 0 -
-R AB 1978 o - Jun 1 0 1 S
-R AB 1978 o - Au 4 0 0 -
+R s 1918 o - Ap 15 23 1 S
+R s 1918 1919 - O 6 24s 0 -
+R s 1919 o - Ap 6 23 1 S
+R s 1924 o - Ap 16 23 1 S
+R s 1924 o - O 4 24s 0 -
+R s 1926 o - Ap 17 23 1 S
+R s 1926 1929 - O Sat>=1 24s 0 -
+R s 1927 o - Ap 9 23 1 S
+R s 1928 o - Ap 15 0 1 S
+R s 1929 o - Ap 20 23 1 S
+R s 1937 o - Jun 16 23 1 S
+R s 1937 o - O 2 24s 0 -
+R s 1938 o - Ap 2 23 1 S
+R s 1938 o - Ap 30 23 2 M
+R s 1938 o - O 2 24 1 S
+R s 1939 o - O 7 24s 0 -
+R s 1942 o - May 2 23 1 S
+R s 1942 o - S 1 1 0 -
+R s 1943 1946 - Ap Sat>=13 23 1 S
+R s 1943 1944 - O Sun>=1 1 0 -
+R s 1945 1946 - S lastSun 1 0 -
+R s 1949 o - Ap 30 23 1 S
+R s 1949 o - O 2 1 0 -
+R s 1974 1975 - Ap Sat>=12 23 1 S
+R s 1974 1975 - O Sun>=1 1 0 -
+R s 1976 o - Mar 27 23 1 S
+R s 1976 1977 - S lastSun 1 0 -
+R s 1977 o - Ap 2 23 1 S
+R s 1978 o - Ap 2 2s 1 S
+R s 1978 o - O 1 2s 0 -
+R Sp 1967 o - Jun 3 12 1 S
+R Sp 1967 o - O 1 0 0 -
+R Sp 1974 o - Jun 24 0 1 S
+R Sp 1974 o - S 1 0 0 -
+R Sp 1976 1977 - May 1 0 1 S
+R Sp 1976 o - Au 1 0 0 -
+R Sp 1977 o - S 28 0 0 -
+R Sp 1978 o - Jun 1 0 1 S
+R Sp 1978 o - Au 4 0 0 -
 Z Europe/Madrid -0:14:44 - LMT 1900 D 31 23:45:16
-0 AA WE%sT 1940 Mar 16 23
-1 AA CE%sT 1979
-1 O CE%sT
+0 s WE%sT 1940 Mar 16 23
+1 s CE%sT 1979
+1 E CE%sT
 Z Africa/Ceuta -0:21:16 - LMT 1900 D 31 23:38:44
 0 - WET 1918 May 6 23
 0 1 WEST 1918 O 7 23
 0 - WET 1924
-0 AA WE%sT 1929
-0 AB WE%sT 1984 Mar 16
+0 s WE%sT 1929
+0 - WET 1967
+0 Sp WE%sT 1984 Mar 16
 1 - CET 1986
-1 O CE%sT
+1 E CE%sT
 Z Atlantic/Canary -1:1:36 - LMT 1922 Mar
 -1 - -01 1946 S 30 1
 0 - WET 1980 Ap 6 0s
 0 1 WEST 1980 S 28 1u
-0 O WE%sT
+0 E WE%sT
 Z Europe/Stockholm 1:12:12 - LMT 1879
 1:0:14 - SET 1900
 1 - CET 1916 May 14 23
 1 1 CEST 1916 O 1 1
 1 - CET 1980
-1 O CE%sT
-R AC 1941 1942 - May M>=1 1 1 S
-R AC 1941 1942 - O M>=1 2 0 -
+1 E CE%sT
+R CH 1941 1942 - May M>=1 1 1 S
+R CH 1941 1942 - O M>=1 2 0 -
 Z Europe/Zurich 0:34:8 - LMT 1853 Jul 16
 0:29:46 - BMT 1894 Jun
-1 AC CE%sT 1981
-1 O CE%sT
-R AD 1916 o - May 1 0 1 S
-R AD 1916 o - O 1 0 0 -
-R AD 1920 o - Mar 28 0 1 S
-R AD 1920 o - O 25 0 0 -
-R AD 1921 o - Ap 3 0 1 S
-R AD 1921 o - O 3 0 0 -
-R AD 1922 o - Mar 26 0 1 S
-R AD 1922 o - O 8 0 0 -
-R AD 1924 o - May 13 0 1 S
-R AD 1924 1925 - O 1 0 0 -
-R AD 1925 o - May 1 0 1 S
-R AD 1940 o - Jun 30 0 1 S
-R AD 1940 o - O 5 0 0 -
-R AD 1940 o - D 1 0 1 S
-R AD 1941 o - S 21 0 0 -
-R AD 1942 o - Ap 1 0 1 S
-R AD 1942 o - N 1 0 0 -
-R AD 1945 o - Ap 2 0 1 S
-R AD 1945 o - O 8 0 0 -
-R AD 1946 o - Jun 1 0 1 S
-R AD 1946 o - O 1 0 0 -
-R AD 1947 1948 - Ap Sun>=16 0 1 S
-R AD 1947 1950 - O Sun>=2 0 0 -
-R AD 1949 o - Ap 10 0 1 S
-R AD 1950 o - Ap 19 0 1 S
-R AD 1951 o - Ap 22 0 1 S
-R AD 1951 o - O 8 0 0 -
-R AD 1962 o - Jul 15 0 1 S
-R AD 1962 o - O 8 0 0 -
-R AD 1964 o - May 15 0 1 S
-R AD 1964 o - O 1 0 0 -
-R AD 1970 1972 - May Sun>=2 0 1 S
-R AD 1970 1972 - O Sun>=2 0 0 -
-R AD 1973 o - Jun 3 1 1 S
-R AD 1973 o - N 4 3 0 -
-R AD 1974 o - Mar 31 2 1 S
-R AD 1974 o - N 3 5 0 -
-R AD 1975 o - Mar 30 0 1 S
-R AD 1975 1976 - O lastSun 0 0 -
-R AD 1976 o - Jun 1 0 1 S
-R AD 1977 1978 - Ap Sun>=1 0 1 S
-R AD 1977 o - O 16 0 0 -
-R AD 1979 1980 - Ap Sun>=1 3 1 S
-R AD 1979 1982 - O M>=11 0 0 -
-R AD 1981 1982 - Mar lastSun 3 1 S
-R AD 1983 o - Jul 31 0 1 S
-R AD 1983 o - O 2 0 0 -
-R AD 1985 o - Ap 20 0 1 S
-R AD 1985 o - S 28 0 0 -
-R AD 1986 1993 - Mar lastSun 1s 1 S
-R AD 1986 1995 - S lastSun 1s 0 -
-R AD 1994 o - Mar 20 1s 1 S
-R AD 1995 2006 - Mar lastSun 1s 1 S
-R AD 1996 2006 - O lastSun 1s 0 -
+1 CH CE%sT 1981
+1 E CE%sT
+R T 1916 o - May 1 0 1 S
+R T 1916 o - O 1 0 0 -
+R T 1920 o - Mar 28 0 1 S
+R T 1920 o - O 25 0 0 -
+R T 1921 o - Ap 3 0 1 S
+R T 1921 o - O 3 0 0 -
+R T 1922 o - Mar 26 0 1 S
+R T 1922 o - O 8 0 0 -
+R T 1924 o - May 13 0 1 S
+R T 1924 1925 - O 1 0 0 -
+R T 1925 o - May 1 0 1 S
+R T 1940 o - Jun 30 0 1 S
+R T 1940 o - O 5 0 0 -
+R T 1940 o - D 1 0 1 S
+R T 1941 o - S 21 0 0 -
+R T 1942 o - Ap 1 0 1 S
+R T 1942 o - N 1 0 0 -
+R T 1945 o - Ap 2 0 1 S
+R T 1945 o - O 8 0 0 -
+R T 1946 o - Jun 1 0 1 S
+R T 1946 o - O 1 0 0 -
+R T 1947 1948 - Ap Sun>=16 0 1 S
+R T 1947 1950 - O Sun>=2 0 0 -
+R T 1949 o - Ap 10 0 1 S
+R T 1950 o - Ap 19 0 1 S
+R T 1951 o - Ap 22 0 1 S
+R T 1951 o - O 8 0 0 -
+R T 1962 o - Jul 15 0 1 S
+R T 1962 o - O 8 0 0 -
+R T 1964 o - May 15 0 1 S
+R T 1964 o - O 1 0 0 -
+R T 1970 1972 - May Sun>=2 0 1 S
+R T 1970 1972 - O Sun>=2 0 0 -
+R T 1973 o - Jun 3 1 1 S
+R T 1973 o - N 4 3 0 -
+R T 1974 o - Mar 31 2 1 S
+R T 1974 o - N 3 5 0 -
+R T 1975 o - Mar 30 0 1 S
+R T 1975 1976 - O lastSun 0 0 -
+R T 1976 o - Jun 1 0 1 S
+R T 1977 1978 - Ap Sun>=1 0 1 S
+R T 1977 o - O 16 0 0 -
+R T 1979 1980 - Ap Sun>=1 3 1 S
+R T 1979 1982 - O M>=11 0 0 -
+R T 1981 1982 - Mar lastSun 3 1 S
+R T 1983 o - Jul 31 0 1 S
+R T 1983 o - O 2 0 0 -
+R T 1985 o - Ap 20 0 1 S
+R T 1985 o - S 28 0 0 -
+R T 1986 1993 - Mar lastSun 1s 1 S
+R T 1986 1995 - S lastSun 1s 0 -
+R T 1994 o - Mar 20 1s 1 S
+R T 1995 2006 - Mar lastSun 1s 1 S
+R T 1996 2006 - O lastSun 1s 0 -
 Z Europe/Istanbul 1:55:52 - LMT 1880
 1:56:56 - IMT 1910 O
-2 AD EE%sT 1978 O 15
-3 AD +03/+04 1985 Ap 20
-2 AD EE%sT 2007
-2 O EE%sT 2011 Mar 27 1u
+2 T EE%sT 1978 O 15
+3 T +03/+04 1985 Ap 20
+2 T EE%sT 2007
+2 E EE%sT 2011 Mar 27 1u
 2 - EET 2011 Mar 28 1u
-2 O EE%sT 2014 Mar 30 1u
+2 E EE%sT 2014 Mar 30 1u
 2 - EET 2014 Mar 31 1u
-2 O EE%sT 2015 O 25 1u
+2 E EE%sT 2015 O 25 1u
 2 1 EEST 2015 N 8 1u
-2 O EE%sT 2016 S 7
+2 E EE%sT 2016 S 7
 3 - +03
 Li Europe/Istanbul Asia/Istanbul
 Z Europe/Kiev 2:2:4 - LMT 1880
 2:2:4 - KMT 1924 May 2
 2 - EET 1930 Jun 21
 3 - MSK 1941 S 20
-1 ' CE%sT 1943 N 6
-3 M MSK/MSD 1990 Jul 1 2
+1 c CE%sT 1943 N 6
+3 R MSK/MSD 1990 Jul 1 2
 2 1 EEST 1991 S 29 3
-2 W EE%sT 1995
-2 O EE%sT
+2 e EE%sT 1995
+2 E EE%sT
 Z Europe/Uzhgorod 1:29:12 - LMT 1890 O
 1 - CET 1940
-1 ' CE%sT 1944 O
+1 c CE%sT 1944 O
 1 1 CEST 1944 O 26
 1 - CET 1945 Jun 29
-3 M MSK/MSD 1990
+3 R MSK/MSD 1990
 3 - MSK 1990 Jul 1 2
 1 - CET 1991 Mar 31 3
 2 - EET 1992
-2 W EE%sT 1995
-2 O EE%sT
+2 e EE%sT 1995
+2 E EE%sT
 Z Europe/Zaporozhye 2:20:40 - LMT 1880
 2:20 - +0220 1924 May 2
 2 - EET 1930 Jun 21
 3 - MSK 1941 Au 25
-1 ' CE%sT 1943 O 25
-3 M MSK/MSD 1991 Mar 31 2
-2 W EE%sT 1995
-2 O EE%sT
-R AE 1918 1919 - Mar lastSun 2 1 D
-R AE 1918 1919 - O lastSun 2 0 S
-R AE 1942 o - F 9 2 1 W
-R AE 1945 o - Au 14 23u 1 P
-R AE 1945 o - S lastSun 2 0 S
-R AE 1967 2006 - O lastSun 2 0 S
-R AE 1967 1973 - Ap lastSun 2 1 D
-R AE 1974 o - Ja 6 2 1 D
-R AE 1975 o - F 23 2 1 D
-R AE 1976 1986 - Ap lastSun 2 1 D
-R AE 1987 2006 - Ap Sun>=1 2 1 D
-R AE 2007 ma - Mar Sun>=8 2 1 D
-R AE 2007 ma - N Sun>=1 2 0 S
+1 c CE%sT 1943 O 25
+3 R MSK/MSD 1991 Mar 31 2
+2 e EE%sT 1995
+2 E EE%sT
+R u 1918 1919 - Mar lastSun 2 1 D
+R u 1918 1919 - O lastSun 2 0 S
+R u 1942 o - F 9 2 1 W
+R u 1945 o - Au 14 23u 1 P
+R u 1945 o - S lastSun 2 0 S
+R u 1967 2006 - O lastSun 2 0 S
+R u 1967 1973 - Ap lastSun 2 1 D
+R u 1974 o - Ja 6 2 1 D
+R u 1975 o - F 23 2 1 D
+R u 1976 1986 - Ap lastSun 2 1 D
+R u 1987 2006 - Ap Sun>=1 2 1 D
+R u 2007 ma - Mar Sun>=8 2 1 D
+R u 2007 ma - N Sun>=1 2 0 S
 Z EST -5 - EST
 Z MST -7 - MST
 Z HST -10 - HST
-Z EST5EDT -5 AE E%sT
-Z CST6CDT -6 AE C%sT
-Z MST7MDT -7 AE M%sT
-Z PST8PDT -8 AE P%sT
-R AF 1920 o - Mar lastSun 2 1 D
-R AF 1920 o - O lastSun 2 0 S
-R AF 1921 1966 - Ap lastSun 2 1 D
-R AF 1921 1954 - S lastSun 2 0 S
-R AF 1955 1966 - O lastSun 2 0 S
+Z EST5EDT -5 u E%sT
+Z CST6CDT -6 u C%sT
+Z MST7MDT -7 u M%sT
+Z PST8PDT -8 u P%sT
+R NY 1920 o - Mar lastSun 2 1 D
+R NY 1920 o - O lastSun 2 0 S
+R NY 1921 1966 - Ap lastSun 2 1 D
+R NY 1921 1954 - S lastSun 2 0 S
+R NY 1955 1966 - O lastSun 2 0 S
 Z America/New_York -4:56:2 - LMT 1883 N 18 12:3:58
--5 AE E%sT 1920
--5 AF E%sT 1942
--5 AE E%sT 1946
--5 AF E%sT 1967
--5 AE E%sT
-R AG 1920 o - Jun 13 2 1 D
-R AG 1920 1921 - O lastSun 2 0 S
-R AG 1921 o - Mar lastSun 2 1 D
-R AG 1922 1966 - Ap lastSun 2 1 D
-R AG 1922 1954 - S lastSun 2 0 S
-R AG 1955 1966 - O lastSun 2 0 S
+-5 u E%sT 1920
+-5 NY E%sT 1942
+-5 u E%sT 1946
+-5 NY E%sT 1967
+-5 u E%sT
+R Ch 1920 o - Jun 13 2 1 D
+R Ch 1920 1921 - O lastSun 2 0 S
+R Ch 1921 o - Mar lastSun 2 1 D
+R Ch 1922 1966 - Ap lastSun 2 1 D
+R Ch 1922 1954 - S lastSun 2 0 S
+R Ch 1955 1966 - O lastSun 2 0 S
 Z America/Chicago -5:50:36 - LMT 1883 N 18 12:9:24
--6 AE C%sT 1920
--6 AG C%sT 1936 Mar 1 2
+-6 u C%sT 1920
+-6 Ch C%sT 1936 Mar 1 2
 -5 - EST 1936 N 15 2
--6 AG C%sT 1942
--6 AE C%sT 1946
--6 AG C%sT 1967
--6 AE C%sT
+-6 Ch C%sT 1942
+-6 u C%sT 1946
+-6 Ch C%sT 1967
+-6 u C%sT
 Z America/North_Dakota/Center -6:45:12 - LMT 1883 N 18 12:14:48
--7 AE M%sT 1992 O 25 2
--6 AE C%sT
+-7 u M%sT 1992 O 25 2
+-6 u C%sT
 Z America/North_Dakota/New_Salem -6:45:39 - LMT 1883 N 18 12:14:21
--7 AE M%sT 2003 O 26 2
--6 AE C%sT
+-7 u M%sT 2003 O 26 2
+-6 u C%sT
 Z America/North_Dakota/Beulah -6:47:7 - LMT 1883 N 18 12:12:53
--7 AE M%sT 2010 N 7 2
--6 AE C%sT
-R AH 1920 1921 - Mar lastSun 2 1 D
-R AH 1920 o - O lastSun 2 0 S
-R AH 1921 o - May 22 2 0 S
-R AH 1965 1966 - Ap lastSun 2 1 D
-R AH 1965 1966 - O lastSun 2 0 S
+-7 u M%sT 2010 N 7 2
+-6 u C%sT
+R De 1920 1921 - Mar lastSun 2 1 D
+R De 1920 o - O lastSun 2 0 S
+R De 1921 o - May 22 2 0 S
+R De 1965 1966 - Ap lastSun 2 1 D
+R De 1965 1966 - O lastSun 2 0 S
 Z America/Denver -6:59:56 - LMT 1883 N 18 12:0:4
--7 AE M%sT 1920
--7 AH M%sT 1942
--7 AE M%sT 1946
--7 AH M%sT 1967
--7 AE M%sT
-R AI 1948 o - Mar 14 2:1 1 D
-R AI 1949 o - Ja 1 2 0 S
-R AI 1950 1966 - Ap lastSun 1 1 D
-R AI 1950 1961 - S lastSun 2 0 S
-R AI 1962 1966 - O lastSun 2 0 S
+-7 u M%sT 1920
+-7 De M%sT 1942
+-7 u M%sT 1946
+-7 De M%sT 1967
+-7 u M%sT
+R CA 1948 o - Mar 14 2:1 1 D
+R CA 1949 o - Ja 1 2 0 S
+R CA 1950 1966 - Ap lastSun 1 1 D
+R CA 1950 1961 - S lastSun 2 0 S
+R CA 1962 1966 - O lastSun 2 0 S
 Z America/Los_Angeles -7:52:58 - LMT 1883 N 18 12:7:2
--8 AE P%sT 1946
--8 AI P%sT 1967
--8 AE P%sT
+-8 u P%sT 1946
+-8 CA P%sT 1967
+-8 u P%sT
 Z America/Juneau 15:2:19 - LMT 1867 O 19 15:33:32
 -8:57:41 - LMT 1900 Au 20 12
 -8 - PST 1942
--8 AE P%sT 1946
+-8 u P%sT 1946
 -8 - PST 1969
--8 AE P%sT 1980 Ap 27 2
--9 AE Y%sT 1980 O 26 2
--8 AE P%sT 1983 O 30 2
--9 AE Y%sT 1983 N 30
--9 AE AK%sT
+-8 u P%sT 1980 Ap 27 2
+-9 u Y%sT 1980 O 26 2
+-8 u P%sT 1983 O 30 2
+-9 u Y%sT 1983 N 30
+-9 u AK%sT
 Z America/Sitka 14:58:47 - LMT 1867 O 19 15:30
 -9:1:13 - LMT 1900 Au 20 12
 -8 - PST 1942
--8 AE P%sT 1946
+-8 u P%sT 1946
 -8 - PST 1969
--8 AE P%sT 1983 O 30 2
--9 AE Y%sT 1983 N 30
--9 AE AK%sT
+-8 u P%sT 1983 O 30 2
+-9 u Y%sT 1983 N 30
+-9 u AK%sT
 Z America/Metlakatla 15:13:42 - LMT 1867 O 19 15:44:55
 -8:46:18 - LMT 1900 Au 20 12
 -8 - PST 1942
--8 AE P%sT 1946
+-8 u P%sT 1946
 -8 - PST 1969
--8 AE P%sT 1983 O 30 2
+-8 u P%sT 1983 O 30 2
 -8 - PST 2015 N 1 2
--9 AE AK%sT
+-9 u AK%sT 2018 N 4 2
+-8 - PST 2019 Ja 20 2
+-9 u AK%sT
 Z America/Yakutat 14:41:5 - LMT 1867 O 19 15:12:18
 -9:18:55 - LMT 1900 Au 20 12
 -9 - YST 1942
--9 AE Y%sT 1946
+-9 u Y%sT 1946
 -9 - YST 1969
--9 AE Y%sT 1983 N 30
--9 AE AK%sT
+-9 u Y%sT 1983 N 30
+-9 u AK%sT
 Z America/Anchorage 14:0:24 - LMT 1867 O 19 14:31:37
 -9:59:36 - LMT 1900 Au 20 12
 -10 - AST 1942
--10 AE A%sT 1967 Ap
+-10 u A%sT 1967 Ap
 -10 - AHST 1969
--10 AE AH%sT 1983 O 30 2
--9 AE Y%sT 1983 N 30
--9 AE AK%sT
+-10 u AH%sT 1983 O 30 2
+-9 u Y%sT 1983 N 30
+-9 u AK%sT
 Z America/Nome 12:58:22 - LMT 1867 O 19 13:29:35
 -11:1:38 - LMT 1900 Au 20 12
 -11 - NST 1942
--11 AE N%sT 1946
+-11 u N%sT 1946
 -11 - NST 1967 Ap
 -11 - BST 1969
--11 AE B%sT 1983 O 30 2
--9 AE Y%sT 1983 N 30
--9 AE AK%sT
+-11 u B%sT 1983 O 30 2
+-9 u Y%sT 1983 N 30
+-9 u AK%sT
 Z America/Adak 12:13:22 - LMT 1867 O 19 12:44:35
 -11:46:38 - LMT 1900 Au 20 12
 -11 - NST 1942
--11 AE N%sT 1946
+-11 u N%sT 1946
 -11 - NST 1967 Ap
 -11 - BST 1969
--11 AE B%sT 1983 O 30 2
--10 AE AH%sT 1983 N 30
--10 AE H%sT
+-11 u B%sT 1983 O 30 2
+-10 u AH%sT 1983 N 30
+-10 u H%sT
 Z Pacific/Honolulu -10:31:26 - LMT 1896 Ja 13 12
 -10:30 - HST 1933 Ap 30 2
 -10:30 1 HDT 1933 May 21 12
--10:30 - HST 1942 F 9 2
--10:30 1 HDT 1945 S 30 2
--10:30 - HST 1947 Jun 8 2
+-10:30 u H%sT 1947 Jun 8 2
 -10 - HST
 Z America/Phoenix -7:28:18 - LMT 1883 N 18 11:31:42
--7 AE M%sT 1944 Ja 1 0:1
+-7 u M%sT 1944 Ja 1 0:1
 -7 - MST 1944 Ap 1 0:1
--7 AE M%sT 1944 O 1 0:1
+-7 u M%sT 1944 O 1 0:1
 -7 - MST 1967
--7 AE M%sT 1968 Mar 21
+-7 u M%sT 1968 Mar 21
 -7 - MST
 Z America/Boise -7:44:49 - LMT 1883 N 18 12:15:11
--8 AE P%sT 1923 May 13 2
--7 AE M%sT 1974
+-8 u P%sT 1923 May 13 2
+-7 u M%sT 1974
 -7 - MST 1974 F 3 2
--7 AE M%sT
-R AJ 1941 o - Jun 22 2 1 D
-R AJ 1941 1954 - S lastSun 2 0 S
-R AJ 1946 1954 - Ap lastSun 2 1 D
+-7 u M%sT
+R In 1941 o - Jun 22 2 1 D
+R In 1941 1954 - S lastSun 2 0 S
+R In 1946 1954 - Ap lastSun 2 1 D
 Z America/Indiana/Indianapolis -5:44:38 - LMT 1883 N 18 12:15:22
--6 AE C%sT 1920
--6 AJ C%sT 1942
--6 AE C%sT 1946
--6 AJ C%sT 1955 Ap 24 2
+-6 u C%sT 1920
+-6 In C%sT 1942
+-6 u C%sT 1946
+-6 In C%sT 1955 Ap 24 2
 -5 - EST 1957 S 29 2
 -6 - CST 1958 Ap 27 2
 -5 - EST 1969
--5 AE E%sT 1971
+-5 u E%sT 1971
 -5 - EST 2006
--5 AE E%sT
-R AK 1951 o - Ap lastSun 2 1 D
-R AK 1951 o - S lastSun 2 0 S
-R AK 1954 1960 - Ap lastSun 2 1 D
-R AK 1954 1960 - S lastSun 2 0 S
+-5 u E%sT
+R Ma 1951 o - Ap lastSun 2 1 D
+R Ma 1951 o - S lastSun 2 0 S
+R Ma 1954 1960 - Ap lastSun 2 1 D
+R Ma 1954 1960 - S lastSun 2 0 S
 Z America/Indiana/Marengo -5:45:23 - LMT 1883 N 18 12:14:37
--6 AE C%sT 1951
--6 AK C%sT 1961 Ap 30 2
+-6 u C%sT 1951
+-6 Ma C%sT 1961 Ap 30 2
 -5 - EST 1969
--5 AE E%sT 1974 Ja 6 2
+-5 u E%sT 1974 Ja 6 2
 -6 1 CDT 1974 O 27 2
--5 AE E%sT 1976
+-5 u E%sT 1976
 -5 - EST 2006
--5 AE E%sT
-R AL 1946 o - Ap lastSun 2 1 D
-R AL 1946 o - S lastSun 2 0 S
-R AL 1953 1954 - Ap lastSun 2 1 D
-R AL 1953 1959 - S lastSun 2 0 S
-R AL 1955 o - May 1 0 1 D
-R AL 1956 1963 - Ap lastSun 2 1 D
-R AL 1960 o - O lastSun 2 0 S
-R AL 1961 o - S lastSun 2 0 S
-R AL 1962 1963 - O lastSun 2 0 S
+-5 u E%sT
+R V 1946 o - Ap lastSun 2 1 D
+R V 1946 o - S lastSun 2 0 S
+R V 1953 1954 - Ap lastSun 2 1 D
+R V 1953 1959 - S lastSun 2 0 S
+R V 1955 o - May 1 0 1 D
+R V 1956 1963 - Ap lastSun 2 1 D
+R V 1960 o - O lastSun 2 0 S
+R V 1961 o - S lastSun 2 0 S
+R V 1962 1963 - O lastSun 2 0 S
 Z America/Indiana/Vincennes -5:50:7 - LMT 1883 N 18 12:9:53
--6 AE C%sT 1946
--6 AL C%sT 1964 Ap 26 2
+-6 u C%sT 1946
+-6 V C%sT 1964 Ap 26 2
 -5 - EST 1969
--5 AE E%sT 1971
+-5 u E%sT 1971
 -5 - EST 2006 Ap 2 2
--6 AE C%sT 2007 N 4 2
--5 AE E%sT
-R AM 1946 o - Ap lastSun 2 1 D
-R AM 1946 o - S lastSun 2 0 S
-R AM 1953 1954 - Ap lastSun 2 1 D
-R AM 1953 1959 - S lastSun 2 0 S
-R AM 1955 o - May 1 0 1 D
-R AM 1956 1963 - Ap lastSun 2 1 D
-R AM 1960 o - O lastSun 2 0 S
-R AM 1961 o - S lastSun 2 0 S
-R AM 1962 1963 - O lastSun 2 0 S
+-6 u C%sT 2007 N 4 2
+-5 u E%sT
+R Pe 1946 o - Ap lastSun 2 1 D
+R Pe 1946 o - S lastSun 2 0 S
+R Pe 1953 1954 - Ap lastSun 2 1 D
+R Pe 1953 1959 - S lastSun 2 0 S
+R Pe 1955 o - May 1 0 1 D
+R Pe 1956 1963 - Ap lastSun 2 1 D
+R Pe 1960 o - O lastSun 2 0 S
+R Pe 1961 o - S lastSun 2 0 S
+R Pe 1962 1963 - O lastSun 2 0 S
 Z America/Indiana/Tell_City -5:47:3 - LMT 1883 N 18 12:12:57
--6 AE C%sT 1946
--6 AM C%sT 1964 Ap 26 2
+-6 u C%sT 1946
+-6 Pe C%sT 1964 Ap 26 2
 -5 - EST 1969
--5 AE E%sT 1971
+-5 u E%sT 1971
 -5 - EST 2006 Ap 2 2
--6 AE C%sT
-R AN 1955 o - May 1 0 1 D
-R AN 1955 1960 - S lastSun 2 0 S
-R AN 1956 1964 - Ap lastSun 2 1 D
-R AN 1961 1964 - O lastSun 2 0 S
+-6 u C%sT
+R Pi 1955 o - May 1 0 1 D
+R Pi 1955 1960 - S lastSun 2 0 S
+R Pi 1956 1964 - Ap lastSun 2 1 D
+R Pi 1961 1964 - O lastSun 2 0 S
 Z America/Indiana/Petersburg -5:49:7 - LMT 1883 N 18 12:10:53
--6 AE C%sT 1955
--6 AN C%sT 1965 Ap 25 2
+-6 u C%sT 1955
+-6 Pi C%sT 1965 Ap 25 2
 -5 - EST 1966 O 30 2
--6 AE C%sT 1977 O 30 2
+-6 u C%sT 1977 O 30 2
 -5 - EST 2006 Ap 2 2
--6 AE C%sT 2007 N 4 2
--5 AE E%sT
-R AO 1947 1961 - Ap lastSun 2 1 D
-R AO 1947 1954 - S lastSun 2 0 S
-R AO 1955 1956 - O lastSun 2 0 S
-R AO 1957 1958 - S lastSun 2 0 S
-R AO 1959 1961 - O lastSun 2 0 S
+-6 u C%sT 2007 N 4 2
+-5 u E%sT
+R St 1947 1961 - Ap lastSun 2 1 D
+R St 1947 1954 - S lastSun 2 0 S
+R St 1955 1956 - O lastSun 2 0 S
+R St 1957 1958 - S lastSun 2 0 S
+R St 1959 1961 - O lastSun 2 0 S
 Z America/Indiana/Knox -5:46:30 - LMT 1883 N 18 12:13:30
--6 AE C%sT 1947
--6 AO C%sT 1962 Ap 29 2
+-6 u C%sT 1947
+-6 St C%sT 1962 Ap 29 2
 -5 - EST 1963 O 27 2
--6 AE C%sT 1991 O 27 2
+-6 u C%sT 1991 O 27 2
 -5 - EST 2006 Ap 2 2
--6 AE C%sT
-R AP 1946 1960 - Ap lastSun 2 1 D
-R AP 1946 1954 - S lastSun 2 0 S
-R AP 1955 1956 - O lastSun 2 0 S
-R AP 1957 1960 - S lastSun 2 0 S
+-6 u C%sT
+R Pu 1946 1960 - Ap lastSun 2 1 D
+R Pu 1946 1954 - S lastSun 2 0 S
+R Pu 1955 1956 - O lastSun 2 0 S
+R Pu 1957 1960 - S lastSun 2 0 S
 Z America/Indiana/Winamac -5:46:25 - LMT 1883 N 18 12:13:35
--6 AE C%sT 1946
--6 AP C%sT 1961 Ap 30 2
+-6 u C%sT 1946
+-6 Pu C%sT 1961 Ap 30 2
 -5 - EST 1969
--5 AE E%sT 1971
+-5 u E%sT 1971
 -5 - EST 2006 Ap 2 2
--6 AE C%sT 2007 Mar 11 2
--5 AE E%sT
+-6 u C%sT 2007 Mar 11 2
+-5 u E%sT
 Z America/Indiana/Vevay -5:40:16 - LMT 1883 N 18 12:19:44
--6 AE C%sT 1954 Ap 25 2
+-6 u C%sT 1954 Ap 25 2
 -5 - EST 1969
--5 AE E%sT 1973
+-5 u E%sT 1973
 -5 - EST 2006
--5 AE E%sT
-R AQ 1921 o - May 1 2 1 D
-R AQ 1921 o - S 1 2 0 S
-R AQ 1941 1961 - Ap lastSun 2 1 D
-R AQ 1941 o - S lastSun 2 0 S
-R AQ 1946 o - Jun 2 2 0 S
-R AQ 1950 1955 - S lastSun 2 0 S
-R AQ 1956 1960 - O lastSun 2 0 S
+-5 u E%sT
+R v 1921 o - May 1 2 1 D
+R v 1921 o - S 1 2 0 S
+R v 1941 1961 - Ap lastSun 2 1 D
+R v 1941 o - S lastSun 2 0 S
+R v 1946 o - Jun 2 2 0 S
+R v 1950 1955 - S lastSun 2 0 S
+R v 1956 1960 - O lastSun 2 0 S
 Z America/Kentucky/Louisville -5:43:2 - LMT 1883 N 18 12:16:58
--6 AE C%sT 1921
--6 AQ C%sT 1942
--6 AE C%sT 1946
--6 AQ C%sT 1961 Jul 23 2
+-6 u C%sT 1921
+-6 v C%sT 1942
+-6 u C%sT 1946
+-6 v C%sT 1961 Jul 23 2
 -5 - EST 1968
--5 AE E%sT 1974 Ja 6 2
+-5 u E%sT 1974 Ja 6 2
 -6 1 CDT 1974 O 27 2
--5 AE E%sT
+-5 u E%sT
 Z America/Kentucky/Monticello -5:39:24 - LMT 1883 N 18 12:20:36
--6 AE C%sT 1946
+-6 u C%sT 1946
 -6 - CST 1968
--6 AE C%sT 2000 O 29 2
--5 AE E%sT
-R AR 1948 o - Ap lastSun 2 1 D
-R AR 1948 o - S lastSun 2 0 S
+-6 u C%sT 2000 O 29 2
+-5 u E%sT
+R Dt 1948 o - Ap lastSun 2 1 D
+R Dt 1948 o - S lastSun 2 0 S
 Z America/Detroit -5:32:11 - LMT 1905
 -6 - CST 1915 May 15 2
 -5 - EST 1942
--5 AE E%sT 1946
--5 AR E%sT 1973
--5 AE E%sT 1975
+-5 u E%sT 1946
+-5 Dt E%sT 1973
+-5 u E%sT 1975
 -5 - EST 1975 Ap 27 2
--5 AE E%sT
-R AS 1946 o - Ap lastSun 2 1 D
-R AS 1946 o - S lastSun 2 0 S
-R AS 1966 o - Ap lastSun 2 1 D
-R AS 1966 o - O lastSun 2 0 S
+-5 u E%sT
+R Me 1946 o - Ap lastSun 2 1 D
+R Me 1946 o - S lastSun 2 0 S
+R Me 1966 o - Ap lastSun 2 1 D
+R Me 1966 o - O lastSun 2 0 S
 Z America/Menominee -5:50:27 - LMT 1885 S 18 12
--6 AE C%sT 1946
--6 AS C%sT 1969 Ap 27 2
+-6 u C%sT 1946
+-6 Me C%sT 1969 Ap 27 2
 -5 - EST 1973 Ap 29 2
--6 AE C%sT
-R AT 1918 o - Ap 14 2 1 D
-R AT 1918 o - O 27 2 0 S
-R AT 1942 o - F 9 2 1 W
-R AT 1945 o - Au 14 23u 1 P
-R AT 1945 o - S 30 2 0 S
-R AT 1974 1986 - Ap lastSun 2 1 D
-R AT 1974 2006 - O lastSun 2 0 S
-R AT 1987 2006 - Ap Sun>=1 2 1 D
-R AT 2007 ma - Mar Sun>=8 2 1 D
-R AT 2007 ma - N Sun>=1 2 0 S
-R AU 1917 o - Ap 8 2 1 D
-R AU 1917 o - S 17 2 0 S
-R AU 1919 o - May 5 23 1 D
-R AU 1919 o - Au 12 23 0 S
-R AU 1920 1935 - May Sun>=1 23 1 D
-R AU 1920 1935 - O lastSun 23 0 S
-R AU 1936 1941 - May M>=9 0 1 D
-R AU 1936 1941 - O M>=2 0 0 S
-R AU 1946 1950 - May Sun>=8 2 1 D
-R AU 1946 1950 - O Sun>=2 2 0 S
-R AU 1951 1986 - Ap lastSun 2 1 D
-R AU 1951 1959 - S lastSun 2 0 S
-R AU 1960 1986 - O lastSun 2 0 S
-R AU 1987 o - Ap Sun>=1 0:1 1 D
-R AU 1987 2006 - O lastSun 0:1 0 S
-R AU 1988 o - Ap Sun>=1 0:1 2 DD
-R AU 1989 2006 - Ap Sun>=1 0:1 1 D
-R AU 2007 2011 - Mar Sun>=8 0:1 1 D
-R AU 2007 2010 - N Sun>=1 0:1 0 S
+-6 u C%sT
+R C 1918 o - Ap 14 2 1 D
+R C 1918 o - O 27 2 0 S
+R C 1942 o - F 9 2 1 W
+R C 1945 o - Au 14 23u 1 P
+R C 1945 o - S 30 2 0 S
+R C 1974 1986 - Ap lastSun 2 1 D
+R C 1974 2006 - O lastSun 2 0 S
+R C 1987 2006 - Ap Sun>=1 2 1 D
+R C 2007 ma - Mar Sun>=8 2 1 D
+R C 2007 ma - N Sun>=1 2 0 S
+R j 1917 o - Ap 8 2 1 D
+R j 1917 o - S 17 2 0 S
+R j 1919 o - May 5 23 1 D
+R j 1919 o - Au 12 23 0 S
+R j 1920 1935 - May Sun>=1 23 1 D
+R j 1920 1935 - O lastSun 23 0 S
+R j 1936 1941 - May M>=9 0 1 D
+R j 1936 1941 - O M>=2 0 0 S
+R j 1946 1950 - May Sun>=8 2 1 D
+R j 1946 1950 - O Sun>=2 2 0 S
+R j 1951 1986 - Ap lastSun 2 1 D
+R j 1951 1959 - S lastSun 2 0 S
+R j 1960 1986 - O lastSun 2 0 S
+R j 1987 o - Ap Sun>=1 0:1 1 D
+R j 1987 2006 - O lastSun 0:1 0 S
+R j 1988 o - Ap Sun>=1 0:1 2 DD
+R j 1989 2006 - Ap Sun>=1 0:1 1 D
+R j 2007 2011 - Mar Sun>=8 0:1 1 D
+R j 2007 2010 - N Sun>=1 0:1 0 S
 Z America/St_Johns -3:30:52 - LMT 1884
--3:30:52 AU N%sT 1918
--3:30:52 AT N%sT 1919
--3:30:52 AU N%sT 1935 Mar 30
--3:30 AU N%sT 1942 May 11
--3:30 AT N%sT 1946
--3:30 AU N%sT 2011 N
--3:30 AT N%sT
+-3:30:52 j N%sT 1918
+-3:30:52 C N%sT 1919
+-3:30:52 j N%sT 1935 Mar 30
+-3:30 j N%sT 1942 May 11
+-3:30 C N%sT 1946
+-3:30 j N%sT 2011 N
+-3:30 C N%sT
 Z America/Goose_Bay -4:1:40 - LMT 1884
 -3:30:52 - NST 1918
--3:30:52 AT N%sT 1919
+-3:30:52 C N%sT 1919
 -3:30:52 - NST 1935 Mar 30
 -3:30 - NST 1936
--3:30 AU N%sT 1942 May 11
--3:30 AT N%sT 1946
--3:30 AU N%sT 1966 Mar 15 2
--4 AU A%sT 2011 N
--4 AT A%sT
-R AV 1916 o - Ap 1 0 1 D
-R AV 1916 o - O 1 0 0 S
-R AV 1920 o - May 9 0 1 D
-R AV 1920 o - Au 29 0 0 S
-R AV 1921 o - May 6 0 1 D
-R AV 1921 1922 - S 5 0 0 S
-R AV 1922 o - Ap 30 0 1 D
-R AV 1923 1925 - May Sun>=1 0 1 D
-R AV 1923 o - S 4 0 0 S
-R AV 1924 o - S 15 0 0 S
-R AV 1925 o - S 28 0 0 S
-R AV 1926 o - May 16 0 1 D
-R AV 1926 o - S 13 0 0 S
-R AV 1927 o - May 1 0 1 D
-R AV 1927 o - S 26 0 0 S
-R AV 1928 1931 - May Sun>=8 0 1 D
-R AV 1928 o - S 9 0 0 S
-R AV 1929 o - S 3 0 0 S
-R AV 1930 o - S 15 0 0 S
-R AV 1931 1932 - S M>=24 0 0 S
-R AV 1932 o - May 1 0 1 D
-R AV 1933 o - Ap 30 0 1 D
-R AV 1933 o - O 2 0 0 S
-R AV 1934 o - May 20 0 1 D
-R AV 1934 o - S 16 0 0 S
-R AV 1935 o - Jun 2 0 1 D
-R AV 1935 o - S 30 0 0 S
-R AV 1936 o - Jun 1 0 1 D
-R AV 1936 o - S 14 0 0 S
-R AV 1937 1938 - May Sun>=1 0 1 D
-R AV 1937 1941 - S M>=24 0 0 S
-R AV 1939 o - May 28 0 1 D
-R AV 1940 1941 - May Sun>=1 0 1 D
-R AV 1946 1949 - Ap lastSun 2 1 D
-R AV 1946 1949 - S lastSun 2 0 S
-R AV 1951 1954 - Ap lastSun 2 1 D
-R AV 1951 1954 - S lastSun 2 0 S
-R AV 1956 1959 - Ap lastSun 2 1 D
-R AV 1956 1959 - S lastSun 2 0 S
-R AV 1962 1973 - Ap lastSun 2 1 D
-R AV 1962 1973 - O lastSun 2 0 S
+-3:30 j N%sT 1942 May 11
+-3:30 C N%sT 1946
+-3:30 j N%sT 1966 Mar 15 2
+-4 j A%sT 2011 N
+-4 C A%sT
+R H 1916 o - Ap 1 0 1 D
+R H 1916 o - O 1 0 0 S
+R H 1920 o - May 9 0 1 D
+R H 1920 o - Au 29 0 0 S
+R H 1921 o - May 6 0 1 D
+R H 1921 1922 - S 5 0 0 S
+R H 1922 o - Ap 30 0 1 D
+R H 1923 1925 - May Sun>=1 0 1 D
+R H 1923 o - S 4 0 0 S
+R H 1924 o - S 15 0 0 S
+R H 1925 o - S 28 0 0 S
+R H 1926 o - May 16 0 1 D
+R H 1926 o - S 13 0 0 S
+R H 1927 o - May 1 0 1 D
+R H 1927 o - S 26 0 0 S
+R H 1928 1931 - May Sun>=8 0 1 D
+R H 1928 o - S 9 0 0 S
+R H 1929 o - S 3 0 0 S
+R H 1930 o - S 15 0 0 S
+R H 1931 1932 - S M>=24 0 0 S
+R H 1932 o - May 1 0 1 D
+R H 1933 o - Ap 30 0 1 D
+R H 1933 o - O 2 0 0 S
+R H 1934 o - May 20 0 1 D
+R H 1934 o - S 16 0 0 S
+R H 1935 o - Jun 2 0 1 D
+R H 1935 o - S 30 0 0 S
+R H 1936 o - Jun 1 0 1 D
+R H 1936 o - S 14 0 0 S
+R H 1937 1938 - May Sun>=1 0 1 D
+R H 1937 1941 - S M>=24 0 0 S
+R H 1939 o - May 28 0 1 D
+R H 1940 1941 - May Sun>=1 0 1 D
+R H 1946 1949 - Ap lastSun 2 1 D
+R H 1946 1949 - S lastSun 2 0 S
+R H 1951 1954 - Ap lastSun 2 1 D
+R H 1951 1954 - S lastSun 2 0 S
+R H 1956 1959 - Ap lastSun 2 1 D
+R H 1956 1959 - S lastSun 2 0 S
+R H 1962 1973 - Ap lastSun 2 1 D
+R H 1962 1973 - O lastSun 2 0 S
 Z America/Halifax -4:14:24 - LMT 1902 Jun 15
--4 AV A%sT 1918
--4 AT A%sT 1919
--4 AV A%sT 1942 F 9 2s
--4 AT A%sT 1946
--4 AV A%sT 1974
--4 AT A%sT
+-4 H A%sT 1918
+-4 C A%sT 1919
+-4 H A%sT 1942 F 9 2s
+-4 C A%sT 1946
+-4 H A%sT 1974
+-4 C A%sT
 Z America/Glace_Bay -3:59:48 - LMT 1902 Jun 15
--4 AT A%sT 1953
--4 AV A%sT 1954
+-4 C A%sT 1953
+-4 H A%sT 1954
 -4 - AST 1972
--4 AV A%sT 1974
--4 AT A%sT
-R AW 1933 1935 - Jun Sun>=8 1 1 D
-R AW 1933 1935 - S Sun>=8 1 0 S
-R AW 1936 1938 - Jun Sun>=1 1 1 D
-R AW 1936 1938 - S Sun>=1 1 0 S
-R AW 1939 o - May 27 1 1 D
-R AW 1939 1941 - S Sat>=21 1 0 S
-R AW 1940 o - May 19 1 1 D
-R AW 1941 o - May 4 1 1 D
-R AW 1946 1972 - Ap lastSun 2 1 D
-R AW 1946 1956 - S lastSun 2 0 S
-R AW 1957 1972 - O lastSun 2 0 S
-R AW 1993 2006 - Ap Sun>=1 0:1 1 D
-R AW 1993 2006 - O lastSun 0:1 0 S
+-4 H A%sT 1974
+-4 C A%sT
+R o 1933 1935 - Jun Sun>=8 1 1 D
+R o 1933 1935 - S Sun>=8 1 0 S
+R o 1936 1938 - Jun Sun>=1 1 1 D
+R o 1936 1938 - S Sun>=1 1 0 S
+R o 1939 o - May 27 1 1 D
+R o 1939 1941 - S Sat>=21 1 0 S
+R o 1940 o - May 19 1 1 D
+R o 1941 o - May 4 1 1 D
+R o 1946 1972 - Ap lastSun 2 1 D
+R o 1946 1956 - S lastSun 2 0 S
+R o 1957 1972 - O lastSun 2 0 S
+R o 1993 2006 - Ap Sun>=1 0:1 1 D
+R o 1993 2006 - O lastSun 0:1 0 S
 Z America/Moncton -4:19:8 - LMT 1883 D 9
 -5 - EST 1902 Jun 15
--4 AT A%sT 1933
--4 AW A%sT 1942
--4 AT A%sT 1946
--4 AW A%sT 1973
--4 AT A%sT 1993
--4 AW A%sT 2007
--4 AT A%sT
+-4 C A%sT 1933
+-4 o A%sT 1942
+-4 C A%sT 1946
+-4 o A%sT 1973
+-4 C A%sT 1993
+-4 o A%sT 2007
+-4 C A%sT
 Z America/Blanc-Sablon -3:48:28 - LMT 1884
--4 AT A%sT 1970
+-4 C A%sT 1970
 -4 - AST
-R AX 1919 o - Mar 30 23:30 1 D
-R AX 1919 o - O 26 0 0 S
-R AX 1920 o - May 2 2 1 D
-R AX 1920 o - S 26 0 0 S
-R AX 1921 o - May 15 2 1 D
-R AX 1921 o - S 15 2 0 S
-R AX 1922 1923 - May Sun>=8 2 1 D
-R AX 1922 1926 - S Sun>=15 2 0 S
-R AX 1924 1927 - May Sun>=1 2 1 D
-R AX 1927 1932 - S lastSun 2 0 S
-R AX 1928 1931 - Ap lastSun 2 1 D
-R AX 1932 o - May 1 2 1 D
-R AX 1933 1940 - Ap lastSun 2 1 D
-R AX 1933 o - O 1 2 0 S
-R AX 1934 1939 - S lastSun 2 0 S
-R AX 1945 1946 - S lastSun 2 0 S
-R AX 1946 o - Ap lastSun 2 1 D
-R AX 1947 1949 - Ap lastSun 0 1 D
-R AX 1947 1948 - S lastSun 0 0 S
-R AX 1949 o - N lastSun 0 0 S
-R AX 1950 1973 - Ap lastSun 2 1 D
-R AX 1950 o - N lastSun 2 0 S
-R AX 1951 1956 - S lastSun 2 0 S
-R AX 1957 1973 - O lastSun 2 0 S
+R t 1919 o - Mar 30 23:30 1 D
+R t 1919 o - O 26 0 0 S
+R t 1920 o - May 2 2 1 D
+R t 1920 o - S 26 0 0 S
+R t 1921 o - May 15 2 1 D
+R t 1921 o - S 15 2 0 S
+R t 1922 1923 - May Sun>=8 2 1 D
+R t 1922 1926 - S Sun>=15 2 0 S
+R t 1924 1927 - May Sun>=1 2 1 D
+R t 1927 1932 - S lastSun 2 0 S
+R t 1928 1931 - Ap lastSun 2 1 D
+R t 1932 o - May 1 2 1 D
+R t 1933 1940 - Ap lastSun 2 1 D
+R t 1933 o - O 1 2 0 S
+R t 1934 1939 - S lastSun 2 0 S
+R t 1945 1946 - S lastSun 2 0 S
+R t 1946 o - Ap lastSun 2 1 D
+R t 1947 1949 - Ap lastSun 0 1 D
+R t 1947 1948 - S lastSun 0 0 S
+R t 1949 o - N lastSun 0 0 S
+R t 1950 1973 - Ap lastSun 2 1 D
+R t 1950 o - N lastSun 2 0 S
+R t 1951 1956 - S lastSun 2 0 S
+R t 1957 1973 - O lastSun 2 0 S
 Z America/Toronto -5:17:32 - LMT 1895
--5 AT E%sT 1919
--5 AX E%sT 1942 F 9 2s
--5 AT E%sT 1946
--5 AX E%sT 1974
--5 AT E%sT
+-5 C E%sT 1919
+-5 t E%sT 1942 F 9 2s
+-5 C E%sT 1946
+-5 t E%sT 1974
+-5 C E%sT
 Z America/Thunder_Bay -5:57 - LMT 1895
 -6 - CST 1910
 -5 - EST 1942
--5 AT E%sT 1970
--5 AX E%sT 1973
+-5 C E%sT 1970
+-5 t E%sT 1973
 -5 - EST 1974
--5 AT E%sT
+-5 C E%sT
 Z America/Nipigon -5:53:4 - LMT 1895
--5 AT E%sT 1940 S 29
+-5 C E%sT 1940 S 29
 -5 1 EDT 1942 F 9 2s
--5 AT E%sT
+-5 C E%sT
 Z America/Rainy_River -6:18:16 - LMT 1895
--6 AT C%sT 1940 S 29
+-6 C C%sT 1940 S 29
 -6 1 CDT 1942 F 9 2s
--6 AT C%sT
+-6 C C%sT
 Z America/Atikokan -6:6:28 - LMT 1895
--6 AT C%sT 1940 S 29
+-6 C C%sT 1940 S 29
 -6 1 CDT 1942 F 9 2s
--6 AT C%sT 1945 S 30 2
+-6 C C%sT 1945 S 30 2
 -5 - EST
-R AY 1916 o - Ap 23 0 1 D
-R AY 1916 o - S 17 0 0 S
-R AY 1918 o - Ap 14 2 1 D
-R AY 1918 o - O 27 2 0 S
-R AY 1937 o - May 16 2 1 D
-R AY 1937 o - S 26 2 0 S
-R AY 1942 o - F 9 2 1 W
-R AY 1945 o - Au 14 23u 1 P
-R AY 1945 o - S lastSun 2 0 S
-R AY 1946 o - May 12 2 1 D
-R AY 1946 o - O 13 2 0 S
-R AY 1947 1949 - Ap lastSun 2 1 D
-R AY 1947 1949 - S lastSun 2 0 S
-R AY 1950 o - May 1 2 1 D
-R AY 1950 o - S 30 2 0 S
-R AY 1951 1960 - Ap lastSun 2 1 D
-R AY 1951 1958 - S lastSun 2 0 S
-R AY 1959 o - O lastSun 2 0 S
-R AY 1960 o - S lastSun 2 0 S
-R AY 1963 o - Ap lastSun 2 1 D
-R AY 1963 o - S 22 2 0 S
-R AY 1966 1986 - Ap lastSun 2s 1 D
-R AY 1966 2005 - O lastSun 2s 0 S
-R AY 1987 2005 - Ap Sun>=1 2s 1 D
+R W 1916 o - Ap 23 0 1 D
+R W 1916 o - S 17 0 0 S
+R W 1918 o - Ap 14 2 1 D
+R W 1918 o - O 27 2 0 S
+R W 1937 o - May 16 2 1 D
+R W 1937 o - S 26 2 0 S
+R W 1942 o - F 9 2 1 W
+R W 1945 o - Au 14 23u 1 P
+R W 1945 o - S lastSun 2 0 S
+R W 1946 o - May 12 2 1 D
+R W 1946 o - O 13 2 0 S
+R W 1947 1949 - Ap lastSun 2 1 D
+R W 1947 1949 - S lastSun 2 0 S
+R W 1950 o - May 1 2 1 D
+R W 1950 o - S 30 2 0 S
+R W 1951 1960 - Ap lastSun 2 1 D
+R W 1951 1958 - S lastSun 2 0 S
+R W 1959 o - O lastSun 2 0 S
+R W 1960 o - S lastSun 2 0 S
+R W 1963 o - Ap lastSun 2 1 D
+R W 1963 o - S 22 2 0 S
+R W 1966 1986 - Ap lastSun 2s 1 D
+R W 1966 2005 - O lastSun 2s 0 S
+R W 1987 2005 - Ap Sun>=1 2s 1 D
 Z America/Winnipeg -6:28:36 - LMT 1887 Jul 16
--6 AY C%sT 2006
--6 AT C%sT
-R AZ 1918 o - Ap 14 2 1 D
-R AZ 1918 o - O 27 2 0 S
-R AZ 1930 1934 - May Sun>=1 0 1 D
-R AZ 1930 1934 - O Sun>=1 0 0 S
-R AZ 1937 1941 - Ap Sun>=8 0 1 D
-R AZ 1937 o - O Sun>=8 0 0 S
-R AZ 1938 o - O Sun>=1 0 0 S
-R AZ 1939 1941 - O Sun>=8 0 0 S
-R AZ 1942 o - F 9 2 1 W
-R AZ 1945 o - Au 14 23u 1 P
-R AZ 1945 o - S lastSun 2 0 S
-R AZ 1946 o - Ap Sun>=8 2 1 D
-R AZ 1946 o - O Sun>=8 2 0 S
-R AZ 1947 1957 - Ap lastSun 2 1 D
-R AZ 1947 1957 - S lastSun 2 0 S
-R AZ 1959 o - Ap lastSun 2 1 D
-R AZ 1959 o - O lastSun 2 0 S
-R Aa 1957 o - Ap lastSun 2 1 D
-R Aa 1957 o - O lastSun 2 0 S
-R Aa 1959 1961 - Ap lastSun 2 1 D
-R Aa 1959 o - O lastSun 2 0 S
-R Aa 1960 1961 - S lastSun 2 0 S
+-6 W C%sT 2006
+-6 C C%sT
+R r 1918 o - Ap 14 2 1 D
+R r 1918 o - O 27 2 0 S
+R r 1930 1934 - May Sun>=1 0 1 D
+R r 1930 1934 - O Sun>=1 0 0 S
+R r 1937 1941 - Ap Sun>=8 0 1 D
+R r 1937 o - O Sun>=8 0 0 S
+R r 1938 o - O Sun>=1 0 0 S
+R r 1939 1941 - O Sun>=8 0 0 S
+R r 1942 o - F 9 2 1 W
+R r 1945 o - Au 14 23u 1 P
+R r 1945 o - S lastSun 2 0 S
+R r 1946 o - Ap Sun>=8 2 1 D
+R r 1946 o - O Sun>=8 2 0 S
+R r 1947 1957 - Ap lastSun 2 1 D
+R r 1947 1957 - S lastSun 2 0 S
+R r 1959 o - Ap lastSun 2 1 D
+R r 1959 o - O lastSun 2 0 S
+R Sw 1957 o - Ap lastSun 2 1 D
+R Sw 1957 o - O lastSun 2 0 S
+R Sw 1959 1961 - Ap lastSun 2 1 D
+R Sw 1959 o - O lastSun 2 0 S
+R Sw 1960 1961 - S lastSun 2 0 S
 Z America/Regina -6:58:36 - LMT 1905 S
--7 AZ M%sT 1960 Ap lastSun 2
+-7 r M%sT 1960 Ap lastSun 2
 -6 - CST
 Z America/Swift_Current -7:11:20 - LMT 1905 S
--7 AT M%sT 1946 Ap lastSun 2
--7 AZ M%sT 1950
--7 Aa M%sT 1972 Ap lastSun 2
+-7 C M%sT 1946 Ap lastSun 2
+-7 r M%sT 1950
+-7 Sw M%sT 1972 Ap lastSun 2
 -6 - CST
-R Ab 1918 1919 - Ap Sun>=8 2 1 D
-R Ab 1918 o - O 27 2 0 S
-R Ab 1919 o - May 27 2 0 S
-R Ab 1920 1923 - Ap lastSun 2 1 D
-R Ab 1920 o - O lastSun 2 0 S
-R Ab 1921 1923 - S lastSun 2 0 S
-R Ab 1942 o - F 9 2 1 W
-R Ab 1945 o - Au 14 23u 1 P
-R Ab 1945 o - S lastSun 2 0 S
-R Ab 1947 o - Ap lastSun 2 1 D
-R Ab 1947 o - S lastSun 2 0 S
-R Ab 1967 o - Ap lastSun 2 1 D
-R Ab 1967 o - O lastSun 2 0 S
-R Ab 1969 o - Ap lastSun 2 1 D
-R Ab 1969 o - O lastSun 2 0 S
-R Ab 1972 1986 - Ap lastSun 2 1 D
-R Ab 1972 2006 - O lastSun 2 0 S
+R Ed 1918 1919 - Ap Sun>=8 2 1 D
+R Ed 1918 o - O 27 2 0 S
+R Ed 1919 o - May 27 2 0 S
+R Ed 1920 1923 - Ap lastSun 2 1 D
+R Ed 1920 o - O lastSun 2 0 S
+R Ed 1921 1923 - S lastSun 2 0 S
+R Ed 1942 o - F 9 2 1 W
+R Ed 1945 o - Au 14 23u 1 P
+R Ed 1945 o - S lastSun 2 0 S
+R Ed 1947 o - Ap lastSun 2 1 D
+R Ed 1947 o - S lastSun 2 0 S
+R Ed 1967 o - Ap lastSun 2 1 D
+R Ed 1967 o - O lastSun 2 0 S
+R Ed 1969 o - Ap lastSun 2 1 D
+R Ed 1969 o - O lastSun 2 0 S
+R Ed 1972 1986 - Ap lastSun 2 1 D
+R Ed 1972 2006 - O lastSun 2 0 S
 Z America/Edmonton -7:33:52 - LMT 1906 S
--7 Ab M%sT 1987
--7 AT M%sT
-R Ac 1918 o - Ap 14 2 1 D
-R Ac 1918 o - O 27 2 0 S
-R Ac 1942 o - F 9 2 1 W
-R Ac 1945 o - Au 14 23u 1 P
-R Ac 1945 o - S 30 2 0 S
-R Ac 1946 1986 - Ap lastSun 2 1 D
-R Ac 1946 o - O 13 2 0 S
-R Ac 1947 1961 - S lastSun 2 0 S
-R Ac 1962 2006 - O lastSun 2 0 S
+-7 Ed M%sT 1987
+-7 C M%sT
+R Va 1918 o - Ap 14 2 1 D
+R Va 1918 o - O 27 2 0 S
+R Va 1942 o - F 9 2 1 W
+R Va 1945 o - Au 14 23u 1 P
+R Va 1945 o - S 30 2 0 S
+R Va 1946 1986 - Ap lastSun 2 1 D
+R Va 1946 o - O 13 2 0 S
+R Va 1947 1961 - S lastSun 2 0 S
+R Va 1962 2006 - O lastSun 2 0 S
 Z America/Vancouver -8:12:28 - LMT 1884
--8 Ac P%sT 1987
--8 AT P%sT
+-8 Va P%sT 1987
+-8 C P%sT
 Z America/Dawson_Creek -8:0:56 - LMT 1884
--8 AT P%sT 1947
--8 Ac P%sT 1972 Au 30 2
+-8 C P%sT 1947
+-8 Va P%sT 1972 Au 30 2
 -7 - MST
 Z America/Fort_Nelson -8:10:47 - LMT 1884
--8 Ac P%sT 1946
+-8 Va P%sT 1946
 -8 - PST 1947
--8 Ac P%sT 1987
--8 AT P%sT 2015 Mar 8 2
+-8 Va P%sT 1987
+-8 C P%sT 2015 Mar 8 2
 -7 - MST
 Z America/Creston -7:46:4 - LMT 1884
 -7 - MST 1916 O
 -8 - PST 1918 Jun 2
 -7 - MST
-R Ad 1918 o - Ap 14 2 1 D
-R Ad 1918 o - O 27 2 0 S
-R Ad 1919 o - May 25 2 1 D
-R Ad 1919 o - N 1 0 0 S
-R Ad 1942 o - F 9 2 1 W
-R Ad 1945 o - Au 14 23u 1 P
-R Ad 1945 o - S 30 2 0 S
-R Ad 1965 o - Ap lastSun 0 2 DD
-R Ad 1965 o - O lastSun 2 0 S
-R Ad 1980 1986 - Ap lastSun 2 1 D
-R Ad 1980 2006 - O lastSun 2 0 S
-R Ad 1987 2006 - Ap Sun>=1 2 1 D
+R Y 1918 o - Ap 14 2 1 D
+R Y 1918 o - O 27 2 0 S
+R Y 1919 o - May 25 2 1 D
+R Y 1919 o - N 1 0 0 S
+R Y 1942 o - F 9 2 1 W
+R Y 1945 o - Au 14 23u 1 P
+R Y 1945 o - S 30 2 0 S
+R Y 1965 o - Ap lastSun 0 2 DD
+R Y 1965 o - O lastSun 2 0 S
+R Y 1980 1986 - Ap lastSun 2 1 D
+R Y 1980 2006 - O lastSun 2 0 S
+R Y 1987 2006 - Ap Sun>=1 2 1 D
 Z America/Pangnirtung 0 - -00 1921
--4 Ad A%sT 1995 Ap Sun>=1 2
--5 AT E%sT 1999 O 31 2
--6 AT C%sT 2000 O 29 2
--5 AT E%sT
+-4 Y A%sT 1995 Ap Sun>=1 2
+-5 C E%sT 1999 O 31 2
+-6 C C%sT 2000 O 29 2
+-5 C E%sT
 Z America/Iqaluit 0 - -00 1942 Au
--5 Ad E%sT 1999 O 31 2
--6 AT C%sT 2000 O 29 2
--5 AT E%sT
+-5 Y E%sT 1999 O 31 2
+-6 C C%sT 2000 O 29 2
+-5 C E%sT
 Z America/Resolute 0 - -00 1947 Au 31
--6 Ad C%sT 2000 O 29 2
+-6 Y C%sT 2000 O 29 2
 -5 - EST 2001 Ap 1 3
--6 AT C%sT 2006 O 29 2
+-6 C C%sT 2006 O 29 2
 -5 - EST 2007 Mar 11 3
--6 AT C%sT
+-6 C C%sT
 Z America/Rankin_Inlet 0 - -00 1957
--6 Ad C%sT 2000 O 29 2
+-6 Y C%sT 2000 O 29 2
 -5 - EST 2001 Ap 1 3
--6 AT C%sT
+-6 C C%sT
 Z America/Cambridge_Bay 0 - -00 1920
--7 Ad M%sT 1999 O 31 2
--6 AT C%sT 2000 O 29 2
+-7 Y M%sT 1999 O 31 2
+-6 C C%sT 2000 O 29 2
 -5 - EST 2000 N 5
 -6 - CST 2001 Ap 1 3
--7 AT M%sT
+-7 C M%sT
 Z America/Yellowknife 0 - -00 1935
--7 Ad M%sT 1980
--7 AT M%sT
+-7 Y M%sT 1980
+-7 C M%sT
 Z America/Inuvik 0 - -00 1953
--8 Ad P%sT 1979 Ap lastSun 2
--7 Ad M%sT 1980
--7 AT M%sT
+-8 Y P%sT 1979 Ap lastSun 2
+-7 Y M%sT 1980
+-7 C M%sT
 Z America/Whitehorse -9:0:12 - LMT 1900 Au 20
--9 Ad Y%sT 1967 May 28
--8 Ad P%sT 1980
--8 AT P%sT
+-9 Y Y%sT 1967 May 28
+-8 Y P%sT 1980
+-8 C P%sT
 Z America/Dawson -9:17:40 - LMT 1900 Au 20
--9 Ad Y%sT 1973 O 28
--8 Ad P%sT 1980
--8 AT P%sT
-R Ae 1939 o - F 5 0 1 D
-R Ae 1939 o - Jun 25 0 0 S
-R Ae 1940 o - D 9 0 1 D
-R Ae 1941 o - Ap 1 0 0 S
-R Ae 1943 o - D 16 0 1 W
-R Ae 1944 o - May 1 0 0 S
-R Ae 1950 o - F 12 0 1 D
-R Ae 1950 o - Jul 30 0 0 S
-R Ae 1996 2000 - Ap Sun>=1 2 1 D
-R Ae 1996 2000 - O lastSun 2 0 S
-R Ae 2001 o - May Sun>=1 2 1 D
-R Ae 2001 o - S lastSun 2 0 S
-R Ae 2002 ma - Ap Sun>=1 2 1 D
-R Ae 2002 ma - O lastSun 2 0 S
+-9 Y Y%sT 1973 O 28
+-8 Y P%sT 1980
+-8 C P%sT
+R m 1939 o - F 5 0 1 D
+R m 1939 o - Jun 25 0 0 S
+R m 1940 o - D 9 0 1 D
+R m 1941 o - Ap 1 0 0 S
+R m 1943 o - D 16 0 1 W
+R m 1944 o - May 1 0 0 S
+R m 1950 o - F 12 0 1 D
+R m 1950 o - Jul 30 0 0 S
+R m 1996 2000 - Ap Sun>=1 2 1 D
+R m 1996 2000 - O lastSun 2 0 S
+R m 2001 o - May Sun>=1 2 1 D
+R m 2001 o - S lastSun 2 0 S
+R m 2002 ma - Ap Sun>=1 2 1 D
+R m 2002 ma - O lastSun 2 0 S
 Z America/Cancun -5:47:4 - LMT 1922 Ja 1 0:12:56
 -6 - CST 1981 D 23
--5 Ae E%sT 1998 Au 2 2
--6 Ae C%sT 2015 F 1 2
+-5 m E%sT 1998 Au 2 2
+-6 m C%sT 2015 F 1 2
 -5 - EST
 Z America/Merida -5:58:28 - LMT 1922 Ja 1 0:1:32
 -6 - CST 1981 D 23
 -5 - EST 1982 D 2
--6 Ae C%sT
+-6 m C%sT
 Z America/Matamoros -6:40 - LMT 1921 D 31 23:20
 -6 - CST 1988
--6 AE C%sT 1989
--6 Ae C%sT 2010
--6 AE C%sT
+-6 u C%sT 1989
+-6 m C%sT 2010
+-6 u C%sT
 Z America/Monterrey -6:41:16 - LMT 1921 D 31 23:18:44
 -6 - CST 1988
--6 AE C%sT 1989
--6 Ae C%sT
+-6 u C%sT 1989
+-6 m C%sT
 Z America/Mexico_City -6:36:36 - LMT 1922 Ja 1 0:23:24
 -7 - MST 1927 Jun 10 23
 -6 - CST 1930 N 15
 -7 - MST 1931 May 1 23
 -6 - CST 1931 O
 -7 - MST 1932 Ap
--6 Ae C%sT 2001 S 30 2
+-6 m C%sT 2001 S 30 2
 -6 - CST 2002 F 20
--6 Ae C%sT
+-6 m C%sT
 Z America/Ojinaga -6:57:40 - LMT 1922 Ja 1 0:2:20
 -7 - MST 1927 Jun 10 23
 -6 - CST 1930 N 15
@@ -3209,10 +3378,10 @@ Z America/Ojinaga -6:57:40 - LMT 1922 Ja 1 0:2:20
 -6 - CST 1931 O
 -7 - MST 1932 Ap
 -6 - CST 1996
--6 Ae C%sT 1998
+-6 m C%sT 1998
 -6 - CST 1998 Ap Sun>=1 3
--7 Ae M%sT 2010
--7 AE M%sT
+-7 m M%sT 2010
+-7 u M%sT
 Z America/Chihuahua -7:4:20 - LMT 1921 D 31 23:55:40
 -7 - MST 1927 Jun 10 23
 -6 - CST 1930 N 15
@@ -3220,9 +3389,9 @@ Z America/Chihuahua -7:4:20 - LMT 1921 D 31 23:55:40
 -6 - CST 1931 O
 -7 - MST 1932 Ap
 -6 - CST 1996
--6 Ae C%sT 1998
+-6 m C%sT 1998
 -6 - CST 1998 Ap Sun>=1 3
--7 Ae M%sT
+-7 m M%sT
 Z America/Hermosillo -7:23:52 - LMT 1921 D 31 23:36:8
 -7 - MST 1927 Jun 10 23
 -6 - CST 1930 N 15
@@ -3232,7 +3401,7 @@ Z America/Hermosillo -7:23:52 - LMT 1921 D 31 23:36:8
 -6 - CST 1942 Ap 24
 -7 - MST 1949 Ja 14
 -8 - PST 1970
--7 Ae M%sT 1999
+-7 m M%sT 1999
 -7 - MST
 Z America/Mazatlan -7:5:40 - LMT 1921 D 31 23:54:20
 -7 - MST 1927 Jun 10 23
@@ -3243,7 +3412,7 @@ Z America/Mazatlan -7:5:40 - LMT 1921 D 31 23:54:20
 -6 - CST 1942 Ap 24
 -7 - MST 1949 Ja 14
 -8 - PST 1970
--7 Ae M%sT
+-7 m M%sT
 Z America/Bahia_Banderas -7:1 - LMT 1921 D 31 23:59
 -7 - MST 1927 Jun 10 23
 -6 - CST 1930 N 15
@@ -3253,8 +3422,8 @@ Z America/Bahia_Banderas -7:1 - LMT 1921 D 31 23:59
 -6 - CST 1942 Ap 24
 -7 - MST 1949 Ja 14
 -8 - PST 1970
--7 Ae M%sT 2010 Ap 4 2
--6 Ae C%sT
+-7 m M%sT 2010 Ap 4 2
+-6 m C%sT
 Z America/Tijuana -7:48:4 - LMT 1922 Ja 1 0:11:56
 -7 - MST 1924
 -8 - PST 1927 Jun 10 23
@@ -3267,315 +3436,315 @@ Z America/Tijuana -7:48:4 - LMT 1922 Ja 1 0:11:56
 -8 - PST 1948 Ap 5
 -8 1 PDT 1949 Ja 14
 -8 - PST 1954
--8 AI P%sT 1961
+-8 CA P%sT 1961
 -8 - PST 1976
--8 AE P%sT 1996
--8 Ae P%sT 2001
--8 AE P%sT 2002 F 20
--8 Ae P%sT 2010
--8 AE P%sT
-R Af 1964 1975 - O lastSun 2 0 S
-R Af 1964 1975 - Ap lastSun 2 1 D
+-8 u P%sT 1996
+-8 m P%sT 2001
+-8 u P%sT 2002 F 20
+-8 m P%sT 2010
+-8 u P%sT
+R BS 1964 1975 - O lastSun 2 0 S
+R BS 1964 1975 - Ap lastSun 2 1 D
 Z America/Nassau -5:9:30 - LMT 1912 Mar 2
--5 Af E%sT 1976
--5 AE E%sT
-R Ag 1977 o - Jun 12 2 1 D
-R Ag 1977 1978 - O Sun>=1 2 0 S
-R Ag 1978 1980 - Ap Sun>=15 2 1 D
-R Ag 1979 o - S 30 2 0 S
-R Ag 1980 o - S 25 2 0 S
+-5 BS E%sT 1976
+-5 u E%sT
+R BB 1977 o - Jun 12 2 1 D
+R BB 1977 1978 - O Sun>=1 2 0 S
+R BB 1978 1980 - Ap Sun>=15 2 1 D
+R BB 1979 o - S 30 2 0 S
+R BB 1980 o - S 25 2 0 S
 Z America/Barbados -3:58:29 - LMT 1924
 -3:58:29 - BMT 1932
--4 Ag A%sT
-R Ah 1918 1942 - O Sun>=2 0 0:30 -0530
-R Ah 1919 1943 - F Sun>=9 0 0 CST
-R Ah 1973 o - D 5 0 1 CDT
-R Ah 1974 o - F 9 0 0 CST
-R Ah 1982 o - D 18 0 1 CDT
-R Ah 1983 o - F 12 0 0 CST
+-4 BB A%sT
+R BZ 1918 1942 - O Sun>=2 0 0:30 -0530
+R BZ 1919 1943 - F Sun>=9 0 0 CST
+R BZ 1973 o - D 5 0 1 CDT
+R BZ 1974 o - F 9 0 0 CST
+R BZ 1982 o - D 18 0 1 CDT
+R BZ 1983 o - F 12 0 0 CST
 Z America/Belize -5:52:48 - LMT 1912 Ap
--6 Ah %s
+-6 BZ %s
 Z Atlantic/Bermuda -4:19:18 - LMT 1930 Ja 1 2
 -4 - AST 1974 Ap 28 2
--4 AT A%sT 1976
--4 AE A%sT
-R Ai 1979 1980 - F lastSun 0 1 D
-R Ai 1979 1980 - Jun Sun>=1 0 0 S
-R Ai 1991 1992 - Ja Sat>=15 0 1 D
-R Ai 1991 o - Jul 1 0 0 S
-R Ai 1992 o - Mar 15 0 0 S
+-4 C A%sT 1976
+-4 u A%sT
+R CR 1979 1980 - F lastSun 0 1 D
+R CR 1979 1980 - Jun Sun>=1 0 0 S
+R CR 1991 1992 - Ja Sat>=15 0 1 D
+R CR 1991 o - Jul 1 0 0 S
+R CR 1992 o - Mar 15 0 0 S
 Z America/Costa_Rica -5:36:13 - LMT 1890
 -5:36:13 - SJMT 1921 Ja 15
--6 Ai C%sT
-R Aj 1928 o - Jun 10 0 1 D
-R Aj 1928 o - O 10 0 0 S
-R Aj 1940 1942 - Jun Sun>=1 0 1 D
-R Aj 1940 1942 - S Sun>=1 0 0 S
-R Aj 1945 1946 - Jun Sun>=1 0 1 D
-R Aj 1945 1946 - S Sun>=1 0 0 S
-R Aj 1965 o - Jun 1 0 1 D
-R Aj 1965 o - S 30 0 0 S
-R Aj 1966 o - May 29 0 1 D
-R Aj 1966 o - O 2 0 0 S
-R Aj 1967 o - Ap 8 0 1 D
-R Aj 1967 1968 - S Sun>=8 0 0 S
-R Aj 1968 o - Ap 14 0 1 D
-R Aj 1969 1977 - Ap lastSun 0 1 D
-R Aj 1969 1971 - O lastSun 0 0 S
-R Aj 1972 1974 - O 8 0 0 S
-R Aj 1975 1977 - O lastSun 0 0 S
-R Aj 1978 o - May 7 0 1 D
-R Aj 1978 1990 - O Sun>=8 0 0 S
-R Aj 1979 1980 - Mar Sun>=15 0 1 D
-R Aj 1981 1985 - May Sun>=5 0 1 D
-R Aj 1986 1989 - Mar Sun>=14 0 1 D
-R Aj 1990 1997 - Ap Sun>=1 0 1 D
-R Aj 1991 1995 - O Sun>=8 0s 0 S
-R Aj 1996 o - O 6 0s 0 S
-R Aj 1997 o - O 12 0s 0 S
-R Aj 1998 1999 - Mar lastSun 0s 1 D
-R Aj 1998 2003 - O lastSun 0s 0 S
-R Aj 2000 2003 - Ap Sun>=1 0s 1 D
-R Aj 2004 o - Mar lastSun 0s 1 D
-R Aj 2006 2010 - O lastSun 0s 0 S
-R Aj 2007 o - Mar Sun>=8 0s 1 D
-R Aj 2008 o - Mar Sun>=15 0s 1 D
-R Aj 2009 2010 - Mar Sun>=8 0s 1 D
-R Aj 2011 o - Mar Sun>=15 0s 1 D
-R Aj 2011 o - N 13 0s 0 S
-R Aj 2012 o - Ap 1 0s 1 D
-R Aj 2012 ma - N Sun>=1 0s 0 S
-R Aj 2013 ma - Mar Sun>=8 0s 1 D
+-6 CR C%sT
+R Q 1928 o - Jun 10 0 1 D
+R Q 1928 o - O 10 0 0 S
+R Q 1940 1942 - Jun Sun>=1 0 1 D
+R Q 1940 1942 - S Sun>=1 0 0 S
+R Q 1945 1946 - Jun Sun>=1 0 1 D
+R Q 1945 1946 - S Sun>=1 0 0 S
+R Q 1965 o - Jun 1 0 1 D
+R Q 1965 o - S 30 0 0 S
+R Q 1966 o - May 29 0 1 D
+R Q 1966 o - O 2 0 0 S
+R Q 1967 o - Ap 8 0 1 D
+R Q 1967 1968 - S Sun>=8 0 0 S
+R Q 1968 o - Ap 14 0 1 D
+R Q 1969 1977 - Ap lastSun 0 1 D
+R Q 1969 1971 - O lastSun 0 0 S
+R Q 1972 1974 - O 8 0 0 S
+R Q 1975 1977 - O lastSun 0 0 S
+R Q 1978 o - May 7 0 1 D
+R Q 1978 1990 - O Sun>=8 0 0 S
+R Q 1979 1980 - Mar Sun>=15 0 1 D
+R Q 1981 1985 - May Sun>=5 0 1 D
+R Q 1986 1989 - Mar Sun>=14 0 1 D
+R Q 1990 1997 - Ap Sun>=1 0 1 D
+R Q 1991 1995 - O Sun>=8 0s 0 S
+R Q 1996 o - O 6 0s 0 S
+R Q 1997 o - O 12 0s 0 S
+R Q 1998 1999 - Mar lastSun 0s 1 D
+R Q 1998 2003 - O lastSun 0s 0 S
+R Q 2000 2003 - Ap Sun>=1 0s 1 D
+R Q 2004 o - Mar lastSun 0s 1 D
+R Q 2006 2010 - O lastSun 0s 0 S
+R Q 2007 o - Mar Sun>=8 0s 1 D
+R Q 2008 o - Mar Sun>=15 0s 1 D
+R Q 2009 2010 - Mar Sun>=8 0s 1 D
+R Q 2011 o - Mar Sun>=15 0s 1 D
+R Q 2011 o - N 13 0s 0 S
+R Q 2012 o - Ap 1 0s 1 D
+R Q 2012 ma - N Sun>=1 0s 0 S
+R Q 2013 ma - Mar Sun>=8 0s 1 D
 Z America/Havana -5:29:28 - LMT 1890
 -5:29:36 - HMT 1925 Jul 19 12
--5 Aj C%sT
-R Ak 1966 o - O 30 0 1 EDT
-R Ak 1967 o - F 28 0 0 EST
-R Ak 1969 1973 - O lastSun 0 0:30 -0430
-R Ak 1970 o - F 21 0 0 EST
-R Ak 1971 o - Ja 20 0 0 EST
-R Ak 1972 1974 - Ja 21 0 0 EST
+-5 Q C%sT
+R DO 1966 o - O 30 0 1 EDT
+R DO 1967 o - F 28 0 0 EST
+R DO 1969 1973 - O lastSun 0 0:30 -0430
+R DO 1970 o - F 21 0 0 EST
+R DO 1971 o - Ja 20 0 0 EST
+R DO 1972 1974 - Ja 21 0 0 EST
 Z America/Santo_Domingo -4:39:36 - LMT 1890
 -4:40 - SDMT 1933 Ap 1 12
--5 Ak %s 1974 O 27
+-5 DO %s 1974 O 27
 -4 - AST 2000 O 29 2
--5 AE E%sT 2000 D 3 1
+-5 u E%sT 2000 D 3 1
 -4 - AST
-R Al 1987 1988 - May Sun>=1 0 1 D
-R Al 1987 1988 - S lastSun 0 0 S
+R SV 1987 1988 - May Sun>=1 0 1 D
+R SV 1987 1988 - S lastSun 0 0 S
 Z America/El_Salvador -5:56:48 - LMT 1921
--6 Al C%sT
-R Am 1973 o - N 25 0 1 D
-R Am 1974 o - F 24 0 0 S
-R Am 1983 o - May 21 0 1 D
-R Am 1983 o - S 22 0 0 S
-R Am 1991 o - Mar 23 0 1 D
-R Am 1991 o - S 7 0 0 S
-R Am 2006 o - Ap 30 0 1 D
-R Am 2006 o - O 1 0 0 S
+-6 SV C%sT
+R GT 1973 o - N 25 0 1 D
+R GT 1974 o - F 24 0 0 S
+R GT 1983 o - May 21 0 1 D
+R GT 1983 o - S 22 0 0 S
+R GT 1991 o - Mar 23 0 1 D
+R GT 1991 o - S 7 0 0 S
+R GT 2006 o - Ap 30 0 1 D
+R GT 2006 o - O 1 0 0 S
 Z America/Guatemala -6:2:4 - LMT 1918 O 5
--6 Am C%sT
-R An 1983 o - May 8 0 1 D
-R An 1984 1987 - Ap lastSun 0 1 D
-R An 1983 1987 - O lastSun 0 0 S
-R An 1988 1997 - Ap Sun>=1 1s 1 D
-R An 1988 1997 - O lastSun 1s 0 S
-R An 2005 2006 - Ap Sun>=1 0 1 D
-R An 2005 2006 - O lastSun 0 0 S
-R An 2012 2015 - Mar Sun>=8 2 1 D
-R An 2012 2015 - N Sun>=1 2 0 S
-R An 2017 ma - Mar Sun>=8 2 1 D
-R An 2017 ma - N Sun>=1 2 0 S
+-6 GT C%sT
+R HT 1983 o - May 8 0 1 D
+R HT 1984 1987 - Ap lastSun 0 1 D
+R HT 1983 1987 - O lastSun 0 0 S
+R HT 1988 1997 - Ap Sun>=1 1s 1 D
+R HT 1988 1997 - O lastSun 1s 0 S
+R HT 2005 2006 - Ap Sun>=1 0 1 D
+R HT 2005 2006 - O lastSun 0 0 S
+R HT 2012 2015 - Mar Sun>=8 2 1 D
+R HT 2012 2015 - N Sun>=1 2 0 S
+R HT 2017 ma - Mar Sun>=8 2 1 D
+R HT 2017 ma - N Sun>=1 2 0 S
 Z America/Port-au-Prince -4:49:20 - LMT 1890
 -4:49 - PPMT 1917 Ja 24 12
--5 An E%sT
-R Ao 1987 1988 - May Sun>=1 0 1 D
-R Ao 1987 1988 - S lastSun 0 0 S
-R Ao 2006 o - May Sun>=1 0 1 D
-R Ao 2006 o - Au M>=1 0 0 S
+-5 HT E%sT
+R HN 1987 1988 - May Sun>=1 0 1 D
+R HN 1987 1988 - S lastSun 0 0 S
+R HN 2006 o - May Sun>=1 0 1 D
+R HN 2006 o - Au M>=1 0 0 S
 Z America/Tegucigalpa -5:48:52 - LMT 1921 Ap
--6 Ao C%sT
-Z America/Jamaica -5:7:11 - LMT 1890
--5:7:11 - KMT 1912 F
+-6 HN C%sT
+Z America/Jamaica -5:7:10 - LMT 1890
+-5:7:10 - KMT 1912 F
 -5 - EST 1974
--5 AE E%sT 1984
+-5 u E%sT 1984
 -5 - EST
 Z America/Martinique -4:4:20 - LMT 1890
 -4:4:20 - FFMT 1911 May
 -4 - AST 1980 Ap 6
 -4 1 ADT 1980 S 28
 -4 - AST
-R Ap 1979 1980 - Mar Sun>=16 0 1 D
-R Ap 1979 1980 - Jun M>=23 0 0 S
-R Ap 2005 o - Ap 10 0 1 D
-R Ap 2005 o - O Sun>=1 0 0 S
-R Ap 2006 o - Ap 30 2 1 D
-R Ap 2006 o - O Sun>=1 1 0 S
+R NI 1979 1980 - Mar Sun>=16 0 1 D
+R NI 1979 1980 - Jun M>=23 0 0 S
+R NI 2005 o - Ap 10 0 1 D
+R NI 2005 o - O Sun>=1 0 0 S
+R NI 2006 o - Ap 30 2 1 D
+R NI 2006 o - O Sun>=1 1 0 S
 Z America/Managua -5:45:8 - LMT 1890
 -5:45:12 - MMT 1934 Jun 23
 -6 - CST 1973 May
 -5 - EST 1975 F 16
--6 Ap C%sT 1992 Ja 1 4
+-6 NI C%sT 1992 Ja 1 4
 -5 - EST 1992 S 24
 -6 - CST 1993
 -5 - EST 1997
--6 Ap C%sT
+-6 NI C%sT
 Z America/Panama -5:18:8 - LMT 1890
 -5:19:36 - CMT 1908 Ap 22
 -5 - EST
 Li America/Panama America/Cayman
 Z America/Puerto_Rico -4:24:25 - LMT 1899 Mar 28 12
 -4 - AST 1942 May 3
--4 AE A%sT 1946
+-4 u A%sT 1946
 -4 - AST
 Z America/Miquelon -3:44:40 - LMT 1911 May 15
 -4 - AST 1980 May
 -3 - -03 1987
--3 AT -03/-02
+-3 C -03/-02
 Z America/Grand_Turk -4:44:32 - LMT 1890
--5:7:11 - KMT 1912 F
+-5:7:10 - KMT 1912 F
 -5 - EST 1979
--5 AE E%sT 2015 N Sun>=1 2
+-5 u E%sT 2015 N Sun>=1 2
 -4 - AST 2018 Mar 11 3
--5 AE E%sT
-R Aq 1930 o - D 1 0 1 S
-R Aq 1931 o - Ap 1 0 0 -
-R Aq 1931 o - O 15 0 1 S
-R Aq 1932 1940 - Mar 1 0 0 -
-R Aq 1932 1939 - N 1 0 1 S
-R Aq 1940 o - Jul 1 0 1 S
-R Aq 1941 o - Jun 15 0 0 -
-R Aq 1941 o - O 15 0 1 S
-R Aq 1943 o - Au 1 0 0 -
-R Aq 1943 o - O 15 0 1 S
-R Aq 1946 o - Mar 1 0 0 -
-R Aq 1946 o - O 1 0 1 S
-R Aq 1963 o - O 1 0 0 -
-R Aq 1963 o - D 15 0 1 S
-R Aq 1964 1966 - Mar 1 0 0 -
-R Aq 1964 1966 - O 15 0 1 S
-R Aq 1967 o - Ap 2 0 0 -
-R Aq 1967 1968 - O Sun>=1 0 1 S
-R Aq 1968 1969 - Ap Sun>=1 0 0 -
-R Aq 1974 o - Ja 23 0 1 S
-R Aq 1974 o - May 1 0 0 -
-R Aq 1988 o - D 1 0 1 S
-R Aq 1989 1993 - Mar Sun>=1 0 0 -
-R Aq 1989 1992 - O Sun>=15 0 1 S
-R Aq 1999 o - O Sun>=1 0 1 S
-R Aq 2000 o - Mar 3 0 0 -
-R Aq 2007 o - D 30 0 1 S
-R Aq 2008 2009 - Mar Sun>=15 0 0 -
-R Aq 2008 o - O Sun>=15 0 1 S
+-5 u E%sT
+R A 1930 o - D 1 0 1 -
+R A 1931 o - Ap 1 0 0 -
+R A 1931 o - O 15 0 1 -
+R A 1932 1940 - Mar 1 0 0 -
+R A 1932 1939 - N 1 0 1 -
+R A 1940 o - Jul 1 0 1 -
+R A 1941 o - Jun 15 0 0 -
+R A 1941 o - O 15 0 1 -
+R A 1943 o - Au 1 0 0 -
+R A 1943 o - O 15 0 1 -
+R A 1946 o - Mar 1 0 0 -
+R A 1946 o - O 1 0 1 -
+R A 1963 o - O 1 0 0 -
+R A 1963 o - D 15 0 1 -
+R A 1964 1966 - Mar 1 0 0 -
+R A 1964 1966 - O 15 0 1 -
+R A 1967 o - Ap 2 0 0 -
+R A 1967 1968 - O Sun>=1 0 1 -
+R A 1968 1969 - Ap Sun>=1 0 0 -
+R A 1974 o - Ja 23 0 1 -
+R A 1974 o - May 1 0 0 -
+R A 1988 o - D 1 0 1 -
+R A 1989 1993 - Mar Sun>=1 0 0 -
+R A 1989 1992 - O Sun>=15 0 1 -
+R A 1999 o - O Sun>=1 0 1 -
+R A 2000 o - Mar 3 0 0 -
+R A 2007 o - D 30 0 1 -
+R A 2008 2009 - Mar Sun>=15 0 0 -
+R A 2008 o - O Sun>=15 0 1 -
 Z America/Argentina/Buenos_Aires -3:53:48 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
--3 Aq -03/-02
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
+-3 A -03/-02
 Z America/Argentina/Cordoba -4:16:48 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1991 Mar 3
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1991 Mar 3
 -4 - -04 1991 O 20
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
--3 Aq -03/-02
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
+-3 A -03/-02
 Z America/Argentina/Salta -4:21:40 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1991 Mar 3
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1991 Mar 3
 -4 - -04 1991 O 20
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
--3 Aq -03/-02 2008 O 18
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
+-3 A -03/-02 2008 O 18
 -3 - -03
 Z America/Argentina/Tucuman -4:20:52 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1991 Mar 3
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1991 Mar 3
 -4 - -04 1991 O 20
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
 -3 - -03 2004 Jun
 -4 - -04 2004 Jun 13
--3 Aq -03/-02
+-3 A -03/-02
 Z America/Argentina/La_Rioja -4:27:24 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1991 Mar
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1991 Mar
 -4 - -04 1991 May 7
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
 -3 - -03 2004 Jun
 -4 - -04 2004 Jun 20
--3 Aq -03/-02 2008 O 18
+-3 A -03/-02 2008 O 18
 -3 - -03
 Z America/Argentina/San_Juan -4:34:4 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1991 Mar
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1991 Mar
 -4 - -04 1991 May 7
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
 -3 - -03 2004 May 31
 -4 - -04 2004 Jul 25
--3 Aq -03/-02 2008 O 18
+-3 A -03/-02 2008 O 18
 -3 - -03
 Z America/Argentina/Jujuy -4:21:12 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1990 Mar 4
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1990 Mar 4
 -4 - -04 1990 O 28
 -4 1 -03 1991 Mar 17
 -4 - -04 1991 O 6
 -3 1 -02 1992
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
--3 Aq -03/-02 2008 O 18
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
+-3 A -03/-02 2008 O 18
 -3 - -03
 Z America/Argentina/Catamarca -4:23:8 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1991 Mar 3
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1991 Mar 3
 -4 - -04 1991 O 20
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
 -3 - -03 2004 Jun
 -4 - -04 2004 Jun 20
--3 Aq -03/-02 2008 O 18
+-3 A -03/-02 2008 O 18
 -3 - -03
 Z America/Argentina/Mendoza -4:35:16 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1990 Mar 4
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1990 Mar 4
 -4 - -04 1990 O 15
 -4 1 -03 1991 Mar
 -4 - -04 1991 O 15
 -4 1 -03 1992 Mar
 -4 - -04 1992 O 18
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
 -3 - -03 2004 May 23
 -4 - -04 2004 S 26
--3 Aq -03/-02 2008 O 18
+-3 A -03/-02 2008 O 18
 -3 - -03
-R Ar 2008 2009 - Mar Sun>=8 0 0 -
-R Ar 2007 2008 - O Sun>=8 0 1 S
+R Sa 2008 2009 - Mar Sun>=8 0 0 -
+R Sa 2007 2008 - O Sun>=8 0 1 -
 Z America/Argentina/San_Luis -4:25:24 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1990
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1990
 -3 1 -02 1990 Mar 14
 -4 - -04 1990 O 15
 -4 1 -03 1991 Mar
@@ -3584,286 +3753,288 @@ Z America/Argentina/San_Luis -4:25:24 - LMT 1894 O 31
 -4 1 -03 2000 Mar 3
 -3 - -03 2004 May 31
 -4 - -04 2004 Jul 25
--3 Aq -03/-02 2008 Ja 21
--4 Ar -04/-03 2009 O 11
+-3 A -03/-02 2008 Ja 21
+-4 Sa -04/-03 2009 O 11
 -3 - -03
 Z America/Argentina/Rio_Gallegos -4:36:52 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
 -3 - -03 2004 Jun
 -4 - -04 2004 Jun 20
--3 Aq -03/-02 2008 O 18
+-3 A -03/-02 2008 O 18
 -3 - -03
 Z America/Argentina/Ushuaia -4:33:12 - LMT 1894 O 31
 -4:16:48 - CMT 1920 May
 -4 - -04 1930 D
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1999 O 3
--4 Aq -04/-03 2000 Mar 3
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1999 O 3
+-4 A -04/-03 2000 Mar 3
 -3 - -03 2004 May 30
 -4 - -04 2004 Jun 20
--3 Aq -03/-02 2008 O 18
+-3 A -03/-02 2008 O 18
 -3 - -03
 Li America/Curacao America/Aruba
 Z America/La_Paz -4:32:36 - LMT 1890
 -4:32:36 - CMT 1931 O 15
 -4:32:36 1 BST 1932 Mar 21
 -4 - -04
-R As 1931 o - O 3 11 1 S
-R As 1932 1933 - Ap 1 0 0 -
-R As 1932 o - O 3 0 1 S
-R As 1949 1952 - D 1 0 1 S
-R As 1950 o - Ap 16 1 0 -
-R As 1951 1952 - Ap 1 0 0 -
-R As 1953 o - Mar 1 0 0 -
-R As 1963 o - D 9 0 1 S
-R As 1964 o - Mar 1 0 0 -
-R As 1965 o - Ja 31 0 1 S
-R As 1965 o - Mar 31 0 0 -
-R As 1965 o - D 1 0 1 S
-R As 1966 1968 - Mar 1 0 0 -
-R As 1966 1967 - N 1 0 1 S
-R As 1985 o - N 2 0 1 S
-R As 1986 o - Mar 15 0 0 -
-R As 1986 o - O 25 0 1 S
-R As 1987 o - F 14 0 0 -
-R As 1987 o - O 25 0 1 S
-R As 1988 o - F 7 0 0 -
-R As 1988 o - O 16 0 1 S
-R As 1989 o - Ja 29 0 0 -
-R As 1989 o - O 15 0 1 S
-R As 1990 o - F 11 0 0 -
-R As 1990 o - O 21 0 1 S
-R As 1991 o - F 17 0 0 -
-R As 1991 o - O 20 0 1 S
-R As 1992 o - F 9 0 0 -
-R As 1992 o - O 25 0 1 S
-R As 1993 o - Ja 31 0 0 -
-R As 1993 1995 - O Sun>=11 0 1 S
-R As 1994 1995 - F Sun>=15 0 0 -
-R As 1996 o - F 11 0 0 -
-R As 1996 o - O 6 0 1 S
-R As 1997 o - F 16 0 0 -
-R As 1997 o - O 6 0 1 S
-R As 1998 o - Mar 1 0 0 -
-R As 1998 o - O 11 0 1 S
-R As 1999 o - F 21 0 0 -
-R As 1999 o - O 3 0 1 S
-R As 2000 o - F 27 0 0 -
-R As 2000 2001 - O Sun>=8 0 1 S
-R As 2001 2006 - F Sun>=15 0 0 -
-R As 2002 o - N 3 0 1 S
-R As 2003 o - O 19 0 1 S
-R As 2004 o - N 2 0 1 S
-R As 2005 o - O 16 0 1 S
-R As 2006 o - N 5 0 1 S
-R As 2007 o - F 25 0 0 -
-R As 2007 o - O Sun>=8 0 1 S
-R As 2008 2017 - O Sun>=15 0 1 S
-R As 2008 2011 - F Sun>=15 0 0 -
-R As 2012 o - F Sun>=22 0 0 -
-R As 2013 2014 - F Sun>=15 0 0 -
-R As 2015 o - F Sun>=22 0 0 -
-R As 2016 2022 - F Sun>=15 0 0 -
-R As 2018 ma - N Sun>=1 0 1 S
-R As 2023 o - F Sun>=22 0 0 -
-R As 2024 2025 - F Sun>=15 0 0 -
-R As 2026 o - F Sun>=22 0 0 -
-R As 2027 2033 - F Sun>=15 0 0 -
-R As 2034 o - F Sun>=22 0 0 -
-R As 2035 2036 - F Sun>=15 0 0 -
-R As 2037 o - F Sun>=22 0 0 -
-R As 2038 ma - F Sun>=15 0 0 -
+R B 1931 o - O 3 11 1 -
+R B 1932 1933 - Ap 1 0 0 -
+R B 1932 o - O 3 0 1 -
+R B 1949 1952 - D 1 0 1 -
+R B 1950 o - Ap 16 1 0 -
+R B 1951 1952 - Ap 1 0 0 -
+R B 1953 o - Mar 1 0 0 -
+R B 1963 o - D 9 0 1 -
+R B 1964 o - Mar 1 0 0 -
+R B 1965 o - Ja 31 0 1 -
+R B 1965 o - Mar 31 0 0 -
+R B 1965 o - D 1 0 1 -
+R B 1966 1968 - Mar 1 0 0 -
+R B 1966 1967 - N 1 0 1 -
+R B 1985 o - N 2 0 1 -
+R B 1986 o - Mar 15 0 0 -
+R B 1986 o - O 25 0 1 -
+R B 1987 o - F 14 0 0 -
+R B 1987 o - O 25 0 1 -
+R B 1988 o - F 7 0 0 -
+R B 1988 o - O 16 0 1 -
+R B 1989 o - Ja 29 0 0 -
+R B 1989 o - O 15 0 1 -
+R B 1990 o - F 11 0 0 -
+R B 1990 o - O 21 0 1 -
+R B 1991 o - F 17 0 0 -
+R B 1991 o - O 20 0 1 -
+R B 1992 o - F 9 0 0 -
+R B 1992 o - O 25 0 1 -
+R B 1993 o - Ja 31 0 0 -
+R B 1993 1995 - O Sun>=11 0 1 -
+R B 1994 1995 - F Sun>=15 0 0 -
+R B 1996 o - F 11 0 0 -
+R B 1996 o - O 6 0 1 -
+R B 1997 o - F 16 0 0 -
+R B 1997 o - O 6 0 1 -
+R B 1998 o - Mar 1 0 0 -
+R B 1998 o - O 11 0 1 -
+R B 1999 o - F 21 0 0 -
+R B 1999 o - O 3 0 1 -
+R B 2000 o - F 27 0 0 -
+R B 2000 2001 - O Sun>=8 0 1 -
+R B 2001 2006 - F Sun>=15 0 0 -
+R B 2002 o - N 3 0 1 -
+R B 2003 o - O 19 0 1 -
+R B 2004 o - N 2 0 1 -
+R B 2005 o - O 16 0 1 -
+R B 2006 o - N 5 0 1 -
+R B 2007 o - F 25 0 0 -
+R B 2007 o - O Sun>=8 0 1 -
+R B 2008 2017 - O Sun>=15 0 1 -
+R B 2008 2011 - F Sun>=15 0 0 -
+R B 2012 o - F Sun>=22 0 0 -
+R B 2013 2014 - F Sun>=15 0 0 -
+R B 2015 o - F Sun>=22 0 0 -
+R B 2016 2022 - F Sun>=15 0 0 -
+R B 2018 ma - N Sun>=1 0 1 -
+R B 2023 o - F Sun>=22 0 0 -
+R B 2024 2025 - F Sun>=15 0 0 -
+R B 2026 o - F Sun>=22 0 0 -
+R B 2027 2033 - F Sun>=15 0 0 -
+R B 2034 o - F Sun>=22 0 0 -
+R B 2035 2036 - F Sun>=15 0 0 -
+R B 2037 o - F Sun>=22 0 0 -
+R B 2038 ma - F Sun>=15 0 0 -
 Z America/Noronha -2:9:40 - LMT 1914
--2 As -02/-01 1990 S 17
+-2 B -02/-01 1990 S 17
 -2 - -02 1999 S 30
--2 As -02/-01 2000 O 15
+-2 B -02/-01 2000 O 15
 -2 - -02 2001 S 13
--2 As -02/-01 2002 O
+-2 B -02/-01 2002 O
 -2 - -02
 Z America/Belem -3:13:56 - LMT 1914
--3 As -03/-02 1988 S 12
+-3 B -03/-02 1988 S 12
 -3 - -03
 Z America/Santarem -3:38:48 - LMT 1914
--4 As -04/-03 1988 S 12
+-4 B -04/-03 1988 S 12
 -4 - -04 2008 Jun 24
 -3 - -03
 Z America/Fortaleza -2:34 - LMT 1914
--3 As -03/-02 1990 S 17
+-3 B -03/-02 1990 S 17
 -3 - -03 1999 S 30
--3 As -03/-02 2000 O 22
+-3 B -03/-02 2000 O 22
 -3 - -03 2001 S 13
--3 As -03/-02 2002 O
+-3 B -03/-02 2002 O
 -3 - -03
 Z America/Recife -2:19:36 - LMT 1914
--3 As -03/-02 1990 S 17
+-3 B -03/-02 1990 S 17
 -3 - -03 1999 S 30
--3 As -03/-02 2000 O 15
+-3 B -03/-02 2000 O 15
 -3 - -03 2001 S 13
--3 As -03/-02 2002 O
+-3 B -03/-02 2002 O
 -3 - -03
 Z America/Araguaina -3:12:48 - LMT 1914
--3 As -03/-02 1990 S 17
+-3 B -03/-02 1990 S 17
 -3 - -03 1995 S 14
--3 As -03/-02 2003 S 24
+-3 B -03/-02 2003 S 24
 -3 - -03 2012 O 21
--3 As -03/-02 2013 S
+-3 B -03/-02 2013 S
 -3 - -03
 Z America/Maceio -2:22:52 - LMT 1914
--3 As -03/-02 1990 S 17
+-3 B -03/-02 1990 S 17
 -3 - -03 1995 O 13
--3 As -03/-02 1996 S 4
+-3 B -03/-02 1996 S 4
 -3 - -03 1999 S 30
--3 As -03/-02 2000 O 22
+-3 B -03/-02 2000 O 22
 -3 - -03 2001 S 13
--3 As -03/-02 2002 O
+-3 B -03/-02 2002 O
 -3 - -03
 Z America/Bahia -2:34:4 - LMT 1914
--3 As -03/-02 2003 S 24
+-3 B -03/-02 2003 S 24
 -3 - -03 2011 O 16
--3 As -03/-02 2012 O 21
+-3 B -03/-02 2012 O 21
 -3 - -03
 Z America/Sao_Paulo -3:6:28 - LMT 1914
--3 As -03/-02 1963 O 23
+-3 B -03/-02 1963 O 23
 -3 1 -02 1964
--3 As -03/-02
+-3 B -03/-02
 Z America/Campo_Grande -3:38:28 - LMT 1914
--4 As -04/-03
+-4 B -04/-03
 Z America/Cuiaba -3:44:20 - LMT 1914
--4 As -04/-03 2003 S 24
+-4 B -04/-03 2003 S 24
 -4 - -04 2004 O
--4 As -04/-03
+-4 B -04/-03
 Z America/Porto_Velho -4:15:36 - LMT 1914
--4 As -04/-03 1988 S 12
+-4 B -04/-03 1988 S 12
 -4 - -04
 Z America/Boa_Vista -4:2:40 - LMT 1914
--4 As -04/-03 1988 S 12
+-4 B -04/-03 1988 S 12
 -4 - -04 1999 S 30
--4 As -04/-03 2000 O 15
+-4 B -04/-03 2000 O 15
 -4 - -04
 Z America/Manaus -4:0:4 - LMT 1914
--4 As -04/-03 1988 S 12
+-4 B -04/-03 1988 S 12
 -4 - -04 1993 S 28
--4 As -04/-03 1994 S 22
+-4 B -04/-03 1994 S 22
 -4 - -04
 Z America/Eirunepe -4:39:28 - LMT 1914
--5 As -05/-04 1988 S 12
+-5 B -05/-04 1988 S 12
 -5 - -05 1993 S 28
--5 As -05/-04 1994 S 22
+-5 B -05/-04 1994 S 22
 -5 - -05 2008 Jun 24
 -4 - -04 2013 N 10
 -5 - -05
 Z America/Rio_Branco -4:31:12 - LMT 1914
--5 As -05/-04 1988 S 12
+-5 B -05/-04 1988 S 12
 -5 - -05 2008 Jun 24
 -4 - -04 2013 N 10
 -5 - -05
-R At 1927 1931 - S 1 0 1 S
-R At 1928 1932 - Ap 1 0 0 -
-R At 1968 o - N 3 4u 1 S
-R At 1969 o - Mar 30 3u 0 -
-R At 1969 o - N 23 4u 1 S
-R At 1970 o - Mar 29 3u 0 -
-R At 1971 o - Mar 14 3u 0 -
-R At 1970 1972 - O Sun>=9 4u 1 S
-R At 1972 1986 - Mar Sun>=9 3u 0 -
-R At 1973 o - S 30 4u 1 S
-R At 1974 1987 - O Sun>=9 4u 1 S
-R At 1987 o - Ap 12 3u 0 -
-R At 1988 1990 - Mar Sun>=9 3u 0 -
-R At 1988 1989 - O Sun>=9 4u 1 S
-R At 1990 o - S 16 4u 1 S
-R At 1991 1996 - Mar Sun>=9 3u 0 -
-R At 1991 1997 - O Sun>=9 4u 1 S
-R At 1997 o - Mar 30 3u 0 -
-R At 1998 o - Mar Sun>=9 3u 0 -
-R At 1998 o - S 27 4u 1 S
-R At 1999 o - Ap 4 3u 0 -
-R At 1999 2010 - O Sun>=9 4u 1 S
-R At 2000 2007 - Mar Sun>=9 3u 0 -
-R At 2008 o - Mar 30 3u 0 -
-R At 2009 o - Mar Sun>=9 3u 0 -
-R At 2010 o - Ap Sun>=1 3u 0 -
-R At 2011 o - May Sun>=2 3u 0 -
-R At 2011 o - Au Sun>=16 4u 1 S
-R At 2012 2014 - Ap Sun>=23 3u 0 -
-R At 2012 2014 - S Sun>=2 4u 1 S
-R At 2016 ma - May Sun>=9 3u 0 -
-R At 2016 ma - Au Sun>=9 4u 1 S
+R x 1927 1931 - S 1 0 1 -
+R x 1928 1932 - Ap 1 0 0 -
+R x 1968 o - N 3 4u 1 -
+R x 1969 o - Mar 30 3u 0 -
+R x 1969 o - N 23 4u 1 -
+R x 1970 o - Mar 29 3u 0 -
+R x 1971 o - Mar 14 3u 0 -
+R x 1970 1972 - O Sun>=9 4u 1 -
+R x 1972 1986 - Mar Sun>=9 3u 0 -
+R x 1973 o - S 30 4u 1 -
+R x 1974 1987 - O Sun>=9 4u 1 -
+R x 1987 o - Ap 12 3u 0 -
+R x 1988 1990 - Mar Sun>=9 3u 0 -
+R x 1988 1989 - O Sun>=9 4u 1 -
+R x 1990 o - S 16 4u 1 -
+R x 1991 1996 - Mar Sun>=9 3u 0 -
+R x 1991 1997 - O Sun>=9 4u 1 -
+R x 1997 o - Mar 30 3u 0 -
+R x 1998 o - Mar Sun>=9 3u 0 -
+R x 1998 o - S 27 4u 1 -
+R x 1999 o - Ap 4 3u 0 -
+R x 1999 2010 - O Sun>=9 4u 1 -
+R x 2000 2007 - Mar Sun>=9 3u 0 -
+R x 2008 o - Mar 30 3u 0 -
+R x 2009 o - Mar Sun>=9 3u 0 -
+R x 2010 o - Ap Sun>=1 3u 0 -
+R x 2011 o - May Sun>=2 3u 0 -
+R x 2011 o - Au Sun>=16 4u 1 -
+R x 2012 2014 - Ap Sun>=23 3u 0 -
+R x 2012 2014 - S Sun>=2 4u 1 -
+R x 2016 2018 - May Sun>=9 3u 0 -
+R x 2016 2018 - Au Sun>=9 4u 1 -
+R x 2019 ma - Ap Sun>=2 3u 0 -
+R x 2019 ma - S Sun>=2 4u 1 -
 Z America/Santiago -4:42:46 - LMT 1890
 -4:42:46 - SMT 1910 Ja 10
 -5 - -05 1916 Jul
 -4:42:46 - SMT 1918 S 10
 -4 - -04 1919 Jul
 -4:42:46 - SMT 1927 S
--5 At -05/-04 1932 S
+-5 x -05/-04 1932 S
 -4 - -04 1942 Jun
 -5 - -05 1942 Au
 -4 - -04 1946 Jul 15
 -4 1 -03 1946 S
 -4 - -04 1947 Ap
 -5 - -05 1947 May 21 23
--4 At -04/-03
+-4 x -04/-03
 Z America/Punta_Arenas -4:43:40 - LMT 1890
 -4:42:46 - SMT 1910 Ja 10
 -5 - -05 1916 Jul
 -4:42:46 - SMT 1918 S 10
 -4 - -04 1919 Jul
 -4:42:46 - SMT 1927 S
--5 At -05/-04 1932 S
+-5 x -05/-04 1932 S
 -4 - -04 1942 Jun
 -5 - -05 1942 Au
 -4 - -04 1947 Ap
 -5 - -05 1947 May 21 23
--4 At -04/-03 2016 D 4
+-4 x -04/-03 2016 D 4
 -3 - -03
 Z Pacific/Easter -7:17:28 - LMT 1890
 -7:17:28 - EMT 1932 S
--7 At -07/-06 1982 Mar 14 3u
--6 At -06/-05
+-7 x -07/-06 1982 Mar 14 3u
+-6 x -06/-05
 Z Antarctica/Palmer 0 - -00 1965
--4 Aq -04/-03 1969 O 5
--3 Aq -03/-02 1982 May
--4 At -04/-03 2016 D 4
+-4 A -04/-03 1969 O 5
+-3 A -03/-02 1982 May
+-4 x -04/-03 2016 D 4
 -3 - -03
-R Au 1992 o - May 3 0 1 S
-R Au 1993 o - Ap 4 0 0 -
+R CO 1992 o - May 3 0 1 -
+R CO 1993 o - Ap 4 0 0 -
 Z America/Bogota -4:56:16 - LMT 1884 Mar 13
 -4:56:16 - BMT 1914 N 23
--5 Au -05/-04
+-5 CO -05/-04
 Z America/Curacao -4:35:47 - LMT 1912 F 12
 -4:30 - -0430 1965
 -4 - AST
 Li America/Curacao America/Lower_Princes
 Li America/Curacao America/Kralendijk
-R Av 1992 o - N 28 0 1 S
-R Av 1993 o - F 5 0 0 -
+R EC 1992 o - N 28 0 1 -
+R EC 1993 o - F 5 0 0 -
 Z America/Guayaquil -5:19:20 - LMT 1890
 -5:14 - QMT 1931
--5 Av -05/-04
+-5 EC -05/-04
 Z Pacific/Galapagos -5:58:24 - LMT 1931
 -5 - -05 1986
--6 Av -06/-05
-R Aw 1937 1938 - S lastSun 0 1 S
-R Aw 1938 1942 - Mar Sun>=19 0 0 -
-R Aw 1939 o - O 1 0 1 S
-R Aw 1940 1942 - S lastSun 0 1 S
-R Aw 1943 o - Ja 1 0 0 -
-R Aw 1983 o - S lastSun 0 1 S
-R Aw 1984 1985 - Ap lastSun 0 0 -
-R Aw 1984 o - S 16 0 1 S
-R Aw 1985 2000 - S Sun>=9 0 1 S
-R Aw 1986 2000 - Ap Sun>=16 0 0 -
-R Aw 2001 2010 - Ap Sun>=15 2 0 -
-R Aw 2001 2010 - S Sun>=1 2 1 S
+-6 EC -06/-05
+R FK 1937 1938 - S lastSun 0 1 -
+R FK 1938 1942 - Mar Sun>=19 0 0 -
+R FK 1939 o - O 1 0 1 -
+R FK 1940 1942 - S lastSun 0 1 -
+R FK 1943 o - Ja 1 0 0 -
+R FK 1983 o - S lastSun 0 1 -
+R FK 1984 1985 - Ap lastSun 0 0 -
+R FK 1984 o - S 16 0 1 -
+R FK 1985 2000 - S Sun>=9 0 1 -
+R FK 1986 2000 - Ap Sun>=16 0 0 -
+R FK 2001 2010 - Ap Sun>=15 2 0 -
+R FK 2001 2010 - S Sun>=1 2 1 -
 Z Atlantic/Stanley -3:51:24 - LMT 1890
 -3:51:24 - SMT 1912 Mar 12
--4 Aw -04/-03 1983 May
--3 Aw -03/-02 1985 S 15
--4 Aw -04/-03 2010 S 5 2
+-4 FK -04/-03 1983 May
+-3 FK -03/-02 1985 S 15
+-4 FK -04/-03 2010 S 5 2
 -3 - -03
 Z America/Cayenne -3:29:20 - LMT 1911 Jul
 -4 - -04 1967 O
@@ -3872,46 +4043,46 @@ Z America/Guyana -3:52:40 - LMT 1915 Mar
 -3:45 - -0345 1975 Jul 31
 -3 - -03 1991
 -4 - -04
-R Ax 1975 1988 - O 1 0 1 S
-R Ax 1975 1978 - Mar 1 0 0 -
-R Ax 1979 1991 - Ap 1 0 0 -
-R Ax 1989 o - O 22 0 1 S
-R Ax 1990 o - O 1 0 1 S
-R Ax 1991 o - O 6 0 1 S
-R Ax 1992 o - Mar 1 0 0 -
-R Ax 1992 o - O 5 0 1 S
-R Ax 1993 o - Mar 31 0 0 -
-R Ax 1993 1995 - O 1 0 1 S
-R Ax 1994 1995 - F lastSun 0 0 -
-R Ax 1996 o - Mar 1 0 0 -
-R Ax 1996 2001 - O Sun>=1 0 1 S
-R Ax 1997 o - F lastSun 0 0 -
-R Ax 1998 2001 - Mar Sun>=1 0 0 -
-R Ax 2002 2004 - Ap Sun>=1 0 0 -
-R Ax 2002 2003 - S Sun>=1 0 1 S
-R Ax 2004 2009 - O Sun>=15 0 1 S
-R Ax 2005 2009 - Mar Sun>=8 0 0 -
-R Ax 2010 ma - O Sun>=1 0 1 S
-R Ax 2010 2012 - Ap Sun>=8 0 0 -
-R Ax 2013 ma - Mar Sun>=22 0 0 -
+R y 1975 1988 - O 1 0 1 -
+R y 1975 1978 - Mar 1 0 0 -
+R y 1979 1991 - Ap 1 0 0 -
+R y 1989 o - O 22 0 1 -
+R y 1990 o - O 1 0 1 -
+R y 1991 o - O 6 0 1 -
+R y 1992 o - Mar 1 0 0 -
+R y 1992 o - O 5 0 1 -
+R y 1993 o - Mar 31 0 0 -
+R y 1993 1995 - O 1 0 1 -
+R y 1994 1995 - F lastSun 0 0 -
+R y 1996 o - Mar 1 0 0 -
+R y 1996 2001 - O Sun>=1 0 1 -
+R y 1997 o - F lastSun 0 0 -
+R y 1998 2001 - Mar Sun>=1 0 0 -
+R y 2002 2004 - Ap Sun>=1 0 0 -
+R y 2002 2003 - S Sun>=1 0 1 -
+R y 2004 2009 - O Sun>=15 0 1 -
+R y 2005 2009 - Mar Sun>=8 0 0 -
+R y 2010 ma - O Sun>=1 0 1 -
+R y 2010 2012 - Ap Sun>=8 0 0 -
+R y 2013 ma - Mar Sun>=22 0 0 -
 Z America/Asuncion -3:50:40 - LMT 1890
 -3:50:40 - AMT 1931 O 10
 -4 - -04 1972 O
 -3 - -03 1974 Ap
--4 Ax -04/-03
-R Ay 1938 o - Ja 1 0 1 S
-R Ay 1938 o - Ap 1 0 0 -
-R Ay 1938 1939 - S lastSun 0 1 S
-R Ay 1939 1940 - Mar Sun>=24 0 0 -
-R Ay 1986 1987 - Ja 1 0 1 S
-R Ay 1986 1987 - Ap 1 0 0 -
-R Ay 1990 o - Ja 1 0 1 S
-R Ay 1990 o - Ap 1 0 0 -
-R Ay 1994 o - Ja 1 0 1 S
-R Ay 1994 o - Ap 1 0 0 -
+-4 y -04/-03
+R PE 1938 o - Ja 1 0 1 -
+R PE 1938 o - Ap 1 0 0 -
+R PE 1938 1939 - S lastSun 0 1 -
+R PE 1939 1940 - Mar Sun>=24 0 0 -
+R PE 1986 1987 - Ja 1 0 1 -
+R PE 1986 1987 - Ap 1 0 0 -
+R PE 1990 o - Ja 1 0 1 -
+R PE 1990 o - Ap 1 0 0 -
+R PE 1994 o - Ja 1 0 1 -
+R PE 1994 o - Ap 1 0 0 -
 Z America/Lima -5:8:12 - LMT 1890
 -5:8:36 - LMT 1908 Jul 28
--5 Ay -05/-04
+-5 PE -05/-04
 Z Atlantic/South_Georgia -2:26:8 - LMT 1890
 -2 - -02
 Z America/Paramaribo -3:40:40 - LMT 1911
@@ -3934,59 +4105,65 @@ Li America/Port_of_Spain America/St_Lucia
 Li America/Port_of_Spain America/St_Thomas
 Li America/Port_of_Spain America/St_Vincent
 Li America/Port_of_Spain America/Tortola
-R Az 1923 o - O 2 0 0:30 HS
-R Az 1924 1926 - Ap 1 0 0 -
-R Az 1924 1925 - O 1 0 0:30 HS
-R Az 1933 1935 - O lastSun 0 0:30 HS
-R Az 1934 1936 - Mar Sat>=25 23:30s 0 -
-R Az 1936 o - N 1 0 0:30 HS
-R Az 1937 1941 - Mar lastSun 0 0 -
-R Az 1937 1940 - O lastSun 0 0:30 HS
-R Az 1941 o - Au 1 0 0:30 HS
-R Az 1942 o - Ja 1 0 0 -
-R Az 1942 o - D 14 0 1 S
-R Az 1943 o - Mar 14 0 0 -
-R Az 1959 o - May 24 0 1 S
-R Az 1959 o - N 15 0 0 -
-R Az 1960 o - Ja 17 0 1 S
-R Az 1960 o - Mar 6 0 0 -
-R Az 1965 1967 - Ap Sun>=1 0 1 S
-R Az 1965 o - S 26 0 0 -
-R Az 1966 1967 - O 31 0 0 -
-R Az 1968 1970 - May 27 0 0:30 HS
-R Az 1968 1970 - D 2 0 0 -
-R Az 1972 o - Ap 24 0 1 S
-R Az 1972 o - Au 15 0 0 -
-R Az 1974 o - Mar 10 0 0:30 HS
-R Az 1974 o - D 22 0 1 S
-R Az 1976 o - O 1 0 0 -
-R Az 1977 o - D 4 0 1 S
-R Az 1978 o - Ap 1 0 0 -
-R Az 1979 o - O 1 0 1 S
-R Az 1980 o - May 1 0 0 -
-R Az 1987 o - D 14 0 1 S
-R Az 1988 o - Mar 14 0 0 -
-R Az 1988 o - D 11 0 1 S
-R Az 1989 o - Mar 12 0 0 -
-R Az 1989 o - O 29 0 1 S
-R Az 1990 1992 - Mar Sun>=1 0 0 -
-R Az 1990 1991 - O Sun>=21 0 1 S
-R Az 1992 o - O 18 0 1 S
-R Az 1993 o - F 28 0 0 -
-R Az 2004 o - S 19 0 1 S
-R Az 2005 o - Mar 27 2 0 -
-R Az 2005 o - O 9 2 1 S
-R Az 2006 o - Mar 12 2 0 -
-R Az 2006 2014 - O Sun>=1 2 1 S
-R Az 2007 2015 - Mar Sun>=8 2 0 -
-Z America/Montevideo -3:44:44 - LMT 1898 Jun 28
--3:44:44 - MMT 1920 May
--3:30 Az -0330/-03 1942 D 14
--3 Az -03/-02 1968
--3 Az -03/-0230 1971
--3 Az -03/-02 1974
--3 Az -03/-0230 1974 D 22
--3 Az -03/-02
+R U 1923 1925 - O 1 0 0:30 -
+R U 1924 1926 - Ap 1 0 0 -
+R U 1933 1938 - O lastSun 0 0:30 -
+R U 1934 1941 - Mar lastSat 24 0 -
+R U 1939 o - O 1 0 0:30 -
+R U 1940 o - O 27 0 0:30 -
+R U 1941 o - Au 1 0 0:30 -
+R U 1942 o - D 14 0 0:30 -
+R U 1943 o - Mar 14 0 0 -
+R U 1959 o - May 24 0 0:30 -
+R U 1959 o - N 15 0 0 -
+R U 1960 o - Ja 17 0 1 -
+R U 1960 o - Mar 6 0 0 -
+R U 1965 o - Ap 4 0 1 -
+R U 1965 o - S 26 0 0 -
+R U 1968 o - May 27 0 0:30 -
+R U 1968 o - D 1 0 0 -
+R U 1970 o - Ap 25 0 1 -
+R U 1970 o - Jun 14 0 0 -
+R U 1972 o - Ap 23 0 1 -
+R U 1972 o - Jul 16 0 0 -
+R U 1974 o - Ja 13 0 1:30 -
+R U 1974 o - Mar 10 0 0:30 -
+R U 1974 o - S 1 0 0 -
+R U 1974 o - D 22 0 1 -
+R U 1975 o - Mar 30 0 0 -
+R U 1976 o - D 19 0 1 -
+R U 1977 o - Mar 6 0 0 -
+R U 1977 o - D 4 0 1 -
+R U 1978 1979 - Mar Sun>=1 0 0 -
+R U 1978 o - D 17 0 1 -
+R U 1979 o - Ap 29 0 1 -
+R U 1980 o - Mar 16 0 0 -
+R U 1987 o - D 14 0 1 -
+R U 1988 o - F 28 0 0 -
+R U 1988 o - D 11 0 1 -
+R U 1989 o - Mar 5 0 0 -
+R U 1989 o - O 29 0 1 -
+R U 1990 o - F 25 0 0 -
+R U 1990 1991 - O Sun>=21 0 1 -
+R U 1991 1992 - Mar Sun>=1 0 0 -
+R U 1992 o - O 18 0 1 -
+R U 1993 o - F 28 0 0 -
+R U 2004 o - S 19 0 1 -
+R U 2005 o - Mar 27 2 0 -
+R U 2005 o - O 9 2 1 -
+R U 2006 2015 - Mar Sun>=8 2 0 -
+R U 2006 2014 - O Sun>=1 2 1 -
+Z America/Montevideo -3:44:51 - LMT 1908 Jun 10
+-3:44:51 - MMT 1920 May
+-4 - -04 1923 O
+-3:30 U -0330/-03 1942 D 14
+-3 U -03/-0230 1960
+-3 U -03/-02 1968
+-3 U -03/-0230 1970
+-3 U -03/-02 1974
+-3 U -03/-0130 1974 Mar 10
+-3 U -03/-0230 1974 D 22
+-3 U -03/-02
 Z America/Caracas -4:27:44 - LMT 1890
 -4:27:40 - CMT 1912 F 12
 -4:30 - -0430 1965
@@ -3995,7 +4172,6 @@ Z America/Caracas -4:27:44 - LMT 1890
 -4 - -04
 Z Etc/GMT 0 - GMT
 Z Etc/UTC 0 - UTC
-Z Etc/UCT 0 - UCT
 Li Etc/GMT GMT
 Li Etc/UTC Etc/Universal
 Li Etc/UTC Etc/Zulu
@@ -4097,6 +4273,7 @@ Li Pacific/Easter Chile/EasterIsland
 Li America/Havana Cuba
 Li Africa/Cairo Egypt
 Li Europe/Dublin Eire
+Li Etc/UTC Etc/UCT
 Li Europe/London Europe/Belfast
 Li Europe/Chisinau Europe/Tiraspol
 Li Europe/London GB
@@ -4131,7 +4308,7 @@ Li Asia/Taipei ROC
 Li Asia/Seoul ROK
 Li Asia/Singapore Singapore
 Li Europe/Istanbul Turkey
-Li Etc/UCT UCT
+Li Etc/UTC UCT
 Li America/Anchorage US/Alaska
 Li America/Adak US/Aleutian
 Li America/Phoenix US/Arizona
diff --git a/msys2/usr/share/zoneinfo/zone.tab b/msys2/usr/share/zoneinfo/zone.tab
index e1bfdee2e..27e1dee61 100644
--- a/msys2/usr/share/zoneinfo/zone.tab
+++ b/msys2/usr/share/zoneinfo/zone.tab
@@ -1,9 +1,9 @@
-# tz zone descriptions (deprecated version)
+# tzdb timezone descriptions (deprecated version)
 #
 # This file is in the public domain, so clarified as of
 # 2009-05-17 by Arthur David Olson.
 #
-# From Paul Eggert (2014-07-31):
+# From Paul Eggert (2018-06-27):
 # This file is intended as a backward-compatibility aid for older programs.
 # New programs should use zone1970.tab.  This file is like zone1970.tab (see
 # zone1970.tab's comments), but with the following additional restrictions:
@@ -12,13 +12,13 @@
 # 2.  The first data column contains exactly one country code.
 #
 # Because of (2), each row stands for an area that is the intersection
-# of a region identified by a country code and of a zone where civil
+# of a region identified by a country code and of a timezone where civil
 # clocks have agreed since 1970; this is a narrower definition than
 # that of zone1970.tab.
 #
-# This table is intended as an aid for users, to help them select time
-# zone data entries appropriate for their practical needs.  It is not
-# intended to take or endorse any position on legal or territorial claims.
+# This table is intended as an aid for users, to help them select timezones
+# appropriate for their practical needs.  It is not intended to take or
+# endorse any position on legal or territorial claims.
 #
 #country-
 #code	coordinates	TZ			comments
@@ -239,6 +239,7 @@ KW	+2920+04759	Asia/Kuwait
 KY	+1918-08123	America/Cayman
 KZ	+4315+07657	Asia/Almaty	Kazakhstan (most areas)
 KZ	+4448+06528	Asia/Qyzylorda	Qyzylorda/Kyzylorda/Kzyl-Orda
+KZ	+5312+06337	Asia/Qostanay	Qostanay/Kostanay/Kustanay
 KZ	+5017+05710	Asia/Aqtobe	Aqtobe/Aktobe
 KZ	+4431+05016	Asia/Aqtau	Mangghystau/Mankistau
 KZ	+4707+05156	Asia/Atyrau	Atyrau/Atirau/Gur'yev
@@ -268,7 +269,7 @@ MM	+1647+09610	Asia/Yangon
 MN	+4755+10653	Asia/Ulaanbaatar	Mongolia (most areas)
 MN	+4801+09139	Asia/Hovd	Bayan-Olgiy, Govi-Altai, Hovd, Uvs, Zavkhan
 MN	+4804+11430	Asia/Choibalsan	Dornod, Sukhbaatar
-MO	+2214+11335	Asia/Macau
+MO	+221150+1133230	Asia/Macau
 MP	+1512+14545	Pacific/Saipan
 MQ	+1436-06105	America/Martinique
 MR	+1806-01557	Africa/Nouakchott
@@ -332,9 +333,9 @@ RS	+4450+02030	Europe/Belgrade
 RU	+5443+02030	Europe/Kaliningrad	MSK-01 - Kaliningrad
 RU	+554521+0373704	Europe/Moscow	MSK+00 - Moscow area
 RU	+4457+03406	Europe/Simferopol	MSK+00 - Crimea
-RU	+4844+04425	Europe/Volgograd	MSK+00 - Volgograd
 RU	+5836+04939	Europe/Kirov	MSK+00 - Kirov
 RU	+4621+04803	Europe/Astrakhan	MSK+01 - Astrakhan
+RU	+4844+04425	Europe/Volgograd	MSK+01 - Volgograd
 RU	+5134+04602	Europe/Saratov	MSK+01 - Saratov
 RU	+5420+04824	Europe/Ulyanovsk	MSK+01 - Ulyanovsk
 RU	+5312+05009	Europe/Samara	MSK+01 - Samara, Udmurtia
@@ -429,7 +430,7 @@ US	+593249-1394338	America/Yakutat	Alaska - Yakutat
 US	+643004-1652423	America/Nome	Alaska (west)
 US	+515248-1763929	America/Adak	Aleutian Islands
 US	+211825-1575130	Pacific/Honolulu	Hawaii
-UY	-3453-05611	America/Montevideo
+UY	-345433-0561245	America/Montevideo
 UZ	+3940+06648	Asia/Samarkand	Uzbekistan (west)
 UZ	+4120+06918	Asia/Tashkent	Uzbekistan (east)
 VA	+415408+0122711	Europe/Vatican
diff --git a/msys2/usr/share/zoneinfo/zone1970.tab b/msys2/usr/share/zoneinfo/zone1970.tab
index 4ee8ce519..9a8e4244f 100644
--- a/msys2/usr/share/zoneinfo/zone1970.tab
+++ b/msys2/usr/share/zoneinfo/zone1970.tab
@@ -1,35 +1,35 @@
-# tz zone descriptions
+# tzdb timezone descriptions
 #
 # This file is in the public domain.
 #
-# From Paul Eggert (2017-10-01):
-# This file contains a table where each row stands for a zone where
-# civil time stamps have agreed since 1970.  Columns are separated by
+# From Paul Eggert (2018-06-27):
+# This file contains a table where each row stands for a timezone where
+# civil timestamps have agreed since 1970.  Columns are separated by
 # a single tab.  Lines beginning with '#' are comments.  All text uses
 # UTF-8 encoding.  The columns of the table are as follows:
 #
-# 1.  The countries that overlap the zone, as a comma-separated list
+# 1.  The countries that overlap the timezone, as a comma-separated list
 #     of ISO 3166 2-character country codes.  See the file 'iso3166.tab'.
-# 2.  Latitude and longitude of the zone's principal location
+# 2.  Latitude and longitude of the timezone's principal location
 #     in ISO 6709 sign-degrees-minutes-seconds format,
-#     either +-DDMM+-DDDMM or +-DDMMSS+-DDDMMSS,
+#     either ±DDMM±DDDMM or ±DDMMSS±DDDMMSS,
 #     first latitude (+ is north), then longitude (+ is east).
-# 3.  Zone name used in value of TZ environment variable.
-#     Please see the theory.html file for how zone names are chosen.
-#     If multiple zones overlap a country, each has a row in the
+# 3.  Timezone name used in value of TZ environment variable.
+#     Please see the theory.html file for how these names are chosen.
+#     If multiple timezones overlap a country, each has a row in the
 #     table, with each column 1 containing the country code.
-# 4.  Comments; present if and only if a country has multiple zones.
+# 4.  Comments; present if and only if a country has multiple timezones.
 #
-# If a zone covers multiple countries, the most-populous city is used,
+# If a timezone covers multiple countries, the most-populous city is used,
 # and that country is listed first in column 1; any other countries
 # are listed alphabetically by country code.  The table is sorted
 # first by country code, then (if possible) by an order within the
 # country that (1) makes some geographical sense, and (2) puts the
-# most populous zones first, where that does not contradict (1).
+# most populous timezones first, where that does not contradict (1).
 #
-# This table is intended as an aid for users, to help them select time
-# zone data entries appropriate for their practical needs.  It is not
-# intended to take or endorse any position on legal or territorial claims.
+# This table is intended as an aid for users, to help them select timezones
+# appropriate for their practical needs.  It is not intended to take or
+# endorse any position on legal or territorial claims.
 #
 #country-
 #codes	coordinates	TZ	comments
@@ -211,6 +211,7 @@ KP	+3901+12545	Asia/Pyongyang
 KR	+3733+12658	Asia/Seoul
 KZ	+4315+07657	Asia/Almaty	Kazakhstan (most areas)
 KZ	+4448+06528	Asia/Qyzylorda	Qyzylorda/Kyzylorda/Kzyl-Orda
+KZ	+5312+06337	Asia/Qostanay	Qostanay/Kostanay/Kustanay
 KZ	+5017+05710	Asia/Aqtobe	Aqtöbe/Aktobe
 KZ	+4431+05016	Asia/Aqtau	Mangghystaū/Mankistau
 KZ	+4707+05156	Asia/Atyrau	Atyraū/Atirau/Gur'yev
@@ -231,7 +232,7 @@ MM	+1647+09610	Asia/Yangon
 MN	+4755+10653	Asia/Ulaanbaatar	Mongolia (most areas)
 MN	+4801+09139	Asia/Hovd	Bayan-Ölgii, Govi-Altai, Hovd, Uvs, Zavkhan
 MN	+4804+11430	Asia/Choibalsan	Dornod, Sükhbaatar
-MO	+2214+11335	Asia/Macau
+MO	+221150+1133230	Asia/Macau
 MQ	+1436-06105	America/Martinique
 MT	+3554+01431	Europe/Malta
 MU	-2010+05730	Indian/Mauritius
@@ -289,9 +290,9 @@ RS,BA,HR,ME,MK,SI	+4450+02030	Europe/Belgrade
 RU	+5443+02030	Europe/Kaliningrad	MSK-01 - Kaliningrad
 RU	+554521+0373704	Europe/Moscow	MSK+00 - Moscow area
 RU	+4457+03406	Europe/Simferopol	MSK+00 - Crimea
-RU	+4844+04425	Europe/Volgograd	MSK+00 - Volgograd
 RU	+5836+04939	Europe/Kirov	MSK+00 - Kirov
 RU	+4621+04803	Europe/Astrakhan	MSK+01 - Astrakhan
+RU	+4844+04425	Europe/Volgograd	MSK+01 - Volgograd
 RU	+5134+04602	Europe/Saratov	MSK+01 - Saratov
 RU	+5420+04824	Europe/Ulyanovsk	MSK+01 - Ulyanovsk
 RU	+5312+05009	Europe/Samara	MSK+01 - Samara, Udmurtia
@@ -371,7 +372,7 @@ US	+593249-1394338	America/Yakutat	Alaska - Yakutat
 US	+643004-1652423	America/Nome	Alaska (west)
 US	+515248-1763929	America/Adak	Aleutian Islands
 US,UM	+211825-1575130	Pacific/Honolulu	Hawaii
-UY	-3453-05611	America/Montevideo
+UY	-345433-0561245	America/Montevideo
 UZ	+3940+06648	Asia/Samarkand	Uzbekistan (west)
 UZ	+4120+06918	Asia/Tashkent	Uzbekistan (east)
 VE	+1030-06656	America/Caracas
diff --git a/msys2/usr/share/zsh/site-functions/_pacman b/msys2/usr/share/zsh/site-functions/_pacman
index b7139f4d4..c19c80aeb 100644
--- a/msys2/usr/share/zsh/site-functions/_pacman
+++ b/msys2/usr/share/zsh/site-functions/_pacman
@@ -103,7 +103,7 @@ _pacman_opts_files=(
 	{-l,--list}'[List the files owned by the queried package]:package:_pacman_completions_all_packages'
 	{-o,--owns}'[Query the package that owns]:files:_files'
 	{-s,--search}'[Search package file names for matching strings]:files:_files'
-	{-x,--regex}'[Enable searching using regluar expressions]:regex:'
+	{-x,--regex}'[Enable searching using regular expressions]:regex:'
 	{-y,--refresh}'[Download fresh files databases from the server]'
 	'--machinereadable[Produce machine-readable output]'
 	{-q,--quiet}'[Show less information for query and search]'
@@ -316,7 +316,7 @@ _pacman_completions_all_packages() {
 		typeset -U packages
 		${seq} _wanted packages expl "packages" compadd ${sep[@]} - "${(@)packages}"
 
-		repositories=(${(o)${${${(M)${(f)"$(</etc/pacman.conf)"}:#\[*}/\[/}/\]/}:#options})
+		repositories=($(pacman-conf --repo-list))
 		typeset -U repositories
 		_wanted repo_packages expl "repository/package" compadd -S "/" $repositories
 	fi
@@ -348,7 +348,7 @@ _pacman_all_packages() {
 # provides completions for repository names
 _pacman_completions_repositories() {
 	local -a cmd repositories
-	repositories=(${(o)${${${(M)${(f)"$(</etc/pacman.conf)"}:#\[*}/\[/}/\]/}:#options})
+	repositories=($(pacman-conf --repo-list))
 	# Uniq the array
 	typeset -U repositories
 	compadd "$@" -a repositories
@@ -505,7 +505,7 @@ _key_shortopts=(
 	'-a[Add the specified keys (empty for stdin)]: :_files'
 	'-d[Remove the Specified keyids]:*: :_keys'
 	'-e[Export the specified or all keyids]:*: :_keys'
-	'-f[List fingreprint for specidied or all keyids]:*: :_keys'
+	'-f[List fingerprint for specified or all keyids]:*: :_keys'
 	'-l[List the specified or all keys]:*: :_keys'
 	'-r[Fetch the specified keyids]:*: :_keys'
 	'-u[Update the trustdb of pacman]'
@@ -518,7 +518,7 @@ _key_longopts=(
 	'--add[Add the specified keys (empty for stdin)]: :_files'
 	'--delete[Remove the Specified keyids]:*: :_keys'
 	'--export[Export the specified or all keyids]:*: :_keys'
-	'--finger[List fingreprint for specidied or all keyids]:*: :_keys'
+	'--finger[List fingerprint for specified or all keyids]:*: :_keys'
 	'--list-keys[List the specified or all keys]:*: :_keys'
 	'--recv-keys[Fetch the specified keyids]:*: :_keys'
 	'--updatedb[Update the trustdb of pacman]'
diff --git a/msys2/usr/share/zsh/site-functions/_pkgfile b/msys2/usr/share/zsh/site-functions/_pkgfile
index b89ee3162..428f67e6a 100644
--- a/msys2/usr/share/zsh/site-functions/_pkgfile
+++ b/msys2/usr/share/zsh/site-functions/_pkgfile
@@ -10,7 +10,7 @@ _repos(){
 
 _compression(){
     local -a cmd _comps
-    _comps=('none' 'gzip' 'bzip2' 'lzma' 'lzop' 'xz')
+    _comps=('none' 'gzip' 'bzip2' 'lzma' 'lzop' 'lz4' 'xz')
     typeset -U _comps
     compadd "$@" -a _comps
 }
@@ -38,6 +38,8 @@ _longopts=(
     '--raw[disable output justification]'
     '--null[null terminate output]'
     '--compress=[compress downloaded repos]: :_compression'
+    '--config=[use an alternate pacman config]: :_files'
+    '--cachedir=[use an alternate cache directory]: :_files -/'
     )
 
 _shortopts=(
@@ -57,6 +59,8 @@ _shortopts=(
     '*-w[disable output justification]'
     '*-0[null terminate output]'
     '*-z[compress downloaded repos]: :_compression'
+    '*-C[use an alternate pacman config]: :_files'
+    '*-D[use an alternate cache directory]: :_files -/'
     )
 
 _pkgfile() {
diff --git a/msys2/usr/ssl/cert.pem b/msys2/usr/ssl/cert.pem
index 22e00d221..b832ef518 100644
--- a/msys2/usr/ssl/cert.pem
+++ b/msys2/usr/ssl/cert.pem
@@ -1,3 +1,4 @@
+# ACCVRAIZ1
 -----BEGIN CERTIFICATE-----
 MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
 AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
@@ -42,39 +43,8 @@ h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
 d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
 pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
-AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
-CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
-MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
-RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
-AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
-09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
-XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
-Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
-t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
-X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
-MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
-fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
-2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
-K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
-ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
-BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
-MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
-RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
-fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
-gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
-I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
-5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
-ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
-MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
-o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
-zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
-GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
-r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
-Z05phkOTOPu220+DkdRgfks+KzgHVZhepA==
------END CERTIFICATE-----
+
+# AC RAIZ FNMT-RCM
 -----BEGIN CERTIFICATE-----
 MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx
 CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ
@@ -107,6 +77,8 @@ fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp
 RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv
 uu8wd+RU4riEmViAqhOLUTpPSPaLtrM=
 -----END CERTIFICATE-----
+
+# Actalis Authentication Root CA
 -----BEGIN CERTIFICATE-----
 MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
 BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
@@ -140,6 +112,8 @@ ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
 LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
 LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
 -----END CERTIFICATE-----
+
+# AddTrust External Root
 -----BEGIN CERTIFICATE-----
 MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
@@ -165,79 +139,8 @@ Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
 c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
 mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw
-MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
-QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD
-VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul
-CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n
-tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl
-dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch
-PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC
-+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O
-BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
-BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl
-MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk
-ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB
-IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
-7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz
-43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
-eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
-pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
-WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqE=
------END CERTIFICATE-----
+
+# AffirmTrust Commercial
 -----BEGIN CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -258,6 +161,8 @@ Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g
 N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC
 nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8=
 -----END CERTIFICATE-----
+
+# AffirmTrust Networking
 -----BEGIN CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -278,6 +183,8 @@ Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u
 olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48
 x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s=
 -----END CERTIFICATE-----
+
+# AffirmTrust Premium
 -----BEGIN CERTIFICATE-----
 MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
@@ -309,6 +216,8 @@ GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO
 RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e
 KeC2uAloGRwYQw==
 -----END CERTIFICATE-----
+
+# AffirmTrust Premium ECC
 -----BEGIN CERTIFICATE-----
 MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
 VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
@@ -322,6 +231,8 @@ A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs
 aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I
 flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ==
 -----END CERTIFICATE-----
+
+# Amazon Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -342,6 +253,8 @@ o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
 5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
 rqXRfboQnoZsG4q5WTP468SQvvG5
 -----END CERTIFICATE-----
+
+# Amazon Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -373,6 +286,8 @@ n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE
 9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT
 4PsJYGw=
 -----END CERTIFICATE-----
+
+# Amazon Root CA 3
 -----BEGIN CERTIFICATE-----
 MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -385,6 +300,8 @@ ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr
 BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM
 YyRIHN8wfdVoOw==
 -----END CERTIFICATE-----
+
+# Amazon Root CA 4
 -----BEGIN CERTIFICATE-----
 MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -398,6 +315,8 @@ MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw
 CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW
 1KyLa2tJElMzrdfkviT8tQp21KW8EA==
 -----END CERTIFICATE-----
+
+# Atos TrustedRoot 2011
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
 AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
@@ -419,6 +338,8 @@ maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
 lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
 KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed
 -----END CERTIFICATE-----
+
+# Autoridad de Certificacion Firmaprofesional CIF A62634068
 -----BEGIN CERTIFICATE-----
 MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
 BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
@@ -454,6 +375,8 @@ StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
 Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
 jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V
 -----END CERTIFICATE-----
+
+# Baltimore CyberTrust Root
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
 RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
@@ -475,6 +398,8 @@ Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
 ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
 R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
 -----END CERTIFICATE-----
+
+# Buypass Class 2 Root CA
 -----BEGIN CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -506,6 +431,8 @@ I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7
 3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz
 Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA=
 -----END CERTIFICATE-----
+
+# Buypass Class 3 Root CA
 -----BEGIN CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -537,37 +464,8 @@ kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41
 u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq
 4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
-MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
-D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
-OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
-fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
-IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
-oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
-/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
-rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
-3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
-7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
-yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
-qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
-hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
-SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
-HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
-emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
-AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
-7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
-DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
-F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
-a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
-Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOL
------END CERTIFICATE-----
+
+# CA Disig Root R2
 -----BEGIN CERTIFICATE-----
 MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
 BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
@@ -599,19 +497,8 @@ G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
 zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
 L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
-CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
-EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
-NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
-MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
-KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
-1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
-1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
-aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
------END CERTIFICATE-----
+
+# CFCA EV ROOT
 -----BEGIN CERTIFICATE-----
 MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD
 TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
@@ -644,26 +531,8 @@ Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN
 AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
 5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2
-MDcwOTE0WhcNMjcwNDE2MDcwOTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMF
-Q05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzDo+/hn7E7SIX1mlwh
-IhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tizVHa6
-dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZO
-V/kbZKKTVrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrC
-GHn2emU1z5DrvTOTn1OrczvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gN
-v7Sg2Ca+I19zN38m5pIEo3/PIKe38zrKy5nLAgMBAAGjczBxMBEGCWCGSAGG+EIB
-AQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscCwQ7vptU7ETAPBgNVHRMB
-Af8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991SlgrHAsEO
-76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnK
-OOK5Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvH
-ugDnuL8BV8F3RTIMO/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7Hgvi
-yJA/qIYM/PmLXoXLT1tLYhFHxUV8BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fL
-buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
-2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxE=
------END CERTIFICATE-----
+
+# COMODO Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
 gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -689,6 +558,8 @@ zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
 BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
 ZQ==
 -----END CERTIFICATE-----
+
+# COMODO ECC Certification Authority
 -----BEGIN CERTIFICATE-----
 MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
 MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
@@ -705,6 +576,8 @@ BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
 fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
 GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
 -----END CERTIFICATE-----
+
+# COMODO RSA Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
 hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -739,83 +612,8 @@ QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
 0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
 NVOFBkpdn627G190
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
-b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa
-MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB
-ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw
-IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B
-AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb
-unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d
-BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq
-7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3
-0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX
-roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG
-A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j
-aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p
-26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA
-BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud
-EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN
-BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
-aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB
-AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd
-p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
-1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
-XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
-eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
-tGWaIZDgqtCYvDi1czyL+Nw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
-YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9
-MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy
-NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G
-A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA
-A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0
-Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s
-QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV
-eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795
-B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh
-z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T
-AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i
-ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w
-TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH
-MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD
-VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE
-VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
-bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B
-AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM
-bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
-ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
-VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
-ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
-AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
-BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
-MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
-JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
-gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
-5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
-fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
-2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
-KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
-fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
-3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
-SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
-LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
-XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
------END CERTIFICATE-----
+
+# Certigna
 -----BEGIN CERTIFICATE-----
 MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV
 BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X
@@ -838,38 +636,8 @@ HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w
 t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
 WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjET
-MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAk
-BgNVBAMMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4
-Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNl
-cnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYwJAYDVQQDDB1DZXJ0
-aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jY
-F1AMnmHawE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N
-8y4oH3DfVS9O7cdxbwlyLu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWe
-rP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K
-/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92NjMD2AR5vpTESOH2VwnHu
-7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9qc1pkIuVC
-28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6
-lSTClrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1E
-nn1So2+WLhl+HPNbxxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB
-0iSVL1N6aaLwD4ZFjliCK0wi1F6g530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql09
-5gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna4NH4+ej9Uji29YnfAgMBAAGj
-WzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQN
-jLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
-KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9s
-ov3/4gbIOZ/xWqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZM
-OH8oMDX/nyNTt7buFHAAQCvaR6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q
-619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40nJ+U8/aGH88bc62UeYdocMMzpXDn
-2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1BCxMjidPJC+iKunqj
-o3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjvJL1v
-nxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG
-5ERQL1TEqkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWq
-pdEdnV1j6CTmNhTih60bWfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZb
-dsLLO7XSAPCjDuGtbkD326C00EauFddEwk01+dIL8hf2rGbVJLJP0RyZwG71fet0
-BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/vgt2Fl43N+bYdJeimUV5
------END CERTIFICATE-----
+
+# Certinomis - Root CA
 -----BEGIN CERTIFICATE-----
 MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
 MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
@@ -902,6 +670,8 @@ Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ
 8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW
 gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE=
 -----END CERTIFICATE-----
+
+# Certplus Class 2 Primary CA
 -----BEGIN CERTIFICATE-----
 MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
 PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
@@ -924,6 +694,8 @@ ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
 kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
 l7+ijrRU
 -----END CERTIFICATE-----
+
+# Certplus Root CA G1
 -----BEGIN CERTIFICATE-----
 MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA
 MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy
@@ -955,6 +727,8 @@ V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5
 g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl
 ++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo=
 -----END CERTIFICATE-----
+
+# Certplus Root CA G2
 -----BEGIN CERTIFICATE-----
 MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x
 CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs
@@ -969,25 +743,8 @@ SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch
 p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal
 U5ORGpOucGpnutee5WEaXw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E
-jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo
-ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI
-ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu
-Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg
-AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7
-HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
-uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa
-TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
-xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
-CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
-O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
-6GAqm4VKQPNriiTsBhYscw==
------END CERTIFICATE-----
+
+# Certum Trusted Network CA
 -----BEGIN CERTIFICATE-----
 MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
 MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
@@ -1010,6 +767,8 @@ J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
 VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
 03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw=
 -----END CERTIFICATE-----
+
+# Certum Trusted Network CA 2
 -----BEGIN CERTIFICATE-----
 MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB
 gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
@@ -1044,6 +803,8 @@ XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P
 5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi
 DrW5viSP
 -----END CERTIFICATE-----
+
+# Chambers of Commerce Root - 2008
 -----BEGIN CERTIFICATE-----
 MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1086,30 +847,8 @@ fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
 OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
 d0jQ
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
-Q04xMjAwBgNVBAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24g
-Q2VudGVyMUcwRQYDVQQDDD5DaGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0
-aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMgUm9vdDAeFw0xMDA4MzEwNzExMjVa
-Fw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAGA1UECgwpQ2hpbmEg
-SW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMMPkNo
-aW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRp
-ZmljYXRlcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z
-7r07eKpkQ0H1UN+U8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//
-DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1Vx
-zUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8
-hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs
-4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54u
-gQEC7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oY
-NJKiyoOCWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
-FgQUfHJLOcfA22KlT5uqGDSSosqDglkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3
-j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd50XPFtQO3WKwMVC/GVhMPMdoG
-52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM7+czV0I664zB
-echNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
-ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrI
-zo9uoV1/A3U05K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATy
-wy39FCqQmbkHzJ8=
------END CERTIFICATE-----
+
+# Comodo AAA Services root
 -----BEGIN CERTIFICATE-----
 MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
 MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
@@ -1135,56 +874,8 @@ G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
 l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
 smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
------END CERTIFICATE-----
+
+# Cybertrust Global Root
 -----BEGIN CERTIFICATE-----
 MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG
 A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
@@ -1207,6 +898,8 @@ omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc
 A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW
 WL1WMRJOEcgh4LMRkWXbtKaIOM5V
 -----END CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 2009
 -----BEGIN CERTIFICATE-----
 MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD
@@ -1232,6 +925,8 @@ zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8
 PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y
 Johw1+qRzT65ysCQblrGXnRl11z+o+I=
 -----END CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 EV 2009
 -----BEGIN CERTIFICATE-----
 MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
@@ -1257,30 +952,8 @@ CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na
 xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX
 KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
-ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
-MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
-VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
-FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
-ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
-gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
-fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
-ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
-ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
-c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
-dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
-aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
-hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
-QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
-h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
-nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
-rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
-9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6mis=
------END CERTIFICATE-----
+
+# DST Root CA X3
 -----BEGIN CERTIFICATE-----
 MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
 MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
@@ -1301,6 +974,8 @@ R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
 Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
 -----END CERTIFICATE-----
+
+# Deutsche Telekom Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
 MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
@@ -1323,6 +998,8 @@ IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
 xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
 Cm26OWMohpLzGITY+9HPBVZkVw==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root CA
 -----BEGIN CERTIFICATE-----
 MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1345,6 +1022,8 @@ NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
 H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
 +o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root G2
 -----BEGIN CERTIFICATE-----
 MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1367,6 +1046,8 @@ B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
 ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
 IhNzbM8m9Yop5w==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root G3
 -----BEGIN CERTIFICATE-----
 MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1382,6 +1063,8 @@ AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
 JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
 6pZjamVFkpUBtA==
 -----END CERTIFICATE-----
+
+# DigiCert Global Root CA
 -----BEGIN CERTIFICATE-----
 MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1404,6 +1087,8 @@ PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
 YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
 CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 -----END CERTIFICATE-----
+
+# DigiCert Global Root G2
 -----BEGIN CERTIFICATE-----
 MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1426,6 +1111,8 @@ Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
 pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
 MrY=
 -----END CERTIFICATE-----
+
+# DigiCert Global Root G3
 -----BEGIN CERTIFICATE-----
 MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1441,6 +1128,8 @@ AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
 oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
 sycX
 -----END CERTIFICATE-----
+
+# DigiCert High Assurance EV Root CA
 -----BEGIN CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1464,6 +1153,8 @@ Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
 vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
 +OkuE6N36B9K
 -----END CERTIFICATE-----
+
+# DigiCert Trusted Root G4
 -----BEGIN CERTIFICATE-----
 MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1496,6 +1187,8 @@ r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
 /YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
 gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
 -----END CERTIFICATE-----
+
+# E-Tugra Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
 BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
@@ -1532,6 +1225,8 @@ AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
 y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
 NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA==
 -----END CERTIFICATE-----
+
+# EC-ACC
 -----BEGIN CERTIFICATE-----
 MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB
 8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
@@ -1563,6 +1258,8 @@ Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS
 Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl
 nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI=
 -----END CERTIFICATE-----
+
+# EE Certification Centre Root CA
 -----BEGIN CERTIFICATE-----
 MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1
 MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
@@ -1587,6 +1284,8 @@ uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW
 iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v
 GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0=
 -----END CERTIFICATE-----
+
+# Entrust.net Premium 2048 Secure Server CA
 -----BEGIN CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
 RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
@@ -1612,6 +1311,8 @@ u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
 bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
 fF6adulZkMV8gzURZVE=
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority - EC1
 -----BEGIN CERTIFICATE-----
 MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
 A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
@@ -1630,6 +1331,8 @@ BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
 R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
 hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority - G2
 -----BEGIN CERTIFICATE-----
 MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
@@ -1655,6 +1358,8 @@ Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
 nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
 VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g==
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
@@ -1682,6 +1387,42 @@ AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP
 eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
 0vdXcDazv/wor3ElhVsT/h5/WrQ8
 -----END CERTIFICATE-----
+
+# GDCA TrustAUTH R5 ROOT
+-----BEGIN CERTIFICATE-----
+MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w
+HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj
+Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj
+TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u
+KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj
+qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm
+MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12
+ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP
+zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk
+L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC
+jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA
+HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC
+AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg
+p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm
+DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5
+COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry
+L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf
+JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg
+IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io
+2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV
+09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ
+XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq
+T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe
+MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g==
+-----END CERTIFICATE-----
+
+# GeoTrust Global CA
 -----BEGIN CERTIFICATE-----
 MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
 MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
@@ -1702,27 +1443,8 @@ PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
 hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
 5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bA==
------END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G2
 -----BEGIN CERTIFICATE-----
 MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
 MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
@@ -1740,6 +1462,8 @@ CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
 qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
 rD6ogRLQy7rQkgu2npaqBA+K
 -----END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
 mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
@@ -1764,6 +1488,8 @@ AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
 SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
 spki4cErx5z481+oghLrGREt
 -----END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
 MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
@@ -1785,6 +1511,8 @@ oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj
 UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
 AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk=
 -----END CERTIFICATE-----
+
+# GeoTrust Universal CA
 -----BEGIN CERTIFICATE-----
 MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
@@ -1816,6 +1544,8 @@ ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
 DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
 bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
 -----END CERTIFICATE-----
+
+# GeoTrust Universal CA 2
 -----BEGIN CERTIFICATE-----
 MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
@@ -1847,6 +1577,8 @@ OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
 6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
 QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
 -----END CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R4
 -----BEGIN CERTIFICATE-----
 MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
@@ -1860,6 +1592,8 @@ uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
 kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
 ewv4n4Q=
 -----END CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R5
 -----BEGIN CERTIFICATE-----
 MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
@@ -1874,6 +1608,8 @@ KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
 515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
 xwy8p2Fp8fc74SrL+SvzZpA3
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA - R2
 -----BEGIN CERTIFICATE-----
 MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
@@ -1896,6 +1632,8 @@ ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
 AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
 TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA - R3
 -----BEGIN CERTIFICATE-----
 MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
@@ -1917,6 +1655,8 @@ mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
 Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
 WD9f
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA
 -----BEGIN CERTIFICATE-----
 MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
 A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
@@ -1938,6 +1678,8 @@ AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
 DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
 HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
 -----END CERTIFICATE-----
+
+# Global Chambersign Root - 2008
 -----BEGIN CERTIFICATE-----
 MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1979,6 +1721,8 @@ M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
 v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
 09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B
 -----END CERTIFICATE-----
+
+# Go Daddy Class 2 CA
 -----BEGIN CERTIFICATE-----
 MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
 MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
@@ -2003,6 +1747,8 @@ HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
 dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
 ReYNnyicsbkqWletNw+vHX/bvZ8=
 -----END CERTIFICATE-----
+
+# Go Daddy Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
@@ -2026,6 +1772,8 @@ gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo
 LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI
 4uJEvlz36hz1
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions ECC RootCA 2015
 -----BEGIN CERTIFICATE-----
 MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN
 BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
@@ -2043,6 +1791,8 @@ C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep
 lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof
 TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2011
 -----BEGIN CERTIFICATE-----
 MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
 RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
@@ -2068,6 +1818,8 @@ dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
 Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
 l7WdmplNsDz4SgCbZN2fOUvRJ9e4
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2015
 -----BEGIN CERTIFICATE-----
 MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix
 DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k
@@ -2103,6 +1855,8 @@ pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK
 e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0
 vm9qp/UsQu0yrbYhnr68
 -----END CERTIFICATE-----
+
+# Hongkong Post Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx
 FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
@@ -2123,6 +1877,8 @@ EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
 fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
 AmvZWg==
 -----END CERTIFICATE-----
+
+# ISRG Root X1
 -----BEGIN CERTIFICATE-----
 MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
 TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
@@ -2154,6 +1910,8 @@ oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
 mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
 emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
 -----END CERTIFICATE-----
+
+# IdenTrust Commercial Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
@@ -2185,6 +1943,8 @@ l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG
 mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
 7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H
 -----END CERTIFICATE-----
+
+# IdenTrust Public Sector Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
@@ -2216,6 +1976,8 @@ tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA
 GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
 8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c
 -----END CERTIFICATE-----
+
+# Izenpe.com
 -----BEGIN CERTIFICATE-----
 MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4
 MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
@@ -2250,6 +2012,8 @@ QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+
 naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
 QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw==
 -----END CERTIFICATE-----
+
+# LuxTrust Global Root 2
 -----BEGIN CERTIFICATE-----
 MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL
 BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV
@@ -2283,6 +2047,8 @@ LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+
 x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6
 oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr
 -----END CERTIFICATE-----
+
+# Microsec e-Szigno Root CA 2009
 -----BEGIN CERTIFICATE-----
 MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
 VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
@@ -2307,6 +2073,8 @@ tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
 2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
 HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
 -----END CERTIFICATE-----
+
+# NetLock Arany (Class Gold) Főtanúsítvány
 -----BEGIN CERTIFICATE-----
 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
 EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
@@ -2331,6 +2099,8 @@ bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
 uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
 XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
 -----END CERTIFICATE-----
+
+# Network Solutions Certificate Authority
 -----BEGIN CERTIFICATE-----
 MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
 MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
@@ -2354,6 +2124,8 @@ h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH
 wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
 pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
 -----END CERTIFICATE-----
+
+# OISTE WISeKey Global Root GA CA
 -----BEGIN CERTIFICATE-----
 MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB
 ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly
@@ -2378,6 +2150,8 @@ hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi
 Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
 /L7fCg0=
 -----END CERTIFICATE-----
+
+# OISTE WISeKey Global Root GB CA
 -----BEGIN CERTIFICATE-----
 MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
 MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
@@ -2400,6 +2174,8 @@ ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
 aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
 Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G1
 -----BEGIN CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -2432,6 +2208,8 @@ Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ
 AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj
 1oxx
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G2
 -----BEGIN CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -2464,6 +2242,8 @@ iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f
 WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM
 S1IK
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G3
 -----BEGIN CERTIFICATE-----
 MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx
 CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U
@@ -2478,59 +2258,8 @@ BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q
 j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx
 4nxp5V2a+EEfOzmTk51V6s2N8fvB
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
-YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
-dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
-aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
-IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
-KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
-MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
-b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
-KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
-A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
-aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
-7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
-BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
-ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
-JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
-PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
-0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
-6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
-v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
-K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
-bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
-MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
-MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
-gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
-b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
-bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
-cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
-ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
-ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
-hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
-AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
-MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
-RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
-UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
-cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
-AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
-AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
-1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
-3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
-Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
-HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
-pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
-sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
-qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
-mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
-opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
-YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
------END CERTIFICATE-----
+
+# QuoVadis Root CA 1 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2562,6 +2291,8 @@ ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
 q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
 nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA
 -----BEGIN CERTIFICATE-----
 MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
 TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
@@ -2596,6 +2327,8 @@ mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
 xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
 SnQ2+Q==
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -2629,6 +2362,8 @@ ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
 4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
 8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 2 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2660,6 +2395,8 @@ KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM
 HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4
 WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 3
 -----BEGIN CERTIFICATE-----
 MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -2698,6 +2435,8 @@ Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
 mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
 4SVhM7JZG+Ju1zdXtg2pEto=
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 3 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2729,6 +2468,116 @@ DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
 PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
 ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0
 -----END CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority ECC
+-----BEGIN CERTIFICATE-----
+MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx
+NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv
+bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA
+VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku
+WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX
+5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ
+ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg
+h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg==
+-----END CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority RSA R2
+-----BEGIN CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy
+MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD
+DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4
+9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW
+s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5
+Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg
+cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM
+79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz
+/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt
+ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm
+Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK
+QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ
+w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi
+S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07
+mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w==
+-----END CERTIFICATE-----
+
+# SSL.com Root Certification Authority ECC
+-----BEGIN CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz
+WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0
+b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI
+7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg
+CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud
+EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD
+VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T
+kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+
+gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl
+-----END CERTIFICATE-----
+
+# SSL.com Root Certification Authority RSA
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz
+OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R
+xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX
+qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC
+C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3
+6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh
+/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF
+YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E
+JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc
+US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8
+ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm
++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi
+M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV
+cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc
+Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs
+PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/
+q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0
+cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr
+a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I
+H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y
+K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu
+nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf
+oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY
+Ic2wBlX7Jz9TkHCpBB5XJ7k=
+-----END CERTIFICATE-----
+
+# SZAFIR ROOT CA2
 -----BEGIN CERTIFICATE-----
 MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL
 BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6
@@ -2750,6 +2599,8 @@ oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy
 d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg
 LvWpCz/UXeHPhJ/iGcJfitYgHuNztw==
 -----END CERTIFICATE-----
+
+# SecureSign RootCA11
 -----BEGIN CERTIFICATE-----
 MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr
 MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG
@@ -2771,6 +2622,8 @@ QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5
 pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN
 QSdJQO7e5iNEOdyhIta6A/I=
 -----END CERTIFICATE-----
+
+# SecureTrust CA
 -----BEGIN CERTIFICATE-----
 MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -2793,6 +2646,8 @@ D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
 CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
 3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE=
 -----END CERTIFICATE-----
+
+# Secure Global CA
 -----BEGIN CERTIFICATE-----
 MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -2815,27 +2670,8 @@ I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
 iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
 f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDEl
-MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMh
-U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIz
-MloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09N
-IFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNlY3VyaXR5IENvbW11
-bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSE
-RMqm4miO/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gO
-zXppFodEtZDkBp2uoQSXWHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5
-bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4zZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDF
-MxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4bepJz11sS6/vmsJWXMY1
-VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK9U2vP9eC
-OKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HW
-tWS3irO4G8za+6xmiEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZ
-q51ihPZRwSzJIxXYKLerJRO1RuGGAv8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDb
-EJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnWmHyojf6GPgcWkuF75x3sM3Z+
-Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEWT1MKZPlO9L9O
-VL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490
------END CERTIFICATE-----
+
+# Security Communication RootCA2
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
 MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
@@ -2857,6 +2693,8 @@ t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
 1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
 SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03
 -----END CERTIFICATE-----
+
+# Security Communication Root CA
 -----BEGIN CERTIFICATE-----
 MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
 MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
@@ -2877,6 +2715,8 @@ Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
 JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
 RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
 -----END CERTIFICATE-----
+
+# Sonera Class 2 Root CA
 -----BEGIN CERTIFICATE-----
 MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
 MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
@@ -2896,6 +2736,8 @@ FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
 Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
 ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden EV Root CA
 -----BEGIN CERTIFICATE-----
 MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh
@@ -2928,6 +2770,8 @@ eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8
 FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
 7uzXLg==
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -2961,6 +2805,8 @@ N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
 Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
 ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ==
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G3
 -----BEGIN CERTIFICATE-----
 MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -2993,6 +2839,8 @@ fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq
 QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
 94B7IWcnMFk=
 -----END CERTIFICATE-----
+
+# Starfield Class 2 CA
 -----BEGIN CERTIFICATE-----
 MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
 MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
@@ -3017,6 +2865,8 @@ xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
 VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
 WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
 -----END CERTIFICATE-----
+
+# Starfield Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3040,6 +2890,8 @@ sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3
 pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1
 mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0
 -----END CERTIFICATE-----
+
+# Starfield Services Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3064,124 +2916,8 @@ iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn
 0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN
 sSi6
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
-F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
-ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
-ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
-aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
-YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
-c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
-d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
-CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
-dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
-wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
-Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
-0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
-pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
-CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
-P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
-1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
-KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
-8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
-fyWl8kgAwKQB2j8=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
-OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
-A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
-JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
-vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
-D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
-Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
-RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
-HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
-nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
-0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
-UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
-Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
-TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
-BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
-UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
-6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
-9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
-HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
-wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
-XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
-IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
-hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
-so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddI
------END CERTIFICATE-----
+
+# SwissSign Gold CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
@@ -3215,6 +2951,8 @@ Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
 ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
 Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
 -----END CERTIFICATE-----
+
+# SwissSign Silver CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
@@ -3248,108 +2986,8 @@ OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
 hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
 tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr
-jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r
-0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f
-2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP
-ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF
-y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA
-tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL
-6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0
-uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL
-acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh
-k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q
-VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O
-BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh
-b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R
-fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv
-/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI
-REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx
-srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv
-aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT
-woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n
-Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W
-t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
-8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2
-9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
-wSsSnqaeG8XmDtkx2Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
-ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
-dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
-IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
-VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
-dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
-MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
-UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
-1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
-oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
-HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
-5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
-idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
-OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
-NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
-46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
-UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
-7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
-A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
-MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
-bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
-XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
-PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
-Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
-WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
-Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
-7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
-nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
-vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
-WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
-fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
-I+2ksx0WckNLIOFZfsLorSa/ovc=
------END CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 2
 -----BEGIN CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -3373,6 +3011,8 @@ g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
 9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP
 BSeOE6Fuwg==
 -----END CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 3
 -----BEGIN CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -3396,6 +3036,8 @@ WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ
 e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p
 TpPDpFQUWw==
 -----END CERTIFICATE-----
+
+# TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
 -----BEGIN CERTIFICATE-----
 MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx
 GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp
@@ -3422,31 +3064,8 @@ lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c
 8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf
 lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
-S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
-SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
-OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
-b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
-VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
-sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
-ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
-KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
-+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
-HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
-IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
-733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
-Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
-AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
-aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
-mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
-XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
-qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9
------END CERTIFICATE-----
+
+# TWCA Global Root CA
 -----BEGIN CERTIFICATE-----
 MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
 EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
@@ -3478,6 +3097,8 @@ wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
 aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
 KwbQBM0=
 -----END CERTIFICATE-----
+
+# TWCA Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
 MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
@@ -3499,6 +3120,8 @@ lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
 aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
 YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw==
 -----END CERTIFICATE-----
+
+# Taiwan GRCA
 -----BEGIN CERTIFICATE-----
 MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
 MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
@@ -3531,6 +3154,8 @@ ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
 LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
 pYYsfPQS
 -----END CERTIFICATE-----
+
+# TeliaSonera Root CA v1
 -----BEGIN CERTIFICATE-----
 MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw
 NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
@@ -3561,6 +3186,100 @@ t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn
 HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx
 SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY=
 -----END CERTIFICATE-----
+
+# TrustCor ECA-1
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig
+RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb
+3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA
+BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5
+3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou
+owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/
+wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF
+ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf
+BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv
+civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2
+AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50
+soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI
+WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi
+tJ/X5g==
+-----END CERTIFICATE-----
+
+# TrustCor RootCert CA-1
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB
+pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h
+IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG
+A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU
+cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid
+RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V
+seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme
+9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV
+EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW
+hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I
+/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ
+yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts
+L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN
+zl/HHk484IkzlQsPpTLWPFp5LBk=
+-----END CERTIFICATE-----
+
+# TrustCor RootCert CA-2
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg
+Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD
+VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+
+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq
+1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp
+2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK
+DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape
+az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF
+3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88
+oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM
+g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3
+mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd
+BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U
+nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
+dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+
+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL
+/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX
+CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa
+ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW
+2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7
+N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3
+Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB
+As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp
+5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu
+1uwJ
+-----END CERTIFICATE-----
+
+# Trustis FPS Root CA
 -----BEGIN CERTIFICATE-----
 MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
 MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
@@ -3582,36 +3301,8 @@ f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F
 jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
 ZetX2fNXlrtIzYE=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
-MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
-bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
-VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
-YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
-dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
-ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
-Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
-GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
-aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
-QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
-xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
-aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
-IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
-gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
-O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
-fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
-lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
-hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
-AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
-NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
-wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
-7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
-gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
-oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
-yZyQ2uypQjyttgI=
------END CERTIFICATE-----
+
+# TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
 -----BEGIN CERTIFICATE-----
 MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE
 BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn
@@ -3637,6 +3328,8 @@ peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF
 Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
 +qtB4Uu2NQvAmxU=
 -----END CERTIFICATE-----
+
+# USERTrust ECC Certification Authority
 -----BEGIN CERTIFICATE-----
 MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
 MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
@@ -3653,6 +3346,8 @@ VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
 zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
 RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg=
 -----END CERTIFICATE-----
+
+# USERTrust RSA Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
@@ -3687,32 +3382,8 @@ VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
 L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
 jjxDah2nGN59PRbxYvnKkKj9
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
-A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
-MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
-d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
-cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
-0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
-M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
-MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
-oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
-DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
-oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
-dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
-bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
-BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
-CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
-CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
-3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
-KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
------END CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G4
 -----BEGIN CERTIFICATE-----
 MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
 MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
@@ -3734,6 +3405,8 @@ kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
 4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
 FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
 -----END CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G5
 -----BEGIN CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
 yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -3762,6 +3435,8 @@ WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
 hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
 -----END CERTIFICATE-----
+
+# VeriSign Universal Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
 vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -3790,6 +3465,8 @@ BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
 lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
 7M2CYfE45k+XmCpajQ==
 -----END CERTIFICATE-----
+
+# Verisign Class 3 Public Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -3814,6 +3491,8 @@ DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
 F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
 TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
 -----END CERTIFICATE-----
+
+# Visa eCommerce Root
 -----BEGIN CERTIFICATE-----
 MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
 MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
@@ -3836,69 +3515,8 @@ LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
 ++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
 398znM/jra6O1I7mT1GvFpLgXPYHDw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
-BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
-MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
-b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
-rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
-fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
-f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
-ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
-x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
-aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
-zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
-uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
-mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
-Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
-HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
-EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
-MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
-JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
-g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
-dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
-R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
-PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
-xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
-J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
-OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
-ee5Ehr7XHuQe+w==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
-BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
-MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
-ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
-D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
-9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
-v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
-UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
-NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
-+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
-qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
-yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
-AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
-J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
-WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
-/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
-jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
-ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
-X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
-FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
-u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
-O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
-ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
-2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ==
------END CERTIFICATE-----
+
+# XRamp Global CA Root
 -----BEGIN CERTIFICATE-----
 MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
 gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
@@ -3924,6 +3542,8 @@ IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
 i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
 O+7ETPTsJ3xCwnR8gooJybQDJbw=
 -----END CERTIFICATE-----
+
+# certSIGN ROOT CA
 -----BEGIN CERTIFICATE-----
 MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
 AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
@@ -3944,6 +3564,8 @@ Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
 i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
 9u6wWk5JRFRYX0KD
 -----END CERTIFICATE-----
+
+# ePKI Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
 MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
@@ -3977,6 +3599,8 @@ Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE
 W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
 hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA - G2
 -----BEGIN CERTIFICATE-----
 MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL
 MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp
@@ -3993,6 +3617,8 @@ DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3
 KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox
 XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg==
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA - G3
 -----BEGIN CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
 rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
@@ -4018,6 +3644,8 @@ KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
 m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
 MdRAGmI0Nj81Aa6sY6A=
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA
 -----BEGIN CERTIFICATE-----
 MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
 qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
diff --git a/msys2/usr/ssl/certs/ca-bundle.crt b/msys2/usr/ssl/certs/ca-bundle.crt
index 22e00d221..b832ef518 100644
--- a/msys2/usr/ssl/certs/ca-bundle.crt
+++ b/msys2/usr/ssl/certs/ca-bundle.crt
@@ -1,3 +1,4 @@
+# ACCVRAIZ1
 -----BEGIN CERTIFICATE-----
 MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
 AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
@@ -42,39 +43,8 @@ h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
 d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
 pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
-AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
-CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
-MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
-RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
-AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
-09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
-XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
-Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
-t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
-X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
-MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
-fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
-2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
-K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
-ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
-BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
-MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
-RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
-fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
-gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
-I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
-5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
-ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
-MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
-o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
-zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
-GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
-r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
-Z05phkOTOPu220+DkdRgfks+KzgHVZhepA==
------END CERTIFICATE-----
+
+# AC RAIZ FNMT-RCM
 -----BEGIN CERTIFICATE-----
 MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx
 CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ
@@ -107,6 +77,8 @@ fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp
 RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv
 uu8wd+RU4riEmViAqhOLUTpPSPaLtrM=
 -----END CERTIFICATE-----
+
+# Actalis Authentication Root CA
 -----BEGIN CERTIFICATE-----
 MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
 BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
@@ -140,6 +112,8 @@ ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
 LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
 LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
 -----END CERTIFICATE-----
+
+# AddTrust External Root
 -----BEGIN CERTIFICATE-----
 MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
@@ -165,79 +139,8 @@ Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
 c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
 mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw
-MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
-QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD
-VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul
-CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n
-tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl
-dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch
-PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC
-+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O
-BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
-BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl
-MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk
-ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB
-IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
-7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz
-43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
-eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
-pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
-WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqE=
------END CERTIFICATE-----
+
+# AffirmTrust Commercial
 -----BEGIN CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -258,6 +161,8 @@ Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g
 N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC
 nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8=
 -----END CERTIFICATE-----
+
+# AffirmTrust Networking
 -----BEGIN CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -278,6 +183,8 @@ Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u
 olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48
 x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s=
 -----END CERTIFICATE-----
+
+# AffirmTrust Premium
 -----BEGIN CERTIFICATE-----
 MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
@@ -309,6 +216,8 @@ GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO
 RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e
 KeC2uAloGRwYQw==
 -----END CERTIFICATE-----
+
+# AffirmTrust Premium ECC
 -----BEGIN CERTIFICATE-----
 MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
 VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
@@ -322,6 +231,8 @@ A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs
 aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I
 flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ==
 -----END CERTIFICATE-----
+
+# Amazon Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -342,6 +253,8 @@ o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
 5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
 rqXRfboQnoZsG4q5WTP468SQvvG5
 -----END CERTIFICATE-----
+
+# Amazon Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -373,6 +286,8 @@ n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE
 9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT
 4PsJYGw=
 -----END CERTIFICATE-----
+
+# Amazon Root CA 3
 -----BEGIN CERTIFICATE-----
 MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -385,6 +300,8 @@ ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr
 BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM
 YyRIHN8wfdVoOw==
 -----END CERTIFICATE-----
+
+# Amazon Root CA 4
 -----BEGIN CERTIFICATE-----
 MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -398,6 +315,8 @@ MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw
 CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW
 1KyLa2tJElMzrdfkviT8tQp21KW8EA==
 -----END CERTIFICATE-----
+
+# Atos TrustedRoot 2011
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
 AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
@@ -419,6 +338,8 @@ maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
 lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
 KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed
 -----END CERTIFICATE-----
+
+# Autoridad de Certificacion Firmaprofesional CIF A62634068
 -----BEGIN CERTIFICATE-----
 MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
 BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
@@ -454,6 +375,8 @@ StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
 Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
 jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V
 -----END CERTIFICATE-----
+
+# Baltimore CyberTrust Root
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
 RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
@@ -475,6 +398,8 @@ Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
 ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
 R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
 -----END CERTIFICATE-----
+
+# Buypass Class 2 Root CA
 -----BEGIN CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -506,6 +431,8 @@ I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7
 3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz
 Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA=
 -----END CERTIFICATE-----
+
+# Buypass Class 3 Root CA
 -----BEGIN CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -537,37 +464,8 @@ kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41
 u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq
 4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
-MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
-D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
-OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
-fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
-IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
-oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
-/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
-rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
-3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
-7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
-yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
-qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
-hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
-SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
-HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
-emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
-AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
-7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
-DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
-F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
-a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
-Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOL
------END CERTIFICATE-----
+
+# CA Disig Root R2
 -----BEGIN CERTIFICATE-----
 MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
 BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
@@ -599,19 +497,8 @@ G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
 zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
 L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
-CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
-EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
-NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
-MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
-KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
-1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
-1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
-aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
------END CERTIFICATE-----
+
+# CFCA EV ROOT
 -----BEGIN CERTIFICATE-----
 MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD
 TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
@@ -644,26 +531,8 @@ Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN
 AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
 5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2
-MDcwOTE0WhcNMjcwNDE2MDcwOTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMF
-Q05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzDo+/hn7E7SIX1mlwh
-IhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tizVHa6
-dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZO
-V/kbZKKTVrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrC
-GHn2emU1z5DrvTOTn1OrczvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gN
-v7Sg2Ca+I19zN38m5pIEo3/PIKe38zrKy5nLAgMBAAGjczBxMBEGCWCGSAGG+EIB
-AQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscCwQ7vptU7ETAPBgNVHRMB
-Af8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991SlgrHAsEO
-76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnK
-OOK5Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvH
-ugDnuL8BV8F3RTIMO/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7Hgvi
-yJA/qIYM/PmLXoXLT1tLYhFHxUV8BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fL
-buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
-2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxE=
------END CERTIFICATE-----
+
+# COMODO Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
 gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -689,6 +558,8 @@ zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
 BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
 ZQ==
 -----END CERTIFICATE-----
+
+# COMODO ECC Certification Authority
 -----BEGIN CERTIFICATE-----
 MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
 MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
@@ -705,6 +576,8 @@ BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
 fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
 GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
 -----END CERTIFICATE-----
+
+# COMODO RSA Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
 hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -739,83 +612,8 @@ QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
 0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
 NVOFBkpdn627G190
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
-b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa
-MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB
-ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw
-IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B
-AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb
-unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d
-BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq
-7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3
-0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX
-roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG
-A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j
-aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p
-26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA
-BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud
-EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN
-BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
-aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB
-AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd
-p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
-1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
-XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
-eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
-tGWaIZDgqtCYvDi1czyL+Nw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
-YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9
-MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy
-NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G
-A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA
-A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0
-Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s
-QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV
-eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795
-B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh
-z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T
-AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i
-ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w
-TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH
-MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD
-VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE
-VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
-bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B
-AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM
-bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
-ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
-VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
-ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
-AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
-BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
-MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
-JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
-gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
-5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
-fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
-2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
-KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
-fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
-3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
-SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
-LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
-XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
------END CERTIFICATE-----
+
+# Certigna
 -----BEGIN CERTIFICATE-----
 MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV
 BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X
@@ -838,38 +636,8 @@ HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w
 t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
 WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjET
-MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAk
-BgNVBAMMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4
-Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNl
-cnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYwJAYDVQQDDB1DZXJ0
-aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jY
-F1AMnmHawE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N
-8y4oH3DfVS9O7cdxbwlyLu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWe
-rP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K
-/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92NjMD2AR5vpTESOH2VwnHu
-7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9qc1pkIuVC
-28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6
-lSTClrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1E
-nn1So2+WLhl+HPNbxxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB
-0iSVL1N6aaLwD4ZFjliCK0wi1F6g530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql09
-5gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna4NH4+ej9Uji29YnfAgMBAAGj
-WzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQN
-jLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
-KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9s
-ov3/4gbIOZ/xWqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZM
-OH8oMDX/nyNTt7buFHAAQCvaR6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q
-619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40nJ+U8/aGH88bc62UeYdocMMzpXDn
-2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1BCxMjidPJC+iKunqj
-o3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjvJL1v
-nxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG
-5ERQL1TEqkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWq
-pdEdnV1j6CTmNhTih60bWfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZb
-dsLLO7XSAPCjDuGtbkD326C00EauFddEwk01+dIL8hf2rGbVJLJP0RyZwG71fet0
-BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/vgt2Fl43N+bYdJeimUV5
------END CERTIFICATE-----
+
+# Certinomis - Root CA
 -----BEGIN CERTIFICATE-----
 MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
 MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
@@ -902,6 +670,8 @@ Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ
 8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW
 gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE=
 -----END CERTIFICATE-----
+
+# Certplus Class 2 Primary CA
 -----BEGIN CERTIFICATE-----
 MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
 PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
@@ -924,6 +694,8 @@ ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
 kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
 l7+ijrRU
 -----END CERTIFICATE-----
+
+# Certplus Root CA G1
 -----BEGIN CERTIFICATE-----
 MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA
 MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy
@@ -955,6 +727,8 @@ V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5
 g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl
 ++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo=
 -----END CERTIFICATE-----
+
+# Certplus Root CA G2
 -----BEGIN CERTIFICATE-----
 MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x
 CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs
@@ -969,25 +743,8 @@ SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch
 p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal
 U5ORGpOucGpnutee5WEaXw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E
-jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo
-ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI
-ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu
-Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg
-AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7
-HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
-uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa
-TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
-xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
-CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
-O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
-6GAqm4VKQPNriiTsBhYscw==
------END CERTIFICATE-----
+
+# Certum Trusted Network CA
 -----BEGIN CERTIFICATE-----
 MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
 MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
@@ -1010,6 +767,8 @@ J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
 VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
 03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw=
 -----END CERTIFICATE-----
+
+# Certum Trusted Network CA 2
 -----BEGIN CERTIFICATE-----
 MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB
 gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
@@ -1044,6 +803,8 @@ XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P
 5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi
 DrW5viSP
 -----END CERTIFICATE-----
+
+# Chambers of Commerce Root - 2008
 -----BEGIN CERTIFICATE-----
 MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1086,30 +847,8 @@ fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
 OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
 d0jQ
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
-Q04xMjAwBgNVBAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24g
-Q2VudGVyMUcwRQYDVQQDDD5DaGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0
-aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMgUm9vdDAeFw0xMDA4MzEwNzExMjVa
-Fw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAGA1UECgwpQ2hpbmEg
-SW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMMPkNo
-aW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRp
-ZmljYXRlcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z
-7r07eKpkQ0H1UN+U8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//
-DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1Vx
-zUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8
-hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs
-4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54u
-gQEC7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oY
-NJKiyoOCWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
-FgQUfHJLOcfA22KlT5uqGDSSosqDglkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3
-j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd50XPFtQO3WKwMVC/GVhMPMdoG
-52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM7+czV0I664zB
-echNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
-ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrI
-zo9uoV1/A3U05K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATy
-wy39FCqQmbkHzJ8=
------END CERTIFICATE-----
+
+# Comodo AAA Services root
 -----BEGIN CERTIFICATE-----
 MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
 MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
@@ -1135,56 +874,8 @@ G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
 l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
 smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
------END CERTIFICATE-----
+
+# Cybertrust Global Root
 -----BEGIN CERTIFICATE-----
 MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG
 A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
@@ -1207,6 +898,8 @@ omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc
 A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW
 WL1WMRJOEcgh4LMRkWXbtKaIOM5V
 -----END CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 2009
 -----BEGIN CERTIFICATE-----
 MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD
@@ -1232,6 +925,8 @@ zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8
 PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y
 Johw1+qRzT65ysCQblrGXnRl11z+o+I=
 -----END CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 EV 2009
 -----BEGIN CERTIFICATE-----
 MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
@@ -1257,30 +952,8 @@ CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na
 xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX
 KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
-ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
-MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
-VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
-FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
-ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
-gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
-fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
-ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
-ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
-c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
-dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
-aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
-hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
-QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
-h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
-nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
-rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
-9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6mis=
------END CERTIFICATE-----
+
+# DST Root CA X3
 -----BEGIN CERTIFICATE-----
 MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
 MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
@@ -1301,6 +974,8 @@ R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
 Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
 -----END CERTIFICATE-----
+
+# Deutsche Telekom Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
 MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
@@ -1323,6 +998,8 @@ IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
 xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
 Cm26OWMohpLzGITY+9HPBVZkVw==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root CA
 -----BEGIN CERTIFICATE-----
 MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1345,6 +1022,8 @@ NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
 H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
 +o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root G2
 -----BEGIN CERTIFICATE-----
 MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1367,6 +1046,8 @@ B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
 ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
 IhNzbM8m9Yop5w==
 -----END CERTIFICATE-----
+
+# DigiCert Assured ID Root G3
 -----BEGIN CERTIFICATE-----
 MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1382,6 +1063,8 @@ AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
 JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
 6pZjamVFkpUBtA==
 -----END CERTIFICATE-----
+
+# DigiCert Global Root CA
 -----BEGIN CERTIFICATE-----
 MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1404,6 +1087,8 @@ PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
 YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
 CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 -----END CERTIFICATE-----
+
+# DigiCert Global Root G2
 -----BEGIN CERTIFICATE-----
 MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1426,6 +1111,8 @@ Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
 pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
 MrY=
 -----END CERTIFICATE-----
+
+# DigiCert Global Root G3
 -----BEGIN CERTIFICATE-----
 MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1441,6 +1128,8 @@ AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
 oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
 sycX
 -----END CERTIFICATE-----
+
+# DigiCert High Assurance EV Root CA
 -----BEGIN CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1464,6 +1153,8 @@ Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
 vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
 +OkuE6N36B9K
 -----END CERTIFICATE-----
+
+# DigiCert Trusted Root G4
 -----BEGIN CERTIFICATE-----
 MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1496,6 +1187,8 @@ r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
 /YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
 gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
 -----END CERTIFICATE-----
+
+# E-Tugra Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
 BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
@@ -1532,6 +1225,8 @@ AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
 y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
 NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA==
 -----END CERTIFICATE-----
+
+# EC-ACC
 -----BEGIN CERTIFICATE-----
 MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB
 8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
@@ -1563,6 +1258,8 @@ Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS
 Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl
 nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI=
 -----END CERTIFICATE-----
+
+# EE Certification Centre Root CA
 -----BEGIN CERTIFICATE-----
 MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1
 MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
@@ -1587,6 +1284,8 @@ uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW
 iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v
 GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0=
 -----END CERTIFICATE-----
+
+# Entrust.net Premium 2048 Secure Server CA
 -----BEGIN CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
 RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
@@ -1612,6 +1311,8 @@ u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
 bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
 fF6adulZkMV8gzURZVE=
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority - EC1
 -----BEGIN CERTIFICATE-----
 MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
 A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
@@ -1630,6 +1331,8 @@ BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
 R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
 hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority - G2
 -----BEGIN CERTIFICATE-----
 MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
@@ -1655,6 +1358,8 @@ Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
 nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
 VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g==
 -----END CERTIFICATE-----
+
+# Entrust Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
@@ -1682,6 +1387,42 @@ AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP
 eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
 0vdXcDazv/wor3ElhVsT/h5/WrQ8
 -----END CERTIFICATE-----
+
+# GDCA TrustAUTH R5 ROOT
+-----BEGIN CERTIFICATE-----
+MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w
+HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj
+Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj
+TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u
+KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj
+qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm
+MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12
+ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP
+zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk
+L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC
+jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA
+HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC
+AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg
+p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm
+DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5
+COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry
+L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf
+JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg
+IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io
+2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV
+09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ
+XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq
+T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe
+MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g==
+-----END CERTIFICATE-----
+
+# GeoTrust Global CA
 -----BEGIN CERTIFICATE-----
 MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
 MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
@@ -1702,27 +1443,8 @@ PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
 hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
 5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bA==
------END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G2
 -----BEGIN CERTIFICATE-----
 MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
 MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
@@ -1740,6 +1462,8 @@ CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
 qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
 rD6ogRLQy7rQkgu2npaqBA+K
 -----END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
 mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
@@ -1764,6 +1488,8 @@ AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
 SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
 spki4cErx5z481+oghLrGREt
 -----END CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
 MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
@@ -1785,6 +1511,8 @@ oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj
 UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
 AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk=
 -----END CERTIFICATE-----
+
+# GeoTrust Universal CA
 -----BEGIN CERTIFICATE-----
 MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
@@ -1816,6 +1544,8 @@ ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
 DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
 bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
 -----END CERTIFICATE-----
+
+# GeoTrust Universal CA 2
 -----BEGIN CERTIFICATE-----
 MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
@@ -1847,6 +1577,8 @@ OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
 6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
 QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
 -----END CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R4
 -----BEGIN CERTIFICATE-----
 MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
@@ -1860,6 +1592,8 @@ uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
 kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
 ewv4n4Q=
 -----END CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R5
 -----BEGIN CERTIFICATE-----
 MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
@@ -1874,6 +1608,8 @@ KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
 515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
 xwy8p2Fp8fc74SrL+SvzZpA3
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA - R2
 -----BEGIN CERTIFICATE-----
 MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
@@ -1896,6 +1632,8 @@ ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
 AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
 TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA - R3
 -----BEGIN CERTIFICATE-----
 MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
@@ -1917,6 +1655,8 @@ mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
 Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
 WD9f
 -----END CERTIFICATE-----
+
+# GlobalSign Root CA
 -----BEGIN CERTIFICATE-----
 MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
 A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
@@ -1938,6 +1678,8 @@ AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
 DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
 HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
 -----END CERTIFICATE-----
+
+# Global Chambersign Root - 2008
 -----BEGIN CERTIFICATE-----
 MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1979,6 +1721,8 @@ M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
 v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
 09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B
 -----END CERTIFICATE-----
+
+# Go Daddy Class 2 CA
 -----BEGIN CERTIFICATE-----
 MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
 MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
@@ -2003,6 +1747,8 @@ HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
 dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
 ReYNnyicsbkqWletNw+vHX/bvZ8=
 -----END CERTIFICATE-----
+
+# Go Daddy Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
@@ -2026,6 +1772,8 @@ gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo
 LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI
 4uJEvlz36hz1
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions ECC RootCA 2015
 -----BEGIN CERTIFICATE-----
 MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN
 BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
@@ -2043,6 +1791,8 @@ C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep
 lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof
 TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2011
 -----BEGIN CERTIFICATE-----
 MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
 RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
@@ -2068,6 +1818,8 @@ dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
 Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
 l7WdmplNsDz4SgCbZN2fOUvRJ9e4
 -----END CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2015
 -----BEGIN CERTIFICATE-----
 MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix
 DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k
@@ -2103,6 +1855,8 @@ pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK
 e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0
 vm9qp/UsQu0yrbYhnr68
 -----END CERTIFICATE-----
+
+# Hongkong Post Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx
 FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
@@ -2123,6 +1877,8 @@ EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
 fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
 AmvZWg==
 -----END CERTIFICATE-----
+
+# ISRG Root X1
 -----BEGIN CERTIFICATE-----
 MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
 TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
@@ -2154,6 +1910,8 @@ oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
 mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
 emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
 -----END CERTIFICATE-----
+
+# IdenTrust Commercial Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
@@ -2185,6 +1943,8 @@ l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG
 mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
 7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H
 -----END CERTIFICATE-----
+
+# IdenTrust Public Sector Root CA 1
 -----BEGIN CERTIFICATE-----
 MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
@@ -2216,6 +1976,8 @@ tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA
 GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
 8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c
 -----END CERTIFICATE-----
+
+# Izenpe.com
 -----BEGIN CERTIFICATE-----
 MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4
 MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
@@ -2250,6 +2012,8 @@ QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+
 naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
 QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw==
 -----END CERTIFICATE-----
+
+# LuxTrust Global Root 2
 -----BEGIN CERTIFICATE-----
 MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL
 BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV
@@ -2283,6 +2047,8 @@ LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+
 x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6
 oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr
 -----END CERTIFICATE-----
+
+# Microsec e-Szigno Root CA 2009
 -----BEGIN CERTIFICATE-----
 MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
 VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
@@ -2307,6 +2073,8 @@ tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
 2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
 HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
 -----END CERTIFICATE-----
+
+# NetLock Arany (Class Gold) Főtanúsítvány
 -----BEGIN CERTIFICATE-----
 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
 EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
@@ -2331,6 +2099,8 @@ bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
 uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
 XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
 -----END CERTIFICATE-----
+
+# Network Solutions Certificate Authority
 -----BEGIN CERTIFICATE-----
 MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
 MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
@@ -2354,6 +2124,8 @@ h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH
 wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
 pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
 -----END CERTIFICATE-----
+
+# OISTE WISeKey Global Root GA CA
 -----BEGIN CERTIFICATE-----
 MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB
 ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly
@@ -2378,6 +2150,8 @@ hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi
 Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
 /L7fCg0=
 -----END CERTIFICATE-----
+
+# OISTE WISeKey Global Root GB CA
 -----BEGIN CERTIFICATE-----
 MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
 MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
@@ -2400,6 +2174,8 @@ ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
 aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
 Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G1
 -----BEGIN CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -2432,6 +2208,8 @@ Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ
 AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj
 1oxx
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G2
 -----BEGIN CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -2464,6 +2242,8 @@ iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f
 WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM
 S1IK
 -----END CERTIFICATE-----
+
+# OpenTrust Root CA G3
 -----BEGIN CERTIFICATE-----
 MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx
 CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U
@@ -2478,59 +2258,8 @@ BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q
 j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx
 4nxp5V2a+EEfOzmTk51V6s2N8fvB
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
-YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
-dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
-aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
-IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
-KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
-MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
-b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
-KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
-A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
-aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
-7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
-BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
-ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
-JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
-PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
-0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
-6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
-v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
-K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
-bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
-MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
-MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
-gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
-b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
-bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
-cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
-ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
-ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
-hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
-AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
-MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
-RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
-UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
-cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
-AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
-AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
-1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
-3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
-Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
-HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
-pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
-sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
-qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
-mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
-opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
-YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
------END CERTIFICATE-----
+
+# QuoVadis Root CA 1 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2562,6 +2291,8 @@ ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
 q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
 nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA
 -----BEGIN CERTIFICATE-----
 MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
 TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
@@ -2596,6 +2327,8 @@ mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
 xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
 SnQ2+Q==
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 2
 -----BEGIN CERTIFICATE-----
 MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -2629,6 +2362,8 @@ ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
 4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
 8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 2 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2660,6 +2395,8 @@ KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM
 HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4
 WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 3
 -----BEGIN CERTIFICATE-----
 MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -2698,6 +2435,8 @@ Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
 mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
 4SVhM7JZG+Ju1zdXtg2pEto=
 -----END CERTIFICATE-----
+
+# QuoVadis Root CA 3 G3
 -----BEGIN CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -2729,6 +2468,116 @@ DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
 PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
 ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0
 -----END CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority ECC
+-----BEGIN CERTIFICATE-----
+MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx
+NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv
+bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA
+VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku
+WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX
+5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ
+ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg
+h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg==
+-----END CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority RSA R2
+-----BEGIN CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy
+MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD
+DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4
+9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW
+s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5
+Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg
+cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM
+79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz
+/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt
+ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm
+Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK
+QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ
+w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi
+S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07
+mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w==
+-----END CERTIFICATE-----
+
+# SSL.com Root Certification Authority ECC
+-----BEGIN CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz
+WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0
+b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI
+7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg
+CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud
+EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD
+VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T
+kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+
+gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl
+-----END CERTIFICATE-----
+
+# SSL.com Root Certification Authority RSA
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz
+OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R
+xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX
+qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC
+C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3
+6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh
+/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF
+YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E
+JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc
+US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8
+ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm
++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi
+M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV
+cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc
+Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs
+PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/
+q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0
+cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr
+a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I
+H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y
+K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu
+nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf
+oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY
+Ic2wBlX7Jz9TkHCpBB5XJ7k=
+-----END CERTIFICATE-----
+
+# SZAFIR ROOT CA2
 -----BEGIN CERTIFICATE-----
 MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL
 BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6
@@ -2750,6 +2599,8 @@ oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy
 d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg
 LvWpCz/UXeHPhJ/iGcJfitYgHuNztw==
 -----END CERTIFICATE-----
+
+# SecureSign RootCA11
 -----BEGIN CERTIFICATE-----
 MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr
 MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG
@@ -2771,6 +2622,8 @@ QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5
 pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN
 QSdJQO7e5iNEOdyhIta6A/I=
 -----END CERTIFICATE-----
+
+# SecureTrust CA
 -----BEGIN CERTIFICATE-----
 MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -2793,6 +2646,8 @@ D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
 CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
 3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE=
 -----END CERTIFICATE-----
+
+# Secure Global CA
 -----BEGIN CERTIFICATE-----
 MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -2815,27 +2670,8 @@ I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
 iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
 f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDEl
-MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMh
-U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIz
-MloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09N
-IFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNlY3VyaXR5IENvbW11
-bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSE
-RMqm4miO/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gO
-zXppFodEtZDkBp2uoQSXWHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5
-bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4zZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDF
-MxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4bepJz11sS6/vmsJWXMY1
-VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK9U2vP9eC
-OKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HW
-tWS3irO4G8za+6xmiEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZ
-q51ihPZRwSzJIxXYKLerJRO1RuGGAv8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDb
-EJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnWmHyojf6GPgcWkuF75x3sM3Z+
-Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEWT1MKZPlO9L9O
-VL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490
------END CERTIFICATE-----
+
+# Security Communication RootCA2
 -----BEGIN CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
 MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
@@ -2857,6 +2693,8 @@ t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
 1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
 SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03
 -----END CERTIFICATE-----
+
+# Security Communication Root CA
 -----BEGIN CERTIFICATE-----
 MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
 MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
@@ -2877,6 +2715,8 @@ Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
 JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
 RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
 -----END CERTIFICATE-----
+
+# Sonera Class 2 Root CA
 -----BEGIN CERTIFICATE-----
 MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
 MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
@@ -2896,6 +2736,8 @@ FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
 Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
 ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden EV Root CA
 -----BEGIN CERTIFICATE-----
 MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh
@@ -2928,6 +2770,8 @@ eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8
 FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
 7uzXLg==
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -2961,6 +2805,8 @@ N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
 Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
 ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ==
 -----END CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G3
 -----BEGIN CERTIFICATE-----
 MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -2993,6 +2839,8 @@ fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq
 QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
 94B7IWcnMFk=
 -----END CERTIFICATE-----
+
+# Starfield Class 2 CA
 -----BEGIN CERTIFICATE-----
 MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
 MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
@@ -3017,6 +2865,8 @@ xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
 VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
 WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
 -----END CERTIFICATE-----
+
+# Starfield Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3040,6 +2890,8 @@ sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3
 pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1
 mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0
 -----END CERTIFICATE-----
+
+# Starfield Services Root Certificate Authority - G2
 -----BEGIN CERTIFICATE-----
 MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3064,124 +2916,8 @@ iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn
 0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN
 sSi6
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
-F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
-ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
-ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
-aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
-YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
-c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
-d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
-CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
-dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
-wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
-Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
-0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
-pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
-CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
-P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
-1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
-KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
-8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
-fyWl8kgAwKQB2j8=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
-OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
-A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
-JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
-vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
-D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
-Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
-RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
-HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
-nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
-0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
-UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
-Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
-TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
-BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
-UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
-6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
-9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
-HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
-wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
-XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
-IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
-hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
-so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddI
------END CERTIFICATE-----
+
+# SwissSign Gold CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
@@ -3215,6 +2951,8 @@ Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
 ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
 Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
 -----END CERTIFICATE-----
+
+# SwissSign Silver CA - G2
 -----BEGIN CERTIFICATE-----
 MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
@@ -3248,108 +2986,8 @@ OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
 hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
 tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr
-jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r
-0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f
-2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP
-ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF
-y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA
-tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL
-6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0
-uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL
-acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh
-k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q
-VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O
-BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh
-b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R
-fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv
-/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI
-REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx
-srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv
-aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT
-woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n
-Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W
-t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
-8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2
-9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
-wSsSnqaeG8XmDtkx2Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
-ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
-dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
-IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
-VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
-dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
-MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
-UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
-1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
-oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
-HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
-5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
-idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
-OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
-NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
-46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
-UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
-7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
-A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
-MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
-bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
-XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
-PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
-Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
-WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
-Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
-7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
-nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
-vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
-WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
-fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
-I+2ksx0WckNLIOFZfsLorSa/ovc=
------END CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 2
 -----BEGIN CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -3373,6 +3011,8 @@ g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
 9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP
 BSeOE6Fuwg==
 -----END CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 3
 -----BEGIN CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -3396,6 +3036,8 @@ WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ
 e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p
 TpPDpFQUWw==
 -----END CERTIFICATE-----
+
+# TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
 -----BEGIN CERTIFICATE-----
 MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx
 GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp
@@ -3422,31 +3064,8 @@ lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c
 8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf
 lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
-S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
-SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
-OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
-b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
-VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
-sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
-ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
-KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
-+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
-HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
-IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
-733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
-Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
-AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
-aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
-mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
-XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
-qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9
------END CERTIFICATE-----
+
+# TWCA Global Root CA
 -----BEGIN CERTIFICATE-----
 MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
 EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
@@ -3478,6 +3097,8 @@ wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
 aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
 KwbQBM0=
 -----END CERTIFICATE-----
+
+# TWCA Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
 MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
@@ -3499,6 +3120,8 @@ lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
 aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
 YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw==
 -----END CERTIFICATE-----
+
+# Taiwan GRCA
 -----BEGIN CERTIFICATE-----
 MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
 MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
@@ -3531,6 +3154,8 @@ ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
 LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
 pYYsfPQS
 -----END CERTIFICATE-----
+
+# TeliaSonera Root CA v1
 -----BEGIN CERTIFICATE-----
 MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw
 NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
@@ -3561,6 +3186,100 @@ t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn
 HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx
 SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY=
 -----END CERTIFICATE-----
+
+# TrustCor ECA-1
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig
+RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb
+3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA
+BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5
+3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou
+owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/
+wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF
+ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf
+BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv
+civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2
+AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50
+soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI
+WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi
+tJ/X5g==
+-----END CERTIFICATE-----
+
+# TrustCor RootCert CA-1
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB
+pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h
+IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG
+A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU
+cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid
+RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V
+seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme
+9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV
+EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW
+hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I
+/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ
+yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts
+L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN
+zl/HHk484IkzlQsPpTLWPFp5LBk=
+-----END CERTIFICATE-----
+
+# TrustCor RootCert CA-2
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg
+Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD
+VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+
+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq
+1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp
+2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK
+DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape
+az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF
+3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88
+oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM
+g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3
+mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd
+BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U
+nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
+dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+
+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL
+/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX
+CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa
+ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW
+2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7
+N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3
+Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB
+As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp
+5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu
+1uwJ
+-----END CERTIFICATE-----
+
+# Trustis FPS Root CA
 -----BEGIN CERTIFICATE-----
 MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
 MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
@@ -3582,36 +3301,8 @@ f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F
 jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
 ZetX2fNXlrtIzYE=
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
-MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
-bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
-VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
-YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
-dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
-ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
-Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
-GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
-aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
-QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
-xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
-aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
-IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
-gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
-O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
-fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
-lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
-hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
-AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
-NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
-wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
-7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
-gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
-oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
-yZyQ2uypQjyttgI=
------END CERTIFICATE-----
+
+# TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
 -----BEGIN CERTIFICATE-----
 MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE
 BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn
@@ -3637,6 +3328,8 @@ peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF
 Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
 +qtB4Uu2NQvAmxU=
 -----END CERTIFICATE-----
+
+# USERTrust ECC Certification Authority
 -----BEGIN CERTIFICATE-----
 MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
 MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
@@ -3653,6 +3346,8 @@ VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
 zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
 RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg=
 -----END CERTIFICATE-----
+
+# USERTrust RSA Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
@@ -3687,32 +3382,8 @@ VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
 L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
 jjxDah2nGN59PRbxYvnKkKj9
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
-A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
-MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
-d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
-cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
-0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
-M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
-MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
-oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
-DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
-oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
-dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
-bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
-BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
-CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
-CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
-3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
-KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
------END CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G4
 -----BEGIN CERTIFICATE-----
 MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
 MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
@@ -3734,6 +3405,8 @@ kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
 4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
 FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
 -----END CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G5
 -----BEGIN CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
 yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -3762,6 +3435,8 @@ WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
 hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
 -----END CERTIFICATE-----
+
+# VeriSign Universal Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
 vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -3790,6 +3465,8 @@ BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
 lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
 7M2CYfE45k+XmCpajQ==
 -----END CERTIFICATE-----
+
+# Verisign Class 3 Public Primary Certification Authority - G3
 -----BEGIN CERTIFICATE-----
 MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -3814,6 +3491,8 @@ DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
 F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
 TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
 -----END CERTIFICATE-----
+
+# Visa eCommerce Root
 -----BEGIN CERTIFICATE-----
 MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
 MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
@@ -3836,69 +3515,8 @@ LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
 ++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
 398znM/jra6O1I7mT1GvFpLgXPYHDw==
 -----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
-BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
-MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
-b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
-rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
-fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
-f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
-ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
-x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
-aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
-zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
-uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
-mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
-Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
-HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
-EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
-MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
-JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
-g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
-dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
-R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
-PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
-xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
-J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
-OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
-ee5Ehr7XHuQe+w==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
-BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
-MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
-ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
-D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
-9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
-v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
-UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
-NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
-+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
-qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
-yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
-AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
-J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
-WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
-/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
-jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
-ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
-X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
-FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
-u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
-O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
-ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
-2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ==
------END CERTIFICATE-----
+
+# XRamp Global CA Root
 -----BEGIN CERTIFICATE-----
 MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
 gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
@@ -3924,6 +3542,8 @@ IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
 i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
 O+7ETPTsJ3xCwnR8gooJybQDJbw=
 -----END CERTIFICATE-----
+
+# certSIGN ROOT CA
 -----BEGIN CERTIFICATE-----
 MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
 AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
@@ -3944,6 +3564,8 @@ Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
 i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
 9u6wWk5JRFRYX0KD
 -----END CERTIFICATE-----
+
+# ePKI Root Certification Authority
 -----BEGIN CERTIFICATE-----
 MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
 MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
@@ -3977,6 +3599,8 @@ Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE
 W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
 hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA - G2
 -----BEGIN CERTIFICATE-----
 MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL
 MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp
@@ -3993,6 +3617,8 @@ DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3
 KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox
 XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg==
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA - G3
 -----BEGIN CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
 rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
@@ -4018,6 +3644,8 @@ KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
 m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
 MdRAGmI0Nj81Aa6sY6A=
 -----END CERTIFICATE-----
+
+# thawte Primary Root CA
 -----BEGIN CERTIFICATE-----
 MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
 qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
diff --git a/msys2/usr/ssl/certs/ca-bundle.trust.crt b/msys2/usr/ssl/certs/ca-bundle.trust.crt
index 236ab1dc8..17e51afa5 100644
--- a/msys2/usr/ssl/certs/ca-bundle.trust.crt
+++ b/msys2/usr/ssl/certs/ca-bundle.trust.crt
@@ -1,3 +1,4 @@
+# ACCVRAIZ1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
 AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
@@ -40,43 +41,11 @@ tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH
 I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA
 h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
 d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
-pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7MCswHgYIKwYB
-BQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwJQUNDVlJBSVox
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
-AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
-CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
-MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
-RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
-AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
-09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
-XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
-Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
-t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
-X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
-MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
-fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
-2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
-K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
-ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
-BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
-MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
-RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
-fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
-gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
-I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
-5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
-ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
-MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
-o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
-zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
-GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
-r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
-Z05phkOTOPu220+DkdRgfks+KzgHVZhepDAvMB4GCCsGAQUFBwMEBggrBgEFBQcD
-AQYIKwYBBQUHAwMMDUFDRURJQ09NIFJvb3Q=
+pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7MCEwFAYIKwYB
+BQUHAwQGCCsGAQUFBwMBDAlBQ0NWUkFJWjE=
 -----END TRUSTED CERTIFICATE-----
+
+# AC RAIZ FNMT-RCM
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx
 CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ
@@ -110,6 +79,8 @@ RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv
 uu8wd+RU4riEmViAqhOLUTpPSPaLtrMwHjAKBggrBgEFBQcDAQwQQUMgUkFJWiBG
 Tk1ULVJDTQ==
 -----END TRUSTED CERTIFICATE-----
+
+# AC Ra\xC3\xADz Certic\xC3\xA1mara S.A.
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx
 CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp
@@ -145,9 +116,11 @@ XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD
 W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/
 RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r
 MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk
-BYn8eNZcLCZDqTA+MBQGCCsGAQUFBwMEBggrBgEFBQcDAwwmQUMgUmFceEMzXHhB
-RHogQ2VydGljXHhDM1x4QTFtYXJhIFMuQS4=
+BYn8eNZcLCZDqTA0MAoGCCsGAQUFBwMEDCZBQyBSYVx4QzNceEFEeiBDZXJ0aWNc
+eEMzXHhBMW1hcmEgUy5BLg==
 -----END TRUSTED CERTIFICATE-----
+
+# Actalis Authentication Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
 BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
@@ -179,10 +152,11 @@ fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R
 K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU
 ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
 LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
-LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhljBAMB4GCCsGAQUFBwMEBggr
-BgEFBQcDAQYIKwYBBQUHAwMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBD
-QQ==
+LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhljA2MBQGCCsGAQUFBwMEBggr
+BgEFBQcDAQweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# AddTrust External Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
@@ -206,9 +180,11 @@ YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
 6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
 Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
 c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
-mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQwODAeBggrBgEFBQcDBAYIKwYBBQUH
-AwEGCCsGAQUFBwMDDBZBZGRUcnVzdCBFeHRlcm5hbCBSb290
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQwLjAUBggrBgEFBQcDBAYIKwYBBQUH
+AwEMFkFkZFRydXN0IEV4dGVybmFsIFJvb3Q=
 -----END TRUSTED CERTIFICATE-----
+
+# AddTrust Low-Value Services Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
 MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
@@ -231,62 +207,11 @@ IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
 43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
 eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
 pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
-WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47WcdkwODAU
-BggrBgEFBQcDBAYIKwYBBQUHAwEMIEFkZFRydXN0IExvdy1WYWx1ZSBTZXJ2aWNl
-cyBSb290
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAYwPzAeBggr
-BgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDB1BZGRUcnVzdCBQdWJsaWMgU2Vy
-dmljZXMgUm9vdA==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqEwRjAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDCRBZGRUcnVzdCBR
-dWFsaWZpZWQgQ2VydGlmaWNhdGVzIFJvb3Q=
+WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47WcdkwLjAK
+BggrBgEFBQcDBAwgQWRkVHJ1c3QgTG93LVZhbHVlIFNlcnZpY2VzIFJvb3Q=
 -----END TRUSTED CERTIFICATE-----
+
+# AffirmTrust Commercial
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -308,6 +233,8 @@ N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC
 nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8wJDAKBggrBgEFBQcDAQwW
 QWZmaXJtVHJ1c3QgQ29tbWVyY2lhbA==
 -----END TRUSTED CERTIFICATE-----
+
+# AffirmTrust Networking
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
@@ -329,6 +256,8 @@ olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48
 x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9swJDAKBggrBgEFBQcDAQwW
 QWZmaXJtVHJ1c3QgTmV0d29ya2luZw==
 -----END TRUSTED CERTIFICATE-----
+
+# AffirmTrust Premium
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
@@ -360,6 +289,8 @@ GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO
 RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e
 KeC2uAloGRwYQzAhMAoGCCsGAQUFBwMBDBNBZmZpcm1UcnVzdCBQcmVtaXVt
 -----END TRUSTED CERTIFICATE-----
+
+# AffirmTrust Premium ECC
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
 VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
@@ -374,6 +305,8 @@ aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I
 flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeTAlMAoGCCsGAQUFBwMB
 DBdBZmZpcm1UcnVzdCBQcmVtaXVtIEVDQw==
 -----END TRUSTED CERTIFICATE-----
+
+# Amazon Root CA 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -395,6 +328,8 @@ o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
 rqXRfboQnoZsG4q5WTP468SQvvG5MCgwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBBB
 bWF6b24gUm9vdCBDQSAx
 -----END TRUSTED CERTIFICATE-----
+
+# Amazon Root CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF
 ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
@@ -426,6 +361,8 @@ n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE
 9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT
 4PsJYGwwKDAUBggrBgEFBQcDBAYIKwYBBQUHAwEMEEFtYXpvbiBSb290IENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# Amazon Root CA 3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -439,6 +376,8 @@ BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM
 YyRIHN8wfdVoOzAoMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwQQW1hem9uIFJvb3Qg
 Q0EgMw==
 -----END TRUSTED CERTIFICATE-----
+
+# Amazon Root CA 4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5
 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
@@ -453,6 +392,8 @@ CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW
 1KyLa2tJElMzrdfkviT8tQp21KW8EDAoMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwQ
 QW1hem9uIFJvb3QgQ0EgNA==
 -----END TRUSTED CERTIFICATE-----
+
+# Atos TrustedRoot 2011
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
 AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
@@ -472,9 +413,11 @@ vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP
 DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc
 maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
 lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
-KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6edMDcwHgYIKwYBBQUHAwQGCCsGAQUF
-BwMBBggrBgEFBQcDAwwVQXRvcyBUcnVzdGVkUm9vdCAyMDEx
+KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6edMC0wFAYIKwYBBQUHAwQGCCsGAQUF
+BwMBDBVBdG9zIFRydXN0ZWRSb290IDIwMTE=
 -----END TRUSTED CERTIFICATE-----
+
+# Autoridad de Certificacion Firmaprofesional CIF A62634068
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
 BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
@@ -508,10 +451,12 @@ SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF
 ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g
 StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
 Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
-jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2VMFswHgYIKwYBBQUHAwQGCCsGAQUFBwMB
-BggrBgEFBQcDAww5QXV0b3JpZGFkIGRlIENlcnRpZmljYWNpb24gRmlybWFwcm9m
-ZXNpb25hbCBDSUYgQTYyNjM0MDY4
+jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2VMFEwFAYIKwYBBQUHAwQGCCsGAQUFBwMB
+DDlBdXRvcmlkYWQgZGUgQ2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJ
+RiBBNjI2MzQwNjg=
 -----END TRUSTED CERTIFICATE-----
+
+# Baltimore CyberTrust Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
 RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
@@ -534,342 +479,8 @@ ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
 R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmpMDEwFAYIKwYBBQUHAwQGCCsGAQUF
 BwMBDBlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF7jCCBNagAwIBAgIQBH7L6fylX3vQnq424QyuHjANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9tYWlsLmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCwc/DyBO7CokbKNCqqu2Aj0RF2Hx860GWDTppFqENwhXbwH4cA
-Ah9uOxcXxLXpGUaikiWNYiq0YzAfuYX4NeEWWnZJzFBIUzlZidaEAvua7BvHUdV2
-lZDUOiq4pt4CTQb7ze2lRkFfVXTl7H5A3FCcteQ1XR5oIPjp3qNqKL9B0qGz4iWN
-DBvKPZMMGK7fxbz9vIK6aADXFjJxn2W1EdpoWdCmV2Qbyf6Y5fWlZerh2+70s52z
-juqHrhbSHqB8fGk/KRaFAVOnbPFgq92i/CVH1DLREt33SBLg/Jyid5jpiZm4+Djx
-jAbCeiM2bZudzTDIxzQXHrt9Qsir5xUW9nO1AgMBAAGjggHqMIIB5jAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUGCqiyNR6P3utBIu9
-b54QRhN4cZ0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMC8G
-A1UdEQQoMCaCD21haWwuZ29vZ2xlLmNvbYITd3d3Lm1haWwuZ29vZ2xlLmNvbTAN
-BgkqhkiG9w0BAQUFAAOCAQEAZwYICifFk24C8t4XP9DTG3z/tc16x3fHvt8Syhne
-sBNXDAORxHlSz3+3XlUghEnd9dApLw4E2lmeDhOf9MAym/+hESQql6PyPz0qa6it
-jBl1lQ4dJf1PxHoVwx3HE0DIDb6XYHKm/iW+j+zVpobDIVxZUtlqC1yfS961+ezi
-9MXMYlN2iWXkKdq3v5bgYI0NtwlV1kBVHcHyliF1r4mGH12BlykoHinXlsEgAzJ7
-ADtqNxdao7MabzI7bvGjXaurzCrLMAwfNSOLaURc6qwoYO2ra2Oe9pK8vZpaJkzF
-mLgOGT78BTHjFtn9kAUDhsZXAR9/eKDPM2qqZmsi0KdJIzB9oG4GCCsGAQUFBwME
-BggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUH
-AwMGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEF
-BQcDCAwLQm9ndXMgR01haWw=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIG3TCCBcWgAwIBAgIRANjzX063hystqwaS4xU4L7AwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgeMxCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEOMAwG
-A1UEBxMFVGFtcGExFzAVBgNVBAkTDlNlYSBWaWxsYWdlIDEwMRcwFQYDVQQKEw5H
-bG9iYWwgVHJ1c3RlZTEXMBUGA1UECxMOR2xvYmFsIFRydXN0ZWUxKDAmBgNVBAsT
-H0hvc3RlZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRp
-bnVtU1NMMRcwFQYDVQQDEw5nbG9iYWwgdHJ1c3RlZTCCAiIwDQYJKoZIhvcNAQEB
-BQADggIPADCCAgoCggIBANl08qpBHd/1whZDSVwpv7aJdCm8nI0MRk9ZfrJBF2Y0
-DGWJ4Wwl44YKniJFIozdneajld7ciAJVXONbkXXrJmljuS7Gyi4n34i6AiBu/rkL
-Kden1tdIGhzO3R+pJw5iT6GWHt1UOjRjSnb1d31ZZ9gQ1LUPOkMimNv0CcQKcM7d
-kNQv73QTw83CiTliFZ3mdKjom/BjbpyJtg6tm/fMgujoLbgL2iLsSYUHiJmYP/R0
-qQn3gXyXC1mZGHKL25SCK6foqmuXv4h+dbCLRUUMx6gJ6htBWDA7X3hlFTTS5Dw0
-DR3YZDyKpVZJmSgtS/LPzdluSWSbqXmQd1WpCButGnSe4AOTCgm3rae0XO+DbLea
-tMZoQIAdQtFueZupGSGanPmGLQDRNP7gtvlVtvUmxZUWpXxznwopiaw6mPebdGe3
-kLddCSNqau0sEO5TChDwFh9Xs7ENeZEZsOvNMD+gFF+zxv1cM6ew/5iwVYy5pfJv
-RyRJIWnMQqJRAECFjIKCqzKly5rc0NkYDd8Z9K+DDcE+MdskSLZ1gKHhyXdkHqfl
-i38VTUunwtDteZVekTHsGP9On0gU6nW6Ic4pdukfTlGHLrPMBGC6Ix8fZbIKuNVu
-j0tCiUepgZBbK7K2ruagcHt4kAp6xeXnxfsK9i9pjIwfV+AGmf8R1VIyIJcnmO5l
-AgMBAAGjggHUMIIB0DAfBgNVHSMEGDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAd
-BgNVHQ4EFgQUt8PeGkPtQZepjyl4nAO5rEBCAKwwDgYDVR0PAQH/BAQDAgWgMAwG
-A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1Ud
-IAQ/MD0wOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2Vj
-dXJlLmNvbW9kby5jb20vQ1BTMHsGA1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwu
-Y29tb2RvY2EuY29tL1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmww
-cQYIKwYBBQUHAQEEZTBjMDsGCCsGAQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2Nh
-LmNvbS9VVE5BZGRUcnVzdFNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDov
-L29jc3AuY29tb2RvY2EuY29tMBkGA1UdEQQSMBCCDmdsb2JhbCB0cnVzdGVlMA0G
-CSqGSIb3DQEBBQUAA4IBAQCPunW6OdQm03APxLMCp8USI3HJ/mPpo2J4JERP1LkR
-Ph/HKOdVa+704QCRhorJCWufLqRFOdFhYl6TpQVFeJ9gEiz0bGVlDcxGNIsouqDG
-9JlxZPMidqxP82LJpzNaBx89yYaA3NsEL4cn6L9IRIHA8Ekjbh/l5AOGJBOihWJ8
-WATK5o0Tcgq6VkSiD7z7oD0NKn/7nqkJPbda1IqN4SXopAmEcK0SRLnPuTN6ulzm
-S6a7BQaY//KYUnt3gCdK2eL6uVLU+/vm1i2ej8EVRI2bdC/ulFpO08SLiqxDnXP2
-rgyHia2HycnH3boUYHr4tTWdwo3GloENqVKKKUAE6Rm0MIGGoG4GCCsGAQUFBwME
-BggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUH
-AwMGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEF
-BQcDCAwUQm9ndXMgR2xvYmFsIFRydXN0ZWU=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF5DCCBMygAwIBAgIRAPXIavNhYvE6ZPVPbclYfAYwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd4xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEXMBUGA1UEAxMOd3d3Lmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCwc/DyBO7CokbKNCqqu2Aj0RF2Hx860GWDTppFqENwhXbwH4cA
-Ah9uOxcXxLXpGUaikiWNYiq0YzAfuYX4NeEWWnZJzFBIUzlZidaEAvua7BvHUdV2
-lZDUOiq4pt4CTQb7ze2lRkFfVXTl7H5A3FCcteQ1XR5oIPjp3qNqKL9B0qGz4iWN
-DBvKPZMMGK7fxbz9vIK6aADXFjJxn2W1EdpoWdCmV2Qbyf6Y5fWlZerh2+70s52z
-juqHrhbSHqB8fGk/KRaFAVOnbPFgq92i/CVH1DLREt33SBLg/Jyid5jpiZm4+Djx
-jAbCeiM2bZudzTDIxzQXHrt9Qsir5xUW9nO1AgMBAAGjggHgMIIB3DAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUGCqiyNR6P3utBIu9
-b54QRhN4cZ0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMCUG
-A1UdEQQeMByCDnd3dy5nb29nbGUuY29tggpnb29nbGUuY29tMA0GCSqGSIb3DQEB
-BQUAA4IBAQBxwJk/Xva9M/+eFsuov91w+dJTOzauyRfIrl5N3WL3t9M+d6P+wHsy
-tcmUBVJQ8l89eYRJT11ssNdZvdRsiPr8xWWG6yhSokL2fLxqxwcuJdGQYiDGjVHC
-LEU5TgPa9xjozAo62UXYbG40i2KcThX5Q+7ll8A/rTUTxSsGx0H94vd+Ra2b0eFm
-7fh6S5Q5ei/r6D9D2DXWVvp0523m7axlhP7QTQYS3tpZADwJXM+IS+g9tBUhksxt
-plHijpfx9IJGy8RTXtpcnWWSAWWJAOW2mf8mQPEvGTEIGrFnVYYNrjUzhryXSJLX
-lmD4zvyW64fEc8yUm1hb83qkJxPWT/RpMH6gbgYIKwYBBQUHAwQGCCsGAQUFBwMB
-BggrBgEFBQcDAwYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUH
-AwQGCCsGAQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUFBwMIDAxCb2d1
-cyBHb29nbGU=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF+DCCBOCgAwIBAgIRAJI51TSPQNFpWnRUcOHyP0MwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgeIxCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEbMBkGA1UEAxMSYWRkb25zLm1vemlsbGEub3JnMIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEAq8ZtNvMVc3iDc850hdWu7LLw4CQfE4O4IKy7mv6Iu6uh
-HQsfRQCqSbc1Nwxq70dMudG+41cSBI2Sx7bsAby22seBOCCtcoXmDvyBbAetaHY4
-xUTXzMZKxZc+ZPRR5vB+suxW9yWCTUmYyxaY3SPxiZHRF5dAmSbW4qIrXt+9ifIb
-GlMtzFBBetA9KgxVcBQB6VhJEHoLk4KL4R7tOoAQgs6WijTwzNfTubRQh1VUCbid
-QihVAOWMNVS/3SWRRrcN5V2DqOWL+4TkPK522sRDK1t0C/i+XWjxeFu1zn3xXZlA
-2sruOIFQvpihbLgkrfOvjA/XESgshBhMfbXZjzC1GwIDAQABo4IB8DCCAewwHwYD
-VR0jBBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFN2A0lQ990xw
-yqOw3TR6MuToO1o7MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
-JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEB
-AgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQ
-UzB7BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4t
-VVNFUkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8u
-bmV0L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7
-BggrBgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RT
-ZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv
-bTA1BgNVHREELjAsghJhZGRvbnMubW96aWxsYS5vcmeCFnd3dy5hZGRvbnMubW96
-aWxsYS5vcmcwDQYJKoZIhvcNAQEFBQADggEBADM7YxX8sewULJPddZTegVrZTpm+
-+0qkOVVNoUB63hMqh6k3z+jV+63Re21vjCCHglTmV0m8ICiEzdYB2ZOLF24jZuWE
-yIA/xqFwgOTsTR35/JFac2IpmvcgHGHgizmfyrx+jd282bHjn57fFVORIVIL2Roj
-D2Y226yTlkqjpSLPKfeimaj2ttlArtl+tvZYLpusNspkj2VS3IacgqtuUEvaX/oF
-AIgwDt6NVr+BR409BuKyYpJnj57ImrLlBrhwJLh3fCMKOMN5CNixUZ2slRHHQBee
-oxyP8hGnaCfaSQWEGHxYLQFnXOWfoSm7SjlFL78Rqnmi7bTUtWVDt5NGitMwgYag
-bgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwYIKwYBBQUHAwEGCCsGAQUF
-BwMCBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMFBggrBgEFBQcDBgYIKwYB
-BQUHAwcGCCsGAQUFBwMIDBRCb2d1cyBNb3ppbGxhIEFkZG9ucw==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF7zCCBNegAwIBAgIRAOkCi5V45BXcGnEKK4gVREcwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd8xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEYMBYGA1UEAxMPbG9naW4uc2t5cGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAsHiZhg6icyPUWsNJ67E2jHzKhK48rziIKJmNLVgTsZd4PlIg
-Z6xbc5hsMlXJcNHZqhXoLiaFgbxW5LyAY9tO1/UCvlFjHjzb39cAXVq55Xtq6jgg
-sju27nVUhPmmyjhw3b+w/6WFXbRB/t092SrhMEMamHmToF/gZ2yV+j56rnF7422I
-Qj8l1O6+aGisraxg4CCjOYO5Wyijk22hvXYK4+uuhycOVI+0SAyaVPRdjjdQ3F6k
-i2tL3KbzNL53WSKI/xkrbXZkc9oMhwcrmjc60OKM9jYya5p5zNI7k28aTWzmwZ1A
-rC10w77qXHNlASmxKr9wWcHOxsOiyEVfumc9DwIDAQABo4IB6jCCAeYwHwYDVR0j
-BBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFNWOWlETtCkNMbYc
-jT5RUTEKM6qBMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
-MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgED
-BDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzB7
-BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4tVVNF
-UkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0
-L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7Bggr
-BgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RTZXJ2
-ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAv
-BgNVHREEKDAmgg9sb2dpbi5za3lwZS5jb22CE3d3dy5sb2dpbi5za3lwZS5jb20w
-DQYJKoZIhvcNAQEFBQADggEBAAjygXWRu84SBBjCTVr7RpAKVET08t0HgfAfpnpv
-n8+4DixPnMSa9aj2uqTJel2x4lrKPPpgqGg+y7ot4s3WtuSSPGmtV+qoLzgQhHLl
-aHHtvutuGO9jer7nJP/AY/1YO0yBktgpq441XdfTCWuF09VzBUTi5buDUxDL8s+3
-buFpt6GSZMXPzYK7NqA4rdck31P8P2K3t9XHV+OTMXCOJImGymMrObpd2Wpg7KFO
-iv5T+F6S3y9cJhdtA30CDw+qQ2dtsGK/flPdzOx4c5XlpfYAowT9PwQqs5jFtwMc
-28lQq7AFHR6+VrTPPkITlJ755wGBpXhvDHp2rAWG7KzCEawwfaBuBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUF
-BwMDBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYB
-BQUHAwgMC0JvZ3VzIFNreXBl
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF7zCCBNegAwIBAgIRANdVj9r18RBbshMoK3B3KaMwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd8xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEYMBYGA1UEAxMPbG9naW4ueWFob28uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAoaQFPe2FRZOKGE3GAwBX4kB38Bzr0BnfIl0If9EHPEGJRhej
-Cfr8+KkE0ZaPq9dPPPmtGKl0gcRXCjomFs5iPrw/bCHuk43LDaAfmpbQj631k5OC
-7nIMoXUVo3uEVrit/1IRcYS8OjALfpio4ag/N1LQ8XxvkNhFCqw5cmph1bvDjPnC
-zN/9OnG5r7zcOtwMtrHS0Ym7Qbby3lfVFd/8/eIxxd/KwdiPLL/wDltx4DRxw8VN
-fXrU+u0wSy/qti6ekzziOvhCohru3N/ND6n2eYQajmwCtoblv1FqZvjznNNZDHul
-mXjNfJn6xpZH2DLUdHYOd0sgdKS3iXWSSrRbVQIDAQABo4IB6jCCAeYwHwYDVR0j
-BBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0UwHQYDVR0OBBYEFIZJRfwzGTPUBO0n
-Ye7oAckMfy9+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
-MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgED
-BDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzB7
-BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4tVVNF
-UkZpcnN0LUhhcmR3YXJlLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0
-L1VUTi1VU0VSRmlyc3QtSGFyZHdhcmUuY3JsMHEGCCsGAQUFBwEBBGUwYzA7Bggr
-BgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vVVROQWRkVHJ1c3RTZXJ2
-ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAv
-BgNVHREEKDAmgg9sb2dpbi55YWhvby5jb22CE3d3dy5sb2dpbi55YWhvby5jb20w
-DQYJKoZIhvcNAQEFBQADggEBAD1XyUgkXO5kgfWuvlUpFv8qL4Tt2fijA8gwZrvI
-1IEtIfcI96yWQppBdXq6XRAjy5JCYfqK2m1lNBnlqdYtE3jXgUSSqW6AYxXL/jUf
-AtGKFLCozJQgO6ga8F02UNsNrulk5PaNaX0wyBQXAErlpjX7fQ0inXl2Uiy8lwaI
-mhX0c+bx9ZilzQdEkbinaGdF0nIRYOJxt1BV4oqpDdaS7gQqizCgogVGNG2Sxjuq
-TaDQqwEZCjK36OPP8dKXSXuspJf38FeuY3eaf5baTf2+3Ac24yW9iXmOKRITi4gH
-+2vbpM2zLSfp1Mpg14VT+3TGXDWMcB/5sreSJyDHlNVnFDAwf6BuBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUF
-BwMDBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYB
-BQUHAwgMDUJvZ3VzIFlhaG9vIDE=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF2TCCBMGgAwIBAgIQOSpDTw4H3x+KowXeNODCKTANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQChpAU97YVFk4oYTcYDAFfiQHfwHOvQGd8iXQh/0Qc8QYlGF6MJ
-+vz4qQTRlo+r1088+a0YqXSBxFcKOiYWzmI+vD9sIe6TjcsNoB+altCPrfWTk4Lu
-cgyhdRWje4RWuK3/UhFxhLw6MAt+mKjhqD83UtDxfG+Q2EUKrDlyamHVu8OM+cLM
-3/06cbmvvNw63Ay2sdLRibtBtvLeV9UV3/z94jHF38rB2I8sv/AOW3HgNHHDxU19
-etT67TBLL+q2Lp6TPOI6+EKiGu7c380PqfZ5hBqObAK2huW/UWpm+POc01kMe6WZ
-eM18mfrGlkfYMtR0dg53SyB0pLeJdZJKtFtVAgMBAAGjggHVMIIB0TAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUhklF/DMZM9QE7Sdh
-7ugByQx/L34wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBoG
-A1UdEQQTMBGCD2xvZ2luLnlhaG9vLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAV2Lh
-d+v8H7+IU69Y09TWbWcwF0C+4B9k3ocVzOCkVqnRn/kB/gKxseriX+5xFjH5CNXC
-15qbslo416l/6YdrMfkLrNn9UHHg24KSD4GcjXfp6y7q1CNBh+wtsnizjrFn0u5x
-AwgSmbMCKW/ei97BqQMKWjMcPREDxkgMmJwVLtmmhVLnBYquMCPr7ShsYOktf49H
-iy/Q3Oa7D35f8kiBjlAEY7FRgHWaqbYQHBBfbxhv4A6WRc7u8bUg2+/absiV4/ZF
-/cr8pV9JbQYe0t5hPRV9N+UcNY4Gwmv3tKgoLDHLqrSnl0+divavfje5ez3fkmaL
-j06dxjbnXKarEg/WzzB/oG4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMG
-CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcD
-BQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwNQm9ndXMgWWFob28gMg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF2TCCBMGgAwIBAgIQPnXO1GtpMCEhiDCuhqgqcTANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNMTEwMzE1MDAwMDAwWhcNMTQwMzE0MjM1OTU5WjCB3zELMAkG
-A1UEBhMCVVMxDjAMBgNVBBETBTM4NDc3MRAwDgYDVQQIEwdGbG9yaWRhMRAwDgYD
-VQQHEwdFbmdsaXNoMRcwFQYDVQQJEw5TZWEgVmlsbGFnZSAxMDEUMBIGA1UEChML
-R29vZ2xlIEx0ZC4xEzARBgNVBAsTClRlY2ggRGVwdC4xKDAmBgNVBAsTH0hvc3Rl
-ZCBieSBHVEkgR3JvdXAgQ29ycG9yYXRpb24xFDASBgNVBAsTC1BsYXRpbnVtU1NM
-MRgwFgYDVQQDEw9sb2dpbi55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQChpAU97YVFk4oYTcYDAFfiQHfwHOvQGd8iXQh/0Qc8QYlGF6MJ
-+vz4qQTRlo+r1088+a0YqXSBxFcKOiYWzmI+vD9sIe6TjcsNoB+altCPrfWTk4Lu
-cgyhdRWje4RWuK3/UhFxhLw6MAt+mKjhqD83UtDxfG+Q2EUKrDlyamHVu8OM+cLM
-3/06cbmvvNw63Ay2sdLRibtBtvLeV9UV3/z94jHF38rB2I8sv/AOW3HgNHHDxU19
-etT67TBLL+q2Lp6TPOI6+EKiGu7c380PqfZ5hBqObAK2huW/UWpm+POc01kMe6WZ
-eM18mfrGlkfYMtR0dg53SyB0pLeJdZJKtFtVAgMBAAGjggHVMIIB0TAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQUhklF/DMZM9QE7Sdh
-7ugByQx/L34wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBoG
-A1UdEQQTMBGCD2xvZ2luLnlhaG9vLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAU2mY
-jihOnCtbHcxrdyg9u/qlTn5WKaTqEOL05i0G0YTbI86X82i2DzreFQskHZHjbC4w
-t+lwsMNGgPDTsVG/T9Z4oPysxs8xBGPiNFUFSj32MLrzM+W60pbz1bG2k4kapGi+
-fu1jtBpIwFPko/A5DDKSx0MNGnHt0EaTv5NibDNLzTYNaV67bJaZIWnES2dy22xq
-uPdo7cWPrWNllQpM4PkPfjc9qtSTumcJw6WkDQNabdUL/vBAFLT2uGl8bcIyS5+1
-GudGrkxaK6p6XpBXlfrbZgIgHmppZhWcwrb1vFC1/UXHH2i0R1msxBsok05SUxID
-WEtxg59m5qx5SP7+RzB/oG4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMG
-CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcD
-BQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwNQm9ndXMgWWFob28gMw==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF7DCCBNSgAwIBAgIRALC3Ez7Qlvm1b66RyHS9OsAwDQYJKoZIhvcNAQEFBQAw
-gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl
-IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY
-aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0
-LUhhcmR3YXJlMB4XDTExMDMxNTAwMDAwMFoXDTE0MDMxNDIzNTk1OVowgd4xCzAJ
-BgNVBAYTAlVTMQ4wDAYDVQQREwUzODQ3NzEQMA4GA1UECBMHRmxvcmlkYTEQMA4G
-A1UEBxMHRW5nbGlzaDEXMBUGA1UECRMOU2VhIFZpbGxhZ2UgMTAxFDASBgNVBAoT
-C0dvb2dsZSBMdGQuMRMwEQYDVQQLEwpUZWNoIERlcHQuMSgwJgYDVQQLEx9Ib3N0
-ZWQgYnkgR1RJIEdyb3VwIENvcnBvcmF0aW9uMRQwEgYDVQQLEwtQbGF0aW51bVNT
-TDEXMBUGA1UEAxMObG9naW4ubGl2ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDz/Csv7+GtWfBCPMLxgr8sQZPR9pgzlUy8YvGVWAi26Xt3SLDT
-3Bc/vG7m7B7sjRf+HCTGPmc9kpWiMMCnVyDPcIiXSgWTeZNCly8+/8QUFCiiEza0
-+O6+Hbx4XWGTX+uI19HkK5rNWOIHRZ9PuLlAajMsWyEDWkqU8nqXWRuotULYgwCq
-NMyndtBHA18FrzvhuaE0JbdsX5owhJjCwtfyuEJKEFW9+lOBXY1oZkUsUn7lxATD
-VOfDOdp6SsW5mIIg4SxgV7+68kYAvF863OMzl/hKmLnsM08tYGwVkqaBSgvp7HZw
-NDEXcOZwS46L03XLeEmrZpuGn4+pxAHoyhvnAgMBAAGjggHoMIIB5DAfBgNVHSME
-GDAWgBShcl8mGyiYQ5VdBzfVhZadS9LDRTAdBgNVHQ4EFgQU1GT2qeilfte/Y1ID
-g1PbxUGN6oAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQME
-MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMHsG
-A1UdHwR0MHIwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1VUTi1VU0VS
-Rmlyc3QtSGFyZHdhcmUuY3JsMDagNKAyhjBodHRwOi8vY3JsLmNvbW9kby5uZXQv
-VVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
-AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZl
-ckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMC0G
-A1UdEQQmMCSCDmxvZ2luLmxpdmUuY29tghJ3d3cubG9naW4ubGl2ZS5jb20wDQYJ
-KoZIhvcNAQEFBQADggEBAFTjpJok0vMdQq0b8B6r+9rVqunPWrMeV3sx8m5XSzGv
-M7u2DRXHXlkBzkS1t78JydXcaYTpxRq38D7UwCS9KV+06dZY60URiTQ00xHrNM4q
-TwA99nLvaWbAn5qsfnBQrFVH2r5DW+yLyMUjhMmftlIIz5EbL4Bp5jQz5rOfpOUN
-mhX5V/wLqUEL9f9YQZIiJ2YSBscq2Fmnxt9EEk/AqH+nQcjIaf+6BS6XrTvQ6/MV
-bX4b5brdNL4iEexomDOBAmoLE1V5MXVOOsi2E72XbzcKCy2IDt5nkMKzyiDKmlH0
-ZD7b9C5F8sdHF6j0+pBaf4CmgqzkbIFGu1KFICT4gOowgYCgbgYIKwYBBQUHAwQG
-CCsGAQUFBwMBBggrBgEFBQcDAwYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcD
-AwYIKwYBBQUHAwQGCCsGAQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUF
-BwMIDA5Cb2d1cyBsaXZlLmNvbQ==
------END TRUSTED CERTIFICATE-----
+
+# Buypass Class 2 Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -902,6 +513,8 @@ I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7
 Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqAwJTAKBggrBgEFBQcDAQwXQnV5
 cGFzcyBDbGFzcyAyIFJvb3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Buypass Class 3 Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
 MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
@@ -934,39 +547,8 @@ u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq
 4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZcwJTAKBggrBgEFBQcDAQwXQnV5
 cGFzcyBDbGFzcyAzIFJvb3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
-BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
-MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
-MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
-EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
-ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
-D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
-OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
-fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
-IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
-oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
-/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
-rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
-3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
-7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
-yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
-qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
-hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
-SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
-HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
-emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
-AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
-7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
-DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
-F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
-a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
-Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOLMDIw
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwQQ0EgRGlzaWcgUm9vdCBS
-MQ==
------END TRUSTED CERTIFICATE-----
+
+# CA Disig Root R2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
 BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
@@ -996,25 +578,11 @@ nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3
 gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr
 G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
 zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
-L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcLMDIw
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwQQ0EgRGlzaWcgUm9vdCBS
-Mg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
-CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
-EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
-NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
-MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
-KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
-1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
-1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
-aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5KMDQw
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwSQ0EgV29TaWduIEVDQyBS
-b290
+L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcLMCgw
+FAYIKwYBBQUHAwQGCCsGAQUFBwMBDBBDQSBEaXNpZyBSb290IFIy
 -----END TRUSTED CERTIFICATE-----
+
+# CFCA EV ROOT
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD
 TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
@@ -1048,27 +616,8 @@ AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
 5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63suMBowCgYIKwYBBQUHAwEM
 DENGQ0EgRVYgUk9PVA==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2
-MDcwOTE0WhcNMjcwNDE2MDcwOTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMF
-Q05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzDo+/hn7E7SIX1mlwh
-IhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tizVHa6
-dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZO
-V/kbZKKTVrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrC
-GHn2emU1z5DrvTOTn1OrczvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gN
-v7Sg2Ca+I19zN38m5pIEo3/PIKe38zrKy5nLAgMBAAGjczBxMBEGCWCGSAGG+EIB
-AQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscCwQ7vptU7ETAPBgNVHRMB
-Af8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991SlgrHAsEO
-76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnK
-OOK5Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvH
-ugDnuL8BV8F3RTIMO/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7Hgvi
-yJA/qIYM/PmLXoXLT1tLYhFHxUV8BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fL
-buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
-2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxEwGDAKBggr
-BgEFBQcDAQwKQ05OSUMgUk9PVA==
------END TRUSTED CERTIFICATE-----
+
+# COMODO Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
 gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -1092,9 +641,11 @@ IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/
 RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4
 zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
 BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
-ZTBAMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMHkNPTU9ETyBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eQ==
+ZTA2MBQGCCsGAQUFBwMEBggrBgEFBQcDAQweQ09NT0RPIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# COMODO ECC Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
 MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
@@ -1109,10 +660,11 @@ cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW
 BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
 BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
 fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
-GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdYwRDAeBggrBgEFBQcDBAYIKwYB
-BQUHAwEGCCsGAQUFBwMDDCJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9y
-aXR5
+GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdYwOjAUBggrBgEFBQcDBAYIKwYB
+BQUHAwEMIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHk=
 -----END TRUSTED CERTIFICATE-----
+
+# COMODO RSA Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
 hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
@@ -1145,9 +697,11 @@ jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL
 S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb
 QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
 0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
-NVOFBkpdn627G190MEQwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwi
-Q09NT0RPIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
+NVOFBkpdn627G190MDowFAYIKwYBBQUHAwQGCCsGAQUFBwMBDCJDT01PRE8gUlNB
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# Camerfirma Chambers of Commerce Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
 MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
@@ -1174,9 +728,11 @@ p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
 1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
 XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
 eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
-tGWaIZDgqtCYvDi1czyL+NwwRjAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUF
-BwMDDCRDYW1lcmZpcm1hIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3Q=
+tGWaIZDgqtCYvDi1czyL+NwwMjAKBggrBgEFBQcDBAwkQ2FtZXJmaXJtYSBDaGFt
+YmVycyBvZiBDb21tZXJjZSBSb290
 -----END TRUSTED CERTIFICATE-----
+
+# Camerfirma Global Chambersign Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
 MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
@@ -1203,32 +759,11 @@ bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
 ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
 VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
 ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
-AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8DBEMB4GCCsGAQUFBwMEBggrBgEFBQcD
-AQYIKwYBBQUHAwMMIkNhbWVyZmlybWEgR2xvYmFsIENoYW1iZXJzaWduIFJvb3Q=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
-BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
-MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
-JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
-gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
-5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
-fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
-2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
-KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
-fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
-3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
-SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
-LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
-XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRgwRjAeBggrBgEFBQcDBAYI
-KwYBBQUHAwEGCCsGAQUFBwMDDCRDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBvZiBX
-b1NpZ24gRzI=
+AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8DAwMAoGCCsGAQUFBwMEDCJDYW1lcmZp
+cm1hIEdsb2JhbCBDaGFtYmVyc2lnbiBSb290
 -----END TRUSTED CERTIFICATE-----
+
+# Certigna
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV
 BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X
@@ -1252,39 +787,8 @@ t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
 WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLjAgMBQGCCsGAQUFBwMEBggrBgEF
 BQcDAQwIQ2VydGlnbmE=
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjET
-MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAk
-BgNVBAMMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4
-Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNl
-cnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYwJAYDVQQDDB1DZXJ0
-aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jY
-F1AMnmHawE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N
-8y4oH3DfVS9O7cdxbwlyLu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWe
-rP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K
-/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92NjMD2AR5vpTESOH2VwnHu
-7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9qc1pkIuVC
-28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6
-lSTClrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1E
-nn1So2+WLhl+HPNbxxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB
-0iSVL1N6aaLwD4ZFjliCK0wi1F6g530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql09
-5gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna4NH4+ej9Uji29YnfAgMBAAGj
-WzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQN
-jLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
-KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9s
-ov3/4gbIOZ/xWqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZM
-OH8oMDX/nyNTt7buFHAAQCvaR6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q
-619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40nJ+U8/aGH88bc62UeYdocMMzpXDn
-2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1BCxMjidPJC+iKunqj
-o3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjvJL1v
-nxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG
-5ERQL1TEqkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWq
-pdEdnV1j6CTmNhTih60bWfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZb
-dsLLO7XSAPCjDuGtbkD326C00EauFddEwk01+dIL8hf2rGbVJLJP0RyZwG71fet0
-BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/vgt2Fl43N+bYdJeimUV5
-MCswCgYIKwYBBQUHAwEMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5l
------END TRUSTED CERTIFICATE-----
+
+# Certinomis - Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
 MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
@@ -1318,6 +822,8 @@ Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ
 gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUEwIjAKBggrBgEF
 BQcDAQwUQ2VydGlub21pcyAtIFJvb3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Certplus Class 2 Primary CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
 PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
@@ -1341,6 +847,8 @@ kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
 l7+ijrRUMDMwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBtDZXJ0cGx1cyBDbGFzcyAy
 IFByaW1hcnkgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Certplus Root CA G1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA
 MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy
@@ -1373,6 +881,8 @@ g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl
 ++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvow
 KzAUBggrBgEFBQcDBAYIKwYBBQUHAwEME0NlcnRwbHVzIFJvb3QgQ0EgRzE=
 -----END TRUSTED CERTIFICATE-----
+
+# Certplus Root CA G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x
 CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs
@@ -1388,6 +898,8 @@ p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal
 U5ORGpOucGpnutee5WEaXzArMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwTQ2VydHBs
 dXMgUm9vdCBDQSBHMg==
 -----END TRUSTED CERTIFICATE-----
+
+# Certum Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
 MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
@@ -1405,9 +917,10 @@ TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
 xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
 CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
 O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
-6GAqm4VKQPNriiTsBhYsczAwMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUH
-AwMMDkNlcnR1bSBSb290IENB
+6GAqm4VKQPNriiTsBhYsczAcMAoGCCsGAQUFBwMEDA5DZXJ0dW0gUm9vdCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# Certum Trusted Network CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
 MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
@@ -1429,9 +942,11 @@ I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8
 J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
 VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
 03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyww
-OzAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBlDZXJ0dW0gVHJ1c3Rl
-ZCBOZXR3b3JrIENB
+MTAUBggrBgEFBQcDBAYIKwYBBQUHAwEMGUNlcnR1bSBUcnVzdGVkIE5ldHdvcmsg
+Q0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Certum Trusted Network CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB
 gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
@@ -1467,6 +982,8 @@ XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P
 DrW5viSPMDMwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBtDZXJ0dW0gVHJ1c3RlZCBO
 ZXR3b3JrIENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# Chambers of Commerce Root - 2008
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -1507,34 +1024,11 @@ tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq
 jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De
 fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
 OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
-d0jQMEIwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwgQ2hhbWJlcnMg
-b2YgQ29tbWVyY2UgUm9vdCAtIDIwMDg=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
-Q04xMjAwBgNVBAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24g
-Q2VudGVyMUcwRQYDVQQDDD5DaGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0
-aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMgUm9vdDAeFw0xMDA4MzEwNzExMjVa
-Fw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAGA1UECgwpQ2hpbmEg
-SW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMMPkNo
-aW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRp
-ZmljYXRlcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z
-7r07eKpkQ0H1UN+U8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//
-DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1Vx
-zUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8
-hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs
-4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54u
-gQEC7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oY
-NJKiyoOCWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
-FgQUfHJLOcfA22KlT5uqGDSSosqDglkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3
-j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd50XPFtQO3WKwMVC/GVhMPMdoG
-52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM7+czV0I664zB
-echNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
-ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrI
-zo9uoV1/A3U05K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATy
-wy39FCqQmbkHzJ8wTDAKBggrBgEFBQcDAQw+Q2hpbmEgSW50ZXJuZXQgTmV0d29y
-ayBJbmZvcm1hdGlvbiBDZW50ZXIgRVYgQ2VydGlmaWNhdGVzIFJvb3Q=
+d0jQMDgwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDCBDaGFtYmVycyBvZiBDb21tZXJj
+ZSBSb290IC0gMjAwOA==
 -----END TRUSTED CERTIFICATE-----
+
+# ComSign CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0
 MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG
@@ -1557,29 +1051,8 @@ hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk
 Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U
 AGegcQCCSDAYMAoGCCsGAQUFBwMEDApDb21TaWduIENB
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDqzCCApOgAwIBAgIRAMcoRwmzuGxFjB36JPU2TukwDQYJKoZIhvcNAQEFBQAw
-PDEbMBkGA1UEAxMSQ29tU2lnbiBTZWN1cmVkIENBMRAwDgYDVQQKEwdDb21TaWdu
-MQswCQYDVQQGEwJJTDAeFw0wNDAzMjQxMTM3MjBaFw0yOTAzMTYxNTA0NTZaMDwx
-GzAZBgNVBAMTEkNvbVNpZ24gU2VjdXJlZCBDQTEQMA4GA1UEChMHQ29tU2lnbjEL
-MAkGA1UEBhMCSUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGtWhf
-HZQVw6QIVS3joFd67+l0Kru5fFdJGhFeTymHDEjWaueP1H5XJLkGieQcPOqs49oh
-gHMhCu95mGwfCP+hUH3ymBvJVG8+pSjsIQQPRbsHPaHA+iqYHU4Gk/v1iDurX8sW
-v+bznkqH7Rnqwp9D5PGBpX8QTz7RSmKtUxvLg/8HZaWSLWapW7ha9B20IZFKF3ue
-Mv5WJDmyVIRD9YTC2LxBkMyd1mja6YJQqTtoz7VdApRgFrFD2UNd3V2Hbuq7s8lr
-9gOUCXDeFhF6K+h2j0kQmHe5Y1yLM5d19guMsqtb3nQgJT/j8xH5h2iGNXHDHYwt
-6+UarA9z1YJZQIDTAgMBAAGjgacwgaQwDAYDVR0TBAUwAwEB/zBEBgNVHR8EPTA7
-MDmgN6A1hjNodHRwOi8vZmVkaXIuY29tc2lnbi5jby5pbC9jcmwvQ29tU2lnblNl
-Y3VyZWRDQS5jcmwwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFMFL7XC29z58
-ADsAj8c+DkWfHl3sMB0GA1UdDgQWBBTBS+1wtvc+fAA7AI/HPg5Fnx5d7DANBgkq
-hkiG9w0BAQUFAAOCAQEAFs/ukhNQq3sUnjO2QiBq1BW9Cav8cujvR3qQrFHBZE7p
-iL1DRYHjZiM/EoZNGeQFsOY3wo3aBijJD4mkU6l1P7CW+6tMM1X5eCZGbxs2mPtC
-dsGCuY7e+0X5YxtiOzkGynd6qDwJz2w2PQ8KRUtpFhpFfTMDZflScZAmlaxMDPWL
-kz/MdXSFmLr/YnpNH4n+rr2UAJm/EaXc4HnFFgt9AmEd6oX5AhVP51qJThRv4zdL
-hfXBPGHg/QVBspJ/wx2g0K5SZGBrGMYmnNj1ZOQ2GmKfig8+/21OGVZOIJFsnzQz
-OjRXUDpvgV4GxvU+fE6OK85lBi5d0ipTdF7TbieejzAgMAoGCCsGAQUFBwMDDBJD
-b21TaWduIFNlY3VyZWQgQ0E=
------END TRUSTED CERTIFICATE-----
+
+# Comodo AAA Services root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
 MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
@@ -1603,63 +1076,11 @@ GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
 Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
 G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
 l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
-smPi9WIsgtRqAEFQ8TmDn5XpNpaYbjA6MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYI
-KwYBBQUHAwMMGENvbW9kbyBBQUEgU2VydmljZXMgcm9vdA==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/SkwPTAeBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDDBtDb21vZG8gU2VjdXJlIFNlcnZpY2VzIHJv
-b3Q=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBiMD4wHgYIKwYB
-BQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwcQ29tb2RvIFRydXN0ZWQgU2Vydmlj
-ZXMgcm9vdA==
+smPi9WIsgtRqAEFQ8TmDn5XpNpaYbjAwMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwY
+Q29tb2RvIEFBQSBTZXJ2aWNlcyByb290
 -----END TRUSTED CERTIFICATE-----
+
+# Cybertrust Global Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG
 A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
@@ -1683,6 +1104,8 @@ A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW
 WL1WMRJOEcgh4LMRkWXbtKaIOM5VMCQwCgYIKwYBBQUHAwEMFkN5YmVydHJ1c3Qg
 R2xvYmFsIFJvb3Q=
 -----END TRUSTED CERTIFICATE-----
+
+# D-TRUST Root CA 3 2013
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD
@@ -1708,6 +1131,8 @@ h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln
 tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXDAkMAoGCCsGAQUFBwME
 DBZELVRSVVNUIFJvb3QgQ0EgMyAyMDEz
 -----END TRUSTED CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 2009
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD
@@ -1734,6 +1159,8 @@ PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y
 Johw1+qRzT65ysCQblrGXnRl11z+o+IwLDAKBggrBgEFBQcDAQweRC1UUlVTVCBS
 b290IENsYXNzIDMgQ0EgMiAyMDA5
 -----END TRUSTED CERTIFICATE-----
+
+# D-TRUST Root Class 3 CA 2 EV 2009
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
 MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
@@ -1760,31 +1187,8 @@ xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX
 KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1MC8wCgYIKwYB
 BQUHAwEMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOQ==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
-ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
-MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
-VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
-FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
-ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
-gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
-fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
-ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
-ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
-c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
-dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
-aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
-hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
-QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
-h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
-nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
-rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
-9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6miswHDAKBggrBgEFBQcDAQwORFNU
-IEFDRVMgQ0EgWDY=
------END TRUSTED CERTIFICATE-----
+
+# DST Root CA X3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
 MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
@@ -1806,6 +1210,8 @@ JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
 Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQMBwwCgYIKwYBBQUHAwEMDkRT
 VCBSb290IENBIFgz
 -----END TRUSTED CERTIFICATE-----
+
+# Deutsche Telekom Root CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
 MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
@@ -1826,9 +1232,11 @@ tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
 IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
 6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
 xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
-Cm26OWMohpLzGITY+9HPBVZkVzA8MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYB
-BQUHAwMMGkRldXRzY2hlIFRlbGVrb20gUm9vdCBDQSAy
+Cm26OWMohpLzGITY+9HPBVZkVzAyMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwaRGV1
+dHNjaGUgVGVsZWtvbSBSb290IENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Assured ID Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1849,10 +1257,11 @@ dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf
 fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm
 NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
 H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
-+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8jA9MB4G
-CCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMG0RpZ2lDZXJ0IEFzc3VyZWQg
-SUQgUm9vdCBDQQ==
++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8jAzMBQG
+CCsGAQUFBwMEBggrBgEFBQcDAQwbRGlnaUNlcnQgQXNzdXJlZCBJRCBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Assured ID Root G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1873,9 +1282,11 @@ QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I
 lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9
 B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
 ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
-IhNzbM8m9Yop5zA9MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMG0Rp
-Z2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBHMg==
+IhNzbM8m9Yop5zAzMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwbRGlnaUNlcnQgQXNz
+dXJlZCBJRCBSb290IEcy
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Assured ID Root G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1889,9 +1300,11 @@ RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
 BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD
 AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
 JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
-6pZjamVFkpUBtDA9MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMG0Rp
-Z2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBHMw==
+6pZjamVFkpUBtDAzMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwbRGlnaUNlcnQgQXNz
+dXJlZCBJRCBSb290IEcz
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Global Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1912,9 +1325,11 @@ hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
 06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
 PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
 YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
-CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4wOTAeBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDDBdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQQ==
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4wLzAUBggrBgEFBQcD
+BAYIKwYBBQUHAwEMF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Global Root G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1935,9 +1350,11 @@ NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
 Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
 8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
 pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
-MrYwOTAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBdEaWdpQ2VydCBH
-bG9iYWwgUm9vdCBHMg==
+MrYwLzAUBggrBgEFBQcDBAYIKwYBBQUHAwEMF0RpZ2lDZXJ0IEdsb2JhbCBSb290
+IEcy
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Global Root G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
@@ -1951,9 +1368,11 @@ Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd
 BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx
 AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
 oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
-sycXMDkwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwXRGlnaUNlcnQg
-R2xvYmFsIFJvb3QgRzM=
+sycXMC8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBdEaWdpQ2VydCBHbG9iYWwgUm9v
+dCBHMw==
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert High Assurance EV Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -1975,9 +1394,11 @@ eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
 hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
 Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
 vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
-+OkuE6N36B9KMEQwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwiRGln
-aUNlcnQgSGlnaCBBc3N1cmFuY2UgRVYgUm9vdCBDQQ==
++OkuE6N36B9KMDowFAYIKwYBBQUHAwQGCCsGAQUFBwMBDCJEaWdpQ2VydCBIaWdo
+IEFzc3VyYW5jZSBFViBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# DigiCert Trusted Root G4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
@@ -2008,9 +1429,11 @@ cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N
 4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI
 r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
 /YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
-gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+MDowHgYIKwYBBQUH
-AwQGCCsGAQUFBwMBBggrBgEFBQcDAwwYRGlnaUNlcnQgVHJ1c3RlZCBSb290IEc0
+gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+MDAwFAYIKwYBBQUH
+AwQGCCsGAQUFBwMBDBhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQ=
 -----END TRUSTED CERTIFICATE-----
+
+# E-Tugra Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
 BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
@@ -2045,9 +1468,11 @@ FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl
 yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P
 AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
 y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
-NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJDA3MBQGCCsGAQUFBwMBBggr
-BgEFBQcDAwwfRS1UdWdyYSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
+NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJDAtMAoGCCsGAQUFBwMBDB9F
+LVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# EC-ACC
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB
 8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
@@ -2079,6 +1504,8 @@ Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS
 Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl
 nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EIwFDAKBggrBgEFBQcDAQwGRUMtQUND
 -----END TRUSTED CERTIFICATE-----
+
+# EE Certification Centre Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1
 MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
@@ -2101,9 +1528,11 @@ v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG
 E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u
 uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW
 iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v
-GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0wNzAUBggrBgEFBQcDAQYIKwYBBQUHAwMM
-H0VFIENlcnRpZmljYXRpb24gQ2VudHJlIFJvb3QgQ0E=
+GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0wLTAKBggrBgEFBQcDAQwfRUUgQ2VydGlm
+aWNhdGlvbiBDZW50cmUgUm9vdCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# Entrust.net Premium 2048 Secure Server CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
 RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
@@ -2127,9 +1556,11 @@ U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf
 zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b
 u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
 bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
-fF6adulZkMV8gzURZVEwSzAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMD
-DClFbnRydXN0Lm5ldCBQcmVtaXVtIDIwNDggU2VjdXJlIFNlcnZlciBDQQ==
+fF6adulZkMV8gzURZVEwQTAUBggrBgEFBQcDBAYIKwYBBQUHAwEMKUVudHJ1c3Qu
+bmV0IFByZW1pdW0gMjA0OCBTZWN1cmUgU2VydmVyIENB
 -----END TRUSTED CERTIFICATE-----
+
+# Entrust Root Certification Authority - EC1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
 A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
@@ -2146,10 +1577,12 @@ ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH
 Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
 BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
 R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
-hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4GMEww
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwqRW50cnVzdCBSb290IENl
-cnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMx
+hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4GMEIw
+FAYIKwYBBQUHAwQGCCsGAQUFBwMBDCpFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkgLSBFQzE=
 -----END TRUSTED CERTIFICATE-----
+
+# Entrust Root Certification Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
@@ -2173,10 +1606,12 @@ jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ
 Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
 1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R
 nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
-VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9jBLMB4GCCsGAQUFBwME
-BggrBgEFBQcDAQYIKwYBBQUHAwMMKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eSAtIEcy
+VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9jBBMBQGCCsGAQUFBwME
+BggrBgEFBQcDAQwpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# Entrust Root Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
@@ -2205,73 +1640,8 @@ eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
 0vdXcDazv/wor3ElhVsT/h5/WrQ8MDIwCgYIKwYBBQUHAwEMJEVudHJ1c3QgUm9v
 dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFRTCCBK6gAwIBAgIED////zANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0ExIDAeBgkqhkiG9w0BCQEWEWluZm9AZGlnaW5vdGFyLm5sMB4XDTA2MTAwNDEw
-NTQxMloXDTExMTAwNDEwNTMxMlowYDELMAkGA1UEBhMCTkwxEjAQBgNVBAoTCURp
-Z2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFyIEN5YmVyIENBMSAwHgYJKoZIhvcN
-AQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
-AgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P89DS5+SxD52ATPXrjss87Z2yQrcC5
-P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXyXUte0dmHutZ9fPXOMp8QM8WxSrte
-kTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCIA6U/i5kTYUO1m4Kz7iBvz6FEouov
-a0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpcSQhdvd5wQbEPyWNr0380dAIvNFp4
-dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtBpcmM5r3qSLYFFgizNxJa92E89zhv
-Lpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2VVgIKgmCyc0XgMyZRdJq51FAc9k1b
-W1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJNEH3gW8/nsl8dVWw58Gzd+jDxAA1
-lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6uc8kpmp/3mQiRFhogmoQ+T3lPhu5
-vfwi9GAEibtVbShV+t6OjRshFNc3izR7TfayshDPM7F9HGKZSMsrbHaWVb8ZDR0f
-u2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0fc1zvrPtTsHR7VJej/e4142HrbLZ
-G1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kUxbHuWUOV36toKDA/AgMBAAGjggGG
-MIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMGA1UdIARMMEowSAYJKwYBBAGxPgEA
-MDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cucHVibGljLXRydXN0LmNvbS9DUFMv
-T21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMCAQYwgaAGA1UdIwSBmDCBlYAUpgwd
-n2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9H
-VEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNvbHV0aW9u
-cywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJvb3SCAgGl
-MEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0LmNvbS9j
-Z2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFKv5aN/PSjfXe0WMX3Le
-QETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9oa6VbB7pEZg4cqFwwezPkCiYE/O+e
-GjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4BJ98UAHV42mv7xXSRZskCSpmBU8l
-gcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE9r1TgSOWPbT6MopTZkQloiXGpjwl
-jPDgKAYityZBMIGYoG4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsG
-AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDBQYI
-KwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwmRXhwbGljaXRseSBEaXN0cnVz
-dCBEaWdpTm90YXIgQ3liZXIgQ0E=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFATCCBGqgAwIBAgIED////zANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0EwHhcNMDYwOTI3MTA1MzUzWhcNMTMwOTIwMDk0NDA3WjA+MQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMRswGQYDVQQDExJEaWdpTm90YXIgQ3liZXIg
-Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDSzhUKLahehGet/b7v
-RsfIuc9z/PQ0ufksQ+dgEz1647LPO2dskK3AuT+EUvA1Qtx03Cg7vVK0p6xyRRfG
-8InrtKol8l1LXtHZh7rWfXz1zjKfEDPFsUq7XpExwtDpQcKRZH4JQTvbiwg3aqrK
-Ut61OR7AiAOlP4uZE2FDtZuCs+4gb8+hRKLqL2tAn48rV62hU8KFImmdoD9R3wtB
-kQ2l4aiqXEkIXb3ecEGxD8lja9N/NHQCLzRaeHUcaHqBZ4rz2kDwYGP0kiDXA6Y9
-ox5nxIQbQaXJjOa96ki2BRYIszcSWvdhPPc4by6X4G9WOFTTKLWtFG4uS2S1J2W3
-dSUJtgc9lVYCCoJgsnNF4DMmUXSaudRQHPZNW1tSUhNapn+nDuHoQVRnmIyH1cnT
-bMvTVJIGCTRB94FvP57JfHVVsOfBs3fow8QANZVAcBBKBd4lu59ZpWS8R2C/YON2
-ixNV3eF0ernPJKZqf95kIkRYaIJqEPk95T4bub38IvRgBIm7VW0oVfrejo0bIRTX
-N4s0e032srIQzzOxfRximUjLK2x2llW/GQ0dH7tlqhuOmbXGKJDlgi14UCCa/Xkv
-JH/wiSlp9H3Nc76z7U7B0e1SXo/3uNeNh62y2RtREv9Ws+GvNH1cpHiIEJ6dA8al
-qqIkUfdJFMWx7llDld+raCgwPwIDAQABo4IBhjCCAYIwEgYDVR0TAQH/BAgwBgEB
-/wIBATBTBgNVHSAETDBKMEgGCSsGAQQBsT4BADA7MDkGCCsGAQUFBwIBFi1odHRw
-Oi8vd3d3LnB1YmxpYy10cnVzdC5jb20vQ1BTL09tbmlSb290Lmh0bWwwDgYDVR0P
-AQH/BAQDAgEGMIGgBgNVHSMEgZgwgZWAFKYMHZ9h/wcXtb84RttDMNWOsFIGoXmk
-dzB1MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYD
-VQQLEx5HVEUgQ3liZXJUcnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdU
-RSBDeWJlclRydXN0IEdsb2JhbCBSb290ggIBpTBFBgNVHR8EPjA8MDqgOKA2hjRo
-dHRwOi8vd3d3LnB1YmxpYy10cnVzdC5jb20vY2dpLWJpbi9DUkwvMjAxOC9jZHAu
-Y3JsMB0GA1UdDgQWBBSr+Wjfz0o313tFjF9y3kBEw2W7wjANBgkqhkiG9w0BAQUF
-AAOBgQAJymIPjbtK4NR6NSsGLdEoYbasAfuDSbyu1C8thq4Zg6XWHRPiF77+MnTp
-ehQ4ypRe9ykBaXEbkRr9o7uqHcp74hb9oaMO8wxfsuEgMZQrXpJ27frptSOmvwo7
-A6lvUmBUzV/pty98oif9QYN1tg37eCbzsUXpMpUqGjUhlcWidTCBnKBuBggrBgEF
-BQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsG
-AQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYI
-KwYBBQUHAwgMKkV4cGxpY2l0bHkgRGlzdHJ1c3QgRGlnaU5vdGFyIEN5YmVyIENB
-IDJuZA==
------END TRUSTED CERTIFICATE-----
+
+# Explicitly Distrust DigiNotar Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFijCCA3KgAwIBAgIQD////////////////////zANBgkqhkiG9w0BAQUFADBf
 MQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdp
@@ -2307,60 +1677,8 @@ BgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMG
 CCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcD
 CAwlRXhwbGljaXRseSBEaXN0cnVzdCBEaWdpTm90YXIgUm9vdCBDQQ==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDcTCCAtqgAwIBAgIED////zANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJO
-TDESMBAGA1UEChMJRGlnaU5vdGFyMSMwIQYDVQQDExpEaWdpTm90YXIgU2Vydmlj
-ZXMgMTAyNCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwHhcN
-MDcwNzI2MTU1OTAxWhcNMTMwODI2MTYyOTAxWjBoMQswCQYDVQQGEwJOTDESMBAG
-A1UEChMJRGlnaU5vdGFyMSMwIQYDVQQDExpEaWdpTm90YXIgU2VydmljZXMgMTAy
-NCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwgZ8wDQYJKoZI
-hvcNAQEBBQADgY0AMIGJAoGBANqbTV08+dHii8bGCCDF2R5I7GZYZ3liK0Fj9ImN
-aNqvuJQ2ixkkpKCT0pkPsq0tNU3NL2rh+ZsZK7wEGn4tPVJkzfE+Zw+JLujyT66m
-CKGF/qGpCebGqz5D/K96A5HapjmmYe6YTxio07OvZoLpn7zdcvkGBL0S2Rgk56uT
-U4tZAgMBAAGjggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4G
-CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAA
-MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
-dC5uZXQwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9z
-ZXJ2ZXIxLmNybDAdBgNVHQ4EFgQU/tyUSQxv71x/xvESmU8WSa37gmUwCwYDVR0P
-BAQDAgEGMB8GA1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2
-fQdBAAQMMAobBFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAGN0ajepP5acZshY
-rAnJ7/VllH+jAsQ4Mb1dI4fs1FayybJu5AUG/Oz1+ohwWdTu5t21eqCjYC8CDKve
-El2v8DVLqopHkRr1hSxCxx3vlUOzXriVk6XaxSiqrXItMa2Za2z/jCEnr62akSvH
-3VjDbgfFn3nSx4xVv0zHJ15RFis+MIGgoG4GCCsGAQUFBwMEBggrBgEFBQcDAQYI
-KwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwME
-BggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwuRXhwbGlj
-aXRseSBEaXN0cnVzdCBEaWdpTm90YXIgU2VydmljZXMgMTAyNCBDQQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEjjCCA3agAwIBAgIED////zANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJO
-TDEXMBUGA1UEChMORGlnaU5vdGFyIEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQ
-S0lvdmVyaGVpZCBDQSBPdmVyaGVpZCBlbiBCZWRyaWp2ZW4wHhcNMDcwNzA1MDg0
-MjA4WhcNMTUwNzI3MDgzOTQ3WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGln
-aU5vdGFyIEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBP
-dmVyaGVpZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQDcvdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6H
-Vcg+uwQ5AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalk
-LU3DL7nnUNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rm
-MgeUVAVTQ+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ
-/aB2jKx+ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC
-36esgl3HaLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0G
-BFUdIAAwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3Bz
-L3BraW92ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGA
-BgNVHSMEeTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMC
-TkwxHjAcBgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3Rh
-YXQgZGVyIE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCg
-LoYsaHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmww
-HQYDVR0OBBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IB
-AQAMlIcav03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+m
-riXiRWsiD7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X
-5HNhIxMmcUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZ
-hzizDXMU5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro
-5Ij76eUvBjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkeg
-llYOQJBRRKwa/fHuhR/3QlplMIGdoG4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYB
-BQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggr
-BgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwrRXhwbGljaXRs
-eSBEaXN0cnVzdGVkIERpZ2lOb3RhciBQS0lvdmVyaGVpZA==
------END TRUSTED CERTIFICATE-----
+
+# Explicitly Distrusted DigiNotar PKIoverheid G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGlTCCBH2gAwIBAgIED////zANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEXMBUGA1UECgwORGlnaU5vdGFyIEIuVi4xMjAwBgNVBAMMKURpZ2lOb3RhciBQ
@@ -2402,94 +1720,43 @@ AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDBQYI
 KwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAwuRXhwbGljaXRseSBEaXN0cnVz
 dGVkIERpZ2lOb3RhciBQS0lvdmVyaGVpZCBHMg==
 -----END TRUSTED CERTIFICATE-----
+
+# GDCA TrustAUTH R5 ROOT
 -----BEGIN TRUSTED CERTIFICATE-----
-MIIEkjCCA3qgAwIBAgIESTMAjjANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJD
-TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMTUwMzE5
-MDYyMDA5WhcNMTUwNDAzMDYyMDA5WjA8MQswCQYDVQQGEwJFRzETMBEGA1UECgwK
-TUNTSE9MRElORzEYMBYGA1UEAwwPTUNTSE9MRElORyBURVNUMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfl1DAau7gwRzZYzTWvOwEoMPV3r0ksJf+dH
-LKxxAPkIrzTxo2rH/OarztC+ys0qmJi50I4zSQdhINFaNM6DFAZ5jhq/2+SgODru
-lLmjoFg6iRSsYD4D1MfNOxywmogaSRCpsLL95ejhBOLqgm3+DFFFka11Iq7/T5AL
-wFNldz4ewla1NsbWhcwOgxozH3aZWyuXK4vX0RQVTJ1Z14AvpKKF1Yg2AmBVyljf
-k/xKYgeW08T6v40BJ5cvplx08TpCbl15FDAxGjzZsldN4Lg/D2kxop1lmdnWMYe1
-mCbf8Mu7FcAkE2JSGmvLRQeX48SUXskNRyzpz+n0j/414TLnMQIDAQABo4IBpDCC
-AaAwdgYIKwYBBQUHAQEEajBoMCkGCCsGAQUFBzABhh1odHRwOi8vb2NzcGNubmlj
-cm9vdC5jbm5pYy5jbjA7BggrBgEFBQcwAoYvaHR0cDovL3d3dy5jbm5pYy5jbi9k
-b3dubG9hZC9jZXJ0L0NOTklDUk9PVC5jZXIwHwYDVR0jBBgwFoAUZfIxrSr3991S
-lgrHAsEO76bVOxEwDwYDVR0TAQH/BAUwAwEB/zA/BgNVHSAEODA2MDQGCisGAQQB
-gekMAQYwJjAkBggrBgEFBQcCARYYaHR0cDovL3d3dy5jbm5pYy5jbi9jcHMvMIGG
-BgNVHR8EfzB9MEKgQKA+pDwwOjELMAkGA1UEBhMCQ04xDjAMBgNVBAoMBUNOTklD
-MQwwCgYDVQQLDANjcmwxDTALBgNVBAMMBGNybDEwN6A1oDOGMWh0dHA6Ly9jcmwu
-Y25uaWMuY24vZG93bmxvYWQvcm9vdHNoYTJjcmwvQ1JMMS5jcmwwCwYDVR0PBAQD
-AgEGMB0GA1UdDgQWBBREpImrFF89byA8qnz6Ga70SGAFtTANBgkqhkiG9w0BAQsF
-AAOCAQEAXLT1U5tPueCEiTG+ni7qniFLpY9toabzL0jr6dutHjGA0Hk7EO+aJPeT
-GzXzGsLHwiwKf29b8V9zkQT7DXkN6RoG1oP9TmCdbJJDTOpkmESr1/tH0K8fZEzi
-3XdoFsIsoaCBlwBCH34geOjGUB0LfxWTWVhAFITwp5BrNgVn6n8ibbvRpSZNszCk
-WNRbtRqMUIy4DeGgB7MPWM7XBbV9NXlvotsMACpoJIx+nMF2Sbp8ZhHe8kfO/tDO
-Vb4I2vJ5JioVOc5rGKbf2IcomZQOLWihms5SNpwr7LRos2wVrMtwQvLEQaXI/CF4
-U3cyIKkhTHLi07LJdhsYWEILQpKz5DCBlaBuBggrBgEFBQcDBAYIKwYBBQUHAwEG
-CCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcD
-BAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwgMI0V4cGxp
-Y2l0bHkgRGlzdHJ1c3RlZCBNQ1NIT0xESU5HIENB
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDzTCCAzagAwIBAgIGB///////MA0GCSqGSIb3DQEBBQUAMHUxCzAJBgNVBAYT
-AlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJl
-clRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3Qg
-R2xvYmFsIFJvb3QwHhcNMDcwNzE3MTUxNzQ5WhcNMTIwNzE3MTUxNjU1WjBjMQsw
-CQYDVQQGEwJNWTEbMBkGA1UEChMSRGlnaWNlcnQgU2RuLiBCaGQuMREwDwYDVQQL
-Ewg0NTc2MDgtSzEkMCIGA1UEAxMbRGlnaXNpZ24gU2VydmVyIElEIChFbnJpY2gp
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtqGRLTYfHhFm5+5BGoKaJwPH+
-1dpUgjcNmStFJgroVrB/yqj0jkeEAYIp47NqtZHz+5WFvHKoZOgKQJzF9HGue3tq
-B+qQFE+Nia+Uq7IG1AJqe5gfWbk6zVT6IN+yKgrpuN1pkMAp007Ql+1mzMUZSQZ/
-+l4sfHuFGzJC33uVJQIDAQABo4IBeDCCAXQwEgYDVR0TAQH/BAgwBgEB/wIBADBc
-BgNVHSAEVTBTMEgGCSsGAQQBsT4BADA7MDkGCCsGAQUFBwIBFi1odHRwOi8vY3li
-ZXJ0cnVzdC5vbW5pcm9vdC5jb20vcmVwb3NpdG9yeS5jZm0wBwYFYINKAQEwDgYD
-VR0PAQH/BAQDAgHmMIGJBgNVHSMEgYEwf6F5pHcwdTELMAkGA1UEBhMCVVMxGDAW
-BgNVBAoTD0dURSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3Qg
-U29sdXRpb25zLCBJbmMuMSMwIQYDVQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwg
-Um9vdIICAaUwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1
-c3QuY29tL2NnaS1iaW4vQ1JMLzIwMTgvY2RwLmNybDAdBgNVHQ4EFgQUxhaTThYX
-7BaujJR284ZtxXRuhHcwDQYJKoZIhvcNAQEFBQADgYEAdgB7pngrZh2OXjbGpI4F
-8iOSfJNn0/TACn2LLdnq1W8a8+FKKVoihE1QL0sM8v+FwntV1ESCvm2sZ468tB+S
-nFGAGhT2bqthiAutHH/3S1BR1mUbpkdxFV6wcfM1FPI3vWPI1fCTWjRf2D3oXffF
-HsDlzx+GJKk8B2bNwdI2Y1kwgaqgbgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsG
-AQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUFBwMIDDhFeHBsaWNpdGx5
-IERpc3RydXN0ZWQgTWFsYXlzaWFuIERpZ2ljZXJ0IFNkbi4gQmhkLiAoY3liKQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIE0DCCA7igAwIBAgIGB///////MA0GCSqGSIb3DQEBBQUAMIG0MRQwEgYDVQQK
-EwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4
-IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5
-OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2Vy
-dGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMB4XDTEwMDcxNjE3MjMzOFoXDTE1
-MDcxNjE3NTMzOFowZTELMAkGA1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNk
-bi4gQmhkLjERMA8GA1UECxMINDU3NjA4LUsxJjAkBgNVBAMTHURpZ2lzaWduIFNl
-cnZlciBJRCAtIChFbnJpY2gpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAxYnk9A0GQJJZxxqzNdEOTCoz+fivyp5/7rmnbWD0VOhv1ZvzG2MxBGhy0TQW
-jLQXLJfec8XYkBWgGiv1y7NIhkTwHYhMzkFCGu/1DN7+QNo5IPcGVTpqnUbB0m+l
-sshXPimjnODphXdm6JinJH6+wFkg5URvtlfYvs7CZXdYxmFB0XQEyH9JQsVyqXIW
-7ozdEl20StTRr1C32Kp1dmitPl2qMG1hqKsQWz4TvzPgr0SdOCJb70wvpnEmFSbK
-KIzZ+o6OqaIUNeKbJIi09H+FnYNPB6G2FJA2xDQcjSZhbRNveL7ojyfHS4SWo4Zo
-DCO+C+yMlACpBIoTkPffhWwMsQIDAQABo4IBNDCCATAwDgYDVR0PAQH/BAQDAgEG
-MBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUF
-BwMCBggrBgEFBQcDBDAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6
-Ly9vY3NwLmVudHJ1c3QubmV0MEQGA1UdIAQ9MDswOQYFYINKAQEwMDAuBggrBgEF
-BQcCARYiaHR0cDovL3d3dy5kaWdpY2VydC5jb20ubXkvY3BzLmh0bTAyBgNVHR8E
-KzApMCegJaAjhiFodHRwOi8vY3JsLmVudHJ1c3QubmV0LzIwNDhjYS5jcmwwEQYD
-VR0OBAoECExOzCUoAymBMB8GA1UdIwQYMBaAFFXkgdERgL7YibkIozH5oSQJFrlw
-MA0GCSqGSIb3DQEBBQUAA4IBAQCXTO9KOkmscvwwIGu0KVunxZUEkPky1cKFat4D
-oTf5iQCwWqxVfttDNf/JAfhRvswmyshqpMRUPiYe5wyjzZdnlN2mQutczY85eWsz
-eSEGefqCRBWZzMG3OdNGYnyycOtvziCqPhm36XSCnLSlS01hADfkh9LyFDpkfLip
-e2HgkyLn1Z8+R+Y2dqBT2AADOg+1M/6WytPSgjou3ddI4eSnacwc6ZlK58pwRdcL
-Bw6adRvQL5Jv9qQHw70cS6aEtn2omqnSpynxC1dpHpdXJuwrQ6zURYMFAOnj8EZA
-B/rqsVFzkxyl3VMRN8gqpxUnHbSqzH+qMTD8uEWfSAntEOLFMIGpoG4GCCsGAQUF
-BwMEBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB
-BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggr
-BgEFBQcDCAw3RXhwbGljaXRseSBEaXN0cnVzdGVkIE1hbGF5c2lhbiBEaWdpY2Vy
-dCBTZG4uIEJoZC4gKGVuKQ==
+MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w
+HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj
+Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj
+TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u
+KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj
+qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm
+MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12
+ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP
+zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk
+L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC
+jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA
+HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC
+AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg
+p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm
+DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5
+COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry
+L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf
+JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg
+IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io
+2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV
+09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ
+XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq
+T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe
+MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0jAkMAoGCCsGAQUFBwMBDBZHRENB
+IFRydXN0QVVUSCBSNSBST09U
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Global CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
 MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
@@ -2508,31 +1775,11 @@ Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
 tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
 PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
 hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
-5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMzA0MB4GCCsG
-AQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMEkdlb1RydXN0IEdsb2JhbCBDQQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bDA2MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMFEdl
-b1RydXN0IEdsb2JhbCBDQSAy
+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMzAqMBQGCCsG
+AQUFBwMEBggrBgEFBQcDAQwSR2VvVHJ1c3QgR2xvYmFsIENB
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
 MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
@@ -2548,10 +1795,11 @@ tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO
 BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG
 CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
 qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
-rD6ogRLQy7rQkgu2npaqBA+KME8wHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
-IEcy
+rD6ogRLQy7rQkgu2npaqBA+KMEUwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDC1HZW9U
+cnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
 mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
@@ -2574,10 +1822,11 @@ zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN
 kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD
 AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
 SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
-spki4cErx5z481+oghLrGREtME8wHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
-IEcz
+spki4cErx5z481+oghLrGREtMEUwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDC1HZW9U
+cnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Primary Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
 MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
@@ -2600,6 +1849,8 @@ UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
 AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6VkwNjAKBggrBgEFBQcDAQwo
 R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Universal CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
@@ -2629,10 +1880,11 @@ QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW
 koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9
 ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
 DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
-bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iwwNzAe
-BggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBVHZW9UcnVzdCBVbml2ZXJz
-YWwgQ0E=
+bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iwwLTAU
+BggrBgEFBQcDBAYIKwYBBQUHAwEMFUdlb1RydXN0IFVuaXZlcnNhbCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# GeoTrust Universal CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
@@ -2663,9 +1915,11 @@ GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m
 OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
 6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
 QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
-MDkwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwXR2VvVHJ1c3QgVW5p
-dmVyc2FsIENBIDI=
+MC8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBdHZW9UcnVzdCBVbml2ZXJzYWwgQ0Eg
+Mg==
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
@@ -2677,9 +1931,11 @@ FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw
 DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F
 uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
 kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
-ewv4n4QwPTAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBtHbG9iYWxT
-aWduIEVDQyBSb290IENBIC0gUjQ=
+ewv4n4QwMzAUBggrBgEFBQcDBAYIKwYBBQUHAwEMG0dsb2JhbFNpZ24gRUNDIFJv
+b3QgQ0EgLSBSNA==
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign ECC Root CA - R5
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
 MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
@@ -2692,9 +1948,11 @@ hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
 VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI
 KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
 515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
-xwy8p2Fp8fc74SrL+SvzZpA3MD0wHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1
+xwy8p2Fp8fc74SrL+SvzZpA3MDMwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBtHbG9i
+YWxTaWduIEVDQyBSb290IENBIC0gUjU=
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign Root CA - R2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
@@ -2715,10 +1973,11 @@ J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
 291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
 ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
 AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLjA5
-MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMF0dsb2JhbFNpZ24gUm9v
-dCBDQSAtIFIy
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLjAv
+MBQGCCsGAQUFBwMEBggrBgEFBQcDAQwXR2xvYmFsU2lnbiBSb290IENBIC0gUjI=
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign Root CA - R3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
@@ -2738,9 +1997,11 @@ jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK
 6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX
 mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
 Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
-WD9fMDkwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwXR2xvYmFsU2ln
-biBSb290IENBIC0gUjM=
+WD9fMC8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBdHbG9iYWxTaWduIFJvb3QgQ0Eg
+LSBSMw==
 -----END TRUSTED CERTIFICATE-----
+
+# GlobalSign Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
 A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
@@ -2760,9 +2021,11 @@ yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
 38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
 AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
 DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
-HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4DA0MB4GCCsGAQUFBwMEBggrBgEFBQcD
-AQYIKwYBBQUHAwMMEkdsb2JhbFNpZ24gUm9vdCBDQQ==
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4DAqMBQGCCsGAQUFBwMEBggrBgEFBQcD
+AQwSR2xvYmFsU2lnbiBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# Global Chambersign Root - 2008
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
@@ -2802,10 +2065,12 @@ SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O
 AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso
 M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
 v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
-09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/BMEAw
-HgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwweR2xvYmFsIENoYW1iZXJz
-aWduIFJvb3QgLSAyMDA4
+09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/BMDYw
+FAYIKwYBBQUHAwQGCCsGAQUFBwMBDB5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAt
+IDIwMDg=
 -----END TRUSTED CERTIFICATE-----
+
+# Go Daddy Class 2 CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
 MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
@@ -2828,9 +2093,11 @@ OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
 TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
 HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
 dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
-ReYNnyicsbkqWletNw+vHX/bvZ8wNTAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsG
-AQUFBwMDDBNHbyBEYWRkeSBDbGFzcyAyIENB
+ReYNnyicsbkqWletNw+vHX/bvZ8wKzAUBggrBgEFBQcDBAYIKwYBBQUHAwEME0dv
+IERhZGR5IENsYXNzIDIgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Go Daddy Root Certificate Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
@@ -2852,9 +2119,11 @@ WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu
 gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo
 2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO
 LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI
-4uJEvlz36hz1MEAwFAYIKwYBBQUHAwEGCCsGAQUFBwMDDChHbyBEYWRkeSBSb290
-IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
+4uJEvlz36hz1MDYwCgYIKwYBBQUHAwEMKEdvIERhZGR5IFJvb3QgQ2VydGlmaWNh
+dGUgQXV0aG9yaXR5IC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions ECC RootCA 2015
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN
 BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
@@ -2874,6 +2143,8 @@ TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKRMFMwFAYIKwYB
 BQUHAwQGCCsGAQUFBwMBDDtIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2gg
 SW5zdGl0dXRpb25zIEVDQyBSb290Q0EgMjAxNQ==
 -----END TRUSTED CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2011
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
 RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
@@ -2897,10 +2168,12 @@ A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p
 TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7
 dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
 Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
-l7WdmplNsDz4SgCbZN2fOUvRJ9e4MFkwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggr
-BgEFBQcDAww3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0
-aW9ucyBSb290Q0EgMjAxMQ==
+l7WdmplNsDz4SgCbZN2fOUvRJ9e4ME8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDDdI
+ZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RD
+QSAyMDEx
 -----END TRUSTED CERTIFICATE-----
+
+# Hellenic Academic and Research Institutions RootCA 2015
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix
 DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k
@@ -2937,6 +2210,8 @@ e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0
 vm9qp/UsQu0yrbYhnr68ME8wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDDdIZWxsZW5p
 YyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDE1
 -----END TRUSTED CERTIFICATE-----
+
+# Hongkong Post Root CA 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx
 FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
@@ -2957,6 +2232,8 @@ EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
 fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
 AmvZWjAlMAoGCCsGAQUFBwMBDBdIb25na29uZyBQb3N0IFJvb3QgQ0EgMQ==
 -----END TRUSTED CERTIFICATE-----
+
+# ISRG Root X1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
 TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
@@ -2989,6 +2266,8 @@ mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
 emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCcw
 GjAKBggrBgEFBQcDAQwMSVNSRyBSb290IFgx
 -----END TRUSTED CERTIFICATE-----
+
+# IdenTrust Commercial Root CA 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
@@ -3021,6 +2300,8 @@ mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
 7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6HMDYwFAYIKwYBBQUH
 AwQGCCsGAQUFBwMBDB5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDE=
 -----END TRUSTED CERTIFICATE-----
+
+# IdenTrust Public Sector Root CA 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
@@ -3054,6 +2335,8 @@ GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
 KwYBBQUHAwQGCCsGAQUFBwMBDCFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290
 IENBIDE=
 -----END TRUSTED CERTIFICATE-----
+
+# Izenpe.com
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4
 MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
@@ -3086,9 +2369,11 @@ LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb
 UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/
 QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+
 naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
-QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxzAiMBQGCCsGAQUF
-BwMBBggrBgEFBQcDAwwKSXplbnBlLmNvbQ==
+QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxzAYMAoGCCsGAQUF
+BwMBDApJemVucGUuY29t
 -----END TRUSTED CERTIFICATE-----
+
+# LuxTrust Global Root 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL
 BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV
@@ -3123,34 +2408,8 @@ x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6
 oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrrMCQwCgYIKwYB
 BQUHAwEMFkx1eFRydXN0IEdsb2JhbCBSb290IDI=
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEMjCCA5ugAwIBAgIBQjANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEc
-MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBT
-ZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTA0MDczMTAwMDAwMVoXDTA0
-MDkwMjAwMDAwMVowPDE6MDgGA1UEAxMxTUQ1IENvbGxpc2lvbnMgSW5jLiAoaHR0
-cDovL3d3dy5waHJlZWRvbS5vcmcvbWQ1KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
-gYkCgYEAuqZZySwo1iqw+O2fRqSkN+4OGWhZ0bMDmVHWFppeN2sV4A5L9YRk+KPb
-QW811ZsVH9vEOFJwgZdej6C193458DKsHq1E0rP6SMPOkZvs9Jx84Vr1yDdrmoPe
-58oglzFCcxWRaPSIr/koKMXpD3OwF0sTTJl10ETmfghsGvJPG0ECAwEAAaOCAiQw
-ggIgMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSnBGAf
-q3JDCMV/CJBVVhzWzuY46zAfBgNVHSMEGDAWgBS+qKB0clBrRLfJI9j7qP+zV2to
-bDCCAb4GCWCGSAGG+EIBDQSCAa8WggGrMwAAACdeOeCJYQ9Oo8VFCza7AdFTqsMI
-j2/4Tz6Hh0QR3GDg35JV+bhzG1STxZ/QRsRgtjVizbmvHKhpGslbPJY3wO1n77v+
-wIucUC8pvYMino4I+qwTcKJYf2JiihH3ifbftmdZcxb7YxaKtJE4zi71tr5MpJRJ
-5GURCkIVycEw4mnVRX2lJru5YexiZPA54ee8aNhQUZ4dYNPRo6cK+AMgoXABF5E2
-TwJwMYaD3fcP2AcdEbMTBKXc8K5QsSgOY2kqDIJvj0cz32yiBpLxT0W+2TA2oyuM
-1neuNWN/Tkyak0g22Z8CAwEAAaOBvTCBujAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0O
-BBYEFM2mg/qlYDf3ljcXKd5BePGHiVXnMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6
-Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybHMvZ2xvYmFsY2ExLmNybDAfBgNVHSMEGDAW
-gBS+qKB0clBrRLfJI9j7qP+zV2tobDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
-BQUHAwIwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQCnIQKN0Q6igHcl
-/UNgFY/s75BH1IRCFSYRHM3CPBApqbbfq1d1kdrlK7OQRRwwY1Y/itlQ+u1YbMBl
-rGZX3hzGdjv1AA6ORc5/TJDsK8bNs7SPYtD+t8UmckTt9phbrsvRlfXaCL5oRrF1
-yOwdjx56lPGqU3iiRa5U6tGedMh2ZzCBlaBuBggrBgEFBQcDBAYIKwYBBQUHAwEG
-CCsGAQUFBwMDBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcD
-BAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwgMI01ENSBD
-b2xsaXNpb25zIEZvcmdlZCBSb2d1ZSBDQSAyNWMz
------END TRUSTED CERTIFICATE-----
+
+# Microsec e-Szigno Root CA 2009
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
 VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
@@ -3173,9 +2432,11 @@ mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk
 ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775
 tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
 2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
-HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCWMEAwHgYIKwYBBQUHAwQGCCsG
-AQUFBwMBBggrBgEFBQcDAwweTWljcm9zZWMgZS1Temlnbm8gUm9vdCBDQSAyMDA5
+HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCWMDYwFAYIKwYBBQUHAwQGCCsG
+AQUFBwMBDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDk=
 -----END TRUSTED CERTIFICATE-----
+
+# NetLock Arany (Class Gold) Főtanúsítvány
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
 EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
@@ -3198,10 +2459,12 @@ bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C
 +C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC
 bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
 uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
-XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7EwTjAeBggr
-BgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDCxOZXRMb2NrIEFyYW55IChDbGFz
-cyBHb2xkKSBGxZF0YW7DunPDrXR2w6FueQ==
+XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7EwRDAUBggr
+BgEFBQcDBAYIKwYBBQUHAwEMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbF
+kXRhbsO6c8OtdHbDoW55
 -----END TRUSTED CERTIFICATE-----
+
+# Network Solutions Certificate Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
 MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
@@ -3227,6 +2490,8 @@ pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1eyMDUwCgYI
 KwYBBQUHAwEMJ05ldHdvcmsgU29sdXRpb25zIENlcnRpZmljYXRlIEF1dGhvcml0
 eQ==
 -----END TRUSTED CERTIFICATE-----
+
+# OISTE WISeKey Global Root GA CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB
 ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly
@@ -3252,6 +2517,8 @@ Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
 /L7fCg0wNzAUBggrBgEFBQcDBAYIKwYBBQUHAwEMH09JU1RFIFdJU2VLZXkgR2xv
 YmFsIFJvb3QgR0EgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# OISTE WISeKey Global Root GB CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
 MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
@@ -3272,10 +2539,12 @@ cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5
 gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO
 ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
 aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
-Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBMwQTAeBggr
-BgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDB9PSVNURSBXSVNlS2V5IEdsb2Jh
-bCBSb290IEdCIENB
+Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBMwNzAUBggr
+BgEFBQcDBAYIKwYBBQUHAwEMH09JU1RFIFdJU2VLZXkgR2xvYmFsIFJvb3QgR0Ig
+Q0E=
 -----END TRUSTED CERTIFICATE-----
+
+# OpenTrust Root CA G1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -3309,6 +2578,8 @@ AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj
 1oxxMCwwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBRPcGVuVHJ1c3QgUm9vdCBDQSBH
 MQ==
 -----END TRUSTED CERTIFICATE-----
+
+# OpenTrust Root CA G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA
 MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
@@ -3342,6 +2613,8 @@ WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM
 S1IKMCwwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBRPcGVuVHJ1c3QgUm9vdCBDQSBH
 Mg==
 -----END TRUSTED CERTIFICATE-----
+
+# OpenTrust Root CA G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx
 CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U
@@ -3357,60 +2630,8 @@ j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx
 4nxp5V2a+EEfOzmTk51V6s2N8fvBMCwwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBRP
 cGVuVHJ1c3QgUm9vdCBDQSBHMw==
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
-YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
-dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
-aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
-IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
-KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
-MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
-b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
-KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
-A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
-aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
-7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
-BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
-ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
-JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
-PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
-0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
-6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
-v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
-K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
-bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
-MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
-MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
-gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
-b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
-bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
-cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
-ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
-ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
-hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
-AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
-MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
-RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
-UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
-cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
-AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
-AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
-1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
-3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
-Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
-HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
-pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
-sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
-qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
-mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
-opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
-YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2KmMCwwHgYI
-KwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwKUFNDUHJvY2VydA==
------END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 1 G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -3440,9 +2661,11 @@ b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2
 NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj
 ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
 q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
-nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXDMDcwHgYIKwYBBQUH
-AwQGCCsGAQUFBwMBBggrBgEFBQcDAwwVUXVvVmFkaXMgUm9vdCBDQSAxIEcz
+nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXDMC0wFAYIKwYBBQUH
+AwQGCCsGAQUFBwMBDBVRdW9WYWRpcyBSb290IENBIDEgRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
 TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
@@ -3475,9 +2698,10 @@ fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
 cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
 mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
 xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
-SnQ2+TAyMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMEFF1b1ZhZGlz
-IFJvb3QgQ0E=
+SnQ2+TAoMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwQUXVvVmFkaXMgUm9vdCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -3509,9 +2733,11 @@ TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD
 mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z
 ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
 4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
-8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0uMDQwHgYIKwYBBQUHAwQGCCsGAQUF
-BwMBBggrBgEFBQcDAwwSUXVvVmFkaXMgUm9vdCBDQSAy
+8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0uMCowFAYIKwYBBQUHAwQGCCsGAQUF
+BwMBDBJRdW9WYWRpcyBSb290IENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 2 G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -3541,9 +2767,11 @@ csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd
 dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg
 KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM
 HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4
-WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+MMC0wFAYIKwYBBQUH
-AwEGCCsGAQUFBwMDDBVRdW9WYWRpcyBSb290IENBIDIgRzM=
+WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+MMCMwCgYIKwYBBQUH
+AwEMFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMw==
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
 GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
@@ -3580,9 +2808,11 @@ k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s
 zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j
 Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
 mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
-4SVhM7JZG+Ju1zdXtg2pEtowNDAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUF
-BwMDDBJRdW9WYWRpcyBSb290IENBIDM=
+4SVhM7JZG+Ju1zdXtg2pEtowKjAUBggrBgEFBQcDBAYIKwYBBQUHAwEMElF1b1Zh
+ZGlzIFJvb3QgQ0EgMw==
 -----END TRUSTED CERTIFICATE-----
+
+# QuoVadis Root CA 3 G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
 BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
@@ -3612,9 +2842,11 @@ u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP
 8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+
 DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
 PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
-ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0MDcwHgYIKwYBBQUH
-AwQGCCsGAQUFBwMBBggrBgEFBQcDAwwVUXVvVmFkaXMgUm9vdCBDQSAzIEcz
+ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0MC0wFAYIKwYBBQUH
+AwQGCCsGAQUFBwMBDBVRdW9WYWRpcyBSb290IENBIDMgRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# S-TRUST Universal Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB
 hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl
@@ -3639,6 +2871,122 @@ UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq
 KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHjAnMAoGCCsGAQUFBwMEDBlTLVRS
 VVNUIFVuaXZlcnNhbCBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority ECC
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx
+NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv
+bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA
+VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku
+WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX
+5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ
+ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg
+h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSjA5MAoGCCsG
+AQUFBwMBDCtTU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+RUND
+-----END TRUSTED CERTIFICATE-----
+
+# SSL.com EV Root Certification Authority RSA R2
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy
+MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD
+DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4
+9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW
+s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5
+Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg
+cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM
+79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz
+/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt
+ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm
+Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK
+QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ
+w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi
+S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07
+mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+zA8MAoGCCsGAQUFBwMBDC5T
+U0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+-----END TRUSTED CERTIFICATE-----
+
+# SSL.com Root Certification Authority ECC
+-----BEGIN TRUSTED CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz
+WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0
+b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI
+7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg
+CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud
+EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD
+VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T
+kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+
+gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5WplMEAwFAYIKwYBBQUHAwQG
+CCsGAQUFBwMBDChTU0wuY29tIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+RUND
+-----END TRUSTED CERTIFICATE-----
+
+# SSL.com Root Certification Authority RSA
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz
+OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R
+xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX
+qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC
+C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3
+6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh
+/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF
+YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E
+JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc
+US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8
+ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm
++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi
+M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV
+cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc
+Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs
+PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/
+q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0
+cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr
+a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I
+H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y
+K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu
+nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf
+oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY
+Ic2wBlX7Jz9TkHCpBB5XJ7kwQDAUBggrBgEFBQcDBAYIKwYBBQUHAwEMKFNTTC5j
+b20gUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0E=
+-----END TRUSTED CERTIFICATE-----
+
+# SZAFIR ROOT CA2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL
 BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6
@@ -3661,6 +3009,8 @@ d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg
 LvWpCz/UXeHPhJ/iGcJfitYgHuNztzAnMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwP
 U1pBRklSIFJPT1QgQ0Ey
 -----END TRUSTED CERTIFICATE-----
+
+# SecureSign RootCA11
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr
 MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG
@@ -3683,6 +3033,8 @@ pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN
 QSdJQO7e5iNEOdyhIta6A/IwITAKBggrBgEFBQcDAQwTU2VjdXJlU2lnbiBSb290
 Q0ExMQ==
 -----END TRUSTED CERTIFICATE-----
+
+# SecureTrust CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -3703,9 +3055,11 @@ NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3
 3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm
 D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
 CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
-3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jEwJjAU
-BggrBgEFBQcDAQYIKwYBBQUHAwMMDlNlY3VyZVRydXN0IENB
+3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jEwHDAK
+BggrBgEFBQcDAQwOU2VjdXJlVHJ1c3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
+
+# Secure Global CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
 MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
@@ -3727,31 +3081,10 @@ H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm
 I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
 iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
 f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
-MDIwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwQU2VjdXJlIEdsb2Jh
-bCBDQQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDEl
-MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMh
-U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIz
-MloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09N
-IFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNlY3VyaXR5IENvbW11
-bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSE
-RMqm4miO/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gO
-zXppFodEtZDkBp2uoQSXWHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5
-bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4zZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDF
-MxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4bepJz11sS6/vmsJWXMY1
-VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK9U2vP9eC
-OKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HW
-tWS3irO4G8za+6xmiEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZ
-q51ihPZRwSzJIxXYKLerJRO1RuGGAv8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDb
-EJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnWmHyojf6GPgcWkuF75x3sM3Z+
-Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEWT1MKZPlO9L9O
-VL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490MC8wCgYIKwYBBQUHAwEM
-IVNlY3VyaXR5IENvbW11bmljYXRpb24gRVYgUm9vdENBMQ==
+MCgwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBBTZWN1cmUgR2xvYmFsIENB
 -----END TRUSTED CERTIFICATE-----
+
+# Security Communication RootCA2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
 MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
@@ -3771,9 +3104,11 @@ coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc
 okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8
 t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
 1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
-SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03MEAwHgYIKwYBBQUHAwQGCCsGAQUF
-BwMBBggrBgEFBQcDAwweU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0Ey
+SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03MDYwFAYIKwYBBQUHAwQGCCsGAQUF
+BwMBDB5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTI=
 -----END TRUSTED CERTIFICATE-----
+
+# Security Communication Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
 MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
@@ -3792,10 +3127,12 @@ kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr
 Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5
 Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
 JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
-RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAzBA
-MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMHlNlY3VyaXR5IENvbW11
-bmljYXRpb24gUm9vdCBDQQ==
+RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAzA2
+MBQGCCsGAQUFBwMEBggrBgEFBQcDAQweU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBS
+b290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# Sonera Class 2 Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
 MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
@@ -3816,6 +3153,8 @@ Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
 ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9MMC4wFAYIKwYBBQUH
 AwQGCCsGAQUFBwMBDBZTb25lcmEgQ2xhc3MgMiBSb290IENB
 -----END TRUSTED CERTIFICATE-----
+
+# Staat der Nederlanden EV Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh
@@ -3849,6 +3188,8 @@ FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
 7uzXLjAuMAoGCCsGAQUFBwMBDCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9v
 dCBDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -3880,10 +3221,12 @@ vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm
 bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk
 N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
 Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
-ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KATBE
-MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMIlN0YWF0IGRlciBOZWRl
-cmxhbmRlbiBSb290IENBIC0gRzI=
+ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KATA6
+MBQGCCsGAQUFBwMEBggrBgEFBQcDAQwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv
+b3QgQ0EgLSBHMg==
 -----END TRUSTED CERTIFICATE-----
+
+# Staat der Nederlanden Root CA - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
 TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
@@ -3917,6 +3260,8 @@ QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
 94B7IWcnMFkwOjAUBggrBgEFBQcDBAYIKwYBBQUHAwEMIlN0YWF0IGRlciBOZWRl
 cmxhbmRlbiBSb290IENBIC0gRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# Starfield Class 2 CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
 MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
@@ -3939,9 +3284,11 @@ L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
 eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
 xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
 VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
-WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5QwNjAeBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDDBRTdGFyZmllbGQgQ2xhc3MgMiBDQQ==
+WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5QwLDAUBggrBgEFBQcD
+BAYIKwYBBQUHAwEMFFN0YXJmaWVsZCBDbGFzcyAyIENB
 -----END TRUSTED CERTIFICATE-----
+
+# Starfield Root Certificate Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3963,10 +3310,11 @@ sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3
 4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg
 8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K
 pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1
-mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0MEEwFAYIKwYBBQUHAwEG
-CCsGAQUFBwMDDClTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkg
-LSBHMg==
+mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0MDcwCgYIKwYBBQUHAwEM
+KVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
 -----END TRUSTED CERTIFICATE-----
+
+# Starfield Services Root Certificate Authority - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
@@ -3989,132 +3337,11 @@ ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z
 qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd
 iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn
 0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN
-sSi6MEowFAYIKwYBBQUHAwEGCCsGAQUFBwMDDDJTdGFyZmllbGQgU2VydmljZXMg
-Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14wQjAeBggrBgEFBQcDBAYIKwYB
-BQUHAwEGCCsGAQUFBwMDDCBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
-eQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
-F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
-ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
-ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
-aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
-YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
-c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
-d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
-CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
-dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
-wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
-Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
-0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
-pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
-CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
-P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
-1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
-KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
-8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
-fyWl8kgAwKQB2j8wQjAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDCBT
-dGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
-OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
-A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
-CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
-JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
-vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
-D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
-Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
-RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
-HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
-nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
-0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
-UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
-Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
-TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
-BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
-UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
-6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
-9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
-HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
-wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
-XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
-IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
-hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
-so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddIMEUwHgYIKwYB
-BQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwjU3RhcnRDb20gQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkgRzI=
+sSi6MEAwCgYIKwYBBQUHAwEMMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRp
+ZmljYXRlIEF1dGhvcml0eSAtIEcy
 -----END TRUSTED CERTIFICATE-----
+
+# SwissSign Gold CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
@@ -4146,9 +3373,11 @@ hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3
 92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp
 Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
 ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
-Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJMDgwHgYIKwYBBQUHAwQGCCsG
-AQUFBwMBBggrBgEFBQcDAwwWU3dpc3NTaWduIEdvbGQgQ0EgLSBHMg==
+Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJMC4wFAYIKwYBBQUHAwQGCCsG
+AQUFBwMBDBZTd2lzc1NpZ24gR29sZCBDQSAtIEcy
 -----END TRUSTED CERTIFICATE-----
+
+# SwissSign Platinum CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu
@@ -4180,9 +3409,11 @@ puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa
 icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG
 DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x
 kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z
-Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0jAyMBQGCCsGAQUF
-BwMEBggrBgEFBQcDAwwaU3dpc3NTaWduIFBsYXRpbnVtIENBIC0gRzI=
+Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0jAoMAoGCCsGAQUF
+BwMEDBpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMg==
 -----END TRUSTED CERTIFICATE-----
+
+# SwissSign Silver CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
 BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
@@ -4214,44 +3445,11 @@ em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR
 dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/
 OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
 hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
-tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5uMDowHgYIKwYBBQUHAwQG
-CCsGAQUFBwMBBggrBgEFBQcDAwwYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcy
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHDA0MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMM
-ElN3aXNzY29tIFJvb3QgQ0EgMQ==
+tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5uMDAwFAYIKwYBBQUHAwQG
+CCsGAQUFBwMBDBhTd2lzc1NpZ24gU2lsdmVyIENBIC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# Swisscom Root CA 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
 MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
@@ -4284,44 +3482,10 @@ Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W
 t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
 8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2
 9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
-wSsSnqaeG8XmDtkx2TA0MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMM
-ElN3aXNzY29tIFJvb3QgQ0EgMg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
-ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
-dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
-IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
-VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
-dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
-MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
-UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
-1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
-oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
-HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
-5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
-idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
-OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
-NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
-46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
-UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
-7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
-A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
-MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
-bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
-XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
-PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
-Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
-WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
-Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
-7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
-nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
-vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
-WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
-fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
-I+2ksx0WckNLIOFZfsLorSa/ovcwLTAUBggrBgEFBQcDAQYIKwYBBQUHAwMMFVN3
-aXNzY29tIFJvb3QgRVYgQ0EgMg==
+wSsSnqaeG8XmDtkx2TAgMAoGCCsGAQUFBwMEDBJTd2lzc2NvbSBSb290IENBIDI=
 -----END TRUSTED CERTIFICATE-----
+
+# Symantec Class 1 Public Primary Certification Authority - G4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL
 MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
@@ -4340,6 +3504,8 @@ axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No
 8gxFSTm/mQQc0xCgMEowCgYIKwYBBQUHAwQMPFN5bWFudGVjIENsYXNzIDEgUHVi
 bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNA==
 -----END TRUSTED CERTIFICATE-----
+
+# Symantec Class 1 Public Primary Certification Authority - G6
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB
 lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
@@ -4365,6 +3531,8 @@ DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0
 0jPg/73RVDkpDzBKMAoGCCsGAQUFBwMEDDxTeW1hbnRlYyBDbGFzcyAxIFB1Ymxp
 YyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzY=
 -----END TRUSTED CERTIFICATE-----
+
+# Symantec Class 2 Public Primary Certification Authority - G4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL
 MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
@@ -4383,6 +3551,8 @@ S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9//
 KabYR9mglhjb8kWzMEowCgYIKwYBBQUHAwQMPFN5bWFudGVjIENsYXNzIDIgUHVi
 bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNA==
 -----END TRUSTED CERTIFICATE-----
+
+# Symantec Class 2 Public Primary Certification Authority - G6
 -----BEGIN TRUSTED CERTIFICATE-----
 MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB
 lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
@@ -4408,6 +3578,8 @@ KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+
 b/xa5IJVWa8xqTBKMAoGCCsGAQUFBwMEDDxTeW1hbnRlYyBDbGFzcyAyIFB1Ymxp
 YyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzY=
 -----END TRUSTED CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -4432,6 +3604,8 @@ g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
 BSeOE6FuwjA0MBQGCCsGAQUFBwMEBggrBgEFBQcDAQwcVC1UZWxlU2VjIEdsb2Jh
 bFJvb3QgQ2xhc3MgMg==
 -----END TRUSTED CERTIFICATE-----
+
+# T-TeleSec GlobalRoot Class 3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
 KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
@@ -4456,6 +3630,8 @@ e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p
 TpPDpFQUWzAqMAoGCCsGAQUFBwMBDBxULVRlbGVTZWMgR2xvYmFsUm9vdCBDbGFz
 cyAz
 -----END TRUSTED CERTIFICATE-----
+
+# TC TrustCenter Class 3 CA II
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL
 MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV
@@ -4484,6 +3660,8 @@ g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB
 S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5DAq
 MAoGCCsGAQUFBwMEDBxUQyBUcnVzdENlbnRlciBDbGFzcyAzIENBIElJ
 -----END TRUSTED CERTIFICATE-----
+
+# TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx
 GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp
@@ -4511,33 +3689,8 @@ lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c
 lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeMwOzAKBggrBgEFBQcDAQwtVFVCSVRBSyBL
 YW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kgLSBTdXJ1bSAx
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
-S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
-SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
-OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
-b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
-VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
-sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
-ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
-KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
-+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
-HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
-IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
-733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
-Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
-AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
-aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
-mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
-XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
-qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9MEkwFAYIKwYBBQUHAwEG
-CCsGAQUFBwMDDDFUVVJLVFJVU1QgQ2VydGlmaWNhdGUgU2VydmljZXMgUHJvdmlk
-ZXIgUm9vdCAyMDA3
------END TRUSTED CERTIFICATE-----
+
+# TWCA Global Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
 EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
@@ -4567,9 +3720,11 @@ nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh
 nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j
 wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
 aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
-KwbQBM0wNTAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMDDBNUV0NBIEds
-b2JhbCBSb290IENB
+KwbQBM0wKzAUBggrBgEFBQcDBAYIKwYBBQUHAwEME1RXQ0EgR2xvYmFsIFJvb3Qg
+Q0E=
 -----END TRUSTED CERTIFICATE-----
+
+# TWCA Root Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
 MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
@@ -4589,10 +3744,11 @@ MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls
 XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D
 lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
 aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
-YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8HrzBDMB4GCCsGAQUFBwMEBggr
-BgEFBQcDAQYIKwYBBQUHAwMMIVRXQ0EgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhv
-cml0eQ==
+YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8HrzA5MBQGCCsGAQUFBwMEBggr
+BgEFBQcDAQwhVFdDQSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# Taiwan GRCA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
 MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
@@ -4623,9 +3779,10 @@ nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX
 udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz
 ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
 LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
-pYYsfPQSMC0wHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwLVGFpd2Fu
-IEdSQ0E=
+pYYsfPQSMCMwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDAtUYWl3YW4gR1JDQQ==
 -----END TRUSTED CERTIFICATE-----
+
+# TeliaSonera Root CA v1
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw
 NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
@@ -4657,6 +3814,102 @@ HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx
 SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVYwLjAU
 BggrBgEFBQcDBAYIKwYBBQUHAwEMFlRlbGlhU29uZXJhIFJvb3QgQ0EgdjE=
 -----END TRUSTED CERTIFICATE-----
+
+# TrustCor ECA-1
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig
+RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb
+3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA
+BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5
+3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou
+owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/
+wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF
+ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf
+BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv
+civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2
+AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50
+soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI
+WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi
+tJ/X5jAmMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwOVHJ1c3RDb3IgRUNBLTE=
+-----END TRUSTED CERTIFICATE-----
+
+# TrustCor RootCert CA-1
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB
+pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h
+IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG
+A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU
+cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid
+RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V
+seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme
+9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV
+EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW
+hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I
+/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ
+yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts
+L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN
+zl/HHk484IkzlQsPpTLWPFp5LBkwLjAUBggrBgEFBQcDBAYIKwYBBQUHAwEMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTE=
+-----END TRUSTED CERTIFICATE-----
+
+# TrustCor RootCert CA-2
+-----BEGIN TRUSTED CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg
+Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD
+VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+
+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq
+1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp
+2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK
+DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape
+az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF
+3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88
+oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM
+g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3
+mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd
+BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U
+nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
+dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+
+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL
+/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX
+CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa
+ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW
+2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7
+N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3
+Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB
+As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp
+5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu
+1uwJMC4wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBZUcnVzdENvciBSb290Q2VydCBD
+QS0y
+-----END TRUSTED CERTIFICATE-----
+
+# Trustis FPS Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
 MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
@@ -4679,39 +3932,8 @@ jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
 ZetX2fNXlrtIzYEwKzAUBggrBgEFBQcDBAYIKwYBBQUHAwEME1RydXN0aXMgRlBT
 IFJvb3QgQ0E=
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
-MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
-bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
-VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
-YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
-dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
-ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
-Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
-GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
-aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
-QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
-xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
-aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
-IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
-gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
-O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
-fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
-lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
-hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
-AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
-NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
-wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
-7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
-gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
-oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
-yZyQ2uypQjyttgIwgZUwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDH1UXHhjM1x4OWNc
-eDQyXHhDNFx4QjBUQUsgVUVLQUUgS1x4QzNceEI2ayBTZXJ0aWZpa2EgSGl6bWV0
-IFNhXHhDNFx4OUZsYXlceGM0XHhiMVx4NjNceGM0XHhiMXNceGM0XHhiMSAtIFNc
-eEMzXHhCQ3JceEMzXHhCQ20gMw==
------END TRUSTED CERTIFICATE-----
+
+# TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE
 BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn
@@ -4735,9 +3957,11 @@ VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq
 URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf
 peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF
 Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
-+qtB4Uu2NQvAmxUwUTAUBggrBgEFBQcDAQYIKwYBBQUHAwMMOVTDnFJLVFJVU1Qg
-RWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINQ==
++qtB4Uu2NQvAmxUwRzAKBggrBgEFBQcDAQw5VMOcUktUUlVTVCBFbGVrdHJvbmlr
+IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1
 -----END TRUSTED CERTIFICATE-----
+
+# USERTrust ECC Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
 MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
@@ -4752,10 +3976,12 @@ o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G
 A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD
 VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
 zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
-RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1XahgwRzAeBggrBgEFBQcD
-BAYIKwYBBQUHAwEGCCsGAQUFBwMDDCVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRp
-b24gQXV0aG9yaXR5
+RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1XahgwPTAUBggrBgEFBQcD
+BAYIKwYBBQUHAwEMJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHk=
 -----END TRUSTED CERTIFICATE-----
+
+# USERTrust RSA Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
@@ -4788,9 +4014,11 @@ XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/
 qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB
 VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
 L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
-jjxDah2nGN59PRbxYvnKkKj9MEcwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
+jjxDah2nGN59PRbxYvnKkKj9MD0wFAYIKwYBBQUHAwQGCCsGAQUFBwMBDCVVU0VS
+VHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
 -----END TRUSTED CERTIFICATE-----
+
+# UTN USERFirst Email Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB
 rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
@@ -4819,92 +4047,8 @@ eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk
 USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQwKTAKBggrBgEF
 BQcDBAwbVVROIFVTRVJGaXJzdCBFbWFpbCBSb290IENB
 -----END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
-A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
-MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
-d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
-cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
-0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
-M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
-MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
-oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
-DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
-oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
-dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
-bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
-BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
-CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
-CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
-3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
-KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqDAsMAoGCCsG
-AQUFBwMBDB5VVE4gVVNFUkZpcnN0IEhhcmR3YXJlIFJvb3QgQ0E=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIEZjCCA06gAwIBAgIQRL4Mi1AAJLQR0zYt4LNfGzANBgkqhkiG9w0BAQUFADCB
-lTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3Qt
-T2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAzNlowgZUxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAc
-BgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3
-dy51c2VydHJ1c3QuY29tMR0wGwYDVQQDExRVVE4tVVNFUkZpcnN0LU9iamVjdDCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6qgT+jo2F4qjEAVZURnicP
-HxzfOpuCaDDASmEd8S8O+r5596Uj71VRloTN2+O5bj4x2AogZ8f02b+U60cEPgLO
-KqJdhwQJ9jCdGIqXsqoc/EHSoTbL+z2RuufZcDX65OeQw5ujm9M89RKZd7G3CeBo
-5hy485RjiGpq/gt2yb70IuRnuasaXnfBhQfdDWy/7gbHd2pBnqcP1/vulBe3/IW+
-pKvEHDHd17bR5PDv3xaPslKT16HUiaEHLr/hARJCHhrh2JU022R5KP+6LhHC5ehb
-kkj7RwvCbNqtMoNB86XlQXD9ZZBt+vpRxPm9lisZBCzTbafc8H9vg2XiaquHhnUC
-AwEAAaOBrzCBrDALBgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQU2u1kdBScFDyr3ZmpvVsoTYs8ydgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
-L2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VSRmlyc3QtT2JqZWN0LmNybDApBgNV
-HSUEIjAgBggrBgEFBQcDAwYIKwYBBQUHAwgGCisGAQQBgjcKAwQwDQYJKoZIhvcN
-AQEFBQADggEBAAgfUrE3RHjb/c652pWWmKpVZIC1WkDdIaXFwfNfLEzIR1pp6ujw
-NTX00CXzyKakh0q9G7FzCL3Uw8q2NbtZhncxzaeAFK4T7/yxSPlrJSUtUbYsbUXB
-mMiKVl0+7kNOPmsnjtA6S4ULX9Ptaqd1y9Fahy85dRNacrACgZ++8A+EVCBibGnU
-4U3GDZlDAQ0Slox4nb9QorFEqmrPF3rPbw/U+CRVX/A0FklmPlBGyWNxODFiuGK5
-81OtbLUrohKqGU8J2l7nk8aOFAj+8DCAGKCGhU3IfdeLA/5u1fedFqySLKAj5ZyR
-Uh+U3xeUc8OzwcFxBSAAeL0TUh2oPs0AH8gwKjAKBggrBgEFBQcDAwwcVVROIFVT
-RVJGaXJzdCBPYmplY3QgUm9vdCBDQQ==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFOTCCBCGgAwIBAgIQLwBuzRdwZudfo4IKeR8FrjANBgkqhkiG9w0BAQUFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMDkwMzI2MDAwMDAwWhcNMTkwMzI0MjM1OTU5WjCBtTEL
-MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
-ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg
-aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwOTEvMC0GA1UEAxMmVmVy
-aVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzIwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQDUVo9XOzcopkBj0pXVBXTatRlqltZxVy/iwDSM
-oJWzjOE3JPMu7UNFBY6J1/raSrX4Po1Ox/lJUEU3QJ90qqBRVWHxYISJpZ6AjS+w
-IapFgsTPtBR/RxUgKIKwaBLArlwH1/ZZzMtiVlxNSf8miKtUUTovStoOmOKJcrn8
-92g8xB85essXgfMMrQ/cYWIbEAsEHikYcV5iy0PevjG6cQIZTiapUdqMZGkD3pz9
-ff17Ybz8hHyIXLTDe+1fK0YS8f0AAZqLW+mjBS6PLlve8xt4+GaRCMBeztWwNsrU
-qHugffkwer/43RlRKyC6/qfPoU6wZ/WAqiuDLtKOVImOHikLAgMBAAGjggEsMIIB
-KDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjApBgNVHREEIjAg
-pB4wHDEaMBgGA1UEAxMRQ2xhc3MzQ0EyMDQ4LTEtNTIwHQYDVR0OBBYEFKXvCxHO
-wEEDo0plkEiyHOBXLX1HMGYGA1UdIARfMF0wWwYLYIZIAYb4RQEHFwMwTDAjBggr
-BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoX
-aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDov
-L3Muc3ltY2IuY29tL3BjYTMtZzUuY3JsMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ
-80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQArjhTM7IYIYDeLbGWJJSHeL1Ki
-B55Y07MWeAGZUZW0E3fMd90LXIE31r72YtYENwsYc5rT9sGiHm2cu4wR5j4SXgdf
-C4NcdALgUPSxJhttxujpv025ARUZ7FCa+RHwgVhDLE0RQLNaRgimXnOhiBI1jP8D
-Or3Wnfrn3Ja5GmQ+xP3ZCrZlnrqlqFj8OyLwolfuildHnHfHJeGsNAVN84J+QSO6
-tFfz58YBZddNiZkcaU1eePbrcnE9ssSVAZ9dDLcvJaZceUHvnsRnPKGdf3E60JWX
-7HhCdJhuvj5oTFc8qJNBhwvkua+R+1BMDLrAJCfRFdtlSCEKL9fcfqDMZX55MEIw
-AAw+VmVyaVNpZ24tQzNTU0EtRzItdGVtcG9yYXJ5LWludGVybWVkaWF0ZS1hZnRl
-ci0xMDI0Yml0LXJlbW92YWw=
------END TRUSTED CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G4
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
 MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
@@ -4924,10 +4068,12 @@ aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj
 aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW
 kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
 4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
-FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEDBeMB4GCCsG
-AQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMPFZlcmlTaWduIENsYXNzIDMgUHVi
-bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNA==
+FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEDBUMBQGCCsG
+AQUFBwMEBggrBgEFBQcDAQw8VmVyaVNpZ24gQ2xhc3MgMyBQdWJsaWMgUHJpbWFy
+eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0
 -----END TRUSTED CERTIFICATE-----
+
+# VeriSign Class 3 Public Primary Certification Authority - G5
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
 yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -4954,10 +4100,12 @@ p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
 5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
 WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
-hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNqMF4wHgYIKwYB
-BQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAww8VmVyaVNpZ24gQ2xhc3MgMyBQdWJs
-aWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc1
+hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNqMFQwFAYIKwYB
+BQUHAwQGCCsGAQUFBwMBDDxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzU=
 -----END TRUSTED CERTIFICATE-----
+
+# VeriSign Universal Root Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
 vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
@@ -4984,9 +4132,11 @@ seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz
 4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+
 BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
 lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
-7M2CYfE45k+XmCpajTBRMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMM
-L1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+7M2CYfE45k+XmCpajTBHMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwvVmVyaVNpZ24g
+VW5pdmVyc2FsIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHk=
 -----END TRUSTED CERTIFICATE-----
+
+# Verisign Class 1 Public Primary Certification Authority - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -5013,6 +4163,8 @@ E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7jBK
 MAoGCCsGAQUFBwMEDDxWZXJpc2lnbiBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENl
 cnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzM=
 -----END TRUSTED CERTIFICATE-----
+
+# Verisign Class 2 Public Primary Certification Authority - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ
 BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
@@ -5039,6 +4191,8 @@ cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98qMEow
 CgYIKwYBBQUHAwQMPFZlcmlzaWduIENsYXNzIDIgUHVibGljIFByaW1hcnkgQ2Vy
 dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMw==
 -----END TRUSTED CERTIFICATE-----
+
+# Verisign Class 3 Public Primary Certification Authority - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
 CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
@@ -5061,10 +4215,12 @@ imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
 DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
 /Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
 F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
-TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dETBe
-MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMPFZlcmlzaWduIENsYXNz
-IDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMw==
+TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dETBU
+MBQGCCsGAQUFBwMEBggrBgEFBQcDAQw8VmVyaXNpZ24gQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcz
 -----END TRUSTED CERTIFICATE-----
+
+# Visa eCommerce Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
 MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
@@ -5085,74 +4241,11 @@ zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3
 LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
 7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw
 ++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
-398znM/jra6O1I7mT1GvFpLgXPYHDzA1MB4GCCsGAQUFBwMEBggrBgEFBQcDAQYI
-KwYBBQUHAwMME1Zpc2EgZUNvbW1lcmNlIFJvb3Q=
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
-BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
-MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
-b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
-rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
-fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
-f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
-ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
-x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
-aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
-zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
-uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
-mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
-Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
-HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
-BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
-EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
-MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
-JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
-g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
-dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
-R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
-PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
-xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
-J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
-OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
-ee5Ehr7XHuQe+zAoMB4GCCsGAQUFBwMEBggrBgEFBQcDAQYIKwYBBQUHAwMMBldv
-U2lnbg==
------END TRUSTED CERTIFICATE-----
------BEGIN TRUSTED CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
-MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
-BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
-MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
-ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
-D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
-9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
-v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
-UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
-NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
-+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
-qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
-yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
-AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
-J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
-WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
-/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
-jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
-ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
-X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
-FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
-u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
-O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
-ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
-2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oTAuMB4GCCsGAQUFBwMEBggrBgEF
-BQcDAQYIKwYBBQUHAwMMDFdvU2lnbiBDaGluYQ==
+398znM/jra6O1I7mT1GvFpLgXPYHDzArMBQGCCsGAQUFBwMEBggrBgEFBQcDAQwT
+VmlzYSBlQ29tbWVyY2UgUm9vdA==
 -----END TRUSTED CERTIFICATE-----
+
+# XRamp Global CA Root
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
 gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
@@ -5176,9 +4269,11 @@ vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt
 qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa
 IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
 i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
-O+7ETPTsJ3xCwnR8gooJybQDJbwwNjAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsG
-AQUFBwMDDBRYUmFtcCBHbG9iYWwgQ0EgUm9vdA==
+O+7ETPTsJ3xCwnR8gooJybQDJbwwLDAUBggrBgEFBQcDBAYIKwYBBQUHAwEMFFhS
+YW1wIEdsb2JhbCBDQSBSb290
 -----END TRUSTED CERTIFICATE-----
+
+# certSIGN ROOT CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
 AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
@@ -5197,9 +4292,11 @@ MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ
 44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I
 Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
 i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
-9u6wWk5JRFRYX0KDMDIwHgYIKwYBBQUHAwQGCCsGAQUFBwMBBggrBgEFBQcDAwwQ
-Y2VydFNJR04gUk9PVCBDQQ==
+9u6wWk5JRFRYX0KDMCgwFAYIKwYBBQUHAwQGCCsGAQUFBwMBDBBjZXJ0U0lHTiBS
+T09UIENB
 -----END TRUSTED CERTIFICATE-----
+
+# ePKI Root Certification Authority
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
 MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
@@ -5231,9 +4328,11 @@ o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS
 /jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z
 Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE
 W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
-hNQ+IIX3Sj0rnP0qCglN6oH4EZwwQzAeBggrBgEFBQcDBAYIKwYBBQUHAwEGCCsG
-AQUFBwMDDCFlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHk=
+hNQ+IIX3Sj0rnP0qCglN6oH4EZwwOTAUBggrBgEFBQcDBAYIKwYBBQUHAwEMIWVQ
+S0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==
 -----END TRUSTED CERTIFICATE-----
+
+# thawte Primary Root CA - G2
 -----BEGIN TRUSTED CERTIFICATE-----
 MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL
 MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp
@@ -5248,9 +4347,11 @@ papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E
 BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K
 DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3
 KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox
-XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULjAzMBQGCCsGAQUFBwMBBggrBgEF
-BQcDAwwbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcy
+XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULjApMAoGCCsGAQUFBwMBDBt0aGF3
+dGUgUHJpbWFyeSBSb290IENBIC0gRzI=
 -----END TRUSTED CERTIFICATE-----
+
+# thawte Primary Root CA - G3
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
 rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
@@ -5274,9 +4375,11 @@ oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu
 t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c
 KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
 m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
-MdRAGmI0Nj81Aa6sY6AwMzAUBggrBgEFBQcDAQYIKwYBBQUHAwMMG3RoYXd0ZSBQ
-cmltYXJ5IFJvb3QgQ0EgLSBHMw==
+MdRAGmI0Nj81Aa6sY6AwKTAKBggrBgEFBQcDAQwbdGhhd3RlIFByaW1hcnkgUm9v
+dCBDQSAtIEcz
 -----END TRUSTED CERTIFICATE-----
+
+# thawte Primary Root CA
 -----BEGIN TRUSTED CERTIFICATE-----
 MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
 qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
@@ -5300,6 +4403,5 @@ YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX
 xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2
 /qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/
 LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7
-jVaMaDAuMBQGCCsGAQUFBwMBBggrBgEFBQcDAwwWdGhhd3RlIFByaW1hcnkgUm9v
-dCBDQQ==
+jVaMaDAkMAoGCCsGAQUFBwMBDBZ0aGF3dGUgUHJpbWFyeSBSb290IENB
 -----END TRUSTED CERTIFICATE-----
diff --git a/msys2/usr/ssl/ct_log_list.cnf b/msys2/usr/ssl/ct_log_list.cnf
new file mode 100644
index 000000000..e643cfdbd
--- /dev/null
+++ b/msys2/usr/ssl/ct_log_list.cnf
@@ -0,0 +1,9 @@
+# This file specifies the Certificate Transparency logs
+# that are to be trusted.
+
+# Google's list of logs can be found here:
+#       www.certificate-transparency.org/known-logs
+# A Python program to convert the log list to OpenSSL's format can be
+# found here:
+#       https://github.com/google/certificate-transparency/blob/master/python/utilities/log_list/print_log_list.py
+# Use the "--openssl_output" flag.
diff --git a/msys2/usr/ssl/ct_log_list.cnf.dist b/msys2/usr/ssl/ct_log_list.cnf.dist
new file mode 100644
index 000000000..e643cfdbd
--- /dev/null
+++ b/msys2/usr/ssl/ct_log_list.cnf.dist
@@ -0,0 +1,9 @@
+# This file specifies the Certificate Transparency logs
+# that are to be trusted.
+
+# Google's list of logs can be found here:
+#       www.certificate-transparency.org/known-logs
+# A Python program to convert the log list to OpenSSL's format can be
+# found here:
+#       https://github.com/google/certificate-transparency/blob/master/python/utilities/log_list/print_log_list.py
+# Use the "--openssl_output" flag.
diff --git a/msys2/usr/ssl/misc/CA.pl b/msys2/usr/ssl/misc/CA.pl
index 7ae2b7d00..6c17c7829 100644
--- a/msys2/usr/ssl/misc/CA.pl
+++ b/msys2/usr/ssl/misc/CA.pl
@@ -1,188 +1,215 @@
-#!/usr/bin/perl.exe
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq[-nodes] ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
+#!/usr/bin/env perl
+# Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
 #
+# Licensed under the OpenSSL license (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
 
-# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
 #
+# Wrapper around the ca to make it easier to use
 #
-# Steve Henson
-# shenson@bigfoot.com
+# WARNING: do not edit!
+# Generated by Makefile from apps/CA.pl.in
 
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
+use strict;
+use warnings;
 
-my $openssl;
-if(defined $ENV{OPENSSL}) {
-	$openssl = $ENV{OPENSSL};
+my $openssl = "openssl";
+if(defined $ENV{'OPENSSL'}) {
+    $openssl = $ENV{'OPENSSL'};
 } else {
-	$openssl = "openssl";
-	$ENV{OPENSSL} = $openssl;
+    $ENV{'OPENSSL'} = $openssl;
 }
 
-$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
-$DAYS="-days 365";	# 1 year
-$CADAYS="-days 1095";	# 3 years
-$REQ="$openssl req $SSLEAY_CONFIG";
-$CA="$openssl ca $SSLEAY_CONFIG";
-$VERIFY="$openssl verify";
-$X509="$openssl x509";
-$PKCS12="$openssl pkcs12";
+my $verbose = 1;
 
-$CATOP="/usr/ssl";
-$CAKEY="cakey.pem";
-$CAREQ="careq.pem";
-$CACERT="cacert.pem";
+my $OPENSSL_CONFIG = $ENV{"OPENSSL_CONFIG"} || "";
+my $DAYS = "-days 365";
+my $CADAYS = "-days 1095";	# 3 years
+my $REQ = "$openssl req $OPENSSL_CONFIG";
+my $CA = "$openssl ca $OPENSSL_CONFIG";
+my $VERIFY = "$openssl verify";
+my $X509 = "$openssl x509";
+my $PKCS12 = "$openssl pkcs12";
 
-$DIRMODE = 0777;
+# default openssl.cnf file has setup as per the following
+my $CATOP = "/usr/ssl";
+my $CAKEY = "cakey.pem";
+my $CAREQ = "careq.pem";
+my $CACERT = "cacert.pem";
+my $CACRL = "crl.pem";
+my $DIRMODE = 0777;
 
-$RET = 0;
+my $NEWKEY = "newkey.pem";
+my $NEWREQ = "newreq.pem";
+my $NEWCERT = "newcert.pem";
+my $NEWP12 = "newcert.p12";
+my $RET = 0;
+my $WHAT = shift @ARGV || "";
+my @OPENSSL_CMDS = ("req", "ca", "pkcs12", "x509", "verify");
+my %EXTRA = extra_args(\@ARGV, "-extra-");
+my $FILE;
 
-foreach (@ARGV) {
-	if ( /^(-\?|-h|-help)$/ ) {
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-signcert|-verify\n";
-	    exit 0;
-	} elsif (/^-newcert$/) {
-	    # create a certificate
-	    system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
-	    $RET=$?;
-	    print "Certificate is in newcert.pem, private key is in newkey.pem\n"
-	} elsif (/^-newreq$/) {
-	    # create a certificate request
-	    system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request is in newreq.pem, private key is in newkey.pem\n";
-	} elsif (/^-newreq-nodes$/) {
-	    # create a certificate request
-	    system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request is in newreq.pem, private key is in newkey.pem\n";
-	} elsif (/^-newca$/) {
-		# if explicitly asked for or it doesn't exist then setup the
-		# directory structure that Eric likes to manage things 
-	    $NEW="1";
-	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
-		# create the directory hierarchy
-		mkdir $CATOP, $DIRMODE;
-		mkdir "${CATOP}/certs", $DIRMODE;
-		mkdir "${CATOP}/crl", $DIRMODE ;
-		mkdir "${CATOP}/newcerts", $DIRMODE;
-		mkdir "${CATOP}/private", $DIRMODE;
-		open OUT, ">${CATOP}/index.txt";
-		close OUT;
-		open OUT, ">${CATOP}/crlnumber";
-		print OUT "01\n";
-		close OUT;
-	    }
-	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
-		print "CA certificate filename (or enter to create)\n";
-		$FILE = <STDIN>;
-
-		chop $FILE;
-
-		# ask user for existing CA certificate
-		if ($FILE) {
-		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
-		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
-		    $RET=$?;
-		} else {
-		    print "Making CA certificate ...\n";
-		    system ("$REQ -new -keyout " .
-			"${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
-		    system ("$CA -create_serial " .
-			"-out ${CATOP}/$CACERT $CADAYS -batch " . 
-			"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
-			"-extensions v3_ca " .
-			"-infiles ${CATOP}/$CAREQ ");
-		    $RET=$?;
-		}
-	    }
-	} elsif (/^-pkcs12$/) {
-	    my $cname = $ARGV[1];
-	    $cname = "My Certificate" unless defined $cname;
-	    system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
-			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
-			"-export -name \"$cname\"");
-	    $RET=$?;
-	    print "PKCS #12 file is in newcert.p12\n";
-	    exit $RET;
-	} elsif (/^-xsign$/) {
-	    system ("$CA -policy policy_anything -infiles newreq.pem");
-	    $RET=$?;
-	} elsif (/^(-sign|-signreq)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^(-signCA)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-					"-extensions v3_ca -infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed CA certificate is in newcert.pem\n";
-	} elsif (/^-signcert$/) {
-	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
-								"-out tmp.pem");
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles tmp.pem");
-	    $RET = $?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-verify$/) {
-	    if (shift) {
-		foreach $j (@ARGV) {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
-		    $RET=$? if ($? != 0);
-		}
-		exit $RET;
-	    } else {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
-		    $RET=$?;
-	    	    exit 0;
-	    }
+sub extra_args {
+    my ($args_ref, $arg_prefix) = @_;
+    my %eargs = map {
+	if ($_ < $#$args_ref) {
+	    my ($arg, $value) = splice(@$args_ref, $_, 2);
+	    $arg =~ s/$arg_prefix//;
+	    ($arg, $value);
 	} else {
-	    print STDERR "Unknown arg $_\n";
-	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
-	    exit 1;
+	    ();
 	}
+    } reverse grep($$args_ref[$_] =~ /$arg_prefix/, 0..$#$args_ref);
+    my %empty = map { ($_, "") } @OPENSSL_CMDS;
+    return (%empty, %eargs);
+}
+
+# See if reason for a CRL entry is valid; exit if not.
+sub crl_reason_ok
+{
+    my $r = shift;
+
+    if ($r eq 'unspecified' || $r eq 'keyCompromise'
+        || $r eq 'CACompromise' || $r eq 'affiliationChanged'
+        || $r eq 'superseded' || $r eq 'cessationOfOperation'
+        || $r eq 'certificateHold' || $r eq 'removeFromCRL') {
+        return 1;
+    }
+    print STDERR "Invalid CRL reason; must be one of:\n";
+    print STDERR "    unspecified, keyCompromise, CACompromise,\n";
+    print STDERR "    affiliationChanged, superseded, cessationOfOperation\n";
+    print STDERR "    certificateHold, removeFromCRL";
+    exit 1;
+}
+
+# Copy a PEM-format file; return like exit status (zero means ok)
+sub copy_pemfile
+{
+    my ($infile, $outfile, $bound) = @_;
+    my $found = 0;
+
+    open IN, $infile || die "Cannot open $infile, $!";
+    open OUT, ">$outfile" || die "Cannot write to $outfile, $!";
+    while (<IN>) {
+        $found = 1 if /^-----BEGIN.*$bound/;
+        print OUT $_ if $found;
+        $found = 2, last if /^-----END.*$bound/;
+    }
+    close IN;
+    close OUT;
+    return $found == 2 ? 0 : 1;
+}
+
+# Wrapper around system; useful for debugging.  Returns just the exit status
+sub run
+{
+    my $cmd = shift;
+    print "====\n$cmd\n" if $verbose;
+    my $status = system($cmd);
+    print "==> $status\n====\n" if $verbose;
+    return $status >> 8;
+}
+
+
+if ( $WHAT =~ /^(-\?|-h|-help)$/ ) {
+    print STDERR "usage: CA.pl -newcert | -newreq | -newreq-nodes | -xsign | -sign | -signCA | -signcert | -crl | -newca [-extra-cmd extra-params]\n";
+    print STDERR "       CA.pl -pkcs12 [-extra-pkcs12 extra-params] [certname]\n";
+    print STDERR "       CA.pl -verify [-extra-verify extra-params] certfile ...\n";
+    print STDERR "       CA.pl -revoke [-extra-ca extra-params] certfile [reason]\n";
+    exit 0;
+}
+if ($WHAT eq '-newcert' ) {
+    # create a certificate
+    $RET = run("$REQ -new -x509 -keyout $NEWKEY -out $NEWCERT $DAYS $EXTRA{req}");
+    print "Cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0;
+} elsif ($WHAT eq '-precert' ) {
+    # create a pre-certificate
+    $RET = run("$REQ -x509 -precert -keyout $NEWKEY -out $NEWCERT $DAYS");
+    print "Pre-cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0;
+} elsif ($WHAT =~ /^\-newreq(\-nodes)?$/ ) {
+    # create a certificate request
+    $RET = run("$REQ -new $1 -keyout $NEWKEY -out $NEWREQ $DAYS $EXTRA{req}");
+    print "Request is in $NEWREQ, private key is in $NEWKEY\n" if $RET == 0;
+} elsif ($WHAT eq '-newca' ) {
+    # create the directory hierarchy
+    mkdir ${CATOP}, $DIRMODE;
+    mkdir "${CATOP}/certs", $DIRMODE;
+    mkdir "${CATOP}/crl", $DIRMODE ;
+    mkdir "${CATOP}/newcerts", $DIRMODE;
+    mkdir "${CATOP}/private", $DIRMODE;
+    open OUT, ">${CATOP}/index.txt";
+    close OUT;
+    open OUT, ">${CATOP}/crlnumber";
+    print OUT "01\n";
+    close OUT;
+    # ask user for existing CA certificate
+    print "CA certificate filename (or enter to create)\n";
+    $FILE = "" unless defined($FILE = <STDIN>);
+    $FILE =~ s{\R$}{};
+    if ($FILE ne "") {
+        copy_pemfile($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
+        copy_pemfile($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
+    } else {
+        print "Making CA certificate ...\n";
+        $RET = run("$REQ -new -keyout"
+                . " ${CATOP}/private/$CAKEY"
+                . " -out ${CATOP}/$CAREQ $EXTRA{req}");
+        $RET = run("$CA -create_serial"
+                . " -out ${CATOP}/$CACERT $CADAYS -batch"
+                . " -keyfile ${CATOP}/private/$CAKEY -selfsign"
+                . " -extensions v3_ca $EXTRA{ca}"
+                . " -infiles ${CATOP}/$CAREQ") if $RET == 0;
+        print "CA certificate is in ${CATOP}/$CACERT\n" if $RET == 0;
+    }
+} elsif ($WHAT eq '-pkcs12' ) {
+    my $cname = $ARGV[0];
+    $cname = "My Certificate" unless defined $cname;
+    $RET = run("$PKCS12 -in $NEWCERT -inkey $NEWKEY"
+            . " -certfile ${CATOP}/$CACERT"
+            . " -out $NEWP12"
+            . " -export -name \"$cname\" $EXTRA{pkcs12}");
+    print "PKCS #12 file is in $NEWP12\n" if $RET == 0;
+} elsif ($WHAT eq '-xsign' ) {
+    $RET = run("$CA -policy policy_anything $EXTRA{ca} -infiles $NEWREQ");
+} elsif ($WHAT eq '-sign' ) {
+    $RET = run("$CA -policy policy_anything -out $NEWCERT $EXTRA{ca} -infiles $NEWREQ");
+    print "Signed certificate is in $NEWCERT\n" if $RET == 0;
+} elsif ($WHAT eq '-signCA' ) {
+    $RET = run("$CA -policy policy_anything -out $NEWCERT"
+            . " -extensions v3_ca $EXTRA{ca} -infiles $NEWREQ");
+    print "Signed CA certificate is in $NEWCERT\n" if $RET == 0;
+} elsif ($WHAT eq '-signcert' ) {
+    $RET = run("$X509 -x509toreq -in $NEWREQ -signkey $NEWREQ"
+            . " -out tmp.pem $EXTRA{x509}");
+    $RET = run("$CA -policy policy_anything -out $NEWCERT"
+            . "$EXTRA{ca} -infiles tmp.pem") if $RET == 0;
+    print "Signed certificate is in $NEWCERT\n" if $RET == 0;
+} elsif ($WHAT eq '-verify' ) {
+    my @files = @ARGV ? @ARGV : ( $NEWCERT );
+    my $file;
+    foreach $file (@files) {
+        my $status = run("$VERIFY \"-CAfile\" ${CATOP}/$CACERT $file $EXTRA{verify}");
+        $RET = $status if $status != 0;
+    }
+} elsif ($WHAT eq '-crl' ) {
+    $RET = run("$CA -gencrl -out ${CATOP}/crl/$CACRL $EXTRA{ca}");
+    print "Generated CRL is in ${CATOP}/crl/$CACRL\n" if $RET == 0;
+} elsif ($WHAT eq '-revoke' ) {
+    my $cname = $ARGV[0];
+    if (!defined $cname) {
+        print "Certificate filename is required; reason optional.\n";
+        exit 1;
+    }
+    my $reason = $ARGV[1];
+    $reason = " -crl_reason $reason"
+        if defined $reason && crl_reason_ok($reason);
+    $RET = run("$CA -revoke \"$cname\"" . $reason . $EXTRA{ca});
+} else {
+    print STDERR "Unknown arg \"$WHAT\"\n";
+    print STDERR "Use -help for help.\n";
+    exit 1;
 }
 
 exit $RET;
-
-sub cp_pem {
-my ($infile, $outfile, $bound) = @_;
-open IN, $infile;
-open OUT, ">$outfile";
-my $flag = 0;
-while (<IN>) {
-	$flag = 1 if (/^-----BEGIN.*$bound/) ;
-	print OUT $_ if ($flag);
-	if (/^-----END.*$bound/) {
-		close IN;
-		close OUT;
-		return;
-	}
-}
-}
diff --git a/msys2/usr/ssl/misc/CA.sh b/msys2/usr/ssl/misc/CA.sh
deleted file mode 100644
index d16006c3e..000000000
--- a/msys2/usr/ssl/misc/CA.sh
+++ /dev/null
@@ -1,198 +0,0 @@
-#!/bin/sh
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq ... will generate a certificate request
-# CA -sign ... will sign the generated request and output
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#                  environment variable so this can be driven from
-#                  a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-cp_pem() {
-    infile=$1
-    outfile=$2
-    bound=$3
-    flag=0
-    exec <$infile;
-    while read line; do
-	if [ $flag -eq 1 ]; then
-		echo $line|grep "^-----END.*$bound"  2>/dev/null 1>/dev/null
-		if [ $? -eq 0 ] ; then
-			echo $line >>$outfile
-			break
-		else
-			echo $line >>$outfile
-		fi
-	fi
-
-	echo $line|grep "^-----BEGIN.*$bound"  2>/dev/null 1>/dev/null
-	if [ $? -eq 0 ]; then
-		echo $line >$outfile
-		flag=1
-	fi
-    done
-}
-
-usage() {
- echo "usage: $0 -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify" >&2
-}
-
-if [ -z "$OPENSSL" ]; then OPENSSL=openssl; fi
-
-if [ -z "$DAYS" ] ; then DAYS="-days 365" ; fi	# 1 year
-CADAYS="-days 1095"	# 3 years
-REQ="$OPENSSL req $SSLEAY_CONFIG"
-CA="$OPENSSL ca $SSLEAY_CONFIG"
-VERIFY="$OPENSSL verify"
-X509="$OPENSSL x509"
-PKCS12="openssl pkcs12"
-
-if [ -z "$CATOP" ] ; then CATOP=/usr/ssl ; fi
-CAKEY=./cakey.pem
-CAREQ=./careq.pem
-CACERT=./cacert.pem
-
-RET=0
-
-while [ "$1" != "" ] ; do
-case $1 in
--\?|-h|-help)
-    usage
-    exit 0
-    ;;
--newcert)
-    # create a certificate
-    $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS
-    RET=$?
-    echo "Certificate is in newcert.pem, private key is in newkey.pem"
-    ;;
--newreq)
-    # create a certificate request
-    $REQ -new -keyout newkey.pem -out newreq.pem $DAYS
-    RET=$?
-    echo "Request is in newreq.pem, private key is in newkey.pem"
-    ;;
--newreq-nodes) 
-    # create a certificate request
-    $REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS
-    RET=$?
-    echo "Request (and private key) is in newreq.pem"
-    ;;
--newca)
-    # if explicitly asked for or it doesn't exist then setup the directory
-    # structure that Eric likes to manage things
-    NEW="1"
-    if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
-	# create the directory hierarchy
-	mkdir -p ${CATOP}
-	mkdir -p ${CATOP}/certs
-	mkdir -p ${CATOP}/crl
-	mkdir -p ${CATOP}/newcerts
-	mkdir -p ${CATOP}/private
-	touch ${CATOP}/index.txt
-    fi
-    if [ ! -f ${CATOP}/private/$CAKEY ]; then
-	echo "CA certificate filename (or enter to create)"
-	read FILE
-
-	# ask user for existing CA certificate
-	if [ "$FILE" ]; then
-	    cp_pem $FILE ${CATOP}/private/$CAKEY PRIVATE
-	    cp_pem $FILE ${CATOP}/$CACERT CERTIFICATE
-	    RET=$?
-	    if [ ! -f "${CATOP}/serial" ]; then
-		$X509 -in ${CATOP}/$CACERT -noout -next_serial \
-		      -out ${CATOP}/serial
-	    fi
-	else
-	    echo "Making CA certificate ..."
-	    $REQ -new -keyout ${CATOP}/private/$CAKEY \
-			   -out ${CATOP}/$CAREQ
-	    $CA -create_serial -out ${CATOP}/$CACERT $CADAYS -batch \
-			   -keyfile ${CATOP}/private/$CAKEY -selfsign \
-			   -extensions v3_ca \
-			   -infiles ${CATOP}/$CAREQ
-	    RET=$?
-	fi
-    fi
-    ;;
--xsign)
-    $CA -policy policy_anything -infiles newreq.pem
-    RET=$?
-    ;;
--pkcs12)
-    if [ -z "$2" ] ; then
-	CNAME="My Certificate"
-    else
-	CNAME="$2"
-    fi
-    $PKCS12 -in newcert.pem -inkey newreq.pem -certfile ${CATOP}/$CACERT \
-	    -out newcert.p12 -export -name "$CNAME"
-    RET=$?
-    exit $RET
-    ;;
--sign|-signreq)
-    $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
-    RET=$?
-    cat newcert.pem
-    echo "Signed certificate is in newcert.pem"
-    ;;
--signCA)
-    $CA -policy policy_anything -out newcert.pem -extensions v3_ca -infiles newreq.pem
-    RET=$?
-    echo "Signed CA certificate is in newcert.pem"
-    ;;
--signcert)
-    echo "Cert passphrase will be requested twice - bug?"
-    $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
-    $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
-    RET=$?
-    cat newcert.pem
-    echo "Signed certificate is in newcert.pem"
-    ;;
--verify)
-    shift
-    if [ -z "$1" ]; then
-	    $VERIFY -CAfile $CATOP/$CACERT newcert.pem
-	    RET=$?
-    else
-	for j
-	do
-	    $VERIFY -CAfile $CATOP/$CACERT $j
-	    if [ $? != 0 ]; then
-		    RET=$?
-	    fi
-	done
-    fi
-    exit $RET
-    ;;
-*)
-    echo "Unknown arg $i" >&2
-    usage
-    exit 1
-    ;;
-esac
-shift
-done
-exit $RET
diff --git a/msys2/usr/ssl/misc/c_hash b/msys2/usr/ssl/misc/c_hash
deleted file mode 100644
index 5e0a90817..000000000
--- a/msys2/usr/ssl/misc/c_hash
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-# print out the hash values 
-#
-
-for i in $*
-do
-	h=`openssl x509 -hash -noout -in $i`
-	echo "$h.0 => $i"
-done
diff --git a/msys2/usr/ssl/misc/c_info b/msys2/usr/ssl/misc/c_info
deleted file mode 100644
index 0e1e633b6..000000000
--- a/msys2/usr/ssl/misc/c_info
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-#
-# print the subject
-#
-
-for i in $*
-do
-	n=`openssl x509 -subject -issuer -enddate -noout -in $i`
-	echo "$i"
-	echo "$n"
-	echo "--------"
-done
diff --git a/msys2/usr/ssl/misc/c_issuer b/msys2/usr/ssl/misc/c_issuer
deleted file mode 100644
index 55821ab74..000000000
--- a/msys2/usr/ssl/misc/c_issuer
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-#
-# print out the issuer
-#
-
-for i in $*
-do
-	n=`openssl x509 -issuer -noout -in $i`
-	echo "$i	$n"
-done
diff --git a/msys2/usr/ssl/misc/c_name b/msys2/usr/ssl/misc/c_name
deleted file mode 100644
index 28800c0b3..000000000
--- a/msys2/usr/ssl/misc/c_name
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-#
-# print the subject
-#
-
-for i in $*
-do
-	n=`openssl x509 -subject -noout -in $i`
-	echo "$i	$n"
-done
diff --git a/msys2/usr/ssl/misc/tsget b/msys2/usr/ssl/misc/tsget
index 0fca99f43..8aa60b798 100644
--- a/msys2/usr/ssl/misc/tsget
+++ b/msys2/usr/ssl/misc/tsget
@@ -1,7 +1,11 @@
-#!/usr/bin/perl -w
-# Written by Zoltan Glozik <zglozik@stones.com>.
-# Copyright (c) 2002 The OpenTSA Project.  All rights reserved.
-$::version = '$Id: tsget,v 1.1.2.2 2009/09/07 17:57:02 steve Exp $';
+#!/usr/bin/env perl
+# Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright (c) 2002 The OpenTSA Project. All rights reserved.
+#
+# Licensed under the OpenSSL license (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
 
 use strict;
 use IO::Handle;
@@ -42,7 +46,8 @@ sub create_curl {
     # Error-handling related options.
     $curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};
     $curl->setopt(CURLOPT_FAILONERROR, 1);
-    $curl->setopt(CURLOPT_USERAGENT, "OpenTSA tsget.pl/" . (split / /, $::version)[2]);
+    $curl->setopt(CURLOPT_USERAGENT,
+        "OpenTSA tsget.pl/openssl-1.1.1b");
 
     # Options for POST method.
     $curl->setopt(CURLOPT_UPLOAD, 1);
diff --git a/msys2/usr/ssl/misc/tsget.pl b/msys2/usr/ssl/misc/tsget.pl
new file mode 100644
index 000000000..8aa60b798
--- /dev/null
+++ b/msys2/usr/ssl/misc/tsget.pl
@@ -0,0 +1,200 @@
+#!/usr/bin/env perl
+# Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright (c) 2002 The OpenTSA Project. All rights reserved.
+#
+# Licensed under the OpenSSL license (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use IO::Handle;
+use Getopt::Std;
+use File::Basename;
+use WWW::Curl::Easy;
+
+use vars qw(%options);
+
+# Callback for reading the body.
+sub read_body {
+    my ($maxlength, $state) = @_;
+    my $return_data = "";
+    my $data_len = length ${$state->{data}};
+    if ($state->{bytes} < $data_len) {
+	$data_len = $data_len - $state->{bytes};
+	$data_len = $maxlength if $data_len > $maxlength;
+	$return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;
+	$state->{bytes} += $data_len;
+    }
+    return $return_data;
+}
+
+# Callback for writing the body into a variable.
+sub write_body {
+    my ($data, $pointer) = @_;
+    ${$pointer} .= $data;
+    return length($data);
+}
+
+# Initialise a new Curl object.
+sub create_curl {
+    my $url = shift;
+
+    # Create Curl object.
+    my $curl = WWW::Curl::Easy::new();
+
+    # Error-handling related options.
+    $curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};
+    $curl->setopt(CURLOPT_FAILONERROR, 1);
+    $curl->setopt(CURLOPT_USERAGENT,
+        "OpenTSA tsget.pl/openssl-1.1.1b");
+
+    # Options for POST method.
+    $curl->setopt(CURLOPT_UPLOAD, 1);
+    $curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");
+    $curl->setopt(CURLOPT_HTTPHEADER,
+		["Content-Type: application/timestamp-query",
+		"Accept: application/timestamp-reply,application/timestamp-response"]);
+    $curl->setopt(CURLOPT_READFUNCTION, \&read_body);
+    $curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });
+
+    # Options for getting the result.
+    $curl->setopt(CURLOPT_WRITEFUNCTION, \&write_body);
+
+    # SSL related options.
+    $curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");
+    $curl->setopt(CURLOPT_SSL_VERIFYPEER, 1);	# Verify server's certificate.
+    $curl->setopt(CURLOPT_SSL_VERIFYHOST, 2);	# Check server's CN.
+    $curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});
+    $curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});
+    $curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});
+    $curl->setopt(CURLOPT_CAINFO, $options{C}) if defined($options{C});
+    $curl->setopt(CURLOPT_CAPATH, $options{P}) if defined($options{P});
+    $curl->setopt(CURLOPT_RANDOM_FILE, $options{r}) if defined($options{r});
+    $curl->setopt(CURLOPT_EGDSOCKET, $options{g}) if defined($options{g});
+
+    # Setting destination.
+    $curl->setopt(CURLOPT_URL, $url);
+
+    return $curl;
+}
+
+# Send a request and returns the body back.
+sub get_timestamp {
+    my $curl = shift;
+    my $body = shift;
+    my $ts_body;
+    local $::error_buf;
+
+    # Error-handling related options.
+    $curl->setopt(CURLOPT_ERRORBUFFER, "::error_buf");
+
+    # Options for POST method.
+    $curl->setopt(CURLOPT_INFILE, {data => $body, bytes => 0});
+    $curl->setopt(CURLOPT_INFILESIZE, length(${$body}));
+
+    # Options for getting the result.
+    $curl->setopt(CURLOPT_FILE, \$ts_body);
+
+    # Send the request...
+    my $error_code = $curl->perform();
+    my $error_string;
+    if ($error_code != 0) {
+        my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);
+	$error_string = "could not get timestamp";
+	$error_string .= ", http code: $http_code" unless $http_code == 0;
+	$error_string .= ", curl code: $error_code";
+	$error_string .= " ($::error_buf)" if defined($::error_buf);
+    } else {
+        my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);
+	if (lc($ct) ne "application/timestamp-reply"
+	    && lc($ct) ne "application/timestamp-response") {
+	    $error_string = "unexpected content type returned: $ct";
+        }
+    }
+    return ($ts_body, $error_string);
+
+}
+
+# Print usage information and exists.
+sub usage {
+
+    print STDERR "usage: $0 -h <server_url> [-e <extension>] [-o <output>] ";
+    print STDERR "[-v] [-d] [-k <private_key.pem>] [-p <key_password>] ";
+    print STDERR "[-c <client_cert.pem>] [-C <CA_certs.pem>] [-P <CA_path>] ";
+    print STDERR "[-r <file:file...>] [-g <EGD_socket>] [<request>]...\n";
+    exit 1;
+}
+
+# ----------------------------------------------------------------------
+#   Main program
+# ----------------------------------------------------------------------
+
+# Getting command-line options (default comes from TSGET environment variable).
+my $getopt_arg =  "h:e:o:vdk:p:c:C:P:r:g:";
+if (exists $ENV{TSGET}) {
+    my @old_argv = @ARGV;
+    @ARGV = split /\s+/, $ENV{TSGET};
+    getopts($getopt_arg, \%options) or usage;
+    @ARGV = @old_argv;
+}
+getopts($getopt_arg, \%options) or usage;
+
+# Checking argument consistency.
+if (!exists($options{h}) || (@ARGV == 0 && !exists($options{o}))
+    || (@ARGV > 1 && exists($options{o}))) {
+    print STDERR "Inconsistent command line options.\n";
+    usage;
+}
+# Setting defaults.
+@ARGV = ("-") unless @ARGV != 0;
+$options{e} = ".tsr" unless defined($options{e});
+
+# Processing requests.
+my $curl = create_curl $options{h};
+undef $/;   # For reading whole files.
+REQUEST: foreach (@ARGV) {
+    my $input = $_;
+    my ($base, $path) = fileparse($input, '\.[^.]*');
+    my $output_base = $base . $options{e};
+    my $output = defined($options{o}) ? $options{o} : $path . $output_base;
+
+    STDERR->printflush("$input: ") if $options{v};
+    # Read request.
+    my $body;
+    if ($input eq "-") {
+	# Read the request from STDIN;
+	$body = <STDIN>;
+    } else {
+	# Read the request from file.
+        open INPUT, "<" . $input
+	    or warn("$input: could not open input file: $!\n"), next REQUEST;
+        $body = <INPUT>;
+        close INPUT
+	    or warn("$input: could not close input file: $!\n"), next REQUEST;
+    }
+
+    # Send request.
+    STDERR->printflush("sending request") if $options{v};
+
+    my ($ts_body, $error) = get_timestamp $curl, \$body;
+    if (defined($error)) {
+	die "$input: fatal error: $error\n";
+    }
+    STDERR->printflush(", reply received") if $options{v};
+
+    # Write response.
+    if ($output eq "-") {
+	# Write to STDOUT.
+        print $ts_body;
+    } else {
+	# Write to file.
+        open OUTPUT, ">", $output
+	    or warn("$output: could not open output file: $!\n"), next REQUEST;
+        print OUTPUT $ts_body;
+        close OUTPUT
+	    or warn("$output: could not close output file: $!\n"), next REQUEST;
+    }
+    STDERR->printflush(", $output written.\n") if $options{v};
+}
+$curl->cleanup();
diff --git a/msys2/usr/ssl/openssl.cnf b/msys2/usr/ssl/openssl.cnf
index 3252bfa9f..06f9c5e82 100644
--- a/msys2/usr/ssl/openssl.cnf
+++ b/msys2/usr/ssl/openssl.cnf
@@ -3,10 +3,13 @@
 # This is mostly being used for generation of certificate requests.
 #
 
+# Note that you can include other files from the main configuration
+# file using the .include directive.
+#.include filename
+
 # This definition stops the following lines choking if HOME isn't
 # defined.
 HOME			= .
-RANDFILE		= $ENV::HOME/.rnd
 
 # Extra OBJECT IDENTIFIER info:
 #oid_file		= $ENV::HOME/.oid
@@ -15,7 +18,7 @@ oid_section		= new_oids
 # To use this configuration file with the "-extfile" option of the
 # "openssl x509" utility, name here the section containing the
 # X.509v3 extensions to use:
-# extensions		= 
+# extensions		=
 # (Alternatively, use a configuration file that has only
 # X.509v3 extensions in its main [= default] section.)
 
@@ -44,7 +47,7 @@ certs		= $dir/certs		# Where the issued certs are kept
 crl_dir		= $dir/crl		# Where the issued crl are kept
 database	= $dir/index.txt	# database index file.
 #unique_subject	= no			# Set to 'no' to allow creation of
-					# several ctificates with same subject.
+					# several certs with same subject.
 new_certs_dir	= $dir/newcerts		# default place for new certs.
 
 certificate	= $dir/cacert.pem 	# The CA certificate
@@ -53,9 +56,8 @@ crlnumber	= $dir/crlnumber	# the current crl number
 					# must be commented out to leave a V1 CRL
 crl		= $dir/crl.pem 		# The current CRL
 private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
 
-x509_extensions	= usr_cert		# The extentions to add to the cert
+x509_extensions	= usr_cert		# The extensions to add to the cert
 
 # Comment out the following two lines for the "traditional"
 # (and highly broken) format.
@@ -107,13 +109,13 @@ default_bits		= 2048
 default_keyfile 	= privkey.pem
 distinguished_name	= req_distinguished_name
 attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
+x509_extensions	= v3_ca	# The extensions to add to the self signed cert
 
 # Passwords for private keys if not present they will be prompted for
 # input_password = secret
 # output_password = secret
 
-# This sets a mask for permitted string types. There are several options. 
+# This sets a mask for permitted string types. There are several options.
 # default: PrintableString, T61String, BMPString.
 # pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
 # utf8only: only UTF8Strings (PKIX recommendation after 2004).
@@ -233,11 +235,7 @@ subjectKeyIdentifier=hash
 
 authorityKeyIdentifier=keyid:always,issuer
 
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
+basicConstraints = critical,CA:true
 
 # Key usage: this is typical for a CA certificate. However since it will
 # prevent it being used as an test self-signed certificate it is best
@@ -335,11 +333,11 @@ signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
 certs		= $dir/cacert.pem	# Certificate chain to include in reply
 					# (optional)
 signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
-
+signer_digest  = sha256			# Signing digest to use. (Optional)
 default_policy	= tsa_policy1		# Policy if request did not specify it
 					# (optional)
 other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
+digests     = sha1, sha256, sha384, sha512  # Acceptable message digests (mandatory)
 accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
 clock_precision_digits  = 0	# number of digits after dot. (optional)
 ordering		= yes	# Is ordering defined for timestamps?
@@ -348,3 +346,5 @@ tsa_name		= yes	# Must the TSA name be included in the reply?
 				# (optional, default: no)
 ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
 				# (optional, default: no)
+ess_cert_id_alg		= sha1	# algorithm to compute certificate
+				# identifier (optional, default: sha1)
diff --git a/msys2/usr/ssl/openssl.cnf.dist b/msys2/usr/ssl/openssl.cnf.dist
new file mode 100644
index 000000000..06f9c5e82
--- /dev/null
+++ b/msys2/usr/ssl/openssl.cnf.dist
@@ -0,0 +1,350 @@
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# Note that you can include other files from the main configuration
+# file using the .include directive.
+#.include filename
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME			= .
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file		= $ENV::HOME/.oid
+oid_section		= new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions		=
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+####################################################################
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir		= /usr/ssl		# Where everything is kept
+certs		= $dir/certs		# Where the issued certs are kept
+crl_dir		= $dir/crl		# Where the issued crl are kept
+database	= $dir/index.txt	# database index file.
+#unique_subject	= no			# Set to 'no' to allow creation of
+					# several certs with same subject.
+new_certs_dir	= $dir/newcerts		# default place for new certs.
+
+certificate	= $dir/cacert.pem 	# The CA certificate
+serial		= $dir/serial 		# The current serial number
+crlnumber	= $dir/crlnumber	# the current crl number
+					# must be commented out to leave a V1 CRL
+crl		= $dir/crl.pem 		# The current CRL
+private_key	= $dir/private/cakey.pem# The private key
+
+x509_extensions	= usr_cert		# The extensions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt 	= ca_default		# Subject Name options
+cert_opt 	= ca_default		# Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions	= crl_ext
+
+default_days	= 365			# how long to certify for
+default_crl_days= 30			# how long before next CRL
+default_md	= default		# use public key default MD
+preserve	= no			# keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy		= policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName		= match
+stateOrProvinceName	= match
+organizationName	= match
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName		= optional
+stateOrProvinceName	= optional
+localityName		= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+####################################################################
+[ req ]
+default_bits		= 2048
+default_keyfile 	= privkey.pem
+distinguished_name	= req_distinguished_name
+attributes		= req_attributes
+x509_extensions	= v3_ca	# The extensions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_min			= 2
+countryName_max			= 2
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= Some-State
+
+localityName			= Locality Name (eg, city)
+
+0.organizationName		= Organization Name (eg, company)
+0.organizationName_default	= Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName		= Second Organization Name (eg, company)
+#1.organizationName_default	= World Wide Web Pty Ltd
+
+organizationalUnitName		= Organizational Unit Name (eg, section)
+#organizationalUnitName_default	=
+
+commonName			= Common Name (e.g. server FQDN or YOUR name)
+commonName_max			= 64
+
+emailAddress			= Email Address
+emailAddress_max		= 64
+
+# SET-ex3			= SET extension number 3
+
+[ req_attributes ]
+challengePassword		= A challenge password
+challengePassword_min		= 4
+challengePassword_max		= 20
+
+unstructuredName		= An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType			= server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment			= "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+basicConstraints = critical,CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType			= server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment			= "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1	# the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir		= ./demoCA		# TSA root directory
+serial		= $dir/tsaserial	# The current serial number (mandatory)
+crypto_device	= builtin		# OpenSSL engine to use for signing
+signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir/cacert.pem	# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
+signer_digest  = sha256			# Signing digest to use. (Optional)
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests     = sha1, sha256, sha384, sha512  # Acceptable message digests (mandatory)
+accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
+clock_precision_digits  = 0	# number of digits after dot. (optional)
+ordering		= yes	# Is ordering defined for timestamps?
+				# (optional, default: no)
+tsa_name		= yes	# Must the TSA name be included in the reply?
+				# (optional, default: no)
+ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
+				# (optional, default: no)
+ess_cert_id_alg		= sha1	# algorithm to compute certificate
+				# identifier (optional, default: sha1)
diff --git a/msys2/var/lib/pacman/local/bash-4.4.019-3/desc b/msys2/var/lib/pacman/local/bash-4.4.019-3/desc
deleted file mode 100644
index 8bc473ef2..000000000
--- a/msys2/var/lib/pacman/local/bash-4.4.019-3/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-bash
-
-%VERSION%
-4.4.019-3
-
-%BASE%
-bash
-
-%DESC%
-The GNU Bourne Again shell
-
-%URL%
-https://www.gnu.org/software/bash/bash.html
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1527748815
-
-%INSTALLDATE%
-1527758842
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-10522624
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-runtime
-
-%PROVIDES%
-sh
-
diff --git a/msys2/var/lib/pacman/local/bash-4.4.019-3/files b/msys2/var/lib/pacman/local/bash-4.4.019-3/files
deleted file mode 100644
index 33d6ec52e..000000000
--- a/msys2/var/lib/pacman/local/bash-4.4.019-3/files
+++ /dev/null
@@ -1,205 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/bash.exe
-usr/bin/bashbug
-usr/bin/sh.exe
-usr/share/
-usr/share/doc/
-usr/share/doc/bash/
-usr/share/doc/bash/CHANGES
-usr/share/doc/bash/COMPAT
-usr/share/doc/bash/FAQ
-usr/share/doc/bash/INTRO
-usr/share/doc/bash/NEWS
-usr/share/doc/bash/POSIX
-usr/share/doc/bash/RBASH
-usr/share/doc/bash/README
-usr/share/doc/bash/bash.html
-usr/share/doc/bash/bashref.html
-usr/share/info/
-usr/share/info/bash.info.gz
-usr/share/locale/
-usr/share/locale/af/
-usr/share/locale/af/LC_MESSAGES/
-usr/share/locale/af/LC_MESSAGES/bash.mo
-usr/share/locale/bg/
-usr/share/locale/bg/LC_MESSAGES/
-usr/share/locale/bg/LC_MESSAGES/bash.mo
-usr/share/locale/ca/
-usr/share/locale/ca/LC_MESSAGES/
-usr/share/locale/ca/LC_MESSAGES/bash.mo
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/bash.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/bash.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/bash.mo
-usr/share/locale/el/
-usr/share/locale/el/LC_MESSAGES/
-usr/share/locale/el/LC_MESSAGES/bash.mo
-usr/share/locale/en@boldquot/
-usr/share/locale/en@boldquot/LC_MESSAGES/
-usr/share/locale/en@boldquot/LC_MESSAGES/bash.mo
-usr/share/locale/en@quot/
-usr/share/locale/en@quot/LC_MESSAGES/
-usr/share/locale/en@quot/LC_MESSAGES/bash.mo
-usr/share/locale/eo/
-usr/share/locale/eo/LC_MESSAGES/
-usr/share/locale/eo/LC_MESSAGES/bash.mo
-usr/share/locale/es/
-usr/share/locale/es/LC_MESSAGES/
-usr/share/locale/es/LC_MESSAGES/bash.mo
-usr/share/locale/et/
-usr/share/locale/et/LC_MESSAGES/
-usr/share/locale/et/LC_MESSAGES/bash.mo
-usr/share/locale/fi/
-usr/share/locale/fi/LC_MESSAGES/
-usr/share/locale/fi/LC_MESSAGES/bash.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/bash.mo
-usr/share/locale/ga/
-usr/share/locale/ga/LC_MESSAGES/
-usr/share/locale/ga/LC_MESSAGES/bash.mo
-usr/share/locale/gl/
-usr/share/locale/gl/LC_MESSAGES/
-usr/share/locale/gl/LC_MESSAGES/bash.mo
-usr/share/locale/hr/
-usr/share/locale/hr/LC_MESSAGES/
-usr/share/locale/hr/LC_MESSAGES/bash.mo
-usr/share/locale/hu/
-usr/share/locale/hu/LC_MESSAGES/
-usr/share/locale/hu/LC_MESSAGES/bash.mo
-usr/share/locale/id/
-usr/share/locale/id/LC_MESSAGES/
-usr/share/locale/id/LC_MESSAGES/bash.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/bash.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/bash.mo
-usr/share/locale/lt/
-usr/share/locale/lt/LC_MESSAGES/
-usr/share/locale/lt/LC_MESSAGES/bash.mo
-usr/share/locale/nb/
-usr/share/locale/nb/LC_MESSAGES/
-usr/share/locale/nb/LC_MESSAGES/bash.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/bash.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/bash.mo
-usr/share/locale/pt_BR/
-usr/share/locale/pt_BR/LC_MESSAGES/
-usr/share/locale/pt_BR/LC_MESSAGES/bash.mo
-usr/share/locale/ro/
-usr/share/locale/ro/LC_MESSAGES/
-usr/share/locale/ro/LC_MESSAGES/bash.mo
-usr/share/locale/ru/
-usr/share/locale/ru/LC_MESSAGES/
-usr/share/locale/ru/LC_MESSAGES/bash.mo
-usr/share/locale/sk/
-usr/share/locale/sk/LC_MESSAGES/
-usr/share/locale/sk/LC_MESSAGES/bash.mo
-usr/share/locale/sl/
-usr/share/locale/sl/LC_MESSAGES/
-usr/share/locale/sl/LC_MESSAGES/bash.mo
-usr/share/locale/sr/
-usr/share/locale/sr/LC_MESSAGES/
-usr/share/locale/sr/LC_MESSAGES/bash.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/bash.mo
-usr/share/locale/tr/
-usr/share/locale/tr/LC_MESSAGES/
-usr/share/locale/tr/LC_MESSAGES/bash.mo
-usr/share/locale/uk/
-usr/share/locale/uk/LC_MESSAGES/
-usr/share/locale/uk/LC_MESSAGES/bash.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/bash.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/bash.mo
-usr/share/locale/zh_TW/
-usr/share/locale/zh_TW/LC_MESSAGES/
-usr/share/locale/zh_TW/LC_MESSAGES/bash.mo
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/[.1.gz
-usr/share/man/man1/alias.1.gz
-usr/share/man/man1/bash.1.gz
-usr/share/man/man1/bash_builtins.1.gz
-usr/share/man/man1/bashbug.1.gz
-usr/share/man/man1/bg.1.gz
-usr/share/man/man1/bind.1.gz
-usr/share/man/man1/break.1.gz
-usr/share/man/man1/builtin.1.gz
-usr/share/man/man1/caller.1.gz
-usr/share/man/man1/case.1.gz
-usr/share/man/man1/cd.1.gz
-usr/share/man/man1/command.1.gz
-usr/share/man/man1/compgen.1.gz
-usr/share/man/man1/complete.1.gz
-usr/share/man/man1/continue.1.gz
-usr/share/man/man1/declare.1.gz
-usr/share/man/man1/dirs.1.gz
-usr/share/man/man1/disown.1.gz
-usr/share/man/man1/do.1.gz
-usr/share/man/man1/done.1.gz
-usr/share/man/man1/elif.1.gz
-usr/share/man/man1/else.1.gz
-usr/share/man/man1/enable.1.gz
-usr/share/man/man1/esac.1.gz
-usr/share/man/man1/eval.1.gz
-usr/share/man/man1/exec.1.gz
-usr/share/man/man1/exit.1.gz
-usr/share/man/man1/export.1.gz
-usr/share/man/man1/fc.1.gz
-usr/share/man/man1/fg.1.gz
-usr/share/man/man1/fi.1.gz
-usr/share/man/man1/for.1.gz
-usr/share/man/man1/function.1.gz
-usr/share/man/man1/getopts.1.gz
-usr/share/man/man1/hash.1.gz
-usr/share/man/man1/help.1.gz
-usr/share/man/man1/history.1.gz
-usr/share/man/man1/if.1.gz
-usr/share/man/man1/in.1.gz
-usr/share/man/man1/jobs.1.gz
-usr/share/man/man1/let.1.gz
-usr/share/man/man1/local.1.gz
-usr/share/man/man1/logout.1.gz
-usr/share/man/man1/popd.1.gz
-usr/share/man/man1/pushd.1.gz
-usr/share/man/man1/read.1.gz
-usr/share/man/man1/readonly.1.gz
-usr/share/man/man1/return.1.gz
-usr/share/man/man1/select.1.gz
-usr/share/man/man1/set.1.gz
-usr/share/man/man1/sh.1.gz
-usr/share/man/man1/shift.1.gz
-usr/share/man/man1/shopt.1.gz
-usr/share/man/man1/source.1.gz
-usr/share/man/man1/suspend.1.gz
-usr/share/man/man1/then.1.gz
-usr/share/man/man1/time.1.gz
-usr/share/man/man1/times.1.gz
-usr/share/man/man1/trap.1.gz
-usr/share/man/man1/type.1.gz
-usr/share/man/man1/typeset.1.gz
-usr/share/man/man1/ulimit.1.gz
-usr/share/man/man1/umask.1.gz
-usr/share/man/man1/unalias.1.gz
-usr/share/man/man1/unset.1.gz
-usr/share/man/man1/until.1.gz
-usr/share/man/man1/wait.1.gz
-usr/share/man/man1/while.1.gz
-
diff --git a/msys2/var/lib/pacman/local/bash-4.4.019-3/mtree b/msys2/var/lib/pacman/local/bash-4.4.019-3/mtree
deleted file mode 100644
index e22167873..000000000
Binary files a/msys2/var/lib/pacman/local/bash-4.4.019-3/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/bash-4.4.023-1/desc b/msys2/var/lib/pacman/local/bash-4.4.023-1/desc
new file mode 100644
index 000000000..cccac2b96
--- /dev/null
+++ b/msys2/var/lib/pacman/local/bash-4.4.023-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+bash
+
+%VERSION%
+4.4.023-1
+
+%BASE%
+bash
+
+%DESC%
+The GNU Bourne Again shell
+
+%URL%
+https://www.gnu.org/software/bash/bash.html
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1540874638
+
+%INSTALLDATE%
+1558699045
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+10240000
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+
+%PROVIDES%
+sh
+
diff --git a/msys2/var/lib/pacman/local/bash-4.4.023-1/files b/msys2/var/lib/pacman/local/bash-4.4.023-1/files
new file mode 100644
index 000000000..805d9c860
--- /dev/null
+++ b/msys2/var/lib/pacman/local/bash-4.4.023-1/files
@@ -0,0 +1,205 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/bash.exe
+usr/bin/bashbug
+usr/bin/sh.exe
+usr/share/
+usr/share/doc/
+usr/share/doc/bash/
+usr/share/doc/bash/bash.html
+usr/share/doc/bash/bashref.html
+usr/share/doc/bash/CHANGES
+usr/share/doc/bash/COMPAT
+usr/share/doc/bash/FAQ
+usr/share/doc/bash/INTRO
+usr/share/doc/bash/NEWS
+usr/share/doc/bash/POSIX
+usr/share/doc/bash/RBASH
+usr/share/doc/bash/README
+usr/share/info/
+usr/share/info/bash.info.gz
+usr/share/locale/
+usr/share/locale/af/
+usr/share/locale/af/LC_MESSAGES/
+usr/share/locale/af/LC_MESSAGES/bash.mo
+usr/share/locale/bg/
+usr/share/locale/bg/LC_MESSAGES/
+usr/share/locale/bg/LC_MESSAGES/bash.mo
+usr/share/locale/ca/
+usr/share/locale/ca/LC_MESSAGES/
+usr/share/locale/ca/LC_MESSAGES/bash.mo
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/bash.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/bash.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/bash.mo
+usr/share/locale/el/
+usr/share/locale/el/LC_MESSAGES/
+usr/share/locale/el/LC_MESSAGES/bash.mo
+usr/share/locale/en@boldquot/
+usr/share/locale/en@boldquot/LC_MESSAGES/
+usr/share/locale/en@boldquot/LC_MESSAGES/bash.mo
+usr/share/locale/en@quot/
+usr/share/locale/en@quot/LC_MESSAGES/
+usr/share/locale/en@quot/LC_MESSAGES/bash.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/bash.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/bash.mo
+usr/share/locale/et/
+usr/share/locale/et/LC_MESSAGES/
+usr/share/locale/et/LC_MESSAGES/bash.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/bash.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/bash.mo
+usr/share/locale/ga/
+usr/share/locale/ga/LC_MESSAGES/
+usr/share/locale/ga/LC_MESSAGES/bash.mo
+usr/share/locale/gl/
+usr/share/locale/gl/LC_MESSAGES/
+usr/share/locale/gl/LC_MESSAGES/bash.mo
+usr/share/locale/hr/
+usr/share/locale/hr/LC_MESSAGES/
+usr/share/locale/hr/LC_MESSAGES/bash.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/bash.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/bash.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/bash.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/bash.mo
+usr/share/locale/lt/
+usr/share/locale/lt/LC_MESSAGES/
+usr/share/locale/lt/LC_MESSAGES/bash.mo
+usr/share/locale/nb/
+usr/share/locale/nb/LC_MESSAGES/
+usr/share/locale/nb/LC_MESSAGES/bash.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/bash.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/bash.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/bash.mo
+usr/share/locale/ro/
+usr/share/locale/ro/LC_MESSAGES/
+usr/share/locale/ro/LC_MESSAGES/bash.mo
+usr/share/locale/ru/
+usr/share/locale/ru/LC_MESSAGES/
+usr/share/locale/ru/LC_MESSAGES/bash.mo
+usr/share/locale/sk/
+usr/share/locale/sk/LC_MESSAGES/
+usr/share/locale/sk/LC_MESSAGES/bash.mo
+usr/share/locale/sl/
+usr/share/locale/sl/LC_MESSAGES/
+usr/share/locale/sl/LC_MESSAGES/bash.mo
+usr/share/locale/sr/
+usr/share/locale/sr/LC_MESSAGES/
+usr/share/locale/sr/LC_MESSAGES/bash.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/bash.mo
+usr/share/locale/tr/
+usr/share/locale/tr/LC_MESSAGES/
+usr/share/locale/tr/LC_MESSAGES/bash.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/bash.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/bash.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/bash.mo
+usr/share/locale/zh_TW/
+usr/share/locale/zh_TW/LC_MESSAGES/
+usr/share/locale/zh_TW/LC_MESSAGES/bash.mo
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/[.1.gz
+usr/share/man/man1/alias.1.gz
+usr/share/man/man1/bash.1.gz
+usr/share/man/man1/bash_builtins.1.gz
+usr/share/man/man1/bashbug.1.gz
+usr/share/man/man1/bg.1.gz
+usr/share/man/man1/bind.1.gz
+usr/share/man/man1/break.1.gz
+usr/share/man/man1/builtin.1.gz
+usr/share/man/man1/caller.1.gz
+usr/share/man/man1/case.1.gz
+usr/share/man/man1/cd.1.gz
+usr/share/man/man1/command.1.gz
+usr/share/man/man1/compgen.1.gz
+usr/share/man/man1/complete.1.gz
+usr/share/man/man1/continue.1.gz
+usr/share/man/man1/declare.1.gz
+usr/share/man/man1/dirs.1.gz
+usr/share/man/man1/disown.1.gz
+usr/share/man/man1/do.1.gz
+usr/share/man/man1/done.1.gz
+usr/share/man/man1/elif.1.gz
+usr/share/man/man1/else.1.gz
+usr/share/man/man1/enable.1.gz
+usr/share/man/man1/esac.1.gz
+usr/share/man/man1/eval.1.gz
+usr/share/man/man1/exec.1.gz
+usr/share/man/man1/exit.1.gz
+usr/share/man/man1/export.1.gz
+usr/share/man/man1/fc.1.gz
+usr/share/man/man1/fg.1.gz
+usr/share/man/man1/fi.1.gz
+usr/share/man/man1/for.1.gz
+usr/share/man/man1/function.1.gz
+usr/share/man/man1/getopts.1.gz
+usr/share/man/man1/hash.1.gz
+usr/share/man/man1/help.1.gz
+usr/share/man/man1/history.1.gz
+usr/share/man/man1/if.1.gz
+usr/share/man/man1/in.1.gz
+usr/share/man/man1/jobs.1.gz
+usr/share/man/man1/let.1.gz
+usr/share/man/man1/local.1.gz
+usr/share/man/man1/logout.1.gz
+usr/share/man/man1/popd.1.gz
+usr/share/man/man1/pushd.1.gz
+usr/share/man/man1/read.1.gz
+usr/share/man/man1/readonly.1.gz
+usr/share/man/man1/return.1.gz
+usr/share/man/man1/select.1.gz
+usr/share/man/man1/set.1.gz
+usr/share/man/man1/sh.1.gz
+usr/share/man/man1/shift.1.gz
+usr/share/man/man1/shopt.1.gz
+usr/share/man/man1/source.1.gz
+usr/share/man/man1/suspend.1.gz
+usr/share/man/man1/then.1.gz
+usr/share/man/man1/time.1.gz
+usr/share/man/man1/times.1.gz
+usr/share/man/man1/trap.1.gz
+usr/share/man/man1/type.1.gz
+usr/share/man/man1/typeset.1.gz
+usr/share/man/man1/ulimit.1.gz
+usr/share/man/man1/umask.1.gz
+usr/share/man/man1/unalias.1.gz
+usr/share/man/man1/unset.1.gz
+usr/share/man/man1/until.1.gz
+usr/share/man/man1/wait.1.gz
+usr/share/man/man1/while.1.gz
+
diff --git a/msys2/var/lib/pacman/local/bash-4.4.023-1/mtree b/msys2/var/lib/pacman/local/bash-4.4.023-1/mtree
new file mode 100644
index 000000000..892a47176
Binary files /dev/null and b/msys2/var/lib/pacman/local/bash-4.4.023-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/bash-completion-2.8-1/desc b/msys2/var/lib/pacman/local/bash-completion-2.8-1/desc
deleted file mode 100644
index 94ed503b8..000000000
--- a/msys2/var/lib/pacman/local/bash-completion-2.8-1/desc
+++ /dev/null
@@ -1,39 +0,0 @@
-%NAME%
-bash-completion
-
-%VERSION%
-2.8-1
-
-%DESC%
-Programmable completion for the bash shell
-
-%URL%
-https://bash-completion.alioth.debian.org/
-
-%ARCH%
-any
-
-%BUILDDATE%
-1526292794
-
-%INSTALLDATE%
-1527758843
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-2244608
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-bash
-
diff --git a/msys2/var/lib/pacman/local/bash-completion-2.8-1/mtree b/msys2/var/lib/pacman/local/bash-completion-2.8-1/mtree
deleted file mode 100644
index 7f36b6cb2..000000000
Binary files a/msys2/var/lib/pacman/local/bash-completion-2.8-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/bash-completion-2.8-2/desc b/msys2/var/lib/pacman/local/bash-completion-2.8-2/desc
new file mode 100644
index 000000000..fc41a7959
--- /dev/null
+++ b/msys2/var/lib/pacman/local/bash-completion-2.8-2/desc
@@ -0,0 +1,39 @@
+%NAME%
+bash-completion
+
+%VERSION%
+2.8-2
+
+%DESC%
+Programmable completion for the bash shell
+
+%URL%
+https://bash-completion.alioth.debian.org/
+
+%ARCH%
+any
+
+%BUILDDATE%
+1528362166
+
+%INSTALLDATE%
+1558699046
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+2244608
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+bash
+
diff --git a/msys2/var/lib/pacman/local/bash-completion-2.8-1/files b/msys2/var/lib/pacman/local/bash-completion-2.8-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/bash-completion-2.8-1/files
rename to msys2/var/lib/pacman/local/bash-completion-2.8-2/files
diff --git a/msys2/var/lib/pacman/local/bash-completion-2.8-2/mtree b/msys2/var/lib/pacman/local/bash-completion-2.8-2/mtree
new file mode 100644
index 000000000..e76970057
Binary files /dev/null and b/msys2/var/lib/pacman/local/bash-completion-2.8-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/brotli-1.0.7-1/desc b/msys2/var/lib/pacman/local/brotli-1.0.7-1/desc
new file mode 100644
index 000000000..d90162105
--- /dev/null
+++ b/msys2/var/lib/pacman/local/brotli-1.0.7-1/desc
@@ -0,0 +1,43 @@
+%NAME%
+brotli
+
+%VERSION%
+1.0.7-1
+
+%BASE%
+brotli
+
+%DESC%
+Brotli compression library
+
+%URL%
+https://github.com/google/brotli
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1540887632
+
+%INSTALLDATE%
+1558699093
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1504256
+
+%REASON%
+1
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/brotli-1.0.7-1/files b/msys2/var/lib/pacman/local/brotli-1.0.7-1/files
new file mode 100644
index 000000000..dbfae157a
--- /dev/null
+++ b/msys2/var/lib/pacman/local/brotli-1.0.7-1/files
@@ -0,0 +1,12 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/brotli.exe
+usr/bin/msys-brotlicommon-1.dll
+usr/bin/msys-brotlidec-1.dll
+usr/bin/msys-brotlienc-1.dll
+usr/share/
+usr/share/licenses/
+usr/share/licenses/brotli/
+usr/share/licenses/brotli/LICENSE
+
diff --git a/msys2/var/lib/pacman/local/brotli-1.0.7-1/mtree b/msys2/var/lib/pacman/local/brotli-1.0.7-1/mtree
new file mode 100644
index 000000000..6e8d9f924
Binary files /dev/null and b/msys2/var/lib/pacman/local/brotli-1.0.7-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/bsdcpio-3.3.2-1/desc b/msys2/var/lib/pacman/local/bsdcpio-3.3.2-1/desc
deleted file mode 100644
index 9d543b98f..000000000
--- a/msys2/var/lib/pacman/local/bsdcpio-3.3.2-1/desc
+++ /dev/null
@@ -1,49 +0,0 @@
-%NAME%
-bsdcpio
-
-%VERSION%
-3.3.2-1
-
-%BASE%
-libarchive
-
-%DESC%
-library that can create and read several streaming archive formats
-
-%URL%
-http://libarchive.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1504762149
-
-%INSTALLDATE%
-1527758860
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-2915328
-
-%GROUPS%
-base
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-libbz2
-libiconv
-liblzma
-liblzo2
-libnettle
-libxml2
-zlib
-
diff --git a/msys2/var/lib/pacman/local/bsdcpio-3.3.2-1/mtree b/msys2/var/lib/pacman/local/bsdcpio-3.3.2-1/mtree
deleted file mode 100644
index 4179e06df..000000000
Binary files a/msys2/var/lib/pacman/local/bsdcpio-3.3.2-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/bsdcpio-3.3.3-3/desc b/msys2/var/lib/pacman/local/bsdcpio-3.3.3-3/desc
new file mode 100644
index 000000000..25ba2cdb9
--- /dev/null
+++ b/msys2/var/lib/pacman/local/bsdcpio-3.3.3-3/desc
@@ -0,0 +1,51 @@
+%NAME%
+bsdcpio
+
+%VERSION%
+3.3.3-3
+
+%BASE%
+libarchive
+
+%DESC%
+library that can create and read several streaming archive formats
+
+%URL%
+https://libarchive.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1536498684
+
+%INSTALLDATE%
+1558699069
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+2969600
+
+%GROUPS%
+base
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libbz2
+libiconv
+libexpat
+liblzma
+liblz4
+liblzo2
+libnettle
+libxml2
+zlib
+
diff --git a/msys2/var/lib/pacman/local/bsdcpio-3.3.2-1/files b/msys2/var/lib/pacman/local/bsdcpio-3.3.3-3/files
similarity index 100%
rename from msys2/var/lib/pacman/local/bsdcpio-3.3.2-1/files
rename to msys2/var/lib/pacman/local/bsdcpio-3.3.3-3/files
diff --git a/msys2/var/lib/pacman/local/bsdcpio-3.3.3-3/mtree b/msys2/var/lib/pacman/local/bsdcpio-3.3.3-3/mtree
new file mode 100644
index 000000000..190c03838
Binary files /dev/null and b/msys2/var/lib/pacman/local/bsdcpio-3.3.3-3/mtree differ
diff --git a/msys2/var/lib/pacman/local/bsdtar-3.3.2-1/desc b/msys2/var/lib/pacman/local/bsdtar-3.3.2-1/desc
deleted file mode 100644
index 559c11638..000000000
--- a/msys2/var/lib/pacman/local/bsdtar-3.3.2-1/desc
+++ /dev/null
@@ -1,49 +0,0 @@
-%NAME%
-bsdtar
-
-%VERSION%
-3.3.2-1
-
-%BASE%
-libarchive
-
-%DESC%
-library that can create and read several streaming archive formats
-
-%URL%
-http://libarchive.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1504762156
-
-%INSTALLDATE%
-1527758860
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-3087360
-
-%GROUPS%
-base
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-libbz2
-libiconv
-liblzma
-liblzo2
-libnettle
-libxml2
-zlib
-
diff --git a/msys2/var/lib/pacman/local/bsdtar-3.3.2-1/mtree b/msys2/var/lib/pacman/local/bsdtar-3.3.2-1/mtree
deleted file mode 100644
index 64515da3a..000000000
Binary files a/msys2/var/lib/pacman/local/bsdtar-3.3.2-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/bsdtar-3.3.3-3/desc b/msys2/var/lib/pacman/local/bsdtar-3.3.3-3/desc
new file mode 100644
index 000000000..996ec2ffe
--- /dev/null
+++ b/msys2/var/lib/pacman/local/bsdtar-3.3.3-3/desc
@@ -0,0 +1,51 @@
+%NAME%
+bsdtar
+
+%VERSION%
+3.3.3-3
+
+%BASE%
+libarchive
+
+%DESC%
+library that can create and read several streaming archive formats
+
+%URL%
+https://libarchive.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1536498684
+
+%INSTALLDATE%
+1558699069
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+3141632
+
+%GROUPS%
+base
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libbz2
+libiconv
+libexpat
+liblzma
+liblz4
+liblzo2
+libnettle
+libxml2
+zlib
+
diff --git a/msys2/var/lib/pacman/local/bsdtar-3.3.2-1/files b/msys2/var/lib/pacman/local/bsdtar-3.3.3-3/files
similarity index 100%
rename from msys2/var/lib/pacman/local/bsdtar-3.3.2-1/files
rename to msys2/var/lib/pacman/local/bsdtar-3.3.3-3/files
diff --git a/msys2/var/lib/pacman/local/bsdtar-3.3.3-3/mtree b/msys2/var/lib/pacman/local/bsdtar-3.3.3-3/mtree
new file mode 100644
index 000000000..909dbb1ed
Binary files /dev/null and b/msys2/var/lib/pacman/local/bsdtar-3.3.3-3/mtree differ
diff --git a/msys2/var/lib/pacman/local/bzip2-1.0.6-2/desc b/msys2/var/lib/pacman/local/bzip2-1.0.6-2/desc
index 46098d873..3bca04ed9 100644
--- a/msys2/var/lib/pacman/local/bzip2-1.0.6-2/desc
+++ b/msys2/var/lib/pacman/local/bzip2-1.0.6-2/desc
@@ -20,7 +20,7 @@ i686
 1415100886
 
 %INSTALLDATE%
-1527758860
+1558699069
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/ca-certificates-20170717-2/desc b/msys2/var/lib/pacman/local/ca-certificates-20170717-2/desc
deleted file mode 100644
index 9883d3a38..000000000
--- a/msys2/var/lib/pacman/local/ca-certificates-20170717-2/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-ca-certificates
-
-%VERSION%
-20170717-2
-
-%DESC%
-Common CA certificates
-
-%URL%
-https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/
-
-%ARCH%
-any
-
-%BUILDDATE%
-1505205695
-
-%INSTALLDATE%
-1527758868
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1232896
-
-%REASON%
-1
-
-%LICENSE%
-MPL
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-bash
-openssl
-findutils
-coreutils
-sed
-p11-kit
-
diff --git a/msys2/var/lib/pacman/local/ca-certificates-20170717-2/install b/msys2/var/lib/pacman/local/ca-certificates-20170717-2/install
deleted file mode 100644
index 77f018a35..000000000
--- a/msys2/var/lib/pacman/local/ca-certificates-20170717-2/install
+++ /dev/null
@@ -1,25 +0,0 @@
-export LC_ALL=C
-
-post_install() {
-  DEST=etc/pki/ca-trust/extracted
-
-  # OpenSSL PEM bundle that includes trust flags
-  # (BEGIN TRUSTED CERTIFICATE)
-  usr/bin/p11-kit extract --format=openssl-bundle --filter=certificates --overwrite $DEST/openssl/ca-bundle.trust.crt
-  usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --purpose server-auth $DEST/pem/tls-ca-bundle.pem
-  usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --purpose email $DEST/pem/email-ca-bundle.pem
-  usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --purpose code-signing $DEST/pem/objsign-ca-bundle.pem
-  usr/bin/p11-kit extract --format=java-cacerts --filter=ca-anchors --overwrite --purpose server-auth $DEST/java/cacerts
-
-  mkdir -p usr/ssl/certs
-  cp -f $DEST/pem/tls-ca-bundle.pem usr/ssl/certs/ca-bundle.crt
-  cp -f $DEST/pem/tls-ca-bundle.pem usr/ssl/cert.pem
-  cp -f $DEST/openssl/ca-bundle.trust.crt usr/ssl/certs/ca-bundle.trust.crt
-
-  #usr/bin/update-ca-trust >/dev/null 2>&1
-}
-
-post_upgrade() {
-  post_install
-}
-
diff --git a/msys2/var/lib/pacman/local/ca-certificates-20170717-2/mtree b/msys2/var/lib/pacman/local/ca-certificates-20170717-2/mtree
deleted file mode 100644
index 5e085f022..000000000
Binary files a/msys2/var/lib/pacman/local/ca-certificates-20170717-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/ca-certificates-20180409-1/desc b/msys2/var/lib/pacman/local/ca-certificates-20180409-1/desc
new file mode 100644
index 000000000..ae754a507
--- /dev/null
+++ b/msys2/var/lib/pacman/local/ca-certificates-20180409-1/desc
@@ -0,0 +1,48 @@
+%NAME%
+ca-certificates
+
+%VERSION%
+20180409-1
+
+%BASE%
+ca-certificates
+
+%DESC%
+Common CA certificates
+
+%URL%
+https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/
+
+%ARCH%
+any
+
+%BUILDDATE%
+1541048385
+
+%INSTALLDATE%
+1558699090
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+964608
+
+%REASON%
+1
+
+%LICENSE%
+MPL
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+bash
+openssl
+findutils
+coreutils
+sed
+p11-kit
+
diff --git a/msys2/var/lib/pacman/local/ca-certificates-20170717-2/files b/msys2/var/lib/pacman/local/ca-certificates-20180409-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/ca-certificates-20170717-2/files
rename to msys2/var/lib/pacman/local/ca-certificates-20180409-1/files
diff --git a/msys2/var/lib/pacman/local/ca-certificates-20180409-1/install b/msys2/var/lib/pacman/local/ca-certificates-20180409-1/install
new file mode 100644
index 000000000..1c9e5a353
--- /dev/null
+++ b/msys2/var/lib/pacman/local/ca-certificates-20180409-1/install
@@ -0,0 +1,25 @@
+export LC_ALL=C
+
+post_install() {
+  local DEST=etc/pki/ca-trust/extracted
+
+  # OpenSSL PEM bundle that includes trust flags
+  # (BEGIN TRUSTED CERTIFICATE)
+  usr/bin/p11-kit extract --format=openssl-bundle --filter=certificates --overwrite --comment $DEST/openssl/ca-bundle.trust.crt
+  usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --comment --purpose server-auth $DEST/pem/tls-ca-bundle.pem
+  usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --comment --purpose email $DEST/pem/email-ca-bundle.pem
+  usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --comment --purpose code-signing $DEST/pem/objsign-ca-bundle.pem
+  usr/bin/p11-kit extract --format=java-cacerts --filter=ca-anchors --overwrite --purpose server-auth $DEST/java/cacerts
+
+  mkdir -p usr/ssl/certs
+  cp -f $DEST/pem/tls-ca-bundle.pem usr/ssl/certs/ca-bundle.crt
+  cp -f $DEST/pem/tls-ca-bundle.pem usr/ssl/cert.pem
+  cp -f $DEST/openssl/ca-bundle.trust.crt usr/ssl/certs/ca-bundle.trust.crt
+
+  #usr/bin/update-ca-trust >/dev/null 2>&1
+}
+
+post_upgrade() {
+  post_install
+}
+
diff --git a/msys2/var/lib/pacman/local/ca-certificates-20180409-1/mtree b/msys2/var/lib/pacman/local/ca-certificates-20180409-1/mtree
new file mode 100644
index 000000000..19b7c0bd8
Binary files /dev/null and b/msys2/var/lib/pacman/local/ca-certificates-20180409-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/coreutils-8.26-3/desc b/msys2/var/lib/pacman/local/coreutils-8.26-3/desc
deleted file mode 100644
index b5523c7c0..000000000
--- a/msys2/var/lib/pacman/local/coreutils-8.26-3/desc
+++ /dev/null
@@ -1,41 +0,0 @@
-%NAME%
-coreutils
-
-%VERSION%
-8.26-3
-
-%DESC%
-The basic file, shell and text manipulation utilities of the GNU operating system
-
-%URL%
-https://www.gnu.org/software/coreutils
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1527755098
-
-%INSTALLDATE%
-1527758844
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-24313856
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gmp
-libiconv
-libintl
-
diff --git a/msys2/var/lib/pacman/local/coreutils-8.26-3/files b/msys2/var/lib/pacman/local/coreutils-8.26-3/files
deleted file mode 100644
index bd2ba38ed..000000000
--- a/msys2/var/lib/pacman/local/coreutils-8.26-3/files
+++ /dev/null
@@ -1,441 +0,0 @@
-%FILES%
-etc/
-etc/DIR_COLORS
-usr/
-usr/bin/
-usr/bin/[.exe
-usr/bin/arch.exe
-usr/bin/b2sum.exe
-usr/bin/base32.exe
-usr/bin/base64.exe
-usr/bin/basename.exe
-usr/bin/cat.exe
-usr/bin/chcon.exe
-usr/bin/chgrp.exe
-usr/bin/chmod.exe
-usr/bin/chown.exe
-usr/bin/chroot.exe
-usr/bin/cksum.exe
-usr/bin/comm.exe
-usr/bin/cp.exe
-usr/bin/csplit.exe
-usr/bin/cut.exe
-usr/bin/date.exe
-usr/bin/dd.exe
-usr/bin/df.exe
-usr/bin/dir.exe
-usr/bin/dircolors.exe
-usr/bin/dirname.exe
-usr/bin/du.exe
-usr/bin/echo.exe
-usr/bin/env.exe
-usr/bin/expand.exe
-usr/bin/expr.exe
-usr/bin/factor.exe
-usr/bin/false.exe
-usr/bin/fmt.exe
-usr/bin/fold.exe
-usr/bin/gkill.exe
-usr/bin/groups.exe
-usr/bin/head.exe
-usr/bin/hostid.exe
-usr/bin/hostname.exe
-usr/bin/id.exe
-usr/bin/install.exe
-usr/bin/join.exe
-usr/bin/link.exe
-usr/bin/ln.exe
-usr/bin/logname.exe
-usr/bin/ls.exe
-usr/bin/md5sum.exe
-usr/bin/mkdir.exe
-usr/bin/mkfifo.exe
-usr/bin/mknod.exe
-usr/bin/mktemp.exe
-usr/bin/mv.exe
-usr/bin/nice.exe
-usr/bin/nl.exe
-usr/bin/nohup.exe
-usr/bin/nproc.exe
-usr/bin/numfmt.exe
-usr/bin/od.exe
-usr/bin/paste.exe
-usr/bin/pathchk.exe
-usr/bin/pinky.exe
-usr/bin/pr.exe
-usr/bin/printenv.exe
-usr/bin/printf.exe
-usr/bin/ptx.exe
-usr/bin/pwd.exe
-usr/bin/readlink.exe
-usr/bin/realpath.exe
-usr/bin/rm.exe
-usr/bin/rmdir.exe
-usr/bin/runcon.exe
-usr/bin/seq.exe
-usr/bin/sha1sum.exe
-usr/bin/sha224sum.exe
-usr/bin/sha256sum.exe
-usr/bin/sha384sum.exe
-usr/bin/sha512sum.exe
-usr/bin/shred.exe
-usr/bin/shuf.exe
-usr/bin/sleep.exe
-usr/bin/sort.exe
-usr/bin/split.exe
-usr/bin/stat.exe
-usr/bin/stdbuf.exe
-usr/bin/stty.exe
-usr/bin/sum.exe
-usr/bin/sync.exe
-usr/bin/tac.exe
-usr/bin/tail.exe
-usr/bin/tee.exe
-usr/bin/test.exe
-usr/bin/timeout.exe
-usr/bin/touch.exe
-usr/bin/tr.exe
-usr/bin/true.exe
-usr/bin/truncate.exe
-usr/bin/tsort.exe
-usr/bin/tty.exe
-usr/bin/uname.exe
-usr/bin/unexpand.exe
-usr/bin/uniq.exe
-usr/bin/unlink.exe
-usr/bin/users.exe
-usr/bin/vdir.exe
-usr/bin/wc.exe
-usr/bin/who.exe
-usr/bin/whoami.exe
-usr/bin/yes.exe
-usr/lib/
-usr/lib/coreutils/
-usr/lib/coreutils/libstdbuf.so
-usr/share/
-usr/share/info/
-usr/share/info/coreutils.info.gz
-usr/share/locale/
-usr/share/locale/af/
-usr/share/locale/af/LC_MESSAGES/
-usr/share/locale/af/LC_MESSAGES/coreutils.mo
-usr/share/locale/af/LC_TIME/
-usr/share/locale/af/LC_TIME/coreutils.mo
-usr/share/locale/be/
-usr/share/locale/be/LC_MESSAGES/
-usr/share/locale/be/LC_MESSAGES/coreutils.mo
-usr/share/locale/be/LC_TIME/
-usr/share/locale/be/LC_TIME/coreutils.mo
-usr/share/locale/bg/
-usr/share/locale/bg/LC_MESSAGES/
-usr/share/locale/bg/LC_MESSAGES/coreutils.mo
-usr/share/locale/bg/LC_TIME/
-usr/share/locale/bg/LC_TIME/coreutils.mo
-usr/share/locale/ca/
-usr/share/locale/ca/LC_MESSAGES/
-usr/share/locale/ca/LC_MESSAGES/coreutils.mo
-usr/share/locale/ca/LC_TIME/
-usr/share/locale/ca/LC_TIME/coreutils.mo
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/coreutils.mo
-usr/share/locale/cs/LC_TIME/
-usr/share/locale/cs/LC_TIME/coreutils.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/coreutils.mo
-usr/share/locale/da/LC_TIME/
-usr/share/locale/da/LC_TIME/coreutils.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/coreutils.mo
-usr/share/locale/de/LC_TIME/
-usr/share/locale/de/LC_TIME/coreutils.mo
-usr/share/locale/el/
-usr/share/locale/el/LC_MESSAGES/
-usr/share/locale/el/LC_MESSAGES/coreutils.mo
-usr/share/locale/el/LC_TIME/
-usr/share/locale/el/LC_TIME/coreutils.mo
-usr/share/locale/eo/
-usr/share/locale/eo/LC_MESSAGES/
-usr/share/locale/eo/LC_MESSAGES/coreutils.mo
-usr/share/locale/eo/LC_TIME/
-usr/share/locale/eo/LC_TIME/coreutils.mo
-usr/share/locale/es/
-usr/share/locale/es/LC_MESSAGES/
-usr/share/locale/es/LC_MESSAGES/coreutils.mo
-usr/share/locale/es/LC_TIME/
-usr/share/locale/es/LC_TIME/coreutils.mo
-usr/share/locale/et/
-usr/share/locale/et/LC_MESSAGES/
-usr/share/locale/et/LC_MESSAGES/coreutils.mo
-usr/share/locale/et/LC_TIME/
-usr/share/locale/et/LC_TIME/coreutils.mo
-usr/share/locale/eu/
-usr/share/locale/eu/LC_MESSAGES/
-usr/share/locale/eu/LC_MESSAGES/coreutils.mo
-usr/share/locale/eu/LC_TIME/
-usr/share/locale/eu/LC_TIME/coreutils.mo
-usr/share/locale/fi/
-usr/share/locale/fi/LC_MESSAGES/
-usr/share/locale/fi/LC_MESSAGES/coreutils.mo
-usr/share/locale/fi/LC_TIME/
-usr/share/locale/fi/LC_TIME/coreutils.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/coreutils.mo
-usr/share/locale/fr/LC_TIME/
-usr/share/locale/fr/LC_TIME/coreutils.mo
-usr/share/locale/ga/
-usr/share/locale/ga/LC_MESSAGES/
-usr/share/locale/ga/LC_MESSAGES/coreutils.mo
-usr/share/locale/ga/LC_TIME/
-usr/share/locale/ga/LC_TIME/coreutils.mo
-usr/share/locale/gl/
-usr/share/locale/gl/LC_MESSAGES/
-usr/share/locale/gl/LC_MESSAGES/coreutils.mo
-usr/share/locale/gl/LC_TIME/
-usr/share/locale/gl/LC_TIME/coreutils.mo
-usr/share/locale/hr/
-usr/share/locale/hr/LC_MESSAGES/
-usr/share/locale/hr/LC_MESSAGES/coreutils.mo
-usr/share/locale/hr/LC_TIME/
-usr/share/locale/hr/LC_TIME/coreutils.mo
-usr/share/locale/hu/
-usr/share/locale/hu/LC_MESSAGES/
-usr/share/locale/hu/LC_MESSAGES/coreutils.mo
-usr/share/locale/hu/LC_TIME/
-usr/share/locale/hu/LC_TIME/coreutils.mo
-usr/share/locale/ia/
-usr/share/locale/ia/LC_MESSAGES/
-usr/share/locale/ia/LC_MESSAGES/coreutils.mo
-usr/share/locale/ia/LC_TIME/
-usr/share/locale/ia/LC_TIME/coreutils.mo
-usr/share/locale/id/
-usr/share/locale/id/LC_MESSAGES/
-usr/share/locale/id/LC_MESSAGES/coreutils.mo
-usr/share/locale/id/LC_TIME/
-usr/share/locale/id/LC_TIME/coreutils.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/coreutils.mo
-usr/share/locale/it/LC_TIME/
-usr/share/locale/it/LC_TIME/coreutils.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/coreutils.mo
-usr/share/locale/ja/LC_TIME/
-usr/share/locale/ja/LC_TIME/coreutils.mo
-usr/share/locale/kk/
-usr/share/locale/kk/LC_MESSAGES/
-usr/share/locale/kk/LC_MESSAGES/coreutils.mo
-usr/share/locale/kk/LC_TIME/
-usr/share/locale/kk/LC_TIME/coreutils.mo
-usr/share/locale/ko/
-usr/share/locale/ko/LC_MESSAGES/
-usr/share/locale/ko/LC_MESSAGES/coreutils.mo
-usr/share/locale/ko/LC_TIME/
-usr/share/locale/ko/LC_TIME/coreutils.mo
-usr/share/locale/lg/
-usr/share/locale/lg/LC_MESSAGES/
-usr/share/locale/lg/LC_MESSAGES/coreutils.mo
-usr/share/locale/lg/LC_TIME/
-usr/share/locale/lg/LC_TIME/coreutils.mo
-usr/share/locale/lt/
-usr/share/locale/lt/LC_MESSAGES/
-usr/share/locale/lt/LC_MESSAGES/coreutils.mo
-usr/share/locale/lt/LC_TIME/
-usr/share/locale/lt/LC_TIME/coreutils.mo
-usr/share/locale/ms/
-usr/share/locale/ms/LC_MESSAGES/
-usr/share/locale/ms/LC_MESSAGES/coreutils.mo
-usr/share/locale/ms/LC_TIME/
-usr/share/locale/ms/LC_TIME/coreutils.mo
-usr/share/locale/nb/
-usr/share/locale/nb/LC_MESSAGES/
-usr/share/locale/nb/LC_MESSAGES/coreutils.mo
-usr/share/locale/nb/LC_TIME/
-usr/share/locale/nb/LC_TIME/coreutils.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/coreutils.mo
-usr/share/locale/nl/LC_TIME/
-usr/share/locale/nl/LC_TIME/coreutils.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/coreutils.mo
-usr/share/locale/pl/LC_TIME/
-usr/share/locale/pl/LC_TIME/coreutils.mo
-usr/share/locale/pt/
-usr/share/locale/pt/LC_MESSAGES/
-usr/share/locale/pt/LC_MESSAGES/coreutils.mo
-usr/share/locale/pt/LC_TIME/
-usr/share/locale/pt/LC_TIME/coreutils.mo
-usr/share/locale/pt_BR/
-usr/share/locale/pt_BR/LC_MESSAGES/
-usr/share/locale/pt_BR/LC_MESSAGES/coreutils.mo
-usr/share/locale/pt_BR/LC_TIME/
-usr/share/locale/pt_BR/LC_TIME/coreutils.mo
-usr/share/locale/ro/
-usr/share/locale/ro/LC_MESSAGES/
-usr/share/locale/ro/LC_MESSAGES/coreutils.mo
-usr/share/locale/ro/LC_TIME/
-usr/share/locale/ro/LC_TIME/coreutils.mo
-usr/share/locale/ru/
-usr/share/locale/ru/LC_MESSAGES/
-usr/share/locale/ru/LC_MESSAGES/coreutils.mo
-usr/share/locale/ru/LC_TIME/
-usr/share/locale/ru/LC_TIME/coreutils.mo
-usr/share/locale/sk/
-usr/share/locale/sk/LC_MESSAGES/
-usr/share/locale/sk/LC_MESSAGES/coreutils.mo
-usr/share/locale/sk/LC_TIME/
-usr/share/locale/sk/LC_TIME/coreutils.mo
-usr/share/locale/sl/
-usr/share/locale/sl/LC_MESSAGES/
-usr/share/locale/sl/LC_MESSAGES/coreutils.mo
-usr/share/locale/sl/LC_TIME/
-usr/share/locale/sl/LC_TIME/coreutils.mo
-usr/share/locale/sr/
-usr/share/locale/sr/LC_MESSAGES/
-usr/share/locale/sr/LC_MESSAGES/coreutils.mo
-usr/share/locale/sr/LC_TIME/
-usr/share/locale/sr/LC_TIME/coreutils.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/coreutils.mo
-usr/share/locale/sv/LC_TIME/
-usr/share/locale/sv/LC_TIME/coreutils.mo
-usr/share/locale/tr/
-usr/share/locale/tr/LC_MESSAGES/
-usr/share/locale/tr/LC_MESSAGES/coreutils.mo
-usr/share/locale/tr/LC_TIME/
-usr/share/locale/tr/LC_TIME/coreutils.mo
-usr/share/locale/uk/
-usr/share/locale/uk/LC_MESSAGES/
-usr/share/locale/uk/LC_MESSAGES/coreutils.mo
-usr/share/locale/uk/LC_TIME/
-usr/share/locale/uk/LC_TIME/coreutils.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/coreutils.mo
-usr/share/locale/vi/LC_TIME/
-usr/share/locale/vi/LC_TIME/coreutils.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/coreutils.mo
-usr/share/locale/zh_CN/LC_TIME/
-usr/share/locale/zh_CN/LC_TIME/coreutils.mo
-usr/share/locale/zh_TW/
-usr/share/locale/zh_TW/LC_MESSAGES/
-usr/share/locale/zh_TW/LC_MESSAGES/coreutils.mo
-usr/share/locale/zh_TW/LC_TIME/
-usr/share/locale/zh_TW/LC_TIME/coreutils.mo
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/arch.1.gz
-usr/share/man/man1/b2sum.1.gz
-usr/share/man/man1/base32.1.gz
-usr/share/man/man1/base64.1.gz
-usr/share/man/man1/basename.1.gz
-usr/share/man/man1/cat.1.gz
-usr/share/man/man1/chcon.1.gz
-usr/share/man/man1/chgrp.1.gz
-usr/share/man/man1/chmod.1.gz
-usr/share/man/man1/chown.1.gz
-usr/share/man/man1/chroot.1.gz
-usr/share/man/man1/cksum.1.gz
-usr/share/man/man1/comm.1.gz
-usr/share/man/man1/cp.1.gz
-usr/share/man/man1/csplit.1.gz
-usr/share/man/man1/cut.1.gz
-usr/share/man/man1/date.1.gz
-usr/share/man/man1/dd.1.gz
-usr/share/man/man1/df.1.gz
-usr/share/man/man1/dir.1.gz
-usr/share/man/man1/dircolors.1.gz
-usr/share/man/man1/dirname.1.gz
-usr/share/man/man1/du.1.gz
-usr/share/man/man1/echo.1.gz
-usr/share/man/man1/env.1.gz
-usr/share/man/man1/expand.1.gz
-usr/share/man/man1/expr.1.gz
-usr/share/man/man1/factor.1.gz
-usr/share/man/man1/false.1.gz
-usr/share/man/man1/fmt.1.gz
-usr/share/man/man1/fold.1.gz
-usr/share/man/man1/gkill.1.gz
-usr/share/man/man1/groups.1.gz
-usr/share/man/man1/head.1.gz
-usr/share/man/man1/hostid.1.gz
-usr/share/man/man1/hostname.1.gz
-usr/share/man/man1/id.1.gz
-usr/share/man/man1/install.1.gz
-usr/share/man/man1/join.1.gz
-usr/share/man/man1/link.1.gz
-usr/share/man/man1/ln.1.gz
-usr/share/man/man1/logname.1.gz
-usr/share/man/man1/ls.1.gz
-usr/share/man/man1/md5sum.1.gz
-usr/share/man/man1/mkdir.1.gz
-usr/share/man/man1/mkfifo.1.gz
-usr/share/man/man1/mknod.1.gz
-usr/share/man/man1/mktemp.1.gz
-usr/share/man/man1/mv.1.gz
-usr/share/man/man1/nice.1.gz
-usr/share/man/man1/nl.1.gz
-usr/share/man/man1/nohup.1.gz
-usr/share/man/man1/nproc.1.gz
-usr/share/man/man1/numfmt.1.gz
-usr/share/man/man1/od.1.gz
-usr/share/man/man1/paste.1.gz
-usr/share/man/man1/pathchk.1.gz
-usr/share/man/man1/pinky.1.gz
-usr/share/man/man1/pr.1.gz
-usr/share/man/man1/printenv.1.gz
-usr/share/man/man1/printf.1.gz
-usr/share/man/man1/ptx.1.gz
-usr/share/man/man1/pwd.1.gz
-usr/share/man/man1/readlink.1.gz
-usr/share/man/man1/realpath.1.gz
-usr/share/man/man1/rm.1.gz
-usr/share/man/man1/rmdir.1.gz
-usr/share/man/man1/runcon.1.gz
-usr/share/man/man1/seq.1.gz
-usr/share/man/man1/sha1sum.1.gz
-usr/share/man/man1/sha224sum.1.gz
-usr/share/man/man1/sha256sum.1.gz
-usr/share/man/man1/sha384sum.1.gz
-usr/share/man/man1/sha512sum.1.gz
-usr/share/man/man1/shred.1.gz
-usr/share/man/man1/shuf.1.gz
-usr/share/man/man1/sleep.1.gz
-usr/share/man/man1/sort.1.gz
-usr/share/man/man1/split.1.gz
-usr/share/man/man1/stat.1.gz
-usr/share/man/man1/stdbuf.1.gz
-usr/share/man/man1/stty.1.gz
-usr/share/man/man1/sum.1.gz
-usr/share/man/man1/sync.1.gz
-usr/share/man/man1/tac.1.gz
-usr/share/man/man1/tail.1.gz
-usr/share/man/man1/tee.1.gz
-usr/share/man/man1/test.1.gz
-usr/share/man/man1/timeout.1.gz
-usr/share/man/man1/touch.1.gz
-usr/share/man/man1/tr.1.gz
-usr/share/man/man1/true.1.gz
-usr/share/man/man1/truncate.1.gz
-usr/share/man/man1/tsort.1.gz
-usr/share/man/man1/tty.1.gz
-usr/share/man/man1/uname.1.gz
-usr/share/man/man1/unexpand.1.gz
-usr/share/man/man1/uniq.1.gz
-usr/share/man/man1/unlink.1.gz
-usr/share/man/man1/users.1.gz
-usr/share/man/man1/vdir.1.gz
-usr/share/man/man1/wc.1.gz
-usr/share/man/man1/who.1.gz
-usr/share/man/man1/whoami.1.gz
-usr/share/man/man1/yes.1.gz
-
diff --git a/msys2/var/lib/pacman/local/coreutils-8.26-3/mtree b/msys2/var/lib/pacman/local/coreutils-8.26-3/mtree
deleted file mode 100644
index 857d98538..000000000
Binary files a/msys2/var/lib/pacman/local/coreutils-8.26-3/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/coreutils-8.31-1/desc b/msys2/var/lib/pacman/local/coreutils-8.31-1/desc
new file mode 100644
index 000000000..e5a2d2407
--- /dev/null
+++ b/msys2/var/lib/pacman/local/coreutils-8.31-1/desc
@@ -0,0 +1,44 @@
+%NAME%
+coreutils
+
+%VERSION%
+8.31-1
+
+%BASE%
+coreutils
+
+%DESC%
+The basic file, shell and text manipulation utilities of the GNU operating system
+
+%URL%
+https://www.gnu.org/software/coreutils
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556189404
+
+%INSTALLDATE%
+1558699049
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+26054656
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gmp
+libiconv
+libintl
+
diff --git a/msys2/var/lib/pacman/local/coreutils-8.31-1/files b/msys2/var/lib/pacman/local/coreutils-8.31-1/files
new file mode 100644
index 000000000..1e8419d7d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/coreutils-8.31-1/files
@@ -0,0 +1,438 @@
+%FILES%
+etc/
+etc/DIR_COLORS
+usr/
+usr/bin/
+usr/bin/[.exe
+usr/bin/arch.exe
+usr/bin/b2sum.exe
+usr/bin/base32.exe
+usr/bin/base64.exe
+usr/bin/basename.exe
+usr/bin/basenc.exe
+usr/bin/cat.exe
+usr/bin/chcon.exe
+usr/bin/chgrp.exe
+usr/bin/chmod.exe
+usr/bin/chown.exe
+usr/bin/chroot.exe
+usr/bin/cksum.exe
+usr/bin/comm.exe
+usr/bin/cp.exe
+usr/bin/csplit.exe
+usr/bin/cut.exe
+usr/bin/date.exe
+usr/bin/dd.exe
+usr/bin/df.exe
+usr/bin/dir.exe
+usr/bin/dircolors.exe
+usr/bin/dirname.exe
+usr/bin/du.exe
+usr/bin/echo.exe
+usr/bin/env.exe
+usr/bin/expand.exe
+usr/bin/expr.exe
+usr/bin/factor.exe
+usr/bin/false.exe
+usr/bin/fmt.exe
+usr/bin/fold.exe
+usr/bin/gkill.exe
+usr/bin/groups.exe
+usr/bin/head.exe
+usr/bin/hostid.exe
+usr/bin/hostname.exe
+usr/bin/id.exe
+usr/bin/install.exe
+usr/bin/join.exe
+usr/bin/link.exe
+usr/bin/ln.exe
+usr/bin/logname.exe
+usr/bin/ls.exe
+usr/bin/md5sum.exe
+usr/bin/mkdir.exe
+usr/bin/mkfifo.exe
+usr/bin/mknod.exe
+usr/bin/mktemp.exe
+usr/bin/mv.exe
+usr/bin/nice.exe
+usr/bin/nl.exe
+usr/bin/nohup.exe
+usr/bin/nproc.exe
+usr/bin/numfmt.exe
+usr/bin/od.exe
+usr/bin/paste.exe
+usr/bin/pathchk.exe
+usr/bin/pinky.exe
+usr/bin/pr.exe
+usr/bin/printenv.exe
+usr/bin/printf.exe
+usr/bin/ptx.exe
+usr/bin/pwd.exe
+usr/bin/readlink.exe
+usr/bin/realpath.exe
+usr/bin/rm.exe
+usr/bin/rmdir.exe
+usr/bin/runcon.exe
+usr/bin/seq.exe
+usr/bin/sha1sum.exe
+usr/bin/sha224sum.exe
+usr/bin/sha256sum.exe
+usr/bin/sha384sum.exe
+usr/bin/sha512sum.exe
+usr/bin/shred.exe
+usr/bin/shuf.exe
+usr/bin/sleep.exe
+usr/bin/sort.exe
+usr/bin/split.exe
+usr/bin/stat.exe
+usr/bin/stty.exe
+usr/bin/sum.exe
+usr/bin/sync.exe
+usr/bin/tac.exe
+usr/bin/tail.exe
+usr/bin/tee.exe
+usr/bin/test.exe
+usr/bin/timeout.exe
+usr/bin/touch.exe
+usr/bin/tr.exe
+usr/bin/true.exe
+usr/bin/truncate.exe
+usr/bin/tsort.exe
+usr/bin/tty.exe
+usr/bin/uname.exe
+usr/bin/unexpand.exe
+usr/bin/uniq.exe
+usr/bin/unlink.exe
+usr/bin/users.exe
+usr/bin/vdir.exe
+usr/bin/wc.exe
+usr/bin/who.exe
+usr/bin/whoami.exe
+usr/bin/yes.exe
+usr/share/
+usr/share/info/
+usr/share/info/coreutils.info.gz
+usr/share/locale/
+usr/share/locale/af/
+usr/share/locale/af/LC_MESSAGES/
+usr/share/locale/af/LC_MESSAGES/coreutils.mo
+usr/share/locale/af/LC_TIME/
+usr/share/locale/af/LC_TIME/coreutils.mo
+usr/share/locale/be/
+usr/share/locale/be/LC_MESSAGES/
+usr/share/locale/be/LC_MESSAGES/coreutils.mo
+usr/share/locale/be/LC_TIME/
+usr/share/locale/be/LC_TIME/coreutils.mo
+usr/share/locale/bg/
+usr/share/locale/bg/LC_MESSAGES/
+usr/share/locale/bg/LC_MESSAGES/coreutils.mo
+usr/share/locale/bg/LC_TIME/
+usr/share/locale/bg/LC_TIME/coreutils.mo
+usr/share/locale/ca/
+usr/share/locale/ca/LC_MESSAGES/
+usr/share/locale/ca/LC_MESSAGES/coreutils.mo
+usr/share/locale/ca/LC_TIME/
+usr/share/locale/ca/LC_TIME/coreutils.mo
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/coreutils.mo
+usr/share/locale/cs/LC_TIME/
+usr/share/locale/cs/LC_TIME/coreutils.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/coreutils.mo
+usr/share/locale/da/LC_TIME/
+usr/share/locale/da/LC_TIME/coreutils.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/coreutils.mo
+usr/share/locale/de/LC_TIME/
+usr/share/locale/de/LC_TIME/coreutils.mo
+usr/share/locale/el/
+usr/share/locale/el/LC_MESSAGES/
+usr/share/locale/el/LC_MESSAGES/coreutils.mo
+usr/share/locale/el/LC_TIME/
+usr/share/locale/el/LC_TIME/coreutils.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/coreutils.mo
+usr/share/locale/eo/LC_TIME/
+usr/share/locale/eo/LC_TIME/coreutils.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/coreutils.mo
+usr/share/locale/es/LC_TIME/
+usr/share/locale/es/LC_TIME/coreutils.mo
+usr/share/locale/et/
+usr/share/locale/et/LC_MESSAGES/
+usr/share/locale/et/LC_MESSAGES/coreutils.mo
+usr/share/locale/et/LC_TIME/
+usr/share/locale/et/LC_TIME/coreutils.mo
+usr/share/locale/eu/
+usr/share/locale/eu/LC_MESSAGES/
+usr/share/locale/eu/LC_MESSAGES/coreutils.mo
+usr/share/locale/eu/LC_TIME/
+usr/share/locale/eu/LC_TIME/coreutils.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/coreutils.mo
+usr/share/locale/fi/LC_TIME/
+usr/share/locale/fi/LC_TIME/coreutils.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/coreutils.mo
+usr/share/locale/fr/LC_TIME/
+usr/share/locale/fr/LC_TIME/coreutils.mo
+usr/share/locale/ga/
+usr/share/locale/ga/LC_MESSAGES/
+usr/share/locale/ga/LC_MESSAGES/coreutils.mo
+usr/share/locale/ga/LC_TIME/
+usr/share/locale/ga/LC_TIME/coreutils.mo
+usr/share/locale/gl/
+usr/share/locale/gl/LC_MESSAGES/
+usr/share/locale/gl/LC_MESSAGES/coreutils.mo
+usr/share/locale/gl/LC_TIME/
+usr/share/locale/gl/LC_TIME/coreutils.mo
+usr/share/locale/hr/
+usr/share/locale/hr/LC_MESSAGES/
+usr/share/locale/hr/LC_MESSAGES/coreutils.mo
+usr/share/locale/hr/LC_TIME/
+usr/share/locale/hr/LC_TIME/coreutils.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/coreutils.mo
+usr/share/locale/hu/LC_TIME/
+usr/share/locale/hu/LC_TIME/coreutils.mo
+usr/share/locale/ia/
+usr/share/locale/ia/LC_MESSAGES/
+usr/share/locale/ia/LC_MESSAGES/coreutils.mo
+usr/share/locale/ia/LC_TIME/
+usr/share/locale/ia/LC_TIME/coreutils.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/coreutils.mo
+usr/share/locale/id/LC_TIME/
+usr/share/locale/id/LC_TIME/coreutils.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/coreutils.mo
+usr/share/locale/it/LC_TIME/
+usr/share/locale/it/LC_TIME/coreutils.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/coreutils.mo
+usr/share/locale/ja/LC_TIME/
+usr/share/locale/ja/LC_TIME/coreutils.mo
+usr/share/locale/kk/
+usr/share/locale/kk/LC_MESSAGES/
+usr/share/locale/kk/LC_MESSAGES/coreutils.mo
+usr/share/locale/kk/LC_TIME/
+usr/share/locale/kk/LC_TIME/coreutils.mo
+usr/share/locale/ko/
+usr/share/locale/ko/LC_MESSAGES/
+usr/share/locale/ko/LC_MESSAGES/coreutils.mo
+usr/share/locale/ko/LC_TIME/
+usr/share/locale/ko/LC_TIME/coreutils.mo
+usr/share/locale/lg/
+usr/share/locale/lg/LC_MESSAGES/
+usr/share/locale/lg/LC_MESSAGES/coreutils.mo
+usr/share/locale/lg/LC_TIME/
+usr/share/locale/lg/LC_TIME/coreutils.mo
+usr/share/locale/lt/
+usr/share/locale/lt/LC_MESSAGES/
+usr/share/locale/lt/LC_MESSAGES/coreutils.mo
+usr/share/locale/lt/LC_TIME/
+usr/share/locale/lt/LC_TIME/coreutils.mo
+usr/share/locale/ms/
+usr/share/locale/ms/LC_MESSAGES/
+usr/share/locale/ms/LC_MESSAGES/coreutils.mo
+usr/share/locale/ms/LC_TIME/
+usr/share/locale/ms/LC_TIME/coreutils.mo
+usr/share/locale/nb/
+usr/share/locale/nb/LC_MESSAGES/
+usr/share/locale/nb/LC_MESSAGES/coreutils.mo
+usr/share/locale/nb/LC_TIME/
+usr/share/locale/nb/LC_TIME/coreutils.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/coreutils.mo
+usr/share/locale/nl/LC_TIME/
+usr/share/locale/nl/LC_TIME/coreutils.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/coreutils.mo
+usr/share/locale/pl/LC_TIME/
+usr/share/locale/pl/LC_TIME/coreutils.mo
+usr/share/locale/pt/
+usr/share/locale/pt/LC_MESSAGES/
+usr/share/locale/pt/LC_MESSAGES/coreutils.mo
+usr/share/locale/pt/LC_TIME/
+usr/share/locale/pt/LC_TIME/coreutils.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/coreutils.mo
+usr/share/locale/pt_BR/LC_TIME/
+usr/share/locale/pt_BR/LC_TIME/coreutils.mo
+usr/share/locale/ro/
+usr/share/locale/ro/LC_MESSAGES/
+usr/share/locale/ro/LC_MESSAGES/coreutils.mo
+usr/share/locale/ro/LC_TIME/
+usr/share/locale/ro/LC_TIME/coreutils.mo
+usr/share/locale/ru/
+usr/share/locale/ru/LC_MESSAGES/
+usr/share/locale/ru/LC_MESSAGES/coreutils.mo
+usr/share/locale/ru/LC_TIME/
+usr/share/locale/ru/LC_TIME/coreutils.mo
+usr/share/locale/sk/
+usr/share/locale/sk/LC_MESSAGES/
+usr/share/locale/sk/LC_MESSAGES/coreutils.mo
+usr/share/locale/sk/LC_TIME/
+usr/share/locale/sk/LC_TIME/coreutils.mo
+usr/share/locale/sl/
+usr/share/locale/sl/LC_MESSAGES/
+usr/share/locale/sl/LC_MESSAGES/coreutils.mo
+usr/share/locale/sl/LC_TIME/
+usr/share/locale/sl/LC_TIME/coreutils.mo
+usr/share/locale/sr/
+usr/share/locale/sr/LC_MESSAGES/
+usr/share/locale/sr/LC_MESSAGES/coreutils.mo
+usr/share/locale/sr/LC_TIME/
+usr/share/locale/sr/LC_TIME/coreutils.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/coreutils.mo
+usr/share/locale/sv/LC_TIME/
+usr/share/locale/sv/LC_TIME/coreutils.mo
+usr/share/locale/tr/
+usr/share/locale/tr/LC_MESSAGES/
+usr/share/locale/tr/LC_MESSAGES/coreutils.mo
+usr/share/locale/tr/LC_TIME/
+usr/share/locale/tr/LC_TIME/coreutils.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/coreutils.mo
+usr/share/locale/uk/LC_TIME/
+usr/share/locale/uk/LC_TIME/coreutils.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/coreutils.mo
+usr/share/locale/vi/LC_TIME/
+usr/share/locale/vi/LC_TIME/coreutils.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/coreutils.mo
+usr/share/locale/zh_CN/LC_TIME/
+usr/share/locale/zh_CN/LC_TIME/coreutils.mo
+usr/share/locale/zh_TW/
+usr/share/locale/zh_TW/LC_MESSAGES/
+usr/share/locale/zh_TW/LC_MESSAGES/coreutils.mo
+usr/share/locale/zh_TW/LC_TIME/
+usr/share/locale/zh_TW/LC_TIME/coreutils.mo
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/arch.1.gz
+usr/share/man/man1/b2sum.1.gz
+usr/share/man/man1/base32.1.gz
+usr/share/man/man1/base64.1.gz
+usr/share/man/man1/basename.1.gz
+usr/share/man/man1/basenc.1.gz
+usr/share/man/man1/cat.1.gz
+usr/share/man/man1/chcon.1.gz
+usr/share/man/man1/chgrp.1.gz
+usr/share/man/man1/chmod.1.gz
+usr/share/man/man1/chown.1.gz
+usr/share/man/man1/chroot.1.gz
+usr/share/man/man1/cksum.1.gz
+usr/share/man/man1/comm.1.gz
+usr/share/man/man1/cp.1.gz
+usr/share/man/man1/csplit.1.gz
+usr/share/man/man1/cut.1.gz
+usr/share/man/man1/date.1.gz
+usr/share/man/man1/dd.1.gz
+usr/share/man/man1/df.1.gz
+usr/share/man/man1/dir.1.gz
+usr/share/man/man1/dircolors.1.gz
+usr/share/man/man1/dirname.1.gz
+usr/share/man/man1/du.1.gz
+usr/share/man/man1/echo.1.gz
+usr/share/man/man1/env.1.gz
+usr/share/man/man1/expand.1.gz
+usr/share/man/man1/expr.1.gz
+usr/share/man/man1/factor.1.gz
+usr/share/man/man1/false.1.gz
+usr/share/man/man1/fmt.1.gz
+usr/share/man/man1/fold.1.gz
+usr/share/man/man1/gkill.1.gz
+usr/share/man/man1/groups.1.gz
+usr/share/man/man1/head.1.gz
+usr/share/man/man1/hostid.1.gz
+usr/share/man/man1/hostname.1.gz
+usr/share/man/man1/id.1.gz
+usr/share/man/man1/install.1.gz
+usr/share/man/man1/join.1.gz
+usr/share/man/man1/link.1.gz
+usr/share/man/man1/ln.1.gz
+usr/share/man/man1/logname.1.gz
+usr/share/man/man1/ls.1.gz
+usr/share/man/man1/md5sum.1.gz
+usr/share/man/man1/mkdir.1.gz
+usr/share/man/man1/mkfifo.1.gz
+usr/share/man/man1/mknod.1.gz
+usr/share/man/man1/mktemp.1.gz
+usr/share/man/man1/mv.1.gz
+usr/share/man/man1/nice.1.gz
+usr/share/man/man1/nl.1.gz
+usr/share/man/man1/nohup.1.gz
+usr/share/man/man1/nproc.1.gz
+usr/share/man/man1/numfmt.1.gz
+usr/share/man/man1/od.1.gz
+usr/share/man/man1/paste.1.gz
+usr/share/man/man1/pathchk.1.gz
+usr/share/man/man1/pinky.1.gz
+usr/share/man/man1/pr.1.gz
+usr/share/man/man1/printenv.1.gz
+usr/share/man/man1/printf.1.gz
+usr/share/man/man1/ptx.1.gz
+usr/share/man/man1/pwd.1.gz
+usr/share/man/man1/readlink.1.gz
+usr/share/man/man1/realpath.1.gz
+usr/share/man/man1/rm.1.gz
+usr/share/man/man1/rmdir.1.gz
+usr/share/man/man1/runcon.1.gz
+usr/share/man/man1/seq.1.gz
+usr/share/man/man1/sha1sum.1.gz
+usr/share/man/man1/sha224sum.1.gz
+usr/share/man/man1/sha256sum.1.gz
+usr/share/man/man1/sha384sum.1.gz
+usr/share/man/man1/sha512sum.1.gz
+usr/share/man/man1/shred.1.gz
+usr/share/man/man1/shuf.1.gz
+usr/share/man/man1/sleep.1.gz
+usr/share/man/man1/sort.1.gz
+usr/share/man/man1/split.1.gz
+usr/share/man/man1/stat.1.gz
+usr/share/man/man1/stty.1.gz
+usr/share/man/man1/sum.1.gz
+usr/share/man/man1/sync.1.gz
+usr/share/man/man1/tac.1.gz
+usr/share/man/man1/tail.1.gz
+usr/share/man/man1/tee.1.gz
+usr/share/man/man1/test.1.gz
+usr/share/man/man1/timeout.1.gz
+usr/share/man/man1/touch.1.gz
+usr/share/man/man1/tr.1.gz
+usr/share/man/man1/true.1.gz
+usr/share/man/man1/truncate.1.gz
+usr/share/man/man1/tsort.1.gz
+usr/share/man/man1/tty.1.gz
+usr/share/man/man1/uname.1.gz
+usr/share/man/man1/unexpand.1.gz
+usr/share/man/man1/uniq.1.gz
+usr/share/man/man1/unlink.1.gz
+usr/share/man/man1/users.1.gz
+usr/share/man/man1/vdir.1.gz
+usr/share/man/man1/wc.1.gz
+usr/share/man/man1/who.1.gz
+usr/share/man/man1/whoami.1.gz
+usr/share/man/man1/yes.1.gz
+
diff --git a/msys2/var/lib/pacman/local/coreutils-8.26-3/install b/msys2/var/lib/pacman/local/coreutils-8.31-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/coreutils-8.26-3/install
rename to msys2/var/lib/pacman/local/coreutils-8.31-1/install
diff --git a/msys2/var/lib/pacman/local/coreutils-8.31-1/mtree b/msys2/var/lib/pacman/local/coreutils-8.31-1/mtree
new file mode 100644
index 000000000..a105c88d3
Binary files /dev/null and b/msys2/var/lib/pacman/local/coreutils-8.31-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/curl-7.58.0-1/desc b/msys2/var/lib/pacman/local/curl-7.58.0-1/desc
deleted file mode 100644
index b523f3f1b..000000000
--- a/msys2/var/lib/pacman/local/curl-7.58.0-1/desc
+++ /dev/null
@@ -1,49 +0,0 @@
-%NAME%
-curl
-
-%VERSION%
-7.58.0-1
-
-%BASE%
-curl
-
-%DESC%
-Multi-protocol file transfer utility
-
-%URL%
-https://curl.haxx.se
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518431211
-
-%INSTALLDATE%
-1527758872
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-808960
-
-%GROUPS%
-base
-
-%LICENSE%
-MIT
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-ca-certificates
-libcurl
-libcrypt
-libmetalink
-libnghttp2
-libpsl
-openssl
-zlib
-
diff --git a/msys2/var/lib/pacman/local/curl-7.58.0-1/files b/msys2/var/lib/pacman/local/curl-7.58.0-1/files
deleted file mode 100644
index d323f5aeb..000000000
--- a/msys2/var/lib/pacman/local/curl-7.58.0-1/files
+++ /dev/null
@@ -1,408 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/curl.exe
-usr/share/
-usr/share/aclocal/
-usr/share/aclocal/libcurl.m4
-usr/share/licenses/
-usr/share/licenses/curl/
-usr/share/licenses/curl/COPYING
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/curl-config.1.gz
-usr/share/man/man1/curl.1.gz
-usr/share/man/man3/
-usr/share/man/man3/CURLINFO_ACTIVESOCKET.3.gz
-usr/share/man/man3/CURLINFO_APPCONNECT_TIME.3.gz
-usr/share/man/man3/CURLINFO_CERTINFO.3.gz
-usr/share/man/man3/CURLINFO_CONDITION_UNMET.3.gz
-usr/share/man/man3/CURLINFO_CONNECT_TIME.3.gz
-usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3.gz
-usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3.gz
-usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3.gz
-usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3.gz
-usr/share/man/man3/CURLINFO_CONTENT_TYPE.3.gz
-usr/share/man/man3/CURLINFO_COOKIELIST.3.gz
-usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3.gz
-usr/share/man/man3/CURLINFO_FILETIME.3.gz
-usr/share/man/man3/CURLINFO_FTP_ENTRY_PATH.3.gz
-usr/share/man/man3/CURLINFO_HEADER_SIZE.3.gz
-usr/share/man/man3/CURLINFO_HTTPAUTH_AVAIL.3.gz
-usr/share/man/man3/CURLINFO_HTTP_CONNECTCODE.3.gz
-usr/share/man/man3/CURLINFO_HTTP_VERSION.3.gz
-usr/share/man/man3/CURLINFO_LASTSOCKET.3.gz
-usr/share/man/man3/CURLINFO_LOCAL_IP.3.gz
-usr/share/man/man3/CURLINFO_LOCAL_PORT.3.gz
-usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME.3.gz
-usr/share/man/man3/CURLINFO_NUM_CONNECTS.3.gz
-usr/share/man/man3/CURLINFO_OS_ERRNO.3.gz
-usr/share/man/man3/CURLINFO_PRETRANSFER_TIME.3.gz
-usr/share/man/man3/CURLINFO_PRIMARY_IP.3.gz
-usr/share/man/man3/CURLINFO_PRIMARY_PORT.3.gz
-usr/share/man/man3/CURLINFO_PRIVATE.3.gz
-usr/share/man/man3/CURLINFO_PROTOCOL.3.gz
-usr/share/man/man3/CURLINFO_PROXYAUTH_AVAIL.3.gz
-usr/share/man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3.gz
-usr/share/man/man3/CURLINFO_REDIRECT_COUNT.3.gz
-usr/share/man/man3/CURLINFO_REDIRECT_TIME.3.gz
-usr/share/man/man3/CURLINFO_REDIRECT_URL.3.gz
-usr/share/man/man3/CURLINFO_REQUEST_SIZE.3.gz
-usr/share/man/man3/CURLINFO_RESPONSE_CODE.3.gz
-usr/share/man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3.gz
-usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3.gz
-usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3.gz
-usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3.gz
-usr/share/man/man3/CURLINFO_SCHEME.3.gz
-usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3.gz
-usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3.gz
-usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3.gz
-usr/share/man/man3/CURLINFO_SIZE_UPLOAD_T.3.gz
-usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD.3.gz
-usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD_T.3.gz
-usr/share/man/man3/CURLINFO_SPEED_UPLOAD.3.gz
-usr/share/man/man3/CURLINFO_SPEED_UPLOAD_T.3.gz
-usr/share/man/man3/CURLINFO_SSL_ENGINES.3.gz
-usr/share/man/man3/CURLINFO_SSL_VERIFYRESULT.3.gz
-usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME.3.gz
-usr/share/man/man3/CURLINFO_TLS_SESSION.3.gz
-usr/share/man/man3/CURLINFO_TLS_SSL_PTR.3.gz
-usr/share/man/man3/CURLINFO_TOTAL_TIME.3.gz
-usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3.gz
-usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3.gz
-usr/share/man/man3/CURLMOPT_MAXCONNECTS.3.gz
-usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3.gz
-usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3.gz
-usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3.gz
-usr/share/man/man3/CURLMOPT_PIPELINING.3.gz
-usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3.gz
-usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3.gz
-usr/share/man/man3/CURLMOPT_PUSHDATA.3.gz
-usr/share/man/man3/CURLMOPT_PUSHFUNCTION.3.gz
-usr/share/man/man3/CURLMOPT_SOCKETDATA.3.gz
-usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3.gz
-usr/share/man/man3/CURLMOPT_TIMERDATA.3.gz
-usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3.gz
-usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3.gz
-usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3.gz
-usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3.gz
-usr/share/man/man3/CURLOPT_APPEND.3.gz
-usr/share/man/man3/CURLOPT_AUTOREFERER.3.gz
-usr/share/man/man3/CURLOPT_BUFFERSIZE.3.gz
-usr/share/man/man3/CURLOPT_CAINFO.3.gz
-usr/share/man/man3/CURLOPT_CAPATH.3.gz
-usr/share/man/man3/CURLOPT_CERTINFO.3.gz
-usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3.gz
-usr/share/man/man3/CURLOPT_CHUNK_DATA.3.gz
-usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3.gz
-usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3.gz
-usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3.gz
-usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3.gz
-usr/share/man/man3/CURLOPT_CONNECT_ONLY.3.gz
-usr/share/man/man3/CURLOPT_CONNECT_TO.3.gz
-usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3.gz
-usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3.gz
-usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3.gz
-usr/share/man/man3/CURLOPT_COOKIE.3.gz
-usr/share/man/man3/CURLOPT_COOKIEFILE.3.gz
-usr/share/man/man3/CURLOPT_COOKIEJAR.3.gz
-usr/share/man/man3/CURLOPT_COOKIELIST.3.gz
-usr/share/man/man3/CURLOPT_COOKIESESSION.3.gz
-usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3.gz
-usr/share/man/man3/CURLOPT_CRLF.3.gz
-usr/share/man/man3/CURLOPT_CRLFILE.3.gz
-usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3.gz
-usr/share/man/man3/CURLOPT_DEBUGDATA.3.gz
-usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_DEFAULT_PROTOCOL.3.gz
-usr/share/man/man3/CURLOPT_DIRLISTONLY.3.gz
-usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3.gz
-usr/share/man/man3/CURLOPT_DNS_INTERFACE.3.gz
-usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3.gz
-usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz
-usr/share/man/man3/CURLOPT_DNS_SERVERS.3.gz
-usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz
-usr/share/man/man3/CURLOPT_EGDSOCKET.3.gz
-usr/share/man/man3/CURLOPT_ERRORBUFFER.3.gz
-usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3.gz
-usr/share/man/man3/CURLOPT_FAILONERROR.3.gz
-usr/share/man/man3/CURLOPT_FILETIME.3.gz
-usr/share/man/man3/CURLOPT_FNMATCH_DATA.3.gz
-usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3.gz
-usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3.gz
-usr/share/man/man3/CURLOPT_FORBID_REUSE.3.gz
-usr/share/man/man3/CURLOPT_FRESH_CONNECT.3.gz
-usr/share/man/man3/CURLOPT_FTPPORT.3.gz
-usr/share/man/man3/CURLOPT_FTPSSLAUTH.3.gz
-usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3.gz
-usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3.gz
-usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3.gz
-usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3.gz
-usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3.gz
-usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3.gz
-usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3.gz
-usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3.gz
-usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3.gz
-usr/share/man/man3/CURLOPT_FTP_USE_PRET.3.gz
-usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3.gz
-usr/share/man/man3/CURLOPT_HEADER.3.gz
-usr/share/man/man3/CURLOPT_HEADERDATA.3.gz
-usr/share/man/man3/CURLOPT_HEADERFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_HEADEROPT.3.gz
-usr/share/man/man3/CURLOPT_HTTP200ALIASES.3.gz
-usr/share/man/man3/CURLOPT_HTTPAUTH.3.gz
-usr/share/man/man3/CURLOPT_HTTPGET.3.gz
-usr/share/man/man3/CURLOPT_HTTPHEADER.3.gz
-usr/share/man/man3/CURLOPT_HTTPPOST.3.gz
-usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3.gz
-usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3.gz
-usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3.gz
-usr/share/man/man3/CURLOPT_HTTP_VERSION.3.gz
-usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3.gz
-usr/share/man/man3/CURLOPT_INFILESIZE.3.gz
-usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3.gz
-usr/share/man/man3/CURLOPT_INTERFACE.3.gz
-usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3.gz
-usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_IOCTLDATA.3.gz
-usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz
-usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz
-usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz
-usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz
-usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz
-usr/share/man/man3/CURLOPT_LOCALPORT.3.gz
-usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3.gz
-usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3.gz
-usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3.gz
-usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3.gz
-usr/share/man/man3/CURLOPT_MAIL_AUTH.3.gz
-usr/share/man/man3/CURLOPT_MAIL_FROM.3.gz
-usr/share/man/man3/CURLOPT_MAIL_RCPT.3.gz
-usr/share/man/man3/CURLOPT_MAXCONNECTS.3.gz
-usr/share/man/man3/CURLOPT_MAXFILESIZE.3.gz
-usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3.gz
-usr/share/man/man3/CURLOPT_MAXREDIRS.3.gz
-usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3.gz
-usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3.gz
-usr/share/man/man3/CURLOPT_MIMEPOST.3.gz
-usr/share/man/man3/CURLOPT_NETRC.3.gz
-usr/share/man/man3/CURLOPT_NETRC_FILE.3.gz
-usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3.gz
-usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3.gz
-usr/share/man/man3/CURLOPT_NOBODY.3.gz
-usr/share/man/man3/CURLOPT_NOPROGRESS.3.gz
-usr/share/man/man3/CURLOPT_NOPROXY.3.gz
-usr/share/man/man3/CURLOPT_NOSIGNAL.3.gz
-usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3.gz
-usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_PASSWORD.3.gz
-usr/share/man/man3/CURLOPT_PATH_AS_IS.3.gz
-usr/share/man/man3/CURLOPT_PINNEDPUBLICKEY.3.gz
-usr/share/man/man3/CURLOPT_PIPEWAIT.3.gz
-usr/share/man/man3/CURLOPT_PORT.3.gz
-usr/share/man/man3/CURLOPT_POST.3.gz
-usr/share/man/man3/CURLOPT_POSTFIELDS.3.gz
-usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3.gz
-usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3.gz
-usr/share/man/man3/CURLOPT_POSTQUOTE.3.gz
-usr/share/man/man3/CURLOPT_POSTREDIR.3.gz
-usr/share/man/man3/CURLOPT_PREQUOTE.3.gz
-usr/share/man/man3/CURLOPT_PRE_PROXY.3.gz
-usr/share/man/man3/CURLOPT_PRIVATE.3.gz
-usr/share/man/man3/CURLOPT_PROGRESSDATA.3.gz
-usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_PROTOCOLS.3.gz
-usr/share/man/man3/CURLOPT_PROXY.3.gz
-usr/share/man/man3/CURLOPT_PROXYAUTH.3.gz
-usr/share/man/man3/CURLOPT_PROXYHEADER.3.gz
-usr/share/man/man3/CURLOPT_PROXYPASSWORD.3.gz
-usr/share/man/man3/CURLOPT_PROXYPORT.3.gz
-usr/share/man/man3/CURLOPT_PROXYTYPE.3.gz
-usr/share/man/man3/CURLOPT_PROXYUSERNAME.3.gz
-usr/share/man/man3/CURLOPT_PROXYUSERPWD.3.gz
-usr/share/man/man3/CURLOPT_PROXY_CAINFO.3.gz
-usr/share/man/man3/CURLOPT_PROXY_CAPATH.3.gz
-usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3.gz
-usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3.gz
-usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3.gz
-usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3.gz
-usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3.gz
-usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3.gz
-usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3.gz
-usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3.gz
-usr/share/man/man3/CURLOPT_PUT.3.gz
-usr/share/man/man3/CURLOPT_QUOTE.3.gz
-usr/share/man/man3/CURLOPT_RANDOM_FILE.3.gz
-usr/share/man/man3/CURLOPT_RANGE.3.gz
-usr/share/man/man3/CURLOPT_READDATA.3.gz
-usr/share/man/man3/CURLOPT_READFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3.gz
-usr/share/man/man3/CURLOPT_REFERER.3.gz
-usr/share/man/man3/CURLOPT_REQUEST_TARGET.3.gz
-usr/share/man/man3/CURLOPT_RESOLVE.3.gz
-usr/share/man/man3/CURLOPT_RESUME_FROM.3.gz
-usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3.gz
-usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3.gz
-usr/share/man/man3/CURLOPT_RTSP_REQUEST.3.gz
-usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3.gz
-usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3.gz
-usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3.gz
-usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3.gz
-usr/share/man/man3/CURLOPT_SASL_IR.3.gz
-usr/share/man/man3/CURLOPT_SEEKDATA.3.gz
-usr/share/man/man3/CURLOPT_SEEKFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_SERVICE_NAME.3.gz
-usr/share/man/man3/CURLOPT_SHARE.3.gz
-usr/share/man/man3/CURLOPT_SOCKOPTDATA.3.gz
-usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_SOCKS5_AUTH.3.gz
-usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3.gz
-usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3.gz
-usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3.gz
-usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3.gz
-usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3.gz
-usr/share/man/man3/CURLOPT_SSH_KEYDATA.3.gz
-usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3.gz
-usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3.gz
-usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3.gz
-usr/share/man/man3/CURLOPT_SSLCERT.3.gz
-usr/share/man/man3/CURLOPT_SSLCERTTYPE.3.gz
-usr/share/man/man3/CURLOPT_SSLENGINE.3.gz
-usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3.gz
-usr/share/man/man3/CURLOPT_SSLKEY.3.gz
-usr/share/man/man3/CURLOPT_SSLKEYTYPE.3.gz
-usr/share/man/man3/CURLOPT_SSLVERSION.3.gz
-usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3.gz
-usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3.gz
-usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3.gz
-usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3.gz
-usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3.gz
-usr/share/man/man3/CURLOPT_SSL_FALSESTART.3.gz
-usr/share/man/man3/CURLOPT_SSL_OPTIONS.3.gz
-usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3.gz
-usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3.gz
-usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3.gz
-usr/share/man/man3/CURLOPT_SSL_VERIFYSTATUS.3.gz
-usr/share/man/man3/CURLOPT_STDERR.3.gz
-usr/share/man/man3/CURLOPT_STREAM_DEPENDS.3.gz
-usr/share/man/man3/CURLOPT_STREAM_DEPENDS_E.3.gz
-usr/share/man/man3/CURLOPT_STREAM_WEIGHT.3.gz
-usr/share/man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3.gz
-usr/share/man/man3/CURLOPT_TCP_FASTOPEN.3.gz
-usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3.gz
-usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3.gz
-usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3.gz
-usr/share/man/man3/CURLOPT_TCP_NODELAY.3.gz
-usr/share/man/man3/CURLOPT_TELNETOPTIONS.3.gz
-usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3.gz
-usr/share/man/man3/CURLOPT_TFTP_NO_OPTIONS.3.gz
-usr/share/man/man3/CURLOPT_TIMECONDITION.3.gz
-usr/share/man/man3/CURLOPT_TIMEOUT.3.gz
-usr/share/man/man3/CURLOPT_TIMEOUT_MS.3.gz
-usr/share/man/man3/CURLOPT_TIMEVALUE.3.gz
-usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3.gz
-usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3.gz
-usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3.gz
-usr/share/man/man3/CURLOPT_TRANSFERTEXT.3.gz
-usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3.gz
-usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3.gz
-usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3.gz
-usr/share/man/man3/CURLOPT_UPLOAD.3.gz
-usr/share/man/man3/CURLOPT_URL.3.gz
-usr/share/man/man3/CURLOPT_USERAGENT.3.gz
-usr/share/man/man3/CURLOPT_USERNAME.3.gz
-usr/share/man/man3/CURLOPT_USERPWD.3.gz
-usr/share/man/man3/CURLOPT_USE_SSL.3.gz
-usr/share/man/man3/CURLOPT_VERBOSE.3.gz
-usr/share/man/man3/CURLOPT_WILDCARDMATCH.3.gz
-usr/share/man/man3/CURLOPT_WRITEDATA.3.gz
-usr/share/man/man3/CURLOPT_WRITEFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_XFERINFODATA.3.gz
-usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3.gz
-usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3.gz
-usr/share/man/man3/curl_easy_cleanup.3.gz
-usr/share/man/man3/curl_easy_duphandle.3.gz
-usr/share/man/man3/curl_easy_escape.3.gz
-usr/share/man/man3/curl_easy_getinfo.3.gz
-usr/share/man/man3/curl_easy_init.3.gz
-usr/share/man/man3/curl_easy_pause.3.gz
-usr/share/man/man3/curl_easy_perform.3.gz
-usr/share/man/man3/curl_easy_recv.3.gz
-usr/share/man/man3/curl_easy_reset.3.gz
-usr/share/man/man3/curl_easy_send.3.gz
-usr/share/man/man3/curl_easy_setopt.3.gz
-usr/share/man/man3/curl_easy_strerror.3.gz
-usr/share/man/man3/curl_easy_unescape.3.gz
-usr/share/man/man3/curl_escape.3.gz
-usr/share/man/man3/curl_formadd.3.gz
-usr/share/man/man3/curl_formfree.3.gz
-usr/share/man/man3/curl_formget.3.gz
-usr/share/man/man3/curl_free.3.gz
-usr/share/man/man3/curl_getdate.3.gz
-usr/share/man/man3/curl_getenv.3.gz
-usr/share/man/man3/curl_global_cleanup.3.gz
-usr/share/man/man3/curl_global_init.3.gz
-usr/share/man/man3/curl_global_init_mem.3.gz
-usr/share/man/man3/curl_global_sslset.3.gz
-usr/share/man/man3/curl_mime_addpart.3.gz
-usr/share/man/man3/curl_mime_data.3.gz
-usr/share/man/man3/curl_mime_data_cb.3.gz
-usr/share/man/man3/curl_mime_encoder.3.gz
-usr/share/man/man3/curl_mime_filedata.3.gz
-usr/share/man/man3/curl_mime_filename.3.gz
-usr/share/man/man3/curl_mime_free.3.gz
-usr/share/man/man3/curl_mime_headers.3.gz
-usr/share/man/man3/curl_mime_init.3.gz
-usr/share/man/man3/curl_mime_name.3.gz
-usr/share/man/man3/curl_mime_subparts.3.gz
-usr/share/man/man3/curl_mime_type.3.gz
-usr/share/man/man3/curl_mprintf.3.gz
-usr/share/man/man3/curl_multi_add_handle.3.gz
-usr/share/man/man3/curl_multi_assign.3.gz
-usr/share/man/man3/curl_multi_cleanup.3.gz
-usr/share/man/man3/curl_multi_fdset.3.gz
-usr/share/man/man3/curl_multi_info_read.3.gz
-usr/share/man/man3/curl_multi_init.3.gz
-usr/share/man/man3/curl_multi_perform.3.gz
-usr/share/man/man3/curl_multi_remove_handle.3.gz
-usr/share/man/man3/curl_multi_setopt.3.gz
-usr/share/man/man3/curl_multi_socket.3.gz
-usr/share/man/man3/curl_multi_socket_action.3.gz
-usr/share/man/man3/curl_multi_socket_all.3.gz
-usr/share/man/man3/curl_multi_strerror.3.gz
-usr/share/man/man3/curl_multi_timeout.3.gz
-usr/share/man/man3/curl_multi_wait.3.gz
-usr/share/man/man3/curl_share_cleanup.3.gz
-usr/share/man/man3/curl_share_init.3.gz
-usr/share/man/man3/curl_share_setopt.3.gz
-usr/share/man/man3/curl_share_strerror.3.gz
-usr/share/man/man3/curl_slist_append.3.gz
-usr/share/man/man3/curl_slist_free_all.3.gz
-usr/share/man/man3/curl_strequal.3.gz
-usr/share/man/man3/curl_strnequal.3.gz
-usr/share/man/man3/curl_unescape.3.gz
-usr/share/man/man3/curl_version.3.gz
-usr/share/man/man3/curl_version_info.3.gz
-usr/share/man/man3/libcurl-easy.3.gz
-usr/share/man/man3/libcurl-env.3.gz
-usr/share/man/man3/libcurl-errors.3.gz
-usr/share/man/man3/libcurl-multi.3.gz
-usr/share/man/man3/libcurl-share.3.gz
-usr/share/man/man3/libcurl-symbols.3.gz
-usr/share/man/man3/libcurl-thread.3.gz
-usr/share/man/man3/libcurl-tutorial.3.gz
-usr/share/man/man3/libcurl.3.gz
-
diff --git a/msys2/var/lib/pacman/local/curl-7.58.0-1/mtree b/msys2/var/lib/pacman/local/curl-7.58.0-1/mtree
deleted file mode 100644
index b491904cf..000000000
Binary files a/msys2/var/lib/pacman/local/curl-7.58.0-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/curl-7.65.0-1/desc b/msys2/var/lib/pacman/local/curl-7.65.0-1/desc
new file mode 100644
index 000000000..8201758be
--- /dev/null
+++ b/msys2/var/lib/pacman/local/curl-7.65.0-1/desc
@@ -0,0 +1,49 @@
+%NAME%
+curl
+
+%VERSION%
+7.65.0-1
+
+%BASE%
+curl
+
+%DESC%
+Multi-protocol file transfer utility
+
+%URL%
+https://curl.haxx.se
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1558600787
+
+%INSTALLDATE%
+1558699095
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+871424
+
+%GROUPS%
+base
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+ca-certificates
+libcurl
+libcrypt
+libmetalink
+libnghttp2
+libpsl
+openssl
+zlib
+
diff --git a/msys2/var/lib/pacman/local/curl-7.65.0-1/files b/msys2/var/lib/pacman/local/curl-7.65.0-1/files
new file mode 100644
index 000000000..5d0642279
--- /dev/null
+++ b/msys2/var/lib/pacman/local/curl-7.65.0-1/files
@@ -0,0 +1,443 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/curl.exe
+usr/share/
+usr/share/aclocal/
+usr/share/aclocal/libcurl.m4
+usr/share/licenses/
+usr/share/licenses/curl/
+usr/share/licenses/curl/COPYING
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/curl-config.1.gz
+usr/share/man/man1/curl.1.gz
+usr/share/man/man3/
+usr/share/man/man3/curl_easy_cleanup.3.gz
+usr/share/man/man3/curl_easy_duphandle.3.gz
+usr/share/man/man3/curl_easy_escape.3.gz
+usr/share/man/man3/curl_easy_getinfo.3.gz
+usr/share/man/man3/curl_easy_init.3.gz
+usr/share/man/man3/curl_easy_pause.3.gz
+usr/share/man/man3/curl_easy_perform.3.gz
+usr/share/man/man3/curl_easy_recv.3.gz
+usr/share/man/man3/curl_easy_reset.3.gz
+usr/share/man/man3/curl_easy_send.3.gz
+usr/share/man/man3/curl_easy_setopt.3.gz
+usr/share/man/man3/curl_easy_strerror.3.gz
+usr/share/man/man3/curl_easy_unescape.3.gz
+usr/share/man/man3/curl_easy_upkeep.3.gz
+usr/share/man/man3/curl_escape.3.gz
+usr/share/man/man3/curl_formadd.3.gz
+usr/share/man/man3/curl_formfree.3.gz
+usr/share/man/man3/curl_formget.3.gz
+usr/share/man/man3/curl_free.3.gz
+usr/share/man/man3/curl_getdate.3.gz
+usr/share/man/man3/curl_getenv.3.gz
+usr/share/man/man3/curl_global_cleanup.3.gz
+usr/share/man/man3/curl_global_init.3.gz
+usr/share/man/man3/curl_global_init_mem.3.gz
+usr/share/man/man3/curl_global_sslset.3.gz
+usr/share/man/man3/curl_mime_addpart.3.gz
+usr/share/man/man3/curl_mime_data.3.gz
+usr/share/man/man3/curl_mime_data_cb.3.gz
+usr/share/man/man3/curl_mime_encoder.3.gz
+usr/share/man/man3/curl_mime_filedata.3.gz
+usr/share/man/man3/curl_mime_filename.3.gz
+usr/share/man/man3/curl_mime_free.3.gz
+usr/share/man/man3/curl_mime_headers.3.gz
+usr/share/man/man3/curl_mime_init.3.gz
+usr/share/man/man3/curl_mime_name.3.gz
+usr/share/man/man3/curl_mime_subparts.3.gz
+usr/share/man/man3/curl_mime_type.3.gz
+usr/share/man/man3/curl_mprintf.3.gz
+usr/share/man/man3/curl_multi_add_handle.3.gz
+usr/share/man/man3/curl_multi_assign.3.gz
+usr/share/man/man3/curl_multi_cleanup.3.gz
+usr/share/man/man3/curl_multi_fdset.3.gz
+usr/share/man/man3/curl_multi_info_read.3.gz
+usr/share/man/man3/curl_multi_init.3.gz
+usr/share/man/man3/curl_multi_perform.3.gz
+usr/share/man/man3/curl_multi_remove_handle.3.gz
+usr/share/man/man3/curl_multi_setopt.3.gz
+usr/share/man/man3/curl_multi_socket.3.gz
+usr/share/man/man3/curl_multi_socket_action.3.gz
+usr/share/man/man3/curl_multi_socket_all.3.gz
+usr/share/man/man3/curl_multi_strerror.3.gz
+usr/share/man/man3/curl_multi_timeout.3.gz
+usr/share/man/man3/curl_multi_wait.3.gz
+usr/share/man/man3/curl_share_cleanup.3.gz
+usr/share/man/man3/curl_share_init.3.gz
+usr/share/man/man3/curl_share_setopt.3.gz
+usr/share/man/man3/curl_share_strerror.3.gz
+usr/share/man/man3/curl_slist_append.3.gz
+usr/share/man/man3/curl_slist_free_all.3.gz
+usr/share/man/man3/curl_strequal.3.gz
+usr/share/man/man3/curl_strnequal.3.gz
+usr/share/man/man3/curl_unescape.3.gz
+usr/share/man/man3/curl_url.3.gz
+usr/share/man/man3/curl_url_cleanup.3.gz
+usr/share/man/man3/curl_url_dup.3.gz
+usr/share/man/man3/curl_url_get.3.gz
+usr/share/man/man3/curl_url_set.3.gz
+usr/share/man/man3/curl_version.3.gz
+usr/share/man/man3/curl_version_info.3.gz
+usr/share/man/man3/CURLINFO_ACTIVESOCKET.3.gz
+usr/share/man/man3/CURLINFO_APPCONNECT_TIME.3.gz
+usr/share/man/man3/CURLINFO_APPCONNECT_TIME_T.3.gz
+usr/share/man/man3/CURLINFO_CERTINFO.3.gz
+usr/share/man/man3/CURLINFO_CONDITION_UNMET.3.gz
+usr/share/man/man3/CURLINFO_CONNECT_TIME.3.gz
+usr/share/man/man3/CURLINFO_CONNECT_TIME_T.3.gz
+usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3.gz
+usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3.gz
+usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3.gz
+usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3.gz
+usr/share/man/man3/CURLINFO_CONTENT_TYPE.3.gz
+usr/share/man/man3/CURLINFO_COOKIELIST.3.gz
+usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3.gz
+usr/share/man/man3/CURLINFO_FILETIME.3.gz
+usr/share/man/man3/CURLINFO_FILETIME_T.3.gz
+usr/share/man/man3/CURLINFO_FTP_ENTRY_PATH.3.gz
+usr/share/man/man3/CURLINFO_HEADER_SIZE.3.gz
+usr/share/man/man3/CURLINFO_HTTP_CONNECTCODE.3.gz
+usr/share/man/man3/CURLINFO_HTTP_VERSION.3.gz
+usr/share/man/man3/CURLINFO_HTTPAUTH_AVAIL.3.gz
+usr/share/man/man3/CURLINFO_LASTSOCKET.3.gz
+usr/share/man/man3/CURLINFO_LOCAL_IP.3.gz
+usr/share/man/man3/CURLINFO_LOCAL_PORT.3.gz
+usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME.3.gz
+usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME_T.3.gz
+usr/share/man/man3/CURLINFO_NUM_CONNECTS.3.gz
+usr/share/man/man3/CURLINFO_OS_ERRNO.3.gz
+usr/share/man/man3/CURLINFO_PRETRANSFER_TIME.3.gz
+usr/share/man/man3/CURLINFO_PRETRANSFER_TIME_T.3.gz
+usr/share/man/man3/CURLINFO_PRIMARY_IP.3.gz
+usr/share/man/man3/CURLINFO_PRIMARY_PORT.3.gz
+usr/share/man/man3/CURLINFO_PRIVATE.3.gz
+usr/share/man/man3/CURLINFO_PROTOCOL.3.gz
+usr/share/man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3.gz
+usr/share/man/man3/CURLINFO_PROXYAUTH_AVAIL.3.gz
+usr/share/man/man3/CURLINFO_REDIRECT_COUNT.3.gz
+usr/share/man/man3/CURLINFO_REDIRECT_TIME.3.gz
+usr/share/man/man3/CURLINFO_REDIRECT_TIME_T.3.gz
+usr/share/man/man3/CURLINFO_REDIRECT_URL.3.gz
+usr/share/man/man3/CURLINFO_REQUEST_SIZE.3.gz
+usr/share/man/man3/CURLINFO_RESPONSE_CODE.3.gz
+usr/share/man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3.gz
+usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3.gz
+usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3.gz
+usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3.gz
+usr/share/man/man3/CURLINFO_SCHEME.3.gz
+usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3.gz
+usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3.gz
+usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3.gz
+usr/share/man/man3/CURLINFO_SIZE_UPLOAD_T.3.gz
+usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD.3.gz
+usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD_T.3.gz
+usr/share/man/man3/CURLINFO_SPEED_UPLOAD.3.gz
+usr/share/man/man3/CURLINFO_SPEED_UPLOAD_T.3.gz
+usr/share/man/man3/CURLINFO_SSL_ENGINES.3.gz
+usr/share/man/man3/CURLINFO_SSL_VERIFYRESULT.3.gz
+usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME.3.gz
+usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME_T.3.gz
+usr/share/man/man3/CURLINFO_TLS_SESSION.3.gz
+usr/share/man/man3/CURLINFO_TLS_SSL_PTR.3.gz
+usr/share/man/man3/CURLINFO_TOTAL_TIME.3.gz
+usr/share/man/man3/CURLINFO_TOTAL_TIME_T.3.gz
+usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3.gz
+usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3.gz
+usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3.gz
+usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3.gz
+usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3.gz
+usr/share/man/man3/CURLMOPT_MAXCONNECTS.3.gz
+usr/share/man/man3/CURLMOPT_PIPELINING.3.gz
+usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3.gz
+usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3.gz
+usr/share/man/man3/CURLMOPT_PUSHDATA.3.gz
+usr/share/man/man3/CURLMOPT_PUSHFUNCTION.3.gz
+usr/share/man/man3/CURLMOPT_SOCKETDATA.3.gz
+usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3.gz
+usr/share/man/man3/CURLMOPT_TIMERDATA.3.gz
+usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3.gz
+usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3.gz
+usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3.gz
+usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3.gz
+usr/share/man/man3/CURLOPT_ALTSVC.3.gz
+usr/share/man/man3/CURLOPT_ALTSVC_CTRL.3.gz
+usr/share/man/man3/CURLOPT_APPEND.3.gz
+usr/share/man/man3/CURLOPT_AUTOREFERER.3.gz
+usr/share/man/man3/CURLOPT_BUFFERSIZE.3.gz
+usr/share/man/man3/CURLOPT_CAINFO.3.gz
+usr/share/man/man3/CURLOPT_CAPATH.3.gz
+usr/share/man/man3/CURLOPT_CERTINFO.3.gz
+usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3.gz
+usr/share/man/man3/CURLOPT_CHUNK_DATA.3.gz
+usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3.gz
+usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3.gz
+usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_CONNECT_ONLY.3.gz
+usr/share/man/man3/CURLOPT_CONNECT_TO.3.gz
+usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3.gz
+usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3.gz
+usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3.gz
+usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3.gz
+usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3.gz
+usr/share/man/man3/CURLOPT_COOKIE.3.gz
+usr/share/man/man3/CURLOPT_COOKIEFILE.3.gz
+usr/share/man/man3/CURLOPT_COOKIEJAR.3.gz
+usr/share/man/man3/CURLOPT_COOKIELIST.3.gz
+usr/share/man/man3/CURLOPT_COOKIESESSION.3.gz
+usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3.gz
+usr/share/man/man3/CURLOPT_CRLF.3.gz
+usr/share/man/man3/CURLOPT_CRLFILE.3.gz
+usr/share/man/man3/CURLOPT_CURLU.3.gz
+usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3.gz
+usr/share/man/man3/CURLOPT_DEBUGDATA.3.gz
+usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_DEFAULT_PROTOCOL.3.gz
+usr/share/man/man3/CURLOPT_DIRLISTONLY.3.gz
+usr/share/man/man3/CURLOPT_DISALLOW_USERNAME_IN_URL.3.gz
+usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3.gz
+usr/share/man/man3/CURLOPT_DNS_INTERFACE.3.gz
+usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3.gz
+usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz
+usr/share/man/man3/CURLOPT_DNS_SERVERS.3.gz
+usr/share/man/man3/CURLOPT_DNS_SHUFFLE_ADDRESSES.3.gz
+usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz
+usr/share/man/man3/CURLOPT_DOH_URL.3.gz
+usr/share/man/man3/CURLOPT_EGDSOCKET.3.gz
+usr/share/man/man3/CURLOPT_ERRORBUFFER.3.gz
+usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3.gz
+usr/share/man/man3/CURLOPT_FAILONERROR.3.gz
+usr/share/man/man3/CURLOPT_FILETIME.3.gz
+usr/share/man/man3/CURLOPT_FNMATCH_DATA.3.gz
+usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3.gz
+usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3.gz
+usr/share/man/man3/CURLOPT_FORBID_REUSE.3.gz
+usr/share/man/man3/CURLOPT_FRESH_CONNECT.3.gz
+usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3.gz
+usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3.gz
+usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3.gz
+usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3.gz
+usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3.gz
+usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3.gz
+usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3.gz
+usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3.gz
+usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3.gz
+usr/share/man/man3/CURLOPT_FTP_USE_PRET.3.gz
+usr/share/man/man3/CURLOPT_FTPPORT.3.gz
+usr/share/man/man3/CURLOPT_FTPSSLAUTH.3.gz
+usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3.gz
+usr/share/man/man3/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3.gz
+usr/share/man/man3/CURLOPT_HAPROXYPROTOCOL.3.gz
+usr/share/man/man3/CURLOPT_HEADER.3.gz
+usr/share/man/man3/CURLOPT_HEADERDATA.3.gz
+usr/share/man/man3/CURLOPT_HEADERFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_HEADEROPT.3.gz
+usr/share/man/man3/CURLOPT_HTTP09_ALLOWED.3.gz
+usr/share/man/man3/CURLOPT_HTTP200ALIASES.3.gz
+usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3.gz
+usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3.gz
+usr/share/man/man3/CURLOPT_HTTP_VERSION.3.gz
+usr/share/man/man3/CURLOPT_HTTPAUTH.3.gz
+usr/share/man/man3/CURLOPT_HTTPGET.3.gz
+usr/share/man/man3/CURLOPT_HTTPHEADER.3.gz
+usr/share/man/man3/CURLOPT_HTTPPOST.3.gz
+usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3.gz
+usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3.gz
+usr/share/man/man3/CURLOPT_INFILESIZE.3.gz
+usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3.gz
+usr/share/man/man3/CURLOPT_INTERFACE.3.gz
+usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3.gz
+usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_IOCTLDATA.3.gz
+usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_IPRESOLVE.3.gz
+usr/share/man/man3/CURLOPT_ISSUERCERT.3.gz
+usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3.gz
+usr/share/man/man3/CURLOPT_KEYPASSWD.3.gz
+usr/share/man/man3/CURLOPT_KRBLEVEL.3.gz
+usr/share/man/man3/CURLOPT_LOCALPORT.3.gz
+usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3.gz
+usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3.gz
+usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3.gz
+usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3.gz
+usr/share/man/man3/CURLOPT_MAIL_AUTH.3.gz
+usr/share/man/man3/CURLOPT_MAIL_FROM.3.gz
+usr/share/man/man3/CURLOPT_MAIL_RCPT.3.gz
+usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3.gz
+usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3.gz
+usr/share/man/man3/CURLOPT_MAXAGE_CONN.3.gz
+usr/share/man/man3/CURLOPT_MAXCONNECTS.3.gz
+usr/share/man/man3/CURLOPT_MAXFILESIZE.3.gz
+usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3.gz
+usr/share/man/man3/CURLOPT_MAXREDIRS.3.gz
+usr/share/man/man3/CURLOPT_MIMEPOST.3.gz
+usr/share/man/man3/CURLOPT_NETRC.3.gz
+usr/share/man/man3/CURLOPT_NETRC_FILE.3.gz
+usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3.gz
+usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3.gz
+usr/share/man/man3/CURLOPT_NOBODY.3.gz
+usr/share/man/man3/CURLOPT_NOPROGRESS.3.gz
+usr/share/man/man3/CURLOPT_NOPROXY.3.gz
+usr/share/man/man3/CURLOPT_NOSIGNAL.3.gz
+usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3.gz
+usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_PASSWORD.3.gz
+usr/share/man/man3/CURLOPT_PATH_AS_IS.3.gz
+usr/share/man/man3/CURLOPT_PINNEDPUBLICKEY.3.gz
+usr/share/man/man3/CURLOPT_PIPEWAIT.3.gz
+usr/share/man/man3/CURLOPT_PORT.3.gz
+usr/share/man/man3/CURLOPT_POST.3.gz
+usr/share/man/man3/CURLOPT_POSTFIELDS.3.gz
+usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3.gz
+usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3.gz
+usr/share/man/man3/CURLOPT_POSTQUOTE.3.gz
+usr/share/man/man3/CURLOPT_POSTREDIR.3.gz
+usr/share/man/man3/CURLOPT_PRE_PROXY.3.gz
+usr/share/man/man3/CURLOPT_PREQUOTE.3.gz
+usr/share/man/man3/CURLOPT_PRIVATE.3.gz
+usr/share/man/man3/CURLOPT_PROGRESSDATA.3.gz
+usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_PROTOCOLS.3.gz
+usr/share/man/man3/CURLOPT_PROXY.3.gz
+usr/share/man/man3/CURLOPT_PROXY_CAINFO.3.gz
+usr/share/man/man3/CURLOPT_PROXY_CAPATH.3.gz
+usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3.gz
+usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3.gz
+usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3.gz
+usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3.gz
+usr/share/man/man3/CURLOPT_PROXY_TLS13_CIPHERS.3.gz
+usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3.gz
+usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3.gz
+usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3.gz
+usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3.gz
+usr/share/man/man3/CURLOPT_PROXYAUTH.3.gz
+usr/share/man/man3/CURLOPT_PROXYHEADER.3.gz
+usr/share/man/man3/CURLOPT_PROXYPASSWORD.3.gz
+usr/share/man/man3/CURLOPT_PROXYPORT.3.gz
+usr/share/man/man3/CURLOPT_PROXYTYPE.3.gz
+usr/share/man/man3/CURLOPT_PROXYUSERNAME.3.gz
+usr/share/man/man3/CURLOPT_PROXYUSERPWD.3.gz
+usr/share/man/man3/CURLOPT_PUT.3.gz
+usr/share/man/man3/CURLOPT_QUOTE.3.gz
+usr/share/man/man3/CURLOPT_RANDOM_FILE.3.gz
+usr/share/man/man3/CURLOPT_RANGE.3.gz
+usr/share/man/man3/CURLOPT_READDATA.3.gz
+usr/share/man/man3/CURLOPT_READFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3.gz
+usr/share/man/man3/CURLOPT_REFERER.3.gz
+usr/share/man/man3/CURLOPT_REQUEST_TARGET.3.gz
+usr/share/man/man3/CURLOPT_RESOLVE.3.gz
+usr/share/man/man3/CURLOPT_RESOLVER_START_DATA.3.gz
+usr/share/man/man3/CURLOPT_RESOLVER_START_FUNCTION.3.gz
+usr/share/man/man3/CURLOPT_RESUME_FROM.3.gz
+usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3.gz
+usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3.gz
+usr/share/man/man3/CURLOPT_RTSP_REQUEST.3.gz
+usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3.gz
+usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3.gz
+usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3.gz
+usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3.gz
+usr/share/man/man3/CURLOPT_SASL_IR.3.gz
+usr/share/man/man3/CURLOPT_SEEKDATA.3.gz
+usr/share/man/man3/CURLOPT_SEEKFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_SERVICE_NAME.3.gz
+usr/share/man/man3/CURLOPT_SHARE.3.gz
+usr/share/man/man3/CURLOPT_SOCKOPTDATA.3.gz
+usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_SOCKS5_AUTH.3.gz
+usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3.gz
+usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3.gz
+usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3.gz
+usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3.gz
+usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3.gz
+usr/share/man/man3/CURLOPT_SSH_KEYDATA.3.gz
+usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3.gz
+usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3.gz
+usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3.gz
+usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3.gz
+usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3.gz
+usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3.gz
+usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3.gz
+usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3.gz
+usr/share/man/man3/CURLOPT_SSL_FALSESTART.3.gz
+usr/share/man/man3/CURLOPT_SSL_OPTIONS.3.gz
+usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3.gz
+usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3.gz
+usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3.gz
+usr/share/man/man3/CURLOPT_SSL_VERIFYSTATUS.3.gz
+usr/share/man/man3/CURLOPT_SSLCERT.3.gz
+usr/share/man/man3/CURLOPT_SSLCERTTYPE.3.gz
+usr/share/man/man3/CURLOPT_SSLENGINE.3.gz
+usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3.gz
+usr/share/man/man3/CURLOPT_SSLKEY.3.gz
+usr/share/man/man3/CURLOPT_SSLKEYTYPE.3.gz
+usr/share/man/man3/CURLOPT_SSLVERSION.3.gz
+usr/share/man/man3/CURLOPT_STDERR.3.gz
+usr/share/man/man3/CURLOPT_STREAM_DEPENDS.3.gz
+usr/share/man/man3/CURLOPT_STREAM_DEPENDS_E.3.gz
+usr/share/man/man3/CURLOPT_STREAM_WEIGHT.3.gz
+usr/share/man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3.gz
+usr/share/man/man3/CURLOPT_TCP_FASTOPEN.3.gz
+usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3.gz
+usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3.gz
+usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3.gz
+usr/share/man/man3/CURLOPT_TCP_NODELAY.3.gz
+usr/share/man/man3/CURLOPT_TELNETOPTIONS.3.gz
+usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3.gz
+usr/share/man/man3/CURLOPT_TFTP_NO_OPTIONS.3.gz
+usr/share/man/man3/CURLOPT_TIMECONDITION.3.gz
+usr/share/man/man3/CURLOPT_TIMEOUT.3.gz
+usr/share/man/man3/CURLOPT_TIMEOUT_MS.3.gz
+usr/share/man/man3/CURLOPT_TIMEVALUE.3.gz
+usr/share/man/man3/CURLOPT_TIMEVALUE_LARGE.3.gz
+usr/share/man/man3/CURLOPT_TLS13_CIPHERS.3.gz
+usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3.gz
+usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3.gz
+usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3.gz
+usr/share/man/man3/CURLOPT_TRAILERDATA.3.gz
+usr/share/man/man3/CURLOPT_TRAILERFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3.gz
+usr/share/man/man3/CURLOPT_TRANSFERTEXT.3.gz
+usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3.gz
+usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3.gz
+usr/share/man/man3/CURLOPT_UPKEEP_INTERVAL_MS.3.gz
+usr/share/man/man3/CURLOPT_UPLOAD.3.gz
+usr/share/man/man3/CURLOPT_UPLOAD_BUFFERSIZE.3.gz
+usr/share/man/man3/CURLOPT_URL.3.gz
+usr/share/man/man3/CURLOPT_USE_SSL.3.gz
+usr/share/man/man3/CURLOPT_USERAGENT.3.gz
+usr/share/man/man3/CURLOPT_USERNAME.3.gz
+usr/share/man/man3/CURLOPT_USERPWD.3.gz
+usr/share/man/man3/CURLOPT_VERBOSE.3.gz
+usr/share/man/man3/CURLOPT_WILDCARDMATCH.3.gz
+usr/share/man/man3/CURLOPT_WRITEDATA.3.gz
+usr/share/man/man3/CURLOPT_WRITEFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_XFERINFODATA.3.gz
+usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3.gz
+usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3.gz
+usr/share/man/man3/libcurl-easy.3.gz
+usr/share/man/man3/libcurl-env.3.gz
+usr/share/man/man3/libcurl-errors.3.gz
+usr/share/man/man3/libcurl-multi.3.gz
+usr/share/man/man3/libcurl-security.3.gz
+usr/share/man/man3/libcurl-share.3.gz
+usr/share/man/man3/libcurl-symbols.3.gz
+usr/share/man/man3/libcurl-thread.3.gz
+usr/share/man/man3/libcurl-tutorial.3.gz
+usr/share/man/man3/libcurl-url.3.gz
+usr/share/man/man3/libcurl.3.gz
+
diff --git a/msys2/var/lib/pacman/local/curl-7.65.0-1/mtree b/msys2/var/lib/pacman/local/curl-7.65.0-1/mtree
new file mode 100644
index 000000000..652778ac9
Binary files /dev/null and b/msys2/var/lib/pacman/local/curl-7.65.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/dash-0.5.10.2-1/desc b/msys2/var/lib/pacman/local/dash-0.5.10.2-1/desc
new file mode 100644
index 000000000..152d18277
--- /dev/null
+++ b/msys2/var/lib/pacman/local/dash-0.5.10.2-1/desc
@@ -0,0 +1,42 @@
+%NAME%
+dash
+
+%VERSION%
+0.5.10.2-1
+
+%DESC%
+A POSIX compliant shell that aims to be as small as possible
+
+%URL%
+http://gondor.apana.org.au/~herbert/dash/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1529584189
+
+%INSTALLDATE%
+1558699096
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+256000
+
+%GROUPS%
+base
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-base
+msys2-runtime
+grep
+sed
+
diff --git a/msys2/var/lib/pacman/local/dash-0.5.9.1-1/files b/msys2/var/lib/pacman/local/dash-0.5.10.2-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/dash-0.5.9.1-1/files
rename to msys2/var/lib/pacman/local/dash-0.5.10.2-1/files
diff --git a/msys2/var/lib/pacman/local/dash-0.5.9.1-1/install b/msys2/var/lib/pacman/local/dash-0.5.10.2-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/dash-0.5.9.1-1/install
rename to msys2/var/lib/pacman/local/dash-0.5.10.2-1/install
diff --git a/msys2/var/lib/pacman/local/dash-0.5.10.2-1/mtree b/msys2/var/lib/pacman/local/dash-0.5.10.2-1/mtree
new file mode 100644
index 000000000..d764885f4
Binary files /dev/null and b/msys2/var/lib/pacman/local/dash-0.5.10.2-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/dash-0.5.9.1-1/desc b/msys2/var/lib/pacman/local/dash-0.5.9.1-1/desc
deleted file mode 100644
index a6484b280..000000000
--- a/msys2/var/lib/pacman/local/dash-0.5.9.1-1/desc
+++ /dev/null
@@ -1,42 +0,0 @@
-%NAME%
-dash
-
-%VERSION%
-0.5.9.1-1
-
-%DESC%
-A POSIX compliant shell that aims to be as small as possible
-
-%URL%
-http://gondor.apana.org.au/~herbert/dash/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1477305487
-
-%INSTALLDATE%
-1527758872
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-254976
-
-%GROUPS%
-base
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-base
-msys2-runtime
-grep
-sed
-
diff --git a/msys2/var/lib/pacman/local/dash-0.5.9.1-1/mtree b/msys2/var/lib/pacman/local/dash-0.5.9.1-1/mtree
deleted file mode 100644
index 1c8120352..000000000
Binary files a/msys2/var/lib/pacman/local/dash-0.5.9.1-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/dtc-1.4.4-1/desc b/msys2/var/lib/pacman/local/dtc-1.4.4-1/desc
deleted file mode 100644
index 1ff19af18..000000000
--- a/msys2/var/lib/pacman/local/dtc-1.4.4-1/desc
+++ /dev/null
@@ -1,36 +0,0 @@
-%NAME%
-dtc
-
-%VERSION%
-1.4.4-1
-
-%DESC%
-Device Tree Compiler
-
-%URL%
-https://git.kernel.org/pub/scm/utils/dtc/dtc/git
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1500010091
-
-%INSTALLDATE%
-1527758873
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-368640
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL2
-
-%VALIDATION%
-pgp
-
diff --git a/msys2/var/lib/pacman/local/dtc-1.4.4-1/files b/msys2/var/lib/pacman/local/dtc-1.4.4-1/files
deleted file mode 100644
index a4c28d5af..000000000
--- a/msys2/var/lib/pacman/local/dtc-1.4.4-1/files
+++ /dev/null
@@ -1,23 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/convert-dtsv0.exe
-usr/bin/dtc.exe
-usr/bin/dtdiff
-usr/bin/fdtdump.exe
-usr/bin/fdtget.exe
-usr/bin/fdtput.exe
-usr/include/
-usr/include/fdt.h
-usr/include/libfdt.h
-usr/include/libfdt_env.h
-usr/lib/
-usr/lib/libfdt-1.4.4.so
-usr/lib/libfdt.a
-usr/lib/libfdt.so
-usr/lib/libfdt.so.1
-usr/share/
-usr/share/licenses/
-usr/share/licenses/dtc/
-usr/share/licenses/dtc/README.license
-
diff --git a/msys2/var/lib/pacman/local/dtc-1.4.4-1/mtree b/msys2/var/lib/pacman/local/dtc-1.4.4-1/mtree
deleted file mode 100644
index 6ee5147c6..000000000
Binary files a/msys2/var/lib/pacman/local/dtc-1.4.4-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/dtc-1.5.0-1/desc b/msys2/var/lib/pacman/local/dtc-1.5.0-1/desc
new file mode 100644
index 000000000..6444ae006
--- /dev/null
+++ b/msys2/var/lib/pacman/local/dtc-1.5.0-1/desc
@@ -0,0 +1,39 @@
+%NAME%
+dtc
+
+%VERSION%
+1.5.0-1
+
+%BASE%
+dtc
+
+%DESC%
+Device Tree Compiler
+
+%URL%
+https://git.kernel.org/pub/scm/utils/dtc/dtc/git
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556171229
+
+%INSTALLDATE%
+1558699096
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+389120
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL2
+
+%VALIDATION%
+pgp
+
diff --git a/msys2/var/lib/pacman/local/dtc-1.5.0-1/files b/msys2/var/lib/pacman/local/dtc-1.5.0-1/files
new file mode 100644
index 000000000..109fab64e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/dtc-1.5.0-1/files
@@ -0,0 +1,22 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/convert-dtsv0.exe
+usr/bin/dtc.exe
+usr/bin/dtdiff
+usr/bin/fdtdump.exe
+usr/bin/fdtget.exe
+usr/bin/fdtoverlay.exe
+usr/bin/fdtput.exe
+usr/bin/libfdt.dll
+usr/include/
+usr/include/fdt.h
+usr/include/libfdt.h
+usr/include/libfdt_env.h
+usr/lib/
+usr/lib/libfdt.a
+usr/share/
+usr/share/licenses/
+usr/share/licenses/dtc/
+usr/share/licenses/dtc/README.license
+
diff --git a/msys2/var/lib/pacman/local/dtc-1.5.0-1/mtree b/msys2/var/lib/pacman/local/dtc-1.5.0-1/mtree
new file mode 100644
index 000000000..f0068fc33
Binary files /dev/null and b/msys2/var/lib/pacman/local/dtc-1.5.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/file-5.33-1/desc b/msys2/var/lib/pacman/local/file-5.33-1/desc
deleted file mode 100644
index 44ce1b775..000000000
--- a/msys2/var/lib/pacman/local/file-5.33-1/desc
+++ /dev/null
@@ -1,42 +0,0 @@
-%NAME%
-file
-
-%VERSION%
-5.33-1
-
-%DESC%
-File type identification utility
-
-%URL%
-https://www.darwinsys.com/file/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1524136429
-
-%INSTALLDATE%
-1527758873
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-8352768
-
-%GROUPS%
-base
-base-devel
-
-%LICENSE%
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-msys2-runtime
-zlib
-
diff --git a/msys2/var/lib/pacman/local/file-5.33-1/files b/msys2/var/lib/pacman/local/file-5.33-1/files
deleted file mode 100644
index af468101a..000000000
--- a/msys2/var/lib/pacman/local/file-5.33-1/files
+++ /dev/null
@@ -1,34 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/file.exe
-usr/bin/msys-magic-1.dll
-usr/include/
-usr/include/magic.h
-usr/lib/
-usr/lib/libmagic.dll.a
-usr/lib/python2.7/
-usr/lib/python2.7/site-packages/
-usr/lib/python2.7/site-packages/magic.py
-usr/lib/python3.6/
-usr/lib/python3.6/site-packages/
-usr/lib/python3.6/site-packages/magic.py
-usr/share/
-usr/share/file/
-usr/share/file/magic
-usr/share/licenses/
-usr/share/licenses/file/
-usr/share/licenses/file/COPYING
-usr/share/magic
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/file.1.gz
-usr/share/man/man3/
-usr/share/man/man3/libmagic.3.gz
-usr/share/man/man4/
-usr/share/man/man5/
-usr/share/man/man5/magic.5.gz
-usr/share/misc/
-usr/share/misc/magic
-usr/share/misc/magic.mgc
-
diff --git a/msys2/var/lib/pacman/local/file-5.33-1/mtree b/msys2/var/lib/pacman/local/file-5.33-1/mtree
deleted file mode 100644
index 3a4dad5f5..000000000
Binary files a/msys2/var/lib/pacman/local/file-5.33-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/file-5.37-1/desc b/msys2/var/lib/pacman/local/file-5.37-1/desc
new file mode 100644
index 000000000..ad35e0bde
--- /dev/null
+++ b/msys2/var/lib/pacman/local/file-5.37-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+file
+
+%VERSION%
+5.37-1
+
+%BASE%
+file
+
+%DESC%
+File type identification utility
+
+%URL%
+https://www.darwinsys.com/file/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1558600396
+
+%INSTALLDATE%
+1558699097
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+9082880
+
+%GROUPS%
+base
+base-devel
+
+%LICENSE%
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+msys2-runtime
+zlib
+
diff --git a/msys2/var/lib/pacman/local/file-5.37-1/files b/msys2/var/lib/pacman/local/file-5.37-1/files
new file mode 100644
index 000000000..4866fc07e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/file-5.37-1/files
@@ -0,0 +1,34 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/file.exe
+usr/bin/msys-magic-1.dll
+usr/include/
+usr/include/magic.h
+usr/lib/
+usr/lib/libmagic.dll.a
+usr/lib/python2.7/
+usr/lib/python2.7/site-packages/
+usr/lib/python2.7/site-packages/magic.py
+usr/lib/python3.7/
+usr/lib/python3.7/site-packages/
+usr/lib/python3.7/site-packages/magic.py
+usr/share/
+usr/share/file/
+usr/share/file/magic
+usr/share/licenses/
+usr/share/licenses/file/
+usr/share/licenses/file/COPYING
+usr/share/magic
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/file.1.gz
+usr/share/man/man3/
+usr/share/man/man3/libmagic.3.gz
+usr/share/man/man4/
+usr/share/man/man5/
+usr/share/man/man5/magic.5.gz
+usr/share/misc/
+usr/share/misc/magic
+usr/share/misc/magic.mgc
+
diff --git a/msys2/var/lib/pacman/local/file-5.37-1/mtree b/msys2/var/lib/pacman/local/file-5.37-1/mtree
new file mode 100644
index 000000000..9c9fb63bf
Binary files /dev/null and b/msys2/var/lib/pacman/local/file-5.37-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/filesystem-2018.04-1/desc b/msys2/var/lib/pacman/local/filesystem-2018.04-1/desc
deleted file mode 100644
index 8a0c5c784..000000000
--- a/msys2/var/lib/pacman/local/filesystem-2018.04-1/desc
+++ /dev/null
@@ -1,42 +0,0 @@
-%NAME%
-filesystem
-
-%VERSION%
-2018.04-1
-
-%DESC%
-Base filesystem
-
-%URL%
-https://sourceforge.net/projects/msys2/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1524112995
-
-%INSTALLDATE%
-1527758872
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-95232
-
-%GROUPS%
-base
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%REPLACES%
-msys2-base
-
-%PROVIDES%
-msys2-base
-
diff --git a/msys2/var/lib/pacman/local/filesystem-2018.04-1/files b/msys2/var/lib/pacman/local/filesystem-2018.04-1/files
deleted file mode 100644
index 0574c49b8..000000000
--- a/msys2/var/lib/pacman/local/filesystem-2018.04-1/files
+++ /dev/null
@@ -1,96 +0,0 @@
-%FILES%
-dev/
-etc/
-etc/bash.bash_logout
-etc/bash.bashrc
-etc/config.site
-etc/fstab
-etc/fstab.d/
-etc/msystem
-etc/nsswitch.conf
-etc/post-install/
-etc/post-install/01-devices.post
-etc/post-install/03-mtab.post
-etc/post-install/05-home-dir.post
-etc/post-install/06-windows-files.post
-etc/post-install/07-pacman-key.post
-etc/post-install/08-xml-catalog.post
-etc/profile
-etc/profile.d/
-etc/profile.d/lang.sh
-etc/profile.d/tzset.sh
-etc/shells
-etc/skel/
-etc/skel/.bash_logout
-etc/skel/.bash_profile
-etc/skel/.bashrc
-etc/skel/.inputrc
-etc/skel/.profile
-home/
-mingw32/
-mingw32/bin/
-mingw32/etc/
-mingw32/etc/config.site
-mingw32/include/
-mingw32/lib/
-mingw32/share/
-mingw64/
-mingw64/bin/
-mingw64/etc/
-mingw64/etc/config.site
-mingw64/include/
-mingw64/lib/
-mingw64/share/
-msys2.ico
-msys2_shell.cmd
-opt/
-tmp/
-usr/
-usr/bin/
-usr/bin/cmd
-usr/bin/dep-search
-usr/bin/regen-info.sh
-usr/bin/shell
-usr/bin/start
-usr/include/
-usr/lib/
-usr/local/
-usr/local/etc/
-usr/local/etc/config.site
-usr/share/
-usr/share/Msys/
-usr/share/Msys/cygwin.ldif
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man2/
-usr/share/man/man3/
-usr/share/man/man4/
-usr/share/man/man5/
-usr/share/man/man6/
-usr/share/man/man7/
-usr/share/man/man8/
-usr/share/misc/
-usr/src/
-var/
-var/cache/
-var/cache/man/
-var/empty/
-var/lib/
-var/lib/misc/
-var/local/
-var/log/
-var/log/old/
-var/opt/
-var/tmp/
-
-%BACKUP%
-etc/fstab	b0eb2ba1c1bc95e678309fd36dac27db
-etc/shells	bb51026508581e55bbefe36e2b799108
-etc/profile	9dde609b5f647d3a5876c54ae20ec04d
-etc/bash.bashrc	7ada69e863428a4ea78c3de4ff747135
-etc/bash.bash_logout	3b95f37af49beb642c8fe174dd1f63fc
-etc/skel/.bashrc	7a8cf2e199bc046bcfed1fc75275b15c
-etc/skel/.bash_profile	e32cd0cf441ce0e8c57f550b0d28b182
-etc/skel/.bash_logout	42f4400ed2314bd7519c020d0187edc5
-etc/nsswitch.conf	b29485d6e832dce9b27a2c025b53bdd8
-
diff --git a/msys2/var/lib/pacman/local/filesystem-2018.04-1/mtree b/msys2/var/lib/pacman/local/filesystem-2018.04-1/mtree
deleted file mode 100644
index 4e7717171..000000000
Binary files a/msys2/var/lib/pacman/local/filesystem-2018.04-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/filesystem-2018.12-1/desc b/msys2/var/lib/pacman/local/filesystem-2018.12-1/desc
new file mode 100644
index 000000000..9c43af6e4
--- /dev/null
+++ b/msys2/var/lib/pacman/local/filesystem-2018.12-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+filesystem
+
+%VERSION%
+2018.12-1
+
+%BASE%
+filesystem
+
+%DESC%
+Base filesystem
+
+%URL%
+https://sourceforge.net/projects/msys2/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1544899550
+
+%INSTALLDATE%
+1558699096
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+98304
+
+%GROUPS%
+base
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%REPLACES%
+msys2-base
+
+%PROVIDES%
+msys2-base
+
diff --git a/msys2/var/lib/pacman/local/filesystem-2018.12-1/files b/msys2/var/lib/pacman/local/filesystem-2018.12-1/files
new file mode 100644
index 000000000..4899da3ae
--- /dev/null
+++ b/msys2/var/lib/pacman/local/filesystem-2018.12-1/files
@@ -0,0 +1,111 @@
+%FILES%
+clang32/
+clang32/bin/
+clang32/etc/
+clang32/etc/config.site
+clang32/include/
+clang32/lib/
+clang32/share/
+clang64/
+clang64/bin/
+clang64/etc/
+clang64/etc/config.site
+clang64/include/
+clang64/lib/
+clang64/share/
+dev/
+etc/
+etc/bash.bash_logout
+etc/bash.bashrc
+etc/config.site
+etc/fstab
+etc/fstab.d/
+etc/msystem
+etc/nsswitch.conf
+etc/post-install/
+etc/post-install/01-devices.post
+etc/post-install/03-mtab.post
+etc/post-install/05-home-dir.post
+etc/post-install/06-windows-files.post
+etc/post-install/07-pacman-key.post
+etc/post-install/08-xml-catalog.post
+etc/post-install/09-proxspace.post
+etc/profile
+etc/profile.d/
+etc/profile.d/lang.sh
+etc/profile.d/tzset.sh
+etc/shells
+etc/skel/
+etc/skel/.bash_logout
+etc/skel/.bash_profile
+etc/skel/.bashrc
+etc/skel/.inputrc
+etc/skel/.profile
+home/
+mingw32/
+mingw32/bin/
+mingw32/etc/
+mingw32/etc/config.site
+mingw32/include/
+mingw32/lib/
+mingw32/share/
+mingw64/
+mingw64/bin/
+mingw64/etc/
+mingw64/etc/config.site
+mingw64/include/
+mingw64/lib/
+mingw64/share/
+msys2.ico
+msys2_shell.cmd
+opt/
+tmp/
+usr/
+usr/bin/
+usr/bin/cmd
+usr/bin/dep-search
+usr/bin/regen-info.sh
+usr/bin/shell
+usr/bin/start
+usr/include/
+usr/lib/
+usr/local/
+usr/local/etc/
+usr/local/etc/config.site
+usr/share/
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man2/
+usr/share/man/man3/
+usr/share/man/man4/
+usr/share/man/man5/
+usr/share/man/man6/
+usr/share/man/man7/
+usr/share/man/man8/
+usr/share/misc/
+usr/share/Msys/
+usr/share/Msys/cygwin.ldif
+usr/src/
+var/
+var/cache/
+var/cache/man/
+var/empty/
+var/lib/
+var/lib/misc/
+var/local/
+var/log/
+var/log/old/
+var/opt/
+var/tmp/
+
+%BACKUP%
+etc/fstab	b0eb2ba1c1bc95e678309fd36dac27db
+etc/shells	bb51026508581e55bbefe36e2b799108
+etc/profile	9dde609b5f647d3a5876c54ae20ec04d
+etc/bash.bashrc	41b5cae283d620f3d451fdf5d4647608
+etc/bash.bash_logout	3b95f37af49beb642c8fe174dd1f63fc
+etc/skel/.bashrc	7a8cf2e199bc046bcfed1fc75275b15c
+etc/skel/.bash_profile	e32cd0cf441ce0e8c57f550b0d28b182
+etc/skel/.bash_logout	42f4400ed2314bd7519c020d0187edc5
+etc/nsswitch.conf	b29485d6e832dce9b27a2c025b53bdd8
+
diff --git a/msys2/var/lib/pacman/local/filesystem-2018.12-1/mtree b/msys2/var/lib/pacman/local/filesystem-2018.12-1/mtree
new file mode 100644
index 000000000..52db36e54
Binary files /dev/null and b/msys2/var/lib/pacman/local/filesystem-2018.12-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/findutils-4.6.0-1/desc b/msys2/var/lib/pacman/local/findutils-4.6.0-1/desc
index cb8ad664e..901cd10aa 100644
--- a/msys2/var/lib/pacman/local/findutils-4.6.0-1/desc
+++ b/msys2/var/lib/pacman/local/findutils-4.6.0-1/desc
@@ -17,7 +17,7 @@ i686
 1453278359
 
 %INSTALLDATE%
-1527758863
+1558699087
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/flex-2.6.4-1/desc b/msys2/var/lib/pacman/local/flex-2.6.4-1/desc
index 7988970fd..dad3b3638 100644
--- a/msys2/var/lib/pacman/local/flex-2.6.4-1/desc
+++ b/msys2/var/lib/pacman/local/flex-2.6.4-1/desc
@@ -17,7 +17,7 @@ i686
 1496227391
 
 %INSTALLDATE%
-1527758874
+1558699097
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/gawk-4.2.0-1/desc b/msys2/var/lib/pacman/local/gawk-4.2.0-1/desc
deleted file mode 100644
index 69c7f7bc4..000000000
--- a/msys2/var/lib/pacman/local/gawk-4.2.0-1/desc
+++ /dev/null
@@ -1,46 +0,0 @@
-%NAME%
-gawk
-
-%VERSION%
-4.2.0-1
-
-%DESC%
-GNU version of awk
-
-%URL%
-https://www.gnu.org/software/gawk/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1517288924
-
-%INSTALLDATE%
-1527758875
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-3052544
-
-%GROUPS%
-base
-base-devel
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-sh
-mpfr
-libintl
-libreadline
-
-%PROVIDES%
-awk
-
diff --git a/msys2/var/lib/pacman/local/gawk-4.2.0-1/files b/msys2/var/lib/pacman/local/gawk-4.2.0-1/files
deleted file mode 100644
index ef63e7e38..000000000
--- a/msys2/var/lib/pacman/local/gawk-4.2.0-1/files
+++ /dev/null
@@ -1,126 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/awk.exe
-usr/bin/gawk-4.2.0.exe
-usr/bin/gawk.exe
-usr/etc/
-usr/etc/profile.d/
-usr/etc/profile.d/gawk.csh
-usr/etc/profile.d/gawk.sh
-usr/include/
-usr/include/gawkapi.h
-usr/lib/
-usr/lib/awk/
-usr/lib/awk/grcat.exe
-usr/lib/awk/pwcat.exe
-usr/lib/gawk/
-usr/lib/gawk/libfilefuncs.a
-usr/lib/gawk/libfnmatch.a
-usr/lib/gawk/libfork.a
-usr/lib/gawk/libinplace.a
-usr/lib/gawk/libintdiv.a
-usr/lib/gawk/libordchr.a
-usr/lib/gawk/libreaddir.a
-usr/lib/gawk/libreadfile.a
-usr/lib/gawk/librevoutput.a
-usr/lib/gawk/librevtwoway.a
-usr/lib/gawk/librwarray.a
-usr/lib/gawk/libtime.a
-usr/share/
-usr/share/awk/
-usr/share/awk/assert.awk
-usr/share/awk/bits2str.awk
-usr/share/awk/cliff_rand.awk
-usr/share/awk/ctime.awk
-usr/share/awk/ftrans.awk
-usr/share/awk/getopt.awk
-usr/share/awk/gettime.awk
-usr/share/awk/group.awk
-usr/share/awk/have_mpfr.awk
-usr/share/awk/inplace.awk
-usr/share/awk/intdiv0.awk
-usr/share/awk/join.awk
-usr/share/awk/libintl.awk
-usr/share/awk/noassign.awk
-usr/share/awk/ord.awk
-usr/share/awk/passwd.awk
-usr/share/awk/processarray.awk
-usr/share/awk/quicksort.awk
-usr/share/awk/readable.awk
-usr/share/awk/readfile.awk
-usr/share/awk/rewind.awk
-usr/share/awk/round.awk
-usr/share/awk/shellquote.awk
-usr/share/awk/strtonum.awk
-usr/share/awk/walkarray.awk
-usr/share/awk/zerofile.awk
-usr/share/info/
-usr/share/info/gawk.info.gz
-usr/share/info/gawkinet.info.gz
-usr/share/info/gawkworkflow.info.gz
-usr/share/locale/
-usr/share/locale/ca/
-usr/share/locale/ca/LC_MESSAGES/
-usr/share/locale/ca/LC_MESSAGES/gawk.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/gawk.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/gawk.mo
-usr/share/locale/es/
-usr/share/locale/es/LC_MESSAGES/
-usr/share/locale/es/LC_MESSAGES/gawk.mo
-usr/share/locale/fi/
-usr/share/locale/fi/LC_MESSAGES/
-usr/share/locale/fi/LC_MESSAGES/gawk.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/gawk.mo
-usr/share/locale/id/
-usr/share/locale/id/LC_MESSAGES/
-usr/share/locale/id/LC_MESSAGES/gawk.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/gawk.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/gawk.mo
-usr/share/locale/ms/
-usr/share/locale/ms/LC_MESSAGES/
-usr/share/locale/ms/LC_MESSAGES/gawk.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/gawk.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/gawk.mo
-usr/share/locale/pt_BR/
-usr/share/locale/pt_BR/LC_MESSAGES/
-usr/share/locale/pt_BR/LC_MESSAGES/gawk.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/gawk.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/gawk.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/gawk.mo
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/gawk.1.gz
-usr/share/man/man3/
-usr/share/man/man3/filefuncs.3am.gz
-usr/share/man/man3/fnmatch.3am.gz
-usr/share/man/man3/fork.3am.gz
-usr/share/man/man3/inplace.3am.gz
-usr/share/man/man3/ordchr.3am.gz
-usr/share/man/man3/readdir.3am.gz
-usr/share/man/man3/readfile.3am.gz
-usr/share/man/man3/revoutput.3am.gz
-usr/share/man/man3/revtwoway.3am.gz
-usr/share/man/man3/rwarray.3am.gz
-usr/share/man/man3/time.3am.gz
-
diff --git a/msys2/var/lib/pacman/local/gawk-4.2.0-1/mtree b/msys2/var/lib/pacman/local/gawk-4.2.0-1/mtree
deleted file mode 100644
index fa91d6151..000000000
Binary files a/msys2/var/lib/pacman/local/gawk-4.2.0-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/gawk-5.0.0-1/desc b/msys2/var/lib/pacman/local/gawk-5.0.0-1/desc
new file mode 100644
index 000000000..0dc40464c
--- /dev/null
+++ b/msys2/var/lib/pacman/local/gawk-5.0.0-1/desc
@@ -0,0 +1,49 @@
+%NAME%
+gawk
+
+%VERSION%
+5.0.0-1
+
+%BASE%
+gawk
+
+%DESC%
+GNU version of awk
+
+%URL%
+https://www.gnu.org/software/gawk/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556603896
+
+%INSTALLDATE%
+1558699098
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+3361792
+
+%GROUPS%
+base
+base-devel
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+sh
+mpfr
+libintl
+libreadline
+
+%PROVIDES%
+awk
+
diff --git a/msys2/var/lib/pacman/local/gawk-5.0.0-1/files b/msys2/var/lib/pacman/local/gawk-5.0.0-1/files
new file mode 100644
index 000000000..eabebe23a
--- /dev/null
+++ b/msys2/var/lib/pacman/local/gawk-5.0.0-1/files
@@ -0,0 +1,142 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/awk.exe
+usr/bin/gawk-5.0.0.exe
+usr/bin/gawk.exe
+usr/etc/
+usr/etc/profile.d/
+usr/etc/profile.d/gawk.csh
+usr/etc/profile.d/gawk.sh
+usr/include/
+usr/include/gawkapi.h
+usr/lib/
+usr/lib/awk/
+usr/lib/awk/grcat.exe
+usr/lib/awk/pwcat.exe
+usr/lib/gawk/
+usr/lib/gawk/filefuncs.dll
+usr/lib/gawk/filefuncs.dll.a
+usr/lib/gawk/fnmatch.dll
+usr/lib/gawk/fnmatch.dll.a
+usr/lib/gawk/fork.dll
+usr/lib/gawk/fork.dll.a
+usr/lib/gawk/inplace.dll
+usr/lib/gawk/inplace.dll.a
+usr/lib/gawk/intdiv.dll
+usr/lib/gawk/intdiv.dll.a
+usr/lib/gawk/ordchr.dll
+usr/lib/gawk/ordchr.dll.a
+usr/lib/gawk/readdir.dll
+usr/lib/gawk/readdir.dll.a
+usr/lib/gawk/readfile.dll
+usr/lib/gawk/readfile.dll.a
+usr/lib/gawk/revoutput.dll
+usr/lib/gawk/revoutput.dll.a
+usr/lib/gawk/revtwoway.dll
+usr/lib/gawk/revtwoway.dll.a
+usr/lib/gawk/rwarray.dll
+usr/lib/gawk/rwarray.dll.a
+usr/lib/gawk/time.dll
+usr/lib/gawk/time.dll.a
+usr/share/
+usr/share/awk/
+usr/share/awk/assert.awk
+usr/share/awk/bits2str.awk
+usr/share/awk/cliff_rand.awk
+usr/share/awk/ctime.awk
+usr/share/awk/ftrans.awk
+usr/share/awk/getopt.awk
+usr/share/awk/gettime.awk
+usr/share/awk/group.awk
+usr/share/awk/have_mpfr.awk
+usr/share/awk/inplace.awk
+usr/share/awk/intdiv0.awk
+usr/share/awk/join.awk
+usr/share/awk/libintl.awk
+usr/share/awk/noassign.awk
+usr/share/awk/ns_passwd.awk
+usr/share/awk/ord.awk
+usr/share/awk/passwd.awk
+usr/share/awk/processarray.awk
+usr/share/awk/quicksort.awk
+usr/share/awk/readable.awk
+usr/share/awk/readfile.awk
+usr/share/awk/rewind.awk
+usr/share/awk/round.awk
+usr/share/awk/shellquote.awk
+usr/share/awk/strtonum.awk
+usr/share/awk/walkarray.awk
+usr/share/awk/zerofile.awk
+usr/share/info/
+usr/share/info/gawk.info.gz
+usr/share/info/gawkinet.info.gz
+usr/share/info/gawkworkflow.info.gz
+usr/share/locale/
+usr/share/locale/ca/
+usr/share/locale/ca/LC_MESSAGES/
+usr/share/locale/ca/LC_MESSAGES/gawk.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/gawk.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/gawk.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/gawk.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/gawk.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/gawk.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/gawk.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/gawk.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/gawk.mo
+usr/share/locale/ko/
+usr/share/locale/ko/LC_MESSAGES/
+usr/share/locale/ko/LC_MESSAGES/gawk.mo
+usr/share/locale/ms/
+usr/share/locale/ms/LC_MESSAGES/
+usr/share/locale/ms/LC_MESSAGES/gawk.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/gawk.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/gawk.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/gawk.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/gawk.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/gawk.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/gawk.mo
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/gawk.1.gz
+usr/share/man/man3/
+usr/share/man/man3/filefuncs.3am.gz
+usr/share/man/man3/fnmatch.3am.gz
+usr/share/man/man3/fork.3am.gz
+usr/share/man/man3/inplace.3am.gz
+usr/share/man/man3/ordchr.3am.gz
+usr/share/man/man3/readdir.3am.gz
+usr/share/man/man3/readfile.3am.gz
+usr/share/man/man3/revoutput.3am.gz
+usr/share/man/man3/revtwoway.3am.gz
+usr/share/man/man3/rwarray.3am.gz
+usr/share/man/man3/time.3am.gz
+
diff --git a/msys2/var/lib/pacman/local/gawk-4.2.0-1/install b/msys2/var/lib/pacman/local/gawk-5.0.0-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/gawk-4.2.0-1/install
rename to msys2/var/lib/pacman/local/gawk-5.0.0-1/install
diff --git a/msys2/var/lib/pacman/local/gawk-5.0.0-1/mtree b/msys2/var/lib/pacman/local/gawk-5.0.0-1/mtree
new file mode 100644
index 000000000..a58d35efa
Binary files /dev/null and b/msys2/var/lib/pacman/local/gawk-5.0.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/desc b/msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/desc
deleted file mode 100644
index 887d2e5c4..000000000
--- a/msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-gcc-libs
-
-%VERSION%
-7.3.0-1
-
-%BASE%
-gcc
-
-%DESC%
-Runtime libraries shipped by GCC
-
-%URL%
-https://gcc.gnu.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1524124965
-
-%INSTALLDATE%
-1527758843
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-4335616
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL
-LGPL
-FDL
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-runtime
-
diff --git a/msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/mtree b/msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/mtree
deleted file mode 100644
index 094dd94b4..000000000
Binary files a/msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/desc b/msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/desc
new file mode 100644
index 000000000..36661af9b
--- /dev/null
+++ b/msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+gcc-libs
+
+%VERSION%
+7.4.0-1
+
+%BASE%
+gcc
+
+%DESC%
+Runtime libraries shipped by GCC
+
+%URL%
+https://gcc.gnu.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1544770254
+
+%INSTALLDATE%
+1558699046
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+4341760
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL
+LGPL
+FDL
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+
diff --git a/msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/files b/msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/files
rename to msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/files
diff --git a/msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/install b/msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/gcc-libs-7.3.0-1/install
rename to msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/install
diff --git a/msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/mtree b/msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/mtree
new file mode 100644
index 000000000..f323d31b7
Binary files /dev/null and b/msys2/var/lib/pacman/local/gcc-libs-7.4.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/getent-2.18.90-2/desc b/msys2/var/lib/pacman/local/getent-2.18.90-2/desc
index ad3286f7a..85053d9b4 100644
--- a/msys2/var/lib/pacman/local/getent-2.18.90-2/desc
+++ b/msys2/var/lib/pacman/local/getent-2.18.90-2/desc
@@ -17,7 +17,7 @@ i686
 1485922523
 
 %INSTALLDATE%
-1527758876
+1558699098
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/gettext-0.19.8.1-1/desc b/msys2/var/lib/pacman/local/gettext-0.19.8.1-1/desc
index 3731e50f6..ab8e220ce 100644
--- a/msys2/var/lib/pacman/local/gettext-0.19.8.1-1/desc
+++ b/msys2/var/lib/pacman/local/gettext-0.19.8.1-1/desc
@@ -20,7 +20,7 @@ i686
 1496393780
 
 %INSTALLDATE%
-1527758843
+1558699048
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/glib2-2.48.2-1/desc b/msys2/var/lib/pacman/local/glib2-2.48.2-1/desc
deleted file mode 100644
index 94ea3c438..000000000
--- a/msys2/var/lib/pacman/local/glib2-2.48.2-1/desc
+++ /dev/null
@@ -1,50 +0,0 @@
-%NAME%
-glib2
-
-%VERSION%
-2.48.2-1
-
-%BASE%
-glib2
-
-%DESC%
-Common C routines used by GTK+ and other libs
-
-%URL%
-http://www.gtk.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1496225296
-
-%INSTALLDATE%
-1527758868
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-10613760
-
-%REASON%
-1
-
-%LICENSE%
-LGPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libxslt
-libpcre
-libffi
-libiconv
-zlib
-
-%OPTDEPENDS%
-gamin: for gio fam module
-python2: for gdbus-codegen and gtester-report
-
diff --git a/msys2/var/lib/pacman/local/glib2-2.48.2-1/files b/msys2/var/lib/pacman/local/glib2-2.48.2-1/files
deleted file mode 100644
index 83ba605a1..000000000
--- a/msys2/var/lib/pacman/local/glib2-2.48.2-1/files
+++ /dev/null
@@ -1,331 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/gapplication.exe
-usr/bin/gdbus.exe
-usr/bin/gio-querymodules.exe
-usr/bin/glib-compile-schemas.exe
-usr/bin/gobject-query.exe
-usr/bin/gsettings.exe
-usr/bin/msys-gio-2.0-0.dll
-usr/bin/msys-glib-2.0-0.dll
-usr/bin/msys-gmodule-2.0-0.dll
-usr/bin/msys-gobject-2.0-0.dll
-usr/bin/msys-gthread-2.0-0.dll
-usr/lib/
-usr/lib/gio/
-usr/lib/gio/modules/
-usr/lib/gio/modules/libgiofam.dll.a
-usr/lib/gio/modules/msys-giofam.dll
-usr/share/
-usr/share/bash-completion/
-usr/share/bash-completion/completions/
-usr/share/bash-completion/completions/gapplication
-usr/share/bash-completion/completions/gdbus
-usr/share/bash-completion/completions/gresource
-usr/share/bash-completion/completions/gsettings
-usr/share/gdb/
-usr/share/gdb/auto-load/
-usr/share/gdb/auto-load/usr/
-usr/share/gdb/auto-load/usr/lib/
-usr/share/gdb/auto-load/usr/lib/msys-glib-2.0-0.dll-gdb.py
-usr/share/gdb/auto-load/usr/lib/msys-gobject-2.0-0.dll-gdb.py
-usr/share/glib-2.0/
-usr/share/glib-2.0/gdb/
-usr/share/glib-2.0/gdb/glib.py
-usr/share/glib-2.0/gdb/gobject.py
-usr/share/glib-2.0/schemas/
-usr/share/glib-2.0/schemas/gschema.dtd
-usr/share/locale/
-usr/share/locale/af/
-usr/share/locale/af/LC_MESSAGES/
-usr/share/locale/af/LC_MESSAGES/glib20.mo
-usr/share/locale/am/
-usr/share/locale/am/LC_MESSAGES/
-usr/share/locale/am/LC_MESSAGES/glib20.mo
-usr/share/locale/an/
-usr/share/locale/an/LC_MESSAGES/
-usr/share/locale/an/LC_MESSAGES/glib20.mo
-usr/share/locale/ar/
-usr/share/locale/ar/LC_MESSAGES/
-usr/share/locale/ar/LC_MESSAGES/glib20.mo
-usr/share/locale/as/
-usr/share/locale/as/LC_MESSAGES/
-usr/share/locale/as/LC_MESSAGES/glib20.mo
-usr/share/locale/ast/
-usr/share/locale/ast/LC_MESSAGES/
-usr/share/locale/ast/LC_MESSAGES/glib20.mo
-usr/share/locale/az/
-usr/share/locale/az/LC_MESSAGES/
-usr/share/locale/az/LC_MESSAGES/glib20.mo
-usr/share/locale/be/
-usr/share/locale/be/LC_MESSAGES/
-usr/share/locale/be/LC_MESSAGES/glib20.mo
-usr/share/locale/be@latin/
-usr/share/locale/be@latin/LC_MESSAGES/
-usr/share/locale/be@latin/LC_MESSAGES/glib20.mo
-usr/share/locale/bg/
-usr/share/locale/bg/LC_MESSAGES/
-usr/share/locale/bg/LC_MESSAGES/glib20.mo
-usr/share/locale/bn/
-usr/share/locale/bn/LC_MESSAGES/
-usr/share/locale/bn/LC_MESSAGES/glib20.mo
-usr/share/locale/bn_IN/
-usr/share/locale/bn_IN/LC_MESSAGES/
-usr/share/locale/bn_IN/LC_MESSAGES/glib20.mo
-usr/share/locale/bs/
-usr/share/locale/bs/LC_MESSAGES/
-usr/share/locale/bs/LC_MESSAGES/glib20.mo
-usr/share/locale/ca/
-usr/share/locale/ca/LC_MESSAGES/
-usr/share/locale/ca/LC_MESSAGES/glib20.mo
-usr/share/locale/ca@valencia/
-usr/share/locale/ca@valencia/LC_MESSAGES/
-usr/share/locale/ca@valencia/LC_MESSAGES/glib20.mo
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/glib20.mo
-usr/share/locale/cy/
-usr/share/locale/cy/LC_MESSAGES/
-usr/share/locale/cy/LC_MESSAGES/glib20.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/glib20.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/glib20.mo
-usr/share/locale/dz/
-usr/share/locale/dz/LC_MESSAGES/
-usr/share/locale/dz/LC_MESSAGES/glib20.mo
-usr/share/locale/el/
-usr/share/locale/el/LC_MESSAGES/
-usr/share/locale/el/LC_MESSAGES/glib20.mo
-usr/share/locale/en@shaw/
-usr/share/locale/en@shaw/LC_MESSAGES/
-usr/share/locale/en@shaw/LC_MESSAGES/glib20.mo
-usr/share/locale/en_CA/
-usr/share/locale/en_CA/LC_MESSAGES/
-usr/share/locale/en_CA/LC_MESSAGES/glib20.mo
-usr/share/locale/en_GB/
-usr/share/locale/en_GB/LC_MESSAGES/
-usr/share/locale/en_GB/LC_MESSAGES/glib20.mo
-usr/share/locale/eo/
-usr/share/locale/eo/LC_MESSAGES/
-usr/share/locale/eo/LC_MESSAGES/glib20.mo
-usr/share/locale/es/
-usr/share/locale/es/LC_MESSAGES/
-usr/share/locale/es/LC_MESSAGES/glib20.mo
-usr/share/locale/et/
-usr/share/locale/et/LC_MESSAGES/
-usr/share/locale/et/LC_MESSAGES/glib20.mo
-usr/share/locale/eu/
-usr/share/locale/eu/LC_MESSAGES/
-usr/share/locale/eu/LC_MESSAGES/glib20.mo
-usr/share/locale/fa/
-usr/share/locale/fa/LC_MESSAGES/
-usr/share/locale/fa/LC_MESSAGES/glib20.mo
-usr/share/locale/fi/
-usr/share/locale/fi/LC_MESSAGES/
-usr/share/locale/fi/LC_MESSAGES/glib20.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/glib20.mo
-usr/share/locale/ga/
-usr/share/locale/ga/LC_MESSAGES/
-usr/share/locale/ga/LC_MESSAGES/glib20.mo
-usr/share/locale/gd/
-usr/share/locale/gd/LC_MESSAGES/
-usr/share/locale/gd/LC_MESSAGES/glib20.mo
-usr/share/locale/gl/
-usr/share/locale/gl/LC_MESSAGES/
-usr/share/locale/gl/LC_MESSAGES/glib20.mo
-usr/share/locale/gu/
-usr/share/locale/gu/LC_MESSAGES/
-usr/share/locale/gu/LC_MESSAGES/glib20.mo
-usr/share/locale/he/
-usr/share/locale/he/LC_MESSAGES/
-usr/share/locale/he/LC_MESSAGES/glib20.mo
-usr/share/locale/hi/
-usr/share/locale/hi/LC_MESSAGES/
-usr/share/locale/hi/LC_MESSAGES/glib20.mo
-usr/share/locale/hr/
-usr/share/locale/hr/LC_MESSAGES/
-usr/share/locale/hr/LC_MESSAGES/glib20.mo
-usr/share/locale/hu/
-usr/share/locale/hu/LC_MESSAGES/
-usr/share/locale/hu/LC_MESSAGES/glib20.mo
-usr/share/locale/hy/
-usr/share/locale/hy/LC_MESSAGES/
-usr/share/locale/hy/LC_MESSAGES/glib20.mo
-usr/share/locale/id/
-usr/share/locale/id/LC_MESSAGES/
-usr/share/locale/id/LC_MESSAGES/glib20.mo
-usr/share/locale/is/
-usr/share/locale/is/LC_MESSAGES/
-usr/share/locale/is/LC_MESSAGES/glib20.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/glib20.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/glib20.mo
-usr/share/locale/ka/
-usr/share/locale/ka/LC_MESSAGES/
-usr/share/locale/ka/LC_MESSAGES/glib20.mo
-usr/share/locale/kk/
-usr/share/locale/kk/LC_MESSAGES/
-usr/share/locale/kk/LC_MESSAGES/glib20.mo
-usr/share/locale/kn/
-usr/share/locale/kn/LC_MESSAGES/
-usr/share/locale/kn/LC_MESSAGES/glib20.mo
-usr/share/locale/ko/
-usr/share/locale/ko/LC_MESSAGES/
-usr/share/locale/ko/LC_MESSAGES/glib20.mo
-usr/share/locale/ku/
-usr/share/locale/ku/LC_MESSAGES/
-usr/share/locale/ku/LC_MESSAGES/glib20.mo
-usr/share/locale/lt/
-usr/share/locale/lt/LC_MESSAGES/
-usr/share/locale/lt/LC_MESSAGES/glib20.mo
-usr/share/locale/lv/
-usr/share/locale/lv/LC_MESSAGES/
-usr/share/locale/lv/LC_MESSAGES/glib20.mo
-usr/share/locale/mai/
-usr/share/locale/mai/LC_MESSAGES/
-usr/share/locale/mai/LC_MESSAGES/glib20.mo
-usr/share/locale/mg/
-usr/share/locale/mg/LC_MESSAGES/
-usr/share/locale/mg/LC_MESSAGES/glib20.mo
-usr/share/locale/mk/
-usr/share/locale/mk/LC_MESSAGES/
-usr/share/locale/mk/LC_MESSAGES/glib20.mo
-usr/share/locale/ml/
-usr/share/locale/ml/LC_MESSAGES/
-usr/share/locale/ml/LC_MESSAGES/glib20.mo
-usr/share/locale/mn/
-usr/share/locale/mn/LC_MESSAGES/
-usr/share/locale/mn/LC_MESSAGES/glib20.mo
-usr/share/locale/mr/
-usr/share/locale/mr/LC_MESSAGES/
-usr/share/locale/mr/LC_MESSAGES/glib20.mo
-usr/share/locale/ms/
-usr/share/locale/ms/LC_MESSAGES/
-usr/share/locale/ms/LC_MESSAGES/glib20.mo
-usr/share/locale/nb/
-usr/share/locale/nb/LC_MESSAGES/
-usr/share/locale/nb/LC_MESSAGES/glib20.mo
-usr/share/locale/nds/
-usr/share/locale/nds/LC_MESSAGES/
-usr/share/locale/nds/LC_MESSAGES/glib20.mo
-usr/share/locale/ne/
-usr/share/locale/ne/LC_MESSAGES/
-usr/share/locale/ne/LC_MESSAGES/glib20.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/glib20.mo
-usr/share/locale/nn/
-usr/share/locale/nn/LC_MESSAGES/
-usr/share/locale/nn/LC_MESSAGES/glib20.mo
-usr/share/locale/oc/
-usr/share/locale/oc/LC_MESSAGES/
-usr/share/locale/oc/LC_MESSAGES/glib20.mo
-usr/share/locale/or/
-usr/share/locale/or/LC_MESSAGES/
-usr/share/locale/or/LC_MESSAGES/glib20.mo
-usr/share/locale/pa/
-usr/share/locale/pa/LC_MESSAGES/
-usr/share/locale/pa/LC_MESSAGES/glib20.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/glib20.mo
-usr/share/locale/ps/
-usr/share/locale/ps/LC_MESSAGES/
-usr/share/locale/ps/LC_MESSAGES/glib20.mo
-usr/share/locale/pt/
-usr/share/locale/pt/LC_MESSAGES/
-usr/share/locale/pt/LC_MESSAGES/glib20.mo
-usr/share/locale/pt_BR/
-usr/share/locale/pt_BR/LC_MESSAGES/
-usr/share/locale/pt_BR/LC_MESSAGES/glib20.mo
-usr/share/locale/ro/
-usr/share/locale/ro/LC_MESSAGES/
-usr/share/locale/ro/LC_MESSAGES/glib20.mo
-usr/share/locale/ru/
-usr/share/locale/ru/LC_MESSAGES/
-usr/share/locale/ru/LC_MESSAGES/glib20.mo
-usr/share/locale/rw/
-usr/share/locale/rw/LC_MESSAGES/
-usr/share/locale/rw/LC_MESSAGES/glib20.mo
-usr/share/locale/si/
-usr/share/locale/si/LC_MESSAGES/
-usr/share/locale/si/LC_MESSAGES/glib20.mo
-usr/share/locale/sk/
-usr/share/locale/sk/LC_MESSAGES/
-usr/share/locale/sk/LC_MESSAGES/glib20.mo
-usr/share/locale/sl/
-usr/share/locale/sl/LC_MESSAGES/
-usr/share/locale/sl/LC_MESSAGES/glib20.mo
-usr/share/locale/sq/
-usr/share/locale/sq/LC_MESSAGES/
-usr/share/locale/sq/LC_MESSAGES/glib20.mo
-usr/share/locale/sr/
-usr/share/locale/sr/LC_MESSAGES/
-usr/share/locale/sr/LC_MESSAGES/glib20.mo
-usr/share/locale/sr@ije/
-usr/share/locale/sr@ije/LC_MESSAGES/
-usr/share/locale/sr@ije/LC_MESSAGES/glib20.mo
-usr/share/locale/sr@latin/
-usr/share/locale/sr@latin/LC_MESSAGES/
-usr/share/locale/sr@latin/LC_MESSAGES/glib20.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/glib20.mo
-usr/share/locale/ta/
-usr/share/locale/ta/LC_MESSAGES/
-usr/share/locale/ta/LC_MESSAGES/glib20.mo
-usr/share/locale/te/
-usr/share/locale/te/LC_MESSAGES/
-usr/share/locale/te/LC_MESSAGES/glib20.mo
-usr/share/locale/tg/
-usr/share/locale/tg/LC_MESSAGES/
-usr/share/locale/tg/LC_MESSAGES/glib20.mo
-usr/share/locale/th/
-usr/share/locale/th/LC_MESSAGES/
-usr/share/locale/th/LC_MESSAGES/glib20.mo
-usr/share/locale/tl/
-usr/share/locale/tl/LC_MESSAGES/
-usr/share/locale/tl/LC_MESSAGES/glib20.mo
-usr/share/locale/tr/
-usr/share/locale/tr/LC_MESSAGES/
-usr/share/locale/tr/LC_MESSAGES/glib20.mo
-usr/share/locale/tt/
-usr/share/locale/tt/LC_MESSAGES/
-usr/share/locale/tt/LC_MESSAGES/glib20.mo
-usr/share/locale/ug/
-usr/share/locale/ug/LC_MESSAGES/
-usr/share/locale/ug/LC_MESSAGES/glib20.mo
-usr/share/locale/uk/
-usr/share/locale/uk/LC_MESSAGES/
-usr/share/locale/uk/LC_MESSAGES/glib20.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/glib20.mo
-usr/share/locale/wa/
-usr/share/locale/wa/LC_MESSAGES/
-usr/share/locale/wa/LC_MESSAGES/glib20.mo
-usr/share/locale/xh/
-usr/share/locale/xh/LC_MESSAGES/
-usr/share/locale/xh/LC_MESSAGES/glib20.mo
-usr/share/locale/yi/
-usr/share/locale/yi/LC_MESSAGES/
-usr/share/locale/yi/LC_MESSAGES/glib20.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/glib20.mo
-usr/share/locale/zh_HK/
-usr/share/locale/zh_HK/LC_MESSAGES/
-usr/share/locale/zh_HK/LC_MESSAGES/glib20.mo
-usr/share/locale/zh_TW/
-usr/share/locale/zh_TW/LC_MESSAGES/
-usr/share/locale/zh_TW/LC_MESSAGES/glib20.mo
-
diff --git a/msys2/var/lib/pacman/local/glib2-2.48.2-1/mtree b/msys2/var/lib/pacman/local/glib2-2.48.2-1/mtree
deleted file mode 100644
index 5f631a38e..000000000
Binary files a/msys2/var/lib/pacman/local/glib2-2.48.2-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/glib2-2.54.3-1/desc b/msys2/var/lib/pacman/local/glib2-2.54.3-1/desc
new file mode 100644
index 000000000..7e2f1feac
--- /dev/null
+++ b/msys2/var/lib/pacman/local/glib2-2.54.3-1/desc
@@ -0,0 +1,50 @@
+%NAME%
+glib2
+
+%VERSION%
+2.54.3-1
+
+%BASE%
+glib2
+
+%DESC%
+Common C routines used by GTK+ and other libs
+
+%URL%
+https://www.gtk.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1529997353
+
+%INSTALLDATE%
+1558699090
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+11399168
+
+%REASON%
+1
+
+%LICENSE%
+LGPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libxslt
+libpcre
+libffi
+libiconv
+zlib
+
+%OPTDEPENDS%
+gamin: for gio fam module
+python2: for gdbus-codegen and gtester-report
+
diff --git a/msys2/var/lib/pacman/local/glib2-2.54.3-1/files b/msys2/var/lib/pacman/local/glib2-2.54.3-1/files
new file mode 100644
index 000000000..7d054157e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/glib2-2.54.3-1/files
@@ -0,0 +1,334 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/gapplication.exe
+usr/bin/gdbus.exe
+usr/bin/gio-querymodules.exe
+usr/bin/glib-compile-schemas.exe
+usr/bin/gobject-query.exe
+usr/bin/gsettings.exe
+usr/bin/msys-gio-2.0-0.dll
+usr/bin/msys-glib-2.0-0.dll
+usr/bin/msys-gmodule-2.0-0.dll
+usr/bin/msys-gobject-2.0-0.dll
+usr/bin/msys-gthread-2.0-0.dll
+usr/lib/
+usr/lib/gio/
+usr/lib/gio/modules/
+usr/lib/gio/modules/libgiofam.dll.a
+usr/lib/gio/modules/msys-giofam.dll
+usr/share/
+usr/share/bash-completion/
+usr/share/bash-completion/completions/
+usr/share/bash-completion/completions/gapplication
+usr/share/bash-completion/completions/gdbus
+usr/share/bash-completion/completions/gresource
+usr/share/bash-completion/completions/gsettings
+usr/share/gdb/
+usr/share/gdb/auto-load/
+usr/share/gdb/auto-load/usr/
+usr/share/gdb/auto-load/usr/lib/
+usr/share/gdb/auto-load/usr/lib/msys-glib-2.0-0.dll-gdb.py
+usr/share/gdb/auto-load/usr/lib/msys-gobject-2.0-0.dll-gdb.py
+usr/share/glib-2.0/
+usr/share/glib-2.0/gdb/
+usr/share/glib-2.0/gdb/glib_gdb.py
+usr/share/glib-2.0/gdb/gobject_gdb.py
+usr/share/glib-2.0/schemas/
+usr/share/glib-2.0/schemas/gschema.dtd
+usr/share/locale/
+usr/share/locale/af/
+usr/share/locale/af/LC_MESSAGES/
+usr/share/locale/af/LC_MESSAGES/glib20.mo
+usr/share/locale/am/
+usr/share/locale/am/LC_MESSAGES/
+usr/share/locale/am/LC_MESSAGES/glib20.mo
+usr/share/locale/an/
+usr/share/locale/an/LC_MESSAGES/
+usr/share/locale/an/LC_MESSAGES/glib20.mo
+usr/share/locale/ar/
+usr/share/locale/ar/LC_MESSAGES/
+usr/share/locale/ar/LC_MESSAGES/glib20.mo
+usr/share/locale/as/
+usr/share/locale/as/LC_MESSAGES/
+usr/share/locale/as/LC_MESSAGES/glib20.mo
+usr/share/locale/ast/
+usr/share/locale/ast/LC_MESSAGES/
+usr/share/locale/ast/LC_MESSAGES/glib20.mo
+usr/share/locale/az/
+usr/share/locale/az/LC_MESSAGES/
+usr/share/locale/az/LC_MESSAGES/glib20.mo
+usr/share/locale/be/
+usr/share/locale/be/LC_MESSAGES/
+usr/share/locale/be/LC_MESSAGES/glib20.mo
+usr/share/locale/be@latin/
+usr/share/locale/be@latin/LC_MESSAGES/
+usr/share/locale/be@latin/LC_MESSAGES/glib20.mo
+usr/share/locale/bg/
+usr/share/locale/bg/LC_MESSAGES/
+usr/share/locale/bg/LC_MESSAGES/glib20.mo
+usr/share/locale/bn/
+usr/share/locale/bn/LC_MESSAGES/
+usr/share/locale/bn/LC_MESSAGES/glib20.mo
+usr/share/locale/bn_IN/
+usr/share/locale/bn_IN/LC_MESSAGES/
+usr/share/locale/bn_IN/LC_MESSAGES/glib20.mo
+usr/share/locale/bs/
+usr/share/locale/bs/LC_MESSAGES/
+usr/share/locale/bs/LC_MESSAGES/glib20.mo
+usr/share/locale/ca/
+usr/share/locale/ca/LC_MESSAGES/
+usr/share/locale/ca/LC_MESSAGES/glib20.mo
+usr/share/locale/ca@valencia/
+usr/share/locale/ca@valencia/LC_MESSAGES/
+usr/share/locale/ca@valencia/LC_MESSAGES/glib20.mo
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/glib20.mo
+usr/share/locale/cy/
+usr/share/locale/cy/LC_MESSAGES/
+usr/share/locale/cy/LC_MESSAGES/glib20.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/glib20.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/glib20.mo
+usr/share/locale/dz/
+usr/share/locale/dz/LC_MESSAGES/
+usr/share/locale/dz/LC_MESSAGES/glib20.mo
+usr/share/locale/el/
+usr/share/locale/el/LC_MESSAGES/
+usr/share/locale/el/LC_MESSAGES/glib20.mo
+usr/share/locale/en@shaw/
+usr/share/locale/en@shaw/LC_MESSAGES/
+usr/share/locale/en@shaw/LC_MESSAGES/glib20.mo
+usr/share/locale/en_CA/
+usr/share/locale/en_CA/LC_MESSAGES/
+usr/share/locale/en_CA/LC_MESSAGES/glib20.mo
+usr/share/locale/en_GB/
+usr/share/locale/en_GB/LC_MESSAGES/
+usr/share/locale/en_GB/LC_MESSAGES/glib20.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/glib20.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/glib20.mo
+usr/share/locale/et/
+usr/share/locale/et/LC_MESSAGES/
+usr/share/locale/et/LC_MESSAGES/glib20.mo
+usr/share/locale/eu/
+usr/share/locale/eu/LC_MESSAGES/
+usr/share/locale/eu/LC_MESSAGES/glib20.mo
+usr/share/locale/fa/
+usr/share/locale/fa/LC_MESSAGES/
+usr/share/locale/fa/LC_MESSAGES/glib20.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/glib20.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/glib20.mo
+usr/share/locale/fur/
+usr/share/locale/fur/LC_MESSAGES/
+usr/share/locale/fur/LC_MESSAGES/glib20.mo
+usr/share/locale/ga/
+usr/share/locale/ga/LC_MESSAGES/
+usr/share/locale/ga/LC_MESSAGES/glib20.mo
+usr/share/locale/gd/
+usr/share/locale/gd/LC_MESSAGES/
+usr/share/locale/gd/LC_MESSAGES/glib20.mo
+usr/share/locale/gl/
+usr/share/locale/gl/LC_MESSAGES/
+usr/share/locale/gl/LC_MESSAGES/glib20.mo
+usr/share/locale/gu/
+usr/share/locale/gu/LC_MESSAGES/
+usr/share/locale/gu/LC_MESSAGES/glib20.mo
+usr/share/locale/he/
+usr/share/locale/he/LC_MESSAGES/
+usr/share/locale/he/LC_MESSAGES/glib20.mo
+usr/share/locale/hi/
+usr/share/locale/hi/LC_MESSAGES/
+usr/share/locale/hi/LC_MESSAGES/glib20.mo
+usr/share/locale/hr/
+usr/share/locale/hr/LC_MESSAGES/
+usr/share/locale/hr/LC_MESSAGES/glib20.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/glib20.mo
+usr/share/locale/hy/
+usr/share/locale/hy/LC_MESSAGES/
+usr/share/locale/hy/LC_MESSAGES/glib20.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/glib20.mo
+usr/share/locale/is/
+usr/share/locale/is/LC_MESSAGES/
+usr/share/locale/is/LC_MESSAGES/glib20.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/glib20.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/glib20.mo
+usr/share/locale/ka/
+usr/share/locale/ka/LC_MESSAGES/
+usr/share/locale/ka/LC_MESSAGES/glib20.mo
+usr/share/locale/kk/
+usr/share/locale/kk/LC_MESSAGES/
+usr/share/locale/kk/LC_MESSAGES/glib20.mo
+usr/share/locale/kn/
+usr/share/locale/kn/LC_MESSAGES/
+usr/share/locale/kn/LC_MESSAGES/glib20.mo
+usr/share/locale/ko/
+usr/share/locale/ko/LC_MESSAGES/
+usr/share/locale/ko/LC_MESSAGES/glib20.mo
+usr/share/locale/ku/
+usr/share/locale/ku/LC_MESSAGES/
+usr/share/locale/ku/LC_MESSAGES/glib20.mo
+usr/share/locale/lt/
+usr/share/locale/lt/LC_MESSAGES/
+usr/share/locale/lt/LC_MESSAGES/glib20.mo
+usr/share/locale/lv/
+usr/share/locale/lv/LC_MESSAGES/
+usr/share/locale/lv/LC_MESSAGES/glib20.mo
+usr/share/locale/mai/
+usr/share/locale/mai/LC_MESSAGES/
+usr/share/locale/mai/LC_MESSAGES/glib20.mo
+usr/share/locale/mg/
+usr/share/locale/mg/LC_MESSAGES/
+usr/share/locale/mg/LC_MESSAGES/glib20.mo
+usr/share/locale/mk/
+usr/share/locale/mk/LC_MESSAGES/
+usr/share/locale/mk/LC_MESSAGES/glib20.mo
+usr/share/locale/ml/
+usr/share/locale/ml/LC_MESSAGES/
+usr/share/locale/ml/LC_MESSAGES/glib20.mo
+usr/share/locale/mn/
+usr/share/locale/mn/LC_MESSAGES/
+usr/share/locale/mn/LC_MESSAGES/glib20.mo
+usr/share/locale/mr/
+usr/share/locale/mr/LC_MESSAGES/
+usr/share/locale/mr/LC_MESSAGES/glib20.mo
+usr/share/locale/ms/
+usr/share/locale/ms/LC_MESSAGES/
+usr/share/locale/ms/LC_MESSAGES/glib20.mo
+usr/share/locale/nb/
+usr/share/locale/nb/LC_MESSAGES/
+usr/share/locale/nb/LC_MESSAGES/glib20.mo
+usr/share/locale/nds/
+usr/share/locale/nds/LC_MESSAGES/
+usr/share/locale/nds/LC_MESSAGES/glib20.mo
+usr/share/locale/ne/
+usr/share/locale/ne/LC_MESSAGES/
+usr/share/locale/ne/LC_MESSAGES/glib20.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/glib20.mo
+usr/share/locale/nn/
+usr/share/locale/nn/LC_MESSAGES/
+usr/share/locale/nn/LC_MESSAGES/glib20.mo
+usr/share/locale/oc/
+usr/share/locale/oc/LC_MESSAGES/
+usr/share/locale/oc/LC_MESSAGES/glib20.mo
+usr/share/locale/or/
+usr/share/locale/or/LC_MESSAGES/
+usr/share/locale/or/LC_MESSAGES/glib20.mo
+usr/share/locale/pa/
+usr/share/locale/pa/LC_MESSAGES/
+usr/share/locale/pa/LC_MESSAGES/glib20.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/glib20.mo
+usr/share/locale/ps/
+usr/share/locale/ps/LC_MESSAGES/
+usr/share/locale/ps/LC_MESSAGES/glib20.mo
+usr/share/locale/pt/
+usr/share/locale/pt/LC_MESSAGES/
+usr/share/locale/pt/LC_MESSAGES/glib20.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/glib20.mo
+usr/share/locale/ro/
+usr/share/locale/ro/LC_MESSAGES/
+usr/share/locale/ro/LC_MESSAGES/glib20.mo
+usr/share/locale/ru/
+usr/share/locale/ru/LC_MESSAGES/
+usr/share/locale/ru/LC_MESSAGES/glib20.mo
+usr/share/locale/rw/
+usr/share/locale/rw/LC_MESSAGES/
+usr/share/locale/rw/LC_MESSAGES/glib20.mo
+usr/share/locale/si/
+usr/share/locale/si/LC_MESSAGES/
+usr/share/locale/si/LC_MESSAGES/glib20.mo
+usr/share/locale/sk/
+usr/share/locale/sk/LC_MESSAGES/
+usr/share/locale/sk/LC_MESSAGES/glib20.mo
+usr/share/locale/sl/
+usr/share/locale/sl/LC_MESSAGES/
+usr/share/locale/sl/LC_MESSAGES/glib20.mo
+usr/share/locale/sq/
+usr/share/locale/sq/LC_MESSAGES/
+usr/share/locale/sq/LC_MESSAGES/glib20.mo
+usr/share/locale/sr/
+usr/share/locale/sr/LC_MESSAGES/
+usr/share/locale/sr/LC_MESSAGES/glib20.mo
+usr/share/locale/sr@ije/
+usr/share/locale/sr@ije/LC_MESSAGES/
+usr/share/locale/sr@ije/LC_MESSAGES/glib20.mo
+usr/share/locale/sr@latin/
+usr/share/locale/sr@latin/LC_MESSAGES/
+usr/share/locale/sr@latin/LC_MESSAGES/glib20.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/glib20.mo
+usr/share/locale/ta/
+usr/share/locale/ta/LC_MESSAGES/
+usr/share/locale/ta/LC_MESSAGES/glib20.mo
+usr/share/locale/te/
+usr/share/locale/te/LC_MESSAGES/
+usr/share/locale/te/LC_MESSAGES/glib20.mo
+usr/share/locale/tg/
+usr/share/locale/tg/LC_MESSAGES/
+usr/share/locale/tg/LC_MESSAGES/glib20.mo
+usr/share/locale/th/
+usr/share/locale/th/LC_MESSAGES/
+usr/share/locale/th/LC_MESSAGES/glib20.mo
+usr/share/locale/tl/
+usr/share/locale/tl/LC_MESSAGES/
+usr/share/locale/tl/LC_MESSAGES/glib20.mo
+usr/share/locale/tr/
+usr/share/locale/tr/LC_MESSAGES/
+usr/share/locale/tr/LC_MESSAGES/glib20.mo
+usr/share/locale/tt/
+usr/share/locale/tt/LC_MESSAGES/
+usr/share/locale/tt/LC_MESSAGES/glib20.mo
+usr/share/locale/ug/
+usr/share/locale/ug/LC_MESSAGES/
+usr/share/locale/ug/LC_MESSAGES/glib20.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/glib20.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/glib20.mo
+usr/share/locale/wa/
+usr/share/locale/wa/LC_MESSAGES/
+usr/share/locale/wa/LC_MESSAGES/glib20.mo
+usr/share/locale/xh/
+usr/share/locale/xh/LC_MESSAGES/
+usr/share/locale/xh/LC_MESSAGES/glib20.mo
+usr/share/locale/yi/
+usr/share/locale/yi/LC_MESSAGES/
+usr/share/locale/yi/LC_MESSAGES/glib20.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/glib20.mo
+usr/share/locale/zh_HK/
+usr/share/locale/zh_HK/LC_MESSAGES/
+usr/share/locale/zh_HK/LC_MESSAGES/glib20.mo
+usr/share/locale/zh_TW/
+usr/share/locale/zh_TW/LC_MESSAGES/
+usr/share/locale/zh_TW/LC_MESSAGES/glib20.mo
+
diff --git a/msys2/var/lib/pacman/local/glib2-2.54.3-1/mtree b/msys2/var/lib/pacman/local/glib2-2.54.3-1/mtree
new file mode 100644
index 000000000..addd72bb3
Binary files /dev/null and b/msys2/var/lib/pacman/local/glib2-2.54.3-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/gmp-6.1.2-1/desc b/msys2/var/lib/pacman/local/gmp-6.1.2-1/desc
index d86502be8..f57285982 100644
--- a/msys2/var/lib/pacman/local/gmp-6.1.2-1/desc
+++ b/msys2/var/lib/pacman/local/gmp-6.1.2-1/desc
@@ -20,7 +20,7 @@ i686
 1485241948
 
 %INSTALLDATE%
-1527758844
+1558699048
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/gnupg-1.4.22-3/desc b/msys2/var/lib/pacman/local/gnupg-1.4.22-3/desc
deleted file mode 100644
index 997dc1385..000000000
--- a/msys2/var/lib/pacman/local/gnupg-1.4.22-3/desc
+++ /dev/null
@@ -1,48 +0,0 @@
-%NAME%
-gnupg
-
-%VERSION%
-1.4.22-3
-
-%DESC%
-Complete and free implementation of the OpenPGP standard
-
-%URL%
-https://gnupg.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518961575
-
-%INSTALLDATE%
-1527758877
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-5134336
-
-%REASON%
-1
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-bzip2
-libbz2
-libcurl
-libiconv
-libintl
-libreadline
-zlib
-
-%OPTDEPENDS%
-curl: gpg2keys_curl
-
diff --git a/msys2/var/lib/pacman/local/gnupg-1.4.22-3/files b/msys2/var/lib/pacman/local/gnupg-1.4.22-3/files
deleted file mode 100644
index 068b3ccc6..000000000
--- a/msys2/var/lib/pacman/local/gnupg-1.4.22-3/files
+++ /dev/null
@@ -1,119 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/gpg-zip
-usr/bin/gpg.exe
-usr/bin/gpgsplit.exe
-usr/bin/gpgv.exe
-usr/lib/
-usr/lib/gnupg/
-usr/lib/gnupg/gnupg/
-usr/lib/gnupg/gnupg/gpgkeys_curl.exe
-usr/lib/gnupg/gnupg/gpgkeys_finger.exe
-usr/lib/gnupg/gnupg/gpgkeys_hkp.exe
-usr/share/
-usr/share/gnupg/
-usr/share/gnupg/FAQ
-usr/share/gnupg/options.skel
-usr/share/info/
-usr/share/info/gnupg1.info.gz
-usr/share/locale/
-usr/share/locale/be/
-usr/share/locale/be/LC_MESSAGES/
-usr/share/locale/be/LC_MESSAGES/gnupg.mo
-usr/share/locale/ca/
-usr/share/locale/ca/LC_MESSAGES/
-usr/share/locale/ca/LC_MESSAGES/gnupg.mo
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/gnupg.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/gnupg.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/gnupg.mo
-usr/share/locale/el/
-usr/share/locale/el/LC_MESSAGES/
-usr/share/locale/el/LC_MESSAGES/gnupg.mo
-usr/share/locale/en@boldquot/
-usr/share/locale/en@boldquot/LC_MESSAGES/
-usr/share/locale/en@boldquot/LC_MESSAGES/gnupg.mo
-usr/share/locale/en@quot/
-usr/share/locale/en@quot/LC_MESSAGES/
-usr/share/locale/en@quot/LC_MESSAGES/gnupg.mo
-usr/share/locale/eo/
-usr/share/locale/eo/LC_MESSAGES/
-usr/share/locale/eo/LC_MESSAGES/gnupg.mo
-usr/share/locale/es/
-usr/share/locale/es/LC_MESSAGES/
-usr/share/locale/es/LC_MESSAGES/gnupg.mo
-usr/share/locale/et/
-usr/share/locale/et/LC_MESSAGES/
-usr/share/locale/et/LC_MESSAGES/gnupg.mo
-usr/share/locale/fi/
-usr/share/locale/fi/LC_MESSAGES/
-usr/share/locale/fi/LC_MESSAGES/gnupg.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/gnupg.mo
-usr/share/locale/gl/
-usr/share/locale/gl/LC_MESSAGES/
-usr/share/locale/gl/LC_MESSAGES/gnupg.mo
-usr/share/locale/hu/
-usr/share/locale/hu/LC_MESSAGES/
-usr/share/locale/hu/LC_MESSAGES/gnupg.mo
-usr/share/locale/id/
-usr/share/locale/id/LC_MESSAGES/
-usr/share/locale/id/LC_MESSAGES/gnupg.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/gnupg.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/gnupg.mo
-usr/share/locale/nb/
-usr/share/locale/nb/LC_MESSAGES/
-usr/share/locale/nb/LC_MESSAGES/gnupg.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/gnupg.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/gnupg.mo
-usr/share/locale/pt/
-usr/share/locale/pt/LC_MESSAGES/
-usr/share/locale/pt/LC_MESSAGES/gnupg.mo
-usr/share/locale/pt_BR/
-usr/share/locale/pt_BR/LC_MESSAGES/
-usr/share/locale/pt_BR/LC_MESSAGES/gnupg.mo
-usr/share/locale/ro/
-usr/share/locale/ro/LC_MESSAGES/
-usr/share/locale/ro/LC_MESSAGES/gnupg.mo
-usr/share/locale/ru/
-usr/share/locale/ru/LC_MESSAGES/
-usr/share/locale/ru/LC_MESSAGES/gnupg.mo
-usr/share/locale/sk/
-usr/share/locale/sk/LC_MESSAGES/
-usr/share/locale/sk/LC_MESSAGES/gnupg.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/gnupg.mo
-usr/share/locale/tr/
-usr/share/locale/tr/LC_MESSAGES/
-usr/share/locale/tr/LC_MESSAGES/gnupg.mo
-usr/share/locale/uk/
-usr/share/locale/uk/LC_MESSAGES/
-usr/share/locale/uk/LC_MESSAGES/gnupg.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/gnupg.mo
-usr/share/locale/zh_TW/
-usr/share/locale/zh_TW/LC_MESSAGES/
-usr/share/locale/zh_TW/LC_MESSAGES/gnupg.mo
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/gpg-zip.1.gz
-usr/share/man/man1/gpg.1.gz
-usr/share/man/man1/gpgv.1.gz
-
diff --git a/msys2/var/lib/pacman/local/gnupg-1.4.22-3/install b/msys2/var/lib/pacman/local/gnupg-1.4.22-3/install
deleted file mode 100644
index 91b9f0ed9..000000000
--- a/msys2/var/lib/pacman/local/gnupg-1.4.22-3/install
+++ /dev/null
@@ -1,20 +0,0 @@
-info_dir=usr/share/info
-info_files="gnupg1.info"
-
-post_install() {
-  [ -x usr/bin/install-info ] || return 0
-  for f in ${info_files}; do
-    usr/bin/install-info ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null
-  done
-}
-
-post_upgrade() {
-  post_install $1
-}
-
-pre_remove() {
-  [ -x usr/bin/install-info ] || return 0
-  for f in $info_files; do
-    usr/bin/install-info --delete ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null
-  done
-}
diff --git a/msys2/var/lib/pacman/local/gnupg-1.4.22-3/mtree b/msys2/var/lib/pacman/local/gnupg-1.4.22-3/mtree
deleted file mode 100644
index 0f36f915d..000000000
Binary files a/msys2/var/lib/pacman/local/gnupg-1.4.22-3/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/gnupg-2.2.15-2/desc b/msys2/var/lib/pacman/local/gnupg-2.2.15-2/desc
new file mode 100644
index 000000000..0c4b080ea
--- /dev/null
+++ b/msys2/var/lib/pacman/local/gnupg-2.2.15-2/desc
@@ -0,0 +1,64 @@
+%NAME%
+gnupg
+
+%VERSION%
+2.2.15-2
+
+%BASE%
+gnupg
+
+%DESC%
+Complete and free implementation of the OpenPGP standard
+
+%URL%
+https://gnupg.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556602743
+
+%INSTALLDATE%
+1558699100
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+9457664
+
+%REASON%
+1
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+bzip2
+libassuan
+libbz2
+libcurl
+libgcrypt
+libgpg-error
+libgnutls
+libiconv
+libintl
+libksba
+libnpth
+libreadline
+libsqlite
+nettle
+pinentry
+zlib
+
+%OPTDEPENDS%
+curl: gpg2keys_curl
+
+%PROVIDES%
+dirmngr
+gnupg2=2.2.15
+
diff --git a/msys2/var/lib/pacman/local/gnupg-2.2.15-2/files b/msys2/var/lib/pacman/local/gnupg-2.2.15-2/files
new file mode 100644
index 000000000..695a9b9cd
--- /dev/null
+++ b/msys2/var/lib/pacman/local/gnupg-2.2.15-2/files
@@ -0,0 +1,198 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/addgnupghome
+usr/bin/applygnupgdefaults
+usr/bin/dirmngr-client.exe
+usr/bin/dirmngr.exe
+usr/bin/gpg-agent.exe
+usr/bin/gpg-connect-agent.exe
+usr/bin/gpg-wks-server.exe
+usr/bin/gpg.exe
+usr/bin/gpgconf.exe
+usr/bin/gpgparsemail.exe
+usr/bin/gpgscm.exe
+usr/bin/gpgsm.exe
+usr/bin/gpgtar.exe
+usr/bin/gpgv.exe
+usr/bin/kbxutil.exe
+usr/bin/watchgnupg.exe
+usr/lib/
+usr/lib/gnupg/
+usr/lib/gnupg/gpg-check-pattern.exe
+usr/lib/gnupg/gpg-preset-passphrase.exe
+usr/lib/gnupg/gpg-protect-tool.exe
+usr/lib/gnupg/gpg-wks-client.exe
+usr/lib/gnupg/scdaemon.exe
+usr/share/
+usr/share/doc/
+usr/share/doc/gnupg/
+usr/share/doc/gnupg/DCO
+usr/share/doc/gnupg/DETAILS
+usr/share/doc/gnupg/examples/
+usr/share/doc/gnupg/examples/debug.prf
+usr/share/doc/gnupg/examples/gpgconf.conf
+usr/share/doc/gnupg/examples/pwpattern.list
+usr/share/doc/gnupg/examples/README
+usr/share/doc/gnupg/examples/scd-event
+usr/share/doc/gnupg/examples/systemd-user/
+usr/share/doc/gnupg/examples/systemd-user/dirmngr.service
+usr/share/doc/gnupg/examples/systemd-user/dirmngr.socket
+usr/share/doc/gnupg/examples/systemd-user/gpg-agent-browser.socket
+usr/share/doc/gnupg/examples/systemd-user/gpg-agent-extra.socket
+usr/share/doc/gnupg/examples/systemd-user/gpg-agent-ssh.socket
+usr/share/doc/gnupg/examples/systemd-user/gpg-agent.service
+usr/share/doc/gnupg/examples/systemd-user/gpg-agent.socket
+usr/share/doc/gnupg/examples/systemd-user/README
+usr/share/doc/gnupg/examples/trustlist.txt
+usr/share/doc/gnupg/examples/vsnfd.prf
+usr/share/doc/gnupg/FAQ
+usr/share/doc/gnupg/HACKING
+usr/share/doc/gnupg/KEYSERVER
+usr/share/doc/gnupg/OpenPGP
+usr/share/doc/gnupg/README
+usr/share/doc/gnupg/TRANSLATE
+usr/share/gnupg/
+usr/share/gnupg/distsigkey.gpg
+usr/share/gnupg/help.be.txt
+usr/share/gnupg/help.ca.txt
+usr/share/gnupg/help.cs.txt
+usr/share/gnupg/help.da.txt
+usr/share/gnupg/help.de.txt
+usr/share/gnupg/help.el.txt
+usr/share/gnupg/help.eo.txt
+usr/share/gnupg/help.es.txt
+usr/share/gnupg/help.et.txt
+usr/share/gnupg/help.fi.txt
+usr/share/gnupg/help.fr.txt
+usr/share/gnupg/help.gl.txt
+usr/share/gnupg/help.hu.txt
+usr/share/gnupg/help.id.txt
+usr/share/gnupg/help.it.txt
+usr/share/gnupg/help.ja.txt
+usr/share/gnupg/help.nb.txt
+usr/share/gnupg/help.pl.txt
+usr/share/gnupg/help.pt.txt
+usr/share/gnupg/help.pt_BR.txt
+usr/share/gnupg/help.ro.txt
+usr/share/gnupg/help.ru.txt
+usr/share/gnupg/help.sk.txt
+usr/share/gnupg/help.sv.txt
+usr/share/gnupg/help.tr.txt
+usr/share/gnupg/help.txt
+usr/share/gnupg/help.zh_CN.txt
+usr/share/gnupg/help.zh_TW.txt
+usr/share/gnupg/sks-keyservers.netCA.pem
+usr/share/info/
+usr/share/info/gnupg.info-1.gz
+usr/share/info/gnupg.info-2.gz
+usr/share/info/gnupg.info.gz
+usr/share/locale/
+usr/share/locale/ca/
+usr/share/locale/ca/LC_MESSAGES/
+usr/share/locale/ca/LC_MESSAGES/gnupg2.mo
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/gnupg2.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/gnupg2.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/gnupg2.mo
+usr/share/locale/el/
+usr/share/locale/el/LC_MESSAGES/
+usr/share/locale/el/LC_MESSAGES/gnupg2.mo
+usr/share/locale/en@boldquot/
+usr/share/locale/en@boldquot/LC_MESSAGES/
+usr/share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo
+usr/share/locale/en@quot/
+usr/share/locale/en@quot/LC_MESSAGES/
+usr/share/locale/en@quot/LC_MESSAGES/gnupg2.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/gnupg2.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/gnupg2.mo
+usr/share/locale/et/
+usr/share/locale/et/LC_MESSAGES/
+usr/share/locale/et/LC_MESSAGES/gnupg2.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/gnupg2.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/gnupg2.mo
+usr/share/locale/gl/
+usr/share/locale/gl/LC_MESSAGES/
+usr/share/locale/gl/LC_MESSAGES/gnupg2.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/gnupg2.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/gnupg2.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/gnupg2.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/gnupg2.mo
+usr/share/locale/nb/
+usr/share/locale/nb/LC_MESSAGES/
+usr/share/locale/nb/LC_MESSAGES/gnupg2.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/gnupg2.mo
+usr/share/locale/pt/
+usr/share/locale/pt/LC_MESSAGES/
+usr/share/locale/pt/LC_MESSAGES/gnupg2.mo
+usr/share/locale/ro/
+usr/share/locale/ro/LC_MESSAGES/
+usr/share/locale/ro/LC_MESSAGES/gnupg2.mo
+usr/share/locale/ru/
+usr/share/locale/ru/LC_MESSAGES/
+usr/share/locale/ru/LC_MESSAGES/gnupg2.mo
+usr/share/locale/sk/
+usr/share/locale/sk/LC_MESSAGES/
+usr/share/locale/sk/LC_MESSAGES/gnupg2.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/gnupg2.mo
+usr/share/locale/tr/
+usr/share/locale/tr/LC_MESSAGES/
+usr/share/locale/tr/LC_MESSAGES/gnupg2.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/gnupg2.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/gnupg2.mo
+usr/share/locale/zh_TW/
+usr/share/locale/zh_TW/LC_MESSAGES/
+usr/share/locale/zh_TW/LC_MESSAGES/gnupg2.mo
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/dirmngr-client.1.gz
+usr/share/man/man1/gpg-agent.1.gz
+usr/share/man/man1/gpg-connect-agent.1.gz
+usr/share/man/man1/gpg-preset-passphrase.1.gz
+usr/share/man/man1/gpg-wks-client.1.gz
+usr/share/man/man1/gpg-wks-server.1.gz
+usr/share/man/man1/gpg.1.gz
+usr/share/man/man1/gpgconf.1.gz
+usr/share/man/man1/gpgparsemail.1.gz
+usr/share/man/man1/gpgsm.1.gz
+usr/share/man/man1/gpgtar.1.gz
+usr/share/man/man1/gpgv.1.gz
+usr/share/man/man1/scdaemon.1.gz
+usr/share/man/man1/symcryptrun.1.gz
+usr/share/man/man1/watchgnupg.1.gz
+usr/share/man/man7/
+usr/share/man/man7/gnupg.7.gz
+usr/share/man/man8/
+usr/share/man/man8/addgnupghome.8.gz
+usr/share/man/man8/applygnupgdefaults.8.gz
+usr/share/man/man8/dirmngr.8.gz
+
diff --git a/msys2/var/lib/pacman/local/gnupg-2.2.15-2/install b/msys2/var/lib/pacman/local/gnupg-2.2.15-2/install
new file mode 100644
index 000000000..8d6650bd1
--- /dev/null
+++ b/msys2/var/lib/pacman/local/gnupg-2.2.15-2/install
@@ -0,0 +1,25 @@
+info_dir=usr/share/info
+info_files="gnupg.info gnupg.info-1 gnupg.info-2"
+
+post_install() {
+  [ -x usr/bin/install-info ] || return 0
+  for f in ${info_files}; do
+    usr/bin/install-info ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null
+  done
+}
+
+post_upgrade() {
+  post_install $1
+  # See FS#42798 and FS#47371
+  dirmngr </dev/null &>/dev/null
+  if usr/bin/pacman-key -l >/dev/null 2>&1; then
+    usr/bin/pacman-key --populate msys2
+  fi
+}
+
+pre_remove() {
+  [ -x usr/bin/install-info ] || return 0
+  for f in $info_files; do
+    usr/bin/install-info --delete ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null
+  done
+}
diff --git a/msys2/var/lib/pacman/local/gnupg-2.2.15-2/mtree b/msys2/var/lib/pacman/local/gnupg-2.2.15-2/mtree
new file mode 100644
index 000000000..16d55c47a
Binary files /dev/null and b/msys2/var/lib/pacman/local/gnupg-2.2.15-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/grep-3.0-1/desc b/msys2/var/lib/pacman/local/grep-3.0-1/desc
deleted file mode 100644
index 73d67f9be..000000000
--- a/msys2/var/lib/pacman/local/grep-3.0-1/desc
+++ /dev/null
@@ -1,43 +0,0 @@
-%NAME%
-grep
-
-%VERSION%
-3.0-1
-
-%DESC%
-A string search utility
-
-%URL%
-https://www.gnu.org/software/grep/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1488207339
-
-%INSTALLDATE%
-1527758872
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-874496
-
-%GROUPS%
-base
-base-devel
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libiconv
-libintl
-libpcre
-sh
-
diff --git a/msys2/var/lib/pacman/local/grep-3.0-1/mtree b/msys2/var/lib/pacman/local/grep-3.0-1/mtree
deleted file mode 100644
index fe03cc386..000000000
Binary files a/msys2/var/lib/pacman/local/grep-3.0-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/grep-3.0-2/desc b/msys2/var/lib/pacman/local/grep-3.0-2/desc
new file mode 100644
index 000000000..e69973344
--- /dev/null
+++ b/msys2/var/lib/pacman/local/grep-3.0-2/desc
@@ -0,0 +1,46 @@
+%NAME%
+grep
+
+%VERSION%
+3.0-2
+
+%BASE%
+grep
+
+%DESC%
+A string search utility
+
+%URL%
+https://www.gnu.org/software/grep/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1544166233
+
+%INSTALLDATE%
+1558699096
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+874496
+
+%GROUPS%
+base
+base-devel
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libiconv
+libintl
+libpcre
+sh
+
diff --git a/msys2/var/lib/pacman/local/grep-3.0-1/files b/msys2/var/lib/pacman/local/grep-3.0-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/grep-3.0-1/files
rename to msys2/var/lib/pacman/local/grep-3.0-2/files
diff --git a/msys2/var/lib/pacman/local/grep-3.0-1/install b/msys2/var/lib/pacman/local/grep-3.0-2/install
similarity index 100%
rename from msys2/var/lib/pacman/local/grep-3.0-1/install
rename to msys2/var/lib/pacman/local/grep-3.0-2/install
diff --git a/msys2/var/lib/pacman/local/grep-3.0-2/mtree b/msys2/var/lib/pacman/local/grep-3.0-2/mtree
new file mode 100644
index 000000000..3cd184fb6
Binary files /dev/null and b/msys2/var/lib/pacman/local/grep-3.0-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/gzip-1.10-1/desc b/msys2/var/lib/pacman/local/gzip-1.10-1/desc
new file mode 100644
index 000000000..fb1326c23
--- /dev/null
+++ b/msys2/var/lib/pacman/local/gzip-1.10-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+gzip
+
+%VERSION%
+1.10-1
+
+%BASE%
+gzip
+
+%DESC%
+GNU compression utility
+
+%URL%
+https://www.gnu.org/software/gzip/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1547616349
+
+%INSTALLDATE%
+1558699087
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+166912
+
+%GROUPS%
+base
+compression
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+bash
+less
+
diff --git a/msys2/var/lib/pacman/local/gzip-1.9-1/files b/msys2/var/lib/pacman/local/gzip-1.10-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/gzip-1.9-1/files
rename to msys2/var/lib/pacman/local/gzip-1.10-1/files
diff --git a/msys2/var/lib/pacman/local/gzip-1.9-1/install b/msys2/var/lib/pacman/local/gzip-1.10-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/gzip-1.9-1/install
rename to msys2/var/lib/pacman/local/gzip-1.10-1/install
diff --git a/msys2/var/lib/pacman/local/gzip-1.10-1/mtree b/msys2/var/lib/pacman/local/gzip-1.10-1/mtree
new file mode 100644
index 000000000..0aeb31b51
Binary files /dev/null and b/msys2/var/lib/pacman/local/gzip-1.10-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/gzip-1.9-1/desc b/msys2/var/lib/pacman/local/gzip-1.9-1/desc
deleted file mode 100644
index 44162c8e7..000000000
--- a/msys2/var/lib/pacman/local/gzip-1.9-1/desc
+++ /dev/null
@@ -1,42 +0,0 @@
-%NAME%
-gzip
-
-%VERSION%
-1.9-1
-
-%DESC%
-GNU compression utility
-
-%URL%
-https://www.gnu.org/software/gzip/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1515650219
-
-%INSTALLDATE%
-1527758864
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-166912
-
-%GROUPS%
-base
-compression
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-runtime
-bash
-less
-
diff --git a/msys2/var/lib/pacman/local/gzip-1.9-1/mtree b/msys2/var/lib/pacman/local/gzip-1.9-1/mtree
deleted file mode 100644
index 981bcdeff..000000000
Binary files a/msys2/var/lib/pacman/local/gzip-1.9-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/desc b/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/desc
deleted file mode 100644
index d69f02299..000000000
--- a/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/desc
+++ /dev/null
@@ -1,49 +0,0 @@
-%NAME%
-heimdal-libs
-
-%VERSION%
-1.5.3-9
-
-%BASE%
-heimdal
-
-%DESC%
-Implementation of Kerberos V5 libraries
-
-%URL%
-https://www.h5l.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1457687025
-
-%INSTALLDATE%
-1527758870
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-2272256
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libdb
-libcrypt
-libedit
-libsqlite
-libopenssl
-
diff --git a/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/files b/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/files
deleted file mode 100644
index 61ea9f23d..000000000
--- a/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/files
+++ /dev/null
@@ -1,20 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-asn1-8.dll
-usr/bin/msys-com_err-1.dll
-usr/bin/msys-gssapi-3.dll
-usr/bin/msys-hdb-9.dll
-usr/bin/msys-heimbase-1.dll
-usr/bin/msys-heimntlm-0.dll
-usr/bin/msys-hx509-5.dll
-usr/bin/msys-kadm5clnt-7.dll
-usr/bin/msys-kadm5srv-8.dll
-usr/bin/msys-kafs-0.dll
-usr/bin/msys-kdc-2.dll
-usr/bin/msys-krb5-26.dll
-usr/bin/msys-otp-0.dll
-usr/bin/msys-roken-18.dll
-usr/bin/msys-sl-0.dll
-usr/bin/msys-wind-0.dll
-
diff --git a/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/mtree b/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/mtree
deleted file mode 100644
index 79c40856c..000000000
Binary files a/msys2/var/lib/pacman/local/heimdal-libs-1.5.3-9/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/desc b/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/desc
new file mode 100644
index 000000000..24d45519f
--- /dev/null
+++ b/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/desc
@@ -0,0 +1,49 @@
+%NAME%
+heimdal-libs
+
+%VERSION%
+7.5.0-3
+
+%BASE%
+heimdal
+
+%DESC%
+Implementation of Kerberos V5 libraries
+
+%URL%
+https://www.h5l.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1544703689
+
+%INSTALLDATE%
+1558699093
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+2703360
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libdb
+libcrypt
+libedit
+libsqlite
+libopenssl
+
diff --git a/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/files b/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/files
new file mode 100644
index 000000000..64dba4c6e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/files
@@ -0,0 +1,21 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-asn1-8.dll
+usr/bin/msys-com_err-1.dll
+usr/bin/msys-gssapi-3.dll
+usr/bin/msys-hcrypto-4.dll
+usr/bin/msys-hdb-9.dll
+usr/bin/msys-heimbase-1.dll
+usr/bin/msys-heimntlm-0.dll
+usr/bin/msys-hx509-5.dll
+usr/bin/msys-kadm5clnt-7.dll
+usr/bin/msys-kadm5srv-8.dll
+usr/bin/msys-kafs-0.dll
+usr/bin/msys-kdc-2.dll
+usr/bin/msys-krb5-26.dll
+usr/bin/msys-otp-0.dll
+usr/bin/msys-roken-18.dll
+usr/bin/msys-sl-0.dll
+usr/bin/msys-wind-0.dll
+
diff --git a/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/mtree b/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/mtree
new file mode 100644
index 000000000..5e17eca42
Binary files /dev/null and b/msys2/var/lib/pacman/local/heimdal-libs-7.5.0-3/mtree differ
diff --git a/msys2/var/lib/pacman/local/icu-60.2-1/desc b/msys2/var/lib/pacman/local/icu-60.2-1/desc
deleted file mode 100644
index fc6a617c5..000000000
--- a/msys2/var/lib/pacman/local/icu-60.2-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-icu
-
-%VERSION%
-60.2-1
-
-%BASE%
-icu
-
-%DESC%
-International Components for Unicode library
-
-%URL%
-http://www.icu-project.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518415564
-
-%INSTALLDATE%
-1527758845
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-31394816
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-custom:"icu"
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/icu-60.2-1/files b/msys2/var/lib/pacman/local/icu-60.2-1/files
deleted file mode 100644
index 645ce7699..000000000
--- a/msys2/var/lib/pacman/local/icu-60.2-1/files
+++ /dev/null
@@ -1,10 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-icudata60.dll
-usr/bin/msys-icui18n60.dll
-usr/bin/msys-icuio60.dll
-usr/bin/msys-icutest60.dll
-usr/bin/msys-icutu60.dll
-usr/bin/msys-icuuc60.dll
-
diff --git a/msys2/var/lib/pacman/local/icu-60.2-1/mtree b/msys2/var/lib/pacman/local/icu-60.2-1/mtree
deleted file mode 100644
index a4e212d91..000000000
Binary files a/msys2/var/lib/pacman/local/icu-60.2-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/icu-64.2-1/desc b/msys2/var/lib/pacman/local/icu-64.2-1/desc
new file mode 100644
index 000000000..b574a9d2b
--- /dev/null
+++ b/msys2/var/lib/pacman/local/icu-64.2-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+icu
+
+%VERSION%
+64.2-1
+
+%BASE%
+icu
+
+%DESC%
+International Components for Unicode library
+
+%URL%
+http://www.icu-project.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556088395
+
+%INSTALLDATE%
+1558699050
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+32380928
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+custom:"icu"
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/icu-64.2-1/files b/msys2/var/lib/pacman/local/icu-64.2-1/files
new file mode 100644
index 000000000..34de9cd27
--- /dev/null
+++ b/msys2/var/lib/pacman/local/icu-64.2-1/files
@@ -0,0 +1,10 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-icudata64.dll
+usr/bin/msys-icui18n64.dll
+usr/bin/msys-icuio64.dll
+usr/bin/msys-icutest64.dll
+usr/bin/msys-icutu64.dll
+usr/bin/msys-icuuc64.dll
+
diff --git a/msys2/var/lib/pacman/local/icu-64.2-1/mtree b/msys2/var/lib/pacman/local/icu-64.2-1/mtree
new file mode 100644
index 000000000..fa90cfdf0
Binary files /dev/null and b/msys2/var/lib/pacman/local/icu-64.2-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/inetutils-1.9.4-1/desc b/msys2/var/lib/pacman/local/inetutils-1.9.4-1/desc
deleted file mode 100644
index 1bc90b94c..000000000
--- a/msys2/var/lib/pacman/local/inetutils-1.9.4-1/desc
+++ /dev/null
@@ -1,44 +0,0 @@
-%NAME%
-inetutils
-
-%VERSION%
-1.9.4-1
-
-%DESC%
-A collection of common network programs.
-
-%URL%
-https://www.gnu.org/software/inetutils/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1496321432
-
-%INSTALLDATE%
-1527758876
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-571392
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-libintl
-libcrypt
-libreadline
-ncurses
-tftp-hpa
-
diff --git a/msys2/var/lib/pacman/local/inetutils-1.9.4-1/mtree b/msys2/var/lib/pacman/local/inetutils-1.9.4-1/mtree
deleted file mode 100644
index cbc35b052..000000000
Binary files a/msys2/var/lib/pacman/local/inetutils-1.9.4-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/inetutils-1.9.4-2/desc b/msys2/var/lib/pacman/local/inetutils-1.9.4-2/desc
new file mode 100644
index 000000000..98650b9ca
--- /dev/null
+++ b/msys2/var/lib/pacman/local/inetutils-1.9.4-2/desc
@@ -0,0 +1,47 @@
+%NAME%
+inetutils
+
+%VERSION%
+1.9.4-2
+
+%BASE%
+inetutils
+
+%DESC%
+A collection of common network programs.
+
+%URL%
+https://www.gnu.org/software/inetutils/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556610239
+
+%INSTALLDATE%
+1558699098
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+573440
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libintl
+libcrypt
+libreadline
+ncurses
+tftp-hpa
+
diff --git a/msys2/var/lib/pacman/local/inetutils-1.9.4-1/files b/msys2/var/lib/pacman/local/inetutils-1.9.4-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/inetutils-1.9.4-1/files
rename to msys2/var/lib/pacman/local/inetutils-1.9.4-2/files
diff --git a/msys2/var/lib/pacman/local/inetutils-1.9.4-1/install b/msys2/var/lib/pacman/local/inetutils-1.9.4-2/install
similarity index 100%
rename from msys2/var/lib/pacman/local/inetutils-1.9.4-1/install
rename to msys2/var/lib/pacman/local/inetutils-1.9.4-2/install
diff --git a/msys2/var/lib/pacman/local/inetutils-1.9.4-2/mtree b/msys2/var/lib/pacman/local/inetutils-1.9.4-2/mtree
new file mode 100644
index 000000000..f23fbafd4
Binary files /dev/null and b/msys2/var/lib/pacman/local/inetutils-1.9.4-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/info-6.3-1/desc b/msys2/var/lib/pacman/local/info-6.3-1/desc
deleted file mode 100644
index 4738c4bf4..000000000
--- a/msys2/var/lib/pacman/local/info-6.3-1/desc
+++ /dev/null
@@ -1,44 +0,0 @@
-%NAME%
-info
-
-%VERSION%
-6.3-1
-
-%BASE%
-texinfo
-
-%DESC%
-Utilities to work with and produce manuals, ASCII text, and on-line documentation from a single source file
-
-%URL%
-https://www.gnu.org/software/texinfo/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1487658724
-
-%INSTALLDATE%
-1527758864
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-414720
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-ncurses
-libintl
-gzip
-
diff --git a/msys2/var/lib/pacman/local/info-6.3-1/mtree b/msys2/var/lib/pacman/local/info-6.3-1/mtree
deleted file mode 100644
index b208e37fa..000000000
Binary files a/msys2/var/lib/pacman/local/info-6.3-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/info-6.6-1/desc b/msys2/var/lib/pacman/local/info-6.6-1/desc
new file mode 100644
index 000000000..3eda2052f
--- /dev/null
+++ b/msys2/var/lib/pacman/local/info-6.6-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+info
+
+%VERSION%
+6.6-1
+
+%BASE%
+texinfo
+
+%DESC%
+Utilities to work with and produce manuals, ASCII text, and on-line documentation from a single source file
+
+%URL%
+https://www.gnu.org/software/texinfo/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556192046
+
+%INSTALLDATE%
+1558699087
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+414720
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gzip
+libcrypt
+libintl
+ncurses
+
diff --git a/msys2/var/lib/pacman/local/info-6.3-1/files b/msys2/var/lib/pacman/local/info-6.6-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/info-6.3-1/files
rename to msys2/var/lib/pacman/local/info-6.6-1/files
diff --git a/msys2/var/lib/pacman/local/info-6.3-1/install b/msys2/var/lib/pacman/local/info-6.6-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/info-6.3-1/install
rename to msys2/var/lib/pacman/local/info-6.6-1/install
diff --git a/msys2/var/lib/pacman/local/info-6.6-1/mtree b/msys2/var/lib/pacman/local/info-6.6-1/mtree
new file mode 100644
index 000000000..0ccb9a65c
Binary files /dev/null and b/msys2/var/lib/pacman/local/info-6.6-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/less-529-1/desc b/msys2/var/lib/pacman/local/less-529-1/desc
deleted file mode 100644
index 12573815d..000000000
--- a/msys2/var/lib/pacman/local/less-529-1/desc
+++ /dev/null
@@ -1,40 +0,0 @@
-%NAME%
-less
-
-%VERSION%
-529-1
-
-%DESC%
-A terminal based program for viewing text files
-
-%URL%
-http://www.greenwoodsoftware.com/less
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1510893873
-
-%INSTALLDATE%
-1527758864
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-212992
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-ncurses
-libpcre
-
diff --git a/msys2/var/lib/pacman/local/less-529-1/mtree b/msys2/var/lib/pacman/local/less-529-1/mtree
deleted file mode 100644
index a510a18a5..000000000
Binary files a/msys2/var/lib/pacman/local/less-529-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/less-530-1/desc b/msys2/var/lib/pacman/local/less-530-1/desc
new file mode 100644
index 000000000..eca7c57d2
--- /dev/null
+++ b/msys2/var/lib/pacman/local/less-530-1/desc
@@ -0,0 +1,43 @@
+%NAME%
+less
+
+%VERSION%
+530-1
+
+%BASE%
+less
+
+%DESC%
+A terminal based program for viewing text files
+
+%URL%
+http://www.greenwoodsoftware.com/less
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1532665514
+
+%INSTALLDATE%
+1558699087
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+212992
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+ncurses
+libpcre
+
diff --git a/msys2/var/lib/pacman/local/less-529-1/files b/msys2/var/lib/pacman/local/less-530-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/less-529-1/files
rename to msys2/var/lib/pacman/local/less-530-1/files
diff --git a/msys2/var/lib/pacman/local/less-530-1/mtree b/msys2/var/lib/pacman/local/less-530-1/mtree
new file mode 100644
index 000000000..3ac02067a
Binary files /dev/null and b/msys2/var/lib/pacman/local/less-530-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libarchive-3.3.2-1/desc b/msys2/var/lib/pacman/local/libarchive-3.3.2-1/desc
deleted file mode 100644
index b4bcaa8cd..000000000
--- a/msys2/var/lib/pacman/local/libarchive-3.3.2-1/desc
+++ /dev/null
@@ -1,52 +0,0 @@
-%NAME%
-libarchive
-
-%VERSION%
-3.3.2-1
-
-%BASE%
-libarchive
-
-%DESC%
-library that can create and read several streaming archive formats
-
-%URL%
-http://libarchive.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1504762132
-
-%INSTALLDATE%
-1527758879
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-2994176
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-libbz2
-libiconv
-liblzma
-liblzo2
-libnettle
-libxml2
-zlib
-
diff --git a/msys2/var/lib/pacman/local/libarchive-3.3.2-1/mtree b/msys2/var/lib/pacman/local/libarchive-3.3.2-1/mtree
deleted file mode 100644
index 042f58938..000000000
Binary files a/msys2/var/lib/pacman/local/libarchive-3.3.2-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libarchive-3.3.3-3/desc b/msys2/var/lib/pacman/local/libarchive-3.3.3-3/desc
new file mode 100644
index 000000000..3c6166a8e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libarchive-3.3.3-3/desc
@@ -0,0 +1,54 @@
+%NAME%
+libarchive
+
+%VERSION%
+3.3.3-3
+
+%BASE%
+libarchive
+
+%DESC%
+library that can create and read several streaming archive formats
+
+%URL%
+https://libarchive.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1536498684
+
+%INSTALLDATE%
+1558699103
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+3044352
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libbz2
+libiconv
+libexpat
+liblzma
+liblz4
+liblzo2
+libnettle
+libxml2
+zlib
+
diff --git a/msys2/var/lib/pacman/local/libarchive-3.3.2-1/files b/msys2/var/lib/pacman/local/libarchive-3.3.3-3/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libarchive-3.3.2-1/files
rename to msys2/var/lib/pacman/local/libarchive-3.3.3-3/files
diff --git a/msys2/var/lib/pacman/local/libarchive-3.3.3-3/mtree b/msys2/var/lib/pacman/local/libarchive-3.3.3-3/mtree
new file mode 100644
index 000000000..3401000bd
Binary files /dev/null and b/msys2/var/lib/pacman/local/libarchive-3.3.3-3/mtree differ
diff --git a/msys2/var/lib/pacman/local/libargp-20110921-1/desc b/msys2/var/lib/pacman/local/libargp-20110921-1/desc
deleted file mode 100644
index 383bad49c..000000000
--- a/msys2/var/lib/pacman/local/libargp-20110921-1/desc
+++ /dev/null
@@ -1,40 +0,0 @@
-%NAME%
-libargp
-
-%VERSION%
-20110921-1
-
-%BASE%
-libargp
-
-%DESC%
-Interface for parsing command-line arguments
-
-%URL%
-https://www.gnu.org/software/libc/libc.html
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1485773409
-
-%INSTALLDATE%
-1527758876
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-87040
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL
-LGPL
-
-%VALIDATION%
-pgp
-
diff --git a/msys2/var/lib/pacman/local/libargp-20110921-1/files b/msys2/var/lib/pacman/local/libargp-20110921-1/files
deleted file mode 100644
index a2062340a..000000000
--- a/msys2/var/lib/pacman/local/libargp-20110921-1/files
+++ /dev/null
@@ -1,13 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-argp-0.dll
-usr/share/
-usr/share/doc/
-usr/share/doc/libargp/
-usr/share/doc/libargp/README
-usr/share/license/
-usr/share/license/libargp/
-usr/share/license/libargp/COPYING
-usr/share/license/libargp/COPYING.LESSER
-
diff --git a/msys2/var/lib/pacman/local/libargp-20110921-1/mtree b/msys2/var/lib/pacman/local/libargp-20110921-1/mtree
deleted file mode 100644
index a5068ac44..000000000
Binary files a/msys2/var/lib/pacman/local/libargp-20110921-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libargp-20110921-2/desc b/msys2/var/lib/pacman/local/libargp-20110921-2/desc
new file mode 100644
index 000000000..cdb60012d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libargp-20110921-2/desc
@@ -0,0 +1,40 @@
+%NAME%
+libargp
+
+%VERSION%
+20110921-2
+
+%BASE%
+libargp
+
+%DESC%
+Interface for parsing command-line arguments
+
+%URL%
+https://www.gnu.org/software/libc/libc.html
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1538485720
+
+%INSTALLDATE%
+1558699098
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+87040
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL
+LGPL
+
+%VALIDATION%
+pgp
+
diff --git a/msys2/var/lib/pacman/local/libargp-20110921-2/files b/msys2/var/lib/pacman/local/libargp-20110921-2/files
new file mode 100644
index 000000000..cf5c421c5
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libargp-20110921-2/files
@@ -0,0 +1,13 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-argp-0.dll
+usr/share/
+usr/share/doc/
+usr/share/doc/libargp/
+usr/share/doc/libargp/README
+usr/share/licenses/
+usr/share/licenses/libargp/
+usr/share/licenses/libargp/COPYING
+usr/share/licenses/libargp/COPYING.LESSER
+
diff --git a/msys2/var/lib/pacman/local/libargp-20110921-2/mtree b/msys2/var/lib/pacman/local/libargp-20110921-2/mtree
new file mode 100644
index 000000000..9b5dcb3d3
Binary files /dev/null and b/msys2/var/lib/pacman/local/libargp-20110921-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libasprintf-0.19.8.1-1/desc b/msys2/var/lib/pacman/local/libasprintf-0.19.8.1-1/desc
index 44d95e1a1..bcf8e3a7a 100644
--- a/msys2/var/lib/pacman/local/libasprintf-0.19.8.1-1/desc
+++ b/msys2/var/lib/pacman/local/libasprintf-0.19.8.1-1/desc
@@ -20,7 +20,7 @@ i686
 1496393834
 
 %INSTALLDATE%
-1527758843
+1558699047
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libassuan-2.4.3-1/desc b/msys2/var/lib/pacman/local/libassuan-2.4.3-1/desc
deleted file mode 100644
index a1682053b..000000000
--- a/msys2/var/lib/pacman/local/libassuan-2.4.3-1/desc
+++ /dev/null
@@ -1,46 +0,0 @@
-%NAME%
-libassuan
-
-%VERSION%
-2.4.3-1
-
-%BASE%
-libassuan
-
-%DESC%
-A IPC library used by some GnuPG related software
-
-%URL%
-https://gnupg.org/related_software/libassuan
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1500030355
-
-%INSTALLDATE%
-1527758880
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-155648
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-libgpg-error
-
diff --git a/msys2/var/lib/pacman/local/libassuan-2.4.3-1/mtree b/msys2/var/lib/pacman/local/libassuan-2.4.3-1/mtree
deleted file mode 100644
index 19f007df9..000000000
Binary files a/msys2/var/lib/pacman/local/libassuan-2.4.3-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libassuan-2.5.3-1/desc b/msys2/var/lib/pacman/local/libassuan-2.5.3-1/desc
new file mode 100644
index 000000000..c85939e9b
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libassuan-2.5.3-1/desc
@@ -0,0 +1,46 @@
+%NAME%
+libassuan
+
+%VERSION%
+2.5.3-1
+
+%BASE%
+libassuan
+
+%DESC%
+A IPC library used by some GnuPG related software
+
+%URL%
+https://gnupg.org/related_software/libassuan
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1550646200
+
+%INSTALLDATE%
+1558699099
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+156672
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libgpg-error
+
diff --git a/msys2/var/lib/pacman/local/libassuan-2.4.3-1/files b/msys2/var/lib/pacman/local/libassuan-2.5.3-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libassuan-2.4.3-1/files
rename to msys2/var/lib/pacman/local/libassuan-2.5.3-1/files
diff --git a/msys2/var/lib/pacman/local/libassuan-2.4.3-1/install b/msys2/var/lib/pacman/local/libassuan-2.5.3-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/libassuan-2.4.3-1/install
rename to msys2/var/lib/pacman/local/libassuan-2.5.3-1/install
diff --git a/msys2/var/lib/pacman/local/libassuan-2.5.3-1/mtree b/msys2/var/lib/pacman/local/libassuan-2.5.3-1/mtree
new file mode 100644
index 000000000..a22e59672
Binary files /dev/null and b/msys2/var/lib/pacman/local/libassuan-2.5.3-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libbz2-1.0.6-2/desc b/msys2/var/lib/pacman/local/libbz2-1.0.6-2/desc
index cf1e30a87..b1046b47a 100644
--- a/msys2/var/lib/pacman/local/libbz2-1.0.6-2/desc
+++ b/msys2/var/lib/pacman/local/libbz2-1.0.6-2/desc
@@ -20,7 +20,7 @@ i686
 1415100906
 
 %INSTALLDATE%
-1527758843
+1558699046
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libcrypt-2.1-1/desc b/msys2/var/lib/pacman/local/libcrypt-2.1-1/desc
deleted file mode 100644
index 14a83f6b7..000000000
--- a/msys2/var/lib/pacman/local/libcrypt-2.1-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libcrypt
-
-%VERSION%
-2.1-1
-
-%BASE%
-crypt
-
-%DESC%
-Encryption/Decryption utility and library
-
-%URL%
-https://cygwin.com/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1504762908
-
-%INSTALLDATE%
-1527758870
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-41984
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/libcrypt-2.1-1/mtree b/msys2/var/lib/pacman/local/libcrypt-2.1-1/mtree
deleted file mode 100644
index 2eeda1740..000000000
Binary files a/msys2/var/lib/pacman/local/libcrypt-2.1-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libcrypt-2.1-2/desc b/msys2/var/lib/pacman/local/libcrypt-2.1-2/desc
new file mode 100644
index 000000000..a3c0b3f1e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libcrypt-2.1-2/desc
@@ -0,0 +1,45 @@
+%NAME%
+libcrypt
+
+%VERSION%
+2.1-2
+
+%BASE%
+libcrypt
+
+%DESC%
+Encryption/Decryption utility and library
+
+%URL%
+https://cygwin.com/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1532686626
+
+%INSTALLDATE%
+1558699087
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+41984
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libcrypt-2.1-1/files b/msys2/var/lib/pacman/local/libcrypt-2.1-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libcrypt-2.1-1/files
rename to msys2/var/lib/pacman/local/libcrypt-2.1-2/files
diff --git a/msys2/var/lib/pacman/local/libcrypt-2.1-2/mtree b/msys2/var/lib/pacman/local/libcrypt-2.1-2/mtree
new file mode 100644
index 000000000..bcceac939
Binary files /dev/null and b/msys2/var/lib/pacman/local/libcrypt-2.1-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libcurl-7.58.0-1/desc b/msys2/var/lib/pacman/local/libcurl-7.58.0-1/desc
deleted file mode 100644
index 977b90cec..000000000
--- a/msys2/var/lib/pacman/local/libcurl-7.58.0-1/desc
+++ /dev/null
@@ -1,54 +0,0 @@
-%NAME%
-libcurl
-
-%VERSION%
-7.58.0-1
-
-%BASE%
-curl
-
-%DESC%
-Multi-protocol file transfer library (runtime)
-
-%URL%
-https://curl.haxx.se
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518431269
-
-%INSTALLDATE%
-1527758871
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-559104
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-MIT
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-ca-certificates
-heimdal-libs
-libcrypt
-libidn2
-libmetalink
-libnghttp2
-libpsl
-libssh2
-openssl
-zlib
-
diff --git a/msys2/var/lib/pacman/local/libcurl-7.58.0-1/mtree b/msys2/var/lib/pacman/local/libcurl-7.58.0-1/mtree
deleted file mode 100644
index a61793138..000000000
Binary files a/msys2/var/lib/pacman/local/libcurl-7.58.0-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libcurl-7.65.0-1/desc b/msys2/var/lib/pacman/local/libcurl-7.65.0-1/desc
new file mode 100644
index 000000000..c7a3c3923
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libcurl-7.65.0-1/desc
@@ -0,0 +1,55 @@
+%NAME%
+libcurl
+
+%VERSION%
+7.65.0-1
+
+%BASE%
+curl
+
+%DESC%
+Multi-protocol file transfer library (runtime)
+
+%URL%
+https://curl.haxx.se
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1558600787
+
+%INSTALLDATE%
+1558699094
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+621568
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+brotli
+ca-certificates
+heimdal-libs
+libcrypt
+libidn2
+libmetalink
+libnghttp2
+libpsl
+libssh2
+openssl
+zlib
+
diff --git a/msys2/var/lib/pacman/local/libcurl-7.58.0-1/files b/msys2/var/lib/pacman/local/libcurl-7.65.0-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libcurl-7.58.0-1/files
rename to msys2/var/lib/pacman/local/libcurl-7.65.0-1/files
diff --git a/msys2/var/lib/pacman/local/libcurl-7.65.0-1/mtree b/msys2/var/lib/pacman/local/libcurl-7.65.0-1/mtree
new file mode 100644
index 000000000..a40f09280
Binary files /dev/null and b/msys2/var/lib/pacman/local/libcurl-7.65.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libdb-5.3.28-2/desc b/msys2/var/lib/pacman/local/libdb-5.3.28-2/desc
index 6c98e2232..bf286b519 100644
--- a/msys2/var/lib/pacman/local/libdb-5.3.28-2/desc
+++ b/msys2/var/lib/pacman/local/libdb-5.3.28-2/desc
@@ -20,7 +20,7 @@ i686
 1415207425
 
 %INSTALLDATE%
-1527758870
+1558699093
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libedit-3.1-20170329/desc b/msys2/var/lib/pacman/local/libedit-3.1-20170329/desc
index b5503bbd8..37b6659b4 100644
--- a/msys2/var/lib/pacman/local/libedit-3.1-20170329/desc
+++ b/msys2/var/lib/pacman/local/libedit-3.1-20170329/desc
@@ -20,7 +20,7 @@ i686
 1500026436
 
 %INSTALLDATE%
-1527758870
+1558699093
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libexpat-2.2.5-1/desc b/msys2/var/lib/pacman/local/libexpat-2.2.5-1/desc
deleted file mode 100644
index 9b3112870..000000000
--- a/msys2/var/lib/pacman/local/libexpat-2.2.5-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libexpat
-
-%VERSION%
-2.2.5-1
-
-%BASE%
-expat
-
-%DESC%
-An XML parser library
-
-%URL%
-https://expat.sourceforge.io/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1512369453
-
-%INSTALLDATE%
-1527758871
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-162816
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/libexpat-2.2.5-1/mtree b/msys2/var/lib/pacman/local/libexpat-2.2.5-1/mtree
deleted file mode 100644
index 0f812a48c..000000000
Binary files a/msys2/var/lib/pacman/local/libexpat-2.2.5-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libexpat-2.2.6-1/desc b/msys2/var/lib/pacman/local/libexpat-2.2.6-1/desc
new file mode 100644
index 000000000..c2f0cda62
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libexpat-2.2.6-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+libexpat
+
+%VERSION%
+2.2.6-1
+
+%BASE%
+expat
+
+%DESC%
+An XML parser library
+
+%URL%
+https://expat.sourceforge.io/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1538481603
+
+%INSTALLDATE%
+1558699047
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+181248
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libexpat-2.2.5-1/files b/msys2/var/lib/pacman/local/libexpat-2.2.6-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libexpat-2.2.5-1/files
rename to msys2/var/lib/pacman/local/libexpat-2.2.6-1/files
diff --git a/msys2/var/lib/pacman/local/libexpat-2.2.6-1/mtree b/msys2/var/lib/pacman/local/libexpat-2.2.6-1/mtree
new file mode 100644
index 000000000..6a055809c
Binary files /dev/null and b/msys2/var/lib/pacman/local/libexpat-2.2.6-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libffi-3.2.1-1/desc b/msys2/var/lib/pacman/local/libffi-3.2.1-1/desc
deleted file mode 100644
index 65b43e177..000000000
--- a/msys2/var/lib/pacman/local/libffi-3.2.1-1/desc
+++ /dev/null
@@ -1,42 +0,0 @@
-%NAME%
-libffi
-
-%VERSION%
-3.2.1-1
-
-%BASE%
-libffi
-
-%DESC%
-Portable, high level programming interface to various calling conventions
-
-%URL%
-http://sourceware.org/libffi/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1415908792
-
-%INSTALLDATE%
-1527758864
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-38912
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-MIT
-
-%VALIDATION%
-pgp
-
diff --git a/msys2/var/lib/pacman/local/libffi-3.2.1-1/install b/msys2/var/lib/pacman/local/libffi-3.2.1-1/install
deleted file mode 100644
index 002b67220..000000000
--- a/msys2/var/lib/pacman/local/libffi-3.2.1-1/install
+++ /dev/null
@@ -1,20 +0,0 @@
-infodir=usr/share/info
-filelist=libffi.info.gz
-
-post_install() {
-  [[ -x usr/bin/install-info ]] || return 0
-  for file in ${filelist}; do
-    install-info $infodir/$file $infodir/dir 2> /dev/null
-  done
-}
-
-post_upgrade() {
-  post_install $1
-}
-
-pre_remove() {
-  [[ -x usr/bin/install-info ]] || return 0
-  for file in ${filelist}; do
-    install-info --delete $infodir/$file $infodir/dir 2> /dev/null
-  done
-}
diff --git a/msys2/var/lib/pacman/local/libffi-3.2.1-1/mtree b/msys2/var/lib/pacman/local/libffi-3.2.1-1/mtree
deleted file mode 100644
index 4c03912b5..000000000
Binary files a/msys2/var/lib/pacman/local/libffi-3.2.1-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libffi-3.2.1-3/desc b/msys2/var/lib/pacman/local/libffi-3.2.1-3/desc
new file mode 100644
index 000000000..a00af19bd
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libffi-3.2.1-3/desc
@@ -0,0 +1,42 @@
+%NAME%
+libffi
+
+%VERSION%
+3.2.1-3
+
+%BASE%
+libffi
+
+%DESC%
+Portable, high level programming interface to various calling conventions
+
+%URL%
+https://sourceware.org/libffi/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1532686012
+
+%INSTALLDATE%
+1558699087
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+39936
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
diff --git a/msys2/var/lib/pacman/local/libffi-3.2.1-1/files b/msys2/var/lib/pacman/local/libffi-3.2.1-3/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libffi-3.2.1-1/files
rename to msys2/var/lib/pacman/local/libffi-3.2.1-3/files
diff --git a/msys2/var/lib/pacman/local/libffi-3.2.1-3/install b/msys2/var/lib/pacman/local/libffi-3.2.1-3/install
new file mode 100644
index 000000000..fd7f09ff9
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libffi-3.2.1-3/install
@@ -0,0 +1,20 @@
+infodir=usr/share/info
+filelist=libffi.info.gz
+
+post_install() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist}; do
+    install-info $infodir/$file $infodir/dir 2> /dev/null
+  done
+}
+
+post_upgrade() {
+  post_install $1
+}
+
+pre_remove() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist}; do
+    install-info --delete $infodir/$file $infodir/dir 2> /dev/null
+  done
+}
diff --git a/msys2/var/lib/pacman/local/libffi-3.2.1-3/mtree b/msys2/var/lib/pacman/local/libffi-3.2.1-3/mtree
new file mode 100644
index 000000000..6ecd76a14
Binary files /dev/null and b/msys2/var/lib/pacman/local/libffi-3.2.1-3/mtree differ
diff --git a/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/desc b/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/desc
deleted file mode 100644
index 5de5a7036..000000000
--- a/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libgcrypt
-
-%VERSION%
-1.8.1-1
-
-%BASE%
-libgcrypt
-
-%DESC%
-General purpose cryptographic library based on the code from GnuPG
-
-%URL%
-https://gnupg.org
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1504762799
-
-%INSTALLDATE%
-1527758867
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-986112
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-LGPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libgpg-error
-
diff --git a/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/files b/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/files
deleted file mode 100644
index 24c79427b..000000000
--- a/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/files
+++ /dev/null
@@ -1,11 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/dumpsexp.exe
-usr/bin/hmac256.exe
-usr/bin/mpicalc.exe
-usr/bin/msys-gcrypt-20.dll
-usr/share/
-usr/share/info/
-usr/share/info/gcrypt.info.gz
-
diff --git a/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/mtree b/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/mtree
deleted file mode 100644
index 4f7bb2d75..000000000
Binary files a/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/desc b/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/desc
new file mode 100644
index 000000000..9ee6f0439
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+libgcrypt
+
+%VERSION%
+1.8.4-1
+
+%BASE%
+libgcrypt
+
+%DESC%
+General purpose cryptographic library based on the code from GnuPG
+
+%URL%
+https://gnupg.org
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1540884976
+
+%INSTALLDATE%
+1558699089
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+984064
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+LGPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libgpg-error
+
diff --git a/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/files b/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/files
new file mode 100644
index 000000000..ef6a676a3
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/files
@@ -0,0 +1,13 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/dumpsexp.exe
+usr/bin/hmac256.exe
+usr/bin/mpicalc.exe
+usr/bin/msys-gcrypt-20.dll
+usr/share/
+usr/share/info/
+usr/share/info/gcrypt.info-1.gz
+usr/share/info/gcrypt.info-2.gz
+usr/share/info/gcrypt.info.gz
+
diff --git a/msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/install b/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/libgcrypt-1.8.1-1/install
rename to msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/install
diff --git a/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/mtree b/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/mtree
new file mode 100644
index 000000000..0d8051c86
Binary files /dev/null and b/msys2/var/lib/pacman/local/libgcrypt-1.8.4-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libgettextpo-0.19.8.1-1/desc b/msys2/var/lib/pacman/local/libgettextpo-0.19.8.1-1/desc
index 7a81e52f2..b16c9c0e9 100644
--- a/msys2/var/lib/pacman/local/libgettextpo-0.19.8.1-1/desc
+++ b/msys2/var/lib/pacman/local/libgettextpo-0.19.8.1-1/desc
@@ -20,7 +20,7 @@ i686
 1496393822
 
 %INSTALLDATE%
-1527758843
+1558699047
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/desc b/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/desc
new file mode 100644
index 000000000..3285694e4
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/desc
@@ -0,0 +1,54 @@
+%NAME%
+libgnutls
+
+%VERSION%
+3.6.7.1-1
+
+%BASE%
+gnutls
+
+%DESC%
+A library which provides a secure layer over a reliable transport layer
+
+%URL%
+https://www.gnutls.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556193781
+
+%INSTALLDATE%
+1558699099
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+2549760
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL3
+LGPL2.1
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libidn2
+libiconv
+libintl
+gmp
+libnettle
+libp11-kit
+libtasn1
+zlib
+
diff --git a/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/files b/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/files
new file mode 100644
index 000000000..f908dc410
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/files
@@ -0,0 +1,75 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-gnutls-30.dll
+usr/bin/msys-gnutlsxx-28.dll
+usr/share/
+usr/share/info/
+usr/share/info/gnutls-client-server-use-case.png.gz
+usr/share/info/gnutls-guile.info.gz
+usr/share/info/gnutls-handshake-sequence.png.gz
+usr/share/info/gnutls-handshake-state.png.gz
+usr/share/info/gnutls-internals.png.gz
+usr/share/info/gnutls-layers.png.gz
+usr/share/info/gnutls-logo.png.gz
+usr/share/info/gnutls-modauth.png.gz
+usr/share/info/gnutls-x509.png.gz
+usr/share/info/gnutls.info-1.gz
+usr/share/info/gnutls.info-2.gz
+usr/share/info/gnutls.info-3.gz
+usr/share/info/gnutls.info-4.gz
+usr/share/info/gnutls.info-5.gz
+usr/share/info/gnutls.info-6.gz
+usr/share/info/gnutls.info-7.gz
+usr/share/info/gnutls.info.gz
+usr/share/info/pkcs11-vision.png.gz
+usr/share/locale/
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/gnutls.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/gnutls.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/gnutls.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/gnutls.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/gnutls.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/gnutls.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/gnutls.mo
+usr/share/locale/ms/
+usr/share/locale/ms/LC_MESSAGES/
+usr/share/locale/ms/LC_MESSAGES/gnutls.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/gnutls.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/gnutls.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/gnutls.mo
+usr/share/locale/sr/
+usr/share/locale/sr/LC_MESSAGES/
+usr/share/locale/sr/LC_MESSAGES/gnutls.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/gnutls.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/gnutls.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/gnutls.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/gnutls.mo
+
diff --git a/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/install b/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/install
new file mode 100644
index 000000000..b897b3b7a
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/install
@@ -0,0 +1,20 @@
+infodir=usr/share/info
+filelist="gnutls.info-1 gnutls.info-2 gnutls.info-3 gnutls.info-4 gnutls.info-5 gnutls.info-6 gnutls.info gnutls-guile.info"
+
+post_install() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist}; do
+    install-info $infodir/${file}.gz $infodir/dir 2> /dev/null
+  done
+}
+
+post_upgrade() {
+  post_install $1
+}
+
+pre_remove() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist}; do
+    install-info --delete $infodir/${file}.gz $infodir/dir 2> /dev/null
+  done
+}
diff --git a/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/mtree b/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/mtree
new file mode 100644
index 000000000..dc5a5e76b
Binary files /dev/null and b/msys2/var/lib/pacman/local/libgnutls-3.6.7.1-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libgpg-error-1.27-1/desc b/msys2/var/lib/pacman/local/libgpg-error-1.27-1/desc
deleted file mode 100644
index 4b65c14aa..000000000
--- a/msys2/var/lib/pacman/local/libgpg-error-1.27-1/desc
+++ /dev/null
@@ -1,48 +0,0 @@
-%NAME%
-libgpg-error
-
-%VERSION%
-1.27-1
-
-%BASE%
-libgpg-error
-
-%DESC%
-Support library for libgcrypt
-
-%URL%
-https://gnupg.org
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1500028394
-
-%INSTALLDATE%
-1527758867
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-535552
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-LGPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-runtime
-sh
-libiconv
-libintl
-
diff --git a/msys2/var/lib/pacman/local/libgpg-error-1.27-1/files b/msys2/var/lib/pacman/local/libgpg-error-1.27-1/files
deleted file mode 100644
index 8f6f893a9..000000000
--- a/msys2/var/lib/pacman/local/libgpg-error-1.27-1/files
+++ /dev/null
@@ -1,65 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/gpg-error.exe
-usr/bin/msys-gpg-error-0.dll
-usr/share/
-usr/share/locale/
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/eo/
-usr/share/locale/eo/LC_MESSAGES/
-usr/share/locale/eo/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/hu/
-usr/share/locale/hu/LC_MESSAGES/
-usr/share/locale/hu/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/pt/
-usr/share/locale/pt/LC_MESSAGES/
-usr/share/locale/pt/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/ro/
-usr/share/locale/ro/LC_MESSAGES/
-usr/share/locale/ro/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/ru/
-usr/share/locale/ru/LC_MESSAGES/
-usr/share/locale/ru/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/sr/
-usr/share/locale/sr/LC_MESSAGES/
-usr/share/locale/sr/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/uk/
-usr/share/locale/uk/LC_MESSAGES/
-usr/share/locale/uk/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo
-usr/share/locale/zh_TW/
-usr/share/locale/zh_TW/LC_MESSAGES/
-usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo
-
diff --git a/msys2/var/lib/pacman/local/libgpg-error-1.27-1/mtree b/msys2/var/lib/pacman/local/libgpg-error-1.27-1/mtree
deleted file mode 100644
index 0cb34c129..000000000
Binary files a/msys2/var/lib/pacman/local/libgpg-error-1.27-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libgpg-error-1.36-1/desc b/msys2/var/lib/pacman/local/libgpg-error-1.36-1/desc
new file mode 100644
index 000000000..7e63df075
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgpg-error-1.36-1/desc
@@ -0,0 +1,48 @@
+%NAME%
+libgpg-error
+
+%VERSION%
+1.36-1
+
+%BASE%
+libgpg-error
+
+%DESC%
+Support library for libgcrypt
+
+%URL%
+https://gnupg.org
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1555315386
+
+%INSTALLDATE%
+1558699089
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+655360
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+LGPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+sh
+libiconv
+libintl
+
diff --git a/msys2/var/lib/pacman/local/libgpg-error-1.36-1/files b/msys2/var/lib/pacman/local/libgpg-error-1.36-1/files
new file mode 100644
index 000000000..8b517fa78
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgpg-error-1.36-1/files
@@ -0,0 +1,69 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/gpg-error.exe
+usr/bin/msys-gpg-error-0.dll
+usr/bin/yat2m.exe
+usr/share/
+usr/share/locale/
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/pt/
+usr/share/locale/pt/LC_MESSAGES/
+usr/share/locale/pt/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/ro/
+usr/share/locale/ro/LC_MESSAGES/
+usr/share/locale/ro/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/ru/
+usr/share/locale/ru/LC_MESSAGES/
+usr/share/locale/ru/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/sr/
+usr/share/locale/sr/LC_MESSAGES/
+usr/share/locale/sr/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo
+usr/share/locale/zh_TW/
+usr/share/locale/zh_TW/LC_MESSAGES/
+usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo
+
diff --git a/msys2/var/lib/pacman/local/libgpg-error-1.36-1/mtree b/msys2/var/lib/pacman/local/libgpg-error-1.36-1/mtree
new file mode 100644
index 000000000..676c16a5c
Binary files /dev/null and b/msys2/var/lib/pacman/local/libgpg-error-1.36-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/desc b/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/desc
new file mode 100644
index 000000000..20ff0816d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/desc
@@ -0,0 +1,47 @@
+%NAME%
+libgpgme
+
+%VERSION%
+1.13.0-1
+
+%BASE%
+gpgme
+
+%DESC%
+A C wrapper library for GnuPG
+
+%URL%
+https://gnupg.org/related_software/gpgme/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1555318625
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+886784
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+LGPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libassuan
+libgpg-error
+gnupg
+
diff --git a/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/files b/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/files
new file mode 100644
index 000000000..b866b054e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/files
@@ -0,0 +1,13 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/gpgme-json.exe
+usr/bin/gpgme-tool.exe
+usr/bin/msys-gpgme-11.dll
+usr/bin/msys-gpgmepp-6.dll
+usr/share/
+usr/share/info/
+usr/share/info/gpgme.info-1.gz
+usr/share/info/gpgme.info-2.gz
+usr/share/info/gpgme.info.gz
+
diff --git a/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/install b/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/libgpgme-1.6.0-1/install
rename to msys2/var/lib/pacman/local/libgpgme-1.13.0-1/install
diff --git a/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/mtree b/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/mtree
new file mode 100644
index 000000000..a6a232776
Binary files /dev/null and b/msys2/var/lib/pacman/local/libgpgme-1.13.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/desc b/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/desc
deleted file mode 100644
index 4c6198405..000000000
--- a/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/desc
+++ /dev/null
@@ -1,47 +0,0 @@
-%NAME%
-libgpgme
-
-%VERSION%
-1.6.0-1
-
-%BASE%
-gpgme
-
-%DESC%
-A C wrapper library for GnuPG
-
-%URL%
-http://www.gnupg.org/related_software/gpgme/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1441351526
-
-%INSTALLDATE%
-1527758880
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-582656
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-LGPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libassuan
-libgpg-error
-gnupg
-
diff --git a/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/files b/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/files
deleted file mode 100644
index cc2261cfd..000000000
--- a/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/files
+++ /dev/null
@@ -1,11 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-gpgme-11.dll
-usr/bin/msys-gpgme-pthread-11.dll
-usr/share/
-usr/share/info/
-usr/share/info/gpgme.info-1.gz
-usr/share/info/gpgme.info-2.gz
-usr/share/info/gpgme.info.gz
-
diff --git a/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/mtree b/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/mtree
deleted file mode 100644
index 99b4b6499..000000000
Binary files a/msys2/var/lib/pacman/local/libgpgme-1.6.0-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/desc b/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/desc
new file mode 100644
index 000000000..13fa752cd
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+libhogweed
+
+%VERSION%
+3.4.1-1
+
+%BASE%
+nettle
+
+%DESC%
+A low-level cryptographic library
+
+%URL%
+https://www.lysator.liu.se/~nisse/nettle/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1544167338
+
+%INSTALLDATE%
+1558699048
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+211968
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL2
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gmp
+
diff --git a/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/files b/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/files
new file mode 100644
index 000000000..a8f59a5f8
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/files
@@ -0,0 +1,5 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-hogweed-4.dll
+
diff --git a/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/mtree b/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/mtree
new file mode 100644
index 000000000..764c4268b
Binary files /dev/null and b/msys2/var/lib/pacman/local/libhogweed-3.4.1-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libiconv-1.15-1/desc b/msys2/var/lib/pacman/local/libiconv-1.15-1/desc
index 240a7c1ef..8f48bf5db 100644
--- a/msys2/var/lib/pacman/local/libiconv-1.15-1/desc
+++ b/msys2/var/lib/pacman/local/libiconv-1.15-1/desc
@@ -20,7 +20,7 @@ i686
 1526287454
 
 %INSTALLDATE%
-1527758843
+1558699047
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libidn2-2.0.4-2/desc b/msys2/var/lib/pacman/local/libidn2-2.0.4-2/desc
deleted file mode 100644
index 4133a5e0c..000000000
--- a/msys2/var/lib/pacman/local/libidn2-2.0.4-2/desc
+++ /dev/null
@@ -1,47 +0,0 @@
-%NAME%
-libidn2
-
-%VERSION%
-2.0.4-2
-
-%BASE%
-libidn2
-
-%DESC%
-Implementation of the Stringprep, Punycode and IDNA specifications
-
-%URL%
-https://www.gnu.org/software/libidn/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1505201579
-
-%INSTALLDATE%
-1527758871
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-144384
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-GPL3
-LGPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-info
-libunistring
-
diff --git a/msys2/var/lib/pacman/local/libidn2-2.0.4-2/files b/msys2/var/lib/pacman/local/libidn2-2.0.4-2/files
deleted file mode 100644
index db9c210ab..000000000
--- a/msys2/var/lib/pacman/local/libidn2-2.0.4-2/files
+++ /dev/null
@@ -1,30 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-idn2-0.dll
-usr/share/
-usr/share/info/
-usr/share/info/libidn2.info.gz
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/idn2.1.gz
-usr/share/man/man3/
-usr/share/man/man3/idn2_check_version.3.gz
-usr/share/man/man3/idn2_free.3.gz
-usr/share/man/man3/idn2_lookup_u8.3.gz
-usr/share/man/man3/idn2_lookup_ul.3.gz
-usr/share/man/man3/idn2_register_u8.3.gz
-usr/share/man/man3/idn2_register_ul.3.gz
-usr/share/man/man3/idn2_strerror.3.gz
-usr/share/man/man3/idn2_strerror_name.3.gz
-usr/share/man/man3/idn2_to_ascii_4i.3.gz
-usr/share/man/man3/idn2_to_ascii_4z.3.gz
-usr/share/man/man3/idn2_to_ascii_8z.3.gz
-usr/share/man/man3/idn2_to_ascii_lz.3.gz
-usr/share/man/man3/idn2_to_unicode_44i.3.gz
-usr/share/man/man3/idn2_to_unicode_4z4z.3.gz
-usr/share/man/man3/idn2_to_unicode_8z4z.3.gz
-usr/share/man/man3/idn2_to_unicode_8z8z.3.gz
-usr/share/man/man3/idn2_to_unicode_8zlz.3.gz
-usr/share/man/man3/idn2_to_unicode_lzlz.3.gz
-
diff --git a/msys2/var/lib/pacman/local/libidn2-2.0.4-2/mtree b/msys2/var/lib/pacman/local/libidn2-2.0.4-2/mtree
deleted file mode 100644
index e7349cae9..000000000
Binary files a/msys2/var/lib/pacman/local/libidn2-2.0.4-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/desc b/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/desc
new file mode 100644
index 000000000..e7a3fb96b
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/desc
@@ -0,0 +1,47 @@
+%NAME%
+libidn2
+
+%VERSION%
+2.1.1a-1
+
+%BASE%
+libidn2
+
+%DESC%
+Implementation of the Stringprep, Punycode and IDNA specifications
+
+%URL%
+https://www.gnu.org/software/libidn/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1551331052
+
+%INSTALLDATE%
+1558699094
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+218112
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL3
+LGPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+info
+libunistring
+
diff --git a/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/files b/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/files
new file mode 100644
index 000000000..3c3a43c5d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/files
@@ -0,0 +1,98 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-idn2-0.dll
+usr/share/
+usr/share/info/
+usr/share/info/libidn2.info.gz
+usr/share/locale/
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/libidn2.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/libidn2.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/libidn2.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/libidn2.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/libidn2.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/libidn2.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/libidn2.mo
+usr/share/locale/fur/
+usr/share/locale/fur/LC_MESSAGES/
+usr/share/locale/fur/LC_MESSAGES/libidn2.mo
+usr/share/locale/hr/
+usr/share/locale/hr/LC_MESSAGES/
+usr/share/locale/hr/LC_MESSAGES/libidn2.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/libidn2.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/libidn2.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/libidn2.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/libidn2.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/libidn2.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/libidn2.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/libidn2.mo
+usr/share/locale/ro/
+usr/share/locale/ro/LC_MESSAGES/
+usr/share/locale/ro/LC_MESSAGES/libidn2.mo
+usr/share/locale/sr/
+usr/share/locale/sr/LC_MESSAGES/
+usr/share/locale/sr/LC_MESSAGES/libidn2.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/libidn2.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/libidn2.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/libidn2.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/libidn2.mo
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/idn2.1.gz
+usr/share/man/man3/
+usr/share/man/man3/idn2_check_version.3.gz
+usr/share/man/man3/idn2_free.3.gz
+usr/share/man/man3/idn2_lookup_u8.3.gz
+usr/share/man/man3/idn2_lookup_ul.3.gz
+usr/share/man/man3/idn2_register_u8.3.gz
+usr/share/man/man3/idn2_register_ul.3.gz
+usr/share/man/man3/idn2_strerror.3.gz
+usr/share/man/man3/idn2_strerror_name.3.gz
+usr/share/man/man3/idn2_to_ascii_4i.3.gz
+usr/share/man/man3/idn2_to_ascii_4i2.3.gz
+usr/share/man/man3/idn2_to_ascii_4z.3.gz
+usr/share/man/man3/idn2_to_ascii_8z.3.gz
+usr/share/man/man3/idn2_to_ascii_lz.3.gz
+usr/share/man/man3/idn2_to_unicode_44i.3.gz
+usr/share/man/man3/idn2_to_unicode_4z4z.3.gz
+usr/share/man/man3/idn2_to_unicode_8z4z.3.gz
+usr/share/man/man3/idn2_to_unicode_8z8z.3.gz
+usr/share/man/man3/idn2_to_unicode_8zlz.3.gz
+usr/share/man/man3/idn2_to_unicode_lzlz.3.gz
+
diff --git a/msys2/var/lib/pacman/local/libidn2-2.0.4-2/install b/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/libidn2-2.0.4-2/install
rename to msys2/var/lib/pacman/local/libidn2-2.1.1a-1/install
diff --git a/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/mtree b/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/mtree
new file mode 100644
index 000000000..aaba1278f
Binary files /dev/null and b/msys2/var/lib/pacman/local/libidn2-2.1.1a-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libintl-0.19.8.1-1/desc b/msys2/var/lib/pacman/local/libintl-0.19.8.1-1/desc
index 483f8659f..d533e794c 100644
--- a/msys2/var/lib/pacman/local/libintl-0.19.8.1-1/desc
+++ b/msys2/var/lib/pacman/local/libintl-0.19.8.1-1/desc
@@ -20,7 +20,7 @@ i686
 1496393846
 
 %INSTALLDATE%
-1527758843
+1558699047
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libksba-1.3.5-1/desc b/msys2/var/lib/pacman/local/libksba-1.3.5-1/desc
new file mode 100644
index 000000000..498772f37
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libksba-1.3.5-1/desc
@@ -0,0 +1,46 @@
+%NAME%
+libksba
+
+%VERSION%
+1.3.5-1
+
+%BASE%
+libksba
+
+%DESC%
+A CMS and X.509 access library
+
+%URL%
+https://www.gnupg.org/related_software/libksba/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1500029841
+
+%INSTALLDATE%
+1558699099
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+244736
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libgpg-error
+
diff --git a/msys2/var/lib/pacman/local/libksba-1.3.5-1/files b/msys2/var/lib/pacman/local/libksba-1.3.5-1/files
new file mode 100644
index 000000000..bb82cebac
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libksba-1.3.5-1/files
@@ -0,0 +1,13 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-ksba-8.dll
+usr/share/
+usr/share/aclocal/
+usr/share/aclocal/ksba.m4
+usr/share/info/
+usr/share/info/ksba.info.gz
+usr/share/licenses/
+usr/share/licenses/libksba/
+usr/share/licenses/libksba/COPYING
+
diff --git a/msys2/var/lib/pacman/local/libksba-1.3.5-1/install b/msys2/var/lib/pacman/local/libksba-1.3.5-1/install
new file mode 100644
index 000000000..267969407
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libksba-1.3.5-1/install
@@ -0,0 +1,20 @@
+infodir=usr/share/info
+filelist=ksba.info
+
+post_install() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist}; do
+    install-info $infodir/$file.gz $infodir/dir 2> /dev/null
+  done
+}
+
+post_upgrade() {
+  post_install $1
+}
+
+pre_remove() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist}; do
+    install-info --delete $infodir/$file.gz $infodir/dir 2> /dev/null
+  done
+}
\ No newline at end of file
diff --git a/msys2/var/lib/pacman/local/libksba-1.3.5-1/mtree b/msys2/var/lib/pacman/local/libksba-1.3.5-1/mtree
new file mode 100644
index 000000000..2a6b0f39c
Binary files /dev/null and b/msys2/var/lib/pacman/local/libksba-1.3.5-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/liblz4-1.9.1-1/desc b/msys2/var/lib/pacman/local/liblz4-1.9.1-1/desc
new file mode 100644
index 000000000..81ba6b9e0
--- /dev/null
+++ b/msys2/var/lib/pacman/local/liblz4-1.9.1-1/desc
@@ -0,0 +1,42 @@
+%NAME%
+liblz4
+
+%VERSION%
+1.9.1-1
+
+%BASE%
+lz4
+
+%DESC%
+Very fast lossless compression algorithm
+
+%URL%
+http://www.lz4.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556169803
+
+%INSTALLDATE%
+1558699048
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+126976
+
+%REASON%
+1
+
+%LICENSE%
+LGPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/liblz4-1.9.1-1/files b/msys2/var/lib/pacman/local/liblz4-1.9.1-1/files
new file mode 100644
index 000000000..ba54c1b2e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/liblz4-1.9.1-1/files
@@ -0,0 +1,5 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-lz4-1.dll
+
diff --git a/msys2/var/lib/pacman/local/liblz4-1.9.1-1/mtree b/msys2/var/lib/pacman/local/liblz4-1.9.1-1/mtree
new file mode 100644
index 000000000..7977c8aef
Binary files /dev/null and b/msys2/var/lib/pacman/local/liblz4-1.9.1-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/liblzma-5.2.3-1/desc b/msys2/var/lib/pacman/local/liblzma-5.2.3-1/desc
deleted file mode 100644
index 7e1d9cd9f..000000000
--- a/msys2/var/lib/pacman/local/liblzma-5.2.3-1/desc
+++ /dev/null
@@ -1,49 +0,0 @@
-%NAME%
-liblzma
-
-%VERSION%
-5.2.3-1
-
-%BASE%
-xz
-
-%DESC%
-Library for XZ and LZMA compressed files
-
-%URL%
-http://tukaani.org/xz/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1485321410
-
-%INSTALLDATE%
-1527758844
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-162816
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-GPL
-LGPL
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-sh
-libiconv
-gettext
-
diff --git a/msys2/var/lib/pacman/local/liblzma-5.2.3-1/mtree b/msys2/var/lib/pacman/local/liblzma-5.2.3-1/mtree
deleted file mode 100644
index b1b32a778..000000000
Binary files a/msys2/var/lib/pacman/local/liblzma-5.2.3-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/liblzma-5.2.4-1/desc b/msys2/var/lib/pacman/local/liblzma-5.2.4-1/desc
new file mode 100644
index 000000000..a7bb3533f
--- /dev/null
+++ b/msys2/var/lib/pacman/local/liblzma-5.2.4-1/desc
@@ -0,0 +1,49 @@
+%NAME%
+liblzma
+
+%VERSION%
+5.2.4-1
+
+%BASE%
+xz
+
+%DESC%
+Library for XZ and LZMA compressed files
+
+%URL%
+https://tukaani.org/xz/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1529601416
+
+%INSTALLDATE%
+1558699048
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+162816
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL
+LGPL
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+sh
+libiconv
+gettext
+
diff --git a/msys2/var/lib/pacman/local/liblzma-5.2.3-1/files b/msys2/var/lib/pacman/local/liblzma-5.2.4-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/liblzma-5.2.3-1/files
rename to msys2/var/lib/pacman/local/liblzma-5.2.4-1/files
diff --git a/msys2/var/lib/pacman/local/liblzma-5.2.4-1/mtree b/msys2/var/lib/pacman/local/liblzma-5.2.4-1/mtree
new file mode 100644
index 000000000..018274944
Binary files /dev/null and b/msys2/var/lib/pacman/local/liblzma-5.2.4-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/liblzo2-2.10-1/desc b/msys2/var/lib/pacman/local/liblzo2-2.10-1/desc
deleted file mode 100644
index 5aa6f1a5e..000000000
--- a/msys2/var/lib/pacman/local/liblzo2-2.10-1/desc
+++ /dev/null
@@ -1,46 +0,0 @@
-%NAME%
-liblzo2
-
-%VERSION%
-2.10-1
-
-%BASE%
-liblzo2
-
-%DESC%
-Portable lossless data compression library
-
-%URL%
-http://www.oberhumer.com/opensource/lzo
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1490328919
-
-%INSTALLDATE%
-1527758844
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-194560
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-compression
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/liblzo2-2.10-1/mtree b/msys2/var/lib/pacman/local/liblzo2-2.10-1/mtree
deleted file mode 100644
index e890bc411..000000000
Binary files a/msys2/var/lib/pacman/local/liblzo2-2.10-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/liblzo2-2.10-2/desc b/msys2/var/lib/pacman/local/liblzo2-2.10-2/desc
new file mode 100644
index 000000000..e23e499e4
--- /dev/null
+++ b/msys2/var/lib/pacman/local/liblzo2-2.10-2/desc
@@ -0,0 +1,46 @@
+%NAME%
+liblzo2
+
+%VERSION%
+2.10-2
+
+%BASE%
+lzo2
+
+%DESC%
+Portable lossless data compression library
+
+%URL%
+https://www.oberhumer.com/opensource/lzo
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1532686261
+
+%INSTALLDATE%
+1558699048
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+192512
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+compression
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/liblzo2-2.10-1/files b/msys2/var/lib/pacman/local/liblzo2-2.10-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/liblzo2-2.10-1/files
rename to msys2/var/lib/pacman/local/liblzo2-2.10-2/files
diff --git a/msys2/var/lib/pacman/local/liblzo2-2.10-2/mtree b/msys2/var/lib/pacman/local/liblzo2-2.10-2/mtree
new file mode 100644
index 000000000..4dbcbef2f
Binary files /dev/null and b/msys2/var/lib/pacman/local/liblzo2-2.10-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libmetalink-0.1.3-2/desc b/msys2/var/lib/pacman/local/libmetalink-0.1.3-2/desc
index 50538f93d..8943c7c19 100644
--- a/msys2/var/lib/pacman/local/libmetalink-0.1.3-2/desc
+++ b/msys2/var/lib/pacman/local/libmetalink-0.1.3-2/desc
@@ -20,7 +20,7 @@ i686
 1518418527
 
 %INSTALLDATE%
-1527758871
+1558699094
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libnettle-3.3-1/desc b/msys2/var/lib/pacman/local/libnettle-3.3-1/desc
deleted file mode 100644
index 9c6e9ddd3..000000000
--- a/msys2/var/lib/pacman/local/libnettle-3.3-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libnettle
-
-%VERSION%
-3.3-1
-
-%BASE%
-nettle
-
-%DESC%
-A low-level cryptographic library
-
-%URL%
-https://www.lysator.liu.se/~nisse/nettle/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1476263987
-
-%INSTALLDATE%
-1527758844
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-233472
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-GPL2
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gmp
-
diff --git a/msys2/var/lib/pacman/local/libnettle-3.3-1/mtree b/msys2/var/lib/pacman/local/libnettle-3.3-1/mtree
deleted file mode 100644
index c76642c02..000000000
Binary files a/msys2/var/lib/pacman/local/libnettle-3.3-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libnettle-3.4.1-1/desc b/msys2/var/lib/pacman/local/libnettle-3.4.1-1/desc
new file mode 100644
index 000000000..d0080a3b5
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libnettle-3.4.1-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+libnettle
+
+%VERSION%
+3.4.1-1
+
+%BASE%
+nettle
+
+%DESC%
+A low-level cryptographic library
+
+%URL%
+https://www.lysator.liu.se/~nisse/nettle/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1544167338
+
+%INSTALLDATE%
+1558699048
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+234496
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL2
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libhogweed
+
diff --git a/msys2/var/lib/pacman/local/libnettle-3.3-1/files b/msys2/var/lib/pacman/local/libnettle-3.4.1-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libnettle-3.3-1/files
rename to msys2/var/lib/pacman/local/libnettle-3.4.1-1/files
diff --git a/msys2/var/lib/pacman/local/libnettle-3.4.1-1/mtree b/msys2/var/lib/pacman/local/libnettle-3.4.1-1/mtree
new file mode 100644
index 000000000..baa166cfc
Binary files /dev/null and b/msys2/var/lib/pacman/local/libnettle-3.4.1-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libnghttp2-1.30.0-1/desc b/msys2/var/lib/pacman/local/libnghttp2-1.30.0-1/desc
deleted file mode 100644
index 1db613c10..000000000
--- a/msys2/var/lib/pacman/local/libnghttp2-1.30.0-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libnghttp2
-
-%VERSION%
-1.30.0-1
-
-%BASE%
-libnghttp2
-
-%DESC%
-Framing layer of HTTP/2 is implemented as a reusable C library (runtime)
-
-%URL%
-https://nghttp2.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518421987
-
-%INSTALLDATE%
-1527758871
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-151552
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-MIT
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/libnghttp2-1.30.0-1/mtree b/msys2/var/lib/pacman/local/libnghttp2-1.30.0-1/mtree
deleted file mode 100644
index 0d733b4bb..000000000
Binary files a/msys2/var/lib/pacman/local/libnghttp2-1.30.0-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libnghttp2-1.36.0-1/desc b/msys2/var/lib/pacman/local/libnghttp2-1.36.0-1/desc
new file mode 100644
index 000000000..e71f93c7a
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libnghttp2-1.36.0-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+libnghttp2
+
+%VERSION%
+1.36.0-1
+
+%BASE%
+libnghttp2
+
+%DESC%
+Framing layer of HTTP/2 is implemented as a reusable C library (runtime)
+
+%URL%
+https://nghttp2.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1549532917
+
+%INSTALLDATE%
+1558699094
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+154624
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libnghttp2-1.30.0-1/files b/msys2/var/lib/pacman/local/libnghttp2-1.36.0-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libnghttp2-1.30.0-1/files
rename to msys2/var/lib/pacman/local/libnghttp2-1.36.0-1/files
diff --git a/msys2/var/lib/pacman/local/libnghttp2-1.36.0-1/mtree b/msys2/var/lib/pacman/local/libnghttp2-1.36.0-1/mtree
new file mode 100644
index 000000000..5f142dade
Binary files /dev/null and b/msys2/var/lib/pacman/local/libnghttp2-1.36.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libnpth-1.6-1/desc b/msys2/var/lib/pacman/local/libnpth-1.6-1/desc
new file mode 100644
index 000000000..133c5d570
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libnpth-1.6-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+libnpth
+
+%VERSION%
+1.6-1
+
+%BASE%
+npth
+
+%DESC%
+New portable threads library
+
+%URL%
+https://gnupg.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1533712569
+
+%INSTALLDATE%
+1558699099
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+16384
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+LGPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libnpth-1.6-1/files b/msys2/var/lib/pacman/local/libnpth-1.6-1/files
new file mode 100644
index 000000000..a85458d7d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libnpth-1.6-1/files
@@ -0,0 +1,5 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-npth-0.dll
+
diff --git a/msys2/var/lib/pacman/local/libnpth-1.6-1/mtree b/msys2/var/lib/pacman/local/libnpth-1.6-1/mtree
new file mode 100644
index 000000000..1268f2cf5
Binary files /dev/null and b/msys2/var/lib/pacman/local/libnpth-1.6-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/desc b/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/desc
deleted file mode 100644
index a0fc2ea1d..000000000
--- a/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libopenssl
-
-%VERSION%
-1.0.2.m-1
-
-%BASE%
-openssl
-
-%DESC%
-The Open Source toolkit for Secure Sockets Layer and Transport Layer Security
-
-%URL%
-https://www.openssl.org
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1510892297
-
-%INSTALLDATE%
-1527758861
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-2764800
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-custom:BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-zlib
-
diff --git a/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/files b/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/files
deleted file mode 100644
index b008bea1f..000000000
--- a/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/files
+++ /dev/null
@@ -1,21 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-crypto-1.0.0.dll
-usr/bin/msys-ssl-1.0.0.dll
-usr/lib/
-usr/lib/openssl/
-usr/lib/openssl/engines/
-usr/lib/openssl/engines/lib4758cca.so
-usr/lib/openssl/engines/libaep.so
-usr/lib/openssl/engines/libatalla.so
-usr/lib/openssl/engines/libcapi.so
-usr/lib/openssl/engines/libchil.so
-usr/lib/openssl/engines/libcswift.so
-usr/lib/openssl/engines/libgmp.so
-usr/lib/openssl/engines/libgost.so
-usr/lib/openssl/engines/libnuron.so
-usr/lib/openssl/engines/libpadlock.so
-usr/lib/openssl/engines/libsureware.so
-usr/lib/openssl/engines/libubsec.so
-
diff --git a/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/mtree b/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/mtree
deleted file mode 100644
index 6c7e1af14..000000000
Binary files a/msys2/var/lib/pacman/local/libopenssl-1.0.2.m-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/desc b/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/desc
new file mode 100644
index 000000000..d0f3dec7d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+libopenssl
+
+%VERSION%
+1.1.1.b-1
+
+%BASE%
+openssl
+
+%DESC%
+The Open Source toolkit for Secure Sockets Layer and Transport Layer Security
+
+%URL%
+https://www.openssl.org
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1551329600
+
+%INSTALLDATE%
+1558699070
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+2942976
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+custom:BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+zlib
+
diff --git a/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/files b/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/files
new file mode 100644
index 000000000..79f20c305
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/files
@@ -0,0 +1,11 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-crypto-1.1.dll
+usr/bin/msys-ssl-1.1.dll
+usr/lib/
+usr/lib/openssl/
+usr/lib/openssl/engines-1.1/
+usr/lib/openssl/engines-1.1/capi.dll
+usr/lib/openssl/engines-1.1/padlock.dll
+
diff --git a/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/mtree b/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/mtree
new file mode 100644
index 000000000..cde023947
Binary files /dev/null and b/msys2/var/lib/pacman/local/libopenssl-1.1.1.b-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libp11-kit-0.23.15-1/desc b/msys2/var/lib/pacman/local/libp11-kit-0.23.15-1/desc
new file mode 100644
index 000000000..1ea9ab726
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libp11-kit-0.23.15-1/desc
@@ -0,0 +1,48 @@
+%NAME%
+libp11-kit
+
+%VERSION%
+0.23.15-1
+
+%BASE%
+p11-kit
+
+%DESC%
+Library to work with PKCS#11 modules
+
+%URL%
+https://p11-glue.freedesktop.org/p11-kit.html
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1548309743
+
+%INSTALLDATE%
+1558699090
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1028096
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libffi
+libintl
+libtasn1
+glib2
+
diff --git a/msys2/var/lib/pacman/local/libp11-kit-0.23.9-1/files b/msys2/var/lib/pacman/local/libp11-kit-0.23.15-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libp11-kit-0.23.9-1/files
rename to msys2/var/lib/pacman/local/libp11-kit-0.23.15-1/files
diff --git a/msys2/var/lib/pacman/local/libp11-kit-0.23.15-1/mtree b/msys2/var/lib/pacman/local/libp11-kit-0.23.15-1/mtree
new file mode 100644
index 000000000..5199cb3ec
Binary files /dev/null and b/msys2/var/lib/pacman/local/libp11-kit-0.23.15-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libp11-kit-0.23.9-1/desc b/msys2/var/lib/pacman/local/libp11-kit-0.23.9-1/desc
deleted file mode 100644
index 452f4849e..000000000
--- a/msys2/var/lib/pacman/local/libp11-kit-0.23.9-1/desc
+++ /dev/null
@@ -1,48 +0,0 @@
-%NAME%
-libp11-kit
-
-%VERSION%
-0.23.9-1
-
-%BASE%
-p11-kit
-
-%DESC%
-Library to work with PKCS#11 modules
-
-%URL%
-https://p11-glue.freedesktop.org/p11-kit.html
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1510895041
-
-%INSTALLDATE%
-1527758868
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1053696
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libffi
-libintl
-libtasn1
-glib2
-
diff --git a/msys2/var/lib/pacman/local/libp11-kit-0.23.9-1/mtree b/msys2/var/lib/pacman/local/libp11-kit-0.23.9-1/mtree
deleted file mode 100644
index 6838b6695..000000000
Binary files a/msys2/var/lib/pacman/local/libp11-kit-0.23.9-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libpcre-8.40-2/desc b/msys2/var/lib/pacman/local/libpcre-8.40-2/desc
deleted file mode 100644
index d49da697f..000000000
--- a/msys2/var/lib/pacman/local/libpcre-8.40-2/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libpcre
-
-%VERSION%
-8.40-2
-
-%BASE%
-pcre
-
-%DESC%
-A library that implements Perl 5-style regular expressions
-
-%URL%
-http://www.pcre.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1487155740
-
-%INSTALLDATE%
-1527758864
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-289792
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/libpcre-8.40-2/mtree b/msys2/var/lib/pacman/local/libpcre-8.40-2/mtree
deleted file mode 100644
index e4deae707..000000000
Binary files a/msys2/var/lib/pacman/local/libpcre-8.40-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libpcre-8.43-2/desc b/msys2/var/lib/pacman/local/libpcre-8.43-2/desc
new file mode 100644
index 000000000..dbed64d4b
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libpcre-8.43-2/desc
@@ -0,0 +1,45 @@
+%NAME%
+libpcre
+
+%VERSION%
+8.43-2
+
+%BASE%
+pcre
+
+%DESC%
+A library that implements Perl 5-style regular expressions
+
+%URL%
+https://www.pcre.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556605191
+
+%INSTALLDATE%
+1558699087
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+290816
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libpcre-8.40-2/files b/msys2/var/lib/pacman/local/libpcre-8.43-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libpcre-8.40-2/files
rename to msys2/var/lib/pacman/local/libpcre-8.43-2/files
diff --git a/msys2/var/lib/pacman/local/libpcre-8.43-2/mtree b/msys2/var/lib/pacman/local/libpcre-8.43-2/mtree
new file mode 100644
index 000000000..af0c643cf
Binary files /dev/null and b/msys2/var/lib/pacman/local/libpcre-8.43-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libpcre16-8.40-2/desc b/msys2/var/lib/pacman/local/libpcre16-8.40-2/desc
deleted file mode 100644
index cb0ca752a..000000000
--- a/msys2/var/lib/pacman/local/libpcre16-8.40-2/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libpcre16
-
-%VERSION%
-8.40-2
-
-%BASE%
-pcre
-
-%DESC%
-A library that implements Perl 5-style regular expressions
-
-%URL%
-http://www.pcre.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1487155829
-
-%INSTALLDATE%
-1527758879
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-265216
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/libpcre16-8.40-2/mtree b/msys2/var/lib/pacman/local/libpcre16-8.40-2/mtree
deleted file mode 100644
index bec05ccc8..000000000
Binary files a/msys2/var/lib/pacman/local/libpcre16-8.40-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libpcre16-8.43-2/desc b/msys2/var/lib/pacman/local/libpcre16-8.43-2/desc
new file mode 100644
index 000000000..129456394
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libpcre16-8.43-2/desc
@@ -0,0 +1,45 @@
+%NAME%
+libpcre16
+
+%VERSION%
+8.43-2
+
+%BASE%
+pcre
+
+%DESC%
+A library that implements Perl 5-style regular expressions
+
+%URL%
+https://www.pcre.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556605191
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+264192
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libpcre16-8.40-2/files b/msys2/var/lib/pacman/local/libpcre16-8.43-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libpcre16-8.40-2/files
rename to msys2/var/lib/pacman/local/libpcre16-8.43-2/files
diff --git a/msys2/var/lib/pacman/local/libpcre16-8.43-2/mtree b/msys2/var/lib/pacman/local/libpcre16-8.43-2/mtree
new file mode 100644
index 000000000..af32ec056
Binary files /dev/null and b/msys2/var/lib/pacman/local/libpcre16-8.43-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/desc b/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/desc
new file mode 100644
index 000000000..24c3fdf29
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/desc
@@ -0,0 +1,45 @@
+%NAME%
+libpcre2_8
+
+%VERSION%
+10.33-2
+
+%BASE%
+pcre2
+
+%DESC%
+A library that implements Perl 5-style regular expressions
+
+%URL%
+https://www.pcre.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556605766
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+358400
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/files b/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/files
new file mode 100644
index 000000000..da2b5830a
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/files
@@ -0,0 +1,5 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-pcre2-8-0.dll
+
diff --git a/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/mtree b/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/mtree
new file mode 100644
index 000000000..ae2486232
Binary files /dev/null and b/msys2/var/lib/pacman/local/libpcre2_8-10.33-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libpcre32-8.40-2/desc b/msys2/var/lib/pacman/local/libpcre32-8.40-2/desc
deleted file mode 100644
index d8ecf51a9..000000000
--- a/msys2/var/lib/pacman/local/libpcre32-8.40-2/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libpcre32
-
-%VERSION%
-8.40-2
-
-%BASE%
-pcre
-
-%DESC%
-A library that implements Perl 5-style regular expressions
-
-%URL%
-http://www.pcre.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1487155924
-
-%INSTALLDATE%
-1527758879
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-254976
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/libpcre32-8.40-2/mtree b/msys2/var/lib/pacman/local/libpcre32-8.40-2/mtree
deleted file mode 100644
index dd305acc7..000000000
Binary files a/msys2/var/lib/pacman/local/libpcre32-8.40-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libpcre32-8.43-2/desc b/msys2/var/lib/pacman/local/libpcre32-8.43-2/desc
new file mode 100644
index 000000000..a909dee68
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libpcre32-8.43-2/desc
@@ -0,0 +1,45 @@
+%NAME%
+libpcre32
+
+%VERSION%
+8.43-2
+
+%BASE%
+pcre
+
+%DESC%
+A library that implements Perl 5-style regular expressions
+
+%URL%
+https://www.pcre.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556605191
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+254976
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libpcre32-8.40-2/files b/msys2/var/lib/pacman/local/libpcre32-8.43-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libpcre32-8.40-2/files
rename to msys2/var/lib/pacman/local/libpcre32-8.43-2/files
diff --git a/msys2/var/lib/pacman/local/libpcre32-8.43-2/mtree b/msys2/var/lib/pacman/local/libpcre32-8.43-2/mtree
new file mode 100644
index 000000000..3e98b9078
Binary files /dev/null and b/msys2/var/lib/pacman/local/libpcre32-8.43-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libpcrecpp-8.40-2/desc b/msys2/var/lib/pacman/local/libpcrecpp-8.40-2/desc
deleted file mode 100644
index 083c3c5ab..000000000
--- a/msys2/var/lib/pacman/local/libpcrecpp-8.40-2/desc
+++ /dev/null
@@ -1,46 +0,0 @@
-%NAME%
-libpcrecpp
-
-%VERSION%
-8.40-2
-
-%BASE%
-pcre
-
-%DESC%
-A library that implements Perl 5-style regular expressions
-
-%URL%
-http://www.pcre.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1487155934
-
-%INSTALLDATE%
-1527758879
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-36864
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libpcre
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/libpcrecpp-8.40-2/mtree b/msys2/var/lib/pacman/local/libpcrecpp-8.40-2/mtree
deleted file mode 100644
index 9656a0765..000000000
Binary files a/msys2/var/lib/pacman/local/libpcrecpp-8.40-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libpcrecpp-8.43-2/desc b/msys2/var/lib/pacman/local/libpcrecpp-8.43-2/desc
new file mode 100644
index 000000000..bb32ff44a
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libpcrecpp-8.43-2/desc
@@ -0,0 +1,46 @@
+%NAME%
+libpcrecpp
+
+%VERSION%
+8.43-2
+
+%BASE%
+pcre
+
+%DESC%
+A library that implements Perl 5-style regular expressions
+
+%URL%
+https://www.pcre.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556605191
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+36864
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libpcre
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/libpcrecpp-8.40-2/files b/msys2/var/lib/pacman/local/libpcrecpp-8.43-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libpcrecpp-8.40-2/files
rename to msys2/var/lib/pacman/local/libpcrecpp-8.43-2/files
diff --git a/msys2/var/lib/pacman/local/libpcrecpp-8.43-2/mtree b/msys2/var/lib/pacman/local/libpcrecpp-8.43-2/mtree
new file mode 100644
index 000000000..fae5dba99
Binary files /dev/null and b/msys2/var/lib/pacman/local/libpcrecpp-8.43-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libpcreposix-8.40-2/desc b/msys2/var/lib/pacman/local/libpcreposix-8.40-2/desc
deleted file mode 100644
index e25c72791..000000000
--- a/msys2/var/lib/pacman/local/libpcreposix-8.40-2/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libpcreposix
-
-%VERSION%
-8.40-2
-
-%BASE%
-pcre
-
-%DESC%
-A library that implements Perl 5-style regular expressions
-
-%URL%
-http://www.pcre.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1487155957
-
-%INSTALLDATE%
-1527758879
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-11264
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libpcre
-
diff --git a/msys2/var/lib/pacman/local/libpcreposix-8.40-2/mtree b/msys2/var/lib/pacman/local/libpcreposix-8.40-2/mtree
deleted file mode 100644
index 79ead1596..000000000
Binary files a/msys2/var/lib/pacman/local/libpcreposix-8.40-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libpcreposix-8.43-2/desc b/msys2/var/lib/pacman/local/libpcreposix-8.43-2/desc
new file mode 100644
index 000000000..f1c6d8737
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libpcreposix-8.43-2/desc
@@ -0,0 +1,45 @@
+%NAME%
+libpcreposix
+
+%VERSION%
+8.43-2
+
+%BASE%
+pcre
+
+%DESC%
+A library that implements Perl 5-style regular expressions
+
+%URL%
+https://www.pcre.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556605191
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+11264
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libpcre
+
diff --git a/msys2/var/lib/pacman/local/libpcreposix-8.40-2/files b/msys2/var/lib/pacman/local/libpcreposix-8.43-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libpcreposix-8.40-2/files
rename to msys2/var/lib/pacman/local/libpcreposix-8.43-2/files
diff --git a/msys2/var/lib/pacman/local/libpcreposix-8.43-2/mtree b/msys2/var/lib/pacman/local/libpcreposix-8.43-2/mtree
new file mode 100644
index 000000000..bde60ccaa
Binary files /dev/null and b/msys2/var/lib/pacman/local/libpcreposix-8.43-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/libpsl-0.19.1-1/desc b/msys2/var/lib/pacman/local/libpsl-0.19.1-1/desc
deleted file mode 100644
index 76f0cf841..000000000
--- a/msys2/var/lib/pacman/local/libpsl-0.19.1-1/desc
+++ /dev/null
@@ -1,46 +0,0 @@
-%NAME%
-libpsl
-
-%VERSION%
-0.19.1-1
-
-%BASE%
-libpsl
-
-%DESC%
-Public Suffix List library (runtime)
-
-%URL%
-https://github.com/rockdaboot/libpsl
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518430103
-
-%INSTALLDATE%
-1527758871
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-98304
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-MIT
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libxslt
-libidn2
-
diff --git a/msys2/var/lib/pacman/local/libpsl-0.19.1-1/mtree b/msys2/var/lib/pacman/local/libpsl-0.19.1-1/mtree
deleted file mode 100644
index 37efd2583..000000000
Binary files a/msys2/var/lib/pacman/local/libpsl-0.19.1-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libpsl-0.20.2-3/desc b/msys2/var/lib/pacman/local/libpsl-0.20.2-3/desc
new file mode 100644
index 000000000..6f582c73d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libpsl-0.20.2-3/desc
@@ -0,0 +1,47 @@
+%NAME%
+libpsl
+
+%VERSION%
+0.20.2-3
+
+%BASE%
+libpsl
+
+%DESC%
+Public Suffix List library (runtime)
+
+%URL%
+https://github.com/rockdaboot/libpsl
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1551331843
+
+%INSTALLDATE%
+1558699094
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+110592
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libxslt
+libidn2
+libunistring
+
diff --git a/msys2/var/lib/pacman/local/libpsl-0.19.1-1/files b/msys2/var/lib/pacman/local/libpsl-0.20.2-3/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libpsl-0.19.1-1/files
rename to msys2/var/lib/pacman/local/libpsl-0.20.2-3/files
diff --git a/msys2/var/lib/pacman/local/libpsl-0.20.2-3/mtree b/msys2/var/lib/pacman/local/libpsl-0.20.2-3/mtree
new file mode 100644
index 000000000..ece07fd9a
Binary files /dev/null and b/msys2/var/lib/pacman/local/libpsl-0.20.2-3/mtree differ
diff --git a/msys2/var/lib/pacman/local/libreadline-7.0.003-2/desc b/msys2/var/lib/pacman/local/libreadline-7.0.003-2/desc
deleted file mode 100644
index 152364096..000000000
--- a/msys2/var/lib/pacman/local/libreadline-7.0.003-2/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-libreadline
-
-%VERSION%
-7.0.003-2
-
-%BASE%
-readline
-
-%DESC%
-GNU readline library
-
-%URL%
-https://tiswww.case.edu/php/chet/readline/rltop.html
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1520411972
-
-%INSTALLDATE%
-1527758860
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-540672
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-ncurses
-
diff --git a/msys2/var/lib/pacman/local/libreadline-7.0.003-2/files b/msys2/var/lib/pacman/local/libreadline-7.0.003-2/files
deleted file mode 100644
index cc5efc441..000000000
--- a/msys2/var/lib/pacman/local/libreadline-7.0.003-2/files
+++ /dev/null
@@ -1,36 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-history7.dll
-usr/bin/msys-readline7.dll
-usr/share/
-usr/share/doc/
-usr/share/doc/readline/
-usr/share/doc/readline/CHANGES
-usr/share/doc/readline/INSTALL
-usr/share/doc/readline/README
-usr/share/info/
-usr/share/info/history.info.gz
-usr/share/info/readline.info.gz
-usr/share/info/rluserman.info.gz
-usr/share/man/
-usr/share/man/man3/
-usr/share/man/man3/history.3.gz
-usr/share/man/man3/readline.3.gz
-usr/share/readline/
-usr/share/readline/excallback.c
-usr/share/readline/fileman.c
-usr/share/readline/hist_erasedups.c
-usr/share/readline/hist_purgecmd.c
-usr/share/readline/histexamp.c
-usr/share/readline/manexamp.c
-usr/share/readline/rl-callbacktest.c
-usr/share/readline/rl-fgets.c
-usr/share/readline/rl.c
-usr/share/readline/rlbasic.c
-usr/share/readline/rlcat.c
-usr/share/readline/rlevent.c
-usr/share/readline/rlptytest.c
-usr/share/readline/rltest.c
-usr/share/readline/rlversion.c
-
diff --git a/msys2/var/lib/pacman/local/libreadline-7.0.003-2/mtree b/msys2/var/lib/pacman/local/libreadline-7.0.003-2/mtree
deleted file mode 100644
index e5b0bce60..000000000
Binary files a/msys2/var/lib/pacman/local/libreadline-7.0.003-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libreadline-8.0.000-1/desc b/msys2/var/lib/pacman/local/libreadline-8.0.000-1/desc
new file mode 100644
index 000000000..9e5175548
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libreadline-8.0.000-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+libreadline
+
+%VERSION%
+8.0.000-1
+
+%BASE%
+readline
+
+%DESC%
+GNU readline library
+
+%URL%
+https://tiswww.case.edu/php/chet/readline/rltop.html
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556601490
+
+%INSTALLDATE%
+1558699069
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+568320
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+ncurses
+
diff --git a/msys2/var/lib/pacman/local/libreadline-8.0.000-1/files b/msys2/var/lib/pacman/local/libreadline-8.0.000-1/files
new file mode 100644
index 000000000..0d4fbb365
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libreadline-8.0.000-1/files
@@ -0,0 +1,37 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-history8.dll
+usr/bin/msys-readline8.dll
+usr/share/
+usr/share/doc/
+usr/share/doc/readline/
+usr/share/doc/readline/CHANGES
+usr/share/doc/readline/INSTALL
+usr/share/doc/readline/README
+usr/share/info/
+usr/share/info/history.info.gz
+usr/share/info/readline.info.gz
+usr/share/info/rluserman.info.gz
+usr/share/man/
+usr/share/man/man3/
+usr/share/man/man3/history.3.gz
+usr/share/man/man3/readline.3.gz
+usr/share/readline/
+usr/share/readline/excallback.c
+usr/share/readline/fileman.c
+usr/share/readline/hist_erasedups.c
+usr/share/readline/hist_purgecmd.c
+usr/share/readline/histexamp.c
+usr/share/readline/manexamp.c
+usr/share/readline/rl-callbacktest.c
+usr/share/readline/rl-fgets.c
+usr/share/readline/rl.c
+usr/share/readline/rlbasic.c
+usr/share/readline/rlcat.c
+usr/share/readline/rlevent.c
+usr/share/readline/rlkeymaps.c
+usr/share/readline/rlptytest.c
+usr/share/readline/rltest.c
+usr/share/readline/rlversion.c
+
diff --git a/msys2/var/lib/pacman/local/libreadline-7.0.003-2/install b/msys2/var/lib/pacman/local/libreadline-8.0.000-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/libreadline-7.0.003-2/install
rename to msys2/var/lib/pacman/local/libreadline-8.0.000-1/install
diff --git a/msys2/var/lib/pacman/local/libreadline-8.0.000-1/mtree b/msys2/var/lib/pacman/local/libreadline-8.0.000-1/mtree
new file mode 100644
index 000000000..6d9947d0a
Binary files /dev/null and b/msys2/var/lib/pacman/local/libreadline-8.0.000-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/desc b/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/desc
deleted file mode 100644
index a25cac2d5..000000000
--- a/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/desc
+++ /dev/null
@@ -1,47 +0,0 @@
-%NAME%
-libsqlite
-
-%VERSION%
-3.21.0-2
-
-%BASE%
-sqlite
-
-%DESC%
-Sqlite3 library
-
-%URL%
-https://www.sqlite.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1524132385
-
-%INSTALLDATE%
-1527758870
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1540096
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-PublicDomain
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libreadline
-icu>=59.1
-zlib
-
diff --git a/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/files b/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/files
deleted file mode 100644
index 003c4a19f..000000000
--- a/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/files
+++ /dev/null
@@ -1,40 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-sqlite3-0.dll
-usr/bin/msys-sqlite3amatch-0.dll
-usr/bin/msys-sqlite3anycollseq-0.dll
-usr/bin/msys-sqlite3carray-0.dll
-usr/bin/msys-sqlite3closure-0.dll
-usr/bin/msys-sqlite3completion-0.dll
-usr/bin/msys-sqlite3compress-0.dll
-usr/bin/msys-sqlite3csv-0.dll
-usr/bin/msys-sqlite3eval-0.dll
-usr/bin/msys-sqlite3fileio-0.dll
-usr/bin/msys-sqlite3fuzzer-0.dll
-usr/bin/msys-sqlite3icu-0.dll
-usr/bin/msys-sqlite3ieee754-0.dll
-usr/bin/msys-sqlite3memvfs-0.dll
-usr/bin/msys-sqlite3nextchar-0.dll
-usr/bin/msys-sqlite3percentile-0.dll
-usr/bin/msys-sqlite3rbu-0.dll
-usr/bin/msys-sqlite3regexp-0.dll
-usr/bin/msys-sqlite3remember-0.dll
-usr/bin/msys-sqlite3rot13-0.dll
-usr/bin/msys-sqlite3series-0.dll
-usr/bin/msys-sqlite3sha1-0.dll
-usr/bin/msys-sqlite3shathree-0.dll
-usr/bin/msys-sqlite3showauth-0.dll
-usr/bin/msys-sqlite3spellfix-0.dll
-usr/bin/msys-sqlite3stmt-0.dll
-usr/bin/msys-sqlite3totype-0.dll
-usr/bin/msys-sqlite3unionvtab-0.dll
-usr/bin/msys-sqlite3vfslog-0.dll
-usr/bin/msys-sqlite3vfsstat-0.dll
-usr/bin/msys-sqlite3vtshim-0.dll
-usr/bin/msys-sqlite3wholenumber-0.dll
-usr/share/
-usr/share/licenses/
-usr/share/licenses/libsqlite/
-usr/share/licenses/libsqlite/LICENSE
-
diff --git a/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/mtree b/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/mtree
deleted file mode 100644
index 442792bdf..000000000
Binary files a/msys2/var/lib/pacman/local/libsqlite-3.21.0-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/desc b/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/desc
new file mode 100644
index 000000000..4ee2e35b1
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/desc
@@ -0,0 +1,42 @@
+%NAME%
+libsqlite
+
+%VERSION%
+3.28.0-1
+
+%BASE%
+sqlite
+
+%DESC%
+Sqlite3 library
+
+%URL%
+https://www.sqlite.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1558603740
+
+%INSTALLDATE%
+1558699093
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1167360
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+PublicDomain
+
+%VALIDATION%
+pgp
+
diff --git a/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/files b/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/files
new file mode 100644
index 000000000..063e09678
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/files
@@ -0,0 +1,9 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-sqlite3-0.dll
+usr/share/
+usr/share/licenses/
+usr/share/licenses/libsqlite/
+usr/share/licenses/libsqlite/LICENSE
+
diff --git a/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/mtree b/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/mtree
new file mode 100644
index 000000000..15e3a3a13
Binary files /dev/null and b/msys2/var/lib/pacman/local/libsqlite-3.28.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libssh2-1.8.0-1/desc b/msys2/var/lib/pacman/local/libssh2-1.8.0-1/desc
deleted file mode 100644
index 1efc1442e..000000000
--- a/msys2/var/lib/pacman/local/libssh2-1.8.0-1/desc
+++ /dev/null
@@ -1,47 +0,0 @@
-%NAME%
-libssh2
-
-%VERSION%
-1.8.0-1
-
-%BASE%
-libssh2
-
-%DESC%
-Multi-protocol file transfer library (runtime)
-
-%URL%
-https://libssh2.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1504761314
-
-%INSTALLDATE%
-1527758871
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-263168
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-ca-certificates
-openssl
-zlib
-
diff --git a/msys2/var/lib/pacman/local/libssh2-1.8.0-1/mtree b/msys2/var/lib/pacman/local/libssh2-1.8.0-1/mtree
deleted file mode 100644
index 99e80f6e2..000000000
Binary files a/msys2/var/lib/pacman/local/libssh2-1.8.0-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libssh2-1.8.2-1/desc b/msys2/var/lib/pacman/local/libssh2-1.8.2-1/desc
new file mode 100644
index 000000000..b2d86914e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libssh2-1.8.2-1/desc
@@ -0,0 +1,47 @@
+%NAME%
+libssh2
+
+%VERSION%
+1.8.2-1
+
+%BASE%
+libssh2
+
+%DESC%
+Multi-protocol file transfer library (runtime)
+
+%URL%
+https://libssh2.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1555316307
+
+%INSTALLDATE%
+1558699094
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+266240
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+ca-certificates
+openssl
+zlib
+
diff --git a/msys2/var/lib/pacman/local/libssh2-1.8.0-1/files b/msys2/var/lib/pacman/local/libssh2-1.8.2-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libssh2-1.8.0-1/files
rename to msys2/var/lib/pacman/local/libssh2-1.8.2-1/files
diff --git a/msys2/var/lib/pacman/local/libssh2-1.8.2-1/mtree b/msys2/var/lib/pacman/local/libssh2-1.8.2-1/mtree
new file mode 100644
index 000000000..fd5447234
Binary files /dev/null and b/msys2/var/lib/pacman/local/libssh2-1.8.2-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libtasn1-4.13-1/desc b/msys2/var/lib/pacman/local/libtasn1-4.13-1/desc
index b080acfeb..75b3a723d 100644
--- a/msys2/var/lib/pacman/local/libtasn1-4.13-1/desc
+++ b/msys2/var/lib/pacman/local/libtasn1-4.13-1/desc
@@ -20,7 +20,7 @@ i686
 1518116393
 
 %INSTALLDATE%
-1527758866
+1558699089
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/libunistring-0.9.10-1/desc b/msys2/var/lib/pacman/local/libunistring-0.9.10-1/desc
new file mode 100644
index 000000000..bee96c80d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libunistring-0.9.10-1/desc
@@ -0,0 +1,46 @@
+%NAME%
+libunistring
+
+%VERSION%
+0.9.10-1
+
+%BASE%
+libunistring
+
+%DESC%
+Library for manipulating Unicode strings and C strings.
+
+%URL%
+https://www.gnu.org/software/libunistring/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1530003272
+
+%INSTALLDATE%
+1558699094
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+2315264
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+libiconv
+
diff --git a/msys2/var/lib/pacman/local/libunistring-0.9.10-1/files b/msys2/var/lib/pacman/local/libunistring-0.9.10-1/files
new file mode 100644
index 000000000..b88ed5e23
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libunistring-0.9.10-1/files
@@ -0,0 +1,33 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-unistring-2.dll
+usr/share/
+usr/share/doc/
+usr/share/doc/libunistring/
+usr/share/doc/libunistring/libunistring_1.html
+usr/share/doc/libunistring/libunistring_10.html
+usr/share/doc/libunistring/libunistring_11.html
+usr/share/doc/libunistring/libunistring_12.html
+usr/share/doc/libunistring/libunistring_13.html
+usr/share/doc/libunistring/libunistring_14.html
+usr/share/doc/libunistring/libunistring_15.html
+usr/share/doc/libunistring/libunistring_16.html
+usr/share/doc/libunistring/libunistring_17.html
+usr/share/doc/libunistring/libunistring_18.html
+usr/share/doc/libunistring/libunistring_19.html
+usr/share/doc/libunistring/libunistring_2.html
+usr/share/doc/libunistring/libunistring_20.html
+usr/share/doc/libunistring/libunistring_21.html
+usr/share/doc/libunistring/libunistring_3.html
+usr/share/doc/libunistring/libunistring_4.html
+usr/share/doc/libunistring/libunistring_5.html
+usr/share/doc/libunistring/libunistring_6.html
+usr/share/doc/libunistring/libunistring_7.html
+usr/share/doc/libunistring/libunistring_8.html
+usr/share/doc/libunistring/libunistring_9.html
+usr/share/doc/libunistring/libunistring_abt.html
+usr/share/doc/libunistring/libunistring_toc.html
+usr/share/info/
+usr/share/info/libunistring.info.gz
+
diff --git a/msys2/var/lib/pacman/local/libunistring-0.9.7-2/install b/msys2/var/lib/pacman/local/libunistring-0.9.10-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/libunistring-0.9.7-2/install
rename to msys2/var/lib/pacman/local/libunistring-0.9.10-1/install
diff --git a/msys2/var/lib/pacman/local/libunistring-0.9.10-1/mtree b/msys2/var/lib/pacman/local/libunistring-0.9.10-1/mtree
new file mode 100644
index 000000000..b1d9fd81a
Binary files /dev/null and b/msys2/var/lib/pacman/local/libunistring-0.9.10-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libunistring-0.9.7-2/desc b/msys2/var/lib/pacman/local/libunistring-0.9.7-2/desc
deleted file mode 100644
index 7e5669e37..000000000
--- a/msys2/var/lib/pacman/local/libunistring-0.9.7-2/desc
+++ /dev/null
@@ -1,46 +0,0 @@
-%NAME%
-libunistring
-
-%VERSION%
-0.9.7-2
-
-%BASE%
-libunistring
-
-%DESC%
-Library for manipulating Unicode strings and C strings.
-
-%URL%
-https://www.gnu.org/software/libunistring/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1506665322
-
-%INSTALLDATE%
-1527758870
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-2217984
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-runtime
-libiconv
-
diff --git a/msys2/var/lib/pacman/local/libunistring-0.9.7-2/files b/msys2/var/lib/pacman/local/libunistring-0.9.7-2/files
deleted file mode 100644
index 84a940c7f..000000000
--- a/msys2/var/lib/pacman/local/libunistring-0.9.7-2/files
+++ /dev/null
@@ -1,32 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-unistring-2.dll
-usr/share/
-usr/share/doc/
-usr/share/doc/libunistring/
-usr/share/doc/libunistring/libunistring_1.html
-usr/share/doc/libunistring/libunistring_10.html
-usr/share/doc/libunistring/libunistring_11.html
-usr/share/doc/libunistring/libunistring_12.html
-usr/share/doc/libunistring/libunistring_13.html
-usr/share/doc/libunistring/libunistring_14.html
-usr/share/doc/libunistring/libunistring_15.html
-usr/share/doc/libunistring/libunistring_16.html
-usr/share/doc/libunistring/libunistring_17.html
-usr/share/doc/libunistring/libunistring_18.html
-usr/share/doc/libunistring/libunistring_19.html
-usr/share/doc/libunistring/libunistring_2.html
-usr/share/doc/libunistring/libunistring_20.html
-usr/share/doc/libunistring/libunistring_3.html
-usr/share/doc/libunistring/libunistring_4.html
-usr/share/doc/libunistring/libunistring_5.html
-usr/share/doc/libunistring/libunistring_6.html
-usr/share/doc/libunistring/libunistring_7.html
-usr/share/doc/libunistring/libunistring_8.html
-usr/share/doc/libunistring/libunistring_9.html
-usr/share/doc/libunistring/libunistring_abt.html
-usr/share/doc/libunistring/libunistring_toc.html
-usr/share/info/
-usr/share/info/libunistring.info.gz
-
diff --git a/msys2/var/lib/pacman/local/libunistring-0.9.7-2/mtree b/msys2/var/lib/pacman/local/libunistring-0.9.7-2/mtree
deleted file mode 100644
index 8427f43a0..000000000
Binary files a/msys2/var/lib/pacman/local/libunistring-0.9.7-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libutil-linux-2.26.2-1/desc b/msys2/var/lib/pacman/local/libutil-linux-2.26.2-1/desc
deleted file mode 100644
index c85058d18..000000000
--- a/msys2/var/lib/pacman/local/libutil-linux-2.26.2-1/desc
+++ /dev/null
@@ -1,49 +0,0 @@
-%NAME%
-libutil-linux
-
-%VERSION%
-2.26.2-1
-
-%BASE%
-util-linux
-
-%DESC%
-Block device ID and Universally Unique ID libraries
-
-%URL%
-http://www.kernel.org/pub/linux/utils/util-linux/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1430816092
-
-%INSTALLDATE%
-1527758881
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-650240
-
-%REASON%
-1
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-libintl
-msys2-runtime
-
-%PROVIDES%
-libblkid
-libuuid
-libsmartcols
-
diff --git a/msys2/var/lib/pacman/local/libutil-linux-2.26.2-1/mtree b/msys2/var/lib/pacman/local/libutil-linux-2.26.2-1/mtree
deleted file mode 100644
index e58866a5b..000000000
Binary files a/msys2/var/lib/pacman/local/libutil-linux-2.26.2-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libutil-linux-2.33.1-1/desc b/msys2/var/lib/pacman/local/libutil-linux-2.33.1-1/desc
new file mode 100644
index 000000000..f3098ab04
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libutil-linux-2.33.1-1/desc
@@ -0,0 +1,49 @@
+%NAME%
+libutil-linux
+
+%VERSION%
+2.33.1-1
+
+%BASE%
+util-linux
+
+%DESC%
+Block device ID and Universally Unique ID libraries
+
+%URL%
+https://www.kernel.org/pub/linux/utils/util-linux/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556515202
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+878592
+
+%REASON%
+1
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libintl
+msys2-runtime
+
+%PROVIDES%
+libblkid
+libuuid
+libsmartcols
+
diff --git a/msys2/var/lib/pacman/local/libutil-linux-2.26.2-1/files b/msys2/var/lib/pacman/local/libutil-linux-2.33.1-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libutil-linux-2.26.2-1/files
rename to msys2/var/lib/pacman/local/libutil-linux-2.33.1-1/files
diff --git a/msys2/var/lib/pacman/local/libutil-linux-2.33.1-1/mtree b/msys2/var/lib/pacman/local/libutil-linux-2.33.1-1/mtree
new file mode 100644
index 000000000..fa5ca4309
Binary files /dev/null and b/msys2/var/lib/pacman/local/libutil-linux-2.33.1-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/libxml2-2.9.7-2/desc b/msys2/var/lib/pacman/local/libxml2-2.9.7-2/desc
deleted file mode 100644
index ef07c3565..000000000
--- a/msys2/var/lib/pacman/local/libxml2-2.9.7-2/desc
+++ /dev/null
@@ -1,50 +0,0 @@
-%NAME%
-libxml2
-
-%VERSION%
-2.9.7-2
-
-%BASE%
-libxml2
-
-%DESC%
-XML parsing library, version 2
-
-%URL%
-http://www.xmlsoft.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518501601
-
-%INSTALLDATE%
-1527758860
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1412096
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-MIT
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-coreutils
-icu>=59.1
-liblzma
-libreadline
-ncurses
-zlib
-
diff --git a/msys2/var/lib/pacman/local/libxml2-2.9.7-2/mtree b/msys2/var/lib/pacman/local/libxml2-2.9.7-2/mtree
deleted file mode 100644
index 68f784b9d..000000000
Binary files a/msys2/var/lib/pacman/local/libxml2-2.9.7-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libxml2-2.9.9-4/desc b/msys2/var/lib/pacman/local/libxml2-2.9.9-4/desc
new file mode 100644
index 000000000..0cc340044
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libxml2-2.9.9-4/desc
@@ -0,0 +1,50 @@
+%NAME%
+libxml2
+
+%VERSION%
+2.9.9-4
+
+%BASE%
+libxml2
+
+%DESC%
+XML parsing library, version 2
+
+%URL%
+http://www.xmlsoft.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556606194
+
+%INSTALLDATE%
+1558699069
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1405952
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+coreutils
+icu>=59.1
+liblzma
+libreadline
+ncurses
+zlib
+
diff --git a/msys2/var/lib/pacman/local/libxml2-2.9.7-2/files b/msys2/var/lib/pacman/local/libxml2-2.9.9-4/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libxml2-2.9.7-2/files
rename to msys2/var/lib/pacman/local/libxml2-2.9.9-4/files
diff --git a/msys2/var/lib/pacman/local/libxml2-2.9.7-2/install b/msys2/var/lib/pacman/local/libxml2-2.9.9-4/install
similarity index 100%
rename from msys2/var/lib/pacman/local/libxml2-2.9.7-2/install
rename to msys2/var/lib/pacman/local/libxml2-2.9.9-4/install
diff --git a/msys2/var/lib/pacman/local/libxml2-2.9.9-4/mtree b/msys2/var/lib/pacman/local/libxml2-2.9.9-4/mtree
new file mode 100644
index 000000000..a8d803e00
Binary files /dev/null and b/msys2/var/lib/pacman/local/libxml2-2.9.9-4/mtree differ
diff --git a/msys2/var/lib/pacman/local/libxslt-1.1.32-1/desc b/msys2/var/lib/pacman/local/libxslt-1.1.32-1/desc
deleted file mode 100644
index 98c9ff5a7..000000000
--- a/msys2/var/lib/pacman/local/libxslt-1.1.32-1/desc
+++ /dev/null
@@ -1,46 +0,0 @@
-%NAME%
-libxslt
-
-%VERSION%
-1.1.32-1
-
-%BASE%
-libxslt
-
-%DESC%
-XML stylesheet transformation library
-
-%URL%
-http://xmlsoft.org/XSLT/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1512371588
-
-%INSTALLDATE%
-1527758867
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-376832
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libxml2
-libgcrypt
-
diff --git a/msys2/var/lib/pacman/local/libxslt-1.1.32-1/mtree b/msys2/var/lib/pacman/local/libxslt-1.1.32-1/mtree
deleted file mode 100644
index a13799730..000000000
Binary files a/msys2/var/lib/pacman/local/libxslt-1.1.32-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/libxslt-1.1.33-2/desc b/msys2/var/lib/pacman/local/libxslt-1.1.33-2/desc
new file mode 100644
index 000000000..b2e81196a
--- /dev/null
+++ b/msys2/var/lib/pacman/local/libxslt-1.1.33-2/desc
@@ -0,0 +1,46 @@
+%NAME%
+libxslt
+
+%VERSION%
+1.1.33-2
+
+%BASE%
+libxslt
+
+%DESC%
+XML stylesheet transformation library
+
+%URL%
+http://xmlsoft.org/XSLT/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1549531032
+
+%INSTALLDATE%
+1558699089
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+367616
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libxml2
+libgcrypt
+
diff --git a/msys2/var/lib/pacman/local/libxslt-1.1.32-1/files b/msys2/var/lib/pacman/local/libxslt-1.1.33-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/libxslt-1.1.32-1/files
rename to msys2/var/lib/pacman/local/libxslt-1.1.33-2/files
diff --git a/msys2/var/lib/pacman/local/libxslt-1.1.33-2/mtree b/msys2/var/lib/pacman/local/libxslt-1.1.33-2/mtree
new file mode 100644
index 000000000..729faf261
Binary files /dev/null and b/msys2/var/lib/pacman/local/libxslt-1.1.33-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/lndir-1.0.3-1/desc b/msys2/var/lib/pacman/local/lndir-1.0.3-1/desc
index e42e90860..e13efdba0 100644
--- a/msys2/var/lib/pacman/local/lndir-1.0.3-1/desc
+++ b/msys2/var/lib/pacman/local/lndir-1.0.3-1/desc
@@ -17,7 +17,7 @@ i686
 1384187024
 
 %INSTALLDATE%
-1527758876
+1558699098
 
 %PACKAGER%
 Alexey Pavov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/m4-1.4.18-1/desc b/msys2/var/lib/pacman/local/m4-1.4.18-1/desc
deleted file mode 100644
index 863ea1b81..000000000
--- a/msys2/var/lib/pacman/local/m4-1.4.18-1/desc
+++ /dev/null
@@ -1,44 +0,0 @@
-%NAME%
-m4
-
-%VERSION%
-1.4.18-1
-
-%DESC%
-The GNU macro processor
-
-%URL%
-https://www.gnu.org/software/m4
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1485240135
-
-%INSTALLDATE%
-1527758873
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-335872
-
-%REASON%
-1
-
-%GROUPS%
-base-devel
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-bash
-gcc-libs
-msys2-runtime
-
diff --git a/msys2/var/lib/pacman/local/m4-1.4.18-1/mtree b/msys2/var/lib/pacman/local/m4-1.4.18-1/mtree
deleted file mode 100644
index ba75ece00..000000000
Binary files a/msys2/var/lib/pacman/local/m4-1.4.18-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/m4-1.4.18-2/desc b/msys2/var/lib/pacman/local/m4-1.4.18-2/desc
new file mode 100644
index 000000000..05cabb0c2
--- /dev/null
+++ b/msys2/var/lib/pacman/local/m4-1.4.18-2/desc
@@ -0,0 +1,47 @@
+%NAME%
+m4
+
+%VERSION%
+1.4.18-2
+
+%BASE%
+m4
+
+%DESC%
+The GNU macro processor
+
+%URL%
+https://www.gnu.org/software/m4
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1530876771
+
+%INSTALLDATE%
+1558699097
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+336896
+
+%REASON%
+1
+
+%GROUPS%
+base-devel
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+bash
+gcc-libs
+msys2-runtime
+
diff --git a/msys2/var/lib/pacman/local/m4-1.4.18-1/files b/msys2/var/lib/pacman/local/m4-1.4.18-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/m4-1.4.18-1/files
rename to msys2/var/lib/pacman/local/m4-1.4.18-2/files
diff --git a/msys2/var/lib/pacman/local/m4-1.4.18-1/install b/msys2/var/lib/pacman/local/m4-1.4.18-2/install
similarity index 100%
rename from msys2/var/lib/pacman/local/m4-1.4.18-1/install
rename to msys2/var/lib/pacman/local/m4-1.4.18-2/install
diff --git a/msys2/var/lib/pacman/local/m4-1.4.18-2/mtree b/msys2/var/lib/pacman/local/m4-1.4.18-2/mtree
new file mode 100644
index 000000000..1741ed562
Binary files /dev/null and b/msys2/var/lib/pacman/local/m4-1.4.18-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/desc b/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/desc
deleted file mode 100644
index b6c4291cd..000000000
--- a/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/desc
+++ /dev/null
@@ -1,39 +0,0 @@
-%NAME%
-mintty
-
-%VERSION%
-1~2.8.5-1
-
-%DESC%
-Terminal emulator with native Windows look and feel
-
-%URL%
-https://mintty.github.io
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1524129604
-
-%INSTALLDATE%
-1527758876
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-804864
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-sh
-
diff --git a/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/files b/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/files
deleted file mode 100644
index a9c2657a3..000000000
--- a/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/files
+++ /dev/null
@@ -1,36 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/getemojis
-usr/bin/mintheme
-usr/bin/mintty.exe
-usr/share/
-usr/share/licenses/
-usr/share/licenses/mintty/
-usr/share/licenses/mintty/LICENSE
-usr/share/licenses/mintty/LICENSE.Oxygen
-usr/share/licenses/mintty/LICENSE.PuTTY
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/mintty.1.gz
-usr/share/mintty/
-usr/share/mintty/lang/
-usr/share/mintty/lang/de.po
-usr/share/mintty/lang/en.po
-usr/share/mintty/lang/en_US.po
-usr/share/mintty/lang/es.po
-usr/share/mintty/lang/fr.po
-usr/share/mintty/lang/ja.po
-usr/share/mintty/lang/messages.pot
-usr/share/mintty/lang/ru.po
-usr/share/mintty/lang/zh_CN.po
-usr/share/mintty/themes/
-usr/share/mintty/themes/dracula
-usr/share/mintty/themes/flat-ui
-usr/share/mintty/themes/html
-usr/share/mintty/themes/mintty
-usr/share/mintty/themes/nord
-usr/share/mintty/themes/rosipov
-usr/share/mintty/themes/vga
-usr/share/mintty/themes/xterm
-
diff --git a/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/mtree b/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/mtree
deleted file mode 100644
index cecba9572..000000000
Binary files a/msys2/var/lib/pacman/local/mintty-1~2.8.5-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/desc b/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/desc
new file mode 100644
index 000000000..6535cf682
--- /dev/null
+++ b/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/desc
@@ -0,0 +1,42 @@
+%NAME%
+mintty
+
+%VERSION%
+1~3.0.0-1
+
+%BASE%
+mintty
+
+%DESC%
+Terminal emulator with native Windows look and feel
+
+%URL%
+https://mintty.github.io
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1555314135
+
+%INSTALLDATE%
+1558699098
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1491968
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+sh
+
diff --git a/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/files b/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/files
new file mode 100644
index 000000000..b1cacded3
--- /dev/null
+++ b/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/files
@@ -0,0 +1,61 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/getemojis
+usr/bin/mintheme
+usr/bin/mintty.exe
+usr/share/
+usr/share/icons/
+usr/share/icons/hicolor/
+usr/share/icons/hicolor/16x16/
+usr/share/icons/hicolor/16x16/apps/
+usr/share/icons/hicolor/16x16/apps/mintty.png
+usr/share/icons/hicolor/24x24/
+usr/share/icons/hicolor/24x24/apps/
+usr/share/icons/hicolor/24x24/apps/mintty.png
+usr/share/icons/hicolor/256x256/
+usr/share/icons/hicolor/256x256/apps/
+usr/share/icons/hicolor/256x256/apps/mintty.png
+usr/share/icons/hicolor/32x32/
+usr/share/icons/hicolor/32x32/apps/
+usr/share/icons/hicolor/32x32/apps/mintty.png
+usr/share/icons/hicolor/48x48/
+usr/share/icons/hicolor/48x48/apps/
+usr/share/icons/hicolor/48x48/apps/mintty.png
+usr/share/icons/hicolor/64x64/
+usr/share/icons/hicolor/64x64/apps/
+usr/share/icons/hicolor/64x64/apps/mintty.png
+usr/share/licenses/
+usr/share/licenses/mintty/
+usr/share/licenses/mintty/LICENSE
+usr/share/licenses/mintty/LICENSE.Oxygen
+usr/share/licenses/mintty/LICENSE.PuTTY
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/mintty.1.gz
+usr/share/mintty/
+usr/share/mintty/icon/
+usr/share/mintty/icon/wsl.ico
+usr/share/mintty/lang/
+usr/share/mintty/lang/de.po
+usr/share/mintty/lang/en.po
+usr/share/mintty/lang/en_US.po
+usr/share/mintty/lang/es.po
+usr/share/mintty/lang/fr.po
+usr/share/mintty/lang/ja.po
+usr/share/mintty/lang/messages.pot
+usr/share/mintty/lang/pt_BR.po
+usr/share/mintty/lang/ru.po
+usr/share/mintty/lang/zh_CN.po
+usr/share/mintty/lang/zh_TW.po
+usr/share/mintty/themes/
+usr/share/mintty/themes/dracula
+usr/share/mintty/themes/flat-ui
+usr/share/mintty/themes/html
+usr/share/mintty/themes/mintty
+usr/share/mintty/themes/nord
+usr/share/mintty/themes/rosipov
+usr/share/mintty/themes/vga
+usr/share/mintty/themes/windows10
+usr/share/mintty/themes/xterm
+
diff --git a/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/mtree b/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/mtree
new file mode 100644
index 000000000..c648bae66
Binary files /dev/null and b/msys2/var/lib/pacman/local/mintty-1~3.0.0-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/mpfr-4.0.1-1/desc b/msys2/var/lib/pacman/local/mpfr-4.0.1-1/desc
deleted file mode 100644
index e1d6574bd..000000000
--- a/msys2/var/lib/pacman/local/mpfr-4.0.1-1/desc
+++ /dev/null
@@ -1,45 +0,0 @@
-%NAME%
-mpfr
-
-%VERSION%
-4.0.1-1
-
-%BASE%
-mpfr
-
-%DESC%
-Multiple-precision floating-point library
-
-%URL%
-http://www.mpfr.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518179010
-
-%INSTALLDATE%
-1527758875
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-651264
-
-%REASON%
-1
-
-%GROUPS%
-libraries
-
-%LICENSE%
-LGPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gmp>=5.0
-
diff --git a/msys2/var/lib/pacman/local/mpfr-4.0.1-1/files b/msys2/var/lib/pacman/local/mpfr-4.0.1-1/files
deleted file mode 100644
index 525cd3c66..000000000
--- a/msys2/var/lib/pacman/local/mpfr-4.0.1-1/files
+++ /dev/null
@@ -1,24 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/msys-mpfr-6.dll
-usr/share/
-usr/share/doc/
-usr/share/doc/mpfr/
-usr/share/doc/mpfr/AUTHORS
-usr/share/doc/mpfr/BUGS
-usr/share/doc/mpfr/COPYING
-usr/share/doc/mpfr/COPYING.LESSER
-usr/share/doc/mpfr/FAQ.html
-usr/share/doc/mpfr/NEWS
-usr/share/doc/mpfr/TODO
-usr/share/doc/mpfr/examples/
-usr/share/doc/mpfr/examples/ReadMe
-usr/share/doc/mpfr/examples/can_round.c
-usr/share/doc/mpfr/examples/divworst.c
-usr/share/doc/mpfr/examples/rndo-add.c
-usr/share/doc/mpfr/examples/sample.c
-usr/share/doc/mpfr/examples/version.c
-usr/share/info/
-usr/share/info/mpfr.info.gz
-
diff --git a/msys2/var/lib/pacman/local/mpfr-4.0.1-1/mtree b/msys2/var/lib/pacman/local/mpfr-4.0.1-1/mtree
deleted file mode 100644
index 5d0e9cc41..000000000
Binary files a/msys2/var/lib/pacman/local/mpfr-4.0.1-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/mpfr-4.0.2-1/desc b/msys2/var/lib/pacman/local/mpfr-4.0.2-1/desc
new file mode 100644
index 000000000..0ded0b466
--- /dev/null
+++ b/msys2/var/lib/pacman/local/mpfr-4.0.2-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+mpfr
+
+%VERSION%
+4.0.2-1
+
+%BASE%
+mpfr
+
+%DESC%
+Multiple-precision floating-point library
+
+%URL%
+http://www.mpfr.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1549531472
+
+%INSTALLDATE%
+1558699097
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+646144
+
+%REASON%
+1
+
+%GROUPS%
+libraries
+
+%LICENSE%
+LGPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gmp>=5.0
+
diff --git a/msys2/var/lib/pacman/local/mpfr-4.0.2-1/files b/msys2/var/lib/pacman/local/mpfr-4.0.2-1/files
new file mode 100644
index 000000000..15817c7cd
--- /dev/null
+++ b/msys2/var/lib/pacman/local/mpfr-4.0.2-1/files
@@ -0,0 +1,24 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/msys-mpfr-6.dll
+usr/share/
+usr/share/doc/
+usr/share/doc/mpfr/
+usr/share/doc/mpfr/AUTHORS
+usr/share/doc/mpfr/BUGS
+usr/share/doc/mpfr/COPYING
+usr/share/doc/mpfr/COPYING.LESSER
+usr/share/doc/mpfr/examples/
+usr/share/doc/mpfr/examples/can_round.c
+usr/share/doc/mpfr/examples/divworst.c
+usr/share/doc/mpfr/examples/ReadMe
+usr/share/doc/mpfr/examples/rndo-add.c
+usr/share/doc/mpfr/examples/sample.c
+usr/share/doc/mpfr/examples/version.c
+usr/share/doc/mpfr/FAQ.html
+usr/share/doc/mpfr/NEWS
+usr/share/doc/mpfr/TODO
+usr/share/info/
+usr/share/info/mpfr.info.gz
+
diff --git a/msys2/var/lib/pacman/local/mpfr-4.0.1-1/install b/msys2/var/lib/pacman/local/mpfr-4.0.2-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/mpfr-4.0.1-1/install
rename to msys2/var/lib/pacman/local/mpfr-4.0.2-1/install
diff --git a/msys2/var/lib/pacman/local/mpfr-4.0.2-1/mtree b/msys2/var/lib/pacman/local/mpfr-4.0.2-1/mtree
new file mode 100644
index 000000000..7c0029917
Binary files /dev/null and b/msys2/var/lib/pacman/local/mpfr-4.0.2-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/msys2-keyring-r9.397a52e-1/desc b/msys2/var/lib/pacman/local/msys2-keyring-r9.397a52e-1/desc
index 735602693..3ff894126 100644
--- a/msys2/var/lib/pacman/local/msys2-keyring-r9.397a52e-1/desc
+++ b/msys2/var/lib/pacman/local/msys2-keyring-r9.397a52e-1/desc
@@ -17,7 +17,7 @@ any
 1442302148
 
 %INSTALLDATE%
-1527758876
+1558699098
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/msys2-launcher-git-0.3.32.56c2ba7-2/desc b/msys2/var/lib/pacman/local/msys2-launcher-git-0.3.32.56c2ba7-2/desc
index b15338970..1f1fa542f 100644
--- a/msys2/var/lib/pacman/local/msys2-launcher-git-0.3.32.56c2ba7-2/desc
+++ b/msys2/var/lib/pacman/local/msys2-launcher-git-0.3.32.56c2ba7-2/desc
@@ -17,7 +17,7 @@ i686
 1473273475
 
 %INSTALLDATE%
-1527758877
+1558699099
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/desc b/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/desc
deleted file mode 100644
index 75ad5a0cb..000000000
--- a/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/desc
+++ /dev/null
@@ -1,47 +0,0 @@
-%NAME%
-msys2-runtime
-
-%VERSION%
-2.10.0-2
-
-%BASE%
-msys2-runtime
-
-%DESC%
-Posix emulation engine for Windows
-
-%URL%
-https://www.cygwin.com/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518178067
-
-%INSTALLDATE%
-1527758841
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-11220992
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%REPLACES%
-catgets
-libcatgets
-
-%CONFLICTS%
-catgets
-libcatgets
-
diff --git a/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/files b/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/files
deleted file mode 100644
index fdb0453fc..000000000
--- a/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/files
+++ /dev/null
@@ -1,45 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/cygcheck.exe
-usr/bin/cygpath.exe
-usr/bin/cygwin-console-helper.exe
-usr/bin/dumper.exe
-usr/bin/gencat.exe
-usr/bin/getconf.exe
-usr/bin/getfacl.exe
-usr/bin/kill.exe
-usr/bin/ldd.exe
-usr/bin/ldh.exe
-usr/bin/locale.exe
-usr/bin/minidumper.exe
-usr/bin/mkgroup.exe
-usr/bin/mkpasswd.exe
-usr/bin/mount.exe
-usr/bin/msys-2.0.dll
-usr/bin/passwd.exe
-usr/bin/pldd.exe
-usr/bin/ps.exe
-usr/bin/regtool.exe
-usr/bin/setfacl.exe
-usr/bin/setmetamode.exe
-usr/bin/ssp.exe
-usr/bin/strace.exe
-usr/bin/tzset.exe
-usr/bin/umount.exe
-usr/share/
-usr/share/cygwin/
-usr/share/cygwin/cygwin.ldif
-usr/share/doc/
-usr/share/doc/Msys/
-usr/share/doc/Msys/COPYING
-usr/share/doc/Msys/CYGWIN_LICENSE
-usr/share/doc/Msys/cygserver.README
-usr/share/man/
-usr/share/man/man2/
-usr/share/man/man3/
-usr/share/man/man3/regex.3.gz
-usr/share/man/man5/
-usr/share/man/man7/
-usr/share/man/man7/regex.7.gz
-
diff --git a/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/mtree b/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/mtree
deleted file mode 100644
index bcf2e6556..000000000
Binary files a/msys2/var/lib/pacman/local/msys2-runtime-2.10.0-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/desc b/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/desc
new file mode 100644
index 000000000..6b2aff086
--- /dev/null
+++ b/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/desc
@@ -0,0 +1,47 @@
+%NAME%
+msys2-runtime
+
+%VERSION%
+3.0.7-2
+
+%BASE%
+msys2-runtime
+
+%DESC%
+Posix emulation engine for Windows
+
+%URL%
+https://www.cygwin.com/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1558695586
+
+%INSTALLDATE%
+1558699045
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+11777024
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%REPLACES%
+catgets
+libcatgets
+
+%CONFLICTS%
+catgets
+libcatgets
+
diff --git a/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/files b/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/files
new file mode 100644
index 000000000..7e0efff85
--- /dev/null
+++ b/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/files
@@ -0,0 +1,47 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/chattr.exe
+usr/bin/cygcheck.exe
+usr/bin/cygpath.exe
+usr/bin/cygwin-console-helper.exe
+usr/bin/dumper.exe
+usr/bin/gencat.exe
+usr/bin/getconf.exe
+usr/bin/getfacl.exe
+usr/bin/kill.exe
+usr/bin/ldd.exe
+usr/bin/ldh.exe
+usr/bin/locale.exe
+usr/bin/lsattr.exe
+usr/bin/minidumper.exe
+usr/bin/mkgroup.exe
+usr/bin/mkpasswd.exe
+usr/bin/mount.exe
+usr/bin/msys-2.0.dll
+usr/bin/passwd.exe
+usr/bin/pldd.exe
+usr/bin/ps.exe
+usr/bin/regtool.exe
+usr/bin/setfacl.exe
+usr/bin/setmetamode.exe
+usr/bin/ssp.exe
+usr/bin/strace.exe
+usr/bin/tzset.exe
+usr/bin/umount.exe
+usr/share/
+usr/share/cygwin/
+usr/share/cygwin/cygwin.ldif
+usr/share/doc/
+usr/share/doc/Msys/
+usr/share/doc/Msys/COPYING
+usr/share/doc/Msys/cygserver.README
+usr/share/doc/Msys/CYGWIN_LICENSE
+usr/share/man/
+usr/share/man/man2/
+usr/share/man/man3/
+usr/share/man/man3/regex.3.gz
+usr/share/man/man5/
+usr/share/man/man7/
+usr/share/man/man7/regex.7.gz
+
diff --git a/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/mtree b/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/mtree
new file mode 100644
index 000000000..25f76d20b
Binary files /dev/null and b/msys2/var/lib/pacman/local/msys2-runtime-3.0.7-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/desc b/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/desc
deleted file mode 100644
index bbae10b54..000000000
--- a/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/desc
+++ /dev/null
@@ -1,43 +0,0 @@
-%NAME%
-ncurses
-
-%VERSION%
-6.1.20180526-1
-
-%BASE%
-ncurses
-
-%DESC%
-System V Release 4.0 curses emulation library
-
-%URL%
-https://www.gnu.org/software/ncurses/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1527747864
-
-%INSTALLDATE%
-1527758860
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-9789440
-
-%GROUPS%
-base
-
-%LICENSE%
-MIT
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-runtime
-gcc-libs
-
diff --git a/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/files b/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/files
deleted file mode 100644
index ff6f379a3..000000000
--- a/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/files
+++ /dev/null
@@ -1,6503 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/captoinfo.exe
-usr/bin/clear.exe
-usr/bin/infocmp.exe
-usr/bin/infotocap.exe
-usr/bin/msys-formw6.dll
-usr/bin/msys-menuw6.dll
-usr/bin/msys-ncurses++w6.dll
-usr/bin/msys-ncursesw6.dll
-usr/bin/msys-panelw6.dll
-usr/bin/msys-ticw6.dll
-usr/bin/reset.exe
-usr/bin/tabs.exe
-usr/bin/tic.exe
-usr/bin/toe.exe
-usr/bin/tput.exe
-usr/bin/tset.exe
-usr/lib/
-usr/lib/terminfo/
-usr/lib/terminfo/31/
-usr/lib/terminfo/31/1178
-usr/lib/terminfo/31/1730-lm
-usr/lib/terminfo/32/
-usr/lib/terminfo/32/2621
-usr/lib/terminfo/32/2621-wl
-usr/lib/terminfo/32/2621A
-usr/lib/terminfo/33/
-usr/lib/terminfo/33/386at
-usr/lib/terminfo/33/3b1
-usr/lib/terminfo/34/
-usr/lib/terminfo/34/4025ex
-usr/lib/terminfo/34/4027ex
-usr/lib/terminfo/34/4410-w
-usr/lib/terminfo/35/
-usr/lib/terminfo/35/5051
-usr/lib/terminfo/35/5410-w
-usr/lib/terminfo/35/5620
-usr/lib/terminfo/35/5630-24
-usr/lib/terminfo/35/5630DMD-24
-usr/lib/terminfo/36/
-usr/lib/terminfo/36/6053
-usr/lib/terminfo/36/6053-dg
-usr/lib/terminfo/36/605x
-usr/lib/terminfo/36/605x-dg
-usr/lib/terminfo/36/630-lm
-usr/lib/terminfo/36/630MTG-24
-usr/lib/terminfo/37/
-usr/lib/terminfo/37/730MTG-24
-usr/lib/terminfo/37/730MTG-41
-usr/lib/terminfo/37/730MTG-41r
-usr/lib/terminfo/37/730MTGr
-usr/lib/terminfo/37/730MTGr-24
-usr/lib/terminfo/38/
-usr/lib/terminfo/38/8510
-usr/lib/terminfo/39/
-usr/lib/terminfo/39/955-hb
-usr/lib/terminfo/39/955-w
-usr/lib/terminfo/39/9term
-usr/lib/terminfo/41/
-usr/lib/terminfo/41/Apple_Terminal
-usr/lib/terminfo/45/
-usr/lib/terminfo/45/Eterm
-usr/lib/terminfo/45/Eterm-256color
-usr/lib/terminfo/45/Eterm-88color
-usr/lib/terminfo/45/Eterm-color
-usr/lib/terminfo/4c/
-usr/lib/terminfo/4c/LFT-PC850
-usr/lib/terminfo/4d/
-usr/lib/terminfo/4d/MtxOrb
-usr/lib/terminfo/4d/MtxOrb162
-usr/lib/terminfo/4d/MtxOrb204
-usr/lib/terminfo/4e/
-usr/lib/terminfo/4e/NCR260VT300WPP
-usr/lib/terminfo/4e/NCRVT100WPP
-usr/lib/terminfo/50/
-usr/lib/terminfo/50/P12
-usr/lib/terminfo/50/P12-M
-usr/lib/terminfo/50/P12-M-W
-usr/lib/terminfo/50/P12-W
-usr/lib/terminfo/50/P14
-usr/lib/terminfo/50/P14-M
-usr/lib/terminfo/50/P14-M-W
-usr/lib/terminfo/50/P14-W
-usr/lib/terminfo/50/P4
-usr/lib/terminfo/50/P5
-usr/lib/terminfo/50/P7
-usr/lib/terminfo/50/P8
-usr/lib/terminfo/50/P8-W
-usr/lib/terminfo/50/P9
-usr/lib/terminfo/50/P9-8
-usr/lib/terminfo/50/P9-8-W
-usr/lib/terminfo/50/P9-W
-usr/lib/terminfo/51/
-usr/lib/terminfo/51/Q306-8-pc
-usr/lib/terminfo/51/Q310-vip-H
-usr/lib/terminfo/51/Q310-vip-H-am
-usr/lib/terminfo/51/Q310-vip-Hw
-usr/lib/terminfo/51/Q310-vip-w
-usr/lib/terminfo/51/Q310-vip-w-am
-usr/lib/terminfo/58/
-usr/lib/terminfo/58/X-hpterm
-usr/lib/terminfo/61/
-usr/lib/terminfo/61/a210
-usr/lib/terminfo/61/a80
-usr/lib/terminfo/61/a980
-usr/lib/terminfo/61/aa4080
-usr/lib/terminfo/61/aaa
-usr/lib/terminfo/61/aaa+dec
-usr/lib/terminfo/61/aaa+rv
-usr/lib/terminfo/61/aaa+unk
-usr/lib/terminfo/61/aaa-18
-usr/lib/terminfo/61/aaa-18-rv
-usr/lib/terminfo/61/aaa-20
-usr/lib/terminfo/61/aaa-22
-usr/lib/terminfo/61/aaa-24
-usr/lib/terminfo/61/aaa-24-rv
-usr/lib/terminfo/61/aaa-26
-usr/lib/terminfo/61/aaa-28
-usr/lib/terminfo/61/aaa-30
-usr/lib/terminfo/61/aaa-30-ctxt
-usr/lib/terminfo/61/aaa-30-rv
-usr/lib/terminfo/61/aaa-30-rv-ctxt
-usr/lib/terminfo/61/aaa-30-s
-usr/lib/terminfo/61/aaa-30-s-ctxt
-usr/lib/terminfo/61/aaa-30-s-rv
-usr/lib/terminfo/61/aaa-30-s-rv-ct
-usr/lib/terminfo/61/aaa-36
-usr/lib/terminfo/61/aaa-36-rv
-usr/lib/terminfo/61/aaa-40
-usr/lib/terminfo/61/aaa-40-rv
-usr/lib/terminfo/61/aaa-48
-usr/lib/terminfo/61/aaa-48-rv
-usr/lib/terminfo/61/aaa-60
-usr/lib/terminfo/61/aaa-60-dec-rv
-usr/lib/terminfo/61/aaa-60-rv
-usr/lib/terminfo/61/aaa-60-s
-usr/lib/terminfo/61/aaa-60-s-rv
-usr/lib/terminfo/61/aaa-ctxt
-usr/lib/terminfo/61/aaa-db
-usr/lib/terminfo/61/aaa-rv
-usr/lib/terminfo/61/aaa-rv-ctxt
-usr/lib/terminfo/61/aaa-rv-unk
-usr/lib/terminfo/61/aaa-s
-usr/lib/terminfo/61/aaa-s-ctxt
-usr/lib/terminfo/61/aaa-s-rv
-usr/lib/terminfo/61/aaa-s-rv-ctxt
-usr/lib/terminfo/61/aaa-unk
-usr/lib/terminfo/61/aas1901
-usr/lib/terminfo/61/abm80
-usr/lib/terminfo/61/abm85
-usr/lib/terminfo/61/abm85e
-usr/lib/terminfo/61/abm85h
-usr/lib/terminfo/61/abm85h-old
-usr/lib/terminfo/61/act4
-usr/lib/terminfo/61/act5
-usr/lib/terminfo/61/addrinfo
-usr/lib/terminfo/61/adds980
-usr/lib/terminfo/61/addsviewpoint
-usr/lib/terminfo/61/addsvp60
-usr/lib/terminfo/61/adm+sgr
-usr/lib/terminfo/61/adm1
-usr/lib/terminfo/61/adm11
-usr/lib/terminfo/61/adm1178
-usr/lib/terminfo/61/adm12
-usr/lib/terminfo/61/adm1a
-usr/lib/terminfo/61/adm2
-usr/lib/terminfo/61/adm20
-usr/lib/terminfo/61/adm21
-usr/lib/terminfo/61/adm22
-usr/lib/terminfo/61/adm3
-usr/lib/terminfo/61/adm31
-usr/lib/terminfo/61/adm31-old
-usr/lib/terminfo/61/adm36
-usr/lib/terminfo/61/adm3a
-usr/lib/terminfo/61/adm3a+
-usr/lib/terminfo/61/adm42
-usr/lib/terminfo/61/adm42-ns
-usr/lib/terminfo/61/adm5
-usr/lib/terminfo/61/aepro
-usr/lib/terminfo/61/aixterm
-usr/lib/terminfo/61/aixterm-16color
-usr/lib/terminfo/61/aixterm-m
-usr/lib/terminfo/61/aixterm-m-old
-usr/lib/terminfo/61/aj
-usr/lib/terminfo/61/aj510
-usr/lib/terminfo/61/aj830
-usr/lib/terminfo/61/aj832
-usr/lib/terminfo/61/alt2
-usr/lib/terminfo/61/alt3
-usr/lib/terminfo/61/alt4
-usr/lib/terminfo/61/alt5
-usr/lib/terminfo/61/alt7
-usr/lib/terminfo/61/alt7pc
-usr/lib/terminfo/61/alto-h19
-usr/lib/terminfo/61/alto-heath
-usr/lib/terminfo/61/altoh19
-usr/lib/terminfo/61/altoheath
-usr/lib/terminfo/61/altos-2
-usr/lib/terminfo/61/altos-3
-usr/lib/terminfo/61/altos-4
-usr/lib/terminfo/61/altos-5
-usr/lib/terminfo/61/altos2
-usr/lib/terminfo/61/altos3
-usr/lib/terminfo/61/altos4
-usr/lib/terminfo/61/altos5
-usr/lib/terminfo/61/altos7
-usr/lib/terminfo/61/altos7pc
-usr/lib/terminfo/61/ambas
-usr/lib/terminfo/61/ambassador
-usr/lib/terminfo/61/amiga
-usr/lib/terminfo/61/amiga-8bit
-usr/lib/terminfo/61/amiga-h
-usr/lib/terminfo/61/amiga-vnc
-usr/lib/terminfo/61/amp219
-usr/lib/terminfo/61/amp219w
-usr/lib/terminfo/61/ampex-219
-usr/lib/terminfo/61/ampex-219w
-usr/lib/terminfo/61/ampex-232
-usr/lib/terminfo/61/ampex175
-usr/lib/terminfo/61/ampex175-b
-usr/lib/terminfo/61/ampex210
-usr/lib/terminfo/61/ampex219
-usr/lib/terminfo/61/ampex219w
-usr/lib/terminfo/61/ampex232
-usr/lib/terminfo/61/ampex232w
-usr/lib/terminfo/61/ampex80
-usr/lib/terminfo/61/annarbor4080
-usr/lib/terminfo/61/ansi
-usr/lib/terminfo/61/ansi+arrows
-usr/lib/terminfo/61/ansi+csr
-usr/lib/terminfo/61/ansi+cup
-usr/lib/terminfo/61/ansi+enq
-usr/lib/terminfo/61/ansi+erase
-usr/lib/terminfo/61/ansi+idc
-usr/lib/terminfo/61/ansi+idc1
-usr/lib/terminfo/61/ansi+idl
-usr/lib/terminfo/61/ansi+idl1
-usr/lib/terminfo/61/ansi+inittabs
-usr/lib/terminfo/61/ansi+local
-usr/lib/terminfo/61/ansi+local1
-usr/lib/terminfo/61/ansi+pp
-usr/lib/terminfo/61/ansi+rca
-usr/lib/terminfo/61/ansi+rep
-usr/lib/terminfo/61/ansi+sgr
-usr/lib/terminfo/61/ansi+sgrbold
-usr/lib/terminfo/61/ansi+sgrdim
-usr/lib/terminfo/61/ansi+sgrso
-usr/lib/terminfo/61/ansi+sgrul
-usr/lib/terminfo/61/ansi+tabs
-usr/lib/terminfo/61/ansi-color-2-emx
-usr/lib/terminfo/61/ansi-color-3-emx
-usr/lib/terminfo/61/ansi-emx
-usr/lib/terminfo/61/ansi-generic
-usr/lib/terminfo/61/ansi-m
-usr/lib/terminfo/61/ansi-mini
-usr/lib/terminfo/61/ansi-mono
-usr/lib/terminfo/61/ansi-mr
-usr/lib/terminfo/61/ansi-mtabs
-usr/lib/terminfo/61/ansi-nt
-usr/lib/terminfo/61/ansi.sys
-usr/lib/terminfo/61/ansi.sys-old
-usr/lib/terminfo/61/ansi.sysk
-usr/lib/terminfo/61/ansi43m
-usr/lib/terminfo/61/ansi77
-usr/lib/terminfo/61/ansi80x25
-usr/lib/terminfo/61/ansi80x25-mono
-usr/lib/terminfo/61/ansi80x25-raw
-usr/lib/terminfo/61/ansi80x30
-usr/lib/terminfo/61/ansi80x30-mono
-usr/lib/terminfo/61/ansi80x43
-usr/lib/terminfo/61/ansi80x43-mono
-usr/lib/terminfo/61/ansi80x50
-usr/lib/terminfo/61/ansi80x50-mono
-usr/lib/terminfo/61/ansi80x60
-usr/lib/terminfo/61/ansi80x60-mono
-usr/lib/terminfo/61/ansil
-usr/lib/terminfo/61/ansil-mono
-usr/lib/terminfo/61/ansis
-usr/lib/terminfo/61/ansis-mono
-usr/lib/terminfo/61/ansisysk
-usr/lib/terminfo/61/ansiterm
-usr/lib/terminfo/61/ansiw
-usr/lib/terminfo/61/ap-vm80
-usr/lib/terminfo/61/apl
-usr/lib/terminfo/61/apollo
-usr/lib/terminfo/61/apollo_15P
-usr/lib/terminfo/61/apollo_19L
-usr/lib/terminfo/61/apollo_color
-usr/lib/terminfo/61/apple-80
-usr/lib/terminfo/61/apple-ae
-usr/lib/terminfo/61/apple-soroc
-usr/lib/terminfo/61/apple-uterm
-usr/lib/terminfo/61/apple-uterm-vb
-usr/lib/terminfo/61/apple-videx
-usr/lib/terminfo/61/apple-videx2
-usr/lib/terminfo/61/apple-videx3
-usr/lib/terminfo/61/apple-vm80
-usr/lib/terminfo/61/apple2e
-usr/lib/terminfo/61/apple2e-p
-usr/lib/terminfo/61/apple80p
-usr/lib/terminfo/61/appleII
-usr/lib/terminfo/61/appleIIc
-usr/lib/terminfo/61/appleIIe
-usr/lib/terminfo/61/appleIIgs
-usr/lib/terminfo/61/arm100
-usr/lib/terminfo/61/arm100-am
-usr/lib/terminfo/61/arm100-w
-usr/lib/terminfo/61/arm100-wam
-usr/lib/terminfo/61/at
-usr/lib/terminfo/61/at-color
-usr/lib/terminfo/61/at-m
-usr/lib/terminfo/61/at386
-usr/lib/terminfo/61/atari
-usr/lib/terminfo/61/atari-color
-usr/lib/terminfo/61/atari-m
-usr/lib/terminfo/61/atari-old
-usr/lib/terminfo/61/atari_st
-usr/lib/terminfo/61/atari_st-color
-usr/lib/terminfo/61/atarist-m
-usr/lib/terminfo/61/aterm
-usr/lib/terminfo/61/att2300
-usr/lib/terminfo/61/att2350
-usr/lib/terminfo/61/att4410
-usr/lib/terminfo/61/att4410-w
-usr/lib/terminfo/61/att4410v1
-usr/lib/terminfo/61/att4410v1-w
-usr/lib/terminfo/61/att4415
-usr/lib/terminfo/61/att4415+nl
-usr/lib/terminfo/61/att4415-nl
-usr/lib/terminfo/61/att4415-rv
-usr/lib/terminfo/61/att4415-rv-nl
-usr/lib/terminfo/61/att4415-w
-usr/lib/terminfo/61/att4415-w-nl
-usr/lib/terminfo/61/att4415-w-rv
-usr/lib/terminfo/61/att4415-w-rv-n
-usr/lib/terminfo/61/att4418
-usr/lib/terminfo/61/att4418-w
-usr/lib/terminfo/61/att4420
-usr/lib/terminfo/61/att4424
-usr/lib/terminfo/61/att4424-1
-usr/lib/terminfo/61/att4424m
-usr/lib/terminfo/61/att4425
-usr/lib/terminfo/61/att4425-nl
-usr/lib/terminfo/61/att4425-w
-usr/lib/terminfo/61/att4426
-usr/lib/terminfo/61/att500
-usr/lib/terminfo/61/att505
-usr/lib/terminfo/61/att505-24
-usr/lib/terminfo/61/att510a
-usr/lib/terminfo/61/att510d
-usr/lib/terminfo/61/att513
-usr/lib/terminfo/61/att5310
-usr/lib/terminfo/61/att5320
-usr/lib/terminfo/61/att5410
-usr/lib/terminfo/61/att5410-w
-usr/lib/terminfo/61/att5410v1
-usr/lib/terminfo/61/att5410v1-w
-usr/lib/terminfo/61/att5418
-usr/lib/terminfo/61/att5418-w
-usr/lib/terminfo/61/att5420
-usr/lib/terminfo/61/att5420+nl
-usr/lib/terminfo/61/att5420-nl
-usr/lib/terminfo/61/att5420-rv
-usr/lib/terminfo/61/att5420-rv-nl
-usr/lib/terminfo/61/att5420-w
-usr/lib/terminfo/61/att5420-w-nl
-usr/lib/terminfo/61/att5420-w-rv
-usr/lib/terminfo/61/att5420-w-rv-n
-usr/lib/terminfo/61/att5420_2
-usr/lib/terminfo/61/att5420_2-w
-usr/lib/terminfo/61/att5425
-usr/lib/terminfo/61/att5425-nl
-usr/lib/terminfo/61/att5425-w
-usr/lib/terminfo/61/att5430
-usr/lib/terminfo/61/att5620
-usr/lib/terminfo/61/att5620-1
-usr/lib/terminfo/61/att5620-24
-usr/lib/terminfo/61/att5620-34
-usr/lib/terminfo/61/att5620-s
-usr/lib/terminfo/61/att605
-usr/lib/terminfo/61/att605-pc
-usr/lib/terminfo/61/att605-w
-usr/lib/terminfo/61/att610
-usr/lib/terminfo/61/att610-103k
-usr/lib/terminfo/61/att610-103k-w
-usr/lib/terminfo/61/att610-w
-usr/lib/terminfo/61/att615
-usr/lib/terminfo/61/att615-103k
-usr/lib/terminfo/61/att615-103k-w
-usr/lib/terminfo/61/att615-w
-usr/lib/terminfo/61/att620
-usr/lib/terminfo/61/att620-103k
-usr/lib/terminfo/61/att620-103k-w
-usr/lib/terminfo/61/att620-w
-usr/lib/terminfo/61/att630
-usr/lib/terminfo/61/att630-24
-usr/lib/terminfo/61/att6386
-usr/lib/terminfo/61/att700
-usr/lib/terminfo/61/att730
-usr/lib/terminfo/61/att730-24
-usr/lib/terminfo/61/att730-41
-usr/lib/terminfo/61/att7300
-usr/lib/terminfo/61/att730r
-usr/lib/terminfo/61/att730r-24
-usr/lib/terminfo/61/att730r-41
-usr/lib/terminfo/61/avatar
-usr/lib/terminfo/61/avatar0
-usr/lib/terminfo/61/avatar0+
-usr/lib/terminfo/61/avatar1
-usr/lib/terminfo/61/avt
-usr/lib/terminfo/61/avt+s
-usr/lib/terminfo/61/avt-ns
-usr/lib/terminfo/61/avt-rv
-usr/lib/terminfo/61/avt-rv-ns
-usr/lib/terminfo/61/avt-rv-s
-usr/lib/terminfo/61/avt-s
-usr/lib/terminfo/61/avt-w
-usr/lib/terminfo/61/avt-w-ns
-usr/lib/terminfo/61/avt-w-rv
-usr/lib/terminfo/61/avt-w-rv-ns
-usr/lib/terminfo/61/avt-w-rv-s
-usr/lib/terminfo/61/avt-w-s
-usr/lib/terminfo/61/aws
-usr/lib/terminfo/61/awsc
-usr/lib/terminfo/62/
-usr/lib/terminfo/62/b-128
-usr/lib/terminfo/62/bantam
-usr/lib/terminfo/62/basic4
-usr/lib/terminfo/62/basis
-usr/lib/terminfo/62/bct510a
-usr/lib/terminfo/62/bct510d
-usr/lib/terminfo/62/beacon
-usr/lib/terminfo/62/bee
-usr/lib/terminfo/62/beehive
-usr/lib/terminfo/62/beehive3
-usr/lib/terminfo/62/beehive4
-usr/lib/terminfo/62/beehiveIIIm
-usr/lib/terminfo/62/beterm
-usr/lib/terminfo/62/bg1.25
-usr/lib/terminfo/62/bg1.25nv
-usr/lib/terminfo/62/bg1.25rv
-usr/lib/terminfo/62/bg2.0
-usr/lib/terminfo/62/bg2.0nv
-usr/lib/terminfo/62/bg2.0rv
-usr/lib/terminfo/62/bg3.10
-usr/lib/terminfo/62/bg3.10nv
-usr/lib/terminfo/62/bg3.10rv
-usr/lib/terminfo/62/bh3m
-usr/lib/terminfo/62/bh4
-usr/lib/terminfo/62/bitgraph
-usr/lib/terminfo/62/blit
-usr/lib/terminfo/62/bobcat
-usr/lib/terminfo/62/bq300
-usr/lib/terminfo/62/bq300-8
-usr/lib/terminfo/62/bq300-8-pc
-usr/lib/terminfo/62/bq300-8-pc-rv
-usr/lib/terminfo/62/bq300-8-pc-w
-usr/lib/terminfo/62/bq300-8-pc-w-rv
-usr/lib/terminfo/62/bq300-8rv
-usr/lib/terminfo/62/bq300-8w
-usr/lib/terminfo/62/bq300-pc
-usr/lib/terminfo/62/bq300-pc-rv
-usr/lib/terminfo/62/bq300-pc-w
-usr/lib/terminfo/62/bq300-pc-w-rv
-usr/lib/terminfo/62/bq300-rv
-usr/lib/terminfo/62/bq300-w
-usr/lib/terminfo/62/bq300-w-8rv
-usr/lib/terminfo/62/bq300-w-rv
-usr/lib/terminfo/62/bsdos-pc
-usr/lib/terminfo/62/bsdos-pc-m
-usr/lib/terminfo/62/bsdos-pc-mono
-usr/lib/terminfo/62/bsdos-pc-nobold
-usr/lib/terminfo/62/bsdos-ppc
-usr/lib/terminfo/62/bsdos-sparc
-usr/lib/terminfo/62/bterm
-usr/lib/terminfo/63/
-usr/lib/terminfo/63/c100
-usr/lib/terminfo/63/c100-1p
-usr/lib/terminfo/63/c100-4p
-usr/lib/terminfo/63/c100-rv
-usr/lib/terminfo/63/c100-rv-4p
-usr/lib/terminfo/63/c104
-usr/lib/terminfo/63/c108
-usr/lib/terminfo/63/c108-4p
-usr/lib/terminfo/63/c108-8p
-usr/lib/terminfo/63/c108-rv
-usr/lib/terminfo/63/c108-rv-4p
-usr/lib/terminfo/63/c108-rv-8p
-usr/lib/terminfo/63/c108-w
-usr/lib/terminfo/63/c108-w-8p
-usr/lib/terminfo/63/c300
-usr/lib/terminfo/63/c301
-usr/lib/terminfo/63/c321
-usr/lib/terminfo/63/ca22851
-usr/lib/terminfo/63/cad68-2
-usr/lib/terminfo/63/cad68-3
-usr/lib/terminfo/63/cbblit
-usr/lib/terminfo/63/cbunix
-usr/lib/terminfo/63/cci
-usr/lib/terminfo/63/cci1
-usr/lib/terminfo/63/cdc456
-usr/lib/terminfo/63/cdc721
-usr/lib/terminfo/63/cdc721-esc
-usr/lib/terminfo/63/cdc721ll
-usr/lib/terminfo/63/cdc752
-usr/lib/terminfo/63/cdc756
-usr/lib/terminfo/63/cg7900
-usr/lib/terminfo/63/cgc2
-usr/lib/terminfo/63/cgc3
-usr/lib/terminfo/63/chromatics
-usr/lib/terminfo/63/ci8510
-usr/lib/terminfo/63/cit-80
-usr/lib/terminfo/63/cit101
-usr/lib/terminfo/63/cit101e
-usr/lib/terminfo/63/cit101e-132
-usr/lib/terminfo/63/cit101e-n
-usr/lib/terminfo/63/cit101e-n132
-usr/lib/terminfo/63/cit101e-rv
-usr/lib/terminfo/63/cit500
-usr/lib/terminfo/63/cit80
-usr/lib/terminfo/63/citc
-usr/lib/terminfo/63/citoh
-usr/lib/terminfo/63/citoh-6lpi
-usr/lib/terminfo/63/citoh-8lpi
-usr/lib/terminfo/63/citoh-comp
-usr/lib/terminfo/63/citoh-elite
-usr/lib/terminfo/63/citoh-pica
-usr/lib/terminfo/63/citoh-prop
-usr/lib/terminfo/63/citoh-ps
-usr/lib/terminfo/63/coco3
-usr/lib/terminfo/63/coherent
-usr/lib/terminfo/63/color_xterm
-usr/lib/terminfo/63/colorscan
-usr/lib/terminfo/63/commodore
-usr/lib/terminfo/63/concept
-usr/lib/terminfo/63/concept-avt
-usr/lib/terminfo/63/concept100
-usr/lib/terminfo/63/concept100-rv
-usr/lib/terminfo/63/concept108
-usr/lib/terminfo/63/concept108-4p
-usr/lib/terminfo/63/concept108-8p
-usr/lib/terminfo/63/concept108-w-8
-usr/lib/terminfo/63/concept108-w8p
-usr/lib/terminfo/63/concept108rv4p
-usr/lib/terminfo/63/cons25
-usr/lib/terminfo/63/cons25-debian
-usr/lib/terminfo/63/cons25-iso-m
-usr/lib/terminfo/63/cons25-iso8859
-usr/lib/terminfo/63/cons25-koi8-r
-usr/lib/terminfo/63/cons25-koi8r-m
-usr/lib/terminfo/63/cons25-m
-usr/lib/terminfo/63/cons25l1
-usr/lib/terminfo/63/cons25l1-m
-usr/lib/terminfo/63/cons25r
-usr/lib/terminfo/63/cons25r-m
-usr/lib/terminfo/63/cons25w
-usr/lib/terminfo/63/cons30
-usr/lib/terminfo/63/cons30-m
-usr/lib/terminfo/63/cons43
-usr/lib/terminfo/63/cons43-m
-usr/lib/terminfo/63/cons50
-usr/lib/terminfo/63/cons50-iso-m
-usr/lib/terminfo/63/cons50-iso8859
-usr/lib/terminfo/63/cons50-koi8r
-usr/lib/terminfo/63/cons50-koi8r-m
-usr/lib/terminfo/63/cons50-m
-usr/lib/terminfo/63/cons50l1
-usr/lib/terminfo/63/cons50l1-m
-usr/lib/terminfo/63/cons50r
-usr/lib/terminfo/63/cons50r-m
-usr/lib/terminfo/63/cons60
-usr/lib/terminfo/63/cons60-iso
-usr/lib/terminfo/63/cons60-iso-m
-usr/lib/terminfo/63/cons60-koi8r
-usr/lib/terminfo/63/cons60-koi8r-m
-usr/lib/terminfo/63/cons60-m
-usr/lib/terminfo/63/cons60l1
-usr/lib/terminfo/63/cons60l1-m
-usr/lib/terminfo/63/cons60r
-usr/lib/terminfo/63/cons60r-m
-usr/lib/terminfo/63/contel300
-usr/lib/terminfo/63/contel301
-usr/lib/terminfo/63/contel320
-usr/lib/terminfo/63/contel321
-usr/lib/terminfo/63/cops
-usr/lib/terminfo/63/cops-10
-usr/lib/terminfo/63/cops10
-usr/lib/terminfo/63/crt
-usr/lib/terminfo/63/crt-vt220
-usr/lib/terminfo/63/cs10
-usr/lib/terminfo/63/cs10-w
-usr/lib/terminfo/63/ct82
-usr/lib/terminfo/63/ct8500
-usr/lib/terminfo/63/ctrm
-usr/lib/terminfo/63/cx
-usr/lib/terminfo/63/cx100
-usr/lib/terminfo/63/cyb110
-usr/lib/terminfo/63/cyb83
-usr/lib/terminfo/63/cygwin
-usr/lib/terminfo/63/cygwinB19
-usr/lib/terminfo/63/cygwinDBG
-usr/lib/terminfo/64/
-usr/lib/terminfo/64/d132
-usr/lib/terminfo/64/d2
-usr/lib/terminfo/64/d2-dg
-usr/lib/terminfo/64/d200
-usr/lib/terminfo/64/d200-dg
-usr/lib/terminfo/64/d210
-usr/lib/terminfo/64/d210-dg
-usr/lib/terminfo/64/d211
-usr/lib/terminfo/64/d211-7b
-usr/lib/terminfo/64/d211-dg
-usr/lib/terminfo/64/d214
-usr/lib/terminfo/64/d214-dg
-usr/lib/terminfo/64/d215
-usr/lib/terminfo/64/d215-7b
-usr/lib/terminfo/64/d215-dg
-usr/lib/terminfo/64/d216+
-usr/lib/terminfo/64/d216+25
-usr/lib/terminfo/64/d216+dg
-usr/lib/terminfo/64/d216-dg
-usr/lib/terminfo/64/d216-unix
-usr/lib/terminfo/64/d216-unix-25
-usr/lib/terminfo/64/d216e+
-usr/lib/terminfo/64/d216e+dg
-usr/lib/terminfo/64/d216e-dg
-usr/lib/terminfo/64/d216e-unix
-usr/lib/terminfo/64/d217-dg
-usr/lib/terminfo/64/d217-unix
-usr/lib/terminfo/64/d217-unix-25
-usr/lib/terminfo/64/d220
-usr/lib/terminfo/64/d220-7b
-usr/lib/terminfo/64/d220-dg
-usr/lib/terminfo/64/d230
-usr/lib/terminfo/64/d230-dg
-usr/lib/terminfo/64/d230c
-usr/lib/terminfo/64/d230c-dg
-usr/lib/terminfo/64/d400
-usr/lib/terminfo/64/d400-dg
-usr/lib/terminfo/64/d410
-usr/lib/terminfo/64/d410-7b
-usr/lib/terminfo/64/d410-7b-w
-usr/lib/terminfo/64/d410-dg
-usr/lib/terminfo/64/d410-w
-usr/lib/terminfo/64/d411
-usr/lib/terminfo/64/d411-7b
-usr/lib/terminfo/64/d411-7b-w
-usr/lib/terminfo/64/d411-dg
-usr/lib/terminfo/64/d411-w
-usr/lib/terminfo/64/d412+
-usr/lib/terminfo/64/d412+25
-usr/lib/terminfo/64/d412+dg
-usr/lib/terminfo/64/d412+s
-usr/lib/terminfo/64/d412+sr
-usr/lib/terminfo/64/d412+w
-usr/lib/terminfo/64/d412-dg
-usr/lib/terminfo/64/d412-unix
-usr/lib/terminfo/64/d412-unix-25
-usr/lib/terminfo/64/d412-unix-s
-usr/lib/terminfo/64/d412-unix-sr
-usr/lib/terminfo/64/d412-unix-w
-usr/lib/terminfo/64/d413-dg
-usr/lib/terminfo/64/d413-unix
-usr/lib/terminfo/64/d413-unix-25
-usr/lib/terminfo/64/d413-unix-s
-usr/lib/terminfo/64/d413-unix-sr
-usr/lib/terminfo/64/d413-unix-w
-usr/lib/terminfo/64/d414-unix
-usr/lib/terminfo/64/d414-unix-25
-usr/lib/terminfo/64/d414-unix-s
-usr/lib/terminfo/64/d414-unix-sr
-usr/lib/terminfo/64/d414-unix-w
-usr/lib/terminfo/64/d430-dg
-usr/lib/terminfo/64/d430-dg-ccc
-usr/lib/terminfo/64/d430-unix
-usr/lib/terminfo/64/d430-unix-25
-usr/lib/terminfo/64/d430-unix-25-ccc
-usr/lib/terminfo/64/d430-unix-ccc
-usr/lib/terminfo/64/d430-unix-s
-usr/lib/terminfo/64/d430-unix-s-ccc
-usr/lib/terminfo/64/d430-unix-sr
-usr/lib/terminfo/64/d430-unix-sr-ccc
-usr/lib/terminfo/64/d430-unix-w
-usr/lib/terminfo/64/d430-unix-w-ccc
-usr/lib/terminfo/64/d430c-dg
-usr/lib/terminfo/64/d430c-dg-ccc
-usr/lib/terminfo/64/d430c-unix
-usr/lib/terminfo/64/d430c-unix-25
-usr/lib/terminfo/64/d430c-unix-25-ccc
-usr/lib/terminfo/64/d430c-unix-ccc
-usr/lib/terminfo/64/d430c-unix-s
-usr/lib/terminfo/64/d430c-unix-s-ccc
-usr/lib/terminfo/64/d430c-unix-sr
-usr/lib/terminfo/64/d430c-unix-sr-ccc
-usr/lib/terminfo/64/d430c-unix-w
-usr/lib/terminfo/64/d430c-unix-w-ccc
-usr/lib/terminfo/64/d450
-usr/lib/terminfo/64/d450-dg
-usr/lib/terminfo/64/d460
-usr/lib/terminfo/64/d460-7b
-usr/lib/terminfo/64/d460-7b-w
-usr/lib/terminfo/64/d460-dg
-usr/lib/terminfo/64/d460-w
-usr/lib/terminfo/64/d461
-usr/lib/terminfo/64/d461-7b
-usr/lib/terminfo/64/d461-7b-w
-usr/lib/terminfo/64/d461-dg
-usr/lib/terminfo/64/d461-w
-usr/lib/terminfo/64/d462+
-usr/lib/terminfo/64/d462+25
-usr/lib/terminfo/64/d462+dg
-usr/lib/terminfo/64/d462+s
-usr/lib/terminfo/64/d462+sr
-usr/lib/terminfo/64/d462+w
-usr/lib/terminfo/64/d462-dg
-usr/lib/terminfo/64/d462-unix
-usr/lib/terminfo/64/d462-unix-25
-usr/lib/terminfo/64/d462-unix-s
-usr/lib/terminfo/64/d462-unix-sr
-usr/lib/terminfo/64/d462-unix-w
-usr/lib/terminfo/64/d462e-dg
-usr/lib/terminfo/64/d463-dg
-usr/lib/terminfo/64/d463-unix
-usr/lib/terminfo/64/d463-unix-25
-usr/lib/terminfo/64/d463-unix-s
-usr/lib/terminfo/64/d463-unix-sr
-usr/lib/terminfo/64/d463-unix-w
-usr/lib/terminfo/64/d464-unix
-usr/lib/terminfo/64/d464-unix-25
-usr/lib/terminfo/64/d464-unix-s
-usr/lib/terminfo/64/d464-unix-sr
-usr/lib/terminfo/64/d464-unix-w
-usr/lib/terminfo/64/d470
-usr/lib/terminfo/64/d470-7b
-usr/lib/terminfo/64/d470-dg
-usr/lib/terminfo/64/d470c
-usr/lib/terminfo/64/d470c-7b
-usr/lib/terminfo/64/d470c-dg
-usr/lib/terminfo/64/d555
-usr/lib/terminfo/64/d555-7b
-usr/lib/terminfo/64/d555-7b-w
-usr/lib/terminfo/64/d555-dg
-usr/lib/terminfo/64/d555-w
-usr/lib/terminfo/64/d577
-usr/lib/terminfo/64/d577-7b
-usr/lib/terminfo/64/d577-7b-w
-usr/lib/terminfo/64/d577-dg
-usr/lib/terminfo/64/d577-w
-usr/lib/terminfo/64/d578
-usr/lib/terminfo/64/d578-7b
-usr/lib/terminfo/64/d578-dg
-usr/lib/terminfo/64/d80
-usr/lib/terminfo/64/d800
-usr/lib/terminfo/64/darwin
-usr/lib/terminfo/64/darwin-100x37
-usr/lib/terminfo/64/darwin-100x37-m
-usr/lib/terminfo/64/darwin-112x37
-usr/lib/terminfo/64/darwin-112x37-m
-usr/lib/terminfo/64/darwin-128x40
-usr/lib/terminfo/64/darwin-128x40-m
-usr/lib/terminfo/64/darwin-128x48
-usr/lib/terminfo/64/darwin-128x48-m
-usr/lib/terminfo/64/darwin-144x48
-usr/lib/terminfo/64/darwin-144x48-m
-usr/lib/terminfo/64/darwin-160x64
-usr/lib/terminfo/64/darwin-160x64-m
-usr/lib/terminfo/64/darwin-200x64
-usr/lib/terminfo/64/darwin-200x64-m
-usr/lib/terminfo/64/darwin-200x75
-usr/lib/terminfo/64/darwin-200x75-m
-usr/lib/terminfo/64/darwin-256x96
-usr/lib/terminfo/64/darwin-256x96-m
-usr/lib/terminfo/64/darwin-80x25
-usr/lib/terminfo/64/darwin-80x25-m
-usr/lib/terminfo/64/darwin-80x30
-usr/lib/terminfo/64/darwin-80x30-m
-usr/lib/terminfo/64/darwin-90x30
-usr/lib/terminfo/64/darwin-90x30-m
-usr/lib/terminfo/64/darwin-b
-usr/lib/terminfo/64/darwin-f
-usr/lib/terminfo/64/darwin-f2
-usr/lib/terminfo/64/darwin-m
-usr/lib/terminfo/64/darwin-m-b
-usr/lib/terminfo/64/darwin-m-f
-usr/lib/terminfo/64/darwin-m-f2
-usr/lib/terminfo/64/datagraphix
-usr/lib/terminfo/64/datamedia2500
-usr/lib/terminfo/64/datapoint
-usr/lib/terminfo/64/dataspeed40
-usr/lib/terminfo/64/dd5000
-usr/lib/terminfo/64/ddr
-usr/lib/terminfo/64/ddr3180
-usr/lib/terminfo/64/dec+pp
-usr/lib/terminfo/64/dec+sl
-usr/lib/terminfo/64/dec-vt100
-usr/lib/terminfo/64/dec-vt220
-usr/lib/terminfo/64/dec-vt330
-usr/lib/terminfo/64/dec-vt340
-usr/lib/terminfo/64/dec-vt400
-usr/lib/terminfo/64/decansi
-usr/lib/terminfo/64/decpro
-usr/lib/terminfo/64/decwriter
-usr/lib/terminfo/64/delta
-usr/lib/terminfo/64/dg+ccc
-usr/lib/terminfo/64/dg+color
-usr/lib/terminfo/64/dg+color8
-usr/lib/terminfo/64/dg+fixed
-usr/lib/terminfo/64/dg-ansi
-usr/lib/terminfo/64/dg-generic
-usr/lib/terminfo/64/dg100
-usr/lib/terminfo/64/dg200
-usr/lib/terminfo/64/dg210
-usr/lib/terminfo/64/dg211
-usr/lib/terminfo/64/dg450
-usr/lib/terminfo/64/dg460-ansi
-usr/lib/terminfo/64/dg6053
-usr/lib/terminfo/64/dg6053-old
-usr/lib/terminfo/64/dg605x
-usr/lib/terminfo/64/dg6134
-usr/lib/terminfo/64/dgkeys+11
-usr/lib/terminfo/64/dgkeys+15
-usr/lib/terminfo/64/dgkeys+7b
-usr/lib/terminfo/64/dgkeys+8b
-usr/lib/terminfo/64/dgmode+color
-usr/lib/terminfo/64/dgmode+color8
-usr/lib/terminfo/64/dgunix+ccc
-usr/lib/terminfo/64/dgunix+fixed
-usr/lib/terminfo/64/diablo
-usr/lib/terminfo/64/diablo-lm
-usr/lib/terminfo/64/diablo1620
-usr/lib/terminfo/64/diablo1620-m8
-usr/lib/terminfo/64/diablo1640
-usr/lib/terminfo/64/diablo1640-lm
-usr/lib/terminfo/64/diablo1640-m8
-usr/lib/terminfo/64/diablo1720
-usr/lib/terminfo/64/diablo1730
-usr/lib/terminfo/64/diablo1740
-usr/lib/terminfo/64/diablo1740-lm
-usr/lib/terminfo/64/diablo450
-usr/lib/terminfo/64/diablo630
-usr/lib/terminfo/64/dialogue
-usr/lib/terminfo/64/dialogue80
-usr/lib/terminfo/64/digilog
-usr/lib/terminfo/64/djgpp
-usr/lib/terminfo/64/djgpp203
-usr/lib/terminfo/64/djgpp204
-usr/lib/terminfo/64/dku7003
-usr/lib/terminfo/64/dku7003-dumb
-usr/lib/terminfo/64/dku7102
-usr/lib/terminfo/64/dku7102-old
-usr/lib/terminfo/64/dku7102-sna
-usr/lib/terminfo/64/dku7103-sna
-usr/lib/terminfo/64/dku7202
-usr/lib/terminfo/64/dm1520
-usr/lib/terminfo/64/dm1521
-usr/lib/terminfo/64/dm2500
-usr/lib/terminfo/64/dm3025
-usr/lib/terminfo/64/dm3045
-usr/lib/terminfo/64/dm80
-usr/lib/terminfo/64/dm80w
-usr/lib/terminfo/64/dmchat
-usr/lib/terminfo/64/dmd
-usr/lib/terminfo/64/dmd-24
-usr/lib/terminfo/64/dmd-34
-usr/lib/terminfo/64/dmd1
-usr/lib/terminfo/64/dmdt80
-usr/lib/terminfo/64/dmdt80w
-usr/lib/terminfo/64/dmterm
-usr/lib/terminfo/64/dp3360
-usr/lib/terminfo/64/dp8242
-usr/lib/terminfo/64/ds40
-usr/lib/terminfo/64/ds40-2
-usr/lib/terminfo/64/dt-100
-usr/lib/terminfo/64/dt-100w
-usr/lib/terminfo/64/dt100
-usr/lib/terminfo/64/dt100w
-usr/lib/terminfo/64/dt110
-usr/lib/terminfo/64/dt80
-usr/lib/terminfo/64/dt80-sas
-usr/lib/terminfo/64/dt80w
-usr/lib/terminfo/64/dtc300s
-usr/lib/terminfo/64/dtc382
-usr/lib/terminfo/64/dtterm
-usr/lib/terminfo/64/dumb
-usr/lib/terminfo/64/dumb-emacs-ansi
-usr/lib/terminfo/64/dvtm
-usr/lib/terminfo/64/dvtm-256color
-usr/lib/terminfo/64/dw
-usr/lib/terminfo/64/dw1
-usr/lib/terminfo/64/dw2
-usr/lib/terminfo/64/dw3
-usr/lib/terminfo/64/dw4
-usr/lib/terminfo/64/dwk
-usr/lib/terminfo/64/dwk-vt
-usr/lib/terminfo/65/
-usr/lib/terminfo/65/ecma+color
-usr/lib/terminfo/65/ecma+italics
-usr/lib/terminfo/65/ecma+sgr
-usr/lib/terminfo/65/ecma+strikeout
-usr/lib/terminfo/65/elks
-usr/lib/terminfo/65/elks-ansi
-usr/lib/terminfo/65/elks-glasstty
-usr/lib/terminfo/65/elks-vt52
-usr/lib/terminfo/65/emots
-usr/lib/terminfo/65/emu
-usr/lib/terminfo/65/emu-220
-usr/lib/terminfo/65/emx-base
-usr/lib/terminfo/65/env230
-usr/lib/terminfo/65/envision230
-usr/lib/terminfo/65/ep40
-usr/lib/terminfo/65/ep4000
-usr/lib/terminfo/65/ep4080
-usr/lib/terminfo/65/ep48
-usr/lib/terminfo/65/ergo4000
-usr/lib/terminfo/65/esprit
-usr/lib/terminfo/65/esprit-am
-usr/lib/terminfo/65/eterm
-usr/lib/terminfo/65/eterm-color
-usr/lib/terminfo/65/ex155
-usr/lib/terminfo/65/excel62
-usr/lib/terminfo/65/excel62-rv
-usr/lib/terminfo/65/excel62-w
-usr/lib/terminfo/65/excel64
-usr/lib/terminfo/65/excel64-rv
-usr/lib/terminfo/65/excel64-w
-usr/lib/terminfo/65/exec80
-usr/lib/terminfo/66/
-usr/lib/terminfo/66/f100
-usr/lib/terminfo/66/f100-rv
-usr/lib/terminfo/66/f110
-usr/lib/terminfo/66/f110-14
-usr/lib/terminfo/66/f110-14w
-usr/lib/terminfo/66/f110-w
-usr/lib/terminfo/66/f1720
-usr/lib/terminfo/66/f1720a
-usr/lib/terminfo/66/f200
-usr/lib/terminfo/66/f200-w
-usr/lib/terminfo/66/f200vi
-usr/lib/terminfo/66/f200vi-w
-usr/lib/terminfo/66/falco
-usr/lib/terminfo/66/falco-p
-usr/lib/terminfo/66/fbterm
-usr/lib/terminfo/66/fenix
-usr/lib/terminfo/66/fenixw
-usr/lib/terminfo/66/fixterm
-usr/lib/terminfo/66/fortune
-usr/lib/terminfo/66/fos
-usr/lib/terminfo/66/fox
-usr/lib/terminfo/66/freedom
-usr/lib/terminfo/66/freedom-rv
-usr/lib/terminfo/66/freedom100
-usr/lib/terminfo/66/freedom110
-usr/lib/terminfo/66/freedom200
-usr/lib/terminfo/67/
-usr/lib/terminfo/67/gator
-usr/lib/terminfo/67/gator-52
-usr/lib/terminfo/67/gator-52t
-usr/lib/terminfo/67/gator-t
-usr/lib/terminfo/67/gigi
-usr/lib/terminfo/67/glasstty
-usr/lib/terminfo/67/gnome
-usr/lib/terminfo/67/gnome+pcfkeys
-usr/lib/terminfo/67/gnome-2007
-usr/lib/terminfo/67/gnome-2008
-usr/lib/terminfo/67/gnome-2012
-usr/lib/terminfo/67/gnome-256color
-usr/lib/terminfo/67/gnome-fc5
-usr/lib/terminfo/67/gnome-rh62
-usr/lib/terminfo/67/gnome-rh72
-usr/lib/terminfo/67/gnome-rh80
-usr/lib/terminfo/67/gnome-rh90
-usr/lib/terminfo/67/go-225
-usr/lib/terminfo/67/go140
-usr/lib/terminfo/67/go140w
-usr/lib/terminfo/67/go225
-usr/lib/terminfo/67/graphos
-usr/lib/terminfo/67/graphos-30
-usr/lib/terminfo/67/gs5430
-usr/lib/terminfo/67/gs5430-22
-usr/lib/terminfo/67/gs5430-24
-usr/lib/terminfo/67/gs6300
-usr/lib/terminfo/67/gsi
-usr/lib/terminfo/67/gt100
-usr/lib/terminfo/67/gt100a
-usr/lib/terminfo/67/gt40
-usr/lib/terminfo/67/gt42
-usr/lib/terminfo/67/guru
-usr/lib/terminfo/67/guru+rv
-usr/lib/terminfo/67/guru+s
-usr/lib/terminfo/67/guru+unk
-usr/lib/terminfo/67/guru-24
-usr/lib/terminfo/67/guru-33
-usr/lib/terminfo/67/guru-33-rv
-usr/lib/terminfo/67/guru-33-s
-usr/lib/terminfo/67/guru-44
-usr/lib/terminfo/67/guru-44-s
-usr/lib/terminfo/67/guru-76
-usr/lib/terminfo/67/guru-76-lp
-usr/lib/terminfo/67/guru-76-s
-usr/lib/terminfo/67/guru-76-w
-usr/lib/terminfo/67/guru-76-w-s
-usr/lib/terminfo/67/guru-76-wm
-usr/lib/terminfo/67/guru-lp
-usr/lib/terminfo/67/guru-nctxt
-usr/lib/terminfo/67/guru-rv
-usr/lib/terminfo/67/guru-s
-usr/lib/terminfo/68/
-usr/lib/terminfo/68/h-100
-usr/lib/terminfo/68/h-100bw
-usr/lib/terminfo/68/h100
-usr/lib/terminfo/68/h100bw
-usr/lib/terminfo/68/h19
-usr/lib/terminfo/68/h19-a
-usr/lib/terminfo/68/h19-b
-usr/lib/terminfo/68/h19-bs
-usr/lib/terminfo/68/h19-g
-usr/lib/terminfo/68/h19-smul
-usr/lib/terminfo/68/h19-u
-usr/lib/terminfo/68/h19-us
-usr/lib/terminfo/68/h19a
-usr/lib/terminfo/68/h19g
-usr/lib/terminfo/68/h19k
-usr/lib/terminfo/68/h19kermit
-usr/lib/terminfo/68/h19us
-usr/lib/terminfo/68/h29a-kc-bc
-usr/lib/terminfo/68/h29a-kc-uc
-usr/lib/terminfo/68/h29a-nkc-bc
-usr/lib/terminfo/68/h29a-nkc-uc
-usr/lib/terminfo/68/h80
-usr/lib/terminfo/68/ha8675
-usr/lib/terminfo/68/ha8686
-usr/lib/terminfo/68/hazel
-usr/lib/terminfo/68/hds200
-usr/lib/terminfo/68/he80
-usr/lib/terminfo/68/heath
-usr/lib/terminfo/68/heath-19
-usr/lib/terminfo/68/heath-ansi
-usr/lib/terminfo/68/heathkit
-usr/lib/terminfo/68/heathkit-a
-usr/lib/terminfo/68/hft
-usr/lib/terminfo/68/hft-c
-usr/lib/terminfo/68/hft-c-old
-usr/lib/terminfo/68/hft-old
-usr/lib/terminfo/68/hirez100
-usr/lib/terminfo/68/hirez100-w
-usr/lib/terminfo/68/hmod1
-usr/lib/terminfo/68/hp
-usr/lib/terminfo/68/hp+arrows
-usr/lib/terminfo/68/hp+color
-usr/lib/terminfo/68/hp+labels
-usr/lib/terminfo/68/hp+pfk+arrows
-usr/lib/terminfo/68/hp+pfk+cr
-usr/lib/terminfo/68/hp+pfk-cr
-usr/lib/terminfo/68/hp+printer
-usr/lib/terminfo/68/hp110
-usr/lib/terminfo/68/hp150
-usr/lib/terminfo/68/hp2
-usr/lib/terminfo/68/hp236
-usr/lib/terminfo/68/hp2382
-usr/lib/terminfo/68/hp2382a
-usr/lib/terminfo/68/hp2392
-usr/lib/terminfo/68/hp2397
-usr/lib/terminfo/68/hp2397a
-usr/lib/terminfo/68/hp2621
-usr/lib/terminfo/68/hp2621-48
-usr/lib/terminfo/68/hp2621-a
-usr/lib/terminfo/68/hp2621-ba
-usr/lib/terminfo/68/hp2621-fl
-usr/lib/terminfo/68/hp2621-k45
-usr/lib/terminfo/68/hp2621-nl
-usr/lib/terminfo/68/hp2621-nt
-usr/lib/terminfo/68/hp2621-wl
-usr/lib/terminfo/68/hp2621A
-usr/lib/terminfo/68/hp2621a-a
-usr/lib/terminfo/68/hp2621b
-usr/lib/terminfo/68/hp2621b-kx
-usr/lib/terminfo/68/hp2621b-kx-p
-usr/lib/terminfo/68/hp2621b-p
-usr/lib/terminfo/68/hp2621k45
-usr/lib/terminfo/68/hp2621p
-usr/lib/terminfo/68/hp2621p-a
-usr/lib/terminfo/68/hp2622
-usr/lib/terminfo/68/hp2622a
-usr/lib/terminfo/68/hp2623
-usr/lib/terminfo/68/hp2623a
-usr/lib/terminfo/68/hp2624
-usr/lib/terminfo/68/hp2624-10p
-usr/lib/terminfo/68/hp2624a
-usr/lib/terminfo/68/hp2624a-10p
-usr/lib/terminfo/68/hp2624b
-usr/lib/terminfo/68/hp2624b-10p
-usr/lib/terminfo/68/hp2624b-10p-p
-usr/lib/terminfo/68/hp2624b-4p
-usr/lib/terminfo/68/hp2624b-4p-p
-usr/lib/terminfo/68/hp2624b-p
-usr/lib/terminfo/68/hp2626
-usr/lib/terminfo/68/hp2626-12
-usr/lib/terminfo/68/hp2626-12-s
-usr/lib/terminfo/68/hp2626-12x40
-usr/lib/terminfo/68/hp2626-ns
-usr/lib/terminfo/68/hp2626-s
-usr/lib/terminfo/68/hp2626-x40
-usr/lib/terminfo/68/hp2626a
-usr/lib/terminfo/68/hp2626p
-usr/lib/terminfo/68/hp2627a
-usr/lib/terminfo/68/hp2627a-rev
-usr/lib/terminfo/68/hp2627c
-usr/lib/terminfo/68/hp262x
-usr/lib/terminfo/68/hp2640a
-usr/lib/terminfo/68/hp2640b
-usr/lib/terminfo/68/hp2641a
-usr/lib/terminfo/68/hp2644a
-usr/lib/terminfo/68/hp2645
-usr/lib/terminfo/68/hp2645a
-usr/lib/terminfo/68/hp2647a
-usr/lib/terminfo/68/hp2648
-usr/lib/terminfo/68/hp2648a
-usr/lib/terminfo/68/hp300h
-usr/lib/terminfo/68/hp45
-usr/lib/terminfo/68/hp700
-usr/lib/terminfo/68/hp700-wy
-usr/lib/terminfo/68/hp70092
-usr/lib/terminfo/68/hp70092A
-usr/lib/terminfo/68/hp9837
-usr/lib/terminfo/68/hp9845
-usr/lib/terminfo/68/hp98550
-usr/lib/terminfo/68/hp98550a
-usr/lib/terminfo/68/hp98720
-usr/lib/terminfo/68/hp98721
-usr/lib/terminfo/68/hpansi
-usr/lib/terminfo/68/hpex
-usr/lib/terminfo/68/hpex2
-usr/lib/terminfo/68/hpgeneric
-usr/lib/terminfo/68/hpsub
-usr/lib/terminfo/68/hpterm
-usr/lib/terminfo/68/hpterm-color
-usr/lib/terminfo/68/htx11
-usr/lib/terminfo/68/hurd
-usr/lib/terminfo/68/hz1000
-usr/lib/terminfo/68/hz1420
-usr/lib/terminfo/68/hz1500
-usr/lib/terminfo/68/hz1510
-usr/lib/terminfo/68/hz1520
-usr/lib/terminfo/68/hz1520-noesc
-usr/lib/terminfo/68/hz1552
-usr/lib/terminfo/68/hz1552-rv
-usr/lib/terminfo/68/hz2000
-usr/lib/terminfo/69/
-usr/lib/terminfo/69/i100
-usr/lib/terminfo/69/i3101
-usr/lib/terminfo/69/i3164
-usr/lib/terminfo/69/i400
-usr/lib/terminfo/69/iTerm.app
-usr/lib/terminfo/69/iTerm2.app
-usr/lib/terminfo/69/ibcs2
-usr/lib/terminfo/69/ibm+16color
-usr/lib/terminfo/69/ibm+color
-usr/lib/terminfo/69/ibm-apl
-usr/lib/terminfo/69/ibm-pc
-usr/lib/terminfo/69/ibm-system1
-usr/lib/terminfo/69/ibm3101
-usr/lib/terminfo/69/ibm3151
-usr/lib/terminfo/69/ibm3161
-usr/lib/terminfo/69/ibm3161-C
-usr/lib/terminfo/69/ibm3162
-usr/lib/terminfo/69/ibm3163
-usr/lib/terminfo/69/ibm3164
-usr/lib/terminfo/69/ibm327x
-usr/lib/terminfo/69/ibm5051
-usr/lib/terminfo/69/ibm5081
-usr/lib/terminfo/69/ibm5081-c
-usr/lib/terminfo/69/ibm5151
-usr/lib/terminfo/69/ibm5154
-usr/lib/terminfo/69/ibm5154-c
-usr/lib/terminfo/69/ibm6153
-usr/lib/terminfo/69/ibm6153-40
-usr/lib/terminfo/69/ibm6153-90
-usr/lib/terminfo/69/ibm6154
-usr/lib/terminfo/69/ibm6154-c
-usr/lib/terminfo/69/ibm6155
-usr/lib/terminfo/69/ibm8503
-usr/lib/terminfo/69/ibm8507
-usr/lib/terminfo/69/ibm8512
-usr/lib/terminfo/69/ibm8513
-usr/lib/terminfo/69/ibm8514
-usr/lib/terminfo/69/ibm8514-c
-usr/lib/terminfo/69/ibm8604
-usr/lib/terminfo/69/ibmaed
-usr/lib/terminfo/69/ibmapa16
-usr/lib/terminfo/69/ibmapa8
-usr/lib/terminfo/69/ibmapa8c
-usr/lib/terminfo/69/ibmapa8c-c
-usr/lib/terminfo/69/ibmega
-usr/lib/terminfo/69/ibmega-c
-usr/lib/terminfo/69/ibmmono
-usr/lib/terminfo/69/ibmmpel-c
-usr/lib/terminfo/69/ibmpc
-usr/lib/terminfo/69/ibmpc3
-usr/lib/terminfo/69/ibmpc3r
-usr/lib/terminfo/69/ibmpc3r-mono
-usr/lib/terminfo/69/ibmpcx
-usr/lib/terminfo/69/ibmvga
-usr/lib/terminfo/69/ibmvga-c
-usr/lib/terminfo/69/ibmx
-usr/lib/terminfo/69/icl6402
-usr/lib/terminfo/69/icl6404
-usr/lib/terminfo/69/icl6404-w
-usr/lib/terminfo/69/ifmr
-usr/lib/terminfo/69/ims-ansi
-usr/lib/terminfo/69/ims950
-usr/lib/terminfo/69/ims950-b
-usr/lib/terminfo/69/ims950-rv
-usr/lib/terminfo/69/infoton
-usr/lib/terminfo/69/interix
-usr/lib/terminfo/69/interix-nti
-usr/lib/terminfo/69/intertec
-usr/lib/terminfo/69/intertube
-usr/lib/terminfo/69/intertube2
-usr/lib/terminfo/69/intext
-usr/lib/terminfo/69/intext2
-usr/lib/terminfo/69/intextii
-usr/lib/terminfo/69/ips
-usr/lib/terminfo/69/ipsi
-usr/lib/terminfo/69/iq120
-usr/lib/terminfo/69/iq140
-usr/lib/terminfo/69/iris-ansi
-usr/lib/terminfo/69/iris-ansi-ap
-usr/lib/terminfo/69/iris-ansi-net
-usr/lib/terminfo/69/iris-color
-usr/lib/terminfo/69/iris40
-usr/lib/terminfo/69/iterm
-usr/lib/terminfo/69/iterm2
-usr/lib/terminfo/69/iterm2-direct
-usr/lib/terminfo/6a/
-usr/lib/terminfo/6a/jaixterm
-usr/lib/terminfo/6a/jaixterm-m
-usr/lib/terminfo/6a/jerq
-usr/lib/terminfo/6a/jfbterm
-usr/lib/terminfo/6b/
-usr/lib/terminfo/6b/k45
-usr/lib/terminfo/6b/kaypro
-usr/lib/terminfo/6b/kaypro2
-usr/lib/terminfo/6b/kds6402
-usr/lib/terminfo/6b/kds7372
-usr/lib/terminfo/6b/kds7372-w
-usr/lib/terminfo/6b/kermit
-usr/lib/terminfo/6b/kermit-am
-usr/lib/terminfo/6b/klone+acs
-usr/lib/terminfo/6b/klone+color
-usr/lib/terminfo/6b/klone+koi8acs
-usr/lib/terminfo/6b/klone+sgr
-usr/lib/terminfo/6b/klone+sgr-dumb
-usr/lib/terminfo/6b/klone+sgr8
-usr/lib/terminfo/6b/kon
-usr/lib/terminfo/6b/kon2
-usr/lib/terminfo/6b/konsole
-usr/lib/terminfo/6b/konsole+pcfkeys
-usr/lib/terminfo/6b/konsole-16color
-usr/lib/terminfo/6b/konsole-256color
-usr/lib/terminfo/6b/konsole-base
-usr/lib/terminfo/6b/konsole-direct
-usr/lib/terminfo/6b/konsole-linux
-usr/lib/terminfo/6b/konsole-solaris
-usr/lib/terminfo/6b/konsole-vt100
-usr/lib/terminfo/6b/konsole-vt420pc
-usr/lib/terminfo/6b/konsole-xf3x
-usr/lib/terminfo/6b/konsole-xf4x
-usr/lib/terminfo/6b/kt7
-usr/lib/terminfo/6b/kt7ix
-usr/lib/terminfo/6b/kterm
-usr/lib/terminfo/6b/kterm-co
-usr/lib/terminfo/6b/kterm-color
-usr/lib/terminfo/6b/ktm
-usr/lib/terminfo/6b/kvt
-usr/lib/terminfo/6c/
-usr/lib/terminfo/6c/la120
-usr/lib/terminfo/6c/layer
-usr/lib/terminfo/6c/lft
-usr/lib/terminfo/6c/lft-pc850
-usr/lib/terminfo/6c/linux
-usr/lib/terminfo/6c/linux-16color
-usr/lib/terminfo/6c/linux-basic
-usr/lib/terminfo/6c/linux-c
-usr/lib/terminfo/6c/linux-c-nc
-usr/lib/terminfo/6c/linux-koi8
-usr/lib/terminfo/6c/linux-koi8r
-usr/lib/terminfo/6c/linux-lat
-usr/lib/terminfo/6c/linux-m
-usr/lib/terminfo/6c/linux-m1
-usr/lib/terminfo/6c/linux-m1b
-usr/lib/terminfo/6c/linux-m2
-usr/lib/terminfo/6c/linux-nic
-usr/lib/terminfo/6c/linux-vt
-usr/lib/terminfo/6c/linux2.2
-usr/lib/terminfo/6c/linux2.6
-usr/lib/terminfo/6c/linux2.6.26
-usr/lib/terminfo/6c/linux3.0
-usr/lib/terminfo/6c/lisa
-usr/lib/terminfo/6c/lisaterm
-usr/lib/terminfo/6c/lisaterm-w
-usr/lib/terminfo/6c/liswb
-usr/lib/terminfo/6c/ln03
-usr/lib/terminfo/6c/ln03-w
-usr/lib/terminfo/6c/lpr
-usr/lib/terminfo/6c/luna
-usr/lib/terminfo/6c/luna68k
-usr/lib/terminfo/6d/
-usr/lib/terminfo/6d/m2-nam
-usr/lib/terminfo/6d/mac
-usr/lib/terminfo/6d/mac-w
-usr/lib/terminfo/6d/mach
-usr/lib/terminfo/6d/mach-bold
-usr/lib/terminfo/6d/mach-color
-usr/lib/terminfo/6d/mach-gnu
-usr/lib/terminfo/6d/mach-gnu-color
-usr/lib/terminfo/6d/macintosh
-usr/lib/terminfo/6d/macterminal-w
-usr/lib/terminfo/6d/mai
-usr/lib/terminfo/6d/masscomp
-usr/lib/terminfo/6d/masscomp1
-usr/lib/terminfo/6d/masscomp2
-usr/lib/terminfo/6d/mdl110
-usr/lib/terminfo/6d/megatek
-usr/lib/terminfo/6d/memhp
-usr/lib/terminfo/6d/mgr
-usr/lib/terminfo/6d/mgr-linux
-usr/lib/terminfo/6d/mgr-sun
-usr/lib/terminfo/6d/mgt
-usr/lib/terminfo/6d/mgterm
-usr/lib/terminfo/6d/microb
-usr/lib/terminfo/6d/microbee
-usr/lib/terminfo/6d/microterm
-usr/lib/terminfo/6d/microterm5
-usr/lib/terminfo/6d/mime
-usr/lib/terminfo/6d/mime-3ax
-usr/lib/terminfo/6d/mime-fb
-usr/lib/terminfo/6d/mime-hb
-usr/lib/terminfo/6d/mime1
-usr/lib/terminfo/6d/mime2
-usr/lib/terminfo/6d/mime2a
-usr/lib/terminfo/6d/mime2a-s
-usr/lib/terminfo/6d/mime2a-v
-usr/lib/terminfo/6d/mime314
-usr/lib/terminfo/6d/mime340
-usr/lib/terminfo/6d/mime3a
-usr/lib/terminfo/6d/mime3ax
-usr/lib/terminfo/6d/mimei
-usr/lib/terminfo/6d/mimeii
-usr/lib/terminfo/6d/minitel
-usr/lib/terminfo/6d/minitel-2
-usr/lib/terminfo/6d/minitel-2-nam
-usr/lib/terminfo/6d/minitel1
-usr/lib/terminfo/6d/minitel1-nb
-usr/lib/terminfo/6d/minitel12-80
-usr/lib/terminfo/6d/minitel1b
-usr/lib/terminfo/6d/minitel1b-80
-usr/lib/terminfo/6d/minitel1b-nb
-usr/lib/terminfo/6d/minitel2-80
-usr/lib/terminfo/6d/minix
-usr/lib/terminfo/6d/minix-1.5
-usr/lib/terminfo/6d/minix-1.7
-usr/lib/terminfo/6d/minix-3.0
-usr/lib/terminfo/6d/minix-old
-usr/lib/terminfo/6d/minix-old-am
-usr/lib/terminfo/6d/mlterm
-usr/lib/terminfo/6d/mlterm+pcfkeys
-usr/lib/terminfo/6d/mlterm-256color
-usr/lib/terminfo/6d/mlterm-direct
-usr/lib/terminfo/6d/mlterm2
-usr/lib/terminfo/6d/mlterm3
-usr/lib/terminfo/6d/mm314
-usr/lib/terminfo/6d/mm340
-usr/lib/terminfo/6d/mod
-usr/lib/terminfo/6d/mod24
-usr/lib/terminfo/6d/modgraph
-usr/lib/terminfo/6d/modgraph2
-usr/lib/terminfo/6d/modgraph48
-usr/lib/terminfo/6d/mono-emx
-usr/lib/terminfo/6d/morphos
-usr/lib/terminfo/6d/mouse-sun
-usr/lib/terminfo/6d/mrxvt
-usr/lib/terminfo/6d/mrxvt-256color
-usr/lib/terminfo/6d/ms-vt-utf8
-usr/lib/terminfo/6d/ms-vt100
-usr/lib/terminfo/6d/ms-vt100+
-usr/lib/terminfo/6d/ms-vt100-color
-usr/lib/terminfo/6d/msk227
-usr/lib/terminfo/6d/msk22714
-usr/lib/terminfo/6d/msk227am
-usr/lib/terminfo/6d/mskermit227
-usr/lib/terminfo/6d/mskermit22714
-usr/lib/terminfo/6d/mskermit227am
-usr/lib/terminfo/6d/mt-70
-usr/lib/terminfo/6d/mt4520-rv
-usr/lib/terminfo/6d/mt70
-usr/lib/terminfo/6d/mterm
-usr/lib/terminfo/6d/mterm-ansi
-usr/lib/terminfo/6d/mvterm
-usr/lib/terminfo/6e/
-usr/lib/terminfo/6e/nansi.sys
-usr/lib/terminfo/6e/nansi.sysk
-usr/lib/terminfo/6e/nansisys
-usr/lib/terminfo/6e/nansisysk
-usr/lib/terminfo/6e/ncr160vppp
-usr/lib/terminfo/6e/ncr160vpwpp
-usr/lib/terminfo/6e/ncr160vt100an
-usr/lib/terminfo/6e/ncr160vt100pp
-usr/lib/terminfo/6e/ncr160vt100wan
-usr/lib/terminfo/6e/ncr160vt100wpp
-usr/lib/terminfo/6e/ncr160vt200an
-usr/lib/terminfo/6e/ncr160vt200pp
-usr/lib/terminfo/6e/ncr160vt200wan
-usr/lib/terminfo/6e/ncr160vt200wpp
-usr/lib/terminfo/6e/ncr160vt300an
-usr/lib/terminfo/6e/ncr160vt300pp
-usr/lib/terminfo/6e/ncr160vt300wan
-usr/lib/terminfo/6e/ncr160vt300wpp
-usr/lib/terminfo/6e/ncr160wy50+pp
-usr/lib/terminfo/6e/ncr160wy50+wpp
-usr/lib/terminfo/6e/ncr160wy60pp
-usr/lib/terminfo/6e/ncr160wy60wpp
-usr/lib/terminfo/6e/ncr260intan
-usr/lib/terminfo/6e/ncr260intpp
-usr/lib/terminfo/6e/ncr260intwan
-usr/lib/terminfo/6e/ncr260intwpp
-usr/lib/terminfo/6e/ncr260vppp
-usr/lib/terminfo/6e/ncr260vpwpp
-usr/lib/terminfo/6e/ncr260vt100an
-usr/lib/terminfo/6e/ncr260vt100pp
-usr/lib/terminfo/6e/ncr260vt100wan
-usr/lib/terminfo/6e/ncr260vt100wpp
-usr/lib/terminfo/6e/ncr260vt200an
-usr/lib/terminfo/6e/ncr260vt200pp
-usr/lib/terminfo/6e/ncr260vt200wan
-usr/lib/terminfo/6e/ncr260vt200wpp
-usr/lib/terminfo/6e/ncr260vt300an
-usr/lib/terminfo/6e/ncr260vt300pp
-usr/lib/terminfo/6e/ncr260vt300wan
-usr/lib/terminfo/6e/ncr260vt300wpp
-usr/lib/terminfo/6e/ncr260wy325pp
-usr/lib/terminfo/6e/ncr260wy325wpp
-usr/lib/terminfo/6e/ncr260wy350pp
-usr/lib/terminfo/6e/ncr260wy350wpp
-usr/lib/terminfo/6e/ncr260wy50+pp
-usr/lib/terminfo/6e/ncr260wy50+wpp
-usr/lib/terminfo/6e/ncr260wy60pp
-usr/lib/terminfo/6e/ncr260wy60wpp
-usr/lib/terminfo/6e/ncr7900
-usr/lib/terminfo/6e/ncr7900i
-usr/lib/terminfo/6e/ncr7900iv
-usr/lib/terminfo/6e/ncr7901
-usr/lib/terminfo/6e/ncrvt100an
-usr/lib/terminfo/6e/ncrvt100pp
-usr/lib/terminfo/6e/ncrvt100wan
-usr/lib/terminfo/6e/ncrvt100wpp
-usr/lib/terminfo/6e/ncsa
-usr/lib/terminfo/6e/ncsa-m
-usr/lib/terminfo/6e/ncsa-m-ns
-usr/lib/terminfo/6e/ncsa-ns
-usr/lib/terminfo/6e/ncsa-vt220
-usr/lib/terminfo/6e/ncsa-vt220-8
-usr/lib/terminfo/6e/nd9500
-usr/lib/terminfo/6e/ndr9500
-usr/lib/terminfo/6e/ndr9500-25
-usr/lib/terminfo/6e/ndr9500-25-mc
-usr/lib/terminfo/6e/ndr9500-25-mc-nl
-usr/lib/terminfo/6e/ndr9500-25-nl
-usr/lib/terminfo/6e/ndr9500-mc
-usr/lib/terminfo/6e/ndr9500-mc-nl
-usr/lib/terminfo/6e/ndr9500-nl
-usr/lib/terminfo/6e/nec
-usr/lib/terminfo/6e/nec5520
-usr/lib/terminfo/6e/netbsd6
-usr/lib/terminfo/6e/newhp
-usr/lib/terminfo/6e/newhpkeyboard
-usr/lib/terminfo/6e/news
-usr/lib/terminfo/6e/news-29
-usr/lib/terminfo/6e/news-29-euc
-usr/lib/terminfo/6e/news-29-sjis
-usr/lib/terminfo/6e/news-33
-usr/lib/terminfo/6e/news-33-euc
-usr/lib/terminfo/6e/news-33-sjis
-usr/lib/terminfo/6e/news-42
-usr/lib/terminfo/6e/news-42-euc
-usr/lib/terminfo/6e/news-42-sjis
-usr/lib/terminfo/6e/news-a
-usr/lib/terminfo/6e/news-o
-usr/lib/terminfo/6e/news-old-unk
-usr/lib/terminfo/6e/news-unk
-usr/lib/terminfo/6e/news28
-usr/lib/terminfo/6e/news28-a
-usr/lib/terminfo/6e/news29
-usr/lib/terminfo/6e/news31
-usr/lib/terminfo/6e/news31-a
-usr/lib/terminfo/6e/news31-o
-usr/lib/terminfo/6e/news33
-usr/lib/terminfo/6e/news40
-usr/lib/terminfo/6e/news40-a
-usr/lib/terminfo/6e/news40-o
-usr/lib/terminfo/6e/news42
-usr/lib/terminfo/6e/newscbm
-usr/lib/terminfo/6e/newscbm-a
-usr/lib/terminfo/6e/newscbm-o
-usr/lib/terminfo/6e/newscbm33
-usr/lib/terminfo/6e/next
-usr/lib/terminfo/6e/nextshell
-usr/lib/terminfo/6e/northstar
-usr/lib/terminfo/6e/nsterm
-usr/lib/terminfo/6e/nsterm+7
-usr/lib/terminfo/6e/nsterm+acs
-usr/lib/terminfo/6e/nsterm+c
-usr/lib/terminfo/6e/nsterm+c41
-usr/lib/terminfo/6e/nsterm+mac
-usr/lib/terminfo/6e/nsterm+s
-usr/lib/terminfo/6e/nsterm-16color
-usr/lib/terminfo/6e/nsterm-256color
-usr/lib/terminfo/6e/nsterm-7
-usr/lib/terminfo/6e/nsterm-7-c
-usr/lib/terminfo/6e/nsterm-7-c-s
-usr/lib/terminfo/6e/nsterm-7-m
-usr/lib/terminfo/6e/nsterm-7-m-s
-usr/lib/terminfo/6e/nsterm-7-s
-usr/lib/terminfo/6e/nsterm-acs
-usr/lib/terminfo/6e/nsterm-acs-c
-usr/lib/terminfo/6e/nsterm-acs-c-s
-usr/lib/terminfo/6e/nsterm-acs-m
-usr/lib/terminfo/6e/nsterm-acs-m-s
-usr/lib/terminfo/6e/nsterm-acs-s
-usr/lib/terminfo/6e/nsterm-bce
-usr/lib/terminfo/6e/nsterm-build326
-usr/lib/terminfo/6e/nsterm-build343
-usr/lib/terminfo/6e/nsterm-build361
-usr/lib/terminfo/6e/nsterm-build400
-usr/lib/terminfo/6e/nsterm-c
-usr/lib/terminfo/6e/nsterm-c-7
-usr/lib/terminfo/6e/nsterm-c-acs
-usr/lib/terminfo/6e/nsterm-c-s
-usr/lib/terminfo/6e/nsterm-c-s-7
-usr/lib/terminfo/6e/nsterm-c-s-acs
-usr/lib/terminfo/6e/nsterm-m
-usr/lib/terminfo/6e/nsterm-m-7
-usr/lib/terminfo/6e/nsterm-m-acs
-usr/lib/terminfo/6e/nsterm-m-s
-usr/lib/terminfo/6e/nsterm-m-s-7
-usr/lib/terminfo/6e/nsterm-m-s-acs
-usr/lib/terminfo/6e/nsterm-old
-usr/lib/terminfo/6e/nsterm-s
-usr/lib/terminfo/6e/nsterm-s-7
-usr/lib/terminfo/6e/nsterm-s-acs
-usr/lib/terminfo/6e/ntconsole
-usr/lib/terminfo/6e/ntconsole-100
-usr/lib/terminfo/6e/ntconsole-100-nti
-usr/lib/terminfo/6e/ntconsole-25
-usr/lib/terminfo/6e/ntconsole-25-nti
-usr/lib/terminfo/6e/ntconsole-25-w
-usr/lib/terminfo/6e/ntconsole-25-w-vt
-usr/lib/terminfo/6e/ntconsole-35
-usr/lib/terminfo/6e/ntconsole-35-nti
-usr/lib/terminfo/6e/ntconsole-35-w
-usr/lib/terminfo/6e/ntconsole-50
-usr/lib/terminfo/6e/ntconsole-50-nti
-usr/lib/terminfo/6e/ntconsole-50-w
-usr/lib/terminfo/6e/ntconsole-60
-usr/lib/terminfo/6e/ntconsole-60-nti
-usr/lib/terminfo/6e/ntconsole-60-w
-usr/lib/terminfo/6e/ntconsole-w
-usr/lib/terminfo/6e/ntconsole-w-vt
-usr/lib/terminfo/6e/nwe501
-usr/lib/terminfo/6e/nwe501-a
-usr/lib/terminfo/6e/nwe501-o
-usr/lib/terminfo/6e/nwp-511
-usr/lib/terminfo/6e/nwp-517
-usr/lib/terminfo/6e/nwp-517-w
-usr/lib/terminfo/6e/nwp251-a
-usr/lib/terminfo/6e/nwp251-o
-usr/lib/terminfo/6e/nwp511
-usr/lib/terminfo/6e/nwp512
-usr/lib/terminfo/6e/nwp512-a
-usr/lib/terminfo/6e/nwp512-o
-usr/lib/terminfo/6e/nwp513
-usr/lib/terminfo/6e/nwp513-a
-usr/lib/terminfo/6e/nwp513-o
-usr/lib/terminfo/6e/nwp514
-usr/lib/terminfo/6e/nwp514-a
-usr/lib/terminfo/6e/nwp514-o
-usr/lib/terminfo/6e/nwp517
-usr/lib/terminfo/6e/nwp517-w
-usr/lib/terminfo/6e/nwp518
-usr/lib/terminfo/6e/nwp518-a
-usr/lib/terminfo/6e/nwp518-o
-usr/lib/terminfo/6e/nxterm
-usr/lib/terminfo/6f/
-usr/lib/terminfo/6f/o31
-usr/lib/terminfo/6f/o4112-nd
-usr/lib/terminfo/6f/o85h
-usr/lib/terminfo/6f/oabm85h
-usr/lib/terminfo/6f/oblit
-usr/lib/terminfo/6f/oc100
-usr/lib/terminfo/6f/oconcept
-usr/lib/terminfo/6f/ofcons
-usr/lib/terminfo/6f/ojerq
-usr/lib/terminfo/6f/old-st
-usr/lib/terminfo/6f/oldibmpc3
-usr/lib/terminfo/6f/oldpc3
-usr/lib/terminfo/6f/oldsun
-usr/lib/terminfo/6f/omron
-usr/lib/terminfo/6f/opennt
-usr/lib/terminfo/6f/opennt-100
-usr/lib/terminfo/6f/opennt-100-nti
-usr/lib/terminfo/6f/opennt-25
-usr/lib/terminfo/6f/opennt-25-nti
-usr/lib/terminfo/6f/opennt-25-w
-usr/lib/terminfo/6f/opennt-25-w-vt
-usr/lib/terminfo/6f/opennt-35
-usr/lib/terminfo/6f/opennt-35-nti
-usr/lib/terminfo/6f/opennt-35-w
-usr/lib/terminfo/6f/opennt-50
-usr/lib/terminfo/6f/opennt-50-nti
-usr/lib/terminfo/6f/opennt-50-w
-usr/lib/terminfo/6f/opennt-60
-usr/lib/terminfo/6f/opennt-60-nti
-usr/lib/terminfo/6f/opennt-60-w
-usr/lib/terminfo/6f/opennt-nti
-usr/lib/terminfo/6f/opennt-w
-usr/lib/terminfo/6f/opennt-w-vt
-usr/lib/terminfo/6f/opus3n1+
-usr/lib/terminfo/6f/origibmpc3
-usr/lib/terminfo/6f/origpc3
-usr/lib/terminfo/6f/os9LII
-usr/lib/terminfo/6f/osborne
-usr/lib/terminfo/6f/osborne-w
-usr/lib/terminfo/6f/osborne1
-usr/lib/terminfo/6f/osborne1-w
-usr/lib/terminfo/6f/osexec
-usr/lib/terminfo/6f/otek4112
-usr/lib/terminfo/6f/otek4113
-usr/lib/terminfo/6f/otek4114
-usr/lib/terminfo/6f/otek4115
-usr/lib/terminfo/6f/owl
-usr/lib/terminfo/70/
-usr/lib/terminfo/70/p12
-usr/lib/terminfo/70/p12-m
-usr/lib/terminfo/70/p12-m-w
-usr/lib/terminfo/70/p12-w
-usr/lib/terminfo/70/p14
-usr/lib/terminfo/70/p14-m
-usr/lib/terminfo/70/p14-m-w
-usr/lib/terminfo/70/p14-w
-usr/lib/terminfo/70/p19
-usr/lib/terminfo/70/p4
-usr/lib/terminfo/70/p5
-usr/lib/terminfo/70/p7
-usr/lib/terminfo/70/p8
-usr/lib/terminfo/70/p8-w
-usr/lib/terminfo/70/p8gl
-usr/lib/terminfo/70/p9
-usr/lib/terminfo/70/p9-8
-usr/lib/terminfo/70/p9-8-w
-usr/lib/terminfo/70/p9-w
-usr/lib/terminfo/70/pc-coherent
-usr/lib/terminfo/70/pc-minix
-usr/lib/terminfo/70/pc-venix
-usr/lib/terminfo/70/pc3
-usr/lib/terminfo/70/pc3-bold
-usr/lib/terminfo/70/pc3r
-usr/lib/terminfo/70/pc3r-m
-usr/lib/terminfo/70/pc6300plus
-usr/lib/terminfo/70/pc7300
-usr/lib/terminfo/70/pcansi
-usr/lib/terminfo/70/pcansi-25
-usr/lib/terminfo/70/pcansi-25-m
-usr/lib/terminfo/70/pcansi-33
-usr/lib/terminfo/70/pcansi-33-m
-usr/lib/terminfo/70/pcansi-43
-usr/lib/terminfo/70/pcansi-43-m
-usr/lib/terminfo/70/pcansi-m
-usr/lib/terminfo/70/pcansi-mono
-usr/lib/terminfo/70/pcansi25
-usr/lib/terminfo/70/pcansi25m
-usr/lib/terminfo/70/pcansi33
-usr/lib/terminfo/70/pcansi33m
-usr/lib/terminfo/70/pcansi43
-usr/lib/terminfo/70/pccon
-usr/lib/terminfo/70/pccon+base
-usr/lib/terminfo/70/pccon+colors
-usr/lib/terminfo/70/pccon+keys
-usr/lib/terminfo/70/pccon+sgr+acs
-usr/lib/terminfo/70/pccon+sgr+acs0
-usr/lib/terminfo/70/pccon-m
-usr/lib/terminfo/70/pccon0
-usr/lib/terminfo/70/pccon0-m
-usr/lib/terminfo/70/pccons
-usr/lib/terminfo/70/pcconsole
-usr/lib/terminfo/70/pcix
-usr/lib/terminfo/70/pckermit
-usr/lib/terminfo/70/pckermit12
-usr/lib/terminfo/70/pckermit120
-usr/lib/terminfo/70/pcmw
-usr/lib/terminfo/70/pcplot
-usr/lib/terminfo/70/pcvt25
-usr/lib/terminfo/70/pcvt25-color
-usr/lib/terminfo/70/pcvt25w
-usr/lib/terminfo/70/pcvt28
-usr/lib/terminfo/70/pcvt28w
-usr/lib/terminfo/70/pcvt35
-usr/lib/terminfo/70/pcvt35w
-usr/lib/terminfo/70/pcvt40
-usr/lib/terminfo/70/pcvt40w
-usr/lib/terminfo/70/pcvt43
-usr/lib/terminfo/70/pcvt43w
-usr/lib/terminfo/70/pcvt50
-usr/lib/terminfo/70/pcvt50w
-usr/lib/terminfo/70/pcvtXX
-usr/lib/terminfo/70/pcz19
-usr/lib/terminfo/70/pe1100
-usr/lib/terminfo/70/pe1200
-usr/lib/terminfo/70/pe1251
-usr/lib/terminfo/70/pe550
-usr/lib/terminfo/70/pe6100
-usr/lib/terminfo/70/pe6300
-usr/lib/terminfo/70/pe6312
-usr/lib/terminfo/70/pe7000c
-usr/lib/terminfo/70/pe7000m
-usr/lib/terminfo/70/pilot
-usr/lib/terminfo/70/pmcons
-usr/lib/terminfo/70/pmconsole
-usr/lib/terminfo/70/printer
-usr/lib/terminfo/70/prism12
-usr/lib/terminfo/70/prism12-m
-usr/lib/terminfo/70/prism12-m-w
-usr/lib/terminfo/70/prism12-w
-usr/lib/terminfo/70/prism14
-usr/lib/terminfo/70/prism14-m
-usr/lib/terminfo/70/prism14-m-w
-usr/lib/terminfo/70/prism14-w
-usr/lib/terminfo/70/prism2
-usr/lib/terminfo/70/prism4
-usr/lib/terminfo/70/prism5
-usr/lib/terminfo/70/prism7
-usr/lib/terminfo/70/prism8
-usr/lib/terminfo/70/prism8-w
-usr/lib/terminfo/70/prism8gl
-usr/lib/terminfo/70/prism9
-usr/lib/terminfo/70/prism9-8
-usr/lib/terminfo/70/prism9-8-w
-usr/lib/terminfo/70/prism9-w
-usr/lib/terminfo/70/pro350
-usr/lib/terminfo/70/ps300
-usr/lib/terminfo/70/psterm
-usr/lib/terminfo/70/psterm-80x24
-usr/lib/terminfo/70/psterm-90x28
-usr/lib/terminfo/70/psterm-96x48
-usr/lib/terminfo/70/psterm-basic
-usr/lib/terminfo/70/psterm-fast
-usr/lib/terminfo/70/psx_ansi
-usr/lib/terminfo/70/pt100
-usr/lib/terminfo/70/pt100w
-usr/lib/terminfo/70/pt200
-usr/lib/terminfo/70/pt200w
-usr/lib/terminfo/70/pt210
-usr/lib/terminfo/70/pt250
-usr/lib/terminfo/70/pt250w
-usr/lib/terminfo/70/pt505
-usr/lib/terminfo/70/pt505-22
-usr/lib/terminfo/70/pt505-24
-usr/lib/terminfo/70/pty
-usr/lib/terminfo/70/putty
-usr/lib/terminfo/70/putty+fnkeys
-usr/lib/terminfo/70/putty+fnkeys+esc
-usr/lib/terminfo/70/putty+fnkeys+linux
-usr/lib/terminfo/70/putty+fnkeys+sco
-usr/lib/terminfo/70/putty+fnkeys+vt100
-usr/lib/terminfo/70/putty+fnkeys+vt400
-usr/lib/terminfo/70/putty+fnkeys+xterm
-usr/lib/terminfo/70/putty-256color
-usr/lib/terminfo/70/putty-m1
-usr/lib/terminfo/70/putty-m1b
-usr/lib/terminfo/70/putty-m2
-usr/lib/terminfo/70/putty-noapp
-usr/lib/terminfo/70/putty-sco
-usr/lib/terminfo/70/putty-vt100
-usr/lib/terminfo/71/
-usr/lib/terminfo/71/qansi
-usr/lib/terminfo/71/qansi-g
-usr/lib/terminfo/71/qansi-m
-usr/lib/terminfo/71/qansi-t
-usr/lib/terminfo/71/qansi-w
-usr/lib/terminfo/71/qdcons
-usr/lib/terminfo/71/qdss
-usr/lib/terminfo/71/qnx
-usr/lib/terminfo/71/qnx4
-usr/lib/terminfo/71/qnxm
-usr/lib/terminfo/71/qnxt
-usr/lib/terminfo/71/qnxt2
-usr/lib/terminfo/71/qnxt4
-usr/lib/terminfo/71/qnxtmono
-usr/lib/terminfo/71/qnxw
-usr/lib/terminfo/71/qume
-usr/lib/terminfo/71/qume5
-usr/lib/terminfo/71/qvt101
-usr/lib/terminfo/71/qvt101+
-usr/lib/terminfo/71/qvt101p
-usr/lib/terminfo/71/qvt102
-usr/lib/terminfo/71/qvt103
-usr/lib/terminfo/71/qvt103-w
-usr/lib/terminfo/71/qvt108
-usr/lib/terminfo/71/qvt119
-usr/lib/terminfo/71/qvt119+
-usr/lib/terminfo/71/qvt119+-25
-usr/lib/terminfo/71/qvt119+-25-w
-usr/lib/terminfo/71/qvt119+-w
-usr/lib/terminfo/71/qvt119-25-w
-usr/lib/terminfo/71/qvt119-w
-usr/lib/terminfo/71/qvt119p
-usr/lib/terminfo/71/qvt119p-25
-usr/lib/terminfo/71/qvt119p-25-w
-usr/lib/terminfo/71/qvt119p-w
-usr/lib/terminfo/71/qvt203
-usr/lib/terminfo/71/qvt203+
-usr/lib/terminfo/71/qvt203-25
-usr/lib/terminfo/71/qvt203-25-w
-usr/lib/terminfo/71/qvt203-w
-usr/lib/terminfo/71/qvt203-w-am
-usr/lib/terminfo/72/
-usr/lib/terminfo/72/rbcomm
-usr/lib/terminfo/72/rbcomm-nam
-usr/lib/terminfo/72/rbcomm-w
-usr/lib/terminfo/72/rca
-usr/lib/terminfo/72/rcons
-usr/lib/terminfo/72/rcons-color
-usr/lib/terminfo/72/rebus3180
-usr/lib/terminfo/72/regent
-usr/lib/terminfo/72/regent100
-usr/lib/terminfo/72/regent20
-usr/lib/terminfo/72/regent200
-usr/lib/terminfo/72/regent25
-usr/lib/terminfo/72/regent40
-usr/lib/terminfo/72/regent40+
-usr/lib/terminfo/72/regent60
-usr/lib/terminfo/72/rt6221
-usr/lib/terminfo/72/rt6221-w
-usr/lib/terminfo/72/rtpc
-usr/lib/terminfo/72/rxvt
-usr/lib/terminfo/72/rxvt+pcfkeys
-usr/lib/terminfo/72/rxvt-16color
-usr/lib/terminfo/72/rxvt-256color
-usr/lib/terminfo/72/rxvt-88color
-usr/lib/terminfo/72/rxvt-basic
-usr/lib/terminfo/72/rxvt-color
-usr/lib/terminfo/72/rxvt-cygwin
-usr/lib/terminfo/72/rxvt-cygwin-native
-usr/lib/terminfo/72/rxvt-xpm
-usr/lib/terminfo/73/
-usr/lib/terminfo/73/s4
-usr/lib/terminfo/73/sb1
-usr/lib/terminfo/73/sb2
-usr/lib/terminfo/73/sb3
-usr/lib/terminfo/73/sbi
-usr/lib/terminfo/73/sbobcat
-usr/lib/terminfo/73/sc410
-usr/lib/terminfo/73/sc415
-usr/lib/terminfo/73/scanset
-usr/lib/terminfo/73/scoansi
-usr/lib/terminfo/73/scoansi-new
-usr/lib/terminfo/73/scoansi-old
-usr/lib/terminfo/73/screen
-usr/lib/terminfo/73/screen+fkeys
-usr/lib/terminfo/73/screen+italics
-usr/lib/terminfo/73/screen-16color
-usr/lib/terminfo/73/screen-16color-bce
-usr/lib/terminfo/73/screen-16color-bce-s
-usr/lib/terminfo/73/screen-16color-s
-usr/lib/terminfo/73/screen-256color
-usr/lib/terminfo/73/screen-256color-bce
-usr/lib/terminfo/73/screen-256color-bce-s
-usr/lib/terminfo/73/screen-256color-s
-usr/lib/terminfo/73/screen-bce
-usr/lib/terminfo/73/screen-bce.Eterm
-usr/lib/terminfo/73/screen-bce.gnome
-usr/lib/terminfo/73/screen-bce.konsole
-usr/lib/terminfo/73/screen-bce.linux
-usr/lib/terminfo/73/screen-bce.mrxvt
-usr/lib/terminfo/73/screen-bce.rxvt
-usr/lib/terminfo/73/screen-bce.xterm-new
-usr/lib/terminfo/73/screen-s
-usr/lib/terminfo/73/screen-w
-usr/lib/terminfo/73/screen.Eterm
-usr/lib/terminfo/73/screen.gnome
-usr/lib/terminfo/73/screen.konsole
-usr/lib/terminfo/73/screen.konsole-256color
-usr/lib/terminfo/73/screen.linux
-usr/lib/terminfo/73/screen.linux-m1
-usr/lib/terminfo/73/screen.linux-m1b
-usr/lib/terminfo/73/screen.linux-m2
-usr/lib/terminfo/73/screen.minitel1
-usr/lib/terminfo/73/screen.minitel1-nb
-usr/lib/terminfo/73/screen.minitel12-80
-usr/lib/terminfo/73/screen.minitel1b
-usr/lib/terminfo/73/screen.minitel1b-80
-usr/lib/terminfo/73/screen.minitel1b-nb
-usr/lib/terminfo/73/screen.minitel2-80
-usr/lib/terminfo/73/screen.mlterm
-usr/lib/terminfo/73/screen.mlterm-256color
-usr/lib/terminfo/73/screen.mrxvt
-usr/lib/terminfo/73/screen.putty
-usr/lib/terminfo/73/screen.putty-256color
-usr/lib/terminfo/73/screen.putty-m1
-usr/lib/terminfo/73/screen.putty-m1b
-usr/lib/terminfo/73/screen.putty-m2
-usr/lib/terminfo/73/screen.rxvt
-usr/lib/terminfo/73/screen.teraterm
-usr/lib/terminfo/73/screen.vte
-usr/lib/terminfo/73/screen.vte-256color
-usr/lib/terminfo/73/screen.xterm-256color
-usr/lib/terminfo/73/screen.xterm-new
-usr/lib/terminfo/73/screen.xterm-r6
-usr/lib/terminfo/73/screen.xterm-xfree86
-usr/lib/terminfo/73/screen2
-usr/lib/terminfo/73/screen3
-usr/lib/terminfo/73/screwpoint
-usr/lib/terminfo/73/scrhp
-usr/lib/terminfo/73/sibo
-usr/lib/terminfo/73/simpleterm
-usr/lib/terminfo/73/simterm
-usr/lib/terminfo/73/soroc
-usr/lib/terminfo/73/soroc120
-usr/lib/terminfo/73/soroc140
-usr/lib/terminfo/73/spinwriter
-usr/lib/terminfo/73/st
-usr/lib/terminfo/73/st-0.6
-usr/lib/terminfo/73/st-0.7
-usr/lib/terminfo/73/st-16color
-usr/lib/terminfo/73/st-256color
-usr/lib/terminfo/73/st-direct
-usr/lib/terminfo/73/st52
-usr/lib/terminfo/73/st52-color
-usr/lib/terminfo/73/st52-m
-usr/lib/terminfo/73/st52-old
-usr/lib/terminfo/73/stterm
-usr/lib/terminfo/73/stterm-16color
-usr/lib/terminfo/73/stterm-256color
-usr/lib/terminfo/73/stv52
-usr/lib/terminfo/73/stv52pc
-usr/lib/terminfo/73/sun
-usr/lib/terminfo/73/sun+sl
-usr/lib/terminfo/73/sun-1
-usr/lib/terminfo/73/sun-12
-usr/lib/terminfo/73/sun-17
-usr/lib/terminfo/73/sun-24
-usr/lib/terminfo/73/sun-34
-usr/lib/terminfo/73/sun-48
-usr/lib/terminfo/73/sun-c
-usr/lib/terminfo/73/sun-cgsix
-usr/lib/terminfo/73/sun-cmd
-usr/lib/terminfo/73/sun-color
-usr/lib/terminfo/73/sun-e
-usr/lib/terminfo/73/sun-e-s
-usr/lib/terminfo/73/sun-il
-usr/lib/terminfo/73/sun-nic
-usr/lib/terminfo/73/sun-s
-usr/lib/terminfo/73/sun-s-e
-usr/lib/terminfo/73/sun-ss5
-usr/lib/terminfo/73/sun-type4
-usr/lib/terminfo/73/sun1
-usr/lib/terminfo/73/sun2
-usr/lib/terminfo/73/sune
-usr/lib/terminfo/73/superbee
-usr/lib/terminfo/73/superbee-xsb
-usr/lib/terminfo/73/superbeeic
-usr/lib/terminfo/73/superbrain
-usr/lib/terminfo/73/sv80
-usr/lib/terminfo/73/swtp
-usr/lib/terminfo/73/synertek
-usr/lib/terminfo/73/synertek380
-usr/lib/terminfo/73/system1
-usr/lib/terminfo/74/
-usr/lib/terminfo/74/t10
-usr/lib/terminfo/74/t1061
-usr/lib/terminfo/74/t1061f
-usr/lib/terminfo/74/t16
-usr/lib/terminfo/74/t3700
-usr/lib/terminfo/74/t3800
-usr/lib/terminfo/74/t653x
-usr/lib/terminfo/74/tab
-usr/lib/terminfo/74/tab132
-usr/lib/terminfo/74/tab132-15
-usr/lib/terminfo/74/tab132-rv
-usr/lib/terminfo/74/tab132-w
-usr/lib/terminfo/74/tab132-w-rv
-usr/lib/terminfo/74/tandem6510
-usr/lib/terminfo/74/tandem653
-usr/lib/terminfo/74/tek
-usr/lib/terminfo/74/tek4012
-usr/lib/terminfo/74/tek4013
-usr/lib/terminfo/74/tek4014
-usr/lib/terminfo/74/tek4014-sm
-usr/lib/terminfo/74/tek4015
-usr/lib/terminfo/74/tek4015-sm
-usr/lib/terminfo/74/tek4023
-usr/lib/terminfo/74/tek4024
-usr/lib/terminfo/74/tek4025
-usr/lib/terminfo/74/tek4025-17
-usr/lib/terminfo/74/tek4025-17-ws
-usr/lib/terminfo/74/tek4025-cr
-usr/lib/terminfo/74/tek4025-ex
-usr/lib/terminfo/74/tek4025a
-usr/lib/terminfo/74/tek4025ex
-usr/lib/terminfo/74/tek4027
-usr/lib/terminfo/74/tek4027-ex
-usr/lib/terminfo/74/tek4105
-usr/lib/terminfo/74/tek4105-30
-usr/lib/terminfo/74/tek4105a
-usr/lib/terminfo/74/tek4106brl
-usr/lib/terminfo/74/tek4107
-usr/lib/terminfo/74/tek4107brl
-usr/lib/terminfo/74/tek4109
-usr/lib/terminfo/74/tek4109brl
-usr/lib/terminfo/74/tek4112
-usr/lib/terminfo/74/tek4112-5
-usr/lib/terminfo/74/tek4112-nd
-usr/lib/terminfo/74/tek4113
-usr/lib/terminfo/74/tek4113-34
-usr/lib/terminfo/74/tek4113-nd
-usr/lib/terminfo/74/tek4114
-usr/lib/terminfo/74/tek4115
-usr/lib/terminfo/74/tek4125
-usr/lib/terminfo/74/tek4205
-usr/lib/terminfo/74/tek4207
-usr/lib/terminfo/74/tek4207-s
-usr/lib/terminfo/74/tek4404
-usr/lib/terminfo/74/teken
-usr/lib/terminfo/74/teleray
-usr/lib/terminfo/74/teletec
-usr/lib/terminfo/74/teraterm
-usr/lib/terminfo/74/teraterm-256color
-usr/lib/terminfo/74/teraterm2.3
-usr/lib/terminfo/74/teraterm4.59
-usr/lib/terminfo/74/teraterm4.97
-usr/lib/terminfo/74/terminator
-usr/lib/terminfo/74/terminet
-usr/lib/terminfo/74/terminet1200
-usr/lib/terminfo/74/terminet300
-usr/lib/terminfo/74/terminology
-usr/lib/terminfo/74/terminology-0.6.1
-usr/lib/terminfo/74/terminology-1.0.0
-usr/lib/terminfo/74/termite
-usr/lib/terminfo/74/tgtelnet
-usr/lib/terminfo/74/ti700
-usr/lib/terminfo/74/ti733
-usr/lib/terminfo/74/ti735
-usr/lib/terminfo/74/ti745
-usr/lib/terminfo/74/ti800
-usr/lib/terminfo/74/ti916
-usr/lib/terminfo/74/ti916-132
-usr/lib/terminfo/74/ti916-220-7
-usr/lib/terminfo/74/ti916-220-8
-usr/lib/terminfo/74/ti916-8
-usr/lib/terminfo/74/ti916-8-132
-usr/lib/terminfo/74/ti924
-usr/lib/terminfo/74/ti924-8
-usr/lib/terminfo/74/ti924-8w
-usr/lib/terminfo/74/ti924w
-usr/lib/terminfo/74/ti926
-usr/lib/terminfo/74/ti926-8
-usr/lib/terminfo/74/ti928
-usr/lib/terminfo/74/ti928-8
-usr/lib/terminfo/74/ti931
-usr/lib/terminfo/74/ti_ansi
-usr/lib/terminfo/74/tkterm
-usr/lib/terminfo/74/tmux
-usr/lib/terminfo/74/tmux-256color
-usr/lib/terminfo/74/tn1200
-usr/lib/terminfo/74/tn300
-usr/lib/terminfo/74/trs16
-usr/lib/terminfo/74/trs2
-usr/lib/terminfo/74/trs80II
-usr/lib/terminfo/74/trsII
-usr/lib/terminfo/74/ts-1
-usr/lib/terminfo/74/ts-1p
-usr/lib/terminfo/74/ts1
-usr/lib/terminfo/74/ts100
-usr/lib/terminfo/74/ts100-ctxt
-usr/lib/terminfo/74/ts100-sp
-usr/lib/terminfo/74/ts1p
-usr/lib/terminfo/74/tt
-usr/lib/terminfo/74/tt505-22
-usr/lib/terminfo/74/tt52
-usr/lib/terminfo/74/tty33
-usr/lib/terminfo/74/tty35
-usr/lib/terminfo/74/tty37
-usr/lib/terminfo/74/tty40
-usr/lib/terminfo/74/tty43
-usr/lib/terminfo/74/tty4420
-usr/lib/terminfo/74/tty4424
-usr/lib/terminfo/74/tty4424-1
-usr/lib/terminfo/74/tty4424m
-usr/lib/terminfo/74/tty4426
-usr/lib/terminfo/74/tty5410
-usr/lib/terminfo/74/tty5410-w
-usr/lib/terminfo/74/tty5410v1
-usr/lib/terminfo/74/tty5410v1-w
-usr/lib/terminfo/74/tty5420
-usr/lib/terminfo/74/tty5420+nl
-usr/lib/terminfo/74/tty5420-nl
-usr/lib/terminfo/74/tty5420-rv
-usr/lib/terminfo/74/tty5420-rv-nl
-usr/lib/terminfo/74/tty5420-w
-usr/lib/terminfo/74/tty5420-w-nl
-usr/lib/terminfo/74/tty5420-w-rv
-usr/lib/terminfo/74/tty5420-w-rv-n
-usr/lib/terminfo/74/tty5425
-usr/lib/terminfo/74/tty5425-nl
-usr/lib/terminfo/74/tty5425-w
-usr/lib/terminfo/74/tty5620
-usr/lib/terminfo/74/tty5620-1
-usr/lib/terminfo/74/tty5620-24
-usr/lib/terminfo/74/tty5620-34
-usr/lib/terminfo/74/tty5620-s
-usr/lib/terminfo/74/ttydmd
-usr/lib/terminfo/74/tvi803
-usr/lib/terminfo/74/tvi9065
-usr/lib/terminfo/74/tvi910
-usr/lib/terminfo/74/tvi910+
-usr/lib/terminfo/74/tvi912
-usr/lib/terminfo/74/tvi912b
-usr/lib/terminfo/74/tvi912b+2p
-usr/lib/terminfo/74/tvi912b+dim
-usr/lib/terminfo/74/tvi912b+mc
-usr/lib/terminfo/74/tvi912b+printer
-usr/lib/terminfo/74/tvi912b+vb
-usr/lib/terminfo/74/tvi912b-2p
-usr/lib/terminfo/74/tvi912b-2p-mc
-usr/lib/terminfo/74/tvi912b-2p-p
-usr/lib/terminfo/74/tvi912b-2p-unk
-usr/lib/terminfo/74/tvi912b-mc
-usr/lib/terminfo/74/tvi912b-mc-2p
-usr/lib/terminfo/74/tvi912b-mc-vb
-usr/lib/terminfo/74/tvi912b-p
-usr/lib/terminfo/74/tvi912b-p-2p
-usr/lib/terminfo/74/tvi912b-p-vb
-usr/lib/terminfo/74/tvi912b-unk
-usr/lib/terminfo/74/tvi912b-unk-2p
-usr/lib/terminfo/74/tvi912b-unk-vb
-usr/lib/terminfo/74/tvi912b-vb
-usr/lib/terminfo/74/tvi912b-vb-mc
-usr/lib/terminfo/74/tvi912b-vb-p
-usr/lib/terminfo/74/tvi912b-vb-unk
-usr/lib/terminfo/74/tvi912c
-usr/lib/terminfo/74/tvi912c-2p
-usr/lib/terminfo/74/tvi912c-2p-mc
-usr/lib/terminfo/74/tvi912c-2p-p
-usr/lib/terminfo/74/tvi912c-2p-unk
-usr/lib/terminfo/74/tvi912c-mc
-usr/lib/terminfo/74/tvi912c-mc-2p
-usr/lib/terminfo/74/tvi912c-mc-vb
-usr/lib/terminfo/74/tvi912c-p
-usr/lib/terminfo/74/tvi912c-p-2p
-usr/lib/terminfo/74/tvi912c-p-vb
-usr/lib/terminfo/74/tvi912c-unk
-usr/lib/terminfo/74/tvi912c-unk-2p
-usr/lib/terminfo/74/tvi912c-unk-vb
-usr/lib/terminfo/74/tvi912c-vb
-usr/lib/terminfo/74/tvi912c-vb-mc
-usr/lib/terminfo/74/tvi912c-vb-p
-usr/lib/terminfo/74/tvi912c-vb-unk
-usr/lib/terminfo/74/tvi912cc
-usr/lib/terminfo/74/tvi914
-usr/lib/terminfo/74/tvi920
-usr/lib/terminfo/74/tvi920b
-usr/lib/terminfo/74/tvi920b+fn
-usr/lib/terminfo/74/tvi920b-2p
-usr/lib/terminfo/74/tvi920b-2p-mc
-usr/lib/terminfo/74/tvi920b-2p-p
-usr/lib/terminfo/74/tvi920b-2p-unk
-usr/lib/terminfo/74/tvi920b-mc
-usr/lib/terminfo/74/tvi920b-mc-2p
-usr/lib/terminfo/74/tvi920b-mc-vb
-usr/lib/terminfo/74/tvi920b-p
-usr/lib/terminfo/74/tvi920b-p-2p
-usr/lib/terminfo/74/tvi920b-p-vb
-usr/lib/terminfo/74/tvi920b-unk
-usr/lib/terminfo/74/tvi920b-unk-2p
-usr/lib/terminfo/74/tvi920b-unk-vb
-usr/lib/terminfo/74/tvi920b-vb
-usr/lib/terminfo/74/tvi920b-vb-mc
-usr/lib/terminfo/74/tvi920b-vb-p
-usr/lib/terminfo/74/tvi920b-vb-unk
-usr/lib/terminfo/74/tvi920c
-usr/lib/terminfo/74/tvi920c-2p
-usr/lib/terminfo/74/tvi920c-2p-mc
-usr/lib/terminfo/74/tvi920c-2p-p
-usr/lib/terminfo/74/tvi920c-2p-unk
-usr/lib/terminfo/74/tvi920c-mc
-usr/lib/terminfo/74/tvi920c-mc-2p
-usr/lib/terminfo/74/tvi920c-mc-vb
-usr/lib/terminfo/74/tvi920c-p
-usr/lib/terminfo/74/tvi920c-p-2p
-usr/lib/terminfo/74/tvi920c-p-vb
-usr/lib/terminfo/74/tvi920c-unk
-usr/lib/terminfo/74/tvi920c-unk-2p
-usr/lib/terminfo/74/tvi920c-unk-vb
-usr/lib/terminfo/74/tvi920c-vb
-usr/lib/terminfo/74/tvi920c-vb-mc
-usr/lib/terminfo/74/tvi920c-vb-p
-usr/lib/terminfo/74/tvi920c-vb-unk
-usr/lib/terminfo/74/tvi921
-usr/lib/terminfo/74/tvi924
-usr/lib/terminfo/74/tvi925
-usr/lib/terminfo/74/tvi925-hi
-usr/lib/terminfo/74/tvi92B
-usr/lib/terminfo/74/tvi92D
-usr/lib/terminfo/74/tvi950
-usr/lib/terminfo/74/tvi950-2p
-usr/lib/terminfo/74/tvi950-4p
-usr/lib/terminfo/74/tvi950-rv
-usr/lib/terminfo/74/tvi950-rv-2p
-usr/lib/terminfo/74/tvi950-rv-4p
-usr/lib/terminfo/74/tvi955
-usr/lib/terminfo/74/tvi955-hb
-usr/lib/terminfo/74/tvi955-w
-usr/lib/terminfo/74/tvi970
-usr/lib/terminfo/74/tvi970-2p
-usr/lib/terminfo/74/tvi970-vb
-usr/lib/terminfo/74/tvipt
-usr/lib/terminfo/74/tw100
-usr/lib/terminfo/74/tw52
-usr/lib/terminfo/74/tw52-color
-usr/lib/terminfo/74/tw52-m
-usr/lib/terminfo/74/tws-generic
-usr/lib/terminfo/74/tws2102-sna
-usr/lib/terminfo/74/tws2103
-usr/lib/terminfo/74/tws2103-sna
-usr/lib/terminfo/75/
-usr/lib/terminfo/75/ultima2
-usr/lib/terminfo/75/ultimaII
-usr/lib/terminfo/75/uniterm
-usr/lib/terminfo/75/uniterm49
-usr/lib/terminfo/75/unixpc
-usr/lib/terminfo/75/unknown
-usr/lib/terminfo/75/uts30
-usr/lib/terminfo/75/uwin
-usr/lib/terminfo/76/
-usr/lib/terminfo/76/v200-nam
-usr/lib/terminfo/76/v320n
-usr/lib/terminfo/76/v3220
-usr/lib/terminfo/76/v5410
-usr/lib/terminfo/76/vanilla
-usr/lib/terminfo/76/vapple
-usr/lib/terminfo/76/vc103
-usr/lib/terminfo/76/vc203
-usr/lib/terminfo/76/vc303
-usr/lib/terminfo/76/vc303a
-usr/lib/terminfo/76/vc403a
-usr/lib/terminfo/76/vc404
-usr/lib/terminfo/76/vc404-s
-usr/lib/terminfo/76/vc414
-usr/lib/terminfo/76/vc414h
-usr/lib/terminfo/76/vc415
-usr/lib/terminfo/76/venix
-usr/lib/terminfo/76/versaterm
-usr/lib/terminfo/76/vi200
-usr/lib/terminfo/76/vi200-f
-usr/lib/terminfo/76/vi200-rv
-usr/lib/terminfo/76/vi300
-usr/lib/terminfo/76/vi300-old
-usr/lib/terminfo/76/vi50
-usr/lib/terminfo/76/vi500
-usr/lib/terminfo/76/vi50adm
-usr/lib/terminfo/76/vi55
-usr/lib/terminfo/76/vi550
-usr/lib/terminfo/76/vi603
-usr/lib/terminfo/76/viewdata
-usr/lib/terminfo/76/viewdata-o
-usr/lib/terminfo/76/viewdata-rv
-usr/lib/terminfo/76/viewpoint
-usr/lib/terminfo/76/viewpoint3a+
-usr/lib/terminfo/76/viewpoint60
-usr/lib/terminfo/76/viewpoint90
-usr/lib/terminfo/76/vip
-usr/lib/terminfo/76/vip-H
-usr/lib/terminfo/76/vip-Hw
-usr/lib/terminfo/76/vip-w
-usr/lib/terminfo/76/vip7800-H
-usr/lib/terminfo/76/vip7800-Hw
-usr/lib/terminfo/76/vip7800-w
-usr/lib/terminfo/76/visa50
-usr/lib/terminfo/76/visual603
-usr/lib/terminfo/76/vitty
-usr/lib/terminfo/76/vk100
-usr/lib/terminfo/76/vp3a+
-usr/lib/terminfo/76/vp60
-usr/lib/terminfo/76/vp90
-usr/lib/terminfo/76/vremote
-usr/lib/terminfo/76/vs100
-usr/lib/terminfo/76/vs100-x10
-usr/lib/terminfo/76/vsc
-usr/lib/terminfo/76/vt-61
-usr/lib/terminfo/76/vt-utf8
-usr/lib/terminfo/76/vt100
-usr/lib/terminfo/76/vt100+
-usr/lib/terminfo/76/vt100+4bsd
-usr/lib/terminfo/76/vt100+enq
-usr/lib/terminfo/76/vt100+fnkeys
-usr/lib/terminfo/76/vt100+keypad
-usr/lib/terminfo/76/vt100+pfkeys
-usr/lib/terminfo/76/vt100-am
-usr/lib/terminfo/76/vt100-bm
-usr/lib/terminfo/76/vt100-bm-o
-usr/lib/terminfo/76/vt100-bot-s
-usr/lib/terminfo/76/vt100-nam
-usr/lib/terminfo/76/vt100-nam-w
-usr/lib/terminfo/76/vt100-nav
-usr/lib/terminfo/76/vt100-nav-w
-usr/lib/terminfo/76/vt100-putty
-usr/lib/terminfo/76/vt100-s
-usr/lib/terminfo/76/vt100-s-bot
-usr/lib/terminfo/76/vt100-s-top
-usr/lib/terminfo/76/vt100-top-s
-usr/lib/terminfo/76/vt100-vb
-usr/lib/terminfo/76/vt100-w
-usr/lib/terminfo/76/vt100-w-am
-usr/lib/terminfo/76/vt100-w-nam
-usr/lib/terminfo/76/vt100-w-nav
-usr/lib/terminfo/76/vt100nam
-usr/lib/terminfo/76/vt102
-usr/lib/terminfo/76/vt102+enq
-usr/lib/terminfo/76/vt102-nsgr
-usr/lib/terminfo/76/vt102-w
-usr/lib/terminfo/76/vt125
-usr/lib/terminfo/76/vt131
-usr/lib/terminfo/76/vt132
-usr/lib/terminfo/76/vt200
-usr/lib/terminfo/76/vt200-8
-usr/lib/terminfo/76/vt200-8bit
-usr/lib/terminfo/76/vt200-js
-usr/lib/terminfo/76/vt200-old
-usr/lib/terminfo/76/vt200-w
-usr/lib/terminfo/76/vt220
-usr/lib/terminfo/76/vt220+keypad
-usr/lib/terminfo/76/vt220-8
-usr/lib/terminfo/76/vt220-8bit
-usr/lib/terminfo/76/vt220-js
-usr/lib/terminfo/76/vt220-nam
-usr/lib/terminfo/76/vt220-old
-usr/lib/terminfo/76/vt220-w
-usr/lib/terminfo/76/vt220d
-usr/lib/terminfo/76/vt300
-usr/lib/terminfo/76/vt300-nam
-usr/lib/terminfo/76/vt300-w
-usr/lib/terminfo/76/vt300-w-nam
-usr/lib/terminfo/76/vt320
-usr/lib/terminfo/76/vt320-k3
-usr/lib/terminfo/76/vt320-k311
-usr/lib/terminfo/76/vt320-nam
-usr/lib/terminfo/76/vt320-w
-usr/lib/terminfo/76/vt320-w-nam
-usr/lib/terminfo/76/vt320nam
-usr/lib/terminfo/76/vt330
-usr/lib/terminfo/76/vt340
-usr/lib/terminfo/76/vt400
-usr/lib/terminfo/76/vt400-24
-usr/lib/terminfo/76/vt420
-usr/lib/terminfo/76/vt420f
-usr/lib/terminfo/76/vt420pc
-usr/lib/terminfo/76/vt420pcdos
-usr/lib/terminfo/76/vt50
-usr/lib/terminfo/76/vt50h
-usr/lib/terminfo/76/vt510
-usr/lib/terminfo/76/vt510pc
-usr/lib/terminfo/76/vt510pcdos
-usr/lib/terminfo/76/vt52
-usr/lib/terminfo/76/vt520
-usr/lib/terminfo/76/vt520ansi
-usr/lib/terminfo/76/vt525
-usr/lib/terminfo/76/vt61
-usr/lib/terminfo/76/vt61.5
-usr/lib/terminfo/76/vte
-usr/lib/terminfo/76/vte+pcfkeys
-usr/lib/terminfo/76/vte-2007
-usr/lib/terminfo/76/vte-2008
-usr/lib/terminfo/76/vte-2012
-usr/lib/terminfo/76/vte-2014
-usr/lib/terminfo/76/vte-2017
-usr/lib/terminfo/76/vte-256color
-usr/lib/terminfo/76/vte-direct
-usr/lib/terminfo/76/vtnt
-usr/lib/terminfo/76/vv100
-usr/lib/terminfo/76/vwmterm
-usr/lib/terminfo/77/
-usr/lib/terminfo/77/wren
-usr/lib/terminfo/77/wrenw
-usr/lib/terminfo/77/wsiris
-usr/lib/terminfo/77/wsvt25
-usr/lib/terminfo/77/wsvt25m
-usr/lib/terminfo/77/wy-75ap
-usr/lib/terminfo/77/wy-99fgt
-usr/lib/terminfo/77/wy-99fgta
-usr/lib/terminfo/77/wy100
-usr/lib/terminfo/77/wy100q
-usr/lib/terminfo/77/wy120
-usr/lib/terminfo/77/wy120-25
-usr/lib/terminfo/77/wy120-25-w
-usr/lib/terminfo/77/wy120-vb
-usr/lib/terminfo/77/wy120-w
-usr/lib/terminfo/77/wy120-w-vb
-usr/lib/terminfo/77/wy120-wvb
-usr/lib/terminfo/77/wy150
-usr/lib/terminfo/77/wy150-25
-usr/lib/terminfo/77/wy150-25-w
-usr/lib/terminfo/77/wy150-vb
-usr/lib/terminfo/77/wy150-w
-usr/lib/terminfo/77/wy150-w-vb
-usr/lib/terminfo/77/wy160
-usr/lib/terminfo/77/wy160-25
-usr/lib/terminfo/77/wy160-25-w
-usr/lib/terminfo/77/wy160-42
-usr/lib/terminfo/77/wy160-42-w
-usr/lib/terminfo/77/wy160-43
-usr/lib/terminfo/77/wy160-43-w
-usr/lib/terminfo/77/wy160-tek
-usr/lib/terminfo/77/wy160-vb
-usr/lib/terminfo/77/wy160-w
-usr/lib/terminfo/77/wy160-w-vb
-usr/lib/terminfo/77/wy160-wvb
-usr/lib/terminfo/77/wy185
-usr/lib/terminfo/77/wy185-24
-usr/lib/terminfo/77/wy185-vb
-usr/lib/terminfo/77/wy185-w
-usr/lib/terminfo/77/wy185-wvb
-usr/lib/terminfo/77/wy30
-usr/lib/terminfo/77/wy30-mc
-usr/lib/terminfo/77/wy30-vb
-usr/lib/terminfo/77/wy325
-usr/lib/terminfo/77/wy325-25
-usr/lib/terminfo/77/wy325-25w
-usr/lib/terminfo/77/wy325-42
-usr/lib/terminfo/77/wy325-42w
-usr/lib/terminfo/77/wy325-42w-vb
-usr/lib/terminfo/77/wy325-42wvb
-usr/lib/terminfo/77/wy325-43
-usr/lib/terminfo/77/wy325-43w
-usr/lib/terminfo/77/wy325-43w-vb
-usr/lib/terminfo/77/wy325-43wvb
-usr/lib/terminfo/77/wy325-80
-usr/lib/terminfo/77/wy325-vb
-usr/lib/terminfo/77/wy325-w
-usr/lib/terminfo/77/wy325-w-vb
-usr/lib/terminfo/77/wy325-wvb
-usr/lib/terminfo/77/wy325w-24
-usr/lib/terminfo/77/wy350
-usr/lib/terminfo/77/wy350-vb
-usr/lib/terminfo/77/wy350-w
-usr/lib/terminfo/77/wy350-wvb
-usr/lib/terminfo/77/wy370
-usr/lib/terminfo/77/wy370-101k
-usr/lib/terminfo/77/wy370-105k
-usr/lib/terminfo/77/wy370-EPC
-usr/lib/terminfo/77/wy370-nk
-usr/lib/terminfo/77/wy370-rv
-usr/lib/terminfo/77/wy370-tek
-usr/lib/terminfo/77/wy370-vb
-usr/lib/terminfo/77/wy370-w
-usr/lib/terminfo/77/wy370-wvb
-usr/lib/terminfo/77/wy50
-usr/lib/terminfo/77/wy50-mc
-usr/lib/terminfo/77/wy50-vb
-usr/lib/terminfo/77/wy50-w
-usr/lib/terminfo/77/wy50-wvb
-usr/lib/terminfo/77/wy520
-usr/lib/terminfo/77/wy520-24
-usr/lib/terminfo/77/wy520-36
-usr/lib/terminfo/77/wy520-36pc
-usr/lib/terminfo/77/wy520-36w
-usr/lib/terminfo/77/wy520-36wpc
-usr/lib/terminfo/77/wy520-48
-usr/lib/terminfo/77/wy520-48pc
-usr/lib/terminfo/77/wy520-48w
-usr/lib/terminfo/77/wy520-48wpc
-usr/lib/terminfo/77/wy520-epc
-usr/lib/terminfo/77/wy520-epc-24
-usr/lib/terminfo/77/wy520-epc-vb
-usr/lib/terminfo/77/wy520-epc-w
-usr/lib/terminfo/77/wy520-epc-wvb
-usr/lib/terminfo/77/wy520-vb
-usr/lib/terminfo/77/wy520-w
-usr/lib/terminfo/77/wy520-wvb
-usr/lib/terminfo/77/wy60
-usr/lib/terminfo/77/wy60-25
-usr/lib/terminfo/77/wy60-25-w
-usr/lib/terminfo/77/wy60-316X
-usr/lib/terminfo/77/wy60-42
-usr/lib/terminfo/77/wy60-42-w
-usr/lib/terminfo/77/wy60-43
-usr/lib/terminfo/77/wy60-43-w
-usr/lib/terminfo/77/wy60-AT
-usr/lib/terminfo/77/wy60-PC
-usr/lib/terminfo/77/wy60-vb
-usr/lib/terminfo/77/wy60-w
-usr/lib/terminfo/77/wy60-w-vb
-usr/lib/terminfo/77/wy60-wvb
-usr/lib/terminfo/77/wy75
-usr/lib/terminfo/77/wy75-mc
-usr/lib/terminfo/77/wy75-vb
-usr/lib/terminfo/77/wy75-w
-usr/lib/terminfo/77/wy75-wvb
-usr/lib/terminfo/77/wy75ap
-usr/lib/terminfo/77/wy85
-usr/lib/terminfo/77/wy85-8bit
-usr/lib/terminfo/77/wy85-vb
-usr/lib/terminfo/77/wy85-w
-usr/lib/terminfo/77/wy85-wvb
-usr/lib/terminfo/77/wy99-ansi
-usr/lib/terminfo/77/wy99a-ansi
-usr/lib/terminfo/77/wy99f
-usr/lib/terminfo/77/wy99fa
-usr/lib/terminfo/77/wy99fgt
-usr/lib/terminfo/77/wy99fgta
-usr/lib/terminfo/77/wy99gt
-usr/lib/terminfo/77/wy99gt-25
-usr/lib/terminfo/77/wy99gt-25-w
-usr/lib/terminfo/77/wy99gt-tek
-usr/lib/terminfo/77/wy99gt-vb
-usr/lib/terminfo/77/wy99gt-w
-usr/lib/terminfo/77/wy99gt-w-vb
-usr/lib/terminfo/77/wy99gt-wvb
-usr/lib/terminfo/77/wyse-325
-usr/lib/terminfo/77/wyse-75ap
-usr/lib/terminfo/77/wyse-vp
-usr/lib/terminfo/77/wyse120
-usr/lib/terminfo/77/wyse120-25
-usr/lib/terminfo/77/wyse120-25-w
-usr/lib/terminfo/77/wyse120-vb
-usr/lib/terminfo/77/wyse120-w
-usr/lib/terminfo/77/wyse120-wvb
-usr/lib/terminfo/77/wyse150
-usr/lib/terminfo/77/wyse150-25
-usr/lib/terminfo/77/wyse150-25-w
-usr/lib/terminfo/77/wyse150-vb
-usr/lib/terminfo/77/wyse150-w
-usr/lib/terminfo/77/wyse150-w-vb
-usr/lib/terminfo/77/wyse160
-usr/lib/terminfo/77/wyse160-25
-usr/lib/terminfo/77/wyse160-25-w
-usr/lib/terminfo/77/wyse160-42
-usr/lib/terminfo/77/wyse160-42-w
-usr/lib/terminfo/77/wyse160-43
-usr/lib/terminfo/77/wyse160-43-w
-usr/lib/terminfo/77/wyse160-vb
-usr/lib/terminfo/77/wyse160-w
-usr/lib/terminfo/77/wyse160-wvb
-usr/lib/terminfo/77/wyse185
-usr/lib/terminfo/77/wyse185-24
-usr/lib/terminfo/77/wyse185-vb
-usr/lib/terminfo/77/wyse185-w
-usr/lib/terminfo/77/wyse185-wvb
-usr/lib/terminfo/77/wyse30
-usr/lib/terminfo/77/wyse30-mc
-usr/lib/terminfo/77/wyse30-vb
-usr/lib/terminfo/77/wyse325
-usr/lib/terminfo/77/wyse325-25
-usr/lib/terminfo/77/wyse325-25w
-usr/lib/terminfo/77/wyse325-42
-usr/lib/terminfo/77/wyse325-42w
-usr/lib/terminfo/77/wyse325-43
-usr/lib/terminfo/77/wyse325-43w
-usr/lib/terminfo/77/wyse325-vb
-usr/lib/terminfo/77/wyse325-w
-usr/lib/terminfo/77/wyse325-wvb
-usr/lib/terminfo/77/wyse350
-usr/lib/terminfo/77/wyse350-vb
-usr/lib/terminfo/77/wyse350-w
-usr/lib/terminfo/77/wyse350-wvb
-usr/lib/terminfo/77/wyse370
-usr/lib/terminfo/77/wyse50
-usr/lib/terminfo/77/wyse50-mc
-usr/lib/terminfo/77/wyse50-vb
-usr/lib/terminfo/77/wyse50-w
-usr/lib/terminfo/77/wyse50-wvb
-usr/lib/terminfo/77/wyse520
-usr/lib/terminfo/77/wyse520-24
-usr/lib/terminfo/77/wyse520-36
-usr/lib/terminfo/77/wyse520-36pc
-usr/lib/terminfo/77/wyse520-36w
-usr/lib/terminfo/77/wyse520-36wpc
-usr/lib/terminfo/77/wyse520-48
-usr/lib/terminfo/77/wyse520-48pc
-usr/lib/terminfo/77/wyse520-48w
-usr/lib/terminfo/77/wyse520-48wpc
-usr/lib/terminfo/77/wyse520-epc
-usr/lib/terminfo/77/wyse520-epc-w
-usr/lib/terminfo/77/wyse520-p-wvb
-usr/lib/terminfo/77/wyse520-pc-24
-usr/lib/terminfo/77/wyse520-pc-vb
-usr/lib/terminfo/77/wyse520-vb
-usr/lib/terminfo/77/wyse520-w
-usr/lib/terminfo/77/wyse520-wvb
-usr/lib/terminfo/77/wyse60
-usr/lib/terminfo/77/wyse60-25
-usr/lib/terminfo/77/wyse60-25-w
-usr/lib/terminfo/77/wyse60-316X
-usr/lib/terminfo/77/wyse60-42
-usr/lib/terminfo/77/wyse60-42-w
-usr/lib/terminfo/77/wyse60-43
-usr/lib/terminfo/77/wyse60-43-w
-usr/lib/terminfo/77/wyse60-AT
-usr/lib/terminfo/77/wyse60-PC
-usr/lib/terminfo/77/wyse60-vb
-usr/lib/terminfo/77/wyse60-w
-usr/lib/terminfo/77/wyse60-wvb
-usr/lib/terminfo/77/wyse75
-usr/lib/terminfo/77/wyse75-mc
-usr/lib/terminfo/77/wyse75-vb
-usr/lib/terminfo/77/wyse75-w
-usr/lib/terminfo/77/wyse75-wvb
-usr/lib/terminfo/77/wyse75ap
-usr/lib/terminfo/77/wyse85
-usr/lib/terminfo/77/wyse85-8bit
-usr/lib/terminfo/77/wyse85-vb
-usr/lib/terminfo/77/wyse85-w
-usr/lib/terminfo/77/wyse85-wvb
-usr/lib/terminfo/77/wyse99gt
-usr/lib/terminfo/77/wyse99gt-25
-usr/lib/terminfo/77/wyse99gt-25-w
-usr/lib/terminfo/77/wyse99gt-vb
-usr/lib/terminfo/77/wyse99gt-w
-usr/lib/terminfo/77/wyse99gt-wvb
-usr/lib/terminfo/78/
-usr/lib/terminfo/78/x10term
-usr/lib/terminfo/78/x1700
-usr/lib/terminfo/78/x1700-lm
-usr/lib/terminfo/78/x1720
-usr/lib/terminfo/78/x1750
-usr/lib/terminfo/78/x68k
-usr/lib/terminfo/78/x68k-ite
-usr/lib/terminfo/78/x820
-usr/lib/terminfo/78/xdku
-usr/lib/terminfo/78/xenix
-usr/lib/terminfo/78/xerox
-usr/lib/terminfo/78/xerox-lm
-usr/lib/terminfo/78/xerox1720
-usr/lib/terminfo/78/xerox820
-usr/lib/terminfo/78/xfce
-usr/lib/terminfo/78/xiterm
-usr/lib/terminfo/78/xl83
-usr/lib/terminfo/78/xnuppc
-usr/lib/terminfo/78/xnuppc+100x37
-usr/lib/terminfo/78/xnuppc+112x37
-usr/lib/terminfo/78/xnuppc+128x40
-usr/lib/terminfo/78/xnuppc+128x48
-usr/lib/terminfo/78/xnuppc+144x48
-usr/lib/terminfo/78/xnuppc+160x64
-usr/lib/terminfo/78/xnuppc+200x64
-usr/lib/terminfo/78/xnuppc+200x75
-usr/lib/terminfo/78/xnuppc+256x96
-usr/lib/terminfo/78/xnuppc+80x25
-usr/lib/terminfo/78/xnuppc+80x30
-usr/lib/terminfo/78/xnuppc+90x30
-usr/lib/terminfo/78/xnuppc+b
-usr/lib/terminfo/78/xnuppc+basic
-usr/lib/terminfo/78/xnuppc+c
-usr/lib/terminfo/78/xnuppc+f
-usr/lib/terminfo/78/xnuppc+f2
-usr/lib/terminfo/78/xnuppc-100x37
-usr/lib/terminfo/78/xnuppc-100x37-m
-usr/lib/terminfo/78/xnuppc-112x37
-usr/lib/terminfo/78/xnuppc-112x37-m
-usr/lib/terminfo/78/xnuppc-128x40
-usr/lib/terminfo/78/xnuppc-128x40-m
-usr/lib/terminfo/78/xnuppc-128x48
-usr/lib/terminfo/78/xnuppc-128x48-m
-usr/lib/terminfo/78/xnuppc-144x48
-usr/lib/terminfo/78/xnuppc-144x48-m
-usr/lib/terminfo/78/xnuppc-160x64
-usr/lib/terminfo/78/xnuppc-160x64-m
-usr/lib/terminfo/78/xnuppc-200x64
-usr/lib/terminfo/78/xnuppc-200x64-m
-usr/lib/terminfo/78/xnuppc-200x75
-usr/lib/terminfo/78/xnuppc-200x75-m
-usr/lib/terminfo/78/xnuppc-256x96
-usr/lib/terminfo/78/xnuppc-256x96-m
-usr/lib/terminfo/78/xnuppc-80x25
-usr/lib/terminfo/78/xnuppc-80x25-m
-usr/lib/terminfo/78/xnuppc-80x30
-usr/lib/terminfo/78/xnuppc-80x30-m
-usr/lib/terminfo/78/xnuppc-90x30
-usr/lib/terminfo/78/xnuppc-90x30-m
-usr/lib/terminfo/78/xnuppc-b
-usr/lib/terminfo/78/xnuppc-f
-usr/lib/terminfo/78/xnuppc-f2
-usr/lib/terminfo/78/xnuppc-m
-usr/lib/terminfo/78/xnuppc-m-b
-usr/lib/terminfo/78/xnuppc-m-f
-usr/lib/terminfo/78/xnuppc-m-f2
-usr/lib/terminfo/78/xtalk
-usr/lib/terminfo/78/xterm
-usr/lib/terminfo/78/xterm+256color
-usr/lib/terminfo/78/xterm+256setaf
-usr/lib/terminfo/78/xterm+88color
-usr/lib/terminfo/78/xterm+alt+title
-usr/lib/terminfo/78/xterm+alt1049
-usr/lib/terminfo/78/xterm+app
-usr/lib/terminfo/78/xterm+direct
-usr/lib/terminfo/78/xterm+direct2
-usr/lib/terminfo/78/xterm+edit
-usr/lib/terminfo/78/xterm+indirect
-usr/lib/terminfo/78/xterm+kbs
-usr/lib/terminfo/78/xterm+noalt
-usr/lib/terminfo/78/xterm+noapp
-usr/lib/terminfo/78/xterm+pc+edit
-usr/lib/terminfo/78/xterm+pcc0
-usr/lib/terminfo/78/xterm+pcc1
-usr/lib/terminfo/78/xterm+pcc2
-usr/lib/terminfo/78/xterm+pcc3
-usr/lib/terminfo/78/xterm+pce2
-usr/lib/terminfo/78/xterm+pcf0
-usr/lib/terminfo/78/xterm+pcf2
-usr/lib/terminfo/78/xterm+pcfkeys
-usr/lib/terminfo/78/xterm+r6f2
-usr/lib/terminfo/78/xterm+sl
-usr/lib/terminfo/78/xterm+sl-twm
-usr/lib/terminfo/78/xterm+sm+1002
-usr/lib/terminfo/78/xterm+sm+1003
-usr/lib/terminfo/78/xterm+sm+1005
-usr/lib/terminfo/78/xterm+sm+1006
-usr/lib/terminfo/78/xterm+titlestack
-usr/lib/terminfo/78/xterm+tmux
-usr/lib/terminfo/78/xterm+vt+edit
-usr/lib/terminfo/78/xterm+x10mouse
-usr/lib/terminfo/78/xterm+x11hilite
-usr/lib/terminfo/78/xterm+x11mouse
-usr/lib/terminfo/78/xterm-1002
-usr/lib/terminfo/78/xterm-1003
-usr/lib/terminfo/78/xterm-1005
-usr/lib/terminfo/78/xterm-1006
-usr/lib/terminfo/78/xterm-16color
-usr/lib/terminfo/78/xterm-24
-usr/lib/terminfo/78/xterm-256color
-usr/lib/terminfo/78/xterm-88color
-usr/lib/terminfo/78/xterm-8bit
-usr/lib/terminfo/78/xterm-basic
-usr/lib/terminfo/78/xterm-bold
-usr/lib/terminfo/78/xterm-color
-usr/lib/terminfo/78/xterm-direct
-usr/lib/terminfo/78/xterm-direct2
-usr/lib/terminfo/78/xterm-hp
-usr/lib/terminfo/78/xterm-new
-usr/lib/terminfo/78/xterm-nic
-usr/lib/terminfo/78/xterm-noapp
-usr/lib/terminfo/78/xterm-old
-usr/lib/terminfo/78/xterm-pcolor
-usr/lib/terminfo/78/xterm-r5
-usr/lib/terminfo/78/xterm-r6
-usr/lib/terminfo/78/xterm-sco
-usr/lib/terminfo/78/xterm-sun
-usr/lib/terminfo/78/xterm-utf8
-usr/lib/terminfo/78/xterm-vt220
-usr/lib/terminfo/78/xterm-vt52
-usr/lib/terminfo/78/xterm-x10mouse
-usr/lib/terminfo/78/xterm-x11hilite
-usr/lib/terminfo/78/xterm-x11mouse
-usr/lib/terminfo/78/xterm-xf86-v32
-usr/lib/terminfo/78/xterm-xf86-v33
-usr/lib/terminfo/78/xterm-xf86-v333
-usr/lib/terminfo/78/xterm-xf86-v40
-usr/lib/terminfo/78/xterm-xf86-v43
-usr/lib/terminfo/78/xterm-xf86-v44
-usr/lib/terminfo/78/xterm-xfree86
-usr/lib/terminfo/78/xterm-xi
-usr/lib/terminfo/78/xterm1
-usr/lib/terminfo/78/xtermc
-usr/lib/terminfo/78/xtermm
-usr/lib/terminfo/78/xterms
-usr/lib/terminfo/78/xterms-sun
-usr/lib/terminfo/78/xwsh
-usr/lib/terminfo/7a/
-usr/lib/terminfo/7a/z-100
-usr/lib/terminfo/7a/z-100bw
-usr/lib/terminfo/7a/z100
-usr/lib/terminfo/7a/z100bw
-usr/lib/terminfo/7a/z110
-usr/lib/terminfo/7a/z110bw
-usr/lib/terminfo/7a/z19
-usr/lib/terminfo/7a/z29
-usr/lib/terminfo/7a/z29a
-usr/lib/terminfo/7a/z29a-kc-bc
-usr/lib/terminfo/7a/z29a-kc-uc
-usr/lib/terminfo/7a/z29a-nkc-bc
-usr/lib/terminfo/7a/z29a-nkc-uc
-usr/lib/terminfo/7a/z29b
-usr/lib/terminfo/7a/z30
-usr/lib/terminfo/7a/z340
-usr/lib/terminfo/7a/z340-nam
-usr/lib/terminfo/7a/z39-a
-usr/lib/terminfo/7a/z39a
-usr/lib/terminfo/7a/z50
-usr/lib/terminfo/7a/z8001
-usr/lib/terminfo/7a/zen30
-usr/lib/terminfo/7a/zen50
-usr/lib/terminfo/7a/zen8001
-usr/lib/terminfo/7a/zenith
-usr/lib/terminfo/7a/zenith29
-usr/lib/terminfo/7a/zenith39-a
-usr/lib/terminfo/7a/zenith39-ansi
-usr/lib/terminfo/7a/zt-1
-usr/lib/terminfo/7a/ztx
-usr/lib/terminfo/7a/ztx-1-a
-usr/lib/terminfo/7a/ztx11
-usr/share/
-usr/share/licenses/
-usr/share/licenses/ncurses/
-usr/share/licenses/ncurses/license.txt
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/captoinfo.1m.gz
-usr/share/man/man1/clear.1.gz
-usr/share/man/man1/infocmp.1m.gz
-usr/share/man/man1/infotocap.1m.gz
-usr/share/man/man1/ncursesw6-config.1.gz
-usr/share/man/man1/reset.1.gz
-usr/share/man/man1/tabs.1.gz
-usr/share/man/man1/tic.1m.gz
-usr/share/man/man1/toe.1m.gz
-usr/share/man/man1/tput.1.gz
-usr/share/man/man1/tset.1.gz
-usr/share/man/man3/
-usr/share/man/man3/BC.3x.gz
-usr/share/man/man3/COLORS.3x.gz
-usr/share/man/man3/COLOR_PAIR.3x.gz
-usr/share/man/man3/COLOR_PAIRS.3x.gz
-usr/share/man/man3/COLS.3x.gz
-usr/share/man/man3/ESCDELAY.3x.gz
-usr/share/man/man3/LINES.3x.gz
-usr/share/man/man3/PAIR_NUMBER.3x.gz
-usr/share/man/man3/PC.3x.gz
-usr/share/man/man3/SP.3x.gz
-usr/share/man/man3/TABSIZE.3x.gz
-usr/share/man/man3/TYPE_ALNUM.3x.gz
-usr/share/man/man3/TYPE_ALPHA.3x.gz
-usr/share/man/man3/TYPE_ENUM.3x.gz
-usr/share/man/man3/TYPE_INTEGER.3x.gz
-usr/share/man/man3/TYPE_IPV4.3x.gz
-usr/share/man/man3/TYPE_NUMERIC.3x.gz
-usr/share/man/man3/TYPE_REGEXP.3x.gz
-usr/share/man/man3/UP.3x.gz
-usr/share/man/man3/_nc_free_and_exit.3x.gz
-usr/share/man/man3/_nc_free_tinfo.3x.gz
-usr/share/man/man3/_nc_freeall.3x.gz
-usr/share/man/man3/_nc_tracebits.3x.gz
-usr/share/man/man3/_traceattr.3x.gz
-usr/share/man/man3/_traceattr2.3x.gz
-usr/share/man/man3/_tracecchar_t.3x.gz
-usr/share/man/man3/_tracecchar_t2.3x.gz
-usr/share/man/man3/_tracechar.3x.gz
-usr/share/man/man3/_tracechtype.3x.gz
-usr/share/man/man3/_tracechtype2.3x.gz
-usr/share/man/man3/_tracedump.3x.gz
-usr/share/man/man3/_tracef.3x.gz
-usr/share/man/man3/_tracemouse.3x.gz
-usr/share/man/man3/acs_map.3x.gz
-usr/share/man/man3/add_wch.3x.gz
-usr/share/man/man3/add_wchnstr.3x.gz
-usr/share/man/man3/add_wchstr.3x.gz
-usr/share/man/man3/addch.3x.gz
-usr/share/man/man3/addchnstr.3x.gz
-usr/share/man/man3/addchstr.3x.gz
-usr/share/man/man3/addnstr.3x.gz
-usr/share/man/man3/addnwstr.3x.gz
-usr/share/man/man3/addstr.3x.gz
-usr/share/man/man3/addwstr.3x.gz
-usr/share/man/man3/alloc_pair.3x.gz
-usr/share/man/man3/alloc_pair_sp.3x.gz
-usr/share/man/man3/assume_default_colors.3x.gz
-usr/share/man/man3/assume_default_colors_sp.3x.gz
-usr/share/man/man3/attr_get.3x.gz
-usr/share/man/man3/attr_off.3x.gz
-usr/share/man/man3/attr_on.3x.gz
-usr/share/man/man3/attr_set.3x.gz
-usr/share/man/man3/attroff.3x.gz
-usr/share/man/man3/attron.3x.gz
-usr/share/man/man3/attrset.3x.gz
-usr/share/man/man3/baudrate.3x.gz
-usr/share/man/man3/baudrate_sp.3x.gz
-usr/share/man/man3/beep.3x.gz
-usr/share/man/man3/beep_sp.3x.gz
-usr/share/man/man3/bkgd.3x.gz
-usr/share/man/man3/bkgdset.3x.gz
-usr/share/man/man3/bkgrnd.3x.gz
-usr/share/man/man3/bkgrndset.3x.gz
-usr/share/man/man3/boolcodes.3x.gz
-usr/share/man/man3/boolfnames.3x.gz
-usr/share/man/man3/boolnames.3x.gz
-usr/share/man/man3/border.3x.gz
-usr/share/man/man3/border_set.3x.gz
-usr/share/man/man3/bottom_panel.3x.gz
-usr/share/man/man3/box.3x.gz
-usr/share/man/man3/box_set.3x.gz
-usr/share/man/man3/can_change_color.3x.gz
-usr/share/man/man3/can_change_color_sp.3x.gz
-usr/share/man/man3/cbreak.3x.gz
-usr/share/man/man3/cbreak_sp.3x.gz
-usr/share/man/man3/ceiling_panel.3x.gz
-usr/share/man/man3/chgat.3x.gz
-usr/share/man/man3/clear.3x.gz
-usr/share/man/man3/clearok.3x.gz
-usr/share/man/man3/clrtobot.3x.gz
-usr/share/man/man3/clrtoeol.3x.gz
-usr/share/man/man3/color_content.3x.gz
-usr/share/man/man3/color_content_sp.3x.gz
-usr/share/man/man3/color_set.3x.gz
-usr/share/man/man3/copywin.3x.gz
-usr/share/man/man3/cur_term.3x.gz
-usr/share/man/man3/current_field.3x.gz
-usr/share/man/man3/current_item.3x.gz
-usr/share/man/man3/curs_add_wch.3x.gz
-usr/share/man/man3/curs_add_wchstr.3x.gz
-usr/share/man/man3/curs_addch.3x.gz
-usr/share/man/man3/curs_addchstr.3x.gz
-usr/share/man/man3/curs_addstr.3x.gz
-usr/share/man/man3/curs_addwstr.3x.gz
-usr/share/man/man3/curs_attr.3x.gz
-usr/share/man/man3/curs_beep.3x.gz
-usr/share/man/man3/curs_bkgd.3x.gz
-usr/share/man/man3/curs_bkgrnd.3x.gz
-usr/share/man/man3/curs_border.3x.gz
-usr/share/man/man3/curs_border_set.3x.gz
-usr/share/man/man3/curs_clear.3x.gz
-usr/share/man/man3/curs_color.3x.gz
-usr/share/man/man3/curs_delch.3x.gz
-usr/share/man/man3/curs_deleteln.3x.gz
-usr/share/man/man3/curs_extend.3x.gz
-usr/share/man/man3/curs_get_wch.3x.gz
-usr/share/man/man3/curs_get_wstr.3x.gz
-usr/share/man/man3/curs_getcchar.3x.gz
-usr/share/man/man3/curs_getch.3x.gz
-usr/share/man/man3/curs_getstr.3x.gz
-usr/share/man/man3/curs_getyx.3x.gz
-usr/share/man/man3/curs_in_wch.3x.gz
-usr/share/man/man3/curs_in_wchstr.3x.gz
-usr/share/man/man3/curs_inch.3x.gz
-usr/share/man/man3/curs_inchstr.3x.gz
-usr/share/man/man3/curs_initscr.3x.gz
-usr/share/man/man3/curs_inopts.3x.gz
-usr/share/man/man3/curs_ins_wch.3x.gz
-usr/share/man/man3/curs_ins_wstr.3x.gz
-usr/share/man/man3/curs_insch.3x.gz
-usr/share/man/man3/curs_insstr.3x.gz
-usr/share/man/man3/curs_instr.3x.gz
-usr/share/man/man3/curs_inwstr.3x.gz
-usr/share/man/man3/curs_kernel.3x.gz
-usr/share/man/man3/curs_legacy.3x.gz
-usr/share/man/man3/curs_memleaks.3x.gz
-usr/share/man/man3/curs_mouse.3x.gz
-usr/share/man/man3/curs_move.3x.gz
-usr/share/man/man3/curs_opaque.3x.gz
-usr/share/man/man3/curs_outopts.3x.gz
-usr/share/man/man3/curs_overlay.3x.gz
-usr/share/man/man3/curs_pad.3x.gz
-usr/share/man/man3/curs_print.3x.gz
-usr/share/man/man3/curs_printw.3x.gz
-usr/share/man/man3/curs_refresh.3x.gz
-usr/share/man/man3/curs_scanw.3x.gz
-usr/share/man/man3/curs_scr_dump.3x.gz
-usr/share/man/man3/curs_scroll.3x.gz
-usr/share/man/man3/curs_set.3x.gz
-usr/share/man/man3/curs_set_sp.3x.gz
-usr/share/man/man3/curs_slk.3x.gz
-usr/share/man/man3/curs_sp_funcs.3x.gz
-usr/share/man/man3/curs_termattrs.3x.gz
-usr/share/man/man3/curs_termcap.3x.gz
-usr/share/man/man3/curs_terminfo.3x.gz
-usr/share/man/man3/curs_threads.3x.gz
-usr/share/man/man3/curs_touch.3x.gz
-usr/share/man/man3/curs_trace.3x.gz
-usr/share/man/man3/curs_util.3x.gz
-usr/share/man/man3/curs_variables.3x.gz
-usr/share/man/man3/curs_window.3x.gz
-usr/share/man/man3/curscr.3x.gz
-usr/share/man/man3/curses.3x.gz
-usr/share/man/man3/curses_version.3x.gz
-usr/share/man/man3/data_ahead.3x.gz
-usr/share/man/man3/data_behind.3x.gz
-usr/share/man/man3/def_prog_mode.3x.gz
-usr/share/man/man3/def_prog_mode_sp.3x.gz
-usr/share/man/man3/def_shell_mode.3x.gz
-usr/share/man/man3/def_shell_mode_sp.3x.gz
-usr/share/man/man3/default_colors.3x.gz
-usr/share/man/man3/define_key.3x.gz
-usr/share/man/man3/define_key_sp.3x.gz
-usr/share/man/man3/del_curterm.3x.gz
-usr/share/man/man3/del_curterm_sp.3x.gz
-usr/share/man/man3/del_panel.3x.gz
-usr/share/man/man3/delay_output.3x.gz
-usr/share/man/man3/delay_output_sp.3x.gz
-usr/share/man/man3/delch.3x.gz
-usr/share/man/man3/deleteln.3x.gz
-usr/share/man/man3/delscreen.3x.gz
-usr/share/man/man3/delwin.3x.gz
-usr/share/man/man3/derwin.3x.gz
-usr/share/man/man3/doupdate.3x.gz
-usr/share/man/man3/doupdate_sp.3x.gz
-usr/share/man/man3/dup_field.3x.gz
-usr/share/man/man3/dupwin.3x.gz
-usr/share/man/man3/dynamic_field_info.3x.gz
-usr/share/man/man3/echo.3x.gz
-usr/share/man/man3/echo_sp.3x.gz
-usr/share/man/man3/echo_wchar.3x.gz
-usr/share/man/man3/echochar.3x.gz
-usr/share/man/man3/endwin.3x.gz
-usr/share/man/man3/endwin_sp.3x.gz
-usr/share/man/man3/erase.3x.gz
-usr/share/man/man3/erasechar.3x.gz
-usr/share/man/man3/erasechar_sp.3x.gz
-usr/share/man/man3/erasewchar.3x.gz
-usr/share/man/man3/extended_color_content.3x.gz
-usr/share/man/man3/extended_color_content_sp.3x.gz
-usr/share/man/man3/extended_pair_content.3x.gz
-usr/share/man/man3/extended_pair_content_sp.3x.gz
-usr/share/man/man3/extended_slk_color.3x.gz
-usr/share/man/man3/extended_slk_color_sp.3x.gz
-usr/share/man/man3/field_arg.3x.gz
-usr/share/man/man3/field_back.3x.gz
-usr/share/man/man3/field_buffer.3x.gz
-usr/share/man/man3/field_count.3x.gz
-usr/share/man/man3/field_fore.3x.gz
-usr/share/man/man3/field_index.3x.gz
-usr/share/man/man3/field_info.3x.gz
-usr/share/man/man3/field_init.3x.gz
-usr/share/man/man3/field_just.3x.gz
-usr/share/man/man3/field_opts.3x.gz
-usr/share/man/man3/field_opts_off.3x.gz
-usr/share/man/man3/field_opts_on.3x.gz
-usr/share/man/man3/field_pad.3x.gz
-usr/share/man/man3/field_status.3x.gz
-usr/share/man/man3/field_term.3x.gz
-usr/share/man/man3/field_type.3x.gz
-usr/share/man/man3/field_userptr.3x.gz
-usr/share/man/man3/filter.3x.gz
-usr/share/man/man3/filter_sp.3x.gz
-usr/share/man/man3/find_pair.3x.gz
-usr/share/man/man3/find_pair_sp.3x.gz
-usr/share/man/man3/flash.3x.gz
-usr/share/man/man3/flash_sp.3x.gz
-usr/share/man/man3/flushinp.3x.gz
-usr/share/man/man3/flushinp_sp.3x.gz
-usr/share/man/man3/form.3x.gz
-usr/share/man/man3/form_cursor.3x.gz
-usr/share/man/man3/form_data.3x.gz
-usr/share/man/man3/form_driver.3x.gz
-usr/share/man/man3/form_driver_w.3x.gz
-usr/share/man/man3/form_field.3x.gz
-usr/share/man/man3/form_field_attributes.3x.gz
-usr/share/man/man3/form_field_buffer.3x.gz
-usr/share/man/man3/form_field_info.3x.gz
-usr/share/man/man3/form_field_just.3x.gz
-usr/share/man/man3/form_field_new.3x.gz
-usr/share/man/man3/form_field_opts.3x.gz
-usr/share/man/man3/form_field_userptr.3x.gz
-usr/share/man/man3/form_field_validation.3x.gz
-usr/share/man/man3/form_fields.3x.gz
-usr/share/man/man3/form_fieldtype.3x.gz
-usr/share/man/man3/form_hook.3x.gz
-usr/share/man/man3/form_init.3x.gz
-usr/share/man/man3/form_new.3x.gz
-usr/share/man/man3/form_new_page.3x.gz
-usr/share/man/man3/form_opts.3x.gz
-usr/share/man/man3/form_opts_off.3x.gz
-usr/share/man/man3/form_opts_on.3x.gz
-usr/share/man/man3/form_page.3x.gz
-usr/share/man/man3/form_post.3x.gz
-usr/share/man/man3/form_request_by_name.3x.gz
-usr/share/man/man3/form_request_name.3x.gz
-usr/share/man/man3/form_requestname.3x.gz
-usr/share/man/man3/form_sub.3x.gz
-usr/share/man/man3/form_term.3x.gz
-usr/share/man/man3/form_userptr.3x.gz
-usr/share/man/man3/form_variables.3x.gz
-usr/share/man/man3/form_win.3x.gz
-usr/share/man/man3/free_field.3x.gz
-usr/share/man/man3/free_fieldtype.3x.gz
-usr/share/man/man3/free_form.3x.gz
-usr/share/man/man3/free_item.3x.gz
-usr/share/man/man3/free_menu.3x.gz
-usr/share/man/man3/free_pair.3x.gz
-usr/share/man/man3/free_pair_sp.3x.gz
-usr/share/man/man3/get_escdelay.3x.gz
-usr/share/man/man3/get_escdelay_sp.3x.gz
-usr/share/man/man3/get_wch.3x.gz
-usr/share/man/man3/get_wstr.3x.gz
-usr/share/man/man3/getattrs.3x.gz
-usr/share/man/man3/getbegx.3x.gz
-usr/share/man/man3/getbegy.3x.gz
-usr/share/man/man3/getbegyx.3x.gz
-usr/share/man/man3/getbkgd.3x.gz
-usr/share/man/man3/getbkgrnd.3x.gz
-usr/share/man/man3/getcchar.3x.gz
-usr/share/man/man3/getch.3x.gz
-usr/share/man/man3/getcurx.3x.gz
-usr/share/man/man3/getcury.3x.gz
-usr/share/man/man3/getmaxx.3x.gz
-usr/share/man/man3/getmaxy.3x.gz
-usr/share/man/man3/getmaxyx.3x.gz
-usr/share/man/man3/getmouse.3x.gz
-usr/share/man/man3/getmouse_sp.3x.gz
-usr/share/man/man3/getn_wstr.3x.gz
-usr/share/man/man3/getnstr.3x.gz
-usr/share/man/man3/getparx.3x.gz
-usr/share/man/man3/getpary.3x.gz
-usr/share/man/man3/getparyx.3x.gz
-usr/share/man/man3/getstr.3x.gz
-usr/share/man/man3/getsyx.3x.gz
-usr/share/man/man3/getwin.3x.gz
-usr/share/man/man3/getwin_sp.3x.gz
-usr/share/man/man3/getyx.3x.gz
-usr/share/man/man3/ground_panel.3x.gz
-usr/share/man/man3/halfdelay.3x.gz
-usr/share/man/man3/halfdelay_sp.3x.gz
-usr/share/man/man3/has_colors.3x.gz
-usr/share/man/man3/has_colors_sp.3x.gz
-usr/share/man/man3/has_ic.3x.gz
-usr/share/man/man3/has_ic_sp.3x.gz
-usr/share/man/man3/has_il.3x.gz
-usr/share/man/man3/has_il_sp.3x.gz
-usr/share/man/man3/has_key.3x.gz
-usr/share/man/man3/has_key_sp.3x.gz
-usr/share/man/man3/has_mouse.3x.gz
-usr/share/man/man3/has_mouse_sp.3x.gz
-usr/share/man/man3/hide_panel.3x.gz
-usr/share/man/man3/hline.3x.gz
-usr/share/man/man3/hline_set.3x.gz
-usr/share/man/man3/idcok.3x.gz
-usr/share/man/man3/idlok.3x.gz
-usr/share/man/man3/immedok.3x.gz
-usr/share/man/man3/in_wch.3x.gz
-usr/share/man/man3/in_wchnstr.3x.gz
-usr/share/man/man3/in_wchstr.3x.gz
-usr/share/man/man3/inch.3x.gz
-usr/share/man/man3/inchnstr.3x.gz
-usr/share/man/man3/inchstr.3x.gz
-usr/share/man/man3/init_color.3x.gz
-usr/share/man/man3/init_color_sp.3x.gz
-usr/share/man/man3/init_extended_color.3x.gz
-usr/share/man/man3/init_extended_color_sp.3x.gz
-usr/share/man/man3/init_extended_pair.3x.gz
-usr/share/man/man3/init_extended_pair_sp.3x.gz
-usr/share/man/man3/init_pair.3x.gz
-usr/share/man/man3/init_pair_sp.3x.gz
-usr/share/man/man3/initscr.3x.gz
-usr/share/man/man3/innstr.3x.gz
-usr/share/man/man3/innwstr.3x.gz
-usr/share/man/man3/ins_nwstr.3x.gz
-usr/share/man/man3/ins_wch.3x.gz
-usr/share/man/man3/ins_wstr.3x.gz
-usr/share/man/man3/insch.3x.gz
-usr/share/man/man3/insdelln.3x.gz
-usr/share/man/man3/insertln.3x.gz
-usr/share/man/man3/insnstr.3x.gz
-usr/share/man/man3/insstr.3x.gz
-usr/share/man/man3/instr.3x.gz
-usr/share/man/man3/intrflush.3x.gz
-usr/share/man/man3/intrflush_sp.3x.gz
-usr/share/man/man3/inwstr.3x.gz
-usr/share/man/man3/is_cleared.3x.gz
-usr/share/man/man3/is_idcok.3x.gz
-usr/share/man/man3/is_idlok.3x.gz
-usr/share/man/man3/is_immedok.3x.gz
-usr/share/man/man3/is_keypad.3x.gz
-usr/share/man/man3/is_leaveok.3x.gz
-usr/share/man/man3/is_linetouched.3x.gz
-usr/share/man/man3/is_nodelay.3x.gz
-usr/share/man/man3/is_notimeout.3x.gz
-usr/share/man/man3/is_pad.3x.gz
-usr/share/man/man3/is_scrollok.3x.gz
-usr/share/man/man3/is_subwin.3x.gz
-usr/share/man/man3/is_syncok.3x.gz
-usr/share/man/man3/is_term_resized.3x.gz
-usr/share/man/man3/is_term_resized_sp.3x.gz
-usr/share/man/man3/is_wintouched.3x.gz
-usr/share/man/man3/isendwin.3x.gz
-usr/share/man/man3/isendwin_sp.3x.gz
-usr/share/man/man3/item_count.3x.gz
-usr/share/man/man3/item_description.3x.gz
-usr/share/man/man3/item_index.3x.gz
-usr/share/man/man3/item_init.3x.gz
-usr/share/man/man3/item_name.3x.gz
-usr/share/man/man3/item_opts.3x.gz
-usr/share/man/man3/item_opts_off.3x.gz
-usr/share/man/man3/item_opts_on.3x.gz
-usr/share/man/man3/item_term.3x.gz
-usr/share/man/man3/item_userptr.3x.gz
-usr/share/man/man3/item_value.3x.gz
-usr/share/man/man3/item_visible.3x.gz
-usr/share/man/man3/key_defined.3x.gz
-usr/share/man/man3/key_defined_sp.3x.gz
-usr/share/man/man3/key_name.3x.gz
-usr/share/man/man3/keybound.3x.gz
-usr/share/man/man3/keybound_sp.3x.gz
-usr/share/man/man3/keyname.3x.gz
-usr/share/man/man3/keyname_sp.3x.gz
-usr/share/man/man3/keyok.3x.gz
-usr/share/man/man3/keyok_sp.3x.gz
-usr/share/man/man3/keypad.3x.gz
-usr/share/man/man3/killchar.3x.gz
-usr/share/man/man3/killchar_sp.3x.gz
-usr/share/man/man3/killwchar.3x.gz
-usr/share/man/man3/leaveok.3x.gz
-usr/share/man/man3/legacy_coding.3x.gz
-usr/share/man/man3/link_field.3x.gz
-usr/share/man/man3/link_fieldtype.3x.gz
-usr/share/man/man3/longname.3x.gz
-usr/share/man/man3/longname_sp.3x.gz
-usr/share/man/man3/mcprint.3x.gz
-usr/share/man/man3/mcprint_sp.3x.gz
-usr/share/man/man3/menu.3x.gz
-usr/share/man/man3/menu_attributes.3x.gz
-usr/share/man/man3/menu_back.3x.gz
-usr/share/man/man3/menu_cursor.3x.gz
-usr/share/man/man3/menu_driver.3x.gz
-usr/share/man/man3/menu_fore.3x.gz
-usr/share/man/man3/menu_format.3x.gz
-usr/share/man/man3/menu_grey.3x.gz
-usr/share/man/man3/menu_hook.3x.gz
-usr/share/man/man3/menu_init.3x.gz
-usr/share/man/man3/menu_items.3x.gz
-usr/share/man/man3/menu_mark.3x.gz
-usr/share/man/man3/menu_new.3x.gz
-usr/share/man/man3/menu_opts.3x.gz
-usr/share/man/man3/menu_opts_off.3x.gz
-usr/share/man/man3/menu_opts_on.3x.gz
-usr/share/man/man3/menu_pad.3x.gz
-usr/share/man/man3/menu_pattern.3x.gz
-usr/share/man/man3/menu_post.3x.gz
-usr/share/man/man3/menu_request_by_name.3x.gz
-usr/share/man/man3/menu_request_name.3x.gz
-usr/share/man/man3/menu_requestname.3x.gz
-usr/share/man/man3/menu_spacing.3x.gz
-usr/share/man/man3/menu_sub.3x.gz
-usr/share/man/man3/menu_term.3x.gz
-usr/share/man/man3/menu_userptr.3x.gz
-usr/share/man/man3/menu_win.3x.gz
-usr/share/man/man3/meta.3x.gz
-usr/share/man/man3/mitem_current.3x.gz
-usr/share/man/man3/mitem_name.3x.gz
-usr/share/man/man3/mitem_new.3x.gz
-usr/share/man/man3/mitem_opts.3x.gz
-usr/share/man/man3/mitem_userptr.3x.gz
-usr/share/man/man3/mitem_value.3x.gz
-usr/share/man/man3/mitem_visible.3x.gz
-usr/share/man/man3/mouse_trafo.3x.gz
-usr/share/man/man3/mouseinterval.3x.gz
-usr/share/man/man3/mouseinterval_sp.3x.gz
-usr/share/man/man3/mousemask.3x.gz
-usr/share/man/man3/mousemask_sp.3x.gz
-usr/share/man/man3/move.3x.gz
-usr/share/man/man3/move_field.3x.gz
-usr/share/man/man3/move_panel.3x.gz
-usr/share/man/man3/mvadd_wch.3x.gz
-usr/share/man/man3/mvadd_wchnstr.3x.gz
-usr/share/man/man3/mvadd_wchstr.3x.gz
-usr/share/man/man3/mvaddch.3x.gz
-usr/share/man/man3/mvaddchnstr.3x.gz
-usr/share/man/man3/mvaddchstr.3x.gz
-usr/share/man/man3/mvaddnstr.3x.gz
-usr/share/man/man3/mvaddnwstr.3x.gz
-usr/share/man/man3/mvaddstr.3x.gz
-usr/share/man/man3/mvaddwstr.3x.gz
-usr/share/man/man3/mvchgat.3x.gz
-usr/share/man/man3/mvcur.3x.gz
-usr/share/man/man3/mvcur_sp.3x.gz
-usr/share/man/man3/mvdelch.3x.gz
-usr/share/man/man3/mvderwin.3x.gz
-usr/share/man/man3/mvget_wch.3x.gz
-usr/share/man/man3/mvget_wstr.3x.gz
-usr/share/man/man3/mvgetch.3x.gz
-usr/share/man/man3/mvgetn_wstr.3x.gz
-usr/share/man/man3/mvgetnstr.3x.gz
-usr/share/man/man3/mvgetstr.3x.gz
-usr/share/man/man3/mvhline.3x.gz
-usr/share/man/man3/mvhline_set.3x.gz
-usr/share/man/man3/mvin_wch.3x.gz
-usr/share/man/man3/mvin_wchnstr.3x.gz
-usr/share/man/man3/mvin_wchstr.3x.gz
-usr/share/man/man3/mvinch.3x.gz
-usr/share/man/man3/mvinchnstr.3x.gz
-usr/share/man/man3/mvinchstr.3x.gz
-usr/share/man/man3/mvinnstr.3x.gz
-usr/share/man/man3/mvinnwstr.3x.gz
-usr/share/man/man3/mvins_nwstr.3x.gz
-usr/share/man/man3/mvins_wch.3x.gz
-usr/share/man/man3/mvins_wstr.3x.gz
-usr/share/man/man3/mvinsch.3x.gz
-usr/share/man/man3/mvinsnstr.3x.gz
-usr/share/man/man3/mvinsstr.3x.gz
-usr/share/man/man3/mvinstr.3x.gz
-usr/share/man/man3/mvinwstr.3x.gz
-usr/share/man/man3/mvprintw.3x.gz
-usr/share/man/man3/mvscanw.3x.gz
-usr/share/man/man3/mvvline.3x.gz
-usr/share/man/man3/mvvline_set.3x.gz
-usr/share/man/man3/mvwadd_wch.3x.gz
-usr/share/man/man3/mvwadd_wchnstr.3x.gz
-usr/share/man/man3/mvwadd_wchstr.3x.gz
-usr/share/man/man3/mvwaddch.3x.gz
-usr/share/man/man3/mvwaddchnstr.3x.gz
-usr/share/man/man3/mvwaddchstr.3x.gz
-usr/share/man/man3/mvwaddnstr.3x.gz
-usr/share/man/man3/mvwaddnwstr.3x.gz
-usr/share/man/man3/mvwaddstr.3x.gz
-usr/share/man/man3/mvwaddwstr.3x.gz
-usr/share/man/man3/mvwchgat.3x.gz
-usr/share/man/man3/mvwdelch.3x.gz
-usr/share/man/man3/mvwget_wch.3x.gz
-usr/share/man/man3/mvwget_wstr.3x.gz
-usr/share/man/man3/mvwgetch.3x.gz
-usr/share/man/man3/mvwgetn_wstr.3x.gz
-usr/share/man/man3/mvwgetnstr.3x.gz
-usr/share/man/man3/mvwgetstr.3x.gz
-usr/share/man/man3/mvwhline.3x.gz
-usr/share/man/man3/mvwhline_set.3x.gz
-usr/share/man/man3/mvwin.3x.gz
-usr/share/man/man3/mvwin_wch.3x.gz
-usr/share/man/man3/mvwin_wchnstr.3x.gz
-usr/share/man/man3/mvwin_wchstr.3x.gz
-usr/share/man/man3/mvwinch.3x.gz
-usr/share/man/man3/mvwinchnstr.3x.gz
-usr/share/man/man3/mvwinchstr.3x.gz
-usr/share/man/man3/mvwinnstr.3x.gz
-usr/share/man/man3/mvwinnwstr.3x.gz
-usr/share/man/man3/mvwins_nwstr.3x.gz
-usr/share/man/man3/mvwins_wch.3x.gz
-usr/share/man/man3/mvwins_wstr.3x.gz
-usr/share/man/man3/mvwinsch.3x.gz
-usr/share/man/man3/mvwinsnstr.3x.gz
-usr/share/man/man3/mvwinsstr.3x.gz
-usr/share/man/man3/mvwinstr.3x.gz
-usr/share/man/man3/mvwinwstr.3x.gz
-usr/share/man/man3/mvwprintw.3x.gz
-usr/share/man/man3/mvwscanw.3x.gz
-usr/share/man/man3/mvwvline.3x.gz
-usr/share/man/man3/mvwvline_set.3x.gz
-usr/share/man/man3/napms.3x.gz
-usr/share/man/man3/napms_sp.3x.gz
-usr/share/man/man3/ncurses.3x.gz
-usr/share/man/man3/new_field.3x.gz
-usr/share/man/man3/new_fieldtype.3x.gz
-usr/share/man/man3/new_form.3x.gz
-usr/share/man/man3/new_form_sp.3x.gz
-usr/share/man/man3/new_item.3x.gz
-usr/share/man/man3/new_menu.3x.gz
-usr/share/man/man3/new_menu_sp.3x.gz
-usr/share/man/man3/new_page.3x.gz
-usr/share/man/man3/new_pair.3x.gz
-usr/share/man/man3/new_panel.3x.gz
-usr/share/man/man3/new_prescr.3x.gz
-usr/share/man/man3/newpad.3x.gz
-usr/share/man/man3/newpad_sp.3x.gz
-usr/share/man/man3/newscr.3x.gz
-usr/share/man/man3/newterm.3x.gz
-usr/share/man/man3/newterm_sp.3x.gz
-usr/share/man/man3/newwin.3x.gz
-usr/share/man/man3/newwin_sp.3x.gz
-usr/share/man/man3/nl.3x.gz
-usr/share/man/man3/nl_sp.3x.gz
-usr/share/man/man3/nocbreak.3x.gz
-usr/share/man/man3/nocbreak_sp.3x.gz
-usr/share/man/man3/nodelay.3x.gz
-usr/share/man/man3/noecho.3x.gz
-usr/share/man/man3/noecho_sp.3x.gz
-usr/share/man/man3/nofilter.3x.gz
-usr/share/man/man3/nofilter_sp.3x.gz
-usr/share/man/man3/nonl.3x.gz
-usr/share/man/man3/nonl_sp.3x.gz
-usr/share/man/man3/noqiflush.3x.gz
-usr/share/man/man3/noqiflush_sp.3x.gz
-usr/share/man/man3/noraw.3x.gz
-usr/share/man/man3/noraw_sp.3x.gz
-usr/share/man/man3/notimeout.3x.gz
-usr/share/man/man3/numcodes.3x.gz
-usr/share/man/man3/numfnames.3x.gz
-usr/share/man/man3/numnames.3x.gz
-usr/share/man/man3/ospeed.3x.gz
-usr/share/man/man3/overlay.3x.gz
-usr/share/man/man3/overwrite.3x.gz
-usr/share/man/man3/pair_content.3x.gz
-usr/share/man/man3/pair_content_sp.3x.gz
-usr/share/man/man3/panel.3x.gz
-usr/share/man/man3/panel_above.3x.gz
-usr/share/man/man3/panel_below.3x.gz
-usr/share/man/man3/panel_hidden.3x.gz
-usr/share/man/man3/panel_userptr.3x.gz
-usr/share/man/man3/panel_window.3x.gz
-usr/share/man/man3/pecho_wchar.3x.gz
-usr/share/man/man3/pechochar.3x.gz
-usr/share/man/man3/pnoutrefresh.3x.gz
-usr/share/man/man3/pos_form_cursor.3x.gz
-usr/share/man/man3/pos_menu_cursor.3x.gz
-usr/share/man/man3/post_form.3x.gz
-usr/share/man/man3/post_menu.3x.gz
-usr/share/man/man3/prefresh.3x.gz
-usr/share/man/man3/printw.3x.gz
-usr/share/man/man3/putp.3x.gz
-usr/share/man/man3/putp_sp.3x.gz
-usr/share/man/man3/putwin.3x.gz
-usr/share/man/man3/qiflush.3x.gz
-usr/share/man/man3/qiflush_sp.3x.gz
-usr/share/man/man3/raw.3x.gz
-usr/share/man/man3/raw_sp.3x.gz
-usr/share/man/man3/redrawwin.3x.gz
-usr/share/man/man3/refresh.3x.gz
-usr/share/man/man3/replace_panel.3x.gz
-usr/share/man/man3/reset_color_pairs.3x.gz
-usr/share/man/man3/reset_prog_mode.3x.gz
-usr/share/man/man3/reset_prog_mode_sp.3x.gz
-usr/share/man/man3/reset_shell_mode.3x.gz
-usr/share/man/man3/reset_shell_mode_sp.3x.gz
-usr/share/man/man3/resetty.3x.gz
-usr/share/man/man3/resetty_sp.3x.gz
-usr/share/man/man3/resize_term.3x.gz
-usr/share/man/man3/resize_term_sp.3x.gz
-usr/share/man/man3/resizeterm.3x.gz
-usr/share/man/man3/resizeterm_sp.3x.gz
-usr/share/man/man3/restartterm.3x.gz
-usr/share/man/man3/restartterm_sp.3x.gz
-usr/share/man/man3/ripoffline.3x.gz
-usr/share/man/man3/ripoffline_sp.3x.gz
-usr/share/man/man3/savetty.3x.gz
-usr/share/man/man3/savetty_sp.3x.gz
-usr/share/man/man3/scale_form.3x.gz
-usr/share/man/man3/scale_menu.3x.gz
-usr/share/man/man3/scanw.3x.gz
-usr/share/man/man3/scr_dump.3x.gz
-usr/share/man/man3/scr_init.3x.gz
-usr/share/man/man3/scr_init_sp.3x.gz
-usr/share/man/man3/scr_restore.3x.gz
-usr/share/man/man3/scr_restore_sp.3x.gz
-usr/share/man/man3/scr_set.3x.gz
-usr/share/man/man3/scr_set_sp.3x.gz
-usr/share/man/man3/scrl.3x.gz
-usr/share/man/man3/scroll.3x.gz
-usr/share/man/man3/scrollok.3x.gz
-usr/share/man/man3/set_current_field.3x.gz
-usr/share/man/man3/set_current_item.3x.gz
-usr/share/man/man3/set_curterm.3x.gz
-usr/share/man/man3/set_curterm_sp.3x.gz
-usr/share/man/man3/set_escdelay.3x.gz
-usr/share/man/man3/set_escdelay_sp.3x.gz
-usr/share/man/man3/set_field_back.3x.gz
-usr/share/man/man3/set_field_buffer.3x.gz
-usr/share/man/man3/set_field_fore.3x.gz
-usr/share/man/man3/set_field_init.3x.gz
-usr/share/man/man3/set_field_just.3x.gz
-usr/share/man/man3/set_field_opts.3x.gz
-usr/share/man/man3/set_field_pad.3x.gz
-usr/share/man/man3/set_field_status.3x.gz
-usr/share/man/man3/set_field_term.3x.gz
-usr/share/man/man3/set_field_type.3x.gz
-usr/share/man/man3/set_field_userptr.3x.gz
-usr/share/man/man3/set_fieldtype_arg.3x.gz
-usr/share/man/man3/set_fieldtype_choice.3x.gz
-usr/share/man/man3/set_form_fields.3x.gz
-usr/share/man/man3/set_form_init.3x.gz
-usr/share/man/man3/set_form_opts.3x.gz
-usr/share/man/man3/set_form_page.3x.gz
-usr/share/man/man3/set_form_sub.3x.gz
-usr/share/man/man3/set_form_term.3x.gz
-usr/share/man/man3/set_form_userptr.3x.gz
-usr/share/man/man3/set_form_win.3x.gz
-usr/share/man/man3/set_item_init.3x.gz
-usr/share/man/man3/set_item_opts.3x.gz
-usr/share/man/man3/set_item_term.3x.gz
-usr/share/man/man3/set_item_userptr.3x.gz
-usr/share/man/man3/set_item_value.3x.gz
-usr/share/man/man3/set_max_field.3x.gz
-usr/share/man/man3/set_menu_back.3x.gz
-usr/share/man/man3/set_menu_fore.3x.gz
-usr/share/man/man3/set_menu_format.3x.gz
-usr/share/man/man3/set_menu_grey.3x.gz
-usr/share/man/man3/set_menu_init.3x.gz
-usr/share/man/man3/set_menu_items.3x.gz
-usr/share/man/man3/set_menu_mark.3x.gz
-usr/share/man/man3/set_menu_opts.3x.gz
-usr/share/man/man3/set_menu_pad.3x.gz
-usr/share/man/man3/set_menu_pattern.3x.gz
-usr/share/man/man3/set_menu_spacing.3x.gz
-usr/share/man/man3/set_menu_sub.3x.gz
-usr/share/man/man3/set_menu_term.3x.gz
-usr/share/man/man3/set_menu_userptr.3x.gz
-usr/share/man/man3/set_menu_win.3x.gz
-usr/share/man/man3/set_new_page.3x.gz
-usr/share/man/man3/set_panel_userptr.3x.gz
-usr/share/man/man3/set_tabsize.3x.gz
-usr/share/man/man3/set_tabsize_sp.3x.gz
-usr/share/man/man3/set_term.3x.gz
-usr/share/man/man3/set_top_row.3x.gz
-usr/share/man/man3/setcchar.3x.gz
-usr/share/man/man3/setscrreg.3x.gz
-usr/share/man/man3/setsyx.3x.gz
-usr/share/man/man3/setterm.3x.gz
-usr/share/man/man3/setupterm.3x.gz
-usr/share/man/man3/show_panel.3x.gz
-usr/share/man/man3/slk_attr.3x.gz
-usr/share/man/man3/slk_attr_off.3x.gz
-usr/share/man/man3/slk_attr_on.3x.gz
-usr/share/man/man3/slk_attr_set.3x.gz
-usr/share/man/man3/slk_attr_set_sp.3x.gz
-usr/share/man/man3/slk_attr_sp.3x.gz
-usr/share/man/man3/slk_attroff.3x.gz
-usr/share/man/man3/slk_attroff_sp.3x.gz
-usr/share/man/man3/slk_attron.3x.gz
-usr/share/man/man3/slk_attron_sp.3x.gz
-usr/share/man/man3/slk_attrset.3x.gz
-usr/share/man/man3/slk_attrset_sp.3x.gz
-usr/share/man/man3/slk_clear.3x.gz
-usr/share/man/man3/slk_clear_sp.3x.gz
-usr/share/man/man3/slk_color.3x.gz
-usr/share/man/man3/slk_color_sp.3x.gz
-usr/share/man/man3/slk_init.3x.gz
-usr/share/man/man3/slk_init_sp.3x.gz
-usr/share/man/man3/slk_label.3x.gz
-usr/share/man/man3/slk_label_sp.3x.gz
-usr/share/man/man3/slk_noutrefresh.3x.gz
-usr/share/man/man3/slk_noutrefresh_sp.3x.gz
-usr/share/man/man3/slk_refresh.3x.gz
-usr/share/man/man3/slk_refresh_sp.3x.gz
-usr/share/man/man3/slk_restore.3x.gz
-usr/share/man/man3/slk_restore_sp.3x.gz
-usr/share/man/man3/slk_set.3x.gz
-usr/share/man/man3/slk_set_sp.3x.gz
-usr/share/man/man3/slk_touch.3x.gz
-usr/share/man/man3/slk_touch_sp.3x.gz
-usr/share/man/man3/slk_wset.3x.gz
-usr/share/man/man3/standend.3x.gz
-usr/share/man/man3/standout.3x.gz
-usr/share/man/man3/start_color.3x.gz
-usr/share/man/man3/start_color_sp.3x.gz
-usr/share/man/man3/stdscr.3x.gz
-usr/share/man/man3/strcodes.3x.gz
-usr/share/man/man3/strfnames.3x.gz
-usr/share/man/man3/strnames.3x.gz
-usr/share/man/man3/subpad.3x.gz
-usr/share/man/man3/subwin.3x.gz
-usr/share/man/man3/syncok.3x.gz
-usr/share/man/man3/term_attrs.3x.gz
-usr/share/man/man3/term_attrs_sp.3x.gz
-usr/share/man/man3/term_variables.3x.gz
-usr/share/man/man3/termattrs.3x.gz
-usr/share/man/man3/termattrs_sp.3x.gz
-usr/share/man/man3/termname.3x.gz
-usr/share/man/man3/termname_sp.3x.gz
-usr/share/man/man3/tgetent.3x.gz
-usr/share/man/man3/tgetent_sp.3x.gz
-usr/share/man/man3/tgetflag.3x.gz
-usr/share/man/man3/tgetflag_sp.3x.gz
-usr/share/man/man3/tgetnum.3x.gz
-usr/share/man/man3/tgetnum_sp.3x.gz
-usr/share/man/man3/tgetstr.3x.gz
-usr/share/man/man3/tgetstr_sp.3x.gz
-usr/share/man/man3/tgoto.3x.gz
-usr/share/man/man3/tigetflag.3x.gz
-usr/share/man/man3/tigetflag_sp.3x.gz
-usr/share/man/man3/tigetnum.3x.gz
-usr/share/man/man3/tigetnum_sp.3x.gz
-usr/share/man/man3/tigetstr.3x.gz
-usr/share/man/man3/tigetstr_sp.3x.gz
-usr/share/man/man3/timeout.3x.gz
-usr/share/man/man3/tiparm.3x.gz
-usr/share/man/man3/top_panel.3x.gz
-usr/share/man/man3/top_row.3x.gz
-usr/share/man/man3/touchline.3x.gz
-usr/share/man/man3/touchwin.3x.gz
-usr/share/man/man3/tparm.3x.gz
-usr/share/man/man3/tputs.3x.gz
-usr/share/man/man3/tputs_sp.3x.gz
-usr/share/man/man3/trace.3x.gz
-usr/share/man/man3/ttytype.3x.gz
-usr/share/man/man3/typeahead.3x.gz
-usr/share/man/man3/typeahead_sp.3x.gz
-usr/share/man/man3/unctrl.3x.gz
-usr/share/man/man3/unctrl_sp.3x.gz
-usr/share/man/man3/unfocus_current_field.3x.gz
-usr/share/man/man3/unget_wch.3x.gz
-usr/share/man/man3/unget_wch_sp.3x.gz
-usr/share/man/man3/ungetch.3x.gz
-usr/share/man/man3/ungetch_sp.3x.gz
-usr/share/man/man3/ungetmouse.3x.gz
-usr/share/man/man3/ungetmouse_sp.3x.gz
-usr/share/man/man3/unpost_form.3x.gz
-usr/share/man/man3/unpost_menu.3x.gz
-usr/share/man/man3/untouchwin.3x.gz
-usr/share/man/man3/update_panels.3x.gz
-usr/share/man/man3/update_panels_sp.3x.gz
-usr/share/man/man3/use_default_colors.3x.gz
-usr/share/man/man3/use_default_colors_sp.3x.gz
-usr/share/man/man3/use_env.3x.gz
-usr/share/man/man3/use_env_sp.3x.gz
-usr/share/man/man3/use_extended_names.3x.gz
-usr/share/man/man3/use_legacy_coding.3x.gz
-usr/share/man/man3/use_legacy_coding_sp.3x.gz
-usr/share/man/man3/use_screen.3x.gz
-usr/share/man/man3/use_tioctl.3x.gz
-usr/share/man/man3/use_window.3x.gz
-usr/share/man/man3/vid_attr.3x.gz
-usr/share/man/man3/vid_attr_sp.3x.gz
-usr/share/man/man3/vid_puts.3x.gz
-usr/share/man/man3/vid_puts_sp.3x.gz
-usr/share/man/man3/vidattr.3x.gz
-usr/share/man/man3/vidattr_sp.3x.gz
-usr/share/man/man3/vidputs.3x.gz
-usr/share/man/man3/vidputs_sp.3x.gz
-usr/share/man/man3/vline.3x.gz
-usr/share/man/man3/vline_set.3x.gz
-usr/share/man/man3/vw_printw.3x.gz
-usr/share/man/man3/vw_scanw.3x.gz
-usr/share/man/man3/vwprintw.3x.gz
-usr/share/man/man3/vwscanw.3x.gz
-usr/share/man/man3/wadd_wch.3x.gz
-usr/share/man/man3/wadd_wchnstr.3x.gz
-usr/share/man/man3/wadd_wchstr.3x.gz
-usr/share/man/man3/waddch.3x.gz
-usr/share/man/man3/waddchnstr.3x.gz
-usr/share/man/man3/waddchstr.3x.gz
-usr/share/man/man3/waddnstr.3x.gz
-usr/share/man/man3/waddnwstr.3x.gz
-usr/share/man/man3/waddstr.3x.gz
-usr/share/man/man3/waddwstr.3x.gz
-usr/share/man/man3/wattr_get.3x.gz
-usr/share/man/man3/wattr_off.3x.gz
-usr/share/man/man3/wattr_on.3x.gz
-usr/share/man/man3/wattr_set.3x.gz
-usr/share/man/man3/wattroff.3x.gz
-usr/share/man/man3/wattron.3x.gz
-usr/share/man/man3/wattrset.3x.gz
-usr/share/man/man3/wbkgd.3x.gz
-usr/share/man/man3/wbkgdset.3x.gz
-usr/share/man/man3/wbkgrnd.3x.gz
-usr/share/man/man3/wbkgrndset.3x.gz
-usr/share/man/man3/wborder.3x.gz
-usr/share/man/man3/wborder_set.3x.gz
-usr/share/man/man3/wchgat.3x.gz
-usr/share/man/man3/wclear.3x.gz
-usr/share/man/man3/wclrtobot.3x.gz
-usr/share/man/man3/wclrtoeol.3x.gz
-usr/share/man/man3/wcolor_set.3x.gz
-usr/share/man/man3/wcursyncup.3x.gz
-usr/share/man/man3/wdelch.3x.gz
-usr/share/man/man3/wdeleteln.3x.gz
-usr/share/man/man3/wecho_wchar.3x.gz
-usr/share/man/man3/wechochar.3x.gz
-usr/share/man/man3/wenclose.3x.gz
-usr/share/man/man3/werase.3x.gz
-usr/share/man/man3/wget_wch.3x.gz
-usr/share/man/man3/wget_wstr.3x.gz
-usr/share/man/man3/wgetbkgrnd.3x.gz
-usr/share/man/man3/wgetch.3x.gz
-usr/share/man/man3/wgetdelay.3x.gz
-usr/share/man/man3/wgetn_wstr.3x.gz
-usr/share/man/man3/wgetnstr.3x.gz
-usr/share/man/man3/wgetparent.3x.gz
-usr/share/man/man3/wgetscrreg.3x.gz
-usr/share/man/man3/wgetstr.3x.gz
-usr/share/man/man3/whline.3x.gz
-usr/share/man/man3/whline_set.3x.gz
-usr/share/man/man3/win_wch.3x.gz
-usr/share/man/man3/win_wchnstr.3x.gz
-usr/share/man/man3/win_wchstr.3x.gz
-usr/share/man/man3/winch.3x.gz
-usr/share/man/man3/winchnstr.3x.gz
-usr/share/man/man3/winchstr.3x.gz
-usr/share/man/man3/winnstr.3x.gz
-usr/share/man/man3/winnwstr.3x.gz
-usr/share/man/man3/wins_nwstr.3x.gz
-usr/share/man/man3/wins_wch.3x.gz
-usr/share/man/man3/wins_wstr.3x.gz
-usr/share/man/man3/winsch.3x.gz
-usr/share/man/man3/winsdelln.3x.gz
-usr/share/man/man3/winsertln.3x.gz
-usr/share/man/man3/winsnstr.3x.gz
-usr/share/man/man3/winsstr.3x.gz
-usr/share/man/man3/winstr.3x.gz
-usr/share/man/man3/winwstr.3x.gz
-usr/share/man/man3/wmouse_trafo.3x.gz
-usr/share/man/man3/wmove.3x.gz
-usr/share/man/man3/wnoutrefresh.3x.gz
-usr/share/man/man3/wprintw.3x.gz
-usr/share/man/man3/wredrawln.3x.gz
-usr/share/man/man3/wrefresh.3x.gz
-usr/share/man/man3/wresize.3x.gz
-usr/share/man/man3/wscanw.3x.gz
-usr/share/man/man3/wscrl.3x.gz
-usr/share/man/man3/wsetscrreg.3x.gz
-usr/share/man/man3/wstandend.3x.gz
-usr/share/man/man3/wstandout.3x.gz
-usr/share/man/man3/wsyncdown.3x.gz
-usr/share/man/man3/wsyncup.3x.gz
-usr/share/man/man3/wtimeout.3x.gz
-usr/share/man/man3/wtouchln.3x.gz
-usr/share/man/man3/wunctrl.3x.gz
-usr/share/man/man3/wunctrl_sp.3x.gz
-usr/share/man/man3/wvline.3x.gz
-usr/share/man/man3/wvline_set.3x.gz
-usr/share/man/man5/
-usr/share/man/man5/scr_dump.5.gz
-usr/share/man/man5/term.5.gz
-usr/share/man/man5/terminfo.5.gz
-usr/share/man/man5/user_caps.5.gz
-usr/share/man/man7/
-usr/share/man/man7/term.7.gz
-usr/share/tabset/
-usr/share/tabset/std
-usr/share/tabset/stdcrt
-usr/share/tabset/vt100
-usr/share/tabset/vt300
-usr/share/terminfo/
-usr/share/terminfo/31/
-usr/share/terminfo/31/1178
-usr/share/terminfo/31/1730-lm
-usr/share/terminfo/32/
-usr/share/terminfo/32/2621
-usr/share/terminfo/32/2621-wl
-usr/share/terminfo/32/2621A
-usr/share/terminfo/33/
-usr/share/terminfo/33/386at
-usr/share/terminfo/33/3b1
-usr/share/terminfo/34/
-usr/share/terminfo/34/4025ex
-usr/share/terminfo/34/4027ex
-usr/share/terminfo/34/4410-w
-usr/share/terminfo/35/
-usr/share/terminfo/35/5051
-usr/share/terminfo/35/5410-w
-usr/share/terminfo/35/5620
-usr/share/terminfo/35/5630-24
-usr/share/terminfo/35/5630DMD-24
-usr/share/terminfo/36/
-usr/share/terminfo/36/6053
-usr/share/terminfo/36/6053-dg
-usr/share/terminfo/36/605x
-usr/share/terminfo/36/605x-dg
-usr/share/terminfo/36/630-lm
-usr/share/terminfo/36/630MTG-24
-usr/share/terminfo/37/
-usr/share/terminfo/37/730MTG-24
-usr/share/terminfo/37/730MTG-41
-usr/share/terminfo/37/730MTG-41r
-usr/share/terminfo/37/730MTGr
-usr/share/terminfo/37/730MTGr-24
-usr/share/terminfo/38/
-usr/share/terminfo/38/8510
-usr/share/terminfo/39/
-usr/share/terminfo/39/955-hb
-usr/share/terminfo/39/955-w
-usr/share/terminfo/39/9term
-usr/share/terminfo/41/
-usr/share/terminfo/41/Apple_Terminal
-usr/share/terminfo/45/
-usr/share/terminfo/45/Eterm
-usr/share/terminfo/45/Eterm-256color
-usr/share/terminfo/45/Eterm-88color
-usr/share/terminfo/45/Eterm-color
-usr/share/terminfo/4c/
-usr/share/terminfo/4c/LFT-PC850
-usr/share/terminfo/4d/
-usr/share/terminfo/4d/MtxOrb
-usr/share/terminfo/4d/MtxOrb162
-usr/share/terminfo/4d/MtxOrb204
-usr/share/terminfo/4e/
-usr/share/terminfo/4e/NCR260VT300WPP
-usr/share/terminfo/4e/NCRVT100WPP
-usr/share/terminfo/50/
-usr/share/terminfo/50/P12
-usr/share/terminfo/50/P12-M
-usr/share/terminfo/50/P12-M-W
-usr/share/terminfo/50/P12-W
-usr/share/terminfo/50/P14
-usr/share/terminfo/50/P14-M
-usr/share/terminfo/50/P14-M-W
-usr/share/terminfo/50/P14-W
-usr/share/terminfo/50/P4
-usr/share/terminfo/50/P5
-usr/share/terminfo/50/P7
-usr/share/terminfo/50/P8
-usr/share/terminfo/50/P8-W
-usr/share/terminfo/50/P9
-usr/share/terminfo/50/P9-8
-usr/share/terminfo/50/P9-8-W
-usr/share/terminfo/50/P9-W
-usr/share/terminfo/51/
-usr/share/terminfo/51/Q306-8-pc
-usr/share/terminfo/51/Q310-vip-H
-usr/share/terminfo/51/Q310-vip-H-am
-usr/share/terminfo/51/Q310-vip-Hw
-usr/share/terminfo/51/Q310-vip-w
-usr/share/terminfo/51/Q310-vip-w-am
-usr/share/terminfo/58/
-usr/share/terminfo/58/X-hpterm
-usr/share/terminfo/61/
-usr/share/terminfo/61/a210
-usr/share/terminfo/61/a80
-usr/share/terminfo/61/a980
-usr/share/terminfo/61/aa4080
-usr/share/terminfo/61/aaa
-usr/share/terminfo/61/aaa+dec
-usr/share/terminfo/61/aaa+rv
-usr/share/terminfo/61/aaa+unk
-usr/share/terminfo/61/aaa-18
-usr/share/terminfo/61/aaa-18-rv
-usr/share/terminfo/61/aaa-20
-usr/share/terminfo/61/aaa-22
-usr/share/terminfo/61/aaa-24
-usr/share/terminfo/61/aaa-24-rv
-usr/share/terminfo/61/aaa-26
-usr/share/terminfo/61/aaa-28
-usr/share/terminfo/61/aaa-30
-usr/share/terminfo/61/aaa-30-ctxt
-usr/share/terminfo/61/aaa-30-rv
-usr/share/terminfo/61/aaa-30-rv-ctxt
-usr/share/terminfo/61/aaa-30-s
-usr/share/terminfo/61/aaa-30-s-ctxt
-usr/share/terminfo/61/aaa-30-s-rv
-usr/share/terminfo/61/aaa-30-s-rv-ct
-usr/share/terminfo/61/aaa-36
-usr/share/terminfo/61/aaa-36-rv
-usr/share/terminfo/61/aaa-40
-usr/share/terminfo/61/aaa-40-rv
-usr/share/terminfo/61/aaa-48
-usr/share/terminfo/61/aaa-48-rv
-usr/share/terminfo/61/aaa-60
-usr/share/terminfo/61/aaa-60-dec-rv
-usr/share/terminfo/61/aaa-60-rv
-usr/share/terminfo/61/aaa-60-s
-usr/share/terminfo/61/aaa-60-s-rv
-usr/share/terminfo/61/aaa-ctxt
-usr/share/terminfo/61/aaa-db
-usr/share/terminfo/61/aaa-rv
-usr/share/terminfo/61/aaa-rv-ctxt
-usr/share/terminfo/61/aaa-rv-unk
-usr/share/terminfo/61/aaa-s
-usr/share/terminfo/61/aaa-s-ctxt
-usr/share/terminfo/61/aaa-s-rv
-usr/share/terminfo/61/aaa-s-rv-ctxt
-usr/share/terminfo/61/aaa-unk
-usr/share/terminfo/61/aas1901
-usr/share/terminfo/61/abm80
-usr/share/terminfo/61/abm85
-usr/share/terminfo/61/abm85e
-usr/share/terminfo/61/abm85h
-usr/share/terminfo/61/abm85h-old
-usr/share/terminfo/61/act4
-usr/share/terminfo/61/act5
-usr/share/terminfo/61/addrinfo
-usr/share/terminfo/61/adds980
-usr/share/terminfo/61/addsviewpoint
-usr/share/terminfo/61/addsvp60
-usr/share/terminfo/61/adm+sgr
-usr/share/terminfo/61/adm1
-usr/share/terminfo/61/adm11
-usr/share/terminfo/61/adm1178
-usr/share/terminfo/61/adm12
-usr/share/terminfo/61/adm1a
-usr/share/terminfo/61/adm2
-usr/share/terminfo/61/adm20
-usr/share/terminfo/61/adm21
-usr/share/terminfo/61/adm22
-usr/share/terminfo/61/adm3
-usr/share/terminfo/61/adm31
-usr/share/terminfo/61/adm31-old
-usr/share/terminfo/61/adm36
-usr/share/terminfo/61/adm3a
-usr/share/terminfo/61/adm3a+
-usr/share/terminfo/61/adm42
-usr/share/terminfo/61/adm42-ns
-usr/share/terminfo/61/adm5
-usr/share/terminfo/61/aepro
-usr/share/terminfo/61/aixterm
-usr/share/terminfo/61/aixterm-16color
-usr/share/terminfo/61/aixterm-m
-usr/share/terminfo/61/aixterm-m-old
-usr/share/terminfo/61/aj
-usr/share/terminfo/61/aj510
-usr/share/terminfo/61/aj830
-usr/share/terminfo/61/aj832
-usr/share/terminfo/61/alt2
-usr/share/terminfo/61/alt3
-usr/share/terminfo/61/alt4
-usr/share/terminfo/61/alt5
-usr/share/terminfo/61/alt7
-usr/share/terminfo/61/alt7pc
-usr/share/terminfo/61/alto-h19
-usr/share/terminfo/61/alto-heath
-usr/share/terminfo/61/altoh19
-usr/share/terminfo/61/altoheath
-usr/share/terminfo/61/altos-2
-usr/share/terminfo/61/altos-3
-usr/share/terminfo/61/altos-4
-usr/share/terminfo/61/altos-5
-usr/share/terminfo/61/altos2
-usr/share/terminfo/61/altos3
-usr/share/terminfo/61/altos4
-usr/share/terminfo/61/altos5
-usr/share/terminfo/61/altos7
-usr/share/terminfo/61/altos7pc
-usr/share/terminfo/61/ambas
-usr/share/terminfo/61/ambassador
-usr/share/terminfo/61/amiga
-usr/share/terminfo/61/amiga-8bit
-usr/share/terminfo/61/amiga-h
-usr/share/terminfo/61/amiga-vnc
-usr/share/terminfo/61/amp219
-usr/share/terminfo/61/amp219w
-usr/share/terminfo/61/ampex-219
-usr/share/terminfo/61/ampex-219w
-usr/share/terminfo/61/ampex-232
-usr/share/terminfo/61/ampex175
-usr/share/terminfo/61/ampex175-b
-usr/share/terminfo/61/ampex210
-usr/share/terminfo/61/ampex219
-usr/share/terminfo/61/ampex219w
-usr/share/terminfo/61/ampex232
-usr/share/terminfo/61/ampex232w
-usr/share/terminfo/61/ampex80
-usr/share/terminfo/61/annarbor4080
-usr/share/terminfo/61/ansi
-usr/share/terminfo/61/ansi+arrows
-usr/share/terminfo/61/ansi+csr
-usr/share/terminfo/61/ansi+cup
-usr/share/terminfo/61/ansi+enq
-usr/share/terminfo/61/ansi+erase
-usr/share/terminfo/61/ansi+idc
-usr/share/terminfo/61/ansi+idc1
-usr/share/terminfo/61/ansi+idl
-usr/share/terminfo/61/ansi+idl1
-usr/share/terminfo/61/ansi+inittabs
-usr/share/terminfo/61/ansi+local
-usr/share/terminfo/61/ansi+local1
-usr/share/terminfo/61/ansi+pp
-usr/share/terminfo/61/ansi+rca
-usr/share/terminfo/61/ansi+rep
-usr/share/terminfo/61/ansi+sgr
-usr/share/terminfo/61/ansi+sgrbold
-usr/share/terminfo/61/ansi+sgrdim
-usr/share/terminfo/61/ansi+sgrso
-usr/share/terminfo/61/ansi+sgrul
-usr/share/terminfo/61/ansi+tabs
-usr/share/terminfo/61/ansi-color-2-emx
-usr/share/terminfo/61/ansi-color-3-emx
-usr/share/terminfo/61/ansi-emx
-usr/share/terminfo/61/ansi-generic
-usr/share/terminfo/61/ansi-m
-usr/share/terminfo/61/ansi-mini
-usr/share/terminfo/61/ansi-mono
-usr/share/terminfo/61/ansi-mr
-usr/share/terminfo/61/ansi-mtabs
-usr/share/terminfo/61/ansi-nt
-usr/share/terminfo/61/ansi.sys
-usr/share/terminfo/61/ansi.sys-old
-usr/share/terminfo/61/ansi.sysk
-usr/share/terminfo/61/ansi43m
-usr/share/terminfo/61/ansi77
-usr/share/terminfo/61/ansi80x25
-usr/share/terminfo/61/ansi80x25-mono
-usr/share/terminfo/61/ansi80x25-raw
-usr/share/terminfo/61/ansi80x30
-usr/share/terminfo/61/ansi80x30-mono
-usr/share/terminfo/61/ansi80x43
-usr/share/terminfo/61/ansi80x43-mono
-usr/share/terminfo/61/ansi80x50
-usr/share/terminfo/61/ansi80x50-mono
-usr/share/terminfo/61/ansi80x60
-usr/share/terminfo/61/ansi80x60-mono
-usr/share/terminfo/61/ansil
-usr/share/terminfo/61/ansil-mono
-usr/share/terminfo/61/ansis
-usr/share/terminfo/61/ansis-mono
-usr/share/terminfo/61/ansisysk
-usr/share/terminfo/61/ansiterm
-usr/share/terminfo/61/ansiw
-usr/share/terminfo/61/ap-vm80
-usr/share/terminfo/61/apl
-usr/share/terminfo/61/apollo
-usr/share/terminfo/61/apollo_15P
-usr/share/terminfo/61/apollo_19L
-usr/share/terminfo/61/apollo_color
-usr/share/terminfo/61/apple-80
-usr/share/terminfo/61/apple-ae
-usr/share/terminfo/61/apple-soroc
-usr/share/terminfo/61/apple-uterm
-usr/share/terminfo/61/apple-uterm-vb
-usr/share/terminfo/61/apple-videx
-usr/share/terminfo/61/apple-videx2
-usr/share/terminfo/61/apple-videx3
-usr/share/terminfo/61/apple-vm80
-usr/share/terminfo/61/apple2e
-usr/share/terminfo/61/apple2e-p
-usr/share/terminfo/61/apple80p
-usr/share/terminfo/61/appleII
-usr/share/terminfo/61/appleIIc
-usr/share/terminfo/61/appleIIe
-usr/share/terminfo/61/appleIIgs
-usr/share/terminfo/61/arm100
-usr/share/terminfo/61/arm100-am
-usr/share/terminfo/61/arm100-w
-usr/share/terminfo/61/arm100-wam
-usr/share/terminfo/61/at
-usr/share/terminfo/61/at-color
-usr/share/terminfo/61/at-m
-usr/share/terminfo/61/at386
-usr/share/terminfo/61/atari
-usr/share/terminfo/61/atari-color
-usr/share/terminfo/61/atari-m
-usr/share/terminfo/61/atari-old
-usr/share/terminfo/61/atari_st
-usr/share/terminfo/61/atari_st-color
-usr/share/terminfo/61/atarist-m
-usr/share/terminfo/61/aterm
-usr/share/terminfo/61/att2300
-usr/share/terminfo/61/att2350
-usr/share/terminfo/61/att4410
-usr/share/terminfo/61/att4410-w
-usr/share/terminfo/61/att4410v1
-usr/share/terminfo/61/att4410v1-w
-usr/share/terminfo/61/att4415
-usr/share/terminfo/61/att4415+nl
-usr/share/terminfo/61/att4415-nl
-usr/share/terminfo/61/att4415-rv
-usr/share/terminfo/61/att4415-rv-nl
-usr/share/terminfo/61/att4415-w
-usr/share/terminfo/61/att4415-w-nl
-usr/share/terminfo/61/att4415-w-rv
-usr/share/terminfo/61/att4415-w-rv-n
-usr/share/terminfo/61/att4418
-usr/share/terminfo/61/att4418-w
-usr/share/terminfo/61/att4420
-usr/share/terminfo/61/att4424
-usr/share/terminfo/61/att4424-1
-usr/share/terminfo/61/att4424m
-usr/share/terminfo/61/att4425
-usr/share/terminfo/61/att4425-nl
-usr/share/terminfo/61/att4425-w
-usr/share/terminfo/61/att4426
-usr/share/terminfo/61/att500
-usr/share/terminfo/61/att505
-usr/share/terminfo/61/att505-24
-usr/share/terminfo/61/att510a
-usr/share/terminfo/61/att510d
-usr/share/terminfo/61/att513
-usr/share/terminfo/61/att5310
-usr/share/terminfo/61/att5320
-usr/share/terminfo/61/att5410
-usr/share/terminfo/61/att5410-w
-usr/share/terminfo/61/att5410v1
-usr/share/terminfo/61/att5410v1-w
-usr/share/terminfo/61/att5418
-usr/share/terminfo/61/att5418-w
-usr/share/terminfo/61/att5420
-usr/share/terminfo/61/att5420+nl
-usr/share/terminfo/61/att5420-nl
-usr/share/terminfo/61/att5420-rv
-usr/share/terminfo/61/att5420-rv-nl
-usr/share/terminfo/61/att5420-w
-usr/share/terminfo/61/att5420-w-nl
-usr/share/terminfo/61/att5420-w-rv
-usr/share/terminfo/61/att5420-w-rv-n
-usr/share/terminfo/61/att5420_2
-usr/share/terminfo/61/att5420_2-w
-usr/share/terminfo/61/att5425
-usr/share/terminfo/61/att5425-nl
-usr/share/terminfo/61/att5425-w
-usr/share/terminfo/61/att5430
-usr/share/terminfo/61/att5620
-usr/share/terminfo/61/att5620-1
-usr/share/terminfo/61/att5620-24
-usr/share/terminfo/61/att5620-34
-usr/share/terminfo/61/att5620-s
-usr/share/terminfo/61/att605
-usr/share/terminfo/61/att605-pc
-usr/share/terminfo/61/att605-w
-usr/share/terminfo/61/att610
-usr/share/terminfo/61/att610-103k
-usr/share/terminfo/61/att610-103k-w
-usr/share/terminfo/61/att610-w
-usr/share/terminfo/61/att615
-usr/share/terminfo/61/att615-103k
-usr/share/terminfo/61/att615-103k-w
-usr/share/terminfo/61/att615-w
-usr/share/terminfo/61/att620
-usr/share/terminfo/61/att620-103k
-usr/share/terminfo/61/att620-103k-w
-usr/share/terminfo/61/att620-w
-usr/share/terminfo/61/att630
-usr/share/terminfo/61/att630-24
-usr/share/terminfo/61/att6386
-usr/share/terminfo/61/att700
-usr/share/terminfo/61/att730
-usr/share/terminfo/61/att730-24
-usr/share/terminfo/61/att730-41
-usr/share/terminfo/61/att7300
-usr/share/terminfo/61/att730r
-usr/share/terminfo/61/att730r-24
-usr/share/terminfo/61/att730r-41
-usr/share/terminfo/61/avatar
-usr/share/terminfo/61/avatar0
-usr/share/terminfo/61/avatar0+
-usr/share/terminfo/61/avatar1
-usr/share/terminfo/61/avt
-usr/share/terminfo/61/avt+s
-usr/share/terminfo/61/avt-ns
-usr/share/terminfo/61/avt-rv
-usr/share/terminfo/61/avt-rv-ns
-usr/share/terminfo/61/avt-rv-s
-usr/share/terminfo/61/avt-s
-usr/share/terminfo/61/avt-w
-usr/share/terminfo/61/avt-w-ns
-usr/share/terminfo/61/avt-w-rv
-usr/share/terminfo/61/avt-w-rv-ns
-usr/share/terminfo/61/avt-w-rv-s
-usr/share/terminfo/61/avt-w-s
-usr/share/terminfo/61/aws
-usr/share/terminfo/61/awsc
-usr/share/terminfo/62/
-usr/share/terminfo/62/b-128
-usr/share/terminfo/62/bantam
-usr/share/terminfo/62/basic4
-usr/share/terminfo/62/basis
-usr/share/terminfo/62/bct510a
-usr/share/terminfo/62/bct510d
-usr/share/terminfo/62/beacon
-usr/share/terminfo/62/bee
-usr/share/terminfo/62/beehive
-usr/share/terminfo/62/beehive3
-usr/share/terminfo/62/beehive4
-usr/share/terminfo/62/beehiveIIIm
-usr/share/terminfo/62/beterm
-usr/share/terminfo/62/bg1.25
-usr/share/terminfo/62/bg1.25nv
-usr/share/terminfo/62/bg1.25rv
-usr/share/terminfo/62/bg2.0
-usr/share/terminfo/62/bg2.0nv
-usr/share/terminfo/62/bg2.0rv
-usr/share/terminfo/62/bg3.10
-usr/share/terminfo/62/bg3.10nv
-usr/share/terminfo/62/bg3.10rv
-usr/share/terminfo/62/bh3m
-usr/share/terminfo/62/bh4
-usr/share/terminfo/62/bitgraph
-usr/share/terminfo/62/blit
-usr/share/terminfo/62/bobcat
-usr/share/terminfo/62/bq300
-usr/share/terminfo/62/bq300-8
-usr/share/terminfo/62/bq300-8-pc
-usr/share/terminfo/62/bq300-8-pc-rv
-usr/share/terminfo/62/bq300-8-pc-w
-usr/share/terminfo/62/bq300-8-pc-w-rv
-usr/share/terminfo/62/bq300-8rv
-usr/share/terminfo/62/bq300-8w
-usr/share/terminfo/62/bq300-pc
-usr/share/terminfo/62/bq300-pc-rv
-usr/share/terminfo/62/bq300-pc-w
-usr/share/terminfo/62/bq300-pc-w-rv
-usr/share/terminfo/62/bq300-rv
-usr/share/terminfo/62/bq300-w
-usr/share/terminfo/62/bq300-w-8rv
-usr/share/terminfo/62/bq300-w-rv
-usr/share/terminfo/62/bsdos-pc
-usr/share/terminfo/62/bsdos-pc-m
-usr/share/terminfo/62/bsdos-pc-mono
-usr/share/terminfo/62/bsdos-pc-nobold
-usr/share/terminfo/62/bsdos-ppc
-usr/share/terminfo/62/bsdos-sparc
-usr/share/terminfo/62/bterm
-usr/share/terminfo/63/
-usr/share/terminfo/63/c100
-usr/share/terminfo/63/c100-1p
-usr/share/terminfo/63/c100-4p
-usr/share/terminfo/63/c100-rv
-usr/share/terminfo/63/c100-rv-4p
-usr/share/terminfo/63/c104
-usr/share/terminfo/63/c108
-usr/share/terminfo/63/c108-4p
-usr/share/terminfo/63/c108-8p
-usr/share/terminfo/63/c108-rv
-usr/share/terminfo/63/c108-rv-4p
-usr/share/terminfo/63/c108-rv-8p
-usr/share/terminfo/63/c108-w
-usr/share/terminfo/63/c108-w-8p
-usr/share/terminfo/63/c300
-usr/share/terminfo/63/c301
-usr/share/terminfo/63/c321
-usr/share/terminfo/63/ca22851
-usr/share/terminfo/63/cad68-2
-usr/share/terminfo/63/cad68-3
-usr/share/terminfo/63/cbblit
-usr/share/terminfo/63/cbunix
-usr/share/terminfo/63/cci
-usr/share/terminfo/63/cci1
-usr/share/terminfo/63/cdc456
-usr/share/terminfo/63/cdc721
-usr/share/terminfo/63/cdc721-esc
-usr/share/terminfo/63/cdc721ll
-usr/share/terminfo/63/cdc752
-usr/share/terminfo/63/cdc756
-usr/share/terminfo/63/cg7900
-usr/share/terminfo/63/cgc2
-usr/share/terminfo/63/cgc3
-usr/share/terminfo/63/chromatics
-usr/share/terminfo/63/ci8510
-usr/share/terminfo/63/cit-80
-usr/share/terminfo/63/cit101
-usr/share/terminfo/63/cit101e
-usr/share/terminfo/63/cit101e-132
-usr/share/terminfo/63/cit101e-n
-usr/share/terminfo/63/cit101e-n132
-usr/share/terminfo/63/cit101e-rv
-usr/share/terminfo/63/cit500
-usr/share/terminfo/63/cit80
-usr/share/terminfo/63/citc
-usr/share/terminfo/63/citoh
-usr/share/terminfo/63/citoh-6lpi
-usr/share/terminfo/63/citoh-8lpi
-usr/share/terminfo/63/citoh-comp
-usr/share/terminfo/63/citoh-elite
-usr/share/terminfo/63/citoh-pica
-usr/share/terminfo/63/citoh-prop
-usr/share/terminfo/63/citoh-ps
-usr/share/terminfo/63/coco3
-usr/share/terminfo/63/coherent
-usr/share/terminfo/63/color_xterm
-usr/share/terminfo/63/colorscan
-usr/share/terminfo/63/commodore
-usr/share/terminfo/63/concept
-usr/share/terminfo/63/concept-avt
-usr/share/terminfo/63/concept100
-usr/share/terminfo/63/concept100-rv
-usr/share/terminfo/63/concept108
-usr/share/terminfo/63/concept108-4p
-usr/share/terminfo/63/concept108-8p
-usr/share/terminfo/63/concept108-w-8
-usr/share/terminfo/63/concept108-w8p
-usr/share/terminfo/63/concept108rv4p
-usr/share/terminfo/63/cons25
-usr/share/terminfo/63/cons25-debian
-usr/share/terminfo/63/cons25-iso-m
-usr/share/terminfo/63/cons25-iso8859
-usr/share/terminfo/63/cons25-koi8-r
-usr/share/terminfo/63/cons25-koi8r-m
-usr/share/terminfo/63/cons25-m
-usr/share/terminfo/63/cons25l1
-usr/share/terminfo/63/cons25l1-m
-usr/share/terminfo/63/cons25r
-usr/share/terminfo/63/cons25r-m
-usr/share/terminfo/63/cons25w
-usr/share/terminfo/63/cons30
-usr/share/terminfo/63/cons30-m
-usr/share/terminfo/63/cons43
-usr/share/terminfo/63/cons43-m
-usr/share/terminfo/63/cons50
-usr/share/terminfo/63/cons50-iso-m
-usr/share/terminfo/63/cons50-iso8859
-usr/share/terminfo/63/cons50-koi8r
-usr/share/terminfo/63/cons50-koi8r-m
-usr/share/terminfo/63/cons50-m
-usr/share/terminfo/63/cons50l1
-usr/share/terminfo/63/cons50l1-m
-usr/share/terminfo/63/cons50r
-usr/share/terminfo/63/cons50r-m
-usr/share/terminfo/63/cons60
-usr/share/terminfo/63/cons60-iso
-usr/share/terminfo/63/cons60-iso-m
-usr/share/terminfo/63/cons60-koi8r
-usr/share/terminfo/63/cons60-koi8r-m
-usr/share/terminfo/63/cons60-m
-usr/share/terminfo/63/cons60l1
-usr/share/terminfo/63/cons60l1-m
-usr/share/terminfo/63/cons60r
-usr/share/terminfo/63/cons60r-m
-usr/share/terminfo/63/contel300
-usr/share/terminfo/63/contel301
-usr/share/terminfo/63/contel320
-usr/share/terminfo/63/contel321
-usr/share/terminfo/63/cops
-usr/share/terminfo/63/cops-10
-usr/share/terminfo/63/cops10
-usr/share/terminfo/63/crt
-usr/share/terminfo/63/crt-vt220
-usr/share/terminfo/63/cs10
-usr/share/terminfo/63/cs10-w
-usr/share/terminfo/63/ct82
-usr/share/terminfo/63/ct8500
-usr/share/terminfo/63/ctrm
-usr/share/terminfo/63/cx
-usr/share/terminfo/63/cx100
-usr/share/terminfo/63/cyb110
-usr/share/terminfo/63/cyb83
-usr/share/terminfo/63/cygwin
-usr/share/terminfo/63/cygwinB19
-usr/share/terminfo/63/cygwinDBG
-usr/share/terminfo/64/
-usr/share/terminfo/64/d132
-usr/share/terminfo/64/d2
-usr/share/terminfo/64/d2-dg
-usr/share/terminfo/64/d200
-usr/share/terminfo/64/d200-dg
-usr/share/terminfo/64/d210
-usr/share/terminfo/64/d210-dg
-usr/share/terminfo/64/d211
-usr/share/terminfo/64/d211-7b
-usr/share/terminfo/64/d211-dg
-usr/share/terminfo/64/d214
-usr/share/terminfo/64/d214-dg
-usr/share/terminfo/64/d215
-usr/share/terminfo/64/d215-7b
-usr/share/terminfo/64/d215-dg
-usr/share/terminfo/64/d216+
-usr/share/terminfo/64/d216+25
-usr/share/terminfo/64/d216+dg
-usr/share/terminfo/64/d216-dg
-usr/share/terminfo/64/d216-unix
-usr/share/terminfo/64/d216-unix-25
-usr/share/terminfo/64/d216e+
-usr/share/terminfo/64/d216e+dg
-usr/share/terminfo/64/d216e-dg
-usr/share/terminfo/64/d216e-unix
-usr/share/terminfo/64/d217-dg
-usr/share/terminfo/64/d217-unix
-usr/share/terminfo/64/d217-unix-25
-usr/share/terminfo/64/d220
-usr/share/terminfo/64/d220-7b
-usr/share/terminfo/64/d220-dg
-usr/share/terminfo/64/d230
-usr/share/terminfo/64/d230-dg
-usr/share/terminfo/64/d230c
-usr/share/terminfo/64/d230c-dg
-usr/share/terminfo/64/d400
-usr/share/terminfo/64/d400-dg
-usr/share/terminfo/64/d410
-usr/share/terminfo/64/d410-7b
-usr/share/terminfo/64/d410-7b-w
-usr/share/terminfo/64/d410-dg
-usr/share/terminfo/64/d410-w
-usr/share/terminfo/64/d411
-usr/share/terminfo/64/d411-7b
-usr/share/terminfo/64/d411-7b-w
-usr/share/terminfo/64/d411-dg
-usr/share/terminfo/64/d411-w
-usr/share/terminfo/64/d412+
-usr/share/terminfo/64/d412+25
-usr/share/terminfo/64/d412+dg
-usr/share/terminfo/64/d412+s
-usr/share/terminfo/64/d412+sr
-usr/share/terminfo/64/d412+w
-usr/share/terminfo/64/d412-dg
-usr/share/terminfo/64/d412-unix
-usr/share/terminfo/64/d412-unix-25
-usr/share/terminfo/64/d412-unix-s
-usr/share/terminfo/64/d412-unix-sr
-usr/share/terminfo/64/d412-unix-w
-usr/share/terminfo/64/d413-dg
-usr/share/terminfo/64/d413-unix
-usr/share/terminfo/64/d413-unix-25
-usr/share/terminfo/64/d413-unix-s
-usr/share/terminfo/64/d413-unix-sr
-usr/share/terminfo/64/d413-unix-w
-usr/share/terminfo/64/d414-unix
-usr/share/terminfo/64/d414-unix-25
-usr/share/terminfo/64/d414-unix-s
-usr/share/terminfo/64/d414-unix-sr
-usr/share/terminfo/64/d414-unix-w
-usr/share/terminfo/64/d430-dg
-usr/share/terminfo/64/d430-dg-ccc
-usr/share/terminfo/64/d430-unix
-usr/share/terminfo/64/d430-unix-25
-usr/share/terminfo/64/d430-unix-25-ccc
-usr/share/terminfo/64/d430-unix-ccc
-usr/share/terminfo/64/d430-unix-s
-usr/share/terminfo/64/d430-unix-s-ccc
-usr/share/terminfo/64/d430-unix-sr
-usr/share/terminfo/64/d430-unix-sr-ccc
-usr/share/terminfo/64/d430-unix-w
-usr/share/terminfo/64/d430-unix-w-ccc
-usr/share/terminfo/64/d430c-dg
-usr/share/terminfo/64/d430c-dg-ccc
-usr/share/terminfo/64/d430c-unix
-usr/share/terminfo/64/d430c-unix-25
-usr/share/terminfo/64/d430c-unix-25-ccc
-usr/share/terminfo/64/d430c-unix-ccc
-usr/share/terminfo/64/d430c-unix-s
-usr/share/terminfo/64/d430c-unix-s-ccc
-usr/share/terminfo/64/d430c-unix-sr
-usr/share/terminfo/64/d430c-unix-sr-ccc
-usr/share/terminfo/64/d430c-unix-w
-usr/share/terminfo/64/d430c-unix-w-ccc
-usr/share/terminfo/64/d450
-usr/share/terminfo/64/d450-dg
-usr/share/terminfo/64/d460
-usr/share/terminfo/64/d460-7b
-usr/share/terminfo/64/d460-7b-w
-usr/share/terminfo/64/d460-dg
-usr/share/terminfo/64/d460-w
-usr/share/terminfo/64/d461
-usr/share/terminfo/64/d461-7b
-usr/share/terminfo/64/d461-7b-w
-usr/share/terminfo/64/d461-dg
-usr/share/terminfo/64/d461-w
-usr/share/terminfo/64/d462+
-usr/share/terminfo/64/d462+25
-usr/share/terminfo/64/d462+dg
-usr/share/terminfo/64/d462+s
-usr/share/terminfo/64/d462+sr
-usr/share/terminfo/64/d462+w
-usr/share/terminfo/64/d462-dg
-usr/share/terminfo/64/d462-unix
-usr/share/terminfo/64/d462-unix-25
-usr/share/terminfo/64/d462-unix-s
-usr/share/terminfo/64/d462-unix-sr
-usr/share/terminfo/64/d462-unix-w
-usr/share/terminfo/64/d462e-dg
-usr/share/terminfo/64/d463-dg
-usr/share/terminfo/64/d463-unix
-usr/share/terminfo/64/d463-unix-25
-usr/share/terminfo/64/d463-unix-s
-usr/share/terminfo/64/d463-unix-sr
-usr/share/terminfo/64/d463-unix-w
-usr/share/terminfo/64/d464-unix
-usr/share/terminfo/64/d464-unix-25
-usr/share/terminfo/64/d464-unix-s
-usr/share/terminfo/64/d464-unix-sr
-usr/share/terminfo/64/d464-unix-w
-usr/share/terminfo/64/d470
-usr/share/terminfo/64/d470-7b
-usr/share/terminfo/64/d470-dg
-usr/share/terminfo/64/d470c
-usr/share/terminfo/64/d470c-7b
-usr/share/terminfo/64/d470c-dg
-usr/share/terminfo/64/d555
-usr/share/terminfo/64/d555-7b
-usr/share/terminfo/64/d555-7b-w
-usr/share/terminfo/64/d555-dg
-usr/share/terminfo/64/d555-w
-usr/share/terminfo/64/d577
-usr/share/terminfo/64/d577-7b
-usr/share/terminfo/64/d577-7b-w
-usr/share/terminfo/64/d577-dg
-usr/share/terminfo/64/d577-w
-usr/share/terminfo/64/d578
-usr/share/terminfo/64/d578-7b
-usr/share/terminfo/64/d578-dg
-usr/share/terminfo/64/d80
-usr/share/terminfo/64/d800
-usr/share/terminfo/64/darwin
-usr/share/terminfo/64/darwin-100x37
-usr/share/terminfo/64/darwin-100x37-m
-usr/share/terminfo/64/darwin-112x37
-usr/share/terminfo/64/darwin-112x37-m
-usr/share/terminfo/64/darwin-128x40
-usr/share/terminfo/64/darwin-128x40-m
-usr/share/terminfo/64/darwin-128x48
-usr/share/terminfo/64/darwin-128x48-m
-usr/share/terminfo/64/darwin-144x48
-usr/share/terminfo/64/darwin-144x48-m
-usr/share/terminfo/64/darwin-160x64
-usr/share/terminfo/64/darwin-160x64-m
-usr/share/terminfo/64/darwin-200x64
-usr/share/terminfo/64/darwin-200x64-m
-usr/share/terminfo/64/darwin-200x75
-usr/share/terminfo/64/darwin-200x75-m
-usr/share/terminfo/64/darwin-256x96
-usr/share/terminfo/64/darwin-256x96-m
-usr/share/terminfo/64/darwin-80x25
-usr/share/terminfo/64/darwin-80x25-m
-usr/share/terminfo/64/darwin-80x30
-usr/share/terminfo/64/darwin-80x30-m
-usr/share/terminfo/64/darwin-90x30
-usr/share/terminfo/64/darwin-90x30-m
-usr/share/terminfo/64/darwin-b
-usr/share/terminfo/64/darwin-f
-usr/share/terminfo/64/darwin-f2
-usr/share/terminfo/64/darwin-m
-usr/share/terminfo/64/darwin-m-b
-usr/share/terminfo/64/darwin-m-f
-usr/share/terminfo/64/darwin-m-f2
-usr/share/terminfo/64/datagraphix
-usr/share/terminfo/64/datamedia2500
-usr/share/terminfo/64/datapoint
-usr/share/terminfo/64/dataspeed40
-usr/share/terminfo/64/dd5000
-usr/share/terminfo/64/ddr
-usr/share/terminfo/64/ddr3180
-usr/share/terminfo/64/dec+pp
-usr/share/terminfo/64/dec+sl
-usr/share/terminfo/64/dec-vt100
-usr/share/terminfo/64/dec-vt220
-usr/share/terminfo/64/dec-vt330
-usr/share/terminfo/64/dec-vt340
-usr/share/terminfo/64/dec-vt400
-usr/share/terminfo/64/decansi
-usr/share/terminfo/64/decpro
-usr/share/terminfo/64/decwriter
-usr/share/terminfo/64/delta
-usr/share/terminfo/64/dg+ccc
-usr/share/terminfo/64/dg+color
-usr/share/terminfo/64/dg+color8
-usr/share/terminfo/64/dg+fixed
-usr/share/terminfo/64/dg-ansi
-usr/share/terminfo/64/dg-generic
-usr/share/terminfo/64/dg100
-usr/share/terminfo/64/dg200
-usr/share/terminfo/64/dg210
-usr/share/terminfo/64/dg211
-usr/share/terminfo/64/dg450
-usr/share/terminfo/64/dg460-ansi
-usr/share/terminfo/64/dg6053
-usr/share/terminfo/64/dg6053-old
-usr/share/terminfo/64/dg605x
-usr/share/terminfo/64/dg6134
-usr/share/terminfo/64/dgkeys+11
-usr/share/terminfo/64/dgkeys+15
-usr/share/terminfo/64/dgkeys+7b
-usr/share/terminfo/64/dgkeys+8b
-usr/share/terminfo/64/dgmode+color
-usr/share/terminfo/64/dgmode+color8
-usr/share/terminfo/64/dgunix+ccc
-usr/share/terminfo/64/dgunix+fixed
-usr/share/terminfo/64/diablo
-usr/share/terminfo/64/diablo-lm
-usr/share/terminfo/64/diablo1620
-usr/share/terminfo/64/diablo1620-m8
-usr/share/terminfo/64/diablo1640
-usr/share/terminfo/64/diablo1640-lm
-usr/share/terminfo/64/diablo1640-m8
-usr/share/terminfo/64/diablo1720
-usr/share/terminfo/64/diablo1730
-usr/share/terminfo/64/diablo1740
-usr/share/terminfo/64/diablo1740-lm
-usr/share/terminfo/64/diablo450
-usr/share/terminfo/64/diablo630
-usr/share/terminfo/64/dialogue
-usr/share/terminfo/64/dialogue80
-usr/share/terminfo/64/digilog
-usr/share/terminfo/64/djgpp
-usr/share/terminfo/64/djgpp203
-usr/share/terminfo/64/djgpp204
-usr/share/terminfo/64/dku7003
-usr/share/terminfo/64/dku7003-dumb
-usr/share/terminfo/64/dku7102
-usr/share/terminfo/64/dku7102-old
-usr/share/terminfo/64/dku7102-sna
-usr/share/terminfo/64/dku7103-sna
-usr/share/terminfo/64/dku7202
-usr/share/terminfo/64/dm1520
-usr/share/terminfo/64/dm1521
-usr/share/terminfo/64/dm2500
-usr/share/terminfo/64/dm3025
-usr/share/terminfo/64/dm3045
-usr/share/terminfo/64/dm80
-usr/share/terminfo/64/dm80w
-usr/share/terminfo/64/dmchat
-usr/share/terminfo/64/dmd
-usr/share/terminfo/64/dmd-24
-usr/share/terminfo/64/dmd-34
-usr/share/terminfo/64/dmd1
-usr/share/terminfo/64/dmdt80
-usr/share/terminfo/64/dmdt80w
-usr/share/terminfo/64/dmterm
-usr/share/terminfo/64/dp3360
-usr/share/terminfo/64/dp8242
-usr/share/terminfo/64/ds40
-usr/share/terminfo/64/ds40-2
-usr/share/terminfo/64/dt-100
-usr/share/terminfo/64/dt-100w
-usr/share/terminfo/64/dt100
-usr/share/terminfo/64/dt100w
-usr/share/terminfo/64/dt110
-usr/share/terminfo/64/dt80
-usr/share/terminfo/64/dt80-sas
-usr/share/terminfo/64/dt80w
-usr/share/terminfo/64/dtc300s
-usr/share/terminfo/64/dtc382
-usr/share/terminfo/64/dtterm
-usr/share/terminfo/64/dumb
-usr/share/terminfo/64/dumb-emacs-ansi
-usr/share/terminfo/64/dvtm
-usr/share/terminfo/64/dvtm-256color
-usr/share/terminfo/64/dw
-usr/share/terminfo/64/dw1
-usr/share/terminfo/64/dw2
-usr/share/terminfo/64/dw3
-usr/share/terminfo/64/dw4
-usr/share/terminfo/64/dwk
-usr/share/terminfo/64/dwk-vt
-usr/share/terminfo/65/
-usr/share/terminfo/65/ecma+color
-usr/share/terminfo/65/ecma+italics
-usr/share/terminfo/65/ecma+sgr
-usr/share/terminfo/65/ecma+strikeout
-usr/share/terminfo/65/elks
-usr/share/terminfo/65/elks-ansi
-usr/share/terminfo/65/elks-glasstty
-usr/share/terminfo/65/elks-vt52
-usr/share/terminfo/65/emots
-usr/share/terminfo/65/emu
-usr/share/terminfo/65/emu-220
-usr/share/terminfo/65/emx-base
-usr/share/terminfo/65/env230
-usr/share/terminfo/65/envision230
-usr/share/terminfo/65/ep40
-usr/share/terminfo/65/ep4000
-usr/share/terminfo/65/ep4080
-usr/share/terminfo/65/ep48
-usr/share/terminfo/65/ergo4000
-usr/share/terminfo/65/esprit
-usr/share/terminfo/65/esprit-am
-usr/share/terminfo/65/eterm
-usr/share/terminfo/65/eterm-color
-usr/share/terminfo/65/ex155
-usr/share/terminfo/65/excel62
-usr/share/terminfo/65/excel62-rv
-usr/share/terminfo/65/excel62-w
-usr/share/terminfo/65/excel64
-usr/share/terminfo/65/excel64-rv
-usr/share/terminfo/65/excel64-w
-usr/share/terminfo/65/exec80
-usr/share/terminfo/66/
-usr/share/terminfo/66/f100
-usr/share/terminfo/66/f100-rv
-usr/share/terminfo/66/f110
-usr/share/terminfo/66/f110-14
-usr/share/terminfo/66/f110-14w
-usr/share/terminfo/66/f110-w
-usr/share/terminfo/66/f1720
-usr/share/terminfo/66/f1720a
-usr/share/terminfo/66/f200
-usr/share/terminfo/66/f200-w
-usr/share/terminfo/66/f200vi
-usr/share/terminfo/66/f200vi-w
-usr/share/terminfo/66/falco
-usr/share/terminfo/66/falco-p
-usr/share/terminfo/66/fbterm
-usr/share/terminfo/66/fenix
-usr/share/terminfo/66/fenixw
-usr/share/terminfo/66/fixterm
-usr/share/terminfo/66/fortune
-usr/share/terminfo/66/fos
-usr/share/terminfo/66/fox
-usr/share/terminfo/66/freedom
-usr/share/terminfo/66/freedom-rv
-usr/share/terminfo/66/freedom100
-usr/share/terminfo/66/freedom110
-usr/share/terminfo/66/freedom200
-usr/share/terminfo/67/
-usr/share/terminfo/67/gator
-usr/share/terminfo/67/gator-52
-usr/share/terminfo/67/gator-52t
-usr/share/terminfo/67/gator-t
-usr/share/terminfo/67/gigi
-usr/share/terminfo/67/glasstty
-usr/share/terminfo/67/gnome
-usr/share/terminfo/67/gnome+pcfkeys
-usr/share/terminfo/67/gnome-2007
-usr/share/terminfo/67/gnome-2008
-usr/share/terminfo/67/gnome-2012
-usr/share/terminfo/67/gnome-256color
-usr/share/terminfo/67/gnome-fc5
-usr/share/terminfo/67/gnome-rh62
-usr/share/terminfo/67/gnome-rh72
-usr/share/terminfo/67/gnome-rh80
-usr/share/terminfo/67/gnome-rh90
-usr/share/terminfo/67/go-225
-usr/share/terminfo/67/go140
-usr/share/terminfo/67/go140w
-usr/share/terminfo/67/go225
-usr/share/terminfo/67/graphos
-usr/share/terminfo/67/graphos-30
-usr/share/terminfo/67/gs5430
-usr/share/terminfo/67/gs5430-22
-usr/share/terminfo/67/gs5430-24
-usr/share/terminfo/67/gs6300
-usr/share/terminfo/67/gsi
-usr/share/terminfo/67/gt100
-usr/share/terminfo/67/gt100a
-usr/share/terminfo/67/gt40
-usr/share/terminfo/67/gt42
-usr/share/terminfo/67/guru
-usr/share/terminfo/67/guru+rv
-usr/share/terminfo/67/guru+s
-usr/share/terminfo/67/guru+unk
-usr/share/terminfo/67/guru-24
-usr/share/terminfo/67/guru-33
-usr/share/terminfo/67/guru-33-rv
-usr/share/terminfo/67/guru-33-s
-usr/share/terminfo/67/guru-44
-usr/share/terminfo/67/guru-44-s
-usr/share/terminfo/67/guru-76
-usr/share/terminfo/67/guru-76-lp
-usr/share/terminfo/67/guru-76-s
-usr/share/terminfo/67/guru-76-w
-usr/share/terminfo/67/guru-76-w-s
-usr/share/terminfo/67/guru-76-wm
-usr/share/terminfo/67/guru-lp
-usr/share/terminfo/67/guru-nctxt
-usr/share/terminfo/67/guru-rv
-usr/share/terminfo/67/guru-s
-usr/share/terminfo/68/
-usr/share/terminfo/68/h-100
-usr/share/terminfo/68/h-100bw
-usr/share/terminfo/68/h100
-usr/share/terminfo/68/h100bw
-usr/share/terminfo/68/h19
-usr/share/terminfo/68/h19-a
-usr/share/terminfo/68/h19-b
-usr/share/terminfo/68/h19-bs
-usr/share/terminfo/68/h19-g
-usr/share/terminfo/68/h19-smul
-usr/share/terminfo/68/h19-u
-usr/share/terminfo/68/h19-us
-usr/share/terminfo/68/h19a
-usr/share/terminfo/68/h19g
-usr/share/terminfo/68/h19k
-usr/share/terminfo/68/h19kermit
-usr/share/terminfo/68/h19us
-usr/share/terminfo/68/h29a-kc-bc
-usr/share/terminfo/68/h29a-kc-uc
-usr/share/terminfo/68/h29a-nkc-bc
-usr/share/terminfo/68/h29a-nkc-uc
-usr/share/terminfo/68/h80
-usr/share/terminfo/68/ha8675
-usr/share/terminfo/68/ha8686
-usr/share/terminfo/68/hazel
-usr/share/terminfo/68/hds200
-usr/share/terminfo/68/he80
-usr/share/terminfo/68/heath
-usr/share/terminfo/68/heath-19
-usr/share/terminfo/68/heath-ansi
-usr/share/terminfo/68/heathkit
-usr/share/terminfo/68/heathkit-a
-usr/share/terminfo/68/hft
-usr/share/terminfo/68/hft-c
-usr/share/terminfo/68/hft-c-old
-usr/share/terminfo/68/hft-old
-usr/share/terminfo/68/hirez100
-usr/share/terminfo/68/hirez100-w
-usr/share/terminfo/68/hmod1
-usr/share/terminfo/68/hp
-usr/share/terminfo/68/hp+arrows
-usr/share/terminfo/68/hp+color
-usr/share/terminfo/68/hp+labels
-usr/share/terminfo/68/hp+pfk+arrows
-usr/share/terminfo/68/hp+pfk+cr
-usr/share/terminfo/68/hp+pfk-cr
-usr/share/terminfo/68/hp+printer
-usr/share/terminfo/68/hp110
-usr/share/terminfo/68/hp150
-usr/share/terminfo/68/hp2
-usr/share/terminfo/68/hp236
-usr/share/terminfo/68/hp2382
-usr/share/terminfo/68/hp2382a
-usr/share/terminfo/68/hp2392
-usr/share/terminfo/68/hp2397
-usr/share/terminfo/68/hp2397a
-usr/share/terminfo/68/hp2621
-usr/share/terminfo/68/hp2621-48
-usr/share/terminfo/68/hp2621-a
-usr/share/terminfo/68/hp2621-ba
-usr/share/terminfo/68/hp2621-fl
-usr/share/terminfo/68/hp2621-k45
-usr/share/terminfo/68/hp2621-nl
-usr/share/terminfo/68/hp2621-nt
-usr/share/terminfo/68/hp2621-wl
-usr/share/terminfo/68/hp2621A
-usr/share/terminfo/68/hp2621a-a
-usr/share/terminfo/68/hp2621b
-usr/share/terminfo/68/hp2621b-kx
-usr/share/terminfo/68/hp2621b-kx-p
-usr/share/terminfo/68/hp2621b-p
-usr/share/terminfo/68/hp2621k45
-usr/share/terminfo/68/hp2621p
-usr/share/terminfo/68/hp2621p-a
-usr/share/terminfo/68/hp2622
-usr/share/terminfo/68/hp2622a
-usr/share/terminfo/68/hp2623
-usr/share/terminfo/68/hp2623a
-usr/share/terminfo/68/hp2624
-usr/share/terminfo/68/hp2624-10p
-usr/share/terminfo/68/hp2624a
-usr/share/terminfo/68/hp2624a-10p
-usr/share/terminfo/68/hp2624b
-usr/share/terminfo/68/hp2624b-10p
-usr/share/terminfo/68/hp2624b-10p-p
-usr/share/terminfo/68/hp2624b-4p
-usr/share/terminfo/68/hp2624b-4p-p
-usr/share/terminfo/68/hp2624b-p
-usr/share/terminfo/68/hp2626
-usr/share/terminfo/68/hp2626-12
-usr/share/terminfo/68/hp2626-12-s
-usr/share/terminfo/68/hp2626-12x40
-usr/share/terminfo/68/hp2626-ns
-usr/share/terminfo/68/hp2626-s
-usr/share/terminfo/68/hp2626-x40
-usr/share/terminfo/68/hp2626a
-usr/share/terminfo/68/hp2626p
-usr/share/terminfo/68/hp2627a
-usr/share/terminfo/68/hp2627a-rev
-usr/share/terminfo/68/hp2627c
-usr/share/terminfo/68/hp262x
-usr/share/terminfo/68/hp2640a
-usr/share/terminfo/68/hp2640b
-usr/share/terminfo/68/hp2641a
-usr/share/terminfo/68/hp2644a
-usr/share/terminfo/68/hp2645
-usr/share/terminfo/68/hp2645a
-usr/share/terminfo/68/hp2647a
-usr/share/terminfo/68/hp2648
-usr/share/terminfo/68/hp2648a
-usr/share/terminfo/68/hp300h
-usr/share/terminfo/68/hp45
-usr/share/terminfo/68/hp700
-usr/share/terminfo/68/hp700-wy
-usr/share/terminfo/68/hp70092
-usr/share/terminfo/68/hp70092A
-usr/share/terminfo/68/hp9837
-usr/share/terminfo/68/hp9845
-usr/share/terminfo/68/hp98550
-usr/share/terminfo/68/hp98550a
-usr/share/terminfo/68/hp98720
-usr/share/terminfo/68/hp98721
-usr/share/terminfo/68/hpansi
-usr/share/terminfo/68/hpex
-usr/share/terminfo/68/hpex2
-usr/share/terminfo/68/hpgeneric
-usr/share/terminfo/68/hpsub
-usr/share/terminfo/68/hpterm
-usr/share/terminfo/68/hpterm-color
-usr/share/terminfo/68/htx11
-usr/share/terminfo/68/hurd
-usr/share/terminfo/68/hz1000
-usr/share/terminfo/68/hz1420
-usr/share/terminfo/68/hz1500
-usr/share/terminfo/68/hz1510
-usr/share/terminfo/68/hz1520
-usr/share/terminfo/68/hz1520-noesc
-usr/share/terminfo/68/hz1552
-usr/share/terminfo/68/hz1552-rv
-usr/share/terminfo/68/hz2000
-usr/share/terminfo/69/
-usr/share/terminfo/69/i100
-usr/share/terminfo/69/i3101
-usr/share/terminfo/69/i3164
-usr/share/terminfo/69/i400
-usr/share/terminfo/69/iTerm.app
-usr/share/terminfo/69/iTerm2.app
-usr/share/terminfo/69/ibcs2
-usr/share/terminfo/69/ibm+16color
-usr/share/terminfo/69/ibm+color
-usr/share/terminfo/69/ibm-apl
-usr/share/terminfo/69/ibm-pc
-usr/share/terminfo/69/ibm-system1
-usr/share/terminfo/69/ibm3101
-usr/share/terminfo/69/ibm3151
-usr/share/terminfo/69/ibm3161
-usr/share/terminfo/69/ibm3161-C
-usr/share/terminfo/69/ibm3162
-usr/share/terminfo/69/ibm3163
-usr/share/terminfo/69/ibm3164
-usr/share/terminfo/69/ibm327x
-usr/share/terminfo/69/ibm5051
-usr/share/terminfo/69/ibm5081
-usr/share/terminfo/69/ibm5081-c
-usr/share/terminfo/69/ibm5151
-usr/share/terminfo/69/ibm5154
-usr/share/terminfo/69/ibm5154-c
-usr/share/terminfo/69/ibm6153
-usr/share/terminfo/69/ibm6153-40
-usr/share/terminfo/69/ibm6153-90
-usr/share/terminfo/69/ibm6154
-usr/share/terminfo/69/ibm6154-c
-usr/share/terminfo/69/ibm6155
-usr/share/terminfo/69/ibm8503
-usr/share/terminfo/69/ibm8507
-usr/share/terminfo/69/ibm8512
-usr/share/terminfo/69/ibm8513
-usr/share/terminfo/69/ibm8514
-usr/share/terminfo/69/ibm8514-c
-usr/share/terminfo/69/ibm8604
-usr/share/terminfo/69/ibmaed
-usr/share/terminfo/69/ibmapa16
-usr/share/terminfo/69/ibmapa8
-usr/share/terminfo/69/ibmapa8c
-usr/share/terminfo/69/ibmapa8c-c
-usr/share/terminfo/69/ibmega
-usr/share/terminfo/69/ibmega-c
-usr/share/terminfo/69/ibmmono
-usr/share/terminfo/69/ibmmpel-c
-usr/share/terminfo/69/ibmpc
-usr/share/terminfo/69/ibmpc3
-usr/share/terminfo/69/ibmpc3r
-usr/share/terminfo/69/ibmpc3r-mono
-usr/share/terminfo/69/ibmpcx
-usr/share/terminfo/69/ibmvga
-usr/share/terminfo/69/ibmvga-c
-usr/share/terminfo/69/ibmx
-usr/share/terminfo/69/icl6402
-usr/share/terminfo/69/icl6404
-usr/share/terminfo/69/icl6404-w
-usr/share/terminfo/69/ifmr
-usr/share/terminfo/69/ims-ansi
-usr/share/terminfo/69/ims950
-usr/share/terminfo/69/ims950-b
-usr/share/terminfo/69/ims950-rv
-usr/share/terminfo/69/infoton
-usr/share/terminfo/69/interix
-usr/share/terminfo/69/interix-nti
-usr/share/terminfo/69/intertec
-usr/share/terminfo/69/intertube
-usr/share/terminfo/69/intertube2
-usr/share/terminfo/69/intext
-usr/share/terminfo/69/intext2
-usr/share/terminfo/69/intextii
-usr/share/terminfo/69/ips
-usr/share/terminfo/69/ipsi
-usr/share/terminfo/69/iq120
-usr/share/terminfo/69/iq140
-usr/share/terminfo/69/iris-ansi
-usr/share/terminfo/69/iris-ansi-ap
-usr/share/terminfo/69/iris-ansi-net
-usr/share/terminfo/69/iris-color
-usr/share/terminfo/69/iris40
-usr/share/terminfo/69/iterm
-usr/share/terminfo/69/iterm2
-usr/share/terminfo/69/iterm2-direct
-usr/share/terminfo/6a/
-usr/share/terminfo/6a/jaixterm
-usr/share/terminfo/6a/jaixterm-m
-usr/share/terminfo/6a/jerq
-usr/share/terminfo/6a/jfbterm
-usr/share/terminfo/6b/
-usr/share/terminfo/6b/k45
-usr/share/terminfo/6b/kaypro
-usr/share/terminfo/6b/kaypro2
-usr/share/terminfo/6b/kds6402
-usr/share/terminfo/6b/kds7372
-usr/share/terminfo/6b/kds7372-w
-usr/share/terminfo/6b/kermit
-usr/share/terminfo/6b/kermit-am
-usr/share/terminfo/6b/klone+acs
-usr/share/terminfo/6b/klone+color
-usr/share/terminfo/6b/klone+koi8acs
-usr/share/terminfo/6b/klone+sgr
-usr/share/terminfo/6b/klone+sgr-dumb
-usr/share/terminfo/6b/klone+sgr8
-usr/share/terminfo/6b/kon
-usr/share/terminfo/6b/kon2
-usr/share/terminfo/6b/konsole
-usr/share/terminfo/6b/konsole+pcfkeys
-usr/share/terminfo/6b/konsole-16color
-usr/share/terminfo/6b/konsole-256color
-usr/share/terminfo/6b/konsole-base
-usr/share/terminfo/6b/konsole-direct
-usr/share/terminfo/6b/konsole-linux
-usr/share/terminfo/6b/konsole-solaris
-usr/share/terminfo/6b/konsole-vt100
-usr/share/terminfo/6b/konsole-vt420pc
-usr/share/terminfo/6b/konsole-xf3x
-usr/share/terminfo/6b/konsole-xf4x
-usr/share/terminfo/6b/kt7
-usr/share/terminfo/6b/kt7ix
-usr/share/terminfo/6b/kterm
-usr/share/terminfo/6b/kterm-co
-usr/share/terminfo/6b/kterm-color
-usr/share/terminfo/6b/ktm
-usr/share/terminfo/6b/kvt
-usr/share/terminfo/6c/
-usr/share/terminfo/6c/la120
-usr/share/terminfo/6c/layer
-usr/share/terminfo/6c/lft
-usr/share/terminfo/6c/lft-pc850
-usr/share/terminfo/6c/linux
-usr/share/terminfo/6c/linux-16color
-usr/share/terminfo/6c/linux-basic
-usr/share/terminfo/6c/linux-c
-usr/share/terminfo/6c/linux-c-nc
-usr/share/terminfo/6c/linux-koi8
-usr/share/terminfo/6c/linux-koi8r
-usr/share/terminfo/6c/linux-lat
-usr/share/terminfo/6c/linux-m
-usr/share/terminfo/6c/linux-m1
-usr/share/terminfo/6c/linux-m1b
-usr/share/terminfo/6c/linux-m2
-usr/share/terminfo/6c/linux-nic
-usr/share/terminfo/6c/linux-vt
-usr/share/terminfo/6c/linux2.2
-usr/share/terminfo/6c/linux2.6
-usr/share/terminfo/6c/linux2.6.26
-usr/share/terminfo/6c/linux3.0
-usr/share/terminfo/6c/lisa
-usr/share/terminfo/6c/lisaterm
-usr/share/terminfo/6c/lisaterm-w
-usr/share/terminfo/6c/liswb
-usr/share/terminfo/6c/ln03
-usr/share/terminfo/6c/ln03-w
-usr/share/terminfo/6c/lpr
-usr/share/terminfo/6c/luna
-usr/share/terminfo/6c/luna68k
-usr/share/terminfo/6d/
-usr/share/terminfo/6d/m2-nam
-usr/share/terminfo/6d/mac
-usr/share/terminfo/6d/mac-w
-usr/share/terminfo/6d/mach
-usr/share/terminfo/6d/mach-bold
-usr/share/terminfo/6d/mach-color
-usr/share/terminfo/6d/mach-gnu
-usr/share/terminfo/6d/mach-gnu-color
-usr/share/terminfo/6d/macintosh
-usr/share/terminfo/6d/macterminal-w
-usr/share/terminfo/6d/mai
-usr/share/terminfo/6d/masscomp
-usr/share/terminfo/6d/masscomp1
-usr/share/terminfo/6d/masscomp2
-usr/share/terminfo/6d/mdl110
-usr/share/terminfo/6d/megatek
-usr/share/terminfo/6d/memhp
-usr/share/terminfo/6d/mgr
-usr/share/terminfo/6d/mgr-linux
-usr/share/terminfo/6d/mgr-sun
-usr/share/terminfo/6d/mgt
-usr/share/terminfo/6d/mgterm
-usr/share/terminfo/6d/microb
-usr/share/terminfo/6d/microbee
-usr/share/terminfo/6d/microterm
-usr/share/terminfo/6d/microterm5
-usr/share/terminfo/6d/mime
-usr/share/terminfo/6d/mime-3ax
-usr/share/terminfo/6d/mime-fb
-usr/share/terminfo/6d/mime-hb
-usr/share/terminfo/6d/mime1
-usr/share/terminfo/6d/mime2
-usr/share/terminfo/6d/mime2a
-usr/share/terminfo/6d/mime2a-s
-usr/share/terminfo/6d/mime2a-v
-usr/share/terminfo/6d/mime314
-usr/share/terminfo/6d/mime340
-usr/share/terminfo/6d/mime3a
-usr/share/terminfo/6d/mime3ax
-usr/share/terminfo/6d/mimei
-usr/share/terminfo/6d/mimeii
-usr/share/terminfo/6d/minitel
-usr/share/terminfo/6d/minitel-2
-usr/share/terminfo/6d/minitel-2-nam
-usr/share/terminfo/6d/minitel1
-usr/share/terminfo/6d/minitel1-nb
-usr/share/terminfo/6d/minitel12-80
-usr/share/terminfo/6d/minitel1b
-usr/share/terminfo/6d/minitel1b-80
-usr/share/terminfo/6d/minitel1b-nb
-usr/share/terminfo/6d/minitel2-80
-usr/share/terminfo/6d/minix
-usr/share/terminfo/6d/minix-1.5
-usr/share/terminfo/6d/minix-1.7
-usr/share/terminfo/6d/minix-3.0
-usr/share/terminfo/6d/minix-old
-usr/share/terminfo/6d/minix-old-am
-usr/share/terminfo/6d/mlterm
-usr/share/terminfo/6d/mlterm+pcfkeys
-usr/share/terminfo/6d/mlterm-256color
-usr/share/terminfo/6d/mlterm-direct
-usr/share/terminfo/6d/mlterm2
-usr/share/terminfo/6d/mlterm3
-usr/share/terminfo/6d/mm314
-usr/share/terminfo/6d/mm340
-usr/share/terminfo/6d/mod
-usr/share/terminfo/6d/mod24
-usr/share/terminfo/6d/modgraph
-usr/share/terminfo/6d/modgraph2
-usr/share/terminfo/6d/modgraph48
-usr/share/terminfo/6d/mono-emx
-usr/share/terminfo/6d/morphos
-usr/share/terminfo/6d/mouse-sun
-usr/share/terminfo/6d/mrxvt
-usr/share/terminfo/6d/mrxvt-256color
-usr/share/terminfo/6d/ms-vt-utf8
-usr/share/terminfo/6d/ms-vt100
-usr/share/terminfo/6d/ms-vt100+
-usr/share/terminfo/6d/ms-vt100-color
-usr/share/terminfo/6d/msk227
-usr/share/terminfo/6d/msk22714
-usr/share/terminfo/6d/msk227am
-usr/share/terminfo/6d/mskermit227
-usr/share/terminfo/6d/mskermit22714
-usr/share/terminfo/6d/mskermit227am
-usr/share/terminfo/6d/mt-70
-usr/share/terminfo/6d/mt4520-rv
-usr/share/terminfo/6d/mt70
-usr/share/terminfo/6d/mterm
-usr/share/terminfo/6d/mterm-ansi
-usr/share/terminfo/6d/mvterm
-usr/share/terminfo/6e/
-usr/share/terminfo/6e/nansi.sys
-usr/share/terminfo/6e/nansi.sysk
-usr/share/terminfo/6e/nansisys
-usr/share/terminfo/6e/nansisysk
-usr/share/terminfo/6e/ncr160vppp
-usr/share/terminfo/6e/ncr160vpwpp
-usr/share/terminfo/6e/ncr160vt100an
-usr/share/terminfo/6e/ncr160vt100pp
-usr/share/terminfo/6e/ncr160vt100wan
-usr/share/terminfo/6e/ncr160vt100wpp
-usr/share/terminfo/6e/ncr160vt200an
-usr/share/terminfo/6e/ncr160vt200pp
-usr/share/terminfo/6e/ncr160vt200wan
-usr/share/terminfo/6e/ncr160vt200wpp
-usr/share/terminfo/6e/ncr160vt300an
-usr/share/terminfo/6e/ncr160vt300pp
-usr/share/terminfo/6e/ncr160vt300wan
-usr/share/terminfo/6e/ncr160vt300wpp
-usr/share/terminfo/6e/ncr160wy50+pp
-usr/share/terminfo/6e/ncr160wy50+wpp
-usr/share/terminfo/6e/ncr160wy60pp
-usr/share/terminfo/6e/ncr160wy60wpp
-usr/share/terminfo/6e/ncr260intan
-usr/share/terminfo/6e/ncr260intpp
-usr/share/terminfo/6e/ncr260intwan
-usr/share/terminfo/6e/ncr260intwpp
-usr/share/terminfo/6e/ncr260vppp
-usr/share/terminfo/6e/ncr260vpwpp
-usr/share/terminfo/6e/ncr260vt100an
-usr/share/terminfo/6e/ncr260vt100pp
-usr/share/terminfo/6e/ncr260vt100wan
-usr/share/terminfo/6e/ncr260vt100wpp
-usr/share/terminfo/6e/ncr260vt200an
-usr/share/terminfo/6e/ncr260vt200pp
-usr/share/terminfo/6e/ncr260vt200wan
-usr/share/terminfo/6e/ncr260vt200wpp
-usr/share/terminfo/6e/ncr260vt300an
-usr/share/terminfo/6e/ncr260vt300pp
-usr/share/terminfo/6e/ncr260vt300wan
-usr/share/terminfo/6e/ncr260vt300wpp
-usr/share/terminfo/6e/ncr260wy325pp
-usr/share/terminfo/6e/ncr260wy325wpp
-usr/share/terminfo/6e/ncr260wy350pp
-usr/share/terminfo/6e/ncr260wy350wpp
-usr/share/terminfo/6e/ncr260wy50+pp
-usr/share/terminfo/6e/ncr260wy50+wpp
-usr/share/terminfo/6e/ncr260wy60pp
-usr/share/terminfo/6e/ncr260wy60wpp
-usr/share/terminfo/6e/ncr7900
-usr/share/terminfo/6e/ncr7900i
-usr/share/terminfo/6e/ncr7900iv
-usr/share/terminfo/6e/ncr7901
-usr/share/terminfo/6e/ncrvt100an
-usr/share/terminfo/6e/ncrvt100pp
-usr/share/terminfo/6e/ncrvt100wan
-usr/share/terminfo/6e/ncrvt100wpp
-usr/share/terminfo/6e/ncsa
-usr/share/terminfo/6e/ncsa-m
-usr/share/terminfo/6e/ncsa-m-ns
-usr/share/terminfo/6e/ncsa-ns
-usr/share/terminfo/6e/ncsa-vt220
-usr/share/terminfo/6e/ncsa-vt220-8
-usr/share/terminfo/6e/nd9500
-usr/share/terminfo/6e/ndr9500
-usr/share/terminfo/6e/ndr9500-25
-usr/share/terminfo/6e/ndr9500-25-mc
-usr/share/terminfo/6e/ndr9500-25-mc-nl
-usr/share/terminfo/6e/ndr9500-25-nl
-usr/share/terminfo/6e/ndr9500-mc
-usr/share/terminfo/6e/ndr9500-mc-nl
-usr/share/terminfo/6e/ndr9500-nl
-usr/share/terminfo/6e/nec
-usr/share/terminfo/6e/nec5520
-usr/share/terminfo/6e/netbsd6
-usr/share/terminfo/6e/newhp
-usr/share/terminfo/6e/newhpkeyboard
-usr/share/terminfo/6e/news
-usr/share/terminfo/6e/news-29
-usr/share/terminfo/6e/news-29-euc
-usr/share/terminfo/6e/news-29-sjis
-usr/share/terminfo/6e/news-33
-usr/share/terminfo/6e/news-33-euc
-usr/share/terminfo/6e/news-33-sjis
-usr/share/terminfo/6e/news-42
-usr/share/terminfo/6e/news-42-euc
-usr/share/terminfo/6e/news-42-sjis
-usr/share/terminfo/6e/news-a
-usr/share/terminfo/6e/news-o
-usr/share/terminfo/6e/news-old-unk
-usr/share/terminfo/6e/news-unk
-usr/share/terminfo/6e/news28
-usr/share/terminfo/6e/news28-a
-usr/share/terminfo/6e/news29
-usr/share/terminfo/6e/news31
-usr/share/terminfo/6e/news31-a
-usr/share/terminfo/6e/news31-o
-usr/share/terminfo/6e/news33
-usr/share/terminfo/6e/news40
-usr/share/terminfo/6e/news40-a
-usr/share/terminfo/6e/news40-o
-usr/share/terminfo/6e/news42
-usr/share/terminfo/6e/newscbm
-usr/share/terminfo/6e/newscbm-a
-usr/share/terminfo/6e/newscbm-o
-usr/share/terminfo/6e/newscbm33
-usr/share/terminfo/6e/next
-usr/share/terminfo/6e/nextshell
-usr/share/terminfo/6e/northstar
-usr/share/terminfo/6e/nsterm
-usr/share/terminfo/6e/nsterm+7
-usr/share/terminfo/6e/nsterm+acs
-usr/share/terminfo/6e/nsterm+c
-usr/share/terminfo/6e/nsterm+c41
-usr/share/terminfo/6e/nsterm+mac
-usr/share/terminfo/6e/nsterm+s
-usr/share/terminfo/6e/nsterm-16color
-usr/share/terminfo/6e/nsterm-256color
-usr/share/terminfo/6e/nsterm-7
-usr/share/terminfo/6e/nsterm-7-c
-usr/share/terminfo/6e/nsterm-7-c-s
-usr/share/terminfo/6e/nsterm-7-m
-usr/share/terminfo/6e/nsterm-7-m-s
-usr/share/terminfo/6e/nsterm-7-s
-usr/share/terminfo/6e/nsterm-acs
-usr/share/terminfo/6e/nsterm-acs-c
-usr/share/terminfo/6e/nsterm-acs-c-s
-usr/share/terminfo/6e/nsterm-acs-m
-usr/share/terminfo/6e/nsterm-acs-m-s
-usr/share/terminfo/6e/nsterm-acs-s
-usr/share/terminfo/6e/nsterm-bce
-usr/share/terminfo/6e/nsterm-build326
-usr/share/terminfo/6e/nsterm-build343
-usr/share/terminfo/6e/nsterm-build361
-usr/share/terminfo/6e/nsterm-build400
-usr/share/terminfo/6e/nsterm-c
-usr/share/terminfo/6e/nsterm-c-7
-usr/share/terminfo/6e/nsterm-c-acs
-usr/share/terminfo/6e/nsterm-c-s
-usr/share/terminfo/6e/nsterm-c-s-7
-usr/share/terminfo/6e/nsterm-c-s-acs
-usr/share/terminfo/6e/nsterm-m
-usr/share/terminfo/6e/nsterm-m-7
-usr/share/terminfo/6e/nsterm-m-acs
-usr/share/terminfo/6e/nsterm-m-s
-usr/share/terminfo/6e/nsterm-m-s-7
-usr/share/terminfo/6e/nsterm-m-s-acs
-usr/share/terminfo/6e/nsterm-old
-usr/share/terminfo/6e/nsterm-s
-usr/share/terminfo/6e/nsterm-s-7
-usr/share/terminfo/6e/nsterm-s-acs
-usr/share/terminfo/6e/ntconsole
-usr/share/terminfo/6e/ntconsole-100
-usr/share/terminfo/6e/ntconsole-100-nti
-usr/share/terminfo/6e/ntconsole-25
-usr/share/terminfo/6e/ntconsole-25-nti
-usr/share/terminfo/6e/ntconsole-25-w
-usr/share/terminfo/6e/ntconsole-25-w-vt
-usr/share/terminfo/6e/ntconsole-35
-usr/share/terminfo/6e/ntconsole-35-nti
-usr/share/terminfo/6e/ntconsole-35-w
-usr/share/terminfo/6e/ntconsole-50
-usr/share/terminfo/6e/ntconsole-50-nti
-usr/share/terminfo/6e/ntconsole-50-w
-usr/share/terminfo/6e/ntconsole-60
-usr/share/terminfo/6e/ntconsole-60-nti
-usr/share/terminfo/6e/ntconsole-60-w
-usr/share/terminfo/6e/ntconsole-w
-usr/share/terminfo/6e/ntconsole-w-vt
-usr/share/terminfo/6e/nwe501
-usr/share/terminfo/6e/nwe501-a
-usr/share/terminfo/6e/nwe501-o
-usr/share/terminfo/6e/nwp-511
-usr/share/terminfo/6e/nwp-517
-usr/share/terminfo/6e/nwp-517-w
-usr/share/terminfo/6e/nwp251-a
-usr/share/terminfo/6e/nwp251-o
-usr/share/terminfo/6e/nwp511
-usr/share/terminfo/6e/nwp512
-usr/share/terminfo/6e/nwp512-a
-usr/share/terminfo/6e/nwp512-o
-usr/share/terminfo/6e/nwp513
-usr/share/terminfo/6e/nwp513-a
-usr/share/terminfo/6e/nwp513-o
-usr/share/terminfo/6e/nwp514
-usr/share/terminfo/6e/nwp514-a
-usr/share/terminfo/6e/nwp514-o
-usr/share/terminfo/6e/nwp517
-usr/share/terminfo/6e/nwp517-w
-usr/share/terminfo/6e/nwp518
-usr/share/terminfo/6e/nwp518-a
-usr/share/terminfo/6e/nwp518-o
-usr/share/terminfo/6e/nxterm
-usr/share/terminfo/6f/
-usr/share/terminfo/6f/o31
-usr/share/terminfo/6f/o4112-nd
-usr/share/terminfo/6f/o85h
-usr/share/terminfo/6f/oabm85h
-usr/share/terminfo/6f/oblit
-usr/share/terminfo/6f/oc100
-usr/share/terminfo/6f/oconcept
-usr/share/terminfo/6f/ofcons
-usr/share/terminfo/6f/ojerq
-usr/share/terminfo/6f/old-st
-usr/share/terminfo/6f/oldibmpc3
-usr/share/terminfo/6f/oldpc3
-usr/share/terminfo/6f/oldsun
-usr/share/terminfo/6f/omron
-usr/share/terminfo/6f/opennt
-usr/share/terminfo/6f/opennt-100
-usr/share/terminfo/6f/opennt-100-nti
-usr/share/terminfo/6f/opennt-25
-usr/share/terminfo/6f/opennt-25-nti
-usr/share/terminfo/6f/opennt-25-w
-usr/share/terminfo/6f/opennt-25-w-vt
-usr/share/terminfo/6f/opennt-35
-usr/share/terminfo/6f/opennt-35-nti
-usr/share/terminfo/6f/opennt-35-w
-usr/share/terminfo/6f/opennt-50
-usr/share/terminfo/6f/opennt-50-nti
-usr/share/terminfo/6f/opennt-50-w
-usr/share/terminfo/6f/opennt-60
-usr/share/terminfo/6f/opennt-60-nti
-usr/share/terminfo/6f/opennt-60-w
-usr/share/terminfo/6f/opennt-nti
-usr/share/terminfo/6f/opennt-w
-usr/share/terminfo/6f/opennt-w-vt
-usr/share/terminfo/6f/opus3n1+
-usr/share/terminfo/6f/origibmpc3
-usr/share/terminfo/6f/origpc3
-usr/share/terminfo/6f/os9LII
-usr/share/terminfo/6f/osborne
-usr/share/terminfo/6f/osborne-w
-usr/share/terminfo/6f/osborne1
-usr/share/terminfo/6f/osborne1-w
-usr/share/terminfo/6f/osexec
-usr/share/terminfo/6f/otek4112
-usr/share/terminfo/6f/otek4113
-usr/share/terminfo/6f/otek4114
-usr/share/terminfo/6f/otek4115
-usr/share/terminfo/6f/owl
-usr/share/terminfo/70/
-usr/share/terminfo/70/p12
-usr/share/terminfo/70/p12-m
-usr/share/terminfo/70/p12-m-w
-usr/share/terminfo/70/p12-w
-usr/share/terminfo/70/p14
-usr/share/terminfo/70/p14-m
-usr/share/terminfo/70/p14-m-w
-usr/share/terminfo/70/p14-w
-usr/share/terminfo/70/p19
-usr/share/terminfo/70/p4
-usr/share/terminfo/70/p5
-usr/share/terminfo/70/p7
-usr/share/terminfo/70/p8
-usr/share/terminfo/70/p8-w
-usr/share/terminfo/70/p8gl
-usr/share/terminfo/70/p9
-usr/share/terminfo/70/p9-8
-usr/share/terminfo/70/p9-8-w
-usr/share/terminfo/70/p9-w
-usr/share/terminfo/70/pc-coherent
-usr/share/terminfo/70/pc-minix
-usr/share/terminfo/70/pc-venix
-usr/share/terminfo/70/pc3
-usr/share/terminfo/70/pc3-bold
-usr/share/terminfo/70/pc3r
-usr/share/terminfo/70/pc3r-m
-usr/share/terminfo/70/pc6300plus
-usr/share/terminfo/70/pc7300
-usr/share/terminfo/70/pcansi
-usr/share/terminfo/70/pcansi-25
-usr/share/terminfo/70/pcansi-25-m
-usr/share/terminfo/70/pcansi-33
-usr/share/terminfo/70/pcansi-33-m
-usr/share/terminfo/70/pcansi-43
-usr/share/terminfo/70/pcansi-43-m
-usr/share/terminfo/70/pcansi-m
-usr/share/terminfo/70/pcansi-mono
-usr/share/terminfo/70/pcansi25
-usr/share/terminfo/70/pcansi25m
-usr/share/terminfo/70/pcansi33
-usr/share/terminfo/70/pcansi33m
-usr/share/terminfo/70/pcansi43
-usr/share/terminfo/70/pccon
-usr/share/terminfo/70/pccon+base
-usr/share/terminfo/70/pccon+colors
-usr/share/terminfo/70/pccon+keys
-usr/share/terminfo/70/pccon+sgr+acs
-usr/share/terminfo/70/pccon+sgr+acs0
-usr/share/terminfo/70/pccon-m
-usr/share/terminfo/70/pccon0
-usr/share/terminfo/70/pccon0-m
-usr/share/terminfo/70/pccons
-usr/share/terminfo/70/pcconsole
-usr/share/terminfo/70/pcix
-usr/share/terminfo/70/pckermit
-usr/share/terminfo/70/pckermit12
-usr/share/terminfo/70/pckermit120
-usr/share/terminfo/70/pcmw
-usr/share/terminfo/70/pcplot
-usr/share/terminfo/70/pcvt25
-usr/share/terminfo/70/pcvt25-color
-usr/share/terminfo/70/pcvt25w
-usr/share/terminfo/70/pcvt28
-usr/share/terminfo/70/pcvt28w
-usr/share/terminfo/70/pcvt35
-usr/share/terminfo/70/pcvt35w
-usr/share/terminfo/70/pcvt40
-usr/share/terminfo/70/pcvt40w
-usr/share/terminfo/70/pcvt43
-usr/share/terminfo/70/pcvt43w
-usr/share/terminfo/70/pcvt50
-usr/share/terminfo/70/pcvt50w
-usr/share/terminfo/70/pcvtXX
-usr/share/terminfo/70/pcz19
-usr/share/terminfo/70/pe1100
-usr/share/terminfo/70/pe1200
-usr/share/terminfo/70/pe1251
-usr/share/terminfo/70/pe550
-usr/share/terminfo/70/pe6100
-usr/share/terminfo/70/pe6300
-usr/share/terminfo/70/pe6312
-usr/share/terminfo/70/pe7000c
-usr/share/terminfo/70/pe7000m
-usr/share/terminfo/70/pilot
-usr/share/terminfo/70/pmcons
-usr/share/terminfo/70/pmconsole
-usr/share/terminfo/70/printer
-usr/share/terminfo/70/prism12
-usr/share/terminfo/70/prism12-m
-usr/share/terminfo/70/prism12-m-w
-usr/share/terminfo/70/prism12-w
-usr/share/terminfo/70/prism14
-usr/share/terminfo/70/prism14-m
-usr/share/terminfo/70/prism14-m-w
-usr/share/terminfo/70/prism14-w
-usr/share/terminfo/70/prism2
-usr/share/terminfo/70/prism4
-usr/share/terminfo/70/prism5
-usr/share/terminfo/70/prism7
-usr/share/terminfo/70/prism8
-usr/share/terminfo/70/prism8-w
-usr/share/terminfo/70/prism8gl
-usr/share/terminfo/70/prism9
-usr/share/terminfo/70/prism9-8
-usr/share/terminfo/70/prism9-8-w
-usr/share/terminfo/70/prism9-w
-usr/share/terminfo/70/pro350
-usr/share/terminfo/70/ps300
-usr/share/terminfo/70/psterm
-usr/share/terminfo/70/psterm-80x24
-usr/share/terminfo/70/psterm-90x28
-usr/share/terminfo/70/psterm-96x48
-usr/share/terminfo/70/psterm-basic
-usr/share/terminfo/70/psterm-fast
-usr/share/terminfo/70/psx_ansi
-usr/share/terminfo/70/pt100
-usr/share/terminfo/70/pt100w
-usr/share/terminfo/70/pt200
-usr/share/terminfo/70/pt200w
-usr/share/terminfo/70/pt210
-usr/share/terminfo/70/pt250
-usr/share/terminfo/70/pt250w
-usr/share/terminfo/70/pt505
-usr/share/terminfo/70/pt505-22
-usr/share/terminfo/70/pt505-24
-usr/share/terminfo/70/pty
-usr/share/terminfo/70/putty
-usr/share/terminfo/70/putty+fnkeys
-usr/share/terminfo/70/putty+fnkeys+esc
-usr/share/terminfo/70/putty+fnkeys+linux
-usr/share/terminfo/70/putty+fnkeys+sco
-usr/share/terminfo/70/putty+fnkeys+vt100
-usr/share/terminfo/70/putty+fnkeys+vt400
-usr/share/terminfo/70/putty+fnkeys+xterm
-usr/share/terminfo/70/putty-256color
-usr/share/terminfo/70/putty-m1
-usr/share/terminfo/70/putty-m1b
-usr/share/terminfo/70/putty-m2
-usr/share/terminfo/70/putty-noapp
-usr/share/terminfo/70/putty-sco
-usr/share/terminfo/70/putty-vt100
-usr/share/terminfo/71/
-usr/share/terminfo/71/qansi
-usr/share/terminfo/71/qansi-g
-usr/share/terminfo/71/qansi-m
-usr/share/terminfo/71/qansi-t
-usr/share/terminfo/71/qansi-w
-usr/share/terminfo/71/qdcons
-usr/share/terminfo/71/qdss
-usr/share/terminfo/71/qnx
-usr/share/terminfo/71/qnx4
-usr/share/terminfo/71/qnxm
-usr/share/terminfo/71/qnxt
-usr/share/terminfo/71/qnxt2
-usr/share/terminfo/71/qnxt4
-usr/share/terminfo/71/qnxtmono
-usr/share/terminfo/71/qnxw
-usr/share/terminfo/71/qume
-usr/share/terminfo/71/qume5
-usr/share/terminfo/71/qvt101
-usr/share/terminfo/71/qvt101+
-usr/share/terminfo/71/qvt101p
-usr/share/terminfo/71/qvt102
-usr/share/terminfo/71/qvt103
-usr/share/terminfo/71/qvt103-w
-usr/share/terminfo/71/qvt108
-usr/share/terminfo/71/qvt119
-usr/share/terminfo/71/qvt119+
-usr/share/terminfo/71/qvt119+-25
-usr/share/terminfo/71/qvt119+-25-w
-usr/share/terminfo/71/qvt119+-w
-usr/share/terminfo/71/qvt119-25-w
-usr/share/terminfo/71/qvt119-w
-usr/share/terminfo/71/qvt119p
-usr/share/terminfo/71/qvt119p-25
-usr/share/terminfo/71/qvt119p-25-w
-usr/share/terminfo/71/qvt119p-w
-usr/share/terminfo/71/qvt203
-usr/share/terminfo/71/qvt203+
-usr/share/terminfo/71/qvt203-25
-usr/share/terminfo/71/qvt203-25-w
-usr/share/terminfo/71/qvt203-w
-usr/share/terminfo/71/qvt203-w-am
-usr/share/terminfo/72/
-usr/share/terminfo/72/rbcomm
-usr/share/terminfo/72/rbcomm-nam
-usr/share/terminfo/72/rbcomm-w
-usr/share/terminfo/72/rca
-usr/share/terminfo/72/rcons
-usr/share/terminfo/72/rcons-color
-usr/share/terminfo/72/rebus3180
-usr/share/terminfo/72/regent
-usr/share/terminfo/72/regent100
-usr/share/terminfo/72/regent20
-usr/share/terminfo/72/regent200
-usr/share/terminfo/72/regent25
-usr/share/terminfo/72/regent40
-usr/share/terminfo/72/regent40+
-usr/share/terminfo/72/regent60
-usr/share/terminfo/72/rt6221
-usr/share/terminfo/72/rt6221-w
-usr/share/terminfo/72/rtpc
-usr/share/terminfo/72/rxvt
-usr/share/terminfo/72/rxvt+pcfkeys
-usr/share/terminfo/72/rxvt-16color
-usr/share/terminfo/72/rxvt-256color
-usr/share/terminfo/72/rxvt-88color
-usr/share/terminfo/72/rxvt-basic
-usr/share/terminfo/72/rxvt-color
-usr/share/terminfo/72/rxvt-cygwin
-usr/share/terminfo/72/rxvt-cygwin-native
-usr/share/terminfo/72/rxvt-xpm
-usr/share/terminfo/73/
-usr/share/terminfo/73/s4
-usr/share/terminfo/73/sb1
-usr/share/terminfo/73/sb2
-usr/share/terminfo/73/sb3
-usr/share/terminfo/73/sbi
-usr/share/terminfo/73/sbobcat
-usr/share/terminfo/73/sc410
-usr/share/terminfo/73/sc415
-usr/share/terminfo/73/scanset
-usr/share/terminfo/73/scoansi
-usr/share/terminfo/73/scoansi-new
-usr/share/terminfo/73/scoansi-old
-usr/share/terminfo/73/screen
-usr/share/terminfo/73/screen+fkeys
-usr/share/terminfo/73/screen+italics
-usr/share/terminfo/73/screen-16color
-usr/share/terminfo/73/screen-16color-bce
-usr/share/terminfo/73/screen-16color-bce-s
-usr/share/terminfo/73/screen-16color-s
-usr/share/terminfo/73/screen-256color
-usr/share/terminfo/73/screen-256color-bce
-usr/share/terminfo/73/screen-256color-bce-s
-usr/share/terminfo/73/screen-256color-s
-usr/share/terminfo/73/screen-bce
-usr/share/terminfo/73/screen-bce.Eterm
-usr/share/terminfo/73/screen-bce.gnome
-usr/share/terminfo/73/screen-bce.konsole
-usr/share/terminfo/73/screen-bce.linux
-usr/share/terminfo/73/screen-bce.mrxvt
-usr/share/terminfo/73/screen-bce.rxvt
-usr/share/terminfo/73/screen-bce.xterm-new
-usr/share/terminfo/73/screen-s
-usr/share/terminfo/73/screen-w
-usr/share/terminfo/73/screen.Eterm
-usr/share/terminfo/73/screen.gnome
-usr/share/terminfo/73/screen.konsole
-usr/share/terminfo/73/screen.konsole-256color
-usr/share/terminfo/73/screen.linux
-usr/share/terminfo/73/screen.linux-m1
-usr/share/terminfo/73/screen.linux-m1b
-usr/share/terminfo/73/screen.linux-m2
-usr/share/terminfo/73/screen.minitel1
-usr/share/terminfo/73/screen.minitel1-nb
-usr/share/terminfo/73/screen.minitel12-80
-usr/share/terminfo/73/screen.minitel1b
-usr/share/terminfo/73/screen.minitel1b-80
-usr/share/terminfo/73/screen.minitel1b-nb
-usr/share/terminfo/73/screen.minitel2-80
-usr/share/terminfo/73/screen.mlterm
-usr/share/terminfo/73/screen.mlterm-256color
-usr/share/terminfo/73/screen.mrxvt
-usr/share/terminfo/73/screen.putty
-usr/share/terminfo/73/screen.putty-256color
-usr/share/terminfo/73/screen.putty-m1
-usr/share/terminfo/73/screen.putty-m1b
-usr/share/terminfo/73/screen.putty-m2
-usr/share/terminfo/73/screen.rxvt
-usr/share/terminfo/73/screen.teraterm
-usr/share/terminfo/73/screen.vte
-usr/share/terminfo/73/screen.vte-256color
-usr/share/terminfo/73/screen.xterm-256color
-usr/share/terminfo/73/screen.xterm-new
-usr/share/terminfo/73/screen.xterm-r6
-usr/share/terminfo/73/screen.xterm-xfree86
-usr/share/terminfo/73/screen2
-usr/share/terminfo/73/screen3
-usr/share/terminfo/73/screwpoint
-usr/share/terminfo/73/scrhp
-usr/share/terminfo/73/sibo
-usr/share/terminfo/73/simpleterm
-usr/share/terminfo/73/simterm
-usr/share/terminfo/73/soroc
-usr/share/terminfo/73/soroc120
-usr/share/terminfo/73/soroc140
-usr/share/terminfo/73/spinwriter
-usr/share/terminfo/73/st
-usr/share/terminfo/73/st-0.6
-usr/share/terminfo/73/st-0.7
-usr/share/terminfo/73/st-16color
-usr/share/terminfo/73/st-256color
-usr/share/terminfo/73/st-direct
-usr/share/terminfo/73/st52
-usr/share/terminfo/73/st52-color
-usr/share/terminfo/73/st52-m
-usr/share/terminfo/73/st52-old
-usr/share/terminfo/73/stterm
-usr/share/terminfo/73/stterm-16color
-usr/share/terminfo/73/stterm-256color
-usr/share/terminfo/73/stv52
-usr/share/terminfo/73/stv52pc
-usr/share/terminfo/73/sun
-usr/share/terminfo/73/sun+sl
-usr/share/terminfo/73/sun-1
-usr/share/terminfo/73/sun-12
-usr/share/terminfo/73/sun-17
-usr/share/terminfo/73/sun-24
-usr/share/terminfo/73/sun-34
-usr/share/terminfo/73/sun-48
-usr/share/terminfo/73/sun-c
-usr/share/terminfo/73/sun-cgsix
-usr/share/terminfo/73/sun-cmd
-usr/share/terminfo/73/sun-color
-usr/share/terminfo/73/sun-e
-usr/share/terminfo/73/sun-e-s
-usr/share/terminfo/73/sun-il
-usr/share/terminfo/73/sun-nic
-usr/share/terminfo/73/sun-s
-usr/share/terminfo/73/sun-s-e
-usr/share/terminfo/73/sun-ss5
-usr/share/terminfo/73/sun-type4
-usr/share/terminfo/73/sun1
-usr/share/terminfo/73/sun2
-usr/share/terminfo/73/sune
-usr/share/terminfo/73/superbee
-usr/share/terminfo/73/superbee-xsb
-usr/share/terminfo/73/superbeeic
-usr/share/terminfo/73/superbrain
-usr/share/terminfo/73/sv80
-usr/share/terminfo/73/swtp
-usr/share/terminfo/73/synertek
-usr/share/terminfo/73/synertek380
-usr/share/terminfo/73/system1
-usr/share/terminfo/74/
-usr/share/terminfo/74/t10
-usr/share/terminfo/74/t1061
-usr/share/terminfo/74/t1061f
-usr/share/terminfo/74/t16
-usr/share/terminfo/74/t3700
-usr/share/terminfo/74/t3800
-usr/share/terminfo/74/t653x
-usr/share/terminfo/74/tab
-usr/share/terminfo/74/tab132
-usr/share/terminfo/74/tab132-15
-usr/share/terminfo/74/tab132-rv
-usr/share/terminfo/74/tab132-w
-usr/share/terminfo/74/tab132-w-rv
-usr/share/terminfo/74/tandem6510
-usr/share/terminfo/74/tandem653
-usr/share/terminfo/74/tek
-usr/share/terminfo/74/tek4012
-usr/share/terminfo/74/tek4013
-usr/share/terminfo/74/tek4014
-usr/share/terminfo/74/tek4014-sm
-usr/share/terminfo/74/tek4015
-usr/share/terminfo/74/tek4015-sm
-usr/share/terminfo/74/tek4023
-usr/share/terminfo/74/tek4024
-usr/share/terminfo/74/tek4025
-usr/share/terminfo/74/tek4025-17
-usr/share/terminfo/74/tek4025-17-ws
-usr/share/terminfo/74/tek4025-cr
-usr/share/terminfo/74/tek4025-ex
-usr/share/terminfo/74/tek4025a
-usr/share/terminfo/74/tek4025ex
-usr/share/terminfo/74/tek4027
-usr/share/terminfo/74/tek4027-ex
-usr/share/terminfo/74/tek4105
-usr/share/terminfo/74/tek4105-30
-usr/share/terminfo/74/tek4105a
-usr/share/terminfo/74/tek4106brl
-usr/share/terminfo/74/tek4107
-usr/share/terminfo/74/tek4107brl
-usr/share/terminfo/74/tek4109
-usr/share/terminfo/74/tek4109brl
-usr/share/terminfo/74/tek4112
-usr/share/terminfo/74/tek4112-5
-usr/share/terminfo/74/tek4112-nd
-usr/share/terminfo/74/tek4113
-usr/share/terminfo/74/tek4113-34
-usr/share/terminfo/74/tek4113-nd
-usr/share/terminfo/74/tek4114
-usr/share/terminfo/74/tek4115
-usr/share/terminfo/74/tek4125
-usr/share/terminfo/74/tek4205
-usr/share/terminfo/74/tek4207
-usr/share/terminfo/74/tek4207-s
-usr/share/terminfo/74/tek4404
-usr/share/terminfo/74/teken
-usr/share/terminfo/74/teleray
-usr/share/terminfo/74/teletec
-usr/share/terminfo/74/teraterm
-usr/share/terminfo/74/teraterm-256color
-usr/share/terminfo/74/teraterm2.3
-usr/share/terminfo/74/teraterm4.59
-usr/share/terminfo/74/teraterm4.97
-usr/share/terminfo/74/terminator
-usr/share/terminfo/74/terminet
-usr/share/terminfo/74/terminet1200
-usr/share/terminfo/74/terminet300
-usr/share/terminfo/74/terminology
-usr/share/terminfo/74/terminology-0.6.1
-usr/share/terminfo/74/terminology-1.0.0
-usr/share/terminfo/74/termite
-usr/share/terminfo/74/tgtelnet
-usr/share/terminfo/74/ti700
-usr/share/terminfo/74/ti733
-usr/share/terminfo/74/ti735
-usr/share/terminfo/74/ti745
-usr/share/terminfo/74/ti800
-usr/share/terminfo/74/ti916
-usr/share/terminfo/74/ti916-132
-usr/share/terminfo/74/ti916-220-7
-usr/share/terminfo/74/ti916-220-8
-usr/share/terminfo/74/ti916-8
-usr/share/terminfo/74/ti916-8-132
-usr/share/terminfo/74/ti924
-usr/share/terminfo/74/ti924-8
-usr/share/terminfo/74/ti924-8w
-usr/share/terminfo/74/ti924w
-usr/share/terminfo/74/ti926
-usr/share/terminfo/74/ti926-8
-usr/share/terminfo/74/ti928
-usr/share/terminfo/74/ti928-8
-usr/share/terminfo/74/ti931
-usr/share/terminfo/74/ti_ansi
-usr/share/terminfo/74/tkterm
-usr/share/terminfo/74/tmux
-usr/share/terminfo/74/tmux-256color
-usr/share/terminfo/74/tn1200
-usr/share/terminfo/74/tn300
-usr/share/terminfo/74/trs16
-usr/share/terminfo/74/trs2
-usr/share/terminfo/74/trs80II
-usr/share/terminfo/74/trsII
-usr/share/terminfo/74/ts-1
-usr/share/terminfo/74/ts-1p
-usr/share/terminfo/74/ts1
-usr/share/terminfo/74/ts100
-usr/share/terminfo/74/ts100-ctxt
-usr/share/terminfo/74/ts100-sp
-usr/share/terminfo/74/ts1p
-usr/share/terminfo/74/tt
-usr/share/terminfo/74/tt505-22
-usr/share/terminfo/74/tt52
-usr/share/terminfo/74/tty33
-usr/share/terminfo/74/tty35
-usr/share/terminfo/74/tty37
-usr/share/terminfo/74/tty40
-usr/share/terminfo/74/tty43
-usr/share/terminfo/74/tty4420
-usr/share/terminfo/74/tty4424
-usr/share/terminfo/74/tty4424-1
-usr/share/terminfo/74/tty4424m
-usr/share/terminfo/74/tty4426
-usr/share/terminfo/74/tty5410
-usr/share/terminfo/74/tty5410-w
-usr/share/terminfo/74/tty5410v1
-usr/share/terminfo/74/tty5410v1-w
-usr/share/terminfo/74/tty5420
-usr/share/terminfo/74/tty5420+nl
-usr/share/terminfo/74/tty5420-nl
-usr/share/terminfo/74/tty5420-rv
-usr/share/terminfo/74/tty5420-rv-nl
-usr/share/terminfo/74/tty5420-w
-usr/share/terminfo/74/tty5420-w-nl
-usr/share/terminfo/74/tty5420-w-rv
-usr/share/terminfo/74/tty5420-w-rv-n
-usr/share/terminfo/74/tty5425
-usr/share/terminfo/74/tty5425-nl
-usr/share/terminfo/74/tty5425-w
-usr/share/terminfo/74/tty5620
-usr/share/terminfo/74/tty5620-1
-usr/share/terminfo/74/tty5620-24
-usr/share/terminfo/74/tty5620-34
-usr/share/terminfo/74/tty5620-s
-usr/share/terminfo/74/ttydmd
-usr/share/terminfo/74/tvi803
-usr/share/terminfo/74/tvi9065
-usr/share/terminfo/74/tvi910
-usr/share/terminfo/74/tvi910+
-usr/share/terminfo/74/tvi912
-usr/share/terminfo/74/tvi912b
-usr/share/terminfo/74/tvi912b+2p
-usr/share/terminfo/74/tvi912b+dim
-usr/share/terminfo/74/tvi912b+mc
-usr/share/terminfo/74/tvi912b+printer
-usr/share/terminfo/74/tvi912b+vb
-usr/share/terminfo/74/tvi912b-2p
-usr/share/terminfo/74/tvi912b-2p-mc
-usr/share/terminfo/74/tvi912b-2p-p
-usr/share/terminfo/74/tvi912b-2p-unk
-usr/share/terminfo/74/tvi912b-mc
-usr/share/terminfo/74/tvi912b-mc-2p
-usr/share/terminfo/74/tvi912b-mc-vb
-usr/share/terminfo/74/tvi912b-p
-usr/share/terminfo/74/tvi912b-p-2p
-usr/share/terminfo/74/tvi912b-p-vb
-usr/share/terminfo/74/tvi912b-unk
-usr/share/terminfo/74/tvi912b-unk-2p
-usr/share/terminfo/74/tvi912b-unk-vb
-usr/share/terminfo/74/tvi912b-vb
-usr/share/terminfo/74/tvi912b-vb-mc
-usr/share/terminfo/74/tvi912b-vb-p
-usr/share/terminfo/74/tvi912b-vb-unk
-usr/share/terminfo/74/tvi912c
-usr/share/terminfo/74/tvi912c-2p
-usr/share/terminfo/74/tvi912c-2p-mc
-usr/share/terminfo/74/tvi912c-2p-p
-usr/share/terminfo/74/tvi912c-2p-unk
-usr/share/terminfo/74/tvi912c-mc
-usr/share/terminfo/74/tvi912c-mc-2p
-usr/share/terminfo/74/tvi912c-mc-vb
-usr/share/terminfo/74/tvi912c-p
-usr/share/terminfo/74/tvi912c-p-2p
-usr/share/terminfo/74/tvi912c-p-vb
-usr/share/terminfo/74/tvi912c-unk
-usr/share/terminfo/74/tvi912c-unk-2p
-usr/share/terminfo/74/tvi912c-unk-vb
-usr/share/terminfo/74/tvi912c-vb
-usr/share/terminfo/74/tvi912c-vb-mc
-usr/share/terminfo/74/tvi912c-vb-p
-usr/share/terminfo/74/tvi912c-vb-unk
-usr/share/terminfo/74/tvi912cc
-usr/share/terminfo/74/tvi914
-usr/share/terminfo/74/tvi920
-usr/share/terminfo/74/tvi920b
-usr/share/terminfo/74/tvi920b+fn
-usr/share/terminfo/74/tvi920b-2p
-usr/share/terminfo/74/tvi920b-2p-mc
-usr/share/terminfo/74/tvi920b-2p-p
-usr/share/terminfo/74/tvi920b-2p-unk
-usr/share/terminfo/74/tvi920b-mc
-usr/share/terminfo/74/tvi920b-mc-2p
-usr/share/terminfo/74/tvi920b-mc-vb
-usr/share/terminfo/74/tvi920b-p
-usr/share/terminfo/74/tvi920b-p-2p
-usr/share/terminfo/74/tvi920b-p-vb
-usr/share/terminfo/74/tvi920b-unk
-usr/share/terminfo/74/tvi920b-unk-2p
-usr/share/terminfo/74/tvi920b-unk-vb
-usr/share/terminfo/74/tvi920b-vb
-usr/share/terminfo/74/tvi920b-vb-mc
-usr/share/terminfo/74/tvi920b-vb-p
-usr/share/terminfo/74/tvi920b-vb-unk
-usr/share/terminfo/74/tvi920c
-usr/share/terminfo/74/tvi920c-2p
-usr/share/terminfo/74/tvi920c-2p-mc
-usr/share/terminfo/74/tvi920c-2p-p
-usr/share/terminfo/74/tvi920c-2p-unk
-usr/share/terminfo/74/tvi920c-mc
-usr/share/terminfo/74/tvi920c-mc-2p
-usr/share/terminfo/74/tvi920c-mc-vb
-usr/share/terminfo/74/tvi920c-p
-usr/share/terminfo/74/tvi920c-p-2p
-usr/share/terminfo/74/tvi920c-p-vb
-usr/share/terminfo/74/tvi920c-unk
-usr/share/terminfo/74/tvi920c-unk-2p
-usr/share/terminfo/74/tvi920c-unk-vb
-usr/share/terminfo/74/tvi920c-vb
-usr/share/terminfo/74/tvi920c-vb-mc
-usr/share/terminfo/74/tvi920c-vb-p
-usr/share/terminfo/74/tvi920c-vb-unk
-usr/share/terminfo/74/tvi921
-usr/share/terminfo/74/tvi924
-usr/share/terminfo/74/tvi925
-usr/share/terminfo/74/tvi925-hi
-usr/share/terminfo/74/tvi92B
-usr/share/terminfo/74/tvi92D
-usr/share/terminfo/74/tvi950
-usr/share/terminfo/74/tvi950-2p
-usr/share/terminfo/74/tvi950-4p
-usr/share/terminfo/74/tvi950-rv
-usr/share/terminfo/74/tvi950-rv-2p
-usr/share/terminfo/74/tvi950-rv-4p
-usr/share/terminfo/74/tvi955
-usr/share/terminfo/74/tvi955-hb
-usr/share/terminfo/74/tvi955-w
-usr/share/terminfo/74/tvi970
-usr/share/terminfo/74/tvi970-2p
-usr/share/terminfo/74/tvi970-vb
-usr/share/terminfo/74/tvipt
-usr/share/terminfo/74/tw100
-usr/share/terminfo/74/tw52
-usr/share/terminfo/74/tw52-color
-usr/share/terminfo/74/tw52-m
-usr/share/terminfo/74/tws-generic
-usr/share/terminfo/74/tws2102-sna
-usr/share/terminfo/74/tws2103
-usr/share/terminfo/74/tws2103-sna
-usr/share/terminfo/75/
-usr/share/terminfo/75/ultima2
-usr/share/terminfo/75/ultimaII
-usr/share/terminfo/75/uniterm
-usr/share/terminfo/75/uniterm49
-usr/share/terminfo/75/unixpc
-usr/share/terminfo/75/unknown
-usr/share/terminfo/75/uts30
-usr/share/terminfo/75/uwin
-usr/share/terminfo/76/
-usr/share/terminfo/76/v200-nam
-usr/share/terminfo/76/v320n
-usr/share/terminfo/76/v3220
-usr/share/terminfo/76/v5410
-usr/share/terminfo/76/vanilla
-usr/share/terminfo/76/vapple
-usr/share/terminfo/76/vc103
-usr/share/terminfo/76/vc203
-usr/share/terminfo/76/vc303
-usr/share/terminfo/76/vc303a
-usr/share/terminfo/76/vc403a
-usr/share/terminfo/76/vc404
-usr/share/terminfo/76/vc404-s
-usr/share/terminfo/76/vc414
-usr/share/terminfo/76/vc414h
-usr/share/terminfo/76/vc415
-usr/share/terminfo/76/venix
-usr/share/terminfo/76/versaterm
-usr/share/terminfo/76/vi200
-usr/share/terminfo/76/vi200-f
-usr/share/terminfo/76/vi200-rv
-usr/share/terminfo/76/vi300
-usr/share/terminfo/76/vi300-old
-usr/share/terminfo/76/vi50
-usr/share/terminfo/76/vi500
-usr/share/terminfo/76/vi50adm
-usr/share/terminfo/76/vi55
-usr/share/terminfo/76/vi550
-usr/share/terminfo/76/vi603
-usr/share/terminfo/76/viewdata
-usr/share/terminfo/76/viewdata-o
-usr/share/terminfo/76/viewdata-rv
-usr/share/terminfo/76/viewpoint
-usr/share/terminfo/76/viewpoint3a+
-usr/share/terminfo/76/viewpoint60
-usr/share/terminfo/76/viewpoint90
-usr/share/terminfo/76/vip
-usr/share/terminfo/76/vip-H
-usr/share/terminfo/76/vip-Hw
-usr/share/terminfo/76/vip-w
-usr/share/terminfo/76/vip7800-H
-usr/share/terminfo/76/vip7800-Hw
-usr/share/terminfo/76/vip7800-w
-usr/share/terminfo/76/visa50
-usr/share/terminfo/76/visual603
-usr/share/terminfo/76/vitty
-usr/share/terminfo/76/vk100
-usr/share/terminfo/76/vp3a+
-usr/share/terminfo/76/vp60
-usr/share/terminfo/76/vp90
-usr/share/terminfo/76/vremote
-usr/share/terminfo/76/vs100
-usr/share/terminfo/76/vs100-x10
-usr/share/terminfo/76/vsc
-usr/share/terminfo/76/vt-61
-usr/share/terminfo/76/vt-utf8
-usr/share/terminfo/76/vt100
-usr/share/terminfo/76/vt100+
-usr/share/terminfo/76/vt100+4bsd
-usr/share/terminfo/76/vt100+enq
-usr/share/terminfo/76/vt100+fnkeys
-usr/share/terminfo/76/vt100+keypad
-usr/share/terminfo/76/vt100+pfkeys
-usr/share/terminfo/76/vt100-am
-usr/share/terminfo/76/vt100-bm
-usr/share/terminfo/76/vt100-bm-o
-usr/share/terminfo/76/vt100-bot-s
-usr/share/terminfo/76/vt100-nam
-usr/share/terminfo/76/vt100-nam-w
-usr/share/terminfo/76/vt100-nav
-usr/share/terminfo/76/vt100-nav-w
-usr/share/terminfo/76/vt100-putty
-usr/share/terminfo/76/vt100-s
-usr/share/terminfo/76/vt100-s-bot
-usr/share/terminfo/76/vt100-s-top
-usr/share/terminfo/76/vt100-top-s
-usr/share/terminfo/76/vt100-vb
-usr/share/terminfo/76/vt100-w
-usr/share/terminfo/76/vt100-w-am
-usr/share/terminfo/76/vt100-w-nam
-usr/share/terminfo/76/vt100-w-nav
-usr/share/terminfo/76/vt100nam
-usr/share/terminfo/76/vt102
-usr/share/terminfo/76/vt102+enq
-usr/share/terminfo/76/vt102-nsgr
-usr/share/terminfo/76/vt102-w
-usr/share/terminfo/76/vt125
-usr/share/terminfo/76/vt131
-usr/share/terminfo/76/vt132
-usr/share/terminfo/76/vt200
-usr/share/terminfo/76/vt200-8
-usr/share/terminfo/76/vt200-8bit
-usr/share/terminfo/76/vt200-js
-usr/share/terminfo/76/vt200-old
-usr/share/terminfo/76/vt200-w
-usr/share/terminfo/76/vt220
-usr/share/terminfo/76/vt220+keypad
-usr/share/terminfo/76/vt220-8
-usr/share/terminfo/76/vt220-8bit
-usr/share/terminfo/76/vt220-js
-usr/share/terminfo/76/vt220-nam
-usr/share/terminfo/76/vt220-old
-usr/share/terminfo/76/vt220-w
-usr/share/terminfo/76/vt220d
-usr/share/terminfo/76/vt300
-usr/share/terminfo/76/vt300-nam
-usr/share/terminfo/76/vt300-w
-usr/share/terminfo/76/vt300-w-nam
-usr/share/terminfo/76/vt320
-usr/share/terminfo/76/vt320-k3
-usr/share/terminfo/76/vt320-k311
-usr/share/terminfo/76/vt320-nam
-usr/share/terminfo/76/vt320-w
-usr/share/terminfo/76/vt320-w-nam
-usr/share/terminfo/76/vt320nam
-usr/share/terminfo/76/vt330
-usr/share/terminfo/76/vt340
-usr/share/terminfo/76/vt400
-usr/share/terminfo/76/vt400-24
-usr/share/terminfo/76/vt420
-usr/share/terminfo/76/vt420f
-usr/share/terminfo/76/vt420pc
-usr/share/terminfo/76/vt420pcdos
-usr/share/terminfo/76/vt50
-usr/share/terminfo/76/vt50h
-usr/share/terminfo/76/vt510
-usr/share/terminfo/76/vt510pc
-usr/share/terminfo/76/vt510pcdos
-usr/share/terminfo/76/vt52
-usr/share/terminfo/76/vt520
-usr/share/terminfo/76/vt520ansi
-usr/share/terminfo/76/vt525
-usr/share/terminfo/76/vt61
-usr/share/terminfo/76/vt61.5
-usr/share/terminfo/76/vte
-usr/share/terminfo/76/vte+pcfkeys
-usr/share/terminfo/76/vte-2007
-usr/share/terminfo/76/vte-2008
-usr/share/terminfo/76/vte-2012
-usr/share/terminfo/76/vte-2014
-usr/share/terminfo/76/vte-2017
-usr/share/terminfo/76/vte-256color
-usr/share/terminfo/76/vte-direct
-usr/share/terminfo/76/vtnt
-usr/share/terminfo/76/vv100
-usr/share/terminfo/76/vwmterm
-usr/share/terminfo/77/
-usr/share/terminfo/77/wren
-usr/share/terminfo/77/wrenw
-usr/share/terminfo/77/wsiris
-usr/share/terminfo/77/wsvt25
-usr/share/terminfo/77/wsvt25m
-usr/share/terminfo/77/wy-75ap
-usr/share/terminfo/77/wy-99fgt
-usr/share/terminfo/77/wy-99fgta
-usr/share/terminfo/77/wy100
-usr/share/terminfo/77/wy100q
-usr/share/terminfo/77/wy120
-usr/share/terminfo/77/wy120-25
-usr/share/terminfo/77/wy120-25-w
-usr/share/terminfo/77/wy120-vb
-usr/share/terminfo/77/wy120-w
-usr/share/terminfo/77/wy120-w-vb
-usr/share/terminfo/77/wy120-wvb
-usr/share/terminfo/77/wy150
-usr/share/terminfo/77/wy150-25
-usr/share/terminfo/77/wy150-25-w
-usr/share/terminfo/77/wy150-vb
-usr/share/terminfo/77/wy150-w
-usr/share/terminfo/77/wy150-w-vb
-usr/share/terminfo/77/wy160
-usr/share/terminfo/77/wy160-25
-usr/share/terminfo/77/wy160-25-w
-usr/share/terminfo/77/wy160-42
-usr/share/terminfo/77/wy160-42-w
-usr/share/terminfo/77/wy160-43
-usr/share/terminfo/77/wy160-43-w
-usr/share/terminfo/77/wy160-tek
-usr/share/terminfo/77/wy160-vb
-usr/share/terminfo/77/wy160-w
-usr/share/terminfo/77/wy160-w-vb
-usr/share/terminfo/77/wy160-wvb
-usr/share/terminfo/77/wy185
-usr/share/terminfo/77/wy185-24
-usr/share/terminfo/77/wy185-vb
-usr/share/terminfo/77/wy185-w
-usr/share/terminfo/77/wy185-wvb
-usr/share/terminfo/77/wy30
-usr/share/terminfo/77/wy30-mc
-usr/share/terminfo/77/wy30-vb
-usr/share/terminfo/77/wy325
-usr/share/terminfo/77/wy325-25
-usr/share/terminfo/77/wy325-25w
-usr/share/terminfo/77/wy325-42
-usr/share/terminfo/77/wy325-42w
-usr/share/terminfo/77/wy325-42w-vb
-usr/share/terminfo/77/wy325-42wvb
-usr/share/terminfo/77/wy325-43
-usr/share/terminfo/77/wy325-43w
-usr/share/terminfo/77/wy325-43w-vb
-usr/share/terminfo/77/wy325-43wvb
-usr/share/terminfo/77/wy325-80
-usr/share/terminfo/77/wy325-vb
-usr/share/terminfo/77/wy325-w
-usr/share/terminfo/77/wy325-w-vb
-usr/share/terminfo/77/wy325-wvb
-usr/share/terminfo/77/wy325w-24
-usr/share/terminfo/77/wy350
-usr/share/terminfo/77/wy350-vb
-usr/share/terminfo/77/wy350-w
-usr/share/terminfo/77/wy350-wvb
-usr/share/terminfo/77/wy370
-usr/share/terminfo/77/wy370-101k
-usr/share/terminfo/77/wy370-105k
-usr/share/terminfo/77/wy370-EPC
-usr/share/terminfo/77/wy370-nk
-usr/share/terminfo/77/wy370-rv
-usr/share/terminfo/77/wy370-tek
-usr/share/terminfo/77/wy370-vb
-usr/share/terminfo/77/wy370-w
-usr/share/terminfo/77/wy370-wvb
-usr/share/terminfo/77/wy50
-usr/share/terminfo/77/wy50-mc
-usr/share/terminfo/77/wy50-vb
-usr/share/terminfo/77/wy50-w
-usr/share/terminfo/77/wy50-wvb
-usr/share/terminfo/77/wy520
-usr/share/terminfo/77/wy520-24
-usr/share/terminfo/77/wy520-36
-usr/share/terminfo/77/wy520-36pc
-usr/share/terminfo/77/wy520-36w
-usr/share/terminfo/77/wy520-36wpc
-usr/share/terminfo/77/wy520-48
-usr/share/terminfo/77/wy520-48pc
-usr/share/terminfo/77/wy520-48w
-usr/share/terminfo/77/wy520-48wpc
-usr/share/terminfo/77/wy520-epc
-usr/share/terminfo/77/wy520-epc-24
-usr/share/terminfo/77/wy520-epc-vb
-usr/share/terminfo/77/wy520-epc-w
-usr/share/terminfo/77/wy520-epc-wvb
-usr/share/terminfo/77/wy520-vb
-usr/share/terminfo/77/wy520-w
-usr/share/terminfo/77/wy520-wvb
-usr/share/terminfo/77/wy60
-usr/share/terminfo/77/wy60-25
-usr/share/terminfo/77/wy60-25-w
-usr/share/terminfo/77/wy60-316X
-usr/share/terminfo/77/wy60-42
-usr/share/terminfo/77/wy60-42-w
-usr/share/terminfo/77/wy60-43
-usr/share/terminfo/77/wy60-43-w
-usr/share/terminfo/77/wy60-AT
-usr/share/terminfo/77/wy60-PC
-usr/share/terminfo/77/wy60-vb
-usr/share/terminfo/77/wy60-w
-usr/share/terminfo/77/wy60-w-vb
-usr/share/terminfo/77/wy60-wvb
-usr/share/terminfo/77/wy75
-usr/share/terminfo/77/wy75-mc
-usr/share/terminfo/77/wy75-vb
-usr/share/terminfo/77/wy75-w
-usr/share/terminfo/77/wy75-wvb
-usr/share/terminfo/77/wy75ap
-usr/share/terminfo/77/wy85
-usr/share/terminfo/77/wy85-8bit
-usr/share/terminfo/77/wy85-vb
-usr/share/terminfo/77/wy85-w
-usr/share/terminfo/77/wy85-wvb
-usr/share/terminfo/77/wy99-ansi
-usr/share/terminfo/77/wy99a-ansi
-usr/share/terminfo/77/wy99f
-usr/share/terminfo/77/wy99fa
-usr/share/terminfo/77/wy99fgt
-usr/share/terminfo/77/wy99fgta
-usr/share/terminfo/77/wy99gt
-usr/share/terminfo/77/wy99gt-25
-usr/share/terminfo/77/wy99gt-25-w
-usr/share/terminfo/77/wy99gt-tek
-usr/share/terminfo/77/wy99gt-vb
-usr/share/terminfo/77/wy99gt-w
-usr/share/terminfo/77/wy99gt-w-vb
-usr/share/terminfo/77/wy99gt-wvb
-usr/share/terminfo/77/wyse-325
-usr/share/terminfo/77/wyse-75ap
-usr/share/terminfo/77/wyse-vp
-usr/share/terminfo/77/wyse120
-usr/share/terminfo/77/wyse120-25
-usr/share/terminfo/77/wyse120-25-w
-usr/share/terminfo/77/wyse120-vb
-usr/share/terminfo/77/wyse120-w
-usr/share/terminfo/77/wyse120-wvb
-usr/share/terminfo/77/wyse150
-usr/share/terminfo/77/wyse150-25
-usr/share/terminfo/77/wyse150-25-w
-usr/share/terminfo/77/wyse150-vb
-usr/share/terminfo/77/wyse150-w
-usr/share/terminfo/77/wyse150-w-vb
-usr/share/terminfo/77/wyse160
-usr/share/terminfo/77/wyse160-25
-usr/share/terminfo/77/wyse160-25-w
-usr/share/terminfo/77/wyse160-42
-usr/share/terminfo/77/wyse160-42-w
-usr/share/terminfo/77/wyse160-43
-usr/share/terminfo/77/wyse160-43-w
-usr/share/terminfo/77/wyse160-vb
-usr/share/terminfo/77/wyse160-w
-usr/share/terminfo/77/wyse160-wvb
-usr/share/terminfo/77/wyse185
-usr/share/terminfo/77/wyse185-24
-usr/share/terminfo/77/wyse185-vb
-usr/share/terminfo/77/wyse185-w
-usr/share/terminfo/77/wyse185-wvb
-usr/share/terminfo/77/wyse30
-usr/share/terminfo/77/wyse30-mc
-usr/share/terminfo/77/wyse30-vb
-usr/share/terminfo/77/wyse325
-usr/share/terminfo/77/wyse325-25
-usr/share/terminfo/77/wyse325-25w
-usr/share/terminfo/77/wyse325-42
-usr/share/terminfo/77/wyse325-42w
-usr/share/terminfo/77/wyse325-43
-usr/share/terminfo/77/wyse325-43w
-usr/share/terminfo/77/wyse325-vb
-usr/share/terminfo/77/wyse325-w
-usr/share/terminfo/77/wyse325-wvb
-usr/share/terminfo/77/wyse350
-usr/share/terminfo/77/wyse350-vb
-usr/share/terminfo/77/wyse350-w
-usr/share/terminfo/77/wyse350-wvb
-usr/share/terminfo/77/wyse370
-usr/share/terminfo/77/wyse50
-usr/share/terminfo/77/wyse50-mc
-usr/share/terminfo/77/wyse50-vb
-usr/share/terminfo/77/wyse50-w
-usr/share/terminfo/77/wyse50-wvb
-usr/share/terminfo/77/wyse520
-usr/share/terminfo/77/wyse520-24
-usr/share/terminfo/77/wyse520-36
-usr/share/terminfo/77/wyse520-36pc
-usr/share/terminfo/77/wyse520-36w
-usr/share/terminfo/77/wyse520-36wpc
-usr/share/terminfo/77/wyse520-48
-usr/share/terminfo/77/wyse520-48pc
-usr/share/terminfo/77/wyse520-48w
-usr/share/terminfo/77/wyse520-48wpc
-usr/share/terminfo/77/wyse520-epc
-usr/share/terminfo/77/wyse520-epc-w
-usr/share/terminfo/77/wyse520-p-wvb
-usr/share/terminfo/77/wyse520-pc-24
-usr/share/terminfo/77/wyse520-pc-vb
-usr/share/terminfo/77/wyse520-vb
-usr/share/terminfo/77/wyse520-w
-usr/share/terminfo/77/wyse520-wvb
-usr/share/terminfo/77/wyse60
-usr/share/terminfo/77/wyse60-25
-usr/share/terminfo/77/wyse60-25-w
-usr/share/terminfo/77/wyse60-316X
-usr/share/terminfo/77/wyse60-42
-usr/share/terminfo/77/wyse60-42-w
-usr/share/terminfo/77/wyse60-43
-usr/share/terminfo/77/wyse60-43-w
-usr/share/terminfo/77/wyse60-AT
-usr/share/terminfo/77/wyse60-PC
-usr/share/terminfo/77/wyse60-vb
-usr/share/terminfo/77/wyse60-w
-usr/share/terminfo/77/wyse60-wvb
-usr/share/terminfo/77/wyse75
-usr/share/terminfo/77/wyse75-mc
-usr/share/terminfo/77/wyse75-vb
-usr/share/terminfo/77/wyse75-w
-usr/share/terminfo/77/wyse75-wvb
-usr/share/terminfo/77/wyse75ap
-usr/share/terminfo/77/wyse85
-usr/share/terminfo/77/wyse85-8bit
-usr/share/terminfo/77/wyse85-vb
-usr/share/terminfo/77/wyse85-w
-usr/share/terminfo/77/wyse85-wvb
-usr/share/terminfo/77/wyse99gt
-usr/share/terminfo/77/wyse99gt-25
-usr/share/terminfo/77/wyse99gt-25-w
-usr/share/terminfo/77/wyse99gt-vb
-usr/share/terminfo/77/wyse99gt-w
-usr/share/terminfo/77/wyse99gt-wvb
-usr/share/terminfo/78/
-usr/share/terminfo/78/x10term
-usr/share/terminfo/78/x1700
-usr/share/terminfo/78/x1700-lm
-usr/share/terminfo/78/x1720
-usr/share/terminfo/78/x1750
-usr/share/terminfo/78/x68k
-usr/share/terminfo/78/x68k-ite
-usr/share/terminfo/78/x820
-usr/share/terminfo/78/xdku
-usr/share/terminfo/78/xenix
-usr/share/terminfo/78/xerox
-usr/share/terminfo/78/xerox-lm
-usr/share/terminfo/78/xerox1720
-usr/share/terminfo/78/xerox820
-usr/share/terminfo/78/xfce
-usr/share/terminfo/78/xiterm
-usr/share/terminfo/78/xl83
-usr/share/terminfo/78/xnuppc
-usr/share/terminfo/78/xnuppc+100x37
-usr/share/terminfo/78/xnuppc+112x37
-usr/share/terminfo/78/xnuppc+128x40
-usr/share/terminfo/78/xnuppc+128x48
-usr/share/terminfo/78/xnuppc+144x48
-usr/share/terminfo/78/xnuppc+160x64
-usr/share/terminfo/78/xnuppc+200x64
-usr/share/terminfo/78/xnuppc+200x75
-usr/share/terminfo/78/xnuppc+256x96
-usr/share/terminfo/78/xnuppc+80x25
-usr/share/terminfo/78/xnuppc+80x30
-usr/share/terminfo/78/xnuppc+90x30
-usr/share/terminfo/78/xnuppc+b
-usr/share/terminfo/78/xnuppc+basic
-usr/share/terminfo/78/xnuppc+c
-usr/share/terminfo/78/xnuppc+f
-usr/share/terminfo/78/xnuppc+f2
-usr/share/terminfo/78/xnuppc-100x37
-usr/share/terminfo/78/xnuppc-100x37-m
-usr/share/terminfo/78/xnuppc-112x37
-usr/share/terminfo/78/xnuppc-112x37-m
-usr/share/terminfo/78/xnuppc-128x40
-usr/share/terminfo/78/xnuppc-128x40-m
-usr/share/terminfo/78/xnuppc-128x48
-usr/share/terminfo/78/xnuppc-128x48-m
-usr/share/terminfo/78/xnuppc-144x48
-usr/share/terminfo/78/xnuppc-144x48-m
-usr/share/terminfo/78/xnuppc-160x64
-usr/share/terminfo/78/xnuppc-160x64-m
-usr/share/terminfo/78/xnuppc-200x64
-usr/share/terminfo/78/xnuppc-200x64-m
-usr/share/terminfo/78/xnuppc-200x75
-usr/share/terminfo/78/xnuppc-200x75-m
-usr/share/terminfo/78/xnuppc-256x96
-usr/share/terminfo/78/xnuppc-256x96-m
-usr/share/terminfo/78/xnuppc-80x25
-usr/share/terminfo/78/xnuppc-80x25-m
-usr/share/terminfo/78/xnuppc-80x30
-usr/share/terminfo/78/xnuppc-80x30-m
-usr/share/terminfo/78/xnuppc-90x30
-usr/share/terminfo/78/xnuppc-90x30-m
-usr/share/terminfo/78/xnuppc-b
-usr/share/terminfo/78/xnuppc-f
-usr/share/terminfo/78/xnuppc-f2
-usr/share/terminfo/78/xnuppc-m
-usr/share/terminfo/78/xnuppc-m-b
-usr/share/terminfo/78/xnuppc-m-f
-usr/share/terminfo/78/xnuppc-m-f2
-usr/share/terminfo/78/xtalk
-usr/share/terminfo/78/xterm
-usr/share/terminfo/78/xterm+256color
-usr/share/terminfo/78/xterm+256setaf
-usr/share/terminfo/78/xterm+88color
-usr/share/terminfo/78/xterm+alt+title
-usr/share/terminfo/78/xterm+alt1049
-usr/share/terminfo/78/xterm+app
-usr/share/terminfo/78/xterm+direct
-usr/share/terminfo/78/xterm+direct2
-usr/share/terminfo/78/xterm+edit
-usr/share/terminfo/78/xterm+indirect
-usr/share/terminfo/78/xterm+kbs
-usr/share/terminfo/78/xterm+noalt
-usr/share/terminfo/78/xterm+noapp
-usr/share/terminfo/78/xterm+pc+edit
-usr/share/terminfo/78/xterm+pcc0
-usr/share/terminfo/78/xterm+pcc1
-usr/share/terminfo/78/xterm+pcc2
-usr/share/terminfo/78/xterm+pcc3
-usr/share/terminfo/78/xterm+pce2
-usr/share/terminfo/78/xterm+pcf0
-usr/share/terminfo/78/xterm+pcf2
-usr/share/terminfo/78/xterm+pcfkeys
-usr/share/terminfo/78/xterm+r6f2
-usr/share/terminfo/78/xterm+sl
-usr/share/terminfo/78/xterm+sl-twm
-usr/share/terminfo/78/xterm+sm+1002
-usr/share/terminfo/78/xterm+sm+1003
-usr/share/terminfo/78/xterm+sm+1005
-usr/share/terminfo/78/xterm+sm+1006
-usr/share/terminfo/78/xterm+titlestack
-usr/share/terminfo/78/xterm+tmux
-usr/share/terminfo/78/xterm+vt+edit
-usr/share/terminfo/78/xterm+x10mouse
-usr/share/terminfo/78/xterm+x11hilite
-usr/share/terminfo/78/xterm+x11mouse
-usr/share/terminfo/78/xterm-1002
-usr/share/terminfo/78/xterm-1003
-usr/share/terminfo/78/xterm-1005
-usr/share/terminfo/78/xterm-1006
-usr/share/terminfo/78/xterm-16color
-usr/share/terminfo/78/xterm-24
-usr/share/terminfo/78/xterm-256color
-usr/share/terminfo/78/xterm-88color
-usr/share/terminfo/78/xterm-8bit
-usr/share/terminfo/78/xterm-basic
-usr/share/terminfo/78/xterm-bold
-usr/share/terminfo/78/xterm-color
-usr/share/terminfo/78/xterm-direct
-usr/share/terminfo/78/xterm-direct2
-usr/share/terminfo/78/xterm-hp
-usr/share/terminfo/78/xterm-new
-usr/share/terminfo/78/xterm-nic
-usr/share/terminfo/78/xterm-noapp
-usr/share/terminfo/78/xterm-old
-usr/share/terminfo/78/xterm-pcolor
-usr/share/terminfo/78/xterm-r5
-usr/share/terminfo/78/xterm-r6
-usr/share/terminfo/78/xterm-sco
-usr/share/terminfo/78/xterm-sun
-usr/share/terminfo/78/xterm-utf8
-usr/share/terminfo/78/xterm-vt220
-usr/share/terminfo/78/xterm-vt52
-usr/share/terminfo/78/xterm-x10mouse
-usr/share/terminfo/78/xterm-x11hilite
-usr/share/terminfo/78/xterm-x11mouse
-usr/share/terminfo/78/xterm-xf86-v32
-usr/share/terminfo/78/xterm-xf86-v33
-usr/share/terminfo/78/xterm-xf86-v333
-usr/share/terminfo/78/xterm-xf86-v40
-usr/share/terminfo/78/xterm-xf86-v43
-usr/share/terminfo/78/xterm-xf86-v44
-usr/share/terminfo/78/xterm-xfree86
-usr/share/terminfo/78/xterm-xi
-usr/share/terminfo/78/xterm1
-usr/share/terminfo/78/xtermc
-usr/share/terminfo/78/xtermm
-usr/share/terminfo/78/xterms
-usr/share/terminfo/78/xterms-sun
-usr/share/terminfo/78/xwsh
-usr/share/terminfo/7a/
-usr/share/terminfo/7a/z-100
-usr/share/terminfo/7a/z-100bw
-usr/share/terminfo/7a/z100
-usr/share/terminfo/7a/z100bw
-usr/share/terminfo/7a/z110
-usr/share/terminfo/7a/z110bw
-usr/share/terminfo/7a/z19
-usr/share/terminfo/7a/z29
-usr/share/terminfo/7a/z29a
-usr/share/terminfo/7a/z29a-kc-bc
-usr/share/terminfo/7a/z29a-kc-uc
-usr/share/terminfo/7a/z29a-nkc-bc
-usr/share/terminfo/7a/z29a-nkc-uc
-usr/share/terminfo/7a/z29b
-usr/share/terminfo/7a/z30
-usr/share/terminfo/7a/z340
-usr/share/terminfo/7a/z340-nam
-usr/share/terminfo/7a/z39-a
-usr/share/terminfo/7a/z39a
-usr/share/terminfo/7a/z50
-usr/share/terminfo/7a/z8001
-usr/share/terminfo/7a/zen30
-usr/share/terminfo/7a/zen50
-usr/share/terminfo/7a/zen8001
-usr/share/terminfo/7a/zenith
-usr/share/terminfo/7a/zenith29
-usr/share/terminfo/7a/zenith39-a
-usr/share/terminfo/7a/zenith39-ansi
-usr/share/terminfo/7a/zt-1
-usr/share/terminfo/7a/ztx
-usr/share/terminfo/7a/ztx-1-a
-usr/share/terminfo/7a/ztx11
-
diff --git a/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/mtree b/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/mtree
deleted file mode 100644
index c164dfc13..000000000
Binary files a/msys2/var/lib/pacman/local/ncurses-6.1.20180526-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/desc b/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/desc
new file mode 100644
index 000000000..1af3ba2de
--- /dev/null
+++ b/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/desc
@@ -0,0 +1,43 @@
+%NAME%
+ncurses
+
+%VERSION%
+6.1.20180908-1
+
+%BASE%
+ncurses
+
+%DESC%
+System V Release 4.0 curses emulation library
+
+%URL%
+https://www.gnu.org/software/ncurses/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1536650988
+
+%INSTALLDATE%
+1558699069
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+9807872
+
+%GROUPS%
+base
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+gcc-libs
+
diff --git a/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/files b/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/files
new file mode 100644
index 000000000..d407459dd
--- /dev/null
+++ b/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/files
@@ -0,0 +1,6503 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/captoinfo.exe
+usr/bin/clear.exe
+usr/bin/infocmp.exe
+usr/bin/infotocap.exe
+usr/bin/msys-formw6.dll
+usr/bin/msys-menuw6.dll
+usr/bin/msys-ncurses++w6.dll
+usr/bin/msys-ncursesw6.dll
+usr/bin/msys-panelw6.dll
+usr/bin/msys-ticw6.dll
+usr/bin/reset.exe
+usr/bin/tabs.exe
+usr/bin/tic.exe
+usr/bin/toe.exe
+usr/bin/tput.exe
+usr/bin/tset.exe
+usr/lib/
+usr/lib/terminfo/
+usr/lib/terminfo/31/
+usr/lib/terminfo/31/1178
+usr/lib/terminfo/31/1730-lm
+usr/lib/terminfo/32/
+usr/lib/terminfo/32/2621
+usr/lib/terminfo/32/2621-wl
+usr/lib/terminfo/32/2621A
+usr/lib/terminfo/33/
+usr/lib/terminfo/33/386at
+usr/lib/terminfo/33/3b1
+usr/lib/terminfo/34/
+usr/lib/terminfo/34/4025ex
+usr/lib/terminfo/34/4027ex
+usr/lib/terminfo/34/4410-w
+usr/lib/terminfo/35/
+usr/lib/terminfo/35/5051
+usr/lib/terminfo/35/5410-w
+usr/lib/terminfo/35/5620
+usr/lib/terminfo/35/5630-24
+usr/lib/terminfo/35/5630DMD-24
+usr/lib/terminfo/36/
+usr/lib/terminfo/36/6053
+usr/lib/terminfo/36/6053-dg
+usr/lib/terminfo/36/605x
+usr/lib/terminfo/36/605x-dg
+usr/lib/terminfo/36/630-lm
+usr/lib/terminfo/36/630MTG-24
+usr/lib/terminfo/37/
+usr/lib/terminfo/37/730MTG-24
+usr/lib/terminfo/37/730MTG-41
+usr/lib/terminfo/37/730MTG-41r
+usr/lib/terminfo/37/730MTGr
+usr/lib/terminfo/37/730MTGr-24
+usr/lib/terminfo/38/
+usr/lib/terminfo/38/8510
+usr/lib/terminfo/39/
+usr/lib/terminfo/39/955-hb
+usr/lib/terminfo/39/955-w
+usr/lib/terminfo/39/9term
+usr/lib/terminfo/41/
+usr/lib/terminfo/41/Apple_Terminal
+usr/lib/terminfo/45/
+usr/lib/terminfo/45/Eterm
+usr/lib/terminfo/45/Eterm-256color
+usr/lib/terminfo/45/Eterm-88color
+usr/lib/terminfo/45/Eterm-color
+usr/lib/terminfo/4c/
+usr/lib/terminfo/4c/LFT-PC850
+usr/lib/terminfo/4d/
+usr/lib/terminfo/4d/MtxOrb
+usr/lib/terminfo/4d/MtxOrb162
+usr/lib/terminfo/4d/MtxOrb204
+usr/lib/terminfo/4e/
+usr/lib/terminfo/4e/NCR260VT300WPP
+usr/lib/terminfo/4e/NCRVT100WPP
+usr/lib/terminfo/50/
+usr/lib/terminfo/50/P12
+usr/lib/terminfo/50/P12-M
+usr/lib/terminfo/50/P12-M-W
+usr/lib/terminfo/50/P12-W
+usr/lib/terminfo/50/P14
+usr/lib/terminfo/50/P14-M
+usr/lib/terminfo/50/P14-M-W
+usr/lib/terminfo/50/P14-W
+usr/lib/terminfo/50/P4
+usr/lib/terminfo/50/P5
+usr/lib/terminfo/50/P7
+usr/lib/terminfo/50/P8
+usr/lib/terminfo/50/P8-W
+usr/lib/terminfo/50/P9
+usr/lib/terminfo/50/P9-8
+usr/lib/terminfo/50/P9-8-W
+usr/lib/terminfo/50/P9-W
+usr/lib/terminfo/51/
+usr/lib/terminfo/51/Q306-8-pc
+usr/lib/terminfo/51/Q310-vip-H
+usr/lib/terminfo/51/Q310-vip-H-am
+usr/lib/terminfo/51/Q310-vip-Hw
+usr/lib/terminfo/51/Q310-vip-w
+usr/lib/terminfo/51/Q310-vip-w-am
+usr/lib/terminfo/58/
+usr/lib/terminfo/58/X-hpterm
+usr/lib/terminfo/61/
+usr/lib/terminfo/61/a210
+usr/lib/terminfo/61/a80
+usr/lib/terminfo/61/a980
+usr/lib/terminfo/61/aa4080
+usr/lib/terminfo/61/aaa
+usr/lib/terminfo/61/aaa+dec
+usr/lib/terminfo/61/aaa+rv
+usr/lib/terminfo/61/aaa+unk
+usr/lib/terminfo/61/aaa-18
+usr/lib/terminfo/61/aaa-18-rv
+usr/lib/terminfo/61/aaa-20
+usr/lib/terminfo/61/aaa-22
+usr/lib/terminfo/61/aaa-24
+usr/lib/terminfo/61/aaa-24-rv
+usr/lib/terminfo/61/aaa-26
+usr/lib/terminfo/61/aaa-28
+usr/lib/terminfo/61/aaa-30
+usr/lib/terminfo/61/aaa-30-ctxt
+usr/lib/terminfo/61/aaa-30-rv
+usr/lib/terminfo/61/aaa-30-rv-ctxt
+usr/lib/terminfo/61/aaa-30-s
+usr/lib/terminfo/61/aaa-30-s-ctxt
+usr/lib/terminfo/61/aaa-30-s-rv
+usr/lib/terminfo/61/aaa-30-s-rv-ct
+usr/lib/terminfo/61/aaa-36
+usr/lib/terminfo/61/aaa-36-rv
+usr/lib/terminfo/61/aaa-40
+usr/lib/terminfo/61/aaa-40-rv
+usr/lib/terminfo/61/aaa-48
+usr/lib/terminfo/61/aaa-48-rv
+usr/lib/terminfo/61/aaa-60
+usr/lib/terminfo/61/aaa-60-dec-rv
+usr/lib/terminfo/61/aaa-60-rv
+usr/lib/terminfo/61/aaa-60-s
+usr/lib/terminfo/61/aaa-60-s-rv
+usr/lib/terminfo/61/aaa-ctxt
+usr/lib/terminfo/61/aaa-db
+usr/lib/terminfo/61/aaa-rv
+usr/lib/terminfo/61/aaa-rv-ctxt
+usr/lib/terminfo/61/aaa-rv-unk
+usr/lib/terminfo/61/aaa-s
+usr/lib/terminfo/61/aaa-s-ctxt
+usr/lib/terminfo/61/aaa-s-rv
+usr/lib/terminfo/61/aaa-s-rv-ctxt
+usr/lib/terminfo/61/aaa-unk
+usr/lib/terminfo/61/aas1901
+usr/lib/terminfo/61/abm80
+usr/lib/terminfo/61/abm85
+usr/lib/terminfo/61/abm85e
+usr/lib/terminfo/61/abm85h
+usr/lib/terminfo/61/abm85h-old
+usr/lib/terminfo/61/act4
+usr/lib/terminfo/61/act5
+usr/lib/terminfo/61/addrinfo
+usr/lib/terminfo/61/adds980
+usr/lib/terminfo/61/addsviewpoint
+usr/lib/terminfo/61/addsvp60
+usr/lib/terminfo/61/adm+sgr
+usr/lib/terminfo/61/adm1
+usr/lib/terminfo/61/adm11
+usr/lib/terminfo/61/adm1178
+usr/lib/terminfo/61/adm12
+usr/lib/terminfo/61/adm1a
+usr/lib/terminfo/61/adm2
+usr/lib/terminfo/61/adm20
+usr/lib/terminfo/61/adm21
+usr/lib/terminfo/61/adm22
+usr/lib/terminfo/61/adm3
+usr/lib/terminfo/61/adm31
+usr/lib/terminfo/61/adm31-old
+usr/lib/terminfo/61/adm36
+usr/lib/terminfo/61/adm3a
+usr/lib/terminfo/61/adm3a+
+usr/lib/terminfo/61/adm42
+usr/lib/terminfo/61/adm42-ns
+usr/lib/terminfo/61/adm5
+usr/lib/terminfo/61/aepro
+usr/lib/terminfo/61/aixterm
+usr/lib/terminfo/61/aixterm-16color
+usr/lib/terminfo/61/aixterm-m
+usr/lib/terminfo/61/aixterm-m-old
+usr/lib/terminfo/61/aj
+usr/lib/terminfo/61/aj510
+usr/lib/terminfo/61/aj830
+usr/lib/terminfo/61/aj832
+usr/lib/terminfo/61/alt2
+usr/lib/terminfo/61/alt3
+usr/lib/terminfo/61/alt4
+usr/lib/terminfo/61/alt5
+usr/lib/terminfo/61/alt7
+usr/lib/terminfo/61/alt7pc
+usr/lib/terminfo/61/alto-h19
+usr/lib/terminfo/61/alto-heath
+usr/lib/terminfo/61/altoh19
+usr/lib/terminfo/61/altoheath
+usr/lib/terminfo/61/altos-2
+usr/lib/terminfo/61/altos-3
+usr/lib/terminfo/61/altos-4
+usr/lib/terminfo/61/altos-5
+usr/lib/terminfo/61/altos2
+usr/lib/terminfo/61/altos3
+usr/lib/terminfo/61/altos4
+usr/lib/terminfo/61/altos5
+usr/lib/terminfo/61/altos7
+usr/lib/terminfo/61/altos7pc
+usr/lib/terminfo/61/ambas
+usr/lib/terminfo/61/ambassador
+usr/lib/terminfo/61/amiga
+usr/lib/terminfo/61/amiga-8bit
+usr/lib/terminfo/61/amiga-h
+usr/lib/terminfo/61/amiga-vnc
+usr/lib/terminfo/61/amp219
+usr/lib/terminfo/61/amp219w
+usr/lib/terminfo/61/ampex-219
+usr/lib/terminfo/61/ampex-219w
+usr/lib/terminfo/61/ampex-232
+usr/lib/terminfo/61/ampex175
+usr/lib/terminfo/61/ampex175-b
+usr/lib/terminfo/61/ampex210
+usr/lib/terminfo/61/ampex219
+usr/lib/terminfo/61/ampex219w
+usr/lib/terminfo/61/ampex232
+usr/lib/terminfo/61/ampex232w
+usr/lib/terminfo/61/ampex80
+usr/lib/terminfo/61/annarbor4080
+usr/lib/terminfo/61/ansi
+usr/lib/terminfo/61/ansi+arrows
+usr/lib/terminfo/61/ansi+csr
+usr/lib/terminfo/61/ansi+cup
+usr/lib/terminfo/61/ansi+enq
+usr/lib/terminfo/61/ansi+erase
+usr/lib/terminfo/61/ansi+idc
+usr/lib/terminfo/61/ansi+idc1
+usr/lib/terminfo/61/ansi+idl
+usr/lib/terminfo/61/ansi+idl1
+usr/lib/terminfo/61/ansi+inittabs
+usr/lib/terminfo/61/ansi+local
+usr/lib/terminfo/61/ansi+local1
+usr/lib/terminfo/61/ansi+pp
+usr/lib/terminfo/61/ansi+rca
+usr/lib/terminfo/61/ansi+rep
+usr/lib/terminfo/61/ansi+sgr
+usr/lib/terminfo/61/ansi+sgrbold
+usr/lib/terminfo/61/ansi+sgrdim
+usr/lib/terminfo/61/ansi+sgrso
+usr/lib/terminfo/61/ansi+sgrul
+usr/lib/terminfo/61/ansi+tabs
+usr/lib/terminfo/61/ansi-color-2-emx
+usr/lib/terminfo/61/ansi-color-3-emx
+usr/lib/terminfo/61/ansi-emx
+usr/lib/terminfo/61/ansi-generic
+usr/lib/terminfo/61/ansi-m
+usr/lib/terminfo/61/ansi-mini
+usr/lib/terminfo/61/ansi-mono
+usr/lib/terminfo/61/ansi-mr
+usr/lib/terminfo/61/ansi-mtabs
+usr/lib/terminfo/61/ansi-nt
+usr/lib/terminfo/61/ansi.sys
+usr/lib/terminfo/61/ansi.sys-old
+usr/lib/terminfo/61/ansi.sysk
+usr/lib/terminfo/61/ansi43m
+usr/lib/terminfo/61/ansi77
+usr/lib/terminfo/61/ansi80x25
+usr/lib/terminfo/61/ansi80x25-mono
+usr/lib/terminfo/61/ansi80x25-raw
+usr/lib/terminfo/61/ansi80x30
+usr/lib/terminfo/61/ansi80x30-mono
+usr/lib/terminfo/61/ansi80x43
+usr/lib/terminfo/61/ansi80x43-mono
+usr/lib/terminfo/61/ansi80x50
+usr/lib/terminfo/61/ansi80x50-mono
+usr/lib/terminfo/61/ansi80x60
+usr/lib/terminfo/61/ansi80x60-mono
+usr/lib/terminfo/61/ansil
+usr/lib/terminfo/61/ansil-mono
+usr/lib/terminfo/61/ansis
+usr/lib/terminfo/61/ansis-mono
+usr/lib/terminfo/61/ansisysk
+usr/lib/terminfo/61/ansiterm
+usr/lib/terminfo/61/ansiw
+usr/lib/terminfo/61/ap-vm80
+usr/lib/terminfo/61/apl
+usr/lib/terminfo/61/apollo
+usr/lib/terminfo/61/apollo_15P
+usr/lib/terminfo/61/apollo_19L
+usr/lib/terminfo/61/apollo_color
+usr/lib/terminfo/61/apple-80
+usr/lib/terminfo/61/apple-ae
+usr/lib/terminfo/61/apple-soroc
+usr/lib/terminfo/61/apple-uterm
+usr/lib/terminfo/61/apple-uterm-vb
+usr/lib/terminfo/61/apple-videx
+usr/lib/terminfo/61/apple-videx2
+usr/lib/terminfo/61/apple-videx3
+usr/lib/terminfo/61/apple-vm80
+usr/lib/terminfo/61/apple2e
+usr/lib/terminfo/61/apple2e-p
+usr/lib/terminfo/61/apple80p
+usr/lib/terminfo/61/appleII
+usr/lib/terminfo/61/appleIIc
+usr/lib/terminfo/61/appleIIe
+usr/lib/terminfo/61/appleIIgs
+usr/lib/terminfo/61/arm100
+usr/lib/terminfo/61/arm100-am
+usr/lib/terminfo/61/arm100-w
+usr/lib/terminfo/61/arm100-wam
+usr/lib/terminfo/61/at
+usr/lib/terminfo/61/at-color
+usr/lib/terminfo/61/at-m
+usr/lib/terminfo/61/at386
+usr/lib/terminfo/61/atari
+usr/lib/terminfo/61/atari-color
+usr/lib/terminfo/61/atari-m
+usr/lib/terminfo/61/atari-old
+usr/lib/terminfo/61/atari_st
+usr/lib/terminfo/61/atari_st-color
+usr/lib/terminfo/61/atarist-m
+usr/lib/terminfo/61/aterm
+usr/lib/terminfo/61/att2300
+usr/lib/terminfo/61/att2350
+usr/lib/terminfo/61/att4410
+usr/lib/terminfo/61/att4410-w
+usr/lib/terminfo/61/att4410v1
+usr/lib/terminfo/61/att4410v1-w
+usr/lib/terminfo/61/att4415
+usr/lib/terminfo/61/att4415+nl
+usr/lib/terminfo/61/att4415-nl
+usr/lib/terminfo/61/att4415-rv
+usr/lib/terminfo/61/att4415-rv-nl
+usr/lib/terminfo/61/att4415-w
+usr/lib/terminfo/61/att4415-w-nl
+usr/lib/terminfo/61/att4415-w-rv
+usr/lib/terminfo/61/att4415-w-rv-n
+usr/lib/terminfo/61/att4418
+usr/lib/terminfo/61/att4418-w
+usr/lib/terminfo/61/att4420
+usr/lib/terminfo/61/att4424
+usr/lib/terminfo/61/att4424-1
+usr/lib/terminfo/61/att4424m
+usr/lib/terminfo/61/att4425
+usr/lib/terminfo/61/att4425-nl
+usr/lib/terminfo/61/att4425-w
+usr/lib/terminfo/61/att4426
+usr/lib/terminfo/61/att500
+usr/lib/terminfo/61/att505
+usr/lib/terminfo/61/att505-24
+usr/lib/terminfo/61/att510a
+usr/lib/terminfo/61/att510d
+usr/lib/terminfo/61/att513
+usr/lib/terminfo/61/att5310
+usr/lib/terminfo/61/att5320
+usr/lib/terminfo/61/att5410
+usr/lib/terminfo/61/att5410-w
+usr/lib/terminfo/61/att5410v1
+usr/lib/terminfo/61/att5410v1-w
+usr/lib/terminfo/61/att5418
+usr/lib/terminfo/61/att5418-w
+usr/lib/terminfo/61/att5420
+usr/lib/terminfo/61/att5420+nl
+usr/lib/terminfo/61/att5420-nl
+usr/lib/terminfo/61/att5420-rv
+usr/lib/terminfo/61/att5420-rv-nl
+usr/lib/terminfo/61/att5420-w
+usr/lib/terminfo/61/att5420-w-nl
+usr/lib/terminfo/61/att5420-w-rv
+usr/lib/terminfo/61/att5420-w-rv-n
+usr/lib/terminfo/61/att5420_2
+usr/lib/terminfo/61/att5420_2-w
+usr/lib/terminfo/61/att5425
+usr/lib/terminfo/61/att5425-nl
+usr/lib/terminfo/61/att5425-w
+usr/lib/terminfo/61/att5430
+usr/lib/terminfo/61/att5620
+usr/lib/terminfo/61/att5620-1
+usr/lib/terminfo/61/att5620-24
+usr/lib/terminfo/61/att5620-34
+usr/lib/terminfo/61/att5620-s
+usr/lib/terminfo/61/att605
+usr/lib/terminfo/61/att605-pc
+usr/lib/terminfo/61/att605-w
+usr/lib/terminfo/61/att610
+usr/lib/terminfo/61/att610-103k
+usr/lib/terminfo/61/att610-103k-w
+usr/lib/terminfo/61/att610-w
+usr/lib/terminfo/61/att615
+usr/lib/terminfo/61/att615-103k
+usr/lib/terminfo/61/att615-103k-w
+usr/lib/terminfo/61/att615-w
+usr/lib/terminfo/61/att620
+usr/lib/terminfo/61/att620-103k
+usr/lib/terminfo/61/att620-103k-w
+usr/lib/terminfo/61/att620-w
+usr/lib/terminfo/61/att630
+usr/lib/terminfo/61/att630-24
+usr/lib/terminfo/61/att6386
+usr/lib/terminfo/61/att700
+usr/lib/terminfo/61/att730
+usr/lib/terminfo/61/att730-24
+usr/lib/terminfo/61/att730-41
+usr/lib/terminfo/61/att7300
+usr/lib/terminfo/61/att730r
+usr/lib/terminfo/61/att730r-24
+usr/lib/terminfo/61/att730r-41
+usr/lib/terminfo/61/avatar
+usr/lib/terminfo/61/avatar0
+usr/lib/terminfo/61/avatar0+
+usr/lib/terminfo/61/avatar1
+usr/lib/terminfo/61/avt
+usr/lib/terminfo/61/avt+s
+usr/lib/terminfo/61/avt-ns
+usr/lib/terminfo/61/avt-rv
+usr/lib/terminfo/61/avt-rv-ns
+usr/lib/terminfo/61/avt-rv-s
+usr/lib/terminfo/61/avt-s
+usr/lib/terminfo/61/avt-w
+usr/lib/terminfo/61/avt-w-ns
+usr/lib/terminfo/61/avt-w-rv
+usr/lib/terminfo/61/avt-w-rv-ns
+usr/lib/terminfo/61/avt-w-rv-s
+usr/lib/terminfo/61/avt-w-s
+usr/lib/terminfo/61/aws
+usr/lib/terminfo/61/awsc
+usr/lib/terminfo/62/
+usr/lib/terminfo/62/b-128
+usr/lib/terminfo/62/bantam
+usr/lib/terminfo/62/basic4
+usr/lib/terminfo/62/basis
+usr/lib/terminfo/62/bct510a
+usr/lib/terminfo/62/bct510d
+usr/lib/terminfo/62/beacon
+usr/lib/terminfo/62/bee
+usr/lib/terminfo/62/beehive
+usr/lib/terminfo/62/beehive3
+usr/lib/terminfo/62/beehive4
+usr/lib/terminfo/62/beehiveIIIm
+usr/lib/terminfo/62/beterm
+usr/lib/terminfo/62/bg1.25
+usr/lib/terminfo/62/bg1.25nv
+usr/lib/terminfo/62/bg1.25rv
+usr/lib/terminfo/62/bg2.0
+usr/lib/terminfo/62/bg2.0nv
+usr/lib/terminfo/62/bg2.0rv
+usr/lib/terminfo/62/bg3.10
+usr/lib/terminfo/62/bg3.10nv
+usr/lib/terminfo/62/bg3.10rv
+usr/lib/terminfo/62/bh3m
+usr/lib/terminfo/62/bh4
+usr/lib/terminfo/62/bitgraph
+usr/lib/terminfo/62/blit
+usr/lib/terminfo/62/bobcat
+usr/lib/terminfo/62/bq300
+usr/lib/terminfo/62/bq300-8
+usr/lib/terminfo/62/bq300-8-pc
+usr/lib/terminfo/62/bq300-8-pc-rv
+usr/lib/terminfo/62/bq300-8-pc-w
+usr/lib/terminfo/62/bq300-8-pc-w-rv
+usr/lib/terminfo/62/bq300-8rv
+usr/lib/terminfo/62/bq300-8w
+usr/lib/terminfo/62/bq300-pc
+usr/lib/terminfo/62/bq300-pc-rv
+usr/lib/terminfo/62/bq300-pc-w
+usr/lib/terminfo/62/bq300-pc-w-rv
+usr/lib/terminfo/62/bq300-rv
+usr/lib/terminfo/62/bq300-w
+usr/lib/terminfo/62/bq300-w-8rv
+usr/lib/terminfo/62/bq300-w-rv
+usr/lib/terminfo/62/bsdos-pc
+usr/lib/terminfo/62/bsdos-pc-m
+usr/lib/terminfo/62/bsdos-pc-mono
+usr/lib/terminfo/62/bsdos-pc-nobold
+usr/lib/terminfo/62/bsdos-ppc
+usr/lib/terminfo/62/bsdos-sparc
+usr/lib/terminfo/62/bterm
+usr/lib/terminfo/63/
+usr/lib/terminfo/63/c100
+usr/lib/terminfo/63/c100-1p
+usr/lib/terminfo/63/c100-4p
+usr/lib/terminfo/63/c100-rv
+usr/lib/terminfo/63/c100-rv-4p
+usr/lib/terminfo/63/c104
+usr/lib/terminfo/63/c108
+usr/lib/terminfo/63/c108-4p
+usr/lib/terminfo/63/c108-8p
+usr/lib/terminfo/63/c108-rv
+usr/lib/terminfo/63/c108-rv-4p
+usr/lib/terminfo/63/c108-rv-8p
+usr/lib/terminfo/63/c108-w
+usr/lib/terminfo/63/c108-w-8p
+usr/lib/terminfo/63/c300
+usr/lib/terminfo/63/c301
+usr/lib/terminfo/63/c321
+usr/lib/terminfo/63/ca22851
+usr/lib/terminfo/63/cad68-2
+usr/lib/terminfo/63/cad68-3
+usr/lib/terminfo/63/cbblit
+usr/lib/terminfo/63/cbunix
+usr/lib/terminfo/63/cci
+usr/lib/terminfo/63/cci1
+usr/lib/terminfo/63/cdc456
+usr/lib/terminfo/63/cdc721
+usr/lib/terminfo/63/cdc721-esc
+usr/lib/terminfo/63/cdc721ll
+usr/lib/terminfo/63/cdc752
+usr/lib/terminfo/63/cdc756
+usr/lib/terminfo/63/cg7900
+usr/lib/terminfo/63/cgc2
+usr/lib/terminfo/63/cgc3
+usr/lib/terminfo/63/chromatics
+usr/lib/terminfo/63/ci8510
+usr/lib/terminfo/63/cit-80
+usr/lib/terminfo/63/cit101
+usr/lib/terminfo/63/cit101e
+usr/lib/terminfo/63/cit101e-132
+usr/lib/terminfo/63/cit101e-n
+usr/lib/terminfo/63/cit101e-n132
+usr/lib/terminfo/63/cit101e-rv
+usr/lib/terminfo/63/cit500
+usr/lib/terminfo/63/cit80
+usr/lib/terminfo/63/citc
+usr/lib/terminfo/63/citoh
+usr/lib/terminfo/63/citoh-6lpi
+usr/lib/terminfo/63/citoh-8lpi
+usr/lib/terminfo/63/citoh-comp
+usr/lib/terminfo/63/citoh-elite
+usr/lib/terminfo/63/citoh-pica
+usr/lib/terminfo/63/citoh-prop
+usr/lib/terminfo/63/citoh-ps
+usr/lib/terminfo/63/coco3
+usr/lib/terminfo/63/coherent
+usr/lib/terminfo/63/color_xterm
+usr/lib/terminfo/63/colorscan
+usr/lib/terminfo/63/commodore
+usr/lib/terminfo/63/concept
+usr/lib/terminfo/63/concept-avt
+usr/lib/terminfo/63/concept100
+usr/lib/terminfo/63/concept100-rv
+usr/lib/terminfo/63/concept108
+usr/lib/terminfo/63/concept108-4p
+usr/lib/terminfo/63/concept108-8p
+usr/lib/terminfo/63/concept108-w-8
+usr/lib/terminfo/63/concept108-w8p
+usr/lib/terminfo/63/concept108rv4p
+usr/lib/terminfo/63/cons25
+usr/lib/terminfo/63/cons25-debian
+usr/lib/terminfo/63/cons25-iso-m
+usr/lib/terminfo/63/cons25-iso8859
+usr/lib/terminfo/63/cons25-koi8-r
+usr/lib/terminfo/63/cons25-koi8r-m
+usr/lib/terminfo/63/cons25-m
+usr/lib/terminfo/63/cons25l1
+usr/lib/terminfo/63/cons25l1-m
+usr/lib/terminfo/63/cons25r
+usr/lib/terminfo/63/cons25r-m
+usr/lib/terminfo/63/cons25w
+usr/lib/terminfo/63/cons30
+usr/lib/terminfo/63/cons30-m
+usr/lib/terminfo/63/cons43
+usr/lib/terminfo/63/cons43-m
+usr/lib/terminfo/63/cons50
+usr/lib/terminfo/63/cons50-iso-m
+usr/lib/terminfo/63/cons50-iso8859
+usr/lib/terminfo/63/cons50-koi8r
+usr/lib/terminfo/63/cons50-koi8r-m
+usr/lib/terminfo/63/cons50-m
+usr/lib/terminfo/63/cons50l1
+usr/lib/terminfo/63/cons50l1-m
+usr/lib/terminfo/63/cons50r
+usr/lib/terminfo/63/cons50r-m
+usr/lib/terminfo/63/cons60
+usr/lib/terminfo/63/cons60-iso
+usr/lib/terminfo/63/cons60-iso-m
+usr/lib/terminfo/63/cons60-koi8r
+usr/lib/terminfo/63/cons60-koi8r-m
+usr/lib/terminfo/63/cons60-m
+usr/lib/terminfo/63/cons60l1
+usr/lib/terminfo/63/cons60l1-m
+usr/lib/terminfo/63/cons60r
+usr/lib/terminfo/63/cons60r-m
+usr/lib/terminfo/63/contel300
+usr/lib/terminfo/63/contel301
+usr/lib/terminfo/63/contel320
+usr/lib/terminfo/63/contel321
+usr/lib/terminfo/63/cops
+usr/lib/terminfo/63/cops-10
+usr/lib/terminfo/63/cops10
+usr/lib/terminfo/63/crt
+usr/lib/terminfo/63/crt-vt220
+usr/lib/terminfo/63/cs10
+usr/lib/terminfo/63/cs10-w
+usr/lib/terminfo/63/ct82
+usr/lib/terminfo/63/ct8500
+usr/lib/terminfo/63/ctrm
+usr/lib/terminfo/63/cx
+usr/lib/terminfo/63/cx100
+usr/lib/terminfo/63/cyb110
+usr/lib/terminfo/63/cyb83
+usr/lib/terminfo/63/cygwin
+usr/lib/terminfo/63/cygwinB19
+usr/lib/terminfo/63/cygwinDBG
+usr/lib/terminfo/64/
+usr/lib/terminfo/64/d132
+usr/lib/terminfo/64/d2
+usr/lib/terminfo/64/d2-dg
+usr/lib/terminfo/64/d200
+usr/lib/terminfo/64/d200-dg
+usr/lib/terminfo/64/d210
+usr/lib/terminfo/64/d210-dg
+usr/lib/terminfo/64/d211
+usr/lib/terminfo/64/d211-7b
+usr/lib/terminfo/64/d211-dg
+usr/lib/terminfo/64/d214
+usr/lib/terminfo/64/d214-dg
+usr/lib/terminfo/64/d215
+usr/lib/terminfo/64/d215-7b
+usr/lib/terminfo/64/d215-dg
+usr/lib/terminfo/64/d216+
+usr/lib/terminfo/64/d216+25
+usr/lib/terminfo/64/d216+dg
+usr/lib/terminfo/64/d216-dg
+usr/lib/terminfo/64/d216-unix
+usr/lib/terminfo/64/d216-unix-25
+usr/lib/terminfo/64/d216e+
+usr/lib/terminfo/64/d216e+dg
+usr/lib/terminfo/64/d216e-dg
+usr/lib/terminfo/64/d216e-unix
+usr/lib/terminfo/64/d217-dg
+usr/lib/terminfo/64/d217-unix
+usr/lib/terminfo/64/d217-unix-25
+usr/lib/terminfo/64/d220
+usr/lib/terminfo/64/d220-7b
+usr/lib/terminfo/64/d220-dg
+usr/lib/terminfo/64/d230
+usr/lib/terminfo/64/d230-dg
+usr/lib/terminfo/64/d230c
+usr/lib/terminfo/64/d230c-dg
+usr/lib/terminfo/64/d400
+usr/lib/terminfo/64/d400-dg
+usr/lib/terminfo/64/d410
+usr/lib/terminfo/64/d410-7b
+usr/lib/terminfo/64/d410-7b-w
+usr/lib/terminfo/64/d410-dg
+usr/lib/terminfo/64/d410-w
+usr/lib/terminfo/64/d411
+usr/lib/terminfo/64/d411-7b
+usr/lib/terminfo/64/d411-7b-w
+usr/lib/terminfo/64/d411-dg
+usr/lib/terminfo/64/d411-w
+usr/lib/terminfo/64/d412+
+usr/lib/terminfo/64/d412+25
+usr/lib/terminfo/64/d412+dg
+usr/lib/terminfo/64/d412+s
+usr/lib/terminfo/64/d412+sr
+usr/lib/terminfo/64/d412+w
+usr/lib/terminfo/64/d412-dg
+usr/lib/terminfo/64/d412-unix
+usr/lib/terminfo/64/d412-unix-25
+usr/lib/terminfo/64/d412-unix-s
+usr/lib/terminfo/64/d412-unix-sr
+usr/lib/terminfo/64/d412-unix-w
+usr/lib/terminfo/64/d413-dg
+usr/lib/terminfo/64/d413-unix
+usr/lib/terminfo/64/d413-unix-25
+usr/lib/terminfo/64/d413-unix-s
+usr/lib/terminfo/64/d413-unix-sr
+usr/lib/terminfo/64/d413-unix-w
+usr/lib/terminfo/64/d414-unix
+usr/lib/terminfo/64/d414-unix-25
+usr/lib/terminfo/64/d414-unix-s
+usr/lib/terminfo/64/d414-unix-sr
+usr/lib/terminfo/64/d414-unix-w
+usr/lib/terminfo/64/d430-dg
+usr/lib/terminfo/64/d430-dg-ccc
+usr/lib/terminfo/64/d430-unix
+usr/lib/terminfo/64/d430-unix-25
+usr/lib/terminfo/64/d430-unix-25-ccc
+usr/lib/terminfo/64/d430-unix-ccc
+usr/lib/terminfo/64/d430-unix-s
+usr/lib/terminfo/64/d430-unix-s-ccc
+usr/lib/terminfo/64/d430-unix-sr
+usr/lib/terminfo/64/d430-unix-sr-ccc
+usr/lib/terminfo/64/d430-unix-w
+usr/lib/terminfo/64/d430-unix-w-ccc
+usr/lib/terminfo/64/d430c-dg
+usr/lib/terminfo/64/d430c-dg-ccc
+usr/lib/terminfo/64/d430c-unix
+usr/lib/terminfo/64/d430c-unix-25
+usr/lib/terminfo/64/d430c-unix-25-ccc
+usr/lib/terminfo/64/d430c-unix-ccc
+usr/lib/terminfo/64/d430c-unix-s
+usr/lib/terminfo/64/d430c-unix-s-ccc
+usr/lib/terminfo/64/d430c-unix-sr
+usr/lib/terminfo/64/d430c-unix-sr-ccc
+usr/lib/terminfo/64/d430c-unix-w
+usr/lib/terminfo/64/d430c-unix-w-ccc
+usr/lib/terminfo/64/d450
+usr/lib/terminfo/64/d450-dg
+usr/lib/terminfo/64/d460
+usr/lib/terminfo/64/d460-7b
+usr/lib/terminfo/64/d460-7b-w
+usr/lib/terminfo/64/d460-dg
+usr/lib/terminfo/64/d460-w
+usr/lib/terminfo/64/d461
+usr/lib/terminfo/64/d461-7b
+usr/lib/terminfo/64/d461-7b-w
+usr/lib/terminfo/64/d461-dg
+usr/lib/terminfo/64/d461-w
+usr/lib/terminfo/64/d462+
+usr/lib/terminfo/64/d462+25
+usr/lib/terminfo/64/d462+dg
+usr/lib/terminfo/64/d462+s
+usr/lib/terminfo/64/d462+sr
+usr/lib/terminfo/64/d462+w
+usr/lib/terminfo/64/d462-dg
+usr/lib/terminfo/64/d462-unix
+usr/lib/terminfo/64/d462-unix-25
+usr/lib/terminfo/64/d462-unix-s
+usr/lib/terminfo/64/d462-unix-sr
+usr/lib/terminfo/64/d462-unix-w
+usr/lib/terminfo/64/d462e-dg
+usr/lib/terminfo/64/d463-dg
+usr/lib/terminfo/64/d463-unix
+usr/lib/terminfo/64/d463-unix-25
+usr/lib/terminfo/64/d463-unix-s
+usr/lib/terminfo/64/d463-unix-sr
+usr/lib/terminfo/64/d463-unix-w
+usr/lib/terminfo/64/d464-unix
+usr/lib/terminfo/64/d464-unix-25
+usr/lib/terminfo/64/d464-unix-s
+usr/lib/terminfo/64/d464-unix-sr
+usr/lib/terminfo/64/d464-unix-w
+usr/lib/terminfo/64/d470
+usr/lib/terminfo/64/d470-7b
+usr/lib/terminfo/64/d470-dg
+usr/lib/terminfo/64/d470c
+usr/lib/terminfo/64/d470c-7b
+usr/lib/terminfo/64/d470c-dg
+usr/lib/terminfo/64/d555
+usr/lib/terminfo/64/d555-7b
+usr/lib/terminfo/64/d555-7b-w
+usr/lib/terminfo/64/d555-dg
+usr/lib/terminfo/64/d555-w
+usr/lib/terminfo/64/d577
+usr/lib/terminfo/64/d577-7b
+usr/lib/terminfo/64/d577-7b-w
+usr/lib/terminfo/64/d577-dg
+usr/lib/terminfo/64/d577-w
+usr/lib/terminfo/64/d578
+usr/lib/terminfo/64/d578-7b
+usr/lib/terminfo/64/d578-dg
+usr/lib/terminfo/64/d80
+usr/lib/terminfo/64/d800
+usr/lib/terminfo/64/darwin
+usr/lib/terminfo/64/darwin-100x37
+usr/lib/terminfo/64/darwin-100x37-m
+usr/lib/terminfo/64/darwin-112x37
+usr/lib/terminfo/64/darwin-112x37-m
+usr/lib/terminfo/64/darwin-128x40
+usr/lib/terminfo/64/darwin-128x40-m
+usr/lib/terminfo/64/darwin-128x48
+usr/lib/terminfo/64/darwin-128x48-m
+usr/lib/terminfo/64/darwin-144x48
+usr/lib/terminfo/64/darwin-144x48-m
+usr/lib/terminfo/64/darwin-160x64
+usr/lib/terminfo/64/darwin-160x64-m
+usr/lib/terminfo/64/darwin-200x64
+usr/lib/terminfo/64/darwin-200x64-m
+usr/lib/terminfo/64/darwin-200x75
+usr/lib/terminfo/64/darwin-200x75-m
+usr/lib/terminfo/64/darwin-256x96
+usr/lib/terminfo/64/darwin-256x96-m
+usr/lib/terminfo/64/darwin-80x25
+usr/lib/terminfo/64/darwin-80x25-m
+usr/lib/terminfo/64/darwin-80x30
+usr/lib/terminfo/64/darwin-80x30-m
+usr/lib/terminfo/64/darwin-90x30
+usr/lib/terminfo/64/darwin-90x30-m
+usr/lib/terminfo/64/darwin-b
+usr/lib/terminfo/64/darwin-f
+usr/lib/terminfo/64/darwin-f2
+usr/lib/terminfo/64/darwin-m
+usr/lib/terminfo/64/darwin-m-b
+usr/lib/terminfo/64/darwin-m-f
+usr/lib/terminfo/64/darwin-m-f2
+usr/lib/terminfo/64/datagraphix
+usr/lib/terminfo/64/datamedia2500
+usr/lib/terminfo/64/datapoint
+usr/lib/terminfo/64/dataspeed40
+usr/lib/terminfo/64/dd5000
+usr/lib/terminfo/64/ddr
+usr/lib/terminfo/64/ddr3180
+usr/lib/terminfo/64/dec+pp
+usr/lib/terminfo/64/dec+sl
+usr/lib/terminfo/64/dec-vt100
+usr/lib/terminfo/64/dec-vt220
+usr/lib/terminfo/64/dec-vt330
+usr/lib/terminfo/64/dec-vt340
+usr/lib/terminfo/64/dec-vt400
+usr/lib/terminfo/64/decansi
+usr/lib/terminfo/64/decpro
+usr/lib/terminfo/64/decwriter
+usr/lib/terminfo/64/delta
+usr/lib/terminfo/64/dg+ccc
+usr/lib/terminfo/64/dg+color
+usr/lib/terminfo/64/dg+color8
+usr/lib/terminfo/64/dg+fixed
+usr/lib/terminfo/64/dg-ansi
+usr/lib/terminfo/64/dg-generic
+usr/lib/terminfo/64/dg100
+usr/lib/terminfo/64/dg200
+usr/lib/terminfo/64/dg210
+usr/lib/terminfo/64/dg211
+usr/lib/terminfo/64/dg450
+usr/lib/terminfo/64/dg460-ansi
+usr/lib/terminfo/64/dg6053
+usr/lib/terminfo/64/dg6053-old
+usr/lib/terminfo/64/dg605x
+usr/lib/terminfo/64/dg6134
+usr/lib/terminfo/64/dgkeys+11
+usr/lib/terminfo/64/dgkeys+15
+usr/lib/terminfo/64/dgkeys+7b
+usr/lib/terminfo/64/dgkeys+8b
+usr/lib/terminfo/64/dgmode+color
+usr/lib/terminfo/64/dgmode+color8
+usr/lib/terminfo/64/dgunix+ccc
+usr/lib/terminfo/64/dgunix+fixed
+usr/lib/terminfo/64/diablo
+usr/lib/terminfo/64/diablo-lm
+usr/lib/terminfo/64/diablo1620
+usr/lib/terminfo/64/diablo1620-m8
+usr/lib/terminfo/64/diablo1640
+usr/lib/terminfo/64/diablo1640-lm
+usr/lib/terminfo/64/diablo1640-m8
+usr/lib/terminfo/64/diablo1720
+usr/lib/terminfo/64/diablo1730
+usr/lib/terminfo/64/diablo1740
+usr/lib/terminfo/64/diablo1740-lm
+usr/lib/terminfo/64/diablo450
+usr/lib/terminfo/64/diablo630
+usr/lib/terminfo/64/dialogue
+usr/lib/terminfo/64/dialogue80
+usr/lib/terminfo/64/digilog
+usr/lib/terminfo/64/djgpp
+usr/lib/terminfo/64/djgpp203
+usr/lib/terminfo/64/djgpp204
+usr/lib/terminfo/64/dku7003
+usr/lib/terminfo/64/dku7003-dumb
+usr/lib/terminfo/64/dku7102
+usr/lib/terminfo/64/dku7102-old
+usr/lib/terminfo/64/dku7102-sna
+usr/lib/terminfo/64/dku7103-sna
+usr/lib/terminfo/64/dku7202
+usr/lib/terminfo/64/dm1520
+usr/lib/terminfo/64/dm1521
+usr/lib/terminfo/64/dm2500
+usr/lib/terminfo/64/dm3025
+usr/lib/terminfo/64/dm3045
+usr/lib/terminfo/64/dm80
+usr/lib/terminfo/64/dm80w
+usr/lib/terminfo/64/dmchat
+usr/lib/terminfo/64/dmd
+usr/lib/terminfo/64/dmd-24
+usr/lib/terminfo/64/dmd-34
+usr/lib/terminfo/64/dmd1
+usr/lib/terminfo/64/dmdt80
+usr/lib/terminfo/64/dmdt80w
+usr/lib/terminfo/64/dmterm
+usr/lib/terminfo/64/dp3360
+usr/lib/terminfo/64/dp8242
+usr/lib/terminfo/64/ds40
+usr/lib/terminfo/64/ds40-2
+usr/lib/terminfo/64/dt-100
+usr/lib/terminfo/64/dt-100w
+usr/lib/terminfo/64/dt100
+usr/lib/terminfo/64/dt100w
+usr/lib/terminfo/64/dt110
+usr/lib/terminfo/64/dt80
+usr/lib/terminfo/64/dt80-sas
+usr/lib/terminfo/64/dt80w
+usr/lib/terminfo/64/dtc300s
+usr/lib/terminfo/64/dtc382
+usr/lib/terminfo/64/dtterm
+usr/lib/terminfo/64/dumb
+usr/lib/terminfo/64/dumb-emacs-ansi
+usr/lib/terminfo/64/dvtm
+usr/lib/terminfo/64/dvtm-256color
+usr/lib/terminfo/64/dw
+usr/lib/terminfo/64/dw1
+usr/lib/terminfo/64/dw2
+usr/lib/terminfo/64/dw3
+usr/lib/terminfo/64/dw4
+usr/lib/terminfo/64/dwk
+usr/lib/terminfo/64/dwk-vt
+usr/lib/terminfo/65/
+usr/lib/terminfo/65/ecma+color
+usr/lib/terminfo/65/ecma+italics
+usr/lib/terminfo/65/ecma+sgr
+usr/lib/terminfo/65/ecma+strikeout
+usr/lib/terminfo/65/elks
+usr/lib/terminfo/65/elks-ansi
+usr/lib/terminfo/65/elks-glasstty
+usr/lib/terminfo/65/elks-vt52
+usr/lib/terminfo/65/emots
+usr/lib/terminfo/65/emu
+usr/lib/terminfo/65/emu-220
+usr/lib/terminfo/65/emx-base
+usr/lib/terminfo/65/env230
+usr/lib/terminfo/65/envision230
+usr/lib/terminfo/65/ep40
+usr/lib/terminfo/65/ep4000
+usr/lib/terminfo/65/ep4080
+usr/lib/terminfo/65/ep48
+usr/lib/terminfo/65/ergo4000
+usr/lib/terminfo/65/esprit
+usr/lib/terminfo/65/esprit-am
+usr/lib/terminfo/65/eterm
+usr/lib/terminfo/65/eterm-color
+usr/lib/terminfo/65/ex155
+usr/lib/terminfo/65/excel62
+usr/lib/terminfo/65/excel62-rv
+usr/lib/terminfo/65/excel62-w
+usr/lib/terminfo/65/excel64
+usr/lib/terminfo/65/excel64-rv
+usr/lib/terminfo/65/excel64-w
+usr/lib/terminfo/65/exec80
+usr/lib/terminfo/66/
+usr/lib/terminfo/66/f100
+usr/lib/terminfo/66/f100-rv
+usr/lib/terminfo/66/f110
+usr/lib/terminfo/66/f110-14
+usr/lib/terminfo/66/f110-14w
+usr/lib/terminfo/66/f110-w
+usr/lib/terminfo/66/f1720
+usr/lib/terminfo/66/f1720a
+usr/lib/terminfo/66/f200
+usr/lib/terminfo/66/f200-w
+usr/lib/terminfo/66/f200vi
+usr/lib/terminfo/66/f200vi-w
+usr/lib/terminfo/66/falco
+usr/lib/terminfo/66/falco-p
+usr/lib/terminfo/66/fbterm
+usr/lib/terminfo/66/fenix
+usr/lib/terminfo/66/fenixw
+usr/lib/terminfo/66/fixterm
+usr/lib/terminfo/66/fortune
+usr/lib/terminfo/66/fos
+usr/lib/terminfo/66/fox
+usr/lib/terminfo/66/freedom
+usr/lib/terminfo/66/freedom-rv
+usr/lib/terminfo/66/freedom100
+usr/lib/terminfo/66/freedom110
+usr/lib/terminfo/66/freedom200
+usr/lib/terminfo/67/
+usr/lib/terminfo/67/gator
+usr/lib/terminfo/67/gator-52
+usr/lib/terminfo/67/gator-52t
+usr/lib/terminfo/67/gator-t
+usr/lib/terminfo/67/gigi
+usr/lib/terminfo/67/glasstty
+usr/lib/terminfo/67/gnome
+usr/lib/terminfo/67/gnome+pcfkeys
+usr/lib/terminfo/67/gnome-2007
+usr/lib/terminfo/67/gnome-2008
+usr/lib/terminfo/67/gnome-2012
+usr/lib/terminfo/67/gnome-256color
+usr/lib/terminfo/67/gnome-fc5
+usr/lib/terminfo/67/gnome-rh62
+usr/lib/terminfo/67/gnome-rh72
+usr/lib/terminfo/67/gnome-rh80
+usr/lib/terminfo/67/gnome-rh90
+usr/lib/terminfo/67/go-225
+usr/lib/terminfo/67/go140
+usr/lib/terminfo/67/go140w
+usr/lib/terminfo/67/go225
+usr/lib/terminfo/67/graphos
+usr/lib/terminfo/67/graphos-30
+usr/lib/terminfo/67/gs5430
+usr/lib/terminfo/67/gs5430-22
+usr/lib/terminfo/67/gs5430-24
+usr/lib/terminfo/67/gs6300
+usr/lib/terminfo/67/gsi
+usr/lib/terminfo/67/gt100
+usr/lib/terminfo/67/gt100a
+usr/lib/terminfo/67/gt40
+usr/lib/terminfo/67/gt42
+usr/lib/terminfo/67/guru
+usr/lib/terminfo/67/guru+rv
+usr/lib/terminfo/67/guru+s
+usr/lib/terminfo/67/guru+unk
+usr/lib/terminfo/67/guru-24
+usr/lib/terminfo/67/guru-33
+usr/lib/terminfo/67/guru-33-rv
+usr/lib/terminfo/67/guru-33-s
+usr/lib/terminfo/67/guru-44
+usr/lib/terminfo/67/guru-44-s
+usr/lib/terminfo/67/guru-76
+usr/lib/terminfo/67/guru-76-lp
+usr/lib/terminfo/67/guru-76-s
+usr/lib/terminfo/67/guru-76-w
+usr/lib/terminfo/67/guru-76-w-s
+usr/lib/terminfo/67/guru-76-wm
+usr/lib/terminfo/67/guru-lp
+usr/lib/terminfo/67/guru-nctxt
+usr/lib/terminfo/67/guru-rv
+usr/lib/terminfo/67/guru-s
+usr/lib/terminfo/68/
+usr/lib/terminfo/68/h-100
+usr/lib/terminfo/68/h-100bw
+usr/lib/terminfo/68/h100
+usr/lib/terminfo/68/h100bw
+usr/lib/terminfo/68/h19
+usr/lib/terminfo/68/h19-a
+usr/lib/terminfo/68/h19-b
+usr/lib/terminfo/68/h19-bs
+usr/lib/terminfo/68/h19-g
+usr/lib/terminfo/68/h19-smul
+usr/lib/terminfo/68/h19-u
+usr/lib/terminfo/68/h19-us
+usr/lib/terminfo/68/h19a
+usr/lib/terminfo/68/h19g
+usr/lib/terminfo/68/h19k
+usr/lib/terminfo/68/h19kermit
+usr/lib/terminfo/68/h19us
+usr/lib/terminfo/68/h29a-kc-bc
+usr/lib/terminfo/68/h29a-kc-uc
+usr/lib/terminfo/68/h29a-nkc-bc
+usr/lib/terminfo/68/h29a-nkc-uc
+usr/lib/terminfo/68/h80
+usr/lib/terminfo/68/ha8675
+usr/lib/terminfo/68/ha8686
+usr/lib/terminfo/68/hazel
+usr/lib/terminfo/68/hds200
+usr/lib/terminfo/68/he80
+usr/lib/terminfo/68/heath
+usr/lib/terminfo/68/heath-19
+usr/lib/terminfo/68/heath-ansi
+usr/lib/terminfo/68/heathkit
+usr/lib/terminfo/68/heathkit-a
+usr/lib/terminfo/68/hft
+usr/lib/terminfo/68/hft-c
+usr/lib/terminfo/68/hft-c-old
+usr/lib/terminfo/68/hft-old
+usr/lib/terminfo/68/hirez100
+usr/lib/terminfo/68/hirez100-w
+usr/lib/terminfo/68/hmod1
+usr/lib/terminfo/68/hp
+usr/lib/terminfo/68/hp+arrows
+usr/lib/terminfo/68/hp+color
+usr/lib/terminfo/68/hp+labels
+usr/lib/terminfo/68/hp+pfk+arrows
+usr/lib/terminfo/68/hp+pfk+cr
+usr/lib/terminfo/68/hp+pfk-cr
+usr/lib/terminfo/68/hp+printer
+usr/lib/terminfo/68/hp110
+usr/lib/terminfo/68/hp150
+usr/lib/terminfo/68/hp2
+usr/lib/terminfo/68/hp236
+usr/lib/terminfo/68/hp2382
+usr/lib/terminfo/68/hp2382a
+usr/lib/terminfo/68/hp2392
+usr/lib/terminfo/68/hp2397
+usr/lib/terminfo/68/hp2397a
+usr/lib/terminfo/68/hp2621
+usr/lib/terminfo/68/hp2621-48
+usr/lib/terminfo/68/hp2621-a
+usr/lib/terminfo/68/hp2621-ba
+usr/lib/terminfo/68/hp2621-fl
+usr/lib/terminfo/68/hp2621-k45
+usr/lib/terminfo/68/hp2621-nl
+usr/lib/terminfo/68/hp2621-nt
+usr/lib/terminfo/68/hp2621-wl
+usr/lib/terminfo/68/hp2621A
+usr/lib/terminfo/68/hp2621a-a
+usr/lib/terminfo/68/hp2621b
+usr/lib/terminfo/68/hp2621b-kx
+usr/lib/terminfo/68/hp2621b-kx-p
+usr/lib/terminfo/68/hp2621b-p
+usr/lib/terminfo/68/hp2621k45
+usr/lib/terminfo/68/hp2621p
+usr/lib/terminfo/68/hp2621p-a
+usr/lib/terminfo/68/hp2622
+usr/lib/terminfo/68/hp2622a
+usr/lib/terminfo/68/hp2623
+usr/lib/terminfo/68/hp2623a
+usr/lib/terminfo/68/hp2624
+usr/lib/terminfo/68/hp2624-10p
+usr/lib/terminfo/68/hp2624a
+usr/lib/terminfo/68/hp2624a-10p
+usr/lib/terminfo/68/hp2624b
+usr/lib/terminfo/68/hp2624b-10p
+usr/lib/terminfo/68/hp2624b-10p-p
+usr/lib/terminfo/68/hp2624b-4p
+usr/lib/terminfo/68/hp2624b-4p-p
+usr/lib/terminfo/68/hp2624b-p
+usr/lib/terminfo/68/hp2626
+usr/lib/terminfo/68/hp2626-12
+usr/lib/terminfo/68/hp2626-12-s
+usr/lib/terminfo/68/hp2626-12x40
+usr/lib/terminfo/68/hp2626-ns
+usr/lib/terminfo/68/hp2626-s
+usr/lib/terminfo/68/hp2626-x40
+usr/lib/terminfo/68/hp2626a
+usr/lib/terminfo/68/hp2626p
+usr/lib/terminfo/68/hp2627a
+usr/lib/terminfo/68/hp2627a-rev
+usr/lib/terminfo/68/hp2627c
+usr/lib/terminfo/68/hp262x
+usr/lib/terminfo/68/hp2640a
+usr/lib/terminfo/68/hp2640b
+usr/lib/terminfo/68/hp2641a
+usr/lib/terminfo/68/hp2644a
+usr/lib/terminfo/68/hp2645
+usr/lib/terminfo/68/hp2645a
+usr/lib/terminfo/68/hp2647a
+usr/lib/terminfo/68/hp2648
+usr/lib/terminfo/68/hp2648a
+usr/lib/terminfo/68/hp300h
+usr/lib/terminfo/68/hp45
+usr/lib/terminfo/68/hp700
+usr/lib/terminfo/68/hp700-wy
+usr/lib/terminfo/68/hp70092
+usr/lib/terminfo/68/hp70092A
+usr/lib/terminfo/68/hp9837
+usr/lib/terminfo/68/hp9845
+usr/lib/terminfo/68/hp98550
+usr/lib/terminfo/68/hp98550a
+usr/lib/terminfo/68/hp98720
+usr/lib/terminfo/68/hp98721
+usr/lib/terminfo/68/hpansi
+usr/lib/terminfo/68/hpex
+usr/lib/terminfo/68/hpex2
+usr/lib/terminfo/68/hpgeneric
+usr/lib/terminfo/68/hpsub
+usr/lib/terminfo/68/hpterm
+usr/lib/terminfo/68/hpterm-color
+usr/lib/terminfo/68/htx11
+usr/lib/terminfo/68/hurd
+usr/lib/terminfo/68/hz1000
+usr/lib/terminfo/68/hz1420
+usr/lib/terminfo/68/hz1500
+usr/lib/terminfo/68/hz1510
+usr/lib/terminfo/68/hz1520
+usr/lib/terminfo/68/hz1520-noesc
+usr/lib/terminfo/68/hz1552
+usr/lib/terminfo/68/hz1552-rv
+usr/lib/terminfo/68/hz2000
+usr/lib/terminfo/69/
+usr/lib/terminfo/69/i100
+usr/lib/terminfo/69/i3101
+usr/lib/terminfo/69/i3164
+usr/lib/terminfo/69/i400
+usr/lib/terminfo/69/ibcs2
+usr/lib/terminfo/69/ibm+16color
+usr/lib/terminfo/69/ibm+color
+usr/lib/terminfo/69/ibm-apl
+usr/lib/terminfo/69/ibm-pc
+usr/lib/terminfo/69/ibm-system1
+usr/lib/terminfo/69/ibm3101
+usr/lib/terminfo/69/ibm3151
+usr/lib/terminfo/69/ibm3161
+usr/lib/terminfo/69/ibm3161-C
+usr/lib/terminfo/69/ibm3162
+usr/lib/terminfo/69/ibm3163
+usr/lib/terminfo/69/ibm3164
+usr/lib/terminfo/69/ibm327x
+usr/lib/terminfo/69/ibm5051
+usr/lib/terminfo/69/ibm5081
+usr/lib/terminfo/69/ibm5081-c
+usr/lib/terminfo/69/ibm5151
+usr/lib/terminfo/69/ibm5154
+usr/lib/terminfo/69/ibm5154-c
+usr/lib/terminfo/69/ibm6153
+usr/lib/terminfo/69/ibm6153-40
+usr/lib/terminfo/69/ibm6153-90
+usr/lib/terminfo/69/ibm6154
+usr/lib/terminfo/69/ibm6154-c
+usr/lib/terminfo/69/ibm6155
+usr/lib/terminfo/69/ibm8503
+usr/lib/terminfo/69/ibm8507
+usr/lib/terminfo/69/ibm8512
+usr/lib/terminfo/69/ibm8513
+usr/lib/terminfo/69/ibm8514
+usr/lib/terminfo/69/ibm8514-c
+usr/lib/terminfo/69/ibm8604
+usr/lib/terminfo/69/ibmaed
+usr/lib/terminfo/69/ibmapa16
+usr/lib/terminfo/69/ibmapa8
+usr/lib/terminfo/69/ibmapa8c
+usr/lib/terminfo/69/ibmapa8c-c
+usr/lib/terminfo/69/ibmega
+usr/lib/terminfo/69/ibmega-c
+usr/lib/terminfo/69/ibmmono
+usr/lib/terminfo/69/ibmmpel-c
+usr/lib/terminfo/69/ibmpc
+usr/lib/terminfo/69/ibmpc3
+usr/lib/terminfo/69/ibmpc3r
+usr/lib/terminfo/69/ibmpc3r-mono
+usr/lib/terminfo/69/ibmpcx
+usr/lib/terminfo/69/ibmvga
+usr/lib/terminfo/69/ibmvga-c
+usr/lib/terminfo/69/ibmx
+usr/lib/terminfo/69/icl6402
+usr/lib/terminfo/69/icl6404
+usr/lib/terminfo/69/icl6404-w
+usr/lib/terminfo/69/ifmr
+usr/lib/terminfo/69/ims-ansi
+usr/lib/terminfo/69/ims950
+usr/lib/terminfo/69/ims950-b
+usr/lib/terminfo/69/ims950-rv
+usr/lib/terminfo/69/infoton
+usr/lib/terminfo/69/interix
+usr/lib/terminfo/69/interix-nti
+usr/lib/terminfo/69/intertec
+usr/lib/terminfo/69/intertube
+usr/lib/terminfo/69/intertube2
+usr/lib/terminfo/69/intext
+usr/lib/terminfo/69/intext2
+usr/lib/terminfo/69/intextii
+usr/lib/terminfo/69/ips
+usr/lib/terminfo/69/ipsi
+usr/lib/terminfo/69/iq120
+usr/lib/terminfo/69/iq140
+usr/lib/terminfo/69/iris-ansi
+usr/lib/terminfo/69/iris-ansi-ap
+usr/lib/terminfo/69/iris-ansi-net
+usr/lib/terminfo/69/iris-color
+usr/lib/terminfo/69/iris40
+usr/lib/terminfo/69/iterm
+usr/lib/terminfo/69/iTerm.app
+usr/lib/terminfo/69/iterm2
+usr/lib/terminfo/69/iterm2-direct
+usr/lib/terminfo/69/iTerm2.app
+usr/lib/terminfo/6a/
+usr/lib/terminfo/6a/jaixterm
+usr/lib/terminfo/6a/jaixterm-m
+usr/lib/terminfo/6a/jerq
+usr/lib/terminfo/6a/jfbterm
+usr/lib/terminfo/6b/
+usr/lib/terminfo/6b/k45
+usr/lib/terminfo/6b/kaypro
+usr/lib/terminfo/6b/kaypro2
+usr/lib/terminfo/6b/kds6402
+usr/lib/terminfo/6b/kds7372
+usr/lib/terminfo/6b/kds7372-w
+usr/lib/terminfo/6b/kermit
+usr/lib/terminfo/6b/kermit-am
+usr/lib/terminfo/6b/klone+acs
+usr/lib/terminfo/6b/klone+color
+usr/lib/terminfo/6b/klone+koi8acs
+usr/lib/terminfo/6b/klone+sgr
+usr/lib/terminfo/6b/klone+sgr-dumb
+usr/lib/terminfo/6b/klone+sgr8
+usr/lib/terminfo/6b/kon
+usr/lib/terminfo/6b/kon2
+usr/lib/terminfo/6b/konsole
+usr/lib/terminfo/6b/konsole+pcfkeys
+usr/lib/terminfo/6b/konsole-16color
+usr/lib/terminfo/6b/konsole-256color
+usr/lib/terminfo/6b/konsole-base
+usr/lib/terminfo/6b/konsole-direct
+usr/lib/terminfo/6b/konsole-linux
+usr/lib/terminfo/6b/konsole-solaris
+usr/lib/terminfo/6b/konsole-vt100
+usr/lib/terminfo/6b/konsole-vt420pc
+usr/lib/terminfo/6b/konsole-xf3x
+usr/lib/terminfo/6b/konsole-xf4x
+usr/lib/terminfo/6b/kt7
+usr/lib/terminfo/6b/kt7ix
+usr/lib/terminfo/6b/kterm
+usr/lib/terminfo/6b/kterm-co
+usr/lib/terminfo/6b/kterm-color
+usr/lib/terminfo/6b/ktm
+usr/lib/terminfo/6b/kvt
+usr/lib/terminfo/6c/
+usr/lib/terminfo/6c/la120
+usr/lib/terminfo/6c/layer
+usr/lib/terminfo/6c/lft
+usr/lib/terminfo/6c/lft-pc850
+usr/lib/terminfo/6c/linux
+usr/lib/terminfo/6c/linux-16color
+usr/lib/terminfo/6c/linux-basic
+usr/lib/terminfo/6c/linux-c
+usr/lib/terminfo/6c/linux-c-nc
+usr/lib/terminfo/6c/linux-koi8
+usr/lib/terminfo/6c/linux-koi8r
+usr/lib/terminfo/6c/linux-lat
+usr/lib/terminfo/6c/linux-m
+usr/lib/terminfo/6c/linux-m1
+usr/lib/terminfo/6c/linux-m1b
+usr/lib/terminfo/6c/linux-m2
+usr/lib/terminfo/6c/linux-nic
+usr/lib/terminfo/6c/linux-vt
+usr/lib/terminfo/6c/linux2.2
+usr/lib/terminfo/6c/linux2.6
+usr/lib/terminfo/6c/linux2.6.26
+usr/lib/terminfo/6c/linux3.0
+usr/lib/terminfo/6c/lisa
+usr/lib/terminfo/6c/lisaterm
+usr/lib/terminfo/6c/lisaterm-w
+usr/lib/terminfo/6c/liswb
+usr/lib/terminfo/6c/ln03
+usr/lib/terminfo/6c/ln03-w
+usr/lib/terminfo/6c/lpr
+usr/lib/terminfo/6c/luna
+usr/lib/terminfo/6c/luna68k
+usr/lib/terminfo/6d/
+usr/lib/terminfo/6d/m2-nam
+usr/lib/terminfo/6d/mac
+usr/lib/terminfo/6d/mac-w
+usr/lib/terminfo/6d/mach
+usr/lib/terminfo/6d/mach-bold
+usr/lib/terminfo/6d/mach-color
+usr/lib/terminfo/6d/mach-gnu
+usr/lib/terminfo/6d/mach-gnu-color
+usr/lib/terminfo/6d/macintosh
+usr/lib/terminfo/6d/macterminal-w
+usr/lib/terminfo/6d/mai
+usr/lib/terminfo/6d/masscomp
+usr/lib/terminfo/6d/masscomp1
+usr/lib/terminfo/6d/masscomp2
+usr/lib/terminfo/6d/mdl110
+usr/lib/terminfo/6d/megatek
+usr/lib/terminfo/6d/memhp
+usr/lib/terminfo/6d/mgr
+usr/lib/terminfo/6d/mgr-linux
+usr/lib/terminfo/6d/mgr-sun
+usr/lib/terminfo/6d/mgt
+usr/lib/terminfo/6d/mgterm
+usr/lib/terminfo/6d/microb
+usr/lib/terminfo/6d/microbee
+usr/lib/terminfo/6d/microterm
+usr/lib/terminfo/6d/microterm5
+usr/lib/terminfo/6d/mime
+usr/lib/terminfo/6d/mime-3ax
+usr/lib/terminfo/6d/mime-fb
+usr/lib/terminfo/6d/mime-hb
+usr/lib/terminfo/6d/mime1
+usr/lib/terminfo/6d/mime2
+usr/lib/terminfo/6d/mime2a
+usr/lib/terminfo/6d/mime2a-s
+usr/lib/terminfo/6d/mime2a-v
+usr/lib/terminfo/6d/mime314
+usr/lib/terminfo/6d/mime340
+usr/lib/terminfo/6d/mime3a
+usr/lib/terminfo/6d/mime3ax
+usr/lib/terminfo/6d/mimei
+usr/lib/terminfo/6d/mimeii
+usr/lib/terminfo/6d/minitel
+usr/lib/terminfo/6d/minitel-2
+usr/lib/terminfo/6d/minitel-2-nam
+usr/lib/terminfo/6d/minitel1
+usr/lib/terminfo/6d/minitel1-nb
+usr/lib/terminfo/6d/minitel12-80
+usr/lib/terminfo/6d/minitel1b
+usr/lib/terminfo/6d/minitel1b-80
+usr/lib/terminfo/6d/minitel1b-nb
+usr/lib/terminfo/6d/minitel2-80
+usr/lib/terminfo/6d/minix
+usr/lib/terminfo/6d/minix-1.5
+usr/lib/terminfo/6d/minix-1.7
+usr/lib/terminfo/6d/minix-3.0
+usr/lib/terminfo/6d/minix-old
+usr/lib/terminfo/6d/minix-old-am
+usr/lib/terminfo/6d/mlterm
+usr/lib/terminfo/6d/mlterm+pcfkeys
+usr/lib/terminfo/6d/mlterm-256color
+usr/lib/terminfo/6d/mlterm-direct
+usr/lib/terminfo/6d/mlterm2
+usr/lib/terminfo/6d/mlterm3
+usr/lib/terminfo/6d/mm314
+usr/lib/terminfo/6d/mm340
+usr/lib/terminfo/6d/mod
+usr/lib/terminfo/6d/mod24
+usr/lib/terminfo/6d/modgraph
+usr/lib/terminfo/6d/modgraph2
+usr/lib/terminfo/6d/modgraph48
+usr/lib/terminfo/6d/mono-emx
+usr/lib/terminfo/6d/morphos
+usr/lib/terminfo/6d/mouse-sun
+usr/lib/terminfo/6d/mrxvt
+usr/lib/terminfo/6d/mrxvt-256color
+usr/lib/terminfo/6d/ms-vt-utf8
+usr/lib/terminfo/6d/ms-vt100
+usr/lib/terminfo/6d/ms-vt100+
+usr/lib/terminfo/6d/ms-vt100-color
+usr/lib/terminfo/6d/msk227
+usr/lib/terminfo/6d/msk22714
+usr/lib/terminfo/6d/msk227am
+usr/lib/terminfo/6d/mskermit227
+usr/lib/terminfo/6d/mskermit22714
+usr/lib/terminfo/6d/mskermit227am
+usr/lib/terminfo/6d/mt-70
+usr/lib/terminfo/6d/mt4520-rv
+usr/lib/terminfo/6d/mt70
+usr/lib/terminfo/6d/mterm
+usr/lib/terminfo/6d/mterm-ansi
+usr/lib/terminfo/6d/mvterm
+usr/lib/terminfo/6e/
+usr/lib/terminfo/6e/nansi.sys
+usr/lib/terminfo/6e/nansi.sysk
+usr/lib/terminfo/6e/nansisys
+usr/lib/terminfo/6e/nansisysk
+usr/lib/terminfo/6e/ncr160vppp
+usr/lib/terminfo/6e/ncr160vpwpp
+usr/lib/terminfo/6e/ncr160vt100an
+usr/lib/terminfo/6e/ncr160vt100pp
+usr/lib/terminfo/6e/ncr160vt100wan
+usr/lib/terminfo/6e/ncr160vt100wpp
+usr/lib/terminfo/6e/ncr160vt200an
+usr/lib/terminfo/6e/ncr160vt200pp
+usr/lib/terminfo/6e/ncr160vt200wan
+usr/lib/terminfo/6e/ncr160vt200wpp
+usr/lib/terminfo/6e/ncr160vt300an
+usr/lib/terminfo/6e/ncr160vt300pp
+usr/lib/terminfo/6e/ncr160vt300wan
+usr/lib/terminfo/6e/ncr160vt300wpp
+usr/lib/terminfo/6e/ncr160wy50+pp
+usr/lib/terminfo/6e/ncr160wy50+wpp
+usr/lib/terminfo/6e/ncr160wy60pp
+usr/lib/terminfo/6e/ncr160wy60wpp
+usr/lib/terminfo/6e/ncr260intan
+usr/lib/terminfo/6e/ncr260intpp
+usr/lib/terminfo/6e/ncr260intwan
+usr/lib/terminfo/6e/ncr260intwpp
+usr/lib/terminfo/6e/ncr260vppp
+usr/lib/terminfo/6e/ncr260vpwpp
+usr/lib/terminfo/6e/ncr260vt100an
+usr/lib/terminfo/6e/ncr260vt100pp
+usr/lib/terminfo/6e/ncr260vt100wan
+usr/lib/terminfo/6e/ncr260vt100wpp
+usr/lib/terminfo/6e/ncr260vt200an
+usr/lib/terminfo/6e/ncr260vt200pp
+usr/lib/terminfo/6e/ncr260vt200wan
+usr/lib/terminfo/6e/ncr260vt200wpp
+usr/lib/terminfo/6e/ncr260vt300an
+usr/lib/terminfo/6e/ncr260vt300pp
+usr/lib/terminfo/6e/ncr260vt300wan
+usr/lib/terminfo/6e/ncr260vt300wpp
+usr/lib/terminfo/6e/ncr260wy325pp
+usr/lib/terminfo/6e/ncr260wy325wpp
+usr/lib/terminfo/6e/ncr260wy350pp
+usr/lib/terminfo/6e/ncr260wy350wpp
+usr/lib/terminfo/6e/ncr260wy50+pp
+usr/lib/terminfo/6e/ncr260wy50+wpp
+usr/lib/terminfo/6e/ncr260wy60pp
+usr/lib/terminfo/6e/ncr260wy60wpp
+usr/lib/terminfo/6e/ncr7900
+usr/lib/terminfo/6e/ncr7900i
+usr/lib/terminfo/6e/ncr7900iv
+usr/lib/terminfo/6e/ncr7901
+usr/lib/terminfo/6e/ncrvt100an
+usr/lib/terminfo/6e/ncrvt100pp
+usr/lib/terminfo/6e/ncrvt100wan
+usr/lib/terminfo/6e/ncrvt100wpp
+usr/lib/terminfo/6e/ncsa
+usr/lib/terminfo/6e/ncsa-m
+usr/lib/terminfo/6e/ncsa-m-ns
+usr/lib/terminfo/6e/ncsa-ns
+usr/lib/terminfo/6e/ncsa-vt220
+usr/lib/terminfo/6e/ncsa-vt220-8
+usr/lib/terminfo/6e/nd9500
+usr/lib/terminfo/6e/ndr9500
+usr/lib/terminfo/6e/ndr9500-25
+usr/lib/terminfo/6e/ndr9500-25-mc
+usr/lib/terminfo/6e/ndr9500-25-mc-nl
+usr/lib/terminfo/6e/ndr9500-25-nl
+usr/lib/terminfo/6e/ndr9500-mc
+usr/lib/terminfo/6e/ndr9500-mc-nl
+usr/lib/terminfo/6e/ndr9500-nl
+usr/lib/terminfo/6e/nec
+usr/lib/terminfo/6e/nec5520
+usr/lib/terminfo/6e/netbsd6
+usr/lib/terminfo/6e/newhp
+usr/lib/terminfo/6e/newhpkeyboard
+usr/lib/terminfo/6e/news
+usr/lib/terminfo/6e/news-29
+usr/lib/terminfo/6e/news-29-euc
+usr/lib/terminfo/6e/news-29-sjis
+usr/lib/terminfo/6e/news-33
+usr/lib/terminfo/6e/news-33-euc
+usr/lib/terminfo/6e/news-33-sjis
+usr/lib/terminfo/6e/news-42
+usr/lib/terminfo/6e/news-42-euc
+usr/lib/terminfo/6e/news-42-sjis
+usr/lib/terminfo/6e/news-a
+usr/lib/terminfo/6e/news-o
+usr/lib/terminfo/6e/news-old-unk
+usr/lib/terminfo/6e/news-unk
+usr/lib/terminfo/6e/news28
+usr/lib/terminfo/6e/news28-a
+usr/lib/terminfo/6e/news29
+usr/lib/terminfo/6e/news31
+usr/lib/terminfo/6e/news31-a
+usr/lib/terminfo/6e/news31-o
+usr/lib/terminfo/6e/news33
+usr/lib/terminfo/6e/news40
+usr/lib/terminfo/6e/news40-a
+usr/lib/terminfo/6e/news40-o
+usr/lib/terminfo/6e/news42
+usr/lib/terminfo/6e/newscbm
+usr/lib/terminfo/6e/newscbm-a
+usr/lib/terminfo/6e/newscbm-o
+usr/lib/terminfo/6e/newscbm33
+usr/lib/terminfo/6e/next
+usr/lib/terminfo/6e/nextshell
+usr/lib/terminfo/6e/northstar
+usr/lib/terminfo/6e/nsterm
+usr/lib/terminfo/6e/nsterm+7
+usr/lib/terminfo/6e/nsterm+acs
+usr/lib/terminfo/6e/nsterm+c
+usr/lib/terminfo/6e/nsterm+c41
+usr/lib/terminfo/6e/nsterm+mac
+usr/lib/terminfo/6e/nsterm+s
+usr/lib/terminfo/6e/nsterm-16color
+usr/lib/terminfo/6e/nsterm-256color
+usr/lib/terminfo/6e/nsterm-7
+usr/lib/terminfo/6e/nsterm-7-c
+usr/lib/terminfo/6e/nsterm-7-c-s
+usr/lib/terminfo/6e/nsterm-7-m
+usr/lib/terminfo/6e/nsterm-7-m-s
+usr/lib/terminfo/6e/nsterm-7-s
+usr/lib/terminfo/6e/nsterm-acs
+usr/lib/terminfo/6e/nsterm-acs-c
+usr/lib/terminfo/6e/nsterm-acs-c-s
+usr/lib/terminfo/6e/nsterm-acs-m
+usr/lib/terminfo/6e/nsterm-acs-m-s
+usr/lib/terminfo/6e/nsterm-acs-s
+usr/lib/terminfo/6e/nsterm-bce
+usr/lib/terminfo/6e/nsterm-build326
+usr/lib/terminfo/6e/nsterm-build343
+usr/lib/terminfo/6e/nsterm-build361
+usr/lib/terminfo/6e/nsterm-build400
+usr/lib/terminfo/6e/nsterm-c
+usr/lib/terminfo/6e/nsterm-c-7
+usr/lib/terminfo/6e/nsterm-c-acs
+usr/lib/terminfo/6e/nsterm-c-s
+usr/lib/terminfo/6e/nsterm-c-s-7
+usr/lib/terminfo/6e/nsterm-c-s-acs
+usr/lib/terminfo/6e/nsterm-m
+usr/lib/terminfo/6e/nsterm-m-7
+usr/lib/terminfo/6e/nsterm-m-acs
+usr/lib/terminfo/6e/nsterm-m-s
+usr/lib/terminfo/6e/nsterm-m-s-7
+usr/lib/terminfo/6e/nsterm-m-s-acs
+usr/lib/terminfo/6e/nsterm-old
+usr/lib/terminfo/6e/nsterm-s
+usr/lib/terminfo/6e/nsterm-s-7
+usr/lib/terminfo/6e/nsterm-s-acs
+usr/lib/terminfo/6e/ntconsole
+usr/lib/terminfo/6e/ntconsole-100
+usr/lib/terminfo/6e/ntconsole-100-nti
+usr/lib/terminfo/6e/ntconsole-25
+usr/lib/terminfo/6e/ntconsole-25-nti
+usr/lib/terminfo/6e/ntconsole-25-w
+usr/lib/terminfo/6e/ntconsole-25-w-vt
+usr/lib/terminfo/6e/ntconsole-35
+usr/lib/terminfo/6e/ntconsole-35-nti
+usr/lib/terminfo/6e/ntconsole-35-w
+usr/lib/terminfo/6e/ntconsole-50
+usr/lib/terminfo/6e/ntconsole-50-nti
+usr/lib/terminfo/6e/ntconsole-50-w
+usr/lib/terminfo/6e/ntconsole-60
+usr/lib/terminfo/6e/ntconsole-60-nti
+usr/lib/terminfo/6e/ntconsole-60-w
+usr/lib/terminfo/6e/ntconsole-w
+usr/lib/terminfo/6e/ntconsole-w-vt
+usr/lib/terminfo/6e/nwe501
+usr/lib/terminfo/6e/nwe501-a
+usr/lib/terminfo/6e/nwe501-o
+usr/lib/terminfo/6e/nwp-511
+usr/lib/terminfo/6e/nwp-517
+usr/lib/terminfo/6e/nwp-517-w
+usr/lib/terminfo/6e/nwp251-a
+usr/lib/terminfo/6e/nwp251-o
+usr/lib/terminfo/6e/nwp511
+usr/lib/terminfo/6e/nwp512
+usr/lib/terminfo/6e/nwp512-a
+usr/lib/terminfo/6e/nwp512-o
+usr/lib/terminfo/6e/nwp513
+usr/lib/terminfo/6e/nwp513-a
+usr/lib/terminfo/6e/nwp513-o
+usr/lib/terminfo/6e/nwp514
+usr/lib/terminfo/6e/nwp514-a
+usr/lib/terminfo/6e/nwp514-o
+usr/lib/terminfo/6e/nwp517
+usr/lib/terminfo/6e/nwp517-w
+usr/lib/terminfo/6e/nwp518
+usr/lib/terminfo/6e/nwp518-a
+usr/lib/terminfo/6e/nwp518-o
+usr/lib/terminfo/6e/nxterm
+usr/lib/terminfo/6f/
+usr/lib/terminfo/6f/o31
+usr/lib/terminfo/6f/o4112-nd
+usr/lib/terminfo/6f/o85h
+usr/lib/terminfo/6f/oabm85h
+usr/lib/terminfo/6f/oblit
+usr/lib/terminfo/6f/oc100
+usr/lib/terminfo/6f/oconcept
+usr/lib/terminfo/6f/ofcons
+usr/lib/terminfo/6f/ojerq
+usr/lib/terminfo/6f/old-st
+usr/lib/terminfo/6f/oldibmpc3
+usr/lib/terminfo/6f/oldpc3
+usr/lib/terminfo/6f/oldsun
+usr/lib/terminfo/6f/omron
+usr/lib/terminfo/6f/opennt
+usr/lib/terminfo/6f/opennt-100
+usr/lib/terminfo/6f/opennt-100-nti
+usr/lib/terminfo/6f/opennt-25
+usr/lib/terminfo/6f/opennt-25-nti
+usr/lib/terminfo/6f/opennt-25-w
+usr/lib/terminfo/6f/opennt-25-w-vt
+usr/lib/terminfo/6f/opennt-35
+usr/lib/terminfo/6f/opennt-35-nti
+usr/lib/terminfo/6f/opennt-35-w
+usr/lib/terminfo/6f/opennt-50
+usr/lib/terminfo/6f/opennt-50-nti
+usr/lib/terminfo/6f/opennt-50-w
+usr/lib/terminfo/6f/opennt-60
+usr/lib/terminfo/6f/opennt-60-nti
+usr/lib/terminfo/6f/opennt-60-w
+usr/lib/terminfo/6f/opennt-nti
+usr/lib/terminfo/6f/opennt-w
+usr/lib/terminfo/6f/opennt-w-vt
+usr/lib/terminfo/6f/opus3n1+
+usr/lib/terminfo/6f/origibmpc3
+usr/lib/terminfo/6f/origpc3
+usr/lib/terminfo/6f/os9LII
+usr/lib/terminfo/6f/osborne
+usr/lib/terminfo/6f/osborne-w
+usr/lib/terminfo/6f/osborne1
+usr/lib/terminfo/6f/osborne1-w
+usr/lib/terminfo/6f/osexec
+usr/lib/terminfo/6f/otek4112
+usr/lib/terminfo/6f/otek4113
+usr/lib/terminfo/6f/otek4114
+usr/lib/terminfo/6f/otek4115
+usr/lib/terminfo/6f/owl
+usr/lib/terminfo/70/
+usr/lib/terminfo/70/p12
+usr/lib/terminfo/70/p12-m
+usr/lib/terminfo/70/p12-m-w
+usr/lib/terminfo/70/p12-w
+usr/lib/terminfo/70/p14
+usr/lib/terminfo/70/p14-m
+usr/lib/terminfo/70/p14-m-w
+usr/lib/terminfo/70/p14-w
+usr/lib/terminfo/70/p19
+usr/lib/terminfo/70/p4
+usr/lib/terminfo/70/p5
+usr/lib/terminfo/70/p7
+usr/lib/terminfo/70/p8
+usr/lib/terminfo/70/p8-w
+usr/lib/terminfo/70/p8gl
+usr/lib/terminfo/70/p9
+usr/lib/terminfo/70/p9-8
+usr/lib/terminfo/70/p9-8-w
+usr/lib/terminfo/70/p9-w
+usr/lib/terminfo/70/pc-coherent
+usr/lib/terminfo/70/pc-minix
+usr/lib/terminfo/70/pc-venix
+usr/lib/terminfo/70/pc3
+usr/lib/terminfo/70/pc3-bold
+usr/lib/terminfo/70/pc3r
+usr/lib/terminfo/70/pc3r-m
+usr/lib/terminfo/70/pc6300plus
+usr/lib/terminfo/70/pc7300
+usr/lib/terminfo/70/pcansi
+usr/lib/terminfo/70/pcansi-25
+usr/lib/terminfo/70/pcansi-25-m
+usr/lib/terminfo/70/pcansi-33
+usr/lib/terminfo/70/pcansi-33-m
+usr/lib/terminfo/70/pcansi-43
+usr/lib/terminfo/70/pcansi-43-m
+usr/lib/terminfo/70/pcansi-m
+usr/lib/terminfo/70/pcansi-mono
+usr/lib/terminfo/70/pcansi25
+usr/lib/terminfo/70/pcansi25m
+usr/lib/terminfo/70/pcansi33
+usr/lib/terminfo/70/pcansi33m
+usr/lib/terminfo/70/pcansi43
+usr/lib/terminfo/70/pccon
+usr/lib/terminfo/70/pccon+base
+usr/lib/terminfo/70/pccon+colors
+usr/lib/terminfo/70/pccon+keys
+usr/lib/terminfo/70/pccon+sgr+acs
+usr/lib/terminfo/70/pccon+sgr+acs0
+usr/lib/terminfo/70/pccon-m
+usr/lib/terminfo/70/pccon0
+usr/lib/terminfo/70/pccon0-m
+usr/lib/terminfo/70/pccons
+usr/lib/terminfo/70/pcconsole
+usr/lib/terminfo/70/pcix
+usr/lib/terminfo/70/pckermit
+usr/lib/terminfo/70/pckermit12
+usr/lib/terminfo/70/pckermit120
+usr/lib/terminfo/70/pcmw
+usr/lib/terminfo/70/pcplot
+usr/lib/terminfo/70/pcvt25
+usr/lib/terminfo/70/pcvt25-color
+usr/lib/terminfo/70/pcvt25w
+usr/lib/terminfo/70/pcvt28
+usr/lib/terminfo/70/pcvt28w
+usr/lib/terminfo/70/pcvt35
+usr/lib/terminfo/70/pcvt35w
+usr/lib/terminfo/70/pcvt40
+usr/lib/terminfo/70/pcvt40w
+usr/lib/terminfo/70/pcvt43
+usr/lib/terminfo/70/pcvt43w
+usr/lib/terminfo/70/pcvt50
+usr/lib/terminfo/70/pcvt50w
+usr/lib/terminfo/70/pcvtXX
+usr/lib/terminfo/70/pcz19
+usr/lib/terminfo/70/pe1100
+usr/lib/terminfo/70/pe1200
+usr/lib/terminfo/70/pe1251
+usr/lib/terminfo/70/pe550
+usr/lib/terminfo/70/pe6100
+usr/lib/terminfo/70/pe6300
+usr/lib/terminfo/70/pe6312
+usr/lib/terminfo/70/pe7000c
+usr/lib/terminfo/70/pe7000m
+usr/lib/terminfo/70/pilot
+usr/lib/terminfo/70/pmcons
+usr/lib/terminfo/70/pmconsole
+usr/lib/terminfo/70/printer
+usr/lib/terminfo/70/prism12
+usr/lib/terminfo/70/prism12-m
+usr/lib/terminfo/70/prism12-m-w
+usr/lib/terminfo/70/prism12-w
+usr/lib/terminfo/70/prism14
+usr/lib/terminfo/70/prism14-m
+usr/lib/terminfo/70/prism14-m-w
+usr/lib/terminfo/70/prism14-w
+usr/lib/terminfo/70/prism2
+usr/lib/terminfo/70/prism4
+usr/lib/terminfo/70/prism5
+usr/lib/terminfo/70/prism7
+usr/lib/terminfo/70/prism8
+usr/lib/terminfo/70/prism8-w
+usr/lib/terminfo/70/prism8gl
+usr/lib/terminfo/70/prism9
+usr/lib/terminfo/70/prism9-8
+usr/lib/terminfo/70/prism9-8-w
+usr/lib/terminfo/70/prism9-w
+usr/lib/terminfo/70/pro350
+usr/lib/terminfo/70/ps300
+usr/lib/terminfo/70/psterm
+usr/lib/terminfo/70/psterm-80x24
+usr/lib/terminfo/70/psterm-90x28
+usr/lib/terminfo/70/psterm-96x48
+usr/lib/terminfo/70/psterm-basic
+usr/lib/terminfo/70/psterm-fast
+usr/lib/terminfo/70/psx_ansi
+usr/lib/terminfo/70/pt100
+usr/lib/terminfo/70/pt100w
+usr/lib/terminfo/70/pt200
+usr/lib/terminfo/70/pt200w
+usr/lib/terminfo/70/pt210
+usr/lib/terminfo/70/pt250
+usr/lib/terminfo/70/pt250w
+usr/lib/terminfo/70/pt505
+usr/lib/terminfo/70/pt505-22
+usr/lib/terminfo/70/pt505-24
+usr/lib/terminfo/70/pty
+usr/lib/terminfo/70/putty
+usr/lib/terminfo/70/putty+fnkeys
+usr/lib/terminfo/70/putty+fnkeys+esc
+usr/lib/terminfo/70/putty+fnkeys+linux
+usr/lib/terminfo/70/putty+fnkeys+sco
+usr/lib/terminfo/70/putty+fnkeys+vt100
+usr/lib/terminfo/70/putty+fnkeys+vt400
+usr/lib/terminfo/70/putty+fnkeys+xterm
+usr/lib/terminfo/70/putty-256color
+usr/lib/terminfo/70/putty-m1
+usr/lib/terminfo/70/putty-m1b
+usr/lib/terminfo/70/putty-m2
+usr/lib/terminfo/70/putty-noapp
+usr/lib/terminfo/70/putty-sco
+usr/lib/terminfo/70/putty-vt100
+usr/lib/terminfo/71/
+usr/lib/terminfo/71/qansi
+usr/lib/terminfo/71/qansi-g
+usr/lib/terminfo/71/qansi-m
+usr/lib/terminfo/71/qansi-t
+usr/lib/terminfo/71/qansi-w
+usr/lib/terminfo/71/qdcons
+usr/lib/terminfo/71/qdss
+usr/lib/terminfo/71/qnx
+usr/lib/terminfo/71/qnx4
+usr/lib/terminfo/71/qnxm
+usr/lib/terminfo/71/qnxt
+usr/lib/terminfo/71/qnxt2
+usr/lib/terminfo/71/qnxt4
+usr/lib/terminfo/71/qnxtmono
+usr/lib/terminfo/71/qnxw
+usr/lib/terminfo/71/qume
+usr/lib/terminfo/71/qume5
+usr/lib/terminfo/71/qvt101
+usr/lib/terminfo/71/qvt101+
+usr/lib/terminfo/71/qvt101p
+usr/lib/terminfo/71/qvt102
+usr/lib/terminfo/71/qvt103
+usr/lib/terminfo/71/qvt103-w
+usr/lib/terminfo/71/qvt108
+usr/lib/terminfo/71/qvt119
+usr/lib/terminfo/71/qvt119+
+usr/lib/terminfo/71/qvt119+-25
+usr/lib/terminfo/71/qvt119+-25-w
+usr/lib/terminfo/71/qvt119+-w
+usr/lib/terminfo/71/qvt119-25-w
+usr/lib/terminfo/71/qvt119-w
+usr/lib/terminfo/71/qvt119p
+usr/lib/terminfo/71/qvt119p-25
+usr/lib/terminfo/71/qvt119p-25-w
+usr/lib/terminfo/71/qvt119p-w
+usr/lib/terminfo/71/qvt203
+usr/lib/terminfo/71/qvt203+
+usr/lib/terminfo/71/qvt203-25
+usr/lib/terminfo/71/qvt203-25-w
+usr/lib/terminfo/71/qvt203-w
+usr/lib/terminfo/71/qvt203-w-am
+usr/lib/terminfo/72/
+usr/lib/terminfo/72/rbcomm
+usr/lib/terminfo/72/rbcomm-nam
+usr/lib/terminfo/72/rbcomm-w
+usr/lib/terminfo/72/rca
+usr/lib/terminfo/72/rcons
+usr/lib/terminfo/72/rcons-color
+usr/lib/terminfo/72/rebus3180
+usr/lib/terminfo/72/regent
+usr/lib/terminfo/72/regent100
+usr/lib/terminfo/72/regent20
+usr/lib/terminfo/72/regent200
+usr/lib/terminfo/72/regent25
+usr/lib/terminfo/72/regent40
+usr/lib/terminfo/72/regent40+
+usr/lib/terminfo/72/regent60
+usr/lib/terminfo/72/rt6221
+usr/lib/terminfo/72/rt6221-w
+usr/lib/terminfo/72/rtpc
+usr/lib/terminfo/72/rxvt
+usr/lib/terminfo/72/rxvt+pcfkeys
+usr/lib/terminfo/72/rxvt-16color
+usr/lib/terminfo/72/rxvt-256color
+usr/lib/terminfo/72/rxvt-88color
+usr/lib/terminfo/72/rxvt-basic
+usr/lib/terminfo/72/rxvt-color
+usr/lib/terminfo/72/rxvt-cygwin
+usr/lib/terminfo/72/rxvt-cygwin-native
+usr/lib/terminfo/72/rxvt-xpm
+usr/lib/terminfo/73/
+usr/lib/terminfo/73/s4
+usr/lib/terminfo/73/sb1
+usr/lib/terminfo/73/sb2
+usr/lib/terminfo/73/sb3
+usr/lib/terminfo/73/sbi
+usr/lib/terminfo/73/sbobcat
+usr/lib/terminfo/73/sc410
+usr/lib/terminfo/73/sc415
+usr/lib/terminfo/73/scanset
+usr/lib/terminfo/73/scoansi
+usr/lib/terminfo/73/scoansi-new
+usr/lib/terminfo/73/scoansi-old
+usr/lib/terminfo/73/screen
+usr/lib/terminfo/73/screen+fkeys
+usr/lib/terminfo/73/screen+italics
+usr/lib/terminfo/73/screen-16color
+usr/lib/terminfo/73/screen-16color-bce
+usr/lib/terminfo/73/screen-16color-bce-s
+usr/lib/terminfo/73/screen-16color-s
+usr/lib/terminfo/73/screen-256color
+usr/lib/terminfo/73/screen-256color-bce
+usr/lib/terminfo/73/screen-256color-bce-s
+usr/lib/terminfo/73/screen-256color-s
+usr/lib/terminfo/73/screen-bce
+usr/lib/terminfo/73/screen-bce.Eterm
+usr/lib/terminfo/73/screen-bce.gnome
+usr/lib/terminfo/73/screen-bce.konsole
+usr/lib/terminfo/73/screen-bce.linux
+usr/lib/terminfo/73/screen-bce.mrxvt
+usr/lib/terminfo/73/screen-bce.rxvt
+usr/lib/terminfo/73/screen-bce.xterm-new
+usr/lib/terminfo/73/screen-s
+usr/lib/terminfo/73/screen-w
+usr/lib/terminfo/73/screen.Eterm
+usr/lib/terminfo/73/screen.gnome
+usr/lib/terminfo/73/screen.konsole
+usr/lib/terminfo/73/screen.konsole-256color
+usr/lib/terminfo/73/screen.linux
+usr/lib/terminfo/73/screen.linux-m1
+usr/lib/terminfo/73/screen.linux-m1b
+usr/lib/terminfo/73/screen.linux-m2
+usr/lib/terminfo/73/screen.minitel1
+usr/lib/terminfo/73/screen.minitel1-nb
+usr/lib/terminfo/73/screen.minitel12-80
+usr/lib/terminfo/73/screen.minitel1b
+usr/lib/terminfo/73/screen.minitel1b-80
+usr/lib/terminfo/73/screen.minitel1b-nb
+usr/lib/terminfo/73/screen.minitel2-80
+usr/lib/terminfo/73/screen.mlterm
+usr/lib/terminfo/73/screen.mlterm-256color
+usr/lib/terminfo/73/screen.mrxvt
+usr/lib/terminfo/73/screen.putty
+usr/lib/terminfo/73/screen.putty-256color
+usr/lib/terminfo/73/screen.putty-m1
+usr/lib/terminfo/73/screen.putty-m1b
+usr/lib/terminfo/73/screen.putty-m2
+usr/lib/terminfo/73/screen.rxvt
+usr/lib/terminfo/73/screen.teraterm
+usr/lib/terminfo/73/screen.vte
+usr/lib/terminfo/73/screen.vte-256color
+usr/lib/terminfo/73/screen.xterm-256color
+usr/lib/terminfo/73/screen.xterm-new
+usr/lib/terminfo/73/screen.xterm-r6
+usr/lib/terminfo/73/screen.xterm-xfree86
+usr/lib/terminfo/73/screen2
+usr/lib/terminfo/73/screen3
+usr/lib/terminfo/73/screwpoint
+usr/lib/terminfo/73/scrhp
+usr/lib/terminfo/73/sibo
+usr/lib/terminfo/73/simpleterm
+usr/lib/terminfo/73/simterm
+usr/lib/terminfo/73/soroc
+usr/lib/terminfo/73/soroc120
+usr/lib/terminfo/73/soroc140
+usr/lib/terminfo/73/spinwriter
+usr/lib/terminfo/73/st
+usr/lib/terminfo/73/st-0.6
+usr/lib/terminfo/73/st-0.7
+usr/lib/terminfo/73/st-16color
+usr/lib/terminfo/73/st-256color
+usr/lib/terminfo/73/st-direct
+usr/lib/terminfo/73/st52
+usr/lib/terminfo/73/st52-color
+usr/lib/terminfo/73/st52-m
+usr/lib/terminfo/73/st52-old
+usr/lib/terminfo/73/stterm
+usr/lib/terminfo/73/stterm-16color
+usr/lib/terminfo/73/stterm-256color
+usr/lib/terminfo/73/stv52
+usr/lib/terminfo/73/stv52pc
+usr/lib/terminfo/73/sun
+usr/lib/terminfo/73/sun+sl
+usr/lib/terminfo/73/sun-1
+usr/lib/terminfo/73/sun-12
+usr/lib/terminfo/73/sun-17
+usr/lib/terminfo/73/sun-24
+usr/lib/terminfo/73/sun-34
+usr/lib/terminfo/73/sun-48
+usr/lib/terminfo/73/sun-c
+usr/lib/terminfo/73/sun-cgsix
+usr/lib/terminfo/73/sun-cmd
+usr/lib/terminfo/73/sun-color
+usr/lib/terminfo/73/sun-e
+usr/lib/terminfo/73/sun-e-s
+usr/lib/terminfo/73/sun-il
+usr/lib/terminfo/73/sun-nic
+usr/lib/terminfo/73/sun-s
+usr/lib/terminfo/73/sun-s-e
+usr/lib/terminfo/73/sun-ss5
+usr/lib/terminfo/73/sun-type4
+usr/lib/terminfo/73/sun1
+usr/lib/terminfo/73/sun2
+usr/lib/terminfo/73/sune
+usr/lib/terminfo/73/superbee
+usr/lib/terminfo/73/superbee-xsb
+usr/lib/terminfo/73/superbeeic
+usr/lib/terminfo/73/superbrain
+usr/lib/terminfo/73/sv80
+usr/lib/terminfo/73/swtp
+usr/lib/terminfo/73/synertek
+usr/lib/terminfo/73/synertek380
+usr/lib/terminfo/73/system1
+usr/lib/terminfo/74/
+usr/lib/terminfo/74/t10
+usr/lib/terminfo/74/t1061
+usr/lib/terminfo/74/t1061f
+usr/lib/terminfo/74/t16
+usr/lib/terminfo/74/t3700
+usr/lib/terminfo/74/t3800
+usr/lib/terminfo/74/t653x
+usr/lib/terminfo/74/tab
+usr/lib/terminfo/74/tab132
+usr/lib/terminfo/74/tab132-15
+usr/lib/terminfo/74/tab132-rv
+usr/lib/terminfo/74/tab132-w
+usr/lib/terminfo/74/tab132-w-rv
+usr/lib/terminfo/74/tandem6510
+usr/lib/terminfo/74/tandem653
+usr/lib/terminfo/74/tek
+usr/lib/terminfo/74/tek4012
+usr/lib/terminfo/74/tek4013
+usr/lib/terminfo/74/tek4014
+usr/lib/terminfo/74/tek4014-sm
+usr/lib/terminfo/74/tek4015
+usr/lib/terminfo/74/tek4015-sm
+usr/lib/terminfo/74/tek4023
+usr/lib/terminfo/74/tek4024
+usr/lib/terminfo/74/tek4025
+usr/lib/terminfo/74/tek4025-17
+usr/lib/terminfo/74/tek4025-17-ws
+usr/lib/terminfo/74/tek4025-cr
+usr/lib/terminfo/74/tek4025-ex
+usr/lib/terminfo/74/tek4025a
+usr/lib/terminfo/74/tek4025ex
+usr/lib/terminfo/74/tek4027
+usr/lib/terminfo/74/tek4027-ex
+usr/lib/terminfo/74/tek4105
+usr/lib/terminfo/74/tek4105-30
+usr/lib/terminfo/74/tek4105a
+usr/lib/terminfo/74/tek4106brl
+usr/lib/terminfo/74/tek4107
+usr/lib/terminfo/74/tek4107brl
+usr/lib/terminfo/74/tek4109
+usr/lib/terminfo/74/tek4109brl
+usr/lib/terminfo/74/tek4112
+usr/lib/terminfo/74/tek4112-5
+usr/lib/terminfo/74/tek4112-nd
+usr/lib/terminfo/74/tek4113
+usr/lib/terminfo/74/tek4113-34
+usr/lib/terminfo/74/tek4113-nd
+usr/lib/terminfo/74/tek4114
+usr/lib/terminfo/74/tek4115
+usr/lib/terminfo/74/tek4125
+usr/lib/terminfo/74/tek4205
+usr/lib/terminfo/74/tek4207
+usr/lib/terminfo/74/tek4207-s
+usr/lib/terminfo/74/tek4404
+usr/lib/terminfo/74/teken
+usr/lib/terminfo/74/teleray
+usr/lib/terminfo/74/teletec
+usr/lib/terminfo/74/teraterm
+usr/lib/terminfo/74/teraterm-256color
+usr/lib/terminfo/74/teraterm2.3
+usr/lib/terminfo/74/teraterm4.59
+usr/lib/terminfo/74/teraterm4.97
+usr/lib/terminfo/74/terminator
+usr/lib/terminfo/74/terminet
+usr/lib/terminfo/74/terminet1200
+usr/lib/terminfo/74/terminet300
+usr/lib/terminfo/74/terminology
+usr/lib/terminfo/74/terminology-0.6.1
+usr/lib/terminfo/74/terminology-1.0.0
+usr/lib/terminfo/74/termite
+usr/lib/terminfo/74/tgtelnet
+usr/lib/terminfo/74/ti700
+usr/lib/terminfo/74/ti733
+usr/lib/terminfo/74/ti735
+usr/lib/terminfo/74/ti745
+usr/lib/terminfo/74/ti800
+usr/lib/terminfo/74/ti916
+usr/lib/terminfo/74/ti916-132
+usr/lib/terminfo/74/ti916-220-7
+usr/lib/terminfo/74/ti916-220-8
+usr/lib/terminfo/74/ti916-8
+usr/lib/terminfo/74/ti916-8-132
+usr/lib/terminfo/74/ti924
+usr/lib/terminfo/74/ti924-8
+usr/lib/terminfo/74/ti924-8w
+usr/lib/terminfo/74/ti924w
+usr/lib/terminfo/74/ti926
+usr/lib/terminfo/74/ti926-8
+usr/lib/terminfo/74/ti928
+usr/lib/terminfo/74/ti928-8
+usr/lib/terminfo/74/ti931
+usr/lib/terminfo/74/ti_ansi
+usr/lib/terminfo/74/tkterm
+usr/lib/terminfo/74/tmux
+usr/lib/terminfo/74/tmux-256color
+usr/lib/terminfo/74/tn1200
+usr/lib/terminfo/74/tn300
+usr/lib/terminfo/74/trs16
+usr/lib/terminfo/74/trs2
+usr/lib/terminfo/74/trs80II
+usr/lib/terminfo/74/trsII
+usr/lib/terminfo/74/ts-1
+usr/lib/terminfo/74/ts-1p
+usr/lib/terminfo/74/ts1
+usr/lib/terminfo/74/ts100
+usr/lib/terminfo/74/ts100-ctxt
+usr/lib/terminfo/74/ts100-sp
+usr/lib/terminfo/74/ts1p
+usr/lib/terminfo/74/tt
+usr/lib/terminfo/74/tt505-22
+usr/lib/terminfo/74/tt52
+usr/lib/terminfo/74/tty33
+usr/lib/terminfo/74/tty35
+usr/lib/terminfo/74/tty37
+usr/lib/terminfo/74/tty40
+usr/lib/terminfo/74/tty43
+usr/lib/terminfo/74/tty4420
+usr/lib/terminfo/74/tty4424
+usr/lib/terminfo/74/tty4424-1
+usr/lib/terminfo/74/tty4424m
+usr/lib/terminfo/74/tty4426
+usr/lib/terminfo/74/tty5410
+usr/lib/terminfo/74/tty5410-w
+usr/lib/terminfo/74/tty5410v1
+usr/lib/terminfo/74/tty5410v1-w
+usr/lib/terminfo/74/tty5420
+usr/lib/terminfo/74/tty5420+nl
+usr/lib/terminfo/74/tty5420-nl
+usr/lib/terminfo/74/tty5420-rv
+usr/lib/terminfo/74/tty5420-rv-nl
+usr/lib/terminfo/74/tty5420-w
+usr/lib/terminfo/74/tty5420-w-nl
+usr/lib/terminfo/74/tty5420-w-rv
+usr/lib/terminfo/74/tty5420-w-rv-n
+usr/lib/terminfo/74/tty5425
+usr/lib/terminfo/74/tty5425-nl
+usr/lib/terminfo/74/tty5425-w
+usr/lib/terminfo/74/tty5620
+usr/lib/terminfo/74/tty5620-1
+usr/lib/terminfo/74/tty5620-24
+usr/lib/terminfo/74/tty5620-34
+usr/lib/terminfo/74/tty5620-s
+usr/lib/terminfo/74/ttydmd
+usr/lib/terminfo/74/tvi803
+usr/lib/terminfo/74/tvi9065
+usr/lib/terminfo/74/tvi910
+usr/lib/terminfo/74/tvi910+
+usr/lib/terminfo/74/tvi912
+usr/lib/terminfo/74/tvi912b
+usr/lib/terminfo/74/tvi912b+2p
+usr/lib/terminfo/74/tvi912b+dim
+usr/lib/terminfo/74/tvi912b+mc
+usr/lib/terminfo/74/tvi912b+printer
+usr/lib/terminfo/74/tvi912b+vb
+usr/lib/terminfo/74/tvi912b-2p
+usr/lib/terminfo/74/tvi912b-2p-mc
+usr/lib/terminfo/74/tvi912b-2p-p
+usr/lib/terminfo/74/tvi912b-2p-unk
+usr/lib/terminfo/74/tvi912b-mc
+usr/lib/terminfo/74/tvi912b-mc-2p
+usr/lib/terminfo/74/tvi912b-mc-vb
+usr/lib/terminfo/74/tvi912b-p
+usr/lib/terminfo/74/tvi912b-p-2p
+usr/lib/terminfo/74/tvi912b-p-vb
+usr/lib/terminfo/74/tvi912b-unk
+usr/lib/terminfo/74/tvi912b-unk-2p
+usr/lib/terminfo/74/tvi912b-unk-vb
+usr/lib/terminfo/74/tvi912b-vb
+usr/lib/terminfo/74/tvi912b-vb-mc
+usr/lib/terminfo/74/tvi912b-vb-p
+usr/lib/terminfo/74/tvi912b-vb-unk
+usr/lib/terminfo/74/tvi912c
+usr/lib/terminfo/74/tvi912c-2p
+usr/lib/terminfo/74/tvi912c-2p-mc
+usr/lib/terminfo/74/tvi912c-2p-p
+usr/lib/terminfo/74/tvi912c-2p-unk
+usr/lib/terminfo/74/tvi912c-mc
+usr/lib/terminfo/74/tvi912c-mc-2p
+usr/lib/terminfo/74/tvi912c-mc-vb
+usr/lib/terminfo/74/tvi912c-p
+usr/lib/terminfo/74/tvi912c-p-2p
+usr/lib/terminfo/74/tvi912c-p-vb
+usr/lib/terminfo/74/tvi912c-unk
+usr/lib/terminfo/74/tvi912c-unk-2p
+usr/lib/terminfo/74/tvi912c-unk-vb
+usr/lib/terminfo/74/tvi912c-vb
+usr/lib/terminfo/74/tvi912c-vb-mc
+usr/lib/terminfo/74/tvi912c-vb-p
+usr/lib/terminfo/74/tvi912c-vb-unk
+usr/lib/terminfo/74/tvi912cc
+usr/lib/terminfo/74/tvi914
+usr/lib/terminfo/74/tvi920
+usr/lib/terminfo/74/tvi920b
+usr/lib/terminfo/74/tvi920b+fn
+usr/lib/terminfo/74/tvi920b-2p
+usr/lib/terminfo/74/tvi920b-2p-mc
+usr/lib/terminfo/74/tvi920b-2p-p
+usr/lib/terminfo/74/tvi920b-2p-unk
+usr/lib/terminfo/74/tvi920b-mc
+usr/lib/terminfo/74/tvi920b-mc-2p
+usr/lib/terminfo/74/tvi920b-mc-vb
+usr/lib/terminfo/74/tvi920b-p
+usr/lib/terminfo/74/tvi920b-p-2p
+usr/lib/terminfo/74/tvi920b-p-vb
+usr/lib/terminfo/74/tvi920b-unk
+usr/lib/terminfo/74/tvi920b-unk-2p
+usr/lib/terminfo/74/tvi920b-unk-vb
+usr/lib/terminfo/74/tvi920b-vb
+usr/lib/terminfo/74/tvi920b-vb-mc
+usr/lib/terminfo/74/tvi920b-vb-p
+usr/lib/terminfo/74/tvi920b-vb-unk
+usr/lib/terminfo/74/tvi920c
+usr/lib/terminfo/74/tvi920c-2p
+usr/lib/terminfo/74/tvi920c-2p-mc
+usr/lib/terminfo/74/tvi920c-2p-p
+usr/lib/terminfo/74/tvi920c-2p-unk
+usr/lib/terminfo/74/tvi920c-mc
+usr/lib/terminfo/74/tvi920c-mc-2p
+usr/lib/terminfo/74/tvi920c-mc-vb
+usr/lib/terminfo/74/tvi920c-p
+usr/lib/terminfo/74/tvi920c-p-2p
+usr/lib/terminfo/74/tvi920c-p-vb
+usr/lib/terminfo/74/tvi920c-unk
+usr/lib/terminfo/74/tvi920c-unk-2p
+usr/lib/terminfo/74/tvi920c-unk-vb
+usr/lib/terminfo/74/tvi920c-vb
+usr/lib/terminfo/74/tvi920c-vb-mc
+usr/lib/terminfo/74/tvi920c-vb-p
+usr/lib/terminfo/74/tvi920c-vb-unk
+usr/lib/terminfo/74/tvi921
+usr/lib/terminfo/74/tvi924
+usr/lib/terminfo/74/tvi925
+usr/lib/terminfo/74/tvi925-hi
+usr/lib/terminfo/74/tvi92B
+usr/lib/terminfo/74/tvi92D
+usr/lib/terminfo/74/tvi950
+usr/lib/terminfo/74/tvi950-2p
+usr/lib/terminfo/74/tvi950-4p
+usr/lib/terminfo/74/tvi950-rv
+usr/lib/terminfo/74/tvi950-rv-2p
+usr/lib/terminfo/74/tvi950-rv-4p
+usr/lib/terminfo/74/tvi955
+usr/lib/terminfo/74/tvi955-hb
+usr/lib/terminfo/74/tvi955-w
+usr/lib/terminfo/74/tvi970
+usr/lib/terminfo/74/tvi970-2p
+usr/lib/terminfo/74/tvi970-vb
+usr/lib/terminfo/74/tvipt
+usr/lib/terminfo/74/tw100
+usr/lib/terminfo/74/tw52
+usr/lib/terminfo/74/tw52-color
+usr/lib/terminfo/74/tw52-m
+usr/lib/terminfo/74/tws-generic
+usr/lib/terminfo/74/tws2102-sna
+usr/lib/terminfo/74/tws2103
+usr/lib/terminfo/74/tws2103-sna
+usr/lib/terminfo/75/
+usr/lib/terminfo/75/ultima2
+usr/lib/terminfo/75/ultimaII
+usr/lib/terminfo/75/uniterm
+usr/lib/terminfo/75/uniterm49
+usr/lib/terminfo/75/unixpc
+usr/lib/terminfo/75/unknown
+usr/lib/terminfo/75/uts30
+usr/lib/terminfo/75/uwin
+usr/lib/terminfo/76/
+usr/lib/terminfo/76/v200-nam
+usr/lib/terminfo/76/v320n
+usr/lib/terminfo/76/v3220
+usr/lib/terminfo/76/v5410
+usr/lib/terminfo/76/vanilla
+usr/lib/terminfo/76/vapple
+usr/lib/terminfo/76/vc103
+usr/lib/terminfo/76/vc203
+usr/lib/terminfo/76/vc303
+usr/lib/terminfo/76/vc303a
+usr/lib/terminfo/76/vc403a
+usr/lib/terminfo/76/vc404
+usr/lib/terminfo/76/vc404-s
+usr/lib/terminfo/76/vc414
+usr/lib/terminfo/76/vc414h
+usr/lib/terminfo/76/vc415
+usr/lib/terminfo/76/venix
+usr/lib/terminfo/76/versaterm
+usr/lib/terminfo/76/vi200
+usr/lib/terminfo/76/vi200-f
+usr/lib/terminfo/76/vi200-rv
+usr/lib/terminfo/76/vi300
+usr/lib/terminfo/76/vi300-old
+usr/lib/terminfo/76/vi50
+usr/lib/terminfo/76/vi500
+usr/lib/terminfo/76/vi50adm
+usr/lib/terminfo/76/vi55
+usr/lib/terminfo/76/vi550
+usr/lib/terminfo/76/vi603
+usr/lib/terminfo/76/viewdata
+usr/lib/terminfo/76/viewdata-o
+usr/lib/terminfo/76/viewdata-rv
+usr/lib/terminfo/76/viewpoint
+usr/lib/terminfo/76/viewpoint3a+
+usr/lib/terminfo/76/viewpoint60
+usr/lib/terminfo/76/viewpoint90
+usr/lib/terminfo/76/vip
+usr/lib/terminfo/76/vip-H
+usr/lib/terminfo/76/vip-Hw
+usr/lib/terminfo/76/vip-w
+usr/lib/terminfo/76/vip7800-H
+usr/lib/terminfo/76/vip7800-Hw
+usr/lib/terminfo/76/vip7800-w
+usr/lib/terminfo/76/visa50
+usr/lib/terminfo/76/visual603
+usr/lib/terminfo/76/vitty
+usr/lib/terminfo/76/vk100
+usr/lib/terminfo/76/vp3a+
+usr/lib/terminfo/76/vp60
+usr/lib/terminfo/76/vp90
+usr/lib/terminfo/76/vremote
+usr/lib/terminfo/76/vs100
+usr/lib/terminfo/76/vs100-x10
+usr/lib/terminfo/76/vsc
+usr/lib/terminfo/76/vt-61
+usr/lib/terminfo/76/vt-utf8
+usr/lib/terminfo/76/vt100
+usr/lib/terminfo/76/vt100+
+usr/lib/terminfo/76/vt100+4bsd
+usr/lib/terminfo/76/vt100+enq
+usr/lib/terminfo/76/vt100+fnkeys
+usr/lib/terminfo/76/vt100+keypad
+usr/lib/terminfo/76/vt100+pfkeys
+usr/lib/terminfo/76/vt100-am
+usr/lib/terminfo/76/vt100-bm
+usr/lib/terminfo/76/vt100-bm-o
+usr/lib/terminfo/76/vt100-bot-s
+usr/lib/terminfo/76/vt100-nam
+usr/lib/terminfo/76/vt100-nam-w
+usr/lib/terminfo/76/vt100-nav
+usr/lib/terminfo/76/vt100-nav-w
+usr/lib/terminfo/76/vt100-putty
+usr/lib/terminfo/76/vt100-s
+usr/lib/terminfo/76/vt100-s-bot
+usr/lib/terminfo/76/vt100-s-top
+usr/lib/terminfo/76/vt100-top-s
+usr/lib/terminfo/76/vt100-vb
+usr/lib/terminfo/76/vt100-w
+usr/lib/terminfo/76/vt100-w-am
+usr/lib/terminfo/76/vt100-w-nam
+usr/lib/terminfo/76/vt100-w-nav
+usr/lib/terminfo/76/vt100nam
+usr/lib/terminfo/76/vt102
+usr/lib/terminfo/76/vt102+enq
+usr/lib/terminfo/76/vt102-nsgr
+usr/lib/terminfo/76/vt102-w
+usr/lib/terminfo/76/vt125
+usr/lib/terminfo/76/vt131
+usr/lib/terminfo/76/vt132
+usr/lib/terminfo/76/vt200
+usr/lib/terminfo/76/vt200-8
+usr/lib/terminfo/76/vt200-8bit
+usr/lib/terminfo/76/vt200-js
+usr/lib/terminfo/76/vt200-old
+usr/lib/terminfo/76/vt200-w
+usr/lib/terminfo/76/vt220
+usr/lib/terminfo/76/vt220+keypad
+usr/lib/terminfo/76/vt220-8
+usr/lib/terminfo/76/vt220-8bit
+usr/lib/terminfo/76/vt220-js
+usr/lib/terminfo/76/vt220-nam
+usr/lib/terminfo/76/vt220-old
+usr/lib/terminfo/76/vt220-w
+usr/lib/terminfo/76/vt220d
+usr/lib/terminfo/76/vt300
+usr/lib/terminfo/76/vt300-nam
+usr/lib/terminfo/76/vt300-w
+usr/lib/terminfo/76/vt300-w-nam
+usr/lib/terminfo/76/vt320
+usr/lib/terminfo/76/vt320-k3
+usr/lib/terminfo/76/vt320-k311
+usr/lib/terminfo/76/vt320-nam
+usr/lib/terminfo/76/vt320-w
+usr/lib/terminfo/76/vt320-w-nam
+usr/lib/terminfo/76/vt320nam
+usr/lib/terminfo/76/vt330
+usr/lib/terminfo/76/vt340
+usr/lib/terminfo/76/vt400
+usr/lib/terminfo/76/vt400-24
+usr/lib/terminfo/76/vt420
+usr/lib/terminfo/76/vt420f
+usr/lib/terminfo/76/vt420pc
+usr/lib/terminfo/76/vt420pcdos
+usr/lib/terminfo/76/vt50
+usr/lib/terminfo/76/vt50h
+usr/lib/terminfo/76/vt510
+usr/lib/terminfo/76/vt510pc
+usr/lib/terminfo/76/vt510pcdos
+usr/lib/terminfo/76/vt52
+usr/lib/terminfo/76/vt520
+usr/lib/terminfo/76/vt520ansi
+usr/lib/terminfo/76/vt525
+usr/lib/terminfo/76/vt61
+usr/lib/terminfo/76/vt61.5
+usr/lib/terminfo/76/vte
+usr/lib/terminfo/76/vte+pcfkeys
+usr/lib/terminfo/76/vte-2007
+usr/lib/terminfo/76/vte-2008
+usr/lib/terminfo/76/vte-2012
+usr/lib/terminfo/76/vte-2014
+usr/lib/terminfo/76/vte-2017
+usr/lib/terminfo/76/vte-256color
+usr/lib/terminfo/76/vte-direct
+usr/lib/terminfo/76/vtnt
+usr/lib/terminfo/76/vv100
+usr/lib/terminfo/76/vwmterm
+usr/lib/terminfo/77/
+usr/lib/terminfo/77/wren
+usr/lib/terminfo/77/wrenw
+usr/lib/terminfo/77/wsiris
+usr/lib/terminfo/77/wsvt25
+usr/lib/terminfo/77/wsvt25m
+usr/lib/terminfo/77/wy-75ap
+usr/lib/terminfo/77/wy-99fgt
+usr/lib/terminfo/77/wy-99fgta
+usr/lib/terminfo/77/wy100
+usr/lib/terminfo/77/wy100q
+usr/lib/terminfo/77/wy120
+usr/lib/terminfo/77/wy120-25
+usr/lib/terminfo/77/wy120-25-w
+usr/lib/terminfo/77/wy120-vb
+usr/lib/terminfo/77/wy120-w
+usr/lib/terminfo/77/wy120-w-vb
+usr/lib/terminfo/77/wy120-wvb
+usr/lib/terminfo/77/wy150
+usr/lib/terminfo/77/wy150-25
+usr/lib/terminfo/77/wy150-25-w
+usr/lib/terminfo/77/wy150-vb
+usr/lib/terminfo/77/wy150-w
+usr/lib/terminfo/77/wy150-w-vb
+usr/lib/terminfo/77/wy160
+usr/lib/terminfo/77/wy160-25
+usr/lib/terminfo/77/wy160-25-w
+usr/lib/terminfo/77/wy160-42
+usr/lib/terminfo/77/wy160-42-w
+usr/lib/terminfo/77/wy160-43
+usr/lib/terminfo/77/wy160-43-w
+usr/lib/terminfo/77/wy160-tek
+usr/lib/terminfo/77/wy160-vb
+usr/lib/terminfo/77/wy160-w
+usr/lib/terminfo/77/wy160-w-vb
+usr/lib/terminfo/77/wy160-wvb
+usr/lib/terminfo/77/wy185
+usr/lib/terminfo/77/wy185-24
+usr/lib/terminfo/77/wy185-vb
+usr/lib/terminfo/77/wy185-w
+usr/lib/terminfo/77/wy185-wvb
+usr/lib/terminfo/77/wy30
+usr/lib/terminfo/77/wy30-mc
+usr/lib/terminfo/77/wy30-vb
+usr/lib/terminfo/77/wy325
+usr/lib/terminfo/77/wy325-25
+usr/lib/terminfo/77/wy325-25w
+usr/lib/terminfo/77/wy325-42
+usr/lib/terminfo/77/wy325-42w
+usr/lib/terminfo/77/wy325-42w-vb
+usr/lib/terminfo/77/wy325-42wvb
+usr/lib/terminfo/77/wy325-43
+usr/lib/terminfo/77/wy325-43w
+usr/lib/terminfo/77/wy325-43w-vb
+usr/lib/terminfo/77/wy325-43wvb
+usr/lib/terminfo/77/wy325-80
+usr/lib/terminfo/77/wy325-vb
+usr/lib/terminfo/77/wy325-w
+usr/lib/terminfo/77/wy325-w-vb
+usr/lib/terminfo/77/wy325-wvb
+usr/lib/terminfo/77/wy325w-24
+usr/lib/terminfo/77/wy350
+usr/lib/terminfo/77/wy350-vb
+usr/lib/terminfo/77/wy350-w
+usr/lib/terminfo/77/wy350-wvb
+usr/lib/terminfo/77/wy370
+usr/lib/terminfo/77/wy370-101k
+usr/lib/terminfo/77/wy370-105k
+usr/lib/terminfo/77/wy370-EPC
+usr/lib/terminfo/77/wy370-nk
+usr/lib/terminfo/77/wy370-rv
+usr/lib/terminfo/77/wy370-tek
+usr/lib/terminfo/77/wy370-vb
+usr/lib/terminfo/77/wy370-w
+usr/lib/terminfo/77/wy370-wvb
+usr/lib/terminfo/77/wy50
+usr/lib/terminfo/77/wy50-mc
+usr/lib/terminfo/77/wy50-vb
+usr/lib/terminfo/77/wy50-w
+usr/lib/terminfo/77/wy50-wvb
+usr/lib/terminfo/77/wy520
+usr/lib/terminfo/77/wy520-24
+usr/lib/terminfo/77/wy520-36
+usr/lib/terminfo/77/wy520-36pc
+usr/lib/terminfo/77/wy520-36w
+usr/lib/terminfo/77/wy520-36wpc
+usr/lib/terminfo/77/wy520-48
+usr/lib/terminfo/77/wy520-48pc
+usr/lib/terminfo/77/wy520-48w
+usr/lib/terminfo/77/wy520-48wpc
+usr/lib/terminfo/77/wy520-epc
+usr/lib/terminfo/77/wy520-epc-24
+usr/lib/terminfo/77/wy520-epc-vb
+usr/lib/terminfo/77/wy520-epc-w
+usr/lib/terminfo/77/wy520-epc-wvb
+usr/lib/terminfo/77/wy520-vb
+usr/lib/terminfo/77/wy520-w
+usr/lib/terminfo/77/wy520-wvb
+usr/lib/terminfo/77/wy60
+usr/lib/terminfo/77/wy60-25
+usr/lib/terminfo/77/wy60-25-w
+usr/lib/terminfo/77/wy60-316X
+usr/lib/terminfo/77/wy60-42
+usr/lib/terminfo/77/wy60-42-w
+usr/lib/terminfo/77/wy60-43
+usr/lib/terminfo/77/wy60-43-w
+usr/lib/terminfo/77/wy60-AT
+usr/lib/terminfo/77/wy60-PC
+usr/lib/terminfo/77/wy60-vb
+usr/lib/terminfo/77/wy60-w
+usr/lib/terminfo/77/wy60-w-vb
+usr/lib/terminfo/77/wy60-wvb
+usr/lib/terminfo/77/wy75
+usr/lib/terminfo/77/wy75-mc
+usr/lib/terminfo/77/wy75-vb
+usr/lib/terminfo/77/wy75-w
+usr/lib/terminfo/77/wy75-wvb
+usr/lib/terminfo/77/wy75ap
+usr/lib/terminfo/77/wy85
+usr/lib/terminfo/77/wy85-8bit
+usr/lib/terminfo/77/wy85-vb
+usr/lib/terminfo/77/wy85-w
+usr/lib/terminfo/77/wy85-wvb
+usr/lib/terminfo/77/wy99-ansi
+usr/lib/terminfo/77/wy99a-ansi
+usr/lib/terminfo/77/wy99f
+usr/lib/terminfo/77/wy99fa
+usr/lib/terminfo/77/wy99fgt
+usr/lib/terminfo/77/wy99fgta
+usr/lib/terminfo/77/wy99gt
+usr/lib/terminfo/77/wy99gt-25
+usr/lib/terminfo/77/wy99gt-25-w
+usr/lib/terminfo/77/wy99gt-tek
+usr/lib/terminfo/77/wy99gt-vb
+usr/lib/terminfo/77/wy99gt-w
+usr/lib/terminfo/77/wy99gt-w-vb
+usr/lib/terminfo/77/wy99gt-wvb
+usr/lib/terminfo/77/wyse-325
+usr/lib/terminfo/77/wyse-75ap
+usr/lib/terminfo/77/wyse-vp
+usr/lib/terminfo/77/wyse120
+usr/lib/terminfo/77/wyse120-25
+usr/lib/terminfo/77/wyse120-25-w
+usr/lib/terminfo/77/wyse120-vb
+usr/lib/terminfo/77/wyse120-w
+usr/lib/terminfo/77/wyse120-wvb
+usr/lib/terminfo/77/wyse150
+usr/lib/terminfo/77/wyse150-25
+usr/lib/terminfo/77/wyse150-25-w
+usr/lib/terminfo/77/wyse150-vb
+usr/lib/terminfo/77/wyse150-w
+usr/lib/terminfo/77/wyse150-w-vb
+usr/lib/terminfo/77/wyse160
+usr/lib/terminfo/77/wyse160-25
+usr/lib/terminfo/77/wyse160-25-w
+usr/lib/terminfo/77/wyse160-42
+usr/lib/terminfo/77/wyse160-42-w
+usr/lib/terminfo/77/wyse160-43
+usr/lib/terminfo/77/wyse160-43-w
+usr/lib/terminfo/77/wyse160-vb
+usr/lib/terminfo/77/wyse160-w
+usr/lib/terminfo/77/wyse160-wvb
+usr/lib/terminfo/77/wyse185
+usr/lib/terminfo/77/wyse185-24
+usr/lib/terminfo/77/wyse185-vb
+usr/lib/terminfo/77/wyse185-w
+usr/lib/terminfo/77/wyse185-wvb
+usr/lib/terminfo/77/wyse30
+usr/lib/terminfo/77/wyse30-mc
+usr/lib/terminfo/77/wyse30-vb
+usr/lib/terminfo/77/wyse325
+usr/lib/terminfo/77/wyse325-25
+usr/lib/terminfo/77/wyse325-25w
+usr/lib/terminfo/77/wyse325-42
+usr/lib/terminfo/77/wyse325-42w
+usr/lib/terminfo/77/wyse325-43
+usr/lib/terminfo/77/wyse325-43w
+usr/lib/terminfo/77/wyse325-vb
+usr/lib/terminfo/77/wyse325-w
+usr/lib/terminfo/77/wyse325-wvb
+usr/lib/terminfo/77/wyse350
+usr/lib/terminfo/77/wyse350-vb
+usr/lib/terminfo/77/wyse350-w
+usr/lib/terminfo/77/wyse350-wvb
+usr/lib/terminfo/77/wyse370
+usr/lib/terminfo/77/wyse50
+usr/lib/terminfo/77/wyse50-mc
+usr/lib/terminfo/77/wyse50-vb
+usr/lib/terminfo/77/wyse50-w
+usr/lib/terminfo/77/wyse50-wvb
+usr/lib/terminfo/77/wyse520
+usr/lib/terminfo/77/wyse520-24
+usr/lib/terminfo/77/wyse520-36
+usr/lib/terminfo/77/wyse520-36pc
+usr/lib/terminfo/77/wyse520-36w
+usr/lib/terminfo/77/wyse520-36wpc
+usr/lib/terminfo/77/wyse520-48
+usr/lib/terminfo/77/wyse520-48pc
+usr/lib/terminfo/77/wyse520-48w
+usr/lib/terminfo/77/wyse520-48wpc
+usr/lib/terminfo/77/wyse520-epc
+usr/lib/terminfo/77/wyse520-epc-w
+usr/lib/terminfo/77/wyse520-p-wvb
+usr/lib/terminfo/77/wyse520-pc-24
+usr/lib/terminfo/77/wyse520-pc-vb
+usr/lib/terminfo/77/wyse520-vb
+usr/lib/terminfo/77/wyse520-w
+usr/lib/terminfo/77/wyse520-wvb
+usr/lib/terminfo/77/wyse60
+usr/lib/terminfo/77/wyse60-25
+usr/lib/terminfo/77/wyse60-25-w
+usr/lib/terminfo/77/wyse60-316X
+usr/lib/terminfo/77/wyse60-42
+usr/lib/terminfo/77/wyse60-42-w
+usr/lib/terminfo/77/wyse60-43
+usr/lib/terminfo/77/wyse60-43-w
+usr/lib/terminfo/77/wyse60-AT
+usr/lib/terminfo/77/wyse60-PC
+usr/lib/terminfo/77/wyse60-vb
+usr/lib/terminfo/77/wyse60-w
+usr/lib/terminfo/77/wyse60-wvb
+usr/lib/terminfo/77/wyse75
+usr/lib/terminfo/77/wyse75-mc
+usr/lib/terminfo/77/wyse75-vb
+usr/lib/terminfo/77/wyse75-w
+usr/lib/terminfo/77/wyse75-wvb
+usr/lib/terminfo/77/wyse75ap
+usr/lib/terminfo/77/wyse85
+usr/lib/terminfo/77/wyse85-8bit
+usr/lib/terminfo/77/wyse85-vb
+usr/lib/terminfo/77/wyse85-w
+usr/lib/terminfo/77/wyse85-wvb
+usr/lib/terminfo/77/wyse99gt
+usr/lib/terminfo/77/wyse99gt-25
+usr/lib/terminfo/77/wyse99gt-25-w
+usr/lib/terminfo/77/wyse99gt-vb
+usr/lib/terminfo/77/wyse99gt-w
+usr/lib/terminfo/77/wyse99gt-wvb
+usr/lib/terminfo/78/
+usr/lib/terminfo/78/x10term
+usr/lib/terminfo/78/x1700
+usr/lib/terminfo/78/x1700-lm
+usr/lib/terminfo/78/x1720
+usr/lib/terminfo/78/x1750
+usr/lib/terminfo/78/x68k
+usr/lib/terminfo/78/x68k-ite
+usr/lib/terminfo/78/x820
+usr/lib/terminfo/78/xdku
+usr/lib/terminfo/78/xenix
+usr/lib/terminfo/78/xerox
+usr/lib/terminfo/78/xerox-lm
+usr/lib/terminfo/78/xerox1720
+usr/lib/terminfo/78/xerox820
+usr/lib/terminfo/78/xfce
+usr/lib/terminfo/78/xiterm
+usr/lib/terminfo/78/xl83
+usr/lib/terminfo/78/xnuppc
+usr/lib/terminfo/78/xnuppc+100x37
+usr/lib/terminfo/78/xnuppc+112x37
+usr/lib/terminfo/78/xnuppc+128x40
+usr/lib/terminfo/78/xnuppc+128x48
+usr/lib/terminfo/78/xnuppc+144x48
+usr/lib/terminfo/78/xnuppc+160x64
+usr/lib/terminfo/78/xnuppc+200x64
+usr/lib/terminfo/78/xnuppc+200x75
+usr/lib/terminfo/78/xnuppc+256x96
+usr/lib/terminfo/78/xnuppc+80x25
+usr/lib/terminfo/78/xnuppc+80x30
+usr/lib/terminfo/78/xnuppc+90x30
+usr/lib/terminfo/78/xnuppc+b
+usr/lib/terminfo/78/xnuppc+basic
+usr/lib/terminfo/78/xnuppc+c
+usr/lib/terminfo/78/xnuppc+f
+usr/lib/terminfo/78/xnuppc+f2
+usr/lib/terminfo/78/xnuppc-100x37
+usr/lib/terminfo/78/xnuppc-100x37-m
+usr/lib/terminfo/78/xnuppc-112x37
+usr/lib/terminfo/78/xnuppc-112x37-m
+usr/lib/terminfo/78/xnuppc-128x40
+usr/lib/terminfo/78/xnuppc-128x40-m
+usr/lib/terminfo/78/xnuppc-128x48
+usr/lib/terminfo/78/xnuppc-128x48-m
+usr/lib/terminfo/78/xnuppc-144x48
+usr/lib/terminfo/78/xnuppc-144x48-m
+usr/lib/terminfo/78/xnuppc-160x64
+usr/lib/terminfo/78/xnuppc-160x64-m
+usr/lib/terminfo/78/xnuppc-200x64
+usr/lib/terminfo/78/xnuppc-200x64-m
+usr/lib/terminfo/78/xnuppc-200x75
+usr/lib/terminfo/78/xnuppc-200x75-m
+usr/lib/terminfo/78/xnuppc-256x96
+usr/lib/terminfo/78/xnuppc-256x96-m
+usr/lib/terminfo/78/xnuppc-80x25
+usr/lib/terminfo/78/xnuppc-80x25-m
+usr/lib/terminfo/78/xnuppc-80x30
+usr/lib/terminfo/78/xnuppc-80x30-m
+usr/lib/terminfo/78/xnuppc-90x30
+usr/lib/terminfo/78/xnuppc-90x30-m
+usr/lib/terminfo/78/xnuppc-b
+usr/lib/terminfo/78/xnuppc-f
+usr/lib/terminfo/78/xnuppc-f2
+usr/lib/terminfo/78/xnuppc-m
+usr/lib/terminfo/78/xnuppc-m-b
+usr/lib/terminfo/78/xnuppc-m-f
+usr/lib/terminfo/78/xnuppc-m-f2
+usr/lib/terminfo/78/xtalk
+usr/lib/terminfo/78/xterm
+usr/lib/terminfo/78/xterm+256color
+usr/lib/terminfo/78/xterm+256setaf
+usr/lib/terminfo/78/xterm+88color
+usr/lib/terminfo/78/xterm+alt+title
+usr/lib/terminfo/78/xterm+alt1049
+usr/lib/terminfo/78/xterm+app
+usr/lib/terminfo/78/xterm+direct
+usr/lib/terminfo/78/xterm+direct2
+usr/lib/terminfo/78/xterm+edit
+usr/lib/terminfo/78/xterm+indirect
+usr/lib/terminfo/78/xterm+kbs
+usr/lib/terminfo/78/xterm+noalt
+usr/lib/terminfo/78/xterm+noapp
+usr/lib/terminfo/78/xterm+pc+edit
+usr/lib/terminfo/78/xterm+pcc0
+usr/lib/terminfo/78/xterm+pcc1
+usr/lib/terminfo/78/xterm+pcc2
+usr/lib/terminfo/78/xterm+pcc3
+usr/lib/terminfo/78/xterm+pce2
+usr/lib/terminfo/78/xterm+pcf0
+usr/lib/terminfo/78/xterm+pcf2
+usr/lib/terminfo/78/xterm+pcfkeys
+usr/lib/terminfo/78/xterm+r6f2
+usr/lib/terminfo/78/xterm+sl
+usr/lib/terminfo/78/xterm+sl-twm
+usr/lib/terminfo/78/xterm+sm+1002
+usr/lib/terminfo/78/xterm+sm+1003
+usr/lib/terminfo/78/xterm+sm+1005
+usr/lib/terminfo/78/xterm+sm+1006
+usr/lib/terminfo/78/xterm+titlestack
+usr/lib/terminfo/78/xterm+tmux
+usr/lib/terminfo/78/xterm+vt+edit
+usr/lib/terminfo/78/xterm+x10mouse
+usr/lib/terminfo/78/xterm+x11hilite
+usr/lib/terminfo/78/xterm+x11mouse
+usr/lib/terminfo/78/xterm-1002
+usr/lib/terminfo/78/xterm-1003
+usr/lib/terminfo/78/xterm-1005
+usr/lib/terminfo/78/xterm-1006
+usr/lib/terminfo/78/xterm-16color
+usr/lib/terminfo/78/xterm-24
+usr/lib/terminfo/78/xterm-256color
+usr/lib/terminfo/78/xterm-88color
+usr/lib/terminfo/78/xterm-8bit
+usr/lib/terminfo/78/xterm-basic
+usr/lib/terminfo/78/xterm-bold
+usr/lib/terminfo/78/xterm-color
+usr/lib/terminfo/78/xterm-direct
+usr/lib/terminfo/78/xterm-direct2
+usr/lib/terminfo/78/xterm-hp
+usr/lib/terminfo/78/xterm-new
+usr/lib/terminfo/78/xterm-nic
+usr/lib/terminfo/78/xterm-noapp
+usr/lib/terminfo/78/xterm-old
+usr/lib/terminfo/78/xterm-pcolor
+usr/lib/terminfo/78/xterm-r5
+usr/lib/terminfo/78/xterm-r6
+usr/lib/terminfo/78/xterm-sco
+usr/lib/terminfo/78/xterm-sun
+usr/lib/terminfo/78/xterm-utf8
+usr/lib/terminfo/78/xterm-vt220
+usr/lib/terminfo/78/xterm-vt52
+usr/lib/terminfo/78/xterm-x10mouse
+usr/lib/terminfo/78/xterm-x11hilite
+usr/lib/terminfo/78/xterm-x11mouse
+usr/lib/terminfo/78/xterm-xf86-v32
+usr/lib/terminfo/78/xterm-xf86-v33
+usr/lib/terminfo/78/xterm-xf86-v333
+usr/lib/terminfo/78/xterm-xf86-v40
+usr/lib/terminfo/78/xterm-xf86-v43
+usr/lib/terminfo/78/xterm-xf86-v44
+usr/lib/terminfo/78/xterm-xfree86
+usr/lib/terminfo/78/xterm-xi
+usr/lib/terminfo/78/xterm1
+usr/lib/terminfo/78/xtermc
+usr/lib/terminfo/78/xtermm
+usr/lib/terminfo/78/xterms
+usr/lib/terminfo/78/xterms-sun
+usr/lib/terminfo/78/xwsh
+usr/lib/terminfo/7a/
+usr/lib/terminfo/7a/z-100
+usr/lib/terminfo/7a/z-100bw
+usr/lib/terminfo/7a/z100
+usr/lib/terminfo/7a/z100bw
+usr/lib/terminfo/7a/z110
+usr/lib/terminfo/7a/z110bw
+usr/lib/terminfo/7a/z19
+usr/lib/terminfo/7a/z29
+usr/lib/terminfo/7a/z29a
+usr/lib/terminfo/7a/z29a-kc-bc
+usr/lib/terminfo/7a/z29a-kc-uc
+usr/lib/terminfo/7a/z29a-nkc-bc
+usr/lib/terminfo/7a/z29a-nkc-uc
+usr/lib/terminfo/7a/z29b
+usr/lib/terminfo/7a/z30
+usr/lib/terminfo/7a/z340
+usr/lib/terminfo/7a/z340-nam
+usr/lib/terminfo/7a/z39-a
+usr/lib/terminfo/7a/z39a
+usr/lib/terminfo/7a/z50
+usr/lib/terminfo/7a/z8001
+usr/lib/terminfo/7a/zen30
+usr/lib/terminfo/7a/zen50
+usr/lib/terminfo/7a/zen8001
+usr/lib/terminfo/7a/zenith
+usr/lib/terminfo/7a/zenith29
+usr/lib/terminfo/7a/zenith39-a
+usr/lib/terminfo/7a/zenith39-ansi
+usr/lib/terminfo/7a/zt-1
+usr/lib/terminfo/7a/ztx
+usr/lib/terminfo/7a/ztx-1-a
+usr/lib/terminfo/7a/ztx11
+usr/share/
+usr/share/licenses/
+usr/share/licenses/ncurses/
+usr/share/licenses/ncurses/license.txt
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/captoinfo.1m.gz
+usr/share/man/man1/clear.1.gz
+usr/share/man/man1/infocmp.1m.gz
+usr/share/man/man1/infotocap.1m.gz
+usr/share/man/man1/ncursesw6-config.1.gz
+usr/share/man/man1/reset.1.gz
+usr/share/man/man1/tabs.1.gz
+usr/share/man/man1/tic.1m.gz
+usr/share/man/man1/toe.1m.gz
+usr/share/man/man1/tput.1.gz
+usr/share/man/man1/tset.1.gz
+usr/share/man/man3/
+usr/share/man/man3/_nc_free_and_exit.3x.gz
+usr/share/man/man3/_nc_free_tinfo.3x.gz
+usr/share/man/man3/_nc_freeall.3x.gz
+usr/share/man/man3/_nc_tracebits.3x.gz
+usr/share/man/man3/_traceattr.3x.gz
+usr/share/man/man3/_traceattr2.3x.gz
+usr/share/man/man3/_tracecchar_t.3x.gz
+usr/share/man/man3/_tracecchar_t2.3x.gz
+usr/share/man/man3/_tracechar.3x.gz
+usr/share/man/man3/_tracechtype.3x.gz
+usr/share/man/man3/_tracechtype2.3x.gz
+usr/share/man/man3/_tracedump.3x.gz
+usr/share/man/man3/_tracef.3x.gz
+usr/share/man/man3/_tracemouse.3x.gz
+usr/share/man/man3/acs_map.3x.gz
+usr/share/man/man3/add_wch.3x.gz
+usr/share/man/man3/add_wchnstr.3x.gz
+usr/share/man/man3/add_wchstr.3x.gz
+usr/share/man/man3/addch.3x.gz
+usr/share/man/man3/addchnstr.3x.gz
+usr/share/man/man3/addchstr.3x.gz
+usr/share/man/man3/addnstr.3x.gz
+usr/share/man/man3/addnwstr.3x.gz
+usr/share/man/man3/addstr.3x.gz
+usr/share/man/man3/addwstr.3x.gz
+usr/share/man/man3/alloc_pair.3x.gz
+usr/share/man/man3/alloc_pair_sp.3x.gz
+usr/share/man/man3/assume_default_colors.3x.gz
+usr/share/man/man3/assume_default_colors_sp.3x.gz
+usr/share/man/man3/attr_get.3x.gz
+usr/share/man/man3/attr_off.3x.gz
+usr/share/man/man3/attr_on.3x.gz
+usr/share/man/man3/attr_set.3x.gz
+usr/share/man/man3/attroff.3x.gz
+usr/share/man/man3/attron.3x.gz
+usr/share/man/man3/attrset.3x.gz
+usr/share/man/man3/baudrate.3x.gz
+usr/share/man/man3/baudrate_sp.3x.gz
+usr/share/man/man3/BC.3x.gz
+usr/share/man/man3/beep.3x.gz
+usr/share/man/man3/beep_sp.3x.gz
+usr/share/man/man3/bkgd.3x.gz
+usr/share/man/man3/bkgdset.3x.gz
+usr/share/man/man3/bkgrnd.3x.gz
+usr/share/man/man3/bkgrndset.3x.gz
+usr/share/man/man3/boolcodes.3x.gz
+usr/share/man/man3/boolfnames.3x.gz
+usr/share/man/man3/boolnames.3x.gz
+usr/share/man/man3/border.3x.gz
+usr/share/man/man3/border_set.3x.gz
+usr/share/man/man3/bottom_panel.3x.gz
+usr/share/man/man3/box.3x.gz
+usr/share/man/man3/box_set.3x.gz
+usr/share/man/man3/can_change_color.3x.gz
+usr/share/man/man3/can_change_color_sp.3x.gz
+usr/share/man/man3/cbreak.3x.gz
+usr/share/man/man3/cbreak_sp.3x.gz
+usr/share/man/man3/ceiling_panel.3x.gz
+usr/share/man/man3/chgat.3x.gz
+usr/share/man/man3/clear.3x.gz
+usr/share/man/man3/clearok.3x.gz
+usr/share/man/man3/clrtobot.3x.gz
+usr/share/man/man3/clrtoeol.3x.gz
+usr/share/man/man3/color_content.3x.gz
+usr/share/man/man3/color_content_sp.3x.gz
+usr/share/man/man3/COLOR_PAIR.3x.gz
+usr/share/man/man3/COLOR_PAIRS.3x.gz
+usr/share/man/man3/color_set.3x.gz
+usr/share/man/man3/COLORS.3x.gz
+usr/share/man/man3/COLS.3x.gz
+usr/share/man/man3/copywin.3x.gz
+usr/share/man/man3/cur_term.3x.gz
+usr/share/man/man3/current_field.3x.gz
+usr/share/man/man3/current_item.3x.gz
+usr/share/man/man3/curs_add_wch.3x.gz
+usr/share/man/man3/curs_add_wchstr.3x.gz
+usr/share/man/man3/curs_addch.3x.gz
+usr/share/man/man3/curs_addchstr.3x.gz
+usr/share/man/man3/curs_addstr.3x.gz
+usr/share/man/man3/curs_addwstr.3x.gz
+usr/share/man/man3/curs_attr.3x.gz
+usr/share/man/man3/curs_beep.3x.gz
+usr/share/man/man3/curs_bkgd.3x.gz
+usr/share/man/man3/curs_bkgrnd.3x.gz
+usr/share/man/man3/curs_border.3x.gz
+usr/share/man/man3/curs_border_set.3x.gz
+usr/share/man/man3/curs_clear.3x.gz
+usr/share/man/man3/curs_color.3x.gz
+usr/share/man/man3/curs_delch.3x.gz
+usr/share/man/man3/curs_deleteln.3x.gz
+usr/share/man/man3/curs_extend.3x.gz
+usr/share/man/man3/curs_get_wch.3x.gz
+usr/share/man/man3/curs_get_wstr.3x.gz
+usr/share/man/man3/curs_getcchar.3x.gz
+usr/share/man/man3/curs_getch.3x.gz
+usr/share/man/man3/curs_getstr.3x.gz
+usr/share/man/man3/curs_getyx.3x.gz
+usr/share/man/man3/curs_in_wch.3x.gz
+usr/share/man/man3/curs_in_wchstr.3x.gz
+usr/share/man/man3/curs_inch.3x.gz
+usr/share/man/man3/curs_inchstr.3x.gz
+usr/share/man/man3/curs_initscr.3x.gz
+usr/share/man/man3/curs_inopts.3x.gz
+usr/share/man/man3/curs_ins_wch.3x.gz
+usr/share/man/man3/curs_ins_wstr.3x.gz
+usr/share/man/man3/curs_insch.3x.gz
+usr/share/man/man3/curs_insstr.3x.gz
+usr/share/man/man3/curs_instr.3x.gz
+usr/share/man/man3/curs_inwstr.3x.gz
+usr/share/man/man3/curs_kernel.3x.gz
+usr/share/man/man3/curs_legacy.3x.gz
+usr/share/man/man3/curs_memleaks.3x.gz
+usr/share/man/man3/curs_mouse.3x.gz
+usr/share/man/man3/curs_move.3x.gz
+usr/share/man/man3/curs_opaque.3x.gz
+usr/share/man/man3/curs_outopts.3x.gz
+usr/share/man/man3/curs_overlay.3x.gz
+usr/share/man/man3/curs_pad.3x.gz
+usr/share/man/man3/curs_print.3x.gz
+usr/share/man/man3/curs_printw.3x.gz
+usr/share/man/man3/curs_refresh.3x.gz
+usr/share/man/man3/curs_scanw.3x.gz
+usr/share/man/man3/curs_scr_dump.3x.gz
+usr/share/man/man3/curs_scroll.3x.gz
+usr/share/man/man3/curs_set.3x.gz
+usr/share/man/man3/curs_set_sp.3x.gz
+usr/share/man/man3/curs_slk.3x.gz
+usr/share/man/man3/curs_sp_funcs.3x.gz
+usr/share/man/man3/curs_termattrs.3x.gz
+usr/share/man/man3/curs_termcap.3x.gz
+usr/share/man/man3/curs_terminfo.3x.gz
+usr/share/man/man3/curs_threads.3x.gz
+usr/share/man/man3/curs_touch.3x.gz
+usr/share/man/man3/curs_trace.3x.gz
+usr/share/man/man3/curs_util.3x.gz
+usr/share/man/man3/curs_variables.3x.gz
+usr/share/man/man3/curs_window.3x.gz
+usr/share/man/man3/curscr.3x.gz
+usr/share/man/man3/curses.3x.gz
+usr/share/man/man3/curses_version.3x.gz
+usr/share/man/man3/data_ahead.3x.gz
+usr/share/man/man3/data_behind.3x.gz
+usr/share/man/man3/def_prog_mode.3x.gz
+usr/share/man/man3/def_prog_mode_sp.3x.gz
+usr/share/man/man3/def_shell_mode.3x.gz
+usr/share/man/man3/def_shell_mode_sp.3x.gz
+usr/share/man/man3/default_colors.3x.gz
+usr/share/man/man3/define_key.3x.gz
+usr/share/man/man3/define_key_sp.3x.gz
+usr/share/man/man3/del_curterm.3x.gz
+usr/share/man/man3/del_curterm_sp.3x.gz
+usr/share/man/man3/del_panel.3x.gz
+usr/share/man/man3/delay_output.3x.gz
+usr/share/man/man3/delay_output_sp.3x.gz
+usr/share/man/man3/delch.3x.gz
+usr/share/man/man3/deleteln.3x.gz
+usr/share/man/man3/delscreen.3x.gz
+usr/share/man/man3/delwin.3x.gz
+usr/share/man/man3/derwin.3x.gz
+usr/share/man/man3/doupdate.3x.gz
+usr/share/man/man3/doupdate_sp.3x.gz
+usr/share/man/man3/dup_field.3x.gz
+usr/share/man/man3/dupwin.3x.gz
+usr/share/man/man3/dynamic_field_info.3x.gz
+usr/share/man/man3/echo.3x.gz
+usr/share/man/man3/echo_sp.3x.gz
+usr/share/man/man3/echo_wchar.3x.gz
+usr/share/man/man3/echochar.3x.gz
+usr/share/man/man3/endwin.3x.gz
+usr/share/man/man3/endwin_sp.3x.gz
+usr/share/man/man3/erase.3x.gz
+usr/share/man/man3/erasechar.3x.gz
+usr/share/man/man3/erasechar_sp.3x.gz
+usr/share/man/man3/erasewchar.3x.gz
+usr/share/man/man3/ESCDELAY.3x.gz
+usr/share/man/man3/extended_color_content.3x.gz
+usr/share/man/man3/extended_color_content_sp.3x.gz
+usr/share/man/man3/extended_pair_content.3x.gz
+usr/share/man/man3/extended_pair_content_sp.3x.gz
+usr/share/man/man3/extended_slk_color.3x.gz
+usr/share/man/man3/extended_slk_color_sp.3x.gz
+usr/share/man/man3/field_arg.3x.gz
+usr/share/man/man3/field_back.3x.gz
+usr/share/man/man3/field_buffer.3x.gz
+usr/share/man/man3/field_count.3x.gz
+usr/share/man/man3/field_fore.3x.gz
+usr/share/man/man3/field_index.3x.gz
+usr/share/man/man3/field_info.3x.gz
+usr/share/man/man3/field_init.3x.gz
+usr/share/man/man3/field_just.3x.gz
+usr/share/man/man3/field_opts.3x.gz
+usr/share/man/man3/field_opts_off.3x.gz
+usr/share/man/man3/field_opts_on.3x.gz
+usr/share/man/man3/field_pad.3x.gz
+usr/share/man/man3/field_status.3x.gz
+usr/share/man/man3/field_term.3x.gz
+usr/share/man/man3/field_type.3x.gz
+usr/share/man/man3/field_userptr.3x.gz
+usr/share/man/man3/filter.3x.gz
+usr/share/man/man3/filter_sp.3x.gz
+usr/share/man/man3/find_pair.3x.gz
+usr/share/man/man3/find_pair_sp.3x.gz
+usr/share/man/man3/flash.3x.gz
+usr/share/man/man3/flash_sp.3x.gz
+usr/share/man/man3/flushinp.3x.gz
+usr/share/man/man3/flushinp_sp.3x.gz
+usr/share/man/man3/form.3x.gz
+usr/share/man/man3/form_cursor.3x.gz
+usr/share/man/man3/form_data.3x.gz
+usr/share/man/man3/form_driver.3x.gz
+usr/share/man/man3/form_driver_w.3x.gz
+usr/share/man/man3/form_field.3x.gz
+usr/share/man/man3/form_field_attributes.3x.gz
+usr/share/man/man3/form_field_buffer.3x.gz
+usr/share/man/man3/form_field_info.3x.gz
+usr/share/man/man3/form_field_just.3x.gz
+usr/share/man/man3/form_field_new.3x.gz
+usr/share/man/man3/form_field_opts.3x.gz
+usr/share/man/man3/form_field_userptr.3x.gz
+usr/share/man/man3/form_field_validation.3x.gz
+usr/share/man/man3/form_fields.3x.gz
+usr/share/man/man3/form_fieldtype.3x.gz
+usr/share/man/man3/form_hook.3x.gz
+usr/share/man/man3/form_init.3x.gz
+usr/share/man/man3/form_new.3x.gz
+usr/share/man/man3/form_new_page.3x.gz
+usr/share/man/man3/form_opts.3x.gz
+usr/share/man/man3/form_opts_off.3x.gz
+usr/share/man/man3/form_opts_on.3x.gz
+usr/share/man/man3/form_page.3x.gz
+usr/share/man/man3/form_post.3x.gz
+usr/share/man/man3/form_request_by_name.3x.gz
+usr/share/man/man3/form_request_name.3x.gz
+usr/share/man/man3/form_requestname.3x.gz
+usr/share/man/man3/form_sub.3x.gz
+usr/share/man/man3/form_term.3x.gz
+usr/share/man/man3/form_userptr.3x.gz
+usr/share/man/man3/form_variables.3x.gz
+usr/share/man/man3/form_win.3x.gz
+usr/share/man/man3/free_field.3x.gz
+usr/share/man/man3/free_fieldtype.3x.gz
+usr/share/man/man3/free_form.3x.gz
+usr/share/man/man3/free_item.3x.gz
+usr/share/man/man3/free_menu.3x.gz
+usr/share/man/man3/free_pair.3x.gz
+usr/share/man/man3/free_pair_sp.3x.gz
+usr/share/man/man3/get_escdelay.3x.gz
+usr/share/man/man3/get_escdelay_sp.3x.gz
+usr/share/man/man3/get_wch.3x.gz
+usr/share/man/man3/get_wstr.3x.gz
+usr/share/man/man3/getattrs.3x.gz
+usr/share/man/man3/getbegx.3x.gz
+usr/share/man/man3/getbegy.3x.gz
+usr/share/man/man3/getbegyx.3x.gz
+usr/share/man/man3/getbkgd.3x.gz
+usr/share/man/man3/getbkgrnd.3x.gz
+usr/share/man/man3/getcchar.3x.gz
+usr/share/man/man3/getch.3x.gz
+usr/share/man/man3/getcurx.3x.gz
+usr/share/man/man3/getcury.3x.gz
+usr/share/man/man3/getmaxx.3x.gz
+usr/share/man/man3/getmaxy.3x.gz
+usr/share/man/man3/getmaxyx.3x.gz
+usr/share/man/man3/getmouse.3x.gz
+usr/share/man/man3/getmouse_sp.3x.gz
+usr/share/man/man3/getn_wstr.3x.gz
+usr/share/man/man3/getnstr.3x.gz
+usr/share/man/man3/getparx.3x.gz
+usr/share/man/man3/getpary.3x.gz
+usr/share/man/man3/getparyx.3x.gz
+usr/share/man/man3/getstr.3x.gz
+usr/share/man/man3/getsyx.3x.gz
+usr/share/man/man3/getwin.3x.gz
+usr/share/man/man3/getwin_sp.3x.gz
+usr/share/man/man3/getyx.3x.gz
+usr/share/man/man3/ground_panel.3x.gz
+usr/share/man/man3/halfdelay.3x.gz
+usr/share/man/man3/halfdelay_sp.3x.gz
+usr/share/man/man3/has_colors.3x.gz
+usr/share/man/man3/has_colors_sp.3x.gz
+usr/share/man/man3/has_ic.3x.gz
+usr/share/man/man3/has_ic_sp.3x.gz
+usr/share/man/man3/has_il.3x.gz
+usr/share/man/man3/has_il_sp.3x.gz
+usr/share/man/man3/has_key.3x.gz
+usr/share/man/man3/has_key_sp.3x.gz
+usr/share/man/man3/has_mouse.3x.gz
+usr/share/man/man3/has_mouse_sp.3x.gz
+usr/share/man/man3/hide_panel.3x.gz
+usr/share/man/man3/hline.3x.gz
+usr/share/man/man3/hline_set.3x.gz
+usr/share/man/man3/idcok.3x.gz
+usr/share/man/man3/idlok.3x.gz
+usr/share/man/man3/immedok.3x.gz
+usr/share/man/man3/in_wch.3x.gz
+usr/share/man/man3/in_wchnstr.3x.gz
+usr/share/man/man3/in_wchstr.3x.gz
+usr/share/man/man3/inch.3x.gz
+usr/share/man/man3/inchnstr.3x.gz
+usr/share/man/man3/inchstr.3x.gz
+usr/share/man/man3/init_color.3x.gz
+usr/share/man/man3/init_color_sp.3x.gz
+usr/share/man/man3/init_extended_color.3x.gz
+usr/share/man/man3/init_extended_color_sp.3x.gz
+usr/share/man/man3/init_extended_pair.3x.gz
+usr/share/man/man3/init_extended_pair_sp.3x.gz
+usr/share/man/man3/init_pair.3x.gz
+usr/share/man/man3/init_pair_sp.3x.gz
+usr/share/man/man3/initscr.3x.gz
+usr/share/man/man3/innstr.3x.gz
+usr/share/man/man3/innwstr.3x.gz
+usr/share/man/man3/ins_nwstr.3x.gz
+usr/share/man/man3/ins_wch.3x.gz
+usr/share/man/man3/ins_wstr.3x.gz
+usr/share/man/man3/insch.3x.gz
+usr/share/man/man3/insdelln.3x.gz
+usr/share/man/man3/insertln.3x.gz
+usr/share/man/man3/insnstr.3x.gz
+usr/share/man/man3/insstr.3x.gz
+usr/share/man/man3/instr.3x.gz
+usr/share/man/man3/intrflush.3x.gz
+usr/share/man/man3/intrflush_sp.3x.gz
+usr/share/man/man3/inwstr.3x.gz
+usr/share/man/man3/is_cleared.3x.gz
+usr/share/man/man3/is_idcok.3x.gz
+usr/share/man/man3/is_idlok.3x.gz
+usr/share/man/man3/is_immedok.3x.gz
+usr/share/man/man3/is_keypad.3x.gz
+usr/share/man/man3/is_leaveok.3x.gz
+usr/share/man/man3/is_linetouched.3x.gz
+usr/share/man/man3/is_nodelay.3x.gz
+usr/share/man/man3/is_notimeout.3x.gz
+usr/share/man/man3/is_pad.3x.gz
+usr/share/man/man3/is_scrollok.3x.gz
+usr/share/man/man3/is_subwin.3x.gz
+usr/share/man/man3/is_syncok.3x.gz
+usr/share/man/man3/is_term_resized.3x.gz
+usr/share/man/man3/is_term_resized_sp.3x.gz
+usr/share/man/man3/is_wintouched.3x.gz
+usr/share/man/man3/isendwin.3x.gz
+usr/share/man/man3/isendwin_sp.3x.gz
+usr/share/man/man3/item_count.3x.gz
+usr/share/man/man3/item_description.3x.gz
+usr/share/man/man3/item_index.3x.gz
+usr/share/man/man3/item_init.3x.gz
+usr/share/man/man3/item_name.3x.gz
+usr/share/man/man3/item_opts.3x.gz
+usr/share/man/man3/item_opts_off.3x.gz
+usr/share/man/man3/item_opts_on.3x.gz
+usr/share/man/man3/item_term.3x.gz
+usr/share/man/man3/item_userptr.3x.gz
+usr/share/man/man3/item_value.3x.gz
+usr/share/man/man3/item_visible.3x.gz
+usr/share/man/man3/key_defined.3x.gz
+usr/share/man/man3/key_defined_sp.3x.gz
+usr/share/man/man3/key_name.3x.gz
+usr/share/man/man3/keybound.3x.gz
+usr/share/man/man3/keybound_sp.3x.gz
+usr/share/man/man3/keyname.3x.gz
+usr/share/man/man3/keyname_sp.3x.gz
+usr/share/man/man3/keyok.3x.gz
+usr/share/man/man3/keyok_sp.3x.gz
+usr/share/man/man3/keypad.3x.gz
+usr/share/man/man3/killchar.3x.gz
+usr/share/man/man3/killchar_sp.3x.gz
+usr/share/man/man3/killwchar.3x.gz
+usr/share/man/man3/leaveok.3x.gz
+usr/share/man/man3/legacy_coding.3x.gz
+usr/share/man/man3/LINES.3x.gz
+usr/share/man/man3/link_field.3x.gz
+usr/share/man/man3/link_fieldtype.3x.gz
+usr/share/man/man3/longname.3x.gz
+usr/share/man/man3/longname_sp.3x.gz
+usr/share/man/man3/mcprint.3x.gz
+usr/share/man/man3/mcprint_sp.3x.gz
+usr/share/man/man3/menu.3x.gz
+usr/share/man/man3/menu_attributes.3x.gz
+usr/share/man/man3/menu_back.3x.gz
+usr/share/man/man3/menu_cursor.3x.gz
+usr/share/man/man3/menu_driver.3x.gz
+usr/share/man/man3/menu_fore.3x.gz
+usr/share/man/man3/menu_format.3x.gz
+usr/share/man/man3/menu_grey.3x.gz
+usr/share/man/man3/menu_hook.3x.gz
+usr/share/man/man3/menu_init.3x.gz
+usr/share/man/man3/menu_items.3x.gz
+usr/share/man/man3/menu_mark.3x.gz
+usr/share/man/man3/menu_new.3x.gz
+usr/share/man/man3/menu_opts.3x.gz
+usr/share/man/man3/menu_opts_off.3x.gz
+usr/share/man/man3/menu_opts_on.3x.gz
+usr/share/man/man3/menu_pad.3x.gz
+usr/share/man/man3/menu_pattern.3x.gz
+usr/share/man/man3/menu_post.3x.gz
+usr/share/man/man3/menu_request_by_name.3x.gz
+usr/share/man/man3/menu_request_name.3x.gz
+usr/share/man/man3/menu_requestname.3x.gz
+usr/share/man/man3/menu_spacing.3x.gz
+usr/share/man/man3/menu_sub.3x.gz
+usr/share/man/man3/menu_term.3x.gz
+usr/share/man/man3/menu_userptr.3x.gz
+usr/share/man/man3/menu_win.3x.gz
+usr/share/man/man3/meta.3x.gz
+usr/share/man/man3/mitem_current.3x.gz
+usr/share/man/man3/mitem_name.3x.gz
+usr/share/man/man3/mitem_new.3x.gz
+usr/share/man/man3/mitem_opts.3x.gz
+usr/share/man/man3/mitem_userptr.3x.gz
+usr/share/man/man3/mitem_value.3x.gz
+usr/share/man/man3/mitem_visible.3x.gz
+usr/share/man/man3/mouse_trafo.3x.gz
+usr/share/man/man3/mouseinterval.3x.gz
+usr/share/man/man3/mouseinterval_sp.3x.gz
+usr/share/man/man3/mousemask.3x.gz
+usr/share/man/man3/mousemask_sp.3x.gz
+usr/share/man/man3/move.3x.gz
+usr/share/man/man3/move_field.3x.gz
+usr/share/man/man3/move_panel.3x.gz
+usr/share/man/man3/mvadd_wch.3x.gz
+usr/share/man/man3/mvadd_wchnstr.3x.gz
+usr/share/man/man3/mvadd_wchstr.3x.gz
+usr/share/man/man3/mvaddch.3x.gz
+usr/share/man/man3/mvaddchnstr.3x.gz
+usr/share/man/man3/mvaddchstr.3x.gz
+usr/share/man/man3/mvaddnstr.3x.gz
+usr/share/man/man3/mvaddnwstr.3x.gz
+usr/share/man/man3/mvaddstr.3x.gz
+usr/share/man/man3/mvaddwstr.3x.gz
+usr/share/man/man3/mvchgat.3x.gz
+usr/share/man/man3/mvcur.3x.gz
+usr/share/man/man3/mvcur_sp.3x.gz
+usr/share/man/man3/mvdelch.3x.gz
+usr/share/man/man3/mvderwin.3x.gz
+usr/share/man/man3/mvget_wch.3x.gz
+usr/share/man/man3/mvget_wstr.3x.gz
+usr/share/man/man3/mvgetch.3x.gz
+usr/share/man/man3/mvgetn_wstr.3x.gz
+usr/share/man/man3/mvgetnstr.3x.gz
+usr/share/man/man3/mvgetstr.3x.gz
+usr/share/man/man3/mvhline.3x.gz
+usr/share/man/man3/mvhline_set.3x.gz
+usr/share/man/man3/mvin_wch.3x.gz
+usr/share/man/man3/mvin_wchnstr.3x.gz
+usr/share/man/man3/mvin_wchstr.3x.gz
+usr/share/man/man3/mvinch.3x.gz
+usr/share/man/man3/mvinchnstr.3x.gz
+usr/share/man/man3/mvinchstr.3x.gz
+usr/share/man/man3/mvinnstr.3x.gz
+usr/share/man/man3/mvinnwstr.3x.gz
+usr/share/man/man3/mvins_nwstr.3x.gz
+usr/share/man/man3/mvins_wch.3x.gz
+usr/share/man/man3/mvins_wstr.3x.gz
+usr/share/man/man3/mvinsch.3x.gz
+usr/share/man/man3/mvinsnstr.3x.gz
+usr/share/man/man3/mvinsstr.3x.gz
+usr/share/man/man3/mvinstr.3x.gz
+usr/share/man/man3/mvinwstr.3x.gz
+usr/share/man/man3/mvprintw.3x.gz
+usr/share/man/man3/mvscanw.3x.gz
+usr/share/man/man3/mvvline.3x.gz
+usr/share/man/man3/mvvline_set.3x.gz
+usr/share/man/man3/mvwadd_wch.3x.gz
+usr/share/man/man3/mvwadd_wchnstr.3x.gz
+usr/share/man/man3/mvwadd_wchstr.3x.gz
+usr/share/man/man3/mvwaddch.3x.gz
+usr/share/man/man3/mvwaddchnstr.3x.gz
+usr/share/man/man3/mvwaddchstr.3x.gz
+usr/share/man/man3/mvwaddnstr.3x.gz
+usr/share/man/man3/mvwaddnwstr.3x.gz
+usr/share/man/man3/mvwaddstr.3x.gz
+usr/share/man/man3/mvwaddwstr.3x.gz
+usr/share/man/man3/mvwchgat.3x.gz
+usr/share/man/man3/mvwdelch.3x.gz
+usr/share/man/man3/mvwget_wch.3x.gz
+usr/share/man/man3/mvwget_wstr.3x.gz
+usr/share/man/man3/mvwgetch.3x.gz
+usr/share/man/man3/mvwgetn_wstr.3x.gz
+usr/share/man/man3/mvwgetnstr.3x.gz
+usr/share/man/man3/mvwgetstr.3x.gz
+usr/share/man/man3/mvwhline.3x.gz
+usr/share/man/man3/mvwhline_set.3x.gz
+usr/share/man/man3/mvwin.3x.gz
+usr/share/man/man3/mvwin_wch.3x.gz
+usr/share/man/man3/mvwin_wchnstr.3x.gz
+usr/share/man/man3/mvwin_wchstr.3x.gz
+usr/share/man/man3/mvwinch.3x.gz
+usr/share/man/man3/mvwinchnstr.3x.gz
+usr/share/man/man3/mvwinchstr.3x.gz
+usr/share/man/man3/mvwinnstr.3x.gz
+usr/share/man/man3/mvwinnwstr.3x.gz
+usr/share/man/man3/mvwins_nwstr.3x.gz
+usr/share/man/man3/mvwins_wch.3x.gz
+usr/share/man/man3/mvwins_wstr.3x.gz
+usr/share/man/man3/mvwinsch.3x.gz
+usr/share/man/man3/mvwinsnstr.3x.gz
+usr/share/man/man3/mvwinsstr.3x.gz
+usr/share/man/man3/mvwinstr.3x.gz
+usr/share/man/man3/mvwinwstr.3x.gz
+usr/share/man/man3/mvwprintw.3x.gz
+usr/share/man/man3/mvwscanw.3x.gz
+usr/share/man/man3/mvwvline.3x.gz
+usr/share/man/man3/mvwvline_set.3x.gz
+usr/share/man/man3/napms.3x.gz
+usr/share/man/man3/napms_sp.3x.gz
+usr/share/man/man3/ncurses.3x.gz
+usr/share/man/man3/new_field.3x.gz
+usr/share/man/man3/new_fieldtype.3x.gz
+usr/share/man/man3/new_form.3x.gz
+usr/share/man/man3/new_form_sp.3x.gz
+usr/share/man/man3/new_item.3x.gz
+usr/share/man/man3/new_menu.3x.gz
+usr/share/man/man3/new_menu_sp.3x.gz
+usr/share/man/man3/new_page.3x.gz
+usr/share/man/man3/new_pair.3x.gz
+usr/share/man/man3/new_panel.3x.gz
+usr/share/man/man3/new_prescr.3x.gz
+usr/share/man/man3/newpad.3x.gz
+usr/share/man/man3/newpad_sp.3x.gz
+usr/share/man/man3/newscr.3x.gz
+usr/share/man/man3/newterm.3x.gz
+usr/share/man/man3/newterm_sp.3x.gz
+usr/share/man/man3/newwin.3x.gz
+usr/share/man/man3/newwin_sp.3x.gz
+usr/share/man/man3/nl.3x.gz
+usr/share/man/man3/nl_sp.3x.gz
+usr/share/man/man3/nocbreak.3x.gz
+usr/share/man/man3/nocbreak_sp.3x.gz
+usr/share/man/man3/nodelay.3x.gz
+usr/share/man/man3/noecho.3x.gz
+usr/share/man/man3/noecho_sp.3x.gz
+usr/share/man/man3/nofilter.3x.gz
+usr/share/man/man3/nofilter_sp.3x.gz
+usr/share/man/man3/nonl.3x.gz
+usr/share/man/man3/nonl_sp.3x.gz
+usr/share/man/man3/noqiflush.3x.gz
+usr/share/man/man3/noqiflush_sp.3x.gz
+usr/share/man/man3/noraw.3x.gz
+usr/share/man/man3/noraw_sp.3x.gz
+usr/share/man/man3/notimeout.3x.gz
+usr/share/man/man3/numcodes.3x.gz
+usr/share/man/man3/numfnames.3x.gz
+usr/share/man/man3/numnames.3x.gz
+usr/share/man/man3/ospeed.3x.gz
+usr/share/man/man3/overlay.3x.gz
+usr/share/man/man3/overwrite.3x.gz
+usr/share/man/man3/pair_content.3x.gz
+usr/share/man/man3/pair_content_sp.3x.gz
+usr/share/man/man3/PAIR_NUMBER.3x.gz
+usr/share/man/man3/panel.3x.gz
+usr/share/man/man3/panel_above.3x.gz
+usr/share/man/man3/panel_below.3x.gz
+usr/share/man/man3/panel_hidden.3x.gz
+usr/share/man/man3/panel_userptr.3x.gz
+usr/share/man/man3/panel_window.3x.gz
+usr/share/man/man3/PC.3x.gz
+usr/share/man/man3/pecho_wchar.3x.gz
+usr/share/man/man3/pechochar.3x.gz
+usr/share/man/man3/pnoutrefresh.3x.gz
+usr/share/man/man3/pos_form_cursor.3x.gz
+usr/share/man/man3/pos_menu_cursor.3x.gz
+usr/share/man/man3/post_form.3x.gz
+usr/share/man/man3/post_menu.3x.gz
+usr/share/man/man3/prefresh.3x.gz
+usr/share/man/man3/printw.3x.gz
+usr/share/man/man3/putp.3x.gz
+usr/share/man/man3/putp_sp.3x.gz
+usr/share/man/man3/putwin.3x.gz
+usr/share/man/man3/qiflush.3x.gz
+usr/share/man/man3/qiflush_sp.3x.gz
+usr/share/man/man3/raw.3x.gz
+usr/share/man/man3/raw_sp.3x.gz
+usr/share/man/man3/redrawwin.3x.gz
+usr/share/man/man3/refresh.3x.gz
+usr/share/man/man3/replace_panel.3x.gz
+usr/share/man/man3/reset_color_pairs.3x.gz
+usr/share/man/man3/reset_prog_mode.3x.gz
+usr/share/man/man3/reset_prog_mode_sp.3x.gz
+usr/share/man/man3/reset_shell_mode.3x.gz
+usr/share/man/man3/reset_shell_mode_sp.3x.gz
+usr/share/man/man3/resetty.3x.gz
+usr/share/man/man3/resetty_sp.3x.gz
+usr/share/man/man3/resize_term.3x.gz
+usr/share/man/man3/resize_term_sp.3x.gz
+usr/share/man/man3/resizeterm.3x.gz
+usr/share/man/man3/resizeterm_sp.3x.gz
+usr/share/man/man3/restartterm.3x.gz
+usr/share/man/man3/restartterm_sp.3x.gz
+usr/share/man/man3/ripoffline.3x.gz
+usr/share/man/man3/ripoffline_sp.3x.gz
+usr/share/man/man3/savetty.3x.gz
+usr/share/man/man3/savetty_sp.3x.gz
+usr/share/man/man3/scale_form.3x.gz
+usr/share/man/man3/scale_menu.3x.gz
+usr/share/man/man3/scanw.3x.gz
+usr/share/man/man3/scr_dump.3x.gz
+usr/share/man/man3/scr_init.3x.gz
+usr/share/man/man3/scr_init_sp.3x.gz
+usr/share/man/man3/scr_restore.3x.gz
+usr/share/man/man3/scr_restore_sp.3x.gz
+usr/share/man/man3/scr_set.3x.gz
+usr/share/man/man3/scr_set_sp.3x.gz
+usr/share/man/man3/scrl.3x.gz
+usr/share/man/man3/scroll.3x.gz
+usr/share/man/man3/scrollok.3x.gz
+usr/share/man/man3/set_current_field.3x.gz
+usr/share/man/man3/set_current_item.3x.gz
+usr/share/man/man3/set_curterm.3x.gz
+usr/share/man/man3/set_curterm_sp.3x.gz
+usr/share/man/man3/set_escdelay.3x.gz
+usr/share/man/man3/set_escdelay_sp.3x.gz
+usr/share/man/man3/set_field_back.3x.gz
+usr/share/man/man3/set_field_buffer.3x.gz
+usr/share/man/man3/set_field_fore.3x.gz
+usr/share/man/man3/set_field_init.3x.gz
+usr/share/man/man3/set_field_just.3x.gz
+usr/share/man/man3/set_field_opts.3x.gz
+usr/share/man/man3/set_field_pad.3x.gz
+usr/share/man/man3/set_field_status.3x.gz
+usr/share/man/man3/set_field_term.3x.gz
+usr/share/man/man3/set_field_type.3x.gz
+usr/share/man/man3/set_field_userptr.3x.gz
+usr/share/man/man3/set_fieldtype_arg.3x.gz
+usr/share/man/man3/set_fieldtype_choice.3x.gz
+usr/share/man/man3/set_form_fields.3x.gz
+usr/share/man/man3/set_form_init.3x.gz
+usr/share/man/man3/set_form_opts.3x.gz
+usr/share/man/man3/set_form_page.3x.gz
+usr/share/man/man3/set_form_sub.3x.gz
+usr/share/man/man3/set_form_term.3x.gz
+usr/share/man/man3/set_form_userptr.3x.gz
+usr/share/man/man3/set_form_win.3x.gz
+usr/share/man/man3/set_item_init.3x.gz
+usr/share/man/man3/set_item_opts.3x.gz
+usr/share/man/man3/set_item_term.3x.gz
+usr/share/man/man3/set_item_userptr.3x.gz
+usr/share/man/man3/set_item_value.3x.gz
+usr/share/man/man3/set_max_field.3x.gz
+usr/share/man/man3/set_menu_back.3x.gz
+usr/share/man/man3/set_menu_fore.3x.gz
+usr/share/man/man3/set_menu_format.3x.gz
+usr/share/man/man3/set_menu_grey.3x.gz
+usr/share/man/man3/set_menu_init.3x.gz
+usr/share/man/man3/set_menu_items.3x.gz
+usr/share/man/man3/set_menu_mark.3x.gz
+usr/share/man/man3/set_menu_opts.3x.gz
+usr/share/man/man3/set_menu_pad.3x.gz
+usr/share/man/man3/set_menu_pattern.3x.gz
+usr/share/man/man3/set_menu_spacing.3x.gz
+usr/share/man/man3/set_menu_sub.3x.gz
+usr/share/man/man3/set_menu_term.3x.gz
+usr/share/man/man3/set_menu_userptr.3x.gz
+usr/share/man/man3/set_menu_win.3x.gz
+usr/share/man/man3/set_new_page.3x.gz
+usr/share/man/man3/set_panel_userptr.3x.gz
+usr/share/man/man3/set_tabsize.3x.gz
+usr/share/man/man3/set_tabsize_sp.3x.gz
+usr/share/man/man3/set_term.3x.gz
+usr/share/man/man3/set_top_row.3x.gz
+usr/share/man/man3/setcchar.3x.gz
+usr/share/man/man3/setscrreg.3x.gz
+usr/share/man/man3/setsyx.3x.gz
+usr/share/man/man3/setterm.3x.gz
+usr/share/man/man3/setupterm.3x.gz
+usr/share/man/man3/show_panel.3x.gz
+usr/share/man/man3/slk_attr.3x.gz
+usr/share/man/man3/slk_attr_off.3x.gz
+usr/share/man/man3/slk_attr_on.3x.gz
+usr/share/man/man3/slk_attr_set.3x.gz
+usr/share/man/man3/slk_attr_set_sp.3x.gz
+usr/share/man/man3/slk_attr_sp.3x.gz
+usr/share/man/man3/slk_attroff.3x.gz
+usr/share/man/man3/slk_attroff_sp.3x.gz
+usr/share/man/man3/slk_attron.3x.gz
+usr/share/man/man3/slk_attron_sp.3x.gz
+usr/share/man/man3/slk_attrset.3x.gz
+usr/share/man/man3/slk_attrset_sp.3x.gz
+usr/share/man/man3/slk_clear.3x.gz
+usr/share/man/man3/slk_clear_sp.3x.gz
+usr/share/man/man3/slk_color.3x.gz
+usr/share/man/man3/slk_color_sp.3x.gz
+usr/share/man/man3/slk_init.3x.gz
+usr/share/man/man3/slk_init_sp.3x.gz
+usr/share/man/man3/slk_label.3x.gz
+usr/share/man/man3/slk_label_sp.3x.gz
+usr/share/man/man3/slk_noutrefresh.3x.gz
+usr/share/man/man3/slk_noutrefresh_sp.3x.gz
+usr/share/man/man3/slk_refresh.3x.gz
+usr/share/man/man3/slk_refresh_sp.3x.gz
+usr/share/man/man3/slk_restore.3x.gz
+usr/share/man/man3/slk_restore_sp.3x.gz
+usr/share/man/man3/slk_set.3x.gz
+usr/share/man/man3/slk_set_sp.3x.gz
+usr/share/man/man3/slk_touch.3x.gz
+usr/share/man/man3/slk_touch_sp.3x.gz
+usr/share/man/man3/slk_wset.3x.gz
+usr/share/man/man3/SP.3x.gz
+usr/share/man/man3/standend.3x.gz
+usr/share/man/man3/standout.3x.gz
+usr/share/man/man3/start_color.3x.gz
+usr/share/man/man3/start_color_sp.3x.gz
+usr/share/man/man3/stdscr.3x.gz
+usr/share/man/man3/strcodes.3x.gz
+usr/share/man/man3/strfnames.3x.gz
+usr/share/man/man3/strnames.3x.gz
+usr/share/man/man3/subpad.3x.gz
+usr/share/man/man3/subwin.3x.gz
+usr/share/man/man3/syncok.3x.gz
+usr/share/man/man3/TABSIZE.3x.gz
+usr/share/man/man3/term_attrs.3x.gz
+usr/share/man/man3/term_attrs_sp.3x.gz
+usr/share/man/man3/term_variables.3x.gz
+usr/share/man/man3/termattrs.3x.gz
+usr/share/man/man3/termattrs_sp.3x.gz
+usr/share/man/man3/termname.3x.gz
+usr/share/man/man3/termname_sp.3x.gz
+usr/share/man/man3/tgetent.3x.gz
+usr/share/man/man3/tgetent_sp.3x.gz
+usr/share/man/man3/tgetflag.3x.gz
+usr/share/man/man3/tgetflag_sp.3x.gz
+usr/share/man/man3/tgetnum.3x.gz
+usr/share/man/man3/tgetnum_sp.3x.gz
+usr/share/man/man3/tgetstr.3x.gz
+usr/share/man/man3/tgetstr_sp.3x.gz
+usr/share/man/man3/tgoto.3x.gz
+usr/share/man/man3/tigetflag.3x.gz
+usr/share/man/man3/tigetflag_sp.3x.gz
+usr/share/man/man3/tigetnum.3x.gz
+usr/share/man/man3/tigetnum_sp.3x.gz
+usr/share/man/man3/tigetstr.3x.gz
+usr/share/man/man3/tigetstr_sp.3x.gz
+usr/share/man/man3/timeout.3x.gz
+usr/share/man/man3/tiparm.3x.gz
+usr/share/man/man3/top_panel.3x.gz
+usr/share/man/man3/top_row.3x.gz
+usr/share/man/man3/touchline.3x.gz
+usr/share/man/man3/touchwin.3x.gz
+usr/share/man/man3/tparm.3x.gz
+usr/share/man/man3/tputs.3x.gz
+usr/share/man/man3/tputs_sp.3x.gz
+usr/share/man/man3/trace.3x.gz
+usr/share/man/man3/ttytype.3x.gz
+usr/share/man/man3/TYPE_ALNUM.3x.gz
+usr/share/man/man3/TYPE_ALPHA.3x.gz
+usr/share/man/man3/TYPE_ENUM.3x.gz
+usr/share/man/man3/TYPE_INTEGER.3x.gz
+usr/share/man/man3/TYPE_IPV4.3x.gz
+usr/share/man/man3/TYPE_NUMERIC.3x.gz
+usr/share/man/man3/TYPE_REGEXP.3x.gz
+usr/share/man/man3/typeahead.3x.gz
+usr/share/man/man3/typeahead_sp.3x.gz
+usr/share/man/man3/unctrl.3x.gz
+usr/share/man/man3/unctrl_sp.3x.gz
+usr/share/man/man3/unfocus_current_field.3x.gz
+usr/share/man/man3/unget_wch.3x.gz
+usr/share/man/man3/unget_wch_sp.3x.gz
+usr/share/man/man3/ungetch.3x.gz
+usr/share/man/man3/ungetch_sp.3x.gz
+usr/share/man/man3/ungetmouse.3x.gz
+usr/share/man/man3/ungetmouse_sp.3x.gz
+usr/share/man/man3/unpost_form.3x.gz
+usr/share/man/man3/unpost_menu.3x.gz
+usr/share/man/man3/untouchwin.3x.gz
+usr/share/man/man3/UP.3x.gz
+usr/share/man/man3/update_panels.3x.gz
+usr/share/man/man3/update_panels_sp.3x.gz
+usr/share/man/man3/use_default_colors.3x.gz
+usr/share/man/man3/use_default_colors_sp.3x.gz
+usr/share/man/man3/use_env.3x.gz
+usr/share/man/man3/use_env_sp.3x.gz
+usr/share/man/man3/use_extended_names.3x.gz
+usr/share/man/man3/use_legacy_coding.3x.gz
+usr/share/man/man3/use_legacy_coding_sp.3x.gz
+usr/share/man/man3/use_screen.3x.gz
+usr/share/man/man3/use_tioctl.3x.gz
+usr/share/man/man3/use_window.3x.gz
+usr/share/man/man3/vid_attr.3x.gz
+usr/share/man/man3/vid_attr_sp.3x.gz
+usr/share/man/man3/vid_puts.3x.gz
+usr/share/man/man3/vid_puts_sp.3x.gz
+usr/share/man/man3/vidattr.3x.gz
+usr/share/man/man3/vidattr_sp.3x.gz
+usr/share/man/man3/vidputs.3x.gz
+usr/share/man/man3/vidputs_sp.3x.gz
+usr/share/man/man3/vline.3x.gz
+usr/share/man/man3/vline_set.3x.gz
+usr/share/man/man3/vw_printw.3x.gz
+usr/share/man/man3/vw_scanw.3x.gz
+usr/share/man/man3/vwprintw.3x.gz
+usr/share/man/man3/vwscanw.3x.gz
+usr/share/man/man3/wadd_wch.3x.gz
+usr/share/man/man3/wadd_wchnstr.3x.gz
+usr/share/man/man3/wadd_wchstr.3x.gz
+usr/share/man/man3/waddch.3x.gz
+usr/share/man/man3/waddchnstr.3x.gz
+usr/share/man/man3/waddchstr.3x.gz
+usr/share/man/man3/waddnstr.3x.gz
+usr/share/man/man3/waddnwstr.3x.gz
+usr/share/man/man3/waddstr.3x.gz
+usr/share/man/man3/waddwstr.3x.gz
+usr/share/man/man3/wattr_get.3x.gz
+usr/share/man/man3/wattr_off.3x.gz
+usr/share/man/man3/wattr_on.3x.gz
+usr/share/man/man3/wattr_set.3x.gz
+usr/share/man/man3/wattroff.3x.gz
+usr/share/man/man3/wattron.3x.gz
+usr/share/man/man3/wattrset.3x.gz
+usr/share/man/man3/wbkgd.3x.gz
+usr/share/man/man3/wbkgdset.3x.gz
+usr/share/man/man3/wbkgrnd.3x.gz
+usr/share/man/man3/wbkgrndset.3x.gz
+usr/share/man/man3/wborder.3x.gz
+usr/share/man/man3/wborder_set.3x.gz
+usr/share/man/man3/wchgat.3x.gz
+usr/share/man/man3/wclear.3x.gz
+usr/share/man/man3/wclrtobot.3x.gz
+usr/share/man/man3/wclrtoeol.3x.gz
+usr/share/man/man3/wcolor_set.3x.gz
+usr/share/man/man3/wcursyncup.3x.gz
+usr/share/man/man3/wdelch.3x.gz
+usr/share/man/man3/wdeleteln.3x.gz
+usr/share/man/man3/wecho_wchar.3x.gz
+usr/share/man/man3/wechochar.3x.gz
+usr/share/man/man3/wenclose.3x.gz
+usr/share/man/man3/werase.3x.gz
+usr/share/man/man3/wget_wch.3x.gz
+usr/share/man/man3/wget_wstr.3x.gz
+usr/share/man/man3/wgetbkgrnd.3x.gz
+usr/share/man/man3/wgetch.3x.gz
+usr/share/man/man3/wgetdelay.3x.gz
+usr/share/man/man3/wgetn_wstr.3x.gz
+usr/share/man/man3/wgetnstr.3x.gz
+usr/share/man/man3/wgetparent.3x.gz
+usr/share/man/man3/wgetscrreg.3x.gz
+usr/share/man/man3/wgetstr.3x.gz
+usr/share/man/man3/whline.3x.gz
+usr/share/man/man3/whline_set.3x.gz
+usr/share/man/man3/win_wch.3x.gz
+usr/share/man/man3/win_wchnstr.3x.gz
+usr/share/man/man3/win_wchstr.3x.gz
+usr/share/man/man3/winch.3x.gz
+usr/share/man/man3/winchnstr.3x.gz
+usr/share/man/man3/winchstr.3x.gz
+usr/share/man/man3/winnstr.3x.gz
+usr/share/man/man3/winnwstr.3x.gz
+usr/share/man/man3/wins_nwstr.3x.gz
+usr/share/man/man3/wins_wch.3x.gz
+usr/share/man/man3/wins_wstr.3x.gz
+usr/share/man/man3/winsch.3x.gz
+usr/share/man/man3/winsdelln.3x.gz
+usr/share/man/man3/winsertln.3x.gz
+usr/share/man/man3/winsnstr.3x.gz
+usr/share/man/man3/winsstr.3x.gz
+usr/share/man/man3/winstr.3x.gz
+usr/share/man/man3/winwstr.3x.gz
+usr/share/man/man3/wmouse_trafo.3x.gz
+usr/share/man/man3/wmove.3x.gz
+usr/share/man/man3/wnoutrefresh.3x.gz
+usr/share/man/man3/wprintw.3x.gz
+usr/share/man/man3/wredrawln.3x.gz
+usr/share/man/man3/wrefresh.3x.gz
+usr/share/man/man3/wresize.3x.gz
+usr/share/man/man3/wscanw.3x.gz
+usr/share/man/man3/wscrl.3x.gz
+usr/share/man/man3/wsetscrreg.3x.gz
+usr/share/man/man3/wstandend.3x.gz
+usr/share/man/man3/wstandout.3x.gz
+usr/share/man/man3/wsyncdown.3x.gz
+usr/share/man/man3/wsyncup.3x.gz
+usr/share/man/man3/wtimeout.3x.gz
+usr/share/man/man3/wtouchln.3x.gz
+usr/share/man/man3/wunctrl.3x.gz
+usr/share/man/man3/wunctrl_sp.3x.gz
+usr/share/man/man3/wvline.3x.gz
+usr/share/man/man3/wvline_set.3x.gz
+usr/share/man/man5/
+usr/share/man/man5/scr_dump.5.gz
+usr/share/man/man5/term.5.gz
+usr/share/man/man5/terminfo.5.gz
+usr/share/man/man5/user_caps.5.gz
+usr/share/man/man7/
+usr/share/man/man7/term.7.gz
+usr/share/tabset/
+usr/share/tabset/std
+usr/share/tabset/stdcrt
+usr/share/tabset/vt100
+usr/share/tabset/vt300
+usr/share/terminfo/
+usr/share/terminfo/31/
+usr/share/terminfo/31/1178
+usr/share/terminfo/31/1730-lm
+usr/share/terminfo/32/
+usr/share/terminfo/32/2621
+usr/share/terminfo/32/2621-wl
+usr/share/terminfo/32/2621A
+usr/share/terminfo/33/
+usr/share/terminfo/33/386at
+usr/share/terminfo/33/3b1
+usr/share/terminfo/34/
+usr/share/terminfo/34/4025ex
+usr/share/terminfo/34/4027ex
+usr/share/terminfo/34/4410-w
+usr/share/terminfo/35/
+usr/share/terminfo/35/5051
+usr/share/terminfo/35/5410-w
+usr/share/terminfo/35/5620
+usr/share/terminfo/35/5630-24
+usr/share/terminfo/35/5630DMD-24
+usr/share/terminfo/36/
+usr/share/terminfo/36/6053
+usr/share/terminfo/36/6053-dg
+usr/share/terminfo/36/605x
+usr/share/terminfo/36/605x-dg
+usr/share/terminfo/36/630-lm
+usr/share/terminfo/36/630MTG-24
+usr/share/terminfo/37/
+usr/share/terminfo/37/730MTG-24
+usr/share/terminfo/37/730MTG-41
+usr/share/terminfo/37/730MTG-41r
+usr/share/terminfo/37/730MTGr
+usr/share/terminfo/37/730MTGr-24
+usr/share/terminfo/38/
+usr/share/terminfo/38/8510
+usr/share/terminfo/39/
+usr/share/terminfo/39/955-hb
+usr/share/terminfo/39/955-w
+usr/share/terminfo/39/9term
+usr/share/terminfo/41/
+usr/share/terminfo/41/Apple_Terminal
+usr/share/terminfo/45/
+usr/share/terminfo/45/Eterm
+usr/share/terminfo/45/Eterm-256color
+usr/share/terminfo/45/Eterm-88color
+usr/share/terminfo/45/Eterm-color
+usr/share/terminfo/4c/
+usr/share/terminfo/4c/LFT-PC850
+usr/share/terminfo/4d/
+usr/share/terminfo/4d/MtxOrb
+usr/share/terminfo/4d/MtxOrb162
+usr/share/terminfo/4d/MtxOrb204
+usr/share/terminfo/4e/
+usr/share/terminfo/4e/NCR260VT300WPP
+usr/share/terminfo/4e/NCRVT100WPP
+usr/share/terminfo/50/
+usr/share/terminfo/50/P12
+usr/share/terminfo/50/P12-M
+usr/share/terminfo/50/P12-M-W
+usr/share/terminfo/50/P12-W
+usr/share/terminfo/50/P14
+usr/share/terminfo/50/P14-M
+usr/share/terminfo/50/P14-M-W
+usr/share/terminfo/50/P14-W
+usr/share/terminfo/50/P4
+usr/share/terminfo/50/P5
+usr/share/terminfo/50/P7
+usr/share/terminfo/50/P8
+usr/share/terminfo/50/P8-W
+usr/share/terminfo/50/P9
+usr/share/terminfo/50/P9-8
+usr/share/terminfo/50/P9-8-W
+usr/share/terminfo/50/P9-W
+usr/share/terminfo/51/
+usr/share/terminfo/51/Q306-8-pc
+usr/share/terminfo/51/Q310-vip-H
+usr/share/terminfo/51/Q310-vip-H-am
+usr/share/terminfo/51/Q310-vip-Hw
+usr/share/terminfo/51/Q310-vip-w
+usr/share/terminfo/51/Q310-vip-w-am
+usr/share/terminfo/58/
+usr/share/terminfo/58/X-hpterm
+usr/share/terminfo/61/
+usr/share/terminfo/61/a210
+usr/share/terminfo/61/a80
+usr/share/terminfo/61/a980
+usr/share/terminfo/61/aa4080
+usr/share/terminfo/61/aaa
+usr/share/terminfo/61/aaa+dec
+usr/share/terminfo/61/aaa+rv
+usr/share/terminfo/61/aaa+unk
+usr/share/terminfo/61/aaa-18
+usr/share/terminfo/61/aaa-18-rv
+usr/share/terminfo/61/aaa-20
+usr/share/terminfo/61/aaa-22
+usr/share/terminfo/61/aaa-24
+usr/share/terminfo/61/aaa-24-rv
+usr/share/terminfo/61/aaa-26
+usr/share/terminfo/61/aaa-28
+usr/share/terminfo/61/aaa-30
+usr/share/terminfo/61/aaa-30-ctxt
+usr/share/terminfo/61/aaa-30-rv
+usr/share/terminfo/61/aaa-30-rv-ctxt
+usr/share/terminfo/61/aaa-30-s
+usr/share/terminfo/61/aaa-30-s-ctxt
+usr/share/terminfo/61/aaa-30-s-rv
+usr/share/terminfo/61/aaa-30-s-rv-ct
+usr/share/terminfo/61/aaa-36
+usr/share/terminfo/61/aaa-36-rv
+usr/share/terminfo/61/aaa-40
+usr/share/terminfo/61/aaa-40-rv
+usr/share/terminfo/61/aaa-48
+usr/share/terminfo/61/aaa-48-rv
+usr/share/terminfo/61/aaa-60
+usr/share/terminfo/61/aaa-60-dec-rv
+usr/share/terminfo/61/aaa-60-rv
+usr/share/terminfo/61/aaa-60-s
+usr/share/terminfo/61/aaa-60-s-rv
+usr/share/terminfo/61/aaa-ctxt
+usr/share/terminfo/61/aaa-db
+usr/share/terminfo/61/aaa-rv
+usr/share/terminfo/61/aaa-rv-ctxt
+usr/share/terminfo/61/aaa-rv-unk
+usr/share/terminfo/61/aaa-s
+usr/share/terminfo/61/aaa-s-ctxt
+usr/share/terminfo/61/aaa-s-rv
+usr/share/terminfo/61/aaa-s-rv-ctxt
+usr/share/terminfo/61/aaa-unk
+usr/share/terminfo/61/aas1901
+usr/share/terminfo/61/abm80
+usr/share/terminfo/61/abm85
+usr/share/terminfo/61/abm85e
+usr/share/terminfo/61/abm85h
+usr/share/terminfo/61/abm85h-old
+usr/share/terminfo/61/act4
+usr/share/terminfo/61/act5
+usr/share/terminfo/61/addrinfo
+usr/share/terminfo/61/adds980
+usr/share/terminfo/61/addsviewpoint
+usr/share/terminfo/61/addsvp60
+usr/share/terminfo/61/adm+sgr
+usr/share/terminfo/61/adm1
+usr/share/terminfo/61/adm11
+usr/share/terminfo/61/adm1178
+usr/share/terminfo/61/adm12
+usr/share/terminfo/61/adm1a
+usr/share/terminfo/61/adm2
+usr/share/terminfo/61/adm20
+usr/share/terminfo/61/adm21
+usr/share/terminfo/61/adm22
+usr/share/terminfo/61/adm3
+usr/share/terminfo/61/adm31
+usr/share/terminfo/61/adm31-old
+usr/share/terminfo/61/adm36
+usr/share/terminfo/61/adm3a
+usr/share/terminfo/61/adm3a+
+usr/share/terminfo/61/adm42
+usr/share/terminfo/61/adm42-ns
+usr/share/terminfo/61/adm5
+usr/share/terminfo/61/aepro
+usr/share/terminfo/61/aixterm
+usr/share/terminfo/61/aixterm-16color
+usr/share/terminfo/61/aixterm-m
+usr/share/terminfo/61/aixterm-m-old
+usr/share/terminfo/61/aj
+usr/share/terminfo/61/aj510
+usr/share/terminfo/61/aj830
+usr/share/terminfo/61/aj832
+usr/share/terminfo/61/alt2
+usr/share/terminfo/61/alt3
+usr/share/terminfo/61/alt4
+usr/share/terminfo/61/alt5
+usr/share/terminfo/61/alt7
+usr/share/terminfo/61/alt7pc
+usr/share/terminfo/61/alto-h19
+usr/share/terminfo/61/alto-heath
+usr/share/terminfo/61/altoh19
+usr/share/terminfo/61/altoheath
+usr/share/terminfo/61/altos-2
+usr/share/terminfo/61/altos-3
+usr/share/terminfo/61/altos-4
+usr/share/terminfo/61/altos-5
+usr/share/terminfo/61/altos2
+usr/share/terminfo/61/altos3
+usr/share/terminfo/61/altos4
+usr/share/terminfo/61/altos5
+usr/share/terminfo/61/altos7
+usr/share/terminfo/61/altos7pc
+usr/share/terminfo/61/ambas
+usr/share/terminfo/61/ambassador
+usr/share/terminfo/61/amiga
+usr/share/terminfo/61/amiga-8bit
+usr/share/terminfo/61/amiga-h
+usr/share/terminfo/61/amiga-vnc
+usr/share/terminfo/61/amp219
+usr/share/terminfo/61/amp219w
+usr/share/terminfo/61/ampex-219
+usr/share/terminfo/61/ampex-219w
+usr/share/terminfo/61/ampex-232
+usr/share/terminfo/61/ampex175
+usr/share/terminfo/61/ampex175-b
+usr/share/terminfo/61/ampex210
+usr/share/terminfo/61/ampex219
+usr/share/terminfo/61/ampex219w
+usr/share/terminfo/61/ampex232
+usr/share/terminfo/61/ampex232w
+usr/share/terminfo/61/ampex80
+usr/share/terminfo/61/annarbor4080
+usr/share/terminfo/61/ansi
+usr/share/terminfo/61/ansi+arrows
+usr/share/terminfo/61/ansi+csr
+usr/share/terminfo/61/ansi+cup
+usr/share/terminfo/61/ansi+enq
+usr/share/terminfo/61/ansi+erase
+usr/share/terminfo/61/ansi+idc
+usr/share/terminfo/61/ansi+idc1
+usr/share/terminfo/61/ansi+idl
+usr/share/terminfo/61/ansi+idl1
+usr/share/terminfo/61/ansi+inittabs
+usr/share/terminfo/61/ansi+local
+usr/share/terminfo/61/ansi+local1
+usr/share/terminfo/61/ansi+pp
+usr/share/terminfo/61/ansi+rca
+usr/share/terminfo/61/ansi+rep
+usr/share/terminfo/61/ansi+sgr
+usr/share/terminfo/61/ansi+sgrbold
+usr/share/terminfo/61/ansi+sgrdim
+usr/share/terminfo/61/ansi+sgrso
+usr/share/terminfo/61/ansi+sgrul
+usr/share/terminfo/61/ansi+tabs
+usr/share/terminfo/61/ansi-color-2-emx
+usr/share/terminfo/61/ansi-color-3-emx
+usr/share/terminfo/61/ansi-emx
+usr/share/terminfo/61/ansi-generic
+usr/share/terminfo/61/ansi-m
+usr/share/terminfo/61/ansi-mini
+usr/share/terminfo/61/ansi-mono
+usr/share/terminfo/61/ansi-mr
+usr/share/terminfo/61/ansi-mtabs
+usr/share/terminfo/61/ansi-nt
+usr/share/terminfo/61/ansi.sys
+usr/share/terminfo/61/ansi.sys-old
+usr/share/terminfo/61/ansi.sysk
+usr/share/terminfo/61/ansi43m
+usr/share/terminfo/61/ansi77
+usr/share/terminfo/61/ansi80x25
+usr/share/terminfo/61/ansi80x25-mono
+usr/share/terminfo/61/ansi80x25-raw
+usr/share/terminfo/61/ansi80x30
+usr/share/terminfo/61/ansi80x30-mono
+usr/share/terminfo/61/ansi80x43
+usr/share/terminfo/61/ansi80x43-mono
+usr/share/terminfo/61/ansi80x50
+usr/share/terminfo/61/ansi80x50-mono
+usr/share/terminfo/61/ansi80x60
+usr/share/terminfo/61/ansi80x60-mono
+usr/share/terminfo/61/ansil
+usr/share/terminfo/61/ansil-mono
+usr/share/terminfo/61/ansis
+usr/share/terminfo/61/ansis-mono
+usr/share/terminfo/61/ansisysk
+usr/share/terminfo/61/ansiterm
+usr/share/terminfo/61/ansiw
+usr/share/terminfo/61/ap-vm80
+usr/share/terminfo/61/apl
+usr/share/terminfo/61/apollo
+usr/share/terminfo/61/apollo_15P
+usr/share/terminfo/61/apollo_19L
+usr/share/terminfo/61/apollo_color
+usr/share/terminfo/61/apple-80
+usr/share/terminfo/61/apple-ae
+usr/share/terminfo/61/apple-soroc
+usr/share/terminfo/61/apple-uterm
+usr/share/terminfo/61/apple-uterm-vb
+usr/share/terminfo/61/apple-videx
+usr/share/terminfo/61/apple-videx2
+usr/share/terminfo/61/apple-videx3
+usr/share/terminfo/61/apple-vm80
+usr/share/terminfo/61/apple2e
+usr/share/terminfo/61/apple2e-p
+usr/share/terminfo/61/apple80p
+usr/share/terminfo/61/appleII
+usr/share/terminfo/61/appleIIc
+usr/share/terminfo/61/appleIIe
+usr/share/terminfo/61/appleIIgs
+usr/share/terminfo/61/arm100
+usr/share/terminfo/61/arm100-am
+usr/share/terminfo/61/arm100-w
+usr/share/terminfo/61/arm100-wam
+usr/share/terminfo/61/at
+usr/share/terminfo/61/at-color
+usr/share/terminfo/61/at-m
+usr/share/terminfo/61/at386
+usr/share/terminfo/61/atari
+usr/share/terminfo/61/atari-color
+usr/share/terminfo/61/atari-m
+usr/share/terminfo/61/atari-old
+usr/share/terminfo/61/atari_st
+usr/share/terminfo/61/atari_st-color
+usr/share/terminfo/61/atarist-m
+usr/share/terminfo/61/aterm
+usr/share/terminfo/61/att2300
+usr/share/terminfo/61/att2350
+usr/share/terminfo/61/att4410
+usr/share/terminfo/61/att4410-w
+usr/share/terminfo/61/att4410v1
+usr/share/terminfo/61/att4410v1-w
+usr/share/terminfo/61/att4415
+usr/share/terminfo/61/att4415+nl
+usr/share/terminfo/61/att4415-nl
+usr/share/terminfo/61/att4415-rv
+usr/share/terminfo/61/att4415-rv-nl
+usr/share/terminfo/61/att4415-w
+usr/share/terminfo/61/att4415-w-nl
+usr/share/terminfo/61/att4415-w-rv
+usr/share/terminfo/61/att4415-w-rv-n
+usr/share/terminfo/61/att4418
+usr/share/terminfo/61/att4418-w
+usr/share/terminfo/61/att4420
+usr/share/terminfo/61/att4424
+usr/share/terminfo/61/att4424-1
+usr/share/terminfo/61/att4424m
+usr/share/terminfo/61/att4425
+usr/share/terminfo/61/att4425-nl
+usr/share/terminfo/61/att4425-w
+usr/share/terminfo/61/att4426
+usr/share/terminfo/61/att500
+usr/share/terminfo/61/att505
+usr/share/terminfo/61/att505-24
+usr/share/terminfo/61/att510a
+usr/share/terminfo/61/att510d
+usr/share/terminfo/61/att513
+usr/share/terminfo/61/att5310
+usr/share/terminfo/61/att5320
+usr/share/terminfo/61/att5410
+usr/share/terminfo/61/att5410-w
+usr/share/terminfo/61/att5410v1
+usr/share/terminfo/61/att5410v1-w
+usr/share/terminfo/61/att5418
+usr/share/terminfo/61/att5418-w
+usr/share/terminfo/61/att5420
+usr/share/terminfo/61/att5420+nl
+usr/share/terminfo/61/att5420-nl
+usr/share/terminfo/61/att5420-rv
+usr/share/terminfo/61/att5420-rv-nl
+usr/share/terminfo/61/att5420-w
+usr/share/terminfo/61/att5420-w-nl
+usr/share/terminfo/61/att5420-w-rv
+usr/share/terminfo/61/att5420-w-rv-n
+usr/share/terminfo/61/att5420_2
+usr/share/terminfo/61/att5420_2-w
+usr/share/terminfo/61/att5425
+usr/share/terminfo/61/att5425-nl
+usr/share/terminfo/61/att5425-w
+usr/share/terminfo/61/att5430
+usr/share/terminfo/61/att5620
+usr/share/terminfo/61/att5620-1
+usr/share/terminfo/61/att5620-24
+usr/share/terminfo/61/att5620-34
+usr/share/terminfo/61/att5620-s
+usr/share/terminfo/61/att605
+usr/share/terminfo/61/att605-pc
+usr/share/terminfo/61/att605-w
+usr/share/terminfo/61/att610
+usr/share/terminfo/61/att610-103k
+usr/share/terminfo/61/att610-103k-w
+usr/share/terminfo/61/att610-w
+usr/share/terminfo/61/att615
+usr/share/terminfo/61/att615-103k
+usr/share/terminfo/61/att615-103k-w
+usr/share/terminfo/61/att615-w
+usr/share/terminfo/61/att620
+usr/share/terminfo/61/att620-103k
+usr/share/terminfo/61/att620-103k-w
+usr/share/terminfo/61/att620-w
+usr/share/terminfo/61/att630
+usr/share/terminfo/61/att630-24
+usr/share/terminfo/61/att6386
+usr/share/terminfo/61/att700
+usr/share/terminfo/61/att730
+usr/share/terminfo/61/att730-24
+usr/share/terminfo/61/att730-41
+usr/share/terminfo/61/att7300
+usr/share/terminfo/61/att730r
+usr/share/terminfo/61/att730r-24
+usr/share/terminfo/61/att730r-41
+usr/share/terminfo/61/avatar
+usr/share/terminfo/61/avatar0
+usr/share/terminfo/61/avatar0+
+usr/share/terminfo/61/avatar1
+usr/share/terminfo/61/avt
+usr/share/terminfo/61/avt+s
+usr/share/terminfo/61/avt-ns
+usr/share/terminfo/61/avt-rv
+usr/share/terminfo/61/avt-rv-ns
+usr/share/terminfo/61/avt-rv-s
+usr/share/terminfo/61/avt-s
+usr/share/terminfo/61/avt-w
+usr/share/terminfo/61/avt-w-ns
+usr/share/terminfo/61/avt-w-rv
+usr/share/terminfo/61/avt-w-rv-ns
+usr/share/terminfo/61/avt-w-rv-s
+usr/share/terminfo/61/avt-w-s
+usr/share/terminfo/61/aws
+usr/share/terminfo/61/awsc
+usr/share/terminfo/62/
+usr/share/terminfo/62/b-128
+usr/share/terminfo/62/bantam
+usr/share/terminfo/62/basic4
+usr/share/terminfo/62/basis
+usr/share/terminfo/62/bct510a
+usr/share/terminfo/62/bct510d
+usr/share/terminfo/62/beacon
+usr/share/terminfo/62/bee
+usr/share/terminfo/62/beehive
+usr/share/terminfo/62/beehive3
+usr/share/terminfo/62/beehive4
+usr/share/terminfo/62/beehiveIIIm
+usr/share/terminfo/62/beterm
+usr/share/terminfo/62/bg1.25
+usr/share/terminfo/62/bg1.25nv
+usr/share/terminfo/62/bg1.25rv
+usr/share/terminfo/62/bg2.0
+usr/share/terminfo/62/bg2.0nv
+usr/share/terminfo/62/bg2.0rv
+usr/share/terminfo/62/bg3.10
+usr/share/terminfo/62/bg3.10nv
+usr/share/terminfo/62/bg3.10rv
+usr/share/terminfo/62/bh3m
+usr/share/terminfo/62/bh4
+usr/share/terminfo/62/bitgraph
+usr/share/terminfo/62/blit
+usr/share/terminfo/62/bobcat
+usr/share/terminfo/62/bq300
+usr/share/terminfo/62/bq300-8
+usr/share/terminfo/62/bq300-8-pc
+usr/share/terminfo/62/bq300-8-pc-rv
+usr/share/terminfo/62/bq300-8-pc-w
+usr/share/terminfo/62/bq300-8-pc-w-rv
+usr/share/terminfo/62/bq300-8rv
+usr/share/terminfo/62/bq300-8w
+usr/share/terminfo/62/bq300-pc
+usr/share/terminfo/62/bq300-pc-rv
+usr/share/terminfo/62/bq300-pc-w
+usr/share/terminfo/62/bq300-pc-w-rv
+usr/share/terminfo/62/bq300-rv
+usr/share/terminfo/62/bq300-w
+usr/share/terminfo/62/bq300-w-8rv
+usr/share/terminfo/62/bq300-w-rv
+usr/share/terminfo/62/bsdos-pc
+usr/share/terminfo/62/bsdos-pc-m
+usr/share/terminfo/62/bsdos-pc-mono
+usr/share/terminfo/62/bsdos-pc-nobold
+usr/share/terminfo/62/bsdos-ppc
+usr/share/terminfo/62/bsdos-sparc
+usr/share/terminfo/62/bterm
+usr/share/terminfo/63/
+usr/share/terminfo/63/c100
+usr/share/terminfo/63/c100-1p
+usr/share/terminfo/63/c100-4p
+usr/share/terminfo/63/c100-rv
+usr/share/terminfo/63/c100-rv-4p
+usr/share/terminfo/63/c104
+usr/share/terminfo/63/c108
+usr/share/terminfo/63/c108-4p
+usr/share/terminfo/63/c108-8p
+usr/share/terminfo/63/c108-rv
+usr/share/terminfo/63/c108-rv-4p
+usr/share/terminfo/63/c108-rv-8p
+usr/share/terminfo/63/c108-w
+usr/share/terminfo/63/c108-w-8p
+usr/share/terminfo/63/c300
+usr/share/terminfo/63/c301
+usr/share/terminfo/63/c321
+usr/share/terminfo/63/ca22851
+usr/share/terminfo/63/cad68-2
+usr/share/terminfo/63/cad68-3
+usr/share/terminfo/63/cbblit
+usr/share/terminfo/63/cbunix
+usr/share/terminfo/63/cci
+usr/share/terminfo/63/cci1
+usr/share/terminfo/63/cdc456
+usr/share/terminfo/63/cdc721
+usr/share/terminfo/63/cdc721-esc
+usr/share/terminfo/63/cdc721ll
+usr/share/terminfo/63/cdc752
+usr/share/terminfo/63/cdc756
+usr/share/terminfo/63/cg7900
+usr/share/terminfo/63/cgc2
+usr/share/terminfo/63/cgc3
+usr/share/terminfo/63/chromatics
+usr/share/terminfo/63/ci8510
+usr/share/terminfo/63/cit-80
+usr/share/terminfo/63/cit101
+usr/share/terminfo/63/cit101e
+usr/share/terminfo/63/cit101e-132
+usr/share/terminfo/63/cit101e-n
+usr/share/terminfo/63/cit101e-n132
+usr/share/terminfo/63/cit101e-rv
+usr/share/terminfo/63/cit500
+usr/share/terminfo/63/cit80
+usr/share/terminfo/63/citc
+usr/share/terminfo/63/citoh
+usr/share/terminfo/63/citoh-6lpi
+usr/share/terminfo/63/citoh-8lpi
+usr/share/terminfo/63/citoh-comp
+usr/share/terminfo/63/citoh-elite
+usr/share/terminfo/63/citoh-pica
+usr/share/terminfo/63/citoh-prop
+usr/share/terminfo/63/citoh-ps
+usr/share/terminfo/63/coco3
+usr/share/terminfo/63/coherent
+usr/share/terminfo/63/color_xterm
+usr/share/terminfo/63/colorscan
+usr/share/terminfo/63/commodore
+usr/share/terminfo/63/concept
+usr/share/terminfo/63/concept-avt
+usr/share/terminfo/63/concept100
+usr/share/terminfo/63/concept100-rv
+usr/share/terminfo/63/concept108
+usr/share/terminfo/63/concept108-4p
+usr/share/terminfo/63/concept108-8p
+usr/share/terminfo/63/concept108-w-8
+usr/share/terminfo/63/concept108-w8p
+usr/share/terminfo/63/concept108rv4p
+usr/share/terminfo/63/cons25
+usr/share/terminfo/63/cons25-debian
+usr/share/terminfo/63/cons25-iso-m
+usr/share/terminfo/63/cons25-iso8859
+usr/share/terminfo/63/cons25-koi8-r
+usr/share/terminfo/63/cons25-koi8r-m
+usr/share/terminfo/63/cons25-m
+usr/share/terminfo/63/cons25l1
+usr/share/terminfo/63/cons25l1-m
+usr/share/terminfo/63/cons25r
+usr/share/terminfo/63/cons25r-m
+usr/share/terminfo/63/cons25w
+usr/share/terminfo/63/cons30
+usr/share/terminfo/63/cons30-m
+usr/share/terminfo/63/cons43
+usr/share/terminfo/63/cons43-m
+usr/share/terminfo/63/cons50
+usr/share/terminfo/63/cons50-iso-m
+usr/share/terminfo/63/cons50-iso8859
+usr/share/terminfo/63/cons50-koi8r
+usr/share/terminfo/63/cons50-koi8r-m
+usr/share/terminfo/63/cons50-m
+usr/share/terminfo/63/cons50l1
+usr/share/terminfo/63/cons50l1-m
+usr/share/terminfo/63/cons50r
+usr/share/terminfo/63/cons50r-m
+usr/share/terminfo/63/cons60
+usr/share/terminfo/63/cons60-iso
+usr/share/terminfo/63/cons60-iso-m
+usr/share/terminfo/63/cons60-koi8r
+usr/share/terminfo/63/cons60-koi8r-m
+usr/share/terminfo/63/cons60-m
+usr/share/terminfo/63/cons60l1
+usr/share/terminfo/63/cons60l1-m
+usr/share/terminfo/63/cons60r
+usr/share/terminfo/63/cons60r-m
+usr/share/terminfo/63/contel300
+usr/share/terminfo/63/contel301
+usr/share/terminfo/63/contel320
+usr/share/terminfo/63/contel321
+usr/share/terminfo/63/cops
+usr/share/terminfo/63/cops-10
+usr/share/terminfo/63/cops10
+usr/share/terminfo/63/crt
+usr/share/terminfo/63/crt-vt220
+usr/share/terminfo/63/cs10
+usr/share/terminfo/63/cs10-w
+usr/share/terminfo/63/ct82
+usr/share/terminfo/63/ct8500
+usr/share/terminfo/63/ctrm
+usr/share/terminfo/63/cx
+usr/share/terminfo/63/cx100
+usr/share/terminfo/63/cyb110
+usr/share/terminfo/63/cyb83
+usr/share/terminfo/63/cygwin
+usr/share/terminfo/63/cygwinB19
+usr/share/terminfo/63/cygwinDBG
+usr/share/terminfo/64/
+usr/share/terminfo/64/d132
+usr/share/terminfo/64/d2
+usr/share/terminfo/64/d2-dg
+usr/share/terminfo/64/d200
+usr/share/terminfo/64/d200-dg
+usr/share/terminfo/64/d210
+usr/share/terminfo/64/d210-dg
+usr/share/terminfo/64/d211
+usr/share/terminfo/64/d211-7b
+usr/share/terminfo/64/d211-dg
+usr/share/terminfo/64/d214
+usr/share/terminfo/64/d214-dg
+usr/share/terminfo/64/d215
+usr/share/terminfo/64/d215-7b
+usr/share/terminfo/64/d215-dg
+usr/share/terminfo/64/d216+
+usr/share/terminfo/64/d216+25
+usr/share/terminfo/64/d216+dg
+usr/share/terminfo/64/d216-dg
+usr/share/terminfo/64/d216-unix
+usr/share/terminfo/64/d216-unix-25
+usr/share/terminfo/64/d216e+
+usr/share/terminfo/64/d216e+dg
+usr/share/terminfo/64/d216e-dg
+usr/share/terminfo/64/d216e-unix
+usr/share/terminfo/64/d217-dg
+usr/share/terminfo/64/d217-unix
+usr/share/terminfo/64/d217-unix-25
+usr/share/terminfo/64/d220
+usr/share/terminfo/64/d220-7b
+usr/share/terminfo/64/d220-dg
+usr/share/terminfo/64/d230
+usr/share/terminfo/64/d230-dg
+usr/share/terminfo/64/d230c
+usr/share/terminfo/64/d230c-dg
+usr/share/terminfo/64/d400
+usr/share/terminfo/64/d400-dg
+usr/share/terminfo/64/d410
+usr/share/terminfo/64/d410-7b
+usr/share/terminfo/64/d410-7b-w
+usr/share/terminfo/64/d410-dg
+usr/share/terminfo/64/d410-w
+usr/share/terminfo/64/d411
+usr/share/terminfo/64/d411-7b
+usr/share/terminfo/64/d411-7b-w
+usr/share/terminfo/64/d411-dg
+usr/share/terminfo/64/d411-w
+usr/share/terminfo/64/d412+
+usr/share/terminfo/64/d412+25
+usr/share/terminfo/64/d412+dg
+usr/share/terminfo/64/d412+s
+usr/share/terminfo/64/d412+sr
+usr/share/terminfo/64/d412+w
+usr/share/terminfo/64/d412-dg
+usr/share/terminfo/64/d412-unix
+usr/share/terminfo/64/d412-unix-25
+usr/share/terminfo/64/d412-unix-s
+usr/share/terminfo/64/d412-unix-sr
+usr/share/terminfo/64/d412-unix-w
+usr/share/terminfo/64/d413-dg
+usr/share/terminfo/64/d413-unix
+usr/share/terminfo/64/d413-unix-25
+usr/share/terminfo/64/d413-unix-s
+usr/share/terminfo/64/d413-unix-sr
+usr/share/terminfo/64/d413-unix-w
+usr/share/terminfo/64/d414-unix
+usr/share/terminfo/64/d414-unix-25
+usr/share/terminfo/64/d414-unix-s
+usr/share/terminfo/64/d414-unix-sr
+usr/share/terminfo/64/d414-unix-w
+usr/share/terminfo/64/d430-dg
+usr/share/terminfo/64/d430-dg-ccc
+usr/share/terminfo/64/d430-unix
+usr/share/terminfo/64/d430-unix-25
+usr/share/terminfo/64/d430-unix-25-ccc
+usr/share/terminfo/64/d430-unix-ccc
+usr/share/terminfo/64/d430-unix-s
+usr/share/terminfo/64/d430-unix-s-ccc
+usr/share/terminfo/64/d430-unix-sr
+usr/share/terminfo/64/d430-unix-sr-ccc
+usr/share/terminfo/64/d430-unix-w
+usr/share/terminfo/64/d430-unix-w-ccc
+usr/share/terminfo/64/d430c-dg
+usr/share/terminfo/64/d430c-dg-ccc
+usr/share/terminfo/64/d430c-unix
+usr/share/terminfo/64/d430c-unix-25
+usr/share/terminfo/64/d430c-unix-25-ccc
+usr/share/terminfo/64/d430c-unix-ccc
+usr/share/terminfo/64/d430c-unix-s
+usr/share/terminfo/64/d430c-unix-s-ccc
+usr/share/terminfo/64/d430c-unix-sr
+usr/share/terminfo/64/d430c-unix-sr-ccc
+usr/share/terminfo/64/d430c-unix-w
+usr/share/terminfo/64/d430c-unix-w-ccc
+usr/share/terminfo/64/d450
+usr/share/terminfo/64/d450-dg
+usr/share/terminfo/64/d460
+usr/share/terminfo/64/d460-7b
+usr/share/terminfo/64/d460-7b-w
+usr/share/terminfo/64/d460-dg
+usr/share/terminfo/64/d460-w
+usr/share/terminfo/64/d461
+usr/share/terminfo/64/d461-7b
+usr/share/terminfo/64/d461-7b-w
+usr/share/terminfo/64/d461-dg
+usr/share/terminfo/64/d461-w
+usr/share/terminfo/64/d462+
+usr/share/terminfo/64/d462+25
+usr/share/terminfo/64/d462+dg
+usr/share/terminfo/64/d462+s
+usr/share/terminfo/64/d462+sr
+usr/share/terminfo/64/d462+w
+usr/share/terminfo/64/d462-dg
+usr/share/terminfo/64/d462-unix
+usr/share/terminfo/64/d462-unix-25
+usr/share/terminfo/64/d462-unix-s
+usr/share/terminfo/64/d462-unix-sr
+usr/share/terminfo/64/d462-unix-w
+usr/share/terminfo/64/d462e-dg
+usr/share/terminfo/64/d463-dg
+usr/share/terminfo/64/d463-unix
+usr/share/terminfo/64/d463-unix-25
+usr/share/terminfo/64/d463-unix-s
+usr/share/terminfo/64/d463-unix-sr
+usr/share/terminfo/64/d463-unix-w
+usr/share/terminfo/64/d464-unix
+usr/share/terminfo/64/d464-unix-25
+usr/share/terminfo/64/d464-unix-s
+usr/share/terminfo/64/d464-unix-sr
+usr/share/terminfo/64/d464-unix-w
+usr/share/terminfo/64/d470
+usr/share/terminfo/64/d470-7b
+usr/share/terminfo/64/d470-dg
+usr/share/terminfo/64/d470c
+usr/share/terminfo/64/d470c-7b
+usr/share/terminfo/64/d470c-dg
+usr/share/terminfo/64/d555
+usr/share/terminfo/64/d555-7b
+usr/share/terminfo/64/d555-7b-w
+usr/share/terminfo/64/d555-dg
+usr/share/terminfo/64/d555-w
+usr/share/terminfo/64/d577
+usr/share/terminfo/64/d577-7b
+usr/share/terminfo/64/d577-7b-w
+usr/share/terminfo/64/d577-dg
+usr/share/terminfo/64/d577-w
+usr/share/terminfo/64/d578
+usr/share/terminfo/64/d578-7b
+usr/share/terminfo/64/d578-dg
+usr/share/terminfo/64/d80
+usr/share/terminfo/64/d800
+usr/share/terminfo/64/darwin
+usr/share/terminfo/64/darwin-100x37
+usr/share/terminfo/64/darwin-100x37-m
+usr/share/terminfo/64/darwin-112x37
+usr/share/terminfo/64/darwin-112x37-m
+usr/share/terminfo/64/darwin-128x40
+usr/share/terminfo/64/darwin-128x40-m
+usr/share/terminfo/64/darwin-128x48
+usr/share/terminfo/64/darwin-128x48-m
+usr/share/terminfo/64/darwin-144x48
+usr/share/terminfo/64/darwin-144x48-m
+usr/share/terminfo/64/darwin-160x64
+usr/share/terminfo/64/darwin-160x64-m
+usr/share/terminfo/64/darwin-200x64
+usr/share/terminfo/64/darwin-200x64-m
+usr/share/terminfo/64/darwin-200x75
+usr/share/terminfo/64/darwin-200x75-m
+usr/share/terminfo/64/darwin-256x96
+usr/share/terminfo/64/darwin-256x96-m
+usr/share/terminfo/64/darwin-80x25
+usr/share/terminfo/64/darwin-80x25-m
+usr/share/terminfo/64/darwin-80x30
+usr/share/terminfo/64/darwin-80x30-m
+usr/share/terminfo/64/darwin-90x30
+usr/share/terminfo/64/darwin-90x30-m
+usr/share/terminfo/64/darwin-b
+usr/share/terminfo/64/darwin-f
+usr/share/terminfo/64/darwin-f2
+usr/share/terminfo/64/darwin-m
+usr/share/terminfo/64/darwin-m-b
+usr/share/terminfo/64/darwin-m-f
+usr/share/terminfo/64/darwin-m-f2
+usr/share/terminfo/64/datagraphix
+usr/share/terminfo/64/datamedia2500
+usr/share/terminfo/64/datapoint
+usr/share/terminfo/64/dataspeed40
+usr/share/terminfo/64/dd5000
+usr/share/terminfo/64/ddr
+usr/share/terminfo/64/ddr3180
+usr/share/terminfo/64/dec+pp
+usr/share/terminfo/64/dec+sl
+usr/share/terminfo/64/dec-vt100
+usr/share/terminfo/64/dec-vt220
+usr/share/terminfo/64/dec-vt330
+usr/share/terminfo/64/dec-vt340
+usr/share/terminfo/64/dec-vt400
+usr/share/terminfo/64/decansi
+usr/share/terminfo/64/decpro
+usr/share/terminfo/64/decwriter
+usr/share/terminfo/64/delta
+usr/share/terminfo/64/dg+ccc
+usr/share/terminfo/64/dg+color
+usr/share/terminfo/64/dg+color8
+usr/share/terminfo/64/dg+fixed
+usr/share/terminfo/64/dg-ansi
+usr/share/terminfo/64/dg-generic
+usr/share/terminfo/64/dg100
+usr/share/terminfo/64/dg200
+usr/share/terminfo/64/dg210
+usr/share/terminfo/64/dg211
+usr/share/terminfo/64/dg450
+usr/share/terminfo/64/dg460-ansi
+usr/share/terminfo/64/dg6053
+usr/share/terminfo/64/dg6053-old
+usr/share/terminfo/64/dg605x
+usr/share/terminfo/64/dg6134
+usr/share/terminfo/64/dgkeys+11
+usr/share/terminfo/64/dgkeys+15
+usr/share/terminfo/64/dgkeys+7b
+usr/share/terminfo/64/dgkeys+8b
+usr/share/terminfo/64/dgmode+color
+usr/share/terminfo/64/dgmode+color8
+usr/share/terminfo/64/dgunix+ccc
+usr/share/terminfo/64/dgunix+fixed
+usr/share/terminfo/64/diablo
+usr/share/terminfo/64/diablo-lm
+usr/share/terminfo/64/diablo1620
+usr/share/terminfo/64/diablo1620-m8
+usr/share/terminfo/64/diablo1640
+usr/share/terminfo/64/diablo1640-lm
+usr/share/terminfo/64/diablo1640-m8
+usr/share/terminfo/64/diablo1720
+usr/share/terminfo/64/diablo1730
+usr/share/terminfo/64/diablo1740
+usr/share/terminfo/64/diablo1740-lm
+usr/share/terminfo/64/diablo450
+usr/share/terminfo/64/diablo630
+usr/share/terminfo/64/dialogue
+usr/share/terminfo/64/dialogue80
+usr/share/terminfo/64/digilog
+usr/share/terminfo/64/djgpp
+usr/share/terminfo/64/djgpp203
+usr/share/terminfo/64/djgpp204
+usr/share/terminfo/64/dku7003
+usr/share/terminfo/64/dku7003-dumb
+usr/share/terminfo/64/dku7102
+usr/share/terminfo/64/dku7102-old
+usr/share/terminfo/64/dku7102-sna
+usr/share/terminfo/64/dku7103-sna
+usr/share/terminfo/64/dku7202
+usr/share/terminfo/64/dm1520
+usr/share/terminfo/64/dm1521
+usr/share/terminfo/64/dm2500
+usr/share/terminfo/64/dm3025
+usr/share/terminfo/64/dm3045
+usr/share/terminfo/64/dm80
+usr/share/terminfo/64/dm80w
+usr/share/terminfo/64/dmchat
+usr/share/terminfo/64/dmd
+usr/share/terminfo/64/dmd-24
+usr/share/terminfo/64/dmd-34
+usr/share/terminfo/64/dmd1
+usr/share/terminfo/64/dmdt80
+usr/share/terminfo/64/dmdt80w
+usr/share/terminfo/64/dmterm
+usr/share/terminfo/64/dp3360
+usr/share/terminfo/64/dp8242
+usr/share/terminfo/64/ds40
+usr/share/terminfo/64/ds40-2
+usr/share/terminfo/64/dt-100
+usr/share/terminfo/64/dt-100w
+usr/share/terminfo/64/dt100
+usr/share/terminfo/64/dt100w
+usr/share/terminfo/64/dt110
+usr/share/terminfo/64/dt80
+usr/share/terminfo/64/dt80-sas
+usr/share/terminfo/64/dt80w
+usr/share/terminfo/64/dtc300s
+usr/share/terminfo/64/dtc382
+usr/share/terminfo/64/dtterm
+usr/share/terminfo/64/dumb
+usr/share/terminfo/64/dumb-emacs-ansi
+usr/share/terminfo/64/dvtm
+usr/share/terminfo/64/dvtm-256color
+usr/share/terminfo/64/dw
+usr/share/terminfo/64/dw1
+usr/share/terminfo/64/dw2
+usr/share/terminfo/64/dw3
+usr/share/terminfo/64/dw4
+usr/share/terminfo/64/dwk
+usr/share/terminfo/64/dwk-vt
+usr/share/terminfo/65/
+usr/share/terminfo/65/ecma+color
+usr/share/terminfo/65/ecma+italics
+usr/share/terminfo/65/ecma+sgr
+usr/share/terminfo/65/ecma+strikeout
+usr/share/terminfo/65/elks
+usr/share/terminfo/65/elks-ansi
+usr/share/terminfo/65/elks-glasstty
+usr/share/terminfo/65/elks-vt52
+usr/share/terminfo/65/emots
+usr/share/terminfo/65/emu
+usr/share/terminfo/65/emu-220
+usr/share/terminfo/65/emx-base
+usr/share/terminfo/65/env230
+usr/share/terminfo/65/envision230
+usr/share/terminfo/65/ep40
+usr/share/terminfo/65/ep4000
+usr/share/terminfo/65/ep4080
+usr/share/terminfo/65/ep48
+usr/share/terminfo/65/ergo4000
+usr/share/terminfo/65/esprit
+usr/share/terminfo/65/esprit-am
+usr/share/terminfo/65/eterm
+usr/share/terminfo/65/eterm-color
+usr/share/terminfo/65/ex155
+usr/share/terminfo/65/excel62
+usr/share/terminfo/65/excel62-rv
+usr/share/terminfo/65/excel62-w
+usr/share/terminfo/65/excel64
+usr/share/terminfo/65/excel64-rv
+usr/share/terminfo/65/excel64-w
+usr/share/terminfo/65/exec80
+usr/share/terminfo/66/
+usr/share/terminfo/66/f100
+usr/share/terminfo/66/f100-rv
+usr/share/terminfo/66/f110
+usr/share/terminfo/66/f110-14
+usr/share/terminfo/66/f110-14w
+usr/share/terminfo/66/f110-w
+usr/share/terminfo/66/f1720
+usr/share/terminfo/66/f1720a
+usr/share/terminfo/66/f200
+usr/share/terminfo/66/f200-w
+usr/share/terminfo/66/f200vi
+usr/share/terminfo/66/f200vi-w
+usr/share/terminfo/66/falco
+usr/share/terminfo/66/falco-p
+usr/share/terminfo/66/fbterm
+usr/share/terminfo/66/fenix
+usr/share/terminfo/66/fenixw
+usr/share/terminfo/66/fixterm
+usr/share/terminfo/66/fortune
+usr/share/terminfo/66/fos
+usr/share/terminfo/66/fox
+usr/share/terminfo/66/freedom
+usr/share/terminfo/66/freedom-rv
+usr/share/terminfo/66/freedom100
+usr/share/terminfo/66/freedom110
+usr/share/terminfo/66/freedom200
+usr/share/terminfo/67/
+usr/share/terminfo/67/gator
+usr/share/terminfo/67/gator-52
+usr/share/terminfo/67/gator-52t
+usr/share/terminfo/67/gator-t
+usr/share/terminfo/67/gigi
+usr/share/terminfo/67/glasstty
+usr/share/terminfo/67/gnome
+usr/share/terminfo/67/gnome+pcfkeys
+usr/share/terminfo/67/gnome-2007
+usr/share/terminfo/67/gnome-2008
+usr/share/terminfo/67/gnome-2012
+usr/share/terminfo/67/gnome-256color
+usr/share/terminfo/67/gnome-fc5
+usr/share/terminfo/67/gnome-rh62
+usr/share/terminfo/67/gnome-rh72
+usr/share/terminfo/67/gnome-rh80
+usr/share/terminfo/67/gnome-rh90
+usr/share/terminfo/67/go-225
+usr/share/terminfo/67/go140
+usr/share/terminfo/67/go140w
+usr/share/terminfo/67/go225
+usr/share/terminfo/67/graphos
+usr/share/terminfo/67/graphos-30
+usr/share/terminfo/67/gs5430
+usr/share/terminfo/67/gs5430-22
+usr/share/terminfo/67/gs5430-24
+usr/share/terminfo/67/gs6300
+usr/share/terminfo/67/gsi
+usr/share/terminfo/67/gt100
+usr/share/terminfo/67/gt100a
+usr/share/terminfo/67/gt40
+usr/share/terminfo/67/gt42
+usr/share/terminfo/67/guru
+usr/share/terminfo/67/guru+rv
+usr/share/terminfo/67/guru+s
+usr/share/terminfo/67/guru+unk
+usr/share/terminfo/67/guru-24
+usr/share/terminfo/67/guru-33
+usr/share/terminfo/67/guru-33-rv
+usr/share/terminfo/67/guru-33-s
+usr/share/terminfo/67/guru-44
+usr/share/terminfo/67/guru-44-s
+usr/share/terminfo/67/guru-76
+usr/share/terminfo/67/guru-76-lp
+usr/share/terminfo/67/guru-76-s
+usr/share/terminfo/67/guru-76-w
+usr/share/terminfo/67/guru-76-w-s
+usr/share/terminfo/67/guru-76-wm
+usr/share/terminfo/67/guru-lp
+usr/share/terminfo/67/guru-nctxt
+usr/share/terminfo/67/guru-rv
+usr/share/terminfo/67/guru-s
+usr/share/terminfo/68/
+usr/share/terminfo/68/h-100
+usr/share/terminfo/68/h-100bw
+usr/share/terminfo/68/h100
+usr/share/terminfo/68/h100bw
+usr/share/terminfo/68/h19
+usr/share/terminfo/68/h19-a
+usr/share/terminfo/68/h19-b
+usr/share/terminfo/68/h19-bs
+usr/share/terminfo/68/h19-g
+usr/share/terminfo/68/h19-smul
+usr/share/terminfo/68/h19-u
+usr/share/terminfo/68/h19-us
+usr/share/terminfo/68/h19a
+usr/share/terminfo/68/h19g
+usr/share/terminfo/68/h19k
+usr/share/terminfo/68/h19kermit
+usr/share/terminfo/68/h19us
+usr/share/terminfo/68/h29a-kc-bc
+usr/share/terminfo/68/h29a-kc-uc
+usr/share/terminfo/68/h29a-nkc-bc
+usr/share/terminfo/68/h29a-nkc-uc
+usr/share/terminfo/68/h80
+usr/share/terminfo/68/ha8675
+usr/share/terminfo/68/ha8686
+usr/share/terminfo/68/hazel
+usr/share/terminfo/68/hds200
+usr/share/terminfo/68/he80
+usr/share/terminfo/68/heath
+usr/share/terminfo/68/heath-19
+usr/share/terminfo/68/heath-ansi
+usr/share/terminfo/68/heathkit
+usr/share/terminfo/68/heathkit-a
+usr/share/terminfo/68/hft
+usr/share/terminfo/68/hft-c
+usr/share/terminfo/68/hft-c-old
+usr/share/terminfo/68/hft-old
+usr/share/terminfo/68/hirez100
+usr/share/terminfo/68/hirez100-w
+usr/share/terminfo/68/hmod1
+usr/share/terminfo/68/hp
+usr/share/terminfo/68/hp+arrows
+usr/share/terminfo/68/hp+color
+usr/share/terminfo/68/hp+labels
+usr/share/terminfo/68/hp+pfk+arrows
+usr/share/terminfo/68/hp+pfk+cr
+usr/share/terminfo/68/hp+pfk-cr
+usr/share/terminfo/68/hp+printer
+usr/share/terminfo/68/hp110
+usr/share/terminfo/68/hp150
+usr/share/terminfo/68/hp2
+usr/share/terminfo/68/hp236
+usr/share/terminfo/68/hp2382
+usr/share/terminfo/68/hp2382a
+usr/share/terminfo/68/hp2392
+usr/share/terminfo/68/hp2397
+usr/share/terminfo/68/hp2397a
+usr/share/terminfo/68/hp2621
+usr/share/terminfo/68/hp2621-48
+usr/share/terminfo/68/hp2621-a
+usr/share/terminfo/68/hp2621-ba
+usr/share/terminfo/68/hp2621-fl
+usr/share/terminfo/68/hp2621-k45
+usr/share/terminfo/68/hp2621-nl
+usr/share/terminfo/68/hp2621-nt
+usr/share/terminfo/68/hp2621-wl
+usr/share/terminfo/68/hp2621A
+usr/share/terminfo/68/hp2621a-a
+usr/share/terminfo/68/hp2621b
+usr/share/terminfo/68/hp2621b-kx
+usr/share/terminfo/68/hp2621b-kx-p
+usr/share/terminfo/68/hp2621b-p
+usr/share/terminfo/68/hp2621k45
+usr/share/terminfo/68/hp2621p
+usr/share/terminfo/68/hp2621p-a
+usr/share/terminfo/68/hp2622
+usr/share/terminfo/68/hp2622a
+usr/share/terminfo/68/hp2623
+usr/share/terminfo/68/hp2623a
+usr/share/terminfo/68/hp2624
+usr/share/terminfo/68/hp2624-10p
+usr/share/terminfo/68/hp2624a
+usr/share/terminfo/68/hp2624a-10p
+usr/share/terminfo/68/hp2624b
+usr/share/terminfo/68/hp2624b-10p
+usr/share/terminfo/68/hp2624b-10p-p
+usr/share/terminfo/68/hp2624b-4p
+usr/share/terminfo/68/hp2624b-4p-p
+usr/share/terminfo/68/hp2624b-p
+usr/share/terminfo/68/hp2626
+usr/share/terminfo/68/hp2626-12
+usr/share/terminfo/68/hp2626-12-s
+usr/share/terminfo/68/hp2626-12x40
+usr/share/terminfo/68/hp2626-ns
+usr/share/terminfo/68/hp2626-s
+usr/share/terminfo/68/hp2626-x40
+usr/share/terminfo/68/hp2626a
+usr/share/terminfo/68/hp2626p
+usr/share/terminfo/68/hp2627a
+usr/share/terminfo/68/hp2627a-rev
+usr/share/terminfo/68/hp2627c
+usr/share/terminfo/68/hp262x
+usr/share/terminfo/68/hp2640a
+usr/share/terminfo/68/hp2640b
+usr/share/terminfo/68/hp2641a
+usr/share/terminfo/68/hp2644a
+usr/share/terminfo/68/hp2645
+usr/share/terminfo/68/hp2645a
+usr/share/terminfo/68/hp2647a
+usr/share/terminfo/68/hp2648
+usr/share/terminfo/68/hp2648a
+usr/share/terminfo/68/hp300h
+usr/share/terminfo/68/hp45
+usr/share/terminfo/68/hp700
+usr/share/terminfo/68/hp700-wy
+usr/share/terminfo/68/hp70092
+usr/share/terminfo/68/hp70092A
+usr/share/terminfo/68/hp9837
+usr/share/terminfo/68/hp9845
+usr/share/terminfo/68/hp98550
+usr/share/terminfo/68/hp98550a
+usr/share/terminfo/68/hp98720
+usr/share/terminfo/68/hp98721
+usr/share/terminfo/68/hpansi
+usr/share/terminfo/68/hpex
+usr/share/terminfo/68/hpex2
+usr/share/terminfo/68/hpgeneric
+usr/share/terminfo/68/hpsub
+usr/share/terminfo/68/hpterm
+usr/share/terminfo/68/hpterm-color
+usr/share/terminfo/68/htx11
+usr/share/terminfo/68/hurd
+usr/share/terminfo/68/hz1000
+usr/share/terminfo/68/hz1420
+usr/share/terminfo/68/hz1500
+usr/share/terminfo/68/hz1510
+usr/share/terminfo/68/hz1520
+usr/share/terminfo/68/hz1520-noesc
+usr/share/terminfo/68/hz1552
+usr/share/terminfo/68/hz1552-rv
+usr/share/terminfo/68/hz2000
+usr/share/terminfo/69/
+usr/share/terminfo/69/i100
+usr/share/terminfo/69/i3101
+usr/share/terminfo/69/i3164
+usr/share/terminfo/69/i400
+usr/share/terminfo/69/ibcs2
+usr/share/terminfo/69/ibm+16color
+usr/share/terminfo/69/ibm+color
+usr/share/terminfo/69/ibm-apl
+usr/share/terminfo/69/ibm-pc
+usr/share/terminfo/69/ibm-system1
+usr/share/terminfo/69/ibm3101
+usr/share/terminfo/69/ibm3151
+usr/share/terminfo/69/ibm3161
+usr/share/terminfo/69/ibm3161-C
+usr/share/terminfo/69/ibm3162
+usr/share/terminfo/69/ibm3163
+usr/share/terminfo/69/ibm3164
+usr/share/terminfo/69/ibm327x
+usr/share/terminfo/69/ibm5051
+usr/share/terminfo/69/ibm5081
+usr/share/terminfo/69/ibm5081-c
+usr/share/terminfo/69/ibm5151
+usr/share/terminfo/69/ibm5154
+usr/share/terminfo/69/ibm5154-c
+usr/share/terminfo/69/ibm6153
+usr/share/terminfo/69/ibm6153-40
+usr/share/terminfo/69/ibm6153-90
+usr/share/terminfo/69/ibm6154
+usr/share/terminfo/69/ibm6154-c
+usr/share/terminfo/69/ibm6155
+usr/share/terminfo/69/ibm8503
+usr/share/terminfo/69/ibm8507
+usr/share/terminfo/69/ibm8512
+usr/share/terminfo/69/ibm8513
+usr/share/terminfo/69/ibm8514
+usr/share/terminfo/69/ibm8514-c
+usr/share/terminfo/69/ibm8604
+usr/share/terminfo/69/ibmaed
+usr/share/terminfo/69/ibmapa16
+usr/share/terminfo/69/ibmapa8
+usr/share/terminfo/69/ibmapa8c
+usr/share/terminfo/69/ibmapa8c-c
+usr/share/terminfo/69/ibmega
+usr/share/terminfo/69/ibmega-c
+usr/share/terminfo/69/ibmmono
+usr/share/terminfo/69/ibmmpel-c
+usr/share/terminfo/69/ibmpc
+usr/share/terminfo/69/ibmpc3
+usr/share/terminfo/69/ibmpc3r
+usr/share/terminfo/69/ibmpc3r-mono
+usr/share/terminfo/69/ibmpcx
+usr/share/terminfo/69/ibmvga
+usr/share/terminfo/69/ibmvga-c
+usr/share/terminfo/69/ibmx
+usr/share/terminfo/69/icl6402
+usr/share/terminfo/69/icl6404
+usr/share/terminfo/69/icl6404-w
+usr/share/terminfo/69/ifmr
+usr/share/terminfo/69/ims-ansi
+usr/share/terminfo/69/ims950
+usr/share/terminfo/69/ims950-b
+usr/share/terminfo/69/ims950-rv
+usr/share/terminfo/69/infoton
+usr/share/terminfo/69/interix
+usr/share/terminfo/69/interix-nti
+usr/share/terminfo/69/intertec
+usr/share/terminfo/69/intertube
+usr/share/terminfo/69/intertube2
+usr/share/terminfo/69/intext
+usr/share/terminfo/69/intext2
+usr/share/terminfo/69/intextii
+usr/share/terminfo/69/ips
+usr/share/terminfo/69/ipsi
+usr/share/terminfo/69/iq120
+usr/share/terminfo/69/iq140
+usr/share/terminfo/69/iris-ansi
+usr/share/terminfo/69/iris-ansi-ap
+usr/share/terminfo/69/iris-ansi-net
+usr/share/terminfo/69/iris-color
+usr/share/terminfo/69/iris40
+usr/share/terminfo/69/iterm
+usr/share/terminfo/69/iTerm.app
+usr/share/terminfo/69/iterm2
+usr/share/terminfo/69/iterm2-direct
+usr/share/terminfo/69/iTerm2.app
+usr/share/terminfo/6a/
+usr/share/terminfo/6a/jaixterm
+usr/share/terminfo/6a/jaixterm-m
+usr/share/terminfo/6a/jerq
+usr/share/terminfo/6a/jfbterm
+usr/share/terminfo/6b/
+usr/share/terminfo/6b/k45
+usr/share/terminfo/6b/kaypro
+usr/share/terminfo/6b/kaypro2
+usr/share/terminfo/6b/kds6402
+usr/share/terminfo/6b/kds7372
+usr/share/terminfo/6b/kds7372-w
+usr/share/terminfo/6b/kermit
+usr/share/terminfo/6b/kermit-am
+usr/share/terminfo/6b/klone+acs
+usr/share/terminfo/6b/klone+color
+usr/share/terminfo/6b/klone+koi8acs
+usr/share/terminfo/6b/klone+sgr
+usr/share/terminfo/6b/klone+sgr-dumb
+usr/share/terminfo/6b/klone+sgr8
+usr/share/terminfo/6b/kon
+usr/share/terminfo/6b/kon2
+usr/share/terminfo/6b/konsole
+usr/share/terminfo/6b/konsole+pcfkeys
+usr/share/terminfo/6b/konsole-16color
+usr/share/terminfo/6b/konsole-256color
+usr/share/terminfo/6b/konsole-base
+usr/share/terminfo/6b/konsole-direct
+usr/share/terminfo/6b/konsole-linux
+usr/share/terminfo/6b/konsole-solaris
+usr/share/terminfo/6b/konsole-vt100
+usr/share/terminfo/6b/konsole-vt420pc
+usr/share/terminfo/6b/konsole-xf3x
+usr/share/terminfo/6b/konsole-xf4x
+usr/share/terminfo/6b/kt7
+usr/share/terminfo/6b/kt7ix
+usr/share/terminfo/6b/kterm
+usr/share/terminfo/6b/kterm-co
+usr/share/terminfo/6b/kterm-color
+usr/share/terminfo/6b/ktm
+usr/share/terminfo/6b/kvt
+usr/share/terminfo/6c/
+usr/share/terminfo/6c/la120
+usr/share/terminfo/6c/layer
+usr/share/terminfo/6c/lft
+usr/share/terminfo/6c/lft-pc850
+usr/share/terminfo/6c/linux
+usr/share/terminfo/6c/linux-16color
+usr/share/terminfo/6c/linux-basic
+usr/share/terminfo/6c/linux-c
+usr/share/terminfo/6c/linux-c-nc
+usr/share/terminfo/6c/linux-koi8
+usr/share/terminfo/6c/linux-koi8r
+usr/share/terminfo/6c/linux-lat
+usr/share/terminfo/6c/linux-m
+usr/share/terminfo/6c/linux-m1
+usr/share/terminfo/6c/linux-m1b
+usr/share/terminfo/6c/linux-m2
+usr/share/terminfo/6c/linux-nic
+usr/share/terminfo/6c/linux-vt
+usr/share/terminfo/6c/linux2.2
+usr/share/terminfo/6c/linux2.6
+usr/share/terminfo/6c/linux2.6.26
+usr/share/terminfo/6c/linux3.0
+usr/share/terminfo/6c/lisa
+usr/share/terminfo/6c/lisaterm
+usr/share/terminfo/6c/lisaterm-w
+usr/share/terminfo/6c/liswb
+usr/share/terminfo/6c/ln03
+usr/share/terminfo/6c/ln03-w
+usr/share/terminfo/6c/lpr
+usr/share/terminfo/6c/luna
+usr/share/terminfo/6c/luna68k
+usr/share/terminfo/6d/
+usr/share/terminfo/6d/m2-nam
+usr/share/terminfo/6d/mac
+usr/share/terminfo/6d/mac-w
+usr/share/terminfo/6d/mach
+usr/share/terminfo/6d/mach-bold
+usr/share/terminfo/6d/mach-color
+usr/share/terminfo/6d/mach-gnu
+usr/share/terminfo/6d/mach-gnu-color
+usr/share/terminfo/6d/macintosh
+usr/share/terminfo/6d/macterminal-w
+usr/share/terminfo/6d/mai
+usr/share/terminfo/6d/masscomp
+usr/share/terminfo/6d/masscomp1
+usr/share/terminfo/6d/masscomp2
+usr/share/terminfo/6d/mdl110
+usr/share/terminfo/6d/megatek
+usr/share/terminfo/6d/memhp
+usr/share/terminfo/6d/mgr
+usr/share/terminfo/6d/mgr-linux
+usr/share/terminfo/6d/mgr-sun
+usr/share/terminfo/6d/mgt
+usr/share/terminfo/6d/mgterm
+usr/share/terminfo/6d/microb
+usr/share/terminfo/6d/microbee
+usr/share/terminfo/6d/microterm
+usr/share/terminfo/6d/microterm5
+usr/share/terminfo/6d/mime
+usr/share/terminfo/6d/mime-3ax
+usr/share/terminfo/6d/mime-fb
+usr/share/terminfo/6d/mime-hb
+usr/share/terminfo/6d/mime1
+usr/share/terminfo/6d/mime2
+usr/share/terminfo/6d/mime2a
+usr/share/terminfo/6d/mime2a-s
+usr/share/terminfo/6d/mime2a-v
+usr/share/terminfo/6d/mime314
+usr/share/terminfo/6d/mime340
+usr/share/terminfo/6d/mime3a
+usr/share/terminfo/6d/mime3ax
+usr/share/terminfo/6d/mimei
+usr/share/terminfo/6d/mimeii
+usr/share/terminfo/6d/minitel
+usr/share/terminfo/6d/minitel-2
+usr/share/terminfo/6d/minitel-2-nam
+usr/share/terminfo/6d/minitel1
+usr/share/terminfo/6d/minitel1-nb
+usr/share/terminfo/6d/minitel12-80
+usr/share/terminfo/6d/minitel1b
+usr/share/terminfo/6d/minitel1b-80
+usr/share/terminfo/6d/minitel1b-nb
+usr/share/terminfo/6d/minitel2-80
+usr/share/terminfo/6d/minix
+usr/share/terminfo/6d/minix-1.5
+usr/share/terminfo/6d/minix-1.7
+usr/share/terminfo/6d/minix-3.0
+usr/share/terminfo/6d/minix-old
+usr/share/terminfo/6d/minix-old-am
+usr/share/terminfo/6d/mlterm
+usr/share/terminfo/6d/mlterm+pcfkeys
+usr/share/terminfo/6d/mlterm-256color
+usr/share/terminfo/6d/mlterm-direct
+usr/share/terminfo/6d/mlterm2
+usr/share/terminfo/6d/mlterm3
+usr/share/terminfo/6d/mm314
+usr/share/terminfo/6d/mm340
+usr/share/terminfo/6d/mod
+usr/share/terminfo/6d/mod24
+usr/share/terminfo/6d/modgraph
+usr/share/terminfo/6d/modgraph2
+usr/share/terminfo/6d/modgraph48
+usr/share/terminfo/6d/mono-emx
+usr/share/terminfo/6d/morphos
+usr/share/terminfo/6d/mouse-sun
+usr/share/terminfo/6d/mrxvt
+usr/share/terminfo/6d/mrxvt-256color
+usr/share/terminfo/6d/ms-vt-utf8
+usr/share/terminfo/6d/ms-vt100
+usr/share/terminfo/6d/ms-vt100+
+usr/share/terminfo/6d/ms-vt100-color
+usr/share/terminfo/6d/msk227
+usr/share/terminfo/6d/msk22714
+usr/share/terminfo/6d/msk227am
+usr/share/terminfo/6d/mskermit227
+usr/share/terminfo/6d/mskermit22714
+usr/share/terminfo/6d/mskermit227am
+usr/share/terminfo/6d/mt-70
+usr/share/terminfo/6d/mt4520-rv
+usr/share/terminfo/6d/mt70
+usr/share/terminfo/6d/mterm
+usr/share/terminfo/6d/mterm-ansi
+usr/share/terminfo/6d/mvterm
+usr/share/terminfo/6e/
+usr/share/terminfo/6e/nansi.sys
+usr/share/terminfo/6e/nansi.sysk
+usr/share/terminfo/6e/nansisys
+usr/share/terminfo/6e/nansisysk
+usr/share/terminfo/6e/ncr160vppp
+usr/share/terminfo/6e/ncr160vpwpp
+usr/share/terminfo/6e/ncr160vt100an
+usr/share/terminfo/6e/ncr160vt100pp
+usr/share/terminfo/6e/ncr160vt100wan
+usr/share/terminfo/6e/ncr160vt100wpp
+usr/share/terminfo/6e/ncr160vt200an
+usr/share/terminfo/6e/ncr160vt200pp
+usr/share/terminfo/6e/ncr160vt200wan
+usr/share/terminfo/6e/ncr160vt200wpp
+usr/share/terminfo/6e/ncr160vt300an
+usr/share/terminfo/6e/ncr160vt300pp
+usr/share/terminfo/6e/ncr160vt300wan
+usr/share/terminfo/6e/ncr160vt300wpp
+usr/share/terminfo/6e/ncr160wy50+pp
+usr/share/terminfo/6e/ncr160wy50+wpp
+usr/share/terminfo/6e/ncr160wy60pp
+usr/share/terminfo/6e/ncr160wy60wpp
+usr/share/terminfo/6e/ncr260intan
+usr/share/terminfo/6e/ncr260intpp
+usr/share/terminfo/6e/ncr260intwan
+usr/share/terminfo/6e/ncr260intwpp
+usr/share/terminfo/6e/ncr260vppp
+usr/share/terminfo/6e/ncr260vpwpp
+usr/share/terminfo/6e/ncr260vt100an
+usr/share/terminfo/6e/ncr260vt100pp
+usr/share/terminfo/6e/ncr260vt100wan
+usr/share/terminfo/6e/ncr260vt100wpp
+usr/share/terminfo/6e/ncr260vt200an
+usr/share/terminfo/6e/ncr260vt200pp
+usr/share/terminfo/6e/ncr260vt200wan
+usr/share/terminfo/6e/ncr260vt200wpp
+usr/share/terminfo/6e/ncr260vt300an
+usr/share/terminfo/6e/ncr260vt300pp
+usr/share/terminfo/6e/ncr260vt300wan
+usr/share/terminfo/6e/ncr260vt300wpp
+usr/share/terminfo/6e/ncr260wy325pp
+usr/share/terminfo/6e/ncr260wy325wpp
+usr/share/terminfo/6e/ncr260wy350pp
+usr/share/terminfo/6e/ncr260wy350wpp
+usr/share/terminfo/6e/ncr260wy50+pp
+usr/share/terminfo/6e/ncr260wy50+wpp
+usr/share/terminfo/6e/ncr260wy60pp
+usr/share/terminfo/6e/ncr260wy60wpp
+usr/share/terminfo/6e/ncr7900
+usr/share/terminfo/6e/ncr7900i
+usr/share/terminfo/6e/ncr7900iv
+usr/share/terminfo/6e/ncr7901
+usr/share/terminfo/6e/ncrvt100an
+usr/share/terminfo/6e/ncrvt100pp
+usr/share/terminfo/6e/ncrvt100wan
+usr/share/terminfo/6e/ncrvt100wpp
+usr/share/terminfo/6e/ncsa
+usr/share/terminfo/6e/ncsa-m
+usr/share/terminfo/6e/ncsa-m-ns
+usr/share/terminfo/6e/ncsa-ns
+usr/share/terminfo/6e/ncsa-vt220
+usr/share/terminfo/6e/ncsa-vt220-8
+usr/share/terminfo/6e/nd9500
+usr/share/terminfo/6e/ndr9500
+usr/share/terminfo/6e/ndr9500-25
+usr/share/terminfo/6e/ndr9500-25-mc
+usr/share/terminfo/6e/ndr9500-25-mc-nl
+usr/share/terminfo/6e/ndr9500-25-nl
+usr/share/terminfo/6e/ndr9500-mc
+usr/share/terminfo/6e/ndr9500-mc-nl
+usr/share/terminfo/6e/ndr9500-nl
+usr/share/terminfo/6e/nec
+usr/share/terminfo/6e/nec5520
+usr/share/terminfo/6e/netbsd6
+usr/share/terminfo/6e/newhp
+usr/share/terminfo/6e/newhpkeyboard
+usr/share/terminfo/6e/news
+usr/share/terminfo/6e/news-29
+usr/share/terminfo/6e/news-29-euc
+usr/share/terminfo/6e/news-29-sjis
+usr/share/terminfo/6e/news-33
+usr/share/terminfo/6e/news-33-euc
+usr/share/terminfo/6e/news-33-sjis
+usr/share/terminfo/6e/news-42
+usr/share/terminfo/6e/news-42-euc
+usr/share/terminfo/6e/news-42-sjis
+usr/share/terminfo/6e/news-a
+usr/share/terminfo/6e/news-o
+usr/share/terminfo/6e/news-old-unk
+usr/share/terminfo/6e/news-unk
+usr/share/terminfo/6e/news28
+usr/share/terminfo/6e/news28-a
+usr/share/terminfo/6e/news29
+usr/share/terminfo/6e/news31
+usr/share/terminfo/6e/news31-a
+usr/share/terminfo/6e/news31-o
+usr/share/terminfo/6e/news33
+usr/share/terminfo/6e/news40
+usr/share/terminfo/6e/news40-a
+usr/share/terminfo/6e/news40-o
+usr/share/terminfo/6e/news42
+usr/share/terminfo/6e/newscbm
+usr/share/terminfo/6e/newscbm-a
+usr/share/terminfo/6e/newscbm-o
+usr/share/terminfo/6e/newscbm33
+usr/share/terminfo/6e/next
+usr/share/terminfo/6e/nextshell
+usr/share/terminfo/6e/northstar
+usr/share/terminfo/6e/nsterm
+usr/share/terminfo/6e/nsterm+7
+usr/share/terminfo/6e/nsterm+acs
+usr/share/terminfo/6e/nsterm+c
+usr/share/terminfo/6e/nsterm+c41
+usr/share/terminfo/6e/nsterm+mac
+usr/share/terminfo/6e/nsterm+s
+usr/share/terminfo/6e/nsterm-16color
+usr/share/terminfo/6e/nsterm-256color
+usr/share/terminfo/6e/nsterm-7
+usr/share/terminfo/6e/nsterm-7-c
+usr/share/terminfo/6e/nsterm-7-c-s
+usr/share/terminfo/6e/nsterm-7-m
+usr/share/terminfo/6e/nsterm-7-m-s
+usr/share/terminfo/6e/nsterm-7-s
+usr/share/terminfo/6e/nsterm-acs
+usr/share/terminfo/6e/nsterm-acs-c
+usr/share/terminfo/6e/nsterm-acs-c-s
+usr/share/terminfo/6e/nsterm-acs-m
+usr/share/terminfo/6e/nsterm-acs-m-s
+usr/share/terminfo/6e/nsterm-acs-s
+usr/share/terminfo/6e/nsterm-bce
+usr/share/terminfo/6e/nsterm-build326
+usr/share/terminfo/6e/nsterm-build343
+usr/share/terminfo/6e/nsterm-build361
+usr/share/terminfo/6e/nsterm-build400
+usr/share/terminfo/6e/nsterm-c
+usr/share/terminfo/6e/nsterm-c-7
+usr/share/terminfo/6e/nsterm-c-acs
+usr/share/terminfo/6e/nsterm-c-s
+usr/share/terminfo/6e/nsterm-c-s-7
+usr/share/terminfo/6e/nsterm-c-s-acs
+usr/share/terminfo/6e/nsterm-m
+usr/share/terminfo/6e/nsterm-m-7
+usr/share/terminfo/6e/nsterm-m-acs
+usr/share/terminfo/6e/nsterm-m-s
+usr/share/terminfo/6e/nsterm-m-s-7
+usr/share/terminfo/6e/nsterm-m-s-acs
+usr/share/terminfo/6e/nsterm-old
+usr/share/terminfo/6e/nsterm-s
+usr/share/terminfo/6e/nsterm-s-7
+usr/share/terminfo/6e/nsterm-s-acs
+usr/share/terminfo/6e/ntconsole
+usr/share/terminfo/6e/ntconsole-100
+usr/share/terminfo/6e/ntconsole-100-nti
+usr/share/terminfo/6e/ntconsole-25
+usr/share/terminfo/6e/ntconsole-25-nti
+usr/share/terminfo/6e/ntconsole-25-w
+usr/share/terminfo/6e/ntconsole-25-w-vt
+usr/share/terminfo/6e/ntconsole-35
+usr/share/terminfo/6e/ntconsole-35-nti
+usr/share/terminfo/6e/ntconsole-35-w
+usr/share/terminfo/6e/ntconsole-50
+usr/share/terminfo/6e/ntconsole-50-nti
+usr/share/terminfo/6e/ntconsole-50-w
+usr/share/terminfo/6e/ntconsole-60
+usr/share/terminfo/6e/ntconsole-60-nti
+usr/share/terminfo/6e/ntconsole-60-w
+usr/share/terminfo/6e/ntconsole-w
+usr/share/terminfo/6e/ntconsole-w-vt
+usr/share/terminfo/6e/nwe501
+usr/share/terminfo/6e/nwe501-a
+usr/share/terminfo/6e/nwe501-o
+usr/share/terminfo/6e/nwp-511
+usr/share/terminfo/6e/nwp-517
+usr/share/terminfo/6e/nwp-517-w
+usr/share/terminfo/6e/nwp251-a
+usr/share/terminfo/6e/nwp251-o
+usr/share/terminfo/6e/nwp511
+usr/share/terminfo/6e/nwp512
+usr/share/terminfo/6e/nwp512-a
+usr/share/terminfo/6e/nwp512-o
+usr/share/terminfo/6e/nwp513
+usr/share/terminfo/6e/nwp513-a
+usr/share/terminfo/6e/nwp513-o
+usr/share/terminfo/6e/nwp514
+usr/share/terminfo/6e/nwp514-a
+usr/share/terminfo/6e/nwp514-o
+usr/share/terminfo/6e/nwp517
+usr/share/terminfo/6e/nwp517-w
+usr/share/terminfo/6e/nwp518
+usr/share/terminfo/6e/nwp518-a
+usr/share/terminfo/6e/nwp518-o
+usr/share/terminfo/6e/nxterm
+usr/share/terminfo/6f/
+usr/share/terminfo/6f/o31
+usr/share/terminfo/6f/o4112-nd
+usr/share/terminfo/6f/o85h
+usr/share/terminfo/6f/oabm85h
+usr/share/terminfo/6f/oblit
+usr/share/terminfo/6f/oc100
+usr/share/terminfo/6f/oconcept
+usr/share/terminfo/6f/ofcons
+usr/share/terminfo/6f/ojerq
+usr/share/terminfo/6f/old-st
+usr/share/terminfo/6f/oldibmpc3
+usr/share/terminfo/6f/oldpc3
+usr/share/terminfo/6f/oldsun
+usr/share/terminfo/6f/omron
+usr/share/terminfo/6f/opennt
+usr/share/terminfo/6f/opennt-100
+usr/share/terminfo/6f/opennt-100-nti
+usr/share/terminfo/6f/opennt-25
+usr/share/terminfo/6f/opennt-25-nti
+usr/share/terminfo/6f/opennt-25-w
+usr/share/terminfo/6f/opennt-25-w-vt
+usr/share/terminfo/6f/opennt-35
+usr/share/terminfo/6f/opennt-35-nti
+usr/share/terminfo/6f/opennt-35-w
+usr/share/terminfo/6f/opennt-50
+usr/share/terminfo/6f/opennt-50-nti
+usr/share/terminfo/6f/opennt-50-w
+usr/share/terminfo/6f/opennt-60
+usr/share/terminfo/6f/opennt-60-nti
+usr/share/terminfo/6f/opennt-60-w
+usr/share/terminfo/6f/opennt-nti
+usr/share/terminfo/6f/opennt-w
+usr/share/terminfo/6f/opennt-w-vt
+usr/share/terminfo/6f/opus3n1+
+usr/share/terminfo/6f/origibmpc3
+usr/share/terminfo/6f/origpc3
+usr/share/terminfo/6f/os9LII
+usr/share/terminfo/6f/osborne
+usr/share/terminfo/6f/osborne-w
+usr/share/terminfo/6f/osborne1
+usr/share/terminfo/6f/osborne1-w
+usr/share/terminfo/6f/osexec
+usr/share/terminfo/6f/otek4112
+usr/share/terminfo/6f/otek4113
+usr/share/terminfo/6f/otek4114
+usr/share/terminfo/6f/otek4115
+usr/share/terminfo/6f/owl
+usr/share/terminfo/70/
+usr/share/terminfo/70/p12
+usr/share/terminfo/70/p12-m
+usr/share/terminfo/70/p12-m-w
+usr/share/terminfo/70/p12-w
+usr/share/terminfo/70/p14
+usr/share/terminfo/70/p14-m
+usr/share/terminfo/70/p14-m-w
+usr/share/terminfo/70/p14-w
+usr/share/terminfo/70/p19
+usr/share/terminfo/70/p4
+usr/share/terminfo/70/p5
+usr/share/terminfo/70/p7
+usr/share/terminfo/70/p8
+usr/share/terminfo/70/p8-w
+usr/share/terminfo/70/p8gl
+usr/share/terminfo/70/p9
+usr/share/terminfo/70/p9-8
+usr/share/terminfo/70/p9-8-w
+usr/share/terminfo/70/p9-w
+usr/share/terminfo/70/pc-coherent
+usr/share/terminfo/70/pc-minix
+usr/share/terminfo/70/pc-venix
+usr/share/terminfo/70/pc3
+usr/share/terminfo/70/pc3-bold
+usr/share/terminfo/70/pc3r
+usr/share/terminfo/70/pc3r-m
+usr/share/terminfo/70/pc6300plus
+usr/share/terminfo/70/pc7300
+usr/share/terminfo/70/pcansi
+usr/share/terminfo/70/pcansi-25
+usr/share/terminfo/70/pcansi-25-m
+usr/share/terminfo/70/pcansi-33
+usr/share/terminfo/70/pcansi-33-m
+usr/share/terminfo/70/pcansi-43
+usr/share/terminfo/70/pcansi-43-m
+usr/share/terminfo/70/pcansi-m
+usr/share/terminfo/70/pcansi-mono
+usr/share/terminfo/70/pcansi25
+usr/share/terminfo/70/pcansi25m
+usr/share/terminfo/70/pcansi33
+usr/share/terminfo/70/pcansi33m
+usr/share/terminfo/70/pcansi43
+usr/share/terminfo/70/pccon
+usr/share/terminfo/70/pccon+base
+usr/share/terminfo/70/pccon+colors
+usr/share/terminfo/70/pccon+keys
+usr/share/terminfo/70/pccon+sgr+acs
+usr/share/terminfo/70/pccon+sgr+acs0
+usr/share/terminfo/70/pccon-m
+usr/share/terminfo/70/pccon0
+usr/share/terminfo/70/pccon0-m
+usr/share/terminfo/70/pccons
+usr/share/terminfo/70/pcconsole
+usr/share/terminfo/70/pcix
+usr/share/terminfo/70/pckermit
+usr/share/terminfo/70/pckermit12
+usr/share/terminfo/70/pckermit120
+usr/share/terminfo/70/pcmw
+usr/share/terminfo/70/pcplot
+usr/share/terminfo/70/pcvt25
+usr/share/terminfo/70/pcvt25-color
+usr/share/terminfo/70/pcvt25w
+usr/share/terminfo/70/pcvt28
+usr/share/terminfo/70/pcvt28w
+usr/share/terminfo/70/pcvt35
+usr/share/terminfo/70/pcvt35w
+usr/share/terminfo/70/pcvt40
+usr/share/terminfo/70/pcvt40w
+usr/share/terminfo/70/pcvt43
+usr/share/terminfo/70/pcvt43w
+usr/share/terminfo/70/pcvt50
+usr/share/terminfo/70/pcvt50w
+usr/share/terminfo/70/pcvtXX
+usr/share/terminfo/70/pcz19
+usr/share/terminfo/70/pe1100
+usr/share/terminfo/70/pe1200
+usr/share/terminfo/70/pe1251
+usr/share/terminfo/70/pe550
+usr/share/terminfo/70/pe6100
+usr/share/terminfo/70/pe6300
+usr/share/terminfo/70/pe6312
+usr/share/terminfo/70/pe7000c
+usr/share/terminfo/70/pe7000m
+usr/share/terminfo/70/pilot
+usr/share/terminfo/70/pmcons
+usr/share/terminfo/70/pmconsole
+usr/share/terminfo/70/printer
+usr/share/terminfo/70/prism12
+usr/share/terminfo/70/prism12-m
+usr/share/terminfo/70/prism12-m-w
+usr/share/terminfo/70/prism12-w
+usr/share/terminfo/70/prism14
+usr/share/terminfo/70/prism14-m
+usr/share/terminfo/70/prism14-m-w
+usr/share/terminfo/70/prism14-w
+usr/share/terminfo/70/prism2
+usr/share/terminfo/70/prism4
+usr/share/terminfo/70/prism5
+usr/share/terminfo/70/prism7
+usr/share/terminfo/70/prism8
+usr/share/terminfo/70/prism8-w
+usr/share/terminfo/70/prism8gl
+usr/share/terminfo/70/prism9
+usr/share/terminfo/70/prism9-8
+usr/share/terminfo/70/prism9-8-w
+usr/share/terminfo/70/prism9-w
+usr/share/terminfo/70/pro350
+usr/share/terminfo/70/ps300
+usr/share/terminfo/70/psterm
+usr/share/terminfo/70/psterm-80x24
+usr/share/terminfo/70/psterm-90x28
+usr/share/terminfo/70/psterm-96x48
+usr/share/terminfo/70/psterm-basic
+usr/share/terminfo/70/psterm-fast
+usr/share/terminfo/70/psx_ansi
+usr/share/terminfo/70/pt100
+usr/share/terminfo/70/pt100w
+usr/share/terminfo/70/pt200
+usr/share/terminfo/70/pt200w
+usr/share/terminfo/70/pt210
+usr/share/terminfo/70/pt250
+usr/share/terminfo/70/pt250w
+usr/share/terminfo/70/pt505
+usr/share/terminfo/70/pt505-22
+usr/share/terminfo/70/pt505-24
+usr/share/terminfo/70/pty
+usr/share/terminfo/70/putty
+usr/share/terminfo/70/putty+fnkeys
+usr/share/terminfo/70/putty+fnkeys+esc
+usr/share/terminfo/70/putty+fnkeys+linux
+usr/share/terminfo/70/putty+fnkeys+sco
+usr/share/terminfo/70/putty+fnkeys+vt100
+usr/share/terminfo/70/putty+fnkeys+vt400
+usr/share/terminfo/70/putty+fnkeys+xterm
+usr/share/terminfo/70/putty-256color
+usr/share/terminfo/70/putty-m1
+usr/share/terminfo/70/putty-m1b
+usr/share/terminfo/70/putty-m2
+usr/share/terminfo/70/putty-noapp
+usr/share/terminfo/70/putty-sco
+usr/share/terminfo/70/putty-vt100
+usr/share/terminfo/71/
+usr/share/terminfo/71/qansi
+usr/share/terminfo/71/qansi-g
+usr/share/terminfo/71/qansi-m
+usr/share/terminfo/71/qansi-t
+usr/share/terminfo/71/qansi-w
+usr/share/terminfo/71/qdcons
+usr/share/terminfo/71/qdss
+usr/share/terminfo/71/qnx
+usr/share/terminfo/71/qnx4
+usr/share/terminfo/71/qnxm
+usr/share/terminfo/71/qnxt
+usr/share/terminfo/71/qnxt2
+usr/share/terminfo/71/qnxt4
+usr/share/terminfo/71/qnxtmono
+usr/share/terminfo/71/qnxw
+usr/share/terminfo/71/qume
+usr/share/terminfo/71/qume5
+usr/share/terminfo/71/qvt101
+usr/share/terminfo/71/qvt101+
+usr/share/terminfo/71/qvt101p
+usr/share/terminfo/71/qvt102
+usr/share/terminfo/71/qvt103
+usr/share/terminfo/71/qvt103-w
+usr/share/terminfo/71/qvt108
+usr/share/terminfo/71/qvt119
+usr/share/terminfo/71/qvt119+
+usr/share/terminfo/71/qvt119+-25
+usr/share/terminfo/71/qvt119+-25-w
+usr/share/terminfo/71/qvt119+-w
+usr/share/terminfo/71/qvt119-25-w
+usr/share/terminfo/71/qvt119-w
+usr/share/terminfo/71/qvt119p
+usr/share/terminfo/71/qvt119p-25
+usr/share/terminfo/71/qvt119p-25-w
+usr/share/terminfo/71/qvt119p-w
+usr/share/terminfo/71/qvt203
+usr/share/terminfo/71/qvt203+
+usr/share/terminfo/71/qvt203-25
+usr/share/terminfo/71/qvt203-25-w
+usr/share/terminfo/71/qvt203-w
+usr/share/terminfo/71/qvt203-w-am
+usr/share/terminfo/72/
+usr/share/terminfo/72/rbcomm
+usr/share/terminfo/72/rbcomm-nam
+usr/share/terminfo/72/rbcomm-w
+usr/share/terminfo/72/rca
+usr/share/terminfo/72/rcons
+usr/share/terminfo/72/rcons-color
+usr/share/terminfo/72/rebus3180
+usr/share/terminfo/72/regent
+usr/share/terminfo/72/regent100
+usr/share/terminfo/72/regent20
+usr/share/terminfo/72/regent200
+usr/share/terminfo/72/regent25
+usr/share/terminfo/72/regent40
+usr/share/terminfo/72/regent40+
+usr/share/terminfo/72/regent60
+usr/share/terminfo/72/rt6221
+usr/share/terminfo/72/rt6221-w
+usr/share/terminfo/72/rtpc
+usr/share/terminfo/72/rxvt
+usr/share/terminfo/72/rxvt+pcfkeys
+usr/share/terminfo/72/rxvt-16color
+usr/share/terminfo/72/rxvt-256color
+usr/share/terminfo/72/rxvt-88color
+usr/share/terminfo/72/rxvt-basic
+usr/share/terminfo/72/rxvt-color
+usr/share/terminfo/72/rxvt-cygwin
+usr/share/terminfo/72/rxvt-cygwin-native
+usr/share/terminfo/72/rxvt-xpm
+usr/share/terminfo/73/
+usr/share/terminfo/73/s4
+usr/share/terminfo/73/sb1
+usr/share/terminfo/73/sb2
+usr/share/terminfo/73/sb3
+usr/share/terminfo/73/sbi
+usr/share/terminfo/73/sbobcat
+usr/share/terminfo/73/sc410
+usr/share/terminfo/73/sc415
+usr/share/terminfo/73/scanset
+usr/share/terminfo/73/scoansi
+usr/share/terminfo/73/scoansi-new
+usr/share/terminfo/73/scoansi-old
+usr/share/terminfo/73/screen
+usr/share/terminfo/73/screen+fkeys
+usr/share/terminfo/73/screen+italics
+usr/share/terminfo/73/screen-16color
+usr/share/terminfo/73/screen-16color-bce
+usr/share/terminfo/73/screen-16color-bce-s
+usr/share/terminfo/73/screen-16color-s
+usr/share/terminfo/73/screen-256color
+usr/share/terminfo/73/screen-256color-bce
+usr/share/terminfo/73/screen-256color-bce-s
+usr/share/terminfo/73/screen-256color-s
+usr/share/terminfo/73/screen-bce
+usr/share/terminfo/73/screen-bce.Eterm
+usr/share/terminfo/73/screen-bce.gnome
+usr/share/terminfo/73/screen-bce.konsole
+usr/share/terminfo/73/screen-bce.linux
+usr/share/terminfo/73/screen-bce.mrxvt
+usr/share/terminfo/73/screen-bce.rxvt
+usr/share/terminfo/73/screen-bce.xterm-new
+usr/share/terminfo/73/screen-s
+usr/share/terminfo/73/screen-w
+usr/share/terminfo/73/screen.Eterm
+usr/share/terminfo/73/screen.gnome
+usr/share/terminfo/73/screen.konsole
+usr/share/terminfo/73/screen.konsole-256color
+usr/share/terminfo/73/screen.linux
+usr/share/terminfo/73/screen.linux-m1
+usr/share/terminfo/73/screen.linux-m1b
+usr/share/terminfo/73/screen.linux-m2
+usr/share/terminfo/73/screen.minitel1
+usr/share/terminfo/73/screen.minitel1-nb
+usr/share/terminfo/73/screen.minitel12-80
+usr/share/terminfo/73/screen.minitel1b
+usr/share/terminfo/73/screen.minitel1b-80
+usr/share/terminfo/73/screen.minitel1b-nb
+usr/share/terminfo/73/screen.minitel2-80
+usr/share/terminfo/73/screen.mlterm
+usr/share/terminfo/73/screen.mlterm-256color
+usr/share/terminfo/73/screen.mrxvt
+usr/share/terminfo/73/screen.putty
+usr/share/terminfo/73/screen.putty-256color
+usr/share/terminfo/73/screen.putty-m1
+usr/share/terminfo/73/screen.putty-m1b
+usr/share/terminfo/73/screen.putty-m2
+usr/share/terminfo/73/screen.rxvt
+usr/share/terminfo/73/screen.teraterm
+usr/share/terminfo/73/screen.vte
+usr/share/terminfo/73/screen.vte-256color
+usr/share/terminfo/73/screen.xterm-256color
+usr/share/terminfo/73/screen.xterm-new
+usr/share/terminfo/73/screen.xterm-r6
+usr/share/terminfo/73/screen.xterm-xfree86
+usr/share/terminfo/73/screen2
+usr/share/terminfo/73/screen3
+usr/share/terminfo/73/screwpoint
+usr/share/terminfo/73/scrhp
+usr/share/terminfo/73/sibo
+usr/share/terminfo/73/simpleterm
+usr/share/terminfo/73/simterm
+usr/share/terminfo/73/soroc
+usr/share/terminfo/73/soroc120
+usr/share/terminfo/73/soroc140
+usr/share/terminfo/73/spinwriter
+usr/share/terminfo/73/st
+usr/share/terminfo/73/st-0.6
+usr/share/terminfo/73/st-0.7
+usr/share/terminfo/73/st-16color
+usr/share/terminfo/73/st-256color
+usr/share/terminfo/73/st-direct
+usr/share/terminfo/73/st52
+usr/share/terminfo/73/st52-color
+usr/share/terminfo/73/st52-m
+usr/share/terminfo/73/st52-old
+usr/share/terminfo/73/stterm
+usr/share/terminfo/73/stterm-16color
+usr/share/terminfo/73/stterm-256color
+usr/share/terminfo/73/stv52
+usr/share/terminfo/73/stv52pc
+usr/share/terminfo/73/sun
+usr/share/terminfo/73/sun+sl
+usr/share/terminfo/73/sun-1
+usr/share/terminfo/73/sun-12
+usr/share/terminfo/73/sun-17
+usr/share/terminfo/73/sun-24
+usr/share/terminfo/73/sun-34
+usr/share/terminfo/73/sun-48
+usr/share/terminfo/73/sun-c
+usr/share/terminfo/73/sun-cgsix
+usr/share/terminfo/73/sun-cmd
+usr/share/terminfo/73/sun-color
+usr/share/terminfo/73/sun-e
+usr/share/terminfo/73/sun-e-s
+usr/share/terminfo/73/sun-il
+usr/share/terminfo/73/sun-nic
+usr/share/terminfo/73/sun-s
+usr/share/terminfo/73/sun-s-e
+usr/share/terminfo/73/sun-ss5
+usr/share/terminfo/73/sun-type4
+usr/share/terminfo/73/sun1
+usr/share/terminfo/73/sun2
+usr/share/terminfo/73/sune
+usr/share/terminfo/73/superbee
+usr/share/terminfo/73/superbee-xsb
+usr/share/terminfo/73/superbeeic
+usr/share/terminfo/73/superbrain
+usr/share/terminfo/73/sv80
+usr/share/terminfo/73/swtp
+usr/share/terminfo/73/synertek
+usr/share/terminfo/73/synertek380
+usr/share/terminfo/73/system1
+usr/share/terminfo/74/
+usr/share/terminfo/74/t10
+usr/share/terminfo/74/t1061
+usr/share/terminfo/74/t1061f
+usr/share/terminfo/74/t16
+usr/share/terminfo/74/t3700
+usr/share/terminfo/74/t3800
+usr/share/terminfo/74/t653x
+usr/share/terminfo/74/tab
+usr/share/terminfo/74/tab132
+usr/share/terminfo/74/tab132-15
+usr/share/terminfo/74/tab132-rv
+usr/share/terminfo/74/tab132-w
+usr/share/terminfo/74/tab132-w-rv
+usr/share/terminfo/74/tandem6510
+usr/share/terminfo/74/tandem653
+usr/share/terminfo/74/tek
+usr/share/terminfo/74/tek4012
+usr/share/terminfo/74/tek4013
+usr/share/terminfo/74/tek4014
+usr/share/terminfo/74/tek4014-sm
+usr/share/terminfo/74/tek4015
+usr/share/terminfo/74/tek4015-sm
+usr/share/terminfo/74/tek4023
+usr/share/terminfo/74/tek4024
+usr/share/terminfo/74/tek4025
+usr/share/terminfo/74/tek4025-17
+usr/share/terminfo/74/tek4025-17-ws
+usr/share/terminfo/74/tek4025-cr
+usr/share/terminfo/74/tek4025-ex
+usr/share/terminfo/74/tek4025a
+usr/share/terminfo/74/tek4025ex
+usr/share/terminfo/74/tek4027
+usr/share/terminfo/74/tek4027-ex
+usr/share/terminfo/74/tek4105
+usr/share/terminfo/74/tek4105-30
+usr/share/terminfo/74/tek4105a
+usr/share/terminfo/74/tek4106brl
+usr/share/terminfo/74/tek4107
+usr/share/terminfo/74/tek4107brl
+usr/share/terminfo/74/tek4109
+usr/share/terminfo/74/tek4109brl
+usr/share/terminfo/74/tek4112
+usr/share/terminfo/74/tek4112-5
+usr/share/terminfo/74/tek4112-nd
+usr/share/terminfo/74/tek4113
+usr/share/terminfo/74/tek4113-34
+usr/share/terminfo/74/tek4113-nd
+usr/share/terminfo/74/tek4114
+usr/share/terminfo/74/tek4115
+usr/share/terminfo/74/tek4125
+usr/share/terminfo/74/tek4205
+usr/share/terminfo/74/tek4207
+usr/share/terminfo/74/tek4207-s
+usr/share/terminfo/74/tek4404
+usr/share/terminfo/74/teken
+usr/share/terminfo/74/teleray
+usr/share/terminfo/74/teletec
+usr/share/terminfo/74/teraterm
+usr/share/terminfo/74/teraterm-256color
+usr/share/terminfo/74/teraterm2.3
+usr/share/terminfo/74/teraterm4.59
+usr/share/terminfo/74/teraterm4.97
+usr/share/terminfo/74/terminator
+usr/share/terminfo/74/terminet
+usr/share/terminfo/74/terminet1200
+usr/share/terminfo/74/terminet300
+usr/share/terminfo/74/terminology
+usr/share/terminfo/74/terminology-0.6.1
+usr/share/terminfo/74/terminology-1.0.0
+usr/share/terminfo/74/termite
+usr/share/terminfo/74/tgtelnet
+usr/share/terminfo/74/ti700
+usr/share/terminfo/74/ti733
+usr/share/terminfo/74/ti735
+usr/share/terminfo/74/ti745
+usr/share/terminfo/74/ti800
+usr/share/terminfo/74/ti916
+usr/share/terminfo/74/ti916-132
+usr/share/terminfo/74/ti916-220-7
+usr/share/terminfo/74/ti916-220-8
+usr/share/terminfo/74/ti916-8
+usr/share/terminfo/74/ti916-8-132
+usr/share/terminfo/74/ti924
+usr/share/terminfo/74/ti924-8
+usr/share/terminfo/74/ti924-8w
+usr/share/terminfo/74/ti924w
+usr/share/terminfo/74/ti926
+usr/share/terminfo/74/ti926-8
+usr/share/terminfo/74/ti928
+usr/share/terminfo/74/ti928-8
+usr/share/terminfo/74/ti931
+usr/share/terminfo/74/ti_ansi
+usr/share/terminfo/74/tkterm
+usr/share/terminfo/74/tmux
+usr/share/terminfo/74/tmux-256color
+usr/share/terminfo/74/tn1200
+usr/share/terminfo/74/tn300
+usr/share/terminfo/74/trs16
+usr/share/terminfo/74/trs2
+usr/share/terminfo/74/trs80II
+usr/share/terminfo/74/trsII
+usr/share/terminfo/74/ts-1
+usr/share/terminfo/74/ts-1p
+usr/share/terminfo/74/ts1
+usr/share/terminfo/74/ts100
+usr/share/terminfo/74/ts100-ctxt
+usr/share/terminfo/74/ts100-sp
+usr/share/terminfo/74/ts1p
+usr/share/terminfo/74/tt
+usr/share/terminfo/74/tt505-22
+usr/share/terminfo/74/tt52
+usr/share/terminfo/74/tty33
+usr/share/terminfo/74/tty35
+usr/share/terminfo/74/tty37
+usr/share/terminfo/74/tty40
+usr/share/terminfo/74/tty43
+usr/share/terminfo/74/tty4420
+usr/share/terminfo/74/tty4424
+usr/share/terminfo/74/tty4424-1
+usr/share/terminfo/74/tty4424m
+usr/share/terminfo/74/tty4426
+usr/share/terminfo/74/tty5410
+usr/share/terminfo/74/tty5410-w
+usr/share/terminfo/74/tty5410v1
+usr/share/terminfo/74/tty5410v1-w
+usr/share/terminfo/74/tty5420
+usr/share/terminfo/74/tty5420+nl
+usr/share/terminfo/74/tty5420-nl
+usr/share/terminfo/74/tty5420-rv
+usr/share/terminfo/74/tty5420-rv-nl
+usr/share/terminfo/74/tty5420-w
+usr/share/terminfo/74/tty5420-w-nl
+usr/share/terminfo/74/tty5420-w-rv
+usr/share/terminfo/74/tty5420-w-rv-n
+usr/share/terminfo/74/tty5425
+usr/share/terminfo/74/tty5425-nl
+usr/share/terminfo/74/tty5425-w
+usr/share/terminfo/74/tty5620
+usr/share/terminfo/74/tty5620-1
+usr/share/terminfo/74/tty5620-24
+usr/share/terminfo/74/tty5620-34
+usr/share/terminfo/74/tty5620-s
+usr/share/terminfo/74/ttydmd
+usr/share/terminfo/74/tvi803
+usr/share/terminfo/74/tvi9065
+usr/share/terminfo/74/tvi910
+usr/share/terminfo/74/tvi910+
+usr/share/terminfo/74/tvi912
+usr/share/terminfo/74/tvi912b
+usr/share/terminfo/74/tvi912b+2p
+usr/share/terminfo/74/tvi912b+dim
+usr/share/terminfo/74/tvi912b+mc
+usr/share/terminfo/74/tvi912b+printer
+usr/share/terminfo/74/tvi912b+vb
+usr/share/terminfo/74/tvi912b-2p
+usr/share/terminfo/74/tvi912b-2p-mc
+usr/share/terminfo/74/tvi912b-2p-p
+usr/share/terminfo/74/tvi912b-2p-unk
+usr/share/terminfo/74/tvi912b-mc
+usr/share/terminfo/74/tvi912b-mc-2p
+usr/share/terminfo/74/tvi912b-mc-vb
+usr/share/terminfo/74/tvi912b-p
+usr/share/terminfo/74/tvi912b-p-2p
+usr/share/terminfo/74/tvi912b-p-vb
+usr/share/terminfo/74/tvi912b-unk
+usr/share/terminfo/74/tvi912b-unk-2p
+usr/share/terminfo/74/tvi912b-unk-vb
+usr/share/terminfo/74/tvi912b-vb
+usr/share/terminfo/74/tvi912b-vb-mc
+usr/share/terminfo/74/tvi912b-vb-p
+usr/share/terminfo/74/tvi912b-vb-unk
+usr/share/terminfo/74/tvi912c
+usr/share/terminfo/74/tvi912c-2p
+usr/share/terminfo/74/tvi912c-2p-mc
+usr/share/terminfo/74/tvi912c-2p-p
+usr/share/terminfo/74/tvi912c-2p-unk
+usr/share/terminfo/74/tvi912c-mc
+usr/share/terminfo/74/tvi912c-mc-2p
+usr/share/terminfo/74/tvi912c-mc-vb
+usr/share/terminfo/74/tvi912c-p
+usr/share/terminfo/74/tvi912c-p-2p
+usr/share/terminfo/74/tvi912c-p-vb
+usr/share/terminfo/74/tvi912c-unk
+usr/share/terminfo/74/tvi912c-unk-2p
+usr/share/terminfo/74/tvi912c-unk-vb
+usr/share/terminfo/74/tvi912c-vb
+usr/share/terminfo/74/tvi912c-vb-mc
+usr/share/terminfo/74/tvi912c-vb-p
+usr/share/terminfo/74/tvi912c-vb-unk
+usr/share/terminfo/74/tvi912cc
+usr/share/terminfo/74/tvi914
+usr/share/terminfo/74/tvi920
+usr/share/terminfo/74/tvi920b
+usr/share/terminfo/74/tvi920b+fn
+usr/share/terminfo/74/tvi920b-2p
+usr/share/terminfo/74/tvi920b-2p-mc
+usr/share/terminfo/74/tvi920b-2p-p
+usr/share/terminfo/74/tvi920b-2p-unk
+usr/share/terminfo/74/tvi920b-mc
+usr/share/terminfo/74/tvi920b-mc-2p
+usr/share/terminfo/74/tvi920b-mc-vb
+usr/share/terminfo/74/tvi920b-p
+usr/share/terminfo/74/tvi920b-p-2p
+usr/share/terminfo/74/tvi920b-p-vb
+usr/share/terminfo/74/tvi920b-unk
+usr/share/terminfo/74/tvi920b-unk-2p
+usr/share/terminfo/74/tvi920b-unk-vb
+usr/share/terminfo/74/tvi920b-vb
+usr/share/terminfo/74/tvi920b-vb-mc
+usr/share/terminfo/74/tvi920b-vb-p
+usr/share/terminfo/74/tvi920b-vb-unk
+usr/share/terminfo/74/tvi920c
+usr/share/terminfo/74/tvi920c-2p
+usr/share/terminfo/74/tvi920c-2p-mc
+usr/share/terminfo/74/tvi920c-2p-p
+usr/share/terminfo/74/tvi920c-2p-unk
+usr/share/terminfo/74/tvi920c-mc
+usr/share/terminfo/74/tvi920c-mc-2p
+usr/share/terminfo/74/tvi920c-mc-vb
+usr/share/terminfo/74/tvi920c-p
+usr/share/terminfo/74/tvi920c-p-2p
+usr/share/terminfo/74/tvi920c-p-vb
+usr/share/terminfo/74/tvi920c-unk
+usr/share/terminfo/74/tvi920c-unk-2p
+usr/share/terminfo/74/tvi920c-unk-vb
+usr/share/terminfo/74/tvi920c-vb
+usr/share/terminfo/74/tvi920c-vb-mc
+usr/share/terminfo/74/tvi920c-vb-p
+usr/share/terminfo/74/tvi920c-vb-unk
+usr/share/terminfo/74/tvi921
+usr/share/terminfo/74/tvi924
+usr/share/terminfo/74/tvi925
+usr/share/terminfo/74/tvi925-hi
+usr/share/terminfo/74/tvi92B
+usr/share/terminfo/74/tvi92D
+usr/share/terminfo/74/tvi950
+usr/share/terminfo/74/tvi950-2p
+usr/share/terminfo/74/tvi950-4p
+usr/share/terminfo/74/tvi950-rv
+usr/share/terminfo/74/tvi950-rv-2p
+usr/share/terminfo/74/tvi950-rv-4p
+usr/share/terminfo/74/tvi955
+usr/share/terminfo/74/tvi955-hb
+usr/share/terminfo/74/tvi955-w
+usr/share/terminfo/74/tvi970
+usr/share/terminfo/74/tvi970-2p
+usr/share/terminfo/74/tvi970-vb
+usr/share/terminfo/74/tvipt
+usr/share/terminfo/74/tw100
+usr/share/terminfo/74/tw52
+usr/share/terminfo/74/tw52-color
+usr/share/terminfo/74/tw52-m
+usr/share/terminfo/74/tws-generic
+usr/share/terminfo/74/tws2102-sna
+usr/share/terminfo/74/tws2103
+usr/share/terminfo/74/tws2103-sna
+usr/share/terminfo/75/
+usr/share/terminfo/75/ultima2
+usr/share/terminfo/75/ultimaII
+usr/share/terminfo/75/uniterm
+usr/share/terminfo/75/uniterm49
+usr/share/terminfo/75/unixpc
+usr/share/terminfo/75/unknown
+usr/share/terminfo/75/uts30
+usr/share/terminfo/75/uwin
+usr/share/terminfo/76/
+usr/share/terminfo/76/v200-nam
+usr/share/terminfo/76/v320n
+usr/share/terminfo/76/v3220
+usr/share/terminfo/76/v5410
+usr/share/terminfo/76/vanilla
+usr/share/terminfo/76/vapple
+usr/share/terminfo/76/vc103
+usr/share/terminfo/76/vc203
+usr/share/terminfo/76/vc303
+usr/share/terminfo/76/vc303a
+usr/share/terminfo/76/vc403a
+usr/share/terminfo/76/vc404
+usr/share/terminfo/76/vc404-s
+usr/share/terminfo/76/vc414
+usr/share/terminfo/76/vc414h
+usr/share/terminfo/76/vc415
+usr/share/terminfo/76/venix
+usr/share/terminfo/76/versaterm
+usr/share/terminfo/76/vi200
+usr/share/terminfo/76/vi200-f
+usr/share/terminfo/76/vi200-rv
+usr/share/terminfo/76/vi300
+usr/share/terminfo/76/vi300-old
+usr/share/terminfo/76/vi50
+usr/share/terminfo/76/vi500
+usr/share/terminfo/76/vi50adm
+usr/share/terminfo/76/vi55
+usr/share/terminfo/76/vi550
+usr/share/terminfo/76/vi603
+usr/share/terminfo/76/viewdata
+usr/share/terminfo/76/viewdata-o
+usr/share/terminfo/76/viewdata-rv
+usr/share/terminfo/76/viewpoint
+usr/share/terminfo/76/viewpoint3a+
+usr/share/terminfo/76/viewpoint60
+usr/share/terminfo/76/viewpoint90
+usr/share/terminfo/76/vip
+usr/share/terminfo/76/vip-H
+usr/share/terminfo/76/vip-Hw
+usr/share/terminfo/76/vip-w
+usr/share/terminfo/76/vip7800-H
+usr/share/terminfo/76/vip7800-Hw
+usr/share/terminfo/76/vip7800-w
+usr/share/terminfo/76/visa50
+usr/share/terminfo/76/visual603
+usr/share/terminfo/76/vitty
+usr/share/terminfo/76/vk100
+usr/share/terminfo/76/vp3a+
+usr/share/terminfo/76/vp60
+usr/share/terminfo/76/vp90
+usr/share/terminfo/76/vremote
+usr/share/terminfo/76/vs100
+usr/share/terminfo/76/vs100-x10
+usr/share/terminfo/76/vsc
+usr/share/terminfo/76/vt-61
+usr/share/terminfo/76/vt-utf8
+usr/share/terminfo/76/vt100
+usr/share/terminfo/76/vt100+
+usr/share/terminfo/76/vt100+4bsd
+usr/share/terminfo/76/vt100+enq
+usr/share/terminfo/76/vt100+fnkeys
+usr/share/terminfo/76/vt100+keypad
+usr/share/terminfo/76/vt100+pfkeys
+usr/share/terminfo/76/vt100-am
+usr/share/terminfo/76/vt100-bm
+usr/share/terminfo/76/vt100-bm-o
+usr/share/terminfo/76/vt100-bot-s
+usr/share/terminfo/76/vt100-nam
+usr/share/terminfo/76/vt100-nam-w
+usr/share/terminfo/76/vt100-nav
+usr/share/terminfo/76/vt100-nav-w
+usr/share/terminfo/76/vt100-putty
+usr/share/terminfo/76/vt100-s
+usr/share/terminfo/76/vt100-s-bot
+usr/share/terminfo/76/vt100-s-top
+usr/share/terminfo/76/vt100-top-s
+usr/share/terminfo/76/vt100-vb
+usr/share/terminfo/76/vt100-w
+usr/share/terminfo/76/vt100-w-am
+usr/share/terminfo/76/vt100-w-nam
+usr/share/terminfo/76/vt100-w-nav
+usr/share/terminfo/76/vt100nam
+usr/share/terminfo/76/vt102
+usr/share/terminfo/76/vt102+enq
+usr/share/terminfo/76/vt102-nsgr
+usr/share/terminfo/76/vt102-w
+usr/share/terminfo/76/vt125
+usr/share/terminfo/76/vt131
+usr/share/terminfo/76/vt132
+usr/share/terminfo/76/vt200
+usr/share/terminfo/76/vt200-8
+usr/share/terminfo/76/vt200-8bit
+usr/share/terminfo/76/vt200-js
+usr/share/terminfo/76/vt200-old
+usr/share/terminfo/76/vt200-w
+usr/share/terminfo/76/vt220
+usr/share/terminfo/76/vt220+keypad
+usr/share/terminfo/76/vt220-8
+usr/share/terminfo/76/vt220-8bit
+usr/share/terminfo/76/vt220-js
+usr/share/terminfo/76/vt220-nam
+usr/share/terminfo/76/vt220-old
+usr/share/terminfo/76/vt220-w
+usr/share/terminfo/76/vt220d
+usr/share/terminfo/76/vt300
+usr/share/terminfo/76/vt300-nam
+usr/share/terminfo/76/vt300-w
+usr/share/terminfo/76/vt300-w-nam
+usr/share/terminfo/76/vt320
+usr/share/terminfo/76/vt320-k3
+usr/share/terminfo/76/vt320-k311
+usr/share/terminfo/76/vt320-nam
+usr/share/terminfo/76/vt320-w
+usr/share/terminfo/76/vt320-w-nam
+usr/share/terminfo/76/vt320nam
+usr/share/terminfo/76/vt330
+usr/share/terminfo/76/vt340
+usr/share/terminfo/76/vt400
+usr/share/terminfo/76/vt400-24
+usr/share/terminfo/76/vt420
+usr/share/terminfo/76/vt420f
+usr/share/terminfo/76/vt420pc
+usr/share/terminfo/76/vt420pcdos
+usr/share/terminfo/76/vt50
+usr/share/terminfo/76/vt50h
+usr/share/terminfo/76/vt510
+usr/share/terminfo/76/vt510pc
+usr/share/terminfo/76/vt510pcdos
+usr/share/terminfo/76/vt52
+usr/share/terminfo/76/vt520
+usr/share/terminfo/76/vt520ansi
+usr/share/terminfo/76/vt525
+usr/share/terminfo/76/vt61
+usr/share/terminfo/76/vt61.5
+usr/share/terminfo/76/vte
+usr/share/terminfo/76/vte+pcfkeys
+usr/share/terminfo/76/vte-2007
+usr/share/terminfo/76/vte-2008
+usr/share/terminfo/76/vte-2012
+usr/share/terminfo/76/vte-2014
+usr/share/terminfo/76/vte-2017
+usr/share/terminfo/76/vte-256color
+usr/share/terminfo/76/vte-direct
+usr/share/terminfo/76/vtnt
+usr/share/terminfo/76/vv100
+usr/share/terminfo/76/vwmterm
+usr/share/terminfo/77/
+usr/share/terminfo/77/wren
+usr/share/terminfo/77/wrenw
+usr/share/terminfo/77/wsiris
+usr/share/terminfo/77/wsvt25
+usr/share/terminfo/77/wsvt25m
+usr/share/terminfo/77/wy-75ap
+usr/share/terminfo/77/wy-99fgt
+usr/share/terminfo/77/wy-99fgta
+usr/share/terminfo/77/wy100
+usr/share/terminfo/77/wy100q
+usr/share/terminfo/77/wy120
+usr/share/terminfo/77/wy120-25
+usr/share/terminfo/77/wy120-25-w
+usr/share/terminfo/77/wy120-vb
+usr/share/terminfo/77/wy120-w
+usr/share/terminfo/77/wy120-w-vb
+usr/share/terminfo/77/wy120-wvb
+usr/share/terminfo/77/wy150
+usr/share/terminfo/77/wy150-25
+usr/share/terminfo/77/wy150-25-w
+usr/share/terminfo/77/wy150-vb
+usr/share/terminfo/77/wy150-w
+usr/share/terminfo/77/wy150-w-vb
+usr/share/terminfo/77/wy160
+usr/share/terminfo/77/wy160-25
+usr/share/terminfo/77/wy160-25-w
+usr/share/terminfo/77/wy160-42
+usr/share/terminfo/77/wy160-42-w
+usr/share/terminfo/77/wy160-43
+usr/share/terminfo/77/wy160-43-w
+usr/share/terminfo/77/wy160-tek
+usr/share/terminfo/77/wy160-vb
+usr/share/terminfo/77/wy160-w
+usr/share/terminfo/77/wy160-w-vb
+usr/share/terminfo/77/wy160-wvb
+usr/share/terminfo/77/wy185
+usr/share/terminfo/77/wy185-24
+usr/share/terminfo/77/wy185-vb
+usr/share/terminfo/77/wy185-w
+usr/share/terminfo/77/wy185-wvb
+usr/share/terminfo/77/wy30
+usr/share/terminfo/77/wy30-mc
+usr/share/terminfo/77/wy30-vb
+usr/share/terminfo/77/wy325
+usr/share/terminfo/77/wy325-25
+usr/share/terminfo/77/wy325-25w
+usr/share/terminfo/77/wy325-42
+usr/share/terminfo/77/wy325-42w
+usr/share/terminfo/77/wy325-42w-vb
+usr/share/terminfo/77/wy325-42wvb
+usr/share/terminfo/77/wy325-43
+usr/share/terminfo/77/wy325-43w
+usr/share/terminfo/77/wy325-43w-vb
+usr/share/terminfo/77/wy325-43wvb
+usr/share/terminfo/77/wy325-80
+usr/share/terminfo/77/wy325-vb
+usr/share/terminfo/77/wy325-w
+usr/share/terminfo/77/wy325-w-vb
+usr/share/terminfo/77/wy325-wvb
+usr/share/terminfo/77/wy325w-24
+usr/share/terminfo/77/wy350
+usr/share/terminfo/77/wy350-vb
+usr/share/terminfo/77/wy350-w
+usr/share/terminfo/77/wy350-wvb
+usr/share/terminfo/77/wy370
+usr/share/terminfo/77/wy370-101k
+usr/share/terminfo/77/wy370-105k
+usr/share/terminfo/77/wy370-EPC
+usr/share/terminfo/77/wy370-nk
+usr/share/terminfo/77/wy370-rv
+usr/share/terminfo/77/wy370-tek
+usr/share/terminfo/77/wy370-vb
+usr/share/terminfo/77/wy370-w
+usr/share/terminfo/77/wy370-wvb
+usr/share/terminfo/77/wy50
+usr/share/terminfo/77/wy50-mc
+usr/share/terminfo/77/wy50-vb
+usr/share/terminfo/77/wy50-w
+usr/share/terminfo/77/wy50-wvb
+usr/share/terminfo/77/wy520
+usr/share/terminfo/77/wy520-24
+usr/share/terminfo/77/wy520-36
+usr/share/terminfo/77/wy520-36pc
+usr/share/terminfo/77/wy520-36w
+usr/share/terminfo/77/wy520-36wpc
+usr/share/terminfo/77/wy520-48
+usr/share/terminfo/77/wy520-48pc
+usr/share/terminfo/77/wy520-48w
+usr/share/terminfo/77/wy520-48wpc
+usr/share/terminfo/77/wy520-epc
+usr/share/terminfo/77/wy520-epc-24
+usr/share/terminfo/77/wy520-epc-vb
+usr/share/terminfo/77/wy520-epc-w
+usr/share/terminfo/77/wy520-epc-wvb
+usr/share/terminfo/77/wy520-vb
+usr/share/terminfo/77/wy520-w
+usr/share/terminfo/77/wy520-wvb
+usr/share/terminfo/77/wy60
+usr/share/terminfo/77/wy60-25
+usr/share/terminfo/77/wy60-25-w
+usr/share/terminfo/77/wy60-316X
+usr/share/terminfo/77/wy60-42
+usr/share/terminfo/77/wy60-42-w
+usr/share/terminfo/77/wy60-43
+usr/share/terminfo/77/wy60-43-w
+usr/share/terminfo/77/wy60-AT
+usr/share/terminfo/77/wy60-PC
+usr/share/terminfo/77/wy60-vb
+usr/share/terminfo/77/wy60-w
+usr/share/terminfo/77/wy60-w-vb
+usr/share/terminfo/77/wy60-wvb
+usr/share/terminfo/77/wy75
+usr/share/terminfo/77/wy75-mc
+usr/share/terminfo/77/wy75-vb
+usr/share/terminfo/77/wy75-w
+usr/share/terminfo/77/wy75-wvb
+usr/share/terminfo/77/wy75ap
+usr/share/terminfo/77/wy85
+usr/share/terminfo/77/wy85-8bit
+usr/share/terminfo/77/wy85-vb
+usr/share/terminfo/77/wy85-w
+usr/share/terminfo/77/wy85-wvb
+usr/share/terminfo/77/wy99-ansi
+usr/share/terminfo/77/wy99a-ansi
+usr/share/terminfo/77/wy99f
+usr/share/terminfo/77/wy99fa
+usr/share/terminfo/77/wy99fgt
+usr/share/terminfo/77/wy99fgta
+usr/share/terminfo/77/wy99gt
+usr/share/terminfo/77/wy99gt-25
+usr/share/terminfo/77/wy99gt-25-w
+usr/share/terminfo/77/wy99gt-tek
+usr/share/terminfo/77/wy99gt-vb
+usr/share/terminfo/77/wy99gt-w
+usr/share/terminfo/77/wy99gt-w-vb
+usr/share/terminfo/77/wy99gt-wvb
+usr/share/terminfo/77/wyse-325
+usr/share/terminfo/77/wyse-75ap
+usr/share/terminfo/77/wyse-vp
+usr/share/terminfo/77/wyse120
+usr/share/terminfo/77/wyse120-25
+usr/share/terminfo/77/wyse120-25-w
+usr/share/terminfo/77/wyse120-vb
+usr/share/terminfo/77/wyse120-w
+usr/share/terminfo/77/wyse120-wvb
+usr/share/terminfo/77/wyse150
+usr/share/terminfo/77/wyse150-25
+usr/share/terminfo/77/wyse150-25-w
+usr/share/terminfo/77/wyse150-vb
+usr/share/terminfo/77/wyse150-w
+usr/share/terminfo/77/wyse150-w-vb
+usr/share/terminfo/77/wyse160
+usr/share/terminfo/77/wyse160-25
+usr/share/terminfo/77/wyse160-25-w
+usr/share/terminfo/77/wyse160-42
+usr/share/terminfo/77/wyse160-42-w
+usr/share/terminfo/77/wyse160-43
+usr/share/terminfo/77/wyse160-43-w
+usr/share/terminfo/77/wyse160-vb
+usr/share/terminfo/77/wyse160-w
+usr/share/terminfo/77/wyse160-wvb
+usr/share/terminfo/77/wyse185
+usr/share/terminfo/77/wyse185-24
+usr/share/terminfo/77/wyse185-vb
+usr/share/terminfo/77/wyse185-w
+usr/share/terminfo/77/wyse185-wvb
+usr/share/terminfo/77/wyse30
+usr/share/terminfo/77/wyse30-mc
+usr/share/terminfo/77/wyse30-vb
+usr/share/terminfo/77/wyse325
+usr/share/terminfo/77/wyse325-25
+usr/share/terminfo/77/wyse325-25w
+usr/share/terminfo/77/wyse325-42
+usr/share/terminfo/77/wyse325-42w
+usr/share/terminfo/77/wyse325-43
+usr/share/terminfo/77/wyse325-43w
+usr/share/terminfo/77/wyse325-vb
+usr/share/terminfo/77/wyse325-w
+usr/share/terminfo/77/wyse325-wvb
+usr/share/terminfo/77/wyse350
+usr/share/terminfo/77/wyse350-vb
+usr/share/terminfo/77/wyse350-w
+usr/share/terminfo/77/wyse350-wvb
+usr/share/terminfo/77/wyse370
+usr/share/terminfo/77/wyse50
+usr/share/terminfo/77/wyse50-mc
+usr/share/terminfo/77/wyse50-vb
+usr/share/terminfo/77/wyse50-w
+usr/share/terminfo/77/wyse50-wvb
+usr/share/terminfo/77/wyse520
+usr/share/terminfo/77/wyse520-24
+usr/share/terminfo/77/wyse520-36
+usr/share/terminfo/77/wyse520-36pc
+usr/share/terminfo/77/wyse520-36w
+usr/share/terminfo/77/wyse520-36wpc
+usr/share/terminfo/77/wyse520-48
+usr/share/terminfo/77/wyse520-48pc
+usr/share/terminfo/77/wyse520-48w
+usr/share/terminfo/77/wyse520-48wpc
+usr/share/terminfo/77/wyse520-epc
+usr/share/terminfo/77/wyse520-epc-w
+usr/share/terminfo/77/wyse520-p-wvb
+usr/share/terminfo/77/wyse520-pc-24
+usr/share/terminfo/77/wyse520-pc-vb
+usr/share/terminfo/77/wyse520-vb
+usr/share/terminfo/77/wyse520-w
+usr/share/terminfo/77/wyse520-wvb
+usr/share/terminfo/77/wyse60
+usr/share/terminfo/77/wyse60-25
+usr/share/terminfo/77/wyse60-25-w
+usr/share/terminfo/77/wyse60-316X
+usr/share/terminfo/77/wyse60-42
+usr/share/terminfo/77/wyse60-42-w
+usr/share/terminfo/77/wyse60-43
+usr/share/terminfo/77/wyse60-43-w
+usr/share/terminfo/77/wyse60-AT
+usr/share/terminfo/77/wyse60-PC
+usr/share/terminfo/77/wyse60-vb
+usr/share/terminfo/77/wyse60-w
+usr/share/terminfo/77/wyse60-wvb
+usr/share/terminfo/77/wyse75
+usr/share/terminfo/77/wyse75-mc
+usr/share/terminfo/77/wyse75-vb
+usr/share/terminfo/77/wyse75-w
+usr/share/terminfo/77/wyse75-wvb
+usr/share/terminfo/77/wyse75ap
+usr/share/terminfo/77/wyse85
+usr/share/terminfo/77/wyse85-8bit
+usr/share/terminfo/77/wyse85-vb
+usr/share/terminfo/77/wyse85-w
+usr/share/terminfo/77/wyse85-wvb
+usr/share/terminfo/77/wyse99gt
+usr/share/terminfo/77/wyse99gt-25
+usr/share/terminfo/77/wyse99gt-25-w
+usr/share/terminfo/77/wyse99gt-vb
+usr/share/terminfo/77/wyse99gt-w
+usr/share/terminfo/77/wyse99gt-wvb
+usr/share/terminfo/78/
+usr/share/terminfo/78/x10term
+usr/share/terminfo/78/x1700
+usr/share/terminfo/78/x1700-lm
+usr/share/terminfo/78/x1720
+usr/share/terminfo/78/x1750
+usr/share/terminfo/78/x68k
+usr/share/terminfo/78/x68k-ite
+usr/share/terminfo/78/x820
+usr/share/terminfo/78/xdku
+usr/share/terminfo/78/xenix
+usr/share/terminfo/78/xerox
+usr/share/terminfo/78/xerox-lm
+usr/share/terminfo/78/xerox1720
+usr/share/terminfo/78/xerox820
+usr/share/terminfo/78/xfce
+usr/share/terminfo/78/xiterm
+usr/share/terminfo/78/xl83
+usr/share/terminfo/78/xnuppc
+usr/share/terminfo/78/xnuppc+100x37
+usr/share/terminfo/78/xnuppc+112x37
+usr/share/terminfo/78/xnuppc+128x40
+usr/share/terminfo/78/xnuppc+128x48
+usr/share/terminfo/78/xnuppc+144x48
+usr/share/terminfo/78/xnuppc+160x64
+usr/share/terminfo/78/xnuppc+200x64
+usr/share/terminfo/78/xnuppc+200x75
+usr/share/terminfo/78/xnuppc+256x96
+usr/share/terminfo/78/xnuppc+80x25
+usr/share/terminfo/78/xnuppc+80x30
+usr/share/terminfo/78/xnuppc+90x30
+usr/share/terminfo/78/xnuppc+b
+usr/share/terminfo/78/xnuppc+basic
+usr/share/terminfo/78/xnuppc+c
+usr/share/terminfo/78/xnuppc+f
+usr/share/terminfo/78/xnuppc+f2
+usr/share/terminfo/78/xnuppc-100x37
+usr/share/terminfo/78/xnuppc-100x37-m
+usr/share/terminfo/78/xnuppc-112x37
+usr/share/terminfo/78/xnuppc-112x37-m
+usr/share/terminfo/78/xnuppc-128x40
+usr/share/terminfo/78/xnuppc-128x40-m
+usr/share/terminfo/78/xnuppc-128x48
+usr/share/terminfo/78/xnuppc-128x48-m
+usr/share/terminfo/78/xnuppc-144x48
+usr/share/terminfo/78/xnuppc-144x48-m
+usr/share/terminfo/78/xnuppc-160x64
+usr/share/terminfo/78/xnuppc-160x64-m
+usr/share/terminfo/78/xnuppc-200x64
+usr/share/terminfo/78/xnuppc-200x64-m
+usr/share/terminfo/78/xnuppc-200x75
+usr/share/terminfo/78/xnuppc-200x75-m
+usr/share/terminfo/78/xnuppc-256x96
+usr/share/terminfo/78/xnuppc-256x96-m
+usr/share/terminfo/78/xnuppc-80x25
+usr/share/terminfo/78/xnuppc-80x25-m
+usr/share/terminfo/78/xnuppc-80x30
+usr/share/terminfo/78/xnuppc-80x30-m
+usr/share/terminfo/78/xnuppc-90x30
+usr/share/terminfo/78/xnuppc-90x30-m
+usr/share/terminfo/78/xnuppc-b
+usr/share/terminfo/78/xnuppc-f
+usr/share/terminfo/78/xnuppc-f2
+usr/share/terminfo/78/xnuppc-m
+usr/share/terminfo/78/xnuppc-m-b
+usr/share/terminfo/78/xnuppc-m-f
+usr/share/terminfo/78/xnuppc-m-f2
+usr/share/terminfo/78/xtalk
+usr/share/terminfo/78/xterm
+usr/share/terminfo/78/xterm+256color
+usr/share/terminfo/78/xterm+256setaf
+usr/share/terminfo/78/xterm+88color
+usr/share/terminfo/78/xterm+alt+title
+usr/share/terminfo/78/xterm+alt1049
+usr/share/terminfo/78/xterm+app
+usr/share/terminfo/78/xterm+direct
+usr/share/terminfo/78/xterm+direct2
+usr/share/terminfo/78/xterm+edit
+usr/share/terminfo/78/xterm+indirect
+usr/share/terminfo/78/xterm+kbs
+usr/share/terminfo/78/xterm+noalt
+usr/share/terminfo/78/xterm+noapp
+usr/share/terminfo/78/xterm+pc+edit
+usr/share/terminfo/78/xterm+pcc0
+usr/share/terminfo/78/xterm+pcc1
+usr/share/terminfo/78/xterm+pcc2
+usr/share/terminfo/78/xterm+pcc3
+usr/share/terminfo/78/xterm+pce2
+usr/share/terminfo/78/xterm+pcf0
+usr/share/terminfo/78/xterm+pcf2
+usr/share/terminfo/78/xterm+pcfkeys
+usr/share/terminfo/78/xterm+r6f2
+usr/share/terminfo/78/xterm+sl
+usr/share/terminfo/78/xterm+sl-twm
+usr/share/terminfo/78/xterm+sm+1002
+usr/share/terminfo/78/xterm+sm+1003
+usr/share/terminfo/78/xterm+sm+1005
+usr/share/terminfo/78/xterm+sm+1006
+usr/share/terminfo/78/xterm+titlestack
+usr/share/terminfo/78/xterm+tmux
+usr/share/terminfo/78/xterm+vt+edit
+usr/share/terminfo/78/xterm+x10mouse
+usr/share/terminfo/78/xterm+x11hilite
+usr/share/terminfo/78/xterm+x11mouse
+usr/share/terminfo/78/xterm-1002
+usr/share/terminfo/78/xterm-1003
+usr/share/terminfo/78/xterm-1005
+usr/share/terminfo/78/xterm-1006
+usr/share/terminfo/78/xterm-16color
+usr/share/terminfo/78/xterm-24
+usr/share/terminfo/78/xterm-256color
+usr/share/terminfo/78/xterm-88color
+usr/share/terminfo/78/xterm-8bit
+usr/share/terminfo/78/xterm-basic
+usr/share/terminfo/78/xterm-bold
+usr/share/terminfo/78/xterm-color
+usr/share/terminfo/78/xterm-direct
+usr/share/terminfo/78/xterm-direct2
+usr/share/terminfo/78/xterm-hp
+usr/share/terminfo/78/xterm-new
+usr/share/terminfo/78/xterm-nic
+usr/share/terminfo/78/xterm-noapp
+usr/share/terminfo/78/xterm-old
+usr/share/terminfo/78/xterm-pcolor
+usr/share/terminfo/78/xterm-r5
+usr/share/terminfo/78/xterm-r6
+usr/share/terminfo/78/xterm-sco
+usr/share/terminfo/78/xterm-sun
+usr/share/terminfo/78/xterm-utf8
+usr/share/terminfo/78/xterm-vt220
+usr/share/terminfo/78/xterm-vt52
+usr/share/terminfo/78/xterm-x10mouse
+usr/share/terminfo/78/xterm-x11hilite
+usr/share/terminfo/78/xterm-x11mouse
+usr/share/terminfo/78/xterm-xf86-v32
+usr/share/terminfo/78/xterm-xf86-v33
+usr/share/terminfo/78/xterm-xf86-v333
+usr/share/terminfo/78/xterm-xf86-v40
+usr/share/terminfo/78/xterm-xf86-v43
+usr/share/terminfo/78/xterm-xf86-v44
+usr/share/terminfo/78/xterm-xfree86
+usr/share/terminfo/78/xterm-xi
+usr/share/terminfo/78/xterm1
+usr/share/terminfo/78/xtermc
+usr/share/terminfo/78/xtermm
+usr/share/terminfo/78/xterms
+usr/share/terminfo/78/xterms-sun
+usr/share/terminfo/78/xwsh
+usr/share/terminfo/7a/
+usr/share/terminfo/7a/z-100
+usr/share/terminfo/7a/z-100bw
+usr/share/terminfo/7a/z100
+usr/share/terminfo/7a/z100bw
+usr/share/terminfo/7a/z110
+usr/share/terminfo/7a/z110bw
+usr/share/terminfo/7a/z19
+usr/share/terminfo/7a/z29
+usr/share/terminfo/7a/z29a
+usr/share/terminfo/7a/z29a-kc-bc
+usr/share/terminfo/7a/z29a-kc-uc
+usr/share/terminfo/7a/z29a-nkc-bc
+usr/share/terminfo/7a/z29a-nkc-uc
+usr/share/terminfo/7a/z29b
+usr/share/terminfo/7a/z30
+usr/share/terminfo/7a/z340
+usr/share/terminfo/7a/z340-nam
+usr/share/terminfo/7a/z39-a
+usr/share/terminfo/7a/z39a
+usr/share/terminfo/7a/z50
+usr/share/terminfo/7a/z8001
+usr/share/terminfo/7a/zen30
+usr/share/terminfo/7a/zen50
+usr/share/terminfo/7a/zen8001
+usr/share/terminfo/7a/zenith
+usr/share/terminfo/7a/zenith29
+usr/share/terminfo/7a/zenith39-a
+usr/share/terminfo/7a/zenith39-ansi
+usr/share/terminfo/7a/zt-1
+usr/share/terminfo/7a/ztx
+usr/share/terminfo/7a/ztx-1-a
+usr/share/terminfo/7a/ztx11
+
diff --git a/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/mtree b/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/mtree
new file mode 100644
index 000000000..0ce88f676
Binary files /dev/null and b/msys2/var/lib/pacman/local/ncurses-6.1.20180908-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/nettle-3.4.1-1/desc b/msys2/var/lib/pacman/local/nettle-3.4.1-1/desc
new file mode 100644
index 000000000..0648b88ec
--- /dev/null
+++ b/msys2/var/lib/pacman/local/nettle-3.4.1-1/desc
@@ -0,0 +1,45 @@
+%NAME%
+nettle
+
+%VERSION%
+3.4.1-1
+
+%BASE%
+nettle
+
+%DESC%
+A low-level cryptographic library
+
+%URL%
+https://www.lysator.liu.se/~nisse/nettle/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1544167338
+
+%INSTALLDATE%
+1558699099
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+159744
+
+%REASON%
+1
+
+%GROUPS%
+net-utils
+
+%LICENSE%
+GPL2
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libnettle
+
diff --git a/msys2/var/lib/pacman/local/nettle-3.4.1-1/files b/msys2/var/lib/pacman/local/nettle-3.4.1-1/files
new file mode 100644
index 000000000..217858819
--- /dev/null
+++ b/msys2/var/lib/pacman/local/nettle-3.4.1-1/files
@@ -0,0 +1,12 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/nettle-hash.exe
+usr/bin/nettle-lfib-stream.exe
+usr/bin/nettle-pbkdf2.exe
+usr/bin/pkcs1-conv.exe
+usr/bin/sexp-conv.exe
+usr/share/
+usr/share/info/
+usr/share/info/nettle.info.gz
+
diff --git a/msys2/var/lib/pacman/local/nettle-3.4.1-1/install b/msys2/var/lib/pacman/local/nettle-3.4.1-1/install
new file mode 100644
index 000000000..a0cd2f987
--- /dev/null
+++ b/msys2/var/lib/pacman/local/nettle-3.4.1-1/install
@@ -0,0 +1,20 @@
+infodir=usr/share/info
+filelist="nettle.info"
+
+post_install() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist}; do
+    install-info $infodir/$file.gz $infodir/dir 2> /dev/null
+  done
+}
+
+post_upgrade() {
+  post_install $1
+}
+
+pre_remove() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist}; do
+    install-info --delete $infodir/$file.gz $infodir/dir 2> /dev/null
+  done
+}
diff --git a/msys2/var/lib/pacman/local/nettle-3.4.1-1/mtree b/msys2/var/lib/pacman/local/nettle-3.4.1-1/mtree
new file mode 100644
index 000000000..806c845e1
Binary files /dev/null and b/msys2/var/lib/pacman/local/nettle-3.4.1-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/desc b/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/desc
deleted file mode 100644
index e454a12d7..000000000
--- a/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/desc
+++ /dev/null
@@ -1,47 +0,0 @@
-%NAME%
-openssl
-
-%VERSION%
-1.0.2.m-1
-
-%BASE%
-openssl
-
-%DESC%
-The Open Source toolkit for Secure Sockets Layer and Transport Layer Security
-
-%URL%
-https://www.openssl.org
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1510830788
-
-%INSTALLDATE%
-1527758863
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-6796288
-
-%REASON%
-1
-
-%LICENSE%
-custom:BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libopenssl
-zlib
-
-%OPTDEPENDS%
-ca-certificates
-perl
-
diff --git a/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/files b/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/files
deleted file mode 100644
index 82b8b1d92..000000000
--- a/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/files
+++ /dev/null
@@ -1,1616 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/c_rehash
-usr/bin/openssl.exe
-usr/share/
-usr/share/licenses/
-usr/share/licenses/openssl/
-usr/share/licenses/openssl/LICENSE
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/CA.pl.1ssl.gz
-usr/share/man/man1/asn1parse.1ssl.gz
-usr/share/man/man1/c_rehash.1ssl.gz
-usr/share/man/man1/ca.1ssl.gz
-usr/share/man/man1/ciphers.1ssl.gz
-usr/share/man/man1/cms.1ssl.gz
-usr/share/man/man1/crl.1ssl.gz
-usr/share/man/man1/crl2pkcs7.1ssl.gz
-usr/share/man/man1/dgst.1ssl.gz
-usr/share/man/man1/dhparam.1ssl.gz
-usr/share/man/man1/dsa.1ssl.gz
-usr/share/man/man1/dsaparam.1ssl.gz
-usr/share/man/man1/dss1.1ssl.gz
-usr/share/man/man1/ec.1ssl.gz
-usr/share/man/man1/ecparam.1ssl.gz
-usr/share/man/man1/enc.1ssl.gz
-usr/share/man/man1/errstr.1ssl.gz
-usr/share/man/man1/gendsa.1ssl.gz
-usr/share/man/man1/genpkey.1ssl.gz
-usr/share/man/man1/genrsa.1ssl.gz
-usr/share/man/man1/md2.1ssl.gz
-usr/share/man/man1/md4.1ssl.gz
-usr/share/man/man1/md5.1ssl.gz
-usr/share/man/man1/mdc2.1ssl.gz
-usr/share/man/man1/nseq.1ssl.gz
-usr/share/man/man1/ocsp.1ssl.gz
-usr/share/man/man1/openssl-asn1parse.1ssl.gz
-usr/share/man/man1/openssl-ca.1ssl.gz
-usr/share/man/man1/openssl-ciphers.1ssl.gz
-usr/share/man/man1/openssl-cms.1ssl.gz
-usr/share/man/man1/openssl-crl.1ssl.gz
-usr/share/man/man1/openssl-crl2pkcs7.1ssl.gz
-usr/share/man/man1/openssl-dgst.1ssl.gz
-usr/share/man/man1/openssl-dhparam.1ssl.gz
-usr/share/man/man1/openssl-dsa.1ssl.gz
-usr/share/man/man1/openssl-dsaparam.1ssl.gz
-usr/share/man/man1/openssl-ec.1ssl.gz
-usr/share/man/man1/openssl-ecparam.1ssl.gz
-usr/share/man/man1/openssl-enc.1ssl.gz
-usr/share/man/man1/openssl-errstr.1ssl.gz
-usr/share/man/man1/openssl-gendsa.1ssl.gz
-usr/share/man/man1/openssl-genpkey.1ssl.gz
-usr/share/man/man1/openssl-genrsa.1ssl.gz
-usr/share/man/man1/openssl-nseq.1ssl.gz
-usr/share/man/man1/openssl-ocsp.1ssl.gz
-usr/share/man/man1/openssl-passwd.1ssl.gz
-usr/share/man/man1/openssl-pkcs12.1ssl.gz
-usr/share/man/man1/openssl-pkcs7.1ssl.gz
-usr/share/man/man1/openssl-pkcs8.1ssl.gz
-usr/share/man/man1/openssl-pkey.1ssl.gz
-usr/share/man/man1/openssl-pkeyparam.1ssl.gz
-usr/share/man/man1/openssl-pkeyutl.1ssl.gz
-usr/share/man/man1/openssl-rand.1ssl.gz
-usr/share/man/man1/openssl-req.1ssl.gz
-usr/share/man/man1/openssl-rsa.1ssl.gz
-usr/share/man/man1/openssl-rsautl.1ssl.gz
-usr/share/man/man1/openssl-s_client.1ssl.gz
-usr/share/man/man1/openssl-s_server.1ssl.gz
-usr/share/man/man1/openssl-s_time.1ssl.gz
-usr/share/man/man1/openssl-sess_id.1ssl.gz
-usr/share/man/man1/openssl-smime.1ssl.gz
-usr/share/man/man1/openssl-speed.1ssl.gz
-usr/share/man/man1/openssl-spkac.1ssl.gz
-usr/share/man/man1/openssl-ts.1ssl.gz
-usr/share/man/man1/openssl-tsget.1ssl.gz
-usr/share/man/man1/openssl-verify.1ssl.gz
-usr/share/man/man1/openssl-version.1ssl.gz
-usr/share/man/man1/openssl-x509.1ssl.gz
-usr/share/man/man1/openssl.1ssl.gz
-usr/share/man/man1/passwd.1ssl.gz
-usr/share/man/man1/pkcs12.1ssl.gz
-usr/share/man/man1/pkcs7.1ssl.gz
-usr/share/man/man1/pkcs8.1ssl.gz
-usr/share/man/man1/pkey.1ssl.gz
-usr/share/man/man1/pkeyparam.1ssl.gz
-usr/share/man/man1/pkeyutl.1ssl.gz
-usr/share/man/man1/rand.1ssl.gz
-usr/share/man/man1/req.1ssl.gz
-usr/share/man/man1/ripemd160.1ssl.gz
-usr/share/man/man1/rsa.1ssl.gz
-usr/share/man/man1/rsautl.1ssl.gz
-usr/share/man/man1/s_client.1ssl.gz
-usr/share/man/man1/s_server.1ssl.gz
-usr/share/man/man1/s_time.1ssl.gz
-usr/share/man/man1/sess_id.1ssl.gz
-usr/share/man/man1/sha.1ssl.gz
-usr/share/man/man1/sha1.1ssl.gz
-usr/share/man/man1/sha224.1ssl.gz
-usr/share/man/man1/sha256.1ssl.gz
-usr/share/man/man1/sha384.1ssl.gz
-usr/share/man/man1/sha512.1ssl.gz
-usr/share/man/man1/smime.1ssl.gz
-usr/share/man/man1/speed.1ssl.gz
-usr/share/man/man1/spkac.1ssl.gz
-usr/share/man/man1/ts.1ssl.gz
-usr/share/man/man1/tsget.1ssl.gz
-usr/share/man/man1/verify.1ssl.gz
-usr/share/man/man1/version.1ssl.gz
-usr/share/man/man1/x509.1ssl.gz
-usr/share/man/man3/
-usr/share/man/man3/ASN1_OBJECT_free.3ssl.gz
-usr/share/man/man3/ASN1_OBJECT_new.3ssl.gz
-usr/share/man/man3/ASN1_STRING_cmp.3ssl.gz
-usr/share/man/man3/ASN1_STRING_data.3ssl.gz
-usr/share/man/man3/ASN1_STRING_dup.3ssl.gz
-usr/share/man/man3/ASN1_STRING_free.3ssl.gz
-usr/share/man/man3/ASN1_STRING_length.3ssl.gz
-usr/share/man/man3/ASN1_STRING_length_set.3ssl.gz
-usr/share/man/man3/ASN1_STRING_new.3ssl.gz
-usr/share/man/man3/ASN1_STRING_print.3ssl.gz
-usr/share/man/man3/ASN1_STRING_print_ex.3ssl.gz
-usr/share/man/man3/ASN1_STRING_print_ex_fp.3ssl.gz
-usr/share/man/man3/ASN1_STRING_set.3ssl.gz
-usr/share/man/man3/ASN1_STRING_to_UTF8.3ssl.gz
-usr/share/man/man3/ASN1_STRING_type.3ssl.gz
-usr/share/man/man3/ASN1_STRING_type_new.3ssl.gz
-usr/share/man/man3/ASN1_TIME_adj.3ssl.gz
-usr/share/man/man3/ASN1_TIME_check.3ssl.gz
-usr/share/man/man3/ASN1_TIME_diff.3ssl.gz
-usr/share/man/man3/ASN1_TIME_print.3ssl.gz
-usr/share/man/man3/ASN1_TIME_set.3ssl.gz
-usr/share/man/man3/ASN1_TIME_set_string.3ssl.gz
-usr/share/man/man3/ASN1_add_oid_module.3ssl.gz
-usr/share/man/man3/ASN1_generate_nconf.3ssl.gz
-usr/share/man/man3/ASN1_generate_v3.3ssl.gz
-usr/share/man/man3/BF_cbc_encrypt.3ssl.gz
-usr/share/man/man3/BF_cfb64_encrypt.3ssl.gz
-usr/share/man/man3/BF_decrypt.3ssl.gz
-usr/share/man/man3/BF_ecb_encrypt.3ssl.gz
-usr/share/man/man3/BF_encrypt.3ssl.gz
-usr/share/man/man3/BF_ofb64_encrypt.3ssl.gz
-usr/share/man/man3/BF_options.3ssl.gz
-usr/share/man/man3/BF_set_key.3ssl.gz
-usr/share/man/man3/BIO_append_filename.3ssl.gz
-usr/share/man/man3/BIO_callback_ctrl.3ssl.gz
-usr/share/man/man3/BIO_ctrl.3ssl.gz
-usr/share/man/man3/BIO_ctrl_get_read_request.3ssl.gz
-usr/share/man/man3/BIO_ctrl_get_write_guarantee.3ssl.gz
-usr/share/man/man3/BIO_ctrl_pending.3ssl.gz
-usr/share/man/man3/BIO_ctrl_reset_read_request.3ssl.gz
-usr/share/man/man3/BIO_ctrl_wpending.3ssl.gz
-usr/share/man/man3/BIO_debug_callback.3ssl.gz
-usr/share/man/man3/BIO_destroy_bio_pair.3ssl.gz
-usr/share/man/man3/BIO_do_accept.3ssl.gz
-usr/share/man/man3/BIO_do_connect.3ssl.gz
-usr/share/man/man3/BIO_eof.3ssl.gz
-usr/share/man/man3/BIO_f_base64.3ssl.gz
-usr/share/man/man3/BIO_f_buffer.3ssl.gz
-usr/share/man/man3/BIO_f_cipher.3ssl.gz
-usr/share/man/man3/BIO_f_md.3ssl.gz
-usr/share/man/man3/BIO_f_null.3ssl.gz
-usr/share/man/man3/BIO_f_ssl.3ssl.gz
-usr/share/man/man3/BIO_find_type.3ssl.gz
-usr/share/man/man3/BIO_flush.3ssl.gz
-usr/share/man/man3/BIO_free.3ssl.gz
-usr/share/man/man3/BIO_free_all.3ssl.gz
-usr/share/man/man3/BIO_get_accept_port.3ssl.gz
-usr/share/man/man3/BIO_get_bind_mode.3ssl.gz
-usr/share/man/man3/BIO_get_callback.3ssl.gz
-usr/share/man/man3/BIO_get_callback_arg.3ssl.gz
-usr/share/man/man3/BIO_get_cipher_ctx.3ssl.gz
-usr/share/man/man3/BIO_get_cipher_status.3ssl.gz
-usr/share/man/man3/BIO_get_close.3ssl.gz
-usr/share/man/man3/BIO_get_conn_hostname.3ssl.gz
-usr/share/man/man3/BIO_get_conn_int_port.3ssl.gz
-usr/share/man/man3/BIO_get_conn_ip.3ssl.gz
-usr/share/man/man3/BIO_get_conn_port.3ssl.gz
-usr/share/man/man3/BIO_get_fd.3ssl.gz
-usr/share/man/man3/BIO_get_fp.3ssl.gz
-usr/share/man/man3/BIO_get_info_callback.3ssl.gz
-usr/share/man/man3/BIO_get_md.3ssl.gz
-usr/share/man/man3/BIO_get_md_ctx.3ssl.gz
-usr/share/man/man3/BIO_get_mem_data.3ssl.gz
-usr/share/man/man3/BIO_get_mem_ptr.3ssl.gz
-usr/share/man/man3/BIO_get_num_renegotiates.3ssl.gz
-usr/share/man/man3/BIO_get_read_request.3ssl.gz
-usr/share/man/man3/BIO_get_retry_BIO.3ssl.gz
-usr/share/man/man3/BIO_get_retry_reason.3ssl.gz
-usr/share/man/man3/BIO_get_ssl.3ssl.gz
-usr/share/man/man3/BIO_get_write_buf_size.3ssl.gz
-usr/share/man/man3/BIO_get_write_guarantee.3ssl.gz
-usr/share/man/man3/BIO_gets.3ssl.gz
-usr/share/man/man3/BIO_int_ctrl.3ssl.gz
-usr/share/man/man3/BIO_make_bio_pair.3ssl.gz
-usr/share/man/man3/BIO_method_type.3ssl.gz
-usr/share/man/man3/BIO_new.3ssl.gz
-usr/share/man/man3/BIO_new_CMS.3ssl.gz
-usr/share/man/man3/BIO_new_accept.3ssl.gz
-usr/share/man/man3/BIO_new_bio_pair.3ssl.gz
-usr/share/man/man3/BIO_new_buffer_ssl_connect.3ssl.gz
-usr/share/man/man3/BIO_new_connect.3ssl.gz
-usr/share/man/man3/BIO_new_fd.3ssl.gz
-usr/share/man/man3/BIO_new_file.3ssl.gz
-usr/share/man/man3/BIO_new_fp.3ssl.gz
-usr/share/man/man3/BIO_new_mem_buf.3ssl.gz
-usr/share/man/man3/BIO_new_socket.3ssl.gz
-usr/share/man/man3/BIO_new_ssl.3ssl.gz
-usr/share/man/man3/BIO_new_ssl_connect.3ssl.gz
-usr/share/man/man3/BIO_next.3ssl.gz
-usr/share/man/man3/BIO_pending.3ssl.gz
-usr/share/man/man3/BIO_pop.3ssl.gz
-usr/share/man/man3/BIO_ptr_ctrl.3ssl.gz
-usr/share/man/man3/BIO_push.3ssl.gz
-usr/share/man/man3/BIO_puts.3ssl.gz
-usr/share/man/man3/BIO_read.3ssl.gz
-usr/share/man/man3/BIO_read_filename.3ssl.gz
-usr/share/man/man3/BIO_reset.3ssl.gz
-usr/share/man/man3/BIO_retry_type.3ssl.gz
-usr/share/man/man3/BIO_rw_filename.3ssl.gz
-usr/share/man/man3/BIO_s_accept.3ssl.gz
-usr/share/man/man3/BIO_s_bio.3ssl.gz
-usr/share/man/man3/BIO_s_connect.3ssl.gz
-usr/share/man/man3/BIO_s_fd.3ssl.gz
-usr/share/man/man3/BIO_s_file.3ssl.gz
-usr/share/man/man3/BIO_s_mem.3ssl.gz
-usr/share/man/man3/BIO_s_null.3ssl.gz
-usr/share/man/man3/BIO_s_socket.3ssl.gz
-usr/share/man/man3/BIO_seek.3ssl.gz
-usr/share/man/man3/BIO_set.3ssl.gz
-usr/share/man/man3/BIO_set_accept_bios.3ssl.gz
-usr/share/man/man3/BIO_set_accept_port.3ssl.gz
-usr/share/man/man3/BIO_set_bind_mode.3ssl.gz
-usr/share/man/man3/BIO_set_callback.3ssl.gz
-usr/share/man/man3/BIO_set_callback_arg.3ssl.gz
-usr/share/man/man3/BIO_set_cipher.3ssl.gz
-usr/share/man/man3/BIO_set_close.3ssl.gz
-usr/share/man/man3/BIO_set_conn_hostname.3ssl.gz
-usr/share/man/man3/BIO_set_conn_int_port.3ssl.gz
-usr/share/man/man3/BIO_set_conn_ip.3ssl.gz
-usr/share/man/man3/BIO_set_conn_port.3ssl.gz
-usr/share/man/man3/BIO_set_fd.3ssl.gz
-usr/share/man/man3/BIO_set_fp.3ssl.gz
-usr/share/man/man3/BIO_set_info_callback.3ssl.gz
-usr/share/man/man3/BIO_set_md.3ssl.gz
-usr/share/man/man3/BIO_set_mem_buf.3ssl.gz
-usr/share/man/man3/BIO_set_mem_eof_return.3ssl.gz
-usr/share/man/man3/BIO_set_nbio.3ssl.gz
-usr/share/man/man3/BIO_set_nbio_accept.3ssl.gz
-usr/share/man/man3/BIO_set_ssl.3ssl.gz
-usr/share/man/man3/BIO_set_ssl_mode.3ssl.gz
-usr/share/man/man3/BIO_set_ssl_renegotiate_bytes.3ssl.gz
-usr/share/man/man3/BIO_set_ssl_renegotiate_timeout.3ssl.gz
-usr/share/man/man3/BIO_set_write_buf_size.3ssl.gz
-usr/share/man/man3/BIO_should_io_special.3ssl.gz
-usr/share/man/man3/BIO_should_read.3ssl.gz
-usr/share/man/man3/BIO_should_retry.3ssl.gz
-usr/share/man/man3/BIO_should_write.3ssl.gz
-usr/share/man/man3/BIO_shutdown_wr.3ssl.gz
-usr/share/man/man3/BIO_ssl_copy_session_id.3ssl.gz
-usr/share/man/man3/BIO_ssl_shutdown.3ssl.gz
-usr/share/man/man3/BIO_tell.3ssl.gz
-usr/share/man/man3/BIO_vfree.3ssl.gz
-usr/share/man/man3/BIO_wpending.3ssl.gz
-usr/share/man/man3/BIO_write.3ssl.gz
-usr/share/man/man3/BIO_write_filename.3ssl.gz
-usr/share/man/man3/BN_BLINDING_convert.3ssl.gz
-usr/share/man/man3/BN_BLINDING_convert_ex.3ssl.gz
-usr/share/man/man3/BN_BLINDING_create_param.3ssl.gz
-usr/share/man/man3/BN_BLINDING_free.3ssl.gz
-usr/share/man/man3/BN_BLINDING_get_flags.3ssl.gz
-usr/share/man/man3/BN_BLINDING_get_thread_id.3ssl.gz
-usr/share/man/man3/BN_BLINDING_invert.3ssl.gz
-usr/share/man/man3/BN_BLINDING_invert_ex.3ssl.gz
-usr/share/man/man3/BN_BLINDING_new.3ssl.gz
-usr/share/man/man3/BN_BLINDING_set_flags.3ssl.gz
-usr/share/man/man3/BN_BLINDING_set_thread_id.3ssl.gz
-usr/share/man/man3/BN_BLINDING_thread_id.3ssl.gz
-usr/share/man/man3/BN_BLINDING_update.3ssl.gz
-usr/share/man/man3/BN_CTX_end.3ssl.gz
-usr/share/man/man3/BN_CTX_free.3ssl.gz
-usr/share/man/man3/BN_CTX_get.3ssl.gz
-usr/share/man/man3/BN_CTX_init.3ssl.gz
-usr/share/man/man3/BN_CTX_new.3ssl.gz
-usr/share/man/man3/BN_CTX_start.3ssl.gz
-usr/share/man/man3/BN_GENCB_call.3ssl.gz
-usr/share/man/man3/BN_GENCB_set.3ssl.gz
-usr/share/man/man3/BN_GENCB_set_old.3ssl.gz
-usr/share/man/man3/BN_MONT_CTX_copy.3ssl.gz
-usr/share/man/man3/BN_MONT_CTX_free.3ssl.gz
-usr/share/man/man3/BN_MONT_CTX_init.3ssl.gz
-usr/share/man/man3/BN_MONT_CTX_new.3ssl.gz
-usr/share/man/man3/BN_MONT_CTX_set.3ssl.gz
-usr/share/man/man3/BN_RECP_CTX_free.3ssl.gz
-usr/share/man/man3/BN_RECP_CTX_init.3ssl.gz
-usr/share/man/man3/BN_RECP_CTX_new.3ssl.gz
-usr/share/man/man3/BN_RECP_CTX_set.3ssl.gz
-usr/share/man/man3/BN_add.3ssl.gz
-usr/share/man/man3/BN_add_word.3ssl.gz
-usr/share/man/man3/BN_bin2bn.3ssl.gz
-usr/share/man/man3/BN_bn2bin.3ssl.gz
-usr/share/man/man3/BN_bn2dec.3ssl.gz
-usr/share/man/man3/BN_bn2hex.3ssl.gz
-usr/share/man/man3/BN_bn2mpi.3ssl.gz
-usr/share/man/man3/BN_clear.3ssl.gz
-usr/share/man/man3/BN_clear_bit.3ssl.gz
-usr/share/man/man3/BN_clear_free.3ssl.gz
-usr/share/man/man3/BN_cmp.3ssl.gz
-usr/share/man/man3/BN_copy.3ssl.gz
-usr/share/man/man3/BN_dec2bn.3ssl.gz
-usr/share/man/man3/BN_div.3ssl.gz
-usr/share/man/man3/BN_div_recp.3ssl.gz
-usr/share/man/man3/BN_div_word.3ssl.gz
-usr/share/man/man3/BN_dup.3ssl.gz
-usr/share/man/man3/BN_exp.3ssl.gz
-usr/share/man/man3/BN_free.3ssl.gz
-usr/share/man/man3/BN_from_montgomery.3ssl.gz
-usr/share/man/man3/BN_gcd.3ssl.gz
-usr/share/man/man3/BN_generate_prime.3ssl.gz
-usr/share/man/man3/BN_generate_prime_ex.3ssl.gz
-usr/share/man/man3/BN_get_word.3ssl.gz
-usr/share/man/man3/BN_hex2bn.3ssl.gz
-usr/share/man/man3/BN_init.3ssl.gz
-usr/share/man/man3/BN_is_bit_set.3ssl.gz
-usr/share/man/man3/BN_is_odd.3ssl.gz
-usr/share/man/man3/BN_is_one.3ssl.gz
-usr/share/man/man3/BN_is_prime.3ssl.gz
-usr/share/man/man3/BN_is_prime_ex.3ssl.gz
-usr/share/man/man3/BN_is_prime_fasttest.3ssl.gz
-usr/share/man/man3/BN_is_prime_fasttest_ex.3ssl.gz
-usr/share/man/man3/BN_is_word.3ssl.gz
-usr/share/man/man3/BN_is_zero.3ssl.gz
-usr/share/man/man3/BN_lshift.3ssl.gz
-usr/share/man/man3/BN_lshift1.3ssl.gz
-usr/share/man/man3/BN_mask_bits.3ssl.gz
-usr/share/man/man3/BN_mod.3ssl.gz
-usr/share/man/man3/BN_mod_add.3ssl.gz
-usr/share/man/man3/BN_mod_exp.3ssl.gz
-usr/share/man/man3/BN_mod_inverse.3ssl.gz
-usr/share/man/man3/BN_mod_mul.3ssl.gz
-usr/share/man/man3/BN_mod_mul_montgomery.3ssl.gz
-usr/share/man/man3/BN_mod_mul_reciprocal.3ssl.gz
-usr/share/man/man3/BN_mod_sqr.3ssl.gz
-usr/share/man/man3/BN_mod_sub.3ssl.gz
-usr/share/man/man3/BN_mod_word.3ssl.gz
-usr/share/man/man3/BN_mpi2bn.3ssl.gz
-usr/share/man/man3/BN_mul.3ssl.gz
-usr/share/man/man3/BN_mul_word.3ssl.gz
-usr/share/man/man3/BN_new.3ssl.gz
-usr/share/man/man3/BN_nnmod.3ssl.gz
-usr/share/man/man3/BN_num_bits.3ssl.gz
-usr/share/man/man3/BN_num_bits_word.3ssl.gz
-usr/share/man/man3/BN_num_bytes.3ssl.gz
-usr/share/man/man3/BN_one.3ssl.gz
-usr/share/man/man3/BN_print_fp.3ssl.gz
-usr/share/man/man3/BN_pseudo_rand.3ssl.gz
-usr/share/man/man3/BN_pseudo_rand_range.3ssl.gz
-usr/share/man/man3/BN_rand.3ssl.gz
-usr/share/man/man3/BN_rand_range.3ssl.gz
-usr/share/man/man3/BN_rshift.3ssl.gz
-usr/share/man/man3/BN_rshift1.3ssl.gz
-usr/share/man/man3/BN_set_bit.3ssl.gz
-usr/share/man/man3/BN_set_word.3ssl.gz
-usr/share/man/man3/BN_sqr.3ssl.gz
-usr/share/man/man3/BN_sub.3ssl.gz
-usr/share/man/man3/BN_sub_word.3ssl.gz
-usr/share/man/man3/BN_swap.3ssl.gz
-usr/share/man/man3/BN_to_montgomery.3ssl.gz
-usr/share/man/man3/BN_ucmp.3ssl.gz
-usr/share/man/man3/BN_value_one.3ssl.gz
-usr/share/man/man3/BN_zero.3ssl.gz
-usr/share/man/man3/BUF_MEM_free.3ssl.gz
-usr/share/man/man3/BUF_MEM_grow.3ssl.gz
-usr/share/man/man3/BUF_MEM_new.3ssl.gz
-usr/share/man/man3/BUF_MEM_new_ex.3ssl.gz
-usr/share/man/man3/BUF_memdup.3ssl.gz
-usr/share/man/man3/BUF_strdup.3ssl.gz
-usr/share/man/man3/BUF_strlcat.3ssl.gz
-usr/share/man/man3/BUF_strlcpy.3ssl.gz
-usr/share/man/man3/BUF_strndup.3ssl.gz
-usr/share/man/man3/CMS_ReceiptRequest_create0.3ssl.gz
-usr/share/man/man3/CMS_ReceiptRequest_get0_values.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_decrypt.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_encrypt.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_kekri_get0_id.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_kekri_id_cmp.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_ktri_cert_cmp.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_ktri_get0_signer_id.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_set0_key.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_set0_pkey.3ssl.gz
-usr/share/man/man3/CMS_RecipientInfo_type.3ssl.gz
-usr/share/man/man3/CMS_SignerInfo_cert_cmp.3ssl.gz
-usr/share/man/man3/CMS_SignerInfo_get0_signature.3ssl.gz
-usr/share/man/man3/CMS_SignerInfo_get0_signer_id.3ssl.gz
-usr/share/man/man3/CMS_SignerInfo_sign.3ssl.gz
-usr/share/man/man3/CMS_add0_cert.3ssl.gz
-usr/share/man/man3/CMS_add0_crl.3ssl.gz
-usr/share/man/man3/CMS_add0_recipient_key.3ssl.gz
-usr/share/man/man3/CMS_add1_ReceiptRequest.3ssl.gz
-usr/share/man/man3/CMS_add1_cert.3ssl.gz
-usr/share/man/man3/CMS_add1_crl.3ssl.gz
-usr/share/man/man3/CMS_add1_recipient_cert.3ssl.gz
-usr/share/man/man3/CMS_add1_signer.3ssl.gz
-usr/share/man/man3/CMS_compress.3ssl.gz
-usr/share/man/man3/CMS_decrypt.3ssl.gz
-usr/share/man/man3/CMS_encrypt.3ssl.gz
-usr/share/man/man3/CMS_final.3ssl.gz
-usr/share/man/man3/CMS_get0_RecipientInfos.3ssl.gz
-usr/share/man/man3/CMS_get0_SignerInfos.3ssl.gz
-usr/share/man/man3/CMS_get0_content.3ssl.gz
-usr/share/man/man3/CMS_get0_eContentType.3ssl.gz
-usr/share/man/man3/CMS_get0_signers.3ssl.gz
-usr/share/man/man3/CMS_get0_type.3ssl.gz
-usr/share/man/man3/CMS_get1_ReceiptRequest.3ssl.gz
-usr/share/man/man3/CMS_get1_certs.3ssl.gz
-usr/share/man/man3/CMS_get1_crls.3ssl.gz
-usr/share/man/man3/CMS_set1_eContentType.3ssl.gz
-usr/share/man/man3/CMS_set1_signer_cert.3ssl.gz
-usr/share/man/man3/CMS_sign.3ssl.gz
-usr/share/man/man3/CMS_sign_receipt.3ssl.gz
-usr/share/man/man3/CMS_uncompress.3ssl.gz
-usr/share/man/man3/CMS_verify.3ssl.gz
-usr/share/man/man3/CMS_verify_receipt.3ssl.gz
-usr/share/man/man3/CONF_modules_finish.3ssl.gz
-usr/share/man/man3/CONF_modules_free.3ssl.gz
-usr/share/man/man3/CONF_modules_load.3ssl.gz
-usr/share/man/man3/CONF_modules_load_file.3ssl.gz
-usr/share/man/man3/CONF_modules_unload.3ssl.gz
-usr/share/man/man3/CRYPTO_THREADID_cmp.3ssl.gz
-usr/share/man/man3/CRYPTO_THREADID_cpy.3ssl.gz
-usr/share/man/man3/CRYPTO_THREADID_current.3ssl.gz
-usr/share/man/man3/CRYPTO_THREADID_get_callback.3ssl.gz
-usr/share/man/man3/CRYPTO_THREADID_hash.3ssl.gz
-usr/share/man/man3/CRYPTO_THREADID_set_callback.3ssl.gz
-usr/share/man/man3/CRYPTO_destroy_dynlockid.3ssl.gz
-usr/share/man/man3/CRYPTO_get_ex_data.3ssl.gz
-usr/share/man/man3/CRYPTO_get_new_dynlockid.3ssl.gz
-usr/share/man/man3/CRYPTO_lock.3ssl.gz
-usr/share/man/man3/CRYPTO_num_locks.3ssl.gz
-usr/share/man/man3/CRYPTO_set_dynlock_create_callback.3ssl.gz
-usr/share/man/man3/CRYPTO_set_dynlock_destroy_callback.3ssl.gz
-usr/share/man/man3/CRYPTO_set_dynlock_lock_callback.3ssl.gz
-usr/share/man/man3/CRYPTO_set_ex_data.3ssl.gz
-usr/share/man/man3/CRYPTO_set_locking_callback.3ssl.gz
-usr/share/man/man3/DES_cbc_cksum.3ssl.gz
-usr/share/man/man3/DES_cfb64_encrypt.3ssl.gz
-usr/share/man/man3/DES_cfb_encrypt.3ssl.gz
-usr/share/man/man3/DES_crypt.3ssl.gz
-usr/share/man/man3/DES_ecb2_encrypt.3ssl.gz
-usr/share/man/man3/DES_ecb3_encrypt.3ssl.gz
-usr/share/man/man3/DES_ecb_encrypt.3ssl.gz
-usr/share/man/man3/DES_ede2_cbc_encrypt.3ssl.gz
-usr/share/man/man3/DES_ede2_cfb64_encrypt.3ssl.gz
-usr/share/man/man3/DES_ede2_ofb64_encrypt.3ssl.gz
-usr/share/man/man3/DES_ede3_cbc_encrypt.3ssl.gz
-usr/share/man/man3/DES_ede3_cbcm_encrypt.3ssl.gz
-usr/share/man/man3/DES_ede3_cfb64_encrypt.3ssl.gz
-usr/share/man/man3/DES_ede3_ofb64_encrypt.3ssl.gz
-usr/share/man/man3/DES_enc_read.3ssl.gz
-usr/share/man/man3/DES_enc_write.3ssl.gz
-usr/share/man/man3/DES_fcrypt.3ssl.gz
-usr/share/man/man3/DES_is_weak_key.3ssl.gz
-usr/share/man/man3/DES_key_sched.3ssl.gz
-usr/share/man/man3/DES_ncbc_encrypt.3ssl.gz
-usr/share/man/man3/DES_ofb64_encrypt.3ssl.gz
-usr/share/man/man3/DES_ofb_encrypt.3ssl.gz
-usr/share/man/man3/DES_pcbc_encrypt.3ssl.gz
-usr/share/man/man3/DES_quad_cksum.3ssl.gz
-usr/share/man/man3/DES_random_key.3ssl.gz
-usr/share/man/man3/DES_set_key.3ssl.gz
-usr/share/man/man3/DES_set_key_checked.3ssl.gz
-usr/share/man/man3/DES_set_key_unchecked.3ssl.gz
-usr/share/man/man3/DES_set_odd_parity.3ssl.gz
-usr/share/man/man3/DES_string_to_2keys.3ssl.gz
-usr/share/man/man3/DES_string_to_key.3ssl.gz
-usr/share/man/man3/DES_xcbc_encrypt.3ssl.gz
-usr/share/man/man3/DH_OpenSSL.3ssl.gz
-usr/share/man/man3/DH_check.3ssl.gz
-usr/share/man/man3/DH_compute_key.3ssl.gz
-usr/share/man/man3/DH_free.3ssl.gz
-usr/share/man/man3/DH_generate_key.3ssl.gz
-usr/share/man/man3/DH_generate_parameters.3ssl.gz
-usr/share/man/man3/DH_generate_parameters_ex.3ssl.gz
-usr/share/man/man3/DH_get_default_method.3ssl.gz
-usr/share/man/man3/DH_get_ex_data.3ssl.gz
-usr/share/man/man3/DH_get_ex_new_index.3ssl.gz
-usr/share/man/man3/DH_new.3ssl.gz
-usr/share/man/man3/DH_new_method.3ssl.gz
-usr/share/man/man3/DH_set_default_method.3ssl.gz
-usr/share/man/man3/DH_set_ex_data.3ssl.gz
-usr/share/man/man3/DH_set_method.3ssl.gz
-usr/share/man/man3/DH_size.3ssl.gz
-usr/share/man/man3/DHparams_print.3ssl.gz
-usr/share/man/man3/DHparams_print_fp.3ssl.gz
-usr/share/man/man3/DSA_OpenSSL.3ssl.gz
-usr/share/man/man3/DSA_SIG_free.3ssl.gz
-usr/share/man/man3/DSA_SIG_new.3ssl.gz
-usr/share/man/man3/DSA_do_sign.3ssl.gz
-usr/share/man/man3/DSA_do_verify.3ssl.gz
-usr/share/man/man3/DSA_dup_DH.3ssl.gz
-usr/share/man/man3/DSA_free.3ssl.gz
-usr/share/man/man3/DSA_generate_key.3ssl.gz
-usr/share/man/man3/DSA_generate_parameters.3ssl.gz
-usr/share/man/man3/DSA_generate_parameters_ex.3ssl.gz
-usr/share/man/man3/DSA_get_default_method.3ssl.gz
-usr/share/man/man3/DSA_get_ex_data.3ssl.gz
-usr/share/man/man3/DSA_get_ex_new_index.3ssl.gz
-usr/share/man/man3/DSA_new.3ssl.gz
-usr/share/man/man3/DSA_new_method.3ssl.gz
-usr/share/man/man3/DSA_print.3ssl.gz
-usr/share/man/man3/DSA_print_fp.3ssl.gz
-usr/share/man/man3/DSA_set_default_method.3ssl.gz
-usr/share/man/man3/DSA_set_ex_data.3ssl.gz
-usr/share/man/man3/DSA_set_method.3ssl.gz
-usr/share/man/man3/DSA_sign.3ssl.gz
-usr/share/man/man3/DSA_sign_setup.3ssl.gz
-usr/share/man/man3/DSA_size.3ssl.gz
-usr/share/man/man3/DSA_verify.3ssl.gz
-usr/share/man/man3/DSAparams_print.3ssl.gz
-usr/share/man/man3/DSAparams_print_fp.3ssl.gz
-usr/share/man/man3/DTLS_client_method.3ssl.gz
-usr/share/man/man3/DTLS_method.3ssl.gz
-usr/share/man/man3/DTLS_server_method.3ssl.gz
-usr/share/man/man3/DTLSv1_2_client_method.3ssl.gz
-usr/share/man/man3/DTLSv1_2_method.3ssl.gz
-usr/share/man/man3/DTLSv1_2_server_method.3ssl.gz
-usr/share/man/man3/DTLSv1_client_method.3ssl.gz
-usr/share/man/man3/DTLSv1_method.3ssl.gz
-usr/share/man/man3/DTLSv1_server_method.3ssl.gz
-usr/share/man/man3/ECDSA_SIG_free.3ssl.gz
-usr/share/man/man3/ECDSA_SIG_new.3ssl.gz
-usr/share/man/man3/ECDSA_do_sign.3ssl.gz
-usr/share/man/man3/ECDSA_do_sign_ex.3ssl.gz
-usr/share/man/man3/ECDSA_do_verify.3ssl.gz
-usr/share/man/man3/ECDSA_sign.3ssl.gz
-usr/share/man/man3/ECDSA_sign_ex.3ssl.gz
-usr/share/man/man3/ECDSA_sign_setup.3ssl.gz
-usr/share/man/man3/ECDSA_size.3ssl.gz
-usr/share/man/man3/ECDSA_verify.3ssl.gz
-usr/share/man/man3/ECPKParameters_print.3ssl.gz
-usr/share/man/man3/ECPKParameters_print_fp.3ssl.gz
-usr/share/man/man3/EC_GF2m_simple_method.3ssl.gz
-usr/share/man/man3/EC_GFp_mont_method.3ssl.gz
-usr/share/man/man3/EC_GFp_nist_method.3ssl.gz
-usr/share/man/man3/EC_GFp_nistp224_method.3ssl.gz
-usr/share/man/man3/EC_GFp_nistp256_method.3ssl.gz
-usr/share/man/man3/EC_GFp_nistp521_method.3ssl.gz
-usr/share/man/man3/EC_GFp_simple_method.3ssl.gz
-usr/share/man/man3/EC_GROUP_check.3ssl.gz
-usr/share/man/man3/EC_GROUP_check_discriminant.3ssl.gz
-usr/share/man/man3/EC_GROUP_clear_free.3ssl.gz
-usr/share/man/man3/EC_GROUP_cmp.3ssl.gz
-usr/share/man/man3/EC_GROUP_copy.3ssl.gz
-usr/share/man/man3/EC_GROUP_dup.3ssl.gz
-usr/share/man/man3/EC_GROUP_free.3ssl.gz
-usr/share/man/man3/EC_GROUP_get0_generator.3ssl.gz
-usr/share/man/man3/EC_GROUP_get0_seed.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_asn1_flag.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_basis_type.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_cofactor.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_curve_GF2m.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_curve_GFp.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_curve_name.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_degree.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_order.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_pentanomial_basis.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_point_conversion_form.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_seed_len.3ssl.gz
-usr/share/man/man3/EC_GROUP_get_trinomial_basis.3ssl.gz
-usr/share/man/man3/EC_GROUP_have_precompute_mult.3ssl.gz
-usr/share/man/man3/EC_GROUP_method_of.3ssl.gz
-usr/share/man/man3/EC_GROUP_new.3ssl.gz
-usr/share/man/man3/EC_GROUP_new_by_curve_name.3ssl.gz
-usr/share/man/man3/EC_GROUP_new_curve_GF2m.3ssl.gz
-usr/share/man/man3/EC_GROUP_new_curve_GFp.3ssl.gz
-usr/share/man/man3/EC_GROUP_precompute_mult.3ssl.gz
-usr/share/man/man3/EC_GROUP_set_asn1_flag.3ssl.gz
-usr/share/man/man3/EC_GROUP_set_curve_GF2m.3ssl.gz
-usr/share/man/man3/EC_GROUP_set_curve_GFp.3ssl.gz
-usr/share/man/man3/EC_GROUP_set_curve_name.3ssl.gz
-usr/share/man/man3/EC_GROUP_set_generator.3ssl.gz
-usr/share/man/man3/EC_GROUP_set_point_conversion_form.3ssl.gz
-usr/share/man/man3/EC_GROUP_set_seed.3ssl.gz
-usr/share/man/man3/EC_KEY_check_key.3ssl.gz
-usr/share/man/man3/EC_KEY_clear_flags.3ssl.gz
-usr/share/man/man3/EC_KEY_copy.3ssl.gz
-usr/share/man/man3/EC_KEY_dup.3ssl.gz
-usr/share/man/man3/EC_KEY_free.3ssl.gz
-usr/share/man/man3/EC_KEY_generate_key.3ssl.gz
-usr/share/man/man3/EC_KEY_get0_group.3ssl.gz
-usr/share/man/man3/EC_KEY_get0_private_key.3ssl.gz
-usr/share/man/man3/EC_KEY_get0_public_key.3ssl.gz
-usr/share/man/man3/EC_KEY_get_conv_form.3ssl.gz
-usr/share/man/man3/EC_KEY_get_enc_flags.3ssl.gz
-usr/share/man/man3/EC_KEY_get_flags.3ssl.gz
-usr/share/man/man3/EC_KEY_get_key_method_data.3ssl.gz
-usr/share/man/man3/EC_KEY_insert_key_method_data.3ssl.gz
-usr/share/man/man3/EC_KEY_new.3ssl.gz
-usr/share/man/man3/EC_KEY_new_by_curve_name.3ssl.gz
-usr/share/man/man3/EC_KEY_precompute_mult.3ssl.gz
-usr/share/man/man3/EC_KEY_set_asn1_flag.3ssl.gz
-usr/share/man/man3/EC_KEY_set_conv_form.3ssl.gz
-usr/share/man/man3/EC_KEY_set_enc_flags.3ssl.gz
-usr/share/man/man3/EC_KEY_set_flags.3ssl.gz
-usr/share/man/man3/EC_KEY_set_group.3ssl.gz
-usr/share/man/man3/EC_KEY_set_private_key.3ssl.gz
-usr/share/man/man3/EC_KEY_set_public_key.3ssl.gz
-usr/share/man/man3/EC_KEY_set_public_key_affine_coordinates.3ssl.gz
-usr/share/man/man3/EC_KEY_up_ref.3ssl.gz
-usr/share/man/man3/EC_METHOD_get_field_type.3ssl.gz
-usr/share/man/man3/EC_POINT_add.3ssl.gz
-usr/share/man/man3/EC_POINT_bn2point.3ssl.gz
-usr/share/man/man3/EC_POINT_clear_free.3ssl.gz
-usr/share/man/man3/EC_POINT_cmp.3ssl.gz
-usr/share/man/man3/EC_POINT_copy.3ssl.gz
-usr/share/man/man3/EC_POINT_dbl.3ssl.gz
-usr/share/man/man3/EC_POINT_dup.3ssl.gz
-usr/share/man/man3/EC_POINT_free.3ssl.gz
-usr/share/man/man3/EC_POINT_get_Jprojective_coordinates_GFp.3ssl.gz
-usr/share/man/man3/EC_POINT_get_affine_coordinates_GF2m.3ssl.gz
-usr/share/man/man3/EC_POINT_get_affine_coordinates_GFp.3ssl.gz
-usr/share/man/man3/EC_POINT_hex2point.3ssl.gz
-usr/share/man/man3/EC_POINT_invert.3ssl.gz
-usr/share/man/man3/EC_POINT_is_at_infinity.3ssl.gz
-usr/share/man/man3/EC_POINT_is_on_curve.3ssl.gz
-usr/share/man/man3/EC_POINT_make_affine.3ssl.gz
-usr/share/man/man3/EC_POINT_method_of.3ssl.gz
-usr/share/man/man3/EC_POINT_mul.3ssl.gz
-usr/share/man/man3/EC_POINT_new.3ssl.gz
-usr/share/man/man3/EC_POINT_oct2point.3ssl.gz
-usr/share/man/man3/EC_POINT_point2bn.3ssl.gz
-usr/share/man/man3/EC_POINT_point2hex.3ssl.gz
-usr/share/man/man3/EC_POINT_point2oct.3ssl.gz
-usr/share/man/man3/EC_POINT_set_Jprojective_coordinates.3ssl.gz
-usr/share/man/man3/EC_POINT_set_affine_coordinates_GF2m.3ssl.gz
-usr/share/man/man3/EC_POINT_set_affine_coordinates_GFp.3ssl.gz
-usr/share/man/man3/EC_POINT_set_compressed_coordinates_GF2m.3ssl.gz
-usr/share/man/man3/EC_POINT_set_compressed_coordinates_GFp.3ssl.gz
-usr/share/man/man3/EC_POINT_set_to_infinity.3ssl.gz
-usr/share/man/man3/EC_POINTs_make_affine.3ssl.gz
-usr/share/man/man3/EC_POINTs_mul.3ssl.gz
-usr/share/man/man3/EC_get_builtin_curves.3ssl.gz
-usr/share/man/man3/ENGINE_add_conf_module.3ssl.gz
-usr/share/man/man3/ERR_GET_FUNC.3ssl.gz
-usr/share/man/man3/ERR_GET_LIB.3ssl.gz
-usr/share/man/man3/ERR_GET_REASON.3ssl.gz
-usr/share/man/man3/ERR_PACK.3ssl.gz
-usr/share/man/man3/ERR_add_error_data.3ssl.gz
-usr/share/man/man3/ERR_clear_error.3ssl.gz
-usr/share/man/man3/ERR_error_string.3ssl.gz
-usr/share/man/man3/ERR_error_string_n.3ssl.gz
-usr/share/man/man3/ERR_free_strings.3ssl.gz
-usr/share/man/man3/ERR_func_error_string.3ssl.gz
-usr/share/man/man3/ERR_get_error.3ssl.gz
-usr/share/man/man3/ERR_get_error_line.3ssl.gz
-usr/share/man/man3/ERR_get_error_line_data.3ssl.gz
-usr/share/man/man3/ERR_get_next_error_library.3ssl.gz
-usr/share/man/man3/ERR_lib_error_string.3ssl.gz
-usr/share/man/man3/ERR_load_UI_strings.3ssl.gz
-usr/share/man/man3/ERR_load_crypto_strings.3ssl.gz
-usr/share/man/man3/ERR_load_strings.3ssl.gz
-usr/share/man/man3/ERR_peek_error.3ssl.gz
-usr/share/man/man3/ERR_peek_error_line.3ssl.gz
-usr/share/man/man3/ERR_peek_error_line_data.3ssl.gz
-usr/share/man/man3/ERR_peek_last_error.3ssl.gz
-usr/share/man/man3/ERR_peek_last_error_line.3ssl.gz
-usr/share/man/man3/ERR_peek_last_error_line_data.3ssl.gz
-usr/share/man/man3/ERR_pop_to_mark.3ssl.gz
-usr/share/man/man3/ERR_print_errors.3ssl.gz
-usr/share/man/man3/ERR_print_errors_fp.3ssl.gz
-usr/share/man/man3/ERR_put_error.3ssl.gz
-usr/share/man/man3/ERR_reason_error_string.3ssl.gz
-usr/share/man/man3/ERR_remove_state.3ssl.gz
-usr/share/man/man3/ERR_remove_thread_state.3ssl.gz
-usr/share/man/man3/ERR_set_mark.3ssl.gz
-usr/share/man/man3/EVP_BytesToKey.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_block_size.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_cipher.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_cleanup.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_ctrl.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_flags.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_get_app_data.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_init.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_iv_length.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_key_length.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_mode.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_nid.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_set_app_data.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_set_key_length.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_set_padding.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_CTX_type.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_asn1_to_param.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_block_size.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_flags.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_iv_length.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_key_length.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_mode.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_nid.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_param_to_asn1.3ssl.gz
-usr/share/man/man3/EVP_CIPHER_type.3ssl.gz
-usr/share/man/man3/EVP_CipherFinal.3ssl.gz
-usr/share/man/man3/EVP_CipherFinal_ex.3ssl.gz
-usr/share/man/man3/EVP_CipherInit.3ssl.gz
-usr/share/man/man3/EVP_CipherInit_ex.3ssl.gz
-usr/share/man/man3/EVP_CipherUpdate.3ssl.gz
-usr/share/man/man3/EVP_DecodeBlock.3ssl.gz
-usr/share/man/man3/EVP_DecodeFinal.3ssl.gz
-usr/share/man/man3/EVP_DecodeInit.3ssl.gz
-usr/share/man/man3/EVP_DecodeUpdate.3ssl.gz
-usr/share/man/man3/EVP_DecryptFinal.3ssl.gz
-usr/share/man/man3/EVP_DecryptFinal_ex.3ssl.gz
-usr/share/man/man3/EVP_DecryptInit.3ssl.gz
-usr/share/man/man3/EVP_DecryptInit_ex.3ssl.gz
-usr/share/man/man3/EVP_DecryptUpdate.3ssl.gz
-usr/share/man/man3/EVP_DigestFinal.3ssl.gz
-usr/share/man/man3/EVP_DigestFinal_ex.3ssl.gz
-usr/share/man/man3/EVP_DigestInit.3ssl.gz
-usr/share/man/man3/EVP_DigestInit_ex.3ssl.gz
-usr/share/man/man3/EVP_DigestSignFinal.3ssl.gz
-usr/share/man/man3/EVP_DigestSignInit.3ssl.gz
-usr/share/man/man3/EVP_DigestSignUpdate.3ssl.gz
-usr/share/man/man3/EVP_DigestUpdate.3ssl.gz
-usr/share/man/man3/EVP_DigestVerifyFinal.3ssl.gz
-usr/share/man/man3/EVP_DigestVerifyInit.3ssl.gz
-usr/share/man/man3/EVP_DigestVerifyUpdate.3ssl.gz
-usr/share/man/man3/EVP_EncodeBlock.3ssl.gz
-usr/share/man/man3/EVP_EncodeFinal.3ssl.gz
-usr/share/man/man3/EVP_EncodeInit.3ssl.gz
-usr/share/man/man3/EVP_EncodeUpdate.3ssl.gz
-usr/share/man/man3/EVP_EncryptFinal.3ssl.gz
-usr/share/man/man3/EVP_EncryptFinal_ex.3ssl.gz
-usr/share/man/man3/EVP_EncryptInit.3ssl.gz
-usr/share/man/man3/EVP_EncryptInit_ex.3ssl.gz
-usr/share/man/man3/EVP_EncryptUpdate.3ssl.gz
-usr/share/man/man3/EVP_MAX_MD_SIZE.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_block_size.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_cleanup.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_copy.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_copy_ex.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_create.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_destroy.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_init.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_md.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_size.3ssl.gz
-usr/share/man/man3/EVP_MD_CTX_type.3ssl.gz
-usr/share/man/man3/EVP_MD_block_size.3ssl.gz
-usr/share/man/man3/EVP_MD_pkey_type.3ssl.gz
-usr/share/man/man3/EVP_MD_size.3ssl.gz
-usr/share/man/man3/EVP_MD_type.3ssl.gz
-usr/share/man/man3/EVP_OpenFinal.3ssl.gz
-usr/share/man/man3/EVP_OpenInit.3ssl.gz
-usr/share/man/man3/EVP_OpenUpdate.3ssl.gz
-usr/share/man/man3/EVP_PKEVP_PKEY_CTX_set_app_data.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_ctrl.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_ctrl_str.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_dup.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_free.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_get_app_data.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_get_cb.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_get_keygen_info.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_new.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_new_id.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_cb.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_rsa_padding.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_rsa_rsa_keygen_bits.3ssl.gz
-usr/share/man/man3/EVP_PKEY_CTX_set_signature_md.3ssl.gz
-usr/share/man/man3/EVP_PKEY_METHOD.3ssl.gz
-usr/share/man/man3/EVP_PKEY_assign_DH.3ssl.gz
-usr/share/man/man3/EVP_PKEY_assign_DSA.3ssl.gz
-usr/share/man/man3/EVP_PKEY_assign_EC_KEY.3ssl.gz
-usr/share/man/man3/EVP_PKEY_assign_RSA.3ssl.gz
-usr/share/man/man3/EVP_PKEY_cmp.3ssl.gz
-usr/share/man/man3/EVP_PKEY_cmp_parameters.3ssl.gz
-usr/share/man/man3/EVP_PKEY_copy_parameters.3ssl.gz
-usr/share/man/man3/EVP_PKEY_decrypt.3ssl.gz
-usr/share/man/man3/EVP_PKEY_decrypt_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_derive.3ssl.gz
-usr/share/man/man3/EVP_PKEY_derive_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_derive_set_peer.3ssl.gz
-usr/share/man/man3/EVP_PKEY_encrypt.3ssl.gz
-usr/share/man/man3/EVP_PKEY_encrypt_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_free.3ssl.gz
-usr/share/man/man3/EVP_PKEY_get1_DH.3ssl.gz
-usr/share/man/man3/EVP_PKEY_get1_DSA.3ssl.gz
-usr/share/man/man3/EVP_PKEY_get1_EC_KEY.3ssl.gz
-usr/share/man/man3/EVP_PKEY_get1_RSA.3ssl.gz
-usr/share/man/man3/EVP_PKEY_get_default_digest.3ssl.gz
-usr/share/man/man3/EVP_PKEY_get_default_digest_nid.3ssl.gz
-usr/share/man/man3/EVP_PKEY_keygen.3ssl.gz
-usr/share/man/man3/EVP_PKEY_keygen_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_add0.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_copy.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_find.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_free.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_cleanup.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_copy.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_ctrl.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_decrypt.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_derive.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_encrypt.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_keygen.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_paramgen.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_sign.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_signctx.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_verify.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_verify_recover.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_get_verifyctx.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_new.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_cleanup.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_copy.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_ctrl.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_decrypt.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_derive.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_encrypt.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_keygen.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_paramgen.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_sign.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_signctx.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_verify.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_verify_recover.3ssl.gz
-usr/share/man/man3/EVP_PKEY_meth_set_verifyctx.3ssl.gz
-usr/share/man/man3/EVP_PKEY_missing_parameters.3ssl.gz
-usr/share/man/man3/EVP_PKEY_new.3ssl.gz
-usr/share/man/man3/EVP_PKEY_paramgen.3ssl.gz
-usr/share/man/man3/EVP_PKEY_paramgen_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_print_params.3ssl.gz
-usr/share/man/man3/EVP_PKEY_print_private.3ssl.gz
-usr/share/man/man3/EVP_PKEY_print_public.3ssl.gz
-usr/share/man/man3/EVP_PKEY_set1_DH.3ssl.gz
-usr/share/man/man3/EVP_PKEY_set1_DSA.3ssl.gz
-usr/share/man/man3/EVP_PKEY_set1_EC_KEY.3ssl.gz
-usr/share/man/man3/EVP_PKEY_set1_RSA.3ssl.gz
-usr/share/man/man3/EVP_PKEY_sign.3ssl.gz
-usr/share/man/man3/EVP_PKEY_sign_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_type.3ssl.gz
-usr/share/man/man3/EVP_PKEY_verify.3ssl.gz
-usr/share/man/man3/EVP_PKEY_verify_init.3ssl.gz
-usr/share/man/man3/EVP_PKEY_verify_recover.3ssl.gz
-usr/share/man/man3/EVP_PKEY_verify_recover_init.3ssl.gz
-usr/share/man/man3/EVP_SealFinal.3ssl.gz
-usr/share/man/man3/EVP_SealInit.3ssl.gz
-usr/share/man/man3/EVP_SealUpdate.3ssl.gz
-usr/share/man/man3/EVP_SignFinal.3ssl.gz
-usr/share/man/man3/EVP_SignInit.3ssl.gz
-usr/share/man/man3/EVP_SignInit_ex.3ssl.gz
-usr/share/man/man3/EVP_SignUpdate.3ssl.gz
-usr/share/man/man3/EVP_VerifyFinal.3ssl.gz
-usr/share/man/man3/EVP_VerifyInit.3ssl.gz
-usr/share/man/man3/EVP_VerifyUpdate.3ssl.gz
-usr/share/man/man3/EVP_aes_128_cbc_hmac_sha1.3ssl.gz
-usr/share/man/man3/EVP_aes_128_cbc_hmac_sha256.3ssl.gz
-usr/share/man/man3/EVP_aes_128_ccm.3ssl.gz
-usr/share/man/man3/EVP_aes_128_gcm.3ssl.gz
-usr/share/man/man3/EVP_aes_192_ccm.3ssl.gz
-usr/share/man/man3/EVP_aes_192_gcm.3ssl.gz
-usr/share/man/man3/EVP_aes_256_cbc_hmac_sha1.3ssl.gz
-usr/share/man/man3/EVP_aes_256_cbc_hmac_sha256.3ssl.gz
-usr/share/man/man3/EVP_aes_256_ccm.3ssl.gz
-usr/share/man/man3/EVP_aes_256_gcm.3ssl.gz
-usr/share/man/man3/EVP_bf_cbc.3ssl.gz
-usr/share/man/man3/EVP_bf_cfb.3ssl.gz
-usr/share/man/man3/EVP_bf_ecb.3ssl.gz
-usr/share/man/man3/EVP_bf_ofb.3ssl.gz
-usr/share/man/man3/EVP_cast5_cbc.3ssl.gz
-usr/share/man/man3/EVP_cast5_cfb.3ssl.gz
-usr/share/man/man3/EVP_cast5_ecb.3ssl.gz
-usr/share/man/man3/EVP_cast5_ofb.3ssl.gz
-usr/share/man/man3/EVP_cleanup.3ssl.gz
-usr/share/man/man3/EVP_des_cbc.3ssl.gz
-usr/share/man/man3/EVP_des_cfb.3ssl.gz
-usr/share/man/man3/EVP_des_ecb.3ssl.gz
-usr/share/man/man3/EVP_des_ede.3ssl.gz
-usr/share/man/man3/EVP_des_ede3.3ssl.gz
-usr/share/man/man3/EVP_des_ede3_cbc.3ssl.gz
-usr/share/man/man3/EVP_des_ede3_cfb.3ssl.gz
-usr/share/man/man3/EVP_des_ede3_ofb.3ssl.gz
-usr/share/man/man3/EVP_des_ede_cbc.3ssl.gz
-usr/share/man/man3/EVP_des_ede_cfb.3ssl.gz
-usr/share/man/man3/EVP_des_ede_ofb.3ssl.gz
-usr/share/man/man3/EVP_des_ofb.3ssl.gz
-usr/share/man/man3/EVP_desx_cbc.3ssl.gz
-usr/share/man/man3/EVP_dss.3ssl.gz
-usr/share/man/man3/EVP_dss1.3ssl.gz
-usr/share/man/man3/EVP_enc_null.3ssl.gz
-usr/share/man/man3/EVP_get_cipherbyname.3ssl.gz
-usr/share/man/man3/EVP_get_cipherbynid.3ssl.gz
-usr/share/man/man3/EVP_get_cipherbyobj.3ssl.gz
-usr/share/man/man3/EVP_get_digestbyname.3ssl.gz
-usr/share/man/man3/EVP_get_digestbynid.3ssl.gz
-usr/share/man/man3/EVP_get_digestbyobj.3ssl.gz
-usr/share/man/man3/EVP_idea_cbc.3ssl.gz
-usr/share/man/man3/EVP_idea_cfb.3ssl.gz
-usr/share/man/man3/EVP_idea_ecb.3ssl.gz
-usr/share/man/man3/EVP_idea_ofb.3ssl.gz
-usr/share/man/man3/EVP_md2.3ssl.gz
-usr/share/man/man3/EVP_md5.3ssl.gz
-usr/share/man/man3/EVP_md_null.3ssl.gz
-usr/share/man/man3/EVP_mdc2.3ssl.gz
-usr/share/man/man3/EVP_rc2_40_cbc.3ssl.gz
-usr/share/man/man3/EVP_rc2_64_cbc.3ssl.gz
-usr/share/man/man3/EVP_rc2_cbc.3ssl.gz
-usr/share/man/man3/EVP_rc2_cfb.3ssl.gz
-usr/share/man/man3/EVP_rc2_ecb.3ssl.gz
-usr/share/man/man3/EVP_rc2_ofb.3ssl.gz
-usr/share/man/man3/EVP_rc4.3ssl.gz
-usr/share/man/man3/EVP_rc4_40.3ssl.gz
-usr/share/man/man3/EVP_rc4_hmac_md5.3ssl.gz
-usr/share/man/man3/EVP_rc5_32_12_16_cbc.3ssl.gz
-usr/share/man/man3/EVP_rc5_32_12_16_cfb.3ssl.gz
-usr/share/man/man3/EVP_rc5_32_12_16_ecb.3ssl.gz
-usr/share/man/man3/EVP_rc5_32_12_16_ofb.3ssl.gz
-usr/share/man/man3/EVP_ripemd160.3ssl.gz
-usr/share/man/man3/EVP_sha.3ssl.gz
-usr/share/man/man3/EVP_sha1.3ssl.gz
-usr/share/man/man3/EVP_sha224.3ssl.gz
-usr/share/man/man3/EVP_sha256.3ssl.gz
-usr/share/man/man3/EVP_sha384.3ssl.gz
-usr/share/man/man3/EVP_sha512.3ssl.gz
-usr/share/man/man3/MD2.3ssl.gz
-usr/share/man/man3/MD4.3ssl.gz
-usr/share/man/man3/OBJ_cleanup.3ssl.gz
-usr/share/man/man3/OBJ_cmp.3ssl.gz
-usr/share/man/man3/OBJ_create.3ssl.gz
-usr/share/man/man3/OBJ_dup.3ssl.gz
-usr/share/man/man3/OBJ_ln2nid.3ssl.gz
-usr/share/man/man3/OBJ_nid2ln.3ssl.gz
-usr/share/man/man3/OBJ_nid2obj.3ssl.gz
-usr/share/man/man3/OBJ_nid2sn.3ssl.gz
-usr/share/man/man3/OBJ_obj2nid.3ssl.gz
-usr/share/man/man3/OBJ_obj2txt.3ssl.gz
-usr/share/man/man3/OBJ_sn2nid.3ssl.gz
-usr/share/man/man3/OBJ_txt2nid.3ssl.gz
-usr/share/man/man3/OBJ_txt2obj.3ssl.gz
-usr/share/man/man3/OPENSSL_Applink.3ssl.gz
-usr/share/man/man3/OPENSSL_VERSION_NUMBER.3ssl.gz
-usr/share/man/man3/OPENSSL_config.3ssl.gz
-usr/share/man/man3/OPENSSL_ia32cap.3ssl.gz
-usr/share/man/man3/OPENSSL_ia32cap_loc.3ssl.gz
-usr/share/man/man3/OPENSSL_instrument_bus.3ssl.gz
-usr/share/man/man3/OPENSSL_instrument_bus2.3ssl.gz
-usr/share/man/man3/OPENSSL_load_builtin_modules.3ssl.gz
-usr/share/man/man3/OPENSSL_no_config.3ssl.gz
-usr/share/man/man3/OpenSSL_add_all_algorithms.3ssl.gz
-usr/share/man/man3/OpenSSL_add_all_ciphers.3ssl.gz
-usr/share/man/man3/OpenSSL_add_all_digests.3ssl.gz
-usr/share/man/man3/OpenSSL_add_ssl_algorithms.3ssl.gz
-usr/share/man/man3/PEM_write_bio_CMS_stream.3ssl.gz
-usr/share/man/man3/PEM_write_bio_PKCS7_stream.3ssl.gz
-usr/share/man/man3/PKCS12_create.3ssl.gz
-usr/share/man/man3/PKCS12_parse.3ssl.gz
-usr/share/man/man3/PKCS7_decrypt.3ssl.gz
-usr/share/man/man3/PKCS7_encrypt.3ssl.gz
-usr/share/man/man3/PKCS7_get0_signers.3ssl.gz
-usr/share/man/man3/PKCS7_sign.3ssl.gz
-usr/share/man/man3/PKCS7_sign_add_signer.3ssl.gz
-usr/share/man/man3/PKCS7_verify.3ssl.gz
-usr/share/man/man3/RAND_SSLeay.3ssl.gz
-usr/share/man/man3/RAND_add.3ssl.gz
-usr/share/man/man3/RAND_bytes.3ssl.gz
-usr/share/man/man3/RAND_cleanup.3ssl.gz
-usr/share/man/man3/RAND_egd.3ssl.gz
-usr/share/man/man3/RAND_egd_bytes.3ssl.gz
-usr/share/man/man3/RAND_event.3ssl.gz
-usr/share/man/man3/RAND_file_name.3ssl.gz
-usr/share/man/man3/RAND_get_rand_method.3ssl.gz
-usr/share/man/man3/RAND_load_file.3ssl.gz
-usr/share/man/man3/RAND_pseudo_bytes.3ssl.gz
-usr/share/man/man3/RAND_query_egd_bytes.3ssl.gz
-usr/share/man/man3/RAND_screen.3ssl.gz
-usr/share/man/man3/RAND_seed.3ssl.gz
-usr/share/man/man3/RAND_set_rand_method.3ssl.gz
-usr/share/man/man3/RAND_status.3ssl.gz
-usr/share/man/man3/RAND_write_file.3ssl.gz
-usr/share/man/man3/RC4_set_key.3ssl.gz
-usr/share/man/man3/RIPEMD160.3ssl.gz
-usr/share/man/man3/RIPEMD160_Final.3ssl.gz
-usr/share/man/man3/RIPEMD160_Init.3ssl.gz
-usr/share/man/man3/RIPEMD160_Update.3ssl.gz
-usr/share/man/man3/RSA_PKCS1_SSLeay.3ssl.gz
-usr/share/man/man3/RSA_blinding_off.3ssl.gz
-usr/share/man/man3/RSA_blinding_on.3ssl.gz
-usr/share/man/man3/RSA_check_key.3ssl.gz
-usr/share/man/man3/RSA_flags.3ssl.gz
-usr/share/man/man3/RSA_free.3ssl.gz
-usr/share/man/man3/RSA_generate_key.3ssl.gz
-usr/share/man/man3/RSA_generate_key_ex.3ssl.gz
-usr/share/man/man3/RSA_get_default_method.3ssl.gz
-usr/share/man/man3/RSA_get_ex_data.3ssl.gz
-usr/share/man/man3/RSA_get_ex_new_index.3ssl.gz
-usr/share/man/man3/RSA_get_method.3ssl.gz
-usr/share/man/man3/RSA_new.3ssl.gz
-usr/share/man/man3/RSA_new_method.3ssl.gz
-usr/share/man/man3/RSA_null_method.3ssl.gz
-usr/share/man/man3/RSA_padding_add_PKCS1_OAEP.3ssl.gz
-usr/share/man/man3/RSA_padding_add_PKCS1_type_1.3ssl.gz
-usr/share/man/man3/RSA_padding_add_PKCS1_type_2.3ssl.gz
-usr/share/man/man3/RSA_padding_add_SSLv23.3ssl.gz
-usr/share/man/man3/RSA_padding_add_none.3ssl.gz
-usr/share/man/man3/RSA_padding_check_PKCS1_OAEP.3ssl.gz
-usr/share/man/man3/RSA_padding_check_PKCS1_type_1.3ssl.gz
-usr/share/man/man3/RSA_padding_check_PKCS1_type_2.3ssl.gz
-usr/share/man/man3/RSA_padding_check_SSLv23.3ssl.gz
-usr/share/man/man3/RSA_padding_check_none.3ssl.gz
-usr/share/man/man3/RSA_print.3ssl.gz
-usr/share/man/man3/RSA_print_fp.3ssl.gz
-usr/share/man/man3/RSA_private_decrypt.3ssl.gz
-usr/share/man/man3/RSA_private_encrypt.3ssl.gz
-usr/share/man/man3/RSA_public_decrypt.3ssl.gz
-usr/share/man/man3/RSA_public_encrypt.3ssl.gz
-usr/share/man/man3/RSA_set_default_method.3ssl.gz
-usr/share/man/man3/RSA_set_ex_data.3ssl.gz
-usr/share/man/man3/RSA_set_method.3ssl.gz
-usr/share/man/man3/RSA_sign.3ssl.gz
-usr/share/man/man3/RSA_sign_ASN1_OCTET_STRING.3ssl.gz
-usr/share/man/man3/RSA_size.3ssl.gz
-usr/share/man/man3/RSA_verify.3ssl.gz
-usr/share/man/man3/RSA_verify_ASN1_OCTET_STRING.3ssl.gz
-usr/share/man/man3/SHA1.3ssl.gz
-usr/share/man/man3/SHA1_Final.3ssl.gz
-usr/share/man/man3/SHA1_Init.3ssl.gz
-usr/share/man/man3/SHA1_Update.3ssl.gz
-usr/share/man/man3/SHA224.3ssl.gz
-usr/share/man/man3/SHA224_Final.3ssl.gz
-usr/share/man/man3/SHA224_Init.3ssl.gz
-usr/share/man/man3/SHA224_Update.3ssl.gz
-usr/share/man/man3/SHA256.3ssl.gz
-usr/share/man/man3/SHA256_Final.3ssl.gz
-usr/share/man/man3/SHA256_Init.3ssl.gz
-usr/share/man/man3/SHA256_Update.3ssl.gz
-usr/share/man/man3/SHA384.3ssl.gz
-usr/share/man/man3/SHA384_Final.3ssl.gz
-usr/share/man/man3/SHA384_Init.3ssl.gz
-usr/share/man/man3/SHA384_Update.3ssl.gz
-usr/share/man/man3/SHA512.3ssl.gz
-usr/share/man/man3/SHA512_Final.3ssl.gz
-usr/share/man/man3/SHA512_Init.3ssl.gz
-usr/share/man/man3/SHA512_Update.3ssl.gz
-usr/share/man/man3/SMIME_read_CMS.3ssl.gz
-usr/share/man/man3/SMIME_read_PKCS7.3ssl.gz
-usr/share/man/man3/SMIME_write_CMS.3ssl.gz
-usr/share/man/man3/SMIME_write_PKCS7.3ssl.gz
-usr/share/man/man3/SSL_CIPHER_description.3ssl.gz
-usr/share/man/man3/SSL_CIPHER_get_bits.3ssl.gz
-usr/share/man/man3/SSL_CIPHER_get_name.3ssl.gz
-usr/share/man/man3/SSL_CIPHER_get_version.3ssl.gz
-usr/share/man/man3/SSL_COMP_add_compression_method.3ssl.gz
-usr/share/man/man3/SSL_COMP_free_compression_methods.3ssl.gz
-usr/share/man/man3/SSL_CONF_CTX_clear_flags.3ssl.gz
-usr/share/man/man3/SSL_CONF_CTX_free.3ssl.gz
-usr/share/man/man3/SSL_CONF_CTX_new.3ssl.gz
-usr/share/man/man3/SSL_CONF_CTX_set1_prefix.3ssl.gz
-usr/share/man/man3/SSL_CONF_CTX_set_flags.3ssl.gz
-usr/share/man/man3/SSL_CONF_CTX_set_ssl.3ssl.gz
-usr/share/man/man3/SSL_CONF_CTX_set_ssl_ctx.3ssl.gz
-usr/share/man/man3/SSL_CONF_cmd.3ssl.gz
-usr/share/man/man3/SSL_CONF_cmd_argv.3ssl.gz
-usr/share/man/man3/SSL_CTX_add0_chain_cert.3ssl.gz
-usr/share/man/man3/SSL_CTX_add1_chain_cert.3ssl.gz
-usr/share/man/man3/SSL_CTX_add_client_CA.3ssl.gz
-usr/share/man/man3/SSL_CTX_add_client_custom_ext.3ssl.gz
-usr/share/man/man3/SSL_CTX_add_extra_chain_cert.3ssl.gz
-usr/share/man/man3/SSL_CTX_add_server_custom_ext.3ssl.gz
-usr/share/man/man3/SSL_CTX_add_session.3ssl.gz
-usr/share/man/man3/SSL_CTX_build_cert_chain.3ssl.gz
-usr/share/man/man3/SSL_CTX_callback_ctrl.3ssl.gz
-usr/share/man/man3/SSL_CTX_check_private_key.3ssl.gz
-usr/share/man/man3/SSL_CTX_clear_chain_certs.3ssl.gz
-usr/share/man/man3/SSL_CTX_clear_extra_chain_certs.3ssl.gz
-usr/share/man/man3/SSL_CTX_clear_options.3ssl.gz
-usr/share/man/man3/SSL_CTX_ctrl.3ssl.gz
-usr/share/man/man3/SSL_CTX_flush_sessions.3ssl.gz
-usr/share/man/man3/SSL_CTX_free.3ssl.gz
-usr/share/man/man3/SSL_CTX_get0_chain_certs.3ssl.gz
-usr/share/man/man3/SSL_CTX_get0_param.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_cert_store.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_client_CA_list.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_client_cert_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_default_read_ahead.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_ex_data.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_ex_new_index.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_info_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_max_cert_list.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_mode.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_options.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_quiet_shutdown.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_read_ahead.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_session_cache_mode.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_timeout.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_verify_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_verify_depth.3ssl.gz
-usr/share/man/man3/SSL_CTX_get_verify_mode.3ssl.gz
-usr/share/man/man3/SSL_CTX_load_verify_locations.3ssl.gz
-usr/share/man/man3/SSL_CTX_need_tmp_rsa.3ssl.gz
-usr/share/man/man3/SSL_CTX_new.3ssl.gz
-usr/share/man/man3/SSL_CTX_remove_session.3ssl.gz
-usr/share/man/man3/SSL_CTX_select_current_cert.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_accept.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_accept_good.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_accept_renegotiate.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_cache_full.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_cb_hits.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_connect.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_connect_good.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_connect_renegotiate.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_get_cache_size.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_get_get_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_get_new_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_get_remove_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_hits.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_misses.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_number.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_set_cache_size.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_set_get_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_set_new_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_set_remove_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_sess_timeouts.3ssl.gz
-usr/share/man/man3/SSL_CTX_sessions.3ssl.gz
-usr/share/man/man3/SSL_CTX_set0_chain.3ssl.gz
-usr/share/man/man3/SSL_CTX_set0_chain_cert_store.3ssl.gz
-usr/share/man/man3/SSL_CTX_set0_verify_cert_store.3ssl.gz
-usr/share/man/man3/SSL_CTX_set1_chain.3ssl.gz
-usr/share/man/man3/SSL_CTX_set1_chain_cert_store.3ssl.gz
-usr/share/man/man3/SSL_CTX_set1_curves.3ssl.gz
-usr/share/man/man3/SSL_CTX_set1_curves_list.3ssl.gz
-usr/share/man/man3/SSL_CTX_set1_param.3ssl.gz
-usr/share/man/man3/SSL_CTX_set1_verify_cert_store.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_alpn_protos.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_alpn_select_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_cert_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_cert_store.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_cert_verify_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_cipher_list.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_client_CA_list.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_client_cert_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_current_cert.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_custom_cli_ext.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_default_passwd_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_default_passwd_cb_userdata.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_default_read_ahead.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_ecdh_auto.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_ex_data.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_generate_session_id.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_info_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_max_cert_list.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_mode.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_msg_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_msg_callback_arg.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_options.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_psk_client_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_psk_server_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_quiet_shutdown.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_read_ahead.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_session_cache_mode.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_session_id_context.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_ssl_version.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_timeout.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tlsext_servername_arg.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tlsext_servername_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tlsext_status_arg.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tlsext_status_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tmp_dh.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tmp_dh_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tmp_rsa.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_tmp_rsa_callback.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_verify.3ssl.gz
-usr/share/man/man3/SSL_CTX_set_verify_depth.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_PrivateKey.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_PrivateKey_ASN1.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_PrivateKey_file.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_RSAPrivateKey.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_ASN1.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_file.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_certificate.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_certificate_ASN1.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_certificate_chain_file.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_certificate_file.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_psk_identity_hint.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_serverinfo.3ssl.gz
-usr/share/man/man3/SSL_CTX_use_serverinfo_file.3ssl.gz
-usr/share/man/man3/SSL_SESSION_free.3ssl.gz
-usr/share/man/man3/SSL_SESSION_get_ex_data.3ssl.gz
-usr/share/man/man3/SSL_SESSION_get_ex_new_index.3ssl.gz
-usr/share/man/man3/SSL_SESSION_get_time.3ssl.gz
-usr/share/man/man3/SSL_SESSION_get_timeout.3ssl.gz
-usr/share/man/man3/SSL_SESSION_set_ex_data.3ssl.gz
-usr/share/man/man3/SSL_SESSION_set_time.3ssl.gz
-usr/share/man/man3/SSL_SESSION_set_timeout.3ssl.gz
-usr/share/man/man3/SSL_accept.3ssl.gz
-usr/share/man/man3/SSL_add0_chain_cert.3ssl.gz
-usr/share/man/man3/SSL_add1_chain_cert.3ssl.gz
-usr/share/man/man3/SSL_add_client_CA.3ssl.gz
-usr/share/man/man3/SSL_add_session.3ssl.gz
-usr/share/man/man3/SSL_alert_desc_string.3ssl.gz
-usr/share/man/man3/SSL_alert_desc_string_long.3ssl.gz
-usr/share/man/man3/SSL_alert_type_string.3ssl.gz
-usr/share/man/man3/SSL_alert_type_string_long.3ssl.gz
-usr/share/man/man3/SSL_build_cert_chain.3ssl.gz
-usr/share/man/man3/SSL_callback_ctrl.3ssl.gz
-usr/share/man/man3/SSL_check_chain.3ssl.gz
-usr/share/man/man3/SSL_check_private_key.3ssl.gz
-usr/share/man/man3/SSL_clear.3ssl.gz
-usr/share/man/man3/SSL_clear_chain_certs.3ssl.gz
-usr/share/man/man3/SSL_clear_options.3ssl.gz
-usr/share/man/man3/SSL_connect.3ssl.gz
-usr/share/man/man3/SSL_ctrl.3ssl.gz
-usr/share/man/man3/SSL_do_handshake.3ssl.gz
-usr/share/man/man3/SSL_export_keying_material.3ssl.gz
-usr/share/man/man3/SSL_flush_sessions.3ssl.gz
-usr/share/man/man3/SSL_free.3ssl.gz
-usr/share/man/man3/SSL_get0_alpn_selected.3ssl.gz
-usr/share/man/man3/SSL_get0_chain_certs.3ssl.gz
-usr/share/man/man3/SSL_get0_param.3ssl.gz
-usr/share/man/man3/SSL_get1_curves.3ssl.gz
-usr/share/man/man3/SSL_get_SSL_CTX.3ssl.gz
-usr/share/man/man3/SSL_get_accept_state.3ssl.gz
-usr/share/man/man3/SSL_get_cipher.3ssl.gz
-usr/share/man/man3/SSL_get_cipher_bits.3ssl.gz
-usr/share/man/man3/SSL_get_cipher_list.3ssl.gz
-usr/share/man/man3/SSL_get_cipher_name.3ssl.gz
-usr/share/man/man3/SSL_get_cipher_version.3ssl.gz
-usr/share/man/man3/SSL_get_ciphers.3ssl.gz
-usr/share/man/man3/SSL_get_client_CA_list.3ssl.gz
-usr/share/man/man3/SSL_get_current_cipher.3ssl.gz
-usr/share/man/man3/SSL_get_default_timeout.3ssl.gz
-usr/share/man/man3/SSL_get_error.3ssl.gz
-usr/share/man/man3/SSL_get_ex_data.3ssl.gz
-usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3ssl.gz
-usr/share/man/man3/SSL_get_ex_new_index.3ssl.gz
-usr/share/man/man3/SSL_get_fd.3ssl.gz
-usr/share/man/man3/SSL_get_info_callback.3ssl.gz
-usr/share/man/man3/SSL_get_max_cert_list.3ssl.gz
-usr/share/man/man3/SSL_get_mode.3ssl.gz
-usr/share/man/man3/SSL_get_msg_callback_arg.3ssl.gz
-usr/share/man/man3/SSL_get_options.3ssl.gz
-usr/share/man/man3/SSL_get_peer_cert_chain.3ssl.gz
-usr/share/man/man3/SSL_get_peer_certificate.3ssl.gz
-usr/share/man/man3/SSL_get_psk_identity.3ssl.gz
-usr/share/man/man3/SSL_get_psk_identity_hint.3ssl.gz
-usr/share/man/man3/SSL_get_quiet_shutdown.3ssl.gz
-usr/share/man/man3/SSL_get_rbio.3ssl.gz
-usr/share/man/man3/SSL_get_read_ahead.3ssl.gz
-usr/share/man/man3/SSL_get_secure_renegotiation_support.3ssl.gz
-usr/share/man/man3/SSL_get_servername.3ssl.gz
-usr/share/man/man3/SSL_get_servername_type.3ssl.gz
-usr/share/man/man3/SSL_get_session.3ssl.gz
-usr/share/man/man3/SSL_get_shared_curve.3ssl.gz
-usr/share/man/man3/SSL_get_shutdown.3ssl.gz
-usr/share/man/man3/SSL_get_ssl_method.3ssl.gz
-usr/share/man/man3/SSL_get_tlsext_status_ocsp_resp.3ssl.gz
-usr/share/man/man3/SSL_get_verify_callback.3ssl.gz
-usr/share/man/man3/SSL_get_verify_depth.3ssl.gz
-usr/share/man/man3/SSL_get_verify_mode.3ssl.gz
-usr/share/man/man3/SSL_get_verify_result.3ssl.gz
-usr/share/man/man3/SSL_get_version.3ssl.gz
-usr/share/man/man3/SSL_has_matching_session_id.3ssl.gz
-usr/share/man/man3/SSL_library_init.3ssl.gz
-usr/share/man/man3/SSL_load_client_CA_file.3ssl.gz
-usr/share/man/man3/SSL_load_error_strings.3ssl.gz
-usr/share/man/man3/SSL_need_tmp_rsa.3ssl.gz
-usr/share/man/man3/SSL_new.3ssl.gz
-usr/share/man/man3/SSL_pending.3ssl.gz
-usr/share/man/man3/SSL_read.3ssl.gz
-usr/share/man/man3/SSL_remove_session.3ssl.gz
-usr/share/man/man3/SSL_rstate_string.3ssl.gz
-usr/share/man/man3/SSL_rstate_string_long.3ssl.gz
-usr/share/man/man3/SSL_select_current_cert.3ssl.gz
-usr/share/man/man3/SSL_select_next_proto.3ssl.gz
-usr/share/man/man3/SSL_session_reused.3ssl.gz
-usr/share/man/man3/SSL_set0_chain.3ssl.gz
-usr/share/man/man3/SSL_set0_chain_cert_store.3ssl.gz
-usr/share/man/man3/SSL_set0_verify_cert_store.3ssl.gz
-usr/share/man/man3/SSL_set1_chain.3ssl.gz
-usr/share/man/man3/SSL_set1_chain_cert_store.3ssl.gz
-usr/share/man/man3/SSL_set1_curves.3ssl.gz
-usr/share/man/man3/SSL_set1_curves_list.3ssl.gz
-usr/share/man/man3/SSL_set1_param.3ssl.gz
-usr/share/man/man3/SSL_set1_verify_cert_store.3ssl.gz
-usr/share/man/man3/SSL_set_alpn_protos.3ssl.gz
-usr/share/man/man3/SSL_set_bio.3ssl.gz
-usr/share/man/man3/SSL_set_cert_cb.3ssl.gz
-usr/share/man/man3/SSL_set_cipher_list.3ssl.gz
-usr/share/man/man3/SSL_set_client_CA_list.3ssl.gz
-usr/share/man/man3/SSL_set_connect_state.3ssl.gz
-usr/share/man/man3/SSL_set_current_cert.3ssl.gz
-usr/share/man/man3/SSL_set_ecdh_auto.3ssl.gz
-usr/share/man/man3/SSL_set_ex_data.3ssl.gz
-usr/share/man/man3/SSL_set_fd.3ssl.gz
-usr/share/man/man3/SSL_set_generate_session_id.3ssl.gz
-usr/share/man/man3/SSL_set_info_callback.3ssl.gz
-usr/share/man/man3/SSL_set_max_cert_list.3ssl.gz
-usr/share/man/man3/SSL_set_mode.3ssl.gz
-usr/share/man/man3/SSL_set_msg_callback.3ssl.gz
-usr/share/man/man3/SSL_set_options.3ssl.gz
-usr/share/man/man3/SSL_set_psk_client_callback.3ssl.gz
-usr/share/man/man3/SSL_set_psk_server_callback.3ssl.gz
-usr/share/man/man3/SSL_set_quiet_shutdown.3ssl.gz
-usr/share/man/man3/SSL_set_read_ahead.3ssl.gz
-usr/share/man/man3/SSL_set_session.3ssl.gz
-usr/share/man/man3/SSL_set_session_id_context.3ssl.gz
-usr/share/man/man3/SSL_set_shutdown.3ssl.gz
-usr/share/man/man3/SSL_set_ssl_method.3ssl.gz
-usr/share/man/man3/SSL_set_tlsext_status_ocsp_resp.3ssl.gz
-usr/share/man/man3/SSL_set_tlsext_status_type.3ssl.gz
-usr/share/man/man3/SSL_set_tmp_dh.3ssl.gz
-usr/share/man/man3/SSL_set_tmp_dh_callback.3ssl.gz
-usr/share/man/man3/SSL_set_tmp_rsa.3ssl.gz
-usr/share/man/man3/SSL_set_tmp_rsa_callback.3ssl.gz
-usr/share/man/man3/SSL_set_verify.3ssl.gz
-usr/share/man/man3/SSL_set_verify_depth.3ssl.gz
-usr/share/man/man3/SSL_set_verify_result.3ssl.gz
-usr/share/man/man3/SSL_shutdown.3ssl.gz
-usr/share/man/man3/SSL_state_string.3ssl.gz
-usr/share/man/man3/SSL_state_string_long.3ssl.gz
-usr/share/man/man3/SSL_use_PrivateKey.3ssl.gz
-usr/share/man/man3/SSL_use_PrivateKey_ASN1.3ssl.gz
-usr/share/man/man3/SSL_use_PrivateKey_file.3ssl.gz
-usr/share/man/man3/SSL_use_RSAPrivateKey.3ssl.gz
-usr/share/man/man3/SSL_use_RSAPrivateKey_ASN1.3ssl.gz
-usr/share/man/man3/SSL_use_RSAPrivateKey_file.3ssl.gz
-usr/share/man/man3/SSL_use_certificate.3ssl.gz
-usr/share/man/man3/SSL_use_certificate_ASN1.3ssl.gz
-usr/share/man/man3/SSL_use_certificate_file.3ssl.gz
-usr/share/man/man3/SSL_use_psk_identity_hint.3ssl.gz
-usr/share/man/man3/SSL_want.3ssl.gz
-usr/share/man/man3/SSL_want_nothing.3ssl.gz
-usr/share/man/man3/SSL_want_read.3ssl.gz
-usr/share/man/man3/SSL_want_write.3ssl.gz
-usr/share/man/man3/SSL_want_x509_lookup.3ssl.gz
-usr/share/man/man3/SSL_write.3ssl.gz
-usr/share/man/man3/SSLeay.3ssl.gz
-usr/share/man/man3/SSLeay_add_ssl_algorithms.3ssl.gz
-usr/share/man/man3/SSLeay_version.3ssl.gz
-usr/share/man/man3/SSLv23_client_method.3ssl.gz
-usr/share/man/man3/SSLv23_method.3ssl.gz
-usr/share/man/man3/SSLv23_server_method.3ssl.gz
-usr/share/man/man3/SSLv2_client_method.3ssl.gz
-usr/share/man/man3/SSLv2_method.3ssl.gz
-usr/share/man/man3/SSLv2_server_method.3ssl.gz
-usr/share/man/man3/SSLv3_client_method.3ssl.gz
-usr/share/man/man3/SSLv3_method.3ssl.gz
-usr/share/man/man3/SSLv3_server_method.3ssl.gz
-usr/share/man/man3/TLSv1_1_client_method.3ssl.gz
-usr/share/man/man3/TLSv1_1_method.3ssl.gz
-usr/share/man/man3/TLSv1_1_server_method.3ssl.gz
-usr/share/man/man3/TLSv1_2_client_method.3ssl.gz
-usr/share/man/man3/TLSv1_2_method.3ssl.gz
-usr/share/man/man3/TLSv1_2_server_method.3ssl.gz
-usr/share/man/man3/TLSv1_client_method.3ssl.gz
-usr/share/man/man3/TLSv1_method.3ssl.gz
-usr/share/man/man3/TLSv1_server_method.3ssl.gz
-usr/share/man/man3/UI_OpenSSL.3ssl.gz
-usr/share/man/man3/UI_add_error_string.3ssl.gz
-usr/share/man/man3/UI_add_info_string.3ssl.gz
-usr/share/man/man3/UI_add_input_boolean.3ssl.gz
-usr/share/man/man3/UI_add_input_string.3ssl.gz
-usr/share/man/man3/UI_add_user_data.3ssl.gz
-usr/share/man/man3/UI_add_verify_string.3ssl.gz
-usr/share/man/man3/UI_construct_prompt.3ssl.gz
-usr/share/man/man3/UI_ctrl.3ssl.gz
-usr/share/man/man3/UI_dup_error_string.3ssl.gz
-usr/share/man/man3/UI_dup_info_string.3ssl.gz
-usr/share/man/man3/UI_dup_input_boolean.3ssl.gz
-usr/share/man/man3/UI_dup_input_string.3ssl.gz
-usr/share/man/man3/UI_dup_verify_string.3ssl.gz
-usr/share/man/man3/UI_free.3ssl.gz
-usr/share/man/man3/UI_get0_result.3ssl.gz
-usr/share/man/man3/UI_get0_user_data.3ssl.gz
-usr/share/man/man3/UI_get_default_method.3ssl.gz
-usr/share/man/man3/UI_get_method.3ssl.gz
-usr/share/man/man3/UI_new.3ssl.gz
-usr/share/man/man3/UI_new_method.3ssl.gz
-usr/share/man/man3/UI_process.3ssl.gz
-usr/share/man/man3/UI_set_default_method.3ssl.gz
-usr/share/man/man3/UI_set_method.3ssl.gz
-usr/share/man/man3/X509_NAME_ENTRY_create_by_NID.3ssl.gz
-usr/share/man/man3/X509_NAME_ENTRY_create_by_OBJ.3ssl.gz
-usr/share/man/man3/X509_NAME_ENTRY_create_by_txt.3ssl.gz
-usr/share/man/man3/X509_NAME_ENTRY_get_data.3ssl.gz
-usr/share/man/man3/X509_NAME_ENTRY_get_object.3ssl.gz
-usr/share/man/man3/X509_NAME_ENTRY_set_data.3ssl.gz
-usr/share/man/man3/X509_NAME_ENTRY_set_object.3ssl.gz
-usr/share/man/man3/X509_NAME_add_entry.3ssl.gz
-usr/share/man/man3/X509_NAME_add_entry_by_NID.3ssl.gz
-usr/share/man/man3/X509_NAME_add_entry_by_OBJ.3ssl.gz
-usr/share/man/man3/X509_NAME_add_entry_by_txt.3ssl.gz
-usr/share/man/man3/X509_NAME_delete_entry.3ssl.gz
-usr/share/man/man3/X509_NAME_entry_count.3ssl.gz
-usr/share/man/man3/X509_NAME_get_entry.3ssl.gz
-usr/share/man/man3/X509_NAME_get_index_by_NID.3ssl.gz
-usr/share/man/man3/X509_NAME_get_index_by_OBJ.3ssl.gz
-usr/share/man/man3/X509_NAME_get_text_by_NID.3ssl.gz
-usr/share/man/man3/X509_NAME_get_text_by_OBJ.3ssl.gz
-usr/share/man/man3/X509_NAME_oneline.3ssl.gz
-usr/share/man/man3/X509_NAME_print.3ssl.gz
-usr/share/man/man3/X509_NAME_print_ex.3ssl.gz
-usr/share/man/man3/X509_NAME_print_ex_fp.3ssl.gz
-usr/share/man/man3/X509_REQ_check_private_key.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_cleanup.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_free.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_get0_param.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_get1_chain.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_get_current_cert.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_get_error.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_get_error_depth.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_get_ex_data.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_get_ex_new_index.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_init.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_new.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_set0_crls.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_set0_param.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_set_cert.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_set_chain.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_set_default.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_set_error.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_set_ex_data.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_set_verify_cb.3ssl.gz
-usr/share/man/man3/X509_STORE_CTX_trusted_stack.3ssl.gz
-usr/share/man/man3/X509_STORE_set_verify_cb.3ssl.gz
-usr/share/man/man3/X509_STORE_set_verify_cb_func.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_add0_policy.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_add1_host.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_clear_flags.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_get0_peername.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_get_depth.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_get_flags.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set1_email.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set1_host.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set1_ip.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set1_ip_asc.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set1_policies.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set_depth.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set_flags.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set_hostflags.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set_purpose.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set_time.3ssl.gz
-usr/share/man/man3/X509_VERIFY_PARAM_set_trust.3ssl.gz
-usr/share/man/man3/X509_check_email.3ssl.gz
-usr/share/man/man3/X509_check_host.3ssl.gz
-usr/share/man/man3/X509_check_ip.3ssl.gz
-usr/share/man/man3/X509_check_ip_asc.3ssl.gz
-usr/share/man/man3/X509_check_private_key.3ssl.gz
-usr/share/man/man3/X509_free.3ssl.gz
-usr/share/man/man3/X509_new.3ssl.gz
-usr/share/man/man3/X509_verify_cert.3ssl.gz
-usr/share/man/man3/X509_verify_cert_error_string.3ssl.gz
-usr/share/man/man3/bio.3ssl.gz
-usr/share/man/man3/blowfish.3ssl.gz
-usr/share/man/man3/bn.3ssl.gz
-usr/share/man/man3/bn_add_words.3ssl.gz
-usr/share/man/man3/bn_check_top.3ssl.gz
-usr/share/man/man3/bn_cmp_words.3ssl.gz
-usr/share/man/man3/bn_div_words.3ssl.gz
-usr/share/man/man3/bn_dump.3ssl.gz
-usr/share/man/man3/bn_expand.3ssl.gz
-usr/share/man/man3/bn_expand2.3ssl.gz
-usr/share/man/man3/bn_fix_top.3ssl.gz
-usr/share/man/man3/bn_internal.3ssl.gz
-usr/share/man/man3/bn_mul_add_words.3ssl.gz
-usr/share/man/man3/bn_mul_comba4.3ssl.gz
-usr/share/man/man3/bn_mul_comba8.3ssl.gz
-usr/share/man/man3/bn_mul_high.3ssl.gz
-usr/share/man/man3/bn_mul_low_normal.3ssl.gz
-usr/share/man/man3/bn_mul_low_recursive.3ssl.gz
-usr/share/man/man3/bn_mul_normal.3ssl.gz
-usr/share/man/man3/bn_mul_part_recursive.3ssl.gz
-usr/share/man/man3/bn_mul_recursive.3ssl.gz
-usr/share/man/man3/bn_mul_words.3ssl.gz
-usr/share/man/man3/bn_print.3ssl.gz
-usr/share/man/man3/bn_set_high.3ssl.gz
-usr/share/man/man3/bn_set_low.3ssl.gz
-usr/share/man/man3/bn_set_max.3ssl.gz
-usr/share/man/man3/bn_sqr_comba4.3ssl.gz
-usr/share/man/man3/bn_sqr_comba8.3ssl.gz
-usr/share/man/man3/bn_sqr_normal.3ssl.gz
-usr/share/man/man3/bn_sqr_recursive.3ssl.gz
-usr/share/man/man3/bn_sqr_words.3ssl.gz
-usr/share/man/man3/bn_sub_words.3ssl.gz
-usr/share/man/man3/bn_wexpand.3ssl.gz
-usr/share/man/man3/buffer.3ssl.gz
-usr/share/man/man3/crypto.3ssl.gz
-usr/share/man/man3/d2i_ASN1_OBJECT.3ssl.gz
-usr/share/man/man3/d2i_AutoPrivateKey.3ssl.gz
-usr/share/man/man3/d2i_CMS_ContentInfo.3ssl.gz
-usr/share/man/man3/d2i_DHparams.3ssl.gz
-usr/share/man/man3/d2i_DSAPrivateKey.3ssl.gz
-usr/share/man/man3/d2i_DSAPublicKey.3ssl.gz
-usr/share/man/man3/d2i_DSA_PUBKEY.3ssl.gz
-usr/share/man/man3/d2i_DSA_SIG.3ssl.gz
-usr/share/man/man3/d2i_DSAparams.3ssl.gz
-usr/share/man/man3/d2i_ECDSA_SIG.3ssl.gz
-usr/share/man/man3/d2i_ECPKParameters.3ssl.gz
-usr/share/man/man3/d2i_ECPKParameters_bio.3ssl.gz
-usr/share/man/man3/d2i_ECPKParameters_fp.3ssl.gz
-usr/share/man/man3/d2i_ECPrivateKey.3ssl.gz
-usr/share/man/man3/d2i_ECPrivate_key.3ssl.gz
-usr/share/man/man3/d2i_Netscape_RSA.3ssl.gz
-usr/share/man/man3/d2i_PKCS8PrivateKey.3ssl.gz
-usr/share/man/man3/d2i_PKCS8PrivateKey_bio.3ssl.gz
-usr/share/man/man3/d2i_PKCS8PrivateKey_fp.3ssl.gz
-usr/share/man/man3/d2i_PrivateKey.3ssl.gz
-usr/share/man/man3/d2i_Private_key.3ssl.gz
-usr/share/man/man3/d2i_RSAPrivateKey.3ssl.gz
-usr/share/man/man3/d2i_RSAPublicKey.3ssl.gz
-usr/share/man/man3/d2i_RSA_PUBKEY.3ssl.gz
-usr/share/man/man3/d2i_SSL_SESSION.3ssl.gz
-usr/share/man/man3/d2i_X509.3ssl.gz
-usr/share/man/man3/d2i_X509_ALGOR.3ssl.gz
-usr/share/man/man3/d2i_X509_CRL.3ssl.gz
-usr/share/man/man3/d2i_X509_CRL_bio.3ssl.gz
-usr/share/man/man3/d2i_X509_CRL_fp.3ssl.gz
-usr/share/man/man3/d2i_X509_NAME.3ssl.gz
-usr/share/man/man3/d2i_X509_REQ.3ssl.gz
-usr/share/man/man3/d2i_X509_REQ_bio.3ssl.gz
-usr/share/man/man3/d2i_X509_REQ_fp.3ssl.gz
-usr/share/man/man3/d2i_X509_SIG.3ssl.gz
-usr/share/man/man3/d2i_X509_bio.3ssl.gz
-usr/share/man/man3/d2i_X509_fp.3ssl.gz
-usr/share/man/man3/des.3ssl.gz
-usr/share/man/man3/des_read_2passwords.3ssl.gz
-usr/share/man/man3/des_read_password.3ssl.gz
-usr/share/man/man3/des_read_pw.3ssl.gz
-usr/share/man/man3/des_read_pw_string.3ssl.gz
-usr/share/man/man3/dh.3ssl.gz
-usr/share/man/man3/dsa.3ssl.gz
-usr/share/man/man3/ec.3ssl.gz
-usr/share/man/man3/ecdsa.3ssl.gz
-usr/share/man/man3/engine.3ssl.gz
-usr/share/man/man3/err.3ssl.gz
-usr/share/man/man3/evp.3ssl.gz
-usr/share/man/man3/i2d_ASN1_OBJECT.3ssl.gz
-usr/share/man/man3/i2d_CMS_ContentInfo.3ssl.gz
-usr/share/man/man3/i2d_CMS_bio_stream.3ssl.gz
-usr/share/man/man3/i2d_DHparams.3ssl.gz
-usr/share/man/man3/i2d_DSAPrivateKey.3ssl.gz
-usr/share/man/man3/i2d_DSAPublicKey.3ssl.gz
-usr/share/man/man3/i2d_DSA_PUBKEY.3ssl.gz
-usr/share/man/man3/i2d_DSA_SIG.3ssl.gz
-usr/share/man/man3/i2d_DSAparams.3ssl.gz
-usr/share/man/man3/i2d_ECDSA_SIG.3ssl.gz
-usr/share/man/man3/i2d_ECPKParameters.3ssl.gz
-usr/share/man/man3/i2d_ECPKParameters_bio.3ssl.gz
-usr/share/man/man3/i2d_ECPKParameters_fp.3ssl.gz
-usr/share/man/man3/i2d_ECPrivateKey.3ssl.gz
-usr/share/man/man3/i2d_Netscape_RSA.3ssl.gz
-usr/share/man/man3/i2d_PKCS7_bio_stream.3ssl.gz
-usr/share/man/man3/i2d_PKCS8PrivateKey_bio.3ssl.gz
-usr/share/man/man3/i2d_PKCS8PrivateKey_fp.3ssl.gz
-usr/share/man/man3/i2d_PKCS8PrivateKey_nid_bio.3ssl.gz
-usr/share/man/man3/i2d_PKCS8PrivateKey_nid_fp.3ssl.gz
-usr/share/man/man3/i2d_PrivateKey.3ssl.gz
-usr/share/man/man3/i2d_RSAPrivateKey.3ssl.gz
-usr/share/man/man3/i2d_RSAPublicKey.3ssl.gz
-usr/share/man/man3/i2d_RSA_PUBKEY.3ssl.gz
-usr/share/man/man3/i2d_SSL_SESSION.3ssl.gz
-usr/share/man/man3/i2d_X509.3ssl.gz
-usr/share/man/man3/i2d_X509_ALGOR.3ssl.gz
-usr/share/man/man3/i2d_X509_CRL.3ssl.gz
-usr/share/man/man3/i2d_X509_CRL_bio.3ssl.gz
-usr/share/man/man3/i2d_X509_CRL_fp.3ssl.gz
-usr/share/man/man3/i2d_X509_NAME.3ssl.gz
-usr/share/man/man3/i2d_X509_REQ.3ssl.gz
-usr/share/man/man3/i2d_X509_REQ_bio.3ssl.gz
-usr/share/man/man3/i2d_X509_REQ_fp.3ssl.gz
-usr/share/man/man3/i2d_X509_SIG.3ssl.gz
-usr/share/man/man3/i2d_X509_bio.3ssl.gz
-usr/share/man/man3/i2d_X509_fp.3ssl.gz
-usr/share/man/man3/lh_delete.3ssl.gz
-usr/share/man/man3/lh_doall.3ssl.gz
-usr/share/man/man3/lh_doall_arg.3ssl.gz
-usr/share/man/man3/lh_error.3ssl.gz
-usr/share/man/man3/lh_free.3ssl.gz
-usr/share/man/man3/lh_insert.3ssl.gz
-usr/share/man/man3/lh_new.3ssl.gz
-usr/share/man/man3/lh_node_stats.3ssl.gz
-usr/share/man/man3/lh_node_stats_bio.3ssl.gz
-usr/share/man/man3/lh_node_usage_stats.3ssl.gz
-usr/share/man/man3/lh_node_usage_stats_bio.3ssl.gz
-usr/share/man/man3/lh_retrieve.3ssl.gz
-usr/share/man/man3/lh_stats.3ssl.gz
-usr/share/man/man3/lh_stats_bio.3ssl.gz
-usr/share/man/man3/lhash.3ssl.gz
-usr/share/man/man3/rand.3ssl.gz
-usr/share/man/man3/ripemd.3ssl.gz
-usr/share/man/man3/rsa.3ssl.gz
-usr/share/man/man3/sha.3ssl.gz
-usr/share/man/man3/threads.3ssl.gz
-usr/share/man/man3/ui.3ssl.gz
-usr/share/man/man3/ui_compat.3ssl.gz
-usr/share/man/man3/x509.3ssl.gz
-usr/share/man/man5/
-usr/share/man/man5/config.5ssl.gz
-usr/share/man/man5/x509v3_config.5ssl.gz
-usr/share/man/man7/
-usr/share/man/man7/des_modes.7ssl.gz
-usr/ssl/
-usr/ssl/certs/
-usr/ssl/misc/
-usr/ssl/misc/CA.pl
-usr/ssl/misc/CA.sh
-usr/ssl/misc/c_hash
-usr/ssl/misc/c_info
-usr/ssl/misc/c_issuer
-usr/ssl/misc/c_name
-usr/ssl/misc/tsget
-usr/ssl/openssl.cnf
-usr/ssl/private/
-
diff --git a/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/mtree b/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/mtree
deleted file mode 100644
index 25a8a8581..000000000
Binary files a/msys2/var/lib/pacman/local/openssl-1.0.2.m-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/desc b/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/desc
new file mode 100644
index 000000000..4a985f35f
--- /dev/null
+++ b/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/desc
@@ -0,0 +1,47 @@
+%NAME%
+openssl
+
+%VERSION%
+1.1.1.b-1
+
+%BASE%
+openssl
+
+%DESC%
+The Open Source toolkit for Secure Sockets Layer and Transport Layer Security
+
+%URL%
+https://www.openssl.org
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1551329600
+
+%INSTALLDATE%
+1558699086
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+57296896
+
+%REASON%
+1
+
+%LICENSE%
+custom:BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libopenssl
+zlib
+
+%OPTDEPENDS%
+ca-certificates
+perl
+
diff --git a/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/files b/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/files
new file mode 100644
index 000000000..271a792ff
--- /dev/null
+++ b/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/files
@@ -0,0 +1,7859 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/c_rehash
+usr/bin/openssl.exe
+usr/share/
+usr/share/doc/
+usr/share/doc/openssl/
+usr/share/doc/openssl/html/
+usr/share/doc/openssl/html/man1/
+usr/share/doc/openssl/html/man1/asn1parse.html
+usr/share/doc/openssl/html/man1/c_rehash.html
+usr/share/doc/openssl/html/man1/ca.html
+usr/share/doc/openssl/html/man1/CA.pl.html
+usr/share/doc/openssl/html/man1/ciphers.html
+usr/share/doc/openssl/html/man1/cms.html
+usr/share/doc/openssl/html/man1/crl.html
+usr/share/doc/openssl/html/man1/crl2pkcs7.html
+usr/share/doc/openssl/html/man1/dgst.html
+usr/share/doc/openssl/html/man1/dhparam.html
+usr/share/doc/openssl/html/man1/dsa.html
+usr/share/doc/openssl/html/man1/dsaparam.html
+usr/share/doc/openssl/html/man1/ec.html
+usr/share/doc/openssl/html/man1/ecparam.html
+usr/share/doc/openssl/html/man1/enc.html
+usr/share/doc/openssl/html/man1/engine.html
+usr/share/doc/openssl/html/man1/errstr.html
+usr/share/doc/openssl/html/man1/gendsa.html
+usr/share/doc/openssl/html/man1/genpkey.html
+usr/share/doc/openssl/html/man1/genrsa.html
+usr/share/doc/openssl/html/man1/list.html
+usr/share/doc/openssl/html/man1/nseq.html
+usr/share/doc/openssl/html/man1/ocsp.html
+usr/share/doc/openssl/html/man1/openssl-asn1parse.html
+usr/share/doc/openssl/html/man1/openssl-c_rehash.html
+usr/share/doc/openssl/html/man1/openssl-ca.html
+usr/share/doc/openssl/html/man1/openssl-ciphers.html
+usr/share/doc/openssl/html/man1/openssl-cms.html
+usr/share/doc/openssl/html/man1/openssl-crl.html
+usr/share/doc/openssl/html/man1/openssl-crl2pkcs7.html
+usr/share/doc/openssl/html/man1/openssl-dgst.html
+usr/share/doc/openssl/html/man1/openssl-dhparam.html
+usr/share/doc/openssl/html/man1/openssl-dsa.html
+usr/share/doc/openssl/html/man1/openssl-dsaparam.html
+usr/share/doc/openssl/html/man1/openssl-ec.html
+usr/share/doc/openssl/html/man1/openssl-ecparam.html
+usr/share/doc/openssl/html/man1/openssl-enc.html
+usr/share/doc/openssl/html/man1/openssl-engine.html
+usr/share/doc/openssl/html/man1/openssl-errstr.html
+usr/share/doc/openssl/html/man1/openssl-gendsa.html
+usr/share/doc/openssl/html/man1/openssl-genpkey.html
+usr/share/doc/openssl/html/man1/openssl-genrsa.html
+usr/share/doc/openssl/html/man1/openssl-list.html
+usr/share/doc/openssl/html/man1/openssl-nseq.html
+usr/share/doc/openssl/html/man1/openssl-ocsp.html
+usr/share/doc/openssl/html/man1/openssl-passwd.html
+usr/share/doc/openssl/html/man1/openssl-pkcs12.html
+usr/share/doc/openssl/html/man1/openssl-pkcs7.html
+usr/share/doc/openssl/html/man1/openssl-pkcs8.html
+usr/share/doc/openssl/html/man1/openssl-pkey.html
+usr/share/doc/openssl/html/man1/openssl-pkeyparam.html
+usr/share/doc/openssl/html/man1/openssl-pkeyutl.html
+usr/share/doc/openssl/html/man1/openssl-prime.html
+usr/share/doc/openssl/html/man1/openssl-rand.html
+usr/share/doc/openssl/html/man1/openssl-rehash.html
+usr/share/doc/openssl/html/man1/openssl-req.html
+usr/share/doc/openssl/html/man1/openssl-rsa.html
+usr/share/doc/openssl/html/man1/openssl-rsautl.html
+usr/share/doc/openssl/html/man1/openssl-s_client.html
+usr/share/doc/openssl/html/man1/openssl-s_server.html
+usr/share/doc/openssl/html/man1/openssl-s_time.html
+usr/share/doc/openssl/html/man1/openssl-sess_id.html
+usr/share/doc/openssl/html/man1/openssl-smime.html
+usr/share/doc/openssl/html/man1/openssl-speed.html
+usr/share/doc/openssl/html/man1/openssl-spkac.html
+usr/share/doc/openssl/html/man1/openssl-srp.html
+usr/share/doc/openssl/html/man1/openssl-storeutl.html
+usr/share/doc/openssl/html/man1/openssl-ts.html
+usr/share/doc/openssl/html/man1/openssl-tsget.html
+usr/share/doc/openssl/html/man1/openssl-verify.html
+usr/share/doc/openssl/html/man1/openssl-version.html
+usr/share/doc/openssl/html/man1/openssl-x509.html
+usr/share/doc/openssl/html/man1/openssl.html
+usr/share/doc/openssl/html/man1/passwd.html
+usr/share/doc/openssl/html/man1/pkcs12.html
+usr/share/doc/openssl/html/man1/pkcs7.html
+usr/share/doc/openssl/html/man1/pkcs8.html
+usr/share/doc/openssl/html/man1/pkey.html
+usr/share/doc/openssl/html/man1/pkeyparam.html
+usr/share/doc/openssl/html/man1/pkeyutl.html
+usr/share/doc/openssl/html/man1/prime.html
+usr/share/doc/openssl/html/man1/rand.html
+usr/share/doc/openssl/html/man1/rehash.html
+usr/share/doc/openssl/html/man1/req.html
+usr/share/doc/openssl/html/man1/rsa.html
+usr/share/doc/openssl/html/man1/rsautl.html
+usr/share/doc/openssl/html/man1/s_client.html
+usr/share/doc/openssl/html/man1/s_server.html
+usr/share/doc/openssl/html/man1/s_time.html
+usr/share/doc/openssl/html/man1/sess_id.html
+usr/share/doc/openssl/html/man1/smime.html
+usr/share/doc/openssl/html/man1/speed.html
+usr/share/doc/openssl/html/man1/spkac.html
+usr/share/doc/openssl/html/man1/srp.html
+usr/share/doc/openssl/html/man1/storeutl.html
+usr/share/doc/openssl/html/man1/ts.html
+usr/share/doc/openssl/html/man1/tsget.html
+usr/share/doc/openssl/html/man1/verify.html
+usr/share/doc/openssl/html/man1/version.html
+usr/share/doc/openssl/html/man1/x509.html
+usr/share/doc/openssl/html/man3/
+usr/share/doc/openssl/html/man3/ACCESS_DESCRIPTION_free.html
+usr/share/doc/openssl/html/man3/ACCESS_DESCRIPTION_new.html
+usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX.html
+usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_free.html
+usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_get0_admissionAuthority.html
+usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_get0_contentsOfAdmissions.html
+usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_new.html
+usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_set0_admissionAuthority.html
+usr/share/doc/openssl/html/man3/ADMISSION_SYNTAX_set0_contentsOfAdmissions.html
+usr/share/doc/openssl/html/man3/ADMISSIONS.html
+usr/share/doc/openssl/html/man3/ADMISSIONS_free.html
+usr/share/doc/openssl/html/man3/ADMISSIONS_get0_admissionAuthority.html
+usr/share/doc/openssl/html/man3/ADMISSIONS_get0_namingAuthority.html
+usr/share/doc/openssl/html/man3/ADMISSIONS_get0_professionInfos.html
+usr/share/doc/openssl/html/man3/ADMISSIONS_new.html
+usr/share/doc/openssl/html/man3/ADMISSIONS_set0_admissionAuthority.html
+usr/share/doc/openssl/html/man3/ADMISSIONS_set0_namingAuthority.html
+usr/share/doc/openssl/html/man3/ADMISSIONS_set0_professionInfos.html
+usr/share/doc/openssl/html/man3/ASIdentifierChoice_free.html
+usr/share/doc/openssl/html/man3/ASIdentifierChoice_new.html
+usr/share/doc/openssl/html/man3/ASIdentifiers_free.html
+usr/share/doc/openssl/html/man3/ASIdentifiers_new.html
+usr/share/doc/openssl/html/man3/ASIdOrRange_free.html
+usr/share/doc/openssl/html/man3/ASIdOrRange_new.html
+usr/share/doc/openssl/html/man3/ASN1_add_oid_module.html
+usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_get.html
+usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_get_int64.html
+usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_set.html
+usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_set_int64.html
+usr/share/doc/openssl/html/man3/ASN1_ENUMERATED_to_BN.html
+usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_adj.html
+usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_check.html
+usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_print.html
+usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_set.html
+usr/share/doc/openssl/html/man3/ASN1_GENERALIZEDTIME_set_string.html
+usr/share/doc/openssl/html/man3/ASN1_generate_nconf.html
+usr/share/doc/openssl/html/man3/ASN1_generate_v3.html
+usr/share/doc/openssl/html/man3/ASN1_INTEGER_get.html
+usr/share/doc/openssl/html/man3/ASN1_INTEGER_get_int64.html
+usr/share/doc/openssl/html/man3/ASN1_INTEGER_get_uint64.html
+usr/share/doc/openssl/html/man3/ASN1_INTEGER_set.html
+usr/share/doc/openssl/html/man3/ASN1_INTEGER_set_int64.html
+usr/share/doc/openssl/html/man3/ASN1_INTEGER_set_uint64.html
+usr/share/doc/openssl/html/man3/ASN1_INTEGER_to_BN.html
+usr/share/doc/openssl/html/man3/ASN1_ITEM.html
+usr/share/doc/openssl/html/man3/ASN1_ITEM_get.html
+usr/share/doc/openssl/html/man3/ASN1_ITEM_lookup.html
+usr/share/doc/openssl/html/man3/ASN1_OBJECT_free.html
+usr/share/doc/openssl/html/man3/ASN1_OBJECT_new.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_cmp.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_data.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_dup.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_free.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_get0_data.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_length.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_new.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_print.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_print_ex.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_print_ex_fp.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_set.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_add.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_cleanup.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_TABLE_get.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_to_UTF8.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_type.html
+usr/share/doc/openssl/html/man3/ASN1_STRING_type_new.html
+usr/share/doc/openssl/html/man3/ASN1_tag2str.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_adj.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_check.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_cmp_time_t.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_compare.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_diff.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_normalize.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_print.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_set.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_set_string.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_set_string_X509.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_to_generalizedtime.html
+usr/share/doc/openssl/html/man3/ASN1_TIME_to_tm.html
+usr/share/doc/openssl/html/man3/ASN1_TYPE_cmp.html
+usr/share/doc/openssl/html/man3/ASN1_TYPE_get.html
+usr/share/doc/openssl/html/man3/ASN1_TYPE_pack_sequence.html
+usr/share/doc/openssl/html/man3/ASN1_TYPE_set.html
+usr/share/doc/openssl/html/man3/ASN1_TYPE_set1.html
+usr/share/doc/openssl/html/man3/ASN1_TYPE_unpack_sequence.html
+usr/share/doc/openssl/html/man3/ASN1_UTCTIME_adj.html
+usr/share/doc/openssl/html/man3/ASN1_UTCTIME_check.html
+usr/share/doc/openssl/html/man3/ASN1_UTCTIME_cmp_time_t.html
+usr/share/doc/openssl/html/man3/ASN1_UTCTIME_print.html
+usr/share/doc/openssl/html/man3/ASN1_UTCTIME_set.html
+usr/share/doc/openssl/html/man3/ASN1_UTCTIME_set_string.html
+usr/share/doc/openssl/html/man3/ASRange_free.html
+usr/share/doc/openssl/html/man3/ASRange_new.html
+usr/share/doc/openssl/html/man3/ASYNC_block_pause.html
+usr/share/doc/openssl/html/man3/ASYNC_cleanup_thread.html
+usr/share/doc/openssl/html/man3/ASYNC_get_current_job.html
+usr/share/doc/openssl/html/man3/ASYNC_get_wait_ctx.html
+usr/share/doc/openssl/html/man3/ASYNC_init_thread.html
+usr/share/doc/openssl/html/man3/ASYNC_is_capable.html
+usr/share/doc/openssl/html/man3/ASYNC_pause_job.html
+usr/share/doc/openssl/html/man3/ASYNC_start_job.html
+usr/share/doc/openssl/html/man3/ASYNC_unblock_pause.html
+usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_clear_fd.html
+usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_free.html
+usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_all_fds.html
+usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_changed_fds.html
+usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_get_fd.html
+usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_new.html
+usr/share/doc/openssl/html/man3/ASYNC_WAIT_CTX_set_wait_fd.html
+usr/share/doc/openssl/html/man3/AUTHORITY_INFO_ACCESS_free.html
+usr/share/doc/openssl/html/man3/AUTHORITY_INFO_ACCESS_new.html
+usr/share/doc/openssl/html/man3/AUTHORITY_KEYID_free.html
+usr/share/doc/openssl/html/man3/AUTHORITY_KEYID_new.html
+usr/share/doc/openssl/html/man3/BASIC_CONSTRAINTS_free.html
+usr/share/doc/openssl/html/man3/BASIC_CONSTRAINTS_new.html
+usr/share/doc/openssl/html/man3/BF_cbc_encrypt.html
+usr/share/doc/openssl/html/man3/BF_cfb64_encrypt.html
+usr/share/doc/openssl/html/man3/BF_decrypt.html
+usr/share/doc/openssl/html/man3/BF_ecb_encrypt.html
+usr/share/doc/openssl/html/man3/BF_encrypt.html
+usr/share/doc/openssl/html/man3/BF_ofb64_encrypt.html
+usr/share/doc/openssl/html/man3/BF_options.html
+usr/share/doc/openssl/html/man3/BF_set_key.html
+usr/share/doc/openssl/html/man3/BIO_accept_ex.html
+usr/share/doc/openssl/html/man3/BIO_ADDR.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_clear.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_family.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_free.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_hostname_string.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_new.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_path_string.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_rawaddress.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_rawmake.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_rawport.html
+usr/share/doc/openssl/html/man3/BIO_ADDR_service_string.html
+usr/share/doc/openssl/html/man3/BIO_ADDRINFO.html
+usr/share/doc/openssl/html/man3/BIO_ADDRINFO_address.html
+usr/share/doc/openssl/html/man3/BIO_ADDRINFO_family.html
+usr/share/doc/openssl/html/man3/BIO_ADDRINFO_free.html
+usr/share/doc/openssl/html/man3/BIO_ADDRINFO_next.html
+usr/share/doc/openssl/html/man3/BIO_ADDRINFO_protocol.html
+usr/share/doc/openssl/html/man3/BIO_ADDRINFO_socktype.html
+usr/share/doc/openssl/html/man3/BIO_append_filename.html
+usr/share/doc/openssl/html/man3/BIO_bind.html
+usr/share/doc/openssl/html/man3/BIO_callback_ctrl.html
+usr/share/doc/openssl/html/man3/BIO_callback_fn.html
+usr/share/doc/openssl/html/man3/BIO_callback_fn_ex.html
+usr/share/doc/openssl/html/man3/BIO_closesocket.html
+usr/share/doc/openssl/html/man3/BIO_connect.html
+usr/share/doc/openssl/html/man3/BIO_ctrl.html
+usr/share/doc/openssl/html/man3/BIO_ctrl_get_read_request.html
+usr/share/doc/openssl/html/man3/BIO_ctrl_get_write_guarantee.html
+usr/share/doc/openssl/html/man3/BIO_ctrl_pending.html
+usr/share/doc/openssl/html/man3/BIO_ctrl_reset_read_request.html
+usr/share/doc/openssl/html/man3/BIO_ctrl_wpending.html
+usr/share/doc/openssl/html/man3/BIO_debug_callback.html
+usr/share/doc/openssl/html/man3/BIO_destroy_bio_pair.html
+usr/share/doc/openssl/html/man3/BIO_do_accept.html
+usr/share/doc/openssl/html/man3/BIO_do_connect.html
+usr/share/doc/openssl/html/man3/BIO_do_handshake.html
+usr/share/doc/openssl/html/man3/BIO_eof.html
+usr/share/doc/openssl/html/man3/BIO_f_base64.html
+usr/share/doc/openssl/html/man3/BIO_f_buffer.html
+usr/share/doc/openssl/html/man3/BIO_f_cipher.html
+usr/share/doc/openssl/html/man3/BIO_f_md.html
+usr/share/doc/openssl/html/man3/BIO_f_null.html
+usr/share/doc/openssl/html/man3/BIO_f_ssl.html
+usr/share/doc/openssl/html/man3/BIO_find_type.html
+usr/share/doc/openssl/html/man3/BIO_flush.html
+usr/share/doc/openssl/html/man3/BIO_free.html
+usr/share/doc/openssl/html/man3/BIO_free_all.html
+usr/share/doc/openssl/html/man3/BIO_get_accept_ip_family.html
+usr/share/doc/openssl/html/man3/BIO_get_accept_name.html
+usr/share/doc/openssl/html/man3/BIO_get_accept_port.html
+usr/share/doc/openssl/html/man3/BIO_get_bind_mode.html
+usr/share/doc/openssl/html/man3/BIO_get_buffer_num_lines.html
+usr/share/doc/openssl/html/man3/BIO_get_callback.html
+usr/share/doc/openssl/html/man3/BIO_get_callback_arg.html
+usr/share/doc/openssl/html/man3/BIO_get_callback_ex.html
+usr/share/doc/openssl/html/man3/BIO_get_cipher_ctx.html
+usr/share/doc/openssl/html/man3/BIO_get_cipher_status.html
+usr/share/doc/openssl/html/man3/BIO_get_close.html
+usr/share/doc/openssl/html/man3/BIO_get_conn_address.html
+usr/share/doc/openssl/html/man3/BIO_get_conn_hostname.html
+usr/share/doc/openssl/html/man3/BIO_get_conn_ip_family.html
+usr/share/doc/openssl/html/man3/BIO_get_conn_port.html
+usr/share/doc/openssl/html/man3/BIO_get_data.html
+usr/share/doc/openssl/html/man3/BIO_get_ex_data.html
+usr/share/doc/openssl/html/man3/BIO_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/BIO_get_fd.html
+usr/share/doc/openssl/html/man3/BIO_get_fp.html
+usr/share/doc/openssl/html/man3/BIO_get_info_callback.html
+usr/share/doc/openssl/html/man3/BIO_get_init.html
+usr/share/doc/openssl/html/man3/BIO_get_md.html
+usr/share/doc/openssl/html/man3/BIO_get_md_ctx.html
+usr/share/doc/openssl/html/man3/BIO_get_mem_data.html
+usr/share/doc/openssl/html/man3/BIO_get_mem_ptr.html
+usr/share/doc/openssl/html/man3/BIO_get_new_index.html
+usr/share/doc/openssl/html/man3/BIO_get_num_renegotiates.html
+usr/share/doc/openssl/html/man3/BIO_get_peer_name.html
+usr/share/doc/openssl/html/man3/BIO_get_peer_port.html
+usr/share/doc/openssl/html/man3/BIO_get_read_request.html
+usr/share/doc/openssl/html/man3/BIO_get_retry_BIO.html
+usr/share/doc/openssl/html/man3/BIO_get_retry_reason.html
+usr/share/doc/openssl/html/man3/BIO_get_shutdown.html
+usr/share/doc/openssl/html/man3/BIO_get_ssl.html
+usr/share/doc/openssl/html/man3/BIO_get_write_buf_size.html
+usr/share/doc/openssl/html/man3/BIO_get_write_guarantee.html
+usr/share/doc/openssl/html/man3/BIO_gets.html
+usr/share/doc/openssl/html/man3/BIO_hostserv_priorities.html
+usr/share/doc/openssl/html/man3/BIO_info_cb.html
+usr/share/doc/openssl/html/man3/BIO_int_ctrl.html
+usr/share/doc/openssl/html/man3/BIO_listen.html
+usr/share/doc/openssl/html/man3/BIO_lookup.html
+usr/share/doc/openssl/html/man3/BIO_lookup_ex.html
+usr/share/doc/openssl/html/man3/BIO_lookup_type.html
+usr/share/doc/openssl/html/man3/BIO_make_bio_pair.html
+usr/share/doc/openssl/html/man3/BIO_meth_free.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_callback_ctrl.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_create.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_ctrl.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_destroy.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_gets.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_puts.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_read.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_read_ex.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_write.html
+usr/share/doc/openssl/html/man3/BIO_meth_get_write_ex.html
+usr/share/doc/openssl/html/man3/BIO_meth_new.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_callback_ctrl.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_create.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_ctrl.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_destroy.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_gets.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_puts.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_read.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_read_ex.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_write.html
+usr/share/doc/openssl/html/man3/BIO_meth_set_write_ex.html
+usr/share/doc/openssl/html/man3/BIO_method_type.html
+usr/share/doc/openssl/html/man3/BIO_new.html
+usr/share/doc/openssl/html/man3/BIO_new_accept.html
+usr/share/doc/openssl/html/man3/BIO_new_bio_pair.html
+usr/share/doc/openssl/html/man3/BIO_new_buffer_ssl_connect.html
+usr/share/doc/openssl/html/man3/BIO_new_CMS.html
+usr/share/doc/openssl/html/man3/BIO_new_connect.html
+usr/share/doc/openssl/html/man3/BIO_new_fd.html
+usr/share/doc/openssl/html/man3/BIO_new_file.html
+usr/share/doc/openssl/html/man3/BIO_new_fp.html
+usr/share/doc/openssl/html/man3/BIO_new_mem_buf.html
+usr/share/doc/openssl/html/man3/BIO_new_socket.html
+usr/share/doc/openssl/html/man3/BIO_new_ssl.html
+usr/share/doc/openssl/html/man3/BIO_new_ssl_connect.html
+usr/share/doc/openssl/html/man3/BIO_next.html
+usr/share/doc/openssl/html/man3/BIO_parse_hostserv.html
+usr/share/doc/openssl/html/man3/BIO_pending.html
+usr/share/doc/openssl/html/man3/BIO_pop.html
+usr/share/doc/openssl/html/man3/BIO_printf.html
+usr/share/doc/openssl/html/man3/BIO_ptr_ctrl.html
+usr/share/doc/openssl/html/man3/BIO_push.html
+usr/share/doc/openssl/html/man3/BIO_puts.html
+usr/share/doc/openssl/html/man3/BIO_read.html
+usr/share/doc/openssl/html/man3/BIO_read_ex.html
+usr/share/doc/openssl/html/man3/BIO_read_filename.html
+usr/share/doc/openssl/html/man3/BIO_reset.html
+usr/share/doc/openssl/html/man3/BIO_retry_type.html
+usr/share/doc/openssl/html/man3/BIO_rw_filename.html
+usr/share/doc/openssl/html/man3/BIO_s_accept.html
+usr/share/doc/openssl/html/man3/BIO_s_bio.html
+usr/share/doc/openssl/html/man3/BIO_s_connect.html
+usr/share/doc/openssl/html/man3/BIO_s_fd.html
+usr/share/doc/openssl/html/man3/BIO_s_file.html
+usr/share/doc/openssl/html/man3/BIO_s_mem.html
+usr/share/doc/openssl/html/man3/BIO_s_null.html
+usr/share/doc/openssl/html/man3/BIO_s_secmem.html
+usr/share/doc/openssl/html/man3/BIO_s_socket.html
+usr/share/doc/openssl/html/man3/BIO_seek.html
+usr/share/doc/openssl/html/man3/BIO_set_accept_bios.html
+usr/share/doc/openssl/html/man3/BIO_set_accept_ip_family.html
+usr/share/doc/openssl/html/man3/BIO_set_accept_name.html
+usr/share/doc/openssl/html/man3/BIO_set_accept_port.html
+usr/share/doc/openssl/html/man3/BIO_set_bind_mode.html
+usr/share/doc/openssl/html/man3/BIO_set_buffer_read_data.html
+usr/share/doc/openssl/html/man3/BIO_set_buffer_size.html
+usr/share/doc/openssl/html/man3/BIO_set_callback.html
+usr/share/doc/openssl/html/man3/BIO_set_callback_arg.html
+usr/share/doc/openssl/html/man3/BIO_set_callback_ex.html
+usr/share/doc/openssl/html/man3/BIO_set_cipher.html
+usr/share/doc/openssl/html/man3/BIO_set_close.html
+usr/share/doc/openssl/html/man3/BIO_set_conn_address.html
+usr/share/doc/openssl/html/man3/BIO_set_conn_hostname.html
+usr/share/doc/openssl/html/man3/BIO_set_conn_ip_family.html
+usr/share/doc/openssl/html/man3/BIO_set_conn_port.html
+usr/share/doc/openssl/html/man3/BIO_set_data.html
+usr/share/doc/openssl/html/man3/BIO_set_ex_data.html
+usr/share/doc/openssl/html/man3/BIO_set_fd.html
+usr/share/doc/openssl/html/man3/BIO_set_fp.html
+usr/share/doc/openssl/html/man3/BIO_set_info_callback.html
+usr/share/doc/openssl/html/man3/BIO_set_init.html
+usr/share/doc/openssl/html/man3/BIO_set_md.html
+usr/share/doc/openssl/html/man3/BIO_set_mem_buf.html
+usr/share/doc/openssl/html/man3/BIO_set_mem_eof_return.html
+usr/share/doc/openssl/html/man3/BIO_set_nbio.html
+usr/share/doc/openssl/html/man3/BIO_set_nbio_accept.html
+usr/share/doc/openssl/html/man3/BIO_set_next.html
+usr/share/doc/openssl/html/man3/BIO_set_read_buffer_size.html
+usr/share/doc/openssl/html/man3/BIO_set_retry_reason.html
+usr/share/doc/openssl/html/man3/BIO_set_shutdown.html
+usr/share/doc/openssl/html/man3/BIO_set_ssl.html
+usr/share/doc/openssl/html/man3/BIO_set_ssl_mode.html
+usr/share/doc/openssl/html/man3/BIO_set_ssl_renegotiate_bytes.html
+usr/share/doc/openssl/html/man3/BIO_set_ssl_renegotiate_timeout.html
+usr/share/doc/openssl/html/man3/BIO_set_write_buf_size.html
+usr/share/doc/openssl/html/man3/BIO_set_write_buffer_size.html
+usr/share/doc/openssl/html/man3/BIO_should_io_special.html
+usr/share/doc/openssl/html/man3/BIO_should_read.html
+usr/share/doc/openssl/html/man3/BIO_should_retry.html
+usr/share/doc/openssl/html/man3/BIO_should_write.html
+usr/share/doc/openssl/html/man3/BIO_shutdown_wr.html
+usr/share/doc/openssl/html/man3/BIO_snprintf.html
+usr/share/doc/openssl/html/man3/BIO_socket.html
+usr/share/doc/openssl/html/man3/BIO_ssl_copy_session_id.html
+usr/share/doc/openssl/html/man3/BIO_ssl_shutdown.html
+usr/share/doc/openssl/html/man3/BIO_tell.html
+usr/share/doc/openssl/html/man3/BIO_up_ref.html
+usr/share/doc/openssl/html/man3/BIO_vfree.html
+usr/share/doc/openssl/html/man3/BIO_vprintf.html
+usr/share/doc/openssl/html/man3/BIO_vsnprintf.html
+usr/share/doc/openssl/html/man3/BIO_wpending.html
+usr/share/doc/openssl/html/man3/BIO_write.html
+usr/share/doc/openssl/html/man3/BIO_write_ex.html
+usr/share/doc/openssl/html/man3/BIO_write_filename.html
+usr/share/doc/openssl/html/man3/BN_add.html
+usr/share/doc/openssl/html/man3/BN_add_word.html
+usr/share/doc/openssl/html/man3/BN_bin2bn.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_convert.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_convert_ex.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_create_param.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_free.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_get_flags.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_invert.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_invert_ex.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_is_current_thread.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_lock.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_new.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_set_current_thread.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_set_flags.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_unlock.html
+usr/share/doc/openssl/html/man3/BN_BLINDING_update.html
+usr/share/doc/openssl/html/man3/BN_bn2bin.html
+usr/share/doc/openssl/html/man3/BN_bn2binpad.html
+usr/share/doc/openssl/html/man3/BN_bn2dec.html
+usr/share/doc/openssl/html/man3/BN_bn2hex.html
+usr/share/doc/openssl/html/man3/BN_bn2lebinpad.html
+usr/share/doc/openssl/html/man3/BN_bn2mpi.html
+usr/share/doc/openssl/html/man3/BN_clear.html
+usr/share/doc/openssl/html/man3/BN_clear_bit.html
+usr/share/doc/openssl/html/man3/BN_clear_free.html
+usr/share/doc/openssl/html/man3/BN_cmp.html
+usr/share/doc/openssl/html/man3/BN_copy.html
+usr/share/doc/openssl/html/man3/BN_CTX_end.html
+usr/share/doc/openssl/html/man3/BN_CTX_free.html
+usr/share/doc/openssl/html/man3/BN_CTX_get.html
+usr/share/doc/openssl/html/man3/BN_CTX_new.html
+usr/share/doc/openssl/html/man3/BN_CTX_secure_new.html
+usr/share/doc/openssl/html/man3/BN_CTX_start.html
+usr/share/doc/openssl/html/man3/BN_dec2bn.html
+usr/share/doc/openssl/html/man3/BN_div.html
+usr/share/doc/openssl/html/man3/BN_div_recp.html
+usr/share/doc/openssl/html/man3/BN_div_word.html
+usr/share/doc/openssl/html/man3/BN_dup.html
+usr/share/doc/openssl/html/man3/BN_exp.html
+usr/share/doc/openssl/html/man3/BN_free.html
+usr/share/doc/openssl/html/man3/BN_from_montgomery.html
+usr/share/doc/openssl/html/man3/BN_gcd.html
+usr/share/doc/openssl/html/man3/BN_GENCB_call.html
+usr/share/doc/openssl/html/man3/BN_GENCB_free.html
+usr/share/doc/openssl/html/man3/BN_GENCB_get_arg.html
+usr/share/doc/openssl/html/man3/BN_GENCB_new.html
+usr/share/doc/openssl/html/man3/BN_GENCB_set.html
+usr/share/doc/openssl/html/man3/BN_GENCB_set_old.html
+usr/share/doc/openssl/html/man3/BN_generate_prime.html
+usr/share/doc/openssl/html/man3/BN_generate_prime_ex.html
+usr/share/doc/openssl/html/man3/BN_get0_nist_prime_192.html
+usr/share/doc/openssl/html/man3/BN_get0_nist_prime_224.html
+usr/share/doc/openssl/html/man3/BN_get0_nist_prime_256.html
+usr/share/doc/openssl/html/man3/BN_get0_nist_prime_384.html
+usr/share/doc/openssl/html/man3/BN_get0_nist_prime_521.html
+usr/share/doc/openssl/html/man3/BN_get_rfc2409_prime_1024.html
+usr/share/doc/openssl/html/man3/BN_get_rfc2409_prime_768.html
+usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_1536.html
+usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_2048.html
+usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_3072.html
+usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_4096.html
+usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_6144.html
+usr/share/doc/openssl/html/man3/BN_get_rfc3526_prime_8192.html
+usr/share/doc/openssl/html/man3/BN_get_word.html
+usr/share/doc/openssl/html/man3/BN_hex2bn.html
+usr/share/doc/openssl/html/man3/BN_is_bit_set.html
+usr/share/doc/openssl/html/man3/BN_is_odd.html
+usr/share/doc/openssl/html/man3/BN_is_one.html
+usr/share/doc/openssl/html/man3/BN_is_prime.html
+usr/share/doc/openssl/html/man3/BN_is_prime_ex.html
+usr/share/doc/openssl/html/man3/BN_is_prime_fasttest.html
+usr/share/doc/openssl/html/man3/BN_is_prime_fasttest_ex.html
+usr/share/doc/openssl/html/man3/BN_is_word.html
+usr/share/doc/openssl/html/man3/BN_is_zero.html
+usr/share/doc/openssl/html/man3/BN_lebin2bn.html
+usr/share/doc/openssl/html/man3/BN_lshift.html
+usr/share/doc/openssl/html/man3/BN_lshift1.html
+usr/share/doc/openssl/html/man3/BN_mask_bits.html
+usr/share/doc/openssl/html/man3/BN_mod.html
+usr/share/doc/openssl/html/man3/BN_mod_add.html
+usr/share/doc/openssl/html/man3/BN_mod_exp.html
+usr/share/doc/openssl/html/man3/BN_mod_inverse.html
+usr/share/doc/openssl/html/man3/BN_mod_mul.html
+usr/share/doc/openssl/html/man3/BN_mod_mul_montgomery.html
+usr/share/doc/openssl/html/man3/BN_mod_mul_reciprocal.html
+usr/share/doc/openssl/html/man3/BN_mod_sqr.html
+usr/share/doc/openssl/html/man3/BN_mod_sub.html
+usr/share/doc/openssl/html/man3/BN_mod_word.html
+usr/share/doc/openssl/html/man3/BN_MONT_CTX_copy.html
+usr/share/doc/openssl/html/man3/BN_MONT_CTX_free.html
+usr/share/doc/openssl/html/man3/BN_MONT_CTX_new.html
+usr/share/doc/openssl/html/man3/BN_MONT_CTX_set.html
+usr/share/doc/openssl/html/man3/BN_mpi2bn.html
+usr/share/doc/openssl/html/man3/BN_mul.html
+usr/share/doc/openssl/html/man3/BN_mul_word.html
+usr/share/doc/openssl/html/man3/BN_new.html
+usr/share/doc/openssl/html/man3/BN_nnmod.html
+usr/share/doc/openssl/html/man3/BN_num_bits.html
+usr/share/doc/openssl/html/man3/BN_num_bits_word.html
+usr/share/doc/openssl/html/man3/BN_num_bytes.html
+usr/share/doc/openssl/html/man3/BN_one.html
+usr/share/doc/openssl/html/man3/BN_print.html
+usr/share/doc/openssl/html/man3/BN_print_fp.html
+usr/share/doc/openssl/html/man3/BN_priv_rand.html
+usr/share/doc/openssl/html/man3/BN_priv_rand_range.html
+usr/share/doc/openssl/html/man3/BN_pseudo_rand.html
+usr/share/doc/openssl/html/man3/BN_pseudo_rand_range.html
+usr/share/doc/openssl/html/man3/BN_rand.html
+usr/share/doc/openssl/html/man3/BN_rand_range.html
+usr/share/doc/openssl/html/man3/BN_RECP_CTX_free.html
+usr/share/doc/openssl/html/man3/BN_RECP_CTX_new.html
+usr/share/doc/openssl/html/man3/BN_RECP_CTX_set.html
+usr/share/doc/openssl/html/man3/BN_rshift.html
+usr/share/doc/openssl/html/man3/BN_rshift1.html
+usr/share/doc/openssl/html/man3/BN_secure_new.html
+usr/share/doc/openssl/html/man3/BN_security_bits.html
+usr/share/doc/openssl/html/man3/BN_set_bit.html
+usr/share/doc/openssl/html/man3/BN_set_word.html
+usr/share/doc/openssl/html/man3/BN_sqr.html
+usr/share/doc/openssl/html/man3/BN_sub.html
+usr/share/doc/openssl/html/man3/BN_sub_word.html
+usr/share/doc/openssl/html/man3/BN_swap.html
+usr/share/doc/openssl/html/man3/BN_to_ASN1_ENUMERATED.html
+usr/share/doc/openssl/html/man3/BN_to_ASN1_INTEGER.html
+usr/share/doc/openssl/html/man3/BN_to_montgomery.html
+usr/share/doc/openssl/html/man3/BN_ucmp.html
+usr/share/doc/openssl/html/man3/BN_value_one.html
+usr/share/doc/openssl/html/man3/BN_with_flags.html
+usr/share/doc/openssl/html/man3/BN_zero.html
+usr/share/doc/openssl/html/man3/BUF_MEM_free.html
+usr/share/doc/openssl/html/man3/BUF_MEM_grow.html
+usr/share/doc/openssl/html/man3/BUF_MEM_grow_clean.html
+usr/share/doc/openssl/html/man3/BUF_MEM_new.html
+usr/share/doc/openssl/html/man3/BUF_MEM_new_ex.html
+usr/share/doc/openssl/html/man3/BUF_reverse.html
+usr/share/doc/openssl/html/man3/CERTIFICATEPOLICIES_free.html
+usr/share/doc/openssl/html/man3/CERTIFICATEPOLICIES_new.html
+usr/share/doc/openssl/html/man3/CMS_add0_cert.html
+usr/share/doc/openssl/html/man3/CMS_add0_crl.html
+usr/share/doc/openssl/html/man3/CMS_add0_recipient_key.html
+usr/share/doc/openssl/html/man3/CMS_add1_cert.html
+usr/share/doc/openssl/html/man3/CMS_add1_crl.html
+usr/share/doc/openssl/html/man3/CMS_add1_ReceiptRequest.html
+usr/share/doc/openssl/html/man3/CMS_add1_recipient_cert.html
+usr/share/doc/openssl/html/man3/CMS_add1_signer.html
+usr/share/doc/openssl/html/man3/CMS_compress.html
+usr/share/doc/openssl/html/man3/CMS_ContentInfo_free.html
+usr/share/doc/openssl/html/man3/CMS_ContentInfo_new.html
+usr/share/doc/openssl/html/man3/CMS_ContentInfo_print_ctx.html
+usr/share/doc/openssl/html/man3/CMS_decrypt.html
+usr/share/doc/openssl/html/man3/CMS_encrypt.html
+usr/share/doc/openssl/html/man3/CMS_final.html
+usr/share/doc/openssl/html/man3/CMS_get0_content.html
+usr/share/doc/openssl/html/man3/CMS_get0_eContentType.html
+usr/share/doc/openssl/html/man3/CMS_get0_RecipientInfos.html
+usr/share/doc/openssl/html/man3/CMS_get0_SignerInfos.html
+usr/share/doc/openssl/html/man3/CMS_get0_signers.html
+usr/share/doc/openssl/html/man3/CMS_get0_type.html
+usr/share/doc/openssl/html/man3/CMS_get1_certs.html
+usr/share/doc/openssl/html/man3/CMS_get1_crls.html
+usr/share/doc/openssl/html/man3/CMS_get1_ReceiptRequest.html
+usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_create0.html
+usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_free.html
+usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_get0_values.html
+usr/share/doc/openssl/html/man3/CMS_ReceiptRequest_new.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_decrypt.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_encrypt.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_kekri_get0_id.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_kekri_id_cmp.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_ktri_cert_cmp.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_ktri_get0_signer_id.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_set0_key.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_set0_pkey.html
+usr/share/doc/openssl/html/man3/CMS_RecipientInfo_type.html
+usr/share/doc/openssl/html/man3/CMS_set1_eContentType.html
+usr/share/doc/openssl/html/man3/CMS_sign.html
+usr/share/doc/openssl/html/man3/CMS_sign_receipt.html
+usr/share/doc/openssl/html/man3/CMS_SignerInfo_cert_cmp.html
+usr/share/doc/openssl/html/man3/CMS_SignerInfo_get0_signature.html
+usr/share/doc/openssl/html/man3/CMS_SignerInfo_get0_signer_id.html
+usr/share/doc/openssl/html/man3/CMS_SignerInfo_set1_signer_cert.html
+usr/share/doc/openssl/html/man3/CMS_SignerInfo_sign.html
+usr/share/doc/openssl/html/man3/CMS_uncompress.html
+usr/share/doc/openssl/html/man3/CMS_verify.html
+usr/share/doc/openssl/html/man3/CMS_verify_receipt.html
+usr/share/doc/openssl/html/man3/CONF_modules_finish.html
+usr/share/doc/openssl/html/man3/CONF_modules_free.html
+usr/share/doc/openssl/html/man3/CONF_modules_load.html
+usr/share/doc/openssl/html/man3/CONF_modules_load_file.html
+usr/share/doc/openssl/html/man3/CONF_modules_unload.html
+usr/share/doc/openssl/html/man3/CRL_DIST_POINTS_free.html
+usr/share/doc/openssl/html/man3/CRL_DIST_POINTS_new.html
+usr/share/doc/openssl/html/man3/CRYPTO_atomic_add.html
+usr/share/doc/openssl/html/man3/CRYPTO_clear_free.html
+usr/share/doc/openssl/html/man3/CRYPTO_clear_realloc.html
+usr/share/doc/openssl/html/man3/CRYPTO_EX_dup.html
+usr/share/doc/openssl/html/man3/CRYPTO_EX_free.html
+usr/share/doc/openssl/html/man3/CRYPTO_EX_new.html
+usr/share/doc/openssl/html/man3/CRYPTO_free.html
+usr/share/doc/openssl/html/man3/CRYPTO_free_ex_data.html
+usr/share/doc/openssl/html/man3/CRYPTO_free_ex_index.html
+usr/share/doc/openssl/html/man3/CRYPTO_get_alloc_counts.html
+usr/share/doc/openssl/html/man3/CRYPTO_get_ex_data.html
+usr/share/doc/openssl/html/man3/CRYPTO_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/CRYPTO_get_mem_functions.html
+usr/share/doc/openssl/html/man3/CRYPTO_malloc.html
+usr/share/doc/openssl/html/man3/CRYPTO_mem_ctrl.html
+usr/share/doc/openssl/html/man3/CRYPTO_mem_debug_pop.html
+usr/share/doc/openssl/html/man3/CRYPTO_mem_debug_push.html
+usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks.html
+usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks_cb.html
+usr/share/doc/openssl/html/man3/CRYPTO_mem_leaks_fp.html
+usr/share/doc/openssl/html/man3/CRYPTO_new_ex_data.html
+usr/share/doc/openssl/html/man3/CRYPTO_realloc.html
+usr/share/doc/openssl/html/man3/CRYPTO_secure_clear_free.html
+usr/share/doc/openssl/html/man3/CRYPTO_secure_free.html
+usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc.html
+usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_done.html
+usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_init.html
+usr/share/doc/openssl/html/man3/CRYPTO_secure_malloc_initialized.html
+usr/share/doc/openssl/html/man3/CRYPTO_secure_used.html
+usr/share/doc/openssl/html/man3/CRYPTO_secure_zalloc.html
+usr/share/doc/openssl/html/man3/CRYPTO_set_ex_data.html
+usr/share/doc/openssl/html/man3/CRYPTO_set_mem_debug.html
+usr/share/doc/openssl/html/man3/CRYPTO_set_mem_functions.html
+usr/share/doc/openssl/html/man3/CRYPTO_strdup.html
+usr/share/doc/openssl/html/man3/CRYPTO_strndup.html
+usr/share/doc/openssl/html/man3/CRYPTO_THREAD_lock_free.html
+usr/share/doc/openssl/html/man3/CRYPTO_THREAD_lock_new.html
+usr/share/doc/openssl/html/man3/CRYPTO_THREAD_read_lock.html
+usr/share/doc/openssl/html/man3/CRYPTO_THREAD_run_once.html
+usr/share/doc/openssl/html/man3/CRYPTO_THREAD_unlock.html
+usr/share/doc/openssl/html/man3/CRYPTO_THREAD_write_lock.html
+usr/share/doc/openssl/html/man3/CRYPTO_zalloc.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_free.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_cert.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_issuer.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get0_log_store.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_get_time.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_new.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set1_cert.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set1_issuer.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE.html
+usr/share/doc/openssl/html/man3/CT_POLICY_EVAL_CTX_set_time.html
+usr/share/doc/openssl/html/man3/CTLOG_free.html
+usr/share/doc/openssl/html/man3/CTLOG_get0_log_id.html
+usr/share/doc/openssl/html/man3/CTLOG_get0_name.html
+usr/share/doc/openssl/html/man3/CTLOG_get0_public_key.html
+usr/share/doc/openssl/html/man3/CTLOG_new.html
+usr/share/doc/openssl/html/man3/CTLOG_new_from_base64.html
+usr/share/doc/openssl/html/man3/CTLOG_STORE_free.html
+usr/share/doc/openssl/html/man3/CTLOG_STORE_get0_log_by_id.html
+usr/share/doc/openssl/html/man3/CTLOG_STORE_load_default_file.html
+usr/share/doc/openssl/html/man3/CTLOG_STORE_load_file.html
+usr/share/doc/openssl/html/man3/CTLOG_STORE_new.html
+usr/share/doc/openssl/html/man3/custom_ext_add_cb.html
+usr/share/doc/openssl/html/man3/custom_ext_free_cb.html
+usr/share/doc/openssl/html/man3/custom_ext_parse_cb.html
+usr/share/doc/openssl/html/man3/d2i_ACCESS_DESCRIPTION.html
+usr/share/doc/openssl/html/man3/d2i_ADMISSION_SYNTAX.html
+usr/share/doc/openssl/html/man3/d2i_ADMISSIONS.html
+usr/share/doc/openssl/html/man3/d2i_ASIdentifierChoice.html
+usr/share/doc/openssl/html/man3/d2i_ASIdentifiers.html
+usr/share/doc/openssl/html/man3/d2i_ASIdOrRange.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_BIT_STRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_BMPSTRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_ENUMERATED.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_GENERALIZEDTIME.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_GENERALSTRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_IA5STRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_INTEGER.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_NULL.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_OBJECT.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_OCTET_STRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_PRINTABLE.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_PRINTABLESTRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_SEQUENCE_ANY.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_SET_ANY.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_T61STRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_TIME.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_TYPE.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_UINTEGER.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_UNIVERSALSTRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_UTCTIME.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_UTF8STRING.html
+usr/share/doc/openssl/html/man3/d2i_ASN1_VISIBLESTRING.html
+usr/share/doc/openssl/html/man3/d2i_ASRange.html
+usr/share/doc/openssl/html/man3/d2i_AUTHORITY_INFO_ACCESS.html
+usr/share/doc/openssl/html/man3/d2i_AUTHORITY_KEYID.html
+usr/share/doc/openssl/html/man3/d2i_AutoPrivateKey.html
+usr/share/doc/openssl/html/man3/d2i_BASIC_CONSTRAINTS.html
+usr/share/doc/openssl/html/man3/d2i_CERTIFICATEPOLICIES.html
+usr/share/doc/openssl/html/man3/d2i_CMS_bio.html
+usr/share/doc/openssl/html/man3/d2i_CMS_ContentInfo.html
+usr/share/doc/openssl/html/man3/d2i_CMS_ReceiptRequest.html
+usr/share/doc/openssl/html/man3/d2i_CRL_DIST_POINTS.html
+usr/share/doc/openssl/html/man3/d2i_DHparams.html
+usr/share/doc/openssl/html/man3/d2i_DHxparams.html
+usr/share/doc/openssl/html/man3/d2i_DIRECTORYSTRING.html
+usr/share/doc/openssl/html/man3/d2i_DISPLAYTEXT.html
+usr/share/doc/openssl/html/man3/d2i_DIST_POINT.html
+usr/share/doc/openssl/html/man3/d2i_DIST_POINT_NAME.html
+usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY_bio.html
+usr/share/doc/openssl/html/man3/d2i_DSA_PUBKEY_fp.html
+usr/share/doc/openssl/html/man3/d2i_DSA_SIG.html
+usr/share/doc/openssl/html/man3/d2i_DSAparams.html
+usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey.html
+usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey_bio.html
+usr/share/doc/openssl/html/man3/d2i_DSAPrivateKey_fp.html
+usr/share/doc/openssl/html/man3/d2i_DSAPublicKey.html
+usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY.html
+usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY_bio.html
+usr/share/doc/openssl/html/man3/d2i_EC_PUBKEY_fp.html
+usr/share/doc/openssl/html/man3/d2i_ECDSA_SIG.html
+usr/share/doc/openssl/html/man3/d2i_ECParameters.html
+usr/share/doc/openssl/html/man3/d2i_ECPKParameters.html
+usr/share/doc/openssl/html/man3/d2i_ECPrivateKey.html
+usr/share/doc/openssl/html/man3/d2i_ECPrivateKey_bio.html
+usr/share/doc/openssl/html/man3/d2i_ECPrivateKey_fp.html
+usr/share/doc/openssl/html/man3/d2i_EDIPARTYNAME.html
+usr/share/doc/openssl/html/man3/d2i_ESS_CERT_ID.html
+usr/share/doc/openssl/html/man3/d2i_ESS_ISSUER_SERIAL.html
+usr/share/doc/openssl/html/man3/d2i_ESS_SIGNING_CERT.html
+usr/share/doc/openssl/html/man3/d2i_EXTENDED_KEY_USAGE.html
+usr/share/doc/openssl/html/man3/d2i_GENERAL_NAME.html
+usr/share/doc/openssl/html/man3/d2i_GENERAL_NAMES.html
+usr/share/doc/openssl/html/man3/d2i_IPAddressChoice.html
+usr/share/doc/openssl/html/man3/d2i_IPAddressFamily.html
+usr/share/doc/openssl/html/man3/d2i_IPAddressOrRange.html
+usr/share/doc/openssl/html/man3/d2i_IPAddressRange.html
+usr/share/doc/openssl/html/man3/d2i_ISSUING_DIST_POINT.html
+usr/share/doc/openssl/html/man3/d2i_NAMING_AUTHORITY.html
+usr/share/doc/openssl/html/man3/d2i_NETSCAPE_CERT_SEQUENCE.html
+usr/share/doc/openssl/html/man3/d2i_NETSCAPE_SPKAC.html
+usr/share/doc/openssl/html/man3/d2i_NETSCAPE_SPKI.html
+usr/share/doc/openssl/html/man3/d2i_NOTICEREF.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_BASICRESP.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_CERTID.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_CERTSTATUS.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_CRLID.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_ONEREQ.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_REQINFO.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_REQUEST.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_RESPBYTES.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_RESPDATA.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_RESPID.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_RESPONSE.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_REVOKEDINFO.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_SERVICELOC.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_SIGNATURE.html
+usr/share/doc/openssl/html/man3/d2i_OCSP_SINGLERESP.html
+usr/share/doc/openssl/html/man3/d2i_OTHERNAME.html
+usr/share/doc/openssl/html/man3/d2i_PBE2PARAM.html
+usr/share/doc/openssl/html/man3/d2i_PBEPARAM.html
+usr/share/doc/openssl/html/man3/d2i_PBKDF2PARAM.html
+usr/share/doc/openssl/html/man3/d2i_PKCS12.html
+usr/share/doc/openssl/html/man3/d2i_PKCS12_BAGS.html
+usr/share/doc/openssl/html/man3/d2i_PKCS12_bio.html
+usr/share/doc/openssl/html/man3/d2i_PKCS12_fp.html
+usr/share/doc/openssl/html/man3/d2i_PKCS12_MAC_DATA.html
+usr/share/doc/openssl/html/man3/d2i_PKCS12_SAFEBAG.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_bio.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_DIGEST.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_ENC_CONTENT.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_ENCRYPT.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_ENVELOPE.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_fp.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_ISSUER_AND_SERIAL.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_RECIP_INFO.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGN_ENVELOPE.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGNED.html
+usr/share/doc/openssl/html/man3/d2i_PKCS7_SIGNER_INFO.html
+usr/share/doc/openssl/html/man3/d2i_PKCS8_bio.html
+usr/share/doc/openssl/html/man3/d2i_PKCS8_fp.html
+usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO.html
+usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO_bio.html
+usr/share/doc/openssl/html/man3/d2i_PKCS8_PRIV_KEY_INFO_fp.html
+usr/share/doc/openssl/html/man3/d2i_PKCS8PrivateKey_bio.html
+usr/share/doc/openssl/html/man3/d2i_PKCS8PrivateKey_fp.html
+usr/share/doc/openssl/html/man3/d2i_PKEY_USAGE_PERIOD.html
+usr/share/doc/openssl/html/man3/d2i_POLICYINFO.html
+usr/share/doc/openssl/html/man3/d2i_POLICYQUALINFO.html
+usr/share/doc/openssl/html/man3/d2i_PrivateKey.html
+usr/share/doc/openssl/html/man3/d2i_PrivateKey_bio.html
+usr/share/doc/openssl/html/man3/d2i_PrivateKey_fp.html
+usr/share/doc/openssl/html/man3/d2i_PROFESSION_INFO.html
+usr/share/doc/openssl/html/man3/d2i_PROXY_CERT_INFO_EXTENSION.html
+usr/share/doc/openssl/html/man3/d2i_PROXY_POLICY.html
+usr/share/doc/openssl/html/man3/d2i_PUBKEY.html
+usr/share/doc/openssl/html/man3/d2i_PUBKEY_bio.html
+usr/share/doc/openssl/html/man3/d2i_PUBKEY_fp.html
+usr/share/doc/openssl/html/man3/d2i_PublicKey.html
+usr/share/doc/openssl/html/man3/d2i_RSA_OAEP_PARAMS.html
+usr/share/doc/openssl/html/man3/d2i_RSA_PSS_PARAMS.html
+usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY_bio.html
+usr/share/doc/openssl/html/man3/d2i_RSA_PUBKEY_fp.html
+usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey.html
+usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey_bio.html
+usr/share/doc/openssl/html/man3/d2i_RSAPrivateKey_fp.html
+usr/share/doc/openssl/html/man3/d2i_RSAPublicKey.html
+usr/share/doc/openssl/html/man3/d2i_RSAPublicKey_bio.html
+usr/share/doc/openssl/html/man3/d2i_RSAPublicKey_fp.html
+usr/share/doc/openssl/html/man3/d2i_SCRYPT_PARAMS.html
+usr/share/doc/openssl/html/man3/d2i_SCT_LIST.html
+usr/share/doc/openssl/html/man3/d2i_SSL_SESSION.html
+usr/share/doc/openssl/html/man3/d2i_SXNET.html
+usr/share/doc/openssl/html/man3/d2i_SXNETID.html
+usr/share/doc/openssl/html/man3/d2i_TS_ACCURACY.html
+usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT.html
+usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT_bio.html
+usr/share/doc/openssl/html/man3/d2i_TS_MSG_IMPRINT_fp.html
+usr/share/doc/openssl/html/man3/d2i_TS_REQ.html
+usr/share/doc/openssl/html/man3/d2i_TS_REQ_bio.html
+usr/share/doc/openssl/html/man3/d2i_TS_REQ_fp.html
+usr/share/doc/openssl/html/man3/d2i_TS_RESP.html
+usr/share/doc/openssl/html/man3/d2i_TS_RESP_bio.html
+usr/share/doc/openssl/html/man3/d2i_TS_RESP_fp.html
+usr/share/doc/openssl/html/man3/d2i_TS_STATUS_INFO.html
+usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO.html
+usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO_bio.html
+usr/share/doc/openssl/html/man3/d2i_TS_TST_INFO_fp.html
+usr/share/doc/openssl/html/man3/d2i_USERNOTICE.html
+usr/share/doc/openssl/html/man3/d2i_X509.html
+usr/share/doc/openssl/html/man3/d2i_X509_ALGOR.html
+usr/share/doc/openssl/html/man3/d2i_X509_ALGORS.html
+usr/share/doc/openssl/html/man3/d2i_X509_ATTRIBUTE.html
+usr/share/doc/openssl/html/man3/d2i_X509_AUX.html
+usr/share/doc/openssl/html/man3/d2i_X509_CERT_AUX.html
+usr/share/doc/openssl/html/man3/d2i_X509_CINF.html
+usr/share/doc/openssl/html/man3/d2i_X509_CRL.html
+usr/share/doc/openssl/html/man3/d2i_X509_CRL_bio.html
+usr/share/doc/openssl/html/man3/d2i_X509_CRL_fp.html
+usr/share/doc/openssl/html/man3/d2i_X509_CRL_INFO.html
+usr/share/doc/openssl/html/man3/d2i_X509_EXTENSION.html
+usr/share/doc/openssl/html/man3/d2i_X509_EXTENSIONS.html
+usr/share/doc/openssl/html/man3/d2i_X509_NAME.html
+usr/share/doc/openssl/html/man3/d2i_X509_NAME_ENTRY.html
+usr/share/doc/openssl/html/man3/d2i_X509_PUBKEY.html
+usr/share/doc/openssl/html/man3/d2i_X509_REQ.html
+usr/share/doc/openssl/html/man3/d2i_X509_REQ_bio.html
+usr/share/doc/openssl/html/man3/d2i_X509_REQ_fp.html
+usr/share/doc/openssl/html/man3/d2i_X509_REQ_INFO.html
+usr/share/doc/openssl/html/man3/d2i_X509_REVOKED.html
+usr/share/doc/openssl/html/man3/d2i_X509_SIG.html
+usr/share/doc/openssl/html/man3/d2i_X509_VAL.html
+usr/share/doc/openssl/html/man3/DECLARE_ASN1_FUNCTIONS.html
+usr/share/doc/openssl/html/man3/DECLARE_LHASH_OF.html
+usr/share/doc/openssl/html/man3/DECLARE_PEM_rw.html
+usr/share/doc/openssl/html/man3/DEFINE_SPECIAL_STACK_OF.html
+usr/share/doc/openssl/html/man3/DEFINE_SPECIAL_STACK_OF_CONST.html
+usr/share/doc/openssl/html/man3/DEFINE_STACK_OF.html
+usr/share/doc/openssl/html/man3/DEFINE_STACK_OF_CONST.html
+usr/share/doc/openssl/html/man3/DES_cbc_cksum.html
+usr/share/doc/openssl/html/man3/DES_cfb64_encrypt.html
+usr/share/doc/openssl/html/man3/DES_cfb_encrypt.html
+usr/share/doc/openssl/html/man3/DES_crypt.html
+usr/share/doc/openssl/html/man3/DES_ecb2_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ecb3_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ecb_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ede2_cbc_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ede2_cfb64_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ede2_ofb64_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ede3_cbc_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ede3_cfb64_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ede3_ofb64_encrypt.html
+usr/share/doc/openssl/html/man3/DES_fcrypt.html
+usr/share/doc/openssl/html/man3/DES_is_weak_key.html
+usr/share/doc/openssl/html/man3/DES_key_sched.html
+usr/share/doc/openssl/html/man3/DES_ncbc_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ofb64_encrypt.html
+usr/share/doc/openssl/html/man3/DES_ofb_encrypt.html
+usr/share/doc/openssl/html/man3/DES_pcbc_encrypt.html
+usr/share/doc/openssl/html/man3/DES_quad_cksum.html
+usr/share/doc/openssl/html/man3/DES_random_key.html
+usr/share/doc/openssl/html/man3/DES_set_key.html
+usr/share/doc/openssl/html/man3/DES_set_key_checked.html
+usr/share/doc/openssl/html/man3/DES_set_key_unchecked.html
+usr/share/doc/openssl/html/man3/DES_set_odd_parity.html
+usr/share/doc/openssl/html/man3/DES_string_to_2keys.html
+usr/share/doc/openssl/html/man3/DES_string_to_key.html
+usr/share/doc/openssl/html/man3/DES_xcbc_encrypt.html
+usr/share/doc/openssl/html/man3/DH_bits.html
+usr/share/doc/openssl/html/man3/DH_check.html
+usr/share/doc/openssl/html/man3/DH_check_ex.html
+usr/share/doc/openssl/html/man3/DH_check_params.html
+usr/share/doc/openssl/html/man3/DH_check_params_ex.html
+usr/share/doc/openssl/html/man3/DH_check_pub_key_ex.html
+usr/share/doc/openssl/html/man3/DH_clear_flags.html
+usr/share/doc/openssl/html/man3/DH_compute_key.html
+usr/share/doc/openssl/html/man3/DH_free.html
+usr/share/doc/openssl/html/man3/DH_generate_key.html
+usr/share/doc/openssl/html/man3/DH_generate_parameters.html
+usr/share/doc/openssl/html/man3/DH_generate_parameters_ex.html
+usr/share/doc/openssl/html/man3/DH_get0_engine.html
+usr/share/doc/openssl/html/man3/DH_get0_g.html
+usr/share/doc/openssl/html/man3/DH_get0_key.html
+usr/share/doc/openssl/html/man3/DH_get0_p.html
+usr/share/doc/openssl/html/man3/DH_get0_pqg.html
+usr/share/doc/openssl/html/man3/DH_get0_priv_key.html
+usr/share/doc/openssl/html/man3/DH_get0_pub_key.html
+usr/share/doc/openssl/html/man3/DH_get0_q.html
+usr/share/doc/openssl/html/man3/DH_get_1024_160.html
+usr/share/doc/openssl/html/man3/DH_get_2048_224.html
+usr/share/doc/openssl/html/man3/DH_get_2048_256.html
+usr/share/doc/openssl/html/man3/DH_get_default_method.html
+usr/share/doc/openssl/html/man3/DH_get_ex_data.html
+usr/share/doc/openssl/html/man3/DH_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/DH_get_length.html
+usr/share/doc/openssl/html/man3/DH_get_nid.html
+usr/share/doc/openssl/html/man3/DH_meth_dup.html
+usr/share/doc/openssl/html/man3/DH_meth_free.html
+usr/share/doc/openssl/html/man3/DH_meth_get0_app_data.html
+usr/share/doc/openssl/html/man3/DH_meth_get0_name.html
+usr/share/doc/openssl/html/man3/DH_meth_get_bn_mod_exp.html
+usr/share/doc/openssl/html/man3/DH_meth_get_compute_key.html
+usr/share/doc/openssl/html/man3/DH_meth_get_finish.html
+usr/share/doc/openssl/html/man3/DH_meth_get_flags.html
+usr/share/doc/openssl/html/man3/DH_meth_get_generate_key.html
+usr/share/doc/openssl/html/man3/DH_meth_get_generate_params.html
+usr/share/doc/openssl/html/man3/DH_meth_get_init.html
+usr/share/doc/openssl/html/man3/DH_meth_new.html
+usr/share/doc/openssl/html/man3/DH_meth_set0_app_data.html
+usr/share/doc/openssl/html/man3/DH_meth_set1_name.html
+usr/share/doc/openssl/html/man3/DH_meth_set_bn_mod_exp.html
+usr/share/doc/openssl/html/man3/DH_meth_set_compute_key.html
+usr/share/doc/openssl/html/man3/DH_meth_set_finish.html
+usr/share/doc/openssl/html/man3/DH_meth_set_flags.html
+usr/share/doc/openssl/html/man3/DH_meth_set_generate_key.html
+usr/share/doc/openssl/html/man3/DH_meth_set_generate_params.html
+usr/share/doc/openssl/html/man3/DH_meth_set_init.html
+usr/share/doc/openssl/html/man3/DH_new.html
+usr/share/doc/openssl/html/man3/DH_new_by_nid.html
+usr/share/doc/openssl/html/man3/DH_new_method.html
+usr/share/doc/openssl/html/man3/DH_OpenSSL.html
+usr/share/doc/openssl/html/man3/DH_security_bits.html
+usr/share/doc/openssl/html/man3/DH_set0_key.html
+usr/share/doc/openssl/html/man3/DH_set0_pqg.html
+usr/share/doc/openssl/html/man3/DH_set_default_method.html
+usr/share/doc/openssl/html/man3/DH_set_ex_data.html
+usr/share/doc/openssl/html/man3/DH_set_flags.html
+usr/share/doc/openssl/html/man3/DH_set_length.html
+usr/share/doc/openssl/html/man3/DH_set_method.html
+usr/share/doc/openssl/html/man3/DH_size.html
+usr/share/doc/openssl/html/man3/DH_test_flags.html
+usr/share/doc/openssl/html/man3/DHparams_print.html
+usr/share/doc/openssl/html/man3/DHparams_print_fp.html
+usr/share/doc/openssl/html/man3/DIRECTORYSTRING_free.html
+usr/share/doc/openssl/html/man3/DIRECTORYSTRING_new.html
+usr/share/doc/openssl/html/man3/DISPLAYTEXT_free.html
+usr/share/doc/openssl/html/man3/DISPLAYTEXT_new.html
+usr/share/doc/openssl/html/man3/DIST_POINT_free.html
+usr/share/doc/openssl/html/man3/DIST_POINT_NAME_free.html
+usr/share/doc/openssl/html/man3/DIST_POINT_NAME_new.html
+usr/share/doc/openssl/html/man3/DIST_POINT_new.html
+usr/share/doc/openssl/html/man3/DSA_bits.html
+usr/share/doc/openssl/html/man3/DSA_clear_flags.html
+usr/share/doc/openssl/html/man3/DSA_do_sign.html
+usr/share/doc/openssl/html/man3/DSA_do_verify.html
+usr/share/doc/openssl/html/man3/DSA_dup_DH.html
+usr/share/doc/openssl/html/man3/DSA_free.html
+usr/share/doc/openssl/html/man3/DSA_generate_key.html
+usr/share/doc/openssl/html/man3/DSA_generate_parameters.html
+usr/share/doc/openssl/html/man3/DSA_generate_parameters_ex.html
+usr/share/doc/openssl/html/man3/DSA_get0_engine.html
+usr/share/doc/openssl/html/man3/DSA_get0_g.html
+usr/share/doc/openssl/html/man3/DSA_get0_key.html
+usr/share/doc/openssl/html/man3/DSA_get0_p.html
+usr/share/doc/openssl/html/man3/DSA_get0_pqg.html
+usr/share/doc/openssl/html/man3/DSA_get0_priv_key.html
+usr/share/doc/openssl/html/man3/DSA_get0_pub_key.html
+usr/share/doc/openssl/html/man3/DSA_get0_q.html
+usr/share/doc/openssl/html/man3/DSA_get_default_method.html
+usr/share/doc/openssl/html/man3/DSA_get_ex_data.html
+usr/share/doc/openssl/html/man3/DSA_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/DSA_meth_dup.html
+usr/share/doc/openssl/html/man3/DSA_meth_free.html
+usr/share/doc/openssl/html/man3/DSA_meth_get0_app_data.html
+usr/share/doc/openssl/html/man3/DSA_meth_get0_name.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_bn_mod_exp.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_finish.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_flags.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_init.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_keygen.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_mod_exp.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_paramgen.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_sign.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_sign_setup.html
+usr/share/doc/openssl/html/man3/DSA_meth_get_verify.html
+usr/share/doc/openssl/html/man3/DSA_meth_new.html
+usr/share/doc/openssl/html/man3/DSA_meth_set0_app_data.html
+usr/share/doc/openssl/html/man3/DSA_meth_set1_name.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_bn_mod_exp.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_finish.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_flags.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_init.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_keygen.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_mod_exp.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_paramgen.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_sign.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_sign_setup.html
+usr/share/doc/openssl/html/man3/DSA_meth_set_verify.html
+usr/share/doc/openssl/html/man3/DSA_new.html
+usr/share/doc/openssl/html/man3/DSA_new_method.html
+usr/share/doc/openssl/html/man3/DSA_OpenSSL.html
+usr/share/doc/openssl/html/man3/DSA_print.html
+usr/share/doc/openssl/html/man3/DSA_print_fp.html
+usr/share/doc/openssl/html/man3/DSA_security_bits.html
+usr/share/doc/openssl/html/man3/DSA_set0_key.html
+usr/share/doc/openssl/html/man3/DSA_set0_pqg.html
+usr/share/doc/openssl/html/man3/DSA_set_default_method.html
+usr/share/doc/openssl/html/man3/DSA_set_ex_data.html
+usr/share/doc/openssl/html/man3/DSA_set_flags.html
+usr/share/doc/openssl/html/man3/DSA_set_method.html
+usr/share/doc/openssl/html/man3/DSA_SIG_free.html
+usr/share/doc/openssl/html/man3/DSA_SIG_get0.html
+usr/share/doc/openssl/html/man3/DSA_SIG_new.html
+usr/share/doc/openssl/html/man3/DSA_SIG_set0.html
+usr/share/doc/openssl/html/man3/DSA_sign.html
+usr/share/doc/openssl/html/man3/DSA_sign_setup.html
+usr/share/doc/openssl/html/man3/DSA_size.html
+usr/share/doc/openssl/html/man3/DSA_test_flags.html
+usr/share/doc/openssl/html/man3/DSA_verify.html
+usr/share/doc/openssl/html/man3/DSAparams_dup.html
+usr/share/doc/openssl/html/man3/DSAparams_print.html
+usr/share/doc/openssl/html/man3/DSAparams_print_fp.html
+usr/share/doc/openssl/html/man3/DTLS_client_method.html
+usr/share/doc/openssl/html/man3/DTLS_get_data_mtu.html
+usr/share/doc/openssl/html/man3/DTLS_method.html
+usr/share/doc/openssl/html/man3/DTLS_server_method.html
+usr/share/doc/openssl/html/man3/DTLS_set_timer_cb.html
+usr/share/doc/openssl/html/man3/DTLS_timer_cb.html
+usr/share/doc/openssl/html/man3/DTLSv1_2_client_method.html
+usr/share/doc/openssl/html/man3/DTLSv1_2_method.html
+usr/share/doc/openssl/html/man3/DTLSv1_2_server_method.html
+usr/share/doc/openssl/html/man3/DTLSv1_client_method.html
+usr/share/doc/openssl/html/man3/DTLSv1_listen.html
+usr/share/doc/openssl/html/man3/DTLSv1_method.html
+usr/share/doc/openssl/html/man3/DTLSv1_server_method.html
+usr/share/doc/openssl/html/man3/EC_get_builtin_curves.html
+usr/share/doc/openssl/html/man3/EC_GF2m_simple_method.html
+usr/share/doc/openssl/html/man3/EC_GFp_mont_method.html
+usr/share/doc/openssl/html/man3/EC_GFp_nist_method.html
+usr/share/doc/openssl/html/man3/EC_GFp_nistp224_method.html
+usr/share/doc/openssl/html/man3/EC_GFp_nistp256_method.html
+usr/share/doc/openssl/html/man3/EC_GFp_nistp521_method.html
+usr/share/doc/openssl/html/man3/EC_GFp_simple_method.html
+usr/share/doc/openssl/html/man3/EC_GROUP_check.html
+usr/share/doc/openssl/html/man3/EC_GROUP_check_discriminant.html
+usr/share/doc/openssl/html/man3/EC_GROUP_clear_free.html
+usr/share/doc/openssl/html/man3/EC_GROUP_cmp.html
+usr/share/doc/openssl/html/man3/EC_GROUP_copy.html
+usr/share/doc/openssl/html/man3/EC_GROUP_dup.html
+usr/share/doc/openssl/html/man3/EC_GROUP_free.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get0_cofactor.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get0_generator.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get0_order.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get0_seed.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_asn1_flag.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_basis_type.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_cofactor.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_curve.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_GF2m.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_GFp.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_curve_name.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_degree.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_ecparameters.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_ecpkparameters.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_order.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_pentanomial_basis.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_point_conversion_form.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_seed_len.html
+usr/share/doc/openssl/html/man3/EC_GROUP_get_trinomial_basis.html
+usr/share/doc/openssl/html/man3/EC_GROUP_have_precompute_mult.html
+usr/share/doc/openssl/html/man3/EC_GROUP_method_of.html
+usr/share/doc/openssl/html/man3/EC_GROUP_new.html
+usr/share/doc/openssl/html/man3/EC_GROUP_new_by_curve_name.html
+usr/share/doc/openssl/html/man3/EC_GROUP_new_curve_GF2m.html
+usr/share/doc/openssl/html/man3/EC_GROUP_new_curve_GFp.html
+usr/share/doc/openssl/html/man3/EC_GROUP_new_from_ecparameters.html
+usr/share/doc/openssl/html/man3/EC_GROUP_new_from_ecpkparameters.html
+usr/share/doc/openssl/html/man3/EC_GROUP_order_bits.html
+usr/share/doc/openssl/html/man3/EC_GROUP_precompute_mult.html
+usr/share/doc/openssl/html/man3/EC_GROUP_set_asn1_flag.html
+usr/share/doc/openssl/html/man3/EC_GROUP_set_curve.html
+usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_GF2m.html
+usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_GFp.html
+usr/share/doc/openssl/html/man3/EC_GROUP_set_curve_name.html
+usr/share/doc/openssl/html/man3/EC_GROUP_set_generator.html
+usr/share/doc/openssl/html/man3/EC_GROUP_set_point_conversion_form.html
+usr/share/doc/openssl/html/man3/EC_GROUP_set_seed.html
+usr/share/doc/openssl/html/man3/EC_KEY_check_key.html
+usr/share/doc/openssl/html/man3/EC_KEY_clear_flags.html
+usr/share/doc/openssl/html/man3/EC_KEY_copy.html
+usr/share/doc/openssl/html/man3/EC_KEY_dup.html
+usr/share/doc/openssl/html/man3/EC_KEY_free.html
+usr/share/doc/openssl/html/man3/EC_KEY_generate_key.html
+usr/share/doc/openssl/html/man3/EC_KEY_get0_engine.html
+usr/share/doc/openssl/html/man3/EC_KEY_get0_group.html
+usr/share/doc/openssl/html/man3/EC_KEY_get0_private_key.html
+usr/share/doc/openssl/html/man3/EC_KEY_get0_public_key.html
+usr/share/doc/openssl/html/man3/EC_KEY_get_conv_form.html
+usr/share/doc/openssl/html/man3/EC_KEY_get_enc_flags.html
+usr/share/doc/openssl/html/man3/EC_KEY_get_ex_data.html
+usr/share/doc/openssl/html/man3/EC_KEY_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/EC_KEY_get_flags.html
+usr/share/doc/openssl/html/man3/EC_KEY_get_method.html
+usr/share/doc/openssl/html/man3/EC_KEY_key2buf.html
+usr/share/doc/openssl/html/man3/EC_KEY_new.html
+usr/share/doc/openssl/html/man3/EC_KEY_new_by_curve_name.html
+usr/share/doc/openssl/html/man3/EC_KEY_oct2key.html
+usr/share/doc/openssl/html/man3/EC_KEY_oct2priv.html
+usr/share/doc/openssl/html/man3/EC_KEY_precompute_mult.html
+usr/share/doc/openssl/html/man3/EC_KEY_priv2buf.html
+usr/share/doc/openssl/html/man3/EC_KEY_priv2oct.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_asn1_flag.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_conv_form.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_enc_flags.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_ex_data.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_flags.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_group.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_method.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_private_key.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_public_key.html
+usr/share/doc/openssl/html/man3/EC_KEY_set_public_key_affine_coordinates.html
+usr/share/doc/openssl/html/man3/EC_KEY_up_ref.html
+usr/share/doc/openssl/html/man3/EC_METHOD_get_field_type.html
+usr/share/doc/openssl/html/man3/EC_POINT_add.html
+usr/share/doc/openssl/html/man3/EC_POINT_bn2point.html
+usr/share/doc/openssl/html/man3/EC_POINT_clear_free.html
+usr/share/doc/openssl/html/man3/EC_POINT_cmp.html
+usr/share/doc/openssl/html/man3/EC_POINT_copy.html
+usr/share/doc/openssl/html/man3/EC_POINT_dbl.html
+usr/share/doc/openssl/html/man3/EC_POINT_dup.html
+usr/share/doc/openssl/html/man3/EC_POINT_free.html
+usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates.html
+usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates_GF2m.html
+usr/share/doc/openssl/html/man3/EC_POINT_get_affine_coordinates_GFp.html
+usr/share/doc/openssl/html/man3/EC_POINT_get_Jprojective_coordinates_GFp.html
+usr/share/doc/openssl/html/man3/EC_POINT_hex2point.html
+usr/share/doc/openssl/html/man3/EC_POINT_invert.html
+usr/share/doc/openssl/html/man3/EC_POINT_is_at_infinity.html
+usr/share/doc/openssl/html/man3/EC_POINT_is_on_curve.html
+usr/share/doc/openssl/html/man3/EC_POINT_make_affine.html
+usr/share/doc/openssl/html/man3/EC_POINT_method_of.html
+usr/share/doc/openssl/html/man3/EC_POINT_mul.html
+usr/share/doc/openssl/html/man3/EC_POINT_new.html
+usr/share/doc/openssl/html/man3/EC_POINT_oct2point.html
+usr/share/doc/openssl/html/man3/EC_POINT_point2bn.html
+usr/share/doc/openssl/html/man3/EC_POINT_point2buf.html
+usr/share/doc/openssl/html/man3/EC_POINT_point2hex.html
+usr/share/doc/openssl/html/man3/EC_POINT_point2oct.html
+usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates.html
+usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates_GF2m.html
+usr/share/doc/openssl/html/man3/EC_POINT_set_affine_coordinates_GFp.html
+usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates.html
+usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates_GF2m.html
+usr/share/doc/openssl/html/man3/EC_POINT_set_compressed_coordinates_GFp.html
+usr/share/doc/openssl/html/man3/EC_POINT_set_Jprojective_coordinates_GFp.html
+usr/share/doc/openssl/html/man3/EC_POINT_set_to_infinity.html
+usr/share/doc/openssl/html/man3/EC_POINTs_make_affine.html
+usr/share/doc/openssl/html/man3/EC_POINTs_mul.html
+usr/share/doc/openssl/html/man3/ECDH_get_ex_data.html
+usr/share/doc/openssl/html/man3/ECDH_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/ECDH_set_ex_data.html
+usr/share/doc/openssl/html/man3/ECDSA_do_sign.html
+usr/share/doc/openssl/html/man3/ECDSA_do_sign_ex.html
+usr/share/doc/openssl/html/man3/ECDSA_do_verify.html
+usr/share/doc/openssl/html/man3/ECDSA_SIG_free.html
+usr/share/doc/openssl/html/man3/ECDSA_SIG_get0.html
+usr/share/doc/openssl/html/man3/ECDSA_SIG_get0_r.html
+usr/share/doc/openssl/html/man3/ECDSA_SIG_get0_s.html
+usr/share/doc/openssl/html/man3/ECDSA_SIG_new.html
+usr/share/doc/openssl/html/man3/ECDSA_SIG_set0.html
+usr/share/doc/openssl/html/man3/ECDSA_sign.html
+usr/share/doc/openssl/html/man3/ECDSA_sign_ex.html
+usr/share/doc/openssl/html/man3/ECDSA_sign_setup.html
+usr/share/doc/openssl/html/man3/ECDSA_size.html
+usr/share/doc/openssl/html/man3/ECDSA_verify.html
+usr/share/doc/openssl/html/man3/ECPARAMETERS_free.html
+usr/share/doc/openssl/html/man3/ECPARAMETERS_new.html
+usr/share/doc/openssl/html/man3/ECPKPARAMETERS_free.html
+usr/share/doc/openssl/html/man3/ECPKPARAMETERS_new.html
+usr/share/doc/openssl/html/man3/ECPKParameters_print.html
+usr/share/doc/openssl/html/man3/ECPKParameters_print_fp.html
+usr/share/doc/openssl/html/man3/EDIPARTYNAME_free.html
+usr/share/doc/openssl/html/man3/EDIPARTYNAME_new.html
+usr/share/doc/openssl/html/man3/ENGINE_add.html
+usr/share/doc/openssl/html/man3/ENGINE_add_conf_module.html
+usr/share/doc/openssl/html/man3/ENGINE_by_id.html
+usr/share/doc/openssl/html/man3/ENGINE_cleanup.html
+usr/share/doc/openssl/html/man3/ENGINE_cmd_is_executable.html
+usr/share/doc/openssl/html/man3/ENGINE_ctrl.html
+usr/share/doc/openssl/html/man3/ENGINE_ctrl_cmd.html
+usr/share/doc/openssl/html/man3/ENGINE_ctrl_cmd_string.html
+usr/share/doc/openssl/html/man3/ENGINE_finish.html
+usr/share/doc/openssl/html/man3/ENGINE_free.html
+usr/share/doc/openssl/html/man3/ENGINE_get_cipher.html
+usr/share/doc/openssl/html/man3/ENGINE_get_cipher_engine.html
+usr/share/doc/openssl/html/man3/ENGINE_get_ciphers.html
+usr/share/doc/openssl/html/man3/ENGINE_get_cmd_defns.html
+usr/share/doc/openssl/html/man3/ENGINE_get_ctrl_function.html
+usr/share/doc/openssl/html/man3/ENGINE_get_default_DH.html
+usr/share/doc/openssl/html/man3/ENGINE_get_default_DSA.html
+usr/share/doc/openssl/html/man3/ENGINE_get_default_RAND.html
+usr/share/doc/openssl/html/man3/ENGINE_get_default_RSA.html
+usr/share/doc/openssl/html/man3/ENGINE_get_destroy_function.html
+usr/share/doc/openssl/html/man3/ENGINE_get_DH.html
+usr/share/doc/openssl/html/man3/ENGINE_get_digest.html
+usr/share/doc/openssl/html/man3/ENGINE_get_digest_engine.html
+usr/share/doc/openssl/html/man3/ENGINE_get_digests.html
+usr/share/doc/openssl/html/man3/ENGINE_get_DSA.html
+usr/share/doc/openssl/html/man3/ENGINE_get_ex_data.html
+usr/share/doc/openssl/html/man3/ENGINE_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/ENGINE_get_finish_function.html
+usr/share/doc/openssl/html/man3/ENGINE_get_first.html
+usr/share/doc/openssl/html/man3/ENGINE_get_flags.html
+usr/share/doc/openssl/html/man3/ENGINE_get_id.html
+usr/share/doc/openssl/html/man3/ENGINE_get_init_function.html
+usr/share/doc/openssl/html/man3/ENGINE_get_last.html
+usr/share/doc/openssl/html/man3/ENGINE_get_load_privkey_function.html
+usr/share/doc/openssl/html/man3/ENGINE_get_load_pubkey_function.html
+usr/share/doc/openssl/html/man3/ENGINE_get_name.html
+usr/share/doc/openssl/html/man3/ENGINE_get_next.html
+usr/share/doc/openssl/html/man3/ENGINE_get_prev.html
+usr/share/doc/openssl/html/man3/ENGINE_get_RAND.html
+usr/share/doc/openssl/html/man3/ENGINE_get_RSA.html
+usr/share/doc/openssl/html/man3/ENGINE_get_table_flags.html
+usr/share/doc/openssl/html/man3/ENGINE_init.html
+usr/share/doc/openssl/html/man3/ENGINE_load_builtin_engines.html
+usr/share/doc/openssl/html/man3/ENGINE_load_private_key.html
+usr/share/doc/openssl/html/man3/ENGINE_load_public_key.html
+usr/share/doc/openssl/html/man3/ENGINE_new.html
+usr/share/doc/openssl/html/man3/ENGINE_register_all_ciphers.html
+usr/share/doc/openssl/html/man3/ENGINE_register_all_complete.html
+usr/share/doc/openssl/html/man3/ENGINE_register_all_DH.html
+usr/share/doc/openssl/html/man3/ENGINE_register_all_digests.html
+usr/share/doc/openssl/html/man3/ENGINE_register_all_DSA.html
+usr/share/doc/openssl/html/man3/ENGINE_register_all_RAND.html
+usr/share/doc/openssl/html/man3/ENGINE_register_all_RSA.html
+usr/share/doc/openssl/html/man3/ENGINE_register_ciphers.html
+usr/share/doc/openssl/html/man3/ENGINE_register_complete.html
+usr/share/doc/openssl/html/man3/ENGINE_register_DH.html
+usr/share/doc/openssl/html/man3/ENGINE_register_digests.html
+usr/share/doc/openssl/html/man3/ENGINE_register_DSA.html
+usr/share/doc/openssl/html/man3/ENGINE_register_RAND.html
+usr/share/doc/openssl/html/man3/ENGINE_register_RSA.html
+usr/share/doc/openssl/html/man3/ENGINE_remove.html
+usr/share/doc/openssl/html/man3/ENGINE_set_ciphers.html
+usr/share/doc/openssl/html/man3/ENGINE_set_cmd_defns.html
+usr/share/doc/openssl/html/man3/ENGINE_set_ctrl_function.html
+usr/share/doc/openssl/html/man3/ENGINE_set_default.html
+usr/share/doc/openssl/html/man3/ENGINE_set_default_ciphers.html
+usr/share/doc/openssl/html/man3/ENGINE_set_default_DH.html
+usr/share/doc/openssl/html/man3/ENGINE_set_default_digests.html
+usr/share/doc/openssl/html/man3/ENGINE_set_default_DSA.html
+usr/share/doc/openssl/html/man3/ENGINE_set_default_RAND.html
+usr/share/doc/openssl/html/man3/ENGINE_set_default_RSA.html
+usr/share/doc/openssl/html/man3/ENGINE_set_default_string.html
+usr/share/doc/openssl/html/man3/ENGINE_set_destroy_function.html
+usr/share/doc/openssl/html/man3/ENGINE_set_DH.html
+usr/share/doc/openssl/html/man3/ENGINE_set_digests.html
+usr/share/doc/openssl/html/man3/ENGINE_set_DSA.html
+usr/share/doc/openssl/html/man3/ENGINE_set_ex_data.html
+usr/share/doc/openssl/html/man3/ENGINE_set_finish_function.html
+usr/share/doc/openssl/html/man3/ENGINE_set_flags.html
+usr/share/doc/openssl/html/man3/ENGINE_set_id.html
+usr/share/doc/openssl/html/man3/ENGINE_set_init_function.html
+usr/share/doc/openssl/html/man3/ENGINE_set_load_privkey_function.html
+usr/share/doc/openssl/html/man3/ENGINE_set_load_pubkey_function.html
+usr/share/doc/openssl/html/man3/ENGINE_set_name.html
+usr/share/doc/openssl/html/man3/ENGINE_set_RAND.html
+usr/share/doc/openssl/html/man3/ENGINE_set_RSA.html
+usr/share/doc/openssl/html/man3/ENGINE_set_table_flags.html
+usr/share/doc/openssl/html/man3/ENGINE_unregister_ciphers.html
+usr/share/doc/openssl/html/man3/ENGINE_unregister_DH.html
+usr/share/doc/openssl/html/man3/ENGINE_unregister_digests.html
+usr/share/doc/openssl/html/man3/ENGINE_unregister_DSA.html
+usr/share/doc/openssl/html/man3/ENGINE_unregister_RAND.html
+usr/share/doc/openssl/html/man3/ENGINE_unregister_RSA.html
+usr/share/doc/openssl/html/man3/ENGINE_up_ref.html
+usr/share/doc/openssl/html/man3/ERR_add_error_data.html
+usr/share/doc/openssl/html/man3/ERR_add_error_vdata.html
+usr/share/doc/openssl/html/man3/ERR_clear_error.html
+usr/share/doc/openssl/html/man3/ERR_error_string.html
+usr/share/doc/openssl/html/man3/ERR_error_string_n.html
+usr/share/doc/openssl/html/man3/ERR_FATAL_ERROR.html
+usr/share/doc/openssl/html/man3/ERR_free_strings.html
+usr/share/doc/openssl/html/man3/ERR_func_error_string.html
+usr/share/doc/openssl/html/man3/ERR_get_error.html
+usr/share/doc/openssl/html/man3/ERR_get_error_line.html
+usr/share/doc/openssl/html/man3/ERR_get_error_line_data.html
+usr/share/doc/openssl/html/man3/ERR_GET_FUNC.html
+usr/share/doc/openssl/html/man3/ERR_GET_LIB.html
+usr/share/doc/openssl/html/man3/ERR_get_next_error_library.html
+usr/share/doc/openssl/html/man3/ERR_GET_REASON.html
+usr/share/doc/openssl/html/man3/ERR_lib_error_string.html
+usr/share/doc/openssl/html/man3/ERR_load_crypto_strings.html
+usr/share/doc/openssl/html/man3/ERR_load_strings.html
+usr/share/doc/openssl/html/man3/ERR_PACK.html
+usr/share/doc/openssl/html/man3/ERR_peek_error.html
+usr/share/doc/openssl/html/man3/ERR_peek_error_line.html
+usr/share/doc/openssl/html/man3/ERR_peek_error_line_data.html
+usr/share/doc/openssl/html/man3/ERR_peek_last_error.html
+usr/share/doc/openssl/html/man3/ERR_peek_last_error_line.html
+usr/share/doc/openssl/html/man3/ERR_peek_last_error_line_data.html
+usr/share/doc/openssl/html/man3/ERR_pop_to_mark.html
+usr/share/doc/openssl/html/man3/ERR_print_errors.html
+usr/share/doc/openssl/html/man3/ERR_print_errors_cb.html
+usr/share/doc/openssl/html/man3/ERR_print_errors_fp.html
+usr/share/doc/openssl/html/man3/ERR_put_error.html
+usr/share/doc/openssl/html/man3/ERR_reason_error_string.html
+usr/share/doc/openssl/html/man3/ERR_remove_state.html
+usr/share/doc/openssl/html/man3/ERR_remove_thread_state.html
+usr/share/doc/openssl/html/man3/ERR_set_mark.html
+usr/share/doc/openssl/html/man3/ESS_CERT_ID_dup.html
+usr/share/doc/openssl/html/man3/ESS_CERT_ID_free.html
+usr/share/doc/openssl/html/man3/ESS_CERT_ID_new.html
+usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_dup.html
+usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_free.html
+usr/share/doc/openssl/html/man3/ESS_ISSUER_SERIAL_new.html
+usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_dup.html
+usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_free.html
+usr/share/doc/openssl/html/man3/ESS_SIGNING_CERT_new.html
+usr/share/doc/openssl/html/man3/EVP_aes.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_cbc.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_cbc_hmac_sha1.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_cbc_hmac_sha256.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_ccm.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_cfb.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_ctr.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_ecb.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_gcm.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_ocb.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_ofb.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_wrap.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_wrap_pad.html
+usr/share/doc/openssl/html/man3/EVP_aes_128_xts.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_cbc.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_ccm.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_cfb.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_ctr.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_ecb.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_gcm.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_ocb.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_ofb.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_wrap.html
+usr/share/doc/openssl/html/man3/EVP_aes_192_wrap_pad.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_cbc.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_cbc_hmac_sha1.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_cbc_hmac_sha256.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_ccm.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_cfb.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_ctr.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_ecb.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_gcm.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_ocb.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_ofb.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_wrap.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_wrap_pad.html
+usr/share/doc/openssl/html/man3/EVP_aes_256_xts.html
+usr/share/doc/openssl/html/man3/EVP_aria.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_cbc.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_ccm.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_cfb.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_ctr.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_ecb.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_gcm.html
+usr/share/doc/openssl/html/man3/EVP_aria_128_ofb.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_cbc.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_ccm.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_cfb.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_ctr.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_ecb.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_gcm.html
+usr/share/doc/openssl/html/man3/EVP_aria_192_ofb.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_cbc.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_ccm.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_cfb.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_ctr.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_ecb.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_gcm.html
+usr/share/doc/openssl/html/man3/EVP_aria_256_ofb.html
+usr/share/doc/openssl/html/man3/EVP_bf_cbc.html
+usr/share/doc/openssl/html/man3/EVP_bf_cfb.html
+usr/share/doc/openssl/html/man3/EVP_bf_cfb64.html
+usr/share/doc/openssl/html/man3/EVP_bf_ecb.html
+usr/share/doc/openssl/html/man3/EVP_bf_ofb.html
+usr/share/doc/openssl/html/man3/EVP_blake2b512.html
+usr/share/doc/openssl/html/man3/EVP_blake2s256.html
+usr/share/doc/openssl/html/man3/EVP_BytesToKey.html
+usr/share/doc/openssl/html/man3/EVP_camellia.html
+usr/share/doc/openssl/html/man3/EVP_camellia_128_cbc.html
+usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb.html
+usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_camellia_128_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_camellia_128_ctr.html
+usr/share/doc/openssl/html/man3/EVP_camellia_128_ecb.html
+usr/share/doc/openssl/html/man3/EVP_camellia_128_ofb.html
+usr/share/doc/openssl/html/man3/EVP_camellia_192_cbc.html
+usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb.html
+usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_camellia_192_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_camellia_192_ctr.html
+usr/share/doc/openssl/html/man3/EVP_camellia_192_ecb.html
+usr/share/doc/openssl/html/man3/EVP_camellia_192_ofb.html
+usr/share/doc/openssl/html/man3/EVP_camellia_256_cbc.html
+usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb.html
+usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_camellia_256_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_camellia_256_ctr.html
+usr/share/doc/openssl/html/man3/EVP_camellia_256_ecb.html
+usr/share/doc/openssl/html/man3/EVP_camellia_256_ofb.html
+usr/share/doc/openssl/html/man3/EVP_cast5_cbc.html
+usr/share/doc/openssl/html/man3/EVP_cast5_cfb.html
+usr/share/doc/openssl/html/man3/EVP_cast5_cfb64.html
+usr/share/doc/openssl/html/man3/EVP_cast5_ecb.html
+usr/share/doc/openssl/html/man3/EVP_cast5_ofb.html
+usr/share/doc/openssl/html/man3/EVP_chacha20.html
+usr/share/doc/openssl/html/man3/EVP_chacha20_poly1305.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_asn1_to_param.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_block_size.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_block_size.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_cipher.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_flags.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_free.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_get_app_data.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_get_cipher_data.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_iv_length.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_key_length.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_mode.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_new.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_nid.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_reset.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_app_data.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_cipher_data.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_key_length.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_set_padding.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_CTX_type.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_flags.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_iv_length.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_key_length.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_dup.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_free.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_cleanup.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_do_cipher.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_get_asn1_params.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_init.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_get_set_asn1_params.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_new.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_cleanup.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_do_cipher.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_flags.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_get_asn1_params.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_impl_ctx_size.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_init.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_iv_length.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_meth_set_set_asn1_params.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_mode.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_nid.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_param_to_asn1.html
+usr/share/doc/openssl/html/man3/EVP_CIPHER_type.html
+usr/share/doc/openssl/html/man3/EVP_CipherFinal.html
+usr/share/doc/openssl/html/man3/EVP_CipherFinal_ex.html
+usr/share/doc/openssl/html/man3/EVP_CipherInit.html
+usr/share/doc/openssl/html/man3/EVP_CipherInit_ex.html
+usr/share/doc/openssl/html/man3/EVP_CipherUpdate.html
+usr/share/doc/openssl/html/man3/EVP_cleanup.html
+usr/share/doc/openssl/html/man3/EVP_DecodeBlock.html
+usr/share/doc/openssl/html/man3/EVP_DecodeFinal.html
+usr/share/doc/openssl/html/man3/EVP_DecodeInit.html
+usr/share/doc/openssl/html/man3/EVP_DecodeUpdate.html
+usr/share/doc/openssl/html/man3/EVP_DecryptFinal.html
+usr/share/doc/openssl/html/man3/EVP_DecryptFinal_ex.html
+usr/share/doc/openssl/html/man3/EVP_DecryptInit.html
+usr/share/doc/openssl/html/man3/EVP_DecryptInit_ex.html
+usr/share/doc/openssl/html/man3/EVP_DecryptUpdate.html
+usr/share/doc/openssl/html/man3/EVP_des.html
+usr/share/doc/openssl/html/man3/EVP_des_cbc.html
+usr/share/doc/openssl/html/man3/EVP_des_cfb.html
+usr/share/doc/openssl/html/man3/EVP_des_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_des_cfb64.html
+usr/share/doc/openssl/html/man3/EVP_des_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_des_ecb.html
+usr/share/doc/openssl/html/man3/EVP_des_ede.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3_cbc.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb1.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb64.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3_cfb8.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3_ecb.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3_ofb.html
+usr/share/doc/openssl/html/man3/EVP_des_ede3_wrap.html
+usr/share/doc/openssl/html/man3/EVP_des_ede_cbc.html
+usr/share/doc/openssl/html/man3/EVP_des_ede_cfb.html
+usr/share/doc/openssl/html/man3/EVP_des_ede_cfb64.html
+usr/share/doc/openssl/html/man3/EVP_des_ede_ecb.html
+usr/share/doc/openssl/html/man3/EVP_des_ede_ofb.html
+usr/share/doc/openssl/html/man3/EVP_des_ofb.html
+usr/share/doc/openssl/html/man3/EVP_desx_cbc.html
+usr/share/doc/openssl/html/man3/EVP_DigestFinal.html
+usr/share/doc/openssl/html/man3/EVP_DigestFinal_ex.html
+usr/share/doc/openssl/html/man3/EVP_DigestFinalXOF.html
+usr/share/doc/openssl/html/man3/EVP_DigestInit.html
+usr/share/doc/openssl/html/man3/EVP_DigestInit_ex.html
+usr/share/doc/openssl/html/man3/EVP_DigestSign.html
+usr/share/doc/openssl/html/man3/EVP_DigestSignFinal.html
+usr/share/doc/openssl/html/man3/EVP_DigestSignInit.html
+usr/share/doc/openssl/html/man3/EVP_DigestSignUpdate.html
+usr/share/doc/openssl/html/man3/EVP_DigestUpdate.html
+usr/share/doc/openssl/html/man3/EVP_DigestVerify.html
+usr/share/doc/openssl/html/man3/EVP_DigestVerifyFinal.html
+usr/share/doc/openssl/html/man3/EVP_DigestVerifyInit.html
+usr/share/doc/openssl/html/man3/EVP_DigestVerifyUpdate.html
+usr/share/doc/openssl/html/man3/EVP_enc_null.html
+usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_copy.html
+usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_free.html
+usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_new.html
+usr/share/doc/openssl/html/man3/EVP_ENCODE_CTX_num.html
+usr/share/doc/openssl/html/man3/EVP_EncodeBlock.html
+usr/share/doc/openssl/html/man3/EVP_EncodeFinal.html
+usr/share/doc/openssl/html/man3/EVP_EncodeInit.html
+usr/share/doc/openssl/html/man3/EVP_EncodeUpdate.html
+usr/share/doc/openssl/html/man3/EVP_EncryptFinal.html
+usr/share/doc/openssl/html/man3/EVP_EncryptFinal_ex.html
+usr/share/doc/openssl/html/man3/EVP_EncryptInit.html
+usr/share/doc/openssl/html/man3/EVP_EncryptInit_ex.html
+usr/share/doc/openssl/html/man3/EVP_EncryptUpdate.html
+usr/share/doc/openssl/html/man3/EVP_get_cipherbyname.html
+usr/share/doc/openssl/html/man3/EVP_get_cipherbynid.html
+usr/share/doc/openssl/html/man3/EVP_get_cipherbyobj.html
+usr/share/doc/openssl/html/man3/EVP_get_digestbyname.html
+usr/share/doc/openssl/html/man3/EVP_get_digestbynid.html
+usr/share/doc/openssl/html/man3/EVP_get_digestbyobj.html
+usr/share/doc/openssl/html/man3/EVP_idea_cbc.html
+usr/share/doc/openssl/html/man3/EVP_idea_cfb.html
+usr/share/doc/openssl/html/man3/EVP_idea_cfb64.html
+usr/share/doc/openssl/html/man3/EVP_idea_ecb.html
+usr/share/doc/openssl/html/man3/EVP_idea_ofb.html
+usr/share/doc/openssl/html/man3/EVP_md2.html
+usr/share/doc/openssl/html/man3/EVP_md4.html
+usr/share/doc/openssl/html/man3/EVP_md5.html
+usr/share/doc/openssl/html/man3/EVP_md5_sha1.html
+usr/share/doc/openssl/html/man3/EVP_MD_block_size.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_block_size.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_clear_flags.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_copy.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_copy_ex.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_free.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_md.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_md_data.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_new.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_reset.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_set_flags.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_set_pkey_ctx.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_size.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_test_flags.html
+usr/share/doc/openssl/html/man3/EVP_MD_CTX_type.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_dup.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_free.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_app_datasize.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_cleanup.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_copy.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_final.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_flags.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_init.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_input_blocksize.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_result_size.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_get_update.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_new.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_app_datasize.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_cleanup.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_copy.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_final.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_flags.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_init.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_input_blocksize.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_result_size.html
+usr/share/doc/openssl/html/man3/EVP_MD_meth_set_update.html
+usr/share/doc/openssl/html/man3/EVP_md_null.html
+usr/share/doc/openssl/html/man3/EVP_MD_pkey_type.html
+usr/share/doc/openssl/html/man3/EVP_MD_size.html
+usr/share/doc/openssl/html/man3/EVP_MD_type.html
+usr/share/doc/openssl/html/man3/EVP_mdc2.html
+usr/share/doc/openssl/html/man3/EVP_OpenFinal.html
+usr/share/doc/openssl/html/man3/EVP_OpenInit.html
+usr/share/doc/openssl/html/man3/EVP_OpenUpdate.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_add0.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_add_alias.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_copy.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_find.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_find_str.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_free.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get0.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get0_info.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_get_count.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_ASN1_METHOD.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_new.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_free.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_get_priv_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_get_pub_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_item.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_param.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_param_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_private.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_public.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_public_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_security_bits.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_set_priv_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_set_pub_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_asn1_set_siginf.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_assign_DH.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_assign_DSA.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_assign_EC_KEY.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_assign_POLY1305.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_assign_RSA.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_assign_SIPHASH.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_base_id.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_cmp.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_cmp_parameters.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_copy_parameters.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_add1_hkdf_info.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_add1_tls1_prf_seed.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl_str.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_ctrl_uint64.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_dup.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_free.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_dh_kdf_oid.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_dh_kdf_ukm.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_ecdh_kdf_ukm.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get0_rsa_oaep_label.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get1_id.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get1_id_len.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_app_data.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_cb.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_outlen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_dh_kdf_type.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_cofactor_mode.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_outlen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_ecdh_kdf_type.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_keygen_info.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_mgf1_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_oaep_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_padding.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_rsa_pss_saltlen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_get_signature_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_hkdf_mode.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_new.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_new_id.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_dh_kdf_oid.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_dh_kdf_ukm.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_ecdh_kdf_ukm.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set0_rsa_oaep_label.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_hkdf_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_hkdf_salt.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_id.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_pbe_pass.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_scrypt_salt.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set1_tls1_prf_secret.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_app_data.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_cb.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_outlen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_kdf_type.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_nid.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_pad.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_subprime_len.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_paramgen_type.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dh_rfc5114.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dhx_rfc5114.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ec_param_enc.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_outlen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_ecdh_kdf_type.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_hkdf_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_mac_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_bits.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_primes.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_mgf1_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_oaep_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_padding.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_N.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_p.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_scrypt_r.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_signature_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_CTX_set_tls1_prf_md.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_decrypt.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_decrypt_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_derive.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_derive_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_derive_set_peer.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_encrypt.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_encrypt_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_free.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_gen_cb.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get0_asn1.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get0_DH.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get0_DSA.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get0_EC_KEY.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get0_hmac.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get0_poly1305.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get0_RSA.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get0_siphash.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get1_DH.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get1_DSA.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get1_EC_KEY.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get1_RSA.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get_default_digest_nid.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get_raw_private_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_get_raw_public_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_id.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_keygen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_keygen_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_add0.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_copy.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_find.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_free.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get0.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get0_info.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_cleanup.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_copy.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_count.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_decrypt.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_derive.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_digest_custom.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_encrypt.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_keygen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_param_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_paramgen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_public_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_sign.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_signctx.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verify.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verify_recover.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_get_verifyctx.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_new.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_remove.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_cleanup.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_copy.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_ctrl.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_decrypt.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_derive.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_digest_custom.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_encrypt.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_keygen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_param_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_paramgen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_public_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_sign.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_signctx.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verify.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verify_recover.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_meth_set_verifyctx.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_METHOD.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_missing_parameters.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_new.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_new_CMAC_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_new_mac_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_new_raw_private_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_new_raw_public_key.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_param_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_paramgen.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_paramgen_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_print_params.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_print_private.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_print_public.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_public_check.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_security_bits.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_set1_DH.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_set1_DSA.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_set1_EC_KEY.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_set1_engine.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_set1_RSA.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_set_alias_type.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_sign.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_sign_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_size.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_type.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_up_ref.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_verify.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_verify_init.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_verify_recover.html
+usr/share/doc/openssl/html/man3/EVP_PKEY_verify_recover_init.html
+usr/share/doc/openssl/html/man3/EVP_rc2_40_cbc.html
+usr/share/doc/openssl/html/man3/EVP_rc2_64_cbc.html
+usr/share/doc/openssl/html/man3/EVP_rc2_cbc.html
+usr/share/doc/openssl/html/man3/EVP_rc2_cfb.html
+usr/share/doc/openssl/html/man3/EVP_rc2_cfb64.html
+usr/share/doc/openssl/html/man3/EVP_rc2_ecb.html
+usr/share/doc/openssl/html/man3/EVP_rc2_ofb.html
+usr/share/doc/openssl/html/man3/EVP_rc4.html
+usr/share/doc/openssl/html/man3/EVP_rc4_40.html
+usr/share/doc/openssl/html/man3/EVP_rc4_hmac_md5.html
+usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cbc.html
+usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cfb.html
+usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_cfb64.html
+usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_ecb.html
+usr/share/doc/openssl/html/man3/EVP_rc5_32_12_16_ofb.html
+usr/share/doc/openssl/html/man3/EVP_ripemd160.html
+usr/share/doc/openssl/html/man3/EVP_SealFinal.html
+usr/share/doc/openssl/html/man3/EVP_SealInit.html
+usr/share/doc/openssl/html/man3/EVP_SealUpdate.html
+usr/share/doc/openssl/html/man3/EVP_seed_cbc.html
+usr/share/doc/openssl/html/man3/EVP_seed_cfb.html
+usr/share/doc/openssl/html/man3/EVP_seed_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_seed_ecb.html
+usr/share/doc/openssl/html/man3/EVP_seed_ofb.html
+usr/share/doc/openssl/html/man3/EVP_sha1.html
+usr/share/doc/openssl/html/man3/EVP_sha224.html
+usr/share/doc/openssl/html/man3/EVP_sha256.html
+usr/share/doc/openssl/html/man3/EVP_sha384.html
+usr/share/doc/openssl/html/man3/EVP_sha3_224.html
+usr/share/doc/openssl/html/man3/EVP_sha3_256.html
+usr/share/doc/openssl/html/man3/EVP_sha3_384.html
+usr/share/doc/openssl/html/man3/EVP_sha3_512.html
+usr/share/doc/openssl/html/man3/EVP_sha512.html
+usr/share/doc/openssl/html/man3/EVP_sha512_224.html
+usr/share/doc/openssl/html/man3/EVP_sha512_256.html
+usr/share/doc/openssl/html/man3/EVP_shake128.html
+usr/share/doc/openssl/html/man3/EVP_shake256.html
+usr/share/doc/openssl/html/man3/EVP_SignFinal.html
+usr/share/doc/openssl/html/man3/EVP_SignInit.html
+usr/share/doc/openssl/html/man3/EVP_SignInit_ex.html
+usr/share/doc/openssl/html/man3/EVP_SignUpdate.html
+usr/share/doc/openssl/html/man3/EVP_sm3.html
+usr/share/doc/openssl/html/man3/EVP_sm4_cbc.html
+usr/share/doc/openssl/html/man3/EVP_sm4_cfb.html
+usr/share/doc/openssl/html/man3/EVP_sm4_cfb128.html
+usr/share/doc/openssl/html/man3/EVP_sm4_ctr.html
+usr/share/doc/openssl/html/man3/EVP_sm4_ecb.html
+usr/share/doc/openssl/html/man3/EVP_sm4_ofb.html
+usr/share/doc/openssl/html/man3/EVP_VerifyFinal.html
+usr/share/doc/openssl/html/man3/EVP_VerifyInit.html
+usr/share/doc/openssl/html/man3/EVP_VerifyInit_ex.html
+usr/share/doc/openssl/html/man3/EVP_VerifyUpdate.html
+usr/share/doc/openssl/html/man3/EVP_whirlpool.html
+usr/share/doc/openssl/html/man3/EXTENDED_KEY_USAGE_free.html
+usr/share/doc/openssl/html/man3/EXTENDED_KEY_USAGE_new.html
+usr/share/doc/openssl/html/man3/GEN_SESSION_CB.html
+usr/share/doc/openssl/html/man3/GENERAL_NAME_dup.html
+usr/share/doc/openssl/html/man3/GENERAL_NAME_free.html
+usr/share/doc/openssl/html/man3/GENERAL_NAME_new.html
+usr/share/doc/openssl/html/man3/GENERAL_NAMES_free.html
+usr/share/doc/openssl/html/man3/GENERAL_NAMES_new.html
+usr/share/doc/openssl/html/man3/GENERAL_SUBTREE_free.html
+usr/share/doc/openssl/html/man3/GENERAL_SUBTREE_new.html
+usr/share/doc/openssl/html/man3/HMAC.html
+usr/share/doc/openssl/html/man3/HMAC_CTX_copy.html
+usr/share/doc/openssl/html/man3/HMAC_CTX_free.html
+usr/share/doc/openssl/html/man3/HMAC_CTX_get_md.html
+usr/share/doc/openssl/html/man3/HMAC_CTX_new.html
+usr/share/doc/openssl/html/man3/HMAC_CTX_reset.html
+usr/share/doc/openssl/html/man3/HMAC_CTX_set_flags.html
+usr/share/doc/openssl/html/man3/HMAC_Final.html
+usr/share/doc/openssl/html/man3/HMAC_Init.html
+usr/share/doc/openssl/html/man3/HMAC_Init_ex.html
+usr/share/doc/openssl/html/man3/HMAC_size.html
+usr/share/doc/openssl/html/man3/HMAC_Update.html
+usr/share/doc/openssl/html/man3/i2d_ACCESS_DESCRIPTION.html
+usr/share/doc/openssl/html/man3/i2d_ADMISSION_SYNTAX.html
+usr/share/doc/openssl/html/man3/i2d_ADMISSIONS.html
+usr/share/doc/openssl/html/man3/i2d_ASIdentifierChoice.html
+usr/share/doc/openssl/html/man3/i2d_ASIdentifiers.html
+usr/share/doc/openssl/html/man3/i2d_ASIdOrRange.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_bio_stream.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_BIT_STRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_BMPSTRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_ENUMERATED.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_GENERALIZEDTIME.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_GENERALSTRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_IA5STRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_INTEGER.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_NULL.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_OBJECT.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_OCTET_STRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_PRINTABLE.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_PRINTABLESTRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_SEQUENCE_ANY.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_SET_ANY.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_T61STRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_TIME.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_TYPE.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_UNIVERSALSTRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_UTCTIME.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_UTF8STRING.html
+usr/share/doc/openssl/html/man3/i2d_ASN1_VISIBLESTRING.html
+usr/share/doc/openssl/html/man3/i2d_ASRange.html
+usr/share/doc/openssl/html/man3/i2d_AUTHORITY_INFO_ACCESS.html
+usr/share/doc/openssl/html/man3/i2d_AUTHORITY_KEYID.html
+usr/share/doc/openssl/html/man3/i2d_BASIC_CONSTRAINTS.html
+usr/share/doc/openssl/html/man3/i2d_CERTIFICATEPOLICIES.html
+usr/share/doc/openssl/html/man3/i2d_CMS_bio.html
+usr/share/doc/openssl/html/man3/i2d_CMS_bio_stream.html
+usr/share/doc/openssl/html/man3/i2d_CMS_ContentInfo.html
+usr/share/doc/openssl/html/man3/i2d_CMS_ReceiptRequest.html
+usr/share/doc/openssl/html/man3/i2d_CRL_DIST_POINTS.html
+usr/share/doc/openssl/html/man3/i2d_DHparams.html
+usr/share/doc/openssl/html/man3/i2d_DHxparams.html
+usr/share/doc/openssl/html/man3/i2d_DIRECTORYSTRING.html
+usr/share/doc/openssl/html/man3/i2d_DISPLAYTEXT.html
+usr/share/doc/openssl/html/man3/i2d_DIST_POINT.html
+usr/share/doc/openssl/html/man3/i2d_DIST_POINT_NAME.html
+usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY_bio.html
+usr/share/doc/openssl/html/man3/i2d_DSA_PUBKEY_fp.html
+usr/share/doc/openssl/html/man3/i2d_DSA_SIG.html
+usr/share/doc/openssl/html/man3/i2d_DSAparams.html
+usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey.html
+usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey_bio.html
+usr/share/doc/openssl/html/man3/i2d_DSAPrivateKey_fp.html
+usr/share/doc/openssl/html/man3/i2d_DSAPublicKey.html
+usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY.html
+usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY_bio.html
+usr/share/doc/openssl/html/man3/i2d_EC_PUBKEY_fp.html
+usr/share/doc/openssl/html/man3/i2d_ECDSA_SIG.html
+usr/share/doc/openssl/html/man3/i2d_ECParameters.html
+usr/share/doc/openssl/html/man3/i2d_ECPKParameters.html
+usr/share/doc/openssl/html/man3/i2d_ECPrivateKey.html
+usr/share/doc/openssl/html/man3/i2d_ECPrivateKey_bio.html
+usr/share/doc/openssl/html/man3/i2d_ECPrivateKey_fp.html
+usr/share/doc/openssl/html/man3/i2d_EDIPARTYNAME.html
+usr/share/doc/openssl/html/man3/i2d_ESS_CERT_ID.html
+usr/share/doc/openssl/html/man3/i2d_ESS_ISSUER_SERIAL.html
+usr/share/doc/openssl/html/man3/i2d_ESS_SIGNING_CERT.html
+usr/share/doc/openssl/html/man3/i2d_EXTENDED_KEY_USAGE.html
+usr/share/doc/openssl/html/man3/i2d_GENERAL_NAME.html
+usr/share/doc/openssl/html/man3/i2d_GENERAL_NAMES.html
+usr/share/doc/openssl/html/man3/i2d_IPAddressChoice.html
+usr/share/doc/openssl/html/man3/i2d_IPAddressFamily.html
+usr/share/doc/openssl/html/man3/i2d_IPAddressOrRange.html
+usr/share/doc/openssl/html/man3/i2d_IPAddressRange.html
+usr/share/doc/openssl/html/man3/i2d_ISSUING_DIST_POINT.html
+usr/share/doc/openssl/html/man3/i2d_NAMING_AUTHORITY.html
+usr/share/doc/openssl/html/man3/i2d_NETSCAPE_CERT_SEQUENCE.html
+usr/share/doc/openssl/html/man3/i2d_NETSCAPE_SPKAC.html
+usr/share/doc/openssl/html/man3/i2d_NETSCAPE_SPKI.html
+usr/share/doc/openssl/html/man3/i2d_NOTICEREF.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_BASICRESP.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_CERTID.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_CERTSTATUS.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_CRLID.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_ONEREQ.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_REQINFO.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_REQUEST.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_RESPBYTES.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_RESPDATA.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_RESPID.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_RESPONSE.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_REVOKEDINFO.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_SERVICELOC.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_SIGNATURE.html
+usr/share/doc/openssl/html/man3/i2d_OCSP_SINGLERESP.html
+usr/share/doc/openssl/html/man3/i2d_OTHERNAME.html
+usr/share/doc/openssl/html/man3/i2d_PBE2PARAM.html
+usr/share/doc/openssl/html/man3/i2d_PBEPARAM.html
+usr/share/doc/openssl/html/man3/i2d_PBKDF2PARAM.html
+usr/share/doc/openssl/html/man3/i2d_PKCS12.html
+usr/share/doc/openssl/html/man3/i2d_PKCS12_BAGS.html
+usr/share/doc/openssl/html/man3/i2d_PKCS12_bio.html
+usr/share/doc/openssl/html/man3/i2d_PKCS12_fp.html
+usr/share/doc/openssl/html/man3/i2d_PKCS12_MAC_DATA.html
+usr/share/doc/openssl/html/man3/i2d_PKCS12_SAFEBAG.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_bio.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_bio_stream.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_DIGEST.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_ENC_CONTENT.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_ENCRYPT.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_ENVELOPE.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_fp.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_ISSUER_AND_SERIAL.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_NDEF.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_RECIP_INFO.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGN_ENVELOPE.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGNED.html
+usr/share/doc/openssl/html/man3/i2d_PKCS7_SIGNER_INFO.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8_bio.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8_fp.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO_bio.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8_PRIV_KEY_INFO_fp.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_bio.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_fp.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_nid_bio.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKey_nid_fp.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKeyInfo_bio.html
+usr/share/doc/openssl/html/man3/i2d_PKCS8PrivateKeyInfo_fp.html
+usr/share/doc/openssl/html/man3/i2d_PKEY_USAGE_PERIOD.html
+usr/share/doc/openssl/html/man3/i2d_POLICYINFO.html
+usr/share/doc/openssl/html/man3/i2d_POLICYQUALINFO.html
+usr/share/doc/openssl/html/man3/i2d_PrivateKey.html
+usr/share/doc/openssl/html/man3/i2d_PROFESSION_INFO.html
+usr/share/doc/openssl/html/man3/i2d_PROXY_CERT_INFO_EXTENSION.html
+usr/share/doc/openssl/html/man3/i2d_PROXY_POLICY.html
+usr/share/doc/openssl/html/man3/i2d_PUBKEY.html
+usr/share/doc/openssl/html/man3/i2d_PUBKEY_bio.html
+usr/share/doc/openssl/html/man3/i2d_PUBKEY_fp.html
+usr/share/doc/openssl/html/man3/i2d_PublicKey.html
+usr/share/doc/openssl/html/man3/i2d_re_X509_CRL_tbs.html
+usr/share/doc/openssl/html/man3/i2d_re_X509_REQ_tbs.html
+usr/share/doc/openssl/html/man3/i2d_re_X509_tbs.html
+usr/share/doc/openssl/html/man3/i2d_RSA_OAEP_PARAMS.html
+usr/share/doc/openssl/html/man3/i2d_RSA_PSS_PARAMS.html
+usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY_bio.html
+usr/share/doc/openssl/html/man3/i2d_RSA_PUBKEY_fp.html
+usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey.html
+usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey_bio.html
+usr/share/doc/openssl/html/man3/i2d_RSAPrivateKey_fp.html
+usr/share/doc/openssl/html/man3/i2d_RSAPublicKey.html
+usr/share/doc/openssl/html/man3/i2d_RSAPublicKey_bio.html
+usr/share/doc/openssl/html/man3/i2d_RSAPublicKey_fp.html
+usr/share/doc/openssl/html/man3/i2d_SCRYPT_PARAMS.html
+usr/share/doc/openssl/html/man3/i2d_SCT_LIST.html
+usr/share/doc/openssl/html/man3/i2d_SSL_SESSION.html
+usr/share/doc/openssl/html/man3/i2d_SXNET.html
+usr/share/doc/openssl/html/man3/i2d_SXNETID.html
+usr/share/doc/openssl/html/man3/i2d_TS_ACCURACY.html
+usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT.html
+usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT_bio.html
+usr/share/doc/openssl/html/man3/i2d_TS_MSG_IMPRINT_fp.html
+usr/share/doc/openssl/html/man3/i2d_TS_REQ.html
+usr/share/doc/openssl/html/man3/i2d_TS_REQ_bio.html
+usr/share/doc/openssl/html/man3/i2d_TS_REQ_fp.html
+usr/share/doc/openssl/html/man3/i2d_TS_RESP.html
+usr/share/doc/openssl/html/man3/i2d_TS_RESP_bio.html
+usr/share/doc/openssl/html/man3/i2d_TS_RESP_fp.html
+usr/share/doc/openssl/html/man3/i2d_TS_STATUS_INFO.html
+usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO.html
+usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO_bio.html
+usr/share/doc/openssl/html/man3/i2d_TS_TST_INFO_fp.html
+usr/share/doc/openssl/html/man3/i2d_USERNOTICE.html
+usr/share/doc/openssl/html/man3/i2d_X509.html
+usr/share/doc/openssl/html/man3/i2d_X509_ALGOR.html
+usr/share/doc/openssl/html/man3/i2d_X509_ALGORS.html
+usr/share/doc/openssl/html/man3/i2d_X509_ATTRIBUTE.html
+usr/share/doc/openssl/html/man3/i2d_X509_AUX.html
+usr/share/doc/openssl/html/man3/i2d_X509_CERT_AUX.html
+usr/share/doc/openssl/html/man3/i2d_X509_CINF.html
+usr/share/doc/openssl/html/man3/i2d_X509_CRL.html
+usr/share/doc/openssl/html/man3/i2d_X509_CRL_bio.html
+usr/share/doc/openssl/html/man3/i2d_X509_CRL_fp.html
+usr/share/doc/openssl/html/man3/i2d_X509_CRL_INFO.html
+usr/share/doc/openssl/html/man3/i2d_X509_EXTENSION.html
+usr/share/doc/openssl/html/man3/i2d_X509_EXTENSIONS.html
+usr/share/doc/openssl/html/man3/i2d_X509_NAME.html
+usr/share/doc/openssl/html/man3/i2d_X509_NAME_ENTRY.html
+usr/share/doc/openssl/html/man3/i2d_X509_PUBKEY.html
+usr/share/doc/openssl/html/man3/i2d_X509_REQ.html
+usr/share/doc/openssl/html/man3/i2d_X509_REQ_bio.html
+usr/share/doc/openssl/html/man3/i2d_X509_REQ_fp.html
+usr/share/doc/openssl/html/man3/i2d_X509_REQ_INFO.html
+usr/share/doc/openssl/html/man3/i2d_X509_REVOKED.html
+usr/share/doc/openssl/html/man3/i2d_X509_SIG.html
+usr/share/doc/openssl/html/man3/i2d_X509_VAL.html
+usr/share/doc/openssl/html/man3/i2o_SCT.html
+usr/share/doc/openssl/html/man3/i2o_SCT_LIST.html
+usr/share/doc/openssl/html/man3/i2t_ASN1_OBJECT.html
+usr/share/doc/openssl/html/man3/IMPLEMENT_ASN1_FUNCTIONS.html
+usr/share/doc/openssl/html/man3/IMPLEMENT_LHASH_COMP_FN.html
+usr/share/doc/openssl/html/man3/IMPLEMENT_LHASH_HASH_FN.html
+usr/share/doc/openssl/html/man3/IPAddressChoice_free.html
+usr/share/doc/openssl/html/man3/IPAddressChoice_new.html
+usr/share/doc/openssl/html/man3/IPAddressFamily_free.html
+usr/share/doc/openssl/html/man3/IPAddressFamily_new.html
+usr/share/doc/openssl/html/man3/IPAddressOrRange_free.html
+usr/share/doc/openssl/html/man3/IPAddressOrRange_new.html
+usr/share/doc/openssl/html/man3/IPAddressRange_free.html
+usr/share/doc/openssl/html/man3/IPAddressRange_new.html
+usr/share/doc/openssl/html/man3/ISSUING_DIST_POINT_free.html
+usr/share/doc/openssl/html/man3/ISSUING_DIST_POINT_new.html
+usr/share/doc/openssl/html/man3/lh_TYPE_delete.html
+usr/share/doc/openssl/html/man3/lh_TYPE_doall.html
+usr/share/doc/openssl/html/man3/lh_TYPE_doall_arg.html
+usr/share/doc/openssl/html/man3/lh_TYPE_error.html
+usr/share/doc/openssl/html/man3/lh_TYPE_free.html
+usr/share/doc/openssl/html/man3/lh_TYPE_insert.html
+usr/share/doc/openssl/html/man3/lh_TYPE_new.html
+usr/share/doc/openssl/html/man3/lh_TYPE_retrieve.html
+usr/share/doc/openssl/html/man3/LHASH.html
+usr/share/doc/openssl/html/man3/LHASH_DOALL_ARG_FN_TYPE.html
+usr/share/doc/openssl/html/man3/MD2.html
+usr/share/doc/openssl/html/man3/MD2_Final.html
+usr/share/doc/openssl/html/man3/MD2_Init.html
+usr/share/doc/openssl/html/man3/MD2_Update.html
+usr/share/doc/openssl/html/man3/MD4.html
+usr/share/doc/openssl/html/man3/MD4_Final.html
+usr/share/doc/openssl/html/man3/MD4_Init.html
+usr/share/doc/openssl/html/man3/MD4_Update.html
+usr/share/doc/openssl/html/man3/MD5.html
+usr/share/doc/openssl/html/man3/MD5_Final.html
+usr/share/doc/openssl/html/man3/MD5_Init.html
+usr/share/doc/openssl/html/man3/MD5_Update.html
+usr/share/doc/openssl/html/man3/MDC2.html
+usr/share/doc/openssl/html/man3/MDC2_Final.html
+usr/share/doc/openssl/html/man3/MDC2_Init.html
+usr/share/doc/openssl/html/man3/MDC2_Update.html
+usr/share/doc/openssl/html/man3/NAME_CONSTRAINTS_free.html
+usr/share/doc/openssl/html/man3/NAME_CONSTRAINTS_new.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_free.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityId.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityText.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_get0_authorityURL.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_new.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityId.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityText.html
+usr/share/doc/openssl/html/man3/NAMING_AUTHORITY_set0_authorityURL.html
+usr/share/doc/openssl/html/man3/NETSCAPE_CERT_SEQUENCE_free.html
+usr/share/doc/openssl/html/man3/NETSCAPE_CERT_SEQUENCE_new.html
+usr/share/doc/openssl/html/man3/NETSCAPE_SPKAC_free.html
+usr/share/doc/openssl/html/man3/NETSCAPE_SPKAC_new.html
+usr/share/doc/openssl/html/man3/NETSCAPE_SPKI_free.html
+usr/share/doc/openssl/html/man3/NETSCAPE_SPKI_new.html
+usr/share/doc/openssl/html/man3/NOTICEREF_free.html
+usr/share/doc/openssl/html/man3/NOTICEREF_new.html
+usr/share/doc/openssl/html/man3/o2i_SCT.html
+usr/share/doc/openssl/html/man3/o2i_SCT_LIST.html
+usr/share/doc/openssl/html/man3/OBJ_cleanup.html
+usr/share/doc/openssl/html/man3/OBJ_cmp.html
+usr/share/doc/openssl/html/man3/OBJ_create.html
+usr/share/doc/openssl/html/man3/OBJ_dup.html
+usr/share/doc/openssl/html/man3/OBJ_get0_data.html
+usr/share/doc/openssl/html/man3/OBJ_length.html
+usr/share/doc/openssl/html/man3/OBJ_ln2nid.html
+usr/share/doc/openssl/html/man3/OBJ_nid2ln.html
+usr/share/doc/openssl/html/man3/OBJ_nid2obj.html
+usr/share/doc/openssl/html/man3/OBJ_nid2sn.html
+usr/share/doc/openssl/html/man3/OBJ_obj2nid.html
+usr/share/doc/openssl/html/man3/OBJ_obj2txt.html
+usr/share/doc/openssl/html/man3/OBJ_sn2nid.html
+usr/share/doc/openssl/html/man3/OBJ_txt2nid.html
+usr/share/doc/openssl/html/man3/OBJ_txt2obj.html
+usr/share/doc/openssl/html/man3/OCSP_basic_add1_nonce.html
+usr/share/doc/openssl/html/man3/OCSP_basic_sign.html
+usr/share/doc/openssl/html/man3/OCSP_basic_sign_ctx.html
+usr/share/doc/openssl/html/man3/OCSP_basic_verify.html
+usr/share/doc/openssl/html/man3/OCSP_BASICRESP_free.html
+usr/share/doc/openssl/html/man3/OCSP_BASICRESP_new.html
+usr/share/doc/openssl/html/man3/OCSP_cert_id_new.html
+usr/share/doc/openssl/html/man3/OCSP_cert_to_id.html
+usr/share/doc/openssl/html/man3/OCSP_CERTID_dup.html
+usr/share/doc/openssl/html/man3/OCSP_CERTID_free.html
+usr/share/doc/openssl/html/man3/OCSP_CERTID_new.html
+usr/share/doc/openssl/html/man3/OCSP_CERTSTATUS_free.html
+usr/share/doc/openssl/html/man3/OCSP_CERTSTATUS_new.html
+usr/share/doc/openssl/html/man3/OCSP_check_nonce.html
+usr/share/doc/openssl/html/man3/OCSP_check_validity.html
+usr/share/doc/openssl/html/man3/OCSP_copy_nonce.html
+usr/share/doc/openssl/html/man3/OCSP_CRLID_free.html
+usr/share/doc/openssl/html/man3/OCSP_CRLID_new.html
+usr/share/doc/openssl/html/man3/OCSP_id_cmp.html
+usr/share/doc/openssl/html/man3/OCSP_id_get0_info.html
+usr/share/doc/openssl/html/man3/OCSP_id_issuer_cmp.html
+usr/share/doc/openssl/html/man3/OCSP_ONEREQ_free.html
+usr/share/doc/openssl/html/man3/OCSP_ONEREQ_new.html
+usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_add1_header.html
+usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_free.html
+usr/share/doc/openssl/html/man3/OCSP_REQ_CTX_set1_req.html
+usr/share/doc/openssl/html/man3/OCSP_REQINFO_free.html
+usr/share/doc/openssl/html/man3/OCSP_REQINFO_new.html
+usr/share/doc/openssl/html/man3/OCSP_request_add0_id.html
+usr/share/doc/openssl/html/man3/OCSP_request_add1_cert.html
+usr/share/doc/openssl/html/man3/OCSP_request_add1_nonce.html
+usr/share/doc/openssl/html/man3/OCSP_REQUEST_free.html
+usr/share/doc/openssl/html/man3/OCSP_REQUEST_new.html
+usr/share/doc/openssl/html/man3/OCSP_request_onereq_count.html
+usr/share/doc/openssl/html/man3/OCSP_request_onereq_get0.html
+usr/share/doc/openssl/html/man3/OCSP_request_sign.html
+usr/share/doc/openssl/html/man3/OCSP_resp_count.html
+usr/share/doc/openssl/html/man3/OCSP_resp_find.html
+usr/share/doc/openssl/html/man3/OCSP_resp_find_status.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get0.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get0_certs.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get0_id.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get0_produced_at.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get0_respdata.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get0_signature.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get0_signer.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get0_tbs_sigalg.html
+usr/share/doc/openssl/html/man3/OCSP_resp_get1_id.html
+usr/share/doc/openssl/html/man3/OCSP_RESPBYTES_free.html
+usr/share/doc/openssl/html/man3/OCSP_RESPBYTES_new.html
+usr/share/doc/openssl/html/man3/OCSP_RESPDATA_free.html
+usr/share/doc/openssl/html/man3/OCSP_RESPDATA_new.html
+usr/share/doc/openssl/html/man3/OCSP_RESPID_free.html
+usr/share/doc/openssl/html/man3/OCSP_RESPID_match.html
+usr/share/doc/openssl/html/man3/OCSP_RESPID_new.html
+usr/share/doc/openssl/html/man3/OCSP_RESPID_set_by_key.html
+usr/share/doc/openssl/html/man3/OCSP_RESPID_set_by_name.html
+usr/share/doc/openssl/html/man3/OCSP_response_create.html
+usr/share/doc/openssl/html/man3/OCSP_RESPONSE_free.html
+usr/share/doc/openssl/html/man3/OCSP_response_get1_basic.html
+usr/share/doc/openssl/html/man3/OCSP_RESPONSE_new.html
+usr/share/doc/openssl/html/man3/OCSP_response_status.html
+usr/share/doc/openssl/html/man3/OCSP_REVOKEDINFO_free.html
+usr/share/doc/openssl/html/man3/OCSP_REVOKEDINFO_new.html
+usr/share/doc/openssl/html/man3/OCSP_sendreq_bio.html
+usr/share/doc/openssl/html/man3/OCSP_sendreq_nbio.html
+usr/share/doc/openssl/html/man3/OCSP_sendreq_new.html
+usr/share/doc/openssl/html/man3/OCSP_SERVICELOC_free.html
+usr/share/doc/openssl/html/man3/OCSP_SERVICELOC_new.html
+usr/share/doc/openssl/html/man3/OCSP_set_max_response_length.html
+usr/share/doc/openssl/html/man3/OCSP_SIGNATURE_free.html
+usr/share/doc/openssl/html/man3/OCSP_SIGNATURE_new.html
+usr/share/doc/openssl/html/man3/OCSP_single_get0_status.html
+usr/share/doc/openssl/html/man3/OCSP_SINGLERESP_free.html
+usr/share/doc/openssl/html/man3/OCSP_SINGLERESP_new.html
+usr/share/doc/openssl/html/man3/OpenSSL_add_all_algorithms.html
+usr/share/doc/openssl/html/man3/OpenSSL_add_all_ciphers.html
+usr/share/doc/openssl/html/man3/OpenSSL_add_all_digests.html
+usr/share/doc/openssl/html/man3/OpenSSL_add_ssl_algorithms.html
+usr/share/doc/openssl/html/man3/OPENSSL_Applink.html
+usr/share/doc/openssl/html/man3/OPENSSL_atexit.html
+usr/share/doc/openssl/html/man3/OPENSSL_buf2hexstr.html
+usr/share/doc/openssl/html/man3/OPENSSL_cipher_name.html
+usr/share/doc/openssl/html/man3/OPENSSL_cleanse.html
+usr/share/doc/openssl/html/man3/OPENSSL_cleanup.html
+usr/share/doc/openssl/html/man3/OPENSSL_clear_free.html
+usr/share/doc/openssl/html/man3/OPENSSL_clear_realloc.html
+usr/share/doc/openssl/html/man3/OPENSSL_config.html
+usr/share/doc/openssl/html/man3/OPENSSL_fork_child.html
+usr/share/doc/openssl/html/man3/OPENSSL_fork_parent.html
+usr/share/doc/openssl/html/man3/OPENSSL_fork_prepare.html
+usr/share/doc/openssl/html/man3/OPENSSL_free.html
+usr/share/doc/openssl/html/man3/OPENSSL_hexchar2int.html
+usr/share/doc/openssl/html/man3/OPENSSL_hexstr2buf.html
+usr/share/doc/openssl/html/man3/OPENSSL_ia32cap.html
+usr/share/doc/openssl/html/man3/OPENSSL_init_crypto.html
+usr/share/doc/openssl/html/man3/OPENSSL_INIT_free.html
+usr/share/doc/openssl/html/man3/OPENSSL_INIT_new.html
+usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_appname.html
+usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_file_flags.html
+usr/share/doc/openssl/html/man3/OPENSSL_INIT_set_config_filename.html
+usr/share/doc/openssl/html/man3/OPENSSL_init_ssl.html
+usr/share/doc/openssl/html/man3/OPENSSL_instrument_bus.html
+usr/share/doc/openssl/html/man3/OPENSSL_instrument_bus2.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_COMPFUNC.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_DOALL_FUNC.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_HASHFUNC.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_node_stats.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_node_stats_bio.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_node_usage_stats.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_node_usage_stats_bio.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_stats.html
+usr/share/doc/openssl/html/man3/OPENSSL_LH_stats_bio.html
+usr/share/doc/openssl/html/man3/OPENSSL_load_builtin_modules.html
+usr/share/doc/openssl/html/man3/OPENSSL_malloc.html
+usr/share/doc/openssl/html/man3/OPENSSL_MALLOC_FAILURES.html
+usr/share/doc/openssl/html/man3/OPENSSL_MALLOC_FD.html
+usr/share/doc/openssl/html/man3/OPENSSL_malloc_init.html
+usr/share/doc/openssl/html/man3/OPENSSL_mem_debug_pop.html
+usr/share/doc/openssl/html/man3/OPENSSL_mem_debug_push.html
+usr/share/doc/openssl/html/man3/OPENSSL_memdup.html
+usr/share/doc/openssl/html/man3/OPENSSL_no_config.html
+usr/share/doc/openssl/html/man3/OPENSSL_realloc.html
+usr/share/doc/openssl/html/man3/OPENSSL_secure_actual_size.html
+usr/share/doc/openssl/html/man3/OPENSSL_secure_clear_free.html
+usr/share/doc/openssl/html/man3/OPENSSL_secure_free.html
+usr/share/doc/openssl/html/man3/OPENSSL_secure_malloc.html
+usr/share/doc/openssl/html/man3/OPENSSL_secure_zalloc.html
+usr/share/doc/openssl/html/man3/OPENSSL_strdup.html
+usr/share/doc/openssl/html/man3/OPENSSL_strlcat.html
+usr/share/doc/openssl/html/man3/OPENSSL_strlcpy.html
+usr/share/doc/openssl/html/man3/OPENSSL_strndup.html
+usr/share/doc/openssl/html/man3/OPENSSL_thread_stop.html
+usr/share/doc/openssl/html/man3/OpenSSL_version.html
+usr/share/doc/openssl/html/man3/OpenSSL_version_num.html
+usr/share/doc/openssl/html/man3/OPENSSL_VERSION_NUMBER.html
+usr/share/doc/openssl/html/man3/OPENSSL_VERSION_TEXT.html
+usr/share/doc/openssl/html/man3/OPENSSL_zalloc.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_close.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_close_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_ctrl.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_ctrl_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_CTX.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_eof.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_eof_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_error.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_error_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_expect.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_expect_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_find.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_find_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_free.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_CERT.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_CRL.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_NAME.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_NAME_description.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_PARAMS.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get0_PKEY.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_CERT.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_CRL.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_NAME.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_NAME_description.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_PARAMS.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get1_PKEY.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_get_type.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_CERT.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_CRL.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_NAME.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_PARAMS.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_new_PKEY.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_set0_NAME_description.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_INFO_type_string.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_load.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_load_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_CTX.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_free.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_get0_engine.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_get0_scheme.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_new.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_close.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_ctrl.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_eof.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_error.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_expect.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_find.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_load.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_LOADER_set_open.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_open.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_open_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_post_process_info_fn.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_register_loader.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_alias.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_issuer_serial.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_key_fingerprint.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_by_name.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_free.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_bytes.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_digest.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_name.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_serial.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get0_string.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_SEARCH_get_type.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_supports_search.html
+usr/share/doc/openssl/html/man3/OSSL_STORE_unregister_loader.html
+usr/share/doc/openssl/html/man3/OTHERNAME_free.html
+usr/share/doc/openssl/html/man3/OTHERNAME_new.html
+usr/share/doc/openssl/html/man3/PBE2PARAM_free.html
+usr/share/doc/openssl/html/man3/PBE2PARAM_new.html
+usr/share/doc/openssl/html/man3/PBEPARAM_free.html
+usr/share/doc/openssl/html/man3/PBEPARAM_new.html
+usr/share/doc/openssl/html/man3/PBKDF2PARAM_free.html
+usr/share/doc/openssl/html/man3/PBKDF2PARAM_new.html
+usr/share/doc/openssl/html/man3/PEM_bytes_read_bio.html
+usr/share/doc/openssl/html/man3/PEM_bytes_read_bio_secmem.html
+usr/share/doc/openssl/html/man3/PEM_do_header.html
+usr/share/doc/openssl/html/man3/PEM_FLAG_EAY_COMPATIBLE.html
+usr/share/doc/openssl/html/man3/PEM_FLAG_ONLY_B64.html
+usr/share/doc/openssl/html/man3/PEM_FLAG_SECURE.html
+usr/share/doc/openssl/html/man3/PEM_get_EVP_CIPHER_INFO.html
+usr/share/doc/openssl/html/man3/pem_password_cb.html
+usr/share/doc/openssl/html/man3/PEM_read.html
+usr/share/doc/openssl/html/man3/PEM_read_bio.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_CMS.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_DHparams.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_DSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_DSAparams.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_DSAPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_EC_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_ECPKParameters.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_ex.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_NETSCAPE_CERT_SEQUENCE.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS7.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS8.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_PrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_RSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_RSAPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_RSAPublicKey.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_SSL_SESSION.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_X509.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_X509_AUX.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_X509_CRL.html
+usr/share/doc/openssl/html/man3/PEM_read_bio_X509_REQ.html
+usr/share/doc/openssl/html/man3/PEM_read_CMS.html
+usr/share/doc/openssl/html/man3/PEM_read_DHparams.html
+usr/share/doc/openssl/html/man3/PEM_read_DSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_read_DSAparams.html
+usr/share/doc/openssl/html/man3/PEM_read_DSAPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_read_EC_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_read_ECPKParameters.html
+usr/share/doc/openssl/html/man3/PEM_read_ECPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_read_NETSCAPE_CERT_SEQUENCE.html
+usr/share/doc/openssl/html/man3/PEM_read_PKCS7.html
+usr/share/doc/openssl/html/man3/PEM_read_PKCS8.html
+usr/share/doc/openssl/html/man3/PEM_read_PKCS8_PRIV_KEY_INFO.html
+usr/share/doc/openssl/html/man3/PEM_read_PrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_read_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_read_RSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_read_RSAPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_read_RSAPublicKey.html
+usr/share/doc/openssl/html/man3/PEM_read_SSL_SESSION.html
+usr/share/doc/openssl/html/man3/PEM_read_X509.html
+usr/share/doc/openssl/html/man3/PEM_read_X509_AUX.html
+usr/share/doc/openssl/html/man3/PEM_read_X509_CRL.html
+usr/share/doc/openssl/html/man3/PEM_read_X509_REQ.html
+usr/share/doc/openssl/html/man3/PEM_write.html
+usr/share/doc/openssl/html/man3/PEM_write_bio.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_CMS.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_CMS_stream.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_DHparams.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_DHxparams.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_DSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_DSAparams.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_DSAPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_EC_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_ECPKParameters.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_ECPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_NETSCAPE_CERT_SEQUENCE.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS7.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS7_stream.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8PrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PKCS8PrivateKey_nid.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PrivateKey_traditional.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_RSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_RSAPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_RSAPublicKey.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_SSL_SESSION.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_X509.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_X509_AUX.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_X509_CRL.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_X509_REQ.html
+usr/share/doc/openssl/html/man3/PEM_write_bio_X509_REQ_NEW.html
+usr/share/doc/openssl/html/man3/PEM_write_CMS.html
+usr/share/doc/openssl/html/man3/PEM_write_DHparams.html
+usr/share/doc/openssl/html/man3/PEM_write_DHxparams.html
+usr/share/doc/openssl/html/man3/PEM_write_DSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_write_DSAparams.html
+usr/share/doc/openssl/html/man3/PEM_write_DSAPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_EC_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_write_ECPKParameters.html
+usr/share/doc/openssl/html/man3/PEM_write_ECPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_NETSCAPE_CERT_SEQUENCE.html
+usr/share/doc/openssl/html/man3/PEM_write_PKCS7.html
+usr/share/doc/openssl/html/man3/PEM_write_PKCS8.html
+usr/share/doc/openssl/html/man3/PEM_write_PKCS8_PRIV_KEY_INFO.html
+usr/share/doc/openssl/html/man3/PEM_write_PKCS8PrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_PKCS8PrivateKey_nid.html
+usr/share/doc/openssl/html/man3/PEM_write_PrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_write_RSA_PUBKEY.html
+usr/share/doc/openssl/html/man3/PEM_write_RSAPrivateKey.html
+usr/share/doc/openssl/html/man3/PEM_write_RSAPublicKey.html
+usr/share/doc/openssl/html/man3/PEM_write_SSL_SESSION.html
+usr/share/doc/openssl/html/man3/PEM_write_X509.html
+usr/share/doc/openssl/html/man3/PEM_write_X509_AUX.html
+usr/share/doc/openssl/html/man3/PEM_write_X509_CRL.html
+usr/share/doc/openssl/html/man3/PEM_write_X509_REQ.html
+usr/share/doc/openssl/html/man3/PEM_write_X509_REQ_NEW.html
+usr/share/doc/openssl/html/man3/PKCS12_BAGS_free.html
+usr/share/doc/openssl/html/man3/PKCS12_BAGS_new.html
+usr/share/doc/openssl/html/man3/PKCS12_create.html
+usr/share/doc/openssl/html/man3/PKCS12_free.html
+usr/share/doc/openssl/html/man3/PKCS12_MAC_DATA_free.html
+usr/share/doc/openssl/html/man3/PKCS12_MAC_DATA_new.html
+usr/share/doc/openssl/html/man3/PKCS12_new.html
+usr/share/doc/openssl/html/man3/PKCS12_newpass.html
+usr/share/doc/openssl/html/man3/PKCS12_parse.html
+usr/share/doc/openssl/html/man3/PKCS12_SAFEBAG_free.html
+usr/share/doc/openssl/html/man3/PKCS12_SAFEBAG_new.html
+usr/share/doc/openssl/html/man3/PKCS5_PBKDF2_HMAC.html
+usr/share/doc/openssl/html/man3/PKCS5_PBKDF2_HMAC_SHA1.html
+usr/share/doc/openssl/html/man3/PKCS7_decrypt.html
+usr/share/doc/openssl/html/man3/PKCS7_DIGEST_free.html
+usr/share/doc/openssl/html/man3/PKCS7_DIGEST_new.html
+usr/share/doc/openssl/html/man3/PKCS7_dup.html
+usr/share/doc/openssl/html/man3/PKCS7_ENC_CONTENT_free.html
+usr/share/doc/openssl/html/man3/PKCS7_ENC_CONTENT_new.html
+usr/share/doc/openssl/html/man3/PKCS7_encrypt.html
+usr/share/doc/openssl/html/man3/PKCS7_ENCRYPT_free.html
+usr/share/doc/openssl/html/man3/PKCS7_ENCRYPT_new.html
+usr/share/doc/openssl/html/man3/PKCS7_ENVELOPE_free.html
+usr/share/doc/openssl/html/man3/PKCS7_ENVELOPE_new.html
+usr/share/doc/openssl/html/man3/PKCS7_free.html
+usr/share/doc/openssl/html/man3/PKCS7_get0_signers.html
+usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_digest.html
+usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_free.html
+usr/share/doc/openssl/html/man3/PKCS7_ISSUER_AND_SERIAL_new.html
+usr/share/doc/openssl/html/man3/PKCS7_new.html
+usr/share/doc/openssl/html/man3/PKCS7_print_ctx.html
+usr/share/doc/openssl/html/man3/PKCS7_RECIP_INFO_free.html
+usr/share/doc/openssl/html/man3/PKCS7_RECIP_INFO_new.html
+usr/share/doc/openssl/html/man3/PKCS7_sign.html
+usr/share/doc/openssl/html/man3/PKCS7_sign_add_signer.html
+usr/share/doc/openssl/html/man3/PKCS7_SIGN_ENVELOPE_free.html
+usr/share/doc/openssl/html/man3/PKCS7_SIGN_ENVELOPE_new.html
+usr/share/doc/openssl/html/man3/PKCS7_SIGNED_free.html
+usr/share/doc/openssl/html/man3/PKCS7_SIGNED_new.html
+usr/share/doc/openssl/html/man3/PKCS7_SIGNER_INFO_free.html
+usr/share/doc/openssl/html/man3/PKCS7_SIGNER_INFO_new.html
+usr/share/doc/openssl/html/man3/PKCS7_verify.html
+usr/share/doc/openssl/html/man3/PKCS8_PRIV_KEY_INFO_free.html
+usr/share/doc/openssl/html/man3/PKCS8_PRIV_KEY_INFO_new.html
+usr/share/doc/openssl/html/man3/PKEY_USAGE_PERIOD_free.html
+usr/share/doc/openssl/html/man3/PKEY_USAGE_PERIOD_new.html
+usr/share/doc/openssl/html/man3/POLICY_CONSTRAINTS_free.html
+usr/share/doc/openssl/html/man3/POLICY_CONSTRAINTS_new.html
+usr/share/doc/openssl/html/man3/POLICY_MAPPING_free.html
+usr/share/doc/openssl/html/man3/POLICY_MAPPING_new.html
+usr/share/doc/openssl/html/man3/POLICYINFO_free.html
+usr/share/doc/openssl/html/man3/POLICYINFO_new.html
+usr/share/doc/openssl/html/man3/POLICYQUALINFO_free.html
+usr/share/doc/openssl/html/man3/POLICYQUALINFO_new.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_free.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_addProfessionInfo.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_namingAuthority.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_professionItems.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_professionOIDs.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_get0_registrationNumber.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_new.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_addProfessionInfo.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_namingAuthority.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_professionItems.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_professionOIDs.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFO_set0_registrationNumber.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFOS.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFOS_free.html
+usr/share/doc/openssl/html/man3/PROFESSION_INFOS_new.html
+usr/share/doc/openssl/html/man3/PROXY_CERT_INFO_EXTENSION_free.html
+usr/share/doc/openssl/html/man3/PROXY_CERT_INFO_EXTENSION_new.html
+usr/share/doc/openssl/html/man3/PROXY_POLICY_free.html
+usr/share/doc/openssl/html/man3/PROXY_POLICY_new.html
+usr/share/doc/openssl/html/man3/RAND_add.html
+usr/share/doc/openssl/html/man3/RAND_bytes.html
+usr/share/doc/openssl/html/man3/RAND_cleanup.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_bytes.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_cleanup_entropy_fn.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_cleanup_nonce_fn.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_free.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_generate.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_get0_master.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_get0_private.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_get0_public.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_get_entropy_fn.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_get_ex_data.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_get_nonce_fn.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_instantiate.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_new.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_reseed.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_secure_new.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_set.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_set_callbacks.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_set_defaults.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_set_ex_data.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_defaults.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_interval.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_set_reseed_time_interval.html
+usr/share/doc/openssl/html/man3/RAND_DRBG_uninstantiate.html
+usr/share/doc/openssl/html/man3/RAND_egd.html
+usr/share/doc/openssl/html/man3/RAND_egd_bytes.html
+usr/share/doc/openssl/html/man3/RAND_event.html
+usr/share/doc/openssl/html/man3/RAND_file_name.html
+usr/share/doc/openssl/html/man3/RAND_get_rand_method.html
+usr/share/doc/openssl/html/man3/RAND_keep_random_devices_open.html
+usr/share/doc/openssl/html/man3/RAND_load_file.html
+usr/share/doc/openssl/html/man3/RAND_OpenSSL.html
+usr/share/doc/openssl/html/man3/RAND_poll.html
+usr/share/doc/openssl/html/man3/RAND_priv_bytes.html
+usr/share/doc/openssl/html/man3/RAND_pseudo_bytes.html
+usr/share/doc/openssl/html/man3/RAND_query_egd_bytes.html
+usr/share/doc/openssl/html/man3/RAND_screen.html
+usr/share/doc/openssl/html/man3/RAND_seed.html
+usr/share/doc/openssl/html/man3/RAND_set_rand_method.html
+usr/share/doc/openssl/html/man3/RAND_status.html
+usr/share/doc/openssl/html/man3/RAND_write_file.html
+usr/share/doc/openssl/html/man3/RC4.html
+usr/share/doc/openssl/html/man3/RC4_set_key.html
+usr/share/doc/openssl/html/man3/RIPEMD160.html
+usr/share/doc/openssl/html/man3/RIPEMD160_Final.html
+usr/share/doc/openssl/html/man3/RIPEMD160_Init.html
+usr/share/doc/openssl/html/man3/RIPEMD160_Update.html
+usr/share/doc/openssl/html/man3/RSA_bits.html
+usr/share/doc/openssl/html/man3/RSA_blinding_off.html
+usr/share/doc/openssl/html/man3/RSA_blinding_on.html
+usr/share/doc/openssl/html/man3/RSA_check_key.html
+usr/share/doc/openssl/html/man3/RSA_check_key_ex.html
+usr/share/doc/openssl/html/man3/RSA_clear_flags.html
+usr/share/doc/openssl/html/man3/RSA_flags.html
+usr/share/doc/openssl/html/man3/RSA_free.html
+usr/share/doc/openssl/html/man3/RSA_generate_key.html
+usr/share/doc/openssl/html/man3/RSA_generate_key_ex.html
+usr/share/doc/openssl/html/man3/RSA_generate_multi_prime_key.html
+usr/share/doc/openssl/html/man3/RSA_get0_crt_params.html
+usr/share/doc/openssl/html/man3/RSA_get0_d.html
+usr/share/doc/openssl/html/man3/RSA_get0_dmp1.html
+usr/share/doc/openssl/html/man3/RSA_get0_dmq1.html
+usr/share/doc/openssl/html/man3/RSA_get0_e.html
+usr/share/doc/openssl/html/man3/RSA_get0_engine.html
+usr/share/doc/openssl/html/man3/RSA_get0_factors.html
+usr/share/doc/openssl/html/man3/RSA_get0_iqmp.html
+usr/share/doc/openssl/html/man3/RSA_get0_key.html
+usr/share/doc/openssl/html/man3/RSA_get0_multi_prime_crt_params.html
+usr/share/doc/openssl/html/man3/RSA_get0_multi_prime_factors.html
+usr/share/doc/openssl/html/man3/RSA_get0_n.html
+usr/share/doc/openssl/html/man3/RSA_get0_p.html
+usr/share/doc/openssl/html/man3/RSA_get0_q.html
+usr/share/doc/openssl/html/man3/RSA_get_default_method.html
+usr/share/doc/openssl/html/man3/RSA_get_ex_data.html
+usr/share/doc/openssl/html/man3/RSA_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/RSA_get_method.html
+usr/share/doc/openssl/html/man3/RSA_get_multi_prime_extra_count.html
+usr/share/doc/openssl/html/man3/RSA_get_version.html
+usr/share/doc/openssl/html/man3/RSA_meth_dup.html
+usr/share/doc/openssl/html/man3/RSA_meth_free.html
+usr/share/doc/openssl/html/man3/RSA_meth_get0_app_data.html
+usr/share/doc/openssl/html/man3/RSA_meth_get0_name.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_bn_mod_exp.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_finish.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_flags.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_init.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_keygen.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_mod_exp.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_multi_prime_keygen.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_priv_dec.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_priv_enc.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_pub_dec.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_pub_enc.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_sign.html
+usr/share/doc/openssl/html/man3/RSA_meth_get_verify.html
+usr/share/doc/openssl/html/man3/RSA_meth_new.html
+usr/share/doc/openssl/html/man3/RSA_meth_set0_app_data.html
+usr/share/doc/openssl/html/man3/RSA_meth_set1_name.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_bn_mod_exp.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_finish.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_flags.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_init.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_keygen.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_mod_exp.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_multi_prime_keygen.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_priv_dec.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_priv_enc.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_pub_dec.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_pub_enc.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_sign.html
+usr/share/doc/openssl/html/man3/RSA_meth_set_verify.html
+usr/share/doc/openssl/html/man3/RSA_new.html
+usr/share/doc/openssl/html/man3/RSA_new_method.html
+usr/share/doc/openssl/html/man3/RSA_OAEP_PARAMS_free.html
+usr/share/doc/openssl/html/man3/RSA_OAEP_PARAMS_new.html
+usr/share/doc/openssl/html/man3/RSA_padding_add_none.html
+usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_OAEP.html
+usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_type_1.html
+usr/share/doc/openssl/html/man3/RSA_padding_add_PKCS1_type_2.html
+usr/share/doc/openssl/html/man3/RSA_padding_add_SSLv23.html
+usr/share/doc/openssl/html/man3/RSA_padding_check_none.html
+usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_OAEP.html
+usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_type_1.html
+usr/share/doc/openssl/html/man3/RSA_padding_check_PKCS1_type_2.html
+usr/share/doc/openssl/html/man3/RSA_padding_check_SSLv23.html
+usr/share/doc/openssl/html/man3/RSA_PKCS1_OpenSSL.html
+usr/share/doc/openssl/html/man3/RSA_print.html
+usr/share/doc/openssl/html/man3/RSA_print_fp.html
+usr/share/doc/openssl/html/man3/RSA_private_decrypt.html
+usr/share/doc/openssl/html/man3/RSA_private_encrypt.html
+usr/share/doc/openssl/html/man3/RSA_PSS_PARAMS_free.html
+usr/share/doc/openssl/html/man3/RSA_PSS_PARAMS_new.html
+usr/share/doc/openssl/html/man3/RSA_public_decrypt.html
+usr/share/doc/openssl/html/man3/RSA_public_encrypt.html
+usr/share/doc/openssl/html/man3/RSA_security_bits.html
+usr/share/doc/openssl/html/man3/RSA_set0_crt_params.html
+usr/share/doc/openssl/html/man3/RSA_set0_factors.html
+usr/share/doc/openssl/html/man3/RSA_set0_key.html
+usr/share/doc/openssl/html/man3/RSA_set0_multi_prime_params.html
+usr/share/doc/openssl/html/man3/RSA_set_default_method.html
+usr/share/doc/openssl/html/man3/RSA_set_ex_data.html
+usr/share/doc/openssl/html/man3/RSA_set_flags.html
+usr/share/doc/openssl/html/man3/RSA_set_method.html
+usr/share/doc/openssl/html/man3/RSA_sign.html
+usr/share/doc/openssl/html/man3/RSA_sign_ASN1_OCTET_STRING.html
+usr/share/doc/openssl/html/man3/RSA_size.html
+usr/share/doc/openssl/html/man3/RSA_test_flags.html
+usr/share/doc/openssl/html/man3/RSA_verify.html
+usr/share/doc/openssl/html/man3/RSA_verify_ASN1_OCTET_STRING.html
+usr/share/doc/openssl/html/man3/RSAPrivateKey_dup.html
+usr/share/doc/openssl/html/man3/RSAPublicKey_dup.html
+usr/share/doc/openssl/html/man3/SCRYPT_PARAMS_free.html
+usr/share/doc/openssl/html/man3/SCRYPT_PARAMS_new.html
+usr/share/doc/openssl/html/man3/SCT_free.html
+usr/share/doc/openssl/html/man3/SCT_get0_extensions.html
+usr/share/doc/openssl/html/man3/SCT_get0_log_id.html
+usr/share/doc/openssl/html/man3/SCT_get0_signature.html
+usr/share/doc/openssl/html/man3/SCT_get_log_entry_type.html
+usr/share/doc/openssl/html/man3/SCT_get_signature_nid.html
+usr/share/doc/openssl/html/man3/SCT_get_source.html
+usr/share/doc/openssl/html/man3/SCT_get_timestamp.html
+usr/share/doc/openssl/html/man3/SCT_get_validation_status.html
+usr/share/doc/openssl/html/man3/SCT_get_version.html
+usr/share/doc/openssl/html/man3/SCT_LIST_free.html
+usr/share/doc/openssl/html/man3/SCT_LIST_print.html
+usr/share/doc/openssl/html/man3/SCT_LIST_validate.html
+usr/share/doc/openssl/html/man3/SCT_new.html
+usr/share/doc/openssl/html/man3/SCT_new_from_base64.html
+usr/share/doc/openssl/html/man3/SCT_print.html
+usr/share/doc/openssl/html/man3/SCT_set0_extensions.html
+usr/share/doc/openssl/html/man3/SCT_set0_log_id.html
+usr/share/doc/openssl/html/man3/SCT_set0_signature.html
+usr/share/doc/openssl/html/man3/SCT_set1_extensions.html
+usr/share/doc/openssl/html/man3/SCT_set1_log_id.html
+usr/share/doc/openssl/html/man3/SCT_set1_signature.html
+usr/share/doc/openssl/html/man3/SCT_set_log_entry_type.html
+usr/share/doc/openssl/html/man3/SCT_set_signature_nid.html
+usr/share/doc/openssl/html/man3/SCT_set_source.html
+usr/share/doc/openssl/html/man3/SCT_set_timestamp.html
+usr/share/doc/openssl/html/man3/SCT_set_version.html
+usr/share/doc/openssl/html/man3/SCT_validate.html
+usr/share/doc/openssl/html/man3/SCT_validation_status_string.html
+usr/share/doc/openssl/html/man3/SHA1.html
+usr/share/doc/openssl/html/man3/SHA1_Final.html
+usr/share/doc/openssl/html/man3/SHA1_Init.html
+usr/share/doc/openssl/html/man3/SHA1_Update.html
+usr/share/doc/openssl/html/man3/SHA224.html
+usr/share/doc/openssl/html/man3/SHA224_Final.html
+usr/share/doc/openssl/html/man3/SHA224_Init.html
+usr/share/doc/openssl/html/man3/SHA224_Update.html
+usr/share/doc/openssl/html/man3/SHA256.html
+usr/share/doc/openssl/html/man3/SHA256_Final.html
+usr/share/doc/openssl/html/man3/SHA256_Init.html
+usr/share/doc/openssl/html/man3/SHA256_Update.html
+usr/share/doc/openssl/html/man3/SHA384.html
+usr/share/doc/openssl/html/man3/SHA384_Final.html
+usr/share/doc/openssl/html/man3/SHA384_Init.html
+usr/share/doc/openssl/html/man3/SHA384_Update.html
+usr/share/doc/openssl/html/man3/SHA512.html
+usr/share/doc/openssl/html/man3/SHA512_Final.html
+usr/share/doc/openssl/html/man3/SHA512_Init.html
+usr/share/doc/openssl/html/man3/SHA512_Update.html
+usr/share/doc/openssl/html/man3/sk_TYPE_deep_copy.html
+usr/share/doc/openssl/html/man3/sk_TYPE_delete.html
+usr/share/doc/openssl/html/man3/sk_TYPE_delete_ptr.html
+usr/share/doc/openssl/html/man3/sk_TYPE_dup.html
+usr/share/doc/openssl/html/man3/sk_TYPE_find.html
+usr/share/doc/openssl/html/man3/sk_TYPE_find_ex.html
+usr/share/doc/openssl/html/man3/sk_TYPE_free.html
+usr/share/doc/openssl/html/man3/sk_TYPE_insert.html
+usr/share/doc/openssl/html/man3/sk_TYPE_is_sorted.html
+usr/share/doc/openssl/html/man3/sk_TYPE_new.html
+usr/share/doc/openssl/html/man3/sk_TYPE_new_null.html
+usr/share/doc/openssl/html/man3/sk_TYPE_new_reserve.html
+usr/share/doc/openssl/html/man3/sk_TYPE_num.html
+usr/share/doc/openssl/html/man3/sk_TYPE_pop.html
+usr/share/doc/openssl/html/man3/sk_TYPE_pop_free.html
+usr/share/doc/openssl/html/man3/sk_TYPE_push.html
+usr/share/doc/openssl/html/man3/sk_TYPE_reserve.html
+usr/share/doc/openssl/html/man3/sk_TYPE_set.html
+usr/share/doc/openssl/html/man3/sk_TYPE_set_cmp_func.html
+usr/share/doc/openssl/html/man3/sk_TYPE_shift.html
+usr/share/doc/openssl/html/man3/sk_TYPE_sort.html
+usr/share/doc/openssl/html/man3/sk_TYPE_unshift.html
+usr/share/doc/openssl/html/man3/sk_TYPE_value.html
+usr/share/doc/openssl/html/man3/sk_TYPE_zero.html
+usr/share/doc/openssl/html/man3/SMIME_read_CMS.html
+usr/share/doc/openssl/html/man3/SMIME_read_PKCS7.html
+usr/share/doc/openssl/html/man3/SMIME_write_CMS.html
+usr/share/doc/openssl/html/man3/SMIME_write_PKCS7.html
+usr/share/doc/openssl/html/man3/SSL_accept.html
+usr/share/doc/openssl/html/man3/SSL_add0_chain_cert.html
+usr/share/doc/openssl/html/man3/SSL_add1_chain_cert.html
+usr/share/doc/openssl/html/man3/SSL_add1_host.html
+usr/share/doc/openssl/html/man3/SSL_add1_to_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_add_client_CA.html
+usr/share/doc/openssl/html/man3/SSL_alert_desc_string.html
+usr/share/doc/openssl/html/man3/SSL_alert_desc_string_long.html
+usr/share/doc/openssl/html/man3/SSL_alert_type_string.html
+usr/share/doc/openssl/html/man3/SSL_alert_type_string_long.html
+usr/share/doc/openssl/html/man3/SSL_alloc_buffers.html
+usr/share/doc/openssl/html/man3/SSL_allow_early_data_cb_fn.html
+usr/share/doc/openssl/html/man3/SSL_build_cert_chain.html
+usr/share/doc/openssl/html/man3/SSL_bytes_to_cipher_list.html
+usr/share/doc/openssl/html/man3/SSL_callback_ctrl.html
+usr/share/doc/openssl/html/man3/SSL_check_chain.html
+usr/share/doc/openssl/html/man3/SSL_check_private_key.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_description.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_find.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_auth_nid.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_bits.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_cipher_nid.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_digest_nid.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_handshake_digest.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_id.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_kx_nid.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_name.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_protocol_id.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_get_version.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_is_aead.html
+usr/share/doc/openssl/html/man3/SSL_CIPHER_standard_name.html
+usr/share/doc/openssl/html/man3/SSL_clear.html
+usr/share/doc/openssl/html/man3/SSL_clear_chain_certs.html
+usr/share/doc/openssl/html/man3/SSL_clear_mode.html
+usr/share/doc/openssl/html/man3/SSL_clear_options.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_cb_fn.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_get0_ciphers.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_get0_compression_methods.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_get0_ext.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_get0_legacy_version.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_get0_random.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_get0_session_id.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_get1_extensions_present.html
+usr/share/doc/openssl/html/man3/SSL_client_hello_isv2.html
+usr/share/doc/openssl/html/man3/SSL_client_version.html
+usr/share/doc/openssl/html/man3/SSL_COMP_add_compression_method.html
+usr/share/doc/openssl/html/man3/SSL_COMP_free_compression_methods.html
+usr/share/doc/openssl/html/man3/SSL_COMP_get0_name.html
+usr/share/doc/openssl/html/man3/SSL_COMP_get_compression_methods.html
+usr/share/doc/openssl/html/man3/SSL_COMP_get_id.html
+usr/share/doc/openssl/html/man3/SSL_CONF_cmd.html
+usr/share/doc/openssl/html/man3/SSL_CONF_cmd_argv.html
+usr/share/doc/openssl/html/man3/SSL_CONF_cmd_value_type.html
+usr/share/doc/openssl/html/man3/SSL_CONF_CTX_clear_flags.html
+usr/share/doc/openssl/html/man3/SSL_CONF_CTX_free.html
+usr/share/doc/openssl/html/man3/SSL_CONF_CTX_new.html
+usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set1_prefix.html
+usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_flags.html
+usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_ssl.html
+usr/share/doc/openssl/html/man3/SSL_CONF_CTX_set_ssl_ctx.html
+usr/share/doc/openssl/html/man3/SSL_config.html
+usr/share/doc/openssl/html/man3/SSL_connect.html
+usr/share/doc/openssl/html/man3/SSL_ct_is_enabled.html
+usr/share/doc/openssl/html/man3/ssl_ct_validation_cb.html
+usr/share/doc/openssl/html/man3/SSL_ctrl.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add0_chain_cert.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add1_chain_cert.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add1_to_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add_client_CA.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add_client_custom_ext.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add_custom_ext.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add_extra_chain_cert.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add_server_custom_ext.html
+usr/share/doc/openssl/html/man3/SSL_CTX_add_session.html
+usr/share/doc/openssl/html/man3/SSL_CTX_build_cert_chain.html
+usr/share/doc/openssl/html/man3/SSL_CTX_callback_ctrl.html
+usr/share/doc/openssl/html/man3/SSL_CTX_check_private_key.html
+usr/share/doc/openssl/html/man3/SSL_CTX_clear_chain_certs.html
+usr/share/doc/openssl/html/man3/SSL_CTX_clear_extra_chain_certs.html
+usr/share/doc/openssl/html/man3/SSL_CTX_clear_mode.html
+usr/share/doc/openssl/html/man3/SSL_CTX_clear_options.html
+usr/share/doc/openssl/html/man3/SSL_CTX_config.html
+usr/share/doc/openssl/html/man3/SSL_CTX_ct_is_enabled.html
+usr/share/doc/openssl/html/man3/SSL_CTX_ctrl.html
+usr/share/doc/openssl/html/man3/SSL_CTX_dane_clear_flags.html
+usr/share/doc/openssl/html/man3/SSL_CTX_dane_enable.html
+usr/share/doc/openssl/html/man3/SSL_CTX_dane_mtype_set.html
+usr/share/doc/openssl/html/man3/SSL_CTX_dane_set_flags.html
+usr/share/doc/openssl/html/man3/SSL_CTX_decrypt_session_ticket_fn.html
+usr/share/doc/openssl/html/man3/SSL_CTX_disable_ct.html
+usr/share/doc/openssl/html/man3/SSL_CTX_enable_ct.html
+usr/share/doc/openssl/html/man3/SSL_CTX_flush_sessions.html
+usr/share/doc/openssl/html/man3/SSL_CTX_free.html
+usr/share/doc/openssl/html/man3/SSL_CTX_generate_session_ticket_fn.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get0_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get0_chain_certs.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get0_param.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get0_security_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_ciphers.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_client_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_client_cert_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_default_passwd_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_default_passwd_cb_userdata.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_default_read_ahead.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_info_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_keylog_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_max_cert_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_max_proto_version.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_min_proto_version.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_mode.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_num_tickets.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_options.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_quiet_shutdown.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_read_ahead.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_record_padding_callback_arg.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_recv_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_security_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_security_level.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_session_cache_mode.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_timeout.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_arg.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_tlsext_status_type.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_depth.html
+usr/share/doc/openssl/html/man3/SSL_CTX_get_verify_mode.html
+usr/share/doc/openssl/html/man3/SSL_CTX_has_client_custom_ext.html
+usr/share/doc/openssl/html/man3/SSL_CTX_keylog_cb_func.html
+usr/share/doc/openssl/html/man3/SSL_CTX_load_verify_locations.html
+usr/share/doc/openssl/html/man3/SSL_CTX_new.html
+usr/share/doc/openssl/html/man3/SSL_CTX_remove_session.html
+usr/share/doc/openssl/html/man3/SSL_CTX_select_current_cert.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept_good.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_accept_renegotiate.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_cache_full.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_cb_hits.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect_good.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_connect_renegotiate.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_cache_size.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_get_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_new_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_get_remove_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_hits.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_misses.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_number.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_cache_size.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_get_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_new_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_set_remove_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sess_timeouts.html
+usr/share/doc/openssl/html/man3/SSL_CTX_sessions.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set0_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set0_chain.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set0_chain_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set0_security_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set0_verify_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_chain.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_chain_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_client_sigalgs.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_client_sigalgs_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_curves.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_curves_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_groups.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_groups_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_param.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_sigalgs.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_sigalgs_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set1_verify_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_allow_early_data_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_alpn_protos.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_alpn_select_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_block_padding.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_cert_verify_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_cipher_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_ciphersuites.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_client_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_client_cert_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_client_hello_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_ct_validation_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_ctlog_list_file.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_current_cert.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_default_ctlog_list_file.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_default_passwd_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_default_passwd_cb_userdata.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_default_read_buffer_len.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_dir.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_file.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_default_verify_paths.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_generate_session_id.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_info_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_keylog_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_max_cert_list.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_max_pipelines.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_max_proto_version.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_max_send_fragment.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_min_proto_version.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_mode.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_msg_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_msg_callback_arg.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_next_proto_select_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_next_protos_advertised_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_num_tickets.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_options.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_post_handshake_auth.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_client_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_find_session_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_server_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_psk_use_session_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_quiet_shutdown.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_read_ahead.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_record_padding_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_record_padding_callback_arg.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_recv_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_security_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_security_level.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_session_cache_mode.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_session_id_context.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_session_ticket_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_split_send_fragment.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_ssl_version.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_stateless_cookie_generate_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_stateless_cookie_verify_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_timeout.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_max_fragment_length.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_servername_arg.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_servername_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_arg.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_status_type.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_ticket_key_cb.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tlsext_use_srtp.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tmp_dh.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_tmp_dh_callback.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_verify.html
+usr/share/doc/openssl/html/man3/SSL_CTX_set_verify_depth.html
+usr/share/doc/openssl/html/man3/SSL_CTX_up_ref.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_cert_and_key.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_ASN1.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_chain_file.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_certificate_file.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey_ASN1.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_PrivateKey_file.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_psk_identity_hint.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey_ASN1.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_RSAPrivateKey_file.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo_ex.html
+usr/share/doc/openssl/html/man3/SSL_CTX_use_serverinfo_file.html
+usr/share/doc/openssl/html/man3/SSL_dane_clear_flags.html
+usr/share/doc/openssl/html/man3/SSL_dane_enable.html
+usr/share/doc/openssl/html/man3/SSL_dane_set_flags.html
+usr/share/doc/openssl/html/man3/SSL_dane_tlsa_add.html
+usr/share/doc/openssl/html/man3/SSL_disable_ct.html
+usr/share/doc/openssl/html/man3/SSL_do_handshake.html
+usr/share/doc/openssl/html/man3/SSL_dup.html
+usr/share/doc/openssl/html/man3/SSL_enable_ct.html
+usr/share/doc/openssl/html/man3/SSL_export_keying_material.html
+usr/share/doc/openssl/html/man3/SSL_export_keying_material_early.html
+usr/share/doc/openssl/html/man3/SSL_extension_supported.html
+usr/share/doc/openssl/html/man3/SSL_free.html
+usr/share/doc/openssl/html/man3/SSL_free_buffers.html
+usr/share/doc/openssl/html/man3/SSL_get0_alpn_selected.html
+usr/share/doc/openssl/html/man3/SSL_get0_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_get0_chain_certs.html
+usr/share/doc/openssl/html/man3/SSL_get0_dane_authority.html
+usr/share/doc/openssl/html/man3/SSL_get0_dane_tlsa.html
+usr/share/doc/openssl/html/man3/SSL_get0_next_proto_negotiated.html
+usr/share/doc/openssl/html/man3/SSL_get0_param.html
+usr/share/doc/openssl/html/man3/SSL_get0_peer_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_get0_peer_scts.html
+usr/share/doc/openssl/html/man3/SSL_get0_peername.html
+usr/share/doc/openssl/html/man3/SSL_get0_security_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_get0_session.html
+usr/share/doc/openssl/html/man3/SSL_get0_verified_chain.html
+usr/share/doc/openssl/html/man3/SSL_get1_curves.html
+usr/share/doc/openssl/html/man3/SSL_get1_groups.html
+usr/share/doc/openssl/html/man3/SSL_get1_session.html
+usr/share/doc/openssl/html/man3/SSL_get1_supported_ciphers.html
+usr/share/doc/openssl/html/man3/SSL_get_all_async_fds.html
+usr/share/doc/openssl/html/man3/SSL_get_changed_async_fds.html
+usr/share/doc/openssl/html/man3/SSL_get_cipher.html
+usr/share/doc/openssl/html/man3/SSL_get_cipher_bits.html
+usr/share/doc/openssl/html/man3/SSL_get_cipher_list.html
+usr/share/doc/openssl/html/man3/SSL_get_cipher_name.html
+usr/share/doc/openssl/html/man3/SSL_get_cipher_version.html
+usr/share/doc/openssl/html/man3/SSL_get_ciphers.html
+usr/share/doc/openssl/html/man3/SSL_get_client_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_get_client_ciphers.html
+usr/share/doc/openssl/html/man3/SSL_get_client_random.html
+usr/share/doc/openssl/html/man3/SSL_get_current_cipher.html
+usr/share/doc/openssl/html/man3/SSL_get_default_passwd_cb.html
+usr/share/doc/openssl/html/man3/SSL_get_default_passwd_cb_userdata.html
+usr/share/doc/openssl/html/man3/SSL_get_default_timeout.html
+usr/share/doc/openssl/html/man3/SSL_get_early_data_status.html
+usr/share/doc/openssl/html/man3/SSL_get_error.html
+usr/share/doc/openssl/html/man3/SSL_get_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_get_ex_data_X509_STORE_CTX_idx.html
+usr/share/doc/openssl/html/man3/SSL_get_extms_support.html
+usr/share/doc/openssl/html/man3/SSL_get_fd.html
+usr/share/doc/openssl/html/man3/SSL_get_info_callback.html
+usr/share/doc/openssl/html/man3/SSL_get_key_update_type.html
+usr/share/doc/openssl/html/man3/SSL_get_max_cert_list.html
+usr/share/doc/openssl/html/man3/SSL_get_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_get_max_proto_version.html
+usr/share/doc/openssl/html/man3/SSL_get_min_proto_version.html
+usr/share/doc/openssl/html/man3/SSL_get_mode.html
+usr/share/doc/openssl/html/man3/SSL_get_num_tickets.html
+usr/share/doc/openssl/html/man3/SSL_get_options.html
+usr/share/doc/openssl/html/man3/SSL_get_peer_cert_chain.html
+usr/share/doc/openssl/html/man3/SSL_get_peer_certificate.html
+usr/share/doc/openssl/html/man3/SSL_get_peer_signature_nid.html
+usr/share/doc/openssl/html/man3/SSL_get_peer_signature_type_nid.html
+usr/share/doc/openssl/html/man3/SSL_get_peer_tmp_key.html
+usr/share/doc/openssl/html/man3/SSL_get_pending_cipher.html
+usr/share/doc/openssl/html/man3/SSL_get_psk_identity.html
+usr/share/doc/openssl/html/man3/SSL_get_psk_identity_hint.html
+usr/share/doc/openssl/html/man3/SSL_get_quiet_shutdown.html
+usr/share/doc/openssl/html/man3/SSL_get_rbio.html
+usr/share/doc/openssl/html/man3/SSL_get_read_ahead.html
+usr/share/doc/openssl/html/man3/SSL_get_record_padding_callback_arg.html
+usr/share/doc/openssl/html/man3/SSL_get_recv_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_get_rfd.html
+usr/share/doc/openssl/html/man3/SSL_get_secure_renegotiation_support.html
+usr/share/doc/openssl/html/man3/SSL_get_security_callback.html
+usr/share/doc/openssl/html/man3/SSL_get_security_level.html
+usr/share/doc/openssl/html/man3/SSL_get_selected_srtp_profile.html
+usr/share/doc/openssl/html/man3/SSL_get_server_random.html
+usr/share/doc/openssl/html/man3/SSL_get_server_tmp_key.html
+usr/share/doc/openssl/html/man3/SSL_get_servername.html
+usr/share/doc/openssl/html/man3/SSL_get_servername_type.html
+usr/share/doc/openssl/html/man3/SSL_get_session.html
+usr/share/doc/openssl/html/man3/SSL_get_shared_ciphers.html
+usr/share/doc/openssl/html/man3/SSL_get_shared_curve.html
+usr/share/doc/openssl/html/man3/SSL_get_shared_group.html
+usr/share/doc/openssl/html/man3/SSL_get_shared_sigalgs.html
+usr/share/doc/openssl/html/man3/SSL_get_shutdown.html
+usr/share/doc/openssl/html/man3/SSL_get_sigalgs.html
+usr/share/doc/openssl/html/man3/SSL_get_signature_nid.html
+usr/share/doc/openssl/html/man3/SSL_get_signature_type_nid.html
+usr/share/doc/openssl/html/man3/SSL_get_srtp_profiles.html
+usr/share/doc/openssl/html/man3/SSL_get_SSL_CTX.html
+usr/share/doc/openssl/html/man3/SSL_get_ssl_method.html
+usr/share/doc/openssl/html/man3/SSL_get_state.html
+usr/share/doc/openssl/html/man3/SSL_get_time.html
+usr/share/doc/openssl/html/man3/SSL_get_timeout.html
+usr/share/doc/openssl/html/man3/SSL_get_tlsext_status_ocsp_resp.html
+usr/share/doc/openssl/html/man3/SSL_get_tlsext_status_type.html
+usr/share/doc/openssl/html/man3/SSL_get_tmp_key.html
+usr/share/doc/openssl/html/man3/SSL_get_verify_callback.html
+usr/share/doc/openssl/html/man3/SSL_get_verify_depth.html
+usr/share/doc/openssl/html/man3/SSL_get_verify_mode.html
+usr/share/doc/openssl/html/man3/SSL_get_verify_result.html
+usr/share/doc/openssl/html/man3/SSL_get_version.html
+usr/share/doc/openssl/html/man3/SSL_get_wbio.html
+usr/share/doc/openssl/html/man3/SSL_get_wfd.html
+usr/share/doc/openssl/html/man3/SSL_has_matching_session_id.html
+usr/share/doc/openssl/html/man3/SSL_has_pending.html
+usr/share/doc/openssl/html/man3/SSL_in_accept_init.html
+usr/share/doc/openssl/html/man3/SSL_in_before.html
+usr/share/doc/openssl/html/man3/SSL_in_connect_init.html
+usr/share/doc/openssl/html/man3/SSL_in_init.html
+usr/share/doc/openssl/html/man3/SSL_is_dtls.html
+usr/share/doc/openssl/html/man3/SSL_is_init_finished.html
+usr/share/doc/openssl/html/man3/SSL_is_server.html
+usr/share/doc/openssl/html/man3/SSL_key_update.html
+usr/share/doc/openssl/html/man3/SSL_library_init.html
+usr/share/doc/openssl/html/man3/SSL_load_client_CA_file.html
+usr/share/doc/openssl/html/man3/SSL_load_error_strings.html
+usr/share/doc/openssl/html/man3/SSL_new.html
+usr/share/doc/openssl/html/man3/SSL_peek.html
+usr/share/doc/openssl/html/man3/SSL_peek_ex.html
+usr/share/doc/openssl/html/man3/SSL_pending.html
+usr/share/doc/openssl/html/man3/SSL_psk_client_cb_func.html
+usr/share/doc/openssl/html/man3/SSL_psk_find_session_cb_func.html
+usr/share/doc/openssl/html/man3/SSL_psk_server_cb_func.html
+usr/share/doc/openssl/html/man3/SSL_psk_use_session_cb_func.html
+usr/share/doc/openssl/html/man3/SSL_read.html
+usr/share/doc/openssl/html/man3/SSL_read_early_data.html
+usr/share/doc/openssl/html/man3/SSL_read_ex.html
+usr/share/doc/openssl/html/man3/SSL_renegotiate.html
+usr/share/doc/openssl/html/man3/SSL_renegotiate_abbreviated.html
+usr/share/doc/openssl/html/man3/SSL_renegotiate_pending.html
+usr/share/doc/openssl/html/man3/SSL_rstate_string.html
+usr/share/doc/openssl/html/man3/SSL_rstate_string_long.html
+usr/share/doc/openssl/html/man3/SSL_select_current_cert.html
+usr/share/doc/openssl/html/man3/SSL_select_next_proto.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_dup.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_free.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get0_alpn_selected.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get0_cipher.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get0_hostname.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get0_id_context.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get0_peer.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get0_ticket.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get0_ticket_appdata.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_compress_id.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_id.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_master_key.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_max_fragment_length.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_protocol_version.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_ticket_lifetime_hint.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_time.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_get_timeout.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_has_ticket.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_is_resumable.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_new.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_print.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_print_fp.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_print_keylog.html
+usr/share/doc/openssl/html/man3/SSL_session_reused.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set1_alpn_selected.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set1_hostname.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set1_id.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set1_id_context.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set1_master_key.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set1_ticket_appdata.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set_cipher.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set_protocol_version.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set_time.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_set_timeout.html
+usr/share/doc/openssl/html/man3/SSL_SESSION_up_ref.html
+usr/share/doc/openssl/html/man3/SSL_set0_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_set0_chain.html
+usr/share/doc/openssl/html/man3/SSL_set0_chain_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_set0_rbio.html
+usr/share/doc/openssl/html/man3/SSL_set0_security_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_set0_verify_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_set0_wbio.html
+usr/share/doc/openssl/html/man3/SSL_set1_chain.html
+usr/share/doc/openssl/html/man3/SSL_set1_chain_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_set1_client_sigalgs.html
+usr/share/doc/openssl/html/man3/SSL_set1_client_sigalgs_list.html
+usr/share/doc/openssl/html/man3/SSL_set1_curves.html
+usr/share/doc/openssl/html/man3/SSL_set1_curves_list.html
+usr/share/doc/openssl/html/man3/SSL_set1_groups.html
+usr/share/doc/openssl/html/man3/SSL_set1_groups_list.html
+usr/share/doc/openssl/html/man3/SSL_set1_host.html
+usr/share/doc/openssl/html/man3/SSL_set1_param.html
+usr/share/doc/openssl/html/man3/SSL_set1_sigalgs.html
+usr/share/doc/openssl/html/man3/SSL_set1_sigalgs_list.html
+usr/share/doc/openssl/html/man3/SSL_set1_verify_cert_store.html
+usr/share/doc/openssl/html/man3/SSL_set_accept_state.html
+usr/share/doc/openssl/html/man3/SSL_set_allow_early_data_cb.html
+usr/share/doc/openssl/html/man3/SSL_set_alpn_protos.html
+usr/share/doc/openssl/html/man3/SSL_set_bio.html
+usr/share/doc/openssl/html/man3/SSL_set_block_padding.html
+usr/share/doc/openssl/html/man3/SSL_set_cert_cb.html
+usr/share/doc/openssl/html/man3/SSL_set_cipher_list.html
+usr/share/doc/openssl/html/man3/SSL_set_ciphersuites.html
+usr/share/doc/openssl/html/man3/SSL_set_client_CA_list.html
+usr/share/doc/openssl/html/man3/SSL_set_connect_state.html
+usr/share/doc/openssl/html/man3/SSL_set_ct_validation_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_current_cert.html
+usr/share/doc/openssl/html/man3/SSL_set_default_passwd_cb.html
+usr/share/doc/openssl/html/man3/SSL_set_default_passwd_cb_userdata.html
+usr/share/doc/openssl/html/man3/SSL_set_default_read_buffer_len.html
+usr/share/doc/openssl/html/man3/SSL_set_ex_data.html
+usr/share/doc/openssl/html/man3/SSL_set_fd.html
+usr/share/doc/openssl/html/man3/SSL_set_generate_session_id.html
+usr/share/doc/openssl/html/man3/SSL_set_hostflags.html
+usr/share/doc/openssl/html/man3/SSL_set_info_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_max_cert_list.html
+usr/share/doc/openssl/html/man3/SSL_set_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_set_max_pipelines.html
+usr/share/doc/openssl/html/man3/SSL_set_max_proto_version.html
+usr/share/doc/openssl/html/man3/SSL_set_max_send_fragment.html
+usr/share/doc/openssl/html/man3/SSL_set_min_proto_version.html
+usr/share/doc/openssl/html/man3/SSL_set_mode.html
+usr/share/doc/openssl/html/man3/SSL_set_msg_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_msg_callback_arg.html
+usr/share/doc/openssl/html/man3/SSL_set_num_tickets.html
+usr/share/doc/openssl/html/man3/SSL_set_options.html
+usr/share/doc/openssl/html/man3/SSL_set_post_handshake_auth.html
+usr/share/doc/openssl/html/man3/SSL_set_psk_client_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_psk_find_session_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_psk_server_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_psk_use_session_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_quiet_shutdown.html
+usr/share/doc/openssl/html/man3/SSL_set_read_ahead.html
+usr/share/doc/openssl/html/man3/SSL_set_record_padding_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_record_padding_callback_arg.html
+usr/share/doc/openssl/html/man3/SSL_set_recv_max_early_data.html
+usr/share/doc/openssl/html/man3/SSL_set_rfd.html
+usr/share/doc/openssl/html/man3/SSL_set_security_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_security_level.html
+usr/share/doc/openssl/html/man3/SSL_set_session.html
+usr/share/doc/openssl/html/man3/SSL_set_session_id_context.html
+usr/share/doc/openssl/html/man3/SSL_set_shutdown.html
+usr/share/doc/openssl/html/man3/SSL_set_split_send_fragment.html
+usr/share/doc/openssl/html/man3/SSL_set_ssl_method.html
+usr/share/doc/openssl/html/man3/SSL_set_time.html
+usr/share/doc/openssl/html/man3/SSL_set_timeout.html
+usr/share/doc/openssl/html/man3/SSL_set_tlsext_host_name.html
+usr/share/doc/openssl/html/man3/SSL_set_tlsext_max_fragment_length.html
+usr/share/doc/openssl/html/man3/SSL_set_tlsext_status_ocsp_resp.html
+usr/share/doc/openssl/html/man3/SSL_set_tlsext_status_type.html
+usr/share/doc/openssl/html/man3/SSL_set_tlsext_use_srtp.html
+usr/share/doc/openssl/html/man3/SSL_set_tmp_dh.html
+usr/share/doc/openssl/html/man3/SSL_set_tmp_dh_callback.html
+usr/share/doc/openssl/html/man3/SSL_set_verify.html
+usr/share/doc/openssl/html/man3/SSL_set_verify_depth.html
+usr/share/doc/openssl/html/man3/SSL_set_verify_result.html
+usr/share/doc/openssl/html/man3/SSL_set_wfd.html
+usr/share/doc/openssl/html/man3/SSL_shutdown.html
+usr/share/doc/openssl/html/man3/SSL_state_string.html
+usr/share/doc/openssl/html/man3/SSL_state_string_long.html
+usr/share/doc/openssl/html/man3/SSL_stateless.html
+usr/share/doc/openssl/html/man3/SSL_up_ref.html
+usr/share/doc/openssl/html/man3/SSL_use_cert_and_key.html
+usr/share/doc/openssl/html/man3/SSL_use_certificate.html
+usr/share/doc/openssl/html/man3/SSL_use_certificate_ASN1.html
+usr/share/doc/openssl/html/man3/SSL_use_certificate_chain_file.html
+usr/share/doc/openssl/html/man3/SSL_use_certificate_file.html
+usr/share/doc/openssl/html/man3/SSL_use_PrivateKey.html
+usr/share/doc/openssl/html/man3/SSL_use_PrivateKey_ASN1.html
+usr/share/doc/openssl/html/man3/SSL_use_PrivateKey_file.html
+usr/share/doc/openssl/html/man3/SSL_use_psk_identity_hint.html
+usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey.html
+usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey_ASN1.html
+usr/share/doc/openssl/html/man3/SSL_use_RSAPrivateKey_file.html
+usr/share/doc/openssl/html/man3/SSL_verify_cb.html
+usr/share/doc/openssl/html/man3/SSL_verify_client_post_handshake.html
+usr/share/doc/openssl/html/man3/SSL_version.html
+usr/share/doc/openssl/html/man3/SSL_waiting_for_async.html
+usr/share/doc/openssl/html/man3/SSL_want.html
+usr/share/doc/openssl/html/man3/SSL_want_async.html
+usr/share/doc/openssl/html/man3/SSL_want_async_job.html
+usr/share/doc/openssl/html/man3/SSL_want_client_hello_cb.html
+usr/share/doc/openssl/html/man3/SSL_want_nothing.html
+usr/share/doc/openssl/html/man3/SSL_want_read.html
+usr/share/doc/openssl/html/man3/SSL_want_write.html
+usr/share/doc/openssl/html/man3/SSL_want_x509_lookup.html
+usr/share/doc/openssl/html/man3/SSL_write.html
+usr/share/doc/openssl/html/man3/SSL_write_early_data.html
+usr/share/doc/openssl/html/man3/SSL_write_ex.html
+usr/share/doc/openssl/html/man3/SSLv23_client_method.html
+usr/share/doc/openssl/html/man3/SSLv23_method.html
+usr/share/doc/openssl/html/man3/SSLv23_server_method.html
+usr/share/doc/openssl/html/man3/SSLv3_client_method.html
+usr/share/doc/openssl/html/man3/SSLv3_method.html
+usr/share/doc/openssl/html/man3/SSLv3_server_method.html
+usr/share/doc/openssl/html/man3/SXNET_free.html
+usr/share/doc/openssl/html/man3/SXNET_new.html
+usr/share/doc/openssl/html/man3/SXNETID_free.html
+usr/share/doc/openssl/html/man3/SXNETID_new.html
+usr/share/doc/openssl/html/man3/TLS_client_method.html
+usr/share/doc/openssl/html/man3/TLS_FEATURE_free.html
+usr/share/doc/openssl/html/man3/TLS_FEATURE_new.html
+usr/share/doc/openssl/html/man3/TLS_method.html
+usr/share/doc/openssl/html/man3/TLS_server_method.html
+usr/share/doc/openssl/html/man3/TLSv1_1_client_method.html
+usr/share/doc/openssl/html/man3/TLSv1_1_method.html
+usr/share/doc/openssl/html/man3/TLSv1_1_server_method.html
+usr/share/doc/openssl/html/man3/TLSv1_2_client_method.html
+usr/share/doc/openssl/html/man3/TLSv1_2_method.html
+usr/share/doc/openssl/html/man3/TLSv1_2_server_method.html
+usr/share/doc/openssl/html/man3/TLSv1_client_method.html
+usr/share/doc/openssl/html/man3/TLSv1_method.html
+usr/share/doc/openssl/html/man3/TLSv1_server_method.html
+usr/share/doc/openssl/html/man3/TS_ACCURACY_dup.html
+usr/share/doc/openssl/html/man3/TS_ACCURACY_free.html
+usr/share/doc/openssl/html/man3/TS_ACCURACY_new.html
+usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_dup.html
+usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_free.html
+usr/share/doc/openssl/html/man3/TS_MSG_IMPRINT_new.html
+usr/share/doc/openssl/html/man3/TS_REQ_dup.html
+usr/share/doc/openssl/html/man3/TS_REQ_free.html
+usr/share/doc/openssl/html/man3/TS_REQ_new.html
+usr/share/doc/openssl/html/man3/TS_RESP_dup.html
+usr/share/doc/openssl/html/man3/TS_RESP_free.html
+usr/share/doc/openssl/html/man3/TS_RESP_new.html
+usr/share/doc/openssl/html/man3/TS_STATUS_INFO_dup.html
+usr/share/doc/openssl/html/man3/TS_STATUS_INFO_free.html
+usr/share/doc/openssl/html/man3/TS_STATUS_INFO_new.html
+usr/share/doc/openssl/html/man3/TS_TST_INFO_dup.html
+usr/share/doc/openssl/html/man3/TS_TST_INFO_free.html
+usr/share/doc/openssl/html/man3/TS_TST_INFO_new.html
+usr/share/doc/openssl/html/man3/UI.html
+usr/share/doc/openssl/html/man3/UI_add_error_string.html
+usr/share/doc/openssl/html/man3/UI_add_info_string.html
+usr/share/doc/openssl/html/man3/UI_add_input_boolean.html
+usr/share/doc/openssl/html/man3/UI_add_input_string.html
+usr/share/doc/openssl/html/man3/UI_add_user_data.html
+usr/share/doc/openssl/html/man3/UI_add_verify_string.html
+usr/share/doc/openssl/html/man3/UI_construct_prompt.html
+usr/share/doc/openssl/html/man3/UI_create_method.html
+usr/share/doc/openssl/html/man3/UI_ctrl.html
+usr/share/doc/openssl/html/man3/UI_destroy_method.html
+usr/share/doc/openssl/html/man3/UI_dup_error_string.html
+usr/share/doc/openssl/html/man3/UI_dup_info_string.html
+usr/share/doc/openssl/html/man3/UI_dup_input_boolean.html
+usr/share/doc/openssl/html/man3/UI_dup_input_string.html
+usr/share/doc/openssl/html/man3/UI_dup_user_data.html
+usr/share/doc/openssl/html/man3/UI_dup_verify_string.html
+usr/share/doc/openssl/html/man3/UI_free.html
+usr/share/doc/openssl/html/man3/UI_get0_action_string.html
+usr/share/doc/openssl/html/man3/UI_get0_output_string.html
+usr/share/doc/openssl/html/man3/UI_get0_result.html
+usr/share/doc/openssl/html/man3/UI_get0_result_string.html
+usr/share/doc/openssl/html/man3/UI_get0_test_string.html
+usr/share/doc/openssl/html/man3/UI_get0_user_data.html
+usr/share/doc/openssl/html/man3/UI_get_default_method.html
+usr/share/doc/openssl/html/man3/UI_get_ex_data.html
+usr/share/doc/openssl/html/man3/UI_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/UI_get_input_flags.html
+usr/share/doc/openssl/html/man3/UI_get_method.html
+usr/share/doc/openssl/html/man3/UI_get_result_length.html
+usr/share/doc/openssl/html/man3/UI_get_result_maxsize.html
+usr/share/doc/openssl/html/man3/UI_get_result_minsize.html
+usr/share/doc/openssl/html/man3/UI_get_result_string_length.html
+usr/share/doc/openssl/html/man3/UI_get_string_type.html
+usr/share/doc/openssl/html/man3/UI_METHOD.html
+usr/share/doc/openssl/html/man3/UI_method_get_closer.html
+usr/share/doc/openssl/html/man3/UI_method_get_data_destructor.html
+usr/share/doc/openssl/html/man3/UI_method_get_data_duplicator.html
+usr/share/doc/openssl/html/man3/UI_method_get_ex_data.html
+usr/share/doc/openssl/html/man3/UI_method_get_flusher.html
+usr/share/doc/openssl/html/man3/UI_method_get_opener.html
+usr/share/doc/openssl/html/man3/UI_method_get_prompt_constructor.html
+usr/share/doc/openssl/html/man3/UI_method_get_reader.html
+usr/share/doc/openssl/html/man3/UI_method_get_writer.html
+usr/share/doc/openssl/html/man3/UI_method_set_closer.html
+usr/share/doc/openssl/html/man3/UI_method_set_data_duplicator.html
+usr/share/doc/openssl/html/man3/UI_method_set_ex_data.html
+usr/share/doc/openssl/html/man3/UI_method_set_flusher.html
+usr/share/doc/openssl/html/man3/UI_method_set_opener.html
+usr/share/doc/openssl/html/man3/UI_method_set_prompt_constructor.html
+usr/share/doc/openssl/html/man3/UI_method_set_reader.html
+usr/share/doc/openssl/html/man3/UI_method_set_writer.html
+usr/share/doc/openssl/html/man3/UI_new.html
+usr/share/doc/openssl/html/man3/UI_new_method.html
+usr/share/doc/openssl/html/man3/UI_null.html
+usr/share/doc/openssl/html/man3/UI_OpenSSL.html
+usr/share/doc/openssl/html/man3/UI_process.html
+usr/share/doc/openssl/html/man3/UI_set_default_method.html
+usr/share/doc/openssl/html/man3/UI_set_ex_data.html
+usr/share/doc/openssl/html/man3/UI_set_method.html
+usr/share/doc/openssl/html/man3/UI_set_result.html
+usr/share/doc/openssl/html/man3/UI_set_result_ex.html
+usr/share/doc/openssl/html/man3/UI_STRING.html
+usr/share/doc/openssl/html/man3/UI_string_types.html
+usr/share/doc/openssl/html/man3/UI_UTIL_read_pw.html
+usr/share/doc/openssl/html/man3/UI_UTIL_read_pw_string.html
+usr/share/doc/openssl/html/man3/UI_UTIL_wrap_read_pem_callback.html
+usr/share/doc/openssl/html/man3/USERNOTICE_free.html
+usr/share/doc/openssl/html/man3/USERNOTICE_new.html
+usr/share/doc/openssl/html/man3/X509_add1_ext_i2d.html
+usr/share/doc/openssl/html/man3/X509_add_ext.html
+usr/share/doc/openssl/html/man3/X509_ALGOR_cmp.html
+usr/share/doc/openssl/html/man3/X509_ALGOR_dup.html
+usr/share/doc/openssl/html/man3/X509_ALGOR_free.html
+usr/share/doc/openssl/html/man3/X509_ALGOR_get0.html
+usr/share/doc/openssl/html/man3/X509_ALGOR_new.html
+usr/share/doc/openssl/html/man3/X509_ALGOR_set0.html
+usr/share/doc/openssl/html/man3/X509_ALGOR_set_md.html
+usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_dup.html
+usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_free.html
+usr/share/doc/openssl/html/man3/X509_ATTRIBUTE_new.html
+usr/share/doc/openssl/html/man3/X509_CERT_AUX_free.html
+usr/share/doc/openssl/html/man3/X509_CERT_AUX_new.html
+usr/share/doc/openssl/html/man3/X509_chain_up_ref.html
+usr/share/doc/openssl/html/man3/X509_check_ca.html
+usr/share/doc/openssl/html/man3/X509_check_email.html
+usr/share/doc/openssl/html/man3/X509_check_host.html
+usr/share/doc/openssl/html/man3/X509_check_ip.html
+usr/share/doc/openssl/html/man3/X509_check_ip_asc.html
+usr/share/doc/openssl/html/man3/X509_check_issued.html
+usr/share/doc/openssl/html/man3/X509_check_private_key.html
+usr/share/doc/openssl/html/man3/X509_CINF_free.html
+usr/share/doc/openssl/html/man3/X509_CINF_new.html
+usr/share/doc/openssl/html/man3/X509_cmp_current_time.html
+usr/share/doc/openssl/html/man3/X509_cmp_time.html
+usr/share/doc/openssl/html/man3/X509_CRL_add0_revoked.html
+usr/share/doc/openssl/html/man3/X509_CRL_add1_ext_i2d.html
+usr/share/doc/openssl/html/man3/X509_CRL_add_ext.html
+usr/share/doc/openssl/html/man3/X509_CRL_delete_ext.html
+usr/share/doc/openssl/html/man3/X509_CRL_digest.html
+usr/share/doc/openssl/html/man3/X509_CRL_dup.html
+usr/share/doc/openssl/html/man3/X509_CRL_free.html
+usr/share/doc/openssl/html/man3/X509_CRL_get0_by_cert.html
+usr/share/doc/openssl/html/man3/X509_CRL_get0_by_serial.html
+usr/share/doc/openssl/html/man3/X509_CRL_get0_extensions.html
+usr/share/doc/openssl/html/man3/X509_CRL_get0_lastUpdate.html
+usr/share/doc/openssl/html/man3/X509_CRL_get0_nextUpdate.html
+usr/share/doc/openssl/html/man3/X509_CRL_get0_signature.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_ext.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_critical.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_NID.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_ext_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_ext_count.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_ext_d2i.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_issuer.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_REVOKED.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_signature_nid.html
+usr/share/doc/openssl/html/man3/X509_CRL_get_version.html
+usr/share/doc/openssl/html/man3/X509_CRL_INFO_free.html
+usr/share/doc/openssl/html/man3/X509_CRL_INFO_new.html
+usr/share/doc/openssl/html/man3/X509_CRL_new.html
+usr/share/doc/openssl/html/man3/X509_CRL_set1_lastUpdate.html
+usr/share/doc/openssl/html/man3/X509_CRL_set1_nextUpdate.html
+usr/share/doc/openssl/html/man3/X509_CRL_set_issuer_name.html
+usr/share/doc/openssl/html/man3/X509_CRL_set_version.html
+usr/share/doc/openssl/html/man3/X509_CRL_sign.html
+usr/share/doc/openssl/html/man3/X509_CRL_sign_ctx.html
+usr/share/doc/openssl/html/man3/X509_CRL_sort.html
+usr/share/doc/openssl/html/man3/X509_CRL_verify.html
+usr/share/doc/openssl/html/man3/X509_delete_ext.html
+usr/share/doc/openssl/html/man3/X509_digest.html
+usr/share/doc/openssl/html/man3/X509_dup.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_create_by_NID.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_create_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_dup.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_free.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_get_critical.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_get_data.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_get_object.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_new.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_set_critical.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_set_data.html
+usr/share/doc/openssl/html/man3/X509_EXTENSION_set_object.html
+usr/share/doc/openssl/html/man3/X509_free.html
+usr/share/doc/openssl/html/man3/X509_get0_authority_key_id.html
+usr/share/doc/openssl/html/man3/X509_get0_extensions.html
+usr/share/doc/openssl/html/man3/X509_get0_notAfter.html
+usr/share/doc/openssl/html/man3/X509_get0_notBefore.html
+usr/share/doc/openssl/html/man3/X509_get0_pubkey.html
+usr/share/doc/openssl/html/man3/X509_get0_serialNumber.html
+usr/share/doc/openssl/html/man3/X509_get0_signature.html
+usr/share/doc/openssl/html/man3/X509_get0_subject_key_id.html
+usr/share/doc/openssl/html/man3/X509_get0_tbs_sigalg.html
+usr/share/doc/openssl/html/man3/X509_get0_uids.html
+usr/share/doc/openssl/html/man3/X509_get_ex_data.html
+usr/share/doc/openssl/html/man3/X509_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/X509_get_ext.html
+usr/share/doc/openssl/html/man3/X509_get_ext_by_critical.html
+usr/share/doc/openssl/html/man3/X509_get_ext_by_NID.html
+usr/share/doc/openssl/html/man3/X509_get_ext_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509_get_ext_count.html
+usr/share/doc/openssl/html/man3/X509_get_ext_d2i.html
+usr/share/doc/openssl/html/man3/X509_get_extended_key_usage.html
+usr/share/doc/openssl/html/man3/X509_get_extension_flags.html
+usr/share/doc/openssl/html/man3/X509_get_issuer_name.html
+usr/share/doc/openssl/html/man3/X509_get_key_usage.html
+usr/share/doc/openssl/html/man3/X509_get_pathlen.html
+usr/share/doc/openssl/html/man3/X509_get_proxy_pathlen.html
+usr/share/doc/openssl/html/man3/X509_get_pubkey.html
+usr/share/doc/openssl/html/man3/X509_get_serialNumber.html
+usr/share/doc/openssl/html/man3/X509_get_signature_info.html
+usr/share/doc/openssl/html/man3/X509_get_signature_nid.html
+usr/share/doc/openssl/html/man3/X509_get_subject_name.html
+usr/share/doc/openssl/html/man3/X509_get_version.html
+usr/share/doc/openssl/html/man3/X509_get_X509_PUBKEY.html
+usr/share/doc/openssl/html/man3/X509_getm_notAfter.html
+usr/share/doc/openssl/html/man3/X509_getm_notBefore.html
+usr/share/doc/openssl/html/man3/X509_load_cert_crl_file.html
+usr/share/doc/openssl/html/man3/X509_load_cert_file.html
+usr/share/doc/openssl/html/man3/X509_load_crl_file.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_ctrl_fn.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_file.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_alias_fn.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_fingerprint_fn.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_issuer_serial_fn.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_get_by_subject_fn.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_get_method_data.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_get_store.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_hash_dir.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_free.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_ctrl.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_free.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_alias.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_fingerprint.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_issuer_serial.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_get_by_subject.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_init.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_new_item.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_get_shutdown.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_new.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_ctrl.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_free.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_alias.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_fingerprint.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_issuer_serial.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_get_by_subject.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_init.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_new_item.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_meth_set_shutdown.html
+usr/share/doc/openssl/html/man3/X509_LOOKUP_set_method_data.html
+usr/share/doc/openssl/html/man3/X509_NAME_add_entry.html
+usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_NID.html
+usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509_NAME_add_entry_by_txt.html
+usr/share/doc/openssl/html/man3/X509_NAME_delete_entry.html
+usr/share/doc/openssl/html/man3/X509_NAME_digest.html
+usr/share/doc/openssl/html/man3/X509_NAME_dup.html
+usr/share/doc/openssl/html/man3/X509_NAME_entry_count.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_NID.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_create_by_txt.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_dup.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_free.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_get_data.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_get_object.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_new.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_set_data.html
+usr/share/doc/openssl/html/man3/X509_NAME_ENTRY_set_object.html
+usr/share/doc/openssl/html/man3/X509_NAME_free.html
+usr/share/doc/openssl/html/man3/X509_NAME_get0_der.html
+usr/share/doc/openssl/html/man3/X509_NAME_get_entry.html
+usr/share/doc/openssl/html/man3/X509_NAME_get_index_by_NID.html
+usr/share/doc/openssl/html/man3/X509_NAME_get_index_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509_NAME_get_text_by_NID.html
+usr/share/doc/openssl/html/man3/X509_NAME_get_text_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509_NAME_new.html
+usr/share/doc/openssl/html/man3/X509_NAME_oneline.html
+usr/share/doc/openssl/html/man3/X509_NAME_print.html
+usr/share/doc/openssl/html/man3/X509_NAME_print_ex.html
+usr/share/doc/openssl/html/man3/X509_NAME_print_ex_fp.html
+usr/share/doc/openssl/html/man3/X509_new.html
+usr/share/doc/openssl/html/man3/X509_OBJECT_set1_X509.html
+usr/share/doc/openssl/html/man3/X509_OBJECT_set1_X509_CRL.html
+usr/share/doc/openssl/html/man3/X509_pubkey_digest.html
+usr/share/doc/openssl/html/man3/X509_PUBKEY_free.html
+usr/share/doc/openssl/html/man3/X509_PUBKEY_get.html
+usr/share/doc/openssl/html/man3/X509_PUBKEY_get0.html
+usr/share/doc/openssl/html/man3/X509_PUBKEY_get0_param.html
+usr/share/doc/openssl/html/man3/X509_PUBKEY_new.html
+usr/share/doc/openssl/html/man3/X509_PUBKEY_set.html
+usr/share/doc/openssl/html/man3/X509_PUBKEY_set0_param.html
+usr/share/doc/openssl/html/man3/X509_REQ_check_private_key.html
+usr/share/doc/openssl/html/man3/X509_REQ_digest.html
+usr/share/doc/openssl/html/man3/X509_REQ_dup.html
+usr/share/doc/openssl/html/man3/X509_REQ_free.html
+usr/share/doc/openssl/html/man3/X509_REQ_get0_pubkey.html
+usr/share/doc/openssl/html/man3/X509_REQ_get0_signature.html
+usr/share/doc/openssl/html/man3/X509_REQ_get_pubkey.html
+usr/share/doc/openssl/html/man3/X509_REQ_get_signature_nid.html
+usr/share/doc/openssl/html/man3/X509_REQ_get_subject_name.html
+usr/share/doc/openssl/html/man3/X509_REQ_get_version.html
+usr/share/doc/openssl/html/man3/X509_REQ_get_X509_PUBKEY.html
+usr/share/doc/openssl/html/man3/X509_REQ_INFO_free.html
+usr/share/doc/openssl/html/man3/X509_REQ_INFO_new.html
+usr/share/doc/openssl/html/man3/X509_REQ_new.html
+usr/share/doc/openssl/html/man3/X509_REQ_set_pubkey.html
+usr/share/doc/openssl/html/man3/X509_REQ_set_subject_name.html
+usr/share/doc/openssl/html/man3/X509_REQ_set_version.html
+usr/share/doc/openssl/html/man3/X509_REQ_sign.html
+usr/share/doc/openssl/html/man3/X509_REQ_sign_ctx.html
+usr/share/doc/openssl/html/man3/X509_REQ_verify.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_add1_ext_i2d.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_add_ext.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_delete_ext.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_dup.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_free.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get0_extensions.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get0_revocationDate.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get0_serialNumber.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_critical.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_NID.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_count.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_get_ext_d2i.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_new.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_set_revocationDate.html
+usr/share/doc/openssl/html/man3/X509_REVOKED_set_serialNumber.html
+usr/share/doc/openssl/html/man3/X509_set1_notAfter.html
+usr/share/doc/openssl/html/man3/X509_set1_notBefore.html
+usr/share/doc/openssl/html/man3/X509_set_ex_data.html
+usr/share/doc/openssl/html/man3/X509_set_issuer_name.html
+usr/share/doc/openssl/html/man3/X509_set_proxy_flag.html
+usr/share/doc/openssl/html/man3/X509_set_proxy_pathlen.html
+usr/share/doc/openssl/html/man3/X509_set_pubkey.html
+usr/share/doc/openssl/html/man3/X509_set_serialNumber.html
+usr/share/doc/openssl/html/man3/X509_set_subject_name.html
+usr/share/doc/openssl/html/man3/X509_set_version.html
+usr/share/doc/openssl/html/man3/X509_SIG_free.html
+usr/share/doc/openssl/html/man3/X509_SIG_get0.html
+usr/share/doc/openssl/html/man3/X509_SIG_getm.html
+usr/share/doc/openssl/html/man3/X509_SIG_INFO_get.html
+usr/share/doc/openssl/html/man3/X509_SIG_INFO_set.html
+usr/share/doc/openssl/html/man3/X509_SIG_new.html
+usr/share/doc/openssl/html/man3/X509_sign.html
+usr/share/doc/openssl/html/man3/X509_sign_ctx.html
+usr/share/doc/openssl/html/man3/X509_STORE_add_cert.html
+usr/share/doc/openssl/html/man3/X509_STORE_add_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_cert_crl_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_crl_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_issued_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_policy_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_check_revocation_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_cleanup.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_cleanup_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_free.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_cert.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_chain.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_param.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get0_untrusted.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get1_chain.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_cert_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_issued.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_policy.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_check_revocation.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_cleanup.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_crl_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_current_cert.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_error.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_error_depth.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_ex_data.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_get_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_get_issuer.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_issuer_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_lookup_certs.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_lookup_crls.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_num_untrusted.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_verify.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_get_verify_cb.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_init.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_lookup_certs_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_lookup_crls_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_new.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_crls.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_param.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_trusted_stack.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_untrusted.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set0_verified_chain.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_cert.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_current_cert.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_default.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_error.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_error_depth.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_ex_data.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_verify.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_set_verify_cb.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_verify_cb.html
+usr/share/doc/openssl/html/man3/X509_STORE_CTX_verify_fn.html
+usr/share/doc/openssl/html/man3/X509_STORE_free.html
+usr/share/doc/openssl/html/man3/X509_STORE_get0_objects.html
+usr/share/doc/openssl/html/man3/X509_STORE_get0_param.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_cert_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_check_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_check_issued.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_check_policy.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_check_revocation.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_cleanup.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_ex_data.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_ex_new_index.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_get_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_get_issuer.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_lookup_certs.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_lookup_crls.html
+usr/share/doc/openssl/html/man3/X509_STORE_get_verify_cb.html
+usr/share/doc/openssl/html/man3/X509_STORE_load_locations.html
+usr/share/doc/openssl/html/man3/X509_STORE_lock.html
+usr/share/doc/openssl/html/man3/X509_STORE_new.html
+usr/share/doc/openssl/html/man3/X509_STORE_set1_param.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_cert_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_check_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_check_issued.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_check_policy.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_check_revocation.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_cleanup.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_default_paths.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_depth.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_ex_data.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_flags.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_get_crl.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_get_issuer.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_certs.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_crls.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_lookup_crls_cb.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_purpose.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_trust.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_verify.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_verify_cb.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_verify_cb_func.html
+usr/share/doc/openssl/html/man3/X509_STORE_set_verify_func.html
+usr/share/doc/openssl/html/man3/X509_STORE_unlock.html
+usr/share/doc/openssl/html/man3/X509_STORE_up_ref.html
+usr/share/doc/openssl/html/man3/X509_time_adj.html
+usr/share/doc/openssl/html/man3/X509_time_adj_ex.html
+usr/share/doc/openssl/html/man3/X509_up_ref.html
+usr/share/doc/openssl/html/man3/X509_VAL_free.html
+usr/share/doc/openssl/html/man3/X509_VAL_new.html
+usr/share/doc/openssl/html/man3/X509_verify.html
+usr/share/doc/openssl/html/man3/X509_verify_cert.html
+usr/share/doc/openssl/html/man3/X509_verify_cert_error_string.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_add0_policy.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_add1_host.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_clear_flags.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get0_peername.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_auth_level.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_depth.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_flags.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_hostflags.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_inh_flags.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_get_time.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_email.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_host.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_ip.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_ip_asc.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set1_policies.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_auth_level.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_depth.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_flags.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_hostflags.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_inh_flags.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_purpose.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_time.html
+usr/share/doc/openssl/html/man3/X509_VERIFY_PARAM_set_trust.html
+usr/share/doc/openssl/html/man3/X509V3_add1_i2d.html
+usr/share/doc/openssl/html/man3/X509v3_add_ext.html
+usr/share/doc/openssl/html/man3/X509v3_delete_ext.html
+usr/share/doc/openssl/html/man3/X509V3_EXT_d2i.html
+usr/share/doc/openssl/html/man3/X509V3_EXT_i2d.html
+usr/share/doc/openssl/html/man3/X509V3_get_d2i.html
+usr/share/doc/openssl/html/man3/X509v3_get_ext.html
+usr/share/doc/openssl/html/man3/X509v3_get_ext_by_critical.html
+usr/share/doc/openssl/html/man3/X509v3_get_ext_by_NID.html
+usr/share/doc/openssl/html/man3/X509v3_get_ext_by_OBJ.html
+usr/share/doc/openssl/html/man3/X509v3_get_ext_count.html
+usr/share/doc/openssl/html/man5/
+usr/share/doc/openssl/html/man5/config.html
+usr/share/doc/openssl/html/man5/x509v3_config.html
+usr/share/doc/openssl/html/man7/
+usr/share/doc/openssl/html/man7/bio.html
+usr/share/doc/openssl/html/man7/crypto.html
+usr/share/doc/openssl/html/man7/ct.html
+usr/share/doc/openssl/html/man7/des_modes.html
+usr/share/doc/openssl/html/man7/Ed25519.html
+usr/share/doc/openssl/html/man7/Ed448.html
+usr/share/doc/openssl/html/man7/evp.html
+usr/share/doc/openssl/html/man7/ossl_store-file.html
+usr/share/doc/openssl/html/man7/ossl_store.html
+usr/share/doc/openssl/html/man7/passphrase-encoding.html
+usr/share/doc/openssl/html/man7/RAND.html
+usr/share/doc/openssl/html/man7/RAND_DRBG.html
+usr/share/doc/openssl/html/man7/RSA-PSS.html
+usr/share/doc/openssl/html/man7/scrypt.html
+usr/share/doc/openssl/html/man7/SM2.html
+usr/share/doc/openssl/html/man7/ssl.html
+usr/share/doc/openssl/html/man7/X25519.html
+usr/share/doc/openssl/html/man7/X448.html
+usr/share/doc/openssl/html/man7/x509.html
+usr/share/licenses/
+usr/share/licenses/openssl/
+usr/share/licenses/openssl/LICENSE
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/asn1parse.1ssl.gz
+usr/share/man/man1/c_rehash.1ssl.gz
+usr/share/man/man1/ca.1ssl.gz
+usr/share/man/man1/CA.pl.1ssl.gz
+usr/share/man/man1/ciphers.1ssl.gz
+usr/share/man/man1/cms.1ssl.gz
+usr/share/man/man1/crl.1ssl.gz
+usr/share/man/man1/crl2pkcs7.1ssl.gz
+usr/share/man/man1/dgst.1ssl.gz
+usr/share/man/man1/dhparam.1ssl.gz
+usr/share/man/man1/dsa.1ssl.gz
+usr/share/man/man1/dsaparam.1ssl.gz
+usr/share/man/man1/ec.1ssl.gz
+usr/share/man/man1/ecparam.1ssl.gz
+usr/share/man/man1/enc.1ssl.gz
+usr/share/man/man1/engine.1ssl.gz
+usr/share/man/man1/errstr.1ssl.gz
+usr/share/man/man1/gendsa.1ssl.gz
+usr/share/man/man1/genpkey.1ssl.gz
+usr/share/man/man1/genrsa.1ssl.gz
+usr/share/man/man1/list.1ssl.gz
+usr/share/man/man1/nseq.1ssl.gz
+usr/share/man/man1/ocsp.1ssl.gz
+usr/share/man/man1/openssl-asn1parse.1ssl.gz
+usr/share/man/man1/openssl-c_rehash.1ssl.gz
+usr/share/man/man1/openssl-ca.1ssl.gz
+usr/share/man/man1/openssl-ciphers.1ssl.gz
+usr/share/man/man1/openssl-cms.1ssl.gz
+usr/share/man/man1/openssl-crl.1ssl.gz
+usr/share/man/man1/openssl-crl2pkcs7.1ssl.gz
+usr/share/man/man1/openssl-dgst.1ssl.gz
+usr/share/man/man1/openssl-dhparam.1ssl.gz
+usr/share/man/man1/openssl-dsa.1ssl.gz
+usr/share/man/man1/openssl-dsaparam.1ssl.gz
+usr/share/man/man1/openssl-ec.1ssl.gz
+usr/share/man/man1/openssl-ecparam.1ssl.gz
+usr/share/man/man1/openssl-enc.1ssl.gz
+usr/share/man/man1/openssl-engine.1ssl.gz
+usr/share/man/man1/openssl-errstr.1ssl.gz
+usr/share/man/man1/openssl-gendsa.1ssl.gz
+usr/share/man/man1/openssl-genpkey.1ssl.gz
+usr/share/man/man1/openssl-genrsa.1ssl.gz
+usr/share/man/man1/openssl-list.1ssl.gz
+usr/share/man/man1/openssl-nseq.1ssl.gz
+usr/share/man/man1/openssl-ocsp.1ssl.gz
+usr/share/man/man1/openssl-passwd.1ssl.gz
+usr/share/man/man1/openssl-pkcs12.1ssl.gz
+usr/share/man/man1/openssl-pkcs7.1ssl.gz
+usr/share/man/man1/openssl-pkcs8.1ssl.gz
+usr/share/man/man1/openssl-pkey.1ssl.gz
+usr/share/man/man1/openssl-pkeyparam.1ssl.gz
+usr/share/man/man1/openssl-pkeyutl.1ssl.gz
+usr/share/man/man1/openssl-prime.1ssl.gz
+usr/share/man/man1/openssl-rand.1ssl.gz
+usr/share/man/man1/openssl-rehash.1ssl.gz
+usr/share/man/man1/openssl-req.1ssl.gz
+usr/share/man/man1/openssl-rsa.1ssl.gz
+usr/share/man/man1/openssl-rsautl.1ssl.gz
+usr/share/man/man1/openssl-s_client.1ssl.gz
+usr/share/man/man1/openssl-s_server.1ssl.gz
+usr/share/man/man1/openssl-s_time.1ssl.gz
+usr/share/man/man1/openssl-sess_id.1ssl.gz
+usr/share/man/man1/openssl-smime.1ssl.gz
+usr/share/man/man1/openssl-speed.1ssl.gz
+usr/share/man/man1/openssl-spkac.1ssl.gz
+usr/share/man/man1/openssl-srp.1ssl.gz
+usr/share/man/man1/openssl-storeutl.1ssl.gz
+usr/share/man/man1/openssl-ts.1ssl.gz
+usr/share/man/man1/openssl-tsget.1ssl.gz
+usr/share/man/man1/openssl-verify.1ssl.gz
+usr/share/man/man1/openssl-version.1ssl.gz
+usr/share/man/man1/openssl-x509.1ssl.gz
+usr/share/man/man1/openssl.1ssl.gz
+usr/share/man/man1/passwd.1ssl.gz
+usr/share/man/man1/pkcs12.1ssl.gz
+usr/share/man/man1/pkcs7.1ssl.gz
+usr/share/man/man1/pkcs8.1ssl.gz
+usr/share/man/man1/pkey.1ssl.gz
+usr/share/man/man1/pkeyparam.1ssl.gz
+usr/share/man/man1/pkeyutl.1ssl.gz
+usr/share/man/man1/prime.1ssl.gz
+usr/share/man/man1/rand.1ssl.gz
+usr/share/man/man1/rehash.1ssl.gz
+usr/share/man/man1/req.1ssl.gz
+usr/share/man/man1/rsa.1ssl.gz
+usr/share/man/man1/rsautl.1ssl.gz
+usr/share/man/man1/s_client.1ssl.gz
+usr/share/man/man1/s_server.1ssl.gz
+usr/share/man/man1/s_time.1ssl.gz
+usr/share/man/man1/sess_id.1ssl.gz
+usr/share/man/man1/smime.1ssl.gz
+usr/share/man/man1/speed.1ssl.gz
+usr/share/man/man1/spkac.1ssl.gz
+usr/share/man/man1/srp.1ssl.gz
+usr/share/man/man1/storeutl.1ssl.gz
+usr/share/man/man1/ts.1ssl.gz
+usr/share/man/man1/tsget.1ssl.gz
+usr/share/man/man1/verify.1ssl.gz
+usr/share/man/man1/version.1ssl.gz
+usr/share/man/man1/x509.1ssl.gz
+usr/share/man/man3/
+usr/share/man/man3/ACCESS_DESCRIPTION_free.3ssl.gz
+usr/share/man/man3/ACCESS_DESCRIPTION_new.3ssl.gz
+usr/share/man/man3/ADMISSION_SYNTAX.3ssl.gz
+usr/share/man/man3/ADMISSION_SYNTAX_free.3ssl.gz
+usr/share/man/man3/ADMISSION_SYNTAX_get0_admissionAuthority.3ssl.gz
+usr/share/man/man3/ADMISSION_SYNTAX_get0_contentsOfAdmissions.3ssl.gz
+usr/share/man/man3/ADMISSION_SYNTAX_new.3ssl.gz
+usr/share/man/man3/ADMISSION_SYNTAX_set0_admissionAuthority.3ssl.gz
+usr/share/man/man3/ADMISSION_SYNTAX_set0_contentsOfAdmissions.3ssl.gz
+usr/share/man/man3/ADMISSIONS.3ssl.gz
+usr/share/man/man3/ADMISSIONS_free.3ssl.gz
+usr/share/man/man3/ADMISSIONS_get0_admissionAuthority.3ssl.gz
+usr/share/man/man3/ADMISSIONS_get0_namingAuthority.3ssl.gz
+usr/share/man/man3/ADMISSIONS_get0_professionInfos.3ssl.gz
+usr/share/man/man3/ADMISSIONS_new.3ssl.gz
+usr/share/man/man3/ADMISSIONS_set0_admissionAuthority.3ssl.gz
+usr/share/man/man3/ADMISSIONS_set0_namingAuthority.3ssl.gz
+usr/share/man/man3/ADMISSIONS_set0_professionInfos.3ssl.gz
+usr/share/man/man3/ASIdentifierChoice_free.3ssl.gz
+usr/share/man/man3/ASIdentifierChoice_new.3ssl.gz
+usr/share/man/man3/ASIdentifiers_free.3ssl.gz
+usr/share/man/man3/ASIdentifiers_new.3ssl.gz
+usr/share/man/man3/ASIdOrRange_free.3ssl.gz
+usr/share/man/man3/ASIdOrRange_new.3ssl.gz
+usr/share/man/man3/ASN1_add_oid_module.3ssl.gz
+usr/share/man/man3/ASN1_ENUMERATED_get.3ssl.gz
+usr/share/man/man3/ASN1_ENUMERATED_get_int64.3ssl.gz
+usr/share/man/man3/ASN1_ENUMERATED_set.3ssl.gz
+usr/share/man/man3/ASN1_ENUMERATED_set_int64.3ssl.gz
+usr/share/man/man3/ASN1_ENUMERATED_to_BN.3ssl.gz
+usr/share/man/man3/ASN1_GENERALIZEDTIME_adj.3ssl.gz
+usr/share/man/man3/ASN1_GENERALIZEDTIME_check.3ssl.gz
+usr/share/man/man3/ASN1_GENERALIZEDTIME_print.3ssl.gz
+usr/share/man/man3/ASN1_GENERALIZEDTIME_set.3ssl.gz
+usr/share/man/man3/ASN1_GENERALIZEDTIME_set_string.3ssl.gz
+usr/share/man/man3/ASN1_generate_nconf.3ssl.gz
+usr/share/man/man3/ASN1_generate_v3.3ssl.gz
+usr/share/man/man3/ASN1_INTEGER_get.3ssl.gz
+usr/share/man/man3/ASN1_INTEGER_get_int64.3ssl.gz
+usr/share/man/man3/ASN1_INTEGER_get_uint64.3ssl.gz
+usr/share/man/man3/ASN1_INTEGER_set.3ssl.gz
+usr/share/man/man3/ASN1_INTEGER_set_int64.3ssl.gz
+usr/share/man/man3/ASN1_INTEGER_set_uint64.3ssl.gz
+usr/share/man/man3/ASN1_INTEGER_to_BN.3ssl.gz
+usr/share/man/man3/ASN1_ITEM.3ssl.gz
+usr/share/man/man3/ASN1_ITEM_get.3ssl.gz
+usr/share/man/man3/ASN1_ITEM_lookup.3ssl.gz
+usr/share/man/man3/ASN1_OBJECT_free.3ssl.gz
+usr/share/man/man3/ASN1_OBJECT_new.3ssl.gz
+usr/share/man/man3/ASN1_STRING_cmp.3ssl.gz
+usr/share/man/man3/ASN1_STRING_data.3ssl.gz
+usr/share/man/man3/ASN1_STRING_dup.3ssl.gz
+usr/share/man/man3/ASN1_STRING_free.3ssl.gz
+usr/share/man/man3/ASN1_STRING_get0_data.3ssl.gz
+usr/share/man/man3/ASN1_STRING_length.3ssl.gz
+usr/share/man/man3/ASN1_STRING_new.3ssl.gz
+usr/share/man/man3/ASN1_STRING_print.3ssl.gz
+usr/share/man/man3/ASN1_STRING_print_ex.3ssl.gz
+usr/share/man/man3/ASN1_STRING_print_ex_fp.3ssl.gz
+usr/share/man/man3/ASN1_STRING_set.3ssl.gz
+usr/share/man/man3/ASN1_STRING_TABLE.3ssl.gz
+usr/share/man/man3/ASN1_STRING_TABLE_add.3ssl.gz
+usr/share/man/man3/ASN1_STRING_TABLE_cleanup.3ssl.gz
+usr/share/man/man3/ASN1_STRING_TABLE_get.3ssl.gz
+usr/share/man/man3/ASN1_STRING_to_UTF8.3ssl.gz
+usr/share/man/man3/ASN1_STRING_type.3ssl.gz
+usr/share/man/man3/ASN1_STRING_type_new.3ssl.gz
+usr/share/man/man3/ASN1_tag2str.3ssl.gz
+usr/share/man/man3/ASN1_TIME_adj.3ssl.gz
+usr/share/man/man3/ASN1_TIME_check.3ssl.gz
+usr/share/man/man3/ASN1_TIME_cmp_time_t.3ssl.gz
+usr/share/man/man3/ASN1_TIME_compare.3ssl.gz
+usr/share/man/man3/ASN1_TIME_diff.3ssl.gz
+usr/share/man/man3/ASN1_TIME_normalize.3ssl.gz
+usr/share/man/man3/ASN1_TIME_print.3ssl.gz
+usr/share/man/man3/ASN1_TIME_set.3ssl.gz
+usr/share/man/man3/ASN1_TIME_set_string.3ssl.gz
+usr/share/man/man3/ASN1_TIME_set_string_X509.3ssl.gz
+usr/share/man/man3/ASN1_TIME_to_generalizedtime.3ssl.gz
+usr/share/man/man3/ASN1_TIME_to_tm.3ssl.gz
+usr/share/man/man3/ASN1_TYPE_cmp.3ssl.gz
+usr/share/man/man3/ASN1_TYPE_get.3ssl.gz
+usr/share/man/man3/ASN1_TYPE_pack_sequence.3ssl.gz
+usr/share/man/man3/ASN1_TYPE_set.3ssl.gz
+usr/share/man/man3/ASN1_TYPE_set1.3ssl.gz
+usr/share/man/man3/ASN1_TYPE_unpack_sequence.3ssl.gz
+usr/share/man/man3/ASN1_UTCTIME_adj.3ssl.gz
+usr/share/man/man3/ASN1_UTCTIME_check.3ssl.gz
+usr/share/man/man3/ASN1_UTCTIME_cmp_time_t.3ssl.gz
+usr/share/man/man3/ASN1_UTCTIME_print.3ssl.gz
+usr/share/man/man3/ASN1_UTCTIME_set.3ssl.gz
+usr/share/man/man3/ASN1_UTCTIME_set_string.3ssl.gz
+usr/share/man/man3/ASRange_free.3ssl.gz
+usr/share/man/man3/ASRange_new.3ssl.gz
+usr/share/man/man3/ASYNC_block_pause.3ssl.gz
+usr/share/man/man3/ASYNC_cleanup_thread.3ssl.gz
+usr/share/man/man3/ASYNC_get_current_job.3ssl.gz
+usr/share/man/man3/ASYNC_get_wait_ctx.3ssl.gz
+usr/share/man/man3/ASYNC_init_thread.3ssl.gz
+usr/share/man/man3/ASYNC_is_capable.3ssl.gz
+usr/share/man/man3/ASYNC_pause_job.3ssl.gz
+usr/share/man/man3/ASYNC_start_job.3ssl.gz
+usr/share/man/man3/ASYNC_unblock_pause.3ssl.gz
+usr/share/man/man3/ASYNC_WAIT_CTX_clear_fd.3ssl.gz
+usr/share/man/man3/ASYNC_WAIT_CTX_free.3ssl.gz
+usr/share/man/man3/ASYNC_WAIT_CTX_get_all_fds.3ssl.gz
+usr/share/man/man3/ASYNC_WAIT_CTX_get_changed_fds.3ssl.gz
+usr/share/man/man3/ASYNC_WAIT_CTX_get_fd.3ssl.gz
+usr/share/man/man3/ASYNC_WAIT_CTX_new.3ssl.gz
+usr/share/man/man3/ASYNC_WAIT_CTX_set_wait_fd.3ssl.gz
+usr/share/man/man3/AUTHORITY_INFO_ACCESS_free.3ssl.gz
+usr/share/man/man3/AUTHORITY_INFO_ACCESS_new.3ssl.gz
+usr/share/man/man3/AUTHORITY_KEYID_free.3ssl.gz
+usr/share/man/man3/AUTHORITY_KEYID_new.3ssl.gz
+usr/share/man/man3/BASIC_CONSTRAINTS_free.3ssl.gz
+usr/share/man/man3/BASIC_CONSTRAINTS_new.3ssl.gz
+usr/share/man/man3/BF_cbc_encrypt.3ssl.gz
+usr/share/man/man3/BF_cfb64_encrypt.3ssl.gz
+usr/share/man/man3/BF_decrypt.3ssl.gz
+usr/share/man/man3/BF_ecb_encrypt.3ssl.gz
+usr/share/man/man3/BF_encrypt.3ssl.gz
+usr/share/man/man3/BF_ofb64_encrypt.3ssl.gz
+usr/share/man/man3/BF_options.3ssl.gz
+usr/share/man/man3/BF_set_key.3ssl.gz
+usr/share/man/man3/BIO_accept_ex.3ssl.gz
+usr/share/man/man3/BIO_ADDR.3ssl.gz
+usr/share/man/man3/BIO_ADDR_clear.3ssl.gz
+usr/share/man/man3/BIO_ADDR_family.3ssl.gz
+usr/share/man/man3/BIO_ADDR_free.3ssl.gz
+usr/share/man/man3/BIO_ADDR_hostname_string.3ssl.gz
+usr/share/man/man3/BIO_ADDR_new.3ssl.gz
+usr/share/man/man3/BIO_ADDR_path_string.3ssl.gz
+usr/share/man/man3/BIO_ADDR_rawaddress.3ssl.gz
+usr/share/man/man3/BIO_ADDR_rawmake.3ssl.gz
+usr/share/man/man3/BIO_ADDR_rawport.3ssl.gz
+usr/share/man/man3/BIO_ADDR_service_string.3ssl.gz
+usr/share/man/man3/BIO_ADDRINFO.3ssl.gz
+usr/share/man/man3/BIO_ADDRINFO_address.3ssl.gz
+usr/share/man/man3/BIO_ADDRINFO_family.3ssl.gz
+usr/share/man/man3/BIO_ADDRINFO_free.3ssl.gz
+usr/share/man/man3/BIO_ADDRINFO_next.3ssl.gz
+usr/share/man/man3/BIO_ADDRINFO_protocol.3ssl.gz
+usr/share/man/man3/BIO_ADDRINFO_socktype.3ssl.gz
+usr/share/man/man3/BIO_append_filename.3ssl.gz
+usr/share/man/man3/BIO_bind.3ssl.gz
+usr/share/man/man3/BIO_callback_ctrl.3ssl.gz
+usr/share/man/man3/BIO_callback_fn.3ssl.gz
+usr/share/man/man3/BIO_callback_fn_ex.3ssl.gz
+usr/share/man/man3/BIO_closesocket.3ssl.gz
+usr/share/man/man3/BIO_connect.3ssl.gz
+usr/share/man/man3/BIO_ctrl.3ssl.gz
+usr/share/man/man3/BIO_ctrl_get_read_request.3ssl.gz
+usr/share/man/man3/BIO_ctrl_get_write_guarantee.3ssl.gz
+usr/share/man/man3/BIO_ctrl_pending.3ssl.gz
+usr/share/man/man3/BIO_ctrl_reset_read_request.3ssl.gz
+usr/share/man/man3/BIO_ctrl_wpending.3ssl.gz
+usr/share/man/man3/BIO_debug_callback.3ssl.gz
+usr/share/man/man3/BIO_destroy_bio_pair.3ssl.gz
+usr/share/man/man3/BIO_do_accept.3ssl.gz
+usr/share/man/man3/BIO_do_connect.3ssl.gz
+usr/share/man/man3/BIO_do_handshake.3ssl.gz
+usr/share/man/man3/BIO_eof.3ssl.gz
+usr/share/man/man3/BIO_f_base64.3ssl.gz
+usr/share/man/man3/BIO_f_buffer.3ssl.gz
+usr/share/man/man3/BIO_f_cipher.3ssl.gz
+usr/share/man/man3/BIO_f_md.3ssl.gz
+usr/share/man/man3/BIO_f_null.3ssl.gz
+usr/share/man/man3/BIO_f_ssl.3ssl.gz
+usr/share/man/man3/BIO_find_type.3ssl.gz
+usr/share/man/man3/BIO_flush.3ssl.gz
+usr/share/man/man3/BIO_free.3ssl.gz
+usr/share/man/man3/BIO_free_all.3ssl.gz
+usr/share/man/man3/BIO_get_accept_ip_family.3ssl.gz
+usr/share/man/man3/BIO_get_accept_name.3ssl.gz
+usr/share/man/man3/BIO_get_accept_port.3ssl.gz
+usr/share/man/man3/BIO_get_bind_mode.3ssl.gz
+usr/share/man/man3/BIO_get_buffer_num_lines.3ssl.gz
+usr/share/man/man3/BIO_get_callback.3ssl.gz
+usr/share/man/man3/BIO_get_callback_arg.3ssl.gz
+usr/share/man/man3/BIO_get_callback_ex.3ssl.gz
+usr/share/man/man3/BIO_get_cipher_ctx.3ssl.gz
+usr/share/man/man3/BIO_get_cipher_status.3ssl.gz
+usr/share/man/man3/BIO_get_close.3ssl.gz
+usr/share/man/man3/BIO_get_conn_address.3ssl.gz
+usr/share/man/man3/BIO_get_conn_hostname.3ssl.gz
+usr/share/man/man3/BIO_get_conn_ip_family.3ssl.gz
+usr/share/man/man3/BIO_get_conn_port.3ssl.gz
+usr/share/man/man3/BIO_get_data.3ssl.gz
+usr/share/man/man3/BIO_get_ex_data.3ssl.gz
+usr/share/man/man3/BIO_get_ex_new_index.3ssl.gz
+usr/share/man/man3/BIO_get_fd.3ssl.gz
+usr/share/man/man3/BIO_get_fp.3ssl.gz
+usr/share/man/man3/BIO_get_info_callback.3ssl.gz
+usr/share/man/man3/BIO_get_init.3ssl.gz
+usr/share/man/man3/BIO_get_md.3ssl.gz
+usr/share/man/man3/BIO_get_md_ctx.3ssl.gz
+usr/share/man/man3/BIO_get_mem_data.3ssl.gz
+usr/share/man/man3/BIO_get_mem_ptr.3ssl.gz
+usr/share/man/man3/BIO_get_new_index.3ssl.gz
+usr/share/man/man3/BIO_get_num_renegotiates.3ssl.gz
+usr/share/man/man3/BIO_get_peer_name.3ssl.gz
+usr/share/man/man3/BIO_get_peer_port.3ssl.gz
+usr/share/man/man3/BIO_get_read_request.3ssl.gz
+usr/share/man/man3/BIO_get_retry_BIO.3ssl.gz
+usr/share/man/man3/BIO_get_retry_reason.3ssl.gz
+usr/share/man/man3/BIO_get_shutdown.3ssl.gz
+usr/share/man/man3/BIO_get_ssl.3ssl.gz
+usr/share/man/man3/BIO_get_write_buf_size.3ssl.gz
+usr/share/man/man3/BIO_get_write_guarantee.3ssl.gz
+usr/share/man/man3/BIO_gets.3ssl.gz
+usr/share/man/man3/BIO_hostserv_priorities.3ssl.gz
+usr/share/man/man3/BIO_info_cb.3ssl.gz
+usr/share/man/man3/BIO_int_ctrl.3ssl.gz
+usr/share/man/man3/BIO_listen.3ssl.gz
+usr/share/man/man3/BIO_lookup.3ssl.gz
+usr/share/man/man3/BIO_lookup_ex.3ssl.gz
+usr/share/man/man3/BIO_lookup_type.3ssl.gz
+usr/share/man/man3/BIO_make_bio_pair.3ssl.gz
+usr/share/man/man3/BIO_meth_free.3ssl.gz
+usr/share/man/man3/BIO_meth_get_callback_ctrl.3ssl.gz
+usr/share/man/man3/BIO_meth_get_create.3ssl.gz
+usr/share/man/man3/BIO_meth_get_ctrl.3ssl.gz
+usr/share/man/man3/BIO_meth_get_destroy.3ssl.gz
+usr/share/man/man3/BIO_meth_get_gets.3ssl.gz
+usr/share/man/man3/BIO_meth_get_puts.3ssl.gz
+usr/share/man/man3/BIO_meth_get_read.3ssl.gz
+usr/share/man/man3/BIO_meth_get_read_ex.3ssl.gz
+usr/share/man/man3/BIO_meth_get_write.3ssl.gz
+usr/share/man/man3/BIO_meth_get_write_ex.3ssl.gz
+usr/share/man/man3/BIO_meth_new.3ssl.gz
+usr/share/man/man3/BIO_meth_set_callback_ctrl.3ssl.gz
+usr/share/man/man3/BIO_meth_set_create.3ssl.gz
+usr/share/man/man3/BIO_meth_set_ctrl.3ssl.gz
+usr/share/man/man3/BIO_meth_set_destroy.3ssl.gz
+usr/share/man/man3/BIO_meth_set_gets.3ssl.gz
+usr/share/man/man3/BIO_meth_set_puts.3ssl.gz
+usr/share/man/man3/BIO_meth_set_read.3ssl.gz
+usr/share/man/man3/BIO_meth_set_read_ex.3ssl.gz
+usr/share/man/man3/BIO_meth_set_write.3ssl.gz
+usr/share/man/man3/BIO_meth_set_write_ex.3ssl.gz
+usr/share/man/man3/BIO_method_type.3ssl.gz
+usr/share/man/man3/BIO_new.3ssl.gz
+usr/share/man/man3/BIO_new_accept.3ssl.gz
+usr/share/man/man3/BIO_new_bio_pair.3ssl.gz
+usr/share/man/man3/BIO_new_buffer_ssl_connect.3ssl.gz
+usr/share/man/man3/BIO_new_CMS.3ssl.gz
+usr/share/man/man3/BIO_new_connect.3ssl.gz
+usr/share/man/man3/BIO_new_fd.3ssl.gz
+usr/share/man/man3/BIO_new_file.3ssl.gz
+usr/share/man/man3/BIO_new_fp.3ssl.gz
+usr/share/man/man3/BIO_new_mem_buf.3ssl.gz
+usr/share/man/man3/BIO_new_socket.3ssl.gz
+usr/share/man/man3/BIO_new_ssl.3ssl.gz
+usr/share/man/man3/BIO_new_ssl_connect.3ssl.gz
+usr/share/man/man3/BIO_next.3ssl.gz
+usr/share/man/man3/BIO_parse_hostserv.3ssl.gz
+usr/share/man/man3/BIO_pending.3ssl.gz
+usr/share/man/man3/BIO_pop.3ssl.gz
+usr/share/man/man3/BIO_printf.3ssl.gz
+usr/share/man/man3/BIO_ptr_ctrl.3ssl.gz
+usr/share/man/man3/BIO_push.3ssl.gz
+usr/share/man/man3/BIO_puts.3ssl.gz
+usr/share/man/man3/BIO_read.3ssl.gz
+usr/share/man/man3/BIO_read_ex.3ssl.gz
+usr/share/man/man3/BIO_read_filename.3ssl.gz
+usr/share/man/man3/BIO_reset.3ssl.gz
+usr/share/man/man3/BIO_retry_type.3ssl.gz
+usr/share/man/man3/BIO_rw_filename.3ssl.gz
+usr/share/man/man3/BIO_s_accept.3ssl.gz
+usr/share/man/man3/BIO_s_bio.3ssl.gz
+usr/share/man/man3/BIO_s_connect.3ssl.gz
+usr/share/man/man3/BIO_s_fd.3ssl.gz
+usr/share/man/man3/BIO_s_file.3ssl.gz
+usr/share/man/man3/BIO_s_mem.3ssl.gz
+usr/share/man/man3/BIO_s_null.3ssl.gz
+usr/share/man/man3/BIO_s_secmem.3ssl.gz
+usr/share/man/man3/BIO_s_socket.3ssl.gz
+usr/share/man/man3/BIO_seek.3ssl.gz
+usr/share/man/man3/BIO_set_accept_bios.3ssl.gz
+usr/share/man/man3/BIO_set_accept_ip_family.3ssl.gz
+usr/share/man/man3/BIO_set_accept_name.3ssl.gz
+usr/share/man/man3/BIO_set_accept_port.3ssl.gz
+usr/share/man/man3/BIO_set_bind_mode.3ssl.gz
+usr/share/man/man3/BIO_set_buffer_read_data.3ssl.gz
+usr/share/man/man3/BIO_set_buffer_size.3ssl.gz
+usr/share/man/man3/BIO_set_callback.3ssl.gz
+usr/share/man/man3/BIO_set_callback_arg.3ssl.gz
+usr/share/man/man3/BIO_set_callback_ex.3ssl.gz
+usr/share/man/man3/BIO_set_cipher.3ssl.gz
+usr/share/man/man3/BIO_set_close.3ssl.gz
+usr/share/man/man3/BIO_set_conn_address.3ssl.gz
+usr/share/man/man3/BIO_set_conn_hostname.3ssl.gz
+usr/share/man/man3/BIO_set_conn_ip_family.3ssl.gz
+usr/share/man/man3/BIO_set_conn_port.3ssl.gz
+usr/share/man/man3/BIO_set_data.3ssl.gz
+usr/share/man/man3/BIO_set_ex_data.3ssl.gz
+usr/share/man/man3/BIO_set_fd.3ssl.gz
+usr/share/man/man3/BIO_set_fp.3ssl.gz
+usr/share/man/man3/BIO_set_info_callback.3ssl.gz
+usr/share/man/man3/BIO_set_init.3ssl.gz
+usr/share/man/man3/BIO_set_md.3ssl.gz
+usr/share/man/man3/BIO_set_mem_buf.3ssl.gz
+usr/share/man/man3/BIO_set_mem_eof_return.3ssl.gz
+usr/share/man/man3/BIO_set_nbio.3ssl.gz
+usr/share/man/man3/BIO_set_nbio_accept.3ssl.gz
+usr/share/man/man3/BIO_set_next.3ssl.gz
+usr/share/man/man3/BIO_set_read_buffer_size.3ssl.gz
+usr/share/man/man3/BIO_set_retry_reason.3ssl.gz
+usr/share/man/man3/BIO_set_shutdown.3ssl.gz
+usr/share/man/man3/BIO_set_ssl.3ssl.gz
+usr/share/man/man3/BIO_set_ssl_mode.3ssl.gz
+usr/share/man/man3/BIO_set_ssl_renegotiate_bytes.3ssl.gz
+usr/share/man/man3/BIO_set_ssl_renegotiate_timeout.3ssl.gz
+usr/share/man/man3/BIO_set_write_buf_size.3ssl.gz
+usr/share/man/man3/BIO_set_write_buffer_size.3ssl.gz
+usr/share/man/man3/BIO_should_io_special.3ssl.gz
+usr/share/man/man3/BIO_should_read.3ssl.gz
+usr/share/man/man3/BIO_should_retry.3ssl.gz
+usr/share/man/man3/BIO_should_write.3ssl.gz
+usr/share/man/man3/BIO_shutdown_wr.3ssl.gz
+usr/share/man/man3/BIO_snprintf.3ssl.gz
+usr/share/man/man3/BIO_socket.3ssl.gz
+usr/share/man/man3/BIO_ssl_copy_session_id.3ssl.gz
+usr/share/man/man3/BIO_ssl_shutdown.3ssl.gz
+usr/share/man/man3/BIO_tell.3ssl.gz
+usr/share/man/man3/BIO_up_ref.3ssl.gz
+usr/share/man/man3/BIO_vfree.3ssl.gz
+usr/share/man/man3/BIO_vprintf.3ssl.gz
+usr/share/man/man3/BIO_vsnprintf.3ssl.gz
+usr/share/man/man3/BIO_wpending.3ssl.gz
+usr/share/man/man3/BIO_write.3ssl.gz
+usr/share/man/man3/BIO_write_ex.3ssl.gz
+usr/share/man/man3/BIO_write_filename.3ssl.gz
+usr/share/man/man3/BN_add.3ssl.gz
+usr/share/man/man3/BN_add_word.3ssl.gz
+usr/share/man/man3/BN_bin2bn.3ssl.gz
+usr/share/man/man3/BN_BLINDING_convert.3ssl.gz
+usr/share/man/man3/BN_BLINDING_convert_ex.3ssl.gz
+usr/share/man/man3/BN_BLINDING_create_param.3ssl.gz
+usr/share/man/man3/BN_BLINDING_free.3ssl.gz
+usr/share/man/man3/BN_BLINDING_get_flags.3ssl.gz
+usr/share/man/man3/BN_BLINDING_invert.3ssl.gz
+usr/share/man/man3/BN_BLINDING_invert_ex.3ssl.gz
+usr/share/man/man3/BN_BLINDING_is_current_thread.3ssl.gz
+usr/share/man/man3/BN_BLINDING_lock.3ssl.gz
+usr/share/man/man3/BN_BLINDING_new.3ssl.gz
+usr/share/man/man3/BN_BLINDING_set_current_thread.3ssl.gz
+usr/share/man/man3/BN_BLINDING_set_flags.3ssl.gz
+usr/share/man/man3/BN_BLINDING_unlock.3ssl.gz
+usr/share/man/man3/BN_BLINDING_update.3ssl.gz
+usr/share/man/man3/BN_bn2bin.3ssl.gz
+usr/share/man/man3/BN_bn2binpad.3ssl.gz
+usr/share/man/man3/BN_bn2dec.3ssl.gz
+usr/share/man/man3/BN_bn2hex.3ssl.gz
+usr/share/man/man3/BN_bn2lebinpad.3ssl.gz
+usr/share/man/man3/BN_bn2mpi.3ssl.gz
+usr/share/man/man3/BN_clear.3ssl.gz
+usr/share/man/man3/BN_clear_bit.3ssl.gz
+usr/share/man/man3/BN_clear_free.3ssl.gz
+usr/share/man/man3/BN_cmp.3ssl.gz
+usr/share/man/man3/BN_copy.3ssl.gz
+usr/share/man/man3/BN_CTX_end.3ssl.gz
+usr/share/man/man3/BN_CTX_free.3ssl.gz
+usr/share/man/man3/BN_CTX_get.3ssl.gz
+usr/share/man/man3/BN_CTX_new.3ssl.gz
+usr/share/man/man3/BN_CTX_secure_new.3ssl.gz
+usr/share/man/man3/BN_CTX_start.3ssl.gz
+usr/share/man/man3/BN_dec2bn.3ssl.gz
+usr/share/man/man3/BN_div.3ssl.gz
+usr/share/man/man3/BN_div_recp.3ssl.gz
+usr/share/man/man3/BN_div_word.3ssl.gz
+usr/share/man/man3/BN_dup.3ssl.gz
+usr/share/man/man3/BN_exp.3ssl.gz
+usr/share/man/man3/BN_free.3ssl.gz
+usr/share/man/man3/BN_from_montgomery.3ssl.gz
+usr/share/man/man3/BN_gcd.3ssl.gz
+usr/share/man/man3/BN_GENCB_call.3ssl.gz
+usr/share/man/man3/BN_GENCB_free.3ssl.gz
+usr/share/man/man3/BN_GENCB_get_arg.3ssl.gz
+usr/share/man/man3/BN_GENCB_new.3ssl.gz
+usr/share/man/man3/BN_GENCB_set.3ssl.gz
+usr/share/man/man3/BN_GENCB_set_old.3ssl.gz
+usr/share/man/man3/BN_generate_prime.3ssl.gz
+usr/share/man/man3/BN_generate_prime_ex.3ssl.gz
+usr/share/man/man3/BN_get0_nist_prime_192.3ssl.gz
+usr/share/man/man3/BN_get0_nist_prime_224.3ssl.gz
+usr/share/man/man3/BN_get0_nist_prime_256.3ssl.gz
+usr/share/man/man3/BN_get0_nist_prime_384.3ssl.gz
+usr/share/man/man3/BN_get0_nist_prime_521.3ssl.gz
+usr/share/man/man3/BN_get_rfc2409_prime_1024.3ssl.gz
+usr/share/man/man3/BN_get_rfc2409_prime_768.3ssl.gz
+usr/share/man/man3/BN_get_rfc3526_prime_1536.3ssl.gz
+usr/share/man/man3/BN_get_rfc3526_prime_2048.3ssl.gz
+usr/share/man/man3/BN_get_rfc3526_prime_3072.3ssl.gz
+usr/share/man/man3/BN_get_rfc3526_prime_4096.3ssl.gz
+usr/share/man/man3/BN_get_rfc3526_prime_6144.3ssl.gz
+usr/share/man/man3/BN_get_rfc3526_prime_8192.3ssl.gz
+usr/share/man/man3/BN_get_word.3ssl.gz
+usr/share/man/man3/BN_hex2bn.3ssl.gz
+usr/share/man/man3/BN_is_bit_set.3ssl.gz
+usr/share/man/man3/BN_is_odd.3ssl.gz
+usr/share/man/man3/BN_is_one.3ssl.gz
+usr/share/man/man3/BN_is_prime.3ssl.gz
+usr/share/man/man3/BN_is_prime_ex.3ssl.gz
+usr/share/man/man3/BN_is_prime_fasttest.3ssl.gz
+usr/share/man/man3/BN_is_prime_fasttest_ex.3ssl.gz
+usr/share/man/man3/BN_is_word.3ssl.gz
+usr/share/man/man3/BN_is_zero.3ssl.gz
+usr/share/man/man3/BN_lebin2bn.3ssl.gz
+usr/share/man/man3/BN_lshift.3ssl.gz
+usr/share/man/man3/BN_lshift1.3ssl.gz
+usr/share/man/man3/BN_mask_bits.3ssl.gz
+usr/share/man/man3/BN_mod.3ssl.gz
+usr/share/man/man3/BN_mod_add.3ssl.gz
+usr/share/man/man3/BN_mod_exp.3ssl.gz
+usr/share/man/man3/BN_mod_inverse.3ssl.gz
+usr/share/man/man3/BN_mod_mul.3ssl.gz
+usr/share/man/man3/BN_mod_mul_montgomery.3ssl.gz
+usr/share/man/man3/BN_mod_mul_reciprocal.3ssl.gz
+usr/share/man/man3/BN_mod_sqr.3ssl.gz
+usr/share/man/man3/BN_mod_sub.3ssl.gz
+usr/share/man/man3/BN_mod_word.3ssl.gz
+usr/share/man/man3/BN_MONT_CTX_copy.3ssl.gz
+usr/share/man/man3/BN_MONT_CTX_free.3ssl.gz
+usr/share/man/man3/BN_MONT_CTX_new.3ssl.gz
+usr/share/man/man3/BN_MONT_CTX_set.3ssl.gz
+usr/share/man/man3/BN_mpi2bn.3ssl.gz
+usr/share/man/man3/BN_mul.3ssl.gz
+usr/share/man/man3/BN_mul_word.3ssl.gz
+usr/share/man/man3/BN_new.3ssl.gz
+usr/share/man/man3/BN_nnmod.3ssl.gz
+usr/share/man/man3/BN_num_bits.3ssl.gz
+usr/share/man/man3/BN_num_bits_word.3ssl.gz
+usr/share/man/man3/BN_num_bytes.3ssl.gz
+usr/share/man/man3/BN_one.3ssl.gz
+usr/share/man/man3/BN_print.3ssl.gz
+usr/share/man/man3/BN_print_fp.3ssl.gz
+usr/share/man/man3/BN_priv_rand.3ssl.gz
+usr/share/man/man3/BN_priv_rand_range.3ssl.gz
+usr/share/man/man3/BN_pseudo_rand.3ssl.gz
+usr/share/man/man3/BN_pseudo_rand_range.3ssl.gz
+usr/share/man/man3/BN_rand.3ssl.gz
+usr/share/man/man3/BN_rand_range.3ssl.gz
+usr/share/man/man3/BN_RECP_CTX_free.3ssl.gz
+usr/share/man/man3/BN_RECP_CTX_new.3ssl.gz
+usr/share/man/man3/BN_RECP_CTX_set.3ssl.gz
+usr/share/man/man3/BN_rshift.3ssl.gz
+usr/share/man/man3/BN_rshift1.3ssl.gz
+usr/share/man/man3/BN_secure_new.3ssl.gz
+usr/share/man/man3/BN_security_bits.3ssl.gz
+usr/share/man/man3/BN_set_bit.3ssl.gz
+usr/share/man/man3/BN_set_word.3ssl.gz
+usr/share/man/man3/BN_sqr.3ssl.gz
+usr/share/man/man3/BN_sub.3ssl.gz
+usr/share/man/man3/BN_sub_word.3ssl.gz
+usr/share/man/man3/BN_swap.3ssl.gz
+usr/share/man/man3/BN_to_ASN1_ENUMERATED.3ssl.gz
+usr/share/man/man3/BN_to_ASN1_INTEGER.3ssl.gz
+usr/share/man/man3/BN_to_montgomery.3ssl.gz
+usr/share/man/man3/BN_ucmp.3ssl.gz
+usr/share/man/man3/BN_value_one.3ssl.gz
+usr/share/man/man3/BN_with_flags.3ssl.gz
+usr/share/man/man3/BN_zero.3ssl.gz
+usr/share/man/man3/BUF_MEM_free.3ssl.gz
+usr/share/man/man3/BUF_MEM_grow.3ssl.gz
+usr/share/man/man3/BUF_MEM_grow_clean.3ssl.gz
+usr/share/man/man3/BUF_MEM_new.3ssl.gz
+usr/share/man/man3/BUF_MEM_new_ex.3ssl.gz
+usr/share/man/man3/BUF_reverse.3ssl.gz
+usr/share/man/man3/CERTIFICATEPOLICIES_free.3ssl.gz
+usr/share/man/man3/CERTIFICATEPOLICIES_new.3ssl.gz
+usr/share/man/man3/CMS_add0_cert.3ssl.gz
+usr/share/man/man3/CMS_add0_crl.3ssl.gz
+usr/share/man/man3/CMS_add0_recipient_key.3ssl.gz
+usr/share/man/man3/CMS_add1_cert.3ssl.gz
+usr/share/man/man3/CMS_add1_crl.3ssl.gz
+usr/share/man/man3/CMS_add1_ReceiptRequest.3ssl.gz
+usr/share/man/man3/CMS_add1_recipient_cert.3ssl.gz
+usr/share/man/man3/CMS_add1_signer.3ssl.gz
+usr/share/man/man3/CMS_compress.3ssl.gz
+usr/share/man/man3/CMS_ContentInfo_free.3ssl.gz
+usr/share/man/man3/CMS_ContentInfo_new.3ssl.gz
+usr/share/man/man3/CMS_ContentInfo_print_ctx.3ssl.gz
+usr/share/man/man3/CMS_decrypt.3ssl.gz
+usr/share/man/man3/CMS_encrypt.3ssl.gz
+usr/share/man/man3/CMS_final.3ssl.gz
+usr/share/man/man3/CMS_get0_content.3ssl.gz
+usr/share/man/man3/CMS_get0_eContentType.3ssl.gz
+usr/share/man/man3/CMS_get0_RecipientInfos.3ssl.gz
+usr/share/man/man3/CMS_get0_SignerInfos.3ssl.gz
+usr/share/man/man3/CMS_get0_signers.3ssl.gz
+usr/share/man/man3/CMS_get0_type.3ssl.gz
+usr/share/man/man3/CMS_get1_certs.3ssl.gz
+usr/share/man/man3/CMS_get1_crls.3ssl.gz
+usr/share/man/man3/CMS_get1_ReceiptRequest.3ssl.gz
+usr/share/man/man3/CMS_ReceiptRequest_create0.3ssl.gz
+usr/share/man/man3/CMS_ReceiptRequest_free.3ssl.gz
+usr/share/man/man3/CMS_ReceiptRequest_get0_values.3ssl.gz
+usr/share/man/man3/CMS_ReceiptRequest_new.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_decrypt.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_encrypt.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_kekri_get0_id.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_kekri_id_cmp.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_ktri_cert_cmp.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_ktri_get0_signer_id.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_set0_key.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_set0_pkey.3ssl.gz
+usr/share/man/man3/CMS_RecipientInfo_type.3ssl.gz
+usr/share/man/man3/CMS_set1_eContentType.3ssl.gz
+usr/share/man/man3/CMS_sign.3ssl.gz
+usr/share/man/man3/CMS_sign_receipt.3ssl.gz
+usr/share/man/man3/CMS_SignerInfo_cert_cmp.3ssl.gz
+usr/share/man/man3/CMS_SignerInfo_get0_signature.3ssl.gz
+usr/share/man/man3/CMS_SignerInfo_get0_signer_id.3ssl.gz
+usr/share/man/man3/CMS_SignerInfo_set1_signer_cert.3ssl.gz
+usr/share/man/man3/CMS_SignerInfo_sign.3ssl.gz
+usr/share/man/man3/CMS_uncompress.3ssl.gz
+usr/share/man/man3/CMS_verify.3ssl.gz
+usr/share/man/man3/CMS_verify_receipt.3ssl.gz
+usr/share/man/man3/CONF_modules_finish.3ssl.gz
+usr/share/man/man3/CONF_modules_free.3ssl.gz
+usr/share/man/man3/CONF_modules_load.3ssl.gz
+usr/share/man/man3/CONF_modules_load_file.3ssl.gz
+usr/share/man/man3/CONF_modules_unload.3ssl.gz
+usr/share/man/man3/CRL_DIST_POINTS_free.3ssl.gz
+usr/share/man/man3/CRL_DIST_POINTS_new.3ssl.gz
+usr/share/man/man3/CRYPTO_atomic_add.3ssl.gz
+usr/share/man/man3/CRYPTO_clear_free.3ssl.gz
+usr/share/man/man3/CRYPTO_clear_realloc.3ssl.gz
+usr/share/man/man3/CRYPTO_EX_dup.3ssl.gz
+usr/share/man/man3/CRYPTO_EX_free.3ssl.gz
+usr/share/man/man3/CRYPTO_EX_new.3ssl.gz
+usr/share/man/man3/CRYPTO_free.3ssl.gz
+usr/share/man/man3/CRYPTO_free_ex_data.3ssl.gz
+usr/share/man/man3/CRYPTO_free_ex_index.3ssl.gz
+usr/share/man/man3/CRYPTO_get_alloc_counts.3ssl.gz
+usr/share/man/man3/CRYPTO_get_ex_data.3ssl.gz
+usr/share/man/man3/CRYPTO_get_ex_new_index.3ssl.gz
+usr/share/man/man3/CRYPTO_get_mem_functions.3ssl.gz
+usr/share/man/man3/CRYPTO_malloc.3ssl.gz
+usr/share/man/man3/CRYPTO_mem_ctrl.3ssl.gz
+usr/share/man/man3/CRYPTO_mem_debug_pop.3ssl.gz
+usr/share/man/man3/CRYPTO_mem_debug_push.3ssl.gz
+usr/share/man/man3/CRYPTO_mem_leaks.3ssl.gz
+usr/share/man/man3/CRYPTO_mem_leaks_cb.3ssl.gz
+usr/share/man/man3/CRYPTO_mem_leaks_fp.3ssl.gz
+usr/share/man/man3/CRYPTO_new_ex_data.3ssl.gz
+usr/share/man/man3/CRYPTO_realloc.3ssl.gz
+usr/share/man/man3/CRYPTO_secure_clear_free.3ssl.gz
+usr/share/man/man3/CRYPTO_secure_free.3ssl.gz
+usr/share/man/man3/CRYPTO_secure_malloc.3ssl.gz
+usr/share/man/man3/CRYPTO_secure_malloc_done.3ssl.gz
+usr/share/man/man3/CRYPTO_secure_malloc_init.3ssl.gz
+usr/share/man/man3/CRYPTO_secure_malloc_initialized.3ssl.gz
+usr/share/man/man3/CRYPTO_secure_used.3ssl.gz
+usr/share/man/man3/CRYPTO_secure_zalloc.3ssl.gz
+usr/share/man/man3/CRYPTO_set_ex_data.3ssl.gz
+usr/share/man/man3/CRYPTO_set_mem_debug.3ssl.gz
+usr/share/man/man3/CRYPTO_set_mem_functions.3ssl.gz
+usr/share/man/man3/CRYPTO_strdup.3ssl.gz
+usr/share/man/man3/CRYPTO_strndup.3ssl.gz
+usr/share/man/man3/CRYPTO_THREAD_lock_free.3ssl.gz
+usr/share/man/man3/CRYPTO_THREAD_lock_new.3ssl.gz
+usr/share/man/man3/CRYPTO_THREAD_read_lock.3ssl.gz
+usr/share/man/man3/CRYPTO_THREAD_run_once.3ssl.gz
+usr/share/man/man3/CRYPTO_THREAD_unlock.3ssl.gz
+usr/share/man/man3/CRYPTO_THREAD_write_lock.3ssl.gz
+usr/share/man/man3/CRYPTO_zalloc.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_free.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_cert.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_issuer.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_get0_log_store.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_get_time.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_new.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_set1_cert.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_set1_issuer.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE.3ssl.gz
+usr/share/man/man3/CT_POLICY_EVAL_CTX_set_time.3ssl.gz
+usr/share/man/man3/CTLOG_free.3ssl.gz
+usr/share/man/man3/CTLOG_get0_log_id.3ssl.gz
+usr/share/man/man3/CTLOG_get0_name.3ssl.gz
+usr/share/man/man3/CTLOG_get0_public_key.3ssl.gz
+usr/share/man/man3/CTLOG_new.3ssl.gz
+usr/share/man/man3/CTLOG_new_from_base64.3ssl.gz
+usr/share/man/man3/CTLOG_STORE_free.3ssl.gz
+usr/share/man/man3/CTLOG_STORE_get0_log_by_id.3ssl.gz
+usr/share/man/man3/CTLOG_STORE_load_default_file.3ssl.gz
+usr/share/man/man3/CTLOG_STORE_load_file.3ssl.gz
+usr/share/man/man3/CTLOG_STORE_new.3ssl.gz
+usr/share/man/man3/custom_ext_add_cb.3ssl.gz
+usr/share/man/man3/custom_ext_free_cb.3ssl.gz
+usr/share/man/man3/custom_ext_parse_cb.3ssl.gz
+usr/share/man/man3/d2i_ACCESS_DESCRIPTION.3ssl.gz
+usr/share/man/man3/d2i_ADMISSION_SYNTAX.3ssl.gz
+usr/share/man/man3/d2i_ADMISSIONS.3ssl.gz
+usr/share/man/man3/d2i_ASIdentifierChoice.3ssl.gz
+usr/share/man/man3/d2i_ASIdentifiers.3ssl.gz
+usr/share/man/man3/d2i_ASIdOrRange.3ssl.gz
+usr/share/man/man3/d2i_ASN1_BIT_STRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_BMPSTRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_ENUMERATED.3ssl.gz
+usr/share/man/man3/d2i_ASN1_GENERALIZEDTIME.3ssl.gz
+usr/share/man/man3/d2i_ASN1_GENERALSTRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_IA5STRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_INTEGER.3ssl.gz
+usr/share/man/man3/d2i_ASN1_NULL.3ssl.gz
+usr/share/man/man3/d2i_ASN1_OBJECT.3ssl.gz
+usr/share/man/man3/d2i_ASN1_OCTET_STRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_PRINTABLE.3ssl.gz
+usr/share/man/man3/d2i_ASN1_PRINTABLESTRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_SEQUENCE_ANY.3ssl.gz
+usr/share/man/man3/d2i_ASN1_SET_ANY.3ssl.gz
+usr/share/man/man3/d2i_ASN1_T61STRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_TIME.3ssl.gz
+usr/share/man/man3/d2i_ASN1_TYPE.3ssl.gz
+usr/share/man/man3/d2i_ASN1_UINTEGER.3ssl.gz
+usr/share/man/man3/d2i_ASN1_UNIVERSALSTRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_UTCTIME.3ssl.gz
+usr/share/man/man3/d2i_ASN1_UTF8STRING.3ssl.gz
+usr/share/man/man3/d2i_ASN1_VISIBLESTRING.3ssl.gz
+usr/share/man/man3/d2i_ASRange.3ssl.gz
+usr/share/man/man3/d2i_AUTHORITY_INFO_ACCESS.3ssl.gz
+usr/share/man/man3/d2i_AUTHORITY_KEYID.3ssl.gz
+usr/share/man/man3/d2i_AutoPrivateKey.3ssl.gz
+usr/share/man/man3/d2i_BASIC_CONSTRAINTS.3ssl.gz
+usr/share/man/man3/d2i_CERTIFICATEPOLICIES.3ssl.gz
+usr/share/man/man3/d2i_CMS_bio.3ssl.gz
+usr/share/man/man3/d2i_CMS_ContentInfo.3ssl.gz
+usr/share/man/man3/d2i_CMS_ReceiptRequest.3ssl.gz
+usr/share/man/man3/d2i_CRL_DIST_POINTS.3ssl.gz
+usr/share/man/man3/d2i_DHparams.3ssl.gz
+usr/share/man/man3/d2i_DHxparams.3ssl.gz
+usr/share/man/man3/d2i_DIRECTORYSTRING.3ssl.gz
+usr/share/man/man3/d2i_DISPLAYTEXT.3ssl.gz
+usr/share/man/man3/d2i_DIST_POINT.3ssl.gz
+usr/share/man/man3/d2i_DIST_POINT_NAME.3ssl.gz
+usr/share/man/man3/d2i_DSA_PUBKEY.3ssl.gz
+usr/share/man/man3/d2i_DSA_PUBKEY_bio.3ssl.gz
+usr/share/man/man3/d2i_DSA_PUBKEY_fp.3ssl.gz
+usr/share/man/man3/d2i_DSA_SIG.3ssl.gz
+usr/share/man/man3/d2i_DSAparams.3ssl.gz
+usr/share/man/man3/d2i_DSAPrivateKey.3ssl.gz
+usr/share/man/man3/d2i_DSAPrivateKey_bio.3ssl.gz
+usr/share/man/man3/d2i_DSAPrivateKey_fp.3ssl.gz
+usr/share/man/man3/d2i_DSAPublicKey.3ssl.gz
+usr/share/man/man3/d2i_EC_PUBKEY.3ssl.gz
+usr/share/man/man3/d2i_EC_PUBKEY_bio.3ssl.gz
+usr/share/man/man3/d2i_EC_PUBKEY_fp.3ssl.gz
+usr/share/man/man3/d2i_ECDSA_SIG.3ssl.gz
+usr/share/man/man3/d2i_ECParameters.3ssl.gz
+usr/share/man/man3/d2i_ECPKParameters.3ssl.gz
+usr/share/man/man3/d2i_ECPrivateKey.3ssl.gz
+usr/share/man/man3/d2i_ECPrivateKey_bio.3ssl.gz
+usr/share/man/man3/d2i_ECPrivateKey_fp.3ssl.gz
+usr/share/man/man3/d2i_EDIPARTYNAME.3ssl.gz
+usr/share/man/man3/d2i_ESS_CERT_ID.3ssl.gz
+usr/share/man/man3/d2i_ESS_ISSUER_SERIAL.3ssl.gz
+usr/share/man/man3/d2i_ESS_SIGNING_CERT.3ssl.gz
+usr/share/man/man3/d2i_EXTENDED_KEY_USAGE.3ssl.gz
+usr/share/man/man3/d2i_GENERAL_NAME.3ssl.gz
+usr/share/man/man3/d2i_GENERAL_NAMES.3ssl.gz
+usr/share/man/man3/d2i_IPAddressChoice.3ssl.gz
+usr/share/man/man3/d2i_IPAddressFamily.3ssl.gz
+usr/share/man/man3/d2i_IPAddressOrRange.3ssl.gz
+usr/share/man/man3/d2i_IPAddressRange.3ssl.gz
+usr/share/man/man3/d2i_ISSUING_DIST_POINT.3ssl.gz
+usr/share/man/man3/d2i_NAMING_AUTHORITY.3ssl.gz
+usr/share/man/man3/d2i_NETSCAPE_CERT_SEQUENCE.3ssl.gz
+usr/share/man/man3/d2i_NETSCAPE_SPKAC.3ssl.gz
+usr/share/man/man3/d2i_NETSCAPE_SPKI.3ssl.gz
+usr/share/man/man3/d2i_NOTICEREF.3ssl.gz
+usr/share/man/man3/d2i_OCSP_BASICRESP.3ssl.gz
+usr/share/man/man3/d2i_OCSP_CERTID.3ssl.gz
+usr/share/man/man3/d2i_OCSP_CERTSTATUS.3ssl.gz
+usr/share/man/man3/d2i_OCSP_CRLID.3ssl.gz
+usr/share/man/man3/d2i_OCSP_ONEREQ.3ssl.gz
+usr/share/man/man3/d2i_OCSP_REQINFO.3ssl.gz
+usr/share/man/man3/d2i_OCSP_REQUEST.3ssl.gz
+usr/share/man/man3/d2i_OCSP_RESPBYTES.3ssl.gz
+usr/share/man/man3/d2i_OCSP_RESPDATA.3ssl.gz
+usr/share/man/man3/d2i_OCSP_RESPID.3ssl.gz
+usr/share/man/man3/d2i_OCSP_RESPONSE.3ssl.gz
+usr/share/man/man3/d2i_OCSP_REVOKEDINFO.3ssl.gz
+usr/share/man/man3/d2i_OCSP_SERVICELOC.3ssl.gz
+usr/share/man/man3/d2i_OCSP_SIGNATURE.3ssl.gz
+usr/share/man/man3/d2i_OCSP_SINGLERESP.3ssl.gz
+usr/share/man/man3/d2i_OTHERNAME.3ssl.gz
+usr/share/man/man3/d2i_PBE2PARAM.3ssl.gz
+usr/share/man/man3/d2i_PBEPARAM.3ssl.gz
+usr/share/man/man3/d2i_PBKDF2PARAM.3ssl.gz
+usr/share/man/man3/d2i_PKCS12.3ssl.gz
+usr/share/man/man3/d2i_PKCS12_BAGS.3ssl.gz
+usr/share/man/man3/d2i_PKCS12_bio.3ssl.gz
+usr/share/man/man3/d2i_PKCS12_fp.3ssl.gz
+usr/share/man/man3/d2i_PKCS12_MAC_DATA.3ssl.gz
+usr/share/man/man3/d2i_PKCS12_SAFEBAG.3ssl.gz
+usr/share/man/man3/d2i_PKCS7.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_bio.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_DIGEST.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_ENC_CONTENT.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_ENCRYPT.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_ENVELOPE.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_fp.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_ISSUER_AND_SERIAL.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_RECIP_INFO.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_SIGN_ENVELOPE.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_SIGNED.3ssl.gz
+usr/share/man/man3/d2i_PKCS7_SIGNER_INFO.3ssl.gz
+usr/share/man/man3/d2i_PKCS8_bio.3ssl.gz
+usr/share/man/man3/d2i_PKCS8_fp.3ssl.gz
+usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO.3ssl.gz
+usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO_bio.3ssl.gz
+usr/share/man/man3/d2i_PKCS8_PRIV_KEY_INFO_fp.3ssl.gz
+usr/share/man/man3/d2i_PKCS8PrivateKey_bio.3ssl.gz
+usr/share/man/man3/d2i_PKCS8PrivateKey_fp.3ssl.gz
+usr/share/man/man3/d2i_PKEY_USAGE_PERIOD.3ssl.gz
+usr/share/man/man3/d2i_POLICYINFO.3ssl.gz
+usr/share/man/man3/d2i_POLICYQUALINFO.3ssl.gz
+usr/share/man/man3/d2i_PrivateKey.3ssl.gz
+usr/share/man/man3/d2i_PrivateKey_bio.3ssl.gz
+usr/share/man/man3/d2i_PrivateKey_fp.3ssl.gz
+usr/share/man/man3/d2i_PROFESSION_INFO.3ssl.gz
+usr/share/man/man3/d2i_PROXY_CERT_INFO_EXTENSION.3ssl.gz
+usr/share/man/man3/d2i_PROXY_POLICY.3ssl.gz
+usr/share/man/man3/d2i_PUBKEY.3ssl.gz
+usr/share/man/man3/d2i_PUBKEY_bio.3ssl.gz
+usr/share/man/man3/d2i_PUBKEY_fp.3ssl.gz
+usr/share/man/man3/d2i_PublicKey.3ssl.gz
+usr/share/man/man3/d2i_RSA_OAEP_PARAMS.3ssl.gz
+usr/share/man/man3/d2i_RSA_PSS_PARAMS.3ssl.gz
+usr/share/man/man3/d2i_RSA_PUBKEY.3ssl.gz
+usr/share/man/man3/d2i_RSA_PUBKEY_bio.3ssl.gz
+usr/share/man/man3/d2i_RSA_PUBKEY_fp.3ssl.gz
+usr/share/man/man3/d2i_RSAPrivateKey.3ssl.gz
+usr/share/man/man3/d2i_RSAPrivateKey_bio.3ssl.gz
+usr/share/man/man3/d2i_RSAPrivateKey_fp.3ssl.gz
+usr/share/man/man3/d2i_RSAPublicKey.3ssl.gz
+usr/share/man/man3/d2i_RSAPublicKey_bio.3ssl.gz
+usr/share/man/man3/d2i_RSAPublicKey_fp.3ssl.gz
+usr/share/man/man3/d2i_SCRYPT_PARAMS.3ssl.gz
+usr/share/man/man3/d2i_SCT_LIST.3ssl.gz
+usr/share/man/man3/d2i_SSL_SESSION.3ssl.gz
+usr/share/man/man3/d2i_SXNET.3ssl.gz
+usr/share/man/man3/d2i_SXNETID.3ssl.gz
+usr/share/man/man3/d2i_TS_ACCURACY.3ssl.gz
+usr/share/man/man3/d2i_TS_MSG_IMPRINT.3ssl.gz
+usr/share/man/man3/d2i_TS_MSG_IMPRINT_bio.3ssl.gz
+usr/share/man/man3/d2i_TS_MSG_IMPRINT_fp.3ssl.gz
+usr/share/man/man3/d2i_TS_REQ.3ssl.gz
+usr/share/man/man3/d2i_TS_REQ_bio.3ssl.gz
+usr/share/man/man3/d2i_TS_REQ_fp.3ssl.gz
+usr/share/man/man3/d2i_TS_RESP.3ssl.gz
+usr/share/man/man3/d2i_TS_RESP_bio.3ssl.gz
+usr/share/man/man3/d2i_TS_RESP_fp.3ssl.gz
+usr/share/man/man3/d2i_TS_STATUS_INFO.3ssl.gz
+usr/share/man/man3/d2i_TS_TST_INFO.3ssl.gz
+usr/share/man/man3/d2i_TS_TST_INFO_bio.3ssl.gz
+usr/share/man/man3/d2i_TS_TST_INFO_fp.3ssl.gz
+usr/share/man/man3/d2i_USERNOTICE.3ssl.gz
+usr/share/man/man3/d2i_X509.3ssl.gz
+usr/share/man/man3/d2i_X509_ALGOR.3ssl.gz
+usr/share/man/man3/d2i_X509_ALGORS.3ssl.gz
+usr/share/man/man3/d2i_X509_ATTRIBUTE.3ssl.gz
+usr/share/man/man3/d2i_X509_AUX.3ssl.gz
+usr/share/man/man3/d2i_X509_CERT_AUX.3ssl.gz
+usr/share/man/man3/d2i_X509_CINF.3ssl.gz
+usr/share/man/man3/d2i_X509_CRL.3ssl.gz
+usr/share/man/man3/d2i_X509_CRL_bio.3ssl.gz
+usr/share/man/man3/d2i_X509_CRL_fp.3ssl.gz
+usr/share/man/man3/d2i_X509_CRL_INFO.3ssl.gz
+usr/share/man/man3/d2i_X509_EXTENSION.3ssl.gz
+usr/share/man/man3/d2i_X509_EXTENSIONS.3ssl.gz
+usr/share/man/man3/d2i_X509_NAME.3ssl.gz
+usr/share/man/man3/d2i_X509_NAME_ENTRY.3ssl.gz
+usr/share/man/man3/d2i_X509_PUBKEY.3ssl.gz
+usr/share/man/man3/d2i_X509_REQ.3ssl.gz
+usr/share/man/man3/d2i_X509_REQ_bio.3ssl.gz
+usr/share/man/man3/d2i_X509_REQ_fp.3ssl.gz
+usr/share/man/man3/d2i_X509_REQ_INFO.3ssl.gz
+usr/share/man/man3/d2i_X509_REVOKED.3ssl.gz
+usr/share/man/man3/d2i_X509_SIG.3ssl.gz
+usr/share/man/man3/d2i_X509_VAL.3ssl.gz
+usr/share/man/man3/DECLARE_ASN1_FUNCTIONS.3ssl.gz
+usr/share/man/man3/DECLARE_LHASH_OF.3ssl.gz
+usr/share/man/man3/DECLARE_PEM_rw.3ssl.gz
+usr/share/man/man3/DEFINE_SPECIAL_STACK_OF.3ssl.gz
+usr/share/man/man3/DEFINE_SPECIAL_STACK_OF_CONST.3ssl.gz
+usr/share/man/man3/DEFINE_STACK_OF.3ssl.gz
+usr/share/man/man3/DEFINE_STACK_OF_CONST.3ssl.gz
+usr/share/man/man3/DES_cbc_cksum.3ssl.gz
+usr/share/man/man3/DES_cfb64_encrypt.3ssl.gz
+usr/share/man/man3/DES_cfb_encrypt.3ssl.gz
+usr/share/man/man3/DES_crypt.3ssl.gz
+usr/share/man/man3/DES_ecb2_encrypt.3ssl.gz
+usr/share/man/man3/DES_ecb3_encrypt.3ssl.gz
+usr/share/man/man3/DES_ecb_encrypt.3ssl.gz
+usr/share/man/man3/DES_ede2_cbc_encrypt.3ssl.gz
+usr/share/man/man3/DES_ede2_cfb64_encrypt.3ssl.gz
+usr/share/man/man3/DES_ede2_ofb64_encrypt.3ssl.gz
+usr/share/man/man3/DES_ede3_cbc_encrypt.3ssl.gz
+usr/share/man/man3/DES_ede3_cfb64_encrypt.3ssl.gz
+usr/share/man/man3/DES_ede3_ofb64_encrypt.3ssl.gz
+usr/share/man/man3/DES_fcrypt.3ssl.gz
+usr/share/man/man3/DES_is_weak_key.3ssl.gz
+usr/share/man/man3/DES_key_sched.3ssl.gz
+usr/share/man/man3/DES_ncbc_encrypt.3ssl.gz
+usr/share/man/man3/DES_ofb64_encrypt.3ssl.gz
+usr/share/man/man3/DES_ofb_encrypt.3ssl.gz
+usr/share/man/man3/DES_pcbc_encrypt.3ssl.gz
+usr/share/man/man3/DES_quad_cksum.3ssl.gz
+usr/share/man/man3/DES_random_key.3ssl.gz
+usr/share/man/man3/DES_set_key.3ssl.gz
+usr/share/man/man3/DES_set_key_checked.3ssl.gz
+usr/share/man/man3/DES_set_key_unchecked.3ssl.gz
+usr/share/man/man3/DES_set_odd_parity.3ssl.gz
+usr/share/man/man3/DES_string_to_2keys.3ssl.gz
+usr/share/man/man3/DES_string_to_key.3ssl.gz
+usr/share/man/man3/DES_xcbc_encrypt.3ssl.gz
+usr/share/man/man3/DH_bits.3ssl.gz
+usr/share/man/man3/DH_check.3ssl.gz
+usr/share/man/man3/DH_check_ex.3ssl.gz
+usr/share/man/man3/DH_check_params.3ssl.gz
+usr/share/man/man3/DH_check_params_ex.3ssl.gz
+usr/share/man/man3/DH_check_pub_key_ex.3ssl.gz
+usr/share/man/man3/DH_clear_flags.3ssl.gz
+usr/share/man/man3/DH_compute_key.3ssl.gz
+usr/share/man/man3/DH_free.3ssl.gz
+usr/share/man/man3/DH_generate_key.3ssl.gz
+usr/share/man/man3/DH_generate_parameters.3ssl.gz
+usr/share/man/man3/DH_generate_parameters_ex.3ssl.gz
+usr/share/man/man3/DH_get0_engine.3ssl.gz
+usr/share/man/man3/DH_get0_g.3ssl.gz
+usr/share/man/man3/DH_get0_key.3ssl.gz
+usr/share/man/man3/DH_get0_p.3ssl.gz
+usr/share/man/man3/DH_get0_pqg.3ssl.gz
+usr/share/man/man3/DH_get0_priv_key.3ssl.gz
+usr/share/man/man3/DH_get0_pub_key.3ssl.gz
+usr/share/man/man3/DH_get0_q.3ssl.gz
+usr/share/man/man3/DH_get_1024_160.3ssl.gz
+usr/share/man/man3/DH_get_2048_224.3ssl.gz
+usr/share/man/man3/DH_get_2048_256.3ssl.gz
+usr/share/man/man3/DH_get_default_method.3ssl.gz
+usr/share/man/man3/DH_get_ex_data.3ssl.gz
+usr/share/man/man3/DH_get_ex_new_index.3ssl.gz
+usr/share/man/man3/DH_get_length.3ssl.gz
+usr/share/man/man3/DH_get_nid.3ssl.gz
+usr/share/man/man3/DH_meth_dup.3ssl.gz
+usr/share/man/man3/DH_meth_free.3ssl.gz
+usr/share/man/man3/DH_meth_get0_app_data.3ssl.gz
+usr/share/man/man3/DH_meth_get0_name.3ssl.gz
+usr/share/man/man3/DH_meth_get_bn_mod_exp.3ssl.gz
+usr/share/man/man3/DH_meth_get_compute_key.3ssl.gz
+usr/share/man/man3/DH_meth_get_finish.3ssl.gz
+usr/share/man/man3/DH_meth_get_flags.3ssl.gz
+usr/share/man/man3/DH_meth_get_generate_key.3ssl.gz
+usr/share/man/man3/DH_meth_get_generate_params.3ssl.gz
+usr/share/man/man3/DH_meth_get_init.3ssl.gz
+usr/share/man/man3/DH_meth_new.3ssl.gz
+usr/share/man/man3/DH_meth_set0_app_data.3ssl.gz
+usr/share/man/man3/DH_meth_set1_name.3ssl.gz
+usr/share/man/man3/DH_meth_set_bn_mod_exp.3ssl.gz
+usr/share/man/man3/DH_meth_set_compute_key.3ssl.gz
+usr/share/man/man3/DH_meth_set_finish.3ssl.gz
+usr/share/man/man3/DH_meth_set_flags.3ssl.gz
+usr/share/man/man3/DH_meth_set_generate_key.3ssl.gz
+usr/share/man/man3/DH_meth_set_generate_params.3ssl.gz
+usr/share/man/man3/DH_meth_set_init.3ssl.gz
+usr/share/man/man3/DH_new.3ssl.gz
+usr/share/man/man3/DH_new_by_nid.3ssl.gz
+usr/share/man/man3/DH_new_method.3ssl.gz
+usr/share/man/man3/DH_OpenSSL.3ssl.gz
+usr/share/man/man3/DH_security_bits.3ssl.gz
+usr/share/man/man3/DH_set0_key.3ssl.gz
+usr/share/man/man3/DH_set0_pqg.3ssl.gz
+usr/share/man/man3/DH_set_default_method.3ssl.gz
+usr/share/man/man3/DH_set_ex_data.3ssl.gz
+usr/share/man/man3/DH_set_flags.3ssl.gz
+usr/share/man/man3/DH_set_length.3ssl.gz
+usr/share/man/man3/DH_set_method.3ssl.gz
+usr/share/man/man3/DH_size.3ssl.gz
+usr/share/man/man3/DH_test_flags.3ssl.gz
+usr/share/man/man3/DHparams_print.3ssl.gz
+usr/share/man/man3/DHparams_print_fp.3ssl.gz
+usr/share/man/man3/DIRECTORYSTRING_free.3ssl.gz
+usr/share/man/man3/DIRECTORYSTRING_new.3ssl.gz
+usr/share/man/man3/DISPLAYTEXT_free.3ssl.gz
+usr/share/man/man3/DISPLAYTEXT_new.3ssl.gz
+usr/share/man/man3/DIST_POINT_free.3ssl.gz
+usr/share/man/man3/DIST_POINT_NAME_free.3ssl.gz
+usr/share/man/man3/DIST_POINT_NAME_new.3ssl.gz
+usr/share/man/man3/DIST_POINT_new.3ssl.gz
+usr/share/man/man3/DSA_bits.3ssl.gz
+usr/share/man/man3/DSA_clear_flags.3ssl.gz
+usr/share/man/man3/DSA_do_sign.3ssl.gz
+usr/share/man/man3/DSA_do_verify.3ssl.gz
+usr/share/man/man3/DSA_dup_DH.3ssl.gz
+usr/share/man/man3/DSA_free.3ssl.gz
+usr/share/man/man3/DSA_generate_key.3ssl.gz
+usr/share/man/man3/DSA_generate_parameters.3ssl.gz
+usr/share/man/man3/DSA_generate_parameters_ex.3ssl.gz
+usr/share/man/man3/DSA_get0_engine.3ssl.gz
+usr/share/man/man3/DSA_get0_g.3ssl.gz
+usr/share/man/man3/DSA_get0_key.3ssl.gz
+usr/share/man/man3/DSA_get0_p.3ssl.gz
+usr/share/man/man3/DSA_get0_pqg.3ssl.gz
+usr/share/man/man3/DSA_get0_priv_key.3ssl.gz
+usr/share/man/man3/DSA_get0_pub_key.3ssl.gz
+usr/share/man/man3/DSA_get0_q.3ssl.gz
+usr/share/man/man3/DSA_get_default_method.3ssl.gz
+usr/share/man/man3/DSA_get_ex_data.3ssl.gz
+usr/share/man/man3/DSA_get_ex_new_index.3ssl.gz
+usr/share/man/man3/DSA_meth_dup.3ssl.gz
+usr/share/man/man3/DSA_meth_free.3ssl.gz
+usr/share/man/man3/DSA_meth_get0_app_data.3ssl.gz
+usr/share/man/man3/DSA_meth_get0_name.3ssl.gz
+usr/share/man/man3/DSA_meth_get_bn_mod_exp.3ssl.gz
+usr/share/man/man3/DSA_meth_get_finish.3ssl.gz
+usr/share/man/man3/DSA_meth_get_flags.3ssl.gz
+usr/share/man/man3/DSA_meth_get_init.3ssl.gz
+usr/share/man/man3/DSA_meth_get_keygen.3ssl.gz
+usr/share/man/man3/DSA_meth_get_mod_exp.3ssl.gz
+usr/share/man/man3/DSA_meth_get_paramgen.3ssl.gz
+usr/share/man/man3/DSA_meth_get_sign.3ssl.gz
+usr/share/man/man3/DSA_meth_get_sign_setup.3ssl.gz
+usr/share/man/man3/DSA_meth_get_verify.3ssl.gz
+usr/share/man/man3/DSA_meth_new.3ssl.gz
+usr/share/man/man3/DSA_meth_set0_app_data.3ssl.gz
+usr/share/man/man3/DSA_meth_set1_name.3ssl.gz
+usr/share/man/man3/DSA_meth_set_bn_mod_exp.3ssl.gz
+usr/share/man/man3/DSA_meth_set_finish.3ssl.gz
+usr/share/man/man3/DSA_meth_set_flags.3ssl.gz
+usr/share/man/man3/DSA_meth_set_init.3ssl.gz
+usr/share/man/man3/DSA_meth_set_keygen.3ssl.gz
+usr/share/man/man3/DSA_meth_set_mod_exp.3ssl.gz
+usr/share/man/man3/DSA_meth_set_paramgen.3ssl.gz
+usr/share/man/man3/DSA_meth_set_sign.3ssl.gz
+usr/share/man/man3/DSA_meth_set_sign_setup.3ssl.gz
+usr/share/man/man3/DSA_meth_set_verify.3ssl.gz
+usr/share/man/man3/DSA_new.3ssl.gz
+usr/share/man/man3/DSA_new_method.3ssl.gz
+usr/share/man/man3/DSA_OpenSSL.3ssl.gz
+usr/share/man/man3/DSA_print.3ssl.gz
+usr/share/man/man3/DSA_print_fp.3ssl.gz
+usr/share/man/man3/DSA_security_bits.3ssl.gz
+usr/share/man/man3/DSA_set0_key.3ssl.gz
+usr/share/man/man3/DSA_set0_pqg.3ssl.gz
+usr/share/man/man3/DSA_set_default_method.3ssl.gz
+usr/share/man/man3/DSA_set_ex_data.3ssl.gz
+usr/share/man/man3/DSA_set_flags.3ssl.gz
+usr/share/man/man3/DSA_set_method.3ssl.gz
+usr/share/man/man3/DSA_SIG_free.3ssl.gz
+usr/share/man/man3/DSA_SIG_get0.3ssl.gz
+usr/share/man/man3/DSA_SIG_new.3ssl.gz
+usr/share/man/man3/DSA_SIG_set0.3ssl.gz
+usr/share/man/man3/DSA_sign.3ssl.gz
+usr/share/man/man3/DSA_sign_setup.3ssl.gz
+usr/share/man/man3/DSA_size.3ssl.gz
+usr/share/man/man3/DSA_test_flags.3ssl.gz
+usr/share/man/man3/DSA_verify.3ssl.gz
+usr/share/man/man3/DSAparams_dup.3ssl.gz
+usr/share/man/man3/DSAparams_print.3ssl.gz
+usr/share/man/man3/DSAparams_print_fp.3ssl.gz
+usr/share/man/man3/DTLS_client_method.3ssl.gz
+usr/share/man/man3/DTLS_get_data_mtu.3ssl.gz
+usr/share/man/man3/DTLS_method.3ssl.gz
+usr/share/man/man3/DTLS_server_method.3ssl.gz
+usr/share/man/man3/DTLS_set_timer_cb.3ssl.gz
+usr/share/man/man3/DTLS_timer_cb.3ssl.gz
+usr/share/man/man3/DTLSv1_2_client_method.3ssl.gz
+usr/share/man/man3/DTLSv1_2_method.3ssl.gz
+usr/share/man/man3/DTLSv1_2_server_method.3ssl.gz
+usr/share/man/man3/DTLSv1_client_method.3ssl.gz
+usr/share/man/man3/DTLSv1_listen.3ssl.gz
+usr/share/man/man3/DTLSv1_method.3ssl.gz
+usr/share/man/man3/DTLSv1_server_method.3ssl.gz
+usr/share/man/man3/EC_get_builtin_curves.3ssl.gz
+usr/share/man/man3/EC_GF2m_simple_method.3ssl.gz
+usr/share/man/man3/EC_GFp_mont_method.3ssl.gz
+usr/share/man/man3/EC_GFp_nist_method.3ssl.gz
+usr/share/man/man3/EC_GFp_nistp224_method.3ssl.gz
+usr/share/man/man3/EC_GFp_nistp256_method.3ssl.gz
+usr/share/man/man3/EC_GFp_nistp521_method.3ssl.gz
+usr/share/man/man3/EC_GFp_simple_method.3ssl.gz
+usr/share/man/man3/EC_GROUP_check.3ssl.gz
+usr/share/man/man3/EC_GROUP_check_discriminant.3ssl.gz
+usr/share/man/man3/EC_GROUP_clear_free.3ssl.gz
+usr/share/man/man3/EC_GROUP_cmp.3ssl.gz
+usr/share/man/man3/EC_GROUP_copy.3ssl.gz
+usr/share/man/man3/EC_GROUP_dup.3ssl.gz
+usr/share/man/man3/EC_GROUP_free.3ssl.gz
+usr/share/man/man3/EC_GROUP_get0_cofactor.3ssl.gz
+usr/share/man/man3/EC_GROUP_get0_generator.3ssl.gz
+usr/share/man/man3/EC_GROUP_get0_order.3ssl.gz
+usr/share/man/man3/EC_GROUP_get0_seed.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_asn1_flag.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_basis_type.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_cofactor.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_curve.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_curve_GF2m.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_curve_GFp.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_curve_name.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_degree.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_ecparameters.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_ecpkparameters.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_order.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_pentanomial_basis.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_point_conversion_form.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_seed_len.3ssl.gz
+usr/share/man/man3/EC_GROUP_get_trinomial_basis.3ssl.gz
+usr/share/man/man3/EC_GROUP_have_precompute_mult.3ssl.gz
+usr/share/man/man3/EC_GROUP_method_of.3ssl.gz
+usr/share/man/man3/EC_GROUP_new.3ssl.gz
+usr/share/man/man3/EC_GROUP_new_by_curve_name.3ssl.gz
+usr/share/man/man3/EC_GROUP_new_curve_GF2m.3ssl.gz
+usr/share/man/man3/EC_GROUP_new_curve_GFp.3ssl.gz
+usr/share/man/man3/EC_GROUP_new_from_ecparameters.3ssl.gz
+usr/share/man/man3/EC_GROUP_new_from_ecpkparameters.3ssl.gz
+usr/share/man/man3/EC_GROUP_order_bits.3ssl.gz
+usr/share/man/man3/EC_GROUP_precompute_mult.3ssl.gz
+usr/share/man/man3/EC_GROUP_set_asn1_flag.3ssl.gz
+usr/share/man/man3/EC_GROUP_set_curve.3ssl.gz
+usr/share/man/man3/EC_GROUP_set_curve_GF2m.3ssl.gz
+usr/share/man/man3/EC_GROUP_set_curve_GFp.3ssl.gz
+usr/share/man/man3/EC_GROUP_set_curve_name.3ssl.gz
+usr/share/man/man3/EC_GROUP_set_generator.3ssl.gz
+usr/share/man/man3/EC_GROUP_set_point_conversion_form.3ssl.gz
+usr/share/man/man3/EC_GROUP_set_seed.3ssl.gz
+usr/share/man/man3/EC_KEY_check_key.3ssl.gz
+usr/share/man/man3/EC_KEY_clear_flags.3ssl.gz
+usr/share/man/man3/EC_KEY_copy.3ssl.gz
+usr/share/man/man3/EC_KEY_dup.3ssl.gz
+usr/share/man/man3/EC_KEY_free.3ssl.gz
+usr/share/man/man3/EC_KEY_generate_key.3ssl.gz
+usr/share/man/man3/EC_KEY_get0_engine.3ssl.gz
+usr/share/man/man3/EC_KEY_get0_group.3ssl.gz
+usr/share/man/man3/EC_KEY_get0_private_key.3ssl.gz
+usr/share/man/man3/EC_KEY_get0_public_key.3ssl.gz
+usr/share/man/man3/EC_KEY_get_conv_form.3ssl.gz
+usr/share/man/man3/EC_KEY_get_enc_flags.3ssl.gz
+usr/share/man/man3/EC_KEY_get_ex_data.3ssl.gz
+usr/share/man/man3/EC_KEY_get_ex_new_index.3ssl.gz
+usr/share/man/man3/EC_KEY_get_flags.3ssl.gz
+usr/share/man/man3/EC_KEY_get_method.3ssl.gz
+usr/share/man/man3/EC_KEY_key2buf.3ssl.gz
+usr/share/man/man3/EC_KEY_new.3ssl.gz
+usr/share/man/man3/EC_KEY_new_by_curve_name.3ssl.gz
+usr/share/man/man3/EC_KEY_oct2key.3ssl.gz
+usr/share/man/man3/EC_KEY_oct2priv.3ssl.gz
+usr/share/man/man3/EC_KEY_precompute_mult.3ssl.gz
+usr/share/man/man3/EC_KEY_priv2buf.3ssl.gz
+usr/share/man/man3/EC_KEY_priv2oct.3ssl.gz
+usr/share/man/man3/EC_KEY_set_asn1_flag.3ssl.gz
+usr/share/man/man3/EC_KEY_set_conv_form.3ssl.gz
+usr/share/man/man3/EC_KEY_set_enc_flags.3ssl.gz
+usr/share/man/man3/EC_KEY_set_ex_data.3ssl.gz
+usr/share/man/man3/EC_KEY_set_flags.3ssl.gz
+usr/share/man/man3/EC_KEY_set_group.3ssl.gz
+usr/share/man/man3/EC_KEY_set_method.3ssl.gz
+usr/share/man/man3/EC_KEY_set_private_key.3ssl.gz
+usr/share/man/man3/EC_KEY_set_public_key.3ssl.gz
+usr/share/man/man3/EC_KEY_set_public_key_affine_coordinates.3ssl.gz
+usr/share/man/man3/EC_KEY_up_ref.3ssl.gz
+usr/share/man/man3/EC_METHOD_get_field_type.3ssl.gz
+usr/share/man/man3/EC_POINT_add.3ssl.gz
+usr/share/man/man3/EC_POINT_bn2point.3ssl.gz
+usr/share/man/man3/EC_POINT_clear_free.3ssl.gz
+usr/share/man/man3/EC_POINT_cmp.3ssl.gz
+usr/share/man/man3/EC_POINT_copy.3ssl.gz
+usr/share/man/man3/EC_POINT_dbl.3ssl.gz
+usr/share/man/man3/EC_POINT_dup.3ssl.gz
+usr/share/man/man3/EC_POINT_free.3ssl.gz
+usr/share/man/man3/EC_POINT_get_affine_coordinates.3ssl.gz
+usr/share/man/man3/EC_POINT_get_affine_coordinates_GF2m.3ssl.gz
+usr/share/man/man3/EC_POINT_get_affine_coordinates_GFp.3ssl.gz
+usr/share/man/man3/EC_POINT_get_Jprojective_coordinates_GFp.3ssl.gz
+usr/share/man/man3/EC_POINT_hex2point.3ssl.gz
+usr/share/man/man3/EC_POINT_invert.3ssl.gz
+usr/share/man/man3/EC_POINT_is_at_infinity.3ssl.gz
+usr/share/man/man3/EC_POINT_is_on_curve.3ssl.gz
+usr/share/man/man3/EC_POINT_make_affine.3ssl.gz
+usr/share/man/man3/EC_POINT_method_of.3ssl.gz
+usr/share/man/man3/EC_POINT_mul.3ssl.gz
+usr/share/man/man3/EC_POINT_new.3ssl.gz
+usr/share/man/man3/EC_POINT_oct2point.3ssl.gz
+usr/share/man/man3/EC_POINT_point2bn.3ssl.gz
+usr/share/man/man3/EC_POINT_point2buf.3ssl.gz
+usr/share/man/man3/EC_POINT_point2hex.3ssl.gz
+usr/share/man/man3/EC_POINT_point2oct.3ssl.gz
+usr/share/man/man3/EC_POINT_set_affine_coordinates.3ssl.gz
+usr/share/man/man3/EC_POINT_set_affine_coordinates_GF2m.3ssl.gz
+usr/share/man/man3/EC_POINT_set_affine_coordinates_GFp.3ssl.gz
+usr/share/man/man3/EC_POINT_set_compressed_coordinates.3ssl.gz
+usr/share/man/man3/EC_POINT_set_compressed_coordinates_GF2m.3ssl.gz
+usr/share/man/man3/EC_POINT_set_compressed_coordinates_GFp.3ssl.gz
+usr/share/man/man3/EC_POINT_set_Jprojective_coordinates_GFp.3ssl.gz
+usr/share/man/man3/EC_POINT_set_to_infinity.3ssl.gz
+usr/share/man/man3/EC_POINTs_make_affine.3ssl.gz
+usr/share/man/man3/EC_POINTs_mul.3ssl.gz
+usr/share/man/man3/ECDH_get_ex_data.3ssl.gz
+usr/share/man/man3/ECDH_get_ex_new_index.3ssl.gz
+usr/share/man/man3/ECDH_set_ex_data.3ssl.gz
+usr/share/man/man3/ECDSA_do_sign.3ssl.gz
+usr/share/man/man3/ECDSA_do_sign_ex.3ssl.gz
+usr/share/man/man3/ECDSA_do_verify.3ssl.gz
+usr/share/man/man3/ECDSA_SIG_free.3ssl.gz
+usr/share/man/man3/ECDSA_SIG_get0.3ssl.gz
+usr/share/man/man3/ECDSA_SIG_get0_r.3ssl.gz
+usr/share/man/man3/ECDSA_SIG_get0_s.3ssl.gz
+usr/share/man/man3/ECDSA_SIG_new.3ssl.gz
+usr/share/man/man3/ECDSA_SIG_set0.3ssl.gz
+usr/share/man/man3/ECDSA_sign.3ssl.gz
+usr/share/man/man3/ECDSA_sign_ex.3ssl.gz
+usr/share/man/man3/ECDSA_sign_setup.3ssl.gz
+usr/share/man/man3/ECDSA_size.3ssl.gz
+usr/share/man/man3/ECDSA_verify.3ssl.gz
+usr/share/man/man3/ECPARAMETERS_free.3ssl.gz
+usr/share/man/man3/ECPARAMETERS_new.3ssl.gz
+usr/share/man/man3/ECPKPARAMETERS_free.3ssl.gz
+usr/share/man/man3/ECPKPARAMETERS_new.3ssl.gz
+usr/share/man/man3/ECPKParameters_print.3ssl.gz
+usr/share/man/man3/ECPKParameters_print_fp.3ssl.gz
+usr/share/man/man3/EDIPARTYNAME_free.3ssl.gz
+usr/share/man/man3/EDIPARTYNAME_new.3ssl.gz
+usr/share/man/man3/ENGINE_add.3ssl.gz
+usr/share/man/man3/ENGINE_add_conf_module.3ssl.gz
+usr/share/man/man3/ENGINE_by_id.3ssl.gz
+usr/share/man/man3/ENGINE_cleanup.3ssl.gz
+usr/share/man/man3/ENGINE_cmd_is_executable.3ssl.gz
+usr/share/man/man3/ENGINE_ctrl.3ssl.gz
+usr/share/man/man3/ENGINE_ctrl_cmd.3ssl.gz
+usr/share/man/man3/ENGINE_ctrl_cmd_string.3ssl.gz
+usr/share/man/man3/ENGINE_finish.3ssl.gz
+usr/share/man/man3/ENGINE_free.3ssl.gz
+usr/share/man/man3/ENGINE_get_cipher.3ssl.gz
+usr/share/man/man3/ENGINE_get_cipher_engine.3ssl.gz
+usr/share/man/man3/ENGINE_get_ciphers.3ssl.gz
+usr/share/man/man3/ENGINE_get_cmd_defns.3ssl.gz
+usr/share/man/man3/ENGINE_get_ctrl_function.3ssl.gz
+usr/share/man/man3/ENGINE_get_default_DH.3ssl.gz
+usr/share/man/man3/ENGINE_get_default_DSA.3ssl.gz
+usr/share/man/man3/ENGINE_get_default_RAND.3ssl.gz
+usr/share/man/man3/ENGINE_get_default_RSA.3ssl.gz
+usr/share/man/man3/ENGINE_get_destroy_function.3ssl.gz
+usr/share/man/man3/ENGINE_get_DH.3ssl.gz
+usr/share/man/man3/ENGINE_get_digest.3ssl.gz
+usr/share/man/man3/ENGINE_get_digest_engine.3ssl.gz
+usr/share/man/man3/ENGINE_get_digests.3ssl.gz
+usr/share/man/man3/ENGINE_get_DSA.3ssl.gz
+usr/share/man/man3/ENGINE_get_ex_data.3ssl.gz
+usr/share/man/man3/ENGINE_get_ex_new_index.3ssl.gz
+usr/share/man/man3/ENGINE_get_finish_function.3ssl.gz
+usr/share/man/man3/ENGINE_get_first.3ssl.gz
+usr/share/man/man3/ENGINE_get_flags.3ssl.gz
+usr/share/man/man3/ENGINE_get_id.3ssl.gz
+usr/share/man/man3/ENGINE_get_init_function.3ssl.gz
+usr/share/man/man3/ENGINE_get_last.3ssl.gz
+usr/share/man/man3/ENGINE_get_load_privkey_function.3ssl.gz
+usr/share/man/man3/ENGINE_get_load_pubkey_function.3ssl.gz
+usr/share/man/man3/ENGINE_get_name.3ssl.gz
+usr/share/man/man3/ENGINE_get_next.3ssl.gz
+usr/share/man/man3/ENGINE_get_prev.3ssl.gz
+usr/share/man/man3/ENGINE_get_RAND.3ssl.gz
+usr/share/man/man3/ENGINE_get_RSA.3ssl.gz
+usr/share/man/man3/ENGINE_get_table_flags.3ssl.gz
+usr/share/man/man3/ENGINE_init.3ssl.gz
+usr/share/man/man3/ENGINE_load_builtin_engines.3ssl.gz
+usr/share/man/man3/ENGINE_load_private_key.3ssl.gz
+usr/share/man/man3/ENGINE_load_public_key.3ssl.gz
+usr/share/man/man3/ENGINE_new.3ssl.gz
+usr/share/man/man3/ENGINE_register_all_ciphers.3ssl.gz
+usr/share/man/man3/ENGINE_register_all_complete.3ssl.gz
+usr/share/man/man3/ENGINE_register_all_DH.3ssl.gz
+usr/share/man/man3/ENGINE_register_all_digests.3ssl.gz
+usr/share/man/man3/ENGINE_register_all_DSA.3ssl.gz
+usr/share/man/man3/ENGINE_register_all_RAND.3ssl.gz
+usr/share/man/man3/ENGINE_register_all_RSA.3ssl.gz
+usr/share/man/man3/ENGINE_register_ciphers.3ssl.gz
+usr/share/man/man3/ENGINE_register_complete.3ssl.gz
+usr/share/man/man3/ENGINE_register_DH.3ssl.gz
+usr/share/man/man3/ENGINE_register_digests.3ssl.gz
+usr/share/man/man3/ENGINE_register_DSA.3ssl.gz
+usr/share/man/man3/ENGINE_register_RAND.3ssl.gz
+usr/share/man/man3/ENGINE_register_RSA.3ssl.gz
+usr/share/man/man3/ENGINE_remove.3ssl.gz
+usr/share/man/man3/ENGINE_set_ciphers.3ssl.gz
+usr/share/man/man3/ENGINE_set_cmd_defns.3ssl.gz
+usr/share/man/man3/ENGINE_set_ctrl_function.3ssl.gz
+usr/share/man/man3/ENGINE_set_default.3ssl.gz
+usr/share/man/man3/ENGINE_set_default_ciphers.3ssl.gz
+usr/share/man/man3/ENGINE_set_default_DH.3ssl.gz
+usr/share/man/man3/ENGINE_set_default_digests.3ssl.gz
+usr/share/man/man3/ENGINE_set_default_DSA.3ssl.gz
+usr/share/man/man3/ENGINE_set_default_RAND.3ssl.gz
+usr/share/man/man3/ENGINE_set_default_RSA.3ssl.gz
+usr/share/man/man3/ENGINE_set_default_string.3ssl.gz
+usr/share/man/man3/ENGINE_set_destroy_function.3ssl.gz
+usr/share/man/man3/ENGINE_set_DH.3ssl.gz
+usr/share/man/man3/ENGINE_set_digests.3ssl.gz
+usr/share/man/man3/ENGINE_set_DSA.3ssl.gz
+usr/share/man/man3/ENGINE_set_ex_data.3ssl.gz
+usr/share/man/man3/ENGINE_set_finish_function.3ssl.gz
+usr/share/man/man3/ENGINE_set_flags.3ssl.gz
+usr/share/man/man3/ENGINE_set_id.3ssl.gz
+usr/share/man/man3/ENGINE_set_init_function.3ssl.gz
+usr/share/man/man3/ENGINE_set_load_privkey_function.3ssl.gz
+usr/share/man/man3/ENGINE_set_load_pubkey_function.3ssl.gz
+usr/share/man/man3/ENGINE_set_name.3ssl.gz
+usr/share/man/man3/ENGINE_set_RAND.3ssl.gz
+usr/share/man/man3/ENGINE_set_RSA.3ssl.gz
+usr/share/man/man3/ENGINE_set_table_flags.3ssl.gz
+usr/share/man/man3/ENGINE_unregister_ciphers.3ssl.gz
+usr/share/man/man3/ENGINE_unregister_DH.3ssl.gz
+usr/share/man/man3/ENGINE_unregister_digests.3ssl.gz
+usr/share/man/man3/ENGINE_unregister_DSA.3ssl.gz
+usr/share/man/man3/ENGINE_unregister_RAND.3ssl.gz
+usr/share/man/man3/ENGINE_unregister_RSA.3ssl.gz
+usr/share/man/man3/ENGINE_up_ref.3ssl.gz
+usr/share/man/man3/ERR_add_error_data.3ssl.gz
+usr/share/man/man3/ERR_add_error_vdata.3ssl.gz
+usr/share/man/man3/ERR_clear_error.3ssl.gz
+usr/share/man/man3/ERR_error_string.3ssl.gz
+usr/share/man/man3/ERR_error_string_n.3ssl.gz
+usr/share/man/man3/ERR_FATAL_ERROR.3ssl.gz
+usr/share/man/man3/ERR_free_strings.3ssl.gz
+usr/share/man/man3/ERR_func_error_string.3ssl.gz
+usr/share/man/man3/ERR_get_error.3ssl.gz
+usr/share/man/man3/ERR_get_error_line.3ssl.gz
+usr/share/man/man3/ERR_get_error_line_data.3ssl.gz
+usr/share/man/man3/ERR_GET_FUNC.3ssl.gz
+usr/share/man/man3/ERR_GET_LIB.3ssl.gz
+usr/share/man/man3/ERR_get_next_error_library.3ssl.gz
+usr/share/man/man3/ERR_GET_REASON.3ssl.gz
+usr/share/man/man3/ERR_lib_error_string.3ssl.gz
+usr/share/man/man3/ERR_load_crypto_strings.3ssl.gz
+usr/share/man/man3/ERR_load_strings.3ssl.gz
+usr/share/man/man3/ERR_PACK.3ssl.gz
+usr/share/man/man3/ERR_peek_error.3ssl.gz
+usr/share/man/man3/ERR_peek_error_line.3ssl.gz
+usr/share/man/man3/ERR_peek_error_line_data.3ssl.gz
+usr/share/man/man3/ERR_peek_last_error.3ssl.gz
+usr/share/man/man3/ERR_peek_last_error_line.3ssl.gz
+usr/share/man/man3/ERR_peek_last_error_line_data.3ssl.gz
+usr/share/man/man3/ERR_pop_to_mark.3ssl.gz
+usr/share/man/man3/ERR_print_errors.3ssl.gz
+usr/share/man/man3/ERR_print_errors_cb.3ssl.gz
+usr/share/man/man3/ERR_print_errors_fp.3ssl.gz
+usr/share/man/man3/ERR_put_error.3ssl.gz
+usr/share/man/man3/ERR_reason_error_string.3ssl.gz
+usr/share/man/man3/ERR_remove_state.3ssl.gz
+usr/share/man/man3/ERR_remove_thread_state.3ssl.gz
+usr/share/man/man3/ERR_set_mark.3ssl.gz
+usr/share/man/man3/ESS_CERT_ID_dup.3ssl.gz
+usr/share/man/man3/ESS_CERT_ID_free.3ssl.gz
+usr/share/man/man3/ESS_CERT_ID_new.3ssl.gz
+usr/share/man/man3/ESS_ISSUER_SERIAL_dup.3ssl.gz
+usr/share/man/man3/ESS_ISSUER_SERIAL_free.3ssl.gz
+usr/share/man/man3/ESS_ISSUER_SERIAL_new.3ssl.gz
+usr/share/man/man3/ESS_SIGNING_CERT_dup.3ssl.gz
+usr/share/man/man3/ESS_SIGNING_CERT_free.3ssl.gz
+usr/share/man/man3/ESS_SIGNING_CERT_new.3ssl.gz
+usr/share/man/man3/EVP_aes.3ssl.gz
+usr/share/man/man3/EVP_aes_128_cbc.3ssl.gz
+usr/share/man/man3/EVP_aes_128_cbc_hmac_sha1.3ssl.gz
+usr/share/man/man3/EVP_aes_128_cbc_hmac_sha256.3ssl.gz
+usr/share/man/man3/EVP_aes_128_ccm.3ssl.gz
+usr/share/man/man3/EVP_aes_128_cfb.3ssl.gz
+usr/share/man/man3/EVP_aes_128_cfb1.3ssl.gz
+usr/share/man/man3/EVP_aes_128_cfb128.3ssl.gz
+usr/share/man/man3/EVP_aes_128_cfb8.3ssl.gz
+usr/share/man/man3/EVP_aes_128_ctr.3ssl.gz
+usr/share/man/man3/EVP_aes_128_ecb.3ssl.gz
+usr/share/man/man3/EVP_aes_128_gcm.3ssl.gz
+usr/share/man/man3/EVP_aes_128_ocb.3ssl.gz
+usr/share/man/man3/EVP_aes_128_ofb.3ssl.gz
+usr/share/man/man3/EVP_aes_128_wrap.3ssl.gz
+usr/share/man/man3/EVP_aes_128_wrap_pad.3ssl.gz
+usr/share/man/man3/EVP_aes_128_xts.3ssl.gz
+usr/share/man/man3/EVP_aes_192_cbc.3ssl.gz
+usr/share/man/man3/EVP_aes_192_ccm.3ssl.gz
+usr/share/man/man3/EVP_aes_192_cfb.3ssl.gz
+usr/share/man/man3/EVP_aes_192_cfb1.3ssl.gz
+usr/share/man/man3/EVP_aes_192_cfb128.3ssl.gz
+usr/share/man/man3/EVP_aes_192_cfb8.3ssl.gz
+usr/share/man/man3/EVP_aes_192_ctr.3ssl.gz
+usr/share/man/man3/EVP_aes_192_ecb.3ssl.gz
+usr/share/man/man3/EVP_aes_192_gcm.3ssl.gz
+usr/share/man/man3/EVP_aes_192_ocb.3ssl.gz
+usr/share/man/man3/EVP_aes_192_ofb.3ssl.gz
+usr/share/man/man3/EVP_aes_192_wrap.3ssl.gz
+usr/share/man/man3/EVP_aes_192_wrap_pad.3ssl.gz
+usr/share/man/man3/EVP_aes_256_cbc.3ssl.gz
+usr/share/man/man3/EVP_aes_256_cbc_hmac_sha1.3ssl.gz
+usr/share/man/man3/EVP_aes_256_cbc_hmac_sha256.3ssl.gz
+usr/share/man/man3/EVP_aes_256_ccm.3ssl.gz
+usr/share/man/man3/EVP_aes_256_cfb.3ssl.gz
+usr/share/man/man3/EVP_aes_256_cfb1.3ssl.gz
+usr/share/man/man3/EVP_aes_256_cfb128.3ssl.gz
+usr/share/man/man3/EVP_aes_256_cfb8.3ssl.gz
+usr/share/man/man3/EVP_aes_256_ctr.3ssl.gz
+usr/share/man/man3/EVP_aes_256_ecb.3ssl.gz
+usr/share/man/man3/EVP_aes_256_gcm.3ssl.gz
+usr/share/man/man3/EVP_aes_256_ocb.3ssl.gz
+usr/share/man/man3/EVP_aes_256_ofb.3ssl.gz
+usr/share/man/man3/EVP_aes_256_wrap.3ssl.gz
+usr/share/man/man3/EVP_aes_256_wrap_pad.3ssl.gz
+usr/share/man/man3/EVP_aes_256_xts.3ssl.gz
+usr/share/man/man3/EVP_aria.3ssl.gz
+usr/share/man/man3/EVP_aria_128_cbc.3ssl.gz
+usr/share/man/man3/EVP_aria_128_ccm.3ssl.gz
+usr/share/man/man3/EVP_aria_128_cfb.3ssl.gz
+usr/share/man/man3/EVP_aria_128_cfb1.3ssl.gz
+usr/share/man/man3/EVP_aria_128_cfb128.3ssl.gz
+usr/share/man/man3/EVP_aria_128_cfb8.3ssl.gz
+usr/share/man/man3/EVP_aria_128_ctr.3ssl.gz
+usr/share/man/man3/EVP_aria_128_ecb.3ssl.gz
+usr/share/man/man3/EVP_aria_128_gcm.3ssl.gz
+usr/share/man/man3/EVP_aria_128_ofb.3ssl.gz
+usr/share/man/man3/EVP_aria_192_cbc.3ssl.gz
+usr/share/man/man3/EVP_aria_192_ccm.3ssl.gz
+usr/share/man/man3/EVP_aria_192_cfb.3ssl.gz
+usr/share/man/man3/EVP_aria_192_cfb1.3ssl.gz
+usr/share/man/man3/EVP_aria_192_cfb128.3ssl.gz
+usr/share/man/man3/EVP_aria_192_cfb8.3ssl.gz
+usr/share/man/man3/EVP_aria_192_ctr.3ssl.gz
+usr/share/man/man3/EVP_aria_192_ecb.3ssl.gz
+usr/share/man/man3/EVP_aria_192_gcm.3ssl.gz
+usr/share/man/man3/EVP_aria_192_ofb.3ssl.gz
+usr/share/man/man3/EVP_aria_256_cbc.3ssl.gz
+usr/share/man/man3/EVP_aria_256_ccm.3ssl.gz
+usr/share/man/man3/EVP_aria_256_cfb.3ssl.gz
+usr/share/man/man3/EVP_aria_256_cfb1.3ssl.gz
+usr/share/man/man3/EVP_aria_256_cfb128.3ssl.gz
+usr/share/man/man3/EVP_aria_256_cfb8.3ssl.gz
+usr/share/man/man3/EVP_aria_256_ctr.3ssl.gz
+usr/share/man/man3/EVP_aria_256_ecb.3ssl.gz
+usr/share/man/man3/EVP_aria_256_gcm.3ssl.gz
+usr/share/man/man3/EVP_aria_256_ofb.3ssl.gz
+usr/share/man/man3/EVP_bf_cbc.3ssl.gz
+usr/share/man/man3/EVP_bf_cfb.3ssl.gz
+usr/share/man/man3/EVP_bf_cfb64.3ssl.gz
+usr/share/man/man3/EVP_bf_ecb.3ssl.gz
+usr/share/man/man3/EVP_bf_ofb.3ssl.gz
+usr/share/man/man3/EVP_blake2b512.3ssl.gz
+usr/share/man/man3/EVP_blake2s256.3ssl.gz
+usr/share/man/man3/EVP_BytesToKey.3ssl.gz
+usr/share/man/man3/EVP_camellia.3ssl.gz
+usr/share/man/man3/EVP_camellia_128_cbc.3ssl.gz
+usr/share/man/man3/EVP_camellia_128_cfb.3ssl.gz
+usr/share/man/man3/EVP_camellia_128_cfb1.3ssl.gz
+usr/share/man/man3/EVP_camellia_128_cfb128.3ssl.gz
+usr/share/man/man3/EVP_camellia_128_cfb8.3ssl.gz
+usr/share/man/man3/EVP_camellia_128_ctr.3ssl.gz
+usr/share/man/man3/EVP_camellia_128_ecb.3ssl.gz
+usr/share/man/man3/EVP_camellia_128_ofb.3ssl.gz
+usr/share/man/man3/EVP_camellia_192_cbc.3ssl.gz
+usr/share/man/man3/EVP_camellia_192_cfb.3ssl.gz
+usr/share/man/man3/EVP_camellia_192_cfb1.3ssl.gz
+usr/share/man/man3/EVP_camellia_192_cfb128.3ssl.gz
+usr/share/man/man3/EVP_camellia_192_cfb8.3ssl.gz
+usr/share/man/man3/EVP_camellia_192_ctr.3ssl.gz
+usr/share/man/man3/EVP_camellia_192_ecb.3ssl.gz
+usr/share/man/man3/EVP_camellia_192_ofb.3ssl.gz
+usr/share/man/man3/EVP_camellia_256_cbc.3ssl.gz
+usr/share/man/man3/EVP_camellia_256_cfb.3ssl.gz
+usr/share/man/man3/EVP_camellia_256_cfb1.3ssl.gz
+usr/share/man/man3/EVP_camellia_256_cfb128.3ssl.gz
+usr/share/man/man3/EVP_camellia_256_cfb8.3ssl.gz
+usr/share/man/man3/EVP_camellia_256_ctr.3ssl.gz
+usr/share/man/man3/EVP_camellia_256_ecb.3ssl.gz
+usr/share/man/man3/EVP_camellia_256_ofb.3ssl.gz
+usr/share/man/man3/EVP_cast5_cbc.3ssl.gz
+usr/share/man/man3/EVP_cast5_cfb.3ssl.gz
+usr/share/man/man3/EVP_cast5_cfb64.3ssl.gz
+usr/share/man/man3/EVP_cast5_ecb.3ssl.gz
+usr/share/man/man3/EVP_cast5_ofb.3ssl.gz
+usr/share/man/man3/EVP_chacha20.3ssl.gz
+usr/share/man/man3/EVP_chacha20_poly1305.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_asn1_to_param.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_block_size.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_block_size.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_cipher.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_ctrl.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_flags.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_free.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_get_app_data.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_get_cipher_data.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_iv_length.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_key_length.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_mode.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_new.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_nid.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_reset.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_set_app_data.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_set_cipher_data.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_set_key_length.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_set_padding.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_CTX_type.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_flags.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_iv_length.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_key_length.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_dup.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_free.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_get_cleanup.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_get_ctrl.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_get_do_cipher.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_get_get_asn1_params.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_get_init.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_get_set_asn1_params.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_new.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_cleanup.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_ctrl.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_do_cipher.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_flags.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_get_asn1_params.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_impl_ctx_size.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_init.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_iv_length.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_meth_set_set_asn1_params.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_mode.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_nid.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_param_to_asn1.3ssl.gz
+usr/share/man/man3/EVP_CIPHER_type.3ssl.gz
+usr/share/man/man3/EVP_CipherFinal.3ssl.gz
+usr/share/man/man3/EVP_CipherFinal_ex.3ssl.gz
+usr/share/man/man3/EVP_CipherInit.3ssl.gz
+usr/share/man/man3/EVP_CipherInit_ex.3ssl.gz
+usr/share/man/man3/EVP_CipherUpdate.3ssl.gz
+usr/share/man/man3/EVP_cleanup.3ssl.gz
+usr/share/man/man3/EVP_DecodeBlock.3ssl.gz
+usr/share/man/man3/EVP_DecodeFinal.3ssl.gz
+usr/share/man/man3/EVP_DecodeInit.3ssl.gz
+usr/share/man/man3/EVP_DecodeUpdate.3ssl.gz
+usr/share/man/man3/EVP_DecryptFinal.3ssl.gz
+usr/share/man/man3/EVP_DecryptFinal_ex.3ssl.gz
+usr/share/man/man3/EVP_DecryptInit.3ssl.gz
+usr/share/man/man3/EVP_DecryptInit_ex.3ssl.gz
+usr/share/man/man3/EVP_DecryptUpdate.3ssl.gz
+usr/share/man/man3/EVP_des.3ssl.gz
+usr/share/man/man3/EVP_des_cbc.3ssl.gz
+usr/share/man/man3/EVP_des_cfb.3ssl.gz
+usr/share/man/man3/EVP_des_cfb1.3ssl.gz
+usr/share/man/man3/EVP_des_cfb64.3ssl.gz
+usr/share/man/man3/EVP_des_cfb8.3ssl.gz
+usr/share/man/man3/EVP_des_ecb.3ssl.gz
+usr/share/man/man3/EVP_des_ede.3ssl.gz
+usr/share/man/man3/EVP_des_ede3.3ssl.gz
+usr/share/man/man3/EVP_des_ede3_cbc.3ssl.gz
+usr/share/man/man3/EVP_des_ede3_cfb.3ssl.gz
+usr/share/man/man3/EVP_des_ede3_cfb1.3ssl.gz
+usr/share/man/man3/EVP_des_ede3_cfb64.3ssl.gz
+usr/share/man/man3/EVP_des_ede3_cfb8.3ssl.gz
+usr/share/man/man3/EVP_des_ede3_ecb.3ssl.gz
+usr/share/man/man3/EVP_des_ede3_ofb.3ssl.gz
+usr/share/man/man3/EVP_des_ede3_wrap.3ssl.gz
+usr/share/man/man3/EVP_des_ede_cbc.3ssl.gz
+usr/share/man/man3/EVP_des_ede_cfb.3ssl.gz
+usr/share/man/man3/EVP_des_ede_cfb64.3ssl.gz
+usr/share/man/man3/EVP_des_ede_ecb.3ssl.gz
+usr/share/man/man3/EVP_des_ede_ofb.3ssl.gz
+usr/share/man/man3/EVP_des_ofb.3ssl.gz
+usr/share/man/man3/EVP_desx_cbc.3ssl.gz
+usr/share/man/man3/EVP_DigestFinal.3ssl.gz
+usr/share/man/man3/EVP_DigestFinal_ex.3ssl.gz
+usr/share/man/man3/EVP_DigestFinalXOF.3ssl.gz
+usr/share/man/man3/EVP_DigestInit.3ssl.gz
+usr/share/man/man3/EVP_DigestInit_ex.3ssl.gz
+usr/share/man/man3/EVP_DigestSign.3ssl.gz
+usr/share/man/man3/EVP_DigestSignFinal.3ssl.gz
+usr/share/man/man3/EVP_DigestSignInit.3ssl.gz
+usr/share/man/man3/EVP_DigestSignUpdate.3ssl.gz
+usr/share/man/man3/EVP_DigestUpdate.3ssl.gz
+usr/share/man/man3/EVP_DigestVerify.3ssl.gz
+usr/share/man/man3/EVP_DigestVerifyFinal.3ssl.gz
+usr/share/man/man3/EVP_DigestVerifyInit.3ssl.gz
+usr/share/man/man3/EVP_DigestVerifyUpdate.3ssl.gz
+usr/share/man/man3/EVP_enc_null.3ssl.gz
+usr/share/man/man3/EVP_ENCODE_CTX_copy.3ssl.gz
+usr/share/man/man3/EVP_ENCODE_CTX_free.3ssl.gz
+usr/share/man/man3/EVP_ENCODE_CTX_new.3ssl.gz
+usr/share/man/man3/EVP_ENCODE_CTX_num.3ssl.gz
+usr/share/man/man3/EVP_EncodeBlock.3ssl.gz
+usr/share/man/man3/EVP_EncodeFinal.3ssl.gz
+usr/share/man/man3/EVP_EncodeInit.3ssl.gz
+usr/share/man/man3/EVP_EncodeUpdate.3ssl.gz
+usr/share/man/man3/EVP_EncryptFinal.3ssl.gz
+usr/share/man/man3/EVP_EncryptFinal_ex.3ssl.gz
+usr/share/man/man3/EVP_EncryptInit.3ssl.gz
+usr/share/man/man3/EVP_EncryptInit_ex.3ssl.gz
+usr/share/man/man3/EVP_EncryptUpdate.3ssl.gz
+usr/share/man/man3/EVP_get_cipherbyname.3ssl.gz
+usr/share/man/man3/EVP_get_cipherbynid.3ssl.gz
+usr/share/man/man3/EVP_get_cipherbyobj.3ssl.gz
+usr/share/man/man3/EVP_get_digestbyname.3ssl.gz
+usr/share/man/man3/EVP_get_digestbynid.3ssl.gz
+usr/share/man/man3/EVP_get_digestbyobj.3ssl.gz
+usr/share/man/man3/EVP_idea_cbc.3ssl.gz
+usr/share/man/man3/EVP_idea_cfb.3ssl.gz
+usr/share/man/man3/EVP_idea_cfb64.3ssl.gz
+usr/share/man/man3/EVP_idea_ecb.3ssl.gz
+usr/share/man/man3/EVP_idea_ofb.3ssl.gz
+usr/share/man/man3/EVP_md2.3ssl.gz
+usr/share/man/man3/EVP_md4.3ssl.gz
+usr/share/man/man3/EVP_md5.3ssl.gz
+usr/share/man/man3/EVP_md5_sha1.3ssl.gz
+usr/share/man/man3/EVP_MD_block_size.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_block_size.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_clear_flags.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_copy.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_copy_ex.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_ctrl.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_free.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_md.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_md_data.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_new.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_reset.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_set_flags.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_set_pkey_ctx.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_size.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_test_flags.3ssl.gz
+usr/share/man/man3/EVP_MD_CTX_type.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_dup.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_free.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_app_datasize.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_cleanup.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_copy.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_ctrl.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_final.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_flags.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_init.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_input_blocksize.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_result_size.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_get_update.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_new.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_app_datasize.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_cleanup.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_copy.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_ctrl.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_final.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_flags.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_init.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_input_blocksize.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_result_size.3ssl.gz
+usr/share/man/man3/EVP_MD_meth_set_update.3ssl.gz
+usr/share/man/man3/EVP_md_null.3ssl.gz
+usr/share/man/man3/EVP_MD_pkey_type.3ssl.gz
+usr/share/man/man3/EVP_MD_size.3ssl.gz
+usr/share/man/man3/EVP_MD_type.3ssl.gz
+usr/share/man/man3/EVP_mdc2.3ssl.gz
+usr/share/man/man3/EVP_OpenFinal.3ssl.gz
+usr/share/man/man3/EVP_OpenInit.3ssl.gz
+usr/share/man/man3/EVP_OpenUpdate.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_add0.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_add_alias.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_copy.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_find.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_find_str.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_free.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_get0.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_get0_info.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_get_count.3ssl.gz
+usr/share/man/man3/EVP_PKEY_ASN1_METHOD.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_new.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_ctrl.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_free.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_get_priv_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_get_pub_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_item.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_param.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_param_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_private.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_public.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_public_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_security_bits.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_set_priv_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_set_pub_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_asn1_set_siginf.3ssl.gz
+usr/share/man/man3/EVP_PKEY_assign_DH.3ssl.gz
+usr/share/man/man3/EVP_PKEY_assign_DSA.3ssl.gz
+usr/share/man/man3/EVP_PKEY_assign_EC_KEY.3ssl.gz
+usr/share/man/man3/EVP_PKEY_assign_POLY1305.3ssl.gz
+usr/share/man/man3/EVP_PKEY_assign_RSA.3ssl.gz
+usr/share/man/man3/EVP_PKEY_assign_SIPHASH.3ssl.gz
+usr/share/man/man3/EVP_PKEY_base_id.3ssl.gz
+usr/share/man/man3/EVP_PKEY_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_cmp.3ssl.gz
+usr/share/man/man3/EVP_PKEY_cmp_parameters.3ssl.gz
+usr/share/man/man3/EVP_PKEY_copy_parameters.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_add1_hkdf_info.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_add1_tls1_prf_seed.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_ctrl.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_ctrl_str.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_ctrl_uint64.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_dup.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_free.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get0_dh_kdf_oid.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get0_dh_kdf_ukm.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get0_ecdh_kdf_ukm.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get0_rsa_oaep_label.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get1_id.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get1_id_len.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_app_data.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_cb.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_outlen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_dh_kdf_type.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_cofactor_mode.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_outlen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_ecdh_kdf_type.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_keygen_info.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_rsa_mgf1_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_rsa_oaep_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_rsa_padding.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_rsa_pss_saltlen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_get_signature_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_hkdf_mode.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_new.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_new_id.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set0_dh_kdf_oid.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set0_dh_kdf_ukm.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set0_ecdh_kdf_ukm.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set0_rsa_oaep_label.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set1_hkdf_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set1_hkdf_salt.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set1_id.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set1_pbe_pass.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set1_scrypt_salt.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set1_tls1_prf_secret.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_app_data.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_cb.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_outlen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_kdf_type.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_nid.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_pad.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_generator.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_prime_len.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_subprime_len.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_paramgen_type.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dh_rfc5114.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dhx_rfc5114.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_ec_param_enc.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_outlen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_ecdh_kdf_type.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_hkdf_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_mac_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_bits.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_primes.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_keygen_pubexp.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_mgf1_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_oaep_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_padding.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_maxmem_bytes.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_N.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_p.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_scrypt_r.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_signature_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3ssl.gz
+usr/share/man/man3/EVP_PKEY_decrypt.3ssl.gz
+usr/share/man/man3/EVP_PKEY_decrypt_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_derive.3ssl.gz
+usr/share/man/man3/EVP_PKEY_derive_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_derive_set_peer.3ssl.gz
+usr/share/man/man3/EVP_PKEY_encrypt.3ssl.gz
+usr/share/man/man3/EVP_PKEY_encrypt_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_free.3ssl.gz
+usr/share/man/man3/EVP_PKEY_gen_cb.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get0_asn1.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get0_DH.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get0_DSA.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get0_EC_KEY.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get0_hmac.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get0_poly1305.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get0_RSA.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get0_siphash.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get1_DH.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get1_DSA.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get1_EC_KEY.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get1_RSA.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get_default_digest_nid.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get_raw_private_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_get_raw_public_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_id.3ssl.gz
+usr/share/man/man3/EVP_PKEY_keygen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_keygen_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_add0.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_copy.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_find.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_free.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get0.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get0_info.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_cleanup.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_copy.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_count.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_ctrl.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_decrypt.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_derive.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_digest_custom.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_encrypt.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_keygen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_param_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_paramgen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_public_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_sign.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_signctx.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_verify.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_verify_recover.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_get_verifyctx.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_new.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_remove.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_cleanup.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_copy.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_ctrl.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_decrypt.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_derive.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_digest_custom.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_encrypt.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_keygen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_param_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_paramgen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_public_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_sign.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_signctx.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_verify.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_verify_recover.3ssl.gz
+usr/share/man/man3/EVP_PKEY_meth_set_verifyctx.3ssl.gz
+usr/share/man/man3/EVP_PKEY_METHOD.3ssl.gz
+usr/share/man/man3/EVP_PKEY_missing_parameters.3ssl.gz
+usr/share/man/man3/EVP_PKEY_new.3ssl.gz
+usr/share/man/man3/EVP_PKEY_new_CMAC_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_new_mac_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_new_raw_private_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_new_raw_public_key.3ssl.gz
+usr/share/man/man3/EVP_PKEY_param_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_paramgen.3ssl.gz
+usr/share/man/man3/EVP_PKEY_paramgen_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_print_params.3ssl.gz
+usr/share/man/man3/EVP_PKEY_print_private.3ssl.gz
+usr/share/man/man3/EVP_PKEY_print_public.3ssl.gz
+usr/share/man/man3/EVP_PKEY_public_check.3ssl.gz
+usr/share/man/man3/EVP_PKEY_security_bits.3ssl.gz
+usr/share/man/man3/EVP_PKEY_set1_DH.3ssl.gz
+usr/share/man/man3/EVP_PKEY_set1_DSA.3ssl.gz
+usr/share/man/man3/EVP_PKEY_set1_EC_KEY.3ssl.gz
+usr/share/man/man3/EVP_PKEY_set1_engine.3ssl.gz
+usr/share/man/man3/EVP_PKEY_set1_RSA.3ssl.gz
+usr/share/man/man3/EVP_PKEY_set_alias_type.3ssl.gz
+usr/share/man/man3/EVP_PKEY_sign.3ssl.gz
+usr/share/man/man3/EVP_PKEY_sign_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_size.3ssl.gz
+usr/share/man/man3/EVP_PKEY_type.3ssl.gz
+usr/share/man/man3/EVP_PKEY_up_ref.3ssl.gz
+usr/share/man/man3/EVP_PKEY_verify.3ssl.gz
+usr/share/man/man3/EVP_PKEY_verify_init.3ssl.gz
+usr/share/man/man3/EVP_PKEY_verify_recover.3ssl.gz
+usr/share/man/man3/EVP_PKEY_verify_recover_init.3ssl.gz
+usr/share/man/man3/EVP_rc2_40_cbc.3ssl.gz
+usr/share/man/man3/EVP_rc2_64_cbc.3ssl.gz
+usr/share/man/man3/EVP_rc2_cbc.3ssl.gz
+usr/share/man/man3/EVP_rc2_cfb.3ssl.gz
+usr/share/man/man3/EVP_rc2_cfb64.3ssl.gz
+usr/share/man/man3/EVP_rc2_ecb.3ssl.gz
+usr/share/man/man3/EVP_rc2_ofb.3ssl.gz
+usr/share/man/man3/EVP_rc4.3ssl.gz
+usr/share/man/man3/EVP_rc4_40.3ssl.gz
+usr/share/man/man3/EVP_rc4_hmac_md5.3ssl.gz
+usr/share/man/man3/EVP_rc5_32_12_16_cbc.3ssl.gz
+usr/share/man/man3/EVP_rc5_32_12_16_cfb.3ssl.gz
+usr/share/man/man3/EVP_rc5_32_12_16_cfb64.3ssl.gz
+usr/share/man/man3/EVP_rc5_32_12_16_ecb.3ssl.gz
+usr/share/man/man3/EVP_rc5_32_12_16_ofb.3ssl.gz
+usr/share/man/man3/EVP_ripemd160.3ssl.gz
+usr/share/man/man3/EVP_SealFinal.3ssl.gz
+usr/share/man/man3/EVP_SealInit.3ssl.gz
+usr/share/man/man3/EVP_SealUpdate.3ssl.gz
+usr/share/man/man3/EVP_seed_cbc.3ssl.gz
+usr/share/man/man3/EVP_seed_cfb.3ssl.gz
+usr/share/man/man3/EVP_seed_cfb128.3ssl.gz
+usr/share/man/man3/EVP_seed_ecb.3ssl.gz
+usr/share/man/man3/EVP_seed_ofb.3ssl.gz
+usr/share/man/man3/EVP_sha1.3ssl.gz
+usr/share/man/man3/EVP_sha224.3ssl.gz
+usr/share/man/man3/EVP_sha256.3ssl.gz
+usr/share/man/man3/EVP_sha384.3ssl.gz
+usr/share/man/man3/EVP_sha3_224.3ssl.gz
+usr/share/man/man3/EVP_sha3_256.3ssl.gz
+usr/share/man/man3/EVP_sha3_384.3ssl.gz
+usr/share/man/man3/EVP_sha3_512.3ssl.gz
+usr/share/man/man3/EVP_sha512.3ssl.gz
+usr/share/man/man3/EVP_sha512_224.3ssl.gz
+usr/share/man/man3/EVP_sha512_256.3ssl.gz
+usr/share/man/man3/EVP_shake128.3ssl.gz
+usr/share/man/man3/EVP_shake256.3ssl.gz
+usr/share/man/man3/EVP_SignFinal.3ssl.gz
+usr/share/man/man3/EVP_SignInit.3ssl.gz
+usr/share/man/man3/EVP_SignInit_ex.3ssl.gz
+usr/share/man/man3/EVP_SignUpdate.3ssl.gz
+usr/share/man/man3/EVP_sm3.3ssl.gz
+usr/share/man/man3/EVP_sm4_cbc.3ssl.gz
+usr/share/man/man3/EVP_sm4_cfb.3ssl.gz
+usr/share/man/man3/EVP_sm4_cfb128.3ssl.gz
+usr/share/man/man3/EVP_sm4_ctr.3ssl.gz
+usr/share/man/man3/EVP_sm4_ecb.3ssl.gz
+usr/share/man/man3/EVP_sm4_ofb.3ssl.gz
+usr/share/man/man3/EVP_VerifyFinal.3ssl.gz
+usr/share/man/man3/EVP_VerifyInit.3ssl.gz
+usr/share/man/man3/EVP_VerifyInit_ex.3ssl.gz
+usr/share/man/man3/EVP_VerifyUpdate.3ssl.gz
+usr/share/man/man3/EVP_whirlpool.3ssl.gz
+usr/share/man/man3/EXTENDED_KEY_USAGE_free.3ssl.gz
+usr/share/man/man3/EXTENDED_KEY_USAGE_new.3ssl.gz
+usr/share/man/man3/GEN_SESSION_CB.3ssl.gz
+usr/share/man/man3/GENERAL_NAME_dup.3ssl.gz
+usr/share/man/man3/GENERAL_NAME_free.3ssl.gz
+usr/share/man/man3/GENERAL_NAME_new.3ssl.gz
+usr/share/man/man3/GENERAL_NAMES_free.3ssl.gz
+usr/share/man/man3/GENERAL_NAMES_new.3ssl.gz
+usr/share/man/man3/GENERAL_SUBTREE_free.3ssl.gz
+usr/share/man/man3/GENERAL_SUBTREE_new.3ssl.gz
+usr/share/man/man3/HMAC.3ssl.gz
+usr/share/man/man3/HMAC_CTX_copy.3ssl.gz
+usr/share/man/man3/HMAC_CTX_free.3ssl.gz
+usr/share/man/man3/HMAC_CTX_get_md.3ssl.gz
+usr/share/man/man3/HMAC_CTX_new.3ssl.gz
+usr/share/man/man3/HMAC_CTX_reset.3ssl.gz
+usr/share/man/man3/HMAC_CTX_set_flags.3ssl.gz
+usr/share/man/man3/HMAC_Final.3ssl.gz
+usr/share/man/man3/HMAC_Init.3ssl.gz
+usr/share/man/man3/HMAC_Init_ex.3ssl.gz
+usr/share/man/man3/HMAC_size.3ssl.gz
+usr/share/man/man3/HMAC_Update.3ssl.gz
+usr/share/man/man3/i2d_ACCESS_DESCRIPTION.3ssl.gz
+usr/share/man/man3/i2d_ADMISSION_SYNTAX.3ssl.gz
+usr/share/man/man3/i2d_ADMISSIONS.3ssl.gz
+usr/share/man/man3/i2d_ASIdentifierChoice.3ssl.gz
+usr/share/man/man3/i2d_ASIdentifiers.3ssl.gz
+usr/share/man/man3/i2d_ASIdOrRange.3ssl.gz
+usr/share/man/man3/i2d_ASN1_bio_stream.3ssl.gz
+usr/share/man/man3/i2d_ASN1_BIT_STRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_BMPSTRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_ENUMERATED.3ssl.gz
+usr/share/man/man3/i2d_ASN1_GENERALIZEDTIME.3ssl.gz
+usr/share/man/man3/i2d_ASN1_GENERALSTRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_IA5STRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_INTEGER.3ssl.gz
+usr/share/man/man3/i2d_ASN1_NULL.3ssl.gz
+usr/share/man/man3/i2d_ASN1_OBJECT.3ssl.gz
+usr/share/man/man3/i2d_ASN1_OCTET_STRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_PRINTABLE.3ssl.gz
+usr/share/man/man3/i2d_ASN1_PRINTABLESTRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_SEQUENCE_ANY.3ssl.gz
+usr/share/man/man3/i2d_ASN1_SET_ANY.3ssl.gz
+usr/share/man/man3/i2d_ASN1_T61STRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_TIME.3ssl.gz
+usr/share/man/man3/i2d_ASN1_TYPE.3ssl.gz
+usr/share/man/man3/i2d_ASN1_UNIVERSALSTRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_UTCTIME.3ssl.gz
+usr/share/man/man3/i2d_ASN1_UTF8STRING.3ssl.gz
+usr/share/man/man3/i2d_ASN1_VISIBLESTRING.3ssl.gz
+usr/share/man/man3/i2d_ASRange.3ssl.gz
+usr/share/man/man3/i2d_AUTHORITY_INFO_ACCESS.3ssl.gz
+usr/share/man/man3/i2d_AUTHORITY_KEYID.3ssl.gz
+usr/share/man/man3/i2d_BASIC_CONSTRAINTS.3ssl.gz
+usr/share/man/man3/i2d_CERTIFICATEPOLICIES.3ssl.gz
+usr/share/man/man3/i2d_CMS_bio.3ssl.gz
+usr/share/man/man3/i2d_CMS_bio_stream.3ssl.gz
+usr/share/man/man3/i2d_CMS_ContentInfo.3ssl.gz
+usr/share/man/man3/i2d_CMS_ReceiptRequest.3ssl.gz
+usr/share/man/man3/i2d_CRL_DIST_POINTS.3ssl.gz
+usr/share/man/man3/i2d_DHparams.3ssl.gz
+usr/share/man/man3/i2d_DHxparams.3ssl.gz
+usr/share/man/man3/i2d_DIRECTORYSTRING.3ssl.gz
+usr/share/man/man3/i2d_DISPLAYTEXT.3ssl.gz
+usr/share/man/man3/i2d_DIST_POINT.3ssl.gz
+usr/share/man/man3/i2d_DIST_POINT_NAME.3ssl.gz
+usr/share/man/man3/i2d_DSA_PUBKEY.3ssl.gz
+usr/share/man/man3/i2d_DSA_PUBKEY_bio.3ssl.gz
+usr/share/man/man3/i2d_DSA_PUBKEY_fp.3ssl.gz
+usr/share/man/man3/i2d_DSA_SIG.3ssl.gz
+usr/share/man/man3/i2d_DSAparams.3ssl.gz
+usr/share/man/man3/i2d_DSAPrivateKey.3ssl.gz
+usr/share/man/man3/i2d_DSAPrivateKey_bio.3ssl.gz
+usr/share/man/man3/i2d_DSAPrivateKey_fp.3ssl.gz
+usr/share/man/man3/i2d_DSAPublicKey.3ssl.gz
+usr/share/man/man3/i2d_EC_PUBKEY.3ssl.gz
+usr/share/man/man3/i2d_EC_PUBKEY_bio.3ssl.gz
+usr/share/man/man3/i2d_EC_PUBKEY_fp.3ssl.gz
+usr/share/man/man3/i2d_ECDSA_SIG.3ssl.gz
+usr/share/man/man3/i2d_ECParameters.3ssl.gz
+usr/share/man/man3/i2d_ECPKParameters.3ssl.gz
+usr/share/man/man3/i2d_ECPrivateKey.3ssl.gz
+usr/share/man/man3/i2d_ECPrivateKey_bio.3ssl.gz
+usr/share/man/man3/i2d_ECPrivateKey_fp.3ssl.gz
+usr/share/man/man3/i2d_EDIPARTYNAME.3ssl.gz
+usr/share/man/man3/i2d_ESS_CERT_ID.3ssl.gz
+usr/share/man/man3/i2d_ESS_ISSUER_SERIAL.3ssl.gz
+usr/share/man/man3/i2d_ESS_SIGNING_CERT.3ssl.gz
+usr/share/man/man3/i2d_EXTENDED_KEY_USAGE.3ssl.gz
+usr/share/man/man3/i2d_GENERAL_NAME.3ssl.gz
+usr/share/man/man3/i2d_GENERAL_NAMES.3ssl.gz
+usr/share/man/man3/i2d_IPAddressChoice.3ssl.gz
+usr/share/man/man3/i2d_IPAddressFamily.3ssl.gz
+usr/share/man/man3/i2d_IPAddressOrRange.3ssl.gz
+usr/share/man/man3/i2d_IPAddressRange.3ssl.gz
+usr/share/man/man3/i2d_ISSUING_DIST_POINT.3ssl.gz
+usr/share/man/man3/i2d_NAMING_AUTHORITY.3ssl.gz
+usr/share/man/man3/i2d_NETSCAPE_CERT_SEQUENCE.3ssl.gz
+usr/share/man/man3/i2d_NETSCAPE_SPKAC.3ssl.gz
+usr/share/man/man3/i2d_NETSCAPE_SPKI.3ssl.gz
+usr/share/man/man3/i2d_NOTICEREF.3ssl.gz
+usr/share/man/man3/i2d_OCSP_BASICRESP.3ssl.gz
+usr/share/man/man3/i2d_OCSP_CERTID.3ssl.gz
+usr/share/man/man3/i2d_OCSP_CERTSTATUS.3ssl.gz
+usr/share/man/man3/i2d_OCSP_CRLID.3ssl.gz
+usr/share/man/man3/i2d_OCSP_ONEREQ.3ssl.gz
+usr/share/man/man3/i2d_OCSP_REQINFO.3ssl.gz
+usr/share/man/man3/i2d_OCSP_REQUEST.3ssl.gz
+usr/share/man/man3/i2d_OCSP_RESPBYTES.3ssl.gz
+usr/share/man/man3/i2d_OCSP_RESPDATA.3ssl.gz
+usr/share/man/man3/i2d_OCSP_RESPID.3ssl.gz
+usr/share/man/man3/i2d_OCSP_RESPONSE.3ssl.gz
+usr/share/man/man3/i2d_OCSP_REVOKEDINFO.3ssl.gz
+usr/share/man/man3/i2d_OCSP_SERVICELOC.3ssl.gz
+usr/share/man/man3/i2d_OCSP_SIGNATURE.3ssl.gz
+usr/share/man/man3/i2d_OCSP_SINGLERESP.3ssl.gz
+usr/share/man/man3/i2d_OTHERNAME.3ssl.gz
+usr/share/man/man3/i2d_PBE2PARAM.3ssl.gz
+usr/share/man/man3/i2d_PBEPARAM.3ssl.gz
+usr/share/man/man3/i2d_PBKDF2PARAM.3ssl.gz
+usr/share/man/man3/i2d_PKCS12.3ssl.gz
+usr/share/man/man3/i2d_PKCS12_BAGS.3ssl.gz
+usr/share/man/man3/i2d_PKCS12_bio.3ssl.gz
+usr/share/man/man3/i2d_PKCS12_fp.3ssl.gz
+usr/share/man/man3/i2d_PKCS12_MAC_DATA.3ssl.gz
+usr/share/man/man3/i2d_PKCS12_SAFEBAG.3ssl.gz
+usr/share/man/man3/i2d_PKCS7.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_bio.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_bio_stream.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_DIGEST.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_ENC_CONTENT.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_ENCRYPT.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_ENVELOPE.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_fp.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_ISSUER_AND_SERIAL.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_NDEF.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_RECIP_INFO.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_SIGN_ENVELOPE.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_SIGNED.3ssl.gz
+usr/share/man/man3/i2d_PKCS7_SIGNER_INFO.3ssl.gz
+usr/share/man/man3/i2d_PKCS8_bio.3ssl.gz
+usr/share/man/man3/i2d_PKCS8_fp.3ssl.gz
+usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO.3ssl.gz
+usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO_bio.3ssl.gz
+usr/share/man/man3/i2d_PKCS8_PRIV_KEY_INFO_fp.3ssl.gz
+usr/share/man/man3/i2d_PKCS8PrivateKey_bio.3ssl.gz
+usr/share/man/man3/i2d_PKCS8PrivateKey_fp.3ssl.gz
+usr/share/man/man3/i2d_PKCS8PrivateKey_nid_bio.3ssl.gz
+usr/share/man/man3/i2d_PKCS8PrivateKey_nid_fp.3ssl.gz
+usr/share/man/man3/i2d_PKCS8PrivateKeyInfo_bio.3ssl.gz
+usr/share/man/man3/i2d_PKCS8PrivateKeyInfo_fp.3ssl.gz
+usr/share/man/man3/i2d_PKEY_USAGE_PERIOD.3ssl.gz
+usr/share/man/man3/i2d_POLICYINFO.3ssl.gz
+usr/share/man/man3/i2d_POLICYQUALINFO.3ssl.gz
+usr/share/man/man3/i2d_PrivateKey.3ssl.gz
+usr/share/man/man3/i2d_PROFESSION_INFO.3ssl.gz
+usr/share/man/man3/i2d_PROXY_CERT_INFO_EXTENSION.3ssl.gz
+usr/share/man/man3/i2d_PROXY_POLICY.3ssl.gz
+usr/share/man/man3/i2d_PUBKEY.3ssl.gz
+usr/share/man/man3/i2d_PUBKEY_bio.3ssl.gz
+usr/share/man/man3/i2d_PUBKEY_fp.3ssl.gz
+usr/share/man/man3/i2d_PublicKey.3ssl.gz
+usr/share/man/man3/i2d_re_X509_CRL_tbs.3ssl.gz
+usr/share/man/man3/i2d_re_X509_REQ_tbs.3ssl.gz
+usr/share/man/man3/i2d_re_X509_tbs.3ssl.gz
+usr/share/man/man3/i2d_RSA_OAEP_PARAMS.3ssl.gz
+usr/share/man/man3/i2d_RSA_PSS_PARAMS.3ssl.gz
+usr/share/man/man3/i2d_RSA_PUBKEY.3ssl.gz
+usr/share/man/man3/i2d_RSA_PUBKEY_bio.3ssl.gz
+usr/share/man/man3/i2d_RSA_PUBKEY_fp.3ssl.gz
+usr/share/man/man3/i2d_RSAPrivateKey.3ssl.gz
+usr/share/man/man3/i2d_RSAPrivateKey_bio.3ssl.gz
+usr/share/man/man3/i2d_RSAPrivateKey_fp.3ssl.gz
+usr/share/man/man3/i2d_RSAPublicKey.3ssl.gz
+usr/share/man/man3/i2d_RSAPublicKey_bio.3ssl.gz
+usr/share/man/man3/i2d_RSAPublicKey_fp.3ssl.gz
+usr/share/man/man3/i2d_SCRYPT_PARAMS.3ssl.gz
+usr/share/man/man3/i2d_SCT_LIST.3ssl.gz
+usr/share/man/man3/i2d_SSL_SESSION.3ssl.gz
+usr/share/man/man3/i2d_SXNET.3ssl.gz
+usr/share/man/man3/i2d_SXNETID.3ssl.gz
+usr/share/man/man3/i2d_TS_ACCURACY.3ssl.gz
+usr/share/man/man3/i2d_TS_MSG_IMPRINT.3ssl.gz
+usr/share/man/man3/i2d_TS_MSG_IMPRINT_bio.3ssl.gz
+usr/share/man/man3/i2d_TS_MSG_IMPRINT_fp.3ssl.gz
+usr/share/man/man3/i2d_TS_REQ.3ssl.gz
+usr/share/man/man3/i2d_TS_REQ_bio.3ssl.gz
+usr/share/man/man3/i2d_TS_REQ_fp.3ssl.gz
+usr/share/man/man3/i2d_TS_RESP.3ssl.gz
+usr/share/man/man3/i2d_TS_RESP_bio.3ssl.gz
+usr/share/man/man3/i2d_TS_RESP_fp.3ssl.gz
+usr/share/man/man3/i2d_TS_STATUS_INFO.3ssl.gz
+usr/share/man/man3/i2d_TS_TST_INFO.3ssl.gz
+usr/share/man/man3/i2d_TS_TST_INFO_bio.3ssl.gz
+usr/share/man/man3/i2d_TS_TST_INFO_fp.3ssl.gz
+usr/share/man/man3/i2d_USERNOTICE.3ssl.gz
+usr/share/man/man3/i2d_X509.3ssl.gz
+usr/share/man/man3/i2d_X509_ALGOR.3ssl.gz
+usr/share/man/man3/i2d_X509_ALGORS.3ssl.gz
+usr/share/man/man3/i2d_X509_ATTRIBUTE.3ssl.gz
+usr/share/man/man3/i2d_X509_AUX.3ssl.gz
+usr/share/man/man3/i2d_X509_CERT_AUX.3ssl.gz
+usr/share/man/man3/i2d_X509_CINF.3ssl.gz
+usr/share/man/man3/i2d_X509_CRL.3ssl.gz
+usr/share/man/man3/i2d_X509_CRL_bio.3ssl.gz
+usr/share/man/man3/i2d_X509_CRL_fp.3ssl.gz
+usr/share/man/man3/i2d_X509_CRL_INFO.3ssl.gz
+usr/share/man/man3/i2d_X509_EXTENSION.3ssl.gz
+usr/share/man/man3/i2d_X509_EXTENSIONS.3ssl.gz
+usr/share/man/man3/i2d_X509_NAME.3ssl.gz
+usr/share/man/man3/i2d_X509_NAME_ENTRY.3ssl.gz
+usr/share/man/man3/i2d_X509_PUBKEY.3ssl.gz
+usr/share/man/man3/i2d_X509_REQ.3ssl.gz
+usr/share/man/man3/i2d_X509_REQ_bio.3ssl.gz
+usr/share/man/man3/i2d_X509_REQ_fp.3ssl.gz
+usr/share/man/man3/i2d_X509_REQ_INFO.3ssl.gz
+usr/share/man/man3/i2d_X509_REVOKED.3ssl.gz
+usr/share/man/man3/i2d_X509_SIG.3ssl.gz
+usr/share/man/man3/i2d_X509_VAL.3ssl.gz
+usr/share/man/man3/i2o_SCT.3ssl.gz
+usr/share/man/man3/i2o_SCT_LIST.3ssl.gz
+usr/share/man/man3/i2t_ASN1_OBJECT.3ssl.gz
+usr/share/man/man3/IMPLEMENT_ASN1_FUNCTIONS.3ssl.gz
+usr/share/man/man3/IMPLEMENT_LHASH_COMP_FN.3ssl.gz
+usr/share/man/man3/IMPLEMENT_LHASH_HASH_FN.3ssl.gz
+usr/share/man/man3/IPAddressChoice_free.3ssl.gz
+usr/share/man/man3/IPAddressChoice_new.3ssl.gz
+usr/share/man/man3/IPAddressFamily_free.3ssl.gz
+usr/share/man/man3/IPAddressFamily_new.3ssl.gz
+usr/share/man/man3/IPAddressOrRange_free.3ssl.gz
+usr/share/man/man3/IPAddressOrRange_new.3ssl.gz
+usr/share/man/man3/IPAddressRange_free.3ssl.gz
+usr/share/man/man3/IPAddressRange_new.3ssl.gz
+usr/share/man/man3/ISSUING_DIST_POINT_free.3ssl.gz
+usr/share/man/man3/ISSUING_DIST_POINT_new.3ssl.gz
+usr/share/man/man3/lh_TYPE_delete.3ssl.gz
+usr/share/man/man3/lh_TYPE_doall.3ssl.gz
+usr/share/man/man3/lh_TYPE_doall_arg.3ssl.gz
+usr/share/man/man3/lh_TYPE_error.3ssl.gz
+usr/share/man/man3/lh_TYPE_free.3ssl.gz
+usr/share/man/man3/lh_TYPE_insert.3ssl.gz
+usr/share/man/man3/lh_TYPE_new.3ssl.gz
+usr/share/man/man3/lh_TYPE_retrieve.3ssl.gz
+usr/share/man/man3/LHASH.3ssl.gz
+usr/share/man/man3/LHASH_DOALL_ARG_FN_TYPE.3ssl.gz
+usr/share/man/man3/MD2.3ssl.gz
+usr/share/man/man3/MD2_Final.3ssl.gz
+usr/share/man/man3/MD2_Init.3ssl.gz
+usr/share/man/man3/MD2_Update.3ssl.gz
+usr/share/man/man3/MD4.3ssl.gz
+usr/share/man/man3/MD4_Final.3ssl.gz
+usr/share/man/man3/MD4_Init.3ssl.gz
+usr/share/man/man3/MD4_Update.3ssl.gz
+usr/share/man/man3/MD5.3ssl.gz
+usr/share/man/man3/MD5_Final.3ssl.gz
+usr/share/man/man3/MD5_Init.3ssl.gz
+usr/share/man/man3/MD5_Update.3ssl.gz
+usr/share/man/man3/MDC2.3ssl.gz
+usr/share/man/man3/MDC2_Final.3ssl.gz
+usr/share/man/man3/MDC2_Init.3ssl.gz
+usr/share/man/man3/MDC2_Update.3ssl.gz
+usr/share/man/man3/NAME_CONSTRAINTS_free.3ssl.gz
+usr/share/man/man3/NAME_CONSTRAINTS_new.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY_free.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY_get0_authorityId.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY_get0_authorityText.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY_get0_authorityURL.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY_new.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY_set0_authorityId.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY_set0_authorityText.3ssl.gz
+usr/share/man/man3/NAMING_AUTHORITY_set0_authorityURL.3ssl.gz
+usr/share/man/man3/NETSCAPE_CERT_SEQUENCE_free.3ssl.gz
+usr/share/man/man3/NETSCAPE_CERT_SEQUENCE_new.3ssl.gz
+usr/share/man/man3/NETSCAPE_SPKAC_free.3ssl.gz
+usr/share/man/man3/NETSCAPE_SPKAC_new.3ssl.gz
+usr/share/man/man3/NETSCAPE_SPKI_free.3ssl.gz
+usr/share/man/man3/NETSCAPE_SPKI_new.3ssl.gz
+usr/share/man/man3/NOTICEREF_free.3ssl.gz
+usr/share/man/man3/NOTICEREF_new.3ssl.gz
+usr/share/man/man3/o2i_SCT.3ssl.gz
+usr/share/man/man3/o2i_SCT_LIST.3ssl.gz
+usr/share/man/man3/OBJ_cleanup.3ssl.gz
+usr/share/man/man3/OBJ_cmp.3ssl.gz
+usr/share/man/man3/OBJ_create.3ssl.gz
+usr/share/man/man3/OBJ_dup.3ssl.gz
+usr/share/man/man3/OBJ_get0_data.3ssl.gz
+usr/share/man/man3/OBJ_length.3ssl.gz
+usr/share/man/man3/OBJ_ln2nid.3ssl.gz
+usr/share/man/man3/OBJ_nid2ln.3ssl.gz
+usr/share/man/man3/OBJ_nid2obj.3ssl.gz
+usr/share/man/man3/OBJ_nid2sn.3ssl.gz
+usr/share/man/man3/OBJ_obj2nid.3ssl.gz
+usr/share/man/man3/OBJ_obj2txt.3ssl.gz
+usr/share/man/man3/OBJ_sn2nid.3ssl.gz
+usr/share/man/man3/OBJ_txt2nid.3ssl.gz
+usr/share/man/man3/OBJ_txt2obj.3ssl.gz
+usr/share/man/man3/OCSP_basic_add1_nonce.3ssl.gz
+usr/share/man/man3/OCSP_basic_sign.3ssl.gz
+usr/share/man/man3/OCSP_basic_sign_ctx.3ssl.gz
+usr/share/man/man3/OCSP_basic_verify.3ssl.gz
+usr/share/man/man3/OCSP_BASICRESP_free.3ssl.gz
+usr/share/man/man3/OCSP_BASICRESP_new.3ssl.gz
+usr/share/man/man3/OCSP_cert_id_new.3ssl.gz
+usr/share/man/man3/OCSP_cert_to_id.3ssl.gz
+usr/share/man/man3/OCSP_CERTID_dup.3ssl.gz
+usr/share/man/man3/OCSP_CERTID_free.3ssl.gz
+usr/share/man/man3/OCSP_CERTID_new.3ssl.gz
+usr/share/man/man3/OCSP_CERTSTATUS_free.3ssl.gz
+usr/share/man/man3/OCSP_CERTSTATUS_new.3ssl.gz
+usr/share/man/man3/OCSP_check_nonce.3ssl.gz
+usr/share/man/man3/OCSP_check_validity.3ssl.gz
+usr/share/man/man3/OCSP_copy_nonce.3ssl.gz
+usr/share/man/man3/OCSP_CRLID_free.3ssl.gz
+usr/share/man/man3/OCSP_CRLID_new.3ssl.gz
+usr/share/man/man3/OCSP_id_cmp.3ssl.gz
+usr/share/man/man3/OCSP_id_get0_info.3ssl.gz
+usr/share/man/man3/OCSP_id_issuer_cmp.3ssl.gz
+usr/share/man/man3/OCSP_ONEREQ_free.3ssl.gz
+usr/share/man/man3/OCSP_ONEREQ_new.3ssl.gz
+usr/share/man/man3/OCSP_REQ_CTX_add1_header.3ssl.gz
+usr/share/man/man3/OCSP_REQ_CTX_free.3ssl.gz
+usr/share/man/man3/OCSP_REQ_CTX_set1_req.3ssl.gz
+usr/share/man/man3/OCSP_REQINFO_free.3ssl.gz
+usr/share/man/man3/OCSP_REQINFO_new.3ssl.gz
+usr/share/man/man3/OCSP_request_add0_id.3ssl.gz
+usr/share/man/man3/OCSP_request_add1_cert.3ssl.gz
+usr/share/man/man3/OCSP_request_add1_nonce.3ssl.gz
+usr/share/man/man3/OCSP_REQUEST_free.3ssl.gz
+usr/share/man/man3/OCSP_REQUEST_new.3ssl.gz
+usr/share/man/man3/OCSP_request_onereq_count.3ssl.gz
+usr/share/man/man3/OCSP_request_onereq_get0.3ssl.gz
+usr/share/man/man3/OCSP_request_sign.3ssl.gz
+usr/share/man/man3/OCSP_resp_count.3ssl.gz
+usr/share/man/man3/OCSP_resp_find.3ssl.gz
+usr/share/man/man3/OCSP_resp_find_status.3ssl.gz
+usr/share/man/man3/OCSP_resp_get0.3ssl.gz
+usr/share/man/man3/OCSP_resp_get0_certs.3ssl.gz
+usr/share/man/man3/OCSP_resp_get0_id.3ssl.gz
+usr/share/man/man3/OCSP_resp_get0_produced_at.3ssl.gz
+usr/share/man/man3/OCSP_resp_get0_respdata.3ssl.gz
+usr/share/man/man3/OCSP_resp_get0_signature.3ssl.gz
+usr/share/man/man3/OCSP_resp_get0_signer.3ssl.gz
+usr/share/man/man3/OCSP_resp_get0_tbs_sigalg.3ssl.gz
+usr/share/man/man3/OCSP_resp_get1_id.3ssl.gz
+usr/share/man/man3/OCSP_RESPBYTES_free.3ssl.gz
+usr/share/man/man3/OCSP_RESPBYTES_new.3ssl.gz
+usr/share/man/man3/OCSP_RESPDATA_free.3ssl.gz
+usr/share/man/man3/OCSP_RESPDATA_new.3ssl.gz
+usr/share/man/man3/OCSP_RESPID_free.3ssl.gz
+usr/share/man/man3/OCSP_RESPID_match.3ssl.gz
+usr/share/man/man3/OCSP_RESPID_new.3ssl.gz
+usr/share/man/man3/OCSP_RESPID_set_by_key.3ssl.gz
+usr/share/man/man3/OCSP_RESPID_set_by_name.3ssl.gz
+usr/share/man/man3/OCSP_response_create.3ssl.gz
+usr/share/man/man3/OCSP_RESPONSE_free.3ssl.gz
+usr/share/man/man3/OCSP_response_get1_basic.3ssl.gz
+usr/share/man/man3/OCSP_RESPONSE_new.3ssl.gz
+usr/share/man/man3/OCSP_response_status.3ssl.gz
+usr/share/man/man3/OCSP_REVOKEDINFO_free.3ssl.gz
+usr/share/man/man3/OCSP_REVOKEDINFO_new.3ssl.gz
+usr/share/man/man3/OCSP_sendreq_bio.3ssl.gz
+usr/share/man/man3/OCSP_sendreq_nbio.3ssl.gz
+usr/share/man/man3/OCSP_sendreq_new.3ssl.gz
+usr/share/man/man3/OCSP_SERVICELOC_free.3ssl.gz
+usr/share/man/man3/OCSP_SERVICELOC_new.3ssl.gz
+usr/share/man/man3/OCSP_set_max_response_length.3ssl.gz
+usr/share/man/man3/OCSP_SIGNATURE_free.3ssl.gz
+usr/share/man/man3/OCSP_SIGNATURE_new.3ssl.gz
+usr/share/man/man3/OCSP_single_get0_status.3ssl.gz
+usr/share/man/man3/OCSP_SINGLERESP_free.3ssl.gz
+usr/share/man/man3/OCSP_SINGLERESP_new.3ssl.gz
+usr/share/man/man3/OpenSSL_add_all_algorithms.3ssl.gz
+usr/share/man/man3/OpenSSL_add_all_ciphers.3ssl.gz
+usr/share/man/man3/OpenSSL_add_all_digests.3ssl.gz
+usr/share/man/man3/OpenSSL_add_ssl_algorithms.3ssl.gz
+usr/share/man/man3/OPENSSL_Applink.3ssl.gz
+usr/share/man/man3/OPENSSL_atexit.3ssl.gz
+usr/share/man/man3/OPENSSL_buf2hexstr.3ssl.gz
+usr/share/man/man3/OPENSSL_cipher_name.3ssl.gz
+usr/share/man/man3/OPENSSL_cleanse.3ssl.gz
+usr/share/man/man3/OPENSSL_cleanup.3ssl.gz
+usr/share/man/man3/OPENSSL_clear_free.3ssl.gz
+usr/share/man/man3/OPENSSL_clear_realloc.3ssl.gz
+usr/share/man/man3/OPENSSL_config.3ssl.gz
+usr/share/man/man3/OPENSSL_fork_child.3ssl.gz
+usr/share/man/man3/OPENSSL_fork_parent.3ssl.gz
+usr/share/man/man3/OPENSSL_fork_prepare.3ssl.gz
+usr/share/man/man3/OPENSSL_free.3ssl.gz
+usr/share/man/man3/OPENSSL_hexchar2int.3ssl.gz
+usr/share/man/man3/OPENSSL_hexstr2buf.3ssl.gz
+usr/share/man/man3/OPENSSL_ia32cap.3ssl.gz
+usr/share/man/man3/OPENSSL_init_crypto.3ssl.gz
+usr/share/man/man3/OPENSSL_INIT_free.3ssl.gz
+usr/share/man/man3/OPENSSL_INIT_new.3ssl.gz
+usr/share/man/man3/OPENSSL_INIT_set_config_appname.3ssl.gz
+usr/share/man/man3/OPENSSL_INIT_set_config_file_flags.3ssl.gz
+usr/share/man/man3/OPENSSL_INIT_set_config_filename.3ssl.gz
+usr/share/man/man3/OPENSSL_init_ssl.3ssl.gz
+usr/share/man/man3/OPENSSL_instrument_bus.3ssl.gz
+usr/share/man/man3/OPENSSL_instrument_bus2.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_COMPFUNC.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_DOALL_FUNC.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_HASHFUNC.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_node_stats.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_node_stats_bio.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_node_usage_stats.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_node_usage_stats_bio.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_stats.3ssl.gz
+usr/share/man/man3/OPENSSL_LH_stats_bio.3ssl.gz
+usr/share/man/man3/OPENSSL_load_builtin_modules.3ssl.gz
+usr/share/man/man3/OPENSSL_malloc.3ssl.gz
+usr/share/man/man3/OPENSSL_MALLOC_FAILURES.3ssl.gz
+usr/share/man/man3/OPENSSL_MALLOC_FD.3ssl.gz
+usr/share/man/man3/OPENSSL_malloc_init.3ssl.gz
+usr/share/man/man3/OPENSSL_mem_debug_pop.3ssl.gz
+usr/share/man/man3/OPENSSL_mem_debug_push.3ssl.gz
+usr/share/man/man3/OPENSSL_memdup.3ssl.gz
+usr/share/man/man3/OPENSSL_no_config.3ssl.gz
+usr/share/man/man3/OPENSSL_realloc.3ssl.gz
+usr/share/man/man3/OPENSSL_secure_actual_size.3ssl.gz
+usr/share/man/man3/OPENSSL_secure_clear_free.3ssl.gz
+usr/share/man/man3/OPENSSL_secure_free.3ssl.gz
+usr/share/man/man3/OPENSSL_secure_malloc.3ssl.gz
+usr/share/man/man3/OPENSSL_secure_zalloc.3ssl.gz
+usr/share/man/man3/OPENSSL_strdup.3ssl.gz
+usr/share/man/man3/OPENSSL_strlcat.3ssl.gz
+usr/share/man/man3/OPENSSL_strlcpy.3ssl.gz
+usr/share/man/man3/OPENSSL_strndup.3ssl.gz
+usr/share/man/man3/OPENSSL_thread_stop.3ssl.gz
+usr/share/man/man3/OpenSSL_version.3ssl.gz
+usr/share/man/man3/OpenSSL_version_num.3ssl.gz
+usr/share/man/man3/OPENSSL_VERSION_NUMBER.3ssl.gz
+usr/share/man/man3/OPENSSL_VERSION_TEXT.3ssl.gz
+usr/share/man/man3/OPENSSL_zalloc.3ssl.gz
+usr/share/man/man3/OSSL_STORE_close.3ssl.gz
+usr/share/man/man3/OSSL_STORE_close_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_ctrl.3ssl.gz
+usr/share/man/man3/OSSL_STORE_ctrl_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_CTX.3ssl.gz
+usr/share/man/man3/OSSL_STORE_eof.3ssl.gz
+usr/share/man/man3/OSSL_STORE_eof_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_error.3ssl.gz
+usr/share/man/man3/OSSL_STORE_error_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_expect.3ssl.gz
+usr/share/man/man3/OSSL_STORE_expect_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_find.3ssl.gz
+usr/share/man/man3/OSSL_STORE_find_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_free.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get0_CERT.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get0_CRL.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get0_NAME.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get0_NAME_description.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get0_PARAMS.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get0_PKEY.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get1_CERT.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get1_CRL.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get1_NAME.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get1_NAME_description.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get1_PARAMS.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get1_PKEY.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_get_type.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_new_CERT.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_new_CRL.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_new_NAME.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_new_PARAMS.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_new_PKEY.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_set0_NAME_description.3ssl.gz
+usr/share/man/man3/OSSL_STORE_INFO_type_string.3ssl.gz
+usr/share/man/man3/OSSL_STORE_load.3ssl.gz
+usr/share/man/man3/OSSL_STORE_load_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_CTX.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_free.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_get0_engine.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_get0_scheme.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_new.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_set_close.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_set_ctrl.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_set_eof.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_set_error.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_set_expect.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_set_find.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_set_load.3ssl.gz
+usr/share/man/man3/OSSL_STORE_LOADER_set_open.3ssl.gz
+usr/share/man/man3/OSSL_STORE_open.3ssl.gz
+usr/share/man/man3/OSSL_STORE_open_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_post_process_info_fn.3ssl.gz
+usr/share/man/man3/OSSL_STORE_register_loader.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_by_alias.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_by_issuer_serial.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_by_key_fingerprint.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_by_name.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_free.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_get0_bytes.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_get0_digest.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_get0_name.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_get0_serial.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_get0_string.3ssl.gz
+usr/share/man/man3/OSSL_STORE_SEARCH_get_type.3ssl.gz
+usr/share/man/man3/OSSL_STORE_supports_search.3ssl.gz
+usr/share/man/man3/OSSL_STORE_unregister_loader.3ssl.gz
+usr/share/man/man3/OTHERNAME_free.3ssl.gz
+usr/share/man/man3/OTHERNAME_new.3ssl.gz
+usr/share/man/man3/PBE2PARAM_free.3ssl.gz
+usr/share/man/man3/PBE2PARAM_new.3ssl.gz
+usr/share/man/man3/PBEPARAM_free.3ssl.gz
+usr/share/man/man3/PBEPARAM_new.3ssl.gz
+usr/share/man/man3/PBKDF2PARAM_free.3ssl.gz
+usr/share/man/man3/PBKDF2PARAM_new.3ssl.gz
+usr/share/man/man3/PEM_bytes_read_bio.3ssl.gz
+usr/share/man/man3/PEM_bytes_read_bio_secmem.3ssl.gz
+usr/share/man/man3/PEM_do_header.3ssl.gz
+usr/share/man/man3/PEM_FLAG_EAY_COMPATIBLE.3ssl.gz
+usr/share/man/man3/PEM_FLAG_ONLY_B64.3ssl.gz
+usr/share/man/man3/PEM_FLAG_SECURE.3ssl.gz
+usr/share/man/man3/PEM_get_EVP_CIPHER_INFO.3ssl.gz
+usr/share/man/man3/pem_password_cb.3ssl.gz
+usr/share/man/man3/PEM_read.3ssl.gz
+usr/share/man/man3/PEM_read_bio.3ssl.gz
+usr/share/man/man3/PEM_read_bio_CMS.3ssl.gz
+usr/share/man/man3/PEM_read_bio_DHparams.3ssl.gz
+usr/share/man/man3/PEM_read_bio_DSA_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_read_bio_DSAparams.3ssl.gz
+usr/share/man/man3/PEM_read_bio_DSAPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_read_bio_EC_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_read_bio_ECPKParameters.3ssl.gz
+usr/share/man/man3/PEM_read_bio_ex.3ssl.gz
+usr/share/man/man3/PEM_read_bio_NETSCAPE_CERT_SEQUENCE.3ssl.gz
+usr/share/man/man3/PEM_read_bio_PKCS7.3ssl.gz
+usr/share/man/man3/PEM_read_bio_PKCS8.3ssl.gz
+usr/share/man/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.3ssl.gz
+usr/share/man/man3/PEM_read_bio_PrivateKey.3ssl.gz
+usr/share/man/man3/PEM_read_bio_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_read_bio_RSA_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_read_bio_RSAPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_read_bio_RSAPublicKey.3ssl.gz
+usr/share/man/man3/PEM_read_bio_SSL_SESSION.3ssl.gz
+usr/share/man/man3/PEM_read_bio_X509.3ssl.gz
+usr/share/man/man3/PEM_read_bio_X509_AUX.3ssl.gz
+usr/share/man/man3/PEM_read_bio_X509_CRL.3ssl.gz
+usr/share/man/man3/PEM_read_bio_X509_REQ.3ssl.gz
+usr/share/man/man3/PEM_read_CMS.3ssl.gz
+usr/share/man/man3/PEM_read_DHparams.3ssl.gz
+usr/share/man/man3/PEM_read_DSA_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_read_DSAparams.3ssl.gz
+usr/share/man/man3/PEM_read_DSAPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_read_EC_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_read_ECPKParameters.3ssl.gz
+usr/share/man/man3/PEM_read_ECPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_read_NETSCAPE_CERT_SEQUENCE.3ssl.gz
+usr/share/man/man3/PEM_read_PKCS7.3ssl.gz
+usr/share/man/man3/PEM_read_PKCS8.3ssl.gz
+usr/share/man/man3/PEM_read_PKCS8_PRIV_KEY_INFO.3ssl.gz
+usr/share/man/man3/PEM_read_PrivateKey.3ssl.gz
+usr/share/man/man3/PEM_read_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_read_RSA_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_read_RSAPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_read_RSAPublicKey.3ssl.gz
+usr/share/man/man3/PEM_read_SSL_SESSION.3ssl.gz
+usr/share/man/man3/PEM_read_X509.3ssl.gz
+usr/share/man/man3/PEM_read_X509_AUX.3ssl.gz
+usr/share/man/man3/PEM_read_X509_CRL.3ssl.gz
+usr/share/man/man3/PEM_read_X509_REQ.3ssl.gz
+usr/share/man/man3/PEM_write.3ssl.gz
+usr/share/man/man3/PEM_write_bio.3ssl.gz
+usr/share/man/man3/PEM_write_bio_CMS.3ssl.gz
+usr/share/man/man3/PEM_write_bio_CMS_stream.3ssl.gz
+usr/share/man/man3/PEM_write_bio_DHparams.3ssl.gz
+usr/share/man/man3/PEM_write_bio_DHxparams.3ssl.gz
+usr/share/man/man3/PEM_write_bio_DSA_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_write_bio_DSAparams.3ssl.gz
+usr/share/man/man3/PEM_write_bio_DSAPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_bio_EC_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_write_bio_ECPKParameters.3ssl.gz
+usr/share/man/man3/PEM_write_bio_ECPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_bio_NETSCAPE_CERT_SEQUENCE.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PKCS7.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PKCS7_stream.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PKCS8.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PKCS8PrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PKCS8PrivateKey_nid.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PrivateKey_traditional.3ssl.gz
+usr/share/man/man3/PEM_write_bio_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_write_bio_RSA_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_write_bio_RSAPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_bio_RSAPublicKey.3ssl.gz
+usr/share/man/man3/PEM_write_bio_SSL_SESSION.3ssl.gz
+usr/share/man/man3/PEM_write_bio_X509.3ssl.gz
+usr/share/man/man3/PEM_write_bio_X509_AUX.3ssl.gz
+usr/share/man/man3/PEM_write_bio_X509_CRL.3ssl.gz
+usr/share/man/man3/PEM_write_bio_X509_REQ.3ssl.gz
+usr/share/man/man3/PEM_write_bio_X509_REQ_NEW.3ssl.gz
+usr/share/man/man3/PEM_write_CMS.3ssl.gz
+usr/share/man/man3/PEM_write_DHparams.3ssl.gz
+usr/share/man/man3/PEM_write_DHxparams.3ssl.gz
+usr/share/man/man3/PEM_write_DSA_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_write_DSAparams.3ssl.gz
+usr/share/man/man3/PEM_write_DSAPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_EC_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_write_ECPKParameters.3ssl.gz
+usr/share/man/man3/PEM_write_ECPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_NETSCAPE_CERT_SEQUENCE.3ssl.gz
+usr/share/man/man3/PEM_write_PKCS7.3ssl.gz
+usr/share/man/man3/PEM_write_PKCS8.3ssl.gz
+usr/share/man/man3/PEM_write_PKCS8_PRIV_KEY_INFO.3ssl.gz
+usr/share/man/man3/PEM_write_PKCS8PrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_PKCS8PrivateKey_nid.3ssl.gz
+usr/share/man/man3/PEM_write_PrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_write_RSA_PUBKEY.3ssl.gz
+usr/share/man/man3/PEM_write_RSAPrivateKey.3ssl.gz
+usr/share/man/man3/PEM_write_RSAPublicKey.3ssl.gz
+usr/share/man/man3/PEM_write_SSL_SESSION.3ssl.gz
+usr/share/man/man3/PEM_write_X509.3ssl.gz
+usr/share/man/man3/PEM_write_X509_AUX.3ssl.gz
+usr/share/man/man3/PEM_write_X509_CRL.3ssl.gz
+usr/share/man/man3/PEM_write_X509_REQ.3ssl.gz
+usr/share/man/man3/PEM_write_X509_REQ_NEW.3ssl.gz
+usr/share/man/man3/PKCS12_BAGS_free.3ssl.gz
+usr/share/man/man3/PKCS12_BAGS_new.3ssl.gz
+usr/share/man/man3/PKCS12_create.3ssl.gz
+usr/share/man/man3/PKCS12_free.3ssl.gz
+usr/share/man/man3/PKCS12_MAC_DATA_free.3ssl.gz
+usr/share/man/man3/PKCS12_MAC_DATA_new.3ssl.gz
+usr/share/man/man3/PKCS12_new.3ssl.gz
+usr/share/man/man3/PKCS12_newpass.3ssl.gz
+usr/share/man/man3/PKCS12_parse.3ssl.gz
+usr/share/man/man3/PKCS12_SAFEBAG_free.3ssl.gz
+usr/share/man/man3/PKCS12_SAFEBAG_new.3ssl.gz
+usr/share/man/man3/PKCS5_PBKDF2_HMAC.3ssl.gz
+usr/share/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3ssl.gz
+usr/share/man/man3/PKCS7_decrypt.3ssl.gz
+usr/share/man/man3/PKCS7_DIGEST_free.3ssl.gz
+usr/share/man/man3/PKCS7_DIGEST_new.3ssl.gz
+usr/share/man/man3/PKCS7_dup.3ssl.gz
+usr/share/man/man3/PKCS7_ENC_CONTENT_free.3ssl.gz
+usr/share/man/man3/PKCS7_ENC_CONTENT_new.3ssl.gz
+usr/share/man/man3/PKCS7_encrypt.3ssl.gz
+usr/share/man/man3/PKCS7_ENCRYPT_free.3ssl.gz
+usr/share/man/man3/PKCS7_ENCRYPT_new.3ssl.gz
+usr/share/man/man3/PKCS7_ENVELOPE_free.3ssl.gz
+usr/share/man/man3/PKCS7_ENVELOPE_new.3ssl.gz
+usr/share/man/man3/PKCS7_free.3ssl.gz
+usr/share/man/man3/PKCS7_get0_signers.3ssl.gz
+usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_digest.3ssl.gz
+usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_free.3ssl.gz
+usr/share/man/man3/PKCS7_ISSUER_AND_SERIAL_new.3ssl.gz
+usr/share/man/man3/PKCS7_new.3ssl.gz
+usr/share/man/man3/PKCS7_print_ctx.3ssl.gz
+usr/share/man/man3/PKCS7_RECIP_INFO_free.3ssl.gz
+usr/share/man/man3/PKCS7_RECIP_INFO_new.3ssl.gz
+usr/share/man/man3/PKCS7_sign.3ssl.gz
+usr/share/man/man3/PKCS7_sign_add_signer.3ssl.gz
+usr/share/man/man3/PKCS7_SIGN_ENVELOPE_free.3ssl.gz
+usr/share/man/man3/PKCS7_SIGN_ENVELOPE_new.3ssl.gz
+usr/share/man/man3/PKCS7_SIGNED_free.3ssl.gz
+usr/share/man/man3/PKCS7_SIGNED_new.3ssl.gz
+usr/share/man/man3/PKCS7_SIGNER_INFO_free.3ssl.gz
+usr/share/man/man3/PKCS7_SIGNER_INFO_new.3ssl.gz
+usr/share/man/man3/PKCS7_verify.3ssl.gz
+usr/share/man/man3/PKCS8_PRIV_KEY_INFO_free.3ssl.gz
+usr/share/man/man3/PKCS8_PRIV_KEY_INFO_new.3ssl.gz
+usr/share/man/man3/PKEY_USAGE_PERIOD_free.3ssl.gz
+usr/share/man/man3/PKEY_USAGE_PERIOD_new.3ssl.gz
+usr/share/man/man3/POLICY_CONSTRAINTS_free.3ssl.gz
+usr/share/man/man3/POLICY_CONSTRAINTS_new.3ssl.gz
+usr/share/man/man3/POLICY_MAPPING_free.3ssl.gz
+usr/share/man/man3/POLICY_MAPPING_new.3ssl.gz
+usr/share/man/man3/POLICYINFO_free.3ssl.gz
+usr/share/man/man3/POLICYINFO_new.3ssl.gz
+usr/share/man/man3/POLICYQUALINFO_free.3ssl.gz
+usr/share/man/man3/POLICYQUALINFO_new.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_free.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_get0_addProfessionInfo.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_get0_namingAuthority.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_get0_professionItems.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_get0_professionOIDs.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_get0_registrationNumber.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_new.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_set0_addProfessionInfo.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_set0_namingAuthority.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_set0_professionItems.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_set0_professionOIDs.3ssl.gz
+usr/share/man/man3/PROFESSION_INFO_set0_registrationNumber.3ssl.gz
+usr/share/man/man3/PROFESSION_INFOS.3ssl.gz
+usr/share/man/man3/PROFESSION_INFOS_free.3ssl.gz
+usr/share/man/man3/PROFESSION_INFOS_new.3ssl.gz
+usr/share/man/man3/PROXY_CERT_INFO_EXTENSION_free.3ssl.gz
+usr/share/man/man3/PROXY_CERT_INFO_EXTENSION_new.3ssl.gz
+usr/share/man/man3/PROXY_POLICY_free.3ssl.gz
+usr/share/man/man3/PROXY_POLICY_new.3ssl.gz
+usr/share/man/man3/RAND_add.3ssl.gz
+usr/share/man/man3/RAND_bytes.3ssl.gz
+usr/share/man/man3/RAND_cleanup.3ssl.gz
+usr/share/man/man3/RAND_DRBG_bytes.3ssl.gz
+usr/share/man/man3/RAND_DRBG_cleanup_entropy_fn.3ssl.gz
+usr/share/man/man3/RAND_DRBG_cleanup_nonce_fn.3ssl.gz
+usr/share/man/man3/RAND_DRBG_free.3ssl.gz
+usr/share/man/man3/RAND_DRBG_generate.3ssl.gz
+usr/share/man/man3/RAND_DRBG_get0_master.3ssl.gz
+usr/share/man/man3/RAND_DRBG_get0_private.3ssl.gz
+usr/share/man/man3/RAND_DRBG_get0_public.3ssl.gz
+usr/share/man/man3/RAND_DRBG_get_entropy_fn.3ssl.gz
+usr/share/man/man3/RAND_DRBG_get_ex_data.3ssl.gz
+usr/share/man/man3/RAND_DRBG_get_ex_new_index.3ssl.gz
+usr/share/man/man3/RAND_DRBG_get_nonce_fn.3ssl.gz
+usr/share/man/man3/RAND_DRBG_instantiate.3ssl.gz
+usr/share/man/man3/RAND_DRBG_new.3ssl.gz
+usr/share/man/man3/RAND_DRBG_reseed.3ssl.gz
+usr/share/man/man3/RAND_DRBG_secure_new.3ssl.gz
+usr/share/man/man3/RAND_DRBG_set.3ssl.gz
+usr/share/man/man3/RAND_DRBG_set_callbacks.3ssl.gz
+usr/share/man/man3/RAND_DRBG_set_defaults.3ssl.gz
+usr/share/man/man3/RAND_DRBG_set_ex_data.3ssl.gz
+usr/share/man/man3/RAND_DRBG_set_reseed_defaults.3ssl.gz
+usr/share/man/man3/RAND_DRBG_set_reseed_interval.3ssl.gz
+usr/share/man/man3/RAND_DRBG_set_reseed_time_interval.3ssl.gz
+usr/share/man/man3/RAND_DRBG_uninstantiate.3ssl.gz
+usr/share/man/man3/RAND_egd.3ssl.gz
+usr/share/man/man3/RAND_egd_bytes.3ssl.gz
+usr/share/man/man3/RAND_event.3ssl.gz
+usr/share/man/man3/RAND_file_name.3ssl.gz
+usr/share/man/man3/RAND_get_rand_method.3ssl.gz
+usr/share/man/man3/RAND_keep_random_devices_open.3ssl.gz
+usr/share/man/man3/RAND_load_file.3ssl.gz
+usr/share/man/man3/RAND_OpenSSL.3ssl.gz
+usr/share/man/man3/RAND_poll.3ssl.gz
+usr/share/man/man3/RAND_priv_bytes.3ssl.gz
+usr/share/man/man3/RAND_pseudo_bytes.3ssl.gz
+usr/share/man/man3/RAND_query_egd_bytes.3ssl.gz
+usr/share/man/man3/RAND_screen.3ssl.gz
+usr/share/man/man3/RAND_seed.3ssl.gz
+usr/share/man/man3/RAND_set_rand_method.3ssl.gz
+usr/share/man/man3/RAND_status.3ssl.gz
+usr/share/man/man3/RAND_write_file.3ssl.gz
+usr/share/man/man3/RC4.3ssl.gz
+usr/share/man/man3/RC4_set_key.3ssl.gz
+usr/share/man/man3/RIPEMD160.3ssl.gz
+usr/share/man/man3/RIPEMD160_Final.3ssl.gz
+usr/share/man/man3/RIPEMD160_Init.3ssl.gz
+usr/share/man/man3/RIPEMD160_Update.3ssl.gz
+usr/share/man/man3/RSA_bits.3ssl.gz
+usr/share/man/man3/RSA_blinding_off.3ssl.gz
+usr/share/man/man3/RSA_blinding_on.3ssl.gz
+usr/share/man/man3/RSA_check_key.3ssl.gz
+usr/share/man/man3/RSA_check_key_ex.3ssl.gz
+usr/share/man/man3/RSA_clear_flags.3ssl.gz
+usr/share/man/man3/RSA_flags.3ssl.gz
+usr/share/man/man3/RSA_free.3ssl.gz
+usr/share/man/man3/RSA_generate_key.3ssl.gz
+usr/share/man/man3/RSA_generate_key_ex.3ssl.gz
+usr/share/man/man3/RSA_generate_multi_prime_key.3ssl.gz
+usr/share/man/man3/RSA_get0_crt_params.3ssl.gz
+usr/share/man/man3/RSA_get0_d.3ssl.gz
+usr/share/man/man3/RSA_get0_dmp1.3ssl.gz
+usr/share/man/man3/RSA_get0_dmq1.3ssl.gz
+usr/share/man/man3/RSA_get0_e.3ssl.gz
+usr/share/man/man3/RSA_get0_engine.3ssl.gz
+usr/share/man/man3/RSA_get0_factors.3ssl.gz
+usr/share/man/man3/RSA_get0_iqmp.3ssl.gz
+usr/share/man/man3/RSA_get0_key.3ssl.gz
+usr/share/man/man3/RSA_get0_multi_prime_crt_params.3ssl.gz
+usr/share/man/man3/RSA_get0_multi_prime_factors.3ssl.gz
+usr/share/man/man3/RSA_get0_n.3ssl.gz
+usr/share/man/man3/RSA_get0_p.3ssl.gz
+usr/share/man/man3/RSA_get0_q.3ssl.gz
+usr/share/man/man3/RSA_get_default_method.3ssl.gz
+usr/share/man/man3/RSA_get_ex_data.3ssl.gz
+usr/share/man/man3/RSA_get_ex_new_index.3ssl.gz
+usr/share/man/man3/RSA_get_method.3ssl.gz
+usr/share/man/man3/RSA_get_multi_prime_extra_count.3ssl.gz
+usr/share/man/man3/RSA_get_version.3ssl.gz
+usr/share/man/man3/RSA_meth_dup.3ssl.gz
+usr/share/man/man3/RSA_meth_free.3ssl.gz
+usr/share/man/man3/RSA_meth_get0_app_data.3ssl.gz
+usr/share/man/man3/RSA_meth_get0_name.3ssl.gz
+usr/share/man/man3/RSA_meth_get_bn_mod_exp.3ssl.gz
+usr/share/man/man3/RSA_meth_get_finish.3ssl.gz
+usr/share/man/man3/RSA_meth_get_flags.3ssl.gz
+usr/share/man/man3/RSA_meth_get_init.3ssl.gz
+usr/share/man/man3/RSA_meth_get_keygen.3ssl.gz
+usr/share/man/man3/RSA_meth_get_mod_exp.3ssl.gz
+usr/share/man/man3/RSA_meth_get_multi_prime_keygen.3ssl.gz
+usr/share/man/man3/RSA_meth_get_priv_dec.3ssl.gz
+usr/share/man/man3/RSA_meth_get_priv_enc.3ssl.gz
+usr/share/man/man3/RSA_meth_get_pub_dec.3ssl.gz
+usr/share/man/man3/RSA_meth_get_pub_enc.3ssl.gz
+usr/share/man/man3/RSA_meth_get_sign.3ssl.gz
+usr/share/man/man3/RSA_meth_get_verify.3ssl.gz
+usr/share/man/man3/RSA_meth_new.3ssl.gz
+usr/share/man/man3/RSA_meth_set0_app_data.3ssl.gz
+usr/share/man/man3/RSA_meth_set1_name.3ssl.gz
+usr/share/man/man3/RSA_meth_set_bn_mod_exp.3ssl.gz
+usr/share/man/man3/RSA_meth_set_finish.3ssl.gz
+usr/share/man/man3/RSA_meth_set_flags.3ssl.gz
+usr/share/man/man3/RSA_meth_set_init.3ssl.gz
+usr/share/man/man3/RSA_meth_set_keygen.3ssl.gz
+usr/share/man/man3/RSA_meth_set_mod_exp.3ssl.gz
+usr/share/man/man3/RSA_meth_set_multi_prime_keygen.3ssl.gz
+usr/share/man/man3/RSA_meth_set_priv_dec.3ssl.gz
+usr/share/man/man3/RSA_meth_set_priv_enc.3ssl.gz
+usr/share/man/man3/RSA_meth_set_pub_dec.3ssl.gz
+usr/share/man/man3/RSA_meth_set_pub_enc.3ssl.gz
+usr/share/man/man3/RSA_meth_set_sign.3ssl.gz
+usr/share/man/man3/RSA_meth_set_verify.3ssl.gz
+usr/share/man/man3/RSA_new.3ssl.gz
+usr/share/man/man3/RSA_new_method.3ssl.gz
+usr/share/man/man3/RSA_OAEP_PARAMS_free.3ssl.gz
+usr/share/man/man3/RSA_OAEP_PARAMS_new.3ssl.gz
+usr/share/man/man3/RSA_padding_add_none.3ssl.gz
+usr/share/man/man3/RSA_padding_add_PKCS1_OAEP.3ssl.gz
+usr/share/man/man3/RSA_padding_add_PKCS1_type_1.3ssl.gz
+usr/share/man/man3/RSA_padding_add_PKCS1_type_2.3ssl.gz
+usr/share/man/man3/RSA_padding_add_SSLv23.3ssl.gz
+usr/share/man/man3/RSA_padding_check_none.3ssl.gz
+usr/share/man/man3/RSA_padding_check_PKCS1_OAEP.3ssl.gz
+usr/share/man/man3/RSA_padding_check_PKCS1_type_1.3ssl.gz
+usr/share/man/man3/RSA_padding_check_PKCS1_type_2.3ssl.gz
+usr/share/man/man3/RSA_padding_check_SSLv23.3ssl.gz
+usr/share/man/man3/RSA_PKCS1_OpenSSL.3ssl.gz
+usr/share/man/man3/RSA_print.3ssl.gz
+usr/share/man/man3/RSA_print_fp.3ssl.gz
+usr/share/man/man3/RSA_private_decrypt.3ssl.gz
+usr/share/man/man3/RSA_private_encrypt.3ssl.gz
+usr/share/man/man3/RSA_PSS_PARAMS_free.3ssl.gz
+usr/share/man/man3/RSA_PSS_PARAMS_new.3ssl.gz
+usr/share/man/man3/RSA_public_decrypt.3ssl.gz
+usr/share/man/man3/RSA_public_encrypt.3ssl.gz
+usr/share/man/man3/RSA_security_bits.3ssl.gz
+usr/share/man/man3/RSA_set0_crt_params.3ssl.gz
+usr/share/man/man3/RSA_set0_factors.3ssl.gz
+usr/share/man/man3/RSA_set0_key.3ssl.gz
+usr/share/man/man3/RSA_set0_multi_prime_params.3ssl.gz
+usr/share/man/man3/RSA_set_default_method.3ssl.gz
+usr/share/man/man3/RSA_set_ex_data.3ssl.gz
+usr/share/man/man3/RSA_set_flags.3ssl.gz
+usr/share/man/man3/RSA_set_method.3ssl.gz
+usr/share/man/man3/RSA_sign.3ssl.gz
+usr/share/man/man3/RSA_sign_ASN1_OCTET_STRING.3ssl.gz
+usr/share/man/man3/RSA_size.3ssl.gz
+usr/share/man/man3/RSA_test_flags.3ssl.gz
+usr/share/man/man3/RSA_verify.3ssl.gz
+usr/share/man/man3/RSA_verify_ASN1_OCTET_STRING.3ssl.gz
+usr/share/man/man3/RSAPrivateKey_dup.3ssl.gz
+usr/share/man/man3/RSAPublicKey_dup.3ssl.gz
+usr/share/man/man3/SCRYPT_PARAMS_free.3ssl.gz
+usr/share/man/man3/SCRYPT_PARAMS_new.3ssl.gz
+usr/share/man/man3/SCT_free.3ssl.gz
+usr/share/man/man3/SCT_get0_extensions.3ssl.gz
+usr/share/man/man3/SCT_get0_log_id.3ssl.gz
+usr/share/man/man3/SCT_get0_signature.3ssl.gz
+usr/share/man/man3/SCT_get_log_entry_type.3ssl.gz
+usr/share/man/man3/SCT_get_signature_nid.3ssl.gz
+usr/share/man/man3/SCT_get_source.3ssl.gz
+usr/share/man/man3/SCT_get_timestamp.3ssl.gz
+usr/share/man/man3/SCT_get_validation_status.3ssl.gz
+usr/share/man/man3/SCT_get_version.3ssl.gz
+usr/share/man/man3/SCT_LIST_free.3ssl.gz
+usr/share/man/man3/SCT_LIST_print.3ssl.gz
+usr/share/man/man3/SCT_LIST_validate.3ssl.gz
+usr/share/man/man3/SCT_new.3ssl.gz
+usr/share/man/man3/SCT_new_from_base64.3ssl.gz
+usr/share/man/man3/SCT_print.3ssl.gz
+usr/share/man/man3/SCT_set0_extensions.3ssl.gz
+usr/share/man/man3/SCT_set0_log_id.3ssl.gz
+usr/share/man/man3/SCT_set0_signature.3ssl.gz
+usr/share/man/man3/SCT_set1_extensions.3ssl.gz
+usr/share/man/man3/SCT_set1_log_id.3ssl.gz
+usr/share/man/man3/SCT_set1_signature.3ssl.gz
+usr/share/man/man3/SCT_set_log_entry_type.3ssl.gz
+usr/share/man/man3/SCT_set_signature_nid.3ssl.gz
+usr/share/man/man3/SCT_set_source.3ssl.gz
+usr/share/man/man3/SCT_set_timestamp.3ssl.gz
+usr/share/man/man3/SCT_set_version.3ssl.gz
+usr/share/man/man3/SCT_validate.3ssl.gz
+usr/share/man/man3/SCT_validation_status_string.3ssl.gz
+usr/share/man/man3/SHA1.3ssl.gz
+usr/share/man/man3/SHA1_Final.3ssl.gz
+usr/share/man/man3/SHA1_Init.3ssl.gz
+usr/share/man/man3/SHA1_Update.3ssl.gz
+usr/share/man/man3/SHA224.3ssl.gz
+usr/share/man/man3/SHA224_Final.3ssl.gz
+usr/share/man/man3/SHA224_Init.3ssl.gz
+usr/share/man/man3/SHA224_Update.3ssl.gz
+usr/share/man/man3/SHA256.3ssl.gz
+usr/share/man/man3/SHA256_Final.3ssl.gz
+usr/share/man/man3/SHA256_Init.3ssl.gz
+usr/share/man/man3/SHA256_Update.3ssl.gz
+usr/share/man/man3/SHA384.3ssl.gz
+usr/share/man/man3/SHA384_Final.3ssl.gz
+usr/share/man/man3/SHA384_Init.3ssl.gz
+usr/share/man/man3/SHA384_Update.3ssl.gz
+usr/share/man/man3/SHA512.3ssl.gz
+usr/share/man/man3/SHA512_Final.3ssl.gz
+usr/share/man/man3/SHA512_Init.3ssl.gz
+usr/share/man/man3/SHA512_Update.3ssl.gz
+usr/share/man/man3/sk_TYPE_deep_copy.3ssl.gz
+usr/share/man/man3/sk_TYPE_delete.3ssl.gz
+usr/share/man/man3/sk_TYPE_delete_ptr.3ssl.gz
+usr/share/man/man3/sk_TYPE_dup.3ssl.gz
+usr/share/man/man3/sk_TYPE_find.3ssl.gz
+usr/share/man/man3/sk_TYPE_find_ex.3ssl.gz
+usr/share/man/man3/sk_TYPE_free.3ssl.gz
+usr/share/man/man3/sk_TYPE_insert.3ssl.gz
+usr/share/man/man3/sk_TYPE_is_sorted.3ssl.gz
+usr/share/man/man3/sk_TYPE_new.3ssl.gz
+usr/share/man/man3/sk_TYPE_new_null.3ssl.gz
+usr/share/man/man3/sk_TYPE_new_reserve.3ssl.gz
+usr/share/man/man3/sk_TYPE_num.3ssl.gz
+usr/share/man/man3/sk_TYPE_pop.3ssl.gz
+usr/share/man/man3/sk_TYPE_pop_free.3ssl.gz
+usr/share/man/man3/sk_TYPE_push.3ssl.gz
+usr/share/man/man3/sk_TYPE_reserve.3ssl.gz
+usr/share/man/man3/sk_TYPE_set.3ssl.gz
+usr/share/man/man3/sk_TYPE_set_cmp_func.3ssl.gz
+usr/share/man/man3/sk_TYPE_shift.3ssl.gz
+usr/share/man/man3/sk_TYPE_sort.3ssl.gz
+usr/share/man/man3/sk_TYPE_unshift.3ssl.gz
+usr/share/man/man3/sk_TYPE_value.3ssl.gz
+usr/share/man/man3/sk_TYPE_zero.3ssl.gz
+usr/share/man/man3/SMIME_read_CMS.3ssl.gz
+usr/share/man/man3/SMIME_read_PKCS7.3ssl.gz
+usr/share/man/man3/SMIME_write_CMS.3ssl.gz
+usr/share/man/man3/SMIME_write_PKCS7.3ssl.gz
+usr/share/man/man3/SSL_accept.3ssl.gz
+usr/share/man/man3/SSL_add0_chain_cert.3ssl.gz
+usr/share/man/man3/SSL_add1_chain_cert.3ssl.gz
+usr/share/man/man3/SSL_add1_host.3ssl.gz
+usr/share/man/man3/SSL_add1_to_CA_list.3ssl.gz
+usr/share/man/man3/SSL_add_client_CA.3ssl.gz
+usr/share/man/man3/SSL_alert_desc_string.3ssl.gz
+usr/share/man/man3/SSL_alert_desc_string_long.3ssl.gz
+usr/share/man/man3/SSL_alert_type_string.3ssl.gz
+usr/share/man/man3/SSL_alert_type_string_long.3ssl.gz
+usr/share/man/man3/SSL_alloc_buffers.3ssl.gz
+usr/share/man/man3/SSL_allow_early_data_cb_fn.3ssl.gz
+usr/share/man/man3/SSL_build_cert_chain.3ssl.gz
+usr/share/man/man3/SSL_bytes_to_cipher_list.3ssl.gz
+usr/share/man/man3/SSL_callback_ctrl.3ssl.gz
+usr/share/man/man3/SSL_check_chain.3ssl.gz
+usr/share/man/man3/SSL_check_private_key.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_description.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_find.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_auth_nid.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_bits.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_cipher_nid.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_digest_nid.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_handshake_digest.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_id.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_kx_nid.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_name.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_protocol_id.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_get_version.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_is_aead.3ssl.gz
+usr/share/man/man3/SSL_CIPHER_standard_name.3ssl.gz
+usr/share/man/man3/SSL_clear.3ssl.gz
+usr/share/man/man3/SSL_clear_chain_certs.3ssl.gz
+usr/share/man/man3/SSL_clear_mode.3ssl.gz
+usr/share/man/man3/SSL_clear_options.3ssl.gz
+usr/share/man/man3/SSL_client_hello_cb_fn.3ssl.gz
+usr/share/man/man3/SSL_client_hello_get0_ciphers.3ssl.gz
+usr/share/man/man3/SSL_client_hello_get0_compression_methods.3ssl.gz
+usr/share/man/man3/SSL_client_hello_get0_ext.3ssl.gz
+usr/share/man/man3/SSL_client_hello_get0_legacy_version.3ssl.gz
+usr/share/man/man3/SSL_client_hello_get0_random.3ssl.gz
+usr/share/man/man3/SSL_client_hello_get0_session_id.3ssl.gz
+usr/share/man/man3/SSL_client_hello_get1_extensions_present.3ssl.gz
+usr/share/man/man3/SSL_client_hello_isv2.3ssl.gz
+usr/share/man/man3/SSL_client_version.3ssl.gz
+usr/share/man/man3/SSL_COMP_add_compression_method.3ssl.gz
+usr/share/man/man3/SSL_COMP_free_compression_methods.3ssl.gz
+usr/share/man/man3/SSL_COMP_get0_name.3ssl.gz
+usr/share/man/man3/SSL_COMP_get_compression_methods.3ssl.gz
+usr/share/man/man3/SSL_COMP_get_id.3ssl.gz
+usr/share/man/man3/SSL_CONF_cmd.3ssl.gz
+usr/share/man/man3/SSL_CONF_cmd_argv.3ssl.gz
+usr/share/man/man3/SSL_CONF_cmd_value_type.3ssl.gz
+usr/share/man/man3/SSL_CONF_CTX_clear_flags.3ssl.gz
+usr/share/man/man3/SSL_CONF_CTX_free.3ssl.gz
+usr/share/man/man3/SSL_CONF_CTX_new.3ssl.gz
+usr/share/man/man3/SSL_CONF_CTX_set1_prefix.3ssl.gz
+usr/share/man/man3/SSL_CONF_CTX_set_flags.3ssl.gz
+usr/share/man/man3/SSL_CONF_CTX_set_ssl.3ssl.gz
+usr/share/man/man3/SSL_CONF_CTX_set_ssl_ctx.3ssl.gz
+usr/share/man/man3/SSL_config.3ssl.gz
+usr/share/man/man3/SSL_connect.3ssl.gz
+usr/share/man/man3/SSL_ct_is_enabled.3ssl.gz
+usr/share/man/man3/ssl_ct_validation_cb.3ssl.gz
+usr/share/man/man3/SSL_ctrl.3ssl.gz
+usr/share/man/man3/SSL_CTX_add0_chain_cert.3ssl.gz
+usr/share/man/man3/SSL_CTX_add1_chain_cert.3ssl.gz
+usr/share/man/man3/SSL_CTX_add1_to_CA_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_add_client_CA.3ssl.gz
+usr/share/man/man3/SSL_CTX_add_client_custom_ext.3ssl.gz
+usr/share/man/man3/SSL_CTX_add_custom_ext.3ssl.gz
+usr/share/man/man3/SSL_CTX_add_extra_chain_cert.3ssl.gz
+usr/share/man/man3/SSL_CTX_add_server_custom_ext.3ssl.gz
+usr/share/man/man3/SSL_CTX_add_session.3ssl.gz
+usr/share/man/man3/SSL_CTX_build_cert_chain.3ssl.gz
+usr/share/man/man3/SSL_CTX_callback_ctrl.3ssl.gz
+usr/share/man/man3/SSL_CTX_check_private_key.3ssl.gz
+usr/share/man/man3/SSL_CTX_clear_chain_certs.3ssl.gz
+usr/share/man/man3/SSL_CTX_clear_extra_chain_certs.3ssl.gz
+usr/share/man/man3/SSL_CTX_clear_mode.3ssl.gz
+usr/share/man/man3/SSL_CTX_clear_options.3ssl.gz
+usr/share/man/man3/SSL_CTX_config.3ssl.gz
+usr/share/man/man3/SSL_CTX_ct_is_enabled.3ssl.gz
+usr/share/man/man3/SSL_CTX_ctrl.3ssl.gz
+usr/share/man/man3/SSL_CTX_dane_clear_flags.3ssl.gz
+usr/share/man/man3/SSL_CTX_dane_enable.3ssl.gz
+usr/share/man/man3/SSL_CTX_dane_mtype_set.3ssl.gz
+usr/share/man/man3/SSL_CTX_dane_set_flags.3ssl.gz
+usr/share/man/man3/SSL_CTX_decrypt_session_ticket_fn.3ssl.gz
+usr/share/man/man3/SSL_CTX_disable_ct.3ssl.gz
+usr/share/man/man3/SSL_CTX_enable_ct.3ssl.gz
+usr/share/man/man3/SSL_CTX_flush_sessions.3ssl.gz
+usr/share/man/man3/SSL_CTX_free.3ssl.gz
+usr/share/man/man3/SSL_CTX_generate_session_ticket_fn.3ssl.gz
+usr/share/man/man3/SSL_CTX_get0_CA_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_get0_chain_certs.3ssl.gz
+usr/share/man/man3/SSL_CTX_get0_param.3ssl.gz
+usr/share/man/man3/SSL_CTX_get0_security_ex_data.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_cert_store.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_ciphers.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_client_CA_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_client_cert_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_default_passwd_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_default_passwd_cb_userdata.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_default_read_ahead.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_ex_data.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_info_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_keylog_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_max_cert_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_max_proto_version.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_min_proto_version.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_mode.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_num_tickets.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_options.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_quiet_shutdown.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_read_ahead.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_record_padding_callback_arg.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_recv_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_security_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_security_level.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_session_cache_mode.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_timeout.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_tlsext_status_arg.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_tlsext_status_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_tlsext_status_type.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_verify_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_verify_depth.3ssl.gz
+usr/share/man/man3/SSL_CTX_get_verify_mode.3ssl.gz
+usr/share/man/man3/SSL_CTX_has_client_custom_ext.3ssl.gz
+usr/share/man/man3/SSL_CTX_keylog_cb_func.3ssl.gz
+usr/share/man/man3/SSL_CTX_load_verify_locations.3ssl.gz
+usr/share/man/man3/SSL_CTX_new.3ssl.gz
+usr/share/man/man3/SSL_CTX_remove_session.3ssl.gz
+usr/share/man/man3/SSL_CTX_select_current_cert.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_accept.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_accept_good.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_accept_renegotiate.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_cache_full.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_cb_hits.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_connect.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_connect_good.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_connect_renegotiate.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_get_cache_size.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_get_get_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_get_new_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_get_remove_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_hits.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_misses.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_number.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_set_cache_size.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_set_get_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_set_new_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_set_remove_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_sess_timeouts.3ssl.gz
+usr/share/man/man3/SSL_CTX_sessions.3ssl.gz
+usr/share/man/man3/SSL_CTX_set0_CA_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_set0_chain.3ssl.gz
+usr/share/man/man3/SSL_CTX_set0_chain_cert_store.3ssl.gz
+usr/share/man/man3/SSL_CTX_set0_security_ex_data.3ssl.gz
+usr/share/man/man3/SSL_CTX_set0_verify_cert_store.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_cert_store.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_chain.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_chain_cert_store.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_client_sigalgs.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_client_sigalgs_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_curves.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_curves_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_groups.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_groups_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_param.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_sigalgs.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_sigalgs_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_set1_verify_cert_store.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_allow_early_data_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_alpn_protos.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_alpn_select_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_block_padding.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_cert_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_cert_store.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_cert_verify_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_cipher_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_ciphersuites.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_client_CA_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_client_cert_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_client_hello_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_ct_validation_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_ctlog_list_file.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_current_cert.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_default_ctlog_list_file.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_default_passwd_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_default_passwd_cb_userdata.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_default_read_buffer_len.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_default_verify_dir.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_default_verify_file.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_default_verify_paths.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_ex_data.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_generate_session_id.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_info_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_keylog_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_max_cert_list.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_max_pipelines.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_max_proto_version.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_max_send_fragment.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_min_proto_version.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_mode.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_msg_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_msg_callback_arg.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_next_proto_select_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_next_protos_advertised_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_num_tickets.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_options.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_post_handshake_auth.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_psk_client_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_psk_find_session_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_psk_server_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_psk_use_session_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_quiet_shutdown.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_read_ahead.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_record_padding_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_record_padding_callback_arg.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_recv_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_security_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_security_level.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_session_cache_mode.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_session_id_context.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_session_ticket_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_split_send_fragment.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_ssl_version.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_stateless_cookie_verify_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_timeout.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tlsext_max_fragment_length.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tlsext_servername_arg.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tlsext_servername_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tlsext_status_arg.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tlsext_status_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tlsext_status_type.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tlsext_use_srtp.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tmp_dh.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_tmp_dh_callback.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_verify.3ssl.gz
+usr/share/man/man3/SSL_CTX_set_verify_depth.3ssl.gz
+usr/share/man/man3/SSL_CTX_up_ref.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_cert_and_key.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_certificate.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_certificate_ASN1.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_certificate_chain_file.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_certificate_file.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_PrivateKey.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_PrivateKey_ASN1.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_PrivateKey_file.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_psk_identity_hint.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_RSAPrivateKey.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_ASN1.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_RSAPrivateKey_file.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_serverinfo.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_serverinfo_ex.3ssl.gz
+usr/share/man/man3/SSL_CTX_use_serverinfo_file.3ssl.gz
+usr/share/man/man3/SSL_dane_clear_flags.3ssl.gz
+usr/share/man/man3/SSL_dane_enable.3ssl.gz
+usr/share/man/man3/SSL_dane_set_flags.3ssl.gz
+usr/share/man/man3/SSL_dane_tlsa_add.3ssl.gz
+usr/share/man/man3/SSL_disable_ct.3ssl.gz
+usr/share/man/man3/SSL_do_handshake.3ssl.gz
+usr/share/man/man3/SSL_dup.3ssl.gz
+usr/share/man/man3/SSL_enable_ct.3ssl.gz
+usr/share/man/man3/SSL_export_keying_material.3ssl.gz
+usr/share/man/man3/SSL_export_keying_material_early.3ssl.gz
+usr/share/man/man3/SSL_extension_supported.3ssl.gz
+usr/share/man/man3/SSL_free.3ssl.gz
+usr/share/man/man3/SSL_free_buffers.3ssl.gz
+usr/share/man/man3/SSL_get0_alpn_selected.3ssl.gz
+usr/share/man/man3/SSL_get0_CA_list.3ssl.gz
+usr/share/man/man3/SSL_get0_chain_certs.3ssl.gz
+usr/share/man/man3/SSL_get0_dane_authority.3ssl.gz
+usr/share/man/man3/SSL_get0_dane_tlsa.3ssl.gz
+usr/share/man/man3/SSL_get0_next_proto_negotiated.3ssl.gz
+usr/share/man/man3/SSL_get0_param.3ssl.gz
+usr/share/man/man3/SSL_get0_peer_CA_list.3ssl.gz
+usr/share/man/man3/SSL_get0_peer_scts.3ssl.gz
+usr/share/man/man3/SSL_get0_peername.3ssl.gz
+usr/share/man/man3/SSL_get0_security_ex_data.3ssl.gz
+usr/share/man/man3/SSL_get0_session.3ssl.gz
+usr/share/man/man3/SSL_get0_verified_chain.3ssl.gz
+usr/share/man/man3/SSL_get1_curves.3ssl.gz
+usr/share/man/man3/SSL_get1_groups.3ssl.gz
+usr/share/man/man3/SSL_get1_session.3ssl.gz
+usr/share/man/man3/SSL_get1_supported_ciphers.3ssl.gz
+usr/share/man/man3/SSL_get_all_async_fds.3ssl.gz
+usr/share/man/man3/SSL_get_changed_async_fds.3ssl.gz
+usr/share/man/man3/SSL_get_cipher.3ssl.gz
+usr/share/man/man3/SSL_get_cipher_bits.3ssl.gz
+usr/share/man/man3/SSL_get_cipher_list.3ssl.gz
+usr/share/man/man3/SSL_get_cipher_name.3ssl.gz
+usr/share/man/man3/SSL_get_cipher_version.3ssl.gz
+usr/share/man/man3/SSL_get_ciphers.3ssl.gz
+usr/share/man/man3/SSL_get_client_CA_list.3ssl.gz
+usr/share/man/man3/SSL_get_client_ciphers.3ssl.gz
+usr/share/man/man3/SSL_get_client_random.3ssl.gz
+usr/share/man/man3/SSL_get_current_cipher.3ssl.gz
+usr/share/man/man3/SSL_get_default_passwd_cb.3ssl.gz
+usr/share/man/man3/SSL_get_default_passwd_cb_userdata.3ssl.gz
+usr/share/man/man3/SSL_get_default_timeout.3ssl.gz
+usr/share/man/man3/SSL_get_early_data_status.3ssl.gz
+usr/share/man/man3/SSL_get_error.3ssl.gz
+usr/share/man/man3/SSL_get_ex_data.3ssl.gz
+usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3ssl.gz
+usr/share/man/man3/SSL_get_extms_support.3ssl.gz
+usr/share/man/man3/SSL_get_fd.3ssl.gz
+usr/share/man/man3/SSL_get_info_callback.3ssl.gz
+usr/share/man/man3/SSL_get_key_update_type.3ssl.gz
+usr/share/man/man3/SSL_get_max_cert_list.3ssl.gz
+usr/share/man/man3/SSL_get_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_get_max_proto_version.3ssl.gz
+usr/share/man/man3/SSL_get_min_proto_version.3ssl.gz
+usr/share/man/man3/SSL_get_mode.3ssl.gz
+usr/share/man/man3/SSL_get_num_tickets.3ssl.gz
+usr/share/man/man3/SSL_get_options.3ssl.gz
+usr/share/man/man3/SSL_get_peer_cert_chain.3ssl.gz
+usr/share/man/man3/SSL_get_peer_certificate.3ssl.gz
+usr/share/man/man3/SSL_get_peer_signature_nid.3ssl.gz
+usr/share/man/man3/SSL_get_peer_signature_type_nid.3ssl.gz
+usr/share/man/man3/SSL_get_peer_tmp_key.3ssl.gz
+usr/share/man/man3/SSL_get_pending_cipher.3ssl.gz
+usr/share/man/man3/SSL_get_psk_identity.3ssl.gz
+usr/share/man/man3/SSL_get_psk_identity_hint.3ssl.gz
+usr/share/man/man3/SSL_get_quiet_shutdown.3ssl.gz
+usr/share/man/man3/SSL_get_rbio.3ssl.gz
+usr/share/man/man3/SSL_get_read_ahead.3ssl.gz
+usr/share/man/man3/SSL_get_record_padding_callback_arg.3ssl.gz
+usr/share/man/man3/SSL_get_recv_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_get_rfd.3ssl.gz
+usr/share/man/man3/SSL_get_secure_renegotiation_support.3ssl.gz
+usr/share/man/man3/SSL_get_security_callback.3ssl.gz
+usr/share/man/man3/SSL_get_security_level.3ssl.gz
+usr/share/man/man3/SSL_get_selected_srtp_profile.3ssl.gz
+usr/share/man/man3/SSL_get_server_random.3ssl.gz
+usr/share/man/man3/SSL_get_server_tmp_key.3ssl.gz
+usr/share/man/man3/SSL_get_servername.3ssl.gz
+usr/share/man/man3/SSL_get_servername_type.3ssl.gz
+usr/share/man/man3/SSL_get_session.3ssl.gz
+usr/share/man/man3/SSL_get_shared_ciphers.3ssl.gz
+usr/share/man/man3/SSL_get_shared_curve.3ssl.gz
+usr/share/man/man3/SSL_get_shared_group.3ssl.gz
+usr/share/man/man3/SSL_get_shared_sigalgs.3ssl.gz
+usr/share/man/man3/SSL_get_shutdown.3ssl.gz
+usr/share/man/man3/SSL_get_sigalgs.3ssl.gz
+usr/share/man/man3/SSL_get_signature_nid.3ssl.gz
+usr/share/man/man3/SSL_get_signature_type_nid.3ssl.gz
+usr/share/man/man3/SSL_get_srtp_profiles.3ssl.gz
+usr/share/man/man3/SSL_get_SSL_CTX.3ssl.gz
+usr/share/man/man3/SSL_get_ssl_method.3ssl.gz
+usr/share/man/man3/SSL_get_state.3ssl.gz
+usr/share/man/man3/SSL_get_time.3ssl.gz
+usr/share/man/man3/SSL_get_timeout.3ssl.gz
+usr/share/man/man3/SSL_get_tlsext_status_ocsp_resp.3ssl.gz
+usr/share/man/man3/SSL_get_tlsext_status_type.3ssl.gz
+usr/share/man/man3/SSL_get_tmp_key.3ssl.gz
+usr/share/man/man3/SSL_get_verify_callback.3ssl.gz
+usr/share/man/man3/SSL_get_verify_depth.3ssl.gz
+usr/share/man/man3/SSL_get_verify_mode.3ssl.gz
+usr/share/man/man3/SSL_get_verify_result.3ssl.gz
+usr/share/man/man3/SSL_get_version.3ssl.gz
+usr/share/man/man3/SSL_get_wbio.3ssl.gz
+usr/share/man/man3/SSL_get_wfd.3ssl.gz
+usr/share/man/man3/SSL_has_matching_session_id.3ssl.gz
+usr/share/man/man3/SSL_has_pending.3ssl.gz
+usr/share/man/man3/SSL_in_accept_init.3ssl.gz
+usr/share/man/man3/SSL_in_before.3ssl.gz
+usr/share/man/man3/SSL_in_connect_init.3ssl.gz
+usr/share/man/man3/SSL_in_init.3ssl.gz
+usr/share/man/man3/SSL_is_dtls.3ssl.gz
+usr/share/man/man3/SSL_is_init_finished.3ssl.gz
+usr/share/man/man3/SSL_is_server.3ssl.gz
+usr/share/man/man3/SSL_key_update.3ssl.gz
+usr/share/man/man3/SSL_library_init.3ssl.gz
+usr/share/man/man3/SSL_load_client_CA_file.3ssl.gz
+usr/share/man/man3/SSL_load_error_strings.3ssl.gz
+usr/share/man/man3/SSL_new.3ssl.gz
+usr/share/man/man3/SSL_peek.3ssl.gz
+usr/share/man/man3/SSL_peek_ex.3ssl.gz
+usr/share/man/man3/SSL_pending.3ssl.gz
+usr/share/man/man3/SSL_psk_client_cb_func.3ssl.gz
+usr/share/man/man3/SSL_psk_find_session_cb_func.3ssl.gz
+usr/share/man/man3/SSL_psk_server_cb_func.3ssl.gz
+usr/share/man/man3/SSL_psk_use_session_cb_func.3ssl.gz
+usr/share/man/man3/SSL_read.3ssl.gz
+usr/share/man/man3/SSL_read_early_data.3ssl.gz
+usr/share/man/man3/SSL_read_ex.3ssl.gz
+usr/share/man/man3/SSL_renegotiate.3ssl.gz
+usr/share/man/man3/SSL_renegotiate_abbreviated.3ssl.gz
+usr/share/man/man3/SSL_renegotiate_pending.3ssl.gz
+usr/share/man/man3/SSL_rstate_string.3ssl.gz
+usr/share/man/man3/SSL_rstate_string_long.3ssl.gz
+usr/share/man/man3/SSL_select_current_cert.3ssl.gz
+usr/share/man/man3/SSL_select_next_proto.3ssl.gz
+usr/share/man/man3/SSL_SESSION_dup.3ssl.gz
+usr/share/man/man3/SSL_SESSION_free.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get0_alpn_selected.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get0_cipher.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get0_hostname.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get0_id_context.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get0_peer.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get0_ticket.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get0_ticket_appdata.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_compress_id.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_ex_data.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_id.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_master_key.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_max_fragment_length.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_protocol_version.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_ticket_lifetime_hint.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_time.3ssl.gz
+usr/share/man/man3/SSL_SESSION_get_timeout.3ssl.gz
+usr/share/man/man3/SSL_SESSION_has_ticket.3ssl.gz
+usr/share/man/man3/SSL_SESSION_is_resumable.3ssl.gz
+usr/share/man/man3/SSL_SESSION_new.3ssl.gz
+usr/share/man/man3/SSL_SESSION_print.3ssl.gz
+usr/share/man/man3/SSL_SESSION_print_fp.3ssl.gz
+usr/share/man/man3/SSL_SESSION_print_keylog.3ssl.gz
+usr/share/man/man3/SSL_session_reused.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set1_alpn_selected.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set1_hostname.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set1_id.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set1_id_context.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set1_master_key.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set1_ticket_appdata.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set_cipher.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set_ex_data.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set_protocol_version.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set_time.3ssl.gz
+usr/share/man/man3/SSL_SESSION_set_timeout.3ssl.gz
+usr/share/man/man3/SSL_SESSION_up_ref.3ssl.gz
+usr/share/man/man3/SSL_set0_CA_list.3ssl.gz
+usr/share/man/man3/SSL_set0_chain.3ssl.gz
+usr/share/man/man3/SSL_set0_chain_cert_store.3ssl.gz
+usr/share/man/man3/SSL_set0_rbio.3ssl.gz
+usr/share/man/man3/SSL_set0_security_ex_data.3ssl.gz
+usr/share/man/man3/SSL_set0_verify_cert_store.3ssl.gz
+usr/share/man/man3/SSL_set0_wbio.3ssl.gz
+usr/share/man/man3/SSL_set1_chain.3ssl.gz
+usr/share/man/man3/SSL_set1_chain_cert_store.3ssl.gz
+usr/share/man/man3/SSL_set1_client_sigalgs.3ssl.gz
+usr/share/man/man3/SSL_set1_client_sigalgs_list.3ssl.gz
+usr/share/man/man3/SSL_set1_curves.3ssl.gz
+usr/share/man/man3/SSL_set1_curves_list.3ssl.gz
+usr/share/man/man3/SSL_set1_groups.3ssl.gz
+usr/share/man/man3/SSL_set1_groups_list.3ssl.gz
+usr/share/man/man3/SSL_set1_host.3ssl.gz
+usr/share/man/man3/SSL_set1_param.3ssl.gz
+usr/share/man/man3/SSL_set1_sigalgs.3ssl.gz
+usr/share/man/man3/SSL_set1_sigalgs_list.3ssl.gz
+usr/share/man/man3/SSL_set1_verify_cert_store.3ssl.gz
+usr/share/man/man3/SSL_set_accept_state.3ssl.gz
+usr/share/man/man3/SSL_set_allow_early_data_cb.3ssl.gz
+usr/share/man/man3/SSL_set_alpn_protos.3ssl.gz
+usr/share/man/man3/SSL_set_bio.3ssl.gz
+usr/share/man/man3/SSL_set_block_padding.3ssl.gz
+usr/share/man/man3/SSL_set_cert_cb.3ssl.gz
+usr/share/man/man3/SSL_set_cipher_list.3ssl.gz
+usr/share/man/man3/SSL_set_ciphersuites.3ssl.gz
+usr/share/man/man3/SSL_set_client_CA_list.3ssl.gz
+usr/share/man/man3/SSL_set_connect_state.3ssl.gz
+usr/share/man/man3/SSL_set_ct_validation_callback.3ssl.gz
+usr/share/man/man3/SSL_set_current_cert.3ssl.gz
+usr/share/man/man3/SSL_set_default_passwd_cb.3ssl.gz
+usr/share/man/man3/SSL_set_default_passwd_cb_userdata.3ssl.gz
+usr/share/man/man3/SSL_set_default_read_buffer_len.3ssl.gz
+usr/share/man/man3/SSL_set_ex_data.3ssl.gz
+usr/share/man/man3/SSL_set_fd.3ssl.gz
+usr/share/man/man3/SSL_set_generate_session_id.3ssl.gz
+usr/share/man/man3/SSL_set_hostflags.3ssl.gz
+usr/share/man/man3/SSL_set_info_callback.3ssl.gz
+usr/share/man/man3/SSL_set_max_cert_list.3ssl.gz
+usr/share/man/man3/SSL_set_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_set_max_pipelines.3ssl.gz
+usr/share/man/man3/SSL_set_max_proto_version.3ssl.gz
+usr/share/man/man3/SSL_set_max_send_fragment.3ssl.gz
+usr/share/man/man3/SSL_set_min_proto_version.3ssl.gz
+usr/share/man/man3/SSL_set_mode.3ssl.gz
+usr/share/man/man3/SSL_set_msg_callback.3ssl.gz
+usr/share/man/man3/SSL_set_msg_callback_arg.3ssl.gz
+usr/share/man/man3/SSL_set_num_tickets.3ssl.gz
+usr/share/man/man3/SSL_set_options.3ssl.gz
+usr/share/man/man3/SSL_set_post_handshake_auth.3ssl.gz
+usr/share/man/man3/SSL_set_psk_client_callback.3ssl.gz
+usr/share/man/man3/SSL_set_psk_find_session_callback.3ssl.gz
+usr/share/man/man3/SSL_set_psk_server_callback.3ssl.gz
+usr/share/man/man3/SSL_set_psk_use_session_callback.3ssl.gz
+usr/share/man/man3/SSL_set_quiet_shutdown.3ssl.gz
+usr/share/man/man3/SSL_set_read_ahead.3ssl.gz
+usr/share/man/man3/SSL_set_record_padding_callback.3ssl.gz
+usr/share/man/man3/SSL_set_record_padding_callback_arg.3ssl.gz
+usr/share/man/man3/SSL_set_recv_max_early_data.3ssl.gz
+usr/share/man/man3/SSL_set_rfd.3ssl.gz
+usr/share/man/man3/SSL_set_security_callback.3ssl.gz
+usr/share/man/man3/SSL_set_security_level.3ssl.gz
+usr/share/man/man3/SSL_set_session.3ssl.gz
+usr/share/man/man3/SSL_set_session_id_context.3ssl.gz
+usr/share/man/man3/SSL_set_shutdown.3ssl.gz
+usr/share/man/man3/SSL_set_split_send_fragment.3ssl.gz
+usr/share/man/man3/SSL_set_ssl_method.3ssl.gz
+usr/share/man/man3/SSL_set_time.3ssl.gz
+usr/share/man/man3/SSL_set_timeout.3ssl.gz
+usr/share/man/man3/SSL_set_tlsext_host_name.3ssl.gz
+usr/share/man/man3/SSL_set_tlsext_max_fragment_length.3ssl.gz
+usr/share/man/man3/SSL_set_tlsext_status_ocsp_resp.3ssl.gz
+usr/share/man/man3/SSL_set_tlsext_status_type.3ssl.gz
+usr/share/man/man3/SSL_set_tlsext_use_srtp.3ssl.gz
+usr/share/man/man3/SSL_set_tmp_dh.3ssl.gz
+usr/share/man/man3/SSL_set_tmp_dh_callback.3ssl.gz
+usr/share/man/man3/SSL_set_verify.3ssl.gz
+usr/share/man/man3/SSL_set_verify_depth.3ssl.gz
+usr/share/man/man3/SSL_set_verify_result.3ssl.gz
+usr/share/man/man3/SSL_set_wfd.3ssl.gz
+usr/share/man/man3/SSL_shutdown.3ssl.gz
+usr/share/man/man3/SSL_state_string.3ssl.gz
+usr/share/man/man3/SSL_state_string_long.3ssl.gz
+usr/share/man/man3/SSL_stateless.3ssl.gz
+usr/share/man/man3/SSL_up_ref.3ssl.gz
+usr/share/man/man3/SSL_use_cert_and_key.3ssl.gz
+usr/share/man/man3/SSL_use_certificate.3ssl.gz
+usr/share/man/man3/SSL_use_certificate_ASN1.3ssl.gz
+usr/share/man/man3/SSL_use_certificate_chain_file.3ssl.gz
+usr/share/man/man3/SSL_use_certificate_file.3ssl.gz
+usr/share/man/man3/SSL_use_PrivateKey.3ssl.gz
+usr/share/man/man3/SSL_use_PrivateKey_ASN1.3ssl.gz
+usr/share/man/man3/SSL_use_PrivateKey_file.3ssl.gz
+usr/share/man/man3/SSL_use_psk_identity_hint.3ssl.gz
+usr/share/man/man3/SSL_use_RSAPrivateKey.3ssl.gz
+usr/share/man/man3/SSL_use_RSAPrivateKey_ASN1.3ssl.gz
+usr/share/man/man3/SSL_use_RSAPrivateKey_file.3ssl.gz
+usr/share/man/man3/SSL_verify_cb.3ssl.gz
+usr/share/man/man3/SSL_verify_client_post_handshake.3ssl.gz
+usr/share/man/man3/SSL_version.3ssl.gz
+usr/share/man/man3/SSL_waiting_for_async.3ssl.gz
+usr/share/man/man3/SSL_want.3ssl.gz
+usr/share/man/man3/SSL_want_async.3ssl.gz
+usr/share/man/man3/SSL_want_async_job.3ssl.gz
+usr/share/man/man3/SSL_want_client_hello_cb.3ssl.gz
+usr/share/man/man3/SSL_want_nothing.3ssl.gz
+usr/share/man/man3/SSL_want_read.3ssl.gz
+usr/share/man/man3/SSL_want_write.3ssl.gz
+usr/share/man/man3/SSL_want_x509_lookup.3ssl.gz
+usr/share/man/man3/SSL_write.3ssl.gz
+usr/share/man/man3/SSL_write_early_data.3ssl.gz
+usr/share/man/man3/SSL_write_ex.3ssl.gz
+usr/share/man/man3/SSLv23_client_method.3ssl.gz
+usr/share/man/man3/SSLv23_method.3ssl.gz
+usr/share/man/man3/SSLv23_server_method.3ssl.gz
+usr/share/man/man3/SSLv3_client_method.3ssl.gz
+usr/share/man/man3/SSLv3_method.3ssl.gz
+usr/share/man/man3/SSLv3_server_method.3ssl.gz
+usr/share/man/man3/SXNET_free.3ssl.gz
+usr/share/man/man3/SXNET_new.3ssl.gz
+usr/share/man/man3/SXNETID_free.3ssl.gz
+usr/share/man/man3/SXNETID_new.3ssl.gz
+usr/share/man/man3/TLS_client_method.3ssl.gz
+usr/share/man/man3/TLS_FEATURE_free.3ssl.gz
+usr/share/man/man3/TLS_FEATURE_new.3ssl.gz
+usr/share/man/man3/TLS_method.3ssl.gz
+usr/share/man/man3/TLS_server_method.3ssl.gz
+usr/share/man/man3/TLSv1_1_client_method.3ssl.gz
+usr/share/man/man3/TLSv1_1_method.3ssl.gz
+usr/share/man/man3/TLSv1_1_server_method.3ssl.gz
+usr/share/man/man3/TLSv1_2_client_method.3ssl.gz
+usr/share/man/man3/TLSv1_2_method.3ssl.gz
+usr/share/man/man3/TLSv1_2_server_method.3ssl.gz
+usr/share/man/man3/TLSv1_client_method.3ssl.gz
+usr/share/man/man3/TLSv1_method.3ssl.gz
+usr/share/man/man3/TLSv1_server_method.3ssl.gz
+usr/share/man/man3/TS_ACCURACY_dup.3ssl.gz
+usr/share/man/man3/TS_ACCURACY_free.3ssl.gz
+usr/share/man/man3/TS_ACCURACY_new.3ssl.gz
+usr/share/man/man3/TS_MSG_IMPRINT_dup.3ssl.gz
+usr/share/man/man3/TS_MSG_IMPRINT_free.3ssl.gz
+usr/share/man/man3/TS_MSG_IMPRINT_new.3ssl.gz
+usr/share/man/man3/TS_REQ_dup.3ssl.gz
+usr/share/man/man3/TS_REQ_free.3ssl.gz
+usr/share/man/man3/TS_REQ_new.3ssl.gz
+usr/share/man/man3/TS_RESP_dup.3ssl.gz
+usr/share/man/man3/TS_RESP_free.3ssl.gz
+usr/share/man/man3/TS_RESP_new.3ssl.gz
+usr/share/man/man3/TS_STATUS_INFO_dup.3ssl.gz
+usr/share/man/man3/TS_STATUS_INFO_free.3ssl.gz
+usr/share/man/man3/TS_STATUS_INFO_new.3ssl.gz
+usr/share/man/man3/TS_TST_INFO_dup.3ssl.gz
+usr/share/man/man3/TS_TST_INFO_free.3ssl.gz
+usr/share/man/man3/TS_TST_INFO_new.3ssl.gz
+usr/share/man/man3/UI.3ssl.gz
+usr/share/man/man3/UI_add_error_string.3ssl.gz
+usr/share/man/man3/UI_add_info_string.3ssl.gz
+usr/share/man/man3/UI_add_input_boolean.3ssl.gz
+usr/share/man/man3/UI_add_input_string.3ssl.gz
+usr/share/man/man3/UI_add_user_data.3ssl.gz
+usr/share/man/man3/UI_add_verify_string.3ssl.gz
+usr/share/man/man3/UI_construct_prompt.3ssl.gz
+usr/share/man/man3/UI_create_method.3ssl.gz
+usr/share/man/man3/UI_ctrl.3ssl.gz
+usr/share/man/man3/UI_destroy_method.3ssl.gz
+usr/share/man/man3/UI_dup_error_string.3ssl.gz
+usr/share/man/man3/UI_dup_info_string.3ssl.gz
+usr/share/man/man3/UI_dup_input_boolean.3ssl.gz
+usr/share/man/man3/UI_dup_input_string.3ssl.gz
+usr/share/man/man3/UI_dup_user_data.3ssl.gz
+usr/share/man/man3/UI_dup_verify_string.3ssl.gz
+usr/share/man/man3/UI_free.3ssl.gz
+usr/share/man/man3/UI_get0_action_string.3ssl.gz
+usr/share/man/man3/UI_get0_output_string.3ssl.gz
+usr/share/man/man3/UI_get0_result.3ssl.gz
+usr/share/man/man3/UI_get0_result_string.3ssl.gz
+usr/share/man/man3/UI_get0_test_string.3ssl.gz
+usr/share/man/man3/UI_get0_user_data.3ssl.gz
+usr/share/man/man3/UI_get_default_method.3ssl.gz
+usr/share/man/man3/UI_get_ex_data.3ssl.gz
+usr/share/man/man3/UI_get_ex_new_index.3ssl.gz
+usr/share/man/man3/UI_get_input_flags.3ssl.gz
+usr/share/man/man3/UI_get_method.3ssl.gz
+usr/share/man/man3/UI_get_result_length.3ssl.gz
+usr/share/man/man3/UI_get_result_maxsize.3ssl.gz
+usr/share/man/man3/UI_get_result_minsize.3ssl.gz
+usr/share/man/man3/UI_get_result_string_length.3ssl.gz
+usr/share/man/man3/UI_get_string_type.3ssl.gz
+usr/share/man/man3/UI_METHOD.3ssl.gz
+usr/share/man/man3/UI_method_get_closer.3ssl.gz
+usr/share/man/man3/UI_method_get_data_destructor.3ssl.gz
+usr/share/man/man3/UI_method_get_data_duplicator.3ssl.gz
+usr/share/man/man3/UI_method_get_ex_data.3ssl.gz
+usr/share/man/man3/UI_method_get_flusher.3ssl.gz
+usr/share/man/man3/UI_method_get_opener.3ssl.gz
+usr/share/man/man3/UI_method_get_prompt_constructor.3ssl.gz
+usr/share/man/man3/UI_method_get_reader.3ssl.gz
+usr/share/man/man3/UI_method_get_writer.3ssl.gz
+usr/share/man/man3/UI_method_set_closer.3ssl.gz
+usr/share/man/man3/UI_method_set_data_duplicator.3ssl.gz
+usr/share/man/man3/UI_method_set_ex_data.3ssl.gz
+usr/share/man/man3/UI_method_set_flusher.3ssl.gz
+usr/share/man/man3/UI_method_set_opener.3ssl.gz
+usr/share/man/man3/UI_method_set_prompt_constructor.3ssl.gz
+usr/share/man/man3/UI_method_set_reader.3ssl.gz
+usr/share/man/man3/UI_method_set_writer.3ssl.gz
+usr/share/man/man3/UI_new.3ssl.gz
+usr/share/man/man3/UI_new_method.3ssl.gz
+usr/share/man/man3/UI_null.3ssl.gz
+usr/share/man/man3/UI_OpenSSL.3ssl.gz
+usr/share/man/man3/UI_process.3ssl.gz
+usr/share/man/man3/UI_set_default_method.3ssl.gz
+usr/share/man/man3/UI_set_ex_data.3ssl.gz
+usr/share/man/man3/UI_set_method.3ssl.gz
+usr/share/man/man3/UI_set_result.3ssl.gz
+usr/share/man/man3/UI_set_result_ex.3ssl.gz
+usr/share/man/man3/UI_STRING.3ssl.gz
+usr/share/man/man3/UI_string_types.3ssl.gz
+usr/share/man/man3/UI_UTIL_read_pw.3ssl.gz
+usr/share/man/man3/UI_UTIL_read_pw_string.3ssl.gz
+usr/share/man/man3/UI_UTIL_wrap_read_pem_callback.3ssl.gz
+usr/share/man/man3/USERNOTICE_free.3ssl.gz
+usr/share/man/man3/USERNOTICE_new.3ssl.gz
+usr/share/man/man3/X509_add1_ext_i2d.3ssl.gz
+usr/share/man/man3/X509_add_ext.3ssl.gz
+usr/share/man/man3/X509_ALGOR_cmp.3ssl.gz
+usr/share/man/man3/X509_ALGOR_dup.3ssl.gz
+usr/share/man/man3/X509_ALGOR_free.3ssl.gz
+usr/share/man/man3/X509_ALGOR_get0.3ssl.gz
+usr/share/man/man3/X509_ALGOR_new.3ssl.gz
+usr/share/man/man3/X509_ALGOR_set0.3ssl.gz
+usr/share/man/man3/X509_ALGOR_set_md.3ssl.gz
+usr/share/man/man3/X509_ATTRIBUTE_dup.3ssl.gz
+usr/share/man/man3/X509_ATTRIBUTE_free.3ssl.gz
+usr/share/man/man3/X509_ATTRIBUTE_new.3ssl.gz
+usr/share/man/man3/X509_CERT_AUX_free.3ssl.gz
+usr/share/man/man3/X509_CERT_AUX_new.3ssl.gz
+usr/share/man/man3/X509_chain_up_ref.3ssl.gz
+usr/share/man/man3/X509_check_ca.3ssl.gz
+usr/share/man/man3/X509_check_email.3ssl.gz
+usr/share/man/man3/X509_check_host.3ssl.gz
+usr/share/man/man3/X509_check_ip.3ssl.gz
+usr/share/man/man3/X509_check_ip_asc.3ssl.gz
+usr/share/man/man3/X509_check_issued.3ssl.gz
+usr/share/man/man3/X509_check_private_key.3ssl.gz
+usr/share/man/man3/X509_CINF_free.3ssl.gz
+usr/share/man/man3/X509_CINF_new.3ssl.gz
+usr/share/man/man3/X509_cmp_current_time.3ssl.gz
+usr/share/man/man3/X509_cmp_time.3ssl.gz
+usr/share/man/man3/X509_CRL_add0_revoked.3ssl.gz
+usr/share/man/man3/X509_CRL_add1_ext_i2d.3ssl.gz
+usr/share/man/man3/X509_CRL_add_ext.3ssl.gz
+usr/share/man/man3/X509_CRL_delete_ext.3ssl.gz
+usr/share/man/man3/X509_CRL_digest.3ssl.gz
+usr/share/man/man3/X509_CRL_dup.3ssl.gz
+usr/share/man/man3/X509_CRL_free.3ssl.gz
+usr/share/man/man3/X509_CRL_get0_by_cert.3ssl.gz
+usr/share/man/man3/X509_CRL_get0_by_serial.3ssl.gz
+usr/share/man/man3/X509_CRL_get0_extensions.3ssl.gz
+usr/share/man/man3/X509_CRL_get0_lastUpdate.3ssl.gz
+usr/share/man/man3/X509_CRL_get0_nextUpdate.3ssl.gz
+usr/share/man/man3/X509_CRL_get0_signature.3ssl.gz
+usr/share/man/man3/X509_CRL_get_ext.3ssl.gz
+usr/share/man/man3/X509_CRL_get_ext_by_critical.3ssl.gz
+usr/share/man/man3/X509_CRL_get_ext_by_NID.3ssl.gz
+usr/share/man/man3/X509_CRL_get_ext_by_OBJ.3ssl.gz
+usr/share/man/man3/X509_CRL_get_ext_count.3ssl.gz
+usr/share/man/man3/X509_CRL_get_ext_d2i.3ssl.gz
+usr/share/man/man3/X509_CRL_get_issuer.3ssl.gz
+usr/share/man/man3/X509_CRL_get_REVOKED.3ssl.gz
+usr/share/man/man3/X509_CRL_get_signature_nid.3ssl.gz
+usr/share/man/man3/X509_CRL_get_version.3ssl.gz
+usr/share/man/man3/X509_CRL_INFO_free.3ssl.gz
+usr/share/man/man3/X509_CRL_INFO_new.3ssl.gz
+usr/share/man/man3/X509_CRL_new.3ssl.gz
+usr/share/man/man3/X509_CRL_set1_lastUpdate.3ssl.gz
+usr/share/man/man3/X509_CRL_set1_nextUpdate.3ssl.gz
+usr/share/man/man3/X509_CRL_set_issuer_name.3ssl.gz
+usr/share/man/man3/X509_CRL_set_version.3ssl.gz
+usr/share/man/man3/X509_CRL_sign.3ssl.gz
+usr/share/man/man3/X509_CRL_sign_ctx.3ssl.gz
+usr/share/man/man3/X509_CRL_sort.3ssl.gz
+usr/share/man/man3/X509_CRL_verify.3ssl.gz
+usr/share/man/man3/X509_delete_ext.3ssl.gz
+usr/share/man/man3/X509_digest.3ssl.gz
+usr/share/man/man3/X509_dup.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_create_by_NID.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_create_by_OBJ.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_dup.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_free.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_get_critical.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_get_data.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_get_object.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_new.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_set_critical.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_set_data.3ssl.gz
+usr/share/man/man3/X509_EXTENSION_set_object.3ssl.gz
+usr/share/man/man3/X509_free.3ssl.gz
+usr/share/man/man3/X509_get0_authority_key_id.3ssl.gz
+usr/share/man/man3/X509_get0_extensions.3ssl.gz
+usr/share/man/man3/X509_get0_notAfter.3ssl.gz
+usr/share/man/man3/X509_get0_notBefore.3ssl.gz
+usr/share/man/man3/X509_get0_pubkey.3ssl.gz
+usr/share/man/man3/X509_get0_serialNumber.3ssl.gz
+usr/share/man/man3/X509_get0_signature.3ssl.gz
+usr/share/man/man3/X509_get0_subject_key_id.3ssl.gz
+usr/share/man/man3/X509_get0_tbs_sigalg.3ssl.gz
+usr/share/man/man3/X509_get0_uids.3ssl.gz
+usr/share/man/man3/X509_get_ex_data.3ssl.gz
+usr/share/man/man3/X509_get_ex_new_index.3ssl.gz
+usr/share/man/man3/X509_get_ext.3ssl.gz
+usr/share/man/man3/X509_get_ext_by_critical.3ssl.gz
+usr/share/man/man3/X509_get_ext_by_NID.3ssl.gz
+usr/share/man/man3/X509_get_ext_by_OBJ.3ssl.gz
+usr/share/man/man3/X509_get_ext_count.3ssl.gz
+usr/share/man/man3/X509_get_ext_d2i.3ssl.gz
+usr/share/man/man3/X509_get_extended_key_usage.3ssl.gz
+usr/share/man/man3/X509_get_extension_flags.3ssl.gz
+usr/share/man/man3/X509_get_issuer_name.3ssl.gz
+usr/share/man/man3/X509_get_key_usage.3ssl.gz
+usr/share/man/man3/X509_get_pathlen.3ssl.gz
+usr/share/man/man3/X509_get_proxy_pathlen.3ssl.gz
+usr/share/man/man3/X509_get_pubkey.3ssl.gz
+usr/share/man/man3/X509_get_serialNumber.3ssl.gz
+usr/share/man/man3/X509_get_signature_info.3ssl.gz
+usr/share/man/man3/X509_get_signature_nid.3ssl.gz
+usr/share/man/man3/X509_get_subject_name.3ssl.gz
+usr/share/man/man3/X509_get_version.3ssl.gz
+usr/share/man/man3/X509_get_X509_PUBKEY.3ssl.gz
+usr/share/man/man3/X509_getm_notAfter.3ssl.gz
+usr/share/man/man3/X509_getm_notBefore.3ssl.gz
+usr/share/man/man3/X509_load_cert_crl_file.3ssl.gz
+usr/share/man/man3/X509_load_cert_file.3ssl.gz
+usr/share/man/man3/X509_load_crl_file.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_ctrl_fn.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_file.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_get_by_alias_fn.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_get_by_fingerprint_fn.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_get_by_issuer_serial_fn.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_get_by_subject_fn.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_get_method_data.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_get_store.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_hash_dir.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_free.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_ctrl.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_free.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_get_by_alias.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_get_by_fingerprint.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_get_by_issuer_serial.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_get_by_subject.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_init.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_new_item.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_get_shutdown.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_new.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_ctrl.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_free.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_get_by_alias.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_get_by_fingerprint.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_get_by_issuer_serial.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_get_by_subject.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_init.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_new_item.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_meth_set_shutdown.3ssl.gz
+usr/share/man/man3/X509_LOOKUP_set_method_data.3ssl.gz
+usr/share/man/man3/X509_NAME_add_entry.3ssl.gz
+usr/share/man/man3/X509_NAME_add_entry_by_NID.3ssl.gz
+usr/share/man/man3/X509_NAME_add_entry_by_OBJ.3ssl.gz
+usr/share/man/man3/X509_NAME_add_entry_by_txt.3ssl.gz
+usr/share/man/man3/X509_NAME_delete_entry.3ssl.gz
+usr/share/man/man3/X509_NAME_digest.3ssl.gz
+usr/share/man/man3/X509_NAME_dup.3ssl.gz
+usr/share/man/man3/X509_NAME_entry_count.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_create_by_NID.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_create_by_OBJ.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_create_by_txt.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_dup.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_free.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_get_data.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_get_object.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_new.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_set_data.3ssl.gz
+usr/share/man/man3/X509_NAME_ENTRY_set_object.3ssl.gz
+usr/share/man/man3/X509_NAME_free.3ssl.gz
+usr/share/man/man3/X509_NAME_get0_der.3ssl.gz
+usr/share/man/man3/X509_NAME_get_entry.3ssl.gz
+usr/share/man/man3/X509_NAME_get_index_by_NID.3ssl.gz
+usr/share/man/man3/X509_NAME_get_index_by_OBJ.3ssl.gz
+usr/share/man/man3/X509_NAME_get_text_by_NID.3ssl.gz
+usr/share/man/man3/X509_NAME_get_text_by_OBJ.3ssl.gz
+usr/share/man/man3/X509_NAME_new.3ssl.gz
+usr/share/man/man3/X509_NAME_oneline.3ssl.gz
+usr/share/man/man3/X509_NAME_print.3ssl.gz
+usr/share/man/man3/X509_NAME_print_ex.3ssl.gz
+usr/share/man/man3/X509_NAME_print_ex_fp.3ssl.gz
+usr/share/man/man3/X509_new.3ssl.gz
+usr/share/man/man3/X509_OBJECT_set1_X509.3ssl.gz
+usr/share/man/man3/X509_OBJECT_set1_X509_CRL.3ssl.gz
+usr/share/man/man3/X509_pubkey_digest.3ssl.gz
+usr/share/man/man3/X509_PUBKEY_free.3ssl.gz
+usr/share/man/man3/X509_PUBKEY_get.3ssl.gz
+usr/share/man/man3/X509_PUBKEY_get0.3ssl.gz
+usr/share/man/man3/X509_PUBKEY_get0_param.3ssl.gz
+usr/share/man/man3/X509_PUBKEY_new.3ssl.gz
+usr/share/man/man3/X509_PUBKEY_set.3ssl.gz
+usr/share/man/man3/X509_PUBKEY_set0_param.3ssl.gz
+usr/share/man/man3/X509_REQ_check_private_key.3ssl.gz
+usr/share/man/man3/X509_REQ_digest.3ssl.gz
+usr/share/man/man3/X509_REQ_dup.3ssl.gz
+usr/share/man/man3/X509_REQ_free.3ssl.gz
+usr/share/man/man3/X509_REQ_get0_pubkey.3ssl.gz
+usr/share/man/man3/X509_REQ_get0_signature.3ssl.gz
+usr/share/man/man3/X509_REQ_get_pubkey.3ssl.gz
+usr/share/man/man3/X509_REQ_get_signature_nid.3ssl.gz
+usr/share/man/man3/X509_REQ_get_subject_name.3ssl.gz
+usr/share/man/man3/X509_REQ_get_version.3ssl.gz
+usr/share/man/man3/X509_REQ_get_X509_PUBKEY.3ssl.gz
+usr/share/man/man3/X509_REQ_INFO_free.3ssl.gz
+usr/share/man/man3/X509_REQ_INFO_new.3ssl.gz
+usr/share/man/man3/X509_REQ_new.3ssl.gz
+usr/share/man/man3/X509_REQ_set_pubkey.3ssl.gz
+usr/share/man/man3/X509_REQ_set_subject_name.3ssl.gz
+usr/share/man/man3/X509_REQ_set_version.3ssl.gz
+usr/share/man/man3/X509_REQ_sign.3ssl.gz
+usr/share/man/man3/X509_REQ_sign_ctx.3ssl.gz
+usr/share/man/man3/X509_REQ_verify.3ssl.gz
+usr/share/man/man3/X509_REVOKED_add1_ext_i2d.3ssl.gz
+usr/share/man/man3/X509_REVOKED_add_ext.3ssl.gz
+usr/share/man/man3/X509_REVOKED_delete_ext.3ssl.gz
+usr/share/man/man3/X509_REVOKED_dup.3ssl.gz
+usr/share/man/man3/X509_REVOKED_free.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get0_extensions.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get0_revocationDate.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get0_serialNumber.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get_ext.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get_ext_by_critical.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get_ext_by_NID.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get_ext_by_OBJ.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get_ext_count.3ssl.gz
+usr/share/man/man3/X509_REVOKED_get_ext_d2i.3ssl.gz
+usr/share/man/man3/X509_REVOKED_new.3ssl.gz
+usr/share/man/man3/X509_REVOKED_set_revocationDate.3ssl.gz
+usr/share/man/man3/X509_REVOKED_set_serialNumber.3ssl.gz
+usr/share/man/man3/X509_set1_notAfter.3ssl.gz
+usr/share/man/man3/X509_set1_notBefore.3ssl.gz
+usr/share/man/man3/X509_set_ex_data.3ssl.gz
+usr/share/man/man3/X509_set_issuer_name.3ssl.gz
+usr/share/man/man3/X509_set_proxy_flag.3ssl.gz
+usr/share/man/man3/X509_set_proxy_pathlen.3ssl.gz
+usr/share/man/man3/X509_set_pubkey.3ssl.gz
+usr/share/man/man3/X509_set_serialNumber.3ssl.gz
+usr/share/man/man3/X509_set_subject_name.3ssl.gz
+usr/share/man/man3/X509_set_version.3ssl.gz
+usr/share/man/man3/X509_SIG_free.3ssl.gz
+usr/share/man/man3/X509_SIG_get0.3ssl.gz
+usr/share/man/man3/X509_SIG_getm.3ssl.gz
+usr/share/man/man3/X509_SIG_INFO_get.3ssl.gz
+usr/share/man/man3/X509_SIG_INFO_set.3ssl.gz
+usr/share/man/man3/X509_SIG_new.3ssl.gz
+usr/share/man/man3/X509_sign.3ssl.gz
+usr/share/man/man3/X509_sign_ctx.3ssl.gz
+usr/share/man/man3/X509_STORE_add_cert.3ssl.gz
+usr/share/man/man3/X509_STORE_add_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_cert_crl_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_check_crl_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_check_issued_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_check_policy_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_check_revocation_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_cleanup.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_cleanup_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_free.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get0_cert.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get0_chain.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get0_param.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get0_untrusted.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get1_chain.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_cert_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_check_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_check_issued.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_check_policy.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_check_revocation.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_cleanup.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_crl_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_current_cert.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_error.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_error_depth.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_ex_data.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_ex_new_index.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_get_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_get_issuer.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_issuer_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_lookup_certs.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_lookup_crls.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_num_untrusted.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_verify.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_get_verify_cb.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_init.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_lookup_certs_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_lookup_crls_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_new.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set0_crls.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set0_param.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set0_trusted_stack.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set0_untrusted.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set0_verified_chain.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set_cert.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set_current_cert.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set_default.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set_error.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set_error_depth.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set_ex_data.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set_verify.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_set_verify_cb.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_verify_cb.3ssl.gz
+usr/share/man/man3/X509_STORE_CTX_verify_fn.3ssl.gz
+usr/share/man/man3/X509_STORE_free.3ssl.gz
+usr/share/man/man3/X509_STORE_get0_objects.3ssl.gz
+usr/share/man/man3/X509_STORE_get0_param.3ssl.gz
+usr/share/man/man3/X509_STORE_get_cert_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_get_check_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_get_check_issued.3ssl.gz
+usr/share/man/man3/X509_STORE_get_check_policy.3ssl.gz
+usr/share/man/man3/X509_STORE_get_check_revocation.3ssl.gz
+usr/share/man/man3/X509_STORE_get_cleanup.3ssl.gz
+usr/share/man/man3/X509_STORE_get_ex_data.3ssl.gz
+usr/share/man/man3/X509_STORE_get_ex_new_index.3ssl.gz
+usr/share/man/man3/X509_STORE_get_get_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_get_get_issuer.3ssl.gz
+usr/share/man/man3/X509_STORE_get_lookup_certs.3ssl.gz
+usr/share/man/man3/X509_STORE_get_lookup_crls.3ssl.gz
+usr/share/man/man3/X509_STORE_get_verify_cb.3ssl.gz
+usr/share/man/man3/X509_STORE_load_locations.3ssl.gz
+usr/share/man/man3/X509_STORE_lock.3ssl.gz
+usr/share/man/man3/X509_STORE_new.3ssl.gz
+usr/share/man/man3/X509_STORE_set1_param.3ssl.gz
+usr/share/man/man3/X509_STORE_set_cert_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_set_check_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_set_check_issued.3ssl.gz
+usr/share/man/man3/X509_STORE_set_check_policy.3ssl.gz
+usr/share/man/man3/X509_STORE_set_check_revocation.3ssl.gz
+usr/share/man/man3/X509_STORE_set_cleanup.3ssl.gz
+usr/share/man/man3/X509_STORE_set_default_paths.3ssl.gz
+usr/share/man/man3/X509_STORE_set_depth.3ssl.gz
+usr/share/man/man3/X509_STORE_set_ex_data.3ssl.gz
+usr/share/man/man3/X509_STORE_set_flags.3ssl.gz
+usr/share/man/man3/X509_STORE_set_get_crl.3ssl.gz
+usr/share/man/man3/X509_STORE_set_get_issuer.3ssl.gz
+usr/share/man/man3/X509_STORE_set_lookup_certs.3ssl.gz
+usr/share/man/man3/X509_STORE_set_lookup_crls.3ssl.gz
+usr/share/man/man3/X509_STORE_set_lookup_crls_cb.3ssl.gz
+usr/share/man/man3/X509_STORE_set_purpose.3ssl.gz
+usr/share/man/man3/X509_STORE_set_trust.3ssl.gz
+usr/share/man/man3/X509_STORE_set_verify.3ssl.gz
+usr/share/man/man3/X509_STORE_set_verify_cb.3ssl.gz
+usr/share/man/man3/X509_STORE_set_verify_cb_func.3ssl.gz
+usr/share/man/man3/X509_STORE_set_verify_func.3ssl.gz
+usr/share/man/man3/X509_STORE_unlock.3ssl.gz
+usr/share/man/man3/X509_STORE_up_ref.3ssl.gz
+usr/share/man/man3/X509_time_adj.3ssl.gz
+usr/share/man/man3/X509_time_adj_ex.3ssl.gz
+usr/share/man/man3/X509_up_ref.3ssl.gz
+usr/share/man/man3/X509_VAL_free.3ssl.gz
+usr/share/man/man3/X509_VAL_new.3ssl.gz
+usr/share/man/man3/X509_verify.3ssl.gz
+usr/share/man/man3/X509_verify_cert.3ssl.gz
+usr/share/man/man3/X509_verify_cert_error_string.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_add0_policy.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_add1_host.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_clear_flags.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_get0_peername.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_get_auth_level.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_get_depth.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_get_flags.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_get_hostflags.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_get_inh_flags.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_get_time.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set1_email.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set1_host.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set1_ip.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set1_ip_asc.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set1_policies.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set_auth_level.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set_depth.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set_flags.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set_hostflags.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set_inh_flags.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set_purpose.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set_time.3ssl.gz
+usr/share/man/man3/X509_VERIFY_PARAM_set_trust.3ssl.gz
+usr/share/man/man3/X509V3_add1_i2d.3ssl.gz
+usr/share/man/man3/X509v3_add_ext.3ssl.gz
+usr/share/man/man3/X509v3_delete_ext.3ssl.gz
+usr/share/man/man3/X509V3_EXT_d2i.3ssl.gz
+usr/share/man/man3/X509V3_EXT_i2d.3ssl.gz
+usr/share/man/man3/X509V3_get_d2i.3ssl.gz
+usr/share/man/man3/X509v3_get_ext.3ssl.gz
+usr/share/man/man3/X509v3_get_ext_by_critical.3ssl.gz
+usr/share/man/man3/X509v3_get_ext_by_NID.3ssl.gz
+usr/share/man/man3/X509v3_get_ext_by_OBJ.3ssl.gz
+usr/share/man/man3/X509v3_get_ext_count.3ssl.gz
+usr/share/man/man5/
+usr/share/man/man5/config.5ssl.gz
+usr/share/man/man5/x509v3_config.5ssl.gz
+usr/share/man/man7/
+usr/share/man/man7/bio.7ssl.gz
+usr/share/man/man7/crypto.7ssl.gz
+usr/share/man/man7/ct.7ssl.gz
+usr/share/man/man7/des_modes.7ssl.gz
+usr/share/man/man7/Ed25519.7ssl.gz
+usr/share/man/man7/Ed448.7ssl.gz
+usr/share/man/man7/evp.7ssl.gz
+usr/share/man/man7/ossl_store-file.7ssl.gz
+usr/share/man/man7/ossl_store.7ssl.gz
+usr/share/man/man7/passphrase-encoding.7ssl.gz
+usr/share/man/man7/RAND.7ssl.gz
+usr/share/man/man7/RAND_DRBG.7ssl.gz
+usr/share/man/man7/RSA-PSS.7ssl.gz
+usr/share/man/man7/scrypt.7ssl.gz
+usr/share/man/man7/SM2.7ssl.gz
+usr/share/man/man7/ssl.7ssl.gz
+usr/share/man/man7/X25519.7ssl.gz
+usr/share/man/man7/X448.7ssl.gz
+usr/share/man/man7/x509.7ssl.gz
+usr/ssl/
+usr/ssl/certs/
+usr/ssl/ct_log_list.cnf
+usr/ssl/ct_log_list.cnf.dist
+usr/ssl/misc/
+usr/ssl/misc/CA.pl
+usr/ssl/misc/tsget
+usr/ssl/misc/tsget.pl
+usr/ssl/openssl.cnf
+usr/ssl/openssl.cnf.dist
+usr/ssl/private/
+
diff --git a/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/mtree b/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/mtree
new file mode 100644
index 000000000..f5e81bd6d
Binary files /dev/null and b/msys2/var/lib/pacman/local/openssl-1.1.1.b-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/p11-kit-0.23.15-1/desc b/msys2/var/lib/pacman/local/p11-kit-0.23.15-1/desc
new file mode 100644
index 000000000..513525442
--- /dev/null
+++ b/msys2/var/lib/pacman/local/p11-kit-0.23.15-1/desc
@@ -0,0 +1,42 @@
+%NAME%
+p11-kit
+
+%VERSION%
+0.23.15-1
+
+%BASE%
+p11-kit
+
+%DESC%
+Library to work with PKCS#11 modules
+
+%URL%
+https://p11-glue.freedesktop.org/p11-kit.html
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1548309743
+
+%INSTALLDATE%
+1558699090
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1431552
+
+%REASON%
+1
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libp11-kit=0.23.15
+
diff --git a/msys2/var/lib/pacman/local/p11-kit-0.23.9-1/files b/msys2/var/lib/pacman/local/p11-kit-0.23.15-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/p11-kit-0.23.9-1/files
rename to msys2/var/lib/pacman/local/p11-kit-0.23.15-1/files
diff --git a/msys2/var/lib/pacman/local/p11-kit-0.23.15-1/mtree b/msys2/var/lib/pacman/local/p11-kit-0.23.15-1/mtree
new file mode 100644
index 000000000..a0cf9caa6
Binary files /dev/null and b/msys2/var/lib/pacman/local/p11-kit-0.23.15-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/p11-kit-0.23.9-1/desc b/msys2/var/lib/pacman/local/p11-kit-0.23.9-1/desc
deleted file mode 100644
index 332bd3297..000000000
--- a/msys2/var/lib/pacman/local/p11-kit-0.23.9-1/desc
+++ /dev/null
@@ -1,42 +0,0 @@
-%NAME%
-p11-kit
-
-%VERSION%
-0.23.9-1
-
-%BASE%
-p11-kit
-
-%DESC%
-Library to work with PKCS#11 modules
-
-%URL%
-https://p11-glue.freedesktop.org/p11-kit.html
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1510894996
-
-%INSTALLDATE%
-1527758868
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1463296
-
-%REASON%
-1
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libp11-kit=0.23.9
-
diff --git a/msys2/var/lib/pacman/local/p11-kit-0.23.9-1/mtree b/msys2/var/lib/pacman/local/p11-kit-0.23.9-1/mtree
deleted file mode 100644
index dd1a789c5..000000000
Binary files a/msys2/var/lib/pacman/local/p11-kit-0.23.9-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/pacman-5.0.1-7/desc b/msys2/var/lib/pacman/local/pacman-5.0.1-7/desc
deleted file mode 100644
index 8a5655a13..000000000
--- a/msys2/var/lib/pacman/local/pacman-5.0.1-7/desc
+++ /dev/null
@@ -1,62 +0,0 @@
-%NAME%
-pacman
-
-%VERSION%
-5.0.1-7
-
-%DESC%
-A library-based package manager with dependency support (MSYS2 port)
-
-%URL%
-https://www.archlinux.org/pacman/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1527756887
-
-%INSTALLDATE%
-1527758879
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-36429824
-
-%GROUPS%
-base
-base-devel
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%REPLACES%
-pacman-contrib
-
-%DEPENDS%
-bash>=4.2.045
-gettext
-gnupg
-msys2-runtime
-curl
-pacman-mirrors
-msys2-keyring
-which
-bzip2
-xz
-
-%OPTDEPENDS%
-diffutils
-vim
-
-%CONFLICTS%
-pacman-contrib
-
-%PROVIDES%
-pacman-contrib
-
diff --git a/msys2/var/lib/pacman/local/pacman-5.0.1-7/files b/msys2/var/lib/pacman/local/pacman-5.0.1-7/files
deleted file mode 100644
index fbead959e..000000000
--- a/msys2/var/lib/pacman/local/pacman-5.0.1-7/files
+++ /dev/null
@@ -1,423 +0,0 @@
-%FILES%
-etc/
-etc/makepkg.conf
-etc/makepkg_mingw32.conf
-etc/makepkg_mingw64.conf
-etc/pacman.conf
-usr/
-usr/bin/
-usr/bin/bacman
-usr/bin/checkupdates
-usr/bin/cleanupdelta.exe
-usr/bin/makepkg
-usr/bin/makepkg-mingw
-usr/bin/makepkg-template
-usr/bin/paccache
-usr/bin/pacdiff
-usr/bin/paclist
-usr/bin/paclog-pkglist
-usr/bin/pacman-db-upgrade
-usr/bin/pacman-key
-usr/bin/pacman-optimize
-usr/bin/pacman.exe
-usr/bin/pacscripts
-usr/bin/pacsearch
-usr/bin/pacsort.exe
-usr/bin/pactree.exe
-usr/bin/pkgdelta
-usr/bin/rankmirrors
-usr/bin/repo-add
-usr/bin/repo-elephant
-usr/bin/repo-remove
-usr/bin/testpkg.exe
-usr/bin/updpkgsums
-usr/bin/vercmp.exe
-usr/include/
-usr/include/alpm.h
-usr/include/alpm_list.h
-usr/lib/
-usr/lib/libalpm.a
-usr/lib/pkgconfig/
-usr/lib/pkgconfig/libalpm.pc
-usr/share/
-usr/share/bash-completion/
-usr/share/bash-completion/completions/
-usr/share/bash-completion/completions/makepkg
-usr/share/bash-completion/completions/pacman
-usr/share/bash-completion/completions/pacman-key
-usr/share/libalpm/
-usr/share/libalpm/hooks/
-usr/share/locale/
-usr/share/locale/ar/
-usr/share/locale/ar/LC_MESSAGES/
-usr/share/locale/ar/LC_MESSAGES/libalpm.mo
-usr/share/locale/ar/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/ar/LC_MESSAGES/pacman.mo
-usr/share/locale/az_AZ/
-usr/share/locale/az_AZ/LC_MESSAGES/
-usr/share/locale/az_AZ/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/az_AZ/LC_MESSAGES/pacman.mo
-usr/share/locale/br/
-usr/share/locale/br/LC_MESSAGES/
-usr/share/locale/br/LC_MESSAGES/libalpm.mo
-usr/share/locale/br/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/br/LC_MESSAGES/pacman.mo
-usr/share/locale/ca/
-usr/share/locale/ca/LC_MESSAGES/
-usr/share/locale/ca/LC_MESSAGES/libalpm.mo
-usr/share/locale/ca/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/ca/LC_MESSAGES/pacman.mo
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/libalpm.mo
-usr/share/locale/cs/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/cs/LC_MESSAGES/pacman.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/libalpm.mo
-usr/share/locale/da/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/da/LC_MESSAGES/pacman.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/libalpm.mo
-usr/share/locale/de/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/de/LC_MESSAGES/pacman.mo
-usr/share/locale/el/
-usr/share/locale/el/LC_MESSAGES/
-usr/share/locale/el/LC_MESSAGES/libalpm.mo
-usr/share/locale/el/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/el/LC_MESSAGES/pacman.mo
-usr/share/locale/en_GB/
-usr/share/locale/en_GB/LC_MESSAGES/
-usr/share/locale/en_GB/LC_MESSAGES/libalpm.mo
-usr/share/locale/en_GB/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/en_GB/LC_MESSAGES/pacman.mo
-usr/share/locale/eo/
-usr/share/locale/eo/LC_MESSAGES/
-usr/share/locale/eo/LC_MESSAGES/libalpm.mo
-usr/share/locale/eo/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/eo/LC_MESSAGES/pacman.mo
-usr/share/locale/es/
-usr/share/locale/es/LC_MESSAGES/
-usr/share/locale/es/LC_MESSAGES/libalpm.mo
-usr/share/locale/es/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/es/LC_MESSAGES/pacman.mo
-usr/share/locale/es_419/
-usr/share/locale/es_419/LC_MESSAGES/
-usr/share/locale/es_419/LC_MESSAGES/libalpm.mo
-usr/share/locale/es_419/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/es_419/LC_MESSAGES/pacman.mo
-usr/share/locale/fa/
-usr/share/locale/fa/LC_MESSAGES/
-usr/share/locale/fa/LC_MESSAGES/pacman.mo
-usr/share/locale/fi/
-usr/share/locale/fi/LC_MESSAGES/
-usr/share/locale/fi/LC_MESSAGES/libalpm.mo
-usr/share/locale/fi/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/fi/LC_MESSAGES/pacman.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/libalpm.mo
-usr/share/locale/fr/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/fr/LC_MESSAGES/pacman.mo
-usr/share/locale/gl/
-usr/share/locale/gl/LC_MESSAGES/
-usr/share/locale/gl/LC_MESSAGES/libalpm.mo
-usr/share/locale/gl/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/gl/LC_MESSAGES/pacman.mo
-usr/share/locale/hr/
-usr/share/locale/hr/LC_MESSAGES/
-usr/share/locale/hr/LC_MESSAGES/libalpm.mo
-usr/share/locale/hr/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/hr/LC_MESSAGES/pacman.mo
-usr/share/locale/hu/
-usr/share/locale/hu/LC_MESSAGES/
-usr/share/locale/hu/LC_MESSAGES/libalpm.mo
-usr/share/locale/hu/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/hu/LC_MESSAGES/pacman.mo
-usr/share/locale/id/
-usr/share/locale/id/LC_MESSAGES/
-usr/share/locale/id/LC_MESSAGES/libalpm.mo
-usr/share/locale/id/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/id/LC_MESSAGES/pacman.mo
-usr/share/locale/is/
-usr/share/locale/is/LC_MESSAGES/
-usr/share/locale/is/LC_MESSAGES/libalpm.mo
-usr/share/locale/is/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/is/LC_MESSAGES/pacman.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/libalpm.mo
-usr/share/locale/it/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/it/LC_MESSAGES/pacman.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/libalpm.mo
-usr/share/locale/ja/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/ja/LC_MESSAGES/pacman.mo
-usr/share/locale/ka/
-usr/share/locale/ka/LC_MESSAGES/
-usr/share/locale/ka/LC_MESSAGES/libalpm.mo
-usr/share/locale/ka/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/ka/LC_MESSAGES/pacman.mo
-usr/share/locale/kk/
-usr/share/locale/kk/LC_MESSAGES/
-usr/share/locale/kk/LC_MESSAGES/libalpm.mo
-usr/share/locale/kk/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/kk/LC_MESSAGES/pacman.mo
-usr/share/locale/ko/
-usr/share/locale/ko/LC_MESSAGES/
-usr/share/locale/ko/LC_MESSAGES/libalpm.mo
-usr/share/locale/ko/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/ko/LC_MESSAGES/pacman.mo
-usr/share/locale/lt/
-usr/share/locale/lt/LC_MESSAGES/
-usr/share/locale/lt/LC_MESSAGES/libalpm.mo
-usr/share/locale/lt/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/lt/LC_MESSAGES/pacman.mo
-usr/share/locale/nb/
-usr/share/locale/nb/LC_MESSAGES/
-usr/share/locale/nb/LC_MESSAGES/libalpm.mo
-usr/share/locale/nb/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/nb/LC_MESSAGES/pacman.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/libalpm.mo
-usr/share/locale/nl/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/nl/LC_MESSAGES/pacman.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/libalpm.mo
-usr/share/locale/pl/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/pl/LC_MESSAGES/pacman.mo
-usr/share/locale/pt/
-usr/share/locale/pt/LC_MESSAGES/
-usr/share/locale/pt/LC_MESSAGES/libalpm.mo
-usr/share/locale/pt/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/pt/LC_MESSAGES/pacman.mo
-usr/share/locale/pt_BR/
-usr/share/locale/pt_BR/LC_MESSAGES/
-usr/share/locale/pt_BR/LC_MESSAGES/libalpm.mo
-usr/share/locale/pt_BR/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/pt_BR/LC_MESSAGES/pacman.mo
-usr/share/locale/ro/
-usr/share/locale/ro/LC_MESSAGES/
-usr/share/locale/ro/LC_MESSAGES/libalpm.mo
-usr/share/locale/ro/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/ro/LC_MESSAGES/pacman.mo
-usr/share/locale/ru/
-usr/share/locale/ru/LC_MESSAGES/
-usr/share/locale/ru/LC_MESSAGES/libalpm.mo
-usr/share/locale/ru/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/ru/LC_MESSAGES/pacman.mo
-usr/share/locale/sk/
-usr/share/locale/sk/LC_MESSAGES/
-usr/share/locale/sk/LC_MESSAGES/libalpm.mo
-usr/share/locale/sk/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/sk/LC_MESSAGES/pacman.mo
-usr/share/locale/sl/
-usr/share/locale/sl/LC_MESSAGES/
-usr/share/locale/sl/LC_MESSAGES/libalpm.mo
-usr/share/locale/sl/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/sl/LC_MESSAGES/pacman.mo
-usr/share/locale/sr/
-usr/share/locale/sr/LC_MESSAGES/
-usr/share/locale/sr/LC_MESSAGES/libalpm.mo
-usr/share/locale/sr/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/sr/LC_MESSAGES/pacman.mo
-usr/share/locale/sr@latin/
-usr/share/locale/sr@latin/LC_MESSAGES/
-usr/share/locale/sr@latin/LC_MESSAGES/libalpm.mo
-usr/share/locale/sr@latin/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/sr@latin/LC_MESSAGES/pacman.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/libalpm.mo
-usr/share/locale/sv/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/sv/LC_MESSAGES/pacman.mo
-usr/share/locale/th/
-usr/share/locale/th/LC_MESSAGES/
-usr/share/locale/th/LC_MESSAGES/pacman.mo
-usr/share/locale/tr/
-usr/share/locale/tr/LC_MESSAGES/
-usr/share/locale/tr/LC_MESSAGES/libalpm.mo
-usr/share/locale/tr/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/tr/LC_MESSAGES/pacman.mo
-usr/share/locale/uk/
-usr/share/locale/uk/LC_MESSAGES/
-usr/share/locale/uk/LC_MESSAGES/libalpm.mo
-usr/share/locale/uk/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/uk/LC_MESSAGES/pacman.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/pacman.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/libalpm.mo
-usr/share/locale/zh_CN/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/zh_CN/LC_MESSAGES/pacman.mo
-usr/share/locale/zh_TW/
-usr/share/locale/zh_TW/LC_MESSAGES/
-usr/share/locale/zh_TW/LC_MESSAGES/libalpm.mo
-usr/share/locale/zh_TW/LC_MESSAGES/pacman-scripts.mo
-usr/share/locale/zh_TW/LC_MESSAGES/pacman.mo
-usr/share/makepkg-template/
-usr/share/makepkg/
-usr/share/makepkg/lint_package.sh
-usr/share/makepkg/lint_package/
-usr/share/makepkg/lint_package/build_references.sh
-usr/share/makepkg/lint_package/missing_backup.sh
-usr/share/makepkg/lint_pkgbuild.sh
-usr/share/makepkg/lint_pkgbuild/
-usr/share/makepkg/lint_pkgbuild/arch.sh
-usr/share/makepkg/lint_pkgbuild/backup.sh
-usr/share/makepkg/lint_pkgbuild/changelog.sh
-usr/share/makepkg/lint_pkgbuild/epoch.sh
-usr/share/makepkg/lint_pkgbuild/install.sh
-usr/share/makepkg/lint_pkgbuild/optdepends.sh
-usr/share/makepkg/lint_pkgbuild/options.sh
-usr/share/makepkg/lint_pkgbuild/package_function.sh
-usr/share/makepkg/lint_pkgbuild/pkgbase.sh
-usr/share/makepkg/lint_pkgbuild/pkglist.sh
-usr/share/makepkg/lint_pkgbuild/pkgname.sh
-usr/share/makepkg/lint_pkgbuild/pkgrel.sh
-usr/share/makepkg/lint_pkgbuild/pkgver.sh
-usr/share/makepkg/lint_pkgbuild/provides.sh
-usr/share/makepkg/lint_pkgbuild/source.sh
-usr/share/makepkg/lint_pkgbuild/util.sh
-usr/share/makepkg/lint_pkgbuild/variable.sh
-usr/share/makepkg/source.sh
-usr/share/makepkg/source/
-usr/share/makepkg/source/bzr.sh
-usr/share/makepkg/source/file.sh
-usr/share/makepkg/source/git.sh
-usr/share/makepkg/source/hg.sh
-usr/share/makepkg/source/local.sh
-usr/share/makepkg/source/svn.sh
-usr/share/makepkg/tidy.sh
-usr/share/makepkg/tidy/
-usr/share/makepkg/tidy/docs.sh
-usr/share/makepkg/tidy/emptydirs.sh
-usr/share/makepkg/tidy/libtool.sh
-usr/share/makepkg/tidy/optipng.sh
-usr/share/makepkg/tidy/purge.sh
-usr/share/makepkg/tidy/staticlibs.sh
-usr/share/makepkg/tidy/strip.sh
-usr/share/makepkg/tidy/upx.sh
-usr/share/makepkg/tidy/zipman.sh
-usr/share/makepkg/util.sh
-usr/share/makepkg/util/
-usr/share/makepkg/util/message.sh
-usr/share/makepkg/util/option.sh
-usr/share/makepkg/util/pkgbuild.sh
-usr/share/makepkg/util/source.sh
-usr/share/makepkg/util/util.sh
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/makepkg-template.1.gz
-usr/share/man/man3/
-usr/share/man/man3/__alpm_db_t.3.gz
-usr/share/man/man3/__alpm_graph_t.3.gz
-usr/share/man/man3/__alpm_handle_t.3.gz
-usr/share/man/man3/__alpm_list_t.3.gz
-usr/share/man/man3/__alpm_mountpoint_t.3.gz
-usr/share/man/man3/__alpm_pkg_t.3.gz
-usr/share/man/man3/__alpm_pkghash_t.3.gz
-usr/share/man/man3/__alpm_trans_t.3.gz
-usr/share/man/man3/_alpm_backup_t.3.gz
-usr/share/man/man3/_alpm_conflict_t.3.gz
-usr/share/man/man3/_alpm_delta_t.3.gz
-usr/share/man/man3/_alpm_depend_t.3.gz
-usr/share/man/man3/_alpm_depmissing_t.3.gz
-usr/share/man/man3/_alpm_event_any_t.3.gz
-usr/share/man/man3/_alpm_event_database_missing_t.3.gz
-usr/share/man/man3/_alpm_event_delta_patch_t.3.gz
-usr/share/man/man3/_alpm_event_hook_run_t.3.gz
-usr/share/man/man3/_alpm_event_hook_t.3.gz
-usr/share/man/man3/_alpm_event_optdep_removal_t.3.gz
-usr/share/man/man3/_alpm_event_package_operation_t.3.gz
-usr/share/man/man3/_alpm_event_pacnew_created_t.3.gz
-usr/share/man/man3/_alpm_event_pacsave_created_t.3.gz
-usr/share/man/man3/_alpm_event_pkgdownload_t.3.gz
-usr/share/man/man3/_alpm_event_scriptlet_info_t.3.gz
-usr/share/man/man3/_alpm_event_t.3.gz
-usr/share/man/man3/_alpm_file_t.3.gz
-usr/share/man/man3/_alpm_fileconflict_t.3.gz
-usr/share/man/man3/_alpm_filelist_t.3.gz
-usr/share/man/man3/_alpm_group_t.3.gz
-usr/share/man/man3/_alpm_hook_cb_ctx.3.gz
-usr/share/man/man3/_alpm_hook_t.3.gz
-usr/share/man/man3/_alpm_pgpkey_t.3.gz
-usr/share/man/man3/_alpm_question_any_t.3.gz
-usr/share/man/man3/_alpm_question_conflict_t.3.gz
-usr/share/man/man3/_alpm_question_corrupted_t.3.gz
-usr/share/man/man3/_alpm_question_import_key_t.3.gz
-usr/share/man/man3/_alpm_question_install_ignorepkg_t.3.gz
-usr/share/man/man3/_alpm_question_remove_pkgs_t.3.gz
-usr/share/man/man3/_alpm_question_replace_t.3.gz
-usr/share/man/man3/_alpm_question_select_provider_t.3.gz
-usr/share/man/man3/_alpm_question_t.3.gz
-usr/share/man/man3/_alpm_siglist_t.3.gz
-usr/share/man/man3/_alpm_sigresult_t.3.gz
-usr/share/man/man3/_alpm_trigger_t.3.gz
-usr/share/man/man3/_msys_scripts_pacman_src_pacman-5.0.1_lib_.3.gz
-usr/share/man/man3/_msys_scripts_pacman_src_pacman-5.0.1_lib_libalpm_.3.gz
-usr/share/man/man3/alpm_api.3.gz
-usr/share/man/man3/alpm_api_databases.3.gz
-usr/share/man/man3/alpm_api_depends.3.gz
-usr/share/man/man3/alpm_api_errors.3.gz
-usr/share/man/man3/alpm_api_options.3.gz
-usr/share/man/man3/alpm_api_packages.3.gz
-usr/share/man/man3/alpm_api_trans.3.gz
-usr/share/man/man3/alpm_databases.3.gz
-usr/share/man/man3/alpm_deltas.3.gz
-usr/share/man/man3/alpm_interface.3.gz
-usr/share/man/man3/alpm_list.3.gz
-usr/share/man/man3/alpm_log.3.gz
-usr/share/man/man3/alpm_misc.3.gz
-usr/share/man/man3/alpm_packages.3.gz
-usr/share/man/man3/alpm_trans.3.gz
-usr/share/man/man3/archive_read_buffer.3.gz
-usr/share/man/man3/base64.h.3.gz
-usr/share/man/man3/db_operations.3.gz
-usr/share/man/man3/dload_payload.3.gz
-usr/share/man/man3/libalpm.3.gz
-usr/share/man/man3/md5_context.3.gz
-usr/share/man/man3/package_changelog.3.gz
-usr/share/man/man3/pkg_operations.3.gz
-usr/share/man/man3/sha2_context.3.gz
-usr/share/man/man5/
-usr/share/man/man5/PKGBUILD.5.gz
-usr/share/man/man5/alpm-hooks.5.gz
-usr/share/man/man5/makepkg.conf.5.gz
-usr/share/man/man5/pacman.conf.5.gz
-usr/share/man/man8/
-usr/share/man/man8/makepkg.8.gz
-usr/share/man/man8/pacman-key.8.gz
-usr/share/man/man8/pacman.8.gz
-usr/share/man/man8/pactree.8.gz
-usr/share/man/man8/pkgdelta.8.gz
-usr/share/man/man8/repo-add.8.gz
-usr/share/man/man8/repo-remove.8.gz
-usr/share/man/man8/vercmp.8.gz
-usr/share/pacman/
-usr/share/pacman/PKGBUILD-split.proto
-usr/share/pacman/PKGBUILD-vcs.proto
-usr/share/pacman/PKGBUILD.proto
-usr/share/pacman/proto.install
-usr/share/zsh/
-usr/share/zsh/site-functions/
-usr/share/zsh/site-functions/_pacman
-var/
-var/cache/
-var/cache/pacman/
-var/cache/pacman/pkg/
-var/lib/
-var/lib/pacman/
-
-%BACKUP%
-etc/pacman.conf	a74be5548ab4743ef05712ebff0b8472
-etc/makepkg.conf	9cfbdfc69fabd996a2042228cf56080e
-etc/makepkg_mingw32.conf	b31e665d3d3b2b0d30fe82012aafeb5c
-etc/makepkg_mingw64.conf	121f675a09c8a433a1aa0fe56922416b
-
diff --git a/msys2/var/lib/pacman/local/pacman-5.0.1-7/mtree b/msys2/var/lib/pacman/local/pacman-5.0.1-7/mtree
deleted file mode 100644
index deab968f1..000000000
Binary files a/msys2/var/lib/pacman/local/pacman-5.0.1-7/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/pacman-5.1.3-1/desc b/msys2/var/lib/pacman/local/pacman-5.1.3-1/desc
new file mode 100644
index 000000000..ca15dabdd
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pacman-5.1.3-1/desc
@@ -0,0 +1,65 @@
+%NAME%
+pacman
+
+%VERSION%
+5.1.3-1
+
+%BASE%
+pacman
+
+%DESC%
+A library-based package manager with dependency support (MSYS2 port)
+
+%URL%
+https://www.archlinux.org/pacman/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1558602820
+
+%INSTALLDATE%
+1558699103
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+50673664
+
+%GROUPS%
+base
+base-devel
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%REPLACES%
+pacman-contrib
+
+%DEPENDS%
+bash>=4.2.045
+gettext
+gnupg
+msys2-runtime
+curl
+pacman-mirrors
+msys2-keyring
+which
+bzip2
+xz
+
+%OPTDEPENDS%
+diffutils
+vim
+
+%CONFLICTS%
+pacman-contrib
+
+%PROVIDES%
+pacman-contrib
+
diff --git a/msys2/var/lib/pacman/local/pacman-5.1.3-1/files b/msys2/var/lib/pacman/local/pacman-5.1.3-1/files
new file mode 100644
index 000000000..0f1ef07ac
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pacman-5.1.3-1/files
@@ -0,0 +1,442 @@
+%FILES%
+etc/
+etc/makepkg.conf
+etc/makepkg_clang32.conf
+etc/makepkg_clang64.conf
+etc/makepkg_mingw32.conf
+etc/makepkg_mingw64.conf
+etc/pacman.conf
+usr/
+usr/bin/
+usr/bin/checkupdates
+usr/bin/cleanupdelta.exe
+usr/bin/makepkg
+usr/bin/makepkg-clang
+usr/bin/makepkg-mingw
+usr/bin/makepkg-template
+usr/bin/paccache
+usr/bin/pacdiff
+usr/bin/paclist
+usr/bin/paclog-pkglist
+usr/bin/pacman-conf.exe
+usr/bin/pacman-db-upgrade
+usr/bin/pacman-key
+usr/bin/pacman.exe
+usr/bin/pacscripts
+usr/bin/pacsearch
+usr/bin/pacsort.exe
+usr/bin/pactree.exe
+usr/bin/pkgdelta
+usr/bin/rankmirrors
+usr/bin/repo-add
+usr/bin/repo-elephant
+usr/bin/repo-remove
+usr/bin/testpkg.exe
+usr/bin/updpkgsums
+usr/bin/vercmp.exe
+usr/include/
+usr/include/alpm.h
+usr/include/alpm_list.h
+usr/lib/
+usr/lib/libalpm.a
+usr/lib/pkgconfig/
+usr/lib/pkgconfig/libalpm.pc
+usr/lib/systemd/
+usr/lib/systemd/system/
+usr/lib/systemd/system/paccache.service
+usr/lib/systemd/system/paccache.timer
+usr/share/
+usr/share/bash-completion/
+usr/share/bash-completion/completions/
+usr/share/bash-completion/completions/makepkg
+usr/share/bash-completion/completions/pacman
+usr/share/bash-completion/completions/pacman-key
+usr/share/libalpm/
+usr/share/libalpm/hooks/
+usr/share/locale/
+usr/share/locale/ar/
+usr/share/locale/ar/LC_MESSAGES/
+usr/share/locale/ar/LC_MESSAGES/libalpm.mo
+usr/share/locale/ar/LC_MESSAGES/pacman.mo
+usr/share/locale/ast/
+usr/share/locale/ast/LC_MESSAGES/
+usr/share/locale/ast/LC_MESSAGES/libalpm.mo
+usr/share/locale/ast/LC_MESSAGES/pacman.mo
+usr/share/locale/bg/
+usr/share/locale/bg/LC_MESSAGES/
+usr/share/locale/bg/LC_MESSAGES/libalpm.mo
+usr/share/locale/bg/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/bg/LC_MESSAGES/pacman.mo
+usr/share/locale/br/
+usr/share/locale/br/LC_MESSAGES/
+usr/share/locale/br/LC_MESSAGES/libalpm.mo
+usr/share/locale/br/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/br/LC_MESSAGES/pacman.mo
+usr/share/locale/ca/
+usr/share/locale/ca/LC_MESSAGES/
+usr/share/locale/ca/LC_MESSAGES/libalpm.mo
+usr/share/locale/ca/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/ca/LC_MESSAGES/pacman.mo
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/libalpm.mo
+usr/share/locale/cs/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/cs/LC_MESSAGES/pacman.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/libalpm.mo
+usr/share/locale/da/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/da/LC_MESSAGES/pacman.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/libalpm.mo
+usr/share/locale/de/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/de/LC_MESSAGES/pacman.mo
+usr/share/locale/el/
+usr/share/locale/el/LC_MESSAGES/
+usr/share/locale/el/LC_MESSAGES/libalpm.mo
+usr/share/locale/el/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/el/LC_MESSAGES/pacman.mo
+usr/share/locale/en_GB/
+usr/share/locale/en_GB/LC_MESSAGES/
+usr/share/locale/en_GB/LC_MESSAGES/libalpm.mo
+usr/share/locale/en_GB/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/en_GB/LC_MESSAGES/pacman.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/libalpm.mo
+usr/share/locale/eo/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/eo/LC_MESSAGES/pacman.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/libalpm.mo
+usr/share/locale/es/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/es/LC_MESSAGES/pacman.mo
+usr/share/locale/es_419/
+usr/share/locale/es_419/LC_MESSAGES/
+usr/share/locale/es_419/LC_MESSAGES/libalpm.mo
+usr/share/locale/es_419/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/es_419/LC_MESSAGES/pacman.mo
+usr/share/locale/eu/
+usr/share/locale/eu/LC_MESSAGES/
+usr/share/locale/eu/LC_MESSAGES/libalpm.mo
+usr/share/locale/eu/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/eu/LC_MESSAGES/pacman.mo
+usr/share/locale/eu_ES/
+usr/share/locale/eu_ES/LC_MESSAGES/
+usr/share/locale/eu_ES/LC_MESSAGES/libalpm.mo
+usr/share/locale/eu_ES/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/eu_ES/LC_MESSAGES/pacman.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/libalpm.mo
+usr/share/locale/fi/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/fi/LC_MESSAGES/pacman.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/libalpm.mo
+usr/share/locale/fr/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/fr/LC_MESSAGES/pacman.mo
+usr/share/locale/gl/
+usr/share/locale/gl/LC_MESSAGES/
+usr/share/locale/gl/LC_MESSAGES/libalpm.mo
+usr/share/locale/gl/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/gl/LC_MESSAGES/pacman.mo
+usr/share/locale/hr/
+usr/share/locale/hr/LC_MESSAGES/
+usr/share/locale/hr/LC_MESSAGES/libalpm.mo
+usr/share/locale/hr/LC_MESSAGES/pacman.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/libalpm.mo
+usr/share/locale/hu/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/hu/LC_MESSAGES/pacman.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/libalpm.mo
+usr/share/locale/id/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/id/LC_MESSAGES/pacman.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/libalpm.mo
+usr/share/locale/it/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/it/LC_MESSAGES/pacman.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/libalpm.mo
+usr/share/locale/ja/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/ja/LC_MESSAGES/pacman.mo
+usr/share/locale/kk/
+usr/share/locale/kk/LC_MESSAGES/
+usr/share/locale/kk/LC_MESSAGES/libalpm.mo
+usr/share/locale/kk/LC_MESSAGES/pacman.mo
+usr/share/locale/ko/
+usr/share/locale/ko/LC_MESSAGES/
+usr/share/locale/ko/LC_MESSAGES/libalpm.mo
+usr/share/locale/ko/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/ko/LC_MESSAGES/pacman.mo
+usr/share/locale/lt/
+usr/share/locale/lt/LC_MESSAGES/
+usr/share/locale/lt/LC_MESSAGES/libalpm.mo
+usr/share/locale/lt/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/lt/LC_MESSAGES/pacman.mo
+usr/share/locale/nb/
+usr/share/locale/nb/LC_MESSAGES/
+usr/share/locale/nb/LC_MESSAGES/libalpm.mo
+usr/share/locale/nb/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/nb/LC_MESSAGES/pacman.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/libalpm.mo
+usr/share/locale/nl/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/nl/LC_MESSAGES/pacman.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/libalpm.mo
+usr/share/locale/pl/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/pl/LC_MESSAGES/pacman.mo
+usr/share/locale/pt/
+usr/share/locale/pt/LC_MESSAGES/
+usr/share/locale/pt/LC_MESSAGES/libalpm.mo
+usr/share/locale/pt/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/pt/LC_MESSAGES/pacman.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/libalpm.mo
+usr/share/locale/pt_BR/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/pt_BR/LC_MESSAGES/pacman.mo
+usr/share/locale/ro/
+usr/share/locale/ro/LC_MESSAGES/
+usr/share/locale/ro/LC_MESSAGES/libalpm.mo
+usr/share/locale/ro/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/ro/LC_MESSAGES/pacman.mo
+usr/share/locale/ru/
+usr/share/locale/ru/LC_MESSAGES/
+usr/share/locale/ru/LC_MESSAGES/libalpm.mo
+usr/share/locale/ru/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/ru/LC_MESSAGES/pacman.mo
+usr/share/locale/sk/
+usr/share/locale/sk/LC_MESSAGES/
+usr/share/locale/sk/LC_MESSAGES/libalpm.mo
+usr/share/locale/sk/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/sk/LC_MESSAGES/pacman.mo
+usr/share/locale/sl/
+usr/share/locale/sl/LC_MESSAGES/
+usr/share/locale/sl/LC_MESSAGES/libalpm.mo
+usr/share/locale/sl/LC_MESSAGES/pacman.mo
+usr/share/locale/sr/
+usr/share/locale/sr/LC_MESSAGES/
+usr/share/locale/sr/LC_MESSAGES/libalpm.mo
+usr/share/locale/sr/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/sr/LC_MESSAGES/pacman.mo
+usr/share/locale/sr@latin/
+usr/share/locale/sr@latin/LC_MESSAGES/
+usr/share/locale/sr@latin/LC_MESSAGES/libalpm.mo
+usr/share/locale/sr@latin/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/sr@latin/LC_MESSAGES/pacman.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/libalpm.mo
+usr/share/locale/sv/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/sv/LC_MESSAGES/pacman.mo
+usr/share/locale/tr/
+usr/share/locale/tr/LC_MESSAGES/
+usr/share/locale/tr/LC_MESSAGES/libalpm.mo
+usr/share/locale/tr/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/tr/LC_MESSAGES/pacman.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/libalpm.mo
+usr/share/locale/uk/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/uk/LC_MESSAGES/pacman.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/libalpm.mo
+usr/share/locale/zh_CN/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/zh_CN/LC_MESSAGES/pacman.mo
+usr/share/locale/zh_TW/
+usr/share/locale/zh_TW/LC_MESSAGES/
+usr/share/locale/zh_TW/LC_MESSAGES/libalpm.mo
+usr/share/locale/zh_TW/LC_MESSAGES/pacman-scripts.mo
+usr/share/locale/zh_TW/LC_MESSAGES/pacman.mo
+usr/share/makepkg-template/
+usr/share/makepkg/
+usr/share/makepkg/integrity.sh
+usr/share/makepkg/integrity/
+usr/share/makepkg/integrity/generate_checksum.sh
+usr/share/makepkg/integrity/generate_signature.sh
+usr/share/makepkg/integrity/verify_checksum.sh
+usr/share/makepkg/integrity/verify_signature.sh
+usr/share/makepkg/lint_config.sh
+usr/share/makepkg/lint_config/
+usr/share/makepkg/lint_config/paths.sh
+usr/share/makepkg/lint_config/variable.sh
+usr/share/makepkg/lint_package.sh
+usr/share/makepkg/lint_package/
+usr/share/makepkg/lint_package/build_references.sh
+usr/share/makepkg/lint_package/dotfiles.sh
+usr/share/makepkg/lint_package/file_names.sh
+usr/share/makepkg/lint_package/missing_backup.sh
+usr/share/makepkg/lint_pkgbuild.sh
+usr/share/makepkg/lint_pkgbuild/
+usr/share/makepkg/lint_pkgbuild/arch.sh
+usr/share/makepkg/lint_pkgbuild/backup.sh
+usr/share/makepkg/lint_pkgbuild/changelog.sh
+usr/share/makepkg/lint_pkgbuild/checkdepends.sh
+usr/share/makepkg/lint_pkgbuild/conflicts.sh
+usr/share/makepkg/lint_pkgbuild/depends.sh
+usr/share/makepkg/lint_pkgbuild/epoch.sh
+usr/share/makepkg/lint_pkgbuild/install.sh
+usr/share/makepkg/lint_pkgbuild/makedepends.sh
+usr/share/makepkg/lint_pkgbuild/optdepends.sh
+usr/share/makepkg/lint_pkgbuild/options.sh
+usr/share/makepkg/lint_pkgbuild/package_function.sh
+usr/share/makepkg/lint_pkgbuild/pkgbase.sh
+usr/share/makepkg/lint_pkgbuild/pkglist.sh
+usr/share/makepkg/lint_pkgbuild/pkgname.sh
+usr/share/makepkg/lint_pkgbuild/pkgrel.sh
+usr/share/makepkg/lint_pkgbuild/pkgver.sh
+usr/share/makepkg/lint_pkgbuild/provides.sh
+usr/share/makepkg/lint_pkgbuild/source.sh
+usr/share/makepkg/lint_pkgbuild/util.sh
+usr/share/makepkg/lint_pkgbuild/variable.sh
+usr/share/makepkg/source.sh
+usr/share/makepkg/source/
+usr/share/makepkg/source/bzr.sh
+usr/share/makepkg/source/file.sh
+usr/share/makepkg/source/git.sh
+usr/share/makepkg/source/hg.sh
+usr/share/makepkg/source/local.sh
+usr/share/makepkg/source/svn.sh
+usr/share/makepkg/srcinfo.sh
+usr/share/makepkg/tidy.sh
+usr/share/makepkg/tidy/
+usr/share/makepkg/tidy/docs.sh
+usr/share/makepkg/tidy/emptydirs.sh
+usr/share/makepkg/tidy/libtool.sh
+usr/share/makepkg/tidy/purge.sh
+usr/share/makepkg/tidy/staticlibs.sh
+usr/share/makepkg/tidy/strip.sh
+usr/share/makepkg/tidy/zipman.sh
+usr/share/makepkg/util.sh
+usr/share/makepkg/util/
+usr/share/makepkg/util/compress.sh
+usr/share/makepkg/util/error.sh
+usr/share/makepkg/util/message.sh
+usr/share/makepkg/util/option.sh
+usr/share/makepkg/util/parseopts.sh
+usr/share/makepkg/util/pkgbuild.sh
+usr/share/makepkg/util/source.sh
+usr/share/makepkg/util/util.sh
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/makepkg-template.1.gz
+usr/share/man/man3/
+usr/share/man/man3/__alpm_db_t.3.gz
+usr/share/man/man3/__alpm_graph_t.3.gz
+usr/share/man/man3/__alpm_handle_t.3.gz
+usr/share/man/man3/__alpm_list_t.3.gz
+usr/share/man/man3/__alpm_mountpoint_t.3.gz
+usr/share/man/man3/__alpm_pkg_t.3.gz
+usr/share/man/man3/__alpm_pkghash_t.3.gz
+usr/share/man/man3/__alpm_trans_t.3.gz
+usr/share/man/man3/_alpm_backup_t.3.gz
+usr/share/man/man3/_alpm_conflict_t.3.gz
+usr/share/man/man3/_alpm_delta_t.3.gz
+usr/share/man/man3/_alpm_depend_t.3.gz
+usr/share/man/man3/_alpm_depmissing_t.3.gz
+usr/share/man/man3/_alpm_event_any_t.3.gz
+usr/share/man/man3/_alpm_event_database_missing_t.3.gz
+usr/share/man/man3/_alpm_event_delta_patch_t.3.gz
+usr/share/man/man3/_alpm_event_hook_run_t.3.gz
+usr/share/man/man3/_alpm_event_hook_t.3.gz
+usr/share/man/man3/_alpm_event_optdep_removal_t.3.gz
+usr/share/man/man3/_alpm_event_package_operation_t.3.gz
+usr/share/man/man3/_alpm_event_pacnew_created_t.3.gz
+usr/share/man/man3/_alpm_event_pacsave_created_t.3.gz
+usr/share/man/man3/_alpm_event_pkgdownload_t.3.gz
+usr/share/man/man3/_alpm_event_scriptlet_info_t.3.gz
+usr/share/man/man3/_alpm_event_t.3.gz
+usr/share/man/man3/_alpm_file_t.3.gz
+usr/share/man/man3/_alpm_fileconflict_t.3.gz
+usr/share/man/man3/_alpm_filelist_t.3.gz
+usr/share/man/man3/_alpm_group_t.3.gz
+usr/share/man/man3/_alpm_hook_cb_ctx.3.gz
+usr/share/man/man3/_alpm_hook_t.3.gz
+usr/share/man/man3/_alpm_pgpkey_t.3.gz
+usr/share/man/man3/_alpm_question_any_t.3.gz
+usr/share/man/man3/_alpm_question_conflict_t.3.gz
+usr/share/man/man3/_alpm_question_corrupted_t.3.gz
+usr/share/man/man3/_alpm_question_import_key_t.3.gz
+usr/share/man/man3/_alpm_question_install_ignorepkg_t.3.gz
+usr/share/man/man3/_alpm_question_remove_pkgs_t.3.gz
+usr/share/man/man3/_alpm_question_replace_t.3.gz
+usr/share/man/man3/_alpm_question_select_provider_t.3.gz
+usr/share/man/man3/_alpm_question_t.3.gz
+usr/share/man/man3/_alpm_siglist_t.3.gz
+usr/share/man/man3/_alpm_sigresult_t.3.gz
+usr/share/man/man3/_alpm_trigger_t.3.gz
+usr/share/man/man3/alpm_api.3.gz
+usr/share/man/man3/alpm_api_databases.3.gz
+usr/share/man/man3/alpm_api_depends.3.gz
+usr/share/man/man3/alpm_api_errors.3.gz
+usr/share/man/man3/alpm_api_options.3.gz
+usr/share/man/man3/alpm_api_packages.3.gz
+usr/share/man/man3/alpm_api_trans.3.gz
+usr/share/man/man3/alpm_databases.3.gz
+usr/share/man/man3/alpm_deltas.3.gz
+usr/share/man/man3/alpm_interface.3.gz
+usr/share/man/man3/alpm_list.3.gz
+usr/share/man/man3/alpm_log.3.gz
+usr/share/man/man3/alpm_misc.3.gz
+usr/share/man/man3/alpm_packages.3.gz
+usr/share/man/man3/alpm_trans.3.gz
+usr/share/man/man3/archive_read_buffer.3.gz
+usr/share/man/man3/base64.h.3.gz
+usr/share/man/man3/db_operations.3.gz
+usr/share/man/man3/dload_payload.3.gz
+usr/share/man/man3/libalpm.3.gz
+usr/share/man/man3/package_changelog.3.gz
+usr/share/man/man3/pkg_operations.3.gz
+usr/share/man/man5/
+usr/share/man/man5/alpm-hooks.5.gz
+usr/share/man/man5/BUILDINFO.5.gz
+usr/share/man/man5/makepkg.conf.5.gz
+usr/share/man/man5/pacman.conf.5.gz
+usr/share/man/man5/PKGBUILD.5.gz
+usr/share/man/man8/
+usr/share/man/man8/makepkg.8.gz
+usr/share/man/man8/pacman-key.8.gz
+usr/share/man/man8/pacman.8.gz
+usr/share/man/man8/pactree.8.gz
+usr/share/man/man8/pkgdelta.8.gz
+usr/share/man/man8/repo-add.8.gz
+usr/share/man/man8/repo-remove.8.gz
+usr/share/man/man8/vercmp.8.gz
+usr/share/pacman/
+usr/share/pacman/PKGBUILD-split.proto
+usr/share/pacman/PKGBUILD-vcs.proto
+usr/share/pacman/PKGBUILD.proto
+usr/share/pacman/proto.install
+usr/share/vim/
+usr/share/vim/vimfiles/
+usr/share/vim/vimfiles/ftdetect/
+usr/share/vim/vimfiles/ftdetect/PKGBUILD.vim
+usr/share/vim/vimfiles/syntax/
+usr/share/vim/vimfiles/syntax/PKGBUILD.vim
+usr/share/zsh/
+usr/share/zsh/site-functions/
+usr/share/zsh/site-functions/_pacman
+var/
+var/cache/
+var/cache/pacman/
+var/cache/pacman/pkg/
+var/lib/
+var/lib/pacman/
+
+%BACKUP%
+etc/pacman.conf	a74be5548ab4743ef05712ebff0b8472
+etc/makepkg.conf	9cfbdfc69fabd996a2042228cf56080e
+etc/makepkg_mingw32.conf	b31e665d3d3b2b0d30fe82012aafeb5c
+etc/makepkg_mingw64.conf	121f675a09c8a433a1aa0fe56922416b
+
diff --git a/msys2/var/lib/pacman/local/pacman-5.1.3-1/mtree b/msys2/var/lib/pacman/local/pacman-5.1.3-1/mtree
new file mode 100644
index 000000000..561c1f8e4
Binary files /dev/null and b/msys2/var/lib/pacman/local/pacman-5.1.3-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/pacman-mirrors-20180419-1/desc b/msys2/var/lib/pacman/local/pacman-mirrors-20180419-1/desc
deleted file mode 100644
index 80797482a..000000000
--- a/msys2/var/lib/pacman/local/pacman-mirrors-20180419-1/desc
+++ /dev/null
@@ -1,36 +0,0 @@
-%NAME%
-pacman-mirrors
-
-%VERSION%
-20180419-1
-
-%DESC%
-MSYS2 mirror list for use by pacman
-
-%URL%
-https://msys2.sourceforge.io/
-
-%ARCH%
-any
-
-%BUILDDATE%
-1524113071
-
-%INSTALLDATE%
-1527758877
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1024
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
diff --git a/msys2/var/lib/pacman/local/pacman-mirrors-20180419-1/mtree b/msys2/var/lib/pacman/local/pacman-mirrors-20180419-1/mtree
deleted file mode 100644
index 8830d82e8..000000000
Binary files a/msys2/var/lib/pacman/local/pacman-mirrors-20180419-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/pacman-mirrors-20180604-2/desc b/msys2/var/lib/pacman/local/pacman-mirrors-20180604-2/desc
new file mode 100644
index 000000000..3f271fd2d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pacman-mirrors-20180604-2/desc
@@ -0,0 +1,36 @@
+%NAME%
+pacman-mirrors
+
+%VERSION%
+20180604-2
+
+%DESC%
+MSYS2 mirror list for use by pacman
+
+%URL%
+https://msys2.sourceforge.io/
+
+%ARCH%
+any
+
+%BUILDDATE%
+1528359979
+
+%INSTALLDATE%
+1558699101
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1024
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
diff --git a/msys2/var/lib/pacman/local/pacman-mirrors-20180419-1/files b/msys2/var/lib/pacman/local/pacman-mirrors-20180604-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/pacman-mirrors-20180419-1/files
rename to msys2/var/lib/pacman/local/pacman-mirrors-20180604-2/files
diff --git a/msys2/var/lib/pacman/local/pacman-mirrors-20180604-2/mtree b/msys2/var/lib/pacman/local/pacman-mirrors-20180604-2/mtree
new file mode 100644
index 000000000..fbaab06d5
Binary files /dev/null and b/msys2/var/lib/pacman/local/pacman-mirrors-20180604-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/pactoys-git-r2.07ca37f-1/desc b/msys2/var/lib/pacman/local/pactoys-git-r2.07ca37f-1/desc
index 30a82b582..00de5e077 100644
--- a/msys2/var/lib/pacman/local/pactoys-git-r2.07ca37f-1/desc
+++ b/msys2/var/lib/pacman/local/pactoys-git-r2.07ca37f-1/desc
@@ -17,7 +17,7 @@ i686
 1467263746
 
 %INSTALLDATE%
-1527758881
+1558699105
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/pactoys-git-r2.07ca37f-1/files b/msys2/var/lib/pacman/local/pactoys-git-r2.07ca37f-1/files
index defc34f48..3873bbef4 100644
--- a/msys2/var/lib/pacman/local/pactoys-git-r2.07ca37f-1/files
+++ b/msys2/var/lib/pacman/local/pactoys-git-r2.07ca37f-1/files
@@ -13,9 +13,9 @@ usr/share/bash-completion/completions/
 usr/share/bash-completion/completions/pacboy
 usr/share/licenses/
 usr/share/licenses/pactoys/
-usr/share/licenses/pactoys/LICENSE
 usr/share/licenses/pactoys/inih/
 usr/share/licenses/pactoys/inih/LICENSE
+usr/share/licenses/pactoys/LICENSE
 usr/share/pactoys/
 usr/share/pactoys/library/
 usr/share/pactoys/library/default.sh
diff --git a/msys2/var/lib/pacman/local/pax-git-20161104.2-1/desc b/msys2/var/lib/pacman/local/pax-git-20161104.2-1/desc
index f358bb77e..295b5d28c 100644
--- a/msys2/var/lib/pacman/local/pax-git-20161104.2-1/desc
+++ b/msys2/var/lib/pacman/local/pax-git-20161104.2-1/desc
@@ -17,7 +17,7 @@ i686
 1496296093
 
 %INSTALLDATE%
-1527758881
+1558699105
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/local/pcre-8.40-2/desc b/msys2/var/lib/pacman/local/pcre-8.40-2/desc
deleted file mode 100644
index 924991283..000000000
--- a/msys2/var/lib/pacman/local/pcre-8.40-2/desc
+++ /dev/null
@@ -1,49 +0,0 @@
-%NAME%
-pcre
-
-%VERSION%
-8.40-2
-
-%BASE%
-pcre
-
-%DESC%
-A library that implements Perl 5-style regular expressions
-
-%URL%
-http://www.pcre.org/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1487154868
-
-%INSTALLDATE%
-1527758880
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-2140160
-
-%REASON%
-1
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libreadline
-libbz2
-zlib
-libpcre
-libpcre16
-libpcre32
-libpcrecpp
-libpcreposix
-
diff --git a/msys2/var/lib/pacman/local/pcre-8.40-2/files b/msys2/var/lib/pacman/local/pcre-8.40-2/files
deleted file mode 100644
index 03e471494..000000000
--- a/msys2/var/lib/pacman/local/pcre-8.40-2/files
+++ /dev/null
@@ -1,183 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/pcregrep.exe
-usr/bin/pcretest.exe
-usr/share/
-usr/share/doc/
-usr/share/doc/pcre/
-usr/share/doc/pcre/AUTHORS
-usr/share/doc/pcre/COPYING
-usr/share/doc/pcre/ChangeLog
-usr/share/doc/pcre/LICENCE
-usr/share/doc/pcre/NEWS
-usr/share/doc/pcre/README
-usr/share/doc/pcre/html/
-usr/share/doc/pcre/html/NON-AUTOTOOLS-BUILD.txt
-usr/share/doc/pcre/html/README.txt
-usr/share/doc/pcre/html/index.html
-usr/share/doc/pcre/html/pcre-config.html
-usr/share/doc/pcre/html/pcre.html
-usr/share/doc/pcre/html/pcre16.html
-usr/share/doc/pcre/html/pcre32.html
-usr/share/doc/pcre/html/pcre_assign_jit_stack.html
-usr/share/doc/pcre/html/pcre_compile.html
-usr/share/doc/pcre/html/pcre_compile2.html
-usr/share/doc/pcre/html/pcre_config.html
-usr/share/doc/pcre/html/pcre_copy_named_substring.html
-usr/share/doc/pcre/html/pcre_copy_substring.html
-usr/share/doc/pcre/html/pcre_dfa_exec.html
-usr/share/doc/pcre/html/pcre_exec.html
-usr/share/doc/pcre/html/pcre_free_study.html
-usr/share/doc/pcre/html/pcre_free_substring.html
-usr/share/doc/pcre/html/pcre_free_substring_list.html
-usr/share/doc/pcre/html/pcre_fullinfo.html
-usr/share/doc/pcre/html/pcre_get_named_substring.html
-usr/share/doc/pcre/html/pcre_get_stringnumber.html
-usr/share/doc/pcre/html/pcre_get_stringtable_entries.html
-usr/share/doc/pcre/html/pcre_get_substring.html
-usr/share/doc/pcre/html/pcre_get_substring_list.html
-usr/share/doc/pcre/html/pcre_jit_exec.html
-usr/share/doc/pcre/html/pcre_jit_stack_alloc.html
-usr/share/doc/pcre/html/pcre_jit_stack_free.html
-usr/share/doc/pcre/html/pcre_maketables.html
-usr/share/doc/pcre/html/pcre_pattern_to_host_byte_order.html
-usr/share/doc/pcre/html/pcre_refcount.html
-usr/share/doc/pcre/html/pcre_study.html
-usr/share/doc/pcre/html/pcre_utf16_to_host_byte_order.html
-usr/share/doc/pcre/html/pcre_utf32_to_host_byte_order.html
-usr/share/doc/pcre/html/pcre_version.html
-usr/share/doc/pcre/html/pcreapi.html
-usr/share/doc/pcre/html/pcrebuild.html
-usr/share/doc/pcre/html/pcrecallout.html
-usr/share/doc/pcre/html/pcrecompat.html
-usr/share/doc/pcre/html/pcrecpp.html
-usr/share/doc/pcre/html/pcredemo.html
-usr/share/doc/pcre/html/pcregrep.html
-usr/share/doc/pcre/html/pcrejit.html
-usr/share/doc/pcre/html/pcrelimits.html
-usr/share/doc/pcre/html/pcrematching.html
-usr/share/doc/pcre/html/pcrepartial.html
-usr/share/doc/pcre/html/pcrepattern.html
-usr/share/doc/pcre/html/pcreperform.html
-usr/share/doc/pcre/html/pcreposix.html
-usr/share/doc/pcre/html/pcreprecompile.html
-usr/share/doc/pcre/html/pcresample.html
-usr/share/doc/pcre/html/pcrestack.html
-usr/share/doc/pcre/html/pcresyntax.html
-usr/share/doc/pcre/html/pcretest.html
-usr/share/doc/pcre/html/pcreunicode.html
-usr/share/doc/pcre/pcre-config.txt
-usr/share/doc/pcre/pcre.txt
-usr/share/doc/pcre/pcregrep.txt
-usr/share/doc/pcre/pcretest.txt
-usr/share/licenses/
-usr/share/licenses/pcre/
-usr/share/licenses/pcre/LICENSE
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/pcre-config.1.gz
-usr/share/man/man1/pcregrep.1.gz
-usr/share/man/man1/pcretest.1.gz
-usr/share/man/man3/
-usr/share/man/man3/pcre.3.gz
-usr/share/man/man3/pcre16.3.gz
-usr/share/man/man3/pcre16_assign_jit_stack.3.gz
-usr/share/man/man3/pcre16_compile.3.gz
-usr/share/man/man3/pcre16_compile2.3.gz
-usr/share/man/man3/pcre16_config.3.gz
-usr/share/man/man3/pcre16_copy_named_substring.3.gz
-usr/share/man/man3/pcre16_copy_substring.3.gz
-usr/share/man/man3/pcre16_dfa_exec.3.gz
-usr/share/man/man3/pcre16_exec.3.gz
-usr/share/man/man3/pcre16_free_study.3.gz
-usr/share/man/man3/pcre16_free_substring.3.gz
-usr/share/man/man3/pcre16_free_substring_list.3.gz
-usr/share/man/man3/pcre16_fullinfo.3.gz
-usr/share/man/man3/pcre16_get_named_substring.3.gz
-usr/share/man/man3/pcre16_get_stringnumber.3.gz
-usr/share/man/man3/pcre16_get_stringtable_entries.3.gz
-usr/share/man/man3/pcre16_get_substring.3.gz
-usr/share/man/man3/pcre16_get_substring_list.3.gz
-usr/share/man/man3/pcre16_jit_exec.3.gz
-usr/share/man/man3/pcre16_jit_stack_alloc.3.gz
-usr/share/man/man3/pcre16_jit_stack_free.3.gz
-usr/share/man/man3/pcre16_maketables.3.gz
-usr/share/man/man3/pcre16_pattern_to_host_byte_order.3.gz
-usr/share/man/man3/pcre16_refcount.3.gz
-usr/share/man/man3/pcre16_study.3.gz
-usr/share/man/man3/pcre16_utf16_to_host_byte_order.3.gz
-usr/share/man/man3/pcre16_version.3.gz
-usr/share/man/man3/pcre32.3.gz
-usr/share/man/man3/pcre32_assign_jit_stack.3.gz
-usr/share/man/man3/pcre32_compile.3.gz
-usr/share/man/man3/pcre32_compile2.3.gz
-usr/share/man/man3/pcre32_config.3.gz
-usr/share/man/man3/pcre32_copy_named_substring.3.gz
-usr/share/man/man3/pcre32_copy_substring.3.gz
-usr/share/man/man3/pcre32_dfa_exec.3.gz
-usr/share/man/man3/pcre32_exec.3.gz
-usr/share/man/man3/pcre32_free_study.3.gz
-usr/share/man/man3/pcre32_free_substring.3.gz
-usr/share/man/man3/pcre32_free_substring_list.3.gz
-usr/share/man/man3/pcre32_fullinfo.3.gz
-usr/share/man/man3/pcre32_get_named_substring.3.gz
-usr/share/man/man3/pcre32_get_stringnumber.3.gz
-usr/share/man/man3/pcre32_get_stringtable_entries.3.gz
-usr/share/man/man3/pcre32_get_substring.3.gz
-usr/share/man/man3/pcre32_get_substring_list.3.gz
-usr/share/man/man3/pcre32_jit_exec.3.gz
-usr/share/man/man3/pcre32_jit_stack_alloc.3.gz
-usr/share/man/man3/pcre32_jit_stack_free.3.gz
-usr/share/man/man3/pcre32_maketables.3.gz
-usr/share/man/man3/pcre32_pattern_to_host_byte_order.3.gz
-usr/share/man/man3/pcre32_refcount.3.gz
-usr/share/man/man3/pcre32_study.3.gz
-usr/share/man/man3/pcre32_utf32_to_host_byte_order.3.gz
-usr/share/man/man3/pcre32_version.3.gz
-usr/share/man/man3/pcre_assign_jit_stack.3.gz
-usr/share/man/man3/pcre_compile.3.gz
-usr/share/man/man3/pcre_compile2.3.gz
-usr/share/man/man3/pcre_config.3.gz
-usr/share/man/man3/pcre_copy_named_substring.3.gz
-usr/share/man/man3/pcre_copy_substring.3.gz
-usr/share/man/man3/pcre_dfa_exec.3.gz
-usr/share/man/man3/pcre_exec.3.gz
-usr/share/man/man3/pcre_free_study.3.gz
-usr/share/man/man3/pcre_free_substring.3.gz
-usr/share/man/man3/pcre_free_substring_list.3.gz
-usr/share/man/man3/pcre_fullinfo.3.gz
-usr/share/man/man3/pcre_get_named_substring.3.gz
-usr/share/man/man3/pcre_get_stringnumber.3.gz
-usr/share/man/man3/pcre_get_stringtable_entries.3.gz
-usr/share/man/man3/pcre_get_substring.3.gz
-usr/share/man/man3/pcre_get_substring_list.3.gz
-usr/share/man/man3/pcre_jit_exec.3.gz
-usr/share/man/man3/pcre_jit_stack_alloc.3.gz
-usr/share/man/man3/pcre_jit_stack_free.3.gz
-usr/share/man/man3/pcre_maketables.3.gz
-usr/share/man/man3/pcre_pattern_to_host_byte_order.3.gz
-usr/share/man/man3/pcre_refcount.3.gz
-usr/share/man/man3/pcre_study.3.gz
-usr/share/man/man3/pcre_utf16_to_host_byte_order.3.gz
-usr/share/man/man3/pcre_utf32_to_host_byte_order.3.gz
-usr/share/man/man3/pcre_version.3.gz
-usr/share/man/man3/pcreapi.3.gz
-usr/share/man/man3/pcrebuild.3.gz
-usr/share/man/man3/pcrecallout.3.gz
-usr/share/man/man3/pcrecompat.3.gz
-usr/share/man/man3/pcrecpp.3.gz
-usr/share/man/man3/pcredemo.3.gz
-usr/share/man/man3/pcrejit.3.gz
-usr/share/man/man3/pcrelimits.3.gz
-usr/share/man/man3/pcrematching.3.gz
-usr/share/man/man3/pcrepartial.3.gz
-usr/share/man/man3/pcrepattern.3.gz
-usr/share/man/man3/pcreperform.3.gz
-usr/share/man/man3/pcreposix.3.gz
-usr/share/man/man3/pcreprecompile.3.gz
-usr/share/man/man3/pcresample.3.gz
-usr/share/man/man3/pcrestack.3.gz
-usr/share/man/man3/pcresyntax.3.gz
-usr/share/man/man3/pcreunicode.3.gz
-
diff --git a/msys2/var/lib/pacman/local/pcre-8.40-2/mtree b/msys2/var/lib/pacman/local/pcre-8.40-2/mtree
deleted file mode 100644
index 7869899a1..000000000
Binary files a/msys2/var/lib/pacman/local/pcre-8.40-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/pcre-8.43-2/desc b/msys2/var/lib/pacman/local/pcre-8.43-2/desc
new file mode 100644
index 000000000..748d5f087
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pcre-8.43-2/desc
@@ -0,0 +1,49 @@
+%NAME%
+pcre
+
+%VERSION%
+8.43-2
+
+%BASE%
+pcre
+
+%DESC%
+A library that implements Perl 5-style regular expressions
+
+%URL%
+https://www.pcre.org/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556605191
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+2152448
+
+%REASON%
+1
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libreadline
+libbz2
+zlib
+libpcre
+libpcre16
+libpcre32
+libpcrecpp
+libpcreposix
+
diff --git a/msys2/var/lib/pacman/local/pcre-8.43-2/files b/msys2/var/lib/pacman/local/pcre-8.43-2/files
new file mode 100644
index 000000000..7518b800f
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pcre-8.43-2/files
@@ -0,0 +1,183 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/pcregrep.exe
+usr/bin/pcretest.exe
+usr/share/
+usr/share/doc/
+usr/share/doc/pcre/
+usr/share/doc/pcre/AUTHORS
+usr/share/doc/pcre/ChangeLog
+usr/share/doc/pcre/COPYING
+usr/share/doc/pcre/html/
+usr/share/doc/pcre/html/index.html
+usr/share/doc/pcre/html/NON-AUTOTOOLS-BUILD.txt
+usr/share/doc/pcre/html/pcre-config.html
+usr/share/doc/pcre/html/pcre.html
+usr/share/doc/pcre/html/pcre16.html
+usr/share/doc/pcre/html/pcre32.html
+usr/share/doc/pcre/html/pcre_assign_jit_stack.html
+usr/share/doc/pcre/html/pcre_compile.html
+usr/share/doc/pcre/html/pcre_compile2.html
+usr/share/doc/pcre/html/pcre_config.html
+usr/share/doc/pcre/html/pcre_copy_named_substring.html
+usr/share/doc/pcre/html/pcre_copy_substring.html
+usr/share/doc/pcre/html/pcre_dfa_exec.html
+usr/share/doc/pcre/html/pcre_exec.html
+usr/share/doc/pcre/html/pcre_free_study.html
+usr/share/doc/pcre/html/pcre_free_substring.html
+usr/share/doc/pcre/html/pcre_free_substring_list.html
+usr/share/doc/pcre/html/pcre_fullinfo.html
+usr/share/doc/pcre/html/pcre_get_named_substring.html
+usr/share/doc/pcre/html/pcre_get_stringnumber.html
+usr/share/doc/pcre/html/pcre_get_stringtable_entries.html
+usr/share/doc/pcre/html/pcre_get_substring.html
+usr/share/doc/pcre/html/pcre_get_substring_list.html
+usr/share/doc/pcre/html/pcre_jit_exec.html
+usr/share/doc/pcre/html/pcre_jit_stack_alloc.html
+usr/share/doc/pcre/html/pcre_jit_stack_free.html
+usr/share/doc/pcre/html/pcre_maketables.html
+usr/share/doc/pcre/html/pcre_pattern_to_host_byte_order.html
+usr/share/doc/pcre/html/pcre_refcount.html
+usr/share/doc/pcre/html/pcre_study.html
+usr/share/doc/pcre/html/pcre_utf16_to_host_byte_order.html
+usr/share/doc/pcre/html/pcre_utf32_to_host_byte_order.html
+usr/share/doc/pcre/html/pcre_version.html
+usr/share/doc/pcre/html/pcreapi.html
+usr/share/doc/pcre/html/pcrebuild.html
+usr/share/doc/pcre/html/pcrecallout.html
+usr/share/doc/pcre/html/pcrecompat.html
+usr/share/doc/pcre/html/pcrecpp.html
+usr/share/doc/pcre/html/pcredemo.html
+usr/share/doc/pcre/html/pcregrep.html
+usr/share/doc/pcre/html/pcrejit.html
+usr/share/doc/pcre/html/pcrelimits.html
+usr/share/doc/pcre/html/pcrematching.html
+usr/share/doc/pcre/html/pcrepartial.html
+usr/share/doc/pcre/html/pcrepattern.html
+usr/share/doc/pcre/html/pcreperform.html
+usr/share/doc/pcre/html/pcreposix.html
+usr/share/doc/pcre/html/pcreprecompile.html
+usr/share/doc/pcre/html/pcresample.html
+usr/share/doc/pcre/html/pcrestack.html
+usr/share/doc/pcre/html/pcresyntax.html
+usr/share/doc/pcre/html/pcretest.html
+usr/share/doc/pcre/html/pcreunicode.html
+usr/share/doc/pcre/html/README.txt
+usr/share/doc/pcre/LICENCE
+usr/share/doc/pcre/NEWS
+usr/share/doc/pcre/pcre-config.txt
+usr/share/doc/pcre/pcre.txt
+usr/share/doc/pcre/pcregrep.txt
+usr/share/doc/pcre/pcretest.txt
+usr/share/doc/pcre/README
+usr/share/licenses/
+usr/share/licenses/pcre/
+usr/share/licenses/pcre/LICENSE
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/pcre-config.1.gz
+usr/share/man/man1/pcregrep.1.gz
+usr/share/man/man1/pcretest.1.gz
+usr/share/man/man3/
+usr/share/man/man3/pcre.3.gz
+usr/share/man/man3/pcre16.3.gz
+usr/share/man/man3/pcre16_assign_jit_stack.3.gz
+usr/share/man/man3/pcre16_compile.3.gz
+usr/share/man/man3/pcre16_compile2.3.gz
+usr/share/man/man3/pcre16_config.3.gz
+usr/share/man/man3/pcre16_copy_named_substring.3.gz
+usr/share/man/man3/pcre16_copy_substring.3.gz
+usr/share/man/man3/pcre16_dfa_exec.3.gz
+usr/share/man/man3/pcre16_exec.3.gz
+usr/share/man/man3/pcre16_free_study.3.gz
+usr/share/man/man3/pcre16_free_substring.3.gz
+usr/share/man/man3/pcre16_free_substring_list.3.gz
+usr/share/man/man3/pcre16_fullinfo.3.gz
+usr/share/man/man3/pcre16_get_named_substring.3.gz
+usr/share/man/man3/pcre16_get_stringnumber.3.gz
+usr/share/man/man3/pcre16_get_stringtable_entries.3.gz
+usr/share/man/man3/pcre16_get_substring.3.gz
+usr/share/man/man3/pcre16_get_substring_list.3.gz
+usr/share/man/man3/pcre16_jit_exec.3.gz
+usr/share/man/man3/pcre16_jit_stack_alloc.3.gz
+usr/share/man/man3/pcre16_jit_stack_free.3.gz
+usr/share/man/man3/pcre16_maketables.3.gz
+usr/share/man/man3/pcre16_pattern_to_host_byte_order.3.gz
+usr/share/man/man3/pcre16_refcount.3.gz
+usr/share/man/man3/pcre16_study.3.gz
+usr/share/man/man3/pcre16_utf16_to_host_byte_order.3.gz
+usr/share/man/man3/pcre16_version.3.gz
+usr/share/man/man3/pcre32.3.gz
+usr/share/man/man3/pcre32_assign_jit_stack.3.gz
+usr/share/man/man3/pcre32_compile.3.gz
+usr/share/man/man3/pcre32_compile2.3.gz
+usr/share/man/man3/pcre32_config.3.gz
+usr/share/man/man3/pcre32_copy_named_substring.3.gz
+usr/share/man/man3/pcre32_copy_substring.3.gz
+usr/share/man/man3/pcre32_dfa_exec.3.gz
+usr/share/man/man3/pcre32_exec.3.gz
+usr/share/man/man3/pcre32_free_study.3.gz
+usr/share/man/man3/pcre32_free_substring.3.gz
+usr/share/man/man3/pcre32_free_substring_list.3.gz
+usr/share/man/man3/pcre32_fullinfo.3.gz
+usr/share/man/man3/pcre32_get_named_substring.3.gz
+usr/share/man/man3/pcre32_get_stringnumber.3.gz
+usr/share/man/man3/pcre32_get_stringtable_entries.3.gz
+usr/share/man/man3/pcre32_get_substring.3.gz
+usr/share/man/man3/pcre32_get_substring_list.3.gz
+usr/share/man/man3/pcre32_jit_exec.3.gz
+usr/share/man/man3/pcre32_jit_stack_alloc.3.gz
+usr/share/man/man3/pcre32_jit_stack_free.3.gz
+usr/share/man/man3/pcre32_maketables.3.gz
+usr/share/man/man3/pcre32_pattern_to_host_byte_order.3.gz
+usr/share/man/man3/pcre32_refcount.3.gz
+usr/share/man/man3/pcre32_study.3.gz
+usr/share/man/man3/pcre32_utf32_to_host_byte_order.3.gz
+usr/share/man/man3/pcre32_version.3.gz
+usr/share/man/man3/pcre_assign_jit_stack.3.gz
+usr/share/man/man3/pcre_compile.3.gz
+usr/share/man/man3/pcre_compile2.3.gz
+usr/share/man/man3/pcre_config.3.gz
+usr/share/man/man3/pcre_copy_named_substring.3.gz
+usr/share/man/man3/pcre_copy_substring.3.gz
+usr/share/man/man3/pcre_dfa_exec.3.gz
+usr/share/man/man3/pcre_exec.3.gz
+usr/share/man/man3/pcre_free_study.3.gz
+usr/share/man/man3/pcre_free_substring.3.gz
+usr/share/man/man3/pcre_free_substring_list.3.gz
+usr/share/man/man3/pcre_fullinfo.3.gz
+usr/share/man/man3/pcre_get_named_substring.3.gz
+usr/share/man/man3/pcre_get_stringnumber.3.gz
+usr/share/man/man3/pcre_get_stringtable_entries.3.gz
+usr/share/man/man3/pcre_get_substring.3.gz
+usr/share/man/man3/pcre_get_substring_list.3.gz
+usr/share/man/man3/pcre_jit_exec.3.gz
+usr/share/man/man3/pcre_jit_stack_alloc.3.gz
+usr/share/man/man3/pcre_jit_stack_free.3.gz
+usr/share/man/man3/pcre_maketables.3.gz
+usr/share/man/man3/pcre_pattern_to_host_byte_order.3.gz
+usr/share/man/man3/pcre_refcount.3.gz
+usr/share/man/man3/pcre_study.3.gz
+usr/share/man/man3/pcre_utf16_to_host_byte_order.3.gz
+usr/share/man/man3/pcre_utf32_to_host_byte_order.3.gz
+usr/share/man/man3/pcre_version.3.gz
+usr/share/man/man3/pcreapi.3.gz
+usr/share/man/man3/pcrebuild.3.gz
+usr/share/man/man3/pcrecallout.3.gz
+usr/share/man/man3/pcrecompat.3.gz
+usr/share/man/man3/pcrecpp.3.gz
+usr/share/man/man3/pcredemo.3.gz
+usr/share/man/man3/pcrejit.3.gz
+usr/share/man/man3/pcrelimits.3.gz
+usr/share/man/man3/pcrematching.3.gz
+usr/share/man/man3/pcrepartial.3.gz
+usr/share/man/man3/pcrepattern.3.gz
+usr/share/man/man3/pcreperform.3.gz
+usr/share/man/man3/pcreposix.3.gz
+usr/share/man/man3/pcreprecompile.3.gz
+usr/share/man/man3/pcresample.3.gz
+usr/share/man/man3/pcrestack.3.gz
+usr/share/man/man3/pcresyntax.3.gz
+usr/share/man/man3/pcreunicode.3.gz
+
diff --git a/msys2/var/lib/pacman/local/pcre-8.43-2/mtree b/msys2/var/lib/pacman/local/pcre-8.43-2/mtree
new file mode 100644
index 000000000..2bfefd8a1
Binary files /dev/null and b/msys2/var/lib/pacman/local/pcre-8.43-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/pinentry-1.1.0-2/desc b/msys2/var/lib/pacman/local/pinentry-1.1.0-2/desc
new file mode 100644
index 000000000..c53c334af
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pinentry-1.1.0-2/desc
@@ -0,0 +1,44 @@
+%NAME%
+pinentry
+
+%VERSION%
+1.1.0-2
+
+%BASE%
+pinentry
+
+%DESC%
+A collection of simple PIN or passphrase entry dialogs which utilize the Assuan protocol
+
+%URL%
+https://gnupg.org/related_software/pinentry/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1529988085
+
+%INSTALLDATE%
+1558699100
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+171008
+
+%REASON%
+1
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+ncurses
+libassuan
+libgpg-error
+
diff --git a/msys2/var/lib/pacman/local/pinentry-1.1.0-2/files b/msys2/var/lib/pacman/local/pinentry-1.1.0-2/files
new file mode 100644
index 000000000..b3baa8651
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pinentry-1.1.0-2/files
@@ -0,0 +1,9 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/pinentry-w32.exe
+usr/bin/pinentry.exe
+usr/share/
+usr/share/info/
+usr/share/info/pinentry.info.gz
+
diff --git a/msys2/var/lib/pacman/local/pinentry-1.1.0-2/install b/msys2/var/lib/pacman/local/pinentry-1.1.0-2/install
new file mode 100644
index 000000000..fddb1e764
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pinentry-1.1.0-2/install
@@ -0,0 +1,20 @@
+info_dir=usr/share/info
+info_files="pinentry.info"
+
+post_install() {
+  [ -x usr/bin/install-info ] || return 0
+  for f in ${info_files}; do
+    usr/bin/install-info ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null
+  done
+}
+
+post_upgrade() {
+  post_install $1
+}
+
+pre_remove() {
+  [ -x usr/bin/install-info ] || return 0
+  for f in $info_files; do
+    usr/bin/install-info --delete ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null
+  done
+}
diff --git a/msys2/var/lib/pacman/local/pinentry-1.1.0-2/mtree b/msys2/var/lib/pacman/local/pinentry-1.1.0-2/mtree
new file mode 100644
index 000000000..f30d333ad
Binary files /dev/null and b/msys2/var/lib/pacman/local/pinentry-1.1.0-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/pkgfile-17-1/desc b/msys2/var/lib/pacman/local/pkgfile-17-1/desc
deleted file mode 100644
index e0fa5f775..000000000
--- a/msys2/var/lib/pacman/local/pkgfile-17-1/desc
+++ /dev/null
@@ -1,43 +0,0 @@
-%NAME%
-pkgfile
-
-%VERSION%
-17-1
-
-%DESC%
-A pacman .files metadata explorer
-
-%URL%
-https://github.com/falconindy/pkgfile
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1496294400
-
-%INSTALLDATE%
-1527758880
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-51200
-
-%GROUPS%
-base
-base-devel
-
-%LICENSE%
-MIT
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libarchive
-curl
-pcre
-pacman
-
diff --git a/msys2/var/lib/pacman/local/pkgfile-17-1/mtree b/msys2/var/lib/pacman/local/pkgfile-17-1/mtree
deleted file mode 100644
index d98f17b8a..000000000
Binary files a/msys2/var/lib/pacman/local/pkgfile-17-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/pkgfile-19-1/desc b/msys2/var/lib/pacman/local/pkgfile-19-1/desc
new file mode 100644
index 000000000..9a72595f9
--- /dev/null
+++ b/msys2/var/lib/pacman/local/pkgfile-19-1/desc
@@ -0,0 +1,46 @@
+%NAME%
+pkgfile
+
+%VERSION%
+19-1
+
+%BASE%
+pkgfile
+
+%DESC%
+A pacman .files metadata explorer
+
+%URL%
+https://github.com/falconindy/pkgfile
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1543216705
+
+%INSTALLDATE%
+1558699104
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+52224
+
+%GROUPS%
+base
+base-devel
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libarchive
+curl
+pcre
+pacman
+
diff --git a/msys2/var/lib/pacman/local/pkgfile-17-1/files b/msys2/var/lib/pacman/local/pkgfile-19-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/pkgfile-17-1/files
rename to msys2/var/lib/pacman/local/pkgfile-19-1/files
diff --git a/msys2/var/lib/pacman/local/pkgfile-17-1/install b/msys2/var/lib/pacman/local/pkgfile-19-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/pkgfile-17-1/install
rename to msys2/var/lib/pacman/local/pkgfile-19-1/install
diff --git a/msys2/var/lib/pacman/local/pkgfile-19-1/mtree b/msys2/var/lib/pacman/local/pkgfile-19-1/mtree
new file mode 100644
index 000000000..da306f403
Binary files /dev/null and b/msys2/var/lib/pacman/local/pkgfile-19-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/rebase-4.4.2-1/desc b/msys2/var/lib/pacman/local/rebase-4.4.2-1/desc
deleted file mode 100644
index a303fd29a..000000000
--- a/msys2/var/lib/pacman/local/rebase-4.4.2-1/desc
+++ /dev/null
@@ -1,40 +0,0 @@
-%NAME%
-rebase
-
-%VERSION%
-4.4.2-1
-
-%DESC%
-The Cygwin rebase distribution contains four utilities, rebase, rebaseall, peflags, and peflagsall.
-
-%URL%
-https://www.cygwin.com/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1459316735
-
-%INSTALLDATE%
-1527758881
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1025024
-
-%GROUPS%
-base
-
-%LICENSE%
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-runtime
-dash
-
diff --git a/msys2/var/lib/pacman/local/rebase-4.4.2-1/mtree b/msys2/var/lib/pacman/local/rebase-4.4.2-1/mtree
deleted file mode 100644
index 81f977b35..000000000
Binary files a/msys2/var/lib/pacman/local/rebase-4.4.2-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/rebase-4.4.4-1/desc b/msys2/var/lib/pacman/local/rebase-4.4.4-1/desc
new file mode 100644
index 000000000..a8b435a0d
--- /dev/null
+++ b/msys2/var/lib/pacman/local/rebase-4.4.4-1/desc
@@ -0,0 +1,43 @@
+%NAME%
+rebase
+
+%VERSION%
+4.4.4-1
+
+%BASE%
+rebase
+
+%DESC%
+The Cygwin rebase distribution contains four utilities, rebase, rebaseall, peflags, and peflagsall
+
+%URL%
+https://www.cygwin.com/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1532685902
+
+%INSTALLDATE%
+1558699105
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1011712
+
+%GROUPS%
+base
+
+%LICENSE%
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+dash
+
diff --git a/msys2/var/lib/pacman/local/rebase-4.4.2-1/files b/msys2/var/lib/pacman/local/rebase-4.4.4-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/rebase-4.4.2-1/files
rename to msys2/var/lib/pacman/local/rebase-4.4.4-1/files
diff --git a/msys2/var/lib/pacman/local/rebase-4.4.4-1/mtree b/msys2/var/lib/pacman/local/rebase-4.4.4-1/mtree
new file mode 100644
index 000000000..f006c731a
Binary files /dev/null and b/msys2/var/lib/pacman/local/rebase-4.4.4-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/sed-4.4-2/desc b/msys2/var/lib/pacman/local/sed-4.4-2/desc
deleted file mode 100644
index 34fc2e382..000000000
--- a/msys2/var/lib/pacman/local/sed-4.4-2/desc
+++ /dev/null
@@ -1,41 +0,0 @@
-%NAME%
-sed
-
-%VERSION%
-4.4-2
-
-%DESC%
-GNU stream editor
-
-%URL%
-https://www.gnu.org/software/sed
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1487877747
-
-%INSTALLDATE%
-1527758864
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-657408
-
-%GROUPS%
-base
-base-devel
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libintl
-sh
-
diff --git a/msys2/var/lib/pacman/local/sed-4.4-2/mtree b/msys2/var/lib/pacman/local/sed-4.4-2/mtree
deleted file mode 100644
index 45414aa4e..000000000
Binary files a/msys2/var/lib/pacman/local/sed-4.4-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/sed-4.7-1/desc b/msys2/var/lib/pacman/local/sed-4.7-1/desc
new file mode 100644
index 000000000..0cedef490
--- /dev/null
+++ b/msys2/var/lib/pacman/local/sed-4.7-1/desc
@@ -0,0 +1,44 @@
+%NAME%
+sed
+
+%VERSION%
+4.7-1
+
+%BASE%
+sed
+
+%DESC%
+GNU stream editor
+
+%URL%
+https://www.gnu.org/software/sed
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1545810161
+
+%INSTALLDATE%
+1558699087
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+715776
+
+%GROUPS%
+base
+base-devel
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libintl
+sh
+
diff --git a/msys2/var/lib/pacman/local/sed-4.4-2/files b/msys2/var/lib/pacman/local/sed-4.7-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/sed-4.4-2/files
rename to msys2/var/lib/pacman/local/sed-4.7-1/files
diff --git a/msys2/var/lib/pacman/local/sed-4.4-2/install b/msys2/var/lib/pacman/local/sed-4.7-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/sed-4.4-2/install
rename to msys2/var/lib/pacman/local/sed-4.7-1/install
diff --git a/msys2/var/lib/pacman/local/sed-4.7-1/mtree b/msys2/var/lib/pacman/local/sed-4.7-1/mtree
new file mode 100644
index 000000000..73354515a
Binary files /dev/null and b/msys2/var/lib/pacman/local/sed-4.7-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/tftp-hpa-5.2-2/desc b/msys2/var/lib/pacman/local/tftp-hpa-5.2-2/desc
deleted file mode 100644
index 1234de3f4..000000000
--- a/msys2/var/lib/pacman/local/tftp-hpa-5.2-2/desc
+++ /dev/null
@@ -1,39 +0,0 @@
-%NAME%
-tftp-hpa
-
-%VERSION%
-5.2-2
-
-%DESC%
-Official tftp server
-
-%URL%
-https://www.kernel.org/pub/software/network/tftp/tftp-hpa/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1519017355
-
-%INSTALLDATE%
-1527758876
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-36864
-
-%GROUPS%
-base
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-libreadline>=6.0.00
-
diff --git a/msys2/var/lib/pacman/local/tftp-hpa-5.2-2/mtree b/msys2/var/lib/pacman/local/tftp-hpa-5.2-2/mtree
deleted file mode 100644
index 18dc5c50d..000000000
Binary files a/msys2/var/lib/pacman/local/tftp-hpa-5.2-2/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/tftp-hpa-5.2-3/desc b/msys2/var/lib/pacman/local/tftp-hpa-5.2-3/desc
new file mode 100644
index 000000000..320d61e00
--- /dev/null
+++ b/msys2/var/lib/pacman/local/tftp-hpa-5.2-3/desc
@@ -0,0 +1,42 @@
+%NAME%
+tftp-hpa
+
+%VERSION%
+5.2-3
+
+%BASE%
+tftp-hpa
+
+%DESC%
+Official tftp server
+
+%URL%
+https://www.kernel.org/pub/software/network/tftp/tftp-hpa/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556608860
+
+%INSTALLDATE%
+1558699098
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+37888
+
+%GROUPS%
+base
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+libreadline>=6.0.00
+
diff --git a/msys2/var/lib/pacman/local/tftp-hpa-5.2-2/files b/msys2/var/lib/pacman/local/tftp-hpa-5.2-3/files
similarity index 100%
rename from msys2/var/lib/pacman/local/tftp-hpa-5.2-2/files
rename to msys2/var/lib/pacman/local/tftp-hpa-5.2-3/files
diff --git a/msys2/var/lib/pacman/local/tftp-hpa-5.2-3/mtree b/msys2/var/lib/pacman/local/tftp-hpa-5.2-3/mtree
new file mode 100644
index 000000000..7cd31a8d6
Binary files /dev/null and b/msys2/var/lib/pacman/local/tftp-hpa-5.2-3/mtree differ
diff --git a/msys2/var/lib/pacman/local/time-1.7-1/desc b/msys2/var/lib/pacman/local/time-1.7-1/desc
deleted file mode 100644
index 7741f217b..000000000
--- a/msys2/var/lib/pacman/local/time-1.7-1/desc
+++ /dev/null
@@ -1,39 +0,0 @@
-%NAME%
-time
-
-%VERSION%
-1.7-1
-
-%DESC%
-Utility for monitoring a program's use of system resources
-
-%URL%
-http://www.gnu.org/directory/time.html
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1414443121
-
-%INSTALLDATE%
-1527758881
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-25600
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-msys2-runtime
-
diff --git a/msys2/var/lib/pacman/local/time-1.7-1/mtree b/msys2/var/lib/pacman/local/time-1.7-1/mtree
deleted file mode 100644
index 45581bf48..000000000
Binary files a/msys2/var/lib/pacman/local/time-1.7-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/time-1.9-1/desc b/msys2/var/lib/pacman/local/time-1.9-1/desc
new file mode 100644
index 000000000..1483d962c
--- /dev/null
+++ b/msys2/var/lib/pacman/local/time-1.9-1/desc
@@ -0,0 +1,42 @@
+%NAME%
+time
+
+%VERSION%
+1.9-1
+
+%BASE%
+time
+
+%DESC%
+Utility for monitoring a program's use of system resources
+
+%URL%
+https://www.gnu.org/directory/time.html
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1532686696
+
+%INSTALLDATE%
+1558699105
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+36864
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+msys2-runtime
+
diff --git a/msys2/var/lib/pacman/local/time-1.7-1/files b/msys2/var/lib/pacman/local/time-1.9-1/files
similarity index 100%
rename from msys2/var/lib/pacman/local/time-1.7-1/files
rename to msys2/var/lib/pacman/local/time-1.9-1/files
diff --git a/msys2/var/lib/pacman/local/time-1.9-1/mtree b/msys2/var/lib/pacman/local/time-1.9-1/mtree
new file mode 100644
index 000000000..aa536f972
Binary files /dev/null and b/msys2/var/lib/pacman/local/time-1.9-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/ttyrec-1.0.8-1/desc b/msys2/var/lib/pacman/local/ttyrec-1.0.8-1/desc
deleted file mode 100644
index 00400026d..000000000
--- a/msys2/var/lib/pacman/local/ttyrec-1.0.8-1/desc
+++ /dev/null
@@ -1,40 +0,0 @@
-%NAME%
-ttyrec
-
-%VERSION%
-1.0.8-1
-
-%DESC%
-A tty recorder
-
-%URL%
-http://0xcc.net/ttyrec/index.html.en
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1456381087
-
-%INSTALLDATE%
-1527758881
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-43008
-
-%GROUPS%
-base
-base-devel
-
-%LICENSE%
-BSD
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-sh
-
diff --git a/msys2/var/lib/pacman/local/ttyrec-1.0.8-1/mtree b/msys2/var/lib/pacman/local/ttyrec-1.0.8-1/mtree
deleted file mode 100644
index ede15d308..000000000
Binary files a/msys2/var/lib/pacman/local/ttyrec-1.0.8-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/ttyrec-1.0.8-2/desc b/msys2/var/lib/pacman/local/ttyrec-1.0.8-2/desc
new file mode 100644
index 000000000..71512760e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/ttyrec-1.0.8-2/desc
@@ -0,0 +1,43 @@
+%NAME%
+ttyrec
+
+%VERSION%
+1.0.8-2
+
+%BASE%
+ttyrec
+
+%DESC%
+A tty recorder
+
+%URL%
+http://0xcc.net/ttyrec/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1533199291
+
+%INSTALLDATE%
+1558699105
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+45056
+
+%GROUPS%
+base
+base-devel
+
+%LICENSE%
+BSD
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+sh
+
diff --git a/msys2/var/lib/pacman/local/ttyrec-1.0.8-1/files b/msys2/var/lib/pacman/local/ttyrec-1.0.8-2/files
similarity index 100%
rename from msys2/var/lib/pacman/local/ttyrec-1.0.8-1/files
rename to msys2/var/lib/pacman/local/ttyrec-1.0.8-2/files
diff --git a/msys2/var/lib/pacman/local/ttyrec-1.0.8-2/mtree b/msys2/var/lib/pacman/local/ttyrec-1.0.8-2/mtree
new file mode 100644
index 000000000..2bf1e228e
Binary files /dev/null and b/msys2/var/lib/pacman/local/ttyrec-1.0.8-2/mtree differ
diff --git a/msys2/var/lib/pacman/local/tzcode-2018.c-1/desc b/msys2/var/lib/pacman/local/tzcode-2018.c-1/desc
deleted file mode 100644
index 420789c54..000000000
--- a/msys2/var/lib/pacman/local/tzcode-2018.c-1/desc
+++ /dev/null
@@ -1,41 +0,0 @@
-%NAME%
-tzcode
-
-%VERSION%
-2018.c-1
-
-%DESC%
-Sources for time zone and daylight saving time data
-
-%URL%
-https://www.iana.org/time-zones
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1516857511
-
-%INSTALLDATE%
-1527758894
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1894400
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-coreutils
-gawk
-sed
-
diff --git a/msys2/var/lib/pacman/local/tzcode-2018.c-1/files b/msys2/var/lib/pacman/local/tzcode-2018.c-1/files
deleted file mode 100644
index db6517f10..000000000
--- a/msys2/var/lib/pacman/local/tzcode-2018.c-1/files
+++ /dev/null
@@ -1,1870 +0,0 @@
-%FILES%
-etc/
-etc/localtime
-usr/
-usr/bin/
-usr/bin/tzselect
-usr/bin/zdump.exe
-usr/bin/zic.exe
-usr/lib/
-usr/lib/libtz.a
-usr/share/
-usr/share/man/
-usr/share/man/man3/
-usr/share/man/man3/newctime.3.gz
-usr/share/man/man3/newtzset.3.gz
-usr/share/man/man5/
-usr/share/man/man5/tzfile.5.gz
-usr/share/man/man8/
-usr/share/man/man8/tzselect.8.gz
-usr/share/man/man8/zdump.8.gz
-usr/share/man/man8/zic.8.gz
-usr/share/zoneinfo/
-usr/share/zoneinfo/Africa/
-usr/share/zoneinfo/Africa/Abidjan
-usr/share/zoneinfo/Africa/Accra
-usr/share/zoneinfo/Africa/Addis_Ababa
-usr/share/zoneinfo/Africa/Algiers
-usr/share/zoneinfo/Africa/Asmara
-usr/share/zoneinfo/Africa/Asmera
-usr/share/zoneinfo/Africa/Bamako
-usr/share/zoneinfo/Africa/Bangui
-usr/share/zoneinfo/Africa/Banjul
-usr/share/zoneinfo/Africa/Bissau
-usr/share/zoneinfo/Africa/Blantyre
-usr/share/zoneinfo/Africa/Brazzaville
-usr/share/zoneinfo/Africa/Bujumbura
-usr/share/zoneinfo/Africa/Cairo
-usr/share/zoneinfo/Africa/Casablanca
-usr/share/zoneinfo/Africa/Ceuta
-usr/share/zoneinfo/Africa/Conakry
-usr/share/zoneinfo/Africa/Dakar
-usr/share/zoneinfo/Africa/Dar_es_Salaam
-usr/share/zoneinfo/Africa/Djibouti
-usr/share/zoneinfo/Africa/Douala
-usr/share/zoneinfo/Africa/El_Aaiun
-usr/share/zoneinfo/Africa/Freetown
-usr/share/zoneinfo/Africa/Gaborone
-usr/share/zoneinfo/Africa/Harare
-usr/share/zoneinfo/Africa/Johannesburg
-usr/share/zoneinfo/Africa/Juba
-usr/share/zoneinfo/Africa/Kampala
-usr/share/zoneinfo/Africa/Khartoum
-usr/share/zoneinfo/Africa/Kigali
-usr/share/zoneinfo/Africa/Kinshasa
-usr/share/zoneinfo/Africa/Lagos
-usr/share/zoneinfo/Africa/Libreville
-usr/share/zoneinfo/Africa/Lome
-usr/share/zoneinfo/Africa/Luanda
-usr/share/zoneinfo/Africa/Lubumbashi
-usr/share/zoneinfo/Africa/Lusaka
-usr/share/zoneinfo/Africa/Malabo
-usr/share/zoneinfo/Africa/Maputo
-usr/share/zoneinfo/Africa/Maseru
-usr/share/zoneinfo/Africa/Mbabane
-usr/share/zoneinfo/Africa/Mogadishu
-usr/share/zoneinfo/Africa/Monrovia
-usr/share/zoneinfo/Africa/Nairobi
-usr/share/zoneinfo/Africa/Ndjamena
-usr/share/zoneinfo/Africa/Niamey
-usr/share/zoneinfo/Africa/Nouakchott
-usr/share/zoneinfo/Africa/Ouagadougou
-usr/share/zoneinfo/Africa/Porto-Novo
-usr/share/zoneinfo/Africa/Sao_Tome
-usr/share/zoneinfo/Africa/Timbuktu
-usr/share/zoneinfo/Africa/Tripoli
-usr/share/zoneinfo/Africa/Tunis
-usr/share/zoneinfo/Africa/Windhoek
-usr/share/zoneinfo/America/
-usr/share/zoneinfo/America/Adak
-usr/share/zoneinfo/America/Anchorage
-usr/share/zoneinfo/America/Anguilla
-usr/share/zoneinfo/America/Antigua
-usr/share/zoneinfo/America/Araguaina
-usr/share/zoneinfo/America/Argentina/
-usr/share/zoneinfo/America/Argentina/Buenos_Aires
-usr/share/zoneinfo/America/Argentina/Catamarca
-usr/share/zoneinfo/America/Argentina/ComodRivadavia
-usr/share/zoneinfo/America/Argentina/Cordoba
-usr/share/zoneinfo/America/Argentina/Jujuy
-usr/share/zoneinfo/America/Argentina/La_Rioja
-usr/share/zoneinfo/America/Argentina/Mendoza
-usr/share/zoneinfo/America/Argentina/Rio_Gallegos
-usr/share/zoneinfo/America/Argentina/Salta
-usr/share/zoneinfo/America/Argentina/San_Juan
-usr/share/zoneinfo/America/Argentina/San_Luis
-usr/share/zoneinfo/America/Argentina/Tucuman
-usr/share/zoneinfo/America/Argentina/Ushuaia
-usr/share/zoneinfo/America/Aruba
-usr/share/zoneinfo/America/Asuncion
-usr/share/zoneinfo/America/Atikokan
-usr/share/zoneinfo/America/Atka
-usr/share/zoneinfo/America/Bahia
-usr/share/zoneinfo/America/Bahia_Banderas
-usr/share/zoneinfo/America/Barbados
-usr/share/zoneinfo/America/Belem
-usr/share/zoneinfo/America/Belize
-usr/share/zoneinfo/America/Blanc-Sablon
-usr/share/zoneinfo/America/Boa_Vista
-usr/share/zoneinfo/America/Bogota
-usr/share/zoneinfo/America/Boise
-usr/share/zoneinfo/America/Buenos_Aires
-usr/share/zoneinfo/America/Cambridge_Bay
-usr/share/zoneinfo/America/Campo_Grande
-usr/share/zoneinfo/America/Cancun
-usr/share/zoneinfo/America/Caracas
-usr/share/zoneinfo/America/Catamarca
-usr/share/zoneinfo/America/Cayenne
-usr/share/zoneinfo/America/Cayman
-usr/share/zoneinfo/America/Chicago
-usr/share/zoneinfo/America/Chihuahua
-usr/share/zoneinfo/America/Coral_Harbour
-usr/share/zoneinfo/America/Cordoba
-usr/share/zoneinfo/America/Costa_Rica
-usr/share/zoneinfo/America/Creston
-usr/share/zoneinfo/America/Cuiaba
-usr/share/zoneinfo/America/Curacao
-usr/share/zoneinfo/America/Danmarkshavn
-usr/share/zoneinfo/America/Dawson
-usr/share/zoneinfo/America/Dawson_Creek
-usr/share/zoneinfo/America/Denver
-usr/share/zoneinfo/America/Detroit
-usr/share/zoneinfo/America/Dominica
-usr/share/zoneinfo/America/Edmonton
-usr/share/zoneinfo/America/Eirunepe
-usr/share/zoneinfo/America/El_Salvador
-usr/share/zoneinfo/America/Ensenada
-usr/share/zoneinfo/America/Fort_Nelson
-usr/share/zoneinfo/America/Fort_Wayne
-usr/share/zoneinfo/America/Fortaleza
-usr/share/zoneinfo/America/Glace_Bay
-usr/share/zoneinfo/America/Godthab
-usr/share/zoneinfo/America/Goose_Bay
-usr/share/zoneinfo/America/Grand_Turk
-usr/share/zoneinfo/America/Grenada
-usr/share/zoneinfo/America/Guadeloupe
-usr/share/zoneinfo/America/Guatemala
-usr/share/zoneinfo/America/Guayaquil
-usr/share/zoneinfo/America/Guyana
-usr/share/zoneinfo/America/Halifax
-usr/share/zoneinfo/America/Havana
-usr/share/zoneinfo/America/Hermosillo
-usr/share/zoneinfo/America/Indiana/
-usr/share/zoneinfo/America/Indiana/Indianapolis
-usr/share/zoneinfo/America/Indiana/Knox
-usr/share/zoneinfo/America/Indiana/Marengo
-usr/share/zoneinfo/America/Indiana/Petersburg
-usr/share/zoneinfo/America/Indiana/Tell_City
-usr/share/zoneinfo/America/Indiana/Vevay
-usr/share/zoneinfo/America/Indiana/Vincennes
-usr/share/zoneinfo/America/Indiana/Winamac
-usr/share/zoneinfo/America/Indianapolis
-usr/share/zoneinfo/America/Inuvik
-usr/share/zoneinfo/America/Iqaluit
-usr/share/zoneinfo/America/Jamaica
-usr/share/zoneinfo/America/Jujuy
-usr/share/zoneinfo/America/Juneau
-usr/share/zoneinfo/America/Kentucky/
-usr/share/zoneinfo/America/Kentucky/Louisville
-usr/share/zoneinfo/America/Kentucky/Monticello
-usr/share/zoneinfo/America/Knox_IN
-usr/share/zoneinfo/America/Kralendijk
-usr/share/zoneinfo/America/La_Paz
-usr/share/zoneinfo/America/Lima
-usr/share/zoneinfo/America/Los_Angeles
-usr/share/zoneinfo/America/Louisville
-usr/share/zoneinfo/America/Lower_Princes
-usr/share/zoneinfo/America/Maceio
-usr/share/zoneinfo/America/Managua
-usr/share/zoneinfo/America/Manaus
-usr/share/zoneinfo/America/Marigot
-usr/share/zoneinfo/America/Martinique
-usr/share/zoneinfo/America/Matamoros
-usr/share/zoneinfo/America/Mazatlan
-usr/share/zoneinfo/America/Mendoza
-usr/share/zoneinfo/America/Menominee
-usr/share/zoneinfo/America/Merida
-usr/share/zoneinfo/America/Metlakatla
-usr/share/zoneinfo/America/Mexico_City
-usr/share/zoneinfo/America/Miquelon
-usr/share/zoneinfo/America/Moncton
-usr/share/zoneinfo/America/Monterrey
-usr/share/zoneinfo/America/Montevideo
-usr/share/zoneinfo/America/Montreal
-usr/share/zoneinfo/America/Montserrat
-usr/share/zoneinfo/America/Nassau
-usr/share/zoneinfo/America/New_York
-usr/share/zoneinfo/America/Nipigon
-usr/share/zoneinfo/America/Nome
-usr/share/zoneinfo/America/Noronha
-usr/share/zoneinfo/America/North_Dakota/
-usr/share/zoneinfo/America/North_Dakota/Beulah
-usr/share/zoneinfo/America/North_Dakota/Center
-usr/share/zoneinfo/America/North_Dakota/New_Salem
-usr/share/zoneinfo/America/Ojinaga
-usr/share/zoneinfo/America/Panama
-usr/share/zoneinfo/America/Pangnirtung
-usr/share/zoneinfo/America/Paramaribo
-usr/share/zoneinfo/America/Phoenix
-usr/share/zoneinfo/America/Port-au-Prince
-usr/share/zoneinfo/America/Port_of_Spain
-usr/share/zoneinfo/America/Porto_Acre
-usr/share/zoneinfo/America/Porto_Velho
-usr/share/zoneinfo/America/Puerto_Rico
-usr/share/zoneinfo/America/Punta_Arenas
-usr/share/zoneinfo/America/Rainy_River
-usr/share/zoneinfo/America/Rankin_Inlet
-usr/share/zoneinfo/America/Recife
-usr/share/zoneinfo/America/Regina
-usr/share/zoneinfo/America/Resolute
-usr/share/zoneinfo/America/Rio_Branco
-usr/share/zoneinfo/America/Rosario
-usr/share/zoneinfo/America/Santa_Isabel
-usr/share/zoneinfo/America/Santarem
-usr/share/zoneinfo/America/Santiago
-usr/share/zoneinfo/America/Santo_Domingo
-usr/share/zoneinfo/America/Sao_Paulo
-usr/share/zoneinfo/America/Scoresbysund
-usr/share/zoneinfo/America/Shiprock
-usr/share/zoneinfo/America/Sitka
-usr/share/zoneinfo/America/St_Barthelemy
-usr/share/zoneinfo/America/St_Johns
-usr/share/zoneinfo/America/St_Kitts
-usr/share/zoneinfo/America/St_Lucia
-usr/share/zoneinfo/America/St_Thomas
-usr/share/zoneinfo/America/St_Vincent
-usr/share/zoneinfo/America/Swift_Current
-usr/share/zoneinfo/America/Tegucigalpa
-usr/share/zoneinfo/America/Thule
-usr/share/zoneinfo/America/Thunder_Bay
-usr/share/zoneinfo/America/Tijuana
-usr/share/zoneinfo/America/Toronto
-usr/share/zoneinfo/America/Tortola
-usr/share/zoneinfo/America/Vancouver
-usr/share/zoneinfo/America/Virgin
-usr/share/zoneinfo/America/Whitehorse
-usr/share/zoneinfo/America/Winnipeg
-usr/share/zoneinfo/America/Yakutat
-usr/share/zoneinfo/America/Yellowknife
-usr/share/zoneinfo/Antarctica/
-usr/share/zoneinfo/Antarctica/Casey
-usr/share/zoneinfo/Antarctica/Davis
-usr/share/zoneinfo/Antarctica/DumontDUrville
-usr/share/zoneinfo/Antarctica/Macquarie
-usr/share/zoneinfo/Antarctica/Mawson
-usr/share/zoneinfo/Antarctica/McMurdo
-usr/share/zoneinfo/Antarctica/Palmer
-usr/share/zoneinfo/Antarctica/Rothera
-usr/share/zoneinfo/Antarctica/South_Pole
-usr/share/zoneinfo/Antarctica/Syowa
-usr/share/zoneinfo/Antarctica/Troll
-usr/share/zoneinfo/Antarctica/Vostok
-usr/share/zoneinfo/Arctic/
-usr/share/zoneinfo/Arctic/Longyearbyen
-usr/share/zoneinfo/Asia/
-usr/share/zoneinfo/Asia/Aden
-usr/share/zoneinfo/Asia/Almaty
-usr/share/zoneinfo/Asia/Amman
-usr/share/zoneinfo/Asia/Anadyr
-usr/share/zoneinfo/Asia/Aqtau
-usr/share/zoneinfo/Asia/Aqtobe
-usr/share/zoneinfo/Asia/Ashgabat
-usr/share/zoneinfo/Asia/Ashkhabad
-usr/share/zoneinfo/Asia/Atyrau
-usr/share/zoneinfo/Asia/Baghdad
-usr/share/zoneinfo/Asia/Bahrain
-usr/share/zoneinfo/Asia/Baku
-usr/share/zoneinfo/Asia/Bangkok
-usr/share/zoneinfo/Asia/Barnaul
-usr/share/zoneinfo/Asia/Beirut
-usr/share/zoneinfo/Asia/Bishkek
-usr/share/zoneinfo/Asia/Brunei
-usr/share/zoneinfo/Asia/Calcutta
-usr/share/zoneinfo/Asia/Chita
-usr/share/zoneinfo/Asia/Choibalsan
-usr/share/zoneinfo/Asia/Chongqing
-usr/share/zoneinfo/Asia/Chungking
-usr/share/zoneinfo/Asia/Colombo
-usr/share/zoneinfo/Asia/Dacca
-usr/share/zoneinfo/Asia/Damascus
-usr/share/zoneinfo/Asia/Dhaka
-usr/share/zoneinfo/Asia/Dili
-usr/share/zoneinfo/Asia/Dubai
-usr/share/zoneinfo/Asia/Dushanbe
-usr/share/zoneinfo/Asia/Famagusta
-usr/share/zoneinfo/Asia/Gaza
-usr/share/zoneinfo/Asia/Harbin
-usr/share/zoneinfo/Asia/Hebron
-usr/share/zoneinfo/Asia/Ho_Chi_Minh
-usr/share/zoneinfo/Asia/Hong_Kong
-usr/share/zoneinfo/Asia/Hovd
-usr/share/zoneinfo/Asia/Irkutsk
-usr/share/zoneinfo/Asia/Istanbul
-usr/share/zoneinfo/Asia/Jakarta
-usr/share/zoneinfo/Asia/Jayapura
-usr/share/zoneinfo/Asia/Jerusalem
-usr/share/zoneinfo/Asia/Kabul
-usr/share/zoneinfo/Asia/Kamchatka
-usr/share/zoneinfo/Asia/Karachi
-usr/share/zoneinfo/Asia/Kashgar
-usr/share/zoneinfo/Asia/Kathmandu
-usr/share/zoneinfo/Asia/Katmandu
-usr/share/zoneinfo/Asia/Khandyga
-usr/share/zoneinfo/Asia/Kolkata
-usr/share/zoneinfo/Asia/Krasnoyarsk
-usr/share/zoneinfo/Asia/Kuala_Lumpur
-usr/share/zoneinfo/Asia/Kuching
-usr/share/zoneinfo/Asia/Kuwait
-usr/share/zoneinfo/Asia/Macao
-usr/share/zoneinfo/Asia/Macau
-usr/share/zoneinfo/Asia/Magadan
-usr/share/zoneinfo/Asia/Makassar
-usr/share/zoneinfo/Asia/Manila
-usr/share/zoneinfo/Asia/Muscat
-usr/share/zoneinfo/Asia/Nicosia
-usr/share/zoneinfo/Asia/Novokuznetsk
-usr/share/zoneinfo/Asia/Novosibirsk
-usr/share/zoneinfo/Asia/Omsk
-usr/share/zoneinfo/Asia/Oral
-usr/share/zoneinfo/Asia/Phnom_Penh
-usr/share/zoneinfo/Asia/Pontianak
-usr/share/zoneinfo/Asia/Pyongyang
-usr/share/zoneinfo/Asia/Qatar
-usr/share/zoneinfo/Asia/Qyzylorda
-usr/share/zoneinfo/Asia/Rangoon
-usr/share/zoneinfo/Asia/Riyadh
-usr/share/zoneinfo/Asia/Saigon
-usr/share/zoneinfo/Asia/Sakhalin
-usr/share/zoneinfo/Asia/Samarkand
-usr/share/zoneinfo/Asia/Seoul
-usr/share/zoneinfo/Asia/Shanghai
-usr/share/zoneinfo/Asia/Singapore
-usr/share/zoneinfo/Asia/Srednekolymsk
-usr/share/zoneinfo/Asia/Taipei
-usr/share/zoneinfo/Asia/Tashkent
-usr/share/zoneinfo/Asia/Tbilisi
-usr/share/zoneinfo/Asia/Tehran
-usr/share/zoneinfo/Asia/Tel_Aviv
-usr/share/zoneinfo/Asia/Thimbu
-usr/share/zoneinfo/Asia/Thimphu
-usr/share/zoneinfo/Asia/Tokyo
-usr/share/zoneinfo/Asia/Tomsk
-usr/share/zoneinfo/Asia/Ujung_Pandang
-usr/share/zoneinfo/Asia/Ulaanbaatar
-usr/share/zoneinfo/Asia/Ulan_Bator
-usr/share/zoneinfo/Asia/Urumqi
-usr/share/zoneinfo/Asia/Ust-Nera
-usr/share/zoneinfo/Asia/Vientiane
-usr/share/zoneinfo/Asia/Vladivostok
-usr/share/zoneinfo/Asia/Yakutsk
-usr/share/zoneinfo/Asia/Yangon
-usr/share/zoneinfo/Asia/Yekaterinburg
-usr/share/zoneinfo/Asia/Yerevan
-usr/share/zoneinfo/Atlantic/
-usr/share/zoneinfo/Atlantic/Azores
-usr/share/zoneinfo/Atlantic/Bermuda
-usr/share/zoneinfo/Atlantic/Canary
-usr/share/zoneinfo/Atlantic/Cape_Verde
-usr/share/zoneinfo/Atlantic/Faeroe
-usr/share/zoneinfo/Atlantic/Faroe
-usr/share/zoneinfo/Atlantic/Jan_Mayen
-usr/share/zoneinfo/Atlantic/Madeira
-usr/share/zoneinfo/Atlantic/Reykjavik
-usr/share/zoneinfo/Atlantic/South_Georgia
-usr/share/zoneinfo/Atlantic/St_Helena
-usr/share/zoneinfo/Atlantic/Stanley
-usr/share/zoneinfo/Australia/
-usr/share/zoneinfo/Australia/ACT
-usr/share/zoneinfo/Australia/Adelaide
-usr/share/zoneinfo/Australia/Brisbane
-usr/share/zoneinfo/Australia/Broken_Hill
-usr/share/zoneinfo/Australia/Canberra
-usr/share/zoneinfo/Australia/Currie
-usr/share/zoneinfo/Australia/Darwin
-usr/share/zoneinfo/Australia/Eucla
-usr/share/zoneinfo/Australia/Hobart
-usr/share/zoneinfo/Australia/LHI
-usr/share/zoneinfo/Australia/Lindeman
-usr/share/zoneinfo/Australia/Lord_Howe
-usr/share/zoneinfo/Australia/Melbourne
-usr/share/zoneinfo/Australia/NSW
-usr/share/zoneinfo/Australia/North
-usr/share/zoneinfo/Australia/Perth
-usr/share/zoneinfo/Australia/Queensland
-usr/share/zoneinfo/Australia/South
-usr/share/zoneinfo/Australia/Sydney
-usr/share/zoneinfo/Australia/Tasmania
-usr/share/zoneinfo/Australia/Victoria
-usr/share/zoneinfo/Australia/West
-usr/share/zoneinfo/Australia/Yancowinna
-usr/share/zoneinfo/Brazil/
-usr/share/zoneinfo/Brazil/Acre
-usr/share/zoneinfo/Brazil/DeNoronha
-usr/share/zoneinfo/Brazil/East
-usr/share/zoneinfo/Brazil/West
-usr/share/zoneinfo/CET
-usr/share/zoneinfo/CST6CDT
-usr/share/zoneinfo/Canada/
-usr/share/zoneinfo/Canada/Atlantic
-usr/share/zoneinfo/Canada/Central
-usr/share/zoneinfo/Canada/Eastern
-usr/share/zoneinfo/Canada/Mountain
-usr/share/zoneinfo/Canada/Newfoundland
-usr/share/zoneinfo/Canada/Pacific
-usr/share/zoneinfo/Canada/Saskatchewan
-usr/share/zoneinfo/Canada/Yukon
-usr/share/zoneinfo/Chile/
-usr/share/zoneinfo/Chile/Continental
-usr/share/zoneinfo/Chile/EasterIsland
-usr/share/zoneinfo/Cuba
-usr/share/zoneinfo/EET
-usr/share/zoneinfo/EST
-usr/share/zoneinfo/EST5EDT
-usr/share/zoneinfo/Egypt
-usr/share/zoneinfo/Eire
-usr/share/zoneinfo/Etc/
-usr/share/zoneinfo/Etc/GMT
-usr/share/zoneinfo/Etc/GMT+0
-usr/share/zoneinfo/Etc/GMT+1
-usr/share/zoneinfo/Etc/GMT+10
-usr/share/zoneinfo/Etc/GMT+11
-usr/share/zoneinfo/Etc/GMT+12
-usr/share/zoneinfo/Etc/GMT+2
-usr/share/zoneinfo/Etc/GMT+3
-usr/share/zoneinfo/Etc/GMT+4
-usr/share/zoneinfo/Etc/GMT+5
-usr/share/zoneinfo/Etc/GMT+6
-usr/share/zoneinfo/Etc/GMT+7
-usr/share/zoneinfo/Etc/GMT+8
-usr/share/zoneinfo/Etc/GMT+9
-usr/share/zoneinfo/Etc/GMT-0
-usr/share/zoneinfo/Etc/GMT-1
-usr/share/zoneinfo/Etc/GMT-10
-usr/share/zoneinfo/Etc/GMT-11
-usr/share/zoneinfo/Etc/GMT-12
-usr/share/zoneinfo/Etc/GMT-13
-usr/share/zoneinfo/Etc/GMT-14
-usr/share/zoneinfo/Etc/GMT-2
-usr/share/zoneinfo/Etc/GMT-3
-usr/share/zoneinfo/Etc/GMT-4
-usr/share/zoneinfo/Etc/GMT-5
-usr/share/zoneinfo/Etc/GMT-6
-usr/share/zoneinfo/Etc/GMT-7
-usr/share/zoneinfo/Etc/GMT-8
-usr/share/zoneinfo/Etc/GMT-9
-usr/share/zoneinfo/Etc/GMT0
-usr/share/zoneinfo/Etc/Greenwich
-usr/share/zoneinfo/Etc/UCT
-usr/share/zoneinfo/Etc/UTC
-usr/share/zoneinfo/Etc/Universal
-usr/share/zoneinfo/Etc/Zulu
-usr/share/zoneinfo/Europe/
-usr/share/zoneinfo/Europe/Amsterdam
-usr/share/zoneinfo/Europe/Andorra
-usr/share/zoneinfo/Europe/Astrakhan
-usr/share/zoneinfo/Europe/Athens
-usr/share/zoneinfo/Europe/Belfast
-usr/share/zoneinfo/Europe/Belgrade
-usr/share/zoneinfo/Europe/Berlin
-usr/share/zoneinfo/Europe/Bratislava
-usr/share/zoneinfo/Europe/Brussels
-usr/share/zoneinfo/Europe/Bucharest
-usr/share/zoneinfo/Europe/Budapest
-usr/share/zoneinfo/Europe/Busingen
-usr/share/zoneinfo/Europe/Chisinau
-usr/share/zoneinfo/Europe/Copenhagen
-usr/share/zoneinfo/Europe/Dublin
-usr/share/zoneinfo/Europe/Gibraltar
-usr/share/zoneinfo/Europe/Guernsey
-usr/share/zoneinfo/Europe/Helsinki
-usr/share/zoneinfo/Europe/Isle_of_Man
-usr/share/zoneinfo/Europe/Istanbul
-usr/share/zoneinfo/Europe/Jersey
-usr/share/zoneinfo/Europe/Kaliningrad
-usr/share/zoneinfo/Europe/Kiev
-usr/share/zoneinfo/Europe/Kirov
-usr/share/zoneinfo/Europe/Lisbon
-usr/share/zoneinfo/Europe/Ljubljana
-usr/share/zoneinfo/Europe/London
-usr/share/zoneinfo/Europe/Luxembourg
-usr/share/zoneinfo/Europe/Madrid
-usr/share/zoneinfo/Europe/Malta
-usr/share/zoneinfo/Europe/Mariehamn
-usr/share/zoneinfo/Europe/Minsk
-usr/share/zoneinfo/Europe/Monaco
-usr/share/zoneinfo/Europe/Moscow
-usr/share/zoneinfo/Europe/Nicosia
-usr/share/zoneinfo/Europe/Oslo
-usr/share/zoneinfo/Europe/Paris
-usr/share/zoneinfo/Europe/Podgorica
-usr/share/zoneinfo/Europe/Prague
-usr/share/zoneinfo/Europe/Riga
-usr/share/zoneinfo/Europe/Rome
-usr/share/zoneinfo/Europe/Samara
-usr/share/zoneinfo/Europe/San_Marino
-usr/share/zoneinfo/Europe/Sarajevo
-usr/share/zoneinfo/Europe/Saratov
-usr/share/zoneinfo/Europe/Simferopol
-usr/share/zoneinfo/Europe/Skopje
-usr/share/zoneinfo/Europe/Sofia
-usr/share/zoneinfo/Europe/Stockholm
-usr/share/zoneinfo/Europe/Tallinn
-usr/share/zoneinfo/Europe/Tirane
-usr/share/zoneinfo/Europe/Tiraspol
-usr/share/zoneinfo/Europe/Ulyanovsk
-usr/share/zoneinfo/Europe/Uzhgorod
-usr/share/zoneinfo/Europe/Vaduz
-usr/share/zoneinfo/Europe/Vatican
-usr/share/zoneinfo/Europe/Vienna
-usr/share/zoneinfo/Europe/Vilnius
-usr/share/zoneinfo/Europe/Volgograd
-usr/share/zoneinfo/Europe/Warsaw
-usr/share/zoneinfo/Europe/Zagreb
-usr/share/zoneinfo/Europe/Zaporozhye
-usr/share/zoneinfo/Europe/Zurich
-usr/share/zoneinfo/Factory
-usr/share/zoneinfo/GB
-usr/share/zoneinfo/GB-Eire
-usr/share/zoneinfo/GMT
-usr/share/zoneinfo/GMT+0
-usr/share/zoneinfo/GMT-0
-usr/share/zoneinfo/GMT0
-usr/share/zoneinfo/Greenwich
-usr/share/zoneinfo/HST
-usr/share/zoneinfo/Hongkong
-usr/share/zoneinfo/Iceland
-usr/share/zoneinfo/Indian/
-usr/share/zoneinfo/Indian/Antananarivo
-usr/share/zoneinfo/Indian/Chagos
-usr/share/zoneinfo/Indian/Christmas
-usr/share/zoneinfo/Indian/Cocos
-usr/share/zoneinfo/Indian/Comoro
-usr/share/zoneinfo/Indian/Kerguelen
-usr/share/zoneinfo/Indian/Mahe
-usr/share/zoneinfo/Indian/Maldives
-usr/share/zoneinfo/Indian/Mauritius
-usr/share/zoneinfo/Indian/Mayotte
-usr/share/zoneinfo/Indian/Reunion
-usr/share/zoneinfo/Iran
-usr/share/zoneinfo/Israel
-usr/share/zoneinfo/Jamaica
-usr/share/zoneinfo/Japan
-usr/share/zoneinfo/Kwajalein
-usr/share/zoneinfo/Libya
-usr/share/zoneinfo/MET
-usr/share/zoneinfo/MST
-usr/share/zoneinfo/MST7MDT
-usr/share/zoneinfo/Mexico/
-usr/share/zoneinfo/Mexico/BajaNorte
-usr/share/zoneinfo/Mexico/BajaSur
-usr/share/zoneinfo/Mexico/General
-usr/share/zoneinfo/NZ
-usr/share/zoneinfo/NZ-CHAT
-usr/share/zoneinfo/Navajo
-usr/share/zoneinfo/PRC
-usr/share/zoneinfo/PST8PDT
-usr/share/zoneinfo/Pacific/
-usr/share/zoneinfo/Pacific/Apia
-usr/share/zoneinfo/Pacific/Auckland
-usr/share/zoneinfo/Pacific/Bougainville
-usr/share/zoneinfo/Pacific/Chatham
-usr/share/zoneinfo/Pacific/Chuuk
-usr/share/zoneinfo/Pacific/Easter
-usr/share/zoneinfo/Pacific/Efate
-usr/share/zoneinfo/Pacific/Enderbury
-usr/share/zoneinfo/Pacific/Fakaofo
-usr/share/zoneinfo/Pacific/Fiji
-usr/share/zoneinfo/Pacific/Funafuti
-usr/share/zoneinfo/Pacific/Galapagos
-usr/share/zoneinfo/Pacific/Gambier
-usr/share/zoneinfo/Pacific/Guadalcanal
-usr/share/zoneinfo/Pacific/Guam
-usr/share/zoneinfo/Pacific/Honolulu
-usr/share/zoneinfo/Pacific/Johnston
-usr/share/zoneinfo/Pacific/Kiritimati
-usr/share/zoneinfo/Pacific/Kosrae
-usr/share/zoneinfo/Pacific/Kwajalein
-usr/share/zoneinfo/Pacific/Majuro
-usr/share/zoneinfo/Pacific/Marquesas
-usr/share/zoneinfo/Pacific/Midway
-usr/share/zoneinfo/Pacific/Nauru
-usr/share/zoneinfo/Pacific/Niue
-usr/share/zoneinfo/Pacific/Norfolk
-usr/share/zoneinfo/Pacific/Noumea
-usr/share/zoneinfo/Pacific/Pago_Pago
-usr/share/zoneinfo/Pacific/Palau
-usr/share/zoneinfo/Pacific/Pitcairn
-usr/share/zoneinfo/Pacific/Pohnpei
-usr/share/zoneinfo/Pacific/Ponape
-usr/share/zoneinfo/Pacific/Port_Moresby
-usr/share/zoneinfo/Pacific/Rarotonga
-usr/share/zoneinfo/Pacific/Saipan
-usr/share/zoneinfo/Pacific/Samoa
-usr/share/zoneinfo/Pacific/Tahiti
-usr/share/zoneinfo/Pacific/Tarawa
-usr/share/zoneinfo/Pacific/Tongatapu
-usr/share/zoneinfo/Pacific/Truk
-usr/share/zoneinfo/Pacific/Wake
-usr/share/zoneinfo/Pacific/Wallis
-usr/share/zoneinfo/Pacific/Yap
-usr/share/zoneinfo/Poland
-usr/share/zoneinfo/Portugal
-usr/share/zoneinfo/ROC
-usr/share/zoneinfo/ROK
-usr/share/zoneinfo/Singapore
-usr/share/zoneinfo/Turkey
-usr/share/zoneinfo/UCT
-usr/share/zoneinfo/US/
-usr/share/zoneinfo/US/Alaska
-usr/share/zoneinfo/US/Aleutian
-usr/share/zoneinfo/US/Arizona
-usr/share/zoneinfo/US/Central
-usr/share/zoneinfo/US/East-Indiana
-usr/share/zoneinfo/US/Eastern
-usr/share/zoneinfo/US/Hawaii
-usr/share/zoneinfo/US/Indiana-Starke
-usr/share/zoneinfo/US/Michigan
-usr/share/zoneinfo/US/Mountain
-usr/share/zoneinfo/US/Pacific
-usr/share/zoneinfo/US/Pacific-New
-usr/share/zoneinfo/US/Samoa
-usr/share/zoneinfo/UTC
-usr/share/zoneinfo/Universal
-usr/share/zoneinfo/W-SU
-usr/share/zoneinfo/WET
-usr/share/zoneinfo/Zulu
-usr/share/zoneinfo/iso3166.tab
-usr/share/zoneinfo/leapseconds
-usr/share/zoneinfo/posix/
-usr/share/zoneinfo/posix/Africa/
-usr/share/zoneinfo/posix/Africa/Abidjan
-usr/share/zoneinfo/posix/Africa/Accra
-usr/share/zoneinfo/posix/Africa/Addis_Ababa
-usr/share/zoneinfo/posix/Africa/Algiers
-usr/share/zoneinfo/posix/Africa/Asmara
-usr/share/zoneinfo/posix/Africa/Asmera
-usr/share/zoneinfo/posix/Africa/Bamako
-usr/share/zoneinfo/posix/Africa/Bangui
-usr/share/zoneinfo/posix/Africa/Banjul
-usr/share/zoneinfo/posix/Africa/Bissau
-usr/share/zoneinfo/posix/Africa/Blantyre
-usr/share/zoneinfo/posix/Africa/Brazzaville
-usr/share/zoneinfo/posix/Africa/Bujumbura
-usr/share/zoneinfo/posix/Africa/Cairo
-usr/share/zoneinfo/posix/Africa/Casablanca
-usr/share/zoneinfo/posix/Africa/Ceuta
-usr/share/zoneinfo/posix/Africa/Conakry
-usr/share/zoneinfo/posix/Africa/Dakar
-usr/share/zoneinfo/posix/Africa/Dar_es_Salaam
-usr/share/zoneinfo/posix/Africa/Djibouti
-usr/share/zoneinfo/posix/Africa/Douala
-usr/share/zoneinfo/posix/Africa/El_Aaiun
-usr/share/zoneinfo/posix/Africa/Freetown
-usr/share/zoneinfo/posix/Africa/Gaborone
-usr/share/zoneinfo/posix/Africa/Harare
-usr/share/zoneinfo/posix/Africa/Johannesburg
-usr/share/zoneinfo/posix/Africa/Juba
-usr/share/zoneinfo/posix/Africa/Kampala
-usr/share/zoneinfo/posix/Africa/Khartoum
-usr/share/zoneinfo/posix/Africa/Kigali
-usr/share/zoneinfo/posix/Africa/Kinshasa
-usr/share/zoneinfo/posix/Africa/Lagos
-usr/share/zoneinfo/posix/Africa/Libreville
-usr/share/zoneinfo/posix/Africa/Lome
-usr/share/zoneinfo/posix/Africa/Luanda
-usr/share/zoneinfo/posix/Africa/Lubumbashi
-usr/share/zoneinfo/posix/Africa/Lusaka
-usr/share/zoneinfo/posix/Africa/Malabo
-usr/share/zoneinfo/posix/Africa/Maputo
-usr/share/zoneinfo/posix/Africa/Maseru
-usr/share/zoneinfo/posix/Africa/Mbabane
-usr/share/zoneinfo/posix/Africa/Mogadishu
-usr/share/zoneinfo/posix/Africa/Monrovia
-usr/share/zoneinfo/posix/Africa/Nairobi
-usr/share/zoneinfo/posix/Africa/Ndjamena
-usr/share/zoneinfo/posix/Africa/Niamey
-usr/share/zoneinfo/posix/Africa/Nouakchott
-usr/share/zoneinfo/posix/Africa/Ouagadougou
-usr/share/zoneinfo/posix/Africa/Porto-Novo
-usr/share/zoneinfo/posix/Africa/Sao_Tome
-usr/share/zoneinfo/posix/Africa/Timbuktu
-usr/share/zoneinfo/posix/Africa/Tripoli
-usr/share/zoneinfo/posix/Africa/Tunis
-usr/share/zoneinfo/posix/Africa/Windhoek
-usr/share/zoneinfo/posix/America/
-usr/share/zoneinfo/posix/America/Adak
-usr/share/zoneinfo/posix/America/Anchorage
-usr/share/zoneinfo/posix/America/Anguilla
-usr/share/zoneinfo/posix/America/Antigua
-usr/share/zoneinfo/posix/America/Araguaina
-usr/share/zoneinfo/posix/America/Argentina/
-usr/share/zoneinfo/posix/America/Argentina/Buenos_Aires
-usr/share/zoneinfo/posix/America/Argentina/Catamarca
-usr/share/zoneinfo/posix/America/Argentina/ComodRivadavia
-usr/share/zoneinfo/posix/America/Argentina/Cordoba
-usr/share/zoneinfo/posix/America/Argentina/Jujuy
-usr/share/zoneinfo/posix/America/Argentina/La_Rioja
-usr/share/zoneinfo/posix/America/Argentina/Mendoza
-usr/share/zoneinfo/posix/America/Argentina/Rio_Gallegos
-usr/share/zoneinfo/posix/America/Argentina/Salta
-usr/share/zoneinfo/posix/America/Argentina/San_Juan
-usr/share/zoneinfo/posix/America/Argentina/San_Luis
-usr/share/zoneinfo/posix/America/Argentina/Tucuman
-usr/share/zoneinfo/posix/America/Argentina/Ushuaia
-usr/share/zoneinfo/posix/America/Aruba
-usr/share/zoneinfo/posix/America/Asuncion
-usr/share/zoneinfo/posix/America/Atikokan
-usr/share/zoneinfo/posix/America/Atka
-usr/share/zoneinfo/posix/America/Bahia
-usr/share/zoneinfo/posix/America/Bahia_Banderas
-usr/share/zoneinfo/posix/America/Barbados
-usr/share/zoneinfo/posix/America/Belem
-usr/share/zoneinfo/posix/America/Belize
-usr/share/zoneinfo/posix/America/Blanc-Sablon
-usr/share/zoneinfo/posix/America/Boa_Vista
-usr/share/zoneinfo/posix/America/Bogota
-usr/share/zoneinfo/posix/America/Boise
-usr/share/zoneinfo/posix/America/Buenos_Aires
-usr/share/zoneinfo/posix/America/Cambridge_Bay
-usr/share/zoneinfo/posix/America/Campo_Grande
-usr/share/zoneinfo/posix/America/Cancun
-usr/share/zoneinfo/posix/America/Caracas
-usr/share/zoneinfo/posix/America/Catamarca
-usr/share/zoneinfo/posix/America/Cayenne
-usr/share/zoneinfo/posix/America/Cayman
-usr/share/zoneinfo/posix/America/Chicago
-usr/share/zoneinfo/posix/America/Chihuahua
-usr/share/zoneinfo/posix/America/Coral_Harbour
-usr/share/zoneinfo/posix/America/Cordoba
-usr/share/zoneinfo/posix/America/Costa_Rica
-usr/share/zoneinfo/posix/America/Creston
-usr/share/zoneinfo/posix/America/Cuiaba
-usr/share/zoneinfo/posix/America/Curacao
-usr/share/zoneinfo/posix/America/Danmarkshavn
-usr/share/zoneinfo/posix/America/Dawson
-usr/share/zoneinfo/posix/America/Dawson_Creek
-usr/share/zoneinfo/posix/America/Denver
-usr/share/zoneinfo/posix/America/Detroit
-usr/share/zoneinfo/posix/America/Dominica
-usr/share/zoneinfo/posix/America/Edmonton
-usr/share/zoneinfo/posix/America/Eirunepe
-usr/share/zoneinfo/posix/America/El_Salvador
-usr/share/zoneinfo/posix/America/Ensenada
-usr/share/zoneinfo/posix/America/Fort_Nelson
-usr/share/zoneinfo/posix/America/Fort_Wayne
-usr/share/zoneinfo/posix/America/Fortaleza
-usr/share/zoneinfo/posix/America/Glace_Bay
-usr/share/zoneinfo/posix/America/Godthab
-usr/share/zoneinfo/posix/America/Goose_Bay
-usr/share/zoneinfo/posix/America/Grand_Turk
-usr/share/zoneinfo/posix/America/Grenada
-usr/share/zoneinfo/posix/America/Guadeloupe
-usr/share/zoneinfo/posix/America/Guatemala
-usr/share/zoneinfo/posix/America/Guayaquil
-usr/share/zoneinfo/posix/America/Guyana
-usr/share/zoneinfo/posix/America/Halifax
-usr/share/zoneinfo/posix/America/Havana
-usr/share/zoneinfo/posix/America/Hermosillo
-usr/share/zoneinfo/posix/America/Indiana/
-usr/share/zoneinfo/posix/America/Indiana/Indianapolis
-usr/share/zoneinfo/posix/America/Indiana/Knox
-usr/share/zoneinfo/posix/America/Indiana/Marengo
-usr/share/zoneinfo/posix/America/Indiana/Petersburg
-usr/share/zoneinfo/posix/America/Indiana/Tell_City
-usr/share/zoneinfo/posix/America/Indiana/Vevay
-usr/share/zoneinfo/posix/America/Indiana/Vincennes
-usr/share/zoneinfo/posix/America/Indiana/Winamac
-usr/share/zoneinfo/posix/America/Indianapolis
-usr/share/zoneinfo/posix/America/Inuvik
-usr/share/zoneinfo/posix/America/Iqaluit
-usr/share/zoneinfo/posix/America/Jamaica
-usr/share/zoneinfo/posix/America/Jujuy
-usr/share/zoneinfo/posix/America/Juneau
-usr/share/zoneinfo/posix/America/Kentucky/
-usr/share/zoneinfo/posix/America/Kentucky/Louisville
-usr/share/zoneinfo/posix/America/Kentucky/Monticello
-usr/share/zoneinfo/posix/America/Knox_IN
-usr/share/zoneinfo/posix/America/Kralendijk
-usr/share/zoneinfo/posix/America/La_Paz
-usr/share/zoneinfo/posix/America/Lima
-usr/share/zoneinfo/posix/America/Los_Angeles
-usr/share/zoneinfo/posix/America/Louisville
-usr/share/zoneinfo/posix/America/Lower_Princes
-usr/share/zoneinfo/posix/America/Maceio
-usr/share/zoneinfo/posix/America/Managua
-usr/share/zoneinfo/posix/America/Manaus
-usr/share/zoneinfo/posix/America/Marigot
-usr/share/zoneinfo/posix/America/Martinique
-usr/share/zoneinfo/posix/America/Matamoros
-usr/share/zoneinfo/posix/America/Mazatlan
-usr/share/zoneinfo/posix/America/Mendoza
-usr/share/zoneinfo/posix/America/Menominee
-usr/share/zoneinfo/posix/America/Merida
-usr/share/zoneinfo/posix/America/Metlakatla
-usr/share/zoneinfo/posix/America/Mexico_City
-usr/share/zoneinfo/posix/America/Miquelon
-usr/share/zoneinfo/posix/America/Moncton
-usr/share/zoneinfo/posix/America/Monterrey
-usr/share/zoneinfo/posix/America/Montevideo
-usr/share/zoneinfo/posix/America/Montreal
-usr/share/zoneinfo/posix/America/Montserrat
-usr/share/zoneinfo/posix/America/Nassau
-usr/share/zoneinfo/posix/America/New_York
-usr/share/zoneinfo/posix/America/Nipigon
-usr/share/zoneinfo/posix/America/Nome
-usr/share/zoneinfo/posix/America/Noronha
-usr/share/zoneinfo/posix/America/North_Dakota/
-usr/share/zoneinfo/posix/America/North_Dakota/Beulah
-usr/share/zoneinfo/posix/America/North_Dakota/Center
-usr/share/zoneinfo/posix/America/North_Dakota/New_Salem
-usr/share/zoneinfo/posix/America/Ojinaga
-usr/share/zoneinfo/posix/America/Panama
-usr/share/zoneinfo/posix/America/Pangnirtung
-usr/share/zoneinfo/posix/America/Paramaribo
-usr/share/zoneinfo/posix/America/Phoenix
-usr/share/zoneinfo/posix/America/Port-au-Prince
-usr/share/zoneinfo/posix/America/Port_of_Spain
-usr/share/zoneinfo/posix/America/Porto_Acre
-usr/share/zoneinfo/posix/America/Porto_Velho
-usr/share/zoneinfo/posix/America/Puerto_Rico
-usr/share/zoneinfo/posix/America/Punta_Arenas
-usr/share/zoneinfo/posix/America/Rainy_River
-usr/share/zoneinfo/posix/America/Rankin_Inlet
-usr/share/zoneinfo/posix/America/Recife
-usr/share/zoneinfo/posix/America/Regina
-usr/share/zoneinfo/posix/America/Resolute
-usr/share/zoneinfo/posix/America/Rio_Branco
-usr/share/zoneinfo/posix/America/Rosario
-usr/share/zoneinfo/posix/America/Santa_Isabel
-usr/share/zoneinfo/posix/America/Santarem
-usr/share/zoneinfo/posix/America/Santiago
-usr/share/zoneinfo/posix/America/Santo_Domingo
-usr/share/zoneinfo/posix/America/Sao_Paulo
-usr/share/zoneinfo/posix/America/Scoresbysund
-usr/share/zoneinfo/posix/America/Shiprock
-usr/share/zoneinfo/posix/America/Sitka
-usr/share/zoneinfo/posix/America/St_Barthelemy
-usr/share/zoneinfo/posix/America/St_Johns
-usr/share/zoneinfo/posix/America/St_Kitts
-usr/share/zoneinfo/posix/America/St_Lucia
-usr/share/zoneinfo/posix/America/St_Thomas
-usr/share/zoneinfo/posix/America/St_Vincent
-usr/share/zoneinfo/posix/America/Swift_Current
-usr/share/zoneinfo/posix/America/Tegucigalpa
-usr/share/zoneinfo/posix/America/Thule
-usr/share/zoneinfo/posix/America/Thunder_Bay
-usr/share/zoneinfo/posix/America/Tijuana
-usr/share/zoneinfo/posix/America/Toronto
-usr/share/zoneinfo/posix/America/Tortola
-usr/share/zoneinfo/posix/America/Vancouver
-usr/share/zoneinfo/posix/America/Virgin
-usr/share/zoneinfo/posix/America/Whitehorse
-usr/share/zoneinfo/posix/America/Winnipeg
-usr/share/zoneinfo/posix/America/Yakutat
-usr/share/zoneinfo/posix/America/Yellowknife
-usr/share/zoneinfo/posix/Antarctica/
-usr/share/zoneinfo/posix/Antarctica/Casey
-usr/share/zoneinfo/posix/Antarctica/Davis
-usr/share/zoneinfo/posix/Antarctica/DumontDUrville
-usr/share/zoneinfo/posix/Antarctica/Macquarie
-usr/share/zoneinfo/posix/Antarctica/Mawson
-usr/share/zoneinfo/posix/Antarctica/McMurdo
-usr/share/zoneinfo/posix/Antarctica/Palmer
-usr/share/zoneinfo/posix/Antarctica/Rothera
-usr/share/zoneinfo/posix/Antarctica/South_Pole
-usr/share/zoneinfo/posix/Antarctica/Syowa
-usr/share/zoneinfo/posix/Antarctica/Troll
-usr/share/zoneinfo/posix/Antarctica/Vostok
-usr/share/zoneinfo/posix/Arctic/
-usr/share/zoneinfo/posix/Arctic/Longyearbyen
-usr/share/zoneinfo/posix/Asia/
-usr/share/zoneinfo/posix/Asia/Aden
-usr/share/zoneinfo/posix/Asia/Almaty
-usr/share/zoneinfo/posix/Asia/Amman
-usr/share/zoneinfo/posix/Asia/Anadyr
-usr/share/zoneinfo/posix/Asia/Aqtau
-usr/share/zoneinfo/posix/Asia/Aqtobe
-usr/share/zoneinfo/posix/Asia/Ashgabat
-usr/share/zoneinfo/posix/Asia/Ashkhabad
-usr/share/zoneinfo/posix/Asia/Atyrau
-usr/share/zoneinfo/posix/Asia/Baghdad
-usr/share/zoneinfo/posix/Asia/Bahrain
-usr/share/zoneinfo/posix/Asia/Baku
-usr/share/zoneinfo/posix/Asia/Bangkok
-usr/share/zoneinfo/posix/Asia/Barnaul
-usr/share/zoneinfo/posix/Asia/Beirut
-usr/share/zoneinfo/posix/Asia/Bishkek
-usr/share/zoneinfo/posix/Asia/Brunei
-usr/share/zoneinfo/posix/Asia/Calcutta
-usr/share/zoneinfo/posix/Asia/Chita
-usr/share/zoneinfo/posix/Asia/Choibalsan
-usr/share/zoneinfo/posix/Asia/Chongqing
-usr/share/zoneinfo/posix/Asia/Chungking
-usr/share/zoneinfo/posix/Asia/Colombo
-usr/share/zoneinfo/posix/Asia/Dacca
-usr/share/zoneinfo/posix/Asia/Damascus
-usr/share/zoneinfo/posix/Asia/Dhaka
-usr/share/zoneinfo/posix/Asia/Dili
-usr/share/zoneinfo/posix/Asia/Dubai
-usr/share/zoneinfo/posix/Asia/Dushanbe
-usr/share/zoneinfo/posix/Asia/Famagusta
-usr/share/zoneinfo/posix/Asia/Gaza
-usr/share/zoneinfo/posix/Asia/Harbin
-usr/share/zoneinfo/posix/Asia/Hebron
-usr/share/zoneinfo/posix/Asia/Ho_Chi_Minh
-usr/share/zoneinfo/posix/Asia/Hong_Kong
-usr/share/zoneinfo/posix/Asia/Hovd
-usr/share/zoneinfo/posix/Asia/Irkutsk
-usr/share/zoneinfo/posix/Asia/Istanbul
-usr/share/zoneinfo/posix/Asia/Jakarta
-usr/share/zoneinfo/posix/Asia/Jayapura
-usr/share/zoneinfo/posix/Asia/Jerusalem
-usr/share/zoneinfo/posix/Asia/Kabul
-usr/share/zoneinfo/posix/Asia/Kamchatka
-usr/share/zoneinfo/posix/Asia/Karachi
-usr/share/zoneinfo/posix/Asia/Kashgar
-usr/share/zoneinfo/posix/Asia/Kathmandu
-usr/share/zoneinfo/posix/Asia/Katmandu
-usr/share/zoneinfo/posix/Asia/Khandyga
-usr/share/zoneinfo/posix/Asia/Kolkata
-usr/share/zoneinfo/posix/Asia/Krasnoyarsk
-usr/share/zoneinfo/posix/Asia/Kuala_Lumpur
-usr/share/zoneinfo/posix/Asia/Kuching
-usr/share/zoneinfo/posix/Asia/Kuwait
-usr/share/zoneinfo/posix/Asia/Macao
-usr/share/zoneinfo/posix/Asia/Macau
-usr/share/zoneinfo/posix/Asia/Magadan
-usr/share/zoneinfo/posix/Asia/Makassar
-usr/share/zoneinfo/posix/Asia/Manila
-usr/share/zoneinfo/posix/Asia/Muscat
-usr/share/zoneinfo/posix/Asia/Nicosia
-usr/share/zoneinfo/posix/Asia/Novokuznetsk
-usr/share/zoneinfo/posix/Asia/Novosibirsk
-usr/share/zoneinfo/posix/Asia/Omsk
-usr/share/zoneinfo/posix/Asia/Oral
-usr/share/zoneinfo/posix/Asia/Phnom_Penh
-usr/share/zoneinfo/posix/Asia/Pontianak
-usr/share/zoneinfo/posix/Asia/Pyongyang
-usr/share/zoneinfo/posix/Asia/Qatar
-usr/share/zoneinfo/posix/Asia/Qyzylorda
-usr/share/zoneinfo/posix/Asia/Rangoon
-usr/share/zoneinfo/posix/Asia/Riyadh
-usr/share/zoneinfo/posix/Asia/Saigon
-usr/share/zoneinfo/posix/Asia/Sakhalin
-usr/share/zoneinfo/posix/Asia/Samarkand
-usr/share/zoneinfo/posix/Asia/Seoul
-usr/share/zoneinfo/posix/Asia/Shanghai
-usr/share/zoneinfo/posix/Asia/Singapore
-usr/share/zoneinfo/posix/Asia/Srednekolymsk
-usr/share/zoneinfo/posix/Asia/Taipei
-usr/share/zoneinfo/posix/Asia/Tashkent
-usr/share/zoneinfo/posix/Asia/Tbilisi
-usr/share/zoneinfo/posix/Asia/Tehran
-usr/share/zoneinfo/posix/Asia/Tel_Aviv
-usr/share/zoneinfo/posix/Asia/Thimbu
-usr/share/zoneinfo/posix/Asia/Thimphu
-usr/share/zoneinfo/posix/Asia/Tokyo
-usr/share/zoneinfo/posix/Asia/Tomsk
-usr/share/zoneinfo/posix/Asia/Ujung_Pandang
-usr/share/zoneinfo/posix/Asia/Ulaanbaatar
-usr/share/zoneinfo/posix/Asia/Ulan_Bator
-usr/share/zoneinfo/posix/Asia/Urumqi
-usr/share/zoneinfo/posix/Asia/Ust-Nera
-usr/share/zoneinfo/posix/Asia/Vientiane
-usr/share/zoneinfo/posix/Asia/Vladivostok
-usr/share/zoneinfo/posix/Asia/Yakutsk
-usr/share/zoneinfo/posix/Asia/Yangon
-usr/share/zoneinfo/posix/Asia/Yekaterinburg
-usr/share/zoneinfo/posix/Asia/Yerevan
-usr/share/zoneinfo/posix/Atlantic/
-usr/share/zoneinfo/posix/Atlantic/Azores
-usr/share/zoneinfo/posix/Atlantic/Bermuda
-usr/share/zoneinfo/posix/Atlantic/Canary
-usr/share/zoneinfo/posix/Atlantic/Cape_Verde
-usr/share/zoneinfo/posix/Atlantic/Faeroe
-usr/share/zoneinfo/posix/Atlantic/Faroe
-usr/share/zoneinfo/posix/Atlantic/Jan_Mayen
-usr/share/zoneinfo/posix/Atlantic/Madeira
-usr/share/zoneinfo/posix/Atlantic/Reykjavik
-usr/share/zoneinfo/posix/Atlantic/South_Georgia
-usr/share/zoneinfo/posix/Atlantic/St_Helena
-usr/share/zoneinfo/posix/Atlantic/Stanley
-usr/share/zoneinfo/posix/Australia/
-usr/share/zoneinfo/posix/Australia/ACT
-usr/share/zoneinfo/posix/Australia/Adelaide
-usr/share/zoneinfo/posix/Australia/Brisbane
-usr/share/zoneinfo/posix/Australia/Broken_Hill
-usr/share/zoneinfo/posix/Australia/Canberra
-usr/share/zoneinfo/posix/Australia/Currie
-usr/share/zoneinfo/posix/Australia/Darwin
-usr/share/zoneinfo/posix/Australia/Eucla
-usr/share/zoneinfo/posix/Australia/Hobart
-usr/share/zoneinfo/posix/Australia/LHI
-usr/share/zoneinfo/posix/Australia/Lindeman
-usr/share/zoneinfo/posix/Australia/Lord_Howe
-usr/share/zoneinfo/posix/Australia/Melbourne
-usr/share/zoneinfo/posix/Australia/NSW
-usr/share/zoneinfo/posix/Australia/North
-usr/share/zoneinfo/posix/Australia/Perth
-usr/share/zoneinfo/posix/Australia/Queensland
-usr/share/zoneinfo/posix/Australia/South
-usr/share/zoneinfo/posix/Australia/Sydney
-usr/share/zoneinfo/posix/Australia/Tasmania
-usr/share/zoneinfo/posix/Australia/Victoria
-usr/share/zoneinfo/posix/Australia/West
-usr/share/zoneinfo/posix/Australia/Yancowinna
-usr/share/zoneinfo/posix/Brazil/
-usr/share/zoneinfo/posix/Brazil/Acre
-usr/share/zoneinfo/posix/Brazil/DeNoronha
-usr/share/zoneinfo/posix/Brazil/East
-usr/share/zoneinfo/posix/Brazil/West
-usr/share/zoneinfo/posix/CET
-usr/share/zoneinfo/posix/CST6CDT
-usr/share/zoneinfo/posix/Canada/
-usr/share/zoneinfo/posix/Canada/Atlantic
-usr/share/zoneinfo/posix/Canada/Central
-usr/share/zoneinfo/posix/Canada/Eastern
-usr/share/zoneinfo/posix/Canada/Mountain
-usr/share/zoneinfo/posix/Canada/Newfoundland
-usr/share/zoneinfo/posix/Canada/Pacific
-usr/share/zoneinfo/posix/Canada/Saskatchewan
-usr/share/zoneinfo/posix/Canada/Yukon
-usr/share/zoneinfo/posix/Chile/
-usr/share/zoneinfo/posix/Chile/Continental
-usr/share/zoneinfo/posix/Chile/EasterIsland
-usr/share/zoneinfo/posix/Cuba
-usr/share/zoneinfo/posix/EET
-usr/share/zoneinfo/posix/EST
-usr/share/zoneinfo/posix/EST5EDT
-usr/share/zoneinfo/posix/Egypt
-usr/share/zoneinfo/posix/Eire
-usr/share/zoneinfo/posix/Etc/
-usr/share/zoneinfo/posix/Etc/GMT
-usr/share/zoneinfo/posix/Etc/GMT+0
-usr/share/zoneinfo/posix/Etc/GMT+1
-usr/share/zoneinfo/posix/Etc/GMT+10
-usr/share/zoneinfo/posix/Etc/GMT+11
-usr/share/zoneinfo/posix/Etc/GMT+12
-usr/share/zoneinfo/posix/Etc/GMT+2
-usr/share/zoneinfo/posix/Etc/GMT+3
-usr/share/zoneinfo/posix/Etc/GMT+4
-usr/share/zoneinfo/posix/Etc/GMT+5
-usr/share/zoneinfo/posix/Etc/GMT+6
-usr/share/zoneinfo/posix/Etc/GMT+7
-usr/share/zoneinfo/posix/Etc/GMT+8
-usr/share/zoneinfo/posix/Etc/GMT+9
-usr/share/zoneinfo/posix/Etc/GMT-0
-usr/share/zoneinfo/posix/Etc/GMT-1
-usr/share/zoneinfo/posix/Etc/GMT-10
-usr/share/zoneinfo/posix/Etc/GMT-11
-usr/share/zoneinfo/posix/Etc/GMT-12
-usr/share/zoneinfo/posix/Etc/GMT-13
-usr/share/zoneinfo/posix/Etc/GMT-14
-usr/share/zoneinfo/posix/Etc/GMT-2
-usr/share/zoneinfo/posix/Etc/GMT-3
-usr/share/zoneinfo/posix/Etc/GMT-4
-usr/share/zoneinfo/posix/Etc/GMT-5
-usr/share/zoneinfo/posix/Etc/GMT-6
-usr/share/zoneinfo/posix/Etc/GMT-7
-usr/share/zoneinfo/posix/Etc/GMT-8
-usr/share/zoneinfo/posix/Etc/GMT-9
-usr/share/zoneinfo/posix/Etc/GMT0
-usr/share/zoneinfo/posix/Etc/Greenwich
-usr/share/zoneinfo/posix/Etc/UCT
-usr/share/zoneinfo/posix/Etc/UTC
-usr/share/zoneinfo/posix/Etc/Universal
-usr/share/zoneinfo/posix/Etc/Zulu
-usr/share/zoneinfo/posix/Europe/
-usr/share/zoneinfo/posix/Europe/Amsterdam
-usr/share/zoneinfo/posix/Europe/Andorra
-usr/share/zoneinfo/posix/Europe/Astrakhan
-usr/share/zoneinfo/posix/Europe/Athens
-usr/share/zoneinfo/posix/Europe/Belfast
-usr/share/zoneinfo/posix/Europe/Belgrade
-usr/share/zoneinfo/posix/Europe/Berlin
-usr/share/zoneinfo/posix/Europe/Bratislava
-usr/share/zoneinfo/posix/Europe/Brussels
-usr/share/zoneinfo/posix/Europe/Bucharest
-usr/share/zoneinfo/posix/Europe/Budapest
-usr/share/zoneinfo/posix/Europe/Busingen
-usr/share/zoneinfo/posix/Europe/Chisinau
-usr/share/zoneinfo/posix/Europe/Copenhagen
-usr/share/zoneinfo/posix/Europe/Dublin
-usr/share/zoneinfo/posix/Europe/Gibraltar
-usr/share/zoneinfo/posix/Europe/Guernsey
-usr/share/zoneinfo/posix/Europe/Helsinki
-usr/share/zoneinfo/posix/Europe/Isle_of_Man
-usr/share/zoneinfo/posix/Europe/Istanbul
-usr/share/zoneinfo/posix/Europe/Jersey
-usr/share/zoneinfo/posix/Europe/Kaliningrad
-usr/share/zoneinfo/posix/Europe/Kiev
-usr/share/zoneinfo/posix/Europe/Kirov
-usr/share/zoneinfo/posix/Europe/Lisbon
-usr/share/zoneinfo/posix/Europe/Ljubljana
-usr/share/zoneinfo/posix/Europe/London
-usr/share/zoneinfo/posix/Europe/Luxembourg
-usr/share/zoneinfo/posix/Europe/Madrid
-usr/share/zoneinfo/posix/Europe/Malta
-usr/share/zoneinfo/posix/Europe/Mariehamn
-usr/share/zoneinfo/posix/Europe/Minsk
-usr/share/zoneinfo/posix/Europe/Monaco
-usr/share/zoneinfo/posix/Europe/Moscow
-usr/share/zoneinfo/posix/Europe/Nicosia
-usr/share/zoneinfo/posix/Europe/Oslo
-usr/share/zoneinfo/posix/Europe/Paris
-usr/share/zoneinfo/posix/Europe/Podgorica
-usr/share/zoneinfo/posix/Europe/Prague
-usr/share/zoneinfo/posix/Europe/Riga
-usr/share/zoneinfo/posix/Europe/Rome
-usr/share/zoneinfo/posix/Europe/Samara
-usr/share/zoneinfo/posix/Europe/San_Marino
-usr/share/zoneinfo/posix/Europe/Sarajevo
-usr/share/zoneinfo/posix/Europe/Saratov
-usr/share/zoneinfo/posix/Europe/Simferopol
-usr/share/zoneinfo/posix/Europe/Skopje
-usr/share/zoneinfo/posix/Europe/Sofia
-usr/share/zoneinfo/posix/Europe/Stockholm
-usr/share/zoneinfo/posix/Europe/Tallinn
-usr/share/zoneinfo/posix/Europe/Tirane
-usr/share/zoneinfo/posix/Europe/Tiraspol
-usr/share/zoneinfo/posix/Europe/Ulyanovsk
-usr/share/zoneinfo/posix/Europe/Uzhgorod
-usr/share/zoneinfo/posix/Europe/Vaduz
-usr/share/zoneinfo/posix/Europe/Vatican
-usr/share/zoneinfo/posix/Europe/Vienna
-usr/share/zoneinfo/posix/Europe/Vilnius
-usr/share/zoneinfo/posix/Europe/Volgograd
-usr/share/zoneinfo/posix/Europe/Warsaw
-usr/share/zoneinfo/posix/Europe/Zagreb
-usr/share/zoneinfo/posix/Europe/Zaporozhye
-usr/share/zoneinfo/posix/Europe/Zurich
-usr/share/zoneinfo/posix/Factory
-usr/share/zoneinfo/posix/GB
-usr/share/zoneinfo/posix/GB-Eire
-usr/share/zoneinfo/posix/GMT
-usr/share/zoneinfo/posix/GMT+0
-usr/share/zoneinfo/posix/GMT-0
-usr/share/zoneinfo/posix/GMT0
-usr/share/zoneinfo/posix/Greenwich
-usr/share/zoneinfo/posix/HST
-usr/share/zoneinfo/posix/Hongkong
-usr/share/zoneinfo/posix/Iceland
-usr/share/zoneinfo/posix/Indian/
-usr/share/zoneinfo/posix/Indian/Antananarivo
-usr/share/zoneinfo/posix/Indian/Chagos
-usr/share/zoneinfo/posix/Indian/Christmas
-usr/share/zoneinfo/posix/Indian/Cocos
-usr/share/zoneinfo/posix/Indian/Comoro
-usr/share/zoneinfo/posix/Indian/Kerguelen
-usr/share/zoneinfo/posix/Indian/Mahe
-usr/share/zoneinfo/posix/Indian/Maldives
-usr/share/zoneinfo/posix/Indian/Mauritius
-usr/share/zoneinfo/posix/Indian/Mayotte
-usr/share/zoneinfo/posix/Indian/Reunion
-usr/share/zoneinfo/posix/Iran
-usr/share/zoneinfo/posix/Israel
-usr/share/zoneinfo/posix/Jamaica
-usr/share/zoneinfo/posix/Japan
-usr/share/zoneinfo/posix/Kwajalein
-usr/share/zoneinfo/posix/Libya
-usr/share/zoneinfo/posix/MET
-usr/share/zoneinfo/posix/MST
-usr/share/zoneinfo/posix/MST7MDT
-usr/share/zoneinfo/posix/Mexico/
-usr/share/zoneinfo/posix/Mexico/BajaNorte
-usr/share/zoneinfo/posix/Mexico/BajaSur
-usr/share/zoneinfo/posix/Mexico/General
-usr/share/zoneinfo/posix/NZ
-usr/share/zoneinfo/posix/NZ-CHAT
-usr/share/zoneinfo/posix/Navajo
-usr/share/zoneinfo/posix/PRC
-usr/share/zoneinfo/posix/PST8PDT
-usr/share/zoneinfo/posix/Pacific/
-usr/share/zoneinfo/posix/Pacific/Apia
-usr/share/zoneinfo/posix/Pacific/Auckland
-usr/share/zoneinfo/posix/Pacific/Bougainville
-usr/share/zoneinfo/posix/Pacific/Chatham
-usr/share/zoneinfo/posix/Pacific/Chuuk
-usr/share/zoneinfo/posix/Pacific/Easter
-usr/share/zoneinfo/posix/Pacific/Efate
-usr/share/zoneinfo/posix/Pacific/Enderbury
-usr/share/zoneinfo/posix/Pacific/Fakaofo
-usr/share/zoneinfo/posix/Pacific/Fiji
-usr/share/zoneinfo/posix/Pacific/Funafuti
-usr/share/zoneinfo/posix/Pacific/Galapagos
-usr/share/zoneinfo/posix/Pacific/Gambier
-usr/share/zoneinfo/posix/Pacific/Guadalcanal
-usr/share/zoneinfo/posix/Pacific/Guam
-usr/share/zoneinfo/posix/Pacific/Honolulu
-usr/share/zoneinfo/posix/Pacific/Johnston
-usr/share/zoneinfo/posix/Pacific/Kiritimati
-usr/share/zoneinfo/posix/Pacific/Kosrae
-usr/share/zoneinfo/posix/Pacific/Kwajalein
-usr/share/zoneinfo/posix/Pacific/Majuro
-usr/share/zoneinfo/posix/Pacific/Marquesas
-usr/share/zoneinfo/posix/Pacific/Midway
-usr/share/zoneinfo/posix/Pacific/Nauru
-usr/share/zoneinfo/posix/Pacific/Niue
-usr/share/zoneinfo/posix/Pacific/Norfolk
-usr/share/zoneinfo/posix/Pacific/Noumea
-usr/share/zoneinfo/posix/Pacific/Pago_Pago
-usr/share/zoneinfo/posix/Pacific/Palau
-usr/share/zoneinfo/posix/Pacific/Pitcairn
-usr/share/zoneinfo/posix/Pacific/Pohnpei
-usr/share/zoneinfo/posix/Pacific/Ponape
-usr/share/zoneinfo/posix/Pacific/Port_Moresby
-usr/share/zoneinfo/posix/Pacific/Rarotonga
-usr/share/zoneinfo/posix/Pacific/Saipan
-usr/share/zoneinfo/posix/Pacific/Samoa
-usr/share/zoneinfo/posix/Pacific/Tahiti
-usr/share/zoneinfo/posix/Pacific/Tarawa
-usr/share/zoneinfo/posix/Pacific/Tongatapu
-usr/share/zoneinfo/posix/Pacific/Truk
-usr/share/zoneinfo/posix/Pacific/Wake
-usr/share/zoneinfo/posix/Pacific/Wallis
-usr/share/zoneinfo/posix/Pacific/Yap
-usr/share/zoneinfo/posix/Poland
-usr/share/zoneinfo/posix/Portugal
-usr/share/zoneinfo/posix/ROC
-usr/share/zoneinfo/posix/ROK
-usr/share/zoneinfo/posix/Singapore
-usr/share/zoneinfo/posix/Turkey
-usr/share/zoneinfo/posix/UCT
-usr/share/zoneinfo/posix/US/
-usr/share/zoneinfo/posix/US/Alaska
-usr/share/zoneinfo/posix/US/Aleutian
-usr/share/zoneinfo/posix/US/Arizona
-usr/share/zoneinfo/posix/US/Central
-usr/share/zoneinfo/posix/US/East-Indiana
-usr/share/zoneinfo/posix/US/Eastern
-usr/share/zoneinfo/posix/US/Hawaii
-usr/share/zoneinfo/posix/US/Indiana-Starke
-usr/share/zoneinfo/posix/US/Michigan
-usr/share/zoneinfo/posix/US/Mountain
-usr/share/zoneinfo/posix/US/Pacific
-usr/share/zoneinfo/posix/US/Pacific-New
-usr/share/zoneinfo/posix/US/Samoa
-usr/share/zoneinfo/posix/UTC
-usr/share/zoneinfo/posix/Universal
-usr/share/zoneinfo/posix/W-SU
-usr/share/zoneinfo/posix/WET
-usr/share/zoneinfo/posix/Zulu
-usr/share/zoneinfo/posixrules
-usr/share/zoneinfo/right/
-usr/share/zoneinfo/right/Africa/
-usr/share/zoneinfo/right/Africa/Abidjan
-usr/share/zoneinfo/right/Africa/Accra
-usr/share/zoneinfo/right/Africa/Addis_Ababa
-usr/share/zoneinfo/right/Africa/Algiers
-usr/share/zoneinfo/right/Africa/Asmara
-usr/share/zoneinfo/right/Africa/Asmera
-usr/share/zoneinfo/right/Africa/Bamako
-usr/share/zoneinfo/right/Africa/Bangui
-usr/share/zoneinfo/right/Africa/Banjul
-usr/share/zoneinfo/right/Africa/Bissau
-usr/share/zoneinfo/right/Africa/Blantyre
-usr/share/zoneinfo/right/Africa/Brazzaville
-usr/share/zoneinfo/right/Africa/Bujumbura
-usr/share/zoneinfo/right/Africa/Cairo
-usr/share/zoneinfo/right/Africa/Casablanca
-usr/share/zoneinfo/right/Africa/Ceuta
-usr/share/zoneinfo/right/Africa/Conakry
-usr/share/zoneinfo/right/Africa/Dakar
-usr/share/zoneinfo/right/Africa/Dar_es_Salaam
-usr/share/zoneinfo/right/Africa/Djibouti
-usr/share/zoneinfo/right/Africa/Douala
-usr/share/zoneinfo/right/Africa/El_Aaiun
-usr/share/zoneinfo/right/Africa/Freetown
-usr/share/zoneinfo/right/Africa/Gaborone
-usr/share/zoneinfo/right/Africa/Harare
-usr/share/zoneinfo/right/Africa/Johannesburg
-usr/share/zoneinfo/right/Africa/Juba
-usr/share/zoneinfo/right/Africa/Kampala
-usr/share/zoneinfo/right/Africa/Khartoum
-usr/share/zoneinfo/right/Africa/Kigali
-usr/share/zoneinfo/right/Africa/Kinshasa
-usr/share/zoneinfo/right/Africa/Lagos
-usr/share/zoneinfo/right/Africa/Libreville
-usr/share/zoneinfo/right/Africa/Lome
-usr/share/zoneinfo/right/Africa/Luanda
-usr/share/zoneinfo/right/Africa/Lubumbashi
-usr/share/zoneinfo/right/Africa/Lusaka
-usr/share/zoneinfo/right/Africa/Malabo
-usr/share/zoneinfo/right/Africa/Maputo
-usr/share/zoneinfo/right/Africa/Maseru
-usr/share/zoneinfo/right/Africa/Mbabane
-usr/share/zoneinfo/right/Africa/Mogadishu
-usr/share/zoneinfo/right/Africa/Monrovia
-usr/share/zoneinfo/right/Africa/Nairobi
-usr/share/zoneinfo/right/Africa/Ndjamena
-usr/share/zoneinfo/right/Africa/Niamey
-usr/share/zoneinfo/right/Africa/Nouakchott
-usr/share/zoneinfo/right/Africa/Ouagadougou
-usr/share/zoneinfo/right/Africa/Porto-Novo
-usr/share/zoneinfo/right/Africa/Sao_Tome
-usr/share/zoneinfo/right/Africa/Timbuktu
-usr/share/zoneinfo/right/Africa/Tripoli
-usr/share/zoneinfo/right/Africa/Tunis
-usr/share/zoneinfo/right/Africa/Windhoek
-usr/share/zoneinfo/right/America/
-usr/share/zoneinfo/right/America/Adak
-usr/share/zoneinfo/right/America/Anchorage
-usr/share/zoneinfo/right/America/Anguilla
-usr/share/zoneinfo/right/America/Antigua
-usr/share/zoneinfo/right/America/Araguaina
-usr/share/zoneinfo/right/America/Argentina/
-usr/share/zoneinfo/right/America/Argentina/Buenos_Aires
-usr/share/zoneinfo/right/America/Argentina/Catamarca
-usr/share/zoneinfo/right/America/Argentina/ComodRivadavia
-usr/share/zoneinfo/right/America/Argentina/Cordoba
-usr/share/zoneinfo/right/America/Argentina/Jujuy
-usr/share/zoneinfo/right/America/Argentina/La_Rioja
-usr/share/zoneinfo/right/America/Argentina/Mendoza
-usr/share/zoneinfo/right/America/Argentina/Rio_Gallegos
-usr/share/zoneinfo/right/America/Argentina/Salta
-usr/share/zoneinfo/right/America/Argentina/San_Juan
-usr/share/zoneinfo/right/America/Argentina/San_Luis
-usr/share/zoneinfo/right/America/Argentina/Tucuman
-usr/share/zoneinfo/right/America/Argentina/Ushuaia
-usr/share/zoneinfo/right/America/Aruba
-usr/share/zoneinfo/right/America/Asuncion
-usr/share/zoneinfo/right/America/Atikokan
-usr/share/zoneinfo/right/America/Atka
-usr/share/zoneinfo/right/America/Bahia
-usr/share/zoneinfo/right/America/Bahia_Banderas
-usr/share/zoneinfo/right/America/Barbados
-usr/share/zoneinfo/right/America/Belem
-usr/share/zoneinfo/right/America/Belize
-usr/share/zoneinfo/right/America/Blanc-Sablon
-usr/share/zoneinfo/right/America/Boa_Vista
-usr/share/zoneinfo/right/America/Bogota
-usr/share/zoneinfo/right/America/Boise
-usr/share/zoneinfo/right/America/Buenos_Aires
-usr/share/zoneinfo/right/America/Cambridge_Bay
-usr/share/zoneinfo/right/America/Campo_Grande
-usr/share/zoneinfo/right/America/Cancun
-usr/share/zoneinfo/right/America/Caracas
-usr/share/zoneinfo/right/America/Catamarca
-usr/share/zoneinfo/right/America/Cayenne
-usr/share/zoneinfo/right/America/Cayman
-usr/share/zoneinfo/right/America/Chicago
-usr/share/zoneinfo/right/America/Chihuahua
-usr/share/zoneinfo/right/America/Coral_Harbour
-usr/share/zoneinfo/right/America/Cordoba
-usr/share/zoneinfo/right/America/Costa_Rica
-usr/share/zoneinfo/right/America/Creston
-usr/share/zoneinfo/right/America/Cuiaba
-usr/share/zoneinfo/right/America/Curacao
-usr/share/zoneinfo/right/America/Danmarkshavn
-usr/share/zoneinfo/right/America/Dawson
-usr/share/zoneinfo/right/America/Dawson_Creek
-usr/share/zoneinfo/right/America/Denver
-usr/share/zoneinfo/right/America/Detroit
-usr/share/zoneinfo/right/America/Dominica
-usr/share/zoneinfo/right/America/Edmonton
-usr/share/zoneinfo/right/America/Eirunepe
-usr/share/zoneinfo/right/America/El_Salvador
-usr/share/zoneinfo/right/America/Ensenada
-usr/share/zoneinfo/right/America/Fort_Nelson
-usr/share/zoneinfo/right/America/Fort_Wayne
-usr/share/zoneinfo/right/America/Fortaleza
-usr/share/zoneinfo/right/America/Glace_Bay
-usr/share/zoneinfo/right/America/Godthab
-usr/share/zoneinfo/right/America/Goose_Bay
-usr/share/zoneinfo/right/America/Grand_Turk
-usr/share/zoneinfo/right/America/Grenada
-usr/share/zoneinfo/right/America/Guadeloupe
-usr/share/zoneinfo/right/America/Guatemala
-usr/share/zoneinfo/right/America/Guayaquil
-usr/share/zoneinfo/right/America/Guyana
-usr/share/zoneinfo/right/America/Halifax
-usr/share/zoneinfo/right/America/Havana
-usr/share/zoneinfo/right/America/Hermosillo
-usr/share/zoneinfo/right/America/Indiana/
-usr/share/zoneinfo/right/America/Indiana/Indianapolis
-usr/share/zoneinfo/right/America/Indiana/Knox
-usr/share/zoneinfo/right/America/Indiana/Marengo
-usr/share/zoneinfo/right/America/Indiana/Petersburg
-usr/share/zoneinfo/right/America/Indiana/Tell_City
-usr/share/zoneinfo/right/America/Indiana/Vevay
-usr/share/zoneinfo/right/America/Indiana/Vincennes
-usr/share/zoneinfo/right/America/Indiana/Winamac
-usr/share/zoneinfo/right/America/Indianapolis
-usr/share/zoneinfo/right/America/Inuvik
-usr/share/zoneinfo/right/America/Iqaluit
-usr/share/zoneinfo/right/America/Jamaica
-usr/share/zoneinfo/right/America/Jujuy
-usr/share/zoneinfo/right/America/Juneau
-usr/share/zoneinfo/right/America/Kentucky/
-usr/share/zoneinfo/right/America/Kentucky/Louisville
-usr/share/zoneinfo/right/America/Kentucky/Monticello
-usr/share/zoneinfo/right/America/Knox_IN
-usr/share/zoneinfo/right/America/Kralendijk
-usr/share/zoneinfo/right/America/La_Paz
-usr/share/zoneinfo/right/America/Lima
-usr/share/zoneinfo/right/America/Los_Angeles
-usr/share/zoneinfo/right/America/Louisville
-usr/share/zoneinfo/right/America/Lower_Princes
-usr/share/zoneinfo/right/America/Maceio
-usr/share/zoneinfo/right/America/Managua
-usr/share/zoneinfo/right/America/Manaus
-usr/share/zoneinfo/right/America/Marigot
-usr/share/zoneinfo/right/America/Martinique
-usr/share/zoneinfo/right/America/Matamoros
-usr/share/zoneinfo/right/America/Mazatlan
-usr/share/zoneinfo/right/America/Mendoza
-usr/share/zoneinfo/right/America/Menominee
-usr/share/zoneinfo/right/America/Merida
-usr/share/zoneinfo/right/America/Metlakatla
-usr/share/zoneinfo/right/America/Mexico_City
-usr/share/zoneinfo/right/America/Miquelon
-usr/share/zoneinfo/right/America/Moncton
-usr/share/zoneinfo/right/America/Monterrey
-usr/share/zoneinfo/right/America/Montevideo
-usr/share/zoneinfo/right/America/Montreal
-usr/share/zoneinfo/right/America/Montserrat
-usr/share/zoneinfo/right/America/Nassau
-usr/share/zoneinfo/right/America/New_York
-usr/share/zoneinfo/right/America/Nipigon
-usr/share/zoneinfo/right/America/Nome
-usr/share/zoneinfo/right/America/Noronha
-usr/share/zoneinfo/right/America/North_Dakota/
-usr/share/zoneinfo/right/America/North_Dakota/Beulah
-usr/share/zoneinfo/right/America/North_Dakota/Center
-usr/share/zoneinfo/right/America/North_Dakota/New_Salem
-usr/share/zoneinfo/right/America/Ojinaga
-usr/share/zoneinfo/right/America/Panama
-usr/share/zoneinfo/right/America/Pangnirtung
-usr/share/zoneinfo/right/America/Paramaribo
-usr/share/zoneinfo/right/America/Phoenix
-usr/share/zoneinfo/right/America/Port-au-Prince
-usr/share/zoneinfo/right/America/Port_of_Spain
-usr/share/zoneinfo/right/America/Porto_Acre
-usr/share/zoneinfo/right/America/Porto_Velho
-usr/share/zoneinfo/right/America/Puerto_Rico
-usr/share/zoneinfo/right/America/Punta_Arenas
-usr/share/zoneinfo/right/America/Rainy_River
-usr/share/zoneinfo/right/America/Rankin_Inlet
-usr/share/zoneinfo/right/America/Recife
-usr/share/zoneinfo/right/America/Regina
-usr/share/zoneinfo/right/America/Resolute
-usr/share/zoneinfo/right/America/Rio_Branco
-usr/share/zoneinfo/right/America/Rosario
-usr/share/zoneinfo/right/America/Santa_Isabel
-usr/share/zoneinfo/right/America/Santarem
-usr/share/zoneinfo/right/America/Santiago
-usr/share/zoneinfo/right/America/Santo_Domingo
-usr/share/zoneinfo/right/America/Sao_Paulo
-usr/share/zoneinfo/right/America/Scoresbysund
-usr/share/zoneinfo/right/America/Shiprock
-usr/share/zoneinfo/right/America/Sitka
-usr/share/zoneinfo/right/America/St_Barthelemy
-usr/share/zoneinfo/right/America/St_Johns
-usr/share/zoneinfo/right/America/St_Kitts
-usr/share/zoneinfo/right/America/St_Lucia
-usr/share/zoneinfo/right/America/St_Thomas
-usr/share/zoneinfo/right/America/St_Vincent
-usr/share/zoneinfo/right/America/Swift_Current
-usr/share/zoneinfo/right/America/Tegucigalpa
-usr/share/zoneinfo/right/America/Thule
-usr/share/zoneinfo/right/America/Thunder_Bay
-usr/share/zoneinfo/right/America/Tijuana
-usr/share/zoneinfo/right/America/Toronto
-usr/share/zoneinfo/right/America/Tortola
-usr/share/zoneinfo/right/America/Vancouver
-usr/share/zoneinfo/right/America/Virgin
-usr/share/zoneinfo/right/America/Whitehorse
-usr/share/zoneinfo/right/America/Winnipeg
-usr/share/zoneinfo/right/America/Yakutat
-usr/share/zoneinfo/right/America/Yellowknife
-usr/share/zoneinfo/right/Antarctica/
-usr/share/zoneinfo/right/Antarctica/Casey
-usr/share/zoneinfo/right/Antarctica/Davis
-usr/share/zoneinfo/right/Antarctica/DumontDUrville
-usr/share/zoneinfo/right/Antarctica/Macquarie
-usr/share/zoneinfo/right/Antarctica/Mawson
-usr/share/zoneinfo/right/Antarctica/McMurdo
-usr/share/zoneinfo/right/Antarctica/Palmer
-usr/share/zoneinfo/right/Antarctica/Rothera
-usr/share/zoneinfo/right/Antarctica/South_Pole
-usr/share/zoneinfo/right/Antarctica/Syowa
-usr/share/zoneinfo/right/Antarctica/Troll
-usr/share/zoneinfo/right/Antarctica/Vostok
-usr/share/zoneinfo/right/Arctic/
-usr/share/zoneinfo/right/Arctic/Longyearbyen
-usr/share/zoneinfo/right/Asia/
-usr/share/zoneinfo/right/Asia/Aden
-usr/share/zoneinfo/right/Asia/Almaty
-usr/share/zoneinfo/right/Asia/Amman
-usr/share/zoneinfo/right/Asia/Anadyr
-usr/share/zoneinfo/right/Asia/Aqtau
-usr/share/zoneinfo/right/Asia/Aqtobe
-usr/share/zoneinfo/right/Asia/Ashgabat
-usr/share/zoneinfo/right/Asia/Ashkhabad
-usr/share/zoneinfo/right/Asia/Atyrau
-usr/share/zoneinfo/right/Asia/Baghdad
-usr/share/zoneinfo/right/Asia/Bahrain
-usr/share/zoneinfo/right/Asia/Baku
-usr/share/zoneinfo/right/Asia/Bangkok
-usr/share/zoneinfo/right/Asia/Barnaul
-usr/share/zoneinfo/right/Asia/Beirut
-usr/share/zoneinfo/right/Asia/Bishkek
-usr/share/zoneinfo/right/Asia/Brunei
-usr/share/zoneinfo/right/Asia/Calcutta
-usr/share/zoneinfo/right/Asia/Chita
-usr/share/zoneinfo/right/Asia/Choibalsan
-usr/share/zoneinfo/right/Asia/Chongqing
-usr/share/zoneinfo/right/Asia/Chungking
-usr/share/zoneinfo/right/Asia/Colombo
-usr/share/zoneinfo/right/Asia/Dacca
-usr/share/zoneinfo/right/Asia/Damascus
-usr/share/zoneinfo/right/Asia/Dhaka
-usr/share/zoneinfo/right/Asia/Dili
-usr/share/zoneinfo/right/Asia/Dubai
-usr/share/zoneinfo/right/Asia/Dushanbe
-usr/share/zoneinfo/right/Asia/Famagusta
-usr/share/zoneinfo/right/Asia/Gaza
-usr/share/zoneinfo/right/Asia/Harbin
-usr/share/zoneinfo/right/Asia/Hebron
-usr/share/zoneinfo/right/Asia/Ho_Chi_Minh
-usr/share/zoneinfo/right/Asia/Hong_Kong
-usr/share/zoneinfo/right/Asia/Hovd
-usr/share/zoneinfo/right/Asia/Irkutsk
-usr/share/zoneinfo/right/Asia/Istanbul
-usr/share/zoneinfo/right/Asia/Jakarta
-usr/share/zoneinfo/right/Asia/Jayapura
-usr/share/zoneinfo/right/Asia/Jerusalem
-usr/share/zoneinfo/right/Asia/Kabul
-usr/share/zoneinfo/right/Asia/Kamchatka
-usr/share/zoneinfo/right/Asia/Karachi
-usr/share/zoneinfo/right/Asia/Kashgar
-usr/share/zoneinfo/right/Asia/Kathmandu
-usr/share/zoneinfo/right/Asia/Katmandu
-usr/share/zoneinfo/right/Asia/Khandyga
-usr/share/zoneinfo/right/Asia/Kolkata
-usr/share/zoneinfo/right/Asia/Krasnoyarsk
-usr/share/zoneinfo/right/Asia/Kuala_Lumpur
-usr/share/zoneinfo/right/Asia/Kuching
-usr/share/zoneinfo/right/Asia/Kuwait
-usr/share/zoneinfo/right/Asia/Macao
-usr/share/zoneinfo/right/Asia/Macau
-usr/share/zoneinfo/right/Asia/Magadan
-usr/share/zoneinfo/right/Asia/Makassar
-usr/share/zoneinfo/right/Asia/Manila
-usr/share/zoneinfo/right/Asia/Muscat
-usr/share/zoneinfo/right/Asia/Nicosia
-usr/share/zoneinfo/right/Asia/Novokuznetsk
-usr/share/zoneinfo/right/Asia/Novosibirsk
-usr/share/zoneinfo/right/Asia/Omsk
-usr/share/zoneinfo/right/Asia/Oral
-usr/share/zoneinfo/right/Asia/Phnom_Penh
-usr/share/zoneinfo/right/Asia/Pontianak
-usr/share/zoneinfo/right/Asia/Pyongyang
-usr/share/zoneinfo/right/Asia/Qatar
-usr/share/zoneinfo/right/Asia/Qyzylorda
-usr/share/zoneinfo/right/Asia/Rangoon
-usr/share/zoneinfo/right/Asia/Riyadh
-usr/share/zoneinfo/right/Asia/Saigon
-usr/share/zoneinfo/right/Asia/Sakhalin
-usr/share/zoneinfo/right/Asia/Samarkand
-usr/share/zoneinfo/right/Asia/Seoul
-usr/share/zoneinfo/right/Asia/Shanghai
-usr/share/zoneinfo/right/Asia/Singapore
-usr/share/zoneinfo/right/Asia/Srednekolymsk
-usr/share/zoneinfo/right/Asia/Taipei
-usr/share/zoneinfo/right/Asia/Tashkent
-usr/share/zoneinfo/right/Asia/Tbilisi
-usr/share/zoneinfo/right/Asia/Tehran
-usr/share/zoneinfo/right/Asia/Tel_Aviv
-usr/share/zoneinfo/right/Asia/Thimbu
-usr/share/zoneinfo/right/Asia/Thimphu
-usr/share/zoneinfo/right/Asia/Tokyo
-usr/share/zoneinfo/right/Asia/Tomsk
-usr/share/zoneinfo/right/Asia/Ujung_Pandang
-usr/share/zoneinfo/right/Asia/Ulaanbaatar
-usr/share/zoneinfo/right/Asia/Ulan_Bator
-usr/share/zoneinfo/right/Asia/Urumqi
-usr/share/zoneinfo/right/Asia/Ust-Nera
-usr/share/zoneinfo/right/Asia/Vientiane
-usr/share/zoneinfo/right/Asia/Vladivostok
-usr/share/zoneinfo/right/Asia/Yakutsk
-usr/share/zoneinfo/right/Asia/Yangon
-usr/share/zoneinfo/right/Asia/Yekaterinburg
-usr/share/zoneinfo/right/Asia/Yerevan
-usr/share/zoneinfo/right/Atlantic/
-usr/share/zoneinfo/right/Atlantic/Azores
-usr/share/zoneinfo/right/Atlantic/Bermuda
-usr/share/zoneinfo/right/Atlantic/Canary
-usr/share/zoneinfo/right/Atlantic/Cape_Verde
-usr/share/zoneinfo/right/Atlantic/Faeroe
-usr/share/zoneinfo/right/Atlantic/Faroe
-usr/share/zoneinfo/right/Atlantic/Jan_Mayen
-usr/share/zoneinfo/right/Atlantic/Madeira
-usr/share/zoneinfo/right/Atlantic/Reykjavik
-usr/share/zoneinfo/right/Atlantic/South_Georgia
-usr/share/zoneinfo/right/Atlantic/St_Helena
-usr/share/zoneinfo/right/Atlantic/Stanley
-usr/share/zoneinfo/right/Australia/
-usr/share/zoneinfo/right/Australia/ACT
-usr/share/zoneinfo/right/Australia/Adelaide
-usr/share/zoneinfo/right/Australia/Brisbane
-usr/share/zoneinfo/right/Australia/Broken_Hill
-usr/share/zoneinfo/right/Australia/Canberra
-usr/share/zoneinfo/right/Australia/Currie
-usr/share/zoneinfo/right/Australia/Darwin
-usr/share/zoneinfo/right/Australia/Eucla
-usr/share/zoneinfo/right/Australia/Hobart
-usr/share/zoneinfo/right/Australia/LHI
-usr/share/zoneinfo/right/Australia/Lindeman
-usr/share/zoneinfo/right/Australia/Lord_Howe
-usr/share/zoneinfo/right/Australia/Melbourne
-usr/share/zoneinfo/right/Australia/NSW
-usr/share/zoneinfo/right/Australia/North
-usr/share/zoneinfo/right/Australia/Perth
-usr/share/zoneinfo/right/Australia/Queensland
-usr/share/zoneinfo/right/Australia/South
-usr/share/zoneinfo/right/Australia/Sydney
-usr/share/zoneinfo/right/Australia/Tasmania
-usr/share/zoneinfo/right/Australia/Victoria
-usr/share/zoneinfo/right/Australia/West
-usr/share/zoneinfo/right/Australia/Yancowinna
-usr/share/zoneinfo/right/Brazil/
-usr/share/zoneinfo/right/Brazil/Acre
-usr/share/zoneinfo/right/Brazil/DeNoronha
-usr/share/zoneinfo/right/Brazil/East
-usr/share/zoneinfo/right/Brazil/West
-usr/share/zoneinfo/right/CET
-usr/share/zoneinfo/right/CST6CDT
-usr/share/zoneinfo/right/Canada/
-usr/share/zoneinfo/right/Canada/Atlantic
-usr/share/zoneinfo/right/Canada/Central
-usr/share/zoneinfo/right/Canada/Eastern
-usr/share/zoneinfo/right/Canada/Mountain
-usr/share/zoneinfo/right/Canada/Newfoundland
-usr/share/zoneinfo/right/Canada/Pacific
-usr/share/zoneinfo/right/Canada/Saskatchewan
-usr/share/zoneinfo/right/Canada/Yukon
-usr/share/zoneinfo/right/Chile/
-usr/share/zoneinfo/right/Chile/Continental
-usr/share/zoneinfo/right/Chile/EasterIsland
-usr/share/zoneinfo/right/Cuba
-usr/share/zoneinfo/right/EET
-usr/share/zoneinfo/right/EST
-usr/share/zoneinfo/right/EST5EDT
-usr/share/zoneinfo/right/Egypt
-usr/share/zoneinfo/right/Eire
-usr/share/zoneinfo/right/Etc/
-usr/share/zoneinfo/right/Etc/GMT
-usr/share/zoneinfo/right/Etc/GMT+0
-usr/share/zoneinfo/right/Etc/GMT+1
-usr/share/zoneinfo/right/Etc/GMT+10
-usr/share/zoneinfo/right/Etc/GMT+11
-usr/share/zoneinfo/right/Etc/GMT+12
-usr/share/zoneinfo/right/Etc/GMT+2
-usr/share/zoneinfo/right/Etc/GMT+3
-usr/share/zoneinfo/right/Etc/GMT+4
-usr/share/zoneinfo/right/Etc/GMT+5
-usr/share/zoneinfo/right/Etc/GMT+6
-usr/share/zoneinfo/right/Etc/GMT+7
-usr/share/zoneinfo/right/Etc/GMT+8
-usr/share/zoneinfo/right/Etc/GMT+9
-usr/share/zoneinfo/right/Etc/GMT-0
-usr/share/zoneinfo/right/Etc/GMT-1
-usr/share/zoneinfo/right/Etc/GMT-10
-usr/share/zoneinfo/right/Etc/GMT-11
-usr/share/zoneinfo/right/Etc/GMT-12
-usr/share/zoneinfo/right/Etc/GMT-13
-usr/share/zoneinfo/right/Etc/GMT-14
-usr/share/zoneinfo/right/Etc/GMT-2
-usr/share/zoneinfo/right/Etc/GMT-3
-usr/share/zoneinfo/right/Etc/GMT-4
-usr/share/zoneinfo/right/Etc/GMT-5
-usr/share/zoneinfo/right/Etc/GMT-6
-usr/share/zoneinfo/right/Etc/GMT-7
-usr/share/zoneinfo/right/Etc/GMT-8
-usr/share/zoneinfo/right/Etc/GMT-9
-usr/share/zoneinfo/right/Etc/GMT0
-usr/share/zoneinfo/right/Etc/Greenwich
-usr/share/zoneinfo/right/Etc/UCT
-usr/share/zoneinfo/right/Etc/UTC
-usr/share/zoneinfo/right/Etc/Universal
-usr/share/zoneinfo/right/Etc/Zulu
-usr/share/zoneinfo/right/Europe/
-usr/share/zoneinfo/right/Europe/Amsterdam
-usr/share/zoneinfo/right/Europe/Andorra
-usr/share/zoneinfo/right/Europe/Astrakhan
-usr/share/zoneinfo/right/Europe/Athens
-usr/share/zoneinfo/right/Europe/Belfast
-usr/share/zoneinfo/right/Europe/Belgrade
-usr/share/zoneinfo/right/Europe/Berlin
-usr/share/zoneinfo/right/Europe/Bratislava
-usr/share/zoneinfo/right/Europe/Brussels
-usr/share/zoneinfo/right/Europe/Bucharest
-usr/share/zoneinfo/right/Europe/Budapest
-usr/share/zoneinfo/right/Europe/Busingen
-usr/share/zoneinfo/right/Europe/Chisinau
-usr/share/zoneinfo/right/Europe/Copenhagen
-usr/share/zoneinfo/right/Europe/Dublin
-usr/share/zoneinfo/right/Europe/Gibraltar
-usr/share/zoneinfo/right/Europe/Guernsey
-usr/share/zoneinfo/right/Europe/Helsinki
-usr/share/zoneinfo/right/Europe/Isle_of_Man
-usr/share/zoneinfo/right/Europe/Istanbul
-usr/share/zoneinfo/right/Europe/Jersey
-usr/share/zoneinfo/right/Europe/Kaliningrad
-usr/share/zoneinfo/right/Europe/Kiev
-usr/share/zoneinfo/right/Europe/Kirov
-usr/share/zoneinfo/right/Europe/Lisbon
-usr/share/zoneinfo/right/Europe/Ljubljana
-usr/share/zoneinfo/right/Europe/London
-usr/share/zoneinfo/right/Europe/Luxembourg
-usr/share/zoneinfo/right/Europe/Madrid
-usr/share/zoneinfo/right/Europe/Malta
-usr/share/zoneinfo/right/Europe/Mariehamn
-usr/share/zoneinfo/right/Europe/Minsk
-usr/share/zoneinfo/right/Europe/Monaco
-usr/share/zoneinfo/right/Europe/Moscow
-usr/share/zoneinfo/right/Europe/Nicosia
-usr/share/zoneinfo/right/Europe/Oslo
-usr/share/zoneinfo/right/Europe/Paris
-usr/share/zoneinfo/right/Europe/Podgorica
-usr/share/zoneinfo/right/Europe/Prague
-usr/share/zoneinfo/right/Europe/Riga
-usr/share/zoneinfo/right/Europe/Rome
-usr/share/zoneinfo/right/Europe/Samara
-usr/share/zoneinfo/right/Europe/San_Marino
-usr/share/zoneinfo/right/Europe/Sarajevo
-usr/share/zoneinfo/right/Europe/Saratov
-usr/share/zoneinfo/right/Europe/Simferopol
-usr/share/zoneinfo/right/Europe/Skopje
-usr/share/zoneinfo/right/Europe/Sofia
-usr/share/zoneinfo/right/Europe/Stockholm
-usr/share/zoneinfo/right/Europe/Tallinn
-usr/share/zoneinfo/right/Europe/Tirane
-usr/share/zoneinfo/right/Europe/Tiraspol
-usr/share/zoneinfo/right/Europe/Ulyanovsk
-usr/share/zoneinfo/right/Europe/Uzhgorod
-usr/share/zoneinfo/right/Europe/Vaduz
-usr/share/zoneinfo/right/Europe/Vatican
-usr/share/zoneinfo/right/Europe/Vienna
-usr/share/zoneinfo/right/Europe/Vilnius
-usr/share/zoneinfo/right/Europe/Volgograd
-usr/share/zoneinfo/right/Europe/Warsaw
-usr/share/zoneinfo/right/Europe/Zagreb
-usr/share/zoneinfo/right/Europe/Zaporozhye
-usr/share/zoneinfo/right/Europe/Zurich
-usr/share/zoneinfo/right/Factory
-usr/share/zoneinfo/right/GB
-usr/share/zoneinfo/right/GB-Eire
-usr/share/zoneinfo/right/GMT
-usr/share/zoneinfo/right/GMT+0
-usr/share/zoneinfo/right/GMT-0
-usr/share/zoneinfo/right/GMT0
-usr/share/zoneinfo/right/Greenwich
-usr/share/zoneinfo/right/HST
-usr/share/zoneinfo/right/Hongkong
-usr/share/zoneinfo/right/Iceland
-usr/share/zoneinfo/right/Indian/
-usr/share/zoneinfo/right/Indian/Antananarivo
-usr/share/zoneinfo/right/Indian/Chagos
-usr/share/zoneinfo/right/Indian/Christmas
-usr/share/zoneinfo/right/Indian/Cocos
-usr/share/zoneinfo/right/Indian/Comoro
-usr/share/zoneinfo/right/Indian/Kerguelen
-usr/share/zoneinfo/right/Indian/Mahe
-usr/share/zoneinfo/right/Indian/Maldives
-usr/share/zoneinfo/right/Indian/Mauritius
-usr/share/zoneinfo/right/Indian/Mayotte
-usr/share/zoneinfo/right/Indian/Reunion
-usr/share/zoneinfo/right/Iran
-usr/share/zoneinfo/right/Israel
-usr/share/zoneinfo/right/Jamaica
-usr/share/zoneinfo/right/Japan
-usr/share/zoneinfo/right/Kwajalein
-usr/share/zoneinfo/right/Libya
-usr/share/zoneinfo/right/MET
-usr/share/zoneinfo/right/MST
-usr/share/zoneinfo/right/MST7MDT
-usr/share/zoneinfo/right/Mexico/
-usr/share/zoneinfo/right/Mexico/BajaNorte
-usr/share/zoneinfo/right/Mexico/BajaSur
-usr/share/zoneinfo/right/Mexico/General
-usr/share/zoneinfo/right/NZ
-usr/share/zoneinfo/right/NZ-CHAT
-usr/share/zoneinfo/right/Navajo
-usr/share/zoneinfo/right/PRC
-usr/share/zoneinfo/right/PST8PDT
-usr/share/zoneinfo/right/Pacific/
-usr/share/zoneinfo/right/Pacific/Apia
-usr/share/zoneinfo/right/Pacific/Auckland
-usr/share/zoneinfo/right/Pacific/Bougainville
-usr/share/zoneinfo/right/Pacific/Chatham
-usr/share/zoneinfo/right/Pacific/Chuuk
-usr/share/zoneinfo/right/Pacific/Easter
-usr/share/zoneinfo/right/Pacific/Efate
-usr/share/zoneinfo/right/Pacific/Enderbury
-usr/share/zoneinfo/right/Pacific/Fakaofo
-usr/share/zoneinfo/right/Pacific/Fiji
-usr/share/zoneinfo/right/Pacific/Funafuti
-usr/share/zoneinfo/right/Pacific/Galapagos
-usr/share/zoneinfo/right/Pacific/Gambier
-usr/share/zoneinfo/right/Pacific/Guadalcanal
-usr/share/zoneinfo/right/Pacific/Guam
-usr/share/zoneinfo/right/Pacific/Honolulu
-usr/share/zoneinfo/right/Pacific/Johnston
-usr/share/zoneinfo/right/Pacific/Kiritimati
-usr/share/zoneinfo/right/Pacific/Kosrae
-usr/share/zoneinfo/right/Pacific/Kwajalein
-usr/share/zoneinfo/right/Pacific/Majuro
-usr/share/zoneinfo/right/Pacific/Marquesas
-usr/share/zoneinfo/right/Pacific/Midway
-usr/share/zoneinfo/right/Pacific/Nauru
-usr/share/zoneinfo/right/Pacific/Niue
-usr/share/zoneinfo/right/Pacific/Norfolk
-usr/share/zoneinfo/right/Pacific/Noumea
-usr/share/zoneinfo/right/Pacific/Pago_Pago
-usr/share/zoneinfo/right/Pacific/Palau
-usr/share/zoneinfo/right/Pacific/Pitcairn
-usr/share/zoneinfo/right/Pacific/Pohnpei
-usr/share/zoneinfo/right/Pacific/Ponape
-usr/share/zoneinfo/right/Pacific/Port_Moresby
-usr/share/zoneinfo/right/Pacific/Rarotonga
-usr/share/zoneinfo/right/Pacific/Saipan
-usr/share/zoneinfo/right/Pacific/Samoa
-usr/share/zoneinfo/right/Pacific/Tahiti
-usr/share/zoneinfo/right/Pacific/Tarawa
-usr/share/zoneinfo/right/Pacific/Tongatapu
-usr/share/zoneinfo/right/Pacific/Truk
-usr/share/zoneinfo/right/Pacific/Wake
-usr/share/zoneinfo/right/Pacific/Wallis
-usr/share/zoneinfo/right/Pacific/Yap
-usr/share/zoneinfo/right/Poland
-usr/share/zoneinfo/right/Portugal
-usr/share/zoneinfo/right/ROC
-usr/share/zoneinfo/right/ROK
-usr/share/zoneinfo/right/Singapore
-usr/share/zoneinfo/right/Turkey
-usr/share/zoneinfo/right/UCT
-usr/share/zoneinfo/right/US/
-usr/share/zoneinfo/right/US/Alaska
-usr/share/zoneinfo/right/US/Aleutian
-usr/share/zoneinfo/right/US/Arizona
-usr/share/zoneinfo/right/US/Central
-usr/share/zoneinfo/right/US/East-Indiana
-usr/share/zoneinfo/right/US/Eastern
-usr/share/zoneinfo/right/US/Hawaii
-usr/share/zoneinfo/right/US/Indiana-Starke
-usr/share/zoneinfo/right/US/Michigan
-usr/share/zoneinfo/right/US/Mountain
-usr/share/zoneinfo/right/US/Pacific
-usr/share/zoneinfo/right/US/Pacific-New
-usr/share/zoneinfo/right/US/Samoa
-usr/share/zoneinfo/right/UTC
-usr/share/zoneinfo/right/Universal
-usr/share/zoneinfo/right/W-SU
-usr/share/zoneinfo/right/WET
-usr/share/zoneinfo/right/Zulu
-usr/share/zoneinfo/tzdata.zi
-usr/share/zoneinfo/zone.tab
-usr/share/zoneinfo/zone1970.tab
-
diff --git a/msys2/var/lib/pacman/local/tzcode-2018.c-1/mtree b/msys2/var/lib/pacman/local/tzcode-2018.c-1/mtree
deleted file mode 100644
index 831632165..000000000
Binary files a/msys2/var/lib/pacman/local/tzcode-2018.c-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/tzcode-2019.a-1/desc b/msys2/var/lib/pacman/local/tzcode-2019.a-1/desc
new file mode 100644
index 000000000..0ec664d07
--- /dev/null
+++ b/msys2/var/lib/pacman/local/tzcode-2019.a-1/desc
@@ -0,0 +1,44 @@
+%NAME%
+tzcode
+
+%VERSION%
+2019.a-1
+
+%BASE%
+tzcode
+
+%DESC%
+Sources for time zone and daylight saving time data
+
+%URL%
+https://www.iana.org/time-zones
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556516339
+
+%INSTALLDATE%
+1558699116
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1903616
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+coreutils
+gawk
+sed
+
diff --git a/msys2/var/lib/pacman/local/tzcode-2019.a-1/files b/msys2/var/lib/pacman/local/tzcode-2019.a-1/files
new file mode 100644
index 000000000..5223e85a5
--- /dev/null
+++ b/msys2/var/lib/pacman/local/tzcode-2019.a-1/files
@@ -0,0 +1,1873 @@
+%FILES%
+etc/
+etc/localtime
+usr/
+usr/bin/
+usr/bin/tzselect
+usr/bin/zdump.exe
+usr/bin/zic.exe
+usr/lib/
+usr/lib/libtz.a
+usr/share/
+usr/share/man/
+usr/share/man/man3/
+usr/share/man/man3/newctime.3.gz
+usr/share/man/man3/newtzset.3.gz
+usr/share/man/man5/
+usr/share/man/man5/tzfile.5.gz
+usr/share/man/man8/
+usr/share/man/man8/tzselect.8.gz
+usr/share/man/man8/zdump.8.gz
+usr/share/man/man8/zic.8.gz
+usr/share/zoneinfo/
+usr/share/zoneinfo/Africa/
+usr/share/zoneinfo/Africa/Abidjan
+usr/share/zoneinfo/Africa/Accra
+usr/share/zoneinfo/Africa/Addis_Ababa
+usr/share/zoneinfo/Africa/Algiers
+usr/share/zoneinfo/Africa/Asmara
+usr/share/zoneinfo/Africa/Asmera
+usr/share/zoneinfo/Africa/Bamako
+usr/share/zoneinfo/Africa/Bangui
+usr/share/zoneinfo/Africa/Banjul
+usr/share/zoneinfo/Africa/Bissau
+usr/share/zoneinfo/Africa/Blantyre
+usr/share/zoneinfo/Africa/Brazzaville
+usr/share/zoneinfo/Africa/Bujumbura
+usr/share/zoneinfo/Africa/Cairo
+usr/share/zoneinfo/Africa/Casablanca
+usr/share/zoneinfo/Africa/Ceuta
+usr/share/zoneinfo/Africa/Conakry
+usr/share/zoneinfo/Africa/Dakar
+usr/share/zoneinfo/Africa/Dar_es_Salaam
+usr/share/zoneinfo/Africa/Djibouti
+usr/share/zoneinfo/Africa/Douala
+usr/share/zoneinfo/Africa/El_Aaiun
+usr/share/zoneinfo/Africa/Freetown
+usr/share/zoneinfo/Africa/Gaborone
+usr/share/zoneinfo/Africa/Harare
+usr/share/zoneinfo/Africa/Johannesburg
+usr/share/zoneinfo/Africa/Juba
+usr/share/zoneinfo/Africa/Kampala
+usr/share/zoneinfo/Africa/Khartoum
+usr/share/zoneinfo/Africa/Kigali
+usr/share/zoneinfo/Africa/Kinshasa
+usr/share/zoneinfo/Africa/Lagos
+usr/share/zoneinfo/Africa/Libreville
+usr/share/zoneinfo/Africa/Lome
+usr/share/zoneinfo/Africa/Luanda
+usr/share/zoneinfo/Africa/Lubumbashi
+usr/share/zoneinfo/Africa/Lusaka
+usr/share/zoneinfo/Africa/Malabo
+usr/share/zoneinfo/Africa/Maputo
+usr/share/zoneinfo/Africa/Maseru
+usr/share/zoneinfo/Africa/Mbabane
+usr/share/zoneinfo/Africa/Mogadishu
+usr/share/zoneinfo/Africa/Monrovia
+usr/share/zoneinfo/Africa/Nairobi
+usr/share/zoneinfo/Africa/Ndjamena
+usr/share/zoneinfo/Africa/Niamey
+usr/share/zoneinfo/Africa/Nouakchott
+usr/share/zoneinfo/Africa/Ouagadougou
+usr/share/zoneinfo/Africa/Porto-Novo
+usr/share/zoneinfo/Africa/Sao_Tome
+usr/share/zoneinfo/Africa/Timbuktu
+usr/share/zoneinfo/Africa/Tripoli
+usr/share/zoneinfo/Africa/Tunis
+usr/share/zoneinfo/Africa/Windhoek
+usr/share/zoneinfo/America/
+usr/share/zoneinfo/America/Adak
+usr/share/zoneinfo/America/Anchorage
+usr/share/zoneinfo/America/Anguilla
+usr/share/zoneinfo/America/Antigua
+usr/share/zoneinfo/America/Araguaina
+usr/share/zoneinfo/America/Argentina/
+usr/share/zoneinfo/America/Argentina/Buenos_Aires
+usr/share/zoneinfo/America/Argentina/Catamarca
+usr/share/zoneinfo/America/Argentina/ComodRivadavia
+usr/share/zoneinfo/America/Argentina/Cordoba
+usr/share/zoneinfo/America/Argentina/Jujuy
+usr/share/zoneinfo/America/Argentina/La_Rioja
+usr/share/zoneinfo/America/Argentina/Mendoza
+usr/share/zoneinfo/America/Argentina/Rio_Gallegos
+usr/share/zoneinfo/America/Argentina/Salta
+usr/share/zoneinfo/America/Argentina/San_Juan
+usr/share/zoneinfo/America/Argentina/San_Luis
+usr/share/zoneinfo/America/Argentina/Tucuman
+usr/share/zoneinfo/America/Argentina/Ushuaia
+usr/share/zoneinfo/America/Aruba
+usr/share/zoneinfo/America/Asuncion
+usr/share/zoneinfo/America/Atikokan
+usr/share/zoneinfo/America/Atka
+usr/share/zoneinfo/America/Bahia
+usr/share/zoneinfo/America/Bahia_Banderas
+usr/share/zoneinfo/America/Barbados
+usr/share/zoneinfo/America/Belem
+usr/share/zoneinfo/America/Belize
+usr/share/zoneinfo/America/Blanc-Sablon
+usr/share/zoneinfo/America/Boa_Vista
+usr/share/zoneinfo/America/Bogota
+usr/share/zoneinfo/America/Boise
+usr/share/zoneinfo/America/Buenos_Aires
+usr/share/zoneinfo/America/Cambridge_Bay
+usr/share/zoneinfo/America/Campo_Grande
+usr/share/zoneinfo/America/Cancun
+usr/share/zoneinfo/America/Caracas
+usr/share/zoneinfo/America/Catamarca
+usr/share/zoneinfo/America/Cayenne
+usr/share/zoneinfo/America/Cayman
+usr/share/zoneinfo/America/Chicago
+usr/share/zoneinfo/America/Chihuahua
+usr/share/zoneinfo/America/Coral_Harbour
+usr/share/zoneinfo/America/Cordoba
+usr/share/zoneinfo/America/Costa_Rica
+usr/share/zoneinfo/America/Creston
+usr/share/zoneinfo/America/Cuiaba
+usr/share/zoneinfo/America/Curacao
+usr/share/zoneinfo/America/Danmarkshavn
+usr/share/zoneinfo/America/Dawson
+usr/share/zoneinfo/America/Dawson_Creek
+usr/share/zoneinfo/America/Denver
+usr/share/zoneinfo/America/Detroit
+usr/share/zoneinfo/America/Dominica
+usr/share/zoneinfo/America/Edmonton
+usr/share/zoneinfo/America/Eirunepe
+usr/share/zoneinfo/America/El_Salvador
+usr/share/zoneinfo/America/Ensenada
+usr/share/zoneinfo/America/Fort_Nelson
+usr/share/zoneinfo/America/Fort_Wayne
+usr/share/zoneinfo/America/Fortaleza
+usr/share/zoneinfo/America/Glace_Bay
+usr/share/zoneinfo/America/Godthab
+usr/share/zoneinfo/America/Goose_Bay
+usr/share/zoneinfo/America/Grand_Turk
+usr/share/zoneinfo/America/Grenada
+usr/share/zoneinfo/America/Guadeloupe
+usr/share/zoneinfo/America/Guatemala
+usr/share/zoneinfo/America/Guayaquil
+usr/share/zoneinfo/America/Guyana
+usr/share/zoneinfo/America/Halifax
+usr/share/zoneinfo/America/Havana
+usr/share/zoneinfo/America/Hermosillo
+usr/share/zoneinfo/America/Indiana/
+usr/share/zoneinfo/America/Indiana/Indianapolis
+usr/share/zoneinfo/America/Indiana/Knox
+usr/share/zoneinfo/America/Indiana/Marengo
+usr/share/zoneinfo/America/Indiana/Petersburg
+usr/share/zoneinfo/America/Indiana/Tell_City
+usr/share/zoneinfo/America/Indiana/Vevay
+usr/share/zoneinfo/America/Indiana/Vincennes
+usr/share/zoneinfo/America/Indiana/Winamac
+usr/share/zoneinfo/America/Indianapolis
+usr/share/zoneinfo/America/Inuvik
+usr/share/zoneinfo/America/Iqaluit
+usr/share/zoneinfo/America/Jamaica
+usr/share/zoneinfo/America/Jujuy
+usr/share/zoneinfo/America/Juneau
+usr/share/zoneinfo/America/Kentucky/
+usr/share/zoneinfo/America/Kentucky/Louisville
+usr/share/zoneinfo/America/Kentucky/Monticello
+usr/share/zoneinfo/America/Knox_IN
+usr/share/zoneinfo/America/Kralendijk
+usr/share/zoneinfo/America/La_Paz
+usr/share/zoneinfo/America/Lima
+usr/share/zoneinfo/America/Los_Angeles
+usr/share/zoneinfo/America/Louisville
+usr/share/zoneinfo/America/Lower_Princes
+usr/share/zoneinfo/America/Maceio
+usr/share/zoneinfo/America/Managua
+usr/share/zoneinfo/America/Manaus
+usr/share/zoneinfo/America/Marigot
+usr/share/zoneinfo/America/Martinique
+usr/share/zoneinfo/America/Matamoros
+usr/share/zoneinfo/America/Mazatlan
+usr/share/zoneinfo/America/Mendoza
+usr/share/zoneinfo/America/Menominee
+usr/share/zoneinfo/America/Merida
+usr/share/zoneinfo/America/Metlakatla
+usr/share/zoneinfo/America/Mexico_City
+usr/share/zoneinfo/America/Miquelon
+usr/share/zoneinfo/America/Moncton
+usr/share/zoneinfo/America/Monterrey
+usr/share/zoneinfo/America/Montevideo
+usr/share/zoneinfo/America/Montreal
+usr/share/zoneinfo/America/Montserrat
+usr/share/zoneinfo/America/Nassau
+usr/share/zoneinfo/America/New_York
+usr/share/zoneinfo/America/Nipigon
+usr/share/zoneinfo/America/Nome
+usr/share/zoneinfo/America/Noronha
+usr/share/zoneinfo/America/North_Dakota/
+usr/share/zoneinfo/America/North_Dakota/Beulah
+usr/share/zoneinfo/America/North_Dakota/Center
+usr/share/zoneinfo/America/North_Dakota/New_Salem
+usr/share/zoneinfo/America/Ojinaga
+usr/share/zoneinfo/America/Panama
+usr/share/zoneinfo/America/Pangnirtung
+usr/share/zoneinfo/America/Paramaribo
+usr/share/zoneinfo/America/Phoenix
+usr/share/zoneinfo/America/Port-au-Prince
+usr/share/zoneinfo/America/Port_of_Spain
+usr/share/zoneinfo/America/Porto_Acre
+usr/share/zoneinfo/America/Porto_Velho
+usr/share/zoneinfo/America/Puerto_Rico
+usr/share/zoneinfo/America/Punta_Arenas
+usr/share/zoneinfo/America/Rainy_River
+usr/share/zoneinfo/America/Rankin_Inlet
+usr/share/zoneinfo/America/Recife
+usr/share/zoneinfo/America/Regina
+usr/share/zoneinfo/America/Resolute
+usr/share/zoneinfo/America/Rio_Branco
+usr/share/zoneinfo/America/Rosario
+usr/share/zoneinfo/America/Santa_Isabel
+usr/share/zoneinfo/America/Santarem
+usr/share/zoneinfo/America/Santiago
+usr/share/zoneinfo/America/Santo_Domingo
+usr/share/zoneinfo/America/Sao_Paulo
+usr/share/zoneinfo/America/Scoresbysund
+usr/share/zoneinfo/America/Shiprock
+usr/share/zoneinfo/America/Sitka
+usr/share/zoneinfo/America/St_Barthelemy
+usr/share/zoneinfo/America/St_Johns
+usr/share/zoneinfo/America/St_Kitts
+usr/share/zoneinfo/America/St_Lucia
+usr/share/zoneinfo/America/St_Thomas
+usr/share/zoneinfo/America/St_Vincent
+usr/share/zoneinfo/America/Swift_Current
+usr/share/zoneinfo/America/Tegucigalpa
+usr/share/zoneinfo/America/Thule
+usr/share/zoneinfo/America/Thunder_Bay
+usr/share/zoneinfo/America/Tijuana
+usr/share/zoneinfo/America/Toronto
+usr/share/zoneinfo/America/Tortola
+usr/share/zoneinfo/America/Vancouver
+usr/share/zoneinfo/America/Virgin
+usr/share/zoneinfo/America/Whitehorse
+usr/share/zoneinfo/America/Winnipeg
+usr/share/zoneinfo/America/Yakutat
+usr/share/zoneinfo/America/Yellowknife
+usr/share/zoneinfo/Antarctica/
+usr/share/zoneinfo/Antarctica/Casey
+usr/share/zoneinfo/Antarctica/Davis
+usr/share/zoneinfo/Antarctica/DumontDUrville
+usr/share/zoneinfo/Antarctica/Macquarie
+usr/share/zoneinfo/Antarctica/Mawson
+usr/share/zoneinfo/Antarctica/McMurdo
+usr/share/zoneinfo/Antarctica/Palmer
+usr/share/zoneinfo/Antarctica/Rothera
+usr/share/zoneinfo/Antarctica/South_Pole
+usr/share/zoneinfo/Antarctica/Syowa
+usr/share/zoneinfo/Antarctica/Troll
+usr/share/zoneinfo/Antarctica/Vostok
+usr/share/zoneinfo/Arctic/
+usr/share/zoneinfo/Arctic/Longyearbyen
+usr/share/zoneinfo/Asia/
+usr/share/zoneinfo/Asia/Aden
+usr/share/zoneinfo/Asia/Almaty
+usr/share/zoneinfo/Asia/Amman
+usr/share/zoneinfo/Asia/Anadyr
+usr/share/zoneinfo/Asia/Aqtau
+usr/share/zoneinfo/Asia/Aqtobe
+usr/share/zoneinfo/Asia/Ashgabat
+usr/share/zoneinfo/Asia/Ashkhabad
+usr/share/zoneinfo/Asia/Atyrau
+usr/share/zoneinfo/Asia/Baghdad
+usr/share/zoneinfo/Asia/Bahrain
+usr/share/zoneinfo/Asia/Baku
+usr/share/zoneinfo/Asia/Bangkok
+usr/share/zoneinfo/Asia/Barnaul
+usr/share/zoneinfo/Asia/Beirut
+usr/share/zoneinfo/Asia/Bishkek
+usr/share/zoneinfo/Asia/Brunei
+usr/share/zoneinfo/Asia/Calcutta
+usr/share/zoneinfo/Asia/Chita
+usr/share/zoneinfo/Asia/Choibalsan
+usr/share/zoneinfo/Asia/Chongqing
+usr/share/zoneinfo/Asia/Chungking
+usr/share/zoneinfo/Asia/Colombo
+usr/share/zoneinfo/Asia/Dacca
+usr/share/zoneinfo/Asia/Damascus
+usr/share/zoneinfo/Asia/Dhaka
+usr/share/zoneinfo/Asia/Dili
+usr/share/zoneinfo/Asia/Dubai
+usr/share/zoneinfo/Asia/Dushanbe
+usr/share/zoneinfo/Asia/Famagusta
+usr/share/zoneinfo/Asia/Gaza
+usr/share/zoneinfo/Asia/Harbin
+usr/share/zoneinfo/Asia/Hebron
+usr/share/zoneinfo/Asia/Ho_Chi_Minh
+usr/share/zoneinfo/Asia/Hong_Kong
+usr/share/zoneinfo/Asia/Hovd
+usr/share/zoneinfo/Asia/Irkutsk
+usr/share/zoneinfo/Asia/Istanbul
+usr/share/zoneinfo/Asia/Jakarta
+usr/share/zoneinfo/Asia/Jayapura
+usr/share/zoneinfo/Asia/Jerusalem
+usr/share/zoneinfo/Asia/Kabul
+usr/share/zoneinfo/Asia/Kamchatka
+usr/share/zoneinfo/Asia/Karachi
+usr/share/zoneinfo/Asia/Kashgar
+usr/share/zoneinfo/Asia/Kathmandu
+usr/share/zoneinfo/Asia/Katmandu
+usr/share/zoneinfo/Asia/Khandyga
+usr/share/zoneinfo/Asia/Kolkata
+usr/share/zoneinfo/Asia/Krasnoyarsk
+usr/share/zoneinfo/Asia/Kuala_Lumpur
+usr/share/zoneinfo/Asia/Kuching
+usr/share/zoneinfo/Asia/Kuwait
+usr/share/zoneinfo/Asia/Macao
+usr/share/zoneinfo/Asia/Macau
+usr/share/zoneinfo/Asia/Magadan
+usr/share/zoneinfo/Asia/Makassar
+usr/share/zoneinfo/Asia/Manila
+usr/share/zoneinfo/Asia/Muscat
+usr/share/zoneinfo/Asia/Nicosia
+usr/share/zoneinfo/Asia/Novokuznetsk
+usr/share/zoneinfo/Asia/Novosibirsk
+usr/share/zoneinfo/Asia/Omsk
+usr/share/zoneinfo/Asia/Oral
+usr/share/zoneinfo/Asia/Phnom_Penh
+usr/share/zoneinfo/Asia/Pontianak
+usr/share/zoneinfo/Asia/Pyongyang
+usr/share/zoneinfo/Asia/Qatar
+usr/share/zoneinfo/Asia/Qostanay
+usr/share/zoneinfo/Asia/Qyzylorda
+usr/share/zoneinfo/Asia/Rangoon
+usr/share/zoneinfo/Asia/Riyadh
+usr/share/zoneinfo/Asia/Saigon
+usr/share/zoneinfo/Asia/Sakhalin
+usr/share/zoneinfo/Asia/Samarkand
+usr/share/zoneinfo/Asia/Seoul
+usr/share/zoneinfo/Asia/Shanghai
+usr/share/zoneinfo/Asia/Singapore
+usr/share/zoneinfo/Asia/Srednekolymsk
+usr/share/zoneinfo/Asia/Taipei
+usr/share/zoneinfo/Asia/Tashkent
+usr/share/zoneinfo/Asia/Tbilisi
+usr/share/zoneinfo/Asia/Tehran
+usr/share/zoneinfo/Asia/Tel_Aviv
+usr/share/zoneinfo/Asia/Thimbu
+usr/share/zoneinfo/Asia/Thimphu
+usr/share/zoneinfo/Asia/Tokyo
+usr/share/zoneinfo/Asia/Tomsk
+usr/share/zoneinfo/Asia/Ujung_Pandang
+usr/share/zoneinfo/Asia/Ulaanbaatar
+usr/share/zoneinfo/Asia/Ulan_Bator
+usr/share/zoneinfo/Asia/Urumqi
+usr/share/zoneinfo/Asia/Ust-Nera
+usr/share/zoneinfo/Asia/Vientiane
+usr/share/zoneinfo/Asia/Vladivostok
+usr/share/zoneinfo/Asia/Yakutsk
+usr/share/zoneinfo/Asia/Yangon
+usr/share/zoneinfo/Asia/Yekaterinburg
+usr/share/zoneinfo/Asia/Yerevan
+usr/share/zoneinfo/Atlantic/
+usr/share/zoneinfo/Atlantic/Azores
+usr/share/zoneinfo/Atlantic/Bermuda
+usr/share/zoneinfo/Atlantic/Canary
+usr/share/zoneinfo/Atlantic/Cape_Verde
+usr/share/zoneinfo/Atlantic/Faeroe
+usr/share/zoneinfo/Atlantic/Faroe
+usr/share/zoneinfo/Atlantic/Jan_Mayen
+usr/share/zoneinfo/Atlantic/Madeira
+usr/share/zoneinfo/Atlantic/Reykjavik
+usr/share/zoneinfo/Atlantic/South_Georgia
+usr/share/zoneinfo/Atlantic/St_Helena
+usr/share/zoneinfo/Atlantic/Stanley
+usr/share/zoneinfo/Australia/
+usr/share/zoneinfo/Australia/ACT
+usr/share/zoneinfo/Australia/Adelaide
+usr/share/zoneinfo/Australia/Brisbane
+usr/share/zoneinfo/Australia/Broken_Hill
+usr/share/zoneinfo/Australia/Canberra
+usr/share/zoneinfo/Australia/Currie
+usr/share/zoneinfo/Australia/Darwin
+usr/share/zoneinfo/Australia/Eucla
+usr/share/zoneinfo/Australia/Hobart
+usr/share/zoneinfo/Australia/LHI
+usr/share/zoneinfo/Australia/Lindeman
+usr/share/zoneinfo/Australia/Lord_Howe
+usr/share/zoneinfo/Australia/Melbourne
+usr/share/zoneinfo/Australia/North
+usr/share/zoneinfo/Australia/NSW
+usr/share/zoneinfo/Australia/Perth
+usr/share/zoneinfo/Australia/Queensland
+usr/share/zoneinfo/Australia/South
+usr/share/zoneinfo/Australia/Sydney
+usr/share/zoneinfo/Australia/Tasmania
+usr/share/zoneinfo/Australia/Victoria
+usr/share/zoneinfo/Australia/West
+usr/share/zoneinfo/Australia/Yancowinna
+usr/share/zoneinfo/Brazil/
+usr/share/zoneinfo/Brazil/Acre
+usr/share/zoneinfo/Brazil/DeNoronha
+usr/share/zoneinfo/Brazil/East
+usr/share/zoneinfo/Brazil/West
+usr/share/zoneinfo/Canada/
+usr/share/zoneinfo/Canada/Atlantic
+usr/share/zoneinfo/Canada/Central
+usr/share/zoneinfo/Canada/Eastern
+usr/share/zoneinfo/Canada/Mountain
+usr/share/zoneinfo/Canada/Newfoundland
+usr/share/zoneinfo/Canada/Pacific
+usr/share/zoneinfo/Canada/Saskatchewan
+usr/share/zoneinfo/Canada/Yukon
+usr/share/zoneinfo/CET
+usr/share/zoneinfo/Chile/
+usr/share/zoneinfo/Chile/Continental
+usr/share/zoneinfo/Chile/EasterIsland
+usr/share/zoneinfo/CST6CDT
+usr/share/zoneinfo/Cuba
+usr/share/zoneinfo/EET
+usr/share/zoneinfo/Egypt
+usr/share/zoneinfo/Eire
+usr/share/zoneinfo/EST
+usr/share/zoneinfo/EST5EDT
+usr/share/zoneinfo/Etc/
+usr/share/zoneinfo/Etc/GMT
+usr/share/zoneinfo/Etc/GMT+0
+usr/share/zoneinfo/Etc/GMT+1
+usr/share/zoneinfo/Etc/GMT+10
+usr/share/zoneinfo/Etc/GMT+11
+usr/share/zoneinfo/Etc/GMT+12
+usr/share/zoneinfo/Etc/GMT+2
+usr/share/zoneinfo/Etc/GMT+3
+usr/share/zoneinfo/Etc/GMT+4
+usr/share/zoneinfo/Etc/GMT+5
+usr/share/zoneinfo/Etc/GMT+6
+usr/share/zoneinfo/Etc/GMT+7
+usr/share/zoneinfo/Etc/GMT+8
+usr/share/zoneinfo/Etc/GMT+9
+usr/share/zoneinfo/Etc/GMT-0
+usr/share/zoneinfo/Etc/GMT-1
+usr/share/zoneinfo/Etc/GMT-10
+usr/share/zoneinfo/Etc/GMT-11
+usr/share/zoneinfo/Etc/GMT-12
+usr/share/zoneinfo/Etc/GMT-13
+usr/share/zoneinfo/Etc/GMT-14
+usr/share/zoneinfo/Etc/GMT-2
+usr/share/zoneinfo/Etc/GMT-3
+usr/share/zoneinfo/Etc/GMT-4
+usr/share/zoneinfo/Etc/GMT-5
+usr/share/zoneinfo/Etc/GMT-6
+usr/share/zoneinfo/Etc/GMT-7
+usr/share/zoneinfo/Etc/GMT-8
+usr/share/zoneinfo/Etc/GMT-9
+usr/share/zoneinfo/Etc/GMT0
+usr/share/zoneinfo/Etc/Greenwich
+usr/share/zoneinfo/Etc/UCT
+usr/share/zoneinfo/Etc/Universal
+usr/share/zoneinfo/Etc/UTC
+usr/share/zoneinfo/Etc/Zulu
+usr/share/zoneinfo/Europe/
+usr/share/zoneinfo/Europe/Amsterdam
+usr/share/zoneinfo/Europe/Andorra
+usr/share/zoneinfo/Europe/Astrakhan
+usr/share/zoneinfo/Europe/Athens
+usr/share/zoneinfo/Europe/Belfast
+usr/share/zoneinfo/Europe/Belgrade
+usr/share/zoneinfo/Europe/Berlin
+usr/share/zoneinfo/Europe/Bratislava
+usr/share/zoneinfo/Europe/Brussels
+usr/share/zoneinfo/Europe/Bucharest
+usr/share/zoneinfo/Europe/Budapest
+usr/share/zoneinfo/Europe/Busingen
+usr/share/zoneinfo/Europe/Chisinau
+usr/share/zoneinfo/Europe/Copenhagen
+usr/share/zoneinfo/Europe/Dublin
+usr/share/zoneinfo/Europe/Gibraltar
+usr/share/zoneinfo/Europe/Guernsey
+usr/share/zoneinfo/Europe/Helsinki
+usr/share/zoneinfo/Europe/Isle_of_Man
+usr/share/zoneinfo/Europe/Istanbul
+usr/share/zoneinfo/Europe/Jersey
+usr/share/zoneinfo/Europe/Kaliningrad
+usr/share/zoneinfo/Europe/Kiev
+usr/share/zoneinfo/Europe/Kirov
+usr/share/zoneinfo/Europe/Lisbon
+usr/share/zoneinfo/Europe/Ljubljana
+usr/share/zoneinfo/Europe/London
+usr/share/zoneinfo/Europe/Luxembourg
+usr/share/zoneinfo/Europe/Madrid
+usr/share/zoneinfo/Europe/Malta
+usr/share/zoneinfo/Europe/Mariehamn
+usr/share/zoneinfo/Europe/Minsk
+usr/share/zoneinfo/Europe/Monaco
+usr/share/zoneinfo/Europe/Moscow
+usr/share/zoneinfo/Europe/Nicosia
+usr/share/zoneinfo/Europe/Oslo
+usr/share/zoneinfo/Europe/Paris
+usr/share/zoneinfo/Europe/Podgorica
+usr/share/zoneinfo/Europe/Prague
+usr/share/zoneinfo/Europe/Riga
+usr/share/zoneinfo/Europe/Rome
+usr/share/zoneinfo/Europe/Samara
+usr/share/zoneinfo/Europe/San_Marino
+usr/share/zoneinfo/Europe/Sarajevo
+usr/share/zoneinfo/Europe/Saratov
+usr/share/zoneinfo/Europe/Simferopol
+usr/share/zoneinfo/Europe/Skopje
+usr/share/zoneinfo/Europe/Sofia
+usr/share/zoneinfo/Europe/Stockholm
+usr/share/zoneinfo/Europe/Tallinn
+usr/share/zoneinfo/Europe/Tirane
+usr/share/zoneinfo/Europe/Tiraspol
+usr/share/zoneinfo/Europe/Ulyanovsk
+usr/share/zoneinfo/Europe/Uzhgorod
+usr/share/zoneinfo/Europe/Vaduz
+usr/share/zoneinfo/Europe/Vatican
+usr/share/zoneinfo/Europe/Vienna
+usr/share/zoneinfo/Europe/Vilnius
+usr/share/zoneinfo/Europe/Volgograd
+usr/share/zoneinfo/Europe/Warsaw
+usr/share/zoneinfo/Europe/Zagreb
+usr/share/zoneinfo/Europe/Zaporozhye
+usr/share/zoneinfo/Europe/Zurich
+usr/share/zoneinfo/Factory
+usr/share/zoneinfo/GB
+usr/share/zoneinfo/GB-Eire
+usr/share/zoneinfo/GMT
+usr/share/zoneinfo/GMT+0
+usr/share/zoneinfo/GMT-0
+usr/share/zoneinfo/GMT0
+usr/share/zoneinfo/Greenwich
+usr/share/zoneinfo/Hongkong
+usr/share/zoneinfo/HST
+usr/share/zoneinfo/Iceland
+usr/share/zoneinfo/Indian/
+usr/share/zoneinfo/Indian/Antananarivo
+usr/share/zoneinfo/Indian/Chagos
+usr/share/zoneinfo/Indian/Christmas
+usr/share/zoneinfo/Indian/Cocos
+usr/share/zoneinfo/Indian/Comoro
+usr/share/zoneinfo/Indian/Kerguelen
+usr/share/zoneinfo/Indian/Mahe
+usr/share/zoneinfo/Indian/Maldives
+usr/share/zoneinfo/Indian/Mauritius
+usr/share/zoneinfo/Indian/Mayotte
+usr/share/zoneinfo/Indian/Reunion
+usr/share/zoneinfo/Iran
+usr/share/zoneinfo/iso3166.tab
+usr/share/zoneinfo/Israel
+usr/share/zoneinfo/Jamaica
+usr/share/zoneinfo/Japan
+usr/share/zoneinfo/Kwajalein
+usr/share/zoneinfo/leapseconds
+usr/share/zoneinfo/Libya
+usr/share/zoneinfo/MET
+usr/share/zoneinfo/Mexico/
+usr/share/zoneinfo/Mexico/BajaNorte
+usr/share/zoneinfo/Mexico/BajaSur
+usr/share/zoneinfo/Mexico/General
+usr/share/zoneinfo/MST
+usr/share/zoneinfo/MST7MDT
+usr/share/zoneinfo/Navajo
+usr/share/zoneinfo/NZ
+usr/share/zoneinfo/NZ-CHAT
+usr/share/zoneinfo/Pacific/
+usr/share/zoneinfo/Pacific/Apia
+usr/share/zoneinfo/Pacific/Auckland
+usr/share/zoneinfo/Pacific/Bougainville
+usr/share/zoneinfo/Pacific/Chatham
+usr/share/zoneinfo/Pacific/Chuuk
+usr/share/zoneinfo/Pacific/Easter
+usr/share/zoneinfo/Pacific/Efate
+usr/share/zoneinfo/Pacific/Enderbury
+usr/share/zoneinfo/Pacific/Fakaofo
+usr/share/zoneinfo/Pacific/Fiji
+usr/share/zoneinfo/Pacific/Funafuti
+usr/share/zoneinfo/Pacific/Galapagos
+usr/share/zoneinfo/Pacific/Gambier
+usr/share/zoneinfo/Pacific/Guadalcanal
+usr/share/zoneinfo/Pacific/Guam
+usr/share/zoneinfo/Pacific/Honolulu
+usr/share/zoneinfo/Pacific/Johnston
+usr/share/zoneinfo/Pacific/Kiritimati
+usr/share/zoneinfo/Pacific/Kosrae
+usr/share/zoneinfo/Pacific/Kwajalein
+usr/share/zoneinfo/Pacific/Majuro
+usr/share/zoneinfo/Pacific/Marquesas
+usr/share/zoneinfo/Pacific/Midway
+usr/share/zoneinfo/Pacific/Nauru
+usr/share/zoneinfo/Pacific/Niue
+usr/share/zoneinfo/Pacific/Norfolk
+usr/share/zoneinfo/Pacific/Noumea
+usr/share/zoneinfo/Pacific/Pago_Pago
+usr/share/zoneinfo/Pacific/Palau
+usr/share/zoneinfo/Pacific/Pitcairn
+usr/share/zoneinfo/Pacific/Pohnpei
+usr/share/zoneinfo/Pacific/Ponape
+usr/share/zoneinfo/Pacific/Port_Moresby
+usr/share/zoneinfo/Pacific/Rarotonga
+usr/share/zoneinfo/Pacific/Saipan
+usr/share/zoneinfo/Pacific/Samoa
+usr/share/zoneinfo/Pacific/Tahiti
+usr/share/zoneinfo/Pacific/Tarawa
+usr/share/zoneinfo/Pacific/Tongatapu
+usr/share/zoneinfo/Pacific/Truk
+usr/share/zoneinfo/Pacific/Wake
+usr/share/zoneinfo/Pacific/Wallis
+usr/share/zoneinfo/Pacific/Yap
+usr/share/zoneinfo/Poland
+usr/share/zoneinfo/Portugal
+usr/share/zoneinfo/posix/
+usr/share/zoneinfo/posix/Africa/
+usr/share/zoneinfo/posix/Africa/Abidjan
+usr/share/zoneinfo/posix/Africa/Accra
+usr/share/zoneinfo/posix/Africa/Addis_Ababa
+usr/share/zoneinfo/posix/Africa/Algiers
+usr/share/zoneinfo/posix/Africa/Asmara
+usr/share/zoneinfo/posix/Africa/Asmera
+usr/share/zoneinfo/posix/Africa/Bamako
+usr/share/zoneinfo/posix/Africa/Bangui
+usr/share/zoneinfo/posix/Africa/Banjul
+usr/share/zoneinfo/posix/Africa/Bissau
+usr/share/zoneinfo/posix/Africa/Blantyre
+usr/share/zoneinfo/posix/Africa/Brazzaville
+usr/share/zoneinfo/posix/Africa/Bujumbura
+usr/share/zoneinfo/posix/Africa/Cairo
+usr/share/zoneinfo/posix/Africa/Casablanca
+usr/share/zoneinfo/posix/Africa/Ceuta
+usr/share/zoneinfo/posix/Africa/Conakry
+usr/share/zoneinfo/posix/Africa/Dakar
+usr/share/zoneinfo/posix/Africa/Dar_es_Salaam
+usr/share/zoneinfo/posix/Africa/Djibouti
+usr/share/zoneinfo/posix/Africa/Douala
+usr/share/zoneinfo/posix/Africa/El_Aaiun
+usr/share/zoneinfo/posix/Africa/Freetown
+usr/share/zoneinfo/posix/Africa/Gaborone
+usr/share/zoneinfo/posix/Africa/Harare
+usr/share/zoneinfo/posix/Africa/Johannesburg
+usr/share/zoneinfo/posix/Africa/Juba
+usr/share/zoneinfo/posix/Africa/Kampala
+usr/share/zoneinfo/posix/Africa/Khartoum
+usr/share/zoneinfo/posix/Africa/Kigali
+usr/share/zoneinfo/posix/Africa/Kinshasa
+usr/share/zoneinfo/posix/Africa/Lagos
+usr/share/zoneinfo/posix/Africa/Libreville
+usr/share/zoneinfo/posix/Africa/Lome
+usr/share/zoneinfo/posix/Africa/Luanda
+usr/share/zoneinfo/posix/Africa/Lubumbashi
+usr/share/zoneinfo/posix/Africa/Lusaka
+usr/share/zoneinfo/posix/Africa/Malabo
+usr/share/zoneinfo/posix/Africa/Maputo
+usr/share/zoneinfo/posix/Africa/Maseru
+usr/share/zoneinfo/posix/Africa/Mbabane
+usr/share/zoneinfo/posix/Africa/Mogadishu
+usr/share/zoneinfo/posix/Africa/Monrovia
+usr/share/zoneinfo/posix/Africa/Nairobi
+usr/share/zoneinfo/posix/Africa/Ndjamena
+usr/share/zoneinfo/posix/Africa/Niamey
+usr/share/zoneinfo/posix/Africa/Nouakchott
+usr/share/zoneinfo/posix/Africa/Ouagadougou
+usr/share/zoneinfo/posix/Africa/Porto-Novo
+usr/share/zoneinfo/posix/Africa/Sao_Tome
+usr/share/zoneinfo/posix/Africa/Timbuktu
+usr/share/zoneinfo/posix/Africa/Tripoli
+usr/share/zoneinfo/posix/Africa/Tunis
+usr/share/zoneinfo/posix/Africa/Windhoek
+usr/share/zoneinfo/posix/America/
+usr/share/zoneinfo/posix/America/Adak
+usr/share/zoneinfo/posix/America/Anchorage
+usr/share/zoneinfo/posix/America/Anguilla
+usr/share/zoneinfo/posix/America/Antigua
+usr/share/zoneinfo/posix/America/Araguaina
+usr/share/zoneinfo/posix/America/Argentina/
+usr/share/zoneinfo/posix/America/Argentina/Buenos_Aires
+usr/share/zoneinfo/posix/America/Argentina/Catamarca
+usr/share/zoneinfo/posix/America/Argentina/ComodRivadavia
+usr/share/zoneinfo/posix/America/Argentina/Cordoba
+usr/share/zoneinfo/posix/America/Argentina/Jujuy
+usr/share/zoneinfo/posix/America/Argentina/La_Rioja
+usr/share/zoneinfo/posix/America/Argentina/Mendoza
+usr/share/zoneinfo/posix/America/Argentina/Rio_Gallegos
+usr/share/zoneinfo/posix/America/Argentina/Salta
+usr/share/zoneinfo/posix/America/Argentina/San_Juan
+usr/share/zoneinfo/posix/America/Argentina/San_Luis
+usr/share/zoneinfo/posix/America/Argentina/Tucuman
+usr/share/zoneinfo/posix/America/Argentina/Ushuaia
+usr/share/zoneinfo/posix/America/Aruba
+usr/share/zoneinfo/posix/America/Asuncion
+usr/share/zoneinfo/posix/America/Atikokan
+usr/share/zoneinfo/posix/America/Atka
+usr/share/zoneinfo/posix/America/Bahia
+usr/share/zoneinfo/posix/America/Bahia_Banderas
+usr/share/zoneinfo/posix/America/Barbados
+usr/share/zoneinfo/posix/America/Belem
+usr/share/zoneinfo/posix/America/Belize
+usr/share/zoneinfo/posix/America/Blanc-Sablon
+usr/share/zoneinfo/posix/America/Boa_Vista
+usr/share/zoneinfo/posix/America/Bogota
+usr/share/zoneinfo/posix/America/Boise
+usr/share/zoneinfo/posix/America/Buenos_Aires
+usr/share/zoneinfo/posix/America/Cambridge_Bay
+usr/share/zoneinfo/posix/America/Campo_Grande
+usr/share/zoneinfo/posix/America/Cancun
+usr/share/zoneinfo/posix/America/Caracas
+usr/share/zoneinfo/posix/America/Catamarca
+usr/share/zoneinfo/posix/America/Cayenne
+usr/share/zoneinfo/posix/America/Cayman
+usr/share/zoneinfo/posix/America/Chicago
+usr/share/zoneinfo/posix/America/Chihuahua
+usr/share/zoneinfo/posix/America/Coral_Harbour
+usr/share/zoneinfo/posix/America/Cordoba
+usr/share/zoneinfo/posix/America/Costa_Rica
+usr/share/zoneinfo/posix/America/Creston
+usr/share/zoneinfo/posix/America/Cuiaba
+usr/share/zoneinfo/posix/America/Curacao
+usr/share/zoneinfo/posix/America/Danmarkshavn
+usr/share/zoneinfo/posix/America/Dawson
+usr/share/zoneinfo/posix/America/Dawson_Creek
+usr/share/zoneinfo/posix/America/Denver
+usr/share/zoneinfo/posix/America/Detroit
+usr/share/zoneinfo/posix/America/Dominica
+usr/share/zoneinfo/posix/America/Edmonton
+usr/share/zoneinfo/posix/America/Eirunepe
+usr/share/zoneinfo/posix/America/El_Salvador
+usr/share/zoneinfo/posix/America/Ensenada
+usr/share/zoneinfo/posix/America/Fort_Nelson
+usr/share/zoneinfo/posix/America/Fort_Wayne
+usr/share/zoneinfo/posix/America/Fortaleza
+usr/share/zoneinfo/posix/America/Glace_Bay
+usr/share/zoneinfo/posix/America/Godthab
+usr/share/zoneinfo/posix/America/Goose_Bay
+usr/share/zoneinfo/posix/America/Grand_Turk
+usr/share/zoneinfo/posix/America/Grenada
+usr/share/zoneinfo/posix/America/Guadeloupe
+usr/share/zoneinfo/posix/America/Guatemala
+usr/share/zoneinfo/posix/America/Guayaquil
+usr/share/zoneinfo/posix/America/Guyana
+usr/share/zoneinfo/posix/America/Halifax
+usr/share/zoneinfo/posix/America/Havana
+usr/share/zoneinfo/posix/America/Hermosillo
+usr/share/zoneinfo/posix/America/Indiana/
+usr/share/zoneinfo/posix/America/Indiana/Indianapolis
+usr/share/zoneinfo/posix/America/Indiana/Knox
+usr/share/zoneinfo/posix/America/Indiana/Marengo
+usr/share/zoneinfo/posix/America/Indiana/Petersburg
+usr/share/zoneinfo/posix/America/Indiana/Tell_City
+usr/share/zoneinfo/posix/America/Indiana/Vevay
+usr/share/zoneinfo/posix/America/Indiana/Vincennes
+usr/share/zoneinfo/posix/America/Indiana/Winamac
+usr/share/zoneinfo/posix/America/Indianapolis
+usr/share/zoneinfo/posix/America/Inuvik
+usr/share/zoneinfo/posix/America/Iqaluit
+usr/share/zoneinfo/posix/America/Jamaica
+usr/share/zoneinfo/posix/America/Jujuy
+usr/share/zoneinfo/posix/America/Juneau
+usr/share/zoneinfo/posix/America/Kentucky/
+usr/share/zoneinfo/posix/America/Kentucky/Louisville
+usr/share/zoneinfo/posix/America/Kentucky/Monticello
+usr/share/zoneinfo/posix/America/Knox_IN
+usr/share/zoneinfo/posix/America/Kralendijk
+usr/share/zoneinfo/posix/America/La_Paz
+usr/share/zoneinfo/posix/America/Lima
+usr/share/zoneinfo/posix/America/Los_Angeles
+usr/share/zoneinfo/posix/America/Louisville
+usr/share/zoneinfo/posix/America/Lower_Princes
+usr/share/zoneinfo/posix/America/Maceio
+usr/share/zoneinfo/posix/America/Managua
+usr/share/zoneinfo/posix/America/Manaus
+usr/share/zoneinfo/posix/America/Marigot
+usr/share/zoneinfo/posix/America/Martinique
+usr/share/zoneinfo/posix/America/Matamoros
+usr/share/zoneinfo/posix/America/Mazatlan
+usr/share/zoneinfo/posix/America/Mendoza
+usr/share/zoneinfo/posix/America/Menominee
+usr/share/zoneinfo/posix/America/Merida
+usr/share/zoneinfo/posix/America/Metlakatla
+usr/share/zoneinfo/posix/America/Mexico_City
+usr/share/zoneinfo/posix/America/Miquelon
+usr/share/zoneinfo/posix/America/Moncton
+usr/share/zoneinfo/posix/America/Monterrey
+usr/share/zoneinfo/posix/America/Montevideo
+usr/share/zoneinfo/posix/America/Montreal
+usr/share/zoneinfo/posix/America/Montserrat
+usr/share/zoneinfo/posix/America/Nassau
+usr/share/zoneinfo/posix/America/New_York
+usr/share/zoneinfo/posix/America/Nipigon
+usr/share/zoneinfo/posix/America/Nome
+usr/share/zoneinfo/posix/America/Noronha
+usr/share/zoneinfo/posix/America/North_Dakota/
+usr/share/zoneinfo/posix/America/North_Dakota/Beulah
+usr/share/zoneinfo/posix/America/North_Dakota/Center
+usr/share/zoneinfo/posix/America/North_Dakota/New_Salem
+usr/share/zoneinfo/posix/America/Ojinaga
+usr/share/zoneinfo/posix/America/Panama
+usr/share/zoneinfo/posix/America/Pangnirtung
+usr/share/zoneinfo/posix/America/Paramaribo
+usr/share/zoneinfo/posix/America/Phoenix
+usr/share/zoneinfo/posix/America/Port-au-Prince
+usr/share/zoneinfo/posix/America/Port_of_Spain
+usr/share/zoneinfo/posix/America/Porto_Acre
+usr/share/zoneinfo/posix/America/Porto_Velho
+usr/share/zoneinfo/posix/America/Puerto_Rico
+usr/share/zoneinfo/posix/America/Punta_Arenas
+usr/share/zoneinfo/posix/America/Rainy_River
+usr/share/zoneinfo/posix/America/Rankin_Inlet
+usr/share/zoneinfo/posix/America/Recife
+usr/share/zoneinfo/posix/America/Regina
+usr/share/zoneinfo/posix/America/Resolute
+usr/share/zoneinfo/posix/America/Rio_Branco
+usr/share/zoneinfo/posix/America/Rosario
+usr/share/zoneinfo/posix/America/Santa_Isabel
+usr/share/zoneinfo/posix/America/Santarem
+usr/share/zoneinfo/posix/America/Santiago
+usr/share/zoneinfo/posix/America/Santo_Domingo
+usr/share/zoneinfo/posix/America/Sao_Paulo
+usr/share/zoneinfo/posix/America/Scoresbysund
+usr/share/zoneinfo/posix/America/Shiprock
+usr/share/zoneinfo/posix/America/Sitka
+usr/share/zoneinfo/posix/America/St_Barthelemy
+usr/share/zoneinfo/posix/America/St_Johns
+usr/share/zoneinfo/posix/America/St_Kitts
+usr/share/zoneinfo/posix/America/St_Lucia
+usr/share/zoneinfo/posix/America/St_Thomas
+usr/share/zoneinfo/posix/America/St_Vincent
+usr/share/zoneinfo/posix/America/Swift_Current
+usr/share/zoneinfo/posix/America/Tegucigalpa
+usr/share/zoneinfo/posix/America/Thule
+usr/share/zoneinfo/posix/America/Thunder_Bay
+usr/share/zoneinfo/posix/America/Tijuana
+usr/share/zoneinfo/posix/America/Toronto
+usr/share/zoneinfo/posix/America/Tortola
+usr/share/zoneinfo/posix/America/Vancouver
+usr/share/zoneinfo/posix/America/Virgin
+usr/share/zoneinfo/posix/America/Whitehorse
+usr/share/zoneinfo/posix/America/Winnipeg
+usr/share/zoneinfo/posix/America/Yakutat
+usr/share/zoneinfo/posix/America/Yellowknife
+usr/share/zoneinfo/posix/Antarctica/
+usr/share/zoneinfo/posix/Antarctica/Casey
+usr/share/zoneinfo/posix/Antarctica/Davis
+usr/share/zoneinfo/posix/Antarctica/DumontDUrville
+usr/share/zoneinfo/posix/Antarctica/Macquarie
+usr/share/zoneinfo/posix/Antarctica/Mawson
+usr/share/zoneinfo/posix/Antarctica/McMurdo
+usr/share/zoneinfo/posix/Antarctica/Palmer
+usr/share/zoneinfo/posix/Antarctica/Rothera
+usr/share/zoneinfo/posix/Antarctica/South_Pole
+usr/share/zoneinfo/posix/Antarctica/Syowa
+usr/share/zoneinfo/posix/Antarctica/Troll
+usr/share/zoneinfo/posix/Antarctica/Vostok
+usr/share/zoneinfo/posix/Arctic/
+usr/share/zoneinfo/posix/Arctic/Longyearbyen
+usr/share/zoneinfo/posix/Asia/
+usr/share/zoneinfo/posix/Asia/Aden
+usr/share/zoneinfo/posix/Asia/Almaty
+usr/share/zoneinfo/posix/Asia/Amman
+usr/share/zoneinfo/posix/Asia/Anadyr
+usr/share/zoneinfo/posix/Asia/Aqtau
+usr/share/zoneinfo/posix/Asia/Aqtobe
+usr/share/zoneinfo/posix/Asia/Ashgabat
+usr/share/zoneinfo/posix/Asia/Ashkhabad
+usr/share/zoneinfo/posix/Asia/Atyrau
+usr/share/zoneinfo/posix/Asia/Baghdad
+usr/share/zoneinfo/posix/Asia/Bahrain
+usr/share/zoneinfo/posix/Asia/Baku
+usr/share/zoneinfo/posix/Asia/Bangkok
+usr/share/zoneinfo/posix/Asia/Barnaul
+usr/share/zoneinfo/posix/Asia/Beirut
+usr/share/zoneinfo/posix/Asia/Bishkek
+usr/share/zoneinfo/posix/Asia/Brunei
+usr/share/zoneinfo/posix/Asia/Calcutta
+usr/share/zoneinfo/posix/Asia/Chita
+usr/share/zoneinfo/posix/Asia/Choibalsan
+usr/share/zoneinfo/posix/Asia/Chongqing
+usr/share/zoneinfo/posix/Asia/Chungking
+usr/share/zoneinfo/posix/Asia/Colombo
+usr/share/zoneinfo/posix/Asia/Dacca
+usr/share/zoneinfo/posix/Asia/Damascus
+usr/share/zoneinfo/posix/Asia/Dhaka
+usr/share/zoneinfo/posix/Asia/Dili
+usr/share/zoneinfo/posix/Asia/Dubai
+usr/share/zoneinfo/posix/Asia/Dushanbe
+usr/share/zoneinfo/posix/Asia/Famagusta
+usr/share/zoneinfo/posix/Asia/Gaza
+usr/share/zoneinfo/posix/Asia/Harbin
+usr/share/zoneinfo/posix/Asia/Hebron
+usr/share/zoneinfo/posix/Asia/Ho_Chi_Minh
+usr/share/zoneinfo/posix/Asia/Hong_Kong
+usr/share/zoneinfo/posix/Asia/Hovd
+usr/share/zoneinfo/posix/Asia/Irkutsk
+usr/share/zoneinfo/posix/Asia/Istanbul
+usr/share/zoneinfo/posix/Asia/Jakarta
+usr/share/zoneinfo/posix/Asia/Jayapura
+usr/share/zoneinfo/posix/Asia/Jerusalem
+usr/share/zoneinfo/posix/Asia/Kabul
+usr/share/zoneinfo/posix/Asia/Kamchatka
+usr/share/zoneinfo/posix/Asia/Karachi
+usr/share/zoneinfo/posix/Asia/Kashgar
+usr/share/zoneinfo/posix/Asia/Kathmandu
+usr/share/zoneinfo/posix/Asia/Katmandu
+usr/share/zoneinfo/posix/Asia/Khandyga
+usr/share/zoneinfo/posix/Asia/Kolkata
+usr/share/zoneinfo/posix/Asia/Krasnoyarsk
+usr/share/zoneinfo/posix/Asia/Kuala_Lumpur
+usr/share/zoneinfo/posix/Asia/Kuching
+usr/share/zoneinfo/posix/Asia/Kuwait
+usr/share/zoneinfo/posix/Asia/Macao
+usr/share/zoneinfo/posix/Asia/Macau
+usr/share/zoneinfo/posix/Asia/Magadan
+usr/share/zoneinfo/posix/Asia/Makassar
+usr/share/zoneinfo/posix/Asia/Manila
+usr/share/zoneinfo/posix/Asia/Muscat
+usr/share/zoneinfo/posix/Asia/Nicosia
+usr/share/zoneinfo/posix/Asia/Novokuznetsk
+usr/share/zoneinfo/posix/Asia/Novosibirsk
+usr/share/zoneinfo/posix/Asia/Omsk
+usr/share/zoneinfo/posix/Asia/Oral
+usr/share/zoneinfo/posix/Asia/Phnom_Penh
+usr/share/zoneinfo/posix/Asia/Pontianak
+usr/share/zoneinfo/posix/Asia/Pyongyang
+usr/share/zoneinfo/posix/Asia/Qatar
+usr/share/zoneinfo/posix/Asia/Qostanay
+usr/share/zoneinfo/posix/Asia/Qyzylorda
+usr/share/zoneinfo/posix/Asia/Rangoon
+usr/share/zoneinfo/posix/Asia/Riyadh
+usr/share/zoneinfo/posix/Asia/Saigon
+usr/share/zoneinfo/posix/Asia/Sakhalin
+usr/share/zoneinfo/posix/Asia/Samarkand
+usr/share/zoneinfo/posix/Asia/Seoul
+usr/share/zoneinfo/posix/Asia/Shanghai
+usr/share/zoneinfo/posix/Asia/Singapore
+usr/share/zoneinfo/posix/Asia/Srednekolymsk
+usr/share/zoneinfo/posix/Asia/Taipei
+usr/share/zoneinfo/posix/Asia/Tashkent
+usr/share/zoneinfo/posix/Asia/Tbilisi
+usr/share/zoneinfo/posix/Asia/Tehran
+usr/share/zoneinfo/posix/Asia/Tel_Aviv
+usr/share/zoneinfo/posix/Asia/Thimbu
+usr/share/zoneinfo/posix/Asia/Thimphu
+usr/share/zoneinfo/posix/Asia/Tokyo
+usr/share/zoneinfo/posix/Asia/Tomsk
+usr/share/zoneinfo/posix/Asia/Ujung_Pandang
+usr/share/zoneinfo/posix/Asia/Ulaanbaatar
+usr/share/zoneinfo/posix/Asia/Ulan_Bator
+usr/share/zoneinfo/posix/Asia/Urumqi
+usr/share/zoneinfo/posix/Asia/Ust-Nera
+usr/share/zoneinfo/posix/Asia/Vientiane
+usr/share/zoneinfo/posix/Asia/Vladivostok
+usr/share/zoneinfo/posix/Asia/Yakutsk
+usr/share/zoneinfo/posix/Asia/Yangon
+usr/share/zoneinfo/posix/Asia/Yekaterinburg
+usr/share/zoneinfo/posix/Asia/Yerevan
+usr/share/zoneinfo/posix/Atlantic/
+usr/share/zoneinfo/posix/Atlantic/Azores
+usr/share/zoneinfo/posix/Atlantic/Bermuda
+usr/share/zoneinfo/posix/Atlantic/Canary
+usr/share/zoneinfo/posix/Atlantic/Cape_Verde
+usr/share/zoneinfo/posix/Atlantic/Faeroe
+usr/share/zoneinfo/posix/Atlantic/Faroe
+usr/share/zoneinfo/posix/Atlantic/Jan_Mayen
+usr/share/zoneinfo/posix/Atlantic/Madeira
+usr/share/zoneinfo/posix/Atlantic/Reykjavik
+usr/share/zoneinfo/posix/Atlantic/South_Georgia
+usr/share/zoneinfo/posix/Atlantic/St_Helena
+usr/share/zoneinfo/posix/Atlantic/Stanley
+usr/share/zoneinfo/posix/Australia/
+usr/share/zoneinfo/posix/Australia/ACT
+usr/share/zoneinfo/posix/Australia/Adelaide
+usr/share/zoneinfo/posix/Australia/Brisbane
+usr/share/zoneinfo/posix/Australia/Broken_Hill
+usr/share/zoneinfo/posix/Australia/Canberra
+usr/share/zoneinfo/posix/Australia/Currie
+usr/share/zoneinfo/posix/Australia/Darwin
+usr/share/zoneinfo/posix/Australia/Eucla
+usr/share/zoneinfo/posix/Australia/Hobart
+usr/share/zoneinfo/posix/Australia/LHI
+usr/share/zoneinfo/posix/Australia/Lindeman
+usr/share/zoneinfo/posix/Australia/Lord_Howe
+usr/share/zoneinfo/posix/Australia/Melbourne
+usr/share/zoneinfo/posix/Australia/North
+usr/share/zoneinfo/posix/Australia/NSW
+usr/share/zoneinfo/posix/Australia/Perth
+usr/share/zoneinfo/posix/Australia/Queensland
+usr/share/zoneinfo/posix/Australia/South
+usr/share/zoneinfo/posix/Australia/Sydney
+usr/share/zoneinfo/posix/Australia/Tasmania
+usr/share/zoneinfo/posix/Australia/Victoria
+usr/share/zoneinfo/posix/Australia/West
+usr/share/zoneinfo/posix/Australia/Yancowinna
+usr/share/zoneinfo/posix/Brazil/
+usr/share/zoneinfo/posix/Brazil/Acre
+usr/share/zoneinfo/posix/Brazil/DeNoronha
+usr/share/zoneinfo/posix/Brazil/East
+usr/share/zoneinfo/posix/Brazil/West
+usr/share/zoneinfo/posix/Canada/
+usr/share/zoneinfo/posix/Canada/Atlantic
+usr/share/zoneinfo/posix/Canada/Central
+usr/share/zoneinfo/posix/Canada/Eastern
+usr/share/zoneinfo/posix/Canada/Mountain
+usr/share/zoneinfo/posix/Canada/Newfoundland
+usr/share/zoneinfo/posix/Canada/Pacific
+usr/share/zoneinfo/posix/Canada/Saskatchewan
+usr/share/zoneinfo/posix/Canada/Yukon
+usr/share/zoneinfo/posix/CET
+usr/share/zoneinfo/posix/Chile/
+usr/share/zoneinfo/posix/Chile/Continental
+usr/share/zoneinfo/posix/Chile/EasterIsland
+usr/share/zoneinfo/posix/CST6CDT
+usr/share/zoneinfo/posix/Cuba
+usr/share/zoneinfo/posix/EET
+usr/share/zoneinfo/posix/Egypt
+usr/share/zoneinfo/posix/Eire
+usr/share/zoneinfo/posix/EST
+usr/share/zoneinfo/posix/EST5EDT
+usr/share/zoneinfo/posix/Etc/
+usr/share/zoneinfo/posix/Etc/GMT
+usr/share/zoneinfo/posix/Etc/GMT+0
+usr/share/zoneinfo/posix/Etc/GMT+1
+usr/share/zoneinfo/posix/Etc/GMT+10
+usr/share/zoneinfo/posix/Etc/GMT+11
+usr/share/zoneinfo/posix/Etc/GMT+12
+usr/share/zoneinfo/posix/Etc/GMT+2
+usr/share/zoneinfo/posix/Etc/GMT+3
+usr/share/zoneinfo/posix/Etc/GMT+4
+usr/share/zoneinfo/posix/Etc/GMT+5
+usr/share/zoneinfo/posix/Etc/GMT+6
+usr/share/zoneinfo/posix/Etc/GMT+7
+usr/share/zoneinfo/posix/Etc/GMT+8
+usr/share/zoneinfo/posix/Etc/GMT+9
+usr/share/zoneinfo/posix/Etc/GMT-0
+usr/share/zoneinfo/posix/Etc/GMT-1
+usr/share/zoneinfo/posix/Etc/GMT-10
+usr/share/zoneinfo/posix/Etc/GMT-11
+usr/share/zoneinfo/posix/Etc/GMT-12
+usr/share/zoneinfo/posix/Etc/GMT-13
+usr/share/zoneinfo/posix/Etc/GMT-14
+usr/share/zoneinfo/posix/Etc/GMT-2
+usr/share/zoneinfo/posix/Etc/GMT-3
+usr/share/zoneinfo/posix/Etc/GMT-4
+usr/share/zoneinfo/posix/Etc/GMT-5
+usr/share/zoneinfo/posix/Etc/GMT-6
+usr/share/zoneinfo/posix/Etc/GMT-7
+usr/share/zoneinfo/posix/Etc/GMT-8
+usr/share/zoneinfo/posix/Etc/GMT-9
+usr/share/zoneinfo/posix/Etc/GMT0
+usr/share/zoneinfo/posix/Etc/Greenwich
+usr/share/zoneinfo/posix/Etc/UCT
+usr/share/zoneinfo/posix/Etc/Universal
+usr/share/zoneinfo/posix/Etc/UTC
+usr/share/zoneinfo/posix/Etc/Zulu
+usr/share/zoneinfo/posix/Europe/
+usr/share/zoneinfo/posix/Europe/Amsterdam
+usr/share/zoneinfo/posix/Europe/Andorra
+usr/share/zoneinfo/posix/Europe/Astrakhan
+usr/share/zoneinfo/posix/Europe/Athens
+usr/share/zoneinfo/posix/Europe/Belfast
+usr/share/zoneinfo/posix/Europe/Belgrade
+usr/share/zoneinfo/posix/Europe/Berlin
+usr/share/zoneinfo/posix/Europe/Bratislava
+usr/share/zoneinfo/posix/Europe/Brussels
+usr/share/zoneinfo/posix/Europe/Bucharest
+usr/share/zoneinfo/posix/Europe/Budapest
+usr/share/zoneinfo/posix/Europe/Busingen
+usr/share/zoneinfo/posix/Europe/Chisinau
+usr/share/zoneinfo/posix/Europe/Copenhagen
+usr/share/zoneinfo/posix/Europe/Dublin
+usr/share/zoneinfo/posix/Europe/Gibraltar
+usr/share/zoneinfo/posix/Europe/Guernsey
+usr/share/zoneinfo/posix/Europe/Helsinki
+usr/share/zoneinfo/posix/Europe/Isle_of_Man
+usr/share/zoneinfo/posix/Europe/Istanbul
+usr/share/zoneinfo/posix/Europe/Jersey
+usr/share/zoneinfo/posix/Europe/Kaliningrad
+usr/share/zoneinfo/posix/Europe/Kiev
+usr/share/zoneinfo/posix/Europe/Kirov
+usr/share/zoneinfo/posix/Europe/Lisbon
+usr/share/zoneinfo/posix/Europe/Ljubljana
+usr/share/zoneinfo/posix/Europe/London
+usr/share/zoneinfo/posix/Europe/Luxembourg
+usr/share/zoneinfo/posix/Europe/Madrid
+usr/share/zoneinfo/posix/Europe/Malta
+usr/share/zoneinfo/posix/Europe/Mariehamn
+usr/share/zoneinfo/posix/Europe/Minsk
+usr/share/zoneinfo/posix/Europe/Monaco
+usr/share/zoneinfo/posix/Europe/Moscow
+usr/share/zoneinfo/posix/Europe/Nicosia
+usr/share/zoneinfo/posix/Europe/Oslo
+usr/share/zoneinfo/posix/Europe/Paris
+usr/share/zoneinfo/posix/Europe/Podgorica
+usr/share/zoneinfo/posix/Europe/Prague
+usr/share/zoneinfo/posix/Europe/Riga
+usr/share/zoneinfo/posix/Europe/Rome
+usr/share/zoneinfo/posix/Europe/Samara
+usr/share/zoneinfo/posix/Europe/San_Marino
+usr/share/zoneinfo/posix/Europe/Sarajevo
+usr/share/zoneinfo/posix/Europe/Saratov
+usr/share/zoneinfo/posix/Europe/Simferopol
+usr/share/zoneinfo/posix/Europe/Skopje
+usr/share/zoneinfo/posix/Europe/Sofia
+usr/share/zoneinfo/posix/Europe/Stockholm
+usr/share/zoneinfo/posix/Europe/Tallinn
+usr/share/zoneinfo/posix/Europe/Tirane
+usr/share/zoneinfo/posix/Europe/Tiraspol
+usr/share/zoneinfo/posix/Europe/Ulyanovsk
+usr/share/zoneinfo/posix/Europe/Uzhgorod
+usr/share/zoneinfo/posix/Europe/Vaduz
+usr/share/zoneinfo/posix/Europe/Vatican
+usr/share/zoneinfo/posix/Europe/Vienna
+usr/share/zoneinfo/posix/Europe/Vilnius
+usr/share/zoneinfo/posix/Europe/Volgograd
+usr/share/zoneinfo/posix/Europe/Warsaw
+usr/share/zoneinfo/posix/Europe/Zagreb
+usr/share/zoneinfo/posix/Europe/Zaporozhye
+usr/share/zoneinfo/posix/Europe/Zurich
+usr/share/zoneinfo/posix/Factory
+usr/share/zoneinfo/posix/GB
+usr/share/zoneinfo/posix/GB-Eire
+usr/share/zoneinfo/posix/GMT
+usr/share/zoneinfo/posix/GMT+0
+usr/share/zoneinfo/posix/GMT-0
+usr/share/zoneinfo/posix/GMT0
+usr/share/zoneinfo/posix/Greenwich
+usr/share/zoneinfo/posix/Hongkong
+usr/share/zoneinfo/posix/HST
+usr/share/zoneinfo/posix/Iceland
+usr/share/zoneinfo/posix/Indian/
+usr/share/zoneinfo/posix/Indian/Antananarivo
+usr/share/zoneinfo/posix/Indian/Chagos
+usr/share/zoneinfo/posix/Indian/Christmas
+usr/share/zoneinfo/posix/Indian/Cocos
+usr/share/zoneinfo/posix/Indian/Comoro
+usr/share/zoneinfo/posix/Indian/Kerguelen
+usr/share/zoneinfo/posix/Indian/Mahe
+usr/share/zoneinfo/posix/Indian/Maldives
+usr/share/zoneinfo/posix/Indian/Mauritius
+usr/share/zoneinfo/posix/Indian/Mayotte
+usr/share/zoneinfo/posix/Indian/Reunion
+usr/share/zoneinfo/posix/Iran
+usr/share/zoneinfo/posix/Israel
+usr/share/zoneinfo/posix/Jamaica
+usr/share/zoneinfo/posix/Japan
+usr/share/zoneinfo/posix/Kwajalein
+usr/share/zoneinfo/posix/Libya
+usr/share/zoneinfo/posix/MET
+usr/share/zoneinfo/posix/Mexico/
+usr/share/zoneinfo/posix/Mexico/BajaNorte
+usr/share/zoneinfo/posix/Mexico/BajaSur
+usr/share/zoneinfo/posix/Mexico/General
+usr/share/zoneinfo/posix/MST
+usr/share/zoneinfo/posix/MST7MDT
+usr/share/zoneinfo/posix/Navajo
+usr/share/zoneinfo/posix/NZ
+usr/share/zoneinfo/posix/NZ-CHAT
+usr/share/zoneinfo/posix/Pacific/
+usr/share/zoneinfo/posix/Pacific/Apia
+usr/share/zoneinfo/posix/Pacific/Auckland
+usr/share/zoneinfo/posix/Pacific/Bougainville
+usr/share/zoneinfo/posix/Pacific/Chatham
+usr/share/zoneinfo/posix/Pacific/Chuuk
+usr/share/zoneinfo/posix/Pacific/Easter
+usr/share/zoneinfo/posix/Pacific/Efate
+usr/share/zoneinfo/posix/Pacific/Enderbury
+usr/share/zoneinfo/posix/Pacific/Fakaofo
+usr/share/zoneinfo/posix/Pacific/Fiji
+usr/share/zoneinfo/posix/Pacific/Funafuti
+usr/share/zoneinfo/posix/Pacific/Galapagos
+usr/share/zoneinfo/posix/Pacific/Gambier
+usr/share/zoneinfo/posix/Pacific/Guadalcanal
+usr/share/zoneinfo/posix/Pacific/Guam
+usr/share/zoneinfo/posix/Pacific/Honolulu
+usr/share/zoneinfo/posix/Pacific/Johnston
+usr/share/zoneinfo/posix/Pacific/Kiritimati
+usr/share/zoneinfo/posix/Pacific/Kosrae
+usr/share/zoneinfo/posix/Pacific/Kwajalein
+usr/share/zoneinfo/posix/Pacific/Majuro
+usr/share/zoneinfo/posix/Pacific/Marquesas
+usr/share/zoneinfo/posix/Pacific/Midway
+usr/share/zoneinfo/posix/Pacific/Nauru
+usr/share/zoneinfo/posix/Pacific/Niue
+usr/share/zoneinfo/posix/Pacific/Norfolk
+usr/share/zoneinfo/posix/Pacific/Noumea
+usr/share/zoneinfo/posix/Pacific/Pago_Pago
+usr/share/zoneinfo/posix/Pacific/Palau
+usr/share/zoneinfo/posix/Pacific/Pitcairn
+usr/share/zoneinfo/posix/Pacific/Pohnpei
+usr/share/zoneinfo/posix/Pacific/Ponape
+usr/share/zoneinfo/posix/Pacific/Port_Moresby
+usr/share/zoneinfo/posix/Pacific/Rarotonga
+usr/share/zoneinfo/posix/Pacific/Saipan
+usr/share/zoneinfo/posix/Pacific/Samoa
+usr/share/zoneinfo/posix/Pacific/Tahiti
+usr/share/zoneinfo/posix/Pacific/Tarawa
+usr/share/zoneinfo/posix/Pacific/Tongatapu
+usr/share/zoneinfo/posix/Pacific/Truk
+usr/share/zoneinfo/posix/Pacific/Wake
+usr/share/zoneinfo/posix/Pacific/Wallis
+usr/share/zoneinfo/posix/Pacific/Yap
+usr/share/zoneinfo/posix/Poland
+usr/share/zoneinfo/posix/Portugal
+usr/share/zoneinfo/posix/PRC
+usr/share/zoneinfo/posix/PST8PDT
+usr/share/zoneinfo/posix/ROC
+usr/share/zoneinfo/posix/ROK
+usr/share/zoneinfo/posix/Singapore
+usr/share/zoneinfo/posix/Turkey
+usr/share/zoneinfo/posix/UCT
+usr/share/zoneinfo/posix/Universal
+usr/share/zoneinfo/posix/US/
+usr/share/zoneinfo/posix/US/Alaska
+usr/share/zoneinfo/posix/US/Aleutian
+usr/share/zoneinfo/posix/US/Arizona
+usr/share/zoneinfo/posix/US/Central
+usr/share/zoneinfo/posix/US/East-Indiana
+usr/share/zoneinfo/posix/US/Eastern
+usr/share/zoneinfo/posix/US/Hawaii
+usr/share/zoneinfo/posix/US/Indiana-Starke
+usr/share/zoneinfo/posix/US/Michigan
+usr/share/zoneinfo/posix/US/Mountain
+usr/share/zoneinfo/posix/US/Pacific
+usr/share/zoneinfo/posix/US/Pacific-New
+usr/share/zoneinfo/posix/US/Samoa
+usr/share/zoneinfo/posix/UTC
+usr/share/zoneinfo/posix/W-SU
+usr/share/zoneinfo/posix/WET
+usr/share/zoneinfo/posix/Zulu
+usr/share/zoneinfo/posixrules
+usr/share/zoneinfo/PRC
+usr/share/zoneinfo/PST8PDT
+usr/share/zoneinfo/right/
+usr/share/zoneinfo/right/Africa/
+usr/share/zoneinfo/right/Africa/Abidjan
+usr/share/zoneinfo/right/Africa/Accra
+usr/share/zoneinfo/right/Africa/Addis_Ababa
+usr/share/zoneinfo/right/Africa/Algiers
+usr/share/zoneinfo/right/Africa/Asmara
+usr/share/zoneinfo/right/Africa/Asmera
+usr/share/zoneinfo/right/Africa/Bamako
+usr/share/zoneinfo/right/Africa/Bangui
+usr/share/zoneinfo/right/Africa/Banjul
+usr/share/zoneinfo/right/Africa/Bissau
+usr/share/zoneinfo/right/Africa/Blantyre
+usr/share/zoneinfo/right/Africa/Brazzaville
+usr/share/zoneinfo/right/Africa/Bujumbura
+usr/share/zoneinfo/right/Africa/Cairo
+usr/share/zoneinfo/right/Africa/Casablanca
+usr/share/zoneinfo/right/Africa/Ceuta
+usr/share/zoneinfo/right/Africa/Conakry
+usr/share/zoneinfo/right/Africa/Dakar
+usr/share/zoneinfo/right/Africa/Dar_es_Salaam
+usr/share/zoneinfo/right/Africa/Djibouti
+usr/share/zoneinfo/right/Africa/Douala
+usr/share/zoneinfo/right/Africa/El_Aaiun
+usr/share/zoneinfo/right/Africa/Freetown
+usr/share/zoneinfo/right/Africa/Gaborone
+usr/share/zoneinfo/right/Africa/Harare
+usr/share/zoneinfo/right/Africa/Johannesburg
+usr/share/zoneinfo/right/Africa/Juba
+usr/share/zoneinfo/right/Africa/Kampala
+usr/share/zoneinfo/right/Africa/Khartoum
+usr/share/zoneinfo/right/Africa/Kigali
+usr/share/zoneinfo/right/Africa/Kinshasa
+usr/share/zoneinfo/right/Africa/Lagos
+usr/share/zoneinfo/right/Africa/Libreville
+usr/share/zoneinfo/right/Africa/Lome
+usr/share/zoneinfo/right/Africa/Luanda
+usr/share/zoneinfo/right/Africa/Lubumbashi
+usr/share/zoneinfo/right/Africa/Lusaka
+usr/share/zoneinfo/right/Africa/Malabo
+usr/share/zoneinfo/right/Africa/Maputo
+usr/share/zoneinfo/right/Africa/Maseru
+usr/share/zoneinfo/right/Africa/Mbabane
+usr/share/zoneinfo/right/Africa/Mogadishu
+usr/share/zoneinfo/right/Africa/Monrovia
+usr/share/zoneinfo/right/Africa/Nairobi
+usr/share/zoneinfo/right/Africa/Ndjamena
+usr/share/zoneinfo/right/Africa/Niamey
+usr/share/zoneinfo/right/Africa/Nouakchott
+usr/share/zoneinfo/right/Africa/Ouagadougou
+usr/share/zoneinfo/right/Africa/Porto-Novo
+usr/share/zoneinfo/right/Africa/Sao_Tome
+usr/share/zoneinfo/right/Africa/Timbuktu
+usr/share/zoneinfo/right/Africa/Tripoli
+usr/share/zoneinfo/right/Africa/Tunis
+usr/share/zoneinfo/right/Africa/Windhoek
+usr/share/zoneinfo/right/America/
+usr/share/zoneinfo/right/America/Adak
+usr/share/zoneinfo/right/America/Anchorage
+usr/share/zoneinfo/right/America/Anguilla
+usr/share/zoneinfo/right/America/Antigua
+usr/share/zoneinfo/right/America/Araguaina
+usr/share/zoneinfo/right/America/Argentina/
+usr/share/zoneinfo/right/America/Argentina/Buenos_Aires
+usr/share/zoneinfo/right/America/Argentina/Catamarca
+usr/share/zoneinfo/right/America/Argentina/ComodRivadavia
+usr/share/zoneinfo/right/America/Argentina/Cordoba
+usr/share/zoneinfo/right/America/Argentina/Jujuy
+usr/share/zoneinfo/right/America/Argentina/La_Rioja
+usr/share/zoneinfo/right/America/Argentina/Mendoza
+usr/share/zoneinfo/right/America/Argentina/Rio_Gallegos
+usr/share/zoneinfo/right/America/Argentina/Salta
+usr/share/zoneinfo/right/America/Argentina/San_Juan
+usr/share/zoneinfo/right/America/Argentina/San_Luis
+usr/share/zoneinfo/right/America/Argentina/Tucuman
+usr/share/zoneinfo/right/America/Argentina/Ushuaia
+usr/share/zoneinfo/right/America/Aruba
+usr/share/zoneinfo/right/America/Asuncion
+usr/share/zoneinfo/right/America/Atikokan
+usr/share/zoneinfo/right/America/Atka
+usr/share/zoneinfo/right/America/Bahia
+usr/share/zoneinfo/right/America/Bahia_Banderas
+usr/share/zoneinfo/right/America/Barbados
+usr/share/zoneinfo/right/America/Belem
+usr/share/zoneinfo/right/America/Belize
+usr/share/zoneinfo/right/America/Blanc-Sablon
+usr/share/zoneinfo/right/America/Boa_Vista
+usr/share/zoneinfo/right/America/Bogota
+usr/share/zoneinfo/right/America/Boise
+usr/share/zoneinfo/right/America/Buenos_Aires
+usr/share/zoneinfo/right/America/Cambridge_Bay
+usr/share/zoneinfo/right/America/Campo_Grande
+usr/share/zoneinfo/right/America/Cancun
+usr/share/zoneinfo/right/America/Caracas
+usr/share/zoneinfo/right/America/Catamarca
+usr/share/zoneinfo/right/America/Cayenne
+usr/share/zoneinfo/right/America/Cayman
+usr/share/zoneinfo/right/America/Chicago
+usr/share/zoneinfo/right/America/Chihuahua
+usr/share/zoneinfo/right/America/Coral_Harbour
+usr/share/zoneinfo/right/America/Cordoba
+usr/share/zoneinfo/right/America/Costa_Rica
+usr/share/zoneinfo/right/America/Creston
+usr/share/zoneinfo/right/America/Cuiaba
+usr/share/zoneinfo/right/America/Curacao
+usr/share/zoneinfo/right/America/Danmarkshavn
+usr/share/zoneinfo/right/America/Dawson
+usr/share/zoneinfo/right/America/Dawson_Creek
+usr/share/zoneinfo/right/America/Denver
+usr/share/zoneinfo/right/America/Detroit
+usr/share/zoneinfo/right/America/Dominica
+usr/share/zoneinfo/right/America/Edmonton
+usr/share/zoneinfo/right/America/Eirunepe
+usr/share/zoneinfo/right/America/El_Salvador
+usr/share/zoneinfo/right/America/Ensenada
+usr/share/zoneinfo/right/America/Fort_Nelson
+usr/share/zoneinfo/right/America/Fort_Wayne
+usr/share/zoneinfo/right/America/Fortaleza
+usr/share/zoneinfo/right/America/Glace_Bay
+usr/share/zoneinfo/right/America/Godthab
+usr/share/zoneinfo/right/America/Goose_Bay
+usr/share/zoneinfo/right/America/Grand_Turk
+usr/share/zoneinfo/right/America/Grenada
+usr/share/zoneinfo/right/America/Guadeloupe
+usr/share/zoneinfo/right/America/Guatemala
+usr/share/zoneinfo/right/America/Guayaquil
+usr/share/zoneinfo/right/America/Guyana
+usr/share/zoneinfo/right/America/Halifax
+usr/share/zoneinfo/right/America/Havana
+usr/share/zoneinfo/right/America/Hermosillo
+usr/share/zoneinfo/right/America/Indiana/
+usr/share/zoneinfo/right/America/Indiana/Indianapolis
+usr/share/zoneinfo/right/America/Indiana/Knox
+usr/share/zoneinfo/right/America/Indiana/Marengo
+usr/share/zoneinfo/right/America/Indiana/Petersburg
+usr/share/zoneinfo/right/America/Indiana/Tell_City
+usr/share/zoneinfo/right/America/Indiana/Vevay
+usr/share/zoneinfo/right/America/Indiana/Vincennes
+usr/share/zoneinfo/right/America/Indiana/Winamac
+usr/share/zoneinfo/right/America/Indianapolis
+usr/share/zoneinfo/right/America/Inuvik
+usr/share/zoneinfo/right/America/Iqaluit
+usr/share/zoneinfo/right/America/Jamaica
+usr/share/zoneinfo/right/America/Jujuy
+usr/share/zoneinfo/right/America/Juneau
+usr/share/zoneinfo/right/America/Kentucky/
+usr/share/zoneinfo/right/America/Kentucky/Louisville
+usr/share/zoneinfo/right/America/Kentucky/Monticello
+usr/share/zoneinfo/right/America/Knox_IN
+usr/share/zoneinfo/right/America/Kralendijk
+usr/share/zoneinfo/right/America/La_Paz
+usr/share/zoneinfo/right/America/Lima
+usr/share/zoneinfo/right/America/Los_Angeles
+usr/share/zoneinfo/right/America/Louisville
+usr/share/zoneinfo/right/America/Lower_Princes
+usr/share/zoneinfo/right/America/Maceio
+usr/share/zoneinfo/right/America/Managua
+usr/share/zoneinfo/right/America/Manaus
+usr/share/zoneinfo/right/America/Marigot
+usr/share/zoneinfo/right/America/Martinique
+usr/share/zoneinfo/right/America/Matamoros
+usr/share/zoneinfo/right/America/Mazatlan
+usr/share/zoneinfo/right/America/Mendoza
+usr/share/zoneinfo/right/America/Menominee
+usr/share/zoneinfo/right/America/Merida
+usr/share/zoneinfo/right/America/Metlakatla
+usr/share/zoneinfo/right/America/Mexico_City
+usr/share/zoneinfo/right/America/Miquelon
+usr/share/zoneinfo/right/America/Moncton
+usr/share/zoneinfo/right/America/Monterrey
+usr/share/zoneinfo/right/America/Montevideo
+usr/share/zoneinfo/right/America/Montreal
+usr/share/zoneinfo/right/America/Montserrat
+usr/share/zoneinfo/right/America/Nassau
+usr/share/zoneinfo/right/America/New_York
+usr/share/zoneinfo/right/America/Nipigon
+usr/share/zoneinfo/right/America/Nome
+usr/share/zoneinfo/right/America/Noronha
+usr/share/zoneinfo/right/America/North_Dakota/
+usr/share/zoneinfo/right/America/North_Dakota/Beulah
+usr/share/zoneinfo/right/America/North_Dakota/Center
+usr/share/zoneinfo/right/America/North_Dakota/New_Salem
+usr/share/zoneinfo/right/America/Ojinaga
+usr/share/zoneinfo/right/America/Panama
+usr/share/zoneinfo/right/America/Pangnirtung
+usr/share/zoneinfo/right/America/Paramaribo
+usr/share/zoneinfo/right/America/Phoenix
+usr/share/zoneinfo/right/America/Port-au-Prince
+usr/share/zoneinfo/right/America/Port_of_Spain
+usr/share/zoneinfo/right/America/Porto_Acre
+usr/share/zoneinfo/right/America/Porto_Velho
+usr/share/zoneinfo/right/America/Puerto_Rico
+usr/share/zoneinfo/right/America/Punta_Arenas
+usr/share/zoneinfo/right/America/Rainy_River
+usr/share/zoneinfo/right/America/Rankin_Inlet
+usr/share/zoneinfo/right/America/Recife
+usr/share/zoneinfo/right/America/Regina
+usr/share/zoneinfo/right/America/Resolute
+usr/share/zoneinfo/right/America/Rio_Branco
+usr/share/zoneinfo/right/America/Rosario
+usr/share/zoneinfo/right/America/Santa_Isabel
+usr/share/zoneinfo/right/America/Santarem
+usr/share/zoneinfo/right/America/Santiago
+usr/share/zoneinfo/right/America/Santo_Domingo
+usr/share/zoneinfo/right/America/Sao_Paulo
+usr/share/zoneinfo/right/America/Scoresbysund
+usr/share/zoneinfo/right/America/Shiprock
+usr/share/zoneinfo/right/America/Sitka
+usr/share/zoneinfo/right/America/St_Barthelemy
+usr/share/zoneinfo/right/America/St_Johns
+usr/share/zoneinfo/right/America/St_Kitts
+usr/share/zoneinfo/right/America/St_Lucia
+usr/share/zoneinfo/right/America/St_Thomas
+usr/share/zoneinfo/right/America/St_Vincent
+usr/share/zoneinfo/right/America/Swift_Current
+usr/share/zoneinfo/right/America/Tegucigalpa
+usr/share/zoneinfo/right/America/Thule
+usr/share/zoneinfo/right/America/Thunder_Bay
+usr/share/zoneinfo/right/America/Tijuana
+usr/share/zoneinfo/right/America/Toronto
+usr/share/zoneinfo/right/America/Tortola
+usr/share/zoneinfo/right/America/Vancouver
+usr/share/zoneinfo/right/America/Virgin
+usr/share/zoneinfo/right/America/Whitehorse
+usr/share/zoneinfo/right/America/Winnipeg
+usr/share/zoneinfo/right/America/Yakutat
+usr/share/zoneinfo/right/America/Yellowknife
+usr/share/zoneinfo/right/Antarctica/
+usr/share/zoneinfo/right/Antarctica/Casey
+usr/share/zoneinfo/right/Antarctica/Davis
+usr/share/zoneinfo/right/Antarctica/DumontDUrville
+usr/share/zoneinfo/right/Antarctica/Macquarie
+usr/share/zoneinfo/right/Antarctica/Mawson
+usr/share/zoneinfo/right/Antarctica/McMurdo
+usr/share/zoneinfo/right/Antarctica/Palmer
+usr/share/zoneinfo/right/Antarctica/Rothera
+usr/share/zoneinfo/right/Antarctica/South_Pole
+usr/share/zoneinfo/right/Antarctica/Syowa
+usr/share/zoneinfo/right/Antarctica/Troll
+usr/share/zoneinfo/right/Antarctica/Vostok
+usr/share/zoneinfo/right/Arctic/
+usr/share/zoneinfo/right/Arctic/Longyearbyen
+usr/share/zoneinfo/right/Asia/
+usr/share/zoneinfo/right/Asia/Aden
+usr/share/zoneinfo/right/Asia/Almaty
+usr/share/zoneinfo/right/Asia/Amman
+usr/share/zoneinfo/right/Asia/Anadyr
+usr/share/zoneinfo/right/Asia/Aqtau
+usr/share/zoneinfo/right/Asia/Aqtobe
+usr/share/zoneinfo/right/Asia/Ashgabat
+usr/share/zoneinfo/right/Asia/Ashkhabad
+usr/share/zoneinfo/right/Asia/Atyrau
+usr/share/zoneinfo/right/Asia/Baghdad
+usr/share/zoneinfo/right/Asia/Bahrain
+usr/share/zoneinfo/right/Asia/Baku
+usr/share/zoneinfo/right/Asia/Bangkok
+usr/share/zoneinfo/right/Asia/Barnaul
+usr/share/zoneinfo/right/Asia/Beirut
+usr/share/zoneinfo/right/Asia/Bishkek
+usr/share/zoneinfo/right/Asia/Brunei
+usr/share/zoneinfo/right/Asia/Calcutta
+usr/share/zoneinfo/right/Asia/Chita
+usr/share/zoneinfo/right/Asia/Choibalsan
+usr/share/zoneinfo/right/Asia/Chongqing
+usr/share/zoneinfo/right/Asia/Chungking
+usr/share/zoneinfo/right/Asia/Colombo
+usr/share/zoneinfo/right/Asia/Dacca
+usr/share/zoneinfo/right/Asia/Damascus
+usr/share/zoneinfo/right/Asia/Dhaka
+usr/share/zoneinfo/right/Asia/Dili
+usr/share/zoneinfo/right/Asia/Dubai
+usr/share/zoneinfo/right/Asia/Dushanbe
+usr/share/zoneinfo/right/Asia/Famagusta
+usr/share/zoneinfo/right/Asia/Gaza
+usr/share/zoneinfo/right/Asia/Harbin
+usr/share/zoneinfo/right/Asia/Hebron
+usr/share/zoneinfo/right/Asia/Ho_Chi_Minh
+usr/share/zoneinfo/right/Asia/Hong_Kong
+usr/share/zoneinfo/right/Asia/Hovd
+usr/share/zoneinfo/right/Asia/Irkutsk
+usr/share/zoneinfo/right/Asia/Istanbul
+usr/share/zoneinfo/right/Asia/Jakarta
+usr/share/zoneinfo/right/Asia/Jayapura
+usr/share/zoneinfo/right/Asia/Jerusalem
+usr/share/zoneinfo/right/Asia/Kabul
+usr/share/zoneinfo/right/Asia/Kamchatka
+usr/share/zoneinfo/right/Asia/Karachi
+usr/share/zoneinfo/right/Asia/Kashgar
+usr/share/zoneinfo/right/Asia/Kathmandu
+usr/share/zoneinfo/right/Asia/Katmandu
+usr/share/zoneinfo/right/Asia/Khandyga
+usr/share/zoneinfo/right/Asia/Kolkata
+usr/share/zoneinfo/right/Asia/Krasnoyarsk
+usr/share/zoneinfo/right/Asia/Kuala_Lumpur
+usr/share/zoneinfo/right/Asia/Kuching
+usr/share/zoneinfo/right/Asia/Kuwait
+usr/share/zoneinfo/right/Asia/Macao
+usr/share/zoneinfo/right/Asia/Macau
+usr/share/zoneinfo/right/Asia/Magadan
+usr/share/zoneinfo/right/Asia/Makassar
+usr/share/zoneinfo/right/Asia/Manila
+usr/share/zoneinfo/right/Asia/Muscat
+usr/share/zoneinfo/right/Asia/Nicosia
+usr/share/zoneinfo/right/Asia/Novokuznetsk
+usr/share/zoneinfo/right/Asia/Novosibirsk
+usr/share/zoneinfo/right/Asia/Omsk
+usr/share/zoneinfo/right/Asia/Oral
+usr/share/zoneinfo/right/Asia/Phnom_Penh
+usr/share/zoneinfo/right/Asia/Pontianak
+usr/share/zoneinfo/right/Asia/Pyongyang
+usr/share/zoneinfo/right/Asia/Qatar
+usr/share/zoneinfo/right/Asia/Qostanay
+usr/share/zoneinfo/right/Asia/Qyzylorda
+usr/share/zoneinfo/right/Asia/Rangoon
+usr/share/zoneinfo/right/Asia/Riyadh
+usr/share/zoneinfo/right/Asia/Saigon
+usr/share/zoneinfo/right/Asia/Sakhalin
+usr/share/zoneinfo/right/Asia/Samarkand
+usr/share/zoneinfo/right/Asia/Seoul
+usr/share/zoneinfo/right/Asia/Shanghai
+usr/share/zoneinfo/right/Asia/Singapore
+usr/share/zoneinfo/right/Asia/Srednekolymsk
+usr/share/zoneinfo/right/Asia/Taipei
+usr/share/zoneinfo/right/Asia/Tashkent
+usr/share/zoneinfo/right/Asia/Tbilisi
+usr/share/zoneinfo/right/Asia/Tehran
+usr/share/zoneinfo/right/Asia/Tel_Aviv
+usr/share/zoneinfo/right/Asia/Thimbu
+usr/share/zoneinfo/right/Asia/Thimphu
+usr/share/zoneinfo/right/Asia/Tokyo
+usr/share/zoneinfo/right/Asia/Tomsk
+usr/share/zoneinfo/right/Asia/Ujung_Pandang
+usr/share/zoneinfo/right/Asia/Ulaanbaatar
+usr/share/zoneinfo/right/Asia/Ulan_Bator
+usr/share/zoneinfo/right/Asia/Urumqi
+usr/share/zoneinfo/right/Asia/Ust-Nera
+usr/share/zoneinfo/right/Asia/Vientiane
+usr/share/zoneinfo/right/Asia/Vladivostok
+usr/share/zoneinfo/right/Asia/Yakutsk
+usr/share/zoneinfo/right/Asia/Yangon
+usr/share/zoneinfo/right/Asia/Yekaterinburg
+usr/share/zoneinfo/right/Asia/Yerevan
+usr/share/zoneinfo/right/Atlantic/
+usr/share/zoneinfo/right/Atlantic/Azores
+usr/share/zoneinfo/right/Atlantic/Bermuda
+usr/share/zoneinfo/right/Atlantic/Canary
+usr/share/zoneinfo/right/Atlantic/Cape_Verde
+usr/share/zoneinfo/right/Atlantic/Faeroe
+usr/share/zoneinfo/right/Atlantic/Faroe
+usr/share/zoneinfo/right/Atlantic/Jan_Mayen
+usr/share/zoneinfo/right/Atlantic/Madeira
+usr/share/zoneinfo/right/Atlantic/Reykjavik
+usr/share/zoneinfo/right/Atlantic/South_Georgia
+usr/share/zoneinfo/right/Atlantic/St_Helena
+usr/share/zoneinfo/right/Atlantic/Stanley
+usr/share/zoneinfo/right/Australia/
+usr/share/zoneinfo/right/Australia/ACT
+usr/share/zoneinfo/right/Australia/Adelaide
+usr/share/zoneinfo/right/Australia/Brisbane
+usr/share/zoneinfo/right/Australia/Broken_Hill
+usr/share/zoneinfo/right/Australia/Canberra
+usr/share/zoneinfo/right/Australia/Currie
+usr/share/zoneinfo/right/Australia/Darwin
+usr/share/zoneinfo/right/Australia/Eucla
+usr/share/zoneinfo/right/Australia/Hobart
+usr/share/zoneinfo/right/Australia/LHI
+usr/share/zoneinfo/right/Australia/Lindeman
+usr/share/zoneinfo/right/Australia/Lord_Howe
+usr/share/zoneinfo/right/Australia/Melbourne
+usr/share/zoneinfo/right/Australia/North
+usr/share/zoneinfo/right/Australia/NSW
+usr/share/zoneinfo/right/Australia/Perth
+usr/share/zoneinfo/right/Australia/Queensland
+usr/share/zoneinfo/right/Australia/South
+usr/share/zoneinfo/right/Australia/Sydney
+usr/share/zoneinfo/right/Australia/Tasmania
+usr/share/zoneinfo/right/Australia/Victoria
+usr/share/zoneinfo/right/Australia/West
+usr/share/zoneinfo/right/Australia/Yancowinna
+usr/share/zoneinfo/right/Brazil/
+usr/share/zoneinfo/right/Brazil/Acre
+usr/share/zoneinfo/right/Brazil/DeNoronha
+usr/share/zoneinfo/right/Brazil/East
+usr/share/zoneinfo/right/Brazil/West
+usr/share/zoneinfo/right/Canada/
+usr/share/zoneinfo/right/Canada/Atlantic
+usr/share/zoneinfo/right/Canada/Central
+usr/share/zoneinfo/right/Canada/Eastern
+usr/share/zoneinfo/right/Canada/Mountain
+usr/share/zoneinfo/right/Canada/Newfoundland
+usr/share/zoneinfo/right/Canada/Pacific
+usr/share/zoneinfo/right/Canada/Saskatchewan
+usr/share/zoneinfo/right/Canada/Yukon
+usr/share/zoneinfo/right/CET
+usr/share/zoneinfo/right/Chile/
+usr/share/zoneinfo/right/Chile/Continental
+usr/share/zoneinfo/right/Chile/EasterIsland
+usr/share/zoneinfo/right/CST6CDT
+usr/share/zoneinfo/right/Cuba
+usr/share/zoneinfo/right/EET
+usr/share/zoneinfo/right/Egypt
+usr/share/zoneinfo/right/Eire
+usr/share/zoneinfo/right/EST
+usr/share/zoneinfo/right/EST5EDT
+usr/share/zoneinfo/right/Etc/
+usr/share/zoneinfo/right/Etc/GMT
+usr/share/zoneinfo/right/Etc/GMT+0
+usr/share/zoneinfo/right/Etc/GMT+1
+usr/share/zoneinfo/right/Etc/GMT+10
+usr/share/zoneinfo/right/Etc/GMT+11
+usr/share/zoneinfo/right/Etc/GMT+12
+usr/share/zoneinfo/right/Etc/GMT+2
+usr/share/zoneinfo/right/Etc/GMT+3
+usr/share/zoneinfo/right/Etc/GMT+4
+usr/share/zoneinfo/right/Etc/GMT+5
+usr/share/zoneinfo/right/Etc/GMT+6
+usr/share/zoneinfo/right/Etc/GMT+7
+usr/share/zoneinfo/right/Etc/GMT+8
+usr/share/zoneinfo/right/Etc/GMT+9
+usr/share/zoneinfo/right/Etc/GMT-0
+usr/share/zoneinfo/right/Etc/GMT-1
+usr/share/zoneinfo/right/Etc/GMT-10
+usr/share/zoneinfo/right/Etc/GMT-11
+usr/share/zoneinfo/right/Etc/GMT-12
+usr/share/zoneinfo/right/Etc/GMT-13
+usr/share/zoneinfo/right/Etc/GMT-14
+usr/share/zoneinfo/right/Etc/GMT-2
+usr/share/zoneinfo/right/Etc/GMT-3
+usr/share/zoneinfo/right/Etc/GMT-4
+usr/share/zoneinfo/right/Etc/GMT-5
+usr/share/zoneinfo/right/Etc/GMT-6
+usr/share/zoneinfo/right/Etc/GMT-7
+usr/share/zoneinfo/right/Etc/GMT-8
+usr/share/zoneinfo/right/Etc/GMT-9
+usr/share/zoneinfo/right/Etc/GMT0
+usr/share/zoneinfo/right/Etc/Greenwich
+usr/share/zoneinfo/right/Etc/UCT
+usr/share/zoneinfo/right/Etc/Universal
+usr/share/zoneinfo/right/Etc/UTC
+usr/share/zoneinfo/right/Etc/Zulu
+usr/share/zoneinfo/right/Europe/
+usr/share/zoneinfo/right/Europe/Amsterdam
+usr/share/zoneinfo/right/Europe/Andorra
+usr/share/zoneinfo/right/Europe/Astrakhan
+usr/share/zoneinfo/right/Europe/Athens
+usr/share/zoneinfo/right/Europe/Belfast
+usr/share/zoneinfo/right/Europe/Belgrade
+usr/share/zoneinfo/right/Europe/Berlin
+usr/share/zoneinfo/right/Europe/Bratislava
+usr/share/zoneinfo/right/Europe/Brussels
+usr/share/zoneinfo/right/Europe/Bucharest
+usr/share/zoneinfo/right/Europe/Budapest
+usr/share/zoneinfo/right/Europe/Busingen
+usr/share/zoneinfo/right/Europe/Chisinau
+usr/share/zoneinfo/right/Europe/Copenhagen
+usr/share/zoneinfo/right/Europe/Dublin
+usr/share/zoneinfo/right/Europe/Gibraltar
+usr/share/zoneinfo/right/Europe/Guernsey
+usr/share/zoneinfo/right/Europe/Helsinki
+usr/share/zoneinfo/right/Europe/Isle_of_Man
+usr/share/zoneinfo/right/Europe/Istanbul
+usr/share/zoneinfo/right/Europe/Jersey
+usr/share/zoneinfo/right/Europe/Kaliningrad
+usr/share/zoneinfo/right/Europe/Kiev
+usr/share/zoneinfo/right/Europe/Kirov
+usr/share/zoneinfo/right/Europe/Lisbon
+usr/share/zoneinfo/right/Europe/Ljubljana
+usr/share/zoneinfo/right/Europe/London
+usr/share/zoneinfo/right/Europe/Luxembourg
+usr/share/zoneinfo/right/Europe/Madrid
+usr/share/zoneinfo/right/Europe/Malta
+usr/share/zoneinfo/right/Europe/Mariehamn
+usr/share/zoneinfo/right/Europe/Minsk
+usr/share/zoneinfo/right/Europe/Monaco
+usr/share/zoneinfo/right/Europe/Moscow
+usr/share/zoneinfo/right/Europe/Nicosia
+usr/share/zoneinfo/right/Europe/Oslo
+usr/share/zoneinfo/right/Europe/Paris
+usr/share/zoneinfo/right/Europe/Podgorica
+usr/share/zoneinfo/right/Europe/Prague
+usr/share/zoneinfo/right/Europe/Riga
+usr/share/zoneinfo/right/Europe/Rome
+usr/share/zoneinfo/right/Europe/Samara
+usr/share/zoneinfo/right/Europe/San_Marino
+usr/share/zoneinfo/right/Europe/Sarajevo
+usr/share/zoneinfo/right/Europe/Saratov
+usr/share/zoneinfo/right/Europe/Simferopol
+usr/share/zoneinfo/right/Europe/Skopje
+usr/share/zoneinfo/right/Europe/Sofia
+usr/share/zoneinfo/right/Europe/Stockholm
+usr/share/zoneinfo/right/Europe/Tallinn
+usr/share/zoneinfo/right/Europe/Tirane
+usr/share/zoneinfo/right/Europe/Tiraspol
+usr/share/zoneinfo/right/Europe/Ulyanovsk
+usr/share/zoneinfo/right/Europe/Uzhgorod
+usr/share/zoneinfo/right/Europe/Vaduz
+usr/share/zoneinfo/right/Europe/Vatican
+usr/share/zoneinfo/right/Europe/Vienna
+usr/share/zoneinfo/right/Europe/Vilnius
+usr/share/zoneinfo/right/Europe/Volgograd
+usr/share/zoneinfo/right/Europe/Warsaw
+usr/share/zoneinfo/right/Europe/Zagreb
+usr/share/zoneinfo/right/Europe/Zaporozhye
+usr/share/zoneinfo/right/Europe/Zurich
+usr/share/zoneinfo/right/Factory
+usr/share/zoneinfo/right/GB
+usr/share/zoneinfo/right/GB-Eire
+usr/share/zoneinfo/right/GMT
+usr/share/zoneinfo/right/GMT+0
+usr/share/zoneinfo/right/GMT-0
+usr/share/zoneinfo/right/GMT0
+usr/share/zoneinfo/right/Greenwich
+usr/share/zoneinfo/right/Hongkong
+usr/share/zoneinfo/right/HST
+usr/share/zoneinfo/right/Iceland
+usr/share/zoneinfo/right/Indian/
+usr/share/zoneinfo/right/Indian/Antananarivo
+usr/share/zoneinfo/right/Indian/Chagos
+usr/share/zoneinfo/right/Indian/Christmas
+usr/share/zoneinfo/right/Indian/Cocos
+usr/share/zoneinfo/right/Indian/Comoro
+usr/share/zoneinfo/right/Indian/Kerguelen
+usr/share/zoneinfo/right/Indian/Mahe
+usr/share/zoneinfo/right/Indian/Maldives
+usr/share/zoneinfo/right/Indian/Mauritius
+usr/share/zoneinfo/right/Indian/Mayotte
+usr/share/zoneinfo/right/Indian/Reunion
+usr/share/zoneinfo/right/Iran
+usr/share/zoneinfo/right/Israel
+usr/share/zoneinfo/right/Jamaica
+usr/share/zoneinfo/right/Japan
+usr/share/zoneinfo/right/Kwajalein
+usr/share/zoneinfo/right/Libya
+usr/share/zoneinfo/right/MET
+usr/share/zoneinfo/right/Mexico/
+usr/share/zoneinfo/right/Mexico/BajaNorte
+usr/share/zoneinfo/right/Mexico/BajaSur
+usr/share/zoneinfo/right/Mexico/General
+usr/share/zoneinfo/right/MST
+usr/share/zoneinfo/right/MST7MDT
+usr/share/zoneinfo/right/Navajo
+usr/share/zoneinfo/right/NZ
+usr/share/zoneinfo/right/NZ-CHAT
+usr/share/zoneinfo/right/Pacific/
+usr/share/zoneinfo/right/Pacific/Apia
+usr/share/zoneinfo/right/Pacific/Auckland
+usr/share/zoneinfo/right/Pacific/Bougainville
+usr/share/zoneinfo/right/Pacific/Chatham
+usr/share/zoneinfo/right/Pacific/Chuuk
+usr/share/zoneinfo/right/Pacific/Easter
+usr/share/zoneinfo/right/Pacific/Efate
+usr/share/zoneinfo/right/Pacific/Enderbury
+usr/share/zoneinfo/right/Pacific/Fakaofo
+usr/share/zoneinfo/right/Pacific/Fiji
+usr/share/zoneinfo/right/Pacific/Funafuti
+usr/share/zoneinfo/right/Pacific/Galapagos
+usr/share/zoneinfo/right/Pacific/Gambier
+usr/share/zoneinfo/right/Pacific/Guadalcanal
+usr/share/zoneinfo/right/Pacific/Guam
+usr/share/zoneinfo/right/Pacific/Honolulu
+usr/share/zoneinfo/right/Pacific/Johnston
+usr/share/zoneinfo/right/Pacific/Kiritimati
+usr/share/zoneinfo/right/Pacific/Kosrae
+usr/share/zoneinfo/right/Pacific/Kwajalein
+usr/share/zoneinfo/right/Pacific/Majuro
+usr/share/zoneinfo/right/Pacific/Marquesas
+usr/share/zoneinfo/right/Pacific/Midway
+usr/share/zoneinfo/right/Pacific/Nauru
+usr/share/zoneinfo/right/Pacific/Niue
+usr/share/zoneinfo/right/Pacific/Norfolk
+usr/share/zoneinfo/right/Pacific/Noumea
+usr/share/zoneinfo/right/Pacific/Pago_Pago
+usr/share/zoneinfo/right/Pacific/Palau
+usr/share/zoneinfo/right/Pacific/Pitcairn
+usr/share/zoneinfo/right/Pacific/Pohnpei
+usr/share/zoneinfo/right/Pacific/Ponape
+usr/share/zoneinfo/right/Pacific/Port_Moresby
+usr/share/zoneinfo/right/Pacific/Rarotonga
+usr/share/zoneinfo/right/Pacific/Saipan
+usr/share/zoneinfo/right/Pacific/Samoa
+usr/share/zoneinfo/right/Pacific/Tahiti
+usr/share/zoneinfo/right/Pacific/Tarawa
+usr/share/zoneinfo/right/Pacific/Tongatapu
+usr/share/zoneinfo/right/Pacific/Truk
+usr/share/zoneinfo/right/Pacific/Wake
+usr/share/zoneinfo/right/Pacific/Wallis
+usr/share/zoneinfo/right/Pacific/Yap
+usr/share/zoneinfo/right/Poland
+usr/share/zoneinfo/right/Portugal
+usr/share/zoneinfo/right/PRC
+usr/share/zoneinfo/right/PST8PDT
+usr/share/zoneinfo/right/ROC
+usr/share/zoneinfo/right/ROK
+usr/share/zoneinfo/right/Singapore
+usr/share/zoneinfo/right/Turkey
+usr/share/zoneinfo/right/UCT
+usr/share/zoneinfo/right/Universal
+usr/share/zoneinfo/right/US/
+usr/share/zoneinfo/right/US/Alaska
+usr/share/zoneinfo/right/US/Aleutian
+usr/share/zoneinfo/right/US/Arizona
+usr/share/zoneinfo/right/US/Central
+usr/share/zoneinfo/right/US/East-Indiana
+usr/share/zoneinfo/right/US/Eastern
+usr/share/zoneinfo/right/US/Hawaii
+usr/share/zoneinfo/right/US/Indiana-Starke
+usr/share/zoneinfo/right/US/Michigan
+usr/share/zoneinfo/right/US/Mountain
+usr/share/zoneinfo/right/US/Pacific
+usr/share/zoneinfo/right/US/Pacific-New
+usr/share/zoneinfo/right/US/Samoa
+usr/share/zoneinfo/right/UTC
+usr/share/zoneinfo/right/W-SU
+usr/share/zoneinfo/right/WET
+usr/share/zoneinfo/right/Zulu
+usr/share/zoneinfo/ROC
+usr/share/zoneinfo/ROK
+usr/share/zoneinfo/Singapore
+usr/share/zoneinfo/Turkey
+usr/share/zoneinfo/tzdata.zi
+usr/share/zoneinfo/UCT
+usr/share/zoneinfo/Universal
+usr/share/zoneinfo/US/
+usr/share/zoneinfo/US/Alaska
+usr/share/zoneinfo/US/Aleutian
+usr/share/zoneinfo/US/Arizona
+usr/share/zoneinfo/US/Central
+usr/share/zoneinfo/US/East-Indiana
+usr/share/zoneinfo/US/Eastern
+usr/share/zoneinfo/US/Hawaii
+usr/share/zoneinfo/US/Indiana-Starke
+usr/share/zoneinfo/US/Michigan
+usr/share/zoneinfo/US/Mountain
+usr/share/zoneinfo/US/Pacific
+usr/share/zoneinfo/US/Pacific-New
+usr/share/zoneinfo/US/Samoa
+usr/share/zoneinfo/UTC
+usr/share/zoneinfo/W-SU
+usr/share/zoneinfo/WET
+usr/share/zoneinfo/zone.tab
+usr/share/zoneinfo/zone1970.tab
+usr/share/zoneinfo/Zulu
+
diff --git a/msys2/var/lib/pacman/local/tzcode-2019.a-1/mtree b/msys2/var/lib/pacman/local/tzcode-2019.a-1/mtree
new file mode 100644
index 000000000..1c3db5ab6
Binary files /dev/null and b/msys2/var/lib/pacman/local/tzcode-2019.a-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/util-linux-2.26.2-1/desc b/msys2/var/lib/pacman/local/util-linux-2.26.2-1/desc
deleted file mode 100644
index b2ab2677f..000000000
--- a/msys2/var/lib/pacman/local/util-linux-2.26.2-1/desc
+++ /dev/null
@@ -1,53 +0,0 @@
-%NAME%
-util-linux
-
-%VERSION%
-2.26.2-1
-
-%BASE%
-util-linux
-
-%DESC%
-Collection of basic system utilities
-
-%URL%
-http://www.kernel.org/pub/linux/utils/util-linux/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1430816034
-
-%INSTALLDATE%
-1527758894
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-6686720
-
-%GROUPS%
-base
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%REPLACES%
-getopt
-
-%DEPENDS%
-coreutils
-libutil-linux
-libiconv
-
-%CONFLICTS%
-getopt
-
-%PROVIDES%
-getopt
-
diff --git a/msys2/var/lib/pacman/local/util-linux-2.26.2-1/files b/msys2/var/lib/pacman/local/util-linux-2.26.2-1/files
deleted file mode 100644
index 025499020..000000000
--- a/msys2/var/lib/pacman/local/util-linux-2.26.2-1/files
+++ /dev/null
@@ -1,233 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/agetty.exe
-usr/bin/blkid.exe
-usr/bin/cal.exe
-usr/bin/cfdisk.exe
-usr/bin/col.exe
-usr/bin/colcrt.exe
-usr/bin/colrm.exe
-usr/bin/column.exe
-usr/bin/fdisk.exe
-usr/bin/findfs.exe
-usr/bin/flock.exe
-usr/bin/fsck.cramfs.exe
-usr/bin/fsck.minix.exe
-usr/bin/getopt.exe
-usr/bin/hexdump.exe
-usr/bin/ipcmk.exe
-usr/bin/isosize.exe
-usr/bin/logger.exe
-usr/bin/look.exe
-usr/bin/mcookie.exe
-usr/bin/mkfs.bfs.exe
-usr/bin/mkfs.cramfs.exe
-usr/bin/mkfs.exe
-usr/bin/mkfs.minix.exe
-usr/bin/mkswap.exe
-usr/bin/more.exe
-usr/bin/namei.exe
-usr/bin/pg.exe
-usr/bin/rename.exe
-usr/bin/renice.exe
-usr/bin/rev.exe
-usr/bin/script.exe
-usr/bin/scriptreplay.exe
-usr/bin/setsid.exe
-usr/bin/sfdisk.exe
-usr/bin/swaplabel.exe
-usr/bin/tailf.exe
-usr/bin/ul.exe
-usr/bin/uuidd.exe
-usr/bin/uuidgen.exe
-usr/bin/whereis.exe
-usr/bin/wipefs.exe
-usr/share/
-usr/share/bash-completion/
-usr/share/bash-completion/completions/
-usr/share/bash-completion/completions/blkid
-usr/share/bash-completion/completions/cal
-usr/share/bash-completion/completions/cfdisk
-usr/share/bash-completion/completions/col
-usr/share/bash-completion/completions/colcrt
-usr/share/bash-completion/completions/colrm
-usr/share/bash-completion/completions/column
-usr/share/bash-completion/completions/fdisk
-usr/share/bash-completion/completions/flock
-usr/share/bash-completion/completions/fsck.cramfs
-usr/share/bash-completion/completions/fsck.minix
-usr/share/bash-completion/completions/getopt
-usr/share/bash-completion/completions/hexdump
-usr/share/bash-completion/completions/isosize
-usr/share/bash-completion/completions/logger
-usr/share/bash-completion/completions/look
-usr/share/bash-completion/completions/mcookie
-usr/share/bash-completion/completions/mkfs
-usr/share/bash-completion/completions/mkfs.bfs
-usr/share/bash-completion/completions/mkfs.cramfs
-usr/share/bash-completion/completions/mkfs.minix
-usr/share/bash-completion/completions/mkswap
-usr/share/bash-completion/completions/more
-usr/share/bash-completion/completions/namei
-usr/share/bash-completion/completions/pg
-usr/share/bash-completion/completions/rename
-usr/share/bash-completion/completions/renice
-usr/share/bash-completion/completions/rev
-usr/share/bash-completion/completions/script
-usr/share/bash-completion/completions/scriptreplay
-usr/share/bash-completion/completions/setsid
-usr/share/bash-completion/completions/sfdisk
-usr/share/bash-completion/completions/swaplabel
-usr/share/bash-completion/completions/tailf
-usr/share/bash-completion/completions/ul
-usr/share/bash-completion/completions/uuidd
-usr/share/bash-completion/completions/uuidgen
-usr/share/bash-completion/completions/whereis
-usr/share/bash-completion/completions/wipefs
-usr/share/doc/
-usr/share/doc/util-linux/
-usr/share/doc/util-linux/getopt/
-usr/share/doc/util-linux/getopt/getopt-parse.bash
-usr/share/doc/util-linux/getopt/getopt-parse.tcsh
-usr/share/locale/
-usr/share/locale/ca/
-usr/share/locale/ca/LC_MESSAGES/
-usr/share/locale/ca/LC_MESSAGES/util-linux.mo
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/util-linux.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/util-linux.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/util-linux.mo
-usr/share/locale/es/
-usr/share/locale/es/LC_MESSAGES/
-usr/share/locale/es/LC_MESSAGES/util-linux.mo
-usr/share/locale/et/
-usr/share/locale/et/LC_MESSAGES/
-usr/share/locale/et/LC_MESSAGES/util-linux.mo
-usr/share/locale/eu/
-usr/share/locale/eu/LC_MESSAGES/
-usr/share/locale/eu/LC_MESSAGES/util-linux.mo
-usr/share/locale/fi/
-usr/share/locale/fi/LC_MESSAGES/
-usr/share/locale/fi/LC_MESSAGES/util-linux.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/util-linux.mo
-usr/share/locale/gl/
-usr/share/locale/gl/LC_MESSAGES/
-usr/share/locale/gl/LC_MESSAGES/util-linux.mo
-usr/share/locale/hr/
-usr/share/locale/hr/LC_MESSAGES/
-usr/share/locale/hr/LC_MESSAGES/util-linux.mo
-usr/share/locale/hu/
-usr/share/locale/hu/LC_MESSAGES/
-usr/share/locale/hu/LC_MESSAGES/util-linux.mo
-usr/share/locale/id/
-usr/share/locale/id/LC_MESSAGES/
-usr/share/locale/id/LC_MESSAGES/util-linux.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/util-linux.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/util-linux.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/util-linux.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/util-linux.mo
-usr/share/locale/pt_BR/
-usr/share/locale/pt_BR/LC_MESSAGES/
-usr/share/locale/pt_BR/LC_MESSAGES/util-linux.mo
-usr/share/locale/ru/
-usr/share/locale/ru/LC_MESSAGES/
-usr/share/locale/ru/LC_MESSAGES/util-linux.mo
-usr/share/locale/sl/
-usr/share/locale/sl/LC_MESSAGES/
-usr/share/locale/sl/LC_MESSAGES/util-linux.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/util-linux.mo
-usr/share/locale/tr/
-usr/share/locale/tr/LC_MESSAGES/
-usr/share/locale/tr/LC_MESSAGES/util-linux.mo
-usr/share/locale/uk/
-usr/share/locale/uk/LC_MESSAGES/
-usr/share/locale/uk/LC_MESSAGES/util-linux.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/util-linux.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/util-linux.mo
-usr/share/locale/zh_TW/
-usr/share/locale/zh_TW/LC_MESSAGES/
-usr/share/locale/zh_TW/LC_MESSAGES/util-linux.mo
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/cal.1.gz
-usr/share/man/man1/col.1.gz
-usr/share/man/man1/colcrt.1.gz
-usr/share/man/man1/colrm.1.gz
-usr/share/man/man1/column.1.gz
-usr/share/man/man1/flock.1.gz
-usr/share/man/man1/getopt.1.gz
-usr/share/man/man1/hexdump.1.gz
-usr/share/man/man1/ipcmk.1.gz
-usr/share/man/man1/logger.1.gz
-usr/share/man/man1/look.1.gz
-usr/share/man/man1/mcookie.1.gz
-usr/share/man/man1/more.1.gz
-usr/share/man/man1/namei.1.gz
-usr/share/man/man1/pg.1.gz
-usr/share/man/man1/rename.1.gz
-usr/share/man/man1/renice.1.gz
-usr/share/man/man1/rev.1.gz
-usr/share/man/man1/script.1.gz
-usr/share/man/man1/scriptreplay.1.gz
-usr/share/man/man1/setsid.1.gz
-usr/share/man/man1/tailf.1.gz
-usr/share/man/man1/ul.1.gz
-usr/share/man/man1/uuidgen.1.gz
-usr/share/man/man1/whereis.1.gz
-usr/share/man/man3/
-usr/share/man/man3/libblkid.3.gz
-usr/share/man/man3/uuid.3.gz
-usr/share/man/man3/uuid_clear.3.gz
-usr/share/man/man3/uuid_compare.3.gz
-usr/share/man/man3/uuid_copy.3.gz
-usr/share/man/man3/uuid_generate.3.gz
-usr/share/man/man3/uuid_generate_random.3.gz
-usr/share/man/man3/uuid_generate_time.3.gz
-usr/share/man/man3/uuid_generate_time_safe.3.gz
-usr/share/man/man3/uuid_is_null.3.gz
-usr/share/man/man3/uuid_parse.3.gz
-usr/share/man/man3/uuid_time.3.gz
-usr/share/man/man3/uuid_unparse.3.gz
-usr/share/man/man5/
-usr/share/man/man5/terminal-colors.d.5.gz
-usr/share/man/man8/
-usr/share/man/man8/agetty.8.gz
-usr/share/man/man8/blkid.8.gz
-usr/share/man/man8/cfdisk.8.gz
-usr/share/man/man8/fdisk.8.gz
-usr/share/man/man8/findfs.8.gz
-usr/share/man/man8/fsck.cramfs.8.gz
-usr/share/man/man8/fsck.minix.8.gz
-usr/share/man/man8/isosize.8.gz
-usr/share/man/man8/mkfs.8.gz
-usr/share/man/man8/mkfs.bfs.8.gz
-usr/share/man/man8/mkfs.cramfs.8.gz
-usr/share/man/man8/mkfs.minix.8.gz
-usr/share/man/man8/mkswap.8.gz
-usr/share/man/man8/sfdisk.8.gz
-usr/share/man/man8/swaplabel.8.gz
-usr/share/man/man8/uuidd.8.gz
-usr/share/man/man8/wipefs.8.gz
-
diff --git a/msys2/var/lib/pacman/local/util-linux-2.26.2-1/mtree b/msys2/var/lib/pacman/local/util-linux-2.26.2-1/mtree
deleted file mode 100644
index 0332f80be..000000000
Binary files a/msys2/var/lib/pacman/local/util-linux-2.26.2-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/util-linux-2.33.1-1/desc b/msys2/var/lib/pacman/local/util-linux-2.33.1-1/desc
new file mode 100644
index 000000000..22e534460
--- /dev/null
+++ b/msys2/var/lib/pacman/local/util-linux-2.33.1-1/desc
@@ -0,0 +1,53 @@
+%NAME%
+util-linux
+
+%VERSION%
+2.33.1-1
+
+%BASE%
+util-linux
+
+%DESC%
+Collection of basic system utilities
+
+%URL%
+https://www.kernel.org/pub/linux/utils/util-linux/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1556515202
+
+%INSTALLDATE%
+1558699117
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+8244224
+
+%GROUPS%
+base
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%REPLACES%
+getopt
+
+%DEPENDS%
+coreutils
+libutil-linux
+libiconv
+
+%CONFLICTS%
+getopt
+
+%PROVIDES%
+getopt
+
diff --git a/msys2/var/lib/pacman/local/util-linux-2.33.1-1/files b/msys2/var/lib/pacman/local/util-linux-2.33.1-1/files
new file mode 100644
index 000000000..cebb310f3
--- /dev/null
+++ b/msys2/var/lib/pacman/local/util-linux-2.33.1-1/files
@@ -0,0 +1,232 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/agetty.exe
+usr/bin/blkid.exe
+usr/bin/cal.exe
+usr/bin/cfdisk.exe
+usr/bin/col.exe
+usr/bin/colcrt.exe
+usr/bin/colrm.exe
+usr/bin/column.exe
+usr/bin/fdisk.exe
+usr/bin/findfs.exe
+usr/bin/flock.exe
+usr/bin/fsck.cramfs.exe
+usr/bin/fsck.minix.exe
+usr/bin/getopt.exe
+usr/bin/hexdump.exe
+usr/bin/ipcmk.exe
+usr/bin/isosize.exe
+usr/bin/logger.exe
+usr/bin/look.exe
+usr/bin/mcookie.exe
+usr/bin/mkfs.bfs.exe
+usr/bin/mkfs.cramfs.exe
+usr/bin/mkfs.exe
+usr/bin/mkfs.minix.exe
+usr/bin/mkswap.exe
+usr/bin/more.exe
+usr/bin/namei.exe
+usr/bin/pg.exe
+usr/bin/rename.exe
+usr/bin/renice.exe
+usr/bin/rev.exe
+usr/bin/script.exe
+usr/bin/scriptreplay.exe
+usr/bin/setsid.exe
+usr/bin/sfdisk.exe
+usr/bin/swaplabel.exe
+usr/bin/ul.exe
+usr/bin/uuidgen.exe
+usr/bin/uuidparse.exe
+usr/bin/whereis.exe
+usr/bin/wipefs.exe
+usr/share/
+usr/share/bash-completion/
+usr/share/bash-completion/completions/
+usr/share/bash-completion/completions/blkid
+usr/share/bash-completion/completions/cal
+usr/share/bash-completion/completions/cfdisk
+usr/share/bash-completion/completions/col
+usr/share/bash-completion/completions/colcrt
+usr/share/bash-completion/completions/colrm
+usr/share/bash-completion/completions/column
+usr/share/bash-completion/completions/fdisk
+usr/share/bash-completion/completions/findfs
+usr/share/bash-completion/completions/flock
+usr/share/bash-completion/completions/fsck.cramfs
+usr/share/bash-completion/completions/fsck.minix
+usr/share/bash-completion/completions/getopt
+usr/share/bash-completion/completions/hexdump
+usr/share/bash-completion/completions/ipcmk
+usr/share/bash-completion/completions/isosize
+usr/share/bash-completion/completions/logger
+usr/share/bash-completion/completions/look
+usr/share/bash-completion/completions/mcookie
+usr/share/bash-completion/completions/mkfs
+usr/share/bash-completion/completions/mkfs.bfs
+usr/share/bash-completion/completions/mkfs.cramfs
+usr/share/bash-completion/completions/mkfs.minix
+usr/share/bash-completion/completions/mkswap
+usr/share/bash-completion/completions/more
+usr/share/bash-completion/completions/namei
+usr/share/bash-completion/completions/pg
+usr/share/bash-completion/completions/rename
+usr/share/bash-completion/completions/renice
+usr/share/bash-completion/completions/rev
+usr/share/bash-completion/completions/script
+usr/share/bash-completion/completions/scriptreplay
+usr/share/bash-completion/completions/setsid
+usr/share/bash-completion/completions/sfdisk
+usr/share/bash-completion/completions/swaplabel
+usr/share/bash-completion/completions/ul
+usr/share/bash-completion/completions/uuidgen
+usr/share/bash-completion/completions/uuidparse
+usr/share/bash-completion/completions/whereis
+usr/share/bash-completion/completions/wipefs
+usr/share/doc/
+usr/share/doc/util-linux/
+usr/share/doc/util-linux/getopt/
+usr/share/doc/util-linux/getopt/getopt-parse.bash
+usr/share/doc/util-linux/getopt/getopt-parse.tcsh
+usr/share/locale/
+usr/share/locale/ca/
+usr/share/locale/ca/LC_MESSAGES/
+usr/share/locale/ca/LC_MESSAGES/util-linux.mo
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/util-linux.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/util-linux.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/util-linux.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/util-linux.mo
+usr/share/locale/et/
+usr/share/locale/et/LC_MESSAGES/
+usr/share/locale/et/LC_MESSAGES/util-linux.mo
+usr/share/locale/eu/
+usr/share/locale/eu/LC_MESSAGES/
+usr/share/locale/eu/LC_MESSAGES/util-linux.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/util-linux.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/util-linux.mo
+usr/share/locale/gl/
+usr/share/locale/gl/LC_MESSAGES/
+usr/share/locale/gl/LC_MESSAGES/util-linux.mo
+usr/share/locale/hr/
+usr/share/locale/hr/LC_MESSAGES/
+usr/share/locale/hr/LC_MESSAGES/util-linux.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/util-linux.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/util-linux.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/util-linux.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/util-linux.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/util-linux.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/util-linux.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/util-linux.mo
+usr/share/locale/ru/
+usr/share/locale/ru/LC_MESSAGES/
+usr/share/locale/ru/LC_MESSAGES/util-linux.mo
+usr/share/locale/sl/
+usr/share/locale/sl/LC_MESSAGES/
+usr/share/locale/sl/LC_MESSAGES/util-linux.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/util-linux.mo
+usr/share/locale/tr/
+usr/share/locale/tr/LC_MESSAGES/
+usr/share/locale/tr/LC_MESSAGES/util-linux.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/util-linux.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/util-linux.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/util-linux.mo
+usr/share/locale/zh_TW/
+usr/share/locale/zh_TW/LC_MESSAGES/
+usr/share/locale/zh_TW/LC_MESSAGES/util-linux.mo
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/cal.1.gz
+usr/share/man/man1/col.1.gz
+usr/share/man/man1/colcrt.1.gz
+usr/share/man/man1/colrm.1.gz
+usr/share/man/man1/column.1.gz
+usr/share/man/man1/flock.1.gz
+usr/share/man/man1/getopt.1.gz
+usr/share/man/man1/hexdump.1.gz
+usr/share/man/man1/ipcmk.1.gz
+usr/share/man/man1/logger.1.gz
+usr/share/man/man1/look.1.gz
+usr/share/man/man1/mcookie.1.gz
+usr/share/man/man1/more.1.gz
+usr/share/man/man1/namei.1.gz
+usr/share/man/man1/pg.1.gz
+usr/share/man/man1/rename.1.gz
+usr/share/man/man1/renice.1.gz
+usr/share/man/man1/rev.1.gz
+usr/share/man/man1/script.1.gz
+usr/share/man/man1/scriptreplay.1.gz
+usr/share/man/man1/setsid.1.gz
+usr/share/man/man1/ul.1.gz
+usr/share/man/man1/uuidgen.1.gz
+usr/share/man/man1/uuidparse.1.gz
+usr/share/man/man1/whereis.1.gz
+usr/share/man/man3/
+usr/share/man/man3/libblkid.3.gz
+usr/share/man/man3/uuid.3.gz
+usr/share/man/man3/uuid_clear.3.gz
+usr/share/man/man3/uuid_compare.3.gz
+usr/share/man/man3/uuid_copy.3.gz
+usr/share/man/man3/uuid_generate.3.gz
+usr/share/man/man3/uuid_generate_random.3.gz
+usr/share/man/man3/uuid_generate_time.3.gz
+usr/share/man/man3/uuid_generate_time_safe.3.gz
+usr/share/man/man3/uuid_is_null.3.gz
+usr/share/man/man3/uuid_parse.3.gz
+usr/share/man/man3/uuid_time.3.gz
+usr/share/man/man3/uuid_unparse.3.gz
+usr/share/man/man5/
+usr/share/man/man5/terminal-colors.d.5.gz
+usr/share/man/man8/
+usr/share/man/man8/agetty.8.gz
+usr/share/man/man8/blkid.8.gz
+usr/share/man/man8/cfdisk.8.gz
+usr/share/man/man8/fdisk.8.gz
+usr/share/man/man8/findfs.8.gz
+usr/share/man/man8/fsck.cramfs.8.gz
+usr/share/man/man8/fsck.minix.8.gz
+usr/share/man/man8/isosize.8.gz
+usr/share/man/man8/mkfs.8.gz
+usr/share/man/man8/mkfs.bfs.8.gz
+usr/share/man/man8/mkfs.cramfs.8.gz
+usr/share/man/man8/mkfs.minix.8.gz
+usr/share/man/man8/mkswap.8.gz
+usr/share/man/man8/sfdisk.8.gz
+usr/share/man/man8/swaplabel.8.gz
+usr/share/man/man8/wipefs.8.gz
+
diff --git a/msys2/var/lib/pacman/local/util-linux-2.33.1-1/mtree b/msys2/var/lib/pacman/local/util-linux-2.33.1-1/mtree
new file mode 100644
index 000000000..9637f80b1
Binary files /dev/null and b/msys2/var/lib/pacman/local/util-linux-2.33.1-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/wget-1.19.4-1/desc b/msys2/var/lib/pacman/local/wget-1.19.4-1/desc
deleted file mode 100644
index 7ac823914..000000000
--- a/msys2/var/lib/pacman/local/wget-1.19.4-1/desc
+++ /dev/null
@@ -1,55 +0,0 @@
-%NAME%
-wget
-
-%VERSION%
-1.19.4-1
-
-%DESC%
-A network utility to retrieve files from the Web
-
-%URL%
-https://www.gnu.org/software/wget/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1518117126
-
-%INSTALLDATE%
-1527758881
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-2884608
-
-%REASON%
-1
-
-%GROUPS%
-base-devel
-
-%LICENSE%
-GPL3
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-gcc-libs
-libiconv
-libidn2
-libintl
-libgpgme
-libmetalink
-libpcre
-libpsl
-libuuid
-openssl
-zlib
-
-%OPTDEPENDS%
-ca-certificates: HTTPS downloads
-
diff --git a/msys2/var/lib/pacman/local/wget-1.19.4-1/files b/msys2/var/lib/pacman/local/wget-1.19.4-1/files
deleted file mode 100644
index fe8f6df89..000000000
--- a/msys2/var/lib/pacman/local/wget-1.19.4-1/files
+++ /dev/null
@@ -1,134 +0,0 @@
-%FILES%
-etc/
-etc/wgetrc
-usr/
-usr/bin/
-usr/bin/wget.exe
-usr/share/
-usr/share/info/
-usr/share/info/wget.info.gz
-usr/share/locale/
-usr/share/locale/be/
-usr/share/locale/be/LC_MESSAGES/
-usr/share/locale/be/LC_MESSAGES/wget.mo
-usr/share/locale/bg/
-usr/share/locale/bg/LC_MESSAGES/
-usr/share/locale/bg/LC_MESSAGES/wget.mo
-usr/share/locale/ca/
-usr/share/locale/ca/LC_MESSAGES/
-usr/share/locale/ca/LC_MESSAGES/wget.mo
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/wget.mo
-usr/share/locale/da/
-usr/share/locale/da/LC_MESSAGES/
-usr/share/locale/da/LC_MESSAGES/wget.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/wget.mo
-usr/share/locale/el/
-usr/share/locale/el/LC_MESSAGES/
-usr/share/locale/el/LC_MESSAGES/wget.mo
-usr/share/locale/en_GB/
-usr/share/locale/en_GB/LC_MESSAGES/
-usr/share/locale/en_GB/LC_MESSAGES/wget.mo
-usr/share/locale/eo/
-usr/share/locale/eo/LC_MESSAGES/
-usr/share/locale/eo/LC_MESSAGES/wget.mo
-usr/share/locale/es/
-usr/share/locale/es/LC_MESSAGES/
-usr/share/locale/es/LC_MESSAGES/wget.mo
-usr/share/locale/et/
-usr/share/locale/et/LC_MESSAGES/
-usr/share/locale/et/LC_MESSAGES/wget.mo
-usr/share/locale/eu/
-usr/share/locale/eu/LC_MESSAGES/
-usr/share/locale/eu/LC_MESSAGES/wget.mo
-usr/share/locale/fi/
-usr/share/locale/fi/LC_MESSAGES/
-usr/share/locale/fi/LC_MESSAGES/wget.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/wget.mo
-usr/share/locale/ga/
-usr/share/locale/ga/LC_MESSAGES/
-usr/share/locale/ga/LC_MESSAGES/wget.mo
-usr/share/locale/gl/
-usr/share/locale/gl/LC_MESSAGES/
-usr/share/locale/gl/LC_MESSAGES/wget.mo
-usr/share/locale/he/
-usr/share/locale/he/LC_MESSAGES/
-usr/share/locale/he/LC_MESSAGES/wget.mo
-usr/share/locale/hr/
-usr/share/locale/hr/LC_MESSAGES/
-usr/share/locale/hr/LC_MESSAGES/wget.mo
-usr/share/locale/hu/
-usr/share/locale/hu/LC_MESSAGES/
-usr/share/locale/hu/LC_MESSAGES/wget.mo
-usr/share/locale/id/
-usr/share/locale/id/LC_MESSAGES/
-usr/share/locale/id/LC_MESSAGES/wget.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/wget.mo
-usr/share/locale/ja/
-usr/share/locale/ja/LC_MESSAGES/
-usr/share/locale/ja/LC_MESSAGES/wget.mo
-usr/share/locale/lt/
-usr/share/locale/lt/LC_MESSAGES/
-usr/share/locale/lt/LC_MESSAGES/wget.mo
-usr/share/locale/nb/
-usr/share/locale/nb/LC_MESSAGES/
-usr/share/locale/nb/LC_MESSAGES/wget.mo
-usr/share/locale/nl/
-usr/share/locale/nl/LC_MESSAGES/
-usr/share/locale/nl/LC_MESSAGES/wget.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/wget.mo
-usr/share/locale/pt/
-usr/share/locale/pt/LC_MESSAGES/
-usr/share/locale/pt/LC_MESSAGES/wget.mo
-usr/share/locale/pt_BR/
-usr/share/locale/pt_BR/LC_MESSAGES/
-usr/share/locale/pt_BR/LC_MESSAGES/wget.mo
-usr/share/locale/ro/
-usr/share/locale/ro/LC_MESSAGES/
-usr/share/locale/ro/LC_MESSAGES/wget.mo
-usr/share/locale/ru/
-usr/share/locale/ru/LC_MESSAGES/
-usr/share/locale/ru/LC_MESSAGES/wget.mo
-usr/share/locale/sk/
-usr/share/locale/sk/LC_MESSAGES/
-usr/share/locale/sk/LC_MESSAGES/wget.mo
-usr/share/locale/sl/
-usr/share/locale/sl/LC_MESSAGES/
-usr/share/locale/sl/LC_MESSAGES/wget.mo
-usr/share/locale/sr/
-usr/share/locale/sr/LC_MESSAGES/
-usr/share/locale/sr/LC_MESSAGES/wget.mo
-usr/share/locale/sv/
-usr/share/locale/sv/LC_MESSAGES/
-usr/share/locale/sv/LC_MESSAGES/wget.mo
-usr/share/locale/tr/
-usr/share/locale/tr/LC_MESSAGES/
-usr/share/locale/tr/LC_MESSAGES/wget.mo
-usr/share/locale/uk/
-usr/share/locale/uk/LC_MESSAGES/
-usr/share/locale/uk/LC_MESSAGES/wget.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/wget.mo
-usr/share/locale/zh_CN/
-usr/share/locale/zh_CN/LC_MESSAGES/
-usr/share/locale/zh_CN/LC_MESSAGES/wget.mo
-usr/share/locale/zh_TW/
-usr/share/locale/zh_TW/LC_MESSAGES/
-usr/share/locale/zh_TW/LC_MESSAGES/wget.mo
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/wget.1.gz
-
-%BACKUP%
-etc/wgetrc	28664ebcb2722440073da73a6b1065ba
-
diff --git a/msys2/var/lib/pacman/local/wget-1.19.4-1/mtree b/msys2/var/lib/pacman/local/wget-1.19.4-1/mtree
deleted file mode 100644
index 2a7537061..000000000
Binary files a/msys2/var/lib/pacman/local/wget-1.19.4-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/wget-1.20.3-1/desc b/msys2/var/lib/pacman/local/wget-1.20.3-1/desc
new file mode 100644
index 000000000..2be1bca76
--- /dev/null
+++ b/msys2/var/lib/pacman/local/wget-1.20.3-1/desc
@@ -0,0 +1,58 @@
+%NAME%
+wget
+
+%VERSION%
+1.20.3-1
+
+%BASE%
+wget
+
+%DESC%
+A network utility to retrieve files from the Web
+
+%URL%
+https://www.gnu.org/software/wget/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1555322450
+
+%INSTALLDATE%
+1558699105
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+3073024
+
+%REASON%
+1
+
+%GROUPS%
+base-devel
+
+%LICENSE%
+GPL3
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+gcc-libs
+libiconv
+libidn2
+libintl
+libgpgme
+libmetalink
+libpcre2_8
+libpsl
+libuuid
+openssl
+zlib
+
+%OPTDEPENDS%
+ca-certificates: HTTPS downloads
+
diff --git a/msys2/var/lib/pacman/local/wget-1.20.3-1/files b/msys2/var/lib/pacman/local/wget-1.20.3-1/files
new file mode 100644
index 000000000..0d414774a
--- /dev/null
+++ b/msys2/var/lib/pacman/local/wget-1.20.3-1/files
@@ -0,0 +1,134 @@
+%FILES%
+etc/
+etc/wgetrc
+usr/
+usr/bin/
+usr/bin/wget.exe
+usr/share/
+usr/share/info/
+usr/share/info/wget.info.gz
+usr/share/locale/
+usr/share/locale/be/
+usr/share/locale/be/LC_MESSAGES/
+usr/share/locale/be/LC_MESSAGES/wget.mo
+usr/share/locale/bg/
+usr/share/locale/bg/LC_MESSAGES/
+usr/share/locale/bg/LC_MESSAGES/wget.mo
+usr/share/locale/ca/
+usr/share/locale/ca/LC_MESSAGES/
+usr/share/locale/ca/LC_MESSAGES/wget.mo
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/wget.mo
+usr/share/locale/da/
+usr/share/locale/da/LC_MESSAGES/
+usr/share/locale/da/LC_MESSAGES/wget.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/wget.mo
+usr/share/locale/el/
+usr/share/locale/el/LC_MESSAGES/
+usr/share/locale/el/LC_MESSAGES/wget.mo
+usr/share/locale/en_GB/
+usr/share/locale/en_GB/LC_MESSAGES/
+usr/share/locale/en_GB/LC_MESSAGES/wget.mo
+usr/share/locale/eo/
+usr/share/locale/eo/LC_MESSAGES/
+usr/share/locale/eo/LC_MESSAGES/wget.mo
+usr/share/locale/es/
+usr/share/locale/es/LC_MESSAGES/
+usr/share/locale/es/LC_MESSAGES/wget.mo
+usr/share/locale/et/
+usr/share/locale/et/LC_MESSAGES/
+usr/share/locale/et/LC_MESSAGES/wget.mo
+usr/share/locale/eu/
+usr/share/locale/eu/LC_MESSAGES/
+usr/share/locale/eu/LC_MESSAGES/wget.mo
+usr/share/locale/fi/
+usr/share/locale/fi/LC_MESSAGES/
+usr/share/locale/fi/LC_MESSAGES/wget.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/wget.mo
+usr/share/locale/ga/
+usr/share/locale/ga/LC_MESSAGES/
+usr/share/locale/ga/LC_MESSAGES/wget.mo
+usr/share/locale/gl/
+usr/share/locale/gl/LC_MESSAGES/
+usr/share/locale/gl/LC_MESSAGES/wget.mo
+usr/share/locale/he/
+usr/share/locale/he/LC_MESSAGES/
+usr/share/locale/he/LC_MESSAGES/wget.mo
+usr/share/locale/hr/
+usr/share/locale/hr/LC_MESSAGES/
+usr/share/locale/hr/LC_MESSAGES/wget.mo
+usr/share/locale/hu/
+usr/share/locale/hu/LC_MESSAGES/
+usr/share/locale/hu/LC_MESSAGES/wget.mo
+usr/share/locale/id/
+usr/share/locale/id/LC_MESSAGES/
+usr/share/locale/id/LC_MESSAGES/wget.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/wget.mo
+usr/share/locale/ja/
+usr/share/locale/ja/LC_MESSAGES/
+usr/share/locale/ja/LC_MESSAGES/wget.mo
+usr/share/locale/lt/
+usr/share/locale/lt/LC_MESSAGES/
+usr/share/locale/lt/LC_MESSAGES/wget.mo
+usr/share/locale/nb/
+usr/share/locale/nb/LC_MESSAGES/
+usr/share/locale/nb/LC_MESSAGES/wget.mo
+usr/share/locale/nl/
+usr/share/locale/nl/LC_MESSAGES/
+usr/share/locale/nl/LC_MESSAGES/wget.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/wget.mo
+usr/share/locale/pt/
+usr/share/locale/pt/LC_MESSAGES/
+usr/share/locale/pt/LC_MESSAGES/wget.mo
+usr/share/locale/pt_BR/
+usr/share/locale/pt_BR/LC_MESSAGES/
+usr/share/locale/pt_BR/LC_MESSAGES/wget.mo
+usr/share/locale/ro/
+usr/share/locale/ro/LC_MESSAGES/
+usr/share/locale/ro/LC_MESSAGES/wget.mo
+usr/share/locale/ru/
+usr/share/locale/ru/LC_MESSAGES/
+usr/share/locale/ru/LC_MESSAGES/wget.mo
+usr/share/locale/sk/
+usr/share/locale/sk/LC_MESSAGES/
+usr/share/locale/sk/LC_MESSAGES/wget.mo
+usr/share/locale/sl/
+usr/share/locale/sl/LC_MESSAGES/
+usr/share/locale/sl/LC_MESSAGES/wget.mo
+usr/share/locale/sr/
+usr/share/locale/sr/LC_MESSAGES/
+usr/share/locale/sr/LC_MESSAGES/wget.mo
+usr/share/locale/sv/
+usr/share/locale/sv/LC_MESSAGES/
+usr/share/locale/sv/LC_MESSAGES/wget.mo
+usr/share/locale/tr/
+usr/share/locale/tr/LC_MESSAGES/
+usr/share/locale/tr/LC_MESSAGES/wget.mo
+usr/share/locale/uk/
+usr/share/locale/uk/LC_MESSAGES/
+usr/share/locale/uk/LC_MESSAGES/wget.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/wget.mo
+usr/share/locale/zh_CN/
+usr/share/locale/zh_CN/LC_MESSAGES/
+usr/share/locale/zh_CN/LC_MESSAGES/wget.mo
+usr/share/locale/zh_TW/
+usr/share/locale/zh_TW/LC_MESSAGES/
+usr/share/locale/zh_TW/LC_MESSAGES/wget.mo
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/wget.1.gz
+
+%BACKUP%
+etc/wgetrc	5154cdb840584598483be718b7ac4374
+
diff --git a/msys2/var/lib/pacman/local/wget-1.19.4-1/install b/msys2/var/lib/pacman/local/wget-1.20.3-1/install
similarity index 100%
rename from msys2/var/lib/pacman/local/wget-1.19.4-1/install
rename to msys2/var/lib/pacman/local/wget-1.20.3-1/install
diff --git a/msys2/var/lib/pacman/local/wget-1.20.3-1/mtree b/msys2/var/lib/pacman/local/wget-1.20.3-1/mtree
new file mode 100644
index 000000000..7515166ed
Binary files /dev/null and b/msys2/var/lib/pacman/local/wget-1.20.3-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/which-2.21-2/desc b/msys2/var/lib/pacman/local/which-2.21-2/desc
index 2316cc541..10f3b0176 100644
--- a/msys2/var/lib/pacman/local/which-2.21-2/desc
+++ b/msys2/var/lib/pacman/local/which-2.21-2/desc
@@ -17,7 +17,7 @@ i686
 1437376571
 
 %INSTALLDATE%
-1527758877
+1558699101
 
 %PACKAGER%
 Alexpux <alexpux@jmail.com>
diff --git a/msys2/var/lib/pacman/local/xz-5.2.3-1/desc b/msys2/var/lib/pacman/local/xz-5.2.3-1/desc
deleted file mode 100644
index 98cabc403..000000000
--- a/msys2/var/lib/pacman/local/xz-5.2.3-1/desc
+++ /dev/null
@@ -1,49 +0,0 @@
-%NAME%
-xz
-
-%VERSION%
-5.2.3-1
-
-%BASE%
-xz
-
-%DESC%
-Library and command line tools for XZ and LZMA compressed files
-
-%URL%
-http://tukaani.org/xz/
-
-%ARCH%
-i686
-
-%BUILDDATE%
-1485321399
-
-%INSTALLDATE%
-1527758878
-
-%PACKAGER%
-Alexey Pavlov <alexpux@gmail.com>
-
-%SIZE%
-1040384
-
-%REASON%
-1
-
-%GROUPS%
-compression
-
-%LICENSE%
-GPL
-LGPL
-custom
-
-%VALIDATION%
-pgp
-
-%DEPENDS%
-liblzma=5.2.3
-libiconv
-libintl
-
diff --git a/msys2/var/lib/pacman/local/xz-5.2.3-1/files b/msys2/var/lib/pacman/local/xz-5.2.3-1/files
deleted file mode 100644
index 41802dc99..000000000
--- a/msys2/var/lib/pacman/local/xz-5.2.3-1/files
+++ /dev/null
@@ -1,96 +0,0 @@
-%FILES%
-usr/
-usr/bin/
-usr/bin/lzcat.exe
-usr/bin/lzcmp
-usr/bin/lzdiff
-usr/bin/lzegrep
-usr/bin/lzfgrep
-usr/bin/lzgrep
-usr/bin/lzless
-usr/bin/lzma.exe
-usr/bin/lzmadec.exe
-usr/bin/lzmainfo.exe
-usr/bin/lzmore
-usr/bin/unlzma.exe
-usr/bin/unxz.exe
-usr/bin/xz.exe
-usr/bin/xzcat.exe
-usr/bin/xzcmp
-usr/bin/xzdec.exe
-usr/bin/xzdiff
-usr/bin/xzegrep
-usr/bin/xzfgrep
-usr/bin/xzgrep
-usr/bin/xzless
-usr/bin/xzmore
-usr/share/
-usr/share/doc/
-usr/share/doc/xz/
-usr/share/doc/xz/AUTHORS
-usr/share/doc/xz/COPYING
-usr/share/doc/xz/COPYING.GPLv2
-usr/share/doc/xz/NEWS
-usr/share/doc/xz/README
-usr/share/doc/xz/THANKS
-usr/share/doc/xz/TODO
-usr/share/doc/xz/examples/
-usr/share/doc/xz/examples/00_README.txt
-usr/share/doc/xz/examples/01_compress_easy.c
-usr/share/doc/xz/examples/02_decompress.c
-usr/share/doc/xz/examples/03_compress_custom.c
-usr/share/doc/xz/examples/04_compress_easy_mt.c
-usr/share/doc/xz/examples/Makefile
-usr/share/doc/xz/examples_old/
-usr/share/doc/xz/examples_old/xz_pipe_comp.c
-usr/share/doc/xz/examples_old/xz_pipe_decomp.c
-usr/share/doc/xz/faq.txt
-usr/share/doc/xz/history.txt
-usr/share/doc/xz/liblzma.def
-usr/share/doc/xz/lzma-file-format.txt
-usr/share/doc/xz/xz-file-format.txt
-usr/share/locale/
-usr/share/locale/cs/
-usr/share/locale/cs/LC_MESSAGES/
-usr/share/locale/cs/LC_MESSAGES/xz.mo
-usr/share/locale/de/
-usr/share/locale/de/LC_MESSAGES/
-usr/share/locale/de/LC_MESSAGES/xz.mo
-usr/share/locale/fr/
-usr/share/locale/fr/LC_MESSAGES/
-usr/share/locale/fr/LC_MESSAGES/xz.mo
-usr/share/locale/it/
-usr/share/locale/it/LC_MESSAGES/
-usr/share/locale/it/LC_MESSAGES/xz.mo
-usr/share/locale/pl/
-usr/share/locale/pl/LC_MESSAGES/
-usr/share/locale/pl/LC_MESSAGES/xz.mo
-usr/share/locale/vi/
-usr/share/locale/vi/LC_MESSAGES/
-usr/share/locale/vi/LC_MESSAGES/xz.mo
-usr/share/man/
-usr/share/man/man1/
-usr/share/man/man1/lzcat.1.gz
-usr/share/man/man1/lzcmp.1.gz
-usr/share/man/man1/lzdiff.1.gz
-usr/share/man/man1/lzegrep.1.gz
-usr/share/man/man1/lzfgrep.1.gz
-usr/share/man/man1/lzgrep.1.gz
-usr/share/man/man1/lzless.1.gz
-usr/share/man/man1/lzma.1.gz
-usr/share/man/man1/lzmadec.1.gz
-usr/share/man/man1/lzmainfo.1.gz
-usr/share/man/man1/lzmore.1.gz
-usr/share/man/man1/unlzma.1.gz
-usr/share/man/man1/unxz.1.gz
-usr/share/man/man1/xz.1.gz
-usr/share/man/man1/xzcat.1.gz
-usr/share/man/man1/xzcmp.1.gz
-usr/share/man/man1/xzdec.1.gz
-usr/share/man/man1/xzdiff.1.gz
-usr/share/man/man1/xzegrep.1.gz
-usr/share/man/man1/xzfgrep.1.gz
-usr/share/man/man1/xzgrep.1.gz
-usr/share/man/man1/xzless.1.gz
-usr/share/man/man1/xzmore.1.gz
-
diff --git a/msys2/var/lib/pacman/local/xz-5.2.3-1/mtree b/msys2/var/lib/pacman/local/xz-5.2.3-1/mtree
deleted file mode 100644
index 028b59803..000000000
Binary files a/msys2/var/lib/pacman/local/xz-5.2.3-1/mtree and /dev/null differ
diff --git a/msys2/var/lib/pacman/local/xz-5.2.4-1/desc b/msys2/var/lib/pacman/local/xz-5.2.4-1/desc
new file mode 100644
index 000000000..bbbd3a9da
--- /dev/null
+++ b/msys2/var/lib/pacman/local/xz-5.2.4-1/desc
@@ -0,0 +1,49 @@
+%NAME%
+xz
+
+%VERSION%
+5.2.4-1
+
+%BASE%
+xz
+
+%DESC%
+Library and command line tools for XZ and LZMA compressed files
+
+%URL%
+https://tukaani.org/xz/
+
+%ARCH%
+i686
+
+%BUILDDATE%
+1529601416
+
+%INSTALLDATE%
+1558699101
+
+%PACKAGER%
+Alexey Pavlov <alexpux@gmail.com>
+
+%SIZE%
+1037312
+
+%REASON%
+1
+
+%GROUPS%
+compression
+
+%LICENSE%
+GPL
+LGPL
+custom
+
+%VALIDATION%
+pgp
+
+%DEPENDS%
+liblzma=5.2.4
+libiconv
+libintl
+
diff --git a/msys2/var/lib/pacman/local/xz-5.2.4-1/files b/msys2/var/lib/pacman/local/xz-5.2.4-1/files
new file mode 100644
index 000000000..f89c1b21e
--- /dev/null
+++ b/msys2/var/lib/pacman/local/xz-5.2.4-1/files
@@ -0,0 +1,96 @@
+%FILES%
+usr/
+usr/bin/
+usr/bin/lzcat.exe
+usr/bin/lzcmp
+usr/bin/lzdiff
+usr/bin/lzegrep
+usr/bin/lzfgrep
+usr/bin/lzgrep
+usr/bin/lzless
+usr/bin/lzma.exe
+usr/bin/lzmadec.exe
+usr/bin/lzmainfo.exe
+usr/bin/lzmore
+usr/bin/unlzma.exe
+usr/bin/unxz.exe
+usr/bin/xz.exe
+usr/bin/xzcat.exe
+usr/bin/xzcmp
+usr/bin/xzdec.exe
+usr/bin/xzdiff
+usr/bin/xzegrep
+usr/bin/xzfgrep
+usr/bin/xzgrep
+usr/bin/xzless
+usr/bin/xzmore
+usr/share/
+usr/share/doc/
+usr/share/doc/xz/
+usr/share/doc/xz/AUTHORS
+usr/share/doc/xz/COPYING
+usr/share/doc/xz/COPYING.GPLv2
+usr/share/doc/xz/examples/
+usr/share/doc/xz/examples/00_README.txt
+usr/share/doc/xz/examples/01_compress_easy.c
+usr/share/doc/xz/examples/02_decompress.c
+usr/share/doc/xz/examples/03_compress_custom.c
+usr/share/doc/xz/examples/04_compress_easy_mt.c
+usr/share/doc/xz/examples/Makefile
+usr/share/doc/xz/examples_old/
+usr/share/doc/xz/examples_old/xz_pipe_comp.c
+usr/share/doc/xz/examples_old/xz_pipe_decomp.c
+usr/share/doc/xz/faq.txt
+usr/share/doc/xz/history.txt
+usr/share/doc/xz/liblzma.def
+usr/share/doc/xz/lzma-file-format.txt
+usr/share/doc/xz/NEWS
+usr/share/doc/xz/README
+usr/share/doc/xz/THANKS
+usr/share/doc/xz/TODO
+usr/share/doc/xz/xz-file-format.txt
+usr/share/locale/
+usr/share/locale/cs/
+usr/share/locale/cs/LC_MESSAGES/
+usr/share/locale/cs/LC_MESSAGES/xz.mo
+usr/share/locale/de/
+usr/share/locale/de/LC_MESSAGES/
+usr/share/locale/de/LC_MESSAGES/xz.mo
+usr/share/locale/fr/
+usr/share/locale/fr/LC_MESSAGES/
+usr/share/locale/fr/LC_MESSAGES/xz.mo
+usr/share/locale/it/
+usr/share/locale/it/LC_MESSAGES/
+usr/share/locale/it/LC_MESSAGES/xz.mo
+usr/share/locale/pl/
+usr/share/locale/pl/LC_MESSAGES/
+usr/share/locale/pl/LC_MESSAGES/xz.mo
+usr/share/locale/vi/
+usr/share/locale/vi/LC_MESSAGES/
+usr/share/locale/vi/LC_MESSAGES/xz.mo
+usr/share/man/
+usr/share/man/man1/
+usr/share/man/man1/lzcat.1.gz
+usr/share/man/man1/lzcmp.1.gz
+usr/share/man/man1/lzdiff.1.gz
+usr/share/man/man1/lzegrep.1.gz
+usr/share/man/man1/lzfgrep.1.gz
+usr/share/man/man1/lzgrep.1.gz
+usr/share/man/man1/lzless.1.gz
+usr/share/man/man1/lzma.1.gz
+usr/share/man/man1/lzmadec.1.gz
+usr/share/man/man1/lzmainfo.1.gz
+usr/share/man/man1/lzmore.1.gz
+usr/share/man/man1/unlzma.1.gz
+usr/share/man/man1/unxz.1.gz
+usr/share/man/man1/xz.1.gz
+usr/share/man/man1/xzcat.1.gz
+usr/share/man/man1/xzcmp.1.gz
+usr/share/man/man1/xzdec.1.gz
+usr/share/man/man1/xzdiff.1.gz
+usr/share/man/man1/xzegrep.1.gz
+usr/share/man/man1/xzfgrep.1.gz
+usr/share/man/man1/xzgrep.1.gz
+usr/share/man/man1/xzless.1.gz
+usr/share/man/man1/xzmore.1.gz
+
diff --git a/msys2/var/lib/pacman/local/xz-5.2.4-1/mtree b/msys2/var/lib/pacman/local/xz-5.2.4-1/mtree
new file mode 100644
index 000000000..70f9a63b6
Binary files /dev/null and b/msys2/var/lib/pacman/local/xz-5.2.4-1/mtree differ
diff --git a/msys2/var/lib/pacman/local/zlib-1.2.11-1/desc b/msys2/var/lib/pacman/local/zlib-1.2.11-1/desc
index 85f52aff5..9aa584d9a 100644
--- a/msys2/var/lib/pacman/local/zlib-1.2.11-1/desc
+++ b/msys2/var/lib/pacman/local/zlib-1.2.11-1/desc
@@ -20,7 +20,7 @@ i686
 1485320643
 
 %INSTALLDATE%
-1527758860
+1558699069
 
 %PACKAGER%
 Alexey Pavlov <alexpux@gmail.com>
diff --git a/msys2/var/lib/pacman/sync/mingw32.db b/msys2/var/lib/pacman/sync/mingw32.db
index 140aa3c83..53c706408 100644
Binary files a/msys2/var/lib/pacman/sync/mingw32.db and b/msys2/var/lib/pacman/sync/mingw32.db differ
diff --git a/msys2/var/lib/pacman/sync/mingw32.db.sig b/msys2/var/lib/pacman/sync/mingw32.db.sig
index fe51eefa6..2a2c74fe2 100644
Binary files a/msys2/var/lib/pacman/sync/mingw32.db.sig and b/msys2/var/lib/pacman/sync/mingw32.db.sig differ
diff --git a/msys2/var/lib/pacman/sync/mingw64.db b/msys2/var/lib/pacman/sync/mingw64.db
index e4d51315a..e6e8b0e0f 100644
Binary files a/msys2/var/lib/pacman/sync/mingw64.db and b/msys2/var/lib/pacman/sync/mingw64.db differ
diff --git a/msys2/var/lib/pacman/sync/mingw64.db.sig b/msys2/var/lib/pacman/sync/mingw64.db.sig
index 7817c00ce..5f35e829f 100644
Binary files a/msys2/var/lib/pacman/sync/mingw64.db.sig and b/msys2/var/lib/pacman/sync/mingw64.db.sig differ
diff --git a/msys2/var/lib/pacman/sync/msys.db b/msys2/var/lib/pacman/sync/msys.db
index 9f93d7f2f..7e95cdea0 100644
Binary files a/msys2/var/lib/pacman/sync/msys.db and b/msys2/var/lib/pacman/sync/msys.db differ
diff --git a/msys2/var/lib/pacman/sync/msys.db.sig b/msys2/var/lib/pacman/sync/msys.db.sig
index 694ae596e..a7a89df8a 100644
Binary files a/msys2/var/lib/pacman/sync/msys.db.sig and b/msys2/var/lib/pacman/sync/msys.db.sig differ
diff --git a/msys2/var/log/pacman.log b/msys2/var/log/pacman.log
index 0fd864336..2a635a17f 100644
--- a/msys2/var/log/pacman.log
+++ b/msys2/var/log/pacman.log
@@ -1,102 +1,111 @@
-[2018-05-31 12:26] [PACMAN] Running 'pacman -Syu --root /tmp/newmsys/msys32'
-[2018-05-31 12:26] [PACMAN] synchronizing package lists
-[2018-05-31 12:26] [PACMAN] starting core system upgrade
-[2018-05-31 12:26] [PACMAN] starting full system upgrade
-[2018-05-31 12:26] [PACMAN] Running 'pacman -S --noconfirm --root /tmp/newmsys/msys32 base'
-[2018-05-31 12:27] [ALPM] transaction started
-[2018-05-31 12:27] [ALPM] installed msys2-runtime (2.10.0-2)
-[2018-05-31 12:27] [ALPM] installed bash (4.4.019-3)
-[2018-05-31 12:27] [ALPM] installed bash-completion (2.8-1)
-[2018-05-31 12:27] [ALPM] installed gcc-libs (7.3.0-1)
-[2018-05-31 12:27] [ALPM] installed libbz2 (1.0.6-2)
-[2018-05-31 12:27] [ALPM] installed libiconv (1.15-1)
-[2018-05-31 12:27] [ALPM] installed libintl (0.19.8.1-1)
-[2018-05-31 12:27] [ALPM] installed libgettextpo (0.19.8.1-1)
-[2018-05-31 12:27] [ALPM] installed libasprintf (0.19.8.1-1)
-[2018-05-31 12:27] [ALPM] installed gettext (0.19.8.1-1)
-[2018-05-31 12:27] [ALPM] installed liblzma (5.2.3-1)
-[2018-05-31 12:27] [ALPM] installed liblzo2 (2.10-1)
-[2018-05-31 12:27] [ALPM] installed gmp (6.1.2-1)
-[2018-05-31 12:27] [ALPM] installed libnettle (3.3-1)
-[2018-05-31 12:27] [ALPM] installed coreutils (8.26-3)
-[2018-05-31 12:27] [ALPM] installed icu (60.2-1)
-[2018-05-31 12:27] [ALPM] installed ncurses (6.1.20180526-1)
-[2018-05-31 12:27] [ALPM] installed libreadline (7.0.003-2)
-[2018-05-31 12:27] [ALPM] installed zlib (1.2.11-1)
-[2018-05-31 12:27] [ALPM] installed libxml2 (2.9.7-2)
-[2018-05-31 12:27] [ALPM] installed bsdcpio (3.3.2-1)
-[2018-05-31 12:27] [ALPM] installed bsdtar (3.3.2-1)
-[2018-05-31 12:27] [ALPM] installed bzip2 (1.0.6-2)
-[2018-05-31 12:27] [ALPM] installed libopenssl (1.0.2.m-1)
-[2018-05-31 12:27] [ALPM] installed openssl (1.0.2.m-1)
-[2018-05-31 12:27] [ALPM] installed findutils (4.6.0-1)
-[2018-05-31 12:27] [ALPM] installed sed (4.4-2)
-[2018-05-31 12:27] [ALPM] installed libffi (3.2.1-1)
-[2018-05-31 12:27] [ALPM] installed libpcre (8.40-2)
-[2018-05-31 12:27] [ALPM] installed less (529-1)
-[2018-05-31 12:27] [ALPM] installed gzip (1.9-1)
-[2018-05-31 12:27] [ALPM] installed info (6.3-1)
-[2018-05-31 12:27] [ALPM] installed libtasn1 (4.13-1)
-[2018-05-31 12:27] [ALPM] installed libgpg-error (1.27-1)
-[2018-05-31 12:27] [ALPM] installed libgcrypt (1.8.1-1)
-[2018-05-31 12:27] [ALPM] installed libxslt (1.1.32-1)
-[2018-05-31 12:27] [ALPM] installed glib2 (2.48.2-1)
-[2018-05-31 12:27] [ALPM] installed libp11-kit (0.23.9-1)
-[2018-05-31 12:27] [ALPM] installed p11-kit (0.23.9-1)
-[2018-05-31 12:27] [ALPM] installed ca-certificates (20170717-2)
-[2018-05-31 12:27] [ALPM] installed libdb (5.3.28-2)
-[2018-05-31 12:27] [ALPM] installed libcrypt (2.1-1)
-[2018-05-31 12:27] [ALPM] installed libedit (3.1-20170329)
-[2018-05-31 12:27] [ALPM] installed libsqlite (3.21.0-2)
-[2018-05-31 12:27] [ALPM] installed heimdal-libs (1.5.3-9)
-[2018-05-31 12:27] [ALPM] installed libunistring (0.9.7-2)
-[2018-05-31 12:27] [ALPM] installed libidn2 (2.0.4-2)
-[2018-05-31 12:27] [ALPM] installed libexpat (2.2.5-1)
-[2018-05-31 12:27] [ALPM] installed libmetalink (0.1.3-2)
-[2018-05-31 12:27] [ALPM] installed libnghttp2 (1.30.0-1)
-[2018-05-31 12:27] [ALPM] installed libpsl (0.19.1-1)
-[2018-05-31 12:27] [ALPM] installed libssh2 (1.8.0-1)
-[2018-05-31 12:27] [ALPM] installed libcurl (7.58.0-1)
-[2018-05-31 12:27] [ALPM] installed curl (7.58.0-1)
-[2018-05-31 12:27] [ALPM] installed filesystem (2018.04-1)
-[2018-05-31 12:27] [ALPM] installed grep (3.0-1)
-[2018-05-31 12:27] [ALPM] installed dash (0.5.9.1-1)
-[2018-05-31 12:27] [ALPM] installed dtc (1.4.4-1)
-[2018-05-31 12:27] [ALPM] installed file (5.33-1)
-[2018-05-31 12:27] [ALPM] installed m4 (1.4.18-1)
-[2018-05-31 12:27] [ALPM] installed flex (2.6.4-1)
-[2018-05-31 12:27] [ALPM] installed mpfr (4.0.1-1)
-[2018-05-31 12:27] [ALPM] installed gawk (4.2.0-1)
-[2018-05-31 12:27] [ALPM] installed libargp (20110921-1)
-[2018-05-31 12:27] [ALPM] installed getent (2.18.90-2)
-[2018-05-31 12:27] [ALPM] installed tftp-hpa (5.2-2)
-[2018-05-31 12:27] [ALPM] installed inetutils (1.9.4-1)
-[2018-05-31 12:27] [ALPM] installed lndir (1.0.3-1)
-[2018-05-31 12:27] [ALPM] installed mintty (1~2.8.5-1)
-[2018-05-31 12:27] [ALPM] installed msys2-keyring (r9.397a52e-1)
-[2018-05-31 12:27] [ALPM] installed msys2-launcher-git (0.3.32.56c2ba7-2)
-[2018-05-31 12:27] [ALPM] installed gnupg (1.4.22-3)
-[2018-05-31 12:27] [ALPM] installed pacman-mirrors (20180419-1)
-[2018-05-31 12:27] [ALPM] installed which (2.21-2)
-[2018-05-31 12:27] [ALPM] installed xz (5.2.3-1)
-[2018-05-31 12:27] [ALPM] installed pacman (5.0.1-7)
-[2018-05-31 12:27] [ALPM] installed libarchive (3.3.2-1)
-[2018-05-31 12:27] [ALPM] installed libpcre16 (8.40-2)
-[2018-05-31 12:27] [ALPM] installed libpcre32 (8.40-2)
-[2018-05-31 12:27] [ALPM] installed libpcrecpp (8.40-2)
-[2018-05-31 12:27] [ALPM] installed libpcreposix (8.40-2)
-[2018-05-31 12:28] [ALPM] installed pcre (8.40-2)
-[2018-05-31 12:28] [ALPM] installed pkgfile (17-1)
-[2018-05-31 12:28] [ALPM-SCRIPTLET] ==> Run 'pkgfile --update' to initialize the database
-[2018-05-31 12:28] [ALPM] installed libassuan (2.4.3-1)
-[2018-05-31 12:28] [ALPM] installed libgpgme (1.6.0-1)
-[2018-05-31 12:28] [ALPM] installed libutil-linux (2.26.2-1)
-[2018-05-31 12:28] [ALPM] installed wget (1.19.4-1)
-[2018-05-31 12:28] [ALPM] installed pactoys-git (r2.07ca37f-1)
-[2018-05-31 12:28] [ALPM] installed pax-git (20161104.2-1)
-[2018-05-31 12:28] [ALPM] installed rebase (4.4.2-1)
-[2018-05-31 12:28] [ALPM] installed time (1.7-1)
-[2018-05-31 12:28] [ALPM] installed ttyrec (1.0.8-1)
-[2018-05-31 12:28] [ALPM] installed tzcode (2018.c-1)
-[2018-05-31 12:28] [ALPM] installed util-linux (2.26.2-1)
-[2018-05-31 12:28] [ALPM] transaction completed
+[2019-05-24 14:56] [PACMAN] Running 'pacman -Syu --root /tmp/newmsys/msys32'
+[2019-05-24 14:56] [PACMAN] synchronizing package lists
+[2019-05-24 14:56] [PACMAN] starting core system upgrade
+[2019-05-24 14:56] [PACMAN] starting full system upgrade
+[2019-05-24 14:56] [PACMAN] Running 'pacman -S --noconfirm --root /tmp/newmsys/msys32 base'
+[2019-05-24 14:57] [ALPM] transaction started
+[2019-05-24 14:57] [ALPM] installed msys2-runtime (3.0.7-2)
+[2019-05-24 14:57] [ALPM] installed bash (4.4.023-1)
+[2019-05-24 14:57] [ALPM] installed bash-completion (2.8-2)
+[2019-05-24 14:57] [ALPM] installed gcc-libs (7.4.0-1)
+[2019-05-24 14:57] [ALPM] installed libbz2 (1.0.6-2)
+[2019-05-24 14:57] [ALPM] installed libiconv (1.15-1)
+[2019-05-24 14:57] [ALPM] installed libexpat (2.2.6-1)
+[2019-05-24 14:57] [ALPM] installed libintl (0.19.8.1-1)
+[2019-05-24 14:57] [ALPM] installed libgettextpo (0.19.8.1-1)
+[2019-05-24 14:57] [ALPM] installed libasprintf (0.19.8.1-1)
+[2019-05-24 14:57] [ALPM] installed gettext (0.19.8.1-1)
+[2019-05-24 14:57] [ALPM] installed liblzma (5.2.4-1)
+[2019-05-24 14:57] [ALPM] installed liblz4 (1.9.1-1)
+[2019-05-24 14:57] [ALPM] installed liblzo2 (2.10-2)
+[2019-05-24 14:57] [ALPM] installed gmp (6.1.2-1)
+[2019-05-24 14:57] [ALPM] installed libhogweed (3.4.1-1)
+[2019-05-24 14:57] [ALPM] installed libnettle (3.4.1-1)
+[2019-05-24 14:57] [ALPM] installed coreutils (8.31-1)
+[2019-05-24 14:57] [ALPM] installed icu (64.2-1)
+[2019-05-24 14:57] [ALPM] installed ncurses (6.1.20180908-1)
+[2019-05-24 14:57] [ALPM] installed libreadline (8.0.000-1)
+[2019-05-24 14:57] [ALPM] installed zlib (1.2.11-1)
+[2019-05-24 14:57] [ALPM] installed libxml2 (2.9.9-4)
+[2019-05-24 14:57] [ALPM] installed bsdcpio (3.3.3-3)
+[2019-05-24 14:57] [ALPM] installed bsdtar (3.3.3-3)
+[2019-05-24 14:57] [ALPM] installed bzip2 (1.0.6-2)
+[2019-05-24 14:57] [ALPM] installed libopenssl (1.1.1.b-1)
+[2019-05-24 14:58] [ALPM] installed openssl (1.1.1.b-1)
+[2019-05-24 14:58] [ALPM] installed findutils (4.6.0-1)
+[2019-05-24 14:58] [ALPM] installed sed (4.7-1)
+[2019-05-24 14:58] [ALPM] installed libffi (3.2.1-3)
+[2019-05-24 14:58] [ALPM] installed libpcre (8.43-2)
+[2019-05-24 14:58] [ALPM] installed less (530-1)
+[2019-05-24 14:58] [ALPM] installed gzip (1.10-1)
+[2019-05-24 14:58] [ALPM] installed libcrypt (2.1-2)
+[2019-05-24 14:58] [ALPM] installed info (6.6-1)
+[2019-05-24 14:58] [ALPM] installed libtasn1 (4.13-1)
+[2019-05-24 14:58] [ALPM] installed libgpg-error (1.36-1)
+[2019-05-24 14:58] [ALPM] installed libgcrypt (1.8.4-1)
+[2019-05-24 14:58] [ALPM] installed libxslt (1.1.33-2)
+[2019-05-24 14:58] [ALPM] installed glib2 (2.54.3-1)
+[2019-05-24 14:58] [ALPM] installed libp11-kit (0.23.15-1)
+[2019-05-24 14:58] [ALPM] installed p11-kit (0.23.15-1)
+[2019-05-24 14:58] [ALPM] installed ca-certificates (20180409-1)
+[2019-05-24 14:58] [ALPM] installed brotli (1.0.7-1)
+[2019-05-24 14:58] [ALPM] installed libdb (5.3.28-2)
+[2019-05-24 14:58] [ALPM] installed libedit (3.1-20170329)
+[2019-05-24 14:58] [ALPM] installed libsqlite (3.28.0-1)
+[2019-05-24 14:58] [ALPM] installed heimdal-libs (7.5.0-3)
+[2019-05-24 14:58] [ALPM] installed libunistring (0.9.10-1)
+[2019-05-24 14:58] [ALPM] installed libidn2 (2.1.1a-1)
+[2019-05-24 14:58] [ALPM] installed libmetalink (0.1.3-2)
+[2019-05-24 14:58] [ALPM] installed libnghttp2 (1.36.0-1)
+[2019-05-24 14:58] [ALPM] installed libpsl (0.20.2-3)
+[2019-05-24 14:58] [ALPM] installed libssh2 (1.8.2-1)
+[2019-05-24 14:58] [ALPM] installed libcurl (7.65.0-1)
+[2019-05-24 14:58] [ALPM] installed curl (7.65.0-1)
+[2019-05-24 14:58] [ALPM] installed filesystem (2018.12-1)
+[2019-05-24 14:58] [ALPM] installed grep (3.0-2)
+[2019-05-24 14:58] [ALPM] installed dash (0.5.10.2-1)
+[2019-05-24 14:58] [ALPM] installed dtc (1.5.0-1)
+[2019-05-24 14:58] [ALPM] installed file (5.37-1)
+[2019-05-24 14:58] [ALPM] installed m4 (1.4.18-2)
+[2019-05-24 14:58] [ALPM] installed flex (2.6.4-1)
+[2019-05-24 14:58] [ALPM] installed mpfr (4.0.2-1)
+[2019-05-24 14:58] [ALPM] installed gawk (5.0.0-1)
+[2019-05-24 14:58] [ALPM] installed libargp (20110921-2)
+[2019-05-24 14:58] [ALPM] installed getent (2.18.90-2)
+[2019-05-24 14:58] [ALPM] installed tftp-hpa (5.2-3)
+[2019-05-24 14:58] [ALPM] installed inetutils (1.9.4-2)
+[2019-05-24 14:58] [ALPM] installed lndir (1.0.3-1)
+[2019-05-24 14:58] [ALPM] installed mintty (1~3.0.0-1)
+[2019-05-24 14:58] [ALPM] installed msys2-keyring (r9.397a52e-1)
+[2019-05-24 14:58] [ALPM] installed msys2-launcher-git (0.3.32.56c2ba7-2)
+[2019-05-24 14:58] [ALPM] installed libassuan (2.5.3-1)
+[2019-05-24 14:58] [ALPM] installed libgnutls (3.6.7.1-1)
+[2019-05-24 14:58] [ALPM] installed libksba (1.3.5-1)
+[2019-05-24 14:58] [ALPM] installed libnpth (1.6-1)
+[2019-05-24 14:58] [ALPM] installed nettle (3.4.1-1)
+[2019-05-24 14:58] [ALPM] installed pinentry (1.1.0-2)
+[2019-05-24 14:58] [ALPM] installed gnupg (2.2.15-2)
+[2019-05-24 14:58] [ALPM] installed pacman-mirrors (20180604-2)
+[2019-05-24 14:58] [ALPM] installed which (2.21-2)
+[2019-05-24 14:58] [ALPM] installed xz (5.2.4-1)
+[2019-05-24 14:58] [ALPM] installed pacman (5.1.3-1)
+[2019-05-24 14:58] [ALPM] installed libarchive (3.3.3-3)
+[2019-05-24 14:58] [ALPM] installed libpcre16 (8.43-2)
+[2019-05-24 14:58] [ALPM] installed libpcre32 (8.43-2)
+[2019-05-24 14:58] [ALPM] installed libpcrecpp (8.43-2)
+[2019-05-24 14:58] [ALPM] installed libpcreposix (8.43-2)
+[2019-05-24 14:58] [ALPM] installed pcre (8.43-2)
+[2019-05-24 14:58] [ALPM] installed pkgfile (19-1)
+[2019-05-24 14:58] [ALPM-SCRIPTLET] ==> Run 'pkgfile --update' to initialize the database
+[2019-05-24 14:58] [ALPM] installed libgpgme (1.13.0-1)
+[2019-05-24 14:58] [ALPM] installed libpcre2_8 (10.33-2)
+[2019-05-24 14:58] [ALPM] installed libutil-linux (2.33.1-1)
+[2019-05-24 14:58] [ALPM] installed wget (1.20.3-1)
+[2019-05-24 14:58] [ALPM] installed pactoys-git (r2.07ca37f-1)
+[2019-05-24 14:58] [ALPM] installed pax-git (20161104.2-1)
+[2019-05-24 14:58] [ALPM] installed rebase (4.4.4-1)
+[2019-05-24 14:58] [ALPM] installed time (1.9-1)
+[2019-05-24 14:58] [ALPM] installed ttyrec (1.0.8-2)
+[2019-05-24 14:58] [ALPM] installed tzcode (2019.a-1)
+[2019-05-24 14:58] [ALPM] installed util-linux (2.33.1-1)
+[2019-05-24 14:58] [ALPM] transaction completed